Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

762 lines
18 KiB

  1. /*++
  2. Copyright (c) 1989 Microsoft Corporation
  3. Module Name:
  4. ausrvp.h
  5. Abstract:
  6. This module contains AUTHENTICATION related data structures and
  7. API definitions that are private to the Local Security Authority
  8. (LSA) server.
  9. Author:
  10. Jim Kelly (JimK) 21-February-1991
  11. Revision History:
  12. --*/
  13. #ifndef _AUSRVP_
  14. #define _AUSRVP_
  15. //#define LSAP_AU_TRACK_CONTEXT
  16. //#define LSAP_AU_TRACK_THREADS
  17. //#define LSAP_AU_TRACK_LOGONS
  18. #include <nt.h>
  19. #include <ntrtl.h>
  20. #include <nturtl.h>
  21. #include <ntlsa.h>
  22. #include <stdlib.h>
  23. #include "lsasrvp.h"
  24. #include <aup.h>
  25. #include <samrpc.h>
  26. #include <ntdsapi.h>
  27. #include "spmgr.h"
  28. #include <secur32p.h>
  29. #include <credp.hxx>
  30. /////////////////////////////////////////////////////////////////////////
  31. // //
  32. // AU specific constants //
  33. // //
  34. /////////////////////////////////////////////////////////////////////////
  35. //
  36. // The filter/augmentor routines use the following bits in a mask
  37. // to track properties of IDs during logon. These bits have the following
  38. // meaning:
  39. //
  40. // LSAP_AU_SID_PROP_ALLOCATED - Indicates the SID was allocated within
  41. // the filter routine. If an error occurs, this allows allocated
  42. // IDs to be deallocated. Otherwise, the caller must deallocate
  43. // them.
  44. //
  45. // LSAP_AU_SID_COPY - Indicates the SID must be copied before returning.
  46. // This typically indicates that the pointed-to SID is a global
  47. // variable for use throughout LSA or that the SID is being referenced
  48. // from another structure (such as an existing TokenInformation structure).
  49. //
  50. #define LSAP_AU_SID_PROP_ALLOCATED (0x00000001L)
  51. #define LSAP_AU_SID_PROP_COPY (0x00000002L)
  52. /////////////////////////////////////////////////////////////////////////
  53. // //
  54. // Macro definitions //
  55. // //
  56. /////////////////////////////////////////////////////////////////////////
  57. //
  58. // Macros to gain exclusive access to protected global authentication
  59. // data structures
  60. //
  61. #define LsapAuLock() (RtlEnterCriticalSection(&LsapAuLock))
  62. #define LsapAuUnlock() (RtlLeaveCriticalSection(&LsapAuLock))
  63. /////////////////////////////////////////////////////////////////////////
  64. // //
  65. // Type definitions //
  66. // //
  67. /////////////////////////////////////////////////////////////////////////
  68. //
  69. // This data structure is used to house logon process information.
  70. //
  71. typedef struct _LSAP_LOGON_PROCESS {
  72. //
  73. // Links - Used to link contexts together. This must be the
  74. // first field of the context block.
  75. //
  76. LIST_ENTRY Links;
  77. //
  78. // ReferenceCount - Used to prevent this context from being
  79. // deleted prematurely.
  80. //
  81. ULONG References;
  82. //
  83. // ClientProcess - A handle to the client process. This handle is
  84. // used to perform virtual memory operations within the client
  85. // process (allocate, deallocate, read, write).
  86. //
  87. HANDLE ClientProcess;
  88. //
  89. // CommPort - A handle to the LPC communication port created to
  90. // communicate with this client. this port must be closed
  91. // when the client deregisters.
  92. //
  93. HANDLE CommPort;
  94. //
  95. // TrustedClient - If TRUE, the caller has TCB privilege and may
  96. // call any API. If FALSE, the caller may only call
  97. // LookupAuthenticatePackage and CallPackage, which is converted
  98. // to LsaApCallPackageUntrusted.
  99. //
  100. BOOLEAN TrustedClient;
  101. //
  102. // Name of the logon process.
  103. //
  104. WCHAR LogonProcessName[1];
  105. } LSAP_LOGON_PROCESS, *PLSAP_LOGON_PROCESS;
  106. //
  107. // This structure should be treated as opaque by non-LSA code.
  108. // It is used to maintain client information related to individual
  109. // requests. A public data structure (LSA_CLIENT_REQUEST) is
  110. // typecast to this type by LSA code.
  111. //
  112. typedef struct _LSAP_CLIENT_REQUEST {
  113. //
  114. // Request - Points to the request message received from the
  115. // client.
  116. //
  117. PLSAP_AU_API_MESSAGE Request;
  118. } LSAP_CLIENT_REQUEST, *PLSAP_CLIENT_REQUEST;
  119. //
  120. // The dispatch table of services which are provided by
  121. // authentication packages.
  122. //
  123. typedef struct _LSAP_PACKAGE_TABLE {
  124. PLSA_AP_INITIALIZE_PACKAGE LsapApInitializePackage;
  125. PLSA_AP_LOGON_USER LsapApLogonUser;
  126. PLSA_AP_CALL_PACKAGE LsapApCallPackage;
  127. PLSA_AP_LOGON_TERMINATED LsapApLogonTerminated;
  128. PLSA_AP_CALL_PACKAGE_UNTRUSTED LsapApCallPackageUntrusted;
  129. PLSA_AP_LOGON_USER_EX LsapApLogonUserEx;
  130. } LSAP_PACKAGE_TABLE, *PLSA_PACKAGE_TABLE;
  131. //
  132. // Used to house information about each loaded authentication package
  133. //
  134. typedef struct _LSAP_PACKAGE_CONTEXT {
  135. PSTRING Name;
  136. LSAP_PACKAGE_TABLE PackageApi;
  137. } LSAP_PACKAGE_CONTEXT, *PLSAP_PACKAGE_CONTEXT;
  138. //
  139. // Rather than keep authentication package contexts in a linked list,
  140. // they are pointed to via an array of pointers. This is practical
  141. // because there will never be more than a handful of authentication
  142. // packages in any particular system, and because authentication packages
  143. // are never unloaded.
  144. //
  145. typedef struct _LSAP_PACKAGE_ARRAY {
  146. PLSAP_PACKAGE_CONTEXT Package[ANYSIZE_ARRAY];
  147. } LSAP_PACKAGE_ARRAY, *PLSAP_PACKAGE_ARRAY;
  148. //
  149. // Logon Session & Credential management data structures.
  150. //
  151. // Credentials are kept in a structure that looks like:
  152. //
  153. // +------+ +------+
  154. // LsapLogonSessions->| Logon|---->| Logon|------> o o o
  155. // | Id | | Id |
  156. // | * | | * |
  157. // +---|--+ +---|--+
  158. // |
  159. // | +-----+ +-----+
  160. // +-->| Auth|------>| Auth|
  161. // | Cred| | Cred|
  162. // |- - -| |- - -|
  163. // | Cred| | . |
  164. // | List| | . |
  165. // | * | | . |
  166. // +--|--+ +-----+
  167. // |
  168. // +------> +------------+
  169. // | NextCred | -----> o o o
  170. // |- - - - - - |
  171. // | Primary Key|--->(PrimaryKeyvalue)
  172. // |- - - - - - |
  173. // | Credential |
  174. // | Value |--->(CredentialValue)
  175. // +------------+
  176. //
  177. //
  178. //
  179. typedef struct _LSAP_CREDENTIALS {
  180. struct _LSAP_CREDENTIALS *NextCredentials;
  181. STRING PrimaryKey;
  182. STRING Credentials;
  183. } LSAP_CREDENTIALS, *PLSAP_CREDENTIALS;
  184. typedef struct _LSAP_PACKAGE_CREDENTIALS {
  185. struct _LSAP_PACKAGE_CREDENTIALS *NextPackage;
  186. //
  187. // Package that created (and owns) these credentials
  188. //
  189. ULONG PackageId;
  190. //
  191. // List of credentials associated with this package
  192. //
  193. PLSAP_CREDENTIALS Credentials;
  194. } LSAP_PACKAGE_CREDENTIALS, *PLSAP_PACKAGE_CREDENTIALS;
  195. #define LSAP_MAX_DS_NAMES (DS_DNS_DOMAIN_NAME + 1)
  196. typedef struct _LSAP_DS_NAME_MAP {
  197. LARGE_INTEGER ExpirationTime ;
  198. LONG RefCount ;
  199. UNICODE_STRING Name ;
  200. } LSAP_DS_NAME_MAP, * PLSAP_DS_NAME_MAP ;
  201. typedef struct _LSAP_LOGON_SESSION {
  202. //
  203. // List maintained for enumeration
  204. //
  205. LIST_ENTRY List ;
  206. //
  207. // Each record represents just one logon session
  208. //
  209. LUID LogonId;
  210. //
  211. // For audit purposes, we keep an account name, authenticating
  212. // authority name, and User SID for each logon session.
  213. //
  214. UNICODE_STRING AccountName;
  215. UNICODE_STRING AuthorityName;
  216. UNICODE_STRING ProfilePath;
  217. PSID UserSid;
  218. SECURITY_LOGON_TYPE LogonType;
  219. //
  220. // Session ID
  221. //
  222. ULONG Session ;
  223. //
  224. // Logon Time
  225. //
  226. LARGE_INTEGER LogonTime ;
  227. //
  228. // purported logon server.
  229. //
  230. UNICODE_STRING LogonServer;
  231. //
  232. // The authentication packages that have credentials associated
  233. // with this logon session each have their own record in the following
  234. // linked list.
  235. //
  236. // Access serialized by AuCredLock
  237. //
  238. PLSAP_PACKAGE_CREDENTIALS Packages;
  239. //
  240. // License Server Handle.
  241. //
  242. // Null if the license server need not be notified upon logoff.
  243. //
  244. HANDLE LicenseHandle;
  245. //
  246. // Handle to the token associated with this session.
  247. //
  248. // Read-only field once added to the logon session.
  249. //
  250. HANDLE TokenHandle;
  251. //
  252. // Creating Package
  253. //
  254. // Read-only field once added to the logon session.
  255. //
  256. ULONG_PTR CreatingPackage;
  257. //
  258. // Create trace info:
  259. //
  260. // Read-only field once added to the logon session.
  261. //
  262. ULONG PackageSpecificAttr ;
  263. //
  264. // Credential Sets for this logon session.
  265. //
  266. CREDENTIAL_SETS CredentialSets;
  267. //
  268. // Access serialized by LogonSessionListLock
  269. //
  270. PLSAP_DS_NAME_MAP DsNames[ LSAP_MAX_DS_NAMES ];
  271. //
  272. // Logon GUID
  273. //
  274. // This is used by Kerberos package for auditing.
  275. // (please see function header for LsaIGetLogonGuid for more info)
  276. //
  277. // Read-only field once added to the logon session.
  278. //
  279. GUID LogonGuid;
  280. //
  281. // User name and domain used when going off the machine if the
  282. // LogonType equals NewCredentials, not populated otherwise.
  283. // This information is duplicated from the logon packages so that
  284. // auditing can retrieve it in a package independent way.
  285. //
  286. UNICODE_STRING NewAccountName;
  287. UNICODE_STRING NewAuthorityName;
  288. }
  289. LSAP_LOGON_SESSION, *PLSAP_LOGON_SESSION;
  290. /////////////////////////////////////////////////////////////////////////
  291. // //
  292. // Internal API definitions //
  293. // //
  294. /////////////////////////////////////////////////////////////////////////
  295. NTSTATUS
  296. LsapAuApiDispatchLogonUser( // LsaLogonUser() dispatch routine
  297. IN OUT PLSAP_CLIENT_REQUEST ClientRequest
  298. );
  299. NTSTATUS
  300. LsapAuApiDispatchCallPackage( // LsaCallAuthenticationPackage() dispatch routine
  301. IN OUT PLSAP_CLIENT_REQUEST ClientRequest
  302. );
  303. //
  304. // Client process virtual memory routines
  305. //
  306. NTSTATUS
  307. LsapAllocateClientBuffer (
  308. IN PLSA_CLIENT_REQUEST ClientRequest,
  309. IN ULONG LengthRequired,
  310. OUT PVOID *ClientBaseAddress
  311. );
  312. NTSTATUS
  313. LsapFreeClientBuffer (
  314. IN PLSA_CLIENT_REQUEST ClientRequest,
  315. IN PVOID ClientBaseAddress OPTIONAL
  316. );
  317. NTSTATUS
  318. LsapCopyToClientBuffer (
  319. IN PLSA_CLIENT_REQUEST ClientRequest,
  320. IN ULONG Length,
  321. IN PVOID ClientBaseAddress,
  322. IN PVOID BufferToCopy
  323. );
  324. NTSTATUS
  325. LsapCopyFromClientBuffer (
  326. IN PLSA_CLIENT_REQUEST ClientRequest,
  327. IN ULONG Length,
  328. IN PVOID BufferToCopy,
  329. IN PVOID ClientBaseAddress
  330. );
  331. //
  332. // Logon session routines
  333. //
  334. BOOLEAN
  335. LsapLogonSessionInitialize();
  336. NTSTATUS
  337. LsapCreateLogonSession(
  338. IN PLUID LogonId
  339. );
  340. NTSTATUS
  341. LsapDeleteLogonSession (
  342. IN PLUID LogonId
  343. );
  344. PLSAP_LOGON_SESSION
  345. LsapLocateLogonSession(
  346. PLUID LogonId
  347. );
  348. VOID
  349. LsapReleaseLogonSession(
  350. PLSAP_LOGON_SESSION LogonSession
  351. );
  352. NTSTATUS
  353. LsapSetLogonSessionAccountInfo(
  354. IN PLUID LogonId,
  355. IN PUNICODE_STRING AccountName,
  356. IN PUNICODE_STRING AuthorityName,
  357. IN OPTIONAL PUNICODE_STRING ProfilePath,
  358. IN PSID * UserSid,
  359. IN SECURITY_LOGON_TYPE LogonType,
  360. IN OPTIONAL PSECPKG_PRIMARY_CRED PrimaryCredentials
  361. );
  362. NTSTATUS
  363. LsapGetLogonSessionAccountInfo(
  364. IN PLUID LogonId,
  365. OUT PUNICODE_STRING AccountName,
  366. OUT PUNICODE_STRING AuthorityName
  367. );
  368. VOID
  369. LsapDerefDsNameMap(
  370. PLSAP_DS_NAME_MAP Map
  371. );
  372. NTSTATUS
  373. LsapGetNameForLogonSession(
  374. PLSAP_LOGON_SESSION LogonSession,
  375. ULONG NameType,
  376. PLSAP_DS_NAME_MAP * Map,
  377. BOOL LocalOnly
  378. );
  379. NTSTATUS
  380. LsapSetSessionToken(
  381. IN HANDLE InputTokenHandle,
  382. IN PLUID LogonId
  383. );
  384. NTSTATUS
  385. LsapOpenTokenByLogonId(
  386. IN PLUID LogonId,
  387. OUT HANDLE *RetTokenHandle
  388. );
  389. PLSAP_DS_NAME_MAP
  390. LsapGetNameForLocalSystem(
  391. VOID
  392. );
  393. //
  394. // Credentials routines
  395. //
  396. NTSTATUS
  397. LsapAddCredential(
  398. IN PLUID LogonId,
  399. IN ULONG AuthenticationPackage,
  400. IN PSTRING PrimaryKeyValue,
  401. IN PSTRING Credentials
  402. );
  403. NTSTATUS
  404. LsapGetCredentials(
  405. IN PLUID LogonId,
  406. IN ULONG AuthenticationPackage,
  407. IN OUT PULONG QueryContext,
  408. IN BOOLEAN RetrieveAllCredentials,
  409. IN PSTRING PrimaryKeyValue,
  410. OUT PULONG PrimaryKeyLength,
  411. IN PSTRING Credentials
  412. );
  413. NTSTATUS
  414. LsapDeleteCredential(
  415. IN PLUID LogonId,
  416. IN ULONG AuthenticationPackage,
  417. IN PSTRING PrimaryKeyValue
  418. );
  419. PLSAP_PACKAGE_CREDENTIALS
  420. LsapGetPackageCredentials(
  421. IN PLSAP_LOGON_SESSION LogonSession,
  422. IN ULONG PackageId,
  423. IN BOOLEAN CreateIfNecessary
  424. );
  425. VOID
  426. LsapFreePackageCredentialList(
  427. IN PLSAP_PACKAGE_CREDENTIALS PackageCredentialList
  428. );
  429. VOID
  430. LsapFreeCredentialList(
  431. IN PLSAP_CREDENTIALS CredentialList
  432. );
  433. NTSTATUS
  434. LsapReturnCredential(
  435. IN PLSAP_CREDENTIALS SourceCredentials,
  436. IN PSTRING TargetCredentials,
  437. IN BOOLEAN ReturnPrimaryKey,
  438. IN PSTRING PrimaryKeyValue OPTIONAL,
  439. OUT PULONG PrimaryKeyLength OPTIONAL
  440. );
  441. //
  442. // Logon process related services
  443. //
  444. NTSTATUS
  445. LsapValidLogonProcess(
  446. IN PVOID ConnectionRequest,
  447. IN ULONG RequestLength,
  448. IN PCLIENT_ID ClientId,
  449. OUT PLUID LogonId,
  450. OUT PULONG Flags
  451. );
  452. //
  453. // Authentication package routines
  454. //
  455. VOID
  456. LsapAuLogonTerminatedPackages(
  457. IN PLUID LogonId
  458. );
  459. NTSTATUS
  460. LsaCallLicenseServer(
  461. IN PWCHAR LogonProcessName,
  462. IN PUNICODE_STRING AccountName,
  463. IN PUNICODE_STRING DomainName OPTIONAL,
  464. IN BOOLEAN IsAdmin,
  465. OUT HANDLE *LicenseHandle
  466. );
  467. VOID
  468. LsaFreeLicenseHandle(
  469. IN HANDLE LicenseHandle
  470. );
  471. //
  472. // Miscellaneous other routines
  473. // (LsapAuInit() is the link to the rest of LSA and resides in lsap.h)
  474. //
  475. BOOLEAN
  476. LsapWellKnownValueInit(
  477. VOID
  478. );
  479. BOOLEAN
  480. LsapEnableCreateTokenPrivilege(
  481. VOID
  482. );
  483. NTSTATUS
  484. LsapCreateNullToken(
  485. IN PLUID LogonId,
  486. IN PTOKEN_SOURCE TokenSource,
  487. IN PLSA_TOKEN_INFORMATION_NULL TokenInformationNull,
  488. OUT PHANDLE Token
  489. );
  490. NTSTATUS
  491. LsapCreateV2Token(
  492. IN PLUID LogonId,
  493. IN PTOKEN_SOURCE TokenSource,
  494. IN PLSA_TOKEN_INFORMATION_V2 TokenInformationV2,
  495. IN TOKEN_TYPE TokenType,
  496. IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
  497. OUT PHANDLE Token
  498. );
  499. NTSTATUS
  500. LsapCaptureClientTokenGroups(
  501. IN PLSAP_CLIENT_REQUEST ClientRequest,
  502. IN ULONG GroupCount,
  503. IN PTOKEN_GROUPS ClientTokenGroups,
  504. IN PTOKEN_GROUPS *CapturedTokenGroups
  505. );
  506. NTSTATUS
  507. LsapBuildDefaultTokenGroups(
  508. PLSAP_LOGON_USER_ARGS Arguments
  509. );
  510. VOID
  511. LsapFreeTokenGroups(
  512. IN PTOKEN_GROUPS TokenGroups
  513. );
  514. VOID
  515. LsapFreeTokenPrivileges(
  516. IN PTOKEN_PRIVILEGES TokenPrivileges OPTIONAL
  517. );
  518. VOID
  519. LsapFreeTokenInformationNull(
  520. IN PLSA_TOKEN_INFORMATION_NULL TokenInformationNull
  521. );
  522. VOID
  523. LsapFreeTokenInformationV1(
  524. IN PLSA_TOKEN_INFORMATION_V1 TokenInformationV1
  525. );
  526. VOID
  527. LsapFreeTokenInformationV2(
  528. IN PLSA_TOKEN_INFORMATION_V2 TokenInformationV2
  529. );
  530. NTSTATUS
  531. LsapAuUserLogonPolicyFilter(
  532. IN SECURITY_LOGON_TYPE LogonType,
  533. IN PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,
  534. IN PVOID *TokenInformation,
  535. IN PTOKEN_GROUPS LocalGroups,
  536. OUT PQUOTA_LIMITS QuotaLimits,
  537. OUT PPRIVILEGE_SET *PrivilegesAssigned,
  538. IN BOOL RecoveryMode
  539. );
  540. /////////////////////////////////////////////////////////////////////////
  541. // //
  542. // Global variables of the LSA server //
  543. // //
  544. /////////////////////////////////////////////////////////////////////////
  545. //
  546. // Well known LUIDs
  547. //
  548. extern LUID LsapSystemLogonId;
  549. extern LUID LsapAnonymousLogonId;
  550. //
  551. // Well known privilege values
  552. //
  553. extern LUID LsapTcbPrivilege;
  554. //
  555. // Strings needed for auditing.
  556. //
  557. extern UNICODE_STRING LsapLsaAuName;
  558. extern UNICODE_STRING LsapRegisterLogonServiceName;
  559. //
  560. // The following information pertains to the use of the local SAM
  561. // for authentication.
  562. //
  563. // Length of typical Sids of members of the Account or Built-In Domains
  564. extern ULONG LsapAccountDomainMemberSidLength,
  565. LsapBuiltinDomainMemberSidLength;
  566. // Sub-Authority Counts for members of the Account or Built-In Domains
  567. extern UCHAR LsapAccountDomainSubCount,
  568. LsapBuiltinDomainSubCount;
  569. // Typical Sids for members of Account or Built-in Domains
  570. extern PSID LsapAccountDomainMemberSid,
  571. LsapBuiltinDomainMemberSid;
  572. #endif // _AUSRVP_