]> git.proxmox.com Git - rustc.git/blob - src/vendor/winapi/src/um/ntsecapi.rs
projects / rustc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
New upstream version 1.31.0~beta.4+dfsg1
[rustc.git] / src / vendor / winapi / src / um / ntsecapi.rs
1 // Copyright © 2015-2017 winapi-rs developers
2 // Licensed under the Apache License, Version 2.0
3 // <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
4 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
5 // All files in the project carrying such notice may not be copied, modified, or distributed
6 // except according to those terms.
7 //! This module defines the Local Security Authority APIs.
8 use shared::basetsd::{ULONG64, ULONG_PTR};
9 use shared::guiddef::GUID;
10 use shared::minwindef::{PUCHAR, PULONG, UCHAR, ULONG, USHORT};
11 use shared::ntdef::NTSTATUS;
12 use shared::sspi::SecHandle;
13 use um::lsalookup::{
14 LSA_TRUST_INFORMATION, LSA_UNICODE_STRING, PLSA_TRUST_INFORMATION, PLSA_UNICODE_STRING
15 };
16 use um::subauth::{PUNICODE_STRING, STRING, UNICODE_STRING};
17 use um::winnt::{
18 ACCESS_MASK, ANYSIZE_ARRAY, BOOLEAN, HANDLE, LARGE_INTEGER, LONG, LUID, PACL, PCSTR, PCWSTR,
19 PSECURITY_DESCRIPTOR, PSID, PSTR, PVOID, PWSTR, QUOTA_LIMITS, SECURITY_INFORMATION, SHORT, SID,
20 SID_NAME_USE, STANDARD_RIGHTS_EXECUTE, STANDARD_RIGHTS_READ, STANDARD_RIGHTS_REQUIRED,
21 STANDARD_RIGHTS_WRITE, ULONGLONG
22 };
23 DEFINE_GUID!{Audit_System_SecurityStateChange,
24 0x0cce9210, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
25 DEFINE_GUID!{Audit_System_SecuritySubsystemExtension,
26 0x0cce9211, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
27 DEFINE_GUID!{Audit_System_Integrity,
28 0x0cce9212, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
29 DEFINE_GUID!{Audit_System_IPSecDriverEvents,
30 0x0cce9213, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
31 DEFINE_GUID!{Audit_System_Others,
32 0x0cce9214, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
33 DEFINE_GUID!{Audit_Logon_Logon,
34 0x0cce9215, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
35 DEFINE_GUID!{Audit_Logon_Logoff,
36 0x0cce9216, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
37 DEFINE_GUID!{Audit_Logon_AccountLockout,
38 0x0cce9217, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
39 DEFINE_GUID!{Audit_Logon_IPSecMainMode,
40 0x0cce9218, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
41 DEFINE_GUID!{Audit_Logon_IPSecQuickMode,
42 0x0cce9219, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
43 DEFINE_GUID!{Audit_Logon_IPSecUserMode,
44 0x0cce921a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
45 DEFINE_GUID!{Audit_Logon_SpecialLogon,
46 0x0cce921b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
47 DEFINE_GUID!{Audit_Logon_Others,
48 0x0cce921c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
49 DEFINE_GUID!{Audit_ObjectAccess_FileSystem,
50 0x0cce921d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
51 DEFINE_GUID!{Audit_ObjectAccess_Registry,
52 0x0cce921e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
53 DEFINE_GUID!{Audit_ObjectAccess_Kernel,
54 0x0cce921f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
55 DEFINE_GUID!{Audit_ObjectAccess_Sam,
56 0x0cce9220, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
57 DEFINE_GUID!{Audit_ObjectAccess_CertificationServices,
58 0x0cce9221, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
59 DEFINE_GUID!{Audit_ObjectAccess_ApplicationGenerated,
60 0x0cce9222, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
61 DEFINE_GUID!{Audit_ObjectAccess_Handle,
62 0x0cce9223, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
63 DEFINE_GUID!{Audit_ObjectAccess_Share,
64 0x0cce9224, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
65 DEFINE_GUID!{Audit_ObjectAccess_FirewallPacketDrops,
66 0x0cce9225, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
67 DEFINE_GUID!{Audit_ObjectAccess_FirewallConnection,
68 0x0cce9226, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
69 DEFINE_GUID!{Audit_ObjectAccess_Other,
70 0x0cce9227, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
71 DEFINE_GUID!{Audit_PrivilegeUse_Sensitive,
72 0x0cce9228, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
73 DEFINE_GUID!{Audit_PrivilegeUse_NonSensitive,
74 0x0cce9229, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
75 DEFINE_GUID!{Audit_PrivilegeUse_Others,
76 0x0cce922a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
77 DEFINE_GUID!{Audit_DetailedTracking_ProcessCreation,
78 0x0cce922b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
79 DEFINE_GUID!{Audit_DetailedTracking_ProcessTermination,
80 0x0cce922c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
81 DEFINE_GUID!{Audit_DetailedTracking_DpapiActivity,
82 0x0cce922d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
83 DEFINE_GUID!{Audit_DetailedTracking_RpcCall,
84 0x0cce922e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
85 DEFINE_GUID!{Audit_PolicyChange_AuditPolicy,
86 0x0cce922f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
87 DEFINE_GUID!{Audit_PolicyChange_AuthenticationPolicy,
88 0x0cce9230, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
89 DEFINE_GUID!{Audit_PolicyChange_AuthorizationPolicy,
90 0x0cce9231, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
91 DEFINE_GUID!{Audit_PolicyChange_MpsscvRulePolicy,
92 0x0cce9232, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
93 DEFINE_GUID!{Audit_PolicyChange_WfpIPSecPolicy,
94 0x0cce9233, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
95 DEFINE_GUID!{Audit_PolicyChange_Others,
96 0x0cce9234, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
97 DEFINE_GUID!{Audit_AccountManagement_UserAccount,
98 0x0cce9235, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
99 DEFINE_GUID!{Audit_AccountManagement_ComputerAccount,
100 0x0cce9236, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
101 DEFINE_GUID!{Audit_AccountManagement_SecurityGroup,
102 0x0cce9237, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
103 DEFINE_GUID!{Audit_AccountManagement_DistributionGroup,
104 0x0cce9238, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
105 DEFINE_GUID!{Audit_AccountManagement_ApplicationGroup,
106 0x0cce9239, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
107 DEFINE_GUID!{Audit_AccountManagement_Others,
108 0x0cce923a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
109 DEFINE_GUID!{Audit_DSAccess_DSAccess,
110 0x0cce923b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
111 DEFINE_GUID!{Audit_DsAccess_AdAuditChanges,
112 0x0cce923c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
113 DEFINE_GUID!{Audit_Ds_Replication,
114 0x0cce923d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
115 DEFINE_GUID!{Audit_Ds_DetailedReplication,
116 0x0cce923e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
117 DEFINE_GUID!{Audit_AccountLogon_CredentialValidation,
118 0x0cce923f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
119 DEFINE_GUID!{Audit_AccountLogon_Kerberos,
120 0x0cce9240, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
121 DEFINE_GUID!{Audit_AccountLogon_Others,
122 0x0cce9241, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
123 DEFINE_GUID!{Audit_AccountLogon_KerbCredentialValidation,
124 0x0cce9242, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
125 DEFINE_GUID!{Audit_Logon_NPS,
126 0x0cce9243, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
127 DEFINE_GUID!{Audit_ObjectAccess_DetailedFileShare,
128 0x0cce9244, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
129 DEFINE_GUID!{Audit_ObjectAccess_RemovableStorage,
130 0x0cce9245, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
131 DEFINE_GUID!{Audit_ObjectAccess_CbacStaging,
132 0x0cce9246, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
133 DEFINE_GUID!{Audit_Logon_Claims,
134 0x0cce9247, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
135 DEFINE_GUID!{Audit_System,
136 0x69979848, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
137 DEFINE_GUID!{Audit_Logon,
138 0x69979849, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
139 DEFINE_GUID!{Audit_ObjectAccess,
140 0x6997984a, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
141 DEFINE_GUID!{Audit_PrivilegeUse,
142 0x6997984b, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
143 DEFINE_GUID!{Audit_DetailedTracking,
144 0x6997984c, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
145 DEFINE_GUID!{Audit_PolicyChange,
146 0x6997984d, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
147 DEFINE_GUID!{Audit_AccountManagement,
148 0x6997984e, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
149 DEFINE_GUID!{Audit_DirectoryServiceAccess,
150 0x6997984f, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
151 DEFINE_GUID!{Audit_AccountLogon,
152 0x69979850, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
153 ENUM!{enum POLICY_AUDIT_EVENT_TYPE {
154 AuditCategorySystem = 0,
155 AuditCategoryLogon,
156 AuditCategoryObjectAccess,
157 AuditCategoryPrivilegeUse,
158 AuditCategoryDetailedTracking,
159 AuditCategoryPolicyChange,
160 AuditCategoryAccountManagement,
161 AuditCategoryDirectoryServiceAccess,
162 AuditCategoryAccountLogon,
163 }}
164 pub type PPOLICY_AUDIT_EVENT_TYPE = *mut POLICY_AUDIT_EVENT_TYPE;
165 pub const POLICY_AUDIT_EVENT_UNCHANGED: POLICY_AUDIT_EVENT_OPTIONS = 0x00000000;
166 pub const POLICY_AUDIT_EVENT_SUCCESS: POLICY_AUDIT_EVENT_OPTIONS = 0x00000001;
167 pub const POLICY_AUDIT_EVENT_FAILURE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000002;
168 pub const POLICY_AUDIT_EVENT_NONE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000004;
169 pub const POLICY_AUDIT_EVENT_MASK: POLICY_AUDIT_EVENT_OPTIONS = POLICY_AUDIT_EVENT_SUCCESS
170 | POLICY_AUDIT_EVENT_FAILURE | POLICY_AUDIT_EVENT_UNCHANGED | POLICY_AUDIT_EVENT_NONE;
171 pub const POLICY_VIEW_LOCAL_INFORMATION: ACCESS_MASK = 0x00000001;
172 pub const POLICY_VIEW_AUDIT_INFORMATION: ACCESS_MASK = 0x00000002;
173 pub const POLICY_GET_PRIVATE_INFORMATION: ACCESS_MASK = 0x00000004;
174 pub const POLICY_TRUST_ADMIN: ACCESS_MASK = 0x00000008;
175 pub const POLICY_CREATE_ACCOUNT: ACCESS_MASK = 0x00000010;
176 pub const POLICY_CREATE_SECRET: ACCESS_MASK = 0x00000020;
177 pub const POLICY_CREATE_PRIVILEGE: ACCESS_MASK = 0x00000040;
178 pub const POLICY_SET_DEFAULT_QUOTA_LIMITS: ACCESS_MASK = 0x00000080;
179 pub const POLICY_SET_AUDIT_REQUIREMENTS: ACCESS_MASK = 0x00000100;
180 pub const POLICY_AUDIT_LOG_ADMIN: ACCESS_MASK = 0x00000200;
181 pub const POLICY_SERVER_ADMIN: ACCESS_MASK = 0x00000400;
182 pub const POLICY_LOOKUP_NAMES: ACCESS_MASK = 0x00000800;
183 pub const POLICY_NOTIFICATION: ACCESS_MASK = 0x00001000;
184 pub const POLICY_ALL_ACCESS: ACCESS_MASK = STANDARD_RIGHTS_REQUIRED
185 | POLICY_VIEW_LOCAL_INFORMATION | POLICY_VIEW_AUDIT_INFORMATION
186 | POLICY_GET_PRIVATE_INFORMATION | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT
187 | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS
188 | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN
189 | POLICY_LOOKUP_NAMES;
190 pub const POLICY_READ: ACCESS_MASK = STANDARD_RIGHTS_READ | POLICY_VIEW_AUDIT_INFORMATION
191 | POLICY_GET_PRIVATE_INFORMATION;
192 pub const POLICY_WRITE: ACCESS_MASK = STANDARD_RIGHTS_WRITE | POLICY_TRUST_ADMIN
193 | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE
194 | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN
195 | POLICY_SERVER_ADMIN;
196 pub const POLICY_EXECUTE: ACCESS_MASK = STANDARD_RIGHTS_EXECUTE
197 | POLICY_VIEW_LOCAL_INFORMATION | POLICY_LOOKUP_NAMES;
198 STRUCT!{struct LSA_TRANSLATED_SID {
199 Use: SID_NAME_USE,
200 RelativeId: ULONG,
201 DomainIndex: LONG,
202 }}
203 pub type PLSA_TRANSLATED_SID = *mut LSA_TRANSLATED_SID;
204 ENUM!{enum POLICY_LSA_SERVER_ROLE {
205 PolicyServerRoleBackup = 2,
206 PolicyServerRolePrimary,
207 }}
208 pub type PPOLICY_LSA_SERVER_ROLE = *mut POLICY_LSA_SERVER_ROLE;
209 pub type POLICY_AUDIT_EVENT_OPTIONS = ULONG;
210 pub type PPOLICY_AUDIT_EVENT_OPTIONS = *mut ULONG;
211 ENUM!{enum POLICY_INFORMATION_CLASS {
212 PolicyAuditLogInformation = 1,
213 PolicyAuditEventsInformation,
214 PolicyPrimaryDomainInformation,
215 PolicyPdAccountInformation,
216 PolicyAccountDomainInformation,
217 PolicyLsaServerRoleInformation,
218 PolicyReplicaSourceInformation,
219 PolicyDefaultQuotaInformation,
220 PolicyModificationInformation,
221 PolicyAuditFullSetInformation,
222 PolicyAuditFullQueryInformation,
223 PolicyDnsDomainInformation,
224 PolicyDnsDomainInformationInt,
225 PolicyLocalAccountDomainInformation,
226 PolicyLastEntry,
227 }}
228 pub type PPOLICY_INFORMATION_CLASS = *mut POLICY_INFORMATION_CLASS;
229 STRUCT!{struct POLICY_AUDIT_LOG_INFO {
230 AuditLogPercentFull: ULONG,
231 MaximumLogSize: ULONG,
232 AuditRetentionPeriod: LARGE_INTEGER,
233 AuditLogFullShutdownInProgress: BOOLEAN,
234 TimeToShutdown: LARGE_INTEGER,
235 NextAuditRecordId: ULONG,
236 }}
237 pub type PPOLICY_AUDIT_LOG_INFO = *mut POLICY_AUDIT_LOG_INFO;
238 STRUCT!{struct POLICY_AUDIT_EVENTS_INFO {
239 AuditingMode: BOOLEAN,
240 EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
241 MaximumAuditEventCount: ULONG,
242 }}
243 pub type PPOLICY_AUDIT_EVENTS_INFO = *mut POLICY_AUDIT_EVENTS_INFO;
244 STRUCT!{struct POLICY_AUDIT_SUBCATEGORIES_INFO {
245 MaximumSubCategoryCount: ULONG,
246 EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
247 }}
248 pub type PPOLICY_AUDIT_SUBCATEGORIES_INFO = *mut POLICY_AUDIT_SUBCATEGORIES_INFO;
249 STRUCT!{struct POLICY_AUDIT_CATEGORIES_INFO {
250 MaximumSubCategoryCount: ULONG,
251 SubCategoriesInfo: PPOLICY_AUDIT_SUBCATEGORIES_INFO,
252 }}
253 pub type PPOLICY_AUDIT_CATEGORIES_INFO = *mut POLICY_AUDIT_CATEGORIES_INFO;
254 pub const PER_USER_POLICY_UNCHANGED: ULONG = 0x00;
255 pub const PER_USER_AUDIT_SUCCESS_INCLUDE: ULONG = 0x01;
256 pub const PER_USER_AUDIT_SUCCESS_EXCLUDE: ULONG = 0x02;
257 pub const PER_USER_AUDIT_FAILURE_INCLUDE: ULONG = 0x04;
258 pub const PER_USER_AUDIT_FAILURE_EXCLUDE: ULONG = 0x08;
259 pub const PER_USER_AUDIT_NONE: ULONG = 0x10;
260 pub const VALID_PER_USER_AUDIT_POLICY_FLAG: ULONG = PER_USER_AUDIT_SUCCESS_INCLUDE
261 | PER_USER_AUDIT_SUCCESS_EXCLUDE | PER_USER_AUDIT_FAILURE_INCLUDE
262 | PER_USER_AUDIT_FAILURE_EXCLUDE | PER_USER_AUDIT_NONE;
263 STRUCT!{struct POLICY_PRIMARY_DOMAIN_INFO {
264 Name: LSA_UNICODE_STRING,
265 Sid: PSID,
266 }}
267 pub type PPOLICY_PRIMARY_DOMAIN_INFO = *mut POLICY_PRIMARY_DOMAIN_INFO;
268 STRUCT!{struct POLICY_PD_ACCOUNT_INFO {
269 Name: LSA_UNICODE_STRING,
270 }}
271 pub type PPOLICY_PD_ACCOUNT_INFO = *mut POLICY_PD_ACCOUNT_INFO;
272 STRUCT!{struct POLICY_LSA_SERVER_ROLE_INFO {
273 LsaServerRole: POLICY_LSA_SERVER_ROLE,
274 }}
275 pub type PPOLICY_LSA_SERVER_ROLE_INFO = *mut POLICY_LSA_SERVER_ROLE_INFO;
276 STRUCT!{struct POLICY_REPLICA_SOURCE_INFO {
277 ReplicaSource: LSA_UNICODE_STRING,
278 ReplicaAccountName: LSA_UNICODE_STRING,
279 }}
280 pub type PPOLICY_REPLICA_SOURCE_INFO = *mut POLICY_REPLICA_SOURCE_INFO;
281 STRUCT!{struct POLICY_DEFAULT_QUOTA_INFO {
282 QuotaLimits: QUOTA_LIMITS,
283 }}
284 pub type PPOLICY_DEFAULT_QUOTA_INFO = *mut POLICY_DEFAULT_QUOTA_INFO;
285 STRUCT!{struct POLICY_MODIFICATION_INFO {
286 ModifiedId: LARGE_INTEGER,
287 DatabaseCreationTime: LARGE_INTEGER,
288 }}
289 pub type PPOLICY_MODIFICATION_INFO = *mut POLICY_MODIFICATION_INFO;
290 STRUCT!{struct POLICY_AUDIT_FULL_SET_INFO {
291 ShutDownOnFull: BOOLEAN,
292 }}
293 pub type PPOLICY_AUDIT_FULL_SET_INFO = *mut POLICY_AUDIT_FULL_SET_INFO;
294 STRUCT!{struct POLICY_AUDIT_FULL_QUERY_INFO {
295 ShutDownOnFull: BOOLEAN,
296 LogIsFull: BOOLEAN,
297 }}
298 pub type PPOLICY_AUDIT_FULL_QUERY_INFO = *mut POLICY_AUDIT_FULL_QUERY_INFO;
299 ENUM!{enum POLICY_DOMAIN_INFORMATION_CLASS {
300 PolicyDomainEfsInformation = 2,
301 PolicyDomainKerberosTicketInformation,
302 }}
303 pub type PPOLICY_DOMAIN_INFORMATION_CLASS = *mut POLICY_DOMAIN_INFORMATION_CLASS;
304 STRUCT!{struct POLICY_DOMAIN_EFS_INFO {
305 InfoLength: ULONG,
306 EfsBlob: PUCHAR,
307 }}
308 pub type PPOLICY_DOMAIN_EFS_INFO = *mut POLICY_DOMAIN_EFS_INFO;
309 STRUCT!{struct POLICY_DOMAIN_KERBEROS_TICKET_INFO {
310 AuthenticationOptions: ULONG,
311 MaxServiceTicketAge: LARGE_INTEGER,
312 MaxTicketAge: LARGE_INTEGER,
313 MaxRenewAge: LARGE_INTEGER,
314 MaxClockSkew: LARGE_INTEGER,
315 Reserved: LARGE_INTEGER,
316 }}
317 pub type PPOLICY_DOMAIN_KERBEROS_TICKET_INFO = *mut POLICY_DOMAIN_KERBEROS_TICKET_INFO;
318 ENUM!{enum POLICY_NOTIFICATION_INFORMATION_CLASS {
319 PolicyNotifyAuditEventsInformation = 1,
320 PolicyNotifyAccountDomainInformation,
321 PolicyNotifyServerRoleInformation,
322 PolicyNotifyDnsDomainInformation,
323 PolicyNotifyDomainEfsInformation,
324 PolicyNotifyDomainKerberosTicketInformation,
325 PolicyNotifyMachineAccountPasswordInformation,
326 PolicyNotifyGlobalSaclInformation,
327 PolicyNotifyMax,
328 }}
329 pub type PPOLICY_NOTIFICATION_INFORMATION_CLASS = *mut POLICY_NOTIFICATION_INFORMATION_CLASS;
330 pub type LSA_HANDLE = PVOID;
331 pub type PLSA_HANDLE = *mut PVOID;
332 ENUM!{enum TRUSTED_INFORMATION_CLASS {
333 TrustedDomainNameInformation = 1,
334 TrustedControllersInformation,
335 TrustedPosixOffsetInformation,
336 TrustedPasswordInformation,
337 TrustedDomainInformationBasic,
338 TrustedDomainInformationEx,
339 TrustedDomainAuthInformation,
340 TrustedDomainFullInformation,
341 TrustedDomainAuthInformationInternal,
342 TrustedDomainFullInformationInternal,
343 TrustedDomainInformationEx2Internal,
344 TrustedDomainFullInformation2Internal,
345 TrustedDomainSupportedEncryptionTypes,
346 }}
347 pub type PTRUSTED_INFORMATION_CLASS = *mut TRUSTED_INFORMATION_CLASS;
348 STRUCT!{struct TRUSTED_DOMAIN_NAME_INFO {
349 Name: LSA_UNICODE_STRING,
350 }}
351 pub type PTRUSTED_DOMAIN_NAME_INFO = *mut TRUSTED_DOMAIN_NAME_INFO;
352 STRUCT!{struct TRUSTED_CONTROLLERS_INFO {
353 Entries: ULONG,
354 Names: PLSA_UNICODE_STRING,
355 }}
356 pub type PTRUSTED_CONTROLLERS_INFO = *mut TRUSTED_CONTROLLERS_INFO;
357 STRUCT!{struct TRUSTED_POSIX_OFFSET_INFO {
358 Offset: ULONG,
359 }}
360 pub type PTRUSTED_POSIX_OFFSET_INFO = *mut TRUSTED_POSIX_OFFSET_INFO;
361 STRUCT!{struct TRUSTED_PASSWORD_INFO {
362 Password: LSA_UNICODE_STRING,
363 OldPassword: LSA_UNICODE_STRING,
364 }}
365 pub type PTRUSTED_PASSWORD_INFO = *mut TRUSTED_PASSWORD_INFO;
366 pub type TRUSTED_DOMAIN_INFORMATION_BASIC = LSA_TRUST_INFORMATION;
367 pub type PTRUSTED_DOMAIN_INFORMATION_BASIC = PLSA_TRUST_INFORMATION;
368 pub const TRUST_DIRECTION_DISABLED: ULONG = 0x00000000;
369 pub const TRUST_DIRECTION_INBOUND: ULONG = 0x00000001;
370 pub const TRUST_DIRECTION_OUTBOUND: ULONG = 0x00000002;
371 pub const TRUST_DIRECTION_BIDIRECTIONAL: ULONG = TRUST_DIRECTION_INBOUND
372 | TRUST_DIRECTION_OUTBOUND;
373 pub const TRUST_TYPE_DOWNLEVEL: ULONG = 0x00000001;
374 pub const TRUST_TYPE_UPLEVEL: ULONG = 0x00000002;
375 pub const TRUST_TYPE_MIT: ULONG = 0x00000003;
376 pub const TRUST_ATTRIBUTE_NON_TRANSITIVE: ULONG = 0x00000001;
377 pub const TRUST_ATTRIBUTE_UPLEVEL_ONLY: ULONG = 0x00000002;
378 pub const TRUST_ATTRIBUTE_QUARANTINED_DOMAIN: ULONG = 0x00000004;
379 pub const TRUST_ATTRIBUTE_FOREST_TRANSITIVE: ULONG = 0x00000008;
380 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION: ULONG = 0x00000010;
381 pub const TRUST_ATTRIBUTE_WITHIN_FOREST: ULONG = 0x00000020;
382 pub const TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL: ULONG = 0x00000040;
383 pub const TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION: ULONG = 0x00000080;
384 pub const TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS: ULONG = 0x00000100;
385 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION: ULONG = 0x00000200;
386 pub const TRUST_ATTRIBUTES_VALID: ULONG = 0xFF03FFFF;
387 pub const TRUST_ATTRIBUTES_USER: ULONG = 0xFF000000;
388 STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX {
389 Name: LSA_UNICODE_STRING,
390 FlatName: LSA_UNICODE_STRING,
391 Sid: PSID,
392 TrustDirection: ULONG,
393 TrustType: ULONG,
394 TrustAttributes: ULONG,
395 }}
396 pub type PTRUSTED_DOMAIN_INFORMATION_EX = *mut TRUSTED_DOMAIN_INFORMATION_EX;
397 STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX2 {
398 Name: LSA_UNICODE_STRING,
399 FlatName: LSA_UNICODE_STRING,
400 Sid: PSID,
401 TrustDirection: ULONG,
402 TrustType: ULONG,
403 TrustAttributes: ULONG,
404 ForestTrustLength: ULONG,
405 ForestTrustInfo: PUCHAR,
406 }}
407 pub type PTRUSTED_DOMAIN_INFORMATION_EX2 = *mut TRUSTED_DOMAIN_INFORMATION_EX2;
408 pub const TRUST_AUTH_TYPE_NONE: ULONG = 0;
409 pub const TRUST_AUTH_TYPE_NT4OWF: ULONG = 1;
410 pub const TRUST_AUTH_TYPE_CLEAR: ULONG = 2;
411 pub const TRUST_AUTH_TYPE_VERSION: ULONG = 3;
412 STRUCT!{struct LSA_AUTH_INFORMATION {
413 LastUpdateTime: LARGE_INTEGER,
414 AuthType: ULONG,
415 AuthInfoLength: ULONG,
416 AuthInfo: PUCHAR,
417 }}
418 pub type PLSA_AUTH_INFORMATION = *mut LSA_AUTH_INFORMATION;
419 STRUCT!{struct TRUSTED_DOMAIN_AUTH_INFORMATION {
420 IncomingAuthInfos: ULONG,
421 IncomingAuthenticationInformation: PLSA_AUTH_INFORMATION,
422 IncomingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
423 OutgoingAuthInfos: ULONG,
424 OutgoingAuthenticationInformation: PLSA_AUTH_INFORMATION,
425 OutgoingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
426 }}
427 pub type PTRUSTED_DOMAIN_AUTH_INFORMATION = *mut TRUSTED_DOMAIN_AUTH_INFORMATION;
428 STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION {
429 Information: TRUSTED_DOMAIN_INFORMATION_EX,
430 PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
431 AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
432 }}
433 pub type PTRUSTED_DOMAIN_FULL_INFORMATION = *mut TRUSTED_DOMAIN_FULL_INFORMATION;
434 STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION2 {
435 Information: TRUSTED_DOMAIN_INFORMATION_EX2,
436 PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
437 AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
438 }}
439 pub type PTRUSTED_DOMAIN_FULL_INFORMATION2 = *mut TRUSTED_DOMAIN_FULL_INFORMATION2;
440 STRUCT!{struct TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES {
441 SupportedEncryptionTypes: ULONG,
442 }}
443 pub type PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES =
444 *mut TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES;
445 ENUM!{enum LSA_FOREST_TRUST_RECORD_TYPE {
446 ForestTrustTopLevelName,
447 ForestTrustTopLevelNameEx,
448 ForestTrustDomainInfo,
449 ForestTrustRecordTypeLast, // = ForestTrustDomainInfo,
450 }}
451 pub const LSA_FTRECORD_DISABLED_REASONS: ULONG = 0x0000FFFF;
452 pub const LSA_TLN_DISABLED_NEW: ULONG = 0x00000001;
453 pub const LSA_TLN_DISABLED_ADMIN: ULONG = 0x00000002;
454 pub const LSA_TLN_DISABLED_CONFLICT: ULONG = 0x00000004;
455 pub const LSA_SID_DISABLED_ADMIN: ULONG = 0x00000001;
456 pub const LSA_SID_DISABLED_CONFLICT: ULONG = 0x00000002;
457 pub const LSA_NB_DISABLED_ADMIN: ULONG = 0x00000004;
458 pub const LSA_NB_DISABLED_CONFLICT: ULONG = 0x00000008;
459 STRUCT!{struct LSA_FOREST_TRUST_DOMAIN_INFO {
460 Sid: PSID,
461 DnsName: LSA_UNICODE_STRING,
462 NetbiosName: LSA_UNICODE_STRING,
463 }}
464 pub type PLSA_FOREST_TRUST_DOMAIN_INFO = *mut LSA_FOREST_TRUST_DOMAIN_INFO;
465 pub const MAX_FOREST_TRUST_BINARY_DATA_SIZE: ULONG = 128 * 1024;
466 STRUCT!{struct LSA_FOREST_TRUST_BINARY_DATA {
467 Length: ULONG,
468 Buffer: PUCHAR,
469 }}
470 pub type PLSA_FOREST_TRUST_BINARY_DATA = *mut LSA_FOREST_TRUST_BINARY_DATA;
471 UNION!{union LSA_FOREST_TRUST_RECORD_ForestTrustData {
472 [usize; 5],
473 TopLevelName TopLevelName_mut: LSA_UNICODE_STRING,
474 DomainInfo DomainInfo_mut: LSA_FOREST_TRUST_DOMAIN_INFO,
475 Data Data_mut: LSA_FOREST_TRUST_BINARY_DATA,
476 }}
477 STRUCT!{struct LSA_FOREST_TRUST_RECORD {
478 Flags: ULONG,
479 ForestTrustType: LSA_FOREST_TRUST_RECORD_TYPE,
480 Time: LARGE_INTEGER,
481 ForestTrustData: LSA_FOREST_TRUST_RECORD_ForestTrustData,
482 }}
483 pub type PLSA_FOREST_TRUST_RECORD = *mut LSA_FOREST_TRUST_RECORD;
484 pub const MAX_RECORDS_IN_FOREST_TRUST_INFO: ULONG = 4000;
485 STRUCT!{struct LSA_FOREST_TRUST_INFORMATION {
486 RecordCount: ULONG,
487 Entries: *mut PLSA_FOREST_TRUST_RECORD,
488 }}
489 pub type PLSA_FOREST_TRUST_INFORMATION = *mut LSA_FOREST_TRUST_INFORMATION;
490 ENUM!{enum LSA_FOREST_TRUST_COLLISION_RECORD_TYPE {
491 CollisionTdo,
492 CollisionXref,
493 CollisionOther,
494 }}
495 STRUCT!{struct LSA_FOREST_TRUST_COLLISION_RECORD {
496 Index: ULONG,
497 Type: LSA_FOREST_TRUST_COLLISION_RECORD_TYPE,
498 Flags: ULONG,
499 Name: LSA_UNICODE_STRING,
500 }}
501 pub type PLSA_FOREST_TRUST_COLLISION_RECORD = *mut LSA_FOREST_TRUST_COLLISION_RECORD;
502 STRUCT!{struct LSA_FOREST_TRUST_COLLISION_INFORMATION {
503 RecordCount: ULONG,
504 Entries: *mut PLSA_FOREST_TRUST_COLLISION_RECORD,
505 }}
506 pub type PLSA_FOREST_TRUST_COLLISION_INFORMATION = *mut LSA_FOREST_TRUST_COLLISION_INFORMATION;
507 pub type LSA_ENUMERATION_HANDLE = ULONG;
508 pub type PLSA_ENUMERATION_HANDLE = *mut ULONG;
509 STRUCT!{struct LSA_ENUMERATION_INFORMATION {
510 Sid: PSID,
511 }}
512 pub type PLSA_ENUMERATION_INFORMATION = *mut LSA_ENUMERATION_INFORMATION;
513 STRUCT!{struct LSA_LAST_INTER_LOGON_INFO {
514 LastSuccessfulLogon: LARGE_INTEGER,
515 LastFailedLogon: LARGE_INTEGER,
516 FailedAttemptCountSinceLastSuccessfulLogon: ULONG,
517 }}
518 pub type PLSA_LAST_INTER_LOGON_INFO = *mut LSA_LAST_INTER_LOGON_INFO;
519 STRUCT!{struct SECURITY_LOGON_SESSION_DATA {
520 Size: ULONG,
521 LogonId: LUID,
522 UserName: LSA_UNICODE_STRING,
523 LogonDomain: LSA_UNICODE_STRING,
524 AuthenticationPackage: LSA_UNICODE_STRING,
525 LogonType: ULONG,
526 Session: ULONG,
527 Sid: PSID,
528 LogonTime: LARGE_INTEGER,
529 LogonServer: LSA_UNICODE_STRING,
530 DnsDomainName: LSA_UNICODE_STRING,
531 Upn: LSA_UNICODE_STRING,
532 UserFlags: ULONG,
533 LastLogonInfo: LSA_LAST_INTER_LOGON_INFO,
534 LogonScript: LSA_UNICODE_STRING,
535 ProfilePath: LSA_UNICODE_STRING,
536 HomeDirectory: LSA_UNICODE_STRING,
537 HomeDirectoryDrive: LSA_UNICODE_STRING,
538 LogoffTime: LARGE_INTEGER,
539 KickOffTime: LARGE_INTEGER,
540 PasswordLastSet: LARGE_INTEGER,
541 PasswordCanChange: LARGE_INTEGER,
542 PasswordMustChange: LARGE_INTEGER,
543 }}
544 pub type PSECURITY_LOGON_SESSION_DATA = *mut SECURITY_LOGON_SESSION_DATA;
545 pub const CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000001;
546 pub const CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000100;
547 pub const CENTRAL_ACCESS_POLICY_STAGED_FLAG: ULONG = 0x00010000;
548 pub const CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK: ULONG =
549 CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
550 | CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG
551 | CENTRAL_ACCESS_POLICY_STAGED_FLAG;
552 pub const LSASETCAPS_RELOAD_FLAG: ULONG = 0x00000001;
553 pub const LSASETCAPS_VALID_FLAG_MASK: ULONG = LSASETCAPS_RELOAD_FLAG;
554 STRUCT!{struct CENTRAL_ACCESS_POLICY_ENTRY {
555 Name: LSA_UNICODE_STRING,
556 Description: LSA_UNICODE_STRING,
557 ChangeId: LSA_UNICODE_STRING,
558 LengthAppliesTo: ULONG,
559 AppliesTo: PUCHAR,
560 LengthSD: ULONG,
561 SD: PSECURITY_DESCRIPTOR,
562 LengthStagedSD: ULONG,
563 StagedSD: PSECURITY_DESCRIPTOR,
564 Flags: ULONG,
565 }}
566 pub type PCENTRAL_ACCESS_POLICY_ENTRY = *mut CENTRAL_ACCESS_POLICY_ENTRY;
567 pub type PCCENTRAL_ACCESS_POLICY_ENTRY = *const CENTRAL_ACCESS_POLICY_ENTRY;
568 STRUCT!{struct CENTRAL_ACCESS_POLICY {
569 CAPID: PSID,
570 Name: LSA_UNICODE_STRING,
571 Description: LSA_UNICODE_STRING,
572 ChangeId: LSA_UNICODE_STRING,
573 Flags: ULONG,
574 CAPECount: ULONG,
575 CAPEs: *mut PCENTRAL_ACCESS_POLICY_ENTRY,
576 }}
577 pub type PCENTRAL_ACCESS_POLICY = *mut CENTRAL_ACCESS_POLICY;
578 pub type PCCENTRAL_ACCESS_POLICY = *const CENTRAL_ACCESS_POLICY;
579 ENUM!{enum NEGOTIATE_MESSAGES {
580 NegEnumPackagePrefixes = 0,
581 NegGetCallerName = 1,
582 NegTransferCredentials = 2,
583 NegCallPackageMax,
584 }}
585 pub const NEGOTIATE_MAX_PREFIX: usize = 32;
586 STRUCT!{struct NEGOTIATE_PACKAGE_PREFIX {
587 PackageId: ULONG_PTR,
588 PackageDataA: PVOID,
589 PackageDataW: PVOID,
590 PrefixLen: ULONG_PTR,
591 Prefix: [UCHAR; NEGOTIATE_MAX_PREFIX],
592 }}
593 pub type PNEGOTIATE_PACKAGE_PREFIX = *mut NEGOTIATE_PACKAGE_PREFIX;
594 STRUCT!{struct NEGOTIATE_PACKAGE_PREFIXES {
595 MessageType: ULONG,
596 PrefixCount: ULONG,
597 Offset: ULONG,
598 Pad: ULONG,
599 }}
600 pub type PNEGOTIATE_PACKAGE_PREFIXES = *mut NEGOTIATE_PACKAGE_PREFIXES;
601 STRUCT!{struct NEGOTIATE_CALLER_NAME_REQUEST {
602 MessageType: ULONG,
603 LogonId: LUID,
604 }}
605 pub type PNEGOTIATE_CALLER_NAME_REQUEST = *mut NEGOTIATE_CALLER_NAME_REQUEST;
606 STRUCT!{struct NEGOTIATE_CALLER_NAME_RESPONSE {
607 MessageType: ULONG,
608 CallerName: PWSTR,
609 }}
610 pub type PNEGOTIATE_CALLER_NAME_RESPONSE = *mut NEGOTIATE_CALLER_NAME_RESPONSE;
611 STRUCT!{struct DOMAIN_PASSWORD_INFORMATION {
612 MinPasswordLength: USHORT,
613 PasswordHistoryLength: USHORT,
614 PasswordProperties: ULONG,
615 MaxPasswordAge: LARGE_INTEGER,
616 MinPasswordAge: LARGE_INTEGER,
617 }}
618 pub type PDOMAIN_PASSWORD_INFORMATION = *mut DOMAIN_PASSWORD_INFORMATION;
619 pub const DOMAIN_PASSWORD_COMPLEX: ULONG = 0x00000001;
620 pub const DOMAIN_PASSWORD_NO_ANON_CHANGE: ULONG = 0x00000002;
621 pub const DOMAIN_PASSWORD_NO_CLEAR_CHANGE: ULONG = 0x00000004;
622 pub const DOMAIN_LOCKOUT_ADMINS: ULONG = 0x00000008;
623 pub const DOMAIN_PASSWORD_STORE_CLEARTEXT: ULONG = 0x00000010;
624 pub const DOMAIN_REFUSE_PASSWORD_CHANGE: ULONG = 0x00000020;
625 pub const DOMAIN_NO_LM_OWF_CHANGE: ULONG = 0x00000040;
626 FN!{stdcall PSAM_PASSWORD_NOTIFICATION_ROUTINE(
627 UserName: PUNICODE_STRING,
628 RelativeId: ULONG,
629 NewPassword: PUNICODE_STRING,
630 ) -> NTSTATUS}
631 FN!{stdcall PSAM_INIT_NOTIFICATION_ROUTINE() -> BOOLEAN}
632 FN!{stdcall PSAM_PASSWORD_FILTER_ROUTINE(
633 AccountName: PUNICODE_STRING,
634 FullName: PUNICODE_STRING,
635 Password: PUNICODE_STRING,
636 SetOperation: BOOLEAN,
637 ) -> BOOLEAN}
638 ENUM!{enum MSV1_0_LOGON_SUBMIT_TYPE {
639 MsV1_0InteractiveLogon = 2,
640 MsV1_0Lm20Logon,
641 MsV1_0NetworkLogon,
642 MsV1_0SubAuthLogon,
643 MsV1_0WorkstationUnlockLogon = 7,
644 MsV1_0S4ULogon = 12,
645 MsV1_0VirtualLogon = 82,
646 MsV1_0NoElevationLogon = 83,
647 MsV1_0LuidLogon = 84,
648 }}
649 pub type PMSV1_0_LOGON_SUBMIT_TYPE = *mut MSV1_0_LOGON_SUBMIT_TYPE;
650 ENUM!{enum MSV1_0_PROFILE_BUFFER_TYPE {
651 MsV1_0InteractiveProfile = 2,
652 MsV1_0Lm20LogonProfile,
653 MsV1_0SmartCardProfile,
654 }}
655 pub type PMSV1_0_PROFILE_BUFFER_TYPE = *mut MSV1_0_PROFILE_BUFFER_TYPE;
656 STRUCT!{struct MSV1_0_INTERACTIVE_LOGON {
657 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
658 LogonDomainName: UNICODE_STRING,
659 UserName: UNICODE_STRING,
660 Password: UNICODE_STRING,
661 }}
662 pub type PMSV1_0_INTERACTIVE_LOGON = *mut MSV1_0_INTERACTIVE_LOGON;
663 STRUCT!{struct MSV1_0_INTERACTIVE_PROFILE {
664 MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
665 LogonCount: USHORT,
666 BadPasswordCount: USHORT,
667 LogonTime: LARGE_INTEGER,
668 LogoffTime: LARGE_INTEGER,
669 KickOffTime: LARGE_INTEGER,
670 PasswordLastSet: LARGE_INTEGER,
671 PasswordCanChange: LARGE_INTEGER,
672 PasswordMustChange: LARGE_INTEGER,
673 LogonScript: UNICODE_STRING,
674 HomeDirectory: UNICODE_STRING,
675 FullName: UNICODE_STRING,
676 ProfilePath: UNICODE_STRING,
677 HomeDirectoryDrive: UNICODE_STRING,
678 LogonServer: UNICODE_STRING,
679 UserFlags: ULONG,
680 }}
681 pub type PMSV1_0_INTERACTIVE_PROFILE = *mut MSV1_0_INTERACTIVE_PROFILE;
682 pub const MSV1_0_CHALLENGE_LENGTH: usize = 8;
683 pub const MSV1_0_USER_SESSION_KEY_LENGTH: usize = 16;
684 pub const MSV1_0_LANMAN_SESSION_KEY_LENGTH: usize = 8;
685 pub const MSV1_0_CLEARTEXT_PASSWORD_ALLOWED: ULONG = 0x02;
686 pub const MSV1_0_UPDATE_LOGON_STATISTICS: ULONG = 0x04;
687 pub const MSV1_0_RETURN_USER_PARAMETERS: ULONG = 0x08;
688 pub const MSV1_0_DONT_TRY_GUEST_ACCOUNT: ULONG = 0x10;
689 pub const MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT: ULONG = 0x20;
690 pub const MSV1_0_RETURN_PASSWORD_EXPIRY: ULONG = 0x40;
691 pub const MSV1_0_USE_CLIENT_CHALLENGE: ULONG = 0x80;
692 pub const MSV1_0_TRY_GUEST_ACCOUNT_ONLY: ULONG = 0x100;
693 pub const MSV1_0_RETURN_PROFILE_PATH: ULONG = 0x200;
694 pub const MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY: ULONG = 0x400;
695 pub const MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT: ULONG = 0x800;
696 pub const MSV1_0_DISABLE_PERSONAL_FALLBACK: ULONG = 0x00001000;
697 pub const MSV1_0_ALLOW_FORCE_GUEST: ULONG = 0x00002000;
698 pub const MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED: ULONG = 0x00004000;
699 pub const MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY: ULONG = 0x00008000;
700 pub const MSV1_0_SUBAUTHENTICATION_DLL_EX: ULONG = 0x00100000;
701 pub const MSV1_0_ALLOW_MSVCHAPV2: ULONG = 0x00010000;
702 pub const MSV1_0_S4U2SELF: ULONG = 0x00020000;
703 pub const MSV1_0_CHECK_LOGONHOURS_FOR_S4U: ULONG = 0x00040000;
704 pub const MSV1_0_INTERNET_DOMAIN: ULONG = 0x00080000;
705 pub const MSV1_0_SUBAUTHENTICATION_DLL: ULONG = 0xFF000000;
706 pub const MSV1_0_SUBAUTHENTICATION_DLL_SHIFT: ULONG = 24;
707 pub const MSV1_0_MNS_LOGON: ULONG = 0x01000000;
708 pub const MSV1_0_SUBAUTHENTICATION_DLL_RAS: ULONG = 2;
709 pub const MSV1_0_SUBAUTHENTICATION_DLL_IIS: ULONG = 132;
710 STRUCT!{struct MSV1_0_LM20_LOGON {
711 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
712 LogonDomainName: UNICODE_STRING,
713 UserName: UNICODE_STRING,
714 Workstation: UNICODE_STRING,
715 ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
716 CaseSensitiveChallengeResponse: STRING,
717 CaseInsensitiveChallengeResponse: STRING,
718 ParameterControl: ULONG,
719 }}
720 pub type PMSV1_0_LM20_LOGON = *mut MSV1_0_LM20_LOGON;
721 STRUCT!{struct MSV1_0_SUBAUTH_LOGON {
722 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
723 LogonDomainName: UNICODE_STRING,
724 UserName: UNICODE_STRING,
725 Workstation: UNICODE_STRING,
726 ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
727 AuthenticationInfo1: STRING,
728 AuthenticationInfo2: STRING,
729 ParameterControl: ULONG,
730 SubAuthPackageId: ULONG,
731 }}
732 pub type PMSV1_0_SUBAUTH_LOGON = *mut MSV1_0_SUBAUTH_LOGON;
733 STRUCT!{struct MSV1_0_S4U_LOGON {
734 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
735 MSV1_0_LOGON_SUBMIT_TYPE: ULONG,
736 UserPrincipalName: UNICODE_STRING,
737 DomainName: UNICODE_STRING,
738 }}
739 pub type PMSV1_0_S4U_LOGON = *mut MSV1_0_S4U_LOGON;
740 pub const LOGON_GUEST: ULONG = 0x01;
741 pub const LOGON_NOENCRYPTION: ULONG = 0x02;
742 pub const LOGON_CACHED_ACCOUNT: ULONG = 0x04;
743 pub const LOGON_USED_LM_PASSWORD: ULONG = 0x08;
744 pub const LOGON_EXTRA_SIDS: ULONG = 0x20;
745 pub const LOGON_SUBAUTH_SESSION_KEY: ULONG = 0x40;
746 pub const LOGON_SERVER_TRUST_ACCOUNT: ULONG = 0x80;
747 pub const LOGON_NTLMV2_ENABLED: ULONG = 0x100;
748 pub const LOGON_RESOURCE_GROUPS: ULONG = 0x200;
749 pub const LOGON_PROFILE_PATH_RETURNED: ULONG = 0x400;
750 pub const LOGON_NT_V2: ULONG = 0x800;
751 pub const LOGON_LM_V2: ULONG = 0x1000;
752 pub const LOGON_NTLM_V2: ULONG = 0x2000;
753 pub const LOGON_OPTIMIZED: ULONG = 0x4000;
754 pub const LOGON_WINLOGON: ULONG = 0x8000;
755 pub const LOGON_PKINIT: ULONG = 0x10000;
756 pub const LOGON_NO_OPTIMIZED: ULONG = 0x20000;
757 pub const LOGON_NO_ELEVATION: ULONG = 0x40000;
758 pub const LOGON_MANAGED_SERVICE: ULONG = 0x80000;
759 pub const LOGON_GRACE_LOGON: ULONG = 0x01000000;
760 STRUCT!{struct MSV1_0_LM20_LOGON_PROFILE {
761 MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
762 KickOffTime: LARGE_INTEGER,
763 LogoffTime: LARGE_INTEGER,
764 UserFlags: ULONG,
765 UserSessionKey: [UCHAR; MSV1_0_USER_SESSION_KEY_LENGTH],
766 LogonDomainName: UNICODE_STRING,
767 LanmanSessionKey: [UCHAR; MSV1_0_LANMAN_SESSION_KEY_LENGTH],
768 LogonServer: UNICODE_STRING,
769 UserParameters: UNICODE_STRING,
770 }}
771 pub type PMSV1_0_LM20_LOGON_PROFILE = *mut MSV1_0_LM20_LOGON_PROFILE;
772 pub const MSV1_0_OWF_PASSWORD_LENGTH: usize = 16;
773 STRUCT!{struct MSV1_0_SUPPLEMENTAL_CREDENTIAL {
774 Version: ULONG,
775 Flags: ULONG,
776 LmPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
777 NtPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
778 }}
779 pub type PMSV1_0_SUPPLEMENTAL_CREDENTIAL = *mut MSV1_0_SUPPLEMENTAL_CREDENTIAL;
780 pub const MSV1_0_NTLM3_RESPONSE_LENGTH: usize = 16;
781 pub const MSV1_0_NTLM3_OWF_LENGTH: usize = 16;
782 STRUCT!{struct MSV1_0_NTLM3_RESPONSE {
783 Response: [UCHAR; MSV1_0_NTLM3_RESPONSE_LENGTH],
784 RespType: UCHAR,
785 HiRespType: UCHAR,
786 Flags: USHORT,
787 MsgWord: ULONG,
788 TimeStamp: ULONGLONG,
789 ChallengeFromClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
790 AvPairsOff: ULONG,
791 Buffer: [UCHAR; 1],
792 }}
793 pub type PMSV1_0_NTLM3_RESPONSE = *mut MSV1_0_NTLM3_RESPONSE;
794 ENUM!{enum MSV1_0_AVID {
795 MsvAvEOL,
796 MsvAvNbComputerName,
797 MsvAvNbDomainName,
798 MsvAvDnsComputerName,
799 MsvAvDnsDomainName,
800 MsvAvDnsTreeName,
801 MsvAvFlags,
802 MsvAvTimestamp,
803 MsvAvRestrictions,
804 MsvAvTargetName,
805 MsvAvChannelBindings,
806 }}
807 STRUCT!{struct MSV1_0_AV_PAIR {
808 AvId: USHORT,
809 AvLen: USHORT,
810 }}
811 pub type PMSV1_0_AV_PAIR = *mut MSV1_0_AV_PAIR;
812 ENUM!{enum MSV1_0_PROTOCOL_MESSAGE_TYPE {
813 MsV1_0Lm20ChallengeRequest = 0,
814 MsV1_0Lm20GetChallengeResponse,
815 MsV1_0EnumerateUsers,
816 MsV1_0GetUserInfo,
817 MsV1_0ReLogonUsers,
818 MsV1_0ChangePassword,
819 MsV1_0ChangeCachedPassword,
820 MsV1_0GenericPassthrough,
821 MsV1_0CacheLogon,
822 MsV1_0SubAuth,
823 MsV1_0DeriveCredential,
824 MsV1_0CacheLookup,
825 MsV1_0SetProcessOption,
826 MsV1_0ConfigLocalAliases,
827 MsV1_0ClearCachedCredentials,
828 MsV1_0LookupToken,
829 MsV1_0ValidateAuth,
830 MsV1_0CacheLookupEx,
831 MsV1_0GetCredentialKey,
832 MsV1_0SetThreadOption,
833 }}
834 pub type PMSV1_0_PROTOCOL_MESSAGE_TYPE = *mut MSV1_0_PROTOCOL_MESSAGE_TYPE;
835 STRUCT!{struct MSV1_0_CHANGEPASSWORD_REQUEST {
836 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
837 DomainName: UNICODE_STRING,
838 AccountName: UNICODE_STRING,
839 OldPassword: UNICODE_STRING,
840 NewPassword: UNICODE_STRING,
841 Impersonating: BOOLEAN,
842 }}
843 pub type PMSV1_0_CHANGEPASSWORD_REQUEST = *mut MSV1_0_CHANGEPASSWORD_REQUEST;
844 STRUCT!{struct MSV1_0_CHANGEPASSWORD_RESPONSE {
845 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
846 PasswordInfoValid: BOOLEAN,
847 DomainPasswordInfo: DOMAIN_PASSWORD_INFORMATION,
848 }}
849 pub type PMSV1_0_CHANGEPASSWORD_RESPONSE = *mut MSV1_0_CHANGEPASSWORD_RESPONSE;
850 STRUCT!{struct MSV1_0_PASSTHROUGH_REQUEST {
851 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
852 DomainName: UNICODE_STRING,
853 PackageName: UNICODE_STRING,
854 DataLength: ULONG,
855 LogonData: PUCHAR,
856 Pad: ULONG,
857 }}
858 pub type PMSV1_0_PASSTHROUGH_REQUEST = *mut MSV1_0_PASSTHROUGH_REQUEST;
859 STRUCT!{struct MSV1_0_PASSTHROUGH_RESPONSE {
860 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
861 Pad: ULONG,
862 DataLength: ULONG,
863 ValidationData: PUCHAR,
864 }}
865 pub type PMSV1_0_PASSTHROUGH_RESPONSE = *mut MSV1_0_PASSTHROUGH_RESPONSE;
866 STRUCT!{struct MSV1_0_SUBAUTH_REQUEST {
867 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
868 SubAuthPackageId: ULONG,
869 SubAuthInfoLength: ULONG,
870 SubAuthSubmitBuffer: PUCHAR,
871 }}
872 pub type PMSV1_0_SUBAUTH_REQUEST = *mut MSV1_0_SUBAUTH_REQUEST;
873 STRUCT!{struct MSV1_0_SUBAUTH_RESPONSE {
874 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
875 SubAuthInfoLength: ULONG,
876 SubAuthReturnBuffer: PUCHAR,
877 }}
878 pub type PMSV1_0_SUBAUTH_RESPONSE = *mut MSV1_0_SUBAUTH_RESPONSE;
879 pub use self::SystemFunction036 as RtlGenRandom;
880 pub use self::SystemFunction040 as RtlEncryptMemory;
881 pub use self::SystemFunction041 as RtlDecryptMemory;
882 extern "system" {
883 pub fn SystemFunction036(
884 RandomBuffer: PVOID,
885 RandomBufferLength: ULONG,
886 ) -> BOOLEAN;
887 }
888 pub const RTL_ENCRYPT_MEMORY_SIZE: ULONG = 8;
889 pub const RTL_ENCRYPT_OPTION_CROSS_PROCESS: ULONG = 0x01;
890 pub const RTL_ENCRYPT_OPTION_SAME_LOGON: ULONG = 0x02;
891 extern "system" {
892 pub fn SystemFunction040(
893 Memory: PVOID,
894 MemorySize: ULONG,
895 OptionFlags: ULONG,
896 ) -> NTSTATUS;
897 pub fn SystemFunction041(
898 Memory: PVOID,
899 MemorySize: ULONG,
900 OptionFlags: ULONG,
901 ) -> NTSTATUS;
902 }
903 pub const KERBEROS_VERSION: ULONG = 5;
904 pub const KERBEROS_REVISION: ULONG = 6;
905 pub const KERB_ETYPE_NULL: LONG = 0;
906 pub const KERB_ETYPE_DES_CBC_CRC: LONG = 1;
907 pub const KERB_ETYPE_DES_CBC_MD4: LONG = 2;
908 pub const KERB_ETYPE_DES_CBC_MD5: LONG = 3;
909 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96: LONG = 17;
910 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96: LONG = 18;
911 pub const KERB_ETYPE_RC4_MD4: LONG = -128;
912 pub const KERB_ETYPE_RC4_PLAIN2: LONG = -129;
913 pub const KERB_ETYPE_RC4_LM: LONG = -130;
914 pub const KERB_ETYPE_RC4_SHA: LONG = -131;
915 pub const KERB_ETYPE_DES_PLAIN: LONG = -132;
916 pub const KERB_ETYPE_RC4_HMAC_OLD: LONG = -133;
917 pub const KERB_ETYPE_RC4_PLAIN_OLD: LONG = -134;
918 pub const KERB_ETYPE_RC4_HMAC_OLD_EXP: LONG = -135;
919 pub const KERB_ETYPE_RC4_PLAIN_OLD_EXP: LONG = -136;
920 pub const KERB_ETYPE_RC4_PLAIN: LONG = -140;
921 pub const KERB_ETYPE_RC4_PLAIN_EXP: LONG = -141;
922 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN: LONG = -148;
923 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN: LONG = -149;
924 pub const KERB_ETYPE_DSA_SHA1_CMS: LONG = 9;
925 pub const KERB_ETYPE_RSA_MD5_CMS: LONG = 10;
926 pub const KERB_ETYPE_RSA_SHA1_CMS: LONG = 11;
927 pub const KERB_ETYPE_RC2_CBC_ENV: LONG = 12;
928 pub const KERB_ETYPE_RSA_ENV: LONG = 13;
929 pub const KERB_ETYPE_RSA_ES_OEAP_ENV: LONG = 14;
930 pub const KERB_ETYPE_DES_EDE3_CBC_ENV: LONG = 15;
931 pub const KERB_ETYPE_DSA_SIGN: LONG = 8;
932 pub const KERB_ETYPE_RSA_PRIV: LONG = 9;
933 pub const KERB_ETYPE_RSA_PUB: LONG = 10;
934 pub const KERB_ETYPE_RSA_PUB_MD5: LONG = 11;
935 pub const KERB_ETYPE_RSA_PUB_SHA1: LONG = 12;
936 pub const KERB_ETYPE_PKCS7_PUB: LONG = 13;
937 pub const KERB_ETYPE_DES3_CBC_MD5: LONG = 5;
938 pub const KERB_ETYPE_DES3_CBC_SHA1: LONG = 7;
939 pub const KERB_ETYPE_DES3_CBC_SHA1_KD: LONG = 16;
940 pub const KERB_ETYPE_DES_CBC_MD5_NT: LONG = 20;
941 pub const KERB_ETYPE_RC4_HMAC_NT: LONG = 23;
942 pub const KERB_ETYPE_RC4_HMAC_NT_EXP: LONG = 24;
943 pub const KERB_CHECKSUM_NONE: LONG = 0;
944 pub const KERB_CHECKSUM_CRC32: LONG = 1;
945 pub const KERB_CHECKSUM_MD4: LONG = 2;
946 pub const KERB_CHECKSUM_KRB_DES_MAC: LONG = 4;
947 pub const KERB_CHECKSUM_KRB_DES_MAC_K: LONG = 5;
948 pub const KERB_CHECKSUM_MD5: LONG = 7;
949 pub const KERB_CHECKSUM_MD5_DES: LONG = 8;
950 pub const KERB_CHECKSUM_SHA1_NEW: LONG = 14;
951 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128: LONG = 15;
952 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256: LONG = 16;
953 pub const KERB_CHECKSUM_LM: LONG = -130;
954 pub const KERB_CHECKSUM_SHA1: LONG = -131;
955 pub const KERB_CHECKSUM_REAL_CRC32: LONG = -132;
956 pub const KERB_CHECKSUM_DES_MAC: LONG = -133;
957 pub const KERB_CHECKSUM_DES_MAC_MD5: LONG = -134;
958 pub const KERB_CHECKSUM_MD25: LONG = -135;
959 pub const KERB_CHECKSUM_RC4_MD5: LONG = -136;
960 pub const KERB_CHECKSUM_MD5_HMAC: LONG = -137;
961 pub const KERB_CHECKSUM_HMAC_MD5: LONG = -138;
962 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki: LONG = -150;
963 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki: LONG = -151;
964 pub const KERB_TICKET_FLAGS_reserved: ULONG = 0x80000000;
965 pub const KERB_TICKET_FLAGS_forwardable: ULONG = 0x40000000;
966 pub const KERB_TICKET_FLAGS_forwarded: ULONG = 0x20000000;
967 pub const KERB_TICKET_FLAGS_proxiable: ULONG = 0x10000000;
968 pub const KERB_TICKET_FLAGS_proxy: ULONG = 0x08000000;
969 pub const KERB_TICKET_FLAGS_may_postdate: ULONG = 0x04000000;
970 pub const KERB_TICKET_FLAGS_postdated: ULONG = 0x02000000;
971 pub const KERB_TICKET_FLAGS_invalid: ULONG = 0x01000000;
972 pub const KERB_TICKET_FLAGS_renewable: ULONG = 0x00800000;
973 pub const KERB_TICKET_FLAGS_initial: ULONG = 0x00400000;
974 pub const KERB_TICKET_FLAGS_pre_authent: ULONG = 0x00200000;
975 pub const KERB_TICKET_FLAGS_hw_authent: ULONG = 0x00100000;
976 pub const KERB_TICKET_FLAGS_ok_as_delegate: ULONG = 0x00040000;
977 pub const KERB_TICKET_FLAGS_name_canonicalize: ULONG = 0x00010000;
978 pub const KERB_TICKET_FLAGS_cname_in_pa_data: ULONG = 0x00040000;
979 pub const KERB_TICKET_FLAGS_enc_pa_rep: ULONG = 0x00010000;
980 pub const KERB_TICKET_FLAGS_reserved1: ULONG = 0x00000001;
981 pub const KRB_NT_UNKNOWN: LONG = 0;
982 pub const KRB_NT_PRINCIPAL: LONG = 1;
983 pub const KRB_NT_PRINCIPAL_AND_ID: LONG = -131;
984 pub const KRB_NT_SRV_INST: LONG = 2;
985 pub const KRB_NT_SRV_INST_AND_ID: LONG = -132;
986 pub const KRB_NT_SRV_HST: LONG = 3;
987 pub const KRB_NT_SRV_XHST: LONG = 4;
988 pub const KRB_NT_UID: LONG = 5;
989 pub const KRB_NT_ENTERPRISE_PRINCIPAL: LONG = 10;
990 pub const KRB_NT_WELLKNOWN: LONG = 11;
991 pub const KRB_NT_ENT_PRINCIPAL_AND_ID: LONG = -130;
992 pub const KRB_NT_MS_PRINCIPAL: LONG = -128;
993 pub const KRB_NT_MS_PRINCIPAL_AND_ID: LONG = -129;
994 pub const KRB_NT_MS_BRANCH_ID: LONG = -133;
995 pub const KRB_NT_X500_PRINCIPAL: LONG = 6;
996 pub const KERB_WRAP_NO_ENCRYPT: ULONG = 0x80000001;
997 ENUM!{enum KERB_LOGON_SUBMIT_TYPE {
998 KerbInteractiveLogon = 2,
999 KerbSmartCardLogon = 6,
1000 KerbWorkstationUnlockLogon = 7,
1001 KerbSmartCardUnlockLogon = 8,
1002 KerbProxyLogon = 9,
1003 KerbTicketLogon = 10,
1004 KerbTicketUnlockLogon = 11,
1005 KerbS4ULogon = 12,
1006 KerbCertificateLogon = 13,
1007 KerbCertificateS4ULogon = 14,
1008 KerbCertificateUnlockLogon = 15,
1009 KerbNoElevationLogon = 83,
1010 KerbLuidLogon = 84,
1011 }}
1012 pub type PKERB_LOGON_SUBMIT_TYPE = *mut KERB_LOGON_SUBMIT_TYPE;
1013 STRUCT!{struct KERB_INTERACTIVE_LOGON {
1014 MessageType: KERB_LOGON_SUBMIT_TYPE,
1015 LogonDomainName: UNICODE_STRING,
1016 UserName: UNICODE_STRING,
1017 Password: UNICODE_STRING,
1018 }}
1019 pub type PKERB_INTERACTIVE_LOGON = *mut KERB_INTERACTIVE_LOGON;
1020 STRUCT!{struct KERB_INTERACTIVE_UNLOCK_LOGON {
1021 Logon: KERB_INTERACTIVE_LOGON,
1022 LogonId: LUID,
1023 }}
1024 pub type PKERB_INTERACTIVE_UNLOCK_LOGON = *mut KERB_INTERACTIVE_UNLOCK_LOGON;
1025 STRUCT!{struct KERB_SMART_CARD_LOGON {
1026 MessageType: KERB_LOGON_SUBMIT_TYPE,
1027 Pin: UNICODE_STRING,
1028 CspDataLength: ULONG,
1029 CspData: PUCHAR,
1030 }}
1031 pub type PKERB_SMART_CARD_LOGON = *mut KERB_SMART_CARD_LOGON;
1032 STRUCT!{struct KERB_SMART_CARD_UNLOCK_LOGON {
1033 Logon: KERB_SMART_CARD_LOGON,
1034 LogonId: LUID,
1035 }}
1036 pub type PKERB_SMART_CARD_UNLOCK_LOGON = *mut KERB_SMART_CARD_UNLOCK_LOGON;
1037 pub const KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1;
1038 pub const KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO: ULONG = 0x2;
1039 STRUCT!{struct KERB_CERTIFICATE_LOGON {
1040 MessageType: KERB_LOGON_SUBMIT_TYPE,
1041 DomainName: UNICODE_STRING,
1042 UserName: UNICODE_STRING,
1043 Pin: UNICODE_STRING,
1044 Flags: ULONG,
1045 CspDataLength: ULONG,
1046 CspData: PUCHAR,
1047 }}
1048 pub type PKERB_CERTIFICATE_LOGON = *mut KERB_CERTIFICATE_LOGON;
1049 STRUCT!{struct KERB_CERTIFICATE_UNLOCK_LOGON {
1050 Logon: KERB_CERTIFICATE_LOGON,
1051 LogonId: LUID,
1052 }}
1053 pub type PKERB_CERTIFICATE_UNLOCK_LOGON = *mut KERB_CERTIFICATE_UNLOCK_LOGON;
1054 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1;
1055 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2;
1056 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED: ULONG = 0x4;
1057 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8;
1058 STRUCT!{struct KERB_CERTIFICATE_S4U_LOGON {
1059 MessageType: KERB_LOGON_SUBMIT_TYPE,
1060 Flags: ULONG,
1061 UserPrincipalName: UNICODE_STRING,
1062 DomainName: UNICODE_STRING,
1063 CertificateLength: ULONG,
1064 Certificate: PUCHAR,
1065 }}
1066 pub type PKERB_CERTIFICATE_S4U_LOGON = *mut KERB_CERTIFICATE_S4U_LOGON;
1067 STRUCT!{struct KERB_TICKET_LOGON {
1068 MessageType: KERB_LOGON_SUBMIT_TYPE,
1069 Flags: ULONG,
1070 ServiceTicketLength: ULONG,
1071 TicketGrantingTicketLength: ULONG,
1072 ServiceTicket: PUCHAR,
1073 TicketGrantingTicket: PUCHAR,
1074 }}
1075 pub type PKERB_TICKET_LOGON = *mut KERB_TICKET_LOGON;
1076 STRUCT!{struct KERB_TICKET_UNLOCK_LOGON {
1077 Logon: KERB_TICKET_LOGON,
1078 LogonId: LUID,
1079 }}
1080 pub type PKERB_TICKET_UNLOCK_LOGON = *mut KERB_TICKET_UNLOCK_LOGON;
1081 pub const KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2;
1082 pub const KERB_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8;
1083 STRUCT!{struct KERB_S4U_LOGON {
1084 MessageType: KERB_LOGON_SUBMIT_TYPE,
1085 Flags: ULONG,
1086 ClientUpn: UNICODE_STRING,
1087 ClientRealm: UNICODE_STRING,
1088 }}
1089 pub type PKERB_S4U_LOGON = *mut KERB_S4U_LOGON;
1090 ENUM!{enum KERB_PROFILE_BUFFER_TYPE {
1091 KerbInteractiveProfile = 2,
1092 KerbSmartCardProfile = 4,
1093 KerbTicketProfile = 6,
1094 }}
1095 pub type PKERB_PROFILE_BUFFER_TYPE = *mut KERB_PROFILE_BUFFER_TYPE;
1096 STRUCT!{struct KERB_INTERACTIVE_PROFILE {
1097 MessageType: KERB_PROFILE_BUFFER_TYPE,
1098 LogonCount: USHORT,
1099 BadPasswordCount: USHORT,
1100 LogonTime: LARGE_INTEGER,
1101 LogoffTime: LARGE_INTEGER,
1102 KickOffTime: LARGE_INTEGER,
1103 PasswordLastSet: LARGE_INTEGER,
1104 PasswordCanChange: LARGE_INTEGER,
1105 PasswordMustChange: LARGE_INTEGER,
1106 LogonScript: UNICODE_STRING,
1107 HomeDirectory: UNICODE_STRING,
1108 FullName: UNICODE_STRING,
1109 ProfilePath: UNICODE_STRING,
1110 HomeDirectoryDrive: UNICODE_STRING,
1111 LogonServer: UNICODE_STRING,
1112 UserFlags: ULONG,
1113 }}
1114 pub type PKERB_INTERACTIVE_PROFILE = *mut KERB_INTERACTIVE_PROFILE;
1115 STRUCT!{struct KERB_SMART_CARD_PROFILE {
1116 Profile: KERB_INTERACTIVE_PROFILE,
1117 CertificateSize: ULONG,
1118 CertificateData: PUCHAR,
1119 }}
1120 pub type PKERB_SMART_CARD_PROFILE = *mut KERB_SMART_CARD_PROFILE;
1121 STRUCT!{struct KERB_CRYPTO_KEY {
1122 KeyType: LONG,
1123 Length: ULONG,
1124 Value: PUCHAR,
1125 }}
1126 pub type PKERB_CRYPTO_KEY = *mut KERB_CRYPTO_KEY;
1127 STRUCT!{struct KERB_CRYPTO_KEY32 {
1128 KeyType: LONG,
1129 Length: ULONG,
1130 Offset: ULONG,
1131 }}
1132 pub type PKERB_CRYPTO_KEY32 = *mut KERB_CRYPTO_KEY32;
1133 STRUCT!{struct KERB_TICKET_PROFILE {
1134 Profile: KERB_INTERACTIVE_PROFILE,
1135 SessionKey: KERB_CRYPTO_KEY,
1136 }}
1137 pub type PKERB_TICKET_PROFILE = *mut KERB_TICKET_PROFILE;
1138 ENUM!{enum KERB_PROTOCOL_MESSAGE_TYPE {
1139 KerbDebugRequestMessage = 0,
1140 KerbQueryTicketCacheMessage,
1141 KerbChangeMachinePasswordMessage,
1142 KerbVerifyPacMessage,
1143 KerbRetrieveTicketMessage,
1144 KerbUpdateAddressesMessage,
1145 KerbPurgeTicketCacheMessage,
1146 KerbChangePasswordMessage,
1147 KerbRetrieveEncodedTicketMessage,
1148 KerbDecryptDataMessage,
1149 KerbAddBindingCacheEntryMessage,
1150 KerbSetPasswordMessage,
1151 KerbSetPasswordExMessage,
1152 KerbVerifyCredentialsMessage,
1153 KerbQueryTicketCacheExMessage,
1154 KerbPurgeTicketCacheExMessage,
1155 KerbRefreshSmartcardCredentialsMessage,
1156 KerbAddExtraCredentialsMessage,
1157 KerbQuerySupplementalCredentialsMessage,
1158 KerbTransferCredentialsMessage,
1159 KerbQueryTicketCacheEx2Message,
1160 KerbSubmitTicketMessage,
1161 KerbAddExtraCredentialsExMessage,
1162 KerbQueryKdcProxyCacheMessage,
1163 KerbPurgeKdcProxyCacheMessage,
1164 KerbQueryTicketCacheEx3Message,
1165 KerbCleanupMachinePkinitCredsMessage,
1166 KerbAddBindingCacheEntryExMessage,
1167 KerbQueryBindingCacheMessage,
1168 KerbPurgeBindingCacheMessage,
1169 KerbPinKdcMessage,
1170 KerbUnpinAllKdcsMessage,
1171 KerbQueryDomainExtendedPoliciesMessage,
1172 KerbQueryS4U2ProxyCacheMessage,
1173 }}
1174 pub type PKERB_PROTOCOL_MESSAGE_TYPE = *mut KERB_PROTOCOL_MESSAGE_TYPE;
1175 STRUCT!{struct KERB_QUERY_TKT_CACHE_REQUEST {
1176 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1177 LogonId: LUID,
1178 }}
1179 pub type PKERB_QUERY_TKT_CACHE_REQUEST = *mut KERB_QUERY_TKT_CACHE_REQUEST;
1180 STRUCT!{struct KERB_TICKET_CACHE_INFO {
1181 ServerName: UNICODE_STRING,
1182 RealmName: UNICODE_STRING,
1183 StartTime: LARGE_INTEGER,
1184 EndTime: LARGE_INTEGER,
1185 RenewTime: LARGE_INTEGER,
1186 EncryptionType: LONG,
1187 TicketFlags: ULONG,
1188 }}
1189 pub type PKERB_TICKET_CACHE_INFO = *mut KERB_TICKET_CACHE_INFO;
1190 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX {
1191 ClientName: UNICODE_STRING,
1192 ClientRealm: UNICODE_STRING,
1193 ServerName: UNICODE_STRING,
1194 ServerRealm: UNICODE_STRING,
1195 StartTime: LARGE_INTEGER,
1196 EndTime: LARGE_INTEGER,
1197 RenewTime: LARGE_INTEGER,
1198 EncryptionType: LONG,
1199 TicketFlags: ULONG,
1200 }}
1201 pub type PKERB_TICKET_CACHE_INFO_EX = *mut KERB_TICKET_CACHE_INFO_EX;
1202 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX2 {
1203 ClientName: UNICODE_STRING,
1204 ClientRealm: UNICODE_STRING,
1205 ServerName: UNICODE_STRING,
1206 ServerRealm: UNICODE_STRING,
1207 StartTime: LARGE_INTEGER,
1208 EndTime: LARGE_INTEGER,
1209 RenewTime: LARGE_INTEGER,
1210 EncryptionType: LONG,
1211 TicketFlags: ULONG,
1212 SessionKeyType: ULONG,
1213 BranchId: ULONG,
1214 }}
1215 pub type PKERB_TICKET_CACHE_INFO_EX2 = *mut KERB_TICKET_CACHE_INFO_EX2;
1216 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX3 {
1217 ClientName: UNICODE_STRING,
1218 ClientRealm: UNICODE_STRING,
1219 ServerName: UNICODE_STRING,
1220 ServerRealm: UNICODE_STRING,
1221 StartTime: LARGE_INTEGER,
1222 EndTime: LARGE_INTEGER,
1223 RenewTime: LARGE_INTEGER,
1224 EncryptionType: LONG,
1225 TicketFlags: ULONG,
1226 SessionKeyType: ULONG,
1227 BranchId: ULONG,
1228 CacheFlags: ULONG,
1229 KdcCalled: UNICODE_STRING,
1230 }}
1231 pub type PKERB_TICKET_CACHE_INFO_EX3 = *mut KERB_TICKET_CACHE_INFO_EX3;
1232 STRUCT!{struct KERB_QUERY_TKT_CACHE_RESPONSE {
1233 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1234 CountOfTickets: ULONG,
1235 Tickets: [KERB_TICKET_CACHE_INFO; ANYSIZE_ARRAY],
1236 }}
1237 pub type PKERB_QUERY_TKT_CACHE_RESPONSE = *mut KERB_QUERY_TKT_CACHE_RESPONSE;
1238 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX_RESPONSE {
1239 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1240 CountOfTickets: ULONG,
1241 Tickets: [KERB_TICKET_CACHE_INFO_EX; ANYSIZE_ARRAY],
1242 }}
1243 pub type PKERB_QUERY_TKT_CACHE_EX_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX_RESPONSE;
1244 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX2_RESPONSE {
1245 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1246 CountOfTickets: ULONG,
1247 Tickets: [KERB_TICKET_CACHE_INFO_EX2; ANYSIZE_ARRAY],
1248 }}
1249 pub type PKERB_QUERY_TKT_CACHE_EX2_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX2_RESPONSE;
1250 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX3_RESPONSE {
1251 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1252 CountOfTickets: ULONG,
1253 Tickets: [KERB_TICKET_CACHE_INFO_EX3; ANYSIZE_ARRAY],
1254 }}
1255 pub type PKERB_QUERY_TKT_CACHE_EX3_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX3_RESPONSE;
1256 pub const KERB_USE_DEFAULT_TICKET_FLAGS: ULONG = 0x0;
1257 pub const KERB_RETRIEVE_TICKET_DEFAULT: ULONG = 0x0;
1258 pub const KERB_RETRIEVE_TICKET_DONT_USE_CACHE: ULONG = 0x1;
1259 pub const KERB_RETRIEVE_TICKET_USE_CACHE_ONLY: ULONG = 0x2;
1260 pub const KERB_RETRIEVE_TICKET_USE_CREDHANDLE: ULONG = 0x4;
1261 pub const KERB_RETRIEVE_TICKET_AS_KERB_CRED: ULONG = 0x8;
1262 pub const KERB_RETRIEVE_TICKET_WITH_SEC_CRED: ULONG = 0x10;
1263 pub const KERB_RETRIEVE_TICKET_CACHE_TICKET: ULONG = 0x20;
1264 pub const KERB_RETRIEVE_TICKET_MAX_LIFETIME: ULONG = 0x40;
1265 STRUCT!{struct KERB_AUTH_DATA {
1266 Type: ULONG,
1267 Length: ULONG,
1268 Data: PUCHAR,
1269 }}
1270 pub type PKERB_AUTH_DATA = *mut KERB_AUTH_DATA;
1271 STRUCT!{struct KERB_NET_ADDRESS {
1272 Family: ULONG,
1273 Length: ULONG,
1274 Address: PUCHAR,
1275 }}
1276 pub type PKERB_NET_ADDRESS = *mut KERB_NET_ADDRESS;
1277 STRUCT!{struct KERB_NET_ADDRESSES {
1278 Number: ULONG,
1279 Addresses: [KERB_NET_ADDRESS; ANYSIZE_ARRAY],
1280 }}
1281 pub type PKERB_NET_ADDRESSES = *mut KERB_NET_ADDRESSES;
1282 STRUCT!{struct KERB_EXTERNAL_NAME {
1283 NameType: SHORT,
1284 NameCount: USHORT,
1285 Names: [UNICODE_STRING; ANYSIZE_ARRAY],
1286 }}
1287 pub type PKERB_EXTERNAL_NAME = *mut KERB_EXTERNAL_NAME;
1288 STRUCT!{struct KERB_EXTERNAL_TICKET {
1289 ServiceName: PKERB_EXTERNAL_NAME,
1290 TargetName: PKERB_EXTERNAL_NAME,
1291 ClientName: PKERB_EXTERNAL_NAME,
1292 DomainName: UNICODE_STRING,
1293 TargetDomainName: UNICODE_STRING,
1294 AltTargetDomainName: UNICODE_STRING,
1295 SessionKey: KERB_CRYPTO_KEY,
1296 TicketFlags: ULONG,
1297 Flags: ULONG,
1298 KeyExpirationTime: LARGE_INTEGER,
1299 StartTime: LARGE_INTEGER,
1300 EndTime: LARGE_INTEGER,
1301 RenewUntil: LARGE_INTEGER,
1302 TimeSkew: LARGE_INTEGER,
1303 EncodedTicketSize: ULONG,
1304 EncodedTicket: PUCHAR,
1305 }}
1306 pub type PKERB_EXTERNAL_TICKET = *mut KERB_EXTERNAL_TICKET;
1307 STRUCT!{struct KERB_RETRIEVE_TKT_REQUEST {
1308 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1309 LogonId: LUID,
1310 TargetName: UNICODE_STRING,
1311 TicketFlags: ULONG,
1312 CacheOptions: ULONG,
1313 EncryptionType: LONG,
1314 CredentialsHandle: SecHandle,
1315 }}
1316 pub type PKERB_RETRIEVE_TKT_REQUEST = *mut KERB_RETRIEVE_TKT_REQUEST;
1317 STRUCT!{struct KERB_RETRIEVE_TKT_RESPONSE {
1318 Ticket: KERB_EXTERNAL_TICKET,
1319 }}
1320 pub type PKERB_RETRIEVE_TKT_RESPONSE = *mut KERB_RETRIEVE_TKT_RESPONSE;
1321 STRUCT!{struct KERB_PURGE_TKT_CACHE_REQUEST {
1322 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1323 LogonId: LUID,
1324 ServerName: UNICODE_STRING,
1325 RealmName: UNICODE_STRING,
1326 }}
1327 pub type PKERB_PURGE_TKT_CACHE_REQUEST = *mut KERB_PURGE_TKT_CACHE_REQUEST;
1328 pub const KERB_PURGE_ALL_TICKETS: ULONG = 1;
1329 STRUCT!{struct KERB_PURGE_TKT_CACHE_EX_REQUEST {
1330 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1331 LogonId: LUID,
1332 Flags: ULONG,
1333 TicketTemplate: KERB_TICKET_CACHE_INFO_EX,
1334 }}
1335 pub type PKERB_PURGE_TKT_CACHE_EX_REQUEST = *mut KERB_PURGE_TKT_CACHE_EX_REQUEST;
1336 STRUCT!{struct KERB_SUBMIT_TKT_REQUEST {
1337 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1338 LogonId: LUID,
1339 Flags: ULONG,
1340 Key: KERB_CRYPTO_KEY32,
1341 KerbCredSize: ULONG,
1342 KerbCredOffset: ULONG,
1343 }}
1344 pub type PKERB_SUBMIT_TKT_REQUEST = *mut KERB_SUBMIT_TKT_REQUEST;
1345 STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_REQUEST {
1346 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1347 Flags: ULONG,
1348 LogonId: LUID,
1349 }}
1350 pub type PKERB_QUERY_KDC_PROXY_CACHE_REQUEST = *mut KERB_QUERY_KDC_PROXY_CACHE_REQUEST;
1351 STRUCT!{struct KDC_PROXY_CACHE_ENTRY_DATA {
1352 SinceLastUsed: ULONG64,
1353 DomainName: UNICODE_STRING,
1354 ProxyServerName: UNICODE_STRING,
1355 ProxyServerVdir: UNICODE_STRING,
1356 ProxyServerPort: USHORT,
1357 LogonId: LUID,
1358 CredUserName: UNICODE_STRING,
1359 CredDomainName: UNICODE_STRING,
1360 GlobalCache: BOOLEAN,
1361 }}
1362 pub type PKDC_PROXY_CACHE_ENTRY_DATA = *mut KDC_PROXY_CACHE_ENTRY_DATA;
1363 STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_RESPONSE {
1364 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1365 CountOfEntries: ULONG,
1366 Entries: PKDC_PROXY_CACHE_ENTRY_DATA,
1367 }}
1368 pub type PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE = *mut KERB_QUERY_KDC_PROXY_CACHE_RESPONSE;
1369 STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_REQUEST {
1370 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1371 Flags: ULONG,
1372 LogonId: LUID,
1373 }}
1374 pub type PKERB_PURGE_KDC_PROXY_CACHE_REQUEST = *mut KERB_PURGE_KDC_PROXY_CACHE_REQUEST;
1375 STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_RESPONSE {
1376 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1377 CountOfPurged: ULONG,
1378 }}
1379 pub type PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE = *mut KERB_PURGE_KDC_PROXY_CACHE_RESPONSE;
1380 pub const KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE: ULONG = 0x1;
1381 STRUCT!{struct KERB_S4U2PROXY_CACHE_ENTRY_INFO {
1382 ServerName: UNICODE_STRING,
1383 Flags: ULONG,
1384 LastStatus: NTSTATUS,
1385 Expiry: LARGE_INTEGER,
1386 }}
1387 pub type PKERB_S4U2PROXY_CACHE_ENTRY_INFO = *mut KERB_S4U2PROXY_CACHE_ENTRY_INFO;
1388 pub const KERB_S4U2PROXY_CRED_FLAG_NEGATIVE: ULONG = 0x1;
1389 STRUCT!{struct KERB_S4U2PROXY_CRED {
1390 UserName: UNICODE_STRING,
1391 DomainName: UNICODE_STRING,
1392 Flags: ULONG,
1393 LastStatus: NTSTATUS,
1394 Expiry: LARGE_INTEGER,
1395 CountOfEntries: ULONG,
1396 Entries: PKERB_S4U2PROXY_CACHE_ENTRY_INFO,
1397 }}
1398 pub type PKERB_S4U2PROXY_CRED = *mut KERB_S4U2PROXY_CRED;
1399 STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_REQUEST {
1400 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1401 Flags: ULONG,
1402 LogonId: LUID,
1403 }}
1404 pub type PKERB_QUERY_S4U2PROXY_CACHE_REQUEST = *mut KERB_QUERY_S4U2PROXY_CACHE_REQUEST;
1405 STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_RESPONSE {
1406 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1407 CountOfCreds: ULONG,
1408 Creds: PKERB_S4U2PROXY_CRED,
1409 }}
1410 pub type PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE = *mut KERB_QUERY_S4U2PROXY_CACHE_RESPONSE;
1411 STRUCT!{struct KERB_CHANGEPASSWORD_REQUEST {
1412 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1413 DomainName: UNICODE_STRING,
1414 AccountName: UNICODE_STRING,
1415 OldPassword: UNICODE_STRING,
1416 NewPassword: UNICODE_STRING,
1417 Impersonating: BOOLEAN,
1418 }}
1419 pub type PKERB_CHANGEPASSWORD_REQUEST = *mut KERB_CHANGEPASSWORD_REQUEST;
1420 STRUCT!{struct KERB_SETPASSWORD_REQUEST {
1421 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1422 LogonId: LUID,
1423 CredentialsHandle: SecHandle,
1424 Flags: ULONG,
1425 DomainName: UNICODE_STRING,
1426 AccountName: UNICODE_STRING,
1427 Password: UNICODE_STRING,
1428 }}
1429 pub type PKERB_SETPASSWORD_REQUEST = *mut KERB_SETPASSWORD_REQUEST;
1430 STRUCT!{struct KERB_SETPASSWORD_EX_REQUEST {
1431 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1432 LogonId: LUID,
1433 CredentialsHandle: SecHandle,
1434 Flags: ULONG,
1435 AccountRealm: UNICODE_STRING,
1436 AccountName: UNICODE_STRING,
1437 Password: UNICODE_STRING,
1438 ClientRealm: UNICODE_STRING,
1439 ClientName: UNICODE_STRING,
1440 Impersonating: BOOLEAN,
1441 KdcAddress: UNICODE_STRING,
1442 KdcAddressType: ULONG,
1443 }}
1444 pub type PKERB_SETPASSWORD_EX_REQUEST = *mut KERB_SETPASSWORD_EX_REQUEST;
1445 pub const DS_UNKNOWN_ADDRESS_TYPE: ULONG = 0;
1446 pub const KERB_SETPASS_USE_LOGONID: ULONG = 1;
1447 pub const KERB_SETPASS_USE_CREDHANDLE: ULONG = 2;
1448 STRUCT!{struct KERB_DECRYPT_REQUEST {
1449 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1450 LogonId: LUID,
1451 Flags: ULONG,
1452 CryptoType: LONG,
1453 KeyUsage: LONG,
1454 Key: KERB_CRYPTO_KEY,
1455 EncryptedDataSize: ULONG,
1456 InitialVectorSize: ULONG,
1457 InitialVector: PUCHAR,
1458 EncryptedData: PUCHAR,
1459 }}
1460 pub type PKERB_DECRYPT_REQUEST = *mut KERB_DECRYPT_REQUEST;
1461 pub const KERB_DECRYPT_FLAG_DEFAULT_KEY: ULONG = 0x00000001;
1462 STRUCT!{struct KERB_DECRYPT_RESPONSE {
1463 DecryptedData: [UCHAR; ANYSIZE_ARRAY],
1464 }}
1465 pub type PKERB_DECRYPT_RESPONSE = *mut KERB_DECRYPT_RESPONSE;
1466 STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_REQUEST {
1467 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1468 RealmName: UNICODE_STRING,
1469 KdcAddress: UNICODE_STRING,
1470 AddressType: ULONG,
1471 }}
1472 pub type PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_REQUEST;
1473 STRUCT!{struct KERB_REFRESH_SCCRED_REQUEST {
1474 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1475 CredentialBlob: UNICODE_STRING,
1476 LogonId: LUID,
1477 Flags: ULONG,
1478 }}
1479 pub type PKERB_REFRESH_SCCRED_REQUEST = *mut KERB_REFRESH_SCCRED_REQUEST;
1480 pub const KERB_REFRESH_SCCRED_RELEASE: ULONG = 0x0;
1481 pub const KERB_REFRESH_SCCRED_GETTGT: ULONG = 0x1;
1482 STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST {
1483 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1484 UserName: UNICODE_STRING,
1485 DomainName: UNICODE_STRING,
1486 Password: UNICODE_STRING,
1487 LogonId: LUID,
1488 Flags: ULONG,
1489 }}
1490 pub type PKERB_ADD_CREDENTIALS_REQUEST = *mut KERB_ADD_CREDENTIALS_REQUEST;
1491 pub const KERB_REQUEST_ADD_CREDENTIAL: ULONG = 1;
1492 pub const KERB_REQUEST_REPLACE_CREDENTIAL: ULONG = 2;
1493 pub const KERB_REQUEST_REMOVE_CREDENTIAL: ULONG = 4;
1494 STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST_EX {
1495 Credentials: KERB_ADD_CREDENTIALS_REQUEST,
1496 PrincipalNameCount: ULONG,
1497 PrincipalNames: [UNICODE_STRING; ANYSIZE_ARRAY],
1498 }}
1499 pub type PKERB_ADD_CREDENTIALS_REQUEST_EX = *mut KERB_ADD_CREDENTIALS_REQUEST_EX;
1500 STRUCT!{struct KERB_TRANSFER_CRED_REQUEST {
1501 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1502 OriginLogonId: LUID,
1503 DestinationLogonId: LUID,
1504 Flags: ULONG,
1505 }}
1506 pub type PKERB_TRANSFER_CRED_REQUEST = *mut KERB_TRANSFER_CRED_REQUEST;
1507 pub const KERB_TRANSFER_CRED_WITH_TICKETS: ULONG = 0x1;
1508 pub const KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS: ULONG = 0x2;
1509 STRUCT!{struct KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST {
1510 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1511 LogonId: LUID,
1512 }}
1513 pub type PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST =
1514 *mut KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST;
1515 STRUCT!{struct KERB_BINDING_CACHE_ENTRY_DATA {
1516 DiscoveryTime: ULONG64,
1517 RealmName: UNICODE_STRING,
1518 KdcAddress: UNICODE_STRING,
1519 AddressType: ULONG,
1520 Flags: ULONG,
1521 DcFlags: ULONG,
1522 CacheFlags: ULONG,
1523 KdcName: UNICODE_STRING,
1524 }}
1525 pub type PKERB_BINDING_CACHE_ENTRY_DATA = *mut KERB_BINDING_CACHE_ENTRY_DATA;
1526 STRUCT!{struct KERB_QUERY_BINDING_CACHE_RESPONSE {
1527 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1528 CountOfEntries: ULONG,
1529 Entries: PKERB_BINDING_CACHE_ENTRY_DATA,
1530 }}
1531 pub type PKERB_QUERY_BINDING_CACHE_RESPONSE = *mut KERB_QUERY_BINDING_CACHE_RESPONSE;
1532 STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST {
1533 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1534 RealmName: UNICODE_STRING,
1535 KdcAddress: UNICODE_STRING,
1536 AddressType: ULONG,
1537 DcFlags: ULONG,
1538 }}
1539 pub type PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST;
1540 STRUCT!{struct KERB_QUERY_BINDING_CACHE_REQUEST {
1541 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1542 }}
1543 pub type PKERB_QUERY_BINDING_CACHE_REQUEST = *mut KERB_QUERY_BINDING_CACHE_REQUEST;
1544 STRUCT!{struct KERB_PURGE_BINDING_CACHE_REQUEST {
1545 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1546 }}
1547 pub type PKERB_PURGE_BINDING_CACHE_REQUEST = *mut KERB_PURGE_BINDING_CACHE_REQUEST;
1548 STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST {
1549 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1550 Flags: ULONG,
1551 DomainName: UNICODE_STRING,
1552 }}
1553 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST =
1554 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST;
1555 STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE {
1556 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1557 Flags: ULONG,
1558 ExtendedPolicies: ULONG,
1559 DsFlags: ULONG,
1560 }}
1561 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE =
1562 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE;
1563 ENUM!{enum KERB_CERTIFICATE_INFO_TYPE {
1564 CertHashInfo = 1,
1565 }}
1566 pub type PKERB_CERTIFICATE_INFO_TYPE = *mut KERB_CERTIFICATE_INFO_TYPE;
1567 STRUCT!{struct KERB_CERTIFICATE_HASHINFO {
1568 StoreNameLength: USHORT,
1569 HashLength: USHORT,
1570 }}
1571 pub type PKERB_CERTIFICATE_HASHINFO = *mut KERB_CERTIFICATE_HASHINFO;
1572 STRUCT!{struct KERB_CERTIFICATE_INFO {
1573 CertInfoSize: ULONG,
1574 InfoType: ULONG,
1575 }}
1576 pub type PKERB_CERTIFICATE_INFO = *mut KERB_CERTIFICATE_INFO;
1577 STRUCT!{struct POLICY_AUDIT_SID_ARRAY {
1578 UsersCount: ULONG,
1579 UserSidArray: *mut PSID,
1580 }}
1581 pub type PPOLICY_AUDIT_SID_ARRAY = *mut POLICY_AUDIT_SID_ARRAY;
1582 STRUCT!{struct AUDIT_POLICY_INFORMATION {
1583 AuditSubCategoryGuid: GUID,
1584 AuditingInformation: ULONG,
1585 AuditCategoryGuid: GUID,
1586 }}
1587 pub type PAUDIT_POLICY_INFORMATION = *mut AUDIT_POLICY_INFORMATION;
1588 pub type LPAUDIT_POLICY_INFORMATION = PAUDIT_POLICY_INFORMATION;
1589 pub type PCAUDIT_POLICY_INFORMATION = *const AUDIT_POLICY_INFORMATION;
1590 pub const AUDIT_SET_SYSTEM_POLICY: ULONG = 0x0001;
1591 pub const AUDIT_QUERY_SYSTEM_POLICY: ULONG = 0x0002;
1592 pub const AUDIT_SET_USER_POLICY: ULONG = 0x0004;
1593 pub const AUDIT_QUERY_USER_POLICY: ULONG = 0x0008;
1594 pub const AUDIT_ENUMERATE_USERS: ULONG = 0x0010;
1595 pub const AUDIT_SET_MISC_POLICY: ULONG = 0x0020;
1596 pub const AUDIT_QUERY_MISC_POLICY: ULONG = 0x0040;
1597 pub const AUDIT_GENERIC_ALL: ULONG = STANDARD_RIGHTS_REQUIRED | AUDIT_SET_SYSTEM_POLICY
1598 | AUDIT_QUERY_SYSTEM_POLICY | AUDIT_SET_USER_POLICY | AUDIT_QUERY_USER_POLICY
1599 | AUDIT_ENUMERATE_USERS | AUDIT_SET_MISC_POLICY | AUDIT_QUERY_MISC_POLICY;
1600 pub const AUDIT_GENERIC_READ: ULONG = STANDARD_RIGHTS_READ | AUDIT_QUERY_SYSTEM_POLICY
1601 | AUDIT_QUERY_USER_POLICY | AUDIT_ENUMERATE_USERS | AUDIT_QUERY_MISC_POLICY;
1602 pub const AUDIT_GENERIC_WRITE: ULONG = STANDARD_RIGHTS_WRITE | AUDIT_SET_USER_POLICY
1603 | AUDIT_SET_MISC_POLICY | AUDIT_SET_SYSTEM_POLICY;
1604 pub const AUDIT_GENERIC_EXECUTE: ULONG = STANDARD_RIGHTS_EXECUTE;
1605 extern "system" {
1606 pub fn AuditSetSystemPolicy(
1607 pAuditPolicy: PCAUDIT_POLICY_INFORMATION,
1608 PolicyCount: ULONG,
1609 ) -> BOOLEAN;
1610 pub fn AuditSetPerUserPolicy(
1611 pSid: *const SID,
1612 pAuditPolicy: PCAUDIT_POLICY_INFORMATION,
1613 PolicyCount: ULONG,
1614 ) -> BOOLEAN;
1615 pub fn AuditQuerySystemPolicy(
1616 pSubCategoryGuids: *const GUID,
1617 PolicyCount: ULONG,
1618 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1619 ) -> BOOLEAN;
1620 pub fn AuditQueryPerUserPolicy(
1621 pSid: *const SID,
1622 pSubCategoryGuids: *const GUID,
1623 PolicyCount: ULONG,
1624 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1625 ) -> BOOLEAN;
1626 pub fn AuditEnumeratePerUserPolicy(
1627 ppAuditSidArray: *mut PPOLICY_AUDIT_SID_ARRAY
1628 ) -> BOOLEAN;
1629 pub fn AuditComputeEffectivePolicyBySid(
1630 pSid: *const SID,
1631 pSubCategoryGuids: *const GUID,
1632 dwPolicyCount: ULONG,
1633 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1634 ) -> BOOLEAN;
1635 pub fn AuditComputeEffectivePolicyByToken(
1636 hTokenHandle: HANDLE,
1637 pSubCategoryGuids: *const GUID,
1638 dwPolicyCount: ULONG,
1639 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1640 ) -> BOOLEAN;
1641 pub fn AuditEnumerateCategories(
1642 ppAuditCategoriesArray: *mut *mut GUID,
1643 pdwCountReturned: PULONG,
1644 ) -> BOOLEAN;
1645 pub fn AuditEnumerateSubCategories(
1646 pAuditCategoryGuid: *const GUID,
1647 bRetrieveAllSubCategories: BOOLEAN,
1648 ppAuditSubCategoriesArray: *mut *mut GUID,
1649 pdwCountReturned: PULONG,
1650 ) -> BOOLEAN;
1651 pub fn AuditLookupCategoryNameW(
1652 pAuditCategoryGuid: *const GUID,
1653 ppszCategoryName: *mut PWSTR,
1654 ) -> BOOLEAN;
1655 pub fn AuditLookupCategoryNameA(
1656 pAuditCategoryGuid: *const GUID,
1657 ppszCategoryName: *mut PSTR,
1658 ) -> BOOLEAN;
1659 pub fn AuditLookupSubCategoryNameW(
1660 pAuditSubCategoryGuid: *const GUID,
1661 ppszSubCategoryName: *mut PWSTR,
1662 ) -> BOOLEAN;
1663 pub fn AuditLookupSubCategoryNameA(
1664 pAuditSubCategoryGuid: *const GUID,
1665 ppszSubCategoryName: *mut PSTR,
1666 ) -> BOOLEAN;
1667 pub fn AuditLookupCategoryIdFromCategoryGuid(
1668 pAuditCategoryGuid: *const GUID,
1669 pAuditCategoryId: PPOLICY_AUDIT_EVENT_TYPE,
1670 ) -> BOOLEAN;
1671 pub fn AuditLookupCategoryGuidFromCategoryId(
1672 AuditCategoryId: POLICY_AUDIT_EVENT_TYPE,
1673 pAuditCategoryGuid: *mut GUID,
1674 ) -> BOOLEAN;
1675 pub fn AuditSetSecurity(
1676 SecurityInformation: SECURITY_INFORMATION,
1677 pSecurityDescriptor: PSECURITY_DESCRIPTOR,
1678 ) -> BOOLEAN;
1679 pub fn AuditQuerySecurity(
1680 SecurityInformation: SECURITY_INFORMATION,
1681 ppSecurityDescriptor: *mut PSECURITY_DESCRIPTOR,
1682 ) -> BOOLEAN;
1683 pub fn AuditSetGlobalSaclW(
1684 ObjectTypeName: PCWSTR,
1685 Acl: PACL,
1686 ) -> BOOLEAN;
1687 pub fn AuditSetGlobalSaclA(
1688 ObjectTypeName: PCSTR,
1689 Acl: PACL,
1690 ) -> BOOLEAN;
1691 pub fn AuditQueryGlobalSaclW(
1692 ObjectTypeName: PCWSTR,
1693 Acl: *mut PACL,
1694 ) -> BOOLEAN;
1695 pub fn AuditQueryGlobalSaclA(
1696 ObjectTypeName: PCSTR,
1697 Acl: *mut PACL
1698 ) -> BOOLEAN;
1699 pub fn AuditFree(
1700 Buffer: PVOID,
1701 );
1702 }
1703 STRUCT!{struct PKU2U_CERT_BLOB {
1704 CertOffset: ULONG,
1705 CertLength: USHORT,
1706 }}
1707 pub type PPKU2U_CERT_BLOB = *mut PKU2U_CERT_BLOB;
1708 pub const PKU2U_CREDUI_CONTEXT_VERSION: ULONG64 = 0x4154414454524543;
1709 STRUCT!{struct PKU2U_CREDUI_CONTEXT {
1710 Version: ULONG64,
1711 cbHeaderLength: USHORT,
1712 cbStructureLength: ULONG,
1713 CertArrayCount: USHORT,
1714 CertArrayOffset: ULONG,
1715 }}
1716 pub type PPKU2U_CREDUI_CONTEXT = *mut PKU2U_CREDUI_CONTEXT;
1717 ENUM!{enum PKU2U_LOGON_SUBMIT_TYPE {
1718 Pku2uCertificateS4ULogon = 14,
1719 }}
1720 pub type PPKU2U_LOGON_SUBMIT_TYPE = *mut PKU2U_LOGON_SUBMIT_TYPE;
1721 STRUCT!{struct PKU2U_CERTIFICATE_S4U_LOGON {
1722 MessageType: PKU2U_LOGON_SUBMIT_TYPE,
1723 Flags: ULONG,
1724 UserPrincipalName: UNICODE_STRING,
1725 DomainName: UNICODE_STRING,
1726 CertificateLength: ULONG,
1727 Certificate: PUCHAR,
1728 }}
1729 pub type PPKU2U_CERTIFICATE_S4U_LOGON = *mut PKU2U_CERTIFICATE_S4U_LOGON;
backport for Debian buster