xref: /reactos/dll/win32/lsasrv/lsasrv.h (revision 34593d93) 
1 /*
2  * COPYRIGHT:       See COPYING in the top level directory
3  * PROJECT:         Local Security Authority (LSA) Server
4  * FILE:            reactos/dll/win32/lsasrv/lsasrv.h
5  * PURPOSE:         Common header file
6  *
7  * PROGRAMMERS:     Eric Kohl
8  */
9 
10 #ifndef _LSASRV_H
11 #define _LSASRV_H
12 
13 #include <stdarg.h>
14 
15 #define WIN32_NO_STATUS
16 #define _INC_WINDOWS
17 #define COM_NO_WINDOWS_H
18 
19 #include <windef.h>
20 #include <winbase.h>
21 #include <winreg.h>
22 
23 #define NTOS_MODE_USER
24 #include <ndk/cmfuncs.h>
25 #include <ndk/exfuncs.h>
26 #include <ndk/kefuncs.h>
27 #include <ndk/mmfuncs.h>
28 #include <ndk/obfuncs.h>
29 #include <ndk/psfuncs.h>
30 #include <ndk/rtlfuncs.h>
31 #include <ndk/sefuncs.h>
32 #include <ndk/ketypes.h>
33 #include <ndk/setypes.h>
34 
35 #include <ntsam.h>
36 #include <ntlsa.h>
37 #include <sddl.h>
38 
39 #include <srmp.h>
40 
41 #include <lsass.h>
42 #include <lsa_s.h>
43 
44 #include <wine/debug.h>
45 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
46 
47 typedef enum _LSA_DB_OBJECT_TYPE
48 {
49     LsaDbIgnoreObject,
50     LsaDbPolicyObject,
51     LsaDbAccountObject,
52     LsaDbDomainObject,
53     LsaDbSecretObject
54 } LSA_DB_OBJECT_TYPE, *PLSA_DB_OBJECT_TYPE;
55 
56 typedef struct _LSA_DB_OBJECT
57 {
58     ULONG Signature;
59     LSA_DB_OBJECT_TYPE ObjectType;
60     ULONG RefCount;
61     ACCESS_MASK Access;
62     HANDLE KeyHandle;
63     BOOLEAN Trusted;
64     struct _LSA_DB_OBJECT *ParentObject;
65 } LSA_DB_OBJECT, *PLSA_DB_OBJECT;
66 
67 #define LSAP_DB_SIGNATURE 0x12345678
68 
69 #define POLICY_AUDIT_EVENT_TYPE_COUNT (AuditCategoryAccountLogon - AuditCategorySystem + 1)
70 typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATA
71 {
72     BOOLEAN AuditingMode;
73     DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT];
74     DWORD MaximumAuditEventCount;
75 } LSAP_POLICY_AUDIT_EVENTS_DATA, *PLSAP_POLICY_AUDIT_EVENTS_DATA;
76 
77 typedef struct _LSAP_LOGON_CONTEXT
78 {
79     LIST_ENTRY Entry;
80     HANDLE ClientProcessHandle;
81     HANDLE ConnectionHandle;
82     BOOL TrustedCaller;
83 } LSAP_LOGON_CONTEXT, *PLSAP_LOGON_CONTEXT;
84 
85 typedef struct _SAMPR_ULONG_ARRAY
86 {
87     unsigned long Count;
88     unsigned long *Element;
89 } SAMPR_ULONG_ARRAY, *PSAMPR_ULONG_ARRAY;
90 
91 extern NT_PRODUCT_TYPE LsapProductType;
92 
93 extern SID_IDENTIFIER_AUTHORITY NullSidAuthority;
94 extern SID_IDENTIFIER_AUTHORITY WorldSidAuthority;
95 extern SID_IDENTIFIER_AUTHORITY LocalSidAuthority;
96 extern SID_IDENTIFIER_AUTHORITY CreatorSidAuthority;
97 extern SID_IDENTIFIER_AUTHORITY NtAuthority;
98 
99 extern PSID BuiltinDomainSid;
100 extern UNICODE_STRING BuiltinDomainName;
101 extern PSID AccountDomainSid;
102 extern UNICODE_STRING AccountDomainName;
103 
104 extern PSID LsapWorldSid;
105 extern PSID LsapNetworkSid;
106 extern PSID LsapBatchSid;
107 extern PSID LsapInteractiveSid;
108 extern PSID LsapServiceSid;
109 extern PSID LsapLocalSystemSid;
110 extern PSID LsapAdministratorsSid;
111 
112 
113 /* authpackage.c */
114 NTSTATUS
115 LsapInitAuthPackages(VOID);
116 
117 NTSTATUS
118 LsapLookupAuthenticationPackage(PLSA_API_MSG RequestMsg,
119                                 PLSAP_LOGON_CONTEXT LogonContext);
120 
121 NTSTATUS
122 LsapCallAuthenticationPackage(PLSA_API_MSG RequestMsg,
123                               PLSAP_LOGON_CONTEXT LogonContext);
124 
125 NTSTATUS
126 LsapLogonUser(PLSA_API_MSG RequestMsg,
127               PLSAP_LOGON_CONTEXT LogonContext);
128 
129 VOID
130 LsapTerminateLogon(
131     _In_ PLUID LogonId);
132 
133 
134 /* authport.c */
135 NTSTATUS
136 StartAuthenticationPort(VOID);
137 
138 /* database.c */
139 NTSTATUS
140 LsapInitDatabase(VOID);
141 
142 NTSTATUS
143 LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject,
144                    IN LPWSTR ContainerName,
145                    IN LPWSTR ObjectName,
146                    IN LSA_DB_OBJECT_TYPE HandleType,
147                    IN ACCESS_MASK DesiredAccess,
148                    IN BOOLEAN Trusted,
149                    OUT PLSA_DB_OBJECT *DbObject);
150 
151 NTSTATUS
152 LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject,
153                  IN LPWSTR ContainerName,
154                  IN LPWSTR ObjectName,
155                  IN LSA_DB_OBJECT_TYPE ObjectType,
156                  IN ACCESS_MASK DesiredAccess,
157                  IN BOOLEAN Trusted,
158                  OUT PLSA_DB_OBJECT *DbObject);
159 
160 NTSTATUS
161 LsapValidateDbObject(IN LSAPR_HANDLE Handle,
162                      IN LSA_DB_OBJECT_TYPE HandleType,
163                      IN ACCESS_MASK GrantedAccess,
164                      OUT PLSA_DB_OBJECT *DbObject);
165 
166 NTSTATUS
167 LsapCloseDbObject(IN PLSA_DB_OBJECT DbObject);
168 
169 NTSTATUS
170 LsapDeleteDbObject(IN PLSA_DB_OBJECT DbObject);
171 
172 NTSTATUS
173 LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject,
174                        LPWSTR AttributeName,
175                        LPVOID AttributeData,
176                        PULONG AttributeSize);
177 
178 NTSTATUS
179 LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject,
180                        LPWSTR AttributeName,
181                        LPVOID AttributeData,
182                        ULONG AttributeSize);
183 
184 NTSTATUS
185 LsapDeleteObjectAttribute(PLSA_DB_OBJECT DbObject,
186                           LPWSTR AttributeName);
187 
188 /* dssetup.c */
189 VOID
190 DsSetupInit(VOID);
191 
192 /* lookup.c */
193 NTSTATUS
194 LsapInitSids(VOID);
195 
196 ULONG
197 LsapGetRelativeIdFromSid(PSID Sid);
198 
199 NTSTATUS
200 LsapLookupNames(DWORD Count,
201                 PRPC_UNICODE_STRING Names,
202                 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
203                 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
204                 LSAP_LOOKUP_LEVEL LookupLevel,
205                 DWORD *MappedCount,
206                 DWORD LookupOptions,
207                 DWORD ClientRevision);
208 
209 NTSTATUS
210 LsapLookupSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
211                PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
212                PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
213                LSAP_LOOKUP_LEVEL LookupLevel,
214                DWORD *MappedCount,
215                DWORD LookupOptions,
216                DWORD ClientRevision);
217 
218 /* lsarpc.c */
219 NTSTATUS
220 LsarStartRpcServer(VOID);
221 
222 /* notify.c */
223 VOID
224 LsapInitNotificationList(VOID);
225 
226 NTSTATUS
227 LsapRegisterNotification(
228     PLSA_API_MSG RequestMsg);
229 
230 VOID
231 LsapNotifyPolicyChange(
232     POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass);
233 
234 /* policy.c */
235 NTSTATUS
236 LsarQueryAuditLog(PLSA_DB_OBJECT PolicyObject,
237                   PLSAPR_POLICY_INFORMATION *PolicyInformation);
238 
239 NTSTATUS
240 LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
241                      PLSAPR_POLICY_INFORMATION *PolicyInformation);
242 
243 NTSTATUS
244 LsarQueryPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
245                        PLSAPR_POLICY_INFORMATION *PolicyInformation);
246 
247 NTSTATUS
248 LsarQueryPdAccount(PLSA_DB_OBJECT PolicyObject,
249                    PLSAPR_POLICY_INFORMATION *PolicyInformation);
250 
251 NTSTATUS
252 LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject,
253                        PLSAPR_POLICY_INFORMATION *PolicyInformation);
254 
255 NTSTATUS
256 LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject,
257                     PLSAPR_POLICY_INFORMATION *PolicyInformation);
258 
259 NTSTATUS
260 LsarQueryReplicaSource(PLSA_DB_OBJECT PolicyObject,
261                        PLSAPR_POLICY_INFORMATION *PolicyInformation);
262 
263 NTSTATUS
264 LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject,
265                       PLSAPR_POLICY_INFORMATION *PolicyInformation);
266 
267 NTSTATUS
268 LsarQueryModification(PLSA_DB_OBJECT PolicyObject,
269                       PLSAPR_POLICY_INFORMATION *PolicyInformation);
270 
271 NTSTATUS
272 LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject,
273                    PLSAPR_POLICY_INFORMATION *PolicyInformation);
274 
275 NTSTATUS
276 LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject,
277                    PLSAPR_POLICY_INFORMATION *PolicyInformation);
278 
279 NTSTATUS
280 LsarQueryDnsDomainInt(PLSA_DB_OBJECT PolicyObject,
281                       PLSAPR_POLICY_INFORMATION *PolicyInformation);
282 
283 NTSTATUS
284 LsarQueryLocalAccountDomain(PLSA_DB_OBJECT PolicyObject,
285                             PLSAPR_POLICY_INFORMATION *PolicyInformation);
286 
287 NTSTATUS
288 LsarSetAuditLog(PLSA_DB_OBJECT PolicyObject,
289                 PPOLICY_AUDIT_LOG_INFO Info);
290 
291 NTSTATUS
292 LsarSetAuditEvents(PLSA_DB_OBJECT PolicyObject,
293                    PLSAPR_POLICY_AUDIT_EVENTS_INFO Info);
294 
295 NTSTATUS
296 LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
297                      PLSAPR_POLICY_PRIMARY_DOM_INFO Info);
298 
299 NTSTATUS
300 LsarSetAccountDomain(PLSA_DB_OBJECT PolicyObject,
301                      PLSAPR_POLICY_ACCOUNT_DOM_INFO Info);
302 
303 NTSTATUS
304 LsarSetServerRole(PLSA_DB_OBJECT PolicyObject,
305                   PPOLICY_LSA_SERVER_ROLE_INFO Info);
306 
307 NTSTATUS
308 LsarSetReplicaSource(PLSA_DB_OBJECT PolicyObject,
309                      PPOLICY_LSA_REPLICA_SRCE_INFO Info);
310 
311 NTSTATUS
312 LsarSetDefaultQuota(PLSA_DB_OBJECT PolicyObject,
313                     PPOLICY_DEFAULT_QUOTA_INFO Info);
314 
315 NTSTATUS
316 LsarSetModification(PLSA_DB_OBJECT PolicyObject,
317                     PPOLICY_MODIFICATION_INFO Info);
318 
319 NTSTATUS
320 LsarSetAuditFull(PLSA_DB_OBJECT PolicyObject,
321                  PPOLICY_AUDIT_FULL_QUERY_INFO Info);
322 
323 NTSTATUS
324 LsarSetDnsDomain(PLSA_DB_OBJECT PolicyObject,
325                  PLSAPR_POLICY_DNS_DOMAIN_INFO Info);
326 
327 NTSTATUS
328 LsarSetDnsDomainInt(PLSA_DB_OBJECT PolicyObject,
329                     PLSAPR_POLICY_DNS_DOMAIN_INFO Info);
330 
331 NTSTATUS
332 LsarSetLocalAccountDomain(PLSA_DB_OBJECT PolicyObject,
333                           PLSAPR_POLICY_ACCOUNT_DOM_INFO Info);
334 
335 /* privileges.c */
336 NTSTATUS
337 LsarpLookupPrivilegeName(PLUID Value,
338                          PRPC_UNICODE_STRING *Name);
339 
340 NTSTATUS
341 LsarpLookupPrivilegeDisplayName(PRPC_UNICODE_STRING Name,
342                                 USHORT ClientLanguage,
343                                 USHORT ClientSystemDefaultLanguage,
344                                 PRPC_UNICODE_STRING *DisplayName,
345                                 USHORT *LanguageReturned);
346 
347 PLUID
348 LsarpLookupPrivilegeValue(
349     IN PRPC_UNICODE_STRING Name);
350 
351 NTSTATUS
352 LsarpEnumeratePrivileges(DWORD *EnumerationContext,
353                          PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer,
354                          DWORD PreferedMaximumLength);
355 
356 NTSTATUS
357 LsapLookupAccountRightName(ULONG RightValue,
358                            PRPC_UNICODE_STRING *Name);
359 
360 ACCESS_MASK
361 LsapLookupAccountRightValue(
362     IN PRPC_UNICODE_STRING Name);
363 
364 /* registry.h */
365 NTSTATUS
366 LsapRegCloseKey(IN HANDLE KeyHandle);
367 
368 NTSTATUS
369 LsapRegCreateKey(IN HANDLE ParentKeyHandle,
370                  IN LPCWSTR KeyName,
371                  IN ACCESS_MASK DesiredAccess,
372                  OUT HANDLE KeyHandle);
373 
374 NTSTATUS
375 LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle,
376                     IN LPCWSTR KeyName);
377 
378 NTSTATUS
379 LsapRegDeleteKey(IN HANDLE KeyHandle);
380 
381 NTSTATUS
382 LsapRegEnumerateSubKey(IN HANDLE KeyHandle,
383                        IN ULONG Index,
384                        IN ULONG Length,
385                        OUT LPWSTR Buffer);
386 
387 NTSTATUS
388 LsapRegOpenKey(IN HANDLE ParentKeyHandle,
389                IN LPCWSTR KeyName,
390                IN ACCESS_MASK DesiredAccess,
391                OUT HANDLE KeyHandle);
392 
393 NTSTATUS
394 LsapRegQueryKeyInfo(IN HANDLE KeyHandle,
395                     OUT PULONG SubKeyCount,
396                     OUT PULONG MaxSubKeyNameLength,
397                     OUT PULONG ValueCount);
398 
399 NTSTATUS
400 LsapRegDeleteValue(IN HANDLE KeyHandle,
401                    IN LPWSTR ValueName);
402 
403 NTSTATUS
404 LsapRegEnumerateValue(IN HANDLE KeyHandle,
405                       IN ULONG Index,
406                       OUT LPWSTR Name,
407                       IN OUT PULONG NameLength,
408                       OUT PULONG Type OPTIONAL,
409                       OUT PVOID Data OPTIONAL,
410                       IN OUT PULONG DataLength OPTIONAL);
411 
412 NTSTATUS
413 LsapRegQueryValue(IN HANDLE KeyHandle,
414                   IN LPWSTR ValueName,
415                   OUT PULONG Type OPTIONAL,
416                   OUT LPVOID Data OPTIONAL,
417                   IN OUT PULONG DataLength OPTIONAL);
418 
419 NTSTATUS
420 LsapRegSetValue(IN HANDLE KeyHandle,
421                 IN LPWSTR ValueName,
422                 IN ULONG Type,
423                 IN LPVOID Data,
424                 IN ULONG DataLength);
425 
426 /* security.c */
427 NTSTATUS
428 LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd,
429                    PULONG PolicySdSize);
430 
431 NTSTATUS
432 LsapCreateAccountSd(PSECURITY_DESCRIPTOR *AccountSd,
433                     PULONG AccountSdSize);
434 
435 NTSTATUS
436 LsapCreateSecretSd(PSECURITY_DESCRIPTOR *SecretSd,
437                    PULONG SecretSdSize);
438 
439 /* session.c */
440 VOID
441 LsapInitLogonSessions(VOID);
442 
443 NTSTATUS
444 NTAPI
445 LsapCreateLogonSession(IN PLUID LogonId);
446 
447 NTSTATUS
448 NTAPI
449 LsapDeleteLogonSession(IN PLUID LogonId);
450 
451 NTSTATUS
452 NTAPI
453 LsapAddCredential(
454     _In_ PLUID LogonId,
455     _In_ ULONG AuthenticationPackage,
456     _In_ PLSA_STRING PrimaryKeyValue,
457     _In_ PLSA_STRING Credential);
458 
459 NTSTATUS
460 NTAPI
461 LsapGetCredentials(
462     _In_ PLUID LogonId,
463     _In_ ULONG AuthenticationPackage,
464     _Inout_ PULONG QueryContext,
465     _In_ BOOLEAN RetrieveAllCredentials,
466     _Inout_ PLSA_STRING PrimaryKeyValue,
467     _Out_ PULONG PrimaryKeyLength,
468     _Out_ PLSA_STRING Credentials);
469 
470 NTSTATUS
471 NTAPI
472 LsapDeleteCredential(
473     _In_ PLUID LogonId,
474     _In_ ULONG AuthenticationPackage,
475     _In_ PLSA_STRING PrimaryKeyValue);
476 
477 NTSTATUS
478 LsapSetLogonSessionData(
479     _In_ PLUID LogonId,
480     _In_ ULONG LogonType,
481     _In_ PUNICODE_STRING UserName,
482     _In_ PUNICODE_STRING LogonDomain,
483     _In_ PSID Sid);
484 
485 NTSTATUS
486 LsapEnumLogonSessions(IN OUT PLSA_API_MSG RequestMsg);
487 
488 NTSTATUS
489 LsapGetLogonSessionData(IN OUT PLSA_API_MSG RequestMsg);
490 
491 /* srm.c */
492 NTSTATUS
493 LsapRmInitializeServer(VOID);
494 
495 NTSTATUS
496 LsapRmCreateLogonSession(
497     PLUID LogonId);
498 
499 NTSTATUS
500 LsapRmDeleteLogonSession(
501     PLUID LogonId);
502 
503 /* utils.c */
504 INT
505 LsapLoadString(HINSTANCE hInstance,
506                UINT uId,
507                LPWSTR lpBuffer,
508                INT nBufferMax);
509 
510 INT
511 LsapGetResourceStringLengthEx(
512     _In_ HINSTANCE hInstance,
513     _In_ UINT uId,
514     _In_ USHORT usLanguage);
515 
516 INT
517 LsapLoadStringEx(
518     _In_ HINSTANCE hInstance,
519     _In_ UINT uId,
520     _In_ USHORT usLanguage,
521     _Out_ LPWSTR lpBuffer,
522     _Out_ INT nBufferMax);
523 
524 PSID
525 LsapAppendRidToSid(
526     PSID SrcSid,
527     ULONG Rid);
528 
529 #endif /* _LSASRV_H */
530