archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/ds/security/base/lsa/server/dsexe/lsass.c

568 lines
15 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1991 Microsoft Corporation
  5. Module Name:
  7. lsass.c
  9. Abstract:
  11. Local Security Authority Subsystem - Main Program.
  13. Author:
  15. Scott Birrell (ScottBi) Mar 12, 1991
  17. Environment:
  19. Revision History:
  21. --*/
  23. #include <lsapch2.h>
  24. #include "ntrpcp.h"
  25. #include "lmcons.h"
  26. #include "lmalert.h"
  27. #include "alertmsg.h"
  28. #include <samisrv.h>
  29. #include "safemode.h"
  33. /////////////////////////////////////////////////////////////////////////
  34. // //
  35. // Shared Global Variables //
  36. // //
  37. /////////////////////////////////////////////////////////////////////////
  41. #if DBG
  43. #ifdef _X86_
  44. extern DWORD_PTR __security_cookie; /* /GS security cookie */
  45. extern PVOID __safe_se_handler_table[]; /* base of safe handler entry table */
  46. extern BYTE __safe_se_handler_count; /* absolute symbol whose address is
  47. the count of table entries */
  48. #endif
  50. IMAGE_LOAD_CONFIG_DIRECTORY _load_config_used = {
  51. sizeof(_load_config_used), // Reserved
  52. 0, // Reserved
  53. 0, // Reserved
  54. 0, // Reserved
  55. 0, // GlobalFlagsClear
  56. 0, // GlobalFlagsSet
  57. 900000, // CriticalSectionTimeout (milliseconds)
  58. 0, // DeCommitFreeBlockThreshold
  59. 0, // DeCommitTotalFreeThreshold
  60. 0, // LockPrefixTable
  61. 0, 0, 0, 0, 0, 0, 0, // Reserved
  62. #ifdef _X86_
  63. (DWORD)&__security_cookie,
  64. (DWORD)__safe_se_handler_table,
  65. (DWORD)&__safe_se_handler_count
  66. #else
  67. 0, 0, 0
  68. #endif
  69. };
  72. #endif \\DBG
  76. /////////////////////////////////////////////////////////////////////////
  77. // //
  78. // Internal routine prototypes //
  79. // //
  80. /////////////////////////////////////////////////////////////////////////
  84. VOID
  85. LsapNotifyInitializationFinish(
  86. IN NTSTATUS CompletionStatus
  87. );
  92. /////////////////////////////////////////////////////////////////////////
  93. // //
  94. // Routines //
  95. // //
  96. /////////////////////////////////////////////////////////////////////////
  98. LONG
  99. WINAPI
  100. LsaTopLevelExceptionHandler(
  101. struct _EXCEPTION_POINTERS *ExceptionInfo
  102. )
  104. /*++
  106. Routine Description:
  108. The Top Level exception filter for lsass.exe.
  110. This ensures the entire process will be cleaned up if any of
  111. the threads fail. Since lsass.exe is a distributed application,
  112. it is better to fail the entire process than allow random threads
  113. to continue executing.
  115. Arguments:
  117. ExceptionInfo - Identifies the exception that occurred.
  120. Return Values:
  122. EXCEPTION_EXECUTE_HANDLER - Terminate the process.
  124. EXCEPTION_CONTINUE_SEARCH - Continue processing as though this filter
  125. was never called.
  128. --*/
  129. {
  130. return RtlUnhandledExceptionFilter(ExceptionInfo);
  131. }
  135. VOID __cdecl
  136. main ()
  137. {
  138. NTSTATUS Status = STATUS_SUCCESS;
  139. KPRIORITY BasePriority;
  140. BOOLEAN EnableAlignmentFaults = TRUE;
  141. LSADS_INIT_STATE LsaDsInitState;
  144. //
  145. // Define a top-level exception handler for the entire process.
  146. //
  148. SetErrorMode( SEM_FAILCRITICALERRORS );
  150. SetUnhandledExceptionFilter( &LsaTopLevelExceptionHandler );
  152. RtlSetProcessIsCritical(TRUE, NULL, TRUE);
  155. //
  156. // Run the LSA in the foreground.
  157. //
  158. // Several processes which depend on the LSA (like the lanman server)
  159. // run in the foreground. If we don't run in the foreground, they'll
  160. // starve waiting for us.
  161. //
  163. BasePriority = FOREGROUND_BASE_PRIORITY;
  165. Status = NtSetInformationProcess(
  166. NtCurrentProcess(),
  167. ProcessBasePriority,
  168. &BasePriority,
  169. sizeof(BasePriority)
  170. );
  172. if ( !NT_SUCCESS(Status) ) {
  173. goto Cleanup;
  174. }
  177. //
  178. // Do the following:
  179. //
  180. //
  181. // Check the boot environment
  182. // If this is a DC booted into safe mode, set the appropriate
  183. // flag so LsaISafeBoot returns TRUE.
  184. //
  185. // Initialize the service-controller service
  186. // dispatcher.
  187. //
  188. // Initialize LSA Pass-1
  189. // This starts the RPC server.
  190. // Does not do product type-specific initialization.
  191. //
  192. // Pause for installation if necessary
  193. // Allows product type-specific information to be
  194. // collected.
  195. //
  196. // Initialize LSA Pass-2
  197. // Product type-specific initialization.
  198. //
  199. // Initialize SAM
  200. //
  202. //
  203. // Analyse the boot environment
  204. //
  205. Status = LsapCheckBootMode();
  206. if (!NT_SUCCESS(Status)) {
  208. goto Cleanup;
  209. }
  212. //
  213. // Initialize the service dispatcher.
  214. //
  215. // We initialize the service dispatcher before the sam
  216. // service is started. This will make the service controller
  217. // start successfully even if SAM takes a long time to initialize.
  218. //
  220. Status = ServiceInit();
  222. if (!NT_SUCCESS(Status) ) {
  224. goto Cleanup;
  225. }
  227. //
  228. // Initialize the LSA.
  229. // If unsuccessful, we must exit with status so that the SM knows
  230. // something has gone wrong.
  231. //
  233. Status = LsapInitLsa();
  235. if (!NT_SUCCESS(Status)) {
  237. goto Cleanup;
  238. }
  240. //
  241. // Initialize SAM
  242. //
  244. Status = SamIInitialize();
  246. if (!NT_SUCCESS(Status) ) {
  248. goto Cleanup;
  249. }
  252. //
  253. // Do the second phase of the dc promote/demote API initialization
  254. //
  255. Status = LsapDsInitializePromoteInterface();
  256. if (!NT_SUCCESS(Status) ) {
  258. goto Cleanup;
  259. }
  261. //
  262. // Open a Trusted Handle to the local SAM server.
  263. //
  265. Status = LsapAuOpenSam( TRUE );
  267. if (!NT_SUCCESS(Status) ) {
  269. goto Cleanup;
  270. }
  272. //
  273. // Handle the LsaDs initialization
  274. //
  276. if ( NT_SUCCESS( Status ) ) {
  278. if ( SampUsingDsData() ) {
  280. LsaDsInitState = LsapDsDs;
  282. } else {
  284. LsaDsInitState = LsapDsNoDs;
  286. }
  288. Status = LsapDsInitializeDsStateInfo( LsaDsInitState );
  289. if ( !NT_SUCCESS( Status ) ) {
  291. goto Cleanup;
  292. }
  293. }
  296. Cleanup:
  298. LsapNotifyInitializationFinish(Status);
  300. ExitThread( Status );
  302. }
  304. VOID
  305. LsapNotifyInitializationFinish(
  306. IN NTSTATUS CompletionStatus
  307. )
  309. /*++
  311. Routine Description:
  313. This function handles the notification of successful or
  314. unsuccessful completion of initialization of the Security Process
  315. lsass.exe. If initialization was unsuccessful, a popup appears. If
  316. setup was run, one of two events is set. The SAM_SERVICE_STARTED event
  317. is set if LSA and SAM started OK and the SETUP_FAILED event is set if LSA
  318. or SAM server setup failed. Setup waits multiple on this object pair so
  319. that it can detect either event being set and notify the user if necessary
  320. that setup failed.
  322. Arguments:
  324. CompletionStatus - Contains a standard Nt Result Code specifying
  325. the success or otherwise of the initialization/installation.
  327. Return Values:
  329. None.
  331. --*/
  333. {
  334. NTSTATUS Status = STATUS_SUCCESS;
  335. ULONG Response;
  336. UNICODE_STRING EventName;
  337. OBJECT_ATTRIBUTES EventAttributes;
  338. HANDLE EventHandle = NULL;
  340. if (NT_SUCCESS(CompletionStatus)) {
  342. //
  343. // Set an event telling anyone wanting to call SAM that we're initialized.
  344. //
  346. RtlInitUnicodeString( &EventName, L"\\SAM_SERVICE_STARTED");
  347. InitializeObjectAttributes( &EventAttributes, &EventName, 0, 0, NULL );
  349. Status = NtCreateEvent(
  350. &EventHandle,
  351. SYNCHRONIZE|EVENT_MODIFY_STATE,
  352. &EventAttributes,
  353. NotificationEvent,
  354. FALSE // The event is initially not signaled
  355. );
  358. if ( !NT_SUCCESS(Status)) {
  360. //
  361. // If the event already exists, a waiting thread beat us to
  362. // creating it. Just open it.
  363. //
  365. if( Status == STATUS_OBJECT_NAME_EXISTS ||
  366. Status == STATUS_OBJECT_NAME_COLLISION ) {
  368. Status = NtOpenEvent(
  369. &EventHandle,
  370. SYNCHRONIZE|EVENT_MODIFY_STATE,
  371. &EventAttributes
  372. );
  373. }
  375. if ( !NT_SUCCESS(Status)) {
  377. KdPrint(("SAMSS: Failed to open SAM_SERVICE_STARTED event. %lX\n",
  378. Status ));
  379. KdPrint((" Failing to initialize SAM Server.\n"));
  380. goto InitializationFinishError;
  381. }
  382. }
  384. //
  385. // Set the SAM_SERVICE_STARTED event. Except when an error occurs,
  386. // don't close the event. Closing it would delete the event and
  387. // a future waiter would never see it be set.
  388. //
  390. Status = NtSetEvent( EventHandle, NULL );
  392. if ( !NT_SUCCESS(Status)) {
  394. KdPrint(("SAMSS: Failed to set SAM_SERVICE_STARTED event. %lX\n",
  395. Status ));
  396. KdPrint((" Failing to initialize SAM Server.\n"));
  397. NtClose(EventHandle);
  398. goto InitializationFinishError;
  400. }
  402. } else {
  404. //
  405. // The initialization/installation of Lsa and/or SAM failed. Handle errors returned
  406. // from the initialization/installation of LSA or SAM. Issue a popup
  407. // and, if installing, set an event so that setup will continue and
  408. // clean up.
  409. //
  411. ULONG_PTR Parameters[1];
  413. //
  414. // don't reboot unless LSA was running as SYSTEM.
  415. // this prevents a user who runs lsass.exe from causing an instant reboot.
  416. //
  418. if(ImpersonateSelf( SecurityImpersonation ))
  419. {
  420. HANDLE hThreadToken;
  422. if(OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, TRUE, &hThreadToken))
  423. {
  424. BOOL DoShutdown = TRUE;
  425. BOOL fIsMember;
  426. PSID psidSystem = NULL;
  427. SID_IDENTIFIER_AUTHORITY sia = SECURITY_NT_AUTHORITY;
  430. if(AllocateAndInitializeSid(
  431. &sia,
  432. 1,
  433. SECURITY_LOCAL_SYSTEM_RID,
  434. 0,0,0,0,0,0,0,
  435. &psidSystem
  436. ))
  437. {
  438. if(CheckTokenMembership(hThreadToken, psidSystem, &fIsMember))
  439. {
  440. DoShutdown = fIsMember;
  441. }
  443. if( psidSystem != NULL )
  444. {
  445. FreeSid( psidSystem );
  446. }
  447. }
  449. CloseHandle( hThreadToken );
  450. RevertToSelf();
  452. if( !DoShutdown )
  453. {
  454. goto InitializationFinishFinish;
  455. }
  456. } else {
  457. RevertToSelf();
  458. }
  459. }
  462. Parameters[0] = MB_OK | MB_ICONSTOP | MB_SETFOREGROUND;
  464. Status = NtRaiseHardError(
  465. CompletionStatus | HARDERROR_OVERRIDE_ERRORMODE,
  466. 1,
  467. 0,
  468. Parameters,
  469. OptionOk,
  470. &Response
  471. );
  473. //
  474. // If setup.exe was run, signal the SETUP_FAILED event. setup.exe
  475. // waits multiple on the SAM_SERVICE_STARTED and SETUP_FAILED events
  476. // so setup will resume and cleanup/continue as appropriate if
  477. // either of these events are set.
  478. //
  480. if (LsaISetupWasRun()) {
  482. //
  483. // Once the user has clicked OK in response to the popup, we come
  484. // back to here. Set the event SETUP_FAILED. The Setup
  485. // program (if running) waits multiple on the SAM_SERVICE_STARTED
  486. // and SETUP_FAILED events.
  487. //
  489. RtlInitUnicodeString( &EventName, L"\\SETUP_FAILED");
  490. InitializeObjectAttributes( &EventAttributes, &EventName, 0, 0, NULL );
  492. //
  493. // Open the SETUP_FAILED event (exists if setup.exe is running).
  494. //
  496. Status = NtOpenEvent(
  497. &EventHandle,
  498. SYNCHRONIZE|EVENT_MODIFY_STATE,
  499. &EventAttributes
  500. );
  502. if ( !NT_SUCCESS(Status)) {
  504. //
  505. // Something is inconsistent. We know that setup was run
  506. // so the event should exist.
  507. //
  509. KdPrint(("LSA Server: Failed to open SETUP_FAILED event. %lX\n",
  510. Status ));
  511. KdPrint((" Failing to initialize Lsa Server.\n"));
  512. goto InitializationFinishError;
  513. }
  515. Status = NtSetEvent( EventHandle, NULL );
  517. } else if ( NT_SUCCESS( Status )) {
  519. //
  520. // This is not setup, so the only option is to shut down the system
  521. //
  523. BOOLEAN WasEnabled;
  525. //
  526. // issue shutdown request
  527. //
  528. RtlAdjustPrivilege(
  529. SE_SHUTDOWN_PRIVILEGE,
  530. TRUE, // enable shutdown privilege.
  531. FALSE,
  532. &WasEnabled
  533. );
  535. //
  536. // Shutdown and Reboot now.
  537. // Note: use NtRaiseHardError to shutdown the machine will result Bug C
  538. //
  540. NtShutdownSystem( ShutdownReboot );
  542. //
  543. // if Shutdown request failed, (returned from above API)
  544. // reset shutdown privilege to previous value.
  545. //
  547. RtlAdjustPrivilege(
  548. SE_SHUTDOWN_PRIVILEGE,
  549. WasEnabled, // reset to previous state.
  550. FALSE,
  551. &WasEnabled
  552. );
  553. }
  554. }
  556. if (!NT_SUCCESS(Status)) {
  558. goto InitializationFinishError;
  559. }
  561. InitializationFinishFinish:
  563. return;
  565. InitializationFinishError:
  567. goto InitializationFinishFinish;
  568. }