From: Eric Kohl <eric.kohl@reactos.org>
Date: Sat, 31 Aug 2019 16:17:14 +0000 (+0200)
Subject: [BOOTDATA][LSASRV] Add the security service(s)
X-Git-Tag: 0.4.14-dev~199
X-Git-Url: https://git.reactos.org/?p=reactos.git;a=commitdiff_plain;h=fa0eef085c9fe5b9b1de5a9dac39946f27999540;ds=sidebyside

[BOOTDATA][LSASRV] Add the security service(s)

- Add the service routines for the SamSs service.
- Start the SamSs service.
---

diff --git a/boot/bootdata/hivesys.inf b/boot/bootdata/hivesys.inf
index dde3a8e9fd8..667104ed7b4 100644
--- a/boot/bootdata/hivesys.inf
+++ b/boot/bootdata/hivesys.inf
@@ -1964,6 +1964,17 @@ HKLM,"SYSTEM\CurrentControlSet\Services\Rpcss","ObjectName",0x00000000,"LocalSys
 HKLM,"SYSTEM\CurrentControlSet\Services\Rpcss","Start",0x00010001,0x00000002
 HKLM,"SYSTEM\CurrentControlSet\Services\Rpcss","Type",0x00010001,0x00000010
 
+; SamSs service
+HKLM,"SYSTEM\CurrentControlSet\Services\SamSs","DependOnService",0x00010000,"RPCSS"
+HKLM,"SYSTEM\CurrentControlSet\Services\SamSs","Description",0x00000000,%SAMSS_SERVICE_DESCRIPTION%
+HKLM,"SYSTEM\CurrentControlSet\Services\SamSs","DisplayName",0x00000000,%SAMSS_SERVICE%
+HKLM,"SYSTEM\CurrentControlSet\Services\SamSs","ErrorControl",0x00010001,0x00000001
+HKLM,"SYSTEM\CurrentControlSet\Services\SamSs","Group",0x00000000,"LocalValidation"
+HKLM,"SYSTEM\CurrentControlSet\Services\SamSs","ImagePath",0x00020000,"%SystemRoot%\system32\lsass.exe"
+HKLM,"SYSTEM\CurrentControlSet\Services\SamSs","ObjectName",0x00000000,"LocalSystem"
+HKLM,"SYSTEM\CurrentControlSet\Services\SamSs","Start",0x00010001,0x00000002
+HKLM,"SYSTEM\CurrentControlSet\Services\SamSs","Type",0x00010001,0x00000020
+
 ; Scheduler service
 HKLM,"SYSTEM\CurrentControlSet\Services\Schedule","DependOnService",0x00010000,"RPCSS"
 HKLM,"SYSTEM\CurrentControlSet\Services\Schedule","Description",0x00000000,%SCHEDULE_SERVICE_DESCRIPTION%
@@ -2231,6 +2242,9 @@ PLUGPLAY_SERVICE_DESCRIPTION="Detects hardware changes and installs needed softw
 RPCSS_SERVICE="Remote Procedure Call"
 RPCSS_SERVICE_DESCRIPTION="RPC subsystem which is responsible for Remote Procedure Calls on the local machine."
 
+SAMSS_SERVICE="Security Accounts Manager"
+SAMSS_SERVICE_DESCRIPTION="The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests.  Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly.  This service should not be disabled."
+
 SCHEDULE_SERVICE="Scheduler service"
 SCHEDULE_SERVICE_DESCRIPTION="Allows starting of programs at specific times."
 
@@ -2379,6 +2393,9 @@ PLUGPLAY_SERVICE_DESCRIPTION="Wykrywa zmiany w sprzęcie i instaluje potrzebne o
 RPCSS_SERVICE="Zdalne wykonywanie procedur"
 RPCSS_SERVICE_DESCRIPTION="Podsystem RPC, który jest odpowiedzialny za zdalne wykonywanie procedur na tym komputerze."
 
+SAMSS_SERVICE="Security Accounts Manager"
+SAMSS_SERVICE_DESCRIPTION="The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests.  Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly.  This service should not be disabled."
+
 SCHEDULE_SERVICE="Usługa Harmonogram"
 SCHEDULE_SERVICE_DESCRIPTION="Umożliwia uruchamianie programów w określonym czasie."
 
@@ -2521,6 +2538,9 @@ PLUGPLAY_SERVICE_DESCRIPTION="Detectează schimbările în configurația fizică
 RPCSS_SERVICE="Apel procedural la distanță"
 RPCSS_SERVICE_DESCRIPTION="Subsistemul responsabil pentru apel procedural la distanță în calculatorul local."
 
+SAMSS_SERVICE="Security Accounts Manager"
+SAMSS_SERVICE_DESCRIPTION="The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests.  Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly.  This service should not be disabled."
+
 SCHEDULE_SERVICE="Serviciu de planificare"
 SCHEDULE_SERVICE_DESCRIPTION="Permite pornirea de programe la o anumită oră."
 
@@ -2663,6 +2683,9 @@ PLUGPLAY_SERVICE_DESCRIPTION="Обнаруживает изменения обо
 RPCSS_SERVICE="Удаленный вызов процедур (RPC)"
 RPCSS_SERVICE_DESCRIPTION="Подсистема для вызова удаленных процедур на локальной машине."
 
+SAMSS_SERVICE="Security Accounts Manager"
+SAMSS_SERVICE_DESCRIPTION="The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests.  Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly.  This service should not be disabled."
+
 SCHEDULE_SERVICE="Планировщик заданий"
 SCHEDULE_SERVICE_DESCRIPTION="Позволяет запускать программы в определенное время."
 
diff --git a/dll/win32/lsasrv/service.c b/dll/win32/lsasrv/service.c
index ed4b97c01b8..9c207811135 100644
--- a/dll/win32/lsasrv/service.c
+++ b/dll/win32/lsasrv/service.c
@@ -2,22 +2,149 @@
  * PROJECT:     Local Security Authority Server DLL
  * LICENSE:     GPL - See COPYING in the top level directory
  * FILE:        dll/win32/lsasrv/service.c
- * PURPOSE:     Main file
- * COPYRIGHT:   Copyright 2016 Eric Kohl
+ * PURPOSE:     Security service
+ * COPYRIGHT:   Copyright 2016, 2019 Eric Kohl <eric.kohl@reactos.org>
  */
 
 /* INCLUDES ****************************************************************/
 
 #include "lsasrv.h"
+#include <winsvc.h>
+
+VOID WINAPI I_ScIsSecurityProcess(VOID);
+
+static VOID WINAPI SamSsServiceMain(DWORD dwArgc, PWSTR *pszArgv);
+
+SERVICE_TABLE_ENTRYW ServiceTable[] =
+{
+    {L"SAMSS", SamSsServiceMain},
+    {NULL, NULL}
+};
+
 
 /* FUNCTIONS ***************************************************************/
 
+static
+VOID
+WINAPI
+SamSsControlHandler(
+    _In_ DWORD fdwControl)
+{
+    TRACE("SamSsControlHandler(%lu)\n", fdwControl);
+}
+
+
+static
+VOID
+WINAPI
+SamSsServiceMain(
+    _In_ DWORD dwArgc,
+    _In_ PWSTR *pszArgv)
+{
+    SERVICE_STATUS_HANDLE hStatus;
+    SERVICE_STATUS ServiceStatus;
+
+    TRACE("SamSsServiceMain(%lu %p)\n", dwArgc, pszArgv);
+
+    hStatus = RegisterServiceCtrlHandlerW(L"SAMSS",
+                                          SamSsControlHandler);
+    if (hStatus == NULL)
+        return;
+
+    ServiceStatus.dwServiceType = SERVICE_WIN32_SHARE_PROCESS;
+    ServiceStatus.dwCurrentState = SERVICE_START_PENDING;
+    ServiceStatus.dwControlsAccepted = 0;
+    ServiceStatus.dwWin32ExitCode = ERROR_SUCCESS;
+    ServiceStatus.dwServiceSpecificExitCode = ERROR_SUCCESS;
+    ServiceStatus.dwCheckPoint = 1;
+    ServiceStatus.dwWaitHint = 0x7530;
+
+    SetServiceStatus(hStatus, &ServiceStatus);
+
+    ServiceStatus.dwCurrentState = SERVICE_RUNNING;
+    ServiceStatus.dwCheckPoint = 0;
+    ServiceStatus.dwWaitHint = 0;
+
+    SetServiceStatus(hStatus, &ServiceStatus);
+}
+
+
+static
+DWORD
+WINAPI
+DispatcherThread(
+    _In_ PVOID pParameter)
+{
+    HANDLE hEvent;
+    DWORD dwError;
+
+    TRACE("DispatcherThread(%p)\n", pParameter);
+
+    /* Create or open the SECURITY_SERVICES_STARTED event */
+    hEvent = CreateEventW(NULL,
+                          TRUE,
+                          FALSE,
+                          L"SECURITY_SERVICES_STARTED");
+    if (hEvent == NULL)
+    {
+        dwError = GetLastError();
+        if (dwError != ERROR_ALREADY_EXISTS)
+            return dwError;
+
+        hEvent = OpenEventW(SYNCHRONIZE,
+                            FALSE,
+                            L"SECURITY_SERVICES_STARTED");
+        if (hEvent == NULL)
+            return GetLastError();
+    }
+
+    /* Wait for the SECURITY_SERVICES_STARTED event to be signaled */
+    TRACE("Waiting for the SECURITY_SERVICES_STARTED event!\n");
+    dwError = WaitForSingleObject(hEvent, INFINITE);
+    TRACE("WaitForSingleObject returned %lu\n", dwError);
+
+    /* Close the event handle */
+    CloseHandle(hEvent);
+
+    /* Fail, if the event was not signaled */
+    if (dwError != WAIT_OBJECT_0)
+    {
+        ERR("Wait failed!\n");
+        return dwError;
+    }
+
+    /* This is the security process */
+    I_ScIsSecurityProcess();
+
+    /* Start the services */
+    TRACE("Start the security services!\n");
+    if (!StartServiceCtrlDispatcherW(ServiceTable))
+        return GetLastError();
+
+    TRACE("Done!\n");
+
+    return ERROR_SUCCESS;
+}
+
 
 NTSTATUS
 WINAPI
 ServiceInit(VOID)
 {
-    TRACE("ServiceInit() called\n");
+    HANDLE hThread;
+    DWORD dwThreadId;
+
+    TRACE("ServiceInit()\n");
+
+    hThread = CreateThread(NULL,
+                           0,
+                           DispatcherThread,
+                           NULL,
+                           0,
+                           &dwThreadId);
+    if (hThread == NULL)
+       return (NTSTATUS)GetLastError();
+
     return STATUS_SUCCESS;
 }