ReactOS  0.4.13-dev-464-g6b95727
srm.c
Go to the documentation of this file.
1 /*
2  * COPYRIGHT: See COPYING in the top level directory
3  * PROJECT: Local Security Authority Server DLL
4  * FILE: dll/win32/lsasrv/srm.c
5  * PURPOSE: Security Reference Monitor Server
6  *
7  * PROGRAMMERS: Timo Kreuzer (timo.kreuzer@reactos.org)
8  */
9 
10 /* INCLUDES ****************************************************************/
11 
12 #include "lsasrv.h"
13 #include <ndk/ntndk.h>
14 
15 /* GLOBALS *****************************************************************/
16 
19 
20 /* FUNCTIONS ***************************************************************/
21 
22 static
23 VOID
26 {
27  ERR("Security: LSA Component Test Command Received\n");
28 }
29 
30 static
31 VOID
34 {
35  ERR("LsapAdtWriteLog\n");
36 }
37 
38 static
39 VOID
42 {
43  ERR("LsapAsync\n");
44 }
45 
46 static
47 DWORD
48 WINAPI
50  PVOID StartContext)
51 {
54  REMOTE_PORT_VIEW RemotePortView;
55  HANDLE MessagePort, DummyPortHandle;
57 
58  /* Initialize the port message */
59  Message.Header.u1.s1.TotalLength = sizeof(Message);
60  Message.Header.u1.s1.DataLength = 0;
61 
62  /* Listen on the LSA command port */
64  if (!NT_SUCCESS(Status))
65  {
66  ERR("LsapRmServerThread - Port Listen failed 0x%lx\n", Status);
67  return Status;
68  }
69 
70  /* Setup the Port View Structure */
71  RemotePortView.Length = sizeof(REMOTE_PORT_VIEW);
72  RemotePortView.ViewSize = 0;
73  RemotePortView.ViewBase = NULL;
74 
75  /* Accept the connection */
76  Status = NtAcceptConnectPort(&MessagePort,
77  0,
78  &Message.Header,
79  TRUE,
80  NULL,
81  &RemotePortView);
82  if (!NT_SUCCESS(Status))
83  {
84  ERR("LsapRmServerThread - Port Accept Connect failed 0x%lx\n", Status);
85  return Status;
86  }
87 
88  /* Complete the connection */
89  Status = NtCompleteConnectPort(MessagePort);
90  if (!NT_SUCCESS(Status))
91  {
92  ERR("LsapRmServerThread - Port Complete Connect failed 0x%lx\n", Status);
93  return Status;
94  }
95 
96  /* No reply yet */
98 
99  /* Start looping */
100  while (TRUE)
101  {
102  /* Wait for a message */
103  Status = NtReplyWaitReceivePort(MessagePort,
104  NULL,
105  ReplyMessage,
106  &Message.Header);
107  if (!NT_SUCCESS(Status))
108  {
109  ERR("LsapRmServerThread - Failed to get message: 0x%lx", Status);
110  ReplyMessage = NULL;
111  continue;
112  }
113 
114  /* Check if this is a connection request */
115  if (Message.Header.u2.s2.Type == LPC_CONNECTION_REQUEST)
116  {
117  /* Reject connection request */
118  NtAcceptConnectPort(&DummyPortHandle,
119  NULL,
120  &Message.Header,
121  FALSE,
122  NULL,
123  NULL);
124 
125  /* Start over */
126  ReplyMessage = NULL;
127  continue;
128  }
129 
130  /* Check if this is an actual request */
131  if (Message.Header.u2.s2.Type == LPC_REQUEST)
132  {
133  ReplyMessage = &Message.Header;
134 
135  switch (Message.ApiNumber)
136  {
137  case LsapAdtWriteLogApi:
139  break;
140 
141  case LsapAsyncApi:
142  LsapAsync(&Message);
143  break;
144 
147  break;
148 
149  default:
150  ERR("LsapRmServerThread - invalid API number: 0x%lx\n",
151  Message.ApiNumber);
152  ReplyMessage = NULL;
153  }
154 
155  continue;
156  }
157 
158  ERR("LsapRmServerThread - unexpected message type: 0x%lx\n",
159  Message.Header.u2.s2.Type);
160 
161  /* Start over */
162  ReplyMessage = NULL;
163  }
164 }
165 
166 NTSTATUS
168 {
171  SECURITY_QUALITY_OF_SERVICE SecurityQos;
172  HANDLE InitEvent;
173  HANDLE ThreadHandle;
174  DWORD ThreadId;
176 
177  /* Create the LSA command port */
178  RtlInitUnicodeString(&Name, L"\\SeLsaCommandPort");
182  0,
184  2 * PAGE_SIZE);
185  if (!NT_SUCCESS(Status))
186  {
187  ERR("LsapRmInitializeServer - Port Create failed 0x%lx\n", Status);
188  return Status;
189  }
190 
191  /* Open the LSA init event */
192  RtlInitUnicodeString(&Name, L"\\SeLsaInitEvent");
194  Status = NtOpenEvent(&InitEvent, 2, &ObjectAttributes);
195  if (!NT_SUCCESS(Status))
196  {
197  ERR("LsapRmInitializeServer - Lsa Init Event Open failed 0x%lx\n", Status);
198  return Status;
199  }
200 
201  /* Signal the kernel, that we are ready */
202  Status = NtSetEvent(InitEvent, 0);
203  if (!NT_SUCCESS(Status))
204  {
205  ERR("LsapRmInitializeServer - Set Init Event failed 0x%lx\n", Status);
206  return Status;
207  }
208 
209  /* Setup the QoS structure */
212  SecurityQos.EffectiveOnly = TRUE;
213 
214  /* Connect to the kernel server */
215  RtlInitUnicodeString(&Name, L"\\SeRmCommandPort");
217  &Name,
218  &SecurityQos,
219  NULL,
220  NULL,
221  NULL,
222  NULL,
223  NULL);
224  if (!NT_SUCCESS(Status))
225  {
226  ERR("LsapRmInitializeServer - Connect to Rm Command Port failed 0x%lx\n", Status);
227  return Status;
228  }
229 
230  /* Create the server thread */
231  ThreadHandle = CreateThread(NULL, 0, LsapRmServerThread, NULL, 0, &ThreadId);
232  if (ThreadHandle == NULL)
233  {
234  ERR("LsapRmInitializeServer - Create Thread failed 0x%lx\n", Status);
236  }
237 
238  /* Close the server thread handle */
239  CloseHandle(ThreadHandle);
240 
241  return STATUS_SUCCESS;
242 }
243 
244 NTSTATUS
246  PLUID LogonId)
247 {
248  SEP_RM_API_MESSAGE RequestMessage;
251 
252  TRACE("LsapRmCreateLogonSession(%p)\n", LogonId);
253 
254  RequestMessage.Header.u2.ZeroInit = 0;
255  RequestMessage.Header.u1.s1.TotalLength =
256  (CSHORT)(sizeof(PORT_MESSAGE) + sizeof(ULONG) + sizeof(LUID));
257  RequestMessage.Header.u1.s1.DataLength =
258  RequestMessage.Header.u1.s1.TotalLength -
259  (CSHORT)sizeof(PORT_MESSAGE);
260 
261  RequestMessage.ApiNumber = (ULONG)RmCreateLogonSession;
262  RtlCopyLuid(&RequestMessage.u.LogonLuid, LogonId);
263 
264  ReplyMessage.Header.u2.ZeroInit = 0;
265  ReplyMessage.Header.u1.s1.TotalLength =
266  (CSHORT)(sizeof(PORT_MESSAGE) + sizeof(ULONG) + sizeof(NTSTATUS));
267  ReplyMessage.Header.u1.s1.DataLength =
268  ReplyMessage.Header.u1.s1.TotalLength -
269  (CSHORT)sizeof(PORT_MESSAGE);
270 
271  ReplyMessage.u.ResultStatus = STATUS_SUCCESS;
272 
274  (PPORT_MESSAGE)&RequestMessage,
276  if (NT_SUCCESS(Status))
277  {
278  Status = ReplyMessage.u.ResultStatus;
279  }
280 
281  return Status;
282 }
283 
284 NTSTATUS
286  PLUID LogonId)
287 {
288  SEP_RM_API_MESSAGE RequestMessage;
291 
292  TRACE("LsapRmDeleteLogonSession(%p)\n", LogonId);
293 
294  RequestMessage.Header.u2.ZeroInit = 0;
295  RequestMessage.Header.u1.s1.TotalLength =
296  (CSHORT)(sizeof(PORT_MESSAGE) + sizeof(ULONG) + sizeof(LUID));
297  RequestMessage.Header.u1.s1.DataLength =
298  RequestMessage.Header.u1.s1.TotalLength -
299  (CSHORT)sizeof(PORT_MESSAGE);
300 
301  RequestMessage.ApiNumber = (ULONG)RmDeleteLogonSession;
302  RtlCopyLuid(&RequestMessage.u.LogonLuid, LogonId);
303 
304  ReplyMessage.Header.u2.ZeroInit = 0;
305  ReplyMessage.Header.u1.s1.TotalLength =
306  (CSHORT)(sizeof(PORT_MESSAGE) + sizeof(ULONG) + sizeof(NTSTATUS));
307  ReplyMessage.Header.u1.s1.DataLength =
308  ReplyMessage.Header.u1.s1.TotalLength -
309  (CSHORT)sizeof(PORT_MESSAGE);
310 
311  ReplyMessage.u.ResultStatus = STATUS_SUCCESS;
312 
314  (PPORT_MESSAGE)&RequestMessage,
316  if (NT_SUCCESS(Status))
317  {
318  Status = ReplyMessage.u.ResultStatus;
319  }
320 
321  return Status;
322 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
NTSTATUS LsapRmInitializeServer(VOID)
Definition: srm.c:167
HANDLE SeRmCommandPort
Definition: srm.c:18
#define TRUE
Definition: types.h:120
#define CloseHandle
Definition: compat.h:398
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
NTSTATUS NTAPI NtRequestWaitReplyPort(IN HANDLE PortHandle, IN PPORT_MESSAGE LpcRequest, IN OUT PPORT_MESSAGE LpcReply)
Definition: send.c:695
NTSTATUS LsapRmDeleteLogonSession(PLUID LogonId)
Definition: srm.c:285
LONG NTSTATUS
Definition: precomp.h:26
static VOID LsapAsync(PLSAP_RM_API_MESSAGE Message)
Definition: srm.c:40
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
NTSTATUS LsapRmCreateLogonSession(PLUID LogonId)
Definition: srm.c:245
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
struct NameRec_ * Name
Definition: cdprocs.h:464
LUID LogonLuid
Definition: srmp.h:24
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
Definition: thread.c:111
smooth NULL
Definition: ftsmooth.c:416
struct _REMOTE_PORT_VIEW REMOTE_PORT_VIEW
BOOL WINAPI ReplyMessage(_In_ LRESULT)
#define TRACE(s)
Definition: solgame.cpp:4
NTSTATUS NTAPI NtAcceptConnectPort(OUT PHANDLE PortHandle, IN PVOID PortContext OPTIONAL, IN PPORT_MESSAGE ReplyMessage, IN BOOLEAN AcceptConnection, IN OUT PPORT_VIEW ServerView OPTIONAL, OUT PREMOTE_PORT_VIEW ClientView OPTIONAL)
Definition: complete.c:40
NTSTATUS NTAPI NtConnectPort(OUT PHANDLE PortHandle, IN PUNICODE_STRING PortName, IN PSECURITY_QUALITY_OF_SERVICE SecurityQos, IN OUT PPORT_VIEW ClientView OPTIONAL, IN OUT PREMOTE_PORT_VIEW ServerView OPTIONAL, OUT PULONG MaxMessageLength OPTIONAL, IN OUT PVOID ConnectionInformation OPTIONAL, IN OUT PULONG ConnectionInformationLength OPTIONAL)
Definition: connect.c:753
NTSTATUS NTAPI NtCreatePort(OUT PHANDLE PortHandle, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG MaxConnectInfoLength, IN ULONG MaxDataLength, IN ULONG MaxPoolUsage)
Definition: create.c:212
NTSTATUS NTAPI NtSetEvent(IN HANDLE EventHandle, OUT PLONG PreviousState OPTIONAL)
Definition: event.c:458
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define WINAPI
Definition: msvc.h:8
unsigned long DWORD
Definition: ntddk_ex.h:95
CHAR Message[80]
Definition: alive.c:5
static DWORD WINAPI LsapRmServerThread(PVOID StartContext)
Definition: srm.c:49
#define SECURITY_DYNAMIC_TRACKING
Definition: setypes.h:103
NTSTATUS NTAPI NtReplyWaitReceivePort(IN HANDLE PortHandle, OUT PVOID *PortContext OPTIONAL, IN PPORT_MESSAGE ReplyMessage OPTIONAL, OUT PPORT_MESSAGE ReceiveMessage)
Definition: reply.c:743
static const WCHAR L[]
Definition: oid.c:1250
#define PAGE_SIZE
Definition: env_spec_w32.h:49
NTSTATUS NTAPI NtOpenEvent(OUT PHANDLE EventHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: event.c:185
Status
Definition: gdiplustypes.h:24
ULONG ApiNumber
Definition: srmp.h:14
#define ERR(fmt,...)
Definition: debug.h:109
HANDLE SeLsaCommandPort
Definition: srm.c:17
union _SEP_RM_API_MESSAGE::@3317 u
#define PORT_MAXIMUM_MESSAGE_LENGTH
Definition: iotypes.h:1985
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
PORT_MESSAGE Header
Definition: srmp.h:13
NTSTATUS NTAPI NtCompleteConnectPort(IN HANDLE PortHandle)
Definition: complete.c:421
unsigned int ULONG
Definition: retypes.h:1
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
return STATUS_SUCCESS
Definition: btrfs.c:2777
short CSHORT
Definition: umtypes.h:127
static VOID LsapComponentTest(PLSAP_RM_API_MESSAGE Message)
Definition: srm.c:24
NTSTATUS NTAPI NtListenPort(IN HANDLE PortHandle, OUT PPORT_MESSAGE ConnectMessage)
Definition: listen.c:22
static VOID LsapAdtWriteLog(PLSAP_RM_API_MESSAGE Message)
Definition: srm.c:32