]> git.proxmox.com Git - rustc.git/blob - src/vendor/winapi/src/um/ntsecapi.rs
projects / rustc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
New upstream version 1.29.0+dfsg1
[rustc.git] / src / vendor / winapi / src / um / ntsecapi.rs
1 // Copyright © 2015-2017 winapi-rs developers
2 // Licensed under the Apache License, Version 2.0
3 // <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
4 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
5 // All files in the project carrying such notice may not be copied, modified, or distributed
6 // except according to those terms.
7 //! This module defines the Local Security Authority APIs.
8
9 use shared::basetsd::{ULONG64, ULONG_PTR};
10 use shared::guiddef::GUID;
11 use shared::minwindef::{PUCHAR, PULONG, UCHAR, ULONG, USHORT};
12 use shared::ntdef::NTSTATUS;
13 use shared::sspi::SecHandle;
14 use um::lsalookup::{
15 LSA_TRUST_INFORMATION, LSA_UNICODE_STRING, PLSA_TRUST_INFORMATION, PLSA_UNICODE_STRING
16 };
17 use um::subauth::{PUNICODE_STRING, STRING, UNICODE_STRING};
18 use um::winnt::{
19 ACCESS_MASK, ANYSIZE_ARRAY, BOOLEAN, HANDLE, LARGE_INTEGER, LONG, LUID, PACL, PCSTR, PCWSTR,
20 PSECURITY_DESCRIPTOR, PSID, PSTR, PVOID, PWSTR, QUOTA_LIMITS, SECURITY_INFORMATION, SHORT, SID,
21 SID_NAME_USE, STANDARD_RIGHTS_EXECUTE, STANDARD_RIGHTS_READ, STANDARD_RIGHTS_REQUIRED,
22 STANDARD_RIGHTS_WRITE, ULONGLONG
23 };
24
25 DEFINE_GUID!(Audit_System_SecurityStateChange,
26 0x0cce9210, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
27 DEFINE_GUID!(Audit_System_SecuritySubsystemExtension,
28 0x0cce9211, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
29 DEFINE_GUID!(Audit_System_Integrity,
30 0x0cce9212, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
31 DEFINE_GUID!(Audit_System_IPSecDriverEvents,
32 0x0cce9213, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
33 DEFINE_GUID!(Audit_System_Others,
34 0x0cce9214, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
35 DEFINE_GUID!(Audit_Logon_Logon,
36 0x0cce9215, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
37 DEFINE_GUID!(Audit_Logon_Logoff,
38 0x0cce9216, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
39 DEFINE_GUID!(Audit_Logon_AccountLockout,
40 0x0cce9217, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
41 DEFINE_GUID!(Audit_Logon_IPSecMainMode,
42 0x0cce9218, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
43 DEFINE_GUID!(Audit_Logon_IPSecQuickMode,
44 0x0cce9219, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
45 DEFINE_GUID!(Audit_Logon_IPSecUserMode,
46 0x0cce921a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
47 DEFINE_GUID!(Audit_Logon_SpecialLogon,
48 0x0cce921b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
49 DEFINE_GUID!(Audit_Logon_Others,
50 0x0cce921c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
51 DEFINE_GUID!(Audit_ObjectAccess_FileSystem,
52 0x0cce921d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
53 DEFINE_GUID!(Audit_ObjectAccess_Registry,
54 0x0cce921e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
55 DEFINE_GUID!(Audit_ObjectAccess_Kernel,
56 0x0cce921f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
57 DEFINE_GUID!(Audit_ObjectAccess_Sam,
58 0x0cce9220, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
59 DEFINE_GUID!(Audit_ObjectAccess_CertificationServices,
60 0x0cce9221, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
61 DEFINE_GUID!(Audit_ObjectAccess_ApplicationGenerated,
62 0x0cce9222, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
63 DEFINE_GUID!(Audit_ObjectAccess_Handle,
64 0x0cce9223, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
65 DEFINE_GUID!(Audit_ObjectAccess_Share,
66 0x0cce9224, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
67 DEFINE_GUID!(Audit_ObjectAccess_FirewallPacketDrops,
68 0x0cce9225, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
69 DEFINE_GUID!(Audit_ObjectAccess_FirewallConnection,
70 0x0cce9226, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
71 DEFINE_GUID!(Audit_ObjectAccess_Other,
72 0x0cce9227, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
73 DEFINE_GUID!(Audit_PrivilegeUse_Sensitive,
74 0x0cce9228, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
75 DEFINE_GUID!(Audit_PrivilegeUse_NonSensitive,
76 0x0cce9229, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
77 DEFINE_GUID!(Audit_PrivilegeUse_Others,
78 0x0cce922a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
79 DEFINE_GUID!(Audit_DetailedTracking_ProcessCreation,
80 0x0cce922b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
81 DEFINE_GUID!(Audit_DetailedTracking_ProcessTermination,
82 0x0cce922c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
83 DEFINE_GUID!(Audit_DetailedTracking_DpapiActivity,
84 0x0cce922d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
85 DEFINE_GUID!(Audit_DetailedTracking_RpcCall,
86 0x0cce922e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
87 DEFINE_GUID!(Audit_PolicyChange_AuditPolicy,
88 0x0cce922f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
89 DEFINE_GUID!(Audit_PolicyChange_AuthenticationPolicy,
90 0x0cce9230, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
91 DEFINE_GUID!(Audit_PolicyChange_AuthorizationPolicy,
92 0x0cce9231, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
93 DEFINE_GUID!(Audit_PolicyChange_MpsscvRulePolicy,
94 0x0cce9232, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
95 DEFINE_GUID!(Audit_PolicyChange_WfpIPSecPolicy,
96 0x0cce9233, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
97 DEFINE_GUID!(Audit_PolicyChange_Others,
98 0x0cce9234, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
99 DEFINE_GUID!(Audit_AccountManagement_UserAccount,
100 0x0cce9235, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
101 DEFINE_GUID!(Audit_AccountManagement_ComputerAccount,
102 0x0cce9236, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
103 DEFINE_GUID!(Audit_AccountManagement_SecurityGroup,
104 0x0cce9237, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
105 DEFINE_GUID!(Audit_AccountManagement_DistributionGroup,
106 0x0cce9238, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
107 DEFINE_GUID!(Audit_AccountManagement_ApplicationGroup,
108 0x0cce9239, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
109 DEFINE_GUID!(Audit_AccountManagement_Others,
110 0x0cce923a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
111 DEFINE_GUID!(Audit_DSAccess_DSAccess,
112 0x0cce923b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
113 DEFINE_GUID!(Audit_DsAccess_AdAuditChanges,
114 0x0cce923c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
115 DEFINE_GUID!(Audit_Ds_Replication,
116 0x0cce923d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
117 DEFINE_GUID!(Audit_Ds_DetailedReplication,
118 0x0cce923e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
119 DEFINE_GUID!(Audit_AccountLogon_CredentialValidation,
120 0x0cce923f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
121 DEFINE_GUID!(Audit_AccountLogon_Kerberos,
122 0x0cce9240, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
123 DEFINE_GUID!(Audit_AccountLogon_Others,
124 0x0cce9241, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
125 DEFINE_GUID!(Audit_AccountLogon_KerbCredentialValidation,
126 0x0cce9242, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
127 DEFINE_GUID!(Audit_Logon_NPS,
128 0x0cce9243, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
129 DEFINE_GUID!(Audit_ObjectAccess_DetailedFileShare,
130 0x0cce9244, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
131 DEFINE_GUID!(Audit_ObjectAccess_RemovableStorage,
132 0x0cce9245, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
133 DEFINE_GUID!(Audit_ObjectAccess_CbacStaging,
134 0x0cce9246, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
135 DEFINE_GUID!(Audit_Logon_Claims,
136 0x0cce9247, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
137 DEFINE_GUID!(Audit_System,
138 0x69979848, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
139 DEFINE_GUID!(Audit_Logon,
140 0x69979849, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
141 DEFINE_GUID!(Audit_ObjectAccess,
142 0x6997984a, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
143 DEFINE_GUID!(Audit_PrivilegeUse,
144 0x6997984b, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
145 DEFINE_GUID!(Audit_DetailedTracking,
146 0x6997984c, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
147 DEFINE_GUID!(Audit_PolicyChange,
148 0x6997984d, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
149 DEFINE_GUID!(Audit_AccountManagement,
150 0x6997984e, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
151 DEFINE_GUID!(Audit_DirectoryServiceAccess,
152 0x6997984f, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
153 DEFINE_GUID!(Audit_AccountLogon,
154 0x69979850, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30);
155 ENUM!{enum POLICY_AUDIT_EVENT_TYPE {
156 AuditCategorySystem = 0,
157 AuditCategoryLogon,
158 AuditCategoryObjectAccess,
159 AuditCategoryPrivilegeUse,
160 AuditCategoryDetailedTracking,
161 AuditCategoryPolicyChange,
162 AuditCategoryAccountManagement,
163 AuditCategoryDirectoryServiceAccess,
164 AuditCategoryAccountLogon,
165 }}
166 pub type PPOLICY_AUDIT_EVENT_TYPE = *mut POLICY_AUDIT_EVENT_TYPE;
167 pub const POLICY_AUDIT_EVENT_UNCHANGED: POLICY_AUDIT_EVENT_OPTIONS = 0x00000000;
168 pub const POLICY_AUDIT_EVENT_SUCCESS: POLICY_AUDIT_EVENT_OPTIONS = 0x00000001;
169 pub const POLICY_AUDIT_EVENT_FAILURE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000002;
170 pub const POLICY_AUDIT_EVENT_NONE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000004;
171 pub const POLICY_AUDIT_EVENT_MASK: POLICY_AUDIT_EVENT_OPTIONS = POLICY_AUDIT_EVENT_SUCCESS
172 | POLICY_AUDIT_EVENT_FAILURE | POLICY_AUDIT_EVENT_UNCHANGED | POLICY_AUDIT_EVENT_NONE;
173 pub const POLICY_VIEW_LOCAL_INFORMATION: ACCESS_MASK = 0x00000001;
174 pub const POLICY_VIEW_AUDIT_INFORMATION: ACCESS_MASK = 0x00000002;
175 pub const POLICY_GET_PRIVATE_INFORMATION: ACCESS_MASK = 0x00000004;
176 pub const POLICY_TRUST_ADMIN: ACCESS_MASK = 0x00000008;
177 pub const POLICY_CREATE_ACCOUNT: ACCESS_MASK = 0x00000010;
178 pub const POLICY_CREATE_SECRET: ACCESS_MASK = 0x00000020;
179 pub const POLICY_CREATE_PRIVILEGE: ACCESS_MASK = 0x00000040;
180 pub const POLICY_SET_DEFAULT_QUOTA_LIMITS: ACCESS_MASK = 0x00000080;
181 pub const POLICY_SET_AUDIT_REQUIREMENTS: ACCESS_MASK = 0x00000100;
182 pub const POLICY_AUDIT_LOG_ADMIN: ACCESS_MASK = 0x00000200;
183 pub const POLICY_SERVER_ADMIN: ACCESS_MASK = 0x00000400;
184 pub const POLICY_LOOKUP_NAMES: ACCESS_MASK = 0x00000800;
185 pub const POLICY_NOTIFICATION: ACCESS_MASK = 0x00001000;
186 pub const POLICY_ALL_ACCESS: ACCESS_MASK = STANDARD_RIGHTS_REQUIRED
187 | POLICY_VIEW_LOCAL_INFORMATION | POLICY_VIEW_AUDIT_INFORMATION
188 | POLICY_GET_PRIVATE_INFORMATION | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT
189 | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS
190 | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN
191 | POLICY_LOOKUP_NAMES;
192 pub const POLICY_READ: ACCESS_MASK = STANDARD_RIGHTS_READ | POLICY_VIEW_AUDIT_INFORMATION
193 | POLICY_GET_PRIVATE_INFORMATION;
194 pub const POLICY_WRITE: ACCESS_MASK = STANDARD_RIGHTS_WRITE | POLICY_TRUST_ADMIN
195 | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE
196 | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN
197 | POLICY_SERVER_ADMIN;
198 pub const POLICY_EXECUTE: ACCESS_MASK = STANDARD_RIGHTS_EXECUTE
199 | POLICY_VIEW_LOCAL_INFORMATION | POLICY_LOOKUP_NAMES;
200 STRUCT!{struct LSA_TRANSLATED_SID {
201 Use: SID_NAME_USE,
202 RelativeId: ULONG,
203 DomainIndex: LONG,
204 }}
205 pub type PLSA_TRANSLATED_SID = *mut LSA_TRANSLATED_SID;
206 ENUM!{enum POLICY_LSA_SERVER_ROLE {
207 PolicyServerRoleBackup = 2,
208 PolicyServerRolePrimary,
209 }}
210 pub type PPOLICY_LSA_SERVER_ROLE = *mut POLICY_LSA_SERVER_ROLE;
211 pub type POLICY_AUDIT_EVENT_OPTIONS = ULONG;
212 pub type PPOLICY_AUDIT_EVENT_OPTIONS = *mut ULONG;
213 ENUM!{enum POLICY_INFORMATION_CLASS {
214 PolicyAuditLogInformation = 1,
215 PolicyAuditEventsInformation,
216 PolicyPrimaryDomainInformation,
217 PolicyPdAccountInformation,
218 PolicyAccountDomainInformation,
219 PolicyLsaServerRoleInformation,
220 PolicyReplicaSourceInformation,
221 PolicyDefaultQuotaInformation,
222 PolicyModificationInformation,
223 PolicyAuditFullSetInformation,
224 PolicyAuditFullQueryInformation,
225 PolicyDnsDomainInformation,
226 PolicyDnsDomainInformationInt,
227 PolicyLocalAccountDomainInformation,
228 PolicyLastEntry,
229 }}
230 pub type PPOLICY_INFORMATION_CLASS = *mut POLICY_INFORMATION_CLASS;
231 STRUCT!{struct POLICY_AUDIT_LOG_INFO {
232 AuditLogPercentFull: ULONG,
233 MaximumLogSize: ULONG,
234 AuditRetentionPeriod: LARGE_INTEGER,
235 AuditLogFullShutdownInProgress: BOOLEAN,
236 TimeToShutdown: LARGE_INTEGER,
237 NextAuditRecordId: ULONG,
238 }}
239 pub type PPOLICY_AUDIT_LOG_INFO = *mut POLICY_AUDIT_LOG_INFO;
240 STRUCT!{struct POLICY_AUDIT_EVENTS_INFO {
241 AuditingMode: BOOLEAN,
242 EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
243 MaximumAuditEventCount: ULONG,
244 }}
245 pub type PPOLICY_AUDIT_EVENTS_INFO = *mut POLICY_AUDIT_EVENTS_INFO;
246 STRUCT!{struct POLICY_AUDIT_SUBCATEGORIES_INFO {
247 MaximumSubCategoryCount: ULONG,
248 EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
249 }}
250 pub type PPOLICY_AUDIT_SUBCATEGORIES_INFO = *mut POLICY_AUDIT_SUBCATEGORIES_INFO;
251 STRUCT!{struct POLICY_AUDIT_CATEGORIES_INFO {
252 MaximumSubCategoryCount: ULONG,
253 SubCategoriesInfo: PPOLICY_AUDIT_SUBCATEGORIES_INFO,
254 }}
255 pub type PPOLICY_AUDIT_CATEGORIES_INFO = *mut POLICY_AUDIT_CATEGORIES_INFO;
256 pub const PER_USER_POLICY_UNCHANGED: ULONG = 0x00;
257 pub const PER_USER_AUDIT_SUCCESS_INCLUDE: ULONG = 0x01;
258 pub const PER_USER_AUDIT_SUCCESS_EXCLUDE: ULONG = 0x02;
259 pub const PER_USER_AUDIT_FAILURE_INCLUDE: ULONG = 0x04;
260 pub const PER_USER_AUDIT_FAILURE_EXCLUDE: ULONG = 0x08;
261 pub const PER_USER_AUDIT_NONE: ULONG = 0x10;
262 pub const VALID_PER_USER_AUDIT_POLICY_FLAG: ULONG = PER_USER_AUDIT_SUCCESS_INCLUDE
263 | PER_USER_AUDIT_SUCCESS_EXCLUDE | PER_USER_AUDIT_FAILURE_INCLUDE
264 | PER_USER_AUDIT_FAILURE_EXCLUDE | PER_USER_AUDIT_NONE;
265 STRUCT!{struct POLICY_PRIMARY_DOMAIN_INFO {
266 Name: LSA_UNICODE_STRING,
267 Sid: PSID,
268 }}
269 pub type PPOLICY_PRIMARY_DOMAIN_INFO = *mut POLICY_PRIMARY_DOMAIN_INFO;
270 STRUCT!{struct POLICY_PD_ACCOUNT_INFO {
271 Name: LSA_UNICODE_STRING,
272 }}
273 pub type PPOLICY_PD_ACCOUNT_INFO = *mut POLICY_PD_ACCOUNT_INFO;
274 STRUCT!{struct POLICY_LSA_SERVER_ROLE_INFO {
275 LsaServerRole: POLICY_LSA_SERVER_ROLE,
276 }}
277 pub type PPOLICY_LSA_SERVER_ROLE_INFO = *mut POLICY_LSA_SERVER_ROLE_INFO;
278 STRUCT!{struct POLICY_REPLICA_SOURCE_INFO {
279 ReplicaSource: LSA_UNICODE_STRING,
280 ReplicaAccountName: LSA_UNICODE_STRING,
281 }}
282 pub type PPOLICY_REPLICA_SOURCE_INFO = *mut POLICY_REPLICA_SOURCE_INFO;
283 STRUCT!{struct POLICY_DEFAULT_QUOTA_INFO {
284 QuotaLimits: QUOTA_LIMITS,
285 }}
286 pub type PPOLICY_DEFAULT_QUOTA_INFO = *mut POLICY_DEFAULT_QUOTA_INFO;
287 STRUCT!{struct POLICY_MODIFICATION_INFO {
288 ModifiedId: LARGE_INTEGER,
289 DatabaseCreationTime: LARGE_INTEGER,
290 }}
291 pub type PPOLICY_MODIFICATION_INFO = *mut POLICY_MODIFICATION_INFO;
292 STRUCT!{struct POLICY_AUDIT_FULL_SET_INFO {
293 ShutDownOnFull: BOOLEAN,
294 }}
295 pub type PPOLICY_AUDIT_FULL_SET_INFO = *mut POLICY_AUDIT_FULL_SET_INFO;
296 STRUCT!{struct POLICY_AUDIT_FULL_QUERY_INFO {
297 ShutDownOnFull: BOOLEAN,
298 LogIsFull: BOOLEAN,
299 }}
300 pub type PPOLICY_AUDIT_FULL_QUERY_INFO = *mut POLICY_AUDIT_FULL_QUERY_INFO;
301 ENUM!{enum POLICY_DOMAIN_INFORMATION_CLASS {
302 PolicyDomainEfsInformation = 2,
303 PolicyDomainKerberosTicketInformation,
304 }}
305 pub type PPOLICY_DOMAIN_INFORMATION_CLASS = *mut POLICY_DOMAIN_INFORMATION_CLASS;
306 STRUCT!{struct POLICY_DOMAIN_EFS_INFO {
307 InfoLength: ULONG,
308 EfsBlob: PUCHAR,
309 }}
310 pub type PPOLICY_DOMAIN_EFS_INFO = *mut POLICY_DOMAIN_EFS_INFO;
311 STRUCT!{struct POLICY_DOMAIN_KERBEROS_TICKET_INFO {
312 AuthenticationOptions: ULONG,
313 MaxServiceTicketAge: LARGE_INTEGER,
314 MaxTicketAge: LARGE_INTEGER,
315 MaxRenewAge: LARGE_INTEGER,
316 MaxClockSkew: LARGE_INTEGER,
317 Reserved: LARGE_INTEGER,
318 }}
319 pub type PPOLICY_DOMAIN_KERBEROS_TICKET_INFO = *mut POLICY_DOMAIN_KERBEROS_TICKET_INFO;
320 ENUM!{enum POLICY_NOTIFICATION_INFORMATION_CLASS {
321 PolicyNotifyAuditEventsInformation = 1,
322 PolicyNotifyAccountDomainInformation,
323 PolicyNotifyServerRoleInformation,
324 PolicyNotifyDnsDomainInformation,
325 PolicyNotifyDomainEfsInformation,
326 PolicyNotifyDomainKerberosTicketInformation,
327 PolicyNotifyMachineAccountPasswordInformation,
328 PolicyNotifyGlobalSaclInformation,
329 PolicyNotifyMax,
330 }}
331 pub type PPOLICY_NOTIFICATION_INFORMATION_CLASS = *mut POLICY_NOTIFICATION_INFORMATION_CLASS;
332 pub type LSA_HANDLE = PVOID;
333 pub type PLSA_HANDLE = *mut PVOID;
334 ENUM!{enum TRUSTED_INFORMATION_CLASS {
335 TrustedDomainNameInformation = 1,
336 TrustedControllersInformation,
337 TrustedPosixOffsetInformation,
338 TrustedPasswordInformation,
339 TrustedDomainInformationBasic,
340 TrustedDomainInformationEx,
341 TrustedDomainAuthInformation,
342 TrustedDomainFullInformation,
343 TrustedDomainAuthInformationInternal,
344 TrustedDomainFullInformationInternal,
345 TrustedDomainInformationEx2Internal,
346 TrustedDomainFullInformation2Internal,
347 TrustedDomainSupportedEncryptionTypes,
348 }}
349 pub type PTRUSTED_INFORMATION_CLASS = *mut TRUSTED_INFORMATION_CLASS;
350 STRUCT!{struct TRUSTED_DOMAIN_NAME_INFO {
351 Name: LSA_UNICODE_STRING,
352 }}
353 pub type PTRUSTED_DOMAIN_NAME_INFO = *mut TRUSTED_DOMAIN_NAME_INFO;
354 STRUCT!{struct TRUSTED_CONTROLLERS_INFO {
355 Entries: ULONG,
356 Names: PLSA_UNICODE_STRING,
357 }}
358 pub type PTRUSTED_CONTROLLERS_INFO = *mut TRUSTED_CONTROLLERS_INFO;
359 STRUCT!{struct TRUSTED_POSIX_OFFSET_INFO {
360 Offset: ULONG,
361 }}
362 pub type PTRUSTED_POSIX_OFFSET_INFO = *mut TRUSTED_POSIX_OFFSET_INFO;
363 STRUCT!{struct TRUSTED_PASSWORD_INFO {
364 Password: LSA_UNICODE_STRING,
365 OldPassword: LSA_UNICODE_STRING,
366 }}
367 pub type PTRUSTED_PASSWORD_INFO = *mut TRUSTED_PASSWORD_INFO;
368 pub type TRUSTED_DOMAIN_INFORMATION_BASIC = LSA_TRUST_INFORMATION;
369 pub type PTRUSTED_DOMAIN_INFORMATION_BASIC = PLSA_TRUST_INFORMATION;
370 pub const TRUST_DIRECTION_DISABLED: ULONG = 0x00000000;
371 pub const TRUST_DIRECTION_INBOUND: ULONG = 0x00000001;
372 pub const TRUST_DIRECTION_OUTBOUND: ULONG = 0x00000002;
373 pub const TRUST_DIRECTION_BIDIRECTIONAL: ULONG = TRUST_DIRECTION_INBOUND
374 | TRUST_DIRECTION_OUTBOUND;
375 pub const TRUST_TYPE_DOWNLEVEL: ULONG = 0x00000001;
376 pub const TRUST_TYPE_UPLEVEL: ULONG = 0x00000002;
377 pub const TRUST_TYPE_MIT: ULONG = 0x00000003;
378 pub const TRUST_ATTRIBUTE_NON_TRANSITIVE: ULONG = 0x00000001;
379 pub const TRUST_ATTRIBUTE_UPLEVEL_ONLY: ULONG = 0x00000002;
380 pub const TRUST_ATTRIBUTE_QUARANTINED_DOMAIN: ULONG = 0x00000004;
381 pub const TRUST_ATTRIBUTE_FOREST_TRANSITIVE: ULONG = 0x00000008;
382 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION: ULONG = 0x00000010;
383 pub const TRUST_ATTRIBUTE_WITHIN_FOREST: ULONG = 0x00000020;
384 pub const TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL: ULONG = 0x00000040;
385 pub const TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION: ULONG = 0x00000080;
386 pub const TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS: ULONG = 0x00000100;
387 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION: ULONG = 0x00000200;
388 pub const TRUST_ATTRIBUTES_VALID: ULONG = 0xFF03FFFF;
389 pub const TRUST_ATTRIBUTES_USER: ULONG = 0xFF000000;
390 STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX {
391 Name: LSA_UNICODE_STRING,
392 FlatName: LSA_UNICODE_STRING,
393 Sid: PSID,
394 TrustDirection: ULONG,
395 TrustType: ULONG,
396 TrustAttributes: ULONG,
397 }}
398 pub type PTRUSTED_DOMAIN_INFORMATION_EX = *mut TRUSTED_DOMAIN_INFORMATION_EX;
399 STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX2 {
400 Name: LSA_UNICODE_STRING,
401 FlatName: LSA_UNICODE_STRING,
402 Sid: PSID,
403 TrustDirection: ULONG,
404 TrustType: ULONG,
405 TrustAttributes: ULONG,
406 ForestTrustLength: ULONG,
407 ForestTrustInfo: PUCHAR,
408 }}
409 pub type PTRUSTED_DOMAIN_INFORMATION_EX2 = *mut TRUSTED_DOMAIN_INFORMATION_EX2;
410 pub const TRUST_AUTH_TYPE_NONE: ULONG = 0;
411 pub const TRUST_AUTH_TYPE_NT4OWF: ULONG = 1;
412 pub const TRUST_AUTH_TYPE_CLEAR: ULONG = 2;
413 pub const TRUST_AUTH_TYPE_VERSION: ULONG = 3;
414 STRUCT!{struct LSA_AUTH_INFORMATION {
415 LastUpdateTime: LARGE_INTEGER,
416 AuthType: ULONG,
417 AuthInfoLength: ULONG,
418 AuthInfo: PUCHAR,
419 }}
420 pub type PLSA_AUTH_INFORMATION = *mut LSA_AUTH_INFORMATION;
421 STRUCT!{struct TRUSTED_DOMAIN_AUTH_INFORMATION {
422 IncomingAuthInfos: ULONG,
423 IncomingAuthenticationInformation: PLSA_AUTH_INFORMATION,
424 IncomingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
425 OutgoingAuthInfos: ULONG,
426 OutgoingAuthenticationInformation: PLSA_AUTH_INFORMATION,
427 OutgoingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
428 }}
429 pub type PTRUSTED_DOMAIN_AUTH_INFORMATION = *mut TRUSTED_DOMAIN_AUTH_INFORMATION;
430 STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION {
431 Information: TRUSTED_DOMAIN_INFORMATION_EX,
432 PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
433 AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
434 }}
435 pub type PTRUSTED_DOMAIN_FULL_INFORMATION = *mut TRUSTED_DOMAIN_FULL_INFORMATION;
436 STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION2 {
437 Information: TRUSTED_DOMAIN_INFORMATION_EX2,
438 PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
439 AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
440 }}
441 pub type PTRUSTED_DOMAIN_FULL_INFORMATION2 = *mut TRUSTED_DOMAIN_FULL_INFORMATION2;
442 STRUCT!{struct TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES {
443 SupportedEncryptionTypes: ULONG,
444 }}
445 pub type PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES =
446 *mut TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES;
447 ENUM!{enum LSA_FOREST_TRUST_RECORD_TYPE {
448 ForestTrustTopLevelName,
449 ForestTrustTopLevelNameEx,
450 ForestTrustDomainInfo,
451 ForestTrustRecordTypeLast, // = ForestTrustDomainInfo,
452 }}
453 pub const LSA_FTRECORD_DISABLED_REASONS: ULONG = 0x0000FFFF;
454 pub const LSA_TLN_DISABLED_NEW: ULONG = 0x00000001;
455 pub const LSA_TLN_DISABLED_ADMIN: ULONG = 0x00000002;
456 pub const LSA_TLN_DISABLED_CONFLICT: ULONG = 0x00000004;
457 pub const LSA_SID_DISABLED_ADMIN: ULONG = 0x00000001;
458 pub const LSA_SID_DISABLED_CONFLICT: ULONG = 0x00000002;
459 pub const LSA_NB_DISABLED_ADMIN: ULONG = 0x00000004;
460 pub const LSA_NB_DISABLED_CONFLICT: ULONG = 0x00000008;
461 STRUCT!{struct LSA_FOREST_TRUST_DOMAIN_INFO {
462 Sid: PSID,
463 DnsName: LSA_UNICODE_STRING,
464 NetbiosName: LSA_UNICODE_STRING,
465 }}
466 pub type PLSA_FOREST_TRUST_DOMAIN_INFO = *mut LSA_FOREST_TRUST_DOMAIN_INFO;
467 pub const MAX_FOREST_TRUST_BINARY_DATA_SIZE: ULONG = 128 * 1024;
468 STRUCT!{struct LSA_FOREST_TRUST_BINARY_DATA {
469 Length: ULONG,
470 Buffer: PUCHAR,
471 }}
472 pub type PLSA_FOREST_TRUST_BINARY_DATA = *mut LSA_FOREST_TRUST_BINARY_DATA;
473 UNION!{union LSA_FOREST_TRUST_RECORD_ForestTrustData {
474 [usize; 5],
475 TopLevelName TopLevelName_mut: LSA_UNICODE_STRING,
476 DomainInfo DomainInfo_mut: LSA_FOREST_TRUST_DOMAIN_INFO,
477 Data Data_mut: LSA_FOREST_TRUST_BINARY_DATA,
478 }}
479 STRUCT!{struct LSA_FOREST_TRUST_RECORD {
480 Flags: ULONG,
481 ForestTrustType: LSA_FOREST_TRUST_RECORD_TYPE,
482 Time: LARGE_INTEGER,
483 ForestTrustData: LSA_FOREST_TRUST_RECORD_ForestTrustData,
484 }}
485 pub type PLSA_FOREST_TRUST_RECORD = *mut LSA_FOREST_TRUST_RECORD;
486 pub const MAX_RECORDS_IN_FOREST_TRUST_INFO: ULONG = 4000;
487 STRUCT!{struct LSA_FOREST_TRUST_INFORMATION {
488 RecordCount: ULONG,
489 Entries: *mut PLSA_FOREST_TRUST_RECORD,
490 }}
491 pub type PLSA_FOREST_TRUST_INFORMATION = *mut LSA_FOREST_TRUST_INFORMATION;
492 ENUM!{enum LSA_FOREST_TRUST_COLLISION_RECORD_TYPE {
493 CollisionTdo,
494 CollisionXref,
495 CollisionOther,
496 }}
497 STRUCT!{struct LSA_FOREST_TRUST_COLLISION_RECORD {
498 Index: ULONG,
499 Type: LSA_FOREST_TRUST_COLLISION_RECORD_TYPE,
500 Flags: ULONG,
501 Name: LSA_UNICODE_STRING,
502 }}
503 pub type PLSA_FOREST_TRUST_COLLISION_RECORD = *mut LSA_FOREST_TRUST_COLLISION_RECORD;
504 STRUCT!{struct LSA_FOREST_TRUST_COLLISION_INFORMATION {
505 RecordCount: ULONG,
506 Entries: *mut PLSA_FOREST_TRUST_COLLISION_RECORD,
507 }}
508 pub type PLSA_FOREST_TRUST_COLLISION_INFORMATION = *mut LSA_FOREST_TRUST_COLLISION_INFORMATION;
509 pub type LSA_ENUMERATION_HANDLE = ULONG;
510 pub type PLSA_ENUMERATION_HANDLE = *mut ULONG;
511 STRUCT!{struct LSA_ENUMERATION_INFORMATION {
512 Sid: PSID,
513 }}
514 pub type PLSA_ENUMERATION_INFORMATION = *mut LSA_ENUMERATION_INFORMATION;
515 STRUCT!{struct LSA_LAST_INTER_LOGON_INFO {
516 LastSuccessfulLogon: LARGE_INTEGER,
517 LastFailedLogon: LARGE_INTEGER,
518 FailedAttemptCountSinceLastSuccessfulLogon: ULONG,
519 }}
520 pub type PLSA_LAST_INTER_LOGON_INFO = *mut LSA_LAST_INTER_LOGON_INFO;
521 STRUCT!{struct SECURITY_LOGON_SESSION_DATA {
522 Size: ULONG,
523 LogonId: LUID,
524 UserName: LSA_UNICODE_STRING,
525 LogonDomain: LSA_UNICODE_STRING,
526 AuthenticationPackage: LSA_UNICODE_STRING,
527 LogonType: ULONG,
528 Session: ULONG,
529 Sid: PSID,
530 LogonTime: LARGE_INTEGER,
531 LogonServer: LSA_UNICODE_STRING,
532 DnsDomainName: LSA_UNICODE_STRING,
533 Upn: LSA_UNICODE_STRING,
534 UserFlags: ULONG,
535 LastLogonInfo: LSA_LAST_INTER_LOGON_INFO,
536 LogonScript: LSA_UNICODE_STRING,
537 ProfilePath: LSA_UNICODE_STRING,
538 HomeDirectory: LSA_UNICODE_STRING,
539 HomeDirectoryDrive: LSA_UNICODE_STRING,
540 LogoffTime: LARGE_INTEGER,
541 KickOffTime: LARGE_INTEGER,
542 PasswordLastSet: LARGE_INTEGER,
543 PasswordCanChange: LARGE_INTEGER,
544 PasswordMustChange: LARGE_INTEGER,
545 }}
546 pub type PSECURITY_LOGON_SESSION_DATA = *mut SECURITY_LOGON_SESSION_DATA;
547 pub const CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000001;
548 pub const CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000100;
549 pub const CENTRAL_ACCESS_POLICY_STAGED_FLAG: ULONG = 0x00010000;
550 pub const CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK: ULONG =
551 CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
552 | CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG
553 | CENTRAL_ACCESS_POLICY_STAGED_FLAG;
554 pub const LSASETCAPS_RELOAD_FLAG: ULONG = 0x00000001;
555 pub const LSASETCAPS_VALID_FLAG_MASK: ULONG = LSASETCAPS_RELOAD_FLAG;
556 STRUCT!{struct CENTRAL_ACCESS_POLICY_ENTRY {
557 Name: LSA_UNICODE_STRING,
558 Description: LSA_UNICODE_STRING,
559 ChangeId: LSA_UNICODE_STRING,
560 LengthAppliesTo: ULONG,
561 AppliesTo: PUCHAR,
562 LengthSD: ULONG,
563 SD: PSECURITY_DESCRIPTOR,
564 LengthStagedSD: ULONG,
565 StagedSD: PSECURITY_DESCRIPTOR,
566 Flags: ULONG,
567 }}
568 pub type PCENTRAL_ACCESS_POLICY_ENTRY = *mut CENTRAL_ACCESS_POLICY_ENTRY;
569 pub type PCCENTRAL_ACCESS_POLICY_ENTRY = *const CENTRAL_ACCESS_POLICY_ENTRY;
570 STRUCT!{struct CENTRAL_ACCESS_POLICY {
571 CAPID: PSID,
572 Name: LSA_UNICODE_STRING,
573 Description: LSA_UNICODE_STRING,
574 ChangeId: LSA_UNICODE_STRING,
575 Flags: ULONG,
576 CAPECount: ULONG,
577 CAPEs: *mut PCENTRAL_ACCESS_POLICY_ENTRY,
578 }}
579 pub type PCENTRAL_ACCESS_POLICY = *mut CENTRAL_ACCESS_POLICY;
580 pub type PCCENTRAL_ACCESS_POLICY = *const CENTRAL_ACCESS_POLICY;
581 ENUM!{enum NEGOTIATE_MESSAGES {
582 NegEnumPackagePrefixes = 0,
583 NegGetCallerName = 1,
584 NegTransferCredentials = 2,
585 NegCallPackageMax,
586 }}
587 pub const NEGOTIATE_MAX_PREFIX: usize = 32;
588 STRUCT!{struct NEGOTIATE_PACKAGE_PREFIX {
589 PackageId: ULONG_PTR,
590 PackageDataA: PVOID,
591 PackageDataW: PVOID,
592 PrefixLen: ULONG_PTR,
593 Prefix: [UCHAR; NEGOTIATE_MAX_PREFIX],
594 }}
595 pub type PNEGOTIATE_PACKAGE_PREFIX = *mut NEGOTIATE_PACKAGE_PREFIX;
596 STRUCT!{struct NEGOTIATE_PACKAGE_PREFIXES {
597 MessageType: ULONG,
598 PrefixCount: ULONG,
599 Offset: ULONG,
600 Pad: ULONG,
601 }}
602 pub type PNEGOTIATE_PACKAGE_PREFIXES = *mut NEGOTIATE_PACKAGE_PREFIXES;
603 STRUCT!{struct NEGOTIATE_CALLER_NAME_REQUEST {
604 MessageType: ULONG,
605 LogonId: LUID,
606 }}
607 pub type PNEGOTIATE_CALLER_NAME_REQUEST = *mut NEGOTIATE_CALLER_NAME_REQUEST;
608 STRUCT!{struct NEGOTIATE_CALLER_NAME_RESPONSE {
609 MessageType: ULONG,
610 CallerName: PWSTR,
611 }}
612 pub type PNEGOTIATE_CALLER_NAME_RESPONSE = *mut NEGOTIATE_CALLER_NAME_RESPONSE;
613 STRUCT!{struct DOMAIN_PASSWORD_INFORMATION {
614 MinPasswordLength: USHORT,
615 PasswordHistoryLength: USHORT,
616 PasswordProperties: ULONG,
617 MaxPasswordAge: LARGE_INTEGER,
618 MinPasswordAge: LARGE_INTEGER,
619 }}
620 pub type PDOMAIN_PASSWORD_INFORMATION = *mut DOMAIN_PASSWORD_INFORMATION;
621 pub const DOMAIN_PASSWORD_COMPLEX: ULONG = 0x00000001;
622 pub const DOMAIN_PASSWORD_NO_ANON_CHANGE: ULONG = 0x00000002;
623 pub const DOMAIN_PASSWORD_NO_CLEAR_CHANGE: ULONG = 0x00000004;
624 pub const DOMAIN_LOCKOUT_ADMINS: ULONG = 0x00000008;
625 pub const DOMAIN_PASSWORD_STORE_CLEARTEXT: ULONG = 0x00000010;
626 pub const DOMAIN_REFUSE_PASSWORD_CHANGE: ULONG = 0x00000020;
627 pub const DOMAIN_NO_LM_OWF_CHANGE: ULONG = 0x00000040;
628 FN!{stdcall PSAM_PASSWORD_NOTIFICATION_ROUTINE(
629 UserName: PUNICODE_STRING,
630 RelativeId: ULONG,
631 NewPassword: PUNICODE_STRING,
632 ) -> NTSTATUS}
633 FN!{stdcall PSAM_INIT_NOTIFICATION_ROUTINE() -> BOOLEAN}
634 FN!{stdcall PSAM_PASSWORD_FILTER_ROUTINE(
635 AccountName: PUNICODE_STRING,
636 FullName: PUNICODE_STRING,
637 Password: PUNICODE_STRING,
638 SetOperation: BOOLEAN,
639 ) -> BOOLEAN}
640 ENUM!{enum MSV1_0_LOGON_SUBMIT_TYPE {
641 MsV1_0InteractiveLogon = 2,
642 MsV1_0Lm20Logon,
643 MsV1_0NetworkLogon,
644 MsV1_0SubAuthLogon,
645 MsV1_0WorkstationUnlockLogon = 7,
646 MsV1_0S4ULogon = 12,
647 MsV1_0VirtualLogon = 82,
648 MsV1_0NoElevationLogon = 83,
649 MsV1_0LuidLogon = 84,
650 }}
651 pub type PMSV1_0_LOGON_SUBMIT_TYPE = *mut MSV1_0_LOGON_SUBMIT_TYPE;
652 ENUM!{enum MSV1_0_PROFILE_BUFFER_TYPE {
653 MsV1_0InteractiveProfile = 2,
654 MsV1_0Lm20LogonProfile,
655 MsV1_0SmartCardProfile,
656 }}
657 pub type PMSV1_0_PROFILE_BUFFER_TYPE = *mut MSV1_0_PROFILE_BUFFER_TYPE;
658 STRUCT!{struct MSV1_0_INTERACTIVE_LOGON {
659 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
660 LogonDomainName: UNICODE_STRING,
661 UserName: UNICODE_STRING,
662 Password: UNICODE_STRING,
663 }}
664 pub type PMSV1_0_INTERACTIVE_LOGON = *mut MSV1_0_INTERACTIVE_LOGON;
665 STRUCT!{struct MSV1_0_INTERACTIVE_PROFILE {
666 MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
667 LogonCount: USHORT,
668 BadPasswordCount: USHORT,
669 LogonTime: LARGE_INTEGER,
670 LogoffTime: LARGE_INTEGER,
671 KickOffTime: LARGE_INTEGER,
672 PasswordLastSet: LARGE_INTEGER,
673 PasswordCanChange: LARGE_INTEGER,
674 PasswordMustChange: LARGE_INTEGER,
675 LogonScript: UNICODE_STRING,
676 HomeDirectory: UNICODE_STRING,
677 FullName: UNICODE_STRING,
678 ProfilePath: UNICODE_STRING,
679 HomeDirectoryDrive: UNICODE_STRING,
680 LogonServer: UNICODE_STRING,
681 UserFlags: ULONG,
682 }}
683 pub type PMSV1_0_INTERACTIVE_PROFILE = *mut MSV1_0_INTERACTIVE_PROFILE;
684 pub const MSV1_0_CHALLENGE_LENGTH: usize = 8;
685 pub const MSV1_0_USER_SESSION_KEY_LENGTH: usize = 16;
686 pub const MSV1_0_LANMAN_SESSION_KEY_LENGTH: usize = 8;
687 pub const MSV1_0_CLEARTEXT_PASSWORD_ALLOWED: ULONG = 0x02;
688 pub const MSV1_0_UPDATE_LOGON_STATISTICS: ULONG = 0x04;
689 pub const MSV1_0_RETURN_USER_PARAMETERS: ULONG = 0x08;
690 pub const MSV1_0_DONT_TRY_GUEST_ACCOUNT: ULONG = 0x10;
691 pub const MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT: ULONG = 0x20;
692 pub const MSV1_0_RETURN_PASSWORD_EXPIRY: ULONG = 0x40;
693 pub const MSV1_0_USE_CLIENT_CHALLENGE: ULONG = 0x80;
694 pub const MSV1_0_TRY_GUEST_ACCOUNT_ONLY: ULONG = 0x100;
695 pub const MSV1_0_RETURN_PROFILE_PATH: ULONG = 0x200;
696 pub const MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY: ULONG = 0x400;
697 pub const MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT: ULONG = 0x800;
698 pub const MSV1_0_DISABLE_PERSONAL_FALLBACK: ULONG = 0x00001000;
699 pub const MSV1_0_ALLOW_FORCE_GUEST: ULONG = 0x00002000;
700 pub const MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED: ULONG = 0x00004000;
701 pub const MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY: ULONG = 0x00008000;
702 pub const MSV1_0_SUBAUTHENTICATION_DLL_EX: ULONG = 0x00100000;
703 pub const MSV1_0_ALLOW_MSVCHAPV2: ULONG = 0x00010000;
704 pub const MSV1_0_S4U2SELF: ULONG = 0x00020000;
705 pub const MSV1_0_CHECK_LOGONHOURS_FOR_S4U: ULONG = 0x00040000;
706 pub const MSV1_0_INTERNET_DOMAIN: ULONG = 0x00080000;
707 pub const MSV1_0_SUBAUTHENTICATION_DLL: ULONG = 0xFF000000;
708 pub const MSV1_0_SUBAUTHENTICATION_DLL_SHIFT: ULONG = 24;
709 pub const MSV1_0_MNS_LOGON: ULONG = 0x01000000;
710 pub const MSV1_0_SUBAUTHENTICATION_DLL_RAS: ULONG = 2;
711 pub const MSV1_0_SUBAUTHENTICATION_DLL_IIS: ULONG = 132;
712 STRUCT!{struct MSV1_0_LM20_LOGON {
713 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
714 LogonDomainName: UNICODE_STRING,
715 UserName: UNICODE_STRING,
716 Workstation: UNICODE_STRING,
717 ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
718 CaseSensitiveChallengeResponse: STRING,
719 CaseInsensitiveChallengeResponse: STRING,
720 ParameterControl: ULONG,
721 }}
722 pub type PMSV1_0_LM20_LOGON = *mut MSV1_0_LM20_LOGON;
723 STRUCT!{struct MSV1_0_SUBAUTH_LOGON {
724 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
725 LogonDomainName: UNICODE_STRING,
726 UserName: UNICODE_STRING,
727 Workstation: UNICODE_STRING,
728 ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
729 AuthenticationInfo1: STRING,
730 AuthenticationInfo2: STRING,
731 ParameterControl: ULONG,
732 SubAuthPackageId: ULONG,
733 }}
734 pub type PMSV1_0_SUBAUTH_LOGON = *mut MSV1_0_SUBAUTH_LOGON;
735 STRUCT!{struct MSV1_0_S4U_LOGON {
736 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
737 MSV1_0_LOGON_SUBMIT_TYPE: ULONG,
738 UserPrincipalName: UNICODE_STRING,
739 DomainName: UNICODE_STRING,
740 }}
741 pub type PMSV1_0_S4U_LOGON = *mut MSV1_0_S4U_LOGON;
742 pub const LOGON_GUEST: ULONG = 0x01;
743 pub const LOGON_NOENCRYPTION: ULONG = 0x02;
744 pub const LOGON_CACHED_ACCOUNT: ULONG = 0x04;
745 pub const LOGON_USED_LM_PASSWORD: ULONG = 0x08;
746 pub const LOGON_EXTRA_SIDS: ULONG = 0x20;
747 pub const LOGON_SUBAUTH_SESSION_KEY: ULONG = 0x40;
748 pub const LOGON_SERVER_TRUST_ACCOUNT: ULONG = 0x80;
749 pub const LOGON_NTLMV2_ENABLED: ULONG = 0x100;
750 pub const LOGON_RESOURCE_GROUPS: ULONG = 0x200;
751 pub const LOGON_PROFILE_PATH_RETURNED: ULONG = 0x400;
752 pub const LOGON_NT_V2: ULONG = 0x800;
753 pub const LOGON_LM_V2: ULONG = 0x1000;
754 pub const LOGON_NTLM_V2: ULONG = 0x2000;
755 pub const LOGON_OPTIMIZED: ULONG = 0x4000;
756 pub const LOGON_WINLOGON: ULONG = 0x8000;
757 pub const LOGON_PKINIT: ULONG = 0x10000;
758 pub const LOGON_NO_OPTIMIZED: ULONG = 0x20000;
759 pub const LOGON_NO_ELEVATION: ULONG = 0x40000;
760 pub const LOGON_MANAGED_SERVICE: ULONG = 0x80000;
761 pub const LOGON_GRACE_LOGON: ULONG = 0x01000000;
762 STRUCT!{struct MSV1_0_LM20_LOGON_PROFILE {
763 MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
764 KickOffTime: LARGE_INTEGER,
765 LogoffTime: LARGE_INTEGER,
766 UserFlags: ULONG,
767 UserSessionKey: [UCHAR; MSV1_0_USER_SESSION_KEY_LENGTH],
768 LogonDomainName: UNICODE_STRING,
769 LanmanSessionKey: [UCHAR; MSV1_0_LANMAN_SESSION_KEY_LENGTH],
770 LogonServer: UNICODE_STRING,
771 UserParameters: UNICODE_STRING,
772 }}
773 pub type PMSV1_0_LM20_LOGON_PROFILE = *mut MSV1_0_LM20_LOGON_PROFILE;
774 pub const MSV1_0_OWF_PASSWORD_LENGTH: usize = 16;
775 STRUCT!{struct MSV1_0_SUPPLEMENTAL_CREDENTIAL {
776 Version: ULONG,
777 Flags: ULONG,
778 LmPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
779 NtPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
780 }}
781 pub type PMSV1_0_SUPPLEMENTAL_CREDENTIAL = *mut MSV1_0_SUPPLEMENTAL_CREDENTIAL;
782 pub const MSV1_0_NTLM3_RESPONSE_LENGTH: usize = 16;
783 pub const MSV1_0_NTLM3_OWF_LENGTH: usize = 16;
784 STRUCT!{struct MSV1_0_NTLM3_RESPONSE {
785 Response: [UCHAR; MSV1_0_NTLM3_RESPONSE_LENGTH],
786 RespType: UCHAR,
787 HiRespType: UCHAR,
788 Flags: USHORT,
789 MsgWord: ULONG,
790 TimeStamp: ULONGLONG,
791 ChallengeFromClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
792 AvPairsOff: ULONG,
793 Buffer: [UCHAR; 1],
794 }}
795 pub type PMSV1_0_NTLM3_RESPONSE = *mut MSV1_0_NTLM3_RESPONSE;
796 ENUM!{enum MSV1_0_AVID {
797 MsvAvEOL,
798 MsvAvNbComputerName,
799 MsvAvNbDomainName,
800 MsvAvDnsComputerName,
801 MsvAvDnsDomainName,
802 MsvAvDnsTreeName,
803 MsvAvFlags,
804 MsvAvTimestamp,
805 MsvAvRestrictions,
806 MsvAvTargetName,
807 MsvAvChannelBindings,
808 }}
809 STRUCT!{struct MSV1_0_AV_PAIR {
810 AvId: USHORT,
811 AvLen: USHORT,
812 }}
813 pub type PMSV1_0_AV_PAIR = *mut MSV1_0_AV_PAIR;
814 ENUM!{enum MSV1_0_PROTOCOL_MESSAGE_TYPE {
815 MsV1_0Lm20ChallengeRequest = 0,
816 MsV1_0Lm20GetChallengeResponse,
817 MsV1_0EnumerateUsers,
818 MsV1_0GetUserInfo,
819 MsV1_0ReLogonUsers,
820 MsV1_0ChangePassword,
821 MsV1_0ChangeCachedPassword,
822 MsV1_0GenericPassthrough,
823 MsV1_0CacheLogon,
824 MsV1_0SubAuth,
825 MsV1_0DeriveCredential,
826 MsV1_0CacheLookup,
827 MsV1_0SetProcessOption,
828 MsV1_0ConfigLocalAliases,
829 MsV1_0ClearCachedCredentials,
830 MsV1_0LookupToken,
831 MsV1_0ValidateAuth,
832 MsV1_0CacheLookupEx,
833 MsV1_0GetCredentialKey,
834 MsV1_0SetThreadOption,
835 }}
836 pub type PMSV1_0_PROTOCOL_MESSAGE_TYPE = *mut MSV1_0_PROTOCOL_MESSAGE_TYPE;
837 STRUCT!{struct MSV1_0_CHANGEPASSWORD_REQUEST {
838 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
839 DomainName: UNICODE_STRING,
840 AccountName: UNICODE_STRING,
841 OldPassword: UNICODE_STRING,
842 NewPassword: UNICODE_STRING,
843 Impersonating: BOOLEAN,
844 }}
845 pub type PMSV1_0_CHANGEPASSWORD_REQUEST = *mut MSV1_0_CHANGEPASSWORD_REQUEST;
846 STRUCT!{struct MSV1_0_CHANGEPASSWORD_RESPONSE {
847 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
848 PasswordInfoValid: BOOLEAN,
849 DomainPasswordInfo: DOMAIN_PASSWORD_INFORMATION,
850 }}
851 pub type PMSV1_0_CHANGEPASSWORD_RESPONSE = *mut MSV1_0_CHANGEPASSWORD_RESPONSE;
852 STRUCT!{struct MSV1_0_PASSTHROUGH_REQUEST {
853 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
854 DomainName: UNICODE_STRING,
855 PackageName: UNICODE_STRING,
856 DataLength: ULONG,
857 LogonData: PUCHAR,
858 Pad: ULONG,
859 }}
860 pub type PMSV1_0_PASSTHROUGH_REQUEST = *mut MSV1_0_PASSTHROUGH_REQUEST;
861 STRUCT!{struct MSV1_0_PASSTHROUGH_RESPONSE {
862 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
863 Pad: ULONG,
864 DataLength: ULONG,
865 ValidationData: PUCHAR,
866 }}
867 pub type PMSV1_0_PASSTHROUGH_RESPONSE = *mut MSV1_0_PASSTHROUGH_RESPONSE;
868 STRUCT!{struct MSV1_0_SUBAUTH_REQUEST {
869 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
870 SubAuthPackageId: ULONG,
871 SubAuthInfoLength: ULONG,
872 SubAuthSubmitBuffer: PUCHAR,
873 }}
874 pub type PMSV1_0_SUBAUTH_REQUEST = *mut MSV1_0_SUBAUTH_REQUEST;
875 STRUCT!{struct MSV1_0_SUBAUTH_RESPONSE {
876 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
877 SubAuthInfoLength: ULONG,
878 SubAuthReturnBuffer: PUCHAR,
879 }}
880 pub type PMSV1_0_SUBAUTH_RESPONSE = *mut MSV1_0_SUBAUTH_RESPONSE;
881 pub use self::SystemFunction036 as RtlGenRandom;
882 pub use self::SystemFunction040 as RtlEncryptMemory;
883 pub use self::SystemFunction041 as RtlDecryptMemory;
884 extern "system" {
885 pub fn SystemFunction036(
886 RandomBuffer: PVOID,
887 RandomBufferLength: ULONG,
888 ) -> BOOLEAN;
889 }
890 pub const RTL_ENCRYPT_MEMORY_SIZE: ULONG = 8;
891 pub const RTL_ENCRYPT_OPTION_CROSS_PROCESS: ULONG = 0x01;
892 pub const RTL_ENCRYPT_OPTION_SAME_LOGON: ULONG = 0x02;
893 extern "system" {
894 pub fn SystemFunction040(
895 Memory: PVOID,
896 MemorySize: ULONG,
897 OptionFlags: ULONG,
898 ) -> NTSTATUS;
899 pub fn SystemFunction041(
900 Memory: PVOID,
901 MemorySize: ULONG,
902 OptionFlags: ULONG,
903 ) -> NTSTATUS;
904 }
905 pub const KERBEROS_VERSION: ULONG = 5;
906 pub const KERBEROS_REVISION: ULONG = 6;
907 pub const KERB_ETYPE_NULL: LONG = 0;
908 pub const KERB_ETYPE_DES_CBC_CRC: LONG = 1;
909 pub const KERB_ETYPE_DES_CBC_MD4: LONG = 2;
910 pub const KERB_ETYPE_DES_CBC_MD5: LONG = 3;
911 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96: LONG = 17;
912 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96: LONG = 18;
913 pub const KERB_ETYPE_RC4_MD4: LONG = -128;
914 pub const KERB_ETYPE_RC4_PLAIN2: LONG = -129;
915 pub const KERB_ETYPE_RC4_LM: LONG = -130;
916 pub const KERB_ETYPE_RC4_SHA: LONG = -131;
917 pub const KERB_ETYPE_DES_PLAIN: LONG = -132;
918 pub const KERB_ETYPE_RC4_HMAC_OLD: LONG = -133;
919 pub const KERB_ETYPE_RC4_PLAIN_OLD: LONG = -134;
920 pub const KERB_ETYPE_RC4_HMAC_OLD_EXP: LONG = -135;
921 pub const KERB_ETYPE_RC4_PLAIN_OLD_EXP: LONG = -136;
922 pub const KERB_ETYPE_RC4_PLAIN: LONG = -140;
923 pub const KERB_ETYPE_RC4_PLAIN_EXP: LONG = -141;
924 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN: LONG = -148;
925 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN: LONG = -149;
926 pub const KERB_ETYPE_DSA_SHA1_CMS: LONG = 9;
927 pub const KERB_ETYPE_RSA_MD5_CMS: LONG = 10;
928 pub const KERB_ETYPE_RSA_SHA1_CMS: LONG = 11;
929 pub const KERB_ETYPE_RC2_CBC_ENV: LONG = 12;
930 pub const KERB_ETYPE_RSA_ENV: LONG = 13;
931 pub const KERB_ETYPE_RSA_ES_OEAP_ENV: LONG = 14;
932 pub const KERB_ETYPE_DES_EDE3_CBC_ENV: LONG = 15;
933 pub const KERB_ETYPE_DSA_SIGN: LONG = 8;
934 pub const KERB_ETYPE_RSA_PRIV: LONG = 9;
935 pub const KERB_ETYPE_RSA_PUB: LONG = 10;
936 pub const KERB_ETYPE_RSA_PUB_MD5: LONG = 11;
937 pub const KERB_ETYPE_RSA_PUB_SHA1: LONG = 12;
938 pub const KERB_ETYPE_PKCS7_PUB: LONG = 13;
939 pub const KERB_ETYPE_DES3_CBC_MD5: LONG = 5;
940 pub const KERB_ETYPE_DES3_CBC_SHA1: LONG = 7;
941 pub const KERB_ETYPE_DES3_CBC_SHA1_KD: LONG = 16;
942 pub const KERB_ETYPE_DES_CBC_MD5_NT: LONG = 20;
943 pub const KERB_ETYPE_RC4_HMAC_NT: LONG = 23;
944 pub const KERB_ETYPE_RC4_HMAC_NT_EXP: LONG = 24;
945 pub const KERB_CHECKSUM_NONE: LONG = 0;
946 pub const KERB_CHECKSUM_CRC32: LONG = 1;
947 pub const KERB_CHECKSUM_MD4: LONG = 2;
948 pub const KERB_CHECKSUM_KRB_DES_MAC: LONG = 4;
949 pub const KERB_CHECKSUM_KRB_DES_MAC_K: LONG = 5;
950 pub const KERB_CHECKSUM_MD5: LONG = 7;
951 pub const KERB_CHECKSUM_MD5_DES: LONG = 8;
952 pub const KERB_CHECKSUM_SHA1_NEW: LONG = 14;
953 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128: LONG = 15;
954 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256: LONG = 16;
955 pub const KERB_CHECKSUM_LM: LONG = -130;
956 pub const KERB_CHECKSUM_SHA1: LONG = -131;
957 pub const KERB_CHECKSUM_REAL_CRC32: LONG = -132;
958 pub const KERB_CHECKSUM_DES_MAC: LONG = -133;
959 pub const KERB_CHECKSUM_DES_MAC_MD5: LONG = -134;
960 pub const KERB_CHECKSUM_MD25: LONG = -135;
961 pub const KERB_CHECKSUM_RC4_MD5: LONG = -136;
962 pub const KERB_CHECKSUM_MD5_HMAC: LONG = -137;
963 pub const KERB_CHECKSUM_HMAC_MD5: LONG = -138;
964 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki: LONG = -150;
965 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki: LONG = -151;
966 pub const KERB_TICKET_FLAGS_reserved: ULONG = 0x80000000;
967 pub const KERB_TICKET_FLAGS_forwardable: ULONG = 0x40000000;
968 pub const KERB_TICKET_FLAGS_forwarded: ULONG = 0x20000000;
969 pub const KERB_TICKET_FLAGS_proxiable: ULONG = 0x10000000;
970 pub const KERB_TICKET_FLAGS_proxy: ULONG = 0x08000000;
971 pub const KERB_TICKET_FLAGS_may_postdate: ULONG = 0x04000000;
972 pub const KERB_TICKET_FLAGS_postdated: ULONG = 0x02000000;
973 pub const KERB_TICKET_FLAGS_invalid: ULONG = 0x01000000;
974 pub const KERB_TICKET_FLAGS_renewable: ULONG = 0x00800000;
975 pub const KERB_TICKET_FLAGS_initial: ULONG = 0x00400000;
976 pub const KERB_TICKET_FLAGS_pre_authent: ULONG = 0x00200000;
977 pub const KERB_TICKET_FLAGS_hw_authent: ULONG = 0x00100000;
978 pub const KERB_TICKET_FLAGS_ok_as_delegate: ULONG = 0x00040000;
979 pub const KERB_TICKET_FLAGS_name_canonicalize: ULONG = 0x00010000;
980 pub const KERB_TICKET_FLAGS_cname_in_pa_data: ULONG = 0x00040000;
981 pub const KERB_TICKET_FLAGS_enc_pa_rep: ULONG = 0x00010000;
982 pub const KERB_TICKET_FLAGS_reserved1: ULONG = 0x00000001;
983 pub const KRB_NT_UNKNOWN: LONG = 0;
984 pub const KRB_NT_PRINCIPAL: LONG = 1;
985 pub const KRB_NT_PRINCIPAL_AND_ID: LONG = -131;
986 pub const KRB_NT_SRV_INST: LONG = 2;
987 pub const KRB_NT_SRV_INST_AND_ID: LONG = -132;
988 pub const KRB_NT_SRV_HST: LONG = 3;
989 pub const KRB_NT_SRV_XHST: LONG = 4;
990 pub const KRB_NT_UID: LONG = 5;
991 pub const KRB_NT_ENTERPRISE_PRINCIPAL: LONG = 10;
992 pub const KRB_NT_WELLKNOWN: LONG = 11;
993 pub const KRB_NT_ENT_PRINCIPAL_AND_ID: LONG = -130;
994 pub const KRB_NT_MS_PRINCIPAL: LONG = -128;
995 pub const KRB_NT_MS_PRINCIPAL_AND_ID: LONG = -129;
996 pub const KRB_NT_MS_BRANCH_ID: LONG = -133;
997 pub const KRB_NT_X500_PRINCIPAL: LONG = 6;
998 pub const KERB_WRAP_NO_ENCRYPT: ULONG = 0x80000001;
999 ENUM!{enum KERB_LOGON_SUBMIT_TYPE {
1000 KerbInteractiveLogon = 2,
1001 KerbSmartCardLogon = 6,
1002 KerbWorkstationUnlockLogon = 7,
1003 KerbSmartCardUnlockLogon = 8,
1004 KerbProxyLogon = 9,
1005 KerbTicketLogon = 10,
1006 KerbTicketUnlockLogon = 11,
1007 KerbS4ULogon = 12,
1008 KerbCertificateLogon = 13,
1009 KerbCertificateS4ULogon = 14,
1010 KerbCertificateUnlockLogon = 15,
1011 KerbNoElevationLogon = 83,
1012 KerbLuidLogon = 84,
1013 }}
1014 pub type PKERB_LOGON_SUBMIT_TYPE = *mut KERB_LOGON_SUBMIT_TYPE;
1015 STRUCT!{struct KERB_INTERACTIVE_LOGON {
1016 MessageType: KERB_LOGON_SUBMIT_TYPE,
1017 LogonDomainName: UNICODE_STRING,
1018 UserName: UNICODE_STRING,
1019 Password: UNICODE_STRING,
1020 }}
1021 pub type PKERB_INTERACTIVE_LOGON = *mut KERB_INTERACTIVE_LOGON;
1022 STRUCT!{struct KERB_INTERACTIVE_UNLOCK_LOGON {
1023 Logon: KERB_INTERACTIVE_LOGON,
1024 LogonId: LUID,
1025 }}
1026 pub type PKERB_INTERACTIVE_UNLOCK_LOGON = *mut KERB_INTERACTIVE_UNLOCK_LOGON;
1027 STRUCT!{struct KERB_SMART_CARD_LOGON {
1028 MessageType: KERB_LOGON_SUBMIT_TYPE,
1029 Pin: UNICODE_STRING,
1030 CspDataLength: ULONG,
1031 CspData: PUCHAR,
1032 }}
1033 pub type PKERB_SMART_CARD_LOGON = *mut KERB_SMART_CARD_LOGON;
1034 STRUCT!{struct KERB_SMART_CARD_UNLOCK_LOGON {
1035 Logon: KERB_SMART_CARD_LOGON,
1036 LogonId: LUID,
1037 }}
1038 pub type PKERB_SMART_CARD_UNLOCK_LOGON = *mut KERB_SMART_CARD_UNLOCK_LOGON;
1039 pub const KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1;
1040 pub const KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO: ULONG = 0x2;
1041 STRUCT!{struct KERB_CERTIFICATE_LOGON {
1042 MessageType: KERB_LOGON_SUBMIT_TYPE,
1043 DomainName: UNICODE_STRING,
1044 UserName: UNICODE_STRING,
1045 Pin: UNICODE_STRING,
1046 Flags: ULONG,
1047 CspDataLength: ULONG,
1048 CspData: PUCHAR,
1049 }}
1050 pub type PKERB_CERTIFICATE_LOGON = *mut KERB_CERTIFICATE_LOGON;
1051 STRUCT!{struct KERB_CERTIFICATE_UNLOCK_LOGON {
1052 Logon: KERB_CERTIFICATE_LOGON,
1053 LogonId: LUID,
1054 }}
1055 pub type PKERB_CERTIFICATE_UNLOCK_LOGON = *mut KERB_CERTIFICATE_UNLOCK_LOGON;
1056 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1;
1057 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2;
1058 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED: ULONG = 0x4;
1059 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8;
1060 STRUCT!{struct KERB_CERTIFICATE_S4U_LOGON {
1061 MessageType: KERB_LOGON_SUBMIT_TYPE,
1062 Flags: ULONG,
1063 UserPrincipalName: UNICODE_STRING,
1064 DomainName: UNICODE_STRING,
1065 CertificateLength: ULONG,
1066 Certificate: PUCHAR,
1067 }}
1068 pub type PKERB_CERTIFICATE_S4U_LOGON = *mut KERB_CERTIFICATE_S4U_LOGON;
1069 STRUCT!{struct KERB_TICKET_LOGON {
1070 MessageType: KERB_LOGON_SUBMIT_TYPE,
1071 Flags: ULONG,
1072 ServiceTicketLength: ULONG,
1073 TicketGrantingTicketLength: ULONG,
1074 ServiceTicket: PUCHAR,
1075 TicketGrantingTicket: PUCHAR,
1076 }}
1077 pub type PKERB_TICKET_LOGON = *mut KERB_TICKET_LOGON;
1078 STRUCT!{struct KERB_TICKET_UNLOCK_LOGON {
1079 Logon: KERB_TICKET_LOGON,
1080 LogonId: LUID,
1081 }}
1082 pub type PKERB_TICKET_UNLOCK_LOGON = *mut KERB_TICKET_UNLOCK_LOGON;
1083 pub const KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2;
1084 pub const KERB_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8;
1085 STRUCT!{struct KERB_S4U_LOGON {
1086 MessageType: KERB_LOGON_SUBMIT_TYPE,
1087 Flags: ULONG,
1088 ClientUpn: UNICODE_STRING,
1089 ClientRealm: UNICODE_STRING,
1090 }}
1091 pub type PKERB_S4U_LOGON = *mut KERB_S4U_LOGON;
1092 ENUM!{enum KERB_PROFILE_BUFFER_TYPE {
1093 KerbInteractiveProfile = 2,
1094 KerbSmartCardProfile = 4,
1095 KerbTicketProfile = 6,
1096 }}
1097 pub type PKERB_PROFILE_BUFFER_TYPE = *mut KERB_PROFILE_BUFFER_TYPE;
1098 STRUCT!{struct KERB_INTERACTIVE_PROFILE {
1099 MessageType: KERB_PROFILE_BUFFER_TYPE,
1100 LogonCount: USHORT,
1101 BadPasswordCount: USHORT,
1102 LogonTime: LARGE_INTEGER,
1103 LogoffTime: LARGE_INTEGER,
1104 KickOffTime: LARGE_INTEGER,
1105 PasswordLastSet: LARGE_INTEGER,
1106 PasswordCanChange: LARGE_INTEGER,
1107 PasswordMustChange: LARGE_INTEGER,
1108 LogonScript: UNICODE_STRING,
1109 HomeDirectory: UNICODE_STRING,
1110 FullName: UNICODE_STRING,
1111 ProfilePath: UNICODE_STRING,
1112 HomeDirectoryDrive: UNICODE_STRING,
1113 LogonServer: UNICODE_STRING,
1114 UserFlags: ULONG,
1115 }}
1116 pub type PKERB_INTERACTIVE_PROFILE = *mut KERB_INTERACTIVE_PROFILE;
1117 STRUCT!{struct KERB_SMART_CARD_PROFILE {
1118 Profile: KERB_INTERACTIVE_PROFILE,
1119 CertificateSize: ULONG,
1120 CertificateData: PUCHAR,
1121 }}
1122 pub type PKERB_SMART_CARD_PROFILE = *mut KERB_SMART_CARD_PROFILE;
1123 STRUCT!{struct KERB_CRYPTO_KEY {
1124 KeyType: LONG,
1125 Length: ULONG,
1126 Value: PUCHAR,
1127 }}
1128 pub type PKERB_CRYPTO_KEY = *mut KERB_CRYPTO_KEY;
1129 STRUCT!{struct KERB_CRYPTO_KEY32 {
1130 KeyType: LONG,
1131 Length: ULONG,
1132 Offset: ULONG,
1133 }}
1134 pub type PKERB_CRYPTO_KEY32 = *mut KERB_CRYPTO_KEY32;
1135 STRUCT!{struct KERB_TICKET_PROFILE {
1136 Profile: KERB_INTERACTIVE_PROFILE,
1137 SessionKey: KERB_CRYPTO_KEY,
1138 }}
1139 pub type PKERB_TICKET_PROFILE = *mut KERB_TICKET_PROFILE;
1140 ENUM!{enum KERB_PROTOCOL_MESSAGE_TYPE {
1141 KerbDebugRequestMessage = 0,
1142 KerbQueryTicketCacheMessage,
1143 KerbChangeMachinePasswordMessage,
1144 KerbVerifyPacMessage,
1145 KerbRetrieveTicketMessage,
1146 KerbUpdateAddressesMessage,
1147 KerbPurgeTicketCacheMessage,
1148 KerbChangePasswordMessage,
1149 KerbRetrieveEncodedTicketMessage,
1150 KerbDecryptDataMessage,
1151 KerbAddBindingCacheEntryMessage,
1152 KerbSetPasswordMessage,
1153 KerbSetPasswordExMessage,
1154 KerbVerifyCredentialsMessage,
1155 KerbQueryTicketCacheExMessage,
1156 KerbPurgeTicketCacheExMessage,
1157 KerbRefreshSmartcardCredentialsMessage,
1158 KerbAddExtraCredentialsMessage,
1159 KerbQuerySupplementalCredentialsMessage,
1160 KerbTransferCredentialsMessage,
1161 KerbQueryTicketCacheEx2Message,
1162 KerbSubmitTicketMessage,
1163 KerbAddExtraCredentialsExMessage,
1164 KerbQueryKdcProxyCacheMessage,
1165 KerbPurgeKdcProxyCacheMessage,
1166 KerbQueryTicketCacheEx3Message,
1167 KerbCleanupMachinePkinitCredsMessage,
1168 KerbAddBindingCacheEntryExMessage,
1169 KerbQueryBindingCacheMessage,
1170 KerbPurgeBindingCacheMessage,
1171 KerbPinKdcMessage,
1172 KerbUnpinAllKdcsMessage,
1173 KerbQueryDomainExtendedPoliciesMessage,
1174 KerbQueryS4U2ProxyCacheMessage,
1175 }}
1176 pub type PKERB_PROTOCOL_MESSAGE_TYPE = *mut KERB_PROTOCOL_MESSAGE_TYPE;
1177 STRUCT!{struct KERB_QUERY_TKT_CACHE_REQUEST {
1178 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1179 LogonId: LUID,
1180 }}
1181 pub type PKERB_QUERY_TKT_CACHE_REQUEST = *mut KERB_QUERY_TKT_CACHE_REQUEST;
1182 STRUCT!{struct KERB_TICKET_CACHE_INFO {
1183 ServerName: UNICODE_STRING,
1184 RealmName: UNICODE_STRING,
1185 StartTime: LARGE_INTEGER,
1186 EndTime: LARGE_INTEGER,
1187 RenewTime: LARGE_INTEGER,
1188 EncryptionType: LONG,
1189 TicketFlags: ULONG,
1190 }}
1191 pub type PKERB_TICKET_CACHE_INFO = *mut KERB_TICKET_CACHE_INFO;
1192 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX {
1193 ClientName: UNICODE_STRING,
1194 ClientRealm: UNICODE_STRING,
1195 ServerName: UNICODE_STRING,
1196 ServerRealm: UNICODE_STRING,
1197 StartTime: LARGE_INTEGER,
1198 EndTime: LARGE_INTEGER,
1199 RenewTime: LARGE_INTEGER,
1200 EncryptionType: LONG,
1201 TicketFlags: ULONG,
1202 }}
1203 pub type PKERB_TICKET_CACHE_INFO_EX = *mut KERB_TICKET_CACHE_INFO_EX;
1204 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX2 {
1205 ClientName: UNICODE_STRING,
1206 ClientRealm: UNICODE_STRING,
1207 ServerName: UNICODE_STRING,
1208 ServerRealm: UNICODE_STRING,
1209 StartTime: LARGE_INTEGER,
1210 EndTime: LARGE_INTEGER,
1211 RenewTime: LARGE_INTEGER,
1212 EncryptionType: LONG,
1213 TicketFlags: ULONG,
1214 SessionKeyType: ULONG,
1215 BranchId: ULONG,
1216 }}
1217 pub type PKERB_TICKET_CACHE_INFO_EX2 = *mut KERB_TICKET_CACHE_INFO_EX2;
1218 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX3 {
1219 ClientName: UNICODE_STRING,
1220 ClientRealm: UNICODE_STRING,
1221 ServerName: UNICODE_STRING,
1222 ServerRealm: UNICODE_STRING,
1223 StartTime: LARGE_INTEGER,
1224 EndTime: LARGE_INTEGER,
1225 RenewTime: LARGE_INTEGER,
1226 EncryptionType: LONG,
1227 TicketFlags: ULONG,
1228 SessionKeyType: ULONG,
1229 BranchId: ULONG,
1230 CacheFlags: ULONG,
1231 KdcCalled: UNICODE_STRING,
1232 }}
1233 pub type PKERB_TICKET_CACHE_INFO_EX3 = *mut KERB_TICKET_CACHE_INFO_EX3;
1234 STRUCT!{struct KERB_QUERY_TKT_CACHE_RESPONSE {
1235 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1236 CountOfTickets: ULONG,
1237 Tickets: [KERB_TICKET_CACHE_INFO; ANYSIZE_ARRAY],
1238 }}
1239 pub type PKERB_QUERY_TKT_CACHE_RESPONSE = *mut KERB_QUERY_TKT_CACHE_RESPONSE;
1240 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX_RESPONSE {
1241 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1242 CountOfTickets: ULONG,
1243 Tickets: [KERB_TICKET_CACHE_INFO_EX; ANYSIZE_ARRAY],
1244 }}
1245 pub type PKERB_QUERY_TKT_CACHE_EX_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX_RESPONSE;
1246 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX2_RESPONSE {
1247 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1248 CountOfTickets: ULONG,
1249 Tickets: [KERB_TICKET_CACHE_INFO_EX2; ANYSIZE_ARRAY],
1250 }}
1251 pub type PKERB_QUERY_TKT_CACHE_EX2_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX2_RESPONSE;
1252 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX3_RESPONSE {
1253 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1254 CountOfTickets: ULONG,
1255 Tickets: [KERB_TICKET_CACHE_INFO_EX3; ANYSIZE_ARRAY],
1256 }}
1257 pub type PKERB_QUERY_TKT_CACHE_EX3_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX3_RESPONSE;
1258 pub const KERB_USE_DEFAULT_TICKET_FLAGS: ULONG = 0x0;
1259 pub const KERB_RETRIEVE_TICKET_DEFAULT: ULONG = 0x0;
1260 pub const KERB_RETRIEVE_TICKET_DONT_USE_CACHE: ULONG = 0x1;
1261 pub const KERB_RETRIEVE_TICKET_USE_CACHE_ONLY: ULONG = 0x2;
1262 pub const KERB_RETRIEVE_TICKET_USE_CREDHANDLE: ULONG = 0x4;
1263 pub const KERB_RETRIEVE_TICKET_AS_KERB_CRED: ULONG = 0x8;
1264 pub const KERB_RETRIEVE_TICKET_WITH_SEC_CRED: ULONG = 0x10;
1265 pub const KERB_RETRIEVE_TICKET_CACHE_TICKET: ULONG = 0x20;
1266 pub const KERB_RETRIEVE_TICKET_MAX_LIFETIME: ULONG = 0x40;
1267 STRUCT!{struct KERB_AUTH_DATA {
1268 Type: ULONG,
1269 Length: ULONG,
1270 Data: PUCHAR,
1271 }}
1272 pub type PKERB_AUTH_DATA = *mut KERB_AUTH_DATA;
1273 STRUCT!{struct KERB_NET_ADDRESS {
1274 Family: ULONG,
1275 Length: ULONG,
1276 Address: PUCHAR,
1277 }}
1278 pub type PKERB_NET_ADDRESS = *mut KERB_NET_ADDRESS;
1279 STRUCT!{struct KERB_NET_ADDRESSES {
1280 Number: ULONG,
1281 Addresses: [KERB_NET_ADDRESS; ANYSIZE_ARRAY],
1282 }}
1283 pub type PKERB_NET_ADDRESSES = *mut KERB_NET_ADDRESSES;
1284 STRUCT!{struct KERB_EXTERNAL_NAME {
1285 NameType: SHORT,
1286 NameCount: USHORT,
1287 Names: [UNICODE_STRING; ANYSIZE_ARRAY],
1288 }}
1289 pub type PKERB_EXTERNAL_NAME = *mut KERB_EXTERNAL_NAME;
1290 STRUCT!{struct KERB_EXTERNAL_TICKET {
1291 ServiceName: PKERB_EXTERNAL_NAME,
1292 TargetName: PKERB_EXTERNAL_NAME,
1293 ClientName: PKERB_EXTERNAL_NAME,
1294 DomainName: UNICODE_STRING,
1295 TargetDomainName: UNICODE_STRING,
1296 AltTargetDomainName: UNICODE_STRING,
1297 SessionKey: KERB_CRYPTO_KEY,
1298 TicketFlags: ULONG,
1299 Flags: ULONG,
1300 KeyExpirationTime: LARGE_INTEGER,
1301 StartTime: LARGE_INTEGER,
1302 EndTime: LARGE_INTEGER,
1303 RenewUntil: LARGE_INTEGER,
1304 TimeSkew: LARGE_INTEGER,
1305 EncodedTicketSize: ULONG,
1306 EncodedTicket: PUCHAR,
1307 }}
1308 pub type PKERB_EXTERNAL_TICKET = *mut KERB_EXTERNAL_TICKET;
1309 STRUCT!{struct KERB_RETRIEVE_TKT_REQUEST {
1310 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1311 LogonId: LUID,
1312 TargetName: UNICODE_STRING,
1313 TicketFlags: ULONG,
1314 CacheOptions: ULONG,
1315 EncryptionType: LONG,
1316 CredentialsHandle: SecHandle,
1317 }}
1318 pub type PKERB_RETRIEVE_TKT_REQUEST = *mut KERB_RETRIEVE_TKT_REQUEST;
1319 STRUCT!{struct KERB_RETRIEVE_TKT_RESPONSE {
1320 Ticket: KERB_EXTERNAL_TICKET,
1321 }}
1322 pub type PKERB_RETRIEVE_TKT_RESPONSE = *mut KERB_RETRIEVE_TKT_RESPONSE;
1323 STRUCT!{struct KERB_PURGE_TKT_CACHE_REQUEST {
1324 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1325 LogonId: LUID,
1326 ServerName: UNICODE_STRING,
1327 RealmName: UNICODE_STRING,
1328 }}
1329 pub type PKERB_PURGE_TKT_CACHE_REQUEST = *mut KERB_PURGE_TKT_CACHE_REQUEST;
1330 pub const KERB_PURGE_ALL_TICKETS: ULONG = 1;
1331 STRUCT!{struct KERB_PURGE_TKT_CACHE_EX_REQUEST {
1332 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1333 LogonId: LUID,
1334 Flags: ULONG,
1335 TicketTemplate: KERB_TICKET_CACHE_INFO_EX,
1336 }}
1337 pub type PKERB_PURGE_TKT_CACHE_EX_REQUEST = *mut KERB_PURGE_TKT_CACHE_EX_REQUEST;
1338 STRUCT!{struct KERB_SUBMIT_TKT_REQUEST {
1339 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1340 LogonId: LUID,
1341 Flags: ULONG,
1342 Key: KERB_CRYPTO_KEY32,
1343 KerbCredSize: ULONG,
1344 KerbCredOffset: ULONG,
1345 }}
1346 pub type PKERB_SUBMIT_TKT_REQUEST = *mut KERB_SUBMIT_TKT_REQUEST;
1347 STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_REQUEST {
1348 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1349 Flags: ULONG,
1350 LogonId: LUID,
1351 }}
1352 pub type PKERB_QUERY_KDC_PROXY_CACHE_REQUEST = *mut KERB_QUERY_KDC_PROXY_CACHE_REQUEST;
1353 STRUCT!{struct KDC_PROXY_CACHE_ENTRY_DATA {
1354 SinceLastUsed: ULONG64,
1355 DomainName: UNICODE_STRING,
1356 ProxyServerName: UNICODE_STRING,
1357 ProxyServerVdir: UNICODE_STRING,
1358 ProxyServerPort: USHORT,
1359 LogonId: LUID,
1360 CredUserName: UNICODE_STRING,
1361 CredDomainName: UNICODE_STRING,
1362 GlobalCache: BOOLEAN,
1363 }}
1364 pub type PKDC_PROXY_CACHE_ENTRY_DATA = *mut KDC_PROXY_CACHE_ENTRY_DATA;
1365 STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_RESPONSE {
1366 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1367 CountOfEntries: ULONG,
1368 Entries: PKDC_PROXY_CACHE_ENTRY_DATA,
1369 }}
1370 pub type PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE = *mut KERB_QUERY_KDC_PROXY_CACHE_RESPONSE;
1371 STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_REQUEST {
1372 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1373 Flags: ULONG,
1374 LogonId: LUID,
1375 }}
1376 pub type PKERB_PURGE_KDC_PROXY_CACHE_REQUEST = *mut KERB_PURGE_KDC_PROXY_CACHE_REQUEST;
1377 STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_RESPONSE {
1378 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1379 CountOfPurged: ULONG,
1380 }}
1381 pub type PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE = *mut KERB_PURGE_KDC_PROXY_CACHE_RESPONSE;
1382 pub const KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE: ULONG = 0x1;
1383 STRUCT!{struct KERB_S4U2PROXY_CACHE_ENTRY_INFO {
1384 ServerName: UNICODE_STRING,
1385 Flags: ULONG,
1386 LastStatus: NTSTATUS,
1387 Expiry: LARGE_INTEGER,
1388 }}
1389 pub type PKERB_S4U2PROXY_CACHE_ENTRY_INFO = *mut KERB_S4U2PROXY_CACHE_ENTRY_INFO;
1390 pub const KERB_S4U2PROXY_CRED_FLAG_NEGATIVE: ULONG = 0x1;
1391 STRUCT!{struct KERB_S4U2PROXY_CRED {
1392 UserName: UNICODE_STRING,
1393 DomainName: UNICODE_STRING,
1394 Flags: ULONG,
1395 LastStatus: NTSTATUS,
1396 Expiry: LARGE_INTEGER,
1397 CountOfEntries: ULONG,
1398 Entries: PKERB_S4U2PROXY_CACHE_ENTRY_INFO,
1399 }}
1400 pub type PKERB_S4U2PROXY_CRED = *mut KERB_S4U2PROXY_CRED;
1401 STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_REQUEST {
1402 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1403 Flags: ULONG,
1404 LogonId: LUID,
1405 }}
1406 pub type PKERB_QUERY_S4U2PROXY_CACHE_REQUEST = *mut KERB_QUERY_S4U2PROXY_CACHE_REQUEST;
1407 STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_RESPONSE {
1408 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1409 CountOfCreds: ULONG,
1410 Creds: PKERB_S4U2PROXY_CRED,
1411 }}
1412 pub type PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE = *mut KERB_QUERY_S4U2PROXY_CACHE_RESPONSE;
1413 STRUCT!{struct KERB_CHANGEPASSWORD_REQUEST {
1414 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1415 DomainName: UNICODE_STRING,
1416 AccountName: UNICODE_STRING,
1417 OldPassword: UNICODE_STRING,
1418 NewPassword: UNICODE_STRING,
1419 Impersonating: BOOLEAN,
1420 }}
1421 pub type PKERB_CHANGEPASSWORD_REQUEST = *mut KERB_CHANGEPASSWORD_REQUEST;
1422 STRUCT!{struct KERB_SETPASSWORD_REQUEST {
1423 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1424 LogonId: LUID,
1425 CredentialsHandle: SecHandle,
1426 Flags: ULONG,
1427 DomainName: UNICODE_STRING,
1428 AccountName: UNICODE_STRING,
1429 Password: UNICODE_STRING,
1430 }}
1431 pub type PKERB_SETPASSWORD_REQUEST = *mut KERB_SETPASSWORD_REQUEST;
1432 STRUCT!{struct KERB_SETPASSWORD_EX_REQUEST {
1433 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1434 LogonId: LUID,
1435 CredentialsHandle: SecHandle,
1436 Flags: ULONG,
1437 AccountRealm: UNICODE_STRING,
1438 AccountName: UNICODE_STRING,
1439 Password: UNICODE_STRING,
1440 ClientRealm: UNICODE_STRING,
1441 ClientName: UNICODE_STRING,
1442 Impersonating: BOOLEAN,
1443 KdcAddress: UNICODE_STRING,
1444 KdcAddressType: ULONG,
1445 }}
1446 pub type PKERB_SETPASSWORD_EX_REQUEST = *mut KERB_SETPASSWORD_EX_REQUEST;
1447 pub const DS_UNKNOWN_ADDRESS_TYPE: ULONG = 0;
1448 pub const KERB_SETPASS_USE_LOGONID: ULONG = 1;
1449 pub const KERB_SETPASS_USE_CREDHANDLE: ULONG = 2;
1450 STRUCT!{struct KERB_DECRYPT_REQUEST {
1451 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1452 LogonId: LUID,
1453 Flags: ULONG,
1454 CryptoType: LONG,
1455 KeyUsage: LONG,
1456 Key: KERB_CRYPTO_KEY,
1457 EncryptedDataSize: ULONG,
1458 InitialVectorSize: ULONG,
1459 InitialVector: PUCHAR,
1460 EncryptedData: PUCHAR,
1461 }}
1462 pub type PKERB_DECRYPT_REQUEST = *mut KERB_DECRYPT_REQUEST;
1463 pub const KERB_DECRYPT_FLAG_DEFAULT_KEY: ULONG = 0x00000001;
1464 STRUCT!{struct KERB_DECRYPT_RESPONSE {
1465 DecryptedData: [UCHAR; ANYSIZE_ARRAY],
1466 }}
1467 pub type PKERB_DECRYPT_RESPONSE = *mut KERB_DECRYPT_RESPONSE;
1468 STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_REQUEST {
1469 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1470 RealmName: UNICODE_STRING,
1471 KdcAddress: UNICODE_STRING,
1472 AddressType: ULONG,
1473 }}
1474 pub type PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_REQUEST;
1475 STRUCT!{struct KERB_REFRESH_SCCRED_REQUEST {
1476 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1477 CredentialBlob: UNICODE_STRING,
1478 LogonId: LUID,
1479 Flags: ULONG,
1480 }}
1481 pub type PKERB_REFRESH_SCCRED_REQUEST = *mut KERB_REFRESH_SCCRED_REQUEST;
1482 pub const KERB_REFRESH_SCCRED_RELEASE: ULONG = 0x0;
1483 pub const KERB_REFRESH_SCCRED_GETTGT: ULONG = 0x1;
1484 STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST {
1485 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1486 UserName: UNICODE_STRING,
1487 DomainName: UNICODE_STRING,
1488 Password: UNICODE_STRING,
1489 LogonId: LUID,
1490 Flags: ULONG,
1491 }}
1492 pub type PKERB_ADD_CREDENTIALS_REQUEST = *mut KERB_ADD_CREDENTIALS_REQUEST;
1493 pub const KERB_REQUEST_ADD_CREDENTIAL: ULONG = 1;
1494 pub const KERB_REQUEST_REPLACE_CREDENTIAL: ULONG = 2;
1495 pub const KERB_REQUEST_REMOVE_CREDENTIAL: ULONG = 4;
1496 STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST_EX {
1497 Credentials: KERB_ADD_CREDENTIALS_REQUEST,
1498 PrincipalNameCount: ULONG,
1499 PrincipalNames: [UNICODE_STRING; ANYSIZE_ARRAY],
1500 }}
1501 pub type PKERB_ADD_CREDENTIALS_REQUEST_EX = *mut KERB_ADD_CREDENTIALS_REQUEST_EX;
1502 STRUCT!{struct KERB_TRANSFER_CRED_REQUEST {
1503 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1504 OriginLogonId: LUID,
1505 DestinationLogonId: LUID,
1506 Flags: ULONG,
1507 }}
1508 pub type PKERB_TRANSFER_CRED_REQUEST = *mut KERB_TRANSFER_CRED_REQUEST;
1509 pub const KERB_TRANSFER_CRED_WITH_TICKETS: ULONG = 0x1;
1510 pub const KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS: ULONG = 0x2;
1511 STRUCT!{struct KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST {
1512 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1513 LogonId: LUID,
1514 }}
1515 pub type PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST =
1516 *mut KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST;
1517 STRUCT!{struct KERB_BINDING_CACHE_ENTRY_DATA {
1518 DiscoveryTime: ULONG64,
1519 RealmName: UNICODE_STRING,
1520 KdcAddress: UNICODE_STRING,
1521 AddressType: ULONG,
1522 Flags: ULONG,
1523 DcFlags: ULONG,
1524 CacheFlags: ULONG,
1525 KdcName: UNICODE_STRING,
1526 }}
1527 pub type PKERB_BINDING_CACHE_ENTRY_DATA = *mut KERB_BINDING_CACHE_ENTRY_DATA;
1528 STRUCT!{struct KERB_QUERY_BINDING_CACHE_RESPONSE {
1529 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1530 CountOfEntries: ULONG,
1531 Entries: PKERB_BINDING_CACHE_ENTRY_DATA,
1532 }}
1533 pub type PKERB_QUERY_BINDING_CACHE_RESPONSE = *mut KERB_QUERY_BINDING_CACHE_RESPONSE;
1534 STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST {
1535 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1536 RealmName: UNICODE_STRING,
1537 KdcAddress: UNICODE_STRING,
1538 AddressType: ULONG,
1539 DcFlags: ULONG,
1540 }}
1541 pub type PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST;
1542 STRUCT!{struct KERB_QUERY_BINDING_CACHE_REQUEST {
1543 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1544 }}
1545 pub type PKERB_QUERY_BINDING_CACHE_REQUEST = *mut KERB_QUERY_BINDING_CACHE_REQUEST;
1546 STRUCT!{struct KERB_PURGE_BINDING_CACHE_REQUEST {
1547 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1548 }}
1549 pub type PKERB_PURGE_BINDING_CACHE_REQUEST = *mut KERB_PURGE_BINDING_CACHE_REQUEST;
1550 STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST {
1551 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1552 Flags: ULONG,
1553 DomainName: UNICODE_STRING,
1554 }}
1555 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST =
1556 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST;
1557 STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE {
1558 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1559 Flags: ULONG,
1560 ExtendedPolicies: ULONG,
1561 DsFlags: ULONG,
1562 }}
1563 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE =
1564 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE;
1565 ENUM!{enum KERB_CERTIFICATE_INFO_TYPE {
1566 CertHashInfo = 1,
1567 }}
1568 pub type PKERB_CERTIFICATE_INFO_TYPE = *mut KERB_CERTIFICATE_INFO_TYPE;
1569 STRUCT!{struct KERB_CERTIFICATE_HASHINFO {
1570 StoreNameLength: USHORT,
1571 HashLength: USHORT,
1572 }}
1573 pub type PKERB_CERTIFICATE_HASHINFO = *mut KERB_CERTIFICATE_HASHINFO;
1574 STRUCT!{struct KERB_CERTIFICATE_INFO {
1575 CertInfoSize: ULONG,
1576 InfoType: ULONG,
1577 }}
1578 pub type PKERB_CERTIFICATE_INFO = *mut KERB_CERTIFICATE_INFO;
1579 STRUCT!{struct POLICY_AUDIT_SID_ARRAY {
1580 UsersCount: ULONG,
1581 UserSidArray: *mut PSID,
1582 }}
1583 pub type PPOLICY_AUDIT_SID_ARRAY = *mut POLICY_AUDIT_SID_ARRAY;
1584 STRUCT!{struct AUDIT_POLICY_INFORMATION {
1585 AuditSubCategoryGuid: GUID,
1586 AuditingInformation: ULONG,
1587 AuditCategoryGuid: GUID,
1588 }}
1589 pub type PAUDIT_POLICY_INFORMATION = *mut AUDIT_POLICY_INFORMATION;
1590 pub type LPAUDIT_POLICY_INFORMATION = PAUDIT_POLICY_INFORMATION;
1591 pub type PCAUDIT_POLICY_INFORMATION = *const AUDIT_POLICY_INFORMATION;
1592 pub const AUDIT_SET_SYSTEM_POLICY: ULONG = 0x0001;
1593 pub const AUDIT_QUERY_SYSTEM_POLICY: ULONG = 0x0002;
1594 pub const AUDIT_SET_USER_POLICY: ULONG = 0x0004;
1595 pub const AUDIT_QUERY_USER_POLICY: ULONG = 0x0008;
1596 pub const AUDIT_ENUMERATE_USERS: ULONG = 0x0010;
1597 pub const AUDIT_SET_MISC_POLICY: ULONG = 0x0020;
1598 pub const AUDIT_QUERY_MISC_POLICY: ULONG = 0x0040;
1599 pub const AUDIT_GENERIC_ALL: ULONG = STANDARD_RIGHTS_REQUIRED | AUDIT_SET_SYSTEM_POLICY
1600 | AUDIT_QUERY_SYSTEM_POLICY | AUDIT_SET_USER_POLICY | AUDIT_QUERY_USER_POLICY
1601 | AUDIT_ENUMERATE_USERS | AUDIT_SET_MISC_POLICY | AUDIT_QUERY_MISC_POLICY;
1602 pub const AUDIT_GENERIC_READ: ULONG = STANDARD_RIGHTS_READ | AUDIT_QUERY_SYSTEM_POLICY
1603 | AUDIT_QUERY_USER_POLICY | AUDIT_ENUMERATE_USERS | AUDIT_QUERY_MISC_POLICY;
1604 pub const AUDIT_GENERIC_WRITE: ULONG = STANDARD_RIGHTS_WRITE | AUDIT_SET_USER_POLICY
1605 | AUDIT_SET_MISC_POLICY | AUDIT_SET_SYSTEM_POLICY;
1606 pub const AUDIT_GENERIC_EXECUTE: ULONG = STANDARD_RIGHTS_EXECUTE;
1607 extern "system" {
1608 pub fn AuditSetSystemPolicy(
1609 pAuditPolicy: PCAUDIT_POLICY_INFORMATION,
1610 PolicyCount: ULONG,
1611 ) -> BOOLEAN;
1612 pub fn AuditSetPerUserPolicy(
1613 pSid: *const SID,
1614 pAuditPolicy: PCAUDIT_POLICY_INFORMATION,
1615 PolicyCount: ULONG,
1616 ) -> BOOLEAN;
1617 pub fn AuditQuerySystemPolicy(
1618 pSubCategoryGuids: *const GUID,
1619 PolicyCount: ULONG,
1620 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1621 ) -> BOOLEAN;
1622 pub fn AuditQueryPerUserPolicy(
1623 pSid: *const SID,
1624 pSubCategoryGuids: *const GUID,
1625 PolicyCount: ULONG,
1626 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1627 ) -> BOOLEAN;
1628 pub fn AuditEnumeratePerUserPolicy(
1629 ppAuditSidArray: *mut PPOLICY_AUDIT_SID_ARRAY
1630 ) -> BOOLEAN;
1631 pub fn AuditComputeEffectivePolicyBySid(
1632 pSid: *const SID,
1633 pSubCategoryGuids: *const GUID,
1634 dwPolicyCount: ULONG,
1635 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1636 ) -> BOOLEAN;
1637 pub fn AuditComputeEffectivePolicyByToken(
1638 hTokenHandle: HANDLE,
1639 pSubCategoryGuids: *const GUID,
1640 dwPolicyCount: ULONG,
1641 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1642 ) -> BOOLEAN;
1643 pub fn AuditEnumerateCategories(
1644 ppAuditCategoriesArray: *mut *mut GUID,
1645 pdwCountReturned: PULONG,
1646 ) -> BOOLEAN;
1647 pub fn AuditEnumerateSubCategories(
1648 pAuditCategoryGuid: *const GUID,
1649 bRetrieveAllSubCategories: BOOLEAN,
1650 ppAuditSubCategoriesArray: *mut *mut GUID,
1651 pdwCountReturned: PULONG,
1652 ) -> BOOLEAN;
1653 pub fn AuditLookupCategoryNameW(
1654 pAuditCategoryGuid: *const GUID,
1655 ppszCategoryName: *mut PWSTR,
1656 ) -> BOOLEAN;
1657 pub fn AuditLookupCategoryNameA(
1658 pAuditCategoryGuid: *const GUID,
1659 ppszCategoryName: *mut PSTR,
1660 ) -> BOOLEAN;
1661 pub fn AuditLookupSubCategoryNameW(
1662 pAuditSubCategoryGuid: *const GUID,
1663 ppszSubCategoryName: *mut PWSTR,
1664 ) -> BOOLEAN;
1665 pub fn AuditLookupSubCategoryNameA(
1666 pAuditSubCategoryGuid: *const GUID,
1667 ppszSubCategoryName: *mut PSTR,
1668 ) -> BOOLEAN;
1669 pub fn AuditLookupCategoryIdFromCategoryGuid(
1670 pAuditCategoryGuid: *const GUID,
1671 pAuditCategoryId: PPOLICY_AUDIT_EVENT_TYPE,
1672 ) -> BOOLEAN;
1673 pub fn AuditLookupCategoryGuidFromCategoryId(
1674 AuditCategoryId: POLICY_AUDIT_EVENT_TYPE,
1675 pAuditCategoryGuid: *mut GUID,
1676 ) -> BOOLEAN;
1677 pub fn AuditSetSecurity(
1678 SecurityInformation: SECURITY_INFORMATION,
1679 pSecurityDescriptor: PSECURITY_DESCRIPTOR,
1680 ) -> BOOLEAN;
1681 pub fn AuditQuerySecurity(
1682 SecurityInformation: SECURITY_INFORMATION,
1683 ppSecurityDescriptor: *mut PSECURITY_DESCRIPTOR,
1684 ) -> BOOLEAN;
1685 pub fn AuditSetGlobalSaclW(
1686 ObjectTypeName: PCWSTR,
1687 Acl: PACL,
1688 ) -> BOOLEAN;
1689 pub fn AuditSetGlobalSaclA(
1690 ObjectTypeName: PCSTR,
1691 Acl: PACL,
1692 ) -> BOOLEAN;
1693 pub fn AuditQueryGlobalSaclW(
1694 ObjectTypeName: PCWSTR,
1695 Acl: *mut PACL,
1696 ) -> BOOLEAN;
1697 pub fn AuditQueryGlobalSaclA(
1698 ObjectTypeName: PCSTR,
1699 Acl: *mut PACL
1700 ) -> BOOLEAN;
1701 pub fn AuditFree(
1702 Buffer: PVOID,
1703 );
1704 }
1705 STRUCT!{struct PKU2U_CERT_BLOB {
1706 CertOffset: ULONG,
1707 CertLength: USHORT,
1708 }}
1709 pub type PPKU2U_CERT_BLOB = *mut PKU2U_CERT_BLOB;
1710 pub const PKU2U_CREDUI_CONTEXT_VERSION: ULONG64 = 0x4154414454524543;
1711 STRUCT!{struct PKU2U_CREDUI_CONTEXT {
1712 Version: ULONG64,
1713 cbHeaderLength: USHORT,
1714 cbStructureLength: ULONG,
1715 CertArrayCount: USHORT,
1716 CertArrayOffset: ULONG,
1717 }}
1718 pub type PPKU2U_CREDUI_CONTEXT = *mut PKU2U_CREDUI_CONTEXT;
1719 ENUM!{enum PKU2U_LOGON_SUBMIT_TYPE {
1720 Pku2uCertificateS4ULogon = 14,
1721 }}
1722 pub type PPKU2U_LOGON_SUBMIT_TYPE = *mut PKU2U_LOGON_SUBMIT_TYPE;
1723 STRUCT!{struct PKU2U_CERTIFICATE_S4U_LOGON {
1724 MessageType: PKU2U_LOGON_SUBMIT_TYPE,
1725 Flags: ULONG,
1726 UserPrincipalName: UNICODE_STRING,
1727 DomainName: UNICODE_STRING,
1728 CertificateLength: ULONG,
1729 Certificate: PUCHAR,
1730 }}
1731 pub type PPKU2U_CERTIFICATE_S4U_LOGON = *mut PKU2U_CERTIFICATE_S4U_LOGON;
backport for Debian buster