2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/lsalib/lsa.c
5 * PURPOSE: Client-side LSA functions
10 /* INCLUDES ******************************************************************/
12 #include <ndk/lpctypes.h>
13 #include <ndk/lpcfuncs.h>
14 #include <ndk/mmfuncs.h>
15 #include <ndk/rtlfuncs.h>
16 #include <ndk/obfuncs.h>
17 #include <psdk/ntsecapi.h>
18 #include <lsass/lsass.h>
23 /* GLOBALS *******************************************************************/
25 extern HANDLE Secur32Heap
;
27 /* FUNCTIONS *****************************************************************/
33 LsaDeregisterLogonProcess(HANDLE LsaHandle
)
35 LSA_API_MSG ApiMessage
;
38 DPRINT1("LsaDeregisterLogonProcess()\n");
40 ApiMessage
.ApiNumber
= LSASS_REQUEST_DEREGISTER_LOGON_PROCESS
;
41 ApiMessage
.h
.u1
.s1
.DataLength
= LSA_PORT_DATA_SIZE(ApiMessage
.DeregisterLogonProcess
);
42 ApiMessage
.h
.u1
.s1
.TotalLength
= LSA_PORT_MESSAGE_SIZE
;
43 ApiMessage
.h
.u2
.ZeroInit
= 0;
45 Status
= ZwRequestWaitReplyPort(LsaHandle
,
46 (PPORT_MESSAGE
)&ApiMessage
,
47 (PPORT_MESSAGE
)&ApiMessage
);
48 if (!NT_SUCCESS(Status
))
50 DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status
);
54 if (!NT_SUCCESS(ApiMessage
.Status
))
56 DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage
.Status
);
57 return ApiMessage
.Status
;
62 DPRINT1("LsaDeregisterLogonProcess() done (Status 0x%08lx)\n", Status
);
72 LsaConnectUntrusted(PHANDLE LsaHandle
)
75 return STATUS_NOT_IMPLEMENTED
;
83 LsaCallAuthenticationPackage(HANDLE LsaHandle
,
84 ULONG AuthenticationPackage
,
85 PVOID ProtocolSubmitBuffer
,
86 ULONG SubmitBufferLength
,
87 PVOID
*ProtocolReturnBuffer
,
88 PULONG ReturnBufferLength
,
89 PNTSTATUS ProtocolStatus
)
91 LSA_API_MSG ApiMessage
;
94 DPRINT1("LsaCallAuthenticationPackage()\n");
96 ApiMessage
.ApiNumber
= LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE
;
97 ApiMessage
.h
.u1
.s1
.DataLength
= LSA_PORT_DATA_SIZE(ApiMessage
.CallAuthenticationPackage
);
98 ApiMessage
.h
.u1
.s1
.TotalLength
= LSA_PORT_MESSAGE_SIZE
;
99 ApiMessage
.h
.u2
.ZeroInit
= 0;
101 ApiMessage
.CallAuthenticationPackage
.Request
.AuthenticationPackage
= AuthenticationPackage
;
102 ApiMessage
.CallAuthenticationPackage
.Request
.ProtocolSubmitBuffer
= ProtocolSubmitBuffer
;
103 ApiMessage
.CallAuthenticationPackage
.Request
.SubmitBufferLength
= SubmitBufferLength
;
105 Status
= ZwRequestWaitReplyPort(LsaHandle
,
106 (PPORT_MESSAGE
)&ApiMessage
,
107 (PPORT_MESSAGE
)&ApiMessage
);
108 if (!NT_SUCCESS(Status
))
110 DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status
);
114 if (!NT_SUCCESS(ApiMessage
.Status
))
116 DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage
.Status
);
117 return ApiMessage
.Status
;
120 *ProtocolReturnBuffer
= ApiMessage
.CallAuthenticationPackage
.Reply
.ProtocolReturnBuffer
;
121 *ReturnBufferLength
= ApiMessage
.CallAuthenticationPackage
.Reply
.ReturnBufferLength
;
122 *ProtocolStatus
= ApiMessage
.CallAuthenticationPackage
.Reply
.ProtocolStatus
;
128 PLSASS_REQUEST Request
;
130 LSASS_REQUEST RawRequest
;
131 LSASS_REPLY RawReply
;
135 Request
= (PLSASS_REQUEST
)&RawRequest
;
136 Reply
= (PLSASS_REPLY
)&RawReply
;
138 Request
->Header
.u1
.s1
.DataLength
= sizeof(LSASS_REQUEST
) + SubmitBufferLength
-
139 sizeof(PORT_MESSAGE
);
140 Request
->Header
.u1
.s1
.TotalLength
=
141 Request
->Header
.u1
.s1
.DataLength
+ sizeof(PORT_MESSAGE
);
142 Request
->Type
= LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE
;
143 Request
->d
.CallAuthenticationPackageRequest
.AuthenticationPackage
=
144 AuthenticationPackage
;
145 Request
->d
.CallAuthenticationPackageRequest
.InBufferLength
=
147 memcpy(Request
->d
.CallAuthenticationPackageRequest
.InBuffer
,
148 ProtocolSubmitBuffer
,
151 Status
= ZwRequestWaitReplyPort(LsaHandle
,
154 if (!NT_SUCCESS(Status
))
159 if (!NT_SUCCESS(Reply
->Status
))
161 return Reply
->Status
;
164 OutBufferSize
= Reply
->d
.CallAuthenticationPackageReply
.OutBufferLength
;
165 *ProtocolReturnBuffer
= RtlAllocateHeap(Secur32Heap
,
168 *ReturnBufferLength
= OutBufferSize
;
169 memcpy(*ProtocolReturnBuffer
,
170 Reply
->d
.CallAuthenticationPackageReply
.OutBuffer
,
171 *ReturnBufferLength
);
182 LsaFreeReturnBuffer(PVOID Buffer
)
186 return ZwFreeVirtualMemory(NtCurrentProcess(),
197 LsaLookupAuthenticationPackage(HANDLE LsaHandle
,
198 PLSA_STRING PackageName
,
199 PULONG AuthenticationPackage
)
201 LSA_API_MSG ApiMessage
;
204 /* Check the package name length */
205 if (PackageName
->Length
> LSASS_MAX_PACKAGE_NAME_LENGTH
)
207 return STATUS_NAME_TOO_LONG
;
210 ApiMessage
.ApiNumber
= LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE
;
211 ApiMessage
.h
.u1
.s1
.DataLength
= LSA_PORT_DATA_SIZE(ApiMessage
.LookupAuthenticationPackage
);
212 ApiMessage
.h
.u1
.s1
.TotalLength
= LSA_PORT_MESSAGE_SIZE
;
213 ApiMessage
.h
.u2
.ZeroInit
= 0;
215 ApiMessage
.LookupAuthenticationPackage
.Request
.PackageNameLength
= PackageName
->Length
;
216 strncpy(ApiMessage
.LookupAuthenticationPackage
.Request
.PackageName
,
218 ApiMessage
.LookupAuthenticationPackage
.Request
.PackageNameLength
);
219 ApiMessage
.LookupAuthenticationPackage
.Request
.PackageName
[ApiMessage
.LookupAuthenticationPackage
.Request
.PackageNameLength
] = '\0';
221 Status
= ZwRequestWaitReplyPort(LsaHandle
,
222 (PPORT_MESSAGE
)&ApiMessage
,
223 (PPORT_MESSAGE
)&ApiMessage
);
224 if (!NT_SUCCESS(Status
))
229 if (!NT_SUCCESS(ApiMessage
.Status
))
231 return ApiMessage
.Status
;
234 *AuthenticationPackage
= ApiMessage
.LookupAuthenticationPackage
.Reply
.Package
;
244 LsaLogonUser(HANDLE LsaHandle
,
245 PLSA_STRING OriginName
,
246 SECURITY_LOGON_TYPE LogonType
,
247 ULONG AuthenticationPackage
,
248 PVOID AuthenticationInformation
,
249 ULONG AuthenticationInformationLength
,
250 PTOKEN_GROUPS LocalGroups
,
251 PTOKEN_SOURCE SourceContext
,
252 PVOID
*ProfileBuffer
,
253 PULONG ProfileBufferLength
,
256 PQUOTA_LIMITS Quotas
,
259 LSA_API_MSG ApiMessage
;
262 ApiMessage
.ApiNumber
= LSASS_REQUEST_LOGON_USER
;
263 ApiMessage
.h
.u1
.s1
.DataLength
= LSA_PORT_DATA_SIZE(ApiMessage
.LogonUser
);
264 ApiMessage
.h
.u1
.s1
.TotalLength
= LSA_PORT_MESSAGE_SIZE
;
265 ApiMessage
.h
.u2
.ZeroInit
= 0;
267 ApiMessage
.LogonUser
.Request
.OriginName
= *OriginName
;
268 ApiMessage
.LogonUser
.Request
.LogonType
= LogonType
;
269 ApiMessage
.LogonUser
.Request
.AuthenticationPackage
= AuthenticationPackage
;
270 ApiMessage
.LogonUser
.Request
.AuthenticationInformation
= AuthenticationInformation
;
271 ApiMessage
.LogonUser
.Request
.AuthenticationInformationLength
= AuthenticationInformationLength
;
272 ApiMessage
.LogonUser
.Request
.LocalGroups
= LocalGroups
;
273 if (LocalGroups
!= NULL
)
274 ApiMessage
.LogonUser
.Request
.LocalGroupsCount
= LocalGroups
->GroupCount
;
276 ApiMessage
.LogonUser
.Request
.LocalGroupsCount
= 0;
277 ApiMessage
.LogonUser
.Request
.SourceContext
= *SourceContext
;
279 Status
= ZwRequestWaitReplyPort(LsaHandle
,
280 (PPORT_MESSAGE
)&ApiMessage
,
281 (PPORT_MESSAGE
)&ApiMessage
);
282 if (!NT_SUCCESS(Status
))
287 if (!NT_SUCCESS(ApiMessage
.Status
))
289 return ApiMessage
.Status
;
292 *ProfileBuffer
= ApiMessage
.LogonUser
.Reply
.ProfileBuffer
;
293 *ProfileBufferLength
= ApiMessage
.LogonUser
.Reply
.ProfileBufferLength
;
294 *LogonId
= ApiMessage
.LogonUser
.Reply
.LogonId
;
295 *Token
= ApiMessage
.LogonUser
.Reply
.Token
;
296 *Quotas
= ApiMessage
.LogonUser
.Reply
.Quotas
;
297 *SubStatus
= ApiMessage
.LogonUser
.Reply
.SubStatus
;
304 PLSASS_REQUEST Request
;
305 LSASS_REQUEST RawMessage
;
307 LSASS_REPLY RawReply
;
310 RequestLength
= sizeof(LSASS_REQUEST
) - sizeof(PORT_MESSAGE
);
311 RequestLength
= RequestLength
+ (OriginName
->Length
* sizeof(WCHAR
));
312 RequestLength
= RequestLength
+ AuthenticationInformationLength
;
313 RequestLength
= RequestLength
+
314 (LocalGroups
->GroupCount
* sizeof(SID_AND_ATTRIBUTES
));
317 Request
= (PLSASS_REQUEST
)&RawMessage
;
319 Request
->d
.LogonUserRequest
.OriginNameLength
= OriginName
->Length
;
320 Request
->d
.LogonUserRequest
.OriginName
= (PWSTR
)&RawMessage
+ CurrentLength
;
321 memcpy((PWSTR
)&RawMessage
+ CurrentLength
,
323 OriginName
->Length
* sizeof(WCHAR
));
324 CurrentLength
= CurrentLength
+ (OriginName
->Length
* sizeof(WCHAR
));
326 Request
->d
.LogonUserRequest
.LogonType
= LogonType
;
328 Request
->d
.LogonUserRequest
.AuthenticationPackage
=
329 AuthenticationPackage
;
331 Request
->d
.LogonUserRequest
.AuthenticationInformation
=
332 (PVOID
)((ULONG_PTR
)&RawMessage
+ CurrentLength
);
333 Request
->d
.LogonUserRequest
.AuthenticationInformationLength
=
334 AuthenticationInformationLength
;
335 memcpy((PVOID
)((ULONG_PTR
)&RawMessage
+ CurrentLength
),
336 AuthenticationInformation
,
337 AuthenticationInformationLength
);
338 CurrentLength
= CurrentLength
+ AuthenticationInformationLength
;
340 Request
->d
.LogonUserRequest
.LocalGroupsCount
= LocalGroups
->GroupCount
;
341 Request
->d
.LogonUserRequest
.LocalGroups
=
342 (PSID_AND_ATTRIBUTES
)&RawMessage
+ CurrentLength
;
343 memcpy((PSID_AND_ATTRIBUTES
)&RawMessage
+ CurrentLength
,
345 LocalGroups
->GroupCount
* sizeof(SID_AND_ATTRIBUTES
));
347 Request
->d
.LogonUserRequest
.SourceContext
= *SourceContext
;
349 Request
->Type
= LSASS_REQUEST_LOGON_USER
;
350 Request
->Header
.u1
.s1
.DataLength
= RequestLength
- sizeof(PORT_MESSAGE
);
351 Request
->Header
.u1
.s1
.TotalLength
= RequestLength
+ sizeof(PORT_MESSAGE
);
353 Reply
= (PLSASS_REPLY
)&RawReply
;
355 Status
= ZwRequestWaitReplyPort(LsaHandle
,
358 if (!NT_SUCCESS(Status
))
363 *SubStatus
= Reply
->d
.LogonUserReply
.SubStatus
;
365 if (!NT_SUCCESS(Reply
->Status
))
370 *ProfileBuffer
= RtlAllocateHeap(Secur32Heap
,
372 Reply
->d
.LogonUserReply
.ProfileBufferLength
);
373 memcpy(*ProfileBuffer
,
374 (PVOID
)((ULONG_PTR
)Reply
->d
.LogonUserReply
.Data
+
375 (ULONG_PTR
)Reply
->d
.LogonUserReply
.ProfileBuffer
),
376 Reply
->d
.LogonUserReply
.ProfileBufferLength
);
377 *LogonId
= Reply
->d
.LogonUserReply
.LogonId
;
378 *Token
= Reply
->d
.LogonUserReply
.Token
;
380 &Reply
->d
.LogonUserReply
.Quotas
,
381 sizeof(Reply
->d
.LogonUserReply
.Quotas
));
392 LsaRegisterLogonProcess(PLSA_STRING LsaLogonProcessName
,
394 PLSA_OPERATIONAL_MODE OperationalMode
)
396 UNICODE_STRING PortName
; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
397 SECURITY_QUALITY_OF_SERVICE SecurityQos
;
398 LSA_CONNECTION_INFO ConnectInfo
;
399 ULONG ConnectInfoLength
= sizeof(ConnectInfo
);
402 DPRINT1("LsaRegisterLogonProcess()\n");
404 /* Check the logon process name length */
405 if (LsaLogonProcessName
->Length
> LSASS_MAX_LOGON_PROCESS_NAME_LENGTH
)
406 return STATUS_NAME_TOO_LONG
;
408 RtlInitUnicodeString(&PortName
,
409 L
"\\LsaAuthenticationPort");
411 SecurityQos
.Length
= sizeof(SecurityQos
);
412 SecurityQos
.ImpersonationLevel
= SecurityIdentification
;
413 SecurityQos
.ContextTrackingMode
= SECURITY_DYNAMIC_TRACKING
;
414 SecurityQos
.EffectiveOnly
= TRUE
;
416 strncpy(ConnectInfo
.LogonProcessNameBuffer
,
417 LsaLogonProcessName
->Buffer
,
418 LsaLogonProcessName
->Length
);
419 ConnectInfo
.Length
= LsaLogonProcessName
->Length
;
420 ConnectInfo
.LogonProcessNameBuffer
[ConnectInfo
.Length
] = '\0';
422 Status
= ZwConnectPort(Handle
,
430 if (!NT_SUCCESS(Status
))
432 DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status
);
436 DPRINT("ConnectInfo.OperationalMode: 0x%08lx\n", ConnectInfo
.OperationalMode
);
437 *OperationalMode
= ConnectInfo
.OperationalMode
;
439 if (!NT_SUCCESS(Status
))
441 DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo
.Status
);
444 return ConnectInfo
.Status
;
453 LsaEnumerateLogonSessions(PULONG LogonSessionCount
,
454 PLUID
*LogonSessionList
)
457 return STATUS_NOT_IMPLEMENTED
;
466 LsaGetLogonSessionData(PLUID LogonId
,
467 PSECURITY_LOGON_SESSION_DATA
*ppLogonSessionData
)
470 return STATUS_NOT_IMPLEMENTED
;
479 LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass
,
480 HANDLE NotificationEventHandle
)
483 return STATUS_NOT_IMPLEMENTED
;
492 LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass
,
493 HANDLE NotificationEventHandle
)
496 return STATUS_NOT_IMPLEMENTED
;