2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/lsalib/lsa.c
5 * PURPOSE: Client-side LSA functions
10 /* INCLUDES ******************************************************************/
12 #include <ndk/lpctypes.h>
13 #include <ndk/lpcfuncs.h>
14 #include <ndk/rtlfuncs.h>
15 #include <ndk/obfuncs.h>
16 #include <psdk/ntsecapi.h>
17 #include <lsass/lsass.h>
22 /* GLOBALS *******************************************************************/
24 extern HANDLE Secur32Heap
;
26 /* FUNCTIONS *****************************************************************/
32 LsaDeregisterLogonProcess(HANDLE LsaHandle
)
34 LSA_API_MSG ApiMessage
;
37 DPRINT1("LsaDeregisterLogonProcess()\n");
39 ApiMessage
.ApiNumber
= LSASS_REQUEST_DEREGISTER_LOGON_PROCESS
;
40 ApiMessage
.h
.u1
.s1
.DataLength
= LSA_PORT_DATA_SIZE(ApiMessage
.DeregisterLogonProcess
.Request
);
41 ApiMessage
.h
.u1
.s1
.TotalLength
= LSA_PORT_MESSAGE_SIZE
;
42 ApiMessage
.h
.u2
.ZeroInit
= 0;
44 Status
= ZwRequestWaitReplyPort(LsaHandle
,
45 (PPORT_MESSAGE
)&ApiMessage
,
46 (PPORT_MESSAGE
)&ApiMessage
);
47 if (!NT_SUCCESS(Status
))
49 DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status
);
53 if (!NT_SUCCESS(ApiMessage
.Status
))
55 DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage
.Status
);
56 return ApiMessage
.Status
;
61 DPRINT1("LsaDeregisterLogonProcess() done (Status 0x%08lx)\n", Status
);
71 LsaConnectUntrusted(PHANDLE LsaHandle
)
74 return STATUS_NOT_IMPLEMENTED
;
82 LsaCallAuthenticationPackage(HANDLE LsaHandle
,
83 ULONG AuthenticationPackage
,
84 PVOID ProtocolSubmitBuffer
,
85 ULONG SubmitBufferLength
,
86 PVOID
*ProtocolReturnBuffer
,
87 PULONG ReturnBufferLength
,
88 PNTSTATUS ProtocolStatus
)
91 PLSASS_REQUEST Request
;
93 LSASS_REQUEST RawRequest
;
98 Request
= (PLSASS_REQUEST
)&RawRequest
;
99 Reply
= (PLSASS_REPLY
)&RawReply
;
101 Request
->Header
.u1
.s1
.DataLength
= sizeof(LSASS_REQUEST
) + SubmitBufferLength
-
102 sizeof(PORT_MESSAGE
);
103 Request
->Header
.u1
.s1
.TotalLength
=
104 Request
->Header
.u1
.s1
.DataLength
+ sizeof(PORT_MESSAGE
);
105 Request
->Type
= LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE
;
106 Request
->d
.CallAuthenticationPackageRequest
.AuthenticationPackage
=
107 AuthenticationPackage
;
108 Request
->d
.CallAuthenticationPackageRequest
.InBufferLength
=
110 memcpy(Request
->d
.CallAuthenticationPackageRequest
.InBuffer
,
111 ProtocolSubmitBuffer
,
114 Status
= ZwRequestWaitReplyPort(LsaHandle
,
117 if (!NT_SUCCESS(Status
))
122 if (!NT_SUCCESS(Reply
->Status
))
124 return Reply
->Status
;
127 OutBufferSize
= Reply
->d
.CallAuthenticationPackageReply
.OutBufferLength
;
128 *ProtocolReturnBuffer
= RtlAllocateHeap(Secur32Heap
,
131 *ReturnBufferLength
= OutBufferSize
;
132 memcpy(*ProtocolReturnBuffer
,
133 Reply
->d
.CallAuthenticationPackageReply
.OutBuffer
,
134 *ReturnBufferLength
);
147 LsaFreeReturnBuffer(PVOID Buffer
)
149 return RtlFreeHeap(Secur32Heap
, 0, Buffer
);
157 LsaLookupAuthenticationPackage(HANDLE LsaHandle
,
158 PLSA_STRING PackageName
,
159 PULONG AuthenticationPackage
)
161 LSA_API_MSG ApiMessage
;
164 /* Check the package name length */
165 if (PackageName
->Length
> LSASS_MAX_PACKAGE_NAME_LENGTH
)
167 return STATUS_NAME_TOO_LONG
;
170 ApiMessage
.ApiNumber
= LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE
;
171 ApiMessage
.h
.u1
.s1
.DataLength
= LSA_PORT_DATA_SIZE(ApiMessage
.LookupAuthenticationPackage
.Request
);
172 ApiMessage
.h
.u1
.s1
.TotalLength
= LSA_PORT_MESSAGE_SIZE
;
173 ApiMessage
.h
.u2
.ZeroInit
= 0;
175 ApiMessage
.LookupAuthenticationPackage
.Request
.PackageNameLength
= PackageName
->Length
;
176 strncpy(ApiMessage
.LookupAuthenticationPackage
.Request
.PackageName
,
178 ApiMessage
.LookupAuthenticationPackage
.Request
.PackageNameLength
);
179 ApiMessage
.LookupAuthenticationPackage
.Request
.PackageName
[ApiMessage
.LookupAuthenticationPackage
.Request
.PackageNameLength
] = '\0';
181 Status
= ZwRequestWaitReplyPort(LsaHandle
,
182 (PPORT_MESSAGE
)&ApiMessage
,
183 (PPORT_MESSAGE
)&ApiMessage
);
184 if (!NT_SUCCESS(Status
))
189 if (!NT_SUCCESS(ApiMessage
.Status
))
191 return ApiMessage
.Status
;
194 *AuthenticationPackage
= ApiMessage
.LookupAuthenticationPackage
.Reply
.Package
;
204 LsaLogonUser(HANDLE LsaHandle
,
205 PLSA_STRING OriginName
,
206 SECURITY_LOGON_TYPE LogonType
,
207 ULONG AuthenticationPackage
,
208 PVOID AuthenticationInformation
,
209 ULONG AuthenticationInformationLength
,
210 PTOKEN_GROUPS LocalGroups
,
211 PTOKEN_SOURCE SourceContext
,
212 PVOID
*ProfileBuffer
,
213 PULONG ProfileBufferLength
,
216 PQUOTA_LIMITS Quotas
,
222 PLSASS_REQUEST Request
;
223 LSASS_REQUEST RawMessage
;
225 LSASS_REPLY RawReply
;
228 RequestLength
= sizeof(LSASS_REQUEST
) - sizeof(PORT_MESSAGE
);
229 RequestLength
= RequestLength
+ (OriginName
->Length
* sizeof(WCHAR
));
230 RequestLength
= RequestLength
+ AuthenticationInformationLength
;
231 RequestLength
= RequestLength
+
232 (LocalGroups
->GroupCount
* sizeof(SID_AND_ATTRIBUTES
));
235 Request
= (PLSASS_REQUEST
)&RawMessage
;
237 Request
->d
.LogonUserRequest
.OriginNameLength
= OriginName
->Length
;
238 Request
->d
.LogonUserRequest
.OriginName
= (PWSTR
)&RawMessage
+ CurrentLength
;
239 memcpy((PWSTR
)&RawMessage
+ CurrentLength
,
241 OriginName
->Length
* sizeof(WCHAR
));
242 CurrentLength
= CurrentLength
+ (OriginName
->Length
* sizeof(WCHAR
));
244 Request
->d
.LogonUserRequest
.LogonType
= LogonType
;
246 Request
->d
.LogonUserRequest
.AuthenticationPackage
=
247 AuthenticationPackage
;
249 Request
->d
.LogonUserRequest
.AuthenticationInformation
=
250 (PVOID
)((ULONG_PTR
)&RawMessage
+ CurrentLength
);
251 Request
->d
.LogonUserRequest
.AuthenticationInformationLength
=
252 AuthenticationInformationLength
;
253 memcpy((PVOID
)((ULONG_PTR
)&RawMessage
+ CurrentLength
),
254 AuthenticationInformation
,
255 AuthenticationInformationLength
);
256 CurrentLength
= CurrentLength
+ AuthenticationInformationLength
;
258 Request
->d
.LogonUserRequest
.LocalGroupsCount
= LocalGroups
->GroupCount
;
259 Request
->d
.LogonUserRequest
.LocalGroups
=
260 (PSID_AND_ATTRIBUTES
)&RawMessage
+ CurrentLength
;
261 memcpy((PSID_AND_ATTRIBUTES
)&RawMessage
+ CurrentLength
,
263 LocalGroups
->GroupCount
* sizeof(SID_AND_ATTRIBUTES
));
265 Request
->d
.LogonUserRequest
.SourceContext
= *SourceContext
;
267 Request
->Type
= LSASS_REQUEST_LOGON_USER
;
268 Request
->Header
.u1
.s1
.DataLength
= RequestLength
- sizeof(PORT_MESSAGE
);
269 Request
->Header
.u1
.s1
.TotalLength
= RequestLength
+ sizeof(PORT_MESSAGE
);
271 Reply
= (PLSASS_REPLY
)&RawReply
;
273 Status
= ZwRequestWaitReplyPort(LsaHandle
,
276 if (!NT_SUCCESS(Status
))
281 *SubStatus
= Reply
->d
.LogonUserReply
.SubStatus
;
283 if (!NT_SUCCESS(Reply
->Status
))
288 *ProfileBuffer
= RtlAllocateHeap(Secur32Heap
,
290 Reply
->d
.LogonUserReply
.ProfileBufferLength
);
291 memcpy(*ProfileBuffer
,
292 (PVOID
)((ULONG_PTR
)Reply
->d
.LogonUserReply
.Data
+
293 (ULONG_PTR
)Reply
->d
.LogonUserReply
.ProfileBuffer
),
294 Reply
->d
.LogonUserReply
.ProfileBufferLength
);
295 *LogonId
= Reply
->d
.LogonUserReply
.LogonId
;
296 *Token
= Reply
->d
.LogonUserReply
.Token
;
298 &Reply
->d
.LogonUserReply
.Quotas
,
299 sizeof(Reply
->d
.LogonUserReply
.Quotas
));
311 LsaRegisterLogonProcess(PLSA_STRING LsaLogonProcessName
,
313 PLSA_OPERATIONAL_MODE OperationalMode
)
315 UNICODE_STRING PortName
; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
316 SECURITY_QUALITY_OF_SERVICE SecurityQos
;
317 LSA_CONNECTION_INFO ConnectInfo
;
318 ULONG ConnectInfoLength
= sizeof(ConnectInfo
);
319 LSA_API_MSG ApiMessage
;
320 HANDLE PortHandle
= NULL
;
323 DPRINT1("LsaRegisterLogonProcess()\n");
325 /* Check the logon process name length */
326 if (LsaLogonProcessName
->Length
> LSASS_MAX_LOGON_PROCESS_NAME_LENGTH
)
327 return STATUS_NAME_TOO_LONG
;
331 RtlInitUnicodeString(&PortName
,
332 L
"\\LsaAuthenticationPort");
334 SecurityQos
.Length
= sizeof(SecurityQos
);
335 SecurityQos
.ImpersonationLevel
= SecurityIdentification
;
336 SecurityQos
.ContextTrackingMode
= SECURITY_DYNAMIC_TRACKING
;
337 SecurityQos
.EffectiveOnly
= TRUE
;
339 strncpy(ConnectInfo
.LogonProcessNameBuffer
,
340 LsaLogonProcessName
->Buffer
,
341 LsaLogonProcessName
->Length
);
342 ConnectInfo
.Length
= LsaLogonProcessName
->Length
;
343 ConnectInfo
.LogonProcessNameBuffer
[ConnectInfo
.Length
] = '\0';
345 Status
= ZwConnectPort(&PortHandle
,
353 if (!NT_SUCCESS(Status
))
355 DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status
);
359 ApiMessage
.ApiNumber
= LSASS_REQUEST_REGISTER_LOGON_PROCESS
;
360 ApiMessage
.h
.u1
.s1
.DataLength
= LSA_PORT_DATA_SIZE(ApiMessage
.RegisterLogonProcess
.Request
);
361 ApiMessage
.h
.u1
.s1
.TotalLength
= LSA_PORT_MESSAGE_SIZE
;
362 ApiMessage
.h
.u2
.ZeroInit
= 0;
364 ApiMessage
.RegisterLogonProcess
.Request
.Length
= LsaLogonProcessName
->Length
;
365 memcpy(ApiMessage
.RegisterLogonProcess
.Request
.LogonProcessNameBuffer
,
366 LsaLogonProcessName
->Buffer
,
367 ApiMessage
.RegisterLogonProcess
.Request
.Length
);
369 Status
= ZwRequestWaitReplyPort(PortHandle
,
370 (PPORT_MESSAGE
)&ApiMessage
,
371 (PPORT_MESSAGE
)&ApiMessage
);
372 if (!NT_SUCCESS(Status
))
374 DPRINT1("ZwRequestWaitReplyPort failed (Status 0x%08lx)\n", Status
);
379 if (!NT_SUCCESS(ApiMessage
.Status
))
381 DPRINT1("ZwRequestWaitReplyPort failed (ApiMessage.Status 0x%08lx)\n", ApiMessage
.Status
);
383 return ApiMessage
.Status
;
386 *Handle
= PortHandle
;
387 *OperationalMode
= ApiMessage
.RegisterLogonProcess
.Reply
.OperationalMode
;
389 DPRINT1("LsaRegisterLogonProcess() done (Status 0x%08lx)\n", Status
);
400 LsaEnumerateLogonSessions(PULONG LogonSessionCount
,
401 PLUID
*LogonSessionList
)
404 return STATUS_NOT_IMPLEMENTED
;
413 LsaGetLogonSessionData(PLUID LogonId
,
414 PSECURITY_LOGON_SESSION_DATA
*ppLogonSessionData
)
417 return STATUS_NOT_IMPLEMENTED
;
426 LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass
,
427 HANDLE NotificationEventHandle
)
430 return STATUS_NOT_IMPLEMENTED
;
439 LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass
,
440 HANDLE NotificationEventHandle
)
443 return STATUS_NOT_IMPLEMENTED
;