namespace Vanara.PInvoke;
public static partial class FwpUClnt
{
///
/// The WSADeleteSocketPeerTargetName function removes the association between a peer target name and an IP address for a socket.
/// After a successful return, there will be no future association between the IP address and the target name.
///
/// A descriptor identifying a socket on which the peer target name is being deleted.
/// The IP address of the peer for which the target name is being deleted.
/// The size, in bytes, of the PeerAddr parameter.
/// A pointer to a WSAOVERLAPPED structure. This parameter is ignored for non-overlapped sockets.
///
/// A pointer to the completion routine called when the operation has been completed. This parameter is ignored for non-overlapped sockets.
///
///
///
/// If the function succeeds, the return value is 0. Otherwise, a value of SOCKET_ERROR is returned, and a specific error code can
/// be retrieved by calling WSAGetLastError.
///
/// Some possible error codes are listed below.
///
///
/// Error code
/// Meaning
///
/// -
/// WSAEAFNOSUPPORT
/// The specified address family is not supported.
///
/// -
/// WSAEFAULT
///
/// The system detected an invalid address pointer in attempting to use a pointer argument of a call. This error is returned if the
/// PeerAddr parameter was a NULL pointer.
///
///
/// -
/// WSAEINVAL
///
/// An invalid parameter was passed. This error is returned if the socket passed in the Socket parameter was not created with an
/// address family of the AF_INET or AF_INET6 and a socket type of SOCK_DGRAM or SOCK_STREAM.
///
///
/// -
/// WSAEMSGSIZE
/// A buffer passed was too small.
///
/// -
/// WSAENOTSOCK
/// The descriptor passed in the Socket parameter is not a valid socket.
///
///
///
///
///
/// The WSADeleteSocketPeerTargetName function provides a method to remove the association between a peer target name and an IP
/// address for a socket. This function is used to delete a peer target name that was previously set with the WSASetSocketPeerTargetName
/// function. After the WSADeleteSocketPeerTargetName function returns, no future authentication to the IP address will use the
/// previously specified target name. This function is primarily designed to be used by connectionless clients (for example, a socket
/// created with the type set to SOCK_DGRAM or the protocol set to IPPROTO_UDP) after they have terminated the connection with the IP
/// address associated with the peer target name. For connection oriented clients (for example, a socket created with the type set to
/// SOCK_STREAM or protocol set to IPPROTO_TCP), this function should not be called.
///
///
/// The WSADeleteSocketPeerTargetName function simplifies having to call the WSAIoctl function with a dwIoControlCode
/// parameter set to SIO_DELETE_PEER_TARGET_NAME.
///
/// An error will be returned if the following conditions are not met.
///
/// -
/// The address family of the Socket parameter must be either AF_INET or AF_INET6.
///
/// -
/// The socket type must be either SOCK_STREAM or SOCK_DGRAM.
///
///
///
// https://docs.microsoft.com/en-us/windows/win32/api/ws2tcpip/nf-ws2tcpip-wsadeletesocketpeertargetname INT WSAAPI
// WSADeleteSocketPeerTargetName( [in] SOCKET Socket, [in] const sockaddr *PeerAddr, [in] ULONG PeerAddrLen, [in, optional]
// LPWSAOVERLAPPED Overlapped, [in, optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine );
[PInvokeData("ws2tcpip.h", MSDNShortId = "NF:ws2tcpip.WSADeleteSocketPeerTargetName")]
[DllImport(Lib_Fwpuclnt, SetLastError = true, ExactSpelling = true)]
public static extern WSRESULT WSADeleteSocketPeerTargetName([In] SOCKET Socket, [In] SOCKADDR PeerAddr, uint PeerAddrLen,
in WSAOVERLAPPED Overlapped, [In, Optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine);
///
/// The WSADeleteSocketPeerTargetName function removes the association between a peer target name and an IP address for a socket.
/// After a successful return, there will be no future association between the IP address and the target name.
///
/// A descriptor identifying a socket on which the peer target name is being deleted.
/// The IP address of the peer for which the target name is being deleted.
/// The size, in bytes, of the PeerAddr parameter.
/// A pointer to a WSAOVERLAPPED structure. This parameter is ignored for non-overlapped sockets.
///
/// A pointer to the completion routine called when the operation has been completed. This parameter is ignored for non-overlapped sockets.
///
///
///
/// If the function succeeds, the return value is 0. Otherwise, a value of SOCKET_ERROR is returned, and a specific error code can
/// be retrieved by calling WSAGetLastError.
///
/// Some possible error codes are listed below.
///
///
/// Error code
/// Meaning
///
/// -
/// WSAEAFNOSUPPORT
/// The specified address family is not supported.
///
/// -
/// WSAEFAULT
///
/// The system detected an invalid address pointer in attempting to use a pointer argument of a call. This error is returned if the
/// PeerAddr parameter was a NULL pointer.
///
///
/// -
/// WSAEINVAL
///
/// An invalid parameter was passed. This error is returned if the socket passed in the Socket parameter was not created with an
/// address family of the AF_INET or AF_INET6 and a socket type of SOCK_DGRAM or SOCK_STREAM.
///
///
/// -
/// WSAEMSGSIZE
/// A buffer passed was too small.
///
/// -
/// WSAENOTSOCK
/// The descriptor passed in the Socket parameter is not a valid socket.
///
///
///
///
///
/// The WSADeleteSocketPeerTargetName function provides a method to remove the association between a peer target name and an IP
/// address for a socket. This function is used to delete a peer target name that was previously set with the WSASetSocketPeerTargetName
/// function. After the WSADeleteSocketPeerTargetName function returns, no future authentication to the IP address will use the
/// previously specified target name. This function is primarily designed to be used by connectionless clients (for example, a socket
/// created with the type set to SOCK_DGRAM or the protocol set to IPPROTO_UDP) after they have terminated the connection with the IP
/// address associated with the peer target name. For connection oriented clients (for example, a socket created with the type set to
/// SOCK_STREAM or protocol set to IPPROTO_TCP), this function should not be called.
///
///
/// The WSADeleteSocketPeerTargetName function simplifies having to call the WSAIoctl function with a dwIoControlCode
/// parameter set to SIO_DELETE_PEER_TARGET_NAME.
///
/// An error will be returned if the following conditions are not met.
///
/// -
/// The address family of the Socket parameter must be either AF_INET or AF_INET6.
///
/// -
/// The socket type must be either SOCK_STREAM or SOCK_DGRAM.
///
///
///
// https://docs.microsoft.com/en-us/windows/win32/api/ws2tcpip/nf-ws2tcpip-wsadeletesocketpeertargetname INT WSAAPI
// WSADeleteSocketPeerTargetName( [in] SOCKET Socket, [in] const sockaddr *PeerAddr, [in] ULONG PeerAddrLen, [in, optional]
// LPWSAOVERLAPPED Overlapped, [in, optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine );
[PInvokeData("ws2tcpip.h", MSDNShortId = "NF:ws2tcpip.WSADeleteSocketPeerTargetName")]
[DllImport(Lib_Fwpuclnt, SetLastError = true, ExactSpelling = true)]
public static extern WSRESULT WSADeleteSocketPeerTargetName([In] SOCKET Socket, [In] SOCKADDR PeerAddr, uint PeerAddrLen,
[In, Optional] IntPtr Overlapped, [In, Optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine);
///
/// The WSAImpersonateSocketPeer function is used to impersonate the security principal corresponding to a socket peer in order to
/// perform application-level authorization.
///
/// Identifies the application socket.
///
/// The IP address of the peer to be impersonated. For connection-oriented sockets, the connected socket uniquely identifies a peer. In
/// this case, this parameter is ignored.
///
/// The size, in bytes, of the PeerAddress parameter.
///
///
/// If the function succeeds, the return value is 0. Otherwise, a value of SOCKET_ERROR is returned, and a specific error code can
/// be retrieved by calling WSAGetLastError.
///
/// Some possible error codes are listed below.
///
///
/// Error code
/// Meaning
///
/// -
/// WSAEFAULT
///
/// The system detected an invalid address pointer in attempting to use a pointer argument of a call. This error is returned if the
/// PeerAddr parameter was a NULL pointer.
///
///
/// -
/// WSAEAFNOSUPPORT
/// The specified address family is not supported.
///
/// -
/// WSAEMSGSIZE
/// A buffer passed was too small.
///
/// -
/// WSAENOTSOCK
/// The descriptor passed in the Socket parameter is not a valid socket.
///
///
///
///
///
/// The WSAImpersonateSocketPeer function provides an application the ability to impersonate the security principal corresponding
/// to a socket peer in order to perform application-level authorization. If peer user (impersonation) token is available then it will be
/// used for impersonation, otherwise the peer computer token will be used. The WSAImpersonateSocketPeer function can be called
/// only for blocking, non-overlapped sockets. After performing any authorization checks, an application must call the
/// WSARevertImpersonation function to terminate the impersonation.
///
///
/// For connection-oriented sockets, the WSAImpersonateSocketPeer function should be called after a connection is established. For
/// a server application using connection-oriented sockets, the WSAImpersonateSocketPeer should be called after the accept,
/// AcceptEx, or WSAAccept function returns.
///
///
/// For connectionless sockets, the application should call the WSAImpersonateSocketPeer function immediately after the recv,
/// recvfrom, WSARecv, WSARecvEx, WSARecvFrom, or LPFN_WSARECVMSG (WSARecvMsg) function returns for a new peer address.
///
/// The WSAImpersonateSocketPeer function can be called multiple times for a single socket.
/// An error will be returned if the following conditions are not met.
///
/// -
/// The address family of the Socket parameter must be either AF_INET or AF_INET6.
///
/// -
/// The socket type must be either SOCK_STREAM or SOCK_DGRAM.
///
///
/// The WSARevertImpersonation function must be called to end the impersonation.
///
// https://docs.microsoft.com/en-us/windows/win32/api/ws2tcpip/nf-ws2tcpip-wsaimpersonatesocketpeer INT WSAAPI WSAImpersonateSocketPeer(
// [in] SOCKET Socket, [in, optional] const sockaddr *PeerAddr, [in] ULONG PeerAddrLen );
[PInvokeData("ws2tcpip.h", MSDNShortId = "NF:ws2tcpip.WSAImpersonateSocketPeer")]
[DllImport(Lib_Fwpuclnt, SetLastError = true, ExactSpelling = true)]
public static extern WSRESULT WSAImpersonateSocketPeer([In] SOCKET Socket, [In, Optional] SOCKADDR PeerAddr,
uint PeerAddrLen);
/// The WSAQuerySocketSecurity function queries information about the security applied to a connection on a socket.
/// A descriptor identifying a socket for which security information is being queried.
///
/// A pointer to a SOCKET_SECURITY_QUERY_TEMPLATE structure that specifies the type of query information to return.
///
/// A SOCKET_SECURITY_QUERY_TEMPLATE structure pointed to by this parameter may contain zeroes for all members to request default
/// security information. On successful return, only the Flags member in the SOCKET_SECURITY_QUERY_INFO will be set in the
/// returned SecurityQueryInfo parameter.
///
///
/// This parameter may be a NULL pointer if the Socket parameter was created with a protocol of IPPROTO_TCP. In this
/// case, the information returned is the same as if a SOCKET_SECURITY_QUERY_TEMPLATE structure with all values set to zero was passed.
/// This parameter should be specified for a socket with protocol of IPPROTO_TCP if more than the default security information is required.
///
///
/// If the SOCKET_SECURITY_QUERY_TEMPLATE structure is specified with the PeerTokenAccessMask member not specified (set to zero),
/// then the WSAQuerySocketSecurity function will not return the PeerApplicationAccessTokenHandle and
/// PeerMachineAccessTokenHandle members in the SOCKET_SECURITY_QUERY_INFO structure.
///
///
/// If a Socket parameter was created with a protocol not equal to IPPROTO_TCP, the SecurityQueryTemplate parameter
/// must be specified. In these cases, the PeerAddress member of the SOCKET_SECURITY_QUERY_TEMPLATE structure must specify an
/// address family of AF_INET or AF_INET6 along with peer IP address and port number.
///
///
///
/// The size, in bytes, of the SecurityQueryTemplate parameter.
///
/// This parameter may be a zero if the Socket parameter was created with a protocol of IPPROTO_TCP. Otherwise, this
/// parameter must be the size of a SOCKET_SECURITY_QUERY_TEMPLATE structure.
///
///
///
/// A pointer to a buffer that will receive a SOCKET_SECURITY_QUERY_INFO structure containing the information queried. This value can be
/// set to NULL to query the size of the output buffer.
///
///
/// On input, a pointer to the size, in bytes, of the SecurityQueryInfo parameter. If the buffer is too small to receive the
/// queried information, the call will return SOCKET_ERROR, and the number of bytes needed to return the queried information will be set
/// in the value pointed to by this parameter. On a successful call, the number of bytes copied is returned.
///
/// A pointer to a WSAOVERLAPPED structure. This parameter is ignored for non-overlapped sockets.
///
/// A pointer to the completion routine called when the operation has been completed. This parameter is ignored for non-overlapped sockets.
///
///
///
/// If the function succeeds, the return value is zero. Otherwise, a value of SOCKET_ERROR is returned, and a specific error code
/// can be retrieved by calling WSAGetLastError.
///
/// Some possible error codes are listed below.
///
///
/// Error code
/// Meaning
///
/// -
/// WSAEAFNOSUPPORT
/// The specified address family is not supported.
///
/// -
/// WSAECONNRESET
///
/// For a stream socket, the virtual circuit was reset by the remote side. The application should close the socket as it is no longer
/// usable. For a UDP datagram socket, this error would indicate that a previous send operation resulted in an ICMP "Port Unreachable" message.
///
///
/// -
/// WSAEFAULT
///
/// The system detected an invalid pointer address in attempting to use a parameter. This error is returned if the
/// SecurityQueryInfoLen parameter was a NULL pointer.
///
///
/// -
/// WSAEINVAL
///
/// An invalid parameter was passed. This error is returned if the socket passed in the Socket parameter was not created with an
/// address family of the AF_INET or AF_INET6 and a socket type of SOCK_DGRAM or SOCK_STREAM.
///
///
/// -
/// WSAEMSGSIZE
///
/// A buffer passed was too small. This error is returned for a Socket parameter when the protocol was not IPPROTO_TCP if
/// the SecurityQueryInfo parameter is a NULL pointer or the SecurityQueryTemplateLen parameter is less than the
/// size of a SOCKET_SECURITY_QUERY_TEMPLATE structure.
///
///
/// -
/// WSAENOTSOCK
/// The descriptor passed in the Socket parameter is not a valid socket.
///
///
///
///
///
/// The WSAQuerySocketSecurity function provides a method to query the current security settings on a socket. After a connection
/// is established, the WSAQuerySocketSecurity function allows an application to query the security properties of the connection,
/// which can include information on peer access tokens.
///
///
/// For connection-oriented sockets, it is preferred to call the WSAQuerySocketSecurity function immediately after a connection is
/// established. For connectionless sockets, it is preferred to call the WSAQuerySocketSecurity function immediately after data is
/// sent to a new peer address or received from a new peer address. The WSAQuerySocketSecurity function can be called multiple
/// times on a single socket.
///
/// This function simplifies having to call the WSAIoctl function with a dwIoControlCode parameter set to SIO_QUERY_SECURITY.
///
/// The WSAQuerySocketSecurity function may be called on a Socket parameter created with an address family of
/// AF_INET or AF_INET6.
///
///
/// If the Socket parameter was created with a protocol of IPPROTO_TCP, the SecurityQueryTemplate parameter may be
/// NULL and the SecurityQueryTemplateLen parameter may be zero. Otherwise, the SecurityQueryTemplate parameter must
/// point to a SOCKET_SECURITY_QUERY_TEMPLATE structure.
///
///
/// For a client application using connection-oriented sockets (socket created with a protocol of IPPROTO_TCP), the
/// WSAQuerySocketSecurity function should be called after the connect, ConnectEx, or WSAConnect function returns. For a server
/// application using connection-oriented sockets (protocol of IPPROTO_TCP), the WSAQuerySocketSecurity function should be
/// called after the accept, AcceptEx, or WSAAccept function returns.
///
///
/// For connectionless sockets (socket created with a protocol of IPPROTO_UDP), the application should call the
/// WSAQuerySocketSecurity function immediately after WSASendTo or WSARecvFrom call returns for a new peer address.
///
/// An error will be returned if the following conditions are not met.
///
/// -
/// The address family of the Socket parameter must be either AF_INET or AF_INET6.
///
/// -
/// The socket type must be either SOCK_STREAM or SOCK_DGRAM.
///
///
///
// https://docs.microsoft.com/en-us/windows/win32/api/ws2tcpip/nf-ws2tcpip-wsaquerysocketsecurity INT WSAAPI WSAQuerySocketSecurity( [in]
// SOCKET Socket, [in, optional] const SOCKET_SECURITY_QUERY_TEMPLATE *SecurityQueryTemplate, [in] ULONG SecurityQueryTemplateLen, [out,
// optional] SOCKET_SECURITY_QUERY_INFO *SecurityQueryInfo, [in, out] ULONG *SecurityQueryInfoLen, [in, optional] LPWSAOVERLAPPED
// Overlapped, [in, optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine );
[PInvokeData("ws2tcpip.h", MSDNShortId = "NF:ws2tcpip.WSAQuerySocketSecurity")]
[DllImport(Lib_Fwpuclnt, SetLastError = true, ExactSpelling = true)]
public static extern WSRESULT WSAQuerySocketSecurity([In] SOCKET Socket, ref SOCKET_SECURITY_QUERY_TEMPLATE SecurityQueryTemplate,
uint SecurityQueryTemplateLen, SafeCoTaskMemStruct SecurityQueryInfo, ref uint SecurityQueryInfoLen,
in WSAOVERLAPPED Overlapped, [In, Optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine);
/// The WSAQuerySocketSecurity function queries information about the security applied to a connection on a socket.
/// A descriptor identifying a socket for which security information is being queried.
///
/// A pointer to a SOCKET_SECURITY_QUERY_TEMPLATE structure that specifies the type of query information to return.
///
/// A SOCKET_SECURITY_QUERY_TEMPLATE structure pointed to by this parameter may contain zeroes for all members to request default
/// security information. On successful return, only the Flags member in the SOCKET_SECURITY_QUERY_INFO will be set in the
/// returned SecurityQueryInfo parameter.
///
///
/// This parameter may be a NULL pointer if the Socket parameter was created with a protocol of IPPROTO_TCP. In this
/// case, the information returned is the same as if a SOCKET_SECURITY_QUERY_TEMPLATE structure with all values set to zero was passed.
/// This parameter should be specified for a socket with protocol of IPPROTO_TCP if more than the default security information is required.
///
///
/// If the SOCKET_SECURITY_QUERY_TEMPLATE structure is specified with the PeerTokenAccessMask member not specified (set to zero),
/// then the WSAQuerySocketSecurity function will not return the PeerApplicationAccessTokenHandle and
/// PeerMachineAccessTokenHandle members in the SOCKET_SECURITY_QUERY_INFO structure.
///
///
/// If a Socket parameter was created with a protocol not equal to IPPROTO_TCP, the SecurityQueryTemplate parameter
/// must be specified. In these cases, the PeerAddress member of the SOCKET_SECURITY_QUERY_TEMPLATE structure must specify an
/// address family of AF_INET or AF_INET6 along with peer IP address and port number.
///
///
///
/// The size, in bytes, of the SecurityQueryTemplate parameter.
///
/// This parameter may be a zero if the Socket parameter was created with a protocol of IPPROTO_TCP. Otherwise, this
/// parameter must be the size of a SOCKET_SECURITY_QUERY_TEMPLATE structure.
///
///
///
/// A pointer to a buffer that will receive a SOCKET_SECURITY_QUERY_INFO structure containing the information queried. This value can be
/// set to NULL to query the size of the output buffer.
///
///
/// On input, a pointer to the size, in bytes, of the SecurityQueryInfo parameter. If the buffer is too small to receive the
/// queried information, the call will return SOCKET_ERROR, and the number of bytes needed to return the queried information will be set
/// in the value pointed to by this parameter. On a successful call, the number of bytes copied is returned.
///
/// A pointer to a WSAOVERLAPPED structure. This parameter is ignored for non-overlapped sockets.
///
/// A pointer to the completion routine called when the operation has been completed. This parameter is ignored for non-overlapped sockets.
///
///
///
/// If the function succeeds, the return value is zero. Otherwise, a value of SOCKET_ERROR is returned, and a specific error code
/// can be retrieved by calling WSAGetLastError.
///
/// Some possible error codes are listed below.
///
///
/// Error code
/// Meaning
///
/// -
/// WSAEAFNOSUPPORT
/// The specified address family is not supported.
///
/// -
/// WSAECONNRESET
///
/// For a stream socket, the virtual circuit was reset by the remote side. The application should close the socket as it is no longer
/// usable. For a UDP datagram socket, this error would indicate that a previous send operation resulted in an ICMP "Port Unreachable" message.
///
///
/// -
/// WSAEFAULT
///
/// The system detected an invalid pointer address in attempting to use a parameter. This error is returned if the
/// SecurityQueryInfoLen parameter was a NULL pointer.
///
///
/// -
/// WSAEINVAL
///
/// An invalid parameter was passed. This error is returned if the socket passed in the Socket parameter was not created with an
/// address family of the AF_INET or AF_INET6 and a socket type of SOCK_DGRAM or SOCK_STREAM.
///
///
/// -
/// WSAEMSGSIZE
///
/// A buffer passed was too small. This error is returned for a Socket parameter when the protocol was not IPPROTO_TCP if
/// the SecurityQueryInfo parameter is a NULL pointer or the SecurityQueryTemplateLen parameter is less than the
/// size of a SOCKET_SECURITY_QUERY_TEMPLATE structure.
///
///
/// -
/// WSAENOTSOCK
/// The descriptor passed in the Socket parameter is not a valid socket.
///
///
///
///
///
/// The WSAQuerySocketSecurity function provides a method to query the current security settings on a socket. After a connection
/// is established, the WSAQuerySocketSecurity function allows an application to query the security properties of the connection,
/// which can include information on peer access tokens.
///
///
/// For connection-oriented sockets, it is preferred to call the WSAQuerySocketSecurity function immediately after a connection is
/// established. For connectionless sockets, it is preferred to call the WSAQuerySocketSecurity function immediately after data is
/// sent to a new peer address or received from a new peer address. The WSAQuerySocketSecurity function can be called multiple
/// times on a single socket.
///
/// This function simplifies having to call the WSAIoctl function with a dwIoControlCode parameter set to SIO_QUERY_SECURITY.
///
/// The WSAQuerySocketSecurity function may be called on a Socket parameter created with an address family of
/// AF_INET or AF_INET6.
///
///
/// If the Socket parameter was created with a protocol of IPPROTO_TCP, the SecurityQueryTemplate parameter may be
/// NULL and the SecurityQueryTemplateLen parameter may be zero. Otherwise, the SecurityQueryTemplate parameter must
/// point to a SOCKET_SECURITY_QUERY_TEMPLATE structure.
///
///
/// For a client application using connection-oriented sockets (socket created with a protocol of IPPROTO_TCP), the
/// WSAQuerySocketSecurity function should be called after the connect, ConnectEx, or WSAConnect function returns. For a server
/// application using connection-oriented sockets (protocol of IPPROTO_TCP), the WSAQuerySocketSecurity function should be
/// called after the accept, AcceptEx, or WSAAccept function returns.
///
///
/// For connectionless sockets (socket created with a protocol of IPPROTO_UDP), the application should call the
/// WSAQuerySocketSecurity function immediately after WSASendTo or WSARecvFrom call returns for a new peer address.
///
/// An error will be returned if the following conditions are not met.
///
/// -
/// The address family of the Socket parameter must be either AF_INET or AF_INET6.
///
/// -
/// The socket type must be either SOCK_STREAM or SOCK_DGRAM.
///
///
///
// https://docs.microsoft.com/en-us/windows/win32/api/ws2tcpip/nf-ws2tcpip-wsaquerysocketsecurity INT WSAAPI WSAQuerySocketSecurity( [in]
// SOCKET Socket, [in, optional] const SOCKET_SECURITY_QUERY_TEMPLATE *SecurityQueryTemplate, [in] ULONG SecurityQueryTemplateLen, [out,
// optional] SOCKET_SECURITY_QUERY_INFO *SecurityQueryInfo, [in, out] ULONG *SecurityQueryInfoLen, [in, optional] LPWSAOVERLAPPED
// Overlapped, [in, optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine );
[PInvokeData("ws2tcpip.h", MSDNShortId = "NF:ws2tcpip.WSAQuerySocketSecurity")]
[DllImport(Lib_Fwpuclnt, SetLastError = true, ExactSpelling = true)]
public static extern WSRESULT WSAQuerySocketSecurity([In] SOCKET Socket, [In, Optional] IntPtr SecurityQueryTemplate,
uint SecurityQueryTemplateLen, [Out, Optional] IntPtr SecurityQueryInfo, ref uint SecurityQueryInfoLen,
[In, Optional] IntPtr Overlapped, [In, Optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine);
///
/// The WSARevertImpersonation function terminates the impersonation of a socket peer. This must be called after calling
/// WSAImpersonateSocketPeer and finishing any access checks.
///
///
///
/// If the function succeeds, the return value is zero. Otherwise, a value of SOCKET_ERROR is returned, and a specific error code
/// can be retrieved by calling WSAGetLastError.
///
/// Some possible error codes are listed below.
///
///
/// Error code
/// Meaning
///
/// -
/// WSASYSCALLFAILURE
/// A system call that should never fail has failed.
///
///
///
///
///
/// The WSARevertImpersonation function causes the calling thread to discontinue the impersonation of a socket peer. If the thread
/// is not currently impersonating a socket peer, no action is taken.
///
///
/// The WSARevertImpersonation function should be called after calling WSAImpersonateSocketPeer and all access checks are finished.
///
///
// https://docs.microsoft.com/en-us/windows/win32/api/ws2tcpip/nf-ws2tcpip-wsarevertimpersonation INT WSAAPI WSARevertImpersonation();
[PInvokeData("ws2tcpip.h", MSDNShortId = "NF:ws2tcpip.WSARevertImpersonation")]
[DllImport(Lib_Fwpuclnt, SetLastError = true, ExactSpelling = true)]
public static extern WSRESULT WSARevertImpersonation();
///
/// The WSASetSocketPeerTargetName function is used to specify the peer target name (SPN) that corresponds to a peer IP address.
/// This target name is meant to be specified by client applications to securely identify the peer that should be authenticated.
///
/// A descriptor identifying a socket on which the peer target name is being assigned.
/// A pointer to a SOCKET_PEER_TARGET_NAME structure that defines the peer target name.
/// The size, in bytes, of the PeerTargetName parameter.
/// A pointer to a WSAOVERLAPPED structure. This parameter is ignored for non-overlapped sockets.
///
/// A pointer to the completion routine called when the operation has been completed. This parameter is ignored for non-overlapped sockets.
///
///
///
/// If the function succeeds, the return value is zero. Otherwise, a value of SOCKET_ERROR is returned, and a specific error code
/// can be retrieved by calling WSAGetLastError.
///
/// Some possible error codes are listed below.
///
///
/// Error code
/// Meaning
///
/// -
/// WSAEAFNOSUPPORT
/// The specified address family is not supported.
///
/// -
/// WSAEFAULT
///
/// The system detected an invalid address pointer in attempting to use a pointer argument of a call. This error is returned if the
/// PeerTargetName parameter was a NULL pointer.
///
///
/// -
/// WSAEINVAL
///
/// An invalid parameter was passed. This error is returned if the socket passed in the Socket parameter was not created with an
/// address family of the AF_INET or AF_INET6 and a socket type of SOCK_DGRAM or SOCK_STREAM. This error is
/// also returned for a connectionless socket if the IP address and port are zero in the PeerAddress member of the
/// SOCKET_PEER_TARGET_NAME structure pointed to by the PeerTargetName parameter.
///
///
/// -
/// WSAEISCONN
///
/// The socket is connected. This function is not permitted with a connected socket, whether the socket is connection oriented or connectionless.
///
///
/// -
/// WSAEMSGSIZE
/// A buffer passed was too small.
///
/// -
/// WSAENOTSOCK
/// The descriptor passed in the Socket parameter is not a valid socket.
///
///
///
///
///
/// The WSASetSocketPeerTargetName function provides a method to specify the target name that corresponds to a peer security
/// principal. This function is meant to be used by a client application to identify the peer that should be authenticated. A client
/// application should specify the peer target name in order to prevent trusted man-in-the-middle attacks. For connectionless sockets, an
/// application can call the WSASetSocketPeerTargetName function multiple times to specify different target names for different
/// peer IP addresses.
///
/// This function simplifies having to call the WSAIoctl function with a dwIoControlCode parameter set to SIO_SET_PEER_TARGET_NAME.
///
/// For connection-oriented sockets, the WSASetSocketPeerTargetName function should be called before WSAConnect. For
/// connectionless sockets, this function should be called before WSAConnect or before the first WSASendTo call directed to the
/// peer address.
///
/// An error will be returned if the following conditions are not met.
///
/// -
/// The address family of the Socket parameter must be either AF_INET or AF_INET6.
///
/// -
/// The socket type must be either SOCK_STREAM or SOCK_DGRAM.
///
///
///
// https://docs.microsoft.com/en-us/windows/win32/api/ws2tcpip/nf-ws2tcpip-wsasetsocketpeertargetname INT WSAAPI
// WSASetSocketPeerTargetName( [in] SOCKET Socket, [in] const SOCKET_PEER_TARGET_NAME *PeerTargetName, [in] ULONG PeerTargetNameLen, [in,
// optional] LPWSAOVERLAPPED Overlapped, [in, optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine );
[PInvokeData("ws2tcpip.h", MSDNShortId = "NF:ws2tcpip.WSASetSocketPeerTargetName")]
[DllImport(Lib_Fwpuclnt, SetLastError = true, ExactSpelling = true)]
public static extern WSRESULT WSASetSocketPeerTargetName([In] SOCKET Socket, in SOCKET_PEER_TARGET_NAME PeerTargetName,
uint PeerTargetNameLen, in WSAOVERLAPPED Overlapped, [In, Optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine);
///
/// The WSASetSocketPeerTargetName function is used to specify the peer target name (SPN) that corresponds to a peer IP address.
/// This target name is meant to be specified by client applications to securely identify the peer that should be authenticated.
///
/// A descriptor identifying a socket on which the peer target name is being assigned.
/// A pointer to a SOCKET_PEER_TARGET_NAME structure that defines the peer target name.
/// The size, in bytes, of the PeerTargetName parameter.
/// A pointer to a WSAOVERLAPPED structure. This parameter is ignored for non-overlapped sockets.
///
/// A pointer to the completion routine called when the operation has been completed. This parameter is ignored for non-overlapped sockets.
///
///
///
/// If the function succeeds, the return value is zero. Otherwise, a value of SOCKET_ERROR is returned, and a specific error code
/// can be retrieved by calling WSAGetLastError.
///
/// Some possible error codes are listed below.
///
///
/// Error code
/// Meaning
///
/// -
/// WSAEAFNOSUPPORT
/// The specified address family is not supported.
///
/// -
/// WSAEFAULT
///
/// The system detected an invalid address pointer in attempting to use a pointer argument of a call. This error is returned if the
/// PeerTargetName parameter was a NULL pointer.
///
///
/// -
/// WSAEINVAL
///
/// An invalid parameter was passed. This error is returned if the socket passed in the Socket parameter was not created with an
/// address family of the AF_INET or AF_INET6 and a socket type of SOCK_DGRAM or SOCK_STREAM. This error is
/// also returned for a connectionless socket if the IP address and port are zero in the PeerAddress member of the
/// SOCKET_PEER_TARGET_NAME structure pointed to by the PeerTargetName parameter.
///
///
/// -
/// WSAEISCONN
///
/// The socket is connected. This function is not permitted with a connected socket, whether the socket is connection oriented or connectionless.
///
///
/// -
/// WSAEMSGSIZE
/// A buffer passed was too small.
///
/// -
/// WSAENOTSOCK
/// The descriptor passed in the Socket parameter is not a valid socket.
///
///
///
///
///
/// The WSASetSocketPeerTargetName function provides a method to specify the target name that corresponds to a peer security
/// principal. This function is meant to be used by a client application to identify the peer that should be authenticated. A client
/// application should specify the peer target name in order to prevent trusted man-in-the-middle attacks. For connectionless sockets, an
/// application can call the WSASetSocketPeerTargetName function multiple times to specify different target names for different
/// peer IP addresses.
///
/// This function simplifies having to call the WSAIoctl function with a dwIoControlCode parameter set to SIO_SET_PEER_TARGET_NAME.
///
/// For connection-oriented sockets, the WSASetSocketPeerTargetName function should be called before WSAConnect. For
/// connectionless sockets, this function should be called before WSAConnect or before the first WSASendTo call directed to the
/// peer address.
///
/// An error will be returned if the following conditions are not met.
///
/// -
/// The address family of the Socket parameter must be either AF_INET or AF_INET6.
///
/// -
/// The socket type must be either SOCK_STREAM or SOCK_DGRAM.
///
///
///
// https://docs.microsoft.com/en-us/windows/win32/api/ws2tcpip/nf-ws2tcpip-wsasetsocketpeertargetname INT WSAAPI
// WSASetSocketPeerTargetName( [in] SOCKET Socket, [in] const SOCKET_PEER_TARGET_NAME *PeerTargetName, [in] ULONG PeerTargetNameLen, [in,
// optional] LPWSAOVERLAPPED Overlapped, [in, optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine );
[PInvokeData("ws2tcpip.h", MSDNShortId = "NF:ws2tcpip.WSASetSocketPeerTargetName")]
[DllImport(Lib_Fwpuclnt, SetLastError = true, ExactSpelling = true)]
public static extern WSRESULT WSASetSocketPeerTargetName([In] SOCKET Socket, in SOCKET_PEER_TARGET_NAME PeerTargetName,
uint PeerTargetNameLen, [In, Optional] IntPtr Overlapped, [In, Optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine);
/// The WSASetSocketSecurity function enables and applies security for a socket.
/// A descriptor that identifies a socket on which security settings are being applied.
///
/// A pointer to a SOCKET_SECURITY_SETTINGS structure that specifies the security settings to be applied to the socket's traffic. If this
/// parameter is NULL, default settings will be applied to the socket.
///
/// The size, in bytes, of the SecuritySettings parameter.
/// A pointer to a WSAOVERLAPPED structure. This parameter is ignored for non-overlapped sockets.
///
/// A pointer to the completion routine called when the operation has been completed. This parameter is ignored for non-overlapped sockets.
///
///
///
/// If the function succeeds, the return value is zero. Otherwise, a value of SOCKET_ERROR is returned, and a specific error code
/// can be retrieved by calling WSAGetLastError.
///
/// Some possible error codes are listed below.
///
///
/// Error code
/// Meaning
///
/// -
/// WSAEAFNOSUPPORT
/// The specified address family is not supported.
///
/// -
/// WSAEINVAL
///
/// An invalid parameter was passed. This error is returned if the socket passed in the Socket parameter was not created with an
/// address family of the AF_INET or AF_INET6 and a socket type of SOCK_DGRAM or SOCK_STREAM. This error is
/// also returned if the SOCKET_SECURITY_SETTINGS structure pointed to by the SecuritySettings parameter has an incorrect value.
///
///
/// -
/// WSAEISCONN
///
/// The socket is connected. This function is not permitted with a connected socket, whether the socket is connection oriented or connectionless.
///
///
/// -
/// WSAEMSGSIZE
/// A buffer passed was too small.
///
/// -
/// WSAENOTSOCK
/// The descriptor passed in the Socket parameter is not a valid socket.
///
///
///
///
///
/// The primary purpose of the WSASetSocketSecurity function is to turn on security for a socket if it is not already enabled by
/// administrative policy. For IPsec, this means that appropriate IPsec filters and policies will be instantiated that will be used to
/// secure this socket. the WSASetSocketSecurity function can also be used to set specific security requirements for the socket.
///
/// This function simplifies having to call the WSAIoctl function with a dwIoControlCode parameter set to SIO_SET_SECURITY.
///
/// The WSASetSocketSecurity function may be called on a Socket parameter created with an address family of AF_INET
/// or AF_INET6.
///
///
/// For a client application using connection-oriented sockets (protocol of IPPROTO_TCP), the WSASetSocketSecurity function
/// should be called before the connect, ConnectEx, or WSAConnect function is called. If the WSASetSocketSecurity function is
/// called after the connect, ConnectEx, or WSAConnect function, WSASetSocketSecurity should fail.
///
///
/// For a server application using connection-oriented sockets (protocol of IPPROTO_TCP), the WSASetSocketSecurity function
/// should be called before the bind function is called. If the WSASetSocketSecurity function is called after the bind
/// function, WSASetSocketSecurity should fail.
///
///
/// For connectionless sockets (protocol of IPPROTO_UDP), the application should call the WSASetSocketSecurity function
/// immediately after socket or WSASocket call returns.
///
///
/// Server applications should call the setsockopt function to acquire exclusive access to the port used by the socket. This prevents
/// other applications from using the same port. The setsockopt function would be called with the level parameter set to
/// SOL_SOCKET, the optname parameter set to SO_EXCLUSIVEADDRUSE, and the value parameter set to nonzero. The
/// WSASetSocketSecurity function internally calls the setsockopt with SO_EXCLUSIVEADDRUSE to obtain exclusive access to
/// the port. This is to ensure that the socket is not vulnerable to attacks by other applications running on the local computer.
///
///
/// Security settings not set using the WSASetSocketSecurity are derived from the system default policy or the administratively
/// configured policy. It is recommended that most applications specify a value of SOCKET_SECURITY_PROTOCOL_DEFAULT for the
/// SOCKET_SECURITY_PROTOCOL enumeration in the SecurityProtocol member of the SOCKET_SECURITY_PROTOCOL pointed to by the
/// SecuritySettings parameter. This makes the application neutral to security protocols and allows easier deployments among
/// different systems.
///
///
/// When the SecuritySettings parameter points to a SOCKET_SECURITY_SETTINGS_IPSEC structure, the SecurityProtocol member
/// of the structure must be set to SOCKET_SECURITY_PROTOCOL_IPSEC, not SOCKET_SECURITY_PROTOCOL_DEFAULT.
///
/// An error will be returned if the following conditions are not met.
///
/// -
/// The address family of the Socket parameter must be either AF_INET or AF_INET6.
///
/// -
/// The socket type must be either SOCK_STREAM or SOCK_DGRAM.
///
/// -
/// The application must set its security settings before calling the bind, connect, ConnectEx, or WSAConnect functions.
///
/// -
/// The WSASetSocketSecurity function can only be called once per socket.
///
///
/// Default Secure Socket IPsec Policy
///
/// If the SecuritySettings parameter is set to NULL, and there is no other administratively specified IPsec policy on the
/// computer, a default security policy based on IPsec will be used to secure the application's traffic. Some type of authentication
/// credential (a user certificate or domain membership, for example) must be present for IPsec to succeed with a default policy.
///
/// The default IPsec policy has been designed so that IPsec security can be negotiated in as many scenarios as possible.
///
// https://docs.microsoft.com/en-us/windows/win32/api/ws2tcpip/nf-ws2tcpip-wsasetsocketsecurity INT WSAAPI WSASetSocketSecurity( [in]
// SOCKET Socket, [in, optional] const SOCKET_SECURITY_SETTINGS *SecuritySettings, [in] ULONG SecuritySettingsLen, [in, optional]
// LPWSAOVERLAPPED Overlapped, [in, optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine );
[PInvokeData("ws2tcpip.h", MSDNShortId = "NF:ws2tcpip.WSASetSocketSecurity")]
[DllImport(Lib_Fwpuclnt, SetLastError = true, ExactSpelling = true)]
public static extern WSRESULT WSASetSocketSecurity([In] SOCKET Socket, in SOCKET_SECURITY_SETTINGS SecuritySettings,
uint SecuritySettingsLen, in WSAOVERLAPPED Overlapped, [In, Optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine);
/// The WSASetSocketSecurity function enables and applies security for a socket.
/// A descriptor that identifies a socket on which security settings are being applied.
///
/// A pointer to a SOCKET_SECURITY_SETTINGS structure that specifies the security settings to be applied to the socket's traffic. If this
/// parameter is NULL, default settings will be applied to the socket.
///
/// The size, in bytes, of the SecuritySettings parameter.
/// A pointer to a WSAOVERLAPPED structure. This parameter is ignored for non-overlapped sockets.
///
/// A pointer to the completion routine called when the operation has been completed. This parameter is ignored for non-overlapped sockets.
///
///
///
/// If the function succeeds, the return value is zero. Otherwise, a value of SOCKET_ERROR is returned, and a specific error code
/// can be retrieved by calling WSAGetLastError.
///
/// Some possible error codes are listed below.
///
///
/// Error code
/// Meaning
///
/// -
/// WSAEAFNOSUPPORT
/// The specified address family is not supported.
///
/// -
/// WSAEINVAL
///
/// An invalid parameter was passed. This error is returned if the socket passed in the Socket parameter was not created with an
/// address family of the AF_INET or AF_INET6 and a socket type of SOCK_DGRAM or SOCK_STREAM. This error is
/// also returned if the SOCKET_SECURITY_SETTINGS structure pointed to by the SecuritySettings parameter has an incorrect value.
///
///
/// -
/// WSAEISCONN
///
/// The socket is connected. This function is not permitted with a connected socket, whether the socket is connection oriented or connectionless.
///
///
/// -
/// WSAEMSGSIZE
/// A buffer passed was too small.
///
/// -
/// WSAENOTSOCK
/// The descriptor passed in the Socket parameter is not a valid socket.
///
///
///
///
///
/// The primary purpose of the WSASetSocketSecurity function is to turn on security for a socket if it is not already enabled by
/// administrative policy. For IPsec, this means that appropriate IPsec filters and policies will be instantiated that will be used to
/// secure this socket. the WSASetSocketSecurity function can also be used to set specific security requirements for the socket.
///
/// This function simplifies having to call the WSAIoctl function with a dwIoControlCode parameter set to SIO_SET_SECURITY.
///
/// The WSASetSocketSecurity function may be called on a Socket parameter created with an address family of AF_INET
/// or AF_INET6.
///
///
/// For a client application using connection-oriented sockets (protocol of IPPROTO_TCP), the WSASetSocketSecurity function
/// should be called before the connect, ConnectEx, or WSAConnect function is called. If the WSASetSocketSecurity function is
/// called after the connect, ConnectEx, or WSAConnect function, WSASetSocketSecurity should fail.
///
///
/// For a server application using connection-oriented sockets (protocol of IPPROTO_TCP), the WSASetSocketSecurity function
/// should be called before the bind function is called. If the WSASetSocketSecurity function is called after the bind
/// function, WSASetSocketSecurity should fail.
///
///
/// For connectionless sockets (protocol of IPPROTO_UDP), the application should call the WSASetSocketSecurity function
/// immediately after socket or WSASocket call returns.
///
///
/// Server applications should call the setsockopt function to acquire exclusive access to the port used by the socket. This prevents
/// other applications from using the same port. The setsockopt function would be called with the level parameter set to
/// SOL_SOCKET, the optname parameter set to SO_EXCLUSIVEADDRUSE, and the value parameter set to nonzero. The
/// WSASetSocketSecurity function internally calls the setsockopt with SO_EXCLUSIVEADDRUSE to obtain exclusive access to
/// the port. This is to ensure that the socket is not vulnerable to attacks by other applications running on the local computer.
///
///
/// Security settings not set using the WSASetSocketSecurity are derived from the system default policy or the administratively
/// configured policy. It is recommended that most applications specify a value of SOCKET_SECURITY_PROTOCOL_DEFAULT for the
/// SOCKET_SECURITY_PROTOCOL enumeration in the SecurityProtocol member of the SOCKET_SECURITY_PROTOCOL pointed to by the
/// SecuritySettings parameter. This makes the application neutral to security protocols and allows easier deployments among
/// different systems.
///
///
/// When the SecuritySettings parameter points to a SOCKET_SECURITY_SETTINGS_IPSEC structure, the SecurityProtocol member
/// of the structure must be set to SOCKET_SECURITY_PROTOCOL_IPSEC, not SOCKET_SECURITY_PROTOCOL_DEFAULT.
///
/// An error will be returned if the following conditions are not met.
///
/// -
/// The address family of the Socket parameter must be either AF_INET or AF_INET6.
///
/// -
/// The socket type must be either SOCK_STREAM or SOCK_DGRAM.
///
/// -
/// The application must set its security settings before calling the bind, connect, ConnectEx, or WSAConnect functions.
///
/// -
/// The WSASetSocketSecurity function can only be called once per socket.
///
///
/// Default Secure Socket IPsec Policy
///
/// If the SecuritySettings parameter is set to NULL, and there is no other administratively specified IPsec policy on the
/// computer, a default security policy based on IPsec will be used to secure the application's traffic. Some type of authentication
/// credential (a user certificate or domain membership, for example) must be present for IPsec to succeed with a default policy.
///
/// The default IPsec policy has been designed so that IPsec security can be negotiated in as many scenarios as possible.
///
// https://docs.microsoft.com/en-us/windows/win32/api/ws2tcpip/nf-ws2tcpip-wsasetsocketsecurity INT WSAAPI WSASetSocketSecurity( [in]
// SOCKET Socket, [in, optional] const SOCKET_SECURITY_SETTINGS *SecuritySettings, [in] ULONG SecuritySettingsLen, [in, optional]
// LPWSAOVERLAPPED Overlapped, [in, optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine );
[PInvokeData("ws2tcpip.h", MSDNShortId = "NF:ws2tcpip.WSASetSocketSecurity")]
[DllImport(Lib_Fwpuclnt, SetLastError = true, ExactSpelling = true)]
public static extern WSRESULT WSASetSocketSecurity([In] SOCKET Socket, [In, Optional] IntPtr SecuritySettings,
uint SecuritySettingsLen, [In, Optional] IntPtr Overlapped, [In, Optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine);
}