ReactOS  0.4.15-dev-3207-ga415bd4
authpackage.c File Reference
#include "lsasrv.h"
#include <ndk/sefuncs.h>
#include <ndk/umfuncs.h>
Include dependency graph for authpackage.c:

Go to the source code of this file.

Classes

struct  _LSA_TOKEN_INFORMATION_NULL
 
struct  _LSA_TOKEN_INFORMATION_V1
 
struct  LSA_DISPATCH_TABLE
 
struct  _AUTH_PACKAGE
 
struct  _SAMPR_SID_INFORMATION
 
struct  _SAMPR_PSID_ARRAY
 

Macros

#define CONST_LUID(x1, x2)   {x1, x2}
 

Typedefs

typedef enum _LSA_TOKEN_INFORMATION_TYPE LSA_TOKEN_INFORMATION_TYPE
 
typedef enum _LSA_TOKEN_INFORMATION_TYPEPLSA_TOKEN_INFORMATION_TYPE
 
typedef struct _LSA_TOKEN_INFORMATION_NULL LSA_TOKEN_INFORMATION_NULL
 
typedef struct _LSA_TOKEN_INFORMATION_NULLPLSA_TOKEN_INFORMATION_NULL
 
typedef struct _LSA_TOKEN_INFORMATION_V1 LSA_TOKEN_INFORMATION_V1
 
typedef struct _LSA_TOKEN_INFORMATION_V1PLSA_TOKEN_INFORMATION_V1
 
typedef PVOID PLSA_CLIENT_REQUEST
 
typedef NTSTATUS(NTAPIPLSA_CREATE_LOGON_SESSION) (PLUID)
 
typedef NTSTATUS(NTAPIPLSA_DELETE_LOGON_SESSION) (PLUID)
 
typedef NTSTATUS(NTAPIPLSA_ADD_CREDENTIAL) (PLUID, ULONG, PLSA_STRING, PLSA_STRING)
 
typedef NTSTATUS(NTAPIPLSA_GET_CREDENTIALS) (PLUID, ULONG, PULONG, BOOLEAN, PLSA_STRING, PULONG, PLSA_STRING)
 
typedef NTSTATUS(NTAPIPLSA_DELETE_CREDENTIAL) (PLUID, ULONG, PLSA_STRING)
 
typedef PVOID(NTAPIPLSA_ALLOCATE_LSA_HEAP) (ULONG)
 
typedef VOID(NTAPIPLSA_FREE_LSA_HEAP) (PVOID)
 
typedef NTSTATUS(NTAPIPLSA_ALLOCATE_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID *)
 
typedef NTSTATUS(NTAPIPLSA_FREE_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, PVOID)
 
typedef NTSTATUS(NTAPIPLSA_COPY_TO_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID, PVOID)
 
typedef NTSTATUS(NTAPIPLSA_COPY_FROM_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID, PVOID)
 
typedef struct LSA_DISPATCH_TABLE LSA_DISPATCH_TABLE
 
typedef struct LSA_DISPATCH_TABLEPLSA_DISPATCH_TABLE
 
typedef NTSTATUS(NTAPIPLSA_AP_INITIALIZE_PACKAGE) (ULONG, PLSA_DISPATCH_TABLE, PLSA_STRING, PLSA_STRING, PLSA_STRING *)
 
typedef NTSTATUS(NTAPIPLSA_AP_CALL_PACKAGE_INTERNAL) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)
 
typedef NTSTATUS(NTAPIPLSA_AP_CALL_PACKAGE_PASSTHROUGH) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)
 
typedef NTSTATUS(NTAPIPLSA_AP_CALL_PACKAGE_UNTRUSTED) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)
 
typedef VOID(NTAPIPLSA_AP_LOGON_TERMINATED) (PLUID)
 
typedef NTSTATUS(NTAPIPLSA_AP_LOGON_USER_EX2) (PLSA_CLIENT_REQUEST, SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS, PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *, PUNICODE_STRING *, PVOID, PVOID)
 
typedef NTSTATUS(NTAPIPLSA_AP_LOGON_USER_EX) (PLSA_CLIENT_REQUEST, SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS, PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *, PUNICODE_STRING *)
 
typedef NTSTATUS(NTAPIPLSA_AP_LOGON_USER_INTERNAL) (PLSA_CLIENT_REQUEST, SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS, PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *)
 
typedef struct _AUTH_PACKAGE AUTH_PACKAGE
 
typedef struct _AUTH_PACKAGEPAUTH_PACKAGE
 
typedef wchar_tPSAMPR_SERVER_NAME
 
typedef voidSAMPR_HANDLE
 
typedef struct _SAMPR_SID_INFORMATION SAMPR_SID_INFORMATION
 
typedef struct _SAMPR_SID_INFORMATIONPSAMPR_SID_INFORMATION
 
typedef struct _SAMPR_PSID_ARRAY SAMPR_PSID_ARRAY
 
typedef struct _SAMPR_PSID_ARRAYPSAMPR_PSID_ARRAY
 

Enumerations

enum  _LSA_TOKEN_INFORMATION_TYPE {
  LsaTokenInformationNull, LsaTokenInformationV1, LsaTokenInformationNull, LsaTokenInformationV1,
  LsaTokenInformationV2
}
 

Functions

VOID NTAPI LsaIFree_LSAPR_PRIVILEGE_SET (IN PLSAPR_PRIVILEGE_SET Ptr)
 
NTSTATUS NTAPI SamIConnect (PSAMPR_SERVER_NAME ServerName, SAMPR_HANDLE *ServerHandle, ACCESS_MASK DesiredAccess, BOOLEAN Trusted)
 
VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY (PSAMPR_ULONG_ARRAY Ptr)
 
NTSTATUS __stdcall SamrCloseHandle (SAMPR_HANDLE *SamHandle)
 
NTSTATUS __stdcall SamrOpenDomain (SAMPR_HANDLE ServerHandle, ACCESS_MASK DesiredAccess, PRPC_SID DomainId, SAMPR_HANDLE *DomainHandle)
 
NTSTATUS __stdcall SamrGetAliasMembership (SAMPR_HANDLE DomainHandle, PSAMPR_PSID_ARRAY SidArray, PSAMPR_ULONG_ARRAY Membership)
 
static NTSTATUS NTAPI LsapAddAuthPackage (IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
 
static PAUTH_PACKAGE LsapGetAuthenticationPackage (IN ULONG PackageId)
 
PVOID NTAPI LsapAllocateHeap (IN ULONG Length)
 
PVOID NTAPI LsapAllocateHeapZero (IN ULONG Length)
 
VOID NTAPI LsapFreeHeap (IN PVOID Base)
 
static NTSTATUS NTAPI LsapAllocateClientBuffer (IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG LengthRequired, OUT PVOID *ClientBaseAddress)
 
static NTSTATUS NTAPI LsapFreeClientBuffer (IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ClientBaseAddress)
 
static NTSTATUS NTAPI LsapCopyToClientBuffer (IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID ClientBaseAddress, IN PVOID BufferToCopy)
 
static NTSTATUS NTAPI LsapCopyFromClientBuffer (IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID BufferToCopy, IN PVOID ClientBaseAddress)
 
NTSTATUS LsapInitAuthPackages (VOID)
 
NTSTATUS LsapLookupAuthenticationPackage (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
VOID LsapTerminateLogon (_In_ PLUID LogonId)
 
NTSTATUS LsapCallAuthenticationPackage (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 
static NTSTATUS LsapCopyLocalGroups (IN PLSAP_LOGON_CONTEXT LogonContext, IN PTOKEN_GROUPS ClientGroups, IN ULONG ClientGroupsCount, OUT PTOKEN_GROUPS *TokenGroups)
 
static NTSTATUS LsapAddLocalGroups (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN PTOKEN_GROUPS LocalGroups)
 
static NTSTATUS LsapAddDefaultGroups (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN SECURITY_LOGON_TYPE LogonType)
 
static NTSTATUS LsapAppendSidToGroups (IN PTOKEN_GROUPS *TokenGroups, IN PSID DomainSid, IN ULONG RelativeId)
 
static NTSTATUS LsapAddSamGroups (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
 
static NTSTATUS LsapSetTokenOwner (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
 
static NTSTATUS LsapAddTokenDefaultDacl (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
 
static NTSTATUS LsapAddPrivilegeToTokenPrivileges (PTOKEN_PRIVILEGES *TokenPrivileges, PLSAPR_LUID_AND_ATTRIBUTES Privilege)
 
static NTSTATUS LsapSetPrivileges (IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
 
NTSTATUS LsapLogonUser (PLSA_API_MSG RequestMsg, PLSAP_LOGON_CONTEXT LogonContext)
 

Variables

static LIST_ENTRY PackageListHead
 
static ULONG PackageId
 
static LSA_DISPATCH_TABLE DispatchTable
 
static const LUID SeChangeNotifyPrivilege = CONST_LUID(SE_CHANGE_NOTIFY_PRIVILEGE, 0)
 
static const LUID SeCreateGlobalPrivilege = CONST_LUID(SE_CREATE_GLOBAL_PRIVILEGE, 0)
 
static const LUID SeImpersonatePrivilege = CONST_LUID(SE_IMPERSONATE_PRIVILEGE, 0)
 

Macro Definition Documentation

◆ CONST_LUID

#define CONST_LUID (   x1,
  x2 
)    {x1, x2}

Definition at line 166 of file authpackage.c.

Typedef Documentation

◆ AUTH_PACKAGE

◆ LSA_DISPATCH_TABLE

◆ LSA_TOKEN_INFORMATION_NULL

◆ LSA_TOKEN_INFORMATION_TYPE

◆ LSA_TOKEN_INFORMATION_V1

◆ PAUTH_PACKAGE

◆ PLSA_ADD_CREDENTIAL

typedef NTSTATUS(NTAPI * PLSA_ADD_CREDENTIAL) (PLUID, ULONG, PLSA_STRING, PLSA_STRING)

Definition at line 41 of file authpackage.c.

◆ PLSA_ALLOCATE_CLIENT_BUFFER

typedef NTSTATUS(NTAPI * PLSA_ALLOCATE_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID *)

Definition at line 46 of file authpackage.c.

◆ PLSA_ALLOCATE_LSA_HEAP

typedef PVOID(NTAPI * PLSA_ALLOCATE_LSA_HEAP) (ULONG)

Definition at line 44 of file authpackage.c.

◆ PLSA_AP_CALL_PACKAGE_INTERNAL

typedef NTSTATUS(NTAPI * PLSA_AP_CALL_PACKAGE_INTERNAL) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)

Definition at line 71 of file authpackage.c.

◆ PLSA_AP_CALL_PACKAGE_PASSTHROUGH

typedef NTSTATUS(NTAPI * PLSA_AP_CALL_PACKAGE_PASSTHROUGH) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)

Definition at line 73 of file authpackage.c.

◆ PLSA_AP_CALL_PACKAGE_UNTRUSTED

typedef NTSTATUS(NTAPI * PLSA_AP_CALL_PACKAGE_UNTRUSTED) (PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)

Definition at line 75 of file authpackage.c.

◆ PLSA_AP_INITIALIZE_PACKAGE

typedef NTSTATUS(NTAPI * PLSA_AP_INITIALIZE_PACKAGE) (ULONG, PLSA_DISPATCH_TABLE, PLSA_STRING, PLSA_STRING, PLSA_STRING *)

Definition at line 69 of file authpackage.c.

◆ PLSA_AP_LOGON_TERMINATED

typedef VOID(NTAPI * PLSA_AP_LOGON_TERMINATED) (PLUID)

Definition at line 77 of file authpackage.c.

◆ PLSA_AP_LOGON_USER_EX

◆ PLSA_AP_LOGON_USER_EX2

◆ PLSA_AP_LOGON_USER_INTERNAL

◆ PLSA_CLIENT_REQUEST

Definition at line 37 of file authpackage.c.

◆ PLSA_COPY_FROM_CLIENT_BUFFER

typedef NTSTATUS(NTAPI * PLSA_COPY_FROM_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID, PVOID)

Definition at line 50 of file authpackage.c.

◆ PLSA_COPY_TO_CLIENT_BUFFER

typedef NTSTATUS(NTAPI * PLSA_COPY_TO_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, ULONG, PVOID, PVOID)

Definition at line 48 of file authpackage.c.

◆ PLSA_CREATE_LOGON_SESSION

typedef NTSTATUS(NTAPI * PLSA_CREATE_LOGON_SESSION) (PLUID)

Definition at line 39 of file authpackage.c.

◆ PLSA_DELETE_CREDENTIAL

typedef NTSTATUS(NTAPI * PLSA_DELETE_CREDENTIAL) (PLUID, ULONG, PLSA_STRING)

Definition at line 43 of file authpackage.c.

◆ PLSA_DELETE_LOGON_SESSION

typedef NTSTATUS(NTAPI * PLSA_DELETE_LOGON_SESSION) (PLUID)

Definition at line 40 of file authpackage.c.

◆ PLSA_DISPATCH_TABLE

◆ PLSA_FREE_CLIENT_BUFFER

typedef NTSTATUS(NTAPI * PLSA_FREE_CLIENT_BUFFER) (PLSA_CLIENT_REQUEST, PVOID)

Definition at line 47 of file authpackage.c.

◆ PLSA_FREE_LSA_HEAP

typedef VOID(NTAPI * PLSA_FREE_LSA_HEAP) (PVOID)

Definition at line 45 of file authpackage.c.

◆ PLSA_GET_CREDENTIALS

typedef NTSTATUS(NTAPI * PLSA_GET_CREDENTIALS) (PLUID, ULONG, PULONG, BOOLEAN, PLSA_STRING, PULONG, PLSA_STRING)

Definition at line 42 of file authpackage.c.

◆ PLSA_TOKEN_INFORMATION_NULL

◆ PLSA_TOKEN_INFORMATION_TYPE

◆ PLSA_TOKEN_INFORMATION_V1

◆ PSAMPR_PSID_ARRAY

◆ PSAMPR_SERVER_NAME

Definition at line 112 of file authpackage.c.

◆ PSAMPR_SID_INFORMATION

◆ SAMPR_HANDLE

typedef void* SAMPR_HANDLE

Definition at line 113 of file authpackage.c.

◆ SAMPR_PSID_ARRAY

◆ SAMPR_SID_INFORMATION

Enumeration Type Documentation

◆ _LSA_TOKEN_INFORMATION_TYPE

Enumerator
LsaTokenInformationNull 
LsaTokenInformationV1 
LsaTokenInformationNull 
LsaTokenInformationV1 
LsaTokenInformationV2 

Definition at line 14 of file authpackage.c.

15 {
enum _LSA_TOKEN_INFORMATION_TYPE * PLSA_TOKEN_INFORMATION_TYPE
enum _LSA_TOKEN_INFORMATION_TYPE LSA_TOKEN_INFORMATION_TYPE

Function Documentation

◆ LsaIFree_LSAPR_PRIVILEGE_SET()

VOID NTAPI LsaIFree_LSAPR_PRIVILEGE_SET ( IN PLSAPR_PRIVILEGE_SET  Ptr)

Definition at line 181 of file lsasrv.c.

182 {
183  if (Ptr != NULL)
184  {
186  }
187 }
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
void __RPC_USER midl_user_free(void __RPC_FAR *ptr)
Definition: lsasrv.c:346
#define NULL
Definition: types.h:112

Referenced by LsapSetPrivileges().

◆ LsapAddAuthPackage()

static NTSTATUS NTAPI LsapAddAuthPackage ( IN PWSTR  ValueName,
IN ULONG  ValueType,
IN PVOID  ValueData,
IN ULONG  ValueLength,
IN PVOID  Context,
IN PVOID  EntryContext 
)
static

Definition at line 177 of file authpackage.c.

183 {
184  PAUTH_PACKAGE Package = NULL;
185  UNICODE_STRING PackageName;
186  STRING ProcName;
187  PULONG Id;
189 
190  TRACE("LsapAddAuthPackage()\n");
191 
192  PackageName.Length = (USHORT)ValueLength - sizeof(WCHAR);
193  PackageName.MaximumLength = (USHORT)ValueLength;
194  PackageName.Buffer = ValueData;
195 
196  Id = (PULONG)Context;
197 
198  Package = RtlAllocateHeap(RtlGetProcessHeap(),
200  sizeof(AUTH_PACKAGE));
201  if (Package == NULL)
203 
205  NULL,
206  &PackageName,
207  &Package->ModuleHandle);
208  if (!NT_SUCCESS(Status))
209  {
210  TRACE("LdrLoadDll failed (Status 0x%08lx)\n", Status);
211  goto done;
212  }
213 
214  RtlInitAnsiString(&ProcName, "LsaApInitializePackage");
216  &ProcName,
217  0,
218  (PVOID *)&Package->LsaApInitializePackage);
219  if (!NT_SUCCESS(Status))
220  {
221  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
222  goto done;
223  }
224 
225  RtlInitAnsiString(&ProcName, "LsaApCallPackage");
227  &ProcName,
228  0,
229  (PVOID *)&Package->LsaApCallPackage);
230  if (!NT_SUCCESS(Status))
231  {
232  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
233  goto done;
234  }
235 
236  RtlInitAnsiString(&ProcName, "LsaApCallPackagePassthrough");
238  &ProcName,
239  0,
240  (PVOID *)&Package->LsaApCallPackagePassthrough);
241  if (!NT_SUCCESS(Status))
242  {
243  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
244  goto done;
245  }
246 
247  RtlInitAnsiString(&ProcName, "LsaApCallPackageUntrusted");
249  &ProcName,
250  0,
251  (PVOID *)&Package->LsaApCallPackageUntrusted);
252  if (!NT_SUCCESS(Status))
253  {
254  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
255  goto done;
256  }
257 
258  RtlInitAnsiString(&ProcName, "LsaApLogonTerminated");
260  &ProcName,
261  0,
262  (PVOID *)&Package->LsaApLogonTerminated);
263  if (!NT_SUCCESS(Status))
264  {
265  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
266  goto done;
267  }
268 
269  RtlInitAnsiString(&ProcName, "LsaApLogonUserEx2");
271  &ProcName,
272  0,
273  (PVOID *)&Package->LsaApLogonUserEx2);
274  if (!NT_SUCCESS(Status))
275  {
276  RtlInitAnsiString(&ProcName, "LsaApLogonUserEx");
278  &ProcName,
279  0,
280  (PVOID *)&Package->LsaApLogonUserEx);
281  if (!NT_SUCCESS(Status))
282  {
283  RtlInitAnsiString(&ProcName, "LsaApLogonUser");
285  &ProcName,
286  0,
287  (PVOID *)&Package->LsaApLogonUser);
288  if (!NT_SUCCESS(Status))
289  {
290  TRACE("LdrGetProcedureAddress() failed (Status 0x%08lx)\n", Status);
291  goto done;
292  }
293  }
294  }
295 
296  /* Initialize the current package */
297  Status = Package->LsaApInitializePackage(*Id,
298  &DispatchTable,
299  NULL,
300  NULL,
301  &Package->Name);
302  if (!NT_SUCCESS(Status))
303  {
304  TRACE("Package->LsaApInitializePackage() failed (Status 0x%08lx)\n", Status);
305  goto done;
306  }
307 
308  TRACE("Package Name: %s\n", Package->Name->Buffer);
309 
310  Package->Id = *Id;
311  (*Id)++;
312 
313  InsertTailList(&PackageListHead, &Package->Entry);
314 
315 done:
316  if (!NT_SUCCESS(Status))
317  {
318  if (Package != NULL)
319  {
320  if (Package->ModuleHandle != NULL)
321  LdrUnloadDll(Package->ModuleHandle);
322 
323  if (Package->Name != NULL)
324  {
325  if (Package->Name->Buffer != NULL)
326  RtlFreeHeap(RtlGetProcessHeap(), 0, Package->Name->Buffer);
327 
328  RtlFreeHeap(RtlGetProcessHeap(), 0, Package->Name);
329  }
330 
331  RtlFreeHeap(RtlGetProcessHeap(), 0, Package);
332  }
333  }
334 
335  return Status;
336 }
PLSA_AP_LOGON_TERMINATED LsaApLogonTerminated
Definition: authpackage.c:102
PLSA_AP_LOGON_USER_EX2 LsaApLogonUserEx2
Definition: authpackage.c:103
PLSA_AP_LOGON_USER_INTERNAL LsaApLogonUser
Definition: authpackage.c:105
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
USHORT MaximumLength
Definition: env_spec_w32.h:370
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define InsertTailList(ListHead, Entry)
PVOID ModuleHandle
Definition: authpackage.c:96
PLSA_AP_LOGON_USER_EX LsaApLogonUserEx
Definition: authpackage.c:104
DWORD Id
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
void * Buffer
Definition: sprintf.c:453
PLSA_AP_CALL_PACKAGE_PASSTHROUGH LsaApCallPackagePassthrough
Definition: authpackage.c:100
NTSTATUS NTAPI LdrGetProcedureAddress(IN PVOID BaseAddress, IN PANSI_STRING Name, IN ULONG Ordinal, OUT PVOID *ProcedureAddress)
Definition: ldrapi.c:823
LIST_ENTRY Entry
Definition: authpackage.c:93
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
#define TRACE(s)
Definition: solgame.cpp:4
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PLSA_AP_CALL_PACKAGE_UNTRUSTED LsaApCallPackageUntrusted
Definition: authpackage.c:101
_In_ GUID _In_ PVOID ValueData
Definition: hubbusif.h:311
std::wstring STRING
Definition: fontsub.cpp:33
NTSTATUS NTAPI DECLSPEC_HOTPATCH LdrLoadDll(IN PWSTR SearchPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *BaseAddress)
Definition: ldrapi.c:310
NTSTATUS NTAPI LdrUnloadDll(IN PVOID BaseAddress)
Definition: ldrapi.c:1322
PLSA_AP_INITIALIZE_PACKAGE LsaApInitializePackage
Definition: authpackage.c:98
unsigned short USHORT
Definition: pedump.c:61
PLSA_AP_CALL_PACKAGE_INTERNAL LsaApCallPackage
Definition: authpackage.c:99
unsigned int * PULONG
Definition: retypes.h:1
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
#define STATUS_SUCCESS
Definition: shellext.h:65
_In_ PWDFDEVICE_INIT _In_ PWDF_PDO_EVENT_CALLBACKS DispatchTable
Definition: wdfpdo.h:245
PSTRING Name
Definition: authpackage.c:94
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING _In_ ULONG ValueLength
Definition: wdfregistry.h:271

Referenced by LsapInitAuthPackages().

◆ LsapAddDefaultGroups()

static NTSTATUS LsapAddDefaultGroups ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType,
IN SECURITY_LOGON_TYPE  LogonType 
)
static

Definition at line 828 of file authpackage.c.

832 {
833  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
835  ULONG i, Length;
836  PSID SrcSid;
837 
838  if (TokenInformationType == LsaTokenInformationV1)
839  {
840  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
841 
842  if (TokenInfo1->Groups != NULL)
843  {
844  Length = sizeof(TOKEN_GROUPS) +
845  (TokenInfo1->Groups->GroupCount + 2 - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
846 
847  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
848  if (Groups == NULL)
849  {
850  ERR("Group buffer allocation failed!\n");
852  }
853 
854  Groups->GroupCount = TokenInfo1->Groups->GroupCount;
855 
856  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
857  {
858  Groups->Groups[i].Sid = TokenInfo1->Groups->Groups[i].Sid;
859  Groups->Groups[i].Attributes = TokenInfo1->Groups->Groups[i].Attributes;
860  }
861 
862  RtlFreeHeap(RtlGetProcessHeap(), 0, TokenInfo1->Groups);
863 
864  TokenInfo1->Groups = Groups;
865 
866  }
867  else
868  {
869  Length = sizeof(TOKEN_GROUPS) +
870  (2 - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
871 
872  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
873  if (Groups == NULL)
874  {
875  ERR("Group buffer allocation failed!\n");
877  }
878 
879  TokenInfo1->Groups = Groups;
880  }
881 
882  /* Append the World SID (aka Everyone) */
884  Groups->Groups[Groups->GroupCount].Sid = RtlAllocateHeap(RtlGetProcessHeap(),
886  Length);
887  if (Groups->Groups[Groups->GroupCount].Sid == NULL)
889 
890  RtlCopyMemory(Groups->Groups[Groups->GroupCount].Sid,
891  LsapWorldSid,
892  Length);
893 
894  Groups->Groups[Groups->GroupCount].Attributes =
896 
897  Groups->GroupCount++;
898 
899  /* Append the logon type SID */
900  switch (LogonType)
901  {
902  case Interactive:
903  SrcSid = LsapInteractiveSid;
904  break;
905 
906  case Network:
907  SrcSid = LsapNetworkSid;
908  break;
909 
910  case Batch:
911  SrcSid = LsapBatchSid;
912  break;
913 
914  case Service:
915  SrcSid = LsapServiceSid;
916  break;
917 
918  default:
919  FIXME("LogonType %d is not supported!\n", LogonType);
920  return STATUS_NOT_IMPLEMENTED;
921  }
922 
923  Length = RtlLengthSid(SrcSid);
924  Groups->Groups[Groups->GroupCount].Sid = RtlAllocateHeap(RtlGetProcessHeap(),
926  Length);
927  if (Groups->Groups[Groups->GroupCount].Sid == NULL)
929 
930  RtlCopyMemory(Groups->Groups[Groups->GroupCount].Sid,
931  SrcSid,
932  Length);
933 
934  Groups->Groups[Groups->GroupCount].Attributes =
936 
937  Groups->GroupCount++;
938  }
939  else
940  {
941  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
942  return STATUS_NOT_IMPLEMENTED;
943  }
944 
945  return STATUS_SUCCESS;
946 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define ANYSIZE_ARRAY
Definition: typedefs.h:46
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
TOpcodeData Groups[17][8]
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
PSID LsapWorldSid
Definition: lookup.c:78
return STATUS_NOT_IMPLEMENTED
#define FIXME(fmt,...)
Definition: debug.h:111
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
PSID LsapBatchSid
Definition: lookup.c:80
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
PSID LsapInteractiveSid
Definition: lookup.c:81
#define SE_GROUP_ENABLED
Definition: setypes.h:92
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
PSID LsapServiceSid
Definition: lookup.c:82
struct _TOKEN_GROUPS TOKEN_GROUPS
#define ERR(fmt,...)
Definition: debug.h:110
PSID LsapNetworkSid
Definition: lookup.c:79
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:983
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
$ULONG GroupCount
Definition: setypes.h:979
unsigned int ULONG
Definition: retypes.h:1
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapLogonUser().

◆ LsapAddLocalGroups()

static NTSTATUS LsapAddLocalGroups ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType,
IN PTOKEN_GROUPS  LocalGroups 
)
static

Definition at line 745 of file authpackage.c.

749 {
750  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
752  ULONG Length;
753  ULONG i;
754  ULONG j;
755 
756  if (LocalGroups == NULL || LocalGroups->GroupCount == 0)
757  return STATUS_SUCCESS;
758 
759  if (TokenInformationType == LsaTokenInformationV1)
760  {
761  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
762 
763  if (TokenInfo1->Groups != NULL)
764  {
765  Length = sizeof(TOKEN_GROUPS) +
766  (LocalGroups->GroupCount + TokenInfo1->Groups->GroupCount - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
767 
768  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
769  if (Groups == NULL)
770  {
771  ERR("Group buffer allocation failed!\n");
773  }
774 
775  Groups->GroupCount = LocalGroups->GroupCount + TokenInfo1->Groups->GroupCount;
776 
777  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
778  {
779  Groups->Groups[i].Sid = TokenInfo1->Groups->Groups[i].Sid;
780  Groups->Groups[i].Attributes = TokenInfo1->Groups->Groups[i].Attributes;
781  }
782 
783  for (j = 0; j < LocalGroups->GroupCount; i++, j++)
784  {
785  Groups->Groups[i].Sid = LocalGroups->Groups[j].Sid;
786  Groups->Groups[i].Attributes = LocalGroups->Groups[j].Attributes;
787  LocalGroups->Groups[j].Sid = NULL;
788  }
789 
790  RtlFreeHeap(RtlGetProcessHeap(), 0, TokenInfo1->Groups);
791 
792  TokenInfo1->Groups = Groups;
793  }
794  else
795  {
796  Length = sizeof(TOKEN_GROUPS) +
797  (LocalGroups->GroupCount - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
798 
799  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
800  if (Groups == NULL)
801  {
802  ERR("Group buffer allocation failed!\n");
804  }
805 
806  Groups->GroupCount = LocalGroups->GroupCount;
807 
808  for (i = 0; i < LocalGroups->GroupCount; i++)
809  {
810  Groups->Groups[i].Sid = LocalGroups->Groups[i].Sid;
811  Groups->Groups[i].Attributes = LocalGroups->Groups[i].Attributes;
812  }
813 
814  TokenInfo1->Groups = Groups;
815  }
816  }
817  else
818  {
819  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
820  return STATUS_NOT_IMPLEMENTED;
821  }
822 
823  return STATUS_SUCCESS;
824 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define ANYSIZE_ARRAY
Definition: typedefs.h:46
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS LocalGroups
TOpcodeData Groups[17][8]
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
return STATUS_NOT_IMPLEMENTED
#define FIXME(fmt,...)
Definition: debug.h:111
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
struct _TOKEN_GROUPS TOKEN_GROUPS
#define ERR(fmt,...)
Definition: debug.h:110
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:983
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
$ULONG GroupCount
Definition: setypes.h:979
unsigned int ULONG
Definition: retypes.h:1
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapLogonUser().

◆ LsapAddPrivilegeToTokenPrivileges()

static NTSTATUS LsapAddPrivilegeToTokenPrivileges ( PTOKEN_PRIVILEGES TokenPrivileges,
PLSAPR_LUID_AND_ATTRIBUTES  Privilege 
)
static

Definition at line 1257 of file authpackage.c.

1259 {
1260  PTOKEN_PRIVILEGES LocalPrivileges;
1261  ULONG Length, TokenPrivilegeCount, i;
1263 
1264  if (*TokenPrivileges == NULL)
1265  {
1266  Length = sizeof(TOKEN_PRIVILEGES) +
1267  (1 - ANYSIZE_ARRAY) * sizeof(LUID_AND_ATTRIBUTES);
1268  LocalPrivileges = RtlAllocateHeap(RtlGetProcessHeap(),
1269  0,
1270  Length);
1271  if (LocalPrivileges == NULL)
1273 
1274  LocalPrivileges->PrivilegeCount = 1;
1275  LocalPrivileges->Privileges[0].Luid = Privilege->Luid;
1276  LocalPrivileges->Privileges[0].Attributes = Privilege->Attributes;
1277  }
1278  else
1279  {
1280  TokenPrivilegeCount = (*TokenPrivileges)->PrivilegeCount;
1281 
1282  for (i = 0; i < TokenPrivilegeCount; i++)
1283  {
1284  if (RtlEqualLuid(&(*TokenPrivileges)->Privileges[i].Luid, &Privilege->Luid))
1285  return STATUS_SUCCESS;
1286  }
1287 
1288  Length = sizeof(TOKEN_PRIVILEGES) +
1289  (TokenPrivilegeCount + 1 - ANYSIZE_ARRAY) * sizeof(LUID_AND_ATTRIBUTES);
1290  LocalPrivileges = RtlAllocateHeap(RtlGetProcessHeap(),
1291  0,
1292  Length);
1293  if (LocalPrivileges == NULL)
1295 
1296  LocalPrivileges->PrivilegeCount = TokenPrivilegeCount + 1;
1297  for (i = 0; i < TokenPrivilegeCount; i++)
1298  {
1299  LocalPrivileges->Privileges[i].Luid = (*TokenPrivileges)->Privileges[i].Luid;
1300  LocalPrivileges->Privileges[i].Attributes = (*TokenPrivileges)->Privileges[i].Attributes;
1301  }
1302 
1303  LocalPrivileges->Privileges[TokenPrivilegeCount].Luid = Privilege->Luid;
1304  LocalPrivileges->Privileges[TokenPrivilegeCount].Attributes = Privilege->Attributes;
1305 
1306  RtlFreeHeap(RtlGetProcessHeap(), 0, *TokenPrivileges);
1307  }
1308 
1309  *TokenPrivileges = LocalPrivileges;
1310 
1311  return Status;
1312 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define ANYSIZE_ARRAY
Definition: typedefs.h:46
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
struct _LUID_AND_ATTRIBUTES LUID_AND_ATTRIBUTES
$ULONG PrivilegeCount
Definition: setypes.h:988
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
struct _TOKEN_PRIVILEGES TOKEN_PRIVILEGES
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define NULL
Definition: types.h:112
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:989
unsigned int ULONG
Definition: retypes.h:1
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapSetPrivileges().

◆ LsapAddSamGroups()

static NTSTATUS LsapAddSamGroups ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType 
)
static

Definition at line 1034 of file authpackage.c.

1037 {
1038  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
1039  SAMPR_HANDLE ServerHandle = NULL;
1040  SAMPR_HANDLE BuiltinDomainHandle = NULL;
1041  SAMPR_HANDLE AccountDomainHandle = NULL;
1042  SAMPR_PSID_ARRAY SidArray;
1043  SAMPR_ULONG_ARRAY BuiltinMembership;
1044  SAMPR_ULONG_ARRAY AccountMembership;
1045  ULONG i;
1047 
1048  if (TokenInformationType != LsaTokenInformationV1)
1049  return STATUS_SUCCESS;
1050 
1051  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1052 
1053  SidArray.Count = TokenInfo1->Groups->GroupCount + 1;
1054  SidArray.Sids = RtlAllocateHeap(RtlGetProcessHeap(),
1056  (TokenInfo1->Groups->GroupCount + 1) * sizeof(PRPC_SID));
1057  if (SidArray.Sids == NULL)
1059 
1060  SidArray.Sids[0].SidPointer = TokenInfo1->User.User.Sid;
1061  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
1062  SidArray.Sids[i + 1].SidPointer = TokenInfo1->Groups->Groups[i].Sid;
1063 
1064  BuiltinMembership.Element = NULL;
1065  AccountMembership.Element = NULL;
1066 
1068  &ServerHandle,
1070  FALSE);
1071  if (!NT_SUCCESS(Status))
1072  {
1073  TRACE("SamIConnect failed (Status %08lx)\n", Status);
1074  goto done;
1075  }
1076 
1077  Status = SamrOpenDomain(ServerHandle,
1080  &BuiltinDomainHandle);
1081  if (!NT_SUCCESS(Status))
1082  {
1083  TRACE("SamrOpenDomain failed (Status %08lx)\n", Status);
1084  goto done;
1085  }
1086 
1087  Status = SamrOpenDomain(ServerHandle,
1090  &AccountDomainHandle);
1091  if (!NT_SUCCESS(Status))
1092  {
1093  TRACE("SamrOpenDomain failed (Status %08lx)\n", Status);
1094  goto done;
1095  }
1096 
1097  Status = SamrGetAliasMembership(BuiltinDomainHandle,
1098  &SidArray,
1099  &BuiltinMembership);
1100  if (!NT_SUCCESS(Status))
1101  {
1102  TRACE("SamrGetAliasMembership failed (Status %08lx)\n", Status);
1103  goto done;
1104  }
1105 
1106  Status = SamrGetAliasMembership(AccountDomainHandle,
1107  &SidArray,
1108  &AccountMembership);
1109  if (!NT_SUCCESS(Status))
1110  {
1111  TRACE("SamrGetAliasMembership failed (Status %08lx)\n", Status);
1112  goto done;
1113  }
1114 
1115  TRACE("Builtin Memberships: %lu\n", BuiltinMembership.Count);
1116  for (i = 0; i < BuiltinMembership.Count; i++)
1117  {
1118  TRACE("RID %lu: %lu (0x%lx)\n", i, BuiltinMembership.Element[i], BuiltinMembership.Element[i]);
1119  Status = LsapAppendSidToGroups(&TokenInfo1->Groups,
1121  BuiltinMembership.Element[i]);
1122  if (!NT_SUCCESS(Status))
1123  {
1124  TRACE("LsapAppendSidToGroups failed (Status %08lx)\n", Status);
1125  goto done;
1126  }
1127  }
1128 
1129  TRACE("Account Memberships: %lu\n", AccountMembership.Count);
1130  for (i = 0; i < AccountMembership.Count; i++)
1131  {
1132  TRACE("RID %lu: %lu (0x%lx)\n", i, AccountMembership.Element[i], AccountMembership.Element[i]);
1133  Status = LsapAppendSidToGroups(&TokenInfo1->Groups,
1135  AccountMembership.Element[i]);
1136  if (!NT_SUCCESS(Status))
1137  {
1138  TRACE("LsapAppendSidToGroups failed (Status %08lx)\n", Status);
1139  goto done;
1140  }
1141  }
1142 
1143 done:
1144  RtlFreeHeap(RtlGetProcessHeap(), 0, SidArray.Sids);
1145 
1146  if (AccountMembership.Element != NULL)
1147  SamIFree_SAMPR_ULONG_ARRAY(&AccountMembership);
1148 
1149  if (BuiltinMembership.Element != NULL)
1150  SamIFree_SAMPR_ULONG_ARRAY(&BuiltinMembership);
1151 
1152  if (AccountDomainHandle != NULL)
1153  SamrCloseHandle(&AccountDomainHandle);
1154 
1155  if (BuiltinDomainHandle != NULL)
1156  SamrCloseHandle(&BuiltinDomainHandle);
1157 
1158  if (ServerHandle != NULL)
1159  SamrCloseHandle(&ServerHandle);
1160 
1161 // return Status;
1162 
1163  return STATUS_SUCCESS;
1164 }
unsigned long * Element
Definition: lsasrv.h:88
#define SAM_SERVER_CONNECT
Definition: ntsam.h:99
NTSTATUS __stdcall SamrGetAliasMembership(SAMPR_HANDLE DomainHandle, PSAMPR_PSID_ARRAY SidArray, PSAMPR_ULONG_ARRAY Membership)
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
NTSTATUS __stdcall SamrOpenDomain(SAMPR_HANDLE ServerHandle, ACCESS_MASK DesiredAccess, PRPC_SID DomainId, SAMPR_HANDLE *DomainHandle)
#define DOMAIN_GET_ALIAS_MEMBERSHIP
Definition: ntsam.h:40
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
PSID BuiltinDomainSid
Definition: globals.c:16
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
NTSTATUS NTAPI SamIConnect(PSAMPR_SERVER_NAME ServerName, SAMPR_HANDLE *ServerHandle, ACCESS_MASK DesiredAccess, BOOLEAN Trusted)
#define FALSE
Definition: types.h:117
#define SAM_SERVER_LOOKUP_DOMAIN
Definition: ntsam.h:104
unsigned long Count
Definition: lsasrv.h:87
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
static NTSTATUS LsapAppendSidToGroups(IN PTOKEN_GROUPS *TokenGroups, IN PSID DomainSid, IN ULONG RelativeId)
Definition: authpackage.c:951
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PSAMPR_SID_INFORMATION Sids
Definition: authpackage.c:123
unsigned long Count
Definition: authpackage.c:122
VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr)
Definition: samsrv.c:524
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:983
NTSTATUS __stdcall SamrCloseHandle(SAMPR_HANDLE *SamHandle)
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
$ULONG GroupCount
Definition: setypes.h:979
unsigned int ULONG
Definition: retypes.h:1
SID_AND_ATTRIBUTES User
Definition: setypes.h:975
PSID AccountDomainSid
Definition: database.c:24
#define STATUS_SUCCESS
Definition: shellext.h:65

Referenced by LsapLogonUser().

◆ LsapAddTokenDefaultDacl()

static NTSTATUS LsapAddTokenDefaultDacl ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType 
)
static

Definition at line 1211 of file authpackage.c.

1214 {
1215  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
1216  PACL Dacl = NULL;
1217  ULONG Length;
1218 
1219  if (TokenInformationType == LsaTokenInformationV1)
1220  {
1221  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1222 
1223  if (TokenInfo1->DefaultDacl.DefaultDacl != NULL)
1224  return STATUS_SUCCESS;
1225 
1226  Length = sizeof(ACL) +
1227  (2 * sizeof(ACCESS_ALLOWED_ACE)) +
1228  RtlLengthSid(TokenInfo1->Owner.Owner) +
1230 
1231  Dacl = DispatchTable.AllocateLsaHeap(Length);
1232  if (Dacl == NULL)
1234 
1236 
1238  ACL_REVISION,
1239  GENERIC_ALL,
1240  TokenInfo1->Owner.Owner);
1241 
1242  /* SID: S-1-5-18 */
1244  ACL_REVISION,
1245  GENERIC_ALL,
1247 
1248  TokenInfo1->DefaultDacl.DefaultDacl = Dacl;
1249  }
1250 
1251  return STATUS_SUCCESS;
1252 }
#define GENERIC_ALL
Definition: nt_native.h:92
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
struct _ACL ACL
PSID Owner
Definition: setypes.h:993
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
TOKEN_DEFAULT_DACL DefaultDacl
Definition: authpackage.c:34
#define NULL
Definition: types.h:112
#define ACL_REVISION
Definition: setypes.h:39
unsigned int ULONG
Definition: retypes.h:1
#define STATUS_SUCCESS
Definition: shellext.h:65
_In_ PWDFDEVICE_INIT _In_ PWDF_PDO_EVENT_CALLBACKS DispatchTable
Definition: wdfpdo.h:245
PSID LsapLocalSystemSid
Definition: lookup.c:83

Referenced by LsapLogonUser().

◆ LsapAllocateClientBuffer()

static NTSTATUS NTAPI LsapAllocateClientBuffer ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN ULONG  LengthRequired,
OUT PVOID ClientBaseAddress 
)
static

Definition at line 390 of file authpackage.c.

393 {
394  PLSAP_LOGON_CONTEXT LogonContext;
395  SIZE_T Length;
396 
397  *ClientBaseAddress = NULL;
398 
399  LogonContext = (PLSAP_LOGON_CONTEXT)ClientRequest;
400 
401  Length = LengthRequired;
402  return NtAllocateVirtualMemory(LogonContext->ClientProcessHandle,
403  ClientBaseAddress,
404  0,
405  &Length,
406  MEM_COMMIT,
408 }
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
struct _LSAP_LOGON_CONTEXT * PLSAP_LOGON_CONTEXT
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
#define MEM_COMMIT
Definition: nt_native.h:1313
ULONG_PTR SIZE_T
Definition: typedefs.h:80
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
Definition: virtual.c:4481
#define NULL
Definition: types.h:112
#define PAGE_READWRITE
Definition: nt_native.h:1304

Referenced by LsapInitAuthPackages().

◆ LsapAllocateHeap()

PVOID NTAPI LsapAllocateHeap ( IN ULONG  Length)

Definition at line 365 of file authpackage.c.

366 {
367  return RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
368 }
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588

◆ LsapAllocateHeapZero()

PVOID NTAPI LsapAllocateHeapZero ( IN ULONG  Length)

Definition at line 373 of file authpackage.c.

374 {
375  return RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
376 }
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
#define HEAP_ZERO_MEMORY
Definition: compat.h:134

Referenced by LsapInitAuthPackages().

◆ LsapAppendSidToGroups()

static NTSTATUS LsapAppendSidToGroups ( IN PTOKEN_GROUPS TokenGroups,
IN PSID  DomainSid,
IN ULONG  RelativeId 
)
static

Definition at line 951 of file authpackage.c.

955 {
957  PSID Sid;
958  ULONG Length;
959  ULONG i;
960 
961  Sid = LsapAppendRidToSid(DomainSid, RelativeId);
962  if (Sid == NULL)
963  {
964  ERR("Group SID creation failed!\n");
966  }
967 
968  if (*TokenGroups == NULL)
969  {
970  Length = sizeof(TOKEN_GROUPS) +
971  (1 - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
972 
973  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
974  if (Groups == NULL)
975  {
976  ERR("Group buffer allocation failed!\n");
978  }
979 
980  Groups->GroupCount = 1;
981 
982  Groups->Groups[0].Sid = Sid;
983  Groups->Groups[0].Attributes =
985 
986  *TokenGroups = Groups;
987  }
988  else
989  {
990  for (i = 0; i < (*TokenGroups)->GroupCount; i++)
991  {
992  if (RtlEqualSid((*TokenGroups)->Groups[i].Sid, Sid))
993  {
994  RtlFreeHeap(RtlGetProcessHeap(), 0, Sid);
995  return STATUS_SUCCESS;
996  }
997  }
998 
999  Length = sizeof(TOKEN_GROUPS) +
1000  ((*TokenGroups)->GroupCount + 1 - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
1001 
1002  Groups = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, Length);
1003  if (Groups == NULL)
1004  {
1005  ERR("Group buffer allocation failed!\n");
1007  }
1008 
1009  Groups->GroupCount = (*TokenGroups)->GroupCount;
1010 
1011  for (i = 0; i < (*TokenGroups)->GroupCount; i++)
1012  {
1013  Groups->Groups[i].Sid = (*TokenGroups)->Groups[i].Sid;
1014  Groups->Groups[i].Attributes = (*TokenGroups)->Groups[i].Attributes;
1015  }
1016 
1017  Groups->Groups[Groups->GroupCount].Sid = Sid;
1018  Groups->Groups[Groups->GroupCount].Attributes =
1020 
1021  Groups->GroupCount++;
1022 
1023  RtlFreeHeap(RtlGetProcessHeap(), 0, *TokenGroups);
1024 
1025  *TokenGroups = Groups;
1026  }
1027 
1028  return STATUS_SUCCESS;
1029 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define ANYSIZE_ARRAY
Definition: typedefs.h:46
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
TOpcodeData Groups[17][8]
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
#define SE_GROUP_ENABLED
Definition: setypes.h:92
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
struct _TOKEN_GROUPS TOKEN_GROUPS
#define ERR(fmt,...)
Definition: debug.h:110
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
PSID LsapAppendRidToSid(PSID SrcSid, ULONG Rid)
Definition: utils.c:152
unsigned int ULONG
Definition: retypes.h:1
#define STATUS_SUCCESS
Definition: shellext.h:65
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)

Referenced by LsapAddSamGroups().

◆ LsapCallAuthenticationPackage()

NTSTATUS LsapCallAuthenticationPackage ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 564 of file authpackage.c.

566 {
567  PAUTH_PACKAGE Package;
568  PVOID LocalBuffer = NULL;
571 
572  TRACE("(%p %p)\n", RequestMsg, LogonContext);
573 
574  PackageId = RequestMsg->CallAuthenticationPackage.Request.AuthenticationPackage;
575 
576  /* Get the right authentication package */
578  if (Package == NULL)
579  {
580  TRACE("LsapGetAuthenticationPackage() failed to find a package\n");
581  return STATUS_NO_SUCH_PACKAGE;
582  }
583 
584  if (RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength > 0)
585  {
586  LocalBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
588  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength);
589  if (LocalBuffer == NULL)
590  {
592  }
593 
595  RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
596  LocalBuffer,
597  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
598  NULL);
599  if (!NT_SUCCESS(Status))
600  {
601  TRACE("NtReadVirtualMemory() failed (Status 0x%08lx)\n", Status);
602  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalBuffer);
603  return Status;
604  }
605  }
606 
607  if (LogonContext->TrustedCaller)
608  Status = Package->LsaApCallPackage((PLSA_CLIENT_REQUEST)LogonContext,
609  LocalBuffer,
610  RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
611  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
612  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolReturnBuffer,
613  &RequestMsg->CallAuthenticationPackage.Reply.ReturnBufferLength,
614  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolStatus);
615  else
616  Status = Package->LsaApCallPackageUntrusted((PLSA_CLIENT_REQUEST)LogonContext,
617  LocalBuffer,
618  RequestMsg->CallAuthenticationPackage.Request.ProtocolSubmitBuffer,
619  RequestMsg->CallAuthenticationPackage.Request.SubmitBufferLength,
620  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolReturnBuffer,
621  &RequestMsg->CallAuthenticationPackage.Reply.ReturnBufferLength,
622  &RequestMsg->CallAuthenticationPackage.Reply.ProtocolStatus);
623  if (!NT_SUCCESS(Status))
624  {
625  TRACE("Package->LsaApCallPackage() failed (Status 0x%08lx)\n", Status);
626  }
627 
628  if (LocalBuffer != NULL)
629  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalBuffer);
630 
631  return Status;
632 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
BOOL TrustedCaller
Definition: lsasrv.h:82
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define STATUS_NO_SUCH_PACKAGE
Definition: ntstatus.h:490
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
struct _LSA_CALL_AUTHENTICATION_PACKAGE_MSG::@3403::@3405 Request
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PLSA_AP_CALL_PACKAGE_UNTRUSTED LsaApCallPackageUntrusted
Definition: authpackage.c:101
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2805
LSA_CALL_AUTHENTICATION_PACKAGE_MSG CallAuthenticationPackage
Definition: lsass.h:188
PLSA_AP_CALL_PACKAGE_INTERNAL LsaApCallPackage
Definition: authpackage.c:99
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
static PAUTH_PACKAGE LsapGetAuthenticationPackage(IN ULONG PackageId)
Definition: authpackage.c:341
unsigned int ULONG
Definition: retypes.h:1
static ULONG PackageId
Definition: authpackage.c:163
struct _LSA_CALL_AUTHENTICATION_PACKAGE_MSG::@3403::@3406 Reply

Referenced by AuthPortThreadRoutine().

◆ LsapCopyFromClientBuffer()

static NTSTATUS NTAPI LsapCopyFromClientBuffer ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN ULONG  Length,
IN PVOID  BufferToCopy,
IN PVOID  ClientBaseAddress 
)
static

Definition at line 456 of file authpackage.c.

460 {
461  PLSAP_LOGON_CONTEXT LogonContext;
462 
463  LogonContext = (PLSAP_LOGON_CONTEXT)ClientRequest;
464 
465  return NtReadVirtualMemory(LogonContext->ClientProcessHandle,
466  ClientBaseAddress,
467  BufferToCopy,
468  Length,
469  NULL);
470 }
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
struct _LSAP_LOGON_CONTEXT * PLSAP_LOGON_CONTEXT
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2805
#define NULL
Definition: types.h:112

Referenced by LsapInitAuthPackages().

◆ LsapCopyLocalGroups()

static NTSTATUS LsapCopyLocalGroups ( IN PLSAP_LOGON_CONTEXT  LogonContext,
IN PTOKEN_GROUPS  ClientGroups,
IN ULONG  ClientGroupsCount,
OUT PTOKEN_GROUPS TokenGroups 
)
static

Definition at line 637 of file authpackage.c.

642 {
643  ULONG LocalGroupsLength = 0;
645  ULONG SidHeaderLength = 0;
646  PSID SidHeader = NULL;
647  PSID SrcSid, DstSid;
648  ULONG SidLength;
649  ULONG AllocatedSids = 0;
650  ULONG i;
652 
653  LocalGroupsLength = sizeof(TOKEN_GROUPS) +
654  (ClientGroupsCount - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES);
655  LocalGroups = RtlAllocateHeap(RtlGetProcessHeap(),
657  LocalGroupsLength);
658  if (LocalGroups == NULL)
659  {
660  TRACE("RtlAllocateHeap() failed\n");
662  }
663 
664  Status = NtReadVirtualMemory(LogonContext->ClientProcessHandle,
665  ClientGroups,
666  LocalGroups,
667  LocalGroupsLength,
668  NULL);
669  if (!NT_SUCCESS(Status))
670  goto done;
671 
672 
673  SidHeaderLength = RtlLengthRequiredSid(0);
674  SidHeader = RtlAllocateHeap(RtlGetProcessHeap(),
676  SidHeaderLength);
677  if (SidHeader == NULL)
678  {
680  goto done;
681  }
682 
683  for (i = 0; i < ClientGroupsCount; i++)
684  {
685  SrcSid = LocalGroups->Groups[i].Sid;
686 
687  Status = NtReadVirtualMemory(LogonContext->ClientProcessHandle,
688  SrcSid,
689  SidHeader,
690  SidHeaderLength,
691  NULL);
692  if (!NT_SUCCESS(Status))
693  goto done;
694 
695  SidLength = RtlLengthSid(SidHeader);
696  TRACE("Sid %lu: Length %lu\n", i, SidLength);
697 
698  DstSid = RtlAllocateHeap(RtlGetProcessHeap(),
700  SidLength);
701  if (DstSid == NULL)
702  {
704  goto done;
705  }
706 
707  Status = NtReadVirtualMemory(LogonContext->ClientProcessHandle,
708  SrcSid,
709  DstSid,
710  SidLength,
711  NULL);
712  if (!NT_SUCCESS(Status))
713  {
714  RtlFreeHeap(RtlGetProcessHeap(), 0, DstSid);
715  goto done;
716  }
717 
718  LocalGroups->Groups[i].Sid = DstSid;
719  AllocatedSids++;
720  }
721 
723 
724 done:
725  if (SidHeader != NULL)
726  RtlFreeHeap(RtlGetProcessHeap(), 0, SidHeader);
727 
728  if (!NT_SUCCESS(Status))
729  {
730  if (LocalGroups != NULL)
731  {
732  for (i = 0; i < AllocatedSids; i++)
733  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups->Groups[i].Sid);
734 
735  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups);
736  }
737  }
738 
739  return Status;
740 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define ANYSIZE_ARRAY
Definition: typedefs.h:46
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS LocalGroups
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
struct _SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2805
struct _TOKEN_GROUPS TOKEN_GROUPS
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
unsigned int ULONG
Definition: retypes.h:1
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54

Referenced by LsapLogonUser().

◆ LsapCopyToClientBuffer()

static NTSTATUS NTAPI LsapCopyToClientBuffer ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN ULONG  Length,
IN PVOID  ClientBaseAddress,
IN PVOID  BufferToCopy 
)
static

Definition at line 436 of file authpackage.c.

440 {
441  PLSAP_LOGON_CONTEXT LogonContext;
442 
443  LogonContext = (PLSAP_LOGON_CONTEXT)ClientRequest;
444 
445  return NtWriteVirtualMemory(LogonContext->ClientProcessHandle,
446  ClientBaseAddress,
447  BufferToCopy,
448  Length,
449  NULL);
450 }
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
struct _LSAP_LOGON_CONTEXT * PLSAP_LOGON_CONTEXT
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
#define NULL
Definition: types.h:112
NTSTATUS NTAPI NtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN SIZE_T NumberOfBytesToWrite, OUT PSIZE_T NumberOfBytesWritten OPTIONAL)
Definition: virtual.c:2919

Referenced by LsapInitAuthPackages().

◆ LsapFreeClientBuffer()

static NTSTATUS NTAPI LsapFreeClientBuffer ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PVOID  ClientBaseAddress 
)
static

Definition at line 414 of file authpackage.c.

416 {
417  PLSAP_LOGON_CONTEXT LogonContext;
418  SIZE_T Length;
419 
420  if (ClientBaseAddress == NULL)
421  return STATUS_SUCCESS;
422 
423  LogonContext = (PLSAP_LOGON_CONTEXT)ClientRequest;
424 
425  Length = 0;
426  return NtFreeVirtualMemory(LogonContext->ClientProcessHandle,
427  &ClientBaseAddress,
428  &Length,
429  MEM_RELEASE);
430 }
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
struct _LSAP_LOGON_CONTEXT * PLSAP_LOGON_CONTEXT
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
ULONG_PTR SIZE_T
Definition: typedefs.h:80
#define NULL
Definition: types.h:112
#define MEM_RELEASE
Definition: nt_native.h:1316
#define STATUS_SUCCESS
Definition: shellext.h:65
NTSTATUS NTAPI NtFreeVirtualMemory(IN HANDLE ProcessHandle, IN PVOID *UBaseAddress, IN PSIZE_T URegionSize, IN ULONG FreeType)
Definition: virtual.c:5204

Referenced by LsapInitAuthPackages(), and LsapLogonUser().

◆ LsapFreeHeap()

VOID NTAPI LsapFreeHeap ( IN PVOID  Base)

Definition at line 381 of file authpackage.c.

382 {
383  RtlFreeHeap(RtlGetProcessHeap(), 0, Base);
384 }
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
_In_opt_ ULONG Base
Definition: rtlfuncs.h:2386

Referenced by LsapInitAuthPackages(), and LsapLogonUser().

◆ LsapGetAuthenticationPackage()

static PAUTH_PACKAGE LsapGetAuthenticationPackage ( IN ULONG  PackageId)
static

Definition at line 341 of file authpackage.c.

342 {
343  PLIST_ENTRY ListEntry;
344  PAUTH_PACKAGE Package;
345 
346  ListEntry = PackageListHead.Flink;
347  while (ListEntry != &PackageListHead)
348  {
349  Package = CONTAINING_RECORD(ListEntry, AUTH_PACKAGE, Entry);
350 
351  if (Package->Id == PackageId)
352  {
353  return Package;
354  }
355 
356  ListEntry = ListEntry->Flink;
357  }
358 
359  return NULL;
360 }
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: typedefs.h:119
#define NULL
Definition: types.h:112
static ULONG PackageId
Definition: authpackage.c:163
base of all file and directory entries
Definition: entries.h:82

Referenced by LsapCallAuthenticationPackage(), and LsapLogonUser().

◆ LsapInitAuthPackages()

NTSTATUS LsapInitAuthPackages ( VOID  )

Definition at line 474 of file authpackage.c.

475 {
476  RTL_QUERY_REGISTRY_TABLE AuthPackageTable[] = {
477  {LsapAddAuthPackage, 0, L"Authentication Packages", NULL, REG_NONE, NULL, 0},
478  {NULL, 0, NULL, NULL, REG_NONE, NULL, 0}};
479 
481 
483  PackageId = 0;
484 
485  /* Initialize the dispatch table */
486  DispatchTable.CreateLogonSession = &LsapCreateLogonSession;
487  DispatchTable.DeleteLogonSession = &LsapDeleteLogonSession;
488  DispatchTable.AddCredential = &LsapAddCredential;
489  DispatchTable.GetCredentials = &LsapGetCredentials;
490  DispatchTable.DeleteCredential = &LsapDeleteCredential;
491  DispatchTable.AllocateLsaHeap = &LsapAllocateHeapZero;
492  DispatchTable.FreeLsaHeap = &LsapFreeHeap;
493  DispatchTable.AllocateClientBuffer = &LsapAllocateClientBuffer;
494  DispatchTable.FreeClientBuffer = &LsapFreeClientBuffer;
495  DispatchTable.CopyToClientBuffer = &LsapCopyToClientBuffer;
496  DispatchTable.CopyFromClientBuffer = &LsapCopyFromClientBuffer;
497 
498  /* Add registered authentication packages */
500  L"Lsa",
501  AuthPackageTable,
502  &PackageId,
503  NULL);
504 
505  return Status;
506 }
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
NTSTATUS NTAPI LsapCreateLogonSession(IN PLUID LogonId)
Definition: session.c:159
LONG NTSTATUS
Definition: precomp.h:26
static NTSTATUS NTAPI LsapFreeClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ClientBaseAddress)
Definition: authpackage.c:414
NTSTATUS NTAPI LsapDeleteLogonSession(IN PLUID LogonId)
Definition: session.c:201
static NTSTATUS NTAPI LsapAddAuthPackage(IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
Definition: authpackage.c:177
#define RTL_REGISTRY_CONTROL
Definition: nt_native.h:163
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
PVOID NTAPI LsapAllocateHeapZero(IN ULONG Length)
Definition: authpackage.c:373
NTSTATUS NTAPI LsapGetCredentials(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _Inout_ PULONG QueryContext, _In_ BOOLEAN RetrieveAllCredentials, _Inout_ PLSA_STRING PrimaryKeyValue, _Out_ PULONG PrimaryKeyLength, _Out_ PLSA_STRING Credentials)
Definition: session.c:272
VOID NTAPI LsapFreeHeap(IN PVOID Base)
Definition: authpackage.c:381
Status
Definition: gdiplustypes.h:24
NTSTATUS NTAPI LsapAddCredential(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue, _In_ PLSA_STRING Credential)
Definition: session.c:259
static NTSTATUS NTAPI LsapCopyFromClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID BufferToCopy, IN PVOID ClientBaseAddress)
Definition: authpackage.c:456
static const WCHAR L[]
Definition: oid.c:1250
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define NULL
Definition: types.h:112
static NTSTATUS NTAPI LsapCopyToClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG Length, IN PVOID ClientBaseAddress, IN PVOID BufferToCopy)
Definition: authpackage.c:436
NTSTATUS NTAPI LsapDeleteCredential(_In_ PLUID LogonId, _In_ ULONG AuthenticationPackage, _In_ PLSA_STRING PrimaryKeyValue)
Definition: session.c:288
#define REG_NONE
Definition: nt_native.h:1492
_In_ PWDFDEVICE_INIT _In_ PWDF_PDO_EVENT_CALLBACKS DispatchTable
Definition: wdfpdo.h:245
static ULONG PackageId
Definition: authpackage.c:163
static NTSTATUS NTAPI LsapAllocateClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN ULONG LengthRequired, OUT PVOID *ClientBaseAddress)
Definition: authpackage.c:390

Referenced by LsapInitLsa().

◆ LsapLogonUser()

NTSTATUS LsapLogonUser ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 1394 of file authpackage.c.

1396 {
1397  PAUTH_PACKAGE Package;
1400  LSA_TOKEN_INFORMATION_TYPE TokenInformationType;
1401  PVOID TokenInformation = NULL;
1402  PLSA_TOKEN_INFORMATION_NULL TokenInfo0 = NULL;
1403  PLSA_TOKEN_INFORMATION_V1 TokenInfo1 = NULL;
1404  PUNICODE_STRING AccountName = NULL;
1405  PUNICODE_STRING AuthenticatingAuthority = NULL;
1407  PVOID LocalAuthInfo = NULL;
1410  ULONG i;
1411  ULONG PackageId;
1413  NTSTATUS Status;
1414 
1415  PUNICODE_STRING UserName = NULL;
1416  PUNICODE_STRING LogonDomainName = NULL;
1417 // UNICODE_STRING LogonServer;
1418 
1419 
1420  TRACE("LsapLogonUser(%p %p)\n", RequestMsg, LogonContext);
1421 
1422  PackageId = RequestMsg->LogonUser.Request.AuthenticationPackage;
1423  LogonType = RequestMsg->LogonUser.Request.LogonType;
1424 
1425  /* Get the right authentication package */
1427  if (Package == NULL)
1428  {
1429  ERR("LsapGetAuthenticationPackage() failed to find a package\n");
1430  return STATUS_NO_SUCH_PACKAGE;
1431  }
1432 
1433  if (RequestMsg->LogonUser.Request.AuthenticationInformationLength > 0)
1434  {
1435  /* Allocate the local authentication info buffer */
1436  LocalAuthInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1438  RequestMsg->LogonUser.Request.AuthenticationInformationLength);
1439  if (LocalAuthInfo == NULL)
1440  {
1441  ERR("RtlAllocateHeap() failed\n");
1443  }
1444 
1445  /* Read the authentication info from the callers address space */
1447  RequestMsg->LogonUser.Request.AuthenticationInformation,
1448  LocalAuthInfo,
1449  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1450  NULL);
1451  if (!NT_SUCCESS(Status))
1452  {
1453  ERR("NtReadVirtualMemory() failed (Status 0x%08lx)\n", Status);
1454  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalAuthInfo);
1455  return Status;
1456  }
1457  }
1458 
1459  if (RequestMsg->LogonUser.Request.LocalGroupsCount > 0)
1460  {
1461  Status = LsapCopyLocalGroups(LogonContext,
1462  RequestMsg->LogonUser.Request.LocalGroups,
1463  RequestMsg->LogonUser.Request.LocalGroupsCount,
1464  &LocalGroups);
1465  if (!NT_SUCCESS(Status))
1466  {
1467  ERR("LsapCopyLocalGroups failed (Status 0x%08lx)\n", Status);
1468  goto done;
1469  }
1470 
1471  TRACE("GroupCount: %lu\n", LocalGroups->GroupCount);
1472  }
1473 
1474  if (Package->LsaApLogonUserEx2 != NULL)
1475  {
1476  Status = Package->LsaApLogonUserEx2((PLSA_CLIENT_REQUEST)LogonContext,
1477  RequestMsg->LogonUser.Request.LogonType,
1478  LocalAuthInfo,
1479  RequestMsg->LogonUser.Request.AuthenticationInformation,
1480  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1481  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1482  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1483  &RequestMsg->LogonUser.Reply.LogonId,
1484  &RequestMsg->LogonUser.Reply.SubStatus,
1485  &TokenInformationType,
1486  &TokenInformation,
1487  &AccountName,
1488  &AuthenticatingAuthority,
1489  &MachineName,
1490  NULL, /* FIXME: PSECPKG_PRIMARY_CRED PrimaryCredentials */
1491  NULL); /* FIXME: PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials */
1492  }
1493  else if (Package->LsaApLogonUserEx != NULL)
1494  {
1495  Status = Package->LsaApLogonUserEx((PLSA_CLIENT_REQUEST)LogonContext,
1496  RequestMsg->LogonUser.Request.LogonType,
1497  LocalAuthInfo,
1498  RequestMsg->LogonUser.Request.AuthenticationInformation,
1499  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1500  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1501  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1502  &RequestMsg->LogonUser.Reply.LogonId,
1503  &RequestMsg->LogonUser.Reply.SubStatus,
1504  &TokenInformationType,
1505  &TokenInformation,
1506  &AccountName,
1507  &AuthenticatingAuthority,
1508  &MachineName);
1509  }
1510  else
1511  {
1512  Status = Package->LsaApLogonUser((PLSA_CLIENT_REQUEST)LogonContext,
1513  RequestMsg->LogonUser.Request.LogonType,
1514  LocalAuthInfo,
1515  RequestMsg->LogonUser.Request.AuthenticationInformation,
1516  RequestMsg->LogonUser.Request.AuthenticationInformationLength,
1517  &RequestMsg->LogonUser.Reply.ProfileBuffer,
1518  &RequestMsg->LogonUser.Reply.ProfileBufferLength,
1519  &RequestMsg->LogonUser.Reply.LogonId,
1520  &RequestMsg->LogonUser.Reply.SubStatus,
1521  &TokenInformationType,
1522  &TokenInformation,
1523  &AccountName,
1524  &AuthenticatingAuthority);
1525  }
1526 
1527  if (!NT_SUCCESS(Status))
1528  {
1529  ERR("LsaApLogonUser/Ex/2 failed (Status 0x%08lx)\n", Status);
1530  goto done;
1531  }
1532 
1533  if (LocalGroups->GroupCount > 0)
1534  {
1535  /* Add local groups to the token information */
1536  Status = LsapAddLocalGroups(TokenInformation,
1537  TokenInformationType,
1538  LocalGroups);
1539  if (!NT_SUCCESS(Status))
1540  {
1541  ERR("LsapAddLocalGroupsToTokenInfo() failed (Status 0x%08lx)\n", Status);
1542  goto done;
1543  }
1544  }
1545 
1546  Status = LsapAddDefaultGroups(TokenInformation,
1547  TokenInformationType,
1548  LogonType);
1549  if (!NT_SUCCESS(Status))
1550  {
1551  ERR("LsapAddDefaultGroups() failed (Status 0x%08lx)\n", Status);
1552  goto done;
1553  }
1554 
1555  Status = LsapAddSamGroups(TokenInformation,
1556  TokenInformationType);
1557  if (!NT_SUCCESS(Status))
1558  {
1559  ERR("LsapAddSamGroups() failed (Status 0x%08lx)\n", Status);
1560  goto done;
1561  }
1562 
1563  Status = LsapSetTokenOwner(TokenInformation,
1564  TokenInformationType);
1565  if (!NT_SUCCESS(Status))
1566  {
1567  ERR("LsapSetTokenOwner() failed (Status 0x%08lx)\n", Status);
1568  goto done;
1569  }
1570 
1571  Status = LsapAddTokenDefaultDacl(TokenInformation,
1572  TokenInformationType);
1573  if (!NT_SUCCESS(Status))
1574  {
1575  ERR("LsapAddTokenDefaultDacl() failed (Status 0x%08lx)\n", Status);
1576  goto done;
1577  }
1578 
1579  Status = LsapSetPrivileges(TokenInformation,
1580  TokenInformationType);
1581  if (!NT_SUCCESS(Status))
1582  {
1583  ERR("LsapSetPrivileges() failed (Status 0x%08lx)\n", Status);
1584  goto done;
1585  }
1586 
1587  if (TokenInformationType == LsaTokenInformationNull)
1588  {
1591  TOKEN_GROUPS NoGroups = {0};
1592  TOKEN_PRIVILEGES NoPrivileges = {0};
1593 
1594  TokenInfo0 = (PLSA_TOKEN_INFORMATION_NULL)TokenInformation;
1595 
1596  TokenUser.User.Sid = LsapWorldSid;
1597  TokenUser.User.Attributes = 0;
1598  TokenPrimaryGroup.PrimaryGroup = LsapWorldSid;
1599 
1600  Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
1603  Qos.EffectiveOnly = TRUE;
1604 
1606  ObjectAttributes.RootDirectory = NULL;
1607  ObjectAttributes.ObjectName = NULL;
1608  ObjectAttributes.Attributes = 0;
1609  ObjectAttributes.SecurityDescriptor = NULL;
1610  ObjectAttributes.SecurityQualityOfService = &Qos;
1611 
1612  /* Create the logon token */
1617  &RequestMsg->LogonUser.Reply.LogonId,
1618  &TokenInfo0->ExpirationTime,
1619  &TokenUser,
1620  &NoGroups,
1621  &NoPrivileges,
1622  NULL,
1624  NULL,
1625  &RequestMsg->LogonUser.Request.SourceContext);
1626  }
1627  else if (TokenInformationType == LsaTokenInformationV1)
1628  {
1629  TOKEN_PRIVILEGES NoPrivileges = {0};
1630 
1631  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1632 
1633  Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
1636  Qos.EffectiveOnly = FALSE;
1637 
1639  ObjectAttributes.RootDirectory = NULL;
1640  ObjectAttributes.ObjectName = NULL;
1641  ObjectAttributes.Attributes = 0;
1642  ObjectAttributes.SecurityDescriptor = NULL;
1643  ObjectAttributes.SecurityQualityOfService = &Qos;
1644 
1645  /* Create the logon token */
1649  (RequestMsg->LogonUser.Request.LogonType == Network) ? TokenImpersonation : TokenPrimary,
1650  &RequestMsg->LogonUser.Reply.LogonId,
1651  &TokenInfo1->ExpirationTime,
1652  &TokenInfo1->User,
1653  TokenInfo1->Groups,
1654  TokenInfo1->Privileges ? TokenInfo1->Privileges : &NoPrivileges,
1655  &TokenInfo1->Owner,
1656  &TokenInfo1->PrimaryGroup,
1657  &TokenInfo1->DefaultDacl,
1658  &RequestMsg->LogonUser.Request.SourceContext);
1659  if (!NT_SUCCESS(Status))
1660  {
1661  ERR("NtCreateToken failed (Status 0x%08lx)\n", Status);
1662  goto done;
1663  }
1664  }
1665  else
1666  {
1667  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
1669  goto done;
1670  }
1671 
1672  if (LogonType == Interactive ||
1673  LogonType == Batch ||
1674  LogonType == Service)
1675  {
1676  UserName = &((PMSV1_0_INTERACTIVE_LOGON)LocalAuthInfo)->UserName;
1677  LogonDomainName = &((PMSV1_0_INTERACTIVE_LOGON)LocalAuthInfo)->LogonDomainName;
1678  }
1679  else
1680  {
1681  FIXME("LogonType %lu is not supported yet!\n", LogonType);
1682  }
1683 
1684  Status = LsapSetLogonSessionData(&RequestMsg->LogonUser.Reply.LogonId,
1685  LogonType,
1686  UserName,
1687  LogonDomainName,
1688  TokenInfo1->User.User.Sid);
1689  if (!NT_SUCCESS(Status))
1690  {
1691  ERR("LsapSetLogonSessionData failed (Status 0x%08lx)\n", Status);
1692  goto done;
1693  }
1694 
1695  /*
1696  * Duplicate the token handle into the client process.
1697  * This must be the last step because we cannot
1698  * close the duplicated token handle in case something fails.
1699  */
1701  TokenHandle,
1702  LogonContext->ClientProcessHandle,
1703  &RequestMsg->LogonUser.Reply.Token,
1704  0,
1705  0,
1707  if (!NT_SUCCESS(Status))
1708  {
1709  ERR("NtDuplicateObject failed (Status 0x%08lx)\n", Status);
1710  goto done;
1711  }
1712 
1713 done:
1714  if (!NT_SUCCESS(Status))
1715  {
1716  /* Notify the authentification package of the failure */
1717  Package->LsaApLogonTerminated(&RequestMsg->LogonUser.Reply.LogonId);
1718 
1719  /* Delete the logon session */
1720  LsapDeleteLogonSession(&RequestMsg->LogonUser.Reply.LogonId);
1721 
1722  /* Release the profile buffer */
1724  RequestMsg->LogonUser.Reply.ProfileBuffer);
1725  RequestMsg->LogonUser.Reply.ProfileBuffer = NULL;
1726  }
1727 
1728  if (TokenHandle != NULL)
1730 
1731  /* Free the local groups */
1732  if (LocalGroups != NULL)
1733  {
1734  for (i = 0; i < LocalGroups->GroupCount; i++)
1735  {
1736  if (LocalGroups->Groups[i].Sid != NULL)
1737  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups->Groups[i].Sid);
1738  }
1739 
1740  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalGroups);
1741  }
1742 
1743  /* Free the local authentication info buffer */
1744  if (LocalAuthInfo != NULL)
1745  RtlFreeHeap(RtlGetProcessHeap(), 0, LocalAuthInfo);
1746 
1747  /* Free the token information */
1748  if (TokenInformation != NULL)
1749  {
1750  if (TokenInformationType == LsaTokenInformationNull)
1751  {
1752  TokenInfo0 = (PLSA_TOKEN_INFORMATION_NULL)TokenInformation;
1753 
1754  if (TokenInfo0 != NULL)
1755  {
1756  if (TokenInfo0->Groups != NULL)
1757  {
1758  for (i = 0; i < TokenInfo0->Groups->GroupCount; i++)
1759  {
1760  if (TokenInfo0->Groups->Groups[i].Sid != NULL)
1761  LsapFreeHeap(TokenInfo0->Groups->Groups[i].Sid);
1762  }
1763 
1764  LsapFreeHeap(TokenInfo0->Groups);
1765  }
1766 
1767  LsapFreeHeap(TokenInfo0);
1768  }
1769  }
1770  else if (TokenInformationType == LsaTokenInformationV1)
1771  {
1772  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1773 
1774  if (TokenInfo1 != NULL)
1775  {
1776  if (TokenInfo1->User.User.Sid != NULL)
1777  LsapFreeHeap(TokenInfo1->User.User.Sid);
1778 
1779  if (TokenInfo1->Groups != NULL)
1780  {
1781  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
1782  {
1783  if (TokenInfo1->Groups->Groups[i].Sid != NULL)
1784  LsapFreeHeap(TokenInfo1->Groups->Groups[i].Sid);
1785  }
1786 
1787  LsapFreeHeap(TokenInfo1->Groups);
1788  }
1789 
1790  if (TokenInfo1->PrimaryGroup.PrimaryGroup != NULL)
1791  LsapFreeHeap(TokenInfo1->PrimaryGroup.PrimaryGroup);
1792 
1793  if (TokenInfo1->Privileges != NULL)
1794  LsapFreeHeap(TokenInfo1->Privileges);
1795 
1796  if (TokenInfo1->Owner.Owner != NULL)
1797  LsapFreeHeap(TokenInfo1->Owner.Owner);
1798 
1799  if (TokenInfo1->DefaultDacl.DefaultDacl != NULL)
1800  LsapFreeHeap(TokenInfo1->DefaultDacl.DefaultDacl);
1801 
1802  LsapFreeHeap(TokenInfo1);
1803  }
1804  }
1805  else
1806  {
1807  FIXME("TokenInformationType %d is not supported!\n", TokenInformationType);
1808  }
1809  }
1810 
1811  /* Free the account name */
1812  if (AccountName != NULL)
1813  {
1814  if (AccountName->Buffer != NULL)
1815  LsapFreeHeap(AccountName->Buffer);
1816 
1817  LsapFreeHeap(AccountName);
1818  }
1819 
1820  /* Free the authentication authority */
1821  if (AuthenticatingAuthority != NULL)
1822  {
1823  if (AuthenticatingAuthority->Buffer != NULL)
1824  LsapFreeHeap(AuthenticatingAuthority->Buffer);
1825 
1826  LsapFreeHeap(AuthenticatingAuthority);
1827  }
1828 
1829  /* Free the machine name */
1830  if (MachineName != NULL)
1831  {
1832  if (MachineName->Buffer != NULL)
1833  LsapFreeHeap(MachineName->Buffer);
1834 
1836  }
1837 
1838  TRACE("LsapLogonUser done (Status 0x%08lx)\n", Status);
1839 
1840  return Status;
1841 }
LARGE_INTEGER ExpirationTime
Definition: authpackage.c:22
static NTSTATUS LsapAddDefaultGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN SECURITY_LOGON_TYPE LogonType)
Definition: authpackage.c:828
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
PLSA_AP_LOGON_TERMINATED LsaApLogonTerminated
Definition: authpackage.c:102
PLSA_AP_LOGON_USER_EX2 LsaApLogonUserEx2
Definition: authpackage.c:103
#define DUPLICATE_CLOSE_SOURCE
LSA_LOGON_USER_MSG LogonUser
Definition: lsass.h:187
LARGE_INTEGER ExpirationTime
Definition: authpackage.c:28
PLSA_AP_LOGON_USER_INTERNAL LsaApLogonUser
Definition: authpackage.c:105
static NTSTATUS LsapAddSamGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1034
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
NTSTATUS LsapSetLogonSessionData(_In_ PLUID LogonId, _In_ ULONG LogonType, _In_ PUNICODE_STRING UserName, _In_ PUNICODE_STRING LogonDomain, _In_ PSID Sid)
Definition: session.c:67
#define STATUS_NO_SUCH_PACKAGE
Definition: ntstatus.h:490
static NTSTATUS NTAPI LsapFreeClientBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ClientBaseAddress)
Definition: authpackage.c:414
NTSTATUS NTAPI LsapDeleteLogonSession(IN PLUID LogonId)
Definition: session.c:201
_In_ DWORD _Out_ PDWORD _In_opt_ PCSTR MachineName
Definition: setupapi.h:1291
HANDLE ClientProcessHandle
Definition: lsasrv.h:80
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS LocalGroups
static NTSTATUS LsapSetTokenOwner(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1169
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
PLSA_AP_LOGON_USER_EX LsaApLogonUserEx
Definition: authpackage.c:104
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
static NTSTATUS LsapCopyLocalGroups(IN PLSAP_LOGON_CONTEXT LogonContext, IN PTOKEN_GROUPS ClientGroups, IN ULONG ClientGroupsCount, OUT PTOKEN_GROUPS *TokenGroups)
Definition: authpackage.c:637
PSID LsapWorldSid
Definition: lookup.c:78
return STATUS_NOT_IMPLEMENTED
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
static NTSTATUS LsapAddLocalGroups(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType, IN PTOKEN_GROUPS LocalGroups)
Definition: authpackage.c:745
#define DUPLICATE_SAME_ACCESS
#define FALSE
Definition: types.h:117
#define FIXME(fmt,...)
Definition: debug.h:111
PSID Owner
Definition: setypes.h:993
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
struct _OBJECT_ATTRIBUTES OBJECT_ATTRIBUTES
#define NtCurrentProcess()
Definition: nt_native.h:1657
VOID NTAPI LsapFreeHeap(IN PVOID Base)
Definition: authpackage.c:381
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
TOKEN_PRIMARY_GROUP PrimaryGroup
Definition: authpackage.c:31
#define TRACE(s)
Definition: solgame.cpp:4
struct _LSA_TOKEN_INFORMATION_NULL * PLSA_TOKEN_INFORMATION_NULL
static NTSTATUS LsapAddTokenDefaultDacl(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1211
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define TOKEN_ALL_ACCESS
Definition: setypes.h:911
struct _LSA_LOGON_USER_MSG::@3399::@3401 Request
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2805
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
#define SECURITY_DYNAMIC_TRACKING
Definition: setypes.h:103
__kernel_entry NTSTATUS NTAPI NtCreateToken(_Out_ PHANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ TOKEN_TYPE TokenType, _In_ PLUID AuthenticationId, _In_ PLARGE_INTEGER ExpirationTime, _In_ PTOKEN_USER TokenUser, _In_ PTOKEN_GROUPS TokenGroups, _In_ PTOKEN_PRIVILEGES TokenPrivileges, _In_opt_ PTOKEN_OWNER TokenOwner, _In_ PTOKEN_PRIMARY_GROUP TokenPrimaryGroup, _In_opt_ PTOKEN_DEFAULT_DACL TokenDefaultDacl, _In_ PTOKEN_SOURCE TokenSource)
Creates an access token.
Definition: token.c:5224
struct _LSA_LOGON_USER_MSG::@3399::@3402 Reply
enum _LSA_TOKEN_INFORMATION_TYPE LSA_TOKEN_INFORMATION_TYPE
#define ERR(fmt,...)
Definition: debug.h:110
PTOKEN_PRIVILEGES Privileges
Definition: authpackage.c:32
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
#define DUPLICATE_SAME_ATTRIBUTES
Definition: obtypes.h:153
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
static NTSTATUS LsapSetPrivileges(IN PVOID TokenInformation, IN LSA_TOKEN_INFORMATION_TYPE TokenInformationType)
Definition: authpackage.c:1316
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:983
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
TOKEN_DEFAULT_DACL DefaultDacl
Definition: authpackage.c:34
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
static PAUTH_PACKAGE LsapGetAuthenticationPackage(IN ULONG PackageId)
Definition: authpackage.c:341
$ULONG GroupCount
Definition: setypes.h:979
NTSTATUS NTAPI NtDuplicateObject(IN HANDLE SourceProcessHandle, IN HANDLE SourceHandle, IN HANDLE TargetProcessHandle OPTIONAL, OUT PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options)
Definition: obhandle.c:3406
unsigned int ULONG
Definition: retypes.h:1
SID_AND_ATTRIBUTES User
Definition: setypes.h:975
static ULONG PackageId
Definition: authpackage.c:163

Referenced by AuthPortThreadRoutine().

◆ LsapLookupAuthenticationPackage()

NTSTATUS LsapLookupAuthenticationPackage ( PLSA_API_MSG  RequestMsg,
PLSAP_LOGON_CONTEXT  LogonContext 
)

Definition at line 510 of file authpackage.c.

512 {
513  PLIST_ENTRY ListEntry;
514  PAUTH_PACKAGE Package;
515  ULONG PackageNameLength;
516  PCHAR PackageName;
517 
518  TRACE("(%p %p)\n", RequestMsg, LogonContext);
519 
520  PackageNameLength = RequestMsg->LookupAuthenticationPackage.Request.PackageNameLength;
521  PackageName = RequestMsg->LookupAuthenticationPackage.Request.PackageName;
522 
523  TRACE("PackageName: %s\n", PackageName);
524 
525  ListEntry = PackageListHead.Flink;
526  while (ListEntry != &PackageListHead)
527  {
528  Package = CONTAINING_RECORD(ListEntry, AUTH_PACKAGE, Entry);
529 
530  if ((PackageNameLength == Package->Name->Length) &&
531  (_strnicmp(PackageName, Package->Name->Buffer, Package->Name->Length) == 0))
532  {
533  RequestMsg->LookupAuthenticationPackage.Reply.Package = Package->Id;
534  return STATUS_SUCCESS;
535  }
536 
537  ListEntry = ListEntry->Flink;
538  }
539 
540  return STATUS_NO_SUCH_PACKAGE;
541 }
signed char * PCHAR
Definition: retypes.h:7
LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG LookupAuthenticationPackage
Definition: lsass.h:190
#define STATUS_NO_SUCH_PACKAGE
Definition: ntstatus.h:490
unsigned short Length
Definition: sprintf.c:451
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
struct _LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG::@3411::@3413 Request
void * Buffer
Definition: sprintf.c:453
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
#define TRACE(s)
Definition: solgame.cpp:4
#define _strnicmp(_String1, _String2, _MaxCount)
Definition: compat.h:23
Definition: typedefs.h:119
unsigned int ULONG
Definition: retypes.h:1
#define STATUS_SUCCESS
Definition: shellext.h:65
struct _LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG::@3411::@3414 Reply
base of all file and directory entries
Definition: entries.h:82
PSTRING Name
Definition: authpackage.c:94

Referenced by AuthPortThreadRoutine().

◆ LsapSetPrivileges()

static NTSTATUS LsapSetPrivileges ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType 
)
static

Definition at line 1316 of file authpackage.c.

1319 {
1320  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
1321  LSAPR_HANDLE PolicyHandle = NULL;
1322  LSAPR_HANDLE AccountHandle = NULL;
1324  ULONG i, j;
1325  NTSTATUS Status;
1326 
1327  if (TokenInformationType == LsaTokenInformationV1)
1328  {
1329  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1330 
1332  NULL,
1333  0,
1334  &PolicyHandle);
1335  if (!NT_SUCCESS(Status))
1336  return Status;
1337 
1338  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
1339  {
1340  Status = LsarOpenAccount(PolicyHandle,
1341  TokenInfo1->Groups->Groups[i].Sid,
1342  ACCOUNT_VIEW,
1343  &AccountHandle);
1344  if (!NT_SUCCESS(Status))
1345  continue;
1346 
1347  Status = LsarEnumeratePrivilegesAccount(AccountHandle,
1348  &Privileges);
1349  if (NT_SUCCESS(Status))
1350  {
1351  for (j = 0; j < Privileges->PrivilegeCount; j++)
1352  {
1354  &(Privileges->Privilege[j]));
1355  if (!NT_SUCCESS(Status))
1356  {
1357  /* We failed, clean everything and return */
1359  LsarClose(&AccountHandle);
1360  LsarClose(&PolicyHandle);
1361 
1362  return Status;
1363  }
1364  }
1365 
1367  Privileges = NULL;
1368  }
1369 
1370  LsarClose(&AccountHandle);
1371  }
1372 
1373  LsarClose(&PolicyHandle);
1374 
1375  if (TokenInfo1->Privileges != NULL)
1376  {
1377  for (i = 0; i < TokenInfo1->Privileges->PrivilegeCount; i++)
1378  {
1382  {
1384  }
1385  }
1386  }
1387  }
1388 
1389  return STATUS_SUCCESS;
1390 }
LONG NTSTATUS
Definition: precomp.h:26
$ULONG PrivilegeCount
Definition: setypes.h:988
VOID NTAPI LsaIFree_LSAPR_PRIVILEGE_SET(IN PLSAPR_PRIVILEGE_SET Ptr)
Definition: lsasrv.c:181
NTSTATUS WINAPI LsarEnumeratePrivilegesAccount(LSAPR_HANDLE AccountHandle, PLSAPR_PRIVILEGE_SET *Privileges)
Definition: lsarpc.c:1504
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
#define ACCOUNT_VIEW
Definition: ntlsa.h:28
#define SE_PRIVILEGE_ENABLED
Definition: setypes.h:63
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
NTSTATUS WINAPI LsarOpenAccount(LSAPR_HANDLE PolicyHandle, PRPC_SID AccountSid, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *AccountHandle)
Definition: lsarpc.c:1465
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
Status
Definition: gdiplustypes.h:24
#define SE_PRIVILEGE_ENABLED_BY_DEFAULT
Definition: setypes.h:62
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
static const LUID SeChangeNotifyPrivilege
Definition: authpackage.c:167
static NTSTATUS LsapAddPrivilegeToTokenPrivileges(PTOKEN_PRIVILEGES *TokenPrivileges, PLSAPR_LUID_AND_ATTRIBUTES Privilege)
Definition: authpackage.c:1257
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:13
static const LUID SeCreateGlobalPrivilege
Definition: authpackage.c:168
NTSTATUS WINAPI LsarClose(LSAPR_HANDLE *ObjectHandle)
Definition: lsarpc.c:125
PTOKEN_PRIVILEGES Privileges
Definition: authpackage.c:32
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:983
#define NULL
Definition: types.h:112
NTSTATUS WINAPI LsarOpenPolicy(LPWSTR SystemName, PLSAPR_OBJECT_ATTRIBUTES ObjectAttributes, ACCESS_MASK DesiredAccess, LSAPR_HANDLE *PolicyHandle)
Definition: lsarpc.c:495
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:989
$ULONG GroupCount
Definition: setypes.h:979
unsigned int ULONG
Definition: retypes.h:1
#define STATUS_SUCCESS
Definition: shellext.h:65
static const LUID SeImpersonatePrivilege
Definition: authpackage.c:169

Referenced by LsapLogonUser().

◆ LsapSetTokenOwner()

static NTSTATUS LsapSetTokenOwner ( IN PVOID  TokenInformation,
IN LSA_TOKEN_INFORMATION_TYPE  TokenInformationType 
)
static

Definition at line 1169 of file authpackage.c.

1172 {
1173  PLSA_TOKEN_INFORMATION_V1 TokenInfo1;
1174  PSID_AND_ATTRIBUTES OwnerSid = NULL;
1175  ULONG i, Length;
1176 
1177  if (TokenInformationType == LsaTokenInformationV1)
1178  {
1179  TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation;
1180 
1181  if (TokenInfo1->Owner.Owner != NULL)
1182  return STATUS_SUCCESS;
1183 
1184  OwnerSid = &TokenInfo1->User.User;
1185  for (i = 0; i < TokenInfo1->Groups->GroupCount; i++)
1186  {
1187  if (EqualSid(TokenInfo1->Groups->Groups[i].Sid, LsapAdministratorsSid))
1188  {
1189  OwnerSid = &TokenInfo1->Groups->Groups[i];
1190  break;
1191  }
1192  }
1193 
1194  Length = RtlLengthSid(OwnerSid->Sid);
1195  TokenInfo1->Owner.Owner = DispatchTable.AllocateLsaHeap(Length);
1196  if (TokenInfo1->Owner.Owner == NULL)
1198 
1199  RtlCopyMemory(TokenInfo1->Owner.Owner,
1200  OwnerSid->Sid,
1201  Length);
1202  OwnerSid->Attributes |= SE_GROUP_OWNER;
1203  }
1204 
1205  return STATUS_SUCCESS;
1206 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
Definition: security.c:708
struct _LSA_TOKEN_INFORMATION_V1 * PLSA_TOKEN_INFORMATION_V1
#define SE_GROUP_OWNER
Definition: setypes.h:93
PSID Owner
Definition: setypes.h:993
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
PSID LsapAdministratorsSid
Definition: lookup.c:84
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:983
#define NULL
Definition: types.h:112
$ULONG GroupCount
Definition: setypes.h:979
unsigned int ULONG
Definition: retypes.h:1
SID_AND_ATTRIBUTES User
Definition: setypes.h:975
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define STATUS_SUCCESS
Definition: shellext.h:65
_In_ PWDFDEVICE_INIT _In_ PWDF_PDO_EVENT_CALLBACKS DispatchTable
Definition: wdfpdo.h:245

Referenced by LsapLogonUser().

◆ LsapTerminateLogon()

VOID LsapTerminateLogon ( _In_ PLUID  LogonId)

Definition at line 545 of file authpackage.c.

547 {
548  PLIST_ENTRY ListEntry;
549  PAUTH_PACKAGE Package;
550 
551  ListEntry = PackageListHead.Flink;
552  while (ListEntry != &PackageListHead)
553  {
554  Package = CONTAINING_RECORD(ListEntry, AUTH_PACKAGE, Entry);
555 
556  Package->LsaApLogonTerminated(LogonId);
557 
558  ListEntry = ListEntry->Flink;
559  }
560 }
PLSA_AP_LOGON_TERMINATED LsaApLogonTerminated
Definition: authpackage.c:102
static LIST_ENTRY PackageListHead
Definition: authpackage.c:162
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: typedefs.h:119
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
base of all file and directory entries
Definition: entries.h:82

Referenced by LsapDeleteLogonSession().

◆ SamIConnect()

NTSTATUS NTAPI SamIConnect ( PSAMPR_SERVER_NAME  ServerName,
SAMPR_HANDLE ServerHandle,
ACCESS_MASK  DesiredAccess,
BOOLEAN  Trusted 
)

◆ SamIFree_SAMPR_ULONG_ARRAY()

VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY ( PSAMPR_ULONG_ARRAY  Ptr)

Definition at line 524 of file samsrv.c.

525 {
526  if (Ptr == NULL)
527  return;
528 
529  if (Ptr->Element != NULL)
530  {
531  MIDL_user_free(Ptr->Element);
532  Ptr->Element = NULL;
533  Ptr->Count = 0;
534  }
535 }
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
#define NULL
Definition: types.h:112
void __RPC_USER MIDL_user_free(void *p)
Definition: irotp.c:376

Referenced by LsaApLogonUserEx2(), LsapAddSamGroups(), and MsvpChangePassword().

◆ SamrCloseHandle()

◆ SamrGetAliasMembership()

NTSTATUS __stdcall SamrGetAliasMembership ( SAMPR_HANDLE  DomainHandle,
PSAMPR_PSID_ARRAY  SidArray,
PSAMPR_ULONG_ARRAY  Membership 
)

◆ SamrOpenDomain()

NTSTATUS __stdcall SamrOpenDomain ( SAMPR_HANDLE  ServerHandle,
ACCESS_MASK  DesiredAccess,
PRPC_SID  DomainId,
SAMPR_HANDLE DomainHandle 
)

Variable Documentation

◆ DispatchTable

Definition at line 164 of file authpackage.c.

◆ PackageId

◆ PackageListHead

◆ SeChangeNotifyPrivilege

const LUID SeChangeNotifyPrivilege = CONST_LUID(SE_CHANGE_NOTIFY_PRIVILEGE, 0)
static

Definition at line 167 of file authpackage.c.

Referenced by LsapSetPrivileges(), SepCreateSystemProcessToken(), and SepInitExports().

◆ SeCreateGlobalPrivilege

const LUID SeCreateGlobalPrivilege = CONST_LUID(SE_CREATE_GLOBAL_PRIVILEGE, 0)
static

Definition at line 168 of file authpackage.c.

Referenced by LsapSetPrivileges(), ObpLookupObjectName(), and SepInitExports().

◆ SeImpersonatePrivilege

const LUID SeImpersonatePrivilege = CONST_LUID(SE_IMPERSONATE_PRIVILEGE, 0)
static

Definition at line 169 of file authpackage.c.

Referenced by LsapSetPrivileges(), and SepInitExports().