[ekohl] 58304: [LSALIB/LSASRV] - Add the LSA_CONNECTION_INFO struct to the LSA_API_MSG in order to handle the connection info in an easy way. - Let the connection handler return OperationalMode and...
Author: ekohl Date: Sun Feb 10 12:09:21 2013 New Revision: 58304
URL: http://svn.reactos.org/svn/reactos?rev=58304&view=rev Log: [LSALIB/LSASRV] - Add the LSA_CONNECTION_INFO struct to the LSA_API_MSG in order to handle the connection info in an easy way. - Let the connection handler return OperationalMode and Status values. This obsoletes a separate register call to lsasrv.dll, thus remove the register call code entirely. - Add dispatcher code and stubs for the remaining client calls. - Add experimental implementation of LsaCallAuthenticationPackage and LsaLogonUser.
Modified: trunk/reactos/dll/win32/lsasrv/authport.c trunk/reactos/include/reactos/subsys/lsass/lsass.h trunk/reactos/lib/lsalib/lsa.c
Modified: trunk/reactos/dll/win32/lsasrv/authport.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/authport.c... ============================================================================== --- trunk/reactos/dll/win32/lsasrv/authport.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/authport.c [iso-8859-1] Sun Feb 10 12:09:21 2013 @@ -21,8 +21,39 @@ /* FUNCTIONS ***************************************************************/
static NTSTATUS +LsapCallAuthenticationPackage(PLSA_API_MSG RequestMsg) +{ + TRACE("(%p)\n", RequestMsg); + + return STATUS_SUCCESS; +} + + +static NTSTATUS +LsapDeregisterLogonProcess(PLSA_API_MSG RequestMsg) +{ + TRACE("(%p)\n", RequestMsg); + + return STATUS_SUCCESS; +} + + +static NTSTATUS +LsapLogonUser(PLSA_API_MSG RequestMsg) +{ + TRACE("(%p)\n", RequestMsg); + + return STATUS_SUCCESS; +} + + +static NTSTATUS LsapLookupAuthenticationPackage(PLSA_API_MSG RequestMsg) { + TRACE("(%p)\n", RequestMsg); + + TRACE("PackageName: %s\n", RequestMsg->LookupAuthenticationPackage.Request.PackageName); + RequestMsg->LookupAuthenticationPackage.Reply.Package = 0x12345678;
return STATUS_SUCCESS; @@ -65,6 +96,11 @@ TRACE("Port connection request\n");
RemotePortView.Length = sizeof(REMOTE_PORT_VIEW); + + TRACE("Logon Process Name: %s\n", RequestMsg.ConnectInfo.LogonProcessNameBuffer); + + RequestMsg.ConnectInfo.OperationalMode = 0x43218765; + RequestMsg.ConnectInfo.Status = STATUS_SUCCESS;
Accept = TRUE; Status = NtAcceptConnectPort(&ConnectionHandle, @@ -102,12 +138,28 @@ default: TRACE("Received request (ApiNumber: %lu)\n", RequestMsg.ApiNumber);
- if (RequestMsg.ApiNumber == LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE) + switch (RequestMsg.ApiNumber) { - RequestMsg.Status = LsapLookupAuthenticationPackage(&RequestMsg); + case LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE: + RequestMsg.Status = LsapCallAuthenticationPackage(&RequestMsg); + break; + + case LSASS_REQUEST_DEREGISTER_LOGON_PROCESS: + RequestMsg.Status = LsapDeregisterLogonProcess(&RequestMsg); + break; + + case LSASS_REQUEST_LOGON_USER: + RequestMsg.Status = LsapLogonUser(&RequestMsg); + break; + + case LSASS_REQUEST_LOOKUP_AUTHENTICATION_PACKAGE: + RequestMsg.Status = LsapLookupAuthenticationPackage(&RequestMsg); + break; + + default: + RequestMsg.Status = STATUS_SUCCESS; /* FIXME */ + break; } - else - RequestMsg.Status = STATUS_SUCCESS;
ReplyMsg = &RequestMsg; break;
Modified: trunk/reactos/include/reactos/subsys/lsass/lsass.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/reactos/subsys/lsas... ============================================================================== --- trunk/reactos/include/reactos/subsys/lsass/lsass.h [iso-8859-1] (original) +++ trunk/reactos/include/reactos/subsys/lsass/lsass.h [iso-8859-1] Sun Feb 10 12:09:21 2013 @@ -18,7 +18,6 @@
typedef enum _LSA_API_NUMBER { - LSASS_REQUEST_REGISTER_LOGON_PROCESS, LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE, LSASS_REQUEST_DEREGISTER_LOGON_PROCESS, LSASS_REQUEST_LOGON_USER, @@ -26,85 +25,6 @@ LSASS_REQUEST_MAXIMUM } LSA_API_NUMBER, *PLSA_API_NUMBER;
-#if 0 -typedef struct _LSASS_LOOKUP_AUTHENTICATION_PACKAGE_REQUEST -{ - ULONG PackageNameLength; - WCHAR PackageName[0]; -} LSASS_LOOKUP_AUTHENTICATION_PACKAGE_REQUEST, - *PLSASS_LOOKUP_AUTHENTICATION_PACKAGE_REQUEST; - -typedef struct _LSASS_LOOKUP_AUTHENTICATION_PACKAGE_REPLY -{ - ULONG Package; -} LSASS_LOOKUP_AUTHENTICATION_PACKAGE_REPLY, - *PLSASS_LOOKUP_AUTHENTICATION_PACKAGE_REPLY; - -typedef struct _LSASS_DEREGISTER_LOGON_PROCESS_REQUEST -{ - ULONG Dummy; -} LSASS_DEREGISTER_LOGON_PROCESS_REQUEST, - *PLSASS_DEREGISTER_LOGON_PROCES_REQUEST; - -typedef struct _LSASS_DEREGISTER_LOGON_PROCESS_REPLY -{ - ULONG Dummy; -} LSASS_DEREGISTER_LOGON_PROCESS_REPLY, - *PLSASS_DEREGISTER_LOGON_PROCESS_REPLY; -#endif - -typedef struct _LSASS_CALL_AUTHENTICATION_PACKAGE_REQUEST -{ - ULONG AuthenticationPackage; - ULONG InBufferLength; - UCHAR InBuffer[0]; -} LSASS_CALL_AUTHENTICATION_PACKAGE_REQUEST, -*PLSASS_CALL_AUTHENTICATION_PACKAGE_REQUEST; - -typedef struct _LSASS_CALL_AUTHENTICATION_PACKAGE_REPLY -{ - ULONG OutBufferLength; - UCHAR OutBuffer[0]; -} LSASS_CALL_AUTHENTICATION_PACKAGE_REPLY, -*PLSASS_CALL_AUTHENTICATION_PACKAGE_REPLY; - -typedef struct _LSASS_LOGON_USER_REQUEST -{ - ULONG OriginNameLength; - PWSTR OriginName; - SECURITY_LOGON_TYPE LogonType; - ULONG AuthenticationPackage; - PVOID AuthenticationInformation; - ULONG AuthenticationInformationLength; - ULONG LocalGroupsCount; - PSID_AND_ATTRIBUTES LocalGroups; - TOKEN_SOURCE SourceContext; - UCHAR Data[1]; -} LSASS_LOGON_USER_REQUEST, *PLSASS_LOGON_USER_REQUEST; - -typedef struct _LSASS_LOGON_USER_REPLY -{ - PVOID ProfileBuffer; - ULONG ProfileBufferLength; - LUID LogonId; - HANDLE Token; - QUOTA_LIMITS Quotas; - NTSTATUS SubStatus; - UCHAR Data[1]; -} LSASS_LOGON_USER_REPLY, *PLSASS_LOGON_USER_REPLY; - -#if 0 -typedef struct _LSASS_REGISTER_LOGON_PROCESS_REQUEST -{ - ULONG Length; - WCHAR LogonProcessNameBuffer[127]; -} LSASS_REGISTER_LOGON_PROCESS_REQUEST, *PLSASS_REGISTER_LOGON_PROCESS_REQUEST; - -typedef struct _LSASS_REGISTER_LOGON_PROCESS_REPLY -{ - LSA_OPERATIONAL_MODE OperationalMode; -} LSASS_REGISTER_LOGON_PROCESS_REPLY, *PLSASS_REGISTER_LOGON_PROCESS_REPLY; -#endif
typedef struct _LSA_CONNECTION_INFO { @@ -114,58 +34,63 @@ CHAR LogonProcessNameBuffer[LSASS_MAX_LOGON_PROCESS_NAME_LENGTH + 1]; } LSA_CONNECTION_INFO, *PLSA_CONNECTION_INFO;
-#if 0 -typedef union _LSASS_REQUEST -{ - PORT_MESSAGE Header; - struct { - UCHAR LpcHeader[sizeof(PORT_MESSAGE)]; - ULONG Type; - union - { - LSASS_REGISTER_LOGON_PROCESS_REQUEST RegisterLogonProcessRequest; - LSASS_LOGON_USER_REQUEST LogonUserRequest; - LSASS_CALL_AUTHENTICATION_PACKAGE_REQUEST - CallAuthenticationPackageRequest; - LSASS_DEREGISTER_LOGON_PROCESS_REPLY DeregisterLogonProcessRequest; - LSASS_LOOKUP_AUTHENTICATION_PACKAGE_REQUEST - LookupAuthenticationPackageRequest; - } d; - }; -} LSASS_REQUEST, *PLSASS_REQUEST;
-typedef struct _LSASS_REPLY -{ - PORT_MESSAGE Header; - NTSTATUS Status; - union - { - LSASS_REGISTER_LOGON_PROCESS_REPLY RegisterLogonProcessReply; - LSASS_LOGON_USER_REPLY LogonUserReply; - LSASS_CALL_AUTHENTICATION_PACKAGE_REPLY CallAuthenticationPackageReply; - LSASS_DEREGISTER_LOGON_PROCESS_REPLY DeregisterLogonProcessReply; - LSASS_LOOKUP_AUTHENTICATION_PACKAGE_REPLY - LookupAuthenticationPackageReply; - } d; -} LSASS_REPLY, *PLSASS_REPLY; -#endif - - -typedef struct _LSA_REGISTER_LOGON_PROCESS_MSG +typedef struct _LSA_LOGON_USER_MSG { union { struct { - ULONG Length; - CHAR LogonProcessNameBuffer[LSASS_MAX_LOGON_PROCESS_NAME_LENGTH + 1]; + LSA_STRING OriginName; + SECURITY_LOGON_TYPE LogonType; + ULONG AuthenticationPackage; + PVOID AuthenticationInformation; + ULONG AuthenticationInformationLength; + PTOKEN_GROUPS LocalGroups; + ULONG LocalGroupsCount; + TOKEN_SOURCE SourceContext; + } Request; + + struct + { + PVOID ProfileBuffer; + ULONG ProfileBufferLength; + LUID LogonId; + HANDLE Token; + QUOTA_LIMITS Quotas; + NTSTATUS SubStatus; + } Reply; + }; +} LSA_LOGON_USER_MSG, *PLSA_LOGON_USER_MSG; + + +typedef struct _LSA_CALL_AUTHENTICATION_PACKAGE_MSG +{ + union + { + struct + { +#if 0 + ULONG AuthenticationPackage; + ULONG InBufferLength; + UCHAR InBuffer[0]; +#endif + ULONG AuthenticationPackage; + PVOID ProtocolSubmitBuffer; + ULONG SubmitBufferLength; } Request; struct { - LSA_OPERATIONAL_MODE OperationalMode; +#if 0 + ULONG OutBufferLength; + UCHAR OutBuffer[0]; +#endif + PVOID ProtocolReturnBuffer; + ULONG ReturnBufferLength; + NTSTATUS ProtocolStatus; } Reply; }; -} LSA_REGISTER_LOGON_PROCESS_MSG, *PLSA_REGISTER_LOGON_PROCESS_MSG; +} LSA_CALL_AUTHENTICATION_PACKAGE_MSG, *PLSA_CALL_AUTHENTICATION_PACKAGE_MSG;
typedef struct _LSA_DEREGISTER_LOGON_PROCESS_MSG @@ -200,20 +125,24 @@ }; } LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG, *PLSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG;
+ typedef struct _LSA_API_MSG { PORT_MESSAGE h; - struct + union { - LSA_API_NUMBER ApiNumber; - NTSTATUS Status; - union + LSA_CONNECTION_INFO ConnectInfo; + struct { - LSA_REGISTER_LOGON_PROCESS_MSG RegisterLogonProcess; -// LSA_LOGON_USER_MSG LogonUser; -// LSA_CALL_AUTHENTICATION_PACKAGE_MSG CallAuthenticationPackage; - LSA_DEREGISTER_LOGON_PROCESS_MSG DeregisterLogonProcess; - LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG LookupAuthenticationPackage; + LSA_API_NUMBER ApiNumber; + NTSTATUS Status; + union + { + LSA_LOGON_USER_MSG LogonUser; + LSA_CALL_AUTHENTICATION_PACKAGE_MSG CallAuthenticationPackage; + LSA_DEREGISTER_LOGON_PROCESS_MSG DeregisterLogonProcess; + LSA_LOOKUP_AUTHENTICATION_PACKAGE_MSG LookupAuthenticationPackage; + }; }; }; } LSA_API_MSG, *PLSA_API_MSG;
Modified: trunk/reactos/lib/lsalib/lsa.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/lib/lsalib/lsa.c?rev=58304&... ============================================================================== --- trunk/reactos/lib/lsalib/lsa.c [iso-8859-1] (original) +++ trunk/reactos/lib/lsalib/lsa.c [iso-8859-1] Sun Feb 10 12:09:21 2013 @@ -87,6 +87,42 @@ PULONG ReturnBufferLength, PNTSTATUS ProtocolStatus) { + LSA_API_MSG ApiMessage; + NTSTATUS Status; + + DPRINT1("LsaCallAuthenticationPackage()\n"); + + ApiMessage.ApiNumber = LSASS_REQUEST_CALL_AUTHENTICATION_PACKAGE; + ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.CallAuthenticationPackage.Request); + ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE; + ApiMessage.h.u2.ZeroInit = 0; + + ApiMessage.CallAuthenticationPackage.Request.AuthenticationPackage = AuthenticationPackage; + ApiMessage.CallAuthenticationPackage.Request.ProtocolSubmitBuffer = ProtocolSubmitBuffer; + ApiMessage.CallAuthenticationPackage.Request.SubmitBufferLength = SubmitBufferLength; + + Status = ZwRequestWaitReplyPort(LsaHandle, + (PPORT_MESSAGE)&ApiMessage, + (PPORT_MESSAGE)&ApiMessage); + if (!NT_SUCCESS(Status)) + { + DPRINT1("ZwRequestWaitReplyPort() failed (Status 0x%08lx)\n", Status); + return Status; + } + + if (!NT_SUCCESS(ApiMessage.Status)) + { + DPRINT1("ZwRequestWaitReplyPort() failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status); + return ApiMessage.Status; + } + + *ProtocolReturnBuffer = ApiMessage.CallAuthenticationPackage.Reply.ProtocolReturnBuffer; + *ReturnBufferLength = ApiMessage.CallAuthenticationPackage.Reply.ReturnBufferLength; + *ProtocolStatus = ApiMessage.CallAuthenticationPackage.Reply.ProtocolStatus; + + return Status; + + #if 0 PLSASS_REQUEST Request; PLSASS_REPLY Reply; @@ -135,8 +171,6 @@
return Status; #endif - return 0; - }
@@ -216,6 +250,48 @@ PQUOTA_LIMITS Quotas, PNTSTATUS SubStatus) { + LSA_API_MSG ApiMessage; + NTSTATUS Status; + + ApiMessage.ApiNumber = LSASS_REQUEST_LOGON_USER; + ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.LogonUser.Request); + ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE; + ApiMessage.h.u2.ZeroInit = 0; + + ApiMessage.LogonUser.Request.OriginName = *OriginName; + ApiMessage.LogonUser.Request.LogonType = LogonType; + ApiMessage.LogonUser.Request.AuthenticationPackage = AuthenticationPackage; + ApiMessage.LogonUser.Request.AuthenticationInformation = AuthenticationInformation; + ApiMessage.LogonUser.Request.AuthenticationInformationLength = AuthenticationInformationLength; + ApiMessage.LogonUser.Request.LocalGroups = LocalGroups; + if (LocalGroups != NULL) + ApiMessage.LogonUser.Request.LocalGroupsCount = LocalGroups->GroupCount; + else + ApiMessage.LogonUser.Request.LocalGroups = 0; + ApiMessage.LogonUser.Request.SourceContext = *SourceContext; + + Status = ZwRequestWaitReplyPort(LsaHandle, + (PPORT_MESSAGE)&ApiMessage, + (PPORT_MESSAGE)&ApiMessage); + if (!NT_SUCCESS(Status)) + { + return Status; + } + + if (!NT_SUCCESS(ApiMessage.Status)) + { + return ApiMessage.Status; + } + + *ProfileBuffer = ApiMessage.LogonUser.Reply.ProfileBuffer; + *ProfileBufferLength = ApiMessage.LogonUser.Reply.ProfileBufferLength; + *LogonId = ApiMessage.LogonUser.Reply.LogonId; + *Token = ApiMessage.LogonUser.Reply.Token; + *Quotas = ApiMessage.LogonUser.Reply.Quotas; + *SubStatus = ApiMessage.LogonUser.Reply.SubStatus; + + return Status; + #if 0 ULONG RequestLength; ULONG CurrentLength; @@ -300,7 +376,6 @@
return Status; #endif - return 0; }
@@ -316,8 +391,6 @@ SECURITY_QUALITY_OF_SERVICE SecurityQos; LSA_CONNECTION_INFO ConnectInfo; ULONG ConnectInfoLength = sizeof(ConnectInfo); - LSA_API_MSG ApiMessage; - HANDLE PortHandle = NULL; NTSTATUS Status;
DPRINT1("LsaRegisterLogonProcess()\n"); @@ -325,8 +398,6 @@ /* Check the logon process name length */ if (LsaLogonProcessName->Length > LSASS_MAX_LOGON_PROCESS_NAME_LENGTH) return STATUS_NAME_TOO_LONG; - - *Handle = NULL;
RtlInitUnicodeString(&PortName, L"\LsaAuthenticationPort"); @@ -342,7 +413,7 @@ ConnectInfo.Length = LsaLogonProcessName->Length; ConnectInfo.LogonProcessNameBuffer[ConnectInfo.Length] = '\0';
- Status = ZwConnectPort(&PortHandle, + Status = ZwConnectPort(Handle, &PortName, &SecurityQos, NULL, @@ -356,39 +427,15 @@ return Status; }
- ApiMessage.ApiNumber = LSASS_REQUEST_REGISTER_LOGON_PROCESS; - ApiMessage.h.u1.s1.DataLength = LSA_PORT_DATA_SIZE(ApiMessage.RegisterLogonProcess.Request); - ApiMessage.h.u1.s1.TotalLength = LSA_PORT_MESSAGE_SIZE; - ApiMessage.h.u2.ZeroInit = 0; - - ApiMessage.RegisterLogonProcess.Request.Length = LsaLogonProcessName->Length; - memcpy(ApiMessage.RegisterLogonProcess.Request.LogonProcessNameBuffer, - LsaLogonProcessName->Buffer, - ApiMessage.RegisterLogonProcess.Request.Length); - - Status = ZwRequestWaitReplyPort(PortHandle, - (PPORT_MESSAGE)&ApiMessage, - (PPORT_MESSAGE)&ApiMessage); - if (!NT_SUCCESS(Status)) - { - DPRINT1("ZwRequestWaitReplyPort failed (Status 0x%08lx)\n", Status); - NtClose(PortHandle); - return Status; - } - - if (!NT_SUCCESS(ApiMessage.Status)) - { - DPRINT1("ZwRequestWaitReplyPort failed (ApiMessage.Status 0x%08lx)\n", ApiMessage.Status); - NtClose(PortHandle); - return ApiMessage.Status; - } - - *Handle = PortHandle; - *OperationalMode = ApiMessage.RegisterLogonProcess.Reply.OperationalMode; - - DPRINT1("LsaRegisterLogonProcess() done (Status 0x%08lx)\n", Status); - - return Status; + DPRINT("ConnectInfo.OperationalMode: 0x%08lx\n", ConnectInfo.OperationalMode); + *OperationalMode = ConnectInfo.OperationalMode; + + if (!NT_SUCCESS(Status)) + { + DPRINT1("ConnectInfo.Status: 0x%08lx\n", ConnectInfo.Status); + } + + return ConnectInfo.Status; }
-
ekohl@svn.reactos.org