Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-05 04:06:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

[LSALIB/LSASRV]

Browse source 
Make the call sequence LsaRegisterLogonProcess, LsaLookupAuthenticationPackage, LsaDeregisterLogonProcess work without failures or loss of connection. WIP.

svn path=/trunk/; revision=58303
This commit is contained in:
Eric Kohl 2013-02-09 22:56:26 +00:00
parent 7121ae2525
commit 9cdf574f39
3 changed files with 232 additions and 95 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

94
reactos/dll/win32/lsasrv/authport.c
View file

@ -20,16 +20,26 @@ static HANDLE AuthPortHandle = NULL;
/* FUNCTIONS ***************************************************************/
static NTSTATUS
LsapLookupAuthenticationPackage(PLSA_API_MSG RequestMsg)
{
RequestMsg->LookupAuthenticationPackage.Reply.Package = 0x12345678;
return STATUS_SUCCESS;
}
NTSTATUS WINAPI
AuthPortThreadRoutine(PVOID Param)
{
LSASS_REQUEST Request;
PPORT_MESSAGE Reply = NULL;
PLSA_API_MSG ReplyMsg = NULL;
LSA_API_MSG RequestMsg;
NTSTATUS Status;
HANDLE ConnectionHandle = NULL;
PVOID Context = NULL;
BOOLEAN Accept;
REMOTE_PORT_VIEW RemotePortView;
TRACE("AuthPortThreadRoutine() called\n");
@ -39,8 +49,8 @@ AuthPortThreadRoutine(PVOID Param)
{
Status = NtReplyWaitReceivePort(AuthPortHandle,
0,
Reply,
&Request.Header);
&ReplyMsg->h,
&RequestMsg.h);
if (!NT_SUCCESS(Status))
{
TRACE("NtReplyWaitReceivePort() failed (Status %lx)\n", Status);
@ -49,42 +59,62 @@ AuthPortThreadRoutine(PVOID Param)
TRACE("Received message\n");
if (Request.Header.u2.s2.Type == LPC_CONNECTION_REQUEST)
switch (RequestMsg.h.u2.s2.Type)
{
TRACE("Port connection request\n");
case LPC_CONNECTION_REQUEST:
TRACE("Port connection request\n");
Accept = TRUE;
NtAcceptConnectPort(&ConnectionHandle,
&Context,
&Request.Header,
Accept,
NULL,
NULL);
RemotePortView.Length = sizeof(REMOTE_PORT_VIEW);
Accept = TRUE;
Status = NtAcceptConnectPort(&ConnectionHandle,
&Context,
&RequestMsg.h,
Accept,
NULL,
&RemotePortView);
if (!NT_SUCCESS(Status))
{
ERR("NtAcceptConnectPort failed (Status 0x%lx)\n", Status);
return Status;
}
NtCompleteConnectPort(ConnectionHandle);
Status = NtCompleteConnectPort(ConnectionHandle);
if (!NT_SUCCESS(Status))
{
ERR("NtCompleteConnectPort failed (Status 0x%lx)\n", Status);
return Status;
}
}
else if (Request.Header.u2.s2.Type == LPC_PORT_CLOSED ||
Request.Header.u2.s2.Type == LPC_CLIENT_DIED)
{
TRACE("Port closed or client died request\n");
ReplyMsg = NULL;
break;
// return STATUS_UNSUCCESSFUL;
}
else if (Request.Header.u2.s2.Type == LPC_REQUEST)
{
TRACE("Received request (Type: %lu)\n", Request.Type);
case LPC_PORT_CLOSED:
TRACE("Port closed\n");
ReplyMsg = NULL;
break;
}
else if (Request.Header.u2.s2.Type == LPC_DATAGRAM)
{
TRACE("Received datagram\n");
case LPC_CLIENT_DIED:
TRACE("Client died\n");
ReplyMsg = NULL;
break;
default:
TRACE("Received request (ApiNumber: %lu)\n", RequestMsg.ApiNumber);
if (RequestMsg.ApiNumber == LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE)
{
RequestMsg.Status = LsapLookupAuthenticationPackage(&RequestMsg);
}
else
RequestMsg.Status = STATUS_SUCCESS;
ReplyMsg = &RequestMsg;
break;
}
}
return Status;
return STATUS_SUCCESS;
}
@ -107,9 +137,9 @@ StartAuthenticationPort(VOID)
Status = NtCreatePort(&AuthPortHandle,
&ObjectAttributes,
0,
0x100,
0x2000);
sizeof(LSA_CONNECTION_INFO),
sizeof(LSA_API_MSG),
sizeof(LSA_API_MSG) * 32);
if (!NT_SUCCESS(Status))
{
TRACE("NtCreatePort() failed (Status %lx)\n", Status);

99
reactos/include/reactos/subsys/lsass/lsass.h
View file

@ -14,14 +14,19 @@
#include <ntsecapi.h>
#define LSASS_MAX_LOGON_PROCESS_NAME_LENGTH 127
#define LSASS_MAX_PACKAGE_NAME_LENGTH 127
#define LSASS_REQUEST_REGISTER_LOGON_PROCESS (1)
#define LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE (2)
#define LSASS_REQUEST_DEREGISTER_LOGON_PROCESS (3)
#define LSASS_REQUEST_LOGON_USER (4)
#define LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE (5)
#define LSASS_REQUEST_MAXIMUM (6)
typedef enum _LSA_API_NUMBER
{
LSASS_REQUEST_REGISTER_LOGON_PROCESS,
LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE,
LSASS_REQUEST_DEREGISTER_LOGON_PROCESS,
LSASS_REQUEST_LOGON_USER,
LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE,
LSASS_REQUEST_MAXIMUM
} LSA_API_NUMBER, *PLSA_API_NUMBER;
#if 0
typedef struct _LSASS_LOOKUP_AUTHENTICATION_PACKAGE_REQUEST
{
ULONG PackageNameLength;
@ -46,6 +51,7 @@ typedef struct _LSASS_DEREGISTER_LOGON_PROCESS_REPLY
ULONG Dummy;
} LSASS_DEREGISTER_LOGON_PROCESS_REPLY,
*PLSASS_DEREGISTER_LOGON_PROCESS_REPLY;
#endif
typedef struct _LSASS_CALL_AUTHENTICATION_PACKAGE_REQUEST
{
@ -87,6 +93,7 @@ typedef struct _LSASS_LOGON_USER_REPLY
UCHAR Data[1];
} LSASS_LOGON_USER_REPLY, *PLSASS_LOGON_USER_REPLY;
#if 0
typedef struct _LSASS_REGISTER_LOGON_PROCESS_REQUEST
{
ULONG Length;
@ -97,17 +104,17 @@ typedef struct _LSASS_REGISTER_LOGON_PROCESS_REPLY
{
LSA_OPERATIONAL_MODE OperationalMode;
} LSASS_REGISTER_LOGON_PROCESS_REPLY, *PLSASS_REGISTER_LOGON_PROCESS_REPLY;
#endif
typedef struct _LSASS_CONNECT_DATA
typedef struct _LSA_CONNECTION_INFO
{
NTSTATUS Status;
LSA_OPERATIONAL_MODE OperationalMode;
ULONG Length;
CHAR LogonProcessNameBuffer[LSASS_MAX_LOGON_PROCESS_NAME_LENGTH + 1];
} LSASS_CONNECT_DATA, *PLSASS_CONNECT_DATA;
} LSA_CONNECTION_INFO, *PLSA_CONNECTION_INFO;
#if 0
typedef union _LSASS_REQUEST
{
PORT_MESSAGE Header;
@ -141,5 +148,77 @@ typedef struct _LSASS_REPLY
LookupAuthenticationPackageReply;
} d;
} LSASS_REPLY, *PLSASS_REPLY;
#endif
typedef struct _LSA_REGISTER_LOGON_PROCESS_MSG
{
union
{
struct
{
ULONG Length;
CHAR LogonProcessNameBuffer[LSASS_MAX_LOGON_PROCESS_NAME_LENGTH + 1];
} Request;
struct
{
LSA_OPERATIONAL_MODE OperationalMode;
} Reply;
};
} LSA_REGISTER_LOGON_PROCESS_MSG, *PLSA_REGISTER_LOGON_PROCESS_MSG;
typedef struct _LSA_DEREGISTER_LOGON_PROCESS_MSG
{
union
{
struct
{
ULONG Dummy;
} Request;
struct
{
ULONG Dummy;
} Reply;
};
} LSA_DEREGISTER_LOGON_PROCESS_MSG, *PLSA_DEREGISTER_LOGON_PROCESS_MSG;
typedef struct _LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG
{
union
{
struct
{
ULONG PackageNameLength;
CHAR PackageName[LSASS_MAX_PACKAGE_NAME_LENGTH + 1];
} Request;
struct
{
ULONG Package;
} Reply;
};
} LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG, *PLSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG;
typedef struct _LSA_API_MSG
{
PORT_MESSAGE h;
struct
{
LSA_API_NUMBER ApiNumber;
NTSTATUS Status;
union
{
LSA_REGISTER_LOGON_PROCESS_MSG RegisterLogonProcess;
// LSA_LOGON_USER_MSG LogonUser;
// LSA_CALL_AUTHENTICATION_PACKAGE_MSG CallAuthenticationPackage;
LSA_DEREGISTER_LOGON_PROCESS_MSG DeregisterLogonProcess;
LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG LookupAuthenticationPackage;
};
};
} LSA_API_MSG, *PLSA_API_MSG;
#define LSA_PORT_DATA_SIZE(c) (sizeof(ULONG)+sizeof(NTSTATUS)+sizeof(c))
#define LSA_PORT_MESSAGE_SIZE (sizeof(LSA_API_MSG))
#endif /* __INCLUDE_LSASS_LSASS_H */

134
reactos/lib/lsalib/lsa.c
View file

@ -12,6 +12,7 @@
#include <ndk/lpctypes.h>
#include <ndk/lpcfuncs.h>
#include <ndk/rtlfuncs.h>
#include <ndk/obfuncs.h>
#include <psdk/ntsecapi.h>
#include <lsass/lsass.h>
@ -30,26 +31,35 @@ extern HANDLE Secur32Heap;
NTSTATUS WINAPI
LsaDeregisterLogonProcess(HANDLE LsaHandle)
{
LSASS_REQUEST Request;
LSASS_REPLY Reply;
LSA_API_MSG ApiMessage;
NTSTATUS Status;
Request.Header.u1.s1.DataLength = 0;
Request.Header.u1.s1.TotalLength = sizeof(LSASS_REQUEST);
Request.Type = LSASS_REQUEST_DEREGISTER_LOGON_PROCESS;
DPRINT1("LsaDeregisterLogonProcess()\n");
ApiMessage.ApiNumber = LSASS_REQUEST_DEREGISTER_LOGON_PROCESS;
ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.DeregisterLogonProcess.Request);
ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
ApiMessage.h.u2.ZeroInit = 0;
Status = ZwRequestWaitReplyPort(LsaHandle,
&Request.Header,
&Reply.Header);
(PPORT_MESSAGE)&ApiMessage,
(PPORT_MESSAGE)&ApiMessage);
if (!NT_SUCCESS(Status))
{
DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
return Status;
}
if (!NT_SUCCESS(Reply.Status))
if (!NT_SUCCESS(ApiMessage.Status))
{
return Reply.Status;
DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
return ApiMessage.Status;
}
NtClose(LsaHandle);
DPRINT1("LsaDeregisterLogonProcess() done (Status 0x%08lx)\n", Status);
return Status;
}
@ -77,6 +87,7 @@ LsaCallAuthenticationPackage(HANDLE LsaHandle,
PULONG ReturnBufferLength,
PNTSTATUS ProtocolStatus)
{
#if 0
PLSASS_REQUEST Request;
PLSASS_REPLY Reply;
LSASS_REQUEST RawRequest;
@ -123,6 +134,9 @@ LsaCallAuthenticationPackage(HANDLE LsaHandle,
*ReturnBufferLength);
return Status;
#endif
return 0;
}
@ -144,34 +158,42 @@ LsaLookupAuthenticationPackage(HANDLE LsaHandle,
PLSA_STRING PackageName,
PULONG AuthenticationPackage)
{
LSA_API_MSG ApiMessage;
NTSTATUS Status;
PLSASS_REQUEST Request;
LSASS_REQUEST RawRequest;
LSASS_REPLY Reply;
Request = (PLSASS_REQUEST)&RawRequest;
Request->Header.u1.s1.DataLength = sizeof(LSASS_REQUEST) + PackageName->Length -
sizeof(PORT_MESSAGE);
Request->Header.u1.s1.TotalLength = Request->Header.u1.s1.DataLength +
sizeof(PORT_MESSAGE);
Request->Type = LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE;
/* Check the package name length */
if (PackageName->Length > LSASS_MAX_PACKAGE_NAME_LENGTH)
{
return STATUS_NAME_TOO_LONG;
}
ApiMessage.ApiNumber = LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE;
ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LookupAuthenticationPackage.Request);
ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
ApiMessage.h.u2.ZeroInit = 0;
ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength = PackageName->Length;
strncpy(ApiMessage.LookupAuthenticationPackage.Request.PackageName,
PackageName->Buffer,
ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength);
ApiMessage.LookupAuthenticationPackage.Request.PackageName[ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength] = '\0';
Status = ZwRequestWaitReplyPort(LsaHandle,
&Request->Header,
&Reply.Header);
(PPORT_MESSAGE)&ApiMessage,
(PPORT_MESSAGE)&ApiMessage);
if (!NT_SUCCESS(Status))
{
return Status;
}
if (!NT_SUCCESS(Reply.Status))
if (!NT_SUCCESS(ApiMessage.Status))
{
return Reply.Status;
return ApiMessage.Status;
}
*AuthenticationPackage = Reply.d.LookupAuthenticationPackageReply.Package;
*AuthenticationPackage = ApiMessage.LookupAuthenticationPackage.Reply.Package;
return Reply.Status;
return Status;
}
@ -194,6 +216,7 @@ LsaLogonUser(HANDLE LsaHandle,
PQUOTA_LIMITS Quotas,
PNTSTATUS SubStatus)
{
#if 0
ULONG RequestLength;
ULONG CurrentLength;
PLSASS_REQUEST Request;
@ -276,6 +299,8 @@ LsaLogonUser(HANDLE LsaHandle,
sizeof(Reply->d.LogonUserReply.Quotas));
return Status;
#endif
return 0;
}
@ -289,33 +314,35 @@ LsaRegisterLogonProcess(PLSA_STRING LsaLogonProcessName,
{
UNICODE_STRING PortName; // = RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
SECURITY_QUALITY_OF_SERVICE SecurityQos;
ULONG ConnectInfoLength;
LSA_CONNECTION_INFO ConnectInfo;
ULONG ConnectInfoLength = sizeof(ConnectInfo);
LSA_API_MSG ApiMessage;
HANDLE PortHandle = NULL;
NTSTATUS Status;
LSASS_CONNECT_DATA ConnectInfo;
// LSASS_REQUEST Request;
// LSASS_REPLY Reply;
DPRINT1("LsaRegisterLogonProcess()\n");
/* Check the logon process name length */
if (LsaLogonProcessName->Length > LSASS_MAX_LOGON_PROCESS_NAME_LENGTH)
return STATUS_NAME_TOO_LONG;
*Handle = NULL;
RtlInitUnicodeString(&PortName,
L"\\LsaAuthenticationPort");
SecurityQos.Length = sizeof (SecurityQos);
SecurityQos.Length = sizeof(SecurityQos);
SecurityQos.ImpersonationLevel = SecurityIdentification;
SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
SecurityQos.EffectiveOnly = TRUE;
ConnectInfoLength = sizeof(LSASS_CONNECT_DATA);
strncpy(ConnectInfo.LogonProcessNameBuffer,
LsaLogonProcessName->Buffer,
LsaLogonProcessName->Length);
ConnectInfo.Length = LsaLogonProcessName->Length;
ConnectInfo.LogonProcessNameBuffer[ConnectInfo.Length] = '\0';
Status = ZwConnectPort(Handle,
Status = ZwConnectPort(&PortHandle,
&PortName,
&SecurityQos,
NULL,
@ -325,42 +352,43 @@ LsaRegisterLogonProcess(PLSA_STRING LsaLogonProcessName,
&ConnectInfoLength);
if (!NT_SUCCESS(Status))
{
DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status);
return Status;
}
return Status;
#if 0
Request.Type = LSASS_REQUEST_REGISTER_LOGON_PROCESS;
Request.Header.u1.s1.DataLength = sizeof(LSASS_REQUEST) -
sizeof(PORT_MESSAGE);
Request.Header.u1.s1.TotalLength = sizeof(LSASS_REQUEST);
ApiMessage.ApiNumber = LSASS_REQUEST_REGISTER_LOGON_PROCESS;
ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.RegisterLogonProcess.Request);
ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
ApiMessage.h.u2.ZeroInit = 0;
Request.d.RegisterLogonProcessRequest.Length = LsaLogonProcessName->Length;
memcpy(Request.d.RegisterLogonProcessRequest.LogonProcessNameBuffer,
ApiMessage.RegisterLogonProcess.Request.Length = LsaLogonProcessName->Length;
memcpy(ApiMessage.RegisterLogonProcess.Request.LogonProcessNameBuffer,
LsaLogonProcessName->Buffer,
Request.d.RegisterLogonProcessRequest.Length);
ApiMessage.RegisterLogonProcess.Request.Length);
Status = ZwRequestWaitReplyPort(*Handle,
&Request.Header,
&Reply.Header);
Status = ZwRequestWaitReplyPort(PortHandle,
(PPORT_MESSAGE)&ApiMessage,
(PPORT_MESSAGE)&ApiMessage);
if (!NT_SUCCESS(Status))
{
// NtClose(*Handle);
// *Handle = NULL;
DPRINT1("ZwRequestWaitReplyPort failed (Status 0x%08lx)\n", Status);
NtClose(PortHandle);
return Status;
}
if (!NT_SUCCESS(Reply.Status))
if (!NT_SUCCESS(ApiMessage.Status))
{
// NtClose(*Handle);
// *Handle = NULL;
return Status;
DPRINT1("ZwRequestWaitReplyPort failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
NtClose(PortHandle);
return ApiMessage.Status;
}
*OperationalMode = Reply.d.RegisterLogonProcessReply.OperationalMode;
*Handle = PortHandle;
*OperationalMode = ApiMessage.RegisterLogonProcess.Reply.OperationalMode;
return Reply.Status;
#endif
DPRINT1("LsaRegisterLogonProcess() done (Status 0x%08lx)\n", Status);
return Status;
}