2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/lsalib/lsa.c
5 * PURPOSE: Client-side LSA functions
10 /* INCLUDES ******************************************************************/
12 #include <ndk/lpctypes.h>
13 #include <ndk/lpcfuncs.h>
14 #include <ndk/rtlfuncs.h>
15 #include <ndk/obfuncs.h>
16 #include <psdk/ntsecapi.h>
17 #include <lsass/lsass.h>
22 /* GLOBALS *******************************************************************/
24 extern HANDLE Secur32Heap
;
26 /* FUNCTIONS *****************************************************************/
32 LsaDeregisterLogonProcess(HANDLE LsaHandle
)
34 LSA_API_MSG ApiMessage
;
37 DPRINT1("LsaDeregisterLogonProcess()\n");
39 ApiMessage
.ApiNumber
= LSASS_REQUEST_DEREGISTER_LOGON_PROCESS
;
40 ApiMessage
.h
.u1
.s1
.DataLength
= LSA_PORT_DATA_SIZE(ApiMessage
.DeregisterLogonProcess
.Request
);
41 ApiMessage
.h
.u1
.s1
.TotalLength
= LSA_PORT_MESSAGE_SIZE
;
42 ApiMessage
.h
.u2
.ZeroInit
= 0;
44 Status
= ZwRequestWaitReplyPort(LsaHandle
,
45 (PPORT_MESSAGE
)&ApiMessage
,
46 (PPORT_MESSAGE
)&ApiMessage
);
47 if (!NT_SUCCESS(Status
))
49 DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status
);
53 if (!NT_SUCCESS(ApiMessage
.Status
))
55 DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage
.Status
);
56 return ApiMessage
.Status
;
61 DPRINT1("LsaDeregisterLogonProcess() done (Status 0x%08lx)\n", Status
);
71 LsaConnectUntrusted(PHANDLE LsaHandle
)
74 return STATUS_NOT_IMPLEMENTED
;
82 LsaCallAuthenticationPackage(HANDLE LsaHandle
,
83 ULONG AuthenticationPackage
,
84 PVOID ProtocolSubmitBuffer
,
85 ULONG SubmitBufferLength
,
86 PVOID
*ProtocolReturnBuffer
,
87 PULONG ReturnBufferLength
,
88 PNTSTATUS ProtocolStatus
)
90 LSA_API_MSG ApiMessage
;
93 DPRINT1("LsaCallAuthenticationPackage()\n");
95 ApiMessage
.ApiNumber
= LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE
;
96 ApiMessage
.h
.u1
.s1
.DataLength
= LSA_PORT_DATA_SIZE(ApiMessage
.CallAuthenticationPackage
.Request
);
97 ApiMessage
.h
.u1
.s1
.TotalLength
= LSA_PORT_MESSAGE_SIZE
;
98 ApiMessage
.h
.u2
.ZeroInit
= 0;
100 ApiMessage
.CallAuthenticationPackage
.Request
.AuthenticationPackage
= AuthenticationPackage
;
101 ApiMessage
.CallAuthenticationPackage
.Request
.ProtocolSubmitBuffer
= ProtocolSubmitBuffer
;
102 ApiMessage
.CallAuthenticationPackage
.Request
.SubmitBufferLength
= SubmitBufferLength
;
104 Status
= ZwRequestWaitReplyPort(LsaHandle
,
105 (PPORT_MESSAGE
)&ApiMessage
,
106 (PPORT_MESSAGE
)&ApiMessage
);
107 if (!NT_SUCCESS(Status
))
109 DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status
);
113 if (!NT_SUCCESS(ApiMessage
.Status
))
115 DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage
.Status
);
116 return ApiMessage
.Status
;
119 *ProtocolReturnBuffer
= ApiMessage
.CallAuthenticationPackage
.Reply
.ProtocolReturnBuffer
;
120 *ReturnBufferLength
= ApiMessage
.CallAuthenticationPackage
.Reply
.ReturnBufferLength
;
121 *ProtocolStatus
= ApiMessage
.CallAuthenticationPackage
.Reply
.ProtocolStatus
;
127 PLSASS_REQUEST Request
;
129 LSASS_REQUEST RawRequest
;
130 LSASS_REPLY RawReply
;
134 Request
= (PLSASS_REQUEST
)&RawRequest
;
135 Reply
= (PLSASS_REPLY
)&RawReply
;
137 Request
->Header
.u1
.s1
.DataLength
= sizeof(LSASS_REQUEST
) + SubmitBufferLength
-
138 sizeof(PORT_MESSAGE
);
139 Request
->Header
.u1
.s1
.TotalLength
=
140 Request
->Header
.u1
.s1
.DataLength
+ sizeof(PORT_MESSAGE
);
141 Request
->Type
= LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE
;
142 Request
->d
.CallAuthenticationPackageRequest
.AuthenticationPackage
=
143 AuthenticationPackage
;
144 Request
->d
.CallAuthenticationPackageRequest
.InBufferLength
=
146 memcpy(Request
->d
.CallAuthenticationPackageRequest
.InBuffer
,
147 ProtocolSubmitBuffer
,
150 Status
= ZwRequestWaitReplyPort(LsaHandle
,
153 if (!NT_SUCCESS(Status
))
158 if (!NT_SUCCESS(Reply
->Status
))
160 return Reply
->Status
;
163 OutBufferSize
= Reply
->d
.CallAuthenticationPackageReply
.OutBufferLength
;
164 *ProtocolReturnBuffer
= RtlAllocateHeap(Secur32Heap
,
167 *ReturnBufferLength
= OutBufferSize
;
168 memcpy(*ProtocolReturnBuffer
,
169 Reply
->d
.CallAuthenticationPackageReply
.OutBuffer
,
170 *ReturnBufferLength
);
181 LsaFreeReturnBuffer(PVOID Buffer
)
183 return RtlFreeHeap(Secur32Heap
, 0, Buffer
);
191 LsaLookupAuthenticationPackage(HANDLE LsaHandle
,
192 PLSA_STRING PackageName
,
193 PULONG AuthenticationPackage
)
195 LSA_API_MSG ApiMessage
;
198 /* Check the package name length */
199 if (PackageName
->Length
> LSASS_MAX_PACKAGE_NAME_LENGTH
)
201 return STATUS_NAME_TOO_LONG
;
204 ApiMessage
.ApiNumber
= LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE
;
205 ApiMessage
.h
.u1
.s1
.DataLength
= LSA_PORT_DATA_SIZE(ApiMessage
.LookupAuthenticationPackage
.Request
);
206 ApiMessage
.h
.u1
.s1
.TotalLength
= LSA_PORT_MESSAGE_SIZE
;
207 ApiMessage
.h
.u2
.ZeroInit
= 0;
209 ApiMessage
.LookupAuthenticationPackage
.Request
.PackageNameLength
= PackageName
->Length
;
210 strncpy(ApiMessage
.LookupAuthenticationPackage
.Request
.PackageName
,
212 ApiMessage
.LookupAuthenticationPackage
.Request
.PackageNameLength
);
213 ApiMessage
.LookupAuthenticationPackage
.Request
.PackageName
[ApiMessage
.LookupAuthenticationPackage
.Request
.PackageNameLength
] = '\0';
215 Status
= ZwRequestWaitReplyPort(LsaHandle
,
216 (PPORT_MESSAGE
)&ApiMessage
,
217 (PPORT_MESSAGE
)&ApiMessage
);
218 if (!NT_SUCCESS(Status
))
223 if (!NT_SUCCESS(ApiMessage
.Status
))
225 return ApiMessage
.Status
;
228 *AuthenticationPackage
= ApiMessage
.LookupAuthenticationPackage
.Reply
.Package
;
238 LsaLogonUser(HANDLE LsaHandle
,
239 PLSA_STRING OriginName
,
240 SECURITY_LOGON_TYPE LogonType
,
241 ULONG AuthenticationPackage
,
242 PVOID AuthenticationInformation
,
243 ULONG AuthenticationInformationLength
,
244 PTOKEN_GROUPS LocalGroups
,
245 PTOKEN_SOURCE SourceContext
,
246 PVOID
*ProfileBuffer
,
247 PULONG ProfileBufferLength
,
250 PQUOTA_LIMITS Quotas
,
253 LSA_API_MSG ApiMessage
;
256 ApiMessage
.ApiNumber
= LSASS_REQUEST_LOGON_USER
;
257 ApiMessage
.h
.u1
.s1
.DataLength
= LSA_PORT_DATA_SIZE(ApiMessage
.LogonUser
.Request
);
258 ApiMessage
.h
.u1
.s1
.TotalLength
= LSA_PORT_MESSAGE_SIZE
;
259 ApiMessage
.h
.u2
.ZeroInit
= 0;
261 ApiMessage
.LogonUser
.Request
.OriginName
= *OriginName
;
262 ApiMessage
.LogonUser
.Request
.LogonType
= LogonType
;
263 ApiMessage
.LogonUser
.Request
.AuthenticationPackage
= AuthenticationPackage
;
264 ApiMessage
.LogonUser
.Request
.AuthenticationInformation
= AuthenticationInformation
;
265 ApiMessage
.LogonUser
.Request
.AuthenticationInformationLength
= AuthenticationInformationLength
;
266 ApiMessage
.LogonUser
.Request
.LocalGroups
= LocalGroups
;
267 if (LocalGroups
!= NULL
)
268 ApiMessage
.LogonUser
.Request
.LocalGroupsCount
= LocalGroups
->GroupCount
;
270 ApiMessage
.LogonUser
.Request
.LocalGroups
= 0;
271 ApiMessage
.LogonUser
.Request
.SourceContext
= *SourceContext
;
273 Status
= ZwRequestWaitReplyPort(LsaHandle
,
274 (PPORT_MESSAGE
)&ApiMessage
,
275 (PPORT_MESSAGE
)&ApiMessage
);
276 if (!NT_SUCCESS(Status
))
281 if (!NT_SUCCESS(ApiMessage
.Status
))
283 return ApiMessage
.Status
;
286 *ProfileBuffer
= ApiMessage
.LogonUser
.Reply
.ProfileBuffer
;
287 *ProfileBufferLength
= ApiMessage
.LogonUser
.Reply
.ProfileBufferLength
;
288 *LogonId
= ApiMessage
.LogonUser
.Reply
.LogonId
;
289 *Token
= ApiMessage
.LogonUser
.Reply
.Token
;
290 *Quotas
= ApiMessage
.LogonUser
.Reply
.Quotas
;
291 *SubStatus
= ApiMessage
.LogonUser
.Reply
.SubStatus
;
298 PLSASS_REQUEST Request
;
299 LSASS_REQUEST RawMessage
;
301 LSASS_REPLY RawReply
;
304 RequestLength
= sizeof(LSASS_REQUEST
) - sizeof(PORT_MESSAGE
);
305 RequestLength
= RequestLength
+ (OriginName
->Length
* sizeof(WCHAR
));
306 RequestLength
= RequestLength
+ AuthenticationInformationLength
;
307 RequestLength
= RequestLength
+
308 (LocalGroups
->GroupCount
* sizeof(SID_AND_ATTRIBUTES
));
311 Request
= (PLSASS_REQUEST
)&RawMessage
;
313 Request
->d
.LogonUserRequest
.OriginNameLength
= OriginName
->Length
;
314 Request
->d
.LogonUserRequest
.OriginName
= (PWSTR
)&RawMessage
+ CurrentLength
;
315 memcpy((PWSTR
)&RawMessage
+ CurrentLength
,
317 OriginName
->Length
* sizeof(WCHAR
));
318 CurrentLength
= CurrentLength
+ (OriginName
->Length
* sizeof(WCHAR
));
320 Request
->d
.LogonUserRequest
.LogonType
= LogonType
;
322 Request
->d
.LogonUserRequest
.AuthenticationPackage
=
323 AuthenticationPackage
;
325 Request
->d
.LogonUserRequest
.AuthenticationInformation
=
326 (PVOID
)((ULONG_PTR
)&RawMessage
+ CurrentLength
);
327 Request
->d
.LogonUserRequest
.AuthenticationInformationLength
=
328 AuthenticationInformationLength
;
329 memcpy((PVOID
)((ULONG_PTR
)&RawMessage
+ CurrentLength
),
330 AuthenticationInformation
,
331 AuthenticationInformationLength
);
332 CurrentLength
= CurrentLength
+ AuthenticationInformationLength
;
334 Request
->d
.LogonUserRequest
.LocalGroupsCount
= LocalGroups
->GroupCount
;
335 Request
->d
.LogonUserRequest
.LocalGroups
=
336 (PSID_AND_ATTRIBUTES
)&RawMessage
+ CurrentLength
;
337 memcpy((PSID_AND_ATTRIBUTES
)&RawMessage
+ CurrentLength
,
339 LocalGroups
->GroupCount
* sizeof(SID_AND_ATTRIBUTES
));
341 Request
->d
.LogonUserRequest
.SourceContext
= *SourceContext
;
343 Request
->Type
= LSASS_REQUEST_LOGON_USER
;
344 Request
->Header
.u1
.s1
.DataLength
= RequestLength
- sizeof(PORT_MESSAGE
);
345 Request
->Header
.u1
.s1
.TotalLength
= RequestLength
+ sizeof(PORT_MESSAGE
);
347 Reply
= (PLSASS_REPLY
)&RawReply
;
349 Status
= ZwRequestWaitReplyPort(LsaHandle
,
352 if (!NT_SUCCESS(Status
))
357 *SubStatus
= Reply
->d
.LogonUserReply
.SubStatus
;
359 if (!NT_SUCCESS(Reply
->Status
))
364 *ProfileBuffer
= RtlAllocateHeap(Secur32Heap
,
366 Reply
->d
.LogonUserReply
.ProfileBufferLength
);
367 memcpy(*ProfileBuffer
,
368 (PVOID
)((ULONG_PTR
)Reply
->d
.LogonUserReply
.Data
+
369 (ULONG_PTR
)Reply
->d
.LogonUserReply
.ProfileBuffer
),
370 Reply
->d
.LogonUserReply
.ProfileBufferLength
);
371 *LogonId
= Reply
->d
.LogonUserReply
.LogonId
;
372 *Token
= Reply
->d
.LogonUserReply
.Token
;
374 &Reply
->d
.LogonUserReply
.Quotas
,
375 sizeof(Reply
->d
.LogonUserReply
.Quotas
));
386 LsaRegisterLogonProcess(PLSA_STRING LsaLogonProcessName
,
388 PLSA_OPERATIONAL_MODE OperationalMode
)
390 UNICODE_STRING PortName
; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
391 SECURITY_QUALITY_OF_SERVICE SecurityQos
;
392 LSA_CONNECTION_INFO ConnectInfo
;
393 ULONG ConnectInfoLength
= sizeof(ConnectInfo
);
396 DPRINT1("LsaRegisterLogonProcess()\n");
398 /* Check the logon process name length */
399 if (LsaLogonProcessName
->Length
> LSASS_MAX_LOGON_PROCESS_NAME_LENGTH
)
400 return STATUS_NAME_TOO_LONG
;
402 RtlInitUnicodeString(&PortName
,
403 L
"\\LsaAuthenticationPort");
405 SecurityQos
.Length
= sizeof(SecurityQos
);
406 SecurityQos
.ImpersonationLevel
= SecurityIdentification
;
407 SecurityQos
.ContextTrackingMode
= SECURITY_DYNAMIC_TRACKING
;
408 SecurityQos
.EffectiveOnly
= TRUE
;
410 strncpy(ConnectInfo
.LogonProcessNameBuffer
,
411 LsaLogonProcessName
->Buffer
,
412 LsaLogonProcessName
->Length
);
413 ConnectInfo
.Length
= LsaLogonProcessName
->Length
;
414 ConnectInfo
.LogonProcessNameBuffer
[ConnectInfo
.Length
] = '\0';
416 Status
= ZwConnectPort(Handle
,
424 if (!NT_SUCCESS(Status
))
426 DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status
);
430 DPRINT("ConnectInfo.OperationalMode: 0x%08lx\n", ConnectInfo
.OperationalMode
);
431 *OperationalMode
= ConnectInfo
.OperationalMode
;
433 if (!NT_SUCCESS(Status
))
435 DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo
.Status
);
438 return ConnectInfo
.Status
;
447 LsaEnumerateLogonSessions(PULONG LogonSessionCount
,
448 PLUID
*LogonSessionList
)
451 return STATUS_NOT_IMPLEMENTED
;
460 LsaGetLogonSessionData(PLUID LogonId
,
461 PSECURITY_LOGON_SESSION_DATA
*ppLogonSessionData
)
464 return STATUS_NOT_IMPLEMENTED
;
473 LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass
,
474 HANDLE NotificationEventHandle
)
477 return STATUS_NOT_IMPLEMENTED
;
486 LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass
,
487 HANDLE NotificationEventHandle
)
490 return STATUS_NOT_IMPLEMENTED
;