ReactOS  0.4.13-dev-257-gfabbd7c
logon.c File Reference
#include <advapi32.h>
Include dependency graph for logon.c:

Go to the source code of this file.

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (advapi)
 
static NTSTATUS OpenLogonLsaHandle (VOID)
 
NTSTATUS CloseLogonLsaHandle (VOID)
 
static BOOL CreateProcessAsUserCommon (_In_opt_ HANDLE hToken, _In_ DWORD dwCreationFlags, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
 
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserA (_In_opt_ HANDLE hToken, _In_opt_ LPCSTR lpApplicationName, _Inout_opt_ LPSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCSTR lpCurrentDirectory, _In_ LPSTARTUPINFOA lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
 
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserW (_In_opt_ HANDLE hToken, _In_opt_ LPCWSTR lpApplicationName, _Inout_opt_ LPWSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCWSTR lpCurrentDirectory, _In_ LPSTARTUPINFOW lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
 
BOOL WINAPI LogonUserA (_In_ LPSTR lpszUsername, _In_opt_ LPSTR lpszDomain, _In_opt_ LPSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken)
 
BOOL WINAPI LogonUserExA (_In_ LPSTR lpszUsername, _In_opt_ LPSTR lpszDomain, _In_opt_ LPSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
 
BOOL WINAPI LogonUserW (_In_ LPWSTR lpszUsername, _In_opt_ LPWSTR lpszDomain, _In_opt_ LPWSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken)
 
BOOL WINAPI LogonUserExW (_In_ LPWSTR lpszUsername, _In_opt_ LPWSTR lpszDomain, _In_opt_ LPWSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
 

Variables

HANDLE LsaHandle = NULL
 
ULONG AuthenticationPackage = 0
 

Function Documentation

◆ CloseLogonLsaHandle()

NTSTATUS CloseLogonLsaHandle ( VOID  )

Definition at line 72 of file logon.c.

73 {
75 
76  if (LsaHandle != NULL)
77  {
79  if (!NT_SUCCESS(Status))
80  {
81  TRACE("LsaDeregisterLogonProcess failed (Status 0x%08lx)\n", Status);
82  }
83  }
84 
85  return Status;
86 }
LONG NTSTATUS
Definition: precomp.h:26
HANDLE LsaHandle
Definition: logon.c:14
smooth NULL
Definition: ftsmooth.c:416
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE)
Status
Definition: gdiplustypes.h:24
return STATUS_SUCCESS
Definition: btrfs.c:2745

Referenced by DllMain().

◆ CreateProcessAsUserA()

BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserA ( _In_opt_ HANDLE  hToken,
_In_opt_ LPCSTR  lpApplicationName,
_Inout_opt_ LPSTR  lpCommandLine,
_In_opt_ LPSECURITY_ATTRIBUTES  lpProcessAttributes,
_In_opt_ LPSECURITY_ATTRIBUTES  lpThreadAttributes,
_In_ BOOL  bInheritHandles,
_In_ DWORD  dwCreationFlags,
_In_opt_ LPVOID  lpEnvironment,
_In_opt_ LPCSTR  lpCurrentDirectory,
_In_ LPSTARTUPINFOA  lpStartupInfo,
_Out_ LPPROCESS_INFORMATION  lpProcessInformation 
)

Definition at line 232 of file logon.c.

244 {
245  TRACE("%p %s %s %p %p %d 0x%08x %p %s %p %p\n", hToken, debugstr_a(lpApplicationName),
246  debugstr_a(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
247  dwCreationFlags, lpEnvironment, debugstr_a(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
248 
249  /* Create the process with a suspended main thread */
250  if (!CreateProcessA(lpApplicationName,
251  lpCommandLine,
252  lpProcessAttributes,
253  lpThreadAttributes,
254  bInheritHandles,
255  dwCreationFlags | CREATE_SUSPENDED,
256  lpEnvironment,
257  lpCurrentDirectory,
258  lpStartupInfo,
259  lpProcessInformation))
260  {
261  ERR("CreateProcessA failed, last error: %d\n", GetLastError());
262  return FALSE;
263  }
264 
265  /* Call the helper function */
266  return CreateProcessAsUserCommon(hToken,
267  dwCreationFlags,
268  lpProcessInformation);
269 }
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
static BOOL CreateProcessAsUserCommon(_In_opt_ HANDLE hToken, _In_ DWORD dwCreationFlags, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
Definition: logon.c:91
#define CREATE_SUSPENDED
Definition: winbase.h:178
#define TRACE(s)
Definition: solgame.cpp:4
#define debugstr_a
Definition: kernel32.h:31
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessA(LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFOA lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
Definition: proc.c:4772
#define ERR(fmt,...)
Definition: debug.h:109

Referenced by test_token_security_descriptor().

◆ CreateProcessAsUserCommon()

static BOOL CreateProcessAsUserCommon ( _In_opt_ HANDLE  hToken,
_In_ DWORD  dwCreationFlags,
_Out_ LPPROCESS_INFORMATION  lpProcessInformation 
)
static

Definition at line 91 of file logon.c.

95 {
97  PROCESS_ACCESS_TOKEN AccessToken;
98 
99  if (hToken != NULL)
100  {
104  HANDLE hTokenDup;
105  BOOLEAN PrivilegeSet = FALSE, HavePrivilege;
106 
107  /* Check whether the user-provided token is a primary token */
108  // GetTokenInformation();
110  TokenType,
111  &Type,
112  sizeof(Type),
113  &ReturnLength);
114  if (!NT_SUCCESS(Status))
115  {
116  ERR("NtQueryInformationToken() failed, Status 0x%08x\n", Status);
117  goto Quit;
118  }
119  if (Type != TokenPrimary)
120  {
121  ERR("Wrong token type for token 0x%p, expected TokenPrimary, got %ld\n", hToken, Type);
123  goto Quit;
124  }
125 
126  /* Duplicate the token for this new process */
128  NULL,
129  0,
130  NULL,
131  NULL); // FIXME: Use a valid SecurityDescriptor!
132  Status = NtDuplicateToken(hToken,
133  0,
135  FALSE,
136  TokenPrimary,
137  &hTokenDup);
138  if (!NT_SUCCESS(Status))
139  {
140  ERR("NtDuplicateToken() failed, Status 0x%08x\n", Status);
141  goto Quit;
142  }
143 
144  // FIXME: Do we always need SecurityImpersonation?
146  if (!NT_SUCCESS(Status))
147  {
148  ERR("RtlImpersonateSelf(SecurityImpersonation) failed, Status 0x%08x\n", Status);
149  NtClose(hTokenDup);
150  goto Quit;
151  }
152 
153  /*
154  * Attempt to acquire the process primary token assignment privilege
155  * in case we actually need it.
156  * The call will either succeed or fail when the caller has (or has not)
157  * enough rights.
158  * The last situation may not be dramatic for us. Indeed it may happen
159  * that the user-provided token is a restricted version of the caller's
160  * primary token (aka. a "child" token), or both tokens inherit (i.e. are
161  * children, and are together "siblings") from a common parent token.
162  * In this case the NT kernel allows us to assign the token to the child
163  * process without the need for the assignment privilege, which is fine.
164  * On the contrary, if the user-provided token is completely arbitrary,
165  * then the NT kernel will enforce the presence of the assignment privilege:
166  * because we failed (by assumption) to assign the privilege, the process
167  * token assignment will fail as required. It is then the job of the
168  * caller to manually acquire the necessary privileges.
169  */
171  TRUE, TRUE, &PrivilegeSet);
172  HavePrivilege = NT_SUCCESS(Status);
173  if (!HavePrivilege)
174  {
175  ERR("RtlAdjustPrivilege(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE) failed, Status 0x%08lx, "
176  "attempting to continue without it...\n", Status);
177  }
178 
179  AccessToken.Token = hTokenDup;
180  AccessToken.Thread = lpProcessInformation->hThread;
181 
182  /* Set the new process token */
183  Status = NtSetInformationProcess(lpProcessInformation->hProcess,
185  (PVOID)&AccessToken,
186  sizeof(AccessToken));
187 
188  /* Restore the privilege */
189  if (HavePrivilege)
190  {
192  PrivilegeSet, TRUE, &PrivilegeSet);
193  }
194 
195  RevertToSelf();
196 
197  /* Close the duplicated token */
198  NtClose(hTokenDup);
199 
200  /* Check whether NtSetInformationProcess() failed */
201  if (!NT_SUCCESS(Status))
202  {
203  ERR("NtSetInformationProcess() failed, Status 0x%08x\n", Status);
204  goto Quit;
205  }
206 
207  if (!NT_SUCCESS(Status))
208  {
209 Quit:
210  TerminateProcess(lpProcessInformation->hProcess, Status);
212  return FALSE;
213  }
214  }
215 
216  /* Resume the main thread */
217  if (!(dwCreationFlags & CREATE_SUSPENDED))
218  {
219  ResumeThread(lpProcessInformation->hThread);
220  }
221 
222  return TRUE;
223 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
#define TRUE
Definition: types.h:120
Type
Definition: Type.h:6
BOOL WINAPI RevertToSelf(VOID)
Definition: security.c:1487
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI NTSTATUS NTAPI RtlAdjustPrivilege(_In_ ULONG Privilege, _In_ BOOLEAN NewValue, _In_ BOOLEAN ForThread, _Out_ PBOOLEAN OldValue)
#define CREATE_SUSPENDED
Definition: winbase.h:178
unsigned char BOOLEAN
#define STATUS_BAD_TOKEN_TYPE
Definition: ntstatus.h:390
smooth NULL
Definition: ftsmooth.c:416
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Definition: token.c:1839
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SetLastError(x)
Definition: compat.h:409
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
enum _TOKEN_TYPE TOKEN_TYPE
NTSYSAPI NTSTATUS NTAPI RtlImpersonateSelf(IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: priv.c:45
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define ERR(fmt,...)
Definition: debug.h:109
NTSTATUS NTAPI NtSetInformationProcess(IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength)
Definition: query.c:1089
BOOL WINAPI TerminateProcess(IN HANDLE hProcess, IN UINT uExitCode)
Definition: proc.c:1562
DWORD WINAPI ResumeThread(IN HANDLE hThread)
Definition: thread.c:528
#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE
Definition: security.c:657
unsigned int ULONG
Definition: retypes.h:1
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Definition: token.c:2941
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:417

Referenced by CreateProcessAsUserA(), and CreateProcessAsUserW().

◆ CreateProcessAsUserW()

BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserW ( _In_opt_ HANDLE  hToken,
_In_opt_ LPCWSTR  lpApplicationName,
_Inout_opt_ LPWSTR  lpCommandLine,
_In_opt_ LPSECURITY_ATTRIBUTES  lpProcessAttributes,
_In_opt_ LPSECURITY_ATTRIBUTES  lpThreadAttributes,
_In_ BOOL  bInheritHandles,
_In_ DWORD  dwCreationFlags,
_In_opt_ LPVOID  lpEnvironment,
_In_opt_ LPCWSTR  lpCurrentDirectory,
_In_ LPSTARTUPINFOW  lpStartupInfo,
_Out_ LPPROCESS_INFORMATION  lpProcessInformation 
)

Definition at line 278 of file logon.c.

290 {
291  TRACE("%p %s %s %p %p %d 0x%08x %p %s %p %p\n", hToken, debugstr_w(lpApplicationName),
292  debugstr_w(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
293  dwCreationFlags, lpEnvironment, debugstr_w(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
294 
295  /* Create the process with a suspended main thread */
296  if (!CreateProcessW(lpApplicationName,
297  lpCommandLine,
298  lpProcessAttributes,
299  lpThreadAttributes,
300  bInheritHandles,
301  dwCreationFlags | CREATE_SUSPENDED,
302  lpEnvironment,
303  lpCurrentDirectory,
304  lpStartupInfo,
305  lpProcessInformation))
306  {
307  ERR("CreateProcessW failed, last error: %d\n", GetLastError());
308  return FALSE;
309  }
310 
311  /* Call the helper function */
312  return CreateProcessAsUserCommon(hToken,
313  dwCreationFlags,
314  lpProcessInformation);
315 }
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
static BOOL CreateProcessAsUserCommon(_In_opt_ HANDLE hToken, _In_ DWORD dwCreationFlags, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
Definition: logon.c:91
#define CREATE_SUSPENDED
Definition: winbase.h:178
#define debugstr_w
Definition: kernel32.h:32
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW(LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
Definition: proc.c:4623
#define TRACE(s)
Definition: solgame.cpp:4
#define ERR(fmt,...)
Definition: debug.h:109

Referenced by InstallDevice(), ScmStartUserModeService(), and WlxStartApplication().

◆ LogonUserA()

BOOL WINAPI LogonUserA ( _In_ LPSTR  lpszUsername,
_In_opt_ LPSTR  lpszDomain,
_In_opt_ LPSTR  lpszPassword,
_In_ DWORD  dwLogonType,
_In_ DWORD  dwLogonProvider,
_Out_opt_ PHANDLE  phToken 
)

Definition at line 323 of file logon.c.

330 {
331  return LogonUserExA(lpszUsername,
332  lpszDomain,
333  lpszPassword,
334  dwLogonType,
336  phToken,
337  NULL,
338  NULL,
339  NULL,
340  NULL);
341 }
BOOL WINAPI LogonUserExA(_In_ LPSTR lpszUsername, _In_opt_ LPSTR lpszDomain, _In_opt_ LPSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
Definition: logon.c:349
_In_opt_ LPSTR _In_opt_ LPSTR lpszPassword
Definition: winbase.h:2651
smooth NULL
Definition: ftsmooth.c:416
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE phToken
Definition: winbase.h:2651
_In_opt_ LPSTR lpszDomain
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD dwLogonType
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD dwLogonProvider
Definition: winbase.h:2651

◆ LogonUserExA()

BOOL WINAPI LogonUserExA ( _In_ LPSTR  lpszUsername,
_In_opt_ LPSTR  lpszDomain,
_In_opt_ LPSTR  lpszPassword,
_In_ DWORD  dwLogonType,
_In_ DWORD  dwLogonProvider,
_Out_opt_ PHANDLE  phToken,
_Out_opt_ PSID ppLogonSid,
_Out_opt_ PVOID ppProfileBuffer,
_Out_opt_ LPDWORD  pdwProfileLength,
_Out_opt_ PQUOTA_LIMITS  pQuotaLimits 
)

Definition at line 349 of file logon.c.

360 {
361  UNICODE_STRING UserName;
362  UNICODE_STRING Domain;
364  BOOL ret = FALSE;
365 
366  UserName.Buffer = NULL;
367  Domain.Buffer = NULL;
368  Password.Buffer = NULL;
369 
370  if (!RtlCreateUnicodeStringFromAsciiz(&UserName, lpszUsername))
371  {
373  goto UsernameDone;
374  }
375 
377  {
379  goto DomainDone;
380  }
381 
383  {
385  goto PasswordDone;
386  }
387 
388  ret = LogonUserExW(UserName.Buffer,
389  Domain.Buffer,
390  Password.Buffer,
391  dwLogonType,
393  phToken,
394  ppLogonSid,
397  pQuotaLimits);
398 
399  if (Password.Buffer != NULL)
401 
402 PasswordDone:
403  if (Domain.Buffer != NULL)
404  RtlFreeUnicodeString(&Domain);
405 
406 DomainDone:
407  if (UserName.Buffer != NULL)
408  RtlFreeUnicodeString(&UserName);
409 
410 UsernameDone:
411  return ret;
412 }
BOOL WINAPI LogonUserExW(_In_ LPWSTR lpszUsername, _In_opt_ LPWSTR lpszDomain, _In_opt_ LPWSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
Definition: logon.c:446
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
_In_opt_ LPSTR _In_opt_ LPSTR lpszPassword
Definition: winbase.h:2651
unsigned int BOOL
Definition: ntddk_ex.h:94
smooth NULL
Definition: ftsmooth.c:416
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE phToken
Definition: winbase.h:2651
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:409
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID _Out_opt_ LPDWORD _Out_opt_ PQUOTA_LIMITS pQuotaLimits
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID * ppLogonSid
Definition: winbase.h:2651
int ret
_In_opt_ LPSTR lpszDomain
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD dwLogonType
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD dwLogonProvider
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID * ppProfileBuffer
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID _Out_opt_ LPDWORD pdwProfileLength
Definition: winbase.h:2651

Referenced by LogonUserA().

◆ LogonUserExW()

BOOL WINAPI LogonUserExW ( _In_ LPWSTR  lpszUsername,
_In_opt_ LPWSTR  lpszDomain,
_In_opt_ LPWSTR  lpszPassword,
_In_ DWORD  dwLogonType,
_In_ DWORD  dwLogonProvider,
_Out_opt_ PHANDLE  phToken,
_Out_opt_ PSID ppLogonSid,
_Out_opt_ PVOID ppProfileBuffer,
_Out_opt_ LPDWORD  pdwProfileLength,
_Out_opt_ PQUOTA_LIMITS  pQuotaLimits 
)

Definition at line 446 of file logon.c.

457 {
460  PSID LogonSid = NULL;
461  PSID LocalSid = NULL;
463  UNICODE_STRING DomainName;
464  UNICODE_STRING UserName;
466  PMSV1_0_INTERACTIVE_LOGON AuthInfo = NULL;
467  ULONG AuthInfoLength;
468  ULONG_PTR Ptr;
473  LUID Luid = {0, 0};
474  LUID LogonId = {0, 0};
476  QUOTA_LIMITS QuotaLimits;
480 
481  if ((ppProfileBuffer != NULL && pdwProfileLength == NULL) ||
483  {
485  return FALSE;
486  }
487 
489  {
491  *pdwProfileLength = 0;
492  }
493 
494  if (phToken != NULL)
495  *phToken = NULL;
496 
497  switch (dwLogonType)
498  {
501  break;
502 
504  LogonType = Network;
505  break;
506 
507  case LOGON32_LOGON_BATCH:
508  LogonType = Batch;
509  break;
510 
512  LogonType = Service;
513  break;
514 
515  default:
516  ERR("Invalid logon type: %ul\n", dwLogonType);
518  goto done;
519  }
520 
521  if (LsaHandle == NULL)
522  {
524  if (!NT_SUCCESS(Status))
525  goto done;
526  }
527 
529  "Advapi32 Logon");
530 
531  RtlInitUnicodeString(&DomainName,
532  lpszDomain);
533 
534  RtlInitUnicodeString(&UserName,
535  lpszUsername);
536 
538  lpszPassword);
539 
540  AuthInfoLength = sizeof(MSV1_0_INTERACTIVE_LOGON)+
541  DomainName.MaximumLength +
542  UserName.MaximumLength +
543  Password.MaximumLength;
544 
545  AuthInfo = RtlAllocateHeap(RtlGetProcessHeap(),
547  AuthInfoLength);
548  if (AuthInfo == NULL)
549  {
551  goto done;
552  }
553 
555 
556  Ptr = (ULONG_PTR)AuthInfo + sizeof(MSV1_0_INTERACTIVE_LOGON);
557 
558  AuthInfo->LogonDomainName.Length = DomainName.Length;
559  AuthInfo->LogonDomainName.MaximumLength = DomainName.MaximumLength;
560  AuthInfo->LogonDomainName.Buffer = (DomainName.Buffer == NULL) ? NULL : (PWCHAR)Ptr;
561  if (DomainName.MaximumLength > 0)
562  {
564  DomainName.Buffer,
565  DomainName.MaximumLength);
566 
567  Ptr += DomainName.MaximumLength;
568  }
569 
570  AuthInfo->UserName.Length = UserName.Length;
571  AuthInfo->UserName.MaximumLength = UserName.MaximumLength;
572  AuthInfo->UserName.Buffer = (PWCHAR)Ptr;
573  if (UserName.MaximumLength > 0)
574  RtlCopyMemory(AuthInfo->UserName.Buffer,
575  UserName.Buffer,
576  UserName.MaximumLength);
577 
578  Ptr += UserName.MaximumLength;
579 
580  AuthInfo->Password.Length = Password.Length;
581  AuthInfo->Password.MaximumLength = Password.MaximumLength;
582  AuthInfo->Password.Buffer = (PWCHAR)Ptr;
583  if (Password.MaximumLength > 0)
584  RtlCopyMemory(AuthInfo->Password.Buffer,
585  Password.Buffer,
586  Password.MaximumLength);
587 
588  /* Create the Logon SID */
593  LogonId.HighPart,
594  LogonId.LowPart,
600  &LogonSid);
601  if (!NT_SUCCESS(Status))
602  goto done;
603 
604  /* Create the Local SID */
605  Status = RtlAllocateAndInitializeSid(&LocalAuthority,
606  1,
615  &LocalSid);
616  if (!NT_SUCCESS(Status))
617  goto done;
618 
619  /* Allocate and set the token groups */
620  TokenGroups = RtlAllocateHeap(RtlGetProcessHeap(),
622  sizeof(TOKEN_GROUPS) + ((2 - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES)));
623  if (TokenGroups == NULL)
624  {
626  goto done;
627  }
628 
629  TokenGroups->GroupCount = 2;
630  TokenGroups->Groups[0].Sid = LogonSid;
631  TokenGroups->Groups[0].Attributes = SE_GROUP_MANDATORY | SE_GROUP_ENABLED |
633  TokenGroups->Groups[1].Sid = LocalSid;
634  TokenGroups->Groups[1].Attributes = SE_GROUP_MANDATORY | SE_GROUP_ENABLED |
636 
637  /* Set the token source */
638  strncpy(TokenSource.SourceName, "Advapi ", sizeof(TokenSource.SourceName));
639  AllocateLocallyUniqueId(&TokenSource.SourceIdentifier);
640 
642  &OriginName,
643  LogonType,
645  (PVOID)AuthInfo,
646  AuthInfoLength,
647  TokenGroups,
648  &TokenSource,
649  (PVOID*)&ProfileBuffer,
651  &Luid,
652  &TokenHandle,
653  &QuotaLimits,
654  &SubStatus);
655  if (!NT_SUCCESS(Status))
656  {
657  ERR("LsaLogonUser failed (Status 0x%08lx)\n", Status);
658  goto done;
659  }
660 
661  if (ProfileBuffer != NULL)
662  {
663  TRACE("ProfileBuffer: %p\n", ProfileBuffer);
664  TRACE("MessageType: %u\n", ProfileBuffer->MessageType);
665 
666  TRACE("FullName: %p\n", ProfileBuffer->FullName.Buffer);
667  TRACE("FullName: %S\n", ProfileBuffer->FullName.Buffer);
668 
669  TRACE("LogonServer: %p\n", ProfileBuffer->LogonServer.Buffer);
670  TRACE("LogonServer: %S\n", ProfileBuffer->LogonServer.Buffer);
671  }
672 
673  TRACE("Luid: 0x%08lx%08lx\n", Luid.HighPart, Luid.LowPart);
674 
675  if (TokenHandle != NULL)
676  {
677  TRACE("TokenHandle: %p\n", TokenHandle);
678  }
679 
680  if (phToken != NULL)
681  *phToken = TokenHandle;
682 
683  /* FIXME: return ppLogonSid and pQuotaLimits */
684 
685 done:
686  if (ProfileBuffer != NULL)
688 
689  if (!NT_SUCCESS(Status))
690  {
691  if (TokenHandle != NULL)
693  }
694 
695  if (TokenGroups != NULL)
696  RtlFreeHeap(RtlGetProcessHeap(), 0, TokenGroups);
697 
698  if (LocalSid != NULL)
700 
701  if (LogonSid != NULL)
702  RtlFreeSid(LogonSid);
703 
704  if (AuthInfo != NULL)
705  RtlFreeHeap(RtlGetProcessHeap(), 0, AuthInfo);
706 
707  if (!NT_SUCCESS(Status))
708  {
710  return FALSE;
711  }
712 
713  return TRUE;
714 }
#define ERROR_INVALID_PARAMETER
Definition: compat.h:91
NTSTATUS NTAPI LsaLogonUser(HANDLE, PLSA_STRING, SECURITY_LOGON_TYPE, ULONG, PVOID, ULONG, PTOKEN_GROUPS, PTOKEN_SOURCE, PVOID *, PULONG, PLUID, PHANDLE, PQUOTA_LIMITS, PNTSTATUS)
#define TRUE
Definition: types.h:120
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define CloseHandle
Definition: compat.h:398
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:431
USHORT MaximumLength
Definition: env_spec_w32.h:370
#define ANYSIZE_ARRAY
Definition: typedefs.h:45
#define LOGON32_LOGON_BATCH
Definition: winbase.h:374
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
char * strncpy(char *DstString, const char *SrcString, ACPI_SIZE Count)
Definition: utclib.c:427
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:603
_In_opt_ LPSTR _In_opt_ LPSTR lpszPassword
Definition: winbase.h:2651
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
uint16_t * PWCHAR
Definition: typedefs.h:54
PSID LocalSid
Definition: globals.c:15
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
_IRQL_requires_same_ _In_ PLSA_STRING OriginName
UNICODE_STRING Password
Definition: ntsecapi.h:434
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
uint32_t ULONG_PTR
Definition: typedefs.h:63
#define SECURITY_LOGON_IDS_RID_COUNT
Definition: setypes.h:533
HANDLE LsaHandle
Definition: logon.c:14
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
#define SECURITY_LOCAL_SID_AUTHORITY
Definition: setypes.h:502
smooth NULL
Definition: ftsmooth.c:416
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
static NTSTATUS OpenLogonLsaHandle(VOID)
Definition: logon.c:21
#define LOGON32_LOGON_SERVICE
Definition: winbase.h:375
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:526
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:585
struct _MSV1_0_INTERACTIVE_LOGON MSV1_0_INTERACTIVE_LOGON
UNICODE_STRING UserName
Definition: ntsecapi.h:433
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SE_GROUP_ENABLED
Definition: setypes.h:92
DWORD LowPart
#define SECURITY_LOCAL_RID
Definition: setypes.h:514
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE phToken
Definition: winbase.h:2651
PCHAR Buffer
Definition: ntsecapi.h:174
#define SetLastError(x)
Definition: compat.h:409
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
#define SECURITY_NULL_RID
Definition: setypes.h:512
LONG HighPart
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
ULONG AuthenticationPackage
Definition: logon.c:15
#define LOGON32_LOGON_INTERACTIVE
Definition: winbase.h:372
Status
Definition: gdiplustypes.h:24
#define SE_GROUP_LOGON_ID
Definition: setypes.h:98
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define ERR(fmt,...)
Definition: debug.h:109
#define LOGON32_LOGON_NETWORK
Definition: winbase.h:373
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
BOOL WINAPI AllocateLocallyUniqueId(PLUID Luid)
Definition: security.c:1097
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
_In_opt_ LPSTR lpszDomain
Definition: winbase.h:2651
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD dwLogonType
Definition: winbase.h:2651
#define SECURITY_LOGON_IDS_RID
Definition: setypes.h:532
NTSTATUS NTAPI LsaFreeReturnBuffer(PVOID)
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID * ppProfileBuffer
Definition: winbase.h:2651
unsigned int ULONG
Definition: retypes.h:1
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define ULONG_PTR
Definition: config.h:101
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID _Out_opt_ LPDWORD pdwProfileLength
Definition: winbase.h:2651
return STATUS_SUCCESS
Definition: btrfs.c:2745
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:432
static SID_IDENTIFIER_AUTHORITY SystemAuthority
Definition: msgina.c:38

Referenced by LogonUserExA(), and LogonUserW().

◆ LogonUserW()

BOOL WINAPI LogonUserW ( _In_ LPWSTR  lpszUsername,
_In_opt_ LPWSTR  lpszDomain,
_In_opt_ LPWSTR  lpszPassword,
_In_ DWORD  dwLogonType,
_In_ DWORD  dwLogonProvider,
_Out_opt_ PHANDLE  phToken 
)

Definition at line 420 of file logon.c.

427 {
428  return LogonUserExW(lpszUsername,
429  lpszDomain,
430  lpszPassword,
431  dwLogonType,
433  phToken,
434  NULL,
435  NULL,
436  NULL,
437  NULL);
438 }
BOOL WINAPI LogonUserExW(_In_ LPWSTR lpszUsername, _In_opt_ LPWSTR lpszDomain, _In_opt_ LPWSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
Definition: logon.c:446
_In_opt_ LPSTR _In_opt_ LPSTR lpszPassword
Definition: winbase.h:2651
smooth NULL
Definition: ftsmooth.c:416
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE phToken
Definition: winbase.h:2651
_In_opt_ LPSTR lpszDomain
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD dwLogonType
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD dwLogonProvider
Definition: winbase.h:2651

Referenced by ScmLogonService().

◆ OpenLogonLsaHandle()

static NTSTATUS OpenLogonLsaHandle ( VOID  )
static

Definition at line 21 of file logon.c.

22 {
23  LSA_STRING LogonProcessName;
24  LSA_STRING PackageName;
27 
28  RtlInitAnsiString((PANSI_STRING)&LogonProcessName,
29  "User32LogonProcess");
30 
31  Status = LsaRegisterLogonProcess(&LogonProcessName,
32  &LsaHandle,
33  &SecurityMode);
34  if (!NT_SUCCESS(Status))
35  {
36  TRACE("LsaRegisterLogonProcess failed (Status 0x%08lx)\n", Status);
37  goto done;
38  }
39 
40  RtlInitAnsiString((PANSI_STRING)&PackageName,
42 
44  &PackageName,
46  if (!NT_SUCCESS(Status))
47  {
48  TRACE("LsaLookupAuthenticationPackage failed (Status 0x%08lx)\n", Status);
49  goto done;
50  }
51 
52  TRACE("AuthenticationPackage: 0x%08lx\n", AuthenticationPackage);
53 
54 done:
55  if (!NT_SUCCESS(Status))
56  {
57  if (LsaHandle != NULL)
58  {
60  if (!NT_SUCCESS(Status))
61  {
62  TRACE("LsaDeregisterLogonProcess failed (Status 0x%08lx)\n", Status);
63  }
64  }
65  }
66 
67  return Status;
68 }
#define MSV1_0_PACKAGE_NAME
Definition: ntsecapi.h:42
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
HANDLE LsaHandle
Definition: logon.c:14
_IRQL_requires_same_ _Out_ PHANDLE _Out_ PLSA_OPERATIONAL_MODE SecurityMode
smooth NULL
Definition: ftsmooth.c:416
ULONG LSA_OPERATIONAL_MODE
Definition: ntsecapi.h:364
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE)
ULONG AuthenticationPackage
Definition: logon.c:15
Status
Definition: gdiplustypes.h:24
NTSTATUS NTAPI LsaLookupAuthenticationPackage(HANDLE, PLSA_STRING, PULONG)
NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING, PHANDLE, PLSA_OPERATIONAL_MODE)

Referenced by LogonUserExW().

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( advapi  )

Variable Documentation

◆ AuthenticationPackage

◆ LsaHandle