archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/ds/security/protocols/msv_sspi/ntlmsspi.h

621 lines
13 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1993 Microsoft Corporation
  5. Module Name:
  7. ntlmsspi.h
  9. Abstract:
  11. Header file describing the interface to code common to the
  12. NT Lanman Security Support Provider (NtLmSsp) Service and the DLL.
  14. Author:
  16. Cliff Van Dyke (CliffV) 17-Sep-1993
  18. Revision History:
  19. ChandanS 03-Aug-1996 Stolen from net\svcdlls\ntlmssp\common\ntlmsspi.h
  21. --*/
  23. #ifndef _NTLMSSPI_INCLUDED_
  24. #define _NTLMSSPI_INCLUDED_
  26. //
  27. // init.c will #include this file with NTLMCOMN_ALLOCATE defined.
  28. // That will cause each of these variables to be allocated.
  29. //
  30. #ifdef NTLMSSPI_ALLOCATE
  31. #define EXTERN
  32. #else
  33. #define EXTERN extern
  34. #endif
  37. ////////////////////////////////////////////////////////////////////////
  38. //
  39. // Global Definitions
  40. //
  41. ////////////////////////////////////////////////////////////////////////
  43. //
  44. // Description of a credential.
  45. //
  47. #define SSP_CREDENTIAL_TAG_ACTIVE (ULONG)('AdrC')
  48. #define SSP_CREDENTIAL_TAG_DELETE (ULONG)('DdrC')
  50. #define SSP_CREDENTIAL_FLAG_WAS_NETWORK_SERVICE 0x1
  52. typedef struct _SSP_CREDENTIAL {
  54. //
  55. // Global list of all Credentials.
  56. // (Serialized by SspCredentialCritSect)
  57. //
  59. LIST_ENTRY Next;
  61. //
  62. // Used to prevent this Credential from being deleted prematurely.
  63. // (Serialized by SspCredentialCritSect)
  64. //
  66. ULONG References;
  68. //
  69. // Flag of how credential may be used.
  70. //
  71. // SECPKG_CRED_* flags
  72. //
  74. ULONG CredentialUseFlags;
  76. //
  77. // Logon ID of the client
  78. //
  80. LUID LogonId;
  82. //
  83. // Process Id of client
  84. //
  86. ULONG ClientProcessID;
  88. //
  89. // Tag indicating credential is valid for fast reference.
  90. //
  92. ULONG CredentialTag;
  94. //
  95. // Impersonation level of caller at time of AcquireCredentialsHandle
  96. //
  98. SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
  100. //
  101. // Default credentials on client context, on server context UserName
  102. // holds a full user name (domain\user) and the other two should be
  103. // NULL.
  104. //
  106. UNICODE_STRING DomainName;
  107. UNICODE_STRING UserName;
  108. UNICODE_STRING Password;
  110. //
  111. // This flag should be set when the credential is unlinked
  112. // from the list.
  113. //
  115. BOOLEAN Unlinked;
  117. //
  118. // This flag is set when the credential was granted to a
  119. // kernel mode caller
  120. //
  122. BOOLEAN KernelClient;
  124. //
  125. // ntlm specific credential usage flags
  126. //
  128. ULONG MutableCredFlags;
  130. } SSP_CREDENTIAL, *PSSP_CREDENTIAL;
  132. typedef enum {
  133. IdleState,
  134. NegotiateSentState, // Outbound context only
  135. ChallengeSentState, // Inbound context only
  136. AuthenticateSentState, // Outbound context only
  137. AuthenticatedState, // Inbound context only
  138. PassedToServiceState // Outbound context only
  139. } SSP_CONTEXT_STATE, *PSSP_CONTEXT_STATE;
  141. typedef struct _NTLM_VER_INFO {
  142. ULONG64 Major : 8;
  143. ULONG64 Minor : 8;
  144. ULONG64 Build : 16;
  145. ULONG64 Reserved : 24;
  146. ULONG64 Revision : 8;
  147. } NTLM_VER_INFO, *PNTLM_VER_INFO;
  149. //
  150. // Description of a Context
  151. //
  153. #define SSP_CONTEXT_TAG_ACTIVE (ULONG64)('AxtC')
  154. #define SSP_CONTEXT_TAG_DELETE (ULONG64)('DxtC')
  156. typedef struct _SSP_CONTEXT {
  158. //
  159. // Tag indicating context is valid.
  160. //
  162. ULONG64 ContextTag;
  165. //
  166. // Timeout the context after awhile.
  167. //
  168. ULONG TickStart;
  170. LARGE_INTEGER StartTime;
  171. ULONG Interval;
  173. //
  174. // Used to prevent this Context from being deleted prematurely.
  175. // (Serialized by SspContextCritSect)
  176. //
  178. ULONG References;
  182. //
  183. // Maintain the Negotiated protocol
  184. //
  186. ULONG NegotiateFlags;
  188. //
  189. // Maintain the context requirements
  190. //
  192. ULONG ContextFlags;
  194. //
  195. // State of the context
  196. //
  198. SSP_CONTEXT_STATE State;
  200. //
  201. // Token Handle of authenticated user
  202. // Only valid when in AuthenticatedState.
  203. //
  205. HANDLE TokenHandle;
  207. //
  208. // Referenced pointer to the credential used to create this
  209. // context.
  210. //
  212. PSSP_CREDENTIAL Credential;
  214. //
  215. // The challenge passed to the client.
  216. // Only valid when in ChallengeSentState.
  217. //
  219. UCHAR Challenge[MSV1_0_CHALLENGE_LENGTH];
  221. //
  222. // The session key calculated by the LSA
  223. //
  225. UCHAR SessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
  227. //
  228. // Default credentials.
  229. //
  231. UNICODE_STRING DomainName;
  232. UNICODE_STRING UserName;
  233. UNICODE_STRING Password;
  235. //
  236. // optional marshalled targetinfo for credential manager.
  237. //
  239. PCREDENTIAL_TARGET_INFORMATIONW TargetInfo;
  241. //
  242. // marshalled target info for DFS/RDR.
  243. //
  245. PBYTE pbMarshalledTargetInfo;
  246. ULONG cbMarshalledTargetInfo;
  248. //
  249. // context handle referenced to validate loopback operations.
  250. //
  252. ULONG_PTR ServerContextHandle;
  254. //
  255. // Process Id of client
  256. //
  258. ULONG ClientProcessID;
  259. NTSTATUS LastStatus;
  261. BOOLEAN Server; // client or server ? (can be implied by other fields...)
  263. BOOLEAN DownLevel; // downlevel RDR/SRV ?
  265. //
  266. // This flag is set when the context was granted to a
  267. // kernel mode caller
  268. //
  270. BOOLEAN KernelClient;
  272. //
  273. // version control
  274. //
  276. union {
  277. NTLM_VER_INFO ClientVersion; // stored in server context
  278. NTLM_VER_INFO ServerVersion; // stored in client context
  279. };
  281. CHAR ContextMagicNumber[MSV1_0_USER_SESSION_KEY_LENGTH];
  283. } SSP_CONTEXT, *PSSP_CONTEXT;
  285. //
  286. // Maximum lifetime of a context
  287. //
  289. #if DBG
  290. #define NTLMSSP_MAX_LIFETIME (2*60*60*1000) // 2 hours
  291. #else
  292. // used to be 2 minutes, changed to 5 minutes to allow negotiation in
  293. // wide-area networks which can have long retry timeouts
  294. #define NTLMSSP_MAX_LIFETIME (5*60*1000) // 5 minutes
  295. #endif // DBG
  299. typedef struct _SSP_PROCESSOPTIONS {
  301. //
  302. // Global list of all process options.
  303. // (Serialized by NtLmGlobalProcessOptionsLock
  304. //
  306. LIST_ENTRY Next;
  308. //
  309. // Process Id of client
  310. //
  312. ULONG ClientProcessID;
  314. //
  315. // options bitmask.
  316. //
  318. ULONG ProcessOptions;
  320. } SSP_PROCESSOPTIONS, *PSSP_PROCESSOPTIONS;
  324. ////////////////////////////////////////////////////////////////////////
  325. //
  326. // Procedure Forwards
  327. //
  328. ////////////////////////////////////////////////////////////////////////
  331. //
  332. // Procedure forwards from credhand.cxx
  333. //
  335. NTSTATUS
  336. SspCredentialInitialize(
  337. VOID
  338. );
  340. VOID
  341. SspCredentialTerminate(
  342. VOID
  343. );
  345. NTSTATUS
  346. SspCredentialReferenceCredential(
  347. IN ULONG_PTR CredentialHandle,
  348. IN BOOLEAN DereferenceCredential,
  349. OUT PSSP_CREDENTIAL * UserCredential
  350. );
  352. VOID
  353. SspCredentialDereferenceCredential(
  354. PSSP_CREDENTIAL Credential
  355. );
  357. NTSTATUS
  358. SspCredentialGetPassword(
  359. IN PSSP_CREDENTIAL Credential,
  360. OUT PUNICODE_STRING Password
  361. );
  363. //
  364. // Procedure forwards from context.cxx
  365. //
  367. NTSTATUS
  368. SspContextInitialize(
  369. VOID
  370. );
  372. VOID
  373. SspContextTerminate(
  374. VOID
  375. );
  377. //
  378. // from ctxtcli.cxx
  379. //
  381. NTSTATUS
  382. CredpParseUserName(
  383. IN OUT LPWSTR ParseName,
  384. OUT LPWSTR* pUserName,
  385. OUT LPWSTR* pDomainName
  386. );
  388. NTSTATUS
  389. CopyCredManCredentials(
  390. IN PLUID LogonId,
  391. IN CREDENTIAL_TARGET_INFORMATIONW* pTargetInfo,
  392. IN OUT PSSP_CONTEXT Context,
  393. IN BOOLEAN fShareLevel,
  394. IN BOOLEAN bAllowOwfPassword,
  395. OUT BOOLEAN* pbIsOwfPassword
  396. );
  398. NTSTATUS
  399. CredpExtractMarshalledTargetInfo(
  400. IN PUNICODE_STRING TargetServerName,
  401. OUT CREDENTIAL_TARGET_INFORMATIONW **pTargetInfo
  402. );
  404. NTSTATUS
  405. CredpProcessUserNameCredential(
  406. IN PUNICODE_STRING MarshalledUserName,
  407. OUT PUNICODE_STRING UserName,
  408. OUT PUNICODE_STRING DomainName,
  409. OUT PUNICODE_STRING Password
  410. );
  412. //
  413. // random number generator.
  414. //
  416. NTSTATUS
  417. SspGenerateRandomBits(
  418. VOID *pRandomData,
  419. ULONG cRandomData
  420. );
  422. //
  423. // Procedure forwards from ntlm.cxx
  424. //
  425. VOID
  426. NtLmCheckLmCompatibility(
  427. );
  429. VOID
  430. NtLmQueryMappedDomains(
  431. VOID
  432. );
  434. VOID
  435. NtLmFreeMappedDomains(
  436. VOID
  437. );
  440. VOID
  441. NTAPI
  442. NtLmQueryDynamicGlobals(
  443. PVOID pvContext,
  444. BOOLEAN TimedOut
  445. );
  447. ULONG
  448. NtLmCheckProcessOption(
  449. IN ULONG OptionRequest
  450. );
  452. BOOLEAN
  453. NtLmSetProcessOption(
  454. IN ULONG OptionRequest,
  455. IN BOOLEAN DisableOption
  456. );
  459. //
  460. // Procedure forwards from rng.cxx
  461. //
  463. VOID
  464. NtLmCleanupRNG(VOID);
  466. BOOL
  467. NtLmInitializeRNG(VOID);
  470. /*++
  472. Brief description of the challenge/response algorithms for LM, NTLM, and NTLM3
  474. The basic outline is the same for all versions, just the OWF, RESP, and SESSKEY
  475. funcs are different:
  477. 1. Compute a "response key" (Kr) from the user's name (U), domain (UD) and password (P):
  479. Kr = OWF(U, UD, P)
  481. 2. Compute a response using the response key, server challenge (NS),
  482. client challenge (NC), timestamp (T), version (V), highest version
  483. client understands (HV), and the server's principal name (S)
  485. R = RESP(Kr, NS, NC, T, V, HV, S)
  487. 3. Compute a session key from Kr, U, UD
  489. Kx = SESSKEY(Kr, R, U, UD)
  492. The are the OWF, RESP, and SESSKEY funcs for NTLM3
  494. OWF(U, UD, P) = MD5(MD4(P), U, UD)
  495. RESP(Kr, NS, NC, T, V, HV, S) = (V, HV, R, T, NC, HMAC(Kr, (NS, V, HV, T, NC, S)), S)
  496. SESSKEY(Ku, R, U, UD) = HMAC(Kr, R)
  498. --*/
  502. PMSV1_0_AV_PAIR
  503. MsvpAvlInit(
  504. IN void * pAvList
  505. );
  507. PMSV1_0_AV_PAIR
  508. MsvpAvlGet(
  509. IN PMSV1_0_AV_PAIR pAvList, // first pair of AV pair list
  510. IN MSV1_0_AVID AvId, // AV pair to find
  511. IN LONG cAvList // size of AV list
  512. );
  514. ULONG
  515. MsvpAvlLen(
  516. IN PMSV1_0_AV_PAIR pAvList, // first pair of AV pair list
  517. IN LONG cAvList // max size of AV list
  518. );
  520. PMSV1_0_AV_PAIR
  521. MsvpAvlAdd(
  522. IN PMSV1_0_AV_PAIR pAvList, // first pair of AV pair list
  523. IN MSV1_0_AVID AvId, // AV pair to add
  524. IN PUNICODE_STRING pString, // value of pair
  525. IN LONG cAvList // max size of AV list
  526. );
  529. ULONG
  530. MsvpAvlSize(
  531. IN ULONG iPairs, // number of AV pairs response will include
  532. IN ULONG iPairsLen // total size of values for the pairs
  533. );
  535. NTSTATUS
  536. MsvpAvlToString(
  537. IN PUNICODE_STRING AvlString,
  538. IN MSV1_0_AVID AvId,
  539. IN OUT LPWSTR *szAvlString
  540. );
  542. NTSTATUS
  543. MsvpAvlToFlag(
  544. IN PUNICODE_STRING AvlString,
  545. IN MSV1_0_AVID AvId,
  546. IN OUT ULONG *ulAvlFlag
  547. );
  550. VOID
  551. MsvpCalculateNtlm2Challenge (
  552. IN UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH],
  553. IN UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH],
  554. OUT UCHAR Challenge[MSV1_0_CHALLENGE_LENGTH]
  555. );
  557. VOID
  558. MsvpCalculateNtlm2SessionKeys (
  559. IN PUSER_SESSION_KEY NtUserSessionKey,
  560. IN UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH],
  561. IN UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH],
  562. OUT PUSER_SESSION_KEY LocalUserSessionKey,
  563. OUT PLM_SESSION_KEY LocalLmSessionKey
  564. );
  567. //
  568. // calculate NTLM3 response from credentials and server name
  569. // called with pNtlm3Response filled in with version, client challenge, timestamp
  570. //
  572. VOID
  573. MsvpNtlm3Response (
  574. IN PNT_OWF_PASSWORD pNtOwfPassword,
  575. IN PUNICODE_STRING pUserName,
  576. IN PUNICODE_STRING pLogonDomainName,
  577. IN ULONG ServerNameLength,
  578. IN UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH],
  579. IN PMSV1_0_NTLM3_RESPONSE pNtlm3Response,
  580. OUT UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH],
  581. OUT PUSER_SESSION_KEY UserSessionKey,
  582. OUT PLM_SESSION_KEY LmSessionKey
  583. );
  585. typedef struct {
  586. UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
  587. UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
  588. } MSV1_0_LM3_RESPONSE, *PMSV1_0_LM3_RESPONSE;
  590. //
  591. // calculate LM3 response from credentials
  592. //
  594. VOID
  595. MsvpLm3Response (
  596. IN PNT_OWF_PASSWORD pNtOwfPassword,
  597. IN PUNICODE_STRING pUserName,
  598. IN PUNICODE_STRING pLogonDomainName,
  599. IN UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH],
  600. IN PMSV1_0_LM3_RESPONSE pLm3Response,
  601. OUT UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH],
  602. OUT PUSER_SESSION_KEY UserSessionKey,
  603. OUT PLM_SESSION_KEY LmSessionKey
  604. );
  607. NTSTATUS
  608. MsvpLm20GetNtlm3ChallengeResponse (
  609. IN PNT_OWF_PASSWORD pNtOwfPassword,
  610. IN PUNICODE_STRING pUserName,
  611. IN PUNICODE_STRING pLogonDomainName,
  612. IN PUNICODE_STRING pServerName,
  613. IN UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH],
  614. OUT PMSV1_0_NTLM3_RESPONSE pNtlm3Response,
  615. OUT PMSV1_0_LM3_RESPONSE pLm3Response,
  616. OUT PUSER_SESSION_KEY UserSessionKey,
  617. OUT PLM_SESSION_KEY LmSessionKey
  618. );
  621. #endif // ifndef _NTLMSSPI_INCLUDED_