ReactOS  0.4.15-dev-3181-g4acf100
database.c
Go to the documentation of this file.
1 /*
2  * PROJECT: Local Security Authority Server DLL
3  * LICENSE: GPL - See COPYING in the top level directory
4  * FILE: dll/win32/lsasrv/database.c
5  * PURPOSE: LSA object database
6  * COPYRIGHT: Copyright 2011 Eric Kohl
7  */
8 
9 #include "lsasrv.h"
10 
11 #include <pseh/pseh2.h>
12 
13 /* GLOBALS *****************************************************************/
14 
16 
22 
27 
28 
29 /* FUNCTIONS ***************************************************************/
30 
31 static NTSTATUS
33 {
37 
39  L"\\Registry\\Machine\\SECURITY");
40 
42  &KeyName,
44  NULL,
45  NULL);
46 
50  0);
51 
52  return Status;
53 }
54 
55 
56 static BOOLEAN
58 {
63 
65  L"Policy");
66 
68  &KeyName,
71  NULL);
72 
74  KEY_READ,
76  0);
77  if (!NT_SUCCESS(Status))
78  return FALSE;
79 
81 
82  return TRUE;
83 }
84 
85 
86 static NTSTATUS
88 {
91  HANDLE PolicyKeyHandle = NULL;
92  HANDLE AccountsKeyHandle = NULL;
93  HANDLE DomainsKeyHandle = NULL;
94  HANDLE SecretsKeyHandle = NULL;
96 
97  TRACE("LsapInstallDatabase()\n");
98 
99  /* Create the 'Policy' key */
101  L"Policy");
102 
104  &KeyName,
107  NULL);
108 
109  Status = NtCreateKey(&PolicyKeyHandle,
112  0,
113  NULL,
114  0,
115  NULL);
116  if (!NT_SUCCESS(Status))
117  {
118  ERR("Failed to create the 'Policy' key (Status: 0x%08lx)\n", Status);
119  goto Done;
120  }
121 
122  /* Create the 'Accounts' key */
124  L"Accounts");
125 
127  &KeyName,
129  PolicyKeyHandle,
130  NULL);
131 
132  Status = NtCreateKey(&AccountsKeyHandle,
135  0,
136  NULL,
137  0,
138  NULL);
139  if (!NT_SUCCESS(Status))
140  {
141  ERR("Failed to create the 'Accounts' key (Status: 0x%08lx)\n", Status);
142  goto Done;
143  }
144 
145  /* Create the 'Domains' key */
147  L"Domains");
148 
150  &KeyName,
152  PolicyKeyHandle,
153  NULL);
154 
155  Status = NtCreateKey(&DomainsKeyHandle,
158  0,
159  NULL,
160  0,
161  NULL);
162  if (!NT_SUCCESS(Status))
163  {
164  ERR("Failed to create the 'Domains' key (Status: 0x%08lx)\n", Status);
165  goto Done;
166  }
167 
168  /* Create the 'Secrets' key */
170  L"Secrets");
171 
173  &KeyName,
175  PolicyKeyHandle,
176  NULL);
177 
178  Status = NtCreateKey(&SecretsKeyHandle,
181  0,
182  NULL,
183  0,
184  NULL);
185  if (!NT_SUCCESS(Status))
186  {
187  ERR("Failed to create the 'Secrets' key (Status: 0x%08lx)\n", Status);
188  goto Done;
189  }
190 
191 Done:
192  if (SecretsKeyHandle != NULL)
193  NtClose(SecretsKeyHandle);
194 
195  if (DomainsKeyHandle != NULL)
196  NtClose(DomainsKeyHandle);
197 
198  if (AccountsKeyHandle != NULL)
199  NtClose(AccountsKeyHandle);
200 
201  if (PolicyKeyHandle != NULL)
202  NtClose(PolicyKeyHandle);
203 
204  TRACE("LsapInstallDatabase() done (Status: 0x%08lx)\n", Status);
205 
206  return Status;
207 }
208 
209 
210 static NTSTATUS
212 {
213  LARGE_INTEGER SystemTime;
214  PULONG Seed;
215 
216  NtQuerySystemTime(&SystemTime);
217  Seed = &SystemTime.u.LowPart;
218 
220  4,
222  RtlUniform(Seed),
223  RtlUniform(Seed),
224  RtlUniform(Seed),
229  Sid);
230 }
231 
232 
233 static NTSTATUS
235 {
236  PLSAP_POLICY_AUDIT_EVENTS_DATA AuditEventsInfo = NULL;
237  POLICY_DEFAULT_QUOTA_INFO QuotaInfo;
238  POLICY_MODIFICATION_INFO ModificationInfo;
239  POLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = {FALSE, FALSE};
240  POLICY_AUDIT_LOG_INFO AuditLogInfo;
241  GUID DnsDomainGuid;
242  PLSA_DB_OBJECT PolicyObject = NULL;
244  PSECURITY_DESCRIPTOR PolicySd = NULL;
245  ULONG PolicySdSize = 0;
246  ULONG i;
248 
249  /* Initialize the default quota limits */
250  QuotaInfo.QuotaLimits.PagedPoolLimit = 0x2000000;
251  QuotaInfo.QuotaLimits.NonPagedPoolLimit = 0x100000;
252  QuotaInfo.QuotaLimits.MinimumWorkingSetSize = 0x10000;
253  QuotaInfo.QuotaLimits.MaximumWorkingSetSize = 0xF000000;
254  QuotaInfo.QuotaLimits.PagefileLimit = 0;
255  QuotaInfo.QuotaLimits.TimeLimit.QuadPart = 0;
256 
257  /* Initialize the audit log attribute */
258  AuditLogInfo.AuditLogPercentFull = 0;
259  AuditLogInfo.MaximumLogSize = 0; // DWORD
260  AuditLogInfo.AuditRetentionPeriod.QuadPart = 0; // LARGE_INTEGER
261  AuditLogInfo.AuditLogFullShutdownInProgress = 0; // BYTE
262  AuditLogInfo.TimeToShutdown.QuadPart = 0; // LARGE_INTEGER
263  AuditLogInfo.NextAuditRecordId = 0; // DWORD
264 
265  /* Initialize the Audit Events attribute */
266  AuditEventsInfo = RtlAllocateHeap(RtlGetProcessHeap(),
269  if (AuditEventsInfo == NULL)
271 
272  AuditEventsInfo->AuditingMode = FALSE;
274  for (i = 0; i < POLICY_AUDIT_EVENT_TYPE_COUNT; i++)
275  AuditEventsInfo->AuditEvents[i] = 0;
276 
277  /* Initialize the DNS Domain GUID attribute */
278  RtlZeroMemory(&DnsDomainGuid, sizeof(DnsDomainGuid));
279 
280  /* Initialize the modification attribute */
281  ModificationInfo.ModifiedId.QuadPart = 0;
282  NtQuerySystemTime(&ModificationInfo.DatabaseCreationTime);
283 
284  /* Create a random domain SID */
286  if (!NT_SUCCESS(Status))
287  goto done;
288 
289  Status = LsapCreatePolicySd(&PolicySd, &PolicySdSize);
290  if (!NT_SUCCESS(Status))
291  goto done;
292 
293  /* Open the 'Policy' object */
295  NULL,
296  L"Policy",
298  0,
299  TRUE,
300  &PolicyObject);
301  if (!NT_SUCCESS(Status))
302  goto done;
303 
304  /* Set the Primary Domain Name attribute */
305  LsapSetObjectAttribute(PolicyObject,
306  L"PolPrDmN",
307  NULL,
308  0);
309 
310  /* Set the Primary Domain SID attribute */
311  LsapSetObjectAttribute(PolicyObject,
312  L"PolPrDmS",
313  NULL,
314  0);
315 
316  /* Set the Account Domain Name attribute */
317  LsapSetObjectAttribute(PolicyObject,
318  L"PolAcDmN",
319  NULL,
320  0);
321 
322  /* Set the Account Domain SID attribute */
323  LsapSetObjectAttribute(PolicyObject,
324  L"PolAcDmS",
327 
328  /* Set the default quota limits attribute */
329  LsapSetObjectAttribute(PolicyObject,
330  L"DefQuota",
331  &QuotaInfo,
332  sizeof(QuotaInfo));
333 
334  /* Set the modification attribute */
335  LsapSetObjectAttribute(PolicyObject,
336  L"PolMod",
337  &ModificationInfo,
338  sizeof(ModificationInfo));
339 
340  /* Set the audit full attribute */
341  LsapSetObjectAttribute(PolicyObject,
342  L"PolAdtFl",
343  &AuditFullInfo,
344  sizeof(AuditFullInfo));
345 
346  /* Set the audit log attribute */
347  LsapSetObjectAttribute(PolicyObject,
348  L"PolAdtLg",
349  &AuditLogInfo,
350  sizeof(AuditLogInfo));
351 
352  /* Set the audit events attribute */
353  LsapSetObjectAttribute(PolicyObject,
354  L"PolAdtEv",
355  AuditEventsInfo,
356  sizeof(*AuditEventsInfo));
357 
358  /* Set the DNS Domain Name attribute */
359  LsapSetObjectAttribute(PolicyObject,
360  L"PolDnDDN",
361  NULL,
362  0);
363 
364  /* Set the DNS Forest Name attribute */
365  LsapSetObjectAttribute(PolicyObject,
366  L"PolDnTrN",
367  NULL,
368  0);
369 
370  /* Set the DNS Domain GUID attribute */
371  LsapSetObjectAttribute(PolicyObject,
372  L"PolDnDmG",
373  &DnsDomainGuid,
374  sizeof(DnsDomainGuid));
375 
376  /* Set the Security Descriptor */
377  LsapSetObjectAttribute(PolicyObject,
378  L"SecDesc",
379  PolicySd,
380  PolicySdSize);
381 
382 done:
383  if (AuditEventsInfo != NULL)
384  RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo);
385 
386  if (PolicyObject != NULL)
387  LsapCloseDbObject(PolicyObject);
388 
389  if (AccountDomainSid != NULL)
391 
392  if (PolicySd != NULL)
393  RtlFreeHeap(RtlGetProcessHeap(), 0, PolicySd);
394 
395  return Status;
396 }
397 
398 
399 static NTSTATUS
401 {
402  return STATUS_SUCCESS;
403 }
404 
405 
406 static NTSTATUS
408 {
409  PLSA_DB_OBJECT PolicyObject = NULL;
410  PUNICODE_STRING DomainName = NULL;
411  ULONG AttributeSize;
412  LPWSTR SidString = NULL;
414 
415  /* Get the built-in domain SID and name */
417  1,
419  0, 0, 0, 0, 0, 0, 0,
421  if (!NT_SUCCESS(Status))
422  return Status;
423 
424 
426  L"BUILTIN");
427 
428  /* Open the 'Policy' object */
430  NULL,
431  L"Policy",
433  0,
434  TRUE,
435  &PolicyObject);
436  if (!NT_SUCCESS(Status))
437  goto done;
438 
439  /* Get the account domain SID */
440  AttributeSize = 0;
441  Status = LsapGetObjectAttribute(PolicyObject,
442  L"PolAcDmS",
443  NULL,
444  &AttributeSize);
445  if (!NT_SUCCESS(Status))
446  goto done;
447 
448  if (AttributeSize > 0)
449  {
450  AccountDomainSid = RtlAllocateHeap(RtlGetProcessHeap(),
452  AttributeSize);
453  if (AccountDomainSid == NULL)
454  {
456  goto done;
457  }
458 
459  Status = LsapGetObjectAttribute(PolicyObject,
460  L"PolAcDmS",
462  &AttributeSize);
463  if (!NT_SUCCESS(Status))
464  goto done;
465  }
466 
467  /* Get the account domain name */
468  AttributeSize = 0;
469  Status = LsapGetObjectAttribute(PolicyObject,
470  L"PolAcDmN",
471  NULL,
472  &AttributeSize);
473  if (!NT_SUCCESS(Status))
474  goto done;
475 
476  if (AttributeSize > 0)
477  {
478  DomainName = RtlAllocateHeap(RtlGetProcessHeap(),
480  AttributeSize);
481  if (DomainName == NULL)
482  {
484  goto done;
485  }
486 
487  Status = LsapGetObjectAttribute(PolicyObject,
488  L"PolAcDmN",
489  DomainName,
490  &AttributeSize);
491  if (!NT_SUCCESS(Status))
492  goto done;
493 
494  DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
495 
496  AccountDomainName.Length = DomainName->Length;
497  AccountDomainName.MaximumLength = DomainName->Length + sizeof(WCHAR);
498  AccountDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
502  {
503  ERR("Failed to allocate the account domain name buffer\n");
505  goto done;
506  }
507 
509  DomainName->Buffer,
510  DomainName->Length);
511  }
512 
514  TRACE("Builtin Domain SID: %S\n", SidString);
515  LocalFree(SidString);
516  SidString = NULL;
517 
518  TRACE("Builtin Domain Name: %wZ\n", &BuiltinDomainName);
519 
521  TRACE("Account Domain SID: %S\n", SidString);
522  LocalFree(SidString);
523  SidString = NULL;
524 
525  TRACE("Account Domain Name: %wZ\n", &AccountDomainName);
526 
527 done:
528  if (DomainName != NULL)
529  RtlFreeHeap(RtlGetProcessHeap(), 0, DomainName);
530 
531  if (PolicyObject != NULL)
532  LsapCloseDbObject(PolicyObject);
533 
534  return Status;
535 }
536 
537 
538 NTSTATUS
540 {
542 
543  TRACE("LsapInitDatabase()\n");
544 
546  if (!NT_SUCCESS(Status))
547  {
548  ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
549  return Status;
550  }
551 
553  {
555  if (!NT_SUCCESS(Status))
556  {
557  ERR("Failed to create the LSA database keys (Status: 0x%08lx)\n", Status);
558  return Status;
559  }
560 
562  if (!NT_SUCCESS(Status))
563  {
564  ERR("Failed to create the LSA database objects (Status: 0x%08lx)\n", Status);
565  return Status;
566  }
567  }
568  else
569  {
571  if (!NT_SUCCESS(Status))
572  {
573  ERR("Failed to update the LSA database (Status: 0x%08lx)\n", Status);
574  return Status;
575  }
576  }
577 
579  if (!NT_SUCCESS(Status))
580  {
581  ERR("Failed to get the domain information (Status: 0x%08lx)\n", Status);
582  return Status;
583  }
584 
585  TRACE("LsapInitDatabase() done\n");
586 
587  return STATUS_SUCCESS;
588 }
589 
590 
591 NTSTATUS
593  IN LPWSTR ContainerName,
597  IN BOOLEAN Trusted,
598  OUT PLSA_DB_OBJECT *DbObject)
599 {
603  HANDLE ParentKeyHandle;
604  HANDLE ContainerKeyHandle = NULL;
605  HANDLE ObjectKeyHandle = NULL;
607 
608  if (DbObject == NULL)
610 
611  if (ParentObject == NULL)
612  ParentKeyHandle = SecurityKeyHandle;
613  else
614  ParentKeyHandle = ParentObject->KeyHandle;
615 
616  if (ContainerName != NULL)
617  {
618  /* Open the container key */
620  ContainerName);
621 
623  &KeyName,
625  ParentKeyHandle,
626  NULL);
627 
628  Status = NtOpenKey(&ContainerKeyHandle,
631  if (!NT_SUCCESS(Status))
632  {
633  return Status;
634  }
635 
636  /* Open the object key */
638  ObjectName);
639 
641  &KeyName,
643  ContainerKeyHandle,
644  NULL);
645 
646  Status = NtCreateKey(&ObjectKeyHandle,
649  0,
650  NULL,
651  0,
652  NULL);
653 
654  NtClose(ContainerKeyHandle);
655 
656  if (!NT_SUCCESS(Status))
657  {
658  return Status;
659  }
660  }
661  else
662  {
664  ObjectName);
665 
667  &KeyName,
669  ParentKeyHandle,
670  NULL);
671 
672  Status = NtCreateKey(&ObjectKeyHandle,
675  0,
676  NULL,
677  0,
678  NULL);
679  if (!NT_SUCCESS(Status))
680  {
681  return Status;
682  }
683  }
684 
685  NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
686  0,
687  sizeof(LSA_DB_OBJECT));
688  if (NewObject == NULL)
689  {
690  NtClose(ObjectKeyHandle);
691  return STATUS_NO_MEMORY;
692  }
693 
694  NewObject->Signature = LSAP_DB_SIGNATURE;
695  NewObject->RefCount = 1;
696  NewObject->ObjectType = ObjectType;
697  NewObject->Access = DesiredAccess;
698  NewObject->KeyHandle = ObjectKeyHandle;
699  NewObject->ParentObject = ParentObject;
700  NewObject->Trusted = Trusted;
701 
702  if (ParentObject != NULL)
703  ParentObject->RefCount++;
704 
705  *DbObject = NewObject;
706 
707  return STATUS_SUCCESS;
708 }
709 
710 
711 NTSTATUS
713  IN LPWSTR ContainerName,
717  IN BOOLEAN Trusted,
718  OUT PLSA_DB_OBJECT *DbObject)
719 {
723  HANDLE ParentKeyHandle;
724  HANDLE ContainerKeyHandle = NULL;
725  HANDLE ObjectKeyHandle = NULL;
727 
728  if (DbObject == NULL)
730 
731  if (ParentObject == NULL)
732  ParentKeyHandle = SecurityKeyHandle;
733  else
734  ParentKeyHandle = ParentObject->KeyHandle;
735 
736  if (ContainerName != NULL)
737  {
738  /* Open the container key */
740  ContainerName);
741 
743  &KeyName,
745  ParentKeyHandle,
746  NULL);
747 
748  Status = NtOpenKey(&ContainerKeyHandle,
751  if (!NT_SUCCESS(Status))
752  {
753  return Status;
754  }
755 
756  /* Open the object key */
758  ObjectName);
759 
761  &KeyName,
763  ContainerKeyHandle,
764  NULL);
765 
766  Status = NtOpenKey(&ObjectKeyHandle,
769 
770  NtClose(ContainerKeyHandle);
771 
772  if (!NT_SUCCESS(Status))
773  {
774  return Status;
775  }
776  }
777  else
778  {
779  /* Open the object key */
781  ObjectName);
782 
784  &KeyName,
786  ParentKeyHandle,
787  NULL);
788 
789  Status = NtOpenKey(&ObjectKeyHandle,
792  if (!NT_SUCCESS(Status))
793  {
794  return Status;
795  }
796  }
797 
798  NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
799  0,
800  sizeof(LSA_DB_OBJECT));
801  if (NewObject == NULL)
802  {
803  NtClose(ObjectKeyHandle);
804  return STATUS_NO_MEMORY;
805  }
806 
807  NewObject->Signature = LSAP_DB_SIGNATURE;
808  NewObject->RefCount = 1;
809  NewObject->ObjectType = ObjectType;
810  NewObject->Access = DesiredAccess;
811  NewObject->KeyHandle = ObjectKeyHandle;
812  NewObject->ParentObject = ParentObject;
813  NewObject->Trusted = Trusted;
814 
815  if (ParentObject != NULL)
816  ParentObject->RefCount++;
817 
818  *DbObject = NewObject;
819 
820  return STATUS_SUCCESS;
821 }
822 
823 
824 NTSTATUS
828  PLSA_DB_OBJECT *DbObject)
829 {
830  PLSA_DB_OBJECT LocalObject = (PLSA_DB_OBJECT)Handle;
831  BOOLEAN bValid = FALSE;
832 
833  _SEH2_TRY
834  {
835  if (LocalObject->Signature == LSAP_DB_SIGNATURE)
836  {
837  if ((ObjectType == LsaDbIgnoreObject) ||
838  (LocalObject->ObjectType == ObjectType))
839  bValid = TRUE;
840  }
841  }
843  {
844  bValid = FALSE;
845  }
846  _SEH2_END;
847 
848  if (bValid == FALSE)
849  return STATUS_INVALID_HANDLE;
850 
851  if (DesiredAccess != 0)
852  {
853  /* Check for granted access rights */
854  if ((LocalObject->Access & DesiredAccess) != DesiredAccess)
855  {
856  ERR("LsapValidateDbObject access check failed %08lx %08lx\n",
857  LocalObject->Access, DesiredAccess);
858  return STATUS_ACCESS_DENIED;
859  }
860  }
861 
862  if (DbObject != NULL)
863  *DbObject = LocalObject;
864 
865  return STATUS_SUCCESS;
866 }
867 
868 
869 NTSTATUS
871 {
872  PLSA_DB_OBJECT ParentObject = NULL;
874 
875  DbObject->RefCount--;
876 
877  if (DbObject->RefCount > 0)
878  return STATUS_SUCCESS;
879 
880  if (DbObject->KeyHandle != NULL)
881  NtClose(DbObject->KeyHandle);
882 
883  if (DbObject->ParentObject != NULL)
884  ParentObject = DbObject->ParentObject;
885 
886  RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
887 
888  if (ParentObject != NULL)
889  {
890  ParentObject->RefCount--;
891 
892  if (ParentObject->RefCount == 0)
893  Status = LsapCloseDbObject(ParentObject);
894  }
895 
896  return Status;
897 }
898 
899 
900 NTSTATUS
902 {
903  PLSA_DB_OBJECT ParentObject = NULL;
904  WCHAR KeyName[64];
905  ULONG Index;
907 
908  DbObject->RefCount--;
909 
910  if (DbObject->RefCount > 0)
911  return STATUS_SUCCESS;
912 
913  if (DbObject->KeyHandle != NULL)
914  {
915  Index = 0;
916 
917  while (TRUE)
918  {
919  Status = LsapRegEnumerateSubKey(DbObject->KeyHandle,
920  Index,
921  sizeof(KeyName),
922  KeyName);
923  if (!NT_SUCCESS(Status))
924  break;
925 
926  TRACE("Index: %lu\n", Index);
927  TRACE("Key name: %S\n", KeyName);
928 
929  Status = LsapRegDeleteSubKey(DbObject->KeyHandle,
930  KeyName);
931  if (!NT_SUCCESS(Status))
932  break;
933  }
934 
937 
938  LsapRegDeleteKey(DbObject->KeyHandle);
939 
940  NtClose(DbObject->KeyHandle);
941  }
942 
943  if (DbObject->ParentObject != NULL)
944  ParentObject = DbObject->ParentObject;
945 
946  RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
947 
948  if (ParentObject != NULL)
949  {
950  ParentObject->RefCount--;
951 
952  if (ParentObject->RefCount == 0)
953  Status = LsapCloseDbObject(ParentObject);
954  }
955 
956  return Status;
957 }
958 
959 
960 NTSTATUS
962  LPWSTR AttributeName,
964  ULONG AttributeSize)
965 {
968  HANDLE AttributeKey;
970 
972  AttributeName);
973 
975  &KeyName,
977  DbObject->KeyHandle,
978  NULL);
979 
980  Status = NtCreateKey(&AttributeKey,
983  0,
984  NULL,
986  NULL);
987  if (!NT_SUCCESS(Status))
988  {
989  ERR("NtCreateKey failed for '%S' with status 0x%lx\n",
990  AttributeName, Status);
991  return Status;
992  }
993 
994  Status = RtlpNtSetValueKey(AttributeKey,
995  REG_NONE,
997  AttributeSize);
998 
999  NtClose(AttributeKey);
1000 
1001  if (!NT_SUCCESS(Status))
1002  {
1003  ERR("RtlpNtSetValueKey failed for '%S' with status 0x%lx\n",
1004  AttributeName, Status);
1005  }
1006 
1007  return Status;
1008 }
1009 
1010 
1011 NTSTATUS
1013  LPWSTR AttributeName,
1015  PULONG AttributeSize)
1016 {
1019  HANDLE AttributeKey;
1020  ULONG ValueSize;
1021  NTSTATUS Status;
1022 
1024  AttributeName);
1025 
1027  &KeyName,
1029  DbObject->KeyHandle,
1030  NULL);
1031 
1032  Status = NtOpenKey(&AttributeKey,
1034  &ObjectAttributes);
1035  if (!NT_SUCCESS(Status))
1036  {
1037  return Status;
1038  }
1039 
1040  ValueSize = *AttributeSize;
1041  Status = RtlpNtQueryValueKey(AttributeKey,
1042  NULL,
1043  NULL,
1044  &ValueSize,
1045  0);
1047  {
1048  goto Done;
1049  }
1050 
1051  if (AttributeData == NULL || *AttributeSize == 0)
1052  {
1053  *AttributeSize = ValueSize;
1055  goto Done;
1056  }
1057  else if (*AttributeSize < ValueSize)
1058  {
1059  *AttributeSize = ValueSize;
1061  goto Done;
1062  }
1063 
1064  Status = RtlpNtQueryValueKey(AttributeKey,
1065  NULL,
1066  AttributeData,
1067  &ValueSize,
1068  0);
1069  if (NT_SUCCESS(Status))
1070  {
1071  *AttributeSize = ValueSize;
1072  }
1073 
1074 Done:
1075  NtClose(AttributeKey);
1076 
1077  return Status;
1078 }
1079 
1080 
1081 NTSTATUS
1083  LPWSTR AttributeName)
1084 {
1085  return LsapRegDeleteSubKey(DbObject->KeyHandle,
1086  AttributeName);
1087 }
1088 
1089 /* EOF */
LARGE_INTEGER TimeLimit
Definition: lsa.idl:292
ACCESS_MASK Access
Definition: lsasrv.h:61
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
NTSTATUS LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:712
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
ObjectType
Definition: metafile.c:80
SID_IDENTIFIER_AUTHORITY LocalSidAuthority
Definition: database.c:19
INT64 NonPagedPoolLimit
Definition: lsa.idl:288
#define IN
Definition: typedefs.h:39
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
static BOOLEAN LsapIsDatabaseInstalled(VOID)
Definition: database.c:57
NTSTATUS LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
Definition: database.c:961
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
INT64 PagefileLimit
Definition: lsa.idl:291
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:205
NTSTATUS LsapDeleteDbObject(IN PLSA_DB_OBJECT DbObject)
Definition: database.c:901
#define KEY_SET_VALUE
Definition: nt_native.h:1017
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4711
USHORT MaximumLength
Definition: env_spec_w32.h:370
#define KEY_READ
Definition: nt_native.h:1023
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
LONG NTSTATUS
Definition: precomp.h:26
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:64
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
static NTSTATUS LsapCreateRandomDomainSid(OUT PSID *Sid)
Definition: database.c:211
LSA_DB_OBJECT_TYPE ObjectType
Definition: lsasrv.h:59
DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT]
Definition: lsasrv.h:73
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
Definition: registry.c:89
#define SECURITY_NULL_SID_AUTHORITY
Definition: setypes.h:511
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
Definition: database.c:20
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3259
NTSTATUS LsapInitDatabase(VOID)
Definition: database.c:539
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
#define STATUS_INVALID_HANDLE
Definition: ntstatus.h:245
UNICODE_STRING AccountDomainName
Definition: database.c:26
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:870
_SEH2_TRY
Definition: create.c:4226
uint32_t ULONG_PTR
Definition: typedefs.h:65
static NTSTATUS LsapOpenServiceKey(VOID)
Definition: database.c:32
QUOTA_LIMITS QuotaLimits
Definition: ntsecapi.h:591
static NTSTATUS LsapGetDomainInfo(VOID)
Definition: database.c:407
static NTSTATUS LsapCreateDatabaseObjects(VOID)
Definition: database.c:234
PSID BuiltinDomainSid
Definition: database.c:23
#define FALSE
Definition: types.h:117
NTSTATUS LsapCreatePolicySd(PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
Definition: security.c:14
HANDLE KeyHandle
Definition: lsasrv.h:62
#define SECURITY_LOCAL_SID_AUTHORITY
Definition: setypes.h:517
INT64 PagedPoolLimit
Definition: lsa.idl:287
NTSYSAPI ULONG NTAPI RtlUniform(_In_ PULONG Seed)
unsigned char BOOLEAN
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
NTSTATUS NTAPI RtlpNtOpenKey(OUT HANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG Unused)
Definition: registry.c:912
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:541
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:18
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
static NTSTATUS LsapUpdateDatabase(VOID)
Definition: database.c:400
Status
Definition: gdiplustypes.h:24
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057
#define TRACE(s)
Definition: solgame.cpp:4
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:568
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
UNICODE_STRING BuiltinDomainName
Definition: database.c:25
#define SECURITY_WORLD_SID_AUTHORITY
Definition: setypes.h:514
_In_ WDFCOLLECTION _In_ ULONG Index
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145
ULONG RefCount
Definition: lsasrv.h:60
ULONG Signature
Definition: lsasrv.h:58
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
#define SECURITY_NULL_RID
Definition: setypes.h:527
LARGE_INTEGER TimeToShutdown
Definition: ntsecapi.h:557
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
Definition: registry.c:933
BOOLEAN AuditLogFullShutdownInProgress
Definition: ntsecapi.h:556
static const WCHAR L[]
Definition: oid.c:1250
LARGE_INTEGER ModifiedId
Definition: ntsecapi.h:594
static HANDLE SecurityKeyHandle
Definition: database.c:15
INT64 MinimumWorkingSetSize
Definition: lsa.idl:289
enum _LSA_DB_OBJECT_TYPE LSA_DB_OBJECT_TYPE
#define ERR(fmt,...)
Definition: debug.h:110
LARGE_INTEGER AuditRetentionPeriod
Definition: ntsecapi.h:555
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:67
_SEH2_END
Definition: create.c:4400
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:66
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
NTSTATUS NTAPI RtlpNtSetValueKey(IN HANDLE KeyHandle, IN ULONG Type, IN PVOID Data, IN ULONG DataLength)
Definition: registry.c:988
NTSTATUS LsapValidateDbObject(LSAPR_HANDLE Handle, LSA_DB_OBJECT_TYPE ObjectType, ACCESS_MASK DesiredAccess, PLSA_DB_OBJECT *DbObject)
Definition: database.c:825
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
unsigned int * PULONG
Definition: retypes.h:1
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
INT64 MaximumWorkingSetSize
Definition: lsa.idl:290
static NTSTATUS LsapCreateDatabaseKeys(VOID)
Definition: database.c:87
NTSTATUS LsapDeleteObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
Definition: database.c:1082
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
_In_ HANDLE Handle
Definition: extypes.h:390
#define OUT
Definition: typedefs.h:40
LARGE_INTEGER DatabaseCreationTime
Definition: ntsecapi.h:595
unsigned int ULONG
Definition: retypes.h:1
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define ULONG_PTR
Definition: config.h:101
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:472
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
PSID AccountDomainSid
Definition: database.c:24
struct _LSA_DB_OBJECT * PLSA_DB_OBJECT
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
SID_IDENTIFIER_AUTHORITY NullSidAuthority
Definition: database.c:17
#define STATUS_SUCCESS
Definition: shellext.h:65
#define REG_NONE
Definition: nt_native.h:1492
WCHAR * LPWSTR
Definition: xmlstorage.h:184
NTSTATUS LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
Definition: database.c:592
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:71
NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
Definition: database.c:1012
#define KEY_CREATE_SUB_KEY
Definition: nt_native.h:1018
ULONG ACCESS_MASK
Definition: nt_native.h:40
struct _LARGE_INTEGER::@2239 u
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
Definition: registry.c:96
#define SECURITY_NT_NON_UNIQUE
Definition: setypes.h:564
#define SECURITY_CREATOR_SID_AUTHORITY
Definition: setypes.h:520
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:21
LONGLONG QuadPart
Definition: typedefs.h:114
#define POLICY_AUDIT_EVENT_TYPE_COUNT
Definition: lsasrv.h:69
#define KEY_ENUMERATE_SUB_KEYS
Definition: nt_native.h:1019