Headers diff for sspicli.dll between 6.3.9600.17415-Windows 8.1 and 10.0.10586.0-Windows 10 1511 10586.494 versions



 ntlsa.h (6.3.9600.17415-Windows 8.1)   ntlsa.h (10.0.10586.0-Windows 10 1511 10586.494) 
skipping to change at line 40 skipping to change at line 40
// end_ntsecapi // end_ntsecapi
#if _MSC_VER > 1000 #if _MSC_VER > 1000
#pragma once #pragma once
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#if _MSC_VER >= 1200
#pragma warning(push)
#pragma warning(disable:4820) // padding added after data member
#endif
// begin_ntsecapi // begin_ntsecapi
#ifndef _NTLSA_IFS_ #ifndef _NTLSA_IFS_
// begin_ntifs // begin_ntifs
// //
// Security operation mode of the system is held in a control // Security operation mode of the system is held in a control
// longword. // longword.
// //
typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE; typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
skipping to change at line 588 skipping to change at line 593
// //
// Received value: // Received value:
// //
// pointer to SE_ADT_ACCESS_REASON structure // pointer to SE_ADT_ACCESS_REASON structure
// //
// Results in: // Results in:
// //
// String representation of the access reaso n. // String representation of the access reaso n.
// //
// //
// Everything below this exists only in Windows Server 2012 and greater? // Everything below this exists only in Windows Server 2012 and greater
// //
SeAdtParmTypeStagingReason, // Produces 1 parameters SeAdtParmTypeStagingReason, // Produces 1 parameters
// //
// Received value: // Received value:
// //
// pointer to SE_ADT_ACCESS_REASON structure // pointer to SE_ADT_ACCESS_REASON structure
// //
// Results in: // Results in:
// //
skipping to change at line 642 skipping to change at line 647
// //
// SID (variable length) // SID (variable length)
// //
//Results in: //Results in:
// //
// param 1: Sid string (based on SID and no t derived from the LUID) // param 1: Sid string (based on SID and no t derived from the LUID)
// param 2: - // param 2: -
// param 3: - // param 3: -
// param 4: - // param 4: -
SeAdtParmTypeMultiSzString, //Produces 1 parameter
//Received value:
//
// PZZWSTR string
//
//Results in:
//
// Unicode string with each null replaced wi
th /r/n
SeAdtParmTypeLogonIdEx, //Produces 4 parameters.
//Received Value:
//
// LUID (fixed length)
//
//Results in:
//
// param 1: Sid string
// param 2: Username string
// param 3: domain name string
// param 4: Logon ID (Luid) string
} SE_ADT_PARAMETER_TYPE, *PSE_ADT_PARAMETER_TYPE; } SE_ADT_PARAMETER_TYPE, *PSE_ADT_PARAMETER_TYPE;
#ifndef GUID_DEFINED #ifndef GUID_DEFINED
#include <guiddef.h> #include <guiddef.h>
#endif /* GUID_DEFINED */ #endif /* GUID_DEFINED */
typedef struct _SE_ADT_OBJECT_TYPE { typedef struct _SE_ADT_OBJECT_TYPE {
GUID ObjectType; GUID ObjectType;
USHORT Flags; USHORT Flags;
#define SE_ADT_OBJECT_ONLY 0x1 #define SE_ADT_OBJECT_ONLY 0x1
skipping to change at line 701 skipping to change at line 727
ULONG AuditId; ULONG AuditId;
ULONG ParameterCount; ULONG ParameterCount;
ULONG Length; ULONG Length;
USHORT FlatSubCategoryId; USHORT FlatSubCategoryId;
USHORT Type; USHORT Type;
ULONG Flags; ULONG Flags;
SE_ADT_PARAMETER_ARRAY_ENTRY Parameters[ SE_MAX_AUDIT_PARAMETERS ]; SE_ADT_PARAMETER_ARRAY_ENTRY Parameters[ SE_MAX_AUDIT_PARAMETERS ];
} SE_ADT_PARAMETER_ARRAY, *PSE_ADT_PARAMETER_ARRAY; } SE_ADT_PARAMETER_ARRAY, *PSE_ADT_PARAMETER_ARRAY;
typedef struct _SE_ADT_PARAMETER_ARRAY_EX {
ULONG CategoryId;
ULONG AuditId;
ULONG Version;
ULONG ParameterCount;
ULONG Length;
USHORT FlatSubCategoryId;
USHORT Type;
ULONG Flags;
SE_ADT_PARAMETER_ARRAY_ENTRY Parameters[ SE_MAX_AUDIT_PARAMETERS ];
} SE_ADT_PARAMETER_ARRAY_EX, *PSE_ADT_PARAMETER_ARRAY_EX;
#define SE_ADT_PARAMETERS_SELF_RELATIVE 0x00000001 #define SE_ADT_PARAMETERS_SELF_RELATIVE 0x00000001
#define SE_ADT_PARAMETERS_SEND_TO_LSA 0x00000002 #define SE_ADT_PARAMETERS_SEND_TO_LSA 0x00000002
#define SE_ADT_PARAMETER_EXTENSIBLE_AUDIT 0x00000004 #define SE_ADT_PARAMETER_EXTENSIBLE_AUDIT 0x00000004
#define SE_ADT_PARAMETER_GENERIC_AUDIT 0x00000008 #define SE_ADT_PARAMETER_GENERIC_AUDIT 0x00000008
#define SE_ADT_PARAMETER_WRITE_SYNCHRONOUS 0x00000010 #define SE_ADT_PARAMETER_WRITE_SYNCHRONOUS 0x00000010
// //
// This macro only existed in Windows Server 2008 and after // This macro only existed in Windows Server 2008 and after
// //
skipping to change at line 828 skipping to change at line 868
iLogon_Logon, iLogon_Logon,
iLogon_Logoff, iLogon_Logoff,
iLogon_AccountLockout, iLogon_AccountLockout,
iLogon_IPSecMainMode, iLogon_IPSecMainMode,
iLogon_SpecialLogon, iLogon_SpecialLogon,
iLogon_IPSecQuickMode, iLogon_IPSecQuickMode,
iLogon_IPSecUsermode, iLogon_IPSecUsermode,
iLogon_Others, iLogon_Others,
iLogon_NPS, iLogon_NPS,
iLogon_Claims, iLogon_Claims,
iLogon_Groups,
iObjectAccess_FileSystem, iObjectAccess_FileSystem,
iObjectAccess_Registry, iObjectAccess_Registry,
iObjectAccess_Kernel, iObjectAccess_Kernel,
iObjectAccess_Sam, iObjectAccess_Sam,
iObjectAccess_Other, iObjectAccess_Other,
iObjectAccess_CertificationAuthority, iObjectAccess_CertificationAuthority,
iObjectAccess_ApplicationGenerated, iObjectAccess_ApplicationGenerated,
iObjectAccess_HandleBasedAudits, iObjectAccess_HandleBasedAudits,
iObjectAccess_Share, iObjectAccess_Share,
skipping to change at line 852 skipping to change at line 893
iObjectAccess_CbacStaging, iObjectAccess_CbacStaging,
iPrivilegeUse_Sensitive, iPrivilegeUse_Sensitive,
iPrivilegeUse_NonSensitive, iPrivilegeUse_NonSensitive,
iPrivilegeUse_Others, iPrivilegeUse_Others,
iDetailedTracking_ProcessCreation, iDetailedTracking_ProcessCreation,
iDetailedTracking_ProcessTermination, iDetailedTracking_ProcessTermination,
iDetailedTracking_DpapiActivity, iDetailedTracking_DpapiActivity,
iDetailedTracking_RpcCall, iDetailedTracking_RpcCall,
iDetailedTracking_PnpActivity,
iPolicyChange_AuditPolicy, iPolicyChange_AuditPolicy,
iPolicyChange_AuthenticationPolicy, iPolicyChange_AuthenticationPolicy,
iPolicyChange_AuthorizationPolicy, iPolicyChange_AuthorizationPolicy,
iPolicyChange_MpsscvRulePolicy, iPolicyChange_MpsscvRulePolicy,
iPolicyChange_WfpIPSecPolicy, iPolicyChange_WfpIPSecPolicy,
iPolicyChange_Others, iPolicyChange_Others,
iAccountManagement_UserAccount, iAccountManagement_UserAccount,
iAccountManagement_ComputerAccount, iAccountManagement_ComputerAccount,
skipping to change at line 1906 skipping to change at line 1948
// //
// System Flags for LsaLookupSids2 // System Flags for LsaLookupSids2
// //
// //
// Note the flags start backward so that public values // Note the flags start backward so that public values
// don't have gaps. // don't have gaps.
// //
// //
// This flag controls LsaLookupSids2 such that Internet accounts cached locally // This flag controls LsaLookupSids2 such that for internet SIDs
// will be mapped to their local names, not Internet names. // from identity providers for connected accounts are disallowed
// connected accounts are those accounts which have a corresponding
// shadow account in the local SAM database connected to
// an online identity provider
// (for example MicrosoftAccount is a connected account)
// //
#define LSA_LOOKUP_PREFER_LOCAL_NAMES 0x80000000 #define LSA_LOOKUP_DISALLOW_CONNECTED_ACCOUNT_INTERNET_SID 0x80000000
// This flag returns the internet names. Otherwise the NT4 style name eg. domain
\username
// will be returned. The exception is if the MSA internet SID is specified
// then the internet name will be returned unless LSA_LOOKUP_DISALLOW_NON_WINDOW
S_INTERNET_SID
// is specified
#define LSA_LOOKUP_PREFER_INTERNET_NAMES 0x40000000
// begin_ntsecapi // begin_ntsecapi
// //
// The following data type defines the classes of Policy Information // The following data type defines the classes of Policy Information
// that may be queried/set. // that may be queried/set.
// //
typedef enum _POLICY_INFORMATION_CLASS { typedef enum _POLICY_INFORMATION_CLASS {
skipping to change at line 2537 skipping to change at line 2589
#if (_WIN32_WINNT >= 0x0502) #if (_WIN32_WINNT >= 0x0502)
#define TRUST_ATTRIBUTE_CROSS_ORGANIZATION 0x00000010 // This trust is to a domain/forest which is not part of this enterprise #define TRUST_ATTRIBUTE_CROSS_ORGANIZATION 0x00000010 // This trust is to a domain/forest which is not part of this enterprise
#define TRUST_ATTRIBUTE_WITHIN_FOREST 0x00000020 // Trust is in ternal to this forest #define TRUST_ATTRIBUTE_WITHIN_FOREST 0x00000020 // Trust is in ternal to this forest
#define TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL 0x00000040 // Trust is to be treated as external for trust boundary purposes #define TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL 0x00000040 // Trust is to be treated as external for trust boundary purposes
#if (_WIN32_WINNT >= 0x0600) #if (_WIN32_WINNT >= 0x0600)
#define TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION 0x00000080 // MIT trust w ith RC4 #define TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION 0x00000080 // MIT trust w ith RC4
#define TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS 0x00000100 // Use AES key s to encrypte KRB TGTs #define TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS 0x00000100 // Use AES key s to encrypte KRB TGTs
#endif #endif
#if (_WIN32_WINNT >= 0x0602) #if (_WIN32_WINNT >= 0x0602)
#define TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION 0x00000200 // do n ot forward TGT to the other side of the trust which is not part of this enterpri se #define TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION 0x00000200 // do n ot forward TGT to the other side of the trust which is not part of this enterpri se
#define TRUST_ATTRIBUTE_PIM_TRUST 0x00000400 // Outgoing tr ust to a PIM forest.
#endif #endif
// Trust attributes 0x00000040 through 0x00200000 are reserved for future use // Trust attributes 0x00000040 through 0x00200000 are reserved for future use
#else #else
// Trust attributes 0x00000010 through 0x00200000 are reserved for future use // Trust attributes 0x00000010 through 0x00200000 are reserved for future use
#endif #endif
// Trust attributes 0x00400000 through 0x00800000 were used previously (up to W2 K) and should not be re-used // Trust attributes 0x00400000 through 0x00800000 were used previously (up to W2 K) and should not be re-used
// Trust attributes 0x01000000 through 0x80000000 are reserved for user // Trust attributes 0x01000000 through 0x80000000 are reserved for user
#define TRUST_ATTRIBUTES_VALID 0xFF03FFFF #define TRUST_ATTRIBUTES_VALID 0xFF03FFFF
#endif #endif
#define TRUST_ATTRIBUTES_USER 0xFF000000 #define TRUST_ATTRIBUTES_USER 0xFF000000
skipping to change at line 3858 skipping to change at line 3911
// //
// check if current user is protected user // check if current user is protected user
// //
NTSTATUS NTSTATUS
SeciIsProtectedUser( SeciIsProtectedUser(
__out PBOOLEAN ProtectedUser __out PBOOLEAN ProtectedUser
); );
#if _MSC_VER >= 1200
#pragma warning(pop)
#endif
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#undef SIZE_IS #undef SIZE_IS
#undef SWITCH_IS #undef SWITCH_IS
#undef SWITCH_TYPE #undef SWITCH_TYPE
#undef CASE #undef CASE
#undef RANGE #undef RANGE
#undef VAR_SIZE_ARRAY #undef VAR_SIZE_ARRAY
 End of changes. 10 change blocks. 
4 lines changed or deleted 64 lines changed or added


 secext.h (6.3.9600.17415-Windows 8.1)   secext.h (10.0.10586.0-Windows 10 1511 10586.494) 
skipping to change at line 24 skipping to change at line 24
// //
//------------------------------------------------------------------------ //------------------------------------------------------------------------
#ifndef __SECEXT_H__ #ifndef __SECEXT_H__
#define __SECEXT_H__ #define __SECEXT_H__
#if _MSC_VER > 1000 #if _MSC_VER > 1000
#pragma once #pragma once
#endif #endif
#include <winapifamily.h> #include <winapifamily.h>
#pragma region Desktop Family #pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) #if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
// //
// Extended Name APIs for ADS // Extended Name APIs for ADS
// //
typedef enum typedef enum
skipping to change at line 131 skipping to change at line 131
_Out_writes_to_opt_(*nSize,*nSize) LPWSTR lpNameBuffer, _Out_writes_to_opt_(*nSize,*nSize) LPWSTR lpNameBuffer,
_Inout_ PULONG nSize _Inout_ PULONG nSize
); );
#ifdef UNICODE #ifdef UNICODE
#define GetUserNameEx GetUserNameExW #define GetUserNameEx GetUserNameExW
#else #else
#define GetUserNameEx GetUserNameExA #define GetUserNameEx GetUserNameExA
#endif #endif
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY
STEM) */
#pragma endregion
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
BOOLEAN BOOLEAN
SEC_ENTRY SEC_ENTRY
GetComputerObjectNameA( GetComputerObjectNameA(
_In_ EXTENDED_NAME_FORMAT NameFormat, _In_ EXTENDED_NAME_FORMAT NameFormat,
_Out_writes_to_opt_(*nSize,*nSize) LPSTR lpNameBuffer, _Out_writes_to_opt_(*nSize,*nSize) LPSTR lpNameBuffer,
_Inout_ PULONG nSize _Inout_ PULONG nSize
); );
BOOLEAN BOOLEAN
SEC_ENTRY SEC_ENTRY
GetComputerObjectNameW( GetComputerObjectNameW(
skipping to change at line 176 skipping to change at line 182
_In_ EXTENDED_NAME_FORMAT DesiredNameFormat, _In_ EXTENDED_NAME_FORMAT DesiredNameFormat,
_Out_writes_to_opt_(*nSize,*nSize) LPWSTR lpTranslatedName, _Out_writes_to_opt_(*nSize,*nSize) LPWSTR lpTranslatedName,
_Inout_ PULONG nSize _Inout_ PULONG nSize
); );
#ifdef UNICODE #ifdef UNICODE
#define TranslateName TranslateNameW #define TranslateName TranslateNameW
#else #else
#define TranslateName TranslateNameA #define TranslateName TranslateNameA
#endif #endif
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion
#pragma region Desktop or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */ #endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY STEM) */
#pragma endregion #pragma endregion
#endif // __SECEXT_H__ #endif // __SECEXT_H__
 End of changes. 4 change blocks. 
3 lines changed or deleted 16 lines changed or added


 sspi.h (6.3.9600.17415-Windows 8.1)   sspi.h (10.0.10586.0-Windows 10 1511 10586.494) 
skipping to change at line 32 skipping to change at line 32
// end_ntifs // end_ntifs
#if _MSC_VER > 1000 #if _MSC_VER > 1000
#pragma once #pragma once
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#pragma region Desktop Family #pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) #if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
// //
// Determine environment: // Determine environment:
// //
#ifdef SECURITY_WIN32 #ifdef SECURITY_WIN32
#define ISSP_LEVEL 32 #define ISSP_LEVEL 32
#define ISSP_MODE 1 #define ISSP_MODE 1
#endif // SECURITY_WIN32 #endif // SECURITY_WIN32
skipping to change at line 287 skipping to change at line 287
#define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000 // Package can deleg ate #define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000 // Package can deleg ate
#define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000 // Package supports restricted callers #define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000 // Package supports restricted callers
#define SECPKG_FLAG_NEGO_EXTENDER 0x00100000 // this package exte nds SPNEGO, there is at most one #define SECPKG_FLAG_NEGO_EXTENDER 0x00100000 // this package exte nds SPNEGO, there is at most one
#define SECPKG_FLAG_NEGOTIABLE2 0x00200000 // this package is n egotiated under the NegoExtender #define SECPKG_FLAG_NEGOTIABLE2 0x00200000 // this package is n egotiated under the NegoExtender
#define SECPKG_FLAG_APPCONTAINER_PASSTHROUGH 0x00400000 // this package rece ives all calls from appcontainer apps #define SECPKG_FLAG_APPCONTAINER_PASSTHROUGH 0x00400000 // this package rece ives all calls from appcontainer apps
#define SECPKG_FLAG_APPCONTAINER_CHECKS 0x00800000 // this package rece ives calls from appcontainer apps #define SECPKG_FLAG_APPCONTAINER_CHECKS 0x00800000 // this package rece ives calls from appcontainer apps
// if the following checks succeed // if the following checks succeed
// 1. Caller has dom ain auth capability or // 1. Caller has dom ain auth capability or
// 2. Target is a pr oxy server or // 2. Target is a pr oxy server or
// 3. The caller has supplied creds // 3. The caller has supplied creds
#define SECPKG_FLAG_CREDENTIAL_ISOLATION_ENABLED 0x01000000 // this package is r unning with Credential Guard enabled
#define SECPKG_ID_NONE 0xFFFF #define SECPKG_ID_NONE 0xFFFF
// //
// Extended Call Flags that currently contains // Extended Call Flags that currently contains
// Appcontainer related information about the caller. // Appcontainer related information about the caller.
// Packages can query for these // Packages can query for these
// via an LsaFunction GetExtendedCallFlags // via an LsaFunction GetExtendedCallFlags
// //
#define SECPKG_CALLFLAGS_APPCONTAINER 0x00000001 #define SECPKG_CALLFLAGS_APPCONTAINER 0x00000001
#define SECPKG_CALLFLAGS_APPCONTAINER_AUTHCAPABLE 0x00000002 #define SECPKG_CALLFLAGS_APPCONTAINER_AUTHCAPABLE 0x00000002
#define SECPKG_CALLFLAGS_FORCE_SUPPLIED 0x00000004 #define SECPKG_CALLFLAGS_FORCE_SUPPLIED 0x00000004
#define SECPKG_CALLFLAGS_APPCONTAINER_UPNCAPABLE 0x00000008
// //
// SecBuffer // SecBuffer
// //
// Generic memory descriptors for buffers passed in to the security // Generic memory descriptors for buffers passed in to the security
// API // API
// //
typedef struct _SecBuffer { typedef struct _SecBuffer {
unsigned long cbBuffer; // Size of the buffer, in bytes unsigned long cbBuffer; // Size of the buffer, in bytes
skipping to change at line 348 skipping to change at line 350
#define SECBUFFER_PADDING 9 // non-data padding #define SECBUFFER_PADDING 9 // non-data padding
#define SECBUFFER_STREAM 10 // whole encrypted message #define SECBUFFER_STREAM 10 // whole encrypted message
#define SECBUFFER_MECHLIST 11 #define SECBUFFER_MECHLIST 11
#define SECBUFFER_MECHLIST_SIGNATURE 12 #define SECBUFFER_MECHLIST_SIGNATURE 12
#define SECBUFFER_TARGET 13 // obsolete #define SECBUFFER_TARGET 13 // obsolete
#define SECBUFFER_CHANNEL_BINDINGS 14 #define SECBUFFER_CHANNEL_BINDINGS 14
#define SECBUFFER_CHANGE_PASS_RESPONSE 15 #define SECBUFFER_CHANGE_PASS_RESPONSE 15
#define SECBUFFER_TARGET_HOST 16 #define SECBUFFER_TARGET_HOST 16
#define SECBUFFER_ALERT 17 #define SECBUFFER_ALERT 17
#define SECBUFFER_APPLICATION_PROTOCOLS 18 // Lists of application protocol IDs , one per negotiation extension #define SECBUFFER_APPLICATION_PROTOCOLS 18 // Lists of application protocol IDs , one per negotiation extension
#define SECBUFFER_SRTP_PROTECTION_PROFILES 19 // List of SRTP protection p
rofiles, in descending order of preference
#define SECBUFFER_SRTP_MASTER_KEY_IDENTIFIER 20 // SRTP master key identifie
r
#define SECBUFFER_TOKEN_BINDING 21 // Supported Token Binding p
rotocol version and key parameters
#define SECBUFFER_ATTRMASK 0xF0000000 #define SECBUFFER_ATTRMASK 0xF0000000
#define SECBUFFER_READONLY 0x80000000 // Buffer is read-on ly, no checksum #define SECBUFFER_READONLY 0x80000000 // Buffer is read-on ly, no checksum
#define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000 // Buffer is read-on ly, and checksummed #define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000 // Buffer is read-on ly, and checksummed
#define SECBUFFER_RESERVED 0x60000000 // Flags reserved to security system #define SECBUFFER_RESERVED 0x60000000 // Flags reserved to security system
typedef struct _SEC_NEGOTIATION_INFO { typedef struct _SEC_NEGOTIATION_INFO {
unsigned long Size; // Size of this structure unsigned long Size; // Size of this structure
unsigned long NameLength; // Length of name hint unsigned long NameLength; // Length of name hint
SEC_WCHAR * Name; // Name hint SEC_WCHAR * Name; // Name hint
skipping to change at line 390 skipping to change at line 395
SEC_APPLICATION_PROTOCOL_NEGOTIATION_EXT ProtoNegoExt; // Protocol negotiati on extension type to use with this list of protocols SEC_APPLICATION_PROTOCOL_NEGOTIATION_EXT ProtoNegoExt; // Protocol negotiati on extension type to use with this list of protocols
unsigned short ProtocolListSize; // Size in bytes of t he protocol ID list unsigned short ProtocolListSize; // Size in bytes of t he protocol ID list
unsigned char ProtocolList[ANYSIZE_ARRAY]; // 8-bit length-prefi xed application protocol IDs, most preferred first unsigned char ProtocolList[ANYSIZE_ARRAY]; // 8-bit length-prefi xed application protocol IDs, most preferred first
} SEC_APPLICATION_PROTOCOL_LIST, *PSEC_APPLICATION_PROTOCOL_LIST; } SEC_APPLICATION_PROTOCOL_LIST, *PSEC_APPLICATION_PROTOCOL_LIST;
typedef struct _SEC_APPLICATION_PROTOCOLS { typedef struct _SEC_APPLICATION_PROTOCOLS {
unsigned long ProtocolListsSize; // Size in bytes of the protocol ID lists array unsigned long ProtocolListsSize; // Size in bytes of the protocol ID lists array
SEC_APPLICATION_PROTOCOL_LIST ProtocolLists[ANYSIZE_ARRAY]; // Array of prot ocol ID lists SEC_APPLICATION_PROTOCOL_LIST ProtocolLists[ANYSIZE_ARRAY]; // Array of prot ocol ID lists
} SEC_APPLICATION_PROTOCOLS, *PSEC_APPLICATION_PROTOCOLS; } SEC_APPLICATION_PROTOCOLS, *PSEC_APPLICATION_PROTOCOLS;
typedef struct _SEC_SRTP_PROTECTION_PROFILES {
unsigned short ProfilesSize; // Size in bytes of the SRTP pro
tection profiles array
unsigned short ProfilesList[ANYSIZE_ARRAY]; // Array of SRTP protection prof
iles
} SEC_SRTP_PROTECTION_PROFILES, *PSEC_SRTP_PROTECTION_PROFILES;
typedef struct _SEC_SRTP_MASTER_KEY_IDENTIFIER {
unsigned char MasterKeyIdentifierSize; // Size in bytes of the S
RTP master key identifier
unsigned char MasterKeyIdentifier[ANYSIZE_ARRAY]; // SRTP master key identi
fier
} SEC_SRTP_MASTER_KEY_IDENTIFIER, *PSEC_SRTP_MASTER_KEY_IDENTIFIER;
typedef struct _SEC_TOKEN_BINDING {
unsigned char MajorVersion; // Supported major version of th
e Token Binding protocol
unsigned char MinorVersion; // Supported minor version of th
e Token Binding protocol
unsigned short KeyParametersSize; // Size in bytes of the Token Bi
nding key parameter IDs array
unsigned char KeyParameters[ANYSIZE_ARRAY]; // Token Binding key parameter I
Ds, most preferred first
} SEC_TOKEN_BINDING, *PSEC_TOKEN_BINDING;
// //
// Data Representation Constant: // Data Representation Constant:
// //
#define SECURITY_NATIVE_DREP 0x00000010 #define SECURITY_NATIVE_DREP 0x00000010
#define SECURITY_NETWORK_DREP 0x00000000 #define SECURITY_NETWORK_DREP 0x00000000
// //
// Credential Use Flags // Credential Use Flags
// //
#define SECPKG_CRED_INBOUND 0x00000001 #define SECPKG_CRED_INBOUND 0x00000001
skipping to change at line 687 skipping to change at line 709
#define SECPKG_ATTR_DTLS_MTU 34 #define SECPKG_ATTR_DTLS_MTU 34
#define SECPKG_ATTR_DATAGRAM_SIZES SECPKG_ATTR_STREAM_SIZES #define SECPKG_ATTR_DATAGRAM_SIZES SECPKG_ATTR_STREAM_SIZES
#define SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES 128 #define SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES 128
// //
// win8.1 or greater // win8.1 or greater
// //
#define SECPKG_ATTR_APPLICATION_PROTOCOL 35 #define SECPKG_ATTR_APPLICATION_PROTOCOL 35
//
// win10 or greater
//
#define SECPKG_ATTR_NEGOTIATED_TLS_EXTENSIONS 36
#define SECPKG_ATTR_IS_LOOPBACK 37 // indicates authentication to localhost
typedef struct _SecPkgContext_SubjectAttributes { typedef struct _SecPkgContext_SubjectAttributes {
void* AttributeInfo; // contains a PAUTHZ_SECURITY_ATTRIBUTES_INFORMATION st ructure void* AttributeInfo; // contains a PAUTHZ_SECURITY_ATTRIBUTES_INFORMATION st ructure
} SecPkgContext_SubjectAttributes, *PSecPkgContext_SubjectAttributes; } SecPkgContext_SubjectAttributes, *PSecPkgContext_SubjectAttributes;
#define SECPKG_ATTR_NEGO_INFO_FLAG_NO_KERBEROS 0x1 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_KERBEROS 0x1
#define SECPKG_ATTR_NEGO_INFO_FLAG_NO_NTLM 0x2 #define SECPKG_ATTR_NEGO_INFO_FLAG_NO_NTLM 0x2
// //
// types of credentials, used by SECPKG_ATTR_PROMPTING_NEEDED // types of credentials, used by SECPKG_ATTR_PROMPTING_NEEDED
// //
skipping to change at line 1060 skipping to change at line 1088
#define MAX_PROTOCOL_ID_SIZE 0xff #define MAX_PROTOCOL_ID_SIZE 0xff
typedef struct _SecPkgContext_ApplicationProtocol typedef struct _SecPkgContext_ApplicationProtocol
{ {
SEC_APPLICATION_PROTOCOL_NEGOTIATION_STATUS ProtoNegoStatus; // Application protocol negotiation status SEC_APPLICATION_PROTOCOL_NEGOTIATION_STATUS ProtoNegoStatus; // Application protocol negotiation status
SEC_APPLICATION_PROTOCOL_NEGOTIATION_EXT ProtoNegoExt; // Protocol neg otiation extension type corresponding to this protocol ID SEC_APPLICATION_PROTOCOL_NEGOTIATION_EXT ProtoNegoExt; // Protocol neg otiation extension type corresponding to this protocol ID
unsigned char ProtocolIdSize; // Size in byte s of the application protocol ID unsigned char ProtocolIdSize; // Size in byte s of the application protocol ID
unsigned char ProtocolId[MAX_PROTOCOL_ID_SIZE]; // Byte string representing the negotiated application protocol ID unsigned char ProtocolId[MAX_PROTOCOL_ID_SIZE]; // Byte string representing the negotiated application protocol ID
} SecPkgContext_ApplicationProtocol, *PSecPkgContext_ApplicationProtocol; } SecPkgContext_ApplicationProtocol, *PSecPkgContext_ApplicationProtocol;
typedef struct _SecPkgContext_NegotiatedTlsExtensions
{
unsigned long ExtensionsCount; // Number of ne
gotiated TLS extensions.
_Field_size_(ExtensionsCount) unsigned short * Extensions; // Pointer to a
rray of 2-byte TLS extension IDs (allocated by IANA).
} SecPkgContext_NegotiatedTlsExtensions, * PSecPkgContext_NegotiatedTlsExtension
s;
// begin_ntifs // begin_ntifs
typedef void typedef void
(SEC_ENTRY * SEC_GET_KEY_FN) ( (SEC_ENTRY * SEC_GET_KEY_FN) (
void * Arg, // Argument passed in void * Arg, // Argument passed in
void * Principal, // Principal ID void * Principal, // Principal ID
unsigned long KeyVer, // Key Version unsigned long KeyVer, // Key Version
void * * Key, // Returned ptr to key void * * Key, // Returned ptr to key
SECURITY_STATUS * Status // returned status SECURITY_STATUS * Status // returned status
); );
skipping to change at line 1228 skipping to change at line 1262
PTimeStamp); PTimeStamp);
#ifdef UNICODE #ifdef UNICODE
#define AddCredentials AddCredentialsW #define AddCredentials AddCredentialsW
#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W
#else #else
#define AddCredentials AddCredentialsA #define AddCredentials AddCredentialsA
#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A #define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A
#endif #endif
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY
STEM) */
#pragma endregion
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
////////////////////////////////////////////////////////////////////////
///
/// Asynchronous interface. Kernel-only (for now).
///
////////////////////////////////////////////////////////////////////////
#if ISSP_MODE == 0 // For Kernel mode
typedef struct _SspiAsyncContext SspiAsyncContext;
//
// Callback used for notifying completion of an async SSPI call.
//
typedef void (*SspiAsyncNotifyCallback)(
_In_ SspiAsyncContext* Handle,
_In_opt_ PVOID CallbackData
);
//
// Return a newly initialized context.
//
SspiAsyncContext* SspiCreateAsyncContext();
//
// Free up a context.
//
void SspiFreeAsyncContext(
_In_opt_ SspiAsyncContext* Handle
);
//
// Mark an async context for reuse. Only the context state is altered.
// Client notification info, such as callback, is left alone
//
// If the context is invalid or currently in use, an error will be returned.
//
NTSTATUS SspiReinitAsyncContext(
_Inout_ SspiAsyncContext* Handle
);
//
// Installs a callback which will be notified on async call completion.
//
SECURITY_STATUS SspiSetAsyncNotifyCallback(
_In_ SspiAsyncContext* Context,
_In_ SspiAsyncNotifyCallback Callback,
_In_opt_ void* CallbackData
);
//
// Determines if the given async context requires notification on completion
// of the call.
//
BOOLEAN SspiAsyncContextRequiresNotify(
_In_ SspiAsyncContext* AsyncContext
);
//
// Gets the current status of an async call. Until the call is completed,
// status will be SEC_I_ASYNC_CALL_PENDING.
//
SECURITY_STATUS SspiGetAsyncCallStatus(
_In_ SspiAsyncContext* Handle
);
SECURITY_STATUS SspiAcquireCredentialsHandleAsyncW(
_Inout_ SspiAsyncContext* AsyncContext,
#if ISSP_MODE == 0
_In_opt_ PSECURITY_STRING pszPrincipal, // Name of principal
_In_ PSECURITY_STRING pszPackage, // Name of package
#else
_In_opt_ LPWSTR pszPrincipal, // Name of principal
_In_ LPWSTR pszPackage, // Name of package
#endif
_In_ unsigned long fCredentialUse, // Flags indicating use
_In_opt_ void * pvLogonId, // Pointer to logon ID
_In_opt_ void * pAuthData, // Package specific data
_In_opt_ SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() f
unc
_In_opt_ void * pvGetKeyArgument, // Value to pass to GetK
ey()
_In_ PCredHandle phCredential, // (out) Cred Handle
_In_opt_ PTimeStamp ptsExpiry // (out) Lifetime (optio
nal)
);
SECURITY_STATUS SspiAcquireCredentialsHandleAsyncA(
_Inout_ SspiAsyncContext* AsyncContext,
_In_opt_ LPSTR pszPrincipal, // Name of principal
_In_ LPSTR pszPackage, // Name of package
_In_ unsigned long fCredentialUse, // Flags indicating use
_In_opt_ void * pvLogonId, // Pointer to logon ID
_In_opt_ void * pAuthData, // Package specific data
_In_opt_ SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() f
unc
_In_opt_ void * pvGetKeyArgument, // Value to pass to GetK
ey()
_In_ PCredHandle phCredential, // (out) Cred Handle
_In_opt_ PTimeStamp ptsExpiry // (out) Lifetime (optio
nal)
);
SECURITY_STATUS SspiInitializeSecurityContextAsyncW(
_Inout_ SspiAsyncContext* AsyncContext,
_In_opt_ PCredHandle phCredential, // Cred to base context
_In_opt_ PCtxtHandle phContext, // Existing context (OPT
)
#if ISSP_MODE == 0
_In_opt_ PSECURITY_STRING pszTargetName, // Name of target
#else
_In_opt_ LPWSTR pszTargetName, // Name of target
#endif
_In_ unsigned long fContextReq, // Context Requirements
_In_ unsigned long Reserved1, // Reserved, MBZ
_In_ unsigned long TargetDataRep, // Data rep of target
_In_opt_ PSecBufferDesc pInput, // Input Buffers
_In_ unsigned long Reserved2, // Reserved, MBZ
_In_opt_ PCtxtHandle phNewContext, // (out) New Context han
dle
_In_opt_ PSecBufferDesc pOutput, // (inout) Output Buffer
s
_In_ unsigned long * pfContextAttr, // (out) Context attrs
_In_opt_ PTimeStamp ptsExpiry // (out) Life span (OPT)
);
SECURITY_STATUS SspiInitializeSecurityContextAsyncA(
_Inout_ SspiAsyncContext* AsyncContext,
_In_opt_ PCredHandle phCredential, // Cred to base context
_In_opt_ PCtxtHandle phContext, // Existing context (OPT
)
_In_opt_ LPSTR pszTargetName, // Name of target
_In_ unsigned long fContextReq, // Context Requirements
_In_ unsigned long Reserved1, // Reserved, MBZ
_In_ unsigned long TargetDataRep, // Data rep of target
_In_opt_ PSecBufferDesc pInput, // Input Buffers
_In_ unsigned long Reserved2, // Reserved, MBZ
_In_opt_ PCtxtHandle phNewContext, // (out) New Context han
dle
_In_opt_ PSecBufferDesc pOutput, // (inout) Output Buffer
s
_In_ unsigned long * pfContextAttr, // (out) Context attrs
_In_opt_ PTimeStamp ptsExpiry // (out) Life span (OPT)
);
SECURITY_STATUS SspiAcceptSecurityContextAsync(
_Inout_ SspiAsyncContext* AsyncContext,
_In_opt_ PCredHandle phCredential, // Cred to base context
_In_opt_ PCtxtHandle phContext, // Existing context (OPT)
_In_opt_ PSecBufferDesc pInput, // Input buffer
_In_ unsigned long fContextReq, // Context Requirements
_In_ unsigned long TargetDataRep, // Target Data Rep
_In_opt_ PCtxtHandle phNewContext, // (out) New context handl
e
_In_opt_ PSecBufferDesc pOutput, // (inout) Output buffers
_In_ unsigned long* pfContextAttr, // (out) Context attribute
s
_In_opt_ PTimeStamp ptsExpiry // (out) Life span (OPT)
);
SECURITY_STATUS SspiFreeCredentialsHandleAsync(
_Inout_ SspiAsyncContext* AsyncContext,
_In_ PCredHandle phCredential // Handle to free
);
SECURITY_STATUS SspiDeleteSecurityContextAsync(
_Inout_ SspiAsyncContext* AsyncContext,
_In_ PCtxtHandle phContext // Context to delete
);
#ifdef UNICODE
# define SspiAcquireCredentialsHandleAsync SspiAcquireCredentialsHandleAsyncW
# define SspiInitializeSecurityContextAsync SspiInitializeSecurityContextAsyn
cW
#else
# define SspiAcquireCredentialsHandleAsync SspiAcquireCredentialsHandleAsyncA
# define SspiInitializeSecurityContextAsync SspiInitializeSecurityContextAsyn
c
#endif
#endif
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
//////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////
/// ///
/// Password Change Functions /// Password Change Functions
/// ///
//////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////
#if ISSP_MODE != 0 #if ISSP_MODE != 0
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
ChangeAccountPasswordW( ChangeAccountPasswordW(
skipping to change at line 1487 skipping to change at line 1698
_In_ unsigned long ulAttribute, // Attribute to query _In_ unsigned long ulAttribute, // Attribute to query
_Out_ void * pBuffer // Buffer for attributes _Out_ void * pBuffer // Buffer for attributes
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)( (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)(
PCtxtHandle, PCtxtHandle,
unsigned long, unsigned long,
void *); void *);
SECURITY_STATUS SEC_ENTRY
QueryContextAttributesExW(
_In_ PCtxtHandle phContext, // Context to query
_In_ unsigned long ulAttribute, // Attribute to query
_Out_writes_bytes_(cbBuffer) void * pBuffer, // Buffer for attributes
_In_ unsigned long cbBuffer // Length of buffer
);
typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_EX_FN_W)(
PCtxtHandle,
unsigned long,
void *,
unsigned long);
// end_ntifs // end_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
QueryContextAttributesA( QueryContextAttributesA(
_In_ PCtxtHandle phContext, // Context to query _In_ PCtxtHandle phContext, // Context to query
_In_ unsigned long ulAttribute, // Attribute to query _In_ unsigned long ulAttribute, // Attribute to query
_Out_ void * pBuffer // Buffer for attributes _Out_ void * pBuffer // Buffer for attributes
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_A)( (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_A)(
PCtxtHandle, PCtxtHandle,
unsigned long, unsigned long,
void *); void *);
SECURITY_STATUS SEC_ENTRY
QueryContextAttributesExA(
_In_ PCtxtHandle phContext, // Context to query
_In_ unsigned long ulAttribute, // Attribute to query
_Out_writes_bytes_(cbBuffer) void * pBuffer, // Buffer for attributes
_In_ unsigned long cbBuffer // Length of buffer
);
typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_EX_FN_A)(
PCtxtHandle,
unsigned long,
void *,
unsigned long);
#ifdef UNICODE #ifdef UNICODE
# define QueryContextAttributes QueryContextAttributesW // ntifs # define QueryContextAttributes QueryContextAttributesW // ntifs
# define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W // ntifs # define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W // ntifs
# define QueryContextAttributesEx QueryContextAttributesExW // ntifs
# define QUERY_CONTEXT_ATTRIBUTES_EX_FN QUERY_CONTEXT_ATTRIBUTES_EX_FN_W // nti
fs
#else #else
# define QueryContextAttributes QueryContextAttributesA # define QueryContextAttributes QueryContextAttributesA
# define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_A # define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_A
# define QueryContextAttributesEx QueryContextAttributesExA
# define QUERY_CONTEXT_ATTRIBUTES_EX_FN QUERY_CONTEXT_ATTRIBUTES_EX_FN_A
#endif // !UNICODE #endif // !UNICODE
// begin_ntifs // begin_ntifs
#if (OSVER(NTDDI_VERSION) > NTDDI_WIN2K) #if (OSVER(NTDDI_VERSION) > NTDDI_WIN2K)
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
SetContextAttributesW( SetContextAttributesW(
_In_ PCtxtHandle phContext, // Context to Set _In_ PCtxtHandle phContext, // Context to Set
_In_ unsigned long ulAttribute, // Attribute to Set _In_ unsigned long ulAttribute, // Attribute to Set
skipping to change at line 1572 skipping to change at line 1817
_In_ unsigned long ulAttribute, // Attribute to query _In_ unsigned long ulAttribute, // Attribute to query
_Inout_ void * pBuffer // Buffer for attributes _Inout_ void * pBuffer // Buffer for attributes
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)( (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(
PCredHandle, PCredHandle,
unsigned long, unsigned long,
void *); void *);
SECURITY_STATUS SEC_ENTRY
QueryCredentialsAttributesExW(
_In_ PCredHandle phCredential, // Credential to query
_In_ unsigned long ulAttribute, // Attribute to query
_Inout_updates_bytes_(cbBuffer) void * pBuffer, // Buffer for attributes
_In_ unsigned long cbBuffer // Length of buffer
);
typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_EX_FN_W)(
PCredHandle,
unsigned long,
void *,
unsigned long);
// end_ntifs // end_ntifs
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
QueryCredentialsAttributesA( QueryCredentialsAttributesA(
_In_ PCredHandle phCredential, // Credential to query _In_ PCredHandle phCredential, // Credential to query
_In_ unsigned long ulAttribute, // Attribute to query _In_ unsigned long ulAttribute, // Attribute to query
_Inout_ void * pBuffer // Buffer for attributes _Inout_ void * pBuffer // Buffer for attributes
); );
typedef SECURITY_STATUS typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_A)( (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(
PCredHandle, PCredHandle,
unsigned long, unsigned long,
void *); void *);
SECURITY_STATUS SEC_ENTRY
QueryCredentialsAttributesExA(
_In_ PCredHandle phCredential, // Credential to query
_In_ unsigned long ulAttribute, // Attribute to query
_Inout_updates_bytes_(cbBuffer) void * pBuffer, // Buffer for attributes
_In_ unsigned long cbBuffer // Length of buffer
);
typedef SECURITY_STATUS
(SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_EX_FN_A)(
PCredHandle,
unsigned long,
void *,
unsigned long);
#ifdef UNICODE #ifdef UNICODE
# define QueryCredentialsAttributes QueryCredentialsAttributesW // n tifs # define QueryCredentialsAttributes QueryCredentialsAttributesW // n tifs
# define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W // n tifs # define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W // n tifs
# define QueryCredentialsAttributesEx QueryCredentialsAttributesExW // n
tifs
# define QUERY_CREDENTIALS_ATTRIBUTES_EX_FN QUERY_CREDENTIALS_ATTRIBUTES_EX_FN_
W // ntifs
#else #else
# define QueryCredentialsAttributes QueryCredentialsAttributesA # define QueryCredentialsAttributes QueryCredentialsAttributesA
# define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_A # define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_A
# define QueryCredentialsAttributesEx QueryCredentialsAttributesExA
# define QUERY_CREDENTIALS_ATTRIBUTES_EX_FN QUERY_CREDENTIALS_ATTRIBUTES_EX_FN_
A
#endif // !UNICODE #endif // !UNICODE
// begin_ntifs // begin_ntifs
#if NTDDI_VERSION > NTDDI_WS03 #if NTDDI_VERSION > NTDDI_WS03
KSECDDDECLSPEC KSECDDDECLSPEC
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
SetCredentialsAttributesW( SetCredentialsAttributesW(
_In_ PCredHandle phCredential, // Credential to Set _In_ PCredHandle phCredential, // Credential to Set
skipping to change at line 1805 skipping to change at line 2084
PSecPkgInfoA *); PSecPkgInfoA *);
#ifdef UNICODE #ifdef UNICODE
# define QuerySecurityPackageInfo QuerySecurityPackageInfoW // n tifs # define QuerySecurityPackageInfo QuerySecurityPackageInfoW // n tifs
# define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W // n tifs # define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W // n tifs
#else #else
# define QuerySecurityPackageInfo QuerySecurityPackageInfoA # define QuerySecurityPackageInfo QuerySecurityPackageInfoA
# define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_A # define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_A
#endif // !UNICODE #endif // !UNICODE
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY
STEM) */
#pragma endregion
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
typedef enum _SecDelegationType { typedef enum _SecDelegationType {
SecFull, SecFull,
SecService, SecService,
SecTree, SecTree,
SecDirectory, SecDirectory,
SecObject SecObject
} SecDelegationType, * PSecDelegationType; } SecDelegationType, * PSecDelegationType;
SECURITY_STATUS SEC_ENTRY SECURITY_STATUS SEC_ENTRY
DelegateSecurityContext( DelegateSecurityContext(
skipping to change at line 1826 skipping to change at line 2111
#if ISSP_MODE == 0 #if ISSP_MODE == 0
PSECURITY_STRING pTarget, // IN Target path PSECURITY_STRING pTarget, // IN Target path
#else #else
_In_ LPSTR pszTarget, _In_ LPSTR pszTarget,
#endif #endif
SecDelegationType DelegationType, // IN Type of delegation SecDelegationType DelegationType, // IN Type of delegation
PTimeStamp pExpiry, // IN OPTIONAL time limit PTimeStamp pExpiry, // IN OPTIONAL time limit
PSecBuffer pPackageParameters, // IN OPTIONAL package specific PSecBuffer pPackageParameters, // IN OPTIONAL package specific
PSecBufferDesc pOutput); // OUT Token for applycontroltoken. PSecBufferDesc pOutput); // OUT Token for applycontroltoken.
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
//// ////
//// Proxies //// Proxies
//// ////
/////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////
// //
// Proxies are only available on NT platforms // Proxies are only available on NT platforms
// //
skipping to change at line 1911 skipping to change at line 2202
); );
#ifdef UNICODE #ifdef UNICODE
# define ImportSecurityContext ImportSecurityContextW // ntifs # define ImportSecurityContext ImportSecurityContextW // ntifs
# define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W // ntifs # define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W // ntifs
#else #else
# define ImportSecurityContext ImportSecurityContextA # define ImportSecurityContext ImportSecurityContextA
# define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_A # define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_A
#endif // !UNICODE #endif // !UNICODE
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY
STEM) */
#pragma endregion
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
// begin_ntifs // begin_ntifs
#if ISSP_MODE == 0 #if ISSP_MODE == 0
KSECDDDECLSPEC KSECDDDECLSPEC
NTSTATUS NTSTATUS
NTAPI NTAPI
SecMakeSPN( SecMakeSPN(
IN PUNICODE_STRING ServiceClass, IN PUNICODE_STRING ServiceClass,
IN PUNICODE_STRING ServiceName, IN PUNICODE_STRING ServiceName,
IN PUNICODE_STRING InstanceName OPTIONAL, IN PUNICODE_STRING InstanceName OPTIONAL,
skipping to change at line 2009 skipping to change at line 2306
_In_ ULONG SidBufferSize, _In_ ULONG SidBufferSize,
_Inout_opt_ PULONG SidSize OPTIONAL _Inout_opt_ PULONG SidSize OPTIONAL
); );
#endif // Greater than XP #endif // Greater than XP
#endif #endif
// end_ntifs // end_ntifs
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
//// ////
//// Fast access for RPC: //// Fast access for RPC:
//// ////
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
#define SECURITY_ENTRYPOINT_ANSIW "InitSecurityInterfaceW" #define SECURITY_ENTRYPOINT_ANSIW "InitSecurityInterfaceW"
#define SECURITY_ENTRYPOINT_ANSIA "InitSecurityInterfaceA" #define SECURITY_ENTRYPOINT_ANSIA "InitSecurityInterfaceA"
#define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW") // ntifs #define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW") // ntifs
#define SECURITY_ENTRYPOINTA SEC_TEXT("InitSecurityInterfaceA") #define SECURITY_ENTRYPOINTA SEC_TEXT("InitSecurityInterfaceA")
skipping to change at line 2080 skipping to change at line 2383
#if NTDDI_VERSION > NTDDI_WS03SP1 #if NTDDI_VERSION > NTDDI_WS03SP1
// Fields below this are available in OSes after W2k3SP1 // Fields below this are available in OSes after W2k3SP1
SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW; SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW;
#endif #endif
#if ISSP_MODE != 0 #if ISSP_MODE != 0
CHANGE_PASSWORD_FN_W ChangeAccountPasswordW; CHANGE_PASSWORD_FN_W ChangeAccountPasswordW;
#else #else
void * Reserved9; void * Reserved9;
#endif #endif
#if NTDDI_VERSION > NTDDI_WINBLUE
// Fields below this are available in OSes after Windows 8.1
QUERY_CONTEXT_ATTRIBUTES_EX_FN_W QueryContextAttributesExW;
QUERY_CREDENTIALS_ATTRIBUTES_EX_FN_W QueryCredentialsAttributesExW;
#endif
} SecurityFunctionTableW, * PSecurityFunctionTableW; } SecurityFunctionTableW, * PSecurityFunctionTableW;
// end_ntifs // end_ntifs
typedef struct _SECURITY_FUNCTION_TABLE_A { typedef struct _SECURITY_FUNCTION_TABLE_A {
unsigned long dwVersion; unsigned long dwVersion;
ENUMERATE_SECURITY_PACKAGES_FN_A EnumerateSecurityPackagesA; ENUMERATE_SECURITY_PACKAGES_FN_A EnumerateSecurityPackagesA;
QUERY_CREDENTIALS_ATTRIBUTES_FN_A QueryCredentialsAttributesA; QUERY_CREDENTIALS_ATTRIBUTES_FN_A QueryCredentialsAttributesA;
ACQUIRE_CREDENTIALS_HANDLE_FN_A AcquireCredentialsHandleA; ACQUIRE_CREDENTIALS_HANDLE_FN_A AcquireCredentialsHandleA;
FREE_CREDENTIALS_HANDLE_FN FreeCredentialHandle; FREE_CREDENTIALS_HANDLE_FN FreeCredentialHandle;
skipping to change at line 2119 skipping to change at line 2427
QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken; QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
ENCRYPT_MESSAGE_FN EncryptMessage; ENCRYPT_MESSAGE_FN EncryptMessage;
DECRYPT_MESSAGE_FN DecryptMessage; DECRYPT_MESSAGE_FN DecryptMessage;
SET_CONTEXT_ATTRIBUTES_FN_A SetContextAttributesA; SET_CONTEXT_ATTRIBUTES_FN_A SetContextAttributesA;
SET_CREDENTIALS_ATTRIBUTES_FN_A SetCredentialsAttributesA; SET_CREDENTIALS_ATTRIBUTES_FN_A SetCredentialsAttributesA;
#if ISSP_MODE != 0 #if ISSP_MODE != 0
CHANGE_PASSWORD_FN_A ChangeAccountPasswordA; CHANGE_PASSWORD_FN_A ChangeAccountPasswordA;
#else #else
void * Reserved9; void * Reserved9;
#endif #endif
#if NTDDI_VERSION > NTDDI_WINBLUE
// Fields below this are available in OSes after Windows 8.1
QUERY_CONTEXT_ATTRIBUTES_EX_FN_A QueryContextAttributesExA;
QUERY_CREDENTIALS_ATTRIBUTES_EX_FN_A QueryCredentialsAttributesExA;
#endif
} SecurityFunctionTableA, * PSecurityFunctionTableA; } SecurityFunctionTableA, * PSecurityFunctionTableA;
#ifdef UNICODE #ifdef UNICODE
# define SecurityFunctionTable SecurityFunctionTableW // ntifs # define SecurityFunctionTable SecurityFunctionTableW // ntifs
# define PSecurityFunctionTable PSecurityFunctionTableW // ntifs # define PSecurityFunctionTable PSecurityFunctionTableW // ntifs
#else #else
# define SecurityFunctionTable SecurityFunctionTableA # define SecurityFunctionTable SecurityFunctionTableA
# define PSecurityFunctionTable PSecurityFunctionTableA # define PSecurityFunctionTable PSecurityFunctionTableA
#endif // !UNICODE #endif // !UNICODE
skipping to change at line 2143 skipping to change at line 2456
// Function table has all routines through SetContextAttributes // Function table has all routines through SetContextAttributes
#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 2 // ntifs #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 2 // ntifs
// Function table has all routines through SetCredentialsAttributes // Function table has all routines through SetCredentialsAttributes
#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 3 // ntifs #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 3 // ntifs
// Function table has all routines through ChangeAccountPassword // Function table has all routines through ChangeAccountPassword
#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 4 // ntifs #define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 4 // ntifs
// Function table has all routines through QueryCredentialsAttributesEx
#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_5 5 // ntifs
PSecurityFunctionTableA SEC_ENTRY PSecurityFunctionTableA SEC_ENTRY
InitSecurityInterfaceA( InitSecurityInterfaceA(
void void
); );
typedef PSecurityFunctionTableA typedef PSecurityFunctionTableA
(SEC_ENTRY * INIT_SECURITY_INTERFACE_A)(void); (SEC_ENTRY * INIT_SECURITY_INTERFACE_A)(void);
// begin_ntifs // begin_ntifs
skipping to change at line 2613 skipping to change at line 2929
#define SSPIPFC_CREDPROV_DO_NOT_LOAD 0x00000004 #define SSPIPFC_CREDPROV_DO_NOT_LOAD 0x00000004
// //
// Credential providers along with UI Dialog will be hosted in a separate // Credential providers along with UI Dialog will be hosted in a separate
// broker process. // broker process.
// //
#define SSPIPFC_USE_CREDUIBROKER 0x00000008 #define SSPIPFC_USE_CREDUIBROKER 0x00000008
#define SSPIPFC_VALID_FLAGS (SSPIPFC_CREDPROV_DO_NOT_SAVE | SSPIPFC_NO_CHECKBOX | SSPIPFC_CREDPROV_DO_NOT_LOAD | SSPIPFC_USE_CREDUIBROKER) #define SSPIPFC_VALID_FLAGS (SSPIPFC_CREDPROV_DO_NOT_SAVE | SSPIPFC_NO_CHECKBOX | SSPIPFC_CREDPROV_DO_NOT_LOAD | SSPIPFC_USE_CREDUIBROKER)
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY
STEM) */
#pragma endregion
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
#ifndef _SSPIPFC_NONE_ // the public view #ifndef _SSPIPFC_NONE_ // the public view
// Use SspiFreeAuthIdentity() to free the buffer returned // Use SspiFreeAuthIdentity() to free the buffer returned
// in ppAuthIdentity. // in ppAuthIdentity.
unsigned long unsigned long
SEC_ENTRY SEC_ENTRY
SspiPromptForCredentialsW( SspiPromptForCredentialsW(
_In_ PCWSTR pszTargetName, _In_ PCWSTR pszTargetName,
#ifdef _CREDUI_INFO_DEFINED #ifdef _CREDUI_INFO_DEFINED
skipping to change at line 2688 skipping to change at line 3010
} SEC_WINNT_AUTH_PACKED_CREDENTIALS, *PSEC_WINNT_AUTH_PACKED_CREDENTIALS; } SEC_WINNT_AUTH_PACKED_CREDENTIALS, *PSEC_WINNT_AUTH_PACKED_CREDENTIALS;
// {28BFC32F-10F6-4738-98D1-1AC061DF716A} // {28BFC32F-10F6-4738-98D1-1AC061DF716A}
static const GUID SEC_WINNT_AUTH_DATA_TYPE_PASSWORD = static const GUID SEC_WINNT_AUTH_DATA_TYPE_PASSWORD =
{ 0x28bfc32f, 0x10f6, 0x4738, { 0x98, 0xd1, 0x1a, 0xc0, 0x61, 0xdf, 0x71, 0x6 a } }; { 0x28bfc32f, 0x10f6, 0x4738, { 0x98, 0xd1, 0x1a, 0xc0, 0x61, 0xdf, 0x71, 0x6 a } };
// {235F69AD-73FB-4dbc-8203-0629E739339B} // {235F69AD-73FB-4dbc-8203-0629E739339B}
static const GUID SEC_WINNT_AUTH_DATA_TYPE_CERT = static const GUID SEC_WINNT_AUTH_DATA_TYPE_CERT =
{ 0x235f69ad, 0x73fb, 0x4dbc, { 0x82, 0x3, 0x6, 0x29, 0xe7, 0x39, 0x33, 0x9b } }; { 0x235f69ad, 0x73fb, 0x4dbc, { 0x82, 0x3, 0x6, 0x29, 0xe7, 0x39, 0x33, 0x9b } };
// {10A47879-5EBF-4B85-BD8D-C21BB4F49C8A}
static const GUID SEC_WINNT_AUTH_DATA_TYPE_NGC =
{ 0x10a47879, 0x5ebf, 0x4b85, { 0xbd, 0x8d, 0xc2, 0x1b, 0xb4, 0xf4, 0x9c, 0x8
a } };
typedef struct _SEC_WINNT_AUTH_DATA_PASSWORD { typedef struct _SEC_WINNT_AUTH_DATA_PASSWORD {
SEC_WINNT_AUTH_BYTE_VECTOR UnicodePassword; SEC_WINNT_AUTH_BYTE_VECTOR UnicodePassword;
} SEC_WINNT_AUTH_DATA_PASSWORD, PSEC_WINNT_AUTH_DATA_PASSWORD; } SEC_WINNT_AUTH_DATA_PASSWORD, PSEC_WINNT_AUTH_DATA_PASSWORD;
// //
// smartcard cred data // smartcard cred data
// //
// {68FD9879-079C-4dfe-8281-578AADC1C100} // {68FD9879-079C-4dfe-8281-578AADC1C100}
static const GUID SEC_WINNT_AUTH_DATA_TYPE_CSP_DATA = static const GUID SEC_WINNT_AUTH_DATA_TYPE_CSP_DATA =
{ 0x68fd9879, 0x79c, 0x4dfe, { 0x82, 0x81, 0x57, 0x8a, 0xad, 0xc1, 0xc1, 0x0 } }; { 0x68fd9879, 0x79c, 0x4dfe, { 0x82, 0x81, 0x57, 0x8a, 0xad, 0xc1, 0xc1, 0x0 } };
typedef struct _SEC_WINNT_AUTH_CERTIFICATE_DATA { typedef struct _SEC_WINNT_AUTH_CERTIFICATE_DATA {
unsigned short cbHeaderLength; unsigned short cbHeaderLength;
unsigned short cbStructureLength; unsigned short cbStructureLength;
SEC_WINNT_AUTH_BYTE_VECTOR Certificate; SEC_WINNT_AUTH_BYTE_VECTOR Certificate;
} SEC_WINNT_AUTH_CERTIFICATE_DATA, *PSEC_WINNT_AUTH_CERTIFICATE_DATA; } SEC_WINNT_AUTH_CERTIFICATE_DATA, *PSEC_WINNT_AUTH_CERTIFICATE_DATA;
typedef struct _SEC_WINNT_AUTH_NGC_DATA {
LUID LogonId;
unsigned long Flags;
SEC_WINNT_AUTH_BYTE_VECTOR CspInfo;
SEC_WINNT_AUTH_BYTE_VECTOR UserIdKeyAuthTicket;
SEC_WINNT_AUTH_BYTE_VECTOR DecryptionKeyName;
SEC_WINNT_AUTH_BYTE_VECTOR DecryptionKeyAuthTicket;
} SEC_WINNT_AUTH_NGC_DATA, *PSEC_WINNT_AUTH_NGC_DATA;
typedef struct _SEC_WINNT_CREDUI_CONTEXT_VECTOR typedef struct _SEC_WINNT_CREDUI_CONTEXT_VECTOR
{ {
ULONG CredUIContextArrayOffset; // offset starts at the beginning of ULONG CredUIContextArrayOffset; // offset starts at the beginning of
// this structure, and each element is a SEC_WINNT_AUTH_BYTE_VECTOR that // this structure, and each element is a SEC_WINNT_AUTH_BYTE_VECTOR that
// describes the flat CredUI context returned by SpGetCredUIContext() // describes the flat CredUI context returned by SpGetCredUIContext()
USHORT CredUIContextCount; USHORT CredUIContextCount;
} SEC_WINNT_CREDUI_CONTEXT_VECTOR, *PSEC_WINNT_CREDUI_CONTEXT_VECTOR; } SEC_WINNT_CREDUI_CONTEXT_VECTOR, *PSEC_WINNT_CREDUI_CONTEXT_VECTOR;
typedef struct _SEC_WINNT_AUTH_SHORT_VECTOR typedef struct _SEC_WINNT_AUTH_SHORT_VECTOR
{ {
skipping to change at line 2795 skipping to change at line 3130
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiUnmarshalCredUIContext( SspiUnmarshalCredUIContext(
_In_reads_bytes_(MarshaledCredUIContextLength) PUCHAR MarshaledCredUIContext , _In_reads_bytes_(MarshaledCredUIContextLength) PUCHAR MarshaledCredUIContext ,
_In_ ULONG MarshaledCredUIContextLength, _In_ ULONG MarshaledCredUIContextLength,
_Outptr_ PSEC_WINNT_CREDUI_CONTEXT* CredUIContext _Outptr_ PSEC_WINNT_CREDUI_CONTEXT* CredUIContext
); );
#endif // _SEC_WINNT_AUTH_TYPES #endif // _SEC_WINNT_AUTH_TYPES
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiPrepareForCredRead( SspiPrepareForCredRead(
_In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity, _In_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity,
_In_ PCWSTR pszTargetName, _In_ PCWSTR pszTargetName,
_Out_ PULONG pCredmanCredentialType, _Out_ PULONG pCredmanCredentialType,
_Outptr_ PCWSTR* ppszCredmanTargetName _Outptr_ PCWSTR* ppszCredmanTargetName
); );
SECURITY_STATUS SECURITY_STATUS
skipping to change at line 2971 skipping to change at line 3312
// //
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiUnmarshalAuthIdentity( SspiUnmarshalAuthIdentity(
_In_ unsigned long AuthIdentityLength, _In_ unsigned long AuthIdentityLength,
_In_reads_bytes_(AuthIdentityLength) char* AuthIdentityByteArray, _In_reads_bytes_(AuthIdentityLength) char* AuthIdentityByteArray,
_Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity _Outptr_ PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity
); );
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY
STEM) */
#pragma endregion
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
BOOLEAN BOOLEAN
SEC_ENTRY SEC_ENTRY
SspiIsPromptingNeeded( SspiIsPromptingNeeded(
_In_ unsigned long ErrorOrNtStatus _In_ unsigned long ErrorOrNtStatus
); );
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion
#pragma region Desktop Family or OneCore Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SYSTEM)
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiGetTargetHostName( SspiGetTargetHostName(
_In_ PCWSTR pszTargetName, _In_ PCWSTR pszTargetName,
_Outptr_ PWSTR* pszHostName _Outptr_ PWSTR* pszHostName
); );
SECURITY_STATUS SECURITY_STATUS
SEC_ENTRY SEC_ENTRY
SspiExcludePackage( SspiExcludePackage(
skipping to change at line 3061 skipping to change at line 3414
DeleteSecurityPackageW( DeleteSecurityPackageW(
_In_ LPWSTR pszPackageName _In_ LPWSTR pszPackageName
); );
#ifdef UNICODE #ifdef UNICODE
#define DeleteSecurityPackage DeleteSecurityPackageW #define DeleteSecurityPackage DeleteSecurityPackageW
#else #else
#define DeleteSecurityPackage DeleteSecurityPackageA #define DeleteSecurityPackage DeleteSecurityPackageA
#endif #endif
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */ #endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP | WINAPI_PARTITION_SY STEM) */
#pragma endregion #pragma endregion
#ifdef __cplusplus #ifdef __cplusplus
} // extern "C" } // extern "C"
#endif #endif
// begin_ntifs // begin_ntifs
#endif // __SSPI_H__ #endif // __SSPI_H__
// end_ntifs // end_ntifs
 End of changes. 30 change blocks. 
3 lines changed or deleted 396 lines changed or added

This html diff was produced by rfcdiff 1.41.