[SECUR32][LSASRV][LSALIB]
[reactos.git] / reactos / lib / lsalib / lsa.c
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/lsalib/lsa.c
5 * PURPOSE: Client-side LSA functions
6 * UPDATE HISTORY:
7 * Created 05/08/00
8 */
9
10 /* INCLUDES ******************************************************************/
11
12 #include <ndk/lpctypes.h>
13 #include <ndk/lpcfuncs.h>
14 #include <ndk/mmfuncs.h>
15 #include <ndk/rtlfuncs.h>
16 #include <ndk/obfuncs.h>
17 #include <psdk/ntsecapi.h>
18 #include <lsass/lsass.h>
19
20 #define NDEBUG
21 #include <debug.h>
22
23 /* GLOBALS *******************************************************************/
24
25 extern HANDLE Secur32Heap;
26
27 /* FUNCTIONS *****************************************************************/
28
29 /*
30 * @implemented
31 */
32 NTSTATUS
33 WINAPI
34 LsaDeregisterLogonProcess(HANDLE LsaHandle)
35 {
36 LSA_API_MSG ApiMessage;
37 NTSTATUS Status;
38
39 DPRINT1("LsaDeregisterLogonProcess()\n");
40
41 ApiMessage.ApiNumber = LSASS_REQUEST_DEREGISTER_LOGON_PROCESS;
42 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.DeregisterLogonProcess);
43 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
44 ApiMessage.h.u2.ZeroInit = 0;
45
46 Status = ZwRequestWaitReplyPort(LsaHandle,
47 (PPORT_MESSAGE)&ApiMessage,
48 (PPORT_MESSAGE)&ApiMessage);
49 if (!NT_SUCCESS(Status))
50 {
51 DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
52 return Status;
53 }
54
55 if (!NT_SUCCESS(ApiMessage.Status))
56 {
57 DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
58 return ApiMessage.Status;
59 }
60
61 NtClose(LsaHandle);
62
63 DPRINT1("LsaDeregisterLogonProcess() done (Status 0x%08lx)\n", Status);
64
65 return Status;
66 }
67
68
69 /*
70 * @implemented
71 */
72 NTSTATUS
73 WINAPI
74 LsaConnectUntrusted(PHANDLE LsaHandle)
75 {
76 UNICODE_STRING PortName; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
77 SECURITY_QUALITY_OF_SERVICE SecurityQos;
78 LSA_CONNECTION_INFO ConnectInfo;
79 ULONG ConnectInfoLength = sizeof(ConnectInfo);
80 NTSTATUS Status;
81
82 DPRINT1("LsaConnectUntrusted(%p)\n", LsaHandle);
83
84 RtlInitUnicodeString(&PortName,
85 L"\\LsaAuthenticationPort");
86
87 SecurityQos.Length = sizeof(SecurityQos);
88 SecurityQos.ImpersonationLevel = SecurityIdentification;
89 SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
90 SecurityQos.EffectiveOnly = TRUE;
91
92 RtlZeroMemory(&ConnectInfo,
93 ConnectInfoLength);
94
95 ConnectInfo.CreateContext = TRUE;
96
97 Status = ZwConnectPort(LsaHandle,
98 &PortName,
99 &SecurityQos,
100 NULL,
101 NULL,
102 NULL,
103 &ConnectInfo,
104 &ConnectInfoLength);
105 if (!NT_SUCCESS(Status))
106 {
107 DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status);
108 return Status;
109 }
110
111 if (!NT_SUCCESS(ConnectInfo.Status))
112 {
113 DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo.Status);
114 }
115
116 return ConnectInfo.Status;
117 }
118
119
120 /*
121 * @implemented
122 */
123 NTSTATUS
124 WINAPI
125 LsaCallAuthenticationPackage(HANDLE LsaHandle,
126 ULONG AuthenticationPackage,
127 PVOID ProtocolSubmitBuffer,
128 ULONG SubmitBufferLength,
129 PVOID *ProtocolReturnBuffer,
130 PULONG ReturnBufferLength,
131 PNTSTATUS ProtocolStatus)
132 {
133 LSA_API_MSG ApiMessage;
134 NTSTATUS Status;
135
136 DPRINT1("LsaCallAuthenticationPackage()\n");
137
138 ApiMessage.ApiNumber = LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE;
139 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.CallAuthenticationPackage);
140 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
141 ApiMessage.h.u2.ZeroInit = 0;
142
143 ApiMessage.CallAuthenticationPackage.Request.AuthenticationPackage = AuthenticationPackage;
144 ApiMessage.CallAuthenticationPackage.Request.ProtocolSubmitBuffer = ProtocolSubmitBuffer;
145 ApiMessage.CallAuthenticationPackage.Request.SubmitBufferLength = SubmitBufferLength;
146
147 Status = ZwRequestWaitReplyPort(LsaHandle,
148 (PPORT_MESSAGE)&ApiMessage,
149 (PPORT_MESSAGE)&ApiMessage);
150 if (!NT_SUCCESS(Status))
151 {
152 DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
153 return Status;
154 }
155
156 if (!NT_SUCCESS(ApiMessage.Status))
157 {
158 DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
159 return ApiMessage.Status;
160 }
161
162 *ProtocolReturnBuffer = ApiMessage.CallAuthenticationPackage.Reply.ProtocolReturnBuffer;
163 *ReturnBufferLength = ApiMessage.CallAuthenticationPackage.Reply.ReturnBufferLength;
164 *ProtocolStatus = ApiMessage.CallAuthenticationPackage.Reply.ProtocolStatus;
165
166 return Status;
167 }
168
169
170 /*
171 * @implemented
172 */
173 NTSTATUS
174 WINAPI
175 LsaFreeReturnBuffer(PVOID Buffer)
176 {
177 ULONG Length = 0;
178
179 return ZwFreeVirtualMemory(NtCurrentProcess(),
180 &Buffer,
181 &Length,
182 MEM_RELEASE);
183 }
184
185
186 /*
187 * @implemented
188 */
189 NTSTATUS
190 WINAPI
191 LsaLookupAuthenticationPackage(HANDLE LsaHandle,
192 PLSA_STRING PackageName,
193 PULONG AuthenticationPackage)
194 {
195 LSA_API_MSG ApiMessage;
196 NTSTATUS Status;
197
198 /* Check the package name length */
199 if (PackageName->Length > LSASS_MAX_PACKAGE_NAME_LENGTH)
200 {
201 return STATUS_NAME_TOO_LONG;
202 }
203
204 ApiMessage.ApiNumber = LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE;
205 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LookupAuthenticationPackage);
206 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
207 ApiMessage.h.u2.ZeroInit = 0;
208
209 ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength = PackageName->Length;
210 strncpy(ApiMessage.LookupAuthenticationPackage.Request.PackageName,
211 PackageName->Buffer,
212 ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength);
213 ApiMessage.LookupAuthenticationPackage.Request.PackageName[ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength] = '\0';
214
215 Status = ZwRequestWaitReplyPort(LsaHandle,
216 (PPORT_MESSAGE)&ApiMessage,
217 (PPORT_MESSAGE)&ApiMessage);
218 if (!NT_SUCCESS(Status))
219 {
220 return Status;
221 }
222
223 if (!NT_SUCCESS(ApiMessage.Status))
224 {
225 return ApiMessage.Status;
226 }
227
228 *AuthenticationPackage = ApiMessage.LookupAuthenticationPackage.Reply.Package;
229
230 return Status;
231 }
232
233
234 /*
235 * @implemented
236 */
237 NTSTATUS
238 WINAPI
239 LsaLogonUser(HANDLE LsaHandle,
240 PLSA_STRING OriginName,
241 SECURITY_LOGON_TYPE LogonType,
242 ULONG AuthenticationPackage,
243 PVOID AuthenticationInformation,
244 ULONG AuthenticationInformationLength,
245 PTOKEN_GROUPS LocalGroups,
246 PTOKEN_SOURCE SourceContext,
247 PVOID *ProfileBuffer,
248 PULONG ProfileBufferLength,
249 PLUID LogonId,
250 PHANDLE Token,
251 PQUOTA_LIMITS Quotas,
252 PNTSTATUS SubStatus)
253 {
254 LSA_API_MSG ApiMessage;
255 NTSTATUS Status;
256
257 ApiMessage.ApiNumber = LSASS_REQUEST_LOGON_USER;
258 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LogonUser);
259 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
260 ApiMessage.h.u2.ZeroInit = 0;
261
262 ApiMessage.LogonUser.Request.OriginName = *OriginName;
263 ApiMessage.LogonUser.Request.LogonType = LogonType;
264 ApiMessage.LogonUser.Request.AuthenticationPackage = AuthenticationPackage;
265 ApiMessage.LogonUser.Request.AuthenticationInformation = AuthenticationInformation;
266 ApiMessage.LogonUser.Request.AuthenticationInformationLength = AuthenticationInformationLength;
267 ApiMessage.LogonUser.Request.LocalGroups = LocalGroups;
268 if (LocalGroups != NULL)
269 ApiMessage.LogonUser.Request.LocalGroupsCount = LocalGroups->GroupCount;
270 else
271 ApiMessage.LogonUser.Request.LocalGroupsCount = 0;
272 ApiMessage.LogonUser.Request.SourceContext = *SourceContext;
273
274 Status = ZwRequestWaitReplyPort(LsaHandle,
275 (PPORT_MESSAGE)&ApiMessage,
276 (PPORT_MESSAGE)&ApiMessage);
277 if (!NT_SUCCESS(Status))
278 {
279 return Status;
280 }
281
282 *SubStatus = ApiMessage.LogonUser.Reply.SubStatus;
283
284 if (!NT_SUCCESS(ApiMessage.Status))
285 {
286 return ApiMessage.Status;
287 }
288
289 *ProfileBuffer = ApiMessage.LogonUser.Reply.ProfileBuffer;
290 *ProfileBufferLength = ApiMessage.LogonUser.Reply.ProfileBufferLength;
291 *LogonId = ApiMessage.LogonUser.Reply.LogonId;
292 *Token = ApiMessage.LogonUser.Reply.Token;
293 *Quotas = ApiMessage.LogonUser.Reply.Quotas;
294
295 return Status;
296 }
297
298
299 /*
300 * @implemented
301 */
302 NTSTATUS
303 WINAPI
304 LsaRegisterLogonProcess(PLSA_STRING LsaLogonProcessName,
305 PHANDLE Handle,
306 PLSA_OPERATIONAL_MODE OperationalMode)
307 {
308 UNICODE_STRING PortName; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
309 SECURITY_QUALITY_OF_SERVICE SecurityQos;
310 LSA_CONNECTION_INFO ConnectInfo;
311 ULONG ConnectInfoLength = sizeof(ConnectInfo);
312 NTSTATUS Status;
313
314 DPRINT1("LsaRegisterLogonProcess()\n");
315
316 /* Check the logon process name length */
317 if (LsaLogonProcessName->Length > LSASS_MAX_LOGON_PROCESS_NAME_LENGTH)
318 return STATUS_NAME_TOO_LONG;
319
320 RtlInitUnicodeString(&PortName,
321 L"\\LsaAuthenticationPort");
322
323 SecurityQos.Length = sizeof(SecurityQos);
324 SecurityQos.ImpersonationLevel = SecurityIdentification;
325 SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
326 SecurityQos.EffectiveOnly = TRUE;
327
328 strncpy(ConnectInfo.LogonProcessNameBuffer,
329 LsaLogonProcessName->Buffer,
330 LsaLogonProcessName->Length);
331 ConnectInfo.Length = LsaLogonProcessName->Length;
332 ConnectInfo.LogonProcessNameBuffer[ConnectInfo.Length] = '\0';
333 ConnectInfo.CreateContext = TRUE;
334
335 Status = ZwConnectPort(Handle,
336 &PortName,
337 &SecurityQos,
338 NULL,
339 NULL,
340 NULL,
341 &ConnectInfo,
342 &ConnectInfoLength);
343 if (!NT_SUCCESS(Status))
344 {
345 DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status);
346 return Status;
347 }
348
349 DPRINT("ConnectInfo.OperationalMode: 0x%08lx\n", ConnectInfo.OperationalMode);
350 *OperationalMode = ConnectInfo.OperationalMode;
351
352 if (!NT_SUCCESS(ConnectInfo.Status))
353 {
354 DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo.Status);
355 }
356
357 return ConnectInfo.Status;
358 }
359