[ekohl] 53783: [LSA] - Implement the LSA object database. - Implement the information classes PolicyPrimaryDomainInformation and PolicyAccountDomainInformation of LsarSetInformationPolicy().
20 Sep
2011
20 Sep
'11
11:15 p.m.
Author: ekohl
Date: Tue Sep 20 23:15:51 2011
New Revision: 53783
URL: http://svn.reactos.org/svn/reactos?rev=53783&view=rev
Log:
[LSA]
- Implement the LSA object database.
- Implement the information classes PolicyPrimaryDomainInformation and
PolicyAccountDomainInformation of LsarSetInformationPolicy().
Added:
trunk/reactos/dll/win32/lsasrv/database.c (with props)
trunk/reactos/dll/win32/lsasrv/policy.c (with props)
Modified:
trunk/reactos/dll/win32/lsasrv/CMakeLists.txt
trunk/reactos/dll/win32/lsasrv/lsarpc.c
trunk/reactos/dll/win32/lsasrv/lsasrv.c
trunk/reactos/dll/win32/lsasrv/lsasrv.h
trunk/reactos/dll/win32/lsasrv/lsasrv.rbuild
trunk/reactos/dll/win32/lsasrv/lsasrv.spec
trunk/reactos/dll/win32/lsasrv/privileges.c
Modified: trunk/reactos/dll/win32/lsasrv/CMakeLists.txt
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/CMakeList…
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/CMakeLists.txt [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/CMakeLists.txt [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -12,8 +12,10 @@
list(APPEND SOURCE
authport.c
+ database.c
lsarpc.c
lsasrv.c
+ policy.c
privileges.c
sids.c
lsasrv.rc
Added: trunk/reactos/dll/win32/lsasrv/database.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/database.…
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/database.c (added)
+++ trunk/reactos/dll/win32/lsasrv/database.c [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -1,0 +1,476 @@
+/*
+ * PROJECT: Local Security Authority Server DLL
+ * LICENSE: GPL - See COPYING in the top level directory
+ * FILE: dll/win32/lsasrv/database.c
+ * PURPOSE: LSA object database
+ * COPYRIGHT: Copyright 2011 Eric Kohl
+ */
+
+/* INCLUDES ****************************************************************/
+
+#include "lsasrv.h"
+
+WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
+
+
+/* GLOBALS *****************************************************************/
+
+static HANDLE SecurityKeyHandle = NULL;
+
+
+/* FUNCTIONS ***************************************************************/
+
+static NTSTATUS
+LsapOpenServiceKey(VOID)
+{
+ OBJECT_ATTRIBUTES ObjectAttributes;
+ UNICODE_STRING KeyName;
+ NTSTATUS Status;
+
+ RtlInitUnicodeString(&KeyName,
+ L"\\Registry\\Machine\\SECURITY");
+
+ InitializeObjectAttributes(&ObjectAttributes,
+ &KeyName,
+ OBJ_CASE_INSENSITIVE,
+ NULL,
+ NULL);
+
+ Status = RtlpNtOpenKey(&SecurityKeyHandle,
+ KEY_READ | KEY_CREATE_SUB_KEY | KEY_ENUMERATE_SUB_KEYS,
+ &ObjectAttributes,
+ 0);
+
+ return Status;
+}
+
+
+static BOOLEAN
+LsapIsDatabaseInstalled(VOID)
+{
+ OBJECT_ATTRIBUTES ObjectAttributes;
+ UNICODE_STRING KeyName;
+ HANDLE KeyHandle;
+ NTSTATUS Status;
+
+ RtlInitUnicodeString(&KeyName,
+ L"Policy");
+
+ InitializeObjectAttributes(&ObjectAttributes,
+ &KeyName,
+ OBJ_CASE_INSENSITIVE,
+ SecurityKeyHandle,
+ NULL);
+
+ Status = RtlpNtOpenKey(&KeyHandle,
+ KEY_READ,
+ &ObjectAttributes,
+ 0);
+ if (!NT_SUCCESS(Status))
+ return FALSE;
+
+ NtClose(KeyHandle);
+
+ return TRUE;
+}
+
+
+static NTSTATUS
+LsapInstallDatabase(VOID)
+{
+ OBJECT_ATTRIBUTES ObjectAttributes;
+ UNICODE_STRING KeyName;
+ HANDLE PolicyKeyHandle = NULL;
+ HANDLE AccountsKeyHandle = NULL;
+ HANDLE DomainsKeyHandle = NULL;
+ HANDLE SecretsKeyHandle = NULL;
+ NTSTATUS Status = STATUS_SUCCESS;
+
+ TRACE("LsapInstallDatabase()\n");
+
+ /* Create the 'Policy' key */
+ RtlInitUnicodeString(&KeyName,
+ L"Policy");
+
+ InitializeObjectAttributes(&ObjectAttributes,
+ &KeyName,
+ OBJ_CASE_INSENSITIVE,
+ SecurityKeyHandle,
+ NULL);
+
+ Status = NtCreateKey(&PolicyKeyHandle,
+ KEY_ALL_ACCESS,
+ &ObjectAttributes,
+ 0,
+ NULL,
+ 0,
+ NULL);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("Failed to create the 'Policy' key (Status: 0x%08lx)\n",
Status);
+ goto Done;
+ }
+
+ /* Create the 'Accounts' key */
+ RtlInitUnicodeString(&KeyName,
+ L"Accounts");
+
+ InitializeObjectAttributes(&ObjectAttributes,
+ &KeyName,
+ OBJ_CASE_INSENSITIVE,
+ PolicyKeyHandle,
+ NULL);
+
+ Status = NtCreateKey(&AccountsKeyHandle,
+ KEY_ALL_ACCESS,
+ &ObjectAttributes,
+ 0,
+ NULL,
+ 0,
+ NULL);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("Failed to create the 'Accounts' key (Status: 0x%08lx)\n",
Status);
+ goto Done;
+ }
+
+ /* Create the 'Domains' key */
+ RtlInitUnicodeString(&KeyName,
+ L"Domains");
+
+ InitializeObjectAttributes(&ObjectAttributes,
+ &KeyName,
+ OBJ_CASE_INSENSITIVE,
+ PolicyKeyHandle,
+ NULL);
+
+ Status = NtCreateKey(&DomainsKeyHandle,
+ KEY_ALL_ACCESS,
+ &ObjectAttributes,
+ 0,
+ NULL,
+ 0,
+ NULL);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("Failed to create the 'Domains' key (Status: 0x%08lx)\n",
Status);
+ goto Done;
+ }
+
+ /* Create the 'Secrets' key */
+ RtlInitUnicodeString(&KeyName,
+ L"Secrets");
+
+ InitializeObjectAttributes(&ObjectAttributes,
+ &KeyName,
+ OBJ_CASE_INSENSITIVE,
+ PolicyKeyHandle,
+ NULL);
+
+ Status = NtCreateKey(&SecretsKeyHandle,
+ KEY_ALL_ACCESS,
+ &ObjectAttributes,
+ 0,
+ NULL,
+ 0,
+ NULL);
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("Failed to create the 'Secrets' key (Status: 0x%08lx)\n",
Status);
+ goto Done;
+ }
+
+
+Done:
+ if (SecretsKeyHandle != NULL)
+ NtClose(SecretsKeyHandle);
+
+ if (DomainsKeyHandle != NULL)
+ NtClose(DomainsKeyHandle);
+
+ if (AccountsKeyHandle != NULL)
+ NtClose(AccountsKeyHandle);
+
+ if (PolicyKeyHandle != NULL)
+ NtClose(PolicyKeyHandle);
+
+ TRACE("LsapInstallDatabase() done (Status: 0x%08lx)\n", Status);
+
+ return Status;
+}
+
+
+NTSTATUS
+LsapInitDatabase(VOID)
+{
+ NTSTATUS Status;
+
+ TRACE("LsapInitDatabase()\n");
+
+ Status = LsapOpenServiceKey();
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
+ return Status;
+ }
+
+ if (!LsapIsDatabaseInstalled())
+ {
+ Status = LsapInstallDatabase();
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("Failed to install the LSA database (Status: 0x%08lx)\n",
Status);
+ return Status;
+ }
+ }
+
+ TRACE("LsapInitDatabase() done\n");
+
+ return STATUS_SUCCESS;
+}
+
+
+LSAPR_HANDLE
+LsapCreateDbObject(LSAPR_HANDLE ParentHandle,
+ LPWSTR ObjectName,
+ BOOLEAN Open,
+ LSA_DB_OBJECT_TYPE ObjectType,
+ ACCESS_MASK DesiredAccess)
+{
+ PLSA_DB_OBJECT ParentObject = (PLSA_DB_OBJECT)ParentHandle;
+ PLSA_DB_OBJECT DbObject;
+ OBJECT_ATTRIBUTES ObjectAttributes;
+ UNICODE_STRING KeyName;
+ HANDLE ParentKeyHandle;
+ HANDLE ObjectKeyHandle;
+ NTSTATUS Status;
+
+ if (ParentHandle != NULL)
+ ParentKeyHandle = ParentObject->KeyHandle;
+ else
+ ParentKeyHandle = SecurityKeyHandle;
+
+ RtlInitUnicodeString(&KeyName,
+ ObjectName);
+
+ InitializeObjectAttributes(&ObjectAttributes,
+ &KeyName,
+ OBJ_CASE_INSENSITIVE,
+ ParentKeyHandle,
+ NULL);
+
+ if (Open == TRUE)
+ {
+ Status = NtOpenKey(&ObjectKeyHandle,
+ KEY_ALL_ACCESS,
+ &ObjectAttributes);
+ }
+ else
+ {
+ Status = NtCreateKey(&ObjectKeyHandle,
+ KEY_ALL_ACCESS,
+ &ObjectAttributes,
+ 0,
+ NULL,
+ 0,
+ NULL);
+ }
+
+ if (!NT_SUCCESS(Status))
+ {
+ return NULL;
+ }
+
+ DbObject = (PLSA_DB_OBJECT)RtlAllocateHeap(RtlGetProcessHeap(),
+ 0,
+ sizeof(LSA_DB_OBJECT));
+ if (DbObject == NULL)
+ {
+ NtClose(ObjectKeyHandle);
+ return NULL;
+ }
+
+ DbObject->Signature = LSAP_DB_SIGNATURE;
+ DbObject->RefCount = 0;
+ DbObject->ObjectType = ObjectType;
+ DbObject->Access = DesiredAccess;
+ DbObject->KeyHandle = ObjectKeyHandle;
+ DbObject->ParentObject = ParentObject;
+
+ if (ParentObject != NULL)
+ ParentObject->RefCount++;
+
+ return (LSAPR_HANDLE)DbObject;
+}
+
+
+NTSTATUS
+LsapValidateDbObject(LSAPR_HANDLE Handle,
+ LSA_DB_OBJECT_TYPE ObjectType,
+ ACCESS_MASK GrantedAccess)
+{
+ PLSA_DB_OBJECT DbObject = (PLSA_DB_OBJECT)Handle;
+ BOOLEAN bValid = FALSE;
+
+ _SEH2_TRY
+ {
+ if (DbObject->Signature == LSAP_DB_SIGNATURE)
+ {
+ if ((ObjectType == LsaDbIgnoreObject) ||
+ (DbObject->ObjectType == ObjectType))
+ bValid = TRUE;
+ }
+ }
+ _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+ {
+ bValid = FALSE;
+ }
+ _SEH2_END;
+
+ if (bValid == FALSE)
+ return STATUS_INVALID_HANDLE;
+
+ if (GrantedAccess != 0)
+ {
+ /* FIXME: Check for granted access rights */
+ }
+
+ return STATUS_SUCCESS;
+}
+
+
+NTSTATUS
+LsapCloseDbObject(LSAPR_HANDLE Handle)
+{
+ PLSA_DB_OBJECT DbObject = (PLSA_DB_OBJECT)Handle;
+
+ if (DbObject->RefCount != 0)
+ return STATUS_UNSUCCESSFUL;
+
+ if (DbObject->ParentObject != NULL)
+ DbObject->ParentObject->RefCount--;
+
+ if (DbObject->KeyHandle != NULL)
+ NtClose(DbObject->KeyHandle);
+
+ RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
+
+ return STATUS_SUCCESS;
+}
+
+
+NTSTATUS
+LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject,
+ LPWSTR AttributeName,
+ LPVOID AttributeData,
+ ULONG AttributeSize)
+{
+ OBJECT_ATTRIBUTES ObjectAttributes;
+ UNICODE_STRING KeyName;
+ HANDLE AttributeKey;
+ NTSTATUS Status;
+
+ RtlInitUnicodeString(&KeyName,
+ AttributeName);
+
+ InitializeObjectAttributes(&ObjectAttributes,
+ &KeyName,
+ OBJ_CASE_INSENSITIVE,
+ DbObject->KeyHandle,
+ NULL);
+
+ Status = NtCreateKey(&AttributeKey,
+ KEY_SET_VALUE,
+ &ObjectAttributes,
+ 0,
+ NULL,
+ REG_OPTION_NON_VOLATILE,
+ NULL);
+ if (!NT_SUCCESS(Status))
+ {
+
+ return Status;
+ }
+
+ Status = RtlpNtSetValueKey(AttributeKey,
+ REG_NONE,
+ AttributeData,
+ AttributeSize);
+
+ NtClose(AttributeKey);
+
+ return Status;
+}
+
+
+NTSTATUS
+LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject,
+ LPWSTR AttributeName,
+ LPVOID AttributeData,
+ PULONG AttributeSize)
+{
+ OBJECT_ATTRIBUTES ObjectAttributes;
+ UNICODE_STRING KeyName;
+ HANDLE AttributeKey;
+ ULONG ValueSize;
+ NTSTATUS Status;
+
+ RtlInitUnicodeString(&KeyName,
+ AttributeName);
+
+ InitializeObjectAttributes(&ObjectAttributes,
+ &KeyName,
+ OBJ_CASE_INSENSITIVE,
+ DbObject->KeyHandle,
+ NULL);
+
+ Status = NtOpenKey(&AttributeKey,
+ KEY_QUERY_VALUE,
+ &ObjectAttributes);
+ if (!NT_SUCCESS(Status))
+ {
+ return Status;
+ }
+
+ ValueSize = *AttributeSize;
+ Status = RtlpNtQueryValueKey(AttributeKey,
+ NULL,
+ NULL,
+ &ValueSize,
+ 0);
+ if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW)
+ {
+ goto Done;
+ }
+
+ if (AttributeData == NULL || *AttributeSize == 0)
+ {
+ *AttributeSize = ValueSize;
+ Status == STATUS_SUCCESS;
+ goto Done;
+ }
+ else if (*AttributeSize < ValueSize)
+ {
+ *AttributeSize = ValueSize;
+ Status == STATUS_BUFFER_OVERFLOW;
+ goto Done;
+ }
+
+ Status = RtlpNtQueryValueKey(AttributeKey,
+ NULL,
+ AttributeData,
+ &ValueSize,
+ 0);
+ if (NT_SUCCESS(Status))
+ {
+ *AttributeSize = ValueSize;
+ }
+
+Done:
+ NtClose(AttributeKey);
+
+ return Status;
+}
+
+/* EOF */
+
Propchange: trunk/reactos/dll/win32/lsasrv/database.c
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: trunk/reactos/dll/win32/lsasrv/database.c
------------------------------------------------------------------------------
svn:keywords = author date id revision
Modified: trunk/reactos/dll/win32/lsasrv/lsarpc.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsarpc.c?…
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -11,22 +11,6 @@
#include "lsasrv.h"
-typedef enum _LSA_DB_HANDLE_TYPE
-{
- LsaDbIgnoreHandle,
- LsaDbPolicyHandle,
- LsaDbAccountHandle
-} LSA_DB_HANDLE_TYPE, *PLSA_DB_HANDLE_TYPE;
-
-typedef struct _LSA_DB_HANDLE
-{
- ULONG Signature;
- LSA_DB_HANDLE_TYPE HandleType;
- LONG RefCount;
- ACCESS_MASK Access;
-} LSA_DB_HANDLE, *PLSA_DB_HANDLE;
-
-#define LSAP_DB_SIGNATURE 0x12345678
static RTL_CRITICAL_SECTION PolicyHandleTableLock;
@@ -34,68 +18,6 @@
/* FUNCTIONS ***************************************************************/
-
-static LSAPR_HANDLE
-LsapCreateDbHandle(LSA_DB_HANDLE_TYPE HandleType,
- ACCESS_MASK DesiredAccess)
-{
- PLSA_DB_HANDLE DbHandle;
-
-// RtlEnterCriticalSection(&PolicyHandleTableLock);
-
- DbHandle = (PLSA_DB_HANDLE)RtlAllocateHeap(RtlGetProcessHeap(),
- 0,
- sizeof(LSA_DB_HANDLE));
- if (DbHandle != NULL)
- {
- DbHandle->Signature = LSAP_DB_SIGNATURE;
- DbHandle->RefCount = 1;
- DbHandle->HandleType = HandleType;
- DbHandle->Access = DesiredAccess;
- }
-
-// RtlLeaveCriticalSection(&PolicyHandleTableLock);
-
- return (LSAPR_HANDLE)DbHandle;
-}
-
-
-static NTSTATUS
-LsapValidateDbHandle(LSAPR_HANDLE Handle,
- LSA_DB_HANDLE_TYPE HandleType,
- ACCESS_MASK GrantedAccess)
-{
- PLSA_DB_HANDLE DbHandle = (PLSA_DB_HANDLE)Handle;
- BOOL bValid = FALSE;
-
- _SEH2_TRY
- {
- if (DbHandle->Signature == LSAP_DB_SIGNATURE)
- {
- if (HandleType == LsaDbIgnoreHandle)
- bValid = TRUE;
- else if (DbHandle->HandleType == HandleType)
- bValid = TRUE;
- }
- }
- _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
- {
- bValid = FALSE;
- }
- _SEH2_END;
-
- if (bValid == FALSE)
- return STATUS_INVALID_HANDLE;
-
- if (GrantedAccess != 0)
- {
- /* FIXME: Check for granted access rights */
- }
-
- return STATUS_SUCCESS;
-}
-
-
VOID
@@ -153,13 +75,12 @@
// RtlEnterCriticalSection(&PolicyHandleTableLock);
- Status = LsapValidateDbHandle(*ObjectHandle,
- LsaDbIgnoreHandle,
+ Status = LsapValidateDbObject(*ObjectHandle,
+ LsaDbIgnoreObject,
0);
-
if (Status == STATUS_SUCCESS)
{
- RtlFreeHeap(RtlGetProcessHeap(), 0, *ObjectHandle);
+ Status = LsapCloseDbObject(*ObjectHandle);
*ObjectHandle = NULL;
}
@@ -239,7 +160,10 @@
RtlEnterCriticalSection(&PolicyHandleTableLock);
- *PolicyHandle = LsapCreateDbHandle(LsaDbPolicyHandle,
+ *PolicyHandle = LsapCreateDbObject(NULL,
+ L"Policy",
+ TRUE,
+ LsaDbPolicyObject,
DesiredAccess);
if (*PolicyHandle == NULL)
Status = STATUS_INSUFFICIENT_RESOURCES;
@@ -268,8 +192,8 @@
TRACE("*PolicyInformation %p\n", *PolicyInformation);
}
- Status = LsapValidateDbHandle(PolicyHandle,
- LsaDbPolicyHandle,
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
0); /* FIXME */
if (!NT_SUCCESS(Status))
return Status;
@@ -409,8 +333,53 @@
POLICY_INFORMATION_CLASS InformationClass,
PLSAPR_POLICY_INFORMATION PolicyInformation)
{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
+ NTSTATUS Status;
+
+ TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
+ PolicyHandle, InformationClass, PolicyInformation);
+
+ if (PolicyInformation)
+ {
+ TRACE("*PolicyInformation %p\n", *PolicyInformation);
+ }
+
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
+ 0); /* FIXME */
+ if (!NT_SUCCESS(Status))
+ return Status;
+
+ switch (InformationClass)
+ {
+ case PolicyAuditEventsInformation:
+ Status = STATUS_NOT_IMPLEMENTED;
+ break;
+
+ case PolicyPrimaryDomainInformation:
+ Status = LsarSetPrimaryDomain(PolicyHandle,
+
(PLSAPR_POLICY_PRIMARY_DOM_INFO)PolicyInformation);
+ break;
+
+ case PolicyAccountDomainInformation:
+ Status = LsarSetAccountDomain(PolicyHandle,
+
(PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
+ break;
+
+ case PolicyDnsDomainInformation:
+ Status = LsarSetDnsDomain(PolicyHandle,
+ (PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
+ break;
+
+ case PolicyLsaServerRoleInformation:
+ Status = STATUS_NOT_IMPLEMENTED;
+ break;
+
+ default:
+ Status = STATUS_INVALID_PARAMETER;
+ break;
+ }
+
+ return Status;
}
@@ -838,8 +807,8 @@
TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
PolicyHandle, Name, Value);
- Status = LsapValidateDbHandle(PolicyHandle,
- LsaDbPolicyHandle,
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
0); /* FIXME */
if (!NT_SUCCESS(Status))
{
@@ -867,8 +836,8 @@
TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
PolicyHandle, Value, Name);
- Status = LsapValidateDbHandle(PolicyHandle,
- LsaDbPolicyHandle,
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
0); /* FIXME */
if (!NT_SUCCESS(Status))
{
@@ -926,8 +895,8 @@
FIXME("(%p,%p,%p) stub\n", PolicyHandle, AccountSid, UserRights);
- Status = LsapValidateDbHandle(PolicyHandle,
- LsaDbPolicyHandle,
+ Status = LsapValidateDbObject(PolicyHandle,
+ LsaDbPolicyObject,
0); /* FIXME */
if (!NT_SUCCESS(Status))
return Status;
Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.c?…
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsasrv.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsasrv.c [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -25,6 +25,9 @@
/* Initialize the well known SIDs */
LsapInitSids();
+
+ /* Initialize the LSA database */
+ LsapInitDatabase();
/* Start the RPC server */
LsarStartRpcServer();
Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.h?…
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsasrv.h [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsasrv.h [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -9,12 +9,16 @@
#define WIN32_NO_STATUS
#include <windows.h>
-#include <ntsecapi.h>
#define NTOS_MODE_USER
+#include <ndk/cmfuncs.h>
#include <ndk/lpctypes.h>
#include <ndk/lpcfuncs.h>
+#include <ndk/obfuncs.h>
#include <ndk/rtlfuncs.h>
#include <ndk/setypes.h>
+
+
+#include <ntsecapi.h>
#include <string.h>
@@ -24,11 +28,80 @@
#include <wine/debug.h>
+typedef enum _LSA_DB_OBJECT_TYPE
+{
+ LsaDbIgnoreObject,
+ LsaDbContainerObject,
+ LsaDbPolicyObject,
+ LsaDbAccountObject,
+ LsaDbDomainObject,
+ LsaDbSecretObject
+} LSA_DB_OBJECT_TYPE, *PLSA_DB_OBJECT_TYPE;
+
+typedef struct _LSA_DB_OBJECT
+{
+ ULONG Signature;
+ LSA_DB_OBJECT_TYPE ObjectType;
+ ULONG RefCount;
+ ACCESS_MASK Access;
+ HANDLE KeyHandle;
+ struct _LSA_DB_OBJECT *ParentObject;
+} LSA_DB_OBJECT, *PLSA_DB_OBJECT;
+
+#define LSAP_DB_SIGNATURE 0x12345678
+
+
/* authport.c */
-NTSTATUS StartAuthenticationPort(VOID);
+NTSTATUS
+StartAuthenticationPort(VOID);
+
+/* database.c */
+NTSTATUS
+LsapInitDatabase(VOID);
+
+LSAPR_HANDLE
+LsapCreateDbObject(LSAPR_HANDLE ParentHandle,
+ LPWSTR ObjectName,
+ BOOLEAN Open,
+ LSA_DB_OBJECT_TYPE HandleType,
+ ACCESS_MASK DesiredAccess);
+
+NTSTATUS
+LsapValidateDbObject(LSAPR_HANDLE Handle,
+ LSA_DB_OBJECT_TYPE HandleType,
+ ACCESS_MASK GrantedAccess);
+
+NTSTATUS
+LsapCloseDbObject(LSAPR_HANDLE Handle);
+
+NTSTATUS
+LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject,
+ LPWSTR AttributeName,
+ LPVOID AttributeData,
+ PULONG AttributeSize);
+
+NTSTATUS
+LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject,
+ LPWSTR AttributeName,
+ LPVOID AttributeData,
+ ULONG AttributeSize);
/* lsarpc.c */
-VOID LsarStartRpcServer(VOID);
+VOID
+LsarStartRpcServer(VOID);
+
+/* policy.c */
+NTSTATUS
+LsarSetPrimaryDomain(LSAPR_HANDLE PolicyObject,
+ PLSAPR_POLICY_PRIMARY_DOM_INFO Info);
+
+NTSTATUS
+LsarSetAccountDomain(LSAPR_HANDLE PolicyObject,
+ PLSAPR_POLICY_ACCOUNT_DOM_INFO Info);
+
+NTSTATUS
+LsarSetDnsDomain(LSAPR_HANDLE PolicyObject,
+ PLSAPR_POLICY_DNS_DOMAIN_INFO Info);
/* privileges.c */
NTSTATUS
Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.rbuild
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.rb…
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsasrv.rbuild [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsasrv.rbuild [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -9,8 +9,10 @@
<library>ntdll</library>
<library>pseh</library>
<file>authport.c</file>
+ <file>database.c</file>
<file>lsarpc.c</file>
<file>lsasrv.c</file>
+ <file>policy.c</file>
<file>privileges.c</file>
<file>sids.c</file>
<file>lsasrv.rc</file>
Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.spec
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.sp…
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsasrv.spec [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsasrv.spec [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -35,11 +35,13 @@
@ stdcall LsarCreateAccount(ptr ptr long ptr)
@ stdcall LsarCreateSecret(ptr ptr long ptr)
@ stdcall LsarCreateTrustedDomain(ptr ptr long ptr)
+ @ stub LsarCreateTrustedDomainEx
@ stdcall LsarDelete(ptr)
@ stdcall LsarEnumerateAccounts(ptr ptr ptr long)
@ stdcall LsarEnumeratePrivileges(ptr ptr ptr long)
@ stdcall LsarEnumeratePrivilegesAccount(ptr ptr)
@ stdcall LsarEnumerateTrustedDomains(ptr ptr ptr long)
+ @ stub LsarEnumerateTrustedDomainsEx
@ stdcall LsarGetQuotasForAccount(ptr ptr)
@ stdcall LsarGetSystemAccessAccount(ptr ptr)
@ stdcall LsarLookupNames(ptr long ptr ptr ptr long ptr)
@@ -47,19 +49,29 @@
@ stdcall LsarLookupPrivilegeName(ptr ptr ptr)
@ stdcall LsarLookupPrivilegeValue(ptr ptr ptr)
@ stdcall LsarLookupSids(ptr ptr ptr ptr long ptr)
+ @ stub LsarLookupSids2
@ stdcall LsarOpenAccount(ptr ptr long ptr)
@ stdcall LsarOpenPolicy(ptr ptr long ptr)
+ @ stub LsarOpenPolicySce
@ stdcall LsarOpenSecret(ptr ptr long ptr)
@ stdcall LsarOpenTrustedDomain(ptr ptr long ptr)
+ @ stub LsarOpenTrustedDomainByName
+ @ stub LsarQueryDomainInformationPolicy
+ @ stub LsarQueryForestTrustInformation
@ stdcall LsarQueryInfoTrustedDomain(ptr long ptr)
@ stdcall LsarQueryInformationPolicy(ptr long ptr)
@ stdcall LsarQuerySecret(ptr ptr ptr ptr ptr)
@ stdcall LsarQuerySecurityObject(ptr long ptr)
+ @ stub LsarQueryTrustedDomainInfo
+ @ stub LsarQueryTrustedDomainInfoByName
@ stdcall LsarRemovePrivilegesFromAccount(ptr long ptr)
+ @ stub LsarSetDomainInformationPolicy
+ @ stub LsarSetForestTrustInformation
@ stdcall LsarSetInformationPolicy(ptr long ptr)
@ stdcall LsarSetInformationTrustedDomain(ptr long ptr)
@ stdcall LsarSetQuotasForAccount(ptr ptr)
@ stdcall LsarSetSecret(ptr ptr ptr)
@ stdcall LsarSetSecurityObject(ptr long ptr)
@ stdcall LsarSetSystemAccessAccount(ptr long)
+ @ stub LsarSetTrustedDomainInfoByName
@ stdcall ServiceInit()
Added: trunk/reactos/dll/win32/lsasrv/policy.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/policy.c?…
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/policy.c (added)
+++ trunk/reactos/dll/win32/lsasrv/policy.c [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -1,0 +1,118 @@
+/*
+ * PROJECT: Local Security Authority Server DLL
+ * LICENSE: GPL - See COPYING in the top level directory
+ * FILE: dll/win32/lsasrv/policy.c
+ * PURPOSE: Policy object routines
+ * COPYRIGHT: Copyright 2011 Eric Kohl
+ */
+
+/* INCLUDES ****************************************************************/
+
+#include "lsasrv.h"
+
+WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
+
+
+/* FUNCTIONS ***************************************************************/
+
+NTSTATUS
+LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle,
+ PLSAPR_POLICY_PRIMARY_DOM_INFO Info)
+{
+ PUNICODE_STRING Buffer;
+ ULONG Length = 0;
+ NTSTATUS Status;
+ LPWSTR Ptr;
+
+ TRACE("LsarSetPrimaryDomain(%p, %p)\n", PolicyHandle, Info);
+
+ Length = sizeof(UNICODE_STRING) + Info->Name.MaximumLength;
+ Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
+ 0,
+ Length);
+ if (Buffer == NULL)
+ return STATUS_INSUFFICIENT_RESOURCES;
+
+ Buffer->Length = Info->Name.Length;
+ Buffer->MaximumLength = Info->Name.MaximumLength;
+ Buffer->Buffer = (LPWSTR)sizeof(UNICODE_STRING);
+ Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING));
+ memcpy(Ptr, Info->Name.Buffer, Info->Name.MaximumLength);
+
+ Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
+ L"PolPrDmN",
+ Buffer, Length);
+
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
+
+ if (!NT_SUCCESS(Status))
+ return Status;
+
+ Length = 0;
+ if (Info->Sid != NULL)
+ Length = RtlLengthSid(Info->Sid);
+
+ Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
+ L"PolPrDmS",
+ (LPBYTE)Info->Sid,
+ Length);
+
+ return Status;
+}
+
+
+NTSTATUS
+LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle,
+ PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
+{
+ PUNICODE_STRING Buffer;
+ ULONG Length = 0;
+ NTSTATUS Status;
+ LPWSTR Ptr;
+
+ TRACE("LsarSetAccountDomain(%p, %p)\n", PolicyHandle, Info);
+
+ Length = sizeof(UNICODE_STRING) + Info->DomainName.MaximumLength;
+ Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
+ 0,
+ Length);
+ if (Buffer == NULL)
+ return STATUS_INSUFFICIENT_RESOURCES;
+
+ Buffer->Length = Info->DomainName.Length;
+ Buffer->MaximumLength = Info->DomainName.MaximumLength;
+ Buffer->Buffer = (LPWSTR)sizeof(UNICODE_STRING);
+ Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING));
+ memcpy(Ptr, Info->DomainName.Buffer, Info->DomainName.MaximumLength);
+
+ Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
+ L"PolAcDmN",
+ Buffer, Length);
+
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
+
+ if (!NT_SUCCESS(Status))
+ return Status;
+
+ Length = 0;
+ if (Info->Sid != NULL)
+ Length = RtlLengthSid(Info->Sid);
+
+ Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
+ L"PolAcDmS",
+ (LPBYTE)Info->Sid,
+ Length);
+
+ return Status;
+}
+
+
+NTSTATUS
+LsarSetDnsDomain(LSAPR_HANDLE PolicyHandle,
+ PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
+{
+
+ return STATUS_NOT_IMPLEMENTED;
+}
+
+/* EOF */
Propchange: trunk/reactos/dll/win32/lsasrv/policy.c
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: trunk/reactos/dll/win32/lsasrv/policy.c
------------------------------------------------------------------------------
svn:keywords = author date id revision
Modified: trunk/reactos/dll/win32/lsasrv/privileges.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/privilege…
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/privileges.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/privileges.c [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -111,8 +111,9 @@
{
if (_wcsicmp(Name->Buffer, WellKnownPrivileges[Priv].Name) == 0)
{
- Value->LowPart = WellKnownPrivileges[Priv].Luid.LowPart;
- Value->HighPart = WellKnownPrivileges[Priv].Luid.HighPart;
+// Value->LowPart = WellKnownPrivileges[Priv].Luid.LowPart;
+// Value->HighPart = WellKnownPrivileges[Priv].Luid.HighPart;
+ *Value = WellKnownPrivileges[Priv].Luid;
return STATUS_SUCCESS;
}
}
4803
days inactive
4803
days old
0 comments
1 participants
participants (1)
-
ekohl@svn.reactos.org