ReactOS 0.4.16-dev-1515-g853b446
lsa.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS msgina.dll
3 * FILE: dll/win32/msgina/gui.c
4 * PURPOSE: ReactOS Logon GINA DLL
5 * PROGRAMMER: Eric Kohl
6 */
7
8#include "msgina.h"
9
12 PGINA_CONTEXT pgContext)
13{
14 LSA_STRING LogonProcessName;
15 LSA_STRING PackageName;
18
19 /* We are already connected to the LSA */
20 if (pgContext->LsaHandle != NULL)
21 return STATUS_SUCCESS;
22
23 /* Connect to the LSA server */
24 RtlInitAnsiString((PANSI_STRING)&LogonProcessName,
25 "MSGINA");
26
27 Status = LsaRegisterLogonProcess(&LogonProcessName,
28 &pgContext->LsaHandle,
30 if (!NT_SUCCESS(Status))
31 {
32 ERR("LsaRegisterLogonProcess failed (Status 0x%08lx)\n", Status);
33 return Status;
34 }
35
36 /* Get the authentication package */
37 RtlInitAnsiString((PANSI_STRING)&PackageName,
39
41 &PackageName,
42 &pgContext->AuthenticationPackage);
43 if (!NT_SUCCESS(Status))
44 {
45 ERR("LsaLookupAuthenticationPackage failed (Status 0x%08lx)\n", Status);
46 }
47
48 return Status;
49}
50
51static const CHAR User32TokenSourceName[] = "User32 ";
53
58 LPWSTR lpszUsername,
63{
66 PSID LogonSid = NULL;
69 UNICODE_STRING DomainName;
70 UNICODE_STRING UserName;
73 ULONG AuthInfoLength;
79 LUID Luid = {0, 0};
80 LUID LogonId = {0, 0};
82 QUOTA_LIMITS QuotaLimits;
84
85 *phToken = NULL;
86
88 "MSGINA Logon");
89
90 RtlInitUnicodeString(&DomainName,
92
93 RtlInitUnicodeString(&UserName,
94 lpszUsername);
95
98
99 AuthInfoLength = sizeof(MSV1_0_INTERACTIVE_LOGON)+
100 DomainName.MaximumLength +
101 UserName.MaximumLength +
102 Password.MaximumLength;
103
104 AuthInfo = RtlAllocateHeap(RtlGetProcessHeap(),
106 AuthInfoLength);
107 if (AuthInfo == NULL)
108 {
110 goto done;
111 }
112
114
115 Ptr = (ULONG_PTR)AuthInfo + sizeof(MSV1_0_INTERACTIVE_LOGON);
116
117 AuthInfo->LogonDomainName.Length = DomainName.Length;
118 AuthInfo->LogonDomainName.MaximumLength = DomainName.MaximumLength;
119 AuthInfo->LogonDomainName.Buffer = (DomainName.Buffer == NULL) ? NULL : (PWCHAR)Ptr;
120 if (DomainName.MaximumLength > 0)
121 {
123 DomainName.Buffer,
124 DomainName.MaximumLength);
125
126 Ptr += DomainName.MaximumLength;
127 }
128
129 AuthInfo->UserName.Length = UserName.Length;
130 AuthInfo->UserName.MaximumLength = UserName.MaximumLength;
131 AuthInfo->UserName.Buffer = (PWCHAR)Ptr;
132 if (UserName.MaximumLength > 0)
133 {
134 RtlCopyMemory(AuthInfo->UserName.Buffer,
135 UserName.Buffer,
136 UserName.MaximumLength);
137 }
138
139 Ptr += UserName.MaximumLength;
140
141 AuthInfo->Password.Length = Password.Length;
142 AuthInfo->Password.MaximumLength = Password.MaximumLength;
143 AuthInfo->Password.Buffer = (PWCHAR)Ptr;
144 if (Password.MaximumLength > 0)
145 {
146 RtlCopyMemory(AuthInfo->Password.Buffer,
147 Password.Buffer,
148 Password.MaximumLength);
149 }
150
151 /* Create the Logon SID*/
156 LogonId.HighPart,
157 LogonId.LowPart,
163 &LogonSid);
164 if (!NT_SUCCESS(Status))
165 goto done;
166
167 /* Create the Local SID*/
168 Status = RtlAllocateAndInitializeSid(&LocalAuthority,
169 1,
178 &LocalSid);
179 if (!NT_SUCCESS(Status))
180 goto done;
181
182 /* Allocate and set the token groups */
183 TokenGroups = RtlAllocateHeap(RtlGetProcessHeap(),
185 sizeof(TOKEN_GROUPS) + ((2 - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES)));
186 if (TokenGroups == NULL)
187 {
189 goto done;
190 }
191
192 TokenGroups->GroupCount = 2;
193 TokenGroups->Groups[0].Sid = LogonSid;
194 TokenGroups->Groups[0].Attributes = SE_GROUP_MANDATORY | SE_GROUP_ENABLED |
196 TokenGroups->Groups[1].Sid = LocalSid;
197 TokenGroups->Groups[1].Attributes = SE_GROUP_MANDATORY | SE_GROUP_ENABLED |
199
200 /* Set the token source */
201 RtlCopyMemory(TokenSource.SourceName, User32TokenSourceName, sizeof(TokenSource.SourceName));
202 AllocateLocallyUniqueId(&TokenSource.SourceIdentifier);
203
205 &OriginName,
208 (PVOID)AuthInfo,
209 AuthInfoLength,
214 &Luid,
216 &QuotaLimits,
217 SubStatus);
218 if (!NT_SUCCESS(Status))
219 {
220 ERR("LsaLogonUser failed (Status 0x%08lx)\n", Status);
221 goto done;
222 }
223
224 if (ProfileBuffer != NULL)
225 {
226 TRACE("ProfileBuffer: %p\n", ProfileBuffer);
227 TRACE("MessageType: %u\n", ProfileBuffer->MessageType);
228
229 TRACE("FullName: %p\n", ProfileBuffer->FullName.Buffer);
230 TRACE("FullName: %S\n", ProfileBuffer->FullName.Buffer);
231
232 TRACE("LogonServer: %p\n", ProfileBuffer->LogonServer.Buffer);
233 TRACE("LogonServer: %S\n", ProfileBuffer->LogonServer.Buffer);
234 }
235
236 TRACE("Luid: 0x%08lx%08lx\n", Luid.HighPart, Luid.LowPart);
237
238 if (TokenHandle != NULL)
239 TRACE("TokenHandle: %p\n", TokenHandle);
240
242
243done:
245
246 if (ProfileBuffer != NULL)
248
249 if (!NT_SUCCESS(Status) && (TokenHandle != NULL))
251
252 if (TokenGroups != NULL)
253 RtlFreeHeap(RtlGetProcessHeap(), 0, TokenGroups);
254
255 if (LocalSid != NULL)
257
258 if (LogonSid != NULL)
259 RtlFreeSid(LogonSid);
260
261 if (AuthInfo != NULL)
262 {
263 /* Zero out the password buffers before freeing */
265 SecureZeroMemory(&AuthInfo->Password, sizeof(AuthInfo->Password));
266 RtlFreeHeap(RtlGetProcessHeap(), 0, AuthInfo);
267 }
268
269 return Status;
270}
271
272/* EOF */
WCHAR SourceName[256]
Definition: arping.c:28
LONG NTSTATUS
Definition: precomp.h:26
PSID LocalSid
Definition: globals.c:15
HANDLE LsaHandle
Definition: wkssvc.c:41
#define ERR(fmt,...)
Definition: precomp.h:57
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:616
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:634
#define NULL
Definition: types.h:112
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
ULONG AuthenticationPackage
Definition: logon.c:18
BOOL WINAPI AllocateLocallyUniqueId(PLUID Luid)
Definition: security.c:1218
#define CloseHandle
Definition: compat.h:739
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
NTSTATUS MyLogonUser(HANDLE LsaHandle, ULONG AuthenticationPackage, LPWSTR lpszUsername, LPWSTR lpszDomain, LPWSTR lpszPassword, PHANDLE phToken, PNTSTATUS SubStatus)
Definition: lsa.c:55
static const CHAR User32TokenSourceName[]
Definition: lsa.c:51
NTSTATUS ConnectToLsa(PGINA_CONTEXT pgContext)
Definition: lsa.c:11
#define ULONG_PTR
Definition: config.h:101
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
Status
Definition: gdiplustypes.h:25
#define C_ASSERT(e)
Definition: intsafe.h:73
#define RTL_FIELD_SIZE(type, field)
Definition: kdb_expr.c:86
* PNTSTATUS
Definition: strlen.c:14
static SID_IDENTIFIER_AUTHORITY SystemAuthority
Definition: msgina.c:38
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:726
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
#define SE_GROUP_LOGON_ID
Definition: setypes.h:98
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
#define SE_GROUP_ENABLED
Definition: setypes.h:92
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
_IRQL_requires_same_ _Out_ PHANDLE _Out_ PLSA_OPERATIONAL_MODE SecurityMode
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
_IRQL_requires_same_ _In_ PLSA_STRING OriginName
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
NTSTATUS NTAPI LsaLogonUser(HANDLE, PLSA_STRING, SECURITY_LOGON_TYPE, ULONG, PVOID, ULONG, PTOKEN_GROUPS, PTOKEN_SOURCE, PVOID *, PULONG, PLUID, PHANDLE, PQUOTA_LIMITS, PNTSTATUS)
NTSTATUS NTAPI LsaLookupAuthenticationPackage(HANDLE, PLSA_STRING, PULONG)
@ Interactive
Definition: ntsecapi.h:289
#define MSV1_0_PACKAGE_NAME
Definition: ntsecapi.h:42
ULONG LSA_OPERATIONAL_MODE
Definition: ntsecapi.h:367
NTSTATUS NTAPI LsaFreeReturnBuffer(PVOID)
struct _MSV1_0_INTERACTIVE_LOGON MSV1_0_INTERACTIVE_LOGON
NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING, PHANDLE, PLSA_OPERATIONAL_MODE)
@ MsV1_0InteractiveLogon
Definition: ntsecapi.h:199
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
#define STATUS_SUCCESS
Definition: shellext.h:65
#define TRACE(s)
Definition: solgame.cpp:4
HANDLE LsaHandle
Definition: msgina.h:39
ULONG AuthenticationPackage
Definition: msgina.h:40
PCHAR Buffer
Definition: ntsecapi.h:174
LONG HighPart
DWORD LowPart
UNICODE_STRING Password
Definition: ntsecapi.h:437
UNICODE_STRING UserName
Definition: ntsecapi.h:436
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:434
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:435
USHORT MaximumLength
Definition: env_spec_w32.h:370
@ Password
Definition: telnetd.h:65
#define ANYSIZE_ARRAY
Definition: typedefs.h:46
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
uint32_t ULONG_PTR
Definition: typedefs.h:65
uint16_t * PWCHAR
Definition: typedefs.h:56
uint32_t ULONG
Definition: typedefs.h:59
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define SecureZeroMemory
Definition: winbase.h:1754
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE phToken
Definition: winbase.h:2756
_In_opt_ LPSTR _In_opt_ LPSTR lpszPassword
Definition: winbase.h:2753
_In_opt_ LPSTR lpszDomain
Definition: winbase.h:2752
#define SECURITY_LOGON_IDS_RID
Definition: setypes.h:560
#define SECURITY_LOCAL_SID_AUTHORITY
Definition: setypes.h:530
#define SECURITY_LOCAL_RID
Definition: setypes.h:542
#define SECURITY_NULL_RID
Definition: setypes.h:540
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
@ TokenSource
Definition: setypes.h:984
@ TokenGroups
Definition: setypes.h:979
#define SECURITY_LOGON_IDS_RID_COUNT
Definition: setypes.h:561
WCHAR * LPWSTR
Definition: xmlstorage.h:184
char CHAR
Definition: xmlstorage.h:175