[ekohl] 58303: [LSALIB/LSASRV] Make the call sequence LsaRegisterLogonProcess, LsaLookupAuthenticationPackage, LsaDeregisterLogonProcess work without failures or loss of connection. WIP. - Ros-diffs

9 Feb 2013

Author: ekohl
Date: Sat Feb  9 22:56:26 2013
New Revision: 58303

URL: http://svn.reactos.org/svn/reactos?rev=58303&view=rev
Log:
[LSALIB/LSASRV]
Make the call sequence LsaRegisterLogonProcess, LsaLookupAuthenticationPackage,
LsaDeregisterLogonProcess work without failures or loss of connection. WIP.

Modified:
    trunk/reactos/dll/win32/lsasrv/authport.c
    trunk/reactos/include/reactos/subsys/lsass/lsass.h
    trunk/reactos/lib/lsalib/lsa.c

Modified: trunk/reactos/dll/win32/lsasrv/authport.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/authport.…
==============================================================================

--- trunk/reactos/dll/win32/lsasrv/authport.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/authport.c [iso-8859-1] Sat Feb  9 22:56:26 2013
@@ -20,16 +20,26 @@
 
 /* FUNCTIONS ***************************************************************/
 
+static NTSTATUS
+LsapLookupAuthenticationPackage(PLSA_API_MSG RequestMsg)
+{
+    RequestMsg->LookupAuthenticationPackage.Reply.Package = 0x12345678;
+
+    return STATUS_SUCCESS;
+}
+
+
 NTSTATUS WINAPI
 AuthPortThreadRoutine(PVOID Param)
 {
-    LSASS_REQUEST Request;
-    PPORT_MESSAGE Reply = NULL;
+    PLSA_API_MSG ReplyMsg = NULL;
+    LSA_API_MSG RequestMsg;
     NTSTATUS Status;
 
     HANDLE ConnectionHandle = NULL;
     PVOID Context = NULL;
     BOOLEAN Accept;
+    REMOTE_PORT_VIEW RemotePortView;
 
     TRACE("AuthPortThreadRoutine() called\n");
 
@@ -39,8 +49,8 @@
     {
         Status = NtReplyWaitReceivePort(AuthPortHandle,
                                         0,
-                                        Reply,
-                                        &Request.Header);
+                                        &ReplyMsg->h,
+                                        &RequestMsg.h);
         if (!NT_SUCCESS(Status))
         {
             TRACE("NtReplyWaitReceivePort() failed (Status %lx)\n", Status);
@@ -49,42 +59,62 @@
 
         TRACE("Received message\n");
 
-        if (Request.Header.u2.s2.Type == LPC_CONNECTION_REQUEST)
+        switch (RequestMsg.h.u2.s2.Type)
         {
-            TRACE("Port connection request\n");
+            case LPC_CONNECTION_REQUEST:
+                TRACE("Port connection request\n");
 
-            Accept = TRUE;
-            NtAcceptConnectPort(&ConnectionHandle,
-                                &Context,
-                                &Request.Header,
-                                Accept,
-                                NULL,
-                                NULL);
+                RemotePortView.Length = sizeof(REMOTE_PORT_VIEW);
 
+                Accept = TRUE;
+                Status = NtAcceptConnectPort(&ConnectionHandle,
+                                             &Context,
+                                             &RequestMsg.h,
+                                             Accept,
+                                             NULL,
+                                             &RemotePortView);
+                if (!NT_SUCCESS(Status))
+                {
+                    ERR("NtAcceptConnectPort failed (Status 0x%lx)\n",
Status);
+                    return Status;
+                }
 
-            NtCompleteConnectPort(ConnectionHandle);
+                Status = NtCompleteConnectPort(ConnectionHandle);
+                if (!NT_SUCCESS(Status))
+                {
+                    ERR("NtCompleteConnectPort failed (Status 0x%lx)\n",
Status);
+                    return Status;
+                }
 
-        }
-        else if (Request.Header.u2.s2.Type == LPC_PORT_CLOSED ||
-                 Request.Header.u2.s2.Type == LPC_CLIENT_DIED)
-        {
-            TRACE("Port closed or client died request\n");
+                ReplyMsg = NULL;
+                break;
 
-//            return STATUS_UNSUCCESSFUL;
-        }
-        else if (Request.Header.u2.s2.Type == LPC_REQUEST)
-        {
-            TRACE("Received request (Type: %lu)\n", Request.Type);
+            case LPC_PORT_CLOSED:
+                TRACE("Port closed\n");
+                ReplyMsg = NULL;
+                break;
 
-        }
-        else if (Request.Header.u2.s2.Type == LPC_DATAGRAM)
-        {
-            TRACE("Received datagram\n");
+            case LPC_CLIENT_DIED:
+                TRACE("Client died\n");
+                ReplyMsg = NULL;
+                break;
 
+            default:
+                TRACE("Received request (ApiNumber: %lu)\n",
RequestMsg.ApiNumber);
+
+                if (RequestMsg.ApiNumber == LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE)
+                {
+                    RequestMsg.Status =
LsapLookupAuthenticationPackage(&RequestMsg);
+                }
+                else
+                    RequestMsg.Status = STATUS_SUCCESS;
+
+                ReplyMsg = &RequestMsg;
+                break;
         }
     }
 
-    return Status;
+    return STATUS_SUCCESS;
 }
 
 
@@ -107,9 +137,9 @@
 
     Status = NtCreatePort(&AuthPortHandle,
                           &ObjectAttributes,
-                          0,
-                          0x100,
-                          0x2000);
+                          sizeof(LSA_CONNECTION_INFO),
+                          sizeof(LSA_API_MSG),
+                          sizeof(LSA_API_MSG) * 32);
     if (!NT_SUCCESS(Status))
     {
         TRACE("NtCreatePort() failed (Status %lx)\n", Status);

Modified: trunk/reactos/include/reactos/subsys/lsass/lsass.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/include/reactos/subsys/lsa…
==============================================================================
--- trunk/reactos/include/reactos/subsys/lsass/lsass.h [iso-8859-1] (original)
+++ trunk/reactos/include/reactos/subsys/lsass/lsass.h [iso-8859-1] Sat Feb  9 22:56:26
2013
@@ -14,14 +14,19 @@
 #include <ntsecapi.h>
 
 #define LSASS_MAX_LOGON_PROCESS_NAME_LENGTH 127
-
-#define LSASS_REQUEST_REGISTER_LOGON_PROCESS               (1)
-#define LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE          (2)
-#define LSASS_REQUEST_DEREGISTER_LOGON_PROCESS             (3)
-#define LSASS_REQUEST_LOGON_USER                           (4)
-#define LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE        (5)
-#define LSASS_REQUEST_MAXIMUM                              (6)
-
+#define LSASS_MAX_PACKAGE_NAME_LENGTH 127
+
+typedef enum _LSA_API_NUMBER
+{
+    LSASS_REQUEST_REGISTER_LOGON_PROCESS,
+    LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE,
+    LSASS_REQUEST_DEREGISTER_LOGON_PROCESS,
+    LSASS_REQUEST_LOGON_USER,
+    LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE,
+    LSASS_REQUEST_MAXIMUM
+} LSA_API_NUMBER, *PLSA_API_NUMBER;
+
+#if 0
 typedef struct _LSASS_LOOKUP_AUTHENTICATION_PACKAGE_REQUEST
 {
    ULONG PackageNameLength;
@@ -46,6 +51,7 @@
     ULONG Dummy;
 } LSASS_DEREGISTER_LOGON_PROCESS_REPLY,
  *PLSASS_DEREGISTER_LOGON_PROCESS_REPLY;
+#endif
 
 typedef struct _LSASS_CALL_AUTHENTICATION_PACKAGE_REQUEST
 {
@@ -87,6 +93,7 @@
    UCHAR Data[1];
 } LSASS_LOGON_USER_REPLY, *PLSASS_LOGON_USER_REPLY;
 
+#if 0
 typedef struct _LSASS_REGISTER_LOGON_PROCESS_REQUEST
 {
    ULONG Length;
@@ -97,17 +104,17 @@
 {
    LSA_OPERATIONAL_MODE OperationalMode;
 } LSASS_REGISTER_LOGON_PROCESS_REPLY, *PLSASS_REGISTER_LOGON_PROCESS_REPLY;
-
-
-typedef struct _LSASS_CONNECT_DATA
+#endif
+
+typedef struct _LSA_CONNECTION_INFO
 {
     NTSTATUS Status;
     LSA_OPERATIONAL_MODE OperationalMode;
     ULONG Length;
     CHAR LogonProcessNameBuffer[LSASS_MAX_LOGON_PROCESS_NAME_LENGTH + 1];
-} LSASS_CONNECT_DATA, *PLSASS_CONNECT_DATA;
-
-
+} LSA_CONNECTION_INFO, *PLSA_CONNECTION_INFO;
+
+#if 0
 typedef union _LSASS_REQUEST
 {
    PORT_MESSAGE Header;
@@ -141,5 +148,77 @@
 	  LookupAuthenticationPackageReply;
      } d;
 } LSASS_REPLY, *PLSASS_REPLY;
+#endif
+
+
+typedef struct _LSA_REGISTER_LOGON_PROCESS_MSG
+{
+    union
+    {
+        struct
+        {
+            ULONG Length;
+            CHAR LogonProcessNameBuffer[LSASS_MAX_LOGON_PROCESS_NAME_LENGTH + 1];
+        } Request;
+        struct
+        {
+            LSA_OPERATIONAL_MODE OperationalMode;
+        } Reply;
+    };
+} LSA_REGISTER_LOGON_PROCESS_MSG, *PLSA_REGISTER_LOGON_PROCESS_MSG;
+
+
+typedef struct _LSA_DEREGISTER_LOGON_PROCESS_MSG
+{
+    union
+    {
+        struct
+        {
+            ULONG Dummy;
+        } Request;
+        struct
+        {
+            ULONG Dummy;
+        } Reply;
+    };
+} LSA_DEREGISTER_LOGON_PROCESS_MSG, *PLSA_DEREGISTER_LOGON_PROCESS_MSG;
+
+
+typedef struct _LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG
+{
+    union
+    {
+        struct
+        {
+            ULONG PackageNameLength;
+            CHAR PackageName[LSASS_MAX_PACKAGE_NAME_LENGTH + 1];
+        } Request;
+        struct
+        {
+            ULONG Package;
+        } Reply;
+    };
+} LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG, *PLSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG;
+
+typedef struct _LSA_API_MSG
+{
+    PORT_MESSAGE h;
+    struct
+    {
+        LSA_API_NUMBER ApiNumber;
+        NTSTATUS Status;
+        union
+        {
+            LSA_REGISTER_LOGON_PROCESS_MSG RegisterLogonProcess;
+//            LSA_LOGON_USER_MSG LogonUser;
+//            LSA_CALL_AUTHENTICATION_PACKAGE_MSG CallAuthenticationPackage;
+            LSA_DEREGISTER_LOGON_PROCESS_MSG DeregisterLogonProcess;
+            LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG LookupAuthenticationPackage;
+        };
+    };
+} LSA_API_MSG, *PLSA_API_MSG;
+
+#define LSA_PORT_DATA_SIZE(c)     (sizeof(ULONG)+sizeof(NTSTATUS)+sizeof(c))
+#define LSA_PORT_MESSAGE_SIZE     (sizeof(LSA_API_MSG))
 
 #endif /* __INCLUDE_LSASS_LSASS_H */

Modified: trunk/reactos/lib/lsalib/lsa.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/lib/lsalib/lsa.c?rev=58303…
==============================================================================
--- trunk/reactos/lib/lsalib/lsa.c [iso-8859-1] (original)
+++ trunk/reactos/lib/lsalib/lsa.c [iso-8859-1] Sat Feb  9 22:56:26 2013
@@ -12,6 +12,7 @@
 #include <ndk/lpctypes.h>
 #include <ndk/lpcfuncs.h>
 #include <ndk/rtlfuncs.h>
+#include <ndk/obfuncs.h>
 #include <psdk/ntsecapi.h>
 #include <lsass/lsass.h>
 
@@ -30,25 +31,34 @@
 NTSTATUS WINAPI
 LsaDeregisterLogonProcess(HANDLE LsaHandle)
 {
-    LSASS_REQUEST Request;
-    LSASS_REPLY Reply;
+    LSA_API_MSG ApiMessage;
     NTSTATUS Status;
 
-    Request.Header.u1.s1.DataLength = 0;
-    Request.Header.u1.s1.TotalLength = sizeof(LSASS_REQUEST);
-    Request.Type = LSASS_REQUEST_DEREGISTER_LOGON_PROCESS;
+    DPRINT1("LsaDeregisterLogonProcess()\n");
+
+    ApiMessage.ApiNumber = LSASS_REQUEST_DEREGISTER_LOGON_PROCESS;
+    ApiMessage.h.u1.s1.DataLength =
LSA_PORT_DATA_SIZE(ApiMessage.DeregisterLogonProcess.Request);
+    ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
+    ApiMessage.h.u2.ZeroInit = 0;
+
     Status = ZwRequestWaitReplyPort(LsaHandle,
-                                    &Request.Header,
-                                    &Reply.Header);
-    if (!NT_SUCCESS(Status))
-    {
-        return Status;
-    }
-
-    if (!NT_SUCCESS(Reply.Status))
-    {
-        return Reply.Status;
-    }
+                                    (PPORT_MESSAGE)&ApiMessage,
+                                    (PPORT_MESSAGE)&ApiMessage);
+    if (!NT_SUCCESS(Status))
+    {
+        DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
+    if (!NT_SUCCESS(ApiMessage.Status))
+    {
+        DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status
0x%08lx)\n", ApiMessage.Status);
+        return ApiMessage.Status;
+    }
+
+    NtClose(LsaHandle);
+
+    DPRINT1("LsaDeregisterLogonProcess() done (Status 0x%08lx)\n", Status);
 
     return Status;
 }
@@ -77,6 +87,7 @@
                              PULONG ReturnBufferLength,
                              PNTSTATUS ProtocolStatus)
 {
+#if 0
     PLSASS_REQUEST Request;
     PLSASS_REPLY Reply;
     LSASS_REQUEST RawRequest;
@@ -123,6 +134,9 @@
            *ReturnBufferLength);
 
     return Status;
+#endif
+    return 0;
+
 }
 
 
@@ -144,34 +158,42 @@
                                PLSA_STRING PackageName,
                                PULONG AuthenticationPackage)
 {
+    LSA_API_MSG ApiMessage;
     NTSTATUS Status;
-    PLSASS_REQUEST Request;
-    LSASS_REQUEST RawRequest;
-    LSASS_REPLY Reply;
-
-    Request = (PLSASS_REQUEST)&RawRequest;
-    Request->Header.u1.s1.DataLength = sizeof(LSASS_REQUEST) + PackageName->Length
-
-        sizeof(PORT_MESSAGE);
-    Request->Header.u1.s1.TotalLength = Request->Header.u1.s1.DataLength +
-        sizeof(PORT_MESSAGE);
-    Request->Type = LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE;
+
+    /* Check the package name length */
+    if (PackageName->Length > LSASS_MAX_PACKAGE_NAME_LENGTH)
+    {
+        return STATUS_NAME_TOO_LONG;
+    }
+
+    ApiMessage.ApiNumber = LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE;
+    ApiMessage.h.u1.s1.DataLength =
LSA_PORT_DATA_SIZE(ApiMessage.LookupAuthenticationPackage.Request);
+    ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
+    ApiMessage.h.u2.ZeroInit = 0;
+
+    ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength =
PackageName->Length;
+    strncpy(ApiMessage.LookupAuthenticationPackage.Request.PackageName,
+            PackageName->Buffer,
+            ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength);
+   
ApiMessage.LookupAuthenticationPackage.Request.PackageName[ApiMessage.LookupAuthenticationPackage.Request.PackageNameLength]
= '\0';
 
     Status = ZwRequestWaitReplyPort(LsaHandle,
-                                    &Request->Header,
-                                    &Reply.Header);
-    if (!NT_SUCCESS(Status))
-    {
-        return Status;
-    }
-
-    if (!NT_SUCCESS(Reply.Status))
-    {
-        return Reply.Status;
-    }
-
-    *AuthenticationPackage = Reply.d.LookupAuthenticationPackageReply.Package;
-
-    return Reply.Status;
+                                    (PPORT_MESSAGE)&ApiMessage,
+                                    (PPORT_MESSAGE)&ApiMessage);
+    if (!NT_SUCCESS(Status))
+    {
+        return Status;
+    }
+
+    if (!NT_SUCCESS(ApiMessage.Status))
+    {
+        return ApiMessage.Status;
+    }
+
+    *AuthenticationPackage = ApiMessage.LookupAuthenticationPackage.Reply.Package;
+
+    return Status;
 }
 
 
@@ -194,6 +216,7 @@
              PQUOTA_LIMITS Quotas,
              PNTSTATUS SubStatus)
 {
+#if 0
     ULONG RequestLength;
     ULONG CurrentLength;
     PLSASS_REQUEST Request;
@@ -276,6 +299,8 @@
            sizeof(Reply->d.LogonUserReply.Quotas));
 
     return Status;
+#endif
+    return 0;
 }
 
 
@@ -289,25 +314,27 @@
 {
     UNICODE_STRING PortName; // =
RTL_CONSTANT_STRING(L"\\LsaAuthenticationPort");
     SECURITY_QUALITY_OF_SERVICE SecurityQos;
-    ULONG ConnectInfoLength;
+    LSA_CONNECTION_INFO ConnectInfo;
+    ULONG ConnectInfoLength = sizeof(ConnectInfo);
+    LSA_API_MSG ApiMessage;
+    HANDLE PortHandle = NULL;
     NTSTATUS Status;
-    LSASS_CONNECT_DATA ConnectInfo;
-//    LSASS_REQUEST Request;
-//    LSASS_REPLY Reply;
+
+    DPRINT1("LsaRegisterLogonProcess()\n");
 
     /* Check the logon process name length */
     if (LsaLogonProcessName->Length > LSASS_MAX_LOGON_PROCESS_NAME_LENGTH)
         return STATUS_NAME_TOO_LONG;
 
+    *Handle = NULL;
+
     RtlInitUnicodeString(&PortName,
                          L"\\LsaAuthenticationPort");
 
-    SecurityQos.Length              = sizeof (SecurityQos);
+    SecurityQos.Length              = sizeof(SecurityQos);
     SecurityQos.ImpersonationLevel  = SecurityIdentification;
     SecurityQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
     SecurityQos.EffectiveOnly       = TRUE;
-
-    ConnectInfoLength = sizeof(LSASS_CONNECT_DATA);
 
     strncpy(ConnectInfo.LogonProcessNameBuffer,
             LsaLogonProcessName->Buffer,
@@ -315,7 +342,7 @@
     ConnectInfo.Length = LsaLogonProcessName->Length;
     ConnectInfo.LogonProcessNameBuffer[ConnectInfo.Length] = '\0';
 
-    Status = ZwConnectPort(Handle,
+    Status = ZwConnectPort(&PortHandle,
                            &PortName,
                            &SecurityQos,
                            NULL,
@@ -325,42 +352,43 @@
                            &ConnectInfoLength);
     if (!NT_SUCCESS(Status))
     {
-        return Status;
-    }
+        DPRINT1("ZwConnectPort failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
+    ApiMessage.ApiNumber = LSASS_REQUEST_REGISTER_LOGON_PROCESS;
+    ApiMessage.h.u1.s1.DataLength =
LSA_PORT_DATA_SIZE(ApiMessage.RegisterLogonProcess.Request);
+    ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
+    ApiMessage.h.u2.ZeroInit = 0;
+
+    ApiMessage.RegisterLogonProcess.Request.Length = LsaLogonProcessName->Length;
+    memcpy(ApiMessage.RegisterLogonProcess.Request.LogonProcessNameBuffer,
+           LsaLogonProcessName->Buffer,
+           ApiMessage.RegisterLogonProcess.Request.Length);
+
+    Status = ZwRequestWaitReplyPort(PortHandle,
+                                    (PPORT_MESSAGE)&ApiMessage,
+                                    (PPORT_MESSAGE)&ApiMessage);
+    if (!NT_SUCCESS(Status))
+    {
+        DPRINT1("ZwRequestWaitReplyPort failed (Status 0x%08lx)\n", Status);
+        NtClose(PortHandle);
+        return Status;
+    }
+
+    if (!NT_SUCCESS(ApiMessage.Status))
+    {
+        DPRINT1("ZwRequestWaitReplyPort failed (ApiMessage.Status 0x%08lx)\n",
ApiMessage.Status);
+        NtClose(PortHandle);
+        return ApiMessage.Status;
+    }
+
+    *Handle = PortHandle;
+    *OperationalMode = ApiMessage.RegisterLogonProcess.Reply.OperationalMode;
+
+    DPRINT1("LsaRegisterLogonProcess() done (Status 0x%08lx)\n", Status);
 
     return Status;
-#if 0
-    Request.Type = LSASS_REQUEST_REGISTER_LOGON_PROCESS;
-    Request.Header.u1.s1.DataLength = sizeof(LSASS_REQUEST) -
-        sizeof(PORT_MESSAGE);
-    Request.Header.u1.s1.TotalLength = sizeof(LSASS_REQUEST);
-
-    Request.d.RegisterLogonProcessRequest.Length = LsaLogonProcessName->Length;
-    memcpy(Request.d.RegisterLogonProcessRequest.LogonProcessNameBuffer,
-           LsaLogonProcessName->Buffer,
-           Request.d.RegisterLogonProcessRequest.Length);
-
-    Status = ZwRequestWaitReplyPort(*Handle,
-                                    &Request.Header,
-                                    &Reply.Header);
-    if (!NT_SUCCESS(Status))
-    {
-//        NtClose(*Handle);
-//        *Handle = NULL;
-        return Status;
-    }
-
-    if (!NT_SUCCESS(Reply.Status))
-    {
-//        NtClose(*Handle);
-//        *Handle = NULL;
-        return Status;
-    }
-
-    *OperationalMode = Reply.d.RegisterLogonProcessReply.OperationalMode;
-
-    return Reply.Status;
-#endif
 }
 
 



    