ReactOS  0.4.15-dev-2721-g5912c11
Functions | Variables
database.c File Reference
#include "lsasrv.h"
#include <pseh/pseh2.h>
Include dependency graph for database.c:

Go to the source code of this file.

Functions

static NTSTATUS LsapOpenServiceKey (VOID)
 
static BOOLEAN LsapIsDatabaseInstalled (VOID)
 
static NTSTATUS LsapCreateDatabaseKeys (VOID)
 
static NTSTATUS LsapCreateRandomDomainSid (OUT PSID *Sid)
 
static NTSTATUS LsapCreateDatabaseObjects (VOID)
 
static NTSTATUS LsapUpdateDatabase (VOID)
 
static NTSTATUS LsapGetDomainInfo (VOID)
 
NTSTATUS LsapInitDatabase (VOID)
 
NTSTATUS LsapCreateDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapOpenDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapValidateDbObject (LSAPR_HANDLE Handle, LSA_DB_OBJECT_TYPE ObjectType, ACCESS_MASK DesiredAccess, PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapCloseDbObject (PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapDeleteDbObject (IN PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapSetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
 
NTSTATUS LsapGetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
 
NTSTATUS LsapDeleteObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
 

Variables

static HANDLE SecurityKeyHandle = NULL
 
SID_IDENTIFIER_AUTHORITY NullSidAuthority = {SECURITY_NULL_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY WorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY LocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY}
 
PSID BuiltinDomainSid = NULL
 
PSID AccountDomainSid = NULL
 
UNICODE_STRING BuiltinDomainName = {0, 0, NULL}
 
UNICODE_STRING AccountDomainName = {0, 0, NULL}
 

Function Documentation

◆ LsapCloseDbObject()

NTSTATUS LsapCloseDbObject ( PLSA_DB_OBJECT  DbObject)

Definition at line 870 of file database.c.

871 {
872  PLSA_DB_OBJECT ParentObject = NULL;
873  NTSTATUS Status = STATUS_SUCCESS;
874 
875  DbObject->RefCount--;
876 
877  if (DbObject->RefCount > 0)
878  return STATUS_SUCCESS;
879 
880  if (DbObject->KeyHandle != NULL)
881  NtClose(DbObject->KeyHandle);
882 
883  if (DbObject->ParentObject != NULL)
884  ParentObject = DbObject->ParentObject;
885 
886  RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
887 
888  if (ParentObject != NULL)
889  {
890  ParentObject->RefCount--;
891 
892  if (ParentObject->RefCount == 0)
893  Status = LsapCloseDbObject(ParentObject);
894  }
895 
896  return Status;
897 }
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_LSA_DB_OBJECT::ParentObject
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:64
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
LsapCloseDbObject
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:870
_LSA_DB_OBJECT::KeyHandle
HANDLE KeyHandle
Definition: lsasrv.h:62
Status
Status
Definition: gdiplustypes.h:24
_LSA_DB_OBJECT::RefCount
ULONG RefCount
Definition: lsasrv.h:60
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
_LSA_DB_OBJECT
Definition: lsasrv.h:56
NULL
#define NULL
Definition: types.h:112
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapCreateDatabaseObjects(), LsapDeleteDbObject(), LsapGetDomainInfo(), LsarAddAccountRights(), LsarClose(), LsarCreateSecret(), LsarOpenSecret(), LsarRemoveAccountRights(), LsarRetrievePrivateData(), and LsarStorePrivateData().

◆ LsapCreateDatabaseKeys()

static NTSTATUS LsapCreateDatabaseKeys ( VOID  )
static

Definition at line 87 of file database.c.

88 {
89  OBJECT_ATTRIBUTES ObjectAttributes;
90  UNICODE_STRING KeyName;
91  HANDLE PolicyKeyHandle = NULL;
92  HANDLE AccountsKeyHandle = NULL;
93  HANDLE DomainsKeyHandle = NULL;
94  HANDLE SecretsKeyHandle = NULL;
95  NTSTATUS Status = STATUS_SUCCESS;
96 
97  TRACE("LsapInstallDatabase()\n");
98 
99  /* Create the 'Policy' key */
100  RtlInitUnicodeString(&KeyName,
101  L"Policy");
102 
103  InitializeObjectAttributes(&ObjectAttributes,
104  &KeyName,
105  OBJ_CASE_INSENSITIVE,
106  SecurityKeyHandle,
107  NULL);
108 
109  Status = NtCreateKey(&PolicyKeyHandle,
110  KEY_ALL_ACCESS,
111  &ObjectAttributes,
112  0,
113  NULL,
114  0,
115  NULL);
116  if (!NT_SUCCESS(Status))
117  {
118  ERR("Failed to create the 'Policy' key (Status: 0x%08lx)\n", Status);
119  goto Done;
120  }
121 
122  /* Create the 'Accounts' key */
123  RtlInitUnicodeString(&KeyName,
124  L"Accounts");
125 
126  InitializeObjectAttributes(&ObjectAttributes,
127  &KeyName,
128  OBJ_CASE_INSENSITIVE,
129  PolicyKeyHandle,
130  NULL);
131 
132  Status = NtCreateKey(&AccountsKeyHandle,
133  KEY_ALL_ACCESS,
134  &ObjectAttributes,
135  0,
136  NULL,
137  0,
138  NULL);
139  if (!NT_SUCCESS(Status))
140  {
141  ERR("Failed to create the 'Accounts' key (Status: 0x%08lx)\n", Status);
142  goto Done;
143  }
144 
145  /* Create the 'Domains' key */
146  RtlInitUnicodeString(&KeyName,
147  L"Domains");
148 
149  InitializeObjectAttributes(&ObjectAttributes,
150  &KeyName,
151  OBJ_CASE_INSENSITIVE,
152  PolicyKeyHandle,
153  NULL);
154 
155  Status = NtCreateKey(&DomainsKeyHandle,
156  KEY_ALL_ACCESS,
157  &ObjectAttributes,
158  0,
159  NULL,
160  0,
161  NULL);
162  if (!NT_SUCCESS(Status))
163  {
164  ERR("Failed to create the 'Domains' key (Status: 0x%08lx)\n", Status);
165  goto Done;
166  }
167 
168  /* Create the 'Secrets' key */
169  RtlInitUnicodeString(&KeyName,
170  L"Secrets");
171 
172  InitializeObjectAttributes(&ObjectAttributes,
173  &KeyName,
174  OBJ_CASE_INSENSITIVE,
175  PolicyKeyHandle,
176  NULL);
177 
178  Status = NtCreateKey(&SecretsKeyHandle,
179  KEY_ALL_ACCESS,
180  &ObjectAttributes,
181  0,
182  NULL,
183  0,
184  NULL);
185  if (!NT_SUCCESS(Status))
186  {
187  ERR("Failed to create the 'Secrets' key (Status: 0x%08lx)\n", Status);
188  goto Done;
189  }
190 
191 Done:
192  if (SecretsKeyHandle != NULL)
193  NtClose(SecretsKeyHandle);
194 
195  if (DomainsKeyHandle != NULL)
196  NtClose(DomainsKeyHandle);
197 
198  if (AccountsKeyHandle != NULL)
199  NtClose(AccountsKeyHandle);
200 
201  if (PolicyKeyHandle != NULL)
202  NtClose(PolicyKeyHandle);
203 
204  TRACE("LsapInstallDatabase() done (Status: 0x%08lx)\n", Status);
205 
206  return Status;
207 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
NtCreateKey
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
Status
Status
Definition: gdiplustypes.h:24
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
L
static const WCHAR L[]
Definition: oid.c:1250
SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:15
ERR
#define ERR(fmt,...)
Definition: debug.h:110
_UNICODE_STRING
Definition: env_spec_w32.h:368
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
NULL
#define NULL
Definition: types.h:112
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapInitDatabase().

◆ LsapCreateDatabaseObjects()

static NTSTATUS LsapCreateDatabaseObjects ( VOID  )
static

Definition at line 234 of file database.c.

235 {
236  PLSAP_POLICY_AUDIT_EVENTS_DATA AuditEventsInfo = NULL;
237  POLICY_DEFAULT_QUOTA_INFO QuotaInfo;
238  POLICY_MODIFICATION_INFO ModificationInfo;
239  POLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = {FALSE, FALSE};
240  POLICY_AUDIT_LOG_INFO AuditLogInfo;
241  GUID DnsDomainGuid;
242  PLSA_DB_OBJECT PolicyObject = NULL;
243  PSID AccountDomainSid = NULL;
244  PSECURITY_DESCRIPTOR PolicySd = NULL;
245  ULONG PolicySdSize = 0;
246  ULONG i;
247  NTSTATUS Status;
248 
249  /* Initialize the default quota limits */
250  QuotaInfo.QuotaLimits.PagedPoolLimit = 0x2000000;
251  QuotaInfo.QuotaLimits.NonPagedPoolLimit = 0x100000;
252  QuotaInfo.QuotaLimits.MinimumWorkingSetSize = 0x10000;
253  QuotaInfo.QuotaLimits.MaximumWorkingSetSize = 0xF000000;
254  QuotaInfo.QuotaLimits.PagefileLimit = 0;
255  QuotaInfo.QuotaLimits.TimeLimit.QuadPart = 0;
256 
257  /* Initialize the audit log attribute */
258  AuditLogInfo.AuditLogPercentFull = 0;
259  AuditLogInfo.MaximumLogSize = 0; // DWORD
260  AuditLogInfo.AuditRetentionPeriod.QuadPart = 0; // LARGE_INTEGER
261  AuditLogInfo.AuditLogFullShutdownInProgress = 0; // BYTE
262  AuditLogInfo.TimeToShutdown.QuadPart = 0; // LARGE_INTEGER
263  AuditLogInfo.NextAuditRecordId = 0; // DWORD
264 
265  /* Initialize the Audit Events attribute */
266  AuditEventsInfo = RtlAllocateHeap(RtlGetProcessHeap(),
267  HEAP_ZERO_MEMORY,
268  sizeof(LSAP_POLICY_AUDIT_EVENTS_DATA));
269  if (AuditEventsInfo == NULL)
270  return STATUS_INSUFFICIENT_RESOURCES;
271 
272  AuditEventsInfo->AuditingMode = FALSE;
273  AuditEventsInfo->MaximumAuditEventCount = POLICY_AUDIT_EVENT_TYPE_COUNT;
274  for (i = 0; i < POLICY_AUDIT_EVENT_TYPE_COUNT; i++)
275  AuditEventsInfo->AuditEvents[i] = 0;
276 
277  /* Initialize the DNS Domain GUID attribute */
278  RtlZeroMemory(&DnsDomainGuid, sizeof(DnsDomainGuid));
279 
280  /* Initialize the modification attribute */
281  ModificationInfo.ModifiedId.QuadPart = 0;
282  NtQuerySystemTime(&ModificationInfo.DatabaseCreationTime);
283 
284  /* Create a random domain SID */
285  Status = LsapCreateRandomDomainSid(&AccountDomainSid);
286  if (!NT_SUCCESS(Status))
287  goto done;
288 
289  Status = LsapCreatePolicySd(&PolicySd, &PolicySdSize);
290  if (!NT_SUCCESS(Status))
291  goto done;
292 
293  /* Open the 'Policy' object */
294  Status = LsapOpenDbObject(NULL,
295  NULL,
296  L"Policy",
297  LsaDbPolicyObject,
298  0,
299  TRUE,
300  &PolicyObject);
301  if (!NT_SUCCESS(Status))
302  goto done;
303 
304  /* Set the Primary Domain Name attribute */
305  LsapSetObjectAttribute(PolicyObject,
306  L"PolPrDmN",
307  NULL,
308  0);
309 
310  /* Set the Primary Domain SID attribute */
311  LsapSetObjectAttribute(PolicyObject,
312  L"PolPrDmS",
313  NULL,
314  0);
315 
316  /* Set the Account Domain Name attribute */
317  LsapSetObjectAttribute(PolicyObject,
318  L"PolAcDmN",
319  NULL,
320  0);
321 
322  /* Set the Account Domain SID attribute */
323  LsapSetObjectAttribute(PolicyObject,
324  L"PolAcDmS",
325  AccountDomainSid,
326  RtlLengthSid(AccountDomainSid));
327 
328  /* Set the default quota limits attribute */
329  LsapSetObjectAttribute(PolicyObject,
330  L"DefQuota",
331  &QuotaInfo,
332  sizeof(QuotaInfo));
333 
334  /* Set the modification attribute */
335  LsapSetObjectAttribute(PolicyObject,
336  L"PolMod",
337  &ModificationInfo,
338  sizeof(ModificationInfo));
339 
340  /* Set the audit full attribute */
341  LsapSetObjectAttribute(PolicyObject,
342  L"PolAdtFl",
343  &AuditFullInfo,
344  sizeof(AuditFullInfo));
345 
346  /* Set the audit log attribute */
347  LsapSetObjectAttribute(PolicyObject,
348  L"PolAdtLg",
349  &AuditLogInfo,
350  sizeof(AuditLogInfo));
351 
352  /* Set the audit events attribute */
353  LsapSetObjectAttribute(PolicyObject,
354  L"PolAdtEv",
355  AuditEventsInfo,
356  sizeof(*AuditEventsInfo));
357 
358  /* Set the DNS Domain Name attribute */
359  LsapSetObjectAttribute(PolicyObject,
360  L"PolDnDDN",
361  NULL,
362  0);
363 
364  /* Set the DNS Forest Name attribute */
365  LsapSetObjectAttribute(PolicyObject,
366  L"PolDnTrN",
367  NULL,
368  0);
369 
370  /* Set the DNS Domain GUID attribute */
371  LsapSetObjectAttribute(PolicyObject,
372  L"PolDnDmG",
373  &DnsDomainGuid,
374  sizeof(DnsDomainGuid));
375 
376  /* Set the Security Descriptor */
377  LsapSetObjectAttribute(PolicyObject,
378  L"SecDesc",
379  PolicySd,
380  PolicySdSize);
381 
382 done:
383  if (AuditEventsInfo != NULL)
384  RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo);
385 
386  if (PolicyObject != NULL)
387  LsapCloseDbObject(PolicyObject);
388 
389  if (AccountDomainSid != NULL)
390  RtlFreeSid(AccountDomainSid);
391 
392  if (PolicySd != NULL)
393  RtlFreeHeap(RtlGetProcessHeap(), 0, PolicySd);
394 
395  return Status;
396 }
_QUOTA_LIMITS::TimeLimit
LARGE_INTEGER TimeLimit
Definition: lsa.idl:292
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
LsapOpenDbObject
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:712
_QUOTA_LIMITS::NonPagedPoolLimit
INT64 NonPagedPoolLimit
Definition: lsa.idl:288
LsapSetObjectAttribute
NTSTATUS LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
Definition: database.c:961
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_POLICY_AUDIT_LOG_INFO::MaximumLogSize
ULONG MaximumLogSize
Definition: ntsecapi.h:554
_QUOTA_LIMITS::PagefileLimit
INT64 PagefileLimit
Definition: lsa.idl:291
_SID
Definition: ms-dtyp.idl:198
TRUE
#define TRUE
Definition: types.h:120
_POLICY_AUDIT_LOG_INFO::NextAuditRecordId
ULONG NextAuditRecordId
Definition: ntsecapi.h:558
RtlFreeSid
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
LsapCreateRandomDomainSid
static NTSTATUS LsapCreateRandomDomainSid(OUT PSID *Sid)
Definition: database.c:211
_LSAP_POLICY_AUDIT_EVENTS_DATA::AuditEvents
DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT]
Definition: lsasrv.h:73
_POLICY_AUDIT_FULL_QUERY_INFO
Definition: ntsecapi.h:600
_LSAP_POLICY_AUDIT_EVENTS_DATA::MaximumAuditEventCount
DWORD MaximumAuditEventCount
Definition: lsasrv.h:74
_POLICY_DEFAULT_QUOTA_INFO
Definition: ntsecapi.h:590
LsapCloseDbObject
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:870
_POLICY_DEFAULT_QUOTA_INFO::QuotaLimits
QUOTA_LIMITS QuotaLimits
Definition: ntsecapi.h:591
FALSE
#define FALSE
Definition: types.h:117
LsapCreatePolicySd
NTSTATUS LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
Definition: security.c:14
_QUOTA_LIMITS::PagedPoolLimit
INT64 PagedPoolLimit
Definition: lsa.idl:287
_LSAP_POLICY_AUDIT_EVENTS_DATA::AuditingMode
BOOLEAN AuditingMode
Definition: lsasrv.h:72
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_POLICY_AUDIT_LOG_INFO::TimeToShutdown
LARGE_INTEGER TimeToShutdown
Definition: ntsecapi.h:557
_POLICY_AUDIT_LOG_INFO::AuditLogFullShutdownInProgress
BOOLEAN AuditLogFullShutdownInProgress
Definition: ntsecapi.h:556
L
static const WCHAR L[]
Definition: oid.c:1250
_POLICY_MODIFICATION_INFO::ModifiedId
LARGE_INTEGER ModifiedId
Definition: ntsecapi.h:594
_QUOTA_LIMITS::MinimumWorkingSetSize
INT64 MinimumWorkingSetSize
Definition: lsa.idl:289
_POLICY_AUDIT_LOG_INFO::AuditRetentionPeriod
LARGE_INTEGER AuditRetentionPeriod
Definition: ntsecapi.h:555
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_LSA_DB_OBJECT
Definition: lsasrv.h:56
NULL
#define NULL
Definition: types.h:112
_POLICY_AUDIT_LOG_INFO
Definition: ntsecapi.h:552
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
_QUOTA_LIMITS::MaximumWorkingSetSize
INT64 MaximumWorkingSetSize
Definition: lsa.idl:290
_POLICY_MODIFICATION_INFO::DatabaseCreationTime
LARGE_INTEGER DatabaseCreationTime
Definition: ntsecapi.h:595
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
NtQuerySystemTime
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:472
AccountDomainSid
PSID AccountDomainSid
Definition: database.c:24
_POLICY_MODIFICATION_INFO
Definition: ntsecapi.h:593
_POLICY_AUDIT_LOG_INFO::AuditLogPercentFull
ULONG AuditLogPercentFull
Definition: ntsecapi.h:553
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114
_LSAP_POLICY_AUDIT_EVENTS_DATA
Definition: lsasrv.h:70
POLICY_AUDIT_EVENT_TYPE_COUNT
#define POLICY_AUDIT_EVENT_TYPE_COUNT
Definition: lsasrv.h:69

Referenced by LsapInitDatabase().

◆ LsapCreateDbObject()

NTSTATUS LsapCreateDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  ObjectType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 592 of file database.c.

599 {
600  PLSA_DB_OBJECT NewObject;
601  OBJECT_ATTRIBUTES ObjectAttributes;
602  UNICODE_STRING KeyName;
603  HANDLE ParentKeyHandle;
604  HANDLE ContainerKeyHandle = NULL;
605  HANDLE ObjectKeyHandle = NULL;
606  NTSTATUS Status;
607 
608  if (DbObject == NULL)
609  return STATUS_INVALID_PARAMETER;
610 
611  if (ParentObject == NULL)
612  ParentKeyHandle = SecurityKeyHandle;
613  else
614  ParentKeyHandle = ParentObject->KeyHandle;
615 
616  if (ContainerName != NULL)
617  {
618  /* Open the container key */
619  RtlInitUnicodeString(&KeyName,
620  ContainerName);
621 
622  InitializeObjectAttributes(&ObjectAttributes,
623  &KeyName,
624  OBJ_CASE_INSENSITIVE,
625  ParentKeyHandle,
626  NULL);
627 
628  Status = NtOpenKey(&ContainerKeyHandle,
629  KEY_ALL_ACCESS,
630  &ObjectAttributes);
631  if (!NT_SUCCESS(Status))
632  {
633  return Status;
634  }
635 
636  /* Open the object key */
637  RtlInitUnicodeString(&KeyName,
638  ObjectName);
639 
640  InitializeObjectAttributes(&ObjectAttributes,
641  &KeyName,
642  OBJ_CASE_INSENSITIVE,
643  ContainerKeyHandle,
644  NULL);
645 
646  Status = NtCreateKey(&ObjectKeyHandle,
647  KEY_ALL_ACCESS,
648  &ObjectAttributes,
649  0,
650  NULL,
651  0,
652  NULL);
653 
654  NtClose(ContainerKeyHandle);
655 
656  if (!NT_SUCCESS(Status))
657  {
658  return Status;
659  }
660  }
661  else
662  {
663  RtlInitUnicodeString(&KeyName,
664  ObjectName);
665 
666  InitializeObjectAttributes(&ObjectAttributes,
667  &KeyName,
668  OBJ_CASE_INSENSITIVE,
669  ParentKeyHandle,
670  NULL);
671 
672  Status = NtCreateKey(&ObjectKeyHandle,
673  KEY_ALL_ACCESS,
674  &ObjectAttributes,
675  0,
676  NULL,
677  0,
678  NULL);
679  if (!NT_SUCCESS(Status))
680  {
681  return Status;
682  }
683  }
684 
685  NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
686  0,
687  sizeof(LSA_DB_OBJECT));
688  if (NewObject == NULL)
689  {
690  NtClose(ObjectKeyHandle);
691  return STATUS_NO_MEMORY;
692  }
693 
694  NewObject->Signature = LSAP_DB_SIGNATURE;
695  NewObject->RefCount = 1;
696  NewObject->ObjectType = ObjectType;
697  NewObject->Access = DesiredAccess;
698  NewObject->KeyHandle = ObjectKeyHandle;
699  NewObject->ParentObject = ParentObject;
700  NewObject->Trusted = Trusted;
701 
702  if (ParentObject != NULL)
703  ParentObject->RefCount++;
704 
705  *DbObject = NewObject;
706 
707  return STATUS_SUCCESS;
708 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
ObjectType
ObjectType
Definition: metafile.c:80
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
NtCreateKey
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:15
LSAP_DB_SIGNATURE
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:67
_UNICODE_STRING
Definition: env_spec_w32.h:368
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
_LSA_DB_OBJECT
Definition: lsasrv.h:56
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
NULL
#define NULL
Definition: types.h:112
NtOpenKey
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
NewObject
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:71

Referenced by LsarCreateSecret(), LsarpCreateAccount(), and LsarStorePrivateData().

◆ LsapCreateRandomDomainSid()

static NTSTATUS LsapCreateRandomDomainSid ( OUT PSID Sid)
static

Definition at line 211 of file database.c.

212 {
213  LARGE_INTEGER SystemTime;
214  PULONG Seed;
215 
216  NtQuerySystemTime(&SystemTime);
217  Seed = &SystemTime.u.LowPart;
218 
219  return RtlAllocateAndInitializeSid(&NtAuthority,
220  4,
221  SECURITY_NT_NON_UNIQUE,
222  RtlUniform(Seed),
223  RtlUniform(Seed),
224  RtlUniform(Seed),
225  SECURITY_NULL_RID,
226  SECURITY_NULL_RID,
227  SECURITY_NULL_RID,
228  SECURITY_NULL_RID,
229  Sid);
230 }
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
RtlUniform
NTSYSAPI ULONG NTAPI RtlUniform(_In_ PULONG Seed)
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:512
_LARGE_INTEGER::u
struct _LARGE_INTEGER::@2276 u
PULONG
unsigned int * PULONG
Definition: retypes.h:1
_LARGE_INTEGER
Definition: typedefs.h:102
NtQuerySystemTime
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:472
SECURITY_NT_NON_UNIQUE
#define SECURITY_NT_NON_UNIQUE
Definition: setypes.h:549
NtAuthority
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:21

Referenced by LsapCreateDatabaseObjects().

◆ LsapDeleteDbObject()

NTSTATUS LsapDeleteDbObject ( IN PLSA_DB_OBJECT  DbObject)

Definition at line 901 of file database.c.

902 {
903  PLSA_DB_OBJECT ParentObject = NULL;
904  WCHAR KeyName[64];
905  ULONG Index;
906  NTSTATUS Status = STATUS_SUCCESS;
907 
908  DbObject->RefCount--;
909 
910  if (DbObject->RefCount > 0)
911  return STATUS_SUCCESS;
912 
913  if (DbObject->KeyHandle != NULL)
914  {
915  Index = 0;
916 
917  while (TRUE)
918  {
919  Status = LsapRegEnumerateSubKey(DbObject->KeyHandle,
920  Index,
921  sizeof(KeyName),
922  KeyName);
923  if (!NT_SUCCESS(Status))
924  break;
925 
926  TRACE("Index: %lu\n", Index);
927  TRACE("Key name: %S\n", KeyName);
928 
929  Status = LsapRegDeleteSubKey(DbObject->KeyHandle,
930  KeyName);
931  if (!NT_SUCCESS(Status))
932  break;
933  }
934 
935  if (Status == STATUS_NO_MORE_ENTRIES)
936  Status = STATUS_SUCCESS;
937 
938  LsapRegDeleteKey(DbObject->KeyHandle);
939 
940  NtClose(DbObject->KeyHandle);
941  }
942 
943  if (DbObject->ParentObject != NULL)
944  ParentObject = DbObject->ParentObject;
945 
946  RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
947 
948  if (ParentObject != NULL)
949  {
950  ParentObject->RefCount--;
951 
952  if (ParentObject->RefCount == 0)
953  Status = LsapCloseDbObject(ParentObject);
954  }
955 
956  return Status;
957 }
LsapRegDeleteSubKey
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
STATUS_NO_MORE_ENTRIES
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:205
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_LSA_DB_OBJECT::ParentObject
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:64
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
LsapRegDeleteKey
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
Definition: registry.c:89
LsapCloseDbObject
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:870
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
Status
Status
Definition: gdiplustypes.h:24
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:179
_LSA_DB_OBJECT::RefCount
ULONG RefCount
Definition: lsasrv.h:60
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
_LSA_DB_OBJECT
Definition: lsasrv.h:56
NULL
#define NULL
Definition: types.h:112
ULONG
unsigned int ULONG
Definition: retypes.h:1
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
LsapRegEnumerateSubKey
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
Definition: registry.c:96

Referenced by LsarDeleteObject(), and LsarStorePrivateData().

◆ LsapDeleteObjectAttribute()

NTSTATUS LsapDeleteObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName 
)

Definition at line 1082 of file database.c.

1084 {
1085  return LsapRegDeleteSubKey(DbObject->KeyHandle,
1086  AttributeName);
1087 }
LsapRegDeleteSubKey
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
_LSA_DB_OBJECT::KeyHandle
HANDLE KeyHandle
Definition: lsasrv.h:62

Referenced by LsarRemovePrivilegesFromAccount().

◆ LsapGetDomainInfo()

static NTSTATUS LsapGetDomainInfo ( VOID  )
static

Definition at line 407 of file database.c.

408 {
409  PLSA_DB_OBJECT PolicyObject = NULL;
410  PUNICODE_STRING DomainName = NULL;
411  ULONG AttributeSize;
412  LPWSTR SidString = NULL;
413  NTSTATUS Status;
414 
415  /* Get the built-in domain SID and name */
416  Status = RtlAllocateAndInitializeSid(&NtAuthority,
417  1,
418  SECURITY_BUILTIN_DOMAIN_RID,
419  0, 0, 0, 0, 0, 0, 0,
420  &BuiltinDomainSid);
421  if (!NT_SUCCESS(Status))
422  return Status;
423 
424 
425  RtlInitUnicodeString(&BuiltinDomainName,
426  L"BUILTIN");
427 
428  /* Open the 'Policy' object */
429  Status = LsapOpenDbObject(NULL,
430  NULL,
431  L"Policy",
432  LsaDbPolicyObject,
433  0,
434  TRUE,
435  &PolicyObject);
436  if (!NT_SUCCESS(Status))
437  goto done;
438 
439  /* Get the account domain SID */
440  AttributeSize = 0;
441  Status = LsapGetObjectAttribute(PolicyObject,
442  L"PolAcDmS",
443  NULL,
444  &AttributeSize);
445  if (!NT_SUCCESS(Status))
446  goto done;
447 
448  if (AttributeSize > 0)
449  {
450  AccountDomainSid = RtlAllocateHeap(RtlGetProcessHeap(),
451  HEAP_ZERO_MEMORY,
452  AttributeSize);
453  if (AccountDomainSid == NULL)
454  {
455  Status = STATUS_INSUFFICIENT_RESOURCES;
456  goto done;
457  }
458 
459  Status = LsapGetObjectAttribute(PolicyObject,
460  L"PolAcDmS",
461  AccountDomainSid,
462  &AttributeSize);
463  if (!NT_SUCCESS(Status))
464  goto done;
465  }
466 
467  /* Get the account domain name */
468  AttributeSize = 0;
469  Status = LsapGetObjectAttribute(PolicyObject,
470  L"PolAcDmN",
471  NULL,
472  &AttributeSize);
473  if (!NT_SUCCESS(Status))
474  goto done;
475 
476  if (AttributeSize > 0)
477  {
478  DomainName = RtlAllocateHeap(RtlGetProcessHeap(),
479  HEAP_ZERO_MEMORY,
480  AttributeSize);
481  if (DomainName == NULL)
482  {
483  Status = STATUS_INSUFFICIENT_RESOURCES;
484  goto done;
485  }
486 
487  Status = LsapGetObjectAttribute(PolicyObject,
488  L"PolAcDmN",
489  DomainName,
490  &AttributeSize);
491  if (!NT_SUCCESS(Status))
492  goto done;
493 
494  DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
495 
496  AccountDomainName.Length = DomainName->Length;
497  AccountDomainName.MaximumLength = DomainName->Length + sizeof(WCHAR);
498  AccountDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
499  HEAP_ZERO_MEMORY,
500  AccountDomainName.MaximumLength);
501  if (AccountDomainName.Buffer == NULL)
502  {
503  ERR("Failed to allocate the account domain name buffer\n");
504  Status = STATUS_INSUFFICIENT_RESOURCES;
505  goto done;
506  }
507 
508  RtlCopyMemory(AccountDomainName.Buffer,
509  DomainName->Buffer,
510  DomainName->Length);
511  }
512 
513  ConvertSidToStringSidW(BuiltinDomainSid, &SidString);
514  TRACE("Builtin Domain SID: %S\n", SidString);
515  LocalFree(SidString);
516  SidString = NULL;
517 
518  TRACE("Builtin Domain Name: %wZ\n", &BuiltinDomainName);
519 
520  ConvertSidToStringSidW(AccountDomainSid, &SidString);
521  TRACE("Account Domain SID: %S\n", SidString);
522  LocalFree(SidString);
523  SidString = NULL;
524 
525  TRACE("Account Domain Name: %wZ\n", &AccountDomainName);
526 
527 done:
528  if (DomainName != NULL)
529  RtlFreeHeap(RtlGetProcessHeap(), 0, DomainName);
530 
531  if (PolicyObject != NULL)
532  LsapCloseDbObject(PolicyObject);
533 
534  return Status;
535 }
LsapOpenDbObject
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:712
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
ConvertSidToStringSidW
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3259
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
AccountDomainName
UNICODE_STRING AccountDomainName
Definition: database.c:26
LsapCloseDbObject
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:870
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
BuiltinDomainSid
PSID BuiltinDomainSid
Definition: database.c:23
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Status
Definition: gdiplustypes.h:24
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
BuiltinDomainName
UNICODE_STRING BuiltinDomainName
Definition: database.c:25
L
static const WCHAR L[]
Definition: oid.c:1250
ERR
#define ERR(fmt,...)
Definition: debug.h:110
_UNICODE_STRING
Definition: env_spec_w32.h:368
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
_LSA_DB_OBJECT
Definition: lsasrv.h:56
NULL
#define NULL
Definition: types.h:112
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
AccountDomainSid
PSID AccountDomainSid
Definition: database.c:24
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184
LsapGetObjectAttribute
NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
Definition: database.c:1012
NtAuthority
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:21

Referenced by LsapInitDatabase().

◆ LsapGetObjectAttribute()

NTSTATUS LsapGetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
PULONG  AttributeSize 
)

Definition at line 1012 of file database.c.

1016 {
1017  OBJECT_ATTRIBUTES ObjectAttributes;
1018  UNICODE_STRING KeyName;
1019  HANDLE AttributeKey;
1020  ULONG ValueSize;
1021  NTSTATUS Status;
1022 
1023  RtlInitUnicodeString(&KeyName,
1024  AttributeName);
1025 
1026  InitializeObjectAttributes(&ObjectAttributes,
1027  &KeyName,
1028  OBJ_CASE_INSENSITIVE,
1029  DbObject->KeyHandle,
1030  NULL);
1031 
1032  Status = NtOpenKey(&AttributeKey,
1033  KEY_QUERY_VALUE,
1034  &ObjectAttributes);
1035  if (!NT_SUCCESS(Status))
1036  {
1037  return Status;
1038  }
1039 
1040  ValueSize = *AttributeSize;
1041  Status = RtlpNtQueryValueKey(AttributeKey,
1042  NULL,
1043  NULL,
1044  &ValueSize,
1045  0);
1046  if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW)
1047  {
1048  goto Done;
1049  }
1050 
1051  if (AttributeData == NULL || *AttributeSize == 0)
1052  {
1053  *AttributeSize = ValueSize;
1054  Status = STATUS_SUCCESS;
1055  goto Done;
1056  }
1057  else if (*AttributeSize < ValueSize)
1058  {
1059  *AttributeSize = ValueSize;
1060  Status = STATUS_BUFFER_OVERFLOW;
1061  goto Done;
1062  }
1063 
1064  Status = RtlpNtQueryValueKey(AttributeKey,
1065  NULL,
1066  AttributeData,
1067  &ValueSize,
1068  0);
1069  if (NT_SUCCESS(Status))
1070  {
1071  *AttributeSize = ValueSize;
1072  }
1073 
1074 Done:
1075  NtClose(AttributeKey);
1076 
1077  return Status;
1078 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_LSA_DB_OBJECT::KeyHandle
HANDLE KeyHandle
Definition: lsasrv.h:62
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
RtlpNtQueryValueKey
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
Definition: registry.c:933
_UNICODE_STRING
Definition: env_spec_w32.h:368
STATUS_BUFFER_OVERFLOW
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:66
KEY_QUERY_VALUE
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
NULL
#define NULL
Definition: types.h:112
NtOpenKey
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapGetDomainInfo(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarEnumeratePrivilegesAccount(), LsarGetQuotasForAccount(), LsarGetSystemAccessAccount(), LsarQueryAccountDomain(), LsarQueryAuditEvents(), LsarQueryAuditFull(), LsarQueryAuditLog(), LsarQueryDefaultQuota(), LsarQueryDnsDomain(), LsarQueryModification(), LsarQueryPrimaryDomain(), LsarQuerySecret(), LsarQuerySecurityObject(), LsarQueryServerRole(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarRetrievePrivateData(), LsarSetAuditFull(), LsarSetQuotasForAccount(), and LsarSetSecurityObject().

◆ LsapInitDatabase()

NTSTATUS LsapInitDatabase ( VOID  )

Definition at line 539 of file database.c.

540 {
541  NTSTATUS Status;
542 
543  TRACE("LsapInitDatabase()\n");
544 
545  Status = LsapOpenServiceKey();
546  if (!NT_SUCCESS(Status))
547  {
548  ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
549  return Status;
550  }
551 
552  if (!LsapIsDatabaseInstalled())
553  {
554  Status = LsapCreateDatabaseKeys();
555  if (!NT_SUCCESS(Status))
556  {
557  ERR("Failed to create the LSA database keys (Status: 0x%08lx)\n", Status);
558  return Status;
559  }
560 
561  Status = LsapCreateDatabaseObjects();
562  if (!NT_SUCCESS(Status))
563  {
564  ERR("Failed to create the LSA database objects (Status: 0x%08lx)\n", Status);
565  return Status;
566  }
567  }
568  else
569  {
570  Status = LsapUpdateDatabase();
571  if (!NT_SUCCESS(Status))
572  {
573  ERR("Failed to update the LSA database (Status: 0x%08lx)\n", Status);
574  return Status;
575  }
576  }
577 
578  Status = LsapGetDomainInfo();
579  if (!NT_SUCCESS(Status))
580  {
581  ERR("Failed to get the domain information (Status: 0x%08lx)\n", Status);
582  return Status;
583  }
584 
585  TRACE("LsapInitDatabase() done\n");
586 
587  return STATUS_SUCCESS;
588 }
LsapIsDatabaseInstalled
static BOOLEAN LsapIsDatabaseInstalled(VOID)
Definition: database.c:57
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
LsapOpenServiceKey
static NTSTATUS LsapOpenServiceKey(VOID)
Definition: database.c:32
LsapGetDomainInfo
static NTSTATUS LsapGetDomainInfo(VOID)
Definition: database.c:407
LsapCreateDatabaseObjects
static NTSTATUS LsapCreateDatabaseObjects(VOID)
Definition: database.c:234
LsapUpdateDatabase
static NTSTATUS LsapUpdateDatabase(VOID)
Definition: database.c:400
Status
Status
Definition: gdiplustypes.h:24
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
ERR
#define ERR(fmt,...)
Definition: debug.h:110
LsapCreateDatabaseKeys
static NTSTATUS LsapCreateDatabaseKeys(VOID)
Definition: database.c:87
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapInitLsa().

◆ LsapIsDatabaseInstalled()

static BOOLEAN LsapIsDatabaseInstalled ( VOID  )
static

Definition at line 57 of file database.c.

58 {
59  OBJECT_ATTRIBUTES ObjectAttributes;
60  UNICODE_STRING KeyName;
61  HANDLE KeyHandle;
62  NTSTATUS Status;
63 
64  RtlInitUnicodeString(&KeyName,
65  L"Policy");
66 
67  InitializeObjectAttributes(&ObjectAttributes,
68  &KeyName,
69  OBJ_CASE_INSENSITIVE,
70  SecurityKeyHandle,
71  NULL);
72 
73  Status = RtlpNtOpenKey(&KeyHandle,
74  KEY_READ,
75  &ObjectAttributes,
76  0);
77  if (!NT_SUCCESS(Status))
78  return FALSE;
79 
80  NtClose(KeyHandle);
81 
82  return TRUE;
83 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
KeyHandle
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4711
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
TRUE
#define TRUE
Definition: types.h:120
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
FALSE
#define FALSE
Definition: types.h:117
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
RtlpNtOpenKey
NTSTATUS NTAPI RtlpNtOpenKey(OUT HANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG Unused)
Definition: registry.c:912
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
L
static const WCHAR L[]
Definition: oid.c:1250
SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:15
_UNICODE_STRING
Definition: env_spec_w32.h:368
NULL
#define NULL
Definition: types.h:112
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106

Referenced by LsapInitDatabase().

◆ LsapOpenDbObject()

NTSTATUS LsapOpenDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  ObjectType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 712 of file database.c.

719 {
720  PLSA_DB_OBJECT NewObject;
721  OBJECT_ATTRIBUTES ObjectAttributes;
722  UNICODE_STRING KeyName;
723  HANDLE ParentKeyHandle;
724  HANDLE ContainerKeyHandle = NULL;
725  HANDLE ObjectKeyHandle = NULL;
726  NTSTATUS Status;
727 
728  if (DbObject == NULL)
729  return STATUS_INVALID_PARAMETER;
730 
731  if (ParentObject == NULL)
732  ParentKeyHandle = SecurityKeyHandle;
733  else
734  ParentKeyHandle = ParentObject->KeyHandle;
735 
736  if (ContainerName != NULL)
737  {
738  /* Open the container key */
739  RtlInitUnicodeString(&KeyName,
740  ContainerName);
741 
742  InitializeObjectAttributes(&ObjectAttributes,
743  &KeyName,
744  OBJ_CASE_INSENSITIVE,
745  ParentKeyHandle,
746  NULL);
747 
748  Status = NtOpenKey(&ContainerKeyHandle,
749  KEY_ALL_ACCESS,
750  &ObjectAttributes);
751  if (!NT_SUCCESS(Status))
752  {
753  return Status;
754  }
755 
756  /* Open the object key */
757  RtlInitUnicodeString(&KeyName,
758  ObjectName);
759 
760  InitializeObjectAttributes(&ObjectAttributes,
761  &KeyName,
762  OBJ_CASE_INSENSITIVE,
763  ContainerKeyHandle,
764  NULL);
765 
766  Status = NtOpenKey(&ObjectKeyHandle,
767  KEY_ALL_ACCESS,
768  &ObjectAttributes);
769 
770  NtClose(ContainerKeyHandle);
771 
772  if (!NT_SUCCESS(Status))
773  {
774  return Status;
775  }
776  }
777  else
778  {
779  /* Open the object key */
780  RtlInitUnicodeString(&KeyName,
781  ObjectName);
782 
783  InitializeObjectAttributes(&ObjectAttributes,
784  &KeyName,
785  OBJ_CASE_INSENSITIVE,
786  ParentKeyHandle,
787  NULL);
788 
789  Status = NtOpenKey(&ObjectKeyHandle,
790  KEY_ALL_ACCESS,
791  &ObjectAttributes);
792  if (!NT_SUCCESS(Status))
793  {
794  return Status;
795  }
796  }
797 
798  NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
799  0,
800  sizeof(LSA_DB_OBJECT));
801  if (NewObject == NULL)
802  {
803  NtClose(ObjectKeyHandle);
804  return STATUS_NO_MEMORY;
805  }
806 
807  NewObject->Signature = LSAP_DB_SIGNATURE;
808  NewObject->RefCount = 1;
809  NewObject->ObjectType = ObjectType;
810  NewObject->Access = DesiredAccess;
811  NewObject->KeyHandle = ObjectKeyHandle;
812  NewObject->ParentObject = ParentObject;
813  NewObject->Trusted = Trusted;
814 
815  if (ParentObject != NULL)
816  ParentObject->RefCount++;
817 
818  *DbObject = NewObject;
819 
820  return STATUS_SUCCESS;
821 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
ObjectType
ObjectType
Definition: metafile.c:80
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:15
LSAP_DB_SIGNATURE
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:67
_UNICODE_STRING
Definition: env_spec_w32.h:368
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
_LSA_DB_OBJECT
Definition: lsasrv.h:56
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
NULL
#define NULL
Definition: types.h:112
NtOpenKey
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
NewObject
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:71

Referenced by LsaIOpenPolicyTrusted(), LsapCreateDatabaseObjects(), LsapGetDomainInfo(), LsarOpenPolicy(), LsarOpenSecret(), LsarpOpenAccount(), LsarRetrievePrivateData(), and LsarStorePrivateData().

◆ LsapOpenServiceKey()

static NTSTATUS LsapOpenServiceKey ( VOID  )
static

Definition at line 32 of file database.c.

33 {
34  OBJECT_ATTRIBUTES ObjectAttributes;
35  UNICODE_STRING KeyName;
36  NTSTATUS Status;
37 
38  RtlInitUnicodeString(&KeyName,
39  L"\\Registry\\Machine\\SECURITY");
40 
41  InitializeObjectAttributes(&ObjectAttributes,
42  &KeyName,
43  OBJ_CASE_INSENSITIVE,
44  NULL,
45  NULL);
46 
47  Status = RtlpNtOpenKey(&SecurityKeyHandle,
48  KEY_READ | KEY_CREATE_SUB_KEY | KEY_ENUMERATE_SUB_KEYS,
49  &ObjectAttributes,
50  0);
51 
52  return Status;
53 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
RtlpNtOpenKey
NTSTATUS NTAPI RtlpNtOpenKey(OUT HANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG Unused)
Definition: registry.c:912
Status
Status
Definition: gdiplustypes.h:24
L
static const WCHAR L[]
Definition: oid.c:1250
SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:15
_UNICODE_STRING
Definition: env_spec_w32.h:368
NULL
#define NULL
Definition: types.h:112
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
KEY_CREATE_SUB_KEY
#define KEY_CREATE_SUB_KEY
Definition: nt_native.h:1018
KEY_ENUMERATE_SUB_KEYS
#define KEY_ENUMERATE_SUB_KEYS
Definition: nt_native.h:1019

Referenced by LsapInitDatabase().

◆ LsapSetObjectAttribute()

NTSTATUS LsapSetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
ULONG  AttributeSize 
)

Definition at line 961 of file database.c.

965 {
966  OBJECT_ATTRIBUTES ObjectAttributes;
967  UNICODE_STRING KeyName;
968  HANDLE AttributeKey;
969  NTSTATUS Status;
970 
971  RtlInitUnicodeString(&KeyName,
972  AttributeName);
973 
974  InitializeObjectAttributes(&ObjectAttributes,
975  &KeyName,
976  OBJ_CASE_INSENSITIVE,
977  DbObject->KeyHandle,
978  NULL);
979 
980  Status = NtCreateKey(&AttributeKey,
981  KEY_SET_VALUE,
982  &ObjectAttributes,
983  0,
984  NULL,
985  REG_OPTION_NON_VOLATILE,
986  NULL);
987  if (!NT_SUCCESS(Status))
988  {
989  ERR("NtCreateKey failed for '%S' with status 0x%lx\n",
990  AttributeName, Status);
991  return Status;
992  }
993 
994  Status = RtlpNtSetValueKey(AttributeKey,
995  REG_NONE,
996  AttributeData,
997  AttributeSize);
998 
999  NtClose(AttributeKey);
1000 
1001  if (!NT_SUCCESS(Status))
1002  {
1003  ERR("RtlpNtSetValueKey failed for '%S' with status 0x%lx\n",
1004  AttributeName, Status);
1005  }
1006 
1007  return Status;
1008 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
NtCreateKey
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
KEY_SET_VALUE
#define KEY_SET_VALUE
Definition: nt_native.h:1017
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_LSA_DB_OBJECT::KeyHandle
HANDLE KeyHandle
Definition: lsasrv.h:62
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
Status
Status
Definition: gdiplustypes.h:24
REG_OPTION_NON_VOLATILE
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
ERR
#define ERR(fmt,...)
Definition: debug.h:110
_UNICODE_STRING
Definition: env_spec_w32.h:368
RtlpNtSetValueKey
NTSTATUS NTAPI RtlpNtSetValueKey(IN HANDLE KeyHandle, IN ULONG Type, IN PVOID Data, IN ULONG DataLength)
Definition: registry.c:988
NULL
#define NULL
Definition: types.h:112
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
REG_NONE
#define REG_NONE
Definition: nt_native.h:1492

Referenced by LsapCreateDatabaseObjects(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarCreateSecret(), LsarpCreateAccount(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarSetAccountDomain(), LsarSetAuditEvents(), LsarSetAuditFull(), LsarSetAuditLog(), LsarSetDefaultQuota(), LsarSetModification(), LsarSetPrimaryDomain(), LsarSetQuotasForAccount(), LsarSetSecret(), LsarSetSecurityObject(), LsarSetServerRole(), LsarSetSystemAccessAccount(), and LsarStorePrivateData().

◆ LsapUpdateDatabase()

static NTSTATUS LsapUpdateDatabase ( VOID  )
static

Definition at line 400 of file database.c.

401 {
402  return STATUS_SUCCESS;
403 }
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapInitDatabase().

◆ LsapValidateDbObject()

NTSTATUS LsapValidateDbObject ( LSAPR_HANDLE  Handle,
LSA_DB_OBJECT_TYPE  ObjectType,
ACCESS_MASK  DesiredAccess,
PLSA_DB_OBJECT DbObject 
)

Definition at line 825 of file database.c.

829 {
830  PLSA_DB_OBJECT LocalObject = (PLSA_DB_OBJECT)Handle;
831  BOOLEAN bValid = FALSE;
832 
833  _SEH2_TRY
834  {
835  if (LocalObject->Signature == LSAP_DB_SIGNATURE)
836  {
837  if ((ObjectType == LsaDbIgnoreObject) ||
838  (LocalObject->ObjectType == ObjectType))
839  bValid = TRUE;
840  }
841  }
842  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
843  {
844  bValid = FALSE;
845  }
846  _SEH2_END;
847 
848  if (bValid == FALSE)
849  return STATUS_INVALID_HANDLE;
850 
851  if (DesiredAccess != 0)
852  {
853  /* Check for granted access rights */
854  if ((LocalObject->Access & DesiredAccess) != DesiredAccess)
855  {
856  ERR("LsapValidateDbObject access check failed %08lx %08lx\n",
857  LocalObject->Access, DesiredAccess);
858  return STATUS_ACCESS_DENIED;
859  }
860  }
861 
862  if (DbObject != NULL)
863  *DbObject = LocalObject;
864 
865  return STATUS_SUCCESS;
866 }
_LSA_DB_OBJECT::Access
ACCESS_MASK Access
Definition: lsasrv.h:61
ObjectType
ObjectType
Definition: metafile.c:80
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
TRUE
#define TRUE
Definition: types.h:120
_LSA_DB_OBJECT::ObjectType
LSA_DB_OBJECT_TYPE ObjectType
Definition: lsasrv.h:59
STATUS_INVALID_HANDLE
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:245
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
FALSE
#define FALSE
Definition: types.h:117
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
STATUS_ACCESS_DENIED
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145
_LSA_DB_OBJECT::Signature
ULONG Signature
Definition: lsasrv.h:58
ERR
#define ERR(fmt,...)
Definition: debug.h:110
LSAP_DB_SIGNATURE
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:67
_SEH2_END
_SEH2_END
Definition: create.c:4400
_LSA_DB_OBJECT
Definition: lsasrv.h:56
NULL
#define NULL
Definition: types.h:112
Handle
_In_ HANDLE Handle
Definition: extypes.h:390
PLSA_DB_OBJECT
struct _LSA_DB_OBJECT * PLSA_DB_OBJECT
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarClose(), LsarCreateAccount(), LsarCreateSecret(), LsarDeleteObject(), LsarEnumerateAccounts(), LsarEnumerateAccountsWithUserRight(), LsarEnumeratePrivileges(), LsarEnumeratePrivilegesAccount(), LsarGetQuotasForAccount(), LsarGetSystemAccessAccount(), LsarLookupPrivilegeDisplayName(), LsarLookupPrivilegeName(), LsarLookupPrivilegeValue(), LsarOpenAccount(), LsarOpenSecret(), LsarQueryInformationPolicy(), LsarQuerySecret(), LsarQuerySecurityObject(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarRetrievePrivateData(), LsarSetInformationPolicy(), LsarSetQuotasForAccount(), LsarSetSecret(), LsarSetSecurityObject(), LsarSetSystemAccessAccount(), and LsarStorePrivateData().

Variable Documentation

◆ AccountDomainName

UNICODE_STRING AccountDomainName = {0, 0, NULL}

Definition at line 26 of file database.c.

Referenced by LsapGetDomainInfo(), LsapLookupAccountDomainSids(), LsapLookupAccountNames(), LsapLookupIsolatedAccountNames(), and LsapLookupIsolatedNames().

◆ AccountDomainSid

PSID AccountDomainSid = NULL

Definition at line 24 of file database.c.

Referenced by BuildTokenGroups(), BuildTokenInformationBuffer(), BuildTokenPrimaryGroup(), BuildTokenUser(), BuildUserInfoBuffer(), GetAccountDomainSid(), GetUserPrivileges(), LsaApLogonUserEx2(), LsapAddSamGroups(), LsapCreateDatabaseObjects(), LsapGetDomainInfo(), LsapLookupAccountDomainSids(), LsapLookupAccountNames(), LsapLookupIsolatedAccountNames(), LsapLookupIsolatedNames(), NetUserGetGroups(), NetUserGetInfo(), and NetUserGetLocalGroups().

◆ BuiltinDomainName

UNICODE_STRING BuiltinDomainName = {0, 0, NULL}

Definition at line 25 of file database.c.

Referenced by LsapGetDomainInfo(), LsapLookupBuiltinDomainSids(), LsapLookupBuiltinNames(), LsapLookupIsolatedBuiltinNames(), and LsapLookupIsolatedNames().

◆ BuiltinDomainSid

PSID BuiltinDomainSid = NULL

Definition at line 23 of file database.c.

Referenced by LsapGetDomainInfo().

◆ CreatorSidAuthority

SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY}

Definition at line 20 of file database.c.

Referenced by LsapInitSids().

◆ LocalSidAuthority

SID_IDENTIFIER_AUTHORITY LocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY}

Definition at line 19 of file database.c.

Referenced by LsapInitSids().

◆ NtAuthority

SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY}

Definition at line 21 of file database.c.

Referenced by CmpHiveRootSecurityDescriptor(), CreateBaseAcls(), GetNtAuthorityDomainSid(), is_process_limited(), IsUserAdmin(), LsapCreateRandomDomainSid(), LsapGetDomainInfo(), LsapInitSids(), and SmpCreateSecurityDescriptors().

◆ NullSidAuthority

SID_IDENTIFIER_AUTHORITY NullSidAuthority = {SECURITY_NULL_SID_AUTHORITY}

Definition at line 17 of file database.c.

Referenced by LsapInitSids().

◆ SecurityKeyHandle

HANDLE SecurityKeyHandle = NULL
static

Definition at line 15 of file database.c.

Referenced by LsapCreateDatabaseKeys(), LsapCreateDbObject(), LsapIsDatabaseInstalled(), LsapOpenDbObject(), and LsapOpenServiceKey().

◆ WorldSidAuthority

SID_IDENTIFIER_AUTHORITY WorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY}

Definition at line 18 of file database.c.

Referenced by LsapCreateAccountSd(), LsapCreatePolicySd(), LsapCreateSecretSd(), and LsapInitSids().