Source code of Windows XP (NT5)
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
//+---------------------------------------------------------------------------
//
// Copyright (c) 1993 Microsoft Corporation
//
// File: ntlmsspi.h
//
// Contents: Header file describing the interface to code common to the NT
// Lanman Security Support Provider (NtLmSsp) Service and the DLL.
//
// History: SudK Created 6/22/95
//
//----------------------------------------------------------------------------
#ifndef _SICILY_NTLMSSPI_INCLUDED_
#define _SICILY_NTLMSSPI_INCLUDED_
#define MSV1_0_CHALLENGE_LENGTH 8
//
// Maximum lifetime of a context
//
#define NTLMSSP_MAX_LIFETIME (2L*60L*1000L) // 2 minutes
////////////////////////////////////////////////////////////////////////
//
// Opaque Messages passed between client and server
//
////////////////////////////////////////////////////////////////////////
#define NTLMSSP_SIGNATURE "NTLMSSP"
#define NTLMSSP_SIGN_VERSION 1
//
// MessageType for the following messages.
//
#ifndef WIN16_BUILD
typedef enum { NtLmNegotiate = 1, NtLmChallenge, NtLmAuthenticate, NtLmRedirect} NTLM_MESSAGE_TYPE;
#else
#define NtLmNegotiate 1
#define NtLmChallenge 2
#define NtLmAuthenticate 3
#define NtLmRedirect 4
typedef long NTLM_MESSAGE_TYPE;
#endif // WIN16_BUILD
//
// Valid values of NegotiateFlags
//
#define NTLMSSP_NEGOTIATE_UNICODE 0x0001 // Text strings are in unicode
#define NTLMSSP_NEGOTIATE_OEM 0x0002 // Text strings are in OEM
#define NTLMSSP_REQUEST_TARGET 0x0004 // Server should return its
// authentication realm
#define NTLMSSP_NEGOTIATE_SIGN 0x0010 // Request signature capability
#define NTLMSSP_NEGOTIATE_SEAL 0x0020 // Request confidentiality
#define NTLMSSP_RESERVED 0x0040 // reserved for past use
#define NTLMSSP_NEGOTIATE_LM_KEY 0x0080 // Use LM session key for sign/seal
#define NTLMSSP_NEGOTIATE_NETWARE 0x0100 // NetWare authentication
#define NTLMSSP_NEGOTIATE_NTLM 0x0200 // NTLM authentication
#define NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED 0x1000 // Domain Name supplied on negotiate
#define NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED 0x2000 // Workstation Name supplied on negotiate
#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000 // Indicates client/server are same machine
#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000 // Sign for all security levels
//
// Valid target types returned by the server in Negotiate Flags
//
#define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000 // TargetName is a domain name
#define NTLMSSP_TARGET_TYPE_SERVER 0x20000 // TargetName is a server name
#define NTLMSSP_TARGET_TYPE_SHARE 0x40000 // TargetName is a share name
//
// Opaque message returned from first call to InitializeSecurityContext
//
#define SIC_MIN_STR_SIZE sizeof(ULONG)
#define MSAP_EXTRA_STR_SIZE(nn) \
((nn > SIC_MIN_STR_SIZE) ? nn - SIC_MIN_STR_SIZE : 0)
// New Sicily 2.0 Negotiate message
//
typedef struct _SIC20_NEGOTIATE_MSG { UCHAR Signature[sizeof(NTLMSSP_SIGNATURE)]; NTLM_MESSAGE_TYPE MessageType; ULONG NegotiateFlags; STRING OemDomainName; STRING OemWorkstationName;
// Reserved for future Sicily enhancement
ULONG Reserved1; // for future multiple realm support
ULONG Reserved2; // for future multiple realm support
CHAR Reserved3[SIC_MIN_STR_SIZE]; // for future multiple realm support
} SIC20_NEGOTIATE_MSG, *PSIC20_NEGOTIATE_MSG;
typedef struct _NEGOTIATE_MESSAGE { UCHAR Signature[sizeof(NTLMSSP_SIGNATURE)]; NTLM_MESSAGE_TYPE MessageType; ULONG NegotiateFlags; STRING OemDomainName; STRING OemWorkstationName;} NEGOTIATE_MESSAGE, *PNEGOTIATE_MESSAGE;
//
// Old version of the message, for old clients
//
typedef struct _OLD_NEGOTIATE_MESSAGE { UCHAR Signature[sizeof(NTLMSSP_SIGNATURE)]; NTLM_MESSAGE_TYPE MessageType; ULONG NegotiateFlags;} OLD_NEGOTIATE_MESSAGE, *POLD_NEGOTIATE_MESSAGE;
//
// Opaque message returned from first call to AcceptSecurityContext
//
typedef struct _SIC20_CHALLENGE_MSG { UCHAR Signature[sizeof(NTLMSSP_SIGNATURE)]; NTLM_MESSAGE_TYPE MessageType; STRING TargetName; ULONG NegotiateFlags; UCHAR Challenge[MSV1_0_CHALLENGE_LENGTH]; ULONG ServerContextHandleLower; ULONG ServerContextHandleUpper;
// Reserved for future Sicily enhancement
ULONG Reserved1; // for future multiple realm support
ULONG Reserved2; // for future multiple realm support
ULONG RealmListSize; // list of comma seperated realms which server has
// ServerRealms consists of multiple Null terminated strings, each
// represent a realm. This list is terminated by 2 Null characters.
// For now, this only has one realm
//
CHAR ServerRealms[SIC_MIN_STR_SIZE];
} SIC20_CHALLENGE_MSG, *PSIC20_CHALLENGE_MSG;
typedef struct _CHALLENGE_MESSAGE { UCHAR Signature[sizeof(NTLMSSP_SIGNATURE)]; NTLM_MESSAGE_TYPE MessageType; STRING TargetName; ULONG NegotiateFlags; UCHAR Challenge[MSV1_0_CHALLENGE_LENGTH]; ULONG ServerContextHandleLower; ULONG ServerContextHandleUpper;} CHALLENGE_MESSAGE, *PCHALLENGE_MESSAGE;
//
// Old version of the challenge message
//
typedef struct _OLD_CHALLENGE_MESSAGE { UCHAR Signature[sizeof(NTLMSSP_SIGNATURE)]; NTLM_MESSAGE_TYPE MessageType; STRING TargetName; ULONG NegotiateFlags; UCHAR Challenge[MSV1_0_CHALLENGE_LENGTH];} OLD_CHALLENGE_MESSAGE, *POLD_CHALLENGE_MESSAGE;
//
// Opaque message returned from second call to InitializeSecurityContext
//
typedef struct SIC20_AUTHENTICATE_MSG { UCHAR Signature[sizeof(NTLMSSP_SIGNATURE)]; NTLM_MESSAGE_TYPE MessageType; STRING LmChallengeResponse; STRING NtChallengeResponse; STRING DomainName; STRING UserName; STRING Workstation; STRING Challenge; // This must be the last field for ease of
// backward compatibility
} SIC20_AUTHENTICATE_MSG, *PSIC20_AUTHENTICATE_MSG;
typedef struct _AUTHENTICATE_MESSAGE { UCHAR Signature[sizeof(NTLMSSP_SIGNATURE)]; NTLM_MESSAGE_TYPE MessageType; STRING LmChallengeResponse; STRING NtChallengeResponse; STRING DomainName; STRING UserName; STRING Workstation;} AUTHENTICATE_MESSAGE, *PAUTHENTICATE_MESSAGE;
//
// Opaque message sent by SSL ISAPI extension which forces the SSPI to
// reuse the supplied credential handle, which was previously created
// through the accept security context API's.
//
typedef struct _REDIRECT_MESSAGE { UCHAR Signature[sizeof(NTLMSSP_SIGNATURE)]; NTLM_MESSAGE_TYPE MessageType; BYTE KeyData[4]; CredHandle OriginalHandle;} REDIRECT_MESSAGE, *PREDIRECT_MESSAGE;
//
// Size of the largest message
// (The largest message is the AUTHENTICATE_MESSAGE)
//
#define DNLEN_SICILY 15
#define NTLMSSP_MAX_MESSAGE_SIZE (sizeof(AUTHENTICATE_MESSAGE) + \
LM_RESPONSE_LENGTH + \ NT_RESPONSE_LENGTH + \ (DNLEN_SICILY + 1) * sizeof(WCHAR) + \ (MAX_PATH + 1) * sizeof(WCHAR) + \ (MAX_PATH + 1) * sizeof(WCHAR))
#ifdef MAC
#define swaplongtype(Value,Type) \
Value = (Type)( ((((long)Value) & 0xFF000000) >> 24) \ | ((((long)Value) & 0x00FF0000) >> 8) \ | ((((long)Value) & 0x0000FF00) << 8) \ | ((((long)Value) & 0x000000FF) << 24))#else
#define swaplongtype(value,type)
#endif
#ifdef MAC
#define swaplong(Value) \
Value = ( (((Value) & 0xFF000000) >> 24) \ | (((Value) & 0x00FF0000) >> 8) \ | (((Value) & 0x0000FF00) << 8) \ | (((Value) & 0x000000FF) << 24))#else
#define swaplong(Value)
#endif
#ifdef MAC
#define swapshort(Value) \
Value = ( (((Value) & 0x00FF) << 8) \ | (((Value) & 0xFF00) >> 8))#else
#define swapshort(Value)
#endif
#endif // ifndef _SICILY_NTLMSSPI_INCLUDED_
|
