ReactOS 0.4.16-dev-1049-g378a335
Classes | Typedefs | Functions | Variables
msv1_0.c File Reference
#include "precomp.h"
Include dependency graph for msv1_0.c:

Go to the source code of this file.

Classes

struct  _LOGON_LIST_ENTRY
 

Typedefs

typedef struct _LOGON_LIST_ENTRY LOGON_LIST_ENTRY
 
typedef struct _LOGON_LIST_ENTRYPLOGON_LIST_ENTRY
 

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (msv1_0)
 
static PLOGON_LIST_ENTRY GetLogonByLogonId (_In_ PLUID LogonId)
 
static NTSTATUS BuildInteractiveProfileBuffer (IN PLSA_CLIENT_REQUEST ClientRequest, IN PSAMPR_USER_INFO_BUFFER UserInfo, IN PWSTR ComputerName, OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer, OUT PULONG ProfileBufferLength)
 
static NTSTATUS BuildLm20LogonProfileBuffer (_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PSAMPR_USER_INFO_BUFFER UserInfo, _In_ PLSA_SAM_PWD_DATA LogonPwdData, _Out_ PMSV1_0_LM20_LOGON_PROFILE *ProfileBuffer, _Out_ PULONG ProfileBufferLength)
 
static PSID AppendRidToSid (PSID SrcSid, ULONG Rid)
 
static NTSTATUS BuildTokenUser (OUT PTOKEN_USER User, IN PSID AccountDomainSid, IN ULONG RelativeId)
 
static NTSTATUS BuildTokenPrimaryGroup (OUT PTOKEN_PRIMARY_GROUP PrimaryGroup, IN PSID AccountDomainSid, IN ULONG RelativeId)
 
static NTSTATUS BuildTokenGroups (OUT PTOKEN_GROUPS *Groups, IN PSID AccountDomainSid, IN ULONG RelativeId, IN BOOL SpecialAccount)
 
static NTSTATUS BuildTokenInformationBuffer (PLSA_TOKEN_INFORMATION_V1 *TokenInformation, PRPC_SID AccountDomainSid, PSAMPR_USER_INFO_BUFFER UserInfo, BOOL SpecialAccount)
 
static NTSTATUS MsvpChangePassword (IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
 
static NTSTATUS MsvpEnumerateUsers (_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferLength, _Out_ PVOID *ProtocolReturnBuffer, _Out_ PULONG ReturnBufferLength, _Out_ PNTSTATUS ProtocolStatus)
 
static NTSTATUS MsvpGetUserInfo (_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferLength, _Out_ PVOID *ProtocolReturnBuffer, _Out_ PULONG ReturnBufferLength, _Out_ PNTSTATUS ProtocolStatus)
 
NTSTATUS NTAPI LsaApCallPackage (IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
 
NTSTATUS NTAPI LsaApCallPackagePassthrough (IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
 
NTSTATUS NTAPI LsaApCallPackageUntrusted (IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
 
NTSTATUS NTAPI LsaApInitializePackage (IN ULONG AuthenticationPackageId, IN PLSA_DISPATCH_TABLE LsaDispatchTable, IN PLSA_STRING Database OPTIONAL, IN PLSA_STRING Confidentiality OPTIONAL, OUT PLSA_STRING *AuthenticationPackageName)
 
VOID NTAPI LsaApLogonTerminated (_In_ PLUID LogonId)
 
static NTSTATUS LsaApLogonUserEx2_Network (_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferSize, _In_ PUNICODE_STRING ComputerName, _Out_ PUNICODE_STRING *LogonUserRef, _Out_ PUNICODE_STRING *LogonDomainRef, _Inout_ PLSA_SAM_PWD_DATA LogonPwdData, _Out_ SAMPR_HANDLE *UserHandlePtr, _Out_ PSAMPR_USER_INFO_BUFFER *UserInfoPtr, _Out_ PRPC_SID *AccountDomainSidPtr, _Out_ PBOOL SpecialAccount, _Out_ PMSV1_0_LM20_LOGON_PROFILE *LogonProfile, _Out_ PULONG LogonProfileSize, _Out_ PNTSTATUS SubStatus)
 
NTSTATUS NTAPI LsaApLogonUserEx2 (IN PLSA_CLIENT_REQUEST ClientRequest, IN SECURITY_LOGON_TYPE LogonType, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferSize, OUT PVOID *ProfileBuffer, OUT PULONG ProfileBufferSize, OUT PLUID LogonId, OUT PNTSTATUS SubStatus, OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType, OUT PVOID *TokenInformation, OUT PUNICODE_STRING *AccountName, OUT PUNICODE_STRING *AuthenticatingAuthority, OUT PUNICODE_STRING *MachineName, OUT PSECPKG_PRIMARY_CRED PrimaryCredentials, OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials)
 
NTSTATUS NTAPI SpLsaModeInitialize (_In_ ULONG LsaVersion, _Out_ PULONG PackageVersion, _Out_ PSECPKG_FUNCTION_TABLE *ppTables, _Out_ PULONG pcTables)
 
NTSTATUS WINAPI SpUserModeInitialize (_In_ ULONG LsaVersion, _Out_ PULONG PackageVersion, _Out_ PSECPKG_USER_FUNCTION_TABLE *ppTables, _Out_ PULONG pcTables)
 

Variables

BOOL PackageInitialized = FALSE
 
LIST_ENTRY LogonListHead
 
RTL_RESOURCE LogonListResource
 
ULONG EnumCounter
 

Typedef Documentation

◆ LOGON_LIST_ENTRY

typedef struct _LOGON_LIST_ENTRY LOGON_LIST_ENTRY

◆ PLOGON_LIST_ENTRY

typedef struct _LOGON_LIST_ENTRY * PLOGON_LIST_ENTRY

Function Documentation

◆ AppendRidToSid()

static PSID AppendRidToSid ( PSID  SrcSid,
ULONG  Rid 
)
static

Definition at line 324 of file msv1_0.c.

326{
327 PSID DstSid = NULL;
328 UCHAR RidCount;
329
330 RidCount = *RtlSubAuthorityCountSid(SrcSid);
331 if (RidCount >= 8)
332 return NULL;
333
334 DstSid = DispatchTable.AllocateLsaHeap(RtlLengthRequiredSid(RidCount + 1));
335 if (DstSid == NULL)
336 return NULL;
337
338 RtlCopyMemory(DstSid,
339 SrcSid,
340 RtlLengthRequiredSid(RidCount));
341
342 *RtlSubAuthorityCountSid(DstSid) = RidCount + 1;
343 *RtlSubAuthoritySid(DstSid, RidCount) = Rid;
344
345 return DstSid;
346}
NULL
#define NULL
Definition: types.h:112
RtlSubAuthoritySid
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
RtlLengthRequiredSid
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
RtlSubAuthorityCountSid
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
Definition: sid.c:104
_SID
Definition: ms-dtyp.idl:198
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
DispatchTable
_In_ PWDFDEVICE_INIT _In_ PWDF_PDO_EVENT_CALLBACKS DispatchTable
Definition: wdfpdo.h:248
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181

Referenced by BuildTokenGroups(), BuildTokenPrimaryGroup(), BuildTokenUser(), SampCreateAccountSid(), SampInitializeSAM(), and SampSetupCreateUserAccount().

◆ BuildInteractiveProfileBuffer()

static NTSTATUS BuildInteractiveProfileBuffer ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PSAMPR_USER_INFO_BUFFER  UserInfo,
IN PWSTR  ComputerName,
OUT PMSV1_0_INTERACTIVE_PROFILE ProfileBuffer,
OUT PULONG  ProfileBufferLength 
)
static

Definition at line 63 of file msv1_0.c.

68{
69 PMSV1_0_INTERACTIVE_PROFILE LocalBuffer = NULL;
70 PVOID ClientBaseAddress = NULL;
71 LPWSTR Ptr;
72 ULONG BufferLength;
73 USHORT ComputerNameLength;
74 NTSTATUS Status = STATUS_SUCCESS;
75
76 *ProfileBuffer = NULL;
77 *ProfileBufferLength = 0;
78
79 if (UIntPtrToUShort(wcslen(ComputerName), &ComputerNameLength) != S_OK)
80 {
81 return STATUS_INVALID_PARAMETER;
82 }
83
84 BufferLength = sizeof(MSV1_0_INTERACTIVE_PROFILE) +
85 UserInfo->All.FullName.Length + sizeof(WCHAR) +
86 UserInfo->All.HomeDirectory.Length + sizeof(WCHAR) +
87 UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR) +
88 UserInfo->All.ScriptPath.Length + sizeof(WCHAR) +
89 UserInfo->All.ProfilePath.Length + sizeof(WCHAR) +
90 ((ComputerNameLength + 3) * sizeof(WCHAR));
91
92 LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength);
93 if (LocalBuffer == NULL)
94 {
95 TRACE("Failed to allocate the local buffer!\n");
96 Status = STATUS_INSUFFICIENT_RESOURCES;
97 goto done;
98 }
99
100 Status = DispatchTable.AllocateClientBuffer(ClientRequest,
101 BufferLength,
102 &ClientBaseAddress);
103 if (!NT_SUCCESS(Status))
104 {
105 TRACE("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
106 goto done;
107 }
108
109 TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
110
111 Ptr = (LPWSTR)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_INTERACTIVE_PROFILE));
112
113 LocalBuffer->MessageType = MsV1_0InteractiveProfile;
114 LocalBuffer->LogonCount = UserInfo->All.LogonCount;
115 LocalBuffer->BadPasswordCount = UserInfo->All.BadPasswordCount;
116
117 LocalBuffer->LogonTime.LowPart = UserInfo->All.LastLogon.LowPart;
118 LocalBuffer->LogonTime.HighPart = UserInfo->All.LastLogon.HighPart;
119
120 LocalBuffer->LogoffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
121 LocalBuffer->LogoffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
122
123 LocalBuffer->KickOffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
124 LocalBuffer->KickOffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
125
126 LocalBuffer->PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart;
127 LocalBuffer->PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart;
128
129 LocalBuffer->PasswordCanChange.LowPart = UserInfo->All.PasswordCanChange.LowPart;
130 LocalBuffer->PasswordCanChange.HighPart = UserInfo->All.PasswordCanChange.HighPart;
131
132 LocalBuffer->PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart;
133 LocalBuffer->PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart;
134
135 LocalBuffer->LogonScript.Length = UserInfo->All.ScriptPath.Length;
136 LocalBuffer->LogonScript.MaximumLength = UserInfo->All.ScriptPath.Length + sizeof(WCHAR);
137 LocalBuffer->LogonScript.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
138 memcpy(Ptr,
139 UserInfo->All.ScriptPath.Buffer,
140 UserInfo->All.ScriptPath.Length);
141
142 Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->LogonScript.MaximumLength);
143
144 LocalBuffer->HomeDirectory.Length = UserInfo->All.HomeDirectory.Length;
145 LocalBuffer->HomeDirectory.MaximumLength = UserInfo->All.HomeDirectory.Length + sizeof(WCHAR);
146 LocalBuffer->HomeDirectory.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
147 memcpy(Ptr,
148 UserInfo->All.HomeDirectory.Buffer,
149 UserInfo->All.HomeDirectory.Length);
150
151 Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectory.MaximumLength);
152
153 LocalBuffer->FullName.Length = UserInfo->All.FullName.Length;
154 LocalBuffer->FullName.MaximumLength = UserInfo->All.FullName.Length + sizeof(WCHAR);
155 LocalBuffer->FullName.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
156 memcpy(Ptr,
157 UserInfo->All.FullName.Buffer,
158 UserInfo->All.FullName.Length);
159 TRACE("FullName.Buffer: %p\n", LocalBuffer->FullName.Buffer);
160
161 Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->FullName.MaximumLength);
162
163 LocalBuffer->ProfilePath.Length = UserInfo->All.ProfilePath.Length;
164 LocalBuffer->ProfilePath.MaximumLength = UserInfo->All.ProfilePath.Length + sizeof(WCHAR);
165 LocalBuffer->ProfilePath.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
166 memcpy(Ptr,
167 UserInfo->All.ProfilePath.Buffer,
168 UserInfo->All.ProfilePath.Length);
169
170 Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->ProfilePath.MaximumLength);
171
172 LocalBuffer->HomeDirectoryDrive.Length = UserInfo->All.HomeDirectoryDrive.Length;
173 LocalBuffer->HomeDirectoryDrive.MaximumLength = UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR);
174 LocalBuffer->HomeDirectoryDrive.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
175 memcpy(Ptr,
176 UserInfo->All.HomeDirectoryDrive.Buffer,
177 UserInfo->All.HomeDirectoryDrive.Length);
178
179 Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectoryDrive.MaximumLength);
180
181 LocalBuffer->LogonServer.Length = (ComputerNameLength + 2) * sizeof(WCHAR);
182 LocalBuffer->LogonServer.MaximumLength = LocalBuffer->LogonServer.Length + sizeof(WCHAR);
183 LocalBuffer->LogonServer.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
184 wcscpy(Ptr, L"\\");
185 wcscat(Ptr, ComputerName);
186
187 LocalBuffer->UserFlags = 0;
188
189 Status = DispatchTable.CopyToClientBuffer(ClientRequest,
190 BufferLength,
191 ClientBaseAddress,
192 LocalBuffer);
193 if (!NT_SUCCESS(Status))
194 {
195 TRACE("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
196 goto done;
197 }
198
199 *ProfileBuffer = (PMSV1_0_INTERACTIVE_PROFILE)ClientBaseAddress;
200 *ProfileBufferLength = BufferLength;
201
202done:
203 if (LocalBuffer != NULL)
204 DispatchTable.FreeLsaHeap(LocalBuffer);
205
206 if (!NT_SUCCESS(Status))
207 {
208 if (ClientBaseAddress != NULL)
209 DispatchTable.FreeClientBuffer(ClientRequest,
210 ClientBaseAddress);
211 }
212
213 return Status;
214}
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
wcscat
wcscat
Definition: corecrt_wstring.h:101
wcscpy
wcscpy
Definition: corecrt_wstring.h:120
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
Ptr
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
Status
Status
Definition: gdiplustypes.h:25
wcslen
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
S_OK
#define S_OK
Definition: intsafe.h:52
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
ProfileBuffer
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
Definition: ntifs.template.h:714
ProfileBufferLength
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
Definition: ntifs.template.h:715
PMSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE * PMSV1_0_INTERACTIVE_PROFILE
MSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE MSV1_0_INTERACTIVE_PROFILE
MsV1_0InteractiveProfile
@ MsV1_0InteractiveProfile
Definition: ntsecapi.h:206
L
#define L(x)
Definition: ntvdm.h:50
USHORT
unsigned short USHORT
Definition: pedump.c:61
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_MSV1_0_INTERACTIVE_PROFILE
Definition: ntsecapi.h:439
_MSV1_0_INTERACTIVE_PROFILE::LogonTime
LARGE_INTEGER LogonTime
Definition: ntsecapi.h:443
_MSV1_0_INTERACTIVE_PROFILE::MessageType
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:440
_MSV1_0_INTERACTIVE_PROFILE::KickOffTime
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:445
_MSV1_0_INTERACTIVE_PROFILE::PasswordMustChange
LARGE_INTEGER PasswordMustChange
Definition: ntsecapi.h:448
_MSV1_0_INTERACTIVE_PROFILE::LogonScript
UNICODE_STRING LogonScript
Definition: ntsecapi.h:449
_MSV1_0_INTERACTIVE_PROFILE::PasswordCanChange
LARGE_INTEGER PasswordCanChange
Definition: ntsecapi.h:447
_MSV1_0_INTERACTIVE_PROFILE::LogoffTime
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:444
_MSV1_0_INTERACTIVE_PROFILE::FullName
UNICODE_STRING FullName
Definition: ntsecapi.h:451
_MSV1_0_INTERACTIVE_PROFILE::UserFlags
ULONG UserFlags
Definition: ntsecapi.h:455
_MSV1_0_INTERACTIVE_PROFILE::PasswordLastSet
LARGE_INTEGER PasswordLastSet
Definition: ntsecapi.h:446
_MSV1_0_INTERACTIVE_PROFILE::ProfilePath
UNICODE_STRING ProfilePath
Definition: ntsecapi.h:452
_MSV1_0_INTERACTIVE_PROFILE::LogonServer
UNICODE_STRING LogonServer
Definition: ntsecapi.h:454
_MSV1_0_INTERACTIVE_PROFILE::HomeDirectory
UNICODE_STRING HomeDirectory
Definition: ntsecapi.h:450
_MSV1_0_INTERACTIVE_PROFILE::HomeDirectoryDrive
UNICODE_STRING HomeDirectoryDrive
Definition: ntsecapi.h:453
_MSV1_0_INTERACTIVE_PROFILE::LogonCount
USHORT LogonCount
Definition: ntsecapi.h:441
_MSV1_0_INTERACTIVE_PROFILE::BadPasswordCount
USHORT BadPasswordCount
Definition: ntsecapi.h:442
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
ULONG
uint32_t ULONG
Definition: typedefs.h:59
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_LARGE_INTEGER::LowPart
ULONG LowPart
Definition: typedefs.h:106
_LARGE_INTEGER::HighPart
LONG HighPart
Definition: typedefs.h:107
BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

Referenced by LsaApLogonUserEx2().

◆ BuildLm20LogonProfileBuffer()

static NTSTATUS BuildLm20LogonProfileBuffer ( _In_ PLSA_CLIENT_REQUEST  ClientRequest,
_In_ PSAMPR_USER_INFO_BUFFER  UserInfo,
_In_ PLSA_SAM_PWD_DATA  LogonPwdData,
_Out_ PMSV1_0_LM20_LOGON_PROFILE ProfileBuffer,
_Out_ PULONG  ProfileBufferLength 
)
static

Definition at line 219 of file msv1_0.c.

225{
226 PMSV1_0_LM20_LOGON_PROFILE LocalBuffer;
227 NTLM_CLIENT_BUFFER Buffer;
228 PBYTE PtrOffset;
229 ULONG BufferLength;
230 NTSTATUS Status = STATUS_SUCCESS;
231 UNICODE_STRING ComputerNameUCS;
232
233 *ProfileBuffer = NULL;
234 *ProfileBufferLength = 0;
235
236 if (!NtlmUStrAlloc(&ComputerNameUCS, LogonPwdData->ComputerName->Length + sizeof(WCHAR) * 3, 0))
237 {
238 Status = STATUS_INSUFFICIENT_RESOURCES;
239 goto done;
240 }
241 Status = RtlAppendUnicodeToString(&ComputerNameUCS, L"\\\\");
242 if (!NT_SUCCESS(Status))
243 {
244 ERR("RtlAppendUnicodeToString failed 0x%lx\n", Status);
245 goto done;
246 }
247 Status = RtlAppendUnicodeStringToString(&ComputerNameUCS, LogonPwdData->ComputerName);
248 if (!NT_SUCCESS(Status))
249 {
250 ERR("RtlAppendUnicodeStringToString failed 0x%lx\n", Status);
251 goto done;
252 }
253
254 BufferLength = sizeof(MSV1_0_LM20_LOGON_PROFILE) + ComputerNameUCS.Length + sizeof(WCHAR);
255
256 Status = NtlmAllocateClientBuffer(ClientRequest, BufferLength, &Buffer);
257 if (!NT_SUCCESS(Status))
258 {
259 TRACE("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
260 goto done;
261 }
262
263 TRACE("ClientBaseAddress: %p\n", Buffer.ClientBaseAddress);
264
265 LocalBuffer = (PMSV1_0_LM20_LOGON_PROFILE)Buffer.LocalBuffer;
266 PtrOffset = (PBYTE)(LocalBuffer + 1);
267
268 LocalBuffer->MessageType = MsV1_0Lm20LogonProfile;
269 LocalBuffer->KickOffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
270 LocalBuffer->KickOffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
271 LocalBuffer->LogoffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
272 LocalBuffer->LogoffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
273
274 memcpy(LocalBuffer->UserSessionKey,
275 &LogonPwdData->UserSessionKey,
276 MSV1_0_USER_SESSION_KEY_LENGTH);
277
278 //FIXME: Set Domainname if we domain joined
279 // what to do if not? WORKGROUP
280 RtlInitUnicodeString(&LocalBuffer->LogonDomainName, NULL);
281
282 memcpy(LocalBuffer->LanmanSessionKey,
283 &LogonPwdData->LanmanSessionKey,
284 MSV1_0_LANMAN_SESSION_KEY_LENGTH);
285
286 if (!NtlmUStrWriteToStruct(LocalBuffer,
287 BufferLength,
288 &LocalBuffer->LogonServer,
289 &ComputerNameUCS,
290 &PtrOffset,
291 TRUE))
292 {
293 ERR("NtlmStructWriteUCS failed.\n");
294 Status = ERROR_INTERNAL_ERROR;
295 goto done;
296 }
297 /* not supported */
298 RtlInitUnicodeString(&LocalBuffer->UserParameters, NULL);
299 /* Build user flags */
300 LocalBuffer->UserFlags = 0x0;
301 if (LogonPwdData->LogonType == NetLogonLmKey)
302 LocalBuffer->UserFlags |= LOGON_USED_LM_PASSWORD;
303
304 /* copy data to client buffer */
305 Status = NtlmCopyToClientBuffer(ClientRequest, BufferLength, &Buffer);
306 if (!NT_SUCCESS(Status))
307 {
308 TRACE("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
309 goto done;
310 }
311
312 *ProfileBuffer = (PMSV1_0_LM20_LOGON_PROFILE)Buffer.ClientBaseAddress;
313 *ProfileBufferLength = BufferLength;
314done:
315 /* On success Buffer.ClientBaseAddress will not be free */
316 NtlmFreeClientBuffer(ClientRequest, !NT_SUCCESS(Status), &Buffer);
317 NtlmUStrFree(&ComputerNameUCS);
318 return Status;
319}
ERR
#define ERR(fmt,...)
Definition: precomp.h:57
PtrOffset
#define PtrOffset(BASE, OFFSET)
Definition: cdprocs.h:1547
Buffer
Definition: bufpool.h:45
TRUE
#define TRUE
Definition: types.h:120
NtlmUStrWriteToStruct
bool NtlmUStrWriteToStruct(_In_ PVOID DataStart, _In_ ULONG DataSize, _Out_ PUNICODE_STRING DstData, _In_ const PUNICODE_STRING SrcData, _Inout_ PBYTE *AbsoluteOffsetPtr, _In_ bool TerminateWith0)
Definition: util.c:197
NtlmUStrFree
VOID NtlmUStrFree(_In_ PUNICODE_STRING String)
Definition: util.c:115
NtlmCopyToClientBuffer
NTSTATUS NtlmCopyToClientBuffer(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ ULONG BufferLength, _Inout_ PNTLM_CLIENT_BUFFER Buffer)
Definition: util.c:301
NtlmUStrAlloc
bool NtlmUStrAlloc(_Inout_ PUNICODE_STRING Dst, _In_ UINT16 SizeInBytes, _In_ UINT16 InitLength)
Definition: util.c:103
NtlmAllocateClientBuffer
NTSTATUS NtlmAllocateClientBuffer(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ ULONG BufferLength, _Inout_ PNTLM_CLIENT_BUFFER Buffer)
Definition: util.c:264
NtlmFreeClientBuffer
VOID NtlmFreeClientBuffer(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ bool FreeClientBuffer, _Inout_ PNTLM_CLIENT_BUFFER Buffer)
Definition: util.c:335
RtlAppendUnicodeToString
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
Definition: string_lib.cpp:62
RtlAppendUnicodeStringToString
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
MSV1_0_USER_SESSION_KEY_LENGTH
#define MSV1_0_USER_SESSION_KEY_LENGTH
Definition: ntsecapi.h:60
MSV1_0_LM20_LOGON_PROFILE
struct _MSV1_0_LM20_LOGON_PROFILE MSV1_0_LM20_LOGON_PROFILE
MsV1_0Lm20LogonProfile
@ MsV1_0Lm20LogonProfile
Definition: ntsecapi.h:207
PMSV1_0_LM20_LOGON_PROFILE
struct _MSV1_0_LM20_LOGON_PROFILE * PMSV1_0_LM20_LOGON_PROFILE
MSV1_0_LANMAN_SESSION_KEY_LENGTH
#define MSV1_0_LANMAN_SESSION_KEY_LENGTH
Definition: ntsecapi.h:34
LOGON_USED_LM_PASSWORD
#define LOGON_USED_LM_PASSWORD
Definition: ntsecapi.h:11
PBYTE
BYTE * PBYTE
Definition: pedump.c:66
NetLogonLmKey
@ NetLogonLmKey
Definition: sam.h:13
_MSV1_0_LM20_LOGON_PROFILE
Definition: ntsecapi.h:478
_MSV1_0_LM20_LOGON_PROFILE::MessageType
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:479
_MSV1_0_LM20_LOGON_PROFILE::UserSessionKey
UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH]
Definition: ntsecapi.h:483
_MSV1_0_LM20_LOGON_PROFILE::LogonServer
UNICODE_STRING LogonServer
Definition: ntsecapi.h:486
_MSV1_0_LM20_LOGON_PROFILE::LanmanSessionKey
UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH]
Definition: ntsecapi.h:485
_MSV1_0_LM20_LOGON_PROFILE::UserFlags
ULONG UserFlags
Definition: ntsecapi.h:482
_MSV1_0_LM20_LOGON_PROFILE::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:484
_MSV1_0_LM20_LOGON_PROFILE::LogoffTime
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:481
_MSV1_0_LM20_LOGON_PROFILE::UserParameters
UNICODE_STRING UserParameters
Definition: ntsecapi.h:487
_MSV1_0_LM20_LOGON_PROFILE::KickOffTime
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:480
_NTLM_CLIENT_BUFFER
Definition: util.h:43
_UNICODE_STRING
Definition: env_spec_w32.h:368
ERROR_INTERNAL_ERROR
#define ERROR_INTERNAL_ERROR
Definition: winerror.h:840

Referenced by LsaApLogonUserEx2_Network().

◆ BuildTokenGroups()

static NTSTATUS BuildTokenGroups ( OUT PTOKEN_GROUPS Groups,
IN PSID  AccountDomainSid,
IN ULONG  RelativeId,
IN BOOL  SpecialAccount 
)
static

Definition at line 389 of file msv1_0.c.

393{
394 SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
395 PTOKEN_GROUPS TokenGroups;
396 DWORD GroupCount = 0;
397 DWORD MaxGroups = 2;
398 PSID Sid;
399 NTSTATUS Status = STATUS_SUCCESS;
400
401 if (SpecialAccount)
402 MaxGroups++;
403
404 TokenGroups = DispatchTable.AllocateLsaHeap(sizeof(TOKEN_GROUPS) +
405 MaxGroups * sizeof(SID_AND_ATTRIBUTES));
406 if (TokenGroups == NULL)
407 {
408 return STATUS_INSUFFICIENT_RESOURCES;
409 }
410
411 if (SpecialAccount)
412 {
413 /* Self */
414 Sid = AppendRidToSid(AccountDomainSid, RelativeId);
415 if (Sid == NULL)
416 {
417
418 }
419
420 TokenGroups->Groups[GroupCount].Sid = Sid;
421 TokenGroups->Groups[GroupCount].Attributes =
422 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
423 GroupCount++;
424
425 /* Member of 'Users' alias */
426 RtlAllocateAndInitializeSid(&SystemAuthority,
427 2,
428 SECURITY_BUILTIN_DOMAIN_RID,
429 DOMAIN_ALIAS_RID_USERS,
430 SECURITY_NULL_RID,
431 SECURITY_NULL_RID,
432 SECURITY_NULL_RID,
433 SECURITY_NULL_RID,
434 SECURITY_NULL_RID,
435 SECURITY_NULL_RID,
436 &Sid);
437 TokenGroups->Groups[GroupCount].Sid = Sid;
438 TokenGroups->Groups[GroupCount].Attributes =
439 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
440 GroupCount++;
441 }
442 else
443 {
444 /* Member of the domains users group */
445 Sid = AppendRidToSid(AccountDomainSid, DOMAIN_GROUP_RID_USERS);
446 if (Sid == NULL)
447 {
448
449 }
450
451 TokenGroups->Groups[GroupCount].Sid = Sid;
452 TokenGroups->Groups[GroupCount].Attributes =
453 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
454 GroupCount++;
455 }
456
457 /* Member of 'Authenticated users' */
458 RtlAllocateAndInitializeSid(&SystemAuthority,
459 1,
460 SECURITY_AUTHENTICATED_USER_RID,
461 SECURITY_NULL_RID,
462 SECURITY_NULL_RID,
463 SECURITY_NULL_RID,
464 SECURITY_NULL_RID,
465 SECURITY_NULL_RID,
466 SECURITY_NULL_RID,
467 SECURITY_NULL_RID,
468 &Sid);
469 TokenGroups->Groups[GroupCount].Sid = Sid;
470 TokenGroups->Groups[GroupCount].Attributes =
471 SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
472 GroupCount++;
473
474 TokenGroups->GroupCount = GroupCount;
475 ASSERT(TokenGroups->GroupCount <= MaxGroups);
476
477 *Groups = TokenGroups;
478
479 return Status;
480}
AccountDomainSid
PSID AccountDomainSid
Definition: database.c:24
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
ASSERT
#define ASSERT(a)
Definition: mode.c:44
SystemAuthority
static SID_IDENTIFIER_AUTHORITY SystemAuthority
Definition: msgina.c:38
AppendRidToSid
static PSID AppendRidToSid(PSID SrcSid, ULONG Rid)
Definition: msv1_0.c:324
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1157
SE_GROUP_MANDATORY
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
SE_GROUP_ENABLED_BY_DEFAULT
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
_SID_AND_ATTRIBUTES
Definition: setypes.h:502
_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194
_TOKEN_GROUPS
Definition: setypes.h:1013
DOMAIN_ALIAS_RID_USERS
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:653
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
SECURITY_AUTHENTICATED_USER_RID
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:568
SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:540
SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
TokenGroups
@ TokenGroups
Definition: setypes.h:967
DOMAIN_GROUP_RID_USERS
#define DOMAIN_GROUP_RID_USERS
Definition: setypes.h:640

Referenced by BuildTokenInformationBuffer().

◆ BuildTokenInformationBuffer()

static NTSTATUS BuildTokenInformationBuffer ( PLSA_TOKEN_INFORMATION_V1 TokenInformation,
PRPC_SID  AccountDomainSid,
PSAMPR_USER_INFO_BUFFER  UserInfo,
BOOL  SpecialAccount 
)
static

Definition at line 485 of file msv1_0.c.

489{
490 PLSA_TOKEN_INFORMATION_V1 Buffer = NULL;
491 ULONG i;
492 NTSTATUS Status = STATUS_SUCCESS;
493
494 Buffer = DispatchTable.AllocateLsaHeap(sizeof(LSA_TOKEN_INFORMATION_V1));
495 if (Buffer == NULL)
496 {
497 WARN("Failed to allocate the local buffer!\n");
498 Status = STATUS_INSUFFICIENT_RESOURCES;
499 goto done;
500 }
501
502 Buffer->ExpirationTime.LowPart = UserInfo->All.AccountExpires.LowPart;
503 Buffer->ExpirationTime.HighPart = UserInfo->All.AccountExpires.HighPart;
504
505 Status = BuildTokenUser(&Buffer->User,
506 (PSID)AccountDomainSid,
507 UserInfo->All.UserId);
508 if (!NT_SUCCESS(Status))
509 {
510 WARN("BuildTokenUser() failed (Status 0x%08lx)\n", Status);
511 goto done;
512 }
513
514 Status = BuildTokenPrimaryGroup(&Buffer->PrimaryGroup,
515 (PSID)AccountDomainSid,
516 UserInfo->All.PrimaryGroupId);
517 if (!NT_SUCCESS(Status))
518 {
519 WARN("BuildTokenPrimaryGroup() failed (Status 0x%08lx)\n", Status);
520 goto done;
521 }
522
523 Status = BuildTokenGroups(&Buffer->Groups,
524 (PSID)AccountDomainSid,
525 UserInfo->All.UserId,
526 SpecialAccount);
527 if (!NT_SUCCESS(Status))
528 {
529 WARN("BuildTokenGroups() failed (Status 0x%08lx)\n", Status);
530 goto done;
531 }
532
533 *TokenInformation = Buffer;
534
535done:
536 if (!NT_SUCCESS(Status))
537 {
538 if (Buffer != NULL)
539 {
540 if (Buffer->User.User.Sid != NULL)
541 DispatchTable.FreeLsaHeap(Buffer->User.User.Sid);
542
543 if (Buffer->Groups != NULL)
544 {
545 for (i = 0; i < Buffer->Groups->GroupCount; i++)
546 {
547 if (Buffer->Groups->Groups[i].Sid != NULL)
548 DispatchTable.FreeLsaHeap(Buffer->Groups->Groups[i].Sid);
549 }
550
551 DispatchTable.FreeLsaHeap(Buffer->Groups);
552 }
553
554 if (Buffer->PrimaryGroup.PrimaryGroup != NULL)
555 DispatchTable.FreeLsaHeap(Buffer->PrimaryGroup.PrimaryGroup);
556
557 if (Buffer->DefaultDacl.DefaultDacl != NULL)
558 DispatchTable.FreeLsaHeap(Buffer->DefaultDacl.DefaultDacl);
559
560 DispatchTable.FreeLsaHeap(Buffer);
561 }
562 }
563
564 return Status;
565}
WARN
#define WARN(fmt,...)
Definition: precomp.h:61
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
BuildTokenGroups
static NTSTATUS BuildTokenGroups(OUT PTOKEN_GROUPS *Groups, IN PSID AccountDomainSid, IN ULONG RelativeId, IN BOOL SpecialAccount)
Definition: msv1_0.c:389
BuildTokenPrimaryGroup
static NTSTATUS BuildTokenPrimaryGroup(OUT PTOKEN_PRIMARY_GROUP PrimaryGroup, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:371
BuildTokenUser
static NTSTATUS BuildTokenUser(OUT PTOKEN_USER User, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:351
_LSA_TOKEN_INFORMATION_V1
Definition: authpackage.c:27
_OLD_LARGE_INTEGER::LowPart
unsigned long LowPart
Definition: msv1_0.h:32
_OLD_LARGE_INTEGER::HighPart
long HighPart
Definition: msv1_0.h:33
_SAMPR_USER_ALL_INFORMATION::PrimaryGroupId
unsigned long PrimaryGroupId
Definition: msv1_0.h:101
_SAMPR_USER_ALL_INFORMATION::UserId
unsigned long UserId
Definition: msv1_0.h:100
_SAMPR_USER_ALL_INFORMATION::AccountExpires
OLD_LARGE_INTEGER AccountExpires
Definition: msv1_0.h:83
_SAMPR_USER_INFO_BUFFER::All
SAMPR_USER_ALL_INFORMATION All
Definition: msv1_0.h:141

Referenced by LsaApLogonUserEx2().

◆ BuildTokenPrimaryGroup()

static NTSTATUS BuildTokenPrimaryGroup ( OUT PTOKEN_PRIMARY_GROUP  PrimaryGroup,
IN PSID  AccountDomainSid,
IN ULONG  RelativeId 
)
static

Definition at line 371 of file msv1_0.c.

374{
375 PrimaryGroup->PrimaryGroup = AppendRidToSid(AccountDomainSid,
376 RelativeId);
377 if (PrimaryGroup->PrimaryGroup == NULL)
378 {
379 ERR("Could not create the primary group SID\n");
380 return STATUS_INSUFFICIENT_RESOURCES;
381 }
382
383 return STATUS_SUCCESS;
384}
PrimaryGroup
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1623

Referenced by BuildTokenInformationBuffer().

◆ BuildTokenUser()

static NTSTATUS BuildTokenUser ( OUT PTOKEN_USER  User,
IN PSID  AccountDomainSid,
IN ULONG  RelativeId 
)
static

Definition at line 351 of file msv1_0.c.

354{
355 User->User.Sid = AppendRidToSid(AccountDomainSid,
356 RelativeId);
357 if (User->User.Sid == NULL)
358 {
359 ERR("Could not create the user SID\n");
360 return STATUS_INSUFFICIENT_RESOURCES;
361 }
362
363 User->User.Attributes = 0;
364
365 return STATUS_SUCCESS;
366}

Referenced by BuildTokenInformationBuffer().

◆ GetLogonByLogonId()

static PLOGON_LIST_ENTRY GetLogonByLogonId ( _In_ PLUID  LogonId)
static

Definition at line 37 of file msv1_0.c.

39{
40 PLOGON_LIST_ENTRY LogonEntry;
41 PLIST_ENTRY CurrentEntry;
42
43 CurrentEntry = LogonListHead.Flink;
44 while (CurrentEntry != &LogonListHead)
45 {
46 LogonEntry = CONTAINING_RECORD(CurrentEntry,
47 LOGON_LIST_ENTRY,
48 ListEntry);
49
50 if ((LogonEntry->LogonId.HighPart == LogonId->HighPart) &&
51 (LogonEntry->LogonId.LowPart == LogonId->LowPart))
52 return LogonEntry;
53
54 CurrentEntry = CurrentEntry->Flink;
55 }
56
57 return NULL;
58}
LogonListHead
LIST_ENTRY LogonListHead
Definition: msv1_0.c:29
LogonId
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
Definition: ntifs.template.h:716
_LIST_ENTRY
Definition: typedefs.h:120
_LIST_ENTRY::Flink
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
_LOGON_LIST_ENTRY
Definition: msv1_0.c:16
_LOGON_LIST_ENTRY::LogonId
LUID LogonId
Definition: msv1_0.c:18
_LUID::HighPart
LONG HighPart
Definition: devicetopology.idl:139
_LUID::LowPart
DWORD LowPart
Definition: devicetopology.idl:138
CONTAINING_RECORD
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260

Referenced by LsaApLogonTerminated(), and MsvpGetUserInfo().

◆ LsaApCallPackage()

NTSTATUS NTAPI LsaApCallPackage ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PVOID  ProtocolSubmitBuffer,
IN PVOID  ClientBufferBase,
IN ULONG  SubmitBufferLength,
OUT PVOID ProtocolReturnBuffer,
OUT PULONG  ReturnBufferLength,
OUT PNTSTATUS  ProtocolStatus 
)

Definition at line 1131 of file msv1_0.c.

1138{
1139 NTSTATUS Status;
1140 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
1141
1142 TRACE("LsaApCallPackage()\n");
1143
1144 if (SubmitBufferLength < sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE))
1145 return STATUS_INVALID_PARAMETER;
1146
1147 MessageType = *((PMSV1_0_PROTOCOL_MESSAGE_TYPE)ProtocolSubmitBuffer);
1148
1149 *ProtocolReturnBuffer = NULL;
1150 *ReturnBufferLength = 0;
1151
1152 switch (MessageType)
1153 {
1154 case MsV1_0Lm20ChallengeRequest:
1155 case MsV1_0Lm20GetChallengeResponse:
1156 Status = STATUS_NOT_IMPLEMENTED;
1157 break;
1158
1159 case MsV1_0EnumerateUsers:
1160 Status = MsvpEnumerateUsers(ClientRequest,
1161 ProtocolSubmitBuffer,
1162 ClientBufferBase,
1163 SubmitBufferLength,
1164 ProtocolReturnBuffer,
1165 ReturnBufferLength,
1166 ProtocolStatus);
1167 break;
1168
1169 case MsV1_0GetUserInfo:
1170 Status = MsvpGetUserInfo(ClientRequest,
1171 ProtocolSubmitBuffer,
1172 ClientBufferBase,
1173 SubmitBufferLength,
1174 ProtocolReturnBuffer,
1175 ReturnBufferLength,
1176 ProtocolStatus);
1177 break;
1178
1179 case MsV1_0ReLogonUsers:
1180 Status = STATUS_INVALID_PARAMETER;
1181 break;
1182
1183 case MsV1_0ChangePassword:
1184 Status = MsvpChangePassword(ClientRequest,
1185 ProtocolSubmitBuffer,
1186 ClientBufferBase,
1187 SubmitBufferLength,
1188 ProtocolReturnBuffer,
1189 ReturnBufferLength,
1190 ProtocolStatus);
1191 break;
1192
1193 case MsV1_0ChangeCachedPassword:
1194 case MsV1_0GenericPassthrough:
1195 case MsV1_0CacheLogon:
1196 case MsV1_0SubAuth:
1197 case MsV1_0DeriveCredential:
1198 case MsV1_0CacheLookup:
1199 Status = STATUS_NOT_IMPLEMENTED;
1200 break;
1201
1202 default:
1203 return STATUS_INVALID_PARAMETER;
1204 }
1205
1206 return Status;
1207}
STATUS_NOT_IMPLEMENTED
#define STATUS_NOT_IMPLEMENTED
Definition: d3dkmdt.h:42
ProtocolStatus
VOID NTAPI ProtocolStatus(NDIS_HANDLE BindingContext, NDIS_STATUS GenerelStatus, PVOID StatusBuffer, UINT StatusBufferSize)
Called by NDIS when the underlying driver has changed state.
Definition: lan.c:461
MsvpGetUserInfo
static NTSTATUS MsvpGetUserInfo(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferLength, _Out_ PVOID *ProtocolReturnBuffer, _Out_ PULONG ReturnBufferLength, _Out_ PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:997
MsvpEnumerateUsers
static NTSTATUS MsvpEnumerateUsers(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferLength, _Out_ PVOID *ProtocolReturnBuffer, _Out_ PULONG ReturnBufferLength, _Out_ PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:868
MsvpChangePassword
static NTSTATUS MsvpChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:570
MsV1_0ChangeCachedPassword
@ MsV1_0ChangeCachedPassword
Definition: ntsecapi.h:224
MsV1_0GenericPassthrough
@ MsV1_0GenericPassthrough
Definition: ntsecapi.h:225
MsV1_0Lm20GetChallengeResponse
@ MsV1_0Lm20GetChallengeResponse
Definition: ntsecapi.h:219
MsV1_0CacheLookup
@ MsV1_0CacheLookup
Definition: ntsecapi.h:229
MsV1_0DeriveCredential
@ MsV1_0DeriveCredential
Definition: ntsecapi.h:228
MsV1_0ReLogonUsers
@ MsV1_0ReLogonUsers
Definition: ntsecapi.h:222
MsV1_0ChangePassword
@ MsV1_0ChangePassword
Definition: ntsecapi.h:223
MsV1_0Lm20ChallengeRequest
@ MsV1_0Lm20ChallengeRequest
Definition: ntsecapi.h:218
MsV1_0EnumerateUsers
@ MsV1_0EnumerateUsers
Definition: ntsecapi.h:220
MsV1_0CacheLogon
@ MsV1_0CacheLogon
Definition: ntsecapi.h:226
MsV1_0GetUserInfo
@ MsV1_0GetUserInfo
Definition: ntsecapi.h:221
MsV1_0SubAuth
@ MsV1_0SubAuth
Definition: ntsecapi.h:227
PMSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE * PMSV1_0_PROTOCOL_MESSAGE_TYPE
MSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE MSV1_0_PROTOCOL_MESSAGE_TYPE

◆ LsaApCallPackagePassthrough()

NTSTATUS NTAPI LsaApCallPackagePassthrough ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PVOID  ProtocolSubmitBuffer,
IN PVOID  ClientBufferBase,
IN ULONG  SubmitBufferLength,
OUT PVOID ProtocolReturnBuffer,
OUT PULONG  ReturnBufferLength,
OUT PNTSTATUS  ProtocolStatus 
)

Definition at line 1215 of file msv1_0.c.

1222{
1223 TRACE("LsaApCallPackagePassthrough()\n");
1224 return STATUS_NOT_IMPLEMENTED;
1225}

◆ LsaApCallPackageUntrusted()

NTSTATUS NTAPI LsaApCallPackageUntrusted ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PVOID  ProtocolSubmitBuffer,
IN PVOID  ClientBufferBase,
IN ULONG  SubmitBufferLength,
OUT PVOID ProtocolReturnBuffer,
OUT PULONG  ReturnBufferLength,
OUT PNTSTATUS  ProtocolStatus 
)

Definition at line 1233 of file msv1_0.c.

1240{
1241 ULONG MessageType;
1242 NTSTATUS Status;
1243
1244 TRACE("LsaApCallPackageUntrusted()\n");
1245
1246 if (SubmitBufferLength < sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE))
1247 return STATUS_INVALID_PARAMETER;
1248
1249 MessageType = (ULONG)*((PMSV1_0_PROTOCOL_MESSAGE_TYPE)ProtocolSubmitBuffer);
1250
1251 *ProtocolReturnBuffer = NULL;
1252 *ReturnBufferLength = 0;
1253
1254 if (MessageType == MsV1_0ChangePassword)
1255 Status = MsvpChangePassword(ClientRequest,
1256 ProtocolSubmitBuffer,
1257 ClientBufferBase,
1258 SubmitBufferLength,
1259 ProtocolReturnBuffer,
1260 ReturnBufferLength,
1261 ProtocolStatus);
1262 else
1263 Status = STATUS_ACCESS_DENIED;
1264
1265 return Status;
1266}
STATUS_ACCESS_DENIED
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145

◆ LsaApInitializePackage()

NTSTATUS NTAPI LsaApInitializePackage ( IN ULONG  AuthenticationPackageId,
IN PLSA_DISPATCH_TABLE  LsaDispatchTable,
IN PLSA_STRING Database  OPTIONAL,
IN PLSA_STRING Confidentiality  OPTIONAL,
OUT PLSA_STRING AuthenticationPackageName 
)

Definition at line 1274 of file msv1_0.c.

1279{
1280 PANSI_STRING NameString;
1281 PCHAR NameBuffer;
1282
1283 TRACE("LsaApInitializePackage(%lu %p %p %p %p)\n",
1284 AuthenticationPackageId, LsaDispatchTable, Database,
1285 Confidentiality, AuthenticationPackageName);
1286
1287 if (!PackageInitialized)
1288 {
1289 InitializeListHead(&LogonListHead);
1290 RtlInitializeResource(&LogonListResource);
1291 EnumCounter = 0;
1292 PackageInitialized = TRUE;
1293 }
1294
1295 /* Get the dispatch table entries */
1296 DispatchTable.CreateLogonSession = LsaDispatchTable->CreateLogonSession;
1297 DispatchTable.DeleteLogonSession = LsaDispatchTable->DeleteLogonSession;
1298 DispatchTable.AddCredential = LsaDispatchTable->AddCredential;
1299 DispatchTable.GetCredentials = LsaDispatchTable->GetCredentials;
1300 DispatchTable.DeleteCredential = LsaDispatchTable->DeleteCredential;
1301 DispatchTable.AllocateLsaHeap = LsaDispatchTable->AllocateLsaHeap;
1302 DispatchTable.FreeLsaHeap = LsaDispatchTable->FreeLsaHeap;
1303 DispatchTable.AllocateClientBuffer = LsaDispatchTable->AllocateClientBuffer;
1304 DispatchTable.FreeClientBuffer = LsaDispatchTable->FreeClientBuffer;
1305 DispatchTable.CopyToClientBuffer = LsaDispatchTable->CopyToClientBuffer;
1306 DispatchTable.CopyFromClientBuffer = LsaDispatchTable->CopyFromClientBuffer;
1307
1308 /* Return the package name */
1309 NameString = DispatchTable.AllocateLsaHeap(sizeof(LSA_STRING));
1310 if (NameString == NULL)
1311 return STATUS_INSUFFICIENT_RESOURCES;
1312
1313 NameBuffer = DispatchTable.AllocateLsaHeap(sizeof(MSV1_0_PACKAGE_NAME));
1314 if (NameBuffer == NULL)
1315 {
1316 DispatchTable.FreeLsaHeap(NameString);
1317 return STATUS_INSUFFICIENT_RESOURCES;
1318 }
1319
1320 strcpy(NameBuffer, MSV1_0_PACKAGE_NAME);
1321
1322 RtlInitAnsiString(NameString, NameBuffer);
1323
1324 *AuthenticationPackageName = (PLSA_STRING)NameString;
1325
1326 return STATUS_SUCCESS;
1327}
InitializeListHead
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
EnumCounter
ULONG EnumCounter
Definition: msv1_0.c:31
PackageInitialized
BOOL PackageInitialized
Definition: msv1_0.c:28
LogonListResource
RTL_RESOURCE LogonListResource
Definition: msv1_0.c:30
RtlInitializeResource
NTSYSAPI VOID NTAPI RtlInitializeResource(_In_ PRTL_RESOURCE Resource)
RtlInitAnsiString
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
PLSA_STRING
struct _LSA_STRING * PLSA_STRING
MSV1_0_PACKAGE_NAME
#define MSV1_0_PACKAGE_NAME
Definition: ntsecapi.h:42
strcpy
strcpy
Definition: string.h:131
_ANSI_STRING
Definition: env_spec_w32.h:375
_LSA_STRING
Definition: ntsecapi.h:171
PCHAR
char * PCHAR
Definition: typedefs.h:51

◆ LsaApLogonTerminated()

VOID NTAPI LsaApLogonTerminated ( _In_ PLUID  LogonId)

Definition at line 1335 of file msv1_0.c.

1337{
1338 PLOGON_LIST_ENTRY LogonEntry;
1339
1340 TRACE("LsaApLogonTerminated()\n");
1341
1342 /* Remove the given logon entry from the list */
1343 LogonEntry = GetLogonByLogonId(LogonId);
1344 if (LogonEntry != NULL)
1345 {
1346 RtlAcquireResourceExclusive(&LogonListResource, TRUE);
1347 RemoveEntryList(&LogonEntry->ListEntry);
1348 RtlReleaseResource(&LogonListResource);
1349
1350 if (LogonEntry->UserName.Buffer)
1351 RtlFreeHeap(RtlGetProcessHeap(), 0, LogonEntry->UserName.Buffer);
1352
1353 if (LogonEntry->LogonDomainName.Buffer)
1354 RtlFreeHeap(RtlGetProcessHeap(), 0, LogonEntry->LogonDomainName.Buffer);
1355
1356 if (LogonEntry->LogonServer.Buffer)
1357 RtlFreeHeap(RtlGetProcessHeap(), 0, LogonEntry->LogonServer.Buffer);
1358
1359 RtlFreeHeap(RtlGetProcessHeap(), 0, LogonEntry);
1360 }
1361}
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:634
RemoveEntryList
#define RemoveEntryList(Entry)
Definition: env_spec_w32.h:986
GetLogonByLogonId
static PLOGON_LIST_ENTRY GetLogonByLogonId(_In_ PLUID LogonId)
Definition: msv1_0.c:37
RtlAcquireResourceExclusive
NTSYSAPI BOOLEAN NTAPI RtlAcquireResourceExclusive(_In_ PRTL_RESOURCE Resource, _In_ BOOLEAN Wait)
RtlReleaseResource
NTSYSAPI VOID NTAPI RtlReleaseResource(_In_ PRTL_RESOURCE Resource)
_LOGON_LIST_ENTRY::UserName
UNICODE_STRING UserName
Definition: msv1_0.c:20
_LOGON_LIST_ENTRY::ListEntry
LIST_ENTRY ListEntry
Definition: msv1_0.c:17
_LOGON_LIST_ENTRY::LogonServer
UNICODE_STRING LogonServer
Definition: msv1_0.c:22
_LOGON_LIST_ENTRY::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: msv1_0.c:21

◆ LsaApLogonUserEx2()

NTSTATUS NTAPI LsaApLogonUserEx2 ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN SECURITY_LOGON_TYPE  LogonType,
IN PVOID  ProtocolSubmitBuffer,
IN PVOID  ClientBufferBase,
IN ULONG  SubmitBufferSize,
OUT PVOID ProfileBuffer,
OUT PULONG  ProfileBufferSize,
OUT PLUID  LogonId,
OUT PNTSTATUS  SubStatus,
OUT PLSA_TOKEN_INFORMATION_TYPE  TokenInformationType,
OUT PVOID TokenInformation,
OUT PUNICODE_STRING AccountName,
OUT PUNICODE_STRING AuthenticatingAuthority,
OUT PUNICODE_STRING MachineName,
OUT PSECPKG_PRIMARY_CRED  PrimaryCredentials,
OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY SupplementalCredentials 
)

Definition at line 1459 of file msv1_0.c.

1475{
1476 NTSTATUS Status;
1477 UNICODE_STRING ComputerName;
1478 WCHAR ComputerNameData[MAX_COMPUTERNAME_LENGTH + 1];
1479 PUNICODE_STRING LogonUserName = NULL;
1480 LSA_SAM_PWD_DATA LogonPwdData = { FALSE, NULL };
1481 PUNICODE_STRING LogonDomain = NULL;
1482 SAMPR_HANDLE UserHandle = NULL;
1483 PRPC_SID AccountDomainSid = NULL;
1484 PSAMPR_USER_INFO_BUFFER UserInfo = NULL;
1485 BOOLEAN SessionCreated = FALSE;
1486 DWORD ComputerNameSize;
1487 BOOL SpecialAccount = FALSE;
1488 UCHAR LogonPassHash;
1489 PUNICODE_STRING ErasePassword = NULL;
1490 PLOGON_LIST_ENTRY LogonEntry = NULL;
1491
1492 TRACE("LsaApLogonUserEx2()\n");
1493
1494 TRACE("LogonType: %lu\n", LogonType);
1495 TRACE("ProtocolSubmitBuffer: %p\n", ProtocolSubmitBuffer);
1496 TRACE("SubmitBufferSize: %lu\n", SubmitBufferSize);
1497
1498 *ProfileBuffer = NULL;
1499 *ProfileBufferSize = 0;
1500 *SubStatus = STATUS_SUCCESS;
1501 *AccountName = NULL;
1502 *AuthenticatingAuthority = NULL;
1503
1504 /* Get the computer name */
1505 ComputerNameSize = ARRAYSIZE(ComputerNameData);
1506 if (!GetComputerNameW(ComputerNameData, &ComputerNameSize))
1507 {
1508 ERR("Failed to get Computername.\n");
1509 return STATUS_INTERNAL_ERROR;
1510 }
1511 RtlInitUnicodeString(&ComputerName, ComputerNameData);
1512
1513 /* Parameters validation */
1514 if (LogonType == Interactive ||
1515 LogonType == Batch ||
1516 LogonType == Service)
1517 {
1518 PMSV1_0_INTERACTIVE_LOGON LogonInfo;
1519 ULONG_PTR PtrOffset;
1520
1521 if (SubmitBufferSize < sizeof(MSV1_0_INTERACTIVE_LOGON))
1522 {
1523 ERR("Invalid SubmitBufferSize %lu\n", SubmitBufferSize);
1524 return STATUS_INVALID_PARAMETER;
1525 }
1526
1527 LogonInfo = (PMSV1_0_INTERACTIVE_LOGON)ProtocolSubmitBuffer;
1528
1529 if (LogonInfo->MessageType != MsV1_0InteractiveLogon &&
1530 LogonInfo->MessageType != MsV1_0WorkstationUnlockLogon)
1531 {
1532 ERR("Invalid MessageType %lu\n", LogonInfo->MessageType);
1533 return STATUS_BAD_VALIDATION_CLASS;
1534 }
1535
1536#if 0 // FIXME: These checks happen to be done on Windows. We however keep them general on ReactOS for now...
1537 if (LogonInfo->UserName.Length > 512) // CRED_MAX_STRING_LENGTH * sizeof(WCHAR) or (CREDUI_MAX_USERNAME_LENGTH (== CRED_MAX_USERNAME_LENGTH) - 1) * sizeof(WCHAR)
1538 {
1539 ERR("UserName too long (%lu, maximum 512)\n", LogonInfo->UserName.Length);
1540 return STATUS_NAME_TOO_LONG;
1541 }
1542 if (LogonInfo->Password.Length > 512) // CREDUI_MAX_PASSWORD_LENGTH * sizeof(WCHAR)
1543 {
1544 ERR("Password too long (%lu, maximum 512)\n", LogonInfo->Password.Length);
1545 return STATUS_NAME_TOO_LONG;
1546 }
1547#endif
1548
1549 /* Fix-up pointers in the authentication info */
1550 PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
1551
1552 /* LogonDomainName is optional and can be an empty string */
1553 if (LogonInfo->LogonDomainName.Length)
1554 {
1555 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
1556 LogonInfo->LogonDomainName.Buffer = FIXUP_POINTER(LogonInfo->LogonDomainName.Buffer, PtrOffset);
1557 LogonInfo->LogonDomainName.MaximumLength = LogonInfo->LogonDomainName.Length;
1558 }
1559 else
1560 {
1561 LogonInfo->LogonDomainName.Buffer = NULL;
1562 LogonInfo->LogonDomainName.MaximumLength = 0;
1563 }
1564 Status = RtlValidateUnicodeString(0, &LogonInfo->LogonDomainName);
1565 if (!NT_SUCCESS(Status))
1566 return STATUS_INVALID_PARAMETER;
1567
1568 /* UserName is mandatory and cannot be an empty string */
1569 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
1570 LogonInfo->UserName.Buffer = FIXUP_POINTER(LogonInfo->UserName.Buffer, PtrOffset);
1571 LogonInfo->UserName.MaximumLength = LogonInfo->UserName.Length;
1572
1573 Status = RtlValidateUnicodeString(0, &LogonInfo->UserName);
1574 if (!NT_SUCCESS(Status))
1575 return STATUS_INVALID_PARAMETER;
1576
1577 /* MS docs says max length is 0xFF bytes. But thats not the full story:
1578 *
1579 * A Quote from https://groups.google.com/forum/#!topic/microsoft.public.win32.programmer.kernel/eFGcCo_ZObk:
1580 * "... At least on my WinXP SP2. Domain and UserName are passed
1581 * in clear text, but the Password is NOT. ..."
1582 *
1583 * If the higher byte of length != 0 we have to use RtlRunDecodeUnicodeString.
1584 */
1585 LogonPassHash = (LogonInfo->Password.Length >> 8) & 0xFF;
1586 LogonInfo->Password.Length = LogonInfo->Password.Length & 0xFF;
1587
1588 /* Password is optional and can be an empty string */
1589 if (LogonInfo->Password.Length)
1590 {
1591 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
1592 LogonInfo->Password.Buffer = FIXUP_POINTER(LogonInfo->Password.Buffer, PtrOffset);
1593 LogonInfo->Password.MaximumLength = LogonInfo->Password.Length;
1594 }
1595 else
1596 {
1597 LogonInfo->Password.Buffer = NULL;
1598 LogonInfo->Password.MaximumLength = 0;
1599 }
1600
1601 /* Decode password */
1602 if (LogonPassHash > 0)
1603 {
1604 RtlRunDecodeUnicodeString(LogonPassHash, &LogonInfo->Password);
1605 }
1606
1607 /* ErasePassword will be "erased" before we return */
1608 ErasePassword = &LogonInfo->Password;
1609
1610 Status = RtlValidateUnicodeString(0, &LogonInfo->Password);
1611 if (!NT_SUCCESS(Status))
1612 return STATUS_INVALID_PARAMETER;
1613
1614 LogonUserName = &LogonInfo->UserName;
1615 LogonDomain = &LogonInfo->LogonDomainName;
1616 LogonPwdData.IsNetwork = FALSE;
1617 LogonPwdData.PlainPwd = &LogonInfo->Password;
1618 LogonPwdData.ComputerName = &ComputerName;
1619
1620 TRACE("Domain: %wZ\n", &LogonInfo->LogonDomainName);
1621 TRACE("User: %wZ\n", &LogonInfo->UserName);
1622 TRACE("Password: %wZ\n", &LogonInfo->Password);
1623
1624 // TODO: If LogonType == Service, do some extra work using LogonInfo->Password.
1625 }
1626 else if (LogonType == Network)
1627 {
1628 Status = LsaApLogonUserEx2_Network(ClientRequest,
1629 ProtocolSubmitBuffer,
1630 ClientBufferBase,
1631 SubmitBufferSize,
1632 &ComputerName,
1633 &LogonUserName,
1634 &LogonDomain,
1635 &LogonPwdData,
1636 &UserHandle,
1637 &UserInfo,
1638 &AccountDomainSid,
1639 &SpecialAccount,
1640 (PMSV1_0_LM20_LOGON_PROFILE*)ProfileBuffer,
1641 ProfileBufferSize,
1642 SubStatus);
1643 if (!NT_SUCCESS(Status))
1644 goto done;
1645 }
1646 else
1647 {
1648 FIXME("LogonType %lu is not supported yet!\n", LogonType);
1649 return STATUS_NOT_IMPLEMENTED;
1650 }
1651 // TODO: Add other LogonType validity checks.
1652
1653 Status = SamValidateUser(LogonType,
1654 LogonUserName,
1655 LogonDomain,
1656 &LogonPwdData,
1657 &ComputerName,
1658 &SpecialAccount,
1659 &AccountDomainSid,
1660 &UserHandle,
1661 &UserInfo,
1662 SubStatus);
1663 if (!NT_SUCCESS(Status))
1664 goto done;
1665
1666 /* Return logon information */
1667
1668 /* Create and return a new logon id */
1669 Status = NtAllocateLocallyUniqueId(LogonId);
1670 if (!NT_SUCCESS(Status))
1671 {
1672 TRACE("NtAllocateLocallyUniqueId failed (Status %08lx)\n", Status);
1673 goto done;
1674 }
1675
1676 /* Create the logon session */
1677 Status = DispatchTable.CreateLogonSession(LogonId);
1678 if (!NT_SUCCESS(Status))
1679 {
1680 TRACE("CreateLogonSession failed (Status %08lx)\n", Status);
1681 goto done;
1682 }
1683
1684 SessionCreated = TRUE;
1685
1686 LogonEntry = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(LOGON_LIST_ENTRY));
1687 if (LogonEntry)
1688 {
1689 RtlCopyMemory(&LogonEntry->LogonId, LogonId, sizeof(LUID));
1690 LogonEntry->EnumHandle = EnumCounter;
1691 EnumCounter++;
1692
1693 TRACE("Logon User: %wZ %wZ %lx\n", LogonUserName, LogonDomain, LogonId->LowPart);
1694 LogonEntry->UserName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, LogonUserName->MaximumLength);
1695 if (LogonEntry->UserName.Buffer)
1696 {
1697 LogonEntry->UserName.MaximumLength = LogonUserName->MaximumLength;
1698 RtlCopyUnicodeString(&LogonEntry->UserName, LogonUserName);
1699 }
1700
1701 LogonEntry->LogonDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, LogonDomain->MaximumLength);
1702 if (LogonEntry->LogonDomainName.Buffer)
1703 {
1704 LogonEntry->LogonDomainName.MaximumLength = LogonDomain->MaximumLength;
1705 RtlCopyUnicodeString(&LogonEntry->LogonDomainName, LogonDomain);
1706 }
1707
1708 LogonEntry->LogonServer.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, ComputerName.MaximumLength);
1709 if (LogonEntry->LogonServer.Buffer)
1710 {
1711 LogonEntry->LogonServer.MaximumLength = ComputerName.MaximumLength;
1712 RtlCopyUnicodeString(&LogonEntry->LogonServer, &ComputerName);
1713 }
1714
1715 LogonEntry->LogonType = LogonType;
1716
1717 RtlAcquireResourceExclusive(&LogonListResource, TRUE);
1718 InsertTailList(&LogonListHead, &LogonEntry->ListEntry);
1719 RtlReleaseResource(&LogonListResource);
1720 }
1721
1722 if (LogonType == Interactive || LogonType == Batch || LogonType == Service)
1723 {
1724 /* Build and fill the interactive profile buffer */
1725 Status = BuildInteractiveProfileBuffer(ClientRequest,
1726 UserInfo,
1727 ComputerName.Buffer,
1728 (PMSV1_0_INTERACTIVE_PROFILE*)ProfileBuffer,
1729 ProfileBufferSize);
1730 if (!NT_SUCCESS(Status))
1731 {
1732 TRACE("BuildInteractiveProfileBuffer failed (Status %08lx)\n", Status);
1733 goto done;
1734 }
1735 }
1736 else if (LogonType == Network)
1737 {
1738 //FIXME: no need to do anything, its already done ...
1739 }
1740
1741 /* Return the token information type */
1742 *TokenInformationType = LsaTokenInformationV1;
1743
1744 /* Build and fill the token information buffer */
1745 Status = BuildTokenInformationBuffer((PLSA_TOKEN_INFORMATION_V1*)TokenInformation,
1746 AccountDomainSid,
1747 UserInfo,
1748 SpecialAccount);
1749 if (!NT_SUCCESS(Status))
1750 {
1751 TRACE("BuildTokenInformationBuffer failed (Status %08lx)\n", Status);
1752 goto done;
1753 }
1754
1755done:
1756 /* Erase password */
1757 if (ErasePassword)
1758 {
1759 RtlEraseUnicodeString(ErasePassword);
1760 }
1761
1762 /* Update the logon time/count or the bad password time/count */
1763 if ((UserHandle != NULL) &&
1764 (Status == STATUS_SUCCESS || Status == STATUS_WRONG_PASSWORD))
1765 {
1766 SAMPR_USER_INFO_BUFFER InternalInfo;
1767
1768 RtlZeroMemory(&InternalInfo, sizeof(InternalInfo));
1769
1770 if (Status == STATUS_SUCCESS)
1771 InternalInfo.Internal2.Flags = USER_LOGON_SUCCESS;
1772 else
1773 InternalInfo.Internal2.Flags = USER_LOGON_BAD_PASSWORD;
1774
1775 SamrSetInformationUser(UserHandle,
1776 UserInternal2Information,
1777 &InternalInfo);
1778 }
1779
1780 if (NT_SUCCESS(Status))
1781 {
1782 /* Return the account name */
1783 *AccountName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1784 if ((LogonUserName != NULL) &&
1785 (*AccountName != NULL))
1786 {
1787 (*AccountName)->Buffer = DispatchTable.AllocateLsaHeap(LogonUserName->Length +
1788 sizeof(UNICODE_NULL));
1789 if ((*AccountName)->Buffer != NULL)
1790 {
1791 (*AccountName)->MaximumLength = LogonUserName->Length +
1792 sizeof(UNICODE_NULL);
1793 RtlCopyUnicodeString(*AccountName, LogonUserName);
1794 }
1795 }
1796
1797 /* Return the authenticating authority */
1798 *AuthenticatingAuthority = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1799 if ((LogonDomain != NULL) &&
1800 (*AuthenticatingAuthority != NULL))
1801 {
1802 (*AuthenticatingAuthority)->Buffer = DispatchTable.AllocateLsaHeap(LogonDomain->Length +
1803 sizeof(UNICODE_NULL));
1804 if ((*AuthenticatingAuthority)->Buffer != NULL)
1805 {
1806 (*AuthenticatingAuthority)->MaximumLength = LogonDomain->Length +
1807 sizeof(UNICODE_NULL);
1808 RtlCopyUnicodeString(*AuthenticatingAuthority, LogonDomain);
1809 }
1810 }
1811
1812 /* Return the machine name */
1813 *MachineName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1814 if (*MachineName != NULL)
1815 {
1816 (*MachineName)->Buffer = DispatchTable.AllocateLsaHeap(ComputerName.MaximumLength);
1817 if ((*MachineName)->Buffer != NULL)
1818 {
1819 (*MachineName)->MaximumLength = ComputerName.MaximumLength;
1820 (*MachineName)->Length = ComputerName.Length;
1821 RtlCopyMemory((*MachineName)->Buffer,
1822 ComputerName.Buffer,
1823 ComputerName.MaximumLength);
1824 }
1825 }
1826 }
1827
1828 if (!NT_SUCCESS(Status))
1829 {
1830 if (SessionCreated != FALSE)
1831 DispatchTable.DeleteLogonSession(LogonId);
1832
1833 if (*ProfileBuffer != NULL)
1834 {
1835 DispatchTable.FreeClientBuffer(ClientRequest,
1836 *ProfileBuffer);
1837 *ProfileBuffer = NULL;
1838 }
1839 }
1840
1841 if (UserHandle != NULL)
1842 SamrCloseHandle(&UserHandle);
1843
1844 SamIFree_SAMPR_USER_INFO_BUFFER(UserInfo,
1845 UserAllInformation);
1846
1847 if (AccountDomainSid != NULL)
1848 RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);
1849
1850 if (Status == STATUS_NO_SUCH_USER ||
1851 Status == STATUS_WRONG_PASSWORD)
1852 {
1853 *SubStatus = Status;
1854 Status = STATUS_LOGON_FAILURE;
1855 }
1856
1857 TRACE("LsaApLogonUserEx2 done (Status 0x%08lx, SubStatus 0x%08lx)\n", Status, *SubStatus);
1858
1859 return Status;
1860}
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
LsaTokenInformationV1
@ LsaTokenInformationV1
Definition: authpackage.c:17
SamrCloseHandle
NTSTATUS __stdcall SamrCloseHandle(SAMPR_HANDLE *SamHandle)
FIXME
#define FIXME(fmt,...)
Definition: precomp.h:53
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:616
GetComputerNameW
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:446
Network
@ Network
Definition: devicetopology.idl:192
FALSE
#define FALSE
Definition: types.h:117
ARRAYSIZE
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
InsertTailList
#define InsertTailList(ListHead, Entry)
Definition: env_spec_w32.h:1003
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
LsaApLogonUserEx2_Network
static NTSTATUS LsaApLogonUserEx2_Network(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PVOID ProtocolSubmitBuffer, _In_ PVOID ClientBufferBase, _In_ ULONG SubmitBufferSize, _In_ PUNICODE_STRING ComputerName, _Out_ PUNICODE_STRING *LogonUserRef, _Out_ PUNICODE_STRING *LogonDomainRef, _Inout_ PLSA_SAM_PWD_DATA LogonPwdData, _Out_ SAMPR_HANDLE *UserHandlePtr, _Out_ PSAMPR_USER_INFO_BUFFER *UserInfoPtr, _Out_ PRPC_SID *AccountDomainSidPtr, _Out_ PBOOL SpecialAccount, _Out_ PMSV1_0_LM20_LOGON_PROFILE *LogonProfile, _Out_ PULONG LogonProfileSize, _Out_ PNTSTATUS SubStatus)
Definition: msv1_0.c:1369
BuildTokenInformationBuffer
static NTSTATUS BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1 *TokenInformation, PRPC_SID AccountDomainSid, PSAMPR_USER_INFO_BUFFER UserInfo, BOOL SpecialAccount)
Definition: msv1_0.c:485
BuildInteractiveProfileBuffer
static NTSTATUS BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PSAMPR_USER_INFO_BUFFER UserInfo, IN PWSTR ComputerName, OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer, OUT PULONG ProfileBufferLength)
Definition: msv1_0.c:63
SamIFree_SAMPR_USER_INFO_BUFFER
VOID NTAPI SamIFree_SAMPR_USER_INFO_BUFFER(PSAMPR_USER_INFO_BUFFER Ptr, USER_INFORMATION_CLASS InformationClass)
Definition: samsrv.c:540
SamrSetInformationUser
NTSTATUS NTAPI SamrSetInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, IN PSAMPR_USER_INFO_BUFFER Buffer)
Definition: samrpc.c:7848
USER_LOGON_SUCCESS
#define USER_LOGON_SUCCESS
Definition: sam.idl:649
FIXUP_POINTER
#define FIXUP_POINTER(Pointer, Offset)
Definition: msv1_0.h:9
USER_LOGON_BAD_PASSWORD
#define USER_LOGON_BAD_PASSWORD
Definition: sam.idl:648
RtlEraseUnicodeString
NTSYSAPI VOID NTAPI RtlEraseUnicodeString(_Inout_ PUNICODE_STRING String)
RtlValidateUnicodeString
NTSYSAPI NTSTATUS NTAPI RtlValidateUnicodeString(_In_ ULONG Flags, _In_ PCUNICODE_STRING String)
Definition: unicode.c:2605
RtlCopyUnicodeString
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)
UNICODE_NULL
#define UNICODE_NULL
LogonType
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
Definition: ntifs.template.h:708
SubStatus
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
Definition: ntifs.template.h:719
NtAllocateLocallyUniqueId
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:348
UserInternal2Information
@ UserInternal2Information
Definition: ntsam.h:532
UserAllInformation
@ UserAllInformation
Definition: ntsam.h:534
Interactive
@ Interactive
Definition: ntsecapi.h:289
Service
@ Service
Definition: ntsecapi.h:292
Batch
@ Batch
Definition: ntsecapi.h:291
PMSV1_0_INTERACTIVE_LOGON
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
MsV1_0WorkstationUnlockLogon
@ MsV1_0WorkstationUnlockLogon
Definition: ntsecapi.h:203
MsV1_0InteractiveLogon
@ MsV1_0InteractiveLogon
Definition: ntsecapi.h:199
STATUS_INTERNAL_ERROR
#define STATUS_INTERNAL_ERROR
Definition: ntstatus.h:465
STATUS_WRONG_PASSWORD
#define STATUS_WRONG_PASSWORD
Definition: ntstatus.h:342
STATUS_BAD_VALIDATION_CLASS
#define STATUS_BAD_VALIDATION_CLASS
Definition: ntstatus.h:403
STATUS_NO_SUCH_USER
#define STATUS_NO_SUCH_USER
Definition: ntstatus.h:336
STATUS_LOGON_FAILURE
#define STATUS_LOGON_FAILURE
Definition: ntstatus.h:345
STATUS_NAME_TOO_LONG
#define STATUS_NAME_TOO_LONG
Definition: ntstatus.h:498
SamValidateUser
NTSTATUS SamValidateUser(_In_ SECURITY_LOGON_TYPE LogonType, _In_ PUNICODE_STRING LogonUserName, _In_ PUNICODE_STRING LogonDomain, _In_ PLSA_SAM_PWD_DATA LogonPwdData, _In_ PUNICODE_STRING ComputerName, _Out_ PBOOL SpecialAccount, _Out_ PRPC_SID *AccountDomainSidPtr, _Out_ SAMPR_HANDLE *UserHandlePtr, _Out_ PSAMPR_USER_INFO_BUFFER *UserInfoPtr, _Out_ PNTSTATUS SubStatus)
Validates a user by checking if it exists in the sam database. Some other checks are done further.
Definition: sam.c:460
RtlRunDecodeUnicodeString
VOID NTAPI RtlRunDecodeUnicodeString(IN UCHAR Hash, IN OUT PUNICODE_STRING String)
Definition: encode.c:20
MachineName
_In_ DWORD _Out_ PDWORD _In_opt_ PCSTR MachineName
Definition: setupapi.h:1294
_LOGON_LIST_ENTRY::LogonType
SECURITY_LOGON_TYPE LogonType
Definition: msv1_0.c:23
_LOGON_LIST_ENTRY::EnumHandle
ULONG EnumHandle
Definition: msv1_0.c:19
_LSA_SAM_PWD_DATA
Definition: sam.h:18
_LSA_SAM_PWD_DATA::PlainPwd
PUNICODE_STRING PlainPwd
Definition: sam.h:22
_LSA_SAM_PWD_DATA::ComputerName
PUNICODE_STRING ComputerName
Definition: sam.h:26
_LSA_SAM_PWD_DATA::IsNetwork
BOOL IsNetwork
Definition: sam.h:21
_LUID
Definition: devicetopology.idl:137
_MSV1_0_INTERACTIVE_LOGON
Definition: ntsecapi.h:433
_MSV1_0_INTERACTIVE_LOGON::Password
UNICODE_STRING Password
Definition: ntsecapi.h:437
_MSV1_0_INTERACTIVE_LOGON::UserName
UNICODE_STRING UserName
Definition: ntsecapi.h:436
_MSV1_0_INTERACTIVE_LOGON::MessageType
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:434
_MSV1_0_INTERACTIVE_LOGON::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:435
_RPC_SID
Definition: msv1_0.h:13
_SAMPR_USER_INTERNAL2_INFORMATION::Flags
unsigned long Flags
Definition: msv1_0.h:71
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
_SAMPR_USER_INFO_BUFFER
Definition: msv1_0.h:116
_SAMPR_USER_INFO_BUFFER::Internal2
SAMPR_USER_INTERNAL2_INFORMATION Internal2
Definition: msv1_0.h:137
MAX_COMPUTERNAME_LENGTH
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:269

◆ LsaApLogonUserEx2_Network()

static NTSTATUS LsaApLogonUserEx2_Network ( _In_ PLSA_CLIENT_REQUEST  ClientRequest,
_In_ PVOID  ProtocolSubmitBuffer,
_In_ PVOID  ClientBufferBase,
_In_ ULONG  SubmitBufferSize,
_In_ PUNICODE_STRING  ComputerName,
_Out_ PUNICODE_STRING LogonUserRef,
_Out_ PUNICODE_STRING LogonDomainRef,
_Inout_ PLSA_SAM_PWD_DATA  LogonPwdData,
_Out_ SAMPR_HANDLE UserHandlePtr,
_Out_ PSAMPR_USER_INFO_BUFFER UserInfoPtr,
_Out_ PRPC_SID AccountDomainSidPtr,
_Out_ PBOOL  SpecialAccount,
_Out_ PMSV1_0_LM20_LOGON_PROFILE LogonProfile,
_Out_ PULONG  LogonProfileSize,
_Out_ PNTSTATUS  SubStatus 
)
static

Definition at line 1369 of file msv1_0.c.

1385{
1386 NTSTATUS Status;
1387 PMSV1_0_LM20_LOGON LogonInfo;
1388 ULONG_PTR PtrOffset;
1389
1390 *LogonProfile = NULL;
1391 *LogonProfileSize = 0;
1392 *UserInfoPtr = NULL;
1393 *AccountDomainSidPtr = NULL;
1394 *SpecialAccount = FALSE;
1395 LogonInfo = ProtocolSubmitBuffer;
1396
1397 if (SubmitBufferSize < sizeof(MSV1_0_LM20_LOGON))
1398 {
1399 ERR("Invalid SubmitBufferSize %lu\n", SubmitBufferSize);
1400 return STATUS_INVALID_PARAMETER;
1401 }
1402
1403 /* Fix-up pointers in the authentication info */
1404 PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
1405
1406 if ((!NtlmFixupAndValidateUStr(&LogonInfo->LogonDomainName, PtrOffset)) ||
1407 (!NtlmFixupAndValidateUStr(&LogonInfo->UserName, PtrOffset)) ||
1408 (!NtlmFixupAndValidateUStr(&LogonInfo->Workstation, PtrOffset)) ||
1409 (!NtlmFixupAStr(&LogonInfo->CaseSensitiveChallengeResponse, PtrOffset)) ||
1410 (!NtlmFixupAStr(&LogonInfo->CaseInsensitiveChallengeResponse, PtrOffset)))
1411 {
1412 return STATUS_INVALID_PARAMETER;
1413 }
1414
1415 LogonPwdData->IsNetwork = TRUE;
1416 LogonPwdData->LogonInfo = LogonInfo;
1417 LogonPwdData->ComputerName = ComputerName;
1418 Status = SamValidateUser(Network,
1419 &LogonInfo->UserName,
1420 &LogonInfo->LogonDomainName,
1421 LogonPwdData,
1422 ComputerName,
1423 SpecialAccount,
1424 AccountDomainSidPtr,
1425 UserHandlePtr,
1426 UserInfoPtr,
1427 SubStatus);
1428 if (!NT_SUCCESS(Status))
1429 {
1430 ERR("SamValidateUser failed with 0x%lx\n", Status);
1431 return Status;
1432 }
1433
1434 if (LogonInfo->ParameterControl & MSV1_0_RETURN_PROFILE_PATH)
1435 {
1436 Status = BuildLm20LogonProfileBuffer(ClientRequest,
1437 *UserInfoPtr,
1438 LogonPwdData,
1439 LogonProfile,
1440 LogonProfileSize);
1441 if (!NT_SUCCESS(Status))
1442 {
1443 ERR("BuildLm20LogonProfileBuffer failed with 0x%lx\n", Status);
1444 return Status;
1445 }
1446 }
1447
1448 *LogonUserRef = &LogonInfo->UserName;
1449 *LogonDomainRef = &LogonInfo->LogonDomainName;
1450
1451 return Status;
1452}
NtlmFixupAndValidateUStr
bool NtlmFixupAndValidateUStr(_Inout_ PUNICODE_STRING String, _In_ ULONG_PTR FixupOffset)
Definition: util.c:223
NtlmFixupAStr
bool NtlmFixupAStr(_Inout_ PSTRING String, _In_ ULONG_PTR FixupOffset)
Definition: util.c:245
BuildLm20LogonProfileBuffer
static NTSTATUS BuildLm20LogonProfileBuffer(_In_ PLSA_CLIENT_REQUEST ClientRequest, _In_ PSAMPR_USER_INFO_BUFFER UserInfo, _In_ PLSA_SAM_PWD_DATA LogonPwdData, _Out_ PMSV1_0_LM20_LOGON_PROFILE *ProfileBuffer, _Out_ PULONG ProfileBufferLength)
Definition: msv1_0.c:219
MSV1_0_RETURN_PROFILE_PATH
#define MSV1_0_RETURN_PROFILE_PATH
Definition: ntsecapi.h:47
_MSV1_0_LM20_LOGON
Definition: ntsecapi.h:457
_MSV1_0_LM20_LOGON::UserName
UNICODE_STRING UserName
Definition: ntsecapi.h:460
_MSV1_0_LM20_LOGON::CaseInsensitiveChallengeResponse
STRING CaseInsensitiveChallengeResponse
Definition: ntsecapi.h:464
_MSV1_0_LM20_LOGON::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:459
_MSV1_0_LM20_LOGON::Workstation
UNICODE_STRING Workstation
Definition: ntsecapi.h:461
_MSV1_0_LM20_LOGON::ParameterControl
ULONG ParameterControl
Definition: ntsecapi.h:465
_MSV1_0_LM20_LOGON::CaseSensitiveChallengeResponse
STRING CaseSensitiveChallengeResponse
Definition: ntsecapi.h:463

Referenced by LsaApLogonUserEx2().

◆ MsvpChangePassword()

static NTSTATUS MsvpChangePassword ( IN PLSA_CLIENT_REQUEST  ClientRequest,
IN PVOID  ProtocolSubmitBuffer,
IN PVOID  ClientBufferBase,
IN ULONG  SubmitBufferLength,
OUT PVOID ProtocolReturnBuffer,
OUT PULONG  ReturnBufferLength,
OUT PNTSTATUS  ProtocolStatus 
)
static

Definition at line 570 of file msv1_0.c.

577{
578 NTSTATUS Status;
579 PMSV1_0_CHANGEPASSWORD_REQUEST RequestBuffer;
580 ULONG_PTR PtrOffset;
581
582 SAMPR_HANDLE ServerHandle = NULL;
583 SAMPR_HANDLE DomainHandle = NULL;
584 SAMPR_HANDLE UserHandle = NULL;
585 PRPC_SID DomainSid = NULL;
586 RPC_UNICODE_STRING Names[1];
587 SAMPR_ULONG_ARRAY RelativeIds = {0, NULL};
588 SAMPR_ULONG_ARRAY Use = {0, NULL};
589
590 ENCRYPTED_NT_OWF_PASSWORD OldNtPassword;
591 ENCRYPTED_NT_OWF_PASSWORD NewNtPassword;
592 ENCRYPTED_LM_OWF_PASSWORD OldLmPassword;
593 ENCRYPTED_LM_OWF_PASSWORD NewLmPassword;
594 OEM_STRING LmPwdString;
595 CHAR LmPwdBuffer[15];
596 BOOLEAN OldLmPasswordPresent = FALSE;
597 BOOLEAN NewLmPasswordPresent = FALSE;
598
599 ENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm;
600 ENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm;
601 ENCRYPTED_LM_OWF_PASSWORD OldNtEncryptedWithNewNt;
602 ENCRYPTED_LM_OWF_PASSWORD NewNtEncryptedWithOldNt;
603 PENCRYPTED_LM_OWF_PASSWORD pOldLmEncryptedWithNewLm = NULL;
604 PENCRYPTED_LM_OWF_PASSWORD pNewLmEncryptedWithOldLm = NULL;
605
606 TRACE("MsvpChangePassword()\n");
607
608 /* Parameters validation */
609
610 if (SubmitBufferLength < sizeof(MSV1_0_CHANGEPASSWORD_REQUEST))
611 {
612 ERR("Invalid SubmitBufferLength %lu\n", SubmitBufferLength);
613 return STATUS_INVALID_PARAMETER;
614 }
615
616 RequestBuffer = (PMSV1_0_CHANGEPASSWORD_REQUEST)ProtocolSubmitBuffer;
617
618 /* Fix-up pointers in the request buffer info */
619 PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
620
621 Status = RtlValidateUnicodeString(0, &RequestBuffer->DomainName);
622 if (!NT_SUCCESS(Status))
623 return STATUS_INVALID_PARAMETER;
624 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
625 RequestBuffer->DomainName.Buffer = FIXUP_POINTER(RequestBuffer->DomainName.Buffer, PtrOffset);
626 RequestBuffer->DomainName.MaximumLength = RequestBuffer->DomainName.Length;
627
628 Status = RtlValidateUnicodeString(0, &RequestBuffer->AccountName);
629 if (!NT_SUCCESS(Status))
630 return STATUS_INVALID_PARAMETER;
631 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
632 RequestBuffer->AccountName.Buffer = FIXUP_POINTER(RequestBuffer->AccountName.Buffer, PtrOffset);
633 RequestBuffer->AccountName.MaximumLength = RequestBuffer->AccountName.Length;
634
635 Status = RtlValidateUnicodeString(0, &RequestBuffer->OldPassword);
636 if (!NT_SUCCESS(Status))
637 return STATUS_INVALID_PARAMETER;
638 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
639 RequestBuffer->OldPassword.Buffer = FIXUP_POINTER(RequestBuffer->OldPassword.Buffer, PtrOffset);
640 RequestBuffer->OldPassword.MaximumLength = RequestBuffer->OldPassword.Length;
641
642 Status = RtlValidateUnicodeString(0, &RequestBuffer->NewPassword);
643 if (!NT_SUCCESS(Status))
644 return STATUS_INVALID_PARAMETER;
645 // TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
646 RequestBuffer->NewPassword.Buffer = FIXUP_POINTER(RequestBuffer->NewPassword.Buffer, PtrOffset);
647 RequestBuffer->NewPassword.MaximumLength = RequestBuffer->NewPassword.Length;
648
649 TRACE("Domain: %S\n", RequestBuffer->DomainName.Buffer);
650 TRACE("Account: %S\n", RequestBuffer->AccountName.Buffer);
651 TRACE("Old Password: %S\n", RequestBuffer->OldPassword.Buffer);
652 TRACE("New Password: %S\n", RequestBuffer->NewPassword.Buffer);
653
654 /* Connect to the SAM server */
655 Status = SamIConnect(NULL,
656 &ServerHandle,
657 SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
658 TRUE);
659 if (!NT_SUCCESS(Status))
660 {
661 TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status);
662 goto done;
663 }
664
665 /* Get the domain SID */
666 Status = SamrLookupDomainInSamServer(ServerHandle,
667 (PRPC_UNICODE_STRING)&RequestBuffer->DomainName,
668 &DomainSid);
669 if (!NT_SUCCESS(Status))
670 {
671 TRACE("SamrLookupDomainInSamServer failed (Status %08lx)\n", Status);
672 goto done;
673 }
674
675 /* Open the domain */
676 Status = SamrOpenDomain(ServerHandle,
677 DOMAIN_LOOKUP,
678 DomainSid,
679 &DomainHandle);
680 if (!NT_SUCCESS(Status))
681 {
682 TRACE("SamrOpenDomain failed (Status %08lx)\n", Status);
683 goto done;
684 }
685
686 Names[0].Length = RequestBuffer->AccountName.Length;
687 Names[0].MaximumLength = RequestBuffer->AccountName.MaximumLength;
688 Names[0].Buffer = RequestBuffer->AccountName.Buffer;
689
690 /* Try to get the RID for the user name */
691 Status = SamrLookupNamesInDomain(DomainHandle,
692 1,
693 Names,
694 &RelativeIds,
695 &Use);
696 if (!NT_SUCCESS(Status))
697 {
698 TRACE("SamrLookupNamesInDomain failed (Status %08lx)\n", Status);
699 Status = STATUS_NO_SUCH_USER;
700 goto done;
701 }
702
703 /* Fail, if it is not a user account */
704 if (Use.Element[0] != SidTypeUser)
705 {
706 TRACE("Account is not a user account!\n");
707 Status = STATUS_NO_SUCH_USER;
708 goto done;
709 }
710
711 /* Open the user object */
712 Status = SamrOpenUser(DomainHandle,
713 USER_CHANGE_PASSWORD,
714 RelativeIds.Element[0],
715 &UserHandle);
716 if (!NT_SUCCESS(Status))
717 {
718 TRACE("SamrOpenUser failed (Status %08lx)\n", Status);
719 goto done;
720 }
721
722
723 /* Calculate the NT hash for the old password */
724 Status = SystemFunction007(&RequestBuffer->OldPassword,
725 (LPBYTE)&OldNtPassword);
726 if (!NT_SUCCESS(Status))
727 {
728 TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
729 goto done;
730 }
731
732 /* Calculate the NT hash for the new password */
733 Status = SystemFunction007(&RequestBuffer->NewPassword,
734 (LPBYTE)&NewNtPassword);
735 if (!NT_SUCCESS(Status))
736 {
737 TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
738 goto done;
739 }
740
741 /* Calculate the LM password and hash for the old password */
742 LmPwdString.Length = 15;
743 LmPwdString.MaximumLength = 15;
744 LmPwdString.Buffer = LmPwdBuffer;
745 ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
746
747 Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
748 &RequestBuffer->OldPassword,
749 FALSE);
750 if (NT_SUCCESS(Status))
751 {
752 /* Calculate the LM hash value of the password */
753 Status = SystemFunction006(LmPwdString.Buffer,
754 (LPSTR)&OldLmPassword);
755 if (NT_SUCCESS(Status))
756 {
757 OldLmPasswordPresent = TRUE;
758 }
759 }
760
761 /* Calculate the LM password and hash for the new password */
762 LmPwdString.Length = 15;
763 LmPwdString.MaximumLength = 15;
764 LmPwdString.Buffer = LmPwdBuffer;
765 ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
766
767 Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
768 &RequestBuffer->NewPassword,
769 FALSE);
770 if (NT_SUCCESS(Status))
771 {
772 /* Calculate the LM hash value of the password */
773 Status = SystemFunction006(LmPwdString.Buffer,
774 (LPSTR)&NewLmPassword);
775 if (NT_SUCCESS(Status))
776 {
777 NewLmPasswordPresent = TRUE;
778 }
779 }
780
781 /* Encrypt the old and new LM passwords, if they exist */
782 if (OldLmPasswordPresent && NewLmPasswordPresent)
783 {
784 /* Encrypt the old LM password */
785 Status = SystemFunction012((const BYTE *)&OldLmPassword,
786 (const BYTE *)&NewLmPassword,
787 (LPBYTE)&OldLmEncryptedWithNewLm);
788 if (!NT_SUCCESS(Status))
789 {
790 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
791 goto done;
792 }
793
794 /* Encrypt the new LM password */
795 Status = SystemFunction012((const BYTE *)&NewLmPassword,
796 (const BYTE *)&OldLmPassword,
797 (LPBYTE)&NewLmEncryptedWithOldLm);
798 if (!NT_SUCCESS(Status))
799 {
800 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
801 goto done;
802 }
803
804 pOldLmEncryptedWithNewLm = &OldLmEncryptedWithNewLm;
805 pNewLmEncryptedWithOldLm = &NewLmEncryptedWithOldLm;
806 }
807
808 /* Encrypt the old NT password */
809 Status = SystemFunction012((const BYTE *)&OldNtPassword,
810 (const BYTE *)&NewNtPassword,
811 (LPBYTE)&OldNtEncryptedWithNewNt);
812 if (!NT_SUCCESS(Status))
813 {
814 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
815 goto done;
816 }
817
818 /* Encrypt the new NT password */
819 Status = SystemFunction012((const BYTE *)&NewNtPassword,
820 (const BYTE *)&OldNtPassword,
821 (LPBYTE)&NewNtEncryptedWithOldNt);
822 if (!NT_SUCCESS(Status))
823 {
824 TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
825 goto done;
826 }
827
828 /* Change the password */
829 Status = SamrChangePasswordUser(UserHandle,
830 OldLmPasswordPresent && NewLmPasswordPresent,
831 pOldLmEncryptedWithNewLm,
832 pNewLmEncryptedWithOldLm,
833 TRUE,
834 &OldNtEncryptedWithNewNt,
835 &NewNtEncryptedWithOldNt,
836 FALSE,
837 NULL,
838 FALSE,
839 NULL);
840 if (!NT_SUCCESS(Status))
841 {
842 TRACE("SamrChangePasswordUser failed (Status %08lx)\n", Status);
843 goto done;
844 }
845
846done:
847 if (UserHandle != NULL)
848 SamrCloseHandle(&UserHandle);
849
850 SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
851 SamIFree_SAMPR_ULONG_ARRAY(&Use);
852
853 if (DomainHandle != NULL)
854 SamrCloseHandle(&DomainHandle);
855
856 if (DomainSid != NULL)
857 SamIFreeVoid(DomainSid);
858
859 if (ServerHandle != NULL)
860 SamrCloseHandle(&ServerHandle);
861
862 return Status;
863}
Names
PWSTR Names[]
Definition: RtlGenerate8dot3Name.c:34
SamrOpenDomain
NTSTATUS __stdcall SamrOpenDomain(SAMPR_HANDLE ServerHandle, ACCESS_MASK DesiredAccess, PRPC_SID DomainId, SAMPR_HANDLE *DomainHandle)
SamIFree_SAMPR_ULONG_ARRAY
VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr)
Definition: samsrv.c:524
SamIConnect
NTSTATUS NTAPI SamIConnect(PSAMPR_SERVER_NAME ServerName, SAMPR_HANDLE *ServerHandle, ACCESS_MASK DesiredAccess, BOOLEAN Trusted)
SystemFunction006
NTSTATUS WINAPI SystemFunction006(LPCSTR password, LPSTR hash)
Definition: crypt_lmhash.c:53
SamrLookupNamesInDomain
NTSTATUS NTAPI SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle, IN ULONG Count, IN RPC_UNICODE_STRING Names[], OUT PSAMPR_ULONG_ARRAY RelativeIds, OUT PSAMPR_ULONG_ARRAY Use)
Definition: samrpc.c:3464
SidTypeUser
@ SidTypeUser
Definition: lsa.idl:118
SamrChangePasswordUser
NTSTATUS NTAPI SamrChangePasswordUser(IN SAMPR_HANDLE UserHandle, IN unsigned char LmPresent, IN PENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm, IN unsigned char NtPresent, IN PENCRYPTED_NT_OWF_PASSWORD OldNtEncryptedWithNewNt, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithOldNt, IN unsigned char NtCrossEncryptionPresent, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithNewLm, IN unsigned char LmCrossEncryptionPresent, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithNewNt)
Definition: samrpc.c:7864
SamrLookupDomainInSamServer
NTSTATUS NTAPI SamrLookupDomainInSamServer(IN SAMPR_HANDLE ServerHandle, IN PRPC_UNICODE_STRING Name, OUT PRPC_SID *DomainId)
Definition: samrpc.c:504
SamrOpenUser
NTSTATUS NTAPI SamrOpenUser(IN SAMPR_HANDLE DomainHandle, IN ACCESS_MASK DesiredAccess, IN ULONG UserId, OUT SAMPR_HANDLE *UserHandle)
SamIFreeVoid
VOID NTAPI SamIFreeVoid(PVOID Ptr)
Definition: samsrv.c:155
RtlUpcaseUnicodeStringToOemString
NTSYSAPI NTSTATUS NTAPI RtlUpcaseUnicodeStringToOemString(POEM_STRING DestinationString, PCUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
DOMAIN_LOOKUP
#define DOMAIN_LOOKUP
Definition: ntsam.h:42
SAM_SERVER_LOOKUP_DOMAIN
#define SAM_SERVER_LOOKUP_DOMAIN
Definition: ntsam.h:104
SAM_SERVER_CONNECT
#define SAM_SERVER_CONNECT
Definition: ntsam.h:99
USER_CHANGE_PASSWORD
#define USER_CHANGE_PASSWORD
Definition: ntsam.h:132
PMSV1_0_CHANGEPASSWORD_REQUEST
struct _MSV1_0_CHANGEPASSWORD_REQUEST * PMSV1_0_CHANGEPASSWORD_REQUEST
_ENCRYPTED_LM_OWF_PASSWORD
Definition: msv1_0.h:50
_LSA_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: ntsecapi.h:168
_LSA_UNICODE_STRING::Length
USHORT Length
Definition: ntsecapi.h:163
_LSA_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: ntsecapi.h:164
_MSV1_0_CHANGEPASSWORD_REQUEST
Definition: ntsecapi.h:510
_MSV1_0_CHANGEPASSWORD_REQUEST::AccountName
UNICODE_STRING AccountName
Definition: ntsecapi.h:513
_MSV1_0_CHANGEPASSWORD_REQUEST::NewPassword
UNICODE_STRING NewPassword
Definition: ntsecapi.h:515
_MSV1_0_CHANGEPASSWORD_REQUEST::OldPassword
UNICODE_STRING OldPassword
Definition: ntsecapi.h:514
_MSV1_0_CHANGEPASSWORD_REQUEST::DomainName
UNICODE_STRING DomainName
Definition: ntsecapi.h:512
_RPC_UNICODE_STRING
Definition: msv1_0.h:21
_SAMPR_ULONG_ARRAY
Definition: lsasrv.h:86
_SAMPR_ULONG_ARRAY::Element
unsigned long * Element
Definition: lsasrv.h:88
SystemFunction012
NTSTATUS WINAPI SystemFunction012(const BYTE *in, const BYTE *key, LPBYTE out)
Definition: sysfunc.c:353
SystemFunction007
NTSTATUS WINAPI SystemFunction007(const UNICODE_STRING *string, LPBYTE hash)
Definition: sysfunc.c:245
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:53
OEM_STRING
STRING OEM_STRING
Definition: umtypes.h:203
ZeroMemory
#define ZeroMemory
Definition: winbase.h:1743
LPSTR
char * LPSTR
Definition: xmlstorage.h:182
CHAR
char CHAR
Definition: xmlstorage.h:175
BYTE
unsigned char BYTE
Definition: xxhash.c:193

Referenced by LsaApCallPackage(), and LsaApCallPackageUntrusted().

◆ MsvpEnumerateUsers()

static NTSTATUS MsvpEnumerateUsers ( _In_ PLSA_CLIENT_REQUEST  ClientRequest,
_In_ PVOID  ProtocolSubmitBuffer,
_In_ PVOID  ClientBufferBase,
_In_ ULONG  SubmitBufferLength,
_Out_ PVOID ProtocolReturnBuffer,
_Out_ PULONG  ReturnBufferLength,
_Out_ PNTSTATUS  ProtocolStatus 
)
static

Definition at line 868 of file msv1_0.c.

876{
877 PMSV1_0_ENUMUSERS_RESPONSE LocalBuffer = NULL;
878 PVOID ClientBaseAddress = NULL;
879 ULONG BufferLength;
880 PLIST_ENTRY CurrentEntry;
881 PLOGON_LIST_ENTRY LogonEntry;
882 ULONG LogonCount = 0;
883 PLUID LuidPtr;
884 PULONG EnumPtr;
885 NTSTATUS Status = STATUS_SUCCESS;
886
887 TRACE("MsvpEnumerateUsers()\n");
888
889 if (SubmitBufferLength < sizeof(MSV1_0_ENUMUSERS_REQUEST))
890 {
891 ERR("Invalid SubmitBufferLength %lu\n", SubmitBufferLength);
892 return STATUS_INVALID_PARAMETER;
893 }
894
895 RtlAcquireResourceShared(&LogonListResource, TRUE);
896
897 /* Count the currently logged-on users */
898 CurrentEntry = LogonListHead.Flink;
899 while (CurrentEntry != &LogonListHead)
900 {
901 LogonEntry = CONTAINING_RECORD(CurrentEntry,
902 LOGON_LIST_ENTRY,
903 ListEntry);
904
905 TRACE("Logon %lu: 0x%08lx\n", LogonCount, LogonEntry->LogonId.LowPart);
906 LogonCount++;
907
908 CurrentEntry = CurrentEntry->Flink;
909 }
910
911 TRACE("LogonCount %lu\n", LogonCount);
912
913 BufferLength = sizeof(MSV1_0_ENUMUSERS_RESPONSE) +
914 (LogonCount * sizeof(LUID)) +
915 (LogonCount * sizeof(ULONG));
916
917 LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength);
918 if (LocalBuffer == NULL)
919 {
920 ERR("Failed to allocate the local buffer!\n");
921 Status = STATUS_INSUFFICIENT_RESOURCES;
922 goto done;
923 }
924
925 Status = DispatchTable.AllocateClientBuffer(ClientRequest,
926 BufferLength,
927 &ClientBaseAddress);
928 if (!NT_SUCCESS(Status))
929 {
930 ERR("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
931 goto done;
932 }
933
934 TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
935
936 /* Fill the local buffer */
937 LocalBuffer->MessageType = MsV1_0EnumerateUsers;
938 LocalBuffer->NumberOfLoggedOnUsers = LogonCount;
939
940 LuidPtr = (PLUID)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_ENUMUSERS_RESPONSE));
941 EnumPtr = (PULONG)((ULONG_PTR)LuidPtr + LogonCount * sizeof(LUID));
942
943 LocalBuffer->LogonIds = (PLUID)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)LuidPtr - (ULONG_PTR)LocalBuffer);
944 LocalBuffer->EnumHandles = (PULONG)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)EnumPtr - (ULONG_PTR)LocalBuffer);
945
946 /* Copy the LogonIds and EnumHandles into the local buffer */
947 CurrentEntry = LogonListHead.Flink;
948 while (CurrentEntry != &LogonListHead)
949 {
950 LogonEntry = CONTAINING_RECORD(CurrentEntry,
951 LOGON_LIST_ENTRY,
952 ListEntry);
953
954 TRACE("Logon: 0x%08lx %lu\n", LogonEntry->LogonId.LowPart, LogonEntry->EnumHandle);
955 RtlCopyMemory(LuidPtr, &LogonEntry->LogonId, sizeof(LUID));
956 LuidPtr++;
957
958 *EnumPtr = LogonEntry->EnumHandle;
959 EnumPtr++;
960
961 CurrentEntry = CurrentEntry->Flink;
962 }
963
964 Status = DispatchTable.CopyToClientBuffer(ClientRequest,
965 BufferLength,
966 ClientBaseAddress,
967 LocalBuffer);
968 if (!NT_SUCCESS(Status))
969 {
970 ERR("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
971 goto done;
972 }
973
974 *ProtocolReturnBuffer = ClientBaseAddress;
975 *ReturnBufferLength = BufferLength;
976 *ProtocolStatus = STATUS_SUCCESS;
977
978done:
979 RtlReleaseResource(&LogonListResource);
980
981 if (LocalBuffer != NULL)
982 DispatchTable.FreeLsaHeap(LocalBuffer);
983
984 if (!NT_SUCCESS(Status))
985 {
986 if (ClientBaseAddress != NULL)
987 DispatchTable.FreeClientBuffer(ClientRequest,
988 ClientBaseAddress);
989 }
990
991 return Status;
992}
PLUID
struct _LUID * PLUID
Definition: devicetopology.idl:142
LUID
struct _LUID LUID
RtlAcquireResourceShared
NTSYSAPI BOOLEAN NTAPI RtlAcquireResourceShared(_In_ PRTL_RESOURCE Resource, _In_ BOOLEAN Wait)
MSV1_0_ENUMUSERS_RESPONSE
struct _MSV1_0_ENUMUSERS_RESPONSE MSV1_0_ENUMUSERS_RESPONSE
_MSV1_0_ENUMUSERS_REQUEST
Definition: ntmsv1_0.h:9
_MSV1_0_ENUMUSERS_RESPONSE
Definition: ntmsv1_0.h:14
_MSV1_0_ENUMUSERS_RESPONSE::NumberOfLoggedOnUsers
ULONG NumberOfLoggedOnUsers
Definition: ntmsv1_0.h:16
_MSV1_0_ENUMUSERS_RESPONSE::LogonIds
PLUID LogonIds
Definition: ntmsv1_0.h:17
_MSV1_0_ENUMUSERS_RESPONSE::EnumHandles
PULONG EnumHandles
Definition: ntmsv1_0.h:18
_MSV1_0_ENUMUSERS_RESPONSE::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:15
PULONG
uint32_t * PULONG
Definition: typedefs.h:59

Referenced by LsaApCallPackage().

◆ MsvpGetUserInfo()

static NTSTATUS MsvpGetUserInfo ( _In_ PLSA_CLIENT_REQUEST  ClientRequest,
_In_ PVOID  ProtocolSubmitBuffer,
_In_ PVOID  ClientBufferBase,
_In_ ULONG  SubmitBufferLength,
_Out_ PVOID ProtocolReturnBuffer,
_Out_ PULONG  ReturnBufferLength,
_Out_ PNTSTATUS  ProtocolStatus 
)
static

Definition at line 997 of file msv1_0.c.

1005{
1006 PMSV1_0_GETUSERINFO_REQUEST RequestBuffer;
1007 PLOGON_LIST_ENTRY LogonEntry;
1008 PMSV1_0_GETUSERINFO_RESPONSE LocalBuffer = NULL;
1009 PVOID ClientBaseAddress = NULL;
1010 ULONG BufferLength;
1011 PWSTR BufferPtr;
1012 NTSTATUS Status = STATUS_SUCCESS;
1013
1014 TRACE("MsvpGetUserInfo()\n");
1015
1016 if (SubmitBufferLength < sizeof(MSV1_0_GETUSERINFO_REQUEST))
1017 {
1018 ERR("Invalid SubmitBufferLength %lu\n", SubmitBufferLength);
1019 return STATUS_INVALID_PARAMETER;
1020 }
1021
1022 RequestBuffer = (PMSV1_0_GETUSERINFO_REQUEST)ProtocolSubmitBuffer;
1023
1024 TRACE("LogonId: 0x%lx\n", RequestBuffer->LogonId.LowPart);
1025
1026 RtlAcquireResourceShared(&LogonListResource, TRUE);
1027
1028 LogonEntry = GetLogonByLogonId(&RequestBuffer->LogonId);
1029 if (LogonEntry == NULL)
1030 {
1031 ERR("No logon found for LogonId %lx\n", RequestBuffer->LogonId.LowPart);
1032 Status = STATUS_INSUFFICIENT_RESOURCES;
1033 goto done;
1034 }
1035
1036 TRACE("UserName: %wZ\n", &LogonEntry->UserName);
1037 TRACE("LogonDomain: %wZ\n", &LogonEntry->LogonDomainName);
1038 TRACE("LogonServer: %wZ\n", &LogonEntry->LogonServer);
1039
1040 BufferLength = sizeof(MSV1_0_GETUSERINFO_RESPONSE) +
1041 LogonEntry->UserName.MaximumLength +
1042 LogonEntry->LogonDomainName.MaximumLength +
1043 LogonEntry->LogonServer.MaximumLength;
1044
1045 LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength);
1046 if (LocalBuffer == NULL)
1047 {
1048 ERR("Failed to allocate the local buffer!\n");
1049 Status = STATUS_INSUFFICIENT_RESOURCES;
1050 goto done;
1051 }
1052
1053 Status = DispatchTable.AllocateClientBuffer(ClientRequest,
1054 BufferLength,
1055 &ClientBaseAddress);
1056 if (!NT_SUCCESS(Status))
1057 {
1058 ERR("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
1059 goto done;
1060 }
1061
1062 TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
1063
1064 /* Fill the local buffer */
1065 LocalBuffer->MessageType = MsV1_0GetUserInfo;
1066
1067 BufferPtr = (PWSTR)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_GETUSERINFO_RESPONSE));
1068
1069 /* UserName */
1070 LocalBuffer->UserName.Length = LogonEntry->UserName.Length;
1071 LocalBuffer->UserName.MaximumLength = LogonEntry->UserName.MaximumLength;
1072 LocalBuffer->UserName.Buffer = (PWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)BufferPtr - (ULONG_PTR)LocalBuffer);
1073
1074 RtlCopyMemory(BufferPtr, LogonEntry->UserName.Buffer, LogonEntry->UserName.MaximumLength);
1075 BufferPtr = (PWSTR)((ULONG_PTR)BufferPtr + (ULONG_PTR)LocalBuffer->UserName.MaximumLength);
1076
1077 /* LogonDomainName */
1078 LocalBuffer->LogonDomainName.Length = LogonEntry->LogonDomainName.Length;
1079 LocalBuffer->LogonDomainName.MaximumLength = LogonEntry->LogonDomainName.MaximumLength;
1080 LocalBuffer->LogonDomainName.Buffer = (PWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)BufferPtr - (ULONG_PTR)LocalBuffer);
1081
1082 RtlCopyMemory(BufferPtr, LogonEntry->LogonDomainName.Buffer, LogonEntry->LogonDomainName.MaximumLength);
1083 BufferPtr = (PWSTR)((ULONG_PTR)BufferPtr + (ULONG_PTR)LocalBuffer->LogonDomainName.MaximumLength);
1084
1085 /* LogonServer */
1086 LocalBuffer->LogonServer.Length = LogonEntry->LogonServer.Length;
1087 LocalBuffer->LogonServer.MaximumLength = LogonEntry->LogonServer.MaximumLength;
1088 LocalBuffer->LogonServer.Buffer = (PWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)BufferPtr - (ULONG_PTR)LocalBuffer);
1089
1090 RtlCopyMemory(BufferPtr, LogonEntry->LogonServer.Buffer, LogonEntry->LogonServer.MaximumLength);
1091
1092 /* Logon Type */
1093 LocalBuffer->LogonType = LogonEntry->LogonType;
1094
1095 Status = DispatchTable.CopyToClientBuffer(ClientRequest,
1096 BufferLength,
1097 ClientBaseAddress,
1098 LocalBuffer);
1099 if (!NT_SUCCESS(Status))
1100 {
1101 ERR("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
1102 goto done;
1103 }
1104
1105 *ProtocolReturnBuffer = ClientBaseAddress;
1106 *ReturnBufferLength = BufferLength;
1107 *ProtocolStatus = STATUS_SUCCESS;
1108
1109done:
1110 RtlReleaseResource(&LogonListResource);
1111
1112 if (LocalBuffer != NULL)
1113 DispatchTable.FreeLsaHeap(LocalBuffer);
1114
1115 if (!NT_SUCCESS(Status))
1116 {
1117 if (ClientBaseAddress != NULL)
1118 DispatchTable.FreeClientBuffer(ClientRequest,
1119 ClientBaseAddress);
1120 }
1121
1122 return Status;
1123}
MSV1_0_GETUSERINFO_RESPONSE
struct _MSV1_0_GETUSERINFO_RESPONSE MSV1_0_GETUSERINFO_RESPONSE
PMSV1_0_GETUSERINFO_REQUEST
struct _MSV1_0_GETUSERINFO_REQUEST * PMSV1_0_GETUSERINFO_REQUEST
_MSV1_0_GETUSERINFO_REQUEST
Definition: ntmsv1_0.h:22
_MSV1_0_GETUSERINFO_REQUEST::LogonId
LUID LogonId
Definition: ntmsv1_0.h:24
_MSV1_0_GETUSERINFO_RESPONSE
Definition: ntmsv1_0.h:28
_MSV1_0_GETUSERINFO_RESPONSE::MessageType
MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType
Definition: ntmsv1_0.h:29
_MSV1_0_GETUSERINFO_RESPONSE::UserName
UNICODE_STRING UserName
Definition: ntmsv1_0.h:31
_MSV1_0_GETUSERINFO_RESPONSE::LogonServer
UNICODE_STRING LogonServer
Definition: ntmsv1_0.h:33
_MSV1_0_GETUSERINFO_RESPONSE::LogonType
SECURITY_LOGON_TYPE LogonType
Definition: ntmsv1_0.h:34
_MSV1_0_GETUSERINFO_RESPONSE::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntmsv1_0.h:32
PWSTR
uint16_t * PWSTR
Definition: typedefs.h:56

Referenced by LsaApCallPackage().

◆ SpLsaModeInitialize()

NTSTATUS NTAPI SpLsaModeInitialize ( _In_ ULONG  LsaVersion,
_Out_ PULONG  PackageVersion,
_Out_ PSECPKG_FUNCTION_TABLE ppTables,
_Out_ PULONG  pcTables 
)

Definition at line 1868 of file msv1_0.c.

1873{
1874 TRACE("SpLsaModeInitialize(0x%lx %p %p %p)\n",
1875 LsaVersion, PackageVersion, ppTables, pcTables);
1876
1877 if (LsaVersion != SECPKG_INTERFACE_VERSION)
1878 return STATUS_INVALID_PARAMETER;
1879
1880 *PackageVersion = SECPKG_INTERFACE_VERSION;
1881
1882 *ppTables = NtlmLsaFn;
1883 *pcTables = 1;
1884
1885 return STATUS_SUCCESS;
1886}
NtlmLsaFn
SECPKG_FUNCTION_TABLE NtlmLsaFn[1]
Definition: global.c:23
SECPKG_INTERFACE_VERSION
#define SECPKG_INTERFACE_VERSION
Definition: ntsecpkg.h:34

◆ SpUserModeInitialize()

NTSTATUS WINAPI SpUserModeInitialize ( _In_ ULONG  LsaVersion,
_Out_ PULONG  PackageVersion,
_Out_ PSECPKG_USER_FUNCTION_TABLE ppTables,
_Out_ PULONG  pcTables 
)

Definition at line 1893 of file msv1_0.c.

1898{
1899 TRACE("SpUserModeInitialize(0x%lx %p %p %p)\n",
1900 LsaVersion, PackageVersion, ppTables, pcTables);
1901
1902 if (LsaVersion != SECPKG_INTERFACE_VERSION)
1903 return STATUS_INVALID_PARAMETER;
1904
1905 *PackageVersion = SECPKG_INTERFACE_VERSION;
1906
1907 *ppTables = NtlmUsrFn;
1908 *pcTables = 1;
1909
1910 return STATUS_SUCCESS;
1911}
NtlmUsrFn
SECPKG_USER_FUNCTION_TABLE NtlmUsrFn[1]
Definition: global.c:57

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( msv1_0  )

Variable Documentation

◆ EnumCounter

ULONG EnumCounter

Definition at line 31 of file msv1_0.c.

Referenced by LsaApInitializePackage(), and LsaApLogonUserEx2().

◆ LogonListHead

LIST_ENTRY LogonListHead

Definition at line 29 of file msv1_0.c.

Referenced by GetLogonByLogonId(), LsaApInitializePackage(), LsaApLogonUserEx2(), and MsvpEnumerateUsers().

◆ LogonListResource

RTL_RESOURCE LogonListResource

Definition at line 30 of file msv1_0.c.

Referenced by LsaApInitializePackage(), LsaApLogonTerminated(), LsaApLogonUserEx2(), MsvpEnumerateUsers(), and MsvpGetUserInfo().

◆ PackageInitialized

BOOL PackageInitialized = FALSE

Definition at line 28 of file msv1_0.c.

Referenced by LsaApInitializePackage().