📄 idsspi.pas
字号:
{ $HDR$}
{**********************************************************************}
{ Unit archived using Team Coherence }
{ Team Coherence is Copyright 2002 by Quality Software Components }
{ }
{ For further information / comments, visit our WEB site at }
{ http://www.TeamCoherence.com }
{**********************************************************************}
{}
{ $Log: 10341: IdSSPI.pas
{
{ Rev 1.0 2002.11.12 10:52:54 PM czhower
}
{*******************************************************}
{ }
{ SSPI interface and objects Unit }
{ }
{ Copyright (c) 1999-2001, Eventree Systems }
{ }
{ Translator: Eventree Systems }
{ }
{ this unit contains translation of: }
{ Security.h, }
{ sspi.h, }
{ secext.h, }
{ rpcdce.h (some of) }
{ }
{*******************************************************}
unit IdSSPI;
{$ALIGN ON}
{$MINENUMSIZE 4}
interface
uses
Windows;
type
PPVOID = ^PVOID;
PVOID = Pointer;
PUSHORT = ^USHORT;
USHORT = Word;
PUCHAR = ^UCHAR;
UCHAR = Byte;
//+-----------------------------------------------------------------------
//
// Microsoft Windows
//
// Copyright (c) Microsoft Corporation 1991-1999
//
// File: Security.h
//
// Contents: Toplevel include file for security aware components
//
//
// History: 06 Aug 92 RichardW Created
// 23 Sep 92 PeterWi Add security object include files
//
//------------------------------------------------------------------------
//
// These are name that can be used to refer to the builtin packages
//
const
NTLMSP_NAME = 'NTLM'; {Do not Localize}
MICROSOFT_KERBEROS_NAME = 'Kerberos'; {Do not Localize}
NEGOSSP_NAME = 'Negotiate'; {Do not Localize}
//+---------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1992-1997.
//
// File: sspi.h
//
// Contents: Security Support Provider Interface
// Prototypes and structure definitions
//
// Functions: Security Support Provider API
//
// History: 11-24-93 RichardW Created
//
//----------------------------------------------------------------------------
type
PSEC_WCHAR = PWideChar;
SEC_WCHAR = WideChar;
PSEC_CHAR = PAnsiChar;
SEC_CHAR = AnsiChar;
PSECURITY_STATUS = ^SECURITY_STATUS;
SECURITY_STATUS = Longint;
//
// Decide what a string - 32 bits only since for 16 bits it is clear.
//
type
SECURITY_PSTR = ^SEC_WCHAR;
//
// Okay, security specific types:
//
type
PSecHandle = ^SecHandle;
SecHandle = record
dwLower: ULONG;
dwUpper: ULONG;
end;
CredHandle = SecHandle;
PCredHandle = PSecHandle;
CtxtHandle = SecHandle;
PCtxtHandle = PSecHandle;
PSECURITY_INTEGER = ^SECURITY_INTEGER;
SECURITY_INTEGER = LARGE_INTEGER;
PTimeStamp = ^TimeStamp;
TimeStamp = SECURITY_INTEGER;
procedure SecInvalidateHandle(x: PSecHandle);
function SEC_SUCCESS(Status: SECURITY_STATUS): Boolean;
type
//
// If we are in 32 bit mode, define the SECURITY_STRING structure,
// as a clone of the base UNICODE_STRING structure. This is used
// internally in security components, an as the string interface
// for kernel components (e.g. FSPs)
//
PSECURITY_STRING = ^SECURITY_STRING;
SECURITY_STRING = record
Length: USHORT;
MaximumLength: USHORT;
Buffer: PUSHORT;
end;
//
// SecPkgInfo structure
//
// Provides general information about a security provider
//
type
PPSecPkgInfoW = ^PSecPkgInfoW;
PSecPkgInfoW = ^SecPkgInfoW;
SecPkgInfoW = record
fCapabilities: ULONG; // Capability bitmask
wVersion: USHORT; // Version of driver
wRPCID: USHORT; // ID for RPC Runtime
cbMaxToken: ULONG; // Size of authentication token (max)
Name: PSEC_WCHAR; // Text name
Comment: SEC_WCHAR; // Comment
end;
PPSecPkgInfoA = ^PSecPkgInfoA;
PSecPkgInfoA = ^SecPkgInfoA;
SecPkgInfoA = record
fCapabilities: ULONG; // Capability bitmask
wVersion: USHORT; // Version of driver
wRPCID: USHORT; // ID for RPC Runtime
cbMaxToken: ULONG; // Size of authentication token (max)
Name: PSEC_CHAR; // Text name
Comment: PSEC_CHAR; // Comment
end;
{$IFDEF SSPI_UNICODE}
SecPkgInfo = SecPkgInfoW;
PSecPkgInfo = PSecPkgInfoW;
{$ELSE}
SecPkgInfo = SecPkgInfoA;
PSecPkgInfo = PSecPkgInfoA;
{$ENDIF}
//
// Security Package Capabilities
//
const
SECPKG_FLAG_INTEGRITY = $00000001; // Supports integrity on messages
SECPKG_FLAG_PRIVACY = $00000002; // Supports privacy (confidentiality)
SECPKG_FLAG_TOKEN_ONLY = $00000004; // Only security token needed
SECPKG_FLAG_DATAGRAM = $00000008; // Datagram RPC support
SECPKG_FLAG_CONNECTION = $00000010; // Connection oriented RPC support
SECPKG_FLAG_MULTI_REQUIRED = $00000020; // Full 3-leg required for re-auth.
SECPKG_FLAG_CLIENT_ONLY = $00000040; // Server side functionality not available
SECPKG_FLAG_EXTENDED_ERROR = $00000080; // Supports extended error msgs
SECPKG_FLAG_IMPERSONATION = $00000100; // Supports impersonation
SECPKG_FLAG_ACCEPT_WIN32_NAME = $00000200; // Accepts Win32 names
SECPKG_FLAG_STREAM = $00000400; // Supports stream semantics
SECPKG_FLAG_NEGOTIABLE = $00000800; // Can be used by the negotiate package
SECPKG_FLAG_GSS_COMPATIBLE = $00001000; // GSS Compatibility Available
SECPKG_FLAG_LOGON = $00002000; // Supports common LsaLogonUser
SECPKG_FLAG_ASCII_BUFFERS = $00004000; // Token Buffers are in ASCII
SECPKG_FLAG_FRAGMENT = $00008000; // Package can fragment to fit
SECPKG_FLAG_MUTUAL_AUTH = $00010000; // Package can perform mutual authentication
SECPKG_FLAG_DELEGATION = $00020000; // Package can delegate
SECPKG_ID_NONE = $FFFF;
//
// SecBuffer
//
// Generic memory descriptors for buffers passed in to the security
// API
//
type
PSecBuffer = ^SecBuffer;
SecBuffer = record
cbBuffer: ULONG; // Size of the buffer, in bytes
BufferType: ULONG; // Type of the buffer (below)
pvBuffer: PVOID; // Pointer to the buffer
end;
PSecBufferDesc = ^SecBufferDesc;
SecBufferDesc = record
ulVersion: ULONG; // Version number
cBuffers: ULONG; // Number of buffers
pBuffers: PSecBuffer; // Pointer to array of buffers
end;
const
SECBUFFER_VERSION = 0;
SECBUFFER_EMPTY = 0; // Undefined, replaced by provider
SECBUFFER_DATA = 1; // Packet data
SECBUFFER_TOKEN = 2; // Security token
SECBUFFER_PKG_PARAMS = 3; // Package specific parameters
SECBUFFER_MISSING = 4; // Missing Data indicator
SECBUFFER_EXTRA = 5; // Extra data
SECBUFFER_STREAM_TRAILER = 6; // Security Trailer
SECBUFFER_STREAM_HEADER = 7; // Security Header
SECBUFFER_NEGOTIATION_INFO = 8; // Hints from the negotiation pkg
SECBUFFER_PADDING = 9; // non-data padding
SECBUFFER_STREAM = 10; // whole encrypted message
SECBUFFER_MECHLIST = 11;
SECBUFFER_MECHLIST_SIGNATURE = 12;
SECBUFFER_ATTRMASK = $F0000000;
SECBUFFER_READONLY = $80000000; // Buffer is read-only
SECBUFFER_RESERVED = $40000000;
type
PSEC_NEGOTIATION_INFO = ^SEC_NEGOTIATION_INFO;
SEC_NEGOTIATION_INFO = record
Size: ULONG; // Size of this structure
NameLength: ULONG; // Length of name hint
Name: PSEC_WCHAR; // Name hint
Reserved: PVOID; // Reserved
end;
//
// Data Representation Constant:
//
const
SECURITY_NATIVE_DREP = $00000010;
SECURITY_NETWORK_DREP = $00000000;
//
// Credential Use Flags
//
const
SECPKG_CRED_INBOUND = $00000001;
SECPKG_CRED_OUTBOUND = $00000002;
SECPKG_CRED_BOTH = $00000003;
SECPKG_CRED_DEFAULT = $00000004;
SECPKG_CRED_RESERVED = $F0000000;
//
// InitializeSecurityContext Requirement and return flags:
//
const
ISC_REQ_DELEGATE = $00000001;
ISC_REQ_MUTUAL_AUTH = $00000002;
ISC_REQ_REPLAY_DETECT = $00000004;
ISC_REQ_SEQUENCE_DETECT = $00000008;
ISC_REQ_CONFIDENTIALITY = $00000010;
ISC_REQ_USE_SESSION_KEY = $00000020;
ISC_REQ_PROMPT_FOR_CREDS = $00000040;
ISC_REQ_USE_SUPPLIED_CREDS = $00000080;
ISC_REQ_ALLOCATE_MEMORY = $00000100;
ISC_REQ_USE_DCE_STYLE = $00000200;
ISC_REQ_DATAGRAM = $00000400;
ISC_REQ_CONNECTION = $00000800;
ISC_REQ_CALL_LEVEL = $00001000;
ISC_REQ_FRAGMENT_SUPPLIED = $00002000;
ISC_REQ_EXTENDED_ERROR = $00004000;
ISC_REQ_STREAM = $00008000;
ISC_REQ_INTEGRITY = $00010000;
ISC_REQ_IDENTIFY = $00020000;
ISC_REQ_NULL_SESSION = $00040000;
ISC_REQ_MANUAL_CRED_VALIDATION = $00080000;
ISC_REQ_RESERVED1 = $00100000;
ISC_REQ_FRAGMENT_TO_FIT = $00200000;
ISC_RET_DELEGATE = $00000001;
ISC_RET_MUTUAL_AUTH = $00000002;
ISC_RET_REPLAY_DETECT = $00000004;
ISC_RET_SEQUENCE_DETECT = $00000008;
ISC_RET_CONFIDENTIALITY = $00000010;
ISC_RET_USE_SESSION_KEY = $00000020;
ISC_RET_USED_COLLECTED_CREDS = $00000040;
ISC_RET_USED_SUPPLIED_CREDS = $00000080;
ISC_RET_ALLOCATED_MEMORY = $00000100;
ISC_RET_USED_DCE_STYLE = $00000200;
ISC_RET_DATAGRAM = $00000400;
ISC_RET_CONNECTION = $00000800;
ISC_RET_INTERMEDIATE_RETURN = $00001000;
ISC_RET_CALL_LEVEL = $00002000;
ISC_RET_EXTENDED_ERROR = $00004000;
ISC_RET_STREAM = $00008000;
ISC_RET_INTEGRITY = $00010000;
ISC_RET_IDENTIFY = $00020000;
ISC_RET_NULL_SESSION = $00040000;
ISC_RET_MANUAL_CRED_VALIDATION = $00080000;
ISC_RET_RESERVED1 = $00100000;
ISC_RET_FRAGMENT_ONLY = $00200000;
ASC_REQ_DELEGATE = $00000001;
ASC_REQ_MUTUAL_AUTH = $00000002;
ASC_REQ_REPLAY_DETECT = $00000004;
ASC_REQ_SEQUENCE_DETECT = $00000008;
ASC_REQ_CONFIDENTIALITY = $00000010;
ASC_REQ_USE_SESSION_KEY = $00000020;
ASC_REQ_ALLOCATE_MEMORY = $00000100;
ASC_REQ_USE_DCE_STYLE = $00000200;
ASC_REQ_DATAGRAM = $00000400;
ASC_REQ_CONNECTION = $00000800;
ASC_REQ_CALL_LEVEL = $00001000;
ASC_REQ_EXTENDED_ERROR = $00008000;
ASC_REQ_STREAM = $00010000;
ASC_REQ_INTEGRITY = $00020000;
ASC_REQ_LICENSING = $00040000;
ASC_REQ_IDENTIFY = $00080000;
ASC_REQ_ALLOW_NULL_SESSION = $00100000;
ASC_REQ_ALLOW_NON_USER_LOGONS = $00200000;
ASC_REQ_ALLOW_CONTEXT_REPLAY = $00400000;
ASC_REQ_FRAGMENT_TO_FIT = $00800000;
ASC_REQ_FRAGMENT_SUPPLIED = $00002000;
ASC_RET_DELEGATE = $00000001;
ASC_RET_MUTUAL_AUTH = $00000002;
ASC_RET_REPLAY_DETECT = $00000004;
ASC_RET_SEQUENCE_DETECT = $00000008;
ASC_RET_CONFIDENTIALITY = $00000010;
ASC_RET_USE_SESSION_KEY = $00000020;
ASC_RET_ALLOCATED_MEMORY = $00000100;
ASC_RET_USED_DCE_STYLE = $00000200;
ASC_RET_DATAGRAM = $00000400;
ASC_RET_CONNECTION = $00000800;
ASC_RET_CALL_LEVEL = $00002000; // skipped 1000 to be like ISC_
ASC_RET_THIRD_LEG_FAILED = $00004000;
ASC_RET_EXTENDED_ERROR = $00008000;
ASC_RET_STREAM = $00010000;
ASC_RET_INTEGRITY = $00020000;
ASC_RET_LICENSING = $00040000;
ASC_RET_IDENTIFY = $00080000;
ASC_RET_NULL_SESSION = $00100000;
ASC_RET_ALLOW_NON_USER_LOGONS = $00200000;
ASC_RET_ALLOW_CONTEXT_REPLAY = $00400000;
ASC_RET_FRAGMENT_ONLY = $00800000;
//
// Security Credentials Attributes:
//
const
SECPKG_CRED_ATTR_NAMES = 1;
type
PSecPkgCredentials_NamesW = ^SecPkgCredentials_NamesW;
SecPkgCredentials_NamesW = record
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -