From: Eric Kohl <eric.kohl@reactos.org>
Date: Sun, 9 Dec 2012 11:34:09 +0000 (+0000)
Subject: [LSASRV]
X-Git-Tag: backups/ros-csrss@60644~107^2~27
X-Git-Url: https://git.reactos.org/?p=reactos.git;a=commitdiff_plain;h=90b34c856cca9818a7e28101083c5dad7da1fc5c

[LSASRV]
- LsarQueryAuditEvents: Do not fail if the PolAdtEv attribute does not exist and return proper inormation to the caller.
- Implement LsarSetAuditEvents.

svn path=/trunk/; revision=57837
---

diff --git a/reactos/dll/win32/lsasrv/policy.c b/reactos/dll/win32/lsasrv/policy.c
index 8b3b3cf7302..af8d1ce0b86 100644
--- a/reactos/dll/win32/lsasrv/policy.c
+++ b/reactos/dll/win32/lsasrv/policy.c
@@ -90,6 +90,7 @@ LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
     if (!NT_SUCCESS(Status))
         return Status;
 
+    TRACE("Attribute size: %lu\n", AttributeSize);
     if (AttributeSize > 0)
     {
         AuditData = MIDL_user_allocate(AttributeSize);
@@ -102,14 +103,23 @@ LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
                                         &AttributeSize);
         if (!NT_SUCCESS(Status))
             goto done;
+    }
 
-        p = MIDL_user_allocate(sizeof(LSAPR_POLICY_AUDIT_EVENTS_INFO));
-        if (p == NULL)
-        {
-            Status = STATUS_INSUFFICIENT_RESOURCES;
-            goto done;
-        }
+    p = MIDL_user_allocate(sizeof(LSAPR_POLICY_AUDIT_EVENTS_INFO));
+    if (p == NULL)
+    {
+        Status = STATUS_INSUFFICIENT_RESOURCES;
+        goto done;
+    }
 
+    if (AuditData == NULL)
+    {
+        p->AuditingMode = FALSE;
+        p->MaximumAuditEventCount = 0;
+        p->EventAuditingOptions = NULL;
+    }
+    else
+    {
         p->AuditingMode = AuditData->AuditingMode;
         p->MaximumAuditEventCount = AuditData->MaximumAuditEventCount;
 
@@ -128,19 +138,23 @@ LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
     *PolicyInformation = (PLSAPR_POLICY_INFORMATION)p;
 
 done:
+    TRACE("Status: 0x%lx\n", Status);
+
     if (!NT_SUCCESS(Status))
     {
-        if (p->EventAuditingOptions != NULL)
-            MIDL_user_free(p->EventAuditingOptions);
-
         if (p != NULL)
+        {
+            if (p->EventAuditingOptions != NULL)
+                MIDL_user_free(p->EventAuditingOptions);
+
             MIDL_user_free(p);
+        }
     }
 
     if (AuditData != NULL)
         MIDL_user_free(AuditData);
 
-    return STATUS_SUCCESS;
+    return Status;
 }
 
 
@@ -783,8 +797,37 @@ NTSTATUS
 LsarSetAuditEvents(PLSA_DB_OBJECT PolicyObject,
                    PLSAPR_POLICY_AUDIT_EVENTS_INFO Info)
 {
-    FIXME("\n");
-    return STATUS_NOT_IMPLEMENTED;
+    PLSAP_POLICY_AUDIT_EVENTS_DATA AuditData = NULL;
+    ULONG AttributeSize;
+    NTSTATUS Status = STATUS_SUCCESS;
+
+    TRACE("(%p %p)\n", PolicyObject, Info);
+
+    AttributeSize = sizeof(LSAP_POLICY_AUDIT_EVENTS_DATA) +
+                    Info->MaximumAuditEventCount * sizeof(DWORD);
+
+    AuditData = RtlAllocateHeap(RtlGetProcessHeap(),
+                                HEAP_ZERO_MEMORY,
+                                AttributeSize);
+    if (AuditData == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    AuditData->AuditingMode = Info->AuditingMode;
+    AuditData->MaximumAuditEventCount = Info->MaximumAuditEventCount;
+
+    memcpy(&(AuditData->AuditEvents[0]),
+           Info->EventAuditingOptions,
+           Info->MaximumAuditEventCount * sizeof(DWORD));
+
+    Status = LsapSetObjectAttribute(PolicyObject,
+                                    L"PolAdtEv",
+                                    AuditData,
+                                    AttributeSize);
+
+    if (AuditData != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, AuditData);
+
+    return Status;
 }