Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-02-22 08:25:03 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ADVAPI32]

Browse source 
Enable the new SAM-based logon system.

Using your own accounts to log-on to ReactOS will still fail because of bugs in winlogon, userenv.dll and the registry. But at least the infrastructure is in place and we can start to fix the reamining bugs. All accounts still use a hard-coded privilege set, but this will be fixed as soon as possible.

svn path=/trunk/; revision=60800
This commit is contained in:
Eric Kohl 2013-10-30 21:19:03 +00:00
parent 93bd6b7500
commit b4b9913715
3 changed files with 198 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
reactos/boot/bootdata/hivesft.inf
View file

@ -324,7 +324,7 @@ HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones","IndexMapping",0x
"81d", "125",\
"422", "125",\
"402", "125",\
"427", "125",\
"427", "125",\
"408", "130",\
"41f", "130",\
"418", "130",\
@ -1067,7 +1067,8 @@ HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","Shell",0x00020000,
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","Userinit",0x00020000,"%SystemRoot%\system32\userinit.exe"
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","AutoAdminLogon",0x00000000,"1"
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","DefaultUserName",0x00000000,"Administrator"
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","DefaultPassword",0x00000000,"Secret"
;HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","DefaultPassword",0x00000000,"Secret"
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","DefaultPassword",0x00000000,""
; Time Zone Servers
HKLM,"SOFTWARE\Microsoft\Windows\CurrentVersion\DateTime\Servers","1",0x00000000,"pool.ntp.org"

2
reactos/dll/win32/advapi32/CMakeLists.txt
View file

@ -58,7 +58,7 @@ add_library(advapi32 SHARED ${SOURCE})
set_module_type(advapi32 win32dll UNICODE)
target_link_libraries(advapi32 wine ${PSEH_LIB})
add_delay_importlibs(advapi32 rpcrt4)
add_importlibs(advapi32 msvcrt kernel32 ntdll)
add_importlibs(advapi32 secur32 msvcrt kernel32 ntdll)
add_pch(advapi32 advapi32.h
${CMAKE_CURRENT_BINARY_DIR}/lsa_c.h

194
reactos/dll/win32/advapi32/misc/logon.c
View file

@ -9,6 +9,7 @@
#include <advapi32.h>
WINE_DEFAULT_DEBUG_CHANNEL(advapi);
#define NEW_LOGON
/* FUNCTIONS ***************************************************************/
@ -212,6 +213,7 @@ UsernameDone:
}
#ifndef NEW_LOGON
static BOOL WINAPI
GetAccountDomainSid(PSID *Sid)
{
@ -565,6 +567,7 @@ FreeGroupSids(PTOKEN_GROUPS TokenGroups)
RtlFreeHeap(GetProcessHeap(), 0, TokenGroups);
}
#endif
/*
@ -578,6 +581,196 @@ LogonUserW(LPWSTR lpszUsername,
DWORD dwLogonProvider,
PHANDLE phToken)
{
#ifdef NEW_LOGON
LSA_STRING LogonProcessName;
LSA_STRING PackageName;
HANDLE LsaHandle = NULL;
LSA_OPERATIONAL_MODE SecurityMode = 0;
ULONG AuthenticationPackage = 0;
LSA_STRING OriginName;
UNICODE_STRING DomainName;
UNICODE_STRING UserName;
UNICODE_STRING Password;
PMSV1_0_INTERACTIVE_LOGON AuthInfo = NULL;
ULONG AuthInfoLength;
ULONG_PTR Ptr;
TOKEN_SOURCE TokenSource;
PMSV1_0_INTERACTIVE_PROFILE ProfileBuffer = NULL;
ULONG ProfileBufferLength = 0;
LUID Luid = {0, 0};
HANDLE TokenHandle = NULL;
QUOTA_LIMITS QuotaLimits;
NTSTATUS SubStatus = STATUS_SUCCESS;
NTSTATUS Status;
*phToken = NULL;
RtlInitAnsiString((PANSI_STRING)&LogonProcessName,
"User32LogonProcess");
Status = LsaRegisterLogonProcess(&LogonProcessName,
&LsaHandle,
&SecurityMode);
if (!NT_SUCCESS(Status))
{
TRACE("LsaRegisterLogonProcess failed (Status 0x%08lx)\n", Status);
goto done;
}
RtlInitAnsiString((PANSI_STRING)&PackageName,
MSV1_0_PACKAGE_NAME);
Status = LsaLookupAuthenticationPackage(LsaHandle,
&PackageName,
&AuthenticationPackage);
if (!NT_SUCCESS(Status))
{
TRACE("LsaLookupAuthenticationPackage failed (Status 0x%08lx)\n", Status);
goto done;
}
TRACE("AuthenticationPackage: 0x%08lx\n", AuthenticationPackage);
RtlInitAnsiString((PANSI_STRING)&OriginName,
"Testapp");
RtlInitUnicodeString(&DomainName,
lpszDomain);
RtlInitUnicodeString(&UserName,
lpszUsername);
RtlInitUnicodeString(&Password,
lpszPassword);
AuthInfoLength = sizeof(MSV1_0_INTERACTIVE_LOGON)+
DomainName.MaximumLength +
UserName.MaximumLength +
Password.MaximumLength;
AuthInfo = RtlAllocateHeap(RtlGetProcessHeap(),
HEAP_ZERO_MEMORY,
AuthInfoLength);
if (AuthInfo == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
AuthInfo->MessageType = MsV1_0InteractiveLogon;
Ptr = (ULONG_PTR)AuthInfo + sizeof(MSV1_0_INTERACTIVE_LOGON);
AuthInfo->LogonDomainName.Length = DomainName.Length;
AuthInfo->LogonDomainName.MaximumLength = DomainName.MaximumLength;
AuthInfo->LogonDomainName.Buffer = (DomainName.Buffer == NULL) ? NULL : (PWCHAR)Ptr;
if (DomainName.MaximumLength > 0)
{
RtlCopyMemory(AuthInfo->LogonDomainName.Buffer,
DomainName.Buffer,
DomainName.MaximumLength);
Ptr += DomainName.MaximumLength;
}
AuthInfo->UserName.Length = UserName.Length;
AuthInfo->UserName.MaximumLength = UserName.MaximumLength;
AuthInfo->UserName.Buffer = (PWCHAR)Ptr;
if (UserName.MaximumLength > 0)
RtlCopyMemory(AuthInfo->UserName.Buffer,
UserName.Buffer,
UserName.MaximumLength);
Ptr += UserName.MaximumLength;
AuthInfo->Password.Length = Password.Length;
AuthInfo->Password.MaximumLength = Password.MaximumLength;
AuthInfo->Password.Buffer = (PWCHAR)Ptr;
if (Password.MaximumLength > 0)
RtlCopyMemory(AuthInfo->Password.Buffer,
Password.Buffer,
Password.MaximumLength);
/* FIXME: Add LocalGroups here */
strcpy(TokenSource.SourceName, "Bla");
AllocateLocallyUniqueId(&TokenSource.SourceIdentifier);
Status = LsaLogonUser(LsaHandle,
&OriginName,
Interactive,
AuthenticationPackage,
(PVOID)AuthInfo,
AuthInfoLength,
NULL, /* LocalGroups */
&TokenSource,
(PVOID*)&ProfileBuffer,
&ProfileBufferLength,
&Luid,
&TokenHandle,
&QuotaLimits,
&SubStatus);
if (!NT_SUCCESS(Status))
{
TRACE("LsaLogonUser failed (Status 0x%08lx)\n", Status);
goto done;
}
if (ProfileBuffer != NULL)
{
TRACE("ProfileBuffer: %p\n", ProfileBuffer);
TRACE("MessageType: %u\n", ProfileBuffer->MessageType);
TRACE("FullName: %p\n", ProfileBuffer->FullName.Buffer);
TRACE("FullName: %S\n", ProfileBuffer->FullName.Buffer);
TRACE("LogonServer: %p\n", ProfileBuffer->LogonServer.Buffer);
TRACE("LogonServer: %S\n", ProfileBuffer->LogonServer.Buffer);
}
TRACE("Luid: 0x%08lx%08lx\n", Luid.HighPart, Luid.LowPart);
if (TokenHandle != NULL)
{
TRACE("TokenHandle: %p\n", TokenHandle);
}
*phToken = TokenHandle;
done:
if (ProfileBuffer != NULL)
LsaFreeReturnBuffer(ProfileBuffer);
if (!NT_SUCCESS(Status))
{
if (TokenHandle != NULL)
CloseHandle(TokenHandle);
}
if (AuthInfo != NULL)
RtlFreeHeap(RtlGetProcessHeap(), 0, AuthInfo);
if (LsaHandle != NULL)
{
Status = LsaDeregisterLogonProcess(LsaHandle);
if (!NT_SUCCESS(Status))
{
TRACE("LsaDeregisterLogonProcess failed (Status 0x%08lx)\n", Status);
}
}
if (!NT_SUCCESS(Status))
{
SetLastError(RtlNtStatusToDosError(Status));
return FALSE;
}
return TRUE;
#else
/* FIXME shouldn't use hard-coded list of privileges */
static struct
{
@ -776,6 +969,7 @@ done:
RtlFreeHeap(GetProcessHeap(), 0, UserSid);
return NT_SUCCESS(Status);
#endif
}
/* EOF */