ReactOS 0.4.16-dev-297-gc569aee
lsasrv.h File Reference
#include <stdarg.h>
#include <windef.h>
#include <winbase.h>
#include <winreg.h>
#include <ndk/cmfuncs.h>
#include <ndk/exfuncs.h>
#include <ndk/kefuncs.h>
#include <ndk/mmfuncs.h>
#include <ndk/obfuncs.h>
#include <ndk/psfuncs.h>
#include <ndk/rtlfuncs.h>
#include <ndk/sefuncs.h>
#include <ndk/ketypes.h>
#include <ndk/setypes.h>
#include <ntsam.h>
#include <ntlsa.h>
#include <sddl.h>
#include <srmp.h>
#include <lsass.h>
#include <lsa_s.h>
#include <wine/debug.h>
Include dependency graph for lsasrv.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  _LSA_DB_OBJECT
 
struct  _LSAP_POLICY_AUDIT_EVENTS_DATA
 
struct  _LSAP_LOGON_CONTEXT
 
struct  _SAMPR_ULONG_ARRAY
 

Macros

#define WIN32_NO_STATUS
 
#define _INC_WINDOWS
 
#define COM_NO_WINDOWS_H
 
#define NTOS_MODE_USER
 
#define LSAP_DB_SIGNATURE   0x12345678
 
#define POLICY_AUDIT_EVENT_TYPE_COUNT   (AuditCategoryAccountLogon - AuditCategorySystem + 1)
 

Typedefs

typedef enum _LSA_DB_OBJECT_TYPE LSA_DB_OBJECT_TYPE
 
typedef enum _LSA_DB_OBJECT_TYPEPLSA_DB_OBJECT_TYPE
 
typedef struct _LSA_DB_OBJECT LSA_DB_OBJECT
 
typedef struct _LSA_DB_OBJECTPLSA_DB_OBJECT
 
typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATA LSAP_POLICY_AUDIT_EVENTS_DATA
 
typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATAPLSAP_POLICY_AUDIT_EVENTS_DATA
 
typedef struct _LSAP_LOGON_CONTEXT LSAP_LOGON_CONTEXT
 
typedef struct _LSAP_LOGON_CONTEXTPLSAP_LOGON_CONTEXT
 
typedef struct _SAMPR_ULONG_ARRAY SAMPR_ULONG_ARRAY
 
typedef struct _SAMPR_ULONG_ARRAYPSAMPR_ULONG_ARRAY
 

Enumerations

enum  _LSA_DB_OBJECT_TYPE {
  LsaDbIgnoreObject , LsaDbPolicyObject , LsaDbAccountObject , LsaDbDomainObject ,
  LsaDbSecretObject
}
 

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (lsasrv)
 
NTSTATUS LsapInitAuthPackages (VOID)
 
NTSTATUS LsapLookupAuthenticationPackage (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
NTSTATUS LsapCallAuthenticationPackage (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
NTSTATUS LsapLogonUser (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
VOID LsapTerminateLogon (_In_ PLUID LogonId)
 
NTSTATUS StartAuthenticationPort (VOID)
 
NTSTATUS LsapInitDatabase (VOID)
 
NTSTATUS LsapCreateDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE HandleType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapOpenDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapValidateDbObject (IN LSAPR_HANDLE Handle, IN LSA_DB_OBJECT_TYPE HandleType, IN ACCESS_MASK GrantedAccess, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapCloseDbObject (IN PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapDeleteDbObject (IN PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapGetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
 
NTSTATUS LsapSetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
 
NTSTATUS LsapDeleteObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
 
VOID DsSetupInit (VOID)
 
NTSTATUS LsapInitSids (VOID)
 
ULONG LsapGetRelativeIdFromSid (PSID Sid)
 
NTSTATUS LsapLookupNames (DWORD Count, PRPC_UNICODE_STRING Names, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DWORD LookupOptions, DWORD ClientRevision)
 
NTSTATUS LsapLookupSids (PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_NAMES_EX TranslatedNames, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DWORD LookupOptions, DWORD ClientRevision)
 
NTSTATUS LsarStartRpcServer (VOID)
 
VOID LsapInitNotificationList (VOID)
 
NTSTATUS LsapRegisterNotification (PLSA_API_MSG RequestMsg)
 
VOID LsapNotifyPolicyChange (POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass)
 
NTSTATUS LsarQueryAuditLog (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryAuditEvents (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryPrimaryDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryPdAccount (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryServerRole (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryReplicaSource (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryDefaultQuota (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryModification (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryAuditFull (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryDnsDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryDnsDomainInt (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryLocalAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarSetAuditLog (PLSA_DB_OBJECT PolicyObject, PPOLICY_AUDIT_LOG_INFO Info)
 
NTSTATUS LsarSetAuditEvents (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_AUDIT_EVENTS_INFO Info)
 
NTSTATUS LsarSetPrimaryDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_PRIMARY_DOM_INFO Info)
 
NTSTATUS LsarSetAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
 
NTSTATUS LsarSetServerRole (PLSA_DB_OBJECT PolicyObject, PPOLICY_LSA_SERVER_ROLE_INFO Info)
 
NTSTATUS LsarSetReplicaSource (PLSA_DB_OBJECT PolicyObject, PPOLICY_LSA_REPLICA_SRCE_INFO Info)
 
NTSTATUS LsarSetDefaultQuota (PLSA_DB_OBJECT PolicyObject, PPOLICY_DEFAULT_QUOTA_INFO Info)
 
NTSTATUS LsarSetModification (PLSA_DB_OBJECT PolicyObject, PPOLICY_MODIFICATION_INFO Info)
 
NTSTATUS LsarSetAuditFull (PLSA_DB_OBJECT PolicyObject, PPOLICY_AUDIT_FULL_QUERY_INFO Info)
 
NTSTATUS LsarSetDnsDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
 
NTSTATUS LsarSetDnsDomainInt (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
 
NTSTATUS LsarSetLocalAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
 
NTSTATUS LsarpLookupPrivilegeName (PLUID Value, PRPC_UNICODE_STRING *Name)
 
NTSTATUS LsarpLookupPrivilegeDisplayName (PRPC_UNICODE_STRING Name, USHORT ClientLanguage, USHORT ClientSystemDefaultLanguage, PRPC_UNICODE_STRING *DisplayName, USHORT *LanguageReturned)
 
PLUID LsarpLookupPrivilegeValue (IN PRPC_UNICODE_STRING Name)
 
NTSTATUS LsarpEnumeratePrivileges (DWORD *EnumerationContext, PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer, DWORD PreferedMaximumLength)
 
NTSTATUS LsapLookupAccountRightName (ULONG RightValue, PRPC_UNICODE_STRING *Name)
 
ACCESS_MASK LsapLookupAccountRightValue (IN PRPC_UNICODE_STRING Name)
 
NTSTATUS LsapRegCloseKey (IN HANDLE KeyHandle)
 
NTSTATUS LsapRegCreateKey (IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName, IN ACCESS_MASK DesiredAccess, OUT HANDLE KeyHandle)
 
NTSTATUS LsapRegDeleteSubKey (IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
 
NTSTATUS LsapRegDeleteKey (IN HANDLE KeyHandle)
 
NTSTATUS LsapRegEnumerateSubKey (IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
 
NTSTATUS LsapRegOpenKey (IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName, IN ACCESS_MASK DesiredAccess, OUT HANDLE KeyHandle)
 
NTSTATUS LsapRegQueryKeyInfo (IN HANDLE KeyHandle, OUT PULONG SubKeyCount, OUT PULONG MaxSubKeyNameLength, OUT PULONG ValueCount)
 
NTSTATUS LsapRegDeleteValue (IN HANDLE KeyHandle, IN LPWSTR ValueName)
 
NTSTATUS LsapRegEnumerateValue (IN HANDLE KeyHandle, IN ULONG Index, OUT LPWSTR Name, IN OUT PULONG NameLength, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL)
 
NTSTATUS LsapRegQueryValue (IN HANDLE KeyHandle, IN LPWSTR ValueName, OUT PULONG Type OPTIONAL, OUT LPVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL)
 
NTSTATUS LsapRegSetValue (IN HANDLE KeyHandle, IN LPWSTR ValueName, IN ULONG Type, IN LPVOID Data, IN ULONG DataLength)
 
NTSTATUS LsapCreatePolicySd (PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
 
NTSTATUS LsapCreateAccountSd (PSECURITY_DESCRIPTOR *AccountSd, PULONG AccountSdSize)
 
NTSTATUS LsapCreateSecretSd (PSECURITY_DESCRIPTOR *SecretSd, PULONG SecretSdSize)
 
NTSTATUS LsapCreateTokenSd (_In_ const TOKEN_USER *User, _Outptr_ PSECURITY_DESCRIPTOR *TokenSd, _Out_ PULONG TokenSdSize)
 Creates a security descriptor for the token object.
 
VOID LsapInitLogonSessions (VOID)
 
NTSTATUS NTAPI LsapCreateLogonSession (IN PLUID LogonId)
 
NTSTATUS NTAPI LsapDeleteLogonSession (IN PLUID LogonId)
 
NTSTATUS NTAPI LsapAddCredential (_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue, _In_ PLSA_STRING Credential)
 
NTSTATUS NTAPI LsapGetCredentials (_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _Inout_ PULONG QueryContext, _In_ BOOLEAN RetrieveAllCredentials, _Inout_ PLSA_STRING PrimaryKeyValue, _Out_ PULONG PrimaryKeyLength, _Out_ PLSA_STRING Credentials)
 
NTSTATUS NTAPI LsapDeleteCredential (_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue)
 
NTSTATUS LsapSetLogonSessionData (_In_ PLUID LogonId, _In_ ULONG LogonType, _In_ PUNICODE_STRING UserName, _In_ PUNICODE_STRING LogonDomain, _In_ PSID Sid)
 
NTSTATUS LsapEnumLogonSessions (IN OUT PLSA_API_MSG RequestMsg)
 
NTSTATUS LsapGetLogonSessionData (IN OUT PLSA_API_MSG RequestMsg)
 
NTSTATUS LsapRmInitializeServer (VOID)
 
NTSTATUS LsapRmCreateLogonSession (PLUID LogonId)
 
NTSTATUS LsapRmDeleteLogonSession (PLUID LogonId)
 
INT LsapLoadString (HINSTANCE hInstance, UINT uId, LPWSTR lpBuffer, INT nBufferMax)
 
INT LsapGetResourceStringLengthEx (_In_ HINSTANCE hInstance, _In_ UINT uId, _In_ USHORT usLanguage)
 
INT LsapLoadStringEx (_In_ HINSTANCE hInstance, _In_ UINT uId, _In_ USHORT usLanguage, _Out_ LPWSTR lpBuffer, _Out_ INT nBufferMax)
 
PSID LsapAppendRidToSid (PSID SrcSid, ULONG Rid)
 

Variables

NT_PRODUCT_TYPE LsapProductType
 
SID_IDENTIFIER_AUTHORITY NullSidAuthority
 
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
 
SID_IDENTIFIER_AUTHORITY LocalSidAuthority
 
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
 
SID_IDENTIFIER_AUTHORITY NtAuthority
 
PSID BuiltinDomainSid
 
UNICODE_STRING BuiltinDomainName
 
PSID AccountDomainSid
 
UNICODE_STRING AccountDomainName
 
PSID LsapWorldSid
 
PSID LsapNetworkSid
 
PSID LsapBatchSid
 
PSID LsapInteractiveSid
 
PSID LsapServiceSid
 
PSID LsapLocalSystemSid
 
PSID LsapAdministratorsSid
 

Macro Definition Documentation

◆ _INC_WINDOWS

#define _INC_WINDOWS

Definition at line 16 of file lsasrv.h.

◆ COM_NO_WINDOWS_H

#define COM_NO_WINDOWS_H

Definition at line 17 of file lsasrv.h.

◆ LSAP_DB_SIGNATURE

#define LSAP_DB_SIGNATURE   0x12345678

Definition at line 67 of file lsasrv.h.

◆ NTOS_MODE_USER

#define NTOS_MODE_USER

Definition at line 23 of file lsasrv.h.

◆ POLICY_AUDIT_EVENT_TYPE_COUNT

#define POLICY_AUDIT_EVENT_TYPE_COUNT   (AuditCategoryAccountLogon - AuditCategorySystem + 1)

Definition at line 69 of file lsasrv.h.

◆ WIN32_NO_STATUS

#define WIN32_NO_STATUS

Definition at line 15 of file lsasrv.h.

Typedef Documentation

◆ LSA_DB_OBJECT

◆ LSA_DB_OBJECT_TYPE

◆ LSAP_LOGON_CONTEXT

◆ LSAP_POLICY_AUDIT_EVENTS_DATA

◆ PLSA_DB_OBJECT

◆ PLSA_DB_OBJECT_TYPE

◆ PLSAP_LOGON_CONTEXT

◆ PLSAP_POLICY_AUDIT_EVENTS_DATA

◆ PSAMPR_ULONG_ARRAY

◆ SAMPR_ULONG_ARRAY

Enumeration Type Documentation

◆ _LSA_DB_OBJECT_TYPE

Enumerator
LsaDbIgnoreObject 
LsaDbPolicyObject 
LsaDbAccountObject 
LsaDbDomainObject 
LsaDbSecretObject 

Definition at line 47 of file lsasrv.h.

48{
enum _LSA_DB_OBJECT_TYPE LSA_DB_OBJECT_TYPE
@ LsaDbIgnoreObject
Definition: lsasrv.h:49
@ LsaDbDomainObject
Definition: lsasrv.h:52
@ LsaDbSecretObject
Definition: lsasrv.h:53
@ LsaDbAccountObject
Definition: lsasrv.h:51
@ LsaDbPolicyObject
Definition: lsasrv.h:50
enum _LSA_DB_OBJECT_TYPE * PLSA_DB_OBJECT_TYPE

Function Documentation

◆ DsSetupInit()

VOID DsSetupInit ( VOID  )

Definition at line 22 of file dssetup.c.

23{
25
26 Status = RpcServerRegisterIf(dssetup_v0_0_s_ifspec,
27 NULL,
28 NULL);
29 if (Status != RPC_S_OK)
30 {
31 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status);
32 return;
33 }
34}
#define WARN(fmt,...)
Definition: precomp.h:61
#define NULL
Definition: types.h:112
Status
Definition: gdiplustypes.h:25
RPC_STATUS WINAPI RpcServerRegisterIf(RPC_IF_HANDLE IfSpec, UUID *MgrTypeUuid, RPC_MGR_EPV *MgrEpv)
Definition: rpc_server.c:1116
#define RPC_S_OK
Definition: rpcnterr.h:22
long RPC_STATUS
Definition: rpc.h:52

Referenced by LsarStartRpcServer().

◆ LsapAddCredential()

NTSTATUS NTAPI LsapAddCredential ( _In_ PLUID  LogonId,
_In_ ULONG  AuthenticationPackage,
_In_ PLSA_STRING  PrimaryKeyValue,
_In_ PLSA_STRING  Credential 
)

Definition at line 259 of file session.c.

264{
265
266 return STATUS_SUCCESS;
267}
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapInitAuthPackages().

◆ LsapAppendRidToSid()

PSID LsapAppendRidToSid ( PSID  SrcSid,
ULONG  Rid 
)

Definition at line 152 of file utils.c.

155{
156 ULONG Rids[8] = {0, 0, 0, 0, 0, 0, 0, 0};
157 UCHAR RidCount;
158 PSID DstSid;
159 ULONG i;
160
161 RidCount = *RtlSubAuthorityCountSid(SrcSid);
162 if (RidCount >= 8)
163 return NULL;
164
165 for (i = 0; i < RidCount; i++)
166 Rids[i] = *RtlSubAuthoritySid(SrcSid, i);
167
168 Rids[RidCount] = Rid;
169 RidCount++;
170
172 RidCount,
173 Rids[0],
174 Rids[1],
175 Rids[2],
176 Rids[3],
177 Rids[4],
178 Rids[5],
179 Rids[6],
180 Rids[7],
181 &DstSid);
182
183 return DstSid;
184}
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
NTSYSAPI PSID_IDENTIFIER_AUTHORITY NTAPI RtlIdentifierAuthoritySid(PSID Sid)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
Definition: sid.c:104
uint32_t ULONG
Definition: typedefs.h:59
unsigned char UCHAR
Definition: xmlstorage.h:181

Referenced by LsapAppendSidToGroups().

◆ LsapCallAuthenticationPackage()

NTSTATUS LsapCallAuthenticationPackage ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 564 of file authpackage.c.

566{
567 PAUTH_PACKAGE Package;
568 PVOID LocalBuffer = NULL;
571
572 TRACE("(%p %p)\n", RequestMsg, LogonContext);
573
574 PackageId = RequestMsg->CallAuthenticationPackage.Request.AuthenticationPackage;
575
576 /* Get the right authentication package */
578 if (Package == NULL)
579 {
580 TRACE("LsapGetAuthenticationPackage() failed to find a package\n");
582 }
583
584 if (RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength > 0)
585 {
586 LocalBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
588 RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength);
589 if (LocalBuffer == NULL)
590 {
592 }
593
595 RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
596 LocalBuffer,
597 RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
598 NULL);
599 if (!NT_SUCCESS(Status))
600 {
601 TRACE("NtReadVirtualMemory() failed (Status 0x%08lx)\n", Status);
602 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalBuffer);
603 return Status;
604 }
605 }
606
607 if (LogonContext->TrustedCaller)
608 Status = Package->LsaApCallPackage((PLSA_CLIENT_REQUEST)LogonContext,
609 LocalBuffer,
610 RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
611 RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
612 &RequestMsg->CallAuthenticationPackage.Reply.ProtocolReturnBuffer,
613 &RequestMsg->CallAuthenticationPackage.Reply.ReturnBufferLength,
614 &RequestMsg->CallAuthenticationPackage.Reply.ProtocolStatus);
615 else
617 LocalBuffer,
618 RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
619 RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
620 &RequestMsg->CallAuthenticationPackage.Reply.ProtocolReturnBuffer,
621 &RequestMsg->CallAuthenticationPackage.Reply.ReturnBufferLength,
622 &RequestMsg->CallAuthenticationPackage.Reply.ProtocolStatus);
623 if (!NT_SUCCESS(Status))
624 {
625 TRACE("Package->LsaApCallPackage() failed (Status 0x%08lx)\n", Status);
626 }
627
628 if (LocalBuffer != NULL)
629 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalBuffer);
630
631 return Status;
632}
static PAUTH_PACKAGE LsapGetAuthenticationPackage(IN ULONG PackageId)
Definition: authpackage.c:341
static ULONG PackageId
Definition: authpackage.c:163
LONG NTSTATUS
Definition: precomp.h:26
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:590
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:608
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2816
#define STATUS_NO_SUCH_PACKAGE
Definition: ntstatus.h:490
#define TRACE(s)
Definition: solgame.cpp:4
PLSA_AP_CALL_PACKAGE_UNTRUSTED LsaApCallPackageUntrusted
Definition: authpackage.c:101
PLSA_AP_CALL_PACKAGE_INTERNAL LsaApCallPackage
Definition: authpackage.c:99
BOOL TrustedCaller
Definition: lsasrv.h:82
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
LSA_CALL_AUTHENTICATION_PACKAGE_MSG CallAuthenticationPackage
Definition: lsass.h:188
struct _LSA_CALL_AUTHENTICATION_PACKAGE_MSG::@3494::@3497 Reply
struct _LSA_CALL_AUTHENTICATION_PACKAGE_MSG::@3494::@3496 Request
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158

Referenced by AuthPortThreadRoutine().

◆ LsapCloseDbObject()

NTSTATUS LsapCloseDbObject ( IN PLSA_DB_OBJECT  DbObject)

◆ LsapCreateAccountSd()

NTSTATUS LsapCreateAccountSd ( PSECURITY_DESCRIPTOR AccountSd,
PULONG  AccountSdSize 
)

Definition at line 268 of file security.c.

270{
271 SECURITY_DESCRIPTOR AbsoluteSd;
272 PSECURITY_DESCRIPTOR RelativeSd = NULL;
273 ULONG RelativeSdSize = 0;
274 PSID AdministratorsSid = NULL;
275 PSID EveryoneSid = NULL;
277 PACL Dacl = NULL;
280
281 if (AccountSd == NULL || AccountSdSize == NULL)
283
284 *AccountSd = NULL;
285 *AccountSdSize = 0;
286
287 /* Initialize the SD */
290 if (!NT_SUCCESS(Status))
291 return Status;
292
294 2,
297 0,
298 0,
299 0,
300 0,
301 0,
302 0,
303 &AdministratorsSid);
304 if (!NT_SUCCESS(Status))
305 goto done;
306
308 1,
310 0,
311 0,
312 0,
313 0,
314 0,
315 0,
316 0,
317 &EveryoneSid);
318 if (!NT_SUCCESS(Status))
319 goto done;
320
322 1,
324 0,
325 0,
326 0,
327 0,
328 0,
329 0,
330 0,
332 if (!NT_SUCCESS(Status))
333 goto done;
334
335 /* Allocate and initialize the DACL */
336 DaclSize = sizeof(ACL) +
337 sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AdministratorsSid) +
338 sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(EveryoneSid);
339
340 Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
342 DaclSize);
343 if (Dacl == NULL)
344 {
346 goto done;
347 }
348
350 DaclSize,
352 if (!NT_SUCCESS(Status))
353 goto done;
354
358 AdministratorsSid);
359 if (!NT_SUCCESS(Status))
360 goto done;
361
365 EveryoneSid);
366 if (!NT_SUCCESS(Status))
367 goto done;
368
370 TRUE,
371 Dacl,
372 FALSE);
373 if (!NT_SUCCESS(Status))
374 goto done;
375
378 FALSE);
379 if (!NT_SUCCESS(Status))
380 goto done;
381
383 AdministratorsSid,
384 FALSE);
385 if (!NT_SUCCESS(Status))
386 goto done;
387
389 RelativeSd,
390 &RelativeSdSize);
392 goto done;
393
394 RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(),
396 RelativeSdSize);
397 if (RelativeSd == NULL)
398 {
400 goto done;
401 }
402
404 RelativeSd,
405 &RelativeSdSize);
406 if (!NT_SUCCESS(Status))
407 goto done;
408
409 *AccountSd = RelativeSd;
410 *AccountSdSize = RelativeSdSize;
411
412done:
413 if (Dacl != NULL)
414 RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
415
416 if (AdministratorsSid != NULL)
417 RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
418
419 if (EveryoneSid != NULL)
420 RtlFreeHeap(RtlGetProcessHeap(), 0, EveryoneSid);
421
422 if (LocalSystemSid != NULL)
423 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
424
425 if (!NT_SUCCESS(Status))
426 {
427 if (RelativeSd != NULL)
428 RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
429 }
430
431 return Status;
432}
PSID LocalSystemSid
Definition: globals.c:16
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:18
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:15
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
struct _ACL ACL
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1605
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1606
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
Definition: sd.c:410
NTSYSAPI NTSTATUS NTAPI RtlAbsoluteToSelfRelativeSD(IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, IN PULONG BufferLength)
Definition: sd.c:626
#define ACCOUNT_EXECUTE
Definition: ntlsa.h:36
#define ACCOUNT_ALL_ACCESS
Definition: ntlsa.h:33
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
#define SECURITY_WORLD_RID
Definition: setypes.h:541
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
#define ACL_REVISION
Definition: setypes.h:39
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652

Referenced by LsarpCreateAccount().

◆ LsapCreateDbObject()

NTSTATUS LsapCreateDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  HandleType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 592 of file database.c.

599{
603 HANDLE ParentKeyHandle;
604 HANDLE ContainerKeyHandle = NULL;
605 HANDLE ObjectKeyHandle = NULL;
607
608 if (DbObject == NULL)
610
611 if (ParentObject == NULL)
612 ParentKeyHandle = SecurityKeyHandle;
613 else
614 ParentKeyHandle = ParentObject->KeyHandle;
615
616 if (ContainerName != NULL)
617 {
618 /* Open the container key */
620 ContainerName);
621
623 &KeyName,
625 ParentKeyHandle,
626 NULL);
627
628 Status = NtOpenKey(&ContainerKeyHandle,
631 if (!NT_SUCCESS(Status))
632 {
633 return Status;
634 }
635
636 /* Open the object key */
638 ObjectName);
639
641 &KeyName,
643 ContainerKeyHandle,
644 NULL);
645
646 Status = NtCreateKey(&ObjectKeyHandle,
649 0,
650 NULL,
651 0,
652 NULL);
653
654 NtClose(ContainerKeyHandle);
655
656 if (!NT_SUCCESS(Status))
657 {
658 return Status;
659 }
660 }
661 else
662 {
664 ObjectName);
665
667 &KeyName,
669 ParentKeyHandle,
670 NULL);
671
672 Status = NtCreateKey(&ObjectKeyHandle,
675 0,
676 NULL,
677 0,
678 NULL);
679 if (!NT_SUCCESS(Status))
680 {
681 return Status;
682 }
683 }
684
685 NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
686 0,
687 sizeof(LSA_DB_OBJECT));
688 if (NewObject == NULL)
689 {
690 NtClose(ObjectKeyHandle);
691 return STATUS_NO_MEMORY;
692 }
693
694 NewObject->Signature = LSAP_DB_SIGNATURE;
695 NewObject->RefCount = 1;
696 NewObject->ObjectType = ObjectType;
697 NewObject->Access = DesiredAccess;
698 NewObject->KeyHandle = ObjectKeyHandle;
699 NewObject->ParentObject = ParentObject;
700 NewObject->Trusted = Trusted;
701
702 if (ParentObject != NULL)
703 ParentObject->RefCount++;
704
705 *DbObject = NewObject;
706
707 return STATUS_SUCCESS;
708}
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
#define STATUS_NO_MEMORY
Definition: d3dkmdt.h:51
static HANDLE SecurityKeyHandle
Definition: database.c:15
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:67
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
ObjectType
Definition: metafile.c:81
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2699
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:64
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:74

Referenced by LsarCreateSecret(), LsarpCreateAccount(), and LsarStorePrivateData().

◆ LsapCreateLogonSession()

NTSTATUS NTAPI LsapCreateLogonSession ( IN PLUID  LogonId)

Definition at line 159 of file session.c.

160{
161 PLSAP_LOGON_SESSION Session;
163
164 TRACE("LsapCreateLogonSession(%p)\n", LogonId);
165
166 /* Fail, if a session already exists */
169
170 /* Allocate a new session entry */
171 Session = RtlAllocateHeap(RtlGetProcessHeap(),
173 sizeof(LSAP_LOGON_SESSION));
174 if (Session == NULL)
176
177 /* Initialize the session entry */
178 RtlCopyLuid(&Session->LogonId, LogonId);
179
180 TRACE("LsapCreateLogonSession(<0x%lx,0x%lx>)\n",
181 LogonId->HighPart, LogonId->LowPart);
182
183 /* Tell ntoskrnl to create a new logon session */
185 if (!NT_SUCCESS(Status))
186 {
187 RtlFreeHeap(RtlGetProcessHeap(), 0, Session);
188 return Status;
189 }
190
191 /* Insert the new session into the session list */
193 SessionCount++;
194
195 return STATUS_SUCCESS;
196}
NTSTATUS LsapRmCreateLogonSession(PLUID LogonId)
Definition: srm.c:245
ULONG SessionCount
Definition: session.c:31
LIST_ENTRY SessionListHead
Definition: session.c:30
static PLSAP_LOGON_SESSION LsapGetLogonSession(IN PLUID LogonId)
Definition: session.c:45
#define InsertHeadList(ListHead, Entry)
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
#define STATUS_LOGON_SESSION_COLLISION
Definition: ntstatus.h:497
LIST_ENTRY Entry
Definition: session.c:13

Referenced by LsapInitAuthPackages().

◆ LsapCreatePolicySd()

NTSTATUS LsapCreatePolicySd ( PSECURITY_DESCRIPTOR PolicySd,
PULONG  PolicySdSize 
)

Definition at line 14 of file security.c.

16{
17 SECURITY_DESCRIPTOR AbsoluteSd;
18 PSECURITY_DESCRIPTOR RelativeSd = NULL;
19 ULONG RelativeSdSize = 0;
20 PSID AnonymousSid = NULL;
21 PSID AdministratorsSid = NULL;
22 PSID EveryoneSid = NULL;
26 PACL Dacl = NULL;
29
30 if (PolicySd == NULL || PolicySdSize == NULL)
32
33 *PolicySd = NULL;
34 *PolicySdSize = 0;
35
36 /* Initialize the SD */
39 if (!NT_SUCCESS(Status))
40 return Status;
41
43 1,
45 0,
46 0,
47 0,
48 0,
49 0,
50 0,
51 0,
52 &AnonymousSid);
53 if (!NT_SUCCESS(Status))
54 goto done;
55
57 2,
60 0,
61 0,
62 0,
63 0,
64 0,
65 0,
66 &AdministratorsSid);
67 if (!NT_SUCCESS(Status))
68 goto done;
69
71 1,
73 0,
74 0,
75 0,
76 0,
77 0,
78 0,
79 0,
80 &EveryoneSid);
81 if (!NT_SUCCESS(Status))
82 goto done;
83
85 1,
87 0,
88 0,
89 0,
90 0,
91 0,
92 0,
93 0,
95 if (!NT_SUCCESS(Status))
96 goto done;
97
99 1,
101 0,
102 0,
103 0,
104 0,
105 0,
106 0,
107 0,
109 if (!NT_SUCCESS(Status))
110 goto done;
111
113 1,
115 0,
116 0,
117 0,
118 0,
119 0,
120 0,
121 0,
123 if (!NT_SUCCESS(Status))
124 goto done;
125
126 /* Allocate and initialize the DACL */
127 DaclSize = sizeof(ACL) +
128 sizeof(ACCESS_DENIED_ACE) - sizeof(ULONG) + RtlLengthSid(AnonymousSid) +
129 sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AdministratorsSid) +
130 sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(EveryoneSid) +
131 sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AnonymousSid) +
134
135 Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
137 DaclSize);
138 if (Dacl == NULL)
139 {
141 goto done;
142 }
143
145 DaclSize,
147 if (!NT_SUCCESS(Status))
148 goto done;
149
153 AnonymousSid);
154 if (!NT_SUCCESS(Status))
155 goto done;
156
160 AdministratorsSid);
161 if (!NT_SUCCESS(Status))
162 goto done;
163
167 EveryoneSid);
168 if (!NT_SUCCESS(Status))
169 goto done;
170
174 AnonymousSid);
175 if (!NT_SUCCESS(Status))
176 goto done;
177
182 if (!NT_SUCCESS(Status))
183 goto done;
184
189 if (!NT_SUCCESS(Status))
190 goto done;
191
193 TRUE,
194 Dacl,
195 FALSE);
196 if (!NT_SUCCESS(Status))
197 goto done;
198
201 FALSE);
202 if (!NT_SUCCESS(Status))
203 goto done;
204
206 AdministratorsSid,
207 FALSE);
208 if (!NT_SUCCESS(Status))
209 goto done;
210
212 RelativeSd,
213 &RelativeSdSize);
215 goto done;
216
217 RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(),
219 RelativeSdSize);
220 if (RelativeSd == NULL)
221 {
223 goto done;
224 }
225
227 RelativeSd,
228 &RelativeSdSize);
229 if (!NT_SUCCESS(Status))
230 goto done;
231
232 *PolicySd = RelativeSd;
233 *PolicySdSize = RelativeSdSize;
234
235done:
236 if (Dacl != NULL)
237 RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
238
239 if (AnonymousSid != NULL)
240 RtlFreeHeap(RtlGetProcessHeap(), 0, AnonymousSid);
241
242 if (AdministratorsSid != NULL)
243 RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
244
245 if (EveryoneSid != NULL)
246 RtlFreeHeap(RtlGetProcessHeap(), 0, EveryoneSid);
247
248 if (LocalServiceSid != NULL)
249 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalServiceSid);
250
251 if (NetworkServiceSid != NULL)
252 RtlFreeHeap(RtlGetProcessHeap(), 0, NetworkServiceSid);
253
254 if (LocalSystemSid != NULL)
255 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
256
257 if (!NT_SUCCESS(Status))
258 {
259 if (RelativeSd != NULL)
260 RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
261 }
262
263 return Status;
264}
PSID NetworkServiceSid
Definition: globals.c:16
PSID LocalServiceSid
Definition: globals.c:16
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)
#define POLICY_EXECUTE
Definition: ntsecapi.h:76
#define POLICY_NOTIFICATION
Definition: ntsecapi.h:73
#define POLICY_VIEW_LOCAL_INFORMATION
Definition: ntsecapi.h:61
#define POLICY_ALL_ACCESS
Definition: ntsecapi.h:77
#define POLICY_LOOKUP_NAMES
Definition: ntsecapi.h:72
#define SECURITY_ANONYMOUS_LOGON_RID
Definition: setypes.h:563
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:575
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:576

Referenced by LsapCreateDatabaseObjects().

◆ LsapCreateSecretSd()

NTSTATUS LsapCreateSecretSd ( PSECURITY_DESCRIPTOR SecretSd,
PULONG  SecretSdSize 
)

Definition at line 436 of file security.c.

438{
439 SECURITY_DESCRIPTOR AbsoluteSd;
440 PSECURITY_DESCRIPTOR RelativeSd = NULL;
441 ULONG RelativeSdSize = 0;
442 PSID AdministratorsSid = NULL;
443 PSID EveryoneSid = NULL;
445 PACL Dacl = NULL;
448
449 if (SecretSd == NULL || SecretSdSize == NULL)
451
452 *SecretSd = NULL;
453 *SecretSdSize = 0;
454
455 /* Initialize the SD */
458 if (!NT_SUCCESS(Status))
459 return Status;
460
462 2,
465 0,
466 0,
467 0,
468 0,
469 0,
470 0,
471 &AdministratorsSid);
472 if (!NT_SUCCESS(Status))
473 goto done;
474
476 1,
478 0,
479 0,
480 0,
481 0,
482 0,
483 0,
484 0,
485 &EveryoneSid);
486 if (!NT_SUCCESS(Status))
487 goto done;
488
490 1,
492 0,
493 0,
494 0,
495 0,
496 0,
497 0,
498 0,
500 if (!NT_SUCCESS(Status))
501 goto done;
502
503 /* Allocate and initialize the DACL */
504 DaclSize = sizeof(ACL) +
505 sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AdministratorsSid) +
506 sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(EveryoneSid);
507
508 Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
510 DaclSize);
511 if (Dacl == NULL)
512 {
514 goto done;
515 }
516
518 DaclSize,
520 if (!NT_SUCCESS(Status))
521 goto done;
522
526 AdministratorsSid);
527 if (!NT_SUCCESS(Status))
528 goto done;
529
533 EveryoneSid);
534 if (!NT_SUCCESS(Status))
535 goto done;
536
538 TRUE,
539 Dacl,
540 FALSE);
541 if (!NT_SUCCESS(Status))
542 goto done;
543
546 FALSE);
547 if (!NT_SUCCESS(Status))
548 goto done;
549
551 AdministratorsSid,
552 FALSE);
553 if (!NT_SUCCESS(Status))
554 goto done;
555
557 RelativeSd,
558 &RelativeSdSize);
560 goto done;
561
562 RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(),
564 RelativeSdSize);
565 if (RelativeSd == NULL)
566 {
568 goto done;
569 }
570
572 RelativeSd,
573 &RelativeSdSize);
574 if (!NT_SUCCESS(Status))
575 goto done;
576
577 *SecretSd = RelativeSd;
578 *SecretSdSize = RelativeSdSize;
579
580done:
581 if (Dacl != NULL)
582 RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
583
584 if (AdministratorsSid != NULL)
585 RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
586
587 if (EveryoneSid != NULL)
588 RtlFreeHeap(RtlGetProcessHeap(), 0, EveryoneSid);
589
590 if (LocalSystemSid != NULL)
591 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
592
593 if (!NT_SUCCESS(Status))
594 {
595 if (RelativeSd != NULL)
596 RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
597 }
598
599 return Status;
600}
#define SECRET_ALL_ACCESS
Definition: ntlsa.h:41
#define SECRET_EXECUTE
Definition: ntlsa.h:44

Referenced by LsarCreateSecret().

◆ LsapCreateTokenSd()

NTSTATUS LsapCreateTokenSd ( _In_ const TOKEN_USER User,
_Outptr_ PSECURITY_DESCRIPTOR TokenSd,
_Out_ PULONG  TokenSdSize 
)

Creates a security descriptor for the token object.

Parameters
[in]UserA primary user to be given to the function. This user represents the owner that is in charge of this object.
[out]TokenSdA pointer to an allocated security descriptor for the token object.
[out]TokenSdSizeA pointer to a returned size of the descriptor.
Returns
STATUS_SUCCESS is returned if the function has successfully created the security descriptor. STATUS_INVALID_PARAMETER is returned if one of the parameters are not valid. STATUS_INSUFFICIENT_RESOURCES is returned if memory heap allocation for specific security buffers couldn't be done. A NTSTATUS status code is returned otherwise.
Remarks
Bot the local system and user are given full access rights for the token (they can open it, read and write into it, etc.) whereas admins can only read from the token. This security descriptor is TO NOT BE confused with the default DACL of the token which is another thing that serves different purpose.

Definition at line 637 of file security.c.

641{
642 SECURITY_DESCRIPTOR AbsoluteSd;
643 PSECURITY_DESCRIPTOR RelativeSd = NULL;
644 ULONG RelativeSdSize = 0;
645 PSID AdministratorsSid = NULL;
647 PACL Dacl = NULL;
650
651 if (TokenSd == NULL || TokenSdSize == NULL)
653
654 *TokenSd = NULL;
655 *TokenSdSize = 0;
656
657 /* Initialize the SD */
660 if (!NT_SUCCESS(Status))
661 return Status;
662
664 1,
666 0, 0, 0, 0, 0, 0, 0,
668 if (!NT_SUCCESS(Status))
669 goto done;
670
672 2,
675 0, 0, 0, 0, 0, 0,
676 &AdministratorsSid);
677 if (!NT_SUCCESS(Status))
678 goto done;
679
680 /* Allocate and initialize the DACL */
681 DaclSize = sizeof(ACL) +
683 sizeof(ACCESS_ALLOWED_ACE) + RtlLengthSid(AdministratorsSid) +
684 sizeof(ACCESS_ALLOWED_ACE) + RtlLengthSid(User->User.Sid);
685
686 Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
688 DaclSize);
689 if (Dacl == NULL)
690 {
692 goto done;
693 }
694
696 DaclSize,
698 if (!NT_SUCCESS(Status))
699 goto done;
700
705 if (!NT_SUCCESS(Status))
706 goto done;
707
711 AdministratorsSid);
712 if (!NT_SUCCESS(Status))
713 goto done;
714
718 User->User.Sid);
719 if (!NT_SUCCESS(Status))
720 goto done;
721
723 TRUE,
724 Dacl,
725 FALSE);
726 if (!NT_SUCCESS(Status))
727 goto done;
728
730 AdministratorsSid,
731 FALSE);
732 if (!NT_SUCCESS(Status))
733 goto done;
734
736 RelativeSd,
737 &RelativeSdSize);
739 goto done;
740
741 RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(),
743 RelativeSdSize);
744 if (RelativeSd == NULL)
745 {
747 goto done;
748 }
749
751 RelativeSd,
752 &RelativeSdSize);
753 if (!NT_SUCCESS(Status))
754 goto done;
755
756 *TokenSd = RelativeSd;
757 *TokenSdSize = RelativeSdSize;
758
759done:
760 if (Dacl != NULL)
761 RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
762
763 if (AdministratorsSid != NULL)
764 RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
765
766 if (LocalSystemSid != NULL)
767 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
768
769 if (!NT_SUCCESS(Status))
770 {
771 if (RelativeSd != NULL)
772 RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
773 }
774
775 return Status;
776}
#define TOKEN_READ
Definition: setypes.h:951
#define TOKEN_ALL_ACCESS
Definition: setypes.h:946

Referenced by LsapLogonUser().

◆ LsapDeleteCredential()

NTSTATUS NTAPI LsapDeleteCredential ( _In_ PLUID  LogonId,
_In_ ULONG  AuthenticationPackage,
_In_ PLSA_STRING  PrimaryKeyValue 
)

Definition at line 288 of file session.c.

292{
293
294 return STATUS_SUCCESS;
295}

Referenced by LsapInitAuthPackages().

◆ LsapDeleteDbObject()

NTSTATUS LsapDeleteDbObject ( IN PLSA_DB_OBJECT  DbObject)

Definition at line 901 of file database.c.

902{
903 PLSA_DB_OBJECT ParentObject = NULL;
904 WCHAR KeyName[64];
905 ULONG Index;
907
908 DbObject->RefCount--;
909
910 if (DbObject->RefCount > 0)
911 return STATUS_SUCCESS;
912
913 if (DbObject->KeyHandle != NULL)
914 {
915 Index = 0;
916
917 while (TRUE)
918 {
919 Status = LsapRegEnumerateSubKey(DbObject->KeyHandle,
920 Index,
921 sizeof(KeyName),
922 KeyName);
923 if (!NT_SUCCESS(Status))
924 break;
925
926 TRACE("Index: %lu\n", Index);
927 TRACE("Key name: %S\n", KeyName);
928
929 Status = LsapRegDeleteSubKey(DbObject->KeyHandle,
930 KeyName);
931 if (!NT_SUCCESS(Status))
932 break;
933 }
934
937
938 LsapRegDeleteKey(DbObject->KeyHandle);
939
940 NtClose(DbObject->KeyHandle);
941 }
942
943 if (DbObject->ParentObject != NULL)
944 ParentObject = DbObject->ParentObject;
945
946 RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
947
948 if (ParentObject != NULL)
949 {
950 ParentObject->RefCount--;
951
952 if (ParentObject->RefCount == 0)
953 Status = LsapCloseDbObject(ParentObject);
954 }
955
956 return Status;
957}
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:870
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
Definition: registry.c:89
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
Definition: registry.c:96
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:205
ULONG RefCount
Definition: lsasrv.h:60
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:64
_In_ WDFCOLLECTION _In_ ULONG Index
__wchar_t WCHAR
Definition: xmlstorage.h:180

Referenced by LsarDeleteObject(), and LsarStorePrivateData().

◆ LsapDeleteLogonSession()

NTSTATUS NTAPI LsapDeleteLogonSession ( IN PLUID  LogonId)

Definition at line 201 of file session.c.

202{
203 PLSAP_LOGON_SESSION Session;
205
206 TRACE("LsapDeleteLogonSession(%p)\n", LogonId);
207
208 /* Fail, if the session does not exist */
209 Session = LsapGetLogonSession(LogonId);
210 if (Session == NULL)
212
213 TRACE("LsapDeleteLogonSession(0x%08lx%08lx)\n",
214 LogonId->HighPart, LogonId->LowPart);
215
216 /* Tell ntoskrnl to delete the logon session */
218 if (!NT_SUCCESS(Status))
219 return Status;
220
221 /* Notify the authentication packages */
223
224 /* Remove the session entry from the list */
225 RemoveEntryList(&Session->Entry);
226 SessionCount--;
227
228 /* Free the session data */
229 if (Session->Sid != NULL)
230 RtlFreeHeap(RtlGetProcessHeap(), 0, Session->Sid);
231
232 if (Session->UserName.Buffer != NULL)
233 RtlFreeHeap(RtlGetProcessHeap(), 0, Session->UserName.Buffer);
234
235 if (Session->LogonDomain.Buffer != NULL)
236 RtlFreeHeap(RtlGetProcessHeap(), 0, Session->LogonDomain.Buffer);
237
238 if (Session->AuthenticationPackage.Buffer != NULL)
239 RtlFreeHeap(RtlGetProcessHeap(), 0, Session->AuthenticationPackage.Buffer);
240
241 if (Session->LogonServer.Buffer != NULL)
242 RtlFreeHeap(RtlGetProcessHeap(), 0, Session->LogonServer.Buffer);
243
244 if (Session->DnsDomainName.Buffer != NULL)
245 RtlFreeHeap(RtlGetProcessHeap(), 0, Session->DnsDomainName.Buffer);
246
247 if (Session->Upn.Buffer != NULL)
248 RtlFreeHeap(RtlGetProcessHeap(), 0, Session->Upn.Buffer);
249
250 /* Free the session entry */
251 RtlFreeHeap(RtlGetProcessHeap(), 0, Session);
252
253 return STATUS_SUCCESS;
254}
VOID LsapTerminateLogon(_In_ PLUID LogonId)
Definition: authpackage.c:545
NTSTATUS LsapRmDeleteLogonSession(PLUID LogonId)
Definition: srm.c:285
#define RemoveEntryList(Entry)
Definition: env_spec_w32.h:986
#define STATUS_NO_SUCH_LOGON_SESSION
Definition: ntstatus.h:331
UNICODE_STRING LogonServer
Definition: session.c:22
UNICODE_STRING DnsDomainName
Definition: session.c:23
UNICODE_STRING UserName
Definition: session.c:19
UNICODE_STRING LogonDomain
Definition: session.c:20
UNICODE_STRING AuthenticationPackage
Definition: session.c:21
UNICODE_STRING Upn
Definition: session.c:24

Referenced by LsapInitAuthPackages(), and LsapLogonUser().

◆ LsapDeleteObjectAttribute()

NTSTATUS LsapDeleteObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName 
)

Definition at line 1082 of file database.c.

1084{
1085 return LsapRegDeleteSubKey(DbObject->KeyHandle,
1086 AttributeName);
1087}
HANDLE KeyHandle
Definition: lsasrv.h:62

Referenced by LsarRemovePrivilegesFromAccount().

◆ LsapEnumLogonSessions()

NTSTATUS LsapEnumLogonSessions ( IN OUT PLSA_API_MSG  RequestMsg)

Definition at line 299 of file session.c.

300{
303 PLIST_ENTRY SessionEntry;
304 PLSAP_LOGON_SESSION CurrentSession;
305 PLUID SessionList;
306 ULONG i, Length;
307 SIZE_T MemSize;
308 PVOID ClientBaseAddress = NULL;
310
311 TRACE("LsapEnumLogonSessions(%p)\n", RequestMsg);
312
313 Length = SessionCount * sizeof(LUID);
314 SessionList = RtlAllocateHeap(RtlGetProcessHeap(),
316 Length);
317 if (SessionList == NULL)
319
320 i = 0;
321 SessionEntry = SessionListHead.Flink;
322 while (SessionEntry != &SessionListHead)
323 {
324 CurrentSession = CONTAINING_RECORD(SessionEntry,
326 Entry);
327
328 RtlCopyLuid(&SessionList[i],
329 &CurrentSession->LogonId);
330
331 SessionEntry = SessionEntry->Flink;
332 i++;
333 }
334
336 NULL,
337 0,
338 NULL,
339 NULL);
340
344 &RequestMsg->h.ClientId);
345 if (!NT_SUCCESS(Status))
346 {
347 TRACE("NtOpenProcess() failed (Status %lx)\n", Status);
348 goto done;
349 }
350
351 TRACE("Length: %lu\n", Length);
352
353 MemSize = Length;
355 &ClientBaseAddress,
356 0,
357 &MemSize,
360 if (!NT_SUCCESS(Status))
361 {
362 TRACE("NtAllocateVirtualMemory() failed (Status %lx)\n", Status);
363 goto done;
364 }
365
366 TRACE("MemSize: %lu\n", MemSize);
367 TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
368
370 ClientBaseAddress,
371 SessionList,
372 Length,
373 NULL);
374 if (!NT_SUCCESS(Status))
375 {
376 TRACE("NtWriteVirtualMemory() failed (Status %lx)\n", Status);
377 goto done;
378 }
379
380 RequestMsg->EnumLogonSessions.Reply.LogonSessionCount = SessionCount;
381 RequestMsg->EnumLogonSessions.Reply.LogonSessionBuffer = ClientBaseAddress;
382
383done:
384 if (ProcessHandle != NULL)
386
387 if (SessionList != NULL)
388 RtlFreeHeap(RtlGetProcessHeap(), 0, SessionList);
389
390 return Status;
391}
struct _LUID LUID
#define PROCESS_VM_READ
Definition: pstypes.h:162
#define PROCESS_VM_WRITE
Definition: pstypes.h:163
#define PROCESS_VM_OPERATION
Definition: pstypes.h:161
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
#define PAGE_READWRITE
Definition: nt_native.h:1304
#define MEM_COMMIT
Definition: nt_native.h:1313
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
NTSTATUS NTAPI NtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN SIZE_T NumberOfBytesToWrite, OUT PSIZE_T NumberOfBytesWritten OPTIONAL)
Definition: virtual.c:2930
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
Definition: virtual.c:4492
NTSTATUS NTAPI NtOpenProcess(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId)
Definition: process.c:1440
base of all file and directory entries
Definition: entries.h:83
Definition: typedefs.h:120
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
ULONG_PTR SIZE_T
Definition: typedefs.h:80
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260

Referenced by AuthPortThreadRoutine().

◆ LsapGetCredentials()

NTSTATUS NTAPI LsapGetCredentials ( _In_ PLUID  LogonId,
_In_ ULONG  AuthenticationPackage,
_Inout_ PULONG  QueryContext,
_In_ BOOLEAN  RetrieveAllCredentials,
_Inout_ PLSA_STRING  PrimaryKeyValue,
_Out_ PULONG  PrimaryKeyLength,
_Out_ PLSA_STRING  Credentials 
)

Definition at line 272 of file session.c.

280{
281
282 return STATUS_SUCCESS;
283}

Referenced by LsapInitAuthPackages().

◆ LsapGetLogonSessionData()

NTSTATUS LsapGetLogonSessionData ( IN OUT PLSA_API_MSG  RequestMsg)

Definition at line 395 of file session.c.

396{
399 PLSAP_LOGON_SESSION Session;
400 PSECURITY_LOGON_SESSION_DATA LocalSessionData;
401 PVOID ClientBaseAddress = NULL;
402 ULONG TotalLength, SidLength = 0;
403 SIZE_T MemSize;
404 PUCHAR Ptr;
406
407 TRACE("LsapGetLogonSessionData(%p)\n", RequestMsg);
408
409 TRACE("LogonId: %lx\n", RequestMsg->GetLogonSessionData.Request.LogonId.LowPart);
410 Session = LsapGetLogonSession(&RequestMsg->GetLogonSessionData.Request.LogonId);
411 if (Session == NULL)
413
414 /* Calculate the required buffer size */
416 Session->UserName.MaximumLength +
417 Session->LogonDomain.MaximumLength +
419 Session->LogonServer.MaximumLength +
421 Session->Upn.MaximumLength;
422 if (Session->Sid != NULL)
423 {
424 SidLength = RtlLengthSid(Session->Sid);
425 TotalLength += SidLength;
426 }
427 TRACE("TotalLength: %lu\n", TotalLength);
428
429 /* Allocate the buffer */
430 LocalSessionData = RtlAllocateHeap(RtlGetProcessHeap(),
433 if (LocalSessionData == NULL)
435
436 Ptr = (PUCHAR)((ULONG_PTR)LocalSessionData + sizeof(SECURITY_LOGON_SESSION_DATA));
437 TRACE("LocalSessionData: %p Ptr: %p\n", LocalSessionData, Ptr);
438
439 LocalSessionData->Size = sizeof(SECURITY_LOGON_SESSION_DATA);
440
441 /* Copy the LogonId */
442 RtlCopyLuid(&LocalSessionData->LogonId,
443 &RequestMsg->GetLogonSessionData.Request.LogonId);
444
445 /* Copy the UserName string */
446 LocalSessionData->UserName.Length = Session->UserName.Length;
447 LocalSessionData->UserName.MaximumLength = Session->UserName.MaximumLength;
448 if (Session->UserName.MaximumLength != 0)
449 {
451 LocalSessionData->UserName.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
452
453 Ptr = (PUCHAR)((ULONG_PTR)Ptr + Session->UserName.MaximumLength);
454 }
455
456 /* Copy the LogonDomain string */
457 LocalSessionData->LogonDomain.Length = Session->LogonDomain.Length;
458 LocalSessionData->LogonDomain.MaximumLength = Session->LogonDomain.MaximumLength;
459 if (Session->LogonDomain.MaximumLength != 0)
460 {
462 LocalSessionData->LogonDomain.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
463
465 }
466
467 /* Copy the AuthenticationPackage string */
468 LocalSessionData->AuthenticationPackage.Length = Session->AuthenticationPackage.Length;
469 LocalSessionData->AuthenticationPackage.MaximumLength = Session->AuthenticationPackage.MaximumLength;
470 if (Session->AuthenticationPackage.MaximumLength != 0)
471 {
473 LocalSessionData->AuthenticationPackage.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
474
476 }
477
478 LocalSessionData->LogonType = Session->LogonType;
479 LocalSessionData->Session = 0;
480
481 /* Sid */
482 if (Session->Sid != NULL)
483 {
484 RtlCopyMemory(Ptr, Session->Sid, SidLength);
485 LocalSessionData->Sid = (PSID)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
486
487 Ptr = (PUCHAR)((ULONG_PTR)Ptr + SidLength);
488 }
489
490 /* LogonTime */
491 LocalSessionData->LogonTime.QuadPart = Session->LogonTime.QuadPart;
492
493 /* Copy the LogonServer string */
494 LocalSessionData->LogonServer.Length = Session->LogonServer.Length;
495 LocalSessionData->LogonServer.MaximumLength = Session->LogonServer.MaximumLength;
496 if (Session->LogonServer.MaximumLength != 0)
497 {
499 LocalSessionData->LogonServer.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
500
502 }
503
504 /* Copy the DnsDomainName string */
505 LocalSessionData->DnsDomainName.Length = Session->DnsDomainName.Length;
506 LocalSessionData->DnsDomainName.MaximumLength = Session->DnsDomainName.MaximumLength;
507 if (Session->DnsDomainName.MaximumLength != 0)
508 {
510 LocalSessionData->DnsDomainName.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
511
513 }
514
515 /* Copy the Upn string */
516 LocalSessionData->Upn.Length = Session->Upn.Length;
517 LocalSessionData->Upn.MaximumLength = Session->Upn.MaximumLength;
518 if (Session->Upn.MaximumLength != 0)
519 {
520 RtlCopyMemory(Ptr, Session->Upn.Buffer, Session->Upn.MaximumLength);
521 LocalSessionData->Upn.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
522
523 Ptr = (PUCHAR)((ULONG_PTR)Ptr + Session->Upn.MaximumLength);
524 }
525
527 NULL,
528 0,
529 NULL,
530 NULL);
531
535 &RequestMsg->h.ClientId);
536 if (!NT_SUCCESS(Status))
537 {
538 TRACE("NtOpenProcess() failed (Status %lx)\n", Status);
539 goto done;
540 }
541
542 MemSize = TotalLength;
544 &ClientBaseAddress,
545 0,
546 &MemSize,
549 if (!NT_SUCCESS(Status))
550 {
551 TRACE("NtAllocateVirtualMemory() failed (Status %lx)\n", Status);
552 goto done;
553 }
554
555 TRACE("MemSize: %lu\n", MemSize);
556 TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
557
559 ClientBaseAddress,
560 LocalSessionData,
562 NULL);
563 if (!NT_SUCCESS(Status))
564 {
565 TRACE("NtWriteVirtualMemory() failed (Status %lx)\n", Status);
566 goto done;
567 }
568
569 RequestMsg->GetLogonSessionData.Reply.SessionDataBuffer = ClientBaseAddress;
570
571done:
572 if (ProcessHandle != NULL)
574
575 if (LocalSessionData != NULL)
576 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSessionData);
577
578 return Status;
579}
#define ULONG_PTR
Definition: config.h:101
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
if(dx< 0)
Definition: linetemp.h:194
struct _SID * PSID
Definition: eventlog.c:35
struct _SECURITY_LOGON_SESSION_DATA SECURITY_LOGON_SESSION_DATA
LARGE_INTEGER LogonTime
Definition: session.c:17
USHORT MaximumLength
Definition: ntsecapi.h:164
LSA_UNICODE_STRING UserName
Definition: ntsecapi.h:306
USHORT MaximumLength
Definition: env_spec_w32.h:370
uint16_t * PWSTR
Definition: typedefs.h:56
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
uint32_t ULONG_PTR
Definition: typedefs.h:65
unsigned char * PUCHAR
Definition: typedefs.h:53
LONGLONG QuadPart
Definition: typedefs.h:114
_In_ ULONG TotalLength
Definition: usbdlib.h:158

Referenced by AuthPortThreadRoutine().

◆ LsapGetObjectAttribute()

NTSTATUS LsapGetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
PULONG  AttributeSize 
)

Definition at line 1012 of file database.c.

1016{
1019 HANDLE AttributeKey;
1020 ULONG ValueSize;
1022
1024 AttributeName);
1025
1027 &KeyName,
1029 DbObject->KeyHandle,
1030 NULL);
1031
1032 Status = NtOpenKey(&AttributeKey,
1035 if (!NT_SUCCESS(Status))
1036 {
1037 return Status;
1038 }
1039
1040 ValueSize = *AttributeSize;
1041 Status = RtlpNtQueryValueKey(AttributeKey,
1042 NULL,
1043 NULL,
1044 &ValueSize,
1045 0);
1047 {
1048 goto Done;
1049 }
1050
1051 if (AttributeData == NULL || *AttributeSize == 0)
1052 {
1053 *AttributeSize = ValueSize;
1055 goto Done;
1056 }
1057 else if (*AttributeSize < ValueSize)
1058 {
1059 *AttributeSize = ValueSize;
1061 goto Done;
1062 }
1063
1064 Status = RtlpNtQueryValueKey(AttributeKey,
1065 NULL,
1067 &ValueSize,
1068 0);
1069 if (NT_SUCCESS(Status))
1070 {
1071 *AttributeSize = ValueSize;
1072 }
1073
1074Done:
1075 NtClose(AttributeKey);
1076
1077 return Status;
1078}
@ AttributeData
Definition: ntfs.h:168
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
Definition: registry.c:933
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:66

Referenced by LsapGetDomainInfo(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarEnumeratePrivilegesAccount(), LsarGetQuotasForAccount(), LsarGetSystemAccessAccount(), LsarQueryAccountDomain(), LsarQueryAuditEvents(), LsarQueryAuditFull(), LsarQueryAuditLog(), LsarQueryDefaultQuota(), LsarQueryDnsDomain(), LsarQueryModification(), LsarQueryPrimaryDomain(), LsarQuerySecret(), LsarQuerySecurityObject(), LsarQueryServerRole(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarRetrievePrivateData(), LsarSetAuditFull(), LsarSetQuotasForAccount(), and LsarSetSecurityObject().

◆ LsapGetRelativeIdFromSid()

ULONG LsapGetRelativeIdFromSid ( PSID  Sid)

Definition at line 1038 of file lookup.c.

1039{
1040 PISID Sid = Sid_;
1041
1042 if (Sid->SubAuthorityCount != 0)
1043 return Sid->SubAuthority[Sid->SubAuthorityCount - 1];
1044
1045 return 0;
1046}
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1145
DWORD SubAuthority[*]
Definition: ms-dtyp.idl:202
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200

Referenced by LsapLookupAccountDomainSids(), LsapLookupBuiltinDomainSids(), LsarLookupNames(), and LsarLookupNames2().

◆ LsapGetResourceStringLengthEx()

INT LsapGetResourceStringLengthEx ( _In_ HINSTANCE  hInstance,
_In_ UINT  uId,
_In_ USHORT  usLanguage 
)

Definition at line 64 of file utils.c.

68{
69 HGLOBAL hmem;
70 HRSRC hrsrc;
71 WCHAR *p;
72 UINT i, string_num;
73
74 /* Use loword (incremented by 1) as resourceid */
75// hrsrc = FindResourceExW(hInstance,
76// MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
77// (LPWSTR)RT_STRING,
78// usLanguage);
80 MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
82 if (!hrsrc)
83 return 0;
84
85 hmem = LoadResource(hInstance, hrsrc);
86 if (!hmem)
87 return 0;
88
89 p = LockResource(hmem);
90 string_num = uId & 0x000f;
91 for (i = 0; i < string_num; i++)
92 p += *p + 1;
93
94 return *p + 1;
95}
HINSTANCE hInstance
Definition: charmap.c:19
HRSRC WINAPI FindResourceW(HINSTANCE hModule, LPCWSTR name, LPCWSTR type)
Definition: res.c:176
LPVOID WINAPI LockResource(HGLOBAL handle)
Definition: res.c:550
HGLOBAL WINAPI LoadResource(HINSTANCE hModule, HRSRC hRsrc)
Definition: res.c:532
GLfloat GLfloat p
Definition: glext.h:8902
unsigned int UINT
Definition: ndis.h:50
#define LOWORD(l)
Definition: pedump.c:82
#define RT_STRING
Definition: pedump.c:368
#define MAKEINTRESOURCEW(i)
Definition: winuser.h:582
WCHAR * LPWSTR
Definition: xmlstorage.h:184

Referenced by LsarpLookupPrivilegeDisplayName().

◆ LsapInitAuthPackages()

NTSTATUS LsapInitAuthPackages ( VOID  )

Definition at line 474 of file authpackage.c.

475{
476 RTL_QUERY_REGISTRY_TABLE AuthPackageTable[] = {
477 {LsapAddAuthPackage, 0, L"Authentication Packages", NULL, REG_NONE, NULL, 0},
478 {NULL, 0, NULL, NULL, REG_NONE, NULL, 0}};
479
481
483 PackageId = 0;
484
485 /* Initialize the dispatch table */
486 DispatchTable.CreateLogonSession = &LsapCreateLogonSession;
487 DispatchTable.DeleteLogonSession = &LsapDeleteLogonSession;
488 DispatchTable.AddCredential = &LsapAddCredential;
489 DispatchTable.GetCredentials = &LsapGetCredentials;
490 DispatchTable.DeleteCredential = &LsapDeleteCredential;
491 DispatchTable.AllocateLsaHeap = &LsapAllocateHeapZero;
492 DispatchTable.FreeLsaHeap = &LsapFreeHeap;
493 DispatchTable.AllocateClientBuffer = &LsapAllocateClientBuffer;
494 DispatchTable.FreeClientBuffer = &LsapFreeClientBuffer;
495 DispatchTable.CopyToClientBuffer = &LsapCopyToClientBuffer;
496 DispatchTable.CopyFromClientBuffer = &LsapCopyFromClientBuffer;
497
498 /* Add registered authentication packages */
500 L"Lsa",
501 AuthPackageTable,
502 &PackageId,
503 NULL);
504
505 return Status;
506}
static NTSTATUS NTAPI LsapCopyToClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID ClientBaseAddress, IN PVOID BufferToCopy)
Definition: authpackage.c:436
PVOID NTAPI LsapAllocateHeapZero(IN ULONG Length)
Definition: authpackage.c:373
static NTSTATUS NTAPI LsapAddAuthPackage(IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
Definition: authpackage.c:177
VOID NTAPI LsapFreeHeap(IN PVOID Base)
Definition: authpackage.c:381
static NTSTATUS NTAPI LsapCopyFromClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID BufferToCopy, IN PVOID ClientBaseAddress)
Definition: authpackage.c:456
static NTSTATUS NTAPI LsapFreeClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ClientBaseAddress)
Definition: authpackage.c:414
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
static NTSTATUS NTAPI LsapAllocateClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG LengthRequired, OUT PVOID *ClientBaseAddress)
Definition: authpackage.c:390
NTSTATUS NTAPI LsapAddCredential(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue, _In_ PLSA_STRING Credential)
Definition: session.c:259
NTSTATUS NTAPI LsapGetCredentials(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _Inout_ PULONG QueryContext, _In_ BOOLEAN RetrieveAllCredentials, _Inout_ PLSA_STRING PrimaryKeyValue, _Out_ PULONG PrimaryKeyLength, _Out_ PLSA_STRING Credentials)
Definition: session.c:272
NTSTATUS NTAPI LsapCreateLogonSession(IN PLUID LogonId)
Definition: session.c:159
NTSTATUS NTAPI LsapDeleteLogonSession(IN PLUID LogonId)
Definition: session.c:201
NTSTATUS NTAPI LsapDeleteCredential(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue)
Definition: session.c:288
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
#define RTL_REGISTRY_CONTROL
Definition: nt_native.h:163
#define REG_NONE
Definition: nt_native.h:1492
#define L(x)
Definition: ntvdm.h:50
_In_ PWDFDEVICE_INIT _In_ PWDF_PDO_EVENT_CALLBACKS DispatchTable
Definition: wdfpdo.h:248

Referenced by LsapInitLsa().

◆ LsapInitDatabase()

NTSTATUS LsapInitDatabase ( VOID  )

Definition at line 539 of file database.c.

540{
542
543 TRACE("LsapInitDatabase()\n");
544
546 if (!NT_SUCCESS(Status))
547 {
548 ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
549 return Status;
550 }
551
553 {
555 if (!NT_SUCCESS(Status))
556 {
557 ERR("Failed to create the LSA database keys (Status: 0x%08lx)\n", Status);
558 return Status;
559 }
560
562 if (!NT_SUCCESS(Status))
563 {
564 ERR("Failed to create the LSA database objects (Status: 0x%08lx)\n", Status);
565 return Status;
566 }
567 }
568 else
569 {
571 if (!NT_SUCCESS(Status))
572 {
573 ERR("Failed to update the LSA database (Status: 0x%08lx)\n", Status);
574 return Status;
575 }
576 }
577
579 if (!NT_SUCCESS(Status))
580 {
581 ERR("Failed to get the domain information (Status: 0x%08lx)\n", Status);
582 return Status;
583 }
584
585 TRACE("LsapInitDatabase() done\n");
586
587 return STATUS_SUCCESS;
588}
#define ERR(fmt,...)
Definition: precomp.h:57
static NTSTATUS LsapUpdateDatabase(VOID)
Definition: database.c:400
static NTSTATUS LsapOpenServiceKey(VOID)
Definition: database.c:32
static NTSTATUS LsapGetDomainInfo(VOID)
Definition: database.c:407
static NTSTATUS LsapCreateDatabaseKeys(VOID)
Definition: database.c:87
static BOOLEAN LsapIsDatabaseInstalled(VOID)
Definition: database.c:57
static NTSTATUS LsapCreateDatabaseObjects(VOID)
Definition: database.c:234

Referenced by LsapInitLsa().

◆ LsapInitLogonSessions()

VOID LsapInitLogonSessions ( VOID  )

Definition at line 36 of file session.c.

Referenced by LsapInitLsa().

◆ LsapInitNotificationList()

VOID LsapInitNotificationList ( VOID  )

Definition at line 28 of file notify.c.

29{
32}
static LIST_ENTRY NotificationListHead
Definition: notify.c:21
static RTL_RESOURCE NotificationListLock
Definition: notify.c:22
NTSYSAPI VOID NTAPI RtlInitializeResource(_In_ PRTL_RESOURCE Resource)

Referenced by LsapInitLsa().

◆ LsapInitSids()

NTSTATUS LsapInitSids ( VOID  )

Definition at line 182 of file lookup.c.

183{
184 WCHAR szAccountName[80];
185 WCHAR szDomainName[80];
186 ULONG SubAuthorities[8];
188
190
191 hInstance = GetModuleHandleW(L"lsasrv.dll");
192
193 /* NT Authority */
194 LsapLoadString(hInstance, IDS_NT_AUTHORITY, szAccountName, ARRAYSIZE(szAccountName));
195 LsapLoadString(hInstance, IDS_NT_AUTHORITY, szDomainName, ARRAYSIZE(szDomainName));
197 0,
198 NULL,
199 szAccountName,
200 szDomainName,
202 NULL);
203
204 /* Null Sid */
205 LsapLoadString(hInstance, IDS_NULL_RID, szAccountName, ARRAYSIZE(szAccountName));
206
207 SubAuthorities[0] = SECURITY_NULL_RID;
209 1,
210 SubAuthorities,
211 szAccountName,
212 L"",
214 NULL);
215
216 /* World Sid */
217 LsapLoadString(hInstance, IDS_WORLD_RID, szAccountName, ARRAYSIZE(szAccountName));
218
219 SubAuthorities[0] = SECURITY_WORLD_RID;
221 1,
222 SubAuthorities,
223 szAccountName,
224 L"",
226 &LsapWorldSid);
227
228 /* Local Sid */
229 LsapLoadString(hInstance, IDS_LOCAL_RID, szAccountName, ARRAYSIZE(szAccountName));
230
231 SubAuthorities[0] = SECURITY_LOCAL_RID;
233 1,
234 SubAuthorities,
235 szAccountName,
236 L"",
238 NULL);
239
240 /* Creator Owner Sid */
241 LsapLoadString(hInstance, IDS_CREATOR_OWNER_RID, szAccountName, ARRAYSIZE(szAccountName));
242
243 SubAuthorities[0] = SECURITY_CREATOR_OWNER_RID;
245 1,
246 SubAuthorities,
247 szAccountName,
248 L"",
250 NULL);
251
252 /* Creator Group Sid */
253 LsapLoadString(hInstance, IDS_CREATOR_GROUP_RID, szAccountName, ARRAYSIZE(szAccountName));
254
255 SubAuthorities[0] = SECURITY_CREATOR_GROUP_RID;
257 1,
258 SubAuthorities,
259 szAccountName,
260 L"",
262 NULL);
263
264 /* Creator Owner Server Sid */
265 LsapLoadString(hInstance, IDS_CREATOR_OWNER_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
266
267 SubAuthorities[0] = SECURITY_CREATOR_OWNER_SERVER_RID;
269 1,
270 SubAuthorities,
271 szAccountName,
272 L"",
274 NULL);
275
276 /* Creator Group Server Sid */
277 LsapLoadString(hInstance, IDS_CREATOR_GROUP_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
278
279 SubAuthorities[0] = SECURITY_CREATOR_GROUP_SERVER_RID;
281 1,
282 SubAuthorities,
283 szAccountName,
284 L"",
286 NULL);
287
288 /* Dialup Sid */
289 LsapLoadString(hInstance, IDS_DIALUP_RID, szAccountName, ARRAYSIZE(szAccountName));
290 LsapLoadString(hInstance, IDS_NT_AUTHORITY, szDomainName, ARRAYSIZE(szDomainName));
291
292 SubAuthorities[0] = SECURITY_DIALUP_RID;
294 1,
295 SubAuthorities,
296 szAccountName,
297 szDomainName,
299 NULL);
300
301 /* Network Sid */
302 LsapLoadString(hInstance, IDS_NETWORK_RID, szAccountName, ARRAYSIZE(szAccountName));
303
304 SubAuthorities[0] = SECURITY_NETWORK_RID;
306 1,
307 SubAuthorities,
308 szAccountName,
309 szDomainName,
312
313 /* Batch Sid*/
314 LsapLoadString(hInstance, IDS_BATCH_RID, szAccountName, ARRAYSIZE(szAccountName));
315
316 SubAuthorities[0] = SECURITY_BATCH_RID;
318 1,
319 SubAuthorities,
320 szAccountName,
321 szDomainName,
323 &LsapBatchSid);
324
325 /* Interactive Sid */
326 LsapLoadString(hInstance, IDS_INTERACTIVE_RID, szAccountName, ARRAYSIZE(szAccountName));
327
328 SubAuthorities[0] = SECURITY_INTERACTIVE_RID;
330 1,
331 SubAuthorities,
332 szAccountName,
333 szDomainName,
336
337 /* Service Sid */
338 LsapLoadString(hInstance, IDS_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
339
340 SubAuthorities[0] = SECURITY_SERVICE_RID;
342 1,
343 SubAuthorities,
344 szAccountName,
345 szDomainName,
348
349 /* Anonymous Logon Sid */
350 LsapLoadString(hInstance, IDS_ANONYMOUS_LOGON_RID, szAccountName, ARRAYSIZE(szAccountName));
351
352 SubAuthorities[0] = SECURITY_ANONYMOUS_LOGON_RID;
354 1,
355 SubAuthorities,
356 szAccountName,
357 szDomainName,
359 NULL);
360
361 /* Proxy Sid */
362 LsapLoadString(hInstance, IDS_PROXY_RID, szAccountName, ARRAYSIZE(szAccountName));
363
364 SubAuthorities[0] = SECURITY_PROXY_RID;
366 1,
367 SubAuthorities,
368 szAccountName,
369 szDomainName,
371 NULL);
372
373 /* Enterprise Controllers Sid */
374 LsapLoadString(hInstance, IDS_ENTERPRISE_CONTROLLERS_RID, szAccountName, ARRAYSIZE(szAccountName));
375
376 SubAuthorities[0] = SECURITY_ENTERPRISE_CONTROLLERS_RID;
378 1,
379 SubAuthorities,
380 szAccountName,
381 szDomainName,
383 NULL);
384
385 /* Principal Self Sid */
386 LsapLoadString(hInstance, IDS_PRINCIPAL_SELF_RID, szAccountName, ARRAYSIZE(szAccountName));
387
388 SubAuthorities[0] = SECURITY_PRINCIPAL_SELF_RID;
390 1,
391 SubAuthorities,
392 szAccountName,
393 szDomainName,
395 NULL);
396
397 /* Authenticated Users Sid */
398 LsapLoadString(hInstance, IDS_AUTHENTICATED_USER_RID, szAccountName, ARRAYSIZE(szAccountName));
399
400 SubAuthorities[0] = SECURITY_AUTHENTICATED_USER_RID;
402 1,
403 SubAuthorities,
404 szAccountName,
405 szDomainName,
407 NULL);
408
409 /* Restricted Code Sid */
410 LsapLoadString(hInstance, IDS_RESTRICTED_CODE_RID, szAccountName, ARRAYSIZE(szAccountName));
411
412 SubAuthorities[0] = SECURITY_RESTRICTED_CODE_RID;
414 1,
415 SubAuthorities,
416 szAccountName,
417 szDomainName,
419 NULL);
420
421 /* Terminal Server Sid */
422 LsapLoadString(hInstance, IDS_TERMINAL_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
423
424 SubAuthorities[0] = SECURITY_TERMINAL_SERVER_RID;
426 1,
427 SubAuthorities,
428 szAccountName,
429 szDomainName,
431 NULL);
432
433 /* Remote Logon Sid */
434 LsapLoadString(hInstance, IDS_REMOTE_LOGON_RID, szAccountName, ARRAYSIZE(szAccountName));
435
436 SubAuthorities[0] = SECURITY_REMOTE_LOGON_RID;
438 1,
439 SubAuthorities,
440 szAccountName,
441 szDomainName,
443 NULL);
444
445 /* This Organization Sid */
446 LsapLoadString(hInstance, IDS_THIS_ORGANIZATION_RID, szAccountName, ARRAYSIZE(szAccountName));
447
448 SubAuthorities[0] = SECURITY_THIS_ORGANIZATION_RID;
450 1,
451 SubAuthorities,
452 szAccountName,
453 szDomainName,
455 NULL);
456
457 /* Local System Sid */
458 LsapLoadString(hInstance, IDS_LOCAL_SYSTEM_RID, szAccountName, ARRAYSIZE(szAccountName));
459
460 SubAuthorities[0] = SECURITY_LOCAL_SYSTEM_RID;
462 1,
463 SubAuthorities,
464 szAccountName,
465 szDomainName,
468
469 /* Local Service Sid */
470 LsapLoadString(hInstance, IDS_LOCAL_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
471
472 SubAuthorities[0] = SECURITY_LOCAL_SERVICE_RID;
474 1,
475 SubAuthorities,
476 szAccountName,
477 szDomainName,
479 NULL);
480
482 1,
483 SubAuthorities,
484 L"LOCALSERVICE",
485 L"NT AUTHORITY",
487 NULL);
488
489 /* Network Service Sid */
490 LsapLoadString(hInstance, IDS_NETWORK_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
491
492 SubAuthorities[0] = SECURITY_NETWORK_SERVICE_RID;
494 1,
495 SubAuthorities,
496 szAccountName,
497 szDomainName,
499 NULL);
500
502 1,
503 SubAuthorities,
504 L"NETWORKSERVICE",
505 L"NT AUTHORITY",
507 NULL);
508
509 /* Builtin Domain Sid */
510 LsapLoadString(hInstance, IDS_BUILTIN_DOMAIN_RID, szAccountName, ARRAYSIZE(szAccountName));
511 LsapLoadString(hInstance, IDS_BUILTIN_DOMAIN_RID, szDomainName, ARRAYSIZE(szDomainName));
512
513 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
515 1,
516 SubAuthorities,
517 szAccountName,
518 szDomainName,
520 NULL);
521
522 /* Administrators Alias Sid */
523 LsapLoadString(hInstance, IDS_ALIAS_RID_ADMINS, szAccountName, ARRAYSIZE(szAccountName));
524
525 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
526 SubAuthorities[1] = DOMAIN_ALIAS_RID_ADMINS;
528 2,
529 SubAuthorities,
530 szAccountName,
531 szDomainName,
534
535 /* Users Alias Sid */
536 LsapLoadString(hInstance, IDS_ALIAS_RID_USERS, szAccountName, ARRAYSIZE(szAccountName));
537
538 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
539 SubAuthorities[1] = DOMAIN_ALIAS_RID_USERS;
541 2,
542 SubAuthorities,
543 szAccountName,
544 szDomainName,
546 NULL);
547
548 /* Guests Alias Sid */
549 LsapLoadString(hInstance, IDS_ALIAS_RID_GUESTS, szAccountName, ARRAYSIZE(szAccountName));
550
551 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
552 SubAuthorities[1] = DOMAIN_ALIAS_RID_GUESTS;
554 2,
555 SubAuthorities,
556 szAccountName,
557 szDomainName,
559 NULL);
560
561 /* Power User Alias Sid */
562 LsapLoadString(hInstance, IDS_ALIAS_RID_POWER_USERS, szAccountName, ARRAYSIZE(szAccountName));
563
564 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
565 SubAuthorities[1] = DOMAIN_ALIAS_RID_POWER_USERS;
567 2,
568 SubAuthorities,
569 szAccountName,
570 szDomainName,
572 NULL);
573
574 /* Account Operators Alias Sid */
575 LsapLoadString(hInstance, IDS_ALIAS_RID_ACCOUNT_OPS, szAccountName, ARRAYSIZE(szAccountName));
576
577 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
578 SubAuthorities[1] = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
580 2,
581 SubAuthorities,
582 szAccountName,
583 szDomainName,
585 NULL);
586
587 /* System Operators Alias Sid */
588 LsapLoadString(hInstance, IDS_ALIAS_RID_SYSTEM_OPS, szAccountName, ARRAYSIZE(szAccountName));
589
590 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
591 SubAuthorities[1] = DOMAIN_ALIAS_RID_SYSTEM_OPS;
593 2,
594 SubAuthorities,
595 szAccountName,
596 szDomainName,
598 NULL);
599
600 /* Print Operators Alias Sid */
601 LsapLoadString(hInstance, IDS_ALIAS_RID_PRINT_OPS, szAccountName, ARRAYSIZE(szAccountName));
602
603 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
604 SubAuthorities[1] = DOMAIN_ALIAS_RID_PRINT_OPS;
606 2,
607 SubAuthorities,
608 szAccountName,
609 szDomainName,
611 NULL);
612
613 /* Backup Operators Alias Sid */
614 LsapLoadString(hInstance, IDS_ALIAS_RID_BACKUP_OPS, szAccountName, ARRAYSIZE(szAccountName));
615
616 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
617 SubAuthorities[1] = DOMAIN_ALIAS_RID_BACKUP_OPS;
619 2,
620 SubAuthorities,
621 szAccountName,
622 szDomainName,
624 NULL);
625
626 /* Replicators Alias Sid */
627 LsapLoadString(hInstance, IDS_ALIAS_RID_REPLICATOR, szAccountName, ARRAYSIZE(szAccountName));
628
629 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
630 SubAuthorities[1] = DOMAIN_ALIAS_RID_REPLICATOR;
632 2,
633 SubAuthorities,
634 szAccountName,
635 szDomainName,
637 NULL);
638
639 /* RAS Servers Alias Sid */
640 LsapLoadString(hInstance, IDS_ALIAS_RID_RAS_SERVERS, szAccountName, ARRAYSIZE(szAccountName));
641
642 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
643 SubAuthorities[1] = DOMAIN_ALIAS_RID_RAS_SERVERS;
645 2,
646 SubAuthorities,
647 szAccountName,
648 szDomainName,
650 NULL);
651
652 /* Pre-Windows 2000 Compatible Access Alias Sid */
653 LsapLoadString(hInstance, IDS_ALIAS_RID_PREW2KCOMPACCESS, szAccountName, ARRAYSIZE(szAccountName));
654
655 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
656 SubAuthorities[1] = DOMAIN_ALIAS_RID_PREW2KCOMPACCESS;
658 2,
659 SubAuthorities,
660 szAccountName,
661 szDomainName,
663 NULL);
664
665 /* Remote Desktop Users Alias Sid */
667
668 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
669 SubAuthorities[1] = DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS;
671 2,
672 SubAuthorities,
673 szAccountName,
674 szDomainName,
676 NULL);
677
678 /* Network Configuration Operators Alias Sid */
680
681 SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
684 2,
685 SubAuthorities,
686 szAccountName,
687 szDomainName,
689 NULL);
690
691 /* FIXME: Add more well known sids */
692
693 return STATUS_SUCCESS;
694}
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:40
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
HMODULE WINAPI GetModuleHandleW(LPCWSTR lpModuleName)
Definition: loader.c:838
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
Definition: database.c:20
SID_IDENTIFIER_AUTHORITY NullSidAuthority
Definition: database.c:17
SID_IDENTIFIER_AUTHORITY LocalSidAuthority
Definition: database.c:19
PSID LsapServiceSid
Definition: lookup.c:82
LIST_ENTRY WellKnownSidListHead
Definition: lookup.c:77
PSID LsapAdministratorsSid
Definition: lookup.c:84
PSID LsapNetworkSid
Definition: lookup.c:79
BOOLEAN LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, UCHAR SubAuthorityCount, PULONG SubAuthorities, PWSTR AccountName, PWSTR DomainName, SID_NAME_USE Use, PSID *SidPtr)
Definition: lookup.c:90
PSID LsapWorldSid
Definition: lookup.c:78
PSID LsapBatchSid
Definition: lookup.c:80
PSID LsapInteractiveSid
Definition: lookup.c:81
PSID LsapLocalSystemSid
Definition: lookup.c:83
INT LsapLoadString(HINSTANCE hInstance, UINT uId, LPWSTR lpBuffer, INT nBufferMax)
Definition: utils.c:17
#define IDS_PRINCIPAL_SELF_RID
Definition: resources.h:28
#define IDS_NULL_RID
Definition: resources.h:13
#define IDS_BATCH_RID
Definition: resources.h:22
#define IDS_ALIAS_RID_ADMINS
Definition: resources.h:38
#define IDS_ALIAS_RID_RAS_SERVERS
Definition: resources.h:47
#define IDS_TERMINAL_SERVER_RID
Definition: resources.h:31
#define IDS_LOCAL_RID
Definition: resources.h:15
#define IDS_ALIAS_RID_POWER_USERS
Definition: resources.h:41
#define IDS_ALIAS_RID_PREW2KCOMPACCESS
Definition: resources.h:48
#define IDS_REMOTE_LOGON_RID
Definition: resources.h:32
#define IDS_CREATOR_GROUP_RID
Definition: resources.h:17
#define IDS_CREATOR_OWNER_SERVER_RID
Definition: resources.h:18
#define IDS_ALIAS_RID_GUESTS
Definition: resources.h:40
#define IDS_RESTRICTED_CODE_RID
Definition: resources.h:30
#define IDS_ALIAS_RID_ACCOUNT_OPS
Definition: resources.h:42
#define IDS_CREATOR_GROUP_SERVER_RID
Definition: resources.h:19
#define IDS_NT_AUTHORITY
Definition: resources.h:11
#define IDS_NETWORK_SERVICE_RID
Definition: resources.h:36
#define IDS_ALIAS_RID_USERS
Definition: resources.h:39
#define IDS_AUTHENTICATED_USER_RID
Definition: resources.h:29
#define IDS_ANONYMOUS_LOGON_RID
Definition: resources.h:25
#define IDS_ENTERPRISE_CONTROLLERS_RID
Definition: resources.h:27
#define IDS_ALIAS_RID_PRINT_OPS
Definition: resources.h:44
#define IDS_BUILTIN_DOMAIN_RID
Definition: resources.h:37
#define IDS_NETWORK_RID
Definition: resources.h:21
#define IDS_SERVICE_RID
Definition: resources.h:24
#define IDS_LOCAL_SERVICE_RID
Definition: resources.h:35
#define IDS_THIS_ORGANIZATION_RID
Definition: resources.h:33
#define IDS_PROXY_RID
Definition: resources.h:26
#define IDS_DIALUP_RID
Definition: resources.h:20
#define IDS_INTERACTIVE_RID
Definition: resources.h:23
#define IDS_WORLD_RID
Definition: resources.h:14
#define IDS_ALIAS_RID_REMOTE_DESKTOP_USERS
Definition: resources.h:49
#define IDS_CREATOR_OWNER_RID
Definition: resources.h:16
#define IDS_ALIAS_RID_SYSTEM_OPS
Definition: resources.h:43
#define IDS_LOCAL_SYSTEM_RID
Definition: resources.h:34
#define IDS_ALIAS_RID_REPLICATOR
Definition: resources.h:46
#define IDS_ALIAS_RID_NETWORK_CONFIGURATION_OPS
Definition: resources.h:50
#define IDS_ALIAS_RID_BACKUP_OPS
Definition: resources.h:45
@ SidTypeAlias
Definition: lsa.idl:121
@ SidTypeDomain
Definition: lsa.idl:120
@ SidTypeWellKnownGroup
Definition: lsa.idl:122
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:653
#define DOMAIN_ALIAS_RID_GUESTS
Definition: setypes.h:654
#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS
Definition: setypes.h:666
#define SECURITY_LOCAL_RID
Definition: setypes.h:542
#define SECURITY_DIALUP_RID
Definition: setypes.h:556
#define SECURITY_SERVICE_RID
Definition: setypes.h:562
#define SECURITY_PROXY_RID
Definition: setypes.h:564
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:559
#define SECURITY_CREATOR_GROUP_SERVER_RID
Definition: setypes.h:548
#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS
Definition: setypes.h:665
#define DOMAIN_ALIAS_RID_SYSTEM_OPS
Definition: setypes.h:658
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:568
#define SECURITY_NULL_RID
Definition: setypes.h:540
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS
Definition: setypes.h:657
#define SECURITY_RESTRICTED_CODE_RID
Definition: setypes.h:569
#define DOMAIN_ALIAS_RID_RAS_SERVERS
Definition: setypes.h:663
#define SECURITY_TERMINAL_SERVER_RID
Definition: setypes.h:570
#define DOMAIN_ALIAS_RID_BACKUP_OPS
Definition: setypes.h:660
#define SECURITY_BATCH_RID
Definition: setypes.h:558
#define DOMAIN_ALIAS_RID_PRINT_OPS
Definition: setypes.h:659
#define SECURITY_CREATOR_OWNER_SERVER_RID
Definition: setypes.h:547
#define DOMAIN_ALIAS_RID_REPLICATOR
Definition: setypes.h:662
#define SECURITY_THIS_ORGANIZATION_RID
Definition: setypes.h:572
#define SECURITY_PRINCIPAL_SELF_RID
Definition: setypes.h:567
#define SECURITY_CREATOR_OWNER_RID
Definition: setypes.h:545
#define DOMAIN_ALIAS_RID_POWER_USERS
Definition: setypes.h:655
#define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS
Definition: setypes.h:664
#define SECURITY_ENTERPRISE_CONTROLLERS_RID
Definition: setypes.h:565
#define SECURITY_NETWORK_RID
Definition: setypes.h:557
#define SECURITY_REMOTE_LOGON_RID
Definition: setypes.h:571
#define SECURITY_CREATOR_GROUP_RID
Definition: setypes.h:546

Referenced by LsapInitLsa().

◆ LsapLoadString()

INT LsapLoadString ( HINSTANCE  hInstance,
UINT  uId,
LPWSTR  lpBuffer,
INT  nBufferMax 
)

Definition at line 17 of file utils.c.

21{
22 HGLOBAL hmem;
23 HRSRC hrsrc;
24 WCHAR *p;
25 int string_num;
26 int i;
27
28 /* Use loword (incremented by 1) as resourceid */
30 MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
32 if (!hrsrc)
33 return 0;
34
35 hmem = LoadResource(hInstance, hrsrc);
36 if (!hmem)
37 return 0;
38
39 p = LockResource(hmem);
40 string_num = uId & 0x000f;
41 for (i = 0; i < string_num; i++)
42 p += *p + 1;
43
44 i = min(nBufferMax - 1, *p);
45 if (i > 0)
46 {
47 memcpy(lpBuffer, p + 1, i * sizeof(WCHAR));
48 lpBuffer[i] = 0;
49 }
50 else
51 {
52 if (nBufferMax > 1)
53 {
54 lpBuffer[0] = 0;
55 return 0;
56 }
57 }
58
59 return i;
60}
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
Definition: db.cpp:175
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
#define min(a, b)
Definition: monoChain.cc:55

Referenced by LsapInitSids().

◆ LsapLoadStringEx()

INT LsapLoadStringEx ( _In_ HINSTANCE  hInstance,
_In_ UINT  uId,
_In_ USHORT  usLanguage,
_Out_ LPWSTR  lpBuffer,
_Out_ INT  nBufferMax 
)

Definition at line 99 of file utils.c.

105{
106 HGLOBAL hmem;
107 HRSRC hrsrc;
108 WCHAR *p;
109 int string_num;
110 int i;
111
112 /* Use loword (incremented by 1) as resourceid */
113// hrsrc = FindResourceExW(hInstance,
114// MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
115// (LPWSTR)RT_STRING,
116// usLanguage);
117 hrsrc = FindResourceW(hInstance,
118 MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
120 if (!hrsrc)
121 return 0;
122
123 hmem = LoadResource(hInstance, hrsrc);
124 if (!hmem)
125 return 0;
126
127 p = LockResource(hmem);
128 string_num = uId & 0x000f;
129 for (i = 0; i < string_num; i++)
130 p += *p + 1;
131
132 i = min(nBufferMax - 1, *p);
133 if (i > 0)
134 {
135 memcpy(lpBuffer, p + 1, i * sizeof(WCHAR));
136 lpBuffer[i] = 0;
137 }
138 else
139 {
140 if (nBufferMax > 1)
141 {
142 lpBuffer[0] = 0;
143 return 0;
144 }
145 }
146
147 return i;
148}

Referenced by LsarpLookupPrivilegeDisplayName().

◆ LsapLogonUser()

NTSTATUS LsapLogonUser ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 1394 of file authpackage.c.

1396{
1397 PAUTH_PACKAGE Package;
1400 LSA_TOKEN_INFORMATION_TYPE TokenInformationType;
1401 PVOID TokenInformation = NULL;
1402 PLSA_TOKEN_INFORMATION_NULL TokenInfo0 = NULL;
1403 PLSA_TOKEN_INFORMATION_V1 TokenInfo1 = NULL;
1404 PUNICODE_STRING AccountName = NULL;
1405 PUNICODE_STRING AuthenticatingAuthority = NULL;
1407 PVOID LocalAuthInfo = NULL;
1410 ULONG i;
1414
1415 PUNICODE_STRING UserName = NULL;
1416 PUNICODE_STRING LogonDomainName = NULL;
1417// UNICODE_STRING LogonServer;
1418
1419
1420 TRACE("LsapLogonUser(%p %p)\n", RequestMsg, LogonContext);
1421
1422 PackageId = RequestMsg->LogonUser.Request.AuthenticationPackage;
1423 LogonType = RequestMsg->LogonUser.Request.LogonType;
1424
1425 /* Get the right authentication package */
1427 if (Package == NULL)
1428 {
1429 ERR("LsapGetAuthenticationPackage() failed to find a package\n");
1431 }
1432
1433 if (RequestMsg->LogonUser.Request.AuthenticationInformationLength > 0)
1434 {
1435 /* Allocate the local authentication info buffer */
1436 LocalAuthInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1438 RequestMsg->LogonUser.Request.AuthenticationInformationLength);
1439 if (LocalAuthInfo == NULL)
1440 {
1441 ERR("RtlAllocateHeap() failed\n");
1443 }
1444
1445 /* Read the authentication info from the callers address space */
1447 RequestMsg->LogonUser.Request.AuthenticationInformation,
1448 LocalAuthInfo,
1449 RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1450 NULL);
1451 if (!NT_SUCCESS(Status))
1452 {
1453 ERR("NtReadVirtualMemory() failed (Status 0x%08lx)\n", Status);
1454 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalAuthInfo);
1455 return Status;
1456 }
1457 }
1458
1459 if (RequestMsg->LogonUser.Request.LocalGroupsCount > 0)
1460 {
1461 Status = LsapCopyLocalGroups(LogonContext,
1462 RequestMsg->LogonUser.Request.LocalGroups,
1463 RequestMsg->LogonUser.Request.LocalGroupsCount,
1464 &LocalGroups);
1465 if (!NT_SUCCESS(Status))
1466 {
1467 ERR("LsapCopyLocalGroups failed (Status 0x%08lx)\n", Status);
1468 goto done;
1469 }
1470
1471 TRACE("GroupCount: %lu\n", LocalGroups->GroupCount);
1472 }
1473
1474 if (Package->LsaApLogonUserEx2 != NULL)
1475 {
1476 Status = Package->LsaApLogonUserEx2((PLSA_CLIENT_REQUEST)LogonContext,
1477 RequestMsg->LogonUser.Request.LogonType,
1478 LocalAuthInfo,
1479 RequestMsg->LogonUser.Request.AuthenticationInformation,
1480 RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1481 &RequestMsg->LogonUser.Reply.ProfileBuffer,
1482 &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1483 &RequestMsg->LogonUser.Reply.LogonId,
1484 &RequestMsg->LogonUser.Reply.SubStatus,
1485 &TokenInformationType,
1486 &TokenInformation,
1487 &AccountName,
1488 &AuthenticatingAuthority,
1489 &MachineName,
1490 NULL, /* FIXME: PSECPKG_PRIMARY_CRED PrimaryCredentials */
1491 NULL); /* FIXME: PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials */
1492 }
1493 else if (Package->LsaApLogonUserEx != NULL)
1494 {
1495 Status = Package->LsaApLogonUserEx((PLSA_CLIENT_REQUEST)LogonContext,
1496 RequestMsg->LogonUser.Request.LogonType,
1497 LocalAuthInfo,
1498 RequestMsg->LogonUser.Request.AuthenticationInformation,
1499 RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1500 &RequestMsg->LogonUser.Reply.ProfileBuffer,
1501 &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1502 &RequestMsg->LogonUser.Reply.LogonId,
1503 &RequestMsg->LogonUser.Reply.SubStatus,
1504 &TokenInformationType,
1505 &TokenInformation,
1506 &AccountName,
1507 &AuthenticatingAuthority,
1508 &MachineName);
1509 }
1510 else
1511 {
1512 Status = Package->LsaApLogonUser((PLSA_CLIENT_REQUEST)LogonContext,
1513 RequestMsg->LogonUser.Request.LogonType,
1514 LocalAuthInfo,
1515 RequestMsg->LogonUser.Request.AuthenticationInformation,
1516 RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1517 &RequestMsg->LogonUser.Reply.ProfileBuffer,
1518 &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1519 &RequestMsg->LogonUser.Reply.LogonId,
1520 &RequestMsg->LogonUser.Reply.SubStatus,
1521 &TokenInformationType,
1522 &TokenInformation,
1523 &AccountName,
1524 &AuthenticatingAuthority);
1525 }
1526
1527 if (!NT_SUCCESS(Status))
1528 {
1529 ERR("LsaApLogonUser/Ex/2 failed (Status 0x%08lx)\n", Status);
1530 goto done;
1531 }
1532
1533 if (LocalGroups->GroupCount > 0)
1534 {
1535 /* Add local groups to the token information */
1536 Status = LsapAddLocalGroups(TokenInformation,
1537 TokenInformationType,
1538 LocalGroups);
1539 if (!NT_SUCCESS(Status))
1540 {
1541 ERR("LsapAddLocalGroupsToTokenInfo() failed (Status 0x%08lx)\n", Status);
1542 goto done;
1543 }
1544 }
1545
1546 Status = LsapAddDefaultGroups(TokenInformation,
1547 TokenInformationType,
1548 LogonType);
1549 if (!NT_SUCCESS(Status))
1550 {
1551 ERR("LsapAddDefaultGroups() failed (Status 0x%08lx)\n", Status);
1552 goto done;
1553 }
1554
1555 Status = LsapAddSamGroups(TokenInformation,
1556 TokenInformationType);
1557 if (!NT_SUCCESS(Status))
1558 {
1559 ERR("LsapAddSamGroups() failed (Status 0x%08lx)\n", Status);
1560 goto done;
1561 }
1562
1563 Status = LsapSetTokenOwner(TokenInformation,
1564 TokenInformationType);
1565 if (!NT_SUCCESS(Status))
1566 {
1567 ERR("LsapSetTokenOwner() failed (Status 0x%08lx)\n", Status);
1568 goto done;
1569 }
1570
1571 Status = LsapAddTokenDefaultDacl(TokenInformation,
1572 TokenInformationType);
1573 if (!NT_SUCCESS(Status))
1574 {
1575 ERR("LsapAddTokenDefaultDacl() failed (Status 0x%08lx)\n", Status);
1576 goto done;
1577 }
1578
1579 Status = LsapSetPrivileges(TokenInformation,
1580 TokenInformationType);
1581 if (!NT_SUCCESS(Status))
1582 {
1583 ERR("LsapSetPrivileges() failed (Status 0x%08lx)\n", Status);
1584 goto done;
1585 }
1586
1587 if (TokenInformationType == LsaTokenInformationNull)
1588 {
1591 TOKEN_GROUPS NoGroups = {0};
1592 TOKEN_PRIVILEGES NoPrivileges = {0};
1593
1594 TokenInfo0 = (PLSA_TOKEN_INFORMATION_NULL)TokenInformation;
1595
1596 TokenUser.User.Sid = LsapWorldSid;
1597 TokenUser.User.Attributes = 0;
1598 TokenPrimaryGroup.PrimaryGroup = LsapWorldSid;
1599
1600 Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
1603 Qos.EffectiveOnly = TRUE;
1604
1606 ObjectAttributes.RootDirectory = NULL;
1607 ObjectAttributes.ObjectName = NULL;
1608 ObjectAttributes.Attributes = 0;
1609 ObjectAttributes.SecurityDescriptor = NULL;
1610 ObjectAttributes.SecurityQualityOfService = &Qos;
1611
1612 /* Create the logon token */
1617 &RequestMsg->LogonUser.Reply.LogonId,
1618 &TokenInfo0->ExpirationTime,
1619 &TokenUser,
1620 &NoGroups,
1621 &NoPrivileges,
1622 NULL,
1624 NULL,
1625 &RequestMsg->LogonUser.Request.SourceContext);
1626 }
1627 else if (TokenInformationType == LsaTokenInformationV1)
1628 {
1629 TOKEN_PRIVILEGES NoPrivileges = {0};
1630 PSECURITY_DESCRIPTOR TokenSd;
1631 ULONG TokenSdSize;
1632
1633 TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1634
1635 /* Set up a security descriptor for token object itself */
1636 Status = LsapCreateTokenSd(&TokenInfo1->User, &TokenSd, &TokenSdSize);
1637 if (!NT_SUCCESS(Status))
1638 {
1639 TokenSd = NULL;
1640 }
1641
1642 Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
1645 Qos.EffectiveOnly = FALSE;
1646
1648 ObjectAttributes.RootDirectory = NULL;
1649 ObjectAttributes.ObjectName = NULL;
1650 ObjectAttributes.Attributes = 0;
1651 ObjectAttributes.SecurityDescriptor = TokenSd;
1652 ObjectAttributes.SecurityQualityOfService = &Qos;
1653
1654 /* Create the logon token */
1658 (RequestMsg->LogonUser.Request.LogonType == Network) ? TokenImpersonation : TokenPrimary,
1659 &RequestMsg->LogonUser.Reply.LogonId,
1660 &TokenInfo1->ExpirationTime,
1661 &TokenInfo1->User,
1662 TokenInfo1->Groups,
1663 TokenInfo1->Privileges ? TokenInfo1->Privileges : &NoPrivileges,
1664 &TokenInfo1->Owner,
1665 &TokenInfo1->PrimaryGroup,
1666 &TokenInfo1->DefaultDacl,
1667 &RequestMsg->LogonUser.Request.SourceContext);
1668
1669 /* Free the allocated security descriptor */
1670 RtlFreeHeap(RtlGetProcessHeap(), 0, TokenSd);
1671
1672 if (!NT_SUCCESS(Status))
1673 {
1674 ERR("NtCreateToken failed (Status 0x%08lx)\n", Status);
1675 goto done;
1676 }
1677 }
1678 else
1679 {
1680 FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
1682 goto done;
1683 }
1684
1685 if (LogonType == Interactive ||
1686 LogonType == Batch ||
1687 LogonType == Service)
1688 {
1689 UserName = &((PMSV1_0_INTERACTIVE_LOGON)LocalAuthInfo)->UserName;
1690 LogonDomainName = &((PMSV1_0_INTERACTIVE_LOGON)LocalAuthInfo)->LogonDomainName;
1691 }
1692 else
1693 {
1694 FIXME("LogonType %lu is not supported yet!\n", LogonType);
1695 }
1696
1697 Status = LsapSetLogonSessionData(&RequestMsg->LogonUser.Reply.LogonId,
1698 LogonType,
1699 UserName,
1700 LogonDomainName,
1701 TokenInfo1->User.User.Sid);
1702 if (!NT_SUCCESS(Status))
1703 {
1704 ERR("LsapSetLogonSessionData failed (Status 0x%08lx)\n", Status);
1705 goto done;
1706 }
1707
1708 /*
1709 * Duplicate the token handle into the client process.
1710 * This must be the last step because we cannot
1711 * close the duplicated token handle in case something fails.
1712 */
1715 LogonContext->ClientProcessHandle,
1716 &RequestMsg->LogonUser.Reply.Token,
1717 0,
1718 0,
1720 if (!NT_SUCCESS(Status))
1721 {
1722 ERR("NtDuplicateObject failed (Status 0x%08lx)\n", Status);
1723 goto done;
1724 }
1725
1726done:
1727 if (!NT_SUCCESS(Status))
1728 {
1729 /* Notify the authentification package of the failure */
1730 Package->LsaApLogonTerminated(&RequestMsg->LogonUser.Reply.LogonId);
1731
1732 /* Delete the logon session */
1733 LsapDeleteLogonSession(&RequestMsg->LogonUser.Reply.LogonId);
1734
1735 /* Release the profile buffer */
1737 RequestMsg->LogonUser.Reply.ProfileBuffer);
1738 RequestMsg->LogonUser.Reply.ProfileBuffer = NULL;
1739 }
1740
1741 if (TokenHandle != NULL)
1743
1744 /* Free the local groups */
1745 if (LocalGroups != NULL)
1746 {
1747 for (i = 0; i < LocalGroups->GroupCount; i++)
1748 {
1749 if (LocalGroups->Groups[i].Sid != NULL)
1750 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups->Groups[i].Sid);
1751 }
1752
1753 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups);
1754 }
1755
1756 /* Free the local authentication info buffer */
1757 if (LocalAuthInfo != NULL)
1758 RtlFreeHeap(RtlGetProcessHeap(), 0, LocalAuthInfo);
1759
1760 /* Free the token information */
1761 if (TokenInformation != NULL)
1762 {
1763 if (TokenInformationType == LsaTokenInformationNull)
1764 {
1765 TokenInfo0 = (PLSA_TOKEN_INFORMATION_NULL)TokenInformation;
1766
1767 if (TokenInfo0 != NULL)
1768 {
1769 if (TokenInfo0->Groups != NULL)
1770 {
1771 for (i = 0; i < TokenInfo0->Groups->GroupCount; i++)
1772 {
1773 if (TokenInfo0->Groups->Groups[i].Sid != NULL)
1774 LsapFreeHeap(TokenInfo0->Groups->Groups[i].Sid);
1775 }
1776
1777 LsapFreeHeap(TokenInfo0->Groups);
1778 }
1779
1780 LsapFreeHeap(TokenInfo0);
1781 }
1782 }
1783 else if (TokenInformationType == LsaTokenInformationV1)
1784 {
1785 TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1786
1787 if (TokenInfo1 != NULL)
1788 {
1789 if (TokenInfo1->User.User.Sid != NULL)
1790 LsapFreeHeap(TokenInfo1->User.User.Sid);
1791
1792 if (TokenInfo1->Groups != NULL)
1793 {
1794 for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
1795 {
1796 if (TokenInfo1->Groups->Groups[i].Sid != NULL)
1797 LsapFreeHeap(TokenInfo1->Groups->Groups[i].Sid);
1798 }
1799
1800 LsapFreeHeap(TokenInfo1->Groups);
1801 }
1802
1803 if (TokenInfo1->PrimaryGroup.PrimaryGroup != NULL)
1805
1806 if (TokenInfo1->Privileges != NULL)
1807 LsapFreeHeap(TokenInfo1->Privileges);
1808
1809 if (TokenInfo1->Owner.Owner != NULL)
1810 LsapFreeHeap(TokenInfo1->Owner.Owner);
1811
1812 if (TokenInfo1->DefaultDacl.DefaultDacl != NULL)
1814
1815 LsapFreeHeap(TokenInfo1);
1816 }
1817 }
1818 else
1819 {
1820 FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
1821 }
1822 }
1823
1824 /* Free the account name */
1825 if (AccountName != NULL)
1826 {
1827 if (AccountName->Buffer != NULL)
1828 LsapFreeHeap(AccountName->Buffer);
1829
1830 LsapFreeHeap(AccountName);
1831 }
1832
1833 /* Free the authentication authority */
1834 if (AuthenticatingAuthority != NULL)
1835 {
1836 if (AuthenticatingAuthority->Buffer != NULL)
1837 LsapFreeHeap(AuthenticatingAuthority->Buffer);
1838
1839 LsapFreeHeap(AuthenticatingAuthority);
1840 }
1841
1842 /* Free the machine name */
1843 if (MachineName != NULL)
1844 {
1845 if (MachineName->Buffer != NULL)
1846 LsapFreeHeap(MachineName->Buffer);
1847
1849 }
1850
1851 TRACE("LsapLogonUser done (Status 0x%08lx)\n", Status);
1852
1853 return Status;
1854}
static NTSTATUS LsapAddDefaultGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN SECURITY_LOGON_TYPE LogonType)
Definition: authpackage.c:828
static NTSTATUS LsapAddSamGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1034
enum _LSA_TOKEN_INFORMATION_TYPE LSA_TOKEN_INFORMATION_TYPE
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
@ LsaTokenInformationV1
Definition: authpackage.c:17
@ LsaTokenInformationNull
Definition: authpackage.c:16
static NTSTATUS LsapAddLocalGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN PTOKEN_GROUPS LocalGroups)
Definition: authpackage.c:745
static NTSTATUS LsapSetTokenOwner(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1169
static NTSTATUS LsapAddTokenDefaultDacl(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1211
struct _LSA_TOKEN_INFORMATION_NULL * PLSA_TOKEN_INFORMATION_NULL
static NTSTATUS LsapCopyLocalGroups(IN PLSAP_LOGON_CONTEXT LogonContext, IN PTOKEN_GROUPS ClientGroups, IN ULONG ClientGroupsCount, OUT PTOKEN_GROUPS *TokenGroups)
Definition: authpackage.c:637
static NTSTATUS LsapSetPrivileges(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1316
#define FIXME(fmt,...)
Definition: precomp.h:53
#define STATUS_NOT_IMPLEMENTED
Definition: d3dkmdt.h:42
@ Network
NTSTATUS LsapSetLogonSessionData(_In_ PLUID LogonId, _In_ ULONG LogonType, _In_ PUNICODE_STRING UserName, _In_ PUNICODE_STRING LogonDomain, _In_ PSID Sid)
Definition: session.c:67
NTSTATUS LsapCreateTokenSd(_In_ const TOKEN_USER *User, _Outptr_ PSECURITY_DESCRIPTOR *TokenSd, _Out_ PULONG TokenSdSize)
Creates a security descriptor for the token object.
Definition: security.c:637
@ SecurityImpersonation
Definition: lsa.idl:57
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
@ TokenImpersonation
Definition: imports.h:274
@ TokenPrimary
Definition: imports.h:273
#define DUPLICATE_SAME_ATTRIBUTES
Definition: obtypes.h:153
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:726
#define NtCurrentProcess()
Definition: nt_native.h:1657
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS LocalGroups
@ Interactive
Definition: ntsecapi.h:289
@ Service
Definition: ntsecapi.h:292
@ Batch
Definition: ntsecapi.h:291
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
NTSTATUS NTAPI NtDuplicateObject(IN HANDLE SourceProcessHandle, IN HANDLE SourceHandle, IN HANDLE TargetProcessHandle OPTIONAL, OUT PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options)
Definition: obhandle.c:3410
_In_ DWORD _Out_ PDWORD _In_opt_ PCSTR MachineName
Definition: setupapi.h:1293
PLSA_AP_LOGON_USER_EX2 LsaApLogonUserEx2
Definition: authpackage.c:103
PLSA_AP_LOGON_USER_INTERNAL LsaApLogonUser
Definition: authpackage.c:105
PLSA_AP_LOGON_USER_EX LsaApLogonUserEx
Definition: authpackage.c:104
PLSA_AP_LOGON_TERMINATED LsaApLogonTerminated
Definition: authpackage.c:102
LSA_LOGON_USER_MSG LogonUser
Definition: lsass.h:187
struct _LSA_LOGON_USER_MSG::@3490::@3493 Reply
struct _LSA_LOGON_USER_MSG::@3490::@3492 Request
LARGE_INTEGER ExpirationTime
Definition: authpackage.c:22
TOKEN_PRIMARY_GROUP PrimaryGroup
Definition: authpackage.c:31
PTOKEN_PRIVILEGES Privileges
Definition: authpackage.c:32
TOKEN_DEFAULT_DACL DefaultDacl
Definition: authpackage.c:34
LARGE_INTEGER ExpirationTime
Definition: authpackage.c:28
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:1018
$ULONG GroupCount
Definition: setypes.h:1014
PSID Owner
Definition: setypes.h:1028
SID_AND_ATTRIBUTES User
Definition: setypes.h:1010
__kernel_entry NTSTATUS NTAPI NtCreateToken(_Out_ PHANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PTOKEN_USER TokenUser, _In_ PTOKEN_GROUPS TokenGroups, _In_ PTOKEN_PRIVILEGES TokenPrivileges, _In_opt_ PTOKEN_OWNER TokenOwner, _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup, _In_opt_ PTOKEN_DEFAULT_DACL TokenDefaultDacl, _In_ PTOKEN_SOURCE TokenSource)
Creates an access token.
Definition: tokenlif.c:1558
struct _OBJECT_ATTRIBUTES OBJECT_ATTRIBUTES
#define DUPLICATE_SAME_ACCESS
#define DUPLICATE_CLOSE_SOURCE
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
@ TokenUser
Definition: setypes.h:966
@ TokenPrimaryGroup
Definition: setypes.h:970
#define SECURITY_DYNAMIC_TRACKING
Definition: setypes.h:103

Referenced by AuthPortThreadRoutine().

◆ LsapLookupAccountRightName()

NTSTATUS LsapLookupAccountRightName ( ULONG  RightValue,
PRPC_UNICODE_STRING Name 
)

Definition at line 343 of file privileges.c.

345{
346 PRPC_UNICODE_STRING NameBuffer;
347 ULONG i;
348
349 for (i = 0; i < ARRAYSIZE(WellKnownRights); i++)
350 {
351 if (WellKnownRights[i].Flag == RightValue)
352 {
353 NameBuffer = MIDL_user_allocate(sizeof(RPC_UNICODE_STRING));
354 if (NameBuffer == NULL)
355 return STATUS_NO_MEMORY;
356
357 NameBuffer->Length = (USHORT)wcslen(WellKnownRights[i].Name) * sizeof(WCHAR);
358 NameBuffer->MaximumLength = NameBuffer->Length + sizeof(WCHAR);
359
360 NameBuffer->Buffer = MIDL_user_allocate(NameBuffer->MaximumLength);
361 if (NameBuffer->Buffer == NULL)
362 {
363 MIDL_user_free(NameBuffer);
365 }
366
367 wcscpy(NameBuffer->Buffer, WellKnownRights[i].Name);
368
369 *Name = NameBuffer;
370
371 return STATUS_SUCCESS;
372 }
373 }
374
376}
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
void *__RPC_USER MIDL_user_allocate(SIZE_T size)
Definition: irotp.c:371
void __RPC_USER MIDL_user_free(void *p)
Definition: irotp.c:376
#define STATUS_NO_SUCH_PRIVILEGE
Definition: ntstatus.h:332
unsigned short USHORT
Definition: pedump.c:61
static const RIGHT_DATA WellKnownRights[]
Definition: privileges.c:62
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
Definition: xml2sdb.h:80
LPCWSTR Name
Definition: privileges.c:23
unsigned short Length
Definition: msv1_0.h:22
unsigned short MaximumLength
Definition: msv1_0.h:23
wchar_t * Buffer
Definition: msv1_0.h:24

Referenced by LsarEnumerateAccountRights().

◆ LsapLookupAccountRightValue()

ACCESS_MASK LsapLookupAccountRightValue ( IN PRPC_UNICODE_STRING  Name)

Definition at line 380 of file privileges.c.

382{
383 ULONG i;
384
385 if (Name->Length == 0 || Name->Buffer == NULL)
386 return 0;
387
388 for (i = 0; i < ARRAYSIZE(WellKnownRights); i++)
389 {
390 if (_wcsicmp(Name->Buffer, WellKnownRights[i].Name) == 0)
391 return WellKnownRights[i].Flag;
392 }
393
394 return 0;
395}
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)

Referenced by LsarAddAccountRights(), LsarEnumerateAccountsWithUserRight(), and LsarRemoveAccountRights().

◆ LsapLookupAuthenticationPackage()

NTSTATUS LsapLookupAuthenticationPackage ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 510 of file authpackage.c.

512{
513 PLIST_ENTRY ListEntry;
514 PAUTH_PACKAGE Package;
515 ULONG PackageNameLength;
516 PCHAR PackageName;
517
518 TRACE("(%p %p)\n", RequestMsg, LogonContext);
519
520 PackageNameLength = RequestMsg->LookupAuthenticationPackage.Request.PackageNameLength;
521 PackageName = RequestMsg->LookupAuthenticationPackage.Request.PackageName;
522
523 TRACE("PackageName: %s\n", PackageName);
524
525 ListEntry = PackageListHead.Flink;
526 while (ListEntry != &PackageListHead)
527 {
528 Package = CONTAINING_RECORD(ListEntry, AUTH_PACKAGE, Entry);
529
530 if ((PackageNameLength == Package->Name->Length) &&
531 (_strnicmp(PackageName, Package->Name->Buffer, Package->Name->Length) == 0))
532 {
533 RequestMsg->LookupAuthenticationPackage.Reply.Package = Package->Id;
534 return STATUS_SUCCESS;
535 }
536
537 ListEntry = ListEntry->Flink;
538 }
539
541}
#define _strnicmp(_String1, _String2, _MaxCount)
Definition: compat.h:23
PSTRING Name
Definition: authpackage.c:94
LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG LookupAuthenticationPackage
Definition: lsass.h:190
struct _LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG::@3502::@3505 Reply
struct _LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG::@3502::@3504 Request
unsigned short Length
Definition: sprintf.c:451
void * Buffer
Definition: sprintf.c:453
char * PCHAR
Definition: typedefs.h:51

Referenced by AuthPortThreadRoutine().

◆ LsapLookupNames()

NTSTATUS LsapLookupNames ( DWORD  Count,
PRPC_UNICODE_STRING  Names,
PLSAPR_REFERENCED_DOMAIN_LIST ReferencedDomains,
PLSAPR_TRANSLATED_SIDS_EX2  TranslatedSids,
LSAP_LOOKUP_LEVEL  LookupLevel,
DWORD MappedCount,
DWORD  LookupOptions,
DWORD  ClientRevision 
)

Definition at line 1813 of file lookup.c.

1821{
1822 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer = NULL;
1823 PLSAPR_TRANSLATED_SID_EX2 SidsBuffer = NULL;
1824 PRPC_UNICODE_STRING DomainNames = NULL;
1825 PRPC_UNICODE_STRING AccountNames = NULL;
1826 ULONG SidsBufferLength;
1827 ULONG i;
1828 ULONG Mapped = 0;
1830
1831//TRACE("()\n");
1832
1833 TranslatedSids->Entries = 0;
1834 TranslatedSids->Sids = NULL;
1835 *ReferencedDomains = NULL;
1836
1837 SidsBufferLength = Count * sizeof(LSAPR_TRANSLATED_SID_EX2);
1838 SidsBuffer = MIDL_user_allocate(SidsBufferLength);
1839 if (SidsBuffer == NULL)
1840 {
1841//TRACE("\n");
1843 goto done;
1844 }
1845
1846 DomainsBuffer = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
1847 if (DomainsBuffer == NULL)
1848 {
1849//TRACE("\n");
1851 goto done;
1852 }
1853
1854 DomainsBuffer->Domains = MIDL_user_allocate(Count * sizeof(LSA_TRUST_INFORMATION));
1855 if (DomainsBuffer->Domains == NULL)
1856 {
1857//TRACE("\n");
1859 goto done;
1860 }
1861 DomainsBuffer->Entries = 0;
1862 DomainsBuffer->MaxEntries = Count;
1863
1864 for (i = 0; i < Count; i++)
1865 {
1866 SidsBuffer[i].Use = SidTypeUnknown;
1867 SidsBuffer[i].Sid = NULL;
1868 SidsBuffer[i].DomainIndex = -1;
1869 SidsBuffer[i].Flags = 0;
1870 }
1871
1873 Names,
1874 &DomainNames,
1875 &AccountNames);
1876 if (!NT_SUCCESS(Status))
1877 {
1878 TRACE("LsapSplitNames failed! (Status %lx)\n", Status);
1879 goto done;
1880 }
1881
1882
1884 DomainNames,
1885 AccountNames,
1886 DomainsBuffer,
1887 SidsBuffer,
1888 &Mapped);
1889 if (!NT_SUCCESS(Status) &&
1892 {
1893 TRACE("LsapLookupIsolatedNames failed! (Status %lx)\n", Status);
1894 goto done;
1895 }
1896
1897 if (Mapped == Count)
1898 goto done;
1899
1900
1902 DomainNames,
1903 AccountNames,
1904 DomainsBuffer,
1905 SidsBuffer,
1906 &Mapped);
1907 if (!NT_SUCCESS(Status) &&
1910 {
1911 TRACE("LsapLookupIsolatedBuiltinNames failed! (Status %lx)\n", Status);
1912 goto done;
1913 }
1914
1915 if (Mapped == Count)
1916 goto done;
1917
1918
1920 DomainNames,
1921 AccountNames,
1922 DomainsBuffer,
1923 SidsBuffer,
1924 &Mapped);
1925 if (!NT_SUCCESS(Status) &&
1928 {
1929 TRACE("LsapLookupIsolatedAccountNames failed! (Status %lx)\n", Status);
1930 goto done;
1931 }
1932
1933 if (Mapped == Count)
1934 goto done;
1935
1937 DomainNames,
1938 AccountNames,
1939 DomainsBuffer,
1940 SidsBuffer,
1941 &Mapped);
1942 if (!NT_SUCCESS(Status) &&
1945 {
1946 TRACE("LsapLookupFullyQualifiedWellKnownNames failed! (Status %lx)\n", Status);
1947 goto done;
1948 }
1949
1950 if (Mapped == Count)
1951 goto done;
1952
1954 DomainNames,
1955 AccountNames,
1956 DomainsBuffer,
1957 SidsBuffer,
1958 &Mapped);
1959 if (!NT_SUCCESS(Status) &&
1962 {
1963 TRACE("LsapLookupBuiltinNames failed! (Status %lx)\n", Status);
1964 goto done;
1965 }
1966
1967 if (Mapped == Count)
1968 goto done;
1969
1970
1972 DomainNames,
1973 AccountNames,
1974 DomainsBuffer,
1975 SidsBuffer,
1976 &Mapped);
1977 if (!NT_SUCCESS(Status) &&
1980 {
1981 TRACE("LsapLookupAccountNames failed! (Status %lx)\n", Status);
1982 goto done;
1983 }
1984
1985 if (Mapped == Count)
1986 goto done;
1987
1988done:
1989// TRACE("done: Status %lx\n", Status);
1990
1991 if (DomainNames != NULL)
1992 {
1993//TRACE("Free DomainNames\n");
1994 for (i = 0; i < Count; i++)
1995 {
1996 if (DomainNames[i].Buffer != NULL)
1997 MIDL_user_free(DomainNames[i].Buffer);
1998 }
1999
2000 MIDL_user_free(DomainNames);
2001 }
2002
2003 if (AccountNames != NULL)
2004 {
2005//TRACE("Free AccountNames\n");
2006 for (i = 0; i < Count; i++)
2007 {
2008//TRACE("i: %lu\n", i);
2009 if (AccountNames[i].Buffer != NULL)
2010 {
2011 MIDL_user_free(AccountNames[i].Buffer);
2012 }
2013 }
2014
2015 MIDL_user_free(AccountNames);
2016 }
2017
2018 if (!NT_SUCCESS(Status))
2019 {
2020//TRACE("Failure!\n");
2021
2022//TRACE("Free DomainsBuffer\n");
2023 if (DomainsBuffer != NULL)
2024 {
2025 if (DomainsBuffer->Domains != NULL)
2026 MIDL_user_free(DomainsBuffer->Domains);
2027
2028 MIDL_user_free(DomainsBuffer);
2029 }
2030
2031//TRACE("Free SidsBuffer\n");
2032 if (SidsBuffer != NULL)
2033 MIDL_user_free(SidsBuffer);
2034 }
2035 else
2036 {
2037//TRACE("Success!\n");
2038
2039 *ReferencedDomains = DomainsBuffer;
2040 TranslatedSids->Entries = Count;
2041 TranslatedSids->Sids = SidsBuffer;
2042 *MappedCount = Mapped;
2043
2044 if (Mapped == 0)
2046 else if (Mapped < Count)
2048 }
2049
2050// TRACE("done: Status %lx\n", Status);
2051
2052 return Status;
2053}
PWSTR Names[]
Definition: bufpool.h:45
static NTSTATUS LsapLookupBuiltinNames(DWORD Count, PRPC_UNICODE_STRING DomainNames, PRPC_UNICODE_STRING AccountNames, PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, PLSAPR_TRANSLATED_SID_EX2 SidsBuffer, PULONG Mapped)
Definition: lookup.c:1620
static NTSTATUS LsapLookupFullyQualifiedWellKnownNames(DWORD Count, PRPC_UNICODE_STRING DomainNames, PRPC_UNICODE_STRING AccountNames, PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, PLSAPR_TRANSLATED_SID_EX2 SidsBuffer, PULONG Mapped)
Definition: lookup.c:1512
static NTSTATUS LsapSplitNames(DWORD Count, PRPC_UNICODE_STRING Names, PRPC_UNICODE_STRING *DomainNames, PRPC_UNICODE_STRING *AccountNames)
Definition: lookup.c:773
static NTSTATUS LsapLookupAccountNames(DWORD Count, PRPC_UNICODE_STRING DomainNames, PRPC_UNICODE_STRING AccountNames, PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, PLSAPR_TRANSLATED_SID_EX2 SidsBuffer, PULONG Mapped)
Definition: lookup.c:1717
static NTSTATUS LsapLookupIsolatedAccountNames(DWORD Count, PRPC_UNICODE_STRING DomainNames, PRPC_UNICODE_STRING AccountNames, PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, PLSAPR_TRANSLATED_SID_EX2 SidsBuffer, PULONG Mapped)
Definition: lookup.c:1414
static NTSTATUS LsapLookupIsolatedNames(DWORD Count, PRPC_UNICODE_STRING DomainNames, PRPC_UNICODE_STRING AccountNames, PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, PLSAPR_TRANSLATED_SID_EX2 SidsBuffer, PULONG Mapped)
Definition: lookup.c:1154
static NTSTATUS LsapLookupIsolatedBuiltinNames(DWORD Count, PRPC_UNICODE_STRING DomainNames, PRPC_UNICODE_STRING AccountNames, PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, PLSAPR_TRANSLATED_SID_EX2 SidsBuffer, PULONG Mapped)
Definition: lookup.c:1318
struct _LSAPR_TRANSLATED_SID_EX2 LSAPR_TRANSLATED_SID_EX2
@ SidTypeUnknown
Definition: lsa.idl:125
int Count
Definition: noreturn.cpp:7
#define STATUS_NONE_MAPPED
Definition: ntstatus.h:351
#define STATUS_SOME_NOT_MAPPED
Definition: ntstatus.h:86
PLSAPR_TRUST_INFORMATION Domains
Definition: lsa.idl:111
PLSAPR_TRANSLATED_SID_EX2 Sids
Definition: lsa.idl:210
SID_NAME_USE Use
Definition: lsa.idl:202

Referenced by LsarLookupNames(), LsarLookupNames2(), LsarLookupNames3(), and LsarLookupNames4().

◆ LsapLookupSids()

NTSTATUS LsapLookupSids ( PLSAPR_SID_ENUM_BUFFER  SidEnumBuffer,
PLSAPR_REFERENCED_DOMAIN_LIST ReferencedDomains,
PLSAPR_TRANSLATED_NAMES_EX  TranslatedNames,
LSAP_LOOKUP_LEVEL  LookupLevel,
DWORD MappedCount,
DWORD  LookupOptions,
DWORD  ClientRevision 
)

Definition at line 2412 of file lookup.c.

2419{
2420 PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer = NULL;
2421 PLSAPR_TRANSLATED_NAME_EX NamesBuffer = NULL;
2422 ULONG NamesBufferLength;
2423 ULONG i;
2424 ULONG Mapped = 0;
2426
2427 NamesBufferLength = SidEnumBuffer->Entries * sizeof(LSAPR_TRANSLATED_NAME_EX);
2428 NamesBuffer = MIDL_user_allocate(NamesBufferLength);
2429 if (NamesBuffer == NULL)
2430 {
2432 goto done;
2433 }
2434
2435 DomainsBuffer = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST));
2436 if (DomainsBuffer == NULL)
2437 {
2439 goto done;
2440 }
2441
2442 DomainsBuffer->Domains = MIDL_user_allocate(SidEnumBuffer->Entries * sizeof(LSA_TRUST_INFORMATION));
2443 if (DomainsBuffer->Domains == NULL)
2444 {
2446 goto done;
2447 }
2448
2449 DomainsBuffer->Entries = 0;
2450 DomainsBuffer->MaxEntries = SidEnumBuffer->Entries;
2451
2452 /* Initialize all name entries */
2453 for (i = 0; i < SidEnumBuffer->Entries; i++)
2454 {
2455 NamesBuffer[i].Use = SidTypeUnknown;
2456 NamesBuffer[i].Name.Length = 0;
2457 NamesBuffer[i].Name.MaximumLength = 0;
2458 NamesBuffer[i].Name.Buffer = NULL;
2459 NamesBuffer[i].DomainIndex = -1;
2460 NamesBuffer[i].Flags = 0;
2461 }
2462
2463 /* Look-up well-known SIDs */
2464 Status = LsapLookupWellKnownSids(SidEnumBuffer,
2465 NamesBuffer,
2466 DomainsBuffer,
2467 &Mapped);
2468 if (!NT_SUCCESS(Status) &&
2471 goto done;
2472
2473 if (Mapped == SidEnumBuffer->Entries)
2474 goto done;
2475
2476 /* Look-up builtin domain SIDs */
2477 Status = LsapLookupBuiltinDomainSids(SidEnumBuffer,
2478 NamesBuffer,
2479 DomainsBuffer,
2480 &Mapped);
2481 if (!NT_SUCCESS(Status) &&
2484 goto done;
2485
2486 if (Mapped == SidEnumBuffer->Entries)
2487 goto done;
2488
2489 /* Look-up account domain SIDs */
2490 Status = LsapLookupAccountDomainSids(SidEnumBuffer,
2491 NamesBuffer,
2492 DomainsBuffer,
2493 &Mapped);
2494 if (!NT_SUCCESS(Status) &&
2497 goto done;
2498
2499 if (Mapped == SidEnumBuffer->Entries)
2500 goto done;
2501
2502done:
2503 TRACE("done Status: %lx Mapped: %lu\n", Status, Mapped);
2504
2505 if (!NT_SUCCESS(Status))
2506 {
2507 if (DomainsBuffer != NULL)
2508 {
2509 if (DomainsBuffer->Domains != NULL)
2510 MIDL_user_free(DomainsBuffer->Domains);
2511
2512 MIDL_user_free(DomainsBuffer);
2513 }
2514
2515 if (NamesBuffer != NULL)
2516 MIDL_user_free(NamesBuffer);
2517 }
2518 else
2519 {
2520 *ReferencedDomains = DomainsBuffer;
2521 TranslatedNames->Entries = SidEnumBuffer->Entries;
2522 TranslatedNames->Names = NamesBuffer;
2523 *MappedCount = Mapped;
2524
2525 if (Mapped == 0)
2527 else if (Mapped < SidEnumBuffer->Entries)
2529 }
2530
2531 return Status;
2532}
static const ENTRY Entries[]
static NTSTATUS LsapLookupWellKnownSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, PLSAPR_TRANSLATED_NAME_EX NamesBuffer, PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, PULONG Mapped)
Definition: lookup.c:2057
static NTSTATUS LsapLookupBuiltinDomainSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, PLSAPR_TRANSLATED_NAME_EX NamesBuffer, PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, PULONG Mapped)
Definition: lookup.c:2134
static NTSTATUS LsapLookupAccountDomainSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, PLSAPR_TRANSLATED_NAME_EX NamesBuffer, PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, PULONG Mapped)
Definition: lookup.c:2273
struct _LSAPR_TRANSLATED_NAME_EX LSAPR_TRANSLATED_NAME_EX
PLSAPR_TRANSLATED_NAME_EX Names
Definition: lsa.idl:186
SID_NAME_USE Use
Definition: lsa.idl:178
RPC_UNICODE_STRING Name
Definition: lsa.idl:179

Referenced by LsarLookupSids(), LsarLookupSids2(), and LsarLookupSids3().

◆ LsapNotifyPolicyChange()

VOID LsapNotifyPolicyChange ( POLICY_NOTIFICATION_INFORMATION_CLASS  InformationClass)

Definition at line 188 of file notify.c.

190{
192 PLSA_NOTIFICATION_ENTRY CurrentNotification;
193
194 TRACE("LsapNotifyPolicyChange(%lu)\n", InformationClass);
195
196 /* Acquire the notification list lock shared */
198
201 {
203
204 if (CurrentNotification->InformationClass == InformationClass)
205 {
206 TRACE("Notify event %p\n", CurrentNotification->MappedEventHandle);
207 NtSetEvent(CurrentNotification->MappedEventHandle, NULL);
208 }
209
211 }
212
213 /* Release the notification list lock */
215}
_In_ FILTER_INFORMATION_CLASS InformationClass
Definition: fltkernel.h:1713
NTSYSAPI BOOLEAN NTAPI RtlAcquireResourceShared(_In_ PRTL_RESOURCE Resource, _In_ BOOLEAN Wait)
NTSYSAPI VOID NTAPI RtlReleaseResource(_In_ PRTL_RESOURCE Resource)
NTSTATUS NTAPI NtSetEvent(IN HANDLE EventHandle, OUT PLONG PreviousState OPTIONAL)
Definition: event.c:455
Definition: notify.c:11
HANDLE MappedEventHandle
Definition: notify.c:16
POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass
Definition: notify.c:13
_In_ ULONG _In_opt_ PVOID _In_ PDRIVER_OBJECT _In_ PDRIVER_NOTIFICATION_CALLBACK_ROUTINE _Inout_opt_ __drv_aliasesMem PVOID _Outptr_result_nullonfailure_ _At_ * NotificationEntry(return==0, __drv_allocatesMem(Mem))) PVOID *NotificationEntry

Referenced by LsarSetInformationPolicy().

◆ LsapOpenDbObject()

NTSTATUS LsapOpenDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  ObjectType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 712 of file database.c.

719{
723 HANDLE ParentKeyHandle;
724 HANDLE ContainerKeyHandle = NULL;
725 HANDLE ObjectKeyHandle = NULL;
727
728 if (DbObject == NULL)
730
731 if (ParentObject == NULL)
732 ParentKeyHandle = SecurityKeyHandle;
733 else
734 ParentKeyHandle = ParentObject->KeyHandle;
735
736 if (ContainerName != NULL)
737 {
738 /* Open the container key */
740 ContainerName);
741
743 &KeyName,
745 ParentKeyHandle,
746 NULL);
747
748 Status = NtOpenKey(&ContainerKeyHandle,
751 if (!NT_SUCCESS(Status))
752 {
753 return Status;
754 }
755
756 /* Open the object key */
758 ObjectName);
759
761 &KeyName,
763 ContainerKeyHandle,
764 NULL);
765
766 Status = NtOpenKey(&ObjectKeyHandle,
769
770 NtClose(ContainerKeyHandle);
771
772 if (!NT_SUCCESS(Status))
773 {
774 return Status;
775 }
776 }
777 else
778 {
779 /* Open the object key */
781 ObjectName);
782
784 &KeyName,
786 ParentKeyHandle,
787 NULL);
788
789 Status = NtOpenKey(&ObjectKeyHandle,
792 if (!NT_SUCCESS(Status))
793 {
794 return Status;
795 }
796 }
797
798 NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
799 0,
800 sizeof(LSA_DB_OBJECT));
801 if (NewObject == NULL)
802 {
803 NtClose(ObjectKeyHandle);
804 return STATUS_NO_MEMORY;
805 }
806
807 NewObject->Signature = LSAP_DB_SIGNATURE;
808 NewObject->RefCount = 1;
809 NewObject->ObjectType = ObjectType;
810 NewObject->Access = DesiredAccess;
811 NewObject->KeyHandle = ObjectKeyHandle;
812 NewObject->ParentObject = ParentObject;
813 NewObject->Trusted = Trusted;
814
815 if (ParentObject != NULL)
816 ParentObject->RefCount++;
817
818 *DbObject = NewObject;
819
820 return STATUS_SUCCESS;
821}

Referenced by LsaIOpenPolicyTrusted(), LsapCreateDatabaseObjects(), LsapGetDomainInfo(), LsarOpenPolicy(), LsarOpenSecret(), LsarpOpenAccount(), LsarRetrievePrivateData(), and LsarStorePrivateData().

◆ LsapRegCloseKey()

NTSTATUS LsapRegCloseKey ( IN HANDLE  KeyHandle)

Definition at line 23 of file registry.c.

24{
25 return NtClose(KeyHandle);
26}
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715

Referenced by LsarEnumerateAccounts(), and LsarEnumerateAccountsWithUserRight().

◆ LsapRegCreateKey()

NTSTATUS LsapRegCreateKey ( IN HANDLE  ParentKeyHandle,
IN LPCWSTR  KeyName,
IN ACCESS_MASK  DesiredAccess,
OUT HANDLE  KeyHandle 
)

Definition at line 30 of file registry.c.

34{
38
40
42 &Name,
44 ParentKeyHandle,
45 NULL);
46
47 /* Create the key */
48 return ZwCreateKey(KeyHandle,
51 0,
52 NULL,
53 0,
55}
struct NameRec_ * Name
Definition: cdprocs.h:460
#define OBJ_OPENIF
Definition: winternl.h:229
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Reserved_ ULONG _In_opt_ PUNICODE_STRING _In_ ULONG _Out_opt_ PULONG Disposition
Definition: cmfuncs.h:56

◆ LsapRegDeleteKey()

NTSTATUS LsapRegDeleteKey ( IN HANDLE  KeyHandle)

Definition at line 89 of file registry.c.

90{
91 return NtDeleteKey(KeyHandle);
92}
NTSTATUS NTAPI NtDeleteKey(IN HANDLE KeyHandle)
Definition: ntapi.c:408

Referenced by LsapDeleteDbObject().

◆ LsapRegDeleteSubKey()

NTSTATUS LsapRegDeleteSubKey ( IN HANDLE  ParentKeyHandle,
IN LPCWSTR  KeyName 
)

Definition at line 59 of file registry.c.

61{
64 HANDLE TargetKey;
66
72 ParentKeyHandle,
73 NULL);
74 Status = NtOpenKey(&TargetKey,
75 DELETE,
77 if (!NT_SUCCESS(Status))
78 return Status;
79
80 Status = NtDeleteKey(TargetKey);
81
82 NtClose(TargetKey);
83
84 return Status;
85}
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ PNDIS_STRING SubKeyName
Definition: ndis.h:4725
#define DELETE
Definition: nt_native.h:57

Referenced by LsapDeleteDbObject(), and LsapDeleteObjectAttribute().

◆ LsapRegDeleteValue()

NTSTATUS LsapRegDeleteValue ( IN HANDLE  KeyHandle,
IN LPWSTR  ValueName 
)

Definition at line 211 of file registry.c.

213{
215
217 ValueName);
218
220 &Name);
221}
NTSYSAPI NTSTATUS NTAPI NtDeleteValueKey(IN HANDLE KeyHandle, IN PUNICODE_STRING ValueName)
Definition: ntapi.c:1014
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING ValueName
Definition: wdfregistry.h:243

◆ LsapRegEnumerateSubKey()

NTSTATUS LsapRegEnumerateSubKey ( IN HANDLE  KeyHandle,
IN ULONG  Index,
IN ULONG  Length,
OUT LPWSTR  Buffer 
)

Definition at line 96 of file registry.c.

100{
105
106 /* Check if we have a name */
107 if (Length)
108 {
109 /* Allocate a buffer for it */
110 BufferLength = sizeof(KEY_BASIC_INFORMATION) + Length * sizeof(WCHAR);
111
112 KeyInfo = RtlAllocateHeap(RtlGetProcessHeap(), 0, BufferLength);
113 if (KeyInfo == NULL)
114 return STATUS_NO_MEMORY;
115 }
116
117 /* Enumerate the key */
118 Status = ZwEnumerateKey(KeyHandle,
119 Index,
121 KeyInfo,
124 if (NT_SUCCESS(Status))
125 {
126 /* Check if the name fits */
127 if (KeyInfo->NameLength < (Length * sizeof(WCHAR)))
128 {
129 /* Copy it */
131 KeyInfo->Name,
132 KeyInfo->NameLength);
133
134 /* Terminate the string */
135 Buffer[KeyInfo->NameLength / sizeof(WCHAR)] = UNICODE_NULL;
136 }
137 else
138 {
139 /* Otherwise, we ran out of buffer space */
141 }
142 }
143
144 /* Free the buffer and return status */
145 if (KeyInfo)
146 RtlFreeHeap(RtlGetProcessHeap(), 0, KeyInfo);
147
148 return Status;
149}
_In_ ULONG _In_ BATTERY_QUERY_INFORMATION_LEVEL _In_ LONG _In_ ULONG _Out_ PULONG ReturnedLength
Definition: batclass.h:188
@ KeyBasicInformation
Definition: nt_native.h:1131
struct _KEY_BASIC_INFORMATION KEY_BASIC_INFORMATION
#define UNICODE_NULL
#define RtlMoveMemory(Destination, Source, Length)
Definition: typedefs.h:264
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771

Referenced by LsapDeleteDbObject(), LsarEnumerateAccounts(), and LsarEnumerateAccountsWithUserRight().

◆ LsapRegEnumerateValue()

NTSTATUS LsapRegEnumerateValue ( IN HANDLE  KeyHandle,
IN ULONG  Index,
OUT LPWSTR  Name,
IN OUT PULONG  NameLength,
OUT PULONG Type  OPTIONAL,
OUT PVOID Data  OPTIONAL,
IN OUT PULONG DataLength  OPTIONAL 
)

Definition at line 225 of file registry.c.

232{
237
238 TRACE("Index: %lu\n", Index);
239
240 /* Calculate the required buffer length */
242 BufferLength += (MAX_PATH + 1) * sizeof(WCHAR);
243 if (Data != NULL)
245
246 /* Allocate the value buffer */
247 ValueInfo = RtlAllocateHeap(RtlGetProcessHeap(), 0, BufferLength);
248 if (ValueInfo == NULL)
249 return STATUS_NO_MEMORY;
250
251 /* Enumerate the value*/
252 Status = ZwEnumerateValueKey(KeyHandle,
253 Index,
255 ValueInfo,
258 if (NT_SUCCESS(Status))
259 {
260 if (Name != NULL)
261 {
262 /* Check if the name fits */
263 if (ValueInfo->NameLength < (*NameLength * sizeof(WCHAR)))
264 {
265 /* Copy it */
267 ValueInfo->Name,
268 ValueInfo->NameLength);
269
270 /* Terminate the string */
271 Name[ValueInfo->NameLength / sizeof(WCHAR)] = UNICODE_NULL;
272 }
273 else
274 {
275 /* Otherwise, we ran out of buffer space */
277 goto done;
278 }
279 }
280
281 if (Data != NULL)
282 {
283 /* Check if the data fits */
284 if (ValueInfo->DataLength <= *DataLength)
285 {
286 /* Copy it */
288 (PVOID)((ULONG_PTR)ValueInfo + ValueInfo->DataOffset),
289 ValueInfo->DataLength);
290
291 /* if the type is REG_SZ and data is not 0-terminated
292 * and there is enough space in the buffer NT appends a \0 */
293 if (IsStringType(ValueInfo->Type) &&
294 ValueInfo->DataLength <= *DataLength - sizeof(WCHAR))
295 {
296 WCHAR *ptr = (WCHAR *)((ULONG_PTR)Data + ValueInfo->DataLength);
297 if ((ptr > (WCHAR *)Data) && ptr[-1])
298 *ptr = UNICODE_NULL;
299 }
300 }
301 else
302 {
304 goto done;
305 }
306 }
307 }
308
309done:
311 {
312 if (Type != NULL)
313 *Type = ValueInfo->Type;
314
315 if (NameLength != NULL)
316 *NameLength = ValueInfo->NameLength;
317
318 if (DataLength != NULL)
319 *DataLength = ValueInfo->DataLength;
320 }
321
322 /* Free the buffer and return status */
323 if (ValueInfo)
324 RtlFreeHeap(RtlGetProcessHeap(), 0, ValueInfo);
325
326 return Status;
327}
Type
Definition: Type.h:7
_In_ ULONG _In_opt_ WDFREQUEST _In_opt_ PVOID _In_ size_t _In_ PVOID _In_ size_t _Out_ size_t * DataLength
Definition: cdrom.h:1444
#define MAX_PATH
Definition: compat.h:34
static BOOLEAN IsStringType(ULONG Type)
Definition: registry.c:19
static PVOID ptr
Definition: dispmode.c:27
@ KeyValueFullInformation
Definition: nt_native.h:1181
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255

◆ LsapRegisterNotification()

NTSTATUS LsapRegisterNotification ( PLSA_API_MSG  RequestMsg)

Definition at line 159 of file notify.c.

161{
163
164 TRACE("LsapRegisterNotification(%p)\n", pRequestMsg);
165
166 /* Acquire the notification list lock exclusively */
168
169 if (pRequestMsg->PolicyChangeNotify.Request.Register)
170 {
171 /* Register the notification event */
172 Status = LsapAddNotification(pRequestMsg);
173 }
174 else
175 {
176 /* Unregister the notification event */
177 Status = LsapRemoveNotification(pRequestMsg);
178 }
179
180 /* Release the notification list lock */
182
183 return Status;
184}
static NTSTATUS LsapAddNotification(PLSA_API_MSG pRequestMsg)
Definition: notify.c:63
static NTSTATUS LsapRemoveNotification(PLSA_API_MSG pRequestMsg)
Definition: notify.c:132
NTSYSAPI BOOLEAN NTAPI RtlAcquireResourceExclusive(_In_ PRTL_RESOURCE Resource, _In_ BOOLEAN Wait)

Referenced by AuthPortThreadRoutine().

◆ LsapRegOpenKey()

NTSTATUS LsapRegOpenKey ( IN HANDLE  ParentKeyHandle,
IN LPCWSTR  KeyName,
IN ACCESS_MASK  DesiredAccess,
OUT HANDLE  KeyHandle 
)

◆ LsapRegQueryKeyInfo()

NTSTATUS LsapRegQueryKeyInfo ( IN HANDLE  KeyHandle,
OUT PULONG  SubKeyCount,
OUT PULONG  MaxSubKeyNameLength,
OUT PULONG  ValueCount 
)

Definition at line 176 of file registry.c.

180{
181 KEY_FULL_INFORMATION FullInfoBuffer;
184
185 FullInfoBuffer.ClassLength = 0;
187
190 &FullInfoBuffer,
191 sizeof(KEY_FULL_INFORMATION),
192 &Length);
193 TRACE("NtQueryKey() returned status 0x%08lX\n", Status);
194 if (!NT_SUCCESS(Status))
195 return Status;
196
197 if (SubKeyCount != NULL)
198 *SubKeyCount = FullInfoBuffer.SubKeys;
199
200 if (MaxSubKeyNameLength != NULL)
201 *MaxSubKeyNameLength = FullInfoBuffer.MaxNameLen;
202
203 if (ValueCount != NULL)
204 *ValueCount = FullInfoBuffer.Values;
205
206 return Status;
207}
@ KeyFullInformation
Definition: nt_native.h:1133
NTSTATUS NTAPI NtQueryKey(IN HANDLE KeyHandle, IN KEY_INFORMATION_CLASS KeyInformationClass, OUT PVOID KeyInformation, IN ULONG Length, OUT PULONG ResultLength)
Definition: ntapi.c:632

Referenced by LsarEnumerateAccounts(), and LsarEnumerateAccountsWithUserRight().

◆ LsapRegQueryValue()

NTSTATUS LsapRegQueryValue ( IN HANDLE  KeyHandle,
IN LPWSTR  ValueName,
OUT PULONG Type  OPTIONAL,
OUT LPVOID Data  OPTIONAL,
IN OUT PULONG DataLength  OPTIONAL 
)

Definition at line 331 of file registry.c.

336{
341
343 ValueName);
344
345 if (DataLength != NULL)
347
349
350 /* Allocate memory for the value */
351 ValueInfo = RtlAllocateHeap(RtlGetProcessHeap(), 0, BufferLength);
352 if (ValueInfo == NULL)
353 return STATUS_NO_MEMORY;
354
355 /* Query the value */
356 Status = ZwQueryValueKey(KeyHandle,
357 &Name,
359 ValueInfo,
361 &BufferLength);
363 {
364 if (Type != NULL)
365 *Type = ValueInfo->Type;
366
367 if (DataLength != NULL)
368 *DataLength = ValueInfo->DataLength;
369 }
370
371 /* Check if the caller wanted data back, and we got it */
372 if ((NT_SUCCESS(Status)) && (Data != NULL))
373 {
374 /* Copy it */
376 ValueInfo->Data,
377 ValueInfo->DataLength);
378
379 /* if the type is REG_SZ and data is not 0-terminated
380 * and there is enough space in the buffer NT appends a \0 */
381 if (IsStringType(ValueInfo->Type) &&
382 ValueInfo->DataLength <= *DataLength - sizeof(WCHAR))
383 {
384 WCHAR *ptr = (WCHAR *)((ULONG_PTR)Data + ValueInfo->DataLength);
385 if ((ptr > (WCHAR *)Data) && ptr[-1])
386 *ptr = UNICODE_NULL;
387 }
388 }
389
390 /* Free the memory and return status */
391 RtlFreeHeap(RtlGetProcessHeap(), 0, ValueInfo);
392
393 if ((Data == NULL) && (Status == STATUS_BUFFER_OVERFLOW))
395
396 return Status;
397}
@ KeyValuePartialInformation
Definition: nt_native.h:1182

Referenced by LsarEnumerateAccounts(), and LsarEnumerateAccountsWithUserRight().

◆ LsapRegSetValue()

NTSTATUS LsapRegSetValue ( IN HANDLE  KeyHandle,
IN LPWSTR  ValueName,
IN ULONG  Type,
IN LPVOID  Data,
IN ULONG  DataLength 
)

◆ LsapRmCreateLogonSession()

NTSTATUS LsapRmCreateLogonSession ( PLUID  LogonId)

Definition at line 245 of file srm.c.

247{
248 SEP_RM_API_MESSAGE RequestMessage;
251
252 TRACE("LsapRmCreateLogonSession(%p)\n", LogonId);
253
254 RequestMessage.Header.u2.ZeroInit = 0;
255 RequestMessage.Header.u1.s1.TotalLength =
256 (CSHORT)(sizeof(PORT_MESSAGE) + sizeof(ULONG) + sizeof(LUID));
257 RequestMessage.Header.u1.s1.DataLength =
258 RequestMessage.Header.u1.s1.TotalLength -
259 (CSHORT)sizeof(PORT_MESSAGE);
260
261 RequestMessage.ApiNumber = (ULONG)RmCreateLogonSession;
262 RtlCopyLuid(&RequestMessage.u.LogonLuid, LogonId);
263
264 ReplyMessage.Header.u2.ZeroInit = 0;
265 ReplyMessage.Header.u1.s1.TotalLength =
266 (CSHORT)(sizeof(PORT_MESSAGE) + sizeof(ULONG) + sizeof(NTSTATUS));
267 ReplyMessage.Header.u1.s1.DataLength =
268 ReplyMessage.Header.u1.s1.TotalLength -
269 (CSHORT)sizeof(PORT_MESSAGE);
270
271 ReplyMessage.u.ResultStatus = STATUS_SUCCESS;
272
274 (PPORT_MESSAGE)&RequestMessage,
276 if (NT_SUCCESS(Status))
277 {
278 Status = ReplyMessage.u.ResultStatus;
279 }
280
281 return Status;
282}
HANDLE SeRmCommandPort
Definition: srm.c:18
NTSTATUS NTAPI NtRequestWaitReplyPort(IN HANDLE PortHandle, IN PPORT_MESSAGE LpcRequest, IN OUT PPORT_MESSAGE LpcReply)
Definition: send.c:696
@ RmCreateLogonSession
Definition: srmp.h:7
union _SEP_RM_API_MESSAGE::@3481 u
LUID LogonLuid
Definition: srmp.h:24
ULONG ApiNumber
Definition: srmp.h:14
PORT_MESSAGE Header
Definition: srmp.h:13
short CSHORT
Definition: umtypes.h:127
BOOL WINAPI ReplyMessage(_In_ LRESULT)

Referenced by LsapCreateLogonSession().

◆ LsapRmDeleteLogonSession()

NTSTATUS LsapRmDeleteLogonSession ( PLUID  LogonId)

Definition at line 285 of file srm.c.

287{
288 SEP_RM_API_MESSAGE RequestMessage;
291
292 TRACE("LsapRmDeleteLogonSession(%p)\n", LogonId);
293
294 RequestMessage.Header.u2.ZeroInit = 0;
295 RequestMessage.Header.u1.s1.TotalLength =
296 (CSHORT)(sizeof(PORT_MESSAGE) + sizeof(ULONG) + sizeof(LUID));
297 RequestMessage.Header.u1.s1.DataLength =
298 RequestMessage.Header.u1.s1.TotalLength -
299 (CSHORT)sizeof(PORT_MESSAGE);
300
301 RequestMessage.ApiNumber = (ULONG)RmDeleteLogonSession;
302 RtlCopyLuid(&RequestMessage.u.LogonLuid, LogonId);
303
304 ReplyMessage.Header.u2.ZeroInit = 0;
305 ReplyMessage.Header.u1.s1.TotalLength =
306 (CSHORT)(sizeof(PORT_MESSAGE) + sizeof(ULONG) + sizeof(NTSTATUS));
307 ReplyMessage.Header.u1.s1.DataLength =
308 ReplyMessage.Header.u1.s1.TotalLength -
309 (CSHORT)sizeof(PORT_MESSAGE);
310
311 ReplyMessage.u.ResultStatus = STATUS_SUCCESS;
312
314 (PPORT_MESSAGE)&RequestMessage,
316 if (NT_SUCCESS(Status))
317 {
318 Status = ReplyMessage.u.ResultStatus;
319 }
320
321 return Status;
322}
@ RmDeleteLogonSession
Definition: srmp.h:8

Referenced by LsapDeleteLogonSession().

◆ LsapRmInitializeServer()

NTSTATUS LsapRmInitializeServer ( VOID  )

Definition at line 167 of file srm.c.

168{
171 SECURITY_QUALITY_OF_SERVICE SecurityQos;
172 HANDLE InitEvent;
173 HANDLE ThreadHandle;
174 DWORD ThreadId;
176
177 /* Create the LSA command port */
178 RtlInitUnicodeString(&Name, L"\\SeLsaCommandPort");
182 0,
184 2 * PAGE_SIZE);
185 if (!NT_SUCCESS(Status))
186 {
187 ERR("LsapRmInitializeServer - Port Create failed 0x%lx\n", Status);
188 return Status;
189 }
190
191 /* Open the LSA init event */
192 RtlInitUnicodeString(&Name, L"\\SeLsaInitEvent");
194 Status = NtOpenEvent(&InitEvent, 2, &ObjectAttributes);
195 if (!NT_SUCCESS(Status))
196 {
197 ERR("LsapRmInitializeServer - Lsa Init Event Open failed 0x%lx\n", Status);
198 return Status;
199 }
200
201 /* Signal the kernel, that we are ready */
202 Status = NtSetEvent(InitEvent, 0);
203 if (!NT_SUCCESS(Status))
204 {
205 ERR("LsapRmInitializeServer - Set Init Event failed 0x%lx\n", Status);
206 return Status;
207 }
208
209 /* Setup the QoS structure */
212 SecurityQos.EffectiveOnly = TRUE;
213
214 /* Connect to the kernel server */
215 RtlInitUnicodeString(&Name, L"\\SeRmCommandPort");
217 &Name,
218 &SecurityQos,
219 NULL,
220 NULL,
221 NULL,
222 NULL,
223 NULL);
224 if (!NT_SUCCESS(Status))
225 {
226 ERR("LsapRmInitializeServer - Connect to Rm Command Port failed 0x%lx\n", Status);
227 return Status;
228 }
229
230 /* Create the server thread */
231 ThreadHandle = CreateThread(NULL, 0, LsapRmServerThread, NULL, 0, &ThreadId);
232 if (ThreadHandle == NULL)
233 {
234 ERR("LsapRmInitializeServer - Create Thread failed 0x%lx\n", Status);
236 }
237
238 /* Close the server thread handle */
239 CloseHandle(ThreadHandle);
240
241 return STATUS_SUCCESS;
242}
#define CloseHandle
Definition: compat.h:739
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
Definition: thread.c:137
static DWORD WINAPI LsapRmServerThread(PVOID StartContext)
Definition: srm.c:49
HANDLE SeLsaCommandPort
Definition: srm.c:17
#define PAGE_SIZE
Definition: env_spec_w32.h:49
unsigned long DWORD
Definition: ntddk_ex.h:95
@ SecurityIdentification
Definition: lsa.idl:56
NTSTATUS NTAPI NtOpenEvent(OUT PHANDLE EventHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: event.c:181
NTSTATUS NTAPI NtConnectPort(OUT PHANDLE PortHandle, IN PUNICODE_STRING PortName, IN PSECURITY_QUALITY_OF_SERVICE SecurityQos, IN OUT PPORT_VIEW ClientView OPTIONAL, IN OUT PREMOTE_PORT_VIEW ServerView OPTIONAL, OUT PULONG MaxMessageLength OPTIONAL, IN OUT PVOID ConnectionInformation OPTIONAL, IN OUT PULONG ConnectionInformationLength OPTIONAL)
Definition: connect.c:777
NTSTATUS NTAPI NtCreatePort(OUT PHANDLE PortHandle, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG MaxConnectInfoLength, IN ULONG MaxDataLength, IN ULONG MaxPoolUsage)
Definition: create.c:222
#define PORT_MAXIMUM_MESSAGE_LENGTH
Definition: iotypes.h:2029

Referenced by LsapInitLsa().

◆ LsapSetLogonSessionData()

NTSTATUS LsapSetLogonSessionData ( _In_ PLUID  LogonId,
_In_ ULONG  LogonType,
_In_ PUNICODE_STRING  UserName,
_In_ PUNICODE_STRING  LogonDomain,
_In_ PSID  Sid 
)

Definition at line 67 of file session.c.

73{
75 PLSAP_LOGON_SESSION Session;
77
78 TRACE("LsapSetLogonSessionData(%p)\n", LogonId);
79
81 if (Session == NULL)
83
84 TRACE("LogonType %lu\n", LogonType);
85 Session->LogonType = LogonType;
86
87 Status = RtlValidateUnicodeString(0, UserName);
88 if (!NT_SUCCESS(Status))
90
91 /* UserName is mandatory and cannot be an empty string */
92 TRACE("UserName %wZ\n", UserName);
93 Session->UserName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
95 UserName->MaximumLength);
96 if (Session->UserName.Buffer == NULL)
98
99 Session->UserName.Length = UserName->Length;
100 Session->UserName.MaximumLength = UserName->MaximumLength;
101 RtlCopyMemory(Session->UserName.Buffer, UserName->Buffer, UserName->MaximumLength);
102
103 Status = RtlValidateUnicodeString(0, LogonDomain);
104 if (!NT_SUCCESS(Status))
105 {
106 /* Cleanup and fail */
107 if (Session->UserName.Buffer != NULL)
108 RtlFreeHeap(RtlGetProcessHeap(), 0, Session->UserName.Buffer);
109
111 }
112
113 /* LogonDomain is optional and can be an empty string */
114 TRACE("LogonDomain %wZ\n", LogonDomain);
115 if (LogonDomain->Length)
116 {
117 Session->LogonDomain.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
119 LogonDomain->MaximumLength);
120 if (Session->LogonDomain.Buffer == NULL)
121 {
122 /* Cleanup and fail */
123 if (Session->UserName.Buffer != NULL)
124 RtlFreeHeap(RtlGetProcessHeap(), 0, Session->UserName.Buffer);
125
127 }
128
129 Session->LogonDomain.Length = LogonDomain->Length;
130 Session->LogonDomain.MaximumLength = LogonDomain->MaximumLength;
131 RtlCopyMemory(Session->LogonDomain.Buffer, LogonDomain->Buffer, LogonDomain->MaximumLength);
132 }
133 else
134 {
135 RtlInitEmptyUnicodeString(&Session->LogonDomain, NULL, 0);
136 }
137
139 Session->Sid = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
140 if (Session->Sid == NULL)
141 {
142 /* Cleanup and fail */
143 if (Session->LogonDomain.Buffer != NULL)
144 RtlFreeHeap(RtlGetProcessHeap(), 0, Session->LogonDomain.Buffer);
145 if (Session->UserName.Buffer != NULL)
146 RtlFreeHeap(RtlGetProcessHeap(), 0, Session->UserName.Buffer);
147
149 }
150
151 RtlCopyMemory(Session->Sid, Sid, Length);
152
153 return STATUS_SUCCESS;
154}
NTSYSAPI NTSTATUS NTAPI RtlValidateUnicodeString(_In_ ULONG Flags, _In_ PCUNICODE_STRING String)
Definition: unicode.c:2605

Referenced by LsapLogonUser().

◆ LsapSetObjectAttribute()

NTSTATUS LsapSetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
ULONG  AttributeSize 
)

Definition at line 961 of file database.c.

965{
968 HANDLE AttributeKey;
970
972 AttributeName);
973
975 &KeyName,
977 DbObject->KeyHandle,
978 NULL);
979
980 Status = NtCreateKey(&AttributeKey,
983 0,
984 NULL,
986 NULL);
987 if (!NT_SUCCESS(Status))
988 {
989 ERR("NtCreateKey failed for '%S' with status 0x%lx\n",
990 AttributeName, Status);
991 return Status;
992 }
993
994 Status = RtlpNtSetValueKey(AttributeKey,
995 REG_NONE,
997 AttributeSize);
998
999 NtClose(AttributeKey);
1000
1001 if (!NT_SUCCESS(Status))
1002 {
1003 ERR("RtlpNtSetValueKey failed for '%S' with status 0x%lx\n",
1004 AttributeName, Status);
1005 }
1006
1007 return Status;
1008}
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057
#define KEY_SET_VALUE
Definition: nt_native.h:1017
NTSTATUS NTAPI RtlpNtSetValueKey(IN HANDLE KeyHandle, IN ULONG Type, IN PVOID Data, IN ULONG DataLength)
Definition: registry.c:988

Referenced by LsapCreateDatabaseObjects(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarCreateSecret(), LsarpCreateAccount(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarSetAccountDomain(), LsarSetAuditEvents(), LsarSetAuditFull(), LsarSetAuditLog(), LsarSetDefaultQuota(), LsarSetModification(), LsarSetPrimaryDomain(), LsarSetQuotasForAccount(), LsarSetSecret(), LsarSetSecurityObject(), LsarSetServerRole(), LsarSetSystemAccessAccount(), and LsarStorePrivateData().

◆ LsapTerminateLogon()

VOID LsapTerminateLogon ( _In_ PLUID  LogonId)

Definition at line 545 of file authpackage.c.

547{
548 PLIST_ENTRY ListEntry;
549 PAUTH_PACKAGE Package;
550
551 ListEntry = PackageListHead.Flink;
552 while (ListEntry != &PackageListHead)
553 {
554 Package = CONTAINING_RECORD(ListEntry, AUTH_PACKAGE, Entry);
555
557
558 ListEntry = ListEntry->Flink;
559 }
560}

Referenced by LsapDeleteLogonSession().

◆ LsapValidateDbObject()

NTSTATUS LsapValidateDbObject ( IN LSAPR_HANDLE  Handle,
IN LSA_DB_OBJECT_TYPE  HandleType,
IN ACCESS_MASK  GrantedAccess,
OUT PLSA_DB_OBJECT DbObject 
)

◆ LsarpEnumeratePrivileges()

NTSTATUS LsarpEnumeratePrivileges ( DWORD EnumerationContext,
PLSAPR_PRIVILEGE_ENUM_BUFFER  EnumerationBuffer,
DWORD  PreferedMaximumLength 
)

Definition at line 246 of file privileges.c.

249{
251 ULONG EnumIndex;
252 ULONG EnumCount = 0;
254 ULONG i;
255 BOOLEAN MoreEntries = FALSE;
257
258 EnumIndex = *EnumerationContext;
259
260 for (; EnumIndex < ARRAYSIZE(WellKnownPrivileges); EnumIndex++)
261 {
262 TRACE("EnumIndex: %lu\n", EnumIndex);
263 TRACE("Privilege Name: %S\n", WellKnownPrivileges[EnumIndex].Name);
264 TRACE("Name Length: %lu\n", wcslen(WellKnownPrivileges[EnumIndex].Name));
265
266 if ((RequiredLength +
267 wcslen(WellKnownPrivileges[EnumIndex].Name) * sizeof(WCHAR) +
268 sizeof(UNICODE_NULL) +
269 sizeof(LSAPR_POLICY_PRIVILEGE_DEF)) > PreferedMaximumLength)
270 {
271 MoreEntries = TRUE;
272 break;
273 }
274
275 RequiredLength += (wcslen(WellKnownPrivileges[EnumIndex].Name) * sizeof(WCHAR) +
276 sizeof(UNICODE_NULL) + sizeof(LSAPR_POLICY_PRIVILEGE_DEF));
277 EnumCount++;
278 }
279
280 TRACE("EnumCount: %lu\n", EnumCount);
281 TRACE("RequiredLength: %lu\n", RequiredLength);
282
283 if (EnumCount == 0)
284 goto done;
285
287 if (Privileges == NULL)
288 {
290 goto done;
291 }
292
293 EnumIndex = *EnumerationContext;
294
295 for (i = 0; i < EnumCount; i++, EnumIndex++)
296 {
297 Privileges[i].LocalValue = WellKnownPrivileges[EnumIndex].Luid;
298
299 Privileges[i].Name.Length = (USHORT)wcslen(WellKnownPrivileges[EnumIndex].Name) * sizeof(WCHAR);
300 Privileges[i].Name.MaximumLength = (USHORT)Privileges[i].Name.Length + sizeof(UNICODE_NULL);
301
302 Privileges[i].Name.Buffer = MIDL_user_allocate(Privileges[i].Name.MaximumLength);
303 if (Privileges[i].Name.Buffer == NULL)
304 {
306 goto done;
307 }
308
309 memcpy(Privileges[i].Name.Buffer,
310 WellKnownPrivileges[EnumIndex].Name,
311 Privileges[i].Name.Length);
312 }
313
314done:
315 if (NT_SUCCESS(Status))
316 {
317 EnumerationBuffer->Entries = EnumCount;
318 EnumerationBuffer->Privileges = Privileges;
319 *EnumerationContext += EnumCount;
320 }
321 else
322 {
323 if (Privileges != NULL)
324 {
325 for (i = 0; i < EnumCount; i++)
326 {
327 if (Privileges[i].Name.Buffer != NULL)
329 }
330
332 }
333 }
334
335 if ((Status == STATUS_SUCCESS) && (MoreEntries != FALSE))
337
338 return Status;
339}
unsigned char BOOLEAN
struct _LSAPR_POLICY_PRIVILEGE_DEF LSAPR_POLICY_PRIVILEGE_DEF
static const PRIVILEGE_DATA WellKnownPrivileges[]
Definition: privileges.c:29
LPCWSTR Name
Definition: privileges.c:16
PLSAPR_POLICY_PRIVILEGE_DEF Privileges
Definition: lsa.idl:88
#define STATUS_MORE_ENTRIES
Definition: udferr_usr.h:124
_In_ ULONG _Out_opt_ PULONG RequiredLength
Definition: wmifuncs.h:30
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17

Referenced by LsarEnumeratePrivileges().

◆ LsarpLookupPrivilegeDisplayName()

NTSTATUS LsarpLookupPrivilegeDisplayName ( PRPC_UNICODE_STRING  Name,
USHORT  ClientLanguage,
USHORT  ClientSystemDefaultLanguage,
PRPC_UNICODE_STRING DisplayName,
USHORT LanguageReturned 
)

Definition at line 125 of file privileges.c.

130{
131 PRPC_UNICODE_STRING DisplayNameBuffer;
133 ULONG Index;
135
136 TRACE("LsarpLookupPrivilegeDisplayName(%p 0x%04hu 0x%04hu %p %p)\n",
137 Name, ClientLanguage, ClientSystemDefaultLanguage, DisplayName, LanguageReturned);
138
139 if (Name->Length == 0 || Name->Buffer == NULL)
141
142 hInstance = GetModuleHandleW(L"lsasrv.dll");
143
145 {
146 if (_wcsicmp(Name->Buffer, WellKnownPrivileges[Index].Name) == 0)
147 {
148 TRACE("Index: %u\n", Index);
151 ClientLanguage);
152 if (nLength != 0)
153 {
154 DisplayNameBuffer = MIDL_user_allocate(sizeof(RPC_UNICODE_STRING));
155 if (DisplayNameBuffer == NULL)
156 return STATUS_NO_MEMORY;
157
158 DisplayNameBuffer->Length = nLength * sizeof(WCHAR);
159 DisplayNameBuffer->MaximumLength = DisplayNameBuffer->Length + sizeof(WCHAR);
160
161 DisplayNameBuffer->Buffer = MIDL_user_allocate(DisplayNameBuffer->MaximumLength);
162 if (DisplayNameBuffer->Buffer == NULL)
163 {
164 MIDL_user_free(DisplayNameBuffer);
165 return STATUS_NO_MEMORY;
166 }
167
170 ClientLanguage,
171 DisplayNameBuffer->Buffer,
172 nLength);
173
174 *DisplayName = DisplayNameBuffer;
175 *LanguageReturned = ClientLanguage;
176 }
177 else
178 {
181 ClientSystemDefaultLanguage);
182 if (nLength != 0)
183 {
184 DisplayNameBuffer = MIDL_user_allocate(sizeof(RPC_UNICODE_STRING));
185 if (DisplayNameBuffer == NULL)
186 return STATUS_NO_MEMORY;
187
188 DisplayNameBuffer->Length = nLength * sizeof(WCHAR);
189 DisplayNameBuffer->MaximumLength = DisplayNameBuffer->Length + sizeof(WCHAR);
190
191 DisplayNameBuffer->Buffer = MIDL_user_allocate(DisplayNameBuffer->MaximumLength);
192 if (DisplayNameBuffer->Buffer == NULL)
193 {
194 MIDL_user_free(DisplayNameBuffer);
195 return STATUS_NO_MEMORY;
196 }
197
200 ClientSystemDefaultLanguage,
201 DisplayNameBuffer->Buffer,
202 nLength);
203
204 *DisplayName = DisplayNameBuffer;
205 *LanguageReturned = ClientSystemDefaultLanguage;
206 }
207 else
208 {
210#if 0
213 0x409);
214#endif
215 }
216 }
217
218 return STATUS_SUCCESS;
219 }
220 }
221
223}
INT LsapLoadStringEx(_In_ HINSTANCE hInstance, _In_ UINT uId, _In_ USHORT usLanguage, _Out_ LPWSTR lpBuffer, _Out_ INT nBufferMax)
Definition: utils.c:99
INT LsapGetResourceStringLengthEx(_In_ HINSTANCE hInstance, _In_ UINT uId, _In_ USHORT usLanguage)
Definition: utils.c:64
#define IDS_CREATE_TOKEN_PRIVILEGE
Definition: resources.h:53
_In_ DWORD nLength
Definition: wincon.h:473

Referenced by LsarLookupPrivilegeDisplayName().

◆ LsarpLookupPrivilegeName()

NTSTATUS LsarpLookupPrivilegeName ( PLUID  Value,
PRPC_UNICODE_STRING Name 
)

Definition at line 80 of file privileges.c.

82{
83 PRPC_UNICODE_STRING NameBuffer;
84 ULONG Priv;
85
86 if (Value->HighPart != 0 ||
89 {
91 }
92
93 for (Priv = 0; Priv < ARRAYSIZE(WellKnownPrivileges); Priv++)
94 {
95 if (Value->LowPart == WellKnownPrivileges[Priv].Luid.LowPart &&
96 Value->HighPart == WellKnownPrivileges[Priv].Luid.HighPart)
97 {
98 NameBuffer = MIDL_user_allocate(sizeof(RPC_UNICODE_STRING));
99 if (NameBuffer == NULL)
100 return STATUS_NO_MEMORY;
101
102 NameBuffer->Length = (USHORT)wcslen(WellKnownPrivileges[Priv].Name) * sizeof(WCHAR);
103 NameBuffer->MaximumLength = NameBuffer->Length + sizeof(WCHAR);
104
105 NameBuffer->Buffer = MIDL_user_allocate(NameBuffer->MaximumLength);
106 if (NameBuffer->Buffer == NULL)
107 {
108 MIDL_user_free(NameBuffer);
109 return STATUS_NO_MEMORY;
110 }
111
112 wcscpy(NameBuffer->Buffer, WellKnownPrivileges[Priv].Name);
113
114 *Name = NameBuffer;
115
116 return STATUS_SUCCESS;
117 }
118 }
119
121}
#define SE_MIN_WELL_KNOWN_PRIVILEGE
Definition: security.c:655
#define SE_MAX_WELL_KNOWN_PRIVILEGE
Definition: security.c:685
LONG HighPart
DWORD LowPart
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING _Out_opt_ PUSHORT _Inout_opt_ PUNICODE_STRING Value
Definition: wdfregistry.h:413

Referenced by LsarLookupPrivilegeName().

◆ LsarpLookupPrivilegeValue()

PLUID LsarpLookupPrivilegeValue ( IN PRPC_UNICODE_STRING  Name)

Definition at line 227 of file privileges.c.

229{
230 ULONG Priv;
231
232 if (Name->Length == 0 || Name->Buffer == NULL)
233 return NULL;
234
235 for (Priv = 0; Priv < ARRAYSIZE(WellKnownPrivileges); Priv++)
236 {
237 if (_wcsicmp(Name->Buffer, WellKnownPrivileges[Priv].Name) == 0)
238 return (PLUID)&(WellKnownPrivileges[Priv].Luid);
239 }
240
241 return NULL;
242}

Referenced by LsarAddAccountRights(), LsarEnumerateAccountsWithUserRight(), LsarLookupPrivilegeValue(), and LsarRemoveAccountRights().

◆ LsarQueryAccountDomain()

NTSTATUS LsarQueryAccountDomain ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 289 of file policy.c.

291{
293 PUNICODE_STRING DomainName;
294 ULONG AttributeSize = 0;
296
297 *PolicyInformation = NULL;
298
300 if (p == NULL)
302
303 /* Domain Name */
304 Status = LsapGetObjectAttribute(PolicyObject,
305 L"PolAcDmN",
306 NULL,
307 &AttributeSize);
308 if (!NT_SUCCESS(Status))
309 {
310 goto Done;
311 }
312
313 if (AttributeSize > 0)
314 {
315 DomainName = MIDL_user_allocate(AttributeSize);
316 if (DomainName == NULL)
317 {
319 goto Done;
320 }
321
322 Status = LsapGetObjectAttribute(PolicyObject,
323 L"PolAcDmN",
324 DomainName,
325 &AttributeSize);
326 if (Status == STATUS_SUCCESS)
327 {
328 DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
329
330 TRACE("AccountDomainName: %wZ\n", DomainName);
331
332 p->DomainName.Buffer = MIDL_user_allocate(DomainName->MaximumLength);
333 if (p->DomainName.Buffer == NULL)
334 {
335 MIDL_user_free(DomainName);
337 goto Done;
338 }
339
340 p->DomainName.Length = DomainName->Length;
341 p->DomainName.MaximumLength = DomainName->MaximumLength;
342 memcpy(p->DomainName.Buffer,
343 DomainName->Buffer,
344 DomainName->MaximumLength);
345 }
346
347 MIDL_user_free(DomainName);
348 }
349
350 /* Domain SID */
351 AttributeSize = 0;
352 Status = LsapGetObjectAttribute(PolicyObject,
353 L"PolAcDmS",
354 NULL,
355 &AttributeSize);
356 if (!NT_SUCCESS(Status))
357 {
358 goto Done;
359 }
360
361 if (AttributeSize > 0)
362 {
363 p->Sid = MIDL_user_allocate(AttributeSize);
364 if (p->Sid == NULL)
365 {
367 goto Done;
368 }
369
370 Status = LsapGetObjectAttribute(PolicyObject,
371 L"PolAcDmS",
372 p->Sid,
373 &AttributeSize);
374 }
375
376 *PolicyInformation = (PLSAPR_POLICY_INFORMATION)p;
377
378Done:
379 if (!NT_SUCCESS(Status))
380 {
381 if (p)
382 {
383 if (p->DomainName.Buffer)
384 MIDL_user_free(p->DomainName.Buffer);
385
386 if (p->Sid)
387 MIDL_user_free(p->Sid);
388
390 }
391 }
392
393 return Status;
394}
NTSTATUS LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
Definition: database.c:1012
union _LSAPR_POLICY_INFORMATION * PLSAPR_POLICY_INFORMATION

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryAuditEvents()

NTSTATUS LsarQueryAuditEvents ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 70 of file policy.c.

72{
75 ULONG AttributeSize;
77
78 *PolicyInformation = NULL;
79
80 AttributeSize = 0;
81 Status = LsapGetObjectAttribute(PolicyObject,
82 L"PolAdtEv",
83 NULL,
84 &AttributeSize);
85 if (!NT_SUCCESS(Status))
86 return Status;
87
88 TRACE("Attribute size: %lu\n", AttributeSize);
89 if (AttributeSize > 0)
90 {
91 AuditData = MIDL_user_allocate(AttributeSize);
92 if (AuditData == NULL)
94
95 Status = LsapGetObjectAttribute(PolicyObject,
96 L"PolAdtEv",
97 AuditData,
98 &AttributeSize);
99 if (!NT_SUCCESS(Status))
100 goto done;
101 }
102
104 if (p == NULL)
105 {
107 goto done;
108 }
109
110 if (AuditData == NULL)
111 {
112 p->AuditingMode = FALSE;
113 p->MaximumAuditEventCount = 0;
114 p->EventAuditingOptions = NULL;
115 }
116 else
117 {
118 p->AuditingMode = AuditData->AuditingMode;
119 p->MaximumAuditEventCount = AuditData->MaximumAuditEventCount;
120
121 p->EventAuditingOptions = MIDL_user_allocate(AuditData->MaximumAuditEventCount * sizeof(DWORD));
122 if (p->EventAuditingOptions == NULL)
123 {
125 goto done;
126 }
127
128 memcpy(p->EventAuditingOptions,
129 &(AuditData->AuditEvents[0]),
130 AuditData->MaximumAuditEventCount * sizeof(DWORD));
131 }
132
133 *PolicyInformation = (PLSAPR_POLICY_INFORMATION)p;
134
135done:
136 TRACE("Status: 0x%lx\n", Status);
137
138 if (!NT_SUCCESS(Status))
139 {
140 if (p != NULL)
141 {
142 if (p->EventAuditingOptions != NULL)
143 MIDL_user_free(p->EventAuditingOptions);
144
146 }
147 }
148
149 if (AuditData != NULL)
150 MIDL_user_free(AuditData);
151
152 return Status;
153}
DWORD AuditEvents[POLICY_AUDIT_EVENT_TYPE_COUNT]
Definition: lsasrv.h:73

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryAuditFull()

NTSTATUS LsarQueryAuditFull ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 510 of file policy.c.

512{
513 PPOLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = NULL;
514 ULONG AttributeSize;
516
517 *PolicyInformation = NULL;
518
519 AttributeSize = sizeof(POLICY_AUDIT_FULL_QUERY_INFO);
520 AuditFullInfo = MIDL_user_allocate(AttributeSize);
521 if (AuditFullInfo == NULL)
523
524 Status = LsapGetObjectAttribute(PolicyObject,
525 L"PolAdtFl",
526 AuditFullInfo,
527 &AttributeSize);
528 if (!NT_SUCCESS(Status))
529 {
530 MIDL_user_free(AuditFullInfo);
531 }
532 else
533 {
534 *PolicyInformation = (PLSAPR_POLICY_INFORMATION)AuditFullInfo;
535 }
536
537 return Status;
538}
struct _POLICY_AUDIT_FULL_QUERY_INFO POLICY_AUDIT_FULL_QUERY_INFO

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryAuditLog()

NTSTATUS LsarQueryAuditLog ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 38 of file policy.c.

40{
41 PPOLICY_AUDIT_LOG_INFO AuditLogInfo = NULL;
42 ULONG AttributeSize;
44
45 *PolicyInformation = NULL;
46
47 AttributeSize = sizeof(POLICY_AUDIT_LOG_INFO);
48 AuditLogInfo = MIDL_user_allocate(AttributeSize);
49 if (AuditLogInfo == NULL)
51
52 Status = LsapGetObjectAttribute(PolicyObject,
53 L"PolAdtLg",
54 AuditLogInfo,
55 &AttributeSize);
56 if (!NT_SUCCESS(Status))
57 {
58 MIDL_user_free(AuditLogInfo);
59 }
60 else
61 {
62 *PolicyInformation = (PLSAPR_POLICY_INFORMATION)AuditLogInfo;
63 }
64
65 return Status;
66}
struct _POLICY_AUDIT_LOG_INFO POLICY_AUDIT_LOG_INFO

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryDefaultQuota()

NTSTATUS LsarQueryDefaultQuota ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 446 of file policy.c.

448{
450 ULONG AttributeSize;
452
453 *PolicyInformation = NULL;
454
455 AttributeSize = sizeof(POLICY_DEFAULT_QUOTA_INFO);
456 QuotaInfo = MIDL_user_allocate(AttributeSize);
457 if (QuotaInfo == NULL)
459
460 Status = LsapGetObjectAttribute(PolicyObject,
461 L"DefQuota",
462 QuotaInfo,
463 &AttributeSize);
464 if (!NT_SUCCESS(Status))
465 {
466 MIDL_user_free(QuotaInfo);
467 }
468 else
469 {
470 *PolicyInformation = (PLSAPR_POLICY_INFORMATION)QuotaInfo;
471 }
472
473 return Status;
474}
struct _POLICY_DEFAULT_QUOTA_INFO POLICY_DEFAULT_QUOTA_INFO

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryDnsDomain()

NTSTATUS LsarQueryDnsDomain ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 542 of file policy.c.

544{
546 PUNICODE_STRING DomainName;
547 ULONG AttributeSize;
549
550 *PolicyInformation = NULL;
551
553 if (p == NULL)
555
556 /* Primary Domain Name */
557 AttributeSize = 0;
558 Status = LsapGetObjectAttribute(PolicyObject,
559 L"PolPrDmN",
560 NULL,
561 &AttributeSize);
562 if (!NT_SUCCESS(Status))
563 {
564 goto done;
565 }
566
567 if (AttributeSize > 0)
568 {
569 DomainName = MIDL_user_allocate(AttributeSize);
570 if (DomainName == NULL)
571 {
573 goto done;
574 }
575
576 Status = LsapGetObjectAttribute(PolicyObject,
577 L"PolPrDmN",
578 DomainName,
579 &AttributeSize);
580 if (Status == STATUS_SUCCESS)
581 {
582 DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
583
584 TRACE("PrimaryDomainName: %wZ\n", DomainName);
585
586 p->Name.Buffer = MIDL_user_allocate(DomainName->MaximumLength);
587 if (p->Name.Buffer == NULL)
588 {
589 MIDL_user_free(DomainName);
591 goto done;
592 }
593
594 p->Name.Length = DomainName->Length;
595 p->Name.MaximumLength = DomainName->MaximumLength;
596 memcpy(p->Name.Buffer,
597 DomainName->Buffer,
598 DomainName->MaximumLength);
599 }
600
601 MIDL_user_free(DomainName);
602 }
603
604 /* Primary Domain SID */
605 AttributeSize = 0;
606 Status = LsapGetObjectAttribute(PolicyObject,
607 L"PolPrDmS",
608 NULL,
609 &AttributeSize);
610 if (!NT_SUCCESS(Status))
611 {
612 goto done;
613 }
614
615 if (AttributeSize > 0)
616 {
617 p->Sid = MIDL_user_allocate(AttributeSize);
618 if (p->Sid == NULL)
619 {
621 goto done;
622 }
623
624 Status = LsapGetObjectAttribute(PolicyObject,
625 L"PolPrDmS",
626 p->Sid,
627 &AttributeSize);
628 }
629
630 /* DNS Domain Name */
631 AttributeSize = 0;
632 Status = LsapGetObjectAttribute(PolicyObject,
633 L"PolDnDDN",
634 NULL,
635 &AttributeSize);
636 if (!NT_SUCCESS(Status))
637 goto done;
638
639 if (AttributeSize > 0)
640 {
641 DomainName = MIDL_user_allocate(AttributeSize);
642 if (DomainName == NULL)
643 {
645 goto done;
646 }
647
648 Status = LsapGetObjectAttribute(PolicyObject,
649 L"PolDnDDN",
650 DomainName,
651 &AttributeSize);
652 if (Status == STATUS_SUCCESS)
653 {
654 DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
655
656 TRACE("DNS Domain Name: %wZ\n", DomainName);
657
658 p->DnsDomainName.Buffer = MIDL_user_allocate(DomainName->MaximumLength);
659 if (p->DnsDomainName.Buffer == NULL)
660 {
661 MIDL_user_free(DomainName);
663 goto done;
664 }
665
666 p->DnsDomainName.Length = DomainName->Length;
667 p->DnsDomainName.MaximumLength = DomainName->MaximumLength;
668 memcpy(p->DnsDomainName.Buffer,
669 DomainName->Buffer,
670 DomainName->MaximumLength);
671 }
672
673 MIDL_user_free(DomainName);
674 }
675
676 /* DNS Forest Name */
677 AttributeSize = 0;
678 Status = LsapGetObjectAttribute(PolicyObject,
679 L"PolDnTrN",
680 NULL,
681 &AttributeSize);
682 if (!NT_SUCCESS(Status))
683 goto done;
684
685 if (AttributeSize > 0)
686 {
687 DomainName = MIDL_user_allocate(AttributeSize);
688 if (DomainName == NULL)
689 {
691 goto done;
692 }
693
694 Status = LsapGetObjectAttribute(PolicyObject,
695 L"PolDnTrN",
696 DomainName,
697 &AttributeSize);
698 if (Status == STATUS_SUCCESS)
699 {
700 DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
701
702 TRACE("DNS Forest Name: %wZ\n", DomainName);
703
704 p->DnsForestName.Buffer = MIDL_user_allocate(DomainName->MaximumLength);
705 if (p->DnsForestName.Buffer == NULL)
706 {
707 MIDL_user_free(DomainName);
709 goto done;
710 }
711
712 p->DnsForestName.Length = DomainName->Length;
713 p->DnsForestName.MaximumLength = DomainName->MaximumLength;
714 memcpy(p->DnsForestName.Buffer,
715 DomainName->Buffer,
716 DomainName->MaximumLength);
717 }
718
719 MIDL_user_free(DomainName);
720 }
721
722 /* DNS Domain GUID */
723 AttributeSize = sizeof(GUID);
724 Status = LsapGetObjectAttribute(PolicyObject,
725 L"PolDnDmG",
726 &(p->DomainGuid),
727 &AttributeSize);
728 if (!NT_SUCCESS(Status))
729 goto done;
730
731 *PolicyInformation = (PLSAPR_POLICY_INFORMATION)p;
732
733done:
734 if (!NT_SUCCESS(Status))
735 {
736 if (p)
737 {
738 if (p->Name.Buffer)
739 MIDL_user_free(p->Name.Buffer);
740
741 if (p->DnsDomainName.Buffer)
742 MIDL_user_free(p->DnsDomainName.Buffer);
743
744 if (p->DnsForestName.Buffer)
745 MIDL_user_free(p->DnsForestName.Buffer);
746
747 if (p->Sid)
748 MIDL_user_free(p->Sid);
749
751 }
752 }
753
754 return Status;
755}

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryDnsDomainInt()

NTSTATUS LsarQueryDnsDomainInt ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 759 of file policy.c.

761{
762 FIXME("\n");
763 *PolicyInformation = NULL;
765}

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryLocalAccountDomain()

NTSTATUS LsarQueryLocalAccountDomain ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 769 of file policy.c.

771{
772 FIXME("\n");
773 *PolicyInformation = NULL;
775}

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryModification()

NTSTATUS LsarQueryModification ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 478 of file policy.c.

480{
482 ULONG AttributeSize;
484
485 *PolicyInformation = NULL;
486
487 AttributeSize = sizeof(POLICY_MODIFICATION_INFO);
488 Info = MIDL_user_allocate(AttributeSize);
489 if (Info == NULL)
491
492 Status = LsapGetObjectAttribute(PolicyObject,
493 L"PolMod",
494 Info,
495 &AttributeSize);
496 if (!NT_SUCCESS(Status))
497 {
499 }
500 else
501 {
502 *PolicyInformation = (PLSAPR_POLICY_INFORMATION)Info;
503 }
504
505 return Status;
506}
struct _POLICY_MODIFICATION_INFO POLICY_MODIFICATION_INFO
_Must_inspect_result_ _In_ WDFCHILDLIST _In_ PWDF_CHILD_LIST_ITERATOR _Out_ WDFDEVICE _Inout_opt_ PWDF_CHILD_RETRIEVE_INFO Info
Definition: wdfchildlist.h:690

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryPdAccount()

NTSTATUS LsarQueryPdAccount ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 267 of file policy.c.

269{
270 PLSAPR_POLICY_PD_ACCOUNT_INFO PdAccountInfo = NULL;
271
272 *PolicyInformation = NULL;
273
274 PdAccountInfo = MIDL_user_allocate(sizeof(LSAPR_POLICY_PD_ACCOUNT_INFO));
275 if (PdAccountInfo == NULL)
277
278 PdAccountInfo->Name.Length = 0;
279 PdAccountInfo->Name.MaximumLength = 0;
280 PdAccountInfo->Name.Buffer = NULL;
281
282 *PolicyInformation = (PLSAPR_POLICY_INFORMATION)PdAccountInfo;
283
284 return STATUS_SUCCESS;
285}
RPC_UNICODE_STRING Name
Definition: msv1_0.h:252

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryPrimaryDomain()

NTSTATUS LsarQueryPrimaryDomain ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 157 of file policy.c.

159{
161 PUNICODE_STRING DomainName;
162 ULONG AttributeSize;
164
165 *PolicyInformation = NULL;
166
168 if (p == NULL)
170
171 /* Domain Name */
172 AttributeSize = 0;
173 Status = LsapGetObjectAttribute(PolicyObject,
174 L"PolPrDmN",
175 NULL,
176 &AttributeSize);
177 if (!NT_SUCCESS(Status))
178 {
179 goto Done;
180 }
181
182 if (AttributeSize > 0)
183 {
184 DomainName = MIDL_user_allocate(AttributeSize);
185 if (DomainName == NULL)
186 {
188 goto Done;
189 }
190
191 Status = LsapGetObjectAttribute(PolicyObject,
192 L"PolPrDmN",
193 DomainName,
194 &AttributeSize);
195 if (Status == STATUS_SUCCESS)
196 {
197 DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer);
198
199 TRACE("PrimaryDomainName: %wZ\n", DomainName);
200
201 p->Name.Buffer = MIDL_user_allocate(DomainName->MaximumLength);
202 if (p->Name.Buffer == NULL)
203 {
204 MIDL_user_free(DomainName);
206 goto Done;
207 }
208
209 p->Name.Length = DomainName->Length;
210 p->Name.MaximumLength = DomainName->MaximumLength;
211 memcpy(p->Name.Buffer,
212 DomainName->Buffer,
213 DomainName->MaximumLength);
214 }
215
216 MIDL_user_free(DomainName);
217 }
218
219 /* Domain SID */
220 AttributeSize = 0;
221 Status = LsapGetObjectAttribute(PolicyObject,
222 L"PolPrDmS",
223 NULL,
224 &AttributeSize);
225 if (!NT_SUCCESS(Status))
226 {
227 goto Done;
228 }
229
230 if (AttributeSize > 0)
231 {
232 p->Sid = MIDL_user_allocate(AttributeSize);
233 if (p->Sid == NULL)
234 {
236 goto Done;
237 }
238
239 Status = LsapGetObjectAttribute(PolicyObject,
240 L"PolPrDmS",
241 p->Sid,
242 &AttributeSize);
243 }
244
245 *PolicyInformation = (PLSAPR_POLICY_INFORMATION)p;
246
247Done:
248 if (!NT_SUCCESS(Status))
249 {
250 if (p != NULL)
251 {
252 if (p->Name.Buffer)
253 MIDL_user_free(p->Name.Buffer);
254
255 if (p->Sid)
256 MIDL_user_free(p->Sid);
257
259 }
260 }
261
262 return Status;
263}

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryReplicaSource()

NTSTATUS LsarQueryReplicaSource ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 436 of file policy.c.

438{
439 FIXME("\n");
440 *PolicyInformation = NULL;
442}

Referenced by LsarQueryInformationPolicy().

◆ LsarQueryServerRole()

NTSTATUS LsarQueryServerRole ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_INFORMATION PolicyInformation 
)

Definition at line 398 of file policy.c.

400{
401 PPOLICY_LSA_SERVER_ROLE_INFO ServerRoleInfo = NULL;
402 ULONG AttributeSize;
404
405 *PolicyInformation = NULL;
406
407 AttributeSize = sizeof(POLICY_LSA_SERVER_ROLE_INFO);
408 ServerRoleInfo = MIDL_user_allocate(AttributeSize);
409 if (ServerRoleInfo == NULL)
411
412 Status = LsapGetObjectAttribute(PolicyObject,
413 L"PolSrvRo",
414 ServerRoleInfo,
415 &AttributeSize);
417 {
418 ServerRoleInfo->LsaServerRole = PolicyServerRolePrimary;
420 }
421
422 if (!NT_SUCCESS(Status))
423 {
424 MIDL_user_free(ServerRoleInfo);
425 }
426 else
427 {
428 *PolicyInformation = (PLSAPR_POLICY_INFORMATION)ServerRoleInfo;
429 }
430
431 return Status;
432}
struct _POLICY_LSA_SERVER_ROLE_INFO POLICY_LSA_SERVER_ROLE_INFO
@ PolicyServerRolePrimary
Definition: ntsecapi.h:236
POLICY_LSA_SERVER_ROLE LsaServerRole
Definition: ntsecapi.h:584
#define STATUS_OBJECT_NAME_NOT_FOUND
Definition: udferr_usr.h:149

Referenced by LsarQueryInformationPolicy().

◆ LsarSetAccountDomain()

NTSTATUS LsarSetAccountDomain ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_ACCOUNT_DOM_INFO  Info 
)

Definition at line 876 of file policy.c.

878{
880 ULONG Length = 0;
882 LPWSTR Ptr;
883
884 TRACE("(%p %p)\n", PolicyObject, Info);
885
886 Length = sizeof(UNICODE_STRING) + Info->DomainName.MaximumLength;
887 Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
888 0,
889 Length);
890 if (Buffer == NULL)
892
893 Buffer->Length = Info->DomainName.Length;
894 Buffer->MaximumLength = Info->DomainName.MaximumLength;
895 Buffer->Buffer = (LPWSTR)sizeof(UNICODE_STRING);
896 Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING));
897 memcpy(Ptr, Info->DomainName.Buffer, Info->DomainName.MaximumLength);
898
899 Status = LsapSetObjectAttribute(PolicyObject,
900 L"PolAcDmN",
901 Buffer,
902 Length);
903
904 RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
905
906 if (!NT_SUCCESS(Status))
907 return Status;
908
909 Length = 0;
910 if (Info->Sid != NULL)
911 Length = RtlLengthSid(Info->Sid);
912
913 Status = LsapSetObjectAttribute(PolicyObject,
914 L"PolAcDmS",
915 (LPBYTE)Info->Sid,
916 Length);
917
918 return Status;
919}
NTSTATUS LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
Definition: database.c:961
struct _UNICODE_STRING UNICODE_STRING
unsigned char * LPBYTE
Definition: typedefs.h:53

Referenced by LsarSetInformationPolicy().

◆ LsarSetAuditEvents()

NTSTATUS LsarSetAuditEvents ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_AUDIT_EVENTS_INFO  Info 
)

Definition at line 792 of file policy.c.

794{
796 ULONG AttributeSize;
798
799 TRACE("(%p %p)\n", PolicyObject, Info);
800
801 AttributeSize = sizeof(LSAP_POLICY_AUDIT_EVENTS_DATA) +
802 Info->MaximumAuditEventCount * sizeof(DWORD);
803
804 AuditData = RtlAllocateHeap(RtlGetProcessHeap(),
806 AttributeSize);
807 if (AuditData == NULL)
809
810 AuditData->AuditingMode = Info->AuditingMode;
811 AuditData->MaximumAuditEventCount = Info->MaximumAuditEventCount;
812
813 memcpy(&(AuditData->AuditEvents[0]),
814 Info->EventAuditingOptions,
815 Info->MaximumAuditEventCount * sizeof(DWORD));
816
817 Status = LsapSetObjectAttribute(PolicyObject,
818 L"PolAdtEv",
819 AuditData,
820 AttributeSize);
821
822 RtlFreeHeap(RtlGetProcessHeap(), 0, AuditData);
823
824 return Status;
825}
struct _LSAP_POLICY_AUDIT_EVENTS_DATA LSAP_POLICY_AUDIT_EVENTS_DATA

Referenced by LsarSetInformationPolicy().

◆ LsarSetAuditFull()

NTSTATUS LsarSetAuditFull ( PLSA_DB_OBJECT  PolicyObject,
PPOLICY_AUDIT_FULL_QUERY_INFO  Info 
)

Definition at line 971 of file policy.c.

973{
974 PPOLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = NULL;
975 ULONG AttributeSize;
977
978 TRACE("(%p %p)\n", PolicyObject, Info);
979
980 AttributeSize = sizeof(POLICY_AUDIT_FULL_QUERY_INFO);
981 AuditFullInfo = MIDL_user_allocate(AttributeSize);
982 if (AuditFullInfo == NULL)
984
985 Status = LsapGetObjectAttribute(PolicyObject,
986 L"PolAdtFl",
987 AuditFullInfo,
988 &AttributeSize);
989 if (!NT_SUCCESS(Status))
990 goto done;
991
992 AuditFullInfo->ShutDownOnFull = Info->ShutDownOnFull;
993
994 Status = LsapSetObjectAttribute(PolicyObject,
995 L"PolAdtFl",
996 AuditFullInfo,
997 AttributeSize);
998
999done:
1000 if (AuditFullInfo != NULL)
1001 MIDL_user_free(AuditFullInfo);
1002
1003 return Status;
1004}

Referenced by LsarSetInformationPolicy().

◆ LsarSetAuditLog()

NTSTATUS LsarSetAuditLog ( PLSA_DB_OBJECT  PolicyObject,
PPOLICY_AUDIT_LOG_INFO  Info 
)

Definition at line 779 of file policy.c.

781{
782 TRACE("(%p %p)\n", PolicyObject, Info);
783
784 return LsapSetObjectAttribute(PolicyObject,
785 L"PolAdtLg",
786 Info,
787 sizeof(POLICY_AUDIT_LOG_INFO));
788}

Referenced by LsarSetInformationPolicy().

◆ LsarSetDefaultQuota()

NTSTATUS LsarSetDefaultQuota ( PLSA_DB_OBJECT  PolicyObject,
PPOLICY_DEFAULT_QUOTA_INFO  Info 
)

Definition at line 945 of file policy.c.

947{
948 TRACE("(%p %p)\n", PolicyObject, Info);
949
950 return LsapSetObjectAttribute(PolicyObject,
951 L"DefQuota",
952 Info,
954}

Referenced by LsarSetInformationPolicy().

◆ LsarSetDnsDomain()

NTSTATUS LsarSetDnsDomain ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_DNS_DOMAIN_INFO  Info 
)

Definition at line 1008 of file policy.c.

1010{
1011 FIXME("\n");
1013}

Referenced by LsarSetInformationPolicy().

◆ LsarSetDnsDomainInt()

NTSTATUS LsarSetDnsDomainInt ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_DNS_DOMAIN_INFO  Info 
)

Definition at line 1017 of file policy.c.

1019{
1020 FIXME("\n");
1022}

Referenced by LsarSetInformationPolicy().

◆ LsarSetLocalAccountDomain()

NTSTATUS LsarSetLocalAccountDomain ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_ACCOUNT_DOM_INFO  Info 
)

Definition at line 1026 of file policy.c.

1028{
1029 FIXME("\n");
1031}

Referenced by LsarSetInformationPolicy().

◆ LsarSetModification()

NTSTATUS LsarSetModification ( PLSA_DB_OBJECT  PolicyObject,
PPOLICY_MODIFICATION_INFO  Info 
)

Definition at line 958 of file policy.c.

960{
961 TRACE("(%p %p)\n", PolicyObject, Info);
962
963 return LsapSetObjectAttribute(PolicyObject,
964 L"PolMod",
965 Info,
967}

Referenced by LsarSetInformationPolicy().

◆ LsarSetPrimaryDomain()

NTSTATUS LsarSetPrimaryDomain ( PLSA_DB_OBJECT  PolicyObject,
PLSAPR_POLICY_PRIMARY_DOM_INFO  Info 
)

Definition at line 829 of file policy.c.

831{
833 ULONG Length = 0;
835 LPWSTR Ptr;
836
837 TRACE("(%p %p)\n", PolicyObject, Info);
838
839 Length = sizeof(UNICODE_STRING) + Info->Name.MaximumLength;
840 Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
841 0,
842 Length);
843 if (Buffer == NULL)
845
846 Buffer->Length = Info->Name.Length;
847 Buffer->MaximumLength = Info->Name.MaximumLength;
848 Buffer->Buffer = (LPWSTR)sizeof(UNICODE_STRING);
849 Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING));
850 memcpy(Ptr, Info->Name.Buffer, Info->Name.MaximumLength);
851
852 Status = LsapSetObjectAttribute(PolicyObject,
853 L"PolPrDmN",
854 Buffer,
855 Length);
856
857 RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
858
859 if (!NT_SUCCESS(Status))
860 return Status;
861
862 Length = 0;
863 if (Info->Sid != NULL)
864 Length = RtlLengthSid(Info->Sid);
865
866 Status = LsapSetObjectAttribute(PolicyObject,
867 L"PolPrDmS",
868 (LPBYTE)Info->Sid,
869 Length);
870
871 return Status;
872}

Referenced by LsarSetInformationPolicy().

◆ LsarSetReplicaSource()

NTSTATUS LsarSetReplicaSource ( PLSA_DB_OBJECT  PolicyObject,
PPOLICY_LSA_REPLICA_SRCE_INFO  Info 
)

Definition at line 936 of file policy.c.

938{
939 FIXME("\n");
941}

Referenced by LsarSetInformationPolicy().

◆ LsarSetServerRole()

NTSTATUS LsarSetServerRole ( PLSA_DB_OBJECT  PolicyObject,
PPOLICY_LSA_SERVER_ROLE_INFO  Info 
)

Definition at line 923 of file policy.c.

925{
926 TRACE("(%p %p)\n", PolicyObject, Info);
927
928 return LsapSetObjectAttribute(PolicyObject,
929 L"PolSrvRo",
930 Info,
932}

Referenced by LsarSetInformationPolicy().

◆ LsarStartRpcServer()

NTSTATUS LsarStartRpcServer ( VOID  )

Definition at line 40 of file lsarpc.c.

41{
43 DWORD dwError;
45
47
48 TRACE("LsarStartRpcServer() called\n");
49
52 L"\\pipe\\lsarpc",
53 NULL);
54 if (Status != RPC_S_OK)
55 {
56 WARN("RpcServerUseProtseqEpW() failed (Status %lx)\n", Status);
58 }
59
60 Status = RpcServerRegisterIf(lsarpc_v0_0_s_ifspec,
61 NULL,
62 NULL);
63 if (Status != RPC_S_OK)
64 {
65 WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status);
67 }
68
70
71 Status = RpcServerListen(1, 20, TRUE);
72 if (Status != RPC_S_OK)
73 {
74 WARN("RpcServerListen() failed (Status %lx)\n", Status);
76 }
77
78 /* Notify the service manager */
79 TRACE("Creating notification event!\n");
81 TRUE,
82 FALSE,
83 L"LSA_RPC_SERVER_ACTIVE");
84 if (hEvent == NULL)
85 {
86 dwError = GetLastError();
87 TRACE("Failed to create or open the notification event (Error %lu)\n", dwError);
88#if 0
89 if (dwError == ERROR_ALREADY_EXISTS)
90 {
92 FALSE,
93 L"LSA_RPC_SERVER_ACTIVE");
94 if (hEvent == NULL)
95 {
96 ERR("Could not open the notification event (Error %lu)\n", GetLastError());
98 }
99 }
100#endif
101 return STATUS_UNSUCCESSFUL;
102 }
103
104 TRACE("Set notification event!\n");
106
107 /* NOTE: Do not close the event handle, as it must remain alive! */
108
109 TRACE("LsarStartRpcServer() done\n");
110 return STATUS_SUCCESS;
111}
static RTL_CRITICAL_SECTION PolicyHandleTableLock
Definition: lsarpc.c:14
VOID DsSetupInit(VOID)
Definition: dssetup.c:22
#define ERROR_ALREADY_EXISTS
Definition: disk.h:80
static HANDLE hEvent
Definition: comm.c:54
NTSYSAPI NTSTATUS NTAPI RtlInitializeCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define GENERIC_WRITE
Definition: nt_native.h:90
RPC_STATUS WINAPI RpcServerListen(UINT MinimumCallThreads, UINT MaxCalls, UINT DontWait)
Definition: rpc_server.c:1520
RPC_STATUS WINAPI RpcServerUseProtseqEpW(RPC_WSTR Protseq, UINT MaxCalls, RPC_WSTR Endpoint, LPVOID SecurityDescriptor)
Definition: rpc_server.c:927
#define RPC_C_PROTSEQ_MAX_REQS_DEFAULT
Definition: rpcdce.h:123
LONG WINAPI I_RpcMapWin32Status(RPC_STATUS status)
Definition: rpcrt4_main.c:740
HANDLE WINAPI DECLSPEC_HOTPATCH OpenEventW(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN LPCWSTR lpName)
Definition: synch.c:682
HANDLE WINAPI DECLSPEC_HOTPATCH CreateEventW(IN LPSECURITY_ATTRIBUTES lpEventAttributes OPTIONAL, IN BOOL bManualReset, IN BOOL bInitialState, IN LPCWSTR lpName OPTIONAL)
Definition: synch.c:651
BOOL WINAPI DECLSPEC_HOTPATCH SetEvent(IN HANDLE hEvent)
Definition: synch.c:733
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
DWORD WINAPI GetLastError(void)
Definition: except.c:1042

Referenced by LsapInitLsa().

◆ StartAuthenticationPort()

NTSTATUS StartAuthenticationPort ( VOID  )

Definition at line 327 of file authport.c.

328{
331 DWORD ThreadId;
332 UNICODE_STRING EventName;
335
336 TRACE("StartAuthenticationPort()\n");
337
338 /* Initialize the logon context list */
340
342 L"\\LsaAuthenticationPort");
343
345 &PortName,
346 0,
347 NULL,
348 NULL);
349
352 sizeof(LSA_CONNECTION_INFO),
353 sizeof(LSA_API_MSG),
354 sizeof(LSA_API_MSG) * 32);
355 if (!NT_SUCCESS(Status))
356 {
357 WARN("NtCreatePort() failed (Status %lx)\n", Status);
358 return Status;
359 }
360
361 RtlInitUnicodeString(&EventName,
362 L"\\SECURITY\\LSA_AUTHENTICATION_INITIALIZED");
364 &EventName,
366 NULL,
367 NULL);
371 if (!NT_SUCCESS(Status))
372 {
373 TRACE("NtOpenEvent failed (Status 0x%08lx)\n", Status);
374
379 FALSE);
380 if (!NT_SUCCESS(Status))
381 {
382 WARN("NtCreateEvent failed (Status 0x%08lx)\n", Status);
383 return Status;
384 }
385 }
386
389 if (!NT_SUCCESS(Status))
390 {
391 WARN("NtSetEvent failed (Status 0x%08lx)\n", Status);
392 return Status;
393 }
394
396 0x1000,
398 NULL,
399 0,
400 &ThreadId);
401
402
403 return STATUS_SUCCESS;
404}
static UNICODE_STRING PortName
static HANDLE PortThreadHandle
Definition: authport.c:15
static LIST_ENTRY LsapLogonContextList
Definition: authport.c:13
NTSTATUS WINAPI AuthPortThreadRoutine(PVOID Param)
Definition: authport.c:217
static HANDLE AuthPortHandle
Definition: authport.c:16
#define OBJ_PERMANENT
Definition: winternl.h:226
@ NotificationEvent
NTSTATUS NTAPI NtCreateEvent(OUT PHANDLE EventHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN EVENT_TYPE EventType, IN BOOLEAN InitialState)
Definition: event.c:96
#define EVENT_MODIFY_STATE
Definition: winbase.h:164
DWORD(WINAPI * LPTHREAD_START_ROUTINE)(LPVOID)
Definition: winbase.h:754
_Out_ PHANDLE EventHandle
Definition: iofuncs.h:857

Referenced by LsapInitLsa().

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( lsasrv  )

Variable Documentation

◆ AccountDomainName

◆ AccountDomainSid

◆ BuiltinDomainName

◆ BuiltinDomainSid

◆ CreatorSidAuthority

SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
extern

Definition at line 20 of file database.c.

Referenced by LsapInitSids().

◆ LocalSidAuthority

SID_IDENTIFIER_AUTHORITY LocalSidAuthority
extern

Definition at line 19 of file database.c.

Referenced by LsapInitSids().

◆ LsapAdministratorsSid

PSID LsapAdministratorsSid
extern

Definition at line 84 of file lookup.c.

Referenced by LsapInitSids(), and LsapSetTokenOwner().

◆ LsapBatchSid

PSID LsapBatchSid
extern

Definition at line 80 of file lookup.c.

Referenced by LsapAddDefaultGroups(), and LsapInitSids().

◆ LsapInteractiveSid

PSID LsapInteractiveSid
extern

Definition at line 81 of file lookup.c.

Referenced by LsapAddDefaultGroups(), and LsapInitSids().

◆ LsapLocalSystemSid

PSID LsapLocalSystemSid
extern

Definition at line 83 of file lookup.c.

Referenced by LsapAddTokenDefaultDacl(), and LsapInitSids().

◆ LsapNetworkSid

PSID LsapNetworkSid
extern

Definition at line 79 of file lookup.c.

Referenced by LsapAddDefaultGroups(), and LsapInitSids().

◆ LsapProductType

◆ LsapServiceSid

PSID LsapServiceSid
extern

Definition at line 82 of file lookup.c.

Referenced by LsapAddDefaultGroups(), and LsapInitSids().

◆ LsapWorldSid

PSID LsapWorldSid
extern

Definition at line 78 of file lookup.c.

Referenced by LsapAddDefaultGroups(), LsapInitSids(), and LsapLogonUser().

◆ NtAuthority

SID_IDENTIFIER_AUTHORITY NtAuthority
extern

Definition at line 21 of file database.c.

Referenced by LsapCreateRandomDomainSid(), and LsapGetDomainInfo().

◆ NullSidAuthority

SID_IDENTIFIER_AUTHORITY NullSidAuthority
extern

Definition at line 17 of file database.c.

Referenced by LsapInitSids().

◆ WorldSidAuthority

SID_IDENTIFIER_AUTHORITY WorldSidAuthority
extern