Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-04 03:34:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

[ADVAPI32/LSASRV]

Browse source 
- Implement LsaCreateSecret/LsarCreateSecret, LsaOpenSecret/LsarOpenSecret,  LsaGetSystemAccessAccount/ LsarGetSystemAccessAccount and LsarSetSystemAccessAccount
- Improve some TRACE messages.

svn path=/trunk/; revision=57158
This commit is contained in:
Eric Kohl 2012-08-25 15:40:06 +00:00
parent 01800e8784
commit a057794799
4 changed files with 290 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
reactos/dll/win32/advapi32/advapi32.spec
View file

@ -349,7 +349,7 @@
@ stub LsaClearAuditLog
@ stdcall LsaClose(ptr)
@ stdcall LsaCreateAccount(ptr ptr long ptr)
@ stub LsaCreateSecret
@ stdcall LsaCreateSecret(ptr ptr long ptr)
@ stdcall LsaCreateTrustedDomain(ptr ptr long ptr)
@ stdcall LsaCreateTrustedDomainEx(ptr ptr ptr long ptr)
@ stdcall LsaDelete(ptr)
@ -364,7 +364,7 @@
@ stdcall LsaFreeMemory(ptr)
@ stub LsaGetQuotasForAccount
@ stub LsaGetRemoteUserName
@ stub LsaGetSystemAccessAccount
@ stdcall LsaGetSystemAccessAccount(ptr ptr)
@ stdcall LsaGetUserName(ptr ptr)
@ stub LsaICLookupNames
@ stub LsaICLookupNamesWithCreds
@ -380,7 +380,7 @@
@ stdcall LsaOpenAccount(ptr ptr long ptr)
@ stdcall LsaOpenPolicy(ptr ptr long ptr)
@ stub LsaOpenPolicySce
@ stub LsaOpenSecret
@ stdcall LsaOpenSecret(ptr ptr long ptr)
@ stub LsaOpenTrustedDomain
@ stdcall LsaOpenTrustedDomainByName(ptr ptr long ptr)
@ stdcall LsaQueryDomainInformationPolicy(ptr long ptr)

101
reactos/dll/win32/advapi32/sec/lsa.c
View file

@ -152,7 +152,8 @@ LsaAddAccountRights(IN LSA_HANDLE PolicyHandle,
LSAPR_USER_RIGHT_SET UserRightSet;
NTSTATUS Status;
TRACE("(%p,%p,%p,0x%08x) stub\n", PolicyHandle, AccountSid, UserRights, CountOfRights);
TRACE("LsaAddAccountRights(%p %p %p 0x%08x)\n",
PolicyHandle, AccountSid, UserRights, CountOfRights);
UserRightSet.Entries = CountOfRights;
UserRightSet.UserRights = (PRPC_UNICODE_STRING)UserRights;
@ -184,7 +185,8 @@ LsaAddPrivilegesToAccount(IN LSA_HANDLE AccountHandle,
{
NTSTATUS Status;
TRACE("(%p,%p) stub\n", AccountHandle, PrivilegeSet);
TRACE("LsaAddPrivilegesToAccount(%p %p)\n",
AccountHandle, PrivilegeSet);
RpcTryExcept
{
@ -213,7 +215,8 @@ LsaCreateAccount(IN LSA_HANDLE PolicyHandle,
{
NTSTATUS Status;
TRACE("(%p,%p,0x%08x,%p)\n", PolicyHandle, AccountSid, DesiredAccess, AccountHandle);
TRACE("LsaCreateAccount(%p %p 0x%08x %p)\n",
PolicyHandle, AccountSid, DesiredAccess, AccountHandle);
RpcTryExcept
{
@ -232,6 +235,38 @@ LsaCreateAccount(IN LSA_HANDLE PolicyHandle,
}
/*
* @implemented
*/
NTSTATUS
WINAPI
LsaCreateSecret(IN LSA_HANDLE PolicyHandle,
IN PLSA_UNICODE_STRING SecretName,
IN ACCESS_MASK DesiredAccess,
OUT PLSA_HANDLE SecretHandle)
{
NTSTATUS Status;
TRACE("LsaCreateSecret(%p %p 0x%08lx %p)\n",
PolicyHandle, SecretName, DesiredAccess, SecretHandle);
RpcTryExcept
{
Status = LsarCreateSecret((LSAPR_HANDLE)PolicyHandle,
(PRPC_UNICODE_STRING)SecretName,
DesiredAccess,
SecretHandle);
}
RpcExcept(EXCEPTION_EXECUTE_HANDLER)
{
Status = I_RpcMapWin32Status(RpcExceptionCode());
}
RpcEndExcept;
return Status;
}
/*
* @implemented
*/
@ -444,6 +479,33 @@ LsaFreeMemory(IN PVOID Buffer)
}
/*
* @implemented
*/
NTSTATUS
WINAPI
LsaGetSystemAccessAccount(IN LSA_HANDLE AccountHandle,
OUT PULONG SystemAccess)
{
NTSTATUS Status;
TRACE("(%p,%p)\n", AccountHandle, SystemAccess);
RpcTryExcept
{
Status = LsarGetSystemAccessAccount((LSAPR_HANDLE)AccountHandle,
(ACCESS_MASK *)SystemAccess);
}
RpcExcept(EXCEPTION_EXECUTE_HANDLER)
{
Status = I_RpcMapWin32Status(RpcExceptionCode());
}
RpcEndExcept;
return Status;
}
/*
* @implemented
*/
@ -770,6 +832,39 @@ LsaOpenPolicy(IN PLSA_UNICODE_STRING SystemName,
}
NTSTATUS
WINAPI
LsaOpenSecret(IN LSA_HANDLE PolicyHandle,
IN PLSA_UNICODE_STRING SecretName,
IN ACCESS_MASK DesiredAccess,
OUT PLSA_HANDLE SecretHandle)
{
NTSTATUS Status;
TRACE("LsaOpenSecret(%p %p 0x%08x %p)\n",
PolicyHandle, SecretName, DesiredAccess, SecretHandle);
RpcTryExcept
{
*SecretHandle = NULL;
Status = LsarOpenSecret((LSAPR_HANDLE)PolicyHandle,
(PRPC_UNICODE_STRING)SecretName,
DesiredAccess,
SecretHandle);
}
RpcExcept(EXCEPTION_EXECUTE_HANDLER)
{
Status = I_RpcMapWin32Status(RpcExceptionCode());
}
RpcEndExcept;
TRACE("LsaOpenSecret() done (Status: 0x%08lx)\n", Status);
return Status;
}
/*
* @implemented
*/

198
reactos/dll/win32/lsasrv/lsarpc.c
View file

@ -11,14 +11,15 @@
#include "lsasrv.h"
static RTL_CRITICAL_SECTION PolicyHandleTableLock;
WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
/* FUNCTIONS ***************************************************************/
/* GLOBALS *****************************************************************/
static RTL_CRITICAL_SECTION PolicyHandleTableLock;
/* FUNCTIONS ***************************************************************/
VOID
LsarStartRpcServer(VOID)
@ -629,8 +630,87 @@ NTSTATUS WINAPI LsarCreateSecret(
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *SecretHandle)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
PLSA_DB_OBJECT PolicyObject;
PLSA_DB_OBJECT SecretsObject = NULL;
PLSA_DB_OBJECT SecretObject = NULL;
LARGE_INTEGER Time;
NTSTATUS Status = STATUS_SUCCESS;
/* Validate the PolicyHandle */
Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject,
POLICY_CREATE_SECRET,
&PolicyObject);
if (!NT_SUCCESS(Status))
{
ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
return Status;
}
/* Open the Secrets object */
Status = LsapOpenDbObject(PolicyObject,
L"Secrets",
LsaDbContainerObject,
0,
&SecretsObject);
if (!NT_SUCCESS(Status))
{
ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status);
goto done;
}
/* Get the current time */
Status = NtQuerySystemTime(&Time);
if (!NT_SUCCESS(Status))
{
ERR("NtQuerySystemTime failed (Status 0x%08lx)\n", Status);
goto done;
}
/* Create the Secret object */
Status = LsapCreateDbObject(SecretsObject,
SecretName->Buffer,
LsaDbSecretObject,
DesiredAccess,
&SecretObject);
if (!NT_SUCCESS(Status))
{
ERR("LsapCreateDbObject (Secret) failed (Status 0x%08lx)\n", Status);
goto done;
}
/* Set the CurrentTime attribute */
Status = LsapSetObjectAttribute(SecretObject,
L"CurrentTime",
(PVOID)&Time,
sizeof(LARGE_INTEGER));
if (!NT_SUCCESS(Status))
{
ERR("LsapSetObjectAttribute (CurrentTime) failed (Status 0x%08lx)\n", Status);
goto done;
}
/* Set the OldTime attribute */
Status = LsapSetObjectAttribute(SecretObject,
L"OldTime",
(PVOID)&Time,
sizeof(LARGE_INTEGER));
done:
if (!NT_SUCCESS(Status))
{
if (SecretObject != NULL)
LsapCloseDbObject(SecretObject);
}
else
{
*SecretHandle = (LSAPR_HANDLE)SecretObject;
}
if (SecretsObject != NULL)
LsapCloseDbObject(SecretsObject);
return STATUS_SUCCESS;
}
@ -958,8 +1038,28 @@ NTSTATUS WINAPI LsarGetSystemAccessAccount(
LSAPR_HANDLE AccountHandle,
ACCESS_MASK *SystemAccess)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
PLSA_DB_OBJECT AccountObject;
ULONG Size;
NTSTATUS Status;
/* Validate the account handle */
Status = LsapValidateDbObject(AccountHandle,
LsaDbAccountObject,
ACCOUNT_VIEW,
&AccountObject);
if (!NT_SUCCESS(Status))
{
ERR("Invalid handle (Status %lx)\n", Status);
return Status;
}
/* Get the system access flags */
Status = LsapGetObjectAttribute(AccountObject,
L"ActSysAc",
SystemAccess,
&Size);
return Status;
}
@ -968,8 +1068,27 @@ NTSTATUS WINAPI LsarSetSystemAccessAccount(
LSAPR_HANDLE AccountHandle,
ACCESS_MASK SystemAccess)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
PLSA_DB_OBJECT AccountObject;
NTSTATUS Status;
/* Validate the account handle */
Status = LsapValidateDbObject(AccountHandle,
LsaDbAccountObject,
ACCOUNT_ADJUST_SYSTEM_ACCESS,
&AccountObject);
if (!NT_SUCCESS(Status))
{
ERR("Invalid handle (Status %lx)\n", Status);
return Status;
}
/* Set the system access flags */
Status = LsapSetObjectAttribute(AccountObject,
L"ActSysAc",
&SystemAccess,
sizeof(ACCESS_MASK));
return Status;
}
@ -1014,8 +1133,61 @@ NTSTATUS WINAPI LsarOpenSecret(
ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *SecretHandle)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
PLSA_DB_OBJECT PolicyObject;
PLSA_DB_OBJECT SecretsObject = NULL;
PLSA_DB_OBJECT SecretObject = NULL;
NTSTATUS Status = STATUS_SUCCESS;
/* Validate the PolicyHandle */
Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject,
POLICY_CREATE_SECRET,
&PolicyObject);
if (!NT_SUCCESS(Status))
{
ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
return Status;
}
/* Open the Secrets object */
Status = LsapOpenDbObject(PolicyObject,
L"Secrets",
LsaDbContainerObject,
0,
&SecretsObject);
if (!NT_SUCCESS(Status))
{
ERR("LsapCreateDbObject (Secrets) failed (Status 0x%08lx)\n", Status);
goto done;
}
/* Create the secret object */
Status = LsapOpenDbObject(SecretsObject,
SecretName->Buffer,
LsaDbSecretObject,
DesiredAccess,
&SecretObject);
if (!NT_SUCCESS(Status))
{
ERR("LsapOpenDbObject (Secret) failed (Status 0x%08lx)\n", Status);
goto done;
}
done:
if (!NT_SUCCESS(Status))
{
if (SecretObject != NULL)
LsapCloseDbObject(SecretObject);
}
else
{
*SecretHandle = (LSAPR_HANDLE)SecretObject;
}
if (SecretsObject != NULL)
LsapCloseDbObject(SecretsObject);
return STATUS_SUCCESS;
}
@ -1147,7 +1319,7 @@ NTSTATUS WINAPI LsarEnmuerateAccountRights(
Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject,
0, /* FIXME */
ACCOUNT_VIEW,
&PolicyObject);
if (!NT_SUCCESS(Status))
return Status;

4
reactos/include/psdk/ntsecapi.h
View file

@ -679,6 +679,7 @@ NTSTATUS NTAPI LsaCallAuthenticationPackage(HANDLE,ULONG,PVOID,ULONG,PVOID*,
NTSTATUS NTAPI LsaClose(LSA_HANDLE);
NTSTATUS NTAPI LsaConnectUntrusted(PHANDLE);
NTSTATUS NTAPI LsaCreateAccount(LSA_HANDLE, PSID, ACCESS_MASK, PLSA_HANDLE);
NTSTATUS NTAPI LsaCreateSecret(LSA_HANDLE, PLSA_UNICODE_STRING, ACCESS_MASK, PLSA_HANDLE);
NTSTATUS NTAPI LsaCreateTrustedDomain(LSA_HANDLE, PLSA_TRUST_INFORMATION,
ACCESS_MASK, PLSA_HANDLE);
NTSTATUS NTAPI LsaCreateTrustedDomainEx(LSA_HANDLE, PTRUSTED_DOMAIN_INFORMATION_EX,
@ -695,6 +696,7 @@ NTSTATUS NTAPI LsaEnumerateTrustedDomainsEx(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,
PVOID*,ULONG,PULONG);
NTSTATUS NTAPI LsaFreeMemory(PVOID);
NTSTATUS NTAPI LsaFreeReturnBuffer(PVOID);
NTSTATUS NTAPI LsaGetSystemAccessAccount(LSA_HANDLE, PULONG);
NTSTATUS NTAPI LsaLogonUser(HANDLE,PLSA_STRING,SECURITY_LOGON_TYPE,ULONG,PVOID,
ULONG,PTOKEN_GROUPS,PTOKEN_SOURCE,PVOID*,PULONG,
PLUID,PHANDLE,PQUOTA_LIMITS,PNTSTATUS);
@ -711,6 +713,7 @@ ULONG NTAPI LsaNtStatusToWinError(NTSTATUS);
NTSTATUS NTAPI LsaOpenAccount(LSA_HANDLE, PSID, ACCESS_MASK, PLSA_HANDLE);
NTSTATUS NTAPI LsaOpenPolicy(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,
ACCESS_MASK,PLSA_HANDLE);
NTSTATUS NTAPI LsaOpenSecret(LSA_HANDLE, PLSA_UNICODE_STRING, ACCESS_MASK, PLSA_HANDLE);
NTSTATUS NTAPI LsaOpenTrustedDomainByName(LSA_HANDLE, PLSA_UNICODE_STRING,
ACCESS_MASK, PLSA_HANDLE);
NTSTATUS NTAPI LsaQueryDomainInformationPolicy(LSA_HANDLE,
@ -732,6 +735,7 @@ NTSTATUS NTAPI LsaSetDomainInformationPolicy(LSA_HANDLE,
NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS, PVOID);
NTSTATUS NTAPI LsaSetLocalInformationPolicy(LSA_HANDLE,
POLICY_LOCAL_INFORMATION_CLASS,PVOID);
NTSTATUS NTAPI LsaSetSystemAccessAccount(LSA_HANDLE, ULONG);
NTSTATUS NTAPI LsaSetTrustedDomainInformation(LSA_HANDLE,PSID,
TRUSTED_INFORMATION_CLASS,PVOID);
NTSTATUS NTAPI LsaSetTrustedDomainInfoByName(LSA_HANDLE,PLSA_UNICODE_STRING,