ReactOS Development > Doxygen
logon.c
Go to the documentation of this file.
00001 /* 00002 * COPYRIGHT: See COPYING in the top level directory 00003 * PROJECT: ReactOS system libraries 00004 * FILE: lib/advapi32/misc/logon.c 00005 * PURPOSE: Logon functions 00006 * PROGRAMMER: Eric Kohl 00007 */ 00008 00009 #include <advapi32.h> 00010 WINE_DEFAULT_DEBUG_CHANNEL(advapi); 00011 00012 00013 /* FUNCTIONS ***************************************************************/ 00014 00015 /* 00016 * @implemented 00017 */ 00018 BOOL WINAPI 00019 CreateProcessAsUserA(HANDLE hToken, 00020 LPCSTR lpApplicationName, 00021 LPSTR lpCommandLine, 00022 LPSECURITY_ATTRIBUTES lpProcessAttributes, 00023 LPSECURITY_ATTRIBUTES lpThreadAttributes, 00024 BOOL bInheritHandles, 00025 DWORD dwCreationFlags, 00026 LPVOID lpEnvironment, 00027 LPCSTR lpCurrentDirectory, 00028 LPSTARTUPINFOA lpStartupInfo, 00029 LPPROCESS_INFORMATION lpProcessInformation) 00030 { 00031 PROCESS_ACCESS_TOKEN AccessToken; 00032 NTSTATUS Status; 00033 00034 /* Create the process with a suspended main thread */ 00035 if (!CreateProcessA(lpApplicationName, 00036 lpCommandLine, 00037 lpProcessAttributes, 00038 lpThreadAttributes, 00039 bInheritHandles, 00040 dwCreationFlags | CREATE_SUSPENDED, 00041 lpEnvironment, 00042 lpCurrentDirectory, 00043 lpStartupInfo, 00044 lpProcessInformation)) 00045 { 00046 return FALSE; 00047 } 00048 00049 AccessToken.Token = hToken; 00050 AccessToken.Thread = NULL; 00051 00052 /* Set the new process token */ 00053 Status = NtSetInformationProcess(lpProcessInformation->hProcess, 00054 ProcessAccessToken, 00055 (PVOID)&AccessToken, 00056 sizeof(AccessToken)); 00057 if (!NT_SUCCESS (Status)) 00058 { 00059 SetLastError(RtlNtStatusToDosError(Status)); 00060 return FALSE; 00061 } 00062 00063 /* Resume the main thread */ 00064 if (!(dwCreationFlags & CREATE_SUSPENDED)) 00065 { 00066 ResumeThread(lpProcessInformation->hThread); 00067 } 00068 00069 return TRUE; 00070 } 00071 00072 00073 /* 00074 * @implemented 00075 */ 00076 BOOL WINAPI 00077 CreateProcessAsUserW(HANDLE hToken, 00078 LPCWSTR lpApplicationName, 00079 LPWSTR lpCommandLine, 00080 LPSECURITY_ATTRIBUTES lpProcessAttributes, 00081 LPSECURITY_ATTRIBUTES lpThreadAttributes, 00082 BOOL bInheritHandles, 00083 DWORD dwCreationFlags, 00084 LPVOID lpEnvironment, 00085 LPCWSTR lpCurrentDirectory, 00086 LPSTARTUPINFOW lpStartupInfo, 00087 LPPROCESS_INFORMATION lpProcessInformation) 00088 { 00089 PROCESS_ACCESS_TOKEN AccessToken; 00090 NTSTATUS Status; 00091 00092 /* Create the process with a suspended main thread */ 00093 if (!CreateProcessW(lpApplicationName, 00094 lpCommandLine, 00095 lpProcessAttributes, 00096 lpThreadAttributes, 00097 bInheritHandles, 00098 dwCreationFlags | CREATE_SUSPENDED, 00099 lpEnvironment, 00100 lpCurrentDirectory, 00101 lpStartupInfo, 00102 lpProcessInformation)) 00103 { 00104 return FALSE; 00105 } 00106 00107 AccessToken.Token = hToken; 00108 AccessToken.Thread = NULL; 00109 00110 /* Set the new process token */ 00111 Status = NtSetInformationProcess(lpProcessInformation->hProcess, 00112 ProcessAccessToken, 00113 (PVOID)&AccessToken, 00114 sizeof(AccessToken)); 00115 if (!NT_SUCCESS (Status)) 00116 { 00117 SetLastError(RtlNtStatusToDosError(Status)); 00118 return FALSE; 00119 } 00120 00121 /* Resume the main thread */ 00122 if (!(dwCreationFlags & CREATE_SUSPENDED)) 00123 { 00124 ResumeThread(lpProcessInformation->hThread); 00125 } 00126 00127 return TRUE; 00128 } 00129 00130 /* 00131 * @unimplemented 00132 */ 00133 BOOL WINAPI CreateProcessWithLogonW( LPCWSTR lpUsername, LPCWSTR lpDomain, LPCWSTR lpPassword, DWORD dwLogonFlags, 00134 LPCWSTR lpApplicationName, LPWSTR lpCommandLine, DWORD dwCreationFlags, LPVOID lpEnvironment, 00135 LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation ) 00136 { 00137 FIXME("%s %s %s 0x%08x %s %s 0x%08x %p %s %p %p stub\n", debugstr_w(lpUsername), debugstr_w(lpDomain), 00138 debugstr_w(lpPassword), dwLogonFlags, debugstr_w(lpApplicationName), 00139 debugstr_w(lpCommandLine), dwCreationFlags, lpEnvironment, debugstr_w(lpCurrentDirectory), 00140 lpStartupInfo, lpProcessInformation); 00141 00142 return FALSE; 00143 } 00144 00145 /* 00146 * @implemented 00147 */ 00148 BOOL WINAPI 00149 LogonUserA(LPSTR lpszUsername, 00150 LPSTR lpszDomain, 00151 LPSTR lpszPassword, 00152 DWORD dwLogonType, 00153 DWORD dwLogonProvider, 00154 PHANDLE phToken) 00155 { 00156 UNICODE_STRING UserName; 00157 UNICODE_STRING Domain; 00158 UNICODE_STRING Password; 00159 NTSTATUS Status; 00160 BOOL ret = FALSE; 00161 00162 UserName.Buffer = NULL; 00163 Domain.Buffer = NULL; 00164 Password.Buffer = NULL; 00165 00166 Status = RtlCreateUnicodeStringFromAsciiz(&UserName, 00167 lpszUsername); 00168 if (!NT_SUCCESS(Status)) 00169 { 00170 SetLastError(RtlNtStatusToDosError(Status)); 00171 goto UsernameDone; 00172 } 00173 00174 Status = RtlCreateUnicodeStringFromAsciiz(&Domain, 00175 lpszDomain); 00176 if (!NT_SUCCESS(Status)) 00177 { 00178 SetLastError(RtlNtStatusToDosError(Status)); 00179 goto DomainDone; 00180 } 00181 00182 Status = RtlCreateUnicodeStringFromAsciiz(&Password, 00183 lpszPassword); 00184 if (!NT_SUCCESS(Status)) 00185 { 00186 SetLastError(RtlNtStatusToDosError(Status)); 00187 goto PasswordDone; 00188 } 00189 00190 ret = LogonUserW(UserName.Buffer, 00191 Domain.Buffer, 00192 Password.Buffer, 00193 dwLogonType, 00194 dwLogonProvider, 00195 phToken); 00196 00197 if (Password.Buffer != NULL) 00198 RtlFreeUnicodeString(&Password); 00199 00200 PasswordDone: 00201 if (Domain.Buffer != NULL) 00202 RtlFreeUnicodeString(&Domain); 00203 00204 DomainDone: 00205 if (UserName.Buffer != NULL) 00206 RtlFreeUnicodeString(&UserName); 00207 00208 UsernameDone: 00209 return ret; 00210 } 00211 00212 00213 static BOOL WINAPI 00214 SamGetUserSid(LPCWSTR UserName, 00215 PSID *Sid) 00216 { 00217 PSID lpSid; 00218 DWORD dwLength; 00219 HKEY hUsersKey; 00220 HKEY hUserKey; 00221 00222 if (Sid != NULL) 00223 *Sid = NULL; 00224 00225 /* Open the Users key */ 00226 if (RegOpenKeyExW(HKEY_LOCAL_MACHINE, 00227 L"SAM\\SAM\\Domains\\Account\\Users", 00228 0, 00229 KEY_READ, 00230 &hUsersKey)) 00231 { 00232 ERR("Failed to open Users key! (Error %lu)\n", GetLastError()); 00233 return FALSE; 00234 } 00235 00236 /* Open the user key */ 00237 if (RegOpenKeyExW(hUsersKey, 00238 UserName, 00239 0, 00240 KEY_READ, 00241 &hUserKey)) 00242 { 00243 if (GetLastError() == ERROR_FILE_NOT_FOUND) 00244 { 00245 ERR("Invalid user name!\n"); 00246 SetLastError(ERROR_NO_SUCH_USER); 00247 } 00248 else 00249 { 00250 ERR("Failed to open user key! (Error %lu)\n", GetLastError()); 00251 } 00252 00253 RegCloseKey(hUsersKey); 00254 return FALSE; 00255 } 00256 00257 RegCloseKey (hUsersKey); 00258 00259 /* Get SID size */ 00260 dwLength = 0; 00261 if (RegQueryValueExW(hUserKey, 00262 L"Sid", 00263 NULL, 00264 NULL, 00265 NULL, 00266 &dwLength)) 00267 { 00268 ERR("Failed to read the SID size! (Error %lu)\n", GetLastError()); 00269 RegCloseKey(hUserKey); 00270 return FALSE; 00271 } 00272 00273 /* Allocate sid buffer */ 00274 TRACE("Required SID buffer size: %lu\n", dwLength); 00275 lpSid = (PSID)RtlAllocateHeap(RtlGetProcessHeap(), 00276 0, 00277 dwLength); 00278 if (lpSid == NULL) 00279 { 00280 ERR("Failed to allocate SID buffer!\n"); 00281 RegCloseKey(hUserKey); 00282 return FALSE; 00283 } 00284 00285 /* Read sid */ 00286 if (RegQueryValueExW(hUserKey, 00287 L"Sid", 00288 NULL, 00289 NULL, 00290 (LPBYTE)lpSid, 00291 &dwLength)) 00292 { 00293 ERR("Failed to read the SID! (Error %lu)\n", GetLastError()); 00294 RtlFreeHeap(RtlGetProcessHeap(), 00295 0, 00296 lpSid); 00297 RegCloseKey(hUserKey); 00298 return FALSE; 00299 } 00300 00301 RegCloseKey(hUserKey); 00302 00303 *Sid = lpSid; 00304 00305 return TRUE; 00306 } 00307 00308 00309 static BOOL WINAPI 00310 GetDomainSid(PSID *Sid) 00311 { 00312 PPOLICY_ACCOUNT_DOMAIN_INFO Info = NULL; 00313 LSA_OBJECT_ATTRIBUTES ObjectAttributes; 00314 LSA_HANDLE PolicyHandle; 00315 PSID lpSid; 00316 ULONG Length; 00317 NTSTATUS Status; 00318 00319 *Sid = NULL; 00320 00321 memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES)); 00322 ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES); 00323 00324 Status = LsaOpenPolicy(NULL, 00325 &ObjectAttributes, 00326 POLICY_TRUST_ADMIN, 00327 &PolicyHandle); 00328 if (!NT_SUCCESS(Status)) 00329 { 00330 ERR("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status); 00331 return FALSE; 00332 } 00333 00334 Status = LsaQueryInformationPolicy(PolicyHandle, 00335 PolicyAccountDomainInformation, 00336 (PVOID *)&Info); 00337 if (!NT_SUCCESS(Status)) 00338 { 00339 ERR("LsaQueryInformationPolicy failed (Status: 0x%08lx)\n", Status); 00340 LsaClose(PolicyHandle); 00341 return FALSE; 00342 } 00343 00344 Length = RtlLengthSid(Info->DomainSid); 00345 00346 lpSid = RtlAllocateHeap(RtlGetProcessHeap(), 00347 0, 00348 Length); 00349 if (lpSid == NULL) 00350 { 00351 ERR("Failed to allocate SID buffer!\n"); 00352 LsaFreeMemory(Info); 00353 LsaClose(PolicyHandle); 00354 return FALSE; 00355 } 00356 00357 memcpy(lpSid, Info->DomainSid, Length); 00358 00359 *Sid = lpSid; 00360 00361 LsaFreeMemory(Info); 00362 LsaClose(PolicyHandle); 00363 00364 return TRUE; 00365 } 00366 00367 00368 static PSID 00369 AppendRidToSid(PSID SrcSid, 00370 ULONG Rid) 00371 { 00372 ULONG Rids[8] = {0, 0, 0, 0, 0, 0, 0, 0}; 00373 UCHAR RidCount; 00374 PSID DstSid; 00375 ULONG i; 00376 00377 RidCount = *RtlSubAuthorityCountSid(SrcSid); 00378 if (RidCount >= 8) 00379 return NULL; 00380 00381 for (i = 0; i < RidCount; i++) 00382 Rids[i] = *RtlSubAuthoritySid(SrcSid, i); 00383 00384 Rids[RidCount] = Rid; 00385 RidCount++; 00386 00387 RtlAllocateAndInitializeSid(RtlIdentifierAuthoritySid(SrcSid), 00388 RidCount, 00389 Rids[0], 00390 Rids[1], 00391 Rids[2], 00392 Rids[3], 00393 Rids[4], 00394 Rids[5], 00395 Rids[6], 00396 Rids[7], 00397 &DstSid); 00398 00399 return DstSid; 00400 } 00401 00402 00403 static PTOKEN_GROUPS 00404 AllocateGroupSids(OUT PSID *PrimaryGroupSid, 00405 OUT PSID *OwnerSid) 00406 { 00407 SID_IDENTIFIER_AUTHORITY WorldAuthority = {SECURITY_WORLD_SID_AUTHORITY}; 00408 SID_IDENTIFIER_AUTHORITY LocalAuthority = {SECURITY_LOCAL_SID_AUTHORITY}; 00409 SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY}; 00410 PTOKEN_GROUPS TokenGroups; 00411 #define MAX_GROUPS 8 00412 DWORD GroupCount = 0; 00413 PSID DomainSid; 00414 PSID Sid; 00415 LUID Luid; 00416 NTSTATUS Status; 00417 00418 Status = NtAllocateLocallyUniqueId(&Luid); 00419 if (!NT_SUCCESS(Status)) 00420 return NULL; 00421 00422 if (!GetDomainSid(&DomainSid)) 00423 return NULL; 00424 00425 TokenGroups = RtlAllocateHeap( 00426 GetProcessHeap(), 0, 00427 sizeof(TOKEN_GROUPS) + 00428 MAX_GROUPS * sizeof(SID_AND_ATTRIBUTES)); 00429 if (TokenGroups == NULL) 00430 { 00431 RtlFreeHeap(RtlGetProcessHeap(), 0, DomainSid); 00432 return NULL; 00433 } 00434 00435 Sid = AppendRidToSid(DomainSid, DOMAIN_GROUP_RID_USERS); 00436 RtlFreeHeap(RtlGetProcessHeap(), 0, DomainSid); 00437 00438 /* Member of the domain */ 00439 TokenGroups->Groups[GroupCount].Sid = Sid; 00440 TokenGroups->Groups[GroupCount].Attributes = 00441 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY; 00442 *PrimaryGroupSid = Sid; 00443 GroupCount++; 00444 00445 /* Member of 'Everyone' */ 00446 RtlAllocateAndInitializeSid(&WorldAuthority, 00447 1, 00448 SECURITY_WORLD_RID, 00449 SECURITY_NULL_RID, 00450 SECURITY_NULL_RID, 00451 SECURITY_NULL_RID, 00452 SECURITY_NULL_RID, 00453 SECURITY_NULL_RID, 00454 SECURITY_NULL_RID, 00455 SECURITY_NULL_RID, 00456 &Sid); 00457 TokenGroups->Groups[GroupCount].Sid = Sid; 00458 TokenGroups->Groups[GroupCount].Attributes = 00459 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY; 00460 GroupCount++; 00461 00462 #if 1 00463 /* Member of 'Administrators' */ 00464 RtlAllocateAndInitializeSid(&SystemAuthority, 00465 2, 00466 SECURITY_BUILTIN_DOMAIN_RID, 00467 DOMAIN_ALIAS_RID_ADMINS, 00468 SECURITY_NULL_RID, 00469 SECURITY_NULL_RID, 00470 SECURITY_NULL_RID, 00471 SECURITY_NULL_RID, 00472 SECURITY_NULL_RID, 00473 SECURITY_NULL_RID, 00474 &Sid); 00475 TokenGroups->Groups[GroupCount].Sid = Sid; 00476 TokenGroups->Groups[GroupCount].Attributes = 00477 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY; 00478 GroupCount++; 00479 #else 00480 TRACE("Not adding user to Administrators group\n"); 00481 #endif 00482 00483 /* Member of 'Users' */ 00484 RtlAllocateAndInitializeSid(&SystemAuthority, 00485 2, 00486 SECURITY_BUILTIN_DOMAIN_RID, 00487 DOMAIN_ALIAS_RID_USERS, 00488 SECURITY_NULL_RID, 00489 SECURITY_NULL_RID, 00490 SECURITY_NULL_RID, 00491 SECURITY_NULL_RID, 00492 SECURITY_NULL_RID, 00493 SECURITY_NULL_RID, 00494 &Sid); 00495 TokenGroups->Groups[GroupCount].Sid = Sid; 00496 TokenGroups->Groups[GroupCount].Attributes = 00497 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY; 00498 GroupCount++; 00499 00500 /* Logon SID */ 00501 RtlAllocateAndInitializeSid(&SystemAuthority, 00502 SECURITY_LOGON_IDS_RID_COUNT, 00503 SECURITY_LOGON_IDS_RID, 00504 Luid.HighPart, 00505 Luid.LowPart, 00506 SECURITY_NULL_RID, 00507 SECURITY_NULL_RID, 00508 SECURITY_NULL_RID, 00509 SECURITY_NULL_RID, 00510 SECURITY_NULL_RID, 00511 &Sid); 00512 TokenGroups->Groups[GroupCount].Sid = Sid; 00513 TokenGroups->Groups[GroupCount].Attributes = 00514 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY | SE_GROUP_LOGON_ID; 00515 GroupCount++; 00516 *OwnerSid = Sid; 00517 00518 /* Member of 'Local users */ 00519 RtlAllocateAndInitializeSid(&LocalAuthority, 00520 1, 00521 SECURITY_LOCAL_RID, 00522 SECURITY_NULL_RID, 00523 SECURITY_NULL_RID, 00524 SECURITY_NULL_RID, 00525 SECURITY_NULL_RID, 00526 SECURITY_NULL_RID, 00527 SECURITY_NULL_RID, 00528 SECURITY_NULL_RID, 00529 &Sid); 00530 TokenGroups->Groups[GroupCount].Sid = Sid; 00531 TokenGroups->Groups[GroupCount].Attributes = 00532 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY; 00533 GroupCount++; 00534 00535 /* Member of 'Interactive users' */ 00536 RtlAllocateAndInitializeSid(&SystemAuthority, 00537 1, 00538 SECURITY_INTERACTIVE_RID, 00539 SECURITY_NULL_RID, 00540 SECURITY_NULL_RID, 00541 SECURITY_NULL_RID, 00542 SECURITY_NULL_RID, 00543 SECURITY_NULL_RID, 00544 SECURITY_NULL_RID, 00545 SECURITY_NULL_RID, 00546 &Sid); 00547 TokenGroups->Groups[GroupCount].Sid = Sid; 00548 TokenGroups->Groups[GroupCount].Attributes = 00549 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY; 00550 GroupCount++; 00551 00552 /* Member of 'Authenticated users' */ 00553 RtlAllocateAndInitializeSid(&SystemAuthority, 00554 1, 00555 SECURITY_AUTHENTICATED_USER_RID, 00556 SECURITY_NULL_RID, 00557 SECURITY_NULL_RID, 00558 SECURITY_NULL_RID, 00559 SECURITY_NULL_RID, 00560 SECURITY_NULL_RID, 00561 SECURITY_NULL_RID, 00562 SECURITY_NULL_RID, 00563 &Sid); 00564 TokenGroups->Groups[GroupCount].Sid = Sid; 00565 TokenGroups->Groups[GroupCount].Attributes = 00566 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY; 00567 GroupCount++; 00568 00569 TokenGroups->GroupCount = GroupCount; 00570 ASSERT(TokenGroups->GroupCount <= MAX_GROUPS); 00571 00572 return TokenGroups; 00573 } 00574 00575 00576 static VOID 00577 FreeGroupSids(PTOKEN_GROUPS TokenGroups) 00578 { 00579 ULONG i; 00580 00581 for (i = 0; i < TokenGroups->GroupCount; i++) 00582 { 00583 if (TokenGroups->Groups[i].Sid != NULL) 00584 RtlFreeHeap(GetProcessHeap(), 0, TokenGroups->Groups[i].Sid); 00585 } 00586 00587 RtlFreeHeap(GetProcessHeap(), 0, TokenGroups); 00588 } 00589 00590 00591 /* 00592 * @unimplemented 00593 */ 00594 BOOL WINAPI 00595 LogonUserW(LPWSTR lpszUsername, 00596 LPWSTR lpszDomain, 00597 LPWSTR lpszPassword, 00598 DWORD dwLogonType, 00599 DWORD dwLogonProvider, 00600 PHANDLE phToken) 00601 { 00602 /* FIXME shouldn't use hard-coded list of privileges */ 00603 static struct 00604 { 00605 LPCWSTR PrivName; 00606 DWORD Attributes; 00607 } 00608 DefaultPrivs[] = 00609 { 00610 { L"SeMachineAccountPrivilege", 0 }, 00611 { L"SeSecurityPrivilege", 0 }, 00612 { L"SeTakeOwnershipPrivilege", 0 }, 00613 { L"SeLoadDriverPrivilege", 0 }, 00614 { L"SeSystemProfilePrivilege", 0 }, 00615 { L"SeSystemtimePrivilege", 0 }, 00616 { L"SeProfileSingleProcessPrivilege", 0 }, 00617 { L"SeIncreaseBasePriorityPrivilege", 0 }, 00618 { L"SeCreatePagefilePrivilege", 0 }, 00619 { L"SeBackupPrivilege", 0 }, 00620 { L"SeRestorePrivilege", 0 }, 00621 { L"SeShutdownPrivilege", 0 }, 00622 { L"SeDebugPrivilege", 0 }, 00623 { L"SeSystemEnvironmentPrivilege", 0 }, 00624 { L"SeChangeNotifyPrivilege", SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_ENABLED_BY_DEFAULT }, 00625 { L"SeRemoteShutdownPrivilege", 0 }, 00626 { L"SeUndockPrivilege", 0 }, 00627 { L"SeEnableDelegationPrivilege", 0 }, 00628 { L"SeImpersonatePrivilege", SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_ENABLED_BY_DEFAULT }, 00629 { L"SeCreateGlobalPrivilege", SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_ENABLED_BY_DEFAULT } 00630 }; 00631 OBJECT_ATTRIBUTES ObjectAttributes; 00632 SECURITY_QUALITY_OF_SERVICE Qos; 00633 TOKEN_USER TokenUser; 00634 TOKEN_OWNER TokenOwner; 00635 TOKEN_PRIMARY_GROUP TokenPrimaryGroup; 00636 PTOKEN_GROUPS TokenGroups; 00637 PTOKEN_PRIVILEGES TokenPrivileges; 00638 TOKEN_DEFAULT_DACL TokenDefaultDacl; 00639 LARGE_INTEGER ExpirationTime; 00640 LUID AuthenticationId; 00641 TOKEN_SOURCE TokenSource; 00642 PSID UserSid = NULL; 00643 PSID PrimaryGroupSid = NULL; 00644 PSID OwnerSid = NULL; 00645 PSID LocalSystemSid; 00646 PACL Dacl; 00647 NTSTATUS Status; 00648 SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY}; 00649 unsigned i; 00650 00651 Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE); 00652 Qos.ImpersonationLevel = SecurityAnonymous; 00653 Qos.ContextTrackingMode = SECURITY_STATIC_TRACKING; 00654 Qos.EffectiveOnly = FALSE; 00655 00656 ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES); 00657 ObjectAttributes.RootDirectory = NULL; 00658 ObjectAttributes.ObjectName = NULL; 00659 ObjectAttributes.Attributes = 0; 00660 ObjectAttributes.SecurityDescriptor = NULL; 00661 ObjectAttributes.SecurityQualityOfService = &Qos; 00662 00663 Status = NtAllocateLocallyUniqueId(&AuthenticationId); 00664 if (!NT_SUCCESS(Status)) 00665 { 00666 return FALSE; 00667 } 00668 00669 ExpirationTime.QuadPart = -1; 00670 00671 /* Get the user SID from the registry */ 00672 if (!SamGetUserSid (lpszUsername, &UserSid)) 00673 { 00674 ERR("SamGetUserSid() failed\n"); 00675 return FALSE; 00676 } 00677 00678 TokenUser.User.Sid = UserSid; 00679 TokenUser.User.Attributes = 0; 00680 00681 /* Allocate and initialize token groups */ 00682 TokenGroups = AllocateGroupSids(&PrimaryGroupSid, 00683 &OwnerSid); 00684 if (NULL == TokenGroups) 00685 { 00686 RtlFreeSid(UserSid); 00687 SetLastError(ERROR_OUTOFMEMORY); 00688 return FALSE; 00689 } 00690 00691 /* Allocate and initialize token privileges */ 00692 TokenPrivileges = RtlAllocateHeap(GetProcessHeap(), 0, 00693 sizeof(TOKEN_PRIVILEGES) 00694 + sizeof(DefaultPrivs) / sizeof(DefaultPrivs[0]) 00695 * sizeof(LUID_AND_ATTRIBUTES)); 00696 if (NULL == TokenPrivileges) 00697 { 00698 FreeGroupSids(TokenGroups); 00699 RtlFreeSid(UserSid); 00700 SetLastError(ERROR_OUTOFMEMORY); 00701 return FALSE; 00702 } 00703 00704 TokenPrivileges->PrivilegeCount = 0; 00705 for (i = 0; i < sizeof(DefaultPrivs) / sizeof(DefaultPrivs[0]); i++) 00706 { 00707 if (! LookupPrivilegeValueW(NULL, 00708 DefaultPrivs[i].PrivName, 00709 &TokenPrivileges->Privileges[TokenPrivileges->PrivilegeCount].Luid)) 00710 { 00711 WARN("Can't set privilege %S\n", DefaultPrivs[i].PrivName); 00712 } 00713 else 00714 { 00715 TokenPrivileges->Privileges[TokenPrivileges->PrivilegeCount].Attributes = DefaultPrivs[i].Attributes; 00716 TokenPrivileges->PrivilegeCount++; 00717 } 00718 } 00719 00720 TokenOwner.Owner = OwnerSid; 00721 TokenPrimaryGroup.PrimaryGroup = PrimaryGroupSid; 00722 00723 Dacl = RtlAllocateHeap(GetProcessHeap(), 0, 1024); 00724 if (Dacl == NULL) 00725 { 00726 FreeGroupSids(TokenGroups); 00727 RtlFreeSid(UserSid); 00728 SetLastError(ERROR_OUTOFMEMORY); 00729 return FALSE; 00730 } 00731 00732 Status = RtlCreateAcl(Dacl, 1024, ACL_REVISION); 00733 if (!NT_SUCCESS(Status)) 00734 { 00735 RtlFreeHeap(GetProcessHeap(), 0, Dacl); 00736 FreeGroupSids(TokenGroups); 00737 RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges); 00738 RtlFreeSid(UserSid); 00739 return FALSE; 00740 } 00741 00742 RtlAddAccessAllowedAce(Dacl, 00743 ACL_REVISION, 00744 GENERIC_ALL, 00745 OwnerSid); 00746 00747 RtlAllocateAndInitializeSid(&SystemAuthority, 00748 1, 00749 SECURITY_LOCAL_SYSTEM_RID, 00750 SECURITY_NULL_RID, 00751 SECURITY_NULL_RID, 00752 SECURITY_NULL_RID, 00753 SECURITY_NULL_RID, 00754 SECURITY_NULL_RID, 00755 SECURITY_NULL_RID, 00756 SECURITY_NULL_RID, 00757 &LocalSystemSid); 00758 00759 /* SID: S-1-5-18 */ 00760 RtlAddAccessAllowedAce(Dacl, 00761 ACL_REVISION, 00762 GENERIC_ALL, 00763 LocalSystemSid); 00764 00765 RtlFreeSid(LocalSystemSid); 00766 00767 TokenDefaultDacl.DefaultDacl = Dacl; 00768 00769 memcpy(TokenSource.SourceName, 00770 "User32 ", 00771 8); 00772 00773 Status = NtAllocateLocallyUniqueId(&TokenSource.SourceIdentifier); 00774 if (!NT_SUCCESS(Status)) 00775 { 00776 RtlFreeHeap(GetProcessHeap(), 0, Dacl); 00777 FreeGroupSids(TokenGroups); 00778 RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges); 00779 RtlFreeSid(UserSid); 00780 return FALSE; 00781 } 00782 00783 Status = NtCreateToken(phToken, 00784 TOKEN_ALL_ACCESS, 00785 &ObjectAttributes, 00786 TokenPrimary, 00787 &AuthenticationId, 00788 &ExpirationTime, 00789 &TokenUser, 00790 TokenGroups, 00791 TokenPrivileges, 00792 &TokenOwner, 00793 &TokenPrimaryGroup, 00794 &TokenDefaultDacl, 00795 &TokenSource); 00796 00797 RtlFreeHeap(GetProcessHeap(), 0, Dacl); 00798 FreeGroupSids(TokenGroups); 00799 RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges); 00800 RtlFreeSid(UserSid); 00801 00802 return NT_SUCCESS(Status); 00803 } 00804 00805 /* EOF */
Generated on Mon May 28 2012 04:17:29 for ReactOS by
1.7.6.1
