mirror of
https://github.com/reactos/reactos.git
synced 2025-01-04 21:38:43 +00:00
[LSA]
- Implement the LSA object database. - Implement the information classes PolicyPrimaryDomainInformation and PolicyAccountDomainInformation of LsarSetInformationPolicy(). svn path=/trunk/; revision=53783
This commit is contained in:
parent
0194a753c7
commit
2454366c35
9 changed files with 754 additions and 98 deletions
|
@ -12,8 +12,10 @@ spec2def(lsasrv.dll lsasrv.spec)
|
||||||
|
|
||||||
list(APPEND SOURCE
|
list(APPEND SOURCE
|
||||||
authport.c
|
authport.c
|
||||||
|
database.c
|
||||||
lsarpc.c
|
lsarpc.c
|
||||||
lsasrv.c
|
lsasrv.c
|
||||||
|
policy.c
|
||||||
privileges.c
|
privileges.c
|
||||||
sids.c
|
sids.c
|
||||||
lsasrv.rc
|
lsasrv.rc
|
||||||
|
|
476
reactos/dll/win32/lsasrv/database.c
Normal file
476
reactos/dll/win32/lsasrv/database.c
Normal file
|
@ -0,0 +1,476 @@
|
||||||
|
/*
|
||||||
|
* PROJECT: Local Security Authority Server DLL
|
||||||
|
* LICENSE: GPL - See COPYING in the top level directory
|
||||||
|
* FILE: dll/win32/lsasrv/database.c
|
||||||
|
* PURPOSE: LSA object database
|
||||||
|
* COPYRIGHT: Copyright 2011 Eric Kohl
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* INCLUDES ****************************************************************/
|
||||||
|
|
||||||
|
#include "lsasrv.h"
|
||||||
|
|
||||||
|
WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
|
||||||
|
|
||||||
|
|
||||||
|
/* GLOBALS *****************************************************************/
|
||||||
|
|
||||||
|
static HANDLE SecurityKeyHandle = NULL;
|
||||||
|
|
||||||
|
|
||||||
|
/* FUNCTIONS ***************************************************************/
|
||||||
|
|
||||||
|
static NTSTATUS
|
||||||
|
LsapOpenServiceKey(VOID)
|
||||||
|
{
|
||||||
|
OBJECT_ATTRIBUTES ObjectAttributes;
|
||||||
|
UNICODE_STRING KeyName;
|
||||||
|
NTSTATUS Status;
|
||||||
|
|
||||||
|
RtlInitUnicodeString(&KeyName,
|
||||||
|
L"\\Registry\\Machine\\SECURITY");
|
||||||
|
|
||||||
|
InitializeObjectAttributes(&ObjectAttributes,
|
||||||
|
&KeyName,
|
||||||
|
OBJ_CASE_INSENSITIVE,
|
||||||
|
NULL,
|
||||||
|
NULL);
|
||||||
|
|
||||||
|
Status = RtlpNtOpenKey(&SecurityKeyHandle,
|
||||||
|
KEY_READ | KEY_CREATE_SUB_KEY | KEY_ENUMERATE_SUB_KEYS,
|
||||||
|
&ObjectAttributes,
|
||||||
|
0);
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static BOOLEAN
|
||||||
|
LsapIsDatabaseInstalled(VOID)
|
||||||
|
{
|
||||||
|
OBJECT_ATTRIBUTES ObjectAttributes;
|
||||||
|
UNICODE_STRING KeyName;
|
||||||
|
HANDLE KeyHandle;
|
||||||
|
NTSTATUS Status;
|
||||||
|
|
||||||
|
RtlInitUnicodeString(&KeyName,
|
||||||
|
L"Policy");
|
||||||
|
|
||||||
|
InitializeObjectAttributes(&ObjectAttributes,
|
||||||
|
&KeyName,
|
||||||
|
OBJ_CASE_INSENSITIVE,
|
||||||
|
SecurityKeyHandle,
|
||||||
|
NULL);
|
||||||
|
|
||||||
|
Status = RtlpNtOpenKey(&KeyHandle,
|
||||||
|
KEY_READ,
|
||||||
|
&ObjectAttributes,
|
||||||
|
0);
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
NtClose(KeyHandle);
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static NTSTATUS
|
||||||
|
LsapInstallDatabase(VOID)
|
||||||
|
{
|
||||||
|
OBJECT_ATTRIBUTES ObjectAttributes;
|
||||||
|
UNICODE_STRING KeyName;
|
||||||
|
HANDLE PolicyKeyHandle = NULL;
|
||||||
|
HANDLE AccountsKeyHandle = NULL;
|
||||||
|
HANDLE DomainsKeyHandle = NULL;
|
||||||
|
HANDLE SecretsKeyHandle = NULL;
|
||||||
|
NTSTATUS Status = STATUS_SUCCESS;
|
||||||
|
|
||||||
|
TRACE("LsapInstallDatabase()\n");
|
||||||
|
|
||||||
|
/* Create the 'Policy' key */
|
||||||
|
RtlInitUnicodeString(&KeyName,
|
||||||
|
L"Policy");
|
||||||
|
|
||||||
|
InitializeObjectAttributes(&ObjectAttributes,
|
||||||
|
&KeyName,
|
||||||
|
OBJ_CASE_INSENSITIVE,
|
||||||
|
SecurityKeyHandle,
|
||||||
|
NULL);
|
||||||
|
|
||||||
|
Status = NtCreateKey(&PolicyKeyHandle,
|
||||||
|
KEY_ALL_ACCESS,
|
||||||
|
&ObjectAttributes,
|
||||||
|
0,
|
||||||
|
NULL,
|
||||||
|
0,
|
||||||
|
NULL);
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
ERR("Failed to create the 'Policy' key (Status: 0x%08lx)\n", Status);
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Create the 'Accounts' key */
|
||||||
|
RtlInitUnicodeString(&KeyName,
|
||||||
|
L"Accounts");
|
||||||
|
|
||||||
|
InitializeObjectAttributes(&ObjectAttributes,
|
||||||
|
&KeyName,
|
||||||
|
OBJ_CASE_INSENSITIVE,
|
||||||
|
PolicyKeyHandle,
|
||||||
|
NULL);
|
||||||
|
|
||||||
|
Status = NtCreateKey(&AccountsKeyHandle,
|
||||||
|
KEY_ALL_ACCESS,
|
||||||
|
&ObjectAttributes,
|
||||||
|
0,
|
||||||
|
NULL,
|
||||||
|
0,
|
||||||
|
NULL);
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
ERR("Failed to create the 'Accounts' key (Status: 0x%08lx)\n", Status);
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Create the 'Domains' key */
|
||||||
|
RtlInitUnicodeString(&KeyName,
|
||||||
|
L"Domains");
|
||||||
|
|
||||||
|
InitializeObjectAttributes(&ObjectAttributes,
|
||||||
|
&KeyName,
|
||||||
|
OBJ_CASE_INSENSITIVE,
|
||||||
|
PolicyKeyHandle,
|
||||||
|
NULL);
|
||||||
|
|
||||||
|
Status = NtCreateKey(&DomainsKeyHandle,
|
||||||
|
KEY_ALL_ACCESS,
|
||||||
|
&ObjectAttributes,
|
||||||
|
0,
|
||||||
|
NULL,
|
||||||
|
0,
|
||||||
|
NULL);
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
ERR("Failed to create the 'Domains' key (Status: 0x%08lx)\n", Status);
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Create the 'Secrets' key */
|
||||||
|
RtlInitUnicodeString(&KeyName,
|
||||||
|
L"Secrets");
|
||||||
|
|
||||||
|
InitializeObjectAttributes(&ObjectAttributes,
|
||||||
|
&KeyName,
|
||||||
|
OBJ_CASE_INSENSITIVE,
|
||||||
|
PolicyKeyHandle,
|
||||||
|
NULL);
|
||||||
|
|
||||||
|
Status = NtCreateKey(&SecretsKeyHandle,
|
||||||
|
KEY_ALL_ACCESS,
|
||||||
|
&ObjectAttributes,
|
||||||
|
0,
|
||||||
|
NULL,
|
||||||
|
0,
|
||||||
|
NULL);
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
ERR("Failed to create the 'Secrets' key (Status: 0x%08lx)\n", Status);
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Done:
|
||||||
|
if (SecretsKeyHandle != NULL)
|
||||||
|
NtClose(SecretsKeyHandle);
|
||||||
|
|
||||||
|
if (DomainsKeyHandle != NULL)
|
||||||
|
NtClose(DomainsKeyHandle);
|
||||||
|
|
||||||
|
if (AccountsKeyHandle != NULL)
|
||||||
|
NtClose(AccountsKeyHandle);
|
||||||
|
|
||||||
|
if (PolicyKeyHandle != NULL)
|
||||||
|
NtClose(PolicyKeyHandle);
|
||||||
|
|
||||||
|
TRACE("LsapInstallDatabase() done (Status: 0x%08lx)\n", Status);
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsapInitDatabase(VOID)
|
||||||
|
{
|
||||||
|
NTSTATUS Status;
|
||||||
|
|
||||||
|
TRACE("LsapInitDatabase()\n");
|
||||||
|
|
||||||
|
Status = LsapOpenServiceKey();
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!LsapIsDatabaseInstalled())
|
||||||
|
{
|
||||||
|
Status = LsapInstallDatabase();
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
ERR("Failed to install the LSA database (Status: 0x%08lx)\n", Status);
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
TRACE("LsapInitDatabase() done\n");
|
||||||
|
|
||||||
|
return STATUS_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
LSAPR_HANDLE
|
||||||
|
LsapCreateDbObject(LSAPR_HANDLE ParentHandle,
|
||||||
|
LPWSTR ObjectName,
|
||||||
|
BOOLEAN Open,
|
||||||
|
LSA_DB_OBJECT_TYPE ObjectType,
|
||||||
|
ACCESS_MASK DesiredAccess)
|
||||||
|
{
|
||||||
|
PLSA_DB_OBJECT ParentObject = (PLSA_DB_OBJECT)ParentHandle;
|
||||||
|
PLSA_DB_OBJECT DbObject;
|
||||||
|
OBJECT_ATTRIBUTES ObjectAttributes;
|
||||||
|
UNICODE_STRING KeyName;
|
||||||
|
HANDLE ParentKeyHandle;
|
||||||
|
HANDLE ObjectKeyHandle;
|
||||||
|
NTSTATUS Status;
|
||||||
|
|
||||||
|
if (ParentHandle != NULL)
|
||||||
|
ParentKeyHandle = ParentObject->KeyHandle;
|
||||||
|
else
|
||||||
|
ParentKeyHandle = SecurityKeyHandle;
|
||||||
|
|
||||||
|
RtlInitUnicodeString(&KeyName,
|
||||||
|
ObjectName);
|
||||||
|
|
||||||
|
InitializeObjectAttributes(&ObjectAttributes,
|
||||||
|
&KeyName,
|
||||||
|
OBJ_CASE_INSENSITIVE,
|
||||||
|
ParentKeyHandle,
|
||||||
|
NULL);
|
||||||
|
|
||||||
|
if (Open == TRUE)
|
||||||
|
{
|
||||||
|
Status = NtOpenKey(&ObjectKeyHandle,
|
||||||
|
KEY_ALL_ACCESS,
|
||||||
|
&ObjectAttributes);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
Status = NtCreateKey(&ObjectKeyHandle,
|
||||||
|
KEY_ALL_ACCESS,
|
||||||
|
&ObjectAttributes,
|
||||||
|
0,
|
||||||
|
NULL,
|
||||||
|
0,
|
||||||
|
NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
DbObject = (PLSA_DB_OBJECT)RtlAllocateHeap(RtlGetProcessHeap(),
|
||||||
|
0,
|
||||||
|
sizeof(LSA_DB_OBJECT));
|
||||||
|
if (DbObject == NULL)
|
||||||
|
{
|
||||||
|
NtClose(ObjectKeyHandle);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
DbObject->Signature = LSAP_DB_SIGNATURE;
|
||||||
|
DbObject->RefCount = 0;
|
||||||
|
DbObject->ObjectType = ObjectType;
|
||||||
|
DbObject->Access = DesiredAccess;
|
||||||
|
DbObject->KeyHandle = ObjectKeyHandle;
|
||||||
|
DbObject->ParentObject = ParentObject;
|
||||||
|
|
||||||
|
if (ParentObject != NULL)
|
||||||
|
ParentObject->RefCount++;
|
||||||
|
|
||||||
|
return (LSAPR_HANDLE)DbObject;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsapValidateDbObject(LSAPR_HANDLE Handle,
|
||||||
|
LSA_DB_OBJECT_TYPE ObjectType,
|
||||||
|
ACCESS_MASK GrantedAccess)
|
||||||
|
{
|
||||||
|
PLSA_DB_OBJECT DbObject = (PLSA_DB_OBJECT)Handle;
|
||||||
|
BOOLEAN bValid = FALSE;
|
||||||
|
|
||||||
|
_SEH2_TRY
|
||||||
|
{
|
||||||
|
if (DbObject->Signature == LSAP_DB_SIGNATURE)
|
||||||
|
{
|
||||||
|
if ((ObjectType == LsaDbIgnoreObject) ||
|
||||||
|
(DbObject->ObjectType == ObjectType))
|
||||||
|
bValid = TRUE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
|
||||||
|
{
|
||||||
|
bValid = FALSE;
|
||||||
|
}
|
||||||
|
_SEH2_END;
|
||||||
|
|
||||||
|
if (bValid == FALSE)
|
||||||
|
return STATUS_INVALID_HANDLE;
|
||||||
|
|
||||||
|
if (GrantedAccess != 0)
|
||||||
|
{
|
||||||
|
/* FIXME: Check for granted access rights */
|
||||||
|
}
|
||||||
|
|
||||||
|
return STATUS_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsapCloseDbObject(LSAPR_HANDLE Handle)
|
||||||
|
{
|
||||||
|
PLSA_DB_OBJECT DbObject = (PLSA_DB_OBJECT)Handle;
|
||||||
|
|
||||||
|
if (DbObject->RefCount != 0)
|
||||||
|
return STATUS_UNSUCCESSFUL;
|
||||||
|
|
||||||
|
if (DbObject->ParentObject != NULL)
|
||||||
|
DbObject->ParentObject->RefCount--;
|
||||||
|
|
||||||
|
if (DbObject->KeyHandle != NULL)
|
||||||
|
NtClose(DbObject->KeyHandle);
|
||||||
|
|
||||||
|
RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
|
||||||
|
|
||||||
|
return STATUS_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject,
|
||||||
|
LPWSTR AttributeName,
|
||||||
|
LPVOID AttributeData,
|
||||||
|
ULONG AttributeSize)
|
||||||
|
{
|
||||||
|
OBJECT_ATTRIBUTES ObjectAttributes;
|
||||||
|
UNICODE_STRING KeyName;
|
||||||
|
HANDLE AttributeKey;
|
||||||
|
NTSTATUS Status;
|
||||||
|
|
||||||
|
RtlInitUnicodeString(&KeyName,
|
||||||
|
AttributeName);
|
||||||
|
|
||||||
|
InitializeObjectAttributes(&ObjectAttributes,
|
||||||
|
&KeyName,
|
||||||
|
OBJ_CASE_INSENSITIVE,
|
||||||
|
DbObject->KeyHandle,
|
||||||
|
NULL);
|
||||||
|
|
||||||
|
Status = NtCreateKey(&AttributeKey,
|
||||||
|
KEY_SET_VALUE,
|
||||||
|
&ObjectAttributes,
|
||||||
|
0,
|
||||||
|
NULL,
|
||||||
|
REG_OPTION_NON_VOLATILE,
|
||||||
|
NULL);
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
Status = RtlpNtSetValueKey(AttributeKey,
|
||||||
|
REG_NONE,
|
||||||
|
AttributeData,
|
||||||
|
AttributeSize);
|
||||||
|
|
||||||
|
NtClose(AttributeKey);
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject,
|
||||||
|
LPWSTR AttributeName,
|
||||||
|
LPVOID AttributeData,
|
||||||
|
PULONG AttributeSize)
|
||||||
|
{
|
||||||
|
OBJECT_ATTRIBUTES ObjectAttributes;
|
||||||
|
UNICODE_STRING KeyName;
|
||||||
|
HANDLE AttributeKey;
|
||||||
|
ULONG ValueSize;
|
||||||
|
NTSTATUS Status;
|
||||||
|
|
||||||
|
RtlInitUnicodeString(&KeyName,
|
||||||
|
AttributeName);
|
||||||
|
|
||||||
|
InitializeObjectAttributes(&ObjectAttributes,
|
||||||
|
&KeyName,
|
||||||
|
OBJ_CASE_INSENSITIVE,
|
||||||
|
DbObject->KeyHandle,
|
||||||
|
NULL);
|
||||||
|
|
||||||
|
Status = NtOpenKey(&AttributeKey,
|
||||||
|
KEY_QUERY_VALUE,
|
||||||
|
&ObjectAttributes);
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
ValueSize = *AttributeSize;
|
||||||
|
Status = RtlpNtQueryValueKey(AttributeKey,
|
||||||
|
NULL,
|
||||||
|
NULL,
|
||||||
|
&ValueSize,
|
||||||
|
0);
|
||||||
|
if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW)
|
||||||
|
{
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (AttributeData == NULL || *AttributeSize == 0)
|
||||||
|
{
|
||||||
|
*AttributeSize = ValueSize;
|
||||||
|
Status == STATUS_SUCCESS;
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
else if (*AttributeSize < ValueSize)
|
||||||
|
{
|
||||||
|
*AttributeSize = ValueSize;
|
||||||
|
Status == STATUS_BUFFER_OVERFLOW;
|
||||||
|
goto Done;
|
||||||
|
}
|
||||||
|
|
||||||
|
Status = RtlpNtQueryValueKey(AttributeKey,
|
||||||
|
NULL,
|
||||||
|
AttributeData,
|
||||||
|
&ValueSize,
|
||||||
|
0);
|
||||||
|
if (NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
*AttributeSize = ValueSize;
|
||||||
|
}
|
||||||
|
|
||||||
|
Done:
|
||||||
|
NtClose(AttributeKey);
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* EOF */
|
||||||
|
|
|
@ -11,22 +11,6 @@
|
||||||
|
|
||||||
#include "lsasrv.h"
|
#include "lsasrv.h"
|
||||||
|
|
||||||
typedef enum _LSA_DB_HANDLE_TYPE
|
|
||||||
{
|
|
||||||
LsaDbIgnoreHandle,
|
|
||||||
LsaDbPolicyHandle,
|
|
||||||
LsaDbAccountHandle
|
|
||||||
} LSA_DB_HANDLE_TYPE, *PLSA_DB_HANDLE_TYPE;
|
|
||||||
|
|
||||||
typedef struct _LSA_DB_HANDLE
|
|
||||||
{
|
|
||||||
ULONG Signature;
|
|
||||||
LSA_DB_HANDLE_TYPE HandleType;
|
|
||||||
LONG RefCount;
|
|
||||||
ACCESS_MASK Access;
|
|
||||||
} LSA_DB_HANDLE, *PLSA_DB_HANDLE;
|
|
||||||
|
|
||||||
#define LSAP_DB_SIGNATURE 0x12345678
|
|
||||||
|
|
||||||
static RTL_CRITICAL_SECTION PolicyHandleTableLock;
|
static RTL_CRITICAL_SECTION PolicyHandleTableLock;
|
||||||
|
|
||||||
|
@ -35,68 +19,6 @@ WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
|
||||||
|
|
||||||
/* FUNCTIONS ***************************************************************/
|
/* FUNCTIONS ***************************************************************/
|
||||||
|
|
||||||
static LSAPR_HANDLE
|
|
||||||
LsapCreateDbHandle(LSA_DB_HANDLE_TYPE HandleType,
|
|
||||||
ACCESS_MASK DesiredAccess)
|
|
||||||
{
|
|
||||||
PLSA_DB_HANDLE DbHandle;
|
|
||||||
|
|
||||||
// RtlEnterCriticalSection(&PolicyHandleTableLock);
|
|
||||||
|
|
||||||
DbHandle = (PLSA_DB_HANDLE)RtlAllocateHeap(RtlGetProcessHeap(),
|
|
||||||
0,
|
|
||||||
sizeof(LSA_DB_HANDLE));
|
|
||||||
if (DbHandle != NULL)
|
|
||||||
{
|
|
||||||
DbHandle->Signature = LSAP_DB_SIGNATURE;
|
|
||||||
DbHandle->RefCount = 1;
|
|
||||||
DbHandle->HandleType = HandleType;
|
|
||||||
DbHandle->Access = DesiredAccess;
|
|
||||||
}
|
|
||||||
|
|
||||||
// RtlLeaveCriticalSection(&PolicyHandleTableLock);
|
|
||||||
|
|
||||||
return (LSAPR_HANDLE)DbHandle;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static NTSTATUS
|
|
||||||
LsapValidateDbHandle(LSAPR_HANDLE Handle,
|
|
||||||
LSA_DB_HANDLE_TYPE HandleType,
|
|
||||||
ACCESS_MASK GrantedAccess)
|
|
||||||
{
|
|
||||||
PLSA_DB_HANDLE DbHandle = (PLSA_DB_HANDLE)Handle;
|
|
||||||
BOOL bValid = FALSE;
|
|
||||||
|
|
||||||
_SEH2_TRY
|
|
||||||
{
|
|
||||||
if (DbHandle->Signature == LSAP_DB_SIGNATURE)
|
|
||||||
{
|
|
||||||
if (HandleType == LsaDbIgnoreHandle)
|
|
||||||
bValid = TRUE;
|
|
||||||
else if (DbHandle->HandleType == HandleType)
|
|
||||||
bValid = TRUE;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
|
|
||||||
{
|
|
||||||
bValid = FALSE;
|
|
||||||
}
|
|
||||||
_SEH2_END;
|
|
||||||
|
|
||||||
if (bValid == FALSE)
|
|
||||||
return STATUS_INVALID_HANDLE;
|
|
||||||
|
|
||||||
if (GrantedAccess != 0)
|
|
||||||
{
|
|
||||||
/* FIXME: Check for granted access rights */
|
|
||||||
}
|
|
||||||
|
|
||||||
return STATUS_SUCCESS;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
VOID
|
VOID
|
||||||
LsarStartRpcServer(VOID)
|
LsarStartRpcServer(VOID)
|
||||||
|
@ -153,13 +75,12 @@ NTSTATUS WINAPI LsarClose(
|
||||||
|
|
||||||
// RtlEnterCriticalSection(&PolicyHandleTableLock);
|
// RtlEnterCriticalSection(&PolicyHandleTableLock);
|
||||||
|
|
||||||
Status = LsapValidateDbHandle(*ObjectHandle,
|
Status = LsapValidateDbObject(*ObjectHandle,
|
||||||
LsaDbIgnoreHandle,
|
LsaDbIgnoreObject,
|
||||||
0);
|
0);
|
||||||
|
|
||||||
if (Status == STATUS_SUCCESS)
|
if (Status == STATUS_SUCCESS)
|
||||||
{
|
{
|
||||||
RtlFreeHeap(RtlGetProcessHeap(), 0, *ObjectHandle);
|
Status = LsapCloseDbObject(*ObjectHandle);
|
||||||
*ObjectHandle = NULL;
|
*ObjectHandle = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -239,7 +160,10 @@ NTSTATUS WINAPI LsarOpenPolicy(
|
||||||
|
|
||||||
RtlEnterCriticalSection(&PolicyHandleTableLock);
|
RtlEnterCriticalSection(&PolicyHandleTableLock);
|
||||||
|
|
||||||
*PolicyHandle = LsapCreateDbHandle(LsaDbPolicyHandle,
|
*PolicyHandle = LsapCreateDbObject(NULL,
|
||||||
|
L"Policy",
|
||||||
|
TRUE,
|
||||||
|
LsaDbPolicyObject,
|
||||||
DesiredAccess);
|
DesiredAccess);
|
||||||
if (*PolicyHandle == NULL)
|
if (*PolicyHandle == NULL)
|
||||||
Status = STATUS_INSUFFICIENT_RESOURCES;
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
||||||
|
@ -268,8 +192,8 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
|
||||||
TRACE("*PolicyInformation %p\n", *PolicyInformation);
|
TRACE("*PolicyInformation %p\n", *PolicyInformation);
|
||||||
}
|
}
|
||||||
|
|
||||||
Status = LsapValidateDbHandle(PolicyHandle,
|
Status = LsapValidateDbObject(PolicyHandle,
|
||||||
LsaDbPolicyHandle,
|
LsaDbPolicyObject,
|
||||||
0); /* FIXME */
|
0); /* FIXME */
|
||||||
if (!NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
return Status;
|
return Status;
|
||||||
|
@ -409,8 +333,53 @@ NTSTATUS WINAPI LsarSetInformationPolicy(
|
||||||
POLICY_INFORMATION_CLASS InformationClass,
|
POLICY_INFORMATION_CLASS InformationClass,
|
||||||
PLSAPR_POLICY_INFORMATION PolicyInformation)
|
PLSAPR_POLICY_INFORMATION PolicyInformation)
|
||||||
{
|
{
|
||||||
UNIMPLEMENTED;
|
NTSTATUS Status;
|
||||||
return STATUS_NOT_IMPLEMENTED;
|
|
||||||
|
TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
|
||||||
|
PolicyHandle, InformationClass, PolicyInformation);
|
||||||
|
|
||||||
|
if (PolicyInformation)
|
||||||
|
{
|
||||||
|
TRACE("*PolicyInformation %p\n", *PolicyInformation);
|
||||||
|
}
|
||||||
|
|
||||||
|
Status = LsapValidateDbObject(PolicyHandle,
|
||||||
|
LsaDbPolicyObject,
|
||||||
|
0); /* FIXME */
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
return Status;
|
||||||
|
|
||||||
|
switch (InformationClass)
|
||||||
|
{
|
||||||
|
case PolicyAuditEventsInformation:
|
||||||
|
Status = STATUS_NOT_IMPLEMENTED;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case PolicyPrimaryDomainInformation:
|
||||||
|
Status = LsarSetPrimaryDomain(PolicyHandle,
|
||||||
|
(PLSAPR_POLICY_PRIMARY_DOM_INFO)PolicyInformation);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case PolicyAccountDomainInformation:
|
||||||
|
Status = LsarSetAccountDomain(PolicyHandle,
|
||||||
|
(PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case PolicyDnsDomainInformation:
|
||||||
|
Status = LsarSetDnsDomain(PolicyHandle,
|
||||||
|
(PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case PolicyLsaServerRoleInformation:
|
||||||
|
Status = STATUS_NOT_IMPLEMENTED;
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
Status = STATUS_INVALID_PARAMETER;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -838,8 +807,8 @@ NTSTATUS WINAPI LsarLookupPrivilegeValue(
|
||||||
TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
|
TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
|
||||||
PolicyHandle, Name, Value);
|
PolicyHandle, Name, Value);
|
||||||
|
|
||||||
Status = LsapValidateDbHandle(PolicyHandle,
|
Status = LsapValidateDbObject(PolicyHandle,
|
||||||
LsaDbPolicyHandle,
|
LsaDbPolicyObject,
|
||||||
0); /* FIXME */
|
0); /* FIXME */
|
||||||
if (!NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
{
|
{
|
||||||
|
@ -867,8 +836,8 @@ NTSTATUS WINAPI LsarLookupPrivilegeName(
|
||||||
TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
|
TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
|
||||||
PolicyHandle, Value, Name);
|
PolicyHandle, Value, Name);
|
||||||
|
|
||||||
Status = LsapValidateDbHandle(PolicyHandle,
|
Status = LsapValidateDbObject(PolicyHandle,
|
||||||
LsaDbPolicyHandle,
|
LsaDbPolicyObject,
|
||||||
0); /* FIXME */
|
0); /* FIXME */
|
||||||
if (!NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
{
|
{
|
||||||
|
@ -926,8 +895,8 @@ NTSTATUS WINAPI LsarEnmuerateAccountRights(
|
||||||
|
|
||||||
FIXME("(%p,%p,%p) stub\n", PolicyHandle, AccountSid, UserRights);
|
FIXME("(%p,%p,%p) stub\n", PolicyHandle, AccountSid, UserRights);
|
||||||
|
|
||||||
Status = LsapValidateDbHandle(PolicyHandle,
|
Status = LsapValidateDbObject(PolicyHandle,
|
||||||
LsaDbPolicyHandle,
|
LsaDbPolicyObject,
|
||||||
0); /* FIXME */
|
0); /* FIXME */
|
||||||
if (!NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
return Status;
|
return Status;
|
||||||
|
|
|
@ -26,6 +26,9 @@ LsapInitLsa(VOID)
|
||||||
/* Initialize the well known SIDs */
|
/* Initialize the well known SIDs */
|
||||||
LsapInitSids();
|
LsapInitSids();
|
||||||
|
|
||||||
|
/* Initialize the LSA database */
|
||||||
|
LsapInitDatabase();
|
||||||
|
|
||||||
/* Start the RPC server */
|
/* Start the RPC server */
|
||||||
LsarStartRpcServer();
|
LsarStartRpcServer();
|
||||||
|
|
||||||
|
|
|
@ -9,13 +9,17 @@
|
||||||
|
|
||||||
#define WIN32_NO_STATUS
|
#define WIN32_NO_STATUS
|
||||||
#include <windows.h>
|
#include <windows.h>
|
||||||
#include <ntsecapi.h>
|
|
||||||
#define NTOS_MODE_USER
|
#define NTOS_MODE_USER
|
||||||
|
#include <ndk/cmfuncs.h>
|
||||||
#include <ndk/lpctypes.h>
|
#include <ndk/lpctypes.h>
|
||||||
#include <ndk/lpcfuncs.h>
|
#include <ndk/lpcfuncs.h>
|
||||||
|
#include <ndk/obfuncs.h>
|
||||||
#include <ndk/rtlfuncs.h>
|
#include <ndk/rtlfuncs.h>
|
||||||
#include <ndk/setypes.h>
|
#include <ndk/setypes.h>
|
||||||
|
|
||||||
|
|
||||||
|
#include <ntsecapi.h>
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
#include "lsass.h"
|
#include "lsass.h"
|
||||||
|
@ -24,11 +28,80 @@
|
||||||
#include <wine/debug.h>
|
#include <wine/debug.h>
|
||||||
|
|
||||||
|
|
||||||
|
typedef enum _LSA_DB_OBJECT_TYPE
|
||||||
|
{
|
||||||
|
LsaDbIgnoreObject,
|
||||||
|
LsaDbContainerObject,
|
||||||
|
LsaDbPolicyObject,
|
||||||
|
LsaDbAccountObject,
|
||||||
|
LsaDbDomainObject,
|
||||||
|
LsaDbSecretObject
|
||||||
|
} LSA_DB_OBJECT_TYPE, *PLSA_DB_OBJECT_TYPE;
|
||||||
|
|
||||||
|
typedef struct _LSA_DB_OBJECT
|
||||||
|
{
|
||||||
|
ULONG Signature;
|
||||||
|
LSA_DB_OBJECT_TYPE ObjectType;
|
||||||
|
ULONG RefCount;
|
||||||
|
ACCESS_MASK Access;
|
||||||
|
HANDLE KeyHandle;
|
||||||
|
struct _LSA_DB_OBJECT *ParentObject;
|
||||||
|
} LSA_DB_OBJECT, *PLSA_DB_OBJECT;
|
||||||
|
|
||||||
|
#define LSAP_DB_SIGNATURE 0x12345678
|
||||||
|
|
||||||
|
|
||||||
/* authport.c */
|
/* authport.c */
|
||||||
NTSTATUS StartAuthenticationPort(VOID);
|
NTSTATUS
|
||||||
|
StartAuthenticationPort(VOID);
|
||||||
|
|
||||||
|
/* database.c */
|
||||||
|
NTSTATUS
|
||||||
|
LsapInitDatabase(VOID);
|
||||||
|
|
||||||
|
LSAPR_HANDLE
|
||||||
|
LsapCreateDbObject(LSAPR_HANDLE ParentHandle,
|
||||||
|
LPWSTR ObjectName,
|
||||||
|
BOOLEAN Open,
|
||||||
|
LSA_DB_OBJECT_TYPE HandleType,
|
||||||
|
ACCESS_MASK DesiredAccess);
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsapValidateDbObject(LSAPR_HANDLE Handle,
|
||||||
|
LSA_DB_OBJECT_TYPE HandleType,
|
||||||
|
ACCESS_MASK GrantedAccess);
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsapCloseDbObject(LSAPR_HANDLE Handle);
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject,
|
||||||
|
LPWSTR AttributeName,
|
||||||
|
LPVOID AttributeData,
|
||||||
|
PULONG AttributeSize);
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject,
|
||||||
|
LPWSTR AttributeName,
|
||||||
|
LPVOID AttributeData,
|
||||||
|
ULONG AttributeSize);
|
||||||
|
|
||||||
/* lsarpc.c */
|
/* lsarpc.c */
|
||||||
VOID LsarStartRpcServer(VOID);
|
VOID
|
||||||
|
LsarStartRpcServer(VOID);
|
||||||
|
|
||||||
|
/* policy.c */
|
||||||
|
NTSTATUS
|
||||||
|
LsarSetPrimaryDomain(LSAPR_HANDLE PolicyObject,
|
||||||
|
PLSAPR_POLICY_PRIMARY_DOM_INFO Info);
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsarSetAccountDomain(LSAPR_HANDLE PolicyObject,
|
||||||
|
PLSAPR_POLICY_ACCOUNT_DOM_INFO Info);
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsarSetDnsDomain(LSAPR_HANDLE PolicyObject,
|
||||||
|
PLSAPR_POLICY_DNS_DOMAIN_INFO Info);
|
||||||
|
|
||||||
/* privileges.c */
|
/* privileges.c */
|
||||||
NTSTATUS
|
NTSTATUS
|
||||||
|
|
|
@ -9,8 +9,10 @@
|
||||||
<library>ntdll</library>
|
<library>ntdll</library>
|
||||||
<library>pseh</library>
|
<library>pseh</library>
|
||||||
<file>authport.c</file>
|
<file>authport.c</file>
|
||||||
|
<file>database.c</file>
|
||||||
<file>lsarpc.c</file>
|
<file>lsarpc.c</file>
|
||||||
<file>lsasrv.c</file>
|
<file>lsasrv.c</file>
|
||||||
|
<file>policy.c</file>
|
||||||
<file>privileges.c</file>
|
<file>privileges.c</file>
|
||||||
<file>sids.c</file>
|
<file>sids.c</file>
|
||||||
<file>lsasrv.rc</file>
|
<file>lsasrv.rc</file>
|
||||||
|
|
|
@ -35,11 +35,13 @@
|
||||||
@ stdcall LsarCreateAccount(ptr ptr long ptr)
|
@ stdcall LsarCreateAccount(ptr ptr long ptr)
|
||||||
@ stdcall LsarCreateSecret(ptr ptr long ptr)
|
@ stdcall LsarCreateSecret(ptr ptr long ptr)
|
||||||
@ stdcall LsarCreateTrustedDomain(ptr ptr long ptr)
|
@ stdcall LsarCreateTrustedDomain(ptr ptr long ptr)
|
||||||
|
@ stub LsarCreateTrustedDomainEx
|
||||||
@ stdcall LsarDelete(ptr)
|
@ stdcall LsarDelete(ptr)
|
||||||
@ stdcall LsarEnumerateAccounts(ptr ptr ptr long)
|
@ stdcall LsarEnumerateAccounts(ptr ptr ptr long)
|
||||||
@ stdcall LsarEnumeratePrivileges(ptr ptr ptr long)
|
@ stdcall LsarEnumeratePrivileges(ptr ptr ptr long)
|
||||||
@ stdcall LsarEnumeratePrivilegesAccount(ptr ptr)
|
@ stdcall LsarEnumeratePrivilegesAccount(ptr ptr)
|
||||||
@ stdcall LsarEnumerateTrustedDomains(ptr ptr ptr long)
|
@ stdcall LsarEnumerateTrustedDomains(ptr ptr ptr long)
|
||||||
|
@ stub LsarEnumerateTrustedDomainsEx
|
||||||
@ stdcall LsarGetQuotasForAccount(ptr ptr)
|
@ stdcall LsarGetQuotasForAccount(ptr ptr)
|
||||||
@ stdcall LsarGetSystemAccessAccount(ptr ptr)
|
@ stdcall LsarGetSystemAccessAccount(ptr ptr)
|
||||||
@ stdcall LsarLookupNames(ptr long ptr ptr ptr long ptr)
|
@ stdcall LsarLookupNames(ptr long ptr ptr ptr long ptr)
|
||||||
|
@ -47,19 +49,29 @@
|
||||||
@ stdcall LsarLookupPrivilegeName(ptr ptr ptr)
|
@ stdcall LsarLookupPrivilegeName(ptr ptr ptr)
|
||||||
@ stdcall LsarLookupPrivilegeValue(ptr ptr ptr)
|
@ stdcall LsarLookupPrivilegeValue(ptr ptr ptr)
|
||||||
@ stdcall LsarLookupSids(ptr ptr ptr ptr long ptr)
|
@ stdcall LsarLookupSids(ptr ptr ptr ptr long ptr)
|
||||||
|
@ stub LsarLookupSids2
|
||||||
@ stdcall LsarOpenAccount(ptr ptr long ptr)
|
@ stdcall LsarOpenAccount(ptr ptr long ptr)
|
||||||
@ stdcall LsarOpenPolicy(ptr ptr long ptr)
|
@ stdcall LsarOpenPolicy(ptr ptr long ptr)
|
||||||
|
@ stub LsarOpenPolicySce
|
||||||
@ stdcall LsarOpenSecret(ptr ptr long ptr)
|
@ stdcall LsarOpenSecret(ptr ptr long ptr)
|
||||||
@ stdcall LsarOpenTrustedDomain(ptr ptr long ptr)
|
@ stdcall LsarOpenTrustedDomain(ptr ptr long ptr)
|
||||||
|
@ stub LsarOpenTrustedDomainByName
|
||||||
|
@ stub LsarQueryDomainInformationPolicy
|
||||||
|
@ stub LsarQueryForestTrustInformation
|
||||||
@ stdcall LsarQueryInfoTrustedDomain(ptr long ptr)
|
@ stdcall LsarQueryInfoTrustedDomain(ptr long ptr)
|
||||||
@ stdcall LsarQueryInformationPolicy(ptr long ptr)
|
@ stdcall LsarQueryInformationPolicy(ptr long ptr)
|
||||||
@ stdcall LsarQuerySecret(ptr ptr ptr ptr ptr)
|
@ stdcall LsarQuerySecret(ptr ptr ptr ptr ptr)
|
||||||
@ stdcall LsarQuerySecurityObject(ptr long ptr)
|
@ stdcall LsarQuerySecurityObject(ptr long ptr)
|
||||||
|
@ stub LsarQueryTrustedDomainInfo
|
||||||
|
@ stub LsarQueryTrustedDomainInfoByName
|
||||||
@ stdcall LsarRemovePrivilegesFromAccount(ptr long ptr)
|
@ stdcall LsarRemovePrivilegesFromAccount(ptr long ptr)
|
||||||
|
@ stub LsarSetDomainInformationPolicy
|
||||||
|
@ stub LsarSetForestTrustInformation
|
||||||
@ stdcall LsarSetInformationPolicy(ptr long ptr)
|
@ stdcall LsarSetInformationPolicy(ptr long ptr)
|
||||||
@ stdcall LsarSetInformationTrustedDomain(ptr long ptr)
|
@ stdcall LsarSetInformationTrustedDomain(ptr long ptr)
|
||||||
@ stdcall LsarSetQuotasForAccount(ptr ptr)
|
@ stdcall LsarSetQuotasForAccount(ptr ptr)
|
||||||
@ stdcall LsarSetSecret(ptr ptr ptr)
|
@ stdcall LsarSetSecret(ptr ptr ptr)
|
||||||
@ stdcall LsarSetSecurityObject(ptr long ptr)
|
@ stdcall LsarSetSecurityObject(ptr long ptr)
|
||||||
@ stdcall LsarSetSystemAccessAccount(ptr long)
|
@ stdcall LsarSetSystemAccessAccount(ptr long)
|
||||||
|
@ stub LsarSetTrustedDomainInfoByName
|
||||||
@ stdcall ServiceInit()
|
@ stdcall ServiceInit()
|
||||||
|
|
118
reactos/dll/win32/lsasrv/policy.c
Normal file
118
reactos/dll/win32/lsasrv/policy.c
Normal file
|
@ -0,0 +1,118 @@
|
||||||
|
/*
|
||||||
|
* PROJECT: Local Security Authority Server DLL
|
||||||
|
* LICENSE: GPL - See COPYING in the top level directory
|
||||||
|
* FILE: dll/win32/lsasrv/policy.c
|
||||||
|
* PURPOSE: Policy object routines
|
||||||
|
* COPYRIGHT: Copyright 2011 Eric Kohl
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* INCLUDES ****************************************************************/
|
||||||
|
|
||||||
|
#include "lsasrv.h"
|
||||||
|
|
||||||
|
WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
|
||||||
|
|
||||||
|
|
||||||
|
/* FUNCTIONS ***************************************************************/
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle,
|
||||||
|
PLSAPR_POLICY_PRIMARY_DOM_INFO Info)
|
||||||
|
{
|
||||||
|
PUNICODE_STRING Buffer;
|
||||||
|
ULONG Length = 0;
|
||||||
|
NTSTATUS Status;
|
||||||
|
LPWSTR Ptr;
|
||||||
|
|
||||||
|
TRACE("LsarSetPrimaryDomain(%p, %p)\n", PolicyHandle, Info);
|
||||||
|
|
||||||
|
Length = sizeof(UNICODE_STRING) + Info->Name.MaximumLength;
|
||||||
|
Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
|
||||||
|
0,
|
||||||
|
Length);
|
||||||
|
if (Buffer == NULL)
|
||||||
|
return STATUS_INSUFFICIENT_RESOURCES;
|
||||||
|
|
||||||
|
Buffer->Length = Info->Name.Length;
|
||||||
|
Buffer->MaximumLength = Info->Name.MaximumLength;
|
||||||
|
Buffer->Buffer = (LPWSTR)sizeof(UNICODE_STRING);
|
||||||
|
Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING));
|
||||||
|
memcpy(Ptr, Info->Name.Buffer, Info->Name.MaximumLength);
|
||||||
|
|
||||||
|
Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
|
||||||
|
L"PolPrDmN",
|
||||||
|
Buffer, Length);
|
||||||
|
|
||||||
|
RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
|
||||||
|
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
return Status;
|
||||||
|
|
||||||
|
Length = 0;
|
||||||
|
if (Info->Sid != NULL)
|
||||||
|
Length = RtlLengthSid(Info->Sid);
|
||||||
|
|
||||||
|
Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
|
||||||
|
L"PolPrDmS",
|
||||||
|
(LPBYTE)Info->Sid,
|
||||||
|
Length);
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle,
|
||||||
|
PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
|
||||||
|
{
|
||||||
|
PUNICODE_STRING Buffer;
|
||||||
|
ULONG Length = 0;
|
||||||
|
NTSTATUS Status;
|
||||||
|
LPWSTR Ptr;
|
||||||
|
|
||||||
|
TRACE("LsarSetAccountDomain(%p, %p)\n", PolicyHandle, Info);
|
||||||
|
|
||||||
|
Length = sizeof(UNICODE_STRING) + Info->DomainName.MaximumLength;
|
||||||
|
Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
|
||||||
|
0,
|
||||||
|
Length);
|
||||||
|
if (Buffer == NULL)
|
||||||
|
return STATUS_INSUFFICIENT_RESOURCES;
|
||||||
|
|
||||||
|
Buffer->Length = Info->DomainName.Length;
|
||||||
|
Buffer->MaximumLength = Info->DomainName.MaximumLength;
|
||||||
|
Buffer->Buffer = (LPWSTR)sizeof(UNICODE_STRING);
|
||||||
|
Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING));
|
||||||
|
memcpy(Ptr, Info->DomainName.Buffer, Info->DomainName.MaximumLength);
|
||||||
|
|
||||||
|
Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
|
||||||
|
L"PolAcDmN",
|
||||||
|
Buffer, Length);
|
||||||
|
|
||||||
|
RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
|
||||||
|
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
return Status;
|
||||||
|
|
||||||
|
Length = 0;
|
||||||
|
if (Info->Sid != NULL)
|
||||||
|
Length = RtlLengthSid(Info->Sid);
|
||||||
|
|
||||||
|
Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
|
||||||
|
L"PolAcDmS",
|
||||||
|
(LPBYTE)Info->Sid,
|
||||||
|
Length);
|
||||||
|
|
||||||
|
return Status;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
LsarSetDnsDomain(LSAPR_HANDLE PolicyHandle,
|
||||||
|
PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
|
||||||
|
{
|
||||||
|
|
||||||
|
return STATUS_NOT_IMPLEMENTED;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* EOF */
|
|
@ -111,8 +111,9 @@ LsarpLookupPrivilegeValue(PUNICODE_STRING Name,
|
||||||
{
|
{
|
||||||
if (_wcsicmp(Name->Buffer, WellKnownPrivileges[Priv].Name) == 0)
|
if (_wcsicmp(Name->Buffer, WellKnownPrivileges[Priv].Name) == 0)
|
||||||
{
|
{
|
||||||
Value->LowPart = WellKnownPrivileges[Priv].Luid.LowPart;
|
// Value->LowPart = WellKnownPrivileges[Priv].Luid.LowPart;
|
||||||
Value->HighPart = WellKnownPrivileges[Priv].Luid.HighPart;
|
// Value->HighPart = WellKnownPrivileges[Priv].Luid.HighPart;
|
||||||
|
*Value = WellKnownPrivileges[Priv].Luid;
|
||||||
return STATUS_SUCCESS;
|
return STATUS_SUCCESS;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue