archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/protocols/msv_sspi/msp.h

472 lines
15 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1989 Microsoft Corporation
  5. Module Name:
  7. msp.h
  9. Abstract:
  11. MSV1_0 authentication package private definitions.
  13. Author:
  15. Jim Kelly 11-Apr-1991
  17. Revision History:
  18. Scott Field (sfield) 05-Oct-98 Add NTLM3
  19. Scott Field (sfield) 15-Jan-98 Add MspNtDeriveCredential
  20. Chandana Surlu 21-Jul-96 Stolen from \\kernel\razzle3\src\security\msv1_0\msv1_0.c
  22. --*/
  24. #ifndef _MSP_
  25. #define _MSP_
  27. #if ( _MSC_VER >= 800 )
  28. #pragma warning ( 3 : 4100 ) // enable "Unreferenced formal parameter"
  29. #pragma warning ( 3 : 4219 ) // enable "trailing ',' used for variable argument list"
  30. #endif
  32. #include <nt.h>
  33. #include <ntrtl.h>
  34. #include <nturtl.h>
  35. #include <crypt.h>
  36. #include <ntmsv1_0.h>
  38. #include <windows.h>
  39. #ifndef SECURITY_WIN32
  40. #define SECURITY_WIN32
  41. #endif // SECURITY_WIN32
  42. #define SECURITY_PACKAGE
  43. #define SECURITY_NTLM
  44. #include <security.h>
  45. #include <secint.h>
  48. ///////////////////////////////////////////////////////////////////////////////
  49. // //
  50. // Miscellaneous macros //
  51. // //
  52. ///////////////////////////////////////////////////////////////////////////////
  54. //
  55. // RELOCATE_ONE - Relocate a single pointer in a client buffer.
  56. //
  57. // Note: this macro is dependent on parameter names as indicated in the
  58. // description below. On error, this macro goes to 'Cleanup' with
  59. // 'Status' set to the NT Status code.
  60. //
  61. // The MaximumLength is forced to be Length.
  62. //
  63. // Define a macro to relocate a pointer in the buffer the client passed in
  64. // to be relative to 'ProtocolSubmitBuffer' rather than being relative to
  65. // 'ClientBufferBase'. The result is checked to ensure the pointer and
  66. // the data pointed to is within the first 'SubmitBufferSize' of the
  67. // 'ProtocolSubmitBuffer'.
  68. //
  69. // The relocated field must be aligned to a WCHAR boundary.
  70. //
  71. // _q - Address of UNICODE_STRING structure which points to data to be
  72. // relocated
  73. //
  75. #define RELOCATE_ONE( _q ) \
  76. { \
  77. ULONG_PTR Offset; \
  78. \
  79. Offset = (((PUCHAR)((_q)->Buffer)) - ((PUCHAR)ClientBufferBase)); \
  80. if ( Offset >= SubmitBufferSize || \
  81. Offset + (_q)->Length > SubmitBufferSize || \
  82. !COUNT_IS_ALIGNED( Offset, ALIGN_WCHAR) ) { \
  83. \
  84. SspPrint((SSP_CRITICAL, "Failed RELOCATE_ONE\n")); \
  85. Status = STATUS_INVALID_PARAMETER; \
  86. goto Cleanup; \
  87. } \
  88. \
  89. (_q)->Buffer = (PWSTR)(((PUCHAR)ProtocolSubmitBuffer) + Offset); \
  90. (_q)->MaximumLength = (_q)->Length ; \
  91. }
  93. //
  94. // NULL_RELOCATE_ONE - Relocate a single (possibly NULL) pointer in a client
  95. // buffer.
  96. //
  97. // This macro special cases a NULL pointer then calls RELOCATE_ONE. Hence
  98. // it has all the restrictions of RELOCATE_ONE.
  99. //
  100. //
  101. // _q - Address of UNICODE_STRING structure which points to data to be
  102. // relocated
  103. //
  105. #define NULL_RELOCATE_ONE( _q ) \
  106. { \
  107. if ( (_q)->Buffer == NULL ) { \
  108. if ( (_q)->Length != 0 ) { \
  109. SspPrint((SSP_CRITICAL, "Failed NULL_RELOCATE_ONE\n")); \
  110. Status = STATUS_INVALID_PARAMETER; \
  111. goto Cleanup; \
  112. } \
  113. } else if ( (_q)->Length == 0 ) { \
  114. (_q)->Buffer = NULL; \
  115. } else { \
  116. RELOCATE_ONE( _q ); \
  117. } \
  118. }
  121. //
  122. // RELOCATE_ONE_ENCODED - Relocate a unicode string pointer in a client
  123. // buffer. The upper byte of the length field may be an encryption seed
  124. // and should not be used for error checking.
  125. //
  126. // Note: this macro is dependent on parameter names as indicated in the
  127. // description below. On error, this macro goes to 'Cleanup' with
  128. // 'Status' set to the NT Status code.
  129. //
  130. // The MaximumLength is forced to be Length & 0x00ff.
  131. //
  132. // Define a macro to relocate a pointer in the buffer the client passed in
  133. // to be relative to 'ProtocolSubmitBuffer' rather than being relative to
  134. // 'ClientBufferBase'. The result is checked to ensure the pointer and
  135. // the data pointed to is within the first 'SubmitBufferSize' of the
  136. // 'ProtocolSubmitBuffer'.
  137. //
  138. // The relocated field must be aligned to a WCHAR boundary.
  139. //
  140. // _q - Address of UNICODE_STRING structure which points to data to be
  141. // relocated
  142. //
  144. #define RELOCATE_ONE_ENCODED( _q ) \
  145. { \
  146. ULONG_PTR Offset; \
  147. \
  148. Offset = (((PUCHAR)((_q)->Buffer)) - ((PUCHAR)ClientBufferBase)); \
  149. if ( Offset >= SubmitBufferSize || \
  150. Offset + ((_q)->Length & 0x00ff) > SubmitBufferSize || \
  151. !COUNT_IS_ALIGNED( Offset, ALIGN_WCHAR) ) { \
  152. \
  153. SspPrint((SSP_CRITICAL, "Failed RELOCATE_ONE_ENCODED\n")); \
  154. Status = STATUS_INVALID_PARAMETER; \
  155. goto Cleanup; \
  156. } \
  157. \
  158. (_q)->Buffer = (PWSTR)(((PUCHAR)ProtocolSubmitBuffer) + Offset); \
  159. (_q)->MaximumLength = (_q)->Length & 0x00ff; \
  160. }
  162. //
  163. // Following macro is used to initialize UNICODE strings
  164. //
  165. #ifndef CONSTANT_UNICODE_STRING
  166. #define CONSTANT_UNICODE_STRING(s) { sizeof( s ) - sizeof( WCHAR ), sizeof( s ), s }
  167. #endif // CONSTANT_UNICODE_STRING
  169. //
  170. // General arrary count.
  171. //
  173. #ifndef COUNTOF
  174. #define COUNTOF(s) ( sizeof( (s) ) / sizeof( *(s) ) )
  175. #endif // COUNTOF
  177. #define NULL_SESSION_REQUESTED RETURN_RESERVED_PARAMETER
  178. #define PRIMARY_CREDENTIAL_NEEDED \
  179. (RETURN_PRIMARY_LOGON_DOMAINNAME | \
  180. RETURN_PRIMARY_USERNAME | \
  181. USE_PRIMARY_PASSWORD )
  183. ///////////////////////////////////////////////////////////////////////
  184. // //
  185. // Authentication package dispatch routine definitions //
  186. // //
  187. ///////////////////////////////////////////////////////////////////////
  189. NTSTATUS
  190. LsaApInitializePackage(
  191. IN ULONG AuthenticationPackageId,
  192. IN PLSA_DISPATCH_TABLE LsaDispatchTable,
  193. IN PSTRING Database OPTIONAL,
  194. IN PSTRING Confidentiality OPTIONAL,
  195. OUT PSTRING *AuthenticationPackageName
  196. );
  198. NTSTATUS
  199. LsaApLogonUser(
  200. IN PLSA_CLIENT_REQUEST ClientRequest,
  201. IN SECURITY_LOGON_TYPE LogonType,
  202. IN PVOID AuthenticationInformation,
  203. IN PVOID ClientAuthenticationBase,
  204. IN ULONG AuthenticationInformationLength,
  205. OUT PVOID *ProfileBuffer,
  206. OUT PULONG ProfileBufferSize,
  207. OUT PLUID LogonId,
  208. OUT PNTSTATUS SubStatus,
  209. OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
  210. OUT PVOID *TokenInformation,
  211. OUT PUNICODE_STRING *AccountName,
  212. OUT PUNICODE_STRING *AuthenticatingAuthority
  213. );
  215. NTSTATUS
  216. LsaApCallPackage(
  217. IN PLSA_CLIENT_REQUEST ClientRequest,
  218. IN PVOID ProtocolSubmitBuffer,
  219. IN PVOID ClientBufferBase,
  220. IN ULONG SubmitBufferSize,
  221. OUT PVOID *ProtocolReturnBuffer,
  222. OUT PULONG ReturnBufferSize,
  223. OUT PNTSTATUS ProtocolStatus
  224. );
  226. NTSTATUS
  227. LsaApCallPackagePassthrough(
  228. IN PLSA_CLIENT_REQUEST ClientRequest,
  229. IN PVOID ProtocolSubmitBuffer,
  230. IN PVOID ClientBufferBase,
  231. IN ULONG SubmitBufferSize,
  232. OUT PVOID *ProtocolReturnBuffer,
  233. OUT PULONG ReturnBufferSize,
  234. OUT PNTSTATUS ProtocolStatus
  235. );
  237. VOID
  238. LsaApLogonTerminated(
  239. IN PLUID LogonId
  240. );
  243. ///////////////////////////////////////////////////////////////////////
  244. // //
  245. // LsaApCallPackage function dispatch routines //
  246. // //
  247. ///////////////////////////////////////////////////////////////////////
  250. NTSTATUS
  251. MspLm20Challenge(
  252. IN PLSA_CLIENT_REQUEST ClientRequest,
  253. IN PVOID ProtocolSubmitBuffer,
  254. IN PVOID ClientBufferBase,
  255. IN ULONG SubmitBufferSize,
  256. OUT PVOID *ProtocolReturnBuffer,
  257. OUT PULONG ReturnBufferSize,
  258. OUT PNTSTATUS ProtocolStatus
  259. );
  261. NTSTATUS
  262. MspLm20GetChallengeResponse(
  263. IN PLSA_CLIENT_REQUEST ClientRequest,
  264. IN PVOID ProtocolSubmitBuffer,
  265. IN PVOID ClientBufferBase,
  266. IN ULONG SubmitBufferSize,
  267. OUT PVOID *ProtocolReturnBuffer,
  268. OUT PULONG ReturnBufferSize,
  269. OUT PNTSTATUS ProtocolStatus
  270. );
  272. NTSTATUS
  273. MspLm20EnumUsers(
  274. IN PLSA_CLIENT_REQUEST ClientRequest,
  275. IN PVOID ProtocolSubmitBuffer,
  276. IN PVOID ClientBufferBase,
  277. IN ULONG SubmitBufferSize,
  278. OUT PVOID *ProtocolReturnBuffer,
  279. OUT PULONG ReturnBufferSize,
  280. OUT PNTSTATUS ProtocolStatus
  281. );
  283. NTSTATUS
  284. MspLm20GetUserInfo(
  285. IN PLSA_CLIENT_REQUEST ClientRequest,
  286. IN PVOID ProtocolSubmitBuffer,
  287. IN PVOID ClientBufferBase,
  288. IN ULONG SubmitBufferSize,
  289. OUT PVOID *ProtocolReturnBuffer,
  290. OUT PULONG ReturnBufferSize,
  291. OUT PNTSTATUS ProtocolStatus
  292. );
  294. NTSTATUS
  295. MspLm20ReLogonUsers(
  296. IN PLSA_CLIENT_REQUEST ClientRequest,
  297. IN PVOID ProtocolSubmitBuffer,
  298. IN PVOID ClientBufferBase,
  299. IN ULONG SubmitBufferSize,
  300. OUT PVOID *ProtocolReturnBuffer,
  301. OUT PULONG ReturnBufferSize,
  302. OUT PNTSTATUS ProtocolStatus
  303. );
  305. NTSTATUS
  306. MspLm20ChangePassword(
  307. IN PLSA_CLIENT_REQUEST ClientRequest,
  308. IN PVOID ProtocolSubmitBuffer,
  309. IN PVOID ClientBufferBase,
  310. IN ULONG SubmitBufferSize,
  311. OUT PVOID *ProtocolReturnBuffer,
  312. OUT PULONG ReturnBufferSize,
  313. OUT PNTSTATUS ProtocolStatus
  314. );
  316. NTSTATUS
  317. MspLm20GenericPassthrough(
  318. IN PLSA_CLIENT_REQUEST ClientRequest,
  319. IN PVOID ProtocolSubmitBuffer,
  320. IN PVOID ClientBufferBase,
  321. IN ULONG SubmitBufferSize,
  322. OUT PVOID *ProtocolReturnBuffer,
  323. OUT PULONG ReturnBufferSize,
  324. OUT PNTSTATUS ProtocolStatus
  325. );
  327. NTSTATUS
  328. MspLm20CacheLogon(
  329. IN PLSA_CLIENT_REQUEST ClientRequest,
  330. IN PVOID ProtocolSubmitBuffer,
  331. IN PVOID ClientBufferBase,
  332. IN ULONG SubmitBufferSize,
  333. OUT PVOID *ProtocolReturnBuffer,
  334. OUT PULONG ReturnBufferSize,
  335. OUT PNTSTATUS ProtocolStatus
  336. );
  338. NTSTATUS
  339. MspLm20CacheLookup(
  340. IN PLSA_CLIENT_REQUEST ClientRequest,
  341. IN PVOID ProtocolSubmitBuffer,
  342. IN PVOID ClientBufferBase,
  343. IN ULONG SubmitBufferSize,
  344. OUT PVOID *ProtocolReturnBuffer,
  345. OUT PULONG ReturnBufferSize,
  346. OUT PNTSTATUS ProtocolStatus
  347. );
  349. NTSTATUS
  350. MspNtSubAuth(
  351. IN PLSA_CLIENT_REQUEST ClientRequest,
  352. IN PVOID ProtocolSubmitBuffer,
  353. IN PVOID ClientBufferBase,
  354. IN ULONG SubmitBufferSize,
  355. OUT PVOID *ProtocolReturnBuffer,
  356. OUT PULONG ReturnBufferSize,
  357. OUT PNTSTATUS ProtocolStatus
  358. );
  360. NTSTATUS
  361. MspNtDeriveCredential(
  362. IN PLSA_CLIENT_REQUEST ClientRequest,
  363. IN PVOID ProtocolSubmitBuffer,
  364. IN PVOID ClientBufferBase,
  365. IN ULONG SubmitBufferSize,
  366. OUT PVOID *ProtocolReturnBuffer,
  367. OUT PULONG ReturnBufferSize,
  368. OUT PNTSTATUS ProtocolStatus
  369. );
  371. NTSTATUS
  372. MspSetProcessOption(
  373. IN PLSA_CLIENT_REQUEST ClientRequest,
  374. IN PVOID ProtocolSubmitBuffer,
  375. IN PVOID ClientBufferBase,
  376. IN ULONG SubmitBufferSize,
  377. OUT PVOID *ProtocolReturnBuffer,
  378. OUT PULONG ReturnBufferSize,
  379. OUT PNTSTATUS ProtocolStatus
  380. );
  385. ///////////////////////////////////////////////////////////////////////
  386. // //
  387. // NETLOGON routines visible to main msv1_0 code //
  388. // //
  389. ///////////////////////////////////////////////////////////////////////
  391. NTSTATUS
  392. NlInitialize(
  393. VOID
  394. );
  396. NTSTATUS
  397. MspLm20LogonUser (
  398. IN PLSA_CLIENT_REQUEST ClientRequest,
  399. IN SECURITY_LOGON_TYPE LogonType,
  400. IN PVOID AuthenticationInformation,
  401. IN PVOID ClientAuthenticationBase,
  402. IN ULONG AuthenticationInformationSize,
  403. OUT PVOID *ProfileBuffer,
  404. OUT PULONG ProfileBufferSize,
  405. OUT PLUID LogonId,
  406. OUT PNTSTATUS SubStatus,
  407. OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
  408. OUT PVOID *TokenInformation
  409. );
  411. VOID
  412. MsvLm20LogonTerminated (
  413. IN PLUID LogonId
  414. );
  419. ///////////////////////////////////////////////////////////////////////
  420. // //
  421. // Global variables //
  422. // //
  423. ///////////////////////////////////////////////////////////////////////
  425. //
  426. // Variables defined in msvars.c
  427. //
  429. extern ULONG MspAuthenticationPackageId;
  430. extern LSA_SECPKG_FUNCTION_TABLE Lsa;
  433. //
  434. // Change password log support routines
  435. //
  438. #ifndef DONT_LOG_PASSWORD_CHANGES
  440. ULONG
  441. MsvPaswdInitializeLog(
  442. VOID
  443. );
  445. ULONG
  446. MsvPaswdSetAndClearLog(
  447. VOID
  448. );
  450. ULONG
  451. MsvPaswdCloseLog(
  452. VOID
  453. );
  455. VOID
  456. MsvPaswdLogPrintRoutine(
  457. IN LPSTR Format,
  458. ...
  459. );
  461. #define MsvPaswdLogPrint( x ) MsvPaswdLogPrintRoutine x
  464. #else
  466. #define MsvPaswdInitializeLog()
  467. #define MsvPaswdCloseLog()
  468. #define MsvPaswdLogPrint( x )
  469. #define MsvPaswdSetAndClearLog()
  470. #endif
  472. #endif // _MSP_