reactos/lib/lsalib/lsa.c

   1 /*
   2  * COPYRIGHT:       See COPYING in the top level directory
   3  * PROJECT:         ReactOS system libraries
   4  * FILE:            lib/lsalib/lsa.c
   5  * PURPOSE:         Client-side LSA functions
   6  * UPDATE HISTORY:
   7  *                  Created 05/08/00
   8  */
   9
  10 /* INCLUDES ******************************************************************/
  11
  12 #include <ndk/lpctypes.h>
  13 #include <ndk/lpcfuncs.h>
  14 #include <ndk/mmfuncs.h>
  15 #include <ndk/rtlfuncs.h>
  16 #include <ndk/obfuncs.h>
  17 #include <psdk/ntsecapi.h>
  18 #include <lsass/lsass.h>
  19
  20 #define NDEBUG
  21 #include <debug.h>
  22
  23 /* GLOBALS *******************************************************************/
  24
  25 extern HANDLE Secur32Heap;
  26
  27 /* FUNCTIONS *****************************************************************/
  28
  29 /*
  30  * @implemented
  31  */
  32 NTSTATUS WINAPI
  33 LsaDeregisterLogonProcess(HANDLE LsaHandle)
  34 {
  35     LSA_API_MSG ApiMessage;
  36     NTSTATUS Status;
  37
  38     DPRINT1("LsaDeregisterLogonProcess()\n");
  39
  40     ApiMessage.ApiNumber = LSASS_REQUEST_DEREGISTER_LOGON_PROCESS;
  41     ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.DeregisterLogonProcess);
  42     ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
  43     ApiMessage.h.u2.ZeroInit = 0;
  44
  45     Status = ZwRequestWaitReplyPort(LsaHandle,
  46                                     (PPORT_MESSAGE)&ApiMessage,
  47                                     (PPORT_MESSAGE)&ApiMessage);
  48     if (!NT_SUCCESS(Status))
  49     {
  50         DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
  51         return Status;
  52     }
  53
  54     if (!NT_SUCCESS(ApiMessage.Status))
  55     {
  56         DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
  57         return ApiMessage.Status;
  58     }
  59
  60     NtClose(LsaHandle);
  61
  62     DPRINT1("LsaDeregisterLogonProcess() done (Status 0x%08lx)\n", Status);
  63
  64     return Status;
  65 }
  66
  67
  68 /*
  69  * @implemented
  70  */
  71 NTSTATUS WINAPI
  72 LsaConnectUntrusted(PHANDLE LsaHandle)
  73 {
  74     UNICODE_STRING PortName; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
  75     SECURITY_QUALITY_OF_SERVICE SecurityQos;
  76     LSA_CONNECTION_INFO ConnectInfo;
  77     ULONG ConnectInfoLength = sizeof(ConnectInfo);
  78     NTSTATUS Status;
  79
  80     DPRINT1("LsaConnectUntrusted(%p)\n", LsaHandle);
  81
  82     RtlInitUnicodeString(&PortName,
  83                          L"\\LsaAuthenticationPort");
  84
  85     SecurityQos.Length              = sizeof(SecurityQos);
  86     SecurityQos.ImpersonationLevel  = SecurityIdentification;
  87     SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
  88     SecurityQos.EffectiveOnly       = TRUE;
  89
  90     RtlZeroMemory(&ConnectInfo,
  91                   ConnectInfoLength);
  92
  93     Status = ZwConnectPort(LsaHandle,
  94                            &PortName,
  95                            &SecurityQos,
  96                            NULL,
  97                            NULL,
  98                            NULL,
  99                            &ConnectInfo,
 100                            &ConnectInfoLength);
 101     if (!NT_SUCCESS(Status))
 102     {
 103         DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status);
 104         return Status;
 105     }
 106
 107     if (!NT_SUCCESS(ConnectInfo.Status))
 108     {
 109         DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo.Status);
 110     }
 111
 112     return ConnectInfo.Status;
 113 }
 114
 115
 116 /*
 117  * @implemented
 118  */
 119 NTSTATUS WINAPI
 120 LsaCallAuthenticationPackage(HANDLE LsaHandle,
 121                              ULONG AuthenticationPackage,
 122                              PVOID ProtocolSubmitBuffer,
 123                              ULONG SubmitBufferLength,
 124                              PVOID *ProtocolReturnBuffer,
 125                              PULONG ReturnBufferLength,
 126                              PNTSTATUS ProtocolStatus)
 127 {
 128     LSA_API_MSG ApiMessage;
 129     NTSTATUS Status;
 130
 131     DPRINT1("LsaCallAuthenticationPackage()\n");
 132
 133     ApiMessage.ApiNumber = LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE;
 134     ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.CallAuthenticationPackage);
 135     ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
 136     ApiMessage.h.u2.ZeroInit = 0;
 137
 138     ApiMessage.CallAuthenticationPackage.Request.AuthenticationPackage = AuthenticationPackage;
 139     ApiMessage.CallAuthenticationPackage.Request.ProtocolSubmitBuffer = ProtocolSubmitBuffer;
 140     ApiMessage.CallAuthenticationPackage.Request.SubmitBufferLength = SubmitBufferLength;
 141
 142     Status = ZwRequestWaitReplyPort(LsaHandle,
 143                                     (PPORT_MESSAGE)&ApiMessage,
 144                                     (PPORT_MESSAGE)&ApiMessage);
 145     if (!NT_SUCCESS(Status))
 146     {
 147         DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
 148         return Status;
 149     }
 150
 151     if (!NT_SUCCESS(ApiMessage.Status))
 152     {
 153         DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
 154         return ApiMessage.Status;
 155     }
 156
 157     *ProtocolReturnBuffer = ApiMessage.CallAuthenticationPackage.Reply.ProtocolReturnBuffer;
 158     *ReturnBufferLength = ApiMessage.CallAuthenticationPackage.Reply.ReturnBufferLength;
 159     *ProtocolStatus = ApiMessage.CallAuthenticationPackage.Reply.ProtocolStatus;
 160
 161     return Status;
 162 }
 163
 164
 165 /*
 166  * @implemented
 167  */
 168 NTSTATUS WINAPI
 169 LsaFreeReturnBuffer(PVOID Buffer)
 170 {
 171     ULONG Length = 0;
 172
 173     return ZwFreeVirtualMemory(NtCurrentProcess(),
 174                                &Buffer,
 175                                &Length,
 176                                MEM_RELEASE);
 177 }
 178
 179
 180 /*
 181  * @implemented
 182  */
 183 NTSTATUS WINAPI
 184 LsaLookupAuthenticationPackage(HANDLE LsaHandle,
 185                                PLSA_STRING PackageName,
 186                                PULONG AuthenticationPackage)
 187 {
 188     LSA_API_MSG ApiMessage;
 189     NTSTATUS Status;
 190
 191     /* Check the package name length */
 192     if (PackageName->Length > LSASS_MAX_PACKAGE_NAME_LENGTH)
 193     {
 194         return STATUS_NAME_TOO_LONG;
 195     }
 196
 197     ApiMessage.ApiNumber = LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE;
 198     ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LookupAuthenticationPackage);
 199     ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
 200     ApiMessage.h.u2.ZeroInit = 0;
 201
 202     ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength = PackageName->Length;
 203     strncpy(ApiMessage.LookupAuthenticationPackage.Request.PackageName,
 204             PackageName->Buffer,
 205             ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength);
 206     ApiMessage.LookupAuthenticationPackage.Request.PackageName[ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength] = '\0';
 207
 208     Status = ZwRequestWaitReplyPort(LsaHandle,
 209                                     (PPORT_MESSAGE)&ApiMessage,
 210                                     (PPORT_MESSAGE)&ApiMessage);
 211     if (!NT_SUCCESS(Status))
 212     {
 213         return Status;
 214     }
 215
 216     if (!NT_SUCCESS(ApiMessage.Status))
 217     {
 218         return ApiMessage.Status;
 219     }
 220
 221     *AuthenticationPackage = ApiMessage.LookupAuthenticationPackage.Reply.Package;
 222
 223     return Status;
 224 }
 225
 226
 227 /*
 228  * @implemented
 229  */
 230 NTSTATUS WINAPI
 231 LsaLogonUser(HANDLE LsaHandle,
 232              PLSA_STRING OriginName,
 233              SECURITY_LOGON_TYPE LogonType,
 234              ULONG AuthenticationPackage,
 235              PVOID AuthenticationInformation,
 236              ULONG AuthenticationInformationLength,
 237              PTOKEN_GROUPS LocalGroups,
 238              PTOKEN_SOURCE SourceContext,
 239              PVOID *ProfileBuffer,
 240              PULONG ProfileBufferLength,
 241              PLUID LogonId,
 242              PHANDLE Token,
 243              PQUOTA_LIMITS Quotas,
 244              PNTSTATUS SubStatus)
 245 {
 246     LSA_API_MSG ApiMessage;
 247     NTSTATUS Status;
 248
 249     ApiMessage.ApiNumber = LSASS_REQUEST_LOGON_USER;
 250     ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LogonUser);
 251     ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
 252     ApiMessage.h.u2.ZeroInit = 0;
 253
 254     ApiMessage.LogonUser.Request.OriginName = *OriginName;
 255     ApiMessage.LogonUser.Request.LogonType = LogonType;
 256     ApiMessage.LogonUser.Request.AuthenticationPackage = AuthenticationPackage;
 257     ApiMessage.LogonUser.Request.AuthenticationInformation = AuthenticationInformation;
 258     ApiMessage.LogonUser.Request.AuthenticationInformationLength = AuthenticationInformationLength;
 259     ApiMessage.LogonUser.Request.LocalGroups = LocalGroups;
 260     if (LocalGroups != NULL)
 261         ApiMessage.LogonUser.Request.LocalGroupsCount = LocalGroups->GroupCount;
 262     else
 263         ApiMessage.LogonUser.Request.LocalGroupsCount = 0;
 264     ApiMessage.LogonUser.Request.SourceContext = *SourceContext;
 265
 266     Status = ZwRequestWaitReplyPort(LsaHandle,
 267                                     (PPORT_MESSAGE)&ApiMessage,
 268                                     (PPORT_MESSAGE)&ApiMessage);
 269     if (!NT_SUCCESS(Status))
 270     {
 271         return Status;
 272     }
 273
 274     if (!NT_SUCCESS(ApiMessage.Status))
 275     {
 276         return ApiMessage.Status;
 277     }
 278
 279     *ProfileBuffer = ApiMessage.LogonUser.Reply.ProfileBuffer;
 280     *ProfileBufferLength = ApiMessage.LogonUser.Reply.ProfileBufferLength;
 281     *LogonId = ApiMessage.LogonUser.Reply.LogonId;
 282     *Token = ApiMessage.LogonUser.Reply.Token;
 283     *Quotas = ApiMessage.LogonUser.Reply.Quotas;
 284     *SubStatus = ApiMessage.LogonUser.Reply.SubStatus;
 285
 286     return Status;
 287 }
 288
 289
 290 /*
 291  * @implemented
 292  */
 293 NTSTATUS WINAPI
 294 LsaRegisterLogonProcess(PLSA_STRING LsaLogonProcessName,
 295                         PHANDLE Handle,
 296                         PLSA_OPERATIONAL_MODE OperationalMode)
 297 {
 298     UNICODE_STRING PortName; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
 299     SECURITY_QUALITY_OF_SERVICE SecurityQos;
 300     LSA_CONNECTION_INFO ConnectInfo;
 301     ULONG ConnectInfoLength = sizeof(ConnectInfo);
 302     NTSTATUS Status;
 303
 304     DPRINT1("LsaRegisterLogonProcess()\n");
 305
 306     /* Check the logon process name length */
 307     if (LsaLogonProcessName->Length > LSASS_MAX_LOGON_PROCESS_NAME_LENGTH)
 308         return STATUS_NAME_TOO_LONG;
 309
 310     RtlInitUnicodeString(&PortName,
 311                          L"\\LsaAuthenticationPort");
 312
 313     SecurityQos.Length              = sizeof(SecurityQos);
 314     SecurityQos.ImpersonationLevel  = SecurityIdentification;
 315     SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
 316     SecurityQos.EffectiveOnly       = TRUE;
 317
 318     strncpy(ConnectInfo.LogonProcessNameBuffer,
 319             LsaLogonProcessName->Buffer,
 320             LsaLogonProcessName->Length);
 321     ConnectInfo.Length = LsaLogonProcessName->Length;
 322     ConnectInfo.LogonProcessNameBuffer[ConnectInfo.Length] = '\0';
 323
 324     Status = ZwConnectPort(Handle,
 325                            &PortName,
 326                            &SecurityQos,
 327                            NULL,
 328                            NULL,
 329                            NULL,
 330                            &ConnectInfo,
 331                            &ConnectInfoLength);
 332     if (!NT_SUCCESS(Status))
 333     {
 334         DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status);
 335         return Status;
 336     }
 337
 338     DPRINT("ConnectInfo.OperationalMode: 0x%08lx\n", ConnectInfo.OperationalMode);
 339     *OperationalMode = ConnectInfo.OperationalMode;
 340
 341     if (!NT_SUCCESS(ConnectInfo.Status))
 342     {
 343         DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo.Status);
 344     }
 345
 346     return ConnectInfo.Status;
 347 }
 348
 349
 350 /*
 351  * @unimplemented
 352  */
 353 NTSTATUS
 354 WINAPI
 355 LsaEnumerateLogonSessions(PULONG LogonSessionCount,
 356                           PLUID *LogonSessionList)
 357 {
 358     UNIMPLEMENTED;
 359     return STATUS_NOT_IMPLEMENTED;
 360 }
 361
 362
 363 /*
 364  * @unimplemented
 365  */
 366 NTSTATUS
 367 WINAPI
 368 LsaGetLogonSessionData(PLUID LogonId,
 369                        PSECURITY_LOGON_SESSION_DATA *ppLogonSessionData)
 370 {
 371     UNIMPLEMENTED;
 372     return STATUS_NOT_IMPLEMENTED;
 373 }
 374
 375
 376 /*
 377  * @unimplemented
 378  */
 379 NTSTATUS
 380 WINAPI
 381 LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,
 382                                     HANDLE NotificationEventHandle)
 383 {
 384     UNIMPLEMENTED;
 385     return STATUS_NOT_IMPLEMENTED;
 386 }
 387
 388
 389 /*
 390  * @unimplemented
 391  */
 392 NTSTATUS
 393 WINAPI
 394 LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,
 395                                       HANDLE NotificationEventHandle)
 396 {
 397     UNIMPLEMENTED;
 398     return STATUS_NOT_IMPLEMENTED;
 399 }