📄 sspi.h
字号:
#endif
#endif
typedef enum _SecDelegationType {
SecFull,
SecService,
SecTree,
SecDirectory,
SecObject
} SecDelegationType, * PSecDelegationType;
SECURITY_STATUS SEC_ENTRY
DelegateSecurityContext(
PCtxtHandle phContext, // IN Active context to delegate
#if ISSP_MODE == 0
PSECURITY_STRING pTarget, // IN Target path
#else
SEC_CHAR SEC_FAR * pszTarget,
#endif
SecDelegationType DelegationType, // IN Type of delegation
PTimeStamp pExpiry, // IN OPTIONAL time limit
PSecBuffer pPackageParameters, // IN OPTIONAL package specific
PSecBufferDesc pOutput); // OUT Token for applycontroltoken.
///////////////////////////////////////////////////////////////////////////
////
//// Proxies
////
///////////////////////////////////////////////////////////////////////////
//
// Proxies are only available on NT platforms
//
// begin_ntifs
///////////////////////////////////////////////////////////////////////////
////
//// Context export/import
////
///////////////////////////////////////////////////////////////////////////
SECURITY_STATUS SEC_ENTRY
ExportSecurityContext(
PCtxtHandle phContext, // (in) context to export
ULONG fFlags, // (in) option flags
PSecBuffer pPackedContext, // (out) marshalled context
void SEC_FAR * SEC_FAR * pToken // (out, optional) token handle for impersonation
);
typedef SECURITY_STATUS
(SEC_ENTRY * EXPORT_SECURITY_CONTEXT_FN)(
PCtxtHandle,
ULONG,
PSecBuffer,
void SEC_FAR * SEC_FAR *
);
SECURITY_STATUS SEC_ENTRY
ImportSecurityContextW(
SEC_WCHAR SEC_FAR * pszPackage,
PSecBuffer pPackedContext, // (in) marshalled context
void SEC_FAR * Token, // (in, optional) handle to token for context
PCtxtHandle phContext // (out) new context handle
);
typedef SECURITY_STATUS
(SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_W)(
SEC_WCHAR SEC_FAR *,
PSecBuffer,
VOID SEC_FAR *,
PCtxtHandle
);
// end_ntifs
SECURITY_STATUS SEC_ENTRY
ImportSecurityContextA(
SEC_CHAR SEC_FAR * pszPackage,
PSecBuffer pPackedContext, // (in) marshalled context
VOID SEC_FAR * Token, // (in, optional) handle to token for context
PCtxtHandle phContext // (out) new context handle
);
typedef SECURITY_STATUS
(SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_A)(
SEC_CHAR SEC_FAR *,
PSecBuffer,
void SEC_FAR *,
PCtxtHandle
);
#ifdef UNICODE
# define ImportSecurityContext ImportSecurityContextW // ntifs
# define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W // ntifs
#else
# define ImportSecurityContext ImportSecurityContextA
# define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_A
#endif // !UNICODE
///////////////////////////////////////////////////////////////////////////////
////
//// Fast access for RPC:
////
///////////////////////////////////////////////////////////////////////////////
#define SECURITY_ENTRYPOINT_ANSIW "InitSecurityInterfaceW"
#define SECURITY_ENTRYPOINT_ANSIA "InitSecurityInterfaceW"
#define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW") // ntifs
#define SECURITY_ENTRYPOINTA SEC_TEXT("InitSecurityInterfaceA")
#define SECURITY_ENTRYPOINT16 "INITSECURITYINTERFACEA"
#ifdef SECURITY_WIN32
# ifdef UNICODE
# define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTW // ntifs
# define SECURITY_ENTRYPOINT_ANSI SECURITY_ENTRYPOINT_ANSIW
# else // UNICODE
# define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTA
# define SECURITY_ENTRYPOINT_ANSI SECURITY_ENTRYPOINT_ANSIA
# endif // UNICODE
#else // SECURITY_WIN32
# define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINT16
# define SECURITY_ENTRYPOINT_ANSI SECURITY_ENTRYPOINT16
#endif // SECURITY_WIN32
// begin_ntifs
typedef struct _SECURITY_FUNCTION_TABLE_W {
unsigned long dwVersion;
ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW;
QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW;
ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW;
FREE_CREDENTIALS_HANDLE_FN FreeCredentialHandle;
#ifndef WIN32_CHICAGO
void SEC_FAR * Reserved2;
#else // WIN32_CHICAGO
SSPI_LOGON_USER_FN SspiLogonUserW;
#endif // WIN32_CHICAGO
INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW;
ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
APPLY_CONTROL_TOKEN_FN ApplyControlToken;
QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW;
IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
MAKE_SIGNATURE_FN MakeSignature;
VERIFY_SIGNATURE_FN VerifySignature;
FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW;
void SEC_FAR * Reserved3;
void SEC_FAR * Reserved4;
EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW;
void SEC_FAR * Reserved7;
void SEC_FAR * Reserved8;
QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
ENCRYPT_MESSAGE_FN EncryptMessage;
DECRYPT_MESSAGE_FN DecryptMessage;
} SecurityFunctionTableW, SEC_FAR * PSecurityFunctionTableW;
// end_ntifs
typedef struct _SECURITY_FUNCTION_TABLE_A {
unsigned long dwVersion;
ENUMERATE_SECURITY_PACKAGES_FN_A EnumerateSecurityPackagesA;
QUERY_CREDENTIALS_ATTRIBUTES_FN_A QueryCredentialsAttributesA;
ACQUIRE_CREDENTIALS_HANDLE_FN_A AcquireCredentialsHandleA;
FREE_CREDENTIALS_HANDLE_FN FreeCredentialHandle;
#ifndef WIN32_CHICAGO
void SEC_FAR * Reserved2;
#else // WIN32_CHICAGO
SSPI_LOGON_USER_FN SspiLogonUserA;
#endif // WIN32_CHICAGO
INITIALIZE_SECURITY_CONTEXT_FN_A InitializeSecurityContextA;
ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
APPLY_CONTROL_TOKEN_FN ApplyControlToken;
QUERY_CONTEXT_ATTRIBUTES_FN_A QueryContextAttributesA;
IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
MAKE_SIGNATURE_FN MakeSignature;
VERIFY_SIGNATURE_FN VerifySignature;
FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
QUERY_SECURITY_PACKAGE_INFO_FN_A QuerySecurityPackageInfoA;
void SEC_FAR * Reserved3;
void SEC_FAR * Reserved4;
EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
IMPORT_SECURITY_CONTEXT_FN_A ImportSecurityContextA;
void SEC_FAR * Reserved7;
void SEC_FAR * Reserved8;
QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
ENCRYPT_MESSAGE_FN EncryptMessage;
DECRYPT_MESSAGE_FN DecryptMessage;
} SecurityFunctionTableA, SEC_FAR * PSecurityFunctionTableA;
#ifdef UNICODE
# define SecurityFunctionTable SecurityFunctionTableW
# define PSecurityFunctionTable PSecurityFunctionTableW
#else
# define SecurityFunctionTable SecurityFunctionTableA
# define PSecurityFunctionTable PSecurityFunctionTableA
#endif // !UNICODE
#define SECURITY_
#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION 1
PSecurityFunctionTableA SEC_ENTRY
InitSecurityInterfaceA(
void
);
typedef PSecurityFunctionTableA
(SEC_ENTRY * INIT_SECURITY_INTERFACE_A)(void);
// begin_ntifs
PSecurityFunctionTableW SEC_ENTRY
InitSecurityInterfaceW(
void
);
typedef PSecurityFunctionTableW
(SEC_ENTRY * INIT_SECURITY_INTERFACE_W)(void);
// end_ntifs
#ifdef UNICODE
# define InitSecurityInterface InitSecurityInterfaceW // ntifs
# define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W // ntifs
#else
# define InitSecurityInterface InitSecurityInterfaceA
# define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_A
#endif // !UNICODE
typedef struct _SECURITY_PACKAGE_OPTIONS {
unsigned long Size;
unsigned long Type;
unsigned long Flags;
unsigned long SignatureSize;
void SEC_FAR * Signature;
} SECURITY_PACKAGE_OPTIONS, SEC_FAR * PSECURITY_PACKAGE_OPTIONS;
#define SECPKG_OPTIONS_TYPE_UNKNOWN 0
#define SECPKG_OPTIONS_TYPE_LSA 1
#define SECPKG_OPTIONS_TYPE_SSPI 2
#define SECPKG_OPTIONS_PERMANENT 0x00000001
SECURITY_STATUS
SEC_ENTRY
AddSecurityPackageA(
SEC_CHAR SEC_FAR * pszPackageName,
SECURITY_PACKAGE_OPTIONS SEC_FAR * Options
);
SECURITY_STATUS
SEC_ENTRY
AddSecurityPackageW(
SEC_WCHAR SEC_FAR * pszPackageName,
SECURITY_PACKAGE_OPTIONS SEC_FAR * Options
);
#ifdef UNICODE
#define AddSecurityPackage AddSecurityPackageW
#else
#define AddSecurityPackage AddSecurityPackageA
#endif
SECURITY_STATUS
SEC_ENTRY
DeleteSecurityPackageA(
SEC_CHAR SEC_FAR * pszPackageName );
SECURITY_STATUS
SEC_ENTRY
DeleteSecurityPackageW(
SEC_WCHAR SEC_FAR * pszPackageName );
#ifdef UNICODE
#define DeleteSecurityPackage DeleteSecurityPackageW
#else
#define DeleteSecurityPackage DeleteSecurityPackageA
#endif
//
// Extended Name APIs for NTDS
//
typedef enum
{
// Examples for the following formats assume a fictitous company
// which hooks into the global X.500 and DNS name spaces as follows.
//
// Enterprise root domain in DNS is
//
// widget.com
//
// Enterprise root domain in X.500 (RFC 1779 format) is
//
// O=Widget, C=US
//
// There exists the child domain
//
// engineering.widget.com
//
// equivalent to
//
// OU=Engineering, O=Widget, C=US
//
// There exists a container within the Engineering domain
//
// OU=Software, OU=Engineering, O=Widget, C=US
//
// There exists the user
//
// CN=Spencer Katt, OU=Software, OU=Engineering, O=Widget, C=US
//
// And this user's downlevel (pre-NTDS) user name is
//
// Engineering\SpencerK
// unknown name type
NameUnknown = 0,
// CN=Spencer Katt, OU=Software, OU=Engineering, O=Widget, C=US
NameFullyQualifiedDN = 1,
// Engineering\SpencerK
NameSamCompatible = 2,
// Probably "Spencer Katt" but could be something else. I.e. The
// display name is not necessarily the defining RDN.
NameDisplay = 3,
// xxx@engineering.widget.com where xxx could be "SpencerK" or
// anything else. Could be multi-valued to handle migration and aliasing.
NameDomainSimple = 4,
// xxx@widget.com where xxx could be "SpencerK" or anything else.
// Could be multi-valued to handle migration and aliasing.
NameEnterpriseSimple = 5,
// String-ized GUID as returned by IIDFromString().
// eg: {4fa050f0-f561-11cf-bdd9-00aa003a77b6}
NameUniqueId = 6,
// engineering.widget.com/software/spencer katt
NameCanonical = 7
} EXTENDED_NAME_FORMAT, * PEXTENDED_NAME_FORMAT ;
BOOLEAN
SEC_ENTRY
GetUserNameExA(
EXTENDED_NAME_FORMAT NameFormat,
LPSTR lpNameBuffer,
PULONG nSize
);
BOOLEAN
SEC_ENTRY
GetUserNameExW(
EXTENDED_NAME_FORMAT NameFormat,
LPWSTR lpNameBuffer,
PULONG nSize
);
#ifdef UNICODE
#define GetUserNameEx GetUserNameExW
#else
#define GetUserNameEx GetUserNameExA
#endif
BOOLEAN
SEC_ENTRY
TranslateNameA(
LPCSTR lpAccountName,
EXTENDED_NAME_FORMAT AccountNameFormat,
EXTENDED_NAME_FORMAT DesiredNameFormat,
LPSTR lpTranslatedName,
PULONG nSize
);
BOOLEAN
SEC_ENTRY
TranslateNameW(
LPCWSTR lpAccountName,
EXTENDED_NAME_FORMAT AccountNameFormat,
EXTENDED_NAME_FORMAT DesiredNameFormat,
LPWSTR lpTranslatedName,
PULONG nSize
);
#ifdef UNICODE
#define TranslateName TranslateNameW
#else
#define TranslateName TranslateNameA
#endif
#ifdef SECURITY_DOS
#pragma warning(default:4147)
#endif
#endif // __SSPI_H__
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -