NTSTATUS
LwIoCreatePlainCredsA(
PCSTR pszUsername,
PCSTR pszDomain,
PCSTR pszPassword,
PIO_CREDS* ppCreds
)
{
NTSTATUS Status = STATUS_SUCCESS;
PWSTR pwszUsername = NULL;
PWSTR pwszDomain = NULL;
PWSTR pwszPassword = NULL;
Status = LwRtlWC16StringAllocateFromCString(&pwszUsername, pszUsername);
BAIL_ON_NT_STATUS(Status);
Status = LwRtlWC16StringAllocateFromCString(&pwszDomain, pszDomain);
BAIL_ON_NT_STATUS(Status);
Status = LwRtlWC16StringAllocateFromCString(&pwszPassword, pszPassword);
BAIL_ON_NT_STATUS(Status);
Status = LwIoCreatePlainCredsW(pwszUsername, pwszDomain, pwszPassword, ppCreds);
BAIL_ON_NT_STATUS(Status);
error:
IO_SAFE_FREE_MEMORY(pwszUsername);
IO_SAFE_FREE_MEMORY(pwszDomain);
IO_SAFE_FREE_MEMORY(pwszPassword);
return Status;
}
NTSTATUS
LwIoCreateKrb5CredsA(
PCSTR pszPrincipal,
PCSTR pszCachePath,
PIO_CREDS* ppCreds
)
{
NTSTATUS Status = STATUS_SUCCESS;
PWSTR pwszPrincipal = NULL;
PWSTR pwszCachePath = NULL;
Status = LwRtlWC16StringAllocateFromCString(&pwszPrincipal, pszPrincipal);
BAIL_ON_NT_STATUS(Status);
Status = LwRtlWC16StringAllocateFromCString(&pwszCachePath, pszCachePath);
BAIL_ON_NT_STATUS(Status);
Status = LwIoCreateKrb5CredsW(pwszPrincipal, pwszCachePath, ppCreds);
BAIL_ON_NT_STATUS(Status);
error:
IO_SAFE_FREE_MEMORY(pwszPrincipal);
IO_SAFE_FREE_MEMORY(pwszCachePath);
return Status;
}
static
NTSTATUS
Unload(
PCSTR pszDriverName
)
{
NTSTATUS status = STATUS_SUCCESS;
PWSTR pwszDriverName = NULL;
status = LwRtlWC16StringAllocateFromCString(&pwszDriverName, pszDriverName);
BAIL_ON_NT_STATUS(status);
status = LwIoUnloadDriver(pwszDriverName);
if (status)
{
printf("Could not unload driver: %s\n", LwNtStatusToName(status));
}
else
{
printf("Driver [%s] unloaded successfully\n", pszDriverName);
}
BAIL_ON_NT_STATUS(status);
cleanup:
LWIO_SAFE_FREE_MEMORY(pwszDriverName);
return status;
error:
goto cleanup;
}
DWORD
LsaPstoreSetDefaultDomainA(
IN OPTIONAL PCSTR DnsDomainName
)
{
DWORD dwError = 0;
int EE = 0;
PWSTR dnsDomainNameW = NULL;
if (DnsDomainName)
{
dwError = LwNtStatusToWin32Error(LwRtlWC16StringAllocateFromCString(
&dnsDomainNameW,
DnsDomainName));
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
}
dwError = LsaPstoreSetDefaultDomainW(dnsDomainNameW);
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
cleanup:
LW_RTL_FREE(&dnsDomainNameW);
LSA_PSTORE_LOG_LEAVE_ERROR_EE(dwError, EE);
return dwError;
}
DWORD
LsaPstorepBackendGetDefaultDomainW(
IN PLSA_PSTORE_BACKEND_STATE State,
OUT PWSTR* DnsDomainName
)
{
DWORD dwError = 0;
int EE = 0;
PSTR dnsDomainNameA = NULL;
PWSTR dnsDomainName = NULL;
dwError = LwpsLegacyGetDefaultJoinedDomain(
State->OldStoreHandle,
&dnsDomainNameA);
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
dwError = LwNtStatusToWin32Error(LwRtlWC16StringAllocateFromCString(
&dnsDomainName,
dnsDomainNameA));
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
cleanup:
if (dwError)
{
LW_RTL_FREE(&dnsDomainName);
}
LW_RTL_FREE(&dnsDomainNameA);
*DnsDomainName = dnsDomainName;
LSA_PSTORE_LOG_LEAVE_ERROR_EE(dwError, EE);
return dwError;
}
DWORD
RegWC16StringAllocateFromCString(
OUT PWSTR* ppszNewString,
IN PCSTR pszOriginalString
)
{
return RegNtStatusToWin32Error(
LwRtlWC16StringAllocateFromCString(ppszNewString, pszOriginalString)
);
}
static
NTSTATUS
PvfsNotifyReportIrp(
PPVFS_IRP_CONTEXT pIrpContext,
FILE_ACTION Action,
PCSTR pszFilename
)
{
NTSTATUS ntError = STATUS_UNSUCCESSFUL;
PVOID pBuffer = pIrpContext->pIrp->Args.ReadDirectoryChange.Buffer;
ULONG Length = pIrpContext->pIrp->Args.ReadDirectoryChange.Length;
PFILE_NOTIFY_INFORMATION pNotifyInfo = NULL;
LONG FilenameBytes = 0;
PWSTR pwszFilename = NULL;
ULONG BytesNeeded = 0;
ntError = LwRtlWC16StringAllocateFromCString(&pwszFilename, pszFilename);
BAIL_ON_NT_STATUS(ntError);
FilenameBytes = (LwRtlWC16StringNumChars(pwszFilename) + 1) * sizeof(WCHAR);
BytesNeeded = sizeof(*pNotifyInfo) + FilenameBytes;
if (Length < BytesNeeded)
{
memset(pBuffer, 0x0, Length);
ntError = STATUS_NOTIFY_ENUM_DIR;
BAIL_ON_NT_STATUS(ntError);
}
pNotifyInfo = (PFILE_NOTIFY_INFORMATION)pBuffer;
pNotifyInfo->NextEntryOffset = 0;
pNotifyInfo->Action = Action;
pNotifyInfo->FileNameLength = FilenameBytes;
memcpy(&pNotifyInfo->FileName, pwszFilename, FilenameBytes);
pIrpContext->pIrp->IoStatusBlock.BytesTransferred = BytesNeeded;
cleanup:
pIrpContext->pIrp->IoStatusBlock.Status = ntError;
PvfsCompleteIrpContext(pIrpContext);
LwRtlWC16StringFree(&pwszFilename);
return ntError;
error:
goto cleanup;
}
DWORD
LsaPstoreGetPasswordInfoA(
IN OPTIONAL PCSTR DnsDomainName,
OUT PLSA_MACHINE_PASSWORD_INFO_A* PasswordInfo
)
{
DWORD dwError = 0;
int EE = 0;
PWSTR dnsDomainName = NULL;
PLSA_MACHINE_PASSWORD_INFO_W passwordInfoW = NULL;
PLSA_MACHINE_PASSWORD_INFO_A passwordInfo = NULL;
if (DnsDomainName)
{
dwError = LwNtStatusToWin32Error(LwRtlWC16StringAllocateFromCString(
&dnsDomainName,
DnsDomainName));
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
}
dwError = LsaPstoreGetPasswordInfoW(
dnsDomainName,
&passwordInfoW);
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
dwError = LsaPstorepConvertWideToAnsiPasswordInfo(
passwordInfoW,
&passwordInfo);
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
cleanup:
if (dwError)
{
LSA_PSTORE_FREE_PASSWORD_INFO_A(&passwordInfo);
}
LSA_PSTORE_FREE_PASSWORD_INFO_W(&passwordInfoW);
LW_RTL_FREE(&dnsDomainName);
*PasswordInfo = passwordInfo;
LSA_PSTORE_LOG_LEAVE_ERROR_EE(dwError, EE);
return dwError;
}
DWORD
ConvertAnsitoUnicodeString(
PCSTR pszSrc,
PWSTR* ppwszDst
)
{
DWORD dwError = 0;
#ifdef _WIN32
PSTR pszNewString = NULL;
#endif
if (!pszSrc || !ppwszDst)
{
dwError = ERROR_INVALID_PARAMETER;
}
else
{
#ifdef _WIN32
// allocate space for new string then pass addr to output
// double the original PSTR size for WPSTR
ULONG srcLen = (ULONG)strlen(pszSrc)+1;
ULONG destLen = (srcLen+1)*2;
dwError = VMCAAllocateMemory((DWORD) destLen, (PVOID*)&pszNewString);
BAIL_ON_ERROR(dwError);
if (0 == MultiByteToWideChar(CP_ACP, 0, pszSrc, -1, (LPWSTR)pszNewString, destLen))
{
dwError = GetLastError();
BAIL_ON_ERROR(dwError);
}
*ppwszDst = (LPWSTR)pszNewString;
cleanup:
return dwError;
error:
VMCAFreeMemory(pszNewString);
goto cleanup;
#else
dwError = LwNtStatusToWin32Error(
LwRtlWC16StringAllocateFromCString(ppwszDst, pszSrc));
#endif
}
return dwError;
}
ULONG
VmDirAllocateStringWFromA(
PCSTR pszSrc,
PWSTR* ppwszDst
)
{
ULONG ulError = 0;
if (!pszSrc || !ppwszDst)
{
ulError = ERROR_INVALID_PARAMETER;
}
else
{
ulError = LwNtStatusToWin32Error(
LwRtlWC16StringAllocateFromCString(ppwszDst, pszSrc));
}
return ulError;
}
static
NTSTATUS
Status(
int argc,
PSTR* ppszArgv
)
{
NTSTATUS status = STATUS_SUCCESS;
PWSTR pwszDriverName = NULL;
LWIO_DRIVER_STATE driverState = 0;
status = LwRtlWC16StringAllocateFromCString(&pwszDriverName, ppszArgv[1]);
BAIL_ON_NT_STATUS(status);
status = LwIoQueryStateDriver(pwszDriverName, &driverState);
BAIL_ON_NT_STATUS(status);
switch (driverState)
{
case LWIO_DRIVER_STATE_UNLOADED:
printf("Unloaded\n");
break;
case LWIO_DRIVER_STATE_LOADED:
printf("Loaded\n");
break;
default:
printf("Unknown\n");
break;
}
cleanup:
LWIO_SAFE_FREE_MEMORY(pwszDriverName);
return status;
error:
goto cleanup;
}
NTSTATUS
NtRegProcessConfigUsingAttributeRanges(
PCSTR pszConfigKey,
PCSTR pszPolicyKey,
PLWREG_CONFIG_ITEM pConfig,
DWORD dwConfigEntries
)
{
PLWREG_CURRENT_VALUEINFO* DONT_RETRIEVE_CURRENT_VALUE = NULL;
NTSTATUS ntStatus = STATUS_SUCCESS;
DWORD dwEntry = 0;
PLWREG_CONFIG_REG pReg = NULL;
PWSTR pwszConfigKey = NULL;
PWSTR pwszValueName = NULL;
PLWREG_VALUE_ATTRIBUTES pValueAttributes = NULL;
ntStatus = NtRegOpenConfig(pszConfigKey, pszPolicyKey, &pReg);
BAIL_ON_NT_STATUS(ntStatus);
if (pReg == NULL)
{
goto error;
}
ntStatus = LwRtlWC16StringAllocateFromCString(&pwszConfigKey, pReg->pszConfigKey);
BAIL_ON_NT_STATUS(ntStatus);
for (dwEntry = 0; dwEntry < dwConfigEntries; dwEntry++)
{
ntStatus = STATUS_SUCCESS;
pValueAttributes = NULL;
if (pwszValueName)
{
free(pwszValueName);
pwszValueName = NULL;
}
switch (pConfig[dwEntry].Type)
{
case LwRegTypeString:
ntStatus = NtRegReadConfigString(
pReg,
pConfig[dwEntry].pszName,
pConfig[dwEntry].bUsePolicy,
pConfig[dwEntry].pValue,
pConfig[dwEntry].pdwSize);
break;
case LwRegTypeMultiString:
ntStatus = NtRegReadConfigMultiString(
pReg,
pConfig[dwEntry].pszName,
pConfig[dwEntry].bUsePolicy,
pConfig[dwEntry].pValue,
pConfig[dwEntry].pdwSize);
break;
case LwRegTypeDword:
ntStatus = LwRtlWC16StringAllocateFromCString(&pwszValueName, pConfig[dwEntry].pszName);
if (ntStatus)
{
break;
}
ntStatus = NtRegGetValueAttributesW(
pReg->hConnection,
pReg->hKey,
pwszConfigKey,
pwszValueName,
DONT_RETRIEVE_CURRENT_VALUE,
&pValueAttributes
);
if (ntStatus == STATUS_OBJECT_NAME_NOT_FOUND)
{
ntStatus = STATUS_SUCCESS;
}
if (ntStatus)
{
break;
}
ntStatus = NtRegReadConfigDword(
pReg,
pConfig[dwEntry].pszName,
pConfig[dwEntry].bUsePolicy,
((pValueAttributes && pValueAttributes->RangeType == LWREG_VALUE_RANGE_TYPE_INTEGER)
? pValueAttributes->Range.RangeInteger.Min
: pConfig[dwEntry].dwMin),
((pValueAttributes && pValueAttributes->RangeType == LWREG_VALUE_RANGE_TYPE_INTEGER)
? pValueAttributes->Range.RangeInteger.Max
: pConfig[dwEntry].dwMax),
pConfig[dwEntry].pValue);
break;
case LwRegTypeBoolean:
ntStatus = NtRegReadConfigBoolean(
pReg,
pConfig[dwEntry].pszName,
pConfig[dwEntry].bUsePolicy,
pConfig[dwEntry].pValue);
break;
case LwRegTypeEnum:
ntStatus = NtRegReadConfigEnum(
pReg,
pConfig[dwEntry].pszName,
pConfig[dwEntry].bUsePolicy,
pConfig[dwEntry].dwMin,
pConfig[dwEntry].dwMax,
pConfig[dwEntry].ppszEnumNames,
pConfig[dwEntry].pValue);
break;
default:
break;
}
if (ntStatus == STATUS_OBJECT_NAME_NOT_FOUND)
{
ntStatus = STATUS_SUCCESS;
}
BAIL_ON_NT_STATUS(ntStatus);
}
cleanup:
if (pwszValueName)
{
free(pwszValueName);
pwszValueName = NULL;
}
if (pwszConfigKey)
{
free(pwszConfigKey);
pwszConfigKey = NULL;
}
NtRegCloseConfig(pReg);
pReg = NULL;
return ntStatus;
error:
goto cleanup;
}
NTSTATUS
MemRegStoreOpen(
OUT PMEMREG_NODE *pphDbNode)
{
NTSTATUS status = 0;
PMEMREG_NODE hRegNode = NULL;
PWSTR rootKey = NULL;
PMEMREG_NODE hRootNode = NULL;
DWORD i = 0;
PSECURITY_DESCRIPTOR_RELATIVE pSecDescRel = NULL;
ULONG ulSecDescLen = 0;
/* This is the ROOT node (\) of the registry */
status = LW_RTL_ALLOCATE(
(PVOID*)&hRegNode,
PMEMREG_NODE,
sizeof(*hRegNode));
BAIL_ON_NT_STATUS(status);
memset(hRegNode, 0, sizeof(*hRegNode));
hRegNode->NodeType = MEMREG_TYPE_ROOT;
status = LwRtlWC16StringAllocateFromCString(
&hRegNode->Name, "\\");
BAIL_ON_NT_STATUS(status);
status = RegSrvCreateDefaultSecDescRel(
&pSecDescRel,
&ulSecDescLen);
BAIL_ON_NT_STATUS(status);
/* Populate the subkeys under the root node */
for (i=0; gRootKeys[i]; i++)
{
status = LwRtlWC16StringAllocateFromCString(
&rootKey,
gRootKeys[i]);
BAIL_ON_NT_STATUS(status);
status = MemRegStoreAddNode(
hRegNode,
rootKey,
MEMREG_TYPE_HIVE,
pSecDescRel, // SD parameter
ulSecDescLen,
&hRootNode,
NULL);
BAIL_ON_NT_STATUS(status);
LWREG_SAFE_FREE_MEMORY(rootKey);
}
*pphDbNode = hRegNode;
cleanup:
LWREG_SAFE_FREE_MEMORY(pSecDescRel);
return status;
error:
LWREG_SAFE_FREE_MEMORY(hRegNode->Name);
LWREG_SAFE_FREE_MEMORY(hRegNode);
LWREG_SAFE_FREE_MEMORY(rootKey);
goto cleanup;
}
NTSTATUS
DfsConfigReadStandaloneRoots(
VOID
)
{
NTSTATUS ntStatus = STATUS_SUCCESS;
HANDLE hRegConnection = (HANDLE)NULL;
HKEY hStandaloneKey = (HKEY)NULL;
PWSTR pwszStandaloneRootKeyPath = NULL;
DWORD dwIndex = 0;
DWORD dwReserved = 0;
DWORD dwDfsRootNameSize = MAX_KEY_LENGTH;
WCHAR pwszDfsRootName[MAX_KEY_LENGTH] = {0};
BOOLEAN bFinished = FALSE;
ntStatus = LwRtlWC16StringAllocateFromCString(
&pwszStandaloneRootKeyPath,
DFS_CONF_ROOT_STANDALONE);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = NtRegOpenServer(&hRegConnection);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = NtRegOpenKeyExW(
hRegConnection,
NULL,
pwszStandaloneRootKeyPath,
0,
KEY_READ,
&hStandaloneKey);
BAIL_ON_NT_STATUS(ntStatus);
for (dwIndex = 0; !bFinished; dwIndex++)
{
ntStatus = NtRegEnumKeyExW(
hRegConnection,
hStandaloneKey,
dwIndex,
pwszDfsRootName,
&dwDfsRootNameSize,
&dwReserved,
NULL,
NULL,
NULL);
if (ntStatus == STATUS_NO_MORE_ENTRIES)
{
ntStatus = STATUS_SUCCESS;
bFinished = TRUE;
continue;
}
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = DfsConfigInitializeRoot(
hRegConnection,
hStandaloneKey,
pwszDfsRootName);
BAIL_ON_NT_STATUS(ntStatus);
}
cleanup:
if (pwszStandaloneRootKeyPath)
{
LwRtlWC16StringFree(&pwszStandaloneRootKeyPath);
}
if (hStandaloneKey)
{
NtRegCloseKey(hRegConnection, hStandaloneKey);
}
if (hRegConnection)
{
NtRegCloseServer(hRegConnection);
}
return ntStatus;
error:
goto cleanup;
}
static
NTSTATUS
LwIoCreateDefaultKrb5Creds(
PIO_CREDS* ppCreds
)
{
NTSTATUS Status = STATUS_SUCCESS;
krb5_context pKrb5Context = NULL;
krb5_error_code krb5Error = 0;
krb5_ccache pKrb5Cache = NULL;
krb5_principal pKrb5Principal = NULL;
char* pszPrincipalName = NULL;
const char* pszCredCachePath = NULL;
PIO_CREDS pCreds = NULL;
*ppCreds = NULL;
krb5Error = krb5_init_context(&pKrb5Context);
if (krb5Error)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
BAIL_ON_NT_STATUS(Status);
}
pszCredCachePath = krb5_cc_default_name(pKrb5Context);
if (!pszCredCachePath)
{
/* If there is no default path, give up */
goto cleanup;
}
krb5Error = krb5_cc_resolve(pKrb5Context, pszCredCachePath, &pKrb5Cache);
if (krb5Error)
{
/* If we can't access the cache, give up */
goto cleanup;
}
krb5Error = krb5_cc_get_principal(pKrb5Context, pKrb5Cache, &pKrb5Principal);
if (krb5Error)
{
/* If there is no principal, give up */
goto cleanup;
}
krb5Error = krb5_unparse_name(pKrb5Context, pKrb5Principal, &pszPrincipalName);
if (krb5Error)
{
Status = STATUS_UNSUCCESSFUL;
BAIL_ON_NT_STATUS(Status);
}
Status = LwIoAllocateMemory(sizeof(*pCreds), OUT_PPVOID(&pCreds));
BAIL_ON_NT_STATUS(Status);
pCreds->type = IO_CREDS_TYPE_KRB5_CCACHE;
Status = LwRtlWC16StringAllocateFromCString(
&pCreds->payload.krb5Ccache.pwszPrincipal,
pszPrincipalName
);
BAIL_ON_NT_STATUS(Status);
Status = LwRtlWC16StringAllocateFromCString(
&pCreds->payload.krb5Ccache.pwszCachePath,
pszCredCachePath
);
BAIL_ON_NT_STATUS(Status);
*ppCreds = pCreds;
cleanup:
if (pszPrincipalName)
{
krb5_free_unparsed_name(pKrb5Context, pszPrincipalName);
}
if (pKrb5Principal)
{
krb5_free_principal(pKrb5Context, pKrb5Principal);
}
if (pKrb5Cache)
{
krb5_cc_close(pKrb5Context, pKrb5Cache);
}
if (pKrb5Context)
{
krb5_free_context(pKrb5Context);
}
return Status;
error:
if (pCreds)
{
LwIoDeleteCreds(pCreds);
}
goto cleanup;
}
DWORD
LsaPstorepBackendGetJoinedDomainsW(
IN PLSA_PSTORE_BACKEND_STATE State,
OUT PWSTR** DnsDomainNames,
OUT PDWORD Count
)
{
DWORD dwError = 0;
int EE = 0;
PWSTR* dnsDomainNames = NULL;
DWORD count = 0;
PSTR* internalDnsDomainNames = NULL;
DWORD internalCount = 0;
dwError = LwpsLegacyGetJoinedDomains(
State->OldStoreHandle,
&internalDnsDomainNames,
&internalCount);
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
if (!internalCount)
{
GOTO_CLEANUP_EE(EE);
}
dwError = LwNtStatusToWin32Error(LW_RTL_ALLOCATE(
&dnsDomainNames,
VOID,
internalCount * sizeof(dnsDomainNames[0])));
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
for (count = 0; count < internalCount; count++)
{
dwError = LwNtStatusToWin32Error(LwRtlWC16StringAllocateFromCString(
&dnsDomainNames[count],
internalDnsDomainNames[count]));
GOTO_CLEANUP_ON_WINERROR_EE(dwError, EE);
}
cleanup:
if (dwError)
{
if (dnsDomainNames)
{
LsaPstoreFreeStringArrayW(dnsDomainNames, count);
dnsDomainNames = NULL;
}
count = 0;
}
if (internalDnsDomainNames)
{
LwpsLegacyFreeStringArray(internalDnsDomainNames, internalCount);
}
*DnsDomainNames = dnsDomainNames;
*Count = count;
LSA_PSTORE_LOG_LEAVE_ERROR_EE(dwError, EE);
return dwError;
}
NTSTATUS
MemCreateKeyEx(
IN HANDLE Handle,
IN HKEY hKey,
IN PCWSTR pSubKey,
IN DWORD dwReserved,
IN OPTIONAL PWSTR pClass,
IN DWORD dwOptions,
IN ACCESS_MASK AccessDesired,
IN OPTIONAL PSECURITY_DESCRIPTOR_RELATIVE pSecDescRel,
IN ULONG ulSecDescLength,
OUT PHKEY phkResult,
OUT OPTIONAL PDWORD pdwDisposition
)
{
NTSTATUS status = 0;
PREG_KEY_HANDLE pKeyHandle = (PREG_KEY_HANDLE)hKey;
PMEMREG_NODE hRootKey = NULL;
PMEMREG_NODE hSubKey = NULL;
REG_DB_CONNECTION regDbConn = {0};
PWSTR pwszRootKey = NULL;
PREG_SRV_API_STATE pServerState = (PREG_SRV_API_STATE)Handle;
ACCESS_MASK AccessGranted = 0;
PSECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor = NULL;
DWORD SecurityDescriptorLen = 0;
BOOLEAN bInLock = FALSE;
LWREG_LOCK_RWMUTEX_EXCLUSIVE(bInLock, &MemRegRoot()->lock);
if (!hKey)
{
status = LwRtlWC16StringAllocateFromCString(
&pwszRootKey,
HKEY_THIS_MACHINE);
BAIL_ON_NT_STATUS(status);
// Search for specified root key. If NULL, return HKTM.
status = MemDbOpenKey(
Handle,
NULL,
pwszRootKey,
AccessDesired,
&hRootKey);
BAIL_ON_NT_STATUS(status);
regDbConn.pMemReg = hRootKey;
}
else
{
regDbConn.pMemReg = pKeyHandle->pKey->hNode;
}
if (!pServerState->pToken)
{
status = RegSrvCreateAccessToken(pServerState->peerUID,
pServerState->peerGID,
&pServerState->pToken);
BAIL_ON_NT_STATUS(status);
}
if (pSecDescRel)
{
SecurityDescriptor = pSecDescRel;
SecurityDescriptorLen = ulSecDescLength;
}
else
{
SecurityDescriptor =
pKeyHandle->pKey->hNode->pNodeSd->SecurityDescriptor;
SecurityDescriptorLen =
pKeyHandle->pKey->hNode->pNodeSd->SecurityDescriptorLen;
}
if (SecurityDescriptor)
{
status = RegSrvAccessCheckKey(pServerState->pToken,
SecurityDescriptor,
SecurityDescriptorLen,
AccessDesired,
&AccessGranted);
}
if (STATUS_NO_TOKEN == status)
{
status = 0;
AccessGranted = 0;
}
BAIL_ON_NT_STATUS(status);
status = MemDbCreateKeyEx(
Handle, // Access token is on this handle
®DbConn,
pSubKey,
0, // IN DWORD dwReserved
NULL, // IN OPTIONAL PWSTR pClass
0, //IN DWORD dwOptions
AccessDesired, // IN ACCESS_MASK
pSecDescRel, // IN OPTIONAL
ulSecDescLength, // IN ULONG
&hSubKey,
pdwDisposition);
BAIL_ON_NT_STATUS(status);
status = _MemCreateHkeyReply(hSubKey, phkResult);
BAIL_ON_NT_STATUS(status);
pKeyHandle->AccessGranted = AccessGranted;
hSubKey->NodeRefCount++;
MemDbExportEntryChanged();
cleanup:
LWREG_UNLOCK_RWMUTEX(bInLock, &MemRegRoot()->lock);
LWREG_SAFE_FREE_MEMORY(pwszRootKey);
return status;
error:
if (hRootKey)
{
// Close open root key
}
goto cleanup;
}
static
NTSTATUS
LwIoCredentialCacheToTgt(
PIO_CREDS pCacheToken,
PIO_CREDS* ppCreds
)
{
NTSTATUS Status = STATUS_SUCCESS;
krb5_context pContext = NULL;
krb5_error_code krb5Error = 0;
krb5_ccache pCache = NULL;
PSTR pszClientPrincipalName = NULL;
PSTR pszServerPrincipalName = NULL;
PSTR pszDesiredPrincipal = NULL;
PSTR pszCredCachePath = NULL;
PIO_CREDS pCreds = NULL;
BOOLEAN bFoundTgt = FALSE;
BOOLEAN bStartSeq = FALSE;
krb5_creds creds;
krb5_cc_cursor cursor;
Status = LwRtlCStringAllocateFromWC16String(
&pszDesiredPrincipal,
pCacheToken->payload.krb5Ccache.pwszPrincipal);
BAIL_ON_NT_STATUS(Status);
Status = LwRtlCStringAllocateFromWC16String(
&pszCredCachePath,
pCacheToken->payload.krb5Ccache.pwszCachePath);
BAIL_ON_NT_STATUS(Status);
/* Open credentials cache */
krb5Error = krb5_init_context(&pContext);
if (krb5Error)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
BAIL_ON_NT_STATUS(Status);
}
krb5Error = krb5_cc_resolve(pContext, pszCredCachePath, &pCache);
if (krb5Error)
{
Status = STATUS_UNSUCCESSFUL;
BAIL_ON_NT_STATUS(Status);
}
/* Look for a TGT */
krb5Error = krb5_cc_start_seq_get(pContext, pCache, &cursor);
if (krb5Error)
{
Status = STATUS_UNSUCCESSFUL;
BAIL_ON_NT_STATUS(Status);
}
bStartSeq = TRUE;
while ((krb5Error = krb5_cc_next_cred(pContext, pCache, &cursor, &creds)) == 0)
{
/* Look tickets with the intial flag set */
if (creds.ticket_flags & TKT_FLG_INITIAL)
{
/* Extract and compare client principal with desired principal */
krb5Error = krb5_unparse_name(pContext, creds.client, &pszClientPrincipalName);
if (krb5Error)
{
Status = STATUS_UNSUCCESSFUL;
BAIL_ON_NT_STATUS(Status);
}
if (!strcmp(pszClientPrincipalName, pszDesiredPrincipal))
{
bFoundTgt = TRUE;
break;
}
krb5_free_unparsed_name(pContext, pszClientPrincipalName);
pszClientPrincipalName = NULL;
}
krb5_free_cred_contents(pContext, &creds);
}
if (!bFoundTgt)
{
Status = STATUS_UNSUCCESSFUL;
BAIL_ON_NT_STATUS(Status);
}
/* Extract server principal name */
krb5Error = krb5_unparse_name(pContext, creds.server, &pszServerPrincipalName);
if (krb5Error)
{
Status = STATUS_UNSUCCESSFUL;
BAIL_ON_NT_STATUS(Status);
}
/* Construct token from krb5 credential data */
Status = LwIoAllocateMemory(sizeof(*pCreds), OUT_PPVOID(&pCreds));
BAIL_ON_NT_STATUS(Status);
pCreds->type = IO_CREDS_TYPE_KRB5_TGT;
/* Copy principal names */
Status = LwRtlWC16StringAllocateFromCString(
&pCreds->payload.krb5Tgt.pwszClientPrincipal,
pszClientPrincipalName);
BAIL_ON_NT_STATUS(Status);
Status = LwRtlWC16StringAllocateFromCString(
&pCreds->payload.krb5Tgt.pwszServerPrincipal,
pszServerPrincipalName);
BAIL_ON_NT_STATUS(Status);
/* Set time fields */
pCreds->payload.krb5Tgt.authTime = creds.times.authtime;
pCreds->payload.krb5Tgt.startTime = creds.times.starttime;
pCreds->payload.krb5Tgt.endTime = creds.times.endtime;
pCreds->payload.krb5Tgt.renewTillTime = creds.times.renew_till;
/* Copy encryption key */
pCreds->payload.krb5Tgt.keyType = creds.keyblock.enctype;
pCreds->payload.krb5Tgt.ulKeySize = creds.keyblock.length;
Status = LwIoAllocateMemory(
creds.keyblock.length,
OUT_PPVOID(&pCreds->payload.krb5Tgt.pKeyData));
BAIL_ON_NT_STATUS(Status);
memcpy(
pCreds->payload.krb5Tgt.pKeyData,
creds.keyblock.contents,
creds.keyblock.length);
/* Copy tgt */
pCreds->payload.krb5Tgt.tgtFlags = creds.ticket_flags;
pCreds->payload.krb5Tgt.ulTgtSize = creds.ticket.length;
Status = LwIoAllocateMemory(
creds.ticket.length,
OUT_PPVOID(&pCreds->payload.krb5Tgt.pTgtData));
BAIL_ON_NT_STATUS(Status);
memcpy(
pCreds->payload.krb5Tgt.pTgtData,
creds.ticket.data,
creds.ticket.length);
*ppCreds = pCreds;
cleanup:
LWIO_SAFE_FREE_MEMORY(pszDesiredPrincipal);
LWIO_SAFE_FREE_MEMORY(pszCredCachePath);
if (pszClientPrincipalName)
{
krb5_free_unparsed_name(pContext, pszClientPrincipalName);
}
if (pszServerPrincipalName)
{
krb5_free_unparsed_name(pContext, pszServerPrincipalName);
}
if (bFoundTgt)
{
krb5_free_cred_contents(pContext, &creds);
}
if (bStartSeq)
{
krb5_cc_end_seq_get(pContext, pCache, &cursor);
}
if (pCache)
{
krb5_cc_close(pContext, pCache);
}
if (pContext)
{
krb5_free_context(pContext);
}
return Status;
error:
*ppCreds = NULL;
if (pCreds)
{
LwIoDeleteCreds(pCreds);
}
goto cleanup;
}
NTSTATUS
NtRegUpdateConfigItemRange(
IN PCSTR pszConfigKey,
IN OUT PLWREG_CONFIG_ITEM pConfig,
IN DWORD dwConfigEntries
)
{
PLWREG_CURRENT_VALUEINFO* DONT_RETRIEVE_CURRENT_VALUE = NULL;
PCSTR NO_POLICY_KEY = NULL;
NTSTATUS ntStatus = STATUS_SUCCESS;
PLWREG_CONFIG_REG pReg = NULL;
DWORD dwEntry = 0;
PWSTR pwszSubKey = NULL;
PWSTR pwszValueName = NULL;
PLWREG_VALUE_ATTRIBUTES pValueAttributes = NULL;
ntStatus = NtRegOpenConfig(pszConfigKey, NO_POLICY_KEY, &pReg);
BAIL_ON_NT_STATUS(ntStatus);
if (pReg == NULL)
{
goto error;
}
ntStatus = LwRtlWC16StringAllocateFromCString(&pwszSubKey, pReg->pszConfigKey);
BAIL_ON_NT_STATUS(ntStatus);
for (dwEntry = 0; dwEntry < dwConfigEntries; ntStatus = STATUS_SUCCESS, dwEntry++)
{
if (pwszValueName)
{
free(pwszValueName);
pwszValueName = NULL;
}
ntStatus = LwRtlWC16StringAllocateFromCString(&pwszValueName, pConfig[dwEntry].pszName);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = NtRegGetValueAttributesW(
pReg->hConnection,
pReg->hKey,
pwszSubKey,
pwszValueName,
DONT_RETRIEVE_CURRENT_VALUE,
&pValueAttributes
);
if (ntStatus == STATUS_OBJECT_NAME_NOT_FOUND)
{
continue;
}
BAIL_ON_NT_STATUS(ntStatus);
if (pValueAttributes
&& pValueAttributes->RangeType == LWREG_VALUE_RANGE_TYPE_INTEGER)
{
pConfig[dwEntry].dwMin = pValueAttributes->Range.RangeInteger.Min;
pConfig[dwEntry].dwMax = pValueAttributes->Range.RangeInteger.Max;
}
}
cleanup:
if (pwszValueName)
{
free(pwszValueName);
pwszValueName = NULL;
}
if (pwszSubKey)
{
free(pwszSubKey);
pwszSubKey = NULL;
}
if (pReg)
{
NtRegCloseConfig(pReg);
pReg = NULL;
}
return ntStatus;
error:
goto cleanup;
}
static
NTSTATUS
PvfsNotifyReportBuffer(
PPVFS_NOTIFY_FILTER_BUFFER pFilterBuffer,
FILE_ACTION Action,
PCSTR pszFilename
)
{
NTSTATUS ntError = STATUS_UNSUCCESSFUL;
PVOID pBuffer = pFilterBuffer->pData + pFilterBuffer->Offset;
ULONG Length = pFilterBuffer->Length - pFilterBuffer->Offset;
PFILE_NOTIFY_INFORMATION pNotifyInfo = NULL;
LONG FilenameBytes = 0;
PWSTR pwszFilename = NULL;
ULONG BytesNeeded = 0;
/* Don't bother if we have already overflowed the buffer */
BAIL_ON_NT_STATUS(pFilterBuffer->Status);
ntError = LwRtlWC16StringAllocateFromCString(&pwszFilename, pszFilename);
BAIL_ON_NT_STATUS(ntError);
FilenameBytes = (LwRtlWC16StringNumChars(pwszFilename) + 1) * sizeof(WCHAR);
BytesNeeded = sizeof(*pNotifyInfo) + FilenameBytes;
PVFS_ALIGN_MEMORY(BytesNeeded, 8);
if (Length < BytesNeeded)
{
ntError = pFilterBuffer->Status = STATUS_NOTIFY_ENUM_DIR;
BAIL_ON_NT_STATUS(ntError);
}
pNotifyInfo = (PFILE_NOTIFY_INFORMATION)pBuffer;
pNotifyInfo->NextEntryOffset = 0;
pNotifyInfo->Action = Action;
pNotifyInfo->FileNameLength = FilenameBytes;
memcpy(&pNotifyInfo->FileName, pwszFilename, FilenameBytes);
if (pFilterBuffer->pNotify)
{
ULONG NextEntry = PVFS_PTR_DIFF(pFilterBuffer->pNotify, pNotifyInfo);
pFilterBuffer->pNotify->NextEntryOffset = NextEntry;
}
pFilterBuffer->pNotify = pNotifyInfo;
pFilterBuffer->Offset += BytesNeeded;
cleanup:
LwRtlWC16StringFree(&pwszFilename);
return ntError;
error:
goto cleanup;
}
int
main(
int argc,
char* argv[]
)
{
DWORD dwError = 0;
PSTR pszHostName = NULL;
PWSTR pwszHostName = NULL;
PWSTR pwszCanonName = NULL;
PSTR pszCanonName = NULL;
PLWNET_RESOLVE_ADDR *ppAddressList = NULL;
DWORD dwAddressListLen = 0;
DWORD i = 0;
CHAR ipAddressBuf[INET_ADDRSTRLEN];
PCSTR pszAddress = NULL;
DWORD ipAddressLen = 0;
DWORD ipAddrFamily = 0;
PBYTE pIpAddr = NULL;
lwnet_init_logging_to_file(LWNET_LOG_LEVEL_VERBOSE, TRUE, "");
ParseArgs(argc, argv);
if (argc == 1)
{
printf("usage: %s hostname\n", argv[0]);
return 0;
}
pszHostName = argv[1];
dwError = LwRtlWC16StringAllocateFromCString(&pwszHostName,
pszHostName);
BAIL_ON_LWNET_ERROR(dwError);
dwError = LWNetResolveName(
(PCWSTR) pwszHostName,
&pwszCanonName,
&ppAddressList,
&dwAddressListLen);
BAIL_ON_LWNET_ERROR(dwError);
dwError = LwRtlCStringAllocateFromWC16String(&pszCanonName,
pwszCanonName);
BAIL_ON_LWNET_ERROR(dwError);
for (i=0; i<dwAddressListLen; i++)
{
if (ppAddressList[i]->AddressType == LWNET_IP_ADDR_V4)
{
ipAddressLen = 4;
ipAddrFamily = PF_INET;
pIpAddr = ppAddressList[i]->Address.Ip4Addr;
}
else if (ppAddressList[i]->AddressType == LWNET_IP_ADDR_V6)
{
ipAddressLen = 16;
ipAddrFamily = PF_INET6;
pIpAddr = ppAddressList[i]->Address.Ip4Addr;
}
pszAddress = inet_ntop(ipAddrFamily,
pIpAddr,
ipAddressBuf,
sizeof(ipAddressBuf));
if (pszAddress)
{
printf("IP Address = %s\n", pszAddress);
}
}
printf("Responses = %d Host: '%s'\n", dwAddressListLen, pszCanonName);
cleanup:
LWNetResolveNameFree(pwszCanonName, ppAddressList, dwAddressListLen);
LWNET_SAFE_FREE_MEMORY(pwszHostName);
LWNET_SAFE_FREE_STRING(pszCanonName);
return (dwError);
error:
if (dwError == ERROR_BAD_NET_NAME)
{
printf("LWNetResolveName() failed DNS/NetBIOS name resolution\n");
}
else
{
LWNET_LOG_ERROR("Failed communication with likewise-netlogond. "
"Error code [%d]\n", dwError);
}
goto cleanup;
}