reactos/sdk/lib/lsalib/lsa.c

   1 /*
   2  * COPYRIGHT:       See COPYING in the top level directory
   3  * PROJECT:         ReactOS system libraries
   4  * FILE:            lib/lsalib/lsa.c
   5  * PURPOSE:         Client-side LSA functions
   6  * UPDATE HISTORY:
   7  *                  Created 05/08/00
   8  */
   9
  10 /* INCLUDES ******************************************************************/
  11
  12 #include <ndk/lpctypes.h>
  13 #include <ndk/lpcfuncs.h>
  14 #include <ndk/mmfuncs.h>
  15 #include <ndk/rtlfuncs.h>
  16 #include <ndk/obfuncs.h>
  17 #include <psdk/ntsecapi.h>
  18 #include <lsass/lsass.h>
  19
  20 #define NDEBUG
  21 #include <debug.h>
  22
  23 /* GLOBALS *******************************************************************/
  24
  25 extern HANDLE Secur32Heap;
  26
  27 /* FUNCTIONS *****************************************************************/
  28
  29 /*
  30  * @implemented
  31  */
  32 NTSTATUS
  33 WINAPI
  34 LsaDeregisterLogonProcess(HANDLE LsaHandle)
  35 {
  36     LSA_API_MSG ApiMessage;
  37     NTSTATUS Status;
  38
  39     DPRINT("LsaDeregisterLogonProcess()\n");
  40
  41     ApiMessage.ApiNumber = LSASS_REQUEST_DEREGISTER_LOGON_PROCESS;
  42     ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.DeregisterLogonProcess);
  43     ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
  44     ApiMessage.h.u2.ZeroInit = 0;
  45
  46     Status = ZwRequestWaitReplyPort(LsaHandle,
  47                                     (PPORT_MESSAGE)&ApiMessage,
  48                                     (PPORT_MESSAGE)&ApiMessage);
  49     if (!NT_SUCCESS(Status))
  50     {
  51         DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
  52         return Status;
  53     }
  54
  55     if (!NT_SUCCESS(ApiMessage.Status))
  56     {
  57         DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
  58         return ApiMessage.Status;
  59     }
  60
  61     NtClose(LsaHandle);
  62
  63     DPRINT("LsaDeregisterLogonProcess() done (Status 0x%08lx)\n", Status);
  64
  65     return Status;
  66 }
  67
  68
  69 /*
  70  * @implemented
  71  */
  72 NTSTATUS
  73 WINAPI
  74 LsaConnectUntrusted(PHANDLE LsaHandle)
  75 {
  76     UNICODE_STRING PortName; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
  77     SECURITY_QUALITY_OF_SERVICE SecurityQos;
  78     LSA_CONNECTION_INFO ConnectInfo;
  79     ULONG ConnectInfoLength = sizeof(ConnectInfo);
  80     NTSTATUS Status;
  81
  82     DPRINT("LsaConnectUntrusted(%p)\n", LsaHandle);
  83
  84     RtlInitUnicodeString(&PortName,
  85                          L"\\LsaAuthenticationPort");
  86
  87     SecurityQos.Length              = sizeof(SecurityQos);
  88     SecurityQos.ImpersonationLevel  = SecurityIdentification;
  89     SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
  90     SecurityQos.EffectiveOnly       = TRUE;
  91
  92     RtlZeroMemory(&ConnectInfo,
  93                   ConnectInfoLength);
  94
  95     ConnectInfo.CreateContext = TRUE;
  96
  97     Status = ZwConnectPort(LsaHandle,
  98                            &PortName,
  99                            &SecurityQos,
 100                            NULL,
 101                            NULL,
 102                            NULL,
 103                            &ConnectInfo,
 104                            &ConnectInfoLength);
 105     if (!NT_SUCCESS(Status))
 106     {
 107         DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status);
 108         return Status;
 109     }
 110
 111     if (!NT_SUCCESS(ConnectInfo.Status))
 112     {
 113         DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo.Status);
 114     }
 115
 116     return ConnectInfo.Status;
 117 }
 118
 119
 120 /*
 121  * @implemented
 122  */
 123 NTSTATUS
 124 WINAPI
 125 LsaCallAuthenticationPackage(HANDLE LsaHandle,
 126                              ULONG AuthenticationPackage,
 127                              PVOID ProtocolSubmitBuffer,
 128                              ULONG SubmitBufferLength,
 129                              PVOID *ProtocolReturnBuffer,
 130                              PULONG ReturnBufferLength,
 131                              PNTSTATUS ProtocolStatus)
 132 {
 133     LSA_API_MSG ApiMessage;
 134     NTSTATUS Status;
 135
 136     DPRINT1("LsaCallAuthenticationPackage()\n");
 137
 138     ApiMessage.ApiNumber = LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE;
 139     ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.CallAuthenticationPackage);
 140     ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
 141     ApiMessage.h.u2.ZeroInit = 0;
 142
 143     ApiMessage.CallAuthenticationPackage.Request.AuthenticationPackage = AuthenticationPackage;
 144     ApiMessage.CallAuthenticationPackage.Request.ProtocolSubmitBuffer = ProtocolSubmitBuffer;
 145     ApiMessage.CallAuthenticationPackage.Request.SubmitBufferLength = SubmitBufferLength;
 146
 147     Status = ZwRequestWaitReplyPort(LsaHandle,
 148                                     (PPORT_MESSAGE)&ApiMessage,
 149                                     (PPORT_MESSAGE)&ApiMessage);
 150     if (!NT_SUCCESS(Status))
 151     {
 152         DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
 153         return Status;
 154     }
 155
 156     if (!NT_SUCCESS(ApiMessage.Status))
 157     {
 158         DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
 159         return ApiMessage.Status;
 160     }
 161
 162     *ProtocolReturnBuffer = ApiMessage.CallAuthenticationPackage.Reply.ProtocolReturnBuffer;
 163     *ReturnBufferLength = ApiMessage.CallAuthenticationPackage.Reply.ReturnBufferLength;
 164     *ProtocolStatus = ApiMessage.CallAuthenticationPackage.Reply.ProtocolStatus;
 165
 166     return Status;
 167 }
 168
 169
 170 /*
 171  * @implemented
 172  */
 173 NTSTATUS
 174 WINAPI
 175 LsaFreeReturnBuffer(PVOID Buffer)
 176 {
 177     ULONG Length = 0;
 178
 179     return ZwFreeVirtualMemory(NtCurrentProcess(),
 180                                &Buffer,
 181                                &Length,
 182                                MEM_RELEASE);
 183 }
 184
 185
 186 /*
 187  * @implemented
 188  */
 189 NTSTATUS
 190 WINAPI
 191 LsaLookupAuthenticationPackage(HANDLE LsaHandle,
 192                                PLSA_STRING PackageName,
 193                                PULONG AuthenticationPackage)
 194 {
 195     LSA_API_MSG ApiMessage;
 196     NTSTATUS Status;
 197
 198     /* Check the package name length */
 199     if (PackageName->Length > LSASS_MAX_PACKAGE_NAME_LENGTH)
 200     {
 201         return STATUS_NAME_TOO_LONG;
 202     }
 203
 204     ApiMessage.ApiNumber = LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE;
 205     ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LookupAuthenticationPackage);
 206     ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
 207     ApiMessage.h.u2.ZeroInit = 0;
 208
 209     ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength = PackageName->Length;
 210     strncpy(ApiMessage.LookupAuthenticationPackage.Request.PackageName,
 211             PackageName->Buffer,
 212             ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength);
 213     ApiMessage.LookupAuthenticationPackage.Request.PackageName[ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength] = '\0';
 214
 215     Status = ZwRequestWaitReplyPort(LsaHandle,
 216                                     (PPORT_MESSAGE)&ApiMessage,
 217                                     (PPORT_MESSAGE)&ApiMessage);
 218     if (!NT_SUCCESS(Status))
 219     {
 220         return Status;
 221     }
 222
 223     if (!NT_SUCCESS(ApiMessage.Status))
 224     {
 225         return ApiMessage.Status;
 226     }
 227
 228     *AuthenticationPackage = ApiMessage.LookupAuthenticationPackage.Reply.Package;
 229
 230     return Status;
 231 }
 232
 233
 234 /*
 235  * @implemented
 236  */
 237 NTSTATUS
 238 WINAPI
 239 LsaLogonUser(HANDLE LsaHandle,
 240              PLSA_STRING OriginName,
 241              SECURITY_LOGON_TYPE LogonType,
 242              ULONG AuthenticationPackage,
 243              PVOID AuthenticationInformation,
 244              ULONG AuthenticationInformationLength,
 245              PTOKEN_GROUPS LocalGroups,
 246              PTOKEN_SOURCE SourceContext,
 247              PVOID *ProfileBuffer,
 248              PULONG ProfileBufferLength,
 249              PLUID LogonId,
 250              PHANDLE Token,
 251              PQUOTA_LIMITS Quotas,
 252              PNTSTATUS SubStatus)
 253 {
 254     LSA_API_MSG ApiMessage;
 255     NTSTATUS Status;
 256
 257     ApiMessage.ApiNumber = LSASS_REQUEST_LOGON_USER;
 258     ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LogonUser);
 259     ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
 260     ApiMessage.h.u2.ZeroInit = 0;
 261
 262     ApiMessage.LogonUser.Request.OriginName = *OriginName;
 263     ApiMessage.LogonUser.Request.LogonType = LogonType;
 264     ApiMessage.LogonUser.Request.AuthenticationPackage = AuthenticationPackage;
 265     ApiMessage.LogonUser.Request.AuthenticationInformation = AuthenticationInformation;
 266     ApiMessage.LogonUser.Request.AuthenticationInformationLength = AuthenticationInformationLength;
 267     ApiMessage.LogonUser.Request.LocalGroups = LocalGroups;
 268     if (LocalGroups != NULL)
 269         ApiMessage.LogonUser.Request.LocalGroupsCount = LocalGroups->GroupCount;
 270     else
 271         ApiMessage.LogonUser.Request.LocalGroupsCount = 0;
 272     ApiMessage.LogonUser.Request.SourceContext = *SourceContext;
 273
 274     Status = ZwRequestWaitReplyPort(LsaHandle,
 275                                     (PPORT_MESSAGE)&ApiMessage,
 276                                     (PPORT_MESSAGE)&ApiMessage);
 277     if (!NT_SUCCESS(Status))
 278     {
 279         return Status;
 280     }
 281
 282     *SubStatus = ApiMessage.LogonUser.Reply.SubStatus;
 283
 284     if (!NT_SUCCESS(ApiMessage.Status))
 285     {
 286         return ApiMessage.Status;
 287     }
 288
 289     *ProfileBuffer = ApiMessage.LogonUser.Reply.ProfileBuffer;
 290     *ProfileBufferLength = ApiMessage.LogonUser.Reply.ProfileBufferLength;
 291     *LogonId = ApiMessage.LogonUser.Reply.LogonId;
 292     *Token = ApiMessage.LogonUser.Reply.Token;
 293     *Quotas = ApiMessage.LogonUser.Reply.Quotas;
 294
 295     return Status;
 296 }
 297
 298
 299 /*
 300  * @implemented
 301  */
 302 NTSTATUS
 303 WINAPI
 304 LsaRegisterLogonProcess(PLSA_STRING LsaLogonProcessName,
 305                         PHANDLE Handle,
 306                         PLSA_OPERATIONAL_MODE OperationalMode)
 307 {
 308     UNICODE_STRING PortName; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
 309     SECURITY_QUALITY_OF_SERVICE SecurityQos;
 310     LSA_CONNECTION_INFO ConnectInfo;
 311     ULONG ConnectInfoLength = sizeof(ConnectInfo);
 312     NTSTATUS Status;
 313
 314     DPRINT("LsaRegisterLogonProcess()\n");
 315
 316     /* Check the logon process name length */
 317     if (LsaLogonProcessName->Length > LSASS_MAX_LOGON_PROCESS_NAME_LENGTH)
 318         return STATUS_NAME_TOO_LONG;
 319
 320     RtlInitUnicodeString(&PortName,
 321                          L"\\LsaAuthenticationPort");
 322
 323     SecurityQos.Length              = sizeof(SecurityQos);
 324     SecurityQos.ImpersonationLevel  = SecurityIdentification;
 325     SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
 326     SecurityQos.EffectiveOnly       = TRUE;
 327
 328     strncpy(ConnectInfo.LogonProcessNameBuffer,
 329             LsaLogonProcessName->Buffer,
 330             LsaLogonProcessName->Length);
 331     ConnectInfo.Length = LsaLogonProcessName->Length;
 332     ConnectInfo.LogonProcessNameBuffer[ConnectInfo.Length] = '\0';
 333     ConnectInfo.CreateContext = TRUE;
 334
 335     Status = ZwConnectPort(Handle,
 336                            &PortName,
 337                            &SecurityQos,
 338                            NULL,
 339                            NULL,
 340                            NULL,
 341                            &ConnectInfo,
 342                            &ConnectInfoLength);
 343     if (!NT_SUCCESS(Status))
 344     {
 345         DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status);
 346         return Status;
 347     }
 348
 349     DPRINT("ConnectInfo.OperationalMode: 0x%08lx\n", ConnectInfo.OperationalMode);
 350     *OperationalMode = ConnectInfo.OperationalMode;
 351
 352     if (!NT_SUCCESS(ConnectInfo.Status))
 353     {
 354         DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo.Status);
 355     }
 356
 357     return ConnectInfo.Status;
 358 }
 359