Export (0) Print
Expand All
Expand Minimize

SpQueryMetaDataFn function

Gets metadata from a security support provider (SSP) when it is initiating a security context.

Syntax


NTSTATUS NTAPI SpQueryMetaDataFn(
  _In_      LSA_SEC_HANDLE CredentialHandle,
  _In_opt_  PUNICODE_STRING TargetName,
  _In_      ULONG ContextRequirements,
  _Out_     ULONG MetaDataLength,
  _Out_     PUCHAR MetaData,
  _Inout_   PLSA_SEC_HANDLE ContextHandle
);

Parameters

CredentialHandle [in]

A handle to the credentials to use for the security context. If the ContextHandle parameter points to NULL on input, this function uses the value of this parameter to create a security context.

The value of this parameter cannot be NULL if the ContextHandle parameter points to NULL on input.

TargetName [in, optional]

A pointer to a UNICODE_STRING that contains the name of the target of the context.

ContextRequirements [in]

Flags that indicate the context attributes required by the client.

The following are valid values. Values can be combined by using a logical OR operation.

ValueMeaning
ISC_REQ_DELEGATE

The server is allowed to impersonate the client.

ISC_REQ_MUTUAL_AUTH

Both the client and the server are required to prove their identity.

ISC_REQ_REPLAY_DETECT

The security context will support the detection of replayed packets.

ISC_REQ_SEQUENCE_DETECT

The security context will support the detection of out-of-order messages.

ISC_REQ_USE_SESSION_KEY

A new session key must be negotiated.

ISC_REQ_PROMPT_FOR_CREDS

If the client is an interactive user, the package must, if possible, prompt the user for the appropriate credentials.

ISC_REQ_USE_SUPPLIED_CREDS

The input buffer contains package-specific credential information which should be used to authenticate the connection.

ISC_REQ_ALLOCATE_MEMORY

The package must allocate memory. The caller must eventually call the FreeContextBuffer function to free memory allocated by the package.

ISC_REQ_USE_DCE_STYLE

The caller expects a three-leg mutual authentication transaction.

ISC_REQ_DATAGRAM

A datagram-type communications channel should be used. For more information, see Datagram Contexts.

ISC_REQ_CONNECTION

A connection-type communications channel should be used. For more information, see Connection-Oriented Contexts.

ISC_REQ_EXTENDED_ERROR

If the context fails, generate an error reply message to send back to the client.

ISC_REQ_STREAM

A stream-type communications channel should be used. For more information, see Stream Contexts.

ISC_REQ_INTEGRITY

Buffer integrity is verified; however, replayed and out-of-sequence messages will not be detected.

 

MetaDataLength [out]

The size, in characters, of the MetaData buffer.

MetaData [out]

The metadata that the SSP provides.

ContextHandle [in, out]

A handle to the security handle to use. If this parameter points to NULL on input, this function allocates and initializes a security context by using the values of the CredentialHandle and TargetName parameters.

If this parameter points to NULL on input, the CredentialHandle cannot be NULL.

Return value

If the function succeeds, return STATUS_SUCCESS, or an informational status code.

If the function fails, return an NTSTATUS error code that indicates the reason it failed. For more information, see Remarks.

Remarks

A pointer to the SpQueryMetaDataFn function is available in the SECPKG_FUNCTION_TABLE structure received from the SpLsaModeInitialize function.

Requirements

Minimum supported client

Windows 7 [desktop apps only]

Minimum supported server

Windows Server 2008 R2 [desktop apps only]

Header

Ntsecpkg.h

 

 

Community Additions

ADD
Show:
© 2014 Microsoft