Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

261 lines
8.4 KiB

/*/////////////////////////////////////////////////////////////////////////////
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// FILE
//
// authif.h
//
// SYNOPSIS
//
// Declares the interface for extensions to the Internet Authentication
// Service.
//
// MODIFICATION HISTORY
//
// 09/28/1998 Original version.
//
/////////////////////////////////////////////////////////////////////////////*/
#ifndef _AUTHIF_H_
#define _AUTHIF_H_
#if _MSC_VER >= 1000
#pragma once
#endif
/*
* Enumerates the attribute types that are passed to the extension DLL. The
* RADIUS standard attributes are included for convenience and should not be
* considered exhaustive.
*/
typedef enum _RADIUS_ATTRIBUTE_TYPE {
/* Used to terminate attribute arrays. */
ratMinimum = 0,
/* RADIUS standard attributes. */
ratUserName = 1,
ratUserPassword = 2,
ratCHAPPassword = 3,
ratNASIPAddress = 4,
ratNASPort = 5,
ratServiceType = 6,
ratFramedProtocol = 7,
ratFramedIPAddress = 8,
ratFramedIPNetmask = 9,
ratFramedRouting = 10,
ratFilterId = 11,
ratFramedMTU = 12,
ratFramedCompression = 13,
ratLoginIPHost = 14,
ratLoginService = 15,
ratLoginPort = 16,
ratReplyMessage = 18,
ratCallbackNumber = 19,
ratCallbackId = 20,
ratFramedRoute = 22,
ratFramedIPXNetwork = 23,
ratState = 24,
ratClass = 25,
ratVendorSpecific = 26,
ratSessionTimeout = 27,
ratIdleTimeout = 28,
ratTerminationAction = 29,
ratCalledStationId = 30,
ratCallingStationId = 31,
ratNASIdentifier = 32,
ratProxyState = 33,
ratLoginLATService = 34,
ratLoginLATNode = 35,
ratLoginLATGroup = 36,
ratFramedAppleTalkLink = 37,
ratFramedAppleTalkNetwork = 38,
ratFramedAppleTalkZone = 39,
ratAcctStatusType = 40,
ratAcctDelayTime = 41,
ratAcctInputOctets = 42,
ratAcctOutputOctets = 43,
ratAcctSessionId = 44,
ratAcctAuthentic = 45,
ratAcctSessionTime = 46,
ratAcctInputPackets = 47,
ratAcctOutputPackets = 48,
ratAcctTerminationCause = 49,
ratCHAPChallenge = 60,
ratNASPortType = 61,
ratPortLimit = 62,
/* Extended attribute types used to pass additional information. */
ratCode = 262, /* Request type code. */
ratIdentifier = 263, /* Request identifier. */
ratAuthenticator = 264, /* Request authenticator. */
ratSrcIPAddress = 265, /* Source IP address. */
ratSrcPort = 266, /* Source IP port. */
ratProvider = 267, /* Authentication provider. */
ratStrippedUserName = 268, /* User-Name with realm stripped. */
ratFQUserName = 269, /* Fully-Qualified-User-Name. */
ratPolicyName = 270 /* Remote Access Policy name. */
} RADIUS_ATTRIBUTE_TYPE;
/*
* Enumerates the different authentication providers used for processing a
* request. Used for the ratProvider extended attribute.
*/
typedef enum _RADIUS_AUTHENTICATION_PROVIDER {
rapUnknown,
rapUsersFile,
rapProxy,
rapWindowsNT,
rapMCIS,
rapODBC,
rapNone
} RADIUS_AUTHENTICATION_PROVIDER;
/*
* Enumerates the different RADIUS data types. A type of 'rdtUnknown' means
* the attribute was not recognized by the dictionary.
*/
typedef enum _RADIUS_DATA_TYPE {
rdtUnknown,
rdtString,
rdtAddress,
rdtInteger,
rdtTime
} RADIUS_DATA_TYPE;
/*
* Struct representing a RADIUS or extended attribute.
*/
typedef struct _RADIUS_ATTRIBUTE {
DWORD dwAttrType; /* Attribute type */
RADIUS_DATA_TYPE fDataType; /* RADIUS_DATA_TYPE of the value */
DWORD cbDataLength; /* Length of the value (in bytes) */
union {
DWORD dwValue; /* For rdtAddress, rdtInteger, and rdtTime */
PCSTR lpValue; /* For rdtUnknown, and rdtString */
};
} RADIUS_ATTRIBUTE, *PRADIUS_ATTRIBUTE;
/*
* Enumerates the different actions an extension DLL can generate in
* response to an Access-Request.
*/
typedef enum _RADIUS_ACTION {
raContinue,
raReject,
raAccept
} RADIUS_ACTION, *PRADIUS_ACTION;
/*
* Routines exported by a RADIUS extension DLL.
*/
/*
* RadiusExtensionInit is optional. If it exists, it will be invoked prior to
* the service coming on-line. A return value other than NO_ERROR prevents the
* service from initializing.
*/
#define RADIUS_EXTENSION_INIT "RadiusExtensionInit"
typedef DWORD (WINAPI *PRADIUS_EXTENSION_INIT)( VOID );
/*
* RadiusExtensionTerm is optional. If it exists, it will be invoked prior to
* unloading the DLL to give the extension a chance to clean-up.
*/
#define RADIUS_EXTENSION_TERM "RadiusExtensionTerm"
typedef VOID (WINAPI *PRADIUS_EXTENSION_TERM)( VOID );
/*
* RadiusExtensionProcess is mandatory for NT4. For Windows 2000, an
* extension may export RadiusExtensionProcessEx (q.v.) instead.
*
* Parameters:
* pAttrs Array of attributes from the request. It is terminated by an
* attribute with dwAttrType set to ratMinimum. These attributes
* should be treated as read-only and must not be referenced
* after the function returns.
* pfAction For Access-Requests, this parameter will be non-NULL with
* *pfAction == raContinue. The extension DLL can set *pfAction
* to abort further processing and force an Access-Accept or
* Access-Reject. For all other request types, this parameter
* will be NULL.
*
* Return Value:
* A return value other than NO_ERROR causes the request to be discarded.
*/
#define RADIUS_EXTENSION_PROCESS "RadiusExtensionProcess"
typedef DWORD (WINAPI *PRADIUS_EXTENSION_PROCESS)(
IN CONST RADIUS_ATTRIBUTE *pAttrs,
OUT OPTIONAL PRADIUS_ACTION pfAction
);
/*
* RadiusExtensionProcessEx is only supported on Windows 2000. If it exits,
* RadiusExtensionProcess is ignored.
*
* Parameters:
* pInAttrs Array of attributes from the request. It is terminated by an
* attribute with dwAttrType set to ratMinimum. These attributes
* should be treated as read-only and must not be referenced
* after the function returns.
* pOutAttrs Array of attributes to add to the response. It is terminated
* by an attribute with dwAttrType set to ratMinimum.
* *pOutAttrs may be set to NULL if no attributes are returned.
* pfAction For Access-Requests, this parameter will be non-NULL with
* *pfAction == raContinue. The extension DLL can set *pfAction
* to abort further processing and force an Access-Accept or
* Access-Reject. For all other request types, this parameter
* will be NULL.
*
* Return Value:
* A return value other than NO_ERROR causes the request to be discarded.
*/
#define RADIUS_EXTENSION_PROCESS_EX "RadiusExtensionProcessEx"
typedef DWORD (WINAPI *PRADIUS_EXTENSION_PROCESS_EX)(
IN CONST RADIUS_ATTRIBUTE *pInAttrs,
OUT PRADIUS_ATTRIBUTE *pOutAttrs,
OUT OPTIONAL PRADIUS_ACTION pfAction
);
/*
* RadiusExtensionFreeAttributes must be defined if RadiusExtensionProcessEx
* is defined. It is used to free the attributes returned by
* RadiusExtensionProcessEx
*
* Parameters:
* pAttrs Array of attributes to be freed.
*/
#define RADIUS_EXTENSION_FREE_ATTRIBUTES "RadiusExtensionFreeAttributes"
typedef VOID (WINAPI *PRADIUS_EXTENSION_FREE_ATTRIBUTES)(
IN PRADIUS_ATTRIBUTE pAttrs
);
/*
* Defines used for installation of an extension DLL.
* The following registry values are used for loading extensions:
*
* HKLM\System\CurrentControlSet\Services\AuthSrv\Parameters
* ExtensionDLLs (REG_MULTI_SZ) <list of DLL paths>
* AuthorizationDLLs (REG_MULTI_SZ) <list of DLL paths>
*
* ExtensionDLLs are invoked before any of the built-in authentication
* providers. They receive all the attributes from the request plus all
* the extended attribute types.
*
* AuthorizationDLLs are invoked after the built-in authentication and
* authorization providers. They receive all the attributes from the
* response plus all the extended attributes types. AuthorizationDLLs may
* not return an action of raAccept.
*/
#define AUTHSRV_PARAMETERS_KEY_W \
L"System\\CurrentControlSet\\Services\\AuthSrv\\Parameters"
#define AUTHSRV_EXTENSIONS_VALUE_W \
L"ExtensionDLLs"
#define AUTHSRV_AUTHORIZATION_VALUE_W \
L"AuthorizationDLLs"
#endif /* _AUTHIF_H_ */