ReactOS 0.4.15-dev-7924-g5949c20
database.c File Reference
#include "lsasrv.h"
#include <pseh/pseh2.h>
Include dependency graph for database.c:

Go to the source code of this file.

Functions

static NTSTATUS LsapOpenServiceKey (VOID)
 
static BOOLEAN LsapIsDatabaseInstalled (VOID)
 
static NTSTATUS LsapCreateDatabaseKeys (VOID)
 
static NTSTATUS LsapCreateRandomDomainSid (OUT PSID *Sid)
 
static NTSTATUS LsapCreateDatabaseObjects (VOID)
 
static NTSTATUS LsapUpdateDatabase (VOID)
 
static NTSTATUS LsapGetDomainInfo (VOID)
 
NTSTATUS LsapInitDatabase (VOID)
 
NTSTATUS LsapCreateDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapOpenDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapValidateDbObject (LSAPR_HANDLE Handle, LSA_DB_OBJECT_TYPE ObjectType, ACCESS_MASK DesiredAccess, PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapCloseDbObject (PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapDeleteDbObject (IN PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapSetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
 
NTSTATUS LsapGetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
 
NTSTATUS LsapDeleteObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
 

Variables

static HANDLE SecurityKeyHandle = NULL
 
SID_IDENTIFIER_AUTHORITY NullSidAuthority = {SECURITY_NULL_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY WorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY LocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY}
 
PSID BuiltinDomainSid = NULL
 
PSID AccountDomainSid = NULL
 
UNICODE_STRING BuiltinDomainName = {0, 0, NULL}
 
UNICODE_STRING AccountDomainName = {0, 0, NULL}
 

Function Documentation

◆ LsapCloseDbObject()

NTSTATUS LsapCloseDbObject ( PLSA_DB_OBJECT  DbObject)

Definition at line 870 of file database.c.

871{
872 PLSA_DB_OBJECT ParentObject = NULL;
874
875 DbObject->RefCount--;
876
877 if (DbObject->RefCount > 0)
878 return STATUS_SUCCESS;
879
880 if (DbObject->KeyHandle != NULL)
881 NtClose(DbObject->KeyHandle);
882
883 if (DbObject->ParentObject != NULL)
884 ParentObject = DbObject->ParentObject;
885
886 RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
887
888 if (ParentObject != NULL)
889 {
890 ParentObject->RefCount--;
891
892 if (ParentObject->RefCount == 0)
893 Status = LsapCloseDbObject(ParentObject);
894 }
895
896 return Status;
897}
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:608
#define NULL
Definition: types.h:112
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:870
Status
Definition: gdiplustypes.h:25
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
#define STATUS_SUCCESS
Definition: shellext.h:65
HANDLE KeyHandle
Definition: lsasrv.h:62
ULONG RefCount
Definition: lsasrv.h:60
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:64

Referenced by LsapCloseDbObject(), LsapCreateDatabaseObjects(), LsapDeleteDbObject(), LsapGetDomainInfo(), LsarAddAccountRights(), LsarClose(), LsarCreateSecret(), LsarOpenSecret(), LsarRemoveAccountRights(), LsarRetrievePrivateData(), and LsarStorePrivateData().

◆ LsapCreateDatabaseKeys()

static NTSTATUS LsapCreateDatabaseKeys ( VOID  )
static

Definition at line 87 of file database.c.

88{
91 HANDLE PolicyKeyHandle = NULL;
92 HANDLE AccountsKeyHandle = NULL;
93 HANDLE DomainsKeyHandle = NULL;
94 HANDLE SecretsKeyHandle = NULL;
96
97 TRACE("LsapInstallDatabase()\n");
98
99 /* Create the 'Policy' key */
101 L"Policy");
102
104 &KeyName,
107 NULL);
108
109 Status = NtCreateKey(&PolicyKeyHandle,
112 0,
113 NULL,
114 0,
115 NULL);
116 if (!NT_SUCCESS(Status))
117 {
118 ERR("Failed to create the 'Policy' key (Status: 0x%08lx)\n", Status);
119 goto Done;
120 }
121
122 /* Create the 'Accounts' key */
124 L"Accounts");
125
127 &KeyName,
129 PolicyKeyHandle,
130 NULL);
131
132 Status = NtCreateKey(&AccountsKeyHandle,
135 0,
136 NULL,
137 0,
138 NULL);
139 if (!NT_SUCCESS(Status))
140 {
141 ERR("Failed to create the 'Accounts' key (Status: 0x%08lx)\n", Status);
142 goto Done;
143 }
144
145 /* Create the 'Domains' key */
147 L"Domains");
148
150 &KeyName,
152 PolicyKeyHandle,
153 NULL);
154
155 Status = NtCreateKey(&DomainsKeyHandle,
158 0,
159 NULL,
160 0,
161 NULL);
162 if (!NT_SUCCESS(Status))
163 {
164 ERR("Failed to create the 'Domains' key (Status: 0x%08lx)\n", Status);
165 goto Done;
166 }
167
168 /* Create the 'Secrets' key */
170 L"Secrets");
171
173 &KeyName,
175 PolicyKeyHandle,
176 NULL);
177
178 Status = NtCreateKey(&SecretsKeyHandle,
181 0,
182 NULL,
183 0,
184 NULL);
185 if (!NT_SUCCESS(Status))
186 {
187 ERR("Failed to create the 'Secrets' key (Status: 0x%08lx)\n", Status);
188 goto Done;
189 }
190
191Done:
192 if (SecretsKeyHandle != NULL)
193 NtClose(SecretsKeyHandle);
194
195 if (DomainsKeyHandle != NULL)
196 NtClose(DomainsKeyHandle);
197
198 if (AccountsKeyHandle != NULL)
199 NtClose(AccountsKeyHandle);
200
201 if (PolicyKeyHandle != NULL)
202 NtClose(PolicyKeyHandle);
203
204 TRACE("LsapInstallDatabase() done (Status: 0x%08lx)\n", Status);
205
206 return Status;
207}
#define ERR(fmt,...)
Definition: debug.h:110
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
static HANDLE SecurityKeyHandle
Definition: database.c:15
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
#define L(x)
Definition: ntvdm.h:50
#define TRACE(s)
Definition: solgame.cpp:4
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2699

Referenced by LsapInitDatabase().

◆ LsapCreateDatabaseObjects()

static NTSTATUS LsapCreateDatabaseObjects ( VOID  )
static

Definition at line 234 of file database.c.

235{
236 PLSAP_POLICY_AUDIT_EVENTS_DATA AuditEventsInfo = NULL;
238 POLICY_MODIFICATION_INFO ModificationInfo;
239 POLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = {FALSE, FALSE};
240 POLICY_AUDIT_LOG_INFO AuditLogInfo;
241 GUID DnsDomainGuid;
242 PLSA_DB_OBJECT PolicyObject = NULL;
244 PSECURITY_DESCRIPTOR PolicySd = NULL;
245 ULONG PolicySdSize = 0;
246 ULONG i;
248
249 /* Initialize the default quota limits */
250 QuotaInfo.QuotaLimits.PagedPoolLimit = 0x2000000;
251 QuotaInfo.QuotaLimits.NonPagedPoolLimit = 0x100000;
252 QuotaInfo.QuotaLimits.MinimumWorkingSetSize = 0x10000;
253 QuotaInfo.QuotaLimits.MaximumWorkingSetSize = 0xF000000;
254 QuotaInfo.QuotaLimits.PagefileLimit = 0;
255 QuotaInfo.QuotaLimits.TimeLimit.QuadPart = 0;
256
257 /* Initialize the audit log attribute */
258 AuditLogInfo.AuditLogPercentFull = 0;
259 AuditLogInfo.MaximumLogSize = 0; // DWORD
260 AuditLogInfo.AuditRetentionPeriod.QuadPart = 0; // LARGE_INTEGER
261 AuditLogInfo.AuditLogFullShutdownInProgress = 0; // BYTE
262 AuditLogInfo.TimeToShutdown.QuadPart = 0; // LARGE_INTEGER
263 AuditLogInfo.NextAuditRecordId = 0; // DWORD
264
265 /* Initialize the Audit Events attribute */
266 AuditEventsInfo = RtlAllocateHeap(RtlGetProcessHeap(),
269 if (AuditEventsInfo == NULL)
271
272 AuditEventsInfo->AuditingMode = FALSE;
274 for (i = 0; i < POLICY_AUDIT_EVENT_TYPE_COUNT; i++)
275 AuditEventsInfo->AuditEvents[i] = 0;
276
277 /* Initialize the DNS Domain GUID attribute */
278 RtlZeroMemory(&DnsDomainGuid, sizeof(DnsDomainGuid));
279
280 /* Initialize the modification attribute */
281 ModificationInfo.ModifiedId.QuadPart = 0;
282 NtQuerySystemTime(&ModificationInfo.DatabaseCreationTime);
283
284 /* Create a random domain SID */
286 if (!NT_SUCCESS(Status))
287 goto done;
288
289 Status = LsapCreatePolicySd(&PolicySd, &PolicySdSize);
290 if (!NT_SUCCESS(Status))
291 goto done;
292
293 /* Open the 'Policy' object */
295 NULL,
296 L"Policy",
298 0,
299 TRUE,
300 &PolicyObject);
301 if (!NT_SUCCESS(Status))
302 goto done;
303
304 /* Set the Primary Domain Name attribute */
305 LsapSetObjectAttribute(PolicyObject,
306 L"PolPrDmN",
307 NULL,
308 0);
309
310 /* Set the Primary Domain SID attribute */
311 LsapSetObjectAttribute(PolicyObject,
312 L"PolPrDmS",
313 NULL,
314 0);
315
316 /* Set the Account Domain Name attribute */
317 LsapSetObjectAttribute(PolicyObject,
318 L"PolAcDmN",
319 NULL,
320 0);
321
322 /* Set the Account Domain SID attribute */
323 LsapSetObjectAttribute(PolicyObject,
324 L"PolAcDmS",
327
328 /* Set the default quota limits attribute */
329 LsapSetObjectAttribute(PolicyObject,
330 L"DefQuota",
331 &QuotaInfo,
332 sizeof(QuotaInfo));
333
334 /* Set the modification attribute */
335 LsapSetObjectAttribute(PolicyObject,
336 L"PolMod",
337 &ModificationInfo,
338 sizeof(ModificationInfo));
339
340 /* Set the audit full attribute */
341 LsapSetObjectAttribute(PolicyObject,
342 L"PolAdtFl",
343 &AuditFullInfo,
344 sizeof(AuditFullInfo));
345
346 /* Set the audit log attribute */
347 LsapSetObjectAttribute(PolicyObject,
348 L"PolAdtLg",
349 &AuditLogInfo,
350 sizeof(AuditLogInfo));
351
352 /* Set the audit events attribute */
353 LsapSetObjectAttribute(PolicyObject,
354 L"PolAdtEv",
355 AuditEventsInfo,
356 sizeof(*AuditEventsInfo));
357
358 /* Set the DNS Domain Name attribute */
359 LsapSetObjectAttribute(PolicyObject,
360 L"PolDnDDN",
361 NULL,
362 0);
363
364 /* Set the DNS Forest Name attribute */
365 LsapSetObjectAttribute(PolicyObject,
366 L"PolDnTrN",
367 NULL,
368 0);
369
370 /* Set the DNS Domain GUID attribute */
371 LsapSetObjectAttribute(PolicyObject,
372 L"PolDnDmG",
373 &DnsDomainGuid,
374 sizeof(DnsDomainGuid));
375
376 /* Set the Security Descriptor */
377 LsapSetObjectAttribute(PolicyObject,
378 L"SecDesc",
379 PolicySd,
380 PolicySdSize);
381
382done:
383 if (AuditEventsInfo != NULL)
384 RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo);
385
386 if (PolicyObject != NULL)
387 LsapCloseDbObject(PolicyObject);
388
389 if (AccountDomainSid != NULL)
391
392 if (PolicySd != NULL)
393 RtlFreeHeap(RtlGetProcessHeap(), 0, PolicySd);
394
395 return Status;
396}
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:590
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
static NTSTATUS LsapCreateRandomDomainSid(OUT PSID *Sid)
Definition: database.c:211
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:712
PSID AccountDomainSid
Definition: database.c:24
NTSTATUS LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
Definition: database.c:961
NTSTATUS LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
Definition: security.c:14
@ LsaDbPolicyObject
Definition: lsasrv.h:50
#define POLICY_AUDIT_EVENT_TYPE_COUNT
Definition: lsasrv.h:69
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:483
DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT]
Definition: lsasrv.h:73
LARGE_INTEGER AuditRetentionPeriod
Definition: ntsecapi.h:555
BOOLEAN AuditLogFullShutdownInProgress
Definition: ntsecapi.h:556
LARGE_INTEGER TimeToShutdown
Definition: ntsecapi.h:557
QUOTA_LIMITS QuotaLimits
Definition: ntsecapi.h:591
LARGE_INTEGER DatabaseCreationTime
Definition: ntsecapi.h:595
LARGE_INTEGER ModifiedId
Definition: ntsecapi.h:594
INT64 MaximumWorkingSetSize
Definition: lsa.idl:290
INT64 NonPagedPoolLimit
Definition: lsa.idl:288
LARGE_INTEGER TimeLimit
Definition: lsa.idl:292
INT64 MinimumWorkingSetSize
Definition: lsa.idl:289
INT64 PagefileLimit
Definition: lsa.idl:291
INT64 PagedPoolLimit
Definition: lsa.idl:287
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
uint32_t ULONG
Definition: typedefs.h:59
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
LONGLONG QuadPart
Definition: typedefs.h:114

Referenced by LsapInitDatabase().

◆ LsapCreateDbObject()

NTSTATUS LsapCreateDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  ObjectType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 592 of file database.c.

599{
603 HANDLE ParentKeyHandle;
604 HANDLE ContainerKeyHandle = NULL;
605 HANDLE ObjectKeyHandle = NULL;
607
608 if (DbObject == NULL)
610
611 if (ParentObject == NULL)
612 ParentKeyHandle = SecurityKeyHandle;
613 else
614 ParentKeyHandle = ParentObject->KeyHandle;
615
616 if (ContainerName != NULL)
617 {
618 /* Open the container key */
620 ContainerName);
621
623 &KeyName,
625 ParentKeyHandle,
626 NULL);
627
628 Status = NtOpenKey(&ContainerKeyHandle,
631 if (!NT_SUCCESS(Status))
632 {
633 return Status;
634 }
635
636 /* Open the object key */
638 ObjectName);
639
641 &KeyName,
643 ContainerKeyHandle,
644 NULL);
645
646 Status = NtCreateKey(&ObjectKeyHandle,
649 0,
650 NULL,
651 0,
652 NULL);
653
654 NtClose(ContainerKeyHandle);
655
656 if (!NT_SUCCESS(Status))
657 {
658 return Status;
659 }
660 }
661 else
662 {
664 ObjectName);
665
667 &KeyName,
669 ParentKeyHandle,
670 NULL);
671
672 Status = NtCreateKey(&ObjectKeyHandle,
675 0,
676 NULL,
677 0,
678 NULL);
679 if (!NT_SUCCESS(Status))
680 {
681 return Status;
682 }
683 }
684
685 NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
686 0,
687 sizeof(LSA_DB_OBJECT));
688 if (NewObject == NULL)
689 {
690 NtClose(ObjectKeyHandle);
691 return STATUS_NO_MEMORY;
692 }
693
694 NewObject->Signature = LSAP_DB_SIGNATURE;
695 NewObject->RefCount = 1;
696 NewObject->ObjectType = ObjectType;
697 NewObject->Access = DesiredAccess;
698 NewObject->KeyHandle = ObjectKeyHandle;
699 NewObject->ParentObject = ParentObject;
700 NewObject->Trusted = Trusted;
701
702 if (ParentObject != NULL)
703 ParentObject->RefCount++;
704
705 *DbObject = NewObject;
706
707 return STATUS_SUCCESS;
708}
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:67
ObjectType
Definition: metafile.c:81
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:64
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:74

Referenced by LsarCreateSecret(), LsarpCreateAccount(), and LsarStorePrivateData().

◆ LsapCreateRandomDomainSid()

static NTSTATUS LsapCreateRandomDomainSid ( OUT PSID Sid)
static

Definition at line 211 of file database.c.

212{
213 LARGE_INTEGER SystemTime;
214 PULONG Seed;
215
216 NtQuerySystemTime(&SystemTime);
217 Seed = &SystemTime.u.LowPart;
218
220 4,
222 RtlUniform(Seed),
223 RtlUniform(Seed),
224 RtlUniform(Seed),
229 Sid);
230}
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:21
NTSYSAPI ULONG NTAPI RtlUniform(_In_ PULONG Seed)
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1133
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
uint32_t * PULONG
Definition: typedefs.h:59
struct _LARGE_INTEGER::@2295 u
#define SECURITY_NULL_RID
Definition: setypes.h:540
#define SECURITY_NT_NON_UNIQUE
Definition: setypes.h:577

Referenced by LsapCreateDatabaseObjects().

◆ LsapDeleteDbObject()

NTSTATUS LsapDeleteDbObject ( IN PLSA_DB_OBJECT  DbObject)

Definition at line 901 of file database.c.

902{
903 PLSA_DB_OBJECT ParentObject = NULL;
904 WCHAR KeyName[64];
905 ULONG Index;
907
908 DbObject->RefCount--;
909
910 if (DbObject->RefCount > 0)
911 return STATUS_SUCCESS;
912
913 if (DbObject->KeyHandle != NULL)
914 {
915 Index = 0;
916
917 while (TRUE)
918 {
919 Status = LsapRegEnumerateSubKey(DbObject->KeyHandle,
920 Index,
921 sizeof(KeyName),
922 KeyName);
923 if (!NT_SUCCESS(Status))
924 break;
925
926 TRACE("Index: %lu\n", Index);
927 TRACE("Key name: %S\n", KeyName);
928
929 Status = LsapRegDeleteSubKey(DbObject->KeyHandle,
930 KeyName);
931 if (!NT_SUCCESS(Status))
932 break;
933 }
934
937
938 LsapRegDeleteKey(DbObject->KeyHandle);
939
940 NtClose(DbObject->KeyHandle);
941 }
942
943 if (DbObject->ParentObject != NULL)
944 ParentObject = DbObject->ParentObject;
945
946 RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
947
948 if (ParentObject != NULL)
949 {
950 ParentObject->RefCount--;
951
952 if (ParentObject->RefCount == 0)
953 Status = LsapCloseDbObject(ParentObject);
954 }
955
956 return Status;
957}
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
Definition: registry.c:89
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
Definition: registry.c:96
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:205
_In_ WDFCOLLECTION _In_ ULONG Index
__wchar_t WCHAR
Definition: xmlstorage.h:180

Referenced by LsarDeleteObject(), and LsarStorePrivateData().

◆ LsapDeleteObjectAttribute()

NTSTATUS LsapDeleteObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName 
)

Definition at line 1082 of file database.c.

1084{
1085 return LsapRegDeleteSubKey(DbObject->KeyHandle,
1086 AttributeName);
1087}

Referenced by LsarRemovePrivilegesFromAccount().

◆ LsapGetDomainInfo()

static NTSTATUS LsapGetDomainInfo ( VOID  )
static

Definition at line 407 of file database.c.

408{
409 PLSA_DB_OBJECT PolicyObject = NULL;
410 PUNICODE_STRING DomainName = NULL;
411 ULONG AttributeSize;
412 LPWSTR SidString = NULL;
414
415 /* Get the built-in domain SID and name */
417 1,
419 0, 0, 0, 0, 0, 0, 0,
421 if (!NT_SUCCESS(Status))
422 return Status;
423
424
426 L"BUILTIN");
427
428 /* Open the 'Policy' object */
430 NULL,
431 L"Policy",
433 0,
434 TRUE,
435 &PolicyObject);
436 if (!NT_SUCCESS(Status))
437 goto done;
438
439 /* Get the account domain SID */
440 AttributeSize = 0;
441 Status = LsapGetObjectAttribute(PolicyObject,
442 L"PolAcDmS",
443 NULL,
444 &AttributeSize);
445 if (!NT_SUCCESS(Status))
446 goto done;
447
448 if (AttributeSize > 0)
449 {
450 AccountDomainSid = RtlAllocateHeap(RtlGetProcessHeap(),
452 AttributeSize);
453 if (AccountDomainSid == NULL)
454 {
456 goto done;
457 }
458
459 Status = LsapGetObjectAttribute(PolicyObject,
460 L"PolAcDmS",
462 &AttributeSize);
463 if (!NT_SUCCESS(Status))
464 goto done;
465 }
466
467 /* Get the account domain name */
468 AttributeSize = 0;
469 Status = LsapGetObjectAttribute(PolicyObject,
470 L"PolAcDmN",
471 NULL,
472 &AttributeSize);
473 if (!NT_SUCCESS(Status))
474 goto done;
475
476 if (AttributeSize > 0)
477 {
478 DomainName = RtlAllocateHeap(RtlGetProcessHeap(),
480 AttributeSize);
481 if (DomainName == NULL)
482 {
484 goto done;
485 }
486
487 Status = LsapGetObjectAttribute(PolicyObject,
488 L"PolAcDmN",
489 DomainName,
490 &AttributeSize);
491 if (!NT_SUCCESS(Status))
492 goto done;
493
494 DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
495
496 AccountDomainName.Length = DomainName->Length;
497 AccountDomainName.MaximumLength = DomainName->Length + sizeof(WCHAR);
498 AccountDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
502 {
503 ERR("Failed to allocate the account domain name buffer\n");
505 goto done;
506 }
507
509 DomainName->Buffer,
510 DomainName->Length);
511 }
512
514 TRACE("Builtin Domain SID: %S\n", SidString);
515 LocalFree(SidString);
516 SidString = NULL;
517
518 TRACE("Builtin Domain Name: %wZ\n", &BuiltinDomainName);
519
521 TRACE("Account Domain SID: %S\n", SidString);
522 LocalFree(SidString);
523 SidString = NULL;
524
525 TRACE("Account Domain Name: %wZ\n", &AccountDomainName);
526
527done:
528 if (DomainName != NULL)
529 RtlFreeHeap(RtlGetProcessHeap(), 0, DomainName);
530
531 if (PolicyObject != NULL)
532 LsapCloseDbObject(PolicyObject);
533
534 return Status;
535}
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3583
UNICODE_STRING BuiltinDomainName
Definition: database.c:25
UNICODE_STRING AccountDomainName
Definition: database.c:26
NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
Definition: database.c:1012
PSID BuiltinDomainSid
Definition: database.c:23
#define ULONG_PTR
Definition: config.h:101
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
USHORT MaximumLength
Definition: env_spec_w32.h:370
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
uint32_t ULONG_PTR
Definition: typedefs.h:65
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
WCHAR * LPWSTR
Definition: xmlstorage.h:184

Referenced by LsapInitDatabase().

◆ LsapGetObjectAttribute()

NTSTATUS LsapGetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
PULONG  AttributeSize 
)

Definition at line 1012 of file database.c.

1016{
1019 HANDLE AttributeKey;
1020 ULONG ValueSize;
1022
1024 AttributeName);
1025
1027 &KeyName,
1029 DbObject->KeyHandle,
1030 NULL);
1031
1032 Status = NtOpenKey(&AttributeKey,
1035 if (!NT_SUCCESS(Status))
1036 {
1037 return Status;
1038 }
1039
1040 ValueSize = *AttributeSize;
1041 Status = RtlpNtQueryValueKey(AttributeKey,
1042 NULL,
1043 NULL,
1044 &ValueSize,
1045 0);
1047 {
1048 goto Done;
1049 }
1050
1051 if (AttributeData == NULL || *AttributeSize == 0)
1052 {
1053 *AttributeSize = ValueSize;
1055 goto Done;
1056 }
1057 else if (*AttributeSize < ValueSize)
1058 {
1059 *AttributeSize = ValueSize;
1061 goto Done;
1062 }
1063
1064 Status = RtlpNtQueryValueKey(AttributeKey,
1065 NULL,
1067 &ValueSize,
1068 0);
1069 if (NT_SUCCESS(Status))
1070 {
1071 *AttributeSize = ValueSize;
1072 }
1073
1074Done:
1075 NtClose(AttributeKey);
1076
1077 return Status;
1078}
@ AttributeData
Definition: ntfs.h:168
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
Definition: registry.c:933
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:66

Referenced by LsapGetDomainInfo(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarEnumeratePrivilegesAccount(), LsarGetQuotasForAccount(), LsarGetSystemAccessAccount(), LsarQueryAccountDomain(), LsarQueryAuditEvents(), LsarQueryAuditFull(), LsarQueryAuditLog(), LsarQueryDefaultQuota(), LsarQueryDnsDomain(), LsarQueryModification(), LsarQueryPrimaryDomain(), LsarQuerySecret(), LsarQuerySecurityObject(), LsarQueryServerRole(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarRetrievePrivateData(), LsarSetAuditFull(), LsarSetQuotasForAccount(), and LsarSetSecurityObject().

◆ LsapInitDatabase()

NTSTATUS LsapInitDatabase ( VOID  )

Definition at line 539 of file database.c.

540{
542
543 TRACE("LsapInitDatabase()\n");
544
546 if (!NT_SUCCESS(Status))
547 {
548 ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
549 return Status;
550 }
551
553 {
555 if (!NT_SUCCESS(Status))
556 {
557 ERR("Failed to create the LSA database keys (Status: 0x%08lx)\n", Status);
558 return Status;
559 }
560
562 if (!NT_SUCCESS(Status))
563 {
564 ERR("Failed to create the LSA database objects (Status: 0x%08lx)\n", Status);
565 return Status;
566 }
567 }
568 else
569 {
571 if (!NT_SUCCESS(Status))
572 {
573 ERR("Failed to update the LSA database (Status: 0x%08lx)\n", Status);
574 return Status;
575 }
576 }
577
579 if (!NT_SUCCESS(Status))
580 {
581 ERR("Failed to get the domain information (Status: 0x%08lx)\n", Status);
582 return Status;
583 }
584
585 TRACE("LsapInitDatabase() done\n");
586
587 return STATUS_SUCCESS;
588}
static NTSTATUS LsapUpdateDatabase(VOID)
Definition: database.c:400
static NTSTATUS LsapOpenServiceKey(VOID)
Definition: database.c:32
static NTSTATUS LsapGetDomainInfo(VOID)
Definition: database.c:407
static NTSTATUS LsapCreateDatabaseKeys(VOID)
Definition: database.c:87
static BOOLEAN LsapIsDatabaseInstalled(VOID)
Definition: database.c:57
static NTSTATUS LsapCreateDatabaseObjects(VOID)
Definition: database.c:234

Referenced by LsapInitLsa().

◆ LsapIsDatabaseInstalled()

static BOOLEAN LsapIsDatabaseInstalled ( VOID  )
static

Definition at line 57 of file database.c.

58{
63
65 L"Policy");
66
68 &KeyName,
71 NULL);
72
76 0);
77 if (!NT_SUCCESS(Status))
78 return FALSE;
79
81
82 return TRUE;
83}
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
#define KEY_READ
Definition: nt_native.h:1023
NTSTATUS NTAPI RtlpNtOpenKey(OUT HANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG Unused)
Definition: registry.c:912

Referenced by LsapInitDatabase().

◆ LsapOpenDbObject()

NTSTATUS LsapOpenDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  ObjectType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 712 of file database.c.

719{
723 HANDLE ParentKeyHandle;
724 HANDLE ContainerKeyHandle = NULL;
725 HANDLE ObjectKeyHandle = NULL;
727
728 if (DbObject == NULL)
730
731 if (ParentObject == NULL)
732 ParentKeyHandle = SecurityKeyHandle;
733 else
734 ParentKeyHandle = ParentObject->KeyHandle;
735
736 if (ContainerName != NULL)
737 {
738 /* Open the container key */
740 ContainerName);
741
743 &KeyName,
745 ParentKeyHandle,
746 NULL);
747
748 Status = NtOpenKey(&ContainerKeyHandle,
751 if (!NT_SUCCESS(Status))
752 {
753 return Status;
754 }
755
756 /* Open the object key */
758 ObjectName);
759
761 &KeyName,
763 ContainerKeyHandle,
764 NULL);
765
766 Status = NtOpenKey(&ObjectKeyHandle,
769
770 NtClose(ContainerKeyHandle);
771
772 if (!NT_SUCCESS(Status))
773 {
774 return Status;
775 }
776 }
777 else
778 {
779 /* Open the object key */
781 ObjectName);
782
784 &KeyName,
786 ParentKeyHandle,
787 NULL);
788
789 Status = NtOpenKey(&ObjectKeyHandle,
792 if (!NT_SUCCESS(Status))
793 {
794 return Status;
795 }
796 }
797
798 NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
799 0,
800 sizeof(LSA_DB_OBJECT));
801 if (NewObject == NULL)
802 {
803 NtClose(ObjectKeyHandle);
804 return STATUS_NO_MEMORY;
805 }
806
807 NewObject->Signature = LSAP_DB_SIGNATURE;
808 NewObject->RefCount = 1;
809 NewObject->ObjectType = ObjectType;
810 NewObject->Access = DesiredAccess;
811 NewObject->KeyHandle = ObjectKeyHandle;
812 NewObject->ParentObject = ParentObject;
813 NewObject->Trusted = Trusted;
814
815 if (ParentObject != NULL)
816 ParentObject->RefCount++;
817
818 *DbObject = NewObject;
819
820 return STATUS_SUCCESS;
821}

Referenced by LsaIOpenPolicyTrusted(), LsapCreateDatabaseObjects(), LsapGetDomainInfo(), LsarOpenPolicy(), LsarOpenSecret(), LsarpOpenAccount(), LsarRetrievePrivateData(), and LsarStorePrivateData().

◆ LsapOpenServiceKey()

static NTSTATUS LsapOpenServiceKey ( VOID  )
static

Definition at line 32 of file database.c.

33{
37
39 L"\\Registry\\Machine\\SECURITY");
40
42 &KeyName,
44 NULL,
45 NULL);
46
50 0);
51
52 return Status;
53}
#define KEY_CREATE_SUB_KEY
Definition: nt_native.h:1018
#define KEY_ENUMERATE_SUB_KEYS
Definition: nt_native.h:1019

Referenced by LsapInitDatabase().

◆ LsapSetObjectAttribute()

NTSTATUS LsapSetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
ULONG  AttributeSize 
)

Definition at line 961 of file database.c.

965{
968 HANDLE AttributeKey;
970
972 AttributeName);
973
975 &KeyName,
977 DbObject->KeyHandle,
978 NULL);
979
980 Status = NtCreateKey(&AttributeKey,
983 0,
984 NULL,
986 NULL);
987 if (!NT_SUCCESS(Status))
988 {
989 ERR("NtCreateKey failed for '%S' with status 0x%lx\n",
990 AttributeName, Status);
991 return Status;
992 }
993
994 Status = RtlpNtSetValueKey(AttributeKey,
995 REG_NONE,
997 AttributeSize);
998
999 NtClose(AttributeKey);
1000
1001 if (!NT_SUCCESS(Status))
1002 {
1003 ERR("RtlpNtSetValueKey failed for '%S' with status 0x%lx\n",
1004 AttributeName, Status);
1005 }
1006
1007 return Status;
1008}
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057
#define REG_NONE
Definition: nt_native.h:1492
#define KEY_SET_VALUE
Definition: nt_native.h:1017
NTSTATUS NTAPI RtlpNtSetValueKey(IN HANDLE KeyHandle, IN ULONG Type, IN PVOID Data, IN ULONG DataLength)
Definition: registry.c:988

Referenced by LsapCreateDatabaseObjects(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarCreateSecret(), LsarpCreateAccount(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarSetAccountDomain(), LsarSetAuditEvents(), LsarSetAuditFull(), LsarSetAuditLog(), LsarSetDefaultQuota(), LsarSetModification(), LsarSetPrimaryDomain(), LsarSetQuotasForAccount(), LsarSetSecret(), LsarSetSecurityObject(), LsarSetServerRole(), LsarSetSystemAccessAccount(), and LsarStorePrivateData().

◆ LsapUpdateDatabase()

static NTSTATUS LsapUpdateDatabase ( VOID  )
static

Definition at line 400 of file database.c.

401{
402 return STATUS_SUCCESS;
403}

Referenced by LsapInitDatabase().

◆ LsapValidateDbObject()

NTSTATUS LsapValidateDbObject ( LSAPR_HANDLE  Handle,
LSA_DB_OBJECT_TYPE  ObjectType,
ACCESS_MASK  DesiredAccess,
PLSA_DB_OBJECT DbObject 
)

Definition at line 825 of file database.c.

829{
830 PLSA_DB_OBJECT LocalObject = (PLSA_DB_OBJECT)Handle;
831 BOOLEAN bValid = FALSE;
832
834 {
835 if (LocalObject->Signature == LSAP_DB_SIGNATURE)
836 {
837 if ((ObjectType == LsaDbIgnoreObject) ||
838 (LocalObject->ObjectType == ObjectType))
839 bValid = TRUE;
840 }
841 }
843 {
844 bValid = FALSE;
845 }
846 _SEH2_END;
847
848 if (bValid == FALSE)
850
851 if (DesiredAccess != 0)
852 {
853 /* Check for granted access rights */
854 if ((LocalObject->Access & DesiredAccess) != DesiredAccess)
855 {
856 ERR("LsapValidateDbObject access check failed %08lx %08lx\n",
857 LocalObject->Access, DesiredAccess);
859 }
860 }
861
862 if (DbObject != NULL)
863 *DbObject = LocalObject;
864
865 return STATUS_SUCCESS;
866}
unsigned char BOOLEAN
@ LsaDbIgnoreObject
Definition: lsasrv.h:49
struct _LSA_DB_OBJECT * PLSA_DB_OBJECT
#define _SEH2_END
Definition: filesup.c:22
#define _SEH2_TRY
Definition: filesup.c:19
ULONG Handle
Definition: gdb_input.c:15
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:245
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:34
ACCESS_MASK Access
Definition: lsasrv.h:61
ULONG Signature
Definition: lsasrv.h:58
LSA_DB_OBJECT_TYPE ObjectType
Definition: lsasrv.h:59
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145

Referenced by LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarClose(), LsarCreateAccount(), LsarCreateSecret(), LsarDeleteObject(), LsarEnumerateAccounts(), LsarEnumerateAccountsWithUserRight(), LsarEnumeratePrivileges(), LsarEnumeratePrivilegesAccount(), LsarGetQuotasForAccount(), LsarGetSystemAccessAccount(), LsarLookupPrivilegeDisplayName(), LsarLookupPrivilegeName(), LsarLookupPrivilegeValue(), LsarOpenAccount(), LsarOpenSecret(), LsarQueryInformationPolicy(), LsarQuerySecret(), LsarQuerySecurityObject(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarRetrievePrivateData(), LsarSetInformationPolicy(), LsarSetQuotasForAccount(), LsarSetSecret(), LsarSetSecurityObject(), LsarSetSystemAccessAccount(), and LsarStorePrivateData().

Variable Documentation

◆ AccountDomainName

◆ AccountDomainSid

◆ BuiltinDomainName

◆ BuiltinDomainSid

PSID BuiltinDomainSid = NULL

Definition at line 23 of file database.c.

Referenced by LsapGetDomainInfo().

◆ CreatorSidAuthority

Definition at line 20 of file database.c.

Referenced by LsapInitSids().

◆ LocalSidAuthority

Definition at line 19 of file database.c.

Referenced by LsapInitSids().

◆ NtAuthority

Definition at line 21 of file database.c.

Referenced by LsapCreateRandomDomainSid(), and LsapGetDomainInfo().

◆ NullSidAuthority

Definition at line 17 of file database.c.

Referenced by LsapInitSids().

◆ SecurityKeyHandle

HANDLE SecurityKeyHandle = NULL
static

◆ WorldSidAuthority