dll/win32/msv1_0/msv1_0.c

   1 /*
   2  * PROJECT:     Authentication Package DLL
   3  * LICENSE:     GPL - See COPYING in the top level directory
   4  * FILE:        dll/win32/msv1_0/msv1_0.c
   5  * PURPOSE:     Main file
   6  * COPYRIGHT:   Copyright 2013 Eric Kohl
   7  */
   8
   9 /* INCLUDES ****************************************************************/
  10
  11 #include "msv1_0.h"
  12
  13 WINE_DEFAULT_DEBUG_CHANNEL(msv1_0);
  14
  15
  16 /* GLOBALS *****************************************************************/
  17
  18 LSA_DISPATCH_TABLE DispatchTable;
  19
  20
  21 /* FUNCTIONS ***************************************************************/
  22
  23 static
  24 NTSTATUS
  25 GetDomainSid(PRPC_SID *Sid)
  26 {
  27     LSAPR_HANDLE PolicyHandle = NULL;
  28     PLSAPR_POLICY_INFORMATION PolicyInfo = NULL;
  29     ULONG Length = 0;
  30     NTSTATUS Status;
  31
  32     Status = LsaIOpenPolicyTrusted(&PolicyHandle);
  33     if (!NT_SUCCESS(Status))
  34     {
  35         TRACE("LsaIOpenPolicyTrusted() failed (Status 0x%08lx)\n", Status);
  36         return Status;
  37     }
  38
  39     Status = LsarQueryInformationPolicy(PolicyHandle,
  40                                         PolicyAccountDomainInformation,
  41                                         &PolicyInfo);
  42     if (!NT_SUCCESS(Status))
  43     {
  44         TRACE("LsarQueryInformationPolicy() failed (Status 0x%08lx)\n", Status);
  45         goto done;
  46     }
  47
  48     Length = RtlLengthSid(PolicyInfo->PolicyAccountDomainInfo.Sid);
  49
  50     *Sid = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
  51     if (*Sid == NULL)
  52     {
  53         ERR("Failed to allocate SID\n");
  54         Status = STATUS_INSUFFICIENT_RESOURCES;
  55         goto done;
  56     }
  57
  58     memcpy(*Sid, PolicyInfo->PolicyAccountDomainInfo.Sid, Length);
  59
  60 done:
  61     if (PolicyInfo != NULL)
  62         LsaIFree_LSAPR_POLICY_INFORMATION(PolicyAccountDomainInformation,
  63                                           PolicyInfo);
  64
  65     if (PolicyHandle != NULL)
  66         LsarClose(&PolicyHandle);
  67
  68     return Status;
  69 }
  70
  71
  72 /*
  73  * @unimplemented
  74  */
  75 NTSTATUS
  76 NTAPI
  77 LsaApCallPackage(IN PLSA_CLIENT_REQUEST ClientRequest,
  78                  IN PVOID ProtocolSubmitBuffer,
  79                  IN PVOID ClientBufferBase,
  80                  IN ULONG SubmitBufferLength,
  81                  OUT PVOID *ProtocolReturnBuffer,
  82                  OUT PULONG ReturnBufferLength,
  83                  OUT PNTSTATUS ProtocolStatus)
  84 {
  85     TRACE("()\n");
  86     return STATUS_NOT_IMPLEMENTED;
  87 }
  88
  89
  90 /*
  91  * @unimplemented
  92  */
  93 NTSTATUS
  94 NTAPI
  95 LsaApCallPackagePassthrough(IN PLSA_CLIENT_REQUEST ClientRequest,
  96                             IN PVOID ProtocolSubmitBuffer,
  97                             IN PVOID ClientBufferBase,
  98                             IN ULONG SubmitBufferLength,
  99                             OUT PVOID *ProtocolReturnBuffer,
 100                             OUT PULONG ReturnBufferLength,
 101                             OUT PNTSTATUS ProtocolStatus)
 102 {
 103     TRACE("()\n");
 104     return STATUS_NOT_IMPLEMENTED;
 105 }
 106
 107
 108 /*
 109  * @unimplemented
 110  */
 111 NTSTATUS
 112 NTAPI
 113 LsaApCallPackageUntrusted(IN PLSA_CLIENT_REQUEST ClientRequest,
 114                           IN PVOID ProtocolSubmitBuffer,
 115                           IN PVOID ClientBufferBase,
 116                           IN ULONG SubmitBufferLength,
 117                           OUT PVOID *ProtocolReturnBuffer,
 118                           OUT PULONG ReturnBufferLength,
 119                           OUT PNTSTATUS ProtocolStatus)
 120 {
 121     TRACE("()\n");
 122     return STATUS_NOT_IMPLEMENTED;
 123 }
 124
 125
 126 /*
 127  * @unimplemented
 128  */
 129 NTSTATUS
 130 NTAPI
 131 LsaApInitializePackage(IN ULONG AuthenticationPackageId,
 132                        IN PLSA_DISPATCH_TABLE LsaDispatchTable,
 133                        IN PLSA_STRING Database OPTIONAL,
 134                        IN PLSA_STRING Confidentiality OPTIONAL,
 135                        OUT PLSA_STRING *AuthenticationPackageName)
 136 {
 137     PANSI_STRING NameString;
 138     PCHAR NameBuffer;
 139
 140     TRACE("(%lu %p %p %p %p)\n",
 141           AuthenticationPackageId, LsaDispatchTable, Database,
 142           Confidentiality, AuthenticationPackageName);
 143
 144     /* Get the dispatch table entries */
 145     DispatchTable.AllocateLsaHeap = LsaDispatchTable->AllocateLsaHeap;
 146     DispatchTable.FreeLsaHeap = LsaDispatchTable->FreeLsaHeap;
 147     DispatchTable.AllocateClientBuffer = LsaDispatchTable->AllocateClientBuffer;
 148     DispatchTable.FreeClientBuffer = LsaDispatchTable->FreeClientBuffer;
 149     DispatchTable.CopyToClientBuffer = LsaDispatchTable->CopyToClientBuffer;
 150     DispatchTable.CopyFromClientBuffer = LsaDispatchTable->CopyFromClientBuffer;
 151
 152
 153     /* Return the package name */
 154     NameString = DispatchTable.AllocateLsaHeap(sizeof(LSA_STRING));
 155     if (NameString == NULL)
 156         return STATUS_INSUFFICIENT_RESOURCES;
 157
 158     NameBuffer = DispatchTable.AllocateLsaHeap(sizeof(MSV1_0_PACKAGE_NAME));
 159     if (NameBuffer == NULL)
 160     {
 161         DispatchTable.FreeLsaHeap(NameString);
 162         return STATUS_INSUFFICIENT_RESOURCES;
 163     }
 164
 165     strcpy(NameBuffer, MSV1_0_PACKAGE_NAME);
 166
 167     RtlInitAnsiString(NameString, NameBuffer);
 168
 169     *AuthenticationPackageName = (PLSA_STRING)NameString;
 170
 171     return STATUS_SUCCESS;
 172 }
 173
 174
 175 /*
 176  * @unimplemented
 177  */
 178 VOID
 179 NTAPI
 180 LsaApLogonTerminated(IN PLUID LogonId)
 181 {
 182     TRACE("()\n");
 183 }
 184
 185
 186 /*
 187  * @unimplemented
 188  */
 189 NTSTATUS
 190 NTAPI
 191 LsaApLogonUser(IN PLSA_CLIENT_REQUEST ClientRequest,
 192                IN SECURITY_LOGON_TYPE LogonType,
 193                IN PVOID AuthenticationInformation,
 194                IN PVOID ClientAuthenticationBase,
 195                IN ULONG AuthenticationInformationLength,
 196                OUT PVOID *ProfileBuffer,
 197                OUT PULONG ProfileBufferLength,
 198                OUT PLUID LogonId,
 199                OUT PNTSTATUS SubStatus,
 200                OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
 201                OUT PVOID *TokenInformation,
 202                OUT PLSA_UNICODE_STRING *AccountName,
 203                OUT PLSA_UNICODE_STRING *AuthenticatingAuthority)
 204 {
 205     PMSV1_0_INTERACTIVE_LOGON LogonInfo;
 206
 207     SAMPR_HANDLE ServerHandle = NULL;
 208     SAMPR_HANDLE DomainHandle = NULL;
 209     PRPC_SID AccountDomainSid = NULL;
 210     RPC_UNICODE_STRING Names[1];
 211     SAMPR_ULONG_ARRAY RelativeIds = {0, NULL};
 212     SAMPR_ULONG_ARRAY Use = {0, NULL};
 213     NTSTATUS Status;
 214
 215     TRACE("()\n");
 216
 217     TRACE("LogonType: %lu\n", LogonType);
 218     TRACE("AuthenticationInformation: %p\n", AuthenticationInformation);
 219     TRACE("AuthenticationInformationLength: %lu\n", AuthenticationInformationLength);
 220
 221
 222     *ProfileBuffer = NULL;
 223     *ProfileBufferLength = 0;
 224     *SubStatus = STATUS_SUCCESS;
 225
 226     if (LogonType == Interactive ||
 227         LogonType == Batch ||
 228         LogonType == Service)
 229     {
 230         ULONG_PTR PtrOffset;
 231
 232         LogonInfo = (PMSV1_0_INTERACTIVE_LOGON)AuthenticationInformation;
 233
 234         /* Fix-up pointers in the authentication info */
 235         PtrOffset = (ULONG_PTR)AuthenticationInformation - (ULONG_PTR)ClientAuthenticationBase;
 236
 237         LogonInfo->LogonDomainName.Buffer = (PWSTR)((ULONG_PTR)LogonInfo->LogonDomainName.Buffer + PtrOffset);
 238         LogonInfo->UserName.Buffer = (PWSTR)((ULONG_PTR)LogonInfo->UserName.Buffer + PtrOffset);
 239         LogonInfo->Password.Buffer = (PWSTR)((ULONG_PTR)LogonInfo->Password.Buffer + PtrOffset);
 240
 241         TRACE("Domain: %S\n", LogonInfo->LogonDomainName.Buffer);
 242         TRACE("User: %S\n", LogonInfo->UserName.Buffer);
 243         TRACE("Password: %S\n", LogonInfo->Password.Buffer);
 244     }
 245     else
 246     {
 247         FIXME("LogonType %lu is not supported yet!\n", LogonType);
 248         return STATUS_NOT_IMPLEMENTED;
 249     }
 250
 251     Status = GetDomainSid(&AccountDomainSid);
 252     if (!NT_SUCCESS(Status))
 253     {
 254         TRACE("GetDomainSid() failed (Status 0x%08lx)\n", Status);
 255         return Status;
 256     }
 257
 258     /* Connect to the SAM server */
 259     Status = SamIConnect(NULL,
 260                          &ServerHandle,
 261                          SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN,
 262                          TRUE);
 263     if (!NT_SUCCESS(Status))
 264     {
 265         TRACE("SamIConnect() failed (Status 0x%08lx)\n", Status);
 266         goto done;
 267     }
 268
 269     /* Open the account domain */
 270     Status = SamrOpenDomain(ServerHandle,
 271                             DOMAIN_LOOKUP,
 272                             AccountDomainSid,
 273                             &DomainHandle);
 274     if (!NT_SUCCESS(Status))
 275     {
 276         TRACE("SamrOpenDomain failed (Status %08lx)\n", Status);
 277         goto done;
 278     }
 279
 280     Names[0].Length = LogonInfo->UserName.Length;
 281     Names[0].MaximumLength = LogonInfo->UserName.MaximumLength;
 282     Names[0].Buffer = LogonInfo->UserName.Buffer;
 283
 284     /* Try to get the RID for the user name */
 285     Status = SamrLookupNamesInDomain(DomainHandle,
 286                                      1,
 287                                      Names,
 288                                      &RelativeIds,
 289                                      &Use);
 290     if (!NT_SUCCESS(Status))
 291     {
 292         TRACE("SamrLookupNamesInDomain failed (Status %08lx)\n", Status);
 293         Status = STATUS_NO_SUCH_USER;
 294         goto done;
 295     }
 296
 297     /* Fail, if it is not a user account */
 298     if (Use.Element[0] != SidTypeUser)
 299     {
 300         TRACE("Account is not a user account!\n");
 301         Status = STATUS_NO_SUCH_USER;
 302         goto done;
 303     }
 304
 305
 306
 307 done:
 308     SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds);
 309     SamIFree_SAMPR_ULONG_ARRAY(&Use);
 310
 311     if (DomainHandle != NULL)
 312         SamrCloseHandle(&DomainHandle);
 313
 314     if (ServerHandle != NULL)
 315         SamrCloseHandle(&ServerHandle);
 316
 317     if (AccountDomainSid != NULL)
 318         RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);
 319
 320     TRACE("LsaApLogonUser done (Status %08lx)\n", Status);
 321
 322     return Status;
 323 }
 324
 325
 326 /*
 327  * @unimplemented
 328  */
 329 NTSTATUS
 330 NTAPI
 331 LsaApLogonUserEx(IN PLSA_CLIENT_REQUEST ClientRequest,
 332                  IN SECURITY_LOGON_TYPE LogonType,
 333                  IN PVOID AuthenticationInformation,
 334                  IN PVOID ClientAuthenticationBase,
 335                  IN ULONG AuthenticationInformationLength,
 336                  OUT PVOID *ProfileBuffer,
 337                  OUT PULONG ProfileBufferLength,
 338                  OUT PLUID LogonId,
 339                  OUT PNTSTATUS SubStatus,
 340                  OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
 341                  OUT PVOID *TokenInformation,
 342                  OUT PUNICODE_STRING *AccountName,
 343                  OUT PUNICODE_STRING *AuthenticatingAuthority,
 344                  OUT PUNICODE_STRING *MachineName)
 345 {
 346     TRACE("()\n");
 347
 348     TRACE("LogonType: %lu\n", LogonType);
 349     TRACE("AuthenticationInformation: %p\n", AuthenticationInformation);
 350     TRACE("AuthenticationInformationLength: %lu\n", AuthenticationInformationLength);
 351
 352     return STATUS_NOT_IMPLEMENTED;
 353 }
 354
 355
 356 /*
 357  * @unimplemented
 358  */
 359 NTSTATUS
 360 NTAPI
 361 LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest,
 362                   IN SECURITY_LOGON_TYPE LogonType,
 363                   IN PVOID ProtocolSubmitBuffer,
 364                   IN PVOID ClientBufferBase,
 365                   IN ULONG SubmitBufferSize,
 366                   OUT PVOID *ProfileBuffer,
 367                   OUT PULONG ProfileBufferSize,
 368                   OUT PLUID LogonId,
 369                   OUT PNTSTATUS SubStatus,
 370                   OUT PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
 371                   OUT PVOID *TokenInformation,
 372                   OUT PUNICODE_STRING *AccountName,
 373                   OUT PUNICODE_STRING *AuthenticatingAuthority,
 374                   OUT PUNICODE_STRING *MachineName,
 375                   OUT PSECPKG_PRIMARY_CRED PrimaryCredentials,
 376                   OUT PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials)
 377 {
 378     TRACE("()\n");
 379
 380     TRACE("LogonType: %lu\n", LogonType);
 381     TRACE("ProtocolSubmitBuffer: %p\n", ProtocolSubmitBuffer);
 382     TRACE("SubmitBufferSize: %lu\n", SubmitBufferSize);
 383
 384
 385     return STATUS_NOT_IMPLEMENTED;
 386 }
 387
 388 /* EOF */