xref: /reactos/dll/win32/lsasrv/lsasrv.h (revision ac43fd2b) 
1 /*
2  * COPYRIGHT:       See COPYING in the top level directory
3  * PROJECT:         Local Security Authority (LSA) Server
4  * FILE:            reactos/dll/win32/lsasrv/lsasrv.h
5  * PURPOSE:         Common header file
6  *
7  * PROGRAMMERS:     Eric Kohl
8  */
9 
10 #ifndef _LSASRV_H
11 #define _LSASRV_H
12 
13 #include <stdarg.h>
14 
15 #define WIN32_NO_STATUS
16 #define _INC_WINDOWS
17 #define COM_NO_WINDOWS_H
18 
19 #include <windef.h>
20 #include <winbase.h>
21 #include <winreg.h>
22 
23 #define NTOS_MODE_USER
24 #include <ndk/cmfuncs.h>
25 #include <ndk/exfuncs.h>
26 #include <ndk/kefuncs.h>
27 #include <ndk/mmfuncs.h>
28 #include <ndk/obfuncs.h>
29 #include <ndk/psfuncs.h>
30 #include <ndk/rtlfuncs.h>
31 #include <ndk/sefuncs.h>
32 #include <ndk/ketypes.h>
33 #include <ndk/setypes.h>
34 
35 #include <ntsam.h>
36 #include <ntlsa.h>
37 #include <sddl.h>
38 
39 #include <srmp.h>
40 
41 #include <lsass.h>
42 #include <lsa_s.h>
43 
44 #include <wine/debug.h>
45 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
46 
47 typedef enum _LSA_DB_OBJECT_TYPE
48 {
49     LsaDbIgnoreObject,
50     LsaDbPolicyObject,
51     LsaDbAccountObject,
52     LsaDbDomainObject,
53     LsaDbSecretObject
54 } LSA_DB_OBJECT_TYPE, *PLSA_DB_OBJECT_TYPE;
55 
56 typedef struct _LSA_DB_OBJECT
57 {
58     ULONG Signature;
59     LSA_DB_OBJECT_TYPE ObjectType;
60     ULONG RefCount;
61     ACCESS_MASK Access;
62     HANDLE KeyHandle;
63     BOOLEAN Trusted;
64     struct _LSA_DB_OBJECT *ParentObject;
65 } LSA_DB_OBJECT, *PLSA_DB_OBJECT;
66 
67 #define LSAP_DB_SIGNATURE 0x12345678
68 
69 #define POLICY_AUDIT_EVENT_TYPE_COUNT (AuditCategoryAccountLogon - AuditCategorySystem + 1)
70 typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATA
71 {
72     BOOLEAN AuditingMode;
73     DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT];
74     DWORD MaximumAuditEventCount;
75 } LSAP_POLICY_AUDIT_EVENTS_DATA, *PLSAP_POLICY_AUDIT_EVENTS_DATA;
76 
77 typedef struct _LSAP_LOGON_CONTEXT
78 {
79     LIST_ENTRY Entry;
80     HANDLE ClientProcessHandle;
81     HANDLE ConnectionHandle;
82     BOOL Untrusted;
83 } LSAP_LOGON_CONTEXT, *PLSAP_LOGON_CONTEXT;
84 
85 typedef struct _SAMPR_ULONG_ARRAY
86 {
87     unsigned long Count;
88     unsigned long *Element;
89 } SAMPR_ULONG_ARRAY, *PSAMPR_ULONG_ARRAY;
90 
91 extern NT_PRODUCT_TYPE LsapProductType;
92 
93 extern SID_IDENTIFIER_AUTHORITY NullSidAuthority;
94 extern SID_IDENTIFIER_AUTHORITY WorldSidAuthority;
95 extern SID_IDENTIFIER_AUTHORITY LocalSidAuthority;
96 extern SID_IDENTIFIER_AUTHORITY CreatorSidAuthority;
97 extern SID_IDENTIFIER_AUTHORITY NtAuthority;
98 
99 extern PSID BuiltinDomainSid;
100 extern UNICODE_STRING BuiltinDomainName;
101 extern PSID AccountDomainSid;
102 extern UNICODE_STRING AccountDomainName;
103 
104 extern PSID LsapWorldSid;
105 extern PSID LsapNetworkSid;
106 extern PSID LsapBatchSid;
107 extern PSID LsapInteractiveSid;
108 extern PSID LsapServiceSid;
109 extern PSID LsapLocalSystemSid;
110 extern PSID LsapAdministratorsSid;
111 
112 
113 /* authpackage.c */
114 NTSTATUS
115 LsapInitAuthPackages(VOID);
116 
117 NTSTATUS
118 LsapLookupAuthenticationPackage(PLSA_API_MSG RequestMsg,
119                                 PLSAP_LOGON_CONTEXT LogonContext);
120 
121 NTSTATUS
122 LsapCallAuthenticationPackage(PLSA_API_MSG RequestMsg,
123                               PLSAP_LOGON_CONTEXT LogonContext);
124 
125 NTSTATUS
126 LsapLogonUser(PLSA_API_MSG RequestMsg,
127               PLSAP_LOGON_CONTEXT LogonContext);
128 
129 /* authport.c */
130 NTSTATUS
131 StartAuthenticationPort(VOID);
132 
133 /* database.c */
134 NTSTATUS
135 LsapInitDatabase(VOID);
136 
137 NTSTATUS
138 LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject,
139                    IN LPWSTR ContainerName,
140                    IN LPWSTR ObjectName,
141                    IN LSA_DB_OBJECT_TYPE HandleType,
142                    IN ACCESS_MASK DesiredAccess,
143                    IN BOOLEAN Trusted,
144                    OUT PLSA_DB_OBJECT *DbObject);
145 
146 NTSTATUS
147 LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject,
148                  IN LPWSTR ContainerName,
149                  IN LPWSTR ObjectName,
150                  IN LSA_DB_OBJECT_TYPE ObjectType,
151                  IN ACCESS_MASK DesiredAccess,
152                  IN BOOLEAN Trusted,
153                  OUT PLSA_DB_OBJECT *DbObject);
154 
155 NTSTATUS
156 LsapValidateDbObject(IN LSAPR_HANDLE Handle,
157                      IN LSA_DB_OBJECT_TYPE HandleType,
158                      IN ACCESS_MASK GrantedAccess,
159                      OUT PLSA_DB_OBJECT *DbObject);
160 
161 NTSTATUS
162 LsapCloseDbObject(IN PLSA_DB_OBJECT DbObject);
163 
164 NTSTATUS
165 LsapDeleteDbObject(IN PLSA_DB_OBJECT DbObject);
166 
167 NTSTATUS
168 LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject,
169                        LPWSTR AttributeName,
170                        LPVOID AttributeData,
171                        PULONG AttributeSize);
172 
173 NTSTATUS
174 LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject,
175                        LPWSTR AttributeName,
176                        LPVOID AttributeData,
177                        ULONG AttributeSize);
178 
179 NTSTATUS
180 LsapDeleteObjectAttribute(PLSA_DB_OBJECT DbObject,
181                           LPWSTR AttributeName);
182 
183 /* dssetup.c */
184 VOID
185 DsSetupInit(VOID);
186 
187 /* lookup.c */
188 NTSTATUS
189 LsapInitSids(VOID);
190 
191 ULONG
192 LsapGetRelativeIdFromSid(PSID Sid);
193 
194 NTSTATUS
195 LsapLookupNames(DWORD Count,
196                 PRPC_UNICODE_STRING Names,
197                 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
198                 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
199                 LSAP_LOOKUP_LEVEL LookupLevel,
200                 DWORD *MappedCount,
201                 DWORD LookupOptions,
202                 DWORD ClientRevision);
203 
204 NTSTATUS
205 LsapLookupSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
206                PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
207                PLSAPR_TRANSLATED_NAMES_EX TranslatedNames,
208                LSAP_LOOKUP_LEVEL LookupLevel,
209                DWORD *MappedCount,
210                DWORD LookupOptions,
211                DWORD ClientRevision);
212 
213 /* lsarpc.c */
214 NTSTATUS
215 LsarStartRpcServer(VOID);
216 
217 /* notify.c */
218 VOID
219 LsapInitNotificationList(VOID);
220 
221 NTSTATUS
222 LsapRegisterNotification(
223     PLSA_API_MSG RequestMsg);
224 
225 VOID
226 LsapNotifyPolicyChange(
227     POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass);
228 
229 /* policy.c */
230 NTSTATUS
231 LsarQueryAuditLog(PLSA_DB_OBJECT PolicyObject,
232                   PLSAPR_POLICY_INFORMATION *PolicyInformation);
233 
234 NTSTATUS
235 LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
236                      PLSAPR_POLICY_INFORMATION *PolicyInformation);
237 
238 NTSTATUS
239 LsarQueryPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
240                        PLSAPR_POLICY_INFORMATION *PolicyInformation);
241 
242 NTSTATUS
243 LsarQueryPdAccount(PLSA_DB_OBJECT PolicyObject,
244                    PLSAPR_POLICY_INFORMATION *PolicyInformation);
245 
246 NTSTATUS
247 LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject,
248                        PLSAPR_POLICY_INFORMATION *PolicyInformation);
249 
250 NTSTATUS
251 LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject,
252                     PLSAPR_POLICY_INFORMATION *PolicyInformation);
253 
254 NTSTATUS
255 LsarQueryReplicaSource(PLSA_DB_OBJECT PolicyObject,
256                        PLSAPR_POLICY_INFORMATION *PolicyInformation);
257 
258 NTSTATUS
259 LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject,
260                       PLSAPR_POLICY_INFORMATION *PolicyInformation);
261 
262 NTSTATUS
263 LsarQueryModification(PLSA_DB_OBJECT PolicyObject,
264                       PLSAPR_POLICY_INFORMATION *PolicyInformation);
265 
266 NTSTATUS
267 LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject,
268                    PLSAPR_POLICY_INFORMATION *PolicyInformation);
269 
270 NTSTATUS
271 LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject,
272                    PLSAPR_POLICY_INFORMATION *PolicyInformation);
273 
274 NTSTATUS
275 LsarQueryDnsDomainInt(PLSA_DB_OBJECT PolicyObject,
276                       PLSAPR_POLICY_INFORMATION *PolicyInformation);
277 
278 NTSTATUS
279 LsarQueryLocalAccountDomain(PLSA_DB_OBJECT PolicyObject,
280                             PLSAPR_POLICY_INFORMATION *PolicyInformation);
281 
282 NTSTATUS
283 LsarSetAuditLog(PLSA_DB_OBJECT PolicyObject,
284                 PPOLICY_AUDIT_LOG_INFO Info);
285 
286 NTSTATUS
287 LsarSetAuditEvents(PLSA_DB_OBJECT PolicyObject,
288                    PLSAPR_POLICY_AUDIT_EVENTS_INFO Info);
289 
290 NTSTATUS
291 LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
292                      PLSAPR_POLICY_PRIMARY_DOM_INFO Info);
293 
294 NTSTATUS
295 LsarSetAccountDomain(PLSA_DB_OBJECT PolicyObject,
296                      PLSAPR_POLICY_ACCOUNT_DOM_INFO Info);
297 
298 NTSTATUS
299 LsarSetServerRole(PLSA_DB_OBJECT PolicyObject,
300                   PPOLICY_LSA_SERVER_ROLE_INFO Info);
301 
302 NTSTATUS
303 LsarSetReplicaSource(PLSA_DB_OBJECT PolicyObject,
304                      PPOLICY_LSA_REPLICA_SRCE_INFO Info);
305 
306 NTSTATUS
307 LsarSetDefaultQuota(PLSA_DB_OBJECT PolicyObject,
308                     PPOLICY_DEFAULT_QUOTA_INFO Info);
309 
310 NTSTATUS
311 LsarSetModification(PLSA_DB_OBJECT PolicyObject,
312                     PPOLICY_MODIFICATION_INFO Info);
313 
314 NTSTATUS
315 LsarSetAuditFull(PLSA_DB_OBJECT PolicyObject,
316                  PPOLICY_AUDIT_FULL_QUERY_INFO Info);
317 
318 NTSTATUS
319 LsarSetDnsDomain(PLSA_DB_OBJECT PolicyObject,
320                  PLSAPR_POLICY_DNS_DOMAIN_INFO Info);
321 
322 NTSTATUS
323 LsarSetDnsDomainInt(PLSA_DB_OBJECT PolicyObject,
324                     PLSAPR_POLICY_DNS_DOMAIN_INFO Info);
325 
326 NTSTATUS
327 LsarSetLocalAccountDomain(PLSA_DB_OBJECT PolicyObject,
328                           PLSAPR_POLICY_ACCOUNT_DOM_INFO Info);
329 
330 /* privileges.c */
331 NTSTATUS
332 LsarpLookupPrivilegeName(PLUID Value,
333                          PRPC_UNICODE_STRING *Name);
334 
335 NTSTATUS
336 LsarpLookupPrivilegeDisplayName(PRPC_UNICODE_STRING Name,
337                                 USHORT ClientLanguage,
338                                 USHORT ClientSystemDefaultLanguage,
339                                 PRPC_UNICODE_STRING *DisplayName,
340                                 USHORT *LanguageReturned);
341 
342 PLUID
343 LsarpLookupPrivilegeValue(
344     IN PRPC_UNICODE_STRING Name);
345 
346 NTSTATUS
347 LsarpEnumeratePrivileges(DWORD *EnumerationContext,
348                          PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer,
349                          DWORD PreferedMaximumLength);
350 
351 NTSTATUS
352 LsapLookupAccountRightName(ULONG RightValue,
353                            PRPC_UNICODE_STRING *Name);
354 
355 ACCESS_MASK
356 LsapLookupAccountRightValue(
357     IN PRPC_UNICODE_STRING Name);
358 
359 /* registry.h */
360 NTSTATUS
361 LsapRegCloseKey(IN HANDLE KeyHandle);
362 
363 NTSTATUS
364 LsapRegCreateKey(IN HANDLE ParentKeyHandle,
365                  IN LPCWSTR KeyName,
366                  IN ACCESS_MASK DesiredAccess,
367                  OUT HANDLE KeyHandle);
368 
369 NTSTATUS
370 LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle,
371                     IN LPCWSTR KeyName);
372 
373 NTSTATUS
374 LsapRegDeleteKey(IN HANDLE KeyHandle);
375 
376 NTSTATUS
377 LsapRegEnumerateSubKey(IN HANDLE KeyHandle,
378                        IN ULONG Index,
379                        IN ULONG Length,
380                        OUT LPWSTR Buffer);
381 
382 NTSTATUS
383 LsapRegOpenKey(IN HANDLE ParentKeyHandle,
384                IN LPCWSTR KeyName,
385                IN ACCESS_MASK DesiredAccess,
386                OUT HANDLE KeyHandle);
387 
388 NTSTATUS
389 LsapRegQueryKeyInfo(IN HANDLE KeyHandle,
390                     OUT PULONG SubKeyCount,
391                     OUT PULONG MaxSubKeyNameLength,
392                     OUT PULONG ValueCount);
393 
394 NTSTATUS
395 LsapRegDeleteValue(IN HANDLE KeyHandle,
396                    IN LPWSTR ValueName);
397 
398 NTSTATUS
399 LsapRegEnumerateValue(IN HANDLE KeyHandle,
400                       IN ULONG Index,
401                       OUT LPWSTR Name,
402                       IN OUT PULONG NameLength,
403                       OUT PULONG Type OPTIONAL,
404                       OUT PVOID Data OPTIONAL,
405                       IN OUT PULONG DataLength OPTIONAL);
406 
407 NTSTATUS
408 LsapRegQueryValue(IN HANDLE KeyHandle,
409                   IN LPWSTR ValueName,
410                   OUT PULONG Type OPTIONAL,
411                   OUT LPVOID Data OPTIONAL,
412                   IN OUT PULONG DataLength OPTIONAL);
413 
414 NTSTATUS
415 LsapRegSetValue(IN HANDLE KeyHandle,
416                 IN LPWSTR ValueName,
417                 IN ULONG Type,
418                 IN LPVOID Data,
419                 IN ULONG DataLength);
420 
421 /* security.c */
422 NTSTATUS
423 LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd,
424                    PULONG PolicySdSize);
425 
426 NTSTATUS
427 LsapCreateAccountSd(PSECURITY_DESCRIPTOR *AccountSd,
428                     PULONG AccountSdSize);
429 
430 NTSTATUS
431 LsapCreateSecretSd(PSECURITY_DESCRIPTOR *SecretSd,
432                    PULONG SecretSdSize);
433 
434 /* session.c */
435 VOID
436 LsapInitLogonSessions(VOID);
437 
438 NTSTATUS
439 NTAPI
440 LsapCreateLogonSession(IN PLUID LogonId);
441 
442 NTSTATUS
443 NTAPI
444 LsapDeleteLogonSession(IN PLUID LogonId);
445 
446 NTSTATUS
447 NTAPI
448 LsapAddCredential(
449     _In_ PLUID LogonId,
450     _In_ ULONG AuthenticationPackage,
451     _In_ PLSA_STRING PrimaryKeyValue,
452     _In_ PLSA_STRING Credential);
453 
454 NTSTATUS
455 NTAPI
456 LsapGetCredentials(
457     _In_ PLUID LogonId,
458     _In_ ULONG AuthenticationPackage,
459     _Inout_ PULONG QueryContext,
460     _In_ BOOLEAN RetrieveAllCredentials,
461     _Inout_ PLSA_STRING PrimaryKeyValue,
462     _Out_ PULONG PrimaryKeyLength,
463     _Out_ PLSA_STRING Credentials);
464 
465 NTSTATUS
466 NTAPI
467 LsapDeleteCredential(
468     _In_ PLUID LogonId,
469     _In_ ULONG AuthenticationPackage,
470     _In_ PLSA_STRING PrimaryKeyValue);
471 
472 NTSTATUS
473 LsapSetLogonSessionData(
474     _In_ PLUID LogonId,
475     _In_ ULONG LogonType,
476     _In_ PUNICODE_STRING UserName,
477     _In_ PUNICODE_STRING LogonDomain,
478     _In_ PSID Sid);
479 
480 NTSTATUS
481 LsapEnumLogonSessions(IN OUT PLSA_API_MSG RequestMsg);
482 
483 NTSTATUS
484 LsapGetLogonSessionData(IN OUT PLSA_API_MSG RequestMsg);
485 
486 /* srm.c */
487 NTSTATUS
488 LsapRmInitializeServer(VOID);
489 
490 NTSTATUS
491 LsapRmCreateLogonSession(
492     PLUID LogonId);
493 
494 NTSTATUS
495 LsapRmDeleteLogonSession(
496     PLUID LogonId);
497 
498 /* utils.c */
499 INT
500 LsapLoadString(HINSTANCE hInstance,
501                UINT uId,
502                LPWSTR lpBuffer,
503                INT nBufferMax);
504 
505 INT
506 LsapGetResourceStringLengthEx(
507     _In_ HINSTANCE hInstance,
508     _In_ UINT uId,
509     _In_ USHORT usLanguage);
510 
511 INT
512 LsapLoadStringEx(
513     _In_ HINSTANCE hInstance,
514     _In_ UINT uId,
515     _In_ USHORT usLanguage,
516     _Out_ LPWSTR lpBuffer,
517     _Out_ INT nBufferMax);
518 
519 PSID
520 LsapAppendRidToSid(
521     PSID SrcSid,
522     ULONG Rid);
523 
524 #endif /* _LSASRV_H */
525