Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

429 lines
11 KiB

//+-----------------------------------------------------------------------
//
// Microsoft Windows
//
// Copyright (c) Microsoft Corporation 1992 - 1996
//
// File: kerbutil.h
//
// Contents: prototypes for Kerberos utility functions
//
//
// History: 16-April-1996 Created MikeSw
//
//------------------------------------------------------------------------
#ifndef __KERBUTIL_H__
#define __KERBUTIL_H__
///////////////////////////////////////////////////////////////////////////////
// //
// Miscellaneous macros //
// //
///////////////////////////////////////////////////////////////////////////////
//
// RELOCATE_ONE - Relocate a single pointer in a client buffer.
//
// Note: this macro is dependent on parameter names as indicated in the
// description below. On error, this macro goes to 'Cleanup' with
// 'Status' set to the NT Status code.
//
// The MaximumLength is forced to be Length.
//
// Define a macro to relocate a pointer in the buffer the client passed in
// to be relative to 'ProtocolSubmitBuffer' rather than being relative to
// 'ClientBufferBase'. The result is checked to ensure the pointer and
// the data pointed to is within the first 'SubmitBufferSize' of the
// 'ProtocolSubmitBuffer'.
//
// The relocated field must be aligned to a WCHAR boundary.
//
// _q - Address of UNICODE_STRING structure which points to data to be
// relocated
//
#define RELOCATE_ONE( _q ) \
{ \
ULONG_PTR Offset; \
\
Offset = (((PUCHAR)((_q)->Buffer)) - ((PUCHAR)ClientBufferBase)); \
if ( Offset >= SubmitBufferSize || \
Offset + (_q)->Length > SubmitBufferSize || \
!COUNT_IS_ALIGNED( Offset, ALIGN_WCHAR) ) { \
\
Status = STATUS_INVALID_PARAMETER; \
goto Cleanup; \
} \
\
(_q)->Buffer = (PWSTR)(((PUCHAR)ProtocolSubmitBuffer) + Offset); \
(_q)->MaximumLength = (_q)->Length ; \
}
//
// NULL_RELOCATE_ONE - Relocate a single (possibly NULL) pointer in a client
// buffer.
//
// This macro special cases a NULL pointer then calls RELOCATE_ONE. Hence
// it has all the restrictions of RELOCATE_ONE.
//
//
// _q - Address of UNICODE_STRING structure which points to data to be
// relocated
//
#define NULL_RELOCATE_ONE( _q ) \
{ \
if ( (_q)->Buffer == NULL ) { \
if ( (_q)->Length != 0 ) { \
Status = STATUS_INVALID_PARAMETER; \
goto Cleanup; \
} \
} else if ( (_q)->Length == 0 ) { \
(_q)->Buffer = NULL; \
} else { \
RELOCATE_ONE( _q ); \
} \
}
//
// RELOCATE_ONE_ENCODED - Relocate a unicode string pointer in a client
// buffer. The upper byte of the length field may be an encryption seed
// and should not be used for error checking.
//
// Note: this macro is dependent on parameter names as indicated in the
// description below. On error, this macro goes to 'Cleanup' with
// 'Status' set to the NT Status code.
//
// The MaximumLength is forced to be Length & 0x00ff.
//
// Define a macro to relocate a pointer in the buffer the client passed in
// to be relative to 'ProtocolSubmitBuffer' rather than being relative to
// 'ClientBufferBase'. The result is checked to ensure the pointer and
// the data pointed to is within the first 'SubmitBufferSize' of the
// 'ProtocolSubmitBuffer'.
//
// The relocated field must be aligned to a WCHAR boundary.
//
// _q - Address of UNICODE_STRING structure which points to data to be
// relocated
//
#define RELOCATE_ONE_ENCODED( _q ) \
{ \
ULONG_PTR Offset; \
\
Offset = ((PUCHAR)((_q)->Buffer)) - ((PUCHAR)ClientBufferBase); \
if ( Offset > SubmitBufferSize || \
Offset + ((_q)->Length & 0x00ff) > SubmitBufferSize || \
!COUNT_IS_ALIGNED( Offset, ALIGN_WCHAR) ) { \
\
Status = STATUS_INVALID_PARAMETER; \
goto Cleanup; \
} \
\
(_q)->Buffer = (PWSTR)(((PUCHAR)ProtocolSubmitBuffer) + Offset); \
(_q)->MaximumLength = (_q)->Length & 0x00ff; \
}
//
// Following macro is used to initialize UNICODE strings
//
#define CONSTANT_UNICODE_STRING(s) { sizeof( s ) - sizeof( WCHAR ), sizeof( s ), s }
#define NULL_UNICODE_STRING {0 , 0, NULL }
#define EMPTY_UNICODE_STRING(s) { (s)->Buffer = NULL; (s)->Length = 0; (s)->MaximumLength = 0; }
///VOID
// KerbSetTime(
// IN OUT PTimeStamp TimeStamp,
// IN LONGLONG Time
// )
#ifndef WIN32_CHICAGO
#define KerbSetTime(_d_, _s_) (_d_)->QuadPart = (_s_)
#else // WIN32_CHICAGO
#define KerbSetTime(_d_, _s_) *(_d_) = (_s_)
#endif // WIN32_CHICAGO
// TimeStamp
// KerbGetTime(
// IN TimeStamp Time
// )
#ifndef WIN32_CHICAGO
#define KerbGetTime(_x_) ((_x_).QuadPart)
#else // WIN32_CHICAGO
#define KerbGetTime(_x_) (_x_)
#endif // WIN32_CHICAGO
// VOID
// KerbSetTimeInMinutes(
// IN OUT PTimeStamp Time,
// IN LONG TimeInMinutes
// )
#ifndef WIN32_CHICAGO
#define KerbSetTimeInMinutes(_x_, _m_) (_x_)->QuadPart = (LONGLONG) 10000000 * 60 * (_m_)
#else // WIN32_CHICAGO
#define KerbSetTimeInMinutes(_x_, _m_) *(_x_) = (LONGLONG) 10000000 * 60 * (_m_)
#endif // WIN32_CHICAGO
NTSTATUS
KerbSplitFullServiceName(
IN PUNICODE_STRING FullServiceName,
OUT PUNICODE_STRING DomainName,
OUT PUNICODE_STRING ServiceName
);
ULONG
KerbAllocateNonce(
VOID
);
#ifndef WIN32_CHICAGO
PSID
KerbMakeDomainRelativeSid(
IN PSID DomainId,
IN ULONG RelativeId
);
#endif // WIN32_CHICAGO
#ifdef notdef
VOID
KerbFree(
IN PVOID Buffer
);
#endif
PVOID
KerbAllocate(
IN SIZE_T BufferSize
);
BOOLEAN
KerbRunningPersonal(
VOID
);
#ifndef WIN32_CHICAGO
NTSTATUS
KerbWaitForKdc(
IN ULONG Timeout
);
NTSTATUS
KerbWaitForService(
IN LPWSTR ServiceName,
IN OPTIONAL LPWSTR ServiceEvent,
IN ULONG Timeout
);
#endif // WIN32_CHICAGO
ULONG
KerbMapContextFlags(
IN ULONG ContextFlags
);
BOOLEAN
KerbIsIpAddress(
IN PUNICODE_STRING TargetName
);
VOID
KerbHidePassword(
IN OUT PUNICODE_STRING Password
);
VOID
KerbRevealPassword(
IN OUT PUNICODE_STRING Password
);
NTSTATUS
KerbDuplicatePassword(
OUT PUNICODE_STRING DestinationString,
IN OPTIONAL PUNICODE_STRING SourceString
);
#ifdef notdef
// use this if we ever need to map errors in kerb to something else.
NTSTATUS
KerbMapKerbNtStatusToNtStatus(
IN NTSTATUS Status
);
#else
#ifndef WIN32_CHICAGO
//#if DBG
//#define KerbMapKerbNtStatusToNtStatus(x) (RtlCheckForOrphanedCriticalSections(NtCurrentThread()),x)
//#else
#define KerbMapKerbNtStatusToNtStatus(x) (x)
//#endif
#else // WIN32_CHICAGO
#define KerbMapKerbNtStatusToNtStatus(x) (x)
#endif
#endif
NTSTATUS
KerbExtractDomainName(
OUT PUNICODE_STRING DomainName,
IN PKERB_INTERNAL_NAME PrincipalName,
IN PUNICODE_STRING TicketSourceDomain
);
VOID
KerbUtcTimeToLocalTime(
OUT PTimeStamp LocalTime,
IN PTimeStamp SystemTime
);
ULONG
KerbConvertKdcOptionsToTicketFlags(
IN ULONG KdcOptions
);
NTSTATUS
KerbUnpackErrorMethodData(
IN PKERB_ERROR ErrorMessage,
IN OUT OPTIONAL PKERB_ERROR_METHOD_DATA * ppErrorData
);
NTSTATUS
KerbBuildHostAddresses(
IN BOOLEAN IncludeIpAddresses,
IN BOOLEAN IncludeNetbiosAddresses,
OUT PKERB_HOST_ADDRESSES * HostAddresses
);
NTSTATUS
KerbReceiveErrorMessage(
IN PBYTE ErrorMessage,
IN ULONG ErrorMessageSize,
IN PKERB_CONTEXT Context,
OUT PKERB_ERROR * DecodedErrorMessage,
OUT PKERB_ERROR_METHOD_DATA * ErrorData
);
NTSTATUS
KerbBuildGssErrorMessage(
IN KERBERR Error,
IN PBYTE ErrorData,
IN ULONG ErrorDataSize,
IN PKERB_CONTEXT Context,
OUT PULONG ErrorMessageSize,
OUT PBYTE * ErrorMessage
);
NTSTATUS
KerbGetDnsHostName(
OUT PUNICODE_STRING DnsHostName
);
NTSTATUS
KerbSetComputerName(
VOID
);
NTSTATUS
KerbSetDomainName(
IN PUNICODE_STRING DomainName,
IN PUNICODE_STRING DnsDomainName,
IN PSID DomainSid,
IN GUID DomainGuid
);
BOOLEAN
KerbIsThisOurDomain(
IN PUNICODE_STRING DomainName
);
NTSTATUS
KerbGetOurDomainName(
OUT PUNICODE_STRING DomainName
);
KERBEROS_MACHINE_ROLE
KerbGetGlobalRole(
VOID
);
#ifndef WIN32_CHICAGO
NTSTATUS
KerbLoadKdc(
VOID
);
NTSTATUS
KerbRegisterForDomainChange(
VOID
);
VOID
KerbUnregisterForDomainChange(
VOID
);
NTSTATUS
KerbUpdateGlobalAddresses(
IN PSOCKET_ADDRESS NewAddresses,
IN ULONG NewAddressCount
);
NTSTATUS
KerbCaptureTokenRestrictions(
IN HANDLE TokenHandle,
OUT PKERB_AUTHORIZATION_DATA Restrictions
);
NTSTATUS
KerbBuildEncryptedAuthData(
OUT PKERB_ENCRYPTED_DATA EncryptedAuthData,
IN PKERB_TICKET_CACHE_ENTRY Ticket,
IN PKERB_AUTHORIZATION_DATA PlainAuthData
);
NTSTATUS
KerbGetRestrictedTgtForCredential(
IN PKERB_LOGON_SESSION LogonSession,
IN PKERB_CREDENTIAL Credential
);
NTSTATUS
KerbAddRestrictionsToCredential(
IN PKERB_LOGON_SESSION LogonSession,
IN PKERB_CREDENTIAL Credential
);
BOOLEAN
KerbRunningServer(
VOID
);
#endif // WIN32_CHICAGO
#endif // __KERBUTIL_H__