ReactOS 0.4.15-dev-6661-gcc6e444
Functions | Variables
database.c File Reference
#include "lsasrv.h"
#include <pseh/pseh2.h>
Include dependency graph for database.c:

Go to the source code of this file.

Functions

static NTSTATUS LsapOpenServiceKey (VOID)
 
static BOOLEAN LsapIsDatabaseInstalled (VOID)
 
static NTSTATUS LsapCreateDatabaseKeys (VOID)
 
static NTSTATUS LsapCreateRandomDomainSid (OUT PSID *Sid)
 
static NTSTATUS LsapCreateDatabaseObjects (VOID)
 
static NTSTATUS LsapUpdateDatabase (VOID)
 
static NTSTATUS LsapGetDomainInfo (VOID)
 
NTSTATUS LsapInitDatabase (VOID)
 
NTSTATUS LsapCreateDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapOpenDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapValidateDbObject (LSAPR_HANDLE Handle, LSA_DB_OBJECT_TYPE ObjectType, ACCESS_MASK DesiredAccess, PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapCloseDbObject (PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapDeleteDbObject (IN PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapSetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
 
NTSTATUS LsapGetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
 
NTSTATUS LsapDeleteObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
 

Variables

static HANDLE SecurityKeyHandle = NULL
 
SID_IDENTIFIER_AUTHORITY NullSidAuthority = {SECURITY_NULL_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY WorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY LocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY}
 
PSID BuiltinDomainSid = NULL
 
PSID AccountDomainSid = NULL
 
UNICODE_STRING BuiltinDomainName = {0, 0, NULL}
 
UNICODE_STRING AccountDomainName = {0, 0, NULL}
 

Function Documentation

◆ LsapCloseDbObject()

NTSTATUS LsapCloseDbObject ( PLSA_DB_OBJECT  DbObject)

Definition at line 870 of file database.c.

871{
872 PLSA_DB_OBJECT ParentObject = NULL;
873 NTSTATUS Status = STATUS_SUCCESS;
874
875 DbObject->RefCount--;
876
877 if (DbObject->RefCount > 0)
878 return STATUS_SUCCESS;
879
880 if (DbObject->KeyHandle != NULL)
881 NtClose(DbObject->KeyHandle);
882
883 if (DbObject->ParentObject != NULL)
884 ParentObject = DbObject->ParentObject;
885
886 RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
887
888 if (ParentObject != NULL)
889 {
890 ParentObject->RefCount--;
891
892 if (ParentObject->RefCount == 0)
893 Status = LsapCloseDbObject(ParentObject);
894 }
895
896 return Status;
897}
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
NULL
#define NULL
Definition: types.h:112
LsapCloseDbObject
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:870
Status
Status
Definition: gdiplustypes.h:25
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_LSA_DB_OBJECT
Definition: lsasrv.h:57
_LSA_DB_OBJECT::KeyHandle
HANDLE KeyHandle
Definition: lsasrv.h:62
_LSA_DB_OBJECT::RefCount
ULONG RefCount
Definition: lsasrv.h:60
_LSA_DB_OBJECT::ParentObject
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:64

Referenced by LsapCloseDbObject(), LsapCreateDatabaseObjects(), LsapDeleteDbObject(), LsapGetDomainInfo(), LsarAddAccountRights(), LsarClose(), LsarCreateSecret(), LsarOpenSecret(), LsarRemoveAccountRights(), LsarRetrievePrivateData(), and LsarStorePrivateData().

◆ LsapCreateDatabaseKeys()

static NTSTATUS LsapCreateDatabaseKeys ( VOID  )
static

Definition at line 87 of file database.c.

88{
89 OBJECT_ATTRIBUTES ObjectAttributes;
90 UNICODE_STRING KeyName;
91 HANDLE PolicyKeyHandle = NULL;
92 HANDLE AccountsKeyHandle = NULL;
93 HANDLE DomainsKeyHandle = NULL;
94 HANDLE SecretsKeyHandle = NULL;
95 NTSTATUS Status = STATUS_SUCCESS;
96
97 TRACE("LsapInstallDatabase()\n");
98
99 /* Create the 'Policy' key */
100 RtlInitUnicodeString(&KeyName,
101 L"Policy");
102
103 InitializeObjectAttributes(&ObjectAttributes,
104 &KeyName,
105 OBJ_CASE_INSENSITIVE,
106 SecurityKeyHandle,
107 NULL);
108
109 Status = NtCreateKey(&PolicyKeyHandle,
110 KEY_ALL_ACCESS,
111 &ObjectAttributes,
112 0,
113 NULL,
114 0,
115 NULL);
116 if (!NT_SUCCESS(Status))
117 {
118 ERR("Failed to create the 'Policy' key (Status: 0x%08lx)\n", Status);
119 goto Done;
120 }
121
122 /* Create the 'Accounts' key */
123 RtlInitUnicodeString(&KeyName,
124 L"Accounts");
125
126 InitializeObjectAttributes(&ObjectAttributes,
127 &KeyName,
128 OBJ_CASE_INSENSITIVE,
129 PolicyKeyHandle,
130 NULL);
131
132 Status = NtCreateKey(&AccountsKeyHandle,
133 KEY_ALL_ACCESS,
134 &ObjectAttributes,
135 0,
136 NULL,
137 0,
138 NULL);
139 if (!NT_SUCCESS(Status))
140 {
141 ERR("Failed to create the 'Accounts' key (Status: 0x%08lx)\n", Status);
142 goto Done;
143 }
144
145 /* Create the 'Domains' key */
146 RtlInitUnicodeString(&KeyName,
147 L"Domains");
148
149 InitializeObjectAttributes(&ObjectAttributes,
150 &KeyName,
151 OBJ_CASE_INSENSITIVE,
152 PolicyKeyHandle,
153 NULL);
154
155 Status = NtCreateKey(&DomainsKeyHandle,
156 KEY_ALL_ACCESS,
157 &ObjectAttributes,
158 0,
159 NULL,
160 0,
161 NULL);
162 if (!NT_SUCCESS(Status))
163 {
164 ERR("Failed to create the 'Domains' key (Status: 0x%08lx)\n", Status);
165 goto Done;
166 }
167
168 /* Create the 'Secrets' key */
169 RtlInitUnicodeString(&KeyName,
170 L"Secrets");
171
172 InitializeObjectAttributes(&ObjectAttributes,
173 &KeyName,
174 OBJ_CASE_INSENSITIVE,
175 PolicyKeyHandle,
176 NULL);
177
178 Status = NtCreateKey(&SecretsKeyHandle,
179 KEY_ALL_ACCESS,
180 &ObjectAttributes,
181 0,
182 NULL,
183 0,
184 NULL);
185 if (!NT_SUCCESS(Status))
186 {
187 ERR("Failed to create the 'Secrets' key (Status: 0x%08lx)\n", Status);
188 goto Done;
189 }
190
191Done:
192 if (SecretsKeyHandle != NULL)
193 NtClose(SecretsKeyHandle);
194
195 if (DomainsKeyHandle != NULL)
196 NtClose(DomainsKeyHandle);
197
198 if (AccountsKeyHandle != NULL)
199 NtClose(AccountsKeyHandle);
200
201 if (PolicyKeyHandle != NULL)
202 NtClose(PolicyKeyHandle);
203
204 TRACE("LsapInstallDatabase() done (Status: 0x%08lx)\n", Status);
205
206 return Status;
207}
ERR
#define ERR(fmt,...)
Definition: debug.h:110
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:15
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NtCreateKey
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
L
#define L(x)
Definition: ntvdm.h:50
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_UNICODE_STRING
Definition: env_spec_w32.h:368
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2699

Referenced by LsapInitDatabase().

◆ LsapCreateDatabaseObjects()

static NTSTATUS LsapCreateDatabaseObjects ( VOID  )
static

Definition at line 234 of file database.c.

235{
236 PLSAP_POLICY_AUDIT_EVENTS_DATA AuditEventsInfo = NULL;
237 POLICY_DEFAULT_QUOTA_INFO QuotaInfo;
238 POLICY_MODIFICATION_INFO ModificationInfo;
239 POLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = {FALSE, FALSE};
240 POLICY_AUDIT_LOG_INFO AuditLogInfo;
241 GUID DnsDomainGuid;
242 PLSA_DB_OBJECT PolicyObject = NULL;
243 PSID AccountDomainSid = NULL;
244 PSECURITY_DESCRIPTOR PolicySd = NULL;
245 ULONG PolicySdSize = 0;
246 ULONG i;
247 NTSTATUS Status;
248
249 /* Initialize the default quota limits */
250 QuotaInfo.QuotaLimits.PagedPoolLimit = 0x2000000;
251 QuotaInfo.QuotaLimits.NonPagedPoolLimit = 0x100000;
252 QuotaInfo.QuotaLimits.MinimumWorkingSetSize = 0x10000;
253 QuotaInfo.QuotaLimits.MaximumWorkingSetSize = 0xF000000;
254 QuotaInfo.QuotaLimits.PagefileLimit = 0;
255 QuotaInfo.QuotaLimits.TimeLimit.QuadPart = 0;
256
257 /* Initialize the audit log attribute */
258 AuditLogInfo.AuditLogPercentFull = 0;
259 AuditLogInfo.MaximumLogSize = 0; // DWORD
260 AuditLogInfo.AuditRetentionPeriod.QuadPart = 0; // LARGE_INTEGER
261 AuditLogInfo.AuditLogFullShutdownInProgress = 0; // BYTE
262 AuditLogInfo.TimeToShutdown.QuadPart = 0; // LARGE_INTEGER
263 AuditLogInfo.NextAuditRecordId = 0; // DWORD
264
265 /* Initialize the Audit Events attribute */
266 AuditEventsInfo = RtlAllocateHeap(RtlGetProcessHeap(),
267 HEAP_ZERO_MEMORY,
268 sizeof(LSAP_POLICY_AUDIT_EVENTS_DATA));
269 if (AuditEventsInfo == NULL)
270 return STATUS_INSUFFICIENT_RESOURCES;
271
272 AuditEventsInfo->AuditingMode = FALSE;
273 AuditEventsInfo->MaximumAuditEventCount = POLICY_AUDIT_EVENT_TYPE_COUNT;
274 for (i = 0; i < POLICY_AUDIT_EVENT_TYPE_COUNT; i++)
275 AuditEventsInfo->AuditEvents[i] = 0;
276
277 /* Initialize the DNS Domain GUID attribute */
278 RtlZeroMemory(&DnsDomainGuid, sizeof(DnsDomainGuid));
279
280 /* Initialize the modification attribute */
281 ModificationInfo.ModifiedId.QuadPart = 0;
282 NtQuerySystemTime(&ModificationInfo.DatabaseCreationTime);
283
284 /* Create a random domain SID */
285 Status = LsapCreateRandomDomainSid(&AccountDomainSid);
286 if (!NT_SUCCESS(Status))
287 goto done;
288
289 Status = LsapCreatePolicySd(&PolicySd, &PolicySdSize);
290 if (!NT_SUCCESS(Status))
291 goto done;
292
293 /* Open the 'Policy' object */
294 Status = LsapOpenDbObject(NULL,
295 NULL,
296 L"Policy",
297 LsaDbPolicyObject,
298 0,
299 TRUE,
300 &PolicyObject);
301 if (!NT_SUCCESS(Status))
302 goto done;
303
304 /* Set the Primary Domain Name attribute */
305 LsapSetObjectAttribute(PolicyObject,
306 L"PolPrDmN",
307 NULL,
308 0);
309
310 /* Set the Primary Domain SID attribute */
311 LsapSetObjectAttribute(PolicyObject,
312 L"PolPrDmS",
313 NULL,
314 0);
315
316 /* Set the Account Domain Name attribute */
317 LsapSetObjectAttribute(PolicyObject,
318 L"PolAcDmN",
319 NULL,
320 0);
321
322 /* Set the Account Domain SID attribute */
323 LsapSetObjectAttribute(PolicyObject,
324 L"PolAcDmS",
325 AccountDomainSid,
326 RtlLengthSid(AccountDomainSid));
327
328 /* Set the default quota limits attribute */
329 LsapSetObjectAttribute(PolicyObject,
330 L"DefQuota",
331 &QuotaInfo,
332 sizeof(QuotaInfo));
333
334 /* Set the modification attribute */
335 LsapSetObjectAttribute(PolicyObject,
336 L"PolMod",
337 &ModificationInfo,
338 sizeof(ModificationInfo));
339
340 /* Set the audit full attribute */
341 LsapSetObjectAttribute(PolicyObject,
342 L"PolAdtFl",
343 &AuditFullInfo,
344 sizeof(AuditFullInfo));
345
346 /* Set the audit log attribute */
347 LsapSetObjectAttribute(PolicyObject,
348 L"PolAdtLg",
349 &AuditLogInfo,
350 sizeof(AuditLogInfo));
351
352 /* Set the audit events attribute */
353 LsapSetObjectAttribute(PolicyObject,
354 L"PolAdtEv",
355 AuditEventsInfo,
356 sizeof(*AuditEventsInfo));
357
358 /* Set the DNS Domain Name attribute */
359 LsapSetObjectAttribute(PolicyObject,
360 L"PolDnDDN",
361 NULL,
362 0);
363
364 /* Set the DNS Forest Name attribute */
365 LsapSetObjectAttribute(PolicyObject,
366 L"PolDnTrN",
367 NULL,
368 0);
369
370 /* Set the DNS Domain GUID attribute */
371 LsapSetObjectAttribute(PolicyObject,
372 L"PolDnDmG",
373 &DnsDomainGuid,
374 sizeof(DnsDomainGuid));
375
376 /* Set the Security Descriptor */
377 LsapSetObjectAttribute(PolicyObject,
378 L"SecDesc",
379 PolicySd,
380 PolicySdSize);
381
382done:
383 if (AuditEventsInfo != NULL)
384 RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo);
385
386 if (PolicyObject != NULL)
387 LsapCloseDbObject(PolicyObject);
388
389 if (AccountDomainSid != NULL)
390 RtlFreeSid(AccountDomainSid);
391
392 if (PolicySd != NULL)
393 RtlFreeHeap(RtlGetProcessHeap(), 0, PolicySd);
394
395 return Status;
396}
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
LsapCreateRandomDomainSid
static NTSTATUS LsapCreateRandomDomainSid(OUT PSID *Sid)
Definition: database.c:211
LsapOpenDbObject
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:712
AccountDomainSid
PSID AccountDomainSid
Definition: database.c:24
LsapSetObjectAttribute
NTSTATUS LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
Definition: database.c:961
LsapCreatePolicySd
NTSTATUS LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
Definition: security.c:14
LsaDbPolicyObject
@ LsaDbPolicyObject
Definition: lsasrv.h:50
POLICY_AUDIT_EVENT_TYPE_COUNT
#define POLICY_AUDIT_EVENT_TYPE_COUNT
Definition: lsasrv.h:69
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
RtlFreeSid
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
NtQuerySystemTime
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:483
_LSAP_POLICY_AUDIT_EVENTS_DATA
Definition: lsasrv.h:71
_LSAP_POLICY_AUDIT_EVENTS_DATA::AuditingMode
BOOLEAN AuditingMode
Definition: lsasrv.h:72
_LSAP_POLICY_AUDIT_EVENTS_DATA::MaximumAuditEventCount
DWORD MaximumAuditEventCount
Definition: lsasrv.h:74
_LSAP_POLICY_AUDIT_EVENTS_DATA::AuditEvents
DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT]
Definition: lsasrv.h:73
_POLICY_AUDIT_FULL_QUERY_INFO
Definition: ntsecapi.h:600
_POLICY_AUDIT_LOG_INFO
Definition: ntsecapi.h:552
_POLICY_AUDIT_LOG_INFO::MaximumLogSize
ULONG MaximumLogSize
Definition: ntsecapi.h:554
_POLICY_AUDIT_LOG_INFO::AuditRetentionPeriod
LARGE_INTEGER AuditRetentionPeriod
Definition: ntsecapi.h:555
_POLICY_AUDIT_LOG_INFO::AuditLogFullShutdownInProgress
BOOLEAN AuditLogFullShutdownInProgress
Definition: ntsecapi.h:556
_POLICY_AUDIT_LOG_INFO::NextAuditRecordId
ULONG NextAuditRecordId
Definition: ntsecapi.h:558
_POLICY_AUDIT_LOG_INFO::TimeToShutdown
LARGE_INTEGER TimeToShutdown
Definition: ntsecapi.h:557
_POLICY_AUDIT_LOG_INFO::AuditLogPercentFull
ULONG AuditLogPercentFull
Definition: ntsecapi.h:553
_POLICY_DEFAULT_QUOTA_INFO
Definition: ntsecapi.h:590
_POLICY_DEFAULT_QUOTA_INFO::QuotaLimits
QUOTA_LIMITS QuotaLimits
Definition: ntsecapi.h:591
_POLICY_MODIFICATION_INFO
Definition: ntsecapi.h:593
_POLICY_MODIFICATION_INFO::DatabaseCreationTime
LARGE_INTEGER DatabaseCreationTime
Definition: ntsecapi.h:595
_POLICY_MODIFICATION_INFO::ModifiedId
LARGE_INTEGER ModifiedId
Definition: ntsecapi.h:594
_QUOTA_LIMITS::MaximumWorkingSetSize
INT64 MaximumWorkingSetSize
Definition: lsa.idl:290
_QUOTA_LIMITS::NonPagedPoolLimit
INT64 NonPagedPoolLimit
Definition: lsa.idl:288
_QUOTA_LIMITS::TimeLimit
LARGE_INTEGER TimeLimit
Definition: lsa.idl:292
_QUOTA_LIMITS::MinimumWorkingSetSize
INT64 MinimumWorkingSetSize
Definition: lsa.idl:289
_QUOTA_LIMITS::PagefileLimit
INT64 PagefileLimit
Definition: lsa.idl:291
_QUOTA_LIMITS::PagedPoolLimit
INT64 PagedPoolLimit
Definition: lsa.idl:287
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
_SID
Definition: ms-dtyp.idl:198
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
ULONG
uint32_t ULONG
Definition: typedefs.h:59
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114

Referenced by LsapInitDatabase().

◆ LsapCreateDbObject()

NTSTATUS LsapCreateDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  ObjectType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 592 of file database.c.

599{
600 PLSA_DB_OBJECT NewObject;
601 OBJECT_ATTRIBUTES ObjectAttributes;
602 UNICODE_STRING KeyName;
603 HANDLE ParentKeyHandle;
604 HANDLE ContainerKeyHandle = NULL;
605 HANDLE ObjectKeyHandle = NULL;
606 NTSTATUS Status;
607
608 if (DbObject == NULL)
609 return STATUS_INVALID_PARAMETER;
610
611 if (ParentObject == NULL)
612 ParentKeyHandle = SecurityKeyHandle;
613 else
614 ParentKeyHandle = ParentObject->KeyHandle;
615
616 if (ContainerName != NULL)
617 {
618 /* Open the container key */
619 RtlInitUnicodeString(&KeyName,
620 ContainerName);
621
622 InitializeObjectAttributes(&ObjectAttributes,
623 &KeyName,
624 OBJ_CASE_INSENSITIVE,
625 ParentKeyHandle,
626 NULL);
627
628 Status = NtOpenKey(&ContainerKeyHandle,
629 KEY_ALL_ACCESS,
630 &ObjectAttributes);
631 if (!NT_SUCCESS(Status))
632 {
633 return Status;
634 }
635
636 /* Open the object key */
637 RtlInitUnicodeString(&KeyName,
638 ObjectName);
639
640 InitializeObjectAttributes(&ObjectAttributes,
641 &KeyName,
642 OBJ_CASE_INSENSITIVE,
643 ContainerKeyHandle,
644 NULL);
645
646 Status = NtCreateKey(&ObjectKeyHandle,
647 KEY_ALL_ACCESS,
648 &ObjectAttributes,
649 0,
650 NULL,
651 0,
652 NULL);
653
654 NtClose(ContainerKeyHandle);
655
656 if (!NT_SUCCESS(Status))
657 {
658 return Status;
659 }
660 }
661 else
662 {
663 RtlInitUnicodeString(&KeyName,
664 ObjectName);
665
666 InitializeObjectAttributes(&ObjectAttributes,
667 &KeyName,
668 OBJ_CASE_INSENSITIVE,
669 ParentKeyHandle,
670 NULL);
671
672 Status = NtCreateKey(&ObjectKeyHandle,
673 KEY_ALL_ACCESS,
674 &ObjectAttributes,
675 0,
676 NULL,
677 0,
678 NULL);
679 if (!NT_SUCCESS(Status))
680 {
681 return Status;
682 }
683 }
684
685 NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
686 0,
687 sizeof(LSA_DB_OBJECT));
688 if (NewObject == NULL)
689 {
690 NtClose(ObjectKeyHandle);
691 return STATUS_NO_MEMORY;
692 }
693
694 NewObject->Signature = LSAP_DB_SIGNATURE;
695 NewObject->RefCount = 1;
696 NewObject->ObjectType = ObjectType;
697 NewObject->Access = DesiredAccess;
698 NewObject->KeyHandle = ObjectKeyHandle;
699 NewObject->ParentObject = ParentObject;
700 NewObject->Trusted = Trusted;
701
702 if (ParentObject != NULL)
703 ParentObject->RefCount++;
704
705 *DbObject = NewObject;
706
707 return STATUS_SUCCESS;
708}
LSAP_DB_SIGNATURE
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:67
ObjectType
ObjectType
Definition: metafile.c:81
NtOpenKey
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:64
NewObject
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:74

Referenced by LsarCreateSecret(), LsarpCreateAccount(), and LsarStorePrivateData().

◆ LsapCreateRandomDomainSid()

static NTSTATUS LsapCreateRandomDomainSid ( OUT PSID Sid)
static

Definition at line 211 of file database.c.

212{
213 LARGE_INTEGER SystemTime;
214 PULONG Seed;
215
216 NtQuerySystemTime(&SystemTime);
217 Seed = &SystemTime.u.LowPart;
218
219 return RtlAllocateAndInitializeSid(&NtAuthority,
220 4,
221 SECURITY_NT_NON_UNIQUE,
222 RtlUniform(Seed),
223 RtlUniform(Seed),
224 RtlUniform(Seed),
225 SECURITY_NULL_RID,
226 SECURITY_NULL_RID,
227 SECURITY_NULL_RID,
228 SECURITY_NULL_RID,
229 Sid);
230}
NtAuthority
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:21
RtlUniform
NTSYSAPI ULONG NTAPI RtlUniform(_In_ PULONG Seed)
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1133
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
_LARGE_INTEGER
Definition: typedefs.h:103
_LARGE_INTEGER::u
struct _LARGE_INTEGER::@2274 u
SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:540
SECURITY_NT_NON_UNIQUE
#define SECURITY_NT_NON_UNIQUE
Definition: setypes.h:577

Referenced by LsapCreateDatabaseObjects().

◆ LsapDeleteDbObject()

NTSTATUS LsapDeleteDbObject ( IN PLSA_DB_OBJECT  DbObject)

Definition at line 901 of file database.c.

902{
903 PLSA_DB_OBJECT ParentObject = NULL;
904 WCHAR KeyName[64];
905 ULONG Index;
906 NTSTATUS Status = STATUS_SUCCESS;
907
908 DbObject->RefCount--;
909
910 if (DbObject->RefCount > 0)
911 return STATUS_SUCCESS;
912
913 if (DbObject->KeyHandle != NULL)
914 {
915 Index = 0;
916
917 while (TRUE)
918 {
919 Status = LsapRegEnumerateSubKey(DbObject->KeyHandle,
920 Index,
921 sizeof(KeyName),
922 KeyName);
923 if (!NT_SUCCESS(Status))
924 break;
925
926 TRACE("Index: %lu\n", Index);
927 TRACE("Key name: %S\n", KeyName);
928
929 Status = LsapRegDeleteSubKey(DbObject->KeyHandle,
930 KeyName);
931 if (!NT_SUCCESS(Status))
932 break;
933 }
934
935 if (Status == STATUS_NO_MORE_ENTRIES)
936 Status = STATUS_SUCCESS;
937
938 LsapRegDeleteKey(DbObject->KeyHandle);
939
940 NtClose(DbObject->KeyHandle);
941 }
942
943 if (DbObject->ParentObject != NULL)
944 ParentObject = DbObject->ParentObject;
945
946 RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
947
948 if (ParentObject != NULL)
949 {
950 ParentObject->RefCount--;
951
952 if (ParentObject->RefCount == 0)
953 Status = LsapCloseDbObject(ParentObject);
954 }
955
956 return Status;
957}
LsapRegDeleteSubKey
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
LsapRegDeleteKey
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
Definition: registry.c:89
LsapRegEnumerateSubKey
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
Definition: registry.c:96
STATUS_NO_MORE_ENTRIES
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:205
Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:182
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180

Referenced by LsarDeleteObject(), and LsarStorePrivateData().

◆ LsapDeleteObjectAttribute()

NTSTATUS LsapDeleteObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName 
)

Definition at line 1082 of file database.c.

1084{
1085 return LsapRegDeleteSubKey(DbObject->KeyHandle,
1086 AttributeName);
1087}

Referenced by LsarRemovePrivilegesFromAccount().

◆ LsapGetDomainInfo()

static NTSTATUS LsapGetDomainInfo ( VOID  )
static

Definition at line 407 of file database.c.

408{
409 PLSA_DB_OBJECT PolicyObject = NULL;
410 PUNICODE_STRING DomainName = NULL;
411 ULONG AttributeSize;
412 LPWSTR SidString = NULL;
413 NTSTATUS Status;
414
415 /* Get the built-in domain SID and name */
416 Status = RtlAllocateAndInitializeSid(&NtAuthority,
417 1,
418 SECURITY_BUILTIN_DOMAIN_RID,
419 0, 0, 0, 0, 0, 0, 0,
420 &BuiltinDomainSid);
421 if (!NT_SUCCESS(Status))
422 return Status;
423
424
425 RtlInitUnicodeString(&BuiltinDomainName,
426 L"BUILTIN");
427
428 /* Open the 'Policy' object */
429 Status = LsapOpenDbObject(NULL,
430 NULL,
431 L"Policy",
432 LsaDbPolicyObject,
433 0,
434 TRUE,
435 &PolicyObject);
436 if (!NT_SUCCESS(Status))
437 goto done;
438
439 /* Get the account domain SID */
440 AttributeSize = 0;
441 Status = LsapGetObjectAttribute(PolicyObject,
442 L"PolAcDmS",
443 NULL,
444 &AttributeSize);
445 if (!NT_SUCCESS(Status))
446 goto done;
447
448 if (AttributeSize > 0)
449 {
450 AccountDomainSid = RtlAllocateHeap(RtlGetProcessHeap(),
451 HEAP_ZERO_MEMORY,
452 AttributeSize);
453 if (AccountDomainSid == NULL)
454 {
455 Status = STATUS_INSUFFICIENT_RESOURCES;
456 goto done;
457 }
458
459 Status = LsapGetObjectAttribute(PolicyObject,
460 L"PolAcDmS",
461 AccountDomainSid,
462 &AttributeSize);
463 if (!NT_SUCCESS(Status))
464 goto done;
465 }
466
467 /* Get the account domain name */
468 AttributeSize = 0;
469 Status = LsapGetObjectAttribute(PolicyObject,
470 L"PolAcDmN",
471 NULL,
472 &AttributeSize);
473 if (!NT_SUCCESS(Status))
474 goto done;
475
476 if (AttributeSize > 0)
477 {
478 DomainName = RtlAllocateHeap(RtlGetProcessHeap(),
479 HEAP_ZERO_MEMORY,
480 AttributeSize);
481 if (DomainName == NULL)
482 {
483 Status = STATUS_INSUFFICIENT_RESOURCES;
484 goto done;
485 }
486
487 Status = LsapGetObjectAttribute(PolicyObject,
488 L"PolAcDmN",
489 DomainName,
490 &AttributeSize);
491 if (!NT_SUCCESS(Status))
492 goto done;
493
494 DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
495
496 AccountDomainName.Length = DomainName->Length;
497 AccountDomainName.MaximumLength = DomainName->Length + sizeof(WCHAR);
498 AccountDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
499 HEAP_ZERO_MEMORY,
500 AccountDomainName.MaximumLength);
501 if (AccountDomainName.Buffer == NULL)
502 {
503 ERR("Failed to allocate the account domain name buffer\n");
504 Status = STATUS_INSUFFICIENT_RESOURCES;
505 goto done;
506 }
507
508 RtlCopyMemory(AccountDomainName.Buffer,
509 DomainName->Buffer,
510 DomainName->Length);
511 }
512
513 ConvertSidToStringSidW(BuiltinDomainSid, &SidString);
514 TRACE("Builtin Domain SID: %S\n", SidString);
515 LocalFree(SidString);
516 SidString = NULL;
517
518 TRACE("Builtin Domain Name: %wZ\n", &BuiltinDomainName);
519
520 ConvertSidToStringSidW(AccountDomainSid, &SidString);
521 TRACE("Account Domain SID: %S\n", SidString);
522 LocalFree(SidString);
523 SidString = NULL;
524
525 TRACE("Account Domain Name: %wZ\n", &AccountDomainName);
526
527done:
528 if (DomainName != NULL)
529 RtlFreeHeap(RtlGetProcessHeap(), 0, DomainName);
530
531 if (PolicyObject != NULL)
532 LsapCloseDbObject(PolicyObject);
533
534 return Status;
535}
ConvertSidToStringSidW
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3585
BuiltinDomainName
UNICODE_STRING BuiltinDomainName
Definition: database.c:25
AccountDomainName
UNICODE_STRING AccountDomainName
Definition: database.c:26
LsapGetObjectAttribute
NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
Definition: database.c:1012
BuiltinDomainSid
PSID BuiltinDomainSid
Definition: database.c:23
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

Referenced by LsapInitDatabase().

◆ LsapGetObjectAttribute()

NTSTATUS LsapGetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
PULONG  AttributeSize 
)

Definition at line 1012 of file database.c.

1016{
1017 OBJECT_ATTRIBUTES ObjectAttributes;
1018 UNICODE_STRING KeyName;
1019 HANDLE AttributeKey;
1020 ULONG ValueSize;
1021 NTSTATUS Status;
1022
1023 RtlInitUnicodeString(&KeyName,
1024 AttributeName);
1025
1026 InitializeObjectAttributes(&ObjectAttributes,
1027 &KeyName,
1028 OBJ_CASE_INSENSITIVE,
1029 DbObject->KeyHandle,
1030 NULL);
1031
1032 Status = NtOpenKey(&AttributeKey,
1033 KEY_QUERY_VALUE,
1034 &ObjectAttributes);
1035 if (!NT_SUCCESS(Status))
1036 {
1037 return Status;
1038 }
1039
1040 ValueSize = *AttributeSize;
1041 Status = RtlpNtQueryValueKey(AttributeKey,
1042 NULL,
1043 NULL,
1044 &ValueSize,
1045 0);
1046 if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW)
1047 {
1048 goto Done;
1049 }
1050
1051 if (AttributeData == NULL || *AttributeSize == 0)
1052 {
1053 *AttributeSize = ValueSize;
1054 Status = STATUS_SUCCESS;
1055 goto Done;
1056 }
1057 else if (*AttributeSize < ValueSize)
1058 {
1059 *AttributeSize = ValueSize;
1060 Status = STATUS_BUFFER_OVERFLOW;
1061 goto Done;
1062 }
1063
1064 Status = RtlpNtQueryValueKey(AttributeKey,
1065 NULL,
1066 AttributeData,
1067 &ValueSize,
1068 0);
1069 if (NT_SUCCESS(Status))
1070 {
1071 *AttributeSize = ValueSize;
1072 }
1073
1074Done:
1075 NtClose(AttributeKey);
1076
1077 return Status;
1078}
AttributeData
@ AttributeData
Definition: ntfs.h:168
KEY_QUERY_VALUE
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
RtlpNtQueryValueKey
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
Definition: registry.c:933
STATUS_BUFFER_OVERFLOW
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:66

Referenced by LsapGetDomainInfo(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarEnumeratePrivilegesAccount(), LsarGetQuotasForAccount(), LsarGetSystemAccessAccount(), LsarQueryAccountDomain(), LsarQueryAuditEvents(), LsarQueryAuditFull(), LsarQueryAuditLog(), LsarQueryDefaultQuota(), LsarQueryDnsDomain(), LsarQueryModification(), LsarQueryPrimaryDomain(), LsarQuerySecret(), LsarQuerySecurityObject(), LsarQueryServerRole(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarRetrievePrivateData(), LsarSetAuditFull(), LsarSetQuotasForAccount(), and LsarSetSecurityObject().

◆ LsapInitDatabase()

NTSTATUS LsapInitDatabase ( VOID  )

Definition at line 539 of file database.c.

540{
541 NTSTATUS Status;
542
543 TRACE("LsapInitDatabase()\n");
544
545 Status = LsapOpenServiceKey();
546 if (!NT_SUCCESS(Status))
547 {
548 ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
549 return Status;
550 }
551
552 if (!LsapIsDatabaseInstalled())
553 {
554 Status = LsapCreateDatabaseKeys();
555 if (!NT_SUCCESS(Status))
556 {
557 ERR("Failed to create the LSA database keys (Status: 0x%08lx)\n", Status);
558 return Status;
559 }
560
561 Status = LsapCreateDatabaseObjects();
562 if (!NT_SUCCESS(Status))
563 {
564 ERR("Failed to create the LSA database objects (Status: 0x%08lx)\n", Status);
565 return Status;
566 }
567 }
568 else
569 {
570 Status = LsapUpdateDatabase();
571 if (!NT_SUCCESS(Status))
572 {
573 ERR("Failed to update the LSA database (Status: 0x%08lx)\n", Status);
574 return Status;
575 }
576 }
577
578 Status = LsapGetDomainInfo();
579 if (!NT_SUCCESS(Status))
580 {
581 ERR("Failed to get the domain information (Status: 0x%08lx)\n", Status);
582 return Status;
583 }
584
585 TRACE("LsapInitDatabase() done\n");
586
587 return STATUS_SUCCESS;
588}
LsapUpdateDatabase
static NTSTATUS LsapUpdateDatabase(VOID)
Definition: database.c:400
LsapOpenServiceKey
static NTSTATUS LsapOpenServiceKey(VOID)
Definition: database.c:32
LsapGetDomainInfo
static NTSTATUS LsapGetDomainInfo(VOID)
Definition: database.c:407
LsapCreateDatabaseKeys
static NTSTATUS LsapCreateDatabaseKeys(VOID)
Definition: database.c:87
LsapIsDatabaseInstalled
static BOOLEAN LsapIsDatabaseInstalled(VOID)
Definition: database.c:57
LsapCreateDatabaseObjects
static NTSTATUS LsapCreateDatabaseObjects(VOID)
Definition: database.c:234

Referenced by LsapInitLsa().

◆ LsapIsDatabaseInstalled()

static BOOLEAN LsapIsDatabaseInstalled ( VOID  )
static

Definition at line 57 of file database.c.

58{
59 OBJECT_ATTRIBUTES ObjectAttributes;
60 UNICODE_STRING KeyName;
61 HANDLE KeyHandle;
62 NTSTATUS Status;
63
64 RtlInitUnicodeString(&KeyName,
65 L"Policy");
66
67 InitializeObjectAttributes(&ObjectAttributes,
68 &KeyName,
69 OBJ_CASE_INSENSITIVE,
70 SecurityKeyHandle,
71 NULL);
72
73 Status = RtlpNtOpenKey(&KeyHandle,
74 KEY_READ,
75 &ObjectAttributes,
76 0);
77 if (!NT_SUCCESS(Status))
78 return FALSE;
79
80 NtClose(KeyHandle);
81
82 return TRUE;
83}
KeyHandle
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
RtlpNtOpenKey
NTSTATUS NTAPI RtlpNtOpenKey(OUT HANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG Unused)
Definition: registry.c:912

Referenced by LsapInitDatabase().

◆ LsapOpenDbObject()

NTSTATUS LsapOpenDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  ObjectType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 712 of file database.c.

719{
720 PLSA_DB_OBJECT NewObject;
721 OBJECT_ATTRIBUTES ObjectAttributes;
722 UNICODE_STRING KeyName;
723 HANDLE ParentKeyHandle;
724 HANDLE ContainerKeyHandle = NULL;
725 HANDLE ObjectKeyHandle = NULL;
726 NTSTATUS Status;
727
728 if (DbObject == NULL)
729 return STATUS_INVALID_PARAMETER;
730
731 if (ParentObject == NULL)
732 ParentKeyHandle = SecurityKeyHandle;
733 else
734 ParentKeyHandle = ParentObject->KeyHandle;
735
736 if (ContainerName != NULL)
737 {
738 /* Open the container key */
739 RtlInitUnicodeString(&KeyName,
740 ContainerName);
741
742 InitializeObjectAttributes(&ObjectAttributes,
743 &KeyName,
744 OBJ_CASE_INSENSITIVE,
745 ParentKeyHandle,
746 NULL);
747
748 Status = NtOpenKey(&ContainerKeyHandle,
749 KEY_ALL_ACCESS,
750 &ObjectAttributes);
751 if (!NT_SUCCESS(Status))
752 {
753 return Status;
754 }
755
756 /* Open the object key */
757 RtlInitUnicodeString(&KeyName,
758 ObjectName);
759
760 InitializeObjectAttributes(&ObjectAttributes,
761 &KeyName,
762 OBJ_CASE_INSENSITIVE,
763 ContainerKeyHandle,
764 NULL);
765
766 Status = NtOpenKey(&ObjectKeyHandle,
767 KEY_ALL_ACCESS,
768 &ObjectAttributes);
769
770 NtClose(ContainerKeyHandle);
771
772 if (!NT_SUCCESS(Status))
773 {
774 return Status;
775 }
776 }
777 else
778 {
779 /* Open the object key */
780 RtlInitUnicodeString(&KeyName,
781 ObjectName);
782
783 InitializeObjectAttributes(&ObjectAttributes,
784 &KeyName,
785 OBJ_CASE_INSENSITIVE,
786 ParentKeyHandle,
787 NULL);
788
789 Status = NtOpenKey(&ObjectKeyHandle,
790 KEY_ALL_ACCESS,
791 &ObjectAttributes);
792 if (!NT_SUCCESS(Status))
793 {
794 return Status;
795 }
796 }
797
798 NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
799 0,
800 sizeof(LSA_DB_OBJECT));
801 if (NewObject == NULL)
802 {
803 NtClose(ObjectKeyHandle);
804 return STATUS_NO_MEMORY;
805 }
806
807 NewObject->Signature = LSAP_DB_SIGNATURE;
808 NewObject->RefCount = 1;
809 NewObject->ObjectType = ObjectType;
810 NewObject->Access = DesiredAccess;
811 NewObject->KeyHandle = ObjectKeyHandle;
812 NewObject->ParentObject = ParentObject;
813 NewObject->Trusted = Trusted;
814
815 if (ParentObject != NULL)
816 ParentObject->RefCount++;
817
818 *DbObject = NewObject;
819
820 return STATUS_SUCCESS;
821}

Referenced by LsaIOpenPolicyTrusted(), LsapCreateDatabaseObjects(), LsapGetDomainInfo(), LsarOpenPolicy(), LsarOpenSecret(), LsarpOpenAccount(), LsarRetrievePrivateData(), and LsarStorePrivateData().

◆ LsapOpenServiceKey()

static NTSTATUS LsapOpenServiceKey ( VOID  )
static

Definition at line 32 of file database.c.

33{
34 OBJECT_ATTRIBUTES ObjectAttributes;
35 UNICODE_STRING KeyName;
36 NTSTATUS Status;
37
38 RtlInitUnicodeString(&KeyName,
39 L"\\Registry\\Machine\\SECURITY");
40
41 InitializeObjectAttributes(&ObjectAttributes,
42 &KeyName,
43 OBJ_CASE_INSENSITIVE,
44 NULL,
45 NULL);
46
47 Status = RtlpNtOpenKey(&SecurityKeyHandle,
48 KEY_READ | KEY_CREATE_SUB_KEY | KEY_ENUMERATE_SUB_KEYS,
49 &ObjectAttributes,
50 0);
51
52 return Status;
53}
KEY_CREATE_SUB_KEY
#define KEY_CREATE_SUB_KEY
Definition: nt_native.h:1018
KEY_ENUMERATE_SUB_KEYS
#define KEY_ENUMERATE_SUB_KEYS
Definition: nt_native.h:1019

Referenced by LsapInitDatabase().

◆ LsapSetObjectAttribute()

NTSTATUS LsapSetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
ULONG  AttributeSize 
)

Definition at line 961 of file database.c.

965{
966 OBJECT_ATTRIBUTES ObjectAttributes;
967 UNICODE_STRING KeyName;
968 HANDLE AttributeKey;
969 NTSTATUS Status;
970
971 RtlInitUnicodeString(&KeyName,
972 AttributeName);
973
974 InitializeObjectAttributes(&ObjectAttributes,
975 &KeyName,
976 OBJ_CASE_INSENSITIVE,
977 DbObject->KeyHandle,
978 NULL);
979
980 Status = NtCreateKey(&AttributeKey,
981 KEY_SET_VALUE,
982 &ObjectAttributes,
983 0,
984 NULL,
985 REG_OPTION_NON_VOLATILE,
986 NULL);
987 if (!NT_SUCCESS(Status))
988 {
989 ERR("NtCreateKey failed for '%S' with status 0x%lx\n",
990 AttributeName, Status);
991 return Status;
992 }
993
994 Status = RtlpNtSetValueKey(AttributeKey,
995 REG_NONE,
996 AttributeData,
997 AttributeSize);
998
999 NtClose(AttributeKey);
1000
1001 if (!NT_SUCCESS(Status))
1002 {
1003 ERR("RtlpNtSetValueKey failed for '%S' with status 0x%lx\n",
1004 AttributeName, Status);
1005 }
1006
1007 return Status;
1008}
REG_OPTION_NON_VOLATILE
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057
REG_NONE
#define REG_NONE
Definition: nt_native.h:1492
KEY_SET_VALUE
#define KEY_SET_VALUE
Definition: nt_native.h:1017
RtlpNtSetValueKey
NTSTATUS NTAPI RtlpNtSetValueKey(IN HANDLE KeyHandle, IN ULONG Type, IN PVOID Data, IN ULONG DataLength)
Definition: registry.c:988

Referenced by LsapCreateDatabaseObjects(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarCreateSecret(), LsarpCreateAccount(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarSetAccountDomain(), LsarSetAuditEvents(), LsarSetAuditFull(), LsarSetAuditLog(), LsarSetDefaultQuota(), LsarSetModification(), LsarSetPrimaryDomain(), LsarSetQuotasForAccount(), LsarSetSecret(), LsarSetSecurityObject(), LsarSetServerRole(), LsarSetSystemAccessAccount(), and LsarStorePrivateData().

◆ LsapUpdateDatabase()

static NTSTATUS LsapUpdateDatabase ( VOID  )
static

Definition at line 400 of file database.c.

401{
402 return STATUS_SUCCESS;
403}

Referenced by LsapInitDatabase().

◆ LsapValidateDbObject()

NTSTATUS LsapValidateDbObject ( LSAPR_HANDLE  Handle,
LSA_DB_OBJECT_TYPE  ObjectType,
ACCESS_MASK  DesiredAccess,
PLSA_DB_OBJECT DbObject 
)

Definition at line 825 of file database.c.

829{
830 PLSA_DB_OBJECT LocalObject = (PLSA_DB_OBJECT)Handle;
831 BOOLEAN bValid = FALSE;
832
833 _SEH2_TRY
834 {
835 if (LocalObject->Signature == LSAP_DB_SIGNATURE)
836 {
837 if ((ObjectType == LsaDbIgnoreObject) ||
838 (LocalObject->ObjectType == ObjectType))
839 bValid = TRUE;
840 }
841 }
842 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
843 {
844 bValid = FALSE;
845 }
846 _SEH2_END;
847
848 if (bValid == FALSE)
849 return STATUS_INVALID_HANDLE;
850
851 if (DesiredAccess != 0)
852 {
853 /* Check for granted access rights */
854 if ((LocalObject->Access & DesiredAccess) != DesiredAccess)
855 {
856 ERR("LsapValidateDbObject access check failed %08lx %08lx\n",
857 LocalObject->Access, DesiredAccess);
858 return STATUS_ACCESS_DENIED;
859 }
860 }
861
862 if (DbObject != NULL)
863 *DbObject = LocalObject;
864
865 return STATUS_SUCCESS;
866}
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
LsaDbIgnoreObject
@ LsaDbIgnoreObject
Definition: lsasrv.h:49
PLSA_DB_OBJECT
struct _LSA_DB_OBJECT * PLSA_DB_OBJECT
_SEH2_END
#define _SEH2_END
Definition: filesup.c:22
_SEH2_TRY
#define _SEH2_TRY
Definition: filesup.c:19
Handle
ULONG Handle
Definition: gdb_input.c:15
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
STATUS_INVALID_HANDLE
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:245
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:34
_LSA_DB_OBJECT::Access
ACCESS_MASK Access
Definition: lsasrv.h:61
_LSA_DB_OBJECT::Signature
ULONG Signature
Definition: lsasrv.h:58
_LSA_DB_OBJECT::ObjectType
LSA_DB_OBJECT_TYPE ObjectType
Definition: lsasrv.h:59
STATUS_ACCESS_DENIED
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145

Referenced by LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarClose(), LsarCreateAccount(), LsarCreateSecret(), LsarDeleteObject(), LsarEnumerateAccounts(), LsarEnumerateAccountsWithUserRight(), LsarEnumeratePrivileges(), LsarEnumeratePrivilegesAccount(), LsarGetQuotasForAccount(), LsarGetSystemAccessAccount(), LsarLookupPrivilegeDisplayName(), LsarLookupPrivilegeName(), LsarLookupPrivilegeValue(), LsarOpenAccount(), LsarOpenSecret(), LsarQueryInformationPolicy(), LsarQuerySecret(), LsarQuerySecurityObject(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarRetrievePrivateData(), LsarSetInformationPolicy(), LsarSetQuotasForAccount(), LsarSetSecret(), LsarSetSecurityObject(), LsarSetSystemAccessAccount(), and LsarStorePrivateData().

Variable Documentation

◆ AccountDomainName

UNICODE_STRING AccountDomainName = {0, 0, NULL}

Definition at line 26 of file database.c.

Referenced by LsapGetDomainInfo(), LsapLookupAccountDomainSids(), LsapLookupAccountNames(), LsapLookupIsolatedAccountNames(), and LsapLookupIsolatedNames().

◆ AccountDomainSid

PSID AccountDomainSid = NULL

Definition at line 24 of file database.c.

Referenced by BuildTokenGroups(), BuildTokenInformationBuffer(), BuildTokenPrimaryGroup(), BuildTokenUser(), BuildUserInfoBuffer(), GetAccountDomainSid(), GetUserPrivileges(), LsaApLogonUserEx2(), LsapAddSamGroups(), LsapCreateDatabaseObjects(), LsapGetDomainInfo(), LsapLookupAccountDomainSids(), LsapLookupAccountNames(), LsapLookupIsolatedAccountNames(), LsapLookupIsolatedNames(), NetUserGetGroups(), NetUserGetInfo(), NetUserGetLocalGroups(), and SamValidateNormalUser().

◆ BuiltinDomainName

UNICODE_STRING BuiltinDomainName = {0, 0, NULL}

Definition at line 25 of file database.c.

Referenced by LsapGetDomainInfo(), LsapLookupBuiltinDomainSids(), LsapLookupBuiltinNames(), LsapLookupIsolatedBuiltinNames(), and LsapLookupIsolatedNames().

◆ BuiltinDomainSid

PSID BuiltinDomainSid = NULL

Definition at line 23 of file database.c.

Referenced by LsapGetDomainInfo().

◆ CreatorSidAuthority

SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY}

Definition at line 20 of file database.c.

Referenced by LsapInitSids().

◆ LocalSidAuthority

SID_IDENTIFIER_AUTHORITY LocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY}

Definition at line 19 of file database.c.

Referenced by LsapInitSids().

◆ NtAuthority

SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY}

Definition at line 21 of file database.c.

Referenced by LsapCreateRandomDomainSid(), and LsapGetDomainInfo().

◆ NullSidAuthority

SID_IDENTIFIER_AUTHORITY NullSidAuthority = {SECURITY_NULL_SID_AUTHORITY}

Definition at line 17 of file database.c.

Referenced by LsapInitSids().

◆ SecurityKeyHandle

HANDLE SecurityKeyHandle = NULL
static

Definition at line 15 of file database.c.

Referenced by LsapCreateDatabaseKeys(), LsapCreateDbObject(), LsapIsDatabaseInstalled(), LsapOpenDbObject(), and LsapOpenServiceKey().

◆ WorldSidAuthority

SID_IDENTIFIER_AUTHORITY WorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY}

Definition at line 18 of file database.c.

Referenced by LsapCreateAccountSd(), LsapCreatePolicySd(), LsapCreateSecretSd(), and LsapInitSids().