25 TRACE(
"LsapDeregisterLogonProcess(%p %p)\n", RequestMsg, LogonContext);
105 TRACE(
"LsapCheckLogonProcess(%p)\n", RequestMsg);
121 TRACE(
"NtOpenProcess() failed (Status %lx)\n",
Status);
158 TRACE(
"LsapHandlePortConnection(%p)\n", RequestMsg);
183 (
PVOID*)LogonContext,
190 ERR(
"NtAcceptConnectPort failed (Status 0x%lx)\n",
Status);
196 if (LogonContext !=
NULL)
201 &LogonContext->
Entry);
207 ERR(
"NtCompleteConnectPort failed (Status 0x%lx)\n",
Status);
224 TRACE(
"AuthPortThreadRoutine() called\n");
230 TRACE(
"Reply: %p\n", ReplyMsg);
232 (
PVOID*)&LogonContext,
237 TRACE(
"NtReplyWaitReceivePort() failed (Status %lx)\n",
Status);
241 TRACE(
"Received message\n");
243 switch (RequestMsg.h.u2.s2.Type)
246 TRACE(
"Port connection request\n");
252 TRACE(
"Port closed\n");
257 TRACE(
"Client died\n");
262 TRACE(
"Received request (ApiNumber: %lu)\n", RequestMsg.ApiNumber);
264 switch (RequestMsg.ApiNumber)
269 ReplyMsg = &RequestMsg;
274 ReplyMsg = &RequestMsg;
288 ReplyMsg = &RequestMsg;
294 ReplyMsg = &RequestMsg;
299 ReplyMsg = &RequestMsg;
304 ReplyMsg = &RequestMsg;
309 ReplyMsg = &RequestMsg;
314 ReplyMsg = &RequestMsg;
336 TRACE(
"StartAuthenticationPort()\n");
342 L"\\LsaAuthenticationPort");
357 WARN(
"NtCreatePort() failed (Status %lx)\n",
Status);
362 L"\\SECURITY\\LSA_AUTHENTICATION_INITIALIZED");
373 TRACE(
"NtOpenEvent failed (Status 0x%08lx)\n",
Status);
382 WARN(
"NtCreateEvent failed (Status 0x%08lx)\n",
Status);
391 WARN(
"NtSetEvent failed (Status 0x%08lx)\n",
Status);
static UNICODE_STRING PortName
NTSTATUS LsapCallAuthenticationPackage(PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
NTSTATUS LsapLogonUser(PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
NTSTATUS LsapLookupAuthenticationPackage(PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
static HANDLE PortThreadHandle
static NTSTATUS LsapCheckLogonProcess(PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT *LogonContext)
static LIST_ENTRY LsapLogonContextList
static NTSTATUS LsapHandlePortConnection(PLSA_API_MSG RequestMsg)
NTSTATUS WINAPI AuthPortThreadRoutine(PVOID Param)
static NTSTATUS LsapDeregisterLogonProcess(PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
static HANDLE AuthPortHandle
NTSTATUS StartAuthenticationPort(VOID)
static BOOL LsapIsTrustedClient(_In_ HANDLE ProcessHandle)
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
NTSTATUS NTAPI NtAcceptConnectPort(OUT PHANDLE PortHandle, IN PVOID PortContext OPTIONAL, IN PPORT_MESSAGE ReplyMessage, IN BOOLEAN AcceptConnection, IN OUT PPORT_VIEW ServerView OPTIONAL, OUT PREMOTE_PORT_VIEW ClientView OPTIONAL)
NTSTATUS NTAPI NtCompleteConnectPort(IN HANDLE PortHandle)
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
#define NT_SUCCESS(StatCode)
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
NTSTATUS LsapRegisterNotification(PLSA_API_MSG RequestMsg)
NTSTATUS LsapEnumLogonSessions(IN OUT PLSA_API_MSG RequestMsg)
NTSTATUS LsapGetLogonSessionData(IN OUT PLSA_API_MSG RequestMsg)
#define InsertHeadList(ListHead, Entry)
#define RemoveHeadList(ListHead)
#define InitializeListHead(ListHead)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
#define PROCESS_QUERY_INFORMATION
#define PROCESS_VM_OPERATION
#define OBJ_CASE_INSENSITIVE
#define PROCESS_DUP_HANDLE
_In_ PKSPIN_CONNECT _In_ ACCESS_MASK _Out_ PHANDLE ConnectionHandle
@ LSASS_REQUEST_ENUM_LOGON_SESSIONS
@ LSASS_REQUEST_LOGON_USER
@ LSASS_REQUEST_POLICY_CHANGE_NOTIFY
@ LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE
@ LSASS_REQUEST_GET_LOGON_SESSION_DATA
@ LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE
@ LSASS_REQUEST_DEREGISTER_LOGON_PROCESS
#define LPC_CONNECTION_REQUEST
#define InitializeObjectAttributes(p, n, a, r, s)
_In_ HANDLE ProcessHandle
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
struct _REMOTE_PORT_VIEW REMOTE_PORT_VIEW
NTSTATUS NTAPI NtSetEvent(IN HANDLE EventHandle, OUT PLONG PreviousState OPTIONAL)
NTSTATUS NTAPI NtOpenEvent(OUT PHANDLE EventHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSTATUS NTAPI NtCreateEvent(OUT PHANDLE EventHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN EVENT_TYPE EventType, IN BOOLEAN InitialState)
NTSTATUS NTAPI NtCreatePort(OUT PHANDLE PortHandle, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG MaxConnectInfoLength, IN ULONG MaxDataLength, IN ULONG MaxPoolUsage)
NTSTATUS NTAPI NtReplyPort(IN HANDLE PortHandle, IN PPORT_MESSAGE ReplyMessage)
NTSTATUS NTAPI NtReplyWaitReceivePort(IN HANDLE PortHandle, OUT PVOID *PortContext OPTIONAL, IN PPORT_MESSAGE ReplyMessage OPTIONAL, OUT PPORT_MESSAGE ReceiveMessage)
NTSTATUS NTAPI NtOpenProcess(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId)
NTSTATUS NTAPI NtOpenProcessToken(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
#define STATUS_INVALID_SYSTEM_SERVICE
#define STATUS_BUFFER_TOO_SMALL
HANDLE ClientProcessHandle
LSA_CONNECTION_INFO ConnectInfo
LSA_OPERATIONAL_MODE OperationalMode
CHAR LogonProcessNameBuffer[LSASS_MAX_LOGON_PROCESS_NAME_LENGTH+1]
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
#define STATUS_INSUFFICIENT_RESOURCES
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
#define EVENT_MODIFY_STATE
DWORD(WINAPI * LPTHREAD_START_ROUTINE)(LPVOID)
_Out_ PHANDLE EventHandle
#define RtlEqualLuid(Luid1, Luid2)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges