Author: ekohl Date: Wed Sep 26 16:15:29 2012 New Revision: 57391 URL: http://svn.reactos.org/svn/reactos?rev=57391&view=rev Log: [LSASRV] - Implement most missing information classes of LsarQueryInformationPolicy. - Add initialization code for new attributes of the policy object. - Implement LsarQueryInformationPolicy2 and LsarSetInformationPolicy2. Modified: trunk/reactos/dll/win32/lsasrv/database.c trunk/reactos/dll/win32/lsasrv/lsarpc.c trunk/reactos/dll/win32/lsasrv/lsasrv.h trunk/reactos/dll/win32/lsasrv/policy.c trunk/reactos/include/reactos/idl/lsa.idl Modified: trunk/reactos/dll/win32/lsasrv/database.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/database.… ============================================================================== --- trunk/reactos/dll/win32/lsasrv/database.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/database.c [iso-8859-1] Wed Sep 26 16:15:29 2012 @@ -226,9 +226,17 @@ static NTSTATUS LsapCreateDatabaseObjects(VOID) { + PLSAP_POLICY_AUDIT_EVENTS_DATA AuditEventsInfo = NULL; POLICY_DEFAULT_QUOTA_INFO QuotaInfo; + POLICY_MODIFICATION_INFO ModificationInfo; + POLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = {FALSE, FALSE}; + POLICY_AUDIT_LOG_INFO AuditLogInfo; + PLSA_DB_OBJECT PolicyObject = NULL; PSID AccountDomainSid = NULL; + ULONG AuditEventsCount; + ULONG AuditEventsSize; + ULONG i; NTSTATUS Status; /* Initialize the default quota limits */ @@ -239,10 +247,35 @@ QuotaInfo.QuotaLimits.PagefileLimit = 0; QuotaInfo.QuotaLimits.TimeLimit.QuadPart = 0; + /* Initialize the audit log attribute */ + AuditLogInfo.AuditLogPercentFull = 0; + AuditLogInfo.MaximumLogSize = 0; // DWORD + AuditLogInfo.AuditRetentionPeriod.QuadPart = 0; // LARGE_INTEGER + AuditLogInfo.AuditLogFullShutdownInProgress = 0; // BYTE + AuditLogInfo.TimeToShutdown.QuadPart = 0; // LARGE_INTEGER + AuditLogInfo.NextAuditRecordId = 0; // DWORD + + AuditEventsCount = AuditCategoryAccountLogon - AuditCategorySystem + 1; + AuditEventsSize = sizeof(LSAP_POLICY_AUDIT_EVENTS_DATA) + AuditEventsCount * sizeof(DWORD); + AuditEventsInfo = RtlAllocateHeap(RtlGetProcessHeap(), + 0, + AuditEventsSize); + if (AuditEventsInfo == NULL) + return STATUS_INSUFFICIENT_RESOURCES; + + AuditEventsInfo->AuditingMode = FALSE; + AuditEventsInfo->MaximumAuditEventCount = AuditEventsCount; + for (i = 0; i < AuditEventsCount; i++) + AuditEventsInfo->AuditEvents[i] = 0; + + /* Initialize the modification attribute */ + ModificationInfo.ModifiedId.QuadPart = 0; + NtQuerySystemTime(&ModificationInfo.DatabaseCreationTime); + /* Create a random domain SID */ Status = LsapCreateRandomDomainSid(&AccountDomainSid); if (!NT_SUCCESS(Status)) - return Status; + goto done; /* Open the 'Policy' object */ Status = LsapOpenDbObject(NULL, @@ -279,7 +312,34 @@ &QuotaInfo, sizeof(POLICY_DEFAULT_QUOTA_INFO)); + /* Set the modification attribute */ + LsapSetObjectAttribute(PolicyObject, + L"PolMod", + &ModificationInfo, + sizeof(POLICY_MODIFICATION_INFO)); + + /* Set the audit full attribute */ + LsapSetObjectAttribute(PolicyObject, + L"PolAdtFl", + &AuditFullInfo, + sizeof(POLICY_AUDIT_FULL_QUERY_INFO)); + + /* Set the audit log attribute */ + LsapSetObjectAttribute(PolicyObject, + L"PolAdtLg", + &AuditLogInfo, + sizeof(POLICY_AUDIT_LOG_INFO)); + + /* Set the audit events attribute */ + LsapSetObjectAttribute(PolicyObject, + L"PolAdtEv", + &AuditEventsInfo, + AuditEventsSize); + done: + if (AuditEventsInfo != NULL) + RtlFreeHeap(RtlGetProcessHeap(), 0, AuditEventsInfo); + if (PolicyObject != NULL) LsapCloseDbObject(PolicyObject); Modified: trunk/reactos/dll/win32/lsasrv/lsarpc.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsarpc.c?… ============================================================================== --- trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] Wed Sep 26 16:15:29 2012 @@ -222,7 +222,6 @@ DesiredAccess = POLICY_GET_PRIVATE_INFORMATION; break; - case PolicyLastEntry: default: ERR("Invalid InformationClass!\n"); return STATUS_INVALID_PARAMETER; @@ -237,6 +236,10 @@ switch (InformationClass) { + case PolicyAuditLogInformation: /* 1 */ + Status = LsarQueryAuditLog(PolicyHandle, + PolicyInformation); + case PolicyAuditEventsInformation: /* 2 */ Status = LsarQueryAuditEvents(PolicyHandle, PolicyInformation); @@ -247,35 +250,54 @@ PolicyInformation); break; + case PolicyPdAccountInformation: /* 4 */ + Status = LsarQueryPdAccount(PolicyHandle, + PolicyInformation); + case PolicyAccountDomainInformation: /* 5 */ Status = LsarQueryAccountDomain(PolicyHandle, PolicyInformation); break; - case PolicyDefaultQuotaInformation: /* 8 */ + case PolicyLsaServerRoleInformation: /* 6 */ + Status = LsarQueryServerRole(PolicyHandle, + PolicyInformation); + break; + + case PolicyReplicaSourceInformation: /* 7 */ + Status = LsarQueryReplicaSource(PolicyHandle, + PolicyInformation); + + case PolicyDefaultQuotaInformation: /* 8 */ Status = LsarQueryDefaultQuota(PolicyHandle, PolicyInformation); break; - case PolicyDnsDomainInformation: /* 12 (0xc) */ + case PolicyModificationInformation: /* 9 */ + Status = LsarQueryModification(PolicyHandle, + PolicyInformation); + break; + + case PolicyAuditFullQueryInformation: /* 11 (0xB) */ + Status = LsarQueryAuditFull(PolicyHandle, + PolicyInformation); + break; + + case PolicyDnsDomainInformation: /* 12 (0xC) */ Status = LsarQueryDnsDomain(PolicyHandle, PolicyInformation); break; - case PolicyAuditLogInformation: - case PolicyPdAccountInformation: - case PolicyLsaServerRoleInformation: - case PolicyReplicaSourceInformation: - case PolicyModificationInformation: - case PolicyAuditFullSetInformation: - case PolicyAuditFullQueryInformation: - case PolicyDnsDomainInformationInt: - case PolicyLocalAccountDomainInformation: - FIXME("Information class not implemented\n"); - Status = STATUS_UNSUCCESSFUL; + case PolicyDnsDomainInformationInt: /* 13 (0xD) */ + Status = LsarQueryDnsDomainInt(PolicyHandle, + PolicyInformation); break; - case PolicyLastEntry: + case PolicyLocalAccountDomainInformation: /* 14 (0xE) */ + Status = LsarQueryLocalAccountDomain(PolicyHandle, + PolicyInformation); + break; + default: ERR("Invalid InformationClass!\n"); Status = STATUS_INVALID_PARAMETER; @@ -316,6 +338,9 @@ case PolicyPrimaryDomainInformation: case PolicyAccountDomainInformation: + case PolicyDnsDomainInformation: + case PolicyDnsDomainInformationInt: + case PolicyLocalAccountDomainInformation: DesiredAccess = POLICY_TRUST_ADMIN; break; @@ -1761,10 +1786,11 @@ NTSTATUS WINAPI LsarQueryInformationPolicy2( LSAPR_HANDLE PolicyHandle, POLICY_INFORMATION_CLASS InformationClass, - unsigned long *PolicyInformation) -{ - UNIMPLEMENTED; - return STATUS_NOT_IMPLEMENTED; + PLSAPR_POLICY_INFORMATION *PolicyInformation) +{ + return LsarQueryInformationPolicy(PolicyHandle, + InformationClass, + PolicyInformation); } @@ -1772,10 +1798,11 @@ NTSTATUS WINAPI LsarSetInformationPolicy2( LSAPR_HANDLE PolicyHandle, POLICY_INFORMATION_CLASS InformationClass, - unsigned long PolicyInformation) -{ - UNIMPLEMENTED; - return STATUS_NOT_IMPLEMENTED; + PLSAPR_POLICY_INFORMATION PolicyInformation) +{ + return LsarSetInformationPolicy(PolicyHandle, + InformationClass, + PolicyInformation); } Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.h?… ============================================================================== --- trunk/reactos/dll/win32/lsasrv/lsasrv.h [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/lsasrv.h [iso-8859-1] Wed Sep 26 16:15:29 2012 @@ -53,6 +53,14 @@ #define LSAP_DB_SIGNATURE 0x12345678 +typedef struct _LSAP_POLICY_AUDIT_EVENTS_DATA +{ + BOOLEAN AuditingMode; + DWORD MaximumAuditEventCount; + DWORD AuditEvents[0]; +} LSAP_POLICY_AUDIT_EVENTS_DATA, *PLSAP_POLICY_AUDIT_EVENTS_DATA; + + /* authport.c */ NTSTATUS StartAuthenticationPort(VOID); @@ -102,6 +110,10 @@ /* policy.c */ NTSTATUS +LsarQueryAuditLog(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation); + +NTSTATUS LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation); @@ -110,7 +122,19 @@ PLSAPR_POLICY_INFORMATION *PolicyInformation); NTSTATUS +LsarQueryPdAccount(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation); + +NTSTATUS LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation); + +NTSTATUS +LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation); + +NTSTATUS +LsarQueryReplicaSource(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation); NTSTATUS @@ -118,8 +142,24 @@ PLSAPR_POLICY_INFORMATION *PolicyInformation); NTSTATUS +LsarQueryModification(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation); + +NTSTATUS +LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation); + +NTSTATUS LsarQueryDnsDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation); + +NTSTATUS +LsarQueryDnsDomainInt(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation); + +NTSTATUS +LsarQueryLocalAccountDomain(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation); NTSTATUS LsarSetPrimaryDomain(PLSA_DB_OBJECT PolicyObject, Modified: trunk/reactos/dll/win32/lsasrv/policy.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/policy.c?… ============================================================================== --- trunk/reactos/dll/win32/lsasrv/policy.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/policy.c [iso-8859-1] Wed Sep 26 16:15:29 2012 @@ -119,20 +119,105 @@ NTSTATUS +LsarQueryAuditLog(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation) +{ + PPOLICY_AUDIT_LOG_INFO AuditLogInfo = NULL; + ULONG AttributeSize; + NTSTATUS Status; + + *PolicyInformation = NULL; + + AttributeSize = sizeof(POLICY_AUDIT_LOG_INFO); + AuditLogInfo = MIDL_user_allocate(AttributeSize); + if (AuditLogInfo == NULL) + return STATUS_INSUFFICIENT_RESOURCES; + + Status = LsapGetObjectAttribute(PolicyObject, + L"PolAdtLg", + AuditLogInfo, + &AttributeSize); + if (!NT_SUCCESS(Status)) + { + MIDL_user_free(AuditLogInfo); + } + else + { + *PolicyInformation = (PLSAPR_POLICY_INFORMATION)AuditLogInfo; + } + + return Status; +} + + +NTSTATUS LsarQueryAuditEvents(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { + PLSAP_POLICY_AUDIT_EVENTS_DATA AuditData = NULL; PLSAPR_POLICY_AUDIT_EVENTS_INFO p = NULL; - - p = MIDL_user_allocate(sizeof(LSAPR_POLICY_AUDIT_EVENTS_INFO)); - if (p == NULL) - return STATUS_INSUFFICIENT_RESOURCES; - - p->AuditingMode = FALSE; /* no auditing */ - p->EventAuditingOptions = NULL; - p->MaximumAuditEventCount = 0; + ULONG AttributeSize; + NTSTATUS Status = STATUS_SUCCESS; + + *PolicyInformation = NULL; + + AttributeSize = 0; + Status = LsapGetObjectAttribute(PolicyObject, + L"PolAdtEv", + NULL, + &AttributeSize); + if (!NT_SUCCESS(Status)) + return Status; + + if (AttributeSize > 0) + { + AuditData = MIDL_user_allocate(AttributeSize); + if (AuditData == NULL) + return STATUS_INSUFFICIENT_RESOURCES; + + Status = LsapGetObjectAttribute(PolicyObject, + L"PolAdtEv", + AuditData, + &AttributeSize); + if (!NT_SUCCESS(Status)) + goto done; + + p = MIDL_user_allocate(sizeof(LSAPR_POLICY_AUDIT_EVENTS_INFO)); + if (p == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + p->AuditingMode = AuditData->AuditingMode; + p->MaximumAuditEventCount = AuditData->MaximumAuditEventCount; + + p->EventAuditingOptions = MIDL_user_allocate(AuditData->MaximumAuditEventCount * sizeof(DWORD)); + if (p->EventAuditingOptions == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + memcpy(p->EventAuditingOptions, + &(AuditData->AuditEvents[0]), + AuditData->MaximumAuditEventCount * sizeof(DWORD)); + } *PolicyInformation = (PLSAPR_POLICY_INFORMATION)p; + +done: + if (!NT_SUCCESS(Status)) + { + if (p->EventAuditingOptions != NULL) + MIDL_user_free(p->EventAuditingOptions); + + if (p != NULL) + MIDL_user_free(p); + } + + if (AuditData != NULL) + MIDL_user_free(AuditData); return STATUS_SUCCESS; } @@ -249,6 +334,28 @@ NTSTATUS +LsarQueryPdAccount(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation) +{ + PLSAPR_POLICY_PD_ACCOUNT_INFO PdAccountInfo = NULL; + + *PolicyInformation = NULL; + + PdAccountInfo = MIDL_user_allocate(sizeof(LSAPR_POLICY_PD_ACCOUNT_INFO)); + if (PdAccountInfo == NULL) + return STATUS_INSUFFICIENT_RESOURCES; + + PdAccountInfo->Name.Length = 0; + PdAccountInfo->Name.MaximumLength = 0; + PdAccountInfo->Name.Buffer = NULL; + + *PolicyInformation = (PLSAPR_POLICY_INFORMATION)PdAccountInfo; + + return STATUS_SUCCESS; +} + + +NTSTATUS LsarQueryAccountDomain(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { @@ -358,6 +465,44 @@ NTSTATUS +LsarQueryServerRole(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation) +{ + PPOLICY_LSA_SERVER_ROLE_INFO ServerRoleInfo = NULL; + ULONG AttributeSize; + NTSTATUS Status; + + *PolicyInformation = NULL; + + AttributeSize = sizeof(POLICY_LSA_SERVER_ROLE_INFO); + ServerRoleInfo = MIDL_user_allocate(AttributeSize); + if (ServerRoleInfo == NULL) + return STATUS_INSUFFICIENT_RESOURCES; + + Status = LsapGetObjectAttribute(PolicyObject, + L"PolSrvRo", + ServerRoleInfo, + &AttributeSize); + if (Status == STATUS_OBJECT_NAME_NOT_FOUND) + { + ServerRoleInfo->LsaServerRole = PolicyServerRolePrimary; + Status = STATUS_SUCCESS; + } + + if (!NT_SUCCESS(Status)) + { + MIDL_user_free(ServerRoleInfo); + } + else + { + *PolicyInformation = (PLSAPR_POLICY_INFORMATION)ServerRoleInfo; + } + + return Status; +} + + +NTSTATUS LsarQueryDefaultQuota(PLSA_DB_OBJECT PolicyObject, PLSAPR_POLICY_INFORMATION *PolicyInformation) { @@ -383,6 +528,79 @@ else { *PolicyInformation = (PLSAPR_POLICY_INFORMATION)QuotaInfo; + } + + return Status; +} + + +NTSTATUS +LsarQueryReplicaSource(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation) +{ + *PolicyInformation = NULL; + return STATUS_NOT_IMPLEMENTED; +} + + +NTSTATUS +LsarQueryModification(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation) +{ + PPOLICY_MODIFICATION_INFO Info = NULL; + ULONG AttributeSize; + NTSTATUS Status; + + *PolicyInformation = NULL; + + AttributeSize = sizeof(POLICY_MODIFICATION_INFO); + Info = MIDL_user_allocate(AttributeSize); + if (Info == NULL) + return STATUS_INSUFFICIENT_RESOURCES; + + Status = LsapGetObjectAttribute(PolicyObject, + L"PolMod", + Info, + &AttributeSize); + if (!NT_SUCCESS(Status)) + { + MIDL_user_free(Info); + } + else + { + *PolicyInformation = (PLSAPR_POLICY_INFORMATION)Info; + } + + return Status; +} + + +NTSTATUS +LsarQueryAuditFull(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation) +{ + PPOLICY_AUDIT_FULL_QUERY_INFO AuditFullInfo = NULL; + ULONG AttributeSize; + NTSTATUS Status; + + *PolicyInformation = NULL; + + AttributeSize = sizeof(POLICY_AUDIT_FULL_QUERY_INFO); + AuditFullInfo = MIDL_user_allocate(AttributeSize); + if (AuditFullInfo == NULL) + return STATUS_INSUFFICIENT_RESOURCES; + + Status = LsapGetObjectAttribute(PolicyObject, + L"PolAdtFl", + AuditFullInfo, + &AttributeSize); + if (!NT_SUCCESS(Status)) + { + MIDL_user_free(AuditFullInfo); + } + else + { + *PolicyInformation = (PLSAPR_POLICY_INFORMATION)AuditFullInfo; } return Status; @@ -432,4 +650,22 @@ return STATUS_SUCCESS; } + +NTSTATUS +LsarQueryDnsDomainInt(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation) +{ + *PolicyInformation = NULL; + return STATUS_NOT_IMPLEMENTED; +} + + +NTSTATUS +LsarQueryLocalAccountDomain(PLSA_DB_OBJECT PolicyObject, + PLSAPR_POLICY_INFORMATION *PolicyInformation) +{ + *PolicyInformation = NULL; + return STATUS_NOT_IMPLEMENTED; +} + /* EOF */ Modified: trunk/reactos/include/reactos/idl/lsa.idl URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/reactos/idl/lsa.id… ============================================================================== --- trunk/reactos/include/reactos/idl/lsa.idl [iso-8859-1] (original) +++ trunk/reactos/include/reactos/idl/lsa.idl [iso-8859-1] Wed Sep 26 16:15:29 2012 @@ -240,14 +240,14 @@ DWORD AuditLogPercentFull; DWORD MaximumLogSize; LARGE_INTEGER AuditRetentionPeriod; - BYTE AuditLogFullShutdownInProgress; + BOOLEAN AuditLogFullShutdownInProgress; LARGE_INTEGER TimeToShutdown; DWORD NextAuditRecordId; } POLICY_AUDIT_LOG_INFO, *PPOLICY_AUDIT_LOG_INFO; cpp_quote("#endif") typedef struct _LSAPR_POLICY_AUDIT_EVENTS_INFO { - BYTE AuditingMode; + BOOLEAN AuditingMode; [size_is(MaximumAuditEventCount)] DWORD *EventAuditingOptions; DWORD MaximumAuditEventCount; } LSAPR_POLICY_AUDIT_EVENTS_INFO, *PLSAPR_POLICY_AUDIT_EVENTS_INFO; @@ -889,15 +889,13 @@ NTSTATUS __stdcall LsarQueryInformationPolicy2( [in] LSAPR_HANDLE PolicyHandle, [in] POLICY_INFORMATION_CLASS InformationClass, - [out] unsigned long *PolicyInformation); - /* FIXME: should be [out, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION *PolicyInformation); */ + [out, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION *PolicyInformation); /* Function 47 */ NTSTATUS __stdcall LsarSetInformationPolicy2( [in] LSAPR_HANDLE PolicyHandle, [in] POLICY_INFORMATION_CLASS InformationClass, - [in] unsigned long PolicyInformation); - /* FIXME: should be [in, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION PolicyInformation); */ + [in, switch_is(InformationClass)] PLSAPR_POLICY_INFORMATION PolicyInformation); /* Function 48 */ NTSTATUS __stdcall LsarQueryTrustedDomainInfoByName(