730 lines
25 KiB
C
730 lines
25 KiB
C
|
/*++ BUILD Version: 0001 // Increment this if a change has global effects
|
|||
|
|
|||
|
Copyright (c) 1989-1999 Microsoft Corporation
|
|||
|
|
|||
|
Module Name:
|
|||
|
|
|||
|
ntmsv1_0.h
|
|||
|
|
|||
|
Abstract:
|
|||
|
|
|||
|
This module contains the public data structures provided by
|
|||
|
the MSV1_0 authentication package.
|
|||
|
|
|||
|
|
|||
|
Author:
|
|||
|
|
|||
|
Jim Kelly (JimK) 12-April-1991
|
|||
|
|
|||
|
Revision History:
|
|||
|
|
|||
|
22-Apr-1991 (CliffV)
|
|||
|
Added call package message types. Converted U_STRING to UNICODE_STRING.
|
|||
|
|
|||
|
11-Mar-1992 (DaveHart)
|
|||
|
Added MsV1_0ChangePassword call package message type.
|
|||
|
|
|||
|
15-Jan-1998 (SField)
|
|||
|
Added MsV1_0DeriveCredential call package message type.
|
|||
|
|
|||
|
--*/
|
|||
|
|
|||
|
#ifndef _NTMSV1_0_
|
|||
|
#define _NTMSV1_0_
|
|||
|
|
|||
|
#if _MSC_VER > 1000
|
|||
|
#pragma once
|
|||
|
#endif
|
|||
|
|
|||
|
#include <ntlsa.h>
|
|||
|
#include <ntsam.h>
|
|||
|
|
|||
|
#ifdef __cplusplus
|
|||
|
extern "C" {
|
|||
|
#endif
|
|||
|
|
|||
|
// begin_ntifs begin_ntsecapi
|
|||
|
|
|||
|
/////////////////////////////////////////////////////////////////////////
|
|||
|
// //
|
|||
|
// Name of the MSV1_0 authentication package //
|
|||
|
// //
|
|||
|
/////////////////////////////////////////////////////////////////////////
|
|||
|
|
|||
|
#define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
|
|||
|
#define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
|
|||
|
#define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
|
|||
|
|
|||
|
//
|
|||
|
// Location of MSV authentication package data
|
|||
|
//
|
|||
|
#define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
|
|||
|
#define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
|
|||
|
|
|||
|
|
|||
|
/////////////////////////////////////////////////////////////////////////
|
|||
|
// //
|
|||
|
// Widely used MSV1_0 data types //
|
|||
|
// //
|
|||
|
/////////////////////////////////////////////////////////////////////////
|
|||
|
|
|||
|
|
|||
|
|
|||
|
///////////////////////////////////////////////////////////////////////////////
|
|||
|
// //
|
|||
|
// LOGON Related Data Structures
|
|||
|
//
|
|||
|
// //
|
|||
|
///////////////////////////////////////////////////////////////////////////////
|
|||
|
|
|||
|
//
|
|||
|
// When a LsaLogonUser() call is dispatched to the MsV1_0 authentication
|
|||
|
// package, the beginning of the AuthenticationInformation buffer is
|
|||
|
// cast to a MSV1_0_LOGON_SUBMIT_TYPE to determine the type of logon
|
|||
|
// being requested. Similarly, upon return, the type of profile buffer
|
|||
|
// can be determined by typecasting it to a MSV_1_0_PROFILE_BUFFER_TYPE.
|
|||
|
//
|
|||
|
|
|||
|
//
|
|||
|
// MSV1.0 LsaLogonUser() submission message types.
|
|||
|
//
|
|||
|
|
|||
|
typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
|
|||
|
MsV1_0InteractiveLogon = 2,
|
|||
|
MsV1_0Lm20Logon,
|
|||
|
MsV1_0NetworkLogon,
|
|||
|
MsV1_0SubAuthLogon,
|
|||
|
MsV1_0WorkstationUnlockLogon = 7
|
|||
|
} MSV1_0_LOGON_SUBMIT_TYPE, *PMSV1_0_LOGON_SUBMIT_TYPE;
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// MSV1.0 LsaLogonUser() profile buffer types.
|
|||
|
//
|
|||
|
|
|||
|
typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
|
|||
|
MsV1_0InteractiveProfile = 2,
|
|||
|
MsV1_0Lm20LogonProfile,
|
|||
|
MsV1_0SmartCardProfile
|
|||
|
} MSV1_0_PROFILE_BUFFER_TYPE, *PMSV1_0_PROFILE_BUFFER_TYPE;
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0InteractiveLogon
|
|||
|
//
|
|||
|
// The AuthenticationInformation buffer of an LsaLogonUser() call to
|
|||
|
// perform an interactive logon contains the following data structure:
|
|||
|
//
|
|||
|
|
|||
|
typedef struct _MSV1_0_INTERACTIVE_LOGON {
|
|||
|
MSV1_0_LOGON_SUBMIT_TYPE MessageType;
|
|||
|
UNICODE_STRING LogonDomainName;
|
|||
|
UNICODE_STRING UserName;
|
|||
|
UNICODE_STRING Password;
|
|||
|
} MSV1_0_INTERACTIVE_LOGON, *PMSV1_0_INTERACTIVE_LOGON;
|
|||
|
|
|||
|
//
|
|||
|
// Where:
|
|||
|
//
|
|||
|
// MessageType - Contains the type of logon being requested. This
|
|||
|
// field must be set to MsV1_0InteractiveLogon.
|
|||
|
//
|
|||
|
// UserName - Is a string representing the user's account name. The
|
|||
|
// name may be up to 255 characters long. The name is treated case
|
|||
|
// insensitive.
|
|||
|
//
|
|||
|
// Password - Is a string containing the user's cleartext password.
|
|||
|
// The password may be up to 255 characters long and contain any
|
|||
|
// UNICODE value.
|
|||
|
//
|
|||
|
//
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// The ProfileBuffer returned upon a successful logon of this type
|
|||
|
// contains the following data structure:
|
|||
|
//
|
|||
|
|
|||
|
typedef struct _MSV1_0_INTERACTIVE_PROFILE {
|
|||
|
MSV1_0_PROFILE_BUFFER_TYPE MessageType;
|
|||
|
USHORT LogonCount;
|
|||
|
USHORT BadPasswordCount;
|
|||
|
LARGE_INTEGER LogonTime;
|
|||
|
LARGE_INTEGER LogoffTime;
|
|||
|
LARGE_INTEGER KickOffTime;
|
|||
|
LARGE_INTEGER PasswordLastSet;
|
|||
|
LARGE_INTEGER PasswordCanChange;
|
|||
|
LARGE_INTEGER PasswordMustChange;
|
|||
|
UNICODE_STRING LogonScript;
|
|||
|
UNICODE_STRING HomeDirectory;
|
|||
|
UNICODE_STRING FullName;
|
|||
|
UNICODE_STRING ProfilePath;
|
|||
|
UNICODE_STRING HomeDirectoryDrive;
|
|||
|
UNICODE_STRING LogonServer;
|
|||
|
ULONG UserFlags;
|
|||
|
} MSV1_0_INTERACTIVE_PROFILE, *PMSV1_0_INTERACTIVE_PROFILE;
|
|||
|
|
|||
|
//
|
|||
|
// where:
|
|||
|
//
|
|||
|
// MessageType - Identifies the type of profile data being returned.
|
|||
|
// Contains the type of logon being requested. This field must
|
|||
|
// be set to MsV1_0InteractiveProfile.
|
|||
|
//
|
|||
|
// LogonCount - Number of times the user is currently logged on.
|
|||
|
//
|
|||
|
// BadPasswordCount - Number of times a bad password was applied to
|
|||
|
// the account since last successful logon.
|
|||
|
//
|
|||
|
// LogonTime - Time when user last logged on. This is an absolute
|
|||
|
// format NT standard time value.
|
|||
|
//
|
|||
|
// LogoffTime - Time when user should log off. This is an absolute
|
|||
|
// format NT standard time value.
|
|||
|
//
|
|||
|
// KickOffTime - Time when system should force user logoff. This is
|
|||
|
// an absolute format NT standard time value.
|
|||
|
//
|
|||
|
// PasswordLastChanged - Time and date the password was last
|
|||
|
// changed. This is an absolute format NT standard time
|
|||
|
// value.
|
|||
|
//
|
|||
|
// PasswordCanChange - Time and date when the user can change the
|
|||
|
// password. This is an absolute format NT time value. To
|
|||
|
// prevent a password from ever changing, set this field to a
|
|||
|
// date very far into the future.
|
|||
|
//
|
|||
|
// PasswordMustChange - Time and date when the user must change the
|
|||
|
// password. If the user can never change the password, this
|
|||
|
// field is undefined. This is an absolute format NT time
|
|||
|
// value.
|
|||
|
//
|
|||
|
// LogonScript - The (relative) path to the account's logon
|
|||
|
// script.
|
|||
|
//
|
|||
|
// HomeDirectory - The home directory for the user.
|
|||
|
//
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0Lm20Logon and MsV1_0NetworkLogon
|
|||
|
//
|
|||
|
// The AuthenticationInformation buffer of an LsaLogonUser() call to
|
|||
|
// perform an network logon contains the following data structure:
|
|||
|
//
|
|||
|
// MsV1_0NetworkLogon logon differs from MsV1_0Lm20Logon in that the
|
|||
|
// ParameterControl field exists.
|
|||
|
//
|
|||
|
|
|||
|
#define MSV1_0_CHALLENGE_LENGTH 8
|
|||
|
#define MSV1_0_USER_SESSION_KEY_LENGTH 16
|
|||
|
#define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
|
|||
|
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// Values for ParameterControl.
|
|||
|
//
|
|||
|
|
|||
|
#define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
|
|||
|
#define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
|
|||
|
#define MSV1_0_RETURN_USER_PARAMETERS 0x08
|
|||
|
#define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
|
|||
|
#define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
|
|||
|
#define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
|
|||
|
// this next flag says that CaseInsensitiveChallengeResponse
|
|||
|
// (aka LmResponse) contains a client challenge in the first 8 bytes
|
|||
|
#define MSV1_0_USE_CLIENT_CHALLENGE 0x80
|
|||
|
#define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
|
|||
|
#define MSV1_0_RETURN_PROFILE_PATH 0x200
|
|||
|
#define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
|
|||
|
#define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
|
|||
|
#define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
|
|||
|
#define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
|
|||
|
#define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
|
|||
|
#define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
|
|||
|
#define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
|
|||
|
|
|||
|
//
|
|||
|
// The high order byte is a value indicating the SubAuthentication DLL.
|
|||
|
// Zero indicates no SubAuthentication DLL.
|
|||
|
//
|
|||
|
#define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
|
|||
|
#define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
|
|||
|
#define MSV1_0_MNS_LOGON 0x01000000
|
|||
|
|
|||
|
//
|
|||
|
// This is the list of subauthentication dlls used in MS
|
|||
|
//
|
|||
|
|
|||
|
#define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
|
|||
|
#define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
|
|||
|
|
|||
|
typedef struct _MSV1_0_LM20_LOGON {
|
|||
|
MSV1_0_LOGON_SUBMIT_TYPE MessageType;
|
|||
|
UNICODE_STRING LogonDomainName;
|
|||
|
UNICODE_STRING UserName;
|
|||
|
UNICODE_STRING Workstation;
|
|||
|
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
|
|||
|
STRING CaseSensitiveChallengeResponse;
|
|||
|
STRING CaseInsensitiveChallengeResponse;
|
|||
|
ULONG ParameterControl;
|
|||
|
} MSV1_0_LM20_LOGON, * PMSV1_0_LM20_LOGON;
|
|||
|
|
|||
|
//
|
|||
|
// NT 5.0 SubAuth dlls can use this struct
|
|||
|
//
|
|||
|
|
|||
|
typedef struct _MSV1_0_SUBAUTH_LOGON{
|
|||
|
MSV1_0_LOGON_SUBMIT_TYPE MessageType;
|
|||
|
UNICODE_STRING LogonDomainName;
|
|||
|
UNICODE_STRING UserName;
|
|||
|
UNICODE_STRING Workstation;
|
|||
|
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
|
|||
|
STRING AuthenticationInfo1;
|
|||
|
STRING AuthenticationInfo2;
|
|||
|
ULONG ParameterControl;
|
|||
|
ULONG SubAuthPackageId;
|
|||
|
} MSV1_0_SUBAUTH_LOGON, * PMSV1_0_SUBAUTH_LOGON;
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// Values for UserFlags.
|
|||
|
//
|
|||
|
|
|||
|
#define LOGON_GUEST 0x01
|
|||
|
#define LOGON_NOENCRYPTION 0x02
|
|||
|
#define LOGON_CACHED_ACCOUNT 0x04
|
|||
|
#define LOGON_USED_LM_PASSWORD 0x08
|
|||
|
#define LOGON_EXTRA_SIDS 0x20
|
|||
|
#define LOGON_SUBAUTH_SESSION_KEY 0x40
|
|||
|
#define LOGON_SERVER_TRUST_ACCOUNT 0x80
|
|||
|
#define LOGON_NTLMV2_ENABLED 0x100 // says DC understands NTLMv2
|
|||
|
#define LOGON_RESOURCE_GROUPS 0x200
|
|||
|
#define LOGON_PROFILE_PATH_RETURNED 0x400
|
|||
|
|
|||
|
//
|
|||
|
// The high order byte is reserved for return by SubAuthentication DLLs.
|
|||
|
//
|
|||
|
|
|||
|
#define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
|
|||
|
|
|||
|
// Values returned by the MSV1_0_MNS_LOGON SubAuthentication DLL
|
|||
|
#define LOGON_GRACE_LOGON 0x01000000
|
|||
|
|
|||
|
typedef struct _MSV1_0_LM20_LOGON_PROFILE {
|
|||
|
MSV1_0_PROFILE_BUFFER_TYPE MessageType;
|
|||
|
LARGE_INTEGER KickOffTime;
|
|||
|
LARGE_INTEGER LogoffTime;
|
|||
|
ULONG UserFlags;
|
|||
|
UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
|
|||
|
UNICODE_STRING LogonDomainName;
|
|||
|
UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
|
|||
|
UNICODE_STRING LogonServer;
|
|||
|
UNICODE_STRING UserParameters;
|
|||
|
} MSV1_0_LM20_LOGON_PROFILE, * PMSV1_0_LM20_LOGON_PROFILE;
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// Supplemental credentials structure used for passing credentials into
|
|||
|
// MSV1_0 from other packages
|
|||
|
//
|
|||
|
|
|||
|
#define MSV1_0_OWF_PASSWORD_LENGTH 16
|
|||
|
#define MSV1_0_CRED_LM_PRESENT 0x1
|
|||
|
#define MSV1_0_CRED_NT_PRESENT 0x2
|
|||
|
#define MSV1_0_CRED_VERSION 0
|
|||
|
|
|||
|
typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
|
|||
|
ULONG Version;
|
|||
|
ULONG Flags;
|
|||
|
UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
|
|||
|
UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
|
|||
|
} MSV1_0_SUPPLEMENTAL_CREDENTIAL, *PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// NTLM3 definitions.
|
|||
|
//
|
|||
|
|
|||
|
#define MSV1_0_NTLM3_RESPONSE_LENGTH 16
|
|||
|
#define MSV1_0_NTLM3_OWF_LENGTH 16
|
|||
|
|
|||
|
//
|
|||
|
// this is the longest amount of time we'll allow challenge response
|
|||
|
// pairs to be used. Note that this also has to allow for worst case clock skew
|
|||
|
//
|
|||
|
#define MSV1_0_MAX_NTLM3_LIFE 129600 // 36 hours (in seconds)
|
|||
|
#define MSV1_0_MAX_AVL_SIZE 64000
|
|||
|
|
|||
|
//
|
|||
|
// MsvAvFlags bit values
|
|||
|
//
|
|||
|
|
|||
|
#define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
|
|||
|
|
|||
|
|
|||
|
// this is an MSV1_0 private data structure, defining the layout of an NTLM3 response, as sent by a
|
|||
|
// client in the NtChallengeResponse field of the NETLOGON_NETWORK_INFO structure. If can be differentiated
|
|||
|
// from an old style NT response by its length. This is crude, but it needs to pass through servers and
|
|||
|
// the servers' DCs that do not understand NTLM3 but that are willing to pass longer responses.
|
|||
|
typedef struct _MSV1_0_NTLM3_RESPONSE {
|
|||
|
UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH]; // hash of OWF of password with all the following fields
|
|||
|
UCHAR RespType; // id number of response; current is 1
|
|||
|
UCHAR HiRespType; // highest id number understood by client
|
|||
|
USHORT Flags; // reserved; must be sent as zero at this version
|
|||
|
ULONG MsgWord; // 32 bit message from client to server (for use by auth protocol)
|
|||
|
ULONGLONG TimeStamp; // time stamp when client generated response -- NT system time, quad part
|
|||
|
UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
|
|||
|
ULONG AvPairsOff; // offset to start of AvPairs (to allow future expansion)
|
|||
|
UCHAR Buffer[1]; // start of buffer with AV pairs (or future stuff -- so use the offset)
|
|||
|
} MSV1_0_NTLM3_RESPONSE, *PMSV1_0_NTLM3_RESPONSE;
|
|||
|
|
|||
|
#define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
|
|||
|
#define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE, AvPairsOff)
|
|||
|
|
|||
|
typedef enum {
|
|||
|
MsvAvEOL, // end of list
|
|||
|
MsvAvNbComputerName, // server's computer name -- NetBIOS
|
|||
|
MsvAvNbDomainName, // server's domain name -- NetBIOS
|
|||
|
MsvAvDnsComputerName, // server's computer name -- DNS
|
|||
|
MsvAvDnsDomainName, // server's domain name -- DNS
|
|||
|
MsvAvDnsTreeName, // server's tree name -- DNS
|
|||
|
MsvAvFlags // server's extended flags -- DWORD mask
|
|||
|
} MSV1_0_AVID;
|
|||
|
|
|||
|
typedef struct _MSV1_0_AV_PAIR {
|
|||
|
USHORT AvId;
|
|||
|
USHORT AvLen;
|
|||
|
// Data is treated as byte array following structure
|
|||
|
} MSV1_0_AV_PAIR, *PMSV1_0_AV_PAIR;
|
|||
|
|
|||
|
|
|||
|
|
|||
|
///////////////////////////////////////////////////////////////////////////////
|
|||
|
// //
|
|||
|
// CALL PACKAGE Related Data Structures //
|
|||
|
// //
|
|||
|
///////////////////////////////////////////////////////////////////////////////
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// MSV1.0 LsaCallAuthenticationPackage() submission and response
|
|||
|
// message types.
|
|||
|
//
|
|||
|
|
|||
|
typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
|
|||
|
MsV1_0Lm20ChallengeRequest = 0, // Both submission and response
|
|||
|
MsV1_0Lm20GetChallengeResponse, // Both submission and response
|
|||
|
MsV1_0EnumerateUsers, // Both submission and response
|
|||
|
MsV1_0GetUserInfo, // Both submission and response
|
|||
|
MsV1_0ReLogonUsers, // Submission only
|
|||
|
MsV1_0ChangePassword, // Both submission and response
|
|||
|
MsV1_0ChangeCachedPassword, // Both submission and response
|
|||
|
MsV1_0GenericPassthrough, // Both submission and response
|
|||
|
MsV1_0CacheLogon, // Submission only, no response
|
|||
|
MsV1_0SubAuth, // Both submission and response
|
|||
|
MsV1_0DeriveCredential, // Both submission and response
|
|||
|
MsV1_0CacheLookup, // Both submission and response
|
|||
|
MsV1_0SetProcessOption, // Submission only, no response
|
|||
|
} MSV1_0_PROTOCOL_MESSAGE_TYPE, *PMSV1_0_PROTOCOL_MESSAGE_TYPE;
|
|||
|
|
|||
|
// end_ntsecapi
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0Lm20ChallengeRequest submit buffer and response
|
|||
|
//
|
|||
|
|
|||
|
typedef struct _MSV1_0_LM20_CHALLENGE_REQUEST {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
} MSV1_0_LM20_CHALLENGE_REQUEST, *PMSV1_0_LM20_CHALLENGE_REQUEST;
|
|||
|
|
|||
|
typedef struct _MSV1_0_LM20_CHALLENGE_RESPONSE {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
|
|||
|
} MSV1_0_LM20_CHALLENGE_RESPONSE, *PMSV1_0_LM20_CHALLENGE_RESPONSE;
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0Lm20GetChallengeResponse submit buffer and response
|
|||
|
//
|
|||
|
|
|||
|
#define USE_PRIMARY_PASSWORD 0x01
|
|||
|
#define RETURN_PRIMARY_USERNAME 0x02
|
|||
|
#define RETURN_PRIMARY_LOGON_DOMAINNAME 0x04
|
|||
|
#define RETURN_NON_NT_USER_SESSION_KEY 0x08
|
|||
|
#define GENERATE_CLIENT_CHALLENGE 0x10
|
|||
|
#define GCR_NTLM3_PARMS 0x20
|
|||
|
#define GCR_TARGET_INFO 0x40 // ServerName field contains target info AV pairs
|
|||
|
#define RETURN_RESERVED_PARAMETER 0x80 // was 0x10
|
|||
|
#define GCR_ALLOW_NTLM 0x100 // allow the use of NTLM
|
|||
|
#define GCR_USE_OEM_SET 0x200 // response uses oem character set
|
|||
|
#define GCR_MACHINE_CREDENTIAL 0x400
|
|||
|
#define GCR_USE_OWF_PASSWORD 0x800 // use owf passwords
|
|||
|
#define GCR_ALLOW_LM 0x1000 // allow the use of LM
|
|||
|
|
|||
|
//
|
|||
|
// version 1 of the GETCHALLENRESP structure, which was used by RAS and others.
|
|||
|
// compiled before the additional fields added to GETCHALLENRESP_REQUEST.
|
|||
|
// here to allow sizing operations for backwards compatibility.
|
|||
|
//
|
|||
|
|
|||
|
typedef struct _MSV1_0_GETCHALLENRESP_REQUEST_V1 {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
ULONG ParameterControl;
|
|||
|
LUID LogonId;
|
|||
|
UNICODE_STRING Password;
|
|||
|
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
|
|||
|
} MSV1_0_GETCHALLENRESP_REQUEST_V1, *PMSV1_0_GETCHALLENRESP_REQUEST_V1;
|
|||
|
|
|||
|
typedef struct _MSV1_0_GETCHALLENRESP_REQUEST {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
ULONG ParameterControl;
|
|||
|
LUID LogonId;
|
|||
|
UNICODE_STRING Password;
|
|||
|
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
|
|||
|
|
|||
|
//
|
|||
|
// the following 3 fields are only present if GCR_NTLM3_PARMS is set in ParameterControl
|
|||
|
//
|
|||
|
|
|||
|
UNICODE_STRING UserName;
|
|||
|
UNICODE_STRING LogonDomainName;
|
|||
|
UNICODE_STRING ServerName; // server domain or target info AV pairs
|
|||
|
} MSV1_0_GETCHALLENRESP_REQUEST, *PMSV1_0_GETCHALLENRESP_REQUEST;
|
|||
|
|
|||
|
typedef struct _MSV1_0_GETCHALLENRESP_RESPONSE {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
STRING CaseSensitiveChallengeResponse;
|
|||
|
STRING CaseInsensitiveChallengeResponse;
|
|||
|
UNICODE_STRING UserName;
|
|||
|
UNICODE_STRING LogonDomainName;
|
|||
|
UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
|
|||
|
UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
|
|||
|
} MSV1_0_GETCHALLENRESP_RESPONSE, *PMSV1_0_GETCHALLENRESP_RESPONSE;
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0EnumerateUsers submit buffer and response
|
|||
|
//
|
|||
|
|
|||
|
typedef struct _MSV1_0_ENUMUSERS_REQUEST {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
} MSV1_0_ENUMUSERS_REQUEST, *PMSV1_0_ENUMUSERS_REQUEST;
|
|||
|
|
|||
|
typedef struct _MSV1_0_ENUMUSERS_RESPONSE {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
ULONG NumberOfLoggedOnUsers;
|
|||
|
PLUID LogonIds;
|
|||
|
PULONG EnumHandles;
|
|||
|
} MSV1_0_ENUMUSERS_RESPONSE, *PMSV1_0_ENUMUSERS_RESPONSE;
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0GetUserInfo submit buffer and response
|
|||
|
//
|
|||
|
|
|||
|
typedef struct _MSV1_0_GETUSERINFO_REQUEST {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
LUID LogonId;
|
|||
|
} MSV1_0_GETUSERINFO_REQUEST, *PMSV1_0_GETUSERINFO_REQUEST;
|
|||
|
|
|||
|
typedef struct _MSV1_0_GETUSERINFO_RESPONSE {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
PSID UserSid;
|
|||
|
UNICODE_STRING UserName;
|
|||
|
UNICODE_STRING LogonDomainName;
|
|||
|
UNICODE_STRING LogonServer;
|
|||
|
SECURITY_LOGON_TYPE LogonType;
|
|||
|
} MSV1_0_GETUSERINFO_RESPONSE, *PMSV1_0_GETUSERINFO_RESPONSE;
|
|||
|
|
|||
|
// end_ntifs
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0RelogonUsers submit buffer
|
|||
|
//
|
|||
|
|
|||
|
typedef struct _MSV1_0_RELOGON_REQUEST {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
UNICODE_STRING LogonServer;
|
|||
|
} MSV1_0_RELOGON_REQUEST, *PMSV1_0_RELOGON_REQUEST;
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0ChangePassword and MsV1_0ChangeCachedPassword submit buffer
|
|||
|
//
|
|||
|
// MsV1_0ChangePassword changes the password on the SAM account plus
|
|||
|
// the password cache and logon credentials if applicable.
|
|||
|
//
|
|||
|
// MsV1_0ChangeCachedPassword only changes the password cache and the logon
|
|||
|
// credentials.
|
|||
|
//
|
|||
|
|
|||
|
// begin_ntsecapi
|
|||
|
|
|||
|
typedef struct _MSV1_0_CHANGEPASSWORD_REQUEST {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
UNICODE_STRING DomainName;
|
|||
|
UNICODE_STRING AccountName;
|
|||
|
UNICODE_STRING OldPassword;
|
|||
|
UNICODE_STRING NewPassword;
|
|||
|
BOOLEAN Impersonating;
|
|||
|
} MSV1_0_CHANGEPASSWORD_REQUEST, *PMSV1_0_CHANGEPASSWORD_REQUEST;
|
|||
|
|
|||
|
typedef struct _MSV1_0_CHANGEPASSWORD_RESPONSE {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
BOOLEAN PasswordInfoValid;
|
|||
|
DOMAIN_PASSWORD_INFORMATION DomainPasswordInfo;
|
|||
|
} MSV1_0_CHANGEPASSWORD_RESPONSE, *PMSV1_0_CHANGEPASSWORD_RESPONSE;
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0GenericPassthrough - for remoting a CallPackage to
|
|||
|
// a domain controller on the specified domain
|
|||
|
//
|
|||
|
|
|||
|
typedef struct _MSV1_0_PASSTHROUGH_REQUEST {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
UNICODE_STRING DomainName;
|
|||
|
UNICODE_STRING PackageName;
|
|||
|
ULONG DataLength;
|
|||
|
PUCHAR LogonData;
|
|||
|
ULONG Pad ;
|
|||
|
} MSV1_0_PASSTHROUGH_REQUEST, *PMSV1_0_PASSTHROUGH_REQUEST;
|
|||
|
|
|||
|
typedef struct _MSV1_0_PASSTHROUGH_RESPONSE {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
ULONG Pad;
|
|||
|
ULONG DataLength;
|
|||
|
PUCHAR ValidationData;
|
|||
|
} MSV1_0_PASSTHROUGH_RESPONSE, *PMSV1_0_PASSTHROUGH_RESPONSE;
|
|||
|
|
|||
|
// end_ntsecapi
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0CacheLogon submit buffer
|
|||
|
//
|
|||
|
|
|||
|
// Values for RequestFlags
|
|||
|
#define MSV1_0_CACHE_LOGON_REQUEST_MIT_LOGON 0x00000001
|
|||
|
#define MSV1_0_CACHE_LOGON_REQUEST_INFO4 0x00000002
|
|||
|
#define MSV1_0_CACHE_LOGON_DELETE_ENTRY 0x00000004
|
|||
|
#define MSV1_0_CACHE_LOGON_REQUEST_SMARTCARD_ONLY 0x00000008
|
|||
|
|
|||
|
typedef struct _MSV1_0_CACHE_LOGON_REQUEST {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
PVOID LogonInformation;
|
|||
|
PVOID ValidationInformation;
|
|||
|
PVOID SupplementalCacheData;
|
|||
|
ULONG SupplementalCacheDataLength;
|
|||
|
ULONG RequestFlags;
|
|||
|
} MSV1_0_CACHE_LOGON_REQUEST, *PMSV1_0_CACHE_LOGON_REQUEST;
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0CacheLookup submit buffer
|
|||
|
//
|
|||
|
|
|||
|
// values for CredentialType
|
|||
|
#define MSV1_0_CACHE_LOOKUP_CREDTYPE_NONE 0
|
|||
|
#define MSV1_0_CACHE_LOOKUP_CREDTYPE_RAW 1
|
|||
|
#define MSV1_0_CACHE_LOOKUP_CREDTYPE_NTOWF 2
|
|||
|
|
|||
|
typedef struct _MSV1_0_CACHE_LOOKUP_REQUEST {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
UNICODE_STRING UserName;
|
|||
|
UNICODE_STRING DomainName;
|
|||
|
ULONG CredentialType;
|
|||
|
ULONG CredentialInfoLength;
|
|||
|
UCHAR CredentialSubmitBuffer[1]; // in-place array of length CredentialInfoLength
|
|||
|
} MSV1_0_CACHE_LOOKUP_REQUEST, *PMSV1_0_CACHE_LOOKUP_REQUEST;
|
|||
|
|
|||
|
typedef struct _MSV1_0_CACHE_LOOKUP_RESPONSE {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
PVOID ValidationInformation;
|
|||
|
PVOID SupplementalCacheData;
|
|||
|
ULONG SupplementalCacheDataLength;
|
|||
|
} MSV1_0_CACHE_LOOKUP_RESPONSE, *PMSV1_0_CACHE_LOOKUP_RESPONSE;
|
|||
|
|
|||
|
// begin_ntsecapi
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0SubAuthInfo submit buffer and response - for submitting a buffer to a
|
|||
|
// specified Subauthentication Package during an LsaCallAuthenticationPackage().
|
|||
|
// If this Subauthentication is to be done locally, then package this message
|
|||
|
// in LsaCallAuthenticationPackage(). If this SubAuthentication needs to be done
|
|||
|
// on the domain controller, then call LsaCallauthenticationPackage with the
|
|||
|
// message type being MsV1_0GenericPassThrough and the LogonData in this struct
|
|||
|
// should be a PMSV1_0_SUBAUTH_REQUEST
|
|||
|
//
|
|||
|
|
|||
|
typedef struct _MSV1_0_SUBAUTH_REQUEST{
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
ULONG SubAuthPackageId;
|
|||
|
ULONG SubAuthInfoLength;
|
|||
|
PUCHAR SubAuthSubmitBuffer;
|
|||
|
} MSV1_0_SUBAUTH_REQUEST, *PMSV1_0_SUBAUTH_REQUEST;
|
|||
|
|
|||
|
typedef struct _MSV1_0_SUBAUTH_RESPONSE{
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
ULONG SubAuthInfoLength;
|
|||
|
PUCHAR SubAuthReturnBuffer;
|
|||
|
} MSV1_0_SUBAUTH_RESPONSE, *PMSV1_0_SUBAUTH_RESPONSE;
|
|||
|
|
|||
|
|
|||
|
// end_ntsecapi
|
|||
|
|
|||
|
//
|
|||
|
// Credential Derivation types for MsV1_0DeriveCredential Submit DeriveCredType
|
|||
|
//
|
|||
|
|
|||
|
//
|
|||
|
// Derive Credential using SHA-1 and Request buffer DeriveCredSubmitBuffer of
|
|||
|
// length DeriveCredInfoLength mixing bytes.
|
|||
|
// Response buffer DeriveCredReturnBuffer will contain SHA-1 hash of size
|
|||
|
// A_SHA_DIGEST_LEN (20)
|
|||
|
//
|
|||
|
|
|||
|
#define MSV1_0_DERIVECRED_TYPE_SHA1 0
|
|||
|
#define MSV1_0_DERIVECRED_TYPE_SHA1_V2 1
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0DeriveCredential submit buffer and response - for submitting a buffer
|
|||
|
// an call to LsaCallAuthenticationPackage().
|
|||
|
//
|
|||
|
|
|||
|
typedef struct _MSV1_0_DERIVECRED_REQUEST {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
LUID LogonId;
|
|||
|
ULONG DeriveCredType;
|
|||
|
ULONG DeriveCredInfoLength;
|
|||
|
UCHAR DeriveCredSubmitBuffer[1]; // in-place array of length DeriveCredInfoLength
|
|||
|
} MSV1_0_DERIVECRED_REQUEST, *PMSV1_0_DERIVECRED_REQUEST;
|
|||
|
|
|||
|
typedef struct _MSV1_0_DERIVECRED_RESPONSE {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
ULONG DeriveCredInfoLength;
|
|||
|
UCHAR DeriveCredReturnBuffer[1]; // in-place array of length DeriveCredInfoLength
|
|||
|
} MSV1_0_DERIVECRED_RESPONSE, *PMSV1_0_DERIVECRED_RESPONSE;
|
|||
|
|
|||
|
|
|||
|
//
|
|||
|
// MsV1_0SetProcessOption submit buffer - for submitting a buffer
|
|||
|
// an call to LsaCallAuthenticationPackage().
|
|||
|
//
|
|||
|
|
|||
|
#define MSV1_0_OPTION_ALLOW_BLANK_PASSWORD 0x01
|
|||
|
#define MSV1_0_OPTION_DISABLE_ADMIN_LOCKOUT 0x02
|
|||
|
#define MSV1_0_OPTION_DISABLE_FORCE_GUEST 0x04
|
|||
|
#define MSV1_0_OPTION_ALLOW_OLD_PASSWORD 0x08
|
|||
|
#define MSV1_0_OPTION_TRY_CACHE_FIRST 0x10
|
|||
|
|
|||
|
typedef struct _MSV1_0_SETPROCESSOPTION_REQUEST {
|
|||
|
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
|
|||
|
ULONG ProcessOptions;
|
|||
|
BOOLEAN DisableOptions;
|
|||
|
} MSV1_0_SETPROCESSOPTION_REQUEST, *PMSV1_0_SETPROCESSOPTION_REQUEST;
|
|||
|
|
|||
|
|
|||
|
#ifdef __cplusplus
|
|||
|
}
|
|||
|
#endif
|
|||
|
|
|||
|
#endif //_NTMSV1_0_
|