[ADVAPI32]

Enable the new SAM-based logon system.

Using your own accounts to log-on to ReactOS will still fail because of bugs in winlogon, userenv.dll and the registry. But at least the infrastructure is in place and we can start to fix the reamining bugs. All accounts still use a hard-coded privilege set, but this will be fixed as soon as possible.

svn path=/trunk/; revision=60800

diff --git a/reactos/boot/bootdata/hivesft.inf b/reactos/boot/bootdata/hivesft.inf
index 143432f..909a5bf 100644 (file)
--- a/reactos/boot/bootdata/hivesft.inf
+++ b/reactos/boot/bootdata/hivesft.inf
@@ -324,7 +324,7 @@ HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones","IndexMapping",0x
    "81d", "125",\\r
    "422", "125",\\r
    "402", "125",\\r
    "81d", "125",\\r
    "422", "125",\\r
    "402", "125",\\r

-   "427", "125",\   \r
+   "427", "125",\\r

    "408", "130",\\r
    "41f", "130",\\r
    "418", "130",\\r
    "408", "130",\\r
    "41f", "130",\\r
    "418", "130",\\r


@@ -1067,7 +1067,8 @@ HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","Shell",0x00020000,
 HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","Userinit",0x00020000,"%SystemRoot%\system32\userinit.exe"\r
 HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","AutoAdminLogon",0x00000000,"1"\r
 HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","DefaultUserName",0x00000000,"Administrator"\r
 HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","Userinit",0x00020000,"%SystemRoot%\system32\userinit.exe"\r
 HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","AutoAdminLogon",0x00000000,"1"\r
 HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","DefaultUserName",0x00000000,"Administrator"\r

-HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","DefaultPassword",0x00000000,"Secret"\r
+;HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","DefaultPassword",0x00000000,"Secret"\r
+HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","DefaultPassword",0x00000000,""\r

 \r
 ; Time Zone Servers\r
 HKLM,"SOFTWARE\Microsoft\Windows\CurrentVersion\DateTime\Servers","1",0x00000000,"pool.ntp.org"\r
 \r
 ; Time Zone Servers\r
 HKLM,"SOFTWARE\Microsoft\Windows\CurrentVersion\DateTime\Servers","1",0x00000000,"pool.ntp.org"\r

diff --git a/reactos/dll/win32/advapi32/CMakeLists.txt b/reactos/dll/win32/advapi32/CMakeLists.txt
index 6e79c73..50e7423 100644 (file)
--- a/reactos/dll/win32/advapi32/CMakeLists.txt
+++ b/reactos/dll/win32/advapi32/CMakeLists.txt
@@ -58,7 +58,7 @@ add_library(advapi32 SHARED ${SOURCE})
 set_module_type(advapi32 win32dll UNICODE)
 target_link_libraries(advapi32 wine ${PSEH_LIB})
 add_delay_importlibs(advapi32 rpcrt4)
 set_module_type(advapi32 win32dll UNICODE)
 target_link_libraries(advapi32 wine ${PSEH_LIB})
 add_delay_importlibs(advapi32 rpcrt4)

-add_importlibs(advapi32 msvcrt kernel32 ntdll)
+add_importlibs(advapi32 secur32 msvcrt kernel32 ntdll)

 
 add_pch(advapi32 advapi32.h
     ${CMAKE_CURRENT_BINARY_DIR}/lsa_c.h
 
 add_pch(advapi32 advapi32.h
     ${CMAKE_CURRENT_BINARY_DIR}/lsa_c.h

diff --git a/reactos/dll/win32/advapi32/misc/logon.c b/reactos/dll/win32/advapi32/misc/logon.c
index 950b425..4f0f9f0 100644 (file)
--- a/reactos/dll/win32/advapi32/misc/logon.c
+++ b/reactos/dll/win32/advapi32/misc/logon.c
@@ -9,6 +9,7 @@
 #include <advapi32.h>
 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
 
 #include <advapi32.h>
 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
 

+#define NEW_LOGON

 
 /* FUNCTIONS ***************************************************************/
 
 
 /* FUNCTIONS ***************************************************************/
 


@@ -212,6 +213,7 @@ UsernameDone:
 }
 
 
 }
 
 

+#ifndef NEW_LOGON

 static BOOL WINAPI
 GetAccountDomainSid(PSID *Sid)
 {
 static BOOL WINAPI
 GetAccountDomainSid(PSID *Sid)
 {


@@ -565,6 +567,7 @@ FreeGroupSids(PTOKEN_GROUPS TokenGroups)
 
     RtlFreeHeap(GetProcessHeap(), 0, TokenGroups);
 }
 
     RtlFreeHeap(GetProcessHeap(), 0, TokenGroups);
 }

+#endif

 
 
 /*
 
 
 /*


@@ -578,6 +581,196 @@ LogonUserW(LPWSTR lpszUsername,
            DWORD dwLogonProvider,
            PHANDLE phToken)
 {
            DWORD dwLogonProvider,
            PHANDLE phToken)
 {

+#ifdef NEW_LOGON
+    LSA_STRING LogonProcessName;
+    LSA_STRING PackageName;
+    HANDLE LsaHandle = NULL;
+    LSA_OPERATIONAL_MODE SecurityMode = 0;
+    ULONG AuthenticationPackage = 0;
+
+    LSA_STRING OriginName;
+    UNICODE_STRING DomainName;
+    UNICODE_STRING UserName;
+    UNICODE_STRING Password;
+    PMSV1_0_INTERACTIVE_LOGON AuthInfo = NULL;
+    ULONG AuthInfoLength;
+    ULONG_PTR Ptr;
+    TOKEN_SOURCE TokenSource;
+
+    PMSV1_0_INTERACTIVE_PROFILE ProfileBuffer = NULL;
+    ULONG ProfileBufferLength = 0;
+    LUID Luid = {0, 0};
+    HANDLE TokenHandle = NULL;
+    QUOTA_LIMITS QuotaLimits;
+    NTSTATUS SubStatus = STATUS_SUCCESS;
+    NTSTATUS Status;
+
+    *phToken = NULL;
+
+    RtlInitAnsiString((PANSI_STRING)&LogonProcessName,
+                      "User32LogonProcess");
+
+    Status = LsaRegisterLogonProcess(&LogonProcessName,
+                                     &LsaHandle,
+                                     &SecurityMode);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("LsaRegisterLogonProcess failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    RtlInitAnsiString((PANSI_STRING)&PackageName,
+                      MSV1_0_PACKAGE_NAME);
+
+    Status = LsaLookupAuthenticationPackage(LsaHandle,
+                                            &PackageName,
+                                            &AuthenticationPackage);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("LsaLookupAuthenticationPackage failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    TRACE("AuthenticationPackage: 0x%08lx\n", AuthenticationPackage);
+
+
+    RtlInitAnsiString((PANSI_STRING)&OriginName,
+                      "Testapp");
+
+    RtlInitUnicodeString(&DomainName,
+                         lpszDomain);
+
+    RtlInitUnicodeString(&UserName,
+                         lpszUsername);
+
+    RtlInitUnicodeString(&Password,
+                         lpszPassword);
+
+    AuthInfoLength = sizeof(MSV1_0_INTERACTIVE_LOGON)+
+                     DomainName.MaximumLength +
+                     UserName.MaximumLength +
+                     Password.MaximumLength;
+
+    AuthInfo = RtlAllocateHeap(RtlGetProcessHeap(),
+                               HEAP_ZERO_MEMORY,
+                               AuthInfoLength);
+    if (AuthInfo == NULL)
+    {
+        Status = STATUS_INSUFFICIENT_RESOURCES;
+        goto done;
+    }
+
+
+    AuthInfo->MessageType = MsV1_0InteractiveLogon;
+
+    Ptr = (ULONG_PTR)AuthInfo + sizeof(MSV1_0_INTERACTIVE_LOGON);
+
+    AuthInfo->LogonDomainName.Length = DomainName.Length;
+    AuthInfo->LogonDomainName.MaximumLength = DomainName.MaximumLength;
+    AuthInfo->LogonDomainName.Buffer = (DomainName.Buffer == NULL) ? NULL : (PWCHAR)Ptr;
+    if (DomainName.MaximumLength > 0)
+    {
+        RtlCopyMemory(AuthInfo->LogonDomainName.Buffer,
+                      DomainName.Buffer,
+                      DomainName.MaximumLength);
+
+        Ptr += DomainName.MaximumLength;
+    }
+
+    AuthInfo->UserName.Length = UserName.Length;
+    AuthInfo->UserName.MaximumLength = UserName.MaximumLength;
+    AuthInfo->UserName.Buffer = (PWCHAR)Ptr;
+    if (UserName.MaximumLength > 0)
+        RtlCopyMemory(AuthInfo->UserName.Buffer,
+                      UserName.Buffer,
+                      UserName.MaximumLength);
+
+    Ptr += UserName.MaximumLength;
+
+    AuthInfo->Password.Length = Password.Length;
+    AuthInfo->Password.MaximumLength = Password.MaximumLength;
+    AuthInfo->Password.Buffer = (PWCHAR)Ptr;
+    if (Password.MaximumLength > 0)
+        RtlCopyMemory(AuthInfo->Password.Buffer,
+                      Password.Buffer,
+                      Password.MaximumLength);
+
+    /* FIXME: Add LocalGroups here */
+
+    strcpy(TokenSource.SourceName, "Bla");
+    AllocateLocallyUniqueId(&TokenSource.SourceIdentifier);
+
+    Status = LsaLogonUser(LsaHandle,
+                          &OriginName,
+                          Interactive,
+                          AuthenticationPackage,
+                          (PVOID)AuthInfo,
+                          AuthInfoLength,
+                          NULL, /* LocalGroups */
+                          &TokenSource,
+                          (PVOID*)&ProfileBuffer,
+                          &ProfileBufferLength,
+                          &Luid,
+                          &TokenHandle,
+                          &QuotaLimits,
+                          &SubStatus);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("LsaLogonUser failed (Status 0x%08lx)\n", Status);
+        goto done;
+    }
+
+    if (ProfileBuffer != NULL)
+    {
+        TRACE("ProfileBuffer: %p\n", ProfileBuffer);
+        TRACE("MessageType: %u\n", ProfileBuffer->MessageType);
+
+        TRACE("FullName: %p\n", ProfileBuffer->FullName.Buffer);
+        TRACE("FullName: %S\n", ProfileBuffer->FullName.Buffer);
+
+        TRACE("LogonServer: %p\n", ProfileBuffer->LogonServer.Buffer);
+        TRACE("LogonServer: %S\n", ProfileBuffer->LogonServer.Buffer);
+    }
+
+    TRACE("Luid: 0x%08lx%08lx\n", Luid.HighPart, Luid.LowPart);
+
+    if (TokenHandle != NULL)
+    {
+        TRACE("TokenHandle: %p\n", TokenHandle);
+    }
+
+    *phToken = TokenHandle;
+
+done:
+    if (ProfileBuffer != NULL)
+        LsaFreeReturnBuffer(ProfileBuffer);
+
+    if (!NT_SUCCESS(Status))
+    {
+        if (TokenHandle != NULL)
+            CloseHandle(TokenHandle);
+    }
+
+    if (AuthInfo != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, AuthInfo);
+
+    if (LsaHandle != NULL)
+    {
+        Status = LsaDeregisterLogonProcess(LsaHandle);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("LsaDeregisterLogonProcess failed (Status 0x%08lx)\n", Status);
+        }
+    }
+
+    if (!NT_SUCCESS(Status))
+    {
+        SetLastError(RtlNtStatusToDosError(Status));
+        return FALSE;
+    }
+
+    return TRUE;
+#else

     /* FIXME shouldn't use hard-coded list of privileges */
     static struct
     {
     /* FIXME shouldn't use hard-coded list of privileges */
     static struct
     {


@@ -776,6 +969,7 @@ done:
         RtlFreeHeap(GetProcessHeap(), 0, UserSid);
 
     return NT_SUCCESS(Status);
         RtlFreeHeap(GetProcessHeap(), 0, UserSid);
 
     return NT_SUCCESS(Status);

+#endif

 }
 
 /* EOF */
 }
 
 /* EOF */