[ekohl] 64384: [LSASRV][SECUR32] - Implement a first version of LsaGetLogonSessionData. - Add a simple way to disable LsaEnumerateLogonSessions and LsaGetLogonSessionData in case they cause problems. - Ros-diffs

28 Sep 2014

Author: ekohl
Date: Sun Sep 28 23:02:09 2014
New Revision: 64384
URL: http://svn.reactos.org/svn/reactos?rev=64384&view=rev
Log:
[LSASRV][SECUR32]
- Implement a first version of LsaGetLogonSessionData.
- Add a simple way to disable LsaEnumerateLogonSessions and LsaGetLogonSessionData in case they cause problems.
Modified:
    trunk/reactos/dll/win32/lsasrv/authport.c
    trunk/reactos/dll/win32/lsasrv/lsasrv.h
    trunk/reactos/dll/win32/lsasrv/session.c
    trunk/reactos/dll/win32/secur32/lsalpc.c
    trunk/reactos/include/reactos/subsys/lsass/lsass.h
Modified: trunk/reactos/dll/win32/lsasrv/authport.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/authport.c...
==============================================================================

--- trunk/reactos/dll/win32/lsasrv/authport.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/authport.c	[iso-8859-1] Sun Sep 28 23:02:09 2014
@@ -237,6 +237,11 @@
                         ReplyMsg = &RequestMsg;
                         break;
+                    case LSASS_REQUEST_GET_LOGON_SESSION_DATA:
+                        RequestMsg.Status = LsapGetLogonSessionData(&RequestMsg);
+                        ReplyMsg = &RequestMsg;
+                        break;
+
                     default:
                         RequestMsg.Status = STATUS_INVALID_SYSTEM_SERVICE;
                         ReplyMsg = &RequestMsg;
Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.h?r...
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsasrv.h	[iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsasrv.h	[iso-8859-1] Sun Sep 28 23:02:09 2014
@@ -407,6 +407,9 @@
 NTSTATUS
 LsapEnumLogonSessions(IN OUT PLSA_API_MSG RequestMsg);
+NTSTATUS
+LsapGetLogonSessionData(IN OUT PLSA_API_MSG RequestMsg);
+
 /* utils.c */
 INT
 LsapLoadString(HINSTANCE hInstance,
Modified: trunk/reactos/dll/win32/lsasrv/session.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/session.c?...
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/session.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/session.c	[iso-8859-1] Sun Sep 28 23:02:09 2014
@@ -12,6 +12,16 @@
 {
     LIST_ENTRY Entry;
     LUID LogonId;
+    ULONG LogonType;
+    ULONG Session;
+    LARGE_INTEGER LogonTime;
+    PSID Sid;
+    UNICODE_STRING UserName;
+    UNICODE_STRING LogonDomain;
+    UNICODE_STRING AuthenticationPackage;
+    UNICODE_STRING LogonServer;
+    UNICODE_STRING DnsDomainName;
+    UNICODE_STRING Upn;
 } LSAP_LOGON_SESSION, *PLSAP_LOGON_SESSION;
@@ -58,7 +68,7 @@
 {
     PLSAP_LOGON_SESSION Session;
-    TRACE("()\n");
+    TRACE("LsapSetLogonSessionData()\n");
Session = LsapGetLogonSession(LogonId);
     if (Session == NULL)
@@ -92,7 +102,7 @@
     RtlCopyLuid(&Session->LogonId, LogonId);
/* Insert the new session into the session list */
-    InsertTailList(&SessionListHead, &Session->Entry);
+    InsertHeadList(&SessionListHead, &Session->Entry);
     SessionCount++;
return STATUS_SUCCESS;
@@ -115,6 +125,28 @@
     /* Remove the session entry from the list */
     RemoveEntryList(&Session->Entry);
     SessionCount--;
+
+    /* Free the session data */
+    if (Session->Sid != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, Session->Sid);
+
+    if (Session->UserName.Buffer != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, Session->UserName.Buffer);
+
+    if (Session->LogonDomain.Buffer != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, Session->LogonDomain.Buffer);
+
+    if (Session->AuthenticationPackage.Buffer != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, Session->AuthenticationPackage.Buffer);
+
+    if (Session->LogonServer.Buffer != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, Session->LogonServer.Buffer);
+
+    if (Session->DnsDomainName.Buffer != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, Session->DnsDomainName.Buffer);
+
+    if (Session->Upn.Buffer != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, Session->Upn.Buffer);
/* Free the session entry */
     RtlFreeHeap(RtlGetProcessHeap(), 0, Session);
@@ -135,7 +167,7 @@
     PVOID ClientBaseAddress = NULL;
     NTSTATUS Status;
-    TRACE("LsapEnumLogonSessions()\n");
+    TRACE("LsapEnumLogonSessions(%p)\n", RequestMsg);
Length = SessionCount * sizeof(LUID);
     SessionList = RtlAllocateHeap(RtlGetProcessHeap(),
@@ -166,7 +198,7 @@
                                NULL);
Status = NtOpenProcess(&ProcessHandle,
-                           PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION | PROCESS_DUP_HANDLE,
+                           PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION,
                            &ObjectAttributes,
                            &RequestMsg->h.ClientId);
     if (!NT_SUCCESS(Status))
@@ -174,6 +206,8 @@
         TRACE("NtOpenProcess() failed (Status %lx)\n", Status);
         goto done;
     }
+
+    TRACE("Length: %lu\n", Length);
MemSize = Length;
     Status = NtAllocateVirtualMemory(ProcessHandle,
@@ -188,6 +222,9 @@
         goto done;
     }
+    TRACE("MemSize: %lu\n", MemSize);
+    TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
+
     Status = NtWriteVirtualMemory(ProcessHandle,
                                   ClientBaseAddress,
                                   SessionList,
@@ -212,4 +249,110 @@
     return Status;
 }
+
+NTSTATUS
+LsapGetLogonSessionData(IN OUT PLSA_API_MSG RequestMsg)
+{
+    OBJECT_ATTRIBUTES ObjectAttributes;
+    HANDLE ProcessHandle = NULL;
+    PLSAP_LOGON_SESSION Session;
+    PSECURITY_LOGON_SESSION_DATA LocalSessionData;
+    PVOID ClientBaseAddress = NULL;
+    ULONG Length, MemSize;
+    LPWSTR Ptr;
+    NTSTATUS Status;
+
+    TRACE("LsapGetLogonSessionData(%p)\n", RequestMsg);
+
+    TRACE("LogonId: %lx\n", RequestMsg->GetLogonSessionData.Request.LogonId.LowPart);
+    Session = LsapGetLogonSession(&RequestMsg->GetLogonSessionData.Request.LogonId);
+    if (Session == NULL)
+        return STATUS_NO_SUCH_LOGON_SESSION;
+
+    Length = sizeof(SECURITY_LOGON_SESSION_DATA);
+/*
+             Session->UserName.MaximumLength +
+             Session->LogonDomain.MaximumLength +
+             Session->AuthenticationPackage.MaximumLength +
+             Session->LogonServer.MaximumLength +
+             Session->DnsDomainName.MaximumLength +
+             Session->Upn.MaximumLength;
+
+    if (Session->Sid != NULL)
+        RtlLengthSid(Session->Sid);
+*/
+
+    TRACE("Length: %lu\n", Length);
+
+    LocalSessionData = RtlAllocateHeap(RtlGetProcessHeap(),
+                                       HEAP_ZERO_MEMORY,
+                                       Length);
+    if (LocalSessionData == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    Ptr = (LPWSTR)((ULONG_PTR)LocalSessionData + sizeof(SECURITY_LOGON_SESSION_DATA));
+    TRACE("LocalSessionData: %p  Ptr: %p\n", LocalSessionData, Ptr);
+
+    LocalSessionData->Size = sizeof(SECURITY_LOGON_SESSION_DATA);
+
+    RtlCopyLuid(&LocalSessionData->LogonId,
+                &RequestMsg->GetLogonSessionData.Request.LogonId);
+
+    InitializeObjectAttributes(&ObjectAttributes,
+                               NULL,
+                               0,
+                               NULL,
+                               NULL);
+
+    Status = NtOpenProcess(&ProcessHandle,
+                           PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION,
+                           &ObjectAttributes,
+                           &RequestMsg->h.ClientId);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("NtOpenProcess() failed (Status %lx)\n", Status);
+        goto done;
+    }
+
+    TRACE("MemSize: %lu\n", MemSize);
+
+    MemSize = Length;
+    Status = NtAllocateVirtualMemory(ProcessHandle,
+                                     &ClientBaseAddress,
+                                     0,
+                                     &MemSize,
+                                     MEM_COMMIT,
+                                     PAGE_READWRITE);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("NtAllocateVirtualMemory() failed (Status %lx)\n", Status);
+        goto done;
+    }
+
+    TRACE("MemSize: %lu\n", MemSize);
+    TRACE("ClientBaseAddress: %p\n", ClientBaseAddress);
+
+    Status = NtWriteVirtualMemory(ProcessHandle,
+                                  ClientBaseAddress,
+                                  LocalSessionData,
+                                  Length,
+                                  NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("NtWriteVirtualMemory() failed (Status %lx)\n", Status);
+        goto done;
+    }
+
+    RequestMsg->GetLogonSessionData.Reply.SessionDataBuffer = ClientBaseAddress;
+
+done:
+    if (ProcessHandle != NULL)
+        NtClose(ProcessHandle);
+
+    if (LocalSessionData != NULL)
+        RtlFreeHeap(RtlGetProcessHeap(), 0, LocalSessionData);
+
+    return Status;
+}
+
 /* EOF */
Modified: trunk/reactos/dll/win32/secur32/lsalpc.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/secur32/lsalpc.c?...
==============================================================================
--- trunk/reactos/dll/win32/secur32/lsalpc.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/win32/secur32/lsalpc.c	[iso-8859-1] Sun Sep 28 23:02:09 2014
@@ -108,9 +108,11 @@
  */
 NTSTATUS
 NTAPI
-LsaEnumerateLogonSessions(PULONG LogonSessionCount,
-                          PLUID *LogonSessionList)
-{
+LsaEnumerateLogonSessions(
+    PULONG LogonSessionCount,
+    PLUID *LogonSessionList)
+{
+#if 1
     LSA_API_MSG ApiMessage;
     NTSTATUS Status;
@@ -144,6 +146,10 @@
     *LogonSessionList = ApiMessage.EnumLogonSessions.Reply.LogonSessionBuffer;
return Status;
+#else
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
+#endif
 }
@@ -152,11 +158,59 @@
  */
 NTSTATUS
 NTAPI
-LsaGetLogonSessionData(PLUID LogonId,
-                       PSECURITY_LOGON_SESSION_DATA *ppLogonSessionData)
-{
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+LsaGetLogonSessionData(
+    PLUID LogonId,
+    PSECURITY_LOGON_SESSION_DATA *ppLogonSessionData)
+{
+#if 1
+    LSA_API_MSG ApiMessage;
+    PSECURITY_LOGON_SESSION_DATA SessionData;
+    NTSTATUS Status;
+
+    TRACE("LsaGetLogonSessionData(%p %p)\n", LogonId, ppLogonSessionData);
+
+    Status = LsapOpenLsaPort();
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    ApiMessage.ApiNumber = LSASS_REQUEST_GET_LOGON_SESSION_DATA;
+    ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.GetLogonSessionData);
+    ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE;
+    ApiMessage.h.u2.ZeroInit = 0;
+
+    RtlCopyLuid(&ApiMessage.GetLogonSessionData.Request.LogonId,
+                LogonId);
+
+    Status = NtRequestWaitReplyPort(LsaPortHandle,
+                                    (PPORT_MESSAGE)&ApiMessage,
+                                    (PPORT_MESSAGE)&ApiMessage);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("NtRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
+    if (!NT_SUCCESS(ApiMessage.Status))
+    {
+        ERR("NtRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status);
+        return ApiMessage.Status;
+    }
+
+    SessionData = ApiMessage.GetLogonSessionData.Reply.SessionDataBuffer;
+
+    if (SessionData->UserName.Buffer != NULL)
+        SessionData->UserName.Buffer = (LPWSTR)((ULONG_PTR)&SessionData->UserName.Buffer + (ULONG_PTR)SessionData->UserName.Buffer);
+
+    if (SessionData->Sid != NULL)
+        SessionData->Sid = (LPWSTR)((ULONG_PTR)&SessionData->Sid + (ULONG_PTR)SessionData->Sid);
+
+    *ppLogonSessionData = SessionData;
+
+    return Status;
+#else
+    UNIMPLEMENTED;
+    return STATUS_NOT_IMPLEMENTED;
+#endif
 }
Modified: trunk/reactos/include/reactos/subsys/lsass/lsass.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/reactos/subsys/lsas...
==============================================================================
--- trunk/reactos/include/reactos/subsys/lsass/lsass.h	[iso-8859-1] (original)
+++ trunk/reactos/include/reactos/subsys/lsass/lsass.h	[iso-8859-1] Sun Sep 28 23:02:09 2014
@@ -22,6 +22,7 @@
     LSASS_REQUEST_LOGON_USER,
     LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE,
     LSASS_REQUEST_ENUM_LOGON_SESSIONS,
+    LSASS_REQUEST_GET_LOGON_SESSION_DATA,
     LSASS_REQUEST_MAXIMUM
 } LSA_API_NUMBER, *PLSA_API_NUMBER;
@@ -129,11 +130,26 @@
         struct
         {
             ULONG LogonSessionCount;
-            ULONG LogonSessionBufferLength;
             PVOID LogonSessionBuffer;
         } Reply;
     };
 } LSA_ENUM_LOGON_SESSIONS_MSG, *PLSA_ENUM_LOGON_SESSIONS_MSG;
+
+
+typedef struct _LSA_GET_LOGON_SESSION_DATA_MSG
+{
+    union
+    {
+        struct
+        {
+            LUID LogonId;
+        } Request;
+        struct
+        {
+            PVOID SessionDataBuffer;
+        } Reply;
+    };
+} LSA_GET_LOGON_SESSION_DATA_MSG, *PLSA_GET_LOGON_SESSION_DATA_MSG;
typedef struct _LSA_API_MSG
@@ -153,6 +169,7 @@
                 LSA_DEREGISTER_LOGON_PROCESS_MSG DeregisterLogonProcess;
                 LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG LookupAuthenticationPackage;
                 LSA_ENUM_LOGON_SESSIONS_MSG EnumLogonSessions;
+                LSA_GET_LOGON_SESSION_DATA_MSG GetLogonSessionData;
             };
         };
     };

    