ReactOS  0.4.13-dev-92-gf251225
lsasrv.h File Reference
#include <stdarg.h>
#include <windef.h>
#include <winbase.h>
#include <winreg.h>
#include <ndk/cmfuncs.h>
#include <ndk/exfuncs.h>
#include <ndk/kefuncs.h>
#include <ndk/mmfuncs.h>
#include <ndk/obfuncs.h>
#include <ndk/psfuncs.h>
#include <ndk/rtlfuncs.h>
#include <ndk/ketypes.h>
#include <ndk/setypes.h>
#include <ntsam.h>
#include <ntlsa.h>
#include <sddl.h>
#include <srmp.h>
#include <lsass.h>
#include <lsa_s.h>
#include <wine/debug.h>
Include dependency graph for lsasrv.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  _LSA_DB_OBJECT
 
struct  _LSAP_POLICY_AUDIT_EVENTS_DATA
 
struct  _LSAP_LOGON_CONTEXT
 
struct  _SAMPR_ULONG_ARRAY
 

Macros

#define WIN32_NO_STATUS
 
#define _INC_WINDOWS
 
#define COM_NO_WINDOWS_H
 
#define NTOS_MODE_USER
 
#define LSAP_DB_SIGNATURE   0x12345678
 
#define POLICY_AUDIT_EVENT_TYPE_COUNT   (AuditCategoryAccountLogon - AuditCategorySystem + 1)
 

Typedefs

typedef enum _LSA_DB_OBJECT_TYPE LSA_DB_OBJECT_TYPE
 
typedef enum _LSA_DB_OBJECT_TYPEPLSA_DB_OBJECT_TYPE
 
typedef struct _LSA_DB_OBJECT LSA_DB_OBJECT
 
typedef struct _LSA_DB_OBJECTPLSA_DB_OBJECT
 
typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATA LSAP_POLICY_AUDIT_EVENTS_DATA
 
typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATAPLSAP_POLICY_AUDIT_EVENTS_DATA
 
typedef struct _LSAP_LOGON_CONTEXT LSAP_LOGON_CONTEXT
 
typedef struct _LSAP_LOGON_CONTEXTPLSAP_LOGON_CONTEXT
 
typedef struct _SAMPR_ULONG_ARRAY SAMPR_ULONG_ARRAY
 
typedef struct _SAMPR_ULONG_ARRAYPSAMPR_ULONG_ARRAY
 

Enumerations

enum  _LSA_DB_OBJECT_TYPE {
  LsaDbIgnoreObject, LsaDbPolicyObject, LsaDbAccountObject, LsaDbDomainObject,
  LsaDbSecretObject
}
 

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (lsasrv)
 
NTSTATUS LsapInitAuthPackages (VOID)
 
NTSTATUS LsapLookupAuthenticationPackage (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
NTSTATUS LsapCallAuthenticationPackage (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
NTSTATUS LsapLogonUser (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
NTSTATUS StartAuthenticationPort (VOID)
 
NTSTATUS LsapInitDatabase (VOID)
 
NTSTATUS LsapCreateDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE HandleType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapOpenDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapValidateDbObject (IN LSAPR_HANDLE Handle, IN LSA_DB_OBJECT_TYPE HandleType, IN ACCESS_MASK GrantedAccess, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapCloseDbObject (IN PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapDeleteDbObject (IN PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapGetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
 
NTSTATUS LsapSetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
 
NTSTATUS LsapDeleteObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
 
VOID DsSetupInit (VOID)
 
NTSTATUS LsapInitSids (VOID)
 
ULONG LsapGetRelativeIdFromSid (PSID Sid)
 
NTSTATUS LsapLookupNames (DWORD Count, PRPC_UNICODE_STRING Names, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DWORD LookupOptions, DWORD ClientRevision)
 
NTSTATUS LsapLookupSids (PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_NAMES_EX TranslatedNames, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DWORD LookupOptions, DWORD ClientRevision)
 
NTSTATUS LsarStartRpcServer (VOID)
 
VOID LsapInitNotificationList (VOID)
 
NTSTATUS LsapRegisterNotification (PLSA_API_MSG RequestMsg)
 
VOID LsapNotifyPolicyChange (POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass)
 
NTSTATUS LsarQueryAuditLog (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryAuditEvents (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryPrimaryDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryPdAccount (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryServerRole (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryReplicaSource (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryDefaultQuota (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryModification (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryAuditFull (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryDnsDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryDnsDomainInt (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryLocalAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarSetAuditLog (PLSA_DB_OBJECT PolicyObject, PPOLICY_AUDIT_LOG_INFO Info)
 
NTSTATUS LsarSetAuditEvents (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_AUDIT_EVENTS_INFO Info)
 
NTSTATUS LsarSetPrimaryDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_PRIMARY_DOM_INFO Info)
 
NTSTATUS LsarSetAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
 
NTSTATUS LsarSetServerRole (PLSA_DB_OBJECT PolicyObject, PPOLICY_LSA_SERVER_ROLE_INFO Info)
 
NTSTATUS LsarSetReplicaSource (PLSA_DB_OBJECT PolicyObject, PPOLICY_LSA_REPLICA_SRCE_INFO Info)
 
NTSTATUS LsarSetDefaultQuota (PLSA_DB_OBJECT PolicyObject, PPOLICY_DEFAULT_QUOTA_INFO Info)
 
NTSTATUS LsarSetModification (PLSA_DB_OBJECT PolicyObject, PPOLICY_MODIFICATION_INFO Info)
 
NTSTATUS LsarSetAuditFull (PLSA_DB_OBJECT PolicyObject, PPOLICY_AUDIT_FULL_QUERY_INFO Info)
 
NTSTATUS LsarSetDnsDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
 
NTSTATUS LsarSetDnsDomainInt (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
 
NTSTATUS LsarSetLocalAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
 
NTSTATUS LsarpLookupPrivilegeName (PLUID Value, PRPC_UNICODE_STRING *Name)
 
NTSTATUS LsarpLookupPrivilegeDisplayName (PRPC_UNICODE_STRING Name, USHORT ClientLanguage, USHORT ClientSystemDefaultLanguage, PRPC_UNICODE_STRING *DisplayName, USHORT *LanguageReturned)
 
PLUID LsarpLookupPrivilegeValue (IN PRPC_UNICODE_STRING Name)
 
NTSTATUS LsarpEnumeratePrivileges (DWORD *EnumerationContext, PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer, DWORD PreferedMaximumLength)
 
NTSTATUS LsapLookupAccountRightName (ULONG RightValue, PRPC_UNICODE_STRING *Name)
 
ACCESS_MASK LsapLookupAccountRightValue (IN PRPC_UNICODE_STRING Name)
 
NTSTATUS LsapRegCloseKey (IN HANDLE KeyHandle)
 
NTSTATUS LsapRegCreateKey (IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName, IN ACCESS_MASK DesiredAccess, OUT HANDLE KeyHandle)
 
NTSTATUS LsapRegDeleteSubKey (IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
 
NTSTATUS LsapRegDeleteKey (IN HANDLE KeyHandle)
 
NTSTATUS LsapRegEnumerateSubKey (IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
 
NTSTATUS LsapRegOpenKey (IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName, IN ACCESS_MASK DesiredAccess, OUT HANDLE KeyHandle)
 
NTSTATUS LsapRegQueryKeyInfo (IN HANDLE KeyHandle, OUT PULONG SubKeyCount, OUT PULONG MaxSubKeyNameLength, OUT PULONG ValueCount)
 
NTSTATUS LsapRegDeleteValue (IN HANDLE KeyHandle, IN LPWSTR ValueName)
 
NTSTATUS LsapRegEnumerateValue (IN HANDLE KeyHandle, IN ULONG Index, OUT LPWSTR Name, IN OUT PULONG NameLength, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL)
 
NTSTATUS LsapRegQueryValue (IN HANDLE KeyHandle, IN LPWSTR ValueName, OUT PULONG Type OPTIONAL, OUT LPVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL)
 
NTSTATUS LsapRegSetValue (IN HANDLE KeyHandle, IN LPWSTR ValueName, IN ULONG Type, IN LPVOID Data, IN ULONG DataLength)
 
NTSTATUS LsapCreatePolicySd (PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
 
NTSTATUS LsapCreateAccountSd (PSECURITY_DESCRIPTOR *AccountSd, PULONG AccountSdSize)
 
NTSTATUS LsapCreateSecretSd (PSECURITY_DESCRIPTOR *SecretSd, PULONG SecretSdSize)
 
VOID LsapInitLogonSessions (VOID)
 
NTSTATUS NTAPI LsapCreateLogonSession (IN PLUID LogonId)
 
NTSTATUS NTAPI LsapDeleteLogonSession (IN PLUID LogonId)
 
NTSTATUS NTAPI LsapAddCredential (_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue, _In_ PLSA_STRING Credential)
 
NTSTATUS NTAPI LsapGetCredentials (_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _Inout_ PULONG QueryContext, _In_ BOOLEAN RetrieveAllCredentials, _Inout_ PLSA_STRING PrimaryKeyValue, _Out_ PULONG PrimaryKeyLength, _Out_ PLSA_STRING Credentials)
 
NTSTATUS NTAPI LsapDeleteCredential (_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue)
 
NTSTATUS LsapSetLogonSessionData (_In_ PLUID LogonId, _In_ ULONG LogonType, _In_ PUNICODE_STRING UserName, _In_ PUNICODE_STRING LogonDomain, _In_ PSID Sid)
 
NTSTATUS LsapEnumLogonSessions (IN OUT PLSA_API_MSG RequestMsg)
 
NTSTATUS LsapGetLogonSessionData (IN OUT PLSA_API_MSG RequestMsg)
 
NTSTATUS LsapRmInitializeServer (VOID)
 
NTSTATUS LsapRmCreateLogonSession (PLUID LogonId)
 
NTSTATUS LsapRmDeleteLogonSession (PLUID LogonId)
 
INT LsapLoadString (HINSTANCE hInstance, UINT uId, LPWSTR lpBuffer, INT nBufferMax)
 
INT LsapGetResourceStringLengthEx (_In_ HINSTANCE hInstance, _In_ UINT uId, _In_ USHORT usLanguage)
 
INT LsapLoadStringEx (_In_ HINSTANCE hInstance, _In_ UINT uId, _In_ USHORT usLanguage, _Out_ LPWSTR lpBuffer, _Out_ INT nBufferMax)
 
PSID LsapAppendRidToSid (PSID SrcSid, ULONG Rid)
 

Variables

NT_PRODUCT_TYPE LsapProductType
 
SID_IDENTIFIER_AUTHORITY NullSidAuthority
 
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
 
SID_IDENTIFIER_AUTHORITY LocalSidAuthority
 
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
 
SID_IDENTIFIER_AUTHORITY NtAuthority
 
PSID BuiltinDomainSid
 
UNICODE_STRING BuiltinDomainName
 
PSID AccountDomainSid
 
UNICODE_STRING AccountDomainName
 
PSID LsapWorldSid
 
PSID LsapNetworkSid
 
PSID LsapBatchSid
 
PSID LsapInteractiveSid
 
PSID LsapServiceSid
 
PSID LsapLocalSystemSid
 
PSID LsapAdministratorsSid
 

Macro Definition Documentation

◆ _INC_WINDOWS

#define _INC_WINDOWS

Definition at line 16 of file lsasrv.h.

◆ COM_NO_WINDOWS_H

#define COM_NO_WINDOWS_H

Definition at line 17 of file lsasrv.h.

◆ LSAP_DB_SIGNATURE

#define LSAP_DB_SIGNATURE   0x12345678

Definition at line 66 of file lsasrv.h.

◆ NTOS_MODE_USER

#define NTOS_MODE_USER

Definition at line 23 of file lsasrv.h.

◆ POLICY_AUDIT_EVENT_TYPE_COUNT

#define POLICY_AUDIT_EVENT_TYPE_COUNT   (AuditCategoryAccountLogon - AuditCategorySystem + 1)

Definition at line 68 of file lsasrv.h.

◆ WIN32_NO_STATUS

#define WIN32_NO_STATUS

Definition at line 15 of file lsasrv.h.

Typedef Documentation

◆ LSA_DB_OBJECT

◆ LSA_DB_OBJECT_TYPE

◆ LSAP_LOGON_CONTEXT

◆ LSAP_POLICY_AUDIT_EVENTS_DATA

◆ PLSA_DB_OBJECT

◆ PLSA_DB_OBJECT_TYPE

◆ PLSAP_LOGON_CONTEXT

◆ PLSAP_POLICY_AUDIT_EVENTS_DATA

◆ PSAMPR_ULONG_ARRAY

◆ SAMPR_ULONG_ARRAY

Enumeration Type Documentation

◆ _LSA_DB_OBJECT_TYPE

Enumerator
LsaDbIgnoreObject 
LsaDbPolicyObject 
LsaDbAccountObject 
LsaDbDomainObject 
LsaDbSecretObject 

Definition at line 46 of file lsasrv.h.

47 {
enum _LSA_DB_OBJECT_TYPE * PLSA_DB_OBJECT_TYPE
enum _LSA_DB_OBJECT_TYPE LSA_DB_OBJECT_TYPE

Function Documentation

◆ DsSetupInit()

VOID DsSetupInit ( VOID  )

Definition at line 22 of file dssetup.c.

23 {
25 
26  Status = RpcServerRegisterIf(dssetup_v0_0_s_ifspec,
27  NULL,
28  NULL);
29  if (Status != RPC_S_OK)
30  {
31  WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status);
32  return;
33  }
34 }
#define WARN(fmt,...)
Definition: debug.h:111
long RPC_STATUS
Definition: rpc.h:52
smooth NULL
Definition: ftsmooth.c:416
RPC_STATUS WINAPI RpcServerRegisterIf(RPC_IF_HANDLE IfSpec, UUID *MgrTypeUuid, RPC_MGR_EPV *MgrEpv)
Definition: rpc_server.c:1123
Status
Definition: gdiplustypes.h:24
#define RPC_S_OK
Definition: rpcnterr.h:22

Referenced by LsarStartRpcServer().

◆ LsapAddCredential()

NTSTATUS NTAPI LsapAddCredential ( _In_ PLUID  LogonId,
_In_ ULONG  AuthenticationPackage,
_In_ PLSA_STRING  PrimaryKeyValue,
_In_ PLSA_STRING  Credential 
)

Definition at line 214 of file session.c.

219 {
220 
221  return STATUS_SUCCESS;
222 }
return STATUS_SUCCESS
Definition: btrfs.c:2725

Referenced by LsapInitAuthPackages().

◆ LsapAppendRidToSid()

PSID LsapAppendRidToSid ( PSID  SrcSid,
ULONG  Rid 
)

Definition at line 152 of file utils.c.

155 {
156  ULONG Rids[8] = {0, 0, 0, 0, 0, 0, 0, 0};
157  UCHAR RidCount;
158  PSID DstSid;
159  ULONG i;
160 
161  RidCount = *RtlSubAuthorityCountSid(SrcSid);
162  if (RidCount >= 8)
163  return NULL;
164 
165  for (i = 0; i < RidCount; i++)
166  Rids[i] = *RtlSubAuthoritySid(SrcSid, i);
167 
168  Rids[RidCount] = Rid;
169  RidCount++;
170 
172  RidCount,
173  Rids[0],
174  Rids[1],
175  Rids[2],
176  Rids[3],
177  Rids[4],
178  Rids[5],
179  Rids[6],
180  Rids[7],
181  &DstSid);
182 
183  return DstSid;
184 }
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
smooth NULL
Definition: ftsmooth.c:416
NTSYSAPI PSID_IDENTIFIER_AUTHORITY NTAPI RtlIdentifierAuthoritySid(PSID Sid)
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
Definition: sid.c:104
unsigned char UCHAR
Definition: xmlstorage.h:181
unsigned int ULONG
Definition: retypes.h:1

Referenced by LsapAppendSidToGroups().

◆ LsapCallAuthenticationPackage()

NTSTATUS LsapCallAuthenticationPackage ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 545 of file authpackage.c.

547 {
548  PAUTH_PACKAGE Package;
549  PVOID LocalBuffer = NULL;
552 
553  TRACE("(%p %p)\n", RequestMsg, LogonContext);
554 
555  PackageId = RequestMsg->CallAuthenticationPackage.Request.AuthenticationPackage;
556 
557  /* Get the right authentication package */
559  if (Package == NULL)
560  {
561  TRACE("LsapGetAuthenticationPackage() failed to find a package\n");
562  return STATUS_NO_SUCH_PACKAGE;
563  }
564 
565  if (RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength > 0)
566  {
567  LocalBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
569  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength);
570  if (LocalBuffer == NULL)
571  {
573  }
574 
576  RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
577  LocalBuffer,
578  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
579  NULL);
580  if (!NT_SUCCESS(Status))
581  {
582  TRACE("NtReadVirtualMemory() failed (Status 0x%08lx)\n", Status);
583  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalBuffer);
584  return Status;
585  }
586  }
587 
588  Status = Package->LsaApCallPackage((PLSA_CLIENT_REQUEST)LogonContext,
589  LocalBuffer,
590  RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
591  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
592  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolReturnBuffer,
593  &RequestMsg->CallAuthenticationPackage.Reply.ReturnBufferLength,
594  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolStatus);
595  if (!NT_SUCCESS(Status))
596  {
597  TRACE("Package->LsaApCallPackage() failed (Status 0x%08lx)\n", Status);
598  }
599 
600  if (LocalBuffer != NULL)
601  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalBuffer);
602 
603  return Status;
604 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
struct _LSA_CALL_AUTHENTICATION_PACKAGE_MSG::@3326::@3328 Request
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
#define STATUS_NO_SUCH_PACKAGE
Definition: ntstatus.h:476
HANDLE ClientProcessHandle
Definition: lsasrv.h:79
smooth NULL
Definition: ftsmooth.c:416
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
#define TRACE(s)
Definition: solgame.cpp:4
struct _LSA_CALL_AUTHENTICATION_PACKAGE_MSG::@3326::@3329 Reply
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2691
Status
Definition: gdiplustypes.h:24
LSA_CALL_AUTHENTICATION_PACKAGE_MSG CallAuthenticationPackage
Definition: lsass.h:187
PLSA_AP_CALL_PACKAGE_INTERNAL LsaApCallPackage
Definition: authpackage.c:99
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
static PAUTH_PACKAGE LsapGetAuthenticationPackage(IN ULONG PackageId)
Definition: authpackage.c:341
unsigned int ULONG
Definition: retypes.h:1
static ULONG PackageId
Definition: authpackage.c:163

Referenced by AuthPortThreadRoutine().

◆ LsapCloseDbObject()

NTSTATUS LsapCloseDbObject ( IN PLSA_DB_OBJECT  DbObject)

◆ LsapCreateAccountSd()

NTSTATUS LsapCreateAccountSd ( PSECURITY_DESCRIPTOR AccountSd,
PULONG  AccountSdSize 
)

Definition at line 268 of file security.c.

270 {
271  SECURITY_DESCRIPTOR AbsoluteSd;
272  PSECURITY_DESCRIPTOR RelativeSd = NULL;
273  ULONG RelativeSdSize = 0;
274  PSID AdministratorsSid = NULL;
275  PSID EveryoneSid = NULL;
277  PACL Dacl = NULL;
278  ULONG DaclSize;
280 
281  if (AccountSd == NULL || AccountSdSize == NULL)
283 
284  *AccountSd = NULL;
285  *AccountSdSize = 0;
286 
287  /* Initialize the SD */
288  Status = RtlCreateSecurityDescriptor(&AbsoluteSd,
290  if (!NT_SUCCESS(Status))
291  return Status;
292 
294  2,
297  0,
298  0,
299  0,
300  0,
301  0,
302  0,
303  &AdministratorsSid);
304  if (!NT_SUCCESS(Status))
305  goto done;
306 
308  1,
310  0,
311  0,
312  0,
313  0,
314  0,
315  0,
316  0,
317  &EveryoneSid);
318  if (!NT_SUCCESS(Status))
319  goto done;
320 
322  1,
324  0,
325  0,
326  0,
327  0,
328  0,
329  0,
330  0,
331  &LocalSystemSid);
332  if (!NT_SUCCESS(Status))
333  goto done;
334 
335  /* Allocate and initialize the DACL */
336  DaclSize = sizeof(ACL) +
337  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AdministratorsSid) +
338  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(EveryoneSid);
339 
340  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
342  DaclSize);
343  if (Dacl == NULL)
344  {
346  goto done;
347  }
348 
350  DaclSize,
351  ACL_REVISION);
352  if (!NT_SUCCESS(Status))
353  goto done;
354 
356  ACL_REVISION,
358  AdministratorsSid);
359  if (!NT_SUCCESS(Status))
360  goto done;
361 
363  ACL_REVISION,
365  EveryoneSid);
366  if (!NT_SUCCESS(Status))
367  goto done;
368 
369  Status = RtlSetDaclSecurityDescriptor(&AbsoluteSd,
370  TRUE,
371  Dacl,
372  FALSE);
373  if (!NT_SUCCESS(Status))
374  goto done;
375 
378  FALSE);
379  if (!NT_SUCCESS(Status))
380  goto done;
381 
383  AdministratorsSid,
384  FALSE);
385  if (!NT_SUCCESS(Status))
386  goto done;
387 
388  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
389  RelativeSd,
390  &RelativeSdSize);
392  goto done;
393 
394  RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(),
396  RelativeSdSize);
397  if (RelativeSd == NULL)
398  {
400  goto done;
401  }
402 
403  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
404  RelativeSd,
405  &RelativeSdSize);
406  if (!NT_SUCCESS(Status))
407  goto done;
408 
409  *AccountSd = RelativeSd;
410  *AccountSdSize = RelativeSdSize;
411 
412 done:
413  if (Dacl != NULL)
414  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
415 
416  if (AdministratorsSid != NULL)
417  RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
418 
419  if (EveryoneSid != NULL)
420  RtlFreeHeap(RtlGetProcessHeap(), 0, EveryoneSid);
421 
422  if (LocalSystemSid != NULL)
423  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
424 
425  if (!NT_SUCCESS(Status))
426  {
427  if (RelativeSd != NULL)
428  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
429  }
430 
431  return Status;
432 }
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:546
#define TRUE
Definition: types.h:120
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
static ULONG
Definition: security.c:118
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
Definition: sd.c:410
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
#define ACCOUNT_ALL_ACCESS
Definition: ntlsa.h:33
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:64
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:15
#define ACCOUNT_EXECUTE
Definition: ntlsa.h:36
NTSYSAPI NTSTATUS NTAPI RtlAbsoluteToSelfRelativeSD(IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, IN PULONG BufferLength)
Definition: sd.c:626
struct _ACL ACL
smooth NULL
Definition: ftsmooth.c:416
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:16
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PSID LocalSystemSid
Definition: globals.c:16
#define SECURITY_WORLD_RID
Definition: setypes.h:513
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1553
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
Status
Definition: gdiplustypes.h:24
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1553
#define ACL_REVISION
Definition: setypes.h:39
unsigned int ULONG
Definition: retypes.h:1
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:624

Referenced by LsarpCreateAccount().

◆ LsapCreateDbObject()

NTSTATUS LsapCreateDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  HandleType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 590 of file database.c.

597 {
601  HANDLE ParentKeyHandle;
602  HANDLE ContainerKeyHandle = NULL;
603  HANDLE ObjectKeyHandle = NULL;
605 
606  if (DbObject == NULL)
608 
609  if (ParentObject == NULL)
610  ParentKeyHandle = SecurityKeyHandle;
611  else
612  ParentKeyHandle = ParentObject->KeyHandle;
613 
614  if (ContainerName != NULL)
615  {
616  /* Open the container key */
618  ContainerName);
619 
621  &KeyName,
623  ParentKeyHandle,
624  NULL);
625 
626  Status = NtOpenKey(&ContainerKeyHandle,
629  if (!NT_SUCCESS(Status))
630  {
631  return Status;
632  }
633 
634  /* Open the object key */
636  ObjectName);
637 
639  &KeyName,
641  ContainerKeyHandle,
642  NULL);
643 
644  Status = NtCreateKey(&ObjectKeyHandle,
647  0,
648  NULL,
649  0,
650  NULL);
651 
652  NtClose(ContainerKeyHandle);
653 
654  if (!NT_SUCCESS(Status))
655  {
656  return Status;
657  }
658  }
659  else
660  {
662  ObjectName);
663 
665  &KeyName,
667  ParentKeyHandle,
668  NULL);
669 
670  Status = NtCreateKey(&ObjectKeyHandle,
673  0,
674  NULL,
675  0,
676  NULL);
677  if (!NT_SUCCESS(Status))
678  {
679  return Status;
680  }
681  }
682 
683  NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
684  0,
685  sizeof(LSA_DB_OBJECT));
686  if (NewObject == NULL)
687  {
688  NtClose(ObjectKeyHandle);
689  return STATUS_NO_MEMORY;
690  }
691 
692  NewObject->Signature = LSAP_DB_SIGNATURE;
693  NewObject->RefCount = 1;
694  NewObject->ObjectType = ObjectType;
695  NewObject->Access = DesiredAccess;
696  NewObject->KeyHandle = ObjectKeyHandle;
697  NewObject->ParentObject = ParentObject;
698  NewObject->Trusted = Trusted;
699 
700  if (ParentObject != NULL)
701  ParentObject->RefCount++;
702 
703  *DbObject = NewObject;
704 
705  return STATUS_SUCCESS;
706 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
ObjectType
Definition: metafile.c:80
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4693
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
LONG NTSTATUS
Definition: precomp.h:26
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
smooth NULL
Definition: ftsmooth.c:416
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
static HANDLE SecurityKeyHandle
Definition: database.c:13
Status
Definition: gdiplustypes.h:24
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:66
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
#define STATUS_NO_MEMORY
Definition: ntstatus.h:246
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:71
return STATUS_SUCCESS
Definition: btrfs.c:2725

Referenced by LsarCreateSecret(), LsarpCreateAccount(), and LsarStorePrivateData().

◆ LsapCreateLogonSession()

NTSTATUS NTAPI LsapCreateLogonSession ( IN PLUID  LogonId)

Definition at line 117 of file session.c.

118 {
119  PLSAP_LOGON_SESSION Session;
121 
122  TRACE("LsapCreateLogonSession(%p)\n", LogonId);
123 
124  /* Fail, if a session already exists */
127 
128  /* Allocate a new session entry */
129  Session = RtlAllocateHeap(RtlGetProcessHeap(),
131  sizeof(LSAP_LOGON_SESSION));
132  if (Session == NULL)
134 
135  /* Initialize the session entry */
136  RtlCopyLuid(&Session->LogonId, LogonId);
137 
138  TRACE("LsapCreateLogonSession(<0x%lx,0x%lx>)\n",
139  LogonId->HighPart, LogonId->LowPart);
140 
141  /* Tell ntoskrnl to create a new logon session */
143  if (!NT_SUCCESS(Status))
144  {
145  RtlFreeHeap(RtlGetProcessHeap(), 0, Session);
146  return Status;
147  }
148 
149  /* Insert the new session into the session list */
150  InsertHeadList(&SessionListHead, &Session->Entry);
151  SessionCount++;
152 
153  return STATUS_SUCCESS;
154 }
#define STATUS_LOGON_SESSION_COLLISION
Definition: ntstatus.h:483
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
FORCEINLINE VOID InsertHeadList(_Inout_ PLIST_ENTRY ListHead, _Inout_ __drv_aliasesMem PLIST_ENTRY Entry)
Definition: rtlfuncs.h:201
static PLSAP_LOGON_SESSION LsapGetLogonSession(IN PLUID LogonId)
Definition: session.c:45
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
NTSTATUS LsapRmCreateLogonSession(PLUID LogonId)
Definition: srm.c:245
smooth NULL
Definition: ftsmooth.c:416
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
LIST_ENTRY SessionListHead
Definition: session.c:30
Status
Definition: gdiplustypes.h:24
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
return STATUS_SUCCESS
Definition: btrfs.c:2725
ULONG SessionCount
Definition: session.c:31
LIST_ENTRY Entry
Definition: session.c:13

Referenced by LsapInitAuthPackages().

◆ LsapCreatePolicySd()

NTSTATUS LsapCreatePolicySd ( PSECURITY_DESCRIPTOR PolicySd,
PULONG  PolicySdSize 
)

Definition at line 14 of file security.c.

16 {
17  SECURITY_DESCRIPTOR AbsoluteSd;
18  PSECURITY_DESCRIPTOR RelativeSd = NULL;
19  ULONG RelativeSdSize = 0;
20  PSID AnonymousSid = NULL;
21  PSID AdministratorsSid = NULL;
22  PSID EveryoneSid = NULL;
26  PACL Dacl = NULL;
29 
30  if (PolicySd == NULL || PolicySdSize == NULL)
32 
33  *PolicySd = NULL;
34  *PolicySdSize = 0;
35 
36  /* Initialize the SD */
37  Status = RtlCreateSecurityDescriptor(&AbsoluteSd,
39  if (!NT_SUCCESS(Status))
40  return Status;
41 
43  1,
45  0,
46  0,
47  0,
48  0,
49  0,
50  0,
51  0,
52  &AnonymousSid);
53  if (!NT_SUCCESS(Status))
54  goto done;
55 
57  2,
60  0,
61  0,
62  0,
63  0,
64  0,
65  0,
66  &AdministratorsSid);
67  if (!NT_SUCCESS(Status))
68  goto done;
69 
71  1,
73  0,
74  0,
75  0,
76  0,
77  0,
78  0,
79  0,
80  &EveryoneSid);
81  if (!NT_SUCCESS(Status))
82  goto done;
83 
85  1,
87  0,
88  0,
89  0,
90  0,
91  0,
92  0,
93  0,
95  if (!NT_SUCCESS(Status))
96  goto done;
97 
99  1,
101  0,
102  0,
103  0,
104  0,
105  0,
106  0,
107  0,
109  if (!NT_SUCCESS(Status))
110  goto done;
111 
113  1,
115  0,
116  0,
117  0,
118  0,
119  0,
120  0,
121  0,
122  &LocalSystemSid);
123  if (!NT_SUCCESS(Status))
124  goto done;
125 
126  /* Allocate and initialize the DACL */
127  DaclSize = sizeof(ACL) +
128  sizeof(ACCESS_DENIED_ACE) - sizeof(ULONG) + RtlLengthSid(AnonymousSid) +
129  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AdministratorsSid) +
130  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(EveryoneSid) +
131  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AnonymousSid) +
134 
135  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
137  DaclSize);
138  if (Dacl == NULL)
139  {
141  goto done;
142  }
143 
145  DaclSize,
146  ACL_REVISION);
147  if (!NT_SUCCESS(Status))
148  goto done;
149 
151  ACL_REVISION,
153  AnonymousSid);
154  if (!NT_SUCCESS(Status))
155  goto done;
156 
158  ACL_REVISION,
160  AdministratorsSid);
161  if (!NT_SUCCESS(Status))
162  goto done;
163 
165  ACL_REVISION,
167  EveryoneSid);
168  if (!NT_SUCCESS(Status))
169  goto done;
170 
172  ACL_REVISION,
174  AnonymousSid);
175  if (!NT_SUCCESS(Status))
176  goto done;
177 
179  ACL_REVISION,
182  if (!NT_SUCCESS(Status))
183  goto done;
184 
186  ACL_REVISION,
189  if (!NT_SUCCESS(Status))
190  goto done;
191 
192  Status = RtlSetDaclSecurityDescriptor(&AbsoluteSd,
193  TRUE,
194  Dacl,
195  FALSE);
196  if (!NT_SUCCESS(Status))
197  goto done;
198 
201  FALSE);
202  if (!NT_SUCCESS(Status))
203  goto done;
204 
206  AdministratorsSid,
207  FALSE);
208  if (!NT_SUCCESS(Status))
209  goto done;
210 
211  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
212  RelativeSd,
213  &RelativeSdSize);
215  goto done;
216 
217  RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(),
219  RelativeSdSize);
220  if (RelativeSd == NULL)
221  {
223  goto done;
224  }
225 
226  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
227  RelativeSd,
228  &RelativeSdSize);
229  if (!NT_SUCCESS(Status))
230  goto done;
231 
232  *PolicySd = RelativeSd;
233  *PolicySdSize = RelativeSdSize;
234 
235 done:
236  if (Dacl != NULL)
237  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
238 
239  if (AnonymousSid != NULL)
240  RtlFreeHeap(RtlGetProcessHeap(), 0, AnonymousSid);
241 
242  if (AdministratorsSid != NULL)
243  RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
244 
245  if (EveryoneSid != NULL)
246  RtlFreeHeap(RtlGetProcessHeap(), 0, EveryoneSid);
247 
248  if (LocalServiceSid != NULL)
249  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalServiceSid);
250 
251  if (NetworkServiceSid != NULL)
252  RtlFreeHeap(RtlGetProcessHeap(), 0, NetworkServiceSid);
253 
254  if (LocalSystemSid != NULL)
255  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
256 
257  if (!NT_SUCCESS(Status))
258  {
259  if (RelativeSd != NULL)
260  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
261  }
262 
263  return Status;
264 }
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:546
#define TRUE
Definition: types.h:120
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
static ULONG
Definition: security.c:118
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
Definition: sd.c:410
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
#define POLICY_VIEW_LOCAL_INFORMATION
Definition: ntsecapi.h:61
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:64
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:15
NTSYSAPI NTSTATUS NTAPI RtlAbsoluteToSelfRelativeSD(IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, IN PULONG BufferLength)
Definition: sd.c:626
struct _ACL ACL
smooth NULL
Definition: ftsmooth.c:416
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:547
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:16
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
#define POLICY_LOOKUP_NAMES
Definition: ntsecapi.h:72
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PSID LocalSystemSid
Definition: globals.c:16
#define SECURITY_WORLD_RID
Definition: setypes.h:513
#define SECURITY_ANONYMOUS_LOGON_RID
Definition: setypes.h:535
PSID LocalServiceSid
Definition: globals.c:16
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1553
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:548
Status
Definition: gdiplustypes.h:24
#define POLICY_EXECUTE
Definition: ntsecapi.h:76
PSID NetworkServiceSid
Definition: globals.c:16
#define POLICY_ALL_ACCESS
Definition: ntsecapi.h:77
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1553
#define ACL_REVISION
Definition: setypes.h:39
unsigned int ULONG
Definition: retypes.h:1
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:624
#define POLICY_NOTIFICATION
Definition: ntsecapi.h:73
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)

Referenced by LsapCreateDatabaseObjects().

◆ LsapCreateSecretSd()

NTSTATUS LsapCreateSecretSd ( PSECURITY_DESCRIPTOR SecretSd,
PULONG  SecretSdSize 
)

Definition at line 436 of file security.c.

438 {
439  SECURITY_DESCRIPTOR AbsoluteSd;
440  PSECURITY_DESCRIPTOR RelativeSd = NULL;
441  ULONG RelativeSdSize = 0;
442  PSID AdministratorsSid = NULL;
443  PSID EveryoneSid = NULL;
445  PACL Dacl = NULL;
446  ULONG DaclSize;
448 
449  if (SecretSd == NULL || SecretSdSize == NULL)
451 
452  *SecretSd = NULL;
453  *SecretSdSize = 0;
454 
455  /* Initialize the SD */
456  Status = RtlCreateSecurityDescriptor(&AbsoluteSd,
458  if (!NT_SUCCESS(Status))
459  return Status;
460 
462  2,
465  0,
466  0,
467  0,
468  0,
469  0,
470  0,
471  &AdministratorsSid);
472  if (!NT_SUCCESS(Status))
473  goto done;
474 
476  1,
478  0,
479  0,
480  0,
481  0,
482  0,
483  0,
484  0,
485  &EveryoneSid);
486  if (!NT_SUCCESS(Status))
487  goto done;
488 
490  1,
492  0,
493  0,
494  0,
495  0,
496  0,
497  0,
498  0,
499  &LocalSystemSid);
500  if (!NT_SUCCESS(Status))
501  goto done;
502 
503  /* Allocate and initialize the DACL */
504  DaclSize = sizeof(ACL) +
505  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AdministratorsSid) +
506  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(EveryoneSid);
507 
508  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
510  DaclSize);
511  if (Dacl == NULL)
512  {
514  goto done;
515  }
516 
518  DaclSize,
519  ACL_REVISION);
520  if (!NT_SUCCESS(Status))
521  goto done;
522 
524  ACL_REVISION,
526  AdministratorsSid);
527  if (!NT_SUCCESS(Status))
528  goto done;
529 
531  ACL_REVISION,
533  EveryoneSid);
534  if (!NT_SUCCESS(Status))
535  goto done;
536 
537  Status = RtlSetDaclSecurityDescriptor(&AbsoluteSd,
538  TRUE,
539  Dacl,
540  FALSE);
541  if (!NT_SUCCESS(Status))
542  goto done;
543 
546  FALSE);
547  if (!NT_SUCCESS(Status))
548  goto done;
549 
551  AdministratorsSid,
552  FALSE);
553  if (!NT_SUCCESS(Status))
554  goto done;
555 
556  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
557  RelativeSd,
558  &RelativeSdSize);
560  goto done;
561 
562  RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(),
564  RelativeSdSize);
565  if (RelativeSd == NULL)
566  {
568  goto done;
569  }
570 
571  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
572  RelativeSd,
573  &RelativeSdSize);
574  if (!NT_SUCCESS(Status))
575  goto done;
576 
577  *SecretSd = RelativeSd;
578  *SecretSdSize = RelativeSdSize;
579 
580 done:
581  if (Dacl != NULL)
582  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
583 
584  if (AdministratorsSid != NULL)
585  RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
586 
587  if (EveryoneSid != NULL)
588  RtlFreeHeap(RtlGetProcessHeap(), 0, EveryoneSid);
589 
590  if (LocalSystemSid != NULL)
591  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
592 
593  if (!NT_SUCCESS(Status))
594  {
595  if (RelativeSd != NULL)
596  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
597  }
598 
599  return Status;
600 }
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:546
#define TRUE
Definition: types.h:120
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
static ULONG
Definition: security.c:118
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
Definition: sd.c:410
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:64
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:15
NTSYSAPI NTSTATUS NTAPI RtlAbsoluteToSelfRelativeSD(IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, IN PULONG BufferLength)
Definition: sd.c:626
struct _ACL ACL
smooth NULL
Definition: ftsmooth.c:416
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:16
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
#define SECRET_ALL_ACCESS
Definition: ntlsa.h:41
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PSID LocalSystemSid
Definition: globals.c:16
#define SECURITY_WORLD_RID
Definition: setypes.h:513
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1553
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
Status
Definition: gdiplustypes.h:24
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1553
#define ACL_REVISION
Definition: setypes.h:39
unsigned int ULONG
Definition: retypes.h:1
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:624
#define SECRET_EXECUTE
Definition: ntlsa.h:44

Referenced by LsarCreateSecret().

◆ LsapDeleteCredential()

NTSTATUS NTAPI LsapDeleteCredential ( _In_ PLUID  LogonId,
_In_ ULONG  AuthenticationPackage,
_In_ PLSA_STRING  PrimaryKeyValue 
)

Definition at line 243 of file session.c.

247 {
248 
249  return STATUS_SUCCESS;
250 }
return STATUS_SUCCESS
Definition: btrfs.c:2725

Referenced by LsapInitAuthPackages().

◆ LsapDeleteDbObject()

NTSTATUS LsapDeleteDbObject ( IN PLSA_DB_OBJECT  DbObject)

Definition at line 899 of file database.c.

900 {
901  PLSA_DB_OBJECT ParentObject = NULL;
902  WCHAR KeyName[64];
903  ULONG Index;
905 
906  DbObject->RefCount--;
907 
908  if (DbObject->RefCount > 0)
909  return STATUS_SUCCESS;
910 
911  if (DbObject->KeyHandle != NULL)
912  {
913  Index = 0;
914 
915  while (TRUE)
916  {
917  Status = LsapRegEnumerateSubKey(DbObject->KeyHandle,
918  Index,
919  sizeof(KeyName),
920  KeyName);
921  if (!NT_SUCCESS(Status))
922  break;
923 
924  TRACE("Index: %lu\n", Index);
925  TRACE("Key name: %S\n", KeyName);
926 
927  Status = LsapRegDeleteSubKey(DbObject->KeyHandle,
928  KeyName);
929  if (!NT_SUCCESS(Status))
930  break;
931  }
932 
935 
936  LsapRegDeleteKey(DbObject->KeyHandle);
937 
938  NtClose(DbObject->KeyHandle);
939  }
940 
941  if (DbObject->ParentObject != NULL)
942  ParentObject = DbObject->ParentObject;
943 
944  RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
945 
946  if (ParentObject != NULL)
947  {
948  ParentObject->RefCount--;
949 
950  if (ParentObject->RefCount == 0)
951  Status = LsapCloseDbObject(ParentObject);
952  }
953 
954  return Status;
955 }
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4693
#define TRUE
Definition: types.h:120
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:193
LONG NTSTATUS
Definition: precomp.h:26
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:63
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
Definition: registry.c:89
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:868
smooth NULL
Definition: ftsmooth.c:416
#define TRACE(s)
Definition: solgame.cpp:4
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
static const UCHAR Index[8]
Definition: usbohci.c:18
ULONG RefCount
Definition: lsasrv.h:59
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
Status
Definition: gdiplustypes.h:24
unsigned int ULONG
Definition: retypes.h:1
return STATUS_SUCCESS
Definition: btrfs.c:2725
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
Definition: registry.c:96

Referenced by LsarDeleteObject(), and LsarStorePrivateData().

◆ LsapDeleteLogonSession()

NTSTATUS NTAPI LsapDeleteLogonSession ( IN PLUID  LogonId)

Definition at line 159 of file session.c.

160 {
161  PLSAP_LOGON_SESSION Session;
163 
164  TRACE("LsapDeleteLogonSession(%p)\n", LogonId);
165 
166  /* Fail, if the session does not exist */
167  Session = LsapGetLogonSession(LogonId);
168  if (Session == NULL)
170 
171  TRACE("LsapDeleteLogonSession(<0x%lx,0x%lx>)\n",
172  LogonId->HighPart, LogonId->LowPart);
173 
174  /* Tell ntoskrnl to delete the logon session */
176  if (!NT_SUCCESS(Status))
177  return Status;
178 
179  /* Remove the session entry from the list */
180  RemoveEntryList(&Session->Entry);
181  SessionCount--;
182 
183  /* Free the session data */
184  if (Session->Sid != NULL)
185  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->Sid);
186 
187  if (Session->UserName.Buffer != NULL)
188  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->UserName.Buffer);
189 
190  if (Session->LogonDomain.Buffer != NULL)
191  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->LogonDomain.Buffer);
192 
193  if (Session->AuthenticationPackage.Buffer != NULL)
194  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->AuthenticationPackage.Buffer);
195 
196  if (Session->LogonServer.Buffer != NULL)
197  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->LogonServer.Buffer);
198 
199  if (Session->DnsDomainName.Buffer != NULL)
200  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->DnsDomainName.Buffer);
201 
202  if (Session->Upn.Buffer != NULL)
203  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->Upn.Buffer);
204 
205  /* Free the session entry */
206  RtlFreeHeap(RtlGetProcessHeap(), 0, Session);
207 
208  return STATUS_SUCCESS;
209 }
#define STATUS_NO_SUCH_LOGON_SESSION
Definition: ntstatus.h:317
static PLSAP_LOGON_SESSION LsapGetLogonSession(IN PLUID LogonId)
Definition: session.c:45
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
UNICODE_STRING UserName
Definition: session.c:19
UNICODE_STRING LogonServer
Definition: session.c:22
UNICODE_STRING LogonDomain
Definition: session.c:20
UNICODE_STRING AuthenticationPackage
Definition: session.c:21
FORCEINLINE BOOLEAN RemoveEntryList(_In_ PLIST_ENTRY Entry)
Definition: rtlfuncs.h:105
NTSTATUS LsapRmDeleteLogonSession(PLUID LogonId)
Definition: srm.c:285
smooth NULL
Definition: ftsmooth.c:416
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
UNICODE_STRING DnsDomainName
Definition: session.c:23
Status
Definition: gdiplustypes.h:24
UNICODE_STRING Upn
Definition: session.c:24
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
return STATUS_SUCCESS
Definition: btrfs.c:2725
ULONG SessionCount
Definition: session.c:31
LIST_ENTRY Entry
Definition: session.c:13

Referenced by LsapInitAuthPackages().

◆ LsapDeleteObjectAttribute()

NTSTATUS LsapDeleteObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName 
)

Definition at line 1080 of file database.c.

1082 {
1083  return LsapRegDeleteSubKey(DbObject->KeyHandle,
1084  AttributeName);
1085 }
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
HANDLE KeyHandle
Definition: lsasrv.h:61

Referenced by LsarRemovePrivilegesFromAccount().

◆ LsapEnumLogonSessions()

NTSTATUS LsapEnumLogonSessions ( IN OUT PLSA_API_MSG  RequestMsg)

Definition at line 254 of file session.c.

255 {
258  PLIST_ENTRY SessionEntry;
259  PLSAP_LOGON_SESSION CurrentSession;
260  PLUID SessionList;
261  ULONG i, Length;
262  SIZE_T MemSize;
263  PVOID ClientBaseAddress = NULL;
265 
266  TRACE("LsapEnumLogonSessions(%p)\n", RequestMsg);
267 
268  Length = SessionCount * sizeof(LUID);
269  SessionList = RtlAllocateHeap(RtlGetProcessHeap(),
271  Length);
272  if (SessionList == NULL)
274 
275  i = 0;
276  SessionEntry = SessionListHead.Flink;
277  while (SessionEntry != &SessionListHead)
278  {
279  CurrentSession = CONTAINING_RECORD(SessionEntry,
281  Entry);
282 
283  RtlCopyLuid(&SessionList[i],
284  &CurrentSession->LogonId);
285 
286  SessionEntry = SessionEntry->Flink;
287  i++;
288  }
289 
291  NULL,
292  0,
293  NULL,
294  NULL);
295 
299  &RequestMsg->h.ClientId);
300  if (!NT_SUCCESS(Status))
301  {
302  TRACE("NtOpenProcess() failed (Status %lx)\n", Status);
303  goto done;
304  }
305 
306  TRACE("Length: %lu\n", Length);
307 
308  MemSize = Length;
310  &ClientBaseAddress,
311  0,
312  &MemSize,
313  MEM_COMMIT,
315  if (!NT_SUCCESS(Status))
316  {
317  TRACE("NtAllocateVirtualMemory() failed (Status %lx)\n", Status);
318  goto done;
319  }
320 
321  TRACE("MemSize: %lu\n", MemSize);
322  TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
323 
325  ClientBaseAddress,
326  SessionList,
327  Length,
328  NULL);
329  if (!NT_SUCCESS(Status))
330  {
331  TRACE("NtWriteVirtualMemory() failed (Status %lx)\n", Status);
332  goto done;
333  }
334 
335  RequestMsg->EnumLogonSessions.Reply.LogonSessionCount = SessionCount;
336  RequestMsg->EnumLogonSessions.Reply.LogonSessionBuffer = ClientBaseAddress;
337 
338 done:
339  if (ProcessHandle != NULL)
341 
342  if (SessionList != NULL)
343  RtlFreeHeap(RtlGetProcessHeap(), 0, SessionList);
344 
345  return Status;
346 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
#define MEM_COMMIT
Definition: nt_native.h:1313
NTSTATUS NTAPI NtOpenProcess(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId)
Definition: process.c:1440
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
struct _LUID LUID
smooth NULL
Definition: ftsmooth.c:416
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
struct _LIST_ENTRY * Flink
Definition: typedefs.h:119
#define TRACE(s)
Definition: solgame.cpp:4
#define PROCESS_VM_WRITE
Definition: pstypes.h:154
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
LIST_ENTRY SessionListHead
Definition: session.c:30
Definition: typedefs.h:117
Status
Definition: gdiplustypes.h:24
ULONG_PTR SIZE_T
Definition: typedefs.h:78
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
Definition: virtual.c:4367
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
#define PROCESS_VM_READ
Definition: pstypes.h:153
unsigned int ULONG
Definition: retypes.h:1
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define PROCESS_VM_OPERATION
Definition: pstypes.h:152
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
NTSTATUS NTAPI NtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN SIZE_T NumberOfBytesToWrite, OUT PSIZE_T NumberOfBytesWritten OPTIONAL)
Definition: virtual.c:2805
ULONG SessionCount
Definition: session.c:31
base of all file and directory entries
Definition: entries.h:82
#define PAGE_READWRITE
Definition: nt_native.h:1304

Referenced by AuthPortThreadRoutine().

◆ LsapGetCredentials()

NTSTATUS NTAPI LsapGetCredentials ( _In_ PLUID  LogonId,
_In_ ULONG  AuthenticationPackage,
_Inout_ PULONG  QueryContext,
_In_ BOOLEAN  RetrieveAllCredentials,
_Inout_ PLSA_STRING  PrimaryKeyValue,
_Out_ PULONG  PrimaryKeyLength,
_Out_ PLSA_STRING  Credentials 
)

Definition at line 227 of file session.c.

235 {
236 
237  return STATUS_SUCCESS;
238 }
return STATUS_SUCCESS
Definition: btrfs.c:2725

Referenced by LsapInitAuthPackages().

◆ LsapGetLogonSessionData()

NTSTATUS LsapGetLogonSessionData ( IN OUT PLSA_API_MSG  RequestMsg)

Definition at line 350 of file session.c.

351 {
354  PLSAP_LOGON_SESSION Session;
355  PSECURITY_LOGON_SESSION_DATA LocalSessionData;
356  PVOID ClientBaseAddress = NULL;
357  ULONG TotalLength, SidLength = 0;
358  SIZE_T MemSize;
359  PUCHAR Ptr;
361 
362  TRACE("LsapGetLogonSessionData(%p)\n", RequestMsg);
363 
364  TRACE("LogonId: %lx\n", RequestMsg->GetLogonSessionData.Request.LogonId.LowPart);
365  Session = LsapGetLogonSession(&RequestMsg->GetLogonSessionData.Request.LogonId);
366  if (Session == NULL)
368 
369  /* Calculate the required buffer size */
371  Session->UserName.MaximumLength +
372  Session->LogonDomain.MaximumLength +
374  Session->LogonServer.MaximumLength +
375  Session->DnsDomainName.MaximumLength +
376  Session->Upn.MaximumLength;
377  if (Session->Sid != NULL)
378  {
379  SidLength = RtlLengthSid(Session->Sid);
380  TotalLength += SidLength;
381  }
382  TRACE("TotalLength: %lu\n", TotalLength);
383 
384  /* Allocate the buffer */
385  LocalSessionData = RtlAllocateHeap(RtlGetProcessHeap(),
387  TotalLength);
388  if (LocalSessionData == NULL)
390 
391  Ptr = (PUCHAR)((ULONG_PTR)LocalSessionData + sizeof(SECURITY_LOGON_SESSION_DATA));
392  TRACE("LocalSessionData: %p Ptr: %p\n", LocalSessionData, Ptr);
393 
394  LocalSessionData->Size = sizeof(SECURITY_LOGON_SESSION_DATA);
395 
396  /* Copy the LogonId */
397  RtlCopyLuid(&LocalSessionData->LogonId,
398  &RequestMsg->GetLogonSessionData.Request.LogonId);
399 
400  /* Copy the UserName string*/
401  LocalSessionData->UserName.Length = Session->UserName.Length;
402  LocalSessionData->UserName.MaximumLength = Session->UserName.MaximumLength;
403 
404  if (Session->UserName.MaximumLength != 0)
405  {
406  RtlCopyMemory(Ptr, Session->UserName.Buffer, Session->UserName.MaximumLength);
407  LocalSessionData->UserName.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
408 
409  Ptr = (PUCHAR)((ULONG_PTR)Ptr + Session->UserName.MaximumLength);
410  }
411 
412  /* Copy the LogonDomain string */
413  LocalSessionData->LogonDomain.Length = Session->LogonDomain.Length;
414  LocalSessionData->LogonDomain.MaximumLength = Session->LogonDomain.MaximumLength;
415  if (Session->LogonDomain.MaximumLength != 0)
416  {
418  LocalSessionData->LogonDomain.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
419 
420  Ptr = (PUCHAR)((ULONG_PTR)Ptr + Session->LogonDomain.MaximumLength);
421  }
422 
423  /* Copy the AuthenticationPackage string */
424  LocalSessionData->AuthenticationPackage.Length = Session->AuthenticationPackage.Length;
425  LocalSessionData->AuthenticationPackage.MaximumLength = Session->AuthenticationPackage.MaximumLength;
426  if (Session->AuthenticationPackage.MaximumLength != 0)
427  {
429  LocalSessionData->AuthenticationPackage.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
430 
432  }
433 
434  LocalSessionData->LogonType = Session->LogonType;
435  LocalSessionData->Session = 0;
436 
437  /* Sid */
438  if (Session->Sid != NULL)
439  {
440  RtlCopyMemory(Ptr, Session->Sid, SidLength);
441  LocalSessionData->Sid = (PSID)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
442 
443  Ptr = (PUCHAR)((ULONG_PTR)Ptr + SidLength);
444  }
445 
446  /* LogonTime */
447  LocalSessionData->LogonTime.QuadPart = Session->LogonTime.QuadPart;
448 
449  /* Copy the LogonServer string */
450  LocalSessionData->LogonServer.Length = Session->LogonServer.Length;
451  LocalSessionData->LogonServer.MaximumLength = Session->LogonServer.MaximumLength;
452  if (Session->LogonServer.MaximumLength != 0)
453  {
455  LocalSessionData->LogonServer.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
456 
457  Ptr = (PUCHAR)((ULONG_PTR)Ptr + Session->LogonServer.MaximumLength);
458  }
459 
460  /* Copy the DnsDomainName string */
461  LocalSessionData->DnsDomainName.Length = Session->DnsDomainName.Length;
462  LocalSessionData->DnsDomainName.MaximumLength = Session->DnsDomainName.MaximumLength;
463  if (Session->DnsDomainName.MaximumLength != 0)
464  {
466  LocalSessionData->DnsDomainName.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
467 
469  }
470 
471  /* Copy the Upn string */
472  LocalSessionData->Upn.Length = Session->Upn.Length;
473  LocalSessionData->Upn.MaximumLength = Session->Upn.MaximumLength;
474  if (Session->Upn.MaximumLength != 0)
475  {
476  RtlCopyMemory(Ptr, Session->Upn.Buffer, Session->Upn.MaximumLength);
477  LocalSessionData->Upn.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
478 
479  Ptr = (PUCHAR)((ULONG_PTR)Ptr + Session->Upn.MaximumLength);
480  }
481 
482 
484  NULL,
485  0,
486  NULL,
487  NULL);
488 
492  &RequestMsg->h.ClientId);
493  if (!NT_SUCCESS(Status))
494  {
495  TRACE("NtOpenProcess() failed (Status %lx)\n", Status);
496  goto done;
497  }
498 
499  MemSize = TotalLength;
501  &ClientBaseAddress,
502  0,
503  &MemSize,
504  MEM_COMMIT,
506  if (!NT_SUCCESS(Status))
507  {
508  TRACE("NtAllocateVirtualMemory() failed (Status %lx)\n", Status);
509  goto done;
510  }
511 
512  TRACE("MemSize: %lu\n", MemSize);
513  TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
514 
516  ClientBaseAddress,
517  LocalSessionData,
518  TotalLength,
519  NULL);
520  if (!NT_SUCCESS(Status))
521  {
522  TRACE("NtWriteVirtualMemory() failed (Status %lx)\n", Status);
523  goto done;
524  }
525 
526  RequestMsg->GetLogonSessionData.Reply.SessionDataBuffer = ClientBaseAddress;
527 
528 done:
529  if (ProcessHandle != NULL)
531 
532  if (LocalSessionData != NULL)
533  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSessionData);
534 
535  return Status;
536 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
USHORT MaximumLength
Definition: env_spec_w32.h:370
struct _SECURITY_LOGON_SESSION_DATA SECURITY_LOGON_SESSION_DATA
#define STATUS_NO_SUCH_LOGON_SESSION
Definition: ntstatus.h:317
uint16_t * PWSTR
Definition: typedefs.h:54
static PLSAP_LOGON_SESSION LsapGetLogonSession(IN PLUID LogonId)
Definition: session.c:45
unsigned char * PUCHAR
Definition: retypes.h:3
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
UNICODE_STRING UserName
Definition: session.c:19
UNICODE_STRING LogonServer
Definition: session.c:22
_In_ ULONG TotalLength
Definition: usbdlib.h:145
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
#define MEM_COMMIT
Definition: nt_native.h:1313
UNICODE_STRING LogonDomain
Definition: session.c:20
NTSTATUS NTAPI NtOpenProcess(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId)
Definition: process.c:1440
UNICODE_STRING AuthenticationPackage
Definition: session.c:21
uint32_t ULONG_PTR
Definition: typedefs.h:63
smooth NULL
Definition: ftsmooth.c:416
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
#define TRACE(s)
Definition: solgame.cpp:4
#define PROCESS_VM_WRITE
Definition: pstypes.h:154
if(!(yy_init))
Definition: macro.lex.yy.c:714
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
UNICODE_STRING DnsDomainName
Definition: session.c:23
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
struct _SID * PSID
Definition: eventlog.c:35
Status
Definition: gdiplustypes.h:24
UNICODE_STRING Upn
Definition: session.c:24
ULONG_PTR SIZE_T
Definition: typedefs.h:78
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
Definition: virtual.c:4367
USHORT MaximumLength
Definition: ntsecapi.h:164
LARGE_INTEGER LogonTime
Definition: session.c:17
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
#define PROCESS_VM_READ
Definition: pstypes.h:153
unsigned int ULONG
Definition: retypes.h:1
#define ULONG_PTR
Definition: config.h:101
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define PROCESS_VM_OPERATION
Definition: pstypes.h:152
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
NTSTATUS NTAPI NtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN SIZE_T NumberOfBytesToWrite, OUT PSIZE_T NumberOfBytesWritten OPTIONAL)
Definition: virtual.c:2805
LSA_UNICODE_STRING UserName
Definition: ntsecapi.h:303
LONGLONG QuadPart
Definition: typedefs.h:112
#define PAGE_READWRITE
Definition: nt_native.h:1304

Referenced by AuthPortThreadRoutine().

◆ LsapGetObjectAttribute()

NTSTATUS LsapGetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
PULONG  AttributeSize 
)

Definition at line 1010 of file database.c.

1014 {
1017  HANDLE AttributeKey;
1018  ULONG ValueSize;
1019  NTSTATUS Status;
1020 
1022  AttributeName);
1023 
1025  &KeyName,
1027  DbObject->KeyHandle,
1028  NULL);
1029 
1030  Status = NtOpenKey(&AttributeKey,
1032  &ObjectAttributes);
1033  if (!NT_SUCCESS(Status))
1034  {
1035  return Status;
1036  }
1037 
1038  ValueSize = *AttributeSize;
1039  Status = RtlpNtQueryValueKey(AttributeKey,
1040  NULL,
1041  NULL,
1042  &ValueSize,
1043  0);
1045  {
1046  goto Done;
1047  }
1048 
1049  if (AttributeData == NULL || *AttributeSize == 0)
1050  {
1051  *AttributeSize = ValueSize;
1053  goto Done;
1054  }
1055  else if (*AttributeSize < ValueSize)
1056  {
1057  *AttributeSize = ValueSize;
1059  goto Done;
1060  }
1061 
1062  Status = RtlpNtQueryValueKey(AttributeKey,
1063  NULL,
1064  AttributeData,
1065  &ValueSize,
1066  0);
1067  if (NT_SUCCESS(Status))
1068  {
1069  *AttributeSize = ValueSize;
1070  }
1071 
1072 Done:
1073  NtClose(AttributeKey);
1074 
1075  return Status;
1076 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING KeyName
Definition: ndis.h:4693
LONG NTSTATUS
Definition: precomp.h:26
HANDLE KeyHandle
Definition: lsasrv.h:61
smooth NULL
Definition: ftsmooth.c:416
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
Definition: registry.c:933
Status
Definition: gdiplustypes.h:24
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:61
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
unsigned int ULONG
Definition: retypes.h:1
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
return STATUS_SUCCESS
Definition: btrfs.c:2725

Referenced by LsapGetDomainInfo(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarEnumeratePrivilegesAccount(), LsarGetQuotasForAccount(), LsarGetSystemAccessAccount(), LsarQueryAccountDomain(), LsarQueryAuditEvents(), LsarQueryAuditFull(), LsarQueryAuditLog(), LsarQueryDefaultQuota(), LsarQueryDnsDomain(), LsarQueryModification(), LsarQueryPrimaryDomain(), LsarQuerySecret(), LsarQuerySecurityObject(), LsarQueryServerRole(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarRetrievePrivateData(), LsarSetAuditFull(), LsarSetQuotasForAccount(), and LsarSetSecurityObject().

◆ LsapGetRelativeIdFromSid()

ULONG LsapGetRelativeIdFromSid ( PSID  Sid)

Definition at line 978 of file lookup.c.

979 {
980  PISID Sid = Sid_;
981 
982  if (Sid->SubAuthorityCount != 0)
983  return Sid->SubAuthority[Sid->SubAuthorityCount - 1];
984 
985  return 0;
986 }
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
DWORD SubAuthority[*]
Definition: ms-dtyp.idl:202
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200

Referenced by LsapLookupAccountDomainSids(), LsapLookupBuiltinDomainSids(), LsarLookupNames(), and LsarLookupNames2().

◆ LsapGetResourceStringLengthEx()

INT LsapGetResourceStringLengthEx ( _In_ HINSTANCE  hInstance,
_In_ UINT  uId,
_In_ USHORT  usLanguage 
)

Definition at line 64 of file utils.c.

68 {
69  HGLOBAL hmem;
70  HRSRC hrsrc;
71  WCHAR *p;
72  UINT i, string_num;
73 
74  /* Use loword (incremented by 1) as resourceid */
75 // hrsrc = FindResourceExW(hInstance,
76 // MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
77 // (LPWSTR)RT_STRING,
78 // usLanguage);
79  hrsrc = FindResourceW(hInstance,
80  MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
81  (LPWSTR)RT_STRING);
82  if (!hrsrc)
83  return 0;
84 
85  hmem = LoadResource(hInstance, hrsrc);
86  if (!hmem)
87  return 0;
88 
89  p = LockResource(hmem);
90  string_num = uId & 0x000f;
91  for (i = 0; i < string_num; i++)
92  p += *p + 1;
93 
94  return *p + 1;
95 }
LPVOID WINAPI LockResource(HGLOBAL handle)
Definition: res.c:550
HRSRC WINAPI FindResourceW(HINSTANCE hModule, LPCWSTR name, LPCWSTR type)
Definition: res.c:176
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
HINSTANCE hInstance
Definition: charmap.c:20
HGLOBAL WINAPI LoadResource(HINSTANCE hModule, HRSRC hRsrc)
Definition: res.c:532
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define RT_STRING
Definition: pedump.c:368
unsigned int UINT
Definition: ndis.h:50
#define MAKEINTRESOURCEW(i)
Definition: winuser.h:582
GLfloat GLfloat p
Definition: glext.h:8902
WCHAR * LPWSTR
Definition: xmlstorage.h:184
#define LOWORD(l)
Definition: pedump.c:82

Referenced by LsarpLookupPrivilegeDisplayName().

◆ LsapInitAuthPackages()

NTSTATUS LsapInitAuthPackages ( VOID  )

Definition at line 474 of file authpackage.c.

475 {
476  RTL_QUERY_REGISTRY_TABLE AuthPackageTable[] = {
477  {LsapAddAuthPackage, 0, L"Authentication Packages", NULL, REG_NONE, NULL, 0},
478  {NULL, 0, NULL, NULL, REG_NONE, NULL, 0}};
479 
481 
483  PackageId = 0;
484 
485  /* Initialize the dispatch table */
497 
498  /* Add registered authentication packages */
500  L"Lsa",
501  AuthPackageTable,
502  &PackageId,
503  NULL);
504 
505  return Status;
506 }
PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
Definition: authpackage.c:63
PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
Definition: authpackage.c:64
NTSTATUS NTAPI LsapCreateLogonSession(IN PLUID LogonId)
Definition: session.c:117
PLSA_GET_CREDENTIALS GetCredentials
Definition: authpackage.c:58
LONG NTSTATUS
Definition: precomp.h:26
static NTSTATUS NTAPI LsapFreeClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ClientBaseAddress)
Definition: authpackage.c:414
NTSTATUS NTAPI LsapDeleteLogonSession(IN PLUID LogonId)
Definition: session.c:159
PLSA_FREE_LSA_HEAP FreeLsaHeap
Definition: authpackage.c:61
PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
Definition: authpackage.c:60
static NTSTATUS NTAPI LsapAddAuthPackage(IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
Definition: authpackage.c:177
#define RTL_REGISTRY_CONTROL
Definition: nt_native.h:163
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
PVOID NTAPI LsapAllocateHeapZero(IN ULONG Length)
Definition: authpackage.c:373
NTSTATUS NTAPI LsapGetCredentials(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _Inout_ PULONG QueryContext, _In_ BOOLEAN RetrieveAllCredentials, _Inout_ PLSA_STRING PrimaryKeyValue, _Out_ PULONG PrimaryKeyLength, _Out_ PLSA_STRING Credentials)
Definition: session.c:227
PLSA_CREATE_LOGON_SESSION CreateLogonSession
Definition: authpackage.c:55
smooth NULL
Definition: ftsmooth.c:416
VOID NTAPI LsapFreeHeap(IN PVOID Base)
Definition: authpackage.c:381
NTSTATUS NTAPI LsapAddCredential(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue, _In_ PLSA_STRING Credential)
Definition: session.c:214
PLSA_DELETE_CREDENTIAL DeleteCredential
Definition: authpackage.c:59
static NTSTATUS NTAPI LsapCopyFromClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID BufferToCopy, IN PVOID ClientBaseAddress)
Definition: authpackage.c:456
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
PLSA_DELETE_LOGON_SESSION DeleteLogonSession
Definition: authpackage.c:56
PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
Definition: authpackage.c:65
static const WCHAR L[]
Definition: oid.c:1250
PLSA_ADD_CREDENTIAL AddCredential
Definition: authpackage.c:57
Status
Definition: gdiplustypes.h:24
PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
Definition: authpackage.c:62
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
static LSA_DISPATCH_TABLE DispatchTable
Definition: authpackage.c:164
static NTSTATUS NTAPI LsapCopyToClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID ClientBaseAddress, IN PVOID BufferToCopy)
Definition: authpackage.c:436
NTSTATUS NTAPI LsapDeleteCredential(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue)
Definition: session.c:243
#define REG_NONE
Definition: nt_native.h:1492
static ULONG PackageId
Definition: authpackage.c:163
static NTSTATUS NTAPI LsapAllocateClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG LengthRequired, OUT PVOID *ClientBaseAddress)
Definition: authpackage.c:390

Referenced by LsapInitLsa().

◆ LsapInitDatabase()

NTSTATUS LsapInitDatabase ( VOID  )

Definition at line 537 of file database.c.

538 {
540 
541  TRACE("LsapInitDatabase()\n");
542 
544  if (!NT_SUCCESS(Status))
545  {
546  ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
547  return Status;
548  }
549 
551  {
553  if (!NT_SUCCESS(Status))
554  {
555  ERR("Failed to create the LSA database keys (Status: 0x%08lx)\n", Status);
556  return Status;
557  }
558 
560  if (!NT_SUCCESS(Status))
561  {
562  ERR("Failed to create the LSA database objects (Status: 0x%08lx)\n", Status);
563  return Status;
564  }
565  }
566  else
567  {
569  if (!NT_SUCCESS(Status))
570  {
571  ERR("Failed to update the LSA database (Status: 0x%08lx)\n", Status);
572  return Status;
573  }
574  }
575 
577  if (!NT_SUCCESS(Status))
578  {
579  ERR("Failed to get the domain information (Status: 0x%08lx)\n", Status);
580  return Status;
581  }
582 
583  TRACE("LsapInitDatabase() done\n");
584 
585  return STATUS_SUCCESS;
586 }
static BOOLEAN LsapIsDatabaseInstalled(VOID)
Definition: database.c:55
LONG NTSTATUS
Definition: precomp.h:26
static NTSTATUS LsapOpenServiceKey(VOID)
Definition: database.c:30
static NTSTATUS LsapGetDomainInfo(VOID)
Definition: database.c:405
static NTSTATUS LsapCreateDatabaseObjects(VOID)
Definition: database.c:232
static NTSTATUS LsapUpdateDatabase(VOID)
Definition: database.c:398
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
Status
Definition: gdiplustypes.h:24
#define ERR(fmt,...)
Definition: debug.h:109
static NTSTATUS LsapCreateDatabaseKeys(VOID)
Definition: database.c:85
return STATUS_SUCCESS
Definition: btrfs.c:2725

Referenced by LsapInitLsa().

◆ LsapInitLogonSessions()

VOID LsapInitLogonSessions ( VOID  )

Definition at line 36 of file session.c.

37 {
39  SessionCount = 0;
40 }
LIST_ENTRY SessionListHead
Definition: session.c:30
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
ULONG SessionCount
Definition: session.c:31

Referenced by LsapInitLsa().

◆ LsapInitNotificationList()

VOID LsapInitNotificationList ( VOID  )

Definition at line 26 of file notify.c.

27 {
30 }
static RTL_RESOURCE NotificationListLock
Definition: notify.c:20
static LIST_ENTRY NotificationListHead
Definition: notify.c:19
NTSYSAPI VOID NTAPI RtlInitializeResource(_In_ PRTL_RESOURCE Resource)
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944

Referenced by LsapInitLsa().

◆ LsapInitSids()

NTSTATUS LsapInitSids ( VOID  )

Definition at line 173 of file lookup.c.

174 {
175  WCHAR szAccountName[80];
176  WCHAR szDomainName[80];
177  ULONG SubAuthorities[8];
179 
181 
182  hInstance = GetModuleHandleW(L"lsasrv.dll");
183 
184  /* NT Authority */
185  LsapLoadString(hInstance, IDS_NT_AUTHORITY, szAccountName, ARRAYSIZE(szAccountName));
186  LsapLoadString(hInstance, IDS_NT_AUTHORITY, szDomainName, ARRAYSIZE(szDomainName));
188  0,
189  NULL,
190  szAccountName,
191  szDomainName,
193  NULL);
194 
195  /* Null Sid */
196  LsapLoadString(hInstance, IDS_NULL_RID, szAccountName, ARRAYSIZE(szAccountName));
197 
198  SubAuthorities[0] = SECURITY_NULL_RID;
200  1,
201  SubAuthorities,
202  szAccountName,
203  L"",
205  NULL);
206 
207  /* World Sid */
208  LsapLoadString(hInstance, IDS_WORLD_RID, szAccountName, ARRAYSIZE(szAccountName));
209 
210  SubAuthorities[0] = SECURITY_WORLD_RID;
212  1,
213  SubAuthorities,
214  szAccountName,
215  L"",
217  &LsapWorldSid);
218 
219  /* Local Sid */
220  LsapLoadString(hInstance, IDS_LOCAL_RID, szAccountName, ARRAYSIZE(szAccountName));
221 
222  SubAuthorities[0] = SECURITY_LOCAL_RID;
224  1,
225  SubAuthorities,
226  szAccountName,
227  L"",
229  NULL);
230 
231  /* Creator Owner Sid */
232  LsapLoadString(hInstance, IDS_CREATOR_OWNER_RID, szAccountName, ARRAYSIZE(szAccountName));
233 
234  SubAuthorities[0] = SECURITY_CREATOR_OWNER_RID;
236  1,
237  SubAuthorities,
238  szAccountName,
239  L"",
241  NULL);
242 
243  /* Creator Group Sid */
244  LsapLoadString(hInstance, IDS_CREATOR_GROUP_RID, szAccountName, ARRAYSIZE(szAccountName));
245 
246  SubAuthorities[0] = SECURITY_CREATOR_GROUP_RID;
248  1,
249  SubAuthorities,
250  szAccountName,
251  L"",
253  NULL);
254 
255  /* Creator Owner Server Sid */
256  LsapLoadString(hInstance, IDS_CREATOR_OWNER_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
257 
258  SubAuthorities[0] = SECURITY_CREATOR_OWNER_SERVER_RID;
260  1,
261  SubAuthorities,
262  szAccountName,
263  L"",
265  NULL);
266 
267  /* Creator Group Server Sid */
268  LsapLoadString(hInstance, IDS_CREATOR_GROUP_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
269 
270  SubAuthorities[0] = SECURITY_CREATOR_GROUP_SERVER_RID;
272  1,
273  SubAuthorities,
274  szAccountName,
275  L"",
277  NULL);
278 
279  /* Dialup Sid */
280  LsapLoadString(hInstance, IDS_DIALUP_RID, szAccountName, ARRAYSIZE(szAccountName));
281  LsapLoadString(hInstance, IDS_NT_AUTHORITY, szDomainName, ARRAYSIZE(szDomainName));
282 
283  SubAuthorities[0] = SECURITY_DIALUP_RID;
285  1,
286  SubAuthorities,
287  szAccountName,
288  szDomainName,
290  NULL);
291 
292  /* Network Sid */
293  LsapLoadString(hInstance, IDS_NETWORK_RID, szAccountName, ARRAYSIZE(szAccountName));
294 
295  SubAuthorities[0] = SECURITY_NETWORK_RID;
297  1,
298  SubAuthorities,
299  szAccountName,
300  szDomainName,
302  &LsapNetworkSid);
303 
304  /* Batch Sid*/
305  LsapLoadString(hInstance, IDS_BATCH_RID, szAccountName, ARRAYSIZE(szAccountName));
306 
307  SubAuthorities[0] = SECURITY_BATCH_RID;
309  1,
310  SubAuthorities,
311  szAccountName,
312  szDomainName,
314  &LsapBatchSid);
315 
316  /* Interactive Sid */
317  LsapLoadString(hInstance, IDS_INTERACTIVE_RID, szAccountName, ARRAYSIZE(szAccountName));
318 
319  SubAuthorities[0] = SECURITY_INTERACTIVE_RID;
321  1,
322  SubAuthorities,
323  szAccountName,
324  szDomainName,
327 
328  /* Service Sid */
329  LsapLoadString(hInstance, IDS_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
330 
331  SubAuthorities[0] = SECURITY_SERVICE_RID;
333  1,
334  SubAuthorities,
335  szAccountName,
336  szDomainName,
338  &LsapServiceSid);
339 
340  /* Anonymous Logon Sid */
341  LsapLoadString(hInstance, IDS_ANONYMOUS_LOGON_RID, szAccountName, ARRAYSIZE(szAccountName));
342 
343  SubAuthorities[0] = SECURITY_ANONYMOUS_LOGON_RID;
345  1,
346  SubAuthorities,
347  szAccountName,
348  szDomainName,
350  NULL);
351 
352  /* Proxy Sid */
353  LsapLoadString(hInstance, IDS_PROXY_RID, szAccountName, ARRAYSIZE(szAccountName));
354 
355  SubAuthorities[0] = SECURITY_PROXY_RID;
357  1,
358  SubAuthorities,
359  szAccountName,
360  szDomainName,
362  NULL);
363 
364  /* Enterprise Controllers Sid */
365  LsapLoadString(hInstance, IDS_ENTERPRISE_CONTROLLERS_RID, szAccountName, ARRAYSIZE(szAccountName));
366 
367  SubAuthorities[0] = SECURITY_ENTERPRISE_CONTROLLERS_RID;
369  1,
370  SubAuthorities,
371  szAccountName,
372  szDomainName,
374  NULL);
375 
376  /* Principal Self Sid */
377  LsapLoadString(hInstance, IDS_PRINCIPAL_SELF_RID, szAccountName, ARRAYSIZE(szAccountName));
378 
379  SubAuthorities[0] = SECURITY_PRINCIPAL_SELF_RID;
381  1,
382  SubAuthorities,
383  szAccountName,
384  szDomainName,
386  NULL);
387 
388  /* Authenticated Users Sid */
389  LsapLoadString(hInstance, IDS_AUTHENTICATED_USER_RID, szAccountName, ARRAYSIZE(szAccountName));
390 
391  SubAuthorities[0] = SECURITY_AUTHENTICATED_USER_RID;
393  1,
394  SubAuthorities,
395  szAccountName,
396  szDomainName,
398  NULL);
399 
400  /* Restricted Code Sid */
401  LsapLoadString(hInstance, IDS_RESTRICTED_CODE_RID, szAccountName, ARRAYSIZE(szAccountName));
402 
403  SubAuthorities[0] = SECURITY_RESTRICTED_CODE_RID;
405  1,
406  SubAuthorities,
407  szAccountName,
408  szDomainName,
410  NULL);
411 
412  /* Terminal Server Sid */
413  LsapLoadString(hInstance, IDS_TERMINAL_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
414 
415  SubAuthorities[0] = SECURITY_TERMINAL_SERVER_RID;
417  1,
418  SubAuthorities,
419  szAccountName,
420  szDomainName,
422  NULL);
423 
424  /* Remote Logon Sid */
425  LsapLoadString(hInstance, IDS_REMOTE_LOGON_RID, szAccountName, ARRAYSIZE(szAccountName));
426 
427  SubAuthorities[0] = SECURITY_REMOTE_LOGON_RID;
429  1,
430  SubAuthorities,
431  szAccountName,
432  szDomainName,
434  NULL);
435 
436  /* This Organization Sid */
437  LsapLoadString(hInstance, IDS_THIS_ORGANIZATION_RID, szAccountName, ARRAYSIZE(szAccountName));
438 
439  SubAuthorities[0] = SECURITY_THIS_ORGANIZATION_RID;
441  1,
442  SubAuthorities,
443  szAccountName,
444  szDomainName,
446  NULL);
447 
448  /* Local System Sid */
449  LsapLoadString(hInstance, IDS_LOCAL_SYSTEM_RID, szAccountName, ARRAYSIZE(szAccountName));
450 
451  SubAuthorities[0] = SECURITY_LOCAL_SYSTEM_RID;
453  1,
454  SubAuthorities,
455  szAccountName,
456  szDomainName,
459 
460  /* Local Service Sid */
461  LsapLoadString(hInstance, IDS_LOCAL_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
462 
463  SubAuthorities[0] = SECURITY_LOCAL_SERVICE_RID;
465  1,
466  SubAuthorities,
467  szAccountName,
468  szDomainName,
470  NULL);
471 
473  1,
474  SubAuthorities,
475  L"LOCALSERVICE",
476  L"NT AUTHORITY",
478  NULL);
479 
480  /* Network Service Sid */
481  LsapLoadString(hInstance, IDS_NETWORK_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
482 
483  SubAuthorities[0] = SECURITY_NETWORK_SERVICE_RID;
485  1,
486  SubAuthorities,
487  szAccountName,
488  szDomainName,
490  NULL);
491 
493  1,
494  SubAuthorities,
495  L"NETWORKSERVICE",
496  L"NT AUTHORITY",
498  NULL);
499 
500  /* Builtin Domain Sid */
501  LsapLoadString(hInstance, IDS_BUILTIN_DOMAIN_RID, szAccountName, ARRAYSIZE(szAccountName));
502  LsapLoadString(hInstance, IDS_BUILTIN_DOMAIN_RID, szDomainName, ARRAYSIZE(szDomainName));
503 
504  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
506  1,
507  SubAuthorities,
508  szAccountName,
509  szDomainName,
511  NULL);
512 
513  /* Administrators Alias Sid */
514  LsapLoadString(hInstance, IDS_ALIAS_RID_ADMINS, szAccountName, ARRAYSIZE(szAccountName));
515 
516  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
517  SubAuthorities[1] = DOMAIN_ALIAS_RID_ADMINS;
519  2,
520  SubAuthorities,
521  szAccountName,
522  szDomainName,
523  SidTypeAlias,
525 
526  /* Users Alias Sid */
527  LsapLoadString(hInstance, IDS_ALIAS_RID_USERS, szAccountName, ARRAYSIZE(szAccountName));
528 
529  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
530  SubAuthorities[1] = DOMAIN_ALIAS_RID_USERS;
532  2,
533  SubAuthorities,
534  szAccountName,
535  szDomainName,
536  SidTypeAlias,
537  NULL);
538 
539  /* Guests Alias Sid */
540  LsapLoadString(hInstance, IDS_ALIAS_RID_GUESTS, szAccountName, ARRAYSIZE(szAccountName));
541 
542  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
543  SubAuthorities[1] = DOMAIN_ALIAS_RID_GUESTS;
545  2,
546  SubAuthorities,
547  szAccountName,
548  szDomainName,
549  SidTypeAlias,
550  NULL);
551 
552  /* Power User Alias Sid */
553  LsapLoadString(hInstance, IDS_ALIAS_RID_POWER_USERS, szAccountName, ARRAYSIZE(szAccountName));
554 
555  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
556  SubAuthorities[1] = DOMAIN_ALIAS_RID_POWER_USERS;
558  2,
559  SubAuthorities,
560  szAccountName,
561  szDomainName,
562  SidTypeAlias,
563  NULL);
564 
565  /* Account Operators Alias Sid */
566  LsapLoadString(hInstance, IDS_ALIAS_RID_ACCOUNT_OPS, szAccountName, ARRAYSIZE(szAccountName));
567 
568  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
569  SubAuthorities[1] = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
571  2,
572  SubAuthorities,
573  szAccountName,
574  szDomainName,
575  SidTypeAlias,
576  NULL);
577 
578  /* System Operators Alias Sid */
579  LsapLoadString(hInstance, IDS_ALIAS_RID_SYSTEM_OPS, szAccountName, ARRAYSIZE(szAccountName));
580 
581  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
582  SubAuthorities[1] = DOMAIN_ALIAS_RID_SYSTEM_OPS;
584  2,
585  SubAuthorities,
586  szAccountName,
587  szDomainName,
588  SidTypeAlias,
589  NULL);
590 
591  /* Print Operators Alias Sid */
592  LsapLoadString(hInstance, IDS_ALIAS_RID_PRINT_OPS, szAccountName, ARRAYSIZE(szAccountName));
593 
594  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
595  SubAuthorities[1] = DOMAIN_ALIAS_RID_PRINT_OPS;
597  2,
598  SubAuthorities,
599  szAccountName,
600  szDomainName,
601  SidTypeAlias,
602  NULL);
603 
604  /* Backup Operators Alias Sid */
605  LsapLoadString(hInstance, IDS_ALIAS_RID_BACKUP_OPS, szAccountName, ARRAYSIZE(szAccountName));
606 
607  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
608  SubAuthorities[1] = DOMAIN_ALIAS_RID_BACKUP_OPS;
610  2,
611  SubAuthorities,
612  szAccountName,
613  szDomainName,
614  SidTypeAlias,
615  NULL);
616 
617  /* Replicators Alias Sid */
618  LsapLoadString(hInstance, IDS_ALIAS_RID_REPLICATOR, szAccountName, ARRAYSIZE(szAccountName));
619 
620  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
621  SubAuthorities[1] = DOMAIN_ALIAS_RID_REPLICATOR;
623  2,
624  SubAuthorities,
625  szAccountName,
626  szDomainName,
627  SidTypeAlias,
628  NULL);
629 
630  /* RAS Servers Alias Sid */
631  LsapLoadString(hInstance, IDS_ALIAS_RID_RAS_SERVERS, szAccountName, ARRAYSIZE(szAccountName));
632 
633  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
634  SubAuthorities[1] = DOMAIN_ALIAS_RID_RAS_SERVERS;
636  2,
637  SubAuthorities,
638  szAccountName,
639  szDomainName,
640  SidTypeAlias,
641  NULL);
642 
643  /* Pre-Windows 2000 Compatible Access Alias Sid */
644  LsapLoadString(hInstance, IDS_ALIAS_RID_PREW2KCOMPACCESS, szAccountName, ARRAYSIZE(szAccountName));
645 
646  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
647  SubAuthorities[1] = DOMAIN_ALIAS_RID_PREW2KCOMPACCESS;
649  2,
650  SubAuthorities,
651  szAccountName,
652  szDomainName,
653  SidTypeAlias,
654  NULL);
655 
656  /* Remote Desktop Users Alias Sid */
657  LsapLoadString(hInstance, IDS_ALIAS_RID_REMOTE_DESKTOP_USERS, szAccountName, ARRAYSIZE(szAccountName));
658 
659  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
660  SubAuthorities[1] = DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS;
662  2,
663  SubAuthorities,
664  szAccountName,
665  szDomainName,
666  SidTypeAlias,
667  NULL);
668 
669  /* Network Configuration Operators Alias Sid */
671 
672  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
673  SubAuthorities[1] = DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS;
675  2,
676  SubAuthorities,
677  szAccountName,
678  szDomainName,
679  SidTypeAlias,
680  NULL);
681 
682  /* FIXME: Add more well known sids */
683 
684  return STATUS_SUCCESS;
685 }
#define IDS_PRINCIPAL_SELF_RID
Definition: resources.h:28
#define SECURITY_BATCH_RID
Definition: setypes.h:530
SID_IDENTIFIER_AUTHORITY LocalSidAuthority
Definition: database.c:17
#define IDS_ALIAS_RID_USERS
Definition: resources.h:39
#define IDS_ALIAS_RID_RAS_SERVERS
Definition: resources.h:47
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:540
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:546
INT LsapLoadString(HINSTANCE hInstance, UINT uId, LPWSTR lpBuffer, INT nBufferMax)
Definition: utils.c:17
#define IDS_ALIAS_RID_GUESTS
Definition: resources.h:40
#define DOMAIN_ALIAS_RID_GUESTS
Definition: setypes.h:626
#define SECURITY_THIS_ORGANIZATION_RID
Definition: setypes.h:544
#define IDS_BATCH_RID
Definition: resources.h:22
#define SECURITY_TERMINAL_SERVER_RID
Definition: setypes.h:542
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS
Definition: setypes.h:629
#define SECURITY_DIALUP_RID
Definition: setypes.h:528
#define SECURITY_NETWORK_RID
Definition: setypes.h:529
#define IDS_ALIAS_RID_REPLICATOR
Definition: resources.h:46
#define IDS_CREATOR_OWNER_SERVER_RID
Definition: resources.h:18
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
#define IDS_NULL_RID
Definition: resources.h:13
#define IDS_NETWORK_SERVICE_RID
Definition: resources.h:36
#define IDS_ALIAS_RID_ACCOUNT_OPS
Definition: resources.h:42
#define DOMAIN_ALIAS_RID_POWER_USERS
Definition: setypes.h:627
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:531
#define IDS_ALIAS_RID_BACKUP_OPS
Definition: resources.h:45
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
Definition: database.c:18
#define IDS_RESTRICTED_CODE_RID
Definition: resources.h:30
#define IDS_AUTHENTICATED_USER_RID
Definition: resources.h:29
PSID LsapWorldSid
Definition: lookup.c:78
#define SECURITY_PRINCIPAL_SELF_RID
Definition: setypes.h:539
HINSTANCE hInstance
Definition: charmap.c:20
#define IDS_TERMINAL_SERVER_RID
Definition: resources.h:31
#define IDS_CREATOR_GROUP_SERVER_RID
Definition: resources.h:19
smooth NULL
Definition: ftsmooth.c:416
#define IDS_DIALUP_RID
Definition: resources.h:20
#define IDS_REMOTE_LOGON_RID
Definition: resources.h:32
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:547
PSID LsapBatchSid
Definition: lookup.c:80
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:16
#define SECURITY_CREATOR_GROUP_SERVER_RID
Definition: setypes.h:520
#define SECURITY_ENTERPRISE_CONTROLLERS_RID
Definition: setypes.h:537
PSID LsapAdministratorsSid
Definition: lookup.c:84
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
#define IDS_ALIAS_RID_NETWORK_CONFIGURATION_OPS
Definition: resources.h:50
PSID LsapInteractiveSid
Definition: lookup.c:81
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define DOMAIN_ALIAS_RID_BACKUP_OPS
Definition: setypes.h:632
#define IDS_ALIAS_RID_POWER_USERS
Definition: resources.h:41
#define IDS_NT_AUTHORITY
Definition: resources.h:11
#define IDS_LOCAL_SYSTEM_RID
Definition: resources.h:34
#define DOMAIN_ALIAS_RID_SYSTEM_OPS
Definition: setypes.h:630
#define SECURITY_LOCAL_RID
Definition: setypes.h:514
#define IDS_ALIAS_RID_REMOTE_DESKTOP_USERS
Definition: resources.h:49
#define IDS_ENTERPRISE_CONTROLLERS_RID
Definition: resources.h:27
#define SECURITY_WORLD_RID
Definition: setypes.h:513
#define SECURITY_PROXY_RID
Definition: setypes.h:536
#define SECURITY_ANONYMOUS_LOGON_RID
Definition: setypes.h:535
BOOLEAN LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, UCHAR SubAuthorityCount, PULONG SubAuthorities, PWSTR AccountName, PWSTR DomainName, SID_NAME_USE Use, PSID *SidPtr)
Definition: lookup.c:90
#define SECURITY_CREATOR_OWNER_RID
Definition: setypes.h:517
#define SECURITY_NULL_RID
Definition: setypes.h:512
#define IDS_INTERACTIVE_RID
Definition: resources.h:23
PSID LsapServiceSid
Definition: lookup.c:82
static const WCHAR L[]
Definition: oid.c:1250
#define IDS_LOCAL_SERVICE_RID
Definition: resources.h:35
#define IDS_PROXY_RID
Definition: resources.h:26
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:548
#define SECURITY_CREATOR_GROUP_RID
Definition: setypes.h:518
PSID LsapNetworkSid
Definition: lookup.c:79
#define IDS_LOCAL_RID
Definition: resources.h:15
#define SECURITY_REMOTE_LOGON_RID
Definition: setypes.h:543
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:625
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define DOMAIN_ALIAS_RID_REPLICATOR
Definition: setypes.h:634
#define SECURITY_RESTRICTED_CODE_RID
Definition: setypes.h:541
#define IDS_NETWORK_RID
Definition: resources.h:21
LIST_ENTRY WellKnownSidListHead
Definition: lookup.c:77
#define SECURITY_CREATOR_OWNER_SERVER_RID
Definition: setypes.h:519
#define DOMAIN_ALIAS_RID_PRINT_OPS
Definition: setypes.h:631
#define IDS_SERVICE_RID
Definition: resources.h:24
#define SECURITY_SERVICE_RID
Definition: setypes.h:534
#define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS
Definition: setypes.h:636
unsigned int ULONG
Definition: retypes.h:1
HMODULE WINAPI GetModuleHandleW(LPCWSTR lpModuleName)
Definition: loader.c:845
#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS
Definition: setypes.h:638
SID_IDENTIFIER_AUTHORITY NullSidAuthority
Definition: database.c:15
#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS
Definition: setypes.h:637
#define IDS_WORLD_RID
Definition: resources.h:14
return STATUS_SUCCESS
Definition: btrfs.c:2725
#define IDS_ALIAS_RID_ADMINS
Definition: resources.h:38
#define IDS_THIS_ORGANIZATION_RID
Definition: resources.h:33
#define IDS_CREATOR_GROUP_RID
Definition: resources.h:17
#define DOMAIN_ALIAS_RID_RAS_SERVERS
Definition: setypes.h:635
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:624
#define IDS_CREATOR_OWNER_RID
Definition: resources.h:16
#define IDS_ANONYMOUS_LOGON_RID
Definition: resources.h:25
#define IDS_ALIAS_RID_PRINT_OPS
Definition: resources.h:44
#define IDS_ALIAS_RID_PREW2KCOMPACCESS
Definition: resources.h:48
#define IDS_ALIAS_RID_SYSTEM_OPS
Definition: resources.h:43
#define IDS_BUILTIN_DOMAIN_RID
Definition: resources.h:37
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:19
PSID LsapLocalSystemSid
Definition: lookup.c:83

Referenced by LsapInitLsa().

◆ LsapLoadString()

INT LsapLoadString ( HINSTANCE  hInstance,
UINT  uId,
LPWSTR  lpBuffer,
INT  nBufferMax 
)

Definition at line 17 of file utils.c.

21 {
22  HGLOBAL hmem;
23  HRSRC hrsrc;
24  WCHAR *p;
25  int string_num;
26  int i;
27 
28  /* Use loword (incremented by 1) as resourceid */
29  hrsrc = FindResourceW(hInstance,
30  MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
31  (LPWSTR)RT_STRING);
32  if (!hrsrc)
33  return 0;
34 
35  hmem = LoadResource(hInstance, hrsrc);
36  if (!hmem)
37  return 0;
38 
39  p = LockResource(hmem);
40  string_num = uId & 0x000f;
41  for (i = 0; i < string_num; i++)
42  p += *p + 1;
43 
44  i = min(nBufferMax - 1, *p);
45  if (i > 0)
46  {
47  memcpy(lpBuffer, p + 1, i * sizeof(WCHAR));
48  lpBuffer[i] = 0;
49  }
50  else
51  {
52  if (nBufferMax > 1)
53  {
54  lpBuffer[0] = 0;
55  return 0;
56  }
57  }
58 
59  return i;
60 }
LPVOID WINAPI LockResource(HGLOBAL handle)
Definition: res.c:550
HRSRC WINAPI FindResourceW(HINSTANCE hModule, LPCWSTR name, LPCWSTR type)
Definition: res.c:176
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
HINSTANCE hInstance
Definition: charmap.c:20
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
Definition: db.cpp:173
HGLOBAL WINAPI LoadResource(HINSTANCE hModule, HRSRC hRsrc)
Definition: res.c:532
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
#define RT_STRING
Definition: pedump.c:368
#define min(a, b)
Definition: monoChain.cc:55
#define MAKEINTRESOURCEW(i)
Definition: winuser.h:582
GLfloat GLfloat p
Definition: glext.h:8902
WCHAR * LPWSTR
Definition: xmlstorage.h:184
#define LOWORD(l)
Definition: pedump.c:82

Referenced by LsapInitSids().

◆ LsapLoadStringEx()

INT LsapLoadStringEx ( _In_ HINSTANCE  hInstance,
_In_ UINT  uId,
_In_ USHORT  usLanguage,
_Out_ LPWSTR  lpBuffer,
_Out_ INT  nBufferMax 
)

Definition at line 99 of file utils.c.

105 {
106  HGLOBAL hmem;
107  HRSRC hrsrc;
108  WCHAR *p;
109  int string_num;
110  int i;
111 
112  /* Use loword (incremented by 1) as resourceid */
113 // hrsrc = FindResourceExW(hInstance,
114 // MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
115 // (LPWSTR)RT_STRING,
116 // usLanguage);
117  hrsrc = FindResourceW(hInstance,
118  MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
119  (LPWSTR)RT_STRING);
120  if (!hrsrc)
121  return 0;
122 
123  hmem = LoadResource(hInstance, hrsrc);
124  if (!hmem)
125  return 0;
126 
127  p = LockResource(hmem);
128  string_num = uId & 0x000f;
129  for (i = 0; i < string_num; i++)
130  p += *p + 1;
131 
132  i = min(nBufferMax - 1, *p);
133  if (i > 0)
134  {
135  memcpy(lpBuffer, p + 1, i * sizeof(WCHAR));
136  lpBuffer[i] = 0;
137  }
138  else
139  {
140  if (nBufferMax > 1)
141  {
142  lpBuffer[0] = 0;
143  return 0;
144  }
145  }
146 
147  return i;
148 }
LPVOID WINAPI LockResource(HGLOBAL handle)
Definition: res.c:550
HRSRC WINAPI FindResourceW(HINSTANCE hModule, LPCWSTR name, LPCWSTR type)
Definition: res.c:176
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
HINSTANCE hInstance
Definition: charmap.c:20
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
Definition: db.cpp:173
HGLOBAL WINAPI LoadResource(HINSTANCE hModule, HRSRC hRsrc)
Definition: res.c:532
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
#define RT_STRING
Definition: pedump.c:368
#define min(a, b)
Definition: monoChain.cc:55
#define MAKEINTRESOURCEW(i)
Definition: winuser.h:582
GLfloat GLfloat p
Definition: glext.h:8902
WCHAR * LPWSTR
Definition: xmlstorage.h:184
#define LOWORD(l)
Definition: pedump.c:82

Referenced by LsarpLookupPrivilegeDisplayName().

◆ LsapLogonUser()

NTSTATUS LsapLogonUser ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 1366 of file authpackage.c.

1368 {
1369  PAUTH_PACKAGE Package;
1372  LSA_TOKEN_INFORMATION_TYPE TokenInformationType;
1373  PVOID TokenInformation = NULL;
1374  PLSA_TOKEN_INFORMATION_NULL TokenInfo0 = NULL;
1375  PLSA_TOKEN_INFORMATION_V1 TokenInfo1 = NULL;
1376  PUNICODE_STRING AccountName = NULL;
1377  PUNICODE_STRING AuthenticatingAuthority = NULL;
1379  PVOID LocalAuthInfo = NULL;
1382  ULONG i;
1383  ULONG PackageId;
1385  NTSTATUS Status;
1386 
1387  PUNICODE_STRING UserName = NULL;
1388  PUNICODE_STRING LogonDomainName = NULL;
1389 // UNICODE_STRING LogonServer;
1390 
1391 
1392  TRACE("LsapLogonUser(%p %p)\n", RequestMsg, LogonContext);
1393 
1394  PackageId = RequestMsg->LogonUser.Request.AuthenticationPackage;
1395  LogonType = RequestMsg->LogonUser.Request.LogonType;
1396 
1397  /* Get the right authentication package */
1399  if (Package == NULL)
1400  {
1401  ERR("LsapGetAuthenticationPackage() failed to find a package\n");
1402  return STATUS_NO_SUCH_PACKAGE;
1403  }
1404 
1405  if (RequestMsg->LogonUser.Request.AuthenticationInformationLength > 0)
1406  {
1407  /* Allocate the local authentication info buffer */
1408  LocalAuthInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1410  RequestMsg->LogonUser.Request.AuthenticationInformationLength);
1411  if (LocalAuthInfo == NULL)
1412  {
1413  ERR("RtlAllocateHeap() failed\n");
1415  }
1416 
1417  /* Read the authentication info from the callers address space */
1419  RequestMsg->LogonUser.Request.AuthenticationInformation,
1420  LocalAuthInfo,
1421  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1422  NULL);
1423  if (!NT_SUCCESS(Status))
1424  {
1425  ERR("NtReadVirtualMemory() failed (Status 0x%08lx)\n", Status);
1426  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalAuthInfo);
1427  return Status;
1428  }
1429  }
1430 
1431  if (RequestMsg->LogonUser.Request.LocalGroupsCount > 0)
1432  {
1433  Status = LsapCopyLocalGroups(LogonContext,
1434  RequestMsg->LogonUser.Request.LocalGroups,
1435  RequestMsg->LogonUser.Request.LocalGroupsCount,
1436  &LocalGroups);
1437  if (!NT_SUCCESS(Status))
1438  {
1439  ERR("LsapCopyLocalGroups failed (Status 0x%08lx)\n", Status);
1440  goto done;
1441  }
1442 
1443  TRACE("GroupCount: %lu\n", LocalGroups->GroupCount);
1444  }
1445 
1446  if (Package->LsaApLogonUserEx2 != NULL)
1447  {
1448  Status = Package->LsaApLogonUserEx2((PLSA_CLIENT_REQUEST)LogonContext,
1449  RequestMsg->LogonUser.Request.LogonType,
1450  LocalAuthInfo,
1451  RequestMsg->LogonUser.Request.AuthenticationInformation,
1452  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1453  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1454  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1455  &RequestMsg->LogonUser.Reply.LogonId,
1456  &RequestMsg->LogonUser.Reply.SubStatus,
1457  &TokenInformationType,
1458  &TokenInformation,
1459  &AccountName,
1460  &AuthenticatingAuthority,
1461  &MachineName,
1462  NULL, /* FIXME: PSECPKG_PRIMARY_CRED PrimaryCredentials */
1463  NULL); /* FIXME: PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials */
1464  }
1465  else if (Package->LsaApLogonUserEx != NULL)
1466  {
1467  Status = Package->LsaApLogonUserEx((PLSA_CLIENT_REQUEST)LogonContext,
1468  RequestMsg->LogonUser.Request.LogonType,
1469  LocalAuthInfo,
1470  RequestMsg->LogonUser.Request.AuthenticationInformation,
1471  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1472  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1473  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1474  &RequestMsg->LogonUser.Reply.LogonId,
1475  &RequestMsg->LogonUser.Reply.SubStatus,
1476  &TokenInformationType,
1477  &TokenInformation,
1478  &AccountName,
1479  &AuthenticatingAuthority,
1480  &MachineName);
1481  }
1482  else
1483  {
1484  Status = Package->LsaApLogonUser((PLSA_CLIENT_REQUEST)LogonContext,
1485  RequestMsg->LogonUser.Request.LogonType,
1486  LocalAuthInfo,
1487  RequestMsg->LogonUser.Request.AuthenticationInformation,
1488  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1489  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1490  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1491  &RequestMsg->LogonUser.Reply.LogonId,
1492  &RequestMsg->LogonUser.Reply.SubStatus,
1493  &TokenInformationType,
1494  &TokenInformation,
1495  &AccountName,
1496  &AuthenticatingAuthority);
1497  }
1498 
1499  if (!NT_SUCCESS(Status))
1500  {
1501  ERR("LsaApLogonUser/Ex/2 failed (Status 0x%08lx)\n", Status);
1502  goto done;
1503  }
1504 
1505  if (LocalGroups->GroupCount > 0)
1506  {
1507  /* Add local groups to the token information */
1508  Status = LsapAddLocalGroups(TokenInformation,
1509  TokenInformationType,
1510  LocalGroups);
1511  if (!NT_SUCCESS(Status))
1512  {
1513  ERR("LsapAddLocalGroupsToTokenInfo() failed (Status 0x%08lx)\n", Status);
1514  goto done;
1515  }
1516  }
1517 
1518  Status = LsapAddDefaultGroups(TokenInformation,
1519  TokenInformationType,
1520  LogonType);
1521  if (!NT_SUCCESS(Status))
1522  {
1523  ERR("LsapAddDefaultGroups() failed (Status 0x%08lx)\n", Status);
1524  goto done;
1525  }
1526 
1527  Status = LsapAddSamGroups(TokenInformation,
1528  TokenInformationType);
1529  if (!NT_SUCCESS(Status))
1530  {
1531  ERR("LsapAddSamGroups() failed (Status 0x%08lx)\n", Status);
1532  goto done;
1533  }
1534 
1535  Status = LsapSetTokenOwner(TokenInformation,
1536  TokenInformationType);
1537  if (!NT_SUCCESS(Status))
1538  {
1539  ERR("LsapSetTokenOwner() failed (Status 0x%08lx)\n", Status);
1540  goto done;
1541  }
1542 
1543  Status = LsapAddTokenDefaultDacl(TokenInformation,
1544  TokenInformationType);
1545  if (!NT_SUCCESS(Status))
1546  {
1547  ERR("LsapAddTokenDefaultDacl() failed (Status 0x%08lx)\n", Status);
1548  goto done;
1549  }
1550 
1551  Status = LsapSetPrivileges(TokenInformation,
1552  TokenInformationType);
1553  if (!NT_SUCCESS(Status))
1554  {
1555  ERR("LsapSetPrivileges() failed (Status 0x%08lx)\n", Status);
1556  goto done;
1557  }
1558 
1559  if (TokenInformationType == LsaTokenInformationNull)
1560  {
1563  TOKEN_GROUPS NoGroups = {0};
1564  TOKEN_PRIVILEGES NoPrivileges = {0};
1565 
1566  TokenInfo0 = (PLSA_TOKEN_INFORMATION_NULL)TokenInformation;
1567 
1568  TokenUser.User.Sid = LsapWorldSid;
1569  TokenUser.User.Attributes = 0;
1570  TokenPrimaryGroup.PrimaryGroup = LsapWorldSid;
1571 
1572  Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
1575  Qos.EffectiveOnly = TRUE;
1576 
1578  ObjectAttributes.RootDirectory = NULL;
1579  ObjectAttributes.ObjectName = NULL;
1580  ObjectAttributes.Attributes = 0;
1581  ObjectAttributes.SecurityDescriptor = NULL;
1582  ObjectAttributes.SecurityQualityOfService = &Qos;
1583 
1584  /* Create the logon token */
1589  &RequestMsg->LogonUser.Reply.LogonId,
1590  &TokenInfo0->ExpirationTime,
1591  &TokenUser,
1592  &NoGroups,
1593  &NoPrivileges,
1594  NULL,
1596  NULL,
1597  &RequestMsg->LogonUser.Request.SourceContext);
1598  }
1599  else if (TokenInformationType == LsaTokenInformationV1)
1600  {
1601  TOKEN_PRIVILEGES NoPrivileges = {0};
1602 
1603  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1604 
1605  Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
1608  Qos.EffectiveOnly = FALSE;
1609 
1611  ObjectAttributes.RootDirectory = NULL;
1612  ObjectAttributes.ObjectName = NULL;
1613  ObjectAttributes.Attributes = 0;
1614  ObjectAttributes.SecurityDescriptor = NULL;
1615  ObjectAttributes.SecurityQualityOfService = &Qos;
1616 
1617  /* Create the logon token */
1621  (RequestMsg->LogonUser.Request.LogonType == Network) ? TokenImpersonation : TokenPrimary,
1622  &RequestMsg->LogonUser.Reply.LogonId,
1623  &TokenInfo1->ExpirationTime,
1624  &TokenInfo1->User,
1625  TokenInfo1->Groups,
1626  TokenInfo1->Privileges ? TokenInfo1->Privileges : &NoPrivileges,
1627  &TokenInfo1->Owner,
1628  &TokenInfo1->PrimaryGroup,
1629  &TokenInfo1->DefaultDacl,
1630  &RequestMsg->LogonUser.Request.SourceContext);
1631  if (!NT_SUCCESS(Status))
1632  {
1633  ERR("NtCreateToken failed (Status 0x%08lx)\n", Status);
1634  goto done;
1635  }
1636  }
1637  else
1638  {
1639  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
1641  goto done;
1642  }
1643 
1644  /* Duplicate the token handle into the client process */
1646  TokenHandle,
1647  LogonContext->ClientProcessHandle,
1648  &RequestMsg->LogonUser.Reply.Token,
1649  0,
1650  0,
1652  if (!NT_SUCCESS(Status))
1653  {
1654  ERR("NtDuplicateObject failed (Status 0x%08lx)\n", Status);
1655  goto done;
1656  }
1657 
1658 // TokenHandle = NULL;
1659 
1660  if (LogonType == Interactive ||
1661  LogonType == Batch ||
1662  LogonType == Service)
1663  {
1664  UserName = &((PMSV1_0_INTERACTIVE_LOGON)LocalAuthInfo)->UserName;
1665  LogonDomainName = &((PMSV1_0_INTERACTIVE_LOGON)LocalAuthInfo)->LogonDomainName;
1666  }
1667  else
1668  {
1669  FIXME("LogonType %lu is not supported yet!\n", LogonType);
1670  }
1671 
1672  Status = LsapSetLogonSessionData(&RequestMsg->LogonUser.Reply.LogonId,
1673  LogonType,
1674  UserName,
1675  LogonDomainName,
1676  TokenInfo1->User.User.Sid);
1677  if (!NT_SUCCESS(Status))
1678  {
1679  ERR("LsapSetLogonSessionData failed (Status 0x%08lx)\n", Status);
1680  goto done;
1681  }
1682 
1683 done:
1684 // if (!NT_SUCCESS(Status))
1685 // {
1686  if (TokenHandle != NULL)
1688 // }
1689 
1690  /* Free the local groups */
1691  if (LocalGroups != NULL)
1692  {
1693  for (i = 0; i < LocalGroups->GroupCount; i++)
1694  {
1695  if (LocalGroups->Groups[i].Sid != NULL)
1696  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups->Groups[i].Sid);
1697  }
1698 
1699  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups);
1700  }
1701 
1702  /* Free the local authentication info buffer */
1703  if (LocalAuthInfo != NULL)
1704  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalAuthInfo);
1705 
1706  /* Free the token information */
1707  if (TokenInformation != NULL)
1708  {
1709  if (TokenInformationType == LsaTokenInformationNull)
1710  {
1711  TokenInfo0 = (PLSA_TOKEN_INFORMATION_NULL)TokenInformation;
1712 
1713  if (TokenInfo0 != NULL)
1714  {
1715  if (TokenInfo0->Groups != NULL)
1716  {
1717  for (i = 0; i < TokenInfo0->Groups->GroupCount; i++)
1718  {
1719  if (TokenInfo0->Groups->Groups[i].Sid != NULL)
1720  LsapFreeHeap(TokenInfo0->Groups->Groups[i].Sid);
1721  }
1722 
1723  LsapFreeHeap(TokenInfo0->Groups);
1724  }
1725 
1726  LsapFreeHeap(TokenInfo0);
1727  }
1728  }
1729  else if (TokenInformationType == LsaTokenInformationV1)
1730  {
1731  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1732 
1733  if (TokenInfo1 != NULL)
1734  {
1735  if (TokenInfo1->User.User.Sid != NULL)
1736  LsapFreeHeap(TokenInfo1->User.User.Sid);
1737 
1738  if (TokenInfo1->Groups != NULL)
1739  {
1740  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
1741  {
1742  if (TokenInfo1->Groups->Groups[i].Sid != NULL)
1743  LsapFreeHeap(TokenInfo1->Groups->Groups[i].Sid);
1744  }
1745 
1746  LsapFreeHeap(TokenInfo1->Groups);
1747  }
1748 
1749  if (TokenInfo1->PrimaryGroup.PrimaryGroup != NULL)
1750  LsapFreeHeap(TokenInfo1->PrimaryGroup.PrimaryGroup);
1751 
1752  if (TokenInfo1->Privileges != NULL)
1753  LsapFreeHeap(TokenInfo1->Privileges);
1754 
1755  if (TokenInfo1->Owner.Owner != NULL)
1756  LsapFreeHeap(TokenInfo1->Owner.Owner);
1757 
1758  if (TokenInfo1->DefaultDacl.DefaultDacl != NULL)
1759  LsapFreeHeap(TokenInfo1->DefaultDacl.DefaultDacl);
1760 
1761  LsapFreeHeap(TokenInfo1);
1762  }
1763  }
1764  else
1765  {
1766  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
1767  }
1768  }
1769 
1770  /* Free the account name */
1771  if (AccountName != NULL)
1772  {
1773  if (AccountName->Buffer != NULL)
1774  LsapFreeHeap(AccountName->Buffer);
1775 
1776  LsapFreeHeap(AccountName);
1777  }
1778 
1779  /* Free the authentication authority */
1780  if (AuthenticatingAuthority != NULL)
1781  {
1782  if (AuthenticatingAuthority != NULL)
1783  LsapFreeHeap(AuthenticatingAuthority->Buffer);
1784 
1785  LsapFreeHeap(AuthenticatingAuthority);
1786  }
1787 
1788  /* Free the machine name */
1789  if (MachineName != NULL)
1790  {
1791  if (MachineName->Buffer != NULL)
1792  LsapFreeHeap(MachineName->Buffer);
1793 
1795  }
1796 
1797  TRACE("LsapLogonUser done (Status 0x%08lx)\n", Status);
1798 
1799  return Status;
1800 }
LARGE_INTEGER ExpirationTime
Definition: authpackage.c:22
struct _LSA_LOGON_USER_MSG::@3322::@3324 Request
static NTSTATUS LsapAddDefaultGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN SECURITY_LOGON_TYPE LogonType)
Definition: authpackage.c:800
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
PLSA_AP_LOGON_USER_EX2 LsaApLogonUserEx2
Definition: authpackage.c:103
#define DUPLICATE_CLOSE_SOURCE
LSA_LOGON_USER_MSG LogonUser
Definition: lsass.h:186
LARGE_INTEGER ExpirationTime
Definition: authpackage.c:28
PLSA_AP_LOGON_USER_INTERNAL LsaApLogonUser
Definition: authpackage.c:105
static NTSTATUS LsapAddSamGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1006
#define TRUE
Definition: types.h:120
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:225
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
NTSTATUS LsapSetLogonSessionData(_In_ PLUID LogonId, _In_ ULONG LogonType, _In_ PUNICODE_STRING UserName, _In_ PUNICODE_STRING LogonDomain, _In_ PSID Sid)
Definition: session.c:67
#define STATUS_NO_SUCH_PACKAGE
Definition: ntstatus.h:476
_In_ DWORD _Out_ PDWORD _In_opt_ PCSTR MachineName
Definition: setupapi.h:1286
HANDLE ClientProcessHandle
Definition: lsasrv.h:79
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS LocalGroups
static NTSTATUS LsapSetTokenOwner(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1141
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
PLSA_AP_LOGON_USER_EX LsaApLogonUserEx
Definition: authpackage.c:104
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
static NTSTATUS LsapCopyLocalGroups(IN PLSAP_LOGON_CONTEXT LogonContext, IN PTOKEN_GROUPS ClientGroups, IN ULONG ClientGroupsCount, OUT PTOKEN_GROUPS *TokenGroups)
Definition: authpackage.c:609
PSID LsapWorldSid
Definition: lookup.c:78
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
static NTSTATUS LsapAddLocalGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN PTOKEN_GROUPS LocalGroups)
Definition: authpackage.c:717
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define DUPLICATE_SAME_ACCESS
#define FIXME(fmt,...)
Definition: debug.h:110
smooth NULL
Definition: ftsmooth.c:416
PSID Owner
Definition: setypes.h:974
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
struct _OBJECT_ATTRIBUTES OBJECT_ATTRIBUTES
#define NtCurrentProcess()
Definition: nt_native.h:1657
VOID NTAPI LsapFreeHeap(IN PVOID Base)
Definition: authpackage.c:381
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
struct _LSA_LOGON_USER_MSG::@3322::@3325 Reply
TOKEN_PRIMARY_GROUP PrimaryGroup
Definition: authpackage.c:31
#define TRACE(s)
Definition: solgame.cpp:4
struct _LSA_TOKEN_INFORMATION_NULL * PLSA_TOKEN_INFORMATION_NULL
static NTSTATUS LsapAddTokenDefaultDacl(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1183
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define TOKEN_ALL_ACCESS
Definition: setypes.h:892
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2691
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
#define SECURITY_DYNAMIC_TRACKING
Definition: setypes.h:103
__kernel_entry NTSTATUS NTAPI NtCreateToken(_Out_ PHANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PTOKEN_USER TokenUser, _In_ PTOKEN_GROUPS TokenGroups, _In_ PTOKEN_PRIVILEGES TokenPrivileges, _In_opt_ PTOKEN_OWNER TokenOwner, _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup, _In_opt_ PTOKEN_DEFAULT_DACL TokenDefaultDacl, _In_ PTOKEN_SOURCE TokenSource)
Definition: token.c:3420
Status
Definition: gdiplustypes.h:24
enum _LSA_TOKEN_INFORMATION_TYPE LSA_TOKEN_INFORMATION_TYPE
#define ERR(fmt,...)
Definition: debug.h:109
PTOKEN_PRIVILEGES Privileges
Definition: authpackage.c:32
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
#define DUPLICATE_SAME_ATTRIBUTES
Definition: obtypes.h:153
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
static NTSTATUS LsapSetPrivileges(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1288
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:964
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
TOKEN_DEFAULT_DACL DefaultDacl
Definition: authpackage.c:34
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
static PAUTH_PACKAGE LsapGetAuthenticationPackage(IN ULONG PackageId)
Definition: authpackage.c:341
$ULONG GroupCount
Definition: setypes.h:960
NTSTATUS NTAPI NtDuplicateObject(IN HANDLE SourceProcessHandle, IN HANDLE SourceHandle, IN HANDLE TargetProcessHandle OPTIONAL, OUT PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options)
Definition: obhandle.c:3407
unsigned int ULONG
Definition: retypes.h:1
SID_AND_ATTRIBUTES User
Definition: setypes.h:956
static ULONG PackageId
Definition: authpackage.c:163

Referenced by AuthPortThreadRoutine().

◆ LsapLookupAccountRightName()

NTSTATUS LsapLookupAccountRightName ( ULONG  RightValue,
PRPC_UNICODE_STRING Name 
)

Definition at line 343 of file privileges.c.

345 {
346  PRPC_UNICODE_STRING NameBuffer;
347  ULONG i;
348 
349  for (i = 0; i < ARRAYSIZE(WellKnownRights); i++)
350  {
351  if (WellKnownRights[i].Flag == RightValue)
352  {
353  NameBuffer = MIDL_user_allocate(sizeof(RPC_UNICODE_STRING));
354  if (NameBuffer == NULL)
355  return STATUS_NO_MEMORY;
356 
357  NameBuffer->Length = wcslen(WellKnownRights[i].Name) * sizeof(WCHAR);
358  NameBuffer->MaximumLength = NameBuffer->Length + sizeof(WCHAR);
359 
360  NameBuffer->Buffer = MIDL_user_allocate(NameBuffer->MaximumLength);
361  if (NameBuffer->Buffer == NULL)
362  {
363  MIDL_user_free(NameBuffer);
365  }
366 
367  wcscpy(NameBuffer->Buffer, WellKnownRights[i].Name);
368 
369  *Name = NameBuffer;
370 
371  return STATUS_SUCCESS;
372  }
373  }
374 
376 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
static const RIGHT_DATA WellKnownRights[]
Definition: privileges.c:62
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
LPCWSTR Name
Definition: privileges.c:23
smooth NULL
Definition: ftsmooth.c:416
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define STATUS_NO_SUCH_PRIVILEGE
Definition: ntstatus.h:318
Definition: xml2sdb.h:79
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
unsigned short Length
Definition: msv1_0.h:53
#define STATUS_NO_MEMORY
Definition: ntstatus.h:246
unsigned int ULONG
Definition: retypes.h:1
void *__RPC_USER MIDL_user_allocate(SIZE_T size)
Definition: irotp.c:371
return STATUS_SUCCESS
Definition: btrfs.c:2725
void __RPC_USER MIDL_user_free(void *p)
Definition: irotp.c:376
size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
unsigned short MaximumLength
Definition: msv1_0.h:54
wchar_t * Buffer
Definition: msv1_0.h:55

Referenced by LsarEnumerateAccountRights().

◆ LsapLookupAccountRightValue()

ACCESS_MASK LsapLookupAccountRightValue ( IN PRPC_UNICODE_STRING  Name)

Definition at line 380 of file privileges.c.

382 {
383  ULONG i;
384 
385  if (Name->Length == 0 || Name->Buffer == NULL)
386  return 0;
387 
388  for (i = 0; i < ARRAYSIZE(WellKnownRights); i++)
389  {
390  if (_wcsicmp(Name->Buffer, WellKnownRights[i].Name) == 0)
391  return WellKnownRights[i].Flag;
392  }
393 
394  return 0;
395 }
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
static const RIGHT_DATA WellKnownRights[]
Definition: privileges.c:62
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
LPCWSTR Name
Definition: privileges.c:23
smooth NULL
Definition: ftsmooth.c:416
Definition: xml2sdb.h:79
unsigned int ULONG
Definition: retypes.h:1
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)

Referenced by LsarAddAccountRights(), LsarEnumerateAccountsWithUserRight(), and LsarRemoveAccountRights().

◆ LsapLookupAuthenticationPackage()

NTSTATUS LsapLookupAuthenticationPackage ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 510 of file authpackage.c.

512 {
513  PLIST_ENTRY ListEntry;
514  PAUTH_PACKAGE Package;
515  ULONG PackageNameLength;
516  PCHAR PackageName;
517 
518  TRACE("(%p %p)\n", RequestMsg, LogonContext);
519 
520  PackageNameLength = RequestMsg->LookupAuthenticationPackage.Request.PackageNameLength;
521  PackageName = RequestMsg->LookupAuthenticationPackage.Request.PackageName;
522 
523  TRACE("PackageName: %s\n", PackageName);
524 
525  ListEntry = PackageListHead.Flink;
526  while (ListEntry != &PackageListHead)
527  {
528  Package = CONTAINING_RECORD(ListEntry, AUTH_PACKAGE, Entry);
529 
530  if ((PackageNameLength == Package->Name->Length) &&
531  (_strnicmp(PackageName, Package->Name->Buffer, Package->Name->Length) == 0))
532  {
533  RequestMsg->