ReactOS  0.4.13-dev-242-g611e6d7
msv1_0.c
Go to the documentation of this file.
1 /*
2  * PROJECT: Authentication Package DLL
3  * LICENSE: GPL - See COPYING in the top level directory
4  * FILE: dll/win32/msv1_0/msv1_0.c
5  * PURPOSE: Main file
6  * COPYRIGHT: Copyright 2013 Eric Kohl
7  */
8 
9 /* INCLUDES ****************************************************************/
10 
11 #include "msv1_0.h"
12 
14 
15 
16 /* GLOBALS *****************************************************************/
17 
19 
20 
21 /* FUNCTIONS ***************************************************************/
22 
23 static
26 {
27  LSAPR_HANDLE PolicyHandle = NULL;
28  PLSAPR_POLICY_INFORMATION PolicyInfo = NULL;
29  ULONG Length = 0;
31 
32  Status = LsaIOpenPolicyTrusted(&PolicyHandle);
33  if (!NT_SUCCESS(Status))
34  {
35  TRACE("LsaIOpenPolicyTrusted() failed (Status 0x%08lx)\n", Status);
36  return Status;
37  }
38 
39  Status = LsarQueryInformationPolicy(PolicyHandle,
41  &PolicyInfo);
42  if (!NT_SUCCESS(Status))
43  {
44  TRACE("LsarQueryInformationPolicy() failed (Status 0x%08lx)\n", Status);
45  goto done;
46  }
47 
49 
50  *Sid = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
51  if (*Sid == NULL)
52  {
53  ERR("Failed to allocate SID\n");
55  goto done;
56  }
57 
59 
60 done:
61  if (PolicyInfo != NULL)
63  PolicyInfo);
64 
65  if (PolicyHandle != NULL)
66  LsarClose(&PolicyHandle);
67 
68  return Status;
69 }
70 
71 
72 static
75 {
77  ULONG Length = 0;
78 
80  *Sid = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
81  if (*Sid == NULL)
82  {
83  ERR("Failed to allocate SID\n");
85  }
86 
88 
89  return STATUS_SUCCESS;
90 }
91 
92 
93 static
96  IN PSAMPR_USER_INFO_BUFFER UserInfo,
97  IN PWSTR ComputerName,
100 {
101  PMSV1_0_INTERACTIVE_PROFILE LocalBuffer = NULL;
102  PVOID ClientBaseAddress = NULL;
103  LPWSTR Ptr;
106 
107  *ProfileBuffer = NULL;
108  *ProfileBufferLength = 0;
109 
111  UserInfo->All.FullName.Length + sizeof(WCHAR) +
112  UserInfo->All.HomeDirectory.Length + sizeof(WCHAR) +
113  UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR) +
114  UserInfo->All.ScriptPath.Length + sizeof(WCHAR) +
115  UserInfo->All.ProfilePath.Length + sizeof(WCHAR) +
116  ((wcslen(ComputerName) + 3) * sizeof(WCHAR));
117 
119  if (LocalBuffer == NULL)
120  {
121  TRACE("Failed to allocate the local buffer!\n");
123  goto done;
124  }
125 
126  Status = DispatchTable.AllocateClientBuffer(ClientRequest,
127  BufferLength,
128  &ClientBaseAddress);
129  if (!NT_SUCCESS(Status))
130  {
131  TRACE("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
132  goto done;
133  }
134 
135  TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
136 
137  Ptr = (LPWSTR)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_INTERACTIVE_PROFILE));
138 
139  LocalBuffer->MessageType = MsV1_0InteractiveProfile;
140  LocalBuffer->LogonCount = UserInfo->All.LogonCount;
141  LocalBuffer->BadPasswordCount = UserInfo->All.BadPasswordCount;
142 
143  LocalBuffer->LogonTime.LowPart = UserInfo->All.LastLogon.LowPart;
144  LocalBuffer->LogonTime.HighPart = UserInfo->All.LastLogon.HighPart;
145 
146  LocalBuffer->LogoffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
147  LocalBuffer->LogoffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
148 
149  LocalBuffer->KickOffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
150  LocalBuffer->KickOffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
151 
152  LocalBuffer->PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart;
153  LocalBuffer->PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart;
154 
155  LocalBuffer->PasswordCanChange.LowPart = UserInfo->All.PasswordCanChange.LowPart;
156  LocalBuffer->PasswordCanChange.HighPart = UserInfo->All.PasswordCanChange.HighPart;
157 
158  LocalBuffer->PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart;
159  LocalBuffer->PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart;
160 
161  LocalBuffer->LogonScript.Length = UserInfo->All.ScriptPath.Length;
162  LocalBuffer->LogonScript.MaximumLength = UserInfo->All.ScriptPath.Length + sizeof(WCHAR);
163  LocalBuffer->LogonScript.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
164  memcpy(Ptr,
165  UserInfo->All.ScriptPath.Buffer,
166  UserInfo->All.ScriptPath.Length);
167 
168  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->LogonScript.MaximumLength);
169 
170  LocalBuffer->HomeDirectory.Length = UserInfo->All.HomeDirectory.Length;
171  LocalBuffer->HomeDirectory.MaximumLength = UserInfo->All.HomeDirectory.Length + sizeof(WCHAR);
172  LocalBuffer->HomeDirectory.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
173  memcpy(Ptr,
174  UserInfo->All.HomeDirectory.Buffer,
175  UserInfo->All.HomeDirectory.Length);
176 
177  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectory.MaximumLength);
178 
179  LocalBuffer->FullName.Length = UserInfo->All.FullName.Length;
180  LocalBuffer->FullName.MaximumLength = UserInfo->All.FullName.Length + sizeof(WCHAR);
181  LocalBuffer->FullName.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
182  memcpy(Ptr,
183  UserInfo->All.FullName.Buffer,
184  UserInfo->All.FullName.Length);
185  TRACE("FullName.Buffer: %p\n", LocalBuffer->FullName.Buffer);
186 
187  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->FullName.MaximumLength);
188 
189  LocalBuffer->ProfilePath.Length = UserInfo->All.ProfilePath.Length;
190  LocalBuffer->ProfilePath.MaximumLength = UserInfo->All.ProfilePath.Length + sizeof(WCHAR);
191  LocalBuffer->ProfilePath.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
192  memcpy(Ptr,
193  UserInfo->All.ProfilePath.Buffer,
194  UserInfo->All.ProfilePath.Length);
195 
196  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->ProfilePath.MaximumLength);
197 
198  LocalBuffer->HomeDirectoryDrive.Length = UserInfo->All.HomeDirectoryDrive.Length;
199  LocalBuffer->HomeDirectoryDrive.MaximumLength = UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR);
200  LocalBuffer->HomeDirectoryDrive.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
201  memcpy(Ptr,
202  UserInfo->All.HomeDirectoryDrive.Buffer,
203  UserInfo->All.HomeDirectoryDrive.Length);
204 
206 
207  LocalBuffer->LogonServer.Length = (wcslen(ComputerName) + 2) * sizeof(WCHAR);
208  LocalBuffer->LogonServer.MaximumLength = LocalBuffer->LogonServer.Length + sizeof(WCHAR);
209  LocalBuffer->LogonServer.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
210  wcscpy(Ptr, L"\\");
211  wcscat(Ptr, ComputerName);
212 
213  LocalBuffer->UserFlags = 0;
214 
215  Status = DispatchTable.CopyToClientBuffer(ClientRequest,
216  BufferLength,
217  ClientBaseAddress,
218  LocalBuffer);
219  if (!NT_SUCCESS(Status))
220  {
221  TRACE("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
222  goto done;
223  }
224 
225  *ProfileBuffer = (PMSV1_0_INTERACTIVE_PROFILE)ClientBaseAddress;
227 
228 done:
229  if (LocalBuffer != NULL)
230  DispatchTable.FreeLsaHeap(LocalBuffer);
231 
232  if (!NT_SUCCESS(Status))
233  {
234  if (ClientBaseAddress != NULL)
235  DispatchTable.FreeClientBuffer(ClientRequest,
236  ClientBaseAddress);
237  }
238 
239  return Status;
240 }
241 
242 
243 static
244 PSID
246  ULONG Rid)
247 {
248  PSID DstSid = NULL;
249  UCHAR RidCount;
250 
251  RidCount = *RtlSubAuthorityCountSid(SrcSid);
252  if (RidCount >= 8)
253  return NULL;
254 
255  DstSid = DispatchTable.AllocateLsaHeap(RtlLengthRequiredSid(RidCount + 1));
256  if (DstSid == NULL)
257  return NULL;
258 
259  RtlCopyMemory(DstSid,
260  SrcSid,
261  RtlLengthRequiredSid(RidCount));
262 
263  *RtlSubAuthorityCountSid(DstSid) = RidCount + 1;
264  *RtlSubAuthoritySid(DstSid, RidCount) = Rid;
265 
266  return DstSid;
267 }
268 
269 
270 static
271 NTSTATUS
274  IN ULONG RelativeId)
275 {
276  User->User.Sid = AppendRidToSid(AccountDomainSid,
277  RelativeId);
278  if (User->User.Sid == NULL)
279  {
280  ERR("Could not create the user SID\n");
282  }
283 
284  User->User.Attributes = 0;
285 
286  return STATUS_SUCCESS;
287 }
288 
289 
290 static
291 NTSTATUS
294  IN ULONG RelativeId)
295 {
297  RelativeId);
298  if (PrimaryGroup->PrimaryGroup == NULL)
299  {
300  ERR("Could not create the primary group SID\n");
302  }
303 
304  return STATUS_SUCCESS;
305 }
306 
307 
308 static
309 NTSTATUS
312  IN ULONG RelativeId,
313  IN BOOL SpecialAccount)
314 {
317  DWORD GroupCount = 0;
318  DWORD MaxGroups = 2;
319  PSID Sid;
321 
322  if (SpecialAccount)
323  MaxGroups++;
324 
326  MaxGroups * sizeof(SID_AND_ATTRIBUTES));
327  if (TokenGroups == NULL)
328  {
330  }
331 
332  if (SpecialAccount)
333  {
334  /* Self */
335  Sid = AppendRidToSid(AccountDomainSid, RelativeId);
336  if (Sid == NULL)
337  {
338 
339  }
340 
341  TokenGroups->Groups[GroupCount].Sid = Sid;
342  TokenGroups->Groups[GroupCount].Attributes =
344  GroupCount++;
345 
346  /* Member of 'Users' alias */
348  2,
357  &Sid);
358  TokenGroups->Groups[GroupCount].Sid = Sid;
359  TokenGroups->Groups[GroupCount].Attributes =
361  GroupCount++;
362  }
363  else
364  {
365  /* Member of the domains users group */
367  if (Sid == NULL)
368  {
369 
370  }
371 
372  TokenGroups->Groups[GroupCount].Sid = Sid;
373  TokenGroups->Groups[GroupCount].Attributes =
375  GroupCount++;
376  }
377 
378  /* Member of 'Authenticated users' */
380  1,
389  &Sid);
390  TokenGroups->Groups[GroupCount].Sid = Sid;
391  TokenGroups->Groups[GroupCount].Attributes =
393  GroupCount++;
394 
395  TokenGroups->GroupCount = GroupCount;
396  ASSERT(TokenGroups->GroupCount <= MaxGroups);
397 
398  *Groups = TokenGroups;
399 
400  return Status;
401 }
402 
403 
404 static
405 NTSTATUS
408  PSAMPR_USER_INFO_BUFFER UserInfo,
409  BOOL SpecialAccount)
410 {
412  ULONG i;
414 
416  if (Buffer == NULL)
417  {
418  WARN("Failed to allocate the local buffer!\n");
420  goto done;
421  }
422 
423  Buffer->ExpirationTime.LowPart = UserInfo->All.AccountExpires.LowPart;
424  Buffer->ExpirationTime.HighPart = UserInfo->All.AccountExpires.HighPart;
425 
426  Status = BuildTokenUser(&Buffer->User,
428  UserInfo->All.UserId);
429  if (!NT_SUCCESS(Status))
430  {
431  WARN("BuildTokenUser() failed (Status 0x%08lx)\n", Status);
432  goto done;
433  }
434 
435  Status = BuildTokenPrimaryGroup(&Buffer->PrimaryGroup,
437  UserInfo->All.PrimaryGroupId);
438  if (!NT_SUCCESS(Status))
439  {
440  WARN("BuildTokenPrimaryGroup() failed (Status 0x%08lx)\n", Status);
441  goto done;
442  }
443 
444  Status = BuildTokenGroups(&Buffer->Groups,
446  UserInfo->All.UserId,
447  SpecialAccount);
448  if (!NT_SUCCESS(Status))
449  {
450  WARN("BuildTokenGroups() failed (Status 0x%08lx)\n", Status);
451  goto done;
452  }
453 
454  *TokenInformation = Buffer;
455 
456 done:
457  if (!NT_SUCCESS(Status))
458  {
459  if (Buffer != NULL)
460  {
461  if (Buffer->User.User.Sid != NULL)
462  DispatchTable.FreeLsaHeap(Buffer->User.User.Sid);
463 
464  if (Buffer->Groups != NULL)
465  {
466  for (i = 0; i < Buffer->Groups->GroupCount; i++)
467  {
468  if (Buffer->Groups->Groups[i].Sid != NULL)
469  DispatchTable.FreeLsaHeap(Buffer->Groups->Groups[i].Sid);
470  }
471 
473  }
474 
475  if (Buffer->PrimaryGroup.PrimaryGroup != NULL)
476  DispatchTable.FreeLsaHeap(Buffer->PrimaryGroup.PrimaryGroup);
477 
478  if (Buffer->DefaultDacl.DefaultDacl != NULL)
479  DispatchTable.FreeLsaHeap(Buffer->DefaultDacl.DefaultDacl);
480 
482  }
483  }
484 
485  return Status;
486 }
487 
488 
489 static
490 NTSTATUS
492  IN PVOID ProtocolSubmitBuffer,
493  IN PVOID ClientBufferBase,
494  IN ULONG SubmitBufferLength,
495  OUT PVOID *ProtocolReturnBuffer,
496  OUT PULONG ReturnBufferLength,
498 {
499  PMSV1_0_CHANGEPASSWORD_REQUEST RequestBuffer;
501 
502  SAMPR_HANDLE ServerHandle = NULL;
503  SAMPR_HANDLE DomainHandle = NULL;
504  SAMPR_HANDLE UserHandle = NULL;
505  PRPC_SID DomainSid = NULL;
507  SAMPR_ULONG_ARRAY RelativeIds = {0, NULL};
508  SAMPR_ULONG_ARRAY Use = {0, NULL};
510 
511  ENCRYPTED_NT_OWF_PASSWORD OldNtPassword;
512  ENCRYPTED_NT_OWF_PASSWORD NewNtPassword;
513  ENCRYPTED_LM_OWF_PASSWORD OldLmPassword;
514  ENCRYPTED_LM_OWF_PASSWORD NewLmPassword;
515  OEM_STRING LmPwdString;
516  CHAR LmPwdBuffer[15];
517  BOOLEAN OldLmPasswordPresent = FALSE;
518  BOOLEAN NewLmPasswordPresent = FALSE;
519 
520  ENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm;
521  ENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm;
522  ENCRYPTED_LM_OWF_PASSWORD OldNtEncryptedWithNewNt;
523  ENCRYPTED_LM_OWF_PASSWORD NewNtEncryptedWithOldNt;
524  PENCRYPTED_LM_OWF_PASSWORD pOldLmEncryptedWithNewLm = NULL;
525  PENCRYPTED_LM_OWF_PASSWORD pNewLmEncryptedWithOldLm = NULL;
526 
527  TRACE("()\n");
528 
529  RequestBuffer = (PMSV1_0_CHANGEPASSWORD_REQUEST)ProtocolSubmitBuffer;
530 
531  /* Fix-up pointers in the request buffer info */
532  PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
533 
534  RequestBuffer->DomainName.Buffer = FIXUP_POINTER(RequestBuffer->DomainName.Buffer, PtrOffset);
535  RequestBuffer->AccountName.Buffer = FIXUP_POINTER(RequestBuffer->AccountName.Buffer, PtrOffset);
536  RequestBuffer->OldPassword.Buffer = FIXUP_POINTER(RequestBuffer->OldPassword.Buffer, PtrOffset);
537  RequestBuffer->NewPassword.Buffer = FIXUP_POINTER(RequestBuffer->NewPassword.Buffer, PtrOffset);
538 
539  TRACE("Domain: %S\n", RequestBuffer->DomainName.Buffer);
540  TRACE("Account: %S\n", RequestBuffer->AccountName.Buffer);
541  TRACE("Old Password: %S\n", RequestBuffer->OldPassword.Buffer);
542  TRACE("New Password: %S\n", RequestBuffer->NewPassword.Buffer);
543 
544  /* Connect to the SAM server */
546  &ServerHandle,
548  TRUE);
549  if (!NT_SUCCESS(Status))
550  {
551  TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status);
552  goto done;
553  }
554 
555  /* Get the domain SID */
556  Status = SamrLookupDomainInSamServer(ServerHandle,
557  (PRPC_UNICODE_STRING)&RequestBuffer->DomainName,
558  &DomainSid);
559  if (!NT_SUCCESS(Status))
560  {
561  TRACE("SamrLookupDomainInSamServer failed (Status %08lx)\n", Status);
562  goto done;
563  }
564 
565  /* Open the domain */
566  Status = SamrOpenDomain(ServerHandle,
568  DomainSid,
569  &DomainHandle);
570  if (!NT_SUCCESS(Status))
571  {
572  TRACE("SamrOpenDomain failed (Status %08lx)\n", Status);
573  goto done;
574  }
575 
576  Names[0].Length = RequestBuffer->AccountName.Length;
577  Names[0].MaximumLength = RequestBuffer->AccountName.MaximumLength;
578  Names[0].Buffer = RequestBuffer->AccountName.Buffer;
579 
580  /* Try to get the RID for the user name */
581  Status = SamrLookupNamesInDomain(DomainHandle,
582  1,
583  Names,
584  &RelativeIds,
585  &Use);
586  if (!NT_SUCCESS(Status))
587  {
588  TRACE("SamrLookupNamesInDomain failed (Status %08lx)\n", Status);
590  goto done;
591  }
592 
593  /* Fail, if it is not a user account */
594  if (Use.Element[0] != SidTypeUser)
595  {
596  TRACE("Account is not a user account!\n");
598  goto done;
599  }
600 
601  /* Open the user object */
602  Status = SamrOpenUser(DomainHandle,
604  RelativeIds.Element[0],
605  &UserHandle);
606  if (!NT_SUCCESS(Status))
607  {
608  TRACE("SamrOpenUser failed (Status %08lx)\n", Status);
609  goto done;
610  }
611 
612 
613  /* Calculate the NT hash for the old password */
614  Status = SystemFunction007(&RequestBuffer->OldPassword,
615  (LPBYTE)&OldNtPassword);
616  if (!NT_SUCCESS(Status))
617  {
618  TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
619  goto done;
620  }
621 
622  /* Calculate the NT hash for the new password */
623  Status = SystemFunction007(&RequestBuffer->NewPassword,
624  (LPBYTE)&NewNtPassword);
625  if (!NT_SUCCESS(Status))
626  {
627  TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
628  goto done;
629  }
630 
631  /* Calculate the LM password and hash for the old password */
632  LmPwdString.Length = 15;
633  LmPwdString.MaximumLength = 15;
634  LmPwdString.Buffer = LmPwdBuffer;
635  ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
636 
638  &RequestBuffer->OldPassword,
639  FALSE);
640  if (NT_SUCCESS(Status))
641  {
642  /* Calculate the LM hash value of the password */
643  Status = SystemFunction006(LmPwdString.Buffer,
644  (LPSTR)&OldLmPassword);
645  if (NT_SUCCESS(Status))
646  {
647  OldLmPasswordPresent = TRUE;
648  }
649  }
650 
651  /* Calculate the LM password and hash for the new password */
652  LmPwdString.Length = 15;
653  LmPwdString.MaximumLength = 15;
654  LmPwdString.Buffer = LmPwdBuffer;
655  ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
656 
658  &RequestBuffer->NewPassword,
659  FALSE);
660  if (NT_SUCCESS(Status))
661  {
662  /* Calculate the LM hash value of the password */
663  Status = SystemFunction006(LmPwdString.Buffer,
664  (LPSTR)&NewLmPassword);
665  if (NT_SUCCESS(Status))
666  {
667  NewLmPasswordPresent = TRUE;
668  }
669  }
670 
671  /* Encrypt the old and new LM passwords, if they exist */
672  if (OldLmPasswordPresent && NewLmPasswordPresent)
673  {
674  /* Encrypt the old LM password */
675  Status = SystemFunction012((const BYTE *)&OldLmPassword,
676  (const BYTE *)&NewLmPassword,
677  (LPBYTE)&OldLmEncryptedWithNewLm);
678  if (!NT_SUCCESS(Status))
679  {
680  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
681  goto done;
682  }
683 
684  /* Encrypt the new LM password */
685  Status = SystemFunction012((const BYTE *)&NewLmPassword,
686  (const BYTE *)&OldLmPassword,
687  (LPBYTE)&NewLmEncryptedWithOldLm);
688  if (!NT_SUCCESS(Status))
689  {
690  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
691  goto done;
692  }
693 
694  pOldLmEncryptedWithNewLm = &OldLmEncryptedWithNewLm;
695  pNewLmEncryptedWithOldLm = &NewLmEncryptedWithOldLm;
696  }
697 
698  /* Encrypt the old NT password */
699  Status = SystemFunction012((const BYTE *)&OldNtPassword,
700  (const BYTE *)&NewNtPassword,
701  (LPBYTE)&OldNtEncryptedWithNewNt);
702  if (!NT_SUCCESS(Status))
703  {
704  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
705  goto done;
706  }
707 
708  /* Encrypt the new NT password */
709  Status = SystemFunction012((const BYTE *)&NewNtPassword,
710  (const BYTE *)&OldNtPassword,
711  (LPBYTE)&NewNtEncryptedWithOldNt);
712  if (!NT_SUCCESS(Status))
713  {
714  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
715  goto done;
716  }
717 
718  /* Change the password */
719  Status = SamrChangePasswordUser(UserHandle,
720  OldLmPasswordPresent && NewLmPasswordPresent,
721  pOldLmEncryptedWithNewLm,
722  pNewLmEncryptedWithOldLm,
723  TRUE,
724  &OldNtEncryptedWithNewNt,
725  &NewNtEncryptedWithOldNt,
726  FALSE,
727  NULL,
728  FALSE,
729  NULL);
730  if (!NT_SUCCESS(Status))
731  {
732  TRACE("SamrChangePasswordUser failed (Status %08lx)\n", Status);
733  goto done;
734  }
735 
736 done:
737  if (UserHandle != NULL)
738  SamrCloseHandle(&UserHandle);
739 
740  SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
742 
743  if (DomainHandle != NULL)
744  SamrCloseHandle(&DomainHandle);
745 
746  if (DomainSid != NULL)
747  SamIFreeVoid(DomainSid);
748 
749  if (ServerHandle != NULL)
750  SamrCloseHandle(&ServerHandle);
751 
752  return Status;
753 }
754 
755 
756 static
757 NTSTATUS
759  PSAMPR_USER_INFO_BUFFER UserInfo)
760 {
761  ENCRYPTED_NT_OWF_PASSWORD UserNtPassword;
762  ENCRYPTED_LM_OWF_PASSWORD UserLmPassword;
763  BOOLEAN UserLmPasswordPresent = FALSE;
764  BOOLEAN UserNtPasswordPresent = FALSE;
765  OEM_STRING LmPwdString;
766  CHAR LmPwdBuffer[15];
768 
769  TRACE("(%p %p)\n", UserPassword, UserInfo);
770 
771  /* Calculate the LM password and hash for the users password */
772  LmPwdString.Length = 15;
773  LmPwdString.MaximumLength = 15;
774  LmPwdString.Buffer = LmPwdBuffer;
775  ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
776 
778  UserPassword,
779  FALSE);
780  if (NT_SUCCESS(Status))
781  {
782  /* Calculate the LM hash value of the users password */
783  Status = SystemFunction006(LmPwdString.Buffer,
784  (LPSTR)&UserLmPassword);
785  if (NT_SUCCESS(Status))
786  {
787  UserLmPasswordPresent = TRUE;
788  }
789  }
790 
791  /* Calculate the NT hash of the users password */
792  Status = SystemFunction007(UserPassword,
793  (LPBYTE)&UserNtPassword);
794  if (NT_SUCCESS(Status))
795  {
796  UserNtPasswordPresent = TRUE;
797  }
798 
800 
801  /* Succeed, if no password has been set */
802  if (UserInfo->All.NtPasswordPresent == FALSE &&
803  UserInfo->All.LmPasswordPresent == FALSE)
804  {
805  TRACE("No password check!\n");
807  goto done;
808  }
809 
810  /* Succeed, if NT password matches */
811  if (UserNtPasswordPresent && UserInfo->All.NtPasswordPresent)
812  {
813  TRACE("Check NT password hashes:\n");
814  if (RtlEqualMemory(&UserNtPassword,
815  UserInfo->All.NtOwfPassword.Buffer,
816  sizeof(ENCRYPTED_NT_OWF_PASSWORD)))
817  {
818  TRACE(" success!\n");
820  goto done;
821  }
822 
823  TRACE(" failed!\n");
824  }
825 
826  /* Succeed, if LM password matches */
827  if (UserLmPasswordPresent && UserInfo->All.LmPasswordPresent)
828  {
829  TRACE("Check LM password hashes:\n");
830  if (RtlEqualMemory(&UserLmPassword,
831  UserInfo->All.LmOwfPassword.Buffer,
832  sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
833  {
834  TRACE(" success!\n");
836  goto done;
837  }
838  TRACE(" failed!\n");
839  }
840 
841 done:
842  return Status;
843 }
844 
845 
846 static
847 BOOL
849  _In_ PSAMPR_LOGON_HOURS LogonHours,
850  _In_ PLARGE_INTEGER LogonTime)
851 {
852  LARGE_INTEGER LocalLogonTime;
854  USHORT MinutesPerUnit, Offset;
855 
856  TRACE("MsvpCheckLogonHours(%p %p)\n", LogonHours, LogonTime);
857 
858  if (LogonHours->UnitsPerWeek == 0 || LogonHours->LogonHours == NULL)
859  return TRUE;
860 
861  RtlSystemTimeToLocalTime(LogonTime, &LocalLogonTime);
862  RtlTimeToTimeFields(&LocalLogonTime, &TimeFields);
863 
864  TRACE("UnitsPerWeek: %u\n", LogonHours->UnitsPerWeek);
865  MinutesPerUnit = 10080 / LogonHours->UnitsPerWeek;
866 
867  Offset = ((TimeFields.Weekday * 24 + TimeFields.Hour) * 60 + TimeFields.Minute) / MinutesPerUnit;
868 
869  return (BOOL)(LogonHours->LogonHours[Offset / 8] & (1 << (Offset % 8)));
870 }
871 
872 
873 static
874 BOOL
876  _In_ PRPC_UNICODE_STRING WorkStations,
877  _In_ PWSTR ComputerName)
878 {
879  PWSTR pStart, pEnd;
880  BOOL bFound = FALSE;
881 
882  TRACE("MsvpCheckWorkstations(%wZ %S)\n", WorkStations, ComputerName);
883 
884  if (WorkStations->Length == 0 || WorkStations->Buffer == NULL)
885  return TRUE;
886 
887  pStart = WorkStations->Buffer;
888  for (;;)
889  {
890  pEnd = wcschr(pStart, L',');
891  if (pEnd != NULL)
892  *pEnd = UNICODE_NULL;
893 
894  if (_wcsicmp(ComputerName, pStart) == 0)
895  {
896  bFound = TRUE;
897  if (pEnd != NULL)
898  *pEnd = L',';
899  break;
900  }
901 
902  if (pEnd == NULL)
903  break;
904 
905  *pEnd = L',';
906  pStart = pEnd + 1;
907  }
908 
909  return bFound;
910 }
911 
912 
913 /*
914  * @unimplemented
915  */
916 NTSTATUS
917 NTAPI
919  IN PVOID ProtocolSubmitBuffer,
920  IN PVOID ClientBufferBase,
921  IN ULONG SubmitBufferLength,
922  OUT PVOID *ProtocolReturnBuffer,
923  OUT PULONG ReturnBufferLength,
925 {
926  ULONG MessageType;
928 
929  TRACE("LsaApCallPackage()\n");
930 
931  if (SubmitBufferLength < sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE))
933 
934  MessageType = (ULONG)*((PMSV1_0_PROTOCOL_MESSAGE_TYPE)ProtocolSubmitBuffer);
935 
936  *ProtocolReturnBuffer = NULL;
937  *ReturnBufferLength = 0;
938 
939  switch (MessageType)
940  {
944  case MsV1_0GetUserInfo:
945  case MsV1_0ReLogonUsers:
947  break;
948 
950  Status = MsvpChangePassword(ClientRequest,
951  ProtocolSubmitBuffer,
952  ClientBufferBase,
953  SubmitBufferLength,
954  ProtocolReturnBuffer,
955  ReturnBufferLength,
957  break;
958 
961  case MsV1_0CacheLogon:
962  case MsV1_0SubAuth:
964  case MsV1_0CacheLookup:
966  break;
967 
968  default:
970  }
971 
972  return Status;
973 }
974 
975 
976 /*
977  * @unimplemented
978  */
979 NTSTATUS
980 NTAPI
982  IN PVOID ProtocolSubmitBuffer,
983  IN PVOID ClientBufferBase,
984  IN ULONG SubmitBufferLength,
985  OUT PVOID *ProtocolReturnBuffer,
986  OUT PULONG ReturnBufferLength,
988 {
989  TRACE("LsaApCallPackagePassthrough()\n");
990  return STATUS_NOT_IMPLEMENTED;
991 }
992 
993 
994 /*
995  * @unimplemented
996  */
997 NTSTATUS
998 NTAPI
1000  IN PVOID ProtocolSubmitBuffer,
1001  IN PVOID ClientBufferBase,
1002  IN ULONG SubmitBufferLength,
1003  OUT PVOID *ProtocolReturnBuffer,
1004  OUT PULONG ReturnBufferLength,
1006 {
1007  TRACE("LsaApCallPackageUntrusted()\n");
1008  return STATUS_NOT_IMPLEMENTED;
1009 }
1010 
1011 
1012 /*
1013  * @implemented
1014  */
1015 NTSTATUS
1016 NTAPI
1017 LsaApInitializePackage(IN ULONG AuthenticationPackageId,
1018  IN PLSA_DISPATCH_TABLE LsaDispatchTable,
1020  IN PLSA_STRING Confidentiality OPTIONAL,
1021  OUT PLSA_STRING *AuthenticationPackageName)
1022 {
1023  PANSI_STRING NameString;
1024  PCHAR NameBuffer;
1025 
1026  TRACE("LsaApInitializePackage(%lu %p %p %p %p)\n",
1027  AuthenticationPackageId, LsaDispatchTable, Database,
1028  Confidentiality, AuthenticationPackageName);
1029 
1030  /* Get the dispatch table entries */
1031  DispatchTable.CreateLogonSession = LsaDispatchTable->CreateLogonSession;
1032  DispatchTable.DeleteLogonSession = LsaDispatchTable->DeleteLogonSession;
1033  DispatchTable.AddCredential = LsaDispatchTable->AddCredential;
1034  DispatchTable.GetCredentials = LsaDispatchTable->GetCredentials;
1035  DispatchTable.DeleteCredential = LsaDispatchTable->DeleteCredential;
1036  DispatchTable.AllocateLsaHeap = LsaDispatchTable->AllocateLsaHeap;
1037  DispatchTable.FreeLsaHeap = LsaDispatchTable->FreeLsaHeap;
1038  DispatchTable.AllocateClientBuffer = LsaDispatchTable->AllocateClientBuffer;
1039  DispatchTable.FreeClientBuffer = LsaDispatchTable->FreeClientBuffer;
1040  DispatchTable.CopyToClientBuffer = LsaDispatchTable->CopyToClientBuffer;
1041  DispatchTable.CopyFromClientBuffer = LsaDispatchTable->CopyFromClientBuffer;
1042 
1043  /* Return the package name */
1044  NameString = DispatchTable.AllocateLsaHeap(sizeof(LSA_STRING));
1045  if (NameString == NULL)
1047 
1048  NameBuffer = DispatchTable.AllocateLsaHeap(sizeof(MSV1_0_PACKAGE_NAME));
1049  if (NameBuffer == NULL)
1050  {
1051  DispatchTable.FreeLsaHeap(NameString);
1053  }
1054 
1055  strcpy(NameBuffer, MSV1_0_PACKAGE_NAME);
1056 
1057  RtlInitAnsiString(NameString, NameBuffer);
1058 
1059  *AuthenticationPackageName = (PLSA_STRING)NameString;
1060 
1061  return STATUS_SUCCESS;
1062 }
1063 
1064 
1065 /*
1066  * @unimplemented
1067  */
1068 VOID
1069 NTAPI
1071 {
1072  TRACE("LsaApLogonTerminated()\n");
1073 }
1074 
1075 
1076 /*
1077  * @implemented
1078  */
1079 NTSTATUS
1080 NTAPI
1083  IN PVOID ProtocolSubmitBuffer,
1084  IN PVOID ClientBufferBase,
1085  IN ULONG SubmitBufferSize,
1087  OUT PULONG ProfileBufferSize,
1088  OUT PLUID LogonId,
1090  OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
1091  OUT PVOID *TokenInformation,
1092  OUT PUNICODE_STRING *AccountName,
1093  OUT PUNICODE_STRING *AuthenticatingAuthority,
1095  OUT PSECPKG_PRIMARY_CRED PrimaryCredentials, /* Not supported yet */
1096  OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials) /* Not supported yet */
1097 {
1098  PMSV1_0_INTERACTIVE_LOGON LogonInfo;
1099  WCHAR ComputerName[MAX_COMPUTERNAME_LENGTH + 1];
1100  SAMPR_HANDLE ServerHandle = NULL;
1101  SAMPR_HANDLE DomainHandle = NULL;
1102  SAMPR_HANDLE UserHandle = NULL;
1105  SAMPR_ULONG_ARRAY RelativeIds = {0, NULL};
1106  SAMPR_ULONG_ARRAY Use = {0, NULL};
1107  PSAMPR_USER_INFO_BUFFER UserInfo = NULL;
1108  BOOLEAN SessionCreated = FALSE;
1109  LARGE_INTEGER LogonTime;
1110  LARGE_INTEGER AccountExpires;
1111  LARGE_INTEGER PasswordMustChange;
1112  LARGE_INTEGER PasswordLastSet;
1113  DWORD ComputerNameSize;
1114  BOOL SpecialAccount = FALSE;
1115  NTSTATUS Status;
1116 
1117  TRACE("LsaApLogonUser()\n");
1118 
1119  TRACE("LogonType: %lu\n", LogonType);
1120  TRACE("ProtocolSubmitBuffer: %p\n", ProtocolSubmitBuffer);
1121  TRACE("SubmitBufferSize: %lu\n", SubmitBufferSize);
1122 
1123  *ProfileBuffer = NULL;
1124  *ProfileBufferSize = 0;
1126  *AccountName = NULL;
1127  *AuthenticatingAuthority = NULL;
1128 
1129  if (LogonType == Interactive ||
1130  LogonType == Batch ||
1131  LogonType == Service)
1132  {
1134 
1135  LogonInfo = (PMSV1_0_INTERACTIVE_LOGON)ProtocolSubmitBuffer;
1136 
1137  /* Fix-up pointers in the authentication info */
1138  PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
1139 
1141  LogonInfo->UserName.Buffer = FIXUP_POINTER(LogonInfo->UserName.Buffer, PtrOffset);
1142  LogonInfo->Password.Buffer = FIXUP_POINTER(LogonInfo->Password.Buffer, PtrOffset);
1143 
1144  TRACE("Domain: %S\n", LogonInfo->LogonDomainName.Buffer);
1145  TRACE("User: %S\n", LogonInfo->UserName.Buffer);
1146  TRACE("Password: %S\n", LogonInfo->Password.Buffer);
1147  }
1148  else
1149  {
1150  FIXME("LogonType %lu is not supported yet!\n", LogonType);
1151  return STATUS_NOT_IMPLEMENTED;
1152  }
1153 
1154  /* Get the logon time */
1155  NtQuerySystemTime(&LogonTime);
1156 
1157  /* Get the computer name */
1158  ComputerNameSize = MAX_COMPUTERNAME_LENGTH + 1;
1159  GetComputerNameW(ComputerName, &ComputerNameSize);
1160 
1161  /* Check for special accounts */
1162  if (_wcsicmp(LogonInfo->LogonDomainName.Buffer, L"NT AUTHORITY") == 0)
1163  {
1164  SpecialAccount = TRUE;
1165 
1166  /* Get the authority domain SID */
1168  if (!NT_SUCCESS(Status))
1169  {
1170  ERR("GetNtAuthorityDomainSid() failed (Status 0x%08lx)\n", Status);
1171  return Status;
1172  }
1173 
1174  if (_wcsicmp(LogonInfo->UserName.Buffer, L"LocalService") == 0)
1175  {
1176  TRACE("SpecialAccount: LocalService\n");
1177 
1178  if (LogonType != Service)
1179  return STATUS_LOGON_FAILURE;
1180 
1181  UserInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1183  sizeof(SAMPR_USER_ALL_INFORMATION));
1184  if (UserInfo == NULL)
1185  {
1187  goto done;
1188  }
1189 
1192  }
1193  else if (_wcsicmp(LogonInfo->UserName.Buffer, L"NetworkService") == 0)
1194  {
1195  TRACE("SpecialAccount: NetworkService\n");
1196 
1197  if (LogonType != Service)
1198  return STATUS_LOGON_FAILURE;
1199 
1200  UserInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1202  sizeof(SAMPR_USER_ALL_INFORMATION));
1203  if (UserInfo == NULL)
1204  {
1206  goto done;
1207  }
1208 
1211  }
1212  else
1213  {
1215  goto done;
1216  }
1217  }
1218  else
1219  {
1220  TRACE("NormalAccount\n");
1221 
1222  /* Get the account domain SID */
1224  if (!NT_SUCCESS(Status))
1225  {
1226  ERR("GetAccountDomainSid() failed (Status 0x%08lx)\n", Status);
1227  return Status;
1228  }
1229 
1230  /* Connect to the SAM server */
1232  &ServerHandle,
1234  TRUE);
1235  if (!NT_SUCCESS(Status))
1236  {
1237  TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status);
1238  goto done;
1239  }
1240 
1241  /* Open the account domain */
1242  Status = SamrOpenDomain(ServerHandle,
1243  DOMAIN_LOOKUP,
1245  &DomainHandle);
1246  if (!NT_SUCCESS(Status))
1247  {
1248  ERR("SamrOpenDomain failed (Status %08lx)\n", Status);
1249  goto done;
1250  }
1251 
1252  Names[0].Length = LogonInfo->UserName.Length;
1253  Names[0].MaximumLength = LogonInfo->UserName.MaximumLength;
1254  Names[0].Buffer = LogonInfo->UserName.Buffer;
1255 
1256  /* Try to get the RID for the user name */
1257  Status = SamrLookupNamesInDomain(DomainHandle,
1258  1,
1259  Names,
1260  &RelativeIds,
1261  &Use);
1262  if (!NT_SUCCESS(Status))
1263  {
1264  ERR("SamrLookupNamesInDomain failed (Status %08lx)\n", Status);
1266  goto done;
1267  }
1268 
1269  /* Fail, if it is not a user account */
1270  if (Use.Element[0] != SidTypeUser)
1271  {
1272  ERR("Account is not a user account!\n");
1274  goto done;
1275  }
1276 
1277  /* Open the user object */
1278  Status = SamrOpenUser(DomainHandle,
1281  RelativeIds.Element[0],
1282  &UserHandle);
1283  if (!NT_SUCCESS(Status))
1284  {
1285  ERR("SamrOpenUser failed (Status %08lx)\n", Status);
1286  goto done;
1287  }
1288 
1289  Status = SamrQueryInformationUser(UserHandle,
1291  &UserInfo);
1292  if (!NT_SUCCESS(Status))
1293  {
1294  ERR("SamrQueryInformationUser failed (Status %08lx)\n", Status);
1295  goto done;
1296  }
1297 
1298  TRACE("UserName: %S\n", UserInfo->All.UserName.Buffer);
1299 
1300  /* Check the password */
1301  if ((UserInfo->All.UserAccountControl & USER_PASSWORD_NOT_REQUIRED) == 0)
1302  {
1303  Status = MsvpCheckPassword(&(LogonInfo->Password),
1304  UserInfo);
1305  if (!NT_SUCCESS(Status))
1306  {
1307  ERR("MsvpCheckPassword failed (Status %08lx)\n", Status);
1308  goto done;
1309  }
1310  }
1311 
1312  /* Check account restrictions for non-administrator accounts */
1313  if (RelativeIds.Element[0] != DOMAIN_USER_RID_ADMIN)
1314  {
1315  /* Check if the account has been disabled */
1317  {
1318  ERR("Account disabled!\n");
1321  goto done;
1322  }
1323 
1324  /* Check if the account has been locked */
1326  {
1327  ERR("Account locked!\n");
1330  goto done;
1331  }
1332 
1333  /* Check if the account expired */
1334  AccountExpires.LowPart = UserInfo->All.AccountExpires.LowPart;
1335  AccountExpires.HighPart = UserInfo->All.AccountExpires.HighPart;
1336  if (LogonTime.QuadPart >= AccountExpires.QuadPart)
1337  {
1338  ERR("Account expired!\n");
1341  goto done;
1342  }
1343 
1344  /* Check if the password expired */
1345  PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart;
1346  PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart;
1347  PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart;
1348  PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart;
1349 
1350  if (LogonTime.QuadPart >= PasswordMustChange.QuadPart)
1351  {
1352  ERR("Password expired!\n");
1353  if (PasswordLastSet.QuadPart == 0)
1355  else
1357 
1359  goto done;
1360  }
1361 
1362  /* Check logon hours */
1363  if (!MsvpCheckLogonHours(&UserInfo->All.LogonHours, &LogonTime))
1364  {
1365  ERR("Invalid logon hours!\n");
1368  goto done;
1369  }
1370 
1371  /* Check workstations */
1372  if (!MsvpCheckWorkstations(&UserInfo->All.WorkStations, ComputerName))
1373  {
1374  ERR("Invalid workstation!\n");
1377  goto done;
1378  }
1379  }
1380  }
1381 
1382  /* Return logon information */
1383 
1384  /* Create and return a new logon id */
1386  if (!NT_SUCCESS(Status))
1387  {
1388  TRACE("NtAllocateLocallyUniqueId failed (Status %08lx)\n", Status);
1389  goto done;
1390  }
1391 
1392  /* Create the logon session */
1394  if (!NT_SUCCESS(Status))
1395  {
1396  TRACE("CreateLogonSession failed (Status %08lx)\n", Status);
1397  goto done;
1398  }
1399 
1400  SessionCreated = TRUE;
1401 
1402  /* Build and fill the interactive profile buffer */
1403  Status = BuildInteractiveProfileBuffer(ClientRequest,
1404  UserInfo,
1405  ComputerName,
1407  ProfileBufferSize);
1408  if (!NT_SUCCESS(Status))
1409  {
1410  TRACE("BuildInteractiveProfileBuffer failed (Status %08lx)\n", Status);
1411  goto done;
1412  }
1413 
1414  /* Return the token information type */
1415  *TokenInformationType = LsaTokenInformationV1;
1416 
1417  /* Build and fill the token information buffer */
1420  UserInfo,
1421  SpecialAccount);
1422  if (!NT_SUCCESS(Status))
1423  {
1424  TRACE("BuildTokenInformationBuffer failed (Status %08lx)\n", Status);
1425  goto done;
1426  }
1427 
1428 done:
1429  /* Update the logon time/count or the bad password time/count */
1430  if ((UserHandle != NULL) &&
1432  {
1433  SAMPR_USER_INFO_BUFFER InternalInfo;
1434 
1435  RtlZeroMemory(&InternalInfo, sizeof(InternalInfo));
1436 
1437  if (Status == STATUS_SUCCESS)
1438  InternalInfo.Internal2.Flags = USER_LOGON_SUCCESS;
1439  else
1440  InternalInfo.Internal2.Flags = USER_LOGON_BAD_PASSWORD;
1441 
1442  SamrSetInformationUser(UserHandle,
1444  &InternalInfo);
1445  }
1446 
1447  /* Return the account name */
1448  *AccountName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1449  if (*AccountName != NULL)
1450  {
1451  (*AccountName)->Buffer = DispatchTable.AllocateLsaHeap(LogonInfo->UserName.Length +
1452  sizeof(UNICODE_NULL));
1453  if ((*AccountName)->Buffer != NULL)
1454  {
1455  (*AccountName)->MaximumLength = LogonInfo->UserName.Length +
1456  sizeof(UNICODE_NULL);
1457  RtlCopyUnicodeString(*AccountName, &LogonInfo->UserName);
1458  }
1459  }
1460 
1461  /* Return the authenticating authority */
1462  *AuthenticatingAuthority = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1463  if (*AuthenticatingAuthority != NULL)
1464  {
1465  (*AuthenticatingAuthority)->Buffer = DispatchTable.AllocateLsaHeap(LogonInfo->LogonDomainName.Length +
1466  sizeof(UNICODE_NULL));
1467  if ((*AuthenticatingAuthority)->Buffer != NULL)
1468  {
1469  (*AuthenticatingAuthority)->MaximumLength = LogonInfo->LogonDomainName.Length +
1470  sizeof(UNICODE_NULL);
1471  RtlCopyUnicodeString(*AuthenticatingAuthority, &LogonInfo->LogonDomainName);
1472  }
1473  }
1474 
1475  /* Return the machine name */
1477  if (*MachineName != NULL)
1478  {
1479  (*MachineName)->Buffer = DispatchTable.AllocateLsaHeap((ComputerNameSize + 1) * sizeof(WCHAR));
1480  if ((*MachineName)->Buffer != NULL)
1481  {
1482  (*MachineName)->MaximumLength = (ComputerNameSize + 1) * sizeof(WCHAR);
1483  (*MachineName)->Length = ComputerNameSize * sizeof(WCHAR);
1484  RtlCopyMemory((*MachineName)->Buffer, ComputerName, (*MachineName)->MaximumLength);
1485  }
1486  }
1487 
1488  if (!NT_SUCCESS(Status))
1489  {
1490  if (SessionCreated != FALSE)
1492 
1493  if (*ProfileBuffer != NULL)
1494  {
1495  DispatchTable.FreeClientBuffer(ClientRequest,
1496  *ProfileBuffer);
1497  *ProfileBuffer = NULL;
1498  }
1499  }
1500 
1501  if (UserHandle != NULL)
1502  SamrCloseHandle(&UserHandle);
1503 
1506  SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
1508 
1509  if (DomainHandle != NULL)
1510  SamrCloseHandle(&DomainHandle);
1511 
1512  if (ServerHandle != NULL)
1513  SamrCloseHandle(&ServerHandle);
1514 
1515  if (AccountDomainSid != NULL)
1516  RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);
1517 
1518  if (Status == STATUS_NO_SUCH_USER ||
1520  {
1521  *SubStatus = Status;
1523  }
1524 
1525  TRACE("LsaApLogonUser done (Status 0x%08lx SubStatus 0x%08lx)\n", Status, *SubStatus);
1526 
1527  return Status;
1528 }
1529 
1530 /* EOF */
PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
Definition: authpackage.c:63
PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
Definition: authpackage.c:64
USHORT Weekday
Definition: env_spec_w32.h:718
RPC_SHORT_BLOB LmOwfPassword
Definition: msv1_0.h:127
signed char * PCHAR
Definition: retypes.h:7
* PNTSTATUS
Definition: strlen.c:14
unsigned long * Element
Definition: lsasrv.h:86
struct _MSV1_0_CHANGEPASSWORD_REQUEST * PMSV1_0_CHANGEPASSWORD_REQUEST
#define STATUS_WRONG_PASSWORD
Definition: ntstatus.h:328
RPC_UNICODE_STRING UserName
Definition: msv1_0.h:117
NTSTATUS NTAPI LsaApCallPackage(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:918
struct _MSV1_0_INTERACTIVE_PROFILE MSV1_0_INTERACTIVE_PROFILE
#define SAM_SERVER_CONNECT
Definition: ntsam.h:99
#define IN
Definition: typedefs.h:38
static NTSTATUS BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1 *TokenInformation, PRPC_SID AccountDomainSid, PSAMPR_USER_INFO_BUFFER UserInfo, BOOL SpecialAccount)
Definition: msv1_0.c:406
PWSTR Names[NAMES_COUNT]
static BOOL MsvpCheckWorkstations(_In_ PRPC_UNICODE_STRING WorkStations, _In_ PWSTR ComputerName)
Definition: msv1_0.c:875
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:540
#define TRUE
Definition: types.h:120
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define MSV1_0_PACKAGE_NAME
Definition: ntsecapi.h:42
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define USER_PASSWORD_NOT_REQUIRED
Definition: ntsam.h:169
NTSTATUS NTAPI LsaApInitializePackage(IN ULONG AuthenticationPackageId, IN PLSA_DISPATCH_TABLE LsaDispatchTable, IN PLSA_STRING Database OPTIONAL, IN PLSA_STRING Confidentiality OPTIONAL, OUT PLSA_STRING *AuthenticationPackageName)
Definition: msv1_0.c:1017
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:441
UNICODE_STRING ProfilePath
Definition: ntsecapi.h:449
NTSTATUS __stdcall SamrOpenDomain(SAMPR_HANDLE ServerHandle, ACCESS_MASK DesiredAccess, PRPC_SID DomainId, SAMPR_HANDLE *DomainHandle)
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:225
USHORT MaximumLength
Definition: env_spec_w32.h:370
UNICODE_STRING HomeDirectory
Definition: ntsecapi.h:447
#define PtrOffset(BASE, OFFSET)
Definition: cdprocs.h:1557
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
uint16_t * PWSTR
Definition: typedefs.h:54
static NTSTATUS GetNtAuthorityDomainSid(PRPC_SID *Sid)
Definition: msv1_0.c:74
char CHAR
Definition: xmlstorage.h:175
PLSA_GET_CREDENTIALS GetCredentials
Definition: authpackage.c:58
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
#define WARN(fmt,...)
Definition: debug.h:111
unsigned long UserId
Definition: msv1_0.h:131
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
struct _MSV1_0_INTERACTIVE_PROFILE * PMSV1_0_INTERACTIVE_PROFILE
PLSA_FREE_LSA_HEAP FreeLsaHeap
Definition: authpackage.c:61
static PSID AppendRidToSid(PSID SrcSid, ULONG Rid)
Definition: msv1_0.c:245
PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
Definition: authpackage.c:60
UNICODE_STRING LogonScript
Definition: ntsecapi.h:446
OLD_LARGE_INTEGER PasswordLastSet
Definition: msv1_0.h:113
_In_ DWORD _Out_ PDWORD _In_opt_ PCSTR MachineName
Definition: setupapi.h:1286
#define ZeroMemory
Definition: winbase.h:1635
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
NTSTATUS NTAPI SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle, IN ULONG Count, IN RPC_UNICODE_STRING Names[], OUT PSAMPR_ULONG_ARRAY RelativeIds, OUT PSAMPR_ULONG_ARRAY Use)
Definition: samrpc.c:3558
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
unsigned short * Buffer
Definition: msv1_0.h:71
NTSTATUS NTAPI SamrChangePasswordUser(IN SAMPR_HANDLE UserHandle, IN unsigned char LmPresent, IN PENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm, IN unsigned char NtPresent, IN PENCRYPTED_NT_OWF_PASSWORD OldNtEncryptedWithNewNt, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithOldNt, IN unsigned char NtCrossEncryptionPresent, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithNewLm, IN unsigned char LmCrossEncryptionPresent, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithNewNt)
Definition: samrpc.c:8324
NTSTATUS WINAPI SystemFunction006(LPCSTR password, LPSTR hash)
Definition: crypt_lmhash.c:53
#define STATUS_ACCOUNT_LOCKED_OUT
Definition: ntstatus.h:682
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:440
STRING OEM_STRING
Definition: umtypes.h:203
TOpcodeData Groups[17][8]
char * LPSTR
Definition: xmlstorage.h:182
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:371
LSAPR_POLICY_ACCOUNT_DOM_INFO PolicyAccountDomainInfo
Definition: msv1_0.h:307
NTSTATUS NTAPI SamrLookupDomainInSamServer(IN SAMPR_HANDLE ServerHandle, IN PRPC_UNICODE_STRING Name, OUT PRPC_SID *DomainId)
Definition: samrpc.c:497
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
LARGE_INTEGER PasswordMustChange
Definition: ntsecapi.h:445
UNICODE_STRING Password
Definition: ntsecapi.h:434
UNICODE_STRING AccountName
Definition: ntsecapi.h:510
#define STATUS_ACCOUNT_EXPIRED
Definition: ntstatus.h:622
UNICODE_STRING FullName
Definition: ntsecapi.h:448
SAMPR_USER_ALL_INFORMATION All
Definition: msv1_0.h:172
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)
#define STATUS_INVALID_LOGON_HOURS
Definition: ntstatus.h:333
NTSTATUS WINAPI LsaIOpenPolicyTrusted(OUT LSAPR_HANDLE *PolicyHandle)
Definition: policy.c:15
#define USER_ACCOUNT_DISABLED
Definition: ntsam.h:167
#define STATUS_ACCOUNT_RESTRICTION
Definition: ntstatus.h:332
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
uint32_t ULONG_PTR
Definition: typedefs.h:63
WINE_DEFAULT_DEBUG_CHANNEL(msv1_0)
VOID NTAPI LsaIFree_LSAPR_POLICY_INFORMATION(IN POLICY_INFORMATION_CLASS InformationClass, IN PLSAPR_POLICY_INFORMATION PolicyInformation)
Definition: lsasrv.c:51
NTSTATUS NTAPI SamIConnect(PSAMPR_SERVER_NAME ServerName, SAMPR_HANDLE *ServerHandle, ACCESS_MASK DesiredAccess, BOOLEAN Trusted)
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
VOID NTAPI SamIFreeVoid(PVOID Ptr)
Definition: samsrv.c:146
static NTSTATUS GetAccountDomainSid(PRPC_SID *Sid)
Definition: msv1_0.c:25
#define FIXUP_POINTER(Pointer, Offset)
Definition: msv1_0.h:40
unsigned char * LPBYTE
Definition: typedefs.h:52
VOID NTAPI ProtocolStatus(NDIS_HANDLE BindingContext, NDIS_STATUS GenerelStatus, PVOID StatusBuffer, UINT StatusBufferSize)
Called by NDIS when the underlying driver has changed state.
Definition: lan.c:461
#define USER_READ_GENERAL
Definition: ntsam.h:126
NTSTATUS WINAPI SystemFunction012(const BYTE *in, const BYTE *key, LPBYTE out)
Definition: sysfunc.c:353
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
_In_ ULONG _In_ ULONG Offset
Definition: ntddpcm.h:101
#define UNICODE_NULL
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
VOID NTAPI LsaApLogonTerminated(IN PLUID LogonId)
Definition: msv1_0.c:1070
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE * PMSV1_0_PROTOCOL_MESSAGE_TYPE
unsigned int BOOL
Definition: ntddk_ex.h:94
_In_ ULONG BufferLength
Definition: usbdlib.h:225
#define DOMAIN_USER_RID_ADMIN
Definition: setypes.h:603
PLSA_CREATE_LOGON_SESSION CreateLogonSession
Definition: authpackage.c:55
NTSYSAPI NTSTATUS NTAPI RtlUpcaseUnicodeStringToOemString(POEM_STRING DestinationString, PCUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
LARGE_INTEGER PasswordLastSet
Definition: ntsecapi.h:443
#define FIXME(fmt,...)
Definition: debug.h:110
static NTSTATUS BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PSAMPR_USER_INFO_BUFFER UserInfo, IN PWSTR ComputerName, OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer, OUT PULONG ProfileBufferLength)
Definition: msv1_0.c:95
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
enum _LSA_TOKEN_INFORMATION_TYPE * PLSA_TOKEN_INFORMATION_TYPE
#define SAM_SERVER_LOOKUP_DOMAIN
Definition: ntsam.h:104
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
LARGE_INTEGER LogonTime
Definition: ntsecapi.h:440
NTSYSAPI NTSTATUS NTAPI RtlSystemTimeToLocalTime(_In_ PLARGE_INTEGER SystemTime, _Out_ PLARGE_INTEGER LocalTime)
Definition: bufpool.h:45
OLD_LARGE_INTEGER AccountExpires
Definition: msv1_0.h:114
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:547
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:526
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1559
#define STATUS_NO_SUCH_USER
Definition: ntstatus.h:322
BOOLEAN RtlTimeToTimeFields(IN PLARGE_INTEGER Time, IN PTIME_FIELDS TimeFields)
NTSTATUS WINAPI LsarQueryInformationPolicy(LSAPR_HANDLE PolicyHandle, POLICY_INFORMATION_CLASS InformationClass, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: lsarpc.c:531
#define STATUS_ACCOUNT_DISABLED
Definition: ntstatus.h:336
OLD_LARGE_INTEGER PasswordMustChange
Definition: msv1_0.h:116
PLSA_DELETE_CREDENTIAL DeleteCredential
Definition: authpackage.c:59
static NTSTATUS BuildTokenGroups(OUT PTOKEN_GROUPS *Groups, IN PSID AccountDomainSid, IN ULONG RelativeId, IN BOOL SpecialAccount)
Definition: msv1_0.c:310
UNICODE_STRING UserName
Definition: ntsecapi.h:433
#define TRACE(s)
Definition: solgame.cpp:4
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:442
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
_CONST_RETURN wchar_t *__cdecl wcschr(_In_z_ const wchar_t *_Str, wchar_t _Ch)
NTSYSAPI ULONG NTAPI RtlEqualMemory(CONST VOID *Source1, CONST VOID *Source2, ULONG Length)
#define STATUS_PASSWORD_EXPIRED
Definition: ntstatus.h:335
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define USER_READ_ACCOUNT
Definition: ntsam.h:130
#define SE_GROUP_ENABLED
Definition: setypes.h:92
LSA_DISPATCH_TABLE DispatchTable
Definition: msv1_0.c:18
NTSTATUS WINAPI SystemFunction007(const UNICODE_STRING *string, LPBYTE hash)
Definition: sysfunc.c:245
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
Definition: sid.c:104
UNICODE_STRING NewPassword
Definition: ntsecapi.h:512
unsigned long DWORD
Definition: ntddk_ex.h:95
static NTSTATUS MsvpCheckPassword(PUNICODE_STRING UserPassword, PSAMPR_USER_INFO_BUFFER UserInfo)
Definition: msv1_0.c:758
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
UNICODE_STRING LogonServer
Definition: ntsecapi.h:451
SAMPR_LOGON_HOURS LogonHours
Definition: msv1_0.h:135
PLSA_DELETE_LOGON_SESSION DeleteLogonSession
Definition: authpackage.c:56
#define USER_LOGON_SUCCESS
Definition: msv1_0.h:98
NTSTATUS WINAPI LsarClose(LSAPR_HANDLE *ObjectHandle)
Definition: lsarpc.c:125
unsigned long PrimaryGroupId
Definition: msv1_0.h:132
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
#define SECURITY_NULL_RID
Definition: setypes.h:512
#define USER_LOGON_BAD_PASSWORD
Definition: msv1_0.h:97
PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
Definition: authpackage.c:65
unsigned char UCHAR
Definition: xmlstorage.h:181
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
static const WCHAR L[]
Definition: oid.c:1250
#define USER_ACCOUNT_AUTO_LOCKED
Definition: ntsam.h:177
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
ULONG LowPart
Definition: typedefs.h:104
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
unsigned char BYTE
Definition: mem.h:68
unsigned char LmPasswordPresent
Definition: msv1_0.h:140
PLSA_ADD_CREDENTIAL AddCredential
Definition: authpackage.c:57
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:548
VOID NTAPI SamIFree_SAMPR_USER_INFO_BUFFER(PSAMPR_USER_INFO_BUFFER Ptr, USER_INFORMATION_CLASS InformationClass)
Definition: samsrv.c:531
Status
Definition: gdiplustypes.h:24
static NTSTATUS MsvpChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:491
#define ERR(fmt,...)
Definition: debug.h:109
#define _In_
Definition: no_sal2.h:204
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:240
VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr)
Definition: samsrv.c:515
#define STATUS_INVALID_WORKSTATION
Definition: ntstatus.h:334
NTSTATUS NTAPI LsaApCallPackagePassthrough(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:981
PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
Definition: authpackage.c:62
NTSTATUS NTAPI LsaApCallPackageUntrusted(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:999
LARGE_INTEGER PasswordCanChange
Definition: ntsecapi.h:444
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:625
unsigned short USHORT
Definition: pedump.c:61
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
#define STATUS_PASSWORD_MUST_CHANGE
Definition: ntstatus.h:666
unsigned long UserAccountControl
Definition: msv1_0.h:133
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:437
unsigned long LowPart
Definition: msv1_0.h:63
NTSTATUS NTAPI SamrSetInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, IN PSAMPR_USER_INFO_BUFFER Buffer)
Definition: samrpc.c:8119
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
NTSTATUS __stdcall SamrCloseHandle(SAMPR_HANDLE *SamHandle)
UNICODE_STRING HomeDirectoryDrive
Definition: ntsecapi.h:450
_CRTIMP wchar_t *__cdecl wcscat(_Inout_updates_z_(_String_length_(_Dest)+_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
#define DOMAIN_GROUP_RID_USERS
Definition: setypes.h:612
unsigned int * PULONG
Definition: retypes.h:1
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
struct _LSA_STRING * PLSA_STRING
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
NTSTATUS NTAPI SamrOpenUser(IN SAMPR_HANDLE DomainHandle, IN ACCESS_MASK DesiredAccess, IN ULONG UserId, OUT SAMPR_HANDLE *UserHandle)
#define USER_READ_PREFERENCES
Definition: ntsam.h:127
RPC_SHORT_BLOB NtOwfPassword
Definition: msv1_0.h:128
#define OUT
Definition: typedefs.h:39
UNICODE_STRING OldPassword
Definition: ntsecapi.h:511
char * strcpy(char *DstString, const char *SrcString)
Definition: utclib.c:388
unsigned int ULONG
Definition: retypes.h:1
#define DOMAIN_LOOKUP
Definition: ntsam.h:42
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
SAMPR_USER_INTERNAL2_INFORMATION Internal2
Definition: msv1_0.h:168
#define ULONG_PTR
Definition: config.h:101
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:417
PSID AccountDomainSid
Definition: database.c:22
NTSTATUS NTAPI LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest, IN SECURITY_LOGON_TYPE LogonType, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferSize, OUT PVOID *ProfileBuffer, OUT PULONG ProfileBufferSize, OUT PLUID LogonId, OUT PNTSTATUS SubStatus, OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType, OUT PVOID *TokenInformation, OUT PUNICODE_STRING *AccountName, OUT PUNICODE_STRING *AuthenticatingAuthority, OUT PUNICODE_STRING *MachineName, OUT PSECPKG_PRIMARY_CRED PrimaryCredentials, OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials)
Definition: msv1_0.c:1081
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE MSV1_0_PROTOCOL_MESSAGE_TYPE
NTSTATUS NTAPI SamrQueryInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, OUT PSAMPR_USER_INFO_BUFFER *Buffer)
Definition: samrpc.c:7328
WCHAR * LPWSTR
Definition: xmlstorage.h:184
IN BOOLEAN OUT PSTR Buffer
Definition: progress.h:34
static PTIME_FIELDS TimeFields
Definition: time.c:104
return STATUS_SUCCESS
Definition: btrfs.c:2745
static BOOL MsvpCheckLogonHours(_In_ PSAMPR_LOGON_HOURS LogonHours, _In_ PLARGE_INTEGER LogonTime)
Definition: msv1_0.c:848
static NTSTATUS BuildTokenPrimaryGroup(OUT PTOKEN_PRIMARY_GROUP PrimaryGroup, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:292
#define USER_READ_LOGON
Definition: ntsam.h:129
size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
static NTSTATUS BuildTokenUser(OUT PTOKEN_USER User, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:272
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
#define STATUS_LOGON_FAILURE
Definition: ntstatus.h:331
unsigned char NtPasswordPresent
Definition: msv1_0.h:141
RPC_UNICODE_STRING WorkStations
Definition: msv1_0.h:124
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:19
LONGLONG QuadPart
Definition: typedefs.h:112
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:432
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
#define USER_CHANGE_PASSWORD
Definition: ntsam.h:132
static SID_IDENTIFIER_AUTHORITY SystemAuthority
Definition: msgina.c:38
wchar_t * Buffer
Definition: msv1_0.h:55
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68