summaryrefslogtreecommitdiffstats
path: root/epan/dissectors/pidl/lsa
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-09-19 04:14:53 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-09-19 04:14:53 +0000
commita86c5f7cae7ec9a3398300555a0b644689d946a1 (patch)
tree39fe4b107c71174fd1e8a8ceb9a4d2aa14116248 /epan/dissectors/pidl/lsa
parentReleasing progress-linux version 4.2.6-1~progress7.99u1. (diff)
downloadwireshark-a86c5f7cae7ec9a3398300555a0b644689d946a1.tar.xz
wireshark-a86c5f7cae7ec9a3398300555a0b644689d946a1.zip
Merging upstream version 4.4.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'epan/dissectors/pidl/lsa')
-rw-r--r--epan/dissectors/pidl/lsa/lsa.cnf85
-rw-r--r--epan/dissectors/pidl/lsa/lsa.idl1144
2 files changed, 803 insertions, 426 deletions
diff --git a/epan/dissectors/pidl/lsa/lsa.cnf b/epan/dissectors/pidl/lsa/lsa.cnf
index 4453f7fe..513fefd8 100644
--- a/epan/dissectors/pidl/lsa/lsa.cnf
+++ b/epan/dissectors/pidl/lsa/lsa.cnf
@@ -63,7 +63,7 @@ CODE START
static void
-lsarpc_policy_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access)
+lsarpc_policy_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access)
{
static int* const access_flags[] = {
&hf_lsarpc_lsa_PolicyAccessMask_LSA_POLICY_NOTIFICATION,
@@ -86,7 +86,7 @@ lsarpc_policy_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guin
}
static void
-lsarpc_account_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access)
+lsarpc_account_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access)
{
static int* const access_flags[] = {
&hf_lsarpc_lsa_AccountAccessMask_LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS,
@@ -100,7 +100,7 @@ lsarpc_account_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, gui
}
static void
-lsarpc_secret_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access)
+lsarpc_secret_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access)
{
static int* const access_flags[] = {
&hf_lsarpc_lsa_SecretAccessMask_LSA_SECRET_QUERY_VALUE,
@@ -112,16 +112,16 @@ lsarpc_secret_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guin
}
static void
-lsarpc_domain_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guint32 access)
+lsarpc_domain_specific_rights(tvbuff_t *tvb, int offset, proto_tree *tree, uint32_t access)
{
static int* const access_flags[] = {
- &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_QUERY_AUTH,
- &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_SET_AUTH,
- &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_SET_POSIX,
- &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_QUERY_POSIX,
- &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_SET_CONTROLLERS,
- &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_QUERY_CONTROLLERS,
- &hf_lsarpc_lsa_DomainAccessMask_LSA_DOMAIN_QUERY_DOMAIN_NAME,
+ &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_QUERY_AUTH,
+ &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_SET_AUTH,
+ &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_SET_POSIX,
+ &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_QUERY_POSIX,
+ &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_SET_CONTROLLERS,
+ &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_QUERY_CONTROLLERS,
+ &hf_lsarpc_lsa_TrustedAccessMask_LSA_TRUSTED_QUERY_DOMAIN_NAME,
NULL
};
@@ -129,28 +129,28 @@ lsarpc_domain_specific_rights(tvbuff_t *tvb, gint offset, proto_tree *tree, guin
}
-struct access_mask_info lsarpc_policy_access_mask_info = {
+static struct access_mask_info lsarpc_policy_access_mask_info = {
"LSA Policy", /* Name of specific rights */
lsarpc_policy_specific_rights, /* Dissection function */
NULL, /* Generic mapping table */
NULL /* Standard mapping table */
};
-struct access_mask_info lsarpc_account_access_mask_info = {
+static struct access_mask_info lsarpc_account_access_mask_info = {
"LSA Account", /* Name of specific rights */
lsarpc_account_specific_rights, /* Dissection function */
NULL, /* Generic mapping table */
NULL /* Standard mapping table */
};
-struct access_mask_info lsarpc_secret_access_mask_info = {
+static struct access_mask_info lsarpc_secret_access_mask_info = {
"LSA Secret", /* Name of specific rights */
lsarpc_secret_specific_rights, /* Dissection function */
NULL, /* Generic mapping table */
NULL /* Standard mapping table */
};
-struct access_mask_info lsarpc_domain_access_mask_info = {
+static struct access_mask_info lsarpc_domain_access_mask_info = {
"LSA Domain", /* Name of specific rights */
lsarpc_domain_specific_rights, /* Dissection function */
NULL, /* Generic mapping table */
@@ -158,7 +158,7 @@ struct access_mask_info lsarpc_domain_access_mask_info = {
};
int
-lsarpc_dissect_bitmap_lsa_PolicyAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_)
+lsarpc_dissect_bitmap_lsa_PolicyAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_)
{
offset = dissect_nt_access_mask(
tvb, offset, pinfo, tree, di, drep, hf_lsarpc_policy_access_mask,
@@ -167,7 +167,7 @@ lsarpc_dissect_bitmap_lsa_PolicyAccessMask(tvbuff_t *tvb, int offset, packet_inf
}
int
-lsarpc_dissect_bitmap_lsa_AccountAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_)
+lsarpc_dissect_bitmap_lsa_AccountAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_)
{
offset = dissect_nt_access_mask(
tvb, offset, pinfo, tree, di, drep, hf_lsarpc_account_access_mask,
@@ -176,7 +176,7 @@ lsarpc_dissect_bitmap_lsa_AccountAccessMask(tvbuff_t *tvb, int offset, packet_in
}
int
-lsarpc_dissect_bitmap_lsa_SecretAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_)
+lsarpc_dissect_bitmap_lsa_SecretAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_)
{
offset = dissect_nt_access_mask(
tvb, offset, pinfo, tree, di, drep, hf_lsarpc_secret_access_mask,
@@ -184,8 +184,9 @@ lsarpc_dissect_bitmap_lsa_SecretAccessMask(tvbuff_t *tvb, int offset, packet_inf
return offset;
}
+/* TODO: not called, so couldn't make static. Delete? */
int
-lsarpc_dissect_bitmap_lsa_DomainAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int hf_index _U_, guint32 param _U_)
+lsarpc_dissect_bitmap_lsa_DomainAccessMask(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int hf_index _U_, uint32_t param _U_)
{
offset = dissect_nt_access_mask(
tvb, offset, pinfo, tree, di, drep, hf_lsarpc_domain_access_mask,
@@ -194,12 +195,12 @@ lsarpc_dissect_bitmap_lsa_DomainAccessMask(tvbuff_t *tvb, int offset, packet_inf
}
static int
-cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep)
+cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
{
- guint32 len;
+ uint32_t len;
e_ctx_hnd *polhnd = NULL;
dcerpc_call_value *dcv = NULL;
- guint32 type=0;
+ uint32_t type=0;
struct access_mask_info *ami=NULL;
if(di->conformant_run){
@@ -233,7 +234,7 @@ cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_t
break;
}
- dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, TRUE, len, ami);
+ dissect_nt_sec_desc(tvb, offset, pinfo, tree, drep, true, len, ami);
offset += len;
@@ -241,9 +242,9 @@ cnf_dissect_sec_desc_buf_(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_t
}
static int
-cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep)
+cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep)
{
- guint32 len;
+ uint32_t len;
if(di->conformant_run){
/*just a run to handle conformant arrays, nothing to dissect */
@@ -262,25 +263,25 @@ cnf_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tr
int
-lsarpc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep){
+lsarpc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep){
return cnf_dissect_sec_desc_buf(tvb, offset, pinfo, tree, di, drep);
}
static int
-lsarpc_dissect_struct_security_descriptor(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_, int unused1 _U_, int unused2 _U_){
+lsarpc_dissect_struct_security_descriptor(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_, int unused1 _U_, int unused2 _U_){
return cnf_dissect_sec_desc_buf(tvb, offset, pinfo, tree, di, drep);
}
int
-lsarpc_dissect_struct_dom_sid2(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_, int unused1 _U_, int unused2 _U_) {
+lsarpc_dissect_struct_dom_sid2(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_, int unused1 _U_, int unused2 _U_) {
/* sid */
return dissect_ndr_nt_SID(tvb, offset, pinfo, tree, di, drep);
}
static int
-cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, guint32 param _U_, int hfindex)
+cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, uint32_t param _U_, int hfindex)
{
offset = dissect_ndr_uint64(tvb, offset, pinfo, tree, di, drep, hfindex, NULL);
@@ -290,7 +291,7 @@ cnf_dissect_hyper(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tre
# PIDL cant handle top level arrays so we must explicitely go through a
# ref pointer here
static int
-lsarpc_dissect_element_lsa_LookupNames3_names_X(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di, guint8 *drep _U_)
+lsarpc_dissect_element_lsa_LookupNames3_names_X(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *parent_tree _U_, dcerpc_info* di, uint8_t *drep _U_)
{
proto_item *item = NULL;
proto_tree *tree = NULL;
@@ -308,28 +309,28 @@ lsarpc_dissect_element_lsa_LookupNames3_names_X(tvbuff_t *tvb _U_, int offset _U
}
static int
-lsarpc_dissect_element_lsa_LookupNames_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_)
+lsarpc_dissect_element_lsa_LookupNames_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_)
{
offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, di, drep, lsarpc_dissect_element_lsa_LookupNames3_names_X, NDR_POINTER_REF, "Pointer to Names", hf_lsarpc_names);
return offset;
}
static int
-lsarpc_dissect_element_lsa_LookupNames2_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_)
+lsarpc_dissect_element_lsa_LookupNames2_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_)
{
offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, di, drep, lsarpc_dissect_element_lsa_LookupNames3_names_X, NDR_POINTER_REF, "Pointer to Names", hf_lsarpc_names);
return offset;
}
static int
-lsarpc_dissect_element_lsa_LookupNames3_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_)
+lsarpc_dissect_element_lsa_LookupNames3_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_)
{
offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, di, drep, lsarpc_dissect_element_lsa_LookupNames3_names_X, NDR_POINTER_REF, "Pointer to Names", hf_lsarpc_names);
return offset;
}
static int
-lsarpc_dissect_element_lsa_LookupNames4_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_)
+lsarpc_dissect_element_lsa_LookupNames4_names(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_)
{
offset = dissect_ndr_toplevel_pointer(tvb, offset, pinfo, tree, di, drep, lsarpc_dissect_element_lsa_LookupNames3_names_X, NDR_POINTER_REF, "Pointer to Names", hf_lsarpc_names);
@@ -339,22 +340,22 @@ lsarpc_dissect_element_lsa_LookupNames4_names(tvbuff_t *tvb _U_, int offset _U_,
static int
-lsarpc_dissect_element_lsa_String_string_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_)
+lsarpc_dissect_element_lsa_String_string_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_)
{
char *data;
- offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(guint16), hf_lsarpc_String_name, FALSE, &data);
+ offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(uint16_t), hf_lsarpc_String_name, false, &data);
proto_item_append_text(tree, ": %s", data);
return offset;
}
static int
-lsarpc_dissect_element_lsa_StringLarge_string_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_)
+lsarpc_dissect_element_lsa_StringLarge_string_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_)
{
char *data;
- offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(guint16), hf_lsarpc_String_name, FALSE, &data);
+ offset = dissect_ndr_cvstring(tvb, offset, pinfo, tree, di, drep, sizeof(uint16_t), hf_lsarpc_String_name, false, &data);
proto_item_append_text(tree, ": %s", data);
return offset;
@@ -363,10 +364,10 @@ lsarpc_dissect_element_lsa_StringLarge_string_(tvbuff_t *tvb _U_, int offset _U_
static int
-lsarpc_dissect_element_lsa_DomainInfoEfs_efs_blob_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, guint8 *drep _U_)
+lsarpc_dissect_element_lsa_DomainInfoEfs_efs_blob_(tvbuff_t *tvb _U_, int offset _U_, packet_info *pinfo _U_, proto_tree *tree _U_, dcerpc_info* di, uint8_t *drep _U_)
{
tvbuff_t *next_tvb;
- gint len, reported_len;
+ int len, reported_len;
dissector_handle_t efsblob_handle;
if(di->conformant_run){
@@ -400,8 +401,8 @@ CODE END
HEADER START
extern int
-lsarpc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep);
+lsarpc_dissect_sec_desc_buf(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep);
extern int
-lsarpc_dissect_struct_dom_sid2(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, guint8 *drep, int unused1, int unused2);
+lsarpc_dissect_struct_dom_sid2(tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree, dcerpc_info* di, uint8_t *drep, int unused1, int unused2);
HEADER END
diff --git a/epan/dissectors/pidl/lsa/lsa.idl b/epan/dissectors/pidl/lsa/lsa.idl
index f7535d6a..e21b1f57 100644
--- a/epan/dissectors/pidl/lsa/lsa.idl
+++ b/epan/dissectors/pidl/lsa/lsa.idl
@@ -8,50 +8,14 @@
[ uuid("12345778-1234-abcd-ef00-0123456789ab"),
version(0.0),
- endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\netlogon]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"),
+ endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"),
+ pyhelper("librpc/ndr/py_lsa.c"),
pointer_default(unique),
helpstring("Local Security Authority")
] interface lsarpc
{
- typedef [bitmap32bit] bitmap {
- LSA_POLICY_NOTIFICATION = 0x00001000,
- LSA_POLICY_LOOKUP_NAMES = 0x00000800,
- LSA_POLICY_SERVER_ADMIN = 0x00000400,
- LSA_POLICY_AUDIT_LOG_ADMIN = 0x00000200,
- LSA_POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100,
- LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080,
- LSA_POLICY_CREATE_PRIVILEGE = 0x00000040,
- LSA_POLICY_CREATE_SECRET = 0x00000020,
- LSA_POLICY_CREATE_ACCOUNT = 0x00000010,
- LSA_POLICY_TRUST_ADMIN = 0x00000008,
- LSA_POLICY_GET_PRIVATE_INFORMATION = 0x00000004,
- LSA_POLICY_VIEW_AUDIT_INFORMATION = 0x00000002,
- LSA_POLICY_VIEW_LOCAL_INFORMATION = 0x00000001
- } lsa_PolicyAccessMask;
-
- typedef [bitmap32bit] bitmap {
- LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS = 0x00000008,
- LSA_ACCOUNT_ADJUST_QUOTAS = 0x00000004,
- LSA_ACCOUNT_ADJUST_PRIVILEGES = 0x00000002,
- LSA_ACCOUNT_VIEW = 0x00000001
- } lsa_AccountAccessMask;
-
- typedef [bitmap32bit] bitmap {
- LSA_DOMAIN_QUERY_AUTH = 0x00000040,
- LSA_DOMAIN_SET_AUTH = 0x00000020,
- LSA_DOMAIN_SET_POSIX = 0x00000010,
- LSA_DOMAIN_QUERY_POSIX = 0x00000008,
- LSA_DOMAIN_SET_CONTROLLERS = 0x00000004,
- LSA_DOMAIN_QUERY_CONTROLLERS = 0x00000002,
- LSA_DOMAIN_QUERY_DOMAIN_NAME = 0x00000001
- } lsa_DomainAccessMask;
-
- typedef [bitmap32bit] bitmap {
- LSA_SECRET_QUERY_VALUE = 0x00000002,
- LSA_SECRET_SET_VALUE = 0x00000001
- } lsa_SecretAccessMask;
-
typedef bitmap security_secinfo security_secinfo;
+ typedef bitmap kerb_EncTypes kerb_EncTypes;
typedef [public] struct {
[value(2*strlen_m(string))] uint16 length;
@@ -82,12 +46,18 @@
[charset(DOS),size_is(size),length_is(length)] uint8 *string;
} lsa_AsciiStringLarge;
+ typedef [public] struct {
+ uint16 length;
+ uint16 size;
+ [size_is(size/2),length_is(length/2)] uint16 *array;
+ } lsa_BinaryString;
+
/******************/
/* Function: 0x00 */
NTSTATUS lsa_Close (
[in,out] policy_handle *handle
);
-
+
/******************/
/* Function: 0x01 */
@@ -102,7 +72,7 @@
uint32 low;
uint32 high;
} lsa_LUID;
-
+
typedef struct {
lsa_StringLarge name;
lsa_LUID luid;
@@ -114,26 +84,27 @@
} lsa_PrivArray;
[public] NTSTATUS lsa_EnumPrivs (
- [in] policy_handle *handle,
- [in,out] uint32 *resume_handle,
- [in] uint32 max_count,
- [out] lsa_PrivArray *privs
+ [in] policy_handle *handle,
+ [in,out,ref] uint32 *resume_handle,
+ [out,ref] lsa_PrivArray *privs,
+ [in] uint32 max_count
);
/******************/
/* Function: 0x03 */
-
NTSTATUS lsa_QuerySecurity (
- [in] policy_handle *handle,
- [in] security_secinfo sec_info,
- [out] sec_desc_buf **sdbuf
+ [in] policy_handle *handle,
+ [in] security_secinfo sec_info,
+ [out,ref] sec_desc_buf **sdbuf
);
-
/******************/
/* Function: 0x04 */
- [todo] NTSTATUS lsa_SetSecObj ();
-
+ NTSTATUS lsa_SetSecObj(
+ [in] policy_handle *handle,
+ [in] security_secinfo sec_info,
+ [in,ref] sec_desc_buf *sdbuf
+ );
/******************/
/* Function: 0x05 */
@@ -144,21 +115,21 @@
/* Function: 0x06 */
typedef enum {
- LSA_SECURITY_ANONYMOUS = 0,
- LSA_SECURITY_IDENTIFICATION = 1,
- LSA_SECURITY_IMPERSONATION = 2,
- LSA_SECURITY_DELEGATION = 3
+ LSA_SECURITY_ANONYMOUS = 0,
+ LSA_SECURITY_IDENTIFICATION = 1,
+ LSA_SECURITY_IMPERSONATION = 2,
+ LSA_SECURITY_DELEGATION = 3
} lsa_SecurityImpersonationLevel;
typedef struct {
- uint32 len; /* ignored */
- lsa_SecurityImpersonationLevel impersonation_level;
+ uint3264 len; /* ignored */
+ lsa_SecurityImpersonationLevel impersonation_level;
uint8 context_mode;
uint8 effective_only;
} lsa_QosInfo;
-
+
typedef struct {
- uint32 len; /* ignored */
+ uint3264 len; /* ignored */
uint8 *root_dir;
[string,charset(UTF16)] uint16 *object_name;
uint32 attributes;
@@ -166,7 +137,151 @@
lsa_QosInfo *sec_qos;
} lsa_ObjectAttribute;
- /* notice the screwup with the system_name - thats why MS created
+ typedef [public,bitmap32bit] bitmap {
+ LSA_POLICY_VIEW_LOCAL_INFORMATION = 0x00000001,
+ LSA_POLICY_VIEW_AUDIT_INFORMATION = 0x00000002,
+ LSA_POLICY_GET_PRIVATE_INFORMATION = 0x00000004,
+ LSA_POLICY_TRUST_ADMIN = 0x00000008,
+ LSA_POLICY_CREATE_ACCOUNT = 0x00000010,
+ LSA_POLICY_CREATE_SECRET = 0x00000020,
+ LSA_POLICY_CREATE_PRIVILEGE = 0x00000040,
+ LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080,
+ LSA_POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100,
+ LSA_POLICY_AUDIT_LOG_ADMIN = 0x00000200,
+ LSA_POLICY_SERVER_ADMIN = 0x00000400,
+ LSA_POLICY_LOOKUP_NAMES = 0x00000800,
+ LSA_POLICY_NOTIFICATION = 0x00001000
+ } lsa_PolicyAccessMask;
+
+ const int LSA_POLICY_ALL_ACCESS =
+ (STANDARD_RIGHTS_REQUIRED_ACCESS |
+ LSA_POLICY_VIEW_LOCAL_INFORMATION |
+ LSA_POLICY_VIEW_AUDIT_INFORMATION |
+ LSA_POLICY_GET_PRIVATE_INFORMATION |
+ LSA_POLICY_TRUST_ADMIN |
+ LSA_POLICY_CREATE_ACCOUNT |
+ LSA_POLICY_CREATE_SECRET |
+ LSA_POLICY_CREATE_PRIVILEGE |
+ LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS |
+ LSA_POLICY_SET_AUDIT_REQUIREMENTS |
+ LSA_POLICY_AUDIT_LOG_ADMIN |
+ LSA_POLICY_SERVER_ADMIN |
+ LSA_POLICY_LOOKUP_NAMES |
+ LSA_POLICY_NOTIFICATION);
+
+ const int LSA_POLICY_READ =
+ (STANDARD_RIGHTS_READ_ACCESS |
+ LSA_POLICY_VIEW_LOCAL_INFORMATION |
+ LSA_POLICY_VIEW_AUDIT_INFORMATION |
+ LSA_POLICY_GET_PRIVATE_INFORMATION);
+
+ const int LSA_POLICY_WRITE =
+ (STANDARD_RIGHTS_READ_ACCESS |
+ LSA_POLICY_TRUST_ADMIN |
+ LSA_POLICY_CREATE_ACCOUNT |
+ LSA_POLICY_CREATE_SECRET |
+ LSA_POLICY_CREATE_PRIVILEGE |
+ LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS |
+ LSA_POLICY_SET_AUDIT_REQUIREMENTS |
+ LSA_POLICY_AUDIT_LOG_ADMIN |
+ LSA_POLICY_SERVER_ADMIN);
+
+ const int LSA_POLICY_EXECUTE =
+ (STANDARD_RIGHTS_EXECUTE_ACCESS |
+ LSA_POLICY_VIEW_LOCAL_INFORMATION |
+ LSA_POLICY_LOOKUP_NAMES);
+
+ typedef [public,bitmap32bit] bitmap {
+ LSA_ACCOUNT_VIEW = 0x00000001,
+ LSA_ACCOUNT_ADJUST_PRIVILEGES = 0x00000002,
+ LSA_ACCOUNT_ADJUST_QUOTAS = 0x00000004,
+ LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS = 0x00000008
+ } lsa_AccountAccessMask;
+
+ const int LSA_ACCOUNT_ALL_ACCESS =
+ (STANDARD_RIGHTS_REQUIRED_ACCESS |
+ LSA_ACCOUNT_VIEW |
+ LSA_ACCOUNT_ADJUST_PRIVILEGES |
+ LSA_ACCOUNT_ADJUST_QUOTAS |
+ LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS);
+
+ const int LSA_ACCOUNT_READ =
+ (STANDARD_RIGHTS_READ_ACCESS |
+ LSA_ACCOUNT_VIEW);
+
+ const int LSA_ACCOUNT_WRITE =
+ (STANDARD_RIGHTS_READ_ACCESS |
+ LSA_ACCOUNT_ADJUST_PRIVILEGES |
+ LSA_ACCOUNT_ADJUST_QUOTAS |
+ LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS);
+
+ const int LSA_ACCOUNT_EXECUTE =
+ (STANDARD_RIGHTS_EXECUTE_ACCESS);
+
+ typedef [public,bitmap32bit] bitmap {
+ LSA_SECRET_SET_VALUE = 0x00000001,
+ LSA_SECRET_QUERY_VALUE = 0x00000002
+ } lsa_SecretAccessMask;
+
+ const int LSA_SECRET_ALL_ACCESS =
+ (LSA_SECRET_QUERY_VALUE |
+ LSA_SECRET_SET_VALUE |
+ SEC_STD_DELETE |
+ STANDARD_RIGHTS_READ_ACCESS |
+ SEC_STD_WRITE_DAC |
+ SEC_STD_WRITE_OWNER); /* 0x000F0003 */
+
+ const int LSA_SECRET_READ =
+ (LSA_SECRET_QUERY_VALUE |
+ STANDARD_RIGHTS_READ_ACCESS); /* 0x00020002 */
+
+ const int LSA_SECRET_WRITE =
+ (LSA_SECRET_SET_VALUE |
+ STANDARD_RIGHTS_READ_ACCESS); /* 0x00020001 */
+
+ const int LSA_SECRET_EXECUTE =
+ (STANDARD_RIGHTS_READ_ACCESS); /* 0x00020000 */
+
+ typedef [public,bitmap32bit] bitmap {
+ LSA_TRUSTED_QUERY_DOMAIN_NAME = 0x00000001,
+ LSA_TRUSTED_QUERY_CONTROLLERS = 0x00000002,
+ LSA_TRUSTED_SET_CONTROLLERS = 0x00000004,
+ LSA_TRUSTED_QUERY_POSIX = 0x00000008,
+ LSA_TRUSTED_SET_POSIX = 0x00000010,
+ LSA_TRUSTED_SET_AUTH = 0x00000020,
+ LSA_TRUSTED_QUERY_AUTH = 0x00000040
+ } lsa_TrustedAccessMask;
+
+ const int LSA_TRUSTED_DOMAIN_ALL_ACCESS =
+ (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+ LSA_TRUSTED_QUERY_CONTROLLERS |
+ LSA_TRUSTED_SET_CONTROLLERS |
+ LSA_TRUSTED_QUERY_POSIX |
+ LSA_TRUSTED_SET_POSIX |
+ LSA_TRUSTED_SET_AUTH |
+ LSA_TRUSTED_QUERY_AUTH |
+ SEC_STD_DELETE |
+ STANDARD_RIGHTS_READ_ACCESS |
+ SEC_STD_WRITE_DAC |
+ SEC_STD_WRITE_OWNER); /* 0x000F007F */
+
+ const int LSA_TRUSTED_DOMAIN_READ =
+ (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+ STANDARD_RIGHTS_READ_ACCESS); /* 0x00020001 */
+
+ const int LSA_TRUSTED_DOMAIN_WRITE =
+ (LSA_TRUSTED_SET_CONTROLLERS |
+ LSA_TRUSTED_SET_POSIX |
+ LSA_TRUSTED_SET_AUTH |
+ STANDARD_RIGHTS_READ_ACCESS); /* 0x00020034 */
+
+ const int LSA_TRUSTED_DOMAIN_EXECUTE =
+ (LSA_TRUSTED_QUERY_DOMAIN_NAME |
+ LSA_TRUSTED_QUERY_POSIX |
+ STANDARD_RIGHTS_READ_ACCESS); /* 0x0002000C */
+
+
+ /* notice the screwup with the system_name - that's why MS created
OpenPolicy2 */
[public] NTSTATUS lsa_OpenPolicy (
[in,unique] uint16 *system_name,
@@ -174,7 +289,7 @@
[in] lsa_PolicyAccessMask access_mask,
[out] policy_handle *handle
);
-
+
/******************/
@@ -182,12 +297,11 @@
typedef struct {
uint32 percent_full;
- uint32 log_size;
- NTTIME retention_time;
+ uint32 maximum_log_size;
+ hyper retention_time;
uint8 shutdown_in_progress;
- NTTIME time_to_shutdown;
+ hyper time_to_shutdown;
uint32 next_audit_record;
- uint32 unknown;
} lsa_AuditLogInfo;
typedef [v1_enum] enum {
@@ -203,7 +317,7 @@
LSA_AUDIT_CATEGORY_LOGON = 1,
LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS = 2,
LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS = 3,
- LSA_AUDIT_CATEGORY_PROCCESS_TRACKING = 4,
+ LSA_AUDIT_CATEGORY_PROCESS_TRACKING = 4,
LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES = 5,
LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT = 6,
LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS = 7, /* only in win2k/2k3 */
@@ -225,13 +339,13 @@
lsa_String name;
} lsa_PDAccountInfo;
- typedef enum {
- LSA_POLICY_ROLE_BACKUP = 2,
- LSA_POLICY_ROLE_PRIMARY = 3
- } lsa_PolicyServerRole;
+ typedef [v1_enum] enum {
+ LSA_ROLE_BACKUP=2,
+ LSA_ROLE_PRIMARY=3
+ } lsa_Role;
typedef struct {
- lsa_PolicyServerRole role;
+ lsa_Role role;
} lsa_ServerRole;
typedef struct {
@@ -250,7 +364,7 @@
typedef struct {
hyper modified_id;
- NTTIME db_create_time;
+ NTTIME_hyper db_create_time;
} lsa_ModificationInfo;
typedef struct {
@@ -258,12 +372,11 @@
} lsa_AuditFullSetInfo;
typedef struct {
- uint16 unknown; /* an midl padding bug? */
uint8 shutdown_on_full;
uint8 log_is_full;
} lsa_AuditFullQueryInfo;
- typedef struct {
+ typedef [public] struct {
/* it's important that we use the lsa_StringLarge here,
* because otherwise windows clients result with such dns hostnames
* e.g. w2k3-client.samba4.samba.orgsamba4.samba.org
@@ -286,12 +399,12 @@
LSA_POLICY_INFO_ROLE=6,
LSA_POLICY_INFO_REPLICA=7,
LSA_POLICY_INFO_QUOTA=8,
- LSA_POLICY_INFO_DB=9,
+ LSA_POLICY_INFO_MOD=9,
LSA_POLICY_INFO_AUDIT_FULL_SET=10,
LSA_POLICY_INFO_AUDIT_FULL_QUERY=11,
LSA_POLICY_INFO_DNS=12,
LSA_POLICY_INFO_DNS_INT=13,
- LSA_POLICY_INFO_LOCAL_ACCOUNT_DOMAIN=14
+ LSA_POLICY_INFO_L_ACCOUNT_DOMAIN=14
} lsa_PolicyInfo;
typedef [switch_type(uint16)] union {
@@ -303,16 +416,18 @@
[case(LSA_POLICY_INFO_ROLE)] lsa_ServerRole role;
[case(LSA_POLICY_INFO_REPLICA)] lsa_ReplicaSourceInfo replica;
[case(LSA_POLICY_INFO_QUOTA)] lsa_DefaultQuotaInfo quota;
- [case(LSA_POLICY_INFO_DB)] lsa_ModificationInfo db;
+ [case(LSA_POLICY_INFO_MOD)] lsa_ModificationInfo mod;
[case(LSA_POLICY_INFO_AUDIT_FULL_SET)] lsa_AuditFullSetInfo auditfullset;
[case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery;
[case(LSA_POLICY_INFO_DNS)] lsa_DnsDomainInfo dns;
+ [case(LSA_POLICY_INFO_DNS_INT)] lsa_DnsDomainInfo dns_int;
+ [case(LSA_POLICY_INFO_L_ACCOUNT_DOMAIN)] lsa_DomainInfo l_account_domain;
} lsa_PolicyInformation;
- NTSTATUS lsa_QueryInfoPolicy (
+ NTSTATUS lsa_QueryInfoPolicy(
[in] policy_handle *handle,
[in] lsa_PolicyInfo level,
- [out,switch_is(level)] lsa_PolicyInformation **info
+ [out,ref,switch_is(level)] lsa_PolicyInformation **info
);
/******************/
@@ -331,40 +446,39 @@
/* Function: 0x0a */
[public] NTSTATUS lsa_CreateAccount (
[in] policy_handle *handle,
- [in] dom_sid2 *sid,
+ [in,ref] dom_sid2 *sid,
[in] lsa_AccountAccessMask access_mask,
[out] policy_handle *acct_handle
);
/******************/
/* NOTE: This only returns accounts that have at least
- one privilege set
+ one privilege set
*/
/* Function: 0x0b */
typedef struct {
dom_sid2 *sid;
} lsa_SidPtr;
-
+
typedef [public] struct {
- [range(0,1000)] uint32 num_sids;
+ [range(0,20480)] uint32 num_sids;
[size_is(num_sids)] lsa_SidPtr *sids;
} lsa_SidArray;
- [public] NTSTATUS lsa_EnumAccounts (
+ [public] NTSTATUS lsa_EnumAccounts(
[in] policy_handle *handle,
- [in,out] uint32 *resume_handle,
- [in,range(0,8192)] uint32 num_entries,
- [out] lsa_SidArray *sids
+ [in,out,ref] uint32 *resume_handle,
+ [out,ref] lsa_SidArray *sids,
+ [in,range(0,8192)] uint32 num_entries
);
-
/*************************************************/
/* Function: 0x0c */
[public] NTSTATUS lsa_CreateTrustedDomain(
- [in] policy_handle *handle,
+ [in] policy_handle *policy_handle,
[in] lsa_DomainInfo *info,
- [in] lsa_DomainAccessMask access_mask,
+ [in] lsa_TrustedAccessMask access_mask,
[out] policy_handle *trustdom_handle
);
@@ -380,11 +494,11 @@
[size_is(count)] lsa_DomainInfo *domains;
} lsa_DomainList;
- NTSTATUS lsa_EnumTrustDom (
+ NTSTATUS lsa_EnumTrustDom(
[in] policy_handle *handle,
- [in,out] uint32 *resume_handle,
- [in] uint32 max_size,
- [out] lsa_DomainList *domains
+ [in,out,ref] uint32 *resume_handle,
+ [out,ref] lsa_DomainList *domains,
+ [in] uint32 max_size
);
@@ -400,7 +514,8 @@
SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
SID_NAME_INVALID = 7, /* invalid account */
SID_NAME_UNKNOWN = 8, /* oops. */
- SID_NAME_COMPUTER = 9 /* machine */
+ SID_NAME_COMPUTER = 9, /* machine */
+ SID_NAME_LABEL = 10 /* Mandatory Label */
} lsa_SidType;
typedef struct {
@@ -415,7 +530,7 @@
} lsa_TransSidArray;
const int LSA_REF_DOMAIN_LIST_MULTIPLIER = 32;
- typedef struct {
+ typedef [public] struct {
[range(0,1000)] uint32 count;
[size_is(count)] lsa_DomainInfo *domains;
uint32 max_size;
@@ -429,23 +544,24 @@
* Level 6: Like 4
*/
- typedef enum {
+ typedef [public] enum {
LSA_LOOKUP_NAMES_ALL = 1,
LSA_LOOKUP_NAMES_DOMAINS_ONLY = 2,
LSA_LOOKUP_NAMES_PRIMARY_DOMAIN_ONLY = 3,
LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY = 4,
LSA_LOOKUP_NAMES_FOREST_TRUSTS_ONLY = 5,
- LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6
+ LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6,
+ LSA_LOOKUP_NAMES_RODC_REFERRAL_TO_FULL_DC = 7
} lsa_LookupNamesLevel;
[public] NTSTATUS lsa_LookupNames (
[in] policy_handle *handle,
[in,range(0,1000)] uint32 num_names,
[in,size_is(num_names)] lsa_String names[],
- [out] lsa_RefDomainList **domains,
- [in,out] lsa_TransSidArray *sids,
+ [out,ref] lsa_RefDomainList **domains,
+ [in,out,ref] lsa_TransSidArray *sids,
[in] lsa_LookupNamesLevel level,
- [in,out] uint32 *count
+ [in,out,ref] uint32 *count
);
@@ -458,18 +574,18 @@
uint32 sid_index;
} lsa_TranslatedName;
- typedef struct {
- [range(0,1000)] uint32 count;
+ typedef [public] struct {
+ [range(0,20480)] uint32 count;
[size_is(count)] lsa_TranslatedName *names;
} lsa_TransNameArray;
- [public] NTSTATUS lsa_LookupSids (
+ [public] NTSTATUS lsa_LookupSids(
[in] policy_handle *handle,
- [in] lsa_SidArray *sids,
- [out] lsa_RefDomainList *domains,
- [in,out] lsa_TransNameArray *names,
- [in] uint16 level,
- [in,out] uint32 *count
+ [in,ref] lsa_SidArray *sids,
+ [out,ref] lsa_RefDomainList **domains,
+ [in,out,ref] lsa_TransNameArray *names,
+ [in] lsa_LookupNamesLevel level,
+ [in,out,ref] uint32 *count
);
@@ -484,9 +600,9 @@
/*****************************************/
/* Function: 0x11 */
- NTSTATUS lsa_OpenAccount (
+ NTSTATUS lsa_OpenAccount(
[in] policy_handle *handle,
- [in] dom_sid2 *sid,
+ [in,ref] dom_sid2 *sid,
[in] lsa_AccountAccessMask access_mask,
[out] policy_handle *acct_handle
);
@@ -499,16 +615,16 @@
lsa_LUID luid;
uint32 attribute;
} lsa_LUIDAttribute;
-
+
typedef struct {
[range(0,1000)] uint32 count;
uint32 unknown;
[size_is(count)] lsa_LUIDAttribute set[*];
} lsa_PrivilegeSet;
-
- NTSTATUS lsa_EnumPrivsAccount (
+
+ NTSTATUS lsa_EnumPrivsAccount(
[in] policy_handle *handle,
- [out] lsa_PrivilegeSet **privs
+ [out,ref] lsa_PrivilegeSet **privs
);
@@ -516,9 +632,9 @@
/* Function: 0x13 */
NTSTATUS lsa_AddPrivilegesToAccount(
[in] policy_handle *handle,
- [in] lsa_PrivilegeSet *privs
+ [in,ref] lsa_PrivilegeSet *privs
);
-
+
/****************************************/
/* Function: 0x14 */
@@ -530,26 +646,33 @@
/* Function: 0x15 */
[todo] NTSTATUS lsa_GetQuotasForAccount();
-
+
/* Function: 0x16 */
[todo] NTSTATUS lsa_SetQuotasForAccount();
-
+
/* Function: 0x17 */
- [todo] NTSTATUS lsa_GetSystemAccessAccount();
+ NTSTATUS lsa_GetSystemAccessAccount(
+ [in] policy_handle *handle,
+ [out,ref] lsa_AccountAccessMask *access_mask
+ );
+
/* Function: 0x18 */
- [todo] NTSTATUS lsa_SetSystemAccessAccount();
+ NTSTATUS lsa_SetSystemAccessAccount(
+ [in] policy_handle *handle,
+ [in] lsa_AccountAccessMask access_mask
+ );
/* Function: 0x19 */
NTSTATUS lsa_OpenTrustedDomain(
[in] policy_handle *handle,
[in] dom_sid2 *sid,
- [in] lsa_DomainAccessMask access_mask,
+ [in] lsa_TrustedAccessMask access_mask,
[out] policy_handle *trustdom_handle
);
typedef [flag(NDR_PAHEX)] struct {
- uint32 length;
- uint32 size;
+ uint3264 length;
+ uint3264 size;
[size_is(size),length_is(length)] uint8 *data;
} lsa_DATA_BUF;
@@ -559,22 +682,59 @@
} lsa_DATA_BUF2;
typedef enum {
- LSA_TRUSTED_DOMAIN_INFO_NAME = 1,
- LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO = 2,
- LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET = 3,
- LSA_TRUSTED_DOMAIN_INFO_PASSWORD = 4,
- LSA_TRUSTED_DOMAIN_INFO_BASIC = 5,
- LSA_TRUSTED_DOMAIN_INFO_INFO_EX = 6,
- LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO = 7,
- LSA_TRUSTED_DOMAIN_INFO_FULL_INFO = 8,
- LSA_TRUSTED_DOMAIN_INFO_11 = 11,
- LSA_TRUSTED_DOMAIN_INFO_INFO_ALL = 12
+ LSA_TRUSTED_DOMAIN_INFO_NAME = 1,
+ LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS = 2,
+ LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET = 3,
+ LSA_TRUSTED_DOMAIN_INFO_PASSWORD = 4,
+ LSA_TRUSTED_DOMAIN_INFO_BASIC = 5,
+ LSA_TRUSTED_DOMAIN_INFO_INFO_EX = 6,
+ LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO = 7,
+ LSA_TRUSTED_DOMAIN_INFO_FULL_INFO = 8,
+ LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL = 9,
+ LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL = 10,
+ LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL = 11,
+ LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL = 12,
+ LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES = 13,
+ LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL_AES= 14,
+ LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL_AES= 15
} lsa_TrustDomInfoEnum;
+ typedef [public,bitmap32bit] bitmap {
+ LSA_TRUST_DIRECTION_INBOUND = 0x00000001,
+ LSA_TRUST_DIRECTION_OUTBOUND = 0x00000002
+ } lsa_TrustDirection;
+
+ typedef [public,v1_enum] enum {
+ LSA_TRUST_TYPE_DOWNLEVEL = 0x00000001,
+ LSA_TRUST_TYPE_UPLEVEL = 0x00000002,
+ LSA_TRUST_TYPE_MIT = 0x00000003,
+ LSA_TRUST_TYPE_DCE = 0x00000004
+ } lsa_TrustType;
+
+ typedef [public,bitmap32bit] bitmap {
+ LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE = 0x00000001,
+ LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY = 0x00000002,
+ LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004,
+ LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE = 0x00000008,
+ LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010,
+ LSA_TRUST_ATTRIBUTE_WITHIN_FOREST = 0x00000020,
+ LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL = 0x00000040,
+ LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION = 0x00000080,
+ LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION = 0x00000200,
+ LSA_TRUST_ATTRIBUTE_PIM_TRUST = 0x00000400,
+ LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION_ENABLE_TGT_DELEGATION = 0x00000800
+ } lsa_TrustAttributes;
+
typedef struct {
lsa_StringLarge netbios_name;
} lsa_TrustDomainInfoName;
+
+ typedef struct {
+ uint32 entries;
+ [size_is(entries)] lsa_StringLarge *netbios_names;
+ } lsa_TrustDomainInfoControllers;
+
typedef struct {
uint32 posix_offset;
} lsa_TrustDomainInfoPosixOffset;
@@ -589,22 +749,29 @@
dom_sid2 *sid;
} lsa_TrustDomainInfoBasic;
- typedef struct {
+ typedef [public] struct {
lsa_StringLarge domain_name;
lsa_StringLarge netbios_name;
- dom_sid2 *sid;
- uint32 trust_direction;
- uint32 trust_type;
- uint32 trust_attributes;
+ dom_sid2 *sid;
+ lsa_TrustDirection trust_direction;
+ lsa_TrustType trust_type;
+ lsa_TrustAttributes trust_attributes;
} lsa_TrustDomainInfoInfoEx;
+ typedef [public,v1_enum] enum {
+ TRUST_AUTH_TYPE_NONE = 0,
+ TRUST_AUTH_TYPE_NT4OWF = 1,
+ TRUST_AUTH_TYPE_CLEAR = 2,
+ TRUST_AUTH_TYPE_VERSION = 3
+ } lsa_TrustAuthType;
+
typedef struct {
NTTIME_hyper last_update_time;
- uint32 secret_type;
+ lsa_TrustAuthType AuthType;
lsa_DATA_BUF2 data;
} lsa_TrustDomainInfoBuffer;
- typedef struct {
+ typedef [public] struct {
uint32 incoming_count;
lsa_TrustDomainInfoBuffer *incoming_current_auth_info;
lsa_TrustDomainInfoBuffer *incoming_previous_auth_info;
@@ -620,38 +787,89 @@
} lsa_TrustDomainInfoFullInfo;
typedef struct {
- lsa_TrustDomainInfoInfoEx info_ex;
- lsa_DATA_BUF2 data1;
- } lsa_TrustDomainInfo11;
+ lsa_DATA_BUF2 auth_blob;
+ } lsa_TrustDomainInfoAuthInfoInternal;
+
+ typedef struct {
+ lsa_TrustDomainInfoInfoEx info_ex;
+ lsa_TrustDomainInfoPosixOffset posix_offset;
+ lsa_TrustDomainInfoAuthInfoInternal auth_info;
+ } lsa_TrustDomainInfoFullInfoInternal;
+
+ typedef struct {
+ uint8 auth_data[64];
+ uint8 salt[16];
+ lsa_DATA_BUF2 cipher;
+ } lsa_TrustDomainInfoAuthInfoInternalAES;
+
+ typedef struct {
+ lsa_TrustDomainInfoInfoEx info_ex;
+ lsa_TrustDomainInfoPosixOffset posix_offset;
+ lsa_TrustDomainInfoAuthInfoInternalAES auth_info;
+ } lsa_TrustDomainInfoFullInfoInternalAES;
typedef struct {
lsa_TrustDomainInfoInfoEx info_ex;
- lsa_DATA_BUF2 data1;
+ uint32 forest_trust_length;
+ [size_is(forest_trust_length)] uint8 *forest_trust_data;
+ } lsa_TrustDomainInfoInfoEx2Internal;
+
+ typedef struct {
+ lsa_TrustDomainInfoInfoEx2Internal info;
lsa_TrustDomainInfoPosixOffset posix_offset;
lsa_TrustDomainInfoAuthInfo auth_info;
- } lsa_TrustDomainInfoInfoAll;
+ } lsa_TrustDomainInfoFullInfo2Internal;
+
+ typedef struct {
+ kerb_EncTypes enc_types;
+ } lsa_TrustDomainInfoSupportedEncTypes;
typedef [switch_type(lsa_TrustDomInfoEnum)] union {
- [case(LSA_TRUSTED_DOMAIN_INFO_NAME)] lsa_TrustDomainInfoName name;
- [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)] lsa_TrustDomainInfoPosixOffset posix_offset;
- [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)] lsa_TrustDomainInfoPassword password;
- [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)] lsa_TrustDomainInfoBasic info_basic;
- [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)] lsa_TrustDomainInfoInfoEx info_ex;
- [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)] lsa_TrustDomainInfoAuthInfo auth_info;
- [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)] lsa_TrustDomainInfoFullInfo full_info;
- [case(LSA_TRUSTED_DOMAIN_INFO_11)] lsa_TrustDomainInfo11 info11;
- [case(LSA_TRUSTED_DOMAIN_INFO_INFO_ALL)] lsa_TrustDomainInfoInfoAll info_all;
+ [case(LSA_TRUSTED_DOMAIN_INFO_NAME)]
+ lsa_TrustDomainInfoName name;
+ [case(LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS)]
+ lsa_TrustDomainInfoControllers controllers;
+ [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)]
+ lsa_TrustDomainInfoPosixOffset posix_offset;
+ [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)]
+ lsa_TrustDomainInfoPassword password;
+ [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)]
+ lsa_TrustDomainInfoBasic info_basic;
+ [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)]
+ lsa_TrustDomainInfoInfoEx info_ex;
+ [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)]
+ lsa_TrustDomainInfoAuthInfo auth_info;
+ [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)]
+ lsa_TrustDomainInfoFullInfo full_info;
+ [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL)]
+ lsa_TrustDomainInfoAuthInfoInternal auth_info_internal;
+ [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL)]
+ lsa_TrustDomainInfoFullInfoInternal full_info_internal;
+ [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL)]
+ lsa_TrustDomainInfoInfoEx2Internal info_ex2_internal;
+ [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL)]
+ lsa_TrustDomainInfoFullInfo2Internal full_info2_internal;
+ [case(LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES)]
+ lsa_TrustDomainInfoSupportedEncTypes enc_types;
+ [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL_AES)]
+ lsa_TrustDomainInfoAuthInfoInternalAES auth_info_internal_aes;
+ [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL_AES)]
+ lsa_TrustDomainInfoFullInfoInternalAES full_info_internal_aes;
} lsa_TrustedDomainInfo;
/* Function: 0x1a */
NTSTATUS lsa_QueryTrustedDomainInfo(
[in] policy_handle *trustdom_handle,
- [in] lsa_TrustDomInfoEnum level,
- [out,switch_is(level)] lsa_TrustedDomainInfo **info
+ [in] lsa_TrustDomInfoEnum level,
+ [out,switch_is(level),ref] lsa_TrustedDomainInfo **info
);
/* Function: 0x1b */
- [todo] NTSTATUS lsa_SetInformationTrustedDomain();
+ NTSTATUS lsa_SetInformationTrustedDomain(
+ [in] policy_handle *trustdom_handle,
+ [in] lsa_TrustDomInfoEnum level,
+ [in,switch_is(level)] lsa_TrustedDomainInfo *info
+ );
/* Function: 0x1c */
[public] NTSTATUS lsa_OpenSecret(
@@ -685,35 +903,38 @@
/* Function: 0x1f */
NTSTATUS lsa_LookupPrivValue(
[in] policy_handle *handle,
- [in] lsa_String *name,
- [out] lsa_LUID *luid
+ [in,ref] lsa_String *name,
+ [out,ref] lsa_LUID *luid
);
/* Function: 0x20 */
- NTSTATUS lsa_LookupPrivName (
+ NTSTATUS lsa_LookupPrivName(
[in] policy_handle *handle,
- [in] lsa_LUID *luid,
- [out] lsa_StringLarge **name
+ [in,ref] lsa_LUID *luid,
+ [out,ref] lsa_StringLarge **name
);
/*******************/
/* Function: 0x21 */
- NTSTATUS lsa_LookupPrivDisplayName (
- [in] policy_handle *handle,
- [in] lsa_String *name,
- [out] lsa_StringLarge **disp_name,
+ NTSTATUS lsa_LookupPrivDisplayName(
+ [in] policy_handle *handle,
+ [in,ref] lsa_String *name,
+ [in] uint16 language_id,
+ [in] uint16 language_id_sys,
+ [out,ref] lsa_StringLarge **disp_name,
/* see http://www.microsoft.com/globaldev/nlsweb/ for
language definitions */
- [in,out] uint16 *language_id,
- [in] uint16 unknown
+ [out,ref] uint16 *returned_language_id
);
- /* Function: 0x22 */
- [todo] NTSTATUS lsa_DeleteObject();
+ /*******************/
+ /* Function: 0x22 */
+ NTSTATUS lsa_DeleteObject (
+ [in,out] policy_handle *handle
+ );
-
/*******************/
/* Function: 0x23 */
NTSTATUS lsa_EnumAccountsWithUserRight (
@@ -726,16 +947,16 @@
typedef struct {
[string,charset(UTF16)] uint16 *name;
} lsa_RightAttribute;
-
+
typedef struct {
- uint32 count;
+ [range(0,256)] uint32 count;
[size_is(count)] lsa_StringLarge *names;
} lsa_RightSet;
-
+
NTSTATUS lsa_EnumAccountRights (
[in] policy_handle *handle,
- [in] dom_sid2 *sid,
- [out] lsa_RightSet *rights
+ [in,ref] dom_sid2 *sid,
+ [out,ref] lsa_RightSet *rights
);
@@ -743,29 +964,35 @@
/* Function: 0x25 */
NTSTATUS lsa_AddAccountRights (
[in] policy_handle *handle,
- [in] dom_sid2 *sid,
- [in] lsa_RightSet *rights
+ [in,ref] dom_sid2 *sid,
+ [in,ref] lsa_RightSet *rights
);
-
+
/**********************/
/* Function: 0x26 */
NTSTATUS lsa_RemoveAccountRights (
[in] policy_handle *handle,
- [in] dom_sid2 *sid,
- [in] uint32 unknown,
- [in] lsa_RightSet *rights
+ [in,ref] dom_sid2 *sid,
+ [in] uint8 remove_all,
+ [in,ref] lsa_RightSet *rights
);
/* Function: 0x27 */
NTSTATUS lsa_QueryTrustedDomainInfoBySid(
[in] policy_handle *handle,
- [in] dom_sid2 *dom_sid,
- [in] lsa_TrustDomInfoEnum level,
- [out,switch_is(level)] lsa_TrustedDomainInfo **info
+ [in,ref] dom_sid2 *dom_sid,
+ [in] lsa_TrustDomInfoEnum level,
+ [out,switch_is(level),ref] lsa_TrustedDomainInfo **info
);
/* Function: 0x28 */
- [todo] NTSTATUS lsa_SetTrustedDomainInfo();
+ NTSTATUS lsa_SetTrustedDomainInfo(
+ [in] policy_handle *handle,
+ [in] dom_sid2 *dom_sid,
+ [in] lsa_TrustDomInfoEnum level,
+ [in,switch_is(level)] lsa_TrustedDomainInfo *info
+ );
+
/* Function: 0x29 */
NTSTATUS lsa_DeleteTrustedDomain(
[in] policy_handle *handle,
@@ -773,10 +1000,18 @@
);
/* Function: 0x2a */
- [todo] NTSTATUS lsa_StorePrivateData();
- /* Function: 0x2b */
- [todo] NTSTATUS lsa_RetrievePrivateData();
+ NTSTATUS lsa_StorePrivateData(
+ [in] policy_handle *handle,
+ [in,ref] lsa_String *name,
+ [in,unique] lsa_DATA_BUF *val
+ );
+ /* Function: 0x2b */
+ NTSTATUS lsa_RetrievePrivateData(
+ [in] policy_handle *handle,
+ [in,ref] lsa_String *name,
+ [in,out,ref] lsa_DATA_BUF **val
+ );
/**********************/
/* Function: 0x2c */
@@ -789,23 +1024,19 @@
/**********************/
/* Function: 0x2d */
- typedef struct {
- lsa_String *string;
- } lsa_StringPointer;
-
NTSTATUS lsa_GetUserName(
[in,unique] [string,charset(UTF16)] uint16 *system_name,
- [in,out,unique] lsa_String *account_name,
- [in,out,unique] lsa_StringPointer *authority_name
+ [in,out,ref] lsa_String **account_name,
+ [in,out,unique] lsa_String **authority_name
);
/**********************/
/* Function: 0x2e */
NTSTATUS lsa_QueryInfoPolicy2(
- [in] policy_handle *handle,
- [in] lsa_PolicyInfo level,
- [out,switch_is(level)] lsa_PolicyInformation **info
+ [in] policy_handle *handle,
+ [in] lsa_PolicyInfo level,
+ [out,ref,switch_is(level)] lsa_PolicyInformation **info
);
/* Function 0x2f */
@@ -818,19 +1049,19 @@
/**********************/
/* Function 0x30 */
NTSTATUS lsa_QueryTrustedDomainInfoByName(
- [in] policy_handle *handle,
- [in] lsa_String trusted_domain,
- [in] lsa_TrustDomInfoEnum level,
- [out,switch_is(level)] lsa_TrustedDomainInfo **info
+ [in] policy_handle *handle,
+ [in,ref] lsa_String *trusted_domain,
+ [in] lsa_TrustDomInfoEnum level,
+ [out,ref,switch_is(level)] lsa_TrustedDomainInfo **info
);
/**********************/
/* Function 0x31 */
- NTSTATUS lsa_SetTrustedDomainInfoByName(
+ [public] NTSTATUS lsa_SetTrustedDomainInfoByName(
[in] policy_handle *handle,
- [in] lsa_String trusted_domain,
- [in] lsa_TrustDomInfoEnum level,
- [in,unique,switch_is(level)] lsa_TrustedDomainInfo *info
+ [in,ref] lsa_String *trusted_domain,
+ [in] lsa_TrustDomInfoEnum level,
+ [in,ref,switch_is(level)] lsa_TrustedDomainInfo *info
);
/* Function 0x32 */
@@ -850,9 +1081,15 @@
[in] uint32 max_size
);
-
/* Function 0x33 */
- [todo] NTSTATUS lsa_CreateTrustedDomainEx();
+ NTSTATUS lsa_CreateTrustedDomainEx(
+ [in] policy_handle *policy_handle,
+ [in] lsa_TrustDomainInfoInfoEx *info,
+ [in] lsa_TrustDomainInfoAuthInfo *auth_info,
+ [in] lsa_TrustedAccessMask access_mask,
+ [out] policy_handle *trustdom_handle
+ );
+
/* Function 0x34 */
NTSTATUS lsa_CloseTrustedDomainEx(
@@ -860,16 +1097,23 @@
);
/* Function 0x35 */
+ typedef struct {
+ uint32 quality_of_service;
+ } lsa_DomainInfoQoS;
- /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000
- for unknown6 - gd */
+ typedef [bitmap32bit] bitmap {
+ LSA_POLICY_KERBEROS_VALIDATE_CLIENT = 0x00000080
+ } lsa_krbAuthenticationOptions;
+
+ /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000
+ for reserved - gd */
typedef struct {
- uint32 enforce_restrictions;
+ lsa_krbAuthenticationOptions authentication_options;
hyper service_tkt_lifetime;
hyper user_tkt_lifetime;
hyper user_tkt_renewaltime;
hyper clock_skew;
- hyper unknown6;
+ hyper reserved;
} lsa_DomainInfoKerberos;
typedef struct {
@@ -883,7 +1127,8 @@
LSA_DOMAIN_INFO_POLICY_KERBEROS=3
} lsa_DomainInfoEnum;
- typedef [switch_type(uint16)] union {
+ typedef [switch_type(lsa_DomainInfoEnum)] union {
+ [case(LSA_DOMAIN_INFO_POLICY_QOS)] lsa_DomainInfoQoS qos_info;
[case(LSA_DOMAIN_INFO_POLICY_EFS)] lsa_DomainInfoEfs efs_info;
[case(LSA_DOMAIN_INFO_POLICY_KERBEROS)] lsa_DomainInfoKerberos kerberos_info;
} lsa_DomainInformationPolicy;
@@ -891,7 +1136,7 @@
NTSTATUS lsa_QueryDomainInformationPolicy(
[in] policy_handle *handle,
[in] lsa_DomainInfoEnum level,
- [out,switch_is(level)] lsa_DomainInformationPolicy **info
+ [out,ref,switch_is(level)] lsa_DomainInformationPolicy **info
);
/* Function 0x36 */
@@ -906,7 +1151,7 @@
NTSTATUS lsa_OpenTrustedDomainByName(
[in] policy_handle *handle,
[in] lsa_String name,
- [in] lsa_DomainAccessMask access_mask,
+ [in] lsa_TrustedAccessMask access_mask,
[out] policy_handle *trustdom_handle
);
@@ -928,15 +1173,25 @@
[size_is(count)] lsa_TranslatedName2 *names;
} lsa_TransNameArray2;
+ typedef [v1_enum] enum {
+ LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES = 0x00000000,
+ LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES_LOCAL = 0x80000000
+ } lsa_LookupOptions;
+
+ typedef [v1_enum] enum {
+ LSA_CLIENT_REVISION_1 = 0x00000001,
+ LSA_CLIENT_REVISION_2 = 0x00000002
+ } lsa_ClientRevision;
+
[public] NTSTATUS lsa_LookupSids2(
[in] policy_handle *handle,
- [in] lsa_SidArray *sids,
- [out] lsa_RefDomainList **domains,
- [in,out] lsa_TransNameArray2 *names,
- [in] uint16 level,
- [in,out] uint32 *count,
- [in] uint32 unknown1,
- [in] uint32 unknown2
+ [in,ref] lsa_SidArray *sids,
+ [out,ref] lsa_RefDomainList **domains,
+ [in,out,ref] lsa_TransNameArray2 *names,
+ [in] lsa_LookupNamesLevel level,
+ [in,out,ref] uint32 *count,
+ [in] lsa_LookupOptions lookup_options,
+ [in] lsa_ClientRevision client_revision
);
/**********************/
@@ -958,16 +1213,22 @@
[in] policy_handle *handle,
[in,range(0,1000)] uint32 num_names,
[in,size_is(num_names)] lsa_String names[],
- [out] lsa_RefDomainList **domains,
- [in,out] lsa_TransSidArray2 *sids,
+ [out,ref] lsa_RefDomainList **domains,
+ [in,out,ref] lsa_TransSidArray2 *sids,
[in] lsa_LookupNamesLevel level,
- [in,out] uint32 *count,
- [in] uint32 unknown1,
- [in] uint32 unknown2
+ [in,out,ref] uint32 *count,
+ [in] lsa_LookupOptions lookup_options,
+ [in] lsa_ClientRevision client_revision
);
/* Function 0x3b */
- [todo] NTSTATUS lsa_CreateTrustedDomainEx2();
+ NTSTATUS lsa_CreateTrustedDomainEx2(
+ [in] policy_handle *policy_handle,
+ [in] lsa_TrustDomainInfoInfoEx *info,
+ [in] lsa_TrustDomainInfoAuthInfoInternal *auth_info_internal,
+ [in] lsa_TrustedAccessMask access_mask,
+ [out] policy_handle *trustdom_handle
+ );
/* Function 0x3c */
[todo] NTSTATUS lsa_CREDRWRITE();
@@ -999,7 +1260,7 @@
lsa_SidType sid_type;
dom_sid2 *sid;
uint32 sid_index;
- uint32 unknown;
+ uint32 flags;
} lsa_TranslatedSid3;
typedef struct {
@@ -1011,12 +1272,12 @@
[in] policy_handle *handle,
[in,range(0,1000)] uint32 num_names,
[in,size_is(num_names)] lsa_String names[],
- [out] lsa_RefDomainList **domains,
- [in,out] lsa_TransSidArray3 *sids,
+ [out,ref] lsa_RefDomainList **domains,
+ [in,out,ref] lsa_TransSidArray3 *sids,
[in] lsa_LookupNamesLevel level,
- [in,out] uint32 *count,
- [in] uint32 unknown1,
- [in] uint32 unknown2
+ [in,out,ref] uint32 *count,
+ [in] lsa_LookupOptions lookup_options,
+ [in] lsa_ClientRevision client_revision
);
/* Function 0x45 */
@@ -1032,8 +1293,44 @@
[todo] NTSTATUS lsa_LSARUNREGISTERAUDITEVENT();
/* Function 0x49 */
+ typedef [bitmap32bit,public] bitmap {
+ /* these apply to LSA_FOREST_TRUST_TOP_LEVEL_NAME */
+ LSA_TLN_DISABLED_NEW = 0x00000001,
+ LSA_TLN_DISABLED_ADMIN = 0x00000002,
+ LSA_TLN_DISABLED_CONFLICT = 0x00000004,
+
+ /* these apply to LSA_FOREST_TRUST_DOMAIN_INFO */
+ LSA_SID_DISABLED_ADMIN = 0x00000001,
+ LSA_SID_DISABLED_CONFLICT = 0x00000002,
+ LSA_NB_DISABLED_ADMIN = 0x00000004,
+ LSA_NB_DISABLED_CONFLICT = 0x00000008
+ } lsa_ForestTrustRecordFlags;
+
+ const uint32 LSA_TLN_DISABLED_MASK = (
+ LSA_TLN_DISABLED_NEW |
+ LSA_TLN_DISABLED_ADMIN |
+ LSA_TLN_DISABLED_CONFLICT);
+ const uint32 LSA_SID_DISABLED_MASK = (
+ LSA_SID_DISABLED_ADMIN |
+ LSA_SID_DISABLED_CONFLICT);
+ const uint32 LSA_NB_DISABLED_MASK = (
+ LSA_NB_DISABLED_ADMIN |
+ LSA_NB_DISABLED_CONFLICT);
+
+ typedef enum {
+ LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0,
+ LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1,
+ LSA_FOREST_TRUST_DOMAIN_INFO = 2,
+ LSA_FOREST_TRUST_BINARY_DATA = 3,
+ LSA_FOREST_TRUST_SCANNER_INFO = 4
+ } lsa_ForestTrustRecordType;
+ const uint32 LSA_FOREST_TRUST_RECORD_TYPE_LAST =
+ LSA_FOREST_TRUST_BINARY_DATA;
+ const uint32 LSA_FOREST_TRUST_RECORD2_TYPE_LAST =
+ LSA_FOREST_TRUST_SCANNER_INFO;
+
typedef struct {
- [range(0,131072)] uint32 length;
+ [range(0,131072)] uint3264 length;
[size_is(length)] uint8 *data;
} lsa_ForestTrustBinaryData;
@@ -1043,25 +1340,18 @@
lsa_StringLarge netbios_domain_name;
} lsa_ForestTrustDomainInfo;
- typedef [switch_type(uint32)] union {
- [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_String top_level_name;
+ typedef [switch_type(lsa_ForestTrustRecordType)] union {
+ [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_StringLarge top_level_name;
[case(LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX)] lsa_StringLarge top_level_name_ex;
[case(LSA_FOREST_TRUST_DOMAIN_INFO)] lsa_ForestTrustDomainInfo domain_info;
[default] lsa_ForestTrustBinaryData data;
} lsa_ForestTrustData;
- typedef [v1_enum] enum {
- LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0,
- LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1,
- LSA_FOREST_TRUST_DOMAIN_INFO = 2,
- LSA_FOREST_TRUST_RECORD_TYPE_LAST = 3
- } lsa_ForestTrustRecordType;
-
typedef struct {
- uint32 flags;
- lsa_ForestTrustRecordType level;
- hyper unknown;
- [switch_is(level)] lsa_ForestTrustData forest_trust_data;
+ lsa_ForestTrustRecordFlags flags;
+ lsa_ForestTrustRecordType type;
+ NTTIME_hyper time;
+ [switch_is(type)] lsa_ForestTrustData forest_trust_data;
} lsa_ForestTrustRecord;
typedef [public] struct {
@@ -1069,15 +1359,42 @@
[size_is(count)] lsa_ForestTrustRecord **entries;
} lsa_ForestTrustInformation;
- NTSTATUS lsa_lsaRQueryForestTrustInformation(
+ [public] NTSTATUS lsa_lsaRQueryForestTrustInformation(
[in] policy_handle *handle,
[in,ref] lsa_String *trusted_domain_name,
- [in] uint16 unknown, /* level ? */
+ [in] lsa_ForestTrustRecordType highest_record_type,
[out,ref] lsa_ForestTrustInformation **forest_trust_info
);
- /* Function 0x4a */
- [todo] NTSTATUS lsa_LSARSETFORESTTRUSTINFORMATION();
+ /*****************
+ * Function 0x4a */
+
+ typedef [v1_enum] enum {
+ LSA_FOREST_TRUST_COLLISION_TDO = 0,
+ LSA_FOREST_TRUST_COLLISION_XREF = 1,
+ LSA_FOREST_TRUST_COLLISION_OTHER = 2
+ } lsa_ForestTrustCollisionRecordType;
+
+ typedef [public] struct {
+ uint32 index;
+ lsa_ForestTrustCollisionRecordType type;
+ lsa_ForestTrustRecordFlags flags;
+ lsa_String name;
+ } lsa_ForestTrustCollisionRecord;
+
+ typedef [public] struct {
+ uint32 count;
+ [size_is(count)] lsa_ForestTrustCollisionRecord **entries;
+ } lsa_ForestTrustCollisionInfo;
+
+ [public] NTSTATUS lsa_lsaRSetForestTrustInformation(
+ [in] policy_handle *handle,
+ [in,ref] lsa_StringLarge *trusted_domain_name,
+ [in] lsa_ForestTrustRecordType highest_record_type,
+ [in,ref] lsa_ForestTrustInformation *forest_trust_info,
+ [in] boolean8 check_only,
+ [out,ref] lsa_ForestTrustCollisionInfo **collision_info
+ );
/* Function 0x4b */
[todo] NTSTATUS lsa_CREDRRENAME();
@@ -1086,25 +1403,30 @@
/* Function 0x4c */
[public] NTSTATUS lsa_LookupSids3(
- [in] lsa_SidArray *sids,
- [out] lsa_RefDomainList **domains,
- [in,out] lsa_TransNameArray2 *names,
- [in] uint16 level,
- [in,out] uint32 *count,
- [in] uint32 unknown1,
- [in] uint32 unknown2
+ [in,ref] lsa_SidArray *sids,
+ [out,ref] lsa_RefDomainList **domains,
+ [in,out,ref] lsa_TransNameArray2 *names,
+ [in] lsa_LookupNamesLevel level,
+ [in,out,ref] uint32 *count,
+ [in] lsa_LookupOptions lookup_options,
+ [in] lsa_ClientRevision client_revision
);
+ const int LSA_CLIENT_REVISION_NO_DNS = 0x00000001;
+ const int LSA_CLIENT_REVISION_DNS = 0x00000002;
+
+ const int LSA_LOOKUP_OPTIONS_NO_ISOLATED = 0x80000000;
+
/* Function 0x4d */
NTSTATUS lsa_LookupNames4(
[in,range(0,1000)] uint32 num_names,
[in,size_is(num_names)] lsa_String names[],
- [out] lsa_RefDomainList **domains,
- [in,out] lsa_TransSidArray3 *sids,
+ [out,ref] lsa_RefDomainList **domains,
+ [in,out,ref] lsa_TransSidArray3 *sids,
[in] lsa_LookupNamesLevel level,
- [in,out] uint32 *count,
- [in] uint32 unknown1,
- [in] uint32 unknown2
+ [in,out,ref] uint32 *count,
+ [in] lsa_LookupOptions lookup_options,
+ [in] lsa_ClientRevision client_revision
);
/* Function 0x4e */
@@ -1119,175 +1441,229 @@
/* Function 0x51 */
[todo] NTSTATUS lsa_LSARADTREPORTSECURITYEVENT();
- /* Function 0x52 */
- [todo] NTSTATUS Opnum82NotUsedOnWire(void);
+ /* Function 0x52 (82) */
+ [todo] void lsa_Opnum82NotUsedOnWire(void);
- /* Function 0x53 */
- [todo] NTSTATUS Opnum83NotUsedOnWire(void);
+ /* Function 0x53 (83) */
+ [todo] void lsa_Opnum83NotUsedOnWire(void);
- /* Function 0x54 */
- [todo] NTSTATUS Opnum84NotUsedOnWire(void);
+ /* Function 0x54 (84) */
+ [todo] void lsa_Opnum84NotUsedOnWire(void);
- /* Function 0x55 */
- [todo] NTSTATUS Opnum85NotUsedOnWire(void);
+ /* Function 0x55 (85) */
+ [todo] void lsa_Opnum85NotUsedOnWire(void);
- /* Function 0x56 */
- [todo] NTSTATUS Opnum86NotUsedOnWire(void);
+ /* Function 0x56 (86) */
+ [todo] void lsa_Opnum86NotUsedOnWire(void);
- /* Function 0x57 */
- [todo] NTSTATUS Opnum87NotUsedOnWire(void);
+ /* Function 0x57 (87) */
+ [todo] void lsa_Opnum87NotUsedOnWire(void);
- /* Function 0x58 */
- [todo] NTSTATUS Opnum88NotUsedOnWire(void);
+ /* Function 0x58 (88) */
+ [todo] void lsa_Opnum88NotUsedOnWire(void);
- /* Function 0x59 */
- [todo] NTSTATUS Opnum89NotUsedOnWire(void);
+ /* Function 0x59 (89) */
+ [todo] void lsa_Opnum89NotUsedOnWire(void);
- /* Function 0x5A */
- [todo] NTSTATUS Opnum90NotUsedOnWire(void);
+ /* Function 0x5A (90) */
+ [todo] void lsa_Opnum90NotUsedOnWire(void);
- /* Function 0x5B */
- [todo] NTSTATUS Opnum91NotUsedOnWire(void);
+ /* Function 0x5B (91) */
+ [todo] void lsa_Opnum91NotUsedOnWire(void);
- /* Function 0x5C */
- [todo] NTSTATUS Opnum92NotUsedOnWire(void);
+ /* Function 0x5C (92) */
+ [todo] void lsa_Opnum92NotUsedOnWire(void);
- /* Function 0x5D */
- [todo] NTSTATUS Opnum93NotUsedOnWire(void);
+ /* Function 0x5D (93) */
+ [todo] void lsa_Opnum93NotUsedOnWire(void);
- /* Function 0x5E */
- [todo] NTSTATUS Opnum94NotUsedOnWire(void);
+ /* Function 0x5E (94) */
+ [todo] void lsa_Opnum94NotUsedOnWire(void);
- /* Function 0x5F */
- [todo] NTSTATUS Opnum95NotUsedOnWire(void);
+ /* Function 0x5F (95) */
+ [todo] void lsa_Opnum95NotUsedOnWire(void);
- /* Function 0x60 */
- [todo] NTSTATUS Opnum96NotUsedOnWire(void);
+ /* Function 0x60 (96) */
+ [todo] void lsa_Opnum96NotUsedOnWire(void);
- /* Function 0x61 */
- [todo] NTSTATUS Opnum97NotUsedOnWire(void);
+ /* Function 0x61 (97) */
+ [todo] void lsa_Opnum97NotUsedOnWire(void);
- /* Function 0x62 */
- [todo] NTSTATUS Opnum98NotUsedOnWire(void);
+ /* Function 0x62 (98) */
+ [todo] void lsa_Opnum98NotUsedOnWire(void);
- /* Function 0x63 */
- [todo] NTSTATUS Opnum99NotUsedOnWire(void);
+ /* Function 0x63 (99) */
+ [todo] void lsa_Opnum99NotUsedOnWire(void);
- /* Function 0x64 */
- [todo] NTSTATUS Opnum100NotUsedOnWire(void);
+ /* Function 0x64 (100) */
+ [todo] void lsa_Opnum100NotUsedOnWire(void);
- /* Function 0x65 */
- [todo] NTSTATUS Opnum101NotUsedOnWire(void);
+ /* Function 0x65 (101) */
+ [todo] void lsa_Opnum101NotUsedOnWire(void);
- /* Function 0x66 */
- [todo] NTSTATUS Opnum102NotUsedOnWire(void);
+ /* Function 0x66 (102) */
+ [todo] void lsa_Opnum102NotUsedOnWire(void);
- /* Function 0x67 */
- [todo] NTSTATUS Opnum103NotUsedOnWire(void);
+ /* Function 0x67 (103) */
+ [todo] void lsa_Opnum103NotUsedOnWire(void);
- /* Function 0x68 */
- [todo] NTSTATUS Opnum104NotUsedOnWire(void);
+ /* Function 0x68 (104) */
+ [todo] void lsa_Opnum104NotUsedOnWire(void);
- /* Function 0x69 */
- [todo] NTSTATUS Opnum105NotUsedOnWire(void);
+ /* Function 0x69 (105) */
+ [todo] void lsa_Opnum105NotUsedOnWire(void);
- /* Function 0x6A */
- [todo] NTSTATUS Opnum106NotUsedOnWire(void);
+ /* Function 0x6A (106) */
+ [todo] void lsa_Opnum106NotUsedOnWire(void);
- /* Function 0x6B */
- [todo] NTSTATUS Opnum107NotUsedOnWire(void);
+ /* Function 0x6B (107) */
+ [todo] void lsa_Opnum107NotUsedOnWire(void);
- /* Function 0x6C */
- [todo] NTSTATUS Opnum108NotUsedOnWire(void);
+ /* Function 0x6C (108) */
+ [todo] void lsa_Opnum108NotUsedOnWire(void);
- /* Function 0x6D */
- [todo] NTSTATUS Opnum109NotUsedOnWire(void);
+ /* Function 0x6D (109) */
+ [todo] void lsa_Opnum109NotUsedOnWire(void);
- /* Function 0x6E */
- [todo] NTSTATUS Opnum110NotUsedOnWire(void);
+ /* Function 0x6E (110) */
+ [todo] void lsa_Opnum110NotUsedOnWire(void);
- /* Function 0x6F */
- [todo] NTSTATUS Opnum111NotUsedOnWire(void);
+ /* Function 0x6F (111) */
+ [todo] void lsa_Opnum111NotUsedOnWire(void);
- /* Function 0x70 */
- [todo] NTSTATUS Opnum112NotUsedOnWire(void);
+ /* Function 0x70 (112) */
+ [todo] void lsa_Opnum112NotUsedOnWire(void);
- /* Function 0x71 */
- [todo] NTSTATUS Opnum113NotUsedOnWire(void);
+ /* Function 0x71 (113) */
+ [todo] void lsa_Opnum113NotUsedOnWire(void);
- /* Function 0x72 */
- [todo] NTSTATUS Opnum114NotUsedOnWire(void);
+ /* Function 0x72 (114) */
+ [todo] void lsa_Opnum114NotUsedOnWire(void);
- /* Function 0x73 */
- [todo] NTSTATUS Opnum115NotUsedOnWire(void);
+ /* Function 0x73 (115) */
+ [todo] void lsa_Opnum115NotUsedOnWire(void);
- /* Function 0x74 */
- [todo] NTSTATUS Opnum116NotUsedOnWire(void);
+ /* Function 0x74 (116) */
+ [todo] void lsa_Opnum116NotUsedOnWire(void);
- /* Function 0x75 */
- [todo] NTSTATUS Opnum117NotUsedOnWire(void);
+ /* Function 0x75 (117) */
+ [todo] void lsa_Opnum117NotUsedOnWire(void);
- /* Function 0x76 */
- [todo] NTSTATUS Opnum118NotUsedOnWire(void);
+ /* Function 0x76 (118) */
+ [todo] void lsa_Opnum118NotUsedOnWire(void);
- /* Function 0x77 */
- [todo] NTSTATUS Opnum119NotUsedOnWire(void);
+ /* Function 0x77 (119) */
+ [todo] void lsa_Opnum119NotUsedOnWire(void);
- /* Function 0x78 */
- [todo] NTSTATUS Opnum120NotUsedOnWire(void);
+ /* Function 0x78 (120) */
+ [todo] void lsa_Opnum120NotUsedOnWire(void);
- /* Function 0x79 */
- [todo] NTSTATUS Opnum121NotUsedOnWire(void);
+ /* Function 0x79 (121) */
+ [todo] void lsa_Opnum121NotUsedOnWire(void);
- /* Function 0x7A */
- [todo] NTSTATUS Opnum122NotUsedOnWire(void);
+ /* Function 0x7A (122) */
+ [todo] void lsa_Opnum122NotUsedOnWire(void);
- /* Function 0x7B */
- [todo] NTSTATUS Opnum123NotUsedOnWire(void);
+ /* Function 0x7B (123) */
+ [todo] void lsa_Opnum123NotUsedOnWire(void);
- /* Function 0x7C */
- [todo] NTSTATUS Opnum124NotUsedOnWire(void);
+ /* Function 0x7C (124) */
+ [todo] void lsa_Opnum124NotUsedOnWire(void);
- /* Function 0x7D */
- [todo] NTSTATUS Opnum125NotUsedOnWire(void);
+ /* Function 0x7D (125) */
+ [todo] void lsa_Opnum125NotUsedOnWire(void);
- /* Function 0x7E */
- [todo] NTSTATUS Opnum126NotUsedOnWire(void);
+ /* Function 0x7E (126) */
+ [todo] void lsa_Opnum126NotUsedOnWire(void);
- /* Function 0x7F */
- [todo] NTSTATUS Opnum127NotUsedOnWire(void);
+ /* Function 0x7F (127) */
+ [todo] void lsa_Opnum127NotUsedOnWire(void);
- /* Function 0x80 */
- [todo] NTSTATUS Opnum128NotUsedOnWire(void);
+ /* Function 0x80 (128) */
+ [todo] void lsa_Opnum128NotUsedOnWire(void);
- /* Function 0x81 */
- [todo] NTSTATUS lsa_LsarCreateTrustedDomainEx3(void);
+ /***********************/
+ /* Function 0x81 (129) */
- /*****************/
- /* Function 0x82 */
+ NTSTATUS lsa_CreateTrustedDomainEx3(
+ [in] policy_handle *policy_handle,
+ [in] lsa_TrustDomainInfoInfoEx *info,
+ [in] lsa_TrustDomainInfoAuthInfoInternalAES *auth_info_internal,
+ [in] lsa_TrustedAccessMask access_mask,
+ [out] policy_handle *trustdom_handle
+ );
- typedef [v1_enum] enum {
- LSAPR_REVISION_VERSION_1 = 0x00000001
- } LSAPR_REVISION_VERSION;
+ /***********************/
+ /* Function 0x82 (130) */
- typedef struct _LSAPR_REVISION_INFO_V1
- {
- uint32 Revision;
- uint32 SupportedFeatures;
- } LSAPR_REVISION_INFO_V1;
+ typedef [bitmap32bit] bitmap {
+ LSA_FEATURE_TDO_AUTH_INFO_AES_CIPHER = 0x00000001
+ } lsa_RevisionSupportedFeature;
- typedef [switch_type(LSAPR_REVISION_VERSION)] union {
- [case(LSAPR_REVISION_VERSION_1)] LSAPR_REVISION_INFO_V1 revision_info_v1;
- } LSAPR_REVISION_INFO;
+ typedef struct {
+ uint32 revision;
+ lsa_RevisionSupportedFeature supported_features;
+ } lsa_revision_info1;
+
+ typedef [switch_type(uint32)] union {
+ [case(1)] lsa_revision_info1 info1;
+ } lsa_revision_info;
- NTSTATUS lsa_LsarOpenPolicy3(
+ [public] NTSTATUS lsa_OpenPolicy3 (
[in,unique] [string,charset(UTF16)] uint16 *system_name,
- [in] lsa_ObjectAttribute *ObjectAttributes,
- [in] lsa_PolicyAccessMask DesiredAccess,
- [in] uint32 InVersion,
- [in] [switch_is(InVersion)] LSAPR_REVISION_INFO* InRevisionInfo,
- [out] uint32 *OutVersion,
- [out] [switch_is(*OutVersion)] LSAPR_REVISION_INFO* OutRevisionInfo,
- [out] policy_handle *handle
- );
+ [in] lsa_ObjectAttribute *attr,
+ [in] lsa_PolicyAccessMask access_mask,
+ [in] uint32 in_version,
+ [in,ref][switch_is(in_version)] lsa_revision_info *in_revision_info,
+ [out,ref] uint32 *out_version,
+ [out,ref][switch_is(*out_version)] lsa_revision_info *out_revision_info,
+ [out,ref] policy_handle *handle
+ );
+
+ /* Function 0x83 (131) */
+ [todo] void lsa_Opnum131NotUsedOnWire(void);
+
+ /***********************/
+ /* Function 0x84 (132) */
+ typedef [switch_type(lsa_ForestTrustRecordType)] union {
+ [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_StringLarge top_level_name;
+ [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX)] lsa_StringLarge top_level_name_ex;
+ [case(LSA_FOREST_TRUST_DOMAIN_INFO)] lsa_ForestTrustDomainInfo domain_info;
+ [case(LSA_FOREST_TRUST_BINARY_DATA)] lsa_ForestTrustBinaryData data;
+ /*
+ * lsa_ForestTrustScannerInfo would have the same
+ * definition as lsa_ForestTrustDomainInfo
+ */
+ [case(LSA_FOREST_TRUST_SCANNER_INFO)] lsa_ForestTrustDomainInfo scanner_info;
+ } lsa_ForestTrustData2;
+
+ typedef struct {
+ lsa_ForestTrustRecordFlags flags;
+ lsa_ForestTrustRecordType type;
+ NTTIME_hyper time;
+ [switch_is(type)] lsa_ForestTrustData2 forest_trust_data;
+ } lsa_ForestTrustRecord2;
+
+ typedef [public] struct {
+ [range(0,4000)] uint32 count;
+ [size_is(count)] lsa_ForestTrustRecord2 **entries;
+ } lsa_ForestTrustInformation2;
+
+ [public] NTSTATUS lsa_lsaRQueryForestTrustInformation2(
+ [in] policy_handle *handle,
+ [in,ref] lsa_String *trusted_domain_name,
+ [in] lsa_ForestTrustRecordType highest_record_type,
+ [out,ref] lsa_ForestTrustInformation2 **forest_trust_info
+ );
+
+ /***********************/
+ /* Function 0x85 (133) */
+ [public] NTSTATUS lsa_lsaRSetForestTrustInformation2(
+ [in] policy_handle *handle,
+ [in,ref] lsa_StringLarge *trusted_domain_name,
+ [in] lsa_ForestTrustRecordType highest_record_type,
+ [in,ref] lsa_ForestTrustInformation2 *forest_trust_info,
+ [in] boolean8 check_only,
+ [out,ref] lsa_ForestTrustCollisionInfo **collision_info
+ );
}