]> git.proxmox.com Git - rustc.git/blob - vendor/winapi/src/um/ntsecapi.rs
projects / rustc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
New upstream version 1.70.0+dfsg2
[rustc.git] / vendor / winapi / src / um / ntsecapi.rs
1 // Licensed under the Apache License, Version 2.0
2 // <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
3 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
4 // All files in the project carrying such notice may not be copied, modified, or distributed
5 // except according to those terms.
6 //! This module defines the Local Security Authority APIs.
7 use shared::basetsd::{ULONG64, ULONG_PTR};
8 use shared::guiddef::GUID;
9 use shared::minwindef::{PUCHAR, PULONG, UCHAR, ULONG, USHORT};
10 use shared::ntdef::NTSTATUS;
11 use shared::sspi::SecHandle;
12 use um::lsalookup::{
13 LSA_TRUST_INFORMATION, LSA_UNICODE_STRING, PLSA_TRUST_INFORMATION, PLSA_UNICODE_STRING
14 };
15 use um::subauth::{PUNICODE_STRING, STRING, UNICODE_STRING};
16 use um::winnt::{
17 ACCESS_MASK, ANYSIZE_ARRAY, BOOLEAN, HANDLE, LARGE_INTEGER, LONG, LUID, PACL, PCSTR, PCWSTR,
18 PSECURITY_DESCRIPTOR, PSID, PSTR, PVOID, PWSTR, QUOTA_LIMITS, SECURITY_INFORMATION, SHORT, SID,
19 SID_NAME_USE, STANDARD_RIGHTS_EXECUTE, STANDARD_RIGHTS_READ, STANDARD_RIGHTS_REQUIRED,
20 STANDARD_RIGHTS_WRITE, ULONGLONG
21 };
22 DEFINE_GUID!{Audit_System_SecurityStateChange,
23 0x0cce9210, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
24 DEFINE_GUID!{Audit_System_SecuritySubsystemExtension,
25 0x0cce9211, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
26 DEFINE_GUID!{Audit_System_Integrity,
27 0x0cce9212, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
28 DEFINE_GUID!{Audit_System_IPSecDriverEvents,
29 0x0cce9213, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
30 DEFINE_GUID!{Audit_System_Others,
31 0x0cce9214, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
32 DEFINE_GUID!{Audit_Logon_Logon,
33 0x0cce9215, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
34 DEFINE_GUID!{Audit_Logon_Logoff,
35 0x0cce9216, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
36 DEFINE_GUID!{Audit_Logon_AccountLockout,
37 0x0cce9217, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
38 DEFINE_GUID!{Audit_Logon_IPSecMainMode,
39 0x0cce9218, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
40 DEFINE_GUID!{Audit_Logon_IPSecQuickMode,
41 0x0cce9219, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
42 DEFINE_GUID!{Audit_Logon_IPSecUserMode,
43 0x0cce921a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
44 DEFINE_GUID!{Audit_Logon_SpecialLogon,
45 0x0cce921b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
46 DEFINE_GUID!{Audit_Logon_Others,
47 0x0cce921c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
48 DEFINE_GUID!{Audit_ObjectAccess_FileSystem,
49 0x0cce921d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
50 DEFINE_GUID!{Audit_ObjectAccess_Registry,
51 0x0cce921e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
52 DEFINE_GUID!{Audit_ObjectAccess_Kernel,
53 0x0cce921f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
54 DEFINE_GUID!{Audit_ObjectAccess_Sam,
55 0x0cce9220, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
56 DEFINE_GUID!{Audit_ObjectAccess_CertificationServices,
57 0x0cce9221, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
58 DEFINE_GUID!{Audit_ObjectAccess_ApplicationGenerated,
59 0x0cce9222, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
60 DEFINE_GUID!{Audit_ObjectAccess_Handle,
61 0x0cce9223, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
62 DEFINE_GUID!{Audit_ObjectAccess_Share,
63 0x0cce9224, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
64 DEFINE_GUID!{Audit_ObjectAccess_FirewallPacketDrops,
65 0x0cce9225, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
66 DEFINE_GUID!{Audit_ObjectAccess_FirewallConnection,
67 0x0cce9226, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
68 DEFINE_GUID!{Audit_ObjectAccess_Other,
69 0x0cce9227, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
70 DEFINE_GUID!{Audit_PrivilegeUse_Sensitive,
71 0x0cce9228, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
72 DEFINE_GUID!{Audit_PrivilegeUse_NonSensitive,
73 0x0cce9229, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
74 DEFINE_GUID!{Audit_PrivilegeUse_Others,
75 0x0cce922a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
76 DEFINE_GUID!{Audit_DetailedTracking_ProcessCreation,
77 0x0cce922b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
78 DEFINE_GUID!{Audit_DetailedTracking_ProcessTermination,
79 0x0cce922c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
80 DEFINE_GUID!{Audit_DetailedTracking_DpapiActivity,
81 0x0cce922d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
82 DEFINE_GUID!{Audit_DetailedTracking_RpcCall,
83 0x0cce922e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
84 DEFINE_GUID!{Audit_PolicyChange_AuditPolicy,
85 0x0cce922f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
86 DEFINE_GUID!{Audit_PolicyChange_AuthenticationPolicy,
87 0x0cce9230, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
88 DEFINE_GUID!{Audit_PolicyChange_AuthorizationPolicy,
89 0x0cce9231, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
90 DEFINE_GUID!{Audit_PolicyChange_MpsscvRulePolicy,
91 0x0cce9232, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
92 DEFINE_GUID!{Audit_PolicyChange_WfpIPSecPolicy,
93 0x0cce9233, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
94 DEFINE_GUID!{Audit_PolicyChange_Others,
95 0x0cce9234, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
96 DEFINE_GUID!{Audit_AccountManagement_UserAccount,
97 0x0cce9235, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
98 DEFINE_GUID!{Audit_AccountManagement_ComputerAccount,
99 0x0cce9236, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
100 DEFINE_GUID!{Audit_AccountManagement_SecurityGroup,
101 0x0cce9237, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
102 DEFINE_GUID!{Audit_AccountManagement_DistributionGroup,
103 0x0cce9238, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
104 DEFINE_GUID!{Audit_AccountManagement_ApplicationGroup,
105 0x0cce9239, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
106 DEFINE_GUID!{Audit_AccountManagement_Others,
107 0x0cce923a, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
108 DEFINE_GUID!{Audit_DSAccess_DSAccess,
109 0x0cce923b, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
110 DEFINE_GUID!{Audit_DsAccess_AdAuditChanges,
111 0x0cce923c, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
112 DEFINE_GUID!{Audit_Ds_Replication,
113 0x0cce923d, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
114 DEFINE_GUID!{Audit_Ds_DetailedReplication,
115 0x0cce923e, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
116 DEFINE_GUID!{Audit_AccountLogon_CredentialValidation,
117 0x0cce923f, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
118 DEFINE_GUID!{Audit_AccountLogon_Kerberos,
119 0x0cce9240, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
120 DEFINE_GUID!{Audit_AccountLogon_Others,
121 0x0cce9241, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
122 DEFINE_GUID!{Audit_AccountLogon_KerbCredentialValidation,
123 0x0cce9242, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
124 DEFINE_GUID!{Audit_Logon_NPS,
125 0x0cce9243, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
126 DEFINE_GUID!{Audit_ObjectAccess_DetailedFileShare,
127 0x0cce9244, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
128 DEFINE_GUID!{Audit_ObjectAccess_RemovableStorage,
129 0x0cce9245, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
130 DEFINE_GUID!{Audit_ObjectAccess_CbacStaging,
131 0x0cce9246, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
132 DEFINE_GUID!{Audit_Logon_Claims,
133 0x0cce9247, 0x69ae, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
134 DEFINE_GUID!{Audit_System,
135 0x69979848, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
136 DEFINE_GUID!{Audit_Logon,
137 0x69979849, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
138 DEFINE_GUID!{Audit_ObjectAccess,
139 0x6997984a, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
140 DEFINE_GUID!{Audit_PrivilegeUse,
141 0x6997984b, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
142 DEFINE_GUID!{Audit_DetailedTracking,
143 0x6997984c, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
144 DEFINE_GUID!{Audit_PolicyChange,
145 0x6997984d, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
146 DEFINE_GUID!{Audit_AccountManagement,
147 0x6997984e, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
148 DEFINE_GUID!{Audit_DirectoryServiceAccess,
149 0x6997984f, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
150 DEFINE_GUID!{Audit_AccountLogon,
151 0x69979850, 0x797a, 0x11d9, 0xbe, 0xd3, 0x50, 0x50, 0x54, 0x50, 0x30, 0x30}
152 ENUM!{enum POLICY_AUDIT_EVENT_TYPE {
153 AuditCategorySystem = 0,
154 AuditCategoryLogon,
155 AuditCategoryObjectAccess,
156 AuditCategoryPrivilegeUse,
157 AuditCategoryDetailedTracking,
158 AuditCategoryPolicyChange,
159 AuditCategoryAccountManagement,
160 AuditCategoryDirectoryServiceAccess,
161 AuditCategoryAccountLogon,
162 }}
163 pub type PPOLICY_AUDIT_EVENT_TYPE = *mut POLICY_AUDIT_EVENT_TYPE;
164 pub const POLICY_AUDIT_EVENT_UNCHANGED: POLICY_AUDIT_EVENT_OPTIONS = 0x00000000;
165 pub const POLICY_AUDIT_EVENT_SUCCESS: POLICY_AUDIT_EVENT_OPTIONS = 0x00000001;
166 pub const POLICY_AUDIT_EVENT_FAILURE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000002;
167 pub const POLICY_AUDIT_EVENT_NONE: POLICY_AUDIT_EVENT_OPTIONS = 0x00000004;
168 pub const POLICY_AUDIT_EVENT_MASK: POLICY_AUDIT_EVENT_OPTIONS = POLICY_AUDIT_EVENT_SUCCESS
169 | POLICY_AUDIT_EVENT_FAILURE | POLICY_AUDIT_EVENT_UNCHANGED | POLICY_AUDIT_EVENT_NONE;
170 pub const POLICY_VIEW_LOCAL_INFORMATION: ACCESS_MASK = 0x00000001;
171 pub const POLICY_VIEW_AUDIT_INFORMATION: ACCESS_MASK = 0x00000002;
172 pub const POLICY_GET_PRIVATE_INFORMATION: ACCESS_MASK = 0x00000004;
173 pub const POLICY_TRUST_ADMIN: ACCESS_MASK = 0x00000008;
174 pub const POLICY_CREATE_ACCOUNT: ACCESS_MASK = 0x00000010;
175 pub const POLICY_CREATE_SECRET: ACCESS_MASK = 0x00000020;
176 pub const POLICY_CREATE_PRIVILEGE: ACCESS_MASK = 0x00000040;
177 pub const POLICY_SET_DEFAULT_QUOTA_LIMITS: ACCESS_MASK = 0x00000080;
178 pub const POLICY_SET_AUDIT_REQUIREMENTS: ACCESS_MASK = 0x00000100;
179 pub const POLICY_AUDIT_LOG_ADMIN: ACCESS_MASK = 0x00000200;
180 pub const POLICY_SERVER_ADMIN: ACCESS_MASK = 0x00000400;
181 pub const POLICY_LOOKUP_NAMES: ACCESS_MASK = 0x00000800;
182 pub const POLICY_NOTIFICATION: ACCESS_MASK = 0x00001000;
183 pub const POLICY_ALL_ACCESS: ACCESS_MASK = STANDARD_RIGHTS_REQUIRED
184 | POLICY_VIEW_LOCAL_INFORMATION | POLICY_VIEW_AUDIT_INFORMATION
185 | POLICY_GET_PRIVATE_INFORMATION | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT
186 | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS
187 | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN
188 | POLICY_LOOKUP_NAMES;
189 pub const POLICY_READ: ACCESS_MASK = STANDARD_RIGHTS_READ | POLICY_VIEW_AUDIT_INFORMATION
190 | POLICY_GET_PRIVATE_INFORMATION;
191 pub const POLICY_WRITE: ACCESS_MASK = STANDARD_RIGHTS_WRITE | POLICY_TRUST_ADMIN
192 | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE
193 | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN
194 | POLICY_SERVER_ADMIN;
195 pub const POLICY_EXECUTE: ACCESS_MASK = STANDARD_RIGHTS_EXECUTE
196 | POLICY_VIEW_LOCAL_INFORMATION | POLICY_LOOKUP_NAMES;
197 STRUCT!{struct LSA_TRANSLATED_SID {
198 Use: SID_NAME_USE,
199 RelativeId: ULONG,
200 DomainIndex: LONG,
201 }}
202 pub type PLSA_TRANSLATED_SID = *mut LSA_TRANSLATED_SID;
203 ENUM!{enum POLICY_LSA_SERVER_ROLE {
204 PolicyServerRoleBackup = 2,
205 PolicyServerRolePrimary,
206 }}
207 pub type PPOLICY_LSA_SERVER_ROLE = *mut POLICY_LSA_SERVER_ROLE;
208 pub type POLICY_AUDIT_EVENT_OPTIONS = ULONG;
209 pub type PPOLICY_AUDIT_EVENT_OPTIONS = *mut ULONG;
210 ENUM!{enum POLICY_INFORMATION_CLASS {
211 PolicyAuditLogInformation = 1,
212 PolicyAuditEventsInformation,
213 PolicyPrimaryDomainInformation,
214 PolicyPdAccountInformation,
215 PolicyAccountDomainInformation,
216 PolicyLsaServerRoleInformation,
217 PolicyReplicaSourceInformation,
218 PolicyDefaultQuotaInformation,
219 PolicyModificationInformation,
220 PolicyAuditFullSetInformation,
221 PolicyAuditFullQueryInformation,
222 PolicyDnsDomainInformation,
223 PolicyDnsDomainInformationInt,
224 PolicyLocalAccountDomainInformation,
225 PolicyLastEntry,
226 }}
227 pub type PPOLICY_INFORMATION_CLASS = *mut POLICY_INFORMATION_CLASS;
228 STRUCT!{struct POLICY_AUDIT_LOG_INFO {
229 AuditLogPercentFull: ULONG,
230 MaximumLogSize: ULONG,
231 AuditRetentionPeriod: LARGE_INTEGER,
232 AuditLogFullShutdownInProgress: BOOLEAN,
233 TimeToShutdown: LARGE_INTEGER,
234 NextAuditRecordId: ULONG,
235 }}
236 pub type PPOLICY_AUDIT_LOG_INFO = *mut POLICY_AUDIT_LOG_INFO;
237 STRUCT!{struct POLICY_AUDIT_EVENTS_INFO {
238 AuditingMode: BOOLEAN,
239 EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
240 MaximumAuditEventCount: ULONG,
241 }}
242 pub type PPOLICY_AUDIT_EVENTS_INFO = *mut POLICY_AUDIT_EVENTS_INFO;
243 STRUCT!{struct POLICY_AUDIT_SUBCATEGORIES_INFO {
244 MaximumSubCategoryCount: ULONG,
245 EventAuditingOptions: PPOLICY_AUDIT_EVENT_OPTIONS,
246 }}
247 pub type PPOLICY_AUDIT_SUBCATEGORIES_INFO = *mut POLICY_AUDIT_SUBCATEGORIES_INFO;
248 STRUCT!{struct POLICY_AUDIT_CATEGORIES_INFO {
249 MaximumSubCategoryCount: ULONG,
250 SubCategoriesInfo: PPOLICY_AUDIT_SUBCATEGORIES_INFO,
251 }}
252 pub type PPOLICY_AUDIT_CATEGORIES_INFO = *mut POLICY_AUDIT_CATEGORIES_INFO;
253 pub const PER_USER_POLICY_UNCHANGED: ULONG = 0x00;
254 pub const PER_USER_AUDIT_SUCCESS_INCLUDE: ULONG = 0x01;
255 pub const PER_USER_AUDIT_SUCCESS_EXCLUDE: ULONG = 0x02;
256 pub const PER_USER_AUDIT_FAILURE_INCLUDE: ULONG = 0x04;
257 pub const PER_USER_AUDIT_FAILURE_EXCLUDE: ULONG = 0x08;
258 pub const PER_USER_AUDIT_NONE: ULONG = 0x10;
259 pub const VALID_PER_USER_AUDIT_POLICY_FLAG: ULONG = PER_USER_AUDIT_SUCCESS_INCLUDE
260 | PER_USER_AUDIT_SUCCESS_EXCLUDE | PER_USER_AUDIT_FAILURE_INCLUDE
261 | PER_USER_AUDIT_FAILURE_EXCLUDE | PER_USER_AUDIT_NONE;
262 STRUCT!{struct POLICY_PRIMARY_DOMAIN_INFO {
263 Name: LSA_UNICODE_STRING,
264 Sid: PSID,
265 }}
266 pub type PPOLICY_PRIMARY_DOMAIN_INFO = *mut POLICY_PRIMARY_DOMAIN_INFO;
267 STRUCT!{struct POLICY_PD_ACCOUNT_INFO {
268 Name: LSA_UNICODE_STRING,
269 }}
270 pub type PPOLICY_PD_ACCOUNT_INFO = *mut POLICY_PD_ACCOUNT_INFO;
271 STRUCT!{struct POLICY_LSA_SERVER_ROLE_INFO {
272 LsaServerRole: POLICY_LSA_SERVER_ROLE,
273 }}
274 pub type PPOLICY_LSA_SERVER_ROLE_INFO = *mut POLICY_LSA_SERVER_ROLE_INFO;
275 STRUCT!{struct POLICY_REPLICA_SOURCE_INFO {
276 ReplicaSource: LSA_UNICODE_STRING,
277 ReplicaAccountName: LSA_UNICODE_STRING,
278 }}
279 pub type PPOLICY_REPLICA_SOURCE_INFO = *mut POLICY_REPLICA_SOURCE_INFO;
280 STRUCT!{struct POLICY_DEFAULT_QUOTA_INFO {
281 QuotaLimits: QUOTA_LIMITS,
282 }}
283 pub type PPOLICY_DEFAULT_QUOTA_INFO = *mut POLICY_DEFAULT_QUOTA_INFO;
284 STRUCT!{struct POLICY_MODIFICATION_INFO {
285 ModifiedId: LARGE_INTEGER,
286 DatabaseCreationTime: LARGE_INTEGER,
287 }}
288 pub type PPOLICY_MODIFICATION_INFO = *mut POLICY_MODIFICATION_INFO;
289 STRUCT!{struct POLICY_AUDIT_FULL_SET_INFO {
290 ShutDownOnFull: BOOLEAN,
291 }}
292 pub type PPOLICY_AUDIT_FULL_SET_INFO = *mut POLICY_AUDIT_FULL_SET_INFO;
293 STRUCT!{struct POLICY_AUDIT_FULL_QUERY_INFO {
294 ShutDownOnFull: BOOLEAN,
295 LogIsFull: BOOLEAN,
296 }}
297 pub type PPOLICY_AUDIT_FULL_QUERY_INFO = *mut POLICY_AUDIT_FULL_QUERY_INFO;
298 ENUM!{enum POLICY_DOMAIN_INFORMATION_CLASS {
299 PolicyDomainEfsInformation = 2,
300 PolicyDomainKerberosTicketInformation,
301 }}
302 pub type PPOLICY_DOMAIN_INFORMATION_CLASS = *mut POLICY_DOMAIN_INFORMATION_CLASS;
303 STRUCT!{struct POLICY_DOMAIN_EFS_INFO {
304 InfoLength: ULONG,
305 EfsBlob: PUCHAR,
306 }}
307 pub type PPOLICY_DOMAIN_EFS_INFO = *mut POLICY_DOMAIN_EFS_INFO;
308 STRUCT!{struct POLICY_DOMAIN_KERBEROS_TICKET_INFO {
309 AuthenticationOptions: ULONG,
310 MaxServiceTicketAge: LARGE_INTEGER,
311 MaxTicketAge: LARGE_INTEGER,
312 MaxRenewAge: LARGE_INTEGER,
313 MaxClockSkew: LARGE_INTEGER,
314 Reserved: LARGE_INTEGER,
315 }}
316 pub type PPOLICY_DOMAIN_KERBEROS_TICKET_INFO = *mut POLICY_DOMAIN_KERBEROS_TICKET_INFO;
317 ENUM!{enum POLICY_NOTIFICATION_INFORMATION_CLASS {
318 PolicyNotifyAuditEventsInformation = 1,
319 PolicyNotifyAccountDomainInformation,
320 PolicyNotifyServerRoleInformation,
321 PolicyNotifyDnsDomainInformation,
322 PolicyNotifyDomainEfsInformation,
323 PolicyNotifyDomainKerberosTicketInformation,
324 PolicyNotifyMachineAccountPasswordInformation,
325 PolicyNotifyGlobalSaclInformation,
326 PolicyNotifyMax,
327 }}
328 pub type PPOLICY_NOTIFICATION_INFORMATION_CLASS = *mut POLICY_NOTIFICATION_INFORMATION_CLASS;
329 pub type LSA_HANDLE = PVOID;
330 pub type PLSA_HANDLE = *mut PVOID;
331 ENUM!{enum TRUSTED_INFORMATION_CLASS {
332 TrustedDomainNameInformation = 1,
333 TrustedControllersInformation,
334 TrustedPosixOffsetInformation,
335 TrustedPasswordInformation,
336 TrustedDomainInformationBasic,
337 TrustedDomainInformationEx,
338 TrustedDomainAuthInformation,
339 TrustedDomainFullInformation,
340 TrustedDomainAuthInformationInternal,
341 TrustedDomainFullInformationInternal,
342 TrustedDomainInformationEx2Internal,
343 TrustedDomainFullInformation2Internal,
344 TrustedDomainSupportedEncryptionTypes,
345 }}
346 pub type PTRUSTED_INFORMATION_CLASS = *mut TRUSTED_INFORMATION_CLASS;
347 STRUCT!{struct TRUSTED_DOMAIN_NAME_INFO {
348 Name: LSA_UNICODE_STRING,
349 }}
350 pub type PTRUSTED_DOMAIN_NAME_INFO = *mut TRUSTED_DOMAIN_NAME_INFO;
351 STRUCT!{struct TRUSTED_CONTROLLERS_INFO {
352 Entries: ULONG,
353 Names: PLSA_UNICODE_STRING,
354 }}
355 pub type PTRUSTED_CONTROLLERS_INFO = *mut TRUSTED_CONTROLLERS_INFO;
356 STRUCT!{struct TRUSTED_POSIX_OFFSET_INFO {
357 Offset: ULONG,
358 }}
359 pub type PTRUSTED_POSIX_OFFSET_INFO = *mut TRUSTED_POSIX_OFFSET_INFO;
360 STRUCT!{struct TRUSTED_PASSWORD_INFO {
361 Password: LSA_UNICODE_STRING,
362 OldPassword: LSA_UNICODE_STRING,
363 }}
364 pub type PTRUSTED_PASSWORD_INFO = *mut TRUSTED_PASSWORD_INFO;
365 pub type TRUSTED_DOMAIN_INFORMATION_BASIC = LSA_TRUST_INFORMATION;
366 pub type PTRUSTED_DOMAIN_INFORMATION_BASIC = PLSA_TRUST_INFORMATION;
367 pub const TRUST_DIRECTION_DISABLED: ULONG = 0x00000000;
368 pub const TRUST_DIRECTION_INBOUND: ULONG = 0x00000001;
369 pub const TRUST_DIRECTION_OUTBOUND: ULONG = 0x00000002;
370 pub const TRUST_DIRECTION_BIDIRECTIONAL: ULONG = TRUST_DIRECTION_INBOUND
371 | TRUST_DIRECTION_OUTBOUND;
372 pub const TRUST_TYPE_DOWNLEVEL: ULONG = 0x00000001;
373 pub const TRUST_TYPE_UPLEVEL: ULONG = 0x00000002;
374 pub const TRUST_TYPE_MIT: ULONG = 0x00000003;
375 pub const TRUST_ATTRIBUTE_NON_TRANSITIVE: ULONG = 0x00000001;
376 pub const TRUST_ATTRIBUTE_UPLEVEL_ONLY: ULONG = 0x00000002;
377 pub const TRUST_ATTRIBUTE_QUARANTINED_DOMAIN: ULONG = 0x00000004;
378 pub const TRUST_ATTRIBUTE_FOREST_TRANSITIVE: ULONG = 0x00000008;
379 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION: ULONG = 0x00000010;
380 pub const TRUST_ATTRIBUTE_WITHIN_FOREST: ULONG = 0x00000020;
381 pub const TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL: ULONG = 0x00000040;
382 pub const TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION: ULONG = 0x00000080;
383 pub const TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS: ULONG = 0x00000100;
384 pub const TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION: ULONG = 0x00000200;
385 pub const TRUST_ATTRIBUTES_VALID: ULONG = 0xFF03FFFF;
386 pub const TRUST_ATTRIBUTES_USER: ULONG = 0xFF000000;
387 STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX {
388 Name: LSA_UNICODE_STRING,
389 FlatName: LSA_UNICODE_STRING,
390 Sid: PSID,
391 TrustDirection: ULONG,
392 TrustType: ULONG,
393 TrustAttributes: ULONG,
394 }}
395 pub type PTRUSTED_DOMAIN_INFORMATION_EX = *mut TRUSTED_DOMAIN_INFORMATION_EX;
396 STRUCT!{struct TRUSTED_DOMAIN_INFORMATION_EX2 {
397 Name: LSA_UNICODE_STRING,
398 FlatName: LSA_UNICODE_STRING,
399 Sid: PSID,
400 TrustDirection: ULONG,
401 TrustType: ULONG,
402 TrustAttributes: ULONG,
403 ForestTrustLength: ULONG,
404 ForestTrustInfo: PUCHAR,
405 }}
406 pub type PTRUSTED_DOMAIN_INFORMATION_EX2 = *mut TRUSTED_DOMAIN_INFORMATION_EX2;
407 pub const TRUST_AUTH_TYPE_NONE: ULONG = 0;
408 pub const TRUST_AUTH_TYPE_NT4OWF: ULONG = 1;
409 pub const TRUST_AUTH_TYPE_CLEAR: ULONG = 2;
410 pub const TRUST_AUTH_TYPE_VERSION: ULONG = 3;
411 STRUCT!{struct LSA_AUTH_INFORMATION {
412 LastUpdateTime: LARGE_INTEGER,
413 AuthType: ULONG,
414 AuthInfoLength: ULONG,
415 AuthInfo: PUCHAR,
416 }}
417 pub type PLSA_AUTH_INFORMATION = *mut LSA_AUTH_INFORMATION;
418 STRUCT!{struct TRUSTED_DOMAIN_AUTH_INFORMATION {
419 IncomingAuthInfos: ULONG,
420 IncomingAuthenticationInformation: PLSA_AUTH_INFORMATION,
421 IncomingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
422 OutgoingAuthInfos: ULONG,
423 OutgoingAuthenticationInformation: PLSA_AUTH_INFORMATION,
424 OutgoingPreviousAuthenticationInformation: PLSA_AUTH_INFORMATION,
425 }}
426 pub type PTRUSTED_DOMAIN_AUTH_INFORMATION = *mut TRUSTED_DOMAIN_AUTH_INFORMATION;
427 STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION {
428 Information: TRUSTED_DOMAIN_INFORMATION_EX,
429 PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
430 AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
431 }}
432 pub type PTRUSTED_DOMAIN_FULL_INFORMATION = *mut TRUSTED_DOMAIN_FULL_INFORMATION;
433 STRUCT!{struct TRUSTED_DOMAIN_FULL_INFORMATION2 {
434 Information: TRUSTED_DOMAIN_INFORMATION_EX2,
435 PosixOffset: TRUSTED_POSIX_OFFSET_INFO,
436 AuthInformation: TRUSTED_DOMAIN_AUTH_INFORMATION,
437 }}
438 pub type PTRUSTED_DOMAIN_FULL_INFORMATION2 = *mut TRUSTED_DOMAIN_FULL_INFORMATION2;
439 STRUCT!{struct TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES {
440 SupportedEncryptionTypes: ULONG,
441 }}
442 pub type PTRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES =
443 *mut TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES;
444 ENUM!{enum LSA_FOREST_TRUST_RECORD_TYPE {
445 ForestTrustTopLevelName,
446 ForestTrustTopLevelNameEx,
447 ForestTrustDomainInfo,
448 ForestTrustRecordTypeLast, // = ForestTrustDomainInfo,
449 }}
450 pub const LSA_FTRECORD_DISABLED_REASONS: ULONG = 0x0000FFFF;
451 pub const LSA_TLN_DISABLED_NEW: ULONG = 0x00000001;
452 pub const LSA_TLN_DISABLED_ADMIN: ULONG = 0x00000002;
453 pub const LSA_TLN_DISABLED_CONFLICT: ULONG = 0x00000004;
454 pub const LSA_SID_DISABLED_ADMIN: ULONG = 0x00000001;
455 pub const LSA_SID_DISABLED_CONFLICT: ULONG = 0x00000002;
456 pub const LSA_NB_DISABLED_ADMIN: ULONG = 0x00000004;
457 pub const LSA_NB_DISABLED_CONFLICT: ULONG = 0x00000008;
458 STRUCT!{struct LSA_FOREST_TRUST_DOMAIN_INFO {
459 Sid: PSID,
460 DnsName: LSA_UNICODE_STRING,
461 NetbiosName: LSA_UNICODE_STRING,
462 }}
463 pub type PLSA_FOREST_TRUST_DOMAIN_INFO = *mut LSA_FOREST_TRUST_DOMAIN_INFO;
464 pub const MAX_FOREST_TRUST_BINARY_DATA_SIZE: ULONG = 128 * 1024;
465 STRUCT!{struct LSA_FOREST_TRUST_BINARY_DATA {
466 Length: ULONG,
467 Buffer: PUCHAR,
468 }}
469 pub type PLSA_FOREST_TRUST_BINARY_DATA = *mut LSA_FOREST_TRUST_BINARY_DATA;
470 UNION!{union LSA_FOREST_TRUST_RECORD_ForestTrustData {
471 [usize; 5],
472 TopLevelName TopLevelName_mut: LSA_UNICODE_STRING,
473 DomainInfo DomainInfo_mut: LSA_FOREST_TRUST_DOMAIN_INFO,
474 Data Data_mut: LSA_FOREST_TRUST_BINARY_DATA,
475 }}
476 STRUCT!{struct LSA_FOREST_TRUST_RECORD {
477 Flags: ULONG,
478 ForestTrustType: LSA_FOREST_TRUST_RECORD_TYPE,
479 Time: LARGE_INTEGER,
480 ForestTrustData: LSA_FOREST_TRUST_RECORD_ForestTrustData,
481 }}
482 pub type PLSA_FOREST_TRUST_RECORD = *mut LSA_FOREST_TRUST_RECORD;
483 pub const MAX_RECORDS_IN_FOREST_TRUST_INFO: ULONG = 4000;
484 STRUCT!{struct LSA_FOREST_TRUST_INFORMATION {
485 RecordCount: ULONG,
486 Entries: *mut PLSA_FOREST_TRUST_RECORD,
487 }}
488 pub type PLSA_FOREST_TRUST_INFORMATION = *mut LSA_FOREST_TRUST_INFORMATION;
489 ENUM!{enum LSA_FOREST_TRUST_COLLISION_RECORD_TYPE {
490 CollisionTdo,
491 CollisionXref,
492 CollisionOther,
493 }}
494 STRUCT!{struct LSA_FOREST_TRUST_COLLISION_RECORD {
495 Index: ULONG,
496 Type: LSA_FOREST_TRUST_COLLISION_RECORD_TYPE,
497 Flags: ULONG,
498 Name: LSA_UNICODE_STRING,
499 }}
500 pub type PLSA_FOREST_TRUST_COLLISION_RECORD = *mut LSA_FOREST_TRUST_COLLISION_RECORD;
501 STRUCT!{struct LSA_FOREST_TRUST_COLLISION_INFORMATION {
502 RecordCount: ULONG,
503 Entries: *mut PLSA_FOREST_TRUST_COLLISION_RECORD,
504 }}
505 pub type PLSA_FOREST_TRUST_COLLISION_INFORMATION = *mut LSA_FOREST_TRUST_COLLISION_INFORMATION;
506 pub type LSA_ENUMERATION_HANDLE = ULONG;
507 pub type PLSA_ENUMERATION_HANDLE = *mut ULONG;
508 STRUCT!{struct LSA_ENUMERATION_INFORMATION {
509 Sid: PSID,
510 }}
511 pub type PLSA_ENUMERATION_INFORMATION = *mut LSA_ENUMERATION_INFORMATION;
512 STRUCT!{struct LSA_LAST_INTER_LOGON_INFO {
513 LastSuccessfulLogon: LARGE_INTEGER,
514 LastFailedLogon: LARGE_INTEGER,
515 FailedAttemptCountSinceLastSuccessfulLogon: ULONG,
516 }}
517 pub type PLSA_LAST_INTER_LOGON_INFO = *mut LSA_LAST_INTER_LOGON_INFO;
518 STRUCT!{struct SECURITY_LOGON_SESSION_DATA {
519 Size: ULONG,
520 LogonId: LUID,
521 UserName: LSA_UNICODE_STRING,
522 LogonDomain: LSA_UNICODE_STRING,
523 AuthenticationPackage: LSA_UNICODE_STRING,
524 LogonType: ULONG,
525 Session: ULONG,
526 Sid: PSID,
527 LogonTime: LARGE_INTEGER,
528 LogonServer: LSA_UNICODE_STRING,
529 DnsDomainName: LSA_UNICODE_STRING,
530 Upn: LSA_UNICODE_STRING,
531 UserFlags: ULONG,
532 LastLogonInfo: LSA_LAST_INTER_LOGON_INFO,
533 LogonScript: LSA_UNICODE_STRING,
534 ProfilePath: LSA_UNICODE_STRING,
535 HomeDirectory: LSA_UNICODE_STRING,
536 HomeDirectoryDrive: LSA_UNICODE_STRING,
537 LogoffTime: LARGE_INTEGER,
538 KickOffTime: LARGE_INTEGER,
539 PasswordLastSet: LARGE_INTEGER,
540 PasswordCanChange: LARGE_INTEGER,
541 PasswordMustChange: LARGE_INTEGER,
542 }}
543 pub type PSECURITY_LOGON_SESSION_DATA = *mut SECURITY_LOGON_SESSION_DATA;
544 pub const CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000001;
545 pub const CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG: ULONG = 0x00000100;
546 pub const CENTRAL_ACCESS_POLICY_STAGED_FLAG: ULONG = 0x00010000;
547 pub const CENTRAL_ACCESS_POLICY_VALID_FLAG_MASK: ULONG =
548 CENTRAL_ACCESS_POLICY_OWNER_RIGHTS_PRESENT_FLAG
549 | CENTRAL_ACCESS_POLICY_STAGED_OWNER_RIGHTS_PRESENT_FLAG
550 | CENTRAL_ACCESS_POLICY_STAGED_FLAG;
551 pub const LSASETCAPS_RELOAD_FLAG: ULONG = 0x00000001;
552 pub const LSASETCAPS_VALID_FLAG_MASK: ULONG = LSASETCAPS_RELOAD_FLAG;
553 STRUCT!{struct CENTRAL_ACCESS_POLICY_ENTRY {
554 Name: LSA_UNICODE_STRING,
555 Description: LSA_UNICODE_STRING,
556 ChangeId: LSA_UNICODE_STRING,
557 LengthAppliesTo: ULONG,
558 AppliesTo: PUCHAR,
559 LengthSD: ULONG,
560 SD: PSECURITY_DESCRIPTOR,
561 LengthStagedSD: ULONG,
562 StagedSD: PSECURITY_DESCRIPTOR,
563 Flags: ULONG,
564 }}
565 pub type PCENTRAL_ACCESS_POLICY_ENTRY = *mut CENTRAL_ACCESS_POLICY_ENTRY;
566 pub type PCCENTRAL_ACCESS_POLICY_ENTRY = *const CENTRAL_ACCESS_POLICY_ENTRY;
567 STRUCT!{struct CENTRAL_ACCESS_POLICY {
568 CAPID: PSID,
569 Name: LSA_UNICODE_STRING,
570 Description: LSA_UNICODE_STRING,
571 ChangeId: LSA_UNICODE_STRING,
572 Flags: ULONG,
573 CAPECount: ULONG,
574 CAPEs: *mut PCENTRAL_ACCESS_POLICY_ENTRY,
575 }}
576 pub type PCENTRAL_ACCESS_POLICY = *mut CENTRAL_ACCESS_POLICY;
577 pub type PCCENTRAL_ACCESS_POLICY = *const CENTRAL_ACCESS_POLICY;
578 ENUM!{enum NEGOTIATE_MESSAGES {
579 NegEnumPackagePrefixes = 0,
580 NegGetCallerName = 1,
581 NegTransferCredentials = 2,
582 NegCallPackageMax,
583 }}
584 pub const NEGOTIATE_MAX_PREFIX: usize = 32;
585 STRUCT!{struct NEGOTIATE_PACKAGE_PREFIX {
586 PackageId: ULONG_PTR,
587 PackageDataA: PVOID,
588 PackageDataW: PVOID,
589 PrefixLen: ULONG_PTR,
590 Prefix: [UCHAR; NEGOTIATE_MAX_PREFIX],
591 }}
592 pub type PNEGOTIATE_PACKAGE_PREFIX = *mut NEGOTIATE_PACKAGE_PREFIX;
593 STRUCT!{struct NEGOTIATE_PACKAGE_PREFIXES {
594 MessageType: ULONG,
595 PrefixCount: ULONG,
596 Offset: ULONG,
597 Pad: ULONG,
598 }}
599 pub type PNEGOTIATE_PACKAGE_PREFIXES = *mut NEGOTIATE_PACKAGE_PREFIXES;
600 STRUCT!{struct NEGOTIATE_CALLER_NAME_REQUEST {
601 MessageType: ULONG,
602 LogonId: LUID,
603 }}
604 pub type PNEGOTIATE_CALLER_NAME_REQUEST = *mut NEGOTIATE_CALLER_NAME_REQUEST;
605 STRUCT!{struct NEGOTIATE_CALLER_NAME_RESPONSE {
606 MessageType: ULONG,
607 CallerName: PWSTR,
608 }}
609 pub type PNEGOTIATE_CALLER_NAME_RESPONSE = *mut NEGOTIATE_CALLER_NAME_RESPONSE;
610 STRUCT!{struct DOMAIN_PASSWORD_INFORMATION {
611 MinPasswordLength: USHORT,
612 PasswordHistoryLength: USHORT,
613 PasswordProperties: ULONG,
614 MaxPasswordAge: LARGE_INTEGER,
615 MinPasswordAge: LARGE_INTEGER,
616 }}
617 pub type PDOMAIN_PASSWORD_INFORMATION = *mut DOMAIN_PASSWORD_INFORMATION;
618 pub const DOMAIN_PASSWORD_COMPLEX: ULONG = 0x00000001;
619 pub const DOMAIN_PASSWORD_NO_ANON_CHANGE: ULONG = 0x00000002;
620 pub const DOMAIN_PASSWORD_NO_CLEAR_CHANGE: ULONG = 0x00000004;
621 pub const DOMAIN_LOCKOUT_ADMINS: ULONG = 0x00000008;
622 pub const DOMAIN_PASSWORD_STORE_CLEARTEXT: ULONG = 0x00000010;
623 pub const DOMAIN_REFUSE_PASSWORD_CHANGE: ULONG = 0x00000020;
624 pub const DOMAIN_NO_LM_OWF_CHANGE: ULONG = 0x00000040;
625 FN!{stdcall PSAM_PASSWORD_NOTIFICATION_ROUTINE(
626 UserName: PUNICODE_STRING,
627 RelativeId: ULONG,
628 NewPassword: PUNICODE_STRING,
629 ) -> NTSTATUS}
630 FN!{stdcall PSAM_INIT_NOTIFICATION_ROUTINE() -> BOOLEAN}
631 FN!{stdcall PSAM_PASSWORD_FILTER_ROUTINE(
632 AccountName: PUNICODE_STRING,
633 FullName: PUNICODE_STRING,
634 Password: PUNICODE_STRING,
635 SetOperation: BOOLEAN,
636 ) -> BOOLEAN}
637 ENUM!{enum MSV1_0_LOGON_SUBMIT_TYPE {
638 MsV1_0InteractiveLogon = 2,
639 MsV1_0Lm20Logon,
640 MsV1_0NetworkLogon,
641 MsV1_0SubAuthLogon,
642 MsV1_0WorkstationUnlockLogon = 7,
643 MsV1_0S4ULogon = 12,
644 MsV1_0VirtualLogon = 82,
645 MsV1_0NoElevationLogon = 83,
646 MsV1_0LuidLogon = 84,
647 }}
648 pub type PMSV1_0_LOGON_SUBMIT_TYPE = *mut MSV1_0_LOGON_SUBMIT_TYPE;
649 ENUM!{enum MSV1_0_PROFILE_BUFFER_TYPE {
650 MsV1_0InteractiveProfile = 2,
651 MsV1_0Lm20LogonProfile,
652 MsV1_0SmartCardProfile,
653 }}
654 pub type PMSV1_0_PROFILE_BUFFER_TYPE = *mut MSV1_0_PROFILE_BUFFER_TYPE;
655 STRUCT!{struct MSV1_0_INTERACTIVE_LOGON {
656 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
657 LogonDomainName: UNICODE_STRING,
658 UserName: UNICODE_STRING,
659 Password: UNICODE_STRING,
660 }}
661 pub type PMSV1_0_INTERACTIVE_LOGON = *mut MSV1_0_INTERACTIVE_LOGON;
662 STRUCT!{struct MSV1_0_INTERACTIVE_PROFILE {
663 MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
664 LogonCount: USHORT,
665 BadPasswordCount: USHORT,
666 LogonTime: LARGE_INTEGER,
667 LogoffTime: LARGE_INTEGER,
668 KickOffTime: LARGE_INTEGER,
669 PasswordLastSet: LARGE_INTEGER,
670 PasswordCanChange: LARGE_INTEGER,
671 PasswordMustChange: LARGE_INTEGER,
672 LogonScript: UNICODE_STRING,
673 HomeDirectory: UNICODE_STRING,
674 FullName: UNICODE_STRING,
675 ProfilePath: UNICODE_STRING,
676 HomeDirectoryDrive: UNICODE_STRING,
677 LogonServer: UNICODE_STRING,
678 UserFlags: ULONG,
679 }}
680 pub type PMSV1_0_INTERACTIVE_PROFILE = *mut MSV1_0_INTERACTIVE_PROFILE;
681 pub const MSV1_0_CHALLENGE_LENGTH: usize = 8;
682 pub const MSV1_0_USER_SESSION_KEY_LENGTH: usize = 16;
683 pub const MSV1_0_LANMAN_SESSION_KEY_LENGTH: usize = 8;
684 pub const MSV1_0_CLEARTEXT_PASSWORD_ALLOWED: ULONG = 0x02;
685 pub const MSV1_0_UPDATE_LOGON_STATISTICS: ULONG = 0x04;
686 pub const MSV1_0_RETURN_USER_PARAMETERS: ULONG = 0x08;
687 pub const MSV1_0_DONT_TRY_GUEST_ACCOUNT: ULONG = 0x10;
688 pub const MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT: ULONG = 0x20;
689 pub const MSV1_0_RETURN_PASSWORD_EXPIRY: ULONG = 0x40;
690 pub const MSV1_0_USE_CLIENT_CHALLENGE: ULONG = 0x80;
691 pub const MSV1_0_TRY_GUEST_ACCOUNT_ONLY: ULONG = 0x100;
692 pub const MSV1_0_RETURN_PROFILE_PATH: ULONG = 0x200;
693 pub const MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY: ULONG = 0x400;
694 pub const MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT: ULONG = 0x800;
695 pub const MSV1_0_DISABLE_PERSONAL_FALLBACK: ULONG = 0x00001000;
696 pub const MSV1_0_ALLOW_FORCE_GUEST: ULONG = 0x00002000;
697 pub const MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED: ULONG = 0x00004000;
698 pub const MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY: ULONG = 0x00008000;
699 pub const MSV1_0_SUBAUTHENTICATION_DLL_EX: ULONG = 0x00100000;
700 pub const MSV1_0_ALLOW_MSVCHAPV2: ULONG = 0x00010000;
701 pub const MSV1_0_S4U2SELF: ULONG = 0x00020000;
702 pub const MSV1_0_CHECK_LOGONHOURS_FOR_S4U: ULONG = 0x00040000;
703 pub const MSV1_0_INTERNET_DOMAIN: ULONG = 0x00080000;
704 pub const MSV1_0_SUBAUTHENTICATION_DLL: ULONG = 0xFF000000;
705 pub const MSV1_0_SUBAUTHENTICATION_DLL_SHIFT: ULONG = 24;
706 pub const MSV1_0_MNS_LOGON: ULONG = 0x01000000;
707 pub const MSV1_0_SUBAUTHENTICATION_DLL_RAS: ULONG = 2;
708 pub const MSV1_0_SUBAUTHENTICATION_DLL_IIS: ULONG = 132;
709 STRUCT!{struct MSV1_0_LM20_LOGON {
710 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
711 LogonDomainName: UNICODE_STRING,
712 UserName: UNICODE_STRING,
713 Workstation: UNICODE_STRING,
714 ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
715 CaseSensitiveChallengeResponse: STRING,
716 CaseInsensitiveChallengeResponse: STRING,
717 ParameterControl: ULONG,
718 }}
719 pub type PMSV1_0_LM20_LOGON = *mut MSV1_0_LM20_LOGON;
720 STRUCT!{struct MSV1_0_SUBAUTH_LOGON {
721 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
722 LogonDomainName: UNICODE_STRING,
723 UserName: UNICODE_STRING,
724 Workstation: UNICODE_STRING,
725 ChallengeToClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
726 AuthenticationInfo1: STRING,
727 AuthenticationInfo2: STRING,
728 ParameterControl: ULONG,
729 SubAuthPackageId: ULONG,
730 }}
731 pub type PMSV1_0_SUBAUTH_LOGON = *mut MSV1_0_SUBAUTH_LOGON;
732 STRUCT!{struct MSV1_0_S4U_LOGON {
733 MessageType: MSV1_0_LOGON_SUBMIT_TYPE,
734 MSV1_0_LOGON_SUBMIT_TYPE: ULONG,
735 UserPrincipalName: UNICODE_STRING,
736 DomainName: UNICODE_STRING,
737 }}
738 pub type PMSV1_0_S4U_LOGON = *mut MSV1_0_S4U_LOGON;
739 pub const LOGON_GUEST: ULONG = 0x01;
740 pub const LOGON_NOENCRYPTION: ULONG = 0x02;
741 pub const LOGON_CACHED_ACCOUNT: ULONG = 0x04;
742 pub const LOGON_USED_LM_PASSWORD: ULONG = 0x08;
743 pub const LOGON_EXTRA_SIDS: ULONG = 0x20;
744 pub const LOGON_SUBAUTH_SESSION_KEY: ULONG = 0x40;
745 pub const LOGON_SERVER_TRUST_ACCOUNT: ULONG = 0x80;
746 pub const LOGON_NTLMV2_ENABLED: ULONG = 0x100;
747 pub const LOGON_RESOURCE_GROUPS: ULONG = 0x200;
748 pub const LOGON_PROFILE_PATH_RETURNED: ULONG = 0x400;
749 pub const LOGON_NT_V2: ULONG = 0x800;
750 pub const LOGON_LM_V2: ULONG = 0x1000;
751 pub const LOGON_NTLM_V2: ULONG = 0x2000;
752 pub const LOGON_OPTIMIZED: ULONG = 0x4000;
753 pub const LOGON_WINLOGON: ULONG = 0x8000;
754 pub const LOGON_PKINIT: ULONG = 0x10000;
755 pub const LOGON_NO_OPTIMIZED: ULONG = 0x20000;
756 pub const LOGON_NO_ELEVATION: ULONG = 0x40000;
757 pub const LOGON_MANAGED_SERVICE: ULONG = 0x80000;
758 pub const LOGON_GRACE_LOGON: ULONG = 0x01000000;
759 STRUCT!{struct MSV1_0_LM20_LOGON_PROFILE {
760 MessageType: MSV1_0_PROFILE_BUFFER_TYPE,
761 KickOffTime: LARGE_INTEGER,
762 LogoffTime: LARGE_INTEGER,
763 UserFlags: ULONG,
764 UserSessionKey: [UCHAR; MSV1_0_USER_SESSION_KEY_LENGTH],
765 LogonDomainName: UNICODE_STRING,
766 LanmanSessionKey: [UCHAR; MSV1_0_LANMAN_SESSION_KEY_LENGTH],
767 LogonServer: UNICODE_STRING,
768 UserParameters: UNICODE_STRING,
769 }}
770 pub type PMSV1_0_LM20_LOGON_PROFILE = *mut MSV1_0_LM20_LOGON_PROFILE;
771 pub const MSV1_0_OWF_PASSWORD_LENGTH: usize = 16;
772 STRUCT!{struct MSV1_0_SUPPLEMENTAL_CREDENTIAL {
773 Version: ULONG,
774 Flags: ULONG,
775 LmPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
776 NtPassword: [UCHAR; MSV1_0_OWF_PASSWORD_LENGTH],
777 }}
778 pub type PMSV1_0_SUPPLEMENTAL_CREDENTIAL = *mut MSV1_0_SUPPLEMENTAL_CREDENTIAL;
779 pub const MSV1_0_NTLM3_RESPONSE_LENGTH: usize = 16;
780 pub const MSV1_0_NTLM3_OWF_LENGTH: usize = 16;
781 STRUCT!{struct MSV1_0_NTLM3_RESPONSE {
782 Response: [UCHAR; MSV1_0_NTLM3_RESPONSE_LENGTH],
783 RespType: UCHAR,
784 HiRespType: UCHAR,
785 Flags: USHORT,
786 MsgWord: ULONG,
787 TimeStamp: ULONGLONG,
788 ChallengeFromClient: [UCHAR; MSV1_0_CHALLENGE_LENGTH],
789 AvPairsOff: ULONG,
790 Buffer: [UCHAR; 1],
791 }}
792 pub type PMSV1_0_NTLM3_RESPONSE = *mut MSV1_0_NTLM3_RESPONSE;
793 ENUM!{enum MSV1_0_AVID {
794 MsvAvEOL,
795 MsvAvNbComputerName,
796 MsvAvNbDomainName,
797 MsvAvDnsComputerName,
798 MsvAvDnsDomainName,
799 MsvAvDnsTreeName,
800 MsvAvFlags,
801 MsvAvTimestamp,
802 MsvAvRestrictions,
803 MsvAvTargetName,
804 MsvAvChannelBindings,
805 }}
806 STRUCT!{struct MSV1_0_AV_PAIR {
807 AvId: USHORT,
808 AvLen: USHORT,
809 }}
810 pub type PMSV1_0_AV_PAIR = *mut MSV1_0_AV_PAIR;
811 ENUM!{enum MSV1_0_PROTOCOL_MESSAGE_TYPE {
812 MsV1_0Lm20ChallengeRequest = 0,
813 MsV1_0Lm20GetChallengeResponse,
814 MsV1_0EnumerateUsers,
815 MsV1_0GetUserInfo,
816 MsV1_0ReLogonUsers,
817 MsV1_0ChangePassword,
818 MsV1_0ChangeCachedPassword,
819 MsV1_0GenericPassthrough,
820 MsV1_0CacheLogon,
821 MsV1_0SubAuth,
822 MsV1_0DeriveCredential,
823 MsV1_0CacheLookup,
824 MsV1_0SetProcessOption,
825 MsV1_0ConfigLocalAliases,
826 MsV1_0ClearCachedCredentials,
827 MsV1_0LookupToken,
828 MsV1_0ValidateAuth,
829 MsV1_0CacheLookupEx,
830 MsV1_0GetCredentialKey,
831 MsV1_0SetThreadOption,
832 }}
833 pub type PMSV1_0_PROTOCOL_MESSAGE_TYPE = *mut MSV1_0_PROTOCOL_MESSAGE_TYPE;
834 STRUCT!{struct MSV1_0_CHANGEPASSWORD_REQUEST {
835 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
836 DomainName: UNICODE_STRING,
837 AccountName: UNICODE_STRING,
838 OldPassword: UNICODE_STRING,
839 NewPassword: UNICODE_STRING,
840 Impersonating: BOOLEAN,
841 }}
842 pub type PMSV1_0_CHANGEPASSWORD_REQUEST = *mut MSV1_0_CHANGEPASSWORD_REQUEST;
843 STRUCT!{struct MSV1_0_CHANGEPASSWORD_RESPONSE {
844 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
845 PasswordInfoValid: BOOLEAN,
846 DomainPasswordInfo: DOMAIN_PASSWORD_INFORMATION,
847 }}
848 pub type PMSV1_0_CHANGEPASSWORD_RESPONSE = *mut MSV1_0_CHANGEPASSWORD_RESPONSE;
849 STRUCT!{struct MSV1_0_PASSTHROUGH_REQUEST {
850 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
851 DomainName: UNICODE_STRING,
852 PackageName: UNICODE_STRING,
853 DataLength: ULONG,
854 LogonData: PUCHAR,
855 Pad: ULONG,
856 }}
857 pub type PMSV1_0_PASSTHROUGH_REQUEST = *mut MSV1_0_PASSTHROUGH_REQUEST;
858 STRUCT!{struct MSV1_0_PASSTHROUGH_RESPONSE {
859 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
860 Pad: ULONG,
861 DataLength: ULONG,
862 ValidationData: PUCHAR,
863 }}
864 pub type PMSV1_0_PASSTHROUGH_RESPONSE = *mut MSV1_0_PASSTHROUGH_RESPONSE;
865 STRUCT!{struct MSV1_0_SUBAUTH_REQUEST {
866 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
867 SubAuthPackageId: ULONG,
868 SubAuthInfoLength: ULONG,
869 SubAuthSubmitBuffer: PUCHAR,
870 }}
871 pub type PMSV1_0_SUBAUTH_REQUEST = *mut MSV1_0_SUBAUTH_REQUEST;
872 STRUCT!{struct MSV1_0_SUBAUTH_RESPONSE {
873 MessageType: MSV1_0_PROTOCOL_MESSAGE_TYPE,
874 SubAuthInfoLength: ULONG,
875 SubAuthReturnBuffer: PUCHAR,
876 }}
877 pub type PMSV1_0_SUBAUTH_RESPONSE = *mut MSV1_0_SUBAUTH_RESPONSE;
878 pub use self::SystemFunction036 as RtlGenRandom;
879 pub use self::SystemFunction040 as RtlEncryptMemory;
880 pub use self::SystemFunction041 as RtlDecryptMemory;
881 extern "system" {
882 pub fn SystemFunction036(
883 RandomBuffer: PVOID,
884 RandomBufferLength: ULONG,
885 ) -> BOOLEAN;
886 }
887 pub const RTL_ENCRYPT_MEMORY_SIZE: ULONG = 8;
888 pub const RTL_ENCRYPT_OPTION_CROSS_PROCESS: ULONG = 0x01;
889 pub const RTL_ENCRYPT_OPTION_SAME_LOGON: ULONG = 0x02;
890 extern "system" {
891 pub fn SystemFunction040(
892 Memory: PVOID,
893 MemorySize: ULONG,
894 OptionFlags: ULONG,
895 ) -> NTSTATUS;
896 pub fn SystemFunction041(
897 Memory: PVOID,
898 MemorySize: ULONG,
899 OptionFlags: ULONG,
900 ) -> NTSTATUS;
901 }
902 pub const KERBEROS_VERSION: ULONG = 5;
903 pub const KERBEROS_REVISION: ULONG = 6;
904 pub const KERB_ETYPE_NULL: LONG = 0;
905 pub const KERB_ETYPE_DES_CBC_CRC: LONG = 1;
906 pub const KERB_ETYPE_DES_CBC_MD4: LONG = 2;
907 pub const KERB_ETYPE_DES_CBC_MD5: LONG = 3;
908 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96: LONG = 17;
909 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96: LONG = 18;
910 pub const KERB_ETYPE_RC4_MD4: LONG = -128;
911 pub const KERB_ETYPE_RC4_PLAIN2: LONG = -129;
912 pub const KERB_ETYPE_RC4_LM: LONG = -130;
913 pub const KERB_ETYPE_RC4_SHA: LONG = -131;
914 pub const KERB_ETYPE_DES_PLAIN: LONG = -132;
915 pub const KERB_ETYPE_RC4_HMAC_OLD: LONG = -133;
916 pub const KERB_ETYPE_RC4_PLAIN_OLD: LONG = -134;
917 pub const KERB_ETYPE_RC4_HMAC_OLD_EXP: LONG = -135;
918 pub const KERB_ETYPE_RC4_PLAIN_OLD_EXP: LONG = -136;
919 pub const KERB_ETYPE_RC4_PLAIN: LONG = -140;
920 pub const KERB_ETYPE_RC4_PLAIN_EXP: LONG = -141;
921 pub const KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN: LONG = -148;
922 pub const KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN: LONG = -149;
923 pub const KERB_ETYPE_DSA_SHA1_CMS: LONG = 9;
924 pub const KERB_ETYPE_RSA_MD5_CMS: LONG = 10;
925 pub const KERB_ETYPE_RSA_SHA1_CMS: LONG = 11;
926 pub const KERB_ETYPE_RC2_CBC_ENV: LONG = 12;
927 pub const KERB_ETYPE_RSA_ENV: LONG = 13;
928 pub const KERB_ETYPE_RSA_ES_OEAP_ENV: LONG = 14;
929 pub const KERB_ETYPE_DES_EDE3_CBC_ENV: LONG = 15;
930 pub const KERB_ETYPE_DSA_SIGN: LONG = 8;
931 pub const KERB_ETYPE_RSA_PRIV: LONG = 9;
932 pub const KERB_ETYPE_RSA_PUB: LONG = 10;
933 pub const KERB_ETYPE_RSA_PUB_MD5: LONG = 11;
934 pub const KERB_ETYPE_RSA_PUB_SHA1: LONG = 12;
935 pub const KERB_ETYPE_PKCS7_PUB: LONG = 13;
936 pub const KERB_ETYPE_DES3_CBC_MD5: LONG = 5;
937 pub const KERB_ETYPE_DES3_CBC_SHA1: LONG = 7;
938 pub const KERB_ETYPE_DES3_CBC_SHA1_KD: LONG = 16;
939 pub const KERB_ETYPE_DES_CBC_MD5_NT: LONG = 20;
940 pub const KERB_ETYPE_RC4_HMAC_NT: LONG = 23;
941 pub const KERB_ETYPE_RC4_HMAC_NT_EXP: LONG = 24;
942 pub const KERB_CHECKSUM_NONE: LONG = 0;
943 pub const KERB_CHECKSUM_CRC32: LONG = 1;
944 pub const KERB_CHECKSUM_MD4: LONG = 2;
945 pub const KERB_CHECKSUM_KRB_DES_MAC: LONG = 4;
946 pub const KERB_CHECKSUM_KRB_DES_MAC_K: LONG = 5;
947 pub const KERB_CHECKSUM_MD5: LONG = 7;
948 pub const KERB_CHECKSUM_MD5_DES: LONG = 8;
949 pub const KERB_CHECKSUM_SHA1_NEW: LONG = 14;
950 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128: LONG = 15;
951 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256: LONG = 16;
952 pub const KERB_CHECKSUM_LM: LONG = -130;
953 pub const KERB_CHECKSUM_SHA1: LONG = -131;
954 pub const KERB_CHECKSUM_REAL_CRC32: LONG = -132;
955 pub const KERB_CHECKSUM_DES_MAC: LONG = -133;
956 pub const KERB_CHECKSUM_DES_MAC_MD5: LONG = -134;
957 pub const KERB_CHECKSUM_MD25: LONG = -135;
958 pub const KERB_CHECKSUM_RC4_MD5: LONG = -136;
959 pub const KERB_CHECKSUM_MD5_HMAC: LONG = -137;
960 pub const KERB_CHECKSUM_HMAC_MD5: LONG = -138;
961 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES128_Ki: LONG = -150;
962 pub const KERB_CHECKSUM_HMAC_SHA1_96_AES256_Ki: LONG = -151;
963 pub const KERB_TICKET_FLAGS_reserved: ULONG = 0x80000000;
964 pub const KERB_TICKET_FLAGS_forwardable: ULONG = 0x40000000;
965 pub const KERB_TICKET_FLAGS_forwarded: ULONG = 0x20000000;
966 pub const KERB_TICKET_FLAGS_proxiable: ULONG = 0x10000000;
967 pub const KERB_TICKET_FLAGS_proxy: ULONG = 0x08000000;
968 pub const KERB_TICKET_FLAGS_may_postdate: ULONG = 0x04000000;
969 pub const KERB_TICKET_FLAGS_postdated: ULONG = 0x02000000;
970 pub const KERB_TICKET_FLAGS_invalid: ULONG = 0x01000000;
971 pub const KERB_TICKET_FLAGS_renewable: ULONG = 0x00800000;
972 pub const KERB_TICKET_FLAGS_initial: ULONG = 0x00400000;
973 pub const KERB_TICKET_FLAGS_pre_authent: ULONG = 0x00200000;
974 pub const KERB_TICKET_FLAGS_hw_authent: ULONG = 0x00100000;
975 pub const KERB_TICKET_FLAGS_ok_as_delegate: ULONG = 0x00040000;
976 pub const KERB_TICKET_FLAGS_name_canonicalize: ULONG = 0x00010000;
977 pub const KERB_TICKET_FLAGS_cname_in_pa_data: ULONG = 0x00040000;
978 pub const KERB_TICKET_FLAGS_enc_pa_rep: ULONG = 0x00010000;
979 pub const KERB_TICKET_FLAGS_reserved1: ULONG = 0x00000001;
980 pub const KRB_NT_UNKNOWN: LONG = 0;
981 pub const KRB_NT_PRINCIPAL: LONG = 1;
982 pub const KRB_NT_PRINCIPAL_AND_ID: LONG = -131;
983 pub const KRB_NT_SRV_INST: LONG = 2;
984 pub const KRB_NT_SRV_INST_AND_ID: LONG = -132;
985 pub const KRB_NT_SRV_HST: LONG = 3;
986 pub const KRB_NT_SRV_XHST: LONG = 4;
987 pub const KRB_NT_UID: LONG = 5;
988 pub const KRB_NT_ENTERPRISE_PRINCIPAL: LONG = 10;
989 pub const KRB_NT_WELLKNOWN: LONG = 11;
990 pub const KRB_NT_ENT_PRINCIPAL_AND_ID: LONG = -130;
991 pub const KRB_NT_MS_PRINCIPAL: LONG = -128;
992 pub const KRB_NT_MS_PRINCIPAL_AND_ID: LONG = -129;
993 pub const KRB_NT_MS_BRANCH_ID: LONG = -133;
994 pub const KRB_NT_X500_PRINCIPAL: LONG = 6;
995 pub const KERB_WRAP_NO_ENCRYPT: ULONG = 0x80000001;
996 ENUM!{enum KERB_LOGON_SUBMIT_TYPE {
997 KerbInteractiveLogon = 2,
998 KerbSmartCardLogon = 6,
999 KerbWorkstationUnlockLogon = 7,
1000 KerbSmartCardUnlockLogon = 8,
1001 KerbProxyLogon = 9,
1002 KerbTicketLogon = 10,
1003 KerbTicketUnlockLogon = 11,
1004 KerbS4ULogon = 12,
1005 KerbCertificateLogon = 13,
1006 KerbCertificateS4ULogon = 14,
1007 KerbCertificateUnlockLogon = 15,
1008 KerbNoElevationLogon = 83,
1009 KerbLuidLogon = 84,
1010 }}
1011 pub type PKERB_LOGON_SUBMIT_TYPE = *mut KERB_LOGON_SUBMIT_TYPE;
1012 STRUCT!{struct KERB_INTERACTIVE_LOGON {
1013 MessageType: KERB_LOGON_SUBMIT_TYPE,
1014 LogonDomainName: UNICODE_STRING,
1015 UserName: UNICODE_STRING,
1016 Password: UNICODE_STRING,
1017 }}
1018 pub type PKERB_INTERACTIVE_LOGON = *mut KERB_INTERACTIVE_LOGON;
1019 STRUCT!{struct KERB_INTERACTIVE_UNLOCK_LOGON {
1020 Logon: KERB_INTERACTIVE_LOGON,
1021 LogonId: LUID,
1022 }}
1023 pub type PKERB_INTERACTIVE_UNLOCK_LOGON = *mut KERB_INTERACTIVE_UNLOCK_LOGON;
1024 STRUCT!{struct KERB_SMART_CARD_LOGON {
1025 MessageType: KERB_LOGON_SUBMIT_TYPE,
1026 Pin: UNICODE_STRING,
1027 CspDataLength: ULONG,
1028 CspData: PUCHAR,
1029 }}
1030 pub type PKERB_SMART_CARD_LOGON = *mut KERB_SMART_CARD_LOGON;
1031 STRUCT!{struct KERB_SMART_CARD_UNLOCK_LOGON {
1032 Logon: KERB_SMART_CARD_LOGON,
1033 LogonId: LUID,
1034 }}
1035 pub type PKERB_SMART_CARD_UNLOCK_LOGON = *mut KERB_SMART_CARD_UNLOCK_LOGON;
1036 pub const KERB_CERTIFICATE_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1;
1037 pub const KERB_CERTIFICATE_LOGON_FLAG_USE_CERTIFICATE_INFO: ULONG = 0x2;
1038 STRUCT!{struct KERB_CERTIFICATE_LOGON {
1039 MessageType: KERB_LOGON_SUBMIT_TYPE,
1040 DomainName: UNICODE_STRING,
1041 UserName: UNICODE_STRING,
1042 Pin: UNICODE_STRING,
1043 Flags: ULONG,
1044 CspDataLength: ULONG,
1045 CspData: PUCHAR,
1046 }}
1047 pub type PKERB_CERTIFICATE_LOGON = *mut KERB_CERTIFICATE_LOGON;
1048 STRUCT!{struct KERB_CERTIFICATE_UNLOCK_LOGON {
1049 Logon: KERB_CERTIFICATE_LOGON,
1050 LogonId: LUID,
1051 }}
1052 pub type PKERB_CERTIFICATE_UNLOCK_LOGON = *mut KERB_CERTIFICATE_UNLOCK_LOGON;
1053 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_DUPLICATES: ULONG = 0x1;
1054 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2;
1055 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_FAIL_IF_NT_AUTH_POLICY_REQUIRED: ULONG = 0x4;
1056 pub const KERB_CERTIFICATE_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8;
1057 STRUCT!{struct KERB_CERTIFICATE_S4U_LOGON {
1058 MessageType: KERB_LOGON_SUBMIT_TYPE,
1059 Flags: ULONG,
1060 UserPrincipalName: UNICODE_STRING,
1061 DomainName: UNICODE_STRING,
1062 CertificateLength: ULONG,
1063 Certificate: PUCHAR,
1064 }}
1065 pub type PKERB_CERTIFICATE_S4U_LOGON = *mut KERB_CERTIFICATE_S4U_LOGON;
1066 STRUCT!{struct KERB_TICKET_LOGON {
1067 MessageType: KERB_LOGON_SUBMIT_TYPE,
1068 Flags: ULONG,
1069 ServiceTicketLength: ULONG,
1070 TicketGrantingTicketLength: ULONG,
1071 ServiceTicket: PUCHAR,
1072 TicketGrantingTicket: PUCHAR,
1073 }}
1074 pub type PKERB_TICKET_LOGON = *mut KERB_TICKET_LOGON;
1075 STRUCT!{struct KERB_TICKET_UNLOCK_LOGON {
1076 Logon: KERB_TICKET_LOGON,
1077 LogonId: LUID,
1078 }}
1079 pub type PKERB_TICKET_UNLOCK_LOGON = *mut KERB_TICKET_UNLOCK_LOGON;
1080 pub const KERB_S4U_LOGON_FLAG_CHECK_LOGONHOURS: ULONG = 0x2;
1081 pub const KERB_S4U_LOGON_FLAG_IDENTIFY: ULONG = 0x8;
1082 STRUCT!{struct KERB_S4U_LOGON {
1083 MessageType: KERB_LOGON_SUBMIT_TYPE,
1084 Flags: ULONG,
1085 ClientUpn: UNICODE_STRING,
1086 ClientRealm: UNICODE_STRING,
1087 }}
1088 pub type PKERB_S4U_LOGON = *mut KERB_S4U_LOGON;
1089 ENUM!{enum KERB_PROFILE_BUFFER_TYPE {
1090 KerbInteractiveProfile = 2,
1091 KerbSmartCardProfile = 4,
1092 KerbTicketProfile = 6,
1093 }}
1094 pub type PKERB_PROFILE_BUFFER_TYPE = *mut KERB_PROFILE_BUFFER_TYPE;
1095 STRUCT!{struct KERB_INTERACTIVE_PROFILE {
1096 MessageType: KERB_PROFILE_BUFFER_TYPE,
1097 LogonCount: USHORT,
1098 BadPasswordCount: USHORT,
1099 LogonTime: LARGE_INTEGER,
1100 LogoffTime: LARGE_INTEGER,
1101 KickOffTime: LARGE_INTEGER,
1102 PasswordLastSet: LARGE_INTEGER,
1103 PasswordCanChange: LARGE_INTEGER,
1104 PasswordMustChange: LARGE_INTEGER,
1105 LogonScript: UNICODE_STRING,
1106 HomeDirectory: UNICODE_STRING,
1107 FullName: UNICODE_STRING,
1108 ProfilePath: UNICODE_STRING,
1109 HomeDirectoryDrive: UNICODE_STRING,
1110 LogonServer: UNICODE_STRING,
1111 UserFlags: ULONG,
1112 }}
1113 pub type PKERB_INTERACTIVE_PROFILE = *mut KERB_INTERACTIVE_PROFILE;
1114 STRUCT!{struct KERB_SMART_CARD_PROFILE {
1115 Profile: KERB_INTERACTIVE_PROFILE,
1116 CertificateSize: ULONG,
1117 CertificateData: PUCHAR,
1118 }}
1119 pub type PKERB_SMART_CARD_PROFILE = *mut KERB_SMART_CARD_PROFILE;
1120 STRUCT!{struct KERB_CRYPTO_KEY {
1121 KeyType: LONG,
1122 Length: ULONG,
1123 Value: PUCHAR,
1124 }}
1125 pub type PKERB_CRYPTO_KEY = *mut KERB_CRYPTO_KEY;
1126 STRUCT!{struct KERB_CRYPTO_KEY32 {
1127 KeyType: LONG,
1128 Length: ULONG,
1129 Offset: ULONG,
1130 }}
1131 pub type PKERB_CRYPTO_KEY32 = *mut KERB_CRYPTO_KEY32;
1132 STRUCT!{struct KERB_TICKET_PROFILE {
1133 Profile: KERB_INTERACTIVE_PROFILE,
1134 SessionKey: KERB_CRYPTO_KEY,
1135 }}
1136 pub type PKERB_TICKET_PROFILE = *mut KERB_TICKET_PROFILE;
1137 ENUM!{enum KERB_PROTOCOL_MESSAGE_TYPE {
1138 KerbDebugRequestMessage = 0,
1139 KerbQueryTicketCacheMessage,
1140 KerbChangeMachinePasswordMessage,
1141 KerbVerifyPacMessage,
1142 KerbRetrieveTicketMessage,
1143 KerbUpdateAddressesMessage,
1144 KerbPurgeTicketCacheMessage,
1145 KerbChangePasswordMessage,
1146 KerbRetrieveEncodedTicketMessage,
1147 KerbDecryptDataMessage,
1148 KerbAddBindingCacheEntryMessage,
1149 KerbSetPasswordMessage,
1150 KerbSetPasswordExMessage,
1151 KerbVerifyCredentialsMessage,
1152 KerbQueryTicketCacheExMessage,
1153 KerbPurgeTicketCacheExMessage,
1154 KerbRefreshSmartcardCredentialsMessage,
1155 KerbAddExtraCredentialsMessage,
1156 KerbQuerySupplementalCredentialsMessage,
1157 KerbTransferCredentialsMessage,
1158 KerbQueryTicketCacheEx2Message,
1159 KerbSubmitTicketMessage,
1160 KerbAddExtraCredentialsExMessage,
1161 KerbQueryKdcProxyCacheMessage,
1162 KerbPurgeKdcProxyCacheMessage,
1163 KerbQueryTicketCacheEx3Message,
1164 KerbCleanupMachinePkinitCredsMessage,
1165 KerbAddBindingCacheEntryExMessage,
1166 KerbQueryBindingCacheMessage,
1167 KerbPurgeBindingCacheMessage,
1168 KerbPinKdcMessage,
1169 KerbUnpinAllKdcsMessage,
1170 KerbQueryDomainExtendedPoliciesMessage,
1171 KerbQueryS4U2ProxyCacheMessage,
1172 }}
1173 pub type PKERB_PROTOCOL_MESSAGE_TYPE = *mut KERB_PROTOCOL_MESSAGE_TYPE;
1174 STRUCT!{struct KERB_QUERY_TKT_CACHE_REQUEST {
1175 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1176 LogonId: LUID,
1177 }}
1178 pub type PKERB_QUERY_TKT_CACHE_REQUEST = *mut KERB_QUERY_TKT_CACHE_REQUEST;
1179 STRUCT!{struct KERB_TICKET_CACHE_INFO {
1180 ServerName: UNICODE_STRING,
1181 RealmName: UNICODE_STRING,
1182 StartTime: LARGE_INTEGER,
1183 EndTime: LARGE_INTEGER,
1184 RenewTime: LARGE_INTEGER,
1185 EncryptionType: LONG,
1186 TicketFlags: ULONG,
1187 }}
1188 pub type PKERB_TICKET_CACHE_INFO = *mut KERB_TICKET_CACHE_INFO;
1189 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX {
1190 ClientName: UNICODE_STRING,
1191 ClientRealm: UNICODE_STRING,
1192 ServerName: UNICODE_STRING,
1193 ServerRealm: UNICODE_STRING,
1194 StartTime: LARGE_INTEGER,
1195 EndTime: LARGE_INTEGER,
1196 RenewTime: LARGE_INTEGER,
1197 EncryptionType: LONG,
1198 TicketFlags: ULONG,
1199 }}
1200 pub type PKERB_TICKET_CACHE_INFO_EX = *mut KERB_TICKET_CACHE_INFO_EX;
1201 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX2 {
1202 ClientName: UNICODE_STRING,
1203 ClientRealm: UNICODE_STRING,
1204 ServerName: UNICODE_STRING,
1205 ServerRealm: UNICODE_STRING,
1206 StartTime: LARGE_INTEGER,
1207 EndTime: LARGE_INTEGER,
1208 RenewTime: LARGE_INTEGER,
1209 EncryptionType: LONG,
1210 TicketFlags: ULONG,
1211 SessionKeyType: ULONG,
1212 BranchId: ULONG,
1213 }}
1214 pub type PKERB_TICKET_CACHE_INFO_EX2 = *mut KERB_TICKET_CACHE_INFO_EX2;
1215 STRUCT!{struct KERB_TICKET_CACHE_INFO_EX3 {
1216 ClientName: UNICODE_STRING,
1217 ClientRealm: UNICODE_STRING,
1218 ServerName: UNICODE_STRING,
1219 ServerRealm: UNICODE_STRING,
1220 StartTime: LARGE_INTEGER,
1221 EndTime: LARGE_INTEGER,
1222 RenewTime: LARGE_INTEGER,
1223 EncryptionType: LONG,
1224 TicketFlags: ULONG,
1225 SessionKeyType: ULONG,
1226 BranchId: ULONG,
1227 CacheFlags: ULONG,
1228 KdcCalled: UNICODE_STRING,
1229 }}
1230 pub type PKERB_TICKET_CACHE_INFO_EX3 = *mut KERB_TICKET_CACHE_INFO_EX3;
1231 STRUCT!{struct KERB_QUERY_TKT_CACHE_RESPONSE {
1232 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1233 CountOfTickets: ULONG,
1234 Tickets: [KERB_TICKET_CACHE_INFO; ANYSIZE_ARRAY],
1235 }}
1236 pub type PKERB_QUERY_TKT_CACHE_RESPONSE = *mut KERB_QUERY_TKT_CACHE_RESPONSE;
1237 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX_RESPONSE {
1238 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1239 CountOfTickets: ULONG,
1240 Tickets: [KERB_TICKET_CACHE_INFO_EX; ANYSIZE_ARRAY],
1241 }}
1242 pub type PKERB_QUERY_TKT_CACHE_EX_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX_RESPONSE;
1243 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX2_RESPONSE {
1244 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1245 CountOfTickets: ULONG,
1246 Tickets: [KERB_TICKET_CACHE_INFO_EX2; ANYSIZE_ARRAY],
1247 }}
1248 pub type PKERB_QUERY_TKT_CACHE_EX2_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX2_RESPONSE;
1249 STRUCT!{struct KERB_QUERY_TKT_CACHE_EX3_RESPONSE {
1250 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1251 CountOfTickets: ULONG,
1252 Tickets: [KERB_TICKET_CACHE_INFO_EX3; ANYSIZE_ARRAY],
1253 }}
1254 pub type PKERB_QUERY_TKT_CACHE_EX3_RESPONSE = *mut KERB_QUERY_TKT_CACHE_EX3_RESPONSE;
1255 pub const KERB_USE_DEFAULT_TICKET_FLAGS: ULONG = 0x0;
1256 pub const KERB_RETRIEVE_TICKET_DEFAULT: ULONG = 0x0;
1257 pub const KERB_RETRIEVE_TICKET_DONT_USE_CACHE: ULONG = 0x1;
1258 pub const KERB_RETRIEVE_TICKET_USE_CACHE_ONLY: ULONG = 0x2;
1259 pub const KERB_RETRIEVE_TICKET_USE_CREDHANDLE: ULONG = 0x4;
1260 pub const KERB_RETRIEVE_TICKET_AS_KERB_CRED: ULONG = 0x8;
1261 pub const KERB_RETRIEVE_TICKET_WITH_SEC_CRED: ULONG = 0x10;
1262 pub const KERB_RETRIEVE_TICKET_CACHE_TICKET: ULONG = 0x20;
1263 pub const KERB_RETRIEVE_TICKET_MAX_LIFETIME: ULONG = 0x40;
1264 STRUCT!{struct KERB_AUTH_DATA {
1265 Type: ULONG,
1266 Length: ULONG,
1267 Data: PUCHAR,
1268 }}
1269 pub type PKERB_AUTH_DATA = *mut KERB_AUTH_DATA;
1270 STRUCT!{struct KERB_NET_ADDRESS {
1271 Family: ULONG,
1272 Length: ULONG,
1273 Address: PUCHAR,
1274 }}
1275 pub type PKERB_NET_ADDRESS = *mut KERB_NET_ADDRESS;
1276 STRUCT!{struct KERB_NET_ADDRESSES {
1277 Number: ULONG,
1278 Addresses: [KERB_NET_ADDRESS; ANYSIZE_ARRAY],
1279 }}
1280 pub type PKERB_NET_ADDRESSES = *mut KERB_NET_ADDRESSES;
1281 STRUCT!{struct KERB_EXTERNAL_NAME {
1282 NameType: SHORT,
1283 NameCount: USHORT,
1284 Names: [UNICODE_STRING; ANYSIZE_ARRAY],
1285 }}
1286 pub type PKERB_EXTERNAL_NAME = *mut KERB_EXTERNAL_NAME;
1287 STRUCT!{struct KERB_EXTERNAL_TICKET {
1288 ServiceName: PKERB_EXTERNAL_NAME,
1289 TargetName: PKERB_EXTERNAL_NAME,
1290 ClientName: PKERB_EXTERNAL_NAME,
1291 DomainName: UNICODE_STRING,
1292 TargetDomainName: UNICODE_STRING,
1293 AltTargetDomainName: UNICODE_STRING,
1294 SessionKey: KERB_CRYPTO_KEY,
1295 TicketFlags: ULONG,
1296 Flags: ULONG,
1297 KeyExpirationTime: LARGE_INTEGER,
1298 StartTime: LARGE_INTEGER,
1299 EndTime: LARGE_INTEGER,
1300 RenewUntil: LARGE_INTEGER,
1301 TimeSkew: LARGE_INTEGER,
1302 EncodedTicketSize: ULONG,
1303 EncodedTicket: PUCHAR,
1304 }}
1305 pub type PKERB_EXTERNAL_TICKET = *mut KERB_EXTERNAL_TICKET;
1306 STRUCT!{struct KERB_RETRIEVE_TKT_REQUEST {
1307 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1308 LogonId: LUID,
1309 TargetName: UNICODE_STRING,
1310 TicketFlags: ULONG,
1311 CacheOptions: ULONG,
1312 EncryptionType: LONG,
1313 CredentialsHandle: SecHandle,
1314 }}
1315 pub type PKERB_RETRIEVE_TKT_REQUEST = *mut KERB_RETRIEVE_TKT_REQUEST;
1316 STRUCT!{struct KERB_RETRIEVE_TKT_RESPONSE {
1317 Ticket: KERB_EXTERNAL_TICKET,
1318 }}
1319 pub type PKERB_RETRIEVE_TKT_RESPONSE = *mut KERB_RETRIEVE_TKT_RESPONSE;
1320 STRUCT!{struct KERB_PURGE_TKT_CACHE_REQUEST {
1321 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1322 LogonId: LUID,
1323 ServerName: UNICODE_STRING,
1324 RealmName: UNICODE_STRING,
1325 }}
1326 pub type PKERB_PURGE_TKT_CACHE_REQUEST = *mut KERB_PURGE_TKT_CACHE_REQUEST;
1327 pub const KERB_PURGE_ALL_TICKETS: ULONG = 1;
1328 STRUCT!{struct KERB_PURGE_TKT_CACHE_EX_REQUEST {
1329 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1330 LogonId: LUID,
1331 Flags: ULONG,
1332 TicketTemplate: KERB_TICKET_CACHE_INFO_EX,
1333 }}
1334 pub type PKERB_PURGE_TKT_CACHE_EX_REQUEST = *mut KERB_PURGE_TKT_CACHE_EX_REQUEST;
1335 STRUCT!{struct KERB_SUBMIT_TKT_REQUEST {
1336 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1337 LogonId: LUID,
1338 Flags: ULONG,
1339 Key: KERB_CRYPTO_KEY32,
1340 KerbCredSize: ULONG,
1341 KerbCredOffset: ULONG,
1342 }}
1343 pub type PKERB_SUBMIT_TKT_REQUEST = *mut KERB_SUBMIT_TKT_REQUEST;
1344 STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_REQUEST {
1345 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1346 Flags: ULONG,
1347 LogonId: LUID,
1348 }}
1349 pub type PKERB_QUERY_KDC_PROXY_CACHE_REQUEST = *mut KERB_QUERY_KDC_PROXY_CACHE_REQUEST;
1350 STRUCT!{struct KDC_PROXY_CACHE_ENTRY_DATA {
1351 SinceLastUsed: ULONG64,
1352 DomainName: UNICODE_STRING,
1353 ProxyServerName: UNICODE_STRING,
1354 ProxyServerVdir: UNICODE_STRING,
1355 ProxyServerPort: USHORT,
1356 LogonId: LUID,
1357 CredUserName: UNICODE_STRING,
1358 CredDomainName: UNICODE_STRING,
1359 GlobalCache: BOOLEAN,
1360 }}
1361 pub type PKDC_PROXY_CACHE_ENTRY_DATA = *mut KDC_PROXY_CACHE_ENTRY_DATA;
1362 STRUCT!{struct KERB_QUERY_KDC_PROXY_CACHE_RESPONSE {
1363 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1364 CountOfEntries: ULONG,
1365 Entries: PKDC_PROXY_CACHE_ENTRY_DATA,
1366 }}
1367 pub type PKERB_QUERY_KDC_PROXY_CACHE_RESPONSE = *mut KERB_QUERY_KDC_PROXY_CACHE_RESPONSE;
1368 STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_REQUEST {
1369 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1370 Flags: ULONG,
1371 LogonId: LUID,
1372 }}
1373 pub type PKERB_PURGE_KDC_PROXY_CACHE_REQUEST = *mut KERB_PURGE_KDC_PROXY_CACHE_REQUEST;
1374 STRUCT!{struct KERB_PURGE_KDC_PROXY_CACHE_RESPONSE {
1375 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1376 CountOfPurged: ULONG,
1377 }}
1378 pub type PKERB_PURGE_KDC_PROXY_CACHE_RESPONSE = *mut KERB_PURGE_KDC_PROXY_CACHE_RESPONSE;
1379 pub const KERB_S4U2PROXY_CACHE_ENTRY_INFO_FLAG_NEGATIVE: ULONG = 0x1;
1380 STRUCT!{struct KERB_S4U2PROXY_CACHE_ENTRY_INFO {
1381 ServerName: UNICODE_STRING,
1382 Flags: ULONG,
1383 LastStatus: NTSTATUS,
1384 Expiry: LARGE_INTEGER,
1385 }}
1386 pub type PKERB_S4U2PROXY_CACHE_ENTRY_INFO = *mut KERB_S4U2PROXY_CACHE_ENTRY_INFO;
1387 pub const KERB_S4U2PROXY_CRED_FLAG_NEGATIVE: ULONG = 0x1;
1388 STRUCT!{struct KERB_S4U2PROXY_CRED {
1389 UserName: UNICODE_STRING,
1390 DomainName: UNICODE_STRING,
1391 Flags: ULONG,
1392 LastStatus: NTSTATUS,
1393 Expiry: LARGE_INTEGER,
1394 CountOfEntries: ULONG,
1395 Entries: PKERB_S4U2PROXY_CACHE_ENTRY_INFO,
1396 }}
1397 pub type PKERB_S4U2PROXY_CRED = *mut KERB_S4U2PROXY_CRED;
1398 STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_REQUEST {
1399 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1400 Flags: ULONG,
1401 LogonId: LUID,
1402 }}
1403 pub type PKERB_QUERY_S4U2PROXY_CACHE_REQUEST = *mut KERB_QUERY_S4U2PROXY_CACHE_REQUEST;
1404 STRUCT!{struct KERB_QUERY_S4U2PROXY_CACHE_RESPONSE {
1405 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1406 CountOfCreds: ULONG,
1407 Creds: PKERB_S4U2PROXY_CRED,
1408 }}
1409 pub type PKERB_QUERY_S4U2PROXY_CACHE_RESPONSE = *mut KERB_QUERY_S4U2PROXY_CACHE_RESPONSE;
1410 STRUCT!{struct KERB_CHANGEPASSWORD_REQUEST {
1411 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1412 DomainName: UNICODE_STRING,
1413 AccountName: UNICODE_STRING,
1414 OldPassword: UNICODE_STRING,
1415 NewPassword: UNICODE_STRING,
1416 Impersonating: BOOLEAN,
1417 }}
1418 pub type PKERB_CHANGEPASSWORD_REQUEST = *mut KERB_CHANGEPASSWORD_REQUEST;
1419 STRUCT!{struct KERB_SETPASSWORD_REQUEST {
1420 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1421 LogonId: LUID,
1422 CredentialsHandle: SecHandle,
1423 Flags: ULONG,
1424 DomainName: UNICODE_STRING,
1425 AccountName: UNICODE_STRING,
1426 Password: UNICODE_STRING,
1427 }}
1428 pub type PKERB_SETPASSWORD_REQUEST = *mut KERB_SETPASSWORD_REQUEST;
1429 STRUCT!{struct KERB_SETPASSWORD_EX_REQUEST {
1430 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1431 LogonId: LUID,
1432 CredentialsHandle: SecHandle,
1433 Flags: ULONG,
1434 AccountRealm: UNICODE_STRING,
1435 AccountName: UNICODE_STRING,
1436 Password: UNICODE_STRING,
1437 ClientRealm: UNICODE_STRING,
1438 ClientName: UNICODE_STRING,
1439 Impersonating: BOOLEAN,
1440 KdcAddress: UNICODE_STRING,
1441 KdcAddressType: ULONG,
1442 }}
1443 pub type PKERB_SETPASSWORD_EX_REQUEST = *mut KERB_SETPASSWORD_EX_REQUEST;
1444 pub const DS_UNKNOWN_ADDRESS_TYPE: ULONG = 0;
1445 pub const KERB_SETPASS_USE_LOGONID: ULONG = 1;
1446 pub const KERB_SETPASS_USE_CREDHANDLE: ULONG = 2;
1447 STRUCT!{struct KERB_DECRYPT_REQUEST {
1448 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1449 LogonId: LUID,
1450 Flags: ULONG,
1451 CryptoType: LONG,
1452 KeyUsage: LONG,
1453 Key: KERB_CRYPTO_KEY,
1454 EncryptedDataSize: ULONG,
1455 InitialVectorSize: ULONG,
1456 InitialVector: PUCHAR,
1457 EncryptedData: PUCHAR,
1458 }}
1459 pub type PKERB_DECRYPT_REQUEST = *mut KERB_DECRYPT_REQUEST;
1460 pub const KERB_DECRYPT_FLAG_DEFAULT_KEY: ULONG = 0x00000001;
1461 STRUCT!{struct KERB_DECRYPT_RESPONSE {
1462 DecryptedData: [UCHAR; ANYSIZE_ARRAY],
1463 }}
1464 pub type PKERB_DECRYPT_RESPONSE = *mut KERB_DECRYPT_RESPONSE;
1465 STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_REQUEST {
1466 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1467 RealmName: UNICODE_STRING,
1468 KdcAddress: UNICODE_STRING,
1469 AddressType: ULONG,
1470 }}
1471 pub type PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_REQUEST;
1472 STRUCT!{struct KERB_REFRESH_SCCRED_REQUEST {
1473 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1474 CredentialBlob: UNICODE_STRING,
1475 LogonId: LUID,
1476 Flags: ULONG,
1477 }}
1478 pub type PKERB_REFRESH_SCCRED_REQUEST = *mut KERB_REFRESH_SCCRED_REQUEST;
1479 pub const KERB_REFRESH_SCCRED_RELEASE: ULONG = 0x0;
1480 pub const KERB_REFRESH_SCCRED_GETTGT: ULONG = 0x1;
1481 STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST {
1482 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1483 UserName: UNICODE_STRING,
1484 DomainName: UNICODE_STRING,
1485 Password: UNICODE_STRING,
1486 LogonId: LUID,
1487 Flags: ULONG,
1488 }}
1489 pub type PKERB_ADD_CREDENTIALS_REQUEST = *mut KERB_ADD_CREDENTIALS_REQUEST;
1490 pub const KERB_REQUEST_ADD_CREDENTIAL: ULONG = 1;
1491 pub const KERB_REQUEST_REPLACE_CREDENTIAL: ULONG = 2;
1492 pub const KERB_REQUEST_REMOVE_CREDENTIAL: ULONG = 4;
1493 STRUCT!{struct KERB_ADD_CREDENTIALS_REQUEST_EX {
1494 Credentials: KERB_ADD_CREDENTIALS_REQUEST,
1495 PrincipalNameCount: ULONG,
1496 PrincipalNames: [UNICODE_STRING; ANYSIZE_ARRAY],
1497 }}
1498 pub type PKERB_ADD_CREDENTIALS_REQUEST_EX = *mut KERB_ADD_CREDENTIALS_REQUEST_EX;
1499 STRUCT!{struct KERB_TRANSFER_CRED_REQUEST {
1500 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1501 OriginLogonId: LUID,
1502 DestinationLogonId: LUID,
1503 Flags: ULONG,
1504 }}
1505 pub type PKERB_TRANSFER_CRED_REQUEST = *mut KERB_TRANSFER_CRED_REQUEST;
1506 pub const KERB_TRANSFER_CRED_WITH_TICKETS: ULONG = 0x1;
1507 pub const KERB_TRANSFER_CRED_CLEANUP_CREDENTIALS: ULONG = 0x2;
1508 STRUCT!{struct KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST {
1509 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1510 LogonId: LUID,
1511 }}
1512 pub type PKERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST =
1513 *mut KERB_CLEANUP_MACHINE_PKINIT_CREDS_REQUEST;
1514 STRUCT!{struct KERB_BINDING_CACHE_ENTRY_DATA {
1515 DiscoveryTime: ULONG64,
1516 RealmName: UNICODE_STRING,
1517 KdcAddress: UNICODE_STRING,
1518 AddressType: ULONG,
1519 Flags: ULONG,
1520 DcFlags: ULONG,
1521 CacheFlags: ULONG,
1522 KdcName: UNICODE_STRING,
1523 }}
1524 pub type PKERB_BINDING_CACHE_ENTRY_DATA = *mut KERB_BINDING_CACHE_ENTRY_DATA;
1525 STRUCT!{struct KERB_QUERY_BINDING_CACHE_RESPONSE {
1526 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1527 CountOfEntries: ULONG,
1528 Entries: PKERB_BINDING_CACHE_ENTRY_DATA,
1529 }}
1530 pub type PKERB_QUERY_BINDING_CACHE_RESPONSE = *mut KERB_QUERY_BINDING_CACHE_RESPONSE;
1531 STRUCT!{struct KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST {
1532 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1533 RealmName: UNICODE_STRING,
1534 KdcAddress: UNICODE_STRING,
1535 AddressType: ULONG,
1536 DcFlags: ULONG,
1537 }}
1538 pub type PKERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST = *mut KERB_ADD_BINDING_CACHE_ENTRY_EX_REQUEST;
1539 STRUCT!{struct KERB_QUERY_BINDING_CACHE_REQUEST {
1540 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1541 }}
1542 pub type PKERB_QUERY_BINDING_CACHE_REQUEST = *mut KERB_QUERY_BINDING_CACHE_REQUEST;
1543 STRUCT!{struct KERB_PURGE_BINDING_CACHE_REQUEST {
1544 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1545 }}
1546 pub type PKERB_PURGE_BINDING_CACHE_REQUEST = *mut KERB_PURGE_BINDING_CACHE_REQUEST;
1547 STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST {
1548 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1549 Flags: ULONG,
1550 DomainName: UNICODE_STRING,
1551 }}
1552 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST =
1553 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_REQUEST;
1554 STRUCT!{struct KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE {
1555 MessageType: KERB_PROTOCOL_MESSAGE_TYPE,
1556 Flags: ULONG,
1557 ExtendedPolicies: ULONG,
1558 DsFlags: ULONG,
1559 }}
1560 pub type PKERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE =
1561 *mut KERB_QUERY_DOMAIN_EXTENDED_POLICIES_RESPONSE;
1562 ENUM!{enum KERB_CERTIFICATE_INFO_TYPE {
1563 CertHashInfo = 1,
1564 }}
1565 pub type PKERB_CERTIFICATE_INFO_TYPE = *mut KERB_CERTIFICATE_INFO_TYPE;
1566 STRUCT!{struct KERB_CERTIFICATE_HASHINFO {
1567 StoreNameLength: USHORT,
1568 HashLength: USHORT,
1569 }}
1570 pub type PKERB_CERTIFICATE_HASHINFO = *mut KERB_CERTIFICATE_HASHINFO;
1571 STRUCT!{struct KERB_CERTIFICATE_INFO {
1572 CertInfoSize: ULONG,
1573 InfoType: ULONG,
1574 }}
1575 pub type PKERB_CERTIFICATE_INFO = *mut KERB_CERTIFICATE_INFO;
1576 STRUCT!{struct POLICY_AUDIT_SID_ARRAY {
1577 UsersCount: ULONG,
1578 UserSidArray: *mut PSID,
1579 }}
1580 pub type PPOLICY_AUDIT_SID_ARRAY = *mut POLICY_AUDIT_SID_ARRAY;
1581 STRUCT!{struct AUDIT_POLICY_INFORMATION {
1582 AuditSubCategoryGuid: GUID,
1583 AuditingInformation: ULONG,
1584 AuditCategoryGuid: GUID,
1585 }}
1586 pub type PAUDIT_POLICY_INFORMATION = *mut AUDIT_POLICY_INFORMATION;
1587 pub type LPAUDIT_POLICY_INFORMATION = PAUDIT_POLICY_INFORMATION;
1588 pub type PCAUDIT_POLICY_INFORMATION = *const AUDIT_POLICY_INFORMATION;
1589 pub const AUDIT_SET_SYSTEM_POLICY: ULONG = 0x0001;
1590 pub const AUDIT_QUERY_SYSTEM_POLICY: ULONG = 0x0002;
1591 pub const AUDIT_SET_USER_POLICY: ULONG = 0x0004;
1592 pub const AUDIT_QUERY_USER_POLICY: ULONG = 0x0008;
1593 pub const AUDIT_ENUMERATE_USERS: ULONG = 0x0010;
1594 pub const AUDIT_SET_MISC_POLICY: ULONG = 0x0020;
1595 pub const AUDIT_QUERY_MISC_POLICY: ULONG = 0x0040;
1596 pub const AUDIT_GENERIC_ALL: ULONG = STANDARD_RIGHTS_REQUIRED | AUDIT_SET_SYSTEM_POLICY
1597 | AUDIT_QUERY_SYSTEM_POLICY | AUDIT_SET_USER_POLICY | AUDIT_QUERY_USER_POLICY
1598 | AUDIT_ENUMERATE_USERS | AUDIT_SET_MISC_POLICY | AUDIT_QUERY_MISC_POLICY;
1599 pub const AUDIT_GENERIC_READ: ULONG = STANDARD_RIGHTS_READ | AUDIT_QUERY_SYSTEM_POLICY
1600 | AUDIT_QUERY_USER_POLICY | AUDIT_ENUMERATE_USERS | AUDIT_QUERY_MISC_POLICY;
1601 pub const AUDIT_GENERIC_WRITE: ULONG = STANDARD_RIGHTS_WRITE | AUDIT_SET_USER_POLICY
1602 | AUDIT_SET_MISC_POLICY | AUDIT_SET_SYSTEM_POLICY;
1603 pub const AUDIT_GENERIC_EXECUTE: ULONG = STANDARD_RIGHTS_EXECUTE;
1604 extern "system" {
1605 pub fn AuditSetSystemPolicy(
1606 pAuditPolicy: PCAUDIT_POLICY_INFORMATION,
1607 PolicyCount: ULONG,
1608 ) -> BOOLEAN;
1609 pub fn AuditSetPerUserPolicy(
1610 pSid: *const SID,
1611 pAuditPolicy: PCAUDIT_POLICY_INFORMATION,
1612 PolicyCount: ULONG,
1613 ) -> BOOLEAN;
1614 pub fn AuditQuerySystemPolicy(
1615 pSubCategoryGuids: *const GUID,
1616 PolicyCount: ULONG,
1617 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1618 ) -> BOOLEAN;
1619 pub fn AuditQueryPerUserPolicy(
1620 pSid: *const SID,
1621 pSubCategoryGuids: *const GUID,
1622 PolicyCount: ULONG,
1623 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1624 ) -> BOOLEAN;
1625 pub fn AuditEnumeratePerUserPolicy(
1626 ppAuditSidArray: *mut PPOLICY_AUDIT_SID_ARRAY,
1627 ) -> BOOLEAN;
1628 pub fn AuditComputeEffectivePolicyBySid(
1629 pSid: *const SID,
1630 pSubCategoryGuids: *const GUID,
1631 dwPolicyCount: ULONG,
1632 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1633 ) -> BOOLEAN;
1634 pub fn AuditComputeEffectivePolicyByToken(
1635 hTokenHandle: HANDLE,
1636 pSubCategoryGuids: *const GUID,
1637 dwPolicyCount: ULONG,
1638 ppAuditPolicy: *mut PAUDIT_POLICY_INFORMATION,
1639 ) -> BOOLEAN;
1640 pub fn AuditEnumerateCategories(
1641 ppAuditCategoriesArray: *mut *mut GUID,
1642 pdwCountReturned: PULONG,
1643 ) -> BOOLEAN;
1644 pub fn AuditEnumerateSubCategories(
1645 pAuditCategoryGuid: *const GUID,
1646 bRetrieveAllSubCategories: BOOLEAN,
1647 ppAuditSubCategoriesArray: *mut *mut GUID,
1648 pdwCountReturned: PULONG,
1649 ) -> BOOLEAN;
1650 pub fn AuditLookupCategoryNameW(
1651 pAuditCategoryGuid: *const GUID,
1652 ppszCategoryName: *mut PWSTR,
1653 ) -> BOOLEAN;
1654 pub fn AuditLookupCategoryNameA(
1655 pAuditCategoryGuid: *const GUID,
1656 ppszCategoryName: *mut PSTR,
1657 ) -> BOOLEAN;
1658 pub fn AuditLookupSubCategoryNameW(
1659 pAuditSubCategoryGuid: *const GUID,
1660 ppszSubCategoryName: *mut PWSTR,
1661 ) -> BOOLEAN;
1662 pub fn AuditLookupSubCategoryNameA(
1663 pAuditSubCategoryGuid: *const GUID,
1664 ppszSubCategoryName: *mut PSTR,
1665 ) -> BOOLEAN;
1666 pub fn AuditLookupCategoryIdFromCategoryGuid(
1667 pAuditCategoryGuid: *const GUID,
1668 pAuditCategoryId: PPOLICY_AUDIT_EVENT_TYPE,
1669 ) -> BOOLEAN;
1670 pub fn AuditLookupCategoryGuidFromCategoryId(
1671 AuditCategoryId: POLICY_AUDIT_EVENT_TYPE,
1672 pAuditCategoryGuid: *mut GUID,
1673 ) -> BOOLEAN;
1674 pub fn AuditSetSecurity(
1675 SecurityInformation: SECURITY_INFORMATION,
1676 pSecurityDescriptor: PSECURITY_DESCRIPTOR,
1677 ) -> BOOLEAN;
1678 pub fn AuditQuerySecurity(
1679 SecurityInformation: SECURITY_INFORMATION,
1680 ppSecurityDescriptor: *mut PSECURITY_DESCRIPTOR,
1681 ) -> BOOLEAN;
1682 pub fn AuditSetGlobalSaclW(
1683 ObjectTypeName: PCWSTR,
1684 Acl: PACL,
1685 ) -> BOOLEAN;
1686 pub fn AuditSetGlobalSaclA(
1687 ObjectTypeName: PCSTR,
1688 Acl: PACL,
1689 ) -> BOOLEAN;
1690 pub fn AuditQueryGlobalSaclW(
1691 ObjectTypeName: PCWSTR,
1692 Acl: *mut PACL,
1693 ) -> BOOLEAN;
1694 pub fn AuditQueryGlobalSaclA(
1695 ObjectTypeName: PCSTR,
1696 Acl: *mut PACL,
1697 ) -> BOOLEAN;
1698 pub fn AuditFree(
1699 Buffer: PVOID,
1700 );
1701 }
1702 STRUCT!{struct PKU2U_CERT_BLOB {
1703 CertOffset: ULONG,
1704 CertLength: USHORT,
1705 }}
1706 pub type PPKU2U_CERT_BLOB = *mut PKU2U_CERT_BLOB;
1707 pub const PKU2U_CREDUI_CONTEXT_VERSION: ULONG64 = 0x4154414454524543;
1708 STRUCT!{struct PKU2U_CREDUI_CONTEXT {
1709 Version: ULONG64,
1710 cbHeaderLength: USHORT,
1711 cbStructureLength: ULONG,
1712 CertArrayCount: USHORT,
1713 CertArrayOffset: ULONG,
1714 }}
1715 pub type PPKU2U_CREDUI_CONTEXT = *mut PKU2U_CREDUI_CONTEXT;
1716 ENUM!{enum PKU2U_LOGON_SUBMIT_TYPE {
1717 Pku2uCertificateS4ULogon = 14,
1718 }}
1719 pub type PPKU2U_LOGON_SUBMIT_TYPE = *mut PKU2U_LOGON_SUBMIT_TYPE;
1720 STRUCT!{struct PKU2U_CERTIFICATE_S4U_LOGON {
1721 MessageType: PKU2U_LOGON_SUBMIT_TYPE,
1722 Flags: ULONG,
1723 UserPrincipalName: UNICODE_STRING,
1724 DomainName: UNICODE_STRING,
1725 CertificateLength: ULONG,
1726 Certificate: PUCHAR,
1727 }}
1728 pub type PPKU2U_CERTIFICATE_S4U_LOGON = *mut PKU2U_CERTIFICATE_S4U_LOGON;
backport for Debian buster