210fb22854fa0bbac79a56dd7ad5d6e537f160ec
[reactos.git] / reactos / lib / lsalib / lsa.c
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/lsalib/lsa.c
5 * PURPOSE: Client-side LSA functions
6 * UPDATE HISTORY:
7 * Created 05/08/00
8 */
9
10 /* INCLUDES ******************************************************************/
11
12 #include <ndk/lpctypes.h>
13 #include <ndk/lpcfuncs.h>
14 #include <ndk/mmfuncs.h>
15 #include <ndk/rtlfuncs.h>
16 #include <ndk/obfuncs.h>
17 #include <psdk/ntsecapi.h>
18 #include <lsass/lsass.h>
19
20 #define NDEBUG
21 #include <debug.h>
22
23 /* GLOBALS *******************************************************************/
24
25 extern HANDLE Secur32Heap;
26
27 /* FUNCTIONS *****************************************************************/
28
29 /*
30 * @implemented
31 */
32 NTSTATUS
33 WINAPI
34 LsaDeregisterLogonProcess(HANDLE LsaHandle)
35 {
36 LSA_API_MSG ApiMessage;
37 NTSTATUS Status;
38
39 DPRINT1("LsaDeregisterLogonProcess()\n");
40
41 ApiMessage.ApiNumber = LSASS_REQUEST_DEREGISTER_LOGON_PROCESS;
42 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.DeregisterLogonProcess);
43 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
44 ApiMessage.h.u2.ZeroInit = 0;
45
46 Status = ZwRequestWaitReplyPort(LsaHandle,
47 (PPORT_MESSAGE)&ApiMessage,
48 (PPORT_MESSAGE)&ApiMessage);
49 if (!NT_SUCCESS(Status))
50 {
51 DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
52 return Status;
53 }
54
55 if (!NT_SUCCESS(ApiMessage.Status))
56 {
57 DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
58 return ApiMessage.Status;
59 }
60
61 NtClose(LsaHandle);
62
63 DPRINT1("LsaDeregisterLogonProcess() done (Status 0x%08lx)\n", Status);
64
65 return Status;
66 }
67
68
69 /*
70 * @implemented
71 */
72 NTSTATUS
73 WINAPI
74 LsaConnectUntrusted(PHANDLE LsaHandle)
75 {
76 UNICODE_STRING PortName; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
77 SECURITY_QUALITY_OF_SERVICE SecurityQos;
78 LSA_CONNECTION_INFO ConnectInfo;
79 ULONG ConnectInfoLength = sizeof(ConnectInfo);
80 NTSTATUS Status;
81
82 DPRINT1("LsaConnectUntrusted(%p)\n", LsaHandle);
83
84 RtlInitUnicodeString(&PortName,
85 L"\\LsaAuthenticationPort");
86
87 SecurityQos.Length = sizeof(SecurityQos);
88 SecurityQos.ImpersonationLevel = SecurityIdentification;
89 SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
90 SecurityQos.EffectiveOnly = TRUE;
91
92 RtlZeroMemory(&ConnectInfo,
93 ConnectInfoLength);
94
95 Status = ZwConnectPort(LsaHandle,
96 &PortName,
97 &SecurityQos,
98 NULL,
99 NULL,
100 NULL,
101 &ConnectInfo,
102 &ConnectInfoLength);
103 if (!NT_SUCCESS(Status))
104 {
105 DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status);
106 return Status;
107 }
108
109 if (!NT_SUCCESS(ConnectInfo.Status))
110 {
111 DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo.Status);
112 }
113
114 return ConnectInfo.Status;
115 }
116
117
118 /*
119 * @implemented
120 */
121 NTSTATUS
122 WINAPI
123 LsaCallAuthenticationPackage(HANDLE LsaHandle,
124 ULONG AuthenticationPackage,
125 PVOID ProtocolSubmitBuffer,
126 ULONG SubmitBufferLength,
127 PVOID *ProtocolReturnBuffer,
128 PULONG ReturnBufferLength,
129 PNTSTATUS ProtocolStatus)
130 {
131 LSA_API_MSG ApiMessage;
132 NTSTATUS Status;
133
134 DPRINT1("LsaCallAuthenticationPackage()\n");
135
136 ApiMessage.ApiNumber = LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE;
137 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.CallAuthenticationPackage);
138 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
139 ApiMessage.h.u2.ZeroInit = 0;
140
141 ApiMessage.CallAuthenticationPackage.Request.AuthenticationPackage = AuthenticationPackage;
142 ApiMessage.CallAuthenticationPackage.Request.ProtocolSubmitBuffer = ProtocolSubmitBuffer;
143 ApiMessage.CallAuthenticationPackage.Request.SubmitBufferLength = SubmitBufferLength;
144
145 Status = ZwRequestWaitReplyPort(LsaHandle,
146 (PPORT_MESSAGE)&ApiMessage,
147 (PPORT_MESSAGE)&ApiMessage);
148 if (!NT_SUCCESS(Status))
149 {
150 DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
151 return Status;
152 }
153
154 if (!NT_SUCCESS(ApiMessage.Status))
155 {
156 DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
157 return ApiMessage.Status;
158 }
159
160 *ProtocolReturnBuffer = ApiMessage.CallAuthenticationPackage.Reply.ProtocolReturnBuffer;
161 *ReturnBufferLength = ApiMessage.CallAuthenticationPackage.Reply.ReturnBufferLength;
162 *ProtocolStatus = ApiMessage.CallAuthenticationPackage.Reply.ProtocolStatus;
163
164 return Status;
165 }
166
167
168 /*
169 * @implemented
170 */
171 NTSTATUS
172 WINAPI
173 LsaFreeReturnBuffer(PVOID Buffer)
174 {
175 ULONG Length = 0;
176
177 return ZwFreeVirtualMemory(NtCurrentProcess(),
178 &Buffer,
179 &Length,
180 MEM_RELEASE);
181 }
182
183
184 /*
185 * @implemented
186 */
187 NTSTATUS
188 WINAPI
189 LsaLookupAuthenticationPackage(HANDLE LsaHandle,
190 PLSA_STRING PackageName,
191 PULONG AuthenticationPackage)
192 {
193 LSA_API_MSG ApiMessage;
194 NTSTATUS Status;
195
196 /* Check the package name length */
197 if (PackageName->Length > LSASS_MAX_PACKAGE_NAME_LENGTH)
198 {
199 return STATUS_NAME_TOO_LONG;
200 }
201
202 ApiMessage.ApiNumber = LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE;
203 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LookupAuthenticationPackage);
204 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
205 ApiMessage.h.u2.ZeroInit = 0;
206
207 ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength = PackageName->Length;
208 strncpy(ApiMessage.LookupAuthenticationPackage.Request.PackageName,
209 PackageName->Buffer,
210 ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength);
211 ApiMessage.LookupAuthenticationPackage.Request.PackageName[ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength] = '\0';
212
213 Status = ZwRequestWaitReplyPort(LsaHandle,
214 (PPORT_MESSAGE)&ApiMessage,
215 (PPORT_MESSAGE)&ApiMessage);
216 if (!NT_SUCCESS(Status))
217 {
218 return Status;
219 }
220
221 if (!NT_SUCCESS(ApiMessage.Status))
222 {
223 return ApiMessage.Status;
224 }
225
226 *AuthenticationPackage = ApiMessage.LookupAuthenticationPackage.Reply.Package;
227
228 return Status;
229 }
230
231
232 /*
233 * @implemented
234 */
235 NTSTATUS
236 WINAPI
237 LsaLogonUser(HANDLE LsaHandle,
238 PLSA_STRING OriginName,
239 SECURITY_LOGON_TYPE LogonType,
240 ULONG AuthenticationPackage,
241 PVOID AuthenticationInformation,
242 ULONG AuthenticationInformationLength,
243 PTOKEN_GROUPS LocalGroups,
244 PTOKEN_SOURCE SourceContext,
245 PVOID *ProfileBuffer,
246 PULONG ProfileBufferLength,
247 PLUID LogonId,
248 PHANDLE Token,
249 PQUOTA_LIMITS Quotas,
250 PNTSTATUS SubStatus)
251 {
252 LSA_API_MSG ApiMessage;
253 NTSTATUS Status;
254
255 ApiMessage.ApiNumber = LSASS_REQUEST_LOGON_USER;
256 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LogonUser);
257 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
258 ApiMessage.h.u2.ZeroInit = 0;
259
260 ApiMessage.LogonUser.Request.OriginName = *OriginName;
261 ApiMessage.LogonUser.Request.LogonType = LogonType;
262 ApiMessage.LogonUser.Request.AuthenticationPackage = AuthenticationPackage;
263 ApiMessage.LogonUser.Request.AuthenticationInformation = AuthenticationInformation;
264 ApiMessage.LogonUser.Request.AuthenticationInformationLength = AuthenticationInformationLength;
265 ApiMessage.LogonUser.Request.LocalGroups = LocalGroups;
266 if (LocalGroups != NULL)
267 ApiMessage.LogonUser.Request.LocalGroupsCount = LocalGroups->GroupCount;
268 else
269 ApiMessage.LogonUser.Request.LocalGroupsCount = 0;
270 ApiMessage.LogonUser.Request.SourceContext = *SourceContext;
271
272 Status = ZwRequestWaitReplyPort(LsaHandle,
273 (PPORT_MESSAGE)&ApiMessage,
274 (PPORT_MESSAGE)&ApiMessage);
275 if (!NT_SUCCESS(Status))
276 {
277 return Status;
278 }
279
280 *SubStatus = ApiMessage.LogonUser.Reply.SubStatus;
281
282 if (!NT_SUCCESS(ApiMessage.Status))
283 {
284 return ApiMessage.Status;
285 }
286
287 *ProfileBuffer = ApiMessage.LogonUser.Reply.ProfileBuffer;
288 *ProfileBufferLength = ApiMessage.LogonUser.Reply.ProfileBufferLength;
289 *LogonId = ApiMessage.LogonUser.Reply.LogonId;
290 *Token = ApiMessage.LogonUser.Reply.Token;
291 *Quotas = ApiMessage.LogonUser.Reply.Quotas;
292
293 return Status;
294 }
295
296
297 /*
298 * @implemented
299 */
300 NTSTATUS
301 WINAPI
302 LsaRegisterLogonProcess(PLSA_STRING LsaLogonProcessName,
303 PHANDLE Handle,
304 PLSA_OPERATIONAL_MODE OperationalMode)
305 {
306 UNICODE_STRING PortName; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
307 SECURITY_QUALITY_OF_SERVICE SecurityQos;
308 LSA_CONNECTION_INFO ConnectInfo;
309 ULONG ConnectInfoLength = sizeof(ConnectInfo);
310 NTSTATUS Status;
311
312 DPRINT1("LsaRegisterLogonProcess()\n");
313
314 /* Check the logon process name length */
315 if (LsaLogonProcessName->Length > LSASS_MAX_LOGON_PROCESS_NAME_LENGTH)
316 return STATUS_NAME_TOO_LONG;
317
318 RtlInitUnicodeString(&PortName,
319 L"\\LsaAuthenticationPort");
320
321 SecurityQos.Length = sizeof(SecurityQos);
322 SecurityQos.ImpersonationLevel = SecurityIdentification;
323 SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
324 SecurityQos.EffectiveOnly = TRUE;
325
326 strncpy(ConnectInfo.LogonProcessNameBuffer,
327 LsaLogonProcessName->Buffer,
328 LsaLogonProcessName->Length);
329 ConnectInfo.Length = LsaLogonProcessName->Length;
330 ConnectInfo.LogonProcessNameBuffer[ConnectInfo.Length] = '\0';
331
332 Status = ZwConnectPort(Handle,
333 &PortName,
334 &SecurityQos,
335 NULL,
336 NULL,
337 NULL,
338 &ConnectInfo,
339 &ConnectInfoLength);
340 if (!NT_SUCCESS(Status))
341 {
342 DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status);
343 return Status;
344 }
345
346 DPRINT("ConnectInfo.OperationalMode: 0x%08lx\n", ConnectInfo.OperationalMode);
347 *OperationalMode = ConnectInfo.OperationalMode;
348
349 if (!NT_SUCCESS(ConnectInfo.Status))
350 {
351 DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo.Status);
352 }
353
354 return ConnectInfo.Status;
355 }
356
357
358 /*
359 * @unimplemented
360 */
361 NTSTATUS
362 WINAPI
363 LsaEnumerateLogonSessions(PULONG LogonSessionCount,
364 PLUID *LogonSessionList)
365 {
366 UNIMPLEMENTED;
367 return STATUS_NOT_IMPLEMENTED;
368 }
369
370
371 /*
372 * @unimplemented
373 */
374 NTSTATUS
375 WINAPI
376 LsaGetLogonSessionData(PLUID LogonId,
377 PSECURITY_LOGON_SESSION_DATA *ppLogonSessionData)
378 {
379 UNIMPLEMENTED;
380 return STATUS_NOT_IMPLEMENTED;
381 }
382
383
384 /*
385 * @unimplemented
386 */
387 NTSTATUS
388 WINAPI
389 LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,
390 HANDLE NotificationEventHandle)
391 {
392 UNIMPLEMENTED;
393 return STATUS_NOT_IMPLEMENTED;
394 }
395
396
397 /*
398 * @unimplemented
399 */
400 NTSTATUS
401 WINAPI
402 LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,
403 HANDLE NotificationEventHandle)
404 {
405 UNIMPLEMENTED;
406 return STATUS_NOT_IMPLEMENTED;
407 }