|
|
/*
Copyright (c) 1992 Microsoft Corporation
Module Name:
admin.h
Abstract:
This module contains admin interface for server service. All data strucutures anc constants shared between the AFP service and the AFP server service will be contained in this file.
Author:
Jameel Hyder (microsoft!jameelh)
Revision History: 25 Apr 1992 JameelH Initial Version 2 Sept 1992 NarenG Added structure to pass security information between the service and the server. 1 Feb 1993 SueA Added structure to pass evenlog infomation from the server to the service.--*/
#ifndef _ADMIN_
#define _ADMIN_
#include <lmcons.h> // Need DNLEN and LM20_UNLEN
#include <crypt.h> // Need LM_OWF_PASSWORD_LENGTH
#include <ntsam.h>
#include <ntsamp.h>
#include <nbtioctl.h> // DNS_MAX_NAME_LENGTH
#define AFP_API_BASE 1000
#define AFP_CC(_request_, _Method_) CTL_CODE(FILE_DEVICE_NETWORK, \
_request_ + AFP_API_BASE, \ _Method_, FILE_ANY_ACCESS)
#define AFP_CC_BASE(ControlCode) ((((ControlCode) >> 2) - AFP_API_BASE) & 0xFF)
#define AFP_CC_METHOD(ControlCode) ((ControlCode) & 0x03)
// Do not change this table without also changing the table in SERVER\FSD.C
#define CC_BASE_SERVICE_START 0x01
#define CC_BASE_SERVICE_STOP 0x02
#define CC_BASE_SERVICE_PAUSE 0x03
#define CC_BASE_SERVICE_CONTINUE 0x04
#define CC_BASE_GET_STATISTICS 0x05
#define CC_BASE_GET_STATISTICS_EX 0x06
#define CC_BASE_CLEAR_STATISTICS 0x07
#define CC_BASE_GET_PROF_COUNTERS 0x08
#define CC_BASE_CLEAR_PROF_COUNTERS 0x09
#define CC_BASE_SERVER_ADD_SID_OFFSETS 0x0A
#define CC_BASE_SERVER_GET_INFO 0x0B
#define CC_BASE_SERVER_SET_INFO 0x0C
#define CC_BASE_SERVER_ADD_ETC 0x0D
#define CC_BASE_SERVER_SET_ETC 0x0E
#define CC_BASE_SERVER_DELETE_ETC 0x0F
#define CC_BASE_SERVER_ADD_ICON 0x10
#define CC_BASE_VOLUME_ADD 0x11
#define CC_BASE_VOLUME_DELETE 0x12
#define CC_BASE_VOLUME_GET_INFO 0x13
#define CC_BASE_VOLUME_SET_INFO 0x14
#define CC_BASE_VOLUME_ENUM 0x15
#define CC_BASE_SESSION_ENUM 0x16
#define CC_BASE_SESSION_CLOSE 0x17
#define CC_BASE_CONNECTION_ENUM 0x18
#define CC_BASE_CONNECTION_CLOSE 0x19
#define CC_BASE_DIRECTORY_GET_INFO 0x1A
#define CC_BASE_DIRECTORY_SET_INFO 0x1B
#define CC_BASE_FORK_ENUM 0x1C
#define CC_BASE_FORK_CLOSE 0x1D
#define CC_BASE_MESSAGE_SEND 0x1E
#define CC_BASE_FINDER_SET 0x1F
#define CC_BASE_GET_FSD_COMMAND 0x20
#define CC_BASE_MAX 0x21
#define OP_SERVICE_START AFP_CC(CC_BASE_SERVICE_START, METHOD_BUFFERED)
#define OP_SERVICE_STOP AFP_CC(CC_BASE_SERVICE_STOP, METHOD_BUFFERED)
#define OP_SERVICE_PAUSE AFP_CC(CC_BASE_SERVICE_PAUSE, METHOD_BUFFERED)
#define OP_SERVICE_CONTINUE AFP_CC(CC_BASE_SERVICE_CONTINUE,METHOD_BUFFERED)
#define OP_GET_STATISTICS AFP_CC(CC_BASE_GET_STATISTICS,METHOD_IN_DIRECT)
#define OP_GET_STATISTICS_EX AFP_CC(CC_BASE_GET_STATISTICS_EX,METHOD_IN_DIRECT)
#define OP_CLEAR_STATISTICS AFP_CC(CC_BASE_CLEAR_STATISTICS,METHOD_BUFFERED)
#define OP_GET_PROF_COUNTERS AFP_CC(CC_BASE_GET_PROF_COUNTERS,METHOD_IN_DIRECT)
#define OP_CLEAR_PROF_COUNTERS AFP_CC(CC_BASE_CLEAR_PROF_COUNTERS,METHOD_BUFFERED)
#define OP_SERVER_ADD_SID_OFFSETS AFP_CC(CC_BASE_SERVER_ADD_SID_OFFSETS,METHOD_BUFFERED)
#define OP_SERVER_GET_INFO AFP_CC(CC_BASE_SERVER_GET_INFO,METHOD_IN_DIRECT)
#define OP_SERVER_SET_INFO AFP_CC(CC_BASE_SERVER_SET_INFO,METHOD_BUFFERED)
#define OP_SERVER_ADD_ETC AFP_CC(CC_BASE_SERVER_ADD_ETC,METHOD_BUFFERED)
#define OP_SERVER_SET_ETC AFP_CC(CC_BASE_SERVER_SET_ETC,METHOD_BUFFERED)
#define OP_SERVER_DELETE_ETC AFP_CC(CC_BASE_SERVER_DELETE_ETC,METHOD_BUFFERED)
#define OP_SERVER_ADD_ICON AFP_CC(CC_BASE_SERVER_ADD_ICON,METHOD_BUFFERED)
#define OP_VOLUME_ADD AFP_CC(CC_BASE_VOLUME_ADD,METHOD_BUFFERED)
#define OP_VOLUME_DELETE AFP_CC(CC_BASE_VOLUME_DELETE,METHOD_BUFFERED)
#define OP_VOLUME_GET_INFO AFP_CC(CC_BASE_VOLUME_GET_INFO,METHOD_IN_DIRECT)
#define OP_VOLUME_SET_INFO AFP_CC(CC_BASE_VOLUME_SET_INFO,METHOD_BUFFERED)
#define OP_VOLUME_ENUM AFP_CC(CC_BASE_VOLUME_ENUM,METHOD_IN_DIRECT)
#define OP_SESSION_ENUM AFP_CC(CC_BASE_SESSION_ENUM,METHOD_IN_DIRECT)
#define OP_SESSION_CLOSE AFP_CC(CC_BASE_SESSION_CLOSE,METHOD_BUFFERED)
#define OP_CONNECTION_ENUM AFP_CC(CC_BASE_CONNECTION_ENUM,METHOD_IN_DIRECT)
#define OP_CONNECTION_CLOSE AFP_CC(CC_BASE_CONNECTION_CLOSE,METHOD_BUFFERED)
#define OP_DIRECTORY_GET_INFO AFP_CC(CC_BASE_DIRECTORY_GET_INFO,METHOD_IN_DIRECT)
#define OP_DIRECTORY_SET_INFO AFP_CC(CC_BASE_DIRECTORY_SET_INFO,METHOD_BUFFERED)
#define OP_FORK_ENUM AFP_CC(CC_BASE_FORK_ENUM,METHOD_IN_DIRECT)
#define OP_FORK_CLOSE AFP_CC(CC_BASE_FORK_CLOSE,METHOD_BUFFERED)
#define OP_MESSAGE_SEND AFP_CC(CC_BASE_MESSAGE_SEND,METHOD_BUFFERED)
#define OP_FINDER_SET AFP_CC(CC_BASE_FINDER_SET,METHOD_BUFFERED)
#define OP_GET_FSD_COMMAND AFP_CC(CC_BASE_GET_FSD_COMMAND,METHOD_BUFFERED)
#define POINTER_TO_OFFSET(val,start) \
(val) = ((val) == NULL) ? NULL : (PVOID)( (PCHAR)(val) - (ULONG_PTR)(start) )
#define OFFSET_TO_POINTER(val,start) \
(val) = ((val) == NULL) ? NULL : (PVOID)( (PCHAR)(val) + (ULONG_PTR)(start) )
#define AFPSERVER_DEVICE_NAME TEXT("\\Device\\MacFile")
#define AFPSERVER_REGISTRY_KEY TEXT("\\Registry\\Machine\\System\\CurrentControlSet\\Services\\MacSrv")
#define AFPSERVER_VOLUME_ICON_FILE { L'I', L'C', L'O', L'N', 0xF00D, 0000 }
// Number of wchars in above string, including terminating null
#define AFPSERVER_VOLUME_ICON_FILE_SIZE 6
#define AFPSERVER_RESOURCE_STREAM L":AFP_Resource"
// The following data structures are used exclusively by the
// user-mode/kernel-mode interface.
typedef enum _AFP_SID_TYPE{ AFP_SID_TYPE_DOMAIN, AFP_SID_TYPE_PRIMARY_DOMAIN, AFP_SID_TYPE_WELL_KNOWN, AFP_SID_TYPE_LOGON
} AFP_SID_TYPE;
typedef struct _AFP_SID_OFFSET{ DWORD Offset; AFP_SID_TYPE SidType; PBYTE pSid; // Actually an Offset from the
// beginning of this structure.
} AFP_SID_OFFSET, *PAFP_SID_OFFSET;
// Packet used to add the SID/OFFSET pairs
typedef struct _AFP_SID_OFFSET_DESC{ ULONG CountOfSidOffsets; // Number of Sid-Offset pairs
ULONG QuadAlignDummy1; AFP_SID_OFFSET SidOffsetPairs[1];}AFP_SID_OFFSET_DESC, *PAFP_SID_OFFSET_DESC;
// Packet used by ServerEtcSet and ServerEtcDelete.
typedef struct _EtcMapInfo2{ UCHAR etc_type[AFP_TYPE_LEN]; UCHAR etc_creator[AFP_CREATOR_LEN]; WCHAR etc_extension[AFP_EXTENSION_LEN+1];
} ETCMAPINFO2, *PETCMAPINFO2;
// once passed by Service, this is used by Server internally
typedef struct _EtcMapInfo{ UCHAR etc_type[AFP_TYPE_LEN]; UCHAR etc_creator[AFP_CREATOR_LEN]; UCHAR etc_extension[AFP_EXTENSION_LEN+1]; // extension in ANSI
} ETCMAPINFO, *PETCMAPINFO;
typedef struct _SrvIconInfo{ UCHAR icon_type[AFP_TYPE_LEN]; UCHAR icon_creator[AFP_CREATOR_LEN]; DWORD icon_icontype; DWORD icon_length;
// Icon data follows
} SRVICONINFO, *PSRVICONINFO;
// Packet used by ServerEtcAdd.
typedef struct _ServerEtcPacket{ DWORD retc_NumEtcMaps; // Number of type creator mappings
ETCMAPINFO2 retc_EtcMaps[1]; // List of Etc mappings
} SRVETCPKT, *PSRVETCPKT;
// The following is the generic enumerate request packet.
typedef struct _EnumRequestPacket{ DWORD erqp_Index; // Starting index from which the
// enum should start. 0 => beginning
DWORD erqp_Filter; // AFP_FILTER_ON_VOLUME_ID
// or AFP_FILTER_ON_SESSION_ID
DWORD erqp_ID; // Volume ID or sessions ID.
DWORD QuadAlignDummy; // Quad Word Alignment enforcement
} ENUMREQPKT, *PENUMREQPKT;
// The following is the generic enumerate response packet.
typedef struct _EnumResponsePacket{ DWORD ersp_cTotEnts; // Total number of available entries
DWORD ersp_cInBuf; // Number of entries in buffer union
DWORD ersp_hResume; // Index of the first entry that will be
// read on the subsequent call. Valid only
// if the return code is AFPERR_MORE_DATA.
DWORD QuadAlignDummy; // Quad Word Alignment enforcement
// Will contain an array of AFP_FILE_INFO, AFP_SESSION_INFO,
// AFP_CONNECTION_INFO or AFP_VOLUME_INFO structures.
} ENUMRESPPKT, *PENUMRESPPKT;
// The following is the generic set info. request packet.
typedef struct _SetInfoRequestPacket{ DWORD sirqp_parmnum; // Mask of bits representing fields
DWORD dwAlignDummy; // For QWORD alignment
// Will be followed by AFP_VOLUME_INFO or AFP_DIRECTORY_INFO structure
} SETINFOREQPKT, *PSETINFOREQPKT;
// The following data structures are used to send security information
// from the service down to the server; or to send eventlog information from
// the server up to the service.
#define MAX_FSD_CMD_SIZE 4096
#define NUM_SECURITY_UTILITY_THREADS 4
typedef enum _AFP_FSD_CMD_ID{ AFP_FSD_CMD_NAME_TO_SID, AFP_FSD_CMD_SID_TO_NAME, AFP_FSD_CMD_CHANGE_PASSWORD, AFP_FSD_CMD_LOG_EVENT, AFP_FSD_CMD_TERMINATE_THREAD} AFP_FSD_CMD_ID;
// These used to live in afpconst.h, but now the service needs some of these
// to do the native AppleUam stuff
//
// UAMs strings and values
#define AFP_NUM_UAMS 7
#define NO_USER_AUTHENT 0
#define NO_USER_AUTHENT_NAME "No User Authent"
#define CLEAR_TEXT_AUTHENT 1
#define CLEAR_TEXT_AUTHENT_NAME "ClearTxt Passwrd"
#define CUSTOM_UAM_V1 2
#define CUSTOM_UAM_NAME_V1 "Microsoft V1.0"
#define CUSTOM_UAM_V2 3
#define CUSTOM_UAM_NAME_V2 "MS2.0"
#define CUSTOM_UAM_V3 4
#define CUSTOM_UAM_NAME_V3 "MS3.0"
#define RANDNUM_EXCHANGE 5
#define RANDNUM_EXCHANGE_NAME "Randnum Exchange"
#define TWOWAY_EXCHANGE 6
#define TWOWAY_EXCHANGE_NAME "2-Way Randnum exchange"
// how many bytes of response comes back
#define RANDNUM_RESP_LEN 8
#define TWOWAY_RESP_LEN 16
// this define stolen from ntsam.h
#define SAM_MAX_PASSWORD_LENGTH (256)
#define SFM_CHANGE_PASSWORD_SIGNATURE "ChP" // 4 bytes including NULL
typedef struct _SFM_PASSWORD_CHANGE_MESSAGE_HEADER{ UCHAR Signature[sizeof(SFM_CHANGE_PASSWORD_SIGNATURE)]; ULONG cbMessage; ULONG Version;} SFM_PASSWORD_CHANGE_MESSAGE_HEADER, * PSFM_PASSWORD_CHANGE_MESSAGE_HEADER;
typedef struct _SFM_PASSWORD_CHANGE_MESSAGE_1_SHORT{ UCHAR Signature[sizeof(SFM_CHANGE_PASSWORD_SIGNATURE)]; ULONG cbMessage; // sizeof(SFM_PASSWORD_CHANGE_MESSAGE_1_SHORT) including signature
ULONG Version; // version 1 without LM
UCHAR NewPasswordEncryptedWithOldNt[sizeof(SAMPR_ENCRYPTED_USER_PASSWORD) / 2]; ENCRYPTED_NT_OWF_PASSWORD OldNtOwfPasswordEncryptedWithNewNt;} SFM_PASSWORD_CHANGE_MESSAGE_1_SHORT, * PSFM_PASSWORD_CHANGE_MESSAGE_1_SHORT;
typedef struct _SFM_PASSWORD_CHANGE_MESSAGE_1{ UCHAR Signature[sizeof(SFM_CHANGE_PASSWORD_SIGNATURE)]; ULONG cbMessage; // sizeof(SFM_PASSWORD_CHANGE_MESSAGE_1) including signature
ULONG Version; // version 1 without LM
SAMPR_ENCRYPTED_USER_PASSWORD NewPasswordEncryptedWithOldNt; ENCRYPTED_NT_OWF_PASSWORD OldNtOwfPasswordEncryptedWithNewNt;} SFM_PASSWORD_CHANGE_MESSAGE_1, * PSFM_PASSWORD_CHANGE_MESSAGE_1;
typedef struct _SFM_PASSWORD_CHANGE_MESSAGE_2{ UCHAR Signature[sizeof(SFM_CHANGE_PASSWORD_SIGNATURE)]; ULONG cbMessage; // sizeof(SFM_PASSWORD_CHANGE_MESSAGE_2) including signature
ULONG Version; // version 2 with LM
SAMPR_ENCRYPTED_USER_PASSWORD NewPasswordEncryptedWithOldNt; ENCRYPTED_NT_OWF_PASSWORD OldNtOwfPasswordEncryptedWithNewNt; SAMPR_ENCRYPTED_USER_PASSWORD NewPasswordEncryptedWithOldLm; ENCRYPTED_LM_OWF_PASSWORD OldLmOwfPasswordEncryptedWithNewLmOrNt;} SFM_PASSWORD_CHANGE_MESSAGE_2, * PSFM_PASSWORD_CHANGE_MESSAGE_2;
typedef struct _SFM_PASSWORD_CHANGE_MESSAGE{ union { SFM_PASSWORD_CHANGE_MESSAGE_HEADER h; SFM_PASSWORD_CHANGE_MESSAGE_1 m1; SFM_PASSWORD_CHANGE_MESSAGE_2 m2; };} SFM_PASSWORD_CHANGE_MESSAGE, * PSFM_PASSWORD_CHANGE_MESSAGE;
typedef struct _AFP_PASSWORD_CHANGE_NT{ SFM_PASSWORD_CHANGE_MESSAGE Ciphers;} AFP_PASSWORD_CHANGE_NT, * PAFP_PASSWORD_CHANGE_NT;
typedef struct _AFP_PASSWORD_DESC{ ULONG AuthentMode; union { AFP_PASSWORD_CHANGE_NT NtEncryptedBuff; struct _AFP_PASSWORD_BUFF_LM { BYTE OldPassword[LM_OWF_PASSWORD_LENGTH + 2]; BYTE NewPassword[(SAM_MAX_PASSWORD_LENGTH * 2) + 4]; DWORD OldPasswordLen; DWORD NewPasswordLen; BYTE bPasswordLength; }; };
//
// allow longer names in NTLMv2
//
WCHAR DomainName[DNS_MAX_NAME_LENGTH + 4]; // allow DNS name
WCHAR UserName[UNLEN + 1];
#if 0
WCHAR DomainName[DNLEN + 1]; WCHAR UserName[LM20_UNLEN + 1]; #endif 0
} AFP_PASSWORD_DESC, *PAFP_PASSWORD_DESC;
typedef struct _AFP_EVENTLOG_DESC{ DWORD MsgID; USHORT EventType; USHORT StringCount; DWORD DumpDataLen; DWORD QuadAlignDummy; // Quad Word Alignment enforcement
PVOID pDumpData; LPWSTR * ppStrings; // Pointer to an array of string pointers that will follow the DumpData.
} AFP_EVENTLOG_DESC, *PAFP_EVENTLOG_DESC;
typedef struct _AFP_FSD_CMD_HEADER{ AFP_FSD_CMD_ID FsdCommand; ULONG ntStatus; DWORD dwId; DWORD QuadAlignDummy; // Quad Word Alignment enforcement
} AFP_FSD_CMD_HEADER, *PAFP_FSD_CMD_HEADER;
typedef struct _AFP_FSD_CMD_PKT{ AFP_FSD_CMD_HEADER Header;
union { BYTE Sid[1]; BYTE Name[1]; AFP_PASSWORD_DESC Password; AFP_EVENTLOG_DESC Eventlog; } Data;} AFP_FSD_CMD_PKT, *PAFP_FSD_CMD_PKT;
// The following definitions and macros are used both by the service as well as the
// server. DO NOT CHANGE THIS w/o LOOKING at both the uses.
// Directory Access Permissions
#define DIR_ACCESS_SEARCH 0x01 // See Folders
#define DIR_ACCESS_READ 0x02 // See Files
#define DIR_ACCESS_WRITE 0x04 // Make Changes
#define DIR_ACCESS_OWNER 0x80 // Only for user
// if he has owner rights
#define DIR_ACCESS_ALL (DIR_ACCESS_READ | \
DIR_ACCESS_SEARCH | \ DIR_ACCESS_WRITE)
#define OWNER_RIGHTS_SHIFT 0
#define GROUP_RIGHTS_SHIFT 8
#define WORLD_RIGHTS_SHIFT 16
#define USER_RIGHTS_SHIFT 24
#define AFP_READ_ACCESS (READ_CONTROL | \
FILE_READ_ATTRIBUTES | \ FILE_TRAVERSE | \ FILE_LIST_DIRECTORY | \ FILE_READ_EA)
#define AFP_WRITE_ACCESS (FILE_ADD_FILE | \
FILE_ADD_SUBDIRECTORY| \ FILE_WRITE_ATTRIBUTES| \ FILE_WRITE_EA | \ DELETE)
#define AFP_OWNER_ACCESS (WRITE_DAC | \
WRITE_OWNER)
#define AFP_MIN_ACCESS (FILE_READ_ATTRIBUTES | \
READ_CONTROL)
#define AfpAccessMaskToAfpPermissions(Rights, Mask, Type) \
if ((Type) == ACCESS_ALLOWED_ACE_TYPE) \ { \ if (((Mask) & AFP_READ_ACCESS) == AFP_READ_ACCESS) \ (Rights) |= (DIR_ACCESS_READ | DIR_ACCESS_SEARCH); \ if (((Mask) & AFP_WRITE_ACCESS) == AFP_WRITE_ACCESS) \ (Rights) |= DIR_ACCESS_WRITE; \ } \ else \ { \ ASSERT((Type) == ACCESS_DENIED_ACE_TYPE); \ if ((Mask) & AFP_READ_ACCESS) \ (Rights) &= ~(DIR_ACCESS_READ | DIR_ACCESS_SEARCH); \ if ((Mask) & AFP_WRITE_ACCESS) \ (Rights) &= ~DIR_ACCESS_WRITE; \ }
#endif // _ADMIN_
|
