ReactOS  0.4.14-dev-52-g6116262
logon.c File Reference
#include <advapi32.h>
Include dependency graph for logon.c:

Go to the source code of this file.

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (advapi)
 
 C_ASSERT (sizeof(AdvapiTokenSourceName)==RTL_FIELD_SIZE(TOKEN_SOURCE, SourceName)+1)
 
static NTSTATUS OpenLogonLsaHandle (VOID)
 
NTSTATUS CloseLogonLsaHandle (VOID)
 
static BOOL CreateProcessAsUserCommon (_In_opt_ HANDLE hToken, _In_ DWORD dwCreationFlags, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
 
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserA (_In_opt_ HANDLE hToken, _In_opt_ LPCSTR lpApplicationName, _Inout_opt_ LPSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCSTR lpCurrentDirectory, _In_ LPSTARTUPINFOA lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
 
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserW (_In_opt_ HANDLE hToken, _In_opt_ LPCWSTR lpApplicationName, _Inout_opt_ LPWSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCWSTR lpCurrentDirectory, _In_ LPSTARTUPINFOW lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
 
BOOL WINAPI LogonUserA (_In_ LPSTR lpszUsername, _In_opt_ LPSTR lpszDomain, _In_opt_ LPSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken)
 
BOOL WINAPI LogonUserExA (_In_ LPSTR lpszUsername, _In_opt_ LPSTR lpszDomain, _In_opt_ LPSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
 
BOOL WINAPI LogonUserW (_In_ LPWSTR lpszUsername, _In_opt_ LPWSTR lpszDomain, _In_opt_ LPWSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken)
 
BOOL WINAPI LogonUserExW (_In_ LPWSTR lpszUsername, _In_opt_ LPWSTR lpszDomain, _In_opt_ LPWSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
 

Variables

static const CHAR AdvapiTokenSourceName [] = "Advapi "
 
HANDLE LsaHandle = NULL
 
ULONG AuthenticationPackage = 0
 

Function Documentation

◆ C_ASSERT()

◆ CloseLogonLsaHandle()

NTSTATUS CloseLogonLsaHandle ( VOID  )

Definition at line 75 of file logon.c.

76 {
78 
79  if (LsaHandle != NULL)
80  {
82  if (!NT_SUCCESS(Status))
83  {
84  TRACE("LsaDeregisterLogonProcess failed (Status 0x%08lx)\n", Status);
85  }
86  }
87 
88  return Status;
89 }
LONG NTSTATUS
Definition: precomp.h:26
HANDLE LsaHandle
Definition: logon.c:17
smooth NULL
Definition: ftsmooth.c:416
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE)
Status
Definition: gdiplustypes.h:24
return STATUS_SUCCESS
Definition: btrfs.c:2966

Referenced by DllMain().

◆ CreateProcessAsUserA()

BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserA ( _In_opt_ HANDLE  hToken,
_In_opt_ LPCSTR  lpApplicationName,
_Inout_opt_ LPSTR  lpCommandLine,
_In_opt_ LPSECURITY_ATTRIBUTES  lpProcessAttributes,
_In_opt_ LPSECURITY_ATTRIBUTES  lpThreadAttributes,
_In_ BOOL  bInheritHandles,
_In_ DWORD  dwCreationFlags,
_In_opt_ LPVOID  lpEnvironment,
_In_opt_ LPCSTR  lpCurrentDirectory,
_In_ LPSTARTUPINFOA  lpStartupInfo,
_Out_ LPPROCESS_INFORMATION  lpProcessInformation 
)

Definition at line 235 of file logon.c.

247 {
248  TRACE("%p %s %s %p %p %d 0x%08x %p %s %p %p\n", hToken, debugstr_a(lpApplicationName),
249  debugstr_a(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
250  dwCreationFlags, lpEnvironment, debugstr_a(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
251 
252  /* Create the process with a suspended main thread */
253  if (!CreateProcessA(lpApplicationName,
254  lpCommandLine,
255  lpProcessAttributes,
256  lpThreadAttributes,
257  bInheritHandles,
258  dwCreationFlags | CREATE_SUSPENDED,
259  lpEnvironment,
260  lpCurrentDirectory,
261  lpStartupInfo,
262  lpProcessInformation))
263  {
264  ERR("CreateProcessA failed, last error: %d\n", GetLastError());
265  return FALSE;
266  }
267 
268  /* Call the helper function */
269  return CreateProcessAsUserCommon(hToken,
270  dwCreationFlags,
271  lpProcessInformation);
272 }
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
static BOOL CreateProcessAsUserCommon(_In_opt_ HANDLE hToken, _In_ DWORD dwCreationFlags, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
Definition: logon.c:94
#define CREATE_SUSPENDED
Definition: winbase.h:178
#define TRACE(s)
Definition: solgame.cpp:4
#define debugstr_a
Definition: kernel32.h:31
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessA(LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFOA lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
Definition: proc.c:4742
#define ERR(fmt,...)
Definition: debug.h:109

Referenced by test_token_security_descriptor().

◆ CreateProcessAsUserCommon()

static BOOL CreateProcessAsUserCommon ( _In_opt_ HANDLE  hToken,
_In_ DWORD  dwCreationFlags,
_Out_ LPPROCESS_INFORMATION  lpProcessInformation 
)
static

Definition at line 94 of file logon.c.

98 {
100  PROCESS_ACCESS_TOKEN AccessToken;
101 
102  if (hToken != NULL)
103  {
107  HANDLE hTokenDup;
108  BOOLEAN PrivilegeSet = FALSE, HavePrivilege;
109 
110  /* Check whether the user-provided token is a primary token */
111  // GetTokenInformation();
113  TokenType,
114  &Type,
115  sizeof(Type),
116  &ReturnLength);
117  if (!NT_SUCCESS(Status))
118  {
119  ERR("NtQueryInformationToken() failed, Status 0x%08x\n", Status);
120  goto Quit;
121  }
122  if (Type != TokenPrimary)
123  {
124  ERR("Wrong token type for token 0x%p, expected TokenPrimary, got %ld\n", hToken, Type);
126  goto Quit;
127  }
128 
129  /* Duplicate the token for this new process */
131  NULL,
132  0,
133  NULL,
134  NULL); // FIXME: Use a valid SecurityDescriptor!
135  Status = NtDuplicateToken(hToken,
136  0,
138  FALSE,
139  TokenPrimary,
140  &hTokenDup);
141  if (!NT_SUCCESS(Status))
142  {
143  ERR("NtDuplicateToken() failed, Status 0x%08x\n", Status);
144  goto Quit;
145  }
146 
147  // FIXME: Do we always need SecurityImpersonation?
149  if (!NT_SUCCESS(Status))
150  {
151  ERR("RtlImpersonateSelf(SecurityImpersonation) failed, Status 0x%08x\n", Status);
152  NtClose(hTokenDup);
153  goto Quit;
154  }
155 
156  /*
157  * Attempt to acquire the process primary token assignment privilege
158  * in case we actually need it.
159  * The call will either succeed or fail when the caller has (or has not)
160  * enough rights.
161  * The last situation may not be dramatic for us. Indeed it may happen
162  * that the user-provided token is a restricted version of the caller's
163  * primary token (aka. a "child" token), or both tokens inherit (i.e. are
164  * children, and are together "siblings") from a common parent token.
165  * In this case the NT kernel allows us to assign the token to the child
166  * process without the need for the assignment privilege, which is fine.
167  * On the contrary, if the user-provided token is completely arbitrary,
168  * then the NT kernel will enforce the presence of the assignment privilege:
169  * because we failed (by assumption) to assign the privilege, the process
170  * token assignment will fail as required. It is then the job of the
171  * caller to manually acquire the necessary privileges.
172  */
174  TRUE, TRUE, &PrivilegeSet);
175  HavePrivilege = NT_SUCCESS(Status);
176  if (!HavePrivilege)
177  {
178  ERR("RtlAdjustPrivilege(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE) failed, Status 0x%08lx, "
179  "attempting to continue without it...\n", Status);
180  }
181 
182  AccessToken.Token = hTokenDup;
183  AccessToken.Thread = lpProcessInformation->hThread;
184 
185  /* Set the new process token */
186  Status = NtSetInformationProcess(lpProcessInformation->hProcess,
188  (PVOID)&AccessToken,
189  sizeof(AccessToken));
190 
191  /* Restore the privilege */
192  if (HavePrivilege)
193  {
195  PrivilegeSet, TRUE, &PrivilegeSet);
196  }
197 
198  RevertToSelf();
199 
200  /* Close the duplicated token */
201  NtClose(hTokenDup);
202 
203  /* Check whether NtSetInformationProcess() failed */
204  if (!NT_SUCCESS(Status))
205  {
206  ERR("NtSetInformationProcess() failed, Status 0x%08x\n", Status);
207  goto Quit;
208  }
209 
210  if (!NT_SUCCESS(Status))
211  {
212 Quit:
213  TerminateProcess(lpProcessInformation->hProcess, Status);
215  return FALSE;
216  }
217  }
218 
219  /* Resume the main thread */
220  if (!(dwCreationFlags & CREATE_SUSPENDED))
221  {
222  ResumeThread(lpProcessInformation->hThread);
223  }
224 
225  return TRUE;
226 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
#define TRUE
Definition: types.h:120
Type
Definition: Type.h:6
BOOL WINAPI RevertToSelf(VOID)
Definition: security.c:1487
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI NTSTATUS NTAPI RtlAdjustPrivilege(_In_ ULONG Privilege, _In_ BOOLEAN NewValue, _In_ BOOLEAN ForThread, _Out_ PBOOLEAN OldValue)
#define CREATE_SUSPENDED
Definition: winbase.h:178
unsigned char BOOLEAN
#define STATUS_BAD_TOKEN_TYPE
Definition: ntstatus.h:390
smooth NULL
Definition: ftsmooth.c:416
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Definition: token.c:1839
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SetLastError(x)
Definition: compat.h:409
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
enum _TOKEN_TYPE TOKEN_TYPE
NTSYSAPI NTSTATUS NTAPI RtlImpersonateSelf(IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: priv.c:45
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define ERR(fmt,...)
Definition: debug.h:109
NTSTATUS NTAPI NtSetInformationProcess(IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength)
Definition: query.c:1112
BOOL WINAPI TerminateProcess(IN HANDLE hProcess, IN UINT uExitCode)
Definition: proc.c:1532
DWORD WINAPI ResumeThread(IN HANDLE hThread)
Definition: thread.c:566
#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE
Definition: security.c:657
unsigned int ULONG
Definition: retypes.h:1
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Definition: token.c:2941
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:417

Referenced by CreateProcessAsUserA(), and CreateProcessAsUserW().

◆ CreateProcessAsUserW()

BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserW ( _In_opt_ HANDLE  hToken,
_In_opt_ LPCWSTR  lpApplicationName,
_Inout_opt_ LPWSTR  lpCommandLine,
_In_opt_ LPSECURITY_ATTRIBUTES  lpProcessAttributes,
_In_opt_ LPSECURITY_ATTRIBUTES  lpThreadAttributes,
_In_ BOOL  bInheritHandles,
_In_ DWORD  dwCreationFlags,
_In_opt_ LPVOID  lpEnvironment,
_In_opt_ LPCWSTR  lpCurrentDirectory,
_In_ LPSTARTUPINFOW  lpStartupInfo,
_Out_ LPPROCESS_INFORMATION  lpProcessInformation 
)

Definition at line 281 of file logon.c.

293 {
294  TRACE("%p %s %s %p %p %d 0x%08x %p %s %p %p\n", hToken, debugstr_w(lpApplicationName),
295  debugstr_w(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
296  dwCreationFlags, lpEnvironment, debugstr_w(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
297 
298  /* Create the process with a suspended main thread */
299  if (!CreateProcessW(lpApplicationName,
300  lpCommandLine,
301  lpProcessAttributes,
302  lpThreadAttributes,
303  bInheritHandles,
304  dwCreationFlags | CREATE_SUSPENDED,
305  lpEnvironment,
306  lpCurrentDirectory,
307  lpStartupInfo,
308  lpProcessInformation))
309  {
310  ERR("CreateProcessW failed, last error: %d\n", GetLastError());
311  return FALSE;
312  }
313 
314  /* Call the helper function */
315  return CreateProcessAsUserCommon(hToken,
316  dwCreationFlags,
317  lpProcessInformation);
318 }
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
static BOOL CreateProcessAsUserCommon(_In_opt_ HANDLE hToken, _In_ DWORD dwCreationFlags, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
Definition: logon.c:94
#define CREATE_SUSPENDED
Definition: winbase.h:178
#define debugstr_w
Definition: kernel32.h:32
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW(LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
Definition: proc.c:4593
#define TRACE(s)
Definition: solgame.cpp:4
#define ERR(fmt,...)
Definition: debug.h:109

Referenced by InstallDevice(), LaunchProcess(), ScmStartUserModeService(), and WlxStartApplication().

◆ LogonUserA()

BOOL WINAPI LogonUserA ( _In_ LPSTR  lpszUsername,
_In_opt_ LPSTR  lpszDomain,
_In_opt_ LPSTR  lpszPassword,
_In_ DWORD  dwLogonType,
_In_ DWORD  dwLogonProvider,
_Out_opt_ PHANDLE  phToken 
)

Definition at line 326 of file logon.c.

333 {
334  return LogonUserExA(lpszUsername,
335  lpszDomain,
336  lpszPassword,
337  dwLogonType,
339  phToken,
340  NULL,
341  NULL,
342  NULL,
343  NULL);
344 }
BOOL WINAPI LogonUserExA(_In_ LPSTR lpszUsername, _In_opt_ LPSTR lpszDomain, _In_opt_ LPSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
Definition: logon.c:352
_In_opt_ LPSTR _In_opt_ LPSTR lpszPassword
Definition: winbase.h:2651
smooth NULL
Definition: ftsmooth.c:416
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE phToken
Definition: winbase.h:2651
_In_opt_ LPSTR lpszDomain
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD dwLogonType
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD dwLogonProvider
Definition: winbase.h:2651

◆ LogonUserExA()

BOOL WINAPI LogonUserExA ( _In_ LPSTR  lpszUsername,
_In_opt_ LPSTR  lpszDomain,
_In_opt_ LPSTR  lpszPassword,
_In_ DWORD  dwLogonType,
_In_ DWORD  dwLogonProvider,
_Out_opt_ PHANDLE  phToken,
_Out_opt_ PSID ppLogonSid,
_Out_opt_ PVOID ppProfileBuffer,
_Out_opt_ LPDWORD  pdwProfileLength,
_Out_opt_ PQUOTA_LIMITS  pQuotaLimits 
)

Definition at line 352 of file logon.c.

363 {
364  UNICODE_STRING UserName;
365  UNICODE_STRING Domain;
367  BOOL ret = FALSE;
368 
369  UserName.Buffer = NULL;
370  Domain.Buffer = NULL;
371  Password.Buffer = NULL;
372 
373  if (!RtlCreateUnicodeStringFromAsciiz(&UserName, lpszUsername))
374  {
376  goto UsernameDone;
377  }
378 
380  {
382  goto DomainDone;
383  }
384 
386  {
388  goto PasswordDone;
389  }
390 
391  ret = LogonUserExW(UserName.Buffer,
392  Domain.Buffer,
393  Password.Buffer,
394  dwLogonType,
396  phToken,
397  ppLogonSid,
400  pQuotaLimits);
401 
402  if (Password.Buffer != NULL)
404 
405 PasswordDone:
406  if (Domain.Buffer != NULL)
407  RtlFreeUnicodeString(&Domain);
408 
409 DomainDone:
410  if (UserName.Buffer != NULL)
411  RtlFreeUnicodeString(&UserName);
412 
413 UsernameDone:
414  return ret;
415 }
BOOL WINAPI LogonUserExW(_In_ LPWSTR lpszUsername, _In_opt_ LPWSTR lpszDomain, _In_opt_ LPWSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
Definition: logon.c:449
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
_In_opt_ LPSTR _In_opt_ LPSTR lpszPassword
Definition: winbase.h:2651
unsigned int BOOL
Definition: ntddk_ex.h:94
smooth NULL
Definition: ftsmooth.c:416
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE phToken
Definition: winbase.h:2651
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:409
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID _Out_opt_ LPDWORD _Out_opt_ PQUOTA_LIMITS pQuotaLimits
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID * ppLogonSid
Definition: winbase.h:2651
int ret
_In_opt_ LPSTR lpszDomain
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD dwLogonType
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD dwLogonProvider
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID * ppProfileBuffer
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID _Out_opt_ LPDWORD pdwProfileLength
Definition: winbase.h:2651

Referenced by LogonUserA().

◆ LogonUserExW()

BOOL WINAPI LogonUserExW ( _In_ LPWSTR  lpszUsername,
_In_opt_ LPWSTR  lpszDomain,
_In_opt_ LPWSTR  lpszPassword,
_In_ DWORD  dwLogonType,
_In_ DWORD  dwLogonProvider,
_Out_opt_ PHANDLE  phToken,
_Out_opt_ PSID ppLogonSid,
_Out_opt_ PVOID ppProfileBuffer,
_Out_opt_ LPDWORD  pdwProfileLength,
_Out_opt_ PQUOTA_LIMITS  pQuotaLimits 
)

Definition at line 449 of file logon.c.

460 {
463  PSID LogonSid = NULL;
464  PSID LocalSid = NULL;
466  UNICODE_STRING DomainName;
467  UNICODE_STRING UserName;
469  PMSV1_0_INTERACTIVE_LOGON AuthInfo = NULL;
470  ULONG AuthInfoLength;
471  ULONG_PTR Ptr;
476  LUID Luid = {0, 0};
477  LUID LogonId = {0, 0};
479  QUOTA_LIMITS QuotaLimits;
483 
484  if ((ppProfileBuffer != NULL && pdwProfileLength == NULL) ||
486  {
488  return FALSE;
489  }
490 
492  {
494  *pdwProfileLength = 0;
495  }
496 
497  if (phToken != NULL)
498  *phToken = NULL;
499 
500  switch (dwLogonType)
501  {
504  break;
505 
507  LogonType = Network;
508  break;
509 
510  case LOGON32_LOGON_BATCH:
511  LogonType = Batch;
512  break;
513 
515  LogonType = Service;
516  break;
517 
518  default:
519  ERR("Invalid logon type: %ul\n", dwLogonType);
521  goto done;
522  }
523 
524  if (LsaHandle == NULL)
525  {
527  if (!NT_SUCCESS(Status))
528  goto done;
529  }
530 
532  "Advapi32 Logon");
533 
534  RtlInitUnicodeString(&DomainName,
535  lpszDomain);
536 
537  RtlInitUnicodeString(&UserName,
538  lpszUsername);
539 
541  lpszPassword);
542 
543  AuthInfoLength = sizeof(MSV1_0_INTERACTIVE_LOGON)+
544  DomainName.MaximumLength +
545  UserName.MaximumLength +
546  Password.MaximumLength;
547 
548  AuthInfo = RtlAllocateHeap(RtlGetProcessHeap(),
550  AuthInfoLength);
551  if (AuthInfo == NULL)
552  {
554  goto done;
555  }
556 
558 
559  Ptr = (ULONG_PTR)AuthInfo + sizeof(MSV1_0_INTERACTIVE_LOGON);
560 
561  AuthInfo->LogonDomainName.Length = DomainName.Length;
562  AuthInfo->LogonDomainName.MaximumLength = DomainName.MaximumLength;
563  AuthInfo->LogonDomainName.Buffer = (DomainName.Buffer == NULL) ? NULL : (PWCHAR)Ptr;
564  if (DomainName.MaximumLength > 0)
565  {
567  DomainName.Buffer,
568  DomainName.MaximumLength);
569 
570  Ptr += DomainName.MaximumLength;
571  }
572 
573  AuthInfo->UserName.Length = UserName.Length;
574  AuthInfo->UserName.MaximumLength = UserName.MaximumLength;
575  AuthInfo->UserName.Buffer = (PWCHAR)Ptr;
576  if (UserName.MaximumLength > 0)
577  RtlCopyMemory(AuthInfo->UserName.Buffer,
578  UserName.Buffer,
579  UserName.MaximumLength);
580 
581  Ptr += UserName.MaximumLength;
582 
583  AuthInfo->Password.Length = Password.Length;
584  AuthInfo->Password.MaximumLength = Password.MaximumLength;
585  AuthInfo->Password.Buffer = (PWCHAR)Ptr;
586  if (Password.MaximumLength > 0)
587  RtlCopyMemory(AuthInfo->Password.Buffer,
588  Password.Buffer,
589  Password.MaximumLength);
590 
591  /* Create the Logon SID */
596  LogonId.HighPart,
597  LogonId.LowPart,
603  &LogonSid);
604  if (!NT_SUCCESS(Status))
605  goto done;
606 
607  /* Create the Local SID */
608  Status = RtlAllocateAndInitializeSid(&LocalAuthority,
609  1,
618  &LocalSid);
619  if (!NT_SUCCESS(Status))
620  goto done;
621 
622  /* Allocate and set the token groups */
623  TokenGroups = RtlAllocateHeap(RtlGetProcessHeap(),
625  sizeof(TOKEN_GROUPS) + ((2 - ANYSIZE_ARRAY) * sizeof(SID_AND_ATTRIBUTES)));
626  if (TokenGroups == NULL)
627  {
629  goto done;
630  }
631 
632  TokenGroups->GroupCount = 2;
633  TokenGroups->Groups[0].Sid = LogonSid;
634  TokenGroups->Groups[0].Attributes = SE_GROUP_MANDATORY | SE_GROUP_ENABLED |
636  TokenGroups->Groups[1].Sid = LocalSid;
637  TokenGroups->Groups[1].Attributes = SE_GROUP_MANDATORY | SE_GROUP_ENABLED |
639 
640  /* Set the token source */
641  RtlCopyMemory(TokenSource.SourceName,
643  sizeof(TokenSource.SourceName));
644  AllocateLocallyUniqueId(&TokenSource.SourceIdentifier);
645 
647  &OriginName,
648  LogonType,
650  (PVOID)AuthInfo,
651  AuthInfoLength,
652  TokenGroups,
653  &TokenSource,
654  (PVOID*)&ProfileBuffer,
656  &Luid,
657  &TokenHandle,
658  &QuotaLimits,
659  &SubStatus);
660  if (!NT_SUCCESS(Status))
661  {
662  ERR("LsaLogonUser failed (Status 0x%08lx)\n", Status);
663  goto done;
664  }
665 
666  if (ProfileBuffer != NULL)
667  {
668  TRACE("ProfileBuffer: %p\n", ProfileBuffer);
669  TRACE("MessageType: %u\n", ProfileBuffer->MessageType);
670 
671  TRACE("FullName: %p\n", ProfileBuffer->FullName.Buffer);
672  TRACE("FullName: %S\n", ProfileBuffer->FullName.Buffer);
673 
674  TRACE("LogonServer: %p\n", ProfileBuffer->LogonServer.Buffer);
675  TRACE("LogonServer: %S\n", ProfileBuffer->LogonServer.Buffer);
676  }
677 
678  TRACE("Luid: 0x%08lx%08lx\n", Luid.HighPart, Luid.LowPart);
679 
680  if (TokenHandle != NULL)
681  {
682  TRACE("TokenHandle: %p\n", TokenHandle);
683  }
684 
685  if (phToken != NULL)
686  *phToken = TokenHandle;
687 
688  /* FIXME: return ppLogonSid and pQuotaLimits */
689 
690 done:
691  if (ProfileBuffer != NULL)
693 
694  if (!NT_SUCCESS(Status))
695  {
696  if (TokenHandle != NULL)
698  }
699 
700  if (TokenGroups != NULL)
701  RtlFreeHeap(RtlGetProcessHeap(), 0, TokenGroups);
702 
703  if (LocalSid != NULL)
705 
706  if (LogonSid != NULL)
707  RtlFreeSid(LogonSid);
708 
709  if (AuthInfo != NULL)
710  RtlFreeHeap(RtlGetProcessHeap(), 0, AuthInfo);
711 
712  if (!NT_SUCCESS(Status))
713  {
715  return FALSE;
716  }
717 
718  return TRUE;
719 }
#define ERROR_INVALID_PARAMETER
Definition: compat.h:91
NTSTATUS NTAPI LsaLogonUser(HANDLE, PLSA_STRING, SECURITY_LOGON_TYPE, ULONG, PVOID, ULONG, PTOKEN_GROUPS, PTOKEN_SOURCE, PVOID *, PULONG, PLUID, PHANDLE, PQUOTA_LIMITS, PNTSTATUS)
#define TRUE
Definition: types.h:120
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define CloseHandle
Definition: compat.h:398
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
MSV1_0_LOGON_SUBMIT_TYPE MessageType
Definition: ntsecapi.h:431
USHORT MaximumLength
Definition: env_spec_w32.h:370
#define ANYSIZE_ARRAY
Definition: typedefs.h:45
#define LOGON32_LOGON_BATCH
Definition: winbase.h:374
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
_In_opt_ LPSTR _In_opt_ LPSTR lpszPassword
Definition: winbase.h:2651
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG ProfileBufferLength
uint16_t * PWCHAR
Definition: typedefs.h:54
PSID LocalSid
Definition: globals.c:15
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
_IRQL_requires_same_ _In_ PLSA_STRING OriginName
UNICODE_STRING Password
Definition: ntsecapi.h:434
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
uint32_t ULONG_PTR
Definition: typedefs.h:63
#define SECURITY_LOGON_IDS_RID_COUNT
Definition: setypes.h:533
HANDLE LsaHandle
Definition: logon.c:17
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
#define SECURITY_LOCAL_SID_AUTHORITY
Definition: setypes.h:502
smooth NULL
Definition: ftsmooth.c:416
#define SE_GROUP_ENABLED_BY_DEFAULT
Definition: setypes.h:91
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
static NTSTATUS OpenLogonLsaHandle(VOID)
Definition: logon.c:24
#define LOGON32_LOGON_SERVICE
Definition: winbase.h:375
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:526
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
struct _MSV1_0_INTERACTIVE_LOGON MSV1_0_INTERACTIVE_LOGON
UNICODE_STRING UserName
Definition: ntsecapi.h:433
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SE_GROUP_ENABLED
Definition: setypes.h:92
DWORD LowPart
#define SECURITY_LOCAL_RID
Definition: setypes.h:514
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE phToken
Definition: winbase.h:2651
PCHAR Buffer
Definition: ntsecapi.h:174
#define SetLastError(x)
Definition: compat.h:409
#define SE_GROUP_MANDATORY
Definition: setypes.h:90
#define SECURITY_NULL_RID
Definition: setypes.h:512
LONG HighPart
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID * ProfileBuffer
ULONG AuthenticationPackage
Definition: logon.c:18
#define LOGON32_LOGON_INTERACTIVE
Definition: winbase.h:372
Status
Definition: gdiplustypes.h:24
#define SE_GROUP_LOGON_ID
Definition: setypes.h:98
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define ERR(fmt,...)
Definition: debug.h:109
#define LOGON32_LOGON_NETWORK
Definition: winbase.h:373
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE LogonType
BOOL WINAPI AllocateLocallyUniqueId(PLUID Luid)
Definition: security.c:1097
enum _SECURITY_LOGON_TYPE SECURITY_LOGON_TYPE
_In_opt_ LPSTR lpszDomain
Definition: winbase.h:2651
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID LogonId
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD dwLogonType
Definition: winbase.h:2651
#define SECURITY_LOGON_IDS_RID
Definition: setypes.h:532
NTSTATUS NTAPI LsaFreeReturnBuffer(PVOID)
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID * ppProfileBuffer
Definition: winbase.h:2651
static const CHAR AdvapiTokenSourceName[]
Definition: logon.c:14
unsigned int ULONG
Definition: retypes.h:1
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define ULONG_PTR
Definition: config.h:101
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE _Out_opt_ PSID _Out_opt_ PVOID _Out_opt_ LPDWORD pdwProfileLength
Definition: winbase.h:2651
return STATUS_SUCCESS
Definition: btrfs.c:2966
UNICODE_STRING LogonDomainName
Definition: ntsecapi.h:432
static SID_IDENTIFIER_AUTHORITY SystemAuthority
Definition: msgina.c:38

Referenced by LogonUserExA(), and LogonUserW().

◆ LogonUserW()

BOOL WINAPI LogonUserW ( _In_ LPWSTR  lpszUsername,
_In_opt_ LPWSTR  lpszDomain,
_In_opt_ LPWSTR  lpszPassword,
_In_ DWORD  dwLogonType,
_In_ DWORD  dwLogonProvider,
_Out_opt_ PHANDLE  phToken 
)

Definition at line 423 of file logon.c.

430 {
431  return LogonUserExW(lpszUsername,
432  lpszDomain,
433  lpszPassword,
434  dwLogonType,
436  phToken,
437  NULL,
438  NULL,
439  NULL,
440  NULL);
441 }
BOOL WINAPI LogonUserExW(_In_ LPWSTR lpszUsername, _In_opt_ LPWSTR lpszDomain, _In_opt_ LPWSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken, _Out_opt_ PSID *ppLogonSid, _Out_opt_ PVOID *ppProfileBuffer, _Out_opt_ LPDWORD pdwProfileLength, _Out_opt_ PQUOTA_LIMITS pQuotaLimits)
Definition: logon.c:449
_In_opt_ LPSTR _In_opt_ LPSTR lpszPassword
Definition: winbase.h:2651
smooth NULL
Definition: ftsmooth.c:416
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE phToken
Definition: winbase.h:2651
_In_opt_ LPSTR lpszDomain
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD dwLogonType
Definition: winbase.h:2651
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD dwLogonProvider
Definition: winbase.h:2651

Referenced by ScmLogonService().

◆ OpenLogonLsaHandle()

static NTSTATUS OpenLogonLsaHandle ( VOID  )
static

Definition at line 24 of file logon.c.

25 {
26  LSA_STRING LogonProcessName;
27  LSA_STRING PackageName;
30 
31  RtlInitAnsiString((PANSI_STRING)&LogonProcessName,
32  "User32LogonProcess");
33 
34  Status = LsaRegisterLogonProcess(&LogonProcessName,
35  &LsaHandle,
36  &SecurityMode);
37  if (!NT_SUCCESS(Status))
38  {
39  TRACE("LsaRegisterLogonProcess failed (Status 0x%08lx)\n", Status);
40  goto done;
41  }
42 
43  RtlInitAnsiString((PANSI_STRING)&PackageName,
45 
47  &PackageName,
49  if (!NT_SUCCESS(Status))
50  {
51  TRACE("LsaLookupAuthenticationPackage failed (Status 0x%08lx)\n", Status);
52  goto done;
53  }
54 
55  TRACE("AuthenticationPackage: 0x%08lx\n", AuthenticationPackage);
56 
57 done:
58  if (!NT_SUCCESS(Status))
59  {
60  if (LsaHandle != NULL)
61  {
63  if (!NT_SUCCESS(Status))
64  {
65  TRACE("LsaDeregisterLogonProcess failed (Status 0x%08lx)\n", Status);
66  }
67  }
68  }
69 
70  return Status;
71 }
#define MSV1_0_PACKAGE_NAME
Definition: ntsecapi.h:42
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
HANDLE LsaHandle
Definition: logon.c:17
_IRQL_requires_same_ _Out_ PHANDLE _Out_ PLSA_OPERATIONAL_MODE SecurityMode
smooth NULL
Definition: ftsmooth.c:416
ULONG LSA_OPERATIONAL_MODE
Definition: ntsecapi.h:364
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE)
ULONG AuthenticationPackage
Definition: logon.c:18
Status
Definition: gdiplustypes.h:24
NTSTATUS NTAPI LsaLookupAuthenticationPackage(HANDLE, PLSA_STRING, PULONG)
NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING, PHANDLE, PLSA_OPERATIONAL_MODE)

Referenced by LogonUserExW().

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( advapi  )

Variable Documentation

◆ AdvapiTokenSourceName

const CHAR AdvapiTokenSourceName[] = "Advapi "
static

Definition at line 14 of file logon.c.

Referenced by LogonUserExW().

◆ AuthenticationPackage

◆ LsaHandle