static NTSTATUS BuildTokenDefaultDacl(PTOKEN_DEFAULT_DACL DefaultDacl, PSID OwnerSid) { SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY}; PSID LocalSystemSid = NULL; PACL Dacl = NULL; NTSTATUS Status = STATUS_SUCCESS; RtlAllocateAndInitializeSid(&SystemAuthority, 1, SECURITY_LOCAL_SYSTEM_RID, SECURITY_NULL_RID, SECURITY_NULL_RID, SECURITY_NULL_RID, SECURITY_NULL_RID, SECURITY_NULL_RID, SECURITY_NULL_RID, SECURITY_NULL_RID, &LocalSystemSid); Dacl = DispatchTable.AllocateLsaHeap(1024); if (Dacl == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } Status = RtlCreateAcl(Dacl, 1024, ACL_REVISION); if (!NT_SUCCESS(Status)) goto done; RtlAddAccessAllowedAce(Dacl, ACL_REVISION, GENERIC_ALL, OwnerSid); /* SID: S-1-5-18 */ RtlAddAccessAllowedAce(Dacl, ACL_REVISION, GENERIC_ALL, LocalSystemSid); DefaultDacl->DefaultDacl = Dacl; done: if (!NT_SUCCESS(Status)) { if (Dacl != NULL) DispatchTable.FreeLsaHeap(Dacl); } if (LocalSystemSid != NULL) RtlFreeSid(LocalSystemSid); return Status; }
/* * @unimplemented */ NTSTATUS NTAPI LsaApInitializePackage(IN ULONG AuthenticationPackageId, IN PLSA_DISPATCH_TABLE LsaDispatchTable, IN PLSA_STRING Database OPTIONAL, IN PLSA_STRING Confidentiality OPTIONAL, OUT PLSA_STRING *AuthenticationPackageName) { PANSI_STRING NameString; PCHAR NameBuffer; TRACE("(%lu %p %p %p %p)\n", AuthenticationPackageId, LsaDispatchTable, Database, Confidentiality, AuthenticationPackageName); /* Get the dispatch table entries */ DispatchTable.CreateLogonSession = LsaDispatchTable->CreateLogonSession; DispatchTable.DeleteLogonSession = LsaDispatchTable->DeleteLogonSession; DispatchTable.AddCredential = LsaDispatchTable->AddCredential; DispatchTable.GetCredentials = LsaDispatchTable->GetCredentials; DispatchTable.DeleteCredential = LsaDispatchTable->DeleteCredential; DispatchTable.AllocateLsaHeap = LsaDispatchTable->AllocateLsaHeap; DispatchTable.FreeLsaHeap = LsaDispatchTable->FreeLsaHeap; DispatchTable.AllocateClientBuffer = LsaDispatchTable->AllocateClientBuffer; DispatchTable.FreeClientBuffer = LsaDispatchTable->FreeClientBuffer; DispatchTable.CopyToClientBuffer = LsaDispatchTable->CopyToClientBuffer; DispatchTable.CopyFromClientBuffer = LsaDispatchTable->CopyFromClientBuffer; /* Return the package name */ NameString = DispatchTable.AllocateLsaHeap(sizeof(LSA_STRING)); if (NameString == NULL) return STATUS_INSUFFICIENT_RESOURCES; NameBuffer = DispatchTable.AllocateLsaHeap(sizeof(MSV1_0_PACKAGE_NAME)); if (NameBuffer == NULL) { DispatchTable.FreeLsaHeap(NameString); return STATUS_INSUFFICIENT_RESOURCES; } strcpy(NameBuffer, MSV1_0_PACKAGE_NAME); RtlInitAnsiString(NameString, NameBuffer); *AuthenticationPackageName = (PLSA_STRING)NameString; return STATUS_SUCCESS; }
static NTSTATUS BuildInteractiveProfileBuffer(IN PLSA_CLIENT_REQUEST ClientRequest, IN PSAMPR_USER_INFO_BUFFER UserInfo, IN PUNICODE_STRING LogonServer, OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer, OUT PULONG ProfileBufferLength) { PMSV1_0_INTERACTIVE_PROFILE LocalBuffer = NULL; PVOID ClientBaseAddress = NULL; LPWSTR Ptr; ULONG BufferLength; NTSTATUS Status = STATUS_SUCCESS; *ProfileBuffer = NULL; *ProfileBufferLength = 0; BufferLength = sizeof(MSV1_0_INTERACTIVE_PROFILE) + UserInfo->All.FullName.Length + sizeof(WCHAR) + UserInfo->All.HomeDirectory.Length + sizeof(WCHAR) + UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR) + UserInfo->All.ScriptPath.Length + sizeof(WCHAR) + UserInfo->All.ProfilePath.Length + sizeof(WCHAR) + LogonServer->Length + sizeof(WCHAR); LocalBuffer = DispatchTable.AllocateLsaHeap(BufferLength); if (LocalBuffer == NULL) { TRACE("Failed to allocate the local buffer!\n"); Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } Status = DispatchTable.AllocateClientBuffer(ClientRequest, BufferLength, &ClientBaseAddress); if (!NT_SUCCESS(Status)) { TRACE("DispatchTable.AllocateClientBuffer failed (Status 0x%08lx)\n", Status); goto done; } TRACE("ClientBaseAddress: %p\n", ClientBaseAddress); Ptr = (LPWSTR)((ULONG_PTR)LocalBuffer + sizeof(MSV1_0_INTERACTIVE_PROFILE)); LocalBuffer->MessageType = MsV1_0InteractiveProfile; LocalBuffer->LogonCount = UserInfo->All.LogonCount; LocalBuffer->BadPasswordCount = UserInfo->All.BadPasswordCount; LocalBuffer->LogonTime.LowPart = UserInfo->All.LastLogon.LowPart; LocalBuffer->LogonTime.HighPart = UserInfo->All.LastLogon.HighPart; // LocalBuffer->LogoffTime.LowPart = // LocalBuffer->LogoffTime.HighPart = // LocalBuffer->KickOffTime.LowPart = // LocalBuffer->KickOffTime.HighPart = LocalBuffer->PasswordLastSet.LowPart = UserInfo->All.PasswordLastSet.LowPart; LocalBuffer->PasswordLastSet.HighPart = UserInfo->All.PasswordLastSet.HighPart; LocalBuffer->PasswordCanChange.LowPart = UserInfo->All.PasswordCanChange.LowPart; LocalBuffer->PasswordCanChange.HighPart = UserInfo->All.PasswordCanChange.HighPart; LocalBuffer->PasswordMustChange.LowPart = UserInfo->All.PasswordMustChange.LowPart; LocalBuffer->PasswordMustChange.HighPart = UserInfo->All.PasswordMustChange.HighPart; LocalBuffer->LogonScript.Length = UserInfo->All.ScriptPath.Length; LocalBuffer->LogonScript.MaximumLength = UserInfo->All.ScriptPath.Length + sizeof(WCHAR); LocalBuffer->LogonScript.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer); memcpy(Ptr, UserInfo->All.ScriptPath.Buffer, UserInfo->All.ScriptPath.Length); Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->LogonScript.MaximumLength); LocalBuffer->HomeDirectory.Length = UserInfo->All.HomeDirectory.Length; LocalBuffer->HomeDirectory.MaximumLength = UserInfo->All.HomeDirectory.Length + sizeof(WCHAR); LocalBuffer->HomeDirectory.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer); memcpy(Ptr, UserInfo->All.HomeDirectory.Buffer, UserInfo->All.HomeDirectory.Length); Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectory.MaximumLength); LocalBuffer->FullName.Length = UserInfo->All.FullName.Length; LocalBuffer->FullName.MaximumLength = UserInfo->All.FullName.Length + sizeof(WCHAR); LocalBuffer->FullName.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer); memcpy(Ptr, UserInfo->All.FullName.Buffer, UserInfo->All.FullName.Length); TRACE("FullName.Buffer: %p\n", LocalBuffer->FullName.Buffer); Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->FullName.MaximumLength); LocalBuffer->ProfilePath.Length = UserInfo->All.ProfilePath.Length; LocalBuffer->ProfilePath.MaximumLength = UserInfo->All.ProfilePath.Length + sizeof(WCHAR); LocalBuffer->ProfilePath.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer); memcpy(Ptr, UserInfo->All.ProfilePath.Buffer, UserInfo->All.ProfilePath.Length); Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->ProfilePath.MaximumLength); LocalBuffer->HomeDirectoryDrive.Length = UserInfo->All.HomeDirectoryDrive.Length; LocalBuffer->HomeDirectoryDrive.MaximumLength = UserInfo->All.HomeDirectoryDrive.Length + sizeof(WCHAR); LocalBuffer->HomeDirectoryDrive.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer); memcpy(Ptr, UserInfo->All.HomeDirectoryDrive.Buffer, UserInfo->All.HomeDirectoryDrive.Length); Ptr = (LPWSTR)((ULONG_PTR)Ptr + LocalBuffer->HomeDirectoryDrive.MaximumLength); LocalBuffer->LogonServer.Length = LogonServer->Length; LocalBuffer->LogonServer.MaximumLength = LogonServer->Length + sizeof(WCHAR); LocalBuffer->LogonServer.Buffer = (LPWSTR)((ULONG_PTR)ClientBaseAddress + (ULONG_PTR)Ptr - (ULONG_PTR)LocalBuffer); memcpy(Ptr, LogonServer->Buffer, LogonServer->Length); LocalBuffer->UserFlags = 0; Status = DispatchTable.CopyToClientBuffer(ClientRequest, BufferLength, ClientBaseAddress, LocalBuffer); if (!NT_SUCCESS(Status)) { TRACE("DispatchTable.CopyToClientBuffer failed (Status 0x%08lx)\n", Status); goto done; } *ProfileBuffer = (PMSV1_0_INTERACTIVE_PROFILE)ClientBaseAddress; *ProfileBufferLength = BufferLength; done: if (LocalBuffer != NULL) DispatchTable.FreeLsaHeap(LocalBuffer); if (!NT_SUCCESS(Status)) { if (ClientBaseAddress != NULL) DispatchTable.FreeClientBuffer(ClientRequest, ClientBaseAddress); } return Status; }
static NTSTATUS BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1 *TokenInformation, PRPC_SID AccountDomainSid, PSAMPR_USER_INFO_BUFFER UserInfo, BOOL SpecialAccount) { PLSA_TOKEN_INFORMATION_V1 Buffer = NULL; ULONG i; NTSTATUS Status = STATUS_SUCCESS; Buffer = DispatchTable.AllocateLsaHeap(sizeof(LSA_TOKEN_INFORMATION_V1)); if (Buffer == NULL) { TRACE("Failed to allocate the local buffer!\n"); Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } /* FIXME: */ Buffer->ExpirationTime.QuadPart = -1; Status = BuildTokenUser(&Buffer->User, (PSID)AccountDomainSid, UserInfo->All.UserId); if (!NT_SUCCESS(Status)) goto done; Status = BuildTokenPrimaryGroup(&Buffer->PrimaryGroup, (PSID)AccountDomainSid, UserInfo->All.PrimaryGroupId); if (!NT_SUCCESS(Status)) goto done; Status = BuildTokenGroups(&Buffer->Groups, (PSID)AccountDomainSid, UserInfo->All.UserId, SpecialAccount); if (!NT_SUCCESS(Status)) goto done; *TokenInformation = Buffer; done: if (!NT_SUCCESS(Status)) { if (Buffer != NULL) { if (Buffer->User.User.Sid != NULL) DispatchTable.FreeLsaHeap(Buffer->User.User.Sid); if (Buffer->Groups != NULL) { for (i = 0; i < Buffer->Groups->GroupCount; i++) { if (Buffer->Groups->Groups[i].Sid != NULL) DispatchTable.FreeLsaHeap(Buffer->Groups->Groups[i].Sid); } DispatchTable.FreeLsaHeap(Buffer->Groups); } if (Buffer->PrimaryGroup.PrimaryGroup != NULL) DispatchTable.FreeLsaHeap(Buffer->PrimaryGroup.PrimaryGroup); if (Buffer->DefaultDacl.DefaultDacl != NULL) DispatchTable.FreeLsaHeap(Buffer->DefaultDacl.DefaultDacl); DispatchTable.FreeLsaHeap(Buffer); } } return Status; }
static NTSTATUS BuildTokenInformationBuffer(PLSA_TOKEN_INFORMATION_V1 *TokenInformation, PRPC_SID AccountDomainSid, ULONG RelativeId, PLUID LogonId) { PLSA_TOKEN_INFORMATION_V1 Buffer = NULL; PSID OwnerSid = NULL; PSID PrimaryGroupSid = NULL; ULONG i; NTSTATUS Status = STATUS_SUCCESS; Buffer = DispatchTable.AllocateLsaHeap(sizeof(LSA_TOKEN_INFORMATION_V1)); if (Buffer == NULL) { TRACE("Failed to allocate the local buffer!\n"); Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } /* FIXME: */ Buffer->ExpirationTime.QuadPart = -1; Status = BuildTokenUser(&Buffer->User, (PSID)AccountDomainSid, RelativeId); if (!NT_SUCCESS(Status)) goto done; Status = BuildTokenGroups((PSID)AccountDomainSid, LogonId, &Buffer->Groups, &PrimaryGroupSid, &OwnerSid); if (!NT_SUCCESS(Status)) goto done; Status = BuildTokenPrimaryGroup(&Buffer->PrimaryGroup, PrimaryGroupSid); if (!NT_SUCCESS(Status)) goto done; Status = BuildTokenPrivileges(&Buffer->Privileges); if (!NT_SUCCESS(Status)) goto done; Status = BuildTokenOwner(&Buffer->Owner, OwnerSid); if (!NT_SUCCESS(Status)) goto done; Status = BuildTokenDefaultDacl(&Buffer->DefaultDacl, OwnerSid); if (!NT_SUCCESS(Status)) goto done; *TokenInformation = Buffer; done: if (!NT_SUCCESS(Status)) { if (Buffer != NULL) { if (Buffer->User.User.Sid != NULL) DispatchTable.FreeLsaHeap(Buffer->User.User.Sid); if (Buffer->Groups != NULL) { for (i = 0; i < Buffer->Groups->GroupCount; i++) { if (Buffer->Groups->Groups[i].Sid != NULL) DispatchTable.FreeLsaHeap(Buffer->Groups->Groups[i].Sid); } DispatchTable.FreeLsaHeap(Buffer->Groups); } if (Buffer->PrimaryGroup.PrimaryGroup != NULL) DispatchTable.FreeLsaHeap(Buffer->PrimaryGroup.PrimaryGroup); if (Buffer->Privileges != NULL) DispatchTable.FreeLsaHeap(Buffer->Privileges); if (Buffer->Owner.Owner != NULL) DispatchTable.FreeLsaHeap(Buffer->Owner.Owner); if (Buffer->DefaultDacl.DefaultDacl != NULL) DispatchTable.FreeLsaHeap(Buffer->DefaultDacl.DefaultDacl); DispatchTable.FreeLsaHeap(Buffer); } } return Status; }