1 /* 2 * COPYRIGHT: See COPYING in the top level directory 3 * PROJECT: Local Security Authority (LSA) Server 4 * FILE: reactos/dll/win32/lsasrv/lsasrv.h 5 * PURPOSE: Common header file 6 * 7 * PROGRAMMERS: Eric Kohl 8 */ 9 10 #ifndef _LSASRV_H 11 #define _LSASRV_H 12 13 #include <stdarg.h> 14 15 #define WIN32_NO_STATUS 16 #define _INC_WINDOWS 17 #define COM_NO_WINDOWS_H 18 19 #include <windef.h> 20 #include <winbase.h> 21 #include <winreg.h> 22 23 #define NTOS_MODE_USER 24 #include <ndk/cmfuncs.h> 25 #include <ndk/exfuncs.h> 26 #include <ndk/kefuncs.h> 27 #include <ndk/mmfuncs.h> 28 #include <ndk/obfuncs.h> 29 #include <ndk/psfuncs.h> 30 #include <ndk/rtlfuncs.h> 31 #include <ndk/setypes.h> 32 33 #include <ntsam.h> 34 #include <ntlsa.h> 35 #include <sddl.h> 36 37 #include <srmp.h> 38 39 #include <lsass.h> 40 #include <lsa_s.h> 41 42 #include <wine/debug.h> 43 WINE_DEFAULT_DEBUG_CHANNEL(lsasrv); 44 45 typedef enum _LSA_DB_OBJECT_TYPE 46 { 47 LsaDbIgnoreObject, 48 LsaDbPolicyObject, 49 LsaDbAccountObject, 50 LsaDbDomainObject, 51 LsaDbSecretObject 52 } LSA_DB_OBJECT_TYPE, *PLSA_DB_OBJECT_TYPE; 53 54 typedef struct _LSA_DB_OBJECT 55 { 56 ULONG Signature; 57 LSA_DB_OBJECT_TYPE ObjectType; 58 ULONG RefCount; 59 ACCESS_MASK Access; 60 HANDLE KeyHandle; 61 BOOLEAN Trusted; 62 struct _LSA_DB_OBJECT *ParentObject; 63 } LSA_DB_OBJECT, *PLSA_DB_OBJECT; 64 65 #define LSAP_DB_SIGNATURE 0x12345678 66 67 #define POLICY_AUDIT_EVENT_TYPE_COUNT (AuditCategoryAccountLogon - AuditCategorySystem + 1) 68 typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATA 69 { 70 BOOLEAN AuditingMode; 71 DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT]; 72 DWORD MaximumAuditEventCount; 73 } LSAP_POLICY_AUDIT_EVENTS_DATA, *PLSAP_POLICY_AUDIT_EVENTS_DATA; 74 75 typedef struct _LSAP_LOGON_CONTEXT 76 { 77 LIST_ENTRY Entry; 78 HANDLE ClientProcessHandle; 79 HANDLE ConnectionHandle; 80 } LSAP_LOGON_CONTEXT, *PLSAP_LOGON_CONTEXT; 81 82 extern SID_IDENTIFIER_AUTHORITY NullSidAuthority; 83 extern SID_IDENTIFIER_AUTHORITY WorldSidAuthority; 84 extern SID_IDENTIFIER_AUTHORITY LocalSidAuthority; 85 extern SID_IDENTIFIER_AUTHORITY CreatorSidAuthority; 86 extern SID_IDENTIFIER_AUTHORITY NtAuthority; 87 88 extern PSID BuiltinDomainSid; 89 extern UNICODE_STRING BuiltinDomainName; 90 extern PSID AccountDomainSid; 91 extern UNICODE_STRING AccountDomainName; 92 93 extern PSID LsapWorldSid; 94 extern PSID LsapNetworkSid; 95 extern PSID LsapBatchSid; 96 extern PSID LsapInteractiveSid; 97 extern PSID LsapServiceSid; 98 extern PSID LsapLocalSystemSid; 99 extern PSID LsapAdministratorsSid; 100 101 102 /* authpackage.c */ 103 NTSTATUS 104 LsapInitAuthPackages(VOID); 105 106 NTSTATUS 107 LsapLookupAuthenticationPackage(PLSA_API_MSG RequestMsg, 108 PLSAP_LOGON_CONTEXT LogonContext); 109 110 NTSTATUS 111 LsapCallAuthenticationPackage(PLSA_API_MSG RequestMsg, 112 PLSAP_LOGON_CONTEXT LogonContext); 113 114 NTSTATUS 115 LsapLogonUser(PLSA_API_MSG RequestMsg, 116 PLSAP_LOGON_CONTEXT LogonContext); 117 118 /* authport.c */ 119 NTSTATUS 120 StartAuthenticationPort(VOID); 121 122 /* database.c */ 123 NTSTATUS 124 LsapInitDatabase(VOID); 125 126 NTSTATUS 127 LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject, 128 IN LPWSTR ContainerName, 129 IN LPWSTR ObjectName, 130 IN LSA_DB_OBJECT_TYPE HandleType, 131 IN ACCESS_MASK DesiredAccess, 132 IN BOOLEAN Trusted, 133 OUT PLSA_DB_OBJECT *DbObject); 134 135 NTSTATUS 136 LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, 137 IN LPWSTR ContainerName, 138 IN LPWSTR ObjectName, 139 IN LSA_DB_OBJECT_TYPE ObjectType, 140 IN ACCESS_MASK DesiredAccess, 141 IN BOOLEAN Trusted, 142 OUT PLSA_DB_OBJECT *DbObject); 143 144 NTSTATUS 145 LsapValidateDbObject(IN LSAPR_HANDLE Handle, 146 IN LSA_DB_OBJECT_TYPE HandleType, 147 IN ACCESS_MASK GrantedAccess, 148 OUT PLSA_DB_OBJECT *DbObject); 149 150 NTSTATUS 151 LsapCloseDbObject(IN PLSA_DB_OBJECT DbObject); 152 153 NTSTATUS 154 LsapDeleteDbObject(IN PLSA_DB_OBJECT DbObject); 155 156 NTSTATUS 157 LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, 158 LPWSTR AttributeName, 159 LPVOID AttributeData, 160 PULONG AttributeSize); 161 162 NTSTATUS 163 LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, 164 LPWSTR AttributeName, 165 LPVOID AttributeData, 166 ULONG AttributeSize); 167 168 NTSTATUS 169 LsapDeleteObjectAttribute(PLSA_DB_OBJECT DbObject, 170 LPWSTR AttributeName); 171 172 /* dssetup.c */ 173 VOID 174 DsSetupInit(VOID); 175 176 /* lookup.c */ 177 NTSTATUS 178 LsapInitSids(VOID); 179 180 ULONG 181 LsapGetRelativeIdFromSid(PSID Sid); 182 183 NTSTATUS 184 LsapLookupNames(DWORD Count, 185 PRPC_UNICODE_STRING Names, 186 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, 187 PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids, 188 LSAP_LOOKUP_LEVEL LookupLevel, 189 DWORD *MappedCount, 190 DWORD LookupOptions, 191 DWORD ClientRevision); 192 193 NTSTATUS 194 LsapLookupSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, 195 PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, 196 PLSAPR_TRANSLATED_NAMES_EX TranslatedNames, 197 LSAP_LOOKUP_LEVEL LookupLevel, 198 DWORD *MappedCount, 199 DWORD LookupOptions, 200 DWORD ClientRevision); 201 202 /* lsarpc.c */ 203 VOID 204 LsarStartRpcServer(VOID); 205 206 /* policy.c */ 207 NTSTATUS 208 LsarQueryAuditLog(PLSA_DB_OBJECT PolicyObject, 209 PLSAPR_POLICY_INFORMATION *PolicyInformation); 210 211 NTSTATUS 212 LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject, 213 PLSAPR_POLICY_INFORMATION *PolicyInformation); 214 215 NTSTATUS 216 LsarQueryPrimaryDomain(PLSA_DB_OBJECT PolicyObject, 217 PLSAPR_POLICY_INFORMATION *PolicyInformation); 218 219 NTSTATUS 220 LsarQueryPdAccount(PLSA_DB_OBJECT PolicyObject, 221 PLSAPR_POLICY_INFORMATION *PolicyInformation); 222 223 NTSTATUS 224 LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject, 225 PLSAPR_POLICY_INFORMATION *PolicyInformation); 226 227 NTSTATUS 228 LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject, 229 PLSAPR_POLICY_INFORMATION *PolicyInformation); 230 231 NTSTATUS 232 LsarQueryReplicaSource(PLSA_DB_OBJECT PolicyObject, 233 PLSAPR_POLICY_INFORMATION *PolicyInformation); 234 235 NTSTATUS 236 LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject, 237 PLSAPR_POLICY_INFORMATION *PolicyInformation); 238 239 NTSTATUS 240 LsarQueryModification(PLSA_DB_OBJECT PolicyObject, 241 PLSAPR_POLICY_INFORMATION *PolicyInformation); 242 243 NTSTATUS 244 LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject, 245 PLSAPR_POLICY_INFORMATION *PolicyInformation); 246 247 NTSTATUS 248 LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject, 249 PLSAPR_POLICY_INFORMATION *PolicyInformation); 250 251 NTSTATUS 252 LsarQueryDnsDomainInt(PLSA_DB_OBJECT PolicyObject, 253 PLSAPR_POLICY_INFORMATION *PolicyInformation); 254 255 NTSTATUS 256 LsarQueryLocalAccountDomain(PLSA_DB_OBJECT PolicyObject, 257 PLSAPR_POLICY_INFORMATION *PolicyInformation); 258 259 NTSTATUS 260 LsarSetAuditLog(PLSA_DB_OBJECT PolicyObject, 261 PPOLICY_AUDIT_LOG_INFO Info); 262 263 NTSTATUS 264 LsarSetAuditEvents(PLSA_DB_OBJECT PolicyObject, 265 PLSAPR_POLICY_AUDIT_EVENTS_INFO Info); 266 267 NTSTATUS 268 LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject, 269 PLSAPR_POLICY_PRIMARY_DOM_INFO Info); 270 271 NTSTATUS 272 LsarSetAccountDomain(PLSA_DB_OBJECT PolicyObject, 273 PLSAPR_POLICY_ACCOUNT_DOM_INFO Info); 274 275 NTSTATUS 276 LsarSetServerRole(PLSA_DB_OBJECT PolicyObject, 277 PPOLICY_LSA_SERVER_ROLE_INFO Info); 278 279 NTSTATUS 280 LsarSetReplicaSource(PLSA_DB_OBJECT PolicyObject, 281 PPOLICY_LSA_REPLICA_SRCE_INFO Info); 282 283 NTSTATUS 284 LsarSetDefaultQuota(PLSA_DB_OBJECT PolicyObject, 285 PPOLICY_DEFAULT_QUOTA_INFO Info); 286 287 NTSTATUS 288 LsarSetModification(PLSA_DB_OBJECT PolicyObject, 289 PPOLICY_MODIFICATION_INFO Info); 290 291 NTSTATUS 292 LsarSetAuditFull(PLSA_DB_OBJECT PolicyObject, 293 PPOLICY_AUDIT_FULL_QUERY_INFO Info); 294 295 NTSTATUS 296 LsarSetDnsDomain(PLSA_DB_OBJECT PolicyObject, 297 PLSAPR_POLICY_DNS_DOMAIN_INFO Info); 298 299 NTSTATUS 300 LsarSetDnsDomainInt(PLSA_DB_OBJECT PolicyObject, 301 PLSAPR_POLICY_DNS_DOMAIN_INFO Info); 302 303 NTSTATUS 304 LsarSetLocalAccountDomain(PLSA_DB_OBJECT PolicyObject, 305 PLSAPR_POLICY_ACCOUNT_DOM_INFO Info); 306 307 /* privileges.c */ 308 NTSTATUS 309 LsarpLookupPrivilegeName(PLUID Value, 310 PRPC_UNICODE_STRING *Name); 311 312 NTSTATUS 313 LsarpLookupPrivilegeDisplayName(PRPC_UNICODE_STRING Name, 314 USHORT ClientLanguage, 315 USHORT ClientSystemDefaultLanguage, 316 PRPC_UNICODE_STRING *DisplayName, 317 USHORT *LanguageReturned); 318 319 PLUID 320 LsarpLookupPrivilegeValue( 321 IN PRPC_UNICODE_STRING Name); 322 323 NTSTATUS 324 LsarpEnumeratePrivileges(DWORD *EnumerationContext, 325 PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer, 326 DWORD PreferedMaximumLength); 327 328 NTSTATUS 329 LsapLookupAccountRightName(ULONG RightValue, 330 PRPC_UNICODE_STRING *Name); 331 332 ACCESS_MASK 333 LsapLookupAccountRightValue( 334 IN PRPC_UNICODE_STRING Name); 335 336 /* registry.h */ 337 NTSTATUS 338 LsapRegCloseKey(IN HANDLE KeyHandle); 339 340 NTSTATUS 341 LsapRegCreateKey(IN HANDLE ParentKeyHandle, 342 IN LPCWSTR KeyName, 343 IN ACCESS_MASK DesiredAccess, 344 OUT HANDLE KeyHandle); 345 346 NTSTATUS 347 LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, 348 IN LPCWSTR KeyName); 349 350 NTSTATUS 351 LsapRegDeleteKey(IN HANDLE KeyHandle); 352 353 NTSTATUS 354 LsapRegEnumerateSubKey(IN HANDLE KeyHandle, 355 IN ULONG Index, 356 IN ULONG Length, 357 OUT LPWSTR Buffer); 358 359 NTSTATUS 360 LsapRegOpenKey(IN HANDLE ParentKeyHandle, 361 IN LPCWSTR KeyName, 362 IN ACCESS_MASK DesiredAccess, 363 OUT HANDLE KeyHandle); 364 365 NTSTATUS 366 LsapRegQueryKeyInfo(IN HANDLE KeyHandle, 367 OUT PULONG SubKeyCount, 368 OUT PULONG MaxSubKeyNameLength, 369 OUT PULONG ValueCount); 370 371 NTSTATUS 372 LsapRegDeleteValue(IN HANDLE KeyHandle, 373 IN LPWSTR ValueName); 374 375 NTSTATUS 376 LsapRegEnumerateValue(IN HANDLE KeyHandle, 377 IN ULONG Index, 378 OUT LPWSTR Name, 379 IN OUT PULONG NameLength, 380 OUT PULONG Type OPTIONAL, 381 OUT PVOID Data OPTIONAL, 382 IN OUT PULONG DataLength OPTIONAL); 383 384 NTSTATUS 385 LsapRegQueryValue(IN HANDLE KeyHandle, 386 IN LPWSTR ValueName, 387 OUT PULONG Type OPTIONAL, 388 OUT LPVOID Data OPTIONAL, 389 IN OUT PULONG DataLength OPTIONAL); 390 391 NTSTATUS 392 LsapRegSetValue(IN HANDLE KeyHandle, 393 IN LPWSTR ValueName, 394 IN ULONG Type, 395 IN LPVOID Data, 396 IN ULONG DataLength); 397 398 /* security.c */ 399 NTSTATUS 400 LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd, 401 PULONG PolicySdSize); 402 403 NTSTATUS 404 LsapCreateAccountSd(PSECURITY_DESCRIPTOR *AccountSd, 405 PULONG AccountSdSize); 406 407 NTSTATUS 408 LsapCreateSecretSd(PSECURITY_DESCRIPTOR *SecretSd, 409 PULONG SecretSdSize); 410 411 /* session.c */ 412 VOID 413 LsapInitLogonSessions(VOID); 414 415 NTSTATUS 416 NTAPI 417 LsapCreateLogonSession(IN PLUID LogonId); 418 419 NTSTATUS 420 NTAPI 421 LsapDeleteLogonSession(IN PLUID LogonId); 422 423 NTSTATUS 424 NTAPI 425 LsapAddCredential( 426 _In_ PLUID LogonId, 427 _In_ ULONG AuthenticationPackage, 428 _In_ PLSA_STRING PrimaryKeyValue, 429 _In_ PLSA_STRING Credential); 430 431 NTSTATUS 432 NTAPI 433 LsapGetCredentials( 434 _In_ PLUID LogonId, 435 _In_ ULONG AuthenticationPackage, 436 _Inout_ PULONG QueryContext, 437 _In_ BOOLEAN RetrieveAllCredentials, 438 _Inout_ PLSA_STRING PrimaryKeyValue, 439 _Out_ PULONG PrimaryKeyLength, 440 _Out_ PLSA_STRING Credentials); 441 442 NTSTATUS 443 NTAPI 444 LsapDeleteCredential( 445 _In_ PLUID LogonId, 446 _In_ ULONG AuthenticationPackage, 447 _In_ PLSA_STRING PrimaryKeyValue); 448 449 NTSTATUS 450 LsapSetLogonSessionData( 451 _In_ PLUID LogonId, 452 _In_ ULONG LogonType, 453 _In_ PUNICODE_STRING UserName, 454 _In_ PUNICODE_STRING LogonDomain, 455 _In_ PSID Sid); 456 457 NTSTATUS 458 LsapEnumLogonSessions(IN OUT PLSA_API_MSG RequestMsg); 459 460 NTSTATUS 461 LsapGetLogonSessionData(IN OUT PLSA_API_MSG RequestMsg); 462 463 /* srm.c */ 464 NTSTATUS 465 LsapRmInitializeServer(VOID); 466 467 NTSTATUS 468 LsapRmCreateLogonSession( 469 PLUID LogonId); 470 471 NTSTATUS 472 LsapRmDeleteLogonSession( 473 PLUID LogonId); 474 475 /* utils.c */ 476 INT 477 LsapLoadString(HINSTANCE hInstance, 478 UINT uId, 479 LPWSTR lpBuffer, 480 INT nBufferMax); 481 482 INT 483 LsapGetResourceStringLengthEx( 484 _In_ HINSTANCE hInstance, 485 _In_ UINT uId, 486 _In_ USHORT usLanguage); 487 488 INT 489 LsapLoadStringEx( 490 _In_ HINSTANCE hInstance, 491 _In_ UINT uId, 492 _In_ USHORT usLanguage, 493 _Out_ LPWSTR lpBuffer, 494 _Out_ INT nBufferMax); 495 496 PSID 497 LsapAppendRidToSid( 498 PSID SrcSid, 499 ULONG Rid); 500 501 #endif /* _LSASRV_H */ 502