ReactOS  0.4.14-dev-342-gdc047f9
authpackage.c File Reference
#include "lsasrv.h"
#include <ndk/sefuncs.h>
#include <ndk/umfuncs.h>
Include dependency graph for authpackage.c:

Go to the source code of this file.

Classes

struct  _LSA_TOKEN_INFORMATION_NULL
 
struct  _LSA_TOKEN_INFORMATION_V1
 
struct  LSA_DISPATCH_TABLE
 
struct  _AUTH_PACKAGE
 
struct  _SAMPR_SID_INFORMATION
 
struct  _SAMPR_PSID_ARRAY
 

Macros

#define CONST_LUID(x1, x2)   {x1, x2}
 

Typedefs

typedef enum _LSA_TOKEN_INFORMATION_TYPE LSA_TOKEN_INFORMATION_TYPE
 
typedef enum _LSA_TOKEN_INFORMATION_TYPEPLSA_TOKEN_INFORMATION_TYPE
 
typedef struct _LSA_TOKEN_INFORMATION_NULL LSA_TOKEN_INFORMATION_NULL
 
typedef struct _LSA_TOKEN_INFORMATION_NULLPLSA_TOKEN_INFORMATION_NULL
 
typedef struct _LSA_TOKEN_INFORMATION_V1 LSA_TOKEN_INFORMATION_V1
 
typedef struct _LSA_TOKEN_INFORMATION_V1PLSA_TOKEN_INFORMATION_V1
 
typedef PVOID PLSA_CLIENT_REQUEST
 
typedef NTSTATUS(NTAPIPLSA_CREATE_LOGON_SESSION) (PLUID)
 
typedef NTSTATUS(NTAPIPLSA_DELETE_LOGON_SESSION) (PLUID)
 
typedef NTSTATUS(NTAPIPLSA_ADD_CREDENTIAL) (PLUID, ULONG, PLSA_STRING, PLSA_STRING)
 
typedef NTSTATUS(NTAPIPLSA_GET_CREDENTIALS) (PLUID, ULONG, PULONG, BOOLEAN, PLSA_STRING, PULONG, PLSA_STRING)
 
typedef NTSTATUS(NTAPIPLSA_DELETE_CREDENTIAL) (PLUID, ULONG, PLSA_STRING)
 
typedef PVOID(NTAPIPLSA_ALLOCATE_LSA_HEAP) (ULONG)
 
typedef VOID(NTAPIPLSA_FREE_LSA_HEAP) (PVOID)
 
typedef NTSTATUS(NTAPIPLSA_ALLOCATE_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID *)
 
typedef NTSTATUS(NTAPIPLSA_FREE_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, PVOID)
 
typedef NTSTATUS(NTAPIPLSA_COPY_TO_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID, PVOID)
 
typedef NTSTATUS(NTAPIPLSA_COPY_FROM_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID, PVOID)
 
typedef struct LSA_DISPATCH_TABLE LSA_DISPATCH_TABLE
 
typedef struct LSA_DISPATCH_TABLEPLSA_DISPATCH_TABLE
 
typedef NTSTATUS(NTAPIPLSA_AP_INITIALIZE_PACKAGE) (ULONG, PLSA_DISPATCH_TABLE, PLSA_STRING, PLSA_STRING, PLSA_STRING *)
 
typedef NTSTATUS(NTAPIPLSA_AP_CALL_PACKAGE_INTERNAL) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)
 
typedef NTSTATUS(NTAPIPLSA_AP_CALL_PACKAGE_PASSTHROUGH) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)
 
typedef NTSTATUS(NTAPIPLSA_AP_CALL_PACKAGE_UNTRUSTED) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)
 
typedef VOID(NTAPIPLSA_AP_LOGON_TERMINATED) (PLUID)
 
typedef NTSTATUS(NTAPIPLSA_AP_LOGON_USER_EX2) (PLSA_CLIENT_REQUEST, SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS, PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *, PUNICODE_STRING *, PVOID, PVOID)
 
typedef NTSTATUS(NTAPIPLSA_AP_LOGON_USER_EX) (PLSA_CLIENT_REQUEST, SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS, PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *, PUNICODE_STRING *)
 
typedef NTSTATUS(NTAPIPLSA_AP_LOGON_USER_INTERNAL) (PLSA_CLIENT_REQUEST, SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS, PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *)
 
typedef struct _AUTH_PACKAGE AUTH_PACKAGE
 
typedef struct _AUTH_PACKAGEPAUTH_PACKAGE
 
typedef wchar_tPSAMPR_SERVER_NAME
 
typedef voidSAMPR_HANDLE
 
typedef struct _SAMPR_SID_INFORMATION SAMPR_SID_INFORMATION
 
typedef struct _SAMPR_SID_INFORMATIONPSAMPR_SID_INFORMATION
 
typedef struct _SAMPR_PSID_ARRAY SAMPR_PSID_ARRAY
 
typedef struct _SAMPR_PSID_ARRAYPSAMPR_PSID_ARRAY
 

Enumerations

enum  _LSA_TOKEN_INFORMATION_TYPE {
  LsaTokenInformationNull, LsaTokenInformationV1, LsaTokenInformationNull, LsaTokenInformationV1,
  LsaTokenInformationV2
}
 

Functions

VOID NTAPI LsaIFree_LSAPR_PRIVILEGE_SET (IN PLSAPR_PRIVILEGE_SET Ptr)
 
NTSTATUS NTAPI SamIConnect (PSAMPR_SERVER_NAME ServerName, SAMPR_HANDLE *ServerHandle, ACCESS_MASK DesiredAccess, BOOLEAN Trusted)
 
VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY (PSAMPR_ULONG_ARRAY Ptr)
 
NTSTATUS __stdcall SamrCloseHandle (SAMPR_HANDLE *SamHandle)
 
NTSTATUS __stdcall SamrOpenDomain (SAMPR_HANDLE ServerHandle, ACCESS_MASK DesiredAccess, PRPC_SID DomainId, SAMPR_HANDLE *DomainHandle)
 
NTSTATUS __stdcall SamrGetAliasMembership (SAMPR_HANDLE DomainHandle, PSAMPR_PSID_ARRAY SidArray, PSAMPR_ULONG_ARRAY Membership)
 
static NTSTATUS NTAPI LsapAddAuthPackage (IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
 
static PAUTH_PACKAGE LsapGetAuthenticationPackage (IN ULONG PackageId)
 
PVOID NTAPI LsapAllocateHeap (IN ULONG Length)
 
PVOID NTAPI LsapAllocateHeapZero (IN ULONG Length)
 
VOID NTAPI LsapFreeHeap (IN PVOID Base)
 
static NTSTATUS NTAPI LsapAllocateClientBuffer (IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG LengthRequired, OUT PVOID *ClientBaseAddress)
 
static NTSTATUS NTAPI LsapFreeClientBuffer (IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ClientBaseAddress)
 
static NTSTATUS NTAPI LsapCopyToClientBuffer (IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID ClientBaseAddress, IN PVOID BufferToCopy)
 
static NTSTATUS NTAPI LsapCopyFromClientBuffer (IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID BufferToCopy, IN PVOID ClientBaseAddress)
 
NTSTATUS LsapInitAuthPackages (VOID)
 
NTSTATUS LsapLookupAuthenticationPackage (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
NTSTATUS LsapCallAuthenticationPackage (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
static NTSTATUS LsapCopyLocalGroups (IN PLSAP_LOGON_CONTEXT LogonContext, IN PTOKEN_GROUPS ClientGroups, IN ULONG ClientGroupsCount, OUT PTOKEN_GROUPS *TokenGroups)
 
static NTSTATUS LsapAddLocalGroups (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN PTOKEN_GROUPS LocalGroups)
 
static NTSTATUS LsapAddDefaultGroups (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN SECURITY_LOGON_TYPE LogonType)
 
static NTSTATUS LsapAppendSidToGroups (IN PTOKEN_GROUPS *TokenGroups, IN PSID DomainSid, IN ULONG RelativeId)
 
static NTSTATUS LsapAddSamGroups (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
 
static NTSTATUS LsapSetTokenOwner (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
 
static NTSTATUS LsapAddTokenDefaultDacl (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
 
static NTSTATUS LsapAddPrivilegeToTokenPrivileges (PTOKEN_PRIVILEGES *TokenPrivileges, PLSAPR_LUID_AND_ATTRIBUTES Privilege)
 
static NTSTATUS LsapSetPrivileges (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
 
NTSTATUS LsapLogonUser (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 

Variables

static LIST_ENTRY PackageListHead
 
static ULONG PackageId
 
static LSA_DISPATCH_TABLE DispatchTable
 
static const LUID SeChangeNotifyPrivilege = CONST_LUID(SE_CHANGE_NOTIFY_PRIVILEGE, 0)
 
static const LUID SeCreateGlobalPrivilege = CONST_LUID(SE_CREATE_GLOBAL_PRIVILEGE, 0)
 
static const LUID SeImpersonatePrivilege = CONST_LUID(SE_IMPERSONATE_PRIVILEGE, 0)
 

Macro Definition Documentation

◆ CONST_LUID

#define CONST_LUID (   x1,
  x2 
)    {x1, x2}

Definition at line 166 of file authpackage.c.

Typedef Documentation

◆ AUTH_PACKAGE

◆ LSA_DISPATCH_TABLE

◆ LSA_TOKEN_INFORMATION_NULL

◆ LSA_TOKEN_INFORMATION_TYPE

◆ LSA_TOKEN_INFORMATION_V1

◆ PAUTH_PACKAGE

◆ PLSA_ADD_CREDENTIAL

typedef NTSTATUS(NTAPI * PLSA_ADD_CREDENTIAL) (PLUID, ULONG, PLSA_STRING, PLSA_STRING)

Definition at line 41 of file authpackage.c.

◆ PLSA_ALLOCATE_CLIENT_BUFFER

typedef NTSTATUS(NTAPI * PLSA_ALLOCATE_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID *)

Definition at line 46 of file authpackage.c.

◆ PLSA_ALLOCATE_LSA_HEAP

typedef PVOID(NTAPI * PLSA_ALLOCATE_LSA_HEAP) (ULONG)

Definition at line 44 of file authpackage.c.

◆ PLSA_AP_CALL_PACKAGE_INTERNAL

typedef NTSTATUS(NTAPI * PLSA_AP_CALL_PACKAGE_INTERNAL) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)

Definition at line 71 of file authpackage.c.

◆ PLSA_AP_CALL_PACKAGE_PASSTHROUGH

typedef NTSTATUS(NTAPI * PLSA_AP_CALL_PACKAGE_PASSTHROUGH) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)

Definition at line 73 of file authpackage.c.

◆ PLSA_AP_CALL_PACKAGE_UNTRUSTED

typedef NTSTATUS(NTAPI * PLSA_AP_CALL_PACKAGE_UNTRUSTED) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)

Definition at line 75 of file authpackage.c.

◆ PLSA_AP_INITIALIZE_PACKAGE

typedef NTSTATUS(NTAPI * PLSA_AP_INITIALIZE_PACKAGE) (ULONG, PLSA_DISPATCH_TABLE, PLSA_STRING, PLSA_STRING, PLSA_STRING *)

Definition at line 69 of file authpackage.c.

◆ PLSA_AP_LOGON_TERMINATED

typedef VOID(NTAPI * PLSA_AP_LOGON_TERMINATED) (PLUID)

Definition at line 77 of file authpackage.c.

◆ PLSA_AP_LOGON_USER_EX

◆ PLSA_AP_LOGON_USER_EX2

◆ PLSA_AP_LOGON_USER_INTERNAL

◆ PLSA_CLIENT_REQUEST

Definition at line 37 of file authpackage.c.

◆ PLSA_COPY_FROM_CLIENT_BUFFER

typedef NTSTATUS(NTAPI * PLSA_COPY_FROM_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID, PVOID)

Definition at line 50 of file authpackage.c.

◆ PLSA_COPY_TO_CLIENT_BUFFER

typedef NTSTATUS(NTAPI * PLSA_COPY_TO_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID, PVOID)

Definition at line 48 of file authpackage.c.

◆ PLSA_CREATE_LOGON_SESSION

typedef NTSTATUS(NTAPI * PLSA_CREATE_LOGON_SESSION) (PLUID)

Definition at line 39 of file authpackage.c.

◆ PLSA_DELETE_CREDENTIAL

typedef NTSTATUS(NTAPI * PLSA_DELETE_CREDENTIAL) (PLUID, ULONG, PLSA_STRING)

Definition at line 43 of file authpackage.c.

◆ PLSA_DELETE_LOGON_SESSION

typedef NTSTATUS(NTAPI * PLSA_DELETE_LOGON_SESSION) (PLUID)

Definition at line 40 of file authpackage.c.

◆ PLSA_DISPATCH_TABLE

◆ PLSA_FREE_CLIENT_BUFFER

typedef NTSTATUS(NTAPI * PLSA_FREE_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, PVOID)

Definition at line 47 of file authpackage.c.

◆ PLSA_FREE_LSA_HEAP

typedef VOID(NTAPI * PLSA_FREE_LSA_HEAP) (PVOID)

Definition at line 45 of file authpackage.c.

◆ PLSA_GET_CREDENTIALS

typedef NTSTATUS(NTAPI * PLSA_GET_CREDENTIALS) (PLUID, ULONG, PULONG, BOOLEAN, PLSA_STRING, PULONG, PLSA_STRING)

Definition at line 42 of file authpackage.c.

◆ PLSA_TOKEN_INFORMATION_NULL

◆ PLSA_TOKEN_INFORMATION_TYPE

◆ PLSA_TOKEN_INFORMATION_V1

◆ PSAMPR_PSID_ARRAY

◆ PSAMPR_SERVER_NAME

Definition at line 112 of file authpackage.c.

◆ PSAMPR_SID_INFORMATION

◆ SAMPR_HANDLE

typedef void* SAMPR_HANDLE

Definition at line 113 of file authpackage.c.

◆ SAMPR_PSID_ARRAY

◆ SAMPR_SID_INFORMATION

Enumeration Type Documentation

◆ _LSA_TOKEN_INFORMATION_TYPE

Enumerator
LsaTokenInformationNull 
LsaTokenInformationV1 
LsaTokenInformationNull 
LsaTokenInformationV1 
LsaTokenInformationV2 

Definition at line 14 of file authpackage.c.

15 {
enum _LSA_TOKEN_INFORMATION_TYPE * PLSA_TOKEN_INFORMATION_TYPE
enum _LSA_TOKEN_INFORMATION_TYPE LSA_TOKEN_INFORMATION_TYPE

Function Documentation

◆ LsaIFree_LSAPR_PRIVILEGE_SET()

VOID NTAPI LsaIFree_LSAPR_PRIVILEGE_SET ( IN PLSAPR_PRIVILEGE_SET  Ptr)

Definition at line 181 of file lsasrv.c.

182 {
183  if (Ptr != NULL)
184  {
186  }
187 }
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
smooth NULL
Definition: ftsmooth.c:416
void __RPC_USER midl_user_free(void __RPC_FAR *ptr)
Definition: lsasrv.c:346

Referenced by LsapSetPrivileges().

◆ LsapAddAuthPackage()

static NTSTATUS NTAPI LsapAddAuthPackage ( IN PWSTR  ValueName,
IN ULONG  ValueType,
IN PVOID  ValueData,
IN ULONG  ValueLength,
IN PVOID  Context,
IN PVOID  EntryContext 
)
static

Definition at line 177 of file authpackage.c.

183 {
184  PAUTH_PACKAGE Package = NULL;
185  UNICODE_STRING PackageName;
186  STRING ProcName;
187  PULONG Id;
189 
190  TRACE("LsapAddAuthPackage()\n");
191 
192  PackageName.Length = (USHORT)ValueLength - sizeof(WCHAR);
193  PackageName.MaximumLength = (USHORT)ValueLength;
194  PackageName.Buffer = ValueData;
195 
196  Id = (PULONG)Context;
197 
198  Package = RtlAllocateHeap(RtlGetProcessHeap(),
200  sizeof(AUTH_PACKAGE));
201  if (Package == NULL)
203 
205  NULL,
206  &PackageName,
207  &Package->ModuleHandle);
208  if (!NT_SUCCESS(Status))
209  {
210  TRACE("LdrLoadDll failed (Status 0x%08lx)\n", Status);
211  goto done;
212  }
213 
214  RtlInitAnsiString(&ProcName, "LsaApInitializePackage");
216  &ProcName,
217  0,
218  (PVOID *)&Package->LsaApInitializePackage);
219  if (!NT_SUCCESS(Status))
220  {
221  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
222  goto done;
223  }
224 
225  RtlInitAnsiString(&ProcName, "LsaApCallPackage");
227  &ProcName,
228  0,
229  (PVOID *)&Package->LsaApCallPackage);
230  if (!NT_SUCCESS(Status))
231  {
232  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
233  goto done;
234  }
235 
236  RtlInitAnsiString(&ProcName, "LsaApCallPackagePassthrough");
238  &ProcName,
239  0,
240  (PVOID *)&Package->LsaApCallPackagePassthrough);
241  if (!NT_SUCCESS(Status))
242  {
243  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
244  goto done;
245  }
246 
247  RtlInitAnsiString(&ProcName, "LsaApCallPackageUntrusted");
249  &ProcName,
250  0,
251  (PVOID *)&Package->LsaApCallPackageUntrusted);
252  if (!NT_SUCCESS(Status))
253  {
254  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
255  goto done;
256  }
257 
258  RtlInitAnsiString(&ProcName, "LsaApLogonTerminated");
260  &ProcName,
261  0,
262  (PVOID *)&Package->LsaApLogonTerminated);
263  if (!NT_SUCCESS(Status))
264  {
265  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
266  goto done;
267  }
268 
269  RtlInitAnsiString(&ProcName, "LsaApLogonUserEx2");
271  &ProcName,
272  0,
273  (PVOID *)&Package->LsaApLogonUserEx2);
274  if (!NT_SUCCESS(Status))
275  {
276  RtlInitAnsiString(&ProcName, "LsaApLogonUserEx");
278  &ProcName,
279  0,
280  (PVOID *)&Package->LsaApLogonUserEx);
281  if (!NT_SUCCESS(Status))
282  {
283  RtlInitAnsiString(&ProcName, "LsaApLogonUser");
285  &ProcName,
286  0,
287  (PVOID *)&Package->LsaApLogonUser);
288  if (!NT_SUCCESS(Status))
289  {
290  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
291  goto done;
292  }
293  }
294  }
295 
296  /* Initialize the current package */
297  Status = Package->LsaApInitializePackage(*Id,
298  &DispatchTable,
299  NULL,
300  NULL,
301  &Package->Name);
302  if (!NT_SUCCESS(Status))
303  {
304  TRACE("Package->LsaApInitializePackage() failed (Status 0x%08lx)\n", Status);
305  goto done;
306  }
307 
308  TRACE("Package Name: %s\n", Package->Name->Buffer);
309 
310  Package->Id = *Id;
311  (*Id)++;
312 
313  InsertTailList(&PackageListHead, &Package->Entry);
314 
315 done:
316  if (!NT_SUCCESS(Status))
317  {
318  if (Package != NULL)
319  {
320  if (Package->ModuleHandle != NULL)
321  LdrUnloadDll(Package->ModuleHandle);
322 
323  if (Package->Name != NULL)
324  {
325  if (Package->Name->Buffer != NULL)
326  RtlFreeHeap(RtlGetProcessHeap(), 0, Package->Name->Buffer);
327 
328  RtlFreeHeap(RtlGetProcessHeap(), 0, Package->Name);
329  }
330 
331  RtlFreeHeap(RtlGetProcessHeap(), 0, Package);
332  }
333  }
334 
335  return Status;
336 }
PLSA_AP_LOGON_TERMINATED LsaApLogonTerminated
Definition: authpackage.c:102
PLSA_AP_LOGON_USER_EX2 LsaApLogonUserEx2
Definition: authpackage.c:103
PLSA_AP_LOGON_USER_INTERNAL LsaApLogonUser
Definition: authpackage.c:105
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
USHORT MaximumLength
Definition: env_spec_w32.h:370
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define InsertTailList(ListHead, Entry)
PVOID ModuleHandle
Definition: authpackage.c:96
PLSA_AP_LOGON_USER_EX LsaApLogonUserEx
Definition: authpackage.c:104
DWORD Id
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
void * Buffer
Definition: sprintf.c:453
PLSA_AP_CALL_PACKAGE_PASSTHROUGH LsaApCallPackagePassthrough
Definition: authpackage.c:100
NTSTATUS NTAPI LdrGetProcedureAddress(IN PVOID BaseAddress, IN PANSI_STRING Name, IN ULONG Ordinal, OUT PVOID *ProcedureAddress)
Definition: ldrapi.c:823
smooth NULL
Definition: ftsmooth.c:416
LIST_ENTRY Entry
Definition: authpackage.c:93
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
#define TRACE(s)
Definition: solgame.cpp:4
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PLSA_AP_CALL_PACKAGE_UNTRUSTED LsaApCallPackageUntrusted
Definition: authpackage.c:101
_In_ GUID _In_ PVOID ValueData
Definition: hubbusif.h:311
std::wstring STRING
Definition: fontsub.cpp:33
_In_ GUID _In_ PVOID _In_ ULONG ValueLength
Definition: hubbusif.h:311
NTSTATUS NTAPI DECLSPEC_HOTPATCH LdrLoadDll(IN PWSTR SearchPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *BaseAddress)
Definition: ldrapi.c:310
Status
Definition: gdiplustypes.h:24
NTSTATUS NTAPI LdrUnloadDll(IN PVOID BaseAddress)
Definition: ldrapi.c:1322
PLSA_AP_INITIALIZE_PACKAGE LsaApInitializePackage
Definition: authpackage.c:98
unsigned short USHORT
Definition: pedump.c:61
static LSA_DISPATCH_TABLE DispatchTable
Definition: authpackage.c:164
PLSA_AP_CALL_PACKAGE_INTERNAL LsaApCallPackage
Definition: authpackage.c:99
unsigned int * PULONG
Definition: retypes.h:1
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
return STATUS_SUCCESS
Definition: btrfs.c:2938
PSTRING Name
Definition: authpackage.c:94

Referenced by LsapInitAuthPackages().

◆ LsapAddDefaultGroups()

static NTSTATUS LsapAddDefaultGroups ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType,
IN SECURITY_LOGON_TYPE  LogonType 
)
static

Definition at line 809 of file authpackage.c.

813 {
814  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
816  ULONG i, Length;
817  PSID SrcSid;
818 
819  if (TokenInformationType == LsaTokenInformationV1)
820  {
821  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
822 
823  if (TokenInfo1->Groups != NULL)
824  {
825  Length = sizeof(TOKEN_GROUPS) +
826  (TokenInfo1->Groups->GroupCount + 2 - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
827 
828  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
829  if (Groups == NULL)
830  {
831  ERR("Group buffer allocation failed!\n");
833  }
834 
835  Groups->GroupCount = TokenInfo1->Groups->GroupCount;
836 
837  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
838  {
839  Groups->Groups[i].Sid = TokenInfo1->Groups->Groups[i].Sid;
840  Groups->Groups[i].Attributes = TokenInfo1->Groups->Groups[i].Attributes;
841  }
842 
843  RtlFreeHeap(RtlGetProcessHeap(), 0, TokenInfo1->Groups);
844 
845  TokenInfo1->Groups = Groups;
846 
847  }
848  else
849  {
850  Length = sizeof(TOKEN_GROUPS) +
851  (2 - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
852 
853  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
854  if (Groups == NULL)
855  {
856  ERR("Group buffer allocation failed!\n");
858  }
859 
860  TokenInfo1->Groups = Groups;
861  }
862 
863  /* Append the World SID (aka Everyone) */
865  Groups->Groups[Groups->GroupCount].Sid = RtlAllocateHeap(RtlGetProcessHeap(),
867  Length);
868  if (Groups->Groups[Groups->GroupCount].Sid == NULL)
870 
871  RtlCopyMemory(Groups->Groups[Groups->GroupCount].Sid,
872  LsapWorldSid,
873  Length);
874 
875  Groups->Groups[Groups->GroupCount].Attributes =
877 
878  Groups->GroupCount++;
879 
880  /* Append the logon type SID */
881  switch (LogonType)
882  {
883  case Interactive:
884  SrcSid = LsapInteractiveSid;
885  break;
886 
887  case Network:
888  SrcSid = LsapNetworkSid;
889  break;
890 
891  case Batch:
892  SrcSid = LsapBatchSid;
893  break;
894 
895  case Service:
896  SrcSid = LsapServiceSid;
897  break;
898 
899  default:
900  FIXME("LogonType %d is not supported!\n", LogonType);
901  return STATUS_NOT_IMPLEMENTED;
902  }
903 
904  Length = RtlLengthSid(SrcSid);
905  Groups->Groups[Groups->GroupCount].Sid = RtlAllocateHeap(RtlGetProcessHeap(),
907  Length);
908  if (Groups->Groups[Groups->GroupCount].Sid == NULL)
910 
911  RtlCopyMemory(Groups->Groups[Groups->GroupCount].Sid,
912  SrcSid,
913  Length);
914 
915  Groups->Groups[Groups->GroupCount].Attributes =
917 
918  Groups->GroupCount++;
919  }
920  else
921  {
922  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
923  return STATUS_NOT_IMPLEMENTED;
924  }
925 
926  return STATUS_SUCCESS;
927 }
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:225
#define ANYSIZE_ARRAY
Definition: typedefs.h:45
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
TOpcodeData Groups[17][8]
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
PSID LsapWorldSid
Definition: lookup.c:78
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define FIXME(fmt,...)
Definition: debug.h:110
smooth NULL
Definition: ftsmooth.c:416
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
PSID LsapBatchSid
Definition: lookup.c:80
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
PSID LsapInteractiveSid
Definition: lookup.c:81
#define SE_GROUP_ENABLED
Definition: setypes.h:92
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
PSID LsapServiceSid
Definition: lookup.c:82
struct _TOKEN_GROUPS TOKEN_GROUPS
#define ERR(fmt,...)
Definition: debug.h:109
PSID LsapNetworkSid
Definition: lookup.c:79
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:964
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
$ULONG GroupCount
Definition: setypes.h:960
unsigned int ULONG
Definition: retypes.h:1
return STATUS_SUCCESS
Definition: btrfs.c:2938

Referenced by LsapLogonUser().

◆ LsapAddLocalGroups()

static NTSTATUS LsapAddLocalGroups ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType,
IN PTOKEN_GROUPS  LocalGroups 
)
static

Definition at line 726 of file authpackage.c.

730 {
731  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
733  ULONG Length;
734  ULONG i;
735  ULONG j;
736 
737  if (LocalGroups == NULL || LocalGroups->GroupCount == 0)
738  return STATUS_SUCCESS;
739 
740  if (TokenInformationType == LsaTokenInformationV1)
741  {
742  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
743 
744  if (TokenInfo1->Groups != NULL)
745  {
746  Length = sizeof(TOKEN_GROUPS) +
747  (LocalGroups->GroupCount + TokenInfo1->Groups->GroupCount - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
748 
749  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
750  if (Groups == NULL)
751  {
752  ERR("Group buffer allocation failed!\n");
754  }
755 
756  Groups->GroupCount = LocalGroups->GroupCount + TokenInfo1->Groups->GroupCount;
757 
758  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
759  {
760  Groups->Groups[i].Sid = TokenInfo1->Groups->Groups[i].Sid;
761  Groups->Groups[i].Attributes = TokenInfo1->Groups->Groups[i].Attributes;
762  }
763 
764  for (j = 0; j < LocalGroups->GroupCount; i++, j++)
765  {
766  Groups->Groups[i].Sid = LocalGroups->Groups[j].Sid;
767  Groups->Groups[i].Attributes = LocalGroups->Groups[j].Attributes;
768  LocalGroups->Groups[j].Sid = NULL;
769  }
770 
771  RtlFreeHeap(RtlGetProcessHeap(), 0, TokenInfo1->Groups);
772 
773  TokenInfo1->Groups = Groups;
774  }
775  else
776  {
777  Length = sizeof(TOKEN_GROUPS) +
778  (LocalGroups->GroupCount - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
779 
780  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
781  if (Groups == NULL)
782  {
783  ERR("Group buffer allocation failed!\n");
785  }
786 
787  Groups->GroupCount = LocalGroups->GroupCount;
788 
789  for (i = 0; i < LocalGroups->GroupCount; i++)
790  {
791  Groups->Groups[i].Sid = LocalGroups->Groups[i].Sid;
792  Groups->Groups[i].Attributes = LocalGroups->Groups[i].Attributes;
793  }
794 
795  TokenInfo1->Groups = Groups;
796  }
797  }
798  else
799  {
800  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
801  return STATUS_NOT_IMPLEMENTED;
802  }
803 
804  return STATUS_SUCCESS;
805 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:225
#define ANYSIZE_ARRAY
Definition: typedefs.h:45
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS LocalGroups
TOpcodeData Groups[17][8]
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define FIXME(fmt,...)
Definition: debug.h:110
smooth NULL
Definition: ftsmooth.c:416
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
struct _TOKEN_GROUPS TOKEN_GROUPS
#define ERR(fmt,...)
Definition: debug.h:109
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:964
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
$ULONG GroupCount
Definition: setypes.h:960
unsigned int ULONG
Definition: retypes.h:1
return STATUS_SUCCESS
Definition: btrfs.c:2938

Referenced by LsapLogonUser().

◆ LsapAddPrivilegeToTokenPrivileges()

static NTSTATUS LsapAddPrivilegeToTokenPrivileges ( PTOKEN_PRIVILEGES TokenPrivileges,
PLSAPR_LUID_AND_ATTRIBUTES  Privilege 
)
static

Definition at line 1238 of file authpackage.c.

1240 {
1241  PTOKEN_PRIVILEGES LocalPrivileges;
1242  ULONG Length, TokenPrivilegeCount, i;
1244 
1245  if (*TokenPrivileges == NULL)
1246  {
1247  Length = sizeof(TOKEN_PRIVILEGES) +
1248  (1 - ANYSIZE_ARRAY) * sizeof(LUID_AND_ATTRIBUTES);
1249  LocalPrivileges = RtlAllocateHeap(RtlGetProcessHeap(),
1250  0,
1251  Length);
1252  if (LocalPrivileges == NULL)
1254 
1255  LocalPrivileges->PrivilegeCount = 1;
1256  LocalPrivileges->Privileges[0].Luid = Privilege->Luid;
1257  LocalPrivileges->Privileges[0].Attributes = Privilege->Attributes;
1258  }
1259  else
1260  {
1261  TokenPrivilegeCount = (*TokenPrivileges)->PrivilegeCount;
1262 
1263  for (i = 0; i < TokenPrivilegeCount; i++)
1264  {
1265  if (RtlEqualLuid(&(*TokenPrivileges)->Privileges[i].Luid, &Privilege->Luid))
1266  return STATUS_SUCCESS;
1267  }
1268 
1269  Length = sizeof(TOKEN_PRIVILEGES) +
1270  (TokenPrivilegeCount + 1 - ANYSIZE_ARRAY) * sizeof(LUID_AND_ATTRIBUTES);
1271  LocalPrivileges = RtlAllocateHeap(RtlGetProcessHeap(),
1272  0,
1273  Length);
1274  if (LocalPrivileges == NULL)
1276 
1277  LocalPrivileges->PrivilegeCount = TokenPrivilegeCount + 1;
1278  for (i = 0; i < TokenPrivilegeCount; i++)
1279  {
1280  LocalPrivileges->Privileges[i].Luid = (*TokenPrivileges)->Privileges[i].Luid;
1281  LocalPrivileges->Privileges[i].Attributes = (*TokenPrivileges)->Privileges[i].Attributes;
1282  }
1283 
1284  LocalPrivileges->Privileges[TokenPrivilegeCount].Luid = Privilege->Luid;
1285  LocalPrivileges->Privileges[TokenPrivilegeCount].Attributes = Privilege->Attributes;
1286 
1287  RtlFreeHeap(RtlGetProcessHeap(), 0, *TokenPrivileges);
1288  }
1289 
1290  *TokenPrivileges = LocalPrivileges;
1291 
1292  return Status;
1293 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define ANYSIZE_ARRAY
Definition: typedefs.h:45
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
$ULONG PrivilegeCount
Definition: setypes.h:969
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
struct _TOKEN_PRIVILEGES TOKEN_PRIVILEGES
smooth NULL
Definition: ftsmooth.c:416
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
Status
Definition: gdiplustypes.h:24
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:970
unsigned int ULONG
Definition: retypes.h:1
return STATUS_SUCCESS
Definition: btrfs.c:2938

Referenced by LsapSetPrivileges().

◆ LsapAddSamGroups()

static NTSTATUS LsapAddSamGroups ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType 
)
static

Definition at line 1015 of file authpackage.c.

1018 {
1019  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
1020  SAMPR_HANDLE ServerHandle = NULL;
1021  SAMPR_HANDLE BuiltinDomainHandle = NULL;
1022  SAMPR_HANDLE AccountDomainHandle = NULL;
1023  SAMPR_PSID_ARRAY SidArray;
1024  SAMPR_ULONG_ARRAY BuiltinMembership;
1025  SAMPR_ULONG_ARRAY AccountMembership;
1026  ULONG i;
1028 
1029  if (TokenInformationType != LsaTokenInformationV1)
1030  return STATUS_SUCCESS;
1031 
1032  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1033 
1034  SidArray.Count = TokenInfo1->Groups->GroupCount + 1;
1035  SidArray.Sids = RtlAllocateHeap(RtlGetProcessHeap(),
1037  (TokenInfo1->Groups->GroupCount + 1) * sizeof(PRPC_SID));
1038  if (SidArray.Sids == NULL)
1040 
1041  SidArray.Sids[0].SidPointer = TokenInfo1->User.User.Sid;
1042  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
1043  SidArray.Sids[i + 1].SidPointer = TokenInfo1->Groups->Groups[i].Sid;
1044 
1045  BuiltinMembership.Element = NULL;
1046  AccountMembership.Element = NULL;
1047 
1049  &ServerHandle,
1051  FALSE);
1052  if (!NT_SUCCESS(Status))
1053  {
1054  TRACE("SamIConnect failed (Status %08lx)\n", Status);
1055  goto done;
1056  }
1057 
1058  Status = SamrOpenDomain(ServerHandle,
1061  &BuiltinDomainHandle);
1062  if (!NT_SUCCESS(Status))
1063  {
1064  TRACE("SamrOpenDomain failed (Status %08lx)\n", Status);
1065  goto done;
1066  }
1067 
1068  Status = SamrOpenDomain(ServerHandle,
1071  &AccountDomainHandle);
1072  if (!NT_SUCCESS(Status))
1073  {
1074  TRACE("SamrOpenDomain failed (Status %08lx)\n", Status);
1075  goto done;
1076  }
1077 
1078  Status = SamrGetAliasMembership(BuiltinDomainHandle,
1079  &SidArray,
1080  &BuiltinMembership);
1081  if (!NT_SUCCESS(Status))
1082  {
1083  TRACE("SamrGetAliasMembership failed (Status %08lx)\n", Status);
1084  goto done;
1085  }
1086 
1087  Status = SamrGetAliasMembership(AccountDomainHandle,
1088  &SidArray,
1089  &AccountMembership);
1090  if (!NT_SUCCESS(Status))
1091  {
1092  TRACE("SamrGetAliasMembership failed (Status %08lx)\n", Status);
1093  goto done;
1094  }
1095 
1096  TRACE("Builtin Memberships: %lu\n", BuiltinMembership.Count);
1097  for (i = 0; i < BuiltinMembership.Count; i++)
1098  {
1099  TRACE("RID %lu: %lu (0x%lx)\n", i, BuiltinMembership.Element[i], BuiltinMembership.Element[i]);
1100  Status = LsapAppendSidToGroups(&TokenInfo1->Groups,
1102  BuiltinMembership.Element[i]);
1103  if (!NT_SUCCESS(Status))
1104  {
1105  TRACE("LsapAppendSidToGroups failed (Status %08lx)\n", Status);
1106  goto done;
1107  }
1108  }
1109 
1110  TRACE("Account Memberships: %lu\n", AccountMembership.Count);
1111  for (i = 0; i < AccountMembership.Count; i++)
1112  {
1113  TRACE("RID %lu: %lu (0x%lx)\n", i, AccountMembership.Element[i], AccountMembership.Element[i]);
1114  Status = LsapAppendSidToGroups(&TokenInfo1->Groups,
1116  AccountMembership.Element[i]);
1117  if (!NT_SUCCESS(Status))
1118  {
1119  TRACE("LsapAppendSidToGroups failed (Status %08lx)\n", Status);
1120  goto done;
1121  }
1122  }
1123 
1124 done:
1125  RtlFreeHeap(RtlGetProcessHeap(), 0, SidArray.Sids);
1126 
1127  if (AccountMembership.Element != NULL)
1128  SamIFree_SAMPR_ULONG_ARRAY(&AccountMembership);
1129 
1130  if (BuiltinMembership.Element != NULL)
1131  SamIFree_SAMPR_ULONG_ARRAY(&BuiltinMembership);
1132 
1133  if (AccountDomainHandle != NULL)
1134  SamrCloseHandle(&AccountDomainHandle);
1135 
1136  if (BuiltinDomainHandle != NULL)
1137  SamrCloseHandle(&BuiltinDomainHandle);
1138 
1139  if (ServerHandle != NULL)
1140  SamrCloseHandle(&ServerHandle);
1141 
1142 // return Status;
1143 
1144  return STATUS_SUCCESS;
1145 }
unsigned long * Element
Definition: lsasrv.h:88
#define SAM_SERVER_CONNECT
Definition: ntsam.h:99
NTSTATUS __stdcall SamrGetAliasMembership(SAMPR_HANDLE DomainHandle, PSAMPR_PSID_ARRAY SidArray, PSAMPR_ULONG_ARRAY Membership)
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
NTSTATUS __stdcall SamrOpenDomain(SAMPR_HANDLE ServerHandle, ACCESS_MASK DesiredAccess, PRPC_SID DomainId, SAMPR_HANDLE *DomainHandle)
#define DOMAIN_GET_ALIAS_MEMBERSHIP
Definition: ntsam.h:40
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
PSID BuiltinDomainSid
Definition: globals.c:16
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
NTSTATUS NTAPI SamIConnect(PSAMPR_SERVER_NAME ServerName, SAMPR_HANDLE *ServerHandle, ACCESS_MASK DesiredAccess, BOOLEAN Trusted)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
smooth NULL
Definition: ftsmooth.c:416
#define SAM_SERVER_LOOKUP_DOMAIN
Definition: ntsam.h:104
unsigned long Count
Definition: lsasrv.h:87
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
static NTSTATUS LsapAppendSidToGroups(IN PTOKEN_GROUPS *TokenGroups, IN PSID DomainSid, IN ULONG RelativeId)
Definition: authpackage.c:932
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PSAMPR_SID_INFORMATION Sids
Definition: authpackage.c:123
Status
Definition: gdiplustypes.h:24
unsigned long Count
Definition: authpackage.c:122
VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr)
Definition: samsrv.c:515
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:964
NTSTATUS __stdcall SamrCloseHandle(SAMPR_HANDLE *SamHandle)
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
$ULONG GroupCount
Definition: setypes.h:960
unsigned int ULONG
Definition: retypes.h:1
SID_AND_ATTRIBUTES User
Definition: setypes.h:956
PSID AccountDomainSid
Definition: database.c:22
return STATUS_SUCCESS
Definition: btrfs.c:2938

Referenced by LsapLogonUser().

◆ LsapAddTokenDefaultDacl()

static NTSTATUS LsapAddTokenDefaultDacl ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType 
)
static

Definition at line 1192 of file authpackage.c.

1195 {
1196  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
1197  PACL Dacl = NULL;
1198  ULONG Length;
1199 
1200  if (TokenInformationType == LsaTokenInformationV1)
1201  {
1202  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1203 
1204  if (TokenInfo1->DefaultDacl.DefaultDacl != NULL)
1205  return STATUS_SUCCESS;
1206 
1207  Length = sizeof(ACL) +
1208  (2 * sizeof(ACCESS_ALLOWED_ACE)) +
1209  RtlLengthSid(TokenInfo1->Owner.Owner) +
1211 
1213  if (Dacl == NULL)
1215 
1217 
1219  ACL_REVISION,
1220  GENERIC_ALL,
1221  TokenInfo1->Owner.Owner);
1222 
1223  /* SID: S-1-5-18 */
1225  ACL_REVISION,
1226  GENERIC_ALL,
1228 
1229  TokenInfo1->DefaultDacl.DefaultDacl = Dacl;
1230  }
1231 
1232  return STATUS_SUCCESS;
1233 }
#define GENERIC_ALL
Definition: nt_native.h:92
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
Definition: authpackage.c:60
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
struct _ACL ACL
smooth NULL
Definition: ftsmooth.c:416
PSID Owner
Definition: setypes.h:974
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1553
static LSA_DISPATCH_TABLE DispatchTable
Definition: authpackage.c:164
TOKEN_DEFAULT_DACL DefaultDacl
Definition: authpackage.c:34
#define ACL_REVISION
Definition: setypes.h:39
unsigned int ULONG
Definition: retypes.h:1
return STATUS_SUCCESS
Definition: btrfs.c:2938
PSID LsapLocalSystemSid
Definition: lookup.c:83

Referenced by LsapLogonUser().

◆ LsapAllocateClientBuffer()

static NTSTATUS NTAPI LsapAllocateClientBuffer ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN ULONG  LengthRequired,
OUT PVOID ClientBaseAddress 
)
static

Definition at line 390 of file authpackage.c.

393 {
394  PLSAP_LOGON_CONTEXT LogonContext;
395  SIZE_T Length;
396 
397  *ClientBaseAddress = NULL;
398 
399  LogonContext = (PLSAP_LOGON_CONTEXT)ClientRequest;
400 
401  Length = LengthRequired;
402  return NtAllocateVirtualMemory(LogonContext->ClientProcessHandle,
403  ClientBaseAddress,
404  0,
405  &Length,
406  MEM_COMMIT,
408 }
struct _LSAP_LOGON_CONTEXT * PLSAP_LOGON_CONTEXT
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
#define MEM_COMMIT
Definition: nt_native.h:1313
smooth NULL
Definition: ftsmooth.c:416
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
ULONG_PTR SIZE_T
Definition: typedefs.h:78
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
Definition: virtual.c:4367
#define PAGE_READWRITE
Definition: nt_native.h:1304

Referenced by LsapInitAuthPackages().

◆ LsapAllocateHeap()

PVOID NTAPI LsapAllocateHeap ( IN ULONG  Length)

Definition at line 365 of file authpackage.c.

366 {
367  return RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
368 }
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101

◆ LsapAllocateHeapZero()

PVOID NTAPI LsapAllocateHeapZero ( IN ULONG  Length)

Definition at line 373 of file authpackage.c.

374 {
375  return RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
376 }
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define HEAP_ZERO_MEMORY
Definition: compat.h:123

Referenced by LsapInitAuthPackages().

◆ LsapAppendSidToGroups()

static NTSTATUS LsapAppendSidToGroups ( IN PTOKEN_GROUPS TokenGroups,
IN PSID  DomainSid,
IN ULONG  RelativeId 
)
static

Definition at line 932 of file authpackage.c.

936 {
938  PSID Sid;
939  ULONG Length;
940  ULONG i;
941 
942  Sid = LsapAppendRidToSid(DomainSid, RelativeId);
943  if (Sid == NULL)
944  {
945  ERR("Group SID creation failed!\n");
947  }
948 
949  if (*TokenGroups == NULL)
950  {
951  Length = sizeof(TOKEN_GROUPS) +
952  (1 - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
953 
954  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
955  if (Groups == NULL)
956  {
957  ERR("Group buffer allocation failed!\n");
959  }
960 
961  Groups->GroupCount = 1;
962 
963  Groups->Groups[0].Sid = Sid;
964  Groups->Groups[0].Attributes =
966 
967  *TokenGroups = Groups;
968  }
969  else
970  {
971  for (i = 0; i < (*TokenGroups)->GroupCount; i++)
972  {
973  if (RtlEqualSid((*TokenGroups)->Groups[i].Sid, Sid))
974  {
975  RtlFreeHeap(RtlGetProcessHeap(), 0, Sid);
976  return STATUS_SUCCESS;
977  }
978  }
979 
980  Length = sizeof(TOKEN_GROUPS) +
981  ((*TokenGroups)->GroupCount + 1 - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
982 
983  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
984  if (Groups == NULL)
985  {
986  ERR("Group buffer allocation failed!\n");
988  }
989 
990  Groups->GroupCount = (*TokenGroups)->GroupCount;
991 
992  for (i = 0; i < (*TokenGroups)->GroupCount; i++)
993  {
994  Groups->Groups[i].Sid = (*TokenGroups)->Groups[i].Sid;
995  Groups->Groups[i].Attributes = (*TokenGroups)->Groups[i].Attributes;
996  }
997 
998  Groups->Groups[Groups->GroupCount].Sid = Sid;
999  Groups->Groups[Groups->GroupCount].Attributes =
1001 
1002  Groups->GroupCount++;
1003 
1004  RtlFreeHeap(RtlGetProcessHeap(), 0, *TokenGroups);
1005 
1006  *TokenGroups = Groups;
1007  }
1008 
1009  return STATUS_SUCCESS;
1010 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define ANYSIZE_ARRAY
Definition: typedefs.h:45
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
TOpcodeData Groups[17][8]
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
smooth NULL
Definition: ftsmooth.c:416
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
#define SE_GROUP_ENABLED
Definition: setypes.h:92
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
struct _TOKEN_GROUPS TOKEN_GROUPS
#define ERR(fmt,...)
Definition: debug.h:109
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
PSID LsapAppendRidToSid(PSID SrcSid, ULONG Rid)
Definition: utils.c:152
unsigned int ULONG
Definition: retypes.h:1
return STATUS_SUCCESS
Definition: btrfs.c:2938
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)

Referenced by LsapAddSamGroups().

◆ LsapCallAuthenticationPackage()

NTSTATUS LsapCallAuthenticationPackage ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 545 of file authpackage.c.

547 {
548  PAUTH_PACKAGE Package;
549  PVOID LocalBuffer = NULL;
552 
553  TRACE("(%p %p)\n", RequestMsg, LogonContext);
554 
555  PackageId = RequestMsg->CallAuthenticationPackage.Request.AuthenticationPackage;
556 
557  /* Get the right authentication package */
559  if (Package == NULL)
560  {
561  TRACE("LsapGetAuthenticationPackage() failed to find a package\n");
562  return STATUS_NO_SUCH_PACKAGE;
563  }
564 
565  if (RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength > 0)
566  {
567  LocalBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
569  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength);
570  if (LocalBuffer == NULL)
571  {
573  }
574 
576  RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
577  LocalBuffer,
578  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
579  NULL);
580  if (!NT_SUCCESS(Status))
581  {
582  TRACE("NtReadVirtualMemory() failed (Status 0x%08lx)\n", Status);
583  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalBuffer);
584  return Status;
585  }
586  }
587 
588  if (LogonContext->Untrusted)
589  Status = Package->LsaApCallPackageUntrusted((PLSA_CLIENT_REQUEST)LogonContext,
590  LocalBuffer,
591  RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
592  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
593  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolReturnBuffer,
594  &RequestMsg->CallAuthenticationPackage.Reply.ReturnBufferLength,
595  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolStatus);
596  else
597  Status = Package->LsaApCallPackage((PLSA_CLIENT_REQUEST)LogonContext,
598  LocalBuffer,
599  RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
600  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
601  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolReturnBuffer,
602  &RequestMsg->CallAuthenticationPackage.Reply.ReturnBufferLength,
603  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolStatus);
604  if (!NT_SUCCESS(Status))
605  {
606  TRACE("Package->LsaApCallPackage() failed (Status 0x%08lx)\n", Status);
607  }
608 
609  if (LocalBuffer != NULL)
610  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalBuffer);
611 
612  return Status;
613 }
struct _LSA_CALL_AUTHENTICATION_PACKAGE_MSG::@3357::@3359 Request
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define STATUS_NO_SUCH_PACKAGE
Definition: ntstatus.h:476
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
smooth NULL
Definition: ftsmooth.c:416
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
struct _LSA_CALL_AUTHENTICATION_PACKAGE_MSG::@3357::@3360 Reply
PLSA_AP_CALL_PACKAGE_UNTRUSTED LsaApCallPackageUntrusted
Definition: authpackage.c:101
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2691
Status
Definition: gdiplustypes.h:24
LSA_CALL_AUTHENTICATION_PACKAGE_MSG CallAuthenticationPackage
Definition: lsass.h:188
PLSA_AP_CALL_PACKAGE_INTERNAL LsaApCallPackage
Definition: authpackage.c:99
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
static PAUTH_PACKAGE LsapGetAuthenticationPackage(IN ULONG PackageId)
Definition: authpackage.c:341
unsigned int ULONG
Definition: retypes.h:1
static ULONG PackageId
Definition: authpackage.c:163

Referenced by AuthPortThreadRoutine().

◆ LsapCopyFromClientBuffer()

static NTSTATUS NTAPI LsapCopyFromClientBuffer ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN ULONG  Length,
IN PVOID  BufferToCopy,
IN PVOID  ClientBaseAddress 
)
static

Definition at line 456 of file authpackage.c.

460 {
461  PLSAP_LOGON_CONTEXT LogonContext;
462 
463  LogonContext = (PLSAP_LOGON_CONTEXT)ClientRequest;
464 
465  return NtReadVirtualMemory(LogonContext->ClientProcessHandle,
466  ClientBaseAddress,
467  BufferToCopy,
468  Length,
469  NULL);
470 }
struct _LSAP_LOGON_CONTEXT * PLSAP_LOGON_CONTEXT
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
smooth NULL
Definition: ftsmooth.c:416
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2691

Referenced by LsapInitAuthPackages().

◆ LsapCopyLocalGroups()

static NTSTATUS LsapCopyLocalGroups ( IN PLSAP_LOGON_CONTEXT  LogonContext,
IN PTOKEN_GROUPS  ClientGroups,
IN ULONG  ClientGroupsCount,
OUT PTOKEN_GROUPS TokenGroups 
)
static

Definition at line 618 of file authpackage.c.

623 {
624  ULONG LocalGroupsLength = 0;
626  ULONG SidHeaderLength = 0;
627  PSID SidHeader = NULL;
628  PSID SrcSid, DstSid;
629  ULONG SidLength;
630  ULONG AllocatedSids = 0;
631  ULONG i;
633 
634  LocalGroupsLength = sizeof(TOKEN_GROUPS) +
635  (ClientGroupsCount - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
636  LocalGroups = RtlAllocateHeap(RtlGetProcessHeap(),
638  LocalGroupsLength);
639  if (LocalGroups == NULL)
640  {
641  TRACE("RtlAllocateHeap() failed\n");
643  }
644 
645  Status = NtReadVirtualMemory(LogonContext->ClientProcessHandle,
646  ClientGroups,
647  LocalGroups,
648  LocalGroupsLength,
649  NULL);
650  if (!NT_SUCCESS(Status))
651  goto done;
652 
653 
654  SidHeaderLength = RtlLengthRequiredSid(0);
655  SidHeader = RtlAllocateHeap(RtlGetProcessHeap(),
657  SidHeaderLength);
658  if (SidHeader == NULL)
659  {
661  goto done;
662  }
663 
664  for (i = 0; i < ClientGroupsCount; i++)
665  {
666  SrcSid = LocalGroups->Groups[i].Sid;
667 
668  Status = NtReadVirtualMemory(LogonContext->ClientProcessHandle,
669  SrcSid,
670  SidHeader,
671  SidHeaderLength,
672  NULL);
673  if (!NT_SUCCESS(Status))
674  goto done;
675 
676  SidLength = RtlLengthSid(SidHeader);
677  TRACE("Sid %lu: Length %lu\n", i, SidLength);
678 
679  DstSid = RtlAllocateHeap(RtlGetProcessHeap(),
681  SidLength);
682  if (DstSid == NULL)
683  {
685  goto done;
686  }
687 
688  Status = NtReadVirtualMemory(LogonContext->ClientProcessHandle,
689  SrcSid,
690  DstSid,
691  SidLength,
692  NULL);
693  if (!NT_SUCCESS(Status))
694  {
695  RtlFreeHeap(RtlGetProcessHeap(), 0, DstSid);
696  goto done;
697  }
698 
699  LocalGroups->Groups[i].Sid = DstSid;
700  AllocatedSids++;
701  }
702 
704 
705 done:
706  if (SidHeader != NULL)
707  RtlFreeHeap(RtlGetProcessHeap(), 0, SidHeader);
708 
709  if (!NT_SUCCESS(Status))
710  {
711  if (LocalGroups != NULL)
712  {
713  for (i = 0; i < AllocatedSids; i++)
714  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups->Groups[i].Sid);
715 
716  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups);
717  }
718  }
719 
720  return Status;
721 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define ANYSIZE_ARRAY
Definition: typedefs.h:45
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS LocalGroups
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
smooth NULL
Definition: ftsmooth.c:416
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2691
struct _TOKEN_GROUPS TOKEN_GROUPS
Status
Definition: gdiplustypes.h:24
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
unsigned int ULONG
Definition: retypes.h:1
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54

Referenced by LsapLogonUser().

◆ LsapCopyToClientBuffer()

static NTSTATUS NTAPI LsapCopyToClientBuffer ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN ULONG  Length,
IN PVOID  ClientBaseAddress,
IN PVOID  BufferToCopy 
)
static

Definition at line 436 of file authpackage.c.

440 {
441  PLSAP_LOGON_CONTEXT LogonContext;
442 
443  LogonContext = (PLSAP_LOGON_CONTEXT)ClientRequest;
444 
445  return NtWriteVirtualMemory(LogonContext->ClientProcessHandle,
446  ClientBaseAddress,
447  BufferToCopy,
448  Length,
449  NULL);
450 }
struct _LSAP_LOGON_CONTEXT * PLSAP_LOGON_CONTEXT
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
smooth NULL
Definition: ftsmooth.c:416
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
NTSTATUS NTAPI NtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN SIZE_T NumberOfBytesToWrite, OUT PSIZE_T NumberOfBytesWritten OPTIONAL)
Definition: virtual.c:2805

Referenced by LsapInitAuthPackages().

◆ LsapFreeClientBuffer()

static NTSTATUS NTAPI LsapFreeClientBuffer ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PVOID  ClientBaseAddress 
)
static

Definition at line 414 of file authpackage.c.

416 {
417  PLSAP_LOGON_CONTEXT LogonContext;
418  SIZE_T Length;
419 
420  if (ClientBaseAddress == NULL)
421  return STATUS_SUCCESS;
422 
423  LogonContext = (PLSAP_LOGON_CONTEXT)ClientRequest;
424 
425  Length = 0;
426  return NtFreeVirtualMemory(LogonContext->ClientProcessHandle,
427  &ClientBaseAddress,
428  &Length,
429  MEM_RELEASE);
430 }
struct _LSAP_LOGON_CONTEXT * PLSAP_LOGON_CONTEXT
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
smooth NULL
Definition: ftsmooth.c:416
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
ULONG_PTR SIZE_T
Definition: typedefs.h:78
#define MEM_RELEASE
Definition: nt_native.h:1316
return STATUS_SUCCESS
Definition: btrfs.c:2938
NTSTATUS NTAPI NtFreeVirtualMemory(IN HANDLE ProcessHandle, IN PVOID *UBaseAddress, IN PSIZE_T URegionSize, IN ULONG FreeType)
Definition: virtual.c:5090

Referenced by LsapInitAuthPackages(), and LsapLogonUser().

◆ LsapFreeHeap()

VOID NTAPI LsapFreeHeap ( IN PVOID  Base)

Definition at line 381 of file authpackage.c.

382 {
383  RtlFreeHeap(RtlGetProcessHeap(), 0, Base);
384 }
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
_In_opt_ ULONG Base
Definition: rtlfuncs.h:2343

Referenced by LsapInitAuthPackages(), and LsapLogonUser().

◆ LsapGetAuthenticationPackage()

static PAUTH_PACKAGE LsapGetAuthenticationPackage ( IN ULONG  PackageId)
static

Definition at line 341 of file authpackage.c.

342 {
343  PLIST_ENTRY ListEntry;
344  PAUTH_PACKAGE Package;
345 
346  ListEntry = PackageListHead.Flink;
347  while (ListEntry != &PackageListHead)
348  {
349  Package = CONTAINING_RECORD(ListEntry, AUTH_PACKAGE, Entry);
350 
351  if (Package->Id == PackageId)
352  {
353  return Package;
354  }
355 
356  ListEntry = ListEntry->Flink;
357  }
358 
359  return NULL;
360 }
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
smooth NULL
Definition: ftsmooth.c:416
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:119
Definition: typedefs.h:117
static ULONG PackageId
Definition: authpackage.c:163
base of all file and directory entries
Definition: entries.h:82

Referenced by LsapCallAuthenticationPackage(), and LsapLogonUser().

◆ LsapInitAuthPackages()

NTSTATUS LsapInitAuthPackages ( VOID  )

Definition at line 474 of file authpackage.c.

475 {
476  RTL_QUERY_REGISTRY_TABLE AuthPackageTable[] = {
477  {LsapAddAuthPackage, 0, L"Authentication Packages", NULL, REG_NONE, NULL, 0},
478  {NULL, 0, NULL, NULL, REG_NONE, NULL, 0}};
479 
481 
483  PackageId = 0;
484 
485  /* Initialize the dispatch table */
497 
498  /* Add registered authentication packages */
500  L"Lsa",
501  AuthPackageTable,
502  &PackageId,
503  NULL);
504 
505  return Status;
506 }
PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
Definition: authpackage.c:63
PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
Definition: authpackage.c:64
NTSTATUS NTAPI LsapCreateLogonSession(IN PLUID LogonId)
Definition: session.c:117
PLSA_GET_CREDENTIALS GetCredentials
Definition: authpackage.c:58
LONG NTSTATUS
Definition: precomp.h:26
static NTSTATUS NTAPI LsapFreeClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ClientBaseAddress)
Definition: authpackage.c:414
NTSTATUS NTAPI LsapDeleteLogonSession(IN PLUID LogonId)
Definition: session.c:159
PLSA_FREE_LSA_HEAP FreeLsaHeap
Definition: authpackage.c:61
PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
Definition: authpackage.c:60
static NTSTATUS NTAPI LsapAddAuthPackage(IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
Definition: authpackage.c:177
#define RTL_REGISTRY_CONTROL
Definition: nt_native.h:163
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
PVOID NTAPI LsapAllocateHeapZero(IN ULONG Length)
Definition: authpackage.c:373
NTSTATUS NTAPI LsapGetCredentials(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _Inout_ PULONG QueryContext, _In_ BOOLEAN RetrieveAllCredentials, _Inout_ PLSA_STRING PrimaryKeyValue, _Out_ PULONG PrimaryKeyLength, _Out_ PLSA_STRING Credentials)
Definition: session.c:227
PLSA_CREATE_LOGON_SESSION CreateLogonSession
Definition: authpackage.c:55
smooth NULL
Definition: ftsmooth.c:416
VOID NTAPI LsapFreeHeap(IN PVOID Base)
Definition: authpackage.c:381
NTSTATUS NTAPI LsapAddCredential(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue, _In_ PLSA_STRING Credential)
Definition: session.c:214
PLSA_DELETE_CREDENTIAL DeleteCredential
Definition: authpackage.c:59
static NTSTATUS NTAPI LsapCopyFromClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID BufferToCopy, IN PVOID ClientBaseAddress)
Definition: authpackage.c:456
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
PLSA_DELETE_LOGON_SESSION DeleteLogonSession
Definition: authpackage.c:56
PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
Definition: authpackage.c:65
static const WCHAR L[]
Definition: oid.c:1250
PLSA_ADD_CREDENTIAL AddCredential
Definition: authpackage.c:57
Status
Definition: gdiplustypes.h:24
PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
Definition: authpackage.c:62
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
static LSA_DISPATCH_TABLE DispatchTable
Definition: authpackage.c:164
static NTSTATUS NTAPI LsapCopyToClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID ClientBaseAddress, IN PVOID BufferToCopy)
Definition: authpackage.c:436
NTSTATUS NTAPI LsapDeleteCredential(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue)
Definition: session.c:243
#define REG_NONE
Definition: nt_native.h:1492
static ULONG PackageId
Definition: authpackage.c:163
static NTSTATUS NTAPI LsapAllocateClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG LengthRequired, OUT PVOID *ClientBaseAddress)
Definition: authpackage.c:390

Referenced by LsapInitLsa().

◆ LsapLogonUser()

NTSTATUS LsapLogonUser ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 1375 of file authpackage.c.

1377 {
1378  PAUTH_PACKAGE Package;
1381  LSA_TOKEN_INFORMATION_TYPE TokenInformationType;
1382  PVOID TokenInformation = NULL;
1383  PLSA_TOKEN_INFORMATION_NULL TokenInfo0 = NULL;
1384  PLSA_TOKEN_INFORMATION_V1 TokenInfo1 = NULL;
1385  PUNICODE_STRING AccountName = NULL;
1386  PUNICODE_STRING AuthenticatingAuthority = NULL;
1388  PVOID LocalAuthInfo = NULL;
1391  ULONG i;
1392  ULONG PackageId;
1394  NTSTATUS Status;
1395 
1396  PUNICODE_STRING UserName = NULL;
1397  PUNICODE_STRING LogonDomainName = NULL;
1398 // UNICODE_STRING LogonServer;
1399 
1400 
1401  TRACE("LsapLogonUser(%p %p)\n", RequestMsg, LogonContext);
1402 
1403  PackageId = RequestMsg->LogonUser.Request.AuthenticationPackage;
1404  LogonType = RequestMsg->LogonUser.Request.LogonType;
1405 
1406  /* Get the right authentication package */
1408  if (Package == NULL)
1409  {
1410  ERR("LsapGetAuthenticationPackage() failed to find a package\n");
1411  return STATUS_NO_SUCH_PACKAGE;
1412  }
1413 
1414  if (RequestMsg->LogonUser.Request.AuthenticationInformationLength > 0)
1415  {
1416  /* Allocate the local authentication info buffer */
1417  LocalAuthInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1419  RequestMsg->LogonUser.Request.AuthenticationInformationLength);
1420  if (LocalAuthInfo == NULL)
1421  {
1422  ERR("RtlAllocateHeap() failed\n");
1424  }
1425 
1426  /* Read the authentication info from the callers address space */
1428  RequestMsg->LogonUser.Request.AuthenticationInformation,
1429  LocalAuthInfo,
1430  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1431  NULL);
1432  if (!NT_SUCCESS(Status))
1433  {
1434  ERR("NtReadVirtualMemory() failed (Status 0x%08lx)\n", Status);
1435  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalAuthInfo);
1436  return Status;
1437  }
1438  }
1439 
1440  if (RequestMsg->LogonUser.Request.LocalGroupsCount > 0)
1441  {
1442  Status = LsapCopyLocalGroups(LogonContext,
1443  RequestMsg->LogonUser.Request.LocalGroups,
1444  RequestMsg->LogonUser.Request.LocalGroupsCount,
1445  &LocalGroups);
1446  if (!NT_SUCCESS(Status))
1447  {
1448  ERR("LsapCopyLocalGroups failed (Status 0x%08lx)\n", Status);
1449  goto done;
1450  }
1451 
1452  TRACE("GroupCount: %lu\n", LocalGroups->GroupCount);
1453  }
1454 
1455  if (Package->LsaApLogonUserEx2 != NULL)
1456  {
1457  Status = Package->LsaApLogonUserEx2((PLSA_CLIENT_REQUEST)LogonContext,
1458  RequestMsg->LogonUser.Request.LogonType,
1459  LocalAuthInfo,
1460  RequestMsg->LogonUser.Request.AuthenticationInformation,
1461  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1462  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1463  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1464  &RequestMsg->LogonUser.Reply.LogonId,
1465  &RequestMsg->LogonUser.Reply.SubStatus,
1466  &TokenInformationType,
1467  &TokenInformation,
1468  &AccountName,
1469  &AuthenticatingAuthority,
1470  &MachineName,
1471  NULL, /* FIXME: PSECPKG_PRIMARY_CRED PrimaryCredentials */
1472  NULL); /* FIXME: PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials */
1473  }
1474  else if (Package->LsaApLogonUserEx != NULL)
1475  {
1476  Status = Package->LsaApLogonUserEx((PLSA_CLIENT_REQUEST)LogonContext,
1477  RequestMsg->LogonUser.Request.LogonType,
1478  LocalAuthInfo,
1479  RequestMsg->LogonUser.Request.AuthenticationInformation,
1480  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1481  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1482  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1483  &RequestMsg->LogonUser.Reply.LogonId,
1484  &RequestMsg->LogonUser.Reply.SubStatus,
1485  &TokenInformationType,
1486  &TokenInformation,
1487  &AccountName,
1488  &AuthenticatingAuthority,
1489  &MachineName);
1490  }
1491  else
1492  {
1493  Status = Package->LsaApLogonUser((PLSA_CLIENT_REQUEST)LogonContext,
1494  RequestMsg->LogonUser.Request.LogonType,
1495  LocalAuthInfo,
1496  RequestMsg->LogonUser.Request.AuthenticationInformation,
1497  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1498  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1499  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1500  &RequestMsg->LogonUser.Reply.LogonId,
1501  &RequestMsg->LogonUser.Reply.SubStatus,
1502  &TokenInformationType,
1503  &TokenInformation,
1504  &AccountName,
1505  &AuthenticatingAuthority);
1506  }
1507 
1508  if (!NT_SUCCESS(Status))
1509  {
1510  ERR("LsaApLogonUser/Ex/2 failed (Status 0x%08lx)\n", Status);
1511  goto done;
1512  }
1513 
1514  if (LocalGroups->GroupCount > 0)
1515  {
1516  /* Add local groups to the token information */
1517  Status = LsapAddLocalGroups(TokenInformation,
1518  TokenInformationType,
1519  LocalGroups);
1520  if (!NT_SUCCESS(Status))
1521  {
1522  ERR("LsapAddLocalGroupsToTokenInfo() failed (Status 0x%08lx)\n", Status);
1523  goto done;
1524  }
1525  }
1526 
1527  Status = LsapAddDefaultGroups(TokenInformation,
1528  TokenInformationType,
1529  LogonType);
1530  if (!NT_SUCCESS(Status))
1531  {
1532  ERR("LsapAddDefaultGroups() failed (Status 0x%08lx)\n", Status);
1533  goto done;
1534  }
1535 
1536  Status = LsapAddSamGroups(TokenInformation,
1537  TokenInformationType);
1538  if (!NT_SUCCESS(Status))
1539  {
1540  ERR("LsapAddSamGroups() failed (Status 0x%08lx)\n", Status);
1541  goto done;
1542  }
1543 
1544  Status = LsapSetTokenOwner(TokenInformation,
1545  TokenInformationType);
1546  if (!NT_SUCCESS(Status))
1547  {
1548  ERR("LsapSetTokenOwner() failed (Status 0x%08lx)\n", Status);
1549  goto done;
1550  }
1551 
1552  Status = LsapAddTokenDefaultDacl(TokenInformation,
1553  TokenInformationType);
1554  if (!NT_SUCCESS(Status))
1555  {
1556  ERR("LsapAddTokenDefaultDacl() failed (Status 0x%08lx)\n", Status);
1557  goto done;
1558  }
1559 
1560  Status = LsapSetPrivileges(TokenInformation,
1561  TokenInformationType);
1562  if (!NT_SUCCESS(Status))
1563  {
1564  ERR("LsapSetPrivileges() failed (Status 0x%08lx)\n", Status);
1565  goto done;
1566  }
1567 
1568  if (TokenInformationType == LsaTokenInformationNull)
1569  {
1572  TOKEN_GROUPS NoGroups = {0};
1573  TOKEN_PRIVILEGES NoPrivileges = {0};
1574 
1575  TokenInfo0 = (PLSA_TOKEN_INFORMATION_NULL)TokenInformation;
1576 
1577  TokenUser.User.Sid = LsapWorldSid;
1578  TokenUser.User.Attributes = 0;
1579  TokenPrimaryGroup.PrimaryGroup = LsapWorldSid;
1580 
1581  Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
1584  Qos.EffectiveOnly = TRUE;
1585 
1587  ObjectAttributes.RootDirectory = NULL;
1588  ObjectAttributes.ObjectName = NULL;
1589  ObjectAttributes.Attributes = 0;
1590  ObjectAttributes.SecurityDescriptor = NULL;
1591  ObjectAttributes.SecurityQualityOfService = &Qos;
1592 
1593  /* Create the logon token */
1598  &RequestMsg->LogonUser.Reply.LogonId,
1599  &TokenInfo0->ExpirationTime,
1600  &TokenUser,
1601  &NoGroups,
1602  &NoPrivileges,
1603  NULL,
1605  NULL,
1606  &RequestMsg->LogonUser.Request.SourceContext);
1607  }
1608  else if (TokenInformationType == LsaTokenInformationV1)
1609  {
1610  TOKEN_PRIVILEGES NoPrivileges = {0};
1611 
1612  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1613 
1614  Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
1617  Qos.EffectiveOnly = FALSE;
1618 
1620  ObjectAttributes.RootDirectory = NULL;
1621  ObjectAttributes.ObjectName = NULL;
1622  ObjectAttributes.Attributes = 0;
1623  ObjectAttributes.SecurityDescriptor = NULL;
1624  ObjectAttributes.SecurityQualityOfService = &Qos;
1625 
1626  /* Create the logon token */
1630  (RequestMsg->LogonUser.Request.LogonType == Network) ? TokenImpersonation : TokenPrimary,
1631  &RequestMsg->LogonUser.Reply.LogonId,
1632  &TokenInfo1->ExpirationTime,
1633  &TokenInfo1->User,
1634  TokenInfo1->Groups,
1635  TokenInfo1->Privileges ? TokenInfo1->Privileges : &NoPrivileges,
1636  &TokenInfo1->Owner,
1637  &TokenInfo1->PrimaryGroup,
1638  &TokenInfo1->DefaultDacl,
1639  &RequestMsg->LogonUser.Request.SourceContext);
1640  if (!NT_SUCCESS(Status))
1641  {
1642  ERR("NtCreateToken failed (Status 0x%08lx)\n", Status);
1643  goto done;
1644  }
1645  }
1646  else
1647  {
1648  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
1650  goto done;
1651  }
1652 
1653  if (LogonType == Interactive ||
1654  LogonType == Batch ||
1655  LogonType == Service)
1656  {
1657  UserName = &((PMSV1_0_INTERACTIVE_LOGON)LocalAuthInfo)->UserName;
1658  LogonDomainName = &((PMSV1_0_INTERACTIVE_LOGON)LocalAuthInfo)->LogonDomainName;
1659  }
1660  else
1661  {
1662  FIXME("LogonType %lu is not supported yet!\n", LogonType);
1663  }
1664 
1665  Status = LsapSetLogonSessionData(&RequestMsg->LogonUser.Reply.LogonId,
1666  LogonType,
1667  UserName,
1668  LogonDomainName,
1669  TokenInfo1->User.User.Sid);
1670  if (!NT_SUCCESS(Status))
1671  {
1672  ERR("LsapSetLogonSessionData failed (Status 0x%08lx)\n", Status);
1673  goto done;
1674  }
1675 
1676  /*
1677  * Duplicate the token handle into the client process.
1678  * This must be the last step because we cannot
1679  * close the duplicated token handle in case something fails.
1680  */
1682  TokenHandle,
1683  LogonContext->ClientProcessHandle,
1684  &RequestMsg->LogonUser.Reply.Token,
1685  0,
1686  0,
1688  if (!NT_SUCCESS(Status))
1689  {
1690  ERR("NtDuplicateObject failed (Status 0x%08lx)\n", Status);
1691  goto done;
1692  }
1693 
1694 done:
1695  if (!NT_SUCCESS(Status))
1696  {
1697  /* Notify the authentification package of the failure */
1698  Package->LsaApLogonTerminated(&RequestMsg->LogonUser.Reply.LogonId);
1699 
1700  /* Delete the logon session */
1701  LsapDeleteLogonSession(&RequestMsg->LogonUser.Reply.LogonId);
1702 
1703  /* Release the profile buffer */
1705  RequestMsg->LogonUser.Reply.ProfileBuffer);
1706  RequestMsg->LogonUser.Reply.ProfileBuffer = NULL;
1707  }
1708 
1709  if (TokenHandle != NULL)
1711 
1712  /* Free the local groups */
1713  if (LocalGroups != NULL)
1714  {
1715  for (i = 0; i < LocalGroups->GroupCount; i++)
1716  {
1717  if (LocalGroups->Groups[i].Sid != NULL)
1718  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups->Groups[i].Sid);
1719  }
1720 
1721  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups);
1722  }
1723 
1724  /* Free the local authentication info buffer */
1725  if (LocalAuthInfo != NULL)
1726  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalAuthInfo);
1727 
1728  /* Free the token information */
1729  if (TokenInformation != NULL)
1730  {
1731  if (TokenInformationType == LsaTokenInformationNull)
1732  {
1733  TokenInfo0 = (PLSA_TOKEN_INFORMATION_NULL)TokenInformation;
1734 
1735  if (TokenInfo0 != NULL)
1736  {
1737  if (TokenInfo0->Groups != NULL)
1738  {
1739  for (i = 0; i < TokenInfo0->Groups->GroupCount; i++)
1740  {
1741  if (TokenInfo0->Groups->Groups[i].Sid != NULL)
1742  LsapFreeHeap(TokenInfo0->Groups->Groups[i].Sid);
1743  }
1744 
1745  LsapFreeHeap(TokenInfo0->Groups);
1746  }
1747 
1748  LsapFreeHeap(TokenInfo0);
1749  }
1750  }
1751  else if (TokenInformationType == LsaTokenInformationV1)
1752  {
1753  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1754 
1755  if (TokenInfo1 != NULL)
1756  {
1757  if (TokenInfo1->User.User.Sid != NULL)
1758  LsapFreeHeap(TokenInfo1->User.User.Sid);
1759 
1760  if (TokenInfo1->Groups != NULL)
1761  {
1762  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
1763  {
1764  if (TokenInfo1->Groups->Groups[i].Sid != NULL)
1765  LsapFreeHeap(TokenInfo1->Groups->Groups[i].Sid);
1766  }
1767 
1768  LsapFreeHeap(TokenInfo1->Groups);
1769  }
1770 
1771  if (TokenInfo1->PrimaryGroup.PrimaryGroup != NULL)
1772  LsapFreeHeap(TokenInfo1->PrimaryGroup.PrimaryGroup);
1773 
1774  if (TokenInfo1->Privileges != NULL)
1775  LsapFreeHeap(TokenInfo1->Privileges);
1776 
1777  if (TokenInfo1->Owner.Owner != NULL)
1778  LsapFreeHeap(TokenInfo1->Owner.Owner);
1779 
1780  if (TokenInfo1->DefaultDacl.DefaultDacl != NULL)
1781  LsapFreeHeap(TokenInfo1->DefaultDacl.DefaultDacl);
1782 
1783  LsapFreeHeap(TokenInfo1);
1784  }
1785  }
1786  else
1787  {
1788  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
1789  }
1790  }
1791 
1792  /* Free the account name */
1793  if (AccountName != NULL)
1794  {
1795  if (AccountName->Buffer != NULL)
1796  LsapFreeHeap(AccountName->Buffer);
1797 
1798  LsapFreeHeap(AccountName);
1799  }
1800 
1801  /* Free the authentication authority */
1802  if (AuthenticatingAuthority != NULL)
1803  {
1804  if (AuthenticatingAuthority != NULL)
1805  LsapFreeHeap(AuthenticatingAuthority->Buffer);
1806 
1807  LsapFreeHeap(AuthenticatingAuthority);
1808  }
1809 
1810  /* Free the machine name */
1811  if (MachineName != NULL)
1812  {
1813  if (MachineName->Buffer != NULL)
1814  LsapFreeHeap(MachineName->Buffer);
1815 
1817  }
1818 
1819  TRACE("LsapLogonUser done (Status 0x%08lx)\n", Status);
1820 
1821  return Status;
1822 }
LARGE_INTEGER ExpirationTime
Definition: authpackage.c:22
static NTSTATUS LsapAddDefaultGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN SECURITY_LOGON_TYPE LogonType)
Definition: authpackage.c:809
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
PLSA_AP_LOGON_TERMINATED LsaApLogonTerminated
Definition: authpackage.c:102
PLSA_AP_LOGON_USER_EX2 LsaApLogonUserEx2
Definition: authpackage.c:103
#define DUPLICATE_CLOSE_SOURCE
LSA_LOGON_USER_MSG LogonUser
Definition: lsass.h:187
LARGE_INTEGER ExpirationTime
Definition: authpackage.c:28
PLSA_AP_LOGON_USER_INTERNAL LsaApLogonUser
Definition: authpackage.c:105
static NTSTATUS LsapAddSamGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1015
#define TRUE
Definition: types.h:120
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:225
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
NTSTATUS LsapSetLogonSessionData(_In_ PLUID LogonId, _In_ ULONG LogonType, _In_ PUNICODE_STRING UserName, _In_ PUNICODE_STRING LogonDomain, _In_ PSID Sid)
Definition: session.c:67
#define STATUS_NO_SUCH_PACKAGE
Definition: ntstatus.h:476
static NTSTATUS NTAPI LsapFreeClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ClientBaseAddress)
Definition: authpackage.c:414
NTSTATUS NTAPI LsapDeleteLogonSession(IN PLUID LogonId)
Definition: session.c:159
_In_ DWORD _Out_ PDWORD _In_opt_ PCSTR MachineName
Definition: setupapi.h:1286
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS LocalGroups
static NTSTATUS LsapSetTokenOwner(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1150
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
PLSA_AP_LOGON_USER_EX LsaApLogonUserEx
Definition: authpackage.c:104
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
static NTSTATUS LsapCopyLocalGroups(IN PLSAP_LOGON_CONTEXT LogonContext, IN PTOKEN_GROUPS ClientGroups, IN ULONG ClientGroupsCount, OUT PTOKEN_GROUPS *TokenGroups)
Definition: authpackage.c:618
PSID LsapWorldSid
Definition: lookup.c:78
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
static NTSTATUS LsapAddLocalGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN PTOKEN_GROUPS LocalGroups)
Definition: authpackage.c:726
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define DUPLICATE_SAME_ACCESS
#define FIXME(fmt,...)
Definition: debug.h:110
smooth NULL
Definition: ftsmooth.c:416
PSID Owner
Definition: setypes.h:974
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
struct _OBJECT_ATTRIBUTES OBJECT_ATTRIBUTES
#define NtCurrentProcess()
Definition: nt_native.h:1657
VOID NTAPI LsapFreeHeap(IN PVOID Base)
Definition: authpackage.c:381
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
TOKEN_PRIMARY_GROUP PrimaryGroup
Definition: authpackage.c:31
#define TRACE(s)
Definition: solgame.cpp:4
struct _LSA_TOKEN_INFORMATION_NULL * PLSA_TOKEN_INFORMATION_NULL
static NTSTATUS LsapAddTokenDefaultDacl(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1192
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define TOKEN_ALL_ACCESS
Definition: setypes.h:892
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2691
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
#define SECURITY_DYNAMIC_TRACKING
Definition: setypes.h:103
__kernel_entry NTSTATUS NTAPI NtCreateToken(_Out_ PHANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PTOKEN_USER TokenUser, _In_ PTOKEN_GROUPS TokenGroups, _In_ PTOKEN_PRIVILEGES TokenPrivileges, _In_opt_ PTOKEN_OWNER TokenOwner, _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup, _In_opt_ PTOKEN_DEFAULT_DACL TokenDefaultDacl, _In_ PTOKEN_SOURCE TokenSource)
Definition: token.c:3420
Status
Definition: gdiplustypes.h:24
enum _LSA_TOKEN_INFORMATION_TYPE LSA_TOKEN_INFORMATION_TYPE
#define ERR(fmt,...)
Definition: debug.h:109
PTOKEN_PRIVILEGES Privileges
Definition: authpackage.c:32
struct _LSA_LOGON_USER_MSG::@3353::@3356 Reply
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
#define DUPLICATE_SAME_ATTRIBUTES
Definition: obtypes.h:153
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
static NTSTATUS LsapSetPrivileges(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1297
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:964
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
TOKEN_DEFAULT_DACL DefaultDacl
Definition: authpackage.c:34
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
static PAUTH_PACKAGE LsapGetAuthenticationPackage(IN ULONG PackageId)
Definition: authpackage.c:341
$ULONG GroupCount
Definition: setypes.h:960
NTSTATUS NTAPI NtDuplicateObject(IN HANDLE SourceProcessHandle, IN HANDLE SourceHandle, IN HANDLE TargetProcessHandle OPTIONAL, OUT PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options)
Definition: obhandle.c:3407
unsigned int ULONG
Definition: retypes.h:1
SID_AND_ATTRIBUTES User
Definition: setypes.h:956
struct _LSA_LOGON_USER_MSG::@3353::@3355 Request
static ULONG PackageId
Definition: authpackage.c:163

Referenced by AuthPortThreadRoutine().

◆ LsapLookupAuthenticationPackage()

NTSTATUS LsapLookupAuthenticationPackage ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 510 of file authpackage.c.

512 {
513  PLIST_ENTRY ListEntry;
514  PAUTH_PACKAGE Package;
515  ULONG PackageNameLength;
516  PCHAR PackageName;
517 
518  TRACE("(%p %p)\n", RequestMsg, LogonContext);
519 
520  PackageNameLength = RequestMsg->LookupAuthenticationPackage.Request.PackageNameLength;
521  PackageName = RequestMsg->LookupAuthenticationPackage.Request.PackageName;
522 
523  TRACE("PackageName: %s\n", PackageName);
524 
525  ListEntry = PackageListHead.Flink;
526  while (ListEntry != &PackageListHead)
527  {
528  Package = CONTAINING_RECORD(ListEntry, AUTH_PACKAGE, Entry);
529 
530  if ((PackageNameLength == Package->Name->Length) &&
531  (_strnicmp(PackageName, Package->Name->Buffer, Package->Name->Length) == 0))
532  {
533  RequestMsg->LookupAuthenticationPackage.Reply.Package = Package->Id;
534  return STATUS_SUCCESS;
535  }
536 
537  ListEntry = ListEntry->Flink;
538  }
539 
540  return STATUS_NO_SUCH_PACKAGE;
541 }
signed char * PCHAR
Definition: retypes.h:7
struct _LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG::@3365::@3367 Request
LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG LookupAuthenticationPackage
Definition: lsass.h:190
#define STATUS_NO_SUCH_PACKAGE
Definition: ntstatus.h:476
unsigned short Length
Definition: sprintf.c:451
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
void * Buffer
Definition: sprintf.c:453
_Check_return_ _CRTIMP int __cdecl _strnicmp(_In_reads_or_z_(_MaxCount) const char *_Str1, _In_reads_or_z_(_MaxCount) const char *_Str2, _In_ size_t _MaxCount)
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:119
#define TRACE(s)
Definition: solgame.cpp:4
Definition: typedefs.h:117
unsigned int ULONG
Definition: retypes.h:1
struct _LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG::@3365::@3368 Reply
return STATUS_SUCCESS
Definition: btrfs.c:2938
base of all file and directory entries
Definition: entries.h:82
PSTRING Name
Definition: authpackage.c:94

Referenced by AuthPortThreadRoutine().

◆ LsapSetPrivileges()

static NTSTATUS LsapSetPrivileges ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType 
)
static

Definition at line 1297 of file authpackage.c.

1300 {
1301  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
1302  LSAPR_HANDLE PolicyHandle = NULL;
1303  LSAPR_HANDLE AccountHandle = NULL;
1305  ULONG i, j;
1306  NTSTATUS Status;
1307 
1308  if (TokenInformationType == LsaTokenInformationV1)
1309  {
1310  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1311 
1313  NULL,
1314  0,
1315  &PolicyHandle);
1316  if (!NT_SUCCESS(Status))
1317  return Status;
1318 
1319  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
1320  {
1321  Status = LsarOpenAccount(PolicyHandle,
1322  TokenInfo1->Groups->Groups[i].Sid,
1323  ACCOUNT_VIEW,
1324  &AccountHandle);
1325  if (!NT_SUCCESS(Status))
1326  continue;
1327 
1328  Status = LsarEnumeratePrivilegesAccount(AccountHandle,
1329  &Privileges);
1330  if (NT_SUCCESS(Status))
1331  {
1332  for (j = 0; j < Privileges->PrivilegeCount; j++)
1333  {
1335  &(Privileges->Privilege[j]));
1336  if (!NT_SUCCESS(Status))
1337  {
1338  /* We failed, clean everything and return */
1340  LsarClose(&AccountHandle);
1341  LsarClose(&PolicyHandle);
1342 
1343  return Status;
1344  }
1345  }
1346 
1348  Privileges = NULL;
1349  }
1350 
1351  LsarClose(&AccountHandle);
1352  }
1353 
1354  LsarClose(&PolicyHandle);
1355 
1356  if (TokenInfo1->Privileges != NULL)
1357  {
1358  for (i = 0; i < TokenInfo1->Privileges->PrivilegeCount; i++)
1359  {
1363  {
1365  }
1366  }
1367  }
1368  }
1369 
1370  return STATUS_SUCCESS;
1371 }
LONG NTSTATUS
Definition: precomp.h:26
$ULONG PrivilegeCount
Definition: setypes.h:969
VOID NTAPI LsaIFree_LSAPR_PRIVILEGE_SET(IN PLSAPR_PRIVILEGE_SET Ptr)
Definition: lsasrv.c:181
NTSTATUS WINAPI LsarEnumeratePrivilegesAccount(LSAPR_HANDLE AccountHandle, PLSAPR_PRIVILEGE_SET *Privileges)
Definition: lsarpc.c:1504
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
#define ACCOUNT_VIEW
Definition: ntlsa.h:28
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
smooth NULL
Definition: ftsmooth.c:416
NTSTATUS WINAPI LsarOpenAccount(LSAPR_HANDLE PolicyHandle, PRPC_SID AccountSid, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *AccountHandle)
Definition: lsarpc.c:1465
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
#define SE_PRIVILEGE_ENABLED_BY_DEFAULT
Definition: setypes.h:62
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
static const LUID SeChangeNotifyPrivilege
Definition: authpackage.c:167
static NTSTATUS LsapAddPrivilegeToTokenPrivileges(PTOKEN_PRIVILEGES *TokenPrivileges, PLSAPR_LUID_AND_ATTRIBUTES Privilege)
Definition: authpackage.c:1238
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
static const LUID SeCreateGlobalPrivilege
Definition: authpackage.c:168
NTSTATUS WINAPI LsarClose(LSAPR_HANDLE *ObjectHandle)
Definition: lsarpc.c:125
Status
Definition: gdiplustypes.h:24
PTOKEN_PRIVILEGES Privileges
Definition: authpackage.c:32
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:964
NTSTATUS WINAPI LsarOpenPolicy(LPWSTR SystemName, PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *PolicyHandle)
Definition: lsarpc.c:495
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:970
$ULONG GroupCount
Definition: setypes.h:960
unsigned int ULONG
Definition: retypes.h:1
return STATUS_SUCCESS
Definition: btrfs.c:2938
static const LUID SeImpersonatePrivilege
Definition: authpackage.c:169

Referenced by LsapLogonUser().

◆ LsapSetTokenOwner()

static NTSTATUS LsapSetTokenOwner ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType 
)
static

Definition at line 1150 of file authpackage.c.

1153 {
1154  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
1155  PSID_AND_ATTRIBUTES OwnerSid = NULL;
1156  ULONG i, Length;
1157 
1158  if (TokenInformationType == LsaTokenInformationV1)
1159  {
1160  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1161 
1162  if (TokenInfo1->Owner.Owner != NULL)
1163  return STATUS_SUCCESS;
1164 
1165  OwnerSid = &TokenInfo1->User.User;
1166  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
1167  {
1168  if (EqualSid(TokenInfo1->Groups->Groups[i].Sid, LsapAdministratorsSid))
1169  {
1170  OwnerSid = &TokenInfo1->Groups->Groups[i];
1171  break;
1172  }
1173  }
1174 
1175  Length = RtlLengthSid(OwnerSid->Sid);
1177  if (TokenInfo1->Owner.Owner == NULL)
1179 
1180  RtlCopyMemory(TokenInfo1->Owner.Owner,
1181  OwnerSid->Sid,
1182  Length);
1183  OwnerSid->Attributes |= SE_GROUP_OWNER;
1184  }
1185 
1186  return STATUS_SUCCESS;
1187 }
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
Definition: security.c:708
PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
Definition: authpackage.c:60
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define SE_GROUP_OWNER
Definition: setypes.h:93
smooth NULL
Definition: ftsmooth.c:416
PSID Owner
Definition: setypes.h:974
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
PSID LsapAdministratorsSid
Definition: lookup.c:84
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
static LSA_DISPATCH_TABLE DispatchTable
Definition: authpackage.c:164
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:964
$ULONG GroupCount
Definition: setypes.h:960
unsigned int ULONG
Definition: retypes.h:1
SID_AND_ATTRIBUTES User
Definition: setypes.h:956
return STATUS_SUCCESS
Definition: btrfs.c:2938

Referenced by LsapLogonUser().

◆ SamIConnect()

NTSTATUS NTAPI SamIConnect ( PSAMPR_SERVER_NAME  ServerName,
SAMPR_HANDLE ServerHandle,
ACCESS_MASK  DesiredAccess,
BOOLEAN  Trusted 
)

◆ SamIFree_SAMPR_ULONG_ARRAY()

VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY ( PSAMPR_ULONG_ARRAY  Ptr)

Definition at line 515 of file samsrv.c.

516 {
517  if (Ptr == NULL)
518  return;
519 
520  if (Ptr->Element != NULL)
521  {
522  MIDL_user_free(Ptr->Element);
523  Ptr->Element = NULL;
524  Ptr->Count = 0;
525  }
526 }
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
smooth NULL
Definition: ftsmooth.c:416
void __RPC_USER MIDL_user_free(void *p)
Definition: irotp.c:376

Referenced by LsaApLogonUserEx2(), LsapAddSamGroups(), and MsvpChangePassword().

◆ SamrCloseHandle()

◆ SamrGetAliasMembership()

NTSTATUS __stdcall SamrGetAliasMembership ( SAMPR_HANDLE  DomainHandle,
PSAMPR_PSID_ARRAY  SidArray,
PSAMPR_ULONG_ARRAY  Membership 
)

◆ SamrOpenDomain()

NTSTATUS __stdcall SamrOpenDomain ( SAMPR_HANDLE  ServerHandle,
ACCESS_MASK  DesiredAccess,
PRPC_SID  DomainId,
SAMPR_HANDLE DomainHandle 
)

Variable Documentation

◆ DispatchTable

◆ PackageId

◆ PackageListHead

◆ SeChangeNotifyPrivilege

const LUID SeChangeNotifyPrivilege = CONST_LUID(SE_CHANGE_NOTIFY_PRIVILEGE, 0)
static

Definition at line 167 of file authpackage.c.

Referenced by LsapSetPrivileges(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeCreateGlobalPrivilege

const LUID SeCreateGlobalPrivilege = CONST_LUID(SE_CREATE_GLOBAL_PRIVILEGE, 0)
static

Definition at line 168 of file authpackage.c.

Referenced by LsapSetPrivileges(), ObpLookupObjectName(), and SepInitExports().

◆ SeImpersonatePrivilege

const LUID SeImpersonatePrivilege = CONST_LUID(SE_IMPERSONATE_PRIVILEGE, 0)
static

Definition at line 169 of file authpackage.c.

Referenced by LsapSetPrivileges(), and SepInitExports().