2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/advapi32/misc/logon.c
5 * PURPOSE: Logon functions
6 * PROGRAMMER: Eric Kohl
10 WINE_DEFAULT_DEBUG_CHANNEL(advapi
);
12 /* GLOBALS *****************************************************************/
14 HANDLE LsaHandle
= NULL
;
15 ULONG AuthenticationPackage
= 0;
17 /* FUNCTIONS ***************************************************************/
21 OpenLogonLsaHandle(VOID
)
23 LSA_STRING LogonProcessName
;
24 LSA_STRING PackageName
;
25 LSA_OPERATIONAL_MODE SecurityMode
= 0;
28 RtlInitAnsiString((PANSI_STRING
)&LogonProcessName
,
29 "User32LogonProcess");
31 Status
= LsaRegisterLogonProcess(&LogonProcessName
,
34 if (!NT_SUCCESS(Status
))
36 TRACE("LsaRegisterLogonProcess failed (Status 0x%08lx)\n", Status
);
40 RtlInitAnsiString((PANSI_STRING
)&PackageName
,
43 Status
= LsaLookupAuthenticationPackage(LsaHandle
,
45 &AuthenticationPackage
);
46 if (!NT_SUCCESS(Status
))
48 TRACE("LsaLookupAuthenticationPackage failed (Status 0x%08lx)\n", Status
);
52 TRACE("AuthenticationPackage: 0x%08lx\n", AuthenticationPackage
);
55 if (!NT_SUCCESS(Status
))
57 if (LsaHandle
!= NULL
)
59 Status
= LsaDeregisterLogonProcess(LsaHandle
);
60 if (!NT_SUCCESS(Status
))
62 TRACE("LsaDeregisterLogonProcess failed (Status 0x%08lx)\n", Status
);
72 CloseLogonLsaHandle(VOID
)
74 NTSTATUS Status
= STATUS_SUCCESS
;
76 if (LsaHandle
!= NULL
)
78 Status
= LsaDeregisterLogonProcess(LsaHandle
);
79 if (!NT_SUCCESS(Status
))
81 TRACE("LsaDeregisterLogonProcess failed (Status 0x%08lx)\n", Status
);
93 CreateProcessAsUserA(HANDLE hToken
,
94 LPCSTR lpApplicationName
,
96 LPSECURITY_ATTRIBUTES lpProcessAttributes
,
97 LPSECURITY_ATTRIBUTES lpThreadAttributes
,
99 DWORD dwCreationFlags
,
100 LPVOID lpEnvironment
,
101 LPCSTR lpCurrentDirectory
,
102 LPSTARTUPINFOA lpStartupInfo
,
103 LPPROCESS_INFORMATION lpProcessInformation
)
105 PROCESS_ACCESS_TOKEN AccessToken
;
108 TRACE("%p %s %s %p %p %d 0x%08x %p %s %p %p\n", hToken
, debugstr_a(lpApplicationName
),
109 debugstr_a(lpCommandLine
), lpProcessAttributes
, lpThreadAttributes
, bInheritHandles
,
110 dwCreationFlags
, lpEnvironment
, debugstr_a(lpCurrentDirectory
), lpStartupInfo
, lpProcessInformation
);
112 /* Create the process with a suspended main thread */
113 if (!CreateProcessA(lpApplicationName
,
118 dwCreationFlags
| CREATE_SUSPENDED
,
122 lpProcessInformation
))
124 ERR("CreateProcessA failed! GLE: %d\n", GetLastError());
128 AccessToken
.Token
= hToken
;
129 AccessToken
.Thread
= NULL
;
131 /* Set the new process token */
132 Status
= NtSetInformationProcess(lpProcessInformation
->hProcess
,
135 sizeof(AccessToken
));
136 if (!NT_SUCCESS (Status
))
138 ERR("NtSetInformationProcess failed: 0x%08x\n", Status
);
139 TerminateProcess(lpProcessInformation
->hProcess
, Status
);
140 SetLastError(RtlNtStatusToDosError(Status
));
144 /* Resume the main thread */
145 if (!(dwCreationFlags
& CREATE_SUSPENDED
))
147 ResumeThread(lpProcessInformation
->hThread
);
158 CreateProcessAsUserW(HANDLE hToken
,
159 LPCWSTR lpApplicationName
,
160 LPWSTR lpCommandLine
,
161 LPSECURITY_ATTRIBUTES lpProcessAttributes
,
162 LPSECURITY_ATTRIBUTES lpThreadAttributes
,
163 BOOL bInheritHandles
,
164 DWORD dwCreationFlags
,
165 LPVOID lpEnvironment
,
166 LPCWSTR lpCurrentDirectory
,
167 LPSTARTUPINFOW lpStartupInfo
,
168 LPPROCESS_INFORMATION lpProcessInformation
)
170 PROCESS_ACCESS_TOKEN AccessToken
;
173 TRACE("%p %s %s %p %p %d 0x%08x %p %s %p %p\n", hToken
, debugstr_w(lpApplicationName
),
174 debugstr_w(lpCommandLine
), lpProcessAttributes
, lpThreadAttributes
, bInheritHandles
,
175 dwCreationFlags
, lpEnvironment
, debugstr_w(lpCurrentDirectory
), lpStartupInfo
, lpProcessInformation
);
177 /* Create the process with a suspended main thread */
178 if (!CreateProcessW(lpApplicationName
,
183 dwCreationFlags
| CREATE_SUSPENDED
,
187 lpProcessInformation
))
189 ERR("CreateProcessW failed! GLE: %d\n", GetLastError());
193 AccessToken
.Token
= hToken
;
194 AccessToken
.Thread
= NULL
;
196 /* Set the new process token */
197 Status
= NtSetInformationProcess(lpProcessInformation
->hProcess
,
200 sizeof(AccessToken
));
201 if (!NT_SUCCESS (Status
))
203 ERR("NtSetInformationProcess failed: 0x%08x\n", Status
);
204 TerminateProcess(lpProcessInformation
->hProcess
, Status
);
205 SetLastError(RtlNtStatusToDosError(Status
));
209 /* Resume the main thread */
210 if (!(dwCreationFlags
& CREATE_SUSPENDED
))
212 ResumeThread(lpProcessInformation
->hThread
);
222 LogonUserA(LPSTR lpszUsername
,
226 DWORD dwLogonProvider
,
229 UNICODE_STRING UserName
;
230 UNICODE_STRING Domain
;
231 UNICODE_STRING Password
;
234 UserName
.Buffer
= NULL
;
235 Domain
.Buffer
= NULL
;
236 Password
.Buffer
= NULL
;
238 if (!RtlCreateUnicodeStringFromAsciiz(&UserName
, lpszUsername
))
240 SetLastError(ERROR_NOT_ENOUGH_MEMORY
);
244 if (!RtlCreateUnicodeStringFromAsciiz(&Domain
, lpszDomain
))
246 SetLastError(ERROR_NOT_ENOUGH_MEMORY
);
250 if (!RtlCreateUnicodeStringFromAsciiz(&Password
, lpszPassword
))
252 SetLastError(ERROR_NOT_ENOUGH_MEMORY
);
256 ret
= LogonUserW(UserName
.Buffer
,
263 if (Password
.Buffer
!= NULL
)
264 RtlFreeUnicodeString(&Password
);
267 if (Domain
.Buffer
!= NULL
)
268 RtlFreeUnicodeString(&Domain
);
271 if (UserName
.Buffer
!= NULL
)
272 RtlFreeUnicodeString(&UserName
);
283 LogonUserW(LPWSTR lpszUsername
,
287 DWORD dwLogonProvider
,
290 SID_IDENTIFIER_AUTHORITY LocalAuthority
= {SECURITY_LOCAL_SID_AUTHORITY
};
291 SID_IDENTIFIER_AUTHORITY SystemAuthority
= {SECURITY_NT_AUTHORITY
};
292 PSID LogonSid
= NULL
;
293 PSID LocalSid
= NULL
;
294 LSA_STRING OriginName
;
295 UNICODE_STRING DomainName
;
296 UNICODE_STRING UserName
;
297 UNICODE_STRING Password
;
298 PMSV1_0_INTERACTIVE_LOGON AuthInfo
= NULL
;
299 ULONG AuthInfoLength
;
301 TOKEN_SOURCE TokenSource
;
302 PTOKEN_GROUPS TokenGroups
= NULL
;
303 PMSV1_0_INTERACTIVE_PROFILE ProfileBuffer
= NULL
;
304 ULONG ProfileBufferLength
= 0;
306 LUID LogonId
= {0, 0};
307 HANDLE TokenHandle
= NULL
;
308 QUOTA_LIMITS QuotaLimits
;
309 SECURITY_LOGON_TYPE LogonType
;
310 NTSTATUS SubStatus
= STATUS_SUCCESS
;
317 case LOGON32_LOGON_INTERACTIVE
:
318 LogonType
= Interactive
;
321 case LOGON32_LOGON_NETWORK
:
325 case LOGON32_LOGON_BATCH
:
329 case LOGON32_LOGON_SERVICE
:
334 ERR("Invalid logon type: %ul\n", dwLogonType
);
335 Status
= STATUS_INVALID_PARAMETER
;
339 if (LsaHandle
== NULL
)
341 Status
= OpenLogonLsaHandle();
342 if (!NT_SUCCESS(Status
))
346 RtlInitAnsiString((PANSI_STRING
)&OriginName
,
349 RtlInitUnicodeString(&DomainName
,
352 RtlInitUnicodeString(&UserName
,
355 RtlInitUnicodeString(&Password
,
358 AuthInfoLength
= sizeof(MSV1_0_INTERACTIVE_LOGON
)+
359 DomainName
.MaximumLength
+
360 UserName
.MaximumLength
+
361 Password
.MaximumLength
;
363 AuthInfo
= RtlAllocateHeap(RtlGetProcessHeap(),
366 if (AuthInfo
== NULL
)
368 Status
= STATUS_INSUFFICIENT_RESOURCES
;
372 AuthInfo
->MessageType
= MsV1_0InteractiveLogon
;
374 Ptr
= (ULONG_PTR
)AuthInfo
+ sizeof(MSV1_0_INTERACTIVE_LOGON
);
376 AuthInfo
->LogonDomainName
.Length
= DomainName
.Length
;
377 AuthInfo
->LogonDomainName
.MaximumLength
= DomainName
.MaximumLength
;
378 AuthInfo
->LogonDomainName
.Buffer
= (DomainName
.Buffer
== NULL
) ? NULL
: (PWCHAR
)Ptr
;
379 if (DomainName
.MaximumLength
> 0)
381 RtlCopyMemory(AuthInfo
->LogonDomainName
.Buffer
,
383 DomainName
.MaximumLength
);
385 Ptr
+= DomainName
.MaximumLength
;
388 AuthInfo
->UserName
.Length
= UserName
.Length
;
389 AuthInfo
->UserName
.MaximumLength
= UserName
.MaximumLength
;
390 AuthInfo
->UserName
.Buffer
= (PWCHAR
)Ptr
;
391 if (UserName
.MaximumLength
> 0)
392 RtlCopyMemory(AuthInfo
->UserName
.Buffer
,
394 UserName
.MaximumLength
);
396 Ptr
+= UserName
.MaximumLength
;
398 AuthInfo
->Password
.Length
= Password
.Length
;
399 AuthInfo
->Password
.MaximumLength
= Password
.MaximumLength
;
400 AuthInfo
->Password
.Buffer
= (PWCHAR
)Ptr
;
401 if (Password
.MaximumLength
> 0)
402 RtlCopyMemory(AuthInfo
->Password
.Buffer
,
404 Password
.MaximumLength
);
406 /* Create the Logon SID*/
407 AllocateLocallyUniqueId(&LogonId
);
408 Status
= RtlAllocateAndInitializeSid(&SystemAuthority
,
409 SECURITY_LOGON_IDS_RID_COUNT
,
410 SECURITY_LOGON_IDS_RID
,
419 if (!NT_SUCCESS(Status
))
422 /* Create the Local SID*/
423 Status
= RtlAllocateAndInitializeSid(&LocalAuthority
,
434 if (!NT_SUCCESS(Status
))
437 /* Allocate and set the token groups */
438 TokenGroups
= RtlAllocateHeap(RtlGetProcessHeap(),
440 sizeof(TOKEN_GROUPS
) + ((2 - ANYSIZE_ARRAY
) * sizeof(SID_AND_ATTRIBUTES
)));
441 if (TokenGroups
== NULL
)
443 Status
= STATUS_INSUFFICIENT_RESOURCES
;
447 TokenGroups
->GroupCount
= 2;
448 TokenGroups
->Groups
[0].Sid
= LogonSid
;
449 TokenGroups
->Groups
[0].Attributes
= SE_GROUP_MANDATORY
| SE_GROUP_ENABLED
|
450 SE_GROUP_ENABLED_BY_DEFAULT
| SE_GROUP_LOGON_ID
;
451 TokenGroups
->Groups
[1].Sid
= LocalSid
;
452 TokenGroups
->Groups
[1].Attributes
= SE_GROUP_MANDATORY
| SE_GROUP_ENABLED
|
453 SE_GROUP_ENABLED_BY_DEFAULT
;
455 /* Set the token source */
456 strncpy(TokenSource
.SourceName
, "Advapi ", sizeof(TokenSource
.SourceName
));
457 AllocateLocallyUniqueId(&TokenSource
.SourceIdentifier
);
459 Status
= LsaLogonUser(LsaHandle
,
462 AuthenticationPackage
,
467 (PVOID
*)&ProfileBuffer
,
468 &ProfileBufferLength
,
473 if (!NT_SUCCESS(Status
))
475 ERR("LsaLogonUser failed (Status 0x%08lx)\n", Status
);
479 if (ProfileBuffer
!= NULL
)
481 TRACE("ProfileBuffer: %p\n", ProfileBuffer
);
482 TRACE("MessageType: %u\n", ProfileBuffer
->MessageType
);
484 TRACE("FullName: %p\n", ProfileBuffer
->FullName
.Buffer
);
485 TRACE("FullName: %S\n", ProfileBuffer
->FullName
.Buffer
);
487 TRACE("LogonServer: %p\n", ProfileBuffer
->LogonServer
.Buffer
);
488 TRACE("LogonServer: %S\n", ProfileBuffer
->LogonServer
.Buffer
);
491 TRACE("Luid: 0x%08lx%08lx\n", Luid
.HighPart
, Luid
.LowPart
);
493 if (TokenHandle
!= NULL
)
495 TRACE("TokenHandle: %p\n", TokenHandle
);
498 *phToken
= TokenHandle
;
501 if (ProfileBuffer
!= NULL
)
502 LsaFreeReturnBuffer(ProfileBuffer
);
504 if (!NT_SUCCESS(Status
))
506 if (TokenHandle
!= NULL
)
507 CloseHandle(TokenHandle
);
510 if (TokenGroups
!= NULL
)
511 RtlFreeHeap(RtlGetProcessHeap(), 0, TokenGroups
);
513 if (LocalSid
!= NULL
)
514 RtlFreeSid(LocalSid
);
516 if (LogonSid
!= NULL
)
517 RtlFreeSid(LogonSid
);
519 if (AuthInfo
!= NULL
)
520 RtlFreeHeap(RtlGetProcessHeap(), 0, AuthInfo
);
522 if (!NT_SUCCESS(Status
))
524 SetLastError(RtlNtStatusToDosError(Status
));