]> git.proxmox.com Git - rustc.git/blame - vendor/winapi/src/um/ntsecapi.rs
projects / rustc.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
New upstream version 1.41.1+dfsg1
[rustc.git] / vendor / winapi / src / um / ntsecapi.rs
CommitLineData
ff7c6d11
XL		 1// Licensed under the Apache License, Version 2.0
2// <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
3// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
4// All files in the project carrying such notice may not be copied, modified, or distributed
5// except according to those terms.
6//! This module defines the Local Security Authority APIs.
ff7c6d11
XL		 7use shared::basetsd::{ULONG64, ULONG_PTR};
8use shared::guiddef::GUID;
8faf50e0 9use shared::minwindef::{PUCHAR, PULONG, UCHAR, ULONG, USHORT};
ff7c6d11
XL		 10use shared::ntdef::NTSTATUS;
11use shared::sspi::SecHandle;
12use um::lsalookup::{
13 LSA_TRUST_INFORMATION, LSA_UNICODE_STRING, PLSA_TRUST_INFORMATION, PLSA_UNICODE_STRING
14};
15use um::subauth::{PUNICODE_STRING, STRING, UNICODE_STRING};
16use um::winnt::{
8faf50e0
XL		 17 ACCESS_MASK, ANYSIZE_ARRAY, BOOLEAN, HANDLE, LARGE_INTEGER, LONG, LUID, PACL, PCSTR, PCWSTR,
18 PSECURITY_DESCRIPTOR, PSID, PSTR, PVOID, PWSTR, QUOTA_LIMITS, SECURITY_INFORMATION, SHORT, SID,
19 SID_NAME_USE, STANDARD_RIGHTS_EXECUTE, STANDARD_RIGHTS_READ, STANDARD_RIGHTS_REQUIRED,
20 STANDARD_RIGHTS_WRITE, ULONGLONG
ff7c6d11 21};
0bf4aa26
XL		 22DEFINE_GUID!{Audit_System_SecurityStateChange,
23 0x0cce9210, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
24DEFINE_GUID!{Audit_System_SecuritySubsystemExtension,
25 0x0cce9211, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
26DEFINE_GUID!{Audit_System_Integrity,
27 0x0cce9212, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
28DEFINE_GUID!{Audit_System_IPSecDriverEvents,
29 0x0cce9213, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
30DEFINE_GUID!{Audit_System_Others,
31 0x0cce9214, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
32DEFINE_GUID!{Audit_Logon_Logon,
33 0x0cce9215, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
34DEFINE_GUID!{Audit_Logon_Logoff,
35 0x0cce9216, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
36DEFINE_GUID!{Audit_Logon_AccountLockout,
37 0x0cce9217, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
38DEFINE_GUID!{Audit_Logon_IPSecMainMode,
39 0x0cce9218, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
40DEFINE_GUID!{Audit_Logon_IPSecQuickMode,
41 0x0cce9219, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
42DEFINE_GUID!{Audit_Logon_IPSecUserMode,
43 0x0cce921a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
44DEFINE_GUID!{Audit_Logon_SpecialLogon,
45 0x0cce921b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
46DEFINE_GUID!{Audit_Logon_Others,
47 0x0cce921c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
48DEFINE_GUID!{Audit_ObjectAccess_FileSystem,
49 0x0cce921d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
50DEFINE_GUID!{Audit_ObjectAccess_Registry,
51 0x0cce921e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
52DEFINE_GUID!{Audit_ObjectAccess_Kernel,
53 0x0cce921f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
54DEFINE_GUID!{Audit_ObjectAccess_Sam,
55 0x0cce9220, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
56DEFINE_GUID!{Audit_ObjectAccess_CertificationServices,
57 0x0cce9221, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
58DEFINE_GUID!{Audit_ObjectAccess_ApplicationGenerated,
59 0x0cce9222, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
60DEFINE_GUID!{Audit_ObjectAccess_Handle,
61 0x0cce9223, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
62DEFINE_GUID!{Audit_ObjectAccess_Share,
63 0x0cce9224, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
64DEFINE_GUID!{Audit_ObjectAccess_FirewallPacketDrops,
65 0x0cce9225, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
66DEFINE_GUID!{Audit_ObjectAccess_FirewallConnection,
67 0x0cce9226, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
68DEFINE_GUID!{Audit_ObjectAccess_Other,
69 0x0cce9227, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
70DEFINE_GUID!{Audit_PrivilegeUse_Sensitive,
71 0x0cce9228, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
72DEFINE_GUID!{Audit_PrivilegeUse_NonSensitive,
73 0x0cce9229, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
74DEFINE_GUID!{Audit_PrivilegeUse_Others,
75 0x0cce922a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
76DEFINE_GUID!{Audit_DetailedTracking_ProcessCreation,
77 0x0cce922b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
78DEFINE_GUID!{Audit_DetailedTracking_ProcessTermination,
79 0x0cce922c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
80DEFINE_GUID!{Audit_DetailedTracking_DpapiActivity,
81 0x0cce922d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
82DEFINE_GUID!{Audit_DetailedTracking_RpcCall,
83 0x0cce922e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
84DEFINE_GUID!{Audit_PolicyChange_AuditPolicy,
85 0x0cce922f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
86DEFINE_GUID!{Audit_PolicyChange_AuthenticationPolicy,
87 0x0cce9230, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
88DEFINE_GUID!{Audit_PolicyChange_AuthorizationPolicy,
89 0x0cce9231, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
90DEFINE_GUID!{Audit_PolicyChange_MpsscvRulePolicy,
91 0x0cce9232, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
92DEFINE_GUID!{Audit_PolicyChange_WfpIPSecPolicy,
93 0x0cce9233, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
94DEFINE_GUID!{Audit_PolicyChange_Others,
95 0x0cce9234, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
96DEFINE_GUID!{Audit_AccountManagement_UserAccount,
97 0x0cce9235, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
98DEFINE_GUID!{Audit_AccountManagement_ComputerAccount,
99 0x0cce9236, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
100DEFINE_GUID!{Audit_AccountManagement_SecurityGroup,
101 0x0cce9237, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
102DEFINE_GUID!{Audit_AccountManagement_DistributionGroup,
103 0x0cce9238, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
104DEFINE_GUID!{Audit_AccountManagement_ApplicationGroup,
105 0x0cce9239, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
106DEFINE_GUID!{Audit_AccountManagement_Others,
107 0x0cce923a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
108DEFINE_GUID!{Audit_DSAccess_DSAccess,
109 0x0cce923b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
110DEFINE_GUID!{Audit_DsAccess_AdAuditChanges,
111 0x0cce923c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
112DEFINE_GUID!{Audit_Ds_Replication,
113 0x0cce923d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
114DEFINE_GUID!{Audit_Ds_DetailedReplication,
115 0x0cce923e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
116DEFINE_GUID!{Audit_AccountLogon_CredentialValidation,
117 0x0cce923f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
118DEFINE_GUID!{Audit_AccountLogon_Kerberos,
119 0x0cce9240, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
120DEFINE_GUID!{Audit_AccountLogon_Others,
121 0x0cce9241, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
122DEFINE_GUID!{Audit_AccountLogon_KerbCredentialValidation,
123 0x0cce9242, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
124DEFINE_GUID!{Audit_Logon_NPS,
125 0x0cce9243, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
126DEFINE_GUID!{Audit_ObjectAccess_DetailedFileShare,
127 0x0cce9244, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
128DEFINE_GUID!{Audit_ObjectAccess_RemovableStorage,
129 0x0cce9245, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
130DEFINE_GUID!{Audit_ObjectAccess_CbacStaging,
131 0x0cce9246, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
132DEFINE_GUID!{Audit_Logon_Claims,
133 0x0cce9247, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
134DEFINE_GUID!{Audit_System,
135 0x69979848, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
136DEFINE_GUID!{Audit_Logon,
137 0x69979849, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
138DEFINE_GUID!{Audit_ObjectAccess,
139 0x6997984a, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
140DEFINE_GUID!{Audit_PrivilegeUse,
141 0x6997984b, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
142DEFINE_GUID!{Audit_DetailedTracking,
143 0x6997984c, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
144DEFINE_GUID!{Audit_PolicyChange,
145 0x6997984d, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
146DEFINE_GUID!{Audit_AccountManagement,
147 0x6997984e, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
148DEFINE_GUID!{Audit_DirectoryServiceAccess,
149 0x6997984f, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
150DEFINE_GUID!{Audit_AccountLogon,
151 0x69979850, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
ff7c6d11
XL		 152ENUM!{enum POLICY_AUDIT_EVENT_TYPE {
153 AuditCategorySystem = 0,
154 AuditCategoryLogon,
155 AuditCategoryObjectAccess,
156 AuditCategoryPrivilegeUse,
157 AuditCategoryDetailedTracking,
158 AuditCategoryPolicyChange,
159 AuditCategoryAccountManagement,
160 AuditCategoryDirectoryServiceAccess,
161 AuditCategoryAccountLogon,
162}}
163pub type PPOLICY_AUDIT_EVENT_TYPE = *mut POLICY_AUDIT_EVENT_TYPE;
164pub const POLICY_AUDIT_EVENT_UNCHANGED: POLICY_AUDIT_EVENT_OPTIONS = 0x00000000;
165pub const POLICY_AUDIT_EVENT_SUCCESS: POLICY_AUDIT_EVENT_OPTIONS = 0x00000001;
166pub const POLICY_AUDIT_EVENT_FAILURE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000002;
167pub const POLICY_AUDIT_EVENT_NONE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000004;
168pub const POLICY_AUDIT_EVENT_MASK: POLICY_AUDIT_EVENT_OPTIONS = POLICY_AUDIT_EVENT_SUCCESS
169 | POLICY_AUDIT_EVENT_FAILURE | POLICY_AUDIT_EVENT_UNCHANGED | POLICY_AUDIT_EVENT_NONE;
170pub const POLICY_VIEW_LOCAL_INFORMATION: ACCESS_MASK = 0x00000001;
171pub const POLICY_VIEW_AUDIT_INFORMATION: ACCESS_MASK = 0x00000002;
172pub const POLICY_GET_PRIVATE_INFORMATION: ACCESS_MASK = 0x00000004;
173pub const POLICY_TRUST_ADMIN: ACCESS_MASK = 0x00000008;
174pub const POLICY_CREATE_ACCOUNT: ACCESS_MASK = 0x00000010;
175pub const POLICY_CREATE_SECRET: ACCESS_MASK = 0x00000020;
176pub const POLICY_CREATE_PRIVILEGE: ACCESS_MASK = 0x00000040;
177pub const POLICY_SET_DEFAULT_QUOTA_LIMITS: ACCESS_MASK = 0x00000080;
178pub const POLICY_SET_AUDIT_REQUIREMENTS: ACCESS_MASK = 0x00000100;
179pub const POLICY_AUDIT_LOG_ADMIN: ACCESS_MASK = 0x00000200;
180pub const POLICY_SERVER_ADMIN: ACCESS_MASK = 0x00000400;
181pub const POLICY_LOOKUP_NAMES: ACCESS_MASK = 0x00000800;
182pub const POLICY_NOTIFICATION: ACCESS_MASK = 0x00001000;
183pub const POLICY_ALL_ACCESS: ACCESS_MASK = STANDARD_RIGHTS_REQUIRED
184 | POLICY_VIEW_LOCAL_INFORMATION | POLICY_VIEW_AUDIT_INFORMATION
185 | POLICY_GET_PRIVATE_INFORMATION | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT
186 | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS
187 | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN
188 | POLICY_LOOKUP_NAMES;
189pub const POLICY_READ: ACCESS_MASK = STANDARD_RIGHTS_READ | POLICY_VIEW_AUDIT_INFORMATION
190 | POLICY_GET_PRIVATE_INFORMATION;
191pub const POLICY_WRITE: ACCESS_MASK = STANDARD_RIGHTS_WRITE | POLICY_TRUST_ADMIN
192 | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE
193 | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN
194 | POLICY_SERVER_ADMIN;
195pub const POLICY_EXECUTE: ACCESS_MASK = STANDARD_RIGHTS_EXECUTE
196 | POLICY_VIEW_LOCAL_INFORMATION | POLICY_LOOKUP_NAMES;
197STRUCT!{struct LSA_TRANSLATED_SID {
198 Use: SID_NAME_USE,
199 RelativeId: ULONG,
200 DomainIndex: LONG,
201}}
202pub type PLSA_TRANSLATED_SID = *mut LSA_TRANSLATED_SID;
203ENUM!{enum POLICY_LSA_SERVER_ROLE {
204 PolicyServerRoleBackup = 2,
205 PolicyServerRolePrimary,
206}}
207pub type PPOLICY_LSA_SERVER_ROLE = *mut POLICY_LSA_SERVER_ROLE;
208pub type POLICY_AUDIT_EVENT_OPTIONS = ULONG;
209pub type PPOLICY_AUDIT_EVENT_OPTIONS = *mut ULONG;
210ENUM!{enum POLICY_INFORMATION_CLASS {
211 PolicyAuditLogInformation = 1,
212 PolicyAuditEventsInformation,
213 PolicyPrimaryDomainInformation,
214 PolicyPdAccountInformation,
215 PolicyAccountDomainInformation,
216 PolicyLsaServerRoleInformation,
217 PolicyReplicaSourceInformation,
218 PolicyDefaultQuotaInformation,
219 PolicyModificationInformation,
220 PolicyAuditFullSetInformation,
221 PolicyAuditFullQueryInformation,
222 PolicyDnsDomainInformation,
223 PolicyDnsDomainInformationInt,
224 PolicyLocalAccountDomainInformation,
225 PolicyLastEntry,
226}}
227pub type PPOLICY_INFORMATION_CLASS = *mut POLICY_INFORMATION_CLASS;
228STRUCT!{struct POLICY_AUDIT_LOG_INFO {
229 AuditLogPercentFull: ULONG,
230 MaximumLogSize: ULONG,
231 AuditRetentionPeriod: LARGE_INTEGER,
232 AuditLogFullShutdownInProgress: BOOLEAN,
233 TimeToShutdown: LARGE_INTEGER,
234 NextAuditRecordId: ULONG,
235}}
236pub type PPOLICY_AUDIT_LOG_INFO = *mut POLICY_AUDIT_LOG_INFO;
237STRUCT!{struct POLICY_AUDIT_EVENTS_INFO {
238 AuditingMode: BOOLEAN,
239 EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
240 MaximumAuditEventCount: ULONG,
241}}
242pub type PPOLICY_AUDIT_EVENTS_INFO = *mut POLICY_AUDIT_EVENTS_INFO;
243STRUCT!{struct POLICY_AUDIT_SUBCATEGORIES_INFO {
244 MaximumSubCategoryCount: ULONG,
245 EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
246}}
247pub type PPOLICY_AUDIT_SUBCATEGORIES_INFO = *mut POLICY_AUDIT_SUBCATEGORIES_INFO;
248STRUCT!{struct POLICY_AUDIT_CATEGORIES_INFO {
249 MaximumSubCategoryCount: ULONG,
250 SubCategoriesInfo: PPOLICY_AUDIT_SUBCATEGORIES_INFO,
251}}
252pub type PPOLICY_AUDIT_CATEGORIES_INFO = *mut POLICY_AUDIT_CATEGORIES_INFO;
253pub const PER_USER_POLICY_UNCHANGED: ULONG = 0x00;
254pub const PER_USER_AUDIT_SUCCESS_INCLUDE: ULONG = 0x01;
255pub const PER_USER_AUDIT_SUCCESS_EXCLUDE: ULONG = 0x02;
256pub const PER_USER_AUDIT_FAILURE_INCLUDE: ULONG = 0x04;
257pub const PER_USER_AUDIT_FAILURE_EXCLUDE: ULONG = 0x08;
258pub const PER_USER_AUDIT_NONE: ULONG = 0x10;
259pub const VALID_PER_USER_AUDIT_POLICY_FLAG: ULONG = PER_USER_AUDIT_SUCCESS_INCLUDE
260 | PER_USER_AUDIT_SUCCESS_EXCLUDE | PER_USER_AUDIT_FAILURE_INCLUDE
261 | PER_USER_AUDIT_FAILURE_EXCLUDE | PER_USER_AUDIT_NONE;
262STRUCT!{struct POLICY_PRIMARY_DOMAIN_INFO {
263 Name: LSA_UNICODE_STRING,
264 Sid: PSID,
265}}
266pub type PPOLICY_PRIMARY_DOMAIN_INFO = *mut POLICY_PRIMARY_DOMAIN_INFO;
267STRUCT!{struct POLICY_PD_ACCOUNT_INFO {
268 Name: LSA_UNICODE_STRING,
269}}
270pub type PPOLICY_PD_ACCOUNT_INFO = *mut POLICY_PD_ACCOUNT_INFO;
271STRUCT!{struct POLICY_LSA_SERVER_ROLE_INFO {
272 LsaServerRole: POLICY_LSA_SERVER_ROLE,
273}}
274pub type PPOLICY_LSA_SERVER_ROLE_INFO = *mut POLICY_LSA_SERVER_ROLE_INFO;
275STRUCT!{struct POLICY_REPLICA_SOURCE_INFO {
276 ReplicaSource: LSA_UNICODE_STRING,
277 ReplicaAccountName: LSA_UNICODE_STRING,
278}}
279pub type PPOLICY_REPLICA_SOURCE_INFO = *mut POLICY_REPLICA_SOURCE_INFO;
280STRUCT!{struct POLICY_DEFAULT_QUOTA_INFO {
281 QuotaLimits: QUOTA_LIMITS,
282}}
283pub type PPOLICY_DEFAULT_QUOTA_INFO = *mut POLICY_DEFAULT_QUOTA_INFO;
284STRUCT!{struct POLICY_MODIFICATION_INFO {
285 ModifiedId: LARGE_INTEGER,
286 DatabaseCreationTime: LARGE_INTEGER,
287}}
288pub type PPOLICY_MODIFICATION_INFO = *mut POLICY_MODIFICATION_INFO;
289STRUCT!{struct POLICY_AUDIT_FULL_SET_INFO {
290 ShutDownOnFull: BOOLEAN,
291}}
292pub type PPOLICY_AUDIT_FULL_SET_INFO = *mut POLICY_AUDIT_FULL_SET_INFO;
293STRUCT!{struct POLICY_AUDIT_FULL_QUERY_INFO {
294 ShutDownOnFull: BOOLEAN,
295 LogIsFull: BOOLEAN,
296}}
297pub type PPOLICY_AUDIT_FULL_QUERY_INFO = *mut POLICY_AUDIT_FULL_QUERY_INFO;
298ENUM!{enum POLICY_DOMAIN_INFORMATION_CLASS {
299 PolicyDomainEfsInformation = 2,
300 PolicyDomainKerberosTicketInformation,
301}}
302pub type PPOLICY_DOMAIN_INFORMATION_CLASS = *mut POLICY_DOMAIN_INFORMATION_CLASS;
303STRUCT!{struct POLICY_DOMAIN_EFS_INFO {
304 InfoLength: ULONG,
305 EfsBlob: PUCHAR,
306}}
307pub type PPOLICY_DOMAIN_EFS_INFO = *mut POLICY_DOMAIN_EFS_INFO;
308STRUCT!{struct POLICY_DOMAIN_KERBEROS_TICKET_INFO {
309 AuthenticationOptions: ULONG,
310 MaxServiceTicketAge: LARGE_INTEGER,
311 MaxTicketAge: LARGE_INTEGER,
312 MaxRenewAge: LARGE_INTEGER,
313 MaxClockSkew: LARGE_INTEGER,
314 Reserved: LARGE_INTEGER,
315}}
316pub type PPOLICY_DOMAIN_KERBEROS_TICKET_INFO = *mut POLICY_DOMAIN_KERBEROS_TICKET_INFO;
317ENUM!{enum POLICY_NOTIFICATION_INFORMATION_CLASS {
318 PolicyNotifyAuditEventsInformation = 1,
319 PolicyNotifyAccountDomainInformation,
320 PolicyNotifyServerRoleInformation,
321 PolicyNotifyDnsDomainInformation,
322 PolicyNotifyDomainEfsInformation,
323 PolicyNotifyDomainKerberosTicketInformation,
324 PolicyNotifyMachineAccountPasswordInformation,
325 PolicyNotifyGlobalSaclInformation,
326 PolicyNotifyMax,
327}}
328pub type PPOLICY_NOTIFICATION_INFORMATION_CLASS = *mut POLICY_NOTIFICATION_INFORMATION_CLASS;
329pub type LSA_HANDLE = PVOID;
330pub type PLSA_HANDLE = *mut PVOID;
331ENUM!{enum TRUSTED_INFORMATION_CLASS {
332 TrustedDomainNameInformation = 1,
333 TrustedControllersInformation,
334 TrustedPosixOffsetInformation,
335 TrustedPasswordInformation,
336 TrustedDomainInformationBasic,
337 TrustedDomainInformationEx,
338 TrustedDomainAuthInformation,
339 TrustedDomainFullInformation,
340 TrustedDomainAuthInformationInternal,
341 TrustedDomainFullInformationInternal,
342 TrustedDomainInformationEx2Internal,
343 TrustedDomainFullInformation2Internal,
344 TrustedDomainSupportedEncryptionTypes,
345}}
346pub type PTRUSTED_INFORMATION_CLASS = *mut TRUSTED_INFORMATION_CLASS;
347STRUCT!{struct TRUSTED_DOMAIN_NAME_INFO {
348 Name: LSA_UNICODE_STRING,
349}}
350pub type PTRUSTED_DOMAIN_NAME_INFO = *mut TRUSTED_DOMAIN_NAME_INFO;
351STRUCT!{struct TRUSTED_CONTROLLERS_INFO {
352 Entries: ULONG,
353 Names: PLSA_UNICODE_STRING,
354}}
355pub type PTRUSTED_CONTROLLERS_INFO = *mut TRUSTED_CONTROLLERS_INFO;
356STRUCT!{struct TRUSTED_POSIX_OFFSET_INFO {
357 Offset: ULONG,
358}}
359pub type PTRUSTED_POSIX_OFFSET_INFO = *mut TRUSTED_POSIX_OFFSET_INFO;
360STRUCT!{struct TRUSTED_PASSWORD_INFO {
361 Password: LSA_UNICODE_STRING,
362 OldPassword: LSA_UNICODE_STRING,
363}}
364pub type PTRUSTED_PASSWORD_INFO = *mut TRUSTED_PASSWORD_INFO;
365pub type TRUSTED_DOMAIN_INFORMATION_BASIC = LSA_TRUST_INFORMATION;
366pub type PTRUSTED_DOMAIN_INFORMATION_BASIC = PLSA_TRUST_INFORMATION;
367pub const TRUST_DIRECTION_DISABLED: ULONG = 0x00000000;
368pub const TRUST_DIRECTION_INBOUND: ULONG = 0x00000001;
369pub const TRUST_DIRECTION_OUTBOUND: ULONG = 0x00000002;
370pub const TRUST_DIRECTION_BIDIRECTIONAL: ULONG = TRUST_DIRECTION_INBOUND
371 | TRUST_DIRECTION_OUTBOUND;
372pub const TRUST_TYPE_DOWNLEVEL: ULONG = 0x00000001;
373pub const TRUST_TYPE_UPLEVEL: ULONG = 0x00000002;
374pub const TRUST_TYPE_MIT: ULONG = 0x00000003;
375pub const TRUST_ATTRIBUTE_NON_TRANSITIVE: ULONG = 0x00000001;
376pub const TRUST_ATTRIBUTE_UPLEVEL_ONLY: ULONG = 0x00000002;
377pub const TRUST_ATTRIBUTE_QUARANTINED_DOMAIN: ULONG = 0x00000004;
378pub const TRUST_ATTRIBUTE_FOREST_TRANSITIVE: ULONG = 0x00000008;
379pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION: ULONG = 0x00000010;
380pub const TRUST_ATTRIBUTE_WITHIN_FOREST: ULONG = 0x00000020;
381pub const TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL: ULONG = 0x00000040;
382pub const TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION: ULONG = 0x00000080;
383pub const TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS: ULONG = 0x00000100;
384pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION: ULONG = 0x00000200;
385pub const TRUST_ATTRIBUTES_VALID: ULONG = 0xFF03FFFF;
386pub const TRUST_ATTRIBUTES_USER: ULONG = 0xFF000000;
387STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX {
388 Name: LSA_UNICODE_STRING,
389 FlatName: LSA_UNICODE_STRING,
390 Sid: PSID,
391 TrustDirection: ULONG,
392 TrustType: ULONG,
393 TrustAttributes: ULONG,
394}}
395pub type PTRUSTED_DOMAIN_INFORMATION_EX = *mut TRUSTED_DOMAIN_INFORMATION_EX;
396STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX2 {
397 Name: LSA_UNICODE_STRING,
398 FlatName: LSA_UNICODE_STRING,
399 Sid: PSID,
400 TrustDirection: ULONG,
401 TrustType: ULONG,
402 TrustAttributes: ULONG,
403 ForestTrustLength: ULONG,
404 ForestTrustInfo: PUCHAR,
405}}
406pub type PTRUSTED_DOMAIN_INFORMATION_EX2 = *mut TRUSTED_DOMAIN_INFORMATION_EX2;
407pub const TRUST_AUTH_TYPE_NONE: ULONG = 0;
408pub const TRUST_AUTH_TYPE_NT4OWF: ULONG = 1;
409pub const TRUST_AUTH_TYPE_CLEAR: ULONG = 2;
410pub const TRUST_AUTH_TYPE_VERSION: ULONG = 3;
411STRUCT!{struct LSA_AUTH_INFORMATION {
412 LastUpdateTime: LARGE_INTEGER,
413 AuthType: ULONG,
414 AuthInfoLength: ULONG,
415 AuthInfo: PUCHAR,
416}}
417pub type PLSA_AUTH_INFORMATION = *mut LSA_AUTH_INFORMATION;
418STRUCT!{struct TRUSTED_DOMAIN_AUTH_INFORMATION {
419 IncomingAuthInfos: ULONG,
420 IncomingAuthenticationInformation: PLSA_AUTH_INFORMATION,
421 IncomingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
422 OutgoingAuthInfos: ULONG,
423 OutgoingAuthenticationInformation: PLSA_AUTH_INFORMATION,
424 OutgoingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
425}}
426pub type PTRUSTED_DOMAIN_AUTH_INFORMATION = *mut TRUSTED_DOMAIN_AUTH_INFORMATION;
427STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION {
428 Information: TRUSTED_DOMAIN_INFORMATION_EX,
429 PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
430 AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
431}}
432pub type PTRUSTED_DOMAIN_FULL_INFORMATION = *mut TRUSTED_DOMAIN_FULL_INFORMATION;
433STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION2 {
434 Information: TRUSTED_DOMAIN_INFORMATION_EX2,
435 PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
436 AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
437}}
438pub type PTRUSTED_DOMAIN_FULL_INFORMATION2 = *mut TRUSTED_DOMAIN_FULL_INFORMATION2;
439STRUCT!{struct TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES {
440 SupportedEncryptionTypes: ULONG,
441}}
442pub type PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES =
443 *mut TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES;
444ENUM!{enum LSA_FOREST_TRUST_RECORD_TYPE {
445 ForestTrustTopLevelName,
446 ForestTrustTopLevelNameEx,
447 ForestTrustDomainInfo,
448 ForestTrustRecordTypeLast, // = ForestTrustDomainInfo,
449}}
450pub const LSA_FTRECORD_DISABLED_REASONS: ULONG = 0x0000FFFF;
451pub const LSA_TLN_DISABLED_NEW: ULONG = 0x00000001;
452pub const LSA_TLN_DISABLED_ADMIN: ULONG = 0x00000002;
453pub const LSA_TLN_DISABLED_CONFLICT: ULONG = 0x00000004;
454pub const LSA_SID_DISABLED_ADMIN: ULONG = 0x00000001;
455pub const LSA_SID_DISABLED_CONFLICT: ULONG = 0x00000002;
456pub const LSA_NB_DISABLED_ADMIN: ULONG = 0x00000004;
457pub const LSA_NB_DISABLED_CONFLICT: ULONG = 0x00000008;
458STRUCT!{struct LSA_FOREST_TRUST_DOMAIN_INFO {
459 Sid: PSID,
460 DnsName: LSA_UNICODE_STRING,
461 NetbiosName: LSA_UNICODE_STRING,
462}}
463pub type PLSA_FOREST_TRUST_DOMAIN_INFO = *mut LSA_FOREST_TRUST_DOMAIN_INFO;
464pub const MAX_FOREST_TRUST_BINARY_DATA_SIZE: ULONG = 128 * 1024;
465STRUCT!{struct LSA_FOREST_TRUST_BINARY_DATA {
466 Length: ULONG,
467 Buffer: PUCHAR,
468}}
469pub type PLSA_FOREST_TRUST_BINARY_DATA = *mut LSA_FOREST_TRUST_BINARY_DATA;
470UNION!{union LSA_FOREST_TRUST_RECORD_ForestTrustData {
471 [usize; 5],
472 TopLevelName TopLevelName_mut: LSA_UNICODE_STRING,
473 DomainInfo DomainInfo_mut: LSA_FOREST_TRUST_DOMAIN_INFO,
474 Data Data_mut: LSA_FOREST_TRUST_BINARY_DATA,
475}}
476STRUCT!{struct LSA_FOREST_TRUST_RECORD {
477 Flags: ULONG,
478 ForestTrustType: LSA_FOREST_TRUST_RECORD_TYPE,
479 Time: LARGE_INTEGER,
480 ForestTrustData: LSA_FOREST_TRUST_RECORD_ForestTrustData,
481}}
482pub type PLSA_FOREST_TRUST_RECORD = *mut LSA_FOREST_TRUST_RECORD;
483pub const MAX_RECORDS_IN_FOREST_TRUST_INFO: ULONG = 4000;
484STRUCT!{struct LSA_FOREST_TRUST_INFORMATION {
485 RecordCount: ULONG,
486 Entries: *mut PLSA_FOREST_TRUST_RECORD,
487}}
488pub type PLSA_FOREST_TRUST_INFORMATION = *mut LSA_FOREST_TRUST_INFORMATION;
489ENUM!{enum LSA_FOREST_TRUST_COLLISION_RECORD_TYPE {
490 CollisionTdo,
491 CollisionXref,
492 CollisionOther,
493}}
494STRUCT!{struct LSA_FOREST_TRUST_COLLISION_RECORD {
495 Index: ULONG,
496 Type: LSA_FOREST_TRUST_COLLISION_RECORD_TYPE,
497 Flags: ULONG,
498 Name: LSA_UNICODE_STRING,
499}}
500pub type PLSA_FOREST_TRUST_COLLISION_RECORD = *mut LSA_FOREST_TRUST_COLLISION_RECORD;
501STRUCT!{struct LSA_FOREST_TRUST_COLLISION_INFORMATION {
502 RecordCount: ULONG,
503 Entries: *mut PLSA_FOREST_TRUST_COLLISION_RECORD,
504}}
505pub type PLSA_FOREST_TRUST_COLLISION_INFORMATION = *mut LSA_FOREST_TRUST_COLLISION_INFORMATION;
506pub type LSA_ENUMERATION_HANDLE = ULONG;
507pub type PLSA_ENUMERATION_HANDLE = *mut ULONG;
508STRUCT!{struct LSA_ENUMERATION_INFORMATION {
509 Sid: PSID,
510}}
511pub type PLSA_ENUMERATION_INFORMATION = *mut LSA_ENUMERATION_INFORMATION;
512STRUCT!{struct LSA_LAST_INTER_LOGON_INFO {
513 LastSuccessfulLogon: LARGE_INTEGER,
514 LastFailedLogon: LARGE_INTEGER,
515 FailedAttemptCountSinceLastSuccessfulLogon: ULONG,
516}}
517pub type PLSA_LAST_INTER_LOGON_INFO = *mut LSA_LAST_INTER_LOGON_INFO;
518STRUCT!{struct SECURITY_LOGON_SESSION_DATA {
519 Size: ULONG,
520 LogonId: LUID,
521 UserName: LSA_UNICODE_STRING,
522 LogonDomain: LSA_UNICODE_STRING,
523 AuthenticationPackage: LSA_UNICODE_STRING,
524 LogonType: ULONG,
525 Session: ULONG,
526 Sid: PSID,
527 LogonTime: LARGE_INTEGER,
528 LogonServer: LSA_UNICODE_STRING,
529 DnsDomainName: LSA_UNICODE_STRING,
530 Upn: LSA_UNICODE_STRING,
531 UserFlags: ULONG,
532 LastLogonInfo: LSA_LAST_INTER_LOGON_INFO,
533 LogonScript: LSA_UNICODE_STRING,
534 ProfilePath: LSA_UNICODE_STRING,
535 HomeDirectory: LSA_UNICODE_STRING,
536 HomeDirectoryDrive: LSA_UNICODE_STRING,
537 LogoffTime: LARGE_INTEGER,
538 KickOffTime: LARGE_INTEGER,
539 PasswordLastSet: LARGE_INTEGER,
540 PasswordCanChange: LARGE_INTEGER,
541 PasswordMustChange: LARGE_INTEGER,
542}}
543pub type PSECURITY_LOGON_SESSION_DATA = *mut SECURITY_LOGON_SESSION_DATA;
544pub const CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000001;
545pub const CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000100;
546pub const CENTRAL_ACCESS_POLICY_STAGED_FLAG: ULONG = 0x00010000;
547pub const CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK: ULONG =
548 CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
549 | CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG
550 | CENTRAL_ACCESS_POLICY_STAGED_FLAG;
551pub const LSASETCAPS_RELOAD_FLAG: ULONG = 0x00000001;
552pub const LSASETCAPS_VALID_FLAG_MASK: ULONG = LSASETCAPS_RELOAD_FLAG;
553STRUCT!{struct CENTRAL_ACCESS_POLICY_ENTRY {
554 Name: LSA_UNICODE_STRING,
555 Description: LSA_UNICODE_STRING,
556 ChangeId: LSA_UNICODE_STRING,
557 LengthAppliesTo: ULONG,
558 AppliesTo: PUCHAR,
559 LengthSD: ULONG,
560 SD: PSECURITY_DESCRIPTOR,
561 LengthStagedSD: ULONG,
562 StagedSD: PSECURITY_DESCRIPTOR,
563 Flags: ULONG,
564}}
565pub type PCENTRAL_ACCESS_POLICY_ENTRY = *mut CENTRAL_ACCESS_POLICY_ENTRY;
566pub type PCCENTRAL_ACCESS_POLICY_ENTRY = *const CENTRAL_ACCESS_POLICY_ENTRY;
567STRUCT!{struct CENTRAL_ACCESS_POLICY {
568 CAPID: PSID,
569 Name: LSA_UNICODE_STRING,
570 Description: LSA_UNICODE_STRING,
571 ChangeId: LSA_UNICODE_STRING,
572 Flags: ULONG,
573 CAPECount: ULONG,
574 CAPEs: *mut PCENTRAL_ACCESS_POLICY_ENTRY,
575}}
576pub type PCENTRAL_ACCESS_POLICY = *mut CENTRAL_ACCESS_POLICY;
577pub type PCCENTRAL_ACCESS_POLICY = *const CENTRAL_ACCESS_POLICY;
578ENUM!{enum NEGOTIATE_MESSAGES {
579 NegEnumPackagePrefixes = 0,
580 NegGetCallerName = 1,
581 NegTransferCredentials = 2,
582 NegCallPackageMax,
583}}
584pub const NEGOTIATE_MAX_PREFIX: usize = 32;
585STRUCT!{struct NEGOTIATE_PACKAGE_PREFIX {
586 PackageId: ULONG_PTR,
587 PackageDataA: PVOID,
588 PackageDataW: PVOID,
589 PrefixLen: ULONG_PTR,
590 Prefix: [UCHAR; NEGOTIATE_MAX_PREFIX],
591}}
592pub type PNEGOTIATE_PACKAGE_PREFIX = *mut NEGOTIATE_PACKAGE_PREFIX;
593STRUCT!{struct NEGOTIATE_PACKAGE_PREFIXES {
594 MessageType: ULONG,
595 PrefixCount: ULONG,
596 Offset: ULONG,
597 Pad: ULONG,
598}}
599pub type PNEGOTIATE_PACKAGE_PREFIXES = *mut NEGOTIATE_PACKAGE_PREFIXES;
600STRUCT!{struct NEGOTIATE_CALLER_NAME_REQUEST {
601 MessageType: ULONG,
602 LogonId: LUID,
603}}
604pub type PNEGOTIATE_CALLER_NAME_REQUEST = *mut NEGOTIATE_CALLER_NAME_REQUEST;
605STRUCT!{struct NEGOTIATE_CALLER_NAME_RESPONSE {
606 MessageType: ULONG,
607 CallerName: PWSTR,
608}}
609pub type PNEGOTIATE_CALLER_NAME_RESPONSE = *mut NEGOTIATE_CALLER_NAME_RESPONSE;
610STRUCT!{struct DOMAIN_PASSWORD_INFORMATION {
611 MinPasswordLength: USHORT,
612 PasswordHistoryLength: USHORT,
613 PasswordProperties: ULONG,
614 MaxPasswordAge: LARGE_INTEGER,
615 MinPasswordAge: LARGE_INTEGER,
616}}
617pub type PDOMAIN_PASSWORD_INFORMATION = *mut DOMAIN_PASSWORD_INFORMATION;
618pub const DOMAIN_PASSWORD_COMPLEX: ULONG = 0x00000001;
619pub const DOMAIN_PASSWORD_NO_ANON_CHANGE: ULONG = 0x00000002;
620pub const DOMAIN_PASSWORD_NO_CLEAR_CHANGE: ULONG = 0x00000004;
621pub const DOMAIN_LOCKOUT_ADMINS: ULONG = 0x00000008;
622pub const DOMAIN_PASSWORD_STORE_CLEARTEXT: ULONG = 0x00000010;
623pub const DOMAIN_REFUSE_PASSWORD_CHANGE: ULONG = 0x00000020;
624pub const DOMAIN_NO_LM_OWF_CHANGE: ULONG = 0x00000040;
625FN!{stdcall PSAM_PASSWORD_NOTIFICATION_ROUTINE(
626 UserName: PUNICODE_STRING,
627 RelativeId: ULONG,
628 NewPassword: PUNICODE_STRING,
629) -> NTSTATUS}
630FN!{stdcall PSAM_INIT_NOTIFICATION_ROUTINE() -> BOOLEAN}
631FN!{stdcall PSAM_PASSWORD_FILTER_ROUTINE(
632 AccountName: PUNICODE_STRING,
633 FullName: PUNICODE_STRING,
634 Password: PUNICODE_STRING,
635 SetOperation: BOOLEAN,
636) -> BOOLEAN}
637ENUM!{enum MSV1_0_LOGON_SUBMIT_TYPE {
638 MsV1_0InteractiveLogon = 2,
639 MsV1_0Lm20Logon,
640 MsV1_0NetworkLogon,
641 MsV1_0SubAuthLogon,
642 MsV1_0WorkstationUnlockLogon = 7,
643 MsV1_0S4ULogon = 12,
644 MsV1_0VirtualLogon = 82,
645 MsV1_0NoElevationLogon = 83,
646 MsV1_0LuidLogon = 84,
647}}
648pub type PMSV1_0_LOGON_SUBMIT_TYPE = *mut MSV1_0_LOGON_SUBMIT_TYPE;
649ENUM!{enum MSV1_0_PROFILE_BUFFER_TYPE {
650 MsV1_0InteractiveProfile = 2,
651 MsV1_0Lm20LogonProfile,
652 MsV1_0SmartCardProfile,
653}}
654pub type PMSV1_0_PROFILE_BUFFER_TYPE = *mut MSV1_0_PROFILE_BUFFER_TYPE;
655STRUCT!{struct MSV1_0_INTERACTIVE_LOGON {
656 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
657 LogonDomainName: UNICODE_STRING,
658 UserName: UNICODE_STRING,
659 Password: UNICODE_STRING,
660}}
661pub type PMSV1_0_INTERACTIVE_LOGON = *mut MSV1_0_INTERACTIVE_LOGON;
662STRUCT!{struct MSV1_0_INTERACTIVE_PROFILE {
663 MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
664 LogonCount: USHORT,
665 BadPasswordCount: USHORT,
666 LogonTime: LARGE_INTEGER,
667 LogoffTime: LARGE_INTEGER,
668 KickOffTime: LARGE_INTEGER,
669 PasswordLastSet: LARGE_INTEGER,
670 PasswordCanChange: LARGE_INTEGER,
671 PasswordMustChange: LARGE_INTEGER,
672 LogonScript: UNICODE_STRING,
673 HomeDirectory: UNICODE_STRING,
674 FullName: UNICODE_STRING,
675 ProfilePath: UNICODE_STRING,
676 HomeDirectoryDrive: UNICODE_STRING,
677 LogonServer: UNICODE_STRING,
678 UserFlags: ULONG,
679}}
680pub type PMSV1_0_INTERACTIVE_PROFILE = *mut MSV1_0_INTERACTIVE_PROFILE;
681pub const MSV1_0_CHALLENGE_LENGTH: usize = 8;
682pub const MSV1_0_USER_SESSION_KEY_LENGTH: usize = 16;
683pub const MSV1_0_LANMAN_SESSION_KEY_LENGTH: usize = 8;
684pub const MSV1_0_CLEARTEXT_PASSWORD_ALLOWED: ULONG = 0x02;
685pub const MSV1_0_UPDATE_LOGON_STATISTICS: ULONG = 0x04;
686pub const MSV1_0_RETURN_USER_PARAMETERS: ULONG = 0x08;
687pub const MSV1_0_DONT_TRY_GUEST_ACCOUNT: ULONG = 0x10;
688pub const MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT: ULONG = 0x20;
689pub const MSV1_0_RETURN_PASSWORD_EXPIRY: ULONG = 0x40;
690pub const MSV1_0_USE_CLIENT_CHALLENGE: ULONG = 0x80;
691pub const MSV1_0_TRY_GUEST_ACCOUNT_ONLY: ULONG = 0x100;
692pub const MSV1_0_RETURN_PROFILE_PATH: ULONG = 0x200;
693pub const MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY: ULONG = 0x400;
694pub const MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT: ULONG = 0x800;
695pub const MSV1_0_DISABLE_PERSONAL_FALLBACK: ULONG = 0x00001000;
696pub const MSV1_0_ALLOW_FORCE_GUEST: ULONG = 0x00002000;
697pub const MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED: ULONG = 0x00004000;
698pub const MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY: ULONG = 0x00008000;
699pub const MSV1_0_SUBAUTHENTICATION_DLL_EX: ULONG = 0x00100000;
700pub const MSV1_0_ALLOW_MSVCHAPV2: ULONG = 0x00010000;
701pub const MSV1_0_S4U2SELF: ULONG = 0x00020000;
702pub const MSV1_0_CHECK_LOGONHOURS_FOR_S4U: ULONG = 0x00040000;
703pub const MSV1_0_INTERNET_DOMAIN: ULONG = 0x00080000;
704pub const MSV1_0_SUBAUTHENTICATION_DLL: ULONG = 0xFF000000;
705pub const MSV1_0_SUBAUTHENTICATION_DLL_SHIFT: ULONG = 24;
706pub const MSV1_0_MNS_LOGON: ULONG = 0x01000000;
707pub const MSV1_0_SUBAUTHENTICATION_DLL_RAS: ULONG = 2;
708pub const MSV1_0_SUBAUTHENTICATION_DLL_IIS: ULONG = 132;
709STRUCT!{struct MSV1_0_LM20_LOGON {
710 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
711 LogonDomainName: UNICODE_STRING,
712 UserName: UNICODE_STRING,
713 Workstation: UNICODE_STRING,
714 ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
715 CaseSensitiveChallengeResponse: STRING,
716 CaseInsensitiveChallengeResponse: STRING,
717 ParameterControl: ULONG,
718}}
719pub type PMSV1_0_LM20_LOGON = *mut MSV1_0_LM20_LOGON;
720STRUCT!{struct MSV1_0_SUBAUTH_LOGON {
721 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
722 LogonDomainName: UNICODE_STRING,
723 UserName: UNICODE_STRING,
724 Workstation: UNICODE_STRING,
725 ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
726 AuthenticationInfo1: STRING,
727 AuthenticationInfo2: STRING,
728 ParameterControl: ULONG,
729 SubAuthPackageId: ULONG,
730}}
731pub type PMSV1_0_SUBAUTH_LOGON = *mut MSV1_0_SUBAUTH_LOGON;
732STRUCT!{struct MSV1_0_S4U_LOGON {
733 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
734 MSV1_0_LOGON_SUBMIT_TYPE: ULONG,
735 UserPrincipalName: UNICODE_STRING,
736 DomainName: UNICODE_STRING,
737}}
738pub type PMSV1_0_S4U_LOGON = *mut MSV1_0_S4U_LOGON;
739pub const LOGON_GUEST: ULONG = 0x01;
740pub const LOGON_NOENCRYPTION: ULONG = 0x02;
741pub const LOGON_CACHED_ACCOUNT: ULONG = 0x04;
742pub const LOGON_USED_LM_PASSWORD: ULONG = 0x08;
743pub const LOGON_EXTRA_SIDS: ULONG = 0x20;
744pub const LOGON_SUBAUTH_SESSION_KEY: ULONG = 0x40;
745pub const LOGON_SERVER_TRUST_ACCOUNT: ULONG = 0x80;
746pub const LOGON_NTLMV2_ENABLED: ULONG = 0x100;
747pub const LOGON_RESOURCE_GROUPS: ULONG = 0x200;
748pub const LOGON_PROFILE_PATH_RETURNED: ULONG = 0x400;
749pub const LOGON_NT_V2: ULONG = 0x800;
750pub const LOGON_LM_V2: ULONG = 0x1000;
751pub const LOGON_NTLM_V2: ULONG = 0x2000;
752pub const LOGON_OPTIMIZED: ULONG = 0x4000;
753pub const LOGON_WINLOGON: ULONG = 0x8000;
754pub const LOGON_PKINIT: ULONG = 0x10000;
755pub const LOGON_NO_OPTIMIZED: ULONG = 0x20000;
756pub const LOGON_NO_ELEVATION: ULONG = 0x40000;
757pub const LOGON_MANAGED_SERVICE: ULONG = 0x80000;
758pub const LOGON_GRACE_LOGON: ULONG = 0x01000000;
759STRUCT!{struct MSV1_0_LM20_LOGON_PROFILE {
760 MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
761 KickOffTime: LARGE_INTEGER,
762 LogoffTime: LARGE_INTEGER,
763 UserFlags: ULONG,
764 UserSessionKey: [UCHAR; MSV1_0_USER_SESSION_KEY_LENGTH],
765 LogonDomainName: UNICODE_STRING,
766 LanmanSessionKey: [UCHAR; MSV1_0_LANMAN_SESSION_KEY_LENGTH],
767 LogonServer: UNICODE_STRING,
768 UserParameters: UNICODE_STRING,
769}}
770pub type PMSV1_0_LM20_LOGON_PROFILE = *mut MSV1_0_LM20_LOGON_PROFILE;
771pub const MSV1_0_OWF_PASSWORD_LENGTH: usize = 16;
772STRUCT!{struct MSV1_0_SUPPLEMENTAL_CREDENTIAL {
773 Version: ULONG,
774 Flags: ULONG,
775 LmPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
776 NtPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
777}}
778pub type PMSV1_0_SUPPLEMENTAL_CREDENTIAL = *mut MSV1_0_SUPPLEMENTAL_CREDENTIAL;
779pub const MSV1_0_NTLM3_RESPONSE_LENGTH: usize = 16;
780pub const MSV1_0_NTLM3_OWF_LENGTH: usize = 16;
781STRUCT!{struct MSV1_0_NTLM3_RESPONSE {
782 Response: [UCHAR; MSV1_0_NTLM3_RESPONSE_LENGTH],
783 RespType: UCHAR,
784 HiRespType: UCHAR,
785 Flags: USHORT,
786 MsgWord: ULONG,
787 TimeStamp: ULONGLONG,
788 ChallengeFromClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
789 AvPairsOff: ULONG,
790 Buffer: [UCHAR; 1],
791}}
792pub type PMSV1_0_NTLM3_RESPONSE = *mut MSV1_0_NTLM3_RESPONSE;
793ENUM!{enum MSV1_0_AVID {
794 MsvAvEOL,
795 MsvAvNbComputerName,
796 MsvAvNbDomainName,
797 MsvAvDnsComputerName,
798 MsvAvDnsDomainName,
799 MsvAvDnsTreeName,
800 MsvAvFlags,
801 MsvAvTimestamp,
802 MsvAvRestrictions,
803 MsvAvTargetName,
804 MsvAvChannelBindings,
805}}
806STRUCT!{struct MSV1_0_AV_PAIR {
807 AvId: USHORT,
808 AvLen: USHORT,
809}}
810pub type PMSV1_0_AV_PAIR = *mut MSV1_0_AV_PAIR;
811ENUM!{enum MSV1_0_PROTOCOL_MESSAGE_TYPE {
812 MsV1_0Lm20ChallengeRequest = 0,
813 MsV1_0Lm20GetChallengeResponse,
814 MsV1_0EnumerateUsers,
815 MsV1_0GetUserInfo,
816 MsV1_0ReLogonUsers,
817 MsV1_0ChangePassword,
818 MsV1_0ChangeCachedPassword,
819 MsV1_0GenericPassthrough,
820 MsV1_0CacheLogon,
821 MsV1_0SubAuth,
822 MsV1_0DeriveCredential,
823 MsV1_0CacheLookup,
824 MsV1_0SetProcessOption,
825 MsV1_0ConfigLocalAliases,
826 MsV1_0ClearCachedCredentials,
827 MsV1_0LookupToken,
828 MsV1_0ValidateAuth,
829 MsV1_0CacheLookupEx,
830 MsV1_0GetCredentialKey,
831 MsV1_0SetThreadOption,
832}}
833pub type PMSV1_0_PROTOCOL_MESSAGE_TYPE = *mut MSV1_0_PROTOCOL_MESSAGE_TYPE;
834STRUCT!{struct MSV1_0_CHANGEPASSWORD_REQUEST {
835 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
836 DomainName: UNICODE_STRING,
837 AccountName: UNICODE_STRING,
838 OldPassword: UNICODE_STRING,
839 NewPassword: UNICODE_STRING,
840 Impersonating: BOOLEAN,
841}}
842pub type PMSV1_0_CHANGEPASSWORD_REQUEST = *mut MSV1_0_CHANGEPASSWORD_REQUEST;
843STRUCT!{struct MSV1_0_CHANGEPASSWORD_RESPONSE {
844 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
845 PasswordInfoValid: BOOLEAN,
846 DomainPasswordInfo: DOMAIN_PASSWORD_INFORMATION,
847}}
848pub type PMSV1_0_CHANGEPASSWORD_RESPONSE = *mut MSV1_0_CHANGEPASSWORD_RESPONSE;
849STRUCT!{struct MSV1_0_PASSTHROUGH_REQUEST {
850 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
851 DomainName: UNICODE_STRING,
852 PackageName: UNICODE_STRING,
853 DataLength: ULONG,
854 LogonData: PUCHAR,
855 Pad: ULONG,
856}}
857pub type PMSV1_0_PASSTHROUGH_REQUEST = *mut MSV1_0_PASSTHROUGH_REQUEST;
858STRUCT!{struct MSV1_0_PASSTHROUGH_RESPONSE {
859 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
860 Pad: ULONG,
861 DataLength: ULONG,
862 ValidationData: PUCHAR,
863}}
864pub type PMSV1_0_PASSTHROUGH_RESPONSE = *mut MSV1_0_PASSTHROUGH_RESPONSE;
865STRUCT!{struct MSV1_0_SUBAUTH_REQUEST {
866 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
867 SubAuthPackageId: ULONG,
868 SubAuthInfoLength: ULONG,
869 SubAuthSubmitBuffer: PUCHAR,
870}}
871pub type PMSV1_0_SUBAUTH_REQUEST = *mut MSV1_0_SUBAUTH_REQUEST;
872STRUCT!{struct MSV1_0_SUBAUTH_RESPONSE {
873 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
874 SubAuthInfoLength: ULONG,
875 SubAuthReturnBuffer: PUCHAR,
876}}
877pub type PMSV1_0_SUBAUTH_RESPONSE = *mut MSV1_0_SUBAUTH_RESPONSE;
878pub use self::SystemFunction036 as RtlGenRandom;
879pub use self::SystemFunction040 as RtlEncryptMemory;
880pub use self::SystemFunction041 as RtlDecryptMemory;
881extern "system" {
882 pub fn SystemFunction036(
883 RandomBuffer: PVOID,
884 RandomBufferLength: ULONG,
885 ) -> BOOLEAN;
886}
887pub const RTL_ENCRYPT_MEMORY_SIZE: ULONG = 8;
888pub const RTL_ENCRYPT_OPTION_CROSS_PROCESS: ULONG = 0x01;
889pub const RTL_ENCRYPT_OPTION_SAME_LOGON: ULONG = 0x02;
890extern "system" {
891 pub fn SystemFunction040(
892 Memory: PVOID,
893 MemorySize: ULONG,
894 OptionFlags: ULONG,
895 ) -> NTSTATUS;
896 pub fn SystemFunction041(
897 Memory: PVOID,
898 MemorySize: ULONG,
899 OptionFlags: ULONG,
900 ) -> NTSTATUS;
901}
902pub const KERBEROS_VERSION: ULONG = 5;
903pub const KERBEROS_REVISION: ULONG = 6;
904pub const KERB_ETYPE_NULL: LONG = 0;
905pub const KERB_ETYPE_DES_CBC_CRC: LONG = 1;
906pub const KERB_ETYPE_DES_CBC_MD4: LONG = 2;
907pub const KERB_ETYPE_DES_CBC_MD5: LONG = 3;
908pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96: LONG = 17;
909pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96: LONG = 18;
910pub const KERB_ETYPE_RC4_MD4: LONG = -128;
911pub const KERB_ETYPE_RC4_PLAIN2: LONG = -129;
912pub const KERB_ETYPE_RC4_LM: LONG = -130;
913pub const KERB_ETYPE_RC4_SHA: LONG = -131;
914pub const KERB_ETYPE_DES_PLAIN: LONG = -132;
915pub const KERB_ETYPE_RC4_HMAC_OLD: LONG = -133;
916pub const KERB_ETYPE_RC4_PLAIN_OLD: LONG = -134;
917pub const KERB_ETYPE_RC4_HMAC_OLD_EXP: LONG = -135;
918pub const KERB_ETYPE_RC4_PLAIN_OLD_EXP: LONG = -136;
919pub const KERB_ETYPE_RC4_PLAIN: LONG = -140;
920pub const KERB_ETYPE_RC4_PLAIN_EXP: LONG = -141;
921pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN: LONG = -148;
922pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN: LONG = -149;
923pub const KERB_ETYPE_DSA_SHA1_CMS: LONG = 9;
924pub const KERB_ETYPE_RSA_MD5_CMS: LONG = 10;
925pub const KERB_ETYPE_RSA_SHA1_CMS: LONG = 11;
926pub const KERB_ETYPE_RC2_CBC_ENV: LONG = 12;
927pub const KERB_ETYPE_RSA_ENV: LONG = 13;
928pub const KERB_ETYPE_RSA_ES_OEAP_ENV: LONG = 14;
929pub const KERB_ETYPE_DES_EDE3_CBC_ENV: LONG = 15;
930pub const KERB_ETYPE_DSA_SIGN: LONG = 8;
931pub const KERB_ETYPE_RSA_PRIV: LONG = 9;
932pub const KERB_ETYPE_RSA_PUB: LONG = 10;
933pub const KERB_ETYPE_RSA_PUB_MD5: LONG = 11;
934pub const KERB_ETYPE_RSA_PUB_SHA1: LONG = 12;
935pub const KERB_ETYPE_PKCS7_PUB: LONG = 13;
936pub const KERB_ETYPE_DES3_CBC_MD5: LONG = 5;
937pub const KERB_ETYPE_DES3_CBC_SHA1: LONG = 7;
938pub const KERB_ETYPE_DES3_CBC_SHA1_KD: LONG = 16;
939pub const KERB_ETYPE_DES_CBC_MD5_NT: LONG = 20;
940pub const KERB_ETYPE_RC4_HMAC_NT: LONG = 23;
941pub const KERB_ETYPE_RC4_HMAC_NT_EXP: LONG = 24;
942pub const KERB_CHECKSUM_NONE: LONG = 0;
943pub const KERB_CHECKSUM_CRC32: LONG = 1;
944pub const KERB_CHECKSUM_MD4: LONG = 2;
945pub const KERB_CHECKSUM_KRB_DES_MAC: LONG = 4;
946pub const KERB_CHECKSUM_KRB_DES_MAC_K: LONG = 5;
947pub const KERB_CHECKSUM_MD5: LONG = 7;
948pub const KERB_CHECKSUM_MD5_DES: LONG = 8;
949pub const KERB_CHECKSUM_SHA1_NEW: LONG = 14;
950pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128: LONG = 15;
951pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256: LONG = 16;
952pub const KERB_CHECKSUM_LM: LONG = -130;
953pub const KERB_CHECKSUM_SHA1: LONG = -131;
954pub const KERB_CHECKSUM_REAL_CRC32: LONG = -132;
955pub const KERB_CHECKSUM_DES_MAC: LONG = -133;
956pub const KERB_CHECKSUM_DES_MAC_MD5: LONG = -134;
957pub const KERB_CHECKSUM_MD25: LONG = -135;
958pub const KERB_CHECKSUM_RC4_MD5: LONG = -136;
959pub const KERB_CHECKSUM_MD5_HMAC: LONG = -137;
960pub const KERB_CHECKSUM_HMAC_MD5: LONG = -138;
961pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki: LONG = -150;
962pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki: LONG = -151;
963pub const KERB_TICKET_FLAGS_reserved: ULONG = 0x80000000;
964pub const KERB_TICKET_FLAGS_forwardable: ULONG = 0x40000000;
965pub const KERB_TICKET_FLAGS_forwarded: ULONG = 0x20000000;
966pub const KERB_TICKET_FLAGS_proxiable: ULONG = 0x10000000;
967pub const KERB_TICKET_FLAGS_proxy: ULONG = 0x08000000;
968pub const KERB_TICKET_FLAGS_may_postdate: ULONG = 0x04000000;
969pub const KERB_TICKET_FLAGS_postdated: ULONG = 0x02000000;
970pub const KERB_TICKET_FLAGS_invalid: ULONG = 0x01000000;
971pub const KERB_TICKET_FLAGS_renewable: ULONG = 0x00800000;
972pub const KERB_TICKET_FLAGS_initial: ULONG = 0x00400000;
973pub const KERB_TICKET_FLAGS_pre_authent: ULONG = 0x00200000;
974pub const KERB_TICKET_FLAGS_hw_authent: ULONG = 0x00100000;
975pub const KERB_TICKET_FLAGS_ok_as_delegate: ULONG = 0x00040000;
976pub const KERB_TICKET_FLAGS_name_canonicalize: ULONG = 0x00010000;
977pub const KERB_TICKET_FLAGS_cname_in_pa_data: ULONG = 0x00040000;
978pub const KERB_TICKET_FLAGS_enc_pa_rep: ULONG = 0x00010000;
979pub const KERB_TICKET_FLAGS_reserved1: ULONG = 0x00000001;
980pub const KRB_NT_UNKNOWN: LONG = 0;
981pub const KRB_NT_PRINCIPAL: LONG = 1;
982pub const KRB_NT_PRINCIPAL_AND_ID: LONG = -131;
983pub const KRB_NT_SRV_INST: LONG = 2;
984pub const KRB_NT_SRV_INST_AND_ID: LONG = -132;
985pub const KRB_NT_SRV_HST: LONG = 3;
986pub const KRB_NT_SRV_XHST: LONG = 4;
987pub const KRB_NT_UID: LONG = 5;
988pub const KRB_NT_ENTERPRISE_PRINCIPAL: LONG = 10;
989pub const KRB_NT_WELLKNOWN: LONG = 11;
990pub const KRB_NT_ENT_PRINCIPAL_AND_ID: LONG = -130;
991pub const KRB_NT_MS_PRINCIPAL: LONG = -128;
992pub const KRB_NT_MS_PRINCIPAL_AND_ID: LONG = -129;
993pub const KRB_NT_MS_BRANCH_ID: LONG = -133;
994pub const KRB_NT_X500_PRINCIPAL: LONG = 6;
995pub const KERB_WRAP_NO_ENCRYPT: ULONG = 0x80000001;
996ENUM!{enum KERB_LOGON_SUBMIT_TYPE {
997 KerbInteractiveLogon = 2,
998 KerbSmartCardLogon = 6,
999 KerbWorkstationUnlockLogon = 7,
1000 KerbSmartCardUnlockLogon = 8,
1001 KerbProxyLogon = 9,
1002 KerbTicketLogon = 10,
1003 KerbTicketUnlockLogon = 11,
1004 KerbS4ULogon = 12,
1005 KerbCertificateLogon = 13,
1006 KerbCertificateS4ULogon = 14,
1007 KerbCertificateUnlockLogon = 15,
1008 KerbNoElevationLogon = 83,
1009 KerbLuidLogon = 84,
1010}}
1011pub type PKERB_LOGON_SUBMIT_TYPE = *mut KERB_LOGON_SUBMIT_TYPE;
1012STRUCT!{struct KERB_INTERACTIVE_LOGON {
1013 MessageType: KERB_LOGON_SUBMIT_TYPE,
1014 LogonDomainName: UNICODE_STRING,
1015 UserName: UNICODE_STRING,
1016 Password: UNICODE_STRING,
1017}}
1018pub type PKERB_INTERACTIVE_LOGON = *mut KERB_INTERACTIVE_LOGON;
1019STRUCT!{struct KERB_INTERACTIVE_UNLOCK_LOGON {
1020 Logon: KERB_INTERACTIVE_LOGON,
1021 LogonId: LUID,
1022}}
1023pub type PKERB_INTERACTIVE_UNLOCK_LOGON = *mut KERB_INTERACTIVE_UNLOCK_LOGON;
1024STRUCT!{struct KERB_SMART_CARD_LOGON {
1025 MessageType: KERB_LOGON_SUBMIT_TYPE,
1026 Pin: UNICODE_STRING,
1027 CspDataLength: ULONG,
1028 CspData: PUCHAR,
1029}}
1030pub type PKERB_SMART_CARD_LOGON = *mut KERB_SMART_CARD_LOGON;
1031STRUCT!{struct KERB_SMART_CARD_UNLOCK_LOGON {
1032 Logon: KERB_SMART_CARD_LOGON,
1033 LogonId: LUID,
1034}}
1035pub type PKERB_SMART_CARD_UNLOCK_LOGON = *mut KERB_SMART_CARD_UNLOCK_LOGON;
1036pub const KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1;
1037pub const KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO: ULONG = 0x2;
1038STRUCT!{struct KERB_CERTIFICATE_LOGON {
1039 MessageType: KERB_LOGON_SUBMIT_TYPE,
1040 DomainName: UNICODE_STRING,
1041 UserName: UNICODE_STRING,
1042 Pin: UNICODE_STRING,
1043 Flags: ULONG,
1044 CspDataLength: ULONG,
1045 CspData: PUCHAR,
1046}}
1047pub type PKERB_CERTIFICATE_LOGON = *mut KERB_CERTIFICATE_LOGON;
1048STRUCT!{struct KERB_CERTIFICATE_UNLOCK_LOGON {
1049 Logon: KERB_CERTIFICATE_LOGON,
1050 LogonId: LUID,
1051}}
1052pub type PKERB_CERTIFICATE_UNLOCK_LOGON = *mut KERB_CERTIFICATE_UNLOCK_LOGON;
1053pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1;
1054pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2;
1055pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED: ULONG = 0x4;
1056pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8;
1057STRUCT!{struct KERB_CERTIFICATE_S4U_LOGON {
1058 MessageType: KERB_LOGON_SUBMIT_TYPE,
1059 Flags: ULONG,
1060 UserPrincipalName: UNICODE_STRING,
1061 DomainName: UNICODE_STRING,
1062 CertificateLength: ULONG,
1063 Certificate: PUCHAR,
1064}}
1065pub type PKERB_CERTIFICATE_S4U_LOGON = *mut KERB_CERTIFICATE_S4U_LOGON;
1066STRUCT!{struct KERB_TICKET_LOGON {
1067 MessageType: KERB_LOGON_SUBMIT_TYPE,
1068 Flags: ULONG,
1069 ServiceTicketLength: ULONG,
1070 TicketGrantingTicketLength: ULONG,
1071 ServiceTicket: PUCHAR,
1072 TicketGrantingTicket: PUCHAR,
1073}}
1074pub type PKERB_TICKET_LOGON = *mut KERB_TICKET_LOGON;
1075STRUCT!{struct KERB_TICKET_UNLOCK_LOGON {
1076 Logon: KERB_TICKET_LOGON,
1077 LogonId: LUID,
1078}}
1079pub type PKERB_TICKET_UNLOCK_LOGON = *mut KERB_TICKET_UNLOCK_LOGON;
1080pub const KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2;
1081pub const KERB_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8;
1082STRUCT!{struct KERB_S4U_LOGON {
1083 MessageType: KERB_LOGON_SUBMIT_TYPE,
1084 Flags: ULONG,
1085 ClientUpn: UNICODE_STRING,
1086 ClientRealm: UNICODE_STRING,
1087}}
1088pub type PKERB_S4U_LOGON = *mut KERB_S4U_LOGON;
1089ENUM!{enum KERB_PROFILE_BUFFER_TYPE {
1090 KerbInteractiveProfile = 2,
1091 KerbSmartCardProfile = 4,
1092 KerbTicketProfile = 6,
1093}}
1094pub type PKERB_PROFILE_BUFFER_TYPE = *mut KERB_PROFILE_BUFFER_TYPE;
1095STRUCT!{struct KERB_INTERACTIVE_PROFILE {
1096 MessageType: KERB_PROFILE_BUFFER_TYPE,
1097 LogonCount: USHORT,
1098 BadPasswordCount: USHORT,
1099 LogonTime: LARGE_INTEGER,
1100 LogoffTime: LARGE_INTEGER,
1101 KickOffTime: LARGE_INTEGER,
1102 PasswordLastSet: LARGE_INTEGER,
1103 PasswordCanChange: LARGE_INTEGER,
1104 PasswordMustChange: LARGE_INTEGER,
1105 LogonScript: UNICODE_STRING,
1106 HomeDirectory: UNICODE_STRING,
1107 FullName: UNICODE_STRING,
1108 ProfilePath: UNICODE_STRING,
1109 HomeDirectoryDrive: UNICODE_STRING,
1110 LogonServer: UNICODE_STRING,
1111 UserFlags: ULONG,
1112}}
1113pub type PKERB_INTERACTIVE_PROFILE = *mut KERB_INTERACTIVE_PROFILE;
1114STRUCT!{struct KERB_SMART_CARD_PROFILE {
1115 Profile: KERB_INTERACTIVE_PROFILE,
1116 CertificateSize: ULONG,
1117 CertificateData: PUCHAR,
1118}}
1119pub type PKERB_SMART_CARD_PROFILE = *mut KERB_SMART_CARD_PROFILE;
1120STRUCT!{struct KERB_CRYPTO_KEY {
1121 KeyType: LONG,
1122 Length: ULONG,
1123 Value: PUCHAR,
1124}}
1125pub type PKERB_CRYPTO_KEY = *mut KERB_CRYPTO_KEY;
1126STRUCT!{struct KERB_CRYPTO_KEY32 {
1127 KeyType: LONG,
1128 Length: ULONG,
1129 Offset: ULONG,
1130}}
1131pub type PKERB_CRYPTO_KEY32 = *mut KERB_CRYPTO_KEY32;
1132STRUCT!{struct KERB_TICKET_PROFILE {
1133 Profile: KERB_INTERACTIVE_PROFILE,
1134 SessionKey: KERB_CRYPTO_KEY,
1135}}
1136pub type PKERB_TICKET_PROFILE = *mut KERB_TICKET_PROFILE;
1137ENUM!{enum KERB_PROTOCOL_MESSAGE_TYPE {
1138 KerbDebugRequestMessage = 0,
1139 KerbQueryTicketCacheMessage,
1140 KerbChangeMachinePasswordMessage,
1141 KerbVerifyPacMessage,
1142 KerbRetrieveTicketMessage,
1143 KerbUpdateAddressesMessage,
1144 KerbPurgeTicketCacheMessage,
1145 KerbChangePasswordMessage,
1146 KerbRetrieveEncodedTicketMessage,
1147 KerbDecryptDataMessage,
1148 KerbAddBindingCacheEntryMessage,
1149 KerbSetPasswordMessage,
1150 KerbSetPasswordExMessage,
1151 KerbVerifyCredentialsMessage,
1152 KerbQueryTicketCacheExMessage,
1153 KerbPurgeTicketCacheExMessage,
1154 KerbRefreshSmartcardCredentialsMessage,
1155 KerbAddExtraCredentialsMessage,
1156 KerbQuerySupplementalCredentialsMessage,
1157 KerbTransferCredentialsMessage,
1158 KerbQueryTicketCacheEx2Message,
1159 KerbSubmitTicketMessage,
1160 KerbAddExtraCredentialsExMessage,
1161 KerbQueryKdcProxyCacheMessage,
1162 KerbPurgeKdcProxyCacheMessage,
1163 KerbQueryTicketCacheEx3Message,
1164 KerbCleanupMachinePkinitCredsMessage,
1165 KerbAddBindingCacheEntryExMessage,
1166 KerbQueryBindingCacheMessage,
1167 KerbPurgeBindingCacheMessage,
1168 KerbPinKdcMessage,
1169 KerbUnpinAllKdcsMessage,
1170 KerbQueryDomainExtendedPoliciesMessage,
1171 KerbQueryS4U2ProxyCacheMessage,
1172}}
1173pub type PKERB_PROTOCOL_MESSAGE_TYPE = *mut KERB_PROTOCOL_MESSAGE_TYPE;
1174STRUCT!{struct KERB_QUERY_TKT_CACHE_REQUEST {
1175 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1176 LogonId: LUID,
1177}}
1178pub type PKERB_QUERY_TKT_CACHE_REQUEST = *mut KERB_QUERY_TKT_CACHE_REQUEST;
1179STRUCT!{struct KERB_TICKET_CACHE_INFO {
1180 ServerName: UNICODE_STRING,
1181 RealmName: UNICODE_STRING,
1182 StartTime: LARGE_INTEGER,
1183 EndTime: LARGE_INTEGER,
1184 RenewTime: LARGE_INTEGER,
1185 EncryptionType: LONG,
1186 TicketFlags: ULONG,
1187}}
1188pub type PKERB_TICKET_CACHE_INFO = *mut KERB_TICKET_CACHE_INFO;
1189STRUCT!{struct KERB_TICKET_CACHE_INFO_EX {
1190 ClientName: UNICODE_STRING,
1191 ClientRealm: UNICODE_STRING,
1192 ServerName: UNICODE_STRING,
1193 ServerRealm: UNICODE_STRING,
1194 StartTime: LARGE_INTEGER,
1195 EndTime: LARGE_INTEGER,
1196 RenewTime: LARGE_INTEGER,
1197 EncryptionType: LONG,
1198 TicketFlags: ULONG,
1199}}
1200pub type PKERB_TICKET_CACHE_INFO_EX = *mut KERB_TICKET_CACHE_INFO_EX;
1201STRUCT!{struct KERB_TICKET_CACHE_INFO_EX2 {
1202 ClientName: UNICODE_STRING,
1203 ClientRealm: UNICODE_STRING,
1204 ServerName: UNICODE_STRING,
1205 ServerRealm: UNICODE_STRING,
1206 StartTime: LARGE_INTEGER,
1207 EndTime: LARGE_INTEGER,
1208 RenewTime: LARGE_INTEGER,
1209 EncryptionType: LONG,
1210 TicketFlags: ULONG,
1211 SessionKeyType: ULONG,
1212 BranchId: ULONG,
1213}}
1214pub type PKERB_TICKET_CACHE_INFO_EX2 = *mut KERB_TICKET_CACHE_INFO_EX2;
1215STRUCT!{struct KERB_TICKET_CACHE_INFO_EX3 {
1216 ClientName: UNICODE_STRING,
1217 ClientRealm: UNICODE_STRING,
1218 ServerName: UNICODE_STRING,
1219 ServerRealm: UNICODE_STRING,
1220 StartTime: LARGE_INTEGER,
1221 EndTime: LARGE_INTEGER,
1222 RenewTime: LARGE_INTEGER,
1223 EncryptionType: LONG,
1224 TicketFlags: ULONG,
1225 SessionKeyType: ULONG,
1226 BranchId: ULONG,
1227 CacheFlags: ULONG,
1228 KdcCalled: UNICODE_STRING,
1229}}
1230pub type PKERB_TICKET_CACHE_INFO_EX3 = *mut KERB_TICKET_CACHE_INFO_EX3;
1231STRUCT!{struct KERB_QUERY_TKT_CACHE_RESPONSE {
1232 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1233 CountOfTickets: ULONG,
1234 Tickets: [KERB_TICKET_CACHE_INFO; ANYSIZE_ARRAY],
1235}}
1236pub type PKERB_QUERY_TKT_CACHE_RESPONSE = *mut KERB_QUERY_TKT_CACHE_RESPONSE;
1237STRUCT!{struct KERB_QUERY_TKT_CACHE_EX_RESPONSE {
1238 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1239 CountOfTickets: ULONG,
1240 Tickets: [KERB_TICKET_CACHE_INFO_EX; ANYSIZE_ARRAY],
1241}}
1242pub type PKERB_QUERY_TKT_CACHE_EX_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX_RESPONSE;
1243STRUCT!{struct KERB_QUERY_TKT_CACHE_EX2_RESPONSE {
1244 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1245 CountOfTickets: ULONG,
1246 Tickets: [KERB_TICKET_CACHE_INFO_EX2; ANYSIZE_ARRAY],
1247}}
1248pub type PKERB_QUERY_TKT_CACHE_EX2_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX2_RESPONSE;
1249STRUCT!{struct KERB_QUERY_TKT_CACHE_EX3_RESPONSE {
1250 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1251 CountOfTickets: ULONG,
1252 Tickets: [KERB_TICKET_CACHE_INFO_EX3; ANYSIZE_ARRAY],
1253}}
1254pub type PKERB_QUERY_TKT_CACHE_EX3_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX3_RESPONSE;
1255pub const KERB_USE_DEFAULT_TICKET_FLAGS: ULONG = 0x0;
1256pub const KERB_RETRIEVE_TICKET_DEFAULT: ULONG = 0x0;
1257pub const KERB_RETRIEVE_TICKET_DONT_USE_CACHE: ULONG = 0x1;
1258pub const KERB_RETRIEVE_TICKET_USE_CACHE_ONLY: ULONG = 0x2;
1259pub const KERB_RETRIEVE_TICKET_USE_CREDHANDLE: ULONG = 0x4;
1260pub const KERB_RETRIEVE_TICKET_AS_KERB_CRED: ULONG = 0x8;
1261pub const KERB_RETRIEVE_TICKET_WITH_SEC_CRED: ULONG = 0x10;
1262pub const KERB_RETRIEVE_TICKET_CACHE_TICKET: ULONG = 0x20;
1263pub const KERB_RETRIEVE_TICKET_MAX_LIFETIME: ULONG = 0x40;
1264STRUCT!{struct KERB_AUTH_DATA {
1265 Type: ULONG,
1266 Length: ULONG,
1267 Data: PUCHAR,
1268}}
1269pub type PKERB_AUTH_DATA = *mut KERB_AUTH_DATA;
1270STRUCT!{struct KERB_NET_ADDRESS {
1271 Family: ULONG,
1272 Length: ULONG,
1273 Address: PUCHAR,
1274}}
1275pub type PKERB_NET_ADDRESS = *mut KERB_NET_ADDRESS;
1276STRUCT!{struct KERB_NET_ADDRESSES {
1277 Number: ULONG,
1278 Addresses: [KERB_NET_ADDRESS; ANYSIZE_ARRAY],
1279}}
1280pub type PKERB_NET_ADDRESSES = *mut KERB_NET_ADDRESSES;
1281STRUCT!{struct KERB_EXTERNAL_NAME {
1282 NameType: SHORT,
1283 NameCount: USHORT,
1284 Names: [UNICODE_STRING; ANYSIZE_ARRAY],
1285}}
1286pub type PKERB_EXTERNAL_NAME = *mut KERB_EXTERNAL_NAME;
1287STRUCT!{struct KERB_EXTERNAL_TICKET {
1288 ServiceName: PKERB_EXTERNAL_NAME,
1289 TargetName: PKERB_EXTERNAL_NAME,
1290 ClientName: PKERB_EXTERNAL_NAME,
1291 DomainName: UNICODE_STRING,
1292 TargetDomainName: UNICODE_STRING,
1293 AltTargetDomainName: UNICODE_STRING,
1294 SessionKey: KERB_CRYPTO_KEY,
1295 TicketFlags: ULONG,
1296 Flags: ULONG,
1297 KeyExpirationTime: LARGE_INTEGER,
1298 StartTime: LARGE_INTEGER,
1299 EndTime: LARGE_INTEGER,
1300 RenewUntil: LARGE_INTEGER,
1301 TimeSkew: LARGE_INTEGER,
1302 EncodedTicketSize: ULONG,
1303 EncodedTicket: PUCHAR,
1304}}
1305pub type PKERB_EXTERNAL_TICKET = *mut KERB_EXTERNAL_TICKET;
1306STRUCT!{struct KERB_RETRIEVE_TKT_REQUEST {
1307 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1308 LogonId: LUID,
1309 TargetName: UNICODE_STRING,
1310 TicketFlags: ULONG,
1311 CacheOptions: ULONG,
1312 EncryptionType: LONG,
1313 CredentialsHandle: SecHandle,
1314}}
1315pub type PKERB_RETRIEVE_TKT_REQUEST = *mut KERB_RETRIEVE_TKT_REQUEST;
1316STRUCT!{struct KERB_RETRIEVE_TKT_RESPONSE {
1317 Ticket: KERB_EXTERNAL_TICKET,
1318}}
1319pub type PKERB_RETRIEVE_TKT_RESPONSE = *mut KERB_RETRIEVE_TKT_RESPONSE;
1320STRUCT!{struct KERB_PURGE_TKT_CACHE_REQUEST {
1321 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1322 LogonId: LUID,
1323 ServerName: UNICODE_STRING,
1324 RealmName: UNICODE_STRING,
1325}}
1326pub type PKERB_PURGE_TKT_CACHE_REQUEST = *mut KERB_PURGE_TKT_CACHE_REQUEST;
1327pub const KERB_PURGE_ALL_TICKETS: ULONG = 1;
1328STRUCT!{struct KERB_PURGE_TKT_CACHE_EX_REQUEST {
1329 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1330 LogonId: LUID,
1331 Flags: ULONG,
1332 TicketTemplate: KERB_TICKET_CACHE_INFO_EX,
1333}}
1334pub type PKERB_PURGE_TKT_CACHE_EX_REQUEST = *mut KERB_PURGE_TKT_CACHE_EX_REQUEST;
1335STRUCT!{struct KERB_SUBMIT_TKT_REQUEST {
1336 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1337 LogonId: LUID,
1338 Flags: ULONG,
1339 Key: KERB_CRYPTO_KEY32,
1340 KerbCredSize: ULONG,
1341 KerbCredOffset: ULONG,
1342}}
1343pub type PKERB_SUBMIT_TKT_REQUEST = *mut KERB_SUBMIT_TKT_REQUEST;
1344STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_REQUEST {
1345 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1346 Flags: ULONG,
1347 LogonId: LUID,
1348}}
1349pub type PKERB_QUERY_KDC_PROXY_CACHE_REQUEST = *mut KERB_QUERY_KDC_PROXY_CACHE_REQUEST;
1350STRUCT!{struct KDC_PROXY_CACHE_ENTRY_DATA {
1351 SinceLastUsed: ULONG64,
1352 DomainName: UNICODE_STRING,
1353 ProxyServerName: UNICODE_STRING,
1354 ProxyServerVdir: UNICODE_STRING,
1355 ProxyServerPort: USHORT,
1356 LogonId: LUID,
1357 CredUserName: UNICODE_STRING,
1358 CredDomainName: UNICODE_STRING,
1359 GlobalCache: BOOLEAN,
1360}}
1361pub type PKDC_PROXY_CACHE_ENTRY_DATA = *mut KDC_PROXY_CACHE_ENTRY_DATA;
1362STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_RESPONSE {
1363 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1364 CountOfEntries: ULONG,
1365 Entries: PKDC_PROXY_CACHE_ENTRY_DATA,
1366}}
1367pub type PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE = *mut KERB_QUERY_KDC_PROXY_CACHE_RESPONSE;
1368STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_REQUEST {
1369 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1370 Flags: ULONG,
1371 LogonId: LUID,
1372}}
1373pub type PKERB_PURGE_KDC_PROXY_CACHE_REQUEST = *mut KERB_PURGE_KDC_PROXY_CACHE_REQUEST;
1374STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_RESPONSE {
1375 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1376 CountOfPurged: ULONG,
1377}}
1378pub type PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE = *mut KERB_PURGE_KDC_PROXY_CACHE_RESPONSE;
1379pub const KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE: ULONG = 0x1;
1380STRUCT!{struct KERB_S4U2PROXY_CACHE_ENTRY_INFO {
1381 ServerName: UNICODE_STRING,
1382 Flags: ULONG,
1383 LastStatus: NTSTATUS,
1384 Expiry: LARGE_INTEGER,
1385}}
1386pub type PKERB_S4U2PROXY_CACHE_ENTRY_INFO = *mut KERB_S4U2PROXY_CACHE_ENTRY_INFO;
1387pub const KERB_S4U2PROXY_CRED_FLAG_NEGATIVE: ULONG = 0x1;
1388STRUCT!{struct KERB_S4U2PROXY_CRED {
1389 UserName: UNICODE_STRING,
1390 DomainName: UNICODE_STRING,
1391 Flags: ULONG,
1392 LastStatus: NTSTATUS,
1393 Expiry: LARGE_INTEGER,
1394 CountOfEntries: ULONG,
1395 Entries: PKERB_S4U2PROXY_CACHE_ENTRY_INFO,
1396}}
1397pub type PKERB_S4U2PROXY_CRED = *mut KERB_S4U2PROXY_CRED;
1398STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_REQUEST {
1399 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1400 Flags: ULONG,
1401 LogonId: LUID,
1402}}
1403pub type PKERB_QUERY_S4U2PROXY_CACHE_REQUEST = *mut KERB_QUERY_S4U2PROXY_CACHE_REQUEST;
1404STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_RESPONSE {
1405 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1406 CountOfCreds: ULONG,
1407 Creds: PKERB_S4U2PROXY_CRED,
1408}}
1409pub type PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE = *mut KERB_QUERY_S4U2PROXY_CACHE_RESPONSE;
1410STRUCT!{struct KERB_CHANGEPASSWORD_REQUEST {
1411 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1412 DomainName: UNICODE_STRING,
1413 AccountName: UNICODE_STRING,
1414 OldPassword: UNICODE_STRING,
1415 NewPassword: UNICODE_STRING,
1416 Impersonating: BOOLEAN,
1417}}
1418pub type PKERB_CHANGEPASSWORD_REQUEST = *mut KERB_CHANGEPASSWORD_REQUEST;
1419STRUCT!{struct KERB_SETPASSWORD_REQUEST {
1420 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1421 LogonId: LUID,
1422 CredentialsHandle: SecHandle,
1423 Flags: ULONG,
1424 DomainName: UNICODE_STRING,
1425 AccountName: UNICODE_STRING,
1426 Password: UNICODE_STRING,
1427}}
1428pub type PKERB_SETPASSWORD_REQUEST = *mut KERB_SETPASSWORD_REQUEST;
1429STRUCT!{struct KERB_SETPASSWORD_EX_REQUEST {
1430 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1431 LogonId: LUID,
1432 CredentialsHandle: SecHandle,
1433 Flags: ULONG,
1434 AccountRealm: UNICODE_STRING,
1435 AccountName: UNICODE_STRING,
1436 Password: UNICODE_STRING,
1437 ClientRealm: UNICODE_STRING,
1438 ClientName: UNICODE_STRING,
1439 Impersonating: BOOLEAN,
1440 KdcAddress: UNICODE_STRING,
1441 KdcAddressType: ULONG,
1442}}
1443pub type PKERB_SETPASSWORD_EX_REQUEST = *mut KERB_SETPASSWORD_EX_REQUEST;
1444pub const DS_UNKNOWN_ADDRESS_TYPE: ULONG = 0;
1445pub const KERB_SETPASS_USE_LOGONID: ULONG = 1;
1446pub const KERB_SETPASS_USE_CREDHANDLE: ULONG = 2;
1447STRUCT!{struct KERB_DECRYPT_REQUEST {
1448 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1449 LogonId: LUID,
1450 Flags: ULONG,
1451 CryptoType: LONG,
1452 KeyUsage: LONG,
1453 Key: KERB_CRYPTO_KEY,
1454 EncryptedDataSize: ULONG,
1455 InitialVectorSize: ULONG,
1456 InitialVector: PUCHAR,
1457 EncryptedData: PUCHAR,
1458}}
1459pub type PKERB_DECRYPT_REQUEST = *mut KERB_DECRYPT_REQUEST;
1460pub const KERB_DECRYPT_FLAG_DEFAULT_KEY: ULONG = 0x00000001;
1461STRUCT!{struct KERB_DECRYPT_RESPONSE {
1462 DecryptedData: [UCHAR; ANYSIZE_ARRAY],
1463}}
1464pub type PKERB_DECRYPT_RESPONSE = *mut KERB_DECRYPT_RESPONSE;
1465STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_REQUEST {
1466 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1467 RealmName: UNICODE_STRING,
1468 KdcAddress: UNICODE_STRING,
1469 AddressType: ULONG,
1470}}
1471pub type PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_REQUEST;
1472STRUCT!{struct KERB_REFRESH_SCCRED_REQUEST {
1473 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1474 CredentialBlob: UNICODE_STRING,
1475 LogonId: LUID,
1476 Flags: ULONG,
1477}}
1478pub type PKERB_REFRESH_SCCRED_REQUEST = *mut KERB_REFRESH_SCCRED_REQUEST;
1479pub const KERB_REFRESH_SCCRED_RELEASE: ULONG = 0x0;
1480pub const KERB_REFRESH_SCCRED_GETTGT: ULONG = 0x1;
1481STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST {
1482 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1483 UserName: UNICODE_STRING,
1484 DomainName: UNICODE_STRING,
1485 Password: UNICODE_STRING,
1486 LogonId: LUID,
1487 Flags: ULONG,
1488}}
1489pub type PKERB_ADD_CREDENTIALS_REQUEST = *mut KERB_ADD_CREDENTIALS_REQUEST;
1490pub const KERB_REQUEST_ADD_CREDENTIAL: ULONG = 1;
1491pub const KERB_REQUEST_REPLACE_CREDENTIAL: ULONG = 2;
1492pub const KERB_REQUEST_REMOVE_CREDENTIAL: ULONG = 4;
1493STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST_EX {
1494 Credentials: KERB_ADD_CREDENTIALS_REQUEST,
1495 PrincipalNameCount: ULONG,
1496 PrincipalNames: [UNICODE_STRING; ANYSIZE_ARRAY],
1497}}
1498pub type PKERB_ADD_CREDENTIALS_REQUEST_EX = *mut KERB_ADD_CREDENTIALS_REQUEST_EX;
1499STRUCT!{struct KERB_TRANSFER_CRED_REQUEST {
1500 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1501 OriginLogonId: LUID,
1502 DestinationLogonId: LUID,
1503 Flags: ULONG,
1504}}
1505pub type PKERB_TRANSFER_CRED_REQUEST = *mut KERB_TRANSFER_CRED_REQUEST;
1506pub const KERB_TRANSFER_CRED_WITH_TICKETS: ULONG = 0x1;
1507pub const KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS: ULONG = 0x2;
1508STRUCT!{struct KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST {
1509 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1510 LogonId: LUID,
1511}}
1512pub type PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST =
1513 *mut KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST;
1514STRUCT!{struct KERB_BINDING_CACHE_ENTRY_DATA {
1515 DiscoveryTime: ULONG64,
1516 RealmName: UNICODE_STRING,
1517 KdcAddress: UNICODE_STRING,
1518 AddressType: ULONG,
1519 Flags: ULONG,
1520 DcFlags: ULONG,
1521 CacheFlags: ULONG,
1522 KdcName: UNICODE_STRING,
1523}}
1524pub type PKERB_BINDING_CACHE_ENTRY_DATA = *mut KERB_BINDING_CACHE_ENTRY_DATA;
1525STRUCT!{struct KERB_QUERY_BINDING_CACHE_RESPONSE {
1526 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1527 CountOfEntries: ULONG,
1528 Entries: PKERB_BINDING_CACHE_ENTRY_DATA,
1529}}
1530pub type PKERB_QUERY_BINDING_CACHE_RESPONSE = *mut KERB_QUERY_BINDING_CACHE_RESPONSE;
1531STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST {
1532 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1533 RealmName: UNICODE_STRING,
1534 KdcAddress: UNICODE_STRING,
1535 AddressType: ULONG,
1536 DcFlags: ULONG,
1537}}
1538pub type PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST;
1539STRUCT!{struct KERB_QUERY_BINDING_CACHE_REQUEST {
1540 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1541}}
1542pub type PKERB_QUERY_BINDING_CACHE_REQUEST = *mut KERB_QUERY_BINDING_CACHE_REQUEST;
1543STRUCT!{struct KERB_PURGE_BINDING_CACHE_REQUEST {
1544 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1545}}
1546pub type PKERB_PURGE_BINDING_CACHE_REQUEST = *mut KERB_PURGE_BINDING_CACHE_REQUEST;
1547STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST {
1548 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1549 Flags: ULONG,
1550 DomainName: UNICODE_STRING,
1551}}
1552pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST =
1553 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST;
1554STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE {
1555 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1556 Flags: ULONG,
1557 ExtendedPolicies: ULONG,
1558 DsFlags: ULONG,
1559}}
1560pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE =
1561 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE;
1562ENUM!{enum KERB_CERTIFICATE_INFO_TYPE {
1563 CertHashInfo = 1,
1564}}
1565pub type PKERB_CERTIFICATE_INFO_TYPE = *mut KERB_CERTIFICATE_INFO_TYPE;
1566STRUCT!{struct KERB_CERTIFICATE_HASHINFO {
1567 StoreNameLength: USHORT,
1568 HashLength: USHORT,
1569}}
1570pub type PKERB_CERTIFICATE_HASHINFO = *mut KERB_CERTIFICATE_HASHINFO;
1571STRUCT!{struct KERB_CERTIFICATE_INFO {
1572 CertInfoSize: ULONG,
1573 InfoType: ULONG,
1574}}
1575pub type PKERB_CERTIFICATE_INFO = *mut KERB_CERTIFICATE_INFO;
1576STRUCT!{struct POLICY_AUDIT_SID_ARRAY {
1577 UsersCount: ULONG,
1578 UserSidArray: *mut PSID,
1579}}
1580pub type PPOLICY_AUDIT_SID_ARRAY = *mut POLICY_AUDIT_SID_ARRAY;
1581STRUCT!{struct AUDIT_POLICY_INFORMATION {
1582 AuditSubCategoryGuid: GUID,
1583 AuditingInformation: ULONG,
1584 AuditCategoryGuid: GUID,
1585}}
1586pub type PAUDIT_POLICY_INFORMATION = *mut AUDIT_POLICY_INFORMATION;
1587pub type LPAUDIT_POLICY_INFORMATION = PAUDIT_POLICY_INFORMATION;
1588pub type PCAUDIT_POLICY_INFORMATION = *const AUDIT_POLICY_INFORMATION;
1589pub const AUDIT_SET_SYSTEM_POLICY: ULONG = 0x0001;
1590pub const AUDIT_QUERY_SYSTEM_POLICY: ULONG = 0x0002;
1591pub const AUDIT_SET_USER_POLICY: ULONG = 0x0004;
1592pub const AUDIT_QUERY_USER_POLICY: ULONG = 0x0008;
1593pub const AUDIT_ENUMERATE_USERS: ULONG = 0x0010;
1594pub const AUDIT_SET_MISC_POLICY: ULONG = 0x0020;
1595pub const AUDIT_QUERY_MISC_POLICY: ULONG = 0x0040;
1596pub const AUDIT_GENERIC_ALL: ULONG = STANDARD_RIGHTS_REQUIRED | AUDIT_SET_SYSTEM_POLICY
1597 | AUDIT_QUERY_SYSTEM_POLICY | AUDIT_SET_USER_POLICY | AUDIT_QUERY_USER_POLICY
1598 | AUDIT_ENUMERATE_USERS | AUDIT_SET_MISC_POLICY | AUDIT_QUERY_MISC_POLICY;
1599pub const AUDIT_GENERIC_READ: ULONG = STANDARD_RIGHTS_READ | AUDIT_QUERY_SYSTEM_POLICY
1600 | AUDIT_QUERY_USER_POLICY | AUDIT_ENUMERATE_USERS | AUDIT_QUERY_MISC_POLICY;
1601pub const AUDIT_GENERIC_WRITE: ULONG = STANDARD_RIGHTS_WRITE | AUDIT_SET_USER_POLICY
1602 | AUDIT_SET_MISC_POLICY | AUDIT_SET_SYSTEM_POLICY;
1603pub const AUDIT_GENERIC_EXECUTE: ULONG = STANDARD_RIGHTS_EXECUTE;
1604extern "system" {
8faf50e0
XL		 1605 pub fn AuditSetSystemPolicy(
1606 pAuditPolicy: PCAUDIT_POLICY_INFORMATION,
1607 PolicyCount: ULONG,
1608 ) -> BOOLEAN;
1609 pub fn AuditSetPerUserPolicy(
1610 pSid: *const SID,
1611 pAuditPolicy: PCAUDIT_POLICY_INFORMATION,
1612 PolicyCount: ULONG,
1613 ) -> BOOLEAN;
1614 pub fn AuditQuerySystemPolicy(
1615 pSubCategoryGuids: *const GUID,
1616 PolicyCount: ULONG,
1617 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1618 ) -> BOOLEAN;
1619 pub fn AuditQueryPerUserPolicy(
1620 pSid: *const SID,
1621 pSubCategoryGuids: *const GUID,
1622 PolicyCount: ULONG,
1623 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1624 ) -> BOOLEAN;
1625 pub fn AuditEnumeratePerUserPolicy(
60c5eb7d 1626 ppAuditSidArray: *mut PPOLICY_AUDIT_SID_ARRAY,
8faf50e0
XL		 1627 ) -> BOOLEAN;
1628 pub fn AuditComputeEffectivePolicyBySid(
1629 pSid: *const SID,
1630 pSubCategoryGuids: *const GUID,
1631 dwPolicyCount: ULONG,
1632 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1633 ) -> BOOLEAN;
1634 pub fn AuditComputeEffectivePolicyByToken(
1635 hTokenHandle: HANDLE,
1636 pSubCategoryGuids: *const GUID,
1637 dwPolicyCount: ULONG,
1638 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1639 ) -> BOOLEAN;
1640 pub fn AuditEnumerateCategories(
1641 ppAuditCategoriesArray: *mut *mut GUID,
1642 pdwCountReturned: PULONG,
1643 ) -> BOOLEAN;
1644 pub fn AuditEnumerateSubCategories(
1645 pAuditCategoryGuid: *const GUID,
1646 bRetrieveAllSubCategories: BOOLEAN,
1647 ppAuditSubCategoriesArray: *mut *mut GUID,
1648 pdwCountReturned: PULONG,
1649 ) -> BOOLEAN;
1650 pub fn AuditLookupCategoryNameW(
1651 pAuditCategoryGuid: *const GUID,
1652 ppszCategoryName: *mut PWSTR,
1653 ) -> BOOLEAN;
1654 pub fn AuditLookupCategoryNameA(
1655 pAuditCategoryGuid: *const GUID,
1656 ppszCategoryName: *mut PSTR,
1657 ) -> BOOLEAN;
1658 pub fn AuditLookupSubCategoryNameW(
1659 pAuditSubCategoryGuid: *const GUID,
1660 ppszSubCategoryName: *mut PWSTR,
1661 ) -> BOOLEAN;
1662 pub fn AuditLookupSubCategoryNameA(
1663 pAuditSubCategoryGuid: *const GUID,
1664 ppszSubCategoryName: *mut PSTR,
1665 ) -> BOOLEAN;
1666 pub fn AuditLookupCategoryIdFromCategoryGuid(
1667 pAuditCategoryGuid: *const GUID,
1668 pAuditCategoryId: PPOLICY_AUDIT_EVENT_TYPE,
1669 ) -> BOOLEAN;
1670 pub fn AuditLookupCategoryGuidFromCategoryId(
1671 AuditCategoryId: POLICY_AUDIT_EVENT_TYPE,
1672 pAuditCategoryGuid: *mut GUID,
1673 ) -> BOOLEAN;
1674 pub fn AuditSetSecurity(
1675 SecurityInformation: SECURITY_INFORMATION,
1676 pSecurityDescriptor: PSECURITY_DESCRIPTOR,
1677 ) -> BOOLEAN;
1678 pub fn AuditQuerySecurity(
1679 SecurityInformation: SECURITY_INFORMATION,
1680 ppSecurityDescriptor: *mut PSECURITY_DESCRIPTOR,
1681 ) -> BOOLEAN;
1682 pub fn AuditSetGlobalSaclW(
1683 ObjectTypeName: PCWSTR,
1684 Acl: PACL,
1685 ) -> BOOLEAN;
1686 pub fn AuditSetGlobalSaclA(
1687 ObjectTypeName: PCSTR,
1688 Acl: PACL,
1689 ) -> BOOLEAN;
1690 pub fn AuditQueryGlobalSaclW(
1691 ObjectTypeName: PCWSTR,
1692 Acl: *mut PACL,
1693 ) -> BOOLEAN;
1694 pub fn AuditQueryGlobalSaclA(
1695 ObjectTypeName: PCSTR,
60c5eb7d 1696 Acl: *mut PACL,
8faf50e0 1697 ) -> BOOLEAN;
ff7c6d11
XL		 1698 pub fn AuditFree(
1699 Buffer: PVOID,
1700 );
1701}
1702STRUCT!{struct PKU2U_CERT_BLOB {
1703 CertOffset: ULONG,
1704 CertLength: USHORT,
1705}}
1706pub type PPKU2U_CERT_BLOB = *mut PKU2U_CERT_BLOB;
1707pub const PKU2U_CREDUI_CONTEXT_VERSION: ULONG64 = 0x4154414454524543;
1708STRUCT!{struct PKU2U_CREDUI_CONTEXT {
1709 Version: ULONG64,
1710 cbHeaderLength: USHORT,
1711 cbStructureLength: ULONG,
1712 CertArrayCount: USHORT,
1713 CertArrayOffset: ULONG,
1714}}
1715pub type PPKU2U_CREDUI_CONTEXT = *mut PKU2U_CREDUI_CONTEXT;
1716ENUM!{enum PKU2U_LOGON_SUBMIT_TYPE {
1717 Pku2uCertificateS4ULogon = 14,
1718}}
1719pub type PPKU2U_LOGON_SUBMIT_TYPE = *mut PKU2U_LOGON_SUBMIT_TYPE;
1720STRUCT!{struct PKU2U_CERTIFICATE_S4U_LOGON {
1721 MessageType: PKU2U_LOGON_SUBMIT_TYPE,
1722 Flags: ULONG,
1723 UserPrincipalName: UNICODE_STRING,
1724 DomainName: UNICODE_STRING,
1725 CertificateLength: ULONG,
1726 Certificate: PUCHAR,
1727}}
1728pub type PPKU2U_CERTIFICATE_S4U_LOGON = *mut PKU2U_CERTIFICATE_S4U_LOGON;
backport for Debian buster