projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[LSALIB/LSASRV]
[reactos.git] / reactos / lib / lsalib / lsa.c
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/lsalib/lsa.c
5 * PURPOSE: Client-side LSA functions
6 * UPDATE HISTORY:
7 * Created 05/08/00
8 */
9
10 /* INCLUDES ******************************************************************/
11
12 #include <ndk/lpctypes.h>
13 #include <ndk/lpcfuncs.h>
14 #include <ndk/rtlfuncs.h>
15 #include <ndk/obfuncs.h>
16 #include <psdk/ntsecapi.h>
17 #include <lsass/lsass.h>
18
19 #define NDEBUG
20 #include <debug.h>
21
22 /* GLOBALS *******************************************************************/
23
24 extern HANDLE Secur32Heap;
25
26 /* FUNCTIONS *****************************************************************/
27
28 /*
29 * @implemented
30 */
31 NTSTATUS WINAPI
32 LsaDeregisterLogonProcess(HANDLE LsaHandle)
33 {
34 LSA_API_MSG ApiMessage;
35 NTSTATUS Status;
36
37 DPRINT1("LsaDeregisterLogonProcess()\n");
38
39 ApiMessage.ApiNumber = LSASS_REQUEST_DEREGISTER_LOGON_PROCESS;
40 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.DeregisterLogonProcess.Request);
41 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
42 ApiMessage.h.u2.ZeroInit = 0;
43
44 Status = ZwRequestWaitReplyPort(LsaHandle,
45 (PPORT_MESSAGE)&ApiMessage,
46 (PPORT_MESSAGE)&ApiMessage);
47 if (!NT_SUCCESS(Status))
48 {
49 DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
50 return Status;
51 }
52
53 if (!NT_SUCCESS(ApiMessage.Status))
54 {
55 DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
56 return ApiMessage.Status;
57 }
58
59 NtClose(LsaHandle);
60
61 DPRINT1("LsaDeregisterLogonProcess() done (Status 0x%08lx)\n", Status);
62
63 return Status;
64 }
65
66
67 /*
68 * @unimplemented
69 */
70 NTSTATUS WINAPI
71 LsaConnectUntrusted(PHANDLE LsaHandle)
72 {
73 UNIMPLEMENTED;
74 return STATUS_NOT_IMPLEMENTED;
75 }
76
77
78 /*
79 * @implemented
80 */
81 NTSTATUS WINAPI
82 LsaCallAuthenticationPackage(HANDLE LsaHandle,
83 ULONG AuthenticationPackage,
84 PVOID ProtocolSubmitBuffer,
85 ULONG SubmitBufferLength,
86 PVOID *ProtocolReturnBuffer,
87 PULONG ReturnBufferLength,
88 PNTSTATUS ProtocolStatus)
89 {
90 LSA_API_MSG ApiMessage;
91 NTSTATUS Status;
92
93 DPRINT1("LsaCallAuthenticationPackage()\n");
94
95 ApiMessage.ApiNumber = LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE;
96 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.CallAuthenticationPackage.Request);
97 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
98 ApiMessage.h.u2.ZeroInit = 0;
99
100 ApiMessage.CallAuthenticationPackage.Request.AuthenticationPackage = AuthenticationPackage;
101 ApiMessage.CallAuthenticationPackage.Request.ProtocolSubmitBuffer = ProtocolSubmitBuffer;
102 ApiMessage.CallAuthenticationPackage.Request.SubmitBufferLength = SubmitBufferLength;
103
104 Status = ZwRequestWaitReplyPort(LsaHandle,
105 (PPORT_MESSAGE)&ApiMessage,
106 (PPORT_MESSAGE)&ApiMessage);
107 if (!NT_SUCCESS(Status))
108 {
109 DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
110 return Status;
111 }
112
113 if (!NT_SUCCESS(ApiMessage.Status))
114 {
115 DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
116 return ApiMessage.Status;
117 }
118
119 *ProtocolReturnBuffer = ApiMessage.CallAuthenticationPackage.Reply.ProtocolReturnBuffer;
120 *ReturnBufferLength = ApiMessage.CallAuthenticationPackage.Reply.ReturnBufferLength;
121 *ProtocolStatus = ApiMessage.CallAuthenticationPackage.Reply.ProtocolStatus;
122
123 return Status;
124
125
126 #if 0
127 PLSASS_REQUEST Request;
128 PLSASS_REPLY Reply;
129 LSASS_REQUEST RawRequest;
130 LSASS_REPLY RawReply;
131 NTSTATUS Status;
132 ULONG OutBufferSize;
133
134 Request = (PLSASS_REQUEST)&RawRequest;
135 Reply = (PLSASS_REPLY)&RawReply;
136
137 Request->Header.u1.s1.DataLength = sizeof(LSASS_REQUEST) + SubmitBufferLength -
138 sizeof(PORT_MESSAGE);
139 Request->Header.u1.s1.TotalLength =
140 Request->Header.u1.s1.DataLength + sizeof(PORT_MESSAGE);
141 Request->Type = LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE;
142 Request->d.CallAuthenticationPackageRequest.AuthenticationPackage =
143 AuthenticationPackage;
144 Request->d.CallAuthenticationPackageRequest.InBufferLength =
145 SubmitBufferLength;
146 memcpy(Request->d.CallAuthenticationPackageRequest.InBuffer,
147 ProtocolSubmitBuffer,
148 SubmitBufferLength);
149
150 Status = ZwRequestWaitReplyPort(LsaHandle,
151 &Request->Header,
152 &Reply->Header);
153 if (!NT_SUCCESS(Status))
154 {
155 return Status;
156 }
157
158 if (!NT_SUCCESS(Reply->Status))
159 {
160 return Reply->Status;
161 }
162
163 OutBufferSize = Reply->d.CallAuthenticationPackageReply.OutBufferLength;
164 *ProtocolReturnBuffer = RtlAllocateHeap(Secur32Heap,
165 0,
166 OutBufferSize);
167 *ReturnBufferLength = OutBufferSize;
168 memcpy(*ProtocolReturnBuffer,
169 Reply->d.CallAuthenticationPackageReply.OutBuffer,
170 *ReturnBufferLength);
171
172 return Status;
173 #endif
174 }
175
176
177 /*
178 * @implemented
179 */
180 NTSTATUS WINAPI
181 LsaFreeReturnBuffer(PVOID Buffer)
182 {
183 return RtlFreeHeap(Secur32Heap, 0, Buffer);
184 }
185
186
187 /*
188 * @implemented
189 */
190 NTSTATUS WINAPI
191 LsaLookupAuthenticationPackage(HANDLE LsaHandle,
192 PLSA_STRING PackageName,
193 PULONG AuthenticationPackage)
194 {
195 LSA_API_MSG ApiMessage;
196 NTSTATUS Status;
197
198 /* Check the package name length */
199 if (PackageName->Length > LSASS_MAX_PACKAGE_NAME_LENGTH)
200 {
201 return STATUS_NAME_TOO_LONG;
202 }
203
204 ApiMessage.ApiNumber = LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE;
205 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LookupAuthenticationPackage.Request);
206 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
207 ApiMessage.h.u2.ZeroInit = 0;
208
209 ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength = PackageName->Length;
210 strncpy(ApiMessage.LookupAuthenticationPackage.Request.PackageName,
211 PackageName->Buffer,
212 ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength);
213 ApiMessage.LookupAuthenticationPackage.Request.PackageName[ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength] = '\0';
214
215 Status = ZwRequestWaitReplyPort(LsaHandle,
216 (PPORT_MESSAGE)&ApiMessage,
217 (PPORT_MESSAGE)&ApiMessage);
218 if (!NT_SUCCESS(Status))
219 {
220 return Status;
221 }
222
223 if (!NT_SUCCESS(ApiMessage.Status))
224 {
225 return ApiMessage.Status;
226 }
227
228 *AuthenticationPackage = ApiMessage.LookupAuthenticationPackage.Reply.Package;
229
230 return Status;
231 }
232
233
234 /*
235 * @implemented
236 */
237 NTSTATUS WINAPI
238 LsaLogonUser(HANDLE LsaHandle,
239 PLSA_STRING OriginName,
240 SECURITY_LOGON_TYPE LogonType,
241 ULONG AuthenticationPackage,
242 PVOID AuthenticationInformation,
243 ULONG AuthenticationInformationLength,
244 PTOKEN_GROUPS LocalGroups,
245 PTOKEN_SOURCE SourceContext,
246 PVOID *ProfileBuffer,
247 PULONG ProfileBufferLength,
248 PLUID LogonId,
249 PHANDLE Token,
250 PQUOTA_LIMITS Quotas,
251 PNTSTATUS SubStatus)
252 {
253 LSA_API_MSG ApiMessage;
254 NTSTATUS Status;
255
256 ApiMessage.ApiNumber = LSASS_REQUEST_LOGON_USER;
257 ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LogonUser.Request);
258 ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
259 ApiMessage.h.u2.ZeroInit = 0;
260
261 ApiMessage.LogonUser.Request.OriginName = *OriginName;
262 ApiMessage.LogonUser.Request.LogonType = LogonType;
263 ApiMessage.LogonUser.Request.AuthenticationPackage = AuthenticationPackage;
264 ApiMessage.LogonUser.Request.AuthenticationInformation = AuthenticationInformation;
265 ApiMessage.LogonUser.Request.AuthenticationInformationLength = AuthenticationInformationLength;
266 ApiMessage.LogonUser.Request.LocalGroups = LocalGroups;
267 if (LocalGroups != NULL)
268 ApiMessage.LogonUser.Request.LocalGroupsCount = LocalGroups->GroupCount;
269 else
270 ApiMessage.LogonUser.Request.LocalGroups = 0;
271 ApiMessage.LogonUser.Request.SourceContext = *SourceContext;
272
273 Status = ZwRequestWaitReplyPort(LsaHandle,
274 (PPORT_MESSAGE)&ApiMessage,
275 (PPORT_MESSAGE)&ApiMessage);
276 if (!NT_SUCCESS(Status))
277 {
278 return Status;
279 }
280
281 if (!NT_SUCCESS(ApiMessage.Status))
282 {
283 return ApiMessage.Status;
284 }
285
286 *ProfileBuffer = ApiMessage.LogonUser.Reply.ProfileBuffer;
287 *ProfileBufferLength = ApiMessage.LogonUser.Reply.ProfileBufferLength;
288 *LogonId = ApiMessage.LogonUser.Reply.LogonId;
289 *Token = ApiMessage.LogonUser.Reply.Token;
290 *Quotas = ApiMessage.LogonUser.Reply.Quotas;
291 *SubStatus = ApiMessage.LogonUser.Reply.SubStatus;
292
293 return Status;
294
295 #if 0
296 ULONG RequestLength;
297 ULONG CurrentLength;
298 PLSASS_REQUEST Request;
299 LSASS_REQUEST RawMessage;
300 PLSASS_REPLY Reply;
301 LSASS_REPLY RawReply;
302 NTSTATUS Status;
303
304 RequestLength = sizeof(LSASS_REQUEST) - sizeof(PORT_MESSAGE);
305 RequestLength = RequestLength + (OriginName->Length * sizeof(WCHAR));
306 RequestLength = RequestLength + AuthenticationInformationLength;
307 RequestLength = RequestLength +
308 (LocalGroups->GroupCount * sizeof(SID_AND_ATTRIBUTES));
309
310 CurrentLength = 0;
311 Request = (PLSASS_REQUEST)&RawMessage;
312
313 Request->d.LogonUserRequest.OriginNameLength = OriginName->Length;
314 Request->d.LogonUserRequest.OriginName = (PWSTR)&RawMessage + CurrentLength;
315 memcpy((PWSTR)&RawMessage + CurrentLength,
316 OriginName->Buffer,
317 OriginName->Length * sizeof(WCHAR));
318 CurrentLength = CurrentLength + (OriginName->Length * sizeof(WCHAR));
319
320 Request->d.LogonUserRequest.LogonType = LogonType;
321
322 Request->d.LogonUserRequest.AuthenticationPackage =
323 AuthenticationPackage;
324
325 Request->d.LogonUserRequest.AuthenticationInformation =
326 (PVOID)((ULONG_PTR)&RawMessage + CurrentLength);
327 Request->d.LogonUserRequest.AuthenticationInformationLength =
328 AuthenticationInformationLength;
329 memcpy((PVOID)((ULONG_PTR)&RawMessage + CurrentLength),
330 AuthenticationInformation,
331 AuthenticationInformationLength);
332 CurrentLength = CurrentLength + AuthenticationInformationLength;
333
334 Request->d.LogonUserRequest.LocalGroupsCount = LocalGroups->GroupCount;
335 Request->d.LogonUserRequest.LocalGroups =
336 (PSID_AND_ATTRIBUTES)&RawMessage + CurrentLength;
337 memcpy((PSID_AND_ATTRIBUTES)&RawMessage + CurrentLength,
338 LocalGroups->Groups,
339 LocalGroups->GroupCount * sizeof(SID_AND_ATTRIBUTES));
340
341 Request->d.LogonUserRequest.SourceContext = *SourceContext;
342
343 Request->Type = LSASS_REQUEST_LOGON_USER;
344 Request->Header.u1.s1.DataLength = RequestLength - sizeof(PORT_MESSAGE);
345 Request->Header.u1.s1.TotalLength = RequestLength + sizeof(PORT_MESSAGE);
346
347 Reply = (PLSASS_REPLY)&RawReply;
348
349 Status = ZwRequestWaitReplyPort(LsaHandle,
350 &Request->Header,
351 &Reply->Header);
352 if (!NT_SUCCESS(Status))
353 {
354 return Status;
355 }
356
357 *SubStatus = Reply->d.LogonUserReply.SubStatus;
358
359 if (!NT_SUCCESS(Reply->Status))
360 {
361 return Status;
362 }
363
364 *ProfileBuffer = RtlAllocateHeap(Secur32Heap,
365 0,
366 Reply->d.LogonUserReply.ProfileBufferLength);
367 memcpy(*ProfileBuffer,
368 (PVOID)((ULONG_PTR)Reply->d.LogonUserReply.Data +
369 (ULONG_PTR)Reply->d.LogonUserReply.ProfileBuffer),
370 Reply->d.LogonUserReply.ProfileBufferLength);
371 *LogonId = Reply->d.LogonUserReply.LogonId;
372 *Token = Reply->d.LogonUserReply.Token;
373 memcpy(Quotas,
374 &Reply->d.LogonUserReply.Quotas,
375 sizeof(Reply->d.LogonUserReply.Quotas));
376
377 return Status;
378 #endif
379 }
380
381
382 /*
383 * @implemented
384 */
385 NTSTATUS WINAPI
386 LsaRegisterLogonProcess(PLSA_STRING LsaLogonProcessName,
387 PHANDLE Handle,
388 PLSA_OPERATIONAL_MODE OperationalMode)
389 {
390 UNICODE_STRING PortName; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
391 SECURITY_QUALITY_OF_SERVICE SecurityQos;
392 LSA_CONNECTION_INFO ConnectInfo;
393 ULONG ConnectInfoLength = sizeof(ConnectInfo);
394 NTSTATUS Status;
395
396 DPRINT1("LsaRegisterLogonProcess()\n");
397
398 /* Check the logon process name length */
399 if (LsaLogonProcessName->Length > LSASS_MAX_LOGON_PROCESS_NAME_LENGTH)
400 return STATUS_NAME_TOO_LONG;
401
402 RtlInitUnicodeString(&PortName,
403 L"\\LsaAuthenticationPort");
404
405 SecurityQos.Length = sizeof(SecurityQos);
406 SecurityQos.ImpersonationLevel = SecurityIdentification;
407 SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
408 SecurityQos.EffectiveOnly = TRUE;
409
410 strncpy(ConnectInfo.LogonProcessNameBuffer,
411 LsaLogonProcessName->Buffer,
412 LsaLogonProcessName->Length);
413 ConnectInfo.Length = LsaLogonProcessName->Length;
414 ConnectInfo.LogonProcessNameBuffer[ConnectInfo.Length] = '\0';
415
416 Status = ZwConnectPort(Handle,
417 &PortName,
418 &SecurityQos,
419 NULL,
420 NULL,
421 NULL,
422 &ConnectInfo,
423 &ConnectInfoLength);
424 if (!NT_SUCCESS(Status))
425 {
426 DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status);
427 return Status;
428 }
429
430 DPRINT("ConnectInfo.OperationalMode: 0x%08lx\n", ConnectInfo.OperationalMode);
431 *OperationalMode = ConnectInfo.OperationalMode;
432
433 if (!NT_SUCCESS(Status))
434 {
435 DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo.Status);
436 }
437
438 return ConnectInfo.Status;
439 }
440
441
442 /*
443 * @unimplemented
444 */
445 NTSTATUS
446 WINAPI
447 LsaEnumerateLogonSessions(PULONG LogonSessionCount,
448 PLUID *LogonSessionList)
449 {
450 UNIMPLEMENTED;
451 return STATUS_NOT_IMPLEMENTED;
452 }
453
454
455 /*
456 * @unimplemented
457 */
458 NTSTATUS
459 WINAPI
460 LsaGetLogonSessionData(PLUID LogonId,
461 PSECURITY_LOGON_SESSION_DATA *ppLogonSessionData)
462 {
463 UNIMPLEMENTED;
464 return STATUS_NOT_IMPLEMENTED;
465 }
466
467
468 /*
469 * @unimplemented
470 */
471 NTSTATUS
472 WINAPI
473 LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,
474 HANDLE NotificationEventHandle)
475 {
476 UNIMPLEMENTED;
477 return STATUS_NOT_IMPLEMENTED;
478 }
479
480
481 /*
482 * @unimplemented
483 */
484 NTSTATUS
485 WINAPI
486 LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,
487 HANDLE NotificationEventHandle)
488 {
489 UNIMPLEMENTED;
490 return STATUS_NOT_IMPLEMENTED;
491 }
A free Windows-compatible Operating System