ReactOS  0.4.13-dev-482-ge57f103
Functions | Variables
database.c File Reference
#include "lsasrv.h"
Include dependency graph for database.c:

Go to the source code of this file.

Functions

static NTSTATUS LsapOpenServiceKey (VOID)
 
static BOOLEAN LsapIsDatabaseInstalled (VOID)
 
static NTSTATUS LsapCreateDatabaseKeys (VOID)
 
static NTSTATUS LsapCreateRandomDomainSid (OUT PSID *Sid)
 
static NTSTATUS LsapCreateDatabaseObjects (VOID)
 
static NTSTATUS LsapUpdateDatabase (VOID)
 
static NTSTATUS LsapGetDomainInfo (VOID)
 
NTSTATUS LsapInitDatabase (VOID)
 
NTSTATUS LsapCreateDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapOpenDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapValidateDbObject (LSAPR_HANDLE Handle, LSA_DB_OBJECT_TYPE ObjectType, ACCESS_MASK DesiredAccess, PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapCloseDbObject (PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapDeleteDbObject (IN PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapSetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
 
NTSTATUS LsapGetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
 
NTSTATUS LsapDeleteObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
 

Variables

static HANDLE SecurityKeyHandle = NULL
 
SID_IDENTIFIER_AUTHORITY NullSidAuthority = {SECURITY_NULL_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY WorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY LocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY}
 
SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY}
 
PSID BuiltinDomainSid = NULL
 
PSID AccountDomainSid = NULL
 
UNICODE_STRING BuiltinDomainName = {0, 0, NULL}
 
UNICODE_STRING AccountDomainName = {0, 0, NULL}
 

Function Documentation

◆ LsapCloseDbObject()

NTSTATUS LsapCloseDbObject ( PLSA_DB_OBJECT  DbObject)

Definition at line 868 of file database.c.

869 {
870  PLSA_DB_OBJECT ParentObject = NULL;
871  NTSTATUS Status = STATUS_SUCCESS;
872 
873  DbObject->RefCount--;
874 
875  if (DbObject->RefCount > 0)
876  return STATUS_SUCCESS;
877 
878  if (DbObject->KeyHandle != NULL)
879  NtClose(DbObject->KeyHandle);
880 
881  if (DbObject->ParentObject != NULL)
882  ParentObject = DbObject->ParentObject;
883 
884  RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
885 
886  if (ParentObject != NULL)
887  {
888  ParentObject->RefCount--;
889 
890  if (ParentObject->RefCount == 0)
891  Status = LsapCloseDbObject(ParentObject);
892  }
893 
894  return Status;
895 }
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_LSA_DB_OBJECT::ParentObject
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:63
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
LsapCloseDbObject
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:868
_LSA_DB_OBJECT::KeyHandle
HANDLE KeyHandle
Definition: lsasrv.h:61
NULL
smooth NULL
Definition: ftsmooth.c:416
_LSA_DB_OBJECT::RefCount
ULONG RefCount
Definition: lsasrv.h:59
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
Status
Status
Definition: gdiplustypes.h:24
_LSA_DB_OBJECT
Definition: lsasrv.h:55
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2777

Referenced by LsapCreateDatabaseObjects(), LsapDeleteDbObject(), LsapGetDomainInfo(), LsarAddAccountRights(), LsarClose(), LsarCreateSecret(), LsarOpenSecret(), LsarRemoveAccountRights(), LsarRetrievePrivateData(), and LsarStorePrivateData().

◆ LsapCreateDatabaseKeys()

static NTSTATUS LsapCreateDatabaseKeys ( VOID  )
static

Definition at line 85 of file database.c.

86 {
87  OBJECT_ATTRIBUTES ObjectAttributes;
88  UNICODE_STRING KeyName;
89  HANDLE PolicyKeyHandle = NULL;
90  HANDLE AccountsKeyHandle = NULL;
91  HANDLE DomainsKeyHandle = NULL;
92  HANDLE SecretsKeyHandle = NULL;
93  NTSTATUS Status = STATUS_SUCCESS;
94 
95  TRACE("LsapInstallDatabase()\n");
96 
97  /* Create the 'Policy' key */
98  RtlInitUnicodeString(&KeyName,
99  L"Policy");
100 
101  InitializeObjectAttributes(&ObjectAttributes,
102  &KeyName,
103  OBJ_CASE_INSENSITIVE,
104  SecurityKeyHandle,
105  NULL);
106 
107  Status = NtCreateKey(&PolicyKeyHandle,
108  KEY_ALL_ACCESS,
109  &ObjectAttributes,
110  0,
111  NULL,
112  0,
113  NULL);
114  if (!NT_SUCCESS(Status))
115  {
116  ERR("Failed to create the 'Policy' key (Status: 0x%08lx)\n", Status);
117  goto Done;
118  }
119 
120  /* Create the 'Accounts' key */
121  RtlInitUnicodeString(&KeyName,
122  L"Accounts");
123 
124  InitializeObjectAttributes(&ObjectAttributes,
125  &KeyName,
126  OBJ_CASE_INSENSITIVE,
127  PolicyKeyHandle,
128  NULL);
129 
130  Status = NtCreateKey(&AccountsKeyHandle,
131  KEY_ALL_ACCESS,
132  &ObjectAttributes,
133  0,
134  NULL,
135  0,
136  NULL);
137  if (!NT_SUCCESS(Status))
138  {
139  ERR("Failed to create the 'Accounts' key (Status: 0x%08lx)\n", Status);
140  goto Done;
141  }
142 
143  /* Create the 'Domains' key */
144  RtlInitUnicodeString(&KeyName,
145  L"Domains");
146 
147  InitializeObjectAttributes(&ObjectAttributes,
148  &KeyName,
149  OBJ_CASE_INSENSITIVE,
150  PolicyKeyHandle,
151  NULL);
152 
153  Status = NtCreateKey(&DomainsKeyHandle,
154  KEY_ALL_ACCESS,
155  &ObjectAttributes,
156  0,
157  NULL,
158  0,
159  NULL);
160  if (!NT_SUCCESS(Status))
161  {
162  ERR("Failed to create the 'Domains' key (Status: 0x%08lx)\n", Status);
163  goto Done;
164  }
165 
166  /* Create the 'Secrets' key */
167  RtlInitUnicodeString(&KeyName,
168  L"Secrets");
169 
170  InitializeObjectAttributes(&ObjectAttributes,
171  &KeyName,
172  OBJ_CASE_INSENSITIVE,
173  PolicyKeyHandle,
174  NULL);
175 
176  Status = NtCreateKey(&SecretsKeyHandle,
177  KEY_ALL_ACCESS,
178  &ObjectAttributes,
179  0,
180  NULL,
181  0,
182  NULL);
183  if (!NT_SUCCESS(Status))
184  {
185  ERR("Failed to create the 'Secrets' key (Status: 0x%08lx)\n", Status);
186  goto Done;
187  }
188 
189 Done:
190  if (SecretsKeyHandle != NULL)
191  NtClose(SecretsKeyHandle);
192 
193  if (DomainsKeyHandle != NULL)
194  NtClose(DomainsKeyHandle);
195 
196  if (AccountsKeyHandle != NULL)
197  NtClose(AccountsKeyHandle);
198 
199  if (PolicyKeyHandle != NULL)
200  NtClose(PolicyKeyHandle);
201 
202  TRACE("LsapInstallDatabase() done (Status: 0x%08lx)\n", Status);
203 
204  return Status;
205 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
KeyName
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4711
NtCreateKey
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NULL
smooth NULL
Definition: ftsmooth.c:416
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
L
static const WCHAR L[]
Definition: oid.c:1250
SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:13
Status
Status
Definition: gdiplustypes.h:24
ERR
#define ERR(fmt,...)
Definition: debug.h:109
_UNICODE_STRING
Definition: env_spec_w32.h:368
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2777

Referenced by LsapInitDatabase().

◆ LsapCreateDatabaseObjects()

static NTSTATUS LsapCreateDatabaseObjects ( VOID  )
static

Definition at line 232 of file database.c.

233 {
234  PLSAP_POLICY_AUDIT_EVENTS_DATA AuditEventsInfo = NULL;
235  POLICY_DEFAULT_QUOTA_INFO QuotaInfo;
236  POLICY_MODIFICATION_INFO ModificationInfo;
237  POLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = {FALSE, FALSE};
238  POLICY_AUDIT_LOG_INFO AuditLogInfo;
239  GUID DnsDomainGuid;
240  PLSA_DB_OBJECT PolicyObject = NULL;
241  PSID AccountDomainSid = NULL;
242  PSECURITY_DESCRIPTOR PolicySd = NULL;
243  ULONG PolicySdSize = 0;
244  ULONG i;
245  NTSTATUS Status;
246 
247  /* Initialize the default quota limits */
248  QuotaInfo.QuotaLimits.PagedPoolLimit = 0x2000000;
249  QuotaInfo.QuotaLimits.NonPagedPoolLimit = 0x100000;
250  QuotaInfo.QuotaLimits.MinimumWorkingSetSize = 0x10000;
251  QuotaInfo.QuotaLimits.MaximumWorkingSetSize = 0xF000000;
252  QuotaInfo.QuotaLimits.PagefileLimit = 0;
253  QuotaInfo.QuotaLimits.TimeLimit.QuadPart = 0;
254 
255  /* Initialize the audit log attribute */
256  AuditLogInfo.AuditLogPercentFull = 0;
257  AuditLogInfo.MaximumLogSize = 0; // DWORD
258  AuditLogInfo.AuditRetentionPeriod.QuadPart = 0; // LARGE_INTEGER
259  AuditLogInfo.AuditLogFullShutdownInProgress = 0; // BYTE
260  AuditLogInfo.TimeToShutdown.QuadPart = 0; // LARGE_INTEGER
261  AuditLogInfo.NextAuditRecordId = 0; // DWORD
262 
263  /* Initialize the Audit Events attribute */
264  AuditEventsInfo = RtlAllocateHeap(RtlGetProcessHeap(),
265  HEAP_ZERO_MEMORY,
266  sizeof(LSAP_POLICY_AUDIT_EVENTS_DATA));
267  if (AuditEventsInfo == NULL)
268  return STATUS_INSUFFICIENT_RESOURCES;
269 
270  AuditEventsInfo->AuditingMode = FALSE;
271  AuditEventsInfo->MaximumAuditEventCount = POLICY_AUDIT_EVENT_TYPE_COUNT;
272  for (i = 0; i < POLICY_AUDIT_EVENT_TYPE_COUNT; i++)
273  AuditEventsInfo->AuditEvents[i] = 0;
274 
275  /* Initialize the DNS Domain GUID attribute */
276  RtlZeroMemory(&DnsDomainGuid, sizeof(DnsDomainGuid));
277 
278  /* Initialize the modification attribute */
279  ModificationInfo.ModifiedId.QuadPart = 0;
280  NtQuerySystemTime(&ModificationInfo.DatabaseCreationTime);
281 
282  /* Create a random domain SID */
283  Status = LsapCreateRandomDomainSid(&AccountDomainSid);
284  if (!NT_SUCCESS(Status))
285  goto done;
286 
287  Status = LsapCreatePolicySd(&PolicySd, &PolicySdSize);
288  if (!NT_SUCCESS(Status))
289  goto done;
290 
291  /* Open the 'Policy' object */
292  Status = LsapOpenDbObject(NULL,
293  NULL,
294  L"Policy",
295  LsaDbPolicyObject,
296  0,
297  TRUE,
298  &PolicyObject);
299  if (!NT_SUCCESS(Status))
300  goto done;
301 
302  /* Set the Primary Domain Name attribute */
303  LsapSetObjectAttribute(PolicyObject,
304  L"PolPrDmN",
305  NULL,
306  0);
307 
308  /* Set the Primary Domain SID attribute */
309  LsapSetObjectAttribute(PolicyObject,
310  L"PolPrDmS",
311  NULL,
312  0);
313 
314  /* Set the Account Domain Name attribute */
315  LsapSetObjectAttribute(PolicyObject,
316  L"PolAcDmN",
317  NULL,
318  0);
319 
320  /* Set the Account Domain SID attribute */
321  LsapSetObjectAttribute(PolicyObject,
322  L"PolAcDmS",
323  AccountDomainSid,
324  RtlLengthSid(AccountDomainSid));
325 
326  /* Set the default quota limits attribute */
327  LsapSetObjectAttribute(PolicyObject,
328  L"DefQuota",
329  &QuotaInfo,
330  sizeof(QuotaInfo));
331 
332  /* Set the modification attribute */
333  LsapSetObjectAttribute(PolicyObject,
334  L"PolMod",
335  &ModificationInfo,
336  sizeof(ModificationInfo));
337 
338  /* Set the audit full attribute */
339  LsapSetObjectAttribute(PolicyObject,
340  L"PolAdtFl",
341  &AuditFullInfo,
342  sizeof(AuditFullInfo));
343 
344  /* Set the audit log attribute */
345  LsapSetObjectAttribute(PolicyObject,
346  L"PolAdtLg",
347  &AuditLogInfo,
348  sizeof(AuditLogInfo));
349 
350  /* Set the audit events attribute */
351  LsapSetObjectAttribute(PolicyObject,
352  L"PolAdtEv",
353  AuditEventsInfo,
354  sizeof(*AuditEventsInfo));
355 
356  /* Set the DNS Domain Name attribute */
357  LsapSetObjectAttribute(PolicyObject,
358  L"PolDnDDN",
359  NULL,
360  0);
361 
362  /* Set the DNS Forest Name attribute */
363  LsapSetObjectAttribute(PolicyObject,
364  L"PolDnTrN",
365  NULL,
366  0);
367 
368  /* Set the DNS Domain GUID attribute */
369  LsapSetObjectAttribute(PolicyObject,
370  L"PolDnDmG",
371  &DnsDomainGuid,
372  sizeof(DnsDomainGuid));
373 
374  /* Set the Security Descriptor */
375  LsapSetObjectAttribute(PolicyObject,
376  L"SecDesc",
377  PolicySd,
378  PolicySdSize);
379 
380 done:
381  if (AuditEventsInfo != NULL)
382  RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo);
383 
384  if (PolicyObject != NULL)
385  LsapCloseDbObject(PolicyObject);
386 
387  if (AccountDomainSid != NULL)
388  RtlFreeSid(AccountDomainSid);
389 
390  if (PolicySd != NULL)
391  RtlFreeHeap(RtlGetProcessHeap(), 0, PolicySd);
392 
393  return Status;
394 }
_QUOTA_LIMITS::TimeLimit
LARGE_INTEGER TimeLimit
Definition: lsa.idl:292
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
LsapOpenDbObject
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:710
_QUOTA_LIMITS::NonPagedPoolLimit
INT64 NonPagedPoolLimit
Definition: lsa.idl:288
TRUE
#define TRUE
Definition: types.h:120
LsapSetObjectAttribute
NTSTATUS LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
Definition: database.c:959
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_POLICY_AUDIT_LOG_INFO::MaximumLogSize
ULONG MaximumLogSize
Definition: ntsecapi.h:551
_QUOTA_LIMITS::PagefileLimit
INT64 PagefileLimit
Definition: lsa.idl:291
_SID
Definition: ms-dtyp.idl:198
_POLICY_AUDIT_LOG_INFO::NextAuditRecordId
ULONG NextAuditRecordId
Definition: ntsecapi.h:555
RtlFreeSid
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
LsapCreateRandomDomainSid
static NTSTATUS LsapCreateRandomDomainSid(OUT PSID *Sid)
Definition: database.c:209
_LSAP_POLICY_AUDIT_EVENTS_DATA::AuditEvents
DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT]
Definition: lsasrv.h:72
_POLICY_AUDIT_FULL_QUERY_INFO
Definition: ntsecapi.h:597
_LSAP_POLICY_AUDIT_EVENTS_DATA::MaximumAuditEventCount
DWORD MaximumAuditEventCount
Definition: lsasrv.h:73
_POLICY_DEFAULT_QUOTA_INFO
Definition: ntsecapi.h:587
LsapCloseDbObject
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:868
_POLICY_DEFAULT_QUOTA_INFO::QuotaLimits
QUOTA_LIMITS QuotaLimits
Definition: ntsecapi.h:588
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
LsapCreatePolicySd
NTSTATUS LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
Definition: security.c:14
_QUOTA_LIMITS::PagedPoolLimit
INT64 PagedPoolLimit
Definition: lsa.idl:287
_LSAP_POLICY_AUDIT_EVENTS_DATA::AuditingMode
BOOLEAN AuditingMode
Definition: lsasrv.h:71
NULL
smooth NULL
Definition: ftsmooth.c:416
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_POLICY_AUDIT_LOG_INFO::TimeToShutdown
LARGE_INTEGER TimeToShutdown
Definition: ntsecapi.h:554
_POLICY_AUDIT_LOG_INFO::AuditLogFullShutdownInProgress
BOOLEAN AuditLogFullShutdownInProgress
Definition: ntsecapi.h:553
L
static const WCHAR L[]
Definition: oid.c:1250
_POLICY_MODIFICATION_INFO::ModifiedId
LARGE_INTEGER ModifiedId
Definition: ntsecapi.h:591
_QUOTA_LIMITS::MinimumWorkingSetSize
INT64 MinimumWorkingSetSize
Definition: lsa.idl:289
Status
Status
Definition: gdiplustypes.h:24
_POLICY_AUDIT_LOG_INFO::AuditRetentionPeriod
LARGE_INTEGER AuditRetentionPeriod
Definition: ntsecapi.h:552
_LSA_DB_OBJECT
Definition: lsasrv.h:55
_POLICY_AUDIT_LOG_INFO
Definition: ntsecapi.h:549
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
_QUOTA_LIMITS::MaximumWorkingSetSize
INT64 MaximumWorkingSetSize
Definition: lsa.idl:290
_POLICY_MODIFICATION_INFO::DatabaseCreationTime
LARGE_INTEGER DatabaseCreationTime
Definition: ntsecapi.h:592
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
NtQuerySystemTime
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:417
AccountDomainSid
PSID AccountDomainSid
Definition: database.c:22
_POLICY_MODIFICATION_INFO
Definition: ntsecapi.h:590
_POLICY_AUDIT_LOG_INFO::AuditLogPercentFull
ULONG AuditLogPercentFull
Definition: ntsecapi.h:550
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:112
_LSAP_POLICY_AUDIT_EVENTS_DATA
Definition: lsasrv.h:69
POLICY_AUDIT_EVENT_TYPE_COUNT
#define POLICY_AUDIT_EVENT_TYPE_COUNT
Definition: lsasrv.h:68

Referenced by LsapInitDatabase().

◆ LsapCreateDbObject()

NTSTATUS LsapCreateDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  ObjectType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 590 of file database.c.

597 {
598  PLSA_DB_OBJECT NewObject;
599  OBJECT_ATTRIBUTES ObjectAttributes;
600  UNICODE_STRING KeyName;
601  HANDLE ParentKeyHandle;
602  HANDLE ContainerKeyHandle = NULL;
603  HANDLE ObjectKeyHandle = NULL;
604  NTSTATUS Status;
605 
606  if (DbObject == NULL)
607  return STATUS_INVALID_PARAMETER;
608 
609  if (ParentObject == NULL)
610  ParentKeyHandle = SecurityKeyHandle;
611  else
612  ParentKeyHandle = ParentObject->KeyHandle;
613 
614  if (ContainerName != NULL)
615  {
616  /* Open the container key */
617  RtlInitUnicodeString(&KeyName,
618  ContainerName);
619 
620  InitializeObjectAttributes(&ObjectAttributes,
621  &KeyName,
622  OBJ_CASE_INSENSITIVE,
623  ParentKeyHandle,
624  NULL);
625 
626  Status = NtOpenKey(&ContainerKeyHandle,
627  KEY_ALL_ACCESS,
628  &ObjectAttributes);
629  if (!NT_SUCCESS(Status))
630  {
631  return Status;
632  }
633 
634  /* Open the object key */
635  RtlInitUnicodeString(&KeyName,
636  ObjectName);
637 
638  InitializeObjectAttributes(&ObjectAttributes,
639  &KeyName,
640  OBJ_CASE_INSENSITIVE,
641  ContainerKeyHandle,
642  NULL);
643 
644  Status = NtCreateKey(&ObjectKeyHandle,
645  KEY_ALL_ACCESS,
646  &ObjectAttributes,
647  0,
648  NULL,
649  0,
650  NULL);
651 
652  NtClose(ContainerKeyHandle);
653 
654  if (!NT_SUCCESS(Status))
655  {
656  return Status;
657  }
658  }
659  else
660  {
661  RtlInitUnicodeString(&KeyName,
662  ObjectName);
663 
664  InitializeObjectAttributes(&ObjectAttributes,
665  &KeyName,
666  OBJ_CASE_INSENSITIVE,
667  ParentKeyHandle,
668  NULL);
669 
670  Status = NtCreateKey(&ObjectKeyHandle,
671  KEY_ALL_ACCESS,
672  &ObjectAttributes,
673  0,
674  NULL,
675  0,
676  NULL);
677  if (!NT_SUCCESS(Status))
678  {
679  return Status;
680  }
681  }
682 
683  NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
684  0,
685  sizeof(LSA_DB_OBJECT));
686  if (NewObject == NULL)
687  {
688  NtClose(ObjectKeyHandle);
689  return STATUS_NO_MEMORY;
690  }
691 
692  NewObject->Signature = LSAP_DB_SIGNATURE;
693  NewObject->RefCount = 1;
694  NewObject->ObjectType = ObjectType;
695  NewObject->Access = DesiredAccess;
696  NewObject->KeyHandle = ObjectKeyHandle;
697  NewObject->ParentObject = ParentObject;
698  NewObject->Trusted = Trusted;
699 
700  if (ParentObject != NULL)
701  ParentObject->RefCount++;
702 
703  *DbObject = NewObject;
704 
705  return STATUS_SUCCESS;
706 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
ObjectType
ObjectType
Definition: metafile.c:80
KeyName
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4711
NtCreateKey
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
NULL
smooth NULL
Definition: ftsmooth.c:416
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:13
Status
Status
Definition: gdiplustypes.h:24
LSAP_DB_SIGNATURE
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:66
_UNICODE_STRING
Definition: env_spec_w32.h:368
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
_LSA_DB_OBJECT
Definition: lsasrv.h:55
DesiredAccess
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: ntstatus.h:246
NtOpenKey
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
NewObject
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:71
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2777

Referenced by LsarCreateSecret(), LsarpCreateAccount(), and LsarStorePrivateData().

◆ LsapCreateRandomDomainSid()

static NTSTATUS LsapCreateRandomDomainSid ( OUT PSID Sid)
static

Definition at line 209 of file database.c.

210 {
211  LARGE_INTEGER SystemTime;
212  PULONG Seed;
213 
214  NtQuerySystemTime(&SystemTime);
215  Seed = &SystemTime.u.LowPart;
216 
217  return RtlAllocateAndInitializeSid(&NtAuthority,
218  4,
219  SECURITY_NT_NON_UNIQUE,
220  RtlUniform(Seed),
221  RtlUniform(Seed),
222  RtlUniform(Seed),
223  SECURITY_NULL_RID,
224  SECURITY_NULL_RID,
225  SECURITY_NULL_RID,
226  SECURITY_NULL_RID,
227  Sid);
228 }
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
RtlUniform
NTSYSAPI ULONG NTAPI RtlUniform(_In_ PULONG Seed)
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:512
_LARGE_INTEGER::u
struct _LARGE_INTEGER::@2199 u
PULONG
unsigned int * PULONG
Definition: retypes.h:1
_LARGE_INTEGER
Definition: typedefs.h:100
NtQuerySystemTime
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:417
SECURITY_NT_NON_UNIQUE
#define SECURITY_NT_NON_UNIQUE
Definition: setypes.h:549
NtAuthority
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:19

Referenced by LsapCreateDatabaseObjects().

◆ LsapDeleteDbObject()

NTSTATUS LsapDeleteDbObject ( IN PLSA_DB_OBJECT  DbObject)

Definition at line 899 of file database.c.

900 {
901  PLSA_DB_OBJECT ParentObject = NULL;
902  WCHAR KeyName[64];
903  ULONG Index;
904  NTSTATUS Status = STATUS_SUCCESS;
905 
906  DbObject->RefCount--;
907 
908  if (DbObject->RefCount > 0)
909  return STATUS_SUCCESS;
910 
911  if (DbObject->KeyHandle != NULL)
912  {
913  Index = 0;
914 
915  while (TRUE)
916  {
917  Status = LsapRegEnumerateSubKey(DbObject->KeyHandle,
918  Index,
919  sizeof(KeyName),
920  KeyName);
921  if (!NT_SUCCESS(Status))
922  break;
923 
924  TRACE("Index: %lu\n", Index);
925  TRACE("Key name: %S\n", KeyName);
926 
927  Status = LsapRegDeleteSubKey(DbObject->KeyHandle,
928  KeyName);
929  if (!NT_SUCCESS(Status))
930  break;
931  }
932 
933  if (Status == STATUS_NO_MORE_ENTRIES)
934  Status = STATUS_SUCCESS;
935 
936  LsapRegDeleteKey(DbObject->KeyHandle);
937 
938  NtClose(DbObject->KeyHandle);
939  }
940 
941  if (DbObject->ParentObject != NULL)
942  ParentObject = DbObject->ParentObject;
943 
944  RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
945 
946  if (ParentObject != NULL)
947  {
948  ParentObject->RefCount--;
949 
950  if (ParentObject->RefCount == 0)
951  Status = LsapCloseDbObject(ParentObject);
952  }
953 
954  return Status;
955 }
LsapRegDeleteSubKey
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
KeyName
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4711
TRUE
#define TRUE
Definition: types.h:120
STATUS_NO_MORE_ENTRIES
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:193
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_LSA_DB_OBJECT::ParentObject
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:63
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
LsapRegDeleteKey
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
Definition: registry.c:89
LsapCloseDbObject
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:868
NULL
smooth NULL
Definition: ftsmooth.c:416
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
Index
static const UCHAR Index[8]
Definition: usbohci.c:18
_LSA_DB_OBJECT::RefCount
ULONG RefCount
Definition: lsasrv.h:59
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
Status
Status
Definition: gdiplustypes.h:24
_LSA_DB_OBJECT
Definition: lsasrv.h:55
ULONG
unsigned int ULONG
Definition: retypes.h:1
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2777
LsapRegEnumerateSubKey
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
Definition: registry.c:96

Referenced by LsarDeleteObject(), and LsarStorePrivateData().

◆ LsapDeleteObjectAttribute()

NTSTATUS LsapDeleteObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName 
)

Definition at line 1080 of file database.c.

1082 {
1083  return LsapRegDeleteSubKey(DbObject->KeyHandle,
1084  AttributeName);
1085 }
LsapRegDeleteSubKey
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
_LSA_DB_OBJECT::KeyHandle
HANDLE KeyHandle
Definition: lsasrv.h:61

Referenced by LsarRemovePrivilegesFromAccount().

◆ LsapGetDomainInfo()

static NTSTATUS LsapGetDomainInfo ( VOID  )
static

Definition at line 405 of file database.c.

406 {
407  PLSA_DB_OBJECT PolicyObject = NULL;
408  PUNICODE_STRING DomainName = NULL;
409  ULONG AttributeSize;
410  LPWSTR SidString = NULL;
411  NTSTATUS Status;
412 
413  /* Get the built-in domain SID and name */
414  Status = RtlAllocateAndInitializeSid(&NtAuthority,
415  1,
416  SECURITY_BUILTIN_DOMAIN_RID,
417  0, 0, 0, 0, 0, 0, 0,
418  &BuiltinDomainSid);
419  if (!NT_SUCCESS(Status))
420  return Status;
421 
422 
423  RtlInitUnicodeString(&BuiltinDomainName,
424  L"BUILTIN");
425 
426  /* Open the 'Policy' object */
427  Status = LsapOpenDbObject(NULL,
428  NULL,
429  L"Policy",
430  LsaDbPolicyObject,
431  0,
432  TRUE,
433  &PolicyObject);
434  if (!NT_SUCCESS(Status))
435  goto done;
436 
437  /* Get the account domain SID */
438  AttributeSize = 0;
439  Status = LsapGetObjectAttribute(PolicyObject,
440  L"PolAcDmS",
441  NULL,
442  &AttributeSize);
443  if (!NT_SUCCESS(Status))
444  goto done;
445 
446  if (AttributeSize > 0)
447  {
448  AccountDomainSid = RtlAllocateHeap(RtlGetProcessHeap(),
449  HEAP_ZERO_MEMORY,
450  AttributeSize);
451  if (AccountDomainSid == NULL)
452  {
453  Status = STATUS_INSUFFICIENT_RESOURCES;
454  goto done;
455  }
456 
457  Status = LsapGetObjectAttribute(PolicyObject,
458  L"PolAcDmS",
459  AccountDomainSid,
460  &AttributeSize);
461  if (!NT_SUCCESS(Status))
462  goto done;
463  }
464 
465  /* Get the account domain name */
466  AttributeSize = 0;
467  Status = LsapGetObjectAttribute(PolicyObject,
468  L"PolAcDmN",
469  NULL,
470  &AttributeSize);
471  if (!NT_SUCCESS(Status))
472  goto done;
473 
474  if (AttributeSize > 0)
475  {
476  DomainName = RtlAllocateHeap(RtlGetProcessHeap(),
477  HEAP_ZERO_MEMORY,
478  AttributeSize);
479  if (DomainName == NULL)
480  {
481  Status = STATUS_INSUFFICIENT_RESOURCES;
482  goto done;
483  }
484 
485  Status = LsapGetObjectAttribute(PolicyObject,
486  L"PolAcDmN",
487  DomainName,
488  &AttributeSize);
489  if (!NT_SUCCESS(Status))
490  goto done;
491 
492  DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
493 
494  AccountDomainName.Length = DomainName->Length;
495  AccountDomainName.MaximumLength = DomainName->Length + sizeof(WCHAR);
496  AccountDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
497  HEAP_ZERO_MEMORY,
498  AccountDomainName.MaximumLength);
499  if (AccountDomainName.Buffer == NULL)
500  {
501  ERR("Failed to allocate the account domain name buffer\n");
502  Status = STATUS_INSUFFICIENT_RESOURCES;
503  goto done;
504  }
505 
506  RtlCopyMemory(AccountDomainName.Buffer,
507  DomainName->Buffer,
508  DomainName->Length);
509  }
510 
511  ConvertSidToStringSidW(BuiltinDomainSid, &SidString);
512  TRACE("Builtin Domain SID: %S\n", SidString);
513  LocalFree(SidString);
514  SidString = NULL;
515 
516  TRACE("Builtin Domain Name: %wZ\n", &BuiltinDomainName);
517 
518  ConvertSidToStringSidW(AccountDomainSid, &SidString);
519  TRACE("Account Domain SID: %S\n", SidString);
520  LocalFree(SidString);
521  SidString = NULL;
522 
523  TRACE("Account Domain Name: %wZ\n", &AccountDomainName);
524 
525 done:
526  if (DomainName != NULL)
527  RtlFreeHeap(RtlGetProcessHeap(), 0, DomainName);
528 
529  if (PolicyObject != NULL)
530  LsapCloseDbObject(PolicyObject);
531 
532  return Status;
533 }
LsapOpenDbObject
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:710
TRUE
#define TRUE
Definition: types.h:120
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
ConvertSidToStringSidW
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3259
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
AccountDomainName
UNICODE_STRING AccountDomainName
Definition: database.c:24
LsapCloseDbObject
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:868
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:63
BuiltinDomainSid
PSID BuiltinDomainSid
Definition: database.c:21
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
NULL
smooth NULL
Definition: ftsmooth.c:416
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
BuiltinDomainName
UNICODE_STRING BuiltinDomainName
Definition: database.c:23
L
static const WCHAR L[]
Definition: oid.c:1250
Status
Status
Definition: gdiplustypes.h:24
ERR
#define ERR(fmt,...)
Definition: debug.h:109
_UNICODE_STRING
Definition: env_spec_w32.h:368
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
_LSA_DB_OBJECT
Definition: lsasrv.h:55
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
AccountDomainSid
PSID AccountDomainSid
Definition: database.c:22
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184
LsapGetObjectAttribute
NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
Definition: database.c:1010
NtAuthority
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:19

Referenced by LsapInitDatabase().

◆ LsapGetObjectAttribute()

NTSTATUS LsapGetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
PULONG  AttributeSize 
)

Definition at line 1010 of file database.c.

1014 {
1015  OBJECT_ATTRIBUTES ObjectAttributes;
1016  UNICODE_STRING KeyName;
1017  HANDLE AttributeKey;
1018  ULONG ValueSize;
1019  NTSTATUS Status;
1020 
1021  RtlInitUnicodeString(&KeyName,
1022  AttributeName);
1023 
1024  InitializeObjectAttributes(&ObjectAttributes,
1025  &KeyName,
1026  OBJ_CASE_INSENSITIVE,
1027  DbObject->KeyHandle,
1028  NULL);
1029 
1030  Status = NtOpenKey(&AttributeKey,
1031  KEY_QUERY_VALUE,
1032  &ObjectAttributes);
1033  if (!NT_SUCCESS(Status))
1034  {
1035  return Status;
1036  }
1037 
1038  ValueSize = *AttributeSize;
1039  Status = RtlpNtQueryValueKey(AttributeKey,
1040  NULL,
1041  NULL,
1042  &ValueSize,
1043  0);
1044  if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW)
1045  {
1046  goto Done;
1047  }
1048 
1049  if (AttributeData == NULL || *AttributeSize == 0)
1050  {
1051  *AttributeSize = ValueSize;
1052  Status = STATUS_SUCCESS;
1053  goto Done;
1054  }
1055  else if (*AttributeSize < ValueSize)
1056  {
1057  *AttributeSize = ValueSize;
1058  Status = STATUS_BUFFER_OVERFLOW;
1059  goto Done;
1060  }
1061 
1062  Status = RtlpNtQueryValueKey(AttributeKey,
1063  NULL,
1064  AttributeData,
1065  &ValueSize,
1066  0);
1067  if (NT_SUCCESS(Status))
1068  {
1069  *AttributeSize = ValueSize;
1070  }
1071 
1072 Done:
1073  NtClose(AttributeKey);
1074 
1075  return Status;
1076 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
KeyName
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4711
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_LSA_DB_OBJECT::KeyHandle
HANDLE KeyHandle
Definition: lsasrv.h:61
NULL
smooth NULL
Definition: ftsmooth.c:416
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
RtlpNtQueryValueKey
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
Definition: registry.c:933
Status
Status
Definition: gdiplustypes.h:24
_UNICODE_STRING
Definition: env_spec_w32.h:368
STATUS_BUFFER_OVERFLOW
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:61
KEY_QUERY_VALUE
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
NtOpenKey
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
ULONG
unsigned int ULONG
Definition: retypes.h:1
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2777

Referenced by LsapGetDomainInfo(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarEnumeratePrivilegesAccount(), LsarGetQuotasForAccount(), LsarGetSystemAccessAccount(), LsarQueryAccountDomain(), LsarQueryAuditEvents(), LsarQueryAuditFull(), LsarQueryAuditLog(), LsarQueryDefaultQuota(), LsarQueryDnsDomain(), LsarQueryModification(), LsarQueryPrimaryDomain(), LsarQuerySecret(), LsarQuerySecurityObject(), LsarQueryServerRole(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarRetrievePrivateData(), LsarSetAuditFull(), LsarSetQuotasForAccount(), and LsarSetSecurityObject().

◆ LsapInitDatabase()

NTSTATUS LsapInitDatabase ( VOID  )

Definition at line 537 of file database.c.

538 {
539  NTSTATUS Status;
540 
541  TRACE("LsapInitDatabase()\n");
542 
543  Status = LsapOpenServiceKey();
544  if (!NT_SUCCESS(Status))
545  {
546  ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
547  return Status;
548  }
549 
550  if (!LsapIsDatabaseInstalled())
551  {
552  Status = LsapCreateDatabaseKeys();
553  if (!NT_SUCCESS(Status))
554  {
555  ERR("Failed to create the LSA database keys (Status: 0x%08lx)\n", Status);
556  return Status;
557  }
558 
559  Status = LsapCreateDatabaseObjects();
560  if (!NT_SUCCESS(Status))
561  {
562  ERR("Failed to create the LSA database objects (Status: 0x%08lx)\n", Status);
563  return Status;
564  }
565  }
566  else
567  {
568  Status = LsapUpdateDatabase();
569  if (!NT_SUCCESS(Status))
570  {
571  ERR("Failed to update the LSA database (Status: 0x%08lx)\n", Status);
572  return Status;
573  }
574  }
575 
576  Status = LsapGetDomainInfo();
577  if (!NT_SUCCESS(Status))
578  {
579  ERR("Failed to get the domain information (Status: 0x%08lx)\n", Status);
580  return Status;
581  }
582 
583  TRACE("LsapInitDatabase() done\n");
584 
585  return STATUS_SUCCESS;
586 }
LsapIsDatabaseInstalled
static BOOLEAN LsapIsDatabaseInstalled(VOID)
Definition: database.c:55
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
LsapOpenServiceKey
static NTSTATUS LsapOpenServiceKey(VOID)
Definition: database.c:30
LsapGetDomainInfo
static NTSTATUS LsapGetDomainInfo(VOID)
Definition: database.c:405
LsapCreateDatabaseObjects
static NTSTATUS LsapCreateDatabaseObjects(VOID)
Definition: database.c:232
LsapUpdateDatabase
static NTSTATUS LsapUpdateDatabase(VOID)
Definition: database.c:398
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
Status
Status
Definition: gdiplustypes.h:24
ERR
#define ERR(fmt,...)
Definition: debug.h:109
LsapCreateDatabaseKeys
static NTSTATUS LsapCreateDatabaseKeys(VOID)
Definition: database.c:85
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2777

Referenced by LsapInitLsa().

◆ LsapIsDatabaseInstalled()

static BOOLEAN LsapIsDatabaseInstalled ( VOID  )
static

Definition at line 55 of file database.c.

56 {
57  OBJECT_ATTRIBUTES ObjectAttributes;
58  UNICODE_STRING KeyName;
59  HANDLE KeyHandle;
60  NTSTATUS Status;
61 
62  RtlInitUnicodeString(&KeyName,
63  L"Policy");
64 
65  InitializeObjectAttributes(&ObjectAttributes,
66  &KeyName,
67  OBJ_CASE_INSENSITIVE,
68  SecurityKeyHandle,
69  NULL);
70 
71  Status = RtlpNtOpenKey(&KeyHandle,
72  KEY_READ,
73  &ObjectAttributes,
74  0);
75  if (!NT_SUCCESS(Status))
76  return FALSE;
77 
78  NtClose(KeyHandle);
79 
80  return TRUE;
81 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
KeyName
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4711
TRUE
#define TRUE
Definition: types.h:120
KeyHandle
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4711
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NULL
smooth NULL
Definition: ftsmooth.c:416
RtlpNtOpenKey
NTSTATUS NTAPI RtlpNtOpenKey(OUT HANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG Unused)
Definition: registry.c:912
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
L
static const WCHAR L[]
Definition: oid.c:1250
SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:13
Status
Status
Definition: gdiplustypes.h:24
_UNICODE_STRING
Definition: env_spec_w32.h:368
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106

Referenced by LsapInitDatabase().

◆ LsapOpenDbObject()

NTSTATUS LsapOpenDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  ObjectType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 710 of file database.c.

717 {
718  PLSA_DB_OBJECT NewObject;
719  OBJECT_ATTRIBUTES ObjectAttributes;
720  UNICODE_STRING KeyName;
721  HANDLE ParentKeyHandle;
722  HANDLE ContainerKeyHandle = NULL;
723  HANDLE ObjectKeyHandle = NULL;
724  NTSTATUS Status;
725 
726  if (DbObject == NULL)
727  return STATUS_INVALID_PARAMETER;
728 
729  if (ParentObject == NULL)
730  ParentKeyHandle = SecurityKeyHandle;
731  else
732  ParentKeyHandle = ParentObject->KeyHandle;
733 
734  if (ContainerName != NULL)
735  {
736  /* Open the container key */
737  RtlInitUnicodeString(&KeyName,
738  ContainerName);
739 
740  InitializeObjectAttributes(&ObjectAttributes,
741  &KeyName,
742  OBJ_CASE_INSENSITIVE,
743  ParentKeyHandle,
744  NULL);
745 
746  Status = NtOpenKey(&ContainerKeyHandle,
747  KEY_ALL_ACCESS,
748  &ObjectAttributes);
749  if (!NT_SUCCESS(Status))
750  {
751  return Status;
752  }
753 
754  /* Open the object key */
755  RtlInitUnicodeString(&KeyName,
756  ObjectName);
757 
758  InitializeObjectAttributes(&ObjectAttributes,
759  &KeyName,
760  OBJ_CASE_INSENSITIVE,
761  ContainerKeyHandle,
762  NULL);
763 
764  Status = NtOpenKey(&ObjectKeyHandle,
765  KEY_ALL_ACCESS,
766  &ObjectAttributes);
767 
768  NtClose(ContainerKeyHandle);
769 
770  if (!NT_SUCCESS(Status))
771  {
772  return Status;
773  }
774  }
775  else
776  {
777  /* Open the object key */
778  RtlInitUnicodeString(&KeyName,
779  ObjectName);
780 
781  InitializeObjectAttributes(&ObjectAttributes,
782  &KeyName,
783  OBJ_CASE_INSENSITIVE,
784  ParentKeyHandle,
785  NULL);
786 
787  Status = NtOpenKey(&ObjectKeyHandle,
788  KEY_ALL_ACCESS,
789  &ObjectAttributes);
790  if (!NT_SUCCESS(Status))
791  {
792  return Status;
793  }
794  }
795 
796  NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
797  0,
798  sizeof(LSA_DB_OBJECT));
799  if (NewObject == NULL)
800  {
801  NtClose(ObjectKeyHandle);
802  return STATUS_NO_MEMORY;
803  }
804 
805  NewObject->Signature = LSAP_DB_SIGNATURE;
806  NewObject->RefCount = 1;
807  NewObject->ObjectType = ObjectType;
808  NewObject->Access = DesiredAccess;
809  NewObject->KeyHandle = ObjectKeyHandle;
810  NewObject->ParentObject = ParentObject;
811  NewObject->Trusted = Trusted;
812 
813  if (ParentObject != NULL)
814  ParentObject->RefCount++;
815 
816  *DbObject = NewObject;
817 
818  return STATUS_SUCCESS;
819 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
ObjectType
ObjectType
Definition: metafile.c:80
KeyName
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4711
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
NULL
smooth NULL
Definition: ftsmooth.c:416
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:13
Status
Status
Definition: gdiplustypes.h:24
LSAP_DB_SIGNATURE
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:66
_UNICODE_STRING
Definition: env_spec_w32.h:368
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
_LSA_DB_OBJECT
Definition: lsasrv.h:55
DesiredAccess
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: ntstatus.h:246
NtOpenKey
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
NewObject
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:71
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2777

Referenced by LsaIOpenPolicyTrusted(), LsapCreateDatabaseObjects(), LsapGetDomainInfo(), LsarOpenPolicy(), LsarOpenSecret(), LsarpOpenAccount(), LsarRetrievePrivateData(), and LsarStorePrivateData().

◆ LsapOpenServiceKey()

static NTSTATUS LsapOpenServiceKey ( VOID  )
static

Definition at line 30 of file database.c.

31 {
32  OBJECT_ATTRIBUTES ObjectAttributes;
33  UNICODE_STRING KeyName;
34  NTSTATUS Status;
35 
36  RtlInitUnicodeString(&KeyName,
37  L"\\Registry\\Machine\\SECURITY");
38 
39  InitializeObjectAttributes(&ObjectAttributes,
40  &KeyName,
41  OBJ_CASE_INSENSITIVE,
42  NULL,
43  NULL);
44 
45  Status = RtlpNtOpenKey(&SecurityKeyHandle,
46  KEY_READ | KEY_CREATE_SUB_KEY | KEY_ENUMERATE_SUB_KEYS,
47  &ObjectAttributes,
48  0);
49 
50  return Status;
51 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
KeyName
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4711
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NULL
smooth NULL
Definition: ftsmooth.c:416
RtlpNtOpenKey
NTSTATUS NTAPI RtlpNtOpenKey(OUT HANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG Unused)
Definition: registry.c:912
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
L
static const WCHAR L[]
Definition: oid.c:1250
SecurityKeyHandle
static HANDLE SecurityKeyHandle
Definition: database.c:13
Status
Status
Definition: gdiplustypes.h:24
_UNICODE_STRING
Definition: env_spec_w32.h:368
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
KEY_CREATE_SUB_KEY
#define KEY_CREATE_SUB_KEY
Definition: nt_native.h:1018
KEY_ENUMERATE_SUB_KEYS
#define KEY_ENUMERATE_SUB_KEYS
Definition: nt_native.h:1019

Referenced by LsapInitDatabase().

◆ LsapSetObjectAttribute()

NTSTATUS LsapSetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
ULONG  AttributeSize 
)

Definition at line 959 of file database.c.

963 {
964  OBJECT_ATTRIBUTES ObjectAttributes;
965  UNICODE_STRING KeyName;
966  HANDLE AttributeKey;
967  NTSTATUS Status;
968 
969  RtlInitUnicodeString(&KeyName,
970  AttributeName);
971 
972  InitializeObjectAttributes(&ObjectAttributes,
973  &KeyName,
974  OBJ_CASE_INSENSITIVE,
975  DbObject->KeyHandle,
976  NULL);
977 
978  Status = NtCreateKey(&AttributeKey,
979  KEY_SET_VALUE,
980  &ObjectAttributes,
981  0,
982  NULL,
983  REG_OPTION_NON_VOLATILE,
984  NULL);
985  if (!NT_SUCCESS(Status))
986  {
987  ERR("NtCreateKey failed for '%S' with status 0x%lx\n",
988  AttributeName, Status);
989  return Status;
990  }
991 
992  Status = RtlpNtSetValueKey(AttributeKey,
993  REG_NONE,
994  AttributeData,
995  AttributeSize);
996 
997  NtClose(AttributeKey);
998 
999  if (!NT_SUCCESS(Status))
1000  {
1001  ERR("RtlpNtSetValueKey failed for '%S' with status 0x%lx\n",
1002  AttributeName, Status);
1003  }
1004 
1005  return Status;
1006 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
KeyName
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4711
NtCreateKey
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
KEY_SET_VALUE
#define KEY_SET_VALUE
Definition: nt_native.h:1017
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_LSA_DB_OBJECT::KeyHandle
HANDLE KeyHandle
Definition: lsasrv.h:61
NULL
smooth NULL
Definition: ftsmooth.c:416
REG_OPTION_NON_VOLATILE
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
Status
Status
Definition: gdiplustypes.h:24
ERR
#define ERR(fmt,...)
Definition: debug.h:109
_UNICODE_STRING
Definition: env_spec_w32.h:368
RtlpNtSetValueKey
NTSTATUS NTAPI RtlpNtSetValueKey(IN HANDLE KeyHandle, IN ULONG Type, IN PVOID Data, IN ULONG DataLength)
Definition: registry.c:988
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
REG_NONE
#define REG_NONE
Definition: nt_native.h:1492

Referenced by LsapCreateDatabaseObjects(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarCreateSecret(), LsarpCreateAccount(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarSetAccountDomain(), LsarSetAuditEvents(), LsarSetAuditFull(), LsarSetAuditLog(), LsarSetDefaultQuota(), LsarSetModification(), LsarSetPrimaryDomain(), LsarSetQuotasForAccount(), LsarSetSecret(), LsarSetSecurityObject(), LsarSetServerRole(), LsarSetSystemAccessAccount(), and LsarStorePrivateData().

◆ LsapUpdateDatabase()

static NTSTATUS LsapUpdateDatabase ( VOID  )
static

Definition at line 398 of file database.c.

399 {
400  return STATUS_SUCCESS;
401 }
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2777

Referenced by LsapInitDatabase().

◆ LsapValidateDbObject()

NTSTATUS LsapValidateDbObject ( LSAPR_HANDLE  Handle,
LSA_DB_OBJECT_TYPE  ObjectType,
ACCESS_MASK  DesiredAccess,
PLSA_DB_OBJECT DbObject 
)

Definition at line 823 of file database.c.

827 {
828  PLSA_DB_OBJECT LocalObject = (PLSA_DB_OBJECT)Handle;
829  BOOLEAN bValid = FALSE;
830 
831  _SEH2_TRY
832  {
833  if (LocalObject->Signature == LSAP_DB_SIGNATURE)
834  {
835  if ((ObjectType == LsaDbIgnoreObject) ||
836  (LocalObject->ObjectType == ObjectType))
837  bValid = TRUE;
838  }
839  }
840  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
841  {
842  bValid = FALSE;
843  }
844  _SEH2_END;
845 
846  if (bValid == FALSE)
847  return STATUS_INVALID_HANDLE;
848 
849  if (DesiredAccess != 0)
850  {
851  /* Check for granted access rights */
852  if ((LocalObject->Access & DesiredAccess) != DesiredAccess)
853  {
854  ERR("LsapValidateDbObject access check failed %08lx %08lx\n",
855  LocalObject->Access, DesiredAccess);
856  return STATUS_ACCESS_DENIED;
857  }
858  }
859 
860  if (DbObject != NULL)
861  *DbObject = LocalObject;
862 
863  return STATUS_SUCCESS;
864 }
_LSA_DB_OBJECT::Access
ACCESS_MASK Access
Definition: lsasrv.h:60
ObjectType
ObjectType
Definition: metafile.c:80
TRUE
#define TRUE
Definition: types.h:120
_LSA_DB_OBJECT::ObjectType
LSA_DB_OBJECT_TYPE ObjectType
Definition: lsasrv.h:58
STATUS_INVALID_HANDLE
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:231
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4250
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
NULL
smooth NULL
Definition: ftsmooth.c:416
Handle
_In_ HANDLE Handle
Definition: extypes.h:390
STATUS_ACCESS_DENIED
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145
_LSA_DB_OBJECT::Signature
ULONG Signature
Definition: lsasrv.h:57
ERR
#define ERR(fmt,...)
Definition: debug.h:109
LSAP_DB_SIGNATURE
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:66
_SEH2_END
_SEH2_END
Definition: create.c:4424
_LSA_DB_OBJECT
Definition: lsasrv.h:55
DesiredAccess
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
PLSA_DB_OBJECT
struct _LSA_DB_OBJECT * PLSA_DB_OBJECT
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2777

Referenced by LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarClose(), LsarCreateAccount(), LsarCreateSecret(), LsarDeleteObject(), LsarEnumerateAccounts(), LsarEnumerateAccountsWithUserRight(), LsarEnumeratePrivileges(), LsarEnumeratePrivilegesAccount(), LsarGetQuotasForAccount(), LsarGetSystemAccessAccount(), LsarLookupPrivilegeDisplayName(), LsarLookupPrivilegeName(), LsarLookupPrivilegeValue(), LsarOpenAccount(), LsarOpenSecret(), LsarQueryInformationPolicy(), LsarQuerySecret(), LsarQuerySecurityObject(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarRetrievePrivateData(), LsarSetInformationPolicy(), LsarSetQuotasForAccount(), LsarSetSecret(), LsarSetSecurityObject(), LsarSetSystemAccessAccount(), and LsarStorePrivateData().

Variable Documentation

◆ AccountDomainName

UNICODE_STRING AccountDomainName = {0, 0, NULL}

Definition at line 24 of file database.c.

Referenced by LsapGetDomainInfo(), LsapLookupAccountDomainSids(), LsapLookupAccountNames(), LsapLookupIsolatedAccountNames(), and LsapLookupIsolatedNames().

◆ AccountDomainSid

PSID AccountDomainSid = NULL

Definition at line 22 of file database.c.

Referenced by BuildTokenGroups(), BuildTokenInformationBuffer(), BuildTokenPrimaryGroup(), BuildTokenUser(), BuildUserInfoBuffer(), GetAccountDomainSid(), GetUserPrivileges(), LsaApLogonUserEx2(), LsapAddSamGroups(), LsapCreateDatabaseObjects(), LsapGetDomainInfo(), LsapLookupAccountDomainSids(), LsapLookupAccountNames(), LsapLookupIsolatedAccountNames(), LsapLookupIsolatedNames(), NetUserGetGroups(), NetUserGetInfo(), and NetUserGetLocalGroups().

◆ BuiltinDomainName

UNICODE_STRING BuiltinDomainName = {0, 0, NULL}

Definition at line 23 of file database.c.

Referenced by LsapGetDomainInfo(), LsapLookupBuiltinDomainSids(), LsapLookupBuiltinNames(), LsapLookupIsolatedBuiltinNames(), and LsapLookupIsolatedNames().

◆ BuiltinDomainSid

PSID BuiltinDomainSid = NULL

Definition at line 21 of file database.c.

Referenced by LsapGetDomainInfo().

◆ CreatorSidAuthority

SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY}

Definition at line 18 of file database.c.

Referenced by LsapInitSids().

◆ LocalSidAuthority

SID_IDENTIFIER_AUTHORITY LocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY}

Definition at line 17 of file database.c.

Referenced by LsapInitSids().

◆ NtAuthority

SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY}

Definition at line 19 of file database.c.

Referenced by CmpHiveRootSecurityDescriptor(), CreateBaseAcls(), GetNtAuthorityDomainSid(), is_process_limited(), IsUserAdmin(), LsapCreateRandomDomainSid(), LsapGetDomainInfo(), LsapInitSids(), and SmpCreateSecurityDescriptors().

◆ NullSidAuthority

SID_IDENTIFIER_AUTHORITY NullSidAuthority = {SECURITY_NULL_SID_AUTHORITY}

Definition at line 15 of file database.c.

Referenced by LsapInitSids().

◆ SecurityKeyHandle

HANDLE SecurityKeyHandle = NULL
static

Definition at line 13 of file database.c.

Referenced by LsapCreateDatabaseKeys(), LsapCreateDbObject(), LsapIsDatabaseInstalled(), LsapOpenDbObject(), and LsapOpenServiceKey().

◆ WorldSidAuthority

SID_IDENTIFIER_AUTHORITY WorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY}

Definition at line 16 of file database.c.

Referenced by LsapCreateAccountSd(), LsapCreatePolicySd(), LsapCreateSecretSd(), and LsapInitSids().