Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-01-02 12:32:47 +00:00
Code Issues Projects Releases Packages Wiki Activity

[LSASRV]

Browse source 
- Clean up the LSA database APIs.
- Fix database object reference counting.

svn path=/trunk/; revision=56524
This commit is contained in:
Eric Kohl 2012-05-06 09:57:31 +00:00
parent f5acffdf62
commit f2e65997ea
4 changed files with 283 additions and 167 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

241
reactos/dll/win32/lsasrv/database.c
View file

@ -202,40 +202,40 @@ Done:
static NTSTATUS static NTSTATUS
LsapCreateDatabaseObjects(VOID) LsapCreateDatabaseObjects(VOID)
{ {
PLSA_DB_OBJECT DbObject = NULL; PLSA_DB_OBJECT PolicyObject;
NTSTATUS Status;
/* Open the 'Policy' object */ /* Open the 'Policy' object */
DbObject = (PLSA_DB_OBJECT)LsapCreateDbObject(NULL, Status = LsapOpenDbObject(NULL,
L"Policy", L"Policy",
TRUE, LsaDbPolicyObject,
LsaDbPolicyObject, 0,
0); &PolicyObject);
if (DbObject != NULL) if (!NT_SUCCESS(Status))
{ return Status;
LsapSetObjectAttribute(DbObject,
L"PolPrDmN",
NULL,
0);
LsapSetObjectAttribute(DbObject, LsapSetObjectAttribute(PolicyObject,
L"PolPrDmS", L"PolPrDmN",
NULL, NULL,
0); 0);
LsapSetObjectAttribute(DbObject, LsapSetObjectAttribute(PolicyObject,
L"PolAcDmN", L"PolPrDmS",
NULL, NULL,
0); 0);
LsapSetObjectAttribute(DbObject, LsapSetObjectAttribute(PolicyObject,
L"PolAcDmS", L"PolAcDmN",
NULL, NULL,
0); 0);
LsapSetObjectAttribute(PolicyObject,
L"PolAcDmS",
NULL,
0);
/* Close the 'Policy' object */ /* Close the 'Policy' object */
LsapCloseDbObject((LSAPR_HANDLE)DbObject); LsapCloseDbObject(PolicyObject);
}
return STATUS_SUCCESS; return STATUS_SUCCESS;
} }
@ -294,25 +294,27 @@ LsapInitDatabase(VOID)
} }
LSAPR_HANDLE NTSTATUS
LsapCreateDbObject(LSAPR_HANDLE ParentHandle, LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject,
LPWSTR ObjectName, IN LPWSTR ObjectName,
BOOLEAN Open, IN LSA_DB_OBJECT_TYPE ObjectType,
LSA_DB_OBJECT_TYPE ObjectType, IN ACCESS_MASK DesiredAccess,
ACCESS_MASK DesiredAccess) OUT PLSA_DB_OBJECT *DbObject)
{ {
PLSA_DB_OBJECT ParentObject = (PLSA_DB_OBJECT)ParentHandle; PLSA_DB_OBJECT NewObject;
PLSA_DB_OBJECT DbObject;
OBJECT_ATTRIBUTES ObjectAttributes; OBJECT_ATTRIBUTES ObjectAttributes;
UNICODE_STRING KeyName; UNICODE_STRING KeyName;
HANDLE ParentKeyHandle; HANDLE ParentKeyHandle;
HANDLE ObjectKeyHandle; HANDLE ObjectKeyHandle;
NTSTATUS Status; NTSTATUS Status;
if (ParentHandle != NULL) if (DbObject == NULL)
ParentKeyHandle = ParentObject->KeyHandle; return STATUS_INVALID_PARAMETER;
else
if (ParentObject == NULL)
ParentKeyHandle = SecurityKeyHandle; ParentKeyHandle = SecurityKeyHandle;
else
ParentKeyHandle = ParentObject->KeyHandle;
RtlInitUnicodeString(&KeyName, RtlInitUnicodeString(&KeyName,
ObjectName); ObjectName);
@ -323,65 +325,122 @@ LsapCreateDbObject(LSAPR_HANDLE ParentHandle,
ParentKeyHandle, ParentKeyHandle,
NULL); NULL);
if (Open == TRUE) Status = NtCreateKey(&ObjectKeyHandle,
{ KEY_ALL_ACCESS,
Status = NtOpenKey(&ObjectKeyHandle, &ObjectAttributes,
KEY_ALL_ACCESS, 0,
&ObjectAttributes); NULL,
} 0,
else NULL);
{
Status = NtCreateKey(&ObjectKeyHandle,
KEY_ALL_ACCESS,
&ObjectAttributes,
0,
NULL,
0,
NULL);
}
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
return NULL; return Status;
} }
DbObject = (PLSA_DB_OBJECT)RtlAllocateHeap(RtlGetProcessHeap(), NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
0, 0,
sizeof(LSA_DB_OBJECT)); sizeof(LSA_DB_OBJECT));
if (DbObject == NULL) if (NewObject == NULL)
{ {
NtClose(ObjectKeyHandle); NtClose(ObjectKeyHandle);
return NULL; return STATUS_NO_MEMORY;
} }
DbObject->Signature = LSAP_DB_SIGNATURE; NewObject->Signature = LSAP_DB_SIGNATURE;
DbObject->RefCount = 0; NewObject->RefCount = 1;
DbObject->ObjectType = ObjectType; NewObject->ObjectType = ObjectType;
DbObject->Access = DesiredAccess; NewObject->Access = DesiredAccess;
DbObject->KeyHandle = ObjectKeyHandle; NewObject->KeyHandle = ObjectKeyHandle;
DbObject->ParentObject = ParentObject; NewObject->ParentObject = ParentObject;
if (ParentObject != NULL) if (ParentObject != NULL)
ParentObject->RefCount++; ParentObject->RefCount++;
return (LSAPR_HANDLE)DbObject; *DbObject = NewObject;
return STATUS_SUCCESS;
}
NTSTATUS
LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject,
IN LPWSTR ObjectName,
IN LSA_DB_OBJECT_TYPE ObjectType,
IN ACCESS_MASK DesiredAccess,
OUT PLSA_DB_OBJECT *DbObject)
{
PLSA_DB_OBJECT NewObject;
OBJECT_ATTRIBUTES ObjectAttributes;
UNICODE_STRING KeyName;
HANDLE ParentKeyHandle;
HANDLE ObjectKeyHandle;
NTSTATUS Status;
if (DbObject == NULL)
return STATUS_INVALID_PARAMETER;
if (ParentObject == NULL)
ParentKeyHandle = SecurityKeyHandle;
else
ParentKeyHandle = ParentObject->KeyHandle;
RtlInitUnicodeString(&KeyName,
ObjectName);
InitializeObjectAttributes(&ObjectAttributes,
&KeyName,
OBJ_CASE_INSENSITIVE,
ParentKeyHandle,
NULL);
Status = NtOpenKey(&ObjectKeyHandle,
KEY_ALL_ACCESS,
&ObjectAttributes);
if (!NT_SUCCESS(Status))
{
return Status;
}
NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
0,
sizeof(LSA_DB_OBJECT));
if (NewObject == NULL)
{
NtClose(ObjectKeyHandle);
return STATUS_NO_MEMORY;
}
NewObject->Signature = LSAP_DB_SIGNATURE;
NewObject->RefCount = 1;
NewObject->ObjectType = ObjectType;
NewObject->Access = DesiredAccess;
NewObject->KeyHandle = ObjectKeyHandle;
NewObject->ParentObject = ParentObject;
if (ParentObject != NULL)
ParentObject->RefCount++;
*DbObject = NewObject;
return STATUS_SUCCESS;
} }
NTSTATUS NTSTATUS
LsapValidateDbObject(LSAPR_HANDLE Handle, LsapValidateDbObject(LSAPR_HANDLE Handle,
LSA_DB_OBJECT_TYPE ObjectType, LSA_DB_OBJECT_TYPE ObjectType,
ACCESS_MASK GrantedAccess) ACCESS_MASK DesiredAccess,
PLSA_DB_OBJECT *DbObject)
{ {
PLSA_DB_OBJECT DbObject = (PLSA_DB_OBJECT)Handle; PLSA_DB_OBJECT LocalObject = (PLSA_DB_OBJECT)Handle;
BOOLEAN bValid = FALSE; BOOLEAN bValid = FALSE;
_SEH2_TRY _SEH2_TRY
{ {
if (DbObject->Signature == LSAP_DB_SIGNATURE) if (LocalObject->Signature == LSAP_DB_SIGNATURE)
{ {
if ((ObjectType == LsaDbIgnoreObject) || if ((ObjectType == LsaDbIgnoreObject) ||
(DbObject->ObjectType == ObjectType)) (LocalObject->ObjectType == ObjectType))
bValid = TRUE; bValid = TRUE;
} }
} }
@ -394,32 +453,52 @@ LsapValidateDbObject(LSAPR_HANDLE Handle,
if (bValid == FALSE) if (bValid == FALSE)
return STATUS_INVALID_HANDLE; return STATUS_INVALID_HANDLE;
if (GrantedAccess != 0) if (DesiredAccess != 0)
{ {
/* FIXME: Check for granted access rights */ /* Check for granted access rights */
if ((LocalObject->Access & DesiredAccess) != DesiredAccess)
{
ERR("LsapValidateDbObject access check failed %08lx %08lx\n",
LocalObject->Access, DesiredAccess);
return STATUS_ACCESS_DENIED;
}
} }
if (DbObject != NULL)
*DbObject = LocalObject;
return STATUS_SUCCESS; return STATUS_SUCCESS;
} }
NTSTATUS NTSTATUS
LsapCloseDbObject(LSAPR_HANDLE Handle) LsapCloseDbObject(PLSA_DB_OBJECT DbObject)
{ {
PLSA_DB_OBJECT DbObject = (PLSA_DB_OBJECT)Handle; PLSA_DB_OBJECT ParentObject = NULL;
NTSTATUS Status = STATUS_SUCCESS;
if (DbObject->RefCount != 0) DbObject->RefCount--;
return STATUS_UNSUCCESSFUL;
if (DbObject->ParentObject != NULL) if (DbObject->RefCount > 0)
DbObject->ParentObject->RefCount--; return STATUS_SUCCESS;
if (DbObject->KeyHandle != NULL) if (DbObject->KeyHandle != NULL)
NtClose(DbObject->KeyHandle); NtClose(DbObject->KeyHandle);
if (DbObject->ParentObject != NULL)
ParentObject = DbObject->ParentObject;
RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject); RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
return STATUS_SUCCESS; if (ParentObject != NULL)
{
ParentObject->RefCount--;
if (ParentObject->RefCount == 0)
Status = LsapCloseDbObject(ParentObject);
}
return Status;
} }

119
reactos/dll/win32/lsasrv/lsarpc.c
View file

@ -69,6 +69,7 @@ void __RPC_USER LSAPR_HANDLE_rundown(LSAPR_HANDLE hHandle)
NTSTATUS WINAPI LsarClose( NTSTATUS WINAPI LsarClose(
LSAPR_HANDLE *ObjectHandle) LSAPR_HANDLE *ObjectHandle)
{ {
PLSA_DB_OBJECT DbObject;
NTSTATUS Status = STATUS_SUCCESS; NTSTATUS Status = STATUS_SUCCESS;
TRACE("0x%p\n", ObjectHandle); TRACE("0x%p\n", ObjectHandle);
@ -77,10 +78,11 @@ NTSTATUS WINAPI LsarClose(
Status = LsapValidateDbObject(*ObjectHandle, Status = LsapValidateDbObject(*ObjectHandle,
LsaDbIgnoreObject, LsaDbIgnoreObject,
0); 0,
&DbObject);
if (Status == STATUS_SUCCESS) if (Status == STATUS_SUCCESS)
{ {
Status = LsapCloseDbObject(*ObjectHandle); Status = LsapCloseDbObject(DbObject);
*ObjectHandle = NULL; *ObjectHandle = NULL;
} }
@ -154,22 +156,24 @@ NTSTATUS WINAPI LsarOpenPolicy(
ACCESS_MASK DesiredAccess, ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *PolicyHandle) LSAPR_HANDLE *PolicyHandle)
{ {
NTSTATUS Status = STATUS_SUCCESS; PLSA_DB_OBJECT PolicyObject;
NTSTATUS Status;
TRACE("LsarOpenPolicy called!\n"); TRACE("LsarOpenPolicy called!\n");
RtlEnterCriticalSection(&PolicyHandleTableLock); RtlEnterCriticalSection(&PolicyHandleTableLock);
*PolicyHandle = LsapCreateDbObject(NULL, Status = LsapOpenDbObject(NULL,
L"Policy", L"Policy",
TRUE, LsaDbPolicyObject,
LsaDbPolicyObject, DesiredAccess,
DesiredAccess); &PolicyObject);
if (*PolicyHandle == NULL)
Status = STATUS_INSUFFICIENT_RESOURCES;
RtlLeaveCriticalSection(&PolicyHandleTableLock); RtlLeaveCriticalSection(&PolicyHandleTableLock);
if (NT_SUCCESS(Status))
*PolicyHandle = (LSAPR_HANDLE)PolicyObject;
TRACE("LsarOpenPolicy done!\n"); TRACE("LsarOpenPolicy done!\n");
return Status; return Status;
@ -182,6 +186,7 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
POLICY_INFORMATION_CLASS InformationClass, POLICY_INFORMATION_CLASS InformationClass,
PLSAPR_POLICY_INFORMATION *PolicyInformation) PLSAPR_POLICY_INFORMATION *PolicyInformation)
{ {
PLSA_DB_OBJECT DbObject;
NTSTATUS Status; NTSTATUS Status;
TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n", TRACE("LsarQueryInformationPolicy(%p,0x%08x,%p)\n",
@ -194,7 +199,8 @@ NTSTATUS WINAPI LsarQueryInformationPolicy(
Status = LsapValidateDbObject(PolicyHandle, Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject, LsaDbPolicyObject,
0); /* FIXME */ 0, /* FIXME */
&DbObject);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
return Status; return Status;
@ -244,6 +250,7 @@ NTSTATUS WINAPI LsarSetInformationPolicy(
POLICY_INFORMATION_CLASS InformationClass, POLICY_INFORMATION_CLASS InformationClass,
PLSAPR_POLICY_INFORMATION PolicyInformation) PLSAPR_POLICY_INFORMATION PolicyInformation)
{ {
PLSA_DB_OBJECT DbObject;
NTSTATUS Status; NTSTATUS Status;
TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n", TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
@ -256,7 +263,8 @@ NTSTATUS WINAPI LsarSetInformationPolicy(
Status = LsapValidateDbObject(PolicyHandle, Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject, LsaDbPolicyObject,
0); /* FIXME */ 0, /* FIXME */
&DbObject);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
return Status; return Status;
@ -310,15 +318,17 @@ NTSTATUS WINAPI LsarCreateAccount(
ACCESS_MASK DesiredAccess, ACCESS_MASK DesiredAccess,
LSAPR_HANDLE *AccountHandle) LSAPR_HANDLE *AccountHandle)
{ {
LSAPR_HANDLE AccountsHandle; PLSA_DB_OBJECT PolicyObject;
LSAPR_HANDLE Account; PLSA_DB_OBJECT AccountsObject = NULL;
LPWSTR SidString; PLSA_DB_OBJECT AccountObject = NULL;
NTSTATUS Status; LPWSTR SidString = NULL;
NTSTATUS Status = STATUS_SUCCESS;
/* Validate the PolicyHandle */ /* Validate the PolicyHandle */
Status = LsapValidateDbObject(PolicyHandle, Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject, LsaDbPolicyObject,
POLICY_CREATE_ACCOUNT); POLICY_CREATE_ACCOUNT,
&PolicyObject);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
ERR("LsapValidateDbObject returned 0x%08lx\n", Status); ERR("LsapValidateDbObject returned 0x%08lx\n", Status);
@ -326,15 +336,15 @@ NTSTATUS WINAPI LsarCreateAccount(
} }
/* Open the Accounts object */ /* Open the Accounts object */
AccountsHandle = LsapCreateDbObject(PolicyHandle, Status = LsapOpenDbObject(PolicyObject,
L"Accounts", L"Accounts",
TRUE, LsaDbContainerObject,
LsaDbContainerObject, 0,
0); &AccountsObject);
if (AccountsHandle == NULL) if (!NT_SUCCESS(Status))
{ {
ERR("LsapCreateDbObject (Accounts) failed\n"); ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status);
return STATUS_UNSUCCESSFUL; goto done;
} }
/* Create SID string */ /* Create SID string */
@ -342,31 +352,44 @@ NTSTATUS WINAPI LsarCreateAccount(
&SidString)) &SidString))
{ {
ERR("ConvertSidToStringSid failed\n"); ERR("ConvertSidToStringSid failed\n");
return STATUS_UNSUCCESSFUL; Status = STATUS_INVALID_PARAMETER;
goto done;
} }
/* Create the Account object */ /* Create the Account object */
Account = LsapCreateDbObject(AccountsHandle, Status = LsapCreateDbObject(AccountsObject,
SidString, SidString,
FALSE, LsaDbAccountObject,
LsaDbAccountObject, DesiredAccess,
DesiredAccess); &AccountObject);
if (Account != NULL) if (!NT_SUCCESS(Status))
{ {
/* Set the Sid attribute */ ERR("LsapCreateDbObject (Account) failed (Status 0x%08lx)\n", Status);
Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)Account, goto done;
L"Sid",
(PVOID)AccountSid,
GetLengthSid(AccountSid));
if (NT_SUCCESS(Status))
{
*AccountHandle = Account;
}
} }
LocalFree(SidString); /* Set the Sid attribute */
Status = LsapSetObjectAttribute(AccountObject,
L"Sid",
(PVOID)AccountSid,
GetLengthSid(AccountSid));
LsapCloseDbObject(AccountsHandle); done:
if (SidString != NULL)
LocalFree(SidString);
if (!NT_SUCCESS(Status))
{
if (AccountObject != NULL)
LsapCloseDbObject(AccountObject);
}
else
{
*AccountHandle = (LSAPR_HANDLE)AccountObject;
}
if (AccountsObject != NULL)
LsapCloseDbObject(AccountsObject);
return STATUS_SUCCESS; return STATUS_SUCCESS;
} }
@ -777,7 +800,8 @@ NTSTATUS WINAPI LsarLookupPrivilegeValue(
Status = LsapValidateDbObject(PolicyHandle, Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject, LsaDbPolicyObject,
0); /* FIXME */ 0, /* FIXME */
NULL);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
ERR("Invalid handle (Status %lx)\n", Status); ERR("Invalid handle (Status %lx)\n", Status);
@ -806,7 +830,8 @@ NTSTATUS WINAPI LsarLookupPrivilegeName(
Status = LsapValidateDbObject(PolicyHandle, Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject, LsaDbPolicyObject,
0); /* FIXME */ 0, /* FIXME */
NULL);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
ERR("Invalid handle\n"); ERR("Invalid handle\n");
@ -859,13 +884,15 @@ NTSTATUS WINAPI LsarEnmuerateAccountRights(
PRPC_SID AccountSid, PRPC_SID AccountSid,
PLSAPR_USER_RIGHT_SET UserRights) PLSAPR_USER_RIGHT_SET UserRights)
{ {
PLSA_DB_OBJECT PolicyObject;
NTSTATUS Status; NTSTATUS Status;
FIXME("(%p,%p,%p) stub\n", PolicyHandle, AccountSid, UserRights); FIXME("(%p,%p,%p) stub\n", PolicyHandle, AccountSid, UserRights);
Status = LsapValidateDbObject(PolicyHandle, Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject, LsaDbPolicyObject,
0); /* FIXME */ 0, /* FIXME */
&PolicyObject);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
return Status; return Status;

42
reactos/dll/win32/lsasrv/lsasrv.h
View file

@ -59,20 +59,28 @@ StartAuthenticationPort(VOID);
NTSTATUS NTSTATUS
LsapInitDatabase(VOID); LsapInitDatabase(VOID);
LSAPR_HANDLE NTSTATUS
LsapCreateDbObject(LSAPR_HANDLE ParentHandle, LsapCreateDbObject(IN PLSA_DB_OBJECT ParentObject,
LPWSTR ObjectName, IN LPWSTR ObjectName,
BOOLEAN Open, IN LSA_DB_OBJECT_TYPE HandleType,
LSA_DB_OBJECT_TYPE HandleType, IN ACCESS_MASK DesiredAccess,
ACCESS_MASK DesiredAccess); OUT PLSA_DB_OBJECT *DbObject);
NTSTATUS NTSTATUS
LsapValidateDbObject(LSAPR_HANDLE Handle, LsapOpenDbObject(IN PLSA_DB_OBJECT ParentObject,
LSA_DB_OBJECT_TYPE HandleType, IN LPWSTR ObjectName,
ACCESS_MASK GrantedAccess); IN LSA_DB_OBJECT_TYPE ObjectType,
IN ACCESS_MASK DesiredAccess,
OUT PLSA_DB_OBJECT *DbObject);
NTSTATUS NTSTATUS
LsapCloseDbObject(LSAPR_HANDLE Handle); LsapValidateDbObject(IN LSAPR_HANDLE Handle,
IN LSA_DB_OBJECT_TYPE HandleType,
IN ACCESS_MASK GrantedAccess,
OUT PLSA_DB_OBJECT *DbObject);
NTSTATUS
LsapCloseDbObject(IN PLSA_DB_OBJECT DbObject);
NTSTATUS NTSTATUS
LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject, LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject,
@ -92,31 +100,31 @@ LsarStartRpcServer(VOID);
/* policy.c */ /* policy.c */
NTSTATUS NTSTATUS
LsarQueryAuditEvents(LSAPR_HANDLE PolicyHandle, LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation); PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS NTSTATUS
LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle, LsarQueryPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation); PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS NTSTATUS
LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle, LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation); PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS NTSTATUS
LsarQueryDnsDomain(LSAPR_HANDLE PolicyHandle, LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation); PLSAPR_POLICY_INFORMATION *PolicyInformation);
NTSTATUS NTSTATUS
LsarSetPrimaryDomain(LSAPR_HANDLE PolicyObject, LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_PRIMARY_DOM_INFO Info); PLSAPR_POLICY_PRIMARY_DOM_INFO Info);
NTSTATUS NTSTATUS
LsarSetAccountDomain(LSAPR_HANDLE PolicyObject, LsarSetAccountDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_ACCOUNT_DOM_INFO Info); PLSAPR_POLICY_ACCOUNT_DOM_INFO Info);
NTSTATUS NTSTATUS
LsarSetDnsDomain(LSAPR_HANDLE PolicyObject, LsarSetDnsDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_DNS_DOMAIN_INFO Info); PLSAPR_POLICY_DNS_DOMAIN_INFO Info);
/* privileges.c */ /* privileges.c */

48
reactos/dll/win32/lsasrv/policy.c
View file

@ -16,7 +16,7 @@ WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
/* FUNCTIONS ***************************************************************/ /* FUNCTIONS ***************************************************************/
NTSTATUS NTSTATUS
LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle, LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_PRIMARY_DOM_INFO Info) PLSAPR_POLICY_PRIMARY_DOM_INFO Info)
{ {
PUNICODE_STRING Buffer; PUNICODE_STRING Buffer;
@ -24,7 +24,7 @@ LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle,
NTSTATUS Status; NTSTATUS Status;
LPWSTR Ptr; LPWSTR Ptr;
TRACE("LsarSetPrimaryDomain(%p, %p)\n", PolicyHandle, Info); TRACE("LsarSetPrimaryDomain(%p, %p)\n", PolicyObject, Info);
Length = sizeof(UNICODE_STRING) + Info->Name.MaximumLength; Length = sizeof(UNICODE_STRING) + Info->Name.MaximumLength;
Buffer = RtlAllocateHeap(RtlGetProcessHeap(), Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
@ -39,9 +39,10 @@ LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle,
Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING)); Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING));
memcpy(Ptr, Info->Name.Buffer, Info->Name.MaximumLength); memcpy(Ptr, Info->Name.Buffer, Info->Name.MaximumLength);
Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapSetObjectAttribute(PolicyObject,
L"PolPrDmN", L"PolPrDmN",
Buffer, Length); Buffer,
Length);
RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer); RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
@ -52,7 +53,7 @@ LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle,
if (Info->Sid != NULL) if (Info->Sid != NULL)
Length = RtlLengthSid(Info->Sid); Length = RtlLengthSid(Info->Sid);
Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapSetObjectAttribute(PolicyObject,
L"PolPrDmS", L"PolPrDmS",
(LPBYTE)Info->Sid, (LPBYTE)Info->Sid,
Length); Length);
@ -62,7 +63,7 @@ LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle,
NTSTATUS NTSTATUS
LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle, LsarSetAccountDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_ACCOUNT_DOM_INFO Info) PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
{ {
PUNICODE_STRING Buffer; PUNICODE_STRING Buffer;
@ -70,7 +71,7 @@ LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle,
NTSTATUS Status; NTSTATUS Status;
LPWSTR Ptr; LPWSTR Ptr;
TRACE("LsarSetAccountDomain(%p, %p)\n", PolicyHandle, Info); TRACE("LsarSetAccountDomain(%p, %p)\n", PolicyObject, Info);
Length = sizeof(UNICODE_STRING) + Info->DomainName.MaximumLength; Length = sizeof(UNICODE_STRING) + Info->DomainName.MaximumLength;
Buffer = RtlAllocateHeap(RtlGetProcessHeap(), Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
@ -85,9 +86,10 @@ LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle,
Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING)); Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING));
memcpy(Ptr, Info->DomainName.Buffer, Info->DomainName.MaximumLength); memcpy(Ptr, Info->DomainName.Buffer, Info->DomainName.MaximumLength);
Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapSetObjectAttribute(PolicyObject,
L"PolAcDmN", L"PolAcDmN",
Buffer, Length); Buffer,
Length);
RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer); RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
@ -98,7 +100,7 @@ LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle,
if (Info->Sid != NULL) if (Info->Sid != NULL)
Length = RtlLengthSid(Info->Sid); Length = RtlLengthSid(Info->Sid);
Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapSetObjectAttribute(PolicyObject,
L"PolAcDmS", L"PolAcDmS",
(LPBYTE)Info->Sid, (LPBYTE)Info->Sid,
Length); Length);
@ -108,7 +110,7 @@ LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle,
NTSTATUS NTSTATUS
LsarSetDnsDomain(LSAPR_HANDLE PolicyHandle, LsarSetDnsDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_DNS_DOMAIN_INFO Info) PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
{ {
@ -117,7 +119,7 @@ LsarSetDnsDomain(LSAPR_HANDLE PolicyHandle,
NTSTATUS NTSTATUS
LsarQueryAuditEvents(LSAPR_HANDLE PolicyHandle, LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation) PLSAPR_POLICY_INFORMATION *PolicyInformation)
{ {
PLSAPR_POLICY_AUDIT_EVENTS_INFO p = NULL; PLSAPR_POLICY_AUDIT_EVENTS_INFO p = NULL;
@ -137,7 +139,7 @@ LsarQueryAuditEvents(LSAPR_HANDLE PolicyHandle,
NTSTATUS NTSTATUS
LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle, LsarQueryPrimaryDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation) PLSAPR_POLICY_INFORMATION *PolicyInformation)
{ {
PLSAPR_POLICY_PRIMARY_DOM_INFO p = NULL; PLSAPR_POLICY_PRIMARY_DOM_INFO p = NULL;
@ -153,7 +155,7 @@ LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle,
/* Domain Name */ /* Domain Name */
AttributeSize = 0; AttributeSize = 0;
Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapGetObjectAttribute(PolicyObject,
L"PolPrDmN", L"PolPrDmN",
NULL, NULL,
&AttributeSize); &AttributeSize);
@ -171,7 +173,7 @@ LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle,
goto Done; goto Done;
} }
Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapGetObjectAttribute(PolicyObject,
L"PolPrDmN", L"PolPrDmN",
DomainName, DomainName,
&AttributeSize); &AttributeSize);
@ -201,7 +203,7 @@ LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle,
/* Domain SID */ /* Domain SID */
AttributeSize = 0; AttributeSize = 0;
Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapGetObjectAttribute(PolicyObject,
L"PolPrDmS", L"PolPrDmS",
NULL, NULL,
&AttributeSize); &AttributeSize);
@ -219,7 +221,7 @@ LsarQueryPrimaryDomain(LSAPR_HANDLE PolicyHandle,
goto Done; goto Done;
} }
Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapGetObjectAttribute(PolicyObject,
L"PolPrDmS", L"PolPrDmS",
p->Sid, p->Sid,
&AttributeSize); &AttributeSize);
@ -247,7 +249,7 @@ Done:
NTSTATUS NTSTATUS
LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle, LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation) PLSAPR_POLICY_INFORMATION *PolicyInformation)
{ {
PLSAPR_POLICY_ACCOUNT_DOM_INFO p = NULL; PLSAPR_POLICY_ACCOUNT_DOM_INFO p = NULL;
@ -262,7 +264,7 @@ LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle,
return STATUS_INSUFFICIENT_RESOURCES; return STATUS_INSUFFICIENT_RESOURCES;
/* Domain Name */ /* Domain Name */
Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmN", L"PolAcDmN",
NULL, NULL,
&AttributeSize); &AttributeSize);
@ -280,7 +282,7 @@ LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle,
goto Done; goto Done;
} }
Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmN", L"PolAcDmN",
DomainName, DomainName,
&AttributeSize); &AttributeSize);
@ -310,7 +312,7 @@ LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle,
/* Domain SID */ /* Domain SID */
AttributeSize = 0; AttributeSize = 0;
Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmS", L"PolAcDmS",
NULL, NULL,
&AttributeSize); &AttributeSize);
@ -328,7 +330,7 @@ LsarQueryAccountDomain(LSAPR_HANDLE PolicyHandle,
goto Done; goto Done;
} }
Status = LsapGetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle, Status = LsapGetObjectAttribute(PolicyObject,
L"PolAcDmS", L"PolAcDmS",
p->Sid, p->Sid,
&AttributeSize); &AttributeSize);
@ -356,7 +358,7 @@ Done:
NTSTATUS NTSTATUS
LsarQueryDnsDomain(LSAPR_HANDLE PolicyHandle, LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject,
PLSAPR_POLICY_INFORMATION *PolicyInformation) PLSAPR_POLICY_INFORMATION *PolicyInformation)
{ {
PLSAPR_POLICY_DNS_DOMAIN_INFO p = NULL; PLSAPR_POLICY_DNS_DOMAIN_INFO p = NULL;