ReactOS 0.4.17-dev-116-ga4b6fe9
Classes | Typedefs | Functions | Variables
msv1_0.c File Reference
#include "precomp.h"
Include dependency graph for msv1_0.c:

Go to the source code of this file.

Classes

struct  _LOGON_LIST_ENTRY
 

Typedefs

typedef struct _LOGON_LIST_ENTRY LOGON_LIST_ENTRY
 
typedef struct _LOGON_LIST_ENTRYPLOGON_LIST_ENTRY
 

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (msv1_0)
 
static PLOGON_LIST_ENTRY GetLogonByLogonId (_In_ PLUID LogonId)
 
static NTSTATUS BuildInteractiveProfileBuffer (IN PLSA_CLIENT_REQUEST ClientRequest, IN PSAMPR_USER_INFO_BUFFER UserInfo, IN PWSTR ComputerName, OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer, OUT PULONG ProfileBufferLength)
 
static NTSTATUS BuildLm20LogonProfileBuffer (_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PSAMPR_USER_INFO_BUFFER UserInfo, _In_ PLSA_SAM_PWD_DATA LogonPwdData, _Out_ PMSV1_0_LM20_LOGON_PROFILE *ProfileBuffer, _Out_ PULONG ProfileBufferLength)
 
static PSID AppendRidToSid (PSID SrcSid, ULONG Rid)
 
static NTSTATUS BuildTokenUser (OUT PTOKEN_USER User, IN PSID AccountDomainSid, IN ULONG RelativeId)
 
static NTSTATUS BuildTokenPrimaryGroup (OUT PTOKEN_PRIMARY_GROUP PrimaryGroup, IN PSID AccountDomainSid, IN ULONG RelativeId)
 
static NTSTATUS BuildTokenGroups (OUT PTOKEN_GROUPS *Groups, IN PSID AccountDomainSid, IN ULONG RelativeId, IN BOOL SpecialAccount)
 
static NTSTATUS BuildTokenInformationBuffer (PLSA_TOKEN_INFORMATION_V1 *TokenInformation, PRPC_SID AccountDomainSid, PSAMPR_USER_INFO_BUFFER UserInfo, BOOL SpecialAccount)
 
static NTSTATUS MsvpChangePassword (IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
 
static NTSTATUS MsvpEnumerateUsers (_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferLength, _Out_ PVOID *ProtocolReturnBuffer, _Out_ PULONG ReturnBufferLength, _Out_ PNTSTATUS ProtocolStatus)
 
static NTSTATUS MsvpGetUserInfo (_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferLength, _Out_ PVOID *ProtocolReturnBuffer, _Out_ PULONG ReturnBufferLength, _Out_ PNTSTATUS ProtocolStatus)
 
static NTSTATUS MsvpLm20ChallengeRequest (_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferLength, _Out_ PVOID *ProtocolReturnBuffer, _Out_ PULONG ReturnBufferLength, _Out_ PNTSTATUS ProtocolStatus)
 
NTSTATUS NTAPI LsaApCallPackage (IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
 
NTSTATUS NTAPI LsaApCallPackagePassthrough (IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
 
NTSTATUS NTAPI LsaApCallPackageUntrusted (IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
 
NTSTATUS NTAPI LsaApInitializePackage (IN ULONG AuthenticationPackageId, IN PLSA_DISPATCH_TABLE LsaDispatchTable, IN PLSA_STRING Database OPTIONAL, IN PLSA_STRING Confidentiality OPTIONAL, OUT PLSA_STRING *AuthenticationPackageName)
 
VOID NTAPI LsaApLogonTerminated (_In_ PLUID LogonId)
 
static NTSTATUS LsaApLogonUserEx2_Network (_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferSize, _In_ PUNICODE_STRING ComputerName, _Out_ PUNICODE_STRING *LogonUserRef, _Out_ PUNICODE_STRING *LogonDomainRef, _Inout_ PLSA_SAM_PWD_DATA LogonPwdData, _Out_ SAMPR_HANDLE *UserHandlePtr, _Out_ PSAMPR_USER_INFO_BUFFER *UserInfoPtr, _Out_ PRPC_SID *AccountDomainSidPtr, _Out_ PBOOL SpecialAccount, _Out_ PMSV1_0_LM20_LOGON_PROFILE *LogonProfile, _Out_ PULONG LogonProfileSize, _Out_ PNTSTATUS SubStatus)
 
NTSTATUS NTAPI LsaApLogonUserEx2 (IN PLSA_CLIENT_REQUEST ClientRequest, IN SECURITY_LOGON_TYPE LogonType, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferSize, OUT PVOID *ProfileBuffer, OUT PULONG ProfileBufferSize, OUT PLUID LogonId, OUT PNTSTATUS SubStatus, OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType, OUT PVOID *TokenInformation, OUT PUNICODE_STRING *AccountName, OUT PUNICODE_STRING *AuthenticatingAuthority, OUT PUNICODE_STRING *MachineName, OUT PSECPKG_PRIMARY_CRED PrimaryCredentials, OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials)
 
NTSTATUS NTAPI SpLsaModeInitialize (_In_ ULONG LsaVersion, _Out_ PULONG PackageVersion, _Out_ PSECPKG_FUNCTION_TABLE *ppTables, _Out_ PULONG pcTables)
 
NTSTATUS WINAPI SpUserModeInitialize (_In_ ULONG LsaVersion, _Out_ PULONG PackageVersion, _Out_ PSECPKG_USER_FUNCTION_TABLE *ppTables, _Out_ PULONG pcTables)
 

Variables

BOOL PackageInitialized = FALSE
 
LIST_ENTRY LogonListHead
 
RTL_RESOURCE LogonListResource
 
ULONG EnumCounter
 

Typedef Documentation

◆ LOGON_LIST_ENTRY

typedef struct _LOGON_LIST_ENTRY LOGON_LIST_ENTRY

◆ PLOGON_LIST_ENTRY

typedef struct _LOGON_LIST_ENTRY * PLOGON_LIST_ENTRY

Function Documentation

◆ AppendRidToSid()

static PSID AppendRidToSid ( PSID  SrcSid,
ULONG  Rid 
)
static

Definition at line 324 of file msv1_0.c.

326{
327 PSID DstSid = NULL;
328 UCHAR RidCount;
329
330 RidCount = *RtlSubAuthorityCountSid(SrcSid);
331 if (RidCount >= 8)
332 return NULL;
333
334 DstSid = DispatchTable.AllocateLsaHeap(RtlLengthRequiredSid(RidCount + 1));
335 if (DstSid == NULL)
336 return NULL;
337
338 RtlCopyMemory(DstSid,
339 SrcSid,
340 RtlLengthRequiredSid(RidCount));
341
342 *RtlSubAuthorityCountSid(DstSid) = RidCount + 1;
343 *RtlSubAuthoritySid(DstSid, RidCount) = Rid;
344
345 return DstSid;
346}
NULL
#define NULL
Definition: types.h:112
RtlSubAuthoritySid
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
RtlLengthRequiredSid
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
RtlSubAuthorityCountSid
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
Definition: sid.c:104
_SID
Definition: ms-dtyp.idl:198
UCHAR
unsigned char UCHAR
Definition: typedefs.h:53
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
DispatchTable
_In_ PWDFDEVICE_INIT _In_ PWDF_PDO_EVENT_CALLBACKS DispatchTable
Definition: wdfpdo.h:248

Referenced by BuildTokenGroups(), BuildTokenPrimaryGroup(), BuildTokenUser(), SampCreateAccountSid(), SampInitializeSAM(), and SampSetupCreateUserAccount().

◆ BuildInteractiveProfileBuffer()

static NTSTATUS BuildInteractiveProfileBuffer ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PSAMPR_USER_INFO_BUFFER  UserInfo,
IN PWSTR  ComputerName,
OUT PMSV1_0_INTERACTIVE_PROFILE ProfileBuffer,
OUT PULONG  ProfileBufferLength 
)
static

Definition at line 63 of file msv1_0.c.

68{
69 PMSV1_0_INTERACTIVE_PROFILE LocalBuffer = NULL;
70 PVOID ClientBaseAddress = NULL;
71 LPWSTR Ptr;
72 ULONG BufferLength;
73 USHORT ComputerNameLength;
74 NTSTATUS Status = STATUS_SUCCESS;
75
76 *ProfileBuffer = NULL;
77 *ProfileBufferLength = 0;
78
79 if (UIntPtrToUShort(wcslen(ComputerName), &ComputerNameLength) != S_OK)
80 {
81 return STATUS_INVALID_PARAMETER;
82 }
83
84 BufferLength = sizeof(MSV1_0_INTERACTIVE_PROFILE) +
85 UserInfo->All.FullName.Length + sizeof(WCHAR) +
86 UserInfo->All.HomeDirectory.Length + sizeof(WCHAR) +
87 UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR) +
88 UserInfo->All.ScriptPath.Length + sizeof(WCHAR) +
89 UserInfo->All.ProfilePath.Length + sizeof(WCHAR) +
90 ((ComputerNameLength + 3) * sizeof(WCHAR));
91
92 LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength);
93 if (LocalBuffer == NULL)
94 {
95 TRACE("Failed to allocate the local buffer!\n");
96 Status = STATUS_INSUFFICIENT_RESOURCES;
97 goto done;
98 }
99
100 Status = DispatchTable.AllocateClientBuffer(ClientRequest,
101 BufferLength,
102 &ClientBaseAddress);
103 if (!NT_SUCCESS(Status))
104 {
105 TRACE("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
106 goto done;
107 }
108
109 TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
110
111 Ptr = (LPWSTR)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_INTERACTIVE_PROFILE));
112
113 LocalBuffer->MessageType = MsV1_0InteractiveProfile;
114 LocalBuffer->LogonCount = UserInfo->All.LogonCount;
115 LocalBuffer->BadPasswordCount = UserInfo->All.BadPasswordCount;
116
117 LocalBuffer->LogonTime.LowPart = UserInfo->All.LastLogon.LowPart;
118 LocalBuffer->LogonTime.HighPart = UserInfo->All.LastLogon.HighPart;
119
120 LocalBuffer->LogoffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
121 LocalBuffer->LogoffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
122
123 LocalBuffer->KickOffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
124 LocalBuffer->KickOffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
125
126 LocalBuffer->PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart;
127 LocalBuffer->PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart;
128
129 LocalBuffer->PasswordCanChange.LowPart = UserInfo->All.PasswordCanChange.LowPart;
130 LocalBuffer->PasswordCanChange.HighPart = UserInfo->All.PasswordCanChange.HighPart;
131
132 LocalBuffer->PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart;
133 LocalBuffer->PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart;
134
135 LocalBuffer->LogonScript.Length = UserInfo->All.ScriptPath.Length;
136 LocalBuffer->LogonScript.MaximumLength = UserInfo->All.ScriptPath.Length + sizeof(WCHAR);
137 LocalBuffer->LogonScript.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
138 memcpy(Ptr,
139 UserInfo->All.ScriptPath.Buffer,
140 UserInfo->All.ScriptPath.Length);
141
142 Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->LogonScript.MaximumLength);
143
144 LocalBuffer->HomeDirectory.Length = UserInfo->All.HomeDirectory.Length;
145 LocalBuffer->HomeDirectory.MaximumLength = UserInfo->All.HomeDirectory.Length + sizeof(WCHAR);
146 LocalBuffer->HomeDirectory.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
147 memcpy(Ptr,
148 UserInfo->All.HomeDirectory.Buffer,
149 UserInfo->All.HomeDirectory.Length);
150
151 Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectory.MaximumLength);
152
153 LocalBuffer->FullName.Length = UserInfo->All.FullName.Length;
154 LocalBuffer->FullName.MaximumLength = UserInfo->All.FullName.Length + sizeof(WCHAR);
155 LocalBuffer->FullName.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
156 memcpy(Ptr,
157 UserInfo->All.FullName.Buffer,
158 UserInfo->All.FullName.Length);
159 TRACE("FullName.Buffer: %p\n", LocalBuffer->FullName.Buffer);
160
161 Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->FullName.MaximumLength);
162
163 LocalBuffer->ProfilePath.Length = UserInfo->All.ProfilePath.Length;
164 LocalBuffer->ProfilePath.MaximumLength = UserInfo->All.ProfilePath.Length + sizeof(WCHAR);
165 LocalBuffer->ProfilePath.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
166 memcpy(Ptr,
167 UserInfo->All.ProfilePath.Buffer,
168 UserInfo->All.ProfilePath.Length);
169
170 Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->ProfilePath.MaximumLength);
171
172 LocalBuffer->HomeDirectoryDrive.Length = UserInfo->All.HomeDirectoryDrive.Length;
173 LocalBuffer->HomeDirectoryDrive.MaximumLength = UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR);
174 LocalBuffer->HomeDirectoryDrive.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
175 memcpy(Ptr,
176 UserInfo->All.HomeDirectoryDrive.Buffer,
177 UserInfo->All.HomeDirectoryDrive.Length);
178
179 Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectoryDrive.MaximumLength);
180
181 LocalBuffer->LogonServer.Length = (ComputerNameLength + 2) * sizeof(WCHAR);
182 LocalBuffer->LogonServer.MaximumLength = LocalBuffer->LogonServer.Length + sizeof(WCHAR);
183 LocalBuffer->LogonServer.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
184 wcscpy(Ptr, L"\\");
185 wcscat(Ptr, ComputerName);
186
187 LocalBuffer->UserFlags = 0;
188
189 Status = DispatchTable.CopyToClientBuffer(ClientRequest,
190 BufferLength,
191 ClientBaseAddress,
192 LocalBuffer);
193 if (!NT_SUCCESS(Status))
194 {
195 TRACE("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
196 goto done;
197 }
198
199 *ProfileBuffer = (PMSV1_0_INTERACTIVE_PROFILE)ClientBaseAddress;
200 *ProfileBufferLength = BufferLength;
201
202done:
203 if (LocalBuffer != NULL)
204 DispatchTable.FreeLsaHeap(LocalBuffer);
205
206 if (!NT_SUCCESS(Status))
207 {
208 if (ClientBaseAddress != NULL)
209 DispatchTable.FreeClientBuffer(ClientRequest,
210 ClientBaseAddress);
211 }
212
213 return Status;
214}
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
wcslen
_ACRTIMP size_t __cdecl wcslen(const wchar_t *)
Definition: wcs.c:2983
L
#define L(x)
Definition: resources.c:13
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
Ptr
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
Status
Status
Definition: gdiplustypes.h:25
S_OK
#define S_OK
Definition: intsafe.h:52
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
ProfileBuffer
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
Definition: ntifs.template.h:714
ProfileBufferLength
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
Definition: ntifs.template.h:715
WCHAR
short WCHAR
Definition: pedump.c:58
USHORT
unsigned short USHORT
Definition: pedump.c:61
PMSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE * PMSV1_0_INTERACTIVE_PROFILE
MSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE MSV1_0_INTERACTIVE_PROFILE
MsV1_0InteractiveProfile
@ MsV1_0InteractiveProfile
Definition: ntsecapi.h:206
wcscat
wcscat
Definition: corecrt_wstring.h:101
wcscpy
wcscpy
Definition: corecrt_wstring.h:120
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_MSV1_0_INTERACTIVE_PROFILE
Definition: ntsecapi.h:439
_MSV1_0_INTERACTIVE_PROFILE::LogonTime
LARGE_INTEGER LogonTime
Definition: ntsecapi.h:443
_MSV1_0_INTERACTIVE_PROFILE::MessageType
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:440
_MSV1_0_INTERACTIVE_PROFILE::KickOffTime
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:445
_MSV1_0_INTERACTIVE_PROFILE::PasswordMustChange
LARGE_INTEGER PasswordMustChange
Definition: ntsecapi.h:448
_MSV1_0_INTERACTIVE_PROFILE::LogonScript
UNICODE_STRING LogonScript
Definition: ntsecapi.h:449
_MSV1_0_INTERACTIVE_PROFILE::PasswordCanChange
LARGE_INTEGER PasswordCanChange
Definition: ntsecapi.h:447
_MSV1_0_INTERACTIVE_PROFILE::LogoffTime
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:444
_MSV1_0_INTERACTIVE_PROFILE::FullName
UNICODE_STRING FullName
Definition: ntsecapi.h:451
_MSV1_0_INTERACTIVE_PROFILE::UserFlags
ULONG UserFlags
Definition: ntsecapi.h:455
_MSV1_0_INTERACTIVE_PROFILE::PasswordLastSet
LARGE_INTEGER PasswordLastSet
Definition: ntsecapi.h:446
_MSV1_0_INTERACTIVE_PROFILE::ProfilePath
UNICODE_STRING ProfilePath
Definition: ntsecapi.h:452
_MSV1_0_INTERACTIVE_PROFILE::LogonServer
UNICODE_STRING LogonServer
Definition: ntsecapi.h:454
_MSV1_0_INTERACTIVE_PROFILE::HomeDirectory
UNICODE_STRING HomeDirectory
Definition: ntsecapi.h:450
_MSV1_0_INTERACTIVE_PROFILE::HomeDirectoryDrive
UNICODE_STRING HomeDirectoryDrive
Definition: ntsecapi.h:453
_MSV1_0_INTERACTIVE_PROFILE::LogonCount
USHORT LogonCount
Definition: ntsecapi.h:441
_MSV1_0_INTERACTIVE_PROFILE::BadPasswordCount
USHORT BadPasswordCount
Definition: ntsecapi.h:442
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
LPWSTR
uint16_t * LPWSTR
Definition: typedefs.h:56
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
ULONG
uint32_t ULONG
Definition: typedefs.h:59
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_LARGE_INTEGER::LowPart
ULONG LowPart
Definition: typedefs.h:106
_LARGE_INTEGER::HighPart
LONG HighPart
Definition: typedefs.h:107
BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3777

Referenced by LsaApLogonUserEx2().

◆ BuildLm20LogonProfileBuffer()

static NTSTATUS BuildLm20LogonProfileBuffer ( _In_ PLSA_CLIENT_REQUEST  ClientRequest,
_In_ PSAMPR_USER_INFO_BUFFER  UserInfo,
_In_ PLSA_SAM_PWD_DATA  LogonPwdData,
_Out_ PMSV1_0_LM20_LOGON_PROFILE ProfileBuffer,
_Out_ PULONG  ProfileBufferLength 
)
static

Definition at line 219 of file msv1_0.c.

225{
226 PMSV1_0_LM20_LOGON_PROFILE LocalBuffer;
227 NTLM_CLIENT_BUFFER Buffer;
228 PBYTE PtrOffset;
229 ULONG BufferLength;
230 NTSTATUS Status = STATUS_SUCCESS;
231 UNICODE_STRING ComputerNameUCS;
232
233 *ProfileBuffer = NULL;
234 *ProfileBufferLength = 0;
235
236 if (!NtlmUStrAlloc(&ComputerNameUCS, LogonPwdData->ComputerName->Length + sizeof(WCHAR) * 3, 0))
237 {
238 Status = STATUS_INSUFFICIENT_RESOURCES;
239 goto done;
240 }
241 Status = RtlAppendUnicodeToString(&ComputerNameUCS, L"\\\\");
242 if (!NT_SUCCESS(Status))
243 {
244 ERR("RtlAppendUnicodeToString failed 0x%lx\n", Status);
245 goto done;
246 }
247 Status = RtlAppendUnicodeStringToString(&ComputerNameUCS, LogonPwdData->ComputerName);
248 if (!NT_SUCCESS(Status))
249 {
250 ERR("RtlAppendUnicodeStringToString failed 0x%lx\n", Status);
251 goto done;
252 }
253
254 BufferLength = sizeof(MSV1_0_LM20_LOGON_PROFILE) + ComputerNameUCS.Length + sizeof(WCHAR);
255
256 Status = NtlmAllocateClientBuffer(ClientRequest, BufferLength, &Buffer);
257 if (!NT_SUCCESS(Status))
258 {
259 TRACE("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
260 goto done;
261 }
262
263 TRACE("ClientBaseAddress: %p\n", Buffer.ClientBaseAddress);
264
265 LocalBuffer = (PMSV1_0_LM20_LOGON_PROFILE)Buffer.LocalBuffer;
266 PtrOffset = (PBYTE)(LocalBuffer + 1);
267
268 LocalBuffer->MessageType = MsV1_0Lm20LogonProfile;
269 LocalBuffer->KickOffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
270 LocalBuffer->KickOffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
271 LocalBuffer->LogoffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
272 LocalBuffer->LogoffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
273
274 memcpy(LocalBuffer->UserSessionKey,
275 &LogonPwdData->UserSessionKey,
276 MSV1_0_USER_SESSION_KEY_LENGTH);
277
278 //FIXME: Set Domainname if we domain joined
279 // what to do if not? WORKGROUP
280 RtlInitUnicodeString(&LocalBuffer->LogonDomainName, NULL);
281
282 memcpy(LocalBuffer->LanmanSessionKey,
283 &LogonPwdData->LanmanSessionKey,
284 MSV1_0_LANMAN_SESSION_KEY_LENGTH);
285
286 if (!NtlmUStrWriteToStruct(LocalBuffer,
287 BufferLength,
288 &LocalBuffer->LogonServer,
289 &ComputerNameUCS,
290 &PtrOffset,
291 TRUE))
292 {
293 ERR("NtlmStructWriteUCS failed.\n");
294 Status = ERROR_INTERNAL_ERROR;
295 goto done;
296 }
297 /* not supported */
298 RtlInitUnicodeString(&LocalBuffer->UserParameters, NULL);
299 /* Build user flags */
300 LocalBuffer->UserFlags = 0x0;
301 if (LogonPwdData->LogonType == NetLogonLmKey)
302 LocalBuffer->UserFlags |= LOGON_USED_LM_PASSWORD;
303
304 /* copy data to client buffer */
305 Status = NtlmCopyToClientBuffer(ClientRequest, BufferLength, &Buffer);
306 if (!NT_SUCCESS(Status))
307 {
308 TRACE("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
309 goto done;
310 }
311
312 *ProfileBuffer = (PMSV1_0_LM20_LOGON_PROFILE)Buffer.ClientBaseAddress;
313 *ProfileBufferLength = BufferLength;
314done:
315 /* On success Buffer.ClientBaseAddress will not be free */
316 NtlmFreeClientBuffer(ClientRequest, !NT_SUCCESS(Status), &Buffer);
317 NtlmUStrFree(&ComputerNameUCS);
318 return Status;
319}
ERR
#define ERR(fmt,...)
Definition: precomp.h:57
PtrOffset
#define PtrOffset(BASE, OFFSET)
Definition: cdprocs.h:1547
Buffer
Definition: bufpool.h:45
TRUE
#define TRUE
Definition: types.h:120
NtlmUStrWriteToStruct
bool NtlmUStrWriteToStruct(_In_ PVOID DataStart, _In_ ULONG DataSize, _Out_ PUNICODE_STRING DstData, _In_ const PUNICODE_STRING SrcData, _Inout_ PBYTE *AbsoluteOffsetPtr, _In_ bool TerminateWith0)
Definition: util.c:197
NtlmUStrFree
VOID NtlmUStrFree(_In_ PUNICODE_STRING String)
Definition: util.c:115
NtlmCopyToClientBuffer
NTSTATUS NtlmCopyToClientBuffer(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ ULONG BufferLength, _Inout_ PNTLM_CLIENT_BUFFER Buffer)
Definition: util.c:301
NtlmUStrAlloc
bool NtlmUStrAlloc(_Inout_ PUNICODE_STRING Dst, _In_ UINT16 SizeInBytes, _In_ UINT16 InitLength)
Definition: util.c:103
NtlmAllocateClientBuffer
NTSTATUS NtlmAllocateClientBuffer(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ ULONG BufferLength, _Inout_ PNTLM_CLIENT_BUFFER Buffer)
Definition: util.c:264
NtlmFreeClientBuffer
VOID NtlmFreeClientBuffer(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ bool FreeClientBuffer, _Inout_ PNTLM_CLIENT_BUFFER Buffer)
Definition: util.c:335
RtlAppendUnicodeToString
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
Definition: string_lib.cpp:62
RtlAppendUnicodeStringToString
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
PBYTE
BYTE * PBYTE
Definition: pedump.c:66
MSV1_0_USER_SESSION_KEY_LENGTH
#define MSV1_0_USER_SESSION_KEY_LENGTH
Definition: ntsecapi.h:60
MSV1_0_LM20_LOGON_PROFILE
struct _MSV1_0_LM20_LOGON_PROFILE MSV1_0_LM20_LOGON_PROFILE
MsV1_0Lm20LogonProfile
@ MsV1_0Lm20LogonProfile
Definition: ntsecapi.h:207
PMSV1_0_LM20_LOGON_PROFILE
struct _MSV1_0_LM20_LOGON_PROFILE * PMSV1_0_LM20_LOGON_PROFILE
MSV1_0_LANMAN_SESSION_KEY_LENGTH
#define MSV1_0_LANMAN_SESSION_KEY_LENGTH
Definition: ntsecapi.h:34
LOGON_USED_LM_PASSWORD
#define LOGON_USED_LM_PASSWORD
Definition: ntsecapi.h:11
NetLogonLmKey
@ NetLogonLmKey
Definition: sam.h:13
_MSV1_0_LM20_LOGON_PROFILE
Definition: ntsecapi.h:478
_MSV1_0_LM20_LOGON_PROFILE::MessageType
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:479
_MSV1_0_LM20_LOGON_PROFILE::UserSessionKey
UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH]
Definition: ntsecapi.h:483
_MSV1_0_LM20_LOGON_PROFILE::LogonServer
UNICODE_STRING LogonServer
Definition: ntsecapi.h:486
_MSV1_0_LM20_LOGON_PROFILE::LanmanSessionKey
UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH]
Definition: ntsecapi.h:485
_MSV1_0_LM20_LOGON_PROFILE::UserFlags
ULONG UserFlags
Definition: ntsecapi.h:482
_MSV1_0_LM20_LOGON_PROFILE::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:484
_MSV1_0_LM20_LOGON_PROFILE::LogoffTime
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:481
_MSV1_0_LM20_LOGON_PROFILE::UserParameters
UNICODE_STRING UserParameters
Definition: ntsecapi.h:487
_MSV1_0_LM20_LOGON_PROFILE::KickOffTime
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:480
_NTLM_CLIENT_BUFFER
Definition: util.h:43
_UNICODE_STRING
Definition: env_spec_w32.h:368
ERROR_INTERNAL_ERROR
#define ERROR_INTERNAL_ERROR
Definition: winerror.h:1185

Referenced by LsaApLogonUserEx2_Network().

◆ BuildTokenGroups()

static NTSTATUS BuildTokenGroups ( OUT PTOKEN_GROUPS Groups,
IN PSID  AccountDomainSid,
IN ULONG  RelativeId,
IN BOOL  SpecialAccount 
)
static

Definition at line 389 of file msv1_0.c.

393{
394 SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
395 PTOKEN_GROUPS TokenGroups;
396 DWORD GroupCount = 0;
397 DWORD MaxGroups = 2;
398 PSID Sid;
399 NTSTATUS Status = STATUS_SUCCESS;
400
401 if (SpecialAccount)
402 MaxGroups++;
403
404 TokenGroups = DispatchTable.AllocateLsaHeap(sizeof(TOKEN_GROUPS) +
405 MaxGroups * sizeof(SID_AND_ATTRIBUTES));
406 if (TokenGroups == NULL)
407 {
408 return STATUS_INSUFFICIENT_RESOURCES;
409 }
410
411 if (SpecialAccount)
412 {
413 /* Self */
414 Sid = AppendRidToSid(AccountDomainSid, RelativeId);
415 if (Sid == NULL)
416 {
417
418 }
419
420 TokenGroups->Groups[GroupCount].Sid = Sid;
421 TokenGroups->Groups[GroupCount].Attributes =
422 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
423 GroupCount++;
424
425 /* Member of 'Users' alias */
426 RtlAllocateAndInitializeSid(&SystemAuthority,
427 2,
428 SECURITY_BUILTIN_DOMAIN_RID,
429 DOMAIN_ALIAS_RID_USERS,
430 SECURITY_NULL_RID,
431 SECURITY_NULL_RID,
432 SECURITY_NULL_RID,
433 SECURITY_NULL_RID,
434 SECURITY_NULL_RID,
435 SECURITY_NULL_RID,
436 &Sid);
437 TokenGroups->Groups[GroupCount].Sid = Sid;
438 TokenGroups->Groups[GroupCount].Attributes =
439 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
440 GroupCount++;
441 }
442 else
443 {
444 /* Member of the domains users group */
445 Sid = AppendRidToSid(AccountDomainSid, DOMAIN_GROUP_RID_USERS);
446 if (Sid == NULL)
447 {
448
449 }
450
451 TokenGroups->Groups[GroupCount].Sid = Sid;
452 TokenGroups->Groups[GroupCount].Attributes =
453 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
454 GroupCount++;
455 }
456
457 /* Member of 'Authenticated users' */
458 RtlAllocateAndInitializeSid(&SystemAuthority,
459 1,
460 SECURITY_AUTHENTICATED_USER_RID,
461 SECURITY_NULL_RID,
462 SECURITY_NULL_RID,
463 SECURITY_NULL_RID,
464 SECURITY_NULL_RID,
465 SECURITY_NULL_RID,
466 SECURITY_NULL_RID,
467 SECURITY_NULL_RID,
468 &Sid);
469 TokenGroups->Groups[GroupCount].Sid = Sid;
470 TokenGroups->Groups[GroupCount].Attributes =
471 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
472 GroupCount++;
473
474 TokenGroups->GroupCount = GroupCount;
475 ASSERT(TokenGroups->GroupCount <= MaxGroups);
476
477 *Groups = TokenGroups;
478
479 return Status;
480}
AccountDomainSid
PSID AccountDomainSid
Definition: database.c:24
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
ASSERT
#define ASSERT(a)
Definition: mode.c:44
SystemAuthority
static SID_IDENTIFIER_AUTHORITY SystemAuthority
Definition: msgina.c:38
AppendRidToSid
static PSID AppendRidToSid(PSID SrcSid, ULONG Rid)
Definition: msv1_0.c:324
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1165
SE_GROUP_MANDATORY
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
SE_GROUP_ENABLED_BY_DEFAULT
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
_SID_AND_ATTRIBUTES
Definition: setypes.h:502
_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194
_TOKEN_GROUPS
Definition: setypes.h:1025
DOMAIN_ALIAS_RID_USERS
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:653
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
SECURITY_AUTHENTICATED_USER_RID
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:568
SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:540
SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
TokenGroups
@ TokenGroups
Definition: setypes.h:979
DOMAIN_GROUP_RID_USERS
#define DOMAIN_GROUP_RID_USERS
Definition: setypes.h:640

Referenced by BuildTokenInformationBuffer().

◆ BuildTokenInformationBuffer()

static NTSTATUS BuildTokenInformationBuffer ( PLSA_TOKEN_INFORMATION_V1 TokenInformation,
PRPC_SID  AccountDomainSid,
PSAMPR_USER_INFO_BUFFER  UserInfo,
BOOL  SpecialAccount 
)
static

Definition at line 485 of file msv1_0.c.

489{
490 PLSA_TOKEN_INFORMATION_V1 Buffer = NULL;
491 ULONG i;
492 NTSTATUS Status = STATUS_SUCCESS;
493
494 Buffer = DispatchTable.AllocateLsaHeap(sizeof(LSA_TOKEN_INFORMATION_V1));
495 if (Buffer == NULL)
496 {
497 WARN("Failed to allocate the local buffer!\n");
498 Status = STATUS_INSUFFICIENT_RESOURCES;
499 goto done;
500 }
501
502 Buffer->ExpirationTime.LowPart = UserInfo->All.AccountExpires.LowPart;
503 Buffer->ExpirationTime.HighPart = UserInfo->All.AccountExpires.HighPart;
504
505 Status = BuildTokenUser(&Buffer->User,
506 (PSID)AccountDomainSid,
507 UserInfo->All.UserId);
508 if (!NT_SUCCESS(Status))
509 {
510 WARN("BuildTokenUser() failed (Status 0x%08lx)\n", Status);
511 goto done;
512 }
513
514 Status = BuildTokenPrimaryGroup(&Buffer->PrimaryGroup,
515 (PSID)AccountDomainSid,
516 UserInfo->All.PrimaryGroupId);
517 if (!NT_SUCCESS(Status))
518 {
519 WARN("BuildTokenPrimaryGroup() failed (Status 0x%08lx)\n", Status);
520 goto done;
521 }
522
523 Status = BuildTokenGroups(&Buffer->Groups,
524 (PSID)AccountDomainSid,
525 UserInfo->All.UserId,
526 SpecialAccount);
527 if (!NT_SUCCESS(Status))
528 {
529 WARN("BuildTokenGroups() failed (Status 0x%08lx)\n", Status);
530 goto done;
531 }
532
533 *TokenInformation = Buffer;
534
535done:
536 if (!NT_SUCCESS(Status))
537 {
538 if (Buffer != NULL)
539 {
540 if (Buffer->User.User.Sid != NULL)
541 DispatchTable.FreeLsaHeap(Buffer->User.User.Sid);
542
543 if (Buffer->Groups != NULL)
544 {
545 for (i = 0; i < Buffer->Groups->GroupCount; i++)
546 {
547 if (Buffer->Groups->Groups[i].Sid != NULL)
548 DispatchTable.FreeLsaHeap(Buffer->Groups->Groups[i].Sid);
549 }
550
551 DispatchTable.FreeLsaHeap(Buffer->Groups);
552 }
553
554 if (Buffer->PrimaryGroup.PrimaryGroup != NULL)
555 DispatchTable.FreeLsaHeap(Buffer->PrimaryGroup.PrimaryGroup);
556
557 if (Buffer->DefaultDacl.DefaultDacl != NULL)
558 DispatchTable.FreeLsaHeap(Buffer->DefaultDacl.DefaultDacl);
559
560 DispatchTable.FreeLsaHeap(Buffer);
561 }
562 }
563
564 return Status;
565}
WARN
#define WARN(fmt,...)
Definition: precomp.h:61
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
BuildTokenGroups
static NTSTATUS BuildTokenGroups(OUT PTOKEN_GROUPS *Groups, IN PSID AccountDomainSid, IN ULONG RelativeId, IN BOOL SpecialAccount)
Definition: msv1_0.c:389
BuildTokenPrimaryGroup
static NTSTATUS BuildTokenPrimaryGroup(OUT PTOKEN_PRIMARY_GROUP PrimaryGroup, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:371
BuildTokenUser
static NTSTATUS BuildTokenUser(OUT PTOKEN_USER User, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:351
_LSA_TOKEN_INFORMATION_V1
Definition: authpackage.c:27
_OLD_LARGE_INTEGER::LowPart
unsigned long LowPart
Definition: msv1_0.h:32
_OLD_LARGE_INTEGER::HighPart
long HighPart
Definition: msv1_0.h:33
_SAMPR_USER_ALL_INFORMATION::PrimaryGroupId
unsigned long PrimaryGroupId
Definition: msv1_0.h:101
_SAMPR_USER_ALL_INFORMATION::UserId
unsigned long UserId
Definition: msv1_0.h:100
_SAMPR_USER_ALL_INFORMATION::AccountExpires
OLD_LARGE_INTEGER AccountExpires
Definition: msv1_0.h:83
_SAMPR_USER_INFO_BUFFER::All
SAMPR_USER_ALL_INFORMATION All
Definition: msv1_0.h:141

Referenced by LsaApLogonUserEx2().

◆ BuildTokenPrimaryGroup()

static NTSTATUS BuildTokenPrimaryGroup ( OUT PTOKEN_PRIMARY_GROUP  PrimaryGroup,
IN PSID  AccountDomainSid,
IN ULONG  RelativeId 
)
static

Definition at line 371 of file msv1_0.c.

374{
375 PrimaryGroup->PrimaryGroup = AppendRidToSid(AccountDomainSid,
376 RelativeId);
377 if (PrimaryGroup->PrimaryGroup == NULL)
378 {
379 ERR("Could not create the primary group SID\n");
380 return STATUS_INSUFFICIENT_RESOURCES;
381 }
382
383 return STATUS_SUCCESS;
384}
PrimaryGroup
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1631

Referenced by BuildTokenInformationBuffer().

◆ BuildTokenUser()

static NTSTATUS BuildTokenUser ( OUT PTOKEN_USER  User,
IN PSID  AccountDomainSid,
IN ULONG  RelativeId 
)
static

Definition at line 351 of file msv1_0.c.

354{
355 User->User.Sid = AppendRidToSid(AccountDomainSid,
356 RelativeId);
357 if (User->User.Sid == NULL)
358 {
359 ERR("Could not create the user SID\n");
360 return STATUS_INSUFFICIENT_RESOURCES;
361 }
362
363 User->User.Attributes = 0;
364
365 return STATUS_SUCCESS;
366}

Referenced by BuildTokenInformationBuffer().

◆ GetLogonByLogonId()

static PLOGON_LIST_ENTRY GetLogonByLogonId ( _In_ PLUID  LogonId)
static

Definition at line 37 of file msv1_0.c.

39{
40 PLOGON_LIST_ENTRY LogonEntry;
41 PLIST_ENTRY CurrentEntry;
42
43 CurrentEntry = LogonListHead.Flink;
44 while (CurrentEntry != &LogonListHead)
45 {
46 LogonEntry = CONTAINING_RECORD(CurrentEntry,
47 LOGON_LIST_ENTRY,
48 ListEntry);
49
50 if ((LogonEntry->LogonId.HighPart == LogonId->HighPart) &&
51 (LogonEntry->LogonId.LowPart == LogonId->LowPart))
52 return LogonEntry;
53
54 CurrentEntry = CurrentEntry->Flink;
55 }
56
57 return NULL;
58}
LogonListHead
LIST_ENTRY LogonListHead
Definition: msv1_0.c:29
LogonId
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
Definition: ntifs.template.h:716
_LIST_ENTRY
Definition: typedefs.h:120
_LIST_ENTRY::Flink
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
_LOGON_LIST_ENTRY
Definition: msv1_0.c:16
_LOGON_LIST_ENTRY::LogonId
LUID LogonId
Definition: msv1_0.c:18
_LUID::HighPart
LONG HighPart
Definition: devicetopology.idl:139
_LUID::LowPart
DWORD LowPart
Definition: devicetopology.idl:138
CONTAINING_RECORD
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260

Referenced by LsaApLogonTerminated(), and MsvpGetUserInfo().

◆ LsaApCallPackage()

NTSTATUS NTAPI LsaApCallPackage ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PVOID  ProtocolSubmitBuffer,
IN PVOID  ClientBufferBase,
IN ULONG  SubmitBufferLength,
OUT PVOID ProtocolReturnBuffer,
OUT PULONG  ReturnBufferLength,
OUT PNTSTATUS  ProtocolStatus 
)

Definition at line 1224 of file msv1_0.c.

1231{
1232 NTSTATUS Status;
1233 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1234
1235 TRACE("LsaApCallPackage()\n");
1236
1237 if (SubmitBufferLength < sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE))
1238 return STATUS_INVALID_PARAMETER;
1239
1240 MessageType = *((PMSV1_0_PROTOCOL_MESSAGE_TYPE)ProtocolSubmitBuffer);
1241
1242 *ProtocolReturnBuffer = NULL;
1243 *ReturnBufferLength = 0;
1244
1245 switch (MessageType)
1246 {
1247 case MsV1_0Lm20ChallengeRequest:
1248 Status = MsvpLm20ChallengeRequest(ClientRequest,
1249 ProtocolSubmitBuffer,
1250 ClientBufferBase,
1251 SubmitBufferLength,
1252 ProtocolReturnBuffer,
1253 ReturnBufferLength,
1254 ProtocolStatus);
1255 break;
1256
1257 case MsV1_0Lm20GetChallengeResponse:
1258 Status = STATUS_NOT_IMPLEMENTED;
1259 break;
1260
1261 case MsV1_0EnumerateUsers:
1262 Status = MsvpEnumerateUsers(ClientRequest,
1263 ProtocolSubmitBuffer,
1264 ClientBufferBase,
1265 SubmitBufferLength,
1266 ProtocolReturnBuffer,
1267 ReturnBufferLength,
1268 ProtocolStatus);
1269 break;
1270
1271 case MsV1_0GetUserInfo:
1272 Status = MsvpGetUserInfo(ClientRequest,
1273 ProtocolSubmitBuffer,
1274 ClientBufferBase,
1275 SubmitBufferLength,
1276 ProtocolReturnBuffer,
1277 ReturnBufferLength,
1278 ProtocolStatus);
1279 break;
1280
1281 case MsV1_0ReLogonUsers:
1282 Status = STATUS_INVALID_PARAMETER;
1283 break;
1284
1285 case MsV1_0ChangePassword:
1286 Status = MsvpChangePassword(ClientRequest,
1287 ProtocolSubmitBuffer,
1288 ClientBufferBase,
1289 SubmitBufferLength,
1290 ProtocolReturnBuffer,
1291 ReturnBufferLength,
1292 ProtocolStatus);
1293 break;
1294
1295 case MsV1_0ChangeCachedPassword:
1296 case MsV1_0GenericPassthrough:
1297 case MsV1_0CacheLogon:
1298 case MsV1_0SubAuth:
1299 case MsV1_0DeriveCredential:
1300 case MsV1_0CacheLookup:
1301 Status = STATUS_NOT_IMPLEMENTED;
1302 break;
1303
1304 default:
1305 return STATUS_INVALID_PARAMETER;
1306 }
1307
1308 return Status;
1309}
STATUS_NOT_IMPLEMENTED
#define STATUS_NOT_IMPLEMENTED
Definition: d3dkmdt.h:42
ProtocolStatus
VOID NTAPI ProtocolStatus(NDIS_HANDLE BindingContext, NDIS_STATUS GenerelStatus, PVOID StatusBuffer, UINT StatusBufferSize)
Called by NDIS when the underlying driver has changed state.
Definition: lan.c:461
MsvpGetUserInfo
static NTSTATUS MsvpGetUserInfo(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferLength, _Out_ PVOID *ProtocolReturnBuffer, _Out_ PULONG ReturnBufferLength, _Out_ PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:1002
MsvpLm20ChallengeRequest
static NTSTATUS MsvpLm20ChallengeRequest(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferLength, _Out_ PVOID *ProtocolReturnBuffer, _Out_ PULONG ReturnBufferLength, _Out_ PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:1134
MsvpEnumerateUsers
static NTSTATUS MsvpEnumerateUsers(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferLength, _Out_ PVOID *ProtocolReturnBuffer, _Out_ PULONG ReturnBufferLength, _Out_ PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:869
MsvpChangePassword
static NTSTATUS MsvpChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:570
MsV1_0ChangeCachedPassword
@ MsV1_0ChangeCachedPassword
Definition: ntsecapi.h:224
MsV1_0GenericPassthrough
@ MsV1_0GenericPassthrough
Definition: ntsecapi.h:225
MsV1_0Lm20GetChallengeResponse
@ MsV1_0Lm20GetChallengeResponse
Definition: ntsecapi.h:219
MsV1_0CacheLookup
@ MsV1_0CacheLookup
Definition: ntsecapi.h:229
MsV1_0DeriveCredential
@ MsV1_0DeriveCredential
Definition: ntsecapi.h:228
MsV1_0ReLogonUsers
@ MsV1_0ReLogonUsers
Definition: ntsecapi.h:222
MsV1_0ChangePassword
@ MsV1_0ChangePassword
Definition: ntsecapi.h:223
MsV1_0Lm20ChallengeRequest
@ MsV1_0Lm20ChallengeRequest
Definition: ntsecapi.h:218
MsV1_0EnumerateUsers
@ MsV1_0EnumerateUsers
Definition: ntsecapi.h:220
MsV1_0CacheLogon
@ MsV1_0CacheLogon
Definition: ntsecapi.h:226
MsV1_0GetUserInfo
@ MsV1_0GetUserInfo
Definition: ntsecapi.h:221
MsV1_0SubAuth
@ MsV1_0SubAuth
Definition: ntsecapi.h:227
PMSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE * PMSV1_0_PROTOCOL_MESSAGE_TYPE
MSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE MSV1_0_PROTOCOL_MESSAGE_TYPE

◆ LsaApCallPackagePassthrough()

NTSTATUS NTAPI LsaApCallPackagePassthrough ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PVOID  ProtocolSubmitBuffer,
IN PVOID  ClientBufferBase,
IN ULONG  SubmitBufferLength,
OUT PVOID ProtocolReturnBuffer,
OUT PULONG  ReturnBufferLength,
OUT PNTSTATUS  ProtocolStatus 
)

Definition at line 1317 of file msv1_0.c.

1324{
1325 TRACE("LsaApCallPackagePassthrough()\n");
1326 return STATUS_NOT_IMPLEMENTED;
1327}

◆ LsaApCallPackageUntrusted()

NTSTATUS NTAPI LsaApCallPackageUntrusted ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PVOID  ProtocolSubmitBuffer,
IN PVOID  ClientBufferBase,
IN ULONG  SubmitBufferLength,
OUT PVOID ProtocolReturnBuffer,
OUT PULONG  ReturnBufferLength,
OUT PNTSTATUS  ProtocolStatus 
)

Definition at line 1335 of file msv1_0.c.

1342{
1343 ULONG MessageType;
1344 NTSTATUS Status;
1345
1346 TRACE("LsaApCallPackageUntrusted()\n");
1347
1348 if (SubmitBufferLength < sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE))
1349 return STATUS_INVALID_PARAMETER;
1350
1351 MessageType = (ULONG)*((PMSV1_0_PROTOCOL_MESSAGE_TYPE)ProtocolSubmitBuffer);
1352
1353 *ProtocolReturnBuffer = NULL;
1354 *ReturnBufferLength = 0;
1355
1356 if (MessageType == MsV1_0ChangePassword)
1357 Status = MsvpChangePassword(ClientRequest,
1358 ProtocolSubmitBuffer,
1359 ClientBufferBase,
1360 SubmitBufferLength,
1361 ProtocolReturnBuffer,
1362 ReturnBufferLength,
1363 ProtocolStatus);
1364 else
1365 Status = STATUS_ACCESS_DENIED;
1366
1367 return Status;
1368}
STATUS_ACCESS_DENIED
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145

◆ LsaApInitializePackage()

NTSTATUS NTAPI LsaApInitializePackage ( IN ULONG  AuthenticationPackageId,
IN PLSA_DISPATCH_TABLE  LsaDispatchTable,
IN PLSA_STRING Database  OPTIONAL,
IN PLSA_STRING Confidentiality  OPTIONAL,
OUT PLSA_STRING AuthenticationPackageName 
)

Definition at line 1376 of file msv1_0.c.

1381{
1382 PANSI_STRING NameString;
1383 PCHAR NameBuffer;
1384
1385 TRACE("LsaApInitializePackage(%lu %p %p %p %p)\n",
1386 AuthenticationPackageId, LsaDispatchTable, Database,
1387 Confidentiality, AuthenticationPackageName);
1388
1389 if (!PackageInitialized)
1390 {
1391 InitializeListHead(&LogonListHead);
1392 RtlInitializeResource(&LogonListResource);
1393 EnumCounter = 0;
1394 PackageInitialized = TRUE;
1395 }
1396
1397 /* Get the dispatch table entries */
1398 DispatchTable.CreateLogonSession = LsaDispatchTable->CreateLogonSession;
1399 DispatchTable.DeleteLogonSession = LsaDispatchTable->DeleteLogonSession;
1400 DispatchTable.AddCredential = LsaDispatchTable->AddCredential;
1401 DispatchTable.GetCredentials = LsaDispatchTable->GetCredentials;
1402 DispatchTable.DeleteCredential = LsaDispatchTable->DeleteCredential;
1403 DispatchTable.AllocateLsaHeap = LsaDispatchTable->AllocateLsaHeap;
1404 DispatchTable.FreeLsaHeap = LsaDispatchTable->FreeLsaHeap;
1405 DispatchTable.AllocateClientBuffer = LsaDispatchTable->AllocateClientBuffer;
1406 DispatchTable.FreeClientBuffer = LsaDispatchTable->FreeClientBuffer;
1407 DispatchTable.CopyToClientBuffer = LsaDispatchTable->CopyToClientBuffer;
1408 DispatchTable.CopyFromClientBuffer = LsaDispatchTable->CopyFromClientBuffer;
1409
1410 /* Return the package name */
1411 NameString = DispatchTable.AllocateLsaHeap(sizeof(LSA_STRING));
1412 if (NameString == NULL)
1413 return STATUS_INSUFFICIENT_RESOURCES;
1414
1415 NameBuffer = DispatchTable.AllocateLsaHeap(sizeof(MSV1_0_PACKAGE_NAME));
1416 if (NameBuffer == NULL)
1417 {
1418 DispatchTable.FreeLsaHeap(NameString);
1419 return STATUS_INSUFFICIENT_RESOURCES;
1420 }
1421
1422 strcpy(NameBuffer, MSV1_0_PACKAGE_NAME);
1423
1424 RtlInitAnsiString(NameString, NameBuffer);
1425
1426 *AuthenticationPackageName = (PLSA_STRING)NameString;
1427
1428 return STATUS_SUCCESS;
1429}
InitializeListHead
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
EnumCounter
ULONG EnumCounter
Definition: msv1_0.c:31
PackageInitialized
BOOL PackageInitialized
Definition: msv1_0.c:28
LogonListResource
RTL_RESOURCE LogonListResource
Definition: msv1_0.c:30
RtlInitializeResource
NTSYSAPI VOID NTAPI RtlInitializeResource(_In_ PRTL_RESOURCE Resource)
RtlInitAnsiString
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
PLSA_STRING
struct _LSA_STRING * PLSA_STRING
MSV1_0_PACKAGE_NAME
#define MSV1_0_PACKAGE_NAME
Definition: ntsecapi.h:42
strcpy
strcpy
Definition: string.h:131
_ANSI_STRING
Definition: env_spec_w32.h:375
_LSA_STRING
Definition: ntsecapi.h:171
PCHAR
char * PCHAR
Definition: typedefs.h:51

◆ LsaApLogonTerminated()

VOID NTAPI LsaApLogonTerminated ( _In_ PLUID  LogonId)

Definition at line 1437 of file msv1_0.c.

1439{
1440 PLOGON_LIST_ENTRY LogonEntry;
1441
1442 TRACE("LsaApLogonTerminated()\n");
1443
1444 /* Remove the given logon entry from the list */
1445 LogonEntry = GetLogonByLogonId(LogonId);
1446 if (LogonEntry != NULL)
1447 {
1448 RtlAcquireResourceExclusive(&LogonListResource, TRUE);
1449 RemoveEntryList(&LogonEntry->ListEntry);
1450 RtlReleaseResource(&LogonListResource);
1451
1452 if (LogonEntry->UserName.Buffer)
1453 RtlFreeHeap(RtlGetProcessHeap(), 0, LogonEntry->UserName.Buffer);
1454
1455 if (LogonEntry->LogonDomainName.Buffer)
1456 RtlFreeHeap(RtlGetProcessHeap(), 0, LogonEntry->LogonDomainName.Buffer);
1457
1458 if (LogonEntry->LogonServer.Buffer)
1459 RtlFreeHeap(RtlGetProcessHeap(), 0, LogonEntry->LogonServer.Buffer);
1460
1461 RtlFreeHeap(RtlGetProcessHeap(), 0, LogonEntry);
1462 }
1463}
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:634
RemoveEntryList
#define RemoveEntryList(Entry)
Definition: env_spec_w32.h:986
GetLogonByLogonId
static PLOGON_LIST_ENTRY GetLogonByLogonId(_In_ PLUID LogonId)
Definition: msv1_0.c:37
RtlAcquireResourceExclusive
NTSYSAPI BOOLEAN NTAPI RtlAcquireResourceExclusive(_In_ PRTL_RESOURCE Resource, _In_ BOOLEAN Wait)
RtlReleaseResource
NTSYSAPI VOID NTAPI RtlReleaseResource(_In_ PRTL_RESOURCE Resource)
_LOGON_LIST_ENTRY::UserName
UNICODE_STRING UserName
Definition: msv1_0.c:20
_LOGON_LIST_ENTRY::ListEntry
LIST_ENTRY ListEntry
Definition: msv1_0.c:17
_LOGON_LIST_ENTRY::LogonServer
UNICODE_STRING LogonServer
Definition: msv1_0.c:22
_LOGON_LIST_ENTRY::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: msv1_0.c:21

◆ LsaApLogonUserEx2()

NTSTATUS NTAPI LsaApLogonUserEx2 ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN SECURITY_LOGON_TYPE  LogonType,
IN PVOID  ProtocolSubmitBuffer,
IN PVOID  ClientBufferBase,
IN ULONG  SubmitBufferSize,
OUT PVOID ProfileBuffer,
OUT PULONG  ProfileBufferSize,
OUT PLUID  LogonId,
OUT PNTSTATUS  SubStatus,
OUT PLSA_TOKEN_INFORMATION_TYPE  TokenInformationType,
OUT PVOID TokenInformation,
OUT PUNICODE_STRING AccountName,
OUT PUNICODE_STRING AuthenticatingAuthority,
OUT PUNICODE_STRING MachineName,
OUT PSECPKG_PRIMARY_CRED  PrimaryCredentials,
OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY SupplementalCredentials 
)

Definition at line 1561 of file msv1_0.c.

1577{
1578 NTSTATUS Status;
1579 UNICODE_STRING ComputerName;
1580 WCHAR ComputerNameData[MAX_COMPUTERNAME_LENGTH + 1];
1581 PUNICODE_STRING LogonUserName = NULL;
1582 LSA_SAM_PWD_DATA LogonPwdData = { FALSE, NULL };
1583 PUNICODE_STRING LogonDomain = NULL;
1584 SAMPR_HANDLE UserHandle = NULL;
1585 PRPC_SID AccountDomainSid = NULL;
1586 PSAMPR_USER_INFO_BUFFER UserInfo = NULL;
1587 BOOLEAN SessionCreated = FALSE;
1588 DWORD ComputerNameSize;
1589 BOOL SpecialAccount = FALSE;
1590 UCHAR LogonPassHash;
1591 PUNICODE_STRING ErasePassword = NULL;
1592 PLOGON_LIST_ENTRY LogonEntry = NULL;
1593
1594 TRACE("LsaApLogonUserEx2()\n");
1595
1596 TRACE("LogonType: %lu\n", LogonType);
1597 TRACE("ProtocolSubmitBuffer: %p\n", ProtocolSubmitBuffer);
1598 TRACE("SubmitBufferSize: %lu\n", SubmitBufferSize);
1599
1600 *ProfileBuffer = NULL;
1601 *ProfileBufferSize = 0;
1602 *SubStatus = STATUS_SUCCESS;
1603 *AccountName = NULL;
1604 *AuthenticatingAuthority = NULL;
1605
1606 /* Get the computer name */
1607 ComputerNameSize = ARRAYSIZE(ComputerNameData);
1608 if (!GetComputerNameW(ComputerNameData, &ComputerNameSize))
1609 {
1610 ERR("Failed to get Computername.\n");
1611 return STATUS_INTERNAL_ERROR;
1612 }
1613 RtlInitUnicodeString(&ComputerName, ComputerNameData);
1614
1615 /* Parameters validation */
1616 if (LogonType == Interactive ||
1617 LogonType == Batch ||
1618 LogonType == Service)
1619 {
1620 PMSV1_0_INTERACTIVE_LOGON LogonInfo;
1621 ULONG_PTR PtrOffset;
1622
1623 if (SubmitBufferSize < sizeof(MSV1_0_INTERACTIVE_LOGON))
1624 {
1625 ERR("Invalid SubmitBufferSize %lu\n", SubmitBufferSize);
1626 return STATUS_INVALID_PARAMETER;
1627 }
1628
1629 LogonInfo = (PMSV1_0_INTERACTIVE_LOGON)ProtocolSubmitBuffer;
1630
1631 if (LogonInfo->MessageType != MsV1_0InteractiveLogon &&
1632 LogonInfo->MessageType != MsV1_0WorkstationUnlockLogon)
1633 {
1634 ERR("Invalid MessageType %lu\n", LogonInfo->MessageType);
1635 return STATUS_BAD_VALIDATION_CLASS;
1636 }
1637
1638#if 0 // FIXME: These checks happen to be done on Windows. We however keep them general on ReactOS for now...
1639 if (LogonInfo->UserName.Length > 512) // CRED_MAX_STRING_LENGTH * sizeof(WCHAR) or (CREDUI_MAX_USERNAME_LENGTH (== CRED_MAX_USERNAME_LENGTH) - 1) * sizeof(WCHAR)
1640 {
1641 ERR("UserName too long (%lu, maximum 512)\n", LogonInfo->UserName.Length);
1642 return STATUS_NAME_TOO_LONG;
1643 }
1644 if (LogonInfo->Password.Length > 512) // CREDUI_MAX_PASSWORD_LENGTH * sizeof(WCHAR)
1645 {
1646 ERR("Password too long (%lu, maximum 512)\n", LogonInfo->Password.Length);
1647 return STATUS_NAME_TOO_LONG;
1648 }
1649#endif
1650
1651 /* Fix-up pointers in the authentication info */
1652 PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
1653
1654 /* LogonDomainName is optional and can be an empty string */
1655 if (LogonInfo->LogonDomainName.Length)
1656 {
1657 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
1658 LogonInfo->LogonDomainName.Buffer = FIXUP_POINTER(LogonInfo->LogonDomainName.Buffer, PtrOffset);
1659 LogonInfo->LogonDomainName.MaximumLength = LogonInfo->LogonDomainName.Length;
1660 }
1661 else
1662 {
1663 LogonInfo->LogonDomainName.Buffer = NULL;
1664 LogonInfo->LogonDomainName.MaximumLength = 0;
1665 }
1666 Status = RtlValidateUnicodeString(0, &LogonInfo->LogonDomainName);
1667 if (!NT_SUCCESS(Status))
1668 return STATUS_INVALID_PARAMETER;
1669
1670 /* UserName is mandatory and cannot be an empty string */
1671 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
1672 LogonInfo->UserName.Buffer = FIXUP_POINTER(LogonInfo->UserName.Buffer, PtrOffset);
1673 LogonInfo->UserName.MaximumLength = LogonInfo->UserName.Length;
1674
1675 Status = RtlValidateUnicodeString(0, &LogonInfo->UserName);
1676 if (!NT_SUCCESS(Status))
1677 return STATUS_INVALID_PARAMETER;
1678
1679 /* MS docs says max length is 0xFF bytes. But thats not the full story:
1680 *
1681 * A Quote from https://groups.google.com/forum/#!topic/microsoft.public.win32.programmer.kernel/eFGcCo_ZObk:
1682 * "... At least on my WinXP SP2. Domain and UserName are passed
1683 * in clear text, but the Password is NOT. ..."
1684 *
1685 * If the higher byte of length != 0 we have to use RtlRunDecodeUnicodeString.
1686 */
1687 LogonPassHash = (LogonInfo->Password.Length >> 8) & 0xFF;
1688 LogonInfo->Password.Length = LogonInfo->Password.Length & 0xFF;
1689
1690 /* Password is optional and can be an empty string */
1691 if (LogonInfo->Password.Length)
1692 {
1693 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
1694 LogonInfo->Password.Buffer = FIXUP_POINTER(LogonInfo->Password.Buffer, PtrOffset);
1695 LogonInfo->Password.MaximumLength = LogonInfo->Password.Length;
1696 }
1697 else
1698 {
1699 LogonInfo->Password.Buffer = NULL;
1700 LogonInfo->Password.MaximumLength = 0;
1701 }
1702
1703 /* Decode password */
1704 if (LogonPassHash > 0)
1705 {
1706 RtlRunDecodeUnicodeString(LogonPassHash, &LogonInfo->Password);
1707 }
1708
1709 /* ErasePassword will be "erased" before we return */
1710 ErasePassword = &LogonInfo->Password;
1711
1712 Status = RtlValidateUnicodeString(0, &LogonInfo->Password);
1713 if (!NT_SUCCESS(Status))
1714 return STATUS_INVALID_PARAMETER;
1715
1716 LogonUserName = &LogonInfo->UserName;
1717 LogonDomain = &LogonInfo->LogonDomainName;
1718 LogonPwdData.IsNetwork = FALSE;
1719 LogonPwdData.PlainPwd = &LogonInfo->Password;
1720 LogonPwdData.ComputerName = &ComputerName;
1721
1722 TRACE("Domain: %wZ\n", &LogonInfo->LogonDomainName);
1723 TRACE("User: %wZ\n", &LogonInfo->UserName);
1724 TRACE("Password: %wZ\n", &LogonInfo->Password);
1725
1726 // TODO: If LogonType == Service, do some extra work using LogonInfo->Password.
1727 }
1728 else if (LogonType == Network)
1729 {
1730 Status = LsaApLogonUserEx2_Network(ClientRequest,
1731 ProtocolSubmitBuffer,
1732 ClientBufferBase,
1733 SubmitBufferSize,
1734 &ComputerName,
1735 &LogonUserName,
1736 &LogonDomain,
1737 &LogonPwdData,
1738 &UserHandle,
1739 &UserInfo,
1740 &AccountDomainSid,
1741 &SpecialAccount,
1742 (PMSV1_0_LM20_LOGON_PROFILE*)ProfileBuffer,
1743 ProfileBufferSize,
1744 SubStatus);
1745 if (!NT_SUCCESS(Status))
1746 goto done;
1747 }
1748 else
1749 {
1750 FIXME("LogonType %lu is not supported yet!\n", LogonType);
1751 return STATUS_NOT_IMPLEMENTED;
1752 }
1753 // TODO: Add other LogonType validity checks.
1754
1755 Status = SamValidateUser(LogonType,
1756 LogonUserName,
1757 LogonDomain,
1758 &LogonPwdData,
1759 &ComputerName,
1760 &SpecialAccount,
1761 &AccountDomainSid,
1762 &UserHandle,
1763 &UserInfo,
1764 SubStatus);
1765 if (!NT_SUCCESS(Status))
1766 goto done;
1767
1768 /* Return logon information */
1769
1770 /* Create and return a new logon id */
1771 Status = NtAllocateLocallyUniqueId(LogonId);
1772 if (!NT_SUCCESS(Status))
1773 {
1774 TRACE("NtAllocateLocallyUniqueId failed (Status %08lx)\n", Status);
1775 goto done;
1776 }
1777
1778 /* Create the logon session */
1779 Status = DispatchTable.CreateLogonSession(LogonId);
1780 if (!NT_SUCCESS(Status))
1781 {
1782 TRACE("CreateLogonSession failed (Status %08lx)\n", Status);
1783 goto done;
1784 }
1785
1786 SessionCreated = TRUE;
1787
1788 LogonEntry = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(LOGON_LIST_ENTRY));
1789 if (LogonEntry)
1790 {
1791 RtlCopyMemory(&LogonEntry->LogonId, LogonId, sizeof(LUID));
1792 LogonEntry->EnumHandle = EnumCounter;
1793 EnumCounter++;
1794
1795 TRACE("Logon User: %wZ %wZ %lx\n", LogonUserName, LogonDomain, LogonId->LowPart);
1796 LogonEntry->UserName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, LogonUserName->MaximumLength);
1797 if (LogonEntry->UserName.Buffer)
1798 {
1799 LogonEntry->UserName.MaximumLength = LogonUserName->MaximumLength;
1800 RtlCopyUnicodeString(&LogonEntry->UserName, LogonUserName);
1801 }
1802
1803 LogonEntry->LogonDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, LogonDomain->MaximumLength);
1804 if (LogonEntry->LogonDomainName.Buffer)
1805 {
1806 LogonEntry->LogonDomainName.MaximumLength = LogonDomain->MaximumLength;
1807 RtlCopyUnicodeString(&LogonEntry->LogonDomainName, LogonDomain);
1808 }
1809
1810 LogonEntry->LogonServer.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, ComputerName.MaximumLength);
1811 if (LogonEntry->LogonServer.Buffer)
1812 {
1813 LogonEntry->LogonServer.MaximumLength = ComputerName.MaximumLength;
1814 RtlCopyUnicodeString(&LogonEntry->LogonServer, &ComputerName);
1815 }
1816
1817 LogonEntry->LogonType = LogonType;
1818
1819 RtlAcquireResourceExclusive(&LogonListResource, TRUE);
1820 InsertTailList(&LogonListHead, &LogonEntry->ListEntry);
1821 RtlReleaseResource(&LogonListResource);
1822 }
1823
1824 if (LogonType == Interactive || LogonType == Batch || LogonType == Service)
1825 {
1826 /* Build and fill the interactive profile buffer */
1827 Status = BuildInteractiveProfileBuffer(ClientRequest,
1828 UserInfo,
1829 ComputerName.Buffer,
1830 (PMSV1_0_INTERACTIVE_PROFILE*)ProfileBuffer,
1831 ProfileBufferSize);
1832 if (!NT_SUCCESS(Status))
1833 {
1834 TRACE("BuildInteractiveProfileBuffer failed (Status %08lx)\n", Status);
1835 goto done;
1836 }
1837 }
1838 else if (LogonType == Network)
1839 {
1840 //FIXME: no need to do anything, its already done ...
1841 }
1842
1843 /* Return the token information type */
1844 *TokenInformationType = LsaTokenInformationV1;
1845
1846 /* Build and fill the token information buffer */
1847 Status = BuildTokenInformationBuffer((PLSA_TOKEN_INFORMATION_V1*)TokenInformation,
1848 AccountDomainSid,
1849 UserInfo,
1850 SpecialAccount);
1851 if (!NT_SUCCESS(Status))
1852 {
1853 TRACE("BuildTokenInformationBuffer failed (Status %08lx)\n", Status);
1854 goto done;
1855 }
1856
1857done:
1858 /* Erase password */
1859 if (ErasePassword)
1860 {
1861 RtlEraseUnicodeString(ErasePassword);
1862 }
1863
1864 /* Update the logon time/count or the bad password time/count */
1865 if ((UserHandle != NULL) &&
1866 (Status == STATUS_SUCCESS || Status == STATUS_WRONG_PASSWORD))
1867 {
1868 SAMPR_USER_INFO_BUFFER InternalInfo;
1869
1870 RtlZeroMemory(&InternalInfo, sizeof(InternalInfo));
1871
1872 if (Status == STATUS_SUCCESS)
1873 InternalInfo.Internal2.Flags = USER_LOGON_SUCCESS;
1874 else
1875 InternalInfo.Internal2.Flags = USER_LOGON_BAD_PASSWORD;
1876
1877 SamrSetInformationUser(UserHandle,
1878 UserInternal2Information,
1879 &InternalInfo);
1880 }
1881
1882 if (NT_SUCCESS(Status))
1883 {
1884 /* Return the account name */
1885 *AccountName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1886 if ((LogonUserName != NULL) &&
1887 (*AccountName != NULL))
1888 {
1889 (*AccountName)->Buffer = DispatchTable.AllocateLsaHeap(LogonUserName->Length +
1890 sizeof(UNICODE_NULL));
1891 if ((*AccountName)->Buffer != NULL)
1892 {
1893 (*AccountName)->MaximumLength = LogonUserName->Length +
1894 sizeof(UNICODE_NULL);
1895 RtlCopyUnicodeString(*AccountName, LogonUserName);
1896 }
1897 }
1898
1899 /* Return the authenticating authority */
1900 *AuthenticatingAuthority = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1901 if ((LogonDomain != NULL) &&
1902 (*AuthenticatingAuthority != NULL))
1903 {
1904 (*AuthenticatingAuthority)->Buffer = DispatchTable.AllocateLsaHeap(LogonDomain->Length +
1905 sizeof(UNICODE_NULL));
1906 if ((*AuthenticatingAuthority)->Buffer != NULL)
1907 {
1908 (*AuthenticatingAuthority)->MaximumLength = LogonDomain->Length +
1909 sizeof(UNICODE_NULL);
1910 RtlCopyUnicodeString(*AuthenticatingAuthority, LogonDomain);
1911 }
1912 }
1913
1914 /* Return the machine name */
1915 *MachineName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1916 if (*MachineName != NULL)
1917 {
1918 (*MachineName)->Buffer = DispatchTable.AllocateLsaHeap(ComputerName.MaximumLength);
1919 if ((*MachineName)->Buffer != NULL)
1920 {
1921 (*MachineName)->MaximumLength = ComputerName.MaximumLength;
1922 (*MachineName)->Length = ComputerName.Length;
1923 RtlCopyMemory((*MachineName)->Buffer,
1924 ComputerName.Buffer,
1925 ComputerName.MaximumLength);
1926 }
1927 }
1928 }
1929
1930 if (!NT_SUCCESS(Status))
1931 {
1932 if (SessionCreated != FALSE)
1933 DispatchTable.DeleteLogonSession(LogonId);
1934
1935 if (*ProfileBuffer != NULL)
1936 {
1937 DispatchTable.FreeClientBuffer(ClientRequest,
1938 *ProfileBuffer);
1939 *ProfileBuffer = NULL;
1940 }
1941 }
1942
1943 if (UserHandle != NULL)
1944 SamrCloseHandle(&UserHandle);
1945
1946 SamIFree_SAMPR_USER_INFO_BUFFER(UserInfo,
1947 UserAllInformation);
1948
1949 if (AccountDomainSid != NULL)
1950 RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);
1951
1952 if (Status == STATUS_NO_SUCH_USER ||
1953 Status == STATUS_WRONG_PASSWORD)
1954 {
1955 *SubStatus = Status;
1956 Status = STATUS_LOGON_FAILURE;
1957 }
1958
1959 TRACE("LsaApLogonUserEx2 done (Status 0x%08lx, SubStatus 0x%08lx)\n", Status, *SubStatus);
1960
1961 return Status;
1962}
BOOLEAN
unsigned char BOOLEAN
Definition: actypes.h:127
LsaTokenInformationV1
@ LsaTokenInformationV1
Definition: authpackage.c:17
SamrCloseHandle
NTSTATUS __stdcall SamrCloseHandle(SAMPR_HANDLE *SamHandle)
FIXME
#define FIXME(fmt,...)
Definition: precomp.h:53
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:616
GetComputerNameW
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:446
Network
@ Network
Definition: devicetopology.idl:192
FALSE
#define FALSE
Definition: types.h:117
ARRAYSIZE
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
InsertTailList
#define InsertTailList(ListHead, Entry)
Definition: env_spec_w32.h:1003
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
LsaApLogonUserEx2_Network
static NTSTATUS LsaApLogonUserEx2_Network(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferSize, _In_ PUNICODE_STRING ComputerName, _Out_ PUNICODE_STRING *LogonUserRef, _Out_ PUNICODE_STRING *LogonDomainRef, _Inout_ PLSA_SAM_PWD_DATA LogonPwdData, _Out_ SAMPR_HANDLE *UserHandlePtr, _Out_ PSAMPR_USER_INFO_BUFFER *UserInfoPtr, _Out_ PRPC_SID *AccountDomainSidPtr, _Out_ PBOOL SpecialAccount, _Out_ PMSV1_0_LM20_LOGON_PROFILE *LogonProfile, _Out_ PULONG LogonProfileSize, _Out_ PNTSTATUS SubStatus)
Definition: msv1_0.c:1471
BuildTokenInformationBuffer
static NTSTATUS BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1 *TokenInformation, PRPC_SID AccountDomainSid, PSAMPR_USER_INFO_BUFFER UserInfo, BOOL SpecialAccount)
Definition: msv1_0.c:485
BuildInteractiveProfileBuffer
static NTSTATUS BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PSAMPR_USER_INFO_BUFFER UserInfo, IN PWSTR ComputerName, OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer, OUT PULONG ProfileBufferLength)
Definition: msv1_0.c:63
SamIFree_SAMPR_USER_INFO_BUFFER
VOID NTAPI SamIFree_SAMPR_USER_INFO_BUFFER(PSAMPR_USER_INFO_BUFFER Ptr, USER_INFORMATION_CLASS InformationClass)
Definition: samsrv.c:540
SamrSetInformationUser
NTSTATUS NTAPI SamrSetInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, IN PSAMPR_USER_INFO_BUFFER Buffer)
Definition: samrpc.c:7848
USER_LOGON_SUCCESS
#define USER_LOGON_SUCCESS
Definition: sam.idl:649
FIXUP_POINTER
#define FIXUP_POINTER(Pointer, Offset)
Definition: msv1_0.h:9
USER_LOGON_BAD_PASSWORD
#define USER_LOGON_BAD_PASSWORD
Definition: sam.idl:648
RtlEraseUnicodeString
NTSYSAPI VOID NTAPI RtlEraseUnicodeString(_Inout_ PUNICODE_STRING String)
RtlValidateUnicodeString
NTSYSAPI NTSTATUS NTAPI RtlValidateUnicodeString(_In_ ULONG Flags, _In_ PCUNICODE_STRING String)
Definition: unicode.c:2558
RtlCopyUnicodeString
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)
UNICODE_NULL
#define UNICODE_NULL
LogonType
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
Definition: ntifs.template.h:708
SubStatus
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
Definition: ntifs.template.h:719
NtAllocateLocallyUniqueId
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:348
UserInternal2Information
@ UserInternal2Information
Definition: ntsam.h:532
UserAllInformation
@ UserAllInformation
Definition: ntsam.h:534
STATUS_INTERNAL_ERROR
#define STATUS_INTERNAL_ERROR
Definition: ntstatus.h:559
STATUS_WRONG_PASSWORD
#define STATUS_WRONG_PASSWORD
Definition: ntstatus.h:436
STATUS_BAD_VALIDATION_CLASS
#define STATUS_BAD_VALIDATION_CLASS
Definition: ntstatus.h:497
STATUS_NO_SUCH_USER
#define STATUS_NO_SUCH_USER
Definition: ntstatus.h:430
STATUS_LOGON_FAILURE
#define STATUS_LOGON_FAILURE
Definition: ntstatus.h:439
STATUS_NAME_TOO_LONG
#define STATUS_NAME_TOO_LONG
Definition: ntstatus.h:592
Interactive
@ Interactive
Definition: ntsecapi.h:289
Service
@ Service
Definition: ntsecapi.h:292
Batch
@ Batch
Definition: ntsecapi.h:291
PMSV1_0_INTERACTIVE_LOGON
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
MsV1_0WorkstationUnlockLogon
@ MsV1_0WorkstationUnlockLogon
Definition: ntsecapi.h:203
MsV1_0InteractiveLogon
@ MsV1_0InteractiveLogon
Definition: ntsecapi.h:199
SamValidateUser
NTSTATUS SamValidateUser(_In_ SECURITY_LOGON_TYPE LogonType, _In_ PUNICODE_STRING LogonUserName, _In_ PUNICODE_STRING LogonDomain, _In_ PLSA_SAM_PWD_DATA LogonPwdData, _In_ PUNICODE_STRING ComputerName, _Out_ PBOOL SpecialAccount, _Out_ PRPC_SID *AccountDomainSidPtr, _Out_ SAMPR_HANDLE *UserHandlePtr, _Out_ PSAMPR_USER_INFO_BUFFER *UserInfoPtr, _Out_ PNTSTATUS SubStatus)
Validates a user by checking if it exists in the sam database. Some other checks are done further.
Definition: sam.c:460
RtlRunDecodeUnicodeString
VOID NTAPI RtlRunDecodeUnicodeString(IN UCHAR Hash, IN OUT PUNICODE_STRING String)
Definition: encode.c:20
MachineName
_In_ DWORD _Out_ PDWORD _In_opt_ PCSTR MachineName
Definition: setupapi.h:1296
_LOGON_LIST_ENTRY::LogonType
SECURITY_LOGON_TYPE LogonType
Definition: msv1_0.c:23
_LOGON_LIST_ENTRY::EnumHandle
ULONG EnumHandle
Definition: msv1_0.c:19
_LSA_SAM_PWD_DATA
Definition: sam.h:18
_LSA_SAM_PWD_DATA::PlainPwd
PUNICODE_STRING PlainPwd
Definition: sam.h:22
_LSA_SAM_PWD_DATA::ComputerName
PUNICODE_STRING ComputerName
Definition: sam.h:26
_LSA_SAM_PWD_DATA::IsNetwork
BOOL IsNetwork
Definition: sam.h:21
_LUID
Definition: devicetopology.idl:137
_MSV1_0_INTERACTIVE_LOGON
Definition: ntsecapi.h:433
_MSV1_0_INTERACTIVE_LOGON::Password
UNICODE_STRING Password
Definition: ntsecapi.h:437
_MSV1_0_INTERACTIVE_LOGON::UserName
UNICODE_STRING UserName
Definition: ntsecapi.h:436
_MSV1_0_INTERACTIVE_LOGON::MessageType
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:434
_MSV1_0_INTERACTIVE_LOGON::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:435
_RPC_SID
Definition: msv1_0.h:13
_SAMPR_USER_INTERNAL2_INFORMATION::Flags
unsigned long Flags
Definition: msv1_0.h:71
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
_SAMPR_USER_INFO_BUFFER
Definition: msv1_0.h:116
_SAMPR_USER_INFO_BUFFER::Internal2
SAMPR_USER_INTERNAL2_INFORMATION Internal2
Definition: msv1_0.h:137
MAX_COMPUTERNAME_LENGTH
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:267

◆ LsaApLogonUserEx2_Network()

static NTSTATUS LsaApLogonUserEx2_Network ( _In_ PLSA_CLIENT_REQUEST  ClientRequest,
_In_ PVOID  ProtocolSubmitBuffer,
_In_ PVOID  ClientBufferBase,
_In_ ULONG  SubmitBufferSize,
_In_ PUNICODE_STRING  ComputerName,
_Out_ PUNICODE_STRING LogonUserRef,
_Out_ PUNICODE_STRING LogonDomainRef,
_Inout_ PLSA_SAM_PWD_DATA  LogonPwdData,
_Out_ SAMPR_HANDLE UserHandlePtr,
_Out_ PSAMPR_USER_INFO_BUFFER UserInfoPtr,
_Out_ PRPC_SID AccountDomainSidPtr,
_Out_ PBOOL  SpecialAccount,
_Out_ PMSV1_0_LM20_LOGON_PROFILE LogonProfile,
_Out_ PULONG  LogonProfileSize,
_Out_ PNTSTATUS  SubStatus 
)
static

Definition at line 1471 of file msv1_0.c.

1487{
1488 NTSTATUS Status;
1489 PMSV1_0_LM20_LOGON LogonInfo;
1490 ULONG_PTR PtrOffset;
1491
1492 *LogonProfile = NULL;
1493 *LogonProfileSize = 0;
1494 *UserInfoPtr = NULL;
1495 *AccountDomainSidPtr = NULL;
1496 *SpecialAccount = FALSE;
1497 LogonInfo = ProtocolSubmitBuffer;
1498
1499 if (SubmitBufferSize < sizeof(MSV1_0_LM20_LOGON))
1500 {
1501 ERR("Invalid SubmitBufferSize %lu\n", SubmitBufferSize);
1502 return STATUS_INVALID_PARAMETER;
1503 }
1504
1505 /* Fix-up pointers in the authentication info */
1506 PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
1507
1508 if ((!NtlmFixupAndValidateUStr(&LogonInfo->LogonDomainName, PtrOffset)) ||
1509 (!NtlmFixupAndValidateUStr(&LogonInfo->UserName, PtrOffset)) ||
1510 (!NtlmFixupAndValidateUStr(&LogonInfo->Workstation, PtrOffset)) ||
1511 (!NtlmFixupAStr(&LogonInfo->CaseSensitiveChallengeResponse, PtrOffset)) ||
1512 (!NtlmFixupAStr(&LogonInfo->CaseInsensitiveChallengeResponse, PtrOffset)))
1513 {
1514 return STATUS_INVALID_PARAMETER;
1515 }
1516
1517 LogonPwdData->IsNetwork = TRUE;
1518 LogonPwdData->LogonInfo = LogonInfo;
1519 LogonPwdData->ComputerName = ComputerName;
1520 Status = SamValidateUser(Network,
1521 &LogonInfo->UserName,
1522 &LogonInfo->LogonDomainName,
1523 LogonPwdData,
1524 ComputerName,
1525 SpecialAccount,
1526 AccountDomainSidPtr,
1527 UserHandlePtr,
1528 UserInfoPtr,
1529 SubStatus);
1530 if (!NT_SUCCESS(Status))
1531 {
1532 ERR("SamValidateUser failed with 0x%lx\n", Status);
1533 return Status;
1534 }
1535
1536 if (LogonInfo->ParameterControl & MSV1_0_RETURN_PROFILE_PATH)
1537 {
1538 Status = BuildLm20LogonProfileBuffer(ClientRequest,
1539 *UserInfoPtr,
1540 LogonPwdData,
1541 LogonProfile,
1542 LogonProfileSize);
1543 if (!NT_SUCCESS(Status))
1544 {
1545 ERR("BuildLm20LogonProfileBuffer failed with 0x%lx\n", Status);
1546 return Status;
1547 }
1548 }
1549
1550 *LogonUserRef = &LogonInfo->UserName;
1551 *LogonDomainRef = &LogonInfo->LogonDomainName;
1552
1553 return Status;
1554}
NtlmFixupAndValidateUStr
bool NtlmFixupAndValidateUStr(_Inout_ PUNICODE_STRING String, _In_ ULONG_PTR FixupOffset)
Definition: util.c:223
NtlmFixupAStr
bool NtlmFixupAStr(_Inout_ PSTRING String, _In_ ULONG_PTR FixupOffset)
Definition: util.c:245
BuildLm20LogonProfileBuffer
static NTSTATUS BuildLm20LogonProfileBuffer(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PSAMPR_USER_INFO_BUFFER UserInfo, _In_ PLSA_SAM_PWD_DATA LogonPwdData, _Out_ PMSV1_0_LM20_LOGON_PROFILE *ProfileBuffer, _Out_ PULONG ProfileBufferLength)
Definition: msv1_0.c:219
MSV1_0_RETURN_PROFILE_PATH
#define MSV1_0_RETURN_PROFILE_PATH
Definition: ntsecapi.h:47
_MSV1_0_LM20_LOGON
Definition: ntsecapi.h:457
_MSV1_0_LM20_LOGON::UserName
UNICODE_STRING UserName
Definition: ntsecapi.h:460
_MSV1_0_LM20_LOGON::CaseInsensitiveChallengeResponse
STRING CaseInsensitiveChallengeResponse
Definition: ntsecapi.h:464
_MSV1_0_LM20_LOGON::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:459
_MSV1_0_LM20_LOGON::Workstation
UNICODE_STRING Workstation
Definition: ntsecapi.h:461
_MSV1_0_LM20_LOGON::ParameterControl
ULONG ParameterControl
Definition: ntsecapi.h:465
_MSV1_0_LM20_LOGON::CaseSensitiveChallengeResponse
STRING CaseSensitiveChallengeResponse
Definition: ntsecapi.h:463

Referenced by LsaApLogonUserEx2().

◆ MsvpChangePassword()

static NTSTATUS MsvpChangePassword ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PVOID  ProtocolSubmitBuffer,
IN PVOID  ClientBufferBase,
IN ULONG  SubmitBufferLength,
OUT PVOID ProtocolReturnBuffer,
OUT PULONG  ReturnBufferLength,
OUT PNTSTATUS  ProtocolStatus 
)
static

Definition at line 570 of file msv1_0.c.

577{
578 NTSTATUS Status;
579 PMSV1_0_CHANGEPASSWORD_REQUEST RequestBuffer;
580 ULONG_PTR PtrOffset;
581
582 SAMPR_HANDLE ServerHandle = NULL;
583 SAMPR_HANDLE DomainHandle = NULL;
584 SAMPR_HANDLE UserHandle = NULL;
585 PRPC_SID DomainSid = NULL;
586 RPC_UNICODE_STRING Names[1];
587 SAMPR_ULONG_ARRAY RelativeIds = {0, NULL};
588 SAMPR_ULONG_ARRAY Use = {0, NULL};
589
590 ENCRYPTED_NT_OWF_PASSWORD OldNtPassword;
591 ENCRYPTED_NT_OWF_PASSWORD NewNtPassword;
592 ENCRYPTED_LM_OWF_PASSWORD OldLmPassword;
593 ENCRYPTED_LM_OWF_PASSWORD NewLmPassword;
594 OEM_STRING LmPwdString;
595 CHAR LmPwdBuffer[15];
596 BOOLEAN OldLmPasswordPresent = FALSE;
597 BOOLEAN NewLmPasswordPresent = FALSE;
598
599 ENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm;
600 ENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm;
601 ENCRYPTED_LM_OWF_PASSWORD OldNtEncryptedWithNewNt;
602 ENCRYPTED_LM_OWF_PASSWORD NewNtEncryptedWithOldNt;
603 PENCRYPTED_LM_OWF_PASSWORD pOldLmEncryptedWithNewLm = NULL;
604 PENCRYPTED_LM_OWF_PASSWORD pNewLmEncryptedWithOldLm = NULL;
605
606 TRACE("MsvpChangePassword()\n");
607
608 /* Parameters validation */
609
610 if (SubmitBufferLength < sizeof(MSV1_0_CHANGEPASSWORD_REQUEST))
611 {
612 ERR("Invalid SubmitBufferLength %lu\n", SubmitBufferLength);
613 return STATUS_INVALID_PARAMETER;
614 }
615
616 RequestBuffer = (PMSV1_0_CHANGEPASSWORD_REQUEST)ProtocolSubmitBuffer;
617 ASSERT(RequestBuffer->MessageType == MsV1_0ChangePassword);
618
619 /* Fix-up pointers in the request buffer info */
620 PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
621
622 Status = RtlValidateUnicodeString(0, &RequestBuffer->DomainName);
623 if (!NT_SUCCESS(Status))
624 return STATUS_INVALID_PARAMETER;
625 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
626 RequestBuffer->DomainName.Buffer = FIXUP_POINTER(RequestBuffer->DomainName.Buffer, PtrOffset);
627 RequestBuffer->DomainName.MaximumLength = RequestBuffer->DomainName.Length;
628
629 Status = RtlValidateUnicodeString(0, &RequestBuffer->AccountName);
630 if (!NT_SUCCESS(Status))
631 return STATUS_INVALID_PARAMETER;
632 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
633 RequestBuffer->AccountName.Buffer = FIXUP_POINTER(RequestBuffer->AccountName.Buffer, PtrOffset);
634 RequestBuffer->AccountName.MaximumLength = RequestBuffer->AccountName.Length;
635
636 Status = RtlValidateUnicodeString(0, &RequestBuffer->OldPassword);
637 if (!NT_SUCCESS(Status))
638 return STATUS_INVALID_PARAMETER;
639 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
640 RequestBuffer->OldPassword.Buffer = FIXUP_POINTER(RequestBuffer->OldPassword.Buffer, PtrOffset);
641 RequestBuffer->OldPassword.MaximumLength = RequestBuffer->OldPassword.Length;
642
643 Status = RtlValidateUnicodeString(0, &RequestBuffer->NewPassword);
644 if (!NT_SUCCESS(Status))
645 return STATUS_INVALID_PARAMETER;
646 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
647 RequestBuffer->NewPassword.Buffer = FIXUP_POINTER(RequestBuffer->NewPassword.Buffer, PtrOffset);
648 RequestBuffer->NewPassword.MaximumLength = RequestBuffer->NewPassword.Length;
649
650 TRACE("Domain: %S\n", RequestBuffer->DomainName.Buffer);
651 TRACE("Account: %S\n", RequestBuffer->AccountName.Buffer);
652 TRACE("Old Password: %S\n", RequestBuffer->OldPassword.Buffer);
653 TRACE("New Password: %S\n", RequestBuffer->NewPassword.Buffer);
654
655 /* Connect to the SAM server */
656 Status = SamIConnect(NULL,
657 &ServerHandle,
658 SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
659 TRUE);
660 if (!NT_SUCCESS(Status))
661 {
662 TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status);
663 goto done;
664 }
665
666 /* Get the domain SID */
667 Status = SamrLookupDomainInSamServer(ServerHandle,
668 (PRPC_UNICODE_STRING)&RequestBuffer->DomainName,
669 &DomainSid);
670 if (!NT_SUCCESS(Status))
671 {
672 TRACE("SamrLookupDomainInSamServer failed (Status %08lx)\n", Status);
673 goto done;
674 }
675
676 /* Open the domain */
677 Status = SamrOpenDomain(ServerHandle,
678 DOMAIN_LOOKUP,
679 DomainSid,
680 &DomainHandle);
681 if (!NT_SUCCESS(Status))
682 {
683 TRACE("SamrOpenDomain failed (Status %08lx)\n", Status);
684 goto done;
685 }
686
687 Names[0].Length = RequestBuffer->AccountName.Length;
688 Names[0].MaximumLength = RequestBuffer->AccountName.MaximumLength;
689 Names[0].Buffer = RequestBuffer->AccountName.Buffer;
690
691 /* Try to get the RID for the user name */
692 Status = SamrLookupNamesInDomain(DomainHandle,
693 1,
694 Names,
695 &RelativeIds,
696 &Use);
697 if (!NT_SUCCESS(Status))
698 {
699 TRACE("SamrLookupNamesInDomain failed (Status %08lx)\n", Status);
700 Status = STATUS_NO_SUCH_USER;
701 goto done;
702 }
703
704 /* Fail, if it is not a user account */
705 if (Use.Element[0] != SidTypeUser)
706 {
707 TRACE("Account is not a user account!\n");
708 Status = STATUS_NO_SUCH_USER;
709 goto done;
710 }
711
712 /* Open the user object */
713 Status = SamrOpenUser(DomainHandle,
714 USER_CHANGE_PASSWORD,
715 RelativeIds.Element[0],
716 &UserHandle);
717 if (!NT_SUCCESS(Status))
718 {
719 TRACE("SamrOpenUser failed (Status %08lx)\n", Status);
720 goto done;
721 }
722
723
724 /* Calculate the NT hash for the old password */
725 Status = SystemFunction007(&RequestBuffer->OldPassword,
726 (LPBYTE)&OldNtPassword);
727 if (!NT_SUCCESS(Status))
728 {
729 TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
730 goto done;
731 }
732
733 /* Calculate the NT hash for the new password */
734 Status = SystemFunction007(&RequestBuffer->NewPassword,
735 (LPBYTE)&NewNtPassword);
736 if (!NT_SUCCESS(Status))
737 {
738 TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
739 goto done;
740 }
741
742 /* Calculate the LM password and hash for the old password */
743 LmPwdString.Length = 15;
744 LmPwdString.MaximumLength = 15;
745 LmPwdString.Buffer = LmPwdBuffer;
746 ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
747
748 Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
749 &RequestBuffer->OldPassword,
750 FALSE);
751 if (NT_SUCCESS(Status))
752 {
753 /* Calculate the LM hash value of the password */
754 Status = SystemFunction006(LmPwdString.Buffer,
755 (LPSTR)&OldLmPassword);
756 if (NT_SUCCESS(Status))
757 {
758 OldLmPasswordPresent = TRUE;
759 }
760 }
761
762 /* Calculate the LM password and hash for the new password */
763 LmPwdString.Length = 15;
764 LmPwdString.MaximumLength = 15;
765 LmPwdString.Buffer = LmPwdBuffer;
766 ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
767
768 Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
769 &RequestBuffer->NewPassword,
770 FALSE);
771 if (NT_SUCCESS(Status))
772 {
773 /* Calculate the LM hash value of the password */
774 Status = SystemFunction006(LmPwdString.Buffer,
775 (LPSTR)&NewLmPassword);
776 if (NT_SUCCESS(Status))
777 {
778 NewLmPasswordPresent = TRUE;
779 }
780 }
781
782 /* Encrypt the old and new LM passwords, if they exist */
783 if (OldLmPasswordPresent && NewLmPasswordPresent)
784 {
785 /* Encrypt the old LM password */
786 Status = SystemFunction012((const BYTE *)&OldLmPassword,
787 (const BYTE *)&NewLmPassword,
788 (LPBYTE)&OldLmEncryptedWithNewLm);
789 if (!NT_SUCCESS(Status))
790 {
791 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
792 goto done;
793 }
794
795 /* Encrypt the new LM password */
796 Status = SystemFunction012((const BYTE *)&NewLmPassword,
797 (const BYTE *)&OldLmPassword,
798 (LPBYTE)&NewLmEncryptedWithOldLm);
799 if (!NT_SUCCESS(Status))
800 {
801 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
802 goto done;
803 }
804
805 pOldLmEncryptedWithNewLm = &OldLmEncryptedWithNewLm;
806 pNewLmEncryptedWithOldLm = &NewLmEncryptedWithOldLm;
807 }
808
809 /* Encrypt the old NT password */
810 Status = SystemFunction012((const BYTE *)&OldNtPassword,
811 (const BYTE *)&NewNtPassword,
812 (LPBYTE)&OldNtEncryptedWithNewNt);
813 if (!NT_SUCCESS(Status))
814 {
815 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
816 goto done;
817 }
818
819 /* Encrypt the new NT password */
820 Status = SystemFunction012((const BYTE *)&NewNtPassword,
821 (const BYTE *)&OldNtPassword,
822 (LPBYTE)&NewNtEncryptedWithOldNt);
823 if (!NT_SUCCESS(Status))
824 {
825 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
826 goto done;
827 }
828
829 /* Change the password */
830 Status = SamrChangePasswordUser(UserHandle,
831 OldLmPasswordPresent && NewLmPasswordPresent,
832 pOldLmEncryptedWithNewLm,
833 pNewLmEncryptedWithOldLm,
834 TRUE,
835 &OldNtEncryptedWithNewNt,
836 &NewNtEncryptedWithOldNt,
837 FALSE,
838 NULL,
839 FALSE,
840 NULL);
841 if (!NT_SUCCESS(Status))
842 {
843 TRACE("SamrChangePasswordUser failed (Status %08lx)\n", Status);
844 goto done;
845 }
846
847done:
848 if (UserHandle != NULL)
849 SamrCloseHandle(&UserHandle);
850
851 SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
852 SamIFree_SAMPR_ULONG_ARRAY(&Use);
853
854 if (DomainHandle != NULL)
855 SamrCloseHandle(&DomainHandle);
856
857 if (DomainSid != NULL)
858 SamIFreeVoid(DomainSid);
859
860 if (ServerHandle != NULL)
861 SamrCloseHandle(&ServerHandle);
862
863 return Status;
864}
Names
PWSTR Names[]
Definition: RtlGenerate8dot3Name.c:34
SamrOpenDomain
NTSTATUS __stdcall SamrOpenDomain(SAMPR_HANDLE ServerHandle, ACCESS_MASK DesiredAccess, PRPC_SID DomainId, SAMPR_HANDLE *DomainHandle)
SamIFree_SAMPR_ULONG_ARRAY
VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr)
Definition: samsrv.c:524
SamIConnect
NTSTATUS NTAPI SamIConnect(PSAMPR_SERVER_NAME ServerName, SAMPR_HANDLE *ServerHandle, ACCESS_MASK DesiredAccess, BOOLEAN Trusted)
SystemFunction006
NTSTATUS WINAPI SystemFunction006(LPCSTR password, LPSTR hash)
Definition: crypt_lmhash.c:53
SamrLookupNamesInDomain
NTSTATUS NTAPI SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle, IN ULONG Count, IN RPC_UNICODE_STRING Names[], OUT PSAMPR_ULONG_ARRAY RelativeIds, OUT PSAMPR_ULONG_ARRAY Use)
Definition: samrpc.c:3464
SidTypeUser
@ SidTypeUser
Definition: lsa.idl:118
ZeroMemory
#define ZeroMemory
Definition: minwinbase.h:31
SamrChangePasswordUser
NTSTATUS NTAPI SamrChangePasswordUser(IN SAMPR_HANDLE UserHandle, IN unsigned char LmPresent, IN PENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm, IN unsigned char NtPresent, IN PENCRYPTED_NT_OWF_PASSWORD OldNtEncryptedWithNewNt, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithOldNt, IN unsigned char NtCrossEncryptionPresent, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithNewLm, IN unsigned char LmCrossEncryptionPresent, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithNewNt)
Definition: samrpc.c:7864
SamrLookupDomainInSamServer
NTSTATUS NTAPI SamrLookupDomainInSamServer(IN SAMPR_HANDLE ServerHandle, IN PRPC_UNICODE_STRING Name, OUT PRPC_SID *DomainId)
Definition: samrpc.c:504
SamrOpenUser
NTSTATUS NTAPI SamrOpenUser(IN SAMPR_HANDLE DomainHandle, IN ACCESS_MASK DesiredAccess, IN ULONG UserId, OUT SAMPR_HANDLE *UserHandle)
SamIFreeVoid
VOID NTAPI SamIFreeVoid(PVOID Ptr)
Definition: samsrv.c:155
RtlUpcaseUnicodeStringToOemString
NTSYSAPI NTSTATUS NTAPI RtlUpcaseUnicodeStringToOemString(POEM_STRING DestinationString, PCUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
DOMAIN_LOOKUP
#define DOMAIN_LOOKUP
Definition: ntsam.h:42
SAM_SERVER_LOOKUP_DOMAIN
#define SAM_SERVER_LOOKUP_DOMAIN
Definition: ntsam.h:104
SAM_SERVER_CONNECT
#define SAM_SERVER_CONNECT
Definition: ntsam.h:99
USER_CHANGE_PASSWORD
#define USER_CHANGE_PASSWORD
Definition: ntsam.h:132
CHAR
char CHAR
Definition: pedump.c:57
PMSV1_0_CHANGEPASSWORD_REQUEST
struct _MSV1_0_CHANGEPASSWORD_REQUEST * PMSV1_0_CHANGEPASSWORD_REQUEST
_ENCRYPTED_LM_OWF_PASSWORD
Definition: msv1_0.h:50
_LSA_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: ntsecapi.h:168
_LSA_UNICODE_STRING::Length
USHORT Length
Definition: ntsecapi.h:163
_LSA_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: ntsecapi.h:164
_MSV1_0_CHANGEPASSWORD_REQUEST
Definition: ntsecapi.h:510
_MSV1_0_CHANGEPASSWORD_REQUEST::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntsecapi.h:511
_MSV1_0_CHANGEPASSWORD_REQUEST::AccountName
UNICODE_STRING AccountName
Definition: ntsecapi.h:513
_MSV1_0_CHANGEPASSWORD_REQUEST::NewPassword
UNICODE_STRING NewPassword
Definition: ntsecapi.h:515
_MSV1_0_CHANGEPASSWORD_REQUEST::OldPassword
UNICODE_STRING OldPassword
Definition: ntsecapi.h:514
_MSV1_0_CHANGEPASSWORD_REQUEST::DomainName
UNICODE_STRING DomainName
Definition: ntsecapi.h:512
_RPC_UNICODE_STRING
Definition: msv1_0.h:21
_SAMPR_ULONG_ARRAY
Definition: lsasrv.h:86
_SAMPR_ULONG_ARRAY::Element
unsigned long * Element
Definition: lsasrv.h:88
SystemFunction012
NTSTATUS WINAPI SystemFunction012(const BYTE *in, const BYTE *key, LPBYTE out)
Definition: sysfunc.c:353
SystemFunction007
NTSTATUS WINAPI SystemFunction007(const UNICODE_STRING *string, LPBYTE hash)
Definition: sysfunc.c:245
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:53
LPSTR
char * LPSTR
Definition: typedefs.h:51
OEM_STRING
STRING OEM_STRING
Definition: umtypes.h:205
BYTE
unsigned char BYTE
Definition: xxhash.c:193

Referenced by LsaApCallPackage(), and LsaApCallPackageUntrusted().

◆ MsvpEnumerateUsers()

static NTSTATUS MsvpEnumerateUsers ( _In_ PLSA_CLIENT_REQUEST  ClientRequest,
_In_ PVOID  ProtocolSubmitBuffer,
_In_ PVOID  ClientBufferBase,
_In_ ULONG  SubmitBufferLength,
_Out_ PVOID ProtocolReturnBuffer,
_Out_ PULONG  ReturnBufferLength,
_Out_ PNTSTATUS  ProtocolStatus 
)
static

Definition at line 869 of file msv1_0.c.

877{
878 PMSV1_0_ENUMUSERS_REQUEST RequestBuffer;
879 PMSV1_0_ENUMUSERS_RESPONSE LocalBuffer = NULL;
880 PVOID ClientBaseAddress = NULL;
881 ULONG BufferLength;
882 PLIST_ENTRY CurrentEntry;
883 PLOGON_LIST_ENTRY LogonEntry;
884 ULONG LogonCount = 0;
885 PLUID LuidPtr;
886 PULONG EnumPtr;
887 NTSTATUS Status = STATUS_SUCCESS;
888
889 TRACE("MsvpEnumerateUsers()\n");
890
891 if (SubmitBufferLength < sizeof(MSV1_0_ENUMUSERS_REQUEST))
892 {
893 ERR("Invalid SubmitBufferLength %lu\n", SubmitBufferLength);
894 return STATUS_INVALID_PARAMETER;
895 }
896
897 RequestBuffer = (PMSV1_0_ENUMUSERS_REQUEST)ProtocolSubmitBuffer;
898 ASSERT(RequestBuffer->MessageType == MsV1_0EnumerateUsers);
899
900 RtlAcquireResourceShared(&LogonListResource, TRUE);
901
902 /* Count the currently logged-on users */
903 CurrentEntry = LogonListHead.Flink;
904 while (CurrentEntry != &LogonListHead)
905 {
906 LogonEntry = CONTAINING_RECORD(CurrentEntry,
907 LOGON_LIST_ENTRY,
908 ListEntry);
909
910 TRACE("Logon %lu: 0x%08lx\n", LogonCount, LogonEntry->LogonId.LowPart);
911 LogonCount++;
912
913 CurrentEntry = CurrentEntry->Flink;
914 }
915
916 TRACE("LogonCount %lu\n", LogonCount);
917
918 BufferLength = sizeof(MSV1_0_ENUMUSERS_RESPONSE) +
919 (LogonCount * sizeof(LUID)) +
920 (LogonCount * sizeof(ULONG));
921
922 LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength);
923 if (LocalBuffer == NULL)
924 {
925 ERR("Failed to allocate the local buffer!\n");
926 Status = STATUS_INSUFFICIENT_RESOURCES;
927 goto done;
928 }
929
930 Status = DispatchTable.AllocateClientBuffer(ClientRequest,
931 BufferLength,
932 &ClientBaseAddress);
933 if (!NT_SUCCESS(Status))
934 {
935 ERR("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
936 goto done;
937 }
938
939 TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
940
941 /* Fill the local buffer */
942 LocalBuffer->MessageType = MsV1_0EnumerateUsers;
943 LocalBuffer->NumberOfLoggedOnUsers = LogonCount;
944
945 LuidPtr = (PLUID)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_ENUMUSERS_RESPONSE));
946 EnumPtr = (PULONG)((ULONG_PTR)LuidPtr + LogonCount * sizeof(LUID));
947
948 LocalBuffer->LogonIds = (PLUID)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)LuidPtr - (ULONG_PTR)LocalBuffer);
949 LocalBuffer->EnumHandles = (PULONG)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)EnumPtr - (ULONG_PTR)LocalBuffer);
950
951 /* Copy the LogonIds and EnumHandles into the local buffer */
952 CurrentEntry = LogonListHead.Flink;
953 while (CurrentEntry != &LogonListHead)
954 {
955 LogonEntry = CONTAINING_RECORD(CurrentEntry,
956 LOGON_LIST_ENTRY,
957 ListEntry);
958
959 TRACE("Logon: 0x%08lx %lu\n", LogonEntry->LogonId.LowPart, LogonEntry->EnumHandle);
960 RtlCopyMemory(LuidPtr, &LogonEntry->LogonId, sizeof(LUID));
961 LuidPtr++;
962
963 *EnumPtr = LogonEntry->EnumHandle;
964 EnumPtr++;
965
966 CurrentEntry = CurrentEntry->Flink;
967 }
968
969 Status = DispatchTable.CopyToClientBuffer(ClientRequest,
970 BufferLength,
971 ClientBaseAddress,
972 LocalBuffer);
973 if (!NT_SUCCESS(Status))
974 {
975 ERR("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
976 goto done;
977 }
978
979 *ProtocolReturnBuffer = ClientBaseAddress;
980 *ReturnBufferLength = BufferLength;
981 *ProtocolStatus = STATUS_SUCCESS;
982
983done:
984 RtlReleaseResource(&LogonListResource);
985
986 if (LocalBuffer != NULL)
987 DispatchTable.FreeLsaHeap(LocalBuffer);
988
989 if (!NT_SUCCESS(Status))
990 {
991 if (ClientBaseAddress != NULL)
992 DispatchTable.FreeClientBuffer(ClientRequest,
993 ClientBaseAddress);
994 }
995
996 return Status;
997}
PLUID
struct _LUID * PLUID
Definition: devicetopology.idl:142
LUID
struct _LUID LUID
RtlAcquireResourceShared
NTSYSAPI BOOLEAN NTAPI RtlAcquireResourceShared(_In_ PRTL_RESOURCE Resource, _In_ BOOLEAN Wait)
PMSV1_0_ENUMUSERS_REQUEST
struct _MSV1_0_ENUMUSERS_REQUEST * PMSV1_0_ENUMUSERS_REQUEST
MSV1_0_ENUMUSERS_RESPONSE
struct _MSV1_0_ENUMUSERS_RESPONSE MSV1_0_ENUMUSERS_RESPONSE
_MSV1_0_ENUMUSERS_REQUEST
Definition: ntmsv1_0.h:20
_MSV1_0_ENUMUSERS_REQUEST::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:21
_MSV1_0_ENUMUSERS_RESPONSE
Definition: ntmsv1_0.h:25
_MSV1_0_ENUMUSERS_RESPONSE::NumberOfLoggedOnUsers
ULONG NumberOfLoggedOnUsers
Definition: ntmsv1_0.h:27
_MSV1_0_ENUMUSERS_RESPONSE::LogonIds
PLUID LogonIds
Definition: ntmsv1_0.h:28
_MSV1_0_ENUMUSERS_RESPONSE::EnumHandles
PULONG EnumHandles
Definition: ntmsv1_0.h:29
_MSV1_0_ENUMUSERS_RESPONSE::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:26
PULONG
uint32_t * PULONG
Definition: typedefs.h:59

Referenced by LsaApCallPackage().

◆ MsvpGetUserInfo()

static NTSTATUS MsvpGetUserInfo ( _In_ PLSA_CLIENT_REQUEST  ClientRequest,
_In_ PVOID  ProtocolSubmitBuffer,
_In_ PVOID  ClientBufferBase,
_In_ ULONG  SubmitBufferLength,
_Out_ PVOID ProtocolReturnBuffer,
_Out_ PULONG  ReturnBufferLength,
_Out_ PNTSTATUS  ProtocolStatus 
)
static

Definition at line 1002 of file msv1_0.c.

1010{
1011 PMSV1_0_GETUSERINFO_REQUEST RequestBuffer;
1012 PLOGON_LIST_ENTRY LogonEntry;
1013 PMSV1_0_GETUSERINFO_RESPONSE LocalBuffer = NULL;
1014 PVOID ClientBaseAddress = NULL;
1015 ULONG BufferLength;
1016 PWSTR BufferPtr;
1017 NTSTATUS Status = STATUS_SUCCESS;
1018
1019 TRACE("MsvpGetUserInfo()\n");
1020
1021 if (SubmitBufferLength < sizeof(MSV1_0_GETUSERINFO_REQUEST))
1022 {
1023 ERR("Invalid SubmitBufferLength %lu\n", SubmitBufferLength);
1024 return STATUS_INVALID_PARAMETER;
1025 }
1026
1027 RequestBuffer = (PMSV1_0_GETUSERINFO_REQUEST)ProtocolSubmitBuffer;
1028 ASSERT(RequestBuffer->MessageType == MsV1_0GetUserInfo);
1029
1030 TRACE("LogonId: 0x%lx\n", RequestBuffer->LogonId.LowPart);
1031
1032 RtlAcquireResourceShared(&LogonListResource, TRUE);
1033
1034 LogonEntry = GetLogonByLogonId(&RequestBuffer->LogonId);
1035 if (LogonEntry == NULL)
1036 {
1037 ERR("No logon found for LogonId %lx\n", RequestBuffer->LogonId.LowPart);
1038 Status = STATUS_INSUFFICIENT_RESOURCES;
1039 goto done;
1040 }
1041
1042 TRACE("UserName: %wZ\n", &LogonEntry->UserName);
1043 TRACE("LogonDomain: %wZ\n", &LogonEntry->LogonDomainName);
1044 TRACE("LogonServer: %wZ\n", &LogonEntry->LogonServer);
1045
1046 BufferLength = sizeof(MSV1_0_GETUSERINFO_RESPONSE) +
1047 LogonEntry->UserName.MaximumLength +
1048 LogonEntry->LogonDomainName.MaximumLength +
1049 LogonEntry->LogonServer.MaximumLength;
1050
1051 LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength);
1052 if (LocalBuffer == NULL)
1053 {
1054 ERR("Failed to allocate the local buffer!\n");
1055 Status = STATUS_INSUFFICIENT_RESOURCES;
1056 goto done;
1057 }
1058
1059 Status = DispatchTable.AllocateClientBuffer(ClientRequest,
1060 BufferLength,
1061 &ClientBaseAddress);
1062 if (!NT_SUCCESS(Status))
1063 {
1064 ERR("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
1065 goto done;
1066 }
1067
1068 TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
1069
1070 /* Fill the local buffer */
1071 LocalBuffer->MessageType = MsV1_0GetUserInfo;
1072
1073 BufferPtr = (PWSTR)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_GETUSERINFO_RESPONSE));
1074
1075 /* UserName */
1076 LocalBuffer->UserName.Length = LogonEntry->UserName.Length;
1077 LocalBuffer->UserName.MaximumLength = LogonEntry->UserName.MaximumLength;
1078 LocalBuffer->UserName.Buffer = (PWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)BufferPtr - (ULONG_PTR)LocalBuffer);
1079
1080 RtlCopyMemory(BufferPtr, LogonEntry->UserName.Buffer, LogonEntry->UserName.MaximumLength);
1081 BufferPtr = (PWSTR)((ULONG_PTR)BufferPtr + (ULONG_PTR)LocalBuffer->UserName.MaximumLength);
1082
1083 /* LogonDomainName */
1084 LocalBuffer->LogonDomainName.Length = LogonEntry->LogonDomainName.Length;
1085 LocalBuffer->LogonDomainName.MaximumLength = LogonEntry->LogonDomainName.MaximumLength;
1086 LocalBuffer->LogonDomainName.Buffer = (PWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)BufferPtr - (ULONG_PTR)LocalBuffer);
1087
1088 RtlCopyMemory(BufferPtr, LogonEntry->LogonDomainName.Buffer, LogonEntry->LogonDomainName.MaximumLength);
1089 BufferPtr = (PWSTR)((ULONG_PTR)BufferPtr + (ULONG_PTR)LocalBuffer->LogonDomainName.MaximumLength);
1090
1091 /* LogonServer */
1092 LocalBuffer->LogonServer.Length = LogonEntry->LogonServer.Length;
1093 LocalBuffer->LogonServer.MaximumLength = LogonEntry->LogonServer.MaximumLength;
1094 LocalBuffer->LogonServer.Buffer = (PWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)BufferPtr - (ULONG_PTR)LocalBuffer);
1095
1096 RtlCopyMemory(BufferPtr, LogonEntry->LogonServer.Buffer, LogonEntry->LogonServer.MaximumLength);
1097
1098 /* Logon Type */
1099 LocalBuffer->LogonType = LogonEntry->LogonType;
1100
1101 Status = DispatchTable.CopyToClientBuffer(ClientRequest,
1102 BufferLength,
1103 ClientBaseAddress,
1104 LocalBuffer);
1105 if (!NT_SUCCESS(Status))
1106 {
1107 ERR("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
1108 goto done;
1109 }
1110
1111 *ProtocolReturnBuffer = ClientBaseAddress;
1112 *ReturnBufferLength = BufferLength;
1113 *ProtocolStatus = STATUS_SUCCESS;
1114
1115done:
1116 RtlReleaseResource(&LogonListResource);
1117
1118 if (LocalBuffer != NULL)
1119 DispatchTable.FreeLsaHeap(LocalBuffer);
1120
1121 if (!NT_SUCCESS(Status))
1122 {
1123 if (ClientBaseAddress != NULL)
1124 DispatchTable.FreeClientBuffer(ClientRequest,
1125 ClientBaseAddress);
1126 }
1127
1128 return Status;
1129}
MSV1_0_GETUSERINFO_RESPONSE
struct _MSV1_0_GETUSERINFO_RESPONSE MSV1_0_GETUSERINFO_RESPONSE
PMSV1_0_GETUSERINFO_REQUEST
struct _MSV1_0_GETUSERINFO_REQUEST * PMSV1_0_GETUSERINFO_REQUEST
_MSV1_0_GETUSERINFO_REQUEST
Definition: ntmsv1_0.h:33
_MSV1_0_GETUSERINFO_REQUEST::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:34
_MSV1_0_GETUSERINFO_REQUEST::LogonId
LUID LogonId
Definition: ntmsv1_0.h:35
_MSV1_0_GETUSERINFO_RESPONSE
Definition: ntmsv1_0.h:39
_MSV1_0_GETUSERINFO_RESPONSE::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:40
_MSV1_0_GETUSERINFO_RESPONSE::UserName
UNICODE_STRING UserName
Definition: ntmsv1_0.h:42
_MSV1_0_GETUSERINFO_RESPONSE::LogonServer
UNICODE_STRING LogonServer
Definition: ntmsv1_0.h:44
_MSV1_0_GETUSERINFO_RESPONSE::LogonType
SECURITY_LOGON_TYPE LogonType
Definition: ntmsv1_0.h:45
_MSV1_0_GETUSERINFO_RESPONSE::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntmsv1_0.h:43
PWSTR
uint16_t * PWSTR
Definition: typedefs.h:56

Referenced by LsaApCallPackage().

◆ MsvpLm20ChallengeRequest()

static NTSTATUS MsvpLm20ChallengeRequest ( _In_ PLSA_CLIENT_REQUEST  ClientRequest,
_In_ PVOID  ProtocolSubmitBuffer,
_In_ PVOID  ClientBufferBase,
_In_ ULONG  SubmitBufferLength,
_Out_ PVOID ProtocolReturnBuffer,
_Out_ PULONG  ReturnBufferLength,
_Out_ PNTSTATUS  ProtocolStatus 
)
static

Definition at line 1134 of file msv1_0.c.

1142{
1143 PMSV1_0_LM20_CHALLENGE_REQUEST RequestBuffer;
1144 PMSV1_0_LM20_CHALLENGE_RESPONSE LocalBuffer = NULL;
1145 PVOID ClientBaseAddress = NULL;
1146 ULONG BufferLength;
1147 NTSTATUS Status = STATUS_SUCCESS;
1148
1149 TRACE("MsvpLm20ChallengeRequest()\n");
1150
1151 if (SubmitBufferLength < sizeof(MSV1_0_LM20_CHALLENGE_REQUEST))
1152 {
1153 ERR("Invalid SubmitBufferLength %lu\n", SubmitBufferLength);
1154 return STATUS_INVALID_PARAMETER;
1155 }
1156
1157 RequestBuffer = (PMSV1_0_LM20_CHALLENGE_REQUEST)ProtocolSubmitBuffer;
1158 ASSERT(RequestBuffer->MessageType == MsV1_0Lm20ChallengeRequest);
1159
1160 BufferLength = sizeof(MSV1_0_LM20_CHALLENGE_RESPONSE);
1161
1162 LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength);
1163 if (LocalBuffer == NULL)
1164 {
1165 ERR("Failed to allocate the local buffer!\n");
1166 Status = STATUS_INSUFFICIENT_RESOURCES;
1167 goto done;
1168 }
1169
1170 Status = DispatchTable.AllocateClientBuffer(ClientRequest,
1171 BufferLength,
1172 &ClientBaseAddress);
1173 if (!NT_SUCCESS(Status))
1174 {
1175 ERR("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
1176 goto done;
1177 }
1178
1179 TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
1180
1181 /* Fill the local buffer */
1182 LocalBuffer->MessageType = MsV1_0Lm20ChallengeRequest;
1183 if (!RtlGenRandom(LocalBuffer->ChallengeToClient, MSV1_0_CHALLENGE_LENGTH))
1184 {
1185 ERR("Failed to generate random challenge!\n");
1186 Status = STATUS_UNSUCCESSFUL;
1187 goto done;
1188 }
1189
1190 Status = DispatchTable.CopyToClientBuffer(ClientRequest,
1191 BufferLength,
1192 ClientBaseAddress,
1193 LocalBuffer);
1194 if (!NT_SUCCESS(Status))
1195 {
1196 ERR("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
1197 goto done;
1198 }
1199
1200 *ProtocolReturnBuffer = ClientBaseAddress;
1201 *ReturnBufferLength = BufferLength;
1202 *ProtocolStatus = STATUS_SUCCESS;
1203
1204done:
1205 if (LocalBuffer != NULL)
1206 DispatchTable.FreeLsaHeap(LocalBuffer);
1207
1208 if (!NT_SUCCESS(Status))
1209 {
1210 if (ClientBaseAddress != NULL)
1211 DispatchTable.FreeClientBuffer(ClientRequest,
1212 ClientBaseAddress);
1213 }
1214
1215 return Status;
1216}
MSV1_0_LM20_CHALLENGE_RESPONSE
struct _MSV1_0_LM20_CHALLENGE_RESPONSE MSV1_0_LM20_CHALLENGE_RESPONSE
PMSV1_0_LM20_CHALLENGE_REQUEST
struct _MSV1_0_LM20_CHALLENGE_REQUEST * PMSV1_0_LM20_CHALLENGE_REQUEST
MSV1_0_CHALLENGE_LENGTH
#define MSV1_0_CHALLENGE_LENGTH
Definition: ntsecapi.h:28
RtlGenRandom
#define RtlGenRandom
Definition: ntsecapi.h:691
_MSV1_0_LM20_CHALLENGE_REQUEST
Definition: ntmsv1_0.h:9
_MSV1_0_LM20_CHALLENGE_REQUEST::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:10
_MSV1_0_LM20_CHALLENGE_RESPONSE
Definition: ntmsv1_0.h:14
_MSV1_0_LM20_CHALLENGE_RESPONSE::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:15
_MSV1_0_LM20_CHALLENGE_RESPONSE::ChallengeToClient
UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH]
Definition: ntmsv1_0.h:16
STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132

Referenced by LsaApCallPackage().

◆ SpLsaModeInitialize()

NTSTATUS NTAPI SpLsaModeInitialize ( _In_ ULONG  LsaVersion,
_Out_ PULONG  PackageVersion,
_Out_ PSECPKG_FUNCTION_TABLE ppTables,
_Out_ PULONG  pcTables 
)

Definition at line 1970 of file msv1_0.c.

1975{
1976 TRACE("SpLsaModeInitialize(0x%lx %p %p %p)\n",
1977 LsaVersion, PackageVersion, ppTables, pcTables);
1978
1979 if (LsaVersion != SECPKG_INTERFACE_VERSION)
1980 return STATUS_INVALID_PARAMETER;
1981
1982 *PackageVersion = SECPKG_INTERFACE_VERSION;
1983
1984 *ppTables = NtlmLsaFn;
1985 *pcTables = 1;
1986
1987 return STATUS_SUCCESS;
1988}
NtlmLsaFn
SECPKG_FUNCTION_TABLE NtlmLsaFn[1]
Definition: global.c:23
SECPKG_INTERFACE_VERSION
#define SECPKG_INTERFACE_VERSION
Definition: ntsecpkg.h:34

◆ SpUserModeInitialize()

NTSTATUS WINAPI SpUserModeInitialize ( _In_ ULONG  LsaVersion,
_Out_ PULONG  PackageVersion,
_Out_ PSECPKG_USER_FUNCTION_TABLE ppTables,
_Out_ PULONG  pcTables 
)

Definition at line 1995 of file msv1_0.c.

2000{
2001 TRACE("SpUserModeInitialize(0x%lx %p %p %p)\n",
2002 LsaVersion, PackageVersion, ppTables, pcTables);
2003
2004 if (LsaVersion != SECPKG_INTERFACE_VERSION)
2005 return STATUS_INVALID_PARAMETER;
2006
2007 *PackageVersion = SECPKG_INTERFACE_VERSION;
2008
2009 *ppTables = NtlmUsrFn;
2010 *pcTables = 1;
2011
2012 return STATUS_SUCCESS;
2013}
NtlmUsrFn
SECPKG_USER_FUNCTION_TABLE NtlmUsrFn[1]
Definition: global.c:57

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( msv1_0  )

Variable Documentation

◆ EnumCounter

ULONG EnumCounter

Definition at line 31 of file msv1_0.c.

Referenced by LsaApInitializePackage(), and LsaApLogonUserEx2().

◆ LogonListHead

LIST_ENTRY LogonListHead

Definition at line 29 of file msv1_0.c.

Referenced by GetLogonByLogonId(), LsaApInitializePackage(), LsaApLogonUserEx2(), and MsvpEnumerateUsers().

◆ LogonListResource

RTL_RESOURCE LogonListResource

Definition at line 30 of file msv1_0.c.

Referenced by LsaApInitializePackage(), LsaApLogonTerminated(), LsaApLogonUserEx2(), MsvpEnumerateUsers(), and MsvpGetUserInfo().

◆ PackageInitialized

BOOL PackageInitialized = FALSE

Definition at line 28 of file msv1_0.c.

Referenced by LsaApInitializePackage().