649 lines
16 KiB
C
649 lines
16 KiB
C
|
/*++
|
||
|
|
||
|
Copyright (c) 1995 Microsoft Corporation
|
||
|
|
||
|
Module Name:
|
||
|
|
||
|
httpfilt.h
|
||
|
|
||
|
Abstract:
|
||
|
|
||
|
This module contains the Microsoft HTTP filter extension info
|
||
|
|
||
|
Revision History:
|
||
|
|
||
|
--*/
|
||
|
|
||
|
#ifndef _HTTPFILT_H_
|
||
|
#define _HTTPFILT_H_
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
extern "C" {
|
||
|
#endif
|
||
|
|
||
|
//
|
||
|
// Current version of the filter spec is 4.0
|
||
|
//
|
||
|
|
||
|
#define HTTP_FILTER_REVISION MAKELONG( 0, 4)
|
||
|
|
||
|
#define SF_MAX_USERNAME (256+1)
|
||
|
#define SF_MAX_PASSWORD (256+1)
|
||
|
#define SF_MAX_AUTH_TYPE (32+1)
|
||
|
|
||
|
#define SF_MAX_FILTER_DESC_LEN (256+1)
|
||
|
|
||
|
typedef
|
||
|
VOID (WINAPI * PFN_SF_NOTIFY) (
|
||
|
DWORD dwNotifyType,
|
||
|
LPVOID pInstance
|
||
|
);
|
||
|
|
||
|
//
|
||
|
// These values can be used with the pfnSFCallback function supplied in
|
||
|
// the filter context structure
|
||
|
//
|
||
|
|
||
|
enum SF_REQ_TYPE
|
||
|
{
|
||
|
//
|
||
|
// Sends a complete HTTP server response header including
|
||
|
// the status, server version, message time and MIME version.
|
||
|
//
|
||
|
// Server extensions should append other information at the end,
|
||
|
// such as Content-type, Content-length etc followed by an extra
|
||
|
// '\r\n'.
|
||
|
//
|
||
|
// pData - Zero terminated string pointing to optional
|
||
|
// status string (i.e., "401 Access Denied") or NULL for
|
||
|
// the default response of "200 OK".
|
||
|
//
|
||
|
// ul1 - Zero terminated string pointing to optional data to be
|
||
|
// appended and set with the header. If NULL, the header will
|
||
|
// be terminated with an empty line.
|
||
|
//
|
||
|
|
||
|
SF_REQ_SEND_RESPONSE_HEADER,
|
||
|
|
||
|
//
|
||
|
// If the server denies the HTTP request, add the specified headers
|
||
|
// to the server error response.
|
||
|
//
|
||
|
// This allows an authentication filter to advertise its services
|
||
|
// w/o filtering every request. Generally the headers will be
|
||
|
// WWW-Authenticate headers with custom authentication schemes but
|
||
|
// no restriction is placed on what headers may be specified.
|
||
|
//
|
||
|
// pData - Zero terminated string pointing to one or more header lines
|
||
|
// with terminating '\r\n'.
|
||
|
//
|
||
|
|
||
|
SF_REQ_ADD_HEADERS_ON_DENIAL,
|
||
|
|
||
|
//
|
||
|
// Only used by raw data filters that return SF_STATUS_READ_NEXT
|
||
|
//
|
||
|
// ul1 - size in bytes for the next read
|
||
|
//
|
||
|
|
||
|
SF_REQ_SET_NEXT_READ_SIZE,
|
||
|
|
||
|
//
|
||
|
// Used to indicate this request is a proxy request
|
||
|
//
|
||
|
// ul1 - The proxy flags to set
|
||
|
// 0x00000001 - This is a HTTP proxy request
|
||
|
//
|
||
|
//
|
||
|
|
||
|
SF_REQ_SET_PROXY_INFO,
|
||
|
|
||
|
//
|
||
|
// Returns the connection ID contained in the ConnID field of an
|
||
|
// ISAPI Application's Extension Control Block. This value can be used
|
||
|
// as a key to cooridinate shared data between Filters and Applications.
|
||
|
//
|
||
|
// pData - Pointer to DWORD that receives the connection ID.
|
||
|
//
|
||
|
|
||
|
SF_REQ_GET_CONNID,
|
||
|
|
||
|
//
|
||
|
// Used to set a SSPI security context + impersonation token
|
||
|
// derived from a client certificate.
|
||
|
//
|
||
|
// pData - certificate info ( PHTTP_FILTER_CERTIFICATE_INFO )
|
||
|
// ul1 - CtxtHandle*
|
||
|
// ul2 - impersonation handle
|
||
|
//
|
||
|
|
||
|
SF_REQ_SET_CERTIFICATE_INFO,
|
||
|
|
||
|
//
|
||
|
// Used to get an IIS property
|
||
|
// as defined in SF_PROPERTY_IIS
|
||
|
//
|
||
|
// ul1 - Property ID
|
||
|
//
|
||
|
|
||
|
SF_REQ_GET_PROPERTY,
|
||
|
|
||
|
//
|
||
|
// Used to normalize an URL
|
||
|
//
|
||
|
// pData - URL to normalize
|
||
|
//
|
||
|
|
||
|
SF_REQ_NORMALIZE_URL,
|
||
|
|
||
|
//
|
||
|
// Indicates end of renegotiation
|
||
|
//
|
||
|
// pData - LPBOOL : TRUE if renegotiation succeeded
|
||
|
//
|
||
|
|
||
|
SF_REQ_DONE_RENEGOTIATE,
|
||
|
|
||
|
//
|
||
|
// Set notify call-back
|
||
|
//
|
||
|
// ul1 - notification type ( SF_NOTIFY_TYPE )
|
||
|
// pData - ptr to notify function ( PFN_SF_NOTIFY )
|
||
|
//
|
||
|
|
||
|
SF_REQ_SET_NOTIFY,
|
||
|
|
||
|
//
|
||
|
// Disable Notifications
|
||
|
//
|
||
|
// ul1 - notifications to disable
|
||
|
//
|
||
|
|
||
|
SF_REQ_DISABLE_NOTIFICATIONS,
|
||
|
|
||
|
};
|
||
|
|
||
|
|
||
|
enum SF_PROPERTY_IIS
|
||
|
{
|
||
|
SF_PROPERTY_CLIENT_CERT_ENABLED, // return BOOL in pData as LPBOOL
|
||
|
SF_PROPERTY_MD5_ENABLED, // return BOOL in pData as LPBOOL
|
||
|
SF_PROPERTY_DIR_MAP_CERT, // return BOOL in pData as LPBOOL
|
||
|
SF_PROPERTY_GET_CERT11_MAPPER, // These 4 functions returns ptr
|
||
|
SF_PROPERTY_GET_RULE_MAPPER, // to RefBlob containing mapper
|
||
|
SF_PROPERTY_GET_MD5_MAPPER,
|
||
|
SF_PROPERTY_GET_ITA_MAPPER,
|
||
|
SF_PROPERTY_GET_INSTANCE_ID,
|
||
|
SF_PROPERTY_MD_IF,
|
||
|
SF_PROPERTY_SSL_CTXT,
|
||
|
SF_PROPERTY_INSTANCE_NUM_ID,
|
||
|
} ;
|
||
|
|
||
|
enum SF_NOTIFY_TYPE
|
||
|
{
|
||
|
SF_NOTIFY_MAPPER_MD5_CHANGED,
|
||
|
SF_NOTIFY_MAPPER_ITA_CHANGED,
|
||
|
SF_NOTIFY_MAPPER_CERT11_CHANGED,
|
||
|
SF_NOTIFY_MAPPER_CERTW_CHANGED,
|
||
|
SF_NOTIFY_MAPPER_SSLKEYS_CHANGED,
|
||
|
SF_NOTIFY_MAPPER_CERT11_TOUCHED,
|
||
|
} ;
|
||
|
|
||
|
//
|
||
|
// These values are returned by the filter entry point when a new request is
|
||
|
// received indicating their interest in this particular request
|
||
|
//
|
||
|
|
||
|
enum SF_STATUS_TYPE
|
||
|
{
|
||
|
//
|
||
|
// The filter has handled the HTTP request. The server should disconnect
|
||
|
// the session.
|
||
|
//
|
||
|
|
||
|
SF_STATUS_REQ_FINISHED = 0x8000000,
|
||
|
|
||
|
//
|
||
|
// Same as SF_STATUS_FINISHED except the server should keep the TCP
|
||
|
// session open if the option was negotiated
|
||
|
//
|
||
|
|
||
|
SF_STATUS_REQ_FINISHED_KEEP_CONN,
|
||
|
|
||
|
//
|
||
|
// The next filter in the notification chain should be called
|
||
|
//
|
||
|
|
||
|
SF_STATUS_REQ_NEXT_NOTIFICATION,
|
||
|
|
||
|
//
|
||
|
// This filter handled the notification. No other handles should be
|
||
|
// called for this particular notification type
|
||
|
//
|
||
|
|
||
|
SF_STATUS_REQ_HANDLED_NOTIFICATION,
|
||
|
|
||
|
//
|
||
|
// An error occurred. The server should use GetLastError() and indicate
|
||
|
// the error to the client
|
||
|
//
|
||
|
|
||
|
SF_STATUS_REQ_ERROR,
|
||
|
|
||
|
//
|
||
|
// The filter is an opaque stream filter and we're negotiating the
|
||
|
// session parameters. Only valid for raw read notification.
|
||
|
//
|
||
|
|
||
|
SF_STATUS_REQ_READ_NEXT
|
||
|
};
|
||
|
|
||
|
//
|
||
|
// pvNotification points to this structure for all request notification types
|
||
|
//
|
||
|
|
||
|
typedef struct _HTTP_FILTER_CONTEXT
|
||
|
{
|
||
|
DWORD cbSize;
|
||
|
|
||
|
//
|
||
|
// This is the structure revision level.
|
||
|
//
|
||
|
|
||
|
DWORD Revision;
|
||
|
|
||
|
//
|
||
|
// Private context information for the server.
|
||
|
//
|
||
|
|
||
|
PVOID ServerContext;
|
||
|
DWORD ulReserved;
|
||
|
|
||
|
//
|
||
|
// TRUE if this request is coming over a secure port
|
||
|
//
|
||
|
|
||
|
BOOL fIsSecurePort;
|
||
|
|
||
|
//
|
||
|
// A context that can be used by the filter
|
||
|
//
|
||
|
|
||
|
PVOID pFilterContext;
|
||
|
|
||
|
//
|
||
|
// Server callbacks
|
||
|
//
|
||
|
|
||
|
BOOL (WINAPI * GetServerVariable) (
|
||
|
struct _HTTP_FILTER_CONTEXT * pfc,
|
||
|
LPSTR lpszVariableName,
|
||
|
LPVOID lpvBuffer,
|
||
|
LPDWORD lpdwSize
|
||
|
);
|
||
|
|
||
|
BOOL (WINAPI * AddResponseHeaders) (
|
||
|
struct _HTTP_FILTER_CONTEXT * pfc,
|
||
|
LPSTR lpszHeaders,
|
||
|
DWORD dwReserved
|
||
|
);
|
||
|
|
||
|
BOOL (WINAPI * WriteClient) (
|
||
|
struct _HTTP_FILTER_CONTEXT * pfc,
|
||
|
LPVOID Buffer,
|
||
|
LPDWORD lpdwBytes,
|
||
|
DWORD dwReserved
|
||
|
);
|
||
|
|
||
|
VOID * (WINAPI * AllocMem) (
|
||
|
struct _HTTP_FILTER_CONTEXT * pfc,
|
||
|
DWORD cbSize,
|
||
|
DWORD dwReserved
|
||
|
);
|
||
|
|
||
|
BOOL (WINAPI * ServerSupportFunction) (
|
||
|
struct _HTTP_FILTER_CONTEXT * pfc,
|
||
|
enum SF_REQ_TYPE sfReq,
|
||
|
PVOID pData,
|
||
|
DWORD ul1,
|
||
|
DWORD ul2
|
||
|
);
|
||
|
|
||
|
} HTTP_FILTER_CONTEXT, *PHTTP_FILTER_CONTEXT;
|
||
|
|
||
|
//
|
||
|
// This structure is the notification info for the read and send raw data
|
||
|
// notification types
|
||
|
//
|
||
|
|
||
|
typedef struct _HTTP_FILTER_RAW_DATA
|
||
|
{
|
||
|
//
|
||
|
// This is a pointer to the data for the filter to process.
|
||
|
//
|
||
|
|
||
|
PVOID pvInData;
|
||
|
DWORD cbInData; // Number of valid data bytes
|
||
|
DWORD cbInBuffer; // Total size of buffer
|
||
|
|
||
|
DWORD dwReserved;
|
||
|
|
||
|
} HTTP_FILTER_RAW_DATA, *PHTTP_FILTER_RAW_DATA;
|
||
|
|
||
|
//
|
||
|
// This structure is the notification info for when the server is about to
|
||
|
// process the client headers
|
||
|
//
|
||
|
|
||
|
typedef struct _HTTP_FILTER_PREPROC_HEADERS
|
||
|
{
|
||
|
//
|
||
|
// For SF_NOTIFY_PREPROC_HEADERS, retrieves the specified header value.
|
||
|
// Header names should include the trailing ':'. The special values
|
||
|
// 'method', 'url' and 'version' can be used to retrieve the individual
|
||
|
// portions of the request line
|
||
|
//
|
||
|
|
||
|
BOOL (WINAPI * GetHeader) (
|
||
|
struct _HTTP_FILTER_CONTEXT * pfc,
|
||
|
LPSTR lpszName,
|
||
|
LPVOID lpvBuffer,
|
||
|
LPDWORD lpdwSize
|
||
|
);
|
||
|
|
||
|
//
|
||
|
// Replaces this header value to the specified value. To delete a header,
|
||
|
// specified a value of '\0'.
|
||
|
//
|
||
|
|
||
|
BOOL (WINAPI * SetHeader) (
|
||
|
struct _HTTP_FILTER_CONTEXT * pfc,
|
||
|
LPSTR lpszName,
|
||
|
LPSTR lpszValue
|
||
|
);
|
||
|
|
||
|
//
|
||
|
// Adds the specified header and value
|
||
|
//
|
||
|
|
||
|
BOOL (WINAPI * AddHeader) (
|
||
|
struct _HTTP_FILTER_CONTEXT * pfc,
|
||
|
LPSTR lpszName,
|
||
|
LPSTR lpszValue
|
||
|
);
|
||
|
|
||
|
DWORD HttpStatus; // New in 4.0, status for SEND_RESPONSE
|
||
|
DWORD SubStatus; // New in 4.0, status for SEND_RESPONSE
|
||
|
|
||
|
} HTTP_FILTER_PREPROC_HEADERS, *PHTTP_FILTER_PREPROC_HEADERS;
|
||
|
|
||
|
typedef HTTP_FILTER_PREPROC_HEADERS HTTP_FILTER_SEND_RESPONSE;
|
||
|
typedef HTTP_FILTER_PREPROC_HEADERS *PHTTP_FILTER_SEND_RESPONSE;
|
||
|
|
||
|
//
|
||
|
// Authentication information for this request.
|
||
|
//
|
||
|
|
||
|
typedef struct _HTTP_FILTER_AUTHENT
|
||
|
{
|
||
|
//
|
||
|
// Pointer to username and password, empty strings for the anonymous user
|
||
|
//
|
||
|
// Client's can overwrite these buffers which are guaranteed to be at
|
||
|
// least SF_MAX_USERNAME and SF_MAX_PASSWORD bytes large.
|
||
|
//
|
||
|
|
||
|
CHAR * pszUser;
|
||
|
DWORD cbUserBuff;
|
||
|
|
||
|
CHAR * pszPassword;
|
||
|
DWORD cbPasswordBuff;
|
||
|
|
||
|
} HTTP_FILTER_AUTHENT, *PHTTP_FILTER_AUTHENT;
|
||
|
|
||
|
|
||
|
//
|
||
|
// Authentication information for this request.
|
||
|
//
|
||
|
|
||
|
typedef struct _HTTP_FILTER_AUTHENTEX
|
||
|
{
|
||
|
//
|
||
|
// Pointer to username and password, empty strings for the anonymous user
|
||
|
//
|
||
|
// Client can overwrite hAccessToken
|
||
|
//
|
||
|
|
||
|
CHAR * pszUser;
|
||
|
DWORD cbUserBuff;
|
||
|
|
||
|
CHAR * pszLogonUser;
|
||
|
DWORD cbLogonUserBuff;
|
||
|
|
||
|
CHAR * pszPassword;
|
||
|
CHAR * pszRealm;
|
||
|
|
||
|
CHAR * pszAuthType;
|
||
|
DWORD cbAuthTypeBuff;
|
||
|
|
||
|
HANDLE hAccessTokenPrimary;
|
||
|
HANDLE hAccessTokenImpersonation;
|
||
|
|
||
|
} HTTP_FILTER_AUTHENTEX, *PHTTP_FILTER_AUTHENTEX;
|
||
|
|
||
|
|
||
|
//
|
||
|
// Indicates the server is going to use the specific physical mapping for
|
||
|
// the specified URL. Filters can modify the physical path in place.
|
||
|
//
|
||
|
|
||
|
typedef struct _HTTP_FILTER_URL_MAP
|
||
|
{
|
||
|
const CHAR * pszURL;
|
||
|
|
||
|
CHAR * pszPhysicalPath;
|
||
|
DWORD cbPathBuff;
|
||
|
|
||
|
} HTTP_FILTER_URL_MAP, *PHTTP_FILTER_URL_MAP;
|
||
|
|
||
|
//
|
||
|
// Indicates the server is going to delete the specified impersonation token
|
||
|
// Only called if the token was created by the filter
|
||
|
//
|
||
|
|
||
|
typedef struct _HTTP_FILTER_REQUEST_CLOSE_SECURITY_CONTEXT
|
||
|
{
|
||
|
PVOID pCtxt;
|
||
|
|
||
|
} HTTP_FILTER_REQUEST_CLOSE_SECURITY_CONTEXT,
|
||
|
*PHTTP_FILTER_REQUEST_CLOSE_SECURITY_CONTEXT;
|
||
|
|
||
|
//
|
||
|
// Bitfield indicating the requested resource has been denied by the server due
|
||
|
// to a logon failure, an ACL on a resource, an ISAPI Filter or an
|
||
|
// ISAPI Application/CGI Application.
|
||
|
//
|
||
|
// SF_DENIED_BY_CONFIG can appear with SF_DENIED_LOGON if the server
|
||
|
// configuration did not allow the user to logon.
|
||
|
//
|
||
|
|
||
|
#define SF_DENIED_LOGON 0x00000001
|
||
|
#define SF_DENIED_RESOURCE 0x00000002
|
||
|
#define SF_DENIED_FILTER 0x00000004
|
||
|
#define SF_DENIED_APPLICATION 0x00000008
|
||
|
|
||
|
#define SF_DENIED_BY_CONFIG 0x00010000
|
||
|
|
||
|
typedef struct _HTTP_FILTER_ACCESS_DENIED
|
||
|
{
|
||
|
const CHAR * pszURL; // Requesting URL
|
||
|
const CHAR * pszPhysicalPath; // Physical path of resource
|
||
|
DWORD dwReason; // Bitfield of SF_DENIED flags
|
||
|
|
||
|
} HTTP_FILTER_ACCESS_DENIED, *PHTTP_FILTER_ACCESS_DENIED;
|
||
|
|
||
|
|
||
|
//
|
||
|
// The server request a SSL certificate renegotiation.
|
||
|
// If filter accepts, it must set fAccepted to TRUE
|
||
|
//
|
||
|
|
||
|
typedef struct _HTTP_FILTER_REQUEST_CERT
|
||
|
{
|
||
|
BOOL fAccepted; // [out] request accepted
|
||
|
BOOL fMapCert; // [in] TRUE if cert to be mapped to
|
||
|
// NT account
|
||
|
DWORD dwReserved;
|
||
|
|
||
|
} HTTP_FILTER_REQUEST_CERT, *PHTTP_FILTER_REQUEST_CERT;
|
||
|
|
||
|
//
|
||
|
// The log information about to be written to the server log file. The
|
||
|
// string pointers can be replaced but the memory must remain valid until
|
||
|
// the next notification
|
||
|
//
|
||
|
|
||
|
typedef struct _HTTP_FILTER_LOG
|
||
|
{
|
||
|
const CHAR * pszClientHostName;
|
||
|
const CHAR * pszClientUserName;
|
||
|
const CHAR * pszServerName;
|
||
|
const CHAR * pszOperation;
|
||
|
const CHAR * pszTarget;
|
||
|
const CHAR * pszParameters;
|
||
|
|
||
|
DWORD dwHttpStatus;
|
||
|
DWORD dwWin32Status;
|
||
|
|
||
|
DWORD dwBytesSent; // IIS 3.0 and later
|
||
|
DWORD dwBytesRecvd; // IIS 3.0 and later
|
||
|
DWORD msTimeForProcessing; // IIS 3.0 and later
|
||
|
|
||
|
} HTTP_FILTER_LOG, *PHTTP_FILTER_LOG;
|
||
|
|
||
|
//
|
||
|
// Notification Flags
|
||
|
//
|
||
|
// SF_NOTIFY_SECURE_PORT
|
||
|
// SF_NOTIFY_NONSECURE_PORT
|
||
|
//
|
||
|
// Indicates whether the application wants to be notified for transactions
|
||
|
// that are happenning on the server port(s) that support data encryption
|
||
|
// (such as PCT and SSL), on only the non-secure port(s) or both.
|
||
|
//
|
||
|
// SF_NOTIFY_READ_RAW_DATA
|
||
|
//
|
||
|
// Applications are notified after the server reads a block of memory
|
||
|
// from the client but before the server does any processing on the
|
||
|
// block. The data block may contain HTTP headers and entity data.
|
||
|
//
|
||
|
//
|
||
|
//
|
||
|
|
||
|
#define SF_NOTIFY_SECURE_PORT 0x00000001
|
||
|
#define SF_NOTIFY_NONSECURE_PORT 0x00000002
|
||
|
|
||
|
#define SF_NOTIFY_READ_RAW_DATA 0x00008000
|
||
|
#define SF_NOTIFY_PREPROC_HEADERS 0x00004000
|
||
|
#define SF_NOTIFY_AUTHENTICATION 0x00002000
|
||
|
#define SF_NOTIFY_URL_MAP 0x00001000
|
||
|
#define SF_NOTIFY_ACCESS_DENIED 0x00000800
|
||
|
#define SF_NOTIFY_SEND_RESPONSE 0x00000040
|
||
|
#define SF_NOTIFY_SEND_RAW_DATA 0x00000400
|
||
|
#define SF_NOTIFY_LOG 0x00000200
|
||
|
#define SF_NOTIFY_END_OF_REQUEST 0x00000080
|
||
|
#define SF_NOTIFY_END_OF_NET_SESSION 0x00000100
|
||
|
|
||
|
#define SF_NOTIFY_AUTHENTICATIONEX 0x20000000
|
||
|
#define SF_NOTIFY_REQUEST_SECURITY_CONTEXT_CLOSE \
|
||
|
0x10000000
|
||
|
#define SF_NOTIFY_RENEGOTIATE_CERT 0x08000000
|
||
|
|
||
|
//
|
||
|
// Filter ordering flags
|
||
|
//
|
||
|
// Filters will tend to be notified by their specified
|
||
|
// ordering. For ties, notification order is determined by load order.
|
||
|
//
|
||
|
// SF_NOTIFY_ORDER_HIGH - Authentication or data transformation filters
|
||
|
// SF_NOTIFY_ORDER_MEDIUM
|
||
|
// SF_NOTIFY_ORDER_LOW - Logging filters that want the results of any other
|
||
|
// filters might specify this order.
|
||
|
//
|
||
|
|
||
|
#define SF_NOTIFY_ORDER_HIGH 0x00080000
|
||
|
#define SF_NOTIFY_ORDER_MEDIUM 0x00040000
|
||
|
#define SF_NOTIFY_ORDER_LOW 0x00020000
|
||
|
#define SF_NOTIFY_ORDER_DEFAULT SF_NOTIFY_ORDER_LOW
|
||
|
|
||
|
#define SF_NOTIFY_ORDER_MASK (SF_NOTIFY_ORDER_HIGH | \
|
||
|
SF_NOTIFY_ORDER_MEDIUM | \
|
||
|
SF_NOTIFY_ORDER_LOW)
|
||
|
|
||
|
//
|
||
|
// Filter version information, passed to GetFilterVersion
|
||
|
//
|
||
|
|
||
|
typedef struct _HTTP_FILTER_VERSION
|
||
|
{
|
||
|
//
|
||
|
// Version of the spec the server is using
|
||
|
//
|
||
|
|
||
|
DWORD dwServerFilterVersion;
|
||
|
|
||
|
//
|
||
|
// Fields specified by the client
|
||
|
//
|
||
|
|
||
|
DWORD dwFilterVersion;
|
||
|
CHAR lpszFilterDesc[SF_MAX_FILTER_DESC_LEN];
|
||
|
DWORD dwFlags;
|
||
|
|
||
|
|
||
|
} HTTP_FILTER_VERSION, *PHTTP_FILTER_VERSION;
|
||
|
|
||
|
|
||
|
typedef struct _HTTP_FILTER_CERTIFICATE_INFO
|
||
|
{
|
||
|
PBYTE pbCert;
|
||
|
DWORD cbCert;
|
||
|
|
||
|
} HTTP_FILTER_CERTIFICATE_INFO, *PHTTP_FILTER_CERTIFICATE_INFO;
|
||
|
|
||
|
|
||
|
//
|
||
|
// A filter DLL's entry point looks like this. The return code should be
|
||
|
// an SF_STATUS_TYPE
|
||
|
//
|
||
|
// NotificationType - Type of notification
|
||
|
// pvNotification - Pointer to notification specific data
|
||
|
//
|
||
|
|
||
|
DWORD
|
||
|
WINAPI
|
||
|
HttpFilterProc(
|
||
|
HTTP_FILTER_CONTEXT * pfc,
|
||
|
DWORD NotificationType,
|
||
|
VOID * pvNotification
|
||
|
);
|
||
|
|
||
|
BOOL
|
||
|
WINAPI
|
||
|
GetFilterVersion(
|
||
|
HTTP_FILTER_VERSION * pVer
|
||
|
);
|
||
|
|
||
|
BOOL
|
||
|
WINAPI
|
||
|
TerminateFilter(
|
||
|
DWORD dwFlags
|
||
|
);
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
#endif //_HTTPFILT_H_
|
||
|
|