ReactOS  0.4.14-dev-52-g6116262
msv1_0.c
Go to the documentation of this file.
1 /*
2  * PROJECT: Authentication Package DLL
3  * LICENSE: GPL - See COPYING in the top level directory
4  * FILE: dll/win32/msv1_0/msv1_0.c
5  * PURPOSE: Main file
6  * COPYRIGHT: Copyright 2013 Eric Kohl
7  */
8 
9 /* INCLUDES ****************************************************************/
10 
11 #include "msv1_0.h"
12 
13 WINE_DEFAULT_DEBUG_CHANNEL(msv1_0);
14 
15 
16 /* GLOBALS *****************************************************************/
17 
18 LSA_DISPATCH_TABLE DispatchTable;
19 
20 
21 /* FUNCTIONS ***************************************************************/
22 
23 static
24 NTSTATUS
25 GetAccountDomainSid(PRPC_SID *Sid)
26 {
27  LSAPR_HANDLE PolicyHandle = NULL;
28  PLSAPR_POLICY_INFORMATION PolicyInfo = NULL;
29  ULONG Length = 0;
30  NTSTATUS Status;
31 
32  Status = LsaIOpenPolicyTrusted(&PolicyHandle);
33  if (!NT_SUCCESS(Status))
34  {
35  TRACE("LsaIOpenPolicyTrusted() failed (Status 0x%08lx)\n", Status);
36  return Status;
37  }
38 
39  Status = LsarQueryInformationPolicy(PolicyHandle,
40  PolicyAccountDomainInformation,
41  &PolicyInfo);
42  if (!NT_SUCCESS(Status))
43  {
44  TRACE("LsarQueryInformationPolicy() failed (Status 0x%08lx)\n", Status);
45  goto done;
46  }
47 
48  Length = RtlLengthSid(PolicyInfo->PolicyAccountDomainInfo.Sid);
49 
50  *Sid = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
51  if (*Sid == NULL)
52  {
53  ERR("Failed to allocate SID\n");
54  Status = STATUS_INSUFFICIENT_RESOURCES;
55  goto done;
56  }
57 
58  memcpy(*Sid, PolicyInfo->PolicyAccountDomainInfo.Sid, Length);
59 
60 done:
61  if (PolicyInfo != NULL)
62  LsaIFree_LSAPR_POLICY_INFORMATION(PolicyAccountDomainInformation,
63  PolicyInfo);
64 
65  if (PolicyHandle != NULL)
66  LsarClose(&PolicyHandle);
67 
68  return Status;
69 }
70 
71 
72 static
73 NTSTATUS
74 GetNtAuthorityDomainSid(PRPC_SID *Sid)
75 {
76  SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
77  ULONG Length = 0;
78 
79  Length = RtlLengthRequiredSid(0);
80  *Sid = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
81  if (*Sid == NULL)
82  {
83  ERR("Failed to allocate SID\n");
84  return STATUS_INSUFFICIENT_RESOURCES;
85  }
86 
87  RtlInitializeSid(*Sid,&NtAuthority, 0);
88 
89  return STATUS_SUCCESS;
90 }
91 
92 
93 static
94 NTSTATUS
95 BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest,
96  IN PSAMPR_USER_INFO_BUFFER UserInfo,
97  IN PWSTR ComputerName,
98  OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer,
99  OUT PULONG ProfileBufferLength)
100 {
101  PMSV1_0_INTERACTIVE_PROFILE LocalBuffer = NULL;
102  PVOID ClientBaseAddress = NULL;
103  LPWSTR Ptr;
104  ULONG BufferLength;
105  NTSTATUS Status = STATUS_SUCCESS;
106 
107  *ProfileBuffer = NULL;
108  *ProfileBufferLength = 0;
109 
110  BufferLength = sizeof(MSV1_0_INTERACTIVE_PROFILE) +
111  UserInfo->All.FullName.Length + sizeof(WCHAR) +
112  UserInfo->All.HomeDirectory.Length + sizeof(WCHAR) +
113  UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR) +
114  UserInfo->All.ScriptPath.Length + sizeof(WCHAR) +
115  UserInfo->All.ProfilePath.Length + sizeof(WCHAR) +
116  ((wcslen(ComputerName) + 3) * sizeof(WCHAR));
117 
118  LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength);
119  if (LocalBuffer == NULL)
120  {
121  TRACE("Failed to allocate the local buffer!\n");
122  Status = STATUS_INSUFFICIENT_RESOURCES;
123  goto done;
124  }
125 
126  Status = DispatchTable.AllocateClientBuffer(ClientRequest,
127  BufferLength,
128  &ClientBaseAddress);
129  if (!NT_SUCCESS(Status))
130  {
131  TRACE("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status);
132  goto done;
133  }
134 
135  TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
136 
137  Ptr = (LPWSTR)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_INTERACTIVE_PROFILE));
138 
139  LocalBuffer->MessageType = MsV1_0InteractiveProfile;
140  LocalBuffer->LogonCount = UserInfo->All.LogonCount;
141  LocalBuffer->BadPasswordCount = UserInfo->All.BadPasswordCount;
142 
143  LocalBuffer->LogonTime.LowPart = UserInfo->All.LastLogon.LowPart;
144  LocalBuffer->LogonTime.HighPart = UserInfo->All.LastLogon.HighPart;
145 
146  LocalBuffer->LogoffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
147  LocalBuffer->LogoffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
148 
149  LocalBuffer->KickOffTime.LowPart = UserInfo->All.AccountExpires.LowPart;
150  LocalBuffer->KickOffTime.HighPart = UserInfo->All.AccountExpires.HighPart;
151 
152  LocalBuffer->PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart;
153  LocalBuffer->PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart;
154 
155  LocalBuffer->PasswordCanChange.LowPart = UserInfo->All.PasswordCanChange.LowPart;
156  LocalBuffer->PasswordCanChange.HighPart = UserInfo->All.PasswordCanChange.HighPart;
157 
158  LocalBuffer->PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart;
159  LocalBuffer->PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart;
160 
161  LocalBuffer->LogonScript.Length = UserInfo->All.ScriptPath.Length;
162  LocalBuffer->LogonScript.MaximumLength = UserInfo->All.ScriptPath.Length + sizeof(WCHAR);
163  LocalBuffer->LogonScript.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
164  memcpy(Ptr,
165  UserInfo->All.ScriptPath.Buffer,
166  UserInfo->All.ScriptPath.Length);
167 
168  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->LogonScript.MaximumLength);
169 
170  LocalBuffer->HomeDirectory.Length = UserInfo->All.HomeDirectory.Length;
171  LocalBuffer->HomeDirectory.MaximumLength = UserInfo->All.HomeDirectory.Length + sizeof(WCHAR);
172  LocalBuffer->HomeDirectory.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
173  memcpy(Ptr,
174  UserInfo->All.HomeDirectory.Buffer,
175  UserInfo->All.HomeDirectory.Length);
176 
177  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectory.MaximumLength);
178 
179  LocalBuffer->FullName.Length = UserInfo->All.FullName.Length;
180  LocalBuffer->FullName.MaximumLength = UserInfo->All.FullName.Length + sizeof(WCHAR);
181  LocalBuffer->FullName.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
182  memcpy(Ptr,
183  UserInfo->All.FullName.Buffer,
184  UserInfo->All.FullName.Length);
185  TRACE("FullName.Buffer: %p\n", LocalBuffer->FullName.Buffer);
186 
187  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->FullName.MaximumLength);
188 
189  LocalBuffer->ProfilePath.Length = UserInfo->All.ProfilePath.Length;
190  LocalBuffer->ProfilePath.MaximumLength = UserInfo->All.ProfilePath.Length + sizeof(WCHAR);
191  LocalBuffer->ProfilePath.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
192  memcpy(Ptr,
193  UserInfo->All.ProfilePath.Buffer,
194  UserInfo->All.ProfilePath.Length);
195 
196  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->ProfilePath.MaximumLength);
197 
198  LocalBuffer->HomeDirectoryDrive.Length = UserInfo->All.HomeDirectoryDrive.Length;
199  LocalBuffer->HomeDirectoryDrive.MaximumLength = UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR);
200  LocalBuffer->HomeDirectoryDrive.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
201  memcpy(Ptr,
202  UserInfo->All.HomeDirectoryDrive.Buffer,
203  UserInfo->All.HomeDirectoryDrive.Length);
204 
205  Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectoryDrive.MaximumLength);
206 
207  LocalBuffer->LogonServer.Length = (wcslen(ComputerName) + 2) * sizeof(WCHAR);
208  LocalBuffer->LogonServer.MaximumLength = LocalBuffer->LogonServer.Length + sizeof(WCHAR);
209  LocalBuffer->LogonServer.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer);
210  wcscpy(Ptr, L"\\");
211  wcscat(Ptr, ComputerName);
212 
213  LocalBuffer->UserFlags = 0;
214 
215  Status = DispatchTable.CopyToClientBuffer(ClientRequest,
216  BufferLength,
217  ClientBaseAddress,
218  LocalBuffer);
219  if (!NT_SUCCESS(Status))
220  {
221  TRACE("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status);
222  goto done;
223  }
224 
225  *ProfileBuffer = (PMSV1_0_INTERACTIVE_PROFILE)ClientBaseAddress;
226  *ProfileBufferLength = BufferLength;
227 
228 done:
229  if (LocalBuffer != NULL)
230  DispatchTable.FreeLsaHeap(LocalBuffer);
231 
232  if (!NT_SUCCESS(Status))
233  {
234  if (ClientBaseAddress != NULL)
235  DispatchTable.FreeClientBuffer(ClientRequest,
236  ClientBaseAddress);
237  }
238 
239  return Status;
240 }
241 
242 
243 static
244 PSID
245 AppendRidToSid(PSID SrcSid,
246  ULONG Rid)
247 {
248  PSID DstSid = NULL;
249  UCHAR RidCount;
250 
251  RidCount = *RtlSubAuthorityCountSid(SrcSid);
252  if (RidCount >= 8)
253  return NULL;
254 
255  DstSid = DispatchTable.AllocateLsaHeap(RtlLengthRequiredSid(RidCount + 1));
256  if (DstSid == NULL)
257  return NULL;
258 
259  RtlCopyMemory(DstSid,
260  SrcSid,
261  RtlLengthRequiredSid(RidCount));
262 
263  *RtlSubAuthorityCountSid(DstSid) = RidCount + 1;
264  *RtlSubAuthoritySid(DstSid, RidCount) = Rid;
265 
266  return DstSid;
267 }
268 
269 
270 static
271 NTSTATUS
272 BuildTokenUser(OUT PTOKEN_USER User,
273  IN PSID AccountDomainSid,
274  IN ULONG RelativeId)
275 {
276  User->User.Sid = AppendRidToSid(AccountDomainSid,
277  RelativeId);
278  if (User->User.Sid == NULL)
279  {
280  ERR("Could not create the user SID\n");
281  return STATUS_INSUFFICIENT_RESOURCES;
282  }
283 
284  User->User.Attributes = 0;
285 
286  return STATUS_SUCCESS;
287 }
288 
289 
290 static
291 NTSTATUS
292 BuildTokenPrimaryGroup(OUT PTOKEN_PRIMARY_GROUP PrimaryGroup,
293  IN PSID AccountDomainSid,
294  IN ULONG RelativeId)
295 {
296  PrimaryGroup->PrimaryGroup = AppendRidToSid(AccountDomainSid,
297  RelativeId);
298  if (PrimaryGroup->PrimaryGroup == NULL)
299  {
300  ERR("Could not create the primary group SID\n");
301  return STATUS_INSUFFICIENT_RESOURCES;
302  }
303 
304  return STATUS_SUCCESS;
305 }
306 
307 
308 static
309 NTSTATUS
310 BuildTokenGroups(OUT PTOKEN_GROUPS *Groups,
311  IN PSID AccountDomainSid,
312  IN ULONG RelativeId,
313  IN BOOL SpecialAccount)
314 {
315  SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
316  PTOKEN_GROUPS TokenGroups;
317  DWORD GroupCount = 0;
318  DWORD MaxGroups = 2;
319  PSID Sid;
320  NTSTATUS Status = STATUS_SUCCESS;
321 
322  if (SpecialAccount)
323  MaxGroups++;
324 
325  TokenGroups = DispatchTable.AllocateLsaHeap(sizeof(TOKEN_GROUPS) +
326  MaxGroups * sizeof(SID_AND_ATTRIBUTES));
327  if (TokenGroups == NULL)
328  {
329  return STATUS_INSUFFICIENT_RESOURCES;
330  }
331 
332  if (SpecialAccount)
333  {
334  /* Self */
335  Sid = AppendRidToSid(AccountDomainSid, RelativeId);
336  if (Sid == NULL)
337  {
338 
339  }
340 
341  TokenGroups->Groups[GroupCount].Sid = Sid;
342  TokenGroups->Groups[GroupCount].Attributes =
343  SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
344  GroupCount++;
345 
346  /* Member of 'Users' alias */
347  RtlAllocateAndInitializeSid(&SystemAuthority,
348  2,
349  SECURITY_BUILTIN_DOMAIN_RID,
350  DOMAIN_ALIAS_RID_USERS,
351  SECURITY_NULL_RID,
352  SECURITY_NULL_RID,
353  SECURITY_NULL_RID,
354  SECURITY_NULL_RID,
355  SECURITY_NULL_RID,
356  SECURITY_NULL_RID,
357  &Sid);
358  TokenGroups->Groups[GroupCount].Sid = Sid;
359  TokenGroups->Groups[GroupCount].Attributes =
360  SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
361  GroupCount++;
362  }
363  else
364  {
365  /* Member of the domains users group */
366  Sid = AppendRidToSid(AccountDomainSid, DOMAIN_GROUP_RID_USERS);
367  if (Sid == NULL)
368  {
369 
370  }
371 
372  TokenGroups->Groups[GroupCount].Sid = Sid;
373  TokenGroups->Groups[GroupCount].Attributes =
374  SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
375  GroupCount++;
376  }
377 
378  /* Member of 'Authenticated users' */
379  RtlAllocateAndInitializeSid(&SystemAuthority,
380  1,
381  SECURITY_AUTHENTICATED_USER_RID,
382  SECURITY_NULL_RID,
383  SECURITY_NULL_RID,
384  SECURITY_NULL_RID,
385  SECURITY_NULL_RID,
386  SECURITY_NULL_RID,
387  SECURITY_NULL_RID,
388  SECURITY_NULL_RID,
389  &Sid);
390  TokenGroups->Groups[GroupCount].Sid = Sid;
391  TokenGroups->Groups[GroupCount].Attributes =
392  SE_GROUP_ENABLED | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_MANDATORY;
393  GroupCount++;
394 
395  TokenGroups->GroupCount = GroupCount;
396  ASSERT(TokenGroups->GroupCount <= MaxGroups);
397 
398  *Groups = TokenGroups;
399 
400  return Status;
401 }
402 
403 
404 static
405 NTSTATUS
406 BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1 *TokenInformation,
407  PRPC_SID AccountDomainSid,
408  PSAMPR_USER_INFO_BUFFER UserInfo,
409  BOOL SpecialAccount)
410 {
411  PLSA_TOKEN_INFORMATION_V1 Buffer = NULL;
412  ULONG i;
413  NTSTATUS Status = STATUS_SUCCESS;
414 
415  Buffer = DispatchTable.AllocateLsaHeap(sizeof(LSA_TOKEN_INFORMATION_V1));
416  if (Buffer == NULL)
417  {
418  WARN("Failed to allocate the local buffer!\n");
419  Status = STATUS_INSUFFICIENT_RESOURCES;
420  goto done;
421  }
422 
423  Buffer->ExpirationTime.LowPart = UserInfo->All.AccountExpires.LowPart;
424  Buffer->ExpirationTime.HighPart = UserInfo->All.AccountExpires.HighPart;
425 
426  Status = BuildTokenUser(&Buffer->User,
427  (PSID)AccountDomainSid,
428  UserInfo->All.UserId);
429  if (!NT_SUCCESS(Status))
430  {
431  WARN("BuildTokenUser() failed (Status 0x%08lx)\n", Status);
432  goto done;
433  }
434 
435  Status = BuildTokenPrimaryGroup(&Buffer->PrimaryGroup,
436  (PSID)AccountDomainSid,
437  UserInfo->All.PrimaryGroupId);
438  if (!NT_SUCCESS(Status))
439  {
440  WARN("BuildTokenPrimaryGroup() failed (Status 0x%08lx)\n", Status);
441  goto done;
442  }
443 
444  Status = BuildTokenGroups(&Buffer->Groups,
445  (PSID)AccountDomainSid,
446  UserInfo->All.UserId,
447  SpecialAccount);
448  if (!NT_SUCCESS(Status))
449  {
450  WARN("BuildTokenGroups() failed (Status 0x%08lx)\n", Status);
451  goto done;
452  }
453 
454  *TokenInformation = Buffer;
455 
456 done:
457  if (!NT_SUCCESS(Status))
458  {
459  if (Buffer != NULL)
460  {
461  if (Buffer->User.User.Sid != NULL)
462  DispatchTable.FreeLsaHeap(Buffer->User.User.Sid);
463 
464  if (Buffer->Groups != NULL)
465  {
466  for (i = 0; i < Buffer->Groups->GroupCount; i++)
467  {
468  if (Buffer->Groups->Groups[i].Sid != NULL)
469  DispatchTable.FreeLsaHeap(Buffer->Groups->Groups[i].Sid);
470  }
471 
472  DispatchTable.FreeLsaHeap(Buffer->Groups);
473  }
474 
475  if (Buffer->PrimaryGroup.PrimaryGroup != NULL)
476  DispatchTable.FreeLsaHeap(Buffer->PrimaryGroup.PrimaryGroup);
477 
478  if (Buffer->DefaultDacl.DefaultDacl != NULL)
479  DispatchTable.FreeLsaHeap(Buffer->DefaultDacl.DefaultDacl);
480 
481  DispatchTable.FreeLsaHeap(Buffer);
482  }
483  }
484 
485  return Status;
486 }
487 
488 
489 static
490 NTSTATUS
491 MsvpChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest,
492  IN PVOID ProtocolSubmitBuffer,
493  IN PVOID ClientBufferBase,
494  IN ULONG SubmitBufferLength,
495  OUT PVOID *ProtocolReturnBuffer,
496  OUT PULONG ReturnBufferLength,
497  OUT PNTSTATUS ProtocolStatus)
498 {
499  PMSV1_0_CHANGEPASSWORD_REQUEST RequestBuffer;
500  ULONG_PTR PtrOffset;
501 
502  SAMPR_HANDLE ServerHandle = NULL;
503  SAMPR_HANDLE DomainHandle = NULL;
504  SAMPR_HANDLE UserHandle = NULL;
505  PRPC_SID DomainSid = NULL;
506  RPC_UNICODE_STRING Names[1];
507  SAMPR_ULONG_ARRAY RelativeIds = {0, NULL};
508  SAMPR_ULONG_ARRAY Use = {0, NULL};
509  NTSTATUS Status;
510 
511  ENCRYPTED_NT_OWF_PASSWORD OldNtPassword;
512  ENCRYPTED_NT_OWF_PASSWORD NewNtPassword;
513  ENCRYPTED_LM_OWF_PASSWORD OldLmPassword;
514  ENCRYPTED_LM_OWF_PASSWORD NewLmPassword;
515  OEM_STRING LmPwdString;
516  CHAR LmPwdBuffer[15];
517  BOOLEAN OldLmPasswordPresent = FALSE;
518  BOOLEAN NewLmPasswordPresent = FALSE;
519 
520  ENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm;
521  ENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm;
522  ENCRYPTED_LM_OWF_PASSWORD OldNtEncryptedWithNewNt;
523  ENCRYPTED_LM_OWF_PASSWORD NewNtEncryptedWithOldNt;
524  PENCRYPTED_LM_OWF_PASSWORD pOldLmEncryptedWithNewLm = NULL;
525  PENCRYPTED_LM_OWF_PASSWORD pNewLmEncryptedWithOldLm = NULL;
526 
527  TRACE("()\n");
528 
529  RequestBuffer = (PMSV1_0_CHANGEPASSWORD_REQUEST)ProtocolSubmitBuffer;
530 
531  /* Fix-up pointers in the request buffer info */
532  PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
533 
534  RequestBuffer->DomainName.Buffer = FIXUP_POINTER(RequestBuffer->DomainName.Buffer, PtrOffset);
535  RequestBuffer->AccountName.Buffer = FIXUP_POINTER(RequestBuffer->AccountName.Buffer, PtrOffset);
536  RequestBuffer->OldPassword.Buffer = FIXUP_POINTER(RequestBuffer->OldPassword.Buffer, PtrOffset);
537  RequestBuffer->NewPassword.Buffer = FIXUP_POINTER(RequestBuffer->NewPassword.Buffer, PtrOffset);
538 
539  TRACE("Domain: %S\n", RequestBuffer->DomainName.Buffer);
540  TRACE("Account: %S\n", RequestBuffer->AccountName.Buffer);
541  TRACE("Old Password: %S\n", RequestBuffer->OldPassword.Buffer);
542  TRACE("New Password: %S\n", RequestBuffer->NewPassword.Buffer);
543 
544  /* Connect to the SAM server */
545  Status = SamIConnect(NULL,
546  &ServerHandle,
547  SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
548  TRUE);
549  if (!NT_SUCCESS(Status))
550  {
551  TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status);
552  goto done;
553  }
554 
555  /* Get the domain SID */
556  Status = SamrLookupDomainInSamServer(ServerHandle,
557  (PRPC_UNICODE_STRING)&RequestBuffer->DomainName,
558  &DomainSid);
559  if (!NT_SUCCESS(Status))
560  {
561  TRACE("SamrLookupDomainInSamServer failed (Status %08lx)\n", Status);
562  goto done;
563  }
564 
565  /* Open the domain */
566  Status = SamrOpenDomain(ServerHandle,
567  DOMAIN_LOOKUP,
568  DomainSid,
569  &DomainHandle);
570  if (!NT_SUCCESS(Status))
571  {
572  TRACE("SamrOpenDomain failed (Status %08lx)\n", Status);
573  goto done;
574  }
575 
576  Names[0].Length = RequestBuffer->AccountName.Length;
577  Names[0].MaximumLength = RequestBuffer->AccountName.MaximumLength;
578  Names[0].Buffer = RequestBuffer->AccountName.Buffer;
579 
580  /* Try to get the RID for the user name */
581  Status = SamrLookupNamesInDomain(DomainHandle,
582  1,
583  Names,
584  &RelativeIds,
585  &Use);
586  if (!NT_SUCCESS(Status))
587  {
588  TRACE("SamrLookupNamesInDomain failed (Status %08lx)\n", Status);
589  Status = STATUS_NO_SUCH_USER;
590  goto done;
591  }
592 
593  /* Fail, if it is not a user account */
594  if (Use.Element[0] != SidTypeUser)
595  {
596  TRACE("Account is not a user account!\n");
597  Status = STATUS_NO_SUCH_USER;
598  goto done;
599  }
600 
601  /* Open the user object */
602  Status = SamrOpenUser(DomainHandle,
603  USER_CHANGE_PASSWORD,
604  RelativeIds.Element[0],
605  &UserHandle);
606  if (!NT_SUCCESS(Status))
607  {
608  TRACE("SamrOpenUser failed (Status %08lx)\n", Status);
609  goto done;
610  }
611 
612 
613  /* Calculate the NT hash for the old password */
614  Status = SystemFunction007(&RequestBuffer->OldPassword,
615  (LPBYTE)&OldNtPassword);
616  if (!NT_SUCCESS(Status))
617  {
618  TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
619  goto done;
620  }
621 
622  /* Calculate the NT hash for the new password */
623  Status = SystemFunction007(&RequestBuffer->NewPassword,
624  (LPBYTE)&NewNtPassword);
625  if (!NT_SUCCESS(Status))
626  {
627  TRACE("SystemFunction007 failed (Status 0x%08lx)\n", Status);
628  goto done;
629  }
630 
631  /* Calculate the LM password and hash for the old password */
632  LmPwdString.Length = 15;
633  LmPwdString.MaximumLength = 15;
634  LmPwdString.Buffer = LmPwdBuffer;
635  ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
636 
637  Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
638  &RequestBuffer->OldPassword,
639  FALSE);
640  if (NT_SUCCESS(Status))
641  {
642  /* Calculate the LM hash value of the password */
643  Status = SystemFunction006(LmPwdString.Buffer,
644  (LPSTR)&OldLmPassword);
645  if (NT_SUCCESS(Status))
646  {
647  OldLmPasswordPresent = TRUE;
648  }
649  }
650 
651  /* Calculate the LM password and hash for the new password */
652  LmPwdString.Length = 15;
653  LmPwdString.MaximumLength = 15;
654  LmPwdString.Buffer = LmPwdBuffer;
655  ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
656 
657  Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
658  &RequestBuffer->NewPassword,
659  FALSE);
660  if (NT_SUCCESS(Status))
661  {
662  /* Calculate the LM hash value of the password */
663  Status = SystemFunction006(LmPwdString.Buffer,
664  (LPSTR)&NewLmPassword);
665  if (NT_SUCCESS(Status))
666  {
667  NewLmPasswordPresent = TRUE;
668  }
669  }
670 
671  /* Encrypt the old and new LM passwords, if they exist */
672  if (OldLmPasswordPresent && NewLmPasswordPresent)
673  {
674  /* Encrypt the old LM password */
675  Status = SystemFunction012((const BYTE *)&OldLmPassword,
676  (const BYTE *)&NewLmPassword,
677  (LPBYTE)&OldLmEncryptedWithNewLm);
678  if (!NT_SUCCESS(Status))
679  {
680  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
681  goto done;
682  }
683 
684  /* Encrypt the new LM password */
685  Status = SystemFunction012((const BYTE *)&NewLmPassword,
686  (const BYTE *)&OldLmPassword,
687  (LPBYTE)&NewLmEncryptedWithOldLm);
688  if (!NT_SUCCESS(Status))
689  {
690  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
691  goto done;
692  }
693 
694  pOldLmEncryptedWithNewLm = &OldLmEncryptedWithNewLm;
695  pNewLmEncryptedWithOldLm = &NewLmEncryptedWithOldLm;
696  }
697 
698  /* Encrypt the old NT password */
699  Status = SystemFunction012((const BYTE *)&OldNtPassword,
700  (const BYTE *)&NewNtPassword,
701  (LPBYTE)&OldNtEncryptedWithNewNt);
702  if (!NT_SUCCESS(Status))
703  {
704  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
705  goto done;
706  }
707 
708  /* Encrypt the new NT password */
709  Status = SystemFunction012((const BYTE *)&NewNtPassword,
710  (const BYTE *)&OldNtPassword,
711  (LPBYTE)&NewNtEncryptedWithOldNt);
712  if (!NT_SUCCESS(Status))
713  {
714  TRACE("SystemFunction012 failed (Status 0x%08lx)\n", Status);
715  goto done;
716  }
717 
718  /* Change the password */
719  Status = SamrChangePasswordUser(UserHandle,
720  OldLmPasswordPresent && NewLmPasswordPresent,
721  pOldLmEncryptedWithNewLm,
722  pNewLmEncryptedWithOldLm,
723  TRUE,
724  &OldNtEncryptedWithNewNt,
725  &NewNtEncryptedWithOldNt,
726  FALSE,
727  NULL,
728  FALSE,
729  NULL);
730  if (!NT_SUCCESS(Status))
731  {
732  TRACE("SamrChangePasswordUser failed (Status %08lx)\n", Status);
733  goto done;
734  }
735 
736 done:
737  if (UserHandle != NULL)
738  SamrCloseHandle(&UserHandle);
739 
740  SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
741  SamIFree_SAMPR_ULONG_ARRAY(&Use);
742 
743  if (DomainHandle != NULL)
744  SamrCloseHandle(&DomainHandle);
745 
746  if (DomainSid != NULL)
747  SamIFreeVoid(DomainSid);
748 
749  if (ServerHandle != NULL)
750  SamrCloseHandle(&ServerHandle);
751 
752  return Status;
753 }
754 
755 
756 static
757 NTSTATUS
758 MsvpCheckPassword(PUNICODE_STRING UserPassword,
759  PSAMPR_USER_INFO_BUFFER UserInfo)
760 {
761  ENCRYPTED_NT_OWF_PASSWORD UserNtPassword;
762  ENCRYPTED_LM_OWF_PASSWORD UserLmPassword;
763  BOOLEAN UserLmPasswordPresent = FALSE;
764  BOOLEAN UserNtPasswordPresent = FALSE;
765  OEM_STRING LmPwdString;
766  CHAR LmPwdBuffer[15];
767  NTSTATUS Status;
768 
769  TRACE("(%p %p)\n", UserPassword, UserInfo);
770 
771  /* Calculate the LM password and hash for the users password */
772  LmPwdString.Length = 15;
773  LmPwdString.MaximumLength = 15;
774  LmPwdString.Buffer = LmPwdBuffer;
775  ZeroMemory(LmPwdString.Buffer, LmPwdString.MaximumLength);
776 
777  Status = RtlUpcaseUnicodeStringToOemString(&LmPwdString,
778  UserPassword,
779  FALSE);
780  if (NT_SUCCESS(Status))
781  {
782  /* Calculate the LM hash value of the users password */
783  Status = SystemFunction006(LmPwdString.Buffer,
784  (LPSTR)&UserLmPassword);
785  if (NT_SUCCESS(Status))
786  {
787  UserLmPasswordPresent = TRUE;
788  }
789  }
790 
791  /* Calculate the NT hash of the users password */
792  Status = SystemFunction007(UserPassword,
793  (LPBYTE)&UserNtPassword);
794  if (NT_SUCCESS(Status))
795  {
796  UserNtPasswordPresent = TRUE;
797  }
798 
799  Status = STATUS_WRONG_PASSWORD;
800 
801  /* Succeed, if no password has been set */
802  if (UserInfo->All.NtPasswordPresent == FALSE &&
803  UserInfo->All.LmPasswordPresent == FALSE)
804  {
805  TRACE("No password check!\n");
806  Status = STATUS_SUCCESS;
807  goto done;
808  }
809 
810  /* Succeed, if NT password matches */
811  if (UserNtPasswordPresent && UserInfo->All.NtPasswordPresent)
812  {
813  TRACE("Check NT password hashes:\n");
814  if (RtlEqualMemory(&UserNtPassword,
815  UserInfo->All.NtOwfPassword.Buffer,
816  sizeof(ENCRYPTED_NT_OWF_PASSWORD)))
817  {
818  TRACE(" success!\n");
819  Status = STATUS_SUCCESS;
820  goto done;
821  }
822 
823  TRACE(" failed!\n");
824  }
825 
826  /* Succeed, if LM password matches */
827  if (UserLmPasswordPresent && UserInfo->All.LmPasswordPresent)
828  {
829  TRACE("Check LM password hashes:\n");
830  if (RtlEqualMemory(&UserLmPassword,
831  UserInfo->All.LmOwfPassword.Buffer,
832  sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
833  {
834  TRACE(" success!\n");
835  Status = STATUS_SUCCESS;
836  goto done;
837  }
838  TRACE(" failed!\n");
839  }
840 
841 done:
842  return Status;
843 }
844 
845 
846 static
847 BOOL
848 MsvpCheckLogonHours(
849  _In_ PSAMPR_LOGON_HOURS LogonHours,
850  _In_ PLARGE_INTEGER LogonTime)
851 {
852 #if 0
853  LARGE_INTEGER LocalLogonTime;
854  TIME_FIELDS TimeFields;
855  USHORT MinutesPerUnit, Offset;
856  BOOL bFound;
857 
858  FIXME("MsvpCheckLogonHours(%p %p)\n", LogonHours, LogonTime);
859 
860  if (LogonHours->UnitsPerWeek == 0 || LogonHours->LogonHours == NULL)
861  {
862  FIXME("No logon hours!\n");
863  return TRUE;
864  }
865 
866  RtlSystemTimeToLocalTime(LogonTime, &LocalLogonTime);
867  RtlTimeToTimeFields(&LocalLogonTime, &TimeFields);
868 
869  FIXME("UnitsPerWeek: %u\n", LogonHours->UnitsPerWeek);
870  MinutesPerUnit = 10080 / LogonHours->UnitsPerWeek;
871 
872  Offset = ((TimeFields.Weekday * 24 + TimeFields.Hour) * 60 + TimeFields.Minute) / MinutesPerUnit;
873  FIXME("Offset: %us\n", Offset);
874 
875  bFound = (BOOL)(LogonHours->LogonHours[Offset / 8] & (1 << (Offset % 8)));
876  FIXME("Logon permitted: %s\n", bFound ? "Yes" : "No");
877 
878  return bFound;
879 #endif
880  return TRUE;
881 }
882 
883 
884 static
885 BOOL
886 MsvpCheckWorkstations(
887  _In_ PRPC_UNICODE_STRING WorkStations,
888  _In_ PWSTR ComputerName)
889 {
890  PWSTR pStart, pEnd;
891  BOOL bFound = FALSE;
892 
893  TRACE("MsvpCheckWorkstations(%p %S)\n", WorkStations, ComputerName);
894 
895  if (WorkStations->Length == 0 || WorkStations->Buffer == NULL)
896  {
897  TRACE("No workstations!\n");
898  return TRUE;
899  }
900 
901  TRACE("Workstations: %wZ\n", WorkStations);
902 
903  pStart = WorkStations->Buffer;
904  for (;;)
905  {
906  pEnd = wcschr(pStart, L',');
907  if (pEnd != NULL)
908  *pEnd = UNICODE_NULL;
909 
910  TRACE("Comparing '%S' and '%S'\n", ComputerName, pStart);
911  if (_wcsicmp(ComputerName, pStart) == 0)
912  {
913  bFound = TRUE;
914  if (pEnd != NULL)
915  *pEnd = L',';
916  break;
917  }
918 
919  if (pEnd == NULL)
920  break;
921 
922  *pEnd = L',';
923  pStart = pEnd + 1;
924  }
925 
926  TRACE("Found allowed workstation: %s\n", (bFound) ? "Yes" : "No");
927 
928  return bFound;
929 }
930 
931 
932 /*
933  * @unimplemented
934  */
935 NTSTATUS
936 NTAPI
937 LsaApCallPackage(IN PLSA_CLIENT_REQUEST ClientRequest,
938  IN PVOID ProtocolSubmitBuffer,
939  IN PVOID ClientBufferBase,
940  IN ULONG SubmitBufferLength,
941  OUT PVOID *ProtocolReturnBuffer,
942  OUT PULONG ReturnBufferLength,
943  OUT PNTSTATUS ProtocolStatus)
944 {
945  ULONG MessageType;
946  NTSTATUS Status;
947 
948  TRACE("LsaApCallPackage()\n");
949 
950  if (SubmitBufferLength < sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE))
951  return STATUS_INVALID_PARAMETER;
952 
953  MessageType = (ULONG)*((PMSV1_0_PROTOCOL_MESSAGE_TYPE)ProtocolSubmitBuffer);
954 
955  *ProtocolReturnBuffer = NULL;
956  *ReturnBufferLength = 0;
957 
958  switch (MessageType)
959  {
960  case MsV1_0Lm20ChallengeRequest:
961  case MsV1_0Lm20GetChallengeResponse:
962  Status = STATUS_NOT_IMPLEMENTED;
963  break;
964 
965  case MsV1_0EnumerateUsers:
966  case MsV1_0GetUserInfo:
967  case MsV1_0ReLogonUsers:
968  Status = STATUS_INVALID_PARAMETER;
969  break;
970 
971  case MsV1_0ChangePassword:
972  Status = MsvpChangePassword(ClientRequest,
973  ProtocolSubmitBuffer,
974  ClientBufferBase,
975  SubmitBufferLength,
976  ProtocolReturnBuffer,
977  ReturnBufferLength,
978  ProtocolStatus);
979  break;
980 
981  case MsV1_0ChangeCachedPassword:
982  case MsV1_0GenericPassthrough:
983  case MsV1_0CacheLogon:
984  case MsV1_0SubAuth:
985  case MsV1_0DeriveCredential:
986  case MsV1_0CacheLookup:
987  Status = STATUS_NOT_IMPLEMENTED;
988  break;
989 
990  default:
991  return STATUS_INVALID_PARAMETER;
992  }
993 
994  return Status;
995 }
996 
997 
998 /*
999  * @unimplemented
1000  */
1001 NTSTATUS
1002 NTAPI
1003 LsaApCallPackagePassthrough(IN PLSA_CLIENT_REQUEST ClientRequest,
1004  IN PVOID ProtocolSubmitBuffer,
1005  IN PVOID ClientBufferBase,
1006  IN ULONG SubmitBufferLength,
1007  OUT PVOID *ProtocolReturnBuffer,
1008  OUT PULONG ReturnBufferLength,
1009  OUT PNTSTATUS ProtocolStatus)
1010 {
1011  TRACE("LsaApCallPackagePassthrough()\n");
1012  return STATUS_NOT_IMPLEMENTED;
1013 }
1014 
1015 
1016 /*
1017  * @implemented
1018  */
1019 NTSTATUS
1020 NTAPI
1021 LsaApCallPackageUntrusted(IN PLSA_CLIENT_REQUEST ClientRequest,
1022  IN PVOID ProtocolSubmitBuffer,
1023  IN PVOID ClientBufferBase,
1024  IN ULONG SubmitBufferLength,
1025  OUT PVOID *ProtocolReturnBuffer,
1026  OUT PULONG ReturnBufferLength,
1027  OUT PNTSTATUS ProtocolStatus)
1028 {
1029  ULONG MessageType;
1030  NTSTATUS Status;
1031 
1032  TRACE("LsaApCallPackageUntrusted()\n");
1033 
1034  if (SubmitBufferLength < sizeof(MSV1_0_PROTOCOL_MESSAGE_TYPE))
1035  return STATUS_INVALID_PARAMETER;
1036 
1037  MessageType = (ULONG)*((PMSV1_0_PROTOCOL_MESSAGE_TYPE)ProtocolSubmitBuffer);
1038 
1039  *ProtocolReturnBuffer = NULL;
1040  *ReturnBufferLength = 0;
1041 
1042  if (MessageType == MsV1_0ChangePassword)
1043  Status = MsvpChangePassword(ClientRequest,
1044  ProtocolSubmitBuffer,
1045  ClientBufferBase,
1046  SubmitBufferLength,
1047  ProtocolReturnBuffer,
1048  ReturnBufferLength,
1049  ProtocolStatus);
1050  else
1051  Status = STATUS_ACCESS_DENIED;
1052 
1053  return Status;
1054 }
1055 
1056 
1057 /*
1058  * @implemented
1059  */
1060 NTSTATUS
1061 NTAPI
1062 LsaApInitializePackage(IN ULONG AuthenticationPackageId,
1063  IN PLSA_DISPATCH_TABLE LsaDispatchTable,
1064  IN PLSA_STRING Database OPTIONAL,
1065  IN PLSA_STRING Confidentiality OPTIONAL,
1066  OUT PLSA_STRING *AuthenticationPackageName)
1067 {
1068  PANSI_STRING NameString;
1069  PCHAR NameBuffer;
1070 
1071  TRACE("LsaApInitializePackage(%lu %p %p %p %p)\n",
1072  AuthenticationPackageId, LsaDispatchTable, Database,
1073  Confidentiality, AuthenticationPackageName);
1074 
1075  /* Get the dispatch table entries */
1076  DispatchTable.CreateLogonSession = LsaDispatchTable->CreateLogonSession;
1077  DispatchTable.DeleteLogonSession = LsaDispatchTable->DeleteLogonSession;
1078  DispatchTable.AddCredential = LsaDispatchTable->AddCredential;
1079  DispatchTable.GetCredentials = LsaDispatchTable->GetCredentials;
1080  DispatchTable.DeleteCredential = LsaDispatchTable->DeleteCredential;
1081  DispatchTable.AllocateLsaHeap = LsaDispatchTable->AllocateLsaHeap;
1082  DispatchTable.FreeLsaHeap = LsaDispatchTable->FreeLsaHeap;
1083  DispatchTable.AllocateClientBuffer = LsaDispatchTable->AllocateClientBuffer;
1084  DispatchTable.FreeClientBuffer = LsaDispatchTable->FreeClientBuffer;
1085  DispatchTable.CopyToClientBuffer = LsaDispatchTable->CopyToClientBuffer;
1086  DispatchTable.CopyFromClientBuffer = LsaDispatchTable->CopyFromClientBuffer;
1087 
1088  /* Return the package name */
1089  NameString = DispatchTable.AllocateLsaHeap(sizeof(LSA_STRING));
1090  if (NameString == NULL)
1091  return STATUS_INSUFFICIENT_RESOURCES;
1092 
1093  NameBuffer = DispatchTable.AllocateLsaHeap(sizeof(MSV1_0_PACKAGE_NAME));
1094  if (NameBuffer == NULL)
1095  {
1096  DispatchTable.FreeLsaHeap(NameString);
1097  return STATUS_INSUFFICIENT_RESOURCES;
1098  }
1099 
1100  strcpy(NameBuffer, MSV1_0_PACKAGE_NAME);
1101 
1102  RtlInitAnsiString(NameString, NameBuffer);
1103 
1104  *AuthenticationPackageName = (PLSA_STRING)NameString;
1105 
1106  return STATUS_SUCCESS;
1107 }
1108 
1109 
1110 /*
1111  * @unimplemented
1112  */
1113 VOID
1114 NTAPI
1115 LsaApLogonTerminated(IN PLUID LogonId)
1116 {
1117  TRACE("LsaApLogonTerminated()\n");
1118 }
1119 
1120 
1121 /*
1122  * @implemented
1123  */
1124 NTSTATUS
1125 NTAPI
1126 LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest,
1127  IN SECURITY_LOGON_TYPE LogonType,
1128  IN PVOID ProtocolSubmitBuffer,
1129  IN PVOID ClientBufferBase,
1130  IN ULONG SubmitBufferSize,
1131  OUT PVOID *ProfileBuffer,
1132  OUT PULONG ProfileBufferSize,
1133  OUT PLUID LogonId,
1134  OUT PNTSTATUS SubStatus,
1135  OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
1136  OUT PVOID *TokenInformation,
1137  OUT PUNICODE_STRING *AccountName,
1138  OUT PUNICODE_STRING *AuthenticatingAuthority,
1139  OUT PUNICODE_STRING *MachineName,
1140  OUT PSECPKG_PRIMARY_CRED PrimaryCredentials, /* Not supported yet */
1141  OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials) /* Not supported yet */
1142 {
1143  PMSV1_0_INTERACTIVE_LOGON LogonInfo;
1144  WCHAR ComputerName[MAX_COMPUTERNAME_LENGTH + 1];
1145  SAMPR_HANDLE ServerHandle = NULL;
1146  SAMPR_HANDLE DomainHandle = NULL;
1147  SAMPR_HANDLE UserHandle = NULL;
1148  PRPC_SID AccountDomainSid = NULL;
1149  RPC_UNICODE_STRING Names[1];
1150  SAMPR_ULONG_ARRAY RelativeIds = {0, NULL};
1151  SAMPR_ULONG_ARRAY Use = {0, NULL};
1152  PSAMPR_USER_INFO_BUFFER UserInfo = NULL;
1153  BOOLEAN SessionCreated = FALSE;
1154  LARGE_INTEGER LogonTime;
1155  LARGE_INTEGER AccountExpires;
1156  LARGE_INTEGER PasswordMustChange;
1157  LARGE_INTEGER PasswordLastSet;
1158  DWORD ComputerNameSize;
1159  BOOL SpecialAccount = FALSE;
1160  NTSTATUS Status;
1161 
1162  TRACE("LsaApLogonUser()\n");
1163 
1164  TRACE("LogonType: %lu\n", LogonType);
1165  TRACE("ProtocolSubmitBuffer: %p\n", ProtocolSubmitBuffer);
1166  TRACE("SubmitBufferSize: %lu\n", SubmitBufferSize);
1167 
1168  *ProfileBuffer = NULL;
1169  *ProfileBufferSize = 0;
1170  *SubStatus = STATUS_SUCCESS;
1171  *AccountName = NULL;
1172  *AuthenticatingAuthority = NULL;
1173 
1174  if (LogonType == Interactive ||
1175  LogonType == Batch ||
1176  LogonType == Service)
1177  {
1178  ULONG_PTR PtrOffset;
1179 
1180  LogonInfo = (PMSV1_0_INTERACTIVE_LOGON)ProtocolSubmitBuffer;
1181 
1182  /* Fix-up pointers in the authentication info */
1183  PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
1184 
1185  LogonInfo->LogonDomainName.Buffer = FIXUP_POINTER(LogonInfo->LogonDomainName.Buffer, PtrOffset);
1186  LogonInfo->UserName.Buffer = FIXUP_POINTER(LogonInfo->UserName.Buffer, PtrOffset);
1187  LogonInfo->Password.Buffer = FIXUP_POINTER(LogonInfo->Password.Buffer, PtrOffset);
1188 
1189  TRACE("Domain: %S\n", LogonInfo->LogonDomainName.Buffer);
1190  TRACE("User: %S\n", LogonInfo->UserName.Buffer);
1191  TRACE("Password: %S\n", LogonInfo->Password.Buffer);
1192  }
1193  else
1194  {
1195  FIXME("LogonType %lu is not supported yet!\n", LogonType);
1196  return STATUS_NOT_IMPLEMENTED;
1197  }
1198 
1199  /* Get the logon time */
1200  NtQuerySystemTime(&LogonTime);
1201 
1202  /* Get the computer name */
1203  ComputerNameSize = MAX_COMPUTERNAME_LENGTH + 1;
1204  GetComputerNameW(ComputerName, &ComputerNameSize);
1205 
1206  /* Check for special accounts */
1207  if (_wcsicmp(LogonInfo->LogonDomainName.Buffer, L"NT AUTHORITY") == 0)
1208  {
1209  SpecialAccount = TRUE;
1210 
1211  /* Get the authority domain SID */
1212  Status = GetNtAuthorityDomainSid(&AccountDomainSid);
1213  if (!NT_SUCCESS(Status))
1214  {
1215  ERR("GetNtAuthorityDomainSid() failed (Status 0x%08lx)\n", Status);
1216  return Status;
1217  }
1218 
1219  if (_wcsicmp(LogonInfo->UserName.Buffer, L"LocalService") == 0)
1220  {
1221  TRACE("SpecialAccount: LocalService\n");
1222 
1223  if (LogonType != Service)
1224  return STATUS_LOGON_FAILURE;
1225 
1226  UserInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1227  HEAP_ZERO_MEMORY,
1228  sizeof(SAMPR_USER_ALL_INFORMATION));
1229  if (UserInfo == NULL)
1230  {
1231  Status = STATUS_INSUFFICIENT_RESOURCES;
1232  goto done;
1233  }
1234 
1235  UserInfo->All.UserId = SECURITY_LOCAL_SERVICE_RID;
1236  UserInfo->All.PrimaryGroupId = SECURITY_LOCAL_SERVICE_RID;
1237  }
1238  else if (_wcsicmp(LogonInfo->UserName.Buffer, L"NetworkService") == 0)
1239  {
1240  TRACE("SpecialAccount: NetworkService\n");
1241 
1242  if (LogonType != Service)
1243  return STATUS_LOGON_FAILURE;
1244 
1245  UserInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1246  HEAP_ZERO_MEMORY,
1247  sizeof(SAMPR_USER_ALL_INFORMATION));
1248  if (UserInfo == NULL)
1249  {
1250  Status = STATUS_INSUFFICIENT_RESOURCES;
1251  goto done;
1252  }
1253 
1254  UserInfo->All.UserId = SECURITY_NETWORK_SERVICE_RID;
1255  UserInfo->All.PrimaryGroupId = SECURITY_NETWORK_SERVICE_RID;
1256  }
1257  else
1258  {
1259  Status = STATUS_NO_SUCH_USER;
1260  goto done;
1261  }
1262  }
1263  else
1264  {
1265  TRACE("NormalAccount\n");
1266 
1267  /* Get the account domain SID */
1268  Status = GetAccountDomainSid(&AccountDomainSid);
1269  if (!NT_SUCCESS(Status))
1270  {
1271  ERR("GetAccountDomainSid() failed (Status 0x%08lx)\n", Status);
1272  return Status;
1273  }
1274 
1275  /* Connect to the SAM server */
1276  Status = SamIConnect(NULL,
1277  &ServerHandle,
1278  SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
1279  TRUE);
1280  if (!NT_SUCCESS(Status))
1281  {
1282  TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status);
1283  goto done;
1284  }
1285 
1286  /* Open the account domain */
1287  Status = SamrOpenDomain(ServerHandle,
1288  DOMAIN_LOOKUP,
1289  AccountDomainSid,
1290  &DomainHandle);
1291  if (!NT_SUCCESS(Status))
1292  {
1293  ERR("SamrOpenDomain failed (Status %08lx)\n", Status);
1294  goto done;
1295  }
1296 
1297  Names[0].Length = LogonInfo->UserName.Length;
1298  Names[0].MaximumLength = LogonInfo->UserName.MaximumLength;
1299  Names[0].Buffer = LogonInfo->UserName.Buffer;
1300 
1301  /* Try to get the RID for the user name */
1302  Status = SamrLookupNamesInDomain(DomainHandle,
1303  1,
1304  Names,
1305  &RelativeIds,
1306  &Use);
1307  if (!NT_SUCCESS(Status))
1308  {
1309  ERR("SamrLookupNamesInDomain failed (Status %08lx)\n", Status);
1310  Status = STATUS_NO_SUCH_USER;
1311  goto done;
1312  }
1313 
1314  /* Fail, if it is not a user account */
1315  if (Use.Element[0] != SidTypeUser)
1316  {
1317  ERR("Account is not a user account!\n");
1318  Status = STATUS_NO_SUCH_USER;
1319  goto done;
1320  }
1321 
1322  /* Open the user object */
1323  Status = SamrOpenUser(DomainHandle,
1324  USER_READ_GENERAL | USER_READ_LOGON |
1325  USER_READ_ACCOUNT | USER_READ_PREFERENCES, /* FIXME */
1326  RelativeIds.Element[0],
1327  &UserHandle);
1328  if (!NT_SUCCESS(Status))
1329  {
1330  ERR("SamrOpenUser failed (Status %08lx)\n", Status);
1331  goto done;
1332  }
1333 
1334  Status = SamrQueryInformationUser(UserHandle,
1335  UserAllInformation,
1336  &UserInfo);
1337  if (!NT_SUCCESS(Status))
1338  {
1339  ERR("SamrQueryInformationUser failed (Status %08lx)\n", Status);
1340  goto done;
1341  }
1342 
1343  TRACE("UserName: %S\n", UserInfo->All.UserName.Buffer);
1344 
1345  /* Check the password */
1346  if ((UserInfo->All.UserAccountControl & USER_PASSWORD_NOT_REQUIRED) == 0)
1347  {
1348  Status = MsvpCheckPassword(&(LogonInfo->Password),
1349  UserInfo);
1350  if (!NT_SUCCESS(Status))
1351  {
1352  ERR("MsvpCheckPassword failed (Status %08lx)\n", Status);
1353  goto done;
1354  }
1355  }
1356 
1357  /* Check account restrictions for non-administrator accounts */
1358  if (RelativeIds.Element[0] != DOMAIN_USER_RID_ADMIN)
1359  {
1360  /* Check if the account has been disabled */
1361  if (UserInfo->All.UserAccountControl & USER_ACCOUNT_DISABLED)
1362  {
1363  ERR("Account disabled!\n");
1364  *SubStatus = STATUS_ACCOUNT_DISABLED;
1365  Status = STATUS_ACCOUNT_RESTRICTION;
1366  goto done;
1367  }
1368 
1369  /* Check if the account has been locked */
1370  if (UserInfo->All.UserAccountControl & USER_ACCOUNT_AUTO_LOCKED)
1371  {
1372  ERR("Account locked!\n");
1373  *SubStatus = STATUS_ACCOUNT_LOCKED_OUT;
1374  Status = STATUS_ACCOUNT_RESTRICTION;
1375  goto done;
1376  }
1377 
1378  /* Check if the account expired */
1379  AccountExpires.LowPart = UserInfo->All.AccountExpires.LowPart;
1380  AccountExpires.HighPart = UserInfo->All.AccountExpires.HighPart;
1381  if (LogonTime.QuadPart >= AccountExpires.QuadPart)
1382  {
1383  ERR("Account expired!\n");
1384  *SubStatus = STATUS_ACCOUNT_EXPIRED;
1385  Status = STATUS_ACCOUNT_RESTRICTION;
1386  goto done;
1387  }
1388 
1389  /* Check if the password expired */
1390  PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart;
1391  PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart;
1392  PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart;
1393  PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart;
1394 
1395  if (LogonTime.QuadPart >= PasswordMustChange.QuadPart)
1396  {
1397  ERR("Password expired!\n");
1398  if (PasswordLastSet.QuadPart == 0)
1399  *SubStatus = STATUS_PASSWORD_MUST_CHANGE;
1400  else
1401  *SubStatus = STATUS_PASSWORD_EXPIRED;
1402 
1403  Status = STATUS_ACCOUNT_RESTRICTION;
1404  goto done;
1405  }
1406 
1407  /* Check logon hours */
1408  if (!MsvpCheckLogonHours(&UserInfo->All.LogonHours, &LogonTime))
1409  {
1410  ERR("Invalid logon hours!\n");
1411  *SubStatus = STATUS_INVALID_LOGON_HOURS;
1412  Status = STATUS_ACCOUNT_RESTRICTION;
1413  goto done;
1414  }
1415 
1416  /* Check workstations */
1417  if (!MsvpCheckWorkstations(&UserInfo->All.WorkStations, ComputerName))
1418  {
1419  ERR("Invalid workstation!\n");
1420  *SubStatus = STATUS_INVALID_WORKSTATION;
1421  Status = STATUS_ACCOUNT_RESTRICTION;
1422  goto done;
1423  }
1424  }
1425  }
1426 
1427  /* Return logon information */
1428 
1429  /* Create and return a new logon id */
1430  Status = NtAllocateLocallyUniqueId(LogonId);
1431  if (!NT_SUCCESS(Status))
1432  {
1433  TRACE("NtAllocateLocallyUniqueId failed (Status %08lx)\n", Status);
1434  goto done;
1435  }
1436 
1437  /* Create the logon session */
1438  Status = DispatchTable.CreateLogonSession(LogonId);
1439  if (!NT_SUCCESS(Status))
1440  {
1441  TRACE("CreateLogonSession failed (Status %08lx)\n", Status);
1442  goto done;
1443  }
1444 
1445  SessionCreated = TRUE;
1446 
1447  /* Build and fill the interactive profile buffer */
1448  Status = BuildInteractiveProfileBuffer(ClientRequest,
1449  UserInfo,
1450  ComputerName,
1451  (PMSV1_0_INTERACTIVE_PROFILE*)ProfileBuffer,
1452  ProfileBufferSize);
1453  if (!NT_SUCCESS(Status))
1454  {
1455  TRACE("BuildInteractiveProfileBuffer failed (Status %08lx)\n", Status);
1456  goto done;
1457  }
1458 
1459  /* Return the token information type */
1460  *TokenInformationType = LsaTokenInformationV1;
1461 
1462  /* Build and fill the token information buffer */
1463  Status = BuildTokenInformationBuffer((PLSA_TOKEN_INFORMATION_V1*)TokenInformation,
1464  AccountDomainSid,
1465  UserInfo,
1466  SpecialAccount);
1467  if (!NT_SUCCESS(Status))
1468  {
1469  TRACE("BuildTokenInformationBuffer failed (Status %08lx)\n", Status);
1470  goto done;
1471  }
1472 
1473 done:
1474  /* Update the logon time/count or the bad password time/count */
1475  if ((UserHandle != NULL) &&
1476  (Status == STATUS_SUCCESS || Status == STATUS_WRONG_PASSWORD))
1477  {
1478  SAMPR_USER_INFO_BUFFER InternalInfo;
1479 
1480  RtlZeroMemory(&InternalInfo, sizeof(InternalInfo));
1481 
1482  if (Status == STATUS_SUCCESS)
1483  InternalInfo.Internal2.Flags = USER_LOGON_SUCCESS;
1484  else
1485  InternalInfo.Internal2.Flags = USER_LOGON_BAD_PASSWORD;
1486 
1487  SamrSetInformationUser(UserHandle,
1488  UserInternal2Information,
1489  &InternalInfo);
1490  }
1491 
1492  /* Return the account name */
1493  *AccountName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1494  if (*AccountName != NULL)
1495  {
1496  (*AccountName)->Buffer = DispatchTable.AllocateLsaHeap(LogonInfo->UserName.Length +
1497  sizeof(UNICODE_NULL));
1498  if ((*AccountName)->Buffer != NULL)
1499  {
1500  (*AccountName)->MaximumLength = LogonInfo->UserName.Length +
1501  sizeof(UNICODE_NULL);
1502  RtlCopyUnicodeString(*AccountName, &LogonInfo->UserName);
1503  }
1504  }
1505 
1506  /* Return the authenticating authority */
1507  *AuthenticatingAuthority = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1508  if (*AuthenticatingAuthority != NULL)
1509  {
1510  (*AuthenticatingAuthority)->Buffer = DispatchTable.AllocateLsaHeap(LogonInfo->LogonDomainName.Length +
1511  sizeof(UNICODE_NULL));
1512  if ((*AuthenticatingAuthority)->Buffer != NULL)
1513  {
1514  (*AuthenticatingAuthority)->MaximumLength = LogonInfo->LogonDomainName.Length +
1515  sizeof(UNICODE_NULL);
1516  RtlCopyUnicodeString(*AuthenticatingAuthority, &LogonInfo->LogonDomainName);
1517  }
1518  }
1519 
1520  /* Return the machine name */
1521  *MachineName = DispatchTable.AllocateLsaHeap(sizeof(UNICODE_STRING));
1522  if (*MachineName != NULL)
1523  {
1524  (*MachineName)->Buffer = DispatchTable.AllocateLsaHeap((ComputerNameSize + 1) * sizeof(WCHAR));
1525  if ((*MachineName)->Buffer != NULL)
1526  {
1527  (*MachineName)->MaximumLength = (ComputerNameSize + 1) * sizeof(WCHAR);
1528  (*MachineName)->Length = ComputerNameSize * sizeof(WCHAR);
1529  RtlCopyMemory((*MachineName)->Buffer, ComputerName, (*MachineName)->MaximumLength);
1530  }
1531  }
1532 
1533  if (!NT_SUCCESS(Status))
1534  {
1535  if (SessionCreated != FALSE)
1536  DispatchTable.DeleteLogonSession(LogonId);
1537 
1538  if (*ProfileBuffer != NULL)
1539  {
1540  DispatchTable.FreeClientBuffer(ClientRequest,
1541  *ProfileBuffer);
1542  *ProfileBuffer = NULL;
1543  }
1544  }
1545 
1546  if (UserHandle != NULL)
1547  SamrCloseHandle(&UserHandle);
1548 
1549  SamIFree_SAMPR_USER_INFO_BUFFER(UserInfo,
1550  UserAllInformation);
1551  SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
1552  SamIFree_SAMPR_ULONG_ARRAY(&Use);
1553 
1554  if (DomainHandle != NULL)
1555  SamrCloseHandle(&DomainHandle);
1556 
1557  if (ServerHandle != NULL)
1558  SamrCloseHandle(&ServerHandle);
1559 
1560  if (AccountDomainSid != NULL)
1561  RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);
1562 
1563  if (Status == STATUS_NO_SUCH_USER ||
1564  Status == STATUS_WRONG_PASSWORD)
1565  {
1566  *SubStatus = Status;
1567  Status = STATUS_LOGON_FAILURE;
1568  }
1569 
1570  TRACE("LsaApLogonUser done (Status 0x%08lx SubStatus 0x%08lx)\n", Status, *SubStatus);
1571 
1572  return Status;
1573 }
1574 
1575 
1576 /*
1577  * @unimplemented
1578  */
1579 NTSTATUS
1580 NTAPI
1581 SpLsaModeInitialize(
1582  _In_ ULONG LsaVersion,
1583  _Out_ PULONG PackageVersion,
1584  _Out_ PSECPKG_FUNCTION_TABLE *ppTables,
1585  _Out_ PULONG pcTables)
1586 {
1587  SECPKG_FUNCTION_TABLE Tables[1];
1588 
1589  TRACE("SpLsaModeInitialize(0x%lx %p %p %p)\n",
1590  LsaVersion, PackageVersion, ppTables, pcTables);
1591 
1592  if (LsaVersion != SECPKG_INTERFACE_VERSION)
1593  return STATUS_INVALID_PARAMETER;
1594 
1595  *PackageVersion = SECPKG_INTERFACE_VERSION;
1596 
1597  RtlZeroMemory(&Tables, sizeof(Tables));
1598 
1599  Tables[0].InitializePackage = LsaApInitializePackage;
1600 // Tables[0].LogonUser = NULL;
1601  Tables[0].CallPackage = (PLSA_AP_CALL_PACKAGE)LsaApCallPackage;
1602  Tables[0].LogonTerminated = LsaApLogonTerminated;
1603  Tables[0].CallPackageUntrusted = LsaApCallPackageUntrusted;
1604  Tables[0].CallPackagePassthrough = (PLSA_AP_CALL_PACKAGE_PASSTHROUGH)LsaApCallPackagePassthrough;
1605 // Tables[0].LogonUserEx = NULL;
1606  Tables[0].LogonUserEx2 = LsaApLogonUserEx2;
1607 // Tables[0].Initialize = SpInitialize;
1608 // Tables[0].Shutdown = NULL;
1609 // Tables[0].GetInfo = NULL;
1610 // Tables[0].AcceptCredentials = NULL;
1611 // Tables[0].SpAcquireCredentialsHandle = NULL;
1612 // Tables[0].SpQueryCredentialsAttributes = NULL;
1613 // Tables[0].FreeCredentialsHandle = NULL;
1614 // Tables[0].SaveCredentials = NULL;
1615 // Tables[0].GetCredentials = NULL;
1616 // Tables[0].DeleteCredentials = NULL;
1617 // Tables[0].InitLsaModeContext = NULL;
1618 // Tables[0].AcceptLsaModeContext = NULL;
1619 // Tables[0].DeleteContext = NULL;
1620 // Tables[0].ApplyControlToken = NULL;
1621 // Tables[0].GetUserInfo = NULL;
1622 // Tables[0].GetExtendedInformation = NULL;
1623 // Tables[0].SpQueryContextAttributes = NULL;
1624 // Tables[0].SpAddCredentials = NULL;
1625 // Tables[0].SetExtendedInformation = NULL;
1626 
1627  *ppTables = Tables;
1628  *pcTables = 1;
1629 
1630  return STATUS_SUCCESS;
1631 }
1632 
1633 
1634 /*
1635  * @unimplemented
1636  */
1637 NTSTATUS
1638 WINAPI
1639 SpUserModeInitialize(
1640  _In_ ULONG LsaVersion,
1641  _Out_ PULONG PackageVersion,
1642  _Out_ PSECPKG_USER_FUNCTION_TABLE *ppTables,
1643  _Out_ PULONG pcTables)
1644 {
1645  SECPKG_USER_FUNCTION_TABLE Tables[1];
1646 
1647  TRACE("SpUserModeInitialize(0x%lx %p %p %p)\n",
1648  LsaVersion, PackageVersion, ppTables, pcTables);
1649 
1650  if (LsaVersion != SECPKG_INTERFACE_VERSION)
1651  return STATUS_INVALID_PARAMETER;
1652 
1653  *PackageVersion = SECPKG_INTERFACE_VERSION;
1654 
1655  RtlZeroMemory(&Tables, sizeof(Tables));
1656 
1657 // Tables[0].InstanceInit = SpInstanceInit;
1658 // Tables[0].InitUserModeContext = NULL;
1659 // Tables[0].MakeSignature = NULL;
1660 // Tables[0].VerifySignature = NULL;
1661 // Tables[0].SealMessage = NULL;
1662 // Tables[0].UnsealMessage = NULL;
1663 // Tables[0].GetContextToken = NULL;
1664 // Tables[0].SpQueryContextAttributes = NULL;
1665 // Tables[0].CompleteAuthToken = NULL;
1666 // Tables[0].DeleteUserModeContext = NULL;
1667 // Tables[0].FormatCredentials = NULL;
1668 // Tables[0].MarshallSupplementalCreds = NULL;
1669 // Tables[0].ExportContext = NULL;
1670 // Tables[0].ImportContext = NULL;
1671 
1672  *ppTables = Tables;
1673  *pcTables = 1;
1674 
1675  return STATUS_SUCCESS;
1676 }
1677 
1678 /* EOF */
LSA_DISPATCH_TABLE::FreeClientBuffer
PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
Definition: authpackage.c:63
LSA_DISPATCH_TABLE::CopyToClientBuffer
PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
Definition: authpackage.c:64
_ENCRYPTED_LM_OWF_PASSWORD
Definition: msv1_0.h:80
_TIME_FIELDS::Weekday
USHORT Weekday
Definition: env_spec_w32.h:718
_SAMPR_USER_ALL_INFORMATION::LmOwfPassword
RPC_SHORT_BLOB LmOwfPassword
Definition: msv1_0.h:127
PCHAR
signed char * PCHAR
Definition: retypes.h:7
PNTSTATUS
* PNTSTATUS
Definition: strlen.c:14
_SAMPR_ULONG_ARRAY::Element
unsigned long * Element
Definition: lsasrv.h:88
PMSV1_0_CHANGEPASSWORD_REQUEST
struct _MSV1_0_CHANGEPASSWORD_REQUEST * PMSV1_0_CHANGEPASSWORD_REQUEST
_LSAPR_POLICY_INFORMATION
Definition: msv1_0.h:301
STATUS_WRONG_PASSWORD
#define STATUS_WRONG_PASSWORD
Definition: ntstatus.h:328
LSA_DISPATCH_TABLE
Definition: authpackage.c:53
_SAMPR_USER_ALL_INFORMATION::UserName
RPC_UNICODE_STRING UserName
Definition: msv1_0.h:117
LsaApCallPackage
NTSTATUS NTAPI LsaApCallPackage(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:937
MSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE MSV1_0_INTERACTIVE_PROFILE
_SAMPR_USER_ALL_INFORMATION
Definition: msv1_0.h:109
SAM_SERVER_CONNECT
#define SAM_SERVER_CONNECT
Definition: ntsam.h:99
IN
#define IN
Definition: typedefs.h:38
BuildTokenInformationBuffer
static NTSTATUS BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1 *TokenInformation, PRPC_SID AccountDomainSid, PSAMPR_USER_INFO_BUFFER UserInfo, BOOL SpecialAccount)
Definition: msv1_0.c:406
Names
PWSTR Names[NAMES_COUNT]
Definition: RtlGenerate8dot3Name.c:25
MsvpCheckWorkstations
static BOOL MsvpCheckWorkstations(_In_ PRPC_UNICODE_STRING WorkStations, _In_ PWSTR ComputerName)
Definition: msv1_0.c:886
SECURITY_AUTHENTICATED_USER_RID
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:540
TRUE
#define TRUE
Definition: types.h:120
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
MSV1_0_PACKAGE_NAME
#define MSV1_0_PACKAGE_NAME
Definition: ntsecapi.h:42
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
USER_PASSWORD_NOT_REQUIRED
#define USER_PASSWORD_NOT_REQUIRED
Definition: ntsam.h:169
_SECPKG_SUPPLEMENTAL_CRED_ARRAY
Definition: ntsecpkg.h:107
LsaApInitializePackage
NTSTATUS NTAPI LsaApInitializePackage(IN ULONG AuthenticationPackageId, IN PLSA_DISPATCH_TABLE LsaDispatchTable, IN PLSA_STRING Database OPTIONAL, IN PLSA_STRING Confidentiality OPTIONAL, OUT PLSA_STRING *AuthenticationPackageName)
Definition: msv1_0.c:1062
_MSV1_0_INTERACTIVE_PROFILE::LogoffTime
LARGE_INTEGER LogoffTime
Definition: ntsecapi.h:441
_TOKEN_GROUPS
Definition: setypes.h:959
_SID
Definition: ms-dtyp.idl:198
_MSV1_0_INTERACTIVE_PROFILE::ProfilePath
UNICODE_STRING ProfilePath
Definition: ntsecapi.h:449
SamrOpenDomain
NTSTATUS __stdcall SamrOpenDomain(SAMPR_HANDLE ServerHandle, ACCESS_MASK DesiredAccess, PRPC_SID DomainId, SAMPR_HANDLE *DomainHandle)
STATUS_NOT_IMPLEMENTED
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:225
PLSA_AP_CALL_PACKAGE_PASSTHROUGH
NTSTATUS(NTAPI * PLSA_AP_CALL_PACKAGE_PASSTHROUGH)(PLSA_CLIENT_REQUEST, PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)
Definition: authpackage.c:73
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
_MSV1_0_INTERACTIVE_PROFILE::HomeDirectory
UNICODE_STRING HomeDirectory
Definition: ntsecapi.h:447
PtrOffset
#define PtrOffset(BASE, OFFSET)
Definition: cdprocs.h:1557
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
PWSTR
uint16_t * PWSTR
Definition: typedefs.h:54
GetNtAuthorityDomainSid
static NTSTATUS GetNtAuthorityDomainSid(PRPC_SID *Sid)
Definition: msv1_0.c:74
_TOKEN_PRIMARY_GROUP
Definition: setypes.h:977
CHAR
char CHAR
Definition: xmlstorage.h:175
LSA_DISPATCH_TABLE::GetCredentials
PLSA_GET_CREDENTIALS GetCredentials
Definition: authpackage.c:58
_RPC_UNICODE_STRING
Definition: msv1_0.h:51
Ptr
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
WARN
#define WARN(fmt,...)
Definition: debug.h:111
_SAMPR_USER_ALL_INFORMATION::UserId
unsigned long UserId
Definition: msv1_0.h:131
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
PMSV1_0_INTERACTIVE_PROFILE
struct _MSV1_0_INTERACTIVE_PROFILE * PMSV1_0_INTERACTIVE_PROFILE
_SAMPR_ULONG_ARRAY
Definition: lsasrv.h:85
SpLsaModeInitialize
NTSTATUS NTAPI SpLsaModeInitialize(_In_ ULONG LsaVersion, _Out_ PULONG PackageVersion, _Out_ PSECPKG_FUNCTION_TABLE *ppTables, _Out_ PULONG pcTables)
Definition: msv1_0.c:1581
LSA_DISPATCH_TABLE::FreeLsaHeap
PLSA_FREE_LSA_HEAP FreeLsaHeap
Definition: authpackage.c:61
AppendRidToSid
static PSID AppendRidToSid(PSID SrcSid, ULONG Rid)
Definition: msv1_0.c:245
LSA_DISPATCH_TABLE::AllocateLsaHeap
PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
Definition: authpackage.c:60
_MSV1_0_INTERACTIVE_PROFILE::LogonScript
UNICODE_STRING LogonScript
Definition: ntsecapi.h:446
_SAMPR_USER_ALL_INFORMATION::PasswordLastSet
OLD_LARGE_INTEGER PasswordLastSet
Definition: msv1_0.h:113
MachineName
_In_ DWORD _Out_ PDWORD _In_opt_ PCSTR MachineName
Definition: setupapi.h:1286
ZeroMemory
#define ZeroMemory
Definition: winbase.h:1635
RtlSubAuthoritySid
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
SamrLookupNamesInDomain
NTSTATUS NTAPI SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle, IN ULONG Count, IN RPC_UNICODE_STRING Names[], OUT PSAMPR_ULONG_ARRAY RelativeIds, OUT PSAMPR_ULONG_ARRAY Use)
Definition: samrpc.c:3558
ProfileBufferLength
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
Definition: ntifs.template.h:711
RPC_SHORT_BLOB::Buffer
unsigned short * Buffer
Definition: msv1_0.h:71
SamrChangePasswordUser
NTSTATUS NTAPI SamrChangePasswordUser(IN SAMPR_HANDLE UserHandle, IN unsigned char LmPresent, IN PENCRYPTED_LM_OWF_PASSWORD OldLmEncryptedWithNewLm, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithOldLm, IN unsigned char NtPresent, IN PENCRYPTED_NT_OWF_PASSWORD OldNtEncryptedWithNewNt, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithOldNt, IN unsigned char NtCrossEncryptionPresent, IN PENCRYPTED_NT_OWF_PASSWORD NewNtEncryptedWithNewLm, IN unsigned char LmCrossEncryptionPresent, IN PENCRYPTED_LM_OWF_PASSWORD NewLmEncryptedWithNewNt)
Definition: samrpc.c:8324
SystemFunction006
NTSTATUS WINAPI SystemFunction006(LPCSTR password, LPSTR hash)
Definition: crypt_lmhash.c:53
STATUS_ACCOUNT_LOCKED_OUT
#define STATUS_ACCOUNT_LOCKED_OUT
Definition: ntstatus.h:682
_MSV1_0_CHANGEPASSWORD_REQUEST
Definition: ntsecapi.h:507
GetComputerNameW
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:440
OEM_STRING
STRING OEM_STRING
Definition: umtypes.h:203
Groups
TOpcodeData Groups[17][8]
Definition: disassemblerdata.h:895
LPSTR
char * LPSTR
Definition: xmlstorage.h:182
_LSAPR_POLICY_ACCOUNT_DOM_INFO::Sid
PRPC_SID Sid
Definition: msv1_0.h:278
NtAllocateLocallyUniqueId
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:353
_LSAPR_POLICY_INFORMATION::PolicyAccountDomainInfo
LSAPR_POLICY_ACCOUNT_DOM_INFO PolicyAccountDomainInfo
Definition: msv1_0.h:307
SamrLookupDomainInSamServer
NTSTATUS NTAPI SamrLookupDomainInSamServer(IN SAMPR_HANDLE ServerHandle, IN PRPC_UNICODE_STRING Name, OUT PRPC_SID *DomainId)
Definition: samrpc.c:497
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
BOOL
#define BOOL
Definition: nt_native.h:43
_MSV1_0_INTERACTIVE_PROFILE::LogonCount
USHORT LogonCount
Definition: ntsecapi.h:438
_SAMPR_LOGON_HOURS
Definition: msv1_0.h:91
_MSV1_0_INTERACTIVE_PROFILE::PasswordMustChange
LARGE_INTEGER PasswordMustChange
Definition: ntsecapi.h:445
_SAMPR_USER_INFO_BUFFER
Definition: msv1_0.h:146
_MSV1_0_INTERACTIVE_LOGON::Password
UNICODE_STRING Password
Definition: ntsecapi.h:434
_SECPKG_FUNCTION_TABLE::CallPackageUntrusted
PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted
Definition: ntsecpkg.h:429
_MSV1_0_CHANGEPASSWORD_REQUEST::AccountName
UNICODE_STRING AccountName
Definition: ntsecapi.h:510
STATUS_ACCOUNT_EXPIRED
#define STATUS_ACCOUNT_EXPIRED
Definition: ntstatus.h:622
_MSV1_0_INTERACTIVE_PROFILE::FullName
UNICODE_STRING FullName
Definition: ntsecapi.h:448
_SAMPR_USER_INFO_BUFFER::All
SAMPR_USER_ALL_INFORMATION All
Definition: msv1_0.h:172
RtlCopyUnicodeString
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)
STATUS_INVALID_LOGON_HOURS
#define STATUS_INVALID_LOGON_HOURS
Definition: ntstatus.h:333
LsaIOpenPolicyTrusted
NTSTATUS WINAPI LsaIOpenPolicyTrusted(OUT LSAPR_HANDLE *PolicyHandle)
Definition: policy.c:15
USER_ACCOUNT_DISABLED
#define USER_ACCOUNT_DISABLED
Definition: ntsam.h:167
STATUS_ACCOUNT_RESTRICTION
#define STATUS_ACCOUNT_RESTRICTION
Definition: ntstatus.h:332
_MSV1_0_INTERACTIVE_PROFILE
Definition: ntsecapi.h:436
RtlInitAnsiString
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:63
WINE_DEFAULT_DEBUG_CHANNEL
WINE_DEFAULT_DEBUG_CHANNEL(msv1_0)
LsaIFree_LSAPR_POLICY_INFORMATION
VOID NTAPI LsaIFree_LSAPR_POLICY_INFORMATION(IN POLICY_INFORMATION_CLASS InformationClass, IN PLSAPR_POLICY_INFORMATION PolicyInformation)
Definition: lsasrv.c:51
SamIConnect
NTSTATUS NTAPI SamIConnect(PSAMPR_SERVER_NAME ServerName, SAMPR_HANDLE *ServerHandle, ACCESS_MASK DesiredAccess, BOOLEAN Trusted)
PMSV1_0_INTERACTIVE_LOGON
struct _MSV1_0_INTERACTIVE_LOGON * PMSV1_0_INTERACTIVE_LOGON
RtlInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
SamIFreeVoid
VOID NTAPI SamIFreeVoid(PVOID Ptr)
Definition: samsrv.c:146
GetAccountDomainSid
static NTSTATUS GetAccountDomainSid(PRPC_SID *Sid)
Definition: msv1_0.c:25
FIXUP_POINTER
#define FIXUP_POINTER(Pointer, Offset)
Definition: msv1_0.h:40
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:52
ProtocolStatus
VOID NTAPI ProtocolStatus(NDIS_HANDLE BindingContext, NDIS_STATUS GenerelStatus, PVOID StatusBuffer, UINT StatusBufferSize)
Called by NDIS when the underlying driver has changed state.
Definition: lan.c:461
USER_READ_GENERAL
#define USER_READ_GENERAL
Definition: ntsam.h:126
SystemFunction012
NTSTATUS WINAPI SystemFunction012(const BYTE *in, const BYTE *key, LPBYTE out)
Definition: sysfunc.c:353
NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
Offset
_In_ ULONG _In_ ULONG Offset
Definition: ntddpcm.h:101
UNICODE_NULL
#define UNICODE_NULL
SubStatus
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
Definition: ntifs.template.h:711
_LUID
Definition: devicetopology.idl:136
LsaApLogonTerminated
VOID NTAPI LsaApLogonTerminated(IN PLUID LogonId)
Definition: msv1_0.c:1115
PMSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE * PMSV1_0_PROTOCOL_MESSAGE_TYPE
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
_SAMPR_USER_INTERNAL2_INFORMATION::Flags
unsigned long Flags
Definition: msv1_0.h:102
BufferLength
_In_ ULONG BufferLength
Definition: usbdlib.h:225
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
DOMAIN_USER_RID_ADMIN
#define DOMAIN_USER_RID_ADMIN
Definition: setypes.h:603
LSA_DISPATCH_TABLE::CreateLogonSession
PLSA_CREATE_LOGON_SESSION CreateLogonSession
Definition: authpackage.c:55
_ANSI_STRING
Definition: env_spec_w32.h:375
RtlUpcaseUnicodeStringToOemString
NTSYSAPI NTSTATUS NTAPI RtlUpcaseUnicodeStringToOemString(POEM_STRING DestinationString, PCUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
_MSV1_0_INTERACTIVE_PROFILE::PasswordLastSet
LARGE_INTEGER PasswordLastSet
Definition: ntsecapi.h:443
FIXME
#define FIXME(fmt,...)
Definition: debug.h:110
BuildInteractiveProfileBuffer
static NTSTATUS BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PSAMPR_USER_INFO_BUFFER UserInfo, IN PWSTR ComputerName, OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer, OUT PULONG ProfileBufferLength)
Definition: msv1_0.c:95
_SECPKG_FUNCTION_TABLE::CallPackage
PLSA_AP_CALL_PACKAGE CallPackage
Definition: ntsecpkg.h:427
_SECPKG_FUNCTION_TABLE
Definition: ntsecpkg.h:424
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
_LARGE_INTEGER::HighPart
LONG HighPart
Definition: typedefs.h:105
NULL
smooth NULL
Definition: ftsmooth.c:416
SE_GROUP_ENABLED_BY_DEFAULT
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
PLSA_TOKEN_INFORMATION_TYPE
enum _LSA_TOKEN_INFORMATION_TYPE * PLSA_TOKEN_INFORMATION_TYPE
_Out_
#define _Out_
Definition: no_sal2.h:323
SAM_SERVER_LOOKUP_DOMAIN
#define SAM_SERVER_LOOKUP_DOMAIN
Definition: ntsam.h:104
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
_MSV1_0_INTERACTIVE_PROFILE::LogonTime
LARGE_INTEGER LogonTime
Definition: ntsecapi.h:440
RtlSystemTimeToLocalTime
NTSYSAPI NTSTATUS NTAPI RtlSystemTimeToLocalTime(_In_ PLARGE_INTEGER SystemTime, _Out_ PLARGE_INTEGER LocalTime)
Buffer
Definition: bufpool.h:45
_SAMPR_USER_ALL_INFORMATION::AccountExpires
OLD_LARGE_INTEGER AccountExpires
Definition: msv1_0.h:114
SECPKG_INTERFACE_VERSION
#define SECPKG_INTERFACE_VERSION
Definition: ntsecpkg.h:34
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
SECURITY_LOCAL_SERVICE_RID
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:547
PLSA_AP_CALL_PACKAGE
NTSTATUS(NTAPI * PLSA_AP_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS)
Definition: ntsecpkg.h:333
SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:526
_SECPKG_FUNCTION_TABLE::InitializePackage
PLSA_AP_INITIALIZE_PACKAGE InitializePackage
Definition: ntsecpkg.h:425
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
_TIME_FIELDS::Hour
USHORT Hour
Definition: env_spec_w32.h:714
PrimaryGroup
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID _Inout_ PULONG _Out_writes_bytes_to_opt_ PrimaryGroupSize PSID PrimaryGroup
Definition: rtlfuncs.h:1559
STATUS_NO_SUCH_USER
#define STATUS_NO_SUCH_USER
Definition: ntstatus.h:322
_SECPKG_USER_FUNCTION_TABLE
Definition: ntsecpkg.h:472
RtlTimeToTimeFields
BOOLEAN RtlTimeToTimeFields(IN PLARGE_INTEGER Time, IN PTIME_FIELDS TimeFields)
Definition: env_spec_w32.cpp:895
LsarQueryInformationPolicy
NTSTATUS WINAPI LsarQueryInformationPolicy(LSAPR_HANDLE PolicyHandle, POLICY_INFORMATION_CLASS InformationClass, PLSAPR_POLICY_INFORMATION *PolicyInformation)
Definition: lsarpc.c:531
STATUS_ACCOUNT_DISABLED
#define STATUS_ACCOUNT_DISABLED
Definition: ntstatus.h:336
_SAMPR_USER_ALL_INFORMATION::PasswordMustChange
OLD_LARGE_INTEGER PasswordMustChange
Definition: msv1_0.h:116
LSA_DISPATCH_TABLE::DeleteCredential
PLSA_DELETE_CREDENTIAL DeleteCredential
Definition: authpackage.c:59
_TIME_FIELDS::Minute
USHORT Minute
Definition: env_spec_w32.h:715
BuildTokenGroups
static NTSTATUS BuildTokenGroups(OUT PTOKEN_GROUPS *Groups, IN PSID AccountDomainSid, IN ULONG RelativeId, IN BOOL SpecialAccount)
Definition: msv1_0.c:310
_MSV1_0_INTERACTIVE_LOGON::UserName
UNICODE_STRING UserName
Definition: ntsecapi.h:433
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_SECPKG_FUNCTION_TABLE::LogonUserEx2
PLSA_AP_LOGON_USER_EX2 LogonUserEx2
Definition: ntsecpkg.h:432
_MSV1_0_INTERACTIVE_PROFILE::KickOffTime
LARGE_INTEGER KickOffTime
Definition: ntsecapi.h:442
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:553
wcschr
_CONST_RETURN wchar_t *__cdecl wcschr(_In_z_ const wchar_t *_Str, wchar_t _Ch)
RtlEqualMemory
NTSYSAPI ULONG NTAPI RtlEqualMemory(CONST VOID *Source1, CONST VOID *Source2, ULONG Length)
STATUS_PASSWORD_EXPIRED
#define STATUS_PASSWORD_EXPIRED
Definition: ntstatus.h:335
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
USER_READ_ACCOUNT
#define USER_READ_ACCOUNT
Definition: ntsam.h:130
SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92
DispatchTable
LSA_DISPATCH_TABLE DispatchTable
Definition: msv1_0.c:18
SystemFunction007
NTSTATUS WINAPI SystemFunction007(const UNICODE_STRING *string, LPBYTE hash)
Definition: sysfunc.c:245
_SID_AND_ATTRIBUTES
Definition: setypes.h:474
RtlSubAuthorityCountSid
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
Definition: sid.c:104
_MSV1_0_CHANGEPASSWORD_REQUEST::NewPassword
UNICODE_STRING NewPassword
Definition: ntsecapi.h:512
WINAPI
#define WINAPI
Definition: msvc.h:8
_SECPKG_FUNCTION_TABLE::CallPackagePassthrough
PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough
Definition: ntsecpkg.h:430
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
MsvpCheckPassword
static NTSTATUS MsvpCheckPassword(PUNICODE_STRING UserPassword, PSAMPR_USER_INFO_BUFFER UserInfo)
Definition: msv1_0.c:758
STATUS_ACCESS_DENIED
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
SE_GROUP_MANDATORY
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
_MSV1_0_INTERACTIVE_PROFILE::LogonServer
UNICODE_STRING LogonServer
Definition: ntsecapi.h:451
_SAMPR_USER_ALL_INFORMATION::LogonHours
SAMPR_LOGON_HOURS LogonHours
Definition: msv1_0.h:135
LSA_DISPATCH_TABLE::DeleteLogonSession
PLSA_DELETE_LOGON_SESSION DeleteLogonSession
Definition: authpackage.c:56
USER_LOGON_SUCCESS
#define USER_LOGON_SUCCESS
Definition: msv1_0.h:98
LsarClose
NTSTATUS WINAPI LsarClose(LSAPR_HANDLE *ObjectHandle)
Definition: lsarpc.c:125
_SAMPR_USER_ALL_INFORMATION::PrimaryGroupId
unsigned long PrimaryGroupId
Definition: msv1_0.h:132
ASSERT
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:512
USER_LOGON_BAD_PASSWORD
#define USER_LOGON_BAD_PASSWORD
Definition: msv1_0.h:97
_TOKEN_USER
Definition: setypes.h:955
LSA_DISPATCH_TABLE::CopyFromClientBuffer
PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
Definition: authpackage.c:65
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
wcscpy
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
L
static const WCHAR L[]
Definition: oid.c:1250
USER_ACCOUNT_AUTO_LOCKED
#define USER_ACCOUNT_AUTO_LOCKED
Definition: ntsam.h:177
_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194
ProfileBuffer
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
Definition: ntifs.template.h:711
_LARGE_INTEGER::LowPart
ULONG LowPart
Definition: typedefs.h:104
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
BYTE
unsigned char BYTE
Definition: mem.h:68
_TIME_FIELDS
Definition: env_spec_w32.h:710
_MSV1_0_CHANGEPASSWORD_REQUEST::DomainName
UNICODE_STRING DomainName
Definition: ntsecapi.h:509
_SAMPR_USER_ALL_INFORMATION::LmPasswordPresent
unsigned char LmPasswordPresent
Definition: msv1_0.h:140
SpUserModeInitialize
NTSTATUS WINAPI SpUserModeInitialize(_In_ ULONG LsaVersion, _Out_ PULONG PackageVersion, _Out_ PSECPKG_USER_FUNCTION_TABLE *ppTables, _Out_ PULONG pcTables)
Definition: msv1_0.c:1639
LSA_DISPATCH_TABLE::AddCredential
PLSA_ADD_CREDENTIAL AddCredential
Definition: authpackage.c:57
SECURITY_NETWORK_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:548
_OLD_LARGE_INTEGER::HighPart
long HighPart
Definition: msv1_0.h:64
SamIFree_SAMPR_USER_INFO_BUFFER
VOID NTAPI SamIFree_SAMPR_USER_INFO_BUFFER(PSAMPR_USER_INFO_BUFFER Ptr, USER_INFORMATION_CLASS InformationClass)
Definition: samsrv.c:531
Status
Status
Definition: gdiplustypes.h:24
MsvpChangePassword
static NTSTATUS MsvpChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:491
ERR
#define ERR(fmt,...)
Definition: debug.h:109
_In_
#define _In_
Definition: no_sal2.h:204
MAX_COMPUTERNAME_LENGTH
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:240
_UNICODE_STRING
Definition: env_spec_w32.h:368
_MSV1_0_INTERACTIVE_PROFILE::UserFlags
ULONG UserFlags
Definition: ntsecapi.h:452
_RPC_SID
Definition: msv1_0.h:43
SamIFree_SAMPR_ULONG_ARRAY
VOID NTAPI SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr)
Definition: samsrv.c:515
STATUS_INVALID_WORKSTATION
#define STATUS_INVALID_WORKSTATION
Definition: ntstatus.h:334
LsaApCallPackagePassthrough
NTSTATUS NTAPI LsaApCallPackagePassthrough(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:1003
LSA_DISPATCH_TABLE::AllocateClientBuffer
PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
Definition: authpackage.c:62
LsaApCallPackageUntrusted
NTSTATUS NTAPI LsaApCallPackageUntrusted(IN PLSA_CLIENT_REQUEST ClientRequest, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferLength, OUT PVOID *ProtocolReturnBuffer, OUT PULONG ReturnBufferLength, OUT PNTSTATUS ProtocolStatus)
Definition: msv1_0.c:1021
_MSV1_0_INTERACTIVE_PROFILE::PasswordCanChange
LARGE_INTEGER PasswordCanChange
Definition: ntsecapi.h:444
DOMAIN_ALIAS_RID_USERS
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:625
USHORT
unsigned short USHORT
Definition: pedump.c:61
LogonType
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
Definition: ntifs.template.h:707
STATUS_PASSWORD_MUST_CHANGE
#define STATUS_PASSWORD_MUST_CHANGE
Definition: ntstatus.h:666
_SAMPR_USER_ALL_INFORMATION::UserAccountControl
unsigned long UserAccountControl
Definition: msv1_0.h:133
_MSV1_0_INTERACTIVE_PROFILE::MessageType
MSV1_0_PROFILE_BUFFER_TYPE MessageType
Definition: ntsecapi.h:437
_OLD_LARGE_INTEGER::LowPart
unsigned long LowPart
Definition: msv1_0.h:63
SamrSetInformationUser
NTSTATUS NTAPI SamrSetInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, IN PSAMPR_USER_INFO_BUFFER Buffer)
Definition: samrpc.c:8119
SECURITY_LOGON_TYPE
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
SamrCloseHandle
NTSTATUS __stdcall SamrCloseHandle(SAMPR_HANDLE *SamHandle)
_MSV1_0_INTERACTIVE_PROFILE::HomeDirectoryDrive
UNICODE_STRING HomeDirectoryDrive
Definition: ntsecapi.h:450
wcscat
_CRTIMP wchar_t *__cdecl wcscat(_Inout_updates_z_(_String_length_(_Dest)+_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
DOMAIN_GROUP_RID_USERS
#define DOMAIN_GROUP_RID_USERS
Definition: setypes.h:612
PULONG
unsigned int * PULONG
Definition: retypes.h:1
_SECPKG_PRIMARY_CRED
Definition: ntsecpkg.h:84
_MSV1_0_INTERACTIVE_PROFILE::BadPasswordCount
USHORT BadPasswordCount
Definition: ntsecapi.h:439
LogonId
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
Definition: ntifs.template.h:711
PLSA_STRING
struct _LSA_STRING * PLSA_STRING
msv1_0.h
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
SamrOpenUser
NTSTATUS NTAPI SamrOpenUser(IN SAMPR_HANDLE DomainHandle, IN ACCESS_MASK DesiredAccess, IN ULONG UserId, OUT SAMPR_HANDLE *UserHandle)
_LARGE_INTEGER
Definition: typedefs.h:100
USER_READ_PREFERENCES
#define USER_READ_PREFERENCES
Definition: ntsam.h:127
_SAMPR_USER_ALL_INFORMATION::NtOwfPassword
RPC_SHORT_BLOB NtOwfPassword
Definition: msv1_0.h:128
OUT
#define OUT
Definition: typedefs.h:39
_MSV1_0_CHANGEPASSWORD_REQUEST::OldPassword
UNICODE_STRING OldPassword
Definition: ntsecapi.h:511
strcpy
char * strcpy(char *DstString, const char *SrcString)
Definition: utclib.c:388
ULONG
unsigned int ULONG
Definition: retypes.h:1
DOMAIN_LOOKUP
#define DOMAIN_LOOKUP
Definition: ntsam.h:42
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:261
_SAMPR_USER_INFO_BUFFER::Internal2
SAMPR_USER_INTERNAL2_INFORMATION Internal2
Definition: msv1_0.h:168
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
NtQuerySystemTime
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:417
AccountDomainSid
PSID AccountDomainSid
Definition: database.c:22
LsaApLogonUserEx2
NTSTATUS NTAPI LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest, IN SECURITY_LOGON_TYPE LogonType, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferSize, OUT PVOID *ProfileBuffer, OUT PULONG ProfileBufferSize, OUT PLUID LogonId, OUT PNTSTATUS SubStatus, OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType, OUT PVOID *TokenInformation, OUT PUNICODE_STRING *AccountName, OUT PUNICODE_STRING *AuthenticatingAuthority, OUT PUNICODE_STRING *MachineName, OUT PSECPKG_PRIMARY_CRED PrimaryCredentials, OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials)
Definition: msv1_0.c:1126
_LSA_TOKEN_INFORMATION_V1
Definition: authpackage.c:26
MSV1_0_PROTOCOL_MESSAGE_TYPE
enum _MSV1_0_PROTOCOL_MESSAGE_TYPE MSV1_0_PROTOCOL_MESSAGE_TYPE
_LSA_STRING
Definition: ntsecapi.h:171
SamrQueryInformationUser
NTSTATUS NTAPI SamrQueryInformationUser(IN SAMPR_HANDLE UserHandle, IN USER_INFORMATION_CLASS UserInformationClass, OUT PSAMPR_USER_INFO_BUFFER *Buffer)
Definition: samrpc.c:7328
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184
Buffer
IN BOOLEAN OUT PSTR Buffer
Definition: progress.h:34
TimeFields
static PTIME_FIELDS TimeFields
Definition: time.c:104
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:2966
MsvpCheckLogonHours
static BOOL MsvpCheckLogonHours(_In_ PSAMPR_LOGON_HOURS LogonHours, _In_ PLARGE_INTEGER LogonTime)
Definition: msv1_0.c:848
BuildTokenPrimaryGroup
static NTSTATUS BuildTokenPrimaryGroup(OUT PTOKEN_PRIMARY_GROUP PrimaryGroup, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:292
_SECPKG_FUNCTION_TABLE::LogonTerminated
PLSA_AP_LOGON_TERMINATED LogonTerminated
Definition: ntsecpkg.h:428
USER_READ_LOGON
#define USER_READ_LOGON
Definition: ntsam.h:129
wcslen
size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
BuildTokenUser
static NTSTATUS BuildTokenUser(OUT PTOKEN_USER User, IN PSID AccountDomainSid, IN ULONG RelativeId)
Definition: msv1_0.c:272
_MSV1_0_INTERACTIVE_LOGON
Definition: ntsecapi.h:430
_wcsicmp
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
STATUS_LOGON_FAILURE
#define STATUS_LOGON_FAILURE
Definition: ntstatus.h:331
_SAMPR_USER_ALL_INFORMATION::NtPasswordPresent
unsigned char NtPasswordPresent
Definition: msv1_0.h:141
_SAMPR_USER_ALL_INFORMATION::WorkStations
RPC_UNICODE_STRING WorkStations
Definition: msv1_0.h:124
NtAuthority
SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: database.c:19
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:112
_MSV1_0_INTERACTIVE_LOGON::LogonDomainName
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:432
RtlLengthRequiredSid
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
USER_CHANGE_PASSWORD
#define USER_CHANGE_PASSWORD
Definition: ntsam.h:132
SystemAuthority
static SID_IDENTIFIER_AUTHORITY SystemAuthority
Definition: msgina.c:38
_RPC_UNICODE_STRING::Buffer
wchar_t * Buffer
Definition: msv1_0.h:55
OPTIONAL
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68