ReactOS  0.4.14-dev-593-g1793dcc
database.c
Go to the documentation of this file.
1 /*
2  * PROJECT: Local Security Authority Server DLL
3  * LICENSE: GPL - See COPYING in the top level directory
4  * FILE: dll/win32/lsasrv/database.c
5  * PURPOSE: LSA object database
6  * COPYRIGHT: Copyright 2011 Eric Kohl
7  */
8 
9 #include "lsasrv.h"
10 
11 /* GLOBALS *****************************************************************/
12 
14 
20 
25 
26 
27 /* FUNCTIONS ***************************************************************/
28 
29 static NTSTATUS
31 {
35 
37  L"\\Registry\\Machine\\SECURITY");
38 
40  &KeyName,
42  NULL,
43  NULL);
44 
48  0);
49 
50  return Status;
51 }
52 
53 
54 static BOOLEAN
56 {
61 
63  L"Policy");
64 
66  &KeyName,
69  NULL);
70 
72  KEY_READ,
74  0);
75  if (!NT_SUCCESS(Status))
76  return FALSE;
77 
79 
80  return TRUE;
81 }
82 
83 
84 static NTSTATUS
86 {
89  HANDLE PolicyKeyHandle = NULL;
90  HANDLE AccountsKeyHandle = NULL;
91  HANDLE DomainsKeyHandle = NULL;
92  HANDLE SecretsKeyHandle = NULL;
94 
95  TRACE("LsapInstallDatabase()\n");
96 
97  /* Create the 'Policy' key */
99  L"Policy");
100 
102  &KeyName,
105  NULL);
106 
107  Status = NtCreateKey(&PolicyKeyHandle,
110  0,
111  NULL,
112  0,
113  NULL);
114  if (!NT_SUCCESS(Status))
115  {
116  ERR("Failed to create the 'Policy' key (Status: 0x%08lx)\n", Status);
117  goto Done;
118  }
119 
120  /* Create the 'Accounts' key */
122  L"Accounts");
123 
125  &KeyName,
127  PolicyKeyHandle,
128  NULL);
129 
130  Status = NtCreateKey(&AccountsKeyHandle,
133  0,
134  NULL,
135  0,
136  NULL);
137  if (!NT_SUCCESS(Status))
138  {
139  ERR("Failed to create the 'Accounts' key (Status: 0x%08lx)\n", Status);
140  goto Done;
141  }
142 
143  /* Create the 'Domains' key */
145  L"Domains");
146 
148  &KeyName,
150  PolicyKeyHandle,
151  NULL);
152 
153  Status = NtCreateKey(&DomainsKeyHandle,
156  0,
157  NULL,
158  0,
159  NULL);
160  if (!NT_SUCCESS(Status))
161  {
162  ERR("Failed to create the 'Domains' key (Status: 0x%08lx)\n", Status);
163  goto Done;
164  }
165 
166  /* Create the 'Secrets' key */
168  L"Secrets");
169 
171  &KeyName,
173  PolicyKeyHandle,
174  NULL);
175 
176  Status = NtCreateKey(&SecretsKeyHandle,
179  0,
180  NULL,
181  0,
182  NULL);
183  if (!NT_SUCCESS(Status))
184  {
185  ERR("Failed to create the 'Secrets' key (Status: 0x%08lx)\n", Status);
186  goto Done;
187  }
188 
189 Done:
190  if (SecretsKeyHandle != NULL)
191  NtClose(SecretsKeyHandle);
192 
193  if (DomainsKeyHandle != NULL)
194  NtClose(DomainsKeyHandle);
195 
196  if (AccountsKeyHandle != NULL)
197  NtClose(AccountsKeyHandle);
198 
199  if (PolicyKeyHandle != NULL)
200  NtClose(PolicyKeyHandle);
201 
202  TRACE("LsapInstallDatabase() done (Status: 0x%08lx)\n", Status);
203 
204  return Status;
205 }
206 
207 
208 static NTSTATUS
210 {
211  LARGE_INTEGER SystemTime;
212  PULONG Seed;
213 
214  NtQuerySystemTime(&SystemTime);
215  Seed = &SystemTime.u.LowPart;
216 
218  4,
220  RtlUniform(Seed),
221  RtlUniform(Seed),
222  RtlUniform(Seed),
227  Sid);
228 }
229 
230 
231 static NTSTATUS
233 {
234  PLSAP_POLICY_AUDIT_EVENTS_DATA AuditEventsInfo = NULL;
235  POLICY_DEFAULT_QUOTA_INFO QuotaInfo;
236  POLICY_MODIFICATION_INFO ModificationInfo;
237  POLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = {FALSE, FALSE};
238  POLICY_AUDIT_LOG_INFO AuditLogInfo;
239  GUID DnsDomainGuid;
240  PLSA_DB_OBJECT PolicyObject = NULL;
242  PSECURITY_DESCRIPTOR PolicySd = NULL;
243  ULONG PolicySdSize = 0;
244  ULONG i;
246 
247  /* Initialize the default quota limits */
248  QuotaInfo.QuotaLimits.PagedPoolLimit = 0x2000000;
249  QuotaInfo.QuotaLimits.NonPagedPoolLimit = 0x100000;
250  QuotaInfo.QuotaLimits.MinimumWorkingSetSize = 0x10000;
251  QuotaInfo.QuotaLimits.MaximumWorkingSetSize = 0xF000000;
252  QuotaInfo.QuotaLimits.PagefileLimit = 0;
253  QuotaInfo.QuotaLimits.TimeLimit.QuadPart = 0;
254 
255  /* Initialize the audit log attribute */
256  AuditLogInfo.AuditLogPercentFull = 0;
257  AuditLogInfo.MaximumLogSize = 0; // DWORD
258  AuditLogInfo.AuditRetentionPeriod.QuadPart = 0; // LARGE_INTEGER
259  AuditLogInfo.AuditLogFullShutdownInProgress = 0; // BYTE
260  AuditLogInfo.TimeToShutdown.QuadPart = 0; // LARGE_INTEGER
261  AuditLogInfo.NextAuditRecordId = 0; // DWORD
262 
263  /* Initialize the Audit Events attribute */
264  AuditEventsInfo = RtlAllocateHeap(RtlGetProcessHeap(),
267  if (AuditEventsInfo == NULL)
269 
270  AuditEventsInfo->AuditingMode = FALSE;
272  for (i = 0; i < POLICY_AUDIT_EVENT_TYPE_COUNT; i++)
273  AuditEventsInfo->AuditEvents[i] = 0;
274 
275  /* Initialize the DNS Domain GUID attribute */
276  RtlZeroMemory(&DnsDomainGuid, sizeof(DnsDomainGuid));
277 
278  /* Initialize the modification attribute */
279  ModificationInfo.ModifiedId.QuadPart = 0;
280  NtQuerySystemTime(&ModificationInfo.DatabaseCreationTime);
281 
282  /* Create a random domain SID */
284  if (!NT_SUCCESS(Status))
285  goto done;
286 
287  Status = LsapCreatePolicySd(&PolicySd, &PolicySdSize);
288  if (!NT_SUCCESS(Status))
289  goto done;
290 
291  /* Open the 'Policy' object */
293  NULL,
294  L"Policy",
296  0,
297  TRUE,
298  &PolicyObject);
299  if (!NT_SUCCESS(Status))
300  goto done;
301 
302  /* Set the Primary Domain Name attribute */
303  LsapSetObjectAttribute(PolicyObject,
304  L"PolPrDmN",
305  NULL,
306  0);
307 
308  /* Set the Primary Domain SID attribute */
309  LsapSetObjectAttribute(PolicyObject,
310  L"PolPrDmS",
311  NULL,
312  0);
313 
314  /* Set the Account Domain Name attribute */
315  LsapSetObjectAttribute(PolicyObject,
316  L"PolAcDmN",
317  NULL,
318  0);
319 
320  /* Set the Account Domain SID attribute */
321  LsapSetObjectAttribute(PolicyObject,
322  L"PolAcDmS",
325 
326  /* Set the default quota limits attribute */
327  LsapSetObjectAttribute(PolicyObject,
328  L"DefQuota",
329  &QuotaInfo,
330  sizeof(QuotaInfo));
331 
332  /* Set the modification attribute */
333  LsapSetObjectAttribute(PolicyObject,
334  L"PolMod",
335  &ModificationInfo,
336  sizeof(ModificationInfo));
337 
338  /* Set the audit full attribute */
339  LsapSetObjectAttribute(PolicyObject,
340  L"PolAdtFl",
341  &AuditFullInfo,
342  sizeof(AuditFullInfo));
343 
344  /* Set the audit log attribute */
345  LsapSetObjectAttribute(PolicyObject,
346  L"PolAdtLg",
347  &AuditLogInfo,
348  sizeof(AuditLogInfo));
349 
350  /* Set the audit events attribute */
351  LsapSetObjectAttribute(PolicyObject,
352  L"PolAdtEv",
353  AuditEventsInfo,
354  sizeof(*AuditEventsInfo));
355 
356  /* Set the DNS Domain Name attribute */
357  LsapSetObjectAttribute(PolicyObject,
358  L"PolDnDDN",
359  NULL,
360  0);
361 
362  /* Set the DNS Forest Name attribute */
363  LsapSetObjectAttribute(PolicyObject,
364  L"PolDnTrN",
365  NULL,
366  0);
367 
368  /* Set the DNS Domain GUID attribute */
369  LsapSetObjectAttribute(PolicyObject,
370  L"PolDnDmG",
371  &DnsDomainGuid,
372  sizeof(DnsDomainGuid));
373 
374  /* Set the Security Descriptor */
375  LsapSetObjectAttribute(PolicyObject,
376  L"SecDesc",
377  PolicySd,
378  PolicySdSize);
379 
380 done:
381  if (AuditEventsInfo != NULL)
382  RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo);
383 
384  if (PolicyObject != NULL)
385  LsapCloseDbObject(PolicyObject);
386 
387  if (AccountDomainSid != NULL)
389 
390  if (PolicySd != NULL)
391  RtlFreeHeap(RtlGetProcessHeap(), 0, PolicySd);
392 
393  return Status;
394 }
395 
396 
397 static NTSTATUS
399 {
400  return STATUS_SUCCESS;
401 }
402 
403 
404 static NTSTATUS
406 {
407  PLSA_DB_OBJECT PolicyObject = NULL;
408  PUNICODE_STRING DomainName = NULL;
409  ULONG AttributeSize;
410  LPWSTR SidString = NULL;
412 
413  /* Get the built-in domain SID and name */
415  1,
417  0, 0, 0, 0, 0, 0, 0,
419  if (!NT_SUCCESS(Status))
420  return Status;
421 
422 
424  L"BUILTIN");
425 
426  /* Open the 'Policy' object */
428  NULL,
429  L"Policy",
431  0,
432  TRUE,
433  &PolicyObject);
434  if (!NT_SUCCESS(Status))
435  goto done;
436 
437  /* Get the account domain SID */
438  AttributeSize = 0;
439  Status = LsapGetObjectAttribute(PolicyObject,
440  L"PolAcDmS",
441  NULL,
442  &AttributeSize);
443  if (!NT_SUCCESS(Status))
444  goto done;
445 
446  if (AttributeSize > 0)
447  {
448  AccountDomainSid = RtlAllocateHeap(RtlGetProcessHeap(),
450  AttributeSize);
451  if (AccountDomainSid == NULL)
452  {
454  goto done;
455  }
456 
457  Status = LsapGetObjectAttribute(PolicyObject,
458  L"PolAcDmS",
460  &AttributeSize);
461  if (!NT_SUCCESS(Status))
462  goto done;
463  }
464 
465  /* Get the account domain name */
466  AttributeSize = 0;
467  Status = LsapGetObjectAttribute(PolicyObject,
468  L"PolAcDmN",
469  NULL,
470  &AttributeSize);
471  if (!NT_SUCCESS(Status))
472  goto done;
473 
474  if (AttributeSize > 0)
475  {
476  DomainName = RtlAllocateHeap(RtlGetProcessHeap(),
478  AttributeSize);
479  if (DomainName == NULL)
480  {
482  goto done;
483  }
484 
485  Status = LsapGetObjectAttribute(PolicyObject,
486  L"PolAcDmN",
487  DomainName,
488  &AttributeSize);
489  if (!NT_SUCCESS(Status))
490  goto done;
491 
492  DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
493 
494  AccountDomainName.Length = DomainName->Length;
495  AccountDomainName.MaximumLength = DomainName->Length + sizeof(WCHAR);
496  AccountDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
500  {
501  ERR("Failed to allocate the account domain name buffer\n");
503  goto done;
504  }
505 
507  DomainName->Buffer,
508  DomainName->Length);
509  }
510 
512  TRACE("Builtin Domain SID: %S\n", SidString);
513  LocalFree(SidString);
514  SidString = NULL;
515 
516  TRACE("Builtin Domain Name: %wZ\n", &BuiltinDomainName);
517 
519  TRACE("Account Domain SID: %S\n", SidString);
520  LocalFree(SidString);
521  SidString = NULL;
522 
523  TRACE("Account Domain Name: %wZ\n", &AccountDomainName);
524 
525 done:
526  if (DomainName != NULL)
527  RtlFreeHeap(RtlGetProcessHeap(), 0, DomainName);
528 
529  if (PolicyObject != NULL)
530  LsapCloseDbObject(PolicyObject);
531 
532  return Status;
533 }
534 
535 
536 NTSTATUS
538 {
540 
541  TRACE("LsapInitDatabase()\n");
542 
544  if (!NT_SUCCESS(Status))
545  {
546  ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
547  return Status;
548  }
549 
551  {
553  if (!NT_SUCCESS(Status))
554  {
555  ERR("Failed to create the LSA database keys (Status: 0x%08lx)\n", Status);
556  return Status;
557  }
558 
560  if (!NT_SUCCESS(Status))
561  {
562  ERR("Failed to create the LSA database objects (Status: 0x%08lx)\n", Status);
563  return Status;
564  }
565  }
566  else
567  {
569  if (!NT_SUCCESS(Status))
570  {
571  ERR("Failed to update the LSA database (Status: 0x%08lx)\n", Status);
572  return Status;
573  }
574  }
575 
577  if (!NT_SUCCESS(Status))
578  {
579  ERR("Failed to get the domain information (Status: 0x%08lx)\n", Status);
580  return Status;
581  }
582 
583  TRACE("LsapInitDatabase() done\n");
584 
585  return STATUS_SUCCESS;
586 }
587 
588 
589 NTSTATUS
591  IN LPWSTR ContainerName,
595  IN BOOLEAN Trusted,
596  OUT PLSA_DB_OBJECT *DbObject)
597 {
601  HANDLE ParentKeyHandle;
602  HANDLE ContainerKeyHandle = NULL;
603  HANDLE ObjectKeyHandle = NULL;
605 
606  if (DbObject == NULL)
608 
609  if (ParentObject == NULL)
610  ParentKeyHandle = SecurityKeyHandle;
611  else
612  ParentKeyHandle = ParentObject->KeyHandle;
613 
614  if (ContainerName != NULL)
615  {
616  /* Open the container key */
618  ContainerName);
619 
621  &KeyName,
623  ParentKeyHandle,
624  NULL);
625 
626  Status = NtOpenKey(&ContainerKeyHandle,
629  if (!NT_SUCCESS(Status))
630  {
631  return Status;
632  }
633 
634  /* Open the object key */
636  ObjectName);
637 
639  &KeyName,
641  ContainerKeyHandle,
642  NULL);
643 
644  Status = NtCreateKey(&ObjectKeyHandle,
647  0,
648  NULL,
649  0,
650  NULL);
651 
652  NtClose(ContainerKeyHandle);
653 
654  if (!NT_SUCCESS(Status))
655  {
656  return Status;
657  }
658  }
659  else
660  {
662  ObjectName);
663 
665  &KeyName,
667  ParentKeyHandle,
668  NULL);
669 
670  Status = NtCreateKey(&ObjectKeyHandle,
673  0,
674  NULL,
675  0,
676  NULL);
677  if (!NT_SUCCESS(Status))
678  {
679  return Status;
680  }
681  }
682 
683  NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
684  0,
685  sizeof(LSA_DB_OBJECT));
686  if (NewObject == NULL)
687  {
688  NtClose(ObjectKeyHandle);
689  return STATUS_NO_MEMORY;
690  }
691 
692  NewObject->Signature = LSAP_DB_SIGNATURE;
693  NewObject->RefCount = 1;
694  NewObject->ObjectType = ObjectType;
695  NewObject->Access = DesiredAccess;
696  NewObject->KeyHandle = ObjectKeyHandle;
697  NewObject->ParentObject = ParentObject;
698  NewObject->Trusted = Trusted;
699 
700  if (ParentObject != NULL)
701  ParentObject->RefCount++;
702 
703  *DbObject = NewObject;
704 
705  return STATUS_SUCCESS;
706 }
707 
708 
709 NTSTATUS
711  IN LPWSTR ContainerName,
715  IN BOOLEAN Trusted,
716  OUT PLSA_DB_OBJECT *DbObject)
717 {
721  HANDLE ParentKeyHandle;
722  HANDLE ContainerKeyHandle = NULL;
723  HANDLE ObjectKeyHandle = NULL;
725 
726  if (DbObject == NULL)
728 
729  if (ParentObject == NULL)
730  ParentKeyHandle = SecurityKeyHandle;
731  else
732  ParentKeyHandle = ParentObject->KeyHandle;
733 
734  if (ContainerName != NULL)
735  {
736  /* Open the container key */
738  ContainerName);
739 
741  &KeyName,
743  ParentKeyHandle,
744  NULL);
745 
746  Status = NtOpenKey(&ContainerKeyHandle,
749  if (!NT_SUCCESS(Status))
750  {
751  return Status;
752  }
753 
754  /* Open the object key */
756  ObjectName);
757 
759  &KeyName,
761  ContainerKeyHandle,
762  NULL);
763 
764  Status = NtOpenKey(&ObjectKeyHandle,
767 
768  NtClose(ContainerKeyHandle);
769 
770  if (!NT_SUCCESS(Status))
771  {
772  return Status;
773  }
774  }
775  else
776  {
777  /* Open the object key */
779  ObjectName);
780 
782  &KeyName,
784  ParentKeyHandle,
785  NULL);
786 
787  Status = NtOpenKey(&ObjectKeyHandle,
790  if (!NT_SUCCESS(Status))
791  {
792  return Status;
793  }
794  }
795 
796  NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
797  0,
798  sizeof(LSA_DB_OBJECT));
799  if (NewObject == NULL)
800  {
801  NtClose(ObjectKeyHandle);
802  return STATUS_NO_MEMORY;
803  }
804 
805  NewObject->Signature = LSAP_DB_SIGNATURE;
806  NewObject->RefCount = 1;
807  NewObject->ObjectType = ObjectType;
808  NewObject->Access = DesiredAccess;
809  NewObject->KeyHandle = ObjectKeyHandle;
810  NewObject->ParentObject = ParentObject;
811  NewObject->Trusted = Trusted;
812 
813  if (ParentObject != NULL)
814  ParentObject->RefCount++;
815 
816  *DbObject = NewObject;
817 
818  return STATUS_SUCCESS;
819 }
820 
821 
822 NTSTATUS
826  PLSA_DB_OBJECT *DbObject)
827 {
828  PLSA_DB_OBJECT LocalObject = (PLSA_DB_OBJECT)Handle;
829  BOOLEAN bValid = FALSE;
830 
831  _SEH2_TRY
832  {
833  if (LocalObject->Signature == LSAP_DB_SIGNATURE)
834  {
835  if ((ObjectType == LsaDbIgnoreObject) ||
836  (LocalObject->ObjectType == ObjectType))
837  bValid = TRUE;
838  }
839  }
841  {
842  bValid = FALSE;
843  }
844  _SEH2_END;
845 
846  if (bValid == FALSE)
847  return STATUS_INVALID_HANDLE;
848 
849  if (DesiredAccess != 0)
850  {
851  /* Check for granted access rights */
852  if ((LocalObject->Access & DesiredAccess) != DesiredAccess)
853  {
854  ERR("LsapValidateDbObject access check failed %08lx %08lx\n",
855  LocalObject->Access, DesiredAccess);
856  return STATUS_ACCESS_DENIED;
857  }
858  }
859 
860  if (DbObject != NULL)
861  *DbObject = LocalObject;
862 
863  return STATUS_SUCCESS;
864 }
865 
866 
867 NTSTATUS
869 {
870  PLSA_DB_OBJECT ParentObject = NULL;
872 
873  DbObject->RefCount--;
874 
875  if (DbObject->RefCount > 0)
876  return STATUS_SUCCESS;
877 
878  if (DbObject->KeyHandle != NULL)
879  NtClose(DbObject->KeyHandle);
880 
881  if (DbObject->ParentObject != NULL)
882  ParentObject = DbObject->ParentObject;
883 
884  RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
885 
886  if (ParentObject != NULL)
887  {
888  ParentObject->RefCount--;
889 
890  if (ParentObject->RefCount == 0)
891  Status = LsapCloseDbObject(ParentObject);
892  }
893 
894  return Status;
895 }
896 
897 
898 NTSTATUS
900 {
901  PLSA_DB_OBJECT ParentObject = NULL;
902  WCHAR KeyName[64];
903  ULONG Index;
905 
906  DbObject->RefCount--;
907 
908  if (DbObject->RefCount > 0)
909  return STATUS_SUCCESS;
910 
911  if (DbObject->KeyHandle != NULL)
912  {
913  Index = 0;
914 
915  while (TRUE)
916  {
917  Status = LsapRegEnumerateSubKey(DbObject->KeyHandle,
918  Index,
919  sizeof(KeyName),
920  KeyName);
921  if (!NT_SUCCESS(Status))
922  break;
923 
924  TRACE("Index: %lu\n", Index);
925  TRACE("Key name: %S\n", KeyName);
926 
927  Status = LsapRegDeleteSubKey(DbObject->KeyHandle,
928  KeyName);
929  if (!NT_SUCCESS(Status))
930  break;
931  }
932 
935 
936  LsapRegDeleteKey(DbObject->KeyHandle);
937 
938  NtClose(DbObject->KeyHandle);
939  }
940 
941  if (DbObject->ParentObject != NULL)
942  ParentObject = DbObject->ParentObject;
943 
944  RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
945 
946  if (ParentObject != NULL)
947  {
948  ParentObject->RefCount--;
949 
950  if (ParentObject->RefCount == 0)
951  Status = LsapCloseDbObject(ParentObject);
952  }
953 
954  return Status;
955 }
956 
957 
958 NTSTATUS
960  LPWSTR AttributeName,
962  ULONG AttributeSize)
963 {
966  HANDLE AttributeKey;
968 
970  AttributeName);
971 
973  &KeyName,
975  DbObject->KeyHandle,
976  NULL);
977 
978  Status = NtCreateKey(&AttributeKey,
981  0,
982  NULL,
984  NULL);
985  if (!NT_SUCCESS(Status))
986  {
987  ERR("NtCreateKey failed for '%S' with status 0x%lx\n",
988  AttributeName, Status);
989  return Status;
990  }
991 
992  Status = RtlpNtSetValueKey(AttributeKey,
993  REG_NONE,
995  AttributeSize);
996 
997  NtClose(AttributeKey);
998 
999  if (!NT_SUCCESS(Status))
1000  {
1001  ERR("RtlpNtSetValueKey failed for '%S' with status 0x%lx\n",
1002  AttributeName, Status);
1003  }
1004 
1005  return Status;
1006 }
1007 
1008 
1009 NTSTATUS
1011  LPWSTR AttributeName,
1013  PULONG AttributeSize)
1014 {
1017  HANDLE AttributeKey;
1018  ULONG ValueSize;
1019  NTSTATUS Status;
1020 
1022  AttributeName);
1023 
1025  &KeyName,
1027  DbObject->KeyHandle,
1028  NULL);
1029 
1030  Status = NtOpenKey(&AttributeKey,
1032  &ObjectAttributes);
1033  if (!NT_SUCCESS(Status))
1034  {
1035  return Status;
1036  }
1037 
1038  ValueSize = *AttributeSize;
1039  Status = RtlpNtQueryValueKey(AttributeKey,
1040  NULL,
1041  NULL,
1042  &ValueSize,
1043  0);
1045  {
1046  goto Done;
1047  }
1048 
1049  if (AttributeData == NULL || *AttributeSize == 0)
1050  {
1051  *AttributeSize = ValueSize;
1053  goto Done;
1054  }
1055  else if (*AttributeSize < ValueSize)
1056  {
1057  *AttributeSize = ValueSize;
1059  goto Done;
1060  }
1061 
1062  Status = RtlpNtQueryValueKey(AttributeKey,
1063  NULL,
1064  AttributeData,
1065  &ValueSize,
1066  0);
1067  if (NT_SUCCESS(Status))
1068  {
1069  *AttributeSize = ValueSize;
1070  }
1071 
1072 Done:
1073  NtClose(AttributeKey);
1074 
1075  return Status;
1076 }
1077 
1078 
1079 NTSTATUS
1081  LPWSTR AttributeName)
1082 {
1083  return LsapRegDeleteSubKey(DbObject->KeyHandle,
1084  AttributeName);
1085 }
1086 
1087 /* EOF */
struct _LARGE_INTEGER::@2220 u
LARGE_INTEGER TimeLimit
Definition: lsa.idl:292
ACCESS_MASK Access
Definition: lsasrv.h:61
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:710
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
ObjectType
Definition: metafile.c:80
SID_IDENTIFIER_AUTHORITY LocalSidAuthority
Definition: database.c:17
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4711
INT64 NonPagedPoolLimit
Definition: lsa.idl:288
#define IN
Definition: typedefs.h:38
static BOOLEAN LsapIsDatabaseInstalled(VOID)
Definition: database.c:55
#define TRUE
Definition: types.h:120
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
NTSTATUS LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
Definition: database.c:959
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
INT64 PagefileLimit
Definition: lsa.idl:291
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:193
NTSTATUS LsapDeleteDbObject(IN PLSA_DB_OBJECT DbObject)
Definition: database.c:899
#define KEY_SET_VALUE
Definition: nt_native.h:1017
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4711
USHORT MaximumLength
Definition: env_spec_w32.h:370
#define KEY_READ
Definition: nt_native.h:1023
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
LONG NTSTATUS
Definition: precomp.h:26
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:64
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
static NTSTATUS LsapCreateRandomDomainSid(OUT PSID *Sid)
Definition: database.c:209
LSA_DB_OBJECT_TYPE ObjectType
Definition: lsasrv.h:59
DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT]
Definition: lsasrv.h:73
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
Definition: registry.c:89
#define SECURITY_NULL_SID_AUTHORITY
Definition: setypes.h:496
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
Definition: database.c:18
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3259
NTSTATUS LsapInitDatabase(VOID)
Definition: database.c:537
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:231
UNICODE_STRING AccountDomainName
Definition: database.c:24
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:868
_SEH2_TRY
Definition: create.c:4250
uint32_t ULONG_PTR
Definition: typedefs.h:63
static NTSTATUS LsapOpenServiceKey(VOID)
Definition: database.c:30
QUOTA_LIMITS QuotaLimits
Definition: ntsecapi.h:588
static NTSTATUS LsapGetDomainInfo(VOID)
Definition: database.c:405
static NTSTATUS LsapCreateDatabaseObjects(VOID)
Definition: database.c:232
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
PSID BuiltinDomainSid
Definition: database.c:21
NTSTATUS LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
Definition: security.c:14
HANDLE KeyHandle
Definition: lsasrv.h:62
#define SECURITY_LOCAL_SID_AUTHORITY
Definition: setypes.h:502
INT64 PagedPoolLimit
Definition: lsa.idl:287
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
NTSYSAPI ULONG NTAPI RtlUniform(_In_ PULONG Seed)
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
NTSTATUS NTAPI RtlpNtOpenKey(OUT HANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG Unused)
Definition: registry.c:912
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:526
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:16
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
static NTSTATUS LsapUpdateDatabase(VOID)
Definition: database.c:398
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057
_In_ HANDLE Handle
Definition: extypes.h:390
#define TRACE(s)
Definition: solgame.cpp:4
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
UNICODE_STRING BuiltinDomainName
Definition: database.c:23
#define SECURITY_WORLD_SID_AUTHORITY
Definition: setypes.h:499
static const UCHAR Index[8]
Definition: usbohci.c:18
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145
ULONG RefCount
Definition: lsasrv.h:60
ULONG Signature
Definition: lsasrv.h:58
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
#define SECURITY_NULL_RID
Definition: setypes.h:512
LARGE_INTEGER TimeToShutdown
Definition: ntsecapi.h:554
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
Definition: registry.c:933
BOOLEAN AuditLogFullShutdownInProgress
Definition: ntsecapi.h:553
static const WCHAR L[]
Definition: oid.c:1250
LARGE_INTEGER ModifiedId
Definition: ntsecapi.h:591
static HANDLE SecurityKeyHandle
Definition: database.c:13
INT64 MinimumWorkingSetSize
Definition: lsa.idl:289
Status
Definition: gdiplustypes.h:24
enum _LSA_DB_OBJECT_TYPE LSA_DB_OBJECT_TYPE
#define ERR(fmt,...)
Definition: debug.h:109
LARGE_INTEGER AuditRetentionPeriod
Definition: ntsecapi.h:552
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:67
_SEH2_END
Definition: create.c:4424
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:66
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
NTSTATUS NTAPI RtlpNtSetValueKey(IN HANDLE KeyHandle, IN ULONG Type, IN PVOID Data, IN ULONG DataLength)
Definition: registry.c:988
NTSTATUS LsapValidateDbObject(LSAPR_HANDLE Handle, LSA_DB_OBJECT_TYPE ObjectType, ACCESS_MASK DesiredAccess, PLSA_DB_OBJECT *DbObject)
Definition: database.c:823
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
#define STATUS_NO_MEMORY
Definition: ntstatus.h:246
unsigned int * PULONG
Definition: retypes.h:1
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
INT64 MaximumWorkingSetSize
Definition: lsa.idl:290
static NTSTATUS LsapCreateDatabaseKeys(VOID)
Definition: database.c:85
NTSTATUS LsapDeleteObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
Definition: database.c:1080
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
#define OUT
Definition: typedefs.h:39
LARGE_INTEGER DatabaseCreationTime
Definition: ntsecapi.h:592
unsigned int ULONG
Definition: retypes.h:1
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
#define ULONG_PTR
Definition: config.h:101
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:417
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
PSID AccountDomainSid
Definition: database.c:22
struct _LSA_DB_OBJECT * PLSA_DB_OBJECT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
SID_IDENTIFIER_AUTHORITY NullSidAuthority
Definition: database.c:15
#define REG_NONE
Definition: nt_native.h:1492
WCHAR * LPWSTR
Definition: xmlstorage.h:184
NTSTATUS LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:590
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:71
return STATUS_SUCCESS
Definition: btrfs.c:2938
NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
Definition: database.c:1010
#define KEY_CREATE_SUB_KEY
Definition: nt_native.h:1018
ULONG ACCESS_MASK
Definition: nt_native.h:40
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
Definition: registry.c:96
#define SECURITY_NT_NON_UNIQUE
Definition: setypes.h:549
#define SECURITY_CREATOR_SID_AUTHORITY
Definition: setypes.h:505
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:19
LONGLONG QuadPart
Definition: typedefs.h:112
#define POLICY_AUDIT_EVENT_TYPE_COUNT
Definition: lsasrv.h:69
#define KEY_ENUMERATE_SUB_KEYS
Definition: nt_native.h:1019