ReactOS  0.4.15-dev-3297-g037c744
lsasrv.h File Reference
#include <stdarg.h>
#include <windef.h>
#include <winbase.h>
#include <winreg.h>
#include <ndk/cmfuncs.h>
#include <ndk/exfuncs.h>
#include <ndk/kefuncs.h>
#include <ndk/mmfuncs.h>
#include <ndk/obfuncs.h>
#include <ndk/psfuncs.h>
#include <ndk/rtlfuncs.h>
#include <ndk/sefuncs.h>
#include <ndk/ketypes.h>
#include <ndk/setypes.h>
#include <ntsam.h>
#include <ntlsa.h>
#include <sddl.h>
#include <srmp.h>
#include <lsass.h>
#include <lsa_s.h>
#include <wine/debug.h>
Include dependency graph for lsasrv.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  _LSA_DB_OBJECT
 
struct  _LSAP_POLICY_AUDIT_EVENTS_DATA
 
struct  _LSAP_LOGON_CONTEXT
 
struct  _SAMPR_ULONG_ARRAY
 

Macros

#define WIN32_NO_STATUS
 
#define _INC_WINDOWS
 
#define COM_NO_WINDOWS_H
 
#define NTOS_MODE_USER
 
#define LSAP_DB_SIGNATURE   0x12345678
 
#define POLICY_AUDIT_EVENT_TYPE_COUNT   (AuditCategoryAccountLogon - AuditCategorySystem + 1)
 

Typedefs

typedef enum _LSA_DB_OBJECT_TYPE LSA_DB_OBJECT_TYPE
 
typedef enum _LSA_DB_OBJECT_TYPEPLSA_DB_OBJECT_TYPE
 
typedef struct _LSA_DB_OBJECT LSA_DB_OBJECT
 
typedef struct _LSA_DB_OBJECTPLSA_DB_OBJECT
 
typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATA LSAP_POLICY_AUDIT_EVENTS_DATA
 
typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATAPLSAP_POLICY_AUDIT_EVENTS_DATA
 
typedef struct _LSAP_LOGON_CONTEXT LSAP_LOGON_CONTEXT
 
typedef struct _LSAP_LOGON_CONTEXTPLSAP_LOGON_CONTEXT
 
typedef struct _SAMPR_ULONG_ARRAY SAMPR_ULONG_ARRAY
 
typedef struct _SAMPR_ULONG_ARRAYPSAMPR_ULONG_ARRAY
 

Enumerations

enum  _LSA_DB_OBJECT_TYPE {
  LsaDbIgnoreObject, LsaDbPolicyObject, LsaDbAccountObject, LsaDbDomainObject,
  LsaDbSecretObject
}
 

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (lsasrv)
 
NTSTATUS LsapInitAuthPackages (VOID)
 
NTSTATUS LsapLookupAuthenticationPackage (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
NTSTATUS LsapCallAuthenticationPackage (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
NTSTATUS LsapLogonUser (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
VOID LsapTerminateLogon (_In_ PLUID LogonId)
 
NTSTATUS StartAuthenticationPort (VOID)
 
NTSTATUS LsapInitDatabase (VOID)
 
NTSTATUS LsapCreateDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE HandleType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapOpenDbObject (IN PLSA_DB_OBJECT ParentObject, IN LPWSTR ContainerName, IN LPWSTR ObjectName, IN LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess, IN BOOLEAN Trusted, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapValidateDbObject (IN LSAPR_HANDLE Handle, IN LSA_DB_OBJECT_TYPE HandleType, IN ACCESS_MASK GrantedAccess, OUT PLSA_DB_OBJECT *DbObject)
 
NTSTATUS LsapCloseDbObject (IN PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapDeleteDbObject (IN PLSA_DB_OBJECT DbObject)
 
NTSTATUS LsapGetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, PULONG AttributeSize)
 
NTSTATUS LsapSetObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName, LPVOID AttributeData, ULONG AttributeSize)
 
NTSTATUS LsapDeleteObjectAttribute (PLSA_DB_OBJECT DbObject, LPWSTR AttributeName)
 
VOID DsSetupInit (VOID)
 
NTSTATUS LsapInitSids (VOID)
 
ULONG LsapGetRelativeIdFromSid (PSID Sid)
 
NTSTATUS LsapLookupNames (DWORD Count, PRPC_UNICODE_STRING Names, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DWORD LookupOptions, DWORD ClientRevision)
 
NTSTATUS LsapLookupSids (PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains, PLSAPR_TRANSLATED_NAMES_EX TranslatedNames, LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount, DWORD LookupOptions, DWORD ClientRevision)
 
NTSTATUS LsarStartRpcServer (VOID)
 
VOID LsapInitNotificationList (VOID)
 
NTSTATUS LsapRegisterNotification (PLSA_API_MSG RequestMsg)
 
VOID LsapNotifyPolicyChange (POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass)
 
NTSTATUS LsarQueryAuditLog (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryAuditEvents (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryPrimaryDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryPdAccount (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryServerRole (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryReplicaSource (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryDefaultQuota (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryModification (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryAuditFull (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryDnsDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryDnsDomainInt (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarQueryLocalAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation)
 
NTSTATUS LsarSetAuditLog (PLSA_DB_OBJECT PolicyObject, PPOLICY_AUDIT_LOG_INFO Info)
 
NTSTATUS LsarSetAuditEvents (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_AUDIT_EVENTS_INFO Info)
 
NTSTATUS LsarSetPrimaryDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_PRIMARY_DOM_INFO Info)
 
NTSTATUS LsarSetAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
 
NTSTATUS LsarSetServerRole (PLSA_DB_OBJECT PolicyObject, PPOLICY_LSA_SERVER_ROLE_INFO Info)
 
NTSTATUS LsarSetReplicaSource (PLSA_DB_OBJECT PolicyObject, PPOLICY_LSA_REPLICA_SRCE_INFO Info)
 
NTSTATUS LsarSetDefaultQuota (PLSA_DB_OBJECT PolicyObject, PPOLICY_DEFAULT_QUOTA_INFO Info)
 
NTSTATUS LsarSetModification (PLSA_DB_OBJECT PolicyObject, PPOLICY_MODIFICATION_INFO Info)
 
NTSTATUS LsarSetAuditFull (PLSA_DB_OBJECT PolicyObject, PPOLICY_AUDIT_FULL_QUERY_INFO Info)
 
NTSTATUS LsarSetDnsDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
 
NTSTATUS LsarSetDnsDomainInt (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
 
NTSTATUS LsarSetLocalAccountDomain (PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
 
NTSTATUS LsarpLookupPrivilegeName (PLUID Value, PRPC_UNICODE_STRING *Name)
 
NTSTATUS LsarpLookupPrivilegeDisplayName (PRPC_UNICODE_STRING Name, USHORT ClientLanguage, USHORT ClientSystemDefaultLanguage, PRPC_UNICODE_STRING *DisplayName, USHORT *LanguageReturned)
 
PLUID LsarpLookupPrivilegeValue (IN PRPC_UNICODE_STRING Name)
 
NTSTATUS LsarpEnumeratePrivileges (DWORD *EnumerationContext, PLSAPR_PRIVILEGE_ENUM_BUFFER EnumerationBuffer, DWORD PreferedMaximumLength)
 
NTSTATUS LsapLookupAccountRightName (ULONG RightValue, PRPC_UNICODE_STRING *Name)
 
ACCESS_MASK LsapLookupAccountRightValue (IN PRPC_UNICODE_STRING Name)
 
NTSTATUS LsapRegCloseKey (IN HANDLE KeyHandle)
 
NTSTATUS LsapRegCreateKey (IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName, IN ACCESS_MASK DesiredAccess, OUT HANDLE KeyHandle)
 
NTSTATUS LsapRegDeleteSubKey (IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
 
NTSTATUS LsapRegDeleteKey (IN HANDLE KeyHandle)
 
NTSTATUS LsapRegEnumerateSubKey (IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
 
NTSTATUS LsapRegOpenKey (IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName, IN ACCESS_MASK DesiredAccess, OUT HANDLE KeyHandle)
 
NTSTATUS LsapRegQueryKeyInfo (IN HANDLE KeyHandle, OUT PULONG SubKeyCount, OUT PULONG MaxSubKeyNameLength, OUT PULONG ValueCount)
 
NTSTATUS LsapRegDeleteValue (IN HANDLE KeyHandle, IN LPWSTR ValueName)
 
NTSTATUS LsapRegEnumerateValue (IN HANDLE KeyHandle, IN ULONG Index, OUT LPWSTR Name, IN OUT PULONG NameLength, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL)
 
NTSTATUS LsapRegQueryValue (IN HANDLE KeyHandle, IN LPWSTR ValueName, OUT PULONG Type OPTIONAL, OUT LPVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL)
 
NTSTATUS LsapRegSetValue (IN HANDLE KeyHandle, IN LPWSTR ValueName, IN ULONG Type, IN LPVOID Data, IN ULONG DataLength)
 
NTSTATUS LsapCreatePolicySd (PSECURITY_DESCRIPTOR *PolicySd, PULONG PolicySdSize)
 
NTSTATUS LsapCreateAccountSd (PSECURITY_DESCRIPTOR *AccountSd, PULONG AccountSdSize)
 
NTSTATUS LsapCreateSecretSd (PSECURITY_DESCRIPTOR *SecretSd, PULONG SecretSdSize)
 
VOID LsapInitLogonSessions (VOID)
 
NTSTATUS NTAPI LsapCreateLogonSession (IN PLUID LogonId)
 
NTSTATUS NTAPI LsapDeleteLogonSession (IN PLUID LogonId)
 
NTSTATUS NTAPI LsapAddCredential (_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue, _In_ PLSA_STRING Credential)
 
NTSTATUS NTAPI LsapGetCredentials (_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _Inout_ PULONG QueryContext, _In_ BOOLEAN RetrieveAllCredentials, _Inout_ PLSA_STRING PrimaryKeyValue, _Out_ PULONG PrimaryKeyLength, _Out_ PLSA_STRING Credentials)
 
NTSTATUS NTAPI LsapDeleteCredential (_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue)
 
NTSTATUS LsapSetLogonSessionData (_In_ PLUID LogonId, _In_ ULONG LogonType, _In_ PUNICODE_STRING UserName, _In_ PUNICODE_STRING LogonDomain, _In_ PSID Sid)
 
NTSTATUS LsapEnumLogonSessions (IN OUT PLSA_API_MSG RequestMsg)
 
NTSTATUS LsapGetLogonSessionData (IN OUT PLSA_API_MSG RequestMsg)
 
NTSTATUS LsapRmInitializeServer (VOID)
 
NTSTATUS LsapRmCreateLogonSession (PLUID LogonId)
 
NTSTATUS LsapRmDeleteLogonSession (PLUID LogonId)
 
INT LsapLoadString (HINSTANCE hInstance, UINT uId, LPWSTR lpBuffer, INT nBufferMax)
 
INT LsapGetResourceStringLengthEx (_In_ HINSTANCE hInstance, _In_ UINT uId, _In_ USHORT usLanguage)
 
INT LsapLoadStringEx (_In_ HINSTANCE hInstance, _In_ UINT uId, _In_ USHORT usLanguage, _Out_ LPWSTR lpBuffer, _Out_ INT nBufferMax)
 
PSID LsapAppendRidToSid (PSID SrcSid, ULONG Rid)
 

Variables

NT_PRODUCT_TYPE LsapProductType
 
SID_IDENTIFIER_AUTHORITY NullSidAuthority
 
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
 
SID_IDENTIFIER_AUTHORITY LocalSidAuthority
 
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
 
SID_IDENTIFIER_AUTHORITY NtAuthority
 
PSID BuiltinDomainSid
 
UNICODE_STRING BuiltinDomainName
 
PSID AccountDomainSid
 
UNICODE_STRING AccountDomainName
 
PSID LsapWorldSid
 
PSID LsapNetworkSid
 
PSID LsapBatchSid
 
PSID LsapInteractiveSid
 
PSID LsapServiceSid
 
PSID LsapLocalSystemSid
 
PSID LsapAdministratorsSid
 

Macro Definition Documentation

◆ _INC_WINDOWS

#define _INC_WINDOWS

Definition at line 16 of file lsasrv.h.

◆ COM_NO_WINDOWS_H

#define COM_NO_WINDOWS_H

Definition at line 17 of file lsasrv.h.

◆ LSAP_DB_SIGNATURE

#define LSAP_DB_SIGNATURE   0x12345678

Definition at line 67 of file lsasrv.h.

◆ NTOS_MODE_USER

#define NTOS_MODE_USER

Definition at line 23 of file lsasrv.h.

◆ POLICY_AUDIT_EVENT_TYPE_COUNT

#define POLICY_AUDIT_EVENT_TYPE_COUNT   (AuditCategoryAccountLogon - AuditCategorySystem + 1)

Definition at line 69 of file lsasrv.h.

◆ WIN32_NO_STATUS

#define WIN32_NO_STATUS

Definition at line 15 of file lsasrv.h.

Typedef Documentation

◆ LSA_DB_OBJECT

◆ LSA_DB_OBJECT_TYPE

◆ LSAP_LOGON_CONTEXT

◆ LSAP_POLICY_AUDIT_EVENTS_DATA

◆ PLSA_DB_OBJECT

◆ PLSA_DB_OBJECT_TYPE

◆ PLSAP_LOGON_CONTEXT

◆ PLSAP_POLICY_AUDIT_EVENTS_DATA

◆ PSAMPR_ULONG_ARRAY

◆ SAMPR_ULONG_ARRAY

Enumeration Type Documentation

◆ _LSA_DB_OBJECT_TYPE

Enumerator
LsaDbIgnoreObject 
LsaDbPolicyObject 
LsaDbAccountObject 
LsaDbDomainObject 
LsaDbSecretObject 

Definition at line 47 of file lsasrv.h.

48 {
enum _LSA_DB_OBJECT_TYPE * PLSA_DB_OBJECT_TYPE
enum _LSA_DB_OBJECT_TYPE LSA_DB_OBJECT_TYPE

Function Documentation

◆ DsSetupInit()

VOID DsSetupInit ( VOID  )

Definition at line 22 of file dssetup.c.

23 {
25 
26  Status = RpcServerRegisterIf(dssetup_v0_0_s_ifspec,
27  NULL,
28  NULL);
29  if (Status != RPC_S_OK)
30  {
31  WARN("RpcServerRegisterIf() failed (Status %lx)\n", Status);
32  return;
33  }
34 }
#define WARN(fmt,...)
Definition: debug.h:112
long RPC_STATUS
Definition: rpc.h:52
Status
Definition: gdiplustypes.h:24
RPC_STATUS WINAPI RpcServerRegisterIf(RPC_IF_HANDLE IfSpec, UUID *MgrTypeUuid, RPC_MGR_EPV *MgrEpv)
Definition: rpc_server.c:1116
#define NULL
Definition: types.h:112
#define RPC_S_OK
Definition: rpcnterr.h:22

Referenced by LsarStartRpcServer().

◆ LsapAddCredential()

NTSTATUS NTAPI LsapAddCredential ( _In_ PLUID  LogonId,
_In_ ULONG  AuthenticationPackage,
_In_ PLSA_STRING  PrimaryKeyValue,
_In_ PLSA_STRING  Credential 
)

Definition at line 259 of file session.c.

264 {
265 
266  return STATUS_SUCCESS;
267 }
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapInitAuthPackages().

◆ LsapAppendRidToSid()

PSID LsapAppendRidToSid ( PSID  SrcSid,
ULONG  Rid 
)

Definition at line 152 of file utils.c.

155 {
156  ULONG Rids[8] = {0, 0, 0, 0, 0, 0, 0, 0};
157  UCHAR RidCount;
158  PSID DstSid;
159  ULONG i;
160 
161  RidCount = *RtlSubAuthorityCountSid(SrcSid);
162  if (RidCount >= 8)
163  return NULL;
164 
165  for (i = 0; i < RidCount; i++)
166  Rids[i] = *RtlSubAuthoritySid(SrcSid, i);
167 
168  Rids[RidCount] = Rid;
169  RidCount++;
170 
172  RidCount,
173  Rids[0],
174  Rids[1],
175  Rids[2],
176  Rids[3],
177  Rids[4],
178  Rids[5],
179  Rids[6],
180  Rids[7],
181  &DstSid);
182 
183  return DstSid;
184 }
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
NTSYSAPI PSID_IDENTIFIER_AUTHORITY NTAPI RtlIdentifierAuthoritySid(PSID Sid)
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
Definition: sid.c:104
unsigned char UCHAR
Definition: xmlstorage.h:181
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define NULL
Definition: types.h:112
unsigned int ULONG
Definition: retypes.h:1

Referenced by LsapAppendSidToGroups().

◆ LsapCallAuthenticationPackage()

NTSTATUS LsapCallAuthenticationPackage ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 564 of file authpackage.c.

566 {
567  PAUTH_PACKAGE Package;
568  PVOID LocalBuffer = NULL;
571 
572  TRACE("(%p %p)\n", RequestMsg, LogonContext);
573 
574  PackageId = RequestMsg->CallAuthenticationPackage.Request.AuthenticationPackage;
575 
576  /* Get the right authentication package */
578  if (Package == NULL)
579  {
580  TRACE("LsapGetAuthenticationPackage() failed to find a package\n");
581  return STATUS_NO_SUCH_PACKAGE;
582  }
583 
584  if (RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength > 0)
585  {
586  LocalBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
588  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength);
589  if (LocalBuffer == NULL)
590  {
592  }
593 
595  RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
596  LocalBuffer,
597  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
598  NULL);
599  if (!NT_SUCCESS(Status))
600  {
601  TRACE("NtReadVirtualMemory() failed (Status 0x%08lx)\n", Status);
602  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalBuffer);
603  return Status;
604  }
605  }
606 
607  if (LogonContext->TrustedCaller)
608  Status = Package->LsaApCallPackage((PLSA_CLIENT_REQUEST)LogonContext,
609  LocalBuffer,
610  RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
611  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
612  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolReturnBuffer,
613  &RequestMsg->CallAuthenticationPackage.Reply.ReturnBufferLength,
614  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolStatus);
615  else
616  Status = Package->LsaApCallPackageUntrusted((PLSA_CLIENT_REQUEST)LogonContext,
617  LocalBuffer,
618  RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
619  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
620  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolReturnBuffer,
621  &RequestMsg->CallAuthenticationPackage.Reply.ReturnBufferLength,
622  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolStatus);
623  if (!NT_SUCCESS(Status))
624  {
625  TRACE("Package->LsaApCallPackage() failed (Status 0x%08lx)\n", Status);
626  }
627 
628  if (LocalBuffer != NULL)
629  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalBuffer);
630 
631  return Status;
632 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
BOOL TrustedCaller
Definition: lsasrv.h:82
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define STATUS_NO_SUCH_PACKAGE
Definition: ntstatus.h:490
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
struct _LSA_CALL_AUTHENTICATION_PACKAGE_MSG::@3404::@3407 Reply
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PLSA_AP_CALL_PACKAGE_UNTRUSTED LsaApCallPackageUntrusted
Definition: authpackage.c:101
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2805
LSA_CALL_AUTHENTICATION_PACKAGE_MSG CallAuthenticationPackage
Definition: lsass.h:188
struct _LSA_CALL_AUTHENTICATION_PACKAGE_MSG::@3404::@3406 Request
PLSA_AP_CALL_PACKAGE_INTERNAL LsaApCallPackage
Definition: authpackage.c:99
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
static PAUTH_PACKAGE LsapGetAuthenticationPackage(IN ULONG PackageId)
Definition: authpackage.c:341
unsigned int ULONG
Definition: retypes.h:1
static ULONG PackageId
Definition: authpackage.c:163

Referenced by AuthPortThreadRoutine().

◆ LsapCloseDbObject()

NTSTATUS LsapCloseDbObject ( IN PLSA_DB_OBJECT  DbObject)

◆ LsapCreateAccountSd()

NTSTATUS LsapCreateAccountSd ( PSECURITY_DESCRIPTOR AccountSd,
PULONG  AccountSdSize 
)

Definition at line 268 of file security.c.

270 {
271  SECURITY_DESCRIPTOR AbsoluteSd;
272  PSECURITY_DESCRIPTOR RelativeSd = NULL;
273  ULONG RelativeSdSize = 0;
274  PSID AdministratorsSid = NULL;
275  PSID EveryoneSid = NULL;
277  PACL Dacl = NULL;
278  ULONG DaclSize;
280 
281  if (AccountSd == NULL || AccountSdSize == NULL)
283 
284  *AccountSd = NULL;
285  *AccountSdSize = 0;
286 
287  /* Initialize the SD */
288  Status = RtlCreateSecurityDescriptor(&AbsoluteSd,
290  if (!NT_SUCCESS(Status))
291  return Status;
292 
294  2,
297  0,
298  0,
299  0,
300  0,
301  0,
302  0,
303  &AdministratorsSid);
304  if (!NT_SUCCESS(Status))
305  goto done;
306 
308  1,
310  0,
311  0,
312  0,
313  0,
314  0,
315  0,
316  0,
317  &EveryoneSid);
318  if (!NT_SUCCESS(Status))
319  goto done;
320 
322  1,
324  0,
325  0,
326  0,
327  0,
328  0,
329  0,
330  0,
331  &LocalSystemSid);
332  if (!NT_SUCCESS(Status))
333  goto done;
334 
335  /* Allocate and initialize the DACL */
336  DaclSize = sizeof(ACL) +
337  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AdministratorsSid) +
338  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(EveryoneSid);
339 
340  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
342  DaclSize);
343  if (Dacl == NULL)
344  {
346  goto done;
347  }
348 
350  DaclSize,
351  ACL_REVISION);
352  if (!NT_SUCCESS(Status))
353  goto done;
354 
356  ACL_REVISION,
358  AdministratorsSid);
359  if (!NT_SUCCESS(Status))
360  goto done;
361 
363  ACL_REVISION,
365  EveryoneSid);
366  if (!NT_SUCCESS(Status))
367  goto done;
368 
369  Status = RtlSetDaclSecurityDescriptor(&AbsoluteSd,
370  TRUE,
371  Dacl,
372  FALSE);
373  if (!NT_SUCCESS(Status))
374  goto done;
375 
378  FALSE);
379  if (!NT_SUCCESS(Status))
380  goto done;
381 
383  AdministratorsSid,
384  FALSE);
385  if (!NT_SUCCESS(Status))
386  goto done;
387 
388  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
389  RelativeSd,
390  &RelativeSdSize);
392  goto done;
393 
394  RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(),
396  RelativeSdSize);
397  if (RelativeSd == NULL)
398  {
400  goto done;
401  }
402 
403  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
404  RelativeSd,
405  &RelativeSdSize);
406  if (!NT_SUCCESS(Status))
407  goto done;
408 
409  *AccountSd = RelativeSd;
410  *AccountSdSize = RelativeSdSize;
411 
412 done:
413  if (Dacl != NULL)
414  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
415 
416  if (AdministratorsSid != NULL)
417  RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
418 
419  if (EveryoneSid != NULL)
420  RtlFreeHeap(RtlGetProcessHeap(), 0, EveryoneSid);
421 
422  if (LocalSystemSid != NULL)
423  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
424 
425  if (!NT_SUCCESS(Status))
426  {
427  if (RelativeSd != NULL)
428  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
429  }
430 
431  return Status;
432 }
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:561
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
static ULONG
Definition: security.c:118
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
Definition: sd.c:410
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define ACCOUNT_ALL_ACCESS
Definition: ntlsa.h:33
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:15
#define FALSE
Definition: types.h:117
#define ACCOUNT_EXECUTE
Definition: ntlsa.h:36
NTSYSAPI NTSTATUS NTAPI RtlAbsoluteToSelfRelativeSD(IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, IN PULONG BufferLength)
Definition: sd.c:626
struct _ACL ACL
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:18
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:568
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PSID LocalSystemSid
Definition: globals.c:16
#define SECURITY_WORLD_RID
Definition: setypes.h:528
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1552
#define ACL_REVISION
Definition: setypes.h:39
unsigned int ULONG
Definition: retypes.h:1
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:639

Referenced by LsarpCreateAccount().

◆ LsapCreateDbObject()

NTSTATUS LsapCreateDbObject ( IN PLSA_DB_OBJECT  ParentObject,
IN LPWSTR  ContainerName,
IN LPWSTR  ObjectName,
IN LSA_DB_OBJECT_TYPE  HandleType,
IN ACCESS_MASK  DesiredAccess,
IN BOOLEAN  Trusted,
OUT PLSA_DB_OBJECT DbObject 
)

Definition at line 592 of file database.c.

599 {
603  HANDLE ParentKeyHandle;
604  HANDLE ContainerKeyHandle = NULL;
605  HANDLE ObjectKeyHandle = NULL;
607 
608  if (DbObject == NULL)
610 
611  if (ParentObject == NULL)
612  ParentKeyHandle = SecurityKeyHandle;
613  else
614  ParentKeyHandle = ParentObject->KeyHandle;
615 
616  if (ContainerName != NULL)
617  {
618  /* Open the container key */
620  ContainerName);
621 
623  &KeyName,
625  ParentKeyHandle,
626  NULL);
627 
628  Status = NtOpenKey(&ContainerKeyHandle,
631  if (!NT_SUCCESS(Status))
632  {
633  return Status;
634  }
635 
636  /* Open the object key */
638  ObjectName);
639 
641  &KeyName,
643  ContainerKeyHandle,
644  NULL);
645 
646  Status = NtCreateKey(&ObjectKeyHandle,
649  0,
650  NULL,
651  0,
652  NULL);
653 
654  NtClose(ContainerKeyHandle);
655 
656  if (!NT_SUCCESS(Status))
657  {
658  return Status;
659  }
660  }
661  else
662  {
664  ObjectName);
665 
667  &KeyName,
669  ParentKeyHandle,
670  NULL);
671 
672  Status = NtCreateKey(&ObjectKeyHandle,
675  0,
676  NULL,
677  0,
678  NULL);
679  if (!NT_SUCCESS(Status))
680  {
681  return Status;
682  }
683  }
684 
685  NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
686  0,
687  sizeof(LSA_DB_OBJECT));
688  if (NewObject == NULL)
689  {
690  NtClose(ObjectKeyHandle);
691  return STATUS_NO_MEMORY;
692  }
693 
694  NewObject->Signature = LSAP_DB_SIGNATURE;
695  NewObject->RefCount = 1;
696  NewObject->ObjectType = ObjectType;
697  NewObject->Access = DesiredAccess;
698  NewObject->KeyHandle = ObjectKeyHandle;
699  NewObject->ParentObject = ParentObject;
700  NewObject->Trusted = Trusted;
701 
702  if (ParentObject != NULL)
703  ParentObject->RefCount++;
704 
705  *DbObject = NewObject;
706 
707  return STATUS_SUCCESS;
708 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
ObjectType
Definition: metafile.c:80
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
NTSTATUS NTAPI NtCreateKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
Definition: ntapi.c:240
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
LONG NTSTATUS
Definition: precomp.h:26
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:62
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
static HANDLE SecurityKeyHandle
Definition: database.c:15
#define LSAP_DB_SIGNATURE
Definition: lsasrv.h:67
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
#define NULL
Definition: types.h:112
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define STATUS_SUCCESS
Definition: shellext.h:65
_Inout_opt_ PACCESS_STATE _In_opt_ ACCESS_MASK _In_ ULONG _Out_opt_ PVOID * NewObject
Definition: obfuncs.h:71

Referenced by LsarCreateSecret(), LsarpCreateAccount(), and LsarStorePrivateData().

◆ LsapCreateLogonSession()

NTSTATUS NTAPI LsapCreateLogonSession ( IN PLUID  LogonId)

Definition at line 159 of file session.c.

160 {
161  PLSAP_LOGON_SESSION Session;
163 
164  TRACE("LsapCreateLogonSession(%p)\n", LogonId);
165 
166  /* Fail, if a session already exists */
169 
170  /* Allocate a new session entry */
171  Session = RtlAllocateHeap(RtlGetProcessHeap(),
173  sizeof(LSAP_LOGON_SESSION));
174  if (Session == NULL)
176 
177  /* Initialize the session entry */
178  RtlCopyLuid(&Session->LogonId, LogonId);
179 
180  TRACE("LsapCreateLogonSession(<0x%lx,0x%lx>)\n",
181  LogonId->HighPart, LogonId->LowPart);
182 
183  /* Tell ntoskrnl to create a new logon session */
185  if (!NT_SUCCESS(Status))
186  {
187  RtlFreeHeap(RtlGetProcessHeap(), 0, Session);
188  return Status;
189  }
190 
191  /* Insert the new session into the session list */
192  InsertHeadList(&SessionListHead, &Session->Entry);
193  SessionCount++;
194 
195  return STATUS_SUCCESS;
196 }
#define STATUS_LOGON_SESSION_COLLISION
Definition: ntstatus.h:497
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
FORCEINLINE VOID InsertHeadList(_Inout_ PLIST_ENTRY ListHead, _Inout_ __drv_aliasesMem PLIST_ENTRY Entry)
Definition: rtlfuncs.h:201
static PLSAP_LOGON_SESSION LsapGetLogonSession(IN PLUID LogonId)
Definition: session.c:45
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
NTSTATUS LsapRmCreateLogonSession(PLUID LogonId)
Definition: srm.c:245
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
LIST_ENTRY SessionListHead
Definition: session.c:30
#define NULL
Definition: types.h:112
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
#define STATUS_SUCCESS
Definition: shellext.h:65
ULONG SessionCount
Definition: session.c:31
LIST_ENTRY Entry
Definition: session.c:13

Referenced by LsapInitAuthPackages().

◆ LsapCreatePolicySd()

NTSTATUS LsapCreatePolicySd ( PSECURITY_DESCRIPTOR PolicySd,
PULONG  PolicySdSize 
)

Definition at line 14 of file security.c.

16 {
17  SECURITY_DESCRIPTOR AbsoluteSd;
18  PSECURITY_DESCRIPTOR RelativeSd = NULL;
19  ULONG RelativeSdSize = 0;
20  PSID AnonymousSid = NULL;
21  PSID AdministratorsSid = NULL;
22  PSID EveryoneSid = NULL;
26  PACL Dacl = NULL;
29 
30  if (PolicySd == NULL || PolicySdSize == NULL)
32 
33  *PolicySd = NULL;
34  *PolicySdSize = 0;
35 
36  /* Initialize the SD */
37  Status = RtlCreateSecurityDescriptor(&AbsoluteSd,
39  if (!NT_SUCCESS(Status))
40  return Status;
41 
43  1,
45  0,
46  0,
47  0,
48  0,
49  0,
50  0,
51  0,
52  &AnonymousSid);
53  if (!NT_SUCCESS(Status))
54  goto done;
55 
57  2,
60  0,
61  0,
62  0,
63  0,
64  0,
65  0,
66  &AdministratorsSid);
67  if (!NT_SUCCESS(Status))
68  goto done;
69 
71  1,
73  0,
74  0,
75  0,
76  0,
77  0,
78  0,
79  0,
80  &EveryoneSid);
81  if (!NT_SUCCESS(Status))
82  goto done;
83 
85  1,
87  0,
88  0,
89  0,
90  0,
91  0,
92  0,
93  0,
95  if (!NT_SUCCESS(Status))
96  goto done;
97 
99  1,
101  0,
102  0,
103  0,
104  0,
105  0,
106  0,
107  0,
109  if (!NT_SUCCESS(Status))
110  goto done;
111 
113  1,
115  0,
116  0,
117  0,
118  0,
119  0,
120  0,
121  0,
122  &LocalSystemSid);
123  if (!NT_SUCCESS(Status))
124  goto done;
125 
126  /* Allocate and initialize the DACL */
127  DaclSize = sizeof(ACL) +
128  sizeof(ACCESS_DENIED_ACE) - sizeof(ULONG) + RtlLengthSid(AnonymousSid) +
129  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AdministratorsSid) +
130  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(EveryoneSid) +
131  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AnonymousSid) +
134 
135  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
137  DaclSize);
138  if (Dacl == NULL)
139  {
141  goto done;
142  }
143 
145  DaclSize,
146  ACL_REVISION);
147  if (!NT_SUCCESS(Status))
148  goto done;
149 
151  ACL_REVISION,
153  AnonymousSid);
154  if (!NT_SUCCESS(Status))
155  goto done;
156 
158  ACL_REVISION,
160  AdministratorsSid);
161  if (!NT_SUCCESS(Status))
162  goto done;
163 
165  ACL_REVISION,
167  EveryoneSid);
168  if (!NT_SUCCESS(Status))
169  goto done;
170 
172  ACL_REVISION,
174  AnonymousSid);
175  if (!NT_SUCCESS(Status))
176  goto done;
177 
179  ACL_REVISION,
182  if (!NT_SUCCESS(Status))
183  goto done;
184 
186  ACL_REVISION,
189  if (!NT_SUCCESS(Status))
190  goto done;
191 
192  Status = RtlSetDaclSecurityDescriptor(&AbsoluteSd,
193  TRUE,
194  Dacl,
195  FALSE);
196  if (!NT_SUCCESS(Status))
197  goto done;
198 
201  FALSE);
202  if (!NT_SUCCESS(Status))
203  goto done;
204 
206  AdministratorsSid,
207  FALSE);
208  if (!NT_SUCCESS(Status))
209  goto done;
210 
211  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
212  RelativeSd,
213  &RelativeSdSize);
215  goto done;
216 
217  RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(),
219  RelativeSdSize);
220  if (RelativeSd == NULL)
221  {
223  goto done;
224  }
225 
226  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
227  RelativeSd,
228  &RelativeSdSize);
229  if (!NT_SUCCESS(Status))
230  goto done;
231 
232  *PolicySd = RelativeSd;
233  *PolicySdSize = RelativeSdSize;
234 
235 done:
236  if (Dacl != NULL)
237  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
238 
239  if (AnonymousSid != NULL)
240  RtlFreeHeap(RtlGetProcessHeap(), 0, AnonymousSid);
241 
242  if (AdministratorsSid != NULL)
243  RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
244 
245  if (EveryoneSid != NULL)
246  RtlFreeHeap(RtlGetProcessHeap(), 0, EveryoneSid);
247 
248  if (LocalServiceSid != NULL)
249  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalServiceSid);
250 
251  if (NetworkServiceSid != NULL)
252  RtlFreeHeap(RtlGetProcessHeap(), 0, NetworkServiceSid);
253 
254  if (LocalSystemSid != NULL)
255  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
256 
257  if (!NT_SUCCESS(Status))
258  {
259  if (RelativeSd != NULL)
260  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
261  }
262 
263  return Status;
264 }
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:561
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
static ULONG
Definition: security.c:118
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
Definition: sd.c:410
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
#define POLICY_VIEW_LOCAL_INFORMATION
Definition: ntsecapi.h:61
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:15
#define FALSE
Definition: types.h:117
NTSYSAPI NTSTATUS NTAPI RtlAbsoluteToSelfRelativeSD(IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, IN PULONG BufferLength)
Definition: sd.c:626
struct _ACL ACL
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:562
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:18
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
#define POLICY_LOOKUP_NAMES
Definition: ntsecapi.h:72
Status
Definition: gdiplustypes.h:24
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:568
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PSID LocalSystemSid
Definition: globals.c:16
#define SECURITY_WORLD_RID
Definition: setypes.h:528
#define SECURITY_ANONYMOUS_LOGON_RID
Definition: setypes.h:550
PSID LocalServiceSid
Definition: globals.c:16
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:563
#define POLICY_EXECUTE
Definition: ntsecapi.h:76
PSID NetworkServiceSid
Definition: globals.c:16
#define NULL
Definition: types.h:112
#define POLICY_ALL_ACCESS
Definition: ntsecapi.h:77
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1552
#define ACL_REVISION
Definition: setypes.h:39
unsigned int ULONG
Definition: retypes.h:1
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:639
#define POLICY_NOTIFICATION
Definition: ntsecapi.h:73
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)

Referenced by LsapCreateDatabaseObjects().

◆ LsapCreateSecretSd()

NTSTATUS LsapCreateSecretSd ( PSECURITY_DESCRIPTOR SecretSd,
PULONG  SecretSdSize 
)

Definition at line 436 of file security.c.

438 {
439  SECURITY_DESCRIPTOR AbsoluteSd;
440  PSECURITY_DESCRIPTOR RelativeSd = NULL;
441  ULONG RelativeSdSize = 0;
442  PSID AdministratorsSid = NULL;
443  PSID EveryoneSid = NULL;
445  PACL Dacl = NULL;
446  ULONG DaclSize;
448 
449  if (SecretSd == NULL || SecretSdSize == NULL)
451 
452  *SecretSd = NULL;
453  *SecretSdSize = 0;
454 
455  /* Initialize the SD */
456  Status = RtlCreateSecurityDescriptor(&AbsoluteSd,
458  if (!NT_SUCCESS(Status))
459  return Status;
460 
462  2,
465  0,
466  0,
467  0,
468  0,
469  0,
470  0,
471  &AdministratorsSid);
472  if (!NT_SUCCESS(Status))
473  goto done;
474 
476  1,
478  0,
479  0,
480  0,
481  0,
482  0,
483  0,
484  0,
485  &EveryoneSid);
486  if (!NT_SUCCESS(Status))
487  goto done;
488 
490  1,
492  0,
493  0,
494  0,
495  0,
496  0,
497  0,
498  0,
499  &LocalSystemSid);
500  if (!NT_SUCCESS(Status))
501  goto done;
502 
503  /* Allocate and initialize the DACL */
504  DaclSize = sizeof(ACL) +
505  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(AdministratorsSid) +
506  sizeof(ACCESS_ALLOWED_ACE) - sizeof(ULONG) + RtlLengthSid(EveryoneSid);
507 
508  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
510  DaclSize);
511  if (Dacl == NULL)
512  {
514  goto done;
515  }
516 
518  DaclSize,
519  ACL_REVISION);
520  if (!NT_SUCCESS(Status))
521  goto done;
522 
524  ACL_REVISION,
526  AdministratorsSid);
527  if (!NT_SUCCESS(Status))
528  goto done;
529 
531  ACL_REVISION,
533  EveryoneSid);
534  if (!NT_SUCCESS(Status))
535  goto done;
536 
537  Status = RtlSetDaclSecurityDescriptor(&AbsoluteSd,
538  TRUE,
539  Dacl,
540  FALSE);
541  if (!NT_SUCCESS(Status))
542  goto done;
543 
546  FALSE);
547  if (!NT_SUCCESS(Status))
548  goto done;
549 
551  AdministratorsSid,
552  FALSE);
553  if (!NT_SUCCESS(Status))
554  goto done;
555 
556  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
557  RelativeSd,
558  &RelativeSdSize);
560  goto done;
561 
562  RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(),
564  RelativeSdSize);
565  if (RelativeSd == NULL)
566  {
568  goto done;
569  }
570 
571  Status = RtlAbsoluteToSelfRelativeSD(&AbsoluteSd,
572  RelativeSd,
573  &RelativeSdSize);
574  if (!NT_SUCCESS(Status))
575  goto done;
576 
577  *SecretSd = RelativeSd;
578  *SecretSdSize = RelativeSdSize;
579 
580 done:
581  if (Dacl != NULL)
582  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
583 
584  if (AdministratorsSid != NULL)
585  RtlFreeHeap(RtlGetProcessHeap(), 0, AdministratorsSid);
586 
587  if (EveryoneSid != NULL)
588  RtlFreeHeap(RtlGetProcessHeap(), 0, EveryoneSid);
589 
590  if (LocalSystemSid != NULL)
591  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSystemSid);
592 
593  if (!NT_SUCCESS(Status))
594  {
595  if (RelativeSd != NULL)
596  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
597  }
598 
599  return Status;
600 }
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:561
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
static ULONG
Definition: security.c:118
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
Definition: sd.c:410
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:15
#define FALSE
Definition: types.h:117
NTSYSAPI NTSTATUS NTAPI RtlAbsoluteToSelfRelativeSD(IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, IN PULONG BufferLength)
Definition: sd.c:626
struct _ACL ACL
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:18
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
#define SECRET_ALL_ACCESS
Definition: ntlsa.h:41
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:568
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PSID LocalSystemSid
Definition: globals.c:16
#define SECURITY_WORLD_RID
Definition: setypes.h:528
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1552
#define ACL_REVISION
Definition: setypes.h:39
unsigned int ULONG
Definition: retypes.h:1
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:639
#define SECRET_EXECUTE
Definition: ntlsa.h:44

Referenced by LsarCreateSecret().

◆ LsapDeleteCredential()

NTSTATUS NTAPI LsapDeleteCredential ( _In_ PLUID  LogonId,
_In_ ULONG  AuthenticationPackage,
_In_ PLSA_STRING  PrimaryKeyValue 
)

Definition at line 288 of file session.c.

292 {
293 
294  return STATUS_SUCCESS;
295 }
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapInitAuthPackages().

◆ LsapDeleteDbObject()

NTSTATUS LsapDeleteDbObject ( IN PLSA_DB_OBJECT  DbObject)

Definition at line 901 of file database.c.

902 {
903  PLSA_DB_OBJECT ParentObject = NULL;
904  WCHAR KeyName[64];
905  ULONG Index;
907 
908  DbObject->RefCount--;
909 
910  if (DbObject->RefCount > 0)
911  return STATUS_SUCCESS;
912 
913  if (DbObject->KeyHandle != NULL)
914  {
915  Index = 0;
916 
917  while (TRUE)
918  {
919  Status = LsapRegEnumerateSubKey(DbObject->KeyHandle,
920  Index,
921  sizeof(KeyName),
922  KeyName);
923  if (!NT_SUCCESS(Status))
924  break;
925 
926  TRACE("Index: %lu\n", Index);
927  TRACE("Key name: %S\n", KeyName);
928 
929  Status = LsapRegDeleteSubKey(DbObject->KeyHandle,
930  KeyName);
931  if (!NT_SUCCESS(Status))
932  break;
933  }
934 
937 
938  LsapRegDeleteKey(DbObject->KeyHandle);
939 
940  NtClose(DbObject->KeyHandle);
941  }
942 
943  if (DbObject->ParentObject != NULL)
944  ParentObject = DbObject->ParentObject;
945 
946  RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
947 
948  if (ParentObject != NULL)
949  {
950  ParentObject->RefCount--;
951 
952  if (ParentObject->RefCount == 0)
953  Status = LsapCloseDbObject(ParentObject);
954  }
955 
956  return Status;
957 }
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
#define STATUS_NO_MORE_ENTRIES
Definition: ntstatus.h:205
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
struct _LSA_DB_OBJECT * ParentObject
Definition: lsasrv.h:64
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
NTSTATUS LsapRegDeleteKey(IN HANDLE KeyHandle)
Definition: registry.c:89
NTSTATUS LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
Definition: database.c:870
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
Status
Definition: gdiplustypes.h:24
#define TRACE(s)
Definition: solgame.cpp:4
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ WDFCOLLECTION _In_ ULONG Index
ULONG RefCount
Definition: lsasrv.h:60
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
#define NULL
Definition: types.h:112
unsigned int ULONG
Definition: retypes.h:1
#define STATUS_SUCCESS
Definition: shellext.h:65
NTSTATUS LsapRegEnumerateSubKey(IN HANDLE KeyHandle, IN ULONG Index, IN ULONG Length, OUT LPWSTR Buffer)
Definition: registry.c:96

Referenced by LsarDeleteObject(), and LsarStorePrivateData().

◆ LsapDeleteLogonSession()

NTSTATUS NTAPI LsapDeleteLogonSession ( IN PLUID  LogonId)

Definition at line 201 of file session.c.

202 {
203  PLSAP_LOGON_SESSION Session;
205 
206  TRACE("LsapDeleteLogonSession(%p)\n", LogonId);
207 
208  /* Fail, if the session does not exist */
209  Session = LsapGetLogonSession(LogonId);
210  if (Session == NULL)
212 
213  TRACE("LsapDeleteLogonSession(0x%08lx%08lx)\n",
214  LogonId->HighPart, LogonId->LowPart);
215 
216  /* Tell ntoskrnl to delete the logon session */
218  if (!NT_SUCCESS(Status))
219  return Status;
220 
221  /* Notify the authentication packages */
223 
224  /* Remove the session entry from the list */
225  RemoveEntryList(&Session->Entry);
226  SessionCount--;
227 
228  /* Free the session data */
229  if (Session->Sid != NULL)
230  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->Sid);
231 
232  if (Session->UserName.Buffer != NULL)
233  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->UserName.Buffer);
234 
235  if (Session->LogonDomain.Buffer != NULL)
236  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->LogonDomain.Buffer);
237 
238  if (Session->AuthenticationPackage.Buffer != NULL)
239  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->AuthenticationPackage.Buffer);
240 
241  if (Session->LogonServer.Buffer != NULL)
242  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->LogonServer.Buffer);
243 
244  if (Session->DnsDomainName.Buffer != NULL)
245  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->DnsDomainName.Buffer);
246 
247  if (Session->Upn.Buffer != NULL)
248  RtlFreeHeap(RtlGetProcessHeap(), 0, Session->Upn.Buffer);
249 
250  /* Free the session entry */
251  RtlFreeHeap(RtlGetProcessHeap(), 0, Session);
252 
253  return STATUS_SUCCESS;
254 }
#define STATUS_NO_SUCH_LOGON_SESSION
Definition: ntstatus.h:331
static PLSAP_LOGON_SESSION LsapGetLogonSession(IN PLUID LogonId)
Definition: session.c:45
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
UNICODE_STRING UserName
Definition: session.c:19
UNICODE_STRING LogonServer
Definition: session.c:22
UNICODE_STRING LogonDomain
Definition: session.c:20
UNICODE_STRING AuthenticationPackage
Definition: session.c:21
FORCEINLINE BOOLEAN RemoveEntryList(_In_ PLIST_ENTRY Entry)
Definition: rtlfuncs.h:105
NTSTATUS LsapRmDeleteLogonSession(PLUID LogonId)
Definition: srm.c:285
Status
Definition: gdiplustypes.h:24
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
UNICODE_STRING DnsDomainName
Definition: session.c:23
UNICODE_STRING Upn
Definition: session.c:24
#define NULL
Definition: types.h:112
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
#define STATUS_SUCCESS
Definition: shellext.h:65
ULONG SessionCount
Definition: session.c:31
LIST_ENTRY Entry
Definition: session.c:13
VOID LsapTerminateLogon(_In_ PLUID LogonId)
Definition: authpackage.c:545

Referenced by LsapInitAuthPackages(), and LsapLogonUser().

◆ LsapDeleteObjectAttribute()

NTSTATUS LsapDeleteObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName 
)

Definition at line 1082 of file database.c.

1084 {
1085  return LsapRegDeleteSubKey(DbObject->KeyHandle,
1086  AttributeName);
1087 }
NTSTATUS LsapRegDeleteSubKey(IN HANDLE ParentKeyHandle, IN LPCWSTR KeyName)
Definition: registry.c:59
HANDLE KeyHandle
Definition: lsasrv.h:62

Referenced by LsarRemovePrivilegesFromAccount().

◆ LsapEnumLogonSessions()

NTSTATUS LsapEnumLogonSessions ( IN OUT PLSA_API_MSG  RequestMsg)

Definition at line 299 of file session.c.

300 {
303  PLIST_ENTRY SessionEntry;
304  PLSAP_LOGON_SESSION CurrentSession;
305  PLUID SessionList;
306  ULONG i, Length;
307  SIZE_T MemSize;
308  PVOID ClientBaseAddress = NULL;
310 
311  TRACE("LsapEnumLogonSessions(%p)\n", RequestMsg);
312 
313  Length = SessionCount * sizeof(LUID);
314  SessionList = RtlAllocateHeap(RtlGetProcessHeap(),
316  Length);
317  if (SessionList == NULL)
319 
320  i = 0;
321  SessionEntry = SessionListHead.Flink;
322  while (SessionEntry != &SessionListHead)
323  {
324  CurrentSession = CONTAINING_RECORD(SessionEntry,
326  Entry);
327 
328  RtlCopyLuid(&SessionList[i],
329  &CurrentSession->LogonId);
330 
331  SessionEntry = SessionEntry->Flink;
332  i++;
333  }
334 
336  NULL,
337  0,
338  NULL,
339  NULL);
340 
344  &RequestMsg->h.ClientId);
345  if (!NT_SUCCESS(Status))
346  {
347  TRACE("NtOpenProcess() failed (Status %lx)\n", Status);
348  goto done;
349  }
350 
351  TRACE("Length: %lu\n", Length);
352 
353  MemSize = Length;
355  &ClientBaseAddress,
356  0,
357  &MemSize,
358  MEM_COMMIT,
360  if (!NT_SUCCESS(Status))
361  {
362  TRACE("NtAllocateVirtualMemory() failed (Status %lx)\n", Status);
363  goto done;
364  }
365 
366  TRACE("MemSize: %lu\n", MemSize);
367  TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
368 
370  ClientBaseAddress,
371  SessionList,
372  Length,
373  NULL);
374  if (!NT_SUCCESS(Status))
375  {
376  TRACE("NtWriteVirtualMemory() failed (Status %lx)\n", Status);
377  goto done;
378  }
379 
380  RequestMsg->EnumLogonSessions.Reply.LogonSessionCount = SessionCount;
381  RequestMsg->EnumLogonSessions.Reply.LogonSessionBuffer = ClientBaseAddress;
382 
383 done:
384  if (ProcessHandle != NULL)
386 
387  if (SessionList != NULL)
388  RtlFreeHeap(RtlGetProcessHeap(), 0, SessionList);
389 
390  return Status;
391 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define MEM_COMMIT
Definition: nt_native.h:1313
NTSTATUS NTAPI NtOpenProcess(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId)
Definition: process.c:1440
struct _LUID LUID
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
#define TRACE(s)
Definition: solgame.cpp:4
#define PROCESS_VM_WRITE
Definition: pstypes.h:162
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
LIST_ENTRY SessionListHead
Definition: session.c:30
Definition: typedefs.h:119
ULONG_PTR SIZE_T
Definition: typedefs.h:80
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
Definition: virtual.c:4481
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
#define PROCESS_VM_READ
Definition: pstypes.h:161
unsigned int ULONG
Definition: retypes.h:1
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define PROCESS_VM_OPERATION
Definition: pstypes.h:160
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
NTSTATUS NTAPI NtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN SIZE_T NumberOfBytesToWrite, OUT PSIZE_T NumberOfBytesWritten OPTIONAL)
Definition: virtual.c:2919
ULONG SessionCount
Definition: session.c:31
base of all file and directory entries
Definition: entries.h:82
#define PAGE_READWRITE
Definition: nt_native.h:1304

Referenced by AuthPortThreadRoutine().

◆ LsapGetCredentials()

NTSTATUS NTAPI LsapGetCredentials ( _In_ PLUID  LogonId,
_In_ ULONG  AuthenticationPackage,
_Inout_ PULONG  QueryContext,
_In_ BOOLEAN  RetrieveAllCredentials,
_Inout_ PLSA_STRING  PrimaryKeyValue,
_Out_ PULONG  PrimaryKeyLength,
_Out_ PLSA_STRING  Credentials 
)

Definition at line 272 of file session.c.

280 {
281 
282  return STATUS_SUCCESS;
283 }
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapInitAuthPackages().

◆ LsapGetLogonSessionData()

NTSTATUS LsapGetLogonSessionData ( IN OUT PLSA_API_MSG  RequestMsg)

Definition at line 395 of file session.c.

396 {
399  PLSAP_LOGON_SESSION Session;
400  PSECURITY_LOGON_SESSION_DATA LocalSessionData;
401  PVOID ClientBaseAddress = NULL;
402  ULONG TotalLength, SidLength = 0;
403  SIZE_T MemSize;
404  PUCHAR Ptr;
406 
407  TRACE("LsapGetLogonSessionData(%p)\n", RequestMsg);
408 
409  TRACE("LogonId: %lx\n", RequestMsg->GetLogonSessionData.Request.LogonId.LowPart);
410  Session = LsapGetLogonSession(&RequestMsg->GetLogonSessionData.Request.LogonId);
411  if (Session == NULL)
413 
414  /* Calculate the required buffer size */
416  Session->UserName.MaximumLength +
417  Session->LogonDomain.MaximumLength +
419  Session->LogonServer.MaximumLength +
420  Session->DnsDomainName.MaximumLength +
421  Session->Upn.MaximumLength;
422  if (Session->Sid != NULL)
423  {
424  SidLength = RtlLengthSid(Session->Sid);
425  TotalLength += SidLength;
426  }
427  TRACE("TotalLength: %lu\n", TotalLength);
428 
429  /* Allocate the buffer */
430  LocalSessionData = RtlAllocateHeap(RtlGetProcessHeap(),
432  TotalLength);
433  if (LocalSessionData == NULL)
435 
436  Ptr = (PUCHAR)((ULONG_PTR)LocalSessionData + sizeof(SECURITY_LOGON_SESSION_DATA));
437  TRACE("LocalSessionData: %p Ptr: %p\n", LocalSessionData, Ptr);
438 
439  LocalSessionData->Size = sizeof(SECURITY_LOGON_SESSION_DATA);
440 
441  /* Copy the LogonId */
442  RtlCopyLuid(&LocalSessionData->LogonId,
443  &RequestMsg->GetLogonSessionData.Request.LogonId);
444 
445  /* Copy the UserName string */
446  LocalSessionData->UserName.Length = Session->UserName.Length;
447  LocalSessionData->UserName.MaximumLength = Session->UserName.MaximumLength;
448  if (Session->UserName.MaximumLength != 0)
449  {
450  RtlCopyMemory(Ptr, Session->UserName.Buffer, Session->UserName.MaximumLength);
451  LocalSessionData->UserName.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
452 
453  Ptr = (PUCHAR)((ULONG_PTR)Ptr + Session->UserName.MaximumLength);
454  }
455 
456  /* Copy the LogonDomain string */
457  LocalSessionData->LogonDomain.Length = Session->LogonDomain.Length;
458  LocalSessionData->LogonDomain.MaximumLength = Session->LogonDomain.MaximumLength;
459  if (Session->LogonDomain.MaximumLength != 0)
460  {
462  LocalSessionData->LogonDomain.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
463 
464  Ptr = (PUCHAR)((ULONG_PTR)Ptr + Session->LogonDomain.MaximumLength);
465  }
466 
467  /* Copy the AuthenticationPackage string */
468  LocalSessionData->AuthenticationPackage.Length = Session->AuthenticationPackage.Length;
469  LocalSessionData->AuthenticationPackage.MaximumLength = Session->AuthenticationPackage.MaximumLength;
470  if (Session->AuthenticationPackage.MaximumLength != 0)
471  {
473  LocalSessionData->AuthenticationPackage.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
474 
476  }
477 
478  LocalSessionData->LogonType = Session->LogonType;
479  LocalSessionData->Session = 0;
480 
481  /* Sid */
482  if (Session->Sid != NULL)
483  {
484  RtlCopyMemory(Ptr, Session->Sid, SidLength);
485  LocalSessionData->Sid = (PSID)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
486 
487  Ptr = (PUCHAR)((ULONG_PTR)Ptr + SidLength);
488  }
489 
490  /* LogonTime */
491  LocalSessionData->LogonTime.QuadPart = Session->LogonTime.QuadPart;
492 
493  /* Copy the LogonServer string */
494  LocalSessionData->LogonServer.Length = Session->LogonServer.Length;
495  LocalSessionData->LogonServer.MaximumLength = Session->LogonServer.MaximumLength;
496  if (Session->LogonServer.MaximumLength != 0)
497  {
499  LocalSessionData->LogonServer.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
500 
501  Ptr = (PUCHAR)((ULONG_PTR)Ptr + Session->LogonServer.MaximumLength);
502  }
503 
504  /* Copy the DnsDomainName string */
505  LocalSessionData->DnsDomainName.Length = Session->DnsDomainName.Length;
506  LocalSessionData->DnsDomainName.MaximumLength = Session->DnsDomainName.MaximumLength;
507  if (Session->DnsDomainName.MaximumLength != 0)
508  {
510  LocalSessionData->DnsDomainName.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
511 
513  }
514 
515  /* Copy the Upn string */
516  LocalSessionData->Upn.Length = Session->Upn.Length;
517  LocalSessionData->Upn.MaximumLength = Session->Upn.MaximumLength;
518  if (Session->Upn.MaximumLength != 0)
519  {
520  RtlCopyMemory(Ptr, Session->Upn.Buffer, Session->Upn.MaximumLength);
521  LocalSessionData->Upn.Buffer = (PWSTR)((ULONG_PTR)Ptr - (ULONG_PTR)LocalSessionData);
522 
523  Ptr = (PUCHAR)((ULONG_PTR)Ptr + Session->Upn.MaximumLength);
524  }
525 
527  NULL,
528  0,
529  NULL,
530  NULL);
531 
535  &RequestMsg->h.ClientId);
536  if (!NT_SUCCESS(Status))
537  {
538  TRACE("NtOpenProcess() failed (Status %lx)\n", Status);
539  goto done;
540  }
541 
542  MemSize = TotalLength;
544  &ClientBaseAddress,
545  0,
546  &MemSize,
547  MEM_COMMIT,
549  if (!NT_SUCCESS(Status))
550  {
551  TRACE("NtAllocateVirtualMemory() failed (Status %lx)\n", Status);
552  goto done;
553  }
554 
555  TRACE("MemSize: %lu\n", MemSize);
556  TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
557 
559  ClientBaseAddress,
560  LocalSessionData,
561  TotalLength,
562  NULL);
563  if (!NT_SUCCESS(Status))
564  {
565  TRACE("NtWriteVirtualMemory() failed (Status %lx)\n", Status);
566  goto done;
567  }
568 
569  RequestMsg->GetLogonSessionData.Reply.SessionDataBuffer = ClientBaseAddress;
570 
571 done:
572  if (ProcessHandle != NULL)
574 
575  if (LocalSessionData != NULL)
576  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSessionData);
577 
578  return Status;
579 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
USHORT MaximumLength
Definition: env_spec_w32.h:370
struct _SECURITY_LOGON_SESSION_DATA SECURITY_LOGON_SESSION_DATA
#define STATUS_NO_SUCH_LOGON_SESSION
Definition: ntstatus.h:331
uint16_t * PWSTR
Definition: typedefs.h:56
static PLSAP_LOGON_SESSION LsapGetLogonSession(IN PLUID LogonId)
Definition: session.c:45
unsigned char * PUCHAR
Definition: retypes.h:3
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
UNICODE_STRING UserName
Definition: session.c:19
UNICODE_STRING LogonServer
Definition: session.c:22
if(dx==0 &&dy==0)
Definition: linetemp.h:174
_In_ ULONG TotalLength
Definition: usbdlib.h:158
#define MEM_COMMIT
Definition: nt_native.h:1313
UNICODE_STRING LogonDomain
Definition: session.c:20
NTSTATUS NTAPI NtOpenProcess(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId)
Definition: process.c:1440
UNICODE_STRING AuthenticationPackage
Definition: session.c:21
uint32_t ULONG_PTR
Definition: typedefs.h:65
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
#define TRACE(s)
Definition: solgame.cpp:4
#define PROCESS_VM_WRITE
Definition: pstypes.h:162
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
UNICODE_STRING DnsDomainName
Definition: session.c:23
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
struct _SID * PSID
Definition: eventlog.c:35
UNICODE_STRING Upn
Definition: session.c:24
ULONG_PTR SIZE_T
Definition: typedefs.h:80
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
Definition: virtual.c:4481
USHORT MaximumLength
Definition: ntsecapi.h:164
LARGE_INTEGER LogonTime
Definition: session.c:17
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
#define PROCESS_VM_READ
Definition: pstypes.h:161
unsigned int ULONG
Definition: retypes.h:1
#define ULONG_PTR
Definition: config.h:101
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define PROCESS_VM_OPERATION
Definition: pstypes.h:160
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
NTSTATUS NTAPI NtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN SIZE_T NumberOfBytesToWrite, OUT PSIZE_T NumberOfBytesWritten OPTIONAL)
Definition: virtual.c:2919
LSA_UNICODE_STRING UserName
Definition: ntsecapi.h:306
LONGLONG QuadPart
Definition: typedefs.h:114
#define PAGE_READWRITE
Definition: nt_native.h:1304

Referenced by AuthPortThreadRoutine().

◆ LsapGetObjectAttribute()

NTSTATUS LsapGetObjectAttribute ( PLSA_DB_OBJECT  DbObject,
LPWSTR  AttributeName,
LPVOID  AttributeData,
PULONG  AttributeSize 
)

Definition at line 1012 of file database.c.

1016 {
1019  HANDLE AttributeKey;
1020  ULONG ValueSize;
1021  NTSTATUS Status;
1022 
1024  AttributeName);
1025 
1027  &KeyName,
1029  DbObject->KeyHandle,
1030  NULL);
1031 
1032  Status = NtOpenKey(&AttributeKey,
1034  &ObjectAttributes);
1035  if (!NT_SUCCESS(Status))
1036  {
1037  return Status;
1038  }
1039 
1040  ValueSize = *AttributeSize;
1041  Status = RtlpNtQueryValueKey(AttributeKey,
1042  NULL,
1043  NULL,
1044  &ValueSize,
1045  0);
1047  {
1048  goto Done;
1049  }
1050 
1051  if (AttributeData == NULL || *AttributeSize == 0)
1052  {
1053  *AttributeSize = ValueSize;
1055  goto Done;
1056  }
1057  else if (*AttributeSize < ValueSize)
1058  {
1059  *AttributeSize = ValueSize;
1061  goto Done;
1062  }
1063 
1064  Status = RtlpNtQueryValueKey(AttributeKey,
1065  NULL,
1066  AttributeData,
1067  &ValueSize,
1068  0);
1069  if (NT_SUCCESS(Status))
1070  {
1071  *AttributeSize = ValueSize;
1072  }
1073 
1074 Done:
1075  NtClose(AttributeKey);
1076 
1077  return Status;
1078 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
LONG NTSTATUS
Definition: precomp.h:26
HANDLE KeyHandle
Definition: lsasrv.h:62
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2697
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
NTSTATUS NTAPI RtlpNtQueryValueKey(IN HANDLE KeyHandle, OUT PULONG Type OPTIONAL, OUT PVOID Data OPTIONAL, IN OUT PULONG DataLength OPTIONAL, IN ULONG Unused)
Definition: registry.c:933
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:66
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
#define NULL
Definition: types.h:112
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
unsigned int ULONG
Definition: retypes.h:1
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapGetDomainInfo(), LsarAddAccountRights(), LsarAddPrivilegesToAccount(), LsarEnumeratePrivilegesAccount(), LsarGetQuotasForAccount(), LsarGetSystemAccessAccount(), LsarQueryAccountDomain(), LsarQueryAuditEvents(), LsarQueryAuditFull(), LsarQueryAuditLog(), LsarQueryDefaultQuota(), LsarQueryDnsDomain(), LsarQueryModification(), LsarQueryPrimaryDomain(), LsarQuerySecret(), LsarQuerySecurityObject(), LsarQueryServerRole(), LsarRemoveAccountRights(), LsarRemovePrivilegesFromAccount(), LsarRetrievePrivateData(), LsarSetAuditFull(), LsarSetQuotasForAccount(), and LsarSetSecurityObject().

◆ LsapGetRelativeIdFromSid()

ULONG LsapGetRelativeIdFromSid ( PSID  Sid)

Definition at line 1038 of file lookup.c.

1039 {
1040  PISID Sid = Sid_;
1041 
1042  if (Sid->SubAuthorityCount != 0)
1043  return Sid->SubAuthority[Sid->SubAuthorityCount - 1];
1044 
1045  return 0;
1046 }
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
DWORD SubAuthority[*]
Definition: ms-dtyp.idl:202
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200

Referenced by LsapLookupAccountDomainSids(), LsapLookupBuiltinDomainSids(), LsarLookupNames(), and LsarLookupNames2().

◆ LsapGetResourceStringLengthEx()

INT LsapGetResourceStringLengthEx ( _In_ HINSTANCE  hInstance,
_In_ UINT  uId,
_In_ USHORT  usLanguage 
)

Definition at line 64 of file utils.c.

68 {
69  HGLOBAL hmem;
70  HRSRC hrsrc;
71  WCHAR *p;
72  UINT i, string_num;
73 
74  /* Use loword (incremented by 1) as resourceid */
75 // hrsrc = FindResourceExW(hInstance,
76 // MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
77 // (LPWSTR)RT_STRING,
78 // usLanguage);
79  hrsrc = FindResourceW(hInstance,
80  MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
81  (LPWSTR)RT_STRING);
82  if (!hrsrc)
83  return 0;
84 
85  hmem = LoadResource(hInstance, hrsrc);
86  if (!hmem)
87  return 0;
88 
89  p = LockResource(hmem);
90  string_num = uId & 0x000f;
91  for (i = 0; i < string_num; i++)
92  p += *p + 1;
93 
94  return *p + 1;
95 }
LPVOID WINAPI LockResource(HGLOBAL handle)
Definition: res.c:550
HRSRC WINAPI FindResourceW(HINSTANCE hModule, LPCWSTR name, LPCWSTR type)
Definition: res.c:176
HINSTANCE hInstance
Definition: charmap.c:20
HGLOBAL WINAPI LoadResource(HINSTANCE hModule, HRSRC hRsrc)
Definition: res.c:532
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define RT_STRING
Definition: pedump.c:368
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
unsigned int UINT
Definition: ndis.h:50
#define MAKEINTRESOURCEW(i)
Definition: winuser.h:582
GLfloat GLfloat p
Definition: glext.h:8902
WCHAR * LPWSTR
Definition: xmlstorage.h:184
#define LOWORD(l)
Definition: pedump.c:82

Referenced by LsarpLookupPrivilegeDisplayName().

◆ LsapInitAuthPackages()

NTSTATUS LsapInitAuthPackages ( VOID  )

Definition at line 474 of file authpackage.c.

475 {
476  RTL_QUERY_REGISTRY_TABLE AuthPackageTable[] = {
477  {LsapAddAuthPackage, 0, L"Authentication Packages", NULL, REG_NONE, NULL, 0},
478  {NULL, 0, NULL, NULL, REG_NONE, NULL, 0}};
479 
481 
483  PackageId = 0;
484 
485  /* Initialize the dispatch table */
486  DispatchTable.CreateLogonSession = &LsapCreateLogonSession;
487  DispatchTable.DeleteLogonSession = &LsapDeleteLogonSession;
488  DispatchTable.AddCredential = &LsapAddCredential;
489  DispatchTable.GetCredentials = &LsapGetCredentials;
490  DispatchTable.DeleteCredential = &LsapDeleteCredential;
491  DispatchTable.AllocateLsaHeap = &LsapAllocateHeapZero;
492  DispatchTable.FreeLsaHeap = &LsapFreeHeap;
493  DispatchTable.AllocateClientBuffer = &LsapAllocateClientBuffer;
494  DispatchTable.FreeClientBuffer = &LsapFreeClientBuffer;
495  DispatchTable.CopyToClientBuffer = &LsapCopyToClientBuffer;
496  DispatchTable.CopyFromClientBuffer = &LsapCopyFromClientBuffer;
497 
498  /* Add registered authentication packages */
500  L"Lsa",
501  AuthPackageTable,
502  &PackageId,
503  NULL);
504 
505  return Status;
506 }
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
NTSTATUS NTAPI LsapCreateLogonSession(IN PLUID LogonId)
Definition: session.c:159
LONG NTSTATUS
Definition: precomp.h:26
static NTSTATUS NTAPI LsapFreeClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ClientBaseAddress)
Definition: authpackage.c:414
NTSTATUS NTAPI LsapDeleteLogonSession(IN PLUID LogonId)
Definition: session.c:201
static NTSTATUS NTAPI LsapAddAuthPackage(IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
Definition: authpackage.c:177
#define RTL_REGISTRY_CONTROL
Definition: nt_native.h:163
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
PVOID NTAPI LsapAllocateHeapZero(IN ULONG Length)
Definition: authpackage.c:373
NTSTATUS NTAPI LsapGetCredentials(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _Inout_ PULONG QueryContext, _In_ BOOLEAN RetrieveAllCredentials, _Inout_ PLSA_STRING PrimaryKeyValue, _Out_ PULONG PrimaryKeyLength, _Out_ PLSA_STRING Credentials)
Definition: session.c:272
VOID NTAPI LsapFreeHeap(IN PVOID Base)
Definition: authpackage.c:381
Status
Definition: gdiplustypes.h:24
NTSTATUS NTAPI LsapAddCredential(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue, _In_ PLSA_STRING Credential)
Definition: session.c:259
static NTSTATUS NTAPI LsapCopyFromClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID BufferToCopy, IN PVOID ClientBaseAddress)
Definition: authpackage.c:456
static const WCHAR L[]
Definition: oid.c:1250
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define NULL
Definition: types.h:112
static NTSTATUS NTAPI LsapCopyToClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID ClientBaseAddress, IN PVOID BufferToCopy)
Definition: authpackage.c:436
NTSTATUS NTAPI LsapDeleteCredential(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue)
Definition: session.c:288
#define REG_NONE
Definition: nt_native.h:1492
_In_ PWDFDEVICE_INIT _In_ PWDF_PDO_EVENT_CALLBACKS DispatchTable
Definition: wdfpdo.h:245
static ULONG PackageId
Definition: authpackage.c:163
static NTSTATUS NTAPI LsapAllocateClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG LengthRequired, OUT PVOID *ClientBaseAddress)
Definition: authpackage.c:390

Referenced by LsapInitLsa().

◆ LsapInitDatabase()

NTSTATUS LsapInitDatabase ( VOID  )

Definition at line 539 of file database.c.

540 {
542 
543  TRACE("LsapInitDatabase()\n");
544 
546  if (!NT_SUCCESS(Status))
547  {
548  ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
549  return Status;
550  }
551 
553  {
555  if (!NT_SUCCESS(Status))
556  {
557  ERR("Failed to create the LSA database keys (Status: 0x%08lx)\n", Status);
558  return Status;
559  }
560 
562  if (!NT_SUCCESS(Status))
563  {
564  ERR("Failed to create the LSA database objects (Status: 0x%08lx)\n", Status);
565  return Status;
566  }
567  }
568  else
569  {
571  if (!NT_SUCCESS(Status))
572  {
573  ERR("Failed to update the LSA database (Status: 0x%08lx)\n", Status);
574  return Status;
575  }
576  }
577 
579  if (!NT_SUCCESS(Status))
580  {
581  ERR("Failed to get the domain information (Status: 0x%08lx)\n", Status);
582  return Status;
583  }
584 
585  TRACE("LsapInitDatabase() done\n");
586 
587  return STATUS_SUCCESS;
588 }
static BOOLEAN LsapIsDatabaseInstalled(VOID)
Definition: database.c:57
LONG NTSTATUS
Definition: precomp.h:26
static NTSTATUS LsapOpenServiceKey(VOID)
Definition: database.c:32
static NTSTATUS LsapGetDomainInfo(VOID)
Definition: database.c:407
static NTSTATUS LsapCreateDatabaseObjects(VOID)
Definition: database.c:234
static NTSTATUS LsapUpdateDatabase(VOID)
Definition: database.c:400
Status
Definition: gdiplustypes.h:24
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define ERR(fmt,...)
Definition: debug.h:110
static NTSTATUS LsapCreateDatabaseKeys(VOID)
Definition: database.c:87
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapInitLsa().

◆ LsapInitLogonSessions()

VOID LsapInitLogonSessions ( VOID  )

Definition at line 36 of file session.c.

37 {
39  SessionCount = 0;
40 }
LIST_ENTRY SessionListHead
Definition: session.c:30
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
ULONG SessionCount
Definition: session.c:31

Referenced by LsapInitLsa().

◆ LsapInitNotificationList()

VOID LsapInitNotificationList ( VOID  )

Definition at line 28 of file notify.c.

29 {
32 }
static RTL_RESOURCE NotificationListLock
Definition: notify.c:22
static LIST_ENTRY NotificationListHead
Definition: notify.c:21
NTSYSAPI VOID NTAPI RtlInitializeResource(_In_ PRTL_RESOURCE Resource)
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944

Referenced by LsapInitLsa().

◆ LsapInitSids()

NTSTATUS LsapInitSids ( VOID  )

Definition at line 182 of file lookup.c.

183 {
184  WCHAR szAccountName[80];
185  WCHAR szDomainName[80];
186  ULONG SubAuthorities[8];
188 
190 
191  hInstance = GetModuleHandleW(L"lsasrv.dll");
192 
193  /* NT Authority */
194  LsapLoadString(hInstance, IDS_NT_AUTHORITY, szAccountName, ARRAYSIZE(szAccountName));
195  LsapLoadString(hInstance, IDS_NT_AUTHORITY, szDomainName, ARRAYSIZE(szDomainName));
197  0,
198  NULL,
199  szAccountName,
200  szDomainName,
202  NULL);
203 
204  /* Null Sid */
205  LsapLoadString(hInstance, IDS_NULL_RID, szAccountName, ARRAYSIZE(szAccountName));
206 
207  SubAuthorities[0] = SECURITY_NULL_RID;
209  1,
210  SubAuthorities,
211  szAccountName,
212  L"",
214  NULL);
215 
216  /* World Sid */
217  LsapLoadString(hInstance, IDS_WORLD_RID, szAccountName, ARRAYSIZE(szAccountName));
218 
219  SubAuthorities[0] = SECURITY_WORLD_RID;
221  1,
222  SubAuthorities,
223  szAccountName,
224  L"",
226  &LsapWorldSid);
227 
228  /* Local Sid */
229  LsapLoadString(hInstance, IDS_LOCAL_RID, szAccountName, ARRAYSIZE(szAccountName));
230 
231  SubAuthorities[0] = SECURITY_LOCAL_RID;
233  1,
234  SubAuthorities,
235  szAccountName,
236  L"",
238  NULL);
239 
240  /* Creator Owner Sid */
241  LsapLoadString(hInstance, IDS_CREATOR_OWNER_RID, szAccountName, ARRAYSIZE(szAccountName));
242 
243  SubAuthorities[0] = SECURITY_CREATOR_OWNER_RID;
245  1,
246  SubAuthorities,
247  szAccountName,
248  L"",
250  NULL);
251 
252  /* Creator Group Sid */
253  LsapLoadString(hInstance, IDS_CREATOR_GROUP_RID, szAccountName, ARRAYSIZE(szAccountName));
254 
255  SubAuthorities[0] = SECURITY_CREATOR_GROUP_RID;
257  1,
258  SubAuthorities,
259  szAccountName,
260  L"",
262  NULL);
263 
264  /* Creator Owner Server Sid */
265  LsapLoadString(hInstance, IDS_CREATOR_OWNER_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
266 
267  SubAuthorities[0] = SECURITY_CREATOR_OWNER_SERVER_RID;
269  1,
270  SubAuthorities,
271  szAccountName,
272  L"",
274  NULL);
275 
276  /* Creator Group Server Sid */
277  LsapLoadString(hInstance, IDS_CREATOR_GROUP_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
278 
279  SubAuthorities[0] = SECURITY_CREATOR_GROUP_SERVER_RID;
281  1,
282  SubAuthorities,
283  szAccountName,
284  L"",
286  NULL);
287 
288  /* Dialup Sid */
289  LsapLoadString(hInstance, IDS_DIALUP_RID, szAccountName, ARRAYSIZE(szAccountName));
290  LsapLoadString(hInstance, IDS_NT_AUTHORITY, szDomainName, ARRAYSIZE(szDomainName));
291 
292  SubAuthorities[0] = SECURITY_DIALUP_RID;
294  1,
295  SubAuthorities,
296  szAccountName,
297  szDomainName,
299  NULL);
300 
301  /* Network Sid */
302  LsapLoadString(hInstance, IDS_NETWORK_RID, szAccountName, ARRAYSIZE(szAccountName));
303 
304  SubAuthorities[0] = SECURITY_NETWORK_RID;
306  1,
307  SubAuthorities,
308  szAccountName,
309  szDomainName,
311  &LsapNetworkSid);
312 
313  /* Batch Sid*/
314  LsapLoadString(hInstance, IDS_BATCH_RID, szAccountName, ARRAYSIZE(szAccountName));
315 
316  SubAuthorities[0] = SECURITY_BATCH_RID;
318  1,
319  SubAuthorities,
320  szAccountName,
321  szDomainName,
323  &LsapBatchSid);
324 
325  /* Interactive Sid */
326  LsapLoadString(hInstance, IDS_INTERACTIVE_RID, szAccountName, ARRAYSIZE(szAccountName));
327 
328  SubAuthorities[0] = SECURITY_INTERACTIVE_RID;
330  1,
331  SubAuthorities,
332  szAccountName,
333  szDomainName,
336 
337  /* Service Sid */
338  LsapLoadString(hInstance, IDS_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
339 
340  SubAuthorities[0] = SECURITY_SERVICE_RID;
342  1,
343  SubAuthorities,
344  szAccountName,
345  szDomainName,
347  &LsapServiceSid);
348 
349  /* Anonymous Logon Sid */
350  LsapLoadString(hInstance, IDS_ANONYMOUS_LOGON_RID, szAccountName, ARRAYSIZE(szAccountName));
351 
352  SubAuthorities[0] = SECURITY_ANONYMOUS_LOGON_RID;
354  1,
355  SubAuthorities,
356  szAccountName,
357  szDomainName,
359  NULL);
360 
361  /* Proxy Sid */
362  LsapLoadString(hInstance, IDS_PROXY_RID, szAccountName, ARRAYSIZE(szAccountName));
363 
364  SubAuthorities[0] = SECURITY_PROXY_RID;
366  1,
367  SubAuthorities,
368  szAccountName,
369  szDomainName,
371  NULL);
372 
373  /* Enterprise Controllers Sid */
374  LsapLoadString(hInstance, IDS_ENTERPRISE_CONTROLLERS_RID, szAccountName, ARRAYSIZE(szAccountName));
375 
376  SubAuthorities[0] = SECURITY_ENTERPRISE_CONTROLLERS_RID;
378  1,
379  SubAuthorities,
380  szAccountName,
381  szDomainName,
383  NULL);
384 
385  /* Principal Self Sid */
386  LsapLoadString(hInstance, IDS_PRINCIPAL_SELF_RID, szAccountName, ARRAYSIZE(szAccountName));
387 
388  SubAuthorities[0] = SECURITY_PRINCIPAL_SELF_RID;
390  1,
391  SubAuthorities,
392  szAccountName,
393  szDomainName,
395  NULL);
396 
397  /* Authenticated Users Sid */
398  LsapLoadString(hInstance, IDS_AUTHENTICATED_USER_RID, szAccountName, ARRAYSIZE(szAccountName));
399 
400  SubAuthorities[0] = SECURITY_AUTHENTICATED_USER_RID;
402  1,
403  SubAuthorities,
404  szAccountName,
405  szDomainName,
407  NULL);
408 
409  /* Restricted Code Sid */
410  LsapLoadString(hInstance, IDS_RESTRICTED_CODE_RID, szAccountName, ARRAYSIZE(szAccountName));
411 
412  SubAuthorities[0] = SECURITY_RESTRICTED_CODE_RID;
414  1,
415  SubAuthorities,
416  szAccountName,
417  szDomainName,
419  NULL);
420 
421  /* Terminal Server Sid */
422  LsapLoadString(hInstance, IDS_TERMINAL_SERVER_RID, szAccountName, ARRAYSIZE(szAccountName));
423 
424  SubAuthorities[0] = SECURITY_TERMINAL_SERVER_RID;
426  1,
427  SubAuthorities,
428  szAccountName,
429  szDomainName,
431  NULL);
432 
433  /* Remote Logon Sid */
434  LsapLoadString(hInstance, IDS_REMOTE_LOGON_RID, szAccountName, ARRAYSIZE(szAccountName));
435 
436  SubAuthorities[0] = SECURITY_REMOTE_LOGON_RID;
438  1,
439  SubAuthorities,
440  szAccountName,
441  szDomainName,
443  NULL);
444 
445  /* This Organization Sid */
446  LsapLoadString(hInstance, IDS_THIS_ORGANIZATION_RID, szAccountName, ARRAYSIZE(szAccountName));
447 
448  SubAuthorities[0] = SECURITY_THIS_ORGANIZATION_RID;
450  1,
451  SubAuthorities,
452  szAccountName,
453  szDomainName,
455  NULL);
456 
457  /* Local System Sid */
458  LsapLoadString(hInstance, IDS_LOCAL_SYSTEM_RID, szAccountName, ARRAYSIZE(szAccountName));
459 
460  SubAuthorities[0] = SECURITY_LOCAL_SYSTEM_RID;
462  1,
463  SubAuthorities,
464  szAccountName,
465  szDomainName,
468 
469  /* Local Service Sid */
470  LsapLoadString(hInstance, IDS_LOCAL_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
471 
472  SubAuthorities[0] = SECURITY_LOCAL_SERVICE_RID;
474  1,
475  SubAuthorities,
476  szAccountName,
477  szDomainName,
479  NULL);
480 
482  1,
483  SubAuthorities,
484  L"LOCALSERVICE",
485  L"NT AUTHORITY",
487  NULL);
488 
489  /* Network Service Sid */
490  LsapLoadString(hInstance, IDS_NETWORK_SERVICE_RID, szAccountName, ARRAYSIZE(szAccountName));
491 
492  SubAuthorities[0] = SECURITY_NETWORK_SERVICE_RID;
494  1,
495  SubAuthorities,
496  szAccountName,
497  szDomainName,
499  NULL);
500 
502  1,
503  SubAuthorities,
504  L"NETWORKSERVICE",
505  L"NT AUTHORITY",
507  NULL);
508 
509  /* Builtin Domain Sid */
510  LsapLoadString(hInstance, IDS_BUILTIN_DOMAIN_RID, szAccountName, ARRAYSIZE(szAccountName));
511  LsapLoadString(hInstance, IDS_BUILTIN_DOMAIN_RID, szDomainName, ARRAYSIZE(szDomainName));
512 
513  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
515  1,
516  SubAuthorities,
517  szAccountName,
518  szDomainName,
520  NULL);
521 
522  /* Administrators Alias Sid */
523  LsapLoadString(hInstance, IDS_ALIAS_RID_ADMINS, szAccountName, ARRAYSIZE(szAccountName));
524 
525  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
526  SubAuthorities[1] = DOMAIN_ALIAS_RID_ADMINS;
528  2,
529  SubAuthorities,
530  szAccountName,
531  szDomainName,
532  SidTypeAlias,
534 
535  /* Users Alias Sid */
536  LsapLoadString(hInstance, IDS_ALIAS_RID_USERS, szAccountName, ARRAYSIZE(szAccountName));
537 
538  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
539  SubAuthorities[1] = DOMAIN_ALIAS_RID_USERS;
541  2,
542  SubAuthorities,
543  szAccountName,
544  szDomainName,
545  SidTypeAlias,
546  NULL);
547 
548  /* Guests Alias Sid */
549  LsapLoadString(hInstance, IDS_ALIAS_RID_GUESTS, szAccountName, ARRAYSIZE(szAccountName));
550 
551  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
552  SubAuthorities[1] = DOMAIN_ALIAS_RID_GUESTS;
554  2,
555  SubAuthorities,
556  szAccountName,
557  szDomainName,
558  SidTypeAlias,
559  NULL);
560 
561  /* Power User Alias Sid */
562  LsapLoadString(hInstance, IDS_ALIAS_RID_POWER_USERS, szAccountName, ARRAYSIZE(szAccountName));
563 
564  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
565  SubAuthorities[1] = DOMAIN_ALIAS_RID_POWER_USERS;
567  2,
568  SubAuthorities,
569  szAccountName,
570  szDomainName,
571  SidTypeAlias,
572  NULL);
573 
574  /* Account Operators Alias Sid */
575  LsapLoadString(hInstance, IDS_ALIAS_RID_ACCOUNT_OPS, szAccountName, ARRAYSIZE(szAccountName));
576 
577  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
578  SubAuthorities[1] = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
580  2,
581  SubAuthorities,
582  szAccountName,
583  szDomainName,
584  SidTypeAlias,
585  NULL);
586 
587  /* System Operators Alias Sid */
588  LsapLoadString(hInstance, IDS_ALIAS_RID_SYSTEM_OPS, szAccountName, ARRAYSIZE(szAccountName));
589 
590  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
591  SubAuthorities[1] = DOMAIN_ALIAS_RID_SYSTEM_OPS;
593  2,
594  SubAuthorities,
595  szAccountName,
596  szDomainName,
597  SidTypeAlias,
598  NULL);
599 
600  /* Print Operators Alias Sid */
601  LsapLoadString(hInstance, IDS_ALIAS_RID_PRINT_OPS, szAccountName, ARRAYSIZE(szAccountName));
602 
603  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
604  SubAuthorities[1] = DOMAIN_ALIAS_RID_PRINT_OPS;
606  2,
607  SubAuthorities,
608  szAccountName,
609  szDomainName,
610  SidTypeAlias,
611  NULL);
612 
613  /* Backup Operators Alias Sid */
614  LsapLoadString(hInstance, IDS_ALIAS_RID_BACKUP_OPS, szAccountName, ARRAYSIZE(szAccountName));
615 
616  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
617  SubAuthorities[1] = DOMAIN_ALIAS_RID_BACKUP_OPS;
619  2,
620  SubAuthorities,
621  szAccountName,
622  szDomainName,
623  SidTypeAlias,
624  NULL);
625 
626  /* Replicators Alias Sid */
627  LsapLoadString(hInstance, IDS_ALIAS_RID_REPLICATOR, szAccountName, ARRAYSIZE(szAccountName));
628 
629  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
630  SubAuthorities[1] = DOMAIN_ALIAS_RID_REPLICATOR;
632  2,
633  SubAuthorities,
634  szAccountName,
635  szDomainName,
636  SidTypeAlias,
637  NULL);
638 
639  /* RAS Servers Alias Sid */
640  LsapLoadString(hInstance, IDS_ALIAS_RID_RAS_SERVERS, szAccountName, ARRAYSIZE(szAccountName));
641 
642  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
643  SubAuthorities[1] = DOMAIN_ALIAS_RID_RAS_SERVERS;
645  2,
646  SubAuthorities,
647  szAccountName,
648  szDomainName,
649  SidTypeAlias,
650  NULL);
651 
652  /* Pre-Windows 2000 Compatible Access Alias Sid */
653  LsapLoadString(hInstance, IDS_ALIAS_RID_PREW2KCOMPACCESS, szAccountName, ARRAYSIZE(szAccountName));
654 
655  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
656  SubAuthorities[1] = DOMAIN_ALIAS_RID_PREW2KCOMPACCESS;
658  2,
659  SubAuthorities,
660  szAccountName,
661  szDomainName,
662  SidTypeAlias,
663  NULL);
664 
665  /* Remote Desktop Users Alias Sid */
666  LsapLoadString(hInstance, IDS_ALIAS_RID_REMOTE_DESKTOP_USERS, szAccountName, ARRAYSIZE(szAccountName));
667 
668  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
669  SubAuthorities[1] = DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS;
671  2,
672  SubAuthorities,
673  szAccountName,
674  szDomainName,
675  SidTypeAlias,
676  NULL);
677 
678  /* Network Configuration Operators Alias Sid */
680 
681  SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
682  SubAuthorities[1] = DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS;
684  2,
685  SubAuthorities,
686  szAccountName,
687  szDomainName,
688  SidTypeAlias,
689  NULL);
690 
691  /* FIXME: Add more well known sids */
692 
693  return STATUS_SUCCESS;
694 }
#define IDS_PRINCIPAL_SELF_RID
Definition: resources.h:28
#define SECURITY_BATCH_RID
Definition: setypes.h:545
SID_IDENTIFIER_AUTHORITY LocalSidAuthority
Definition: database.c:19
#define IDS_ALIAS_RID_USERS
Definition: resources.h:39
#define IDS_ALIAS_RID_RAS_SERVERS
Definition: resources.h:47
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:555
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:561
INT LsapLoadString(HINSTANCE hInstance, UINT uId, LPWSTR lpBuffer, INT nBufferMax)
Definition: utils.c:17
#define IDS_ALIAS_RID_GUESTS
Definition: resources.h:40
#define DOMAIN_ALIAS_RID_GUESTS
Definition: setypes.h:641
#define SECURITY_THIS_ORGANIZATION_RID
Definition: setypes.h:559
#define IDS_BATCH_RID
Definition: resources.h:22
#define SECURITY_TERMINAL_SERVER_RID
Definition: setypes.h:557
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS
Definition: setypes.h:644
#define SECURITY_DIALUP_RID
Definition: setypes.h:543
#define SECURITY_NETWORK_RID
Definition: setypes.h:544
#define IDS_ALIAS_RID_REPLICATOR
Definition: resources.h:46
#define IDS_CREATOR_OWNER_SERVER_RID
Definition: resources.h:18
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
#define IDS_NULL_RID
Definition: resources.h:13
#define IDS_NETWORK_SERVICE_RID
Definition: resources.h:36
#define IDS_ALIAS_RID_ACCOUNT_OPS
Definition: resources.h:42
#define DOMAIN_ALIAS_RID_POWER_USERS
Definition: setypes.h:642
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:546
#define IDS_ALIAS_RID_BACKUP_OPS
Definition: resources.h:45
SID_IDENTIFIER_AUTHORITY CreatorSidAuthority
Definition: database.c:20
#define IDS_RESTRICTED_CODE_RID
Definition: resources.h:30
#define IDS_AUTHENTICATED_USER_RID
Definition: resources.h:29
PSID LsapWorldSid
Definition: lookup.c:78
#define SECURITY_PRINCIPAL_SELF_RID
Definition: setypes.h:554
HINSTANCE hInstance
Definition: charmap.c:20
#define IDS_TERMINAL_SERVER_RID
Definition: resources.h:31
#define IDS_CREATOR_GROUP_SERVER_RID
Definition: resources.h:19
#define IDS_DIALUP_RID
Definition: resources.h:20
#define IDS_REMOTE_LOGON_RID
Definition: resources.h:32
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:562
PSID LsapBatchSid
Definition: lookup.c:80
SID_IDENTIFIER_AUTHORITY WorldSidAuthority
Definition: database.c:18
#define SECURITY_CREATOR_GROUP_SERVER_RID
Definition: setypes.h:535
#define SECURITY_ENTERPRISE_CONTROLLERS_RID
Definition: setypes.h:552
PSID LsapAdministratorsSid
Definition: lookup.c:84
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:568
#define IDS_ALIAS_RID_NETWORK_CONFIGURATION_OPS
Definition: resources.h:50
PSID LsapInteractiveSid
Definition: lookup.c:81
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define DOMAIN_ALIAS_RID_BACKUP_OPS
Definition: setypes.h:647
#define IDS_ALIAS_RID_POWER_USERS
Definition: resources.h:41
#define IDS_NT_AUTHORITY
Definition: resources.h:11
#define IDS_LOCAL_SYSTEM_RID
Definition: resources.h:34
#define DOMAIN_ALIAS_RID_SYSTEM_OPS
Definition: setypes.h:645
#define SECURITY_LOCAL_RID
Definition: setypes.h:529
#define IDS_ALIAS_RID_REMOTE_DESKTOP_USERS
Definition: resources.h:49
#define IDS_ENTERPRISE_CONTROLLERS_RID
Definition: resources.h:27
#define SECURITY_WORLD_RID
Definition: setypes.h:528
#define SECURITY_PROXY_RID
Definition: setypes.h:551
#define SECURITY_ANONYMOUS_LOGON_RID
Definition: setypes.h:550
BOOLEAN LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, UCHAR SubAuthorityCount, PULONG SubAuthorities, PWSTR AccountName, PWSTR DomainName, SID_NAME_USE Use, PSID *SidPtr)
Definition: lookup.c:90
#define SECURITY_CREATOR_OWNER_RID
Definition: setypes.h:532
#define SECURITY_NULL_RID
Definition: setypes.h:527
#define IDS_INTERACTIVE_RID
Definition: resources.h:23
PSID LsapServiceSid
Definition: lookup.c:82
static const WCHAR L[]
Definition: oid.c:1250
#define IDS_LOCAL_SERVICE_RID
Definition: resources.h:35
#define IDS_PROXY_RID
Definition: resources.h:26
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:563
#define SECURITY_CREATOR_GROUP_RID
Definition: setypes.h:533
PSID LsapNetworkSid
Definition: lookup.c:79
#define IDS_LOCAL_RID
Definition: resources.h:15
#define SECURITY_REMOTE_LOGON_RID
Definition: setypes.h:558
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:640
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define DOMAIN_ALIAS_RID_REPLICATOR
Definition: setypes.h:649
#define SECURITY_RESTRICTED_CODE_RID
Definition: setypes.h:556
#define IDS_NETWORK_RID
Definition: resources.h:21
#define NULL
Definition: types.h:112
LIST_ENTRY WellKnownSidListHead
Definition: lookup.c:77
#define SECURITY_CREATOR_OWNER_SERVER_RID
Definition: setypes.h:534
#define DOMAIN_ALIAS_RID_PRINT_OPS
Definition: setypes.h:646
#define IDS_SERVICE_RID
Definition: resources.h:24
#define SECURITY_SERVICE_RID
Definition: setypes.h:549
#define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS
Definition: setypes.h:651
unsigned int ULONG
Definition: retypes.h:1
HMODULE WINAPI GetModuleHandleW(LPCWSTR lpModuleName)
Definition: loader.c:838
#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS
Definition: setypes.h:653
SID_IDENTIFIER_AUTHORITY NullSidAuthority
Definition: database.c:17
#define STATUS_SUCCESS
Definition: shellext.h:65
#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS
Definition: setypes.h:652
#define IDS_WORLD_RID
Definition: resources.h:14
#define IDS_ALIAS_RID_ADMINS
Definition: resources.h:38
#define IDS_THIS_ORGANIZATION_RID
Definition: resources.h:33
#define IDS_CREATOR_GROUP_RID
Definition: resources.h:17
#define DOMAIN_ALIAS_RID_RAS_SERVERS
Definition: setypes.h:650
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:639
#define IDS_CREATOR_OWNER_RID
Definition: resources.h:16
#define IDS_ANONYMOUS_LOGON_RID
Definition: resources.h:25
#define IDS_ALIAS_RID_PRINT_OPS
Definition: resources.h:44
#define IDS_ALIAS_RID_PREW2KCOMPACCESS
Definition: resources.h:48
#define IDS_ALIAS_RID_SYSTEM_OPS
Definition: resources.h:43
#define IDS_BUILTIN_DOMAIN_RID
Definition: resources.h:37
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:21
PSID LsapLocalSystemSid
Definition: lookup.c:83

Referenced by LsapInitLsa().

◆ LsapLoadString()

INT LsapLoadString ( HINSTANCE  hInstance,
UINT  uId,
LPWSTR  lpBuffer,
INT  nBufferMax 
)

Definition at line 17 of file utils.c.

21 {
22  HGLOBAL hmem;
23  HRSRC hrsrc;
24  WCHAR *p;
25  int string_num;
26  int i;
27 
28  /* Use loword (incremented by 1) as resourceid */
29  hrsrc = FindResourceW(hInstance,
30  MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
31  (LPWSTR)RT_STRING);
32  if (!hrsrc)
33  return 0;
34 
35  hmem = LoadResource(hInstance, hrsrc);
36  if (!hmem)
37  return 0;
38 
39  p = LockResource(hmem);
40  string_num = uId & 0x000f;
41  for (i = 0; i < string_num; i++)
42  p += *p + 1;
43 
44  i = min(nBufferMax - 1, *p);
45  if (i > 0)
46  {
47  memcpy(lpBuffer, p + 1, i * sizeof(WCHAR));
48  lpBuffer[i] = 0;
49  }
50  else
51  {
52  if (nBufferMax > 1)
53  {
54  lpBuffer[0] = 0;
55  return 0;
56  }
57  }
58 
59  return i;
60 }
LPVOID WINAPI LockResource(HGLOBAL handle)
Definition: res.c:550
HRSRC WINAPI FindResourceW(HINSTANCE hModule, LPCWSTR name, LPCWSTR type)
Definition: res.c:176
HINSTANCE hInstance
Definition: charmap.c:20
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
Definition: db.cpp:175
HGLOBAL WINAPI LoadResource(HINSTANCE hModule, HRSRC hRsrc)
Definition: res.c:532
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
#define RT_STRING
Definition: pedump.c:368
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define min(a, b)
Definition: monoChain.cc:55
#define MAKEINTRESOURCEW(i)
Definition: winuser.h:582
GLfloat GLfloat p
Definition: glext.h:8902
WCHAR * LPWSTR
Definition: xmlstorage.h:184
#define LOWORD(l)
Definition: pedump.c:82

Referenced by LsapInitSids().

◆ LsapLoadStringEx()

INT LsapLoadStringEx ( _In_ HINSTANCE  hInstance,
_In_ UINT  uId,
_In_ USHORT  usLanguage,
_Out_ LPWSTR  lpBuffer,
_Out_ INT  nBufferMax 
)

Definition at line 99 of file utils.c.

105 {
106  HGLOBAL hmem;
107  HRSRC hrsrc;
108  WCHAR *p;
109  int string_num;
110  int i;
111 
112  /* Use loword (incremented by 1) as resourceid */
113 // hrsrc = FindResourceExW(hInstance,
114 // MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
115 // (LPWSTR)RT_STRING,
116 // usLanguage);
117  hrsrc = FindResourceW(hInstance,
118  MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
119  (LPWSTR)RT_STRING);
120  if (!hrsrc)
121  return 0;
122 
123  hmem = LoadResource(hInstance, hrsrc);
124  if (!hmem)
125  return 0;
126 
127  p = LockResource(hmem);
128  string_num = uId & 0x000f;
129  for (i = 0; i < string_num; i++)
130  p += *p + 1;
131 
132  i = min(nBufferMax - 1, *p);
133  if (i > 0)
134  {
135  memcpy(lpBuffer, p + 1, i * sizeof(WCHAR));
136  lpBuffer[i] = 0;
137  }
138  else
139  {
140  if (nBufferMax > 1)
141  {
142  lpBuffer[0] = 0;
143  return 0;
144  }
145  }
146 
147  return i;
148 }
LPVOID WINAPI LockResource(HGLOBAL handle)
Definition: res.c:550
HRSRC WINAPI FindResourceW(HINSTANCE hModule, LPCWSTR name, LPCWSTR type)
Definition: res.c:176
HINSTANCE hInstance
Definition: charmap.c:20
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
Definition: db.cpp:175
HGLOBAL WINAPI LoadResource(HINSTANCE hModule, HRSRC hRsrc)
Definition: res.c:532
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
#define RT_STRING
Definition: pedump.c:368
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define min(a, b)
Definition: monoChain.cc:55
#define MAKEINTRESOURCEW(i)
Definition: winuser.h:582
GLfloat GLfloat p
Definition: glext.h:8902
WCHAR * LPWSTR
Definition: xmlstorage.h:184
#define LOWORD(l)
Definition: pedump.c:82

Referenced by LsarpLookupPrivilegeDisplayName().

◆ LsapLogonUser()

NTSTATUS LsapLogonUser ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 1394 of file authpackage.c.

1396 {
1397  PAUTH_PACKAGE Package;
1400  LSA_TOKEN_INFORMATION_TYPE TokenInformationType;
1401  PVOID TokenInformation = NULL;
1402  PLSA_TOKEN_INFORMATION_NULL TokenInfo0 = NULL;
1403  PLSA_TOKEN_INFORMATION_V1 TokenInfo1 = NULL;
1404  PUNICODE_STRING AccountName = NULL;
1405  PUNICODE_STRING AuthenticatingAuthority = NULL;
1407  PVOID LocalAuthInfo = NULL;
1410  ULONG i;
1411  ULONG PackageId;
1413  NTSTATUS Status;
1414 
1415  PUNICODE_STRING UserName = NULL;
1416  PUNICODE_STRING LogonDomainName = NULL;
1417 // UNICODE_STRING LogonServer;
1418 
1419 
1420  TRACE("LsapLogonUser(%p %p)\n", RequestMsg, LogonContext);
1421 
1422  PackageId = RequestMsg->LogonUser.Request.AuthenticationPackage;
1423  LogonType = RequestMsg->LogonUser.Request.LogonType;
1424 
1425  /* Get the right authentication package */
1427  if (Package == NULL)
1428  {
1429  ERR("LsapGetAuthenticationPackage() failed to find a package\n");
1430  return STATUS_NO_SUCH_PACKAGE;
1431  }
1432 
1433  if (RequestMsg->LogonUser.Request.AuthenticationInformationLength > 0)
1434  {
1435  /* Allocate the local authentication info buffer */
1436  LocalAuthInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1438  RequestMsg->LogonUser.Request.AuthenticationInformationLength);
1439  if (LocalAuthInfo == NULL)
1440  {
1441  ERR("RtlAllocateHeap() failed\n");
1443  }
1444 
1445  /* Read the authentication info from the callers address space */
1447  RequestMsg->LogonUser.Request.AuthenticationInformation,
1448  LocalAuthInfo,
1449  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1450  NULL);
1451  if (!NT_SUCCESS(Status))
1452  {
1453  ERR("NtReadVirtualMemory() failed (Status 0x%08lx)\n", Status);
1454  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalAuthInfo);
1455  return Status;
1456  }
1457  }
1458 
1459  if (RequestMsg->LogonUser.Request.LocalGroupsCount > 0)
1460  {
1461  Status = LsapCopyLocalGroups(LogonContext,
1462  RequestMsg->LogonUser.Request.LocalGroups,
1463  RequestMsg->LogonUser.Request.LocalGroupsCount,
1464  &LocalGroups);
1465  if (!NT_SUCCESS(Status))
1466  {
1467  ERR("LsapCopyLocalGroups failed (Status 0x%08lx)\n", Status);
1468  goto done;
1469  }
1470 
1471  TRACE("GroupCount: %lu\n", LocalGroups->GroupCount);
1472  }
1473 
1474  if (Package->LsaApLogonUserEx2 != NULL)
1475  {
1476  Status = Package->LsaApLogonUserEx2((PLSA_CLIENT_REQUEST)LogonContext,
1477  RequestMsg->LogonUser.Request.LogonType,
1478  LocalAuthInfo,
1479  RequestMsg->LogonUser.Request.AuthenticationInformation,
1480  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1481  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1482  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1483  &RequestMsg->LogonUser.Reply.LogonId,
1484  &RequestMsg->LogonUser.Reply.SubStatus,
1485  &TokenInformationType,
1486  &TokenInformation,
1487  &AccountName,
1488  &AuthenticatingAuthority,
1489  &MachineName,
1490  NULL, /* FIXME: PSECPKG_PRIMARY_CRED PrimaryCredentials */
1491  NULL); /* FIXME: PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials */
1492  }
1493  else if (Package->LsaApLogonUserEx != NULL)
1494  {
1495  Status = Package->LsaApLogonUserEx((PLSA_CLIENT_REQUEST)LogonContext,
1496  RequestMsg->LogonUser.Request.LogonType,
1497  LocalAuthInfo,
1498  RequestMsg->LogonUser.Request.AuthenticationInformation,
1499  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1500  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1501  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1502  &RequestMsg->LogonUser.Reply.LogonId,
1503  &RequestMsg->LogonUser.Reply.SubStatus,
1504  &TokenInformationType,
1505  &TokenInformation,
1506  &AccountName,
1507  &AuthenticatingAuthority,
1508  &MachineName);
1509  }
1510  else
1511  {
1512  Status = Package->LsaApLogonUser((PLSA_CLIENT_REQUEST)LogonContext,
1513  RequestMsg->LogonUser.Request.LogonType,
1514  LocalAuthInfo,
1515  RequestMsg->LogonUser.Request.AuthenticationInformation,
1516  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1517  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1518  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1519  &RequestMsg->LogonUser.Reply.LogonId,
1520  &RequestMsg->LogonUser.Reply.SubStatus,
1521  &TokenInformationType,
1522  &TokenInformation,
1523  &AccountName,
1524  &AuthenticatingAuthority);
1525  }
1526 
1527  if (!NT_SUCCESS(Status))
1528  {
1529  ERR("LsaApLogonUser/Ex/2 failed (Status 0x%08lx)\n", Status);
1530  goto done;
1531  }
1532 
1533  if (LocalGroups->GroupCount > 0)
1534  {
1535  /* Add local groups to the token information */
1536  Status = LsapAddLocalGroups(TokenInformation,
1537  TokenInformationType,
1538  LocalGroups);
1539  if (!NT_SUCCESS(Status))
1540  {
1541  ERR("LsapAddLocalGroupsToTokenInfo() failed (Status 0x%08lx)\n", Status);
1542  goto done;
1543  }
1544  }
1545 
1546  Status = LsapAddDefaultGroups(TokenInformation,
1547  TokenInformationType,
1548  LogonType);
1549  if (!NT_SUCCESS(Status))
1550  {
1551  ERR("LsapAddDefaultGroups() failed (Status 0x%08lx)\n", Status);
1552  goto done;
1553  }
1554 
1555  Status = LsapAddSamGroups(TokenInformation,
1556  TokenInformationType);
1557  if (!NT_SUCCESS(Status))
1558  {
1559  ERR("LsapAddSamGroups() failed (Status 0x%08lx)\n", Status);
1560  goto done;
1561  }
1562 
1563  Status = LsapSetTokenOwner(TokenInformation,
1564  TokenInformationType);
1565  if (!NT_SUCCESS(Status))
1566  {
1567  ERR("LsapSetTokenOwner() failed (Status 0x%08lx)\n", Status);
1568  goto done;
1569  }
1570 
1571  Status = LsapAddTokenDefaultDacl(TokenInformation,
1572  TokenInformationType);
1573  if (!NT_SUCCESS(Status))
1574  {
1575  ERR("LsapAddTokenDefaultDacl() failed (Status 0x%08lx)\n", Status);
1576  goto done;
1577  }
1578 
1579  Status = LsapSetPrivileges(TokenInformation,
1580  TokenInformationType);
1581  if (!NT_SUCCESS(Status))
1582  {
1583  ERR("LsapSetPrivileges() failed (Status 0x%08lx)\n", Status);
1584  goto done;
1585  }
1586 
1587  if (TokenInformationType == LsaTokenInformationNull)
1588  {
1591  TOKEN_GROUPS NoGroups = {0};
1592  TOKEN_PRIVILEGES NoPrivileges = {0};
1593 
1594  TokenInfo0 = (PLSA_TOKEN_INFORMATION_NULL)TokenInformation;
1595 
1596  TokenUser.User.Sid = LsapWorldSid;
1597  TokenUser.User.Attributes = 0;
1598  TokenPrimaryGroup.PrimaryGroup = LsapWorldSid;
1599 
1600  Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
1603  Qos.EffectiveOnly = TRUE;
1604 
1606  ObjectAttributes.RootDirectory = NULL;
1607  ObjectAttributes.ObjectName = NULL;
1608  ObjectAttributes.Attributes = 0;
1609  ObjectAttributes.SecurityDescriptor = NULL;
1610  ObjectAttributes.SecurityQualityOfService = &Qos;
1611 
1612  /* Create the logon token */
1617  &RequestMsg->LogonUser.Reply.LogonId,
1618  &TokenInfo0->ExpirationTime,
1619  &TokenUser,
1620  &NoGroups,
1621  &NoPrivileges,
1622  NULL,
1624  NULL,
1625  &RequestMsg->LogonUser.Request.SourceContext);
1626  }
1627  else if (TokenInformationType == LsaTokenInformationV1)
1628  {
1629  TOKEN_PRIVILEGES NoPrivileges = {0};
1630 
1631  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1632 
1633  Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
1636  Qos.EffectiveOnly = FALSE;
1637 
1639  ObjectAttributes.RootDirectory = NULL;
1640  ObjectAttributes.ObjectName = NULL;
1641  ObjectAttributes.Attributes = 0;
1642  ObjectAttributes.SecurityDescriptor = NULL;
1643  ObjectAttributes.SecurityQualityOfService = &Qos;
1644 
1645  /* Create the logon token */
1649  (RequestMsg->LogonUser.Request.LogonType == Network) ? TokenImpersonation : TokenPrimary,
1650  &RequestMsg->LogonUser.Reply.LogonId,
1651  &TokenInfo1->ExpirationTime,
1652  &TokenInfo1->User,
1653  TokenInfo1->Groups,
1654  TokenInfo1->Privileges ? TokenInfo1->Privileges : &NoPrivileges,
1655  &TokenInfo1->Owner,
1656  &TokenInfo1->PrimaryGroup,
1657  &TokenInfo1->DefaultDacl,
1658  &RequestMsg->LogonUser.Request.SourceContext);
1659  if (!NT_SUCCESS(Status))
1660  {
1661  ERR("NtCreateToken failed (Status 0x%08lx)\n", Status);
1662  goto done;
1663  }
1664  }
1665  else
1666  {
1667  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
1669  goto done;
1670  }
1671 
1672  if (LogonType == Interactive ||
1673  LogonType == Batch ||
1674  LogonType == Service)
1675  {
1676  UserName = &((PMSV1_0_INTERACTIVE_LOGON)LocalAuthInfo)->UserName;
1677  LogonDomainName = &((PMSV1_0_INTERACTIVE_LOGON)LocalAuthInfo)->LogonDomainName;
1678  }
1679  else
1680  {
1681  FIXME("LogonType %lu is not supported yet!\n", LogonType);
1682  }
1683 
1684  Status = LsapSetLogonSessionData(&RequestMsg->LogonUser.Reply.LogonId,
1685  LogonType,
1686  UserName,
1687  LogonDomainName,
1688  TokenInfo1->User.User.Sid);
1689  if (!NT_SUCCESS(Status))
1690  {
1691  ERR("LsapSetLogonSessionData failed (Status 0x%08lx)\n", Status);
1692  goto done;
1693  }
1694 
1695  /*
1696  * Duplicate the token handle into the client process.
1697  * This must be the last step because we cannot
1698  * close the duplicated token handle in case something fails.
1699  */
1701  TokenHandle,
1702  LogonContext->ClientProcessHandle,
1703  &RequestMsg->LogonUser.Reply.Token,
1704  0,
1705  0,
1707  if (!NT_SUCCESS(Status))
1708  {
1709  ERR("NtDuplicateObject failed (Status 0x%08lx)\n", Status);
1710  goto done;
1711  }
1712 
1713 done:
1714  if (!NT_SUCCESS(Status))
1715  {
1716  /* Notify the authentification package of the failure */
1717  Package->LsaApLogonTerminated(&RequestMsg->LogonUser.Reply.LogonId);
1718 
1719  /* Delete the logon session */
1720  LsapDeleteLogonSession(&RequestMsg->LogonUser.Reply.LogonId);
1721 
1722  /* Release the profile buffer */
1724  RequestMsg->LogonUser.Reply.ProfileBuffer);
1725  RequestMsg->LogonUser.Reply.ProfileBuffer = NULL;
1726  }
1727 
1728  if (TokenHandle != NULL)
1730 
1731  /* Free the local groups */
1732  if (LocalGroups != NULL)
1733  {
1734  for (i = 0; i < LocalGroups->GroupCount; i++)
1735  {
1736  if (LocalGroups->Groups[i].Sid != NULL)
1737  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups->Groups[i].Sid);
1738  }
1739 
1740  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups);
1741  }
1742 
1743  /* Free the local authentication info buffer */
1744  if (LocalAuthInfo != NULL)
1745  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalAuthInfo);
1746 
1747  /* Free the token information */
1748  if (TokenInformation != NULL)
1749  {
1750  if (TokenInformationType == LsaTokenInformationNull)
1751  {
1752  TokenInfo0 = (PLSA_TOKEN_INFORMATION_NULL)TokenInformation;
1753 
1754  if (TokenInfo0 != NULL)
1755  {
1756  if (TokenInfo0->Groups != NULL)
1757  {
1758  for (i = 0; i < TokenInfo0->Groups->GroupCount; i++)
1759  {
1760  if (TokenInfo0->Groups->Groups[i].Sid != NULL)
1761  LsapFreeHeap(TokenInfo0->Groups->Groups[i].Sid);
1762  }
1763 
1764  LsapFreeHeap(TokenInfo0->Groups);
1765  }
1766 
1767  LsapFreeHeap(TokenInfo0);
1768  }
1769  }
1770  else if (TokenInformationType == LsaTokenInformationV1)
1771  {
1772  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1773 
1774  if (TokenInfo1 != NULL)
1775  {
1776  if (TokenInfo1->User.User.Sid != NULL)
1777  LsapFreeHeap(TokenInfo1->User.User.Sid);
1778 
1779  if (TokenInfo1->Groups != NULL)
1780  {
1781  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
1782  {
1783  if (TokenInfo1->Groups->Groups[i].Sid != NULL)
1784  LsapFreeHeap(TokenInfo1->Groups->Groups[i].Sid);
1785  }
1786 
1787  LsapFreeHeap(TokenInfo1->Groups);
1788  }
1789 
1790  if (TokenInfo1->PrimaryGroup.PrimaryGroup != NULL)
1791  LsapFreeHeap(TokenInfo1->PrimaryGroup.PrimaryGroup);
1792 
1793  if (TokenInfo1->Privileges != NULL)
1794  LsapFreeHeap(TokenInfo1->Privileges);
1795 
1796  if (TokenInfo1->Owner.Owner != NULL)
1797  LsapFreeHeap(TokenInfo1->Owner.Owner);
1798 
1799  if (TokenInfo1->DefaultDacl.DefaultDacl != NULL)
1800  LsapFreeHeap(TokenInfo1->DefaultDacl.DefaultDacl);
1801 
1802  LsapFreeHeap(TokenInfo1);
1803  }
1804  }
1805  else
1806  {
1807  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
1808  }
1809  }
1810 
1811  /* Free the account name */
1812  if (AccountName != NULL)
1813  {
1814  if (AccountName->Buffer != NULL)
1815  LsapFreeHeap(AccountName->Buffer);
1816 
1817  LsapFreeHeap(AccountName);
1818  }
1819 
1820  /* Free the authentication authority */
1821  if (AuthenticatingAuthority != NULL)
1822  {
1823  if (AuthenticatingAuthority->Buffer != NULL)
1824  LsapFreeHeap(AuthenticatingAuthority->Buffer);
1825 
1826  LsapFreeHeap(AuthenticatingAuthority);
1827  }
1828 
1829  /* Free the machine name */
1830  if (MachineName != NULL)
1831  {
1832  if (MachineName->Buffer != NULL)
1833  LsapFreeHeap(MachineName->Buffer);
1834 
1836  }
1837 
1838  TRACE("LsapLogonUser done (Status 0x%08lx)\n", Status);
1839 
1840  return Status;
1841 }
LARGE_INTEGER ExpirationTime
Definition: authpackage.c:22
static NTSTATUS LsapAddDefaultGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN SECURITY_LOGON_TYPE LogonType)
Definition: authpackage.c:828
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
PLSA_AP_LOGON_TERMINATED LsaApLogonTerminated
Definition: authpackage.c:102
PLSA_AP_LOGON_USER_EX2 LsaApLogonUserEx2
Definition: authpackage.c:103
#define DUPLICATE_CLOSE_SOURCE
LSA_LOGON_USER_MSG LogonUser
Definition: lsass.h:187
LARGE_INTEGER ExpirationTime
Definition: authpackage.c:28
PLSA_AP_LOGON_USER_INTERNAL LsaApLogonUser
Definition: authpackage.c:105
static NTSTATUS LsapAddSamGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1034
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
NTSTATUS LsapSetLogonSessionData(_In_ PLUID LogonId, _In_ ULONG LogonType, _In_ PUNICODE_STRING UserName, _In_ PUNICODE_STRING LogonDomain, _In_ PSID Sid)
Definition: session.c:67
#define STATUS_NO_SUCH_PACKAGE
Definition: ntstatus.h:490
static NTSTATUS NTAPI LsapFreeClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ClientBaseAddress)
Definition: authpackage.c:414
NTSTATUS NTAPI LsapDeleteLogonSession(IN PLUID LogonId)
Definition: session.c:201
_In_ DWORD _Out_ PDWORD _In_opt_ PCSTR MachineName
Definition: setupapi.h:1291
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS LocalGroups
static NTSTATUS LsapSetTokenOwner(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1169
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
PLSA_AP_LOGON_USER_EX LsaApLogonUserEx
Definition: authpackage.c:104
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
static NTSTATUS LsapCopyLocalGroups(IN PLSAP_LOGON_CONTEXT LogonContext, IN PTOKEN_GROUPS ClientGroups, IN ULONG ClientGroupsCount, OUT PTOKEN_GROUPS *TokenGroups)
Definition: authpackage.c:637
struct _LSA_LOGON_USER_MSG::@3400::@3402 Request
PSID LsapWorldSid
Definition: lookup.c:78
return STATUS_NOT_IMPLEMENTED
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
static NTSTATUS LsapAddLocalGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN PTOKEN_GROUPS LocalGroups)
Definition: authpackage.c:745
#define DUPLICATE_SAME_ACCESS
#define FALSE
Definition: types.h:117
#define FIXME(fmt,...)
Definition: debug.h:111
PSID Owner
Definition: setypes.h:993
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
struct _OBJECT_ATTRIBUTES OBJECT_ATTRIBUTES
#define NtCurrentProcess()
Definition: nt_native.h:1657
VOID NTAPI LsapFreeHeap(IN PVOID Base)
Definition: authpackage.c:381
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
TOKEN_PRIMARY_GROUP PrimaryGroup
Definition: authpackage.c:31
#define TRACE(s)
Definition: solgame.cpp:4
struct _LSA_TOKEN_INFORMATION_NULL * PLSA_TOKEN_INFORMATION_NULL
static NTSTATUS LsapAddTokenDefaultDacl(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1211
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define TOKEN_ALL_ACCESS
Definition: setypes.h:911
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2805
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
#define SECURITY_DYNAMIC_TRACKING
Definition: setypes.h:103
__kernel_entry NTSTATUS NTAPI NtCreateToken(_Out_ PHANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PTOKEN_USER TokenUser, _In_ PTOKEN_GROUPS TokenGroups, _In_ PTOKEN_PRIVILEGES TokenPrivileges, _In_opt_ PTOKEN_OWNER TokenOwner, _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup, _In_opt_ PTOKEN_DEFAULT_DACL TokenDefaultDacl, _In_ PTOKEN_SOURCE TokenSource)
Creates an access token.
Definition: token.c:5224
enum _LSA_TOKEN_INFORMATION_TYPE LSA_TOKEN_INFORMATION_TYPE
#define ERR(fmt,...)
Definition: debug.h:110
PTOKEN_PRIVILEGES Privileges
Definition: authpackage.c:32
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
#define DUPLICATE_SAME_ATTRIBUTES
Definition: obtypes.h:153
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
static NTSTATUS LsapSetPrivileges(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1316
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:983
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
TOKEN_DEFAULT_DACL DefaultDacl
Definition: authpackage.c:34
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
struct _LSA_LOGON_USER_MSG::@3400::@3403 Reply
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
static PAUTH_PACKAGE LsapGetAuthenticationPackage(IN ULONG PackageId)
Definition: authpackage.c:341
$ULONG GroupCount
Definition: setypes.h:979
NTSTATUS NTAPI NtDuplicateObject(IN HANDLE SourceProcessHandle, IN HANDLE SourceHandle, IN HANDLE TargetProcessHandle OPTIONAL, OUT PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options)
Definition: obhandle.c:3406
unsigned int ULONG
Definition: retypes.h:1
SID_AND_ATTRIBUTES User
Definition: setypes.h:975
static ULONG PackageId
Definition: authpackage.c:163

Referenced by AuthPortThreadRoutine().

◆ LsapLookupAccountRightName()

NTSTATUS LsapLookupAccountRightName ( ULONG  RightValue,
PRPC_UNICODE_STRING Name 
)

Definition at line 343 of file privileges.c.

345 {
346  PRPC_UNICODE_STRING NameBuffer;
347  ULONG i;
348 
349  for (i = 0; i < ARRAYSIZE(WellKnownRights); i++)
350  {
351  if (WellKnownRights[i].Flag == RightValue)
352  {
353  NameBuffer = MIDL_user_allocate(sizeof(RPC_UNICODE_STRING));
354  if (NameBuffer == NULL)
355  return STATUS_NO_MEMORY;
356 
357  NameBuffer->Length = (USHORT)wcslen(WellKnownRights[i].Name) * sizeof(WCHAR);
358  NameBuffer->MaximumLength = NameBuffer->Length + sizeof(WCHAR);
359 
360  NameBuffer->Buffer = MIDL_user_allocate(NameBuffer->MaximumLength);
361  if (NameBuffer->Buffer == NULL)
362  {
363  MIDL_user_free(NameBuffer);
365  }
366 
367  wcscpy(NameBuffer->Buffer, WellKnownRights[i].Name);
368 
369  *Name = NameBuffer;
370 
371  return STATUS_SUCCESS;
372  }
373  }
374 
376 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
static const RIGHT_DATA WellKnownRights[]
Definition: privileges.c:62
LPCWSTR Name
Definition: privileges.c:23
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define STATUS_NO_SUCH_PRIVILEGE
Definition: ntstatus.h:332
Definition: xml2sdb.h:79
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
unsigned short Length
Definition: msv1_0.h:22
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
unsigned short USHORT
Definition: pedump.c:61
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
#define NULL
Definition: types.h:112
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
unsigned int ULONG
Definition: retypes.h:1
void *__RPC_USER MIDL_user_allocate(SIZE_T size)
Definition: irotp.c:371
#define STATUS_SUCCESS
Definition: shellext.h:65
void __RPC_USER MIDL_user_free(void *p)
Definition: irotp.c:376
unsigned short MaximumLength
Definition: msv1_0.h:23
wchar_t * Buffer
Definition: msv1_0.h:24

Referenced by LsarEnumerateAccountRights().

◆ LsapLookupAccountRightValue()

ACCESS_MASK LsapLookupAccountRightValue ( IN PRPC_UNICODE_STRING  Name)

Definition at line 380 of file privileges.c.

382 {
383  ULONG i;
384 
385  if (Name->Length == 0 || Name->Buffer == NULL)
386  return 0;
387 
388  for (i = 0; i < ARRAYSIZE(WellKnownRights); i++)
389  {
390  if (_wcsicmp(Name->Buffer, WellKnownRights[