You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1604 lines
37 KiB
1604 lines
37 KiB
/*++
|
|
|
|
Copyright (c) 1987-1996 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
replutil.c
|
|
|
|
Abstract:
|
|
|
|
Low level functions for SSI Replication apis
|
|
|
|
Author:
|
|
|
|
Ported from Lan Man 2.0
|
|
|
|
Environment:
|
|
|
|
User mode only.
|
|
Contains NT-specific code.
|
|
Requires ANSI C extensions: slash-slash comments, long external names.
|
|
|
|
Revision History:
|
|
|
|
22-Jul-1991 (cliffv)
|
|
Ported to NT. Converted to NT style.
|
|
|
|
02-Jan-1992 (madana)
|
|
added support for builtin/multidomain replication.
|
|
|
|
04-Apr-1992 (madana)
|
|
Added support for LSA replication.
|
|
|
|
--*/
|
|
|
|
//
|
|
// Common include files.
|
|
//
|
|
|
|
#include "logonsrv.h" // Include files common to entire service
|
|
#pragma hdrstop
|
|
|
|
//
|
|
// Include files specific to this .c file
|
|
//
|
|
|
|
#include <accessp.h> // NetpConvertWorkstationList
|
|
#include "lsarepl.h"
|
|
|
|
|
|
|
|
DWORD
|
|
NlCopyUnicodeString (
|
|
IN PUNICODE_STRING InString,
|
|
OUT PUNICODE_STRING OutString
|
|
)
|
|
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This routine copies the input string to the output. It assumes that
|
|
the input string is allocated by MIDL_user_allocate() and sets the
|
|
input string buffer pointer to NULL so that the buffer will be not
|
|
freed on return.
|
|
|
|
Arguments:
|
|
|
|
InString - Points to the UNICODE string to copy.
|
|
|
|
OutString - Points to the UNICODE string which will be updated to point
|
|
to the input string.
|
|
|
|
Return Value:
|
|
|
|
Return the size of the MIDL buffer.
|
|
|
|
--*/
|
|
{
|
|
if ( InString->Length == 0 || InString->Buffer == NULL ) {
|
|
OutString->Length = 0;
|
|
OutString->MaximumLength = 0;
|
|
OutString->Buffer = NULL;
|
|
} else {
|
|
OutString->Length = InString->Length;
|
|
OutString->MaximumLength = InString->Length;
|
|
OutString->Buffer = InString->Buffer;
|
|
InString->Buffer = NULL;
|
|
}
|
|
|
|
return( OutString->MaximumLength );
|
|
}
|
|
|
|
|
|
DWORD
|
|
NlCopyData(
|
|
IN LPBYTE *InData,
|
|
OUT LPBYTE *OutData,
|
|
DWORD DataLength
|
|
)
|
|
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This routine copies the input data pointer to output data pointer.
|
|
It assumes that the input data buffer is allocated by the
|
|
MIDL_user_allocate() and sets the input buffer buffer pointer to
|
|
NULL on return so that the data buffer will not be freed by SamIFree
|
|
rountine.
|
|
|
|
Arguments:
|
|
|
|
InData - Points to input data buffer pointer.
|
|
|
|
OutString - Pointer to output data buffer pointer.
|
|
|
|
DataLength - Length of input data.
|
|
|
|
Return Value:
|
|
|
|
Return the size of the data copied.
|
|
|
|
--*/
|
|
{
|
|
*OutData = *InData;
|
|
*InData = NULL;
|
|
|
|
return(DataLength);
|
|
}
|
|
|
|
|
|
VOID
|
|
NlFreeDBDelta(
|
|
IN PNETLOGON_DELTA_ENUM Delta
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This routine will free the midl buffers that are allocated for
|
|
a delta. This routine does nothing but call the midl generated free
|
|
routine.
|
|
|
|
Arguments:
|
|
|
|
Delta: pointer to the delta structure which has to be freed.
|
|
|
|
Return Value:
|
|
|
|
nothing
|
|
|
|
--*/
|
|
{
|
|
if( Delta != NULL ) {
|
|
_fgs__NETLOGON_DELTA_ENUM (Delta);
|
|
}
|
|
}
|
|
|
|
|
|
VOID
|
|
NlFreeDBDeltaArray(
|
|
IN PNETLOGON_DELTA_ENUM DeltaArray,
|
|
IN DWORD ArraySize
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This routine will free up all delta entries in enum array and the
|
|
array itself.
|
|
|
|
Arguments:
|
|
|
|
Delta: pointer to the delta structure array.
|
|
|
|
ArraySize: num of delta structures in the array.
|
|
|
|
Return Value:
|
|
|
|
nothing
|
|
|
|
--*/
|
|
{
|
|
DWORD i;
|
|
|
|
if( DeltaArray != NULL ) {
|
|
|
|
for( i = 0; i < ArraySize; i++) {
|
|
NlFreeDBDelta( &DeltaArray[i] );
|
|
}
|
|
|
|
MIDL_user_free( DeltaArray );
|
|
}
|
|
}
|
|
|
|
|
|
|
|
NTSTATUS
|
|
NlPackSamUser (
|
|
IN ULONG RelativeId,
|
|
IN OUT PNETLOGON_DELTA_ENUM Delta,
|
|
IN PDB_INFO DBInfo,
|
|
IN LPDWORD BufferSize,
|
|
IN PSESSION_INFO SessionInfo
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Pack a description of the specified user into the specified buffer.
|
|
|
|
Arguments:
|
|
|
|
RelativeId - The relative Id of the user query.
|
|
|
|
Delta: pointer to the delta structure where the new delta will
|
|
be returned.
|
|
|
|
DBInfo: pointer to the database info structure.
|
|
|
|
BufferSize: size of MIDL buffer that is consumed for this delta is
|
|
returned here.
|
|
|
|
SessionInfo: Info describing BDC that's calling us
|
|
|
|
Return Value:
|
|
|
|
NT status code.
|
|
|
|
--*/
|
|
{
|
|
NTSTATUS Status;
|
|
SAMPR_HANDLE UserHandle = NULL;
|
|
PNETLOGON_DELTA_USER DeltaUser;
|
|
PSAMPR_USER_INFO_BUFFER UserAll = NULL;
|
|
|
|
|
|
|
|
DEFPACKTIMER;
|
|
DEFSAMTIMER;
|
|
|
|
INITPACKTIMER;
|
|
INITSAMTIMER;
|
|
|
|
STARTPACKTIMER;
|
|
|
|
NlPrint((NL_SYNC_MORE, "Packing User Object %lx\n", RelativeId));
|
|
|
|
*BufferSize = 0;
|
|
|
|
Delta->DeltaType = AddOrChangeUser;
|
|
Delta->DeltaID.Rid = RelativeId;
|
|
Delta->DeltaUnion.DeltaUser = NULL;
|
|
|
|
//
|
|
// Open a handle to the specified user.
|
|
//
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamIOpenAccount( DBInfo->DBHandle,
|
|
RelativeId,
|
|
SecurityDbObjectSamUser,
|
|
&UserHandle );
|
|
STOPSAMTIMER;
|
|
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
UserHandle = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
|
|
|
|
//
|
|
// Query everything there is to know about this user.
|
|
//
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamrQueryInformationUser(
|
|
UserHandle,
|
|
UserInternal3Information,
|
|
&UserAll );
|
|
STOPSAMTIMER;
|
|
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
UserAll = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
|
|
NlPrint((NL_SYNC_MORE,
|
|
"\t User Object name %wZ\n",
|
|
(PUNICODE_STRING)&UserAll->Internal3.I1.UserName));
|
|
|
|
#define FIELDS_USED ( USER_ALL_USERNAME | \
|
|
USER_ALL_FULLNAME | \
|
|
USER_ALL_USERID | \
|
|
USER_ALL_PRIMARYGROUPID | \
|
|
USER_ALL_HOMEDIRECTORY | \
|
|
USER_ALL_HOMEDIRECTORYDRIVE | \
|
|
USER_ALL_SCRIPTPATH | \
|
|
USER_ALL_PROFILEPATH | \
|
|
USER_ALL_ADMINCOMMENT | \
|
|
USER_ALL_WORKSTATIONS | \
|
|
USER_ALL_LOGONHOURS | \
|
|
USER_ALL_LASTLOGON | \
|
|
USER_ALL_LASTLOGOFF | \
|
|
USER_ALL_BADPASSWORDCOUNT | \
|
|
USER_ALL_LOGONCOUNT | \
|
|
USER_ALL_PASSWORDLASTSET | \
|
|
USER_ALL_ACCOUNTEXPIRES | \
|
|
USER_ALL_USERACCOUNTCONTROL | \
|
|
USER_ALL_USERCOMMENT | \
|
|
USER_ALL_COUNTRYCODE | \
|
|
USER_ALL_CODEPAGE | \
|
|
USER_ALL_PARAMETERS | \
|
|
USER_ALL_NTPASSWORDPRESENT | \
|
|
USER_ALL_LMPASSWORDPRESENT | \
|
|
USER_ALL_PRIVATEDATA | \
|
|
USER_ALL_SECURITYDESCRIPTOR )
|
|
|
|
NlAssert( (UserAll->Internal3.I1.WhichFields & FIELDS_USED) == FIELDS_USED );
|
|
|
|
|
|
|
|
//
|
|
// Allocate a buffer to return to the caller.
|
|
//
|
|
|
|
DeltaUser = (PNETLOGON_DELTA_USER)
|
|
MIDL_user_allocate( sizeof(NETLOGON_DELTA_USER) );
|
|
|
|
if (DeltaUser == NULL) {
|
|
Status = STATUS_NO_MEMORY;
|
|
goto Cleanup;
|
|
}
|
|
|
|
//
|
|
// wipe off the buffer so that cleanup will not be in fault.
|
|
//
|
|
|
|
RtlZeroMemory( DeltaUser, sizeof(NETLOGON_DELTA_USER) );
|
|
// INIT_PLACE_HOLDER(DeltaUser);
|
|
|
|
Delta->DeltaUnion.DeltaUser = DeltaUser;
|
|
*BufferSize += sizeof(NETLOGON_DELTA_USER);
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&UserAll->Internal3.I1.UserName,
|
|
&DeltaUser->UserName );
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&UserAll->Internal3.I1.FullName,
|
|
&DeltaUser->FullName );
|
|
|
|
DeltaUser->UserId = UserAll->Internal3.I1.UserId;
|
|
DeltaUser->PrimaryGroupId = UserAll->Internal3.I1.PrimaryGroupId;
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&UserAll->Internal3.I1.HomeDirectory,
|
|
&DeltaUser->HomeDirectory );
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&UserAll->Internal3.I1.HomeDirectoryDrive,
|
|
&DeltaUser->HomeDirectoryDrive );
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&UserAll->Internal3.I1.ScriptPath,
|
|
&DeltaUser->ScriptPath );
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&UserAll->Internal3.I1.AdminComment,
|
|
&DeltaUser->AdminComment );
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&UserAll->Internal3.I1.WorkStations,
|
|
&DeltaUser->WorkStations );
|
|
|
|
DeltaUser->LastLogon = UserAll->Internal3.I1.LastLogon;
|
|
DeltaUser->LastLogoff = UserAll->Internal3.I1.LastLogoff;
|
|
|
|
//
|
|
// Copy Logon Hours
|
|
//
|
|
|
|
DeltaUser->LogonHours.UnitsPerWeek = UserAll->Internal3.I1.LogonHours.UnitsPerWeek;
|
|
DeltaUser->LogonHours.LogonHours = UserAll->Internal3.I1.LogonHours.LogonHours;
|
|
UserAll->Internal3.I1.LogonHours.LogonHours = NULL; // Don't let SAM free this.
|
|
*BufferSize += (UserAll->Internal3.I1.LogonHours.UnitsPerWeek + 7) / 8;
|
|
|
|
|
|
|
|
DeltaUser->BadPasswordCount = UserAll->Internal3.I1.BadPasswordCount;
|
|
DeltaUser->LogonCount = UserAll->Internal3.I1.LogonCount;
|
|
|
|
DeltaUser->PasswordLastSet = UserAll->Internal3.I1.PasswordLastSet;
|
|
DeltaUser->AccountExpires = UserAll->Internal3.I1.AccountExpires;
|
|
|
|
//
|
|
// Don't copy lockout bit to BDC unless it understands it.
|
|
//
|
|
|
|
DeltaUser->UserAccountControl = UserAll->Internal3.I1.UserAccountControl;
|
|
if ( (SessionInfo->NegotiatedFlags & NETLOGON_SUPPORTS_ACCOUNT_LOCKOUT) == 0 ){
|
|
DeltaUser->UserAccountControl &= ~USER_ACCOUNT_AUTO_LOCKED;
|
|
}
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&UserAll->Internal3.I1.UserComment,
|
|
&DeltaUser->UserComment );
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&UserAll->Internal3.I1.Parameters,
|
|
&DeltaUser->Parameters );
|
|
|
|
DeltaUser->CountryCode = UserAll->Internal3.I1.CountryCode;
|
|
DeltaUser->CodePage = UserAll->Internal3.I1.CodePage;
|
|
|
|
//
|
|
// Set private data.
|
|
// Includes passwords and password history.
|
|
//
|
|
|
|
DeltaUser->PrivateData.SensitiveData = UserAll->Internal3.I1.PrivateDataSensitive;
|
|
|
|
if ( UserAll->Internal3.I1.PrivateDataSensitive ) {
|
|
|
|
CRYPT_BUFFER Data;
|
|
|
|
//
|
|
// encrypt private data using session key
|
|
// Re-use the SAM's buffer and encrypt it in place.
|
|
//
|
|
|
|
Data.Length = Data.MaximumLength = UserAll->Internal3.I1.PrivateData.Length;
|
|
Data.Buffer = (PUCHAR) UserAll->Internal3.I1.PrivateData.Buffer;
|
|
UserAll->Internal3.I1.PrivateData.Buffer = NULL;
|
|
|
|
Status = NlEncryptSensitiveData( &Data, SessionInfo );
|
|
|
|
if( !NT_SUCCESS(Status) ) {
|
|
goto Cleanup;
|
|
}
|
|
|
|
DeltaUser->PrivateData.DataLength = Data.Length;
|
|
DeltaUser->PrivateData.Data = Data.Buffer;
|
|
} else {
|
|
|
|
DeltaUser->PrivateData.DataLength = UserAll->Internal3.I1.PrivateData.Length;
|
|
DeltaUser->PrivateData.Data = (PUCHAR) UserAll->Internal3.I1.PrivateData.Buffer;
|
|
|
|
UserAll->Internal3.I1.PrivateData.Buffer = NULL;
|
|
}
|
|
|
|
{ // ?? Macro requires a Local named SecurityDescriptor
|
|
PSAMPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor;
|
|
SecurityDescriptor = &UserAll->Internal3.I1.SecurityDescriptor;
|
|
DELTA_SECOBJ_INFO(DeltaUser);
|
|
}
|
|
|
|
|
|
//
|
|
// copy profile path in DummyStrings
|
|
//
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&UserAll->Internal3.I1.ProfilePath,
|
|
&DeltaUser->DummyString1 );
|
|
|
|
//
|
|
// Copy LastBadPasswordTime to DummyLong1 and DummyLong2.
|
|
//
|
|
|
|
DeltaUser->DummyLong1 = UserAll->Internal3.LastBadPasswordTime.HighPart;
|
|
DeltaUser->DummyLong2 = UserAll->Internal3.LastBadPasswordTime.LowPart;
|
|
|
|
//
|
|
// All Done
|
|
//
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
|
|
Cleanup:
|
|
|
|
|
|
STARTSAMTIMER;
|
|
|
|
if( UserHandle != NULL ) {
|
|
(VOID) SamrCloseHandle( &UserHandle );
|
|
}
|
|
|
|
if ( UserAll != NULL ) {
|
|
SamIFree_SAMPR_USER_INFO_BUFFER( UserAll, UserInternal3Information );
|
|
}
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if( !NT_SUCCESS(Status) ) {
|
|
NlFreeDBDelta( Delta );
|
|
*BufferSize = 0;
|
|
}
|
|
|
|
STOPPACKTIMER;
|
|
|
|
NlPrint((NL_REPL_OBJ_TIME,"Time taken to pack USER object:\n"));
|
|
PRINTPACKTIMER;
|
|
PRINTSAMTIMER;
|
|
|
|
return Status;
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
NlPackSamGroup (
|
|
IN ULONG RelativeId,
|
|
IN OUT PNETLOGON_DELTA_ENUM Delta,
|
|
IN PDB_INFO DBInfo,
|
|
LPDWORD BufferSize
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Pack a description of the specified group into the specified buffer.
|
|
|
|
Arguments:
|
|
|
|
RelativeId - The relative Id of the group query.
|
|
|
|
Delta: pointer to the delta structure where the new delta will
|
|
be returned.
|
|
|
|
DBInfo: pointer to the database info structure.
|
|
|
|
BufferSize: size of MIDL buffer that is consumed for this delta is
|
|
returned here.
|
|
|
|
Return Value:
|
|
|
|
NT status code.
|
|
|
|
--*/
|
|
{
|
|
NTSTATUS Status;
|
|
SAMPR_HANDLE GroupHandle = NULL;
|
|
PNETLOGON_DELTA_GROUP DeltaGroup;
|
|
|
|
//
|
|
// Information returned from SAM
|
|
//
|
|
|
|
PSAMPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor = NULL;
|
|
PSAMPR_GROUP_INFO_BUFFER GroupGeneral = NULL;
|
|
|
|
DEFPACKTIMER;
|
|
DEFSAMTIMER;
|
|
|
|
INITPACKTIMER;
|
|
INITSAMTIMER;
|
|
|
|
STARTPACKTIMER;
|
|
|
|
NlPrint((NL_SYNC_MORE, "Packing Group Object %lx\n", RelativeId ));
|
|
|
|
*BufferSize = 0;
|
|
|
|
Delta->DeltaType = AddOrChangeGroup;
|
|
Delta->DeltaID.Rid = RelativeId;
|
|
Delta->DeltaUnion.DeltaGroup = NULL;
|
|
|
|
//
|
|
// Open a handle to the specified group.
|
|
//
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamIOpenAccount( DBInfo->DBHandle,
|
|
RelativeId,
|
|
SecurityDbObjectSamGroup,
|
|
&GroupHandle );
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
GroupHandle = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
STOPSAMTIMER;
|
|
|
|
QUERY_SAM_SECOBJ_INFO(GroupHandle);
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamrQueryInformationGroup(
|
|
GroupHandle,
|
|
GroupReplicationInformation,
|
|
&GroupGeneral );
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
GroupGeneral = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
NlPrint((NL_SYNC_MORE,
|
|
"\t Group Object name %wZ\n",
|
|
(PUNICODE_STRING)&GroupGeneral->General.Name ));
|
|
|
|
DeltaGroup = (PNETLOGON_DELTA_GROUP)
|
|
MIDL_user_allocate( sizeof(NETLOGON_DELTA_GROUP) );
|
|
|
|
if( DeltaGroup == NULL ) {
|
|
|
|
Status = STATUS_NO_MEMORY;
|
|
goto Cleanup;
|
|
}
|
|
|
|
//
|
|
// wipe off the buffer so that cleanup will not be in fault.
|
|
//
|
|
|
|
RtlZeroMemory( DeltaGroup, sizeof(NETLOGON_DELTA_GROUP) );
|
|
// INIT_PLACE_HOLDER(DeltaGroup);
|
|
|
|
Delta->DeltaUnion.DeltaGroup = DeltaGroup;
|
|
*BufferSize += sizeof(NETLOGON_DELTA_GROUP);
|
|
|
|
*BufferSize = NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&GroupGeneral->General.Name,
|
|
&DeltaGroup->Name );
|
|
|
|
DeltaGroup->RelativeId = RelativeId;
|
|
DeltaGroup->Attributes = GroupGeneral->General.Attributes;
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&GroupGeneral->General.AdminComment,
|
|
&DeltaGroup->AdminComment );
|
|
|
|
|
|
DELTA_SECOBJ_INFO(DeltaGroup);
|
|
|
|
//
|
|
// All Done
|
|
//
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
Cleanup:
|
|
STARTSAMTIMER;
|
|
|
|
if( GroupHandle != NULL ) {
|
|
(VOID) SamrCloseHandle( &GroupHandle );
|
|
}
|
|
|
|
if ( SecurityDescriptor != NULL ) {
|
|
SamIFree_SAMPR_SR_SECURITY_DESCRIPTOR( SecurityDescriptor );
|
|
}
|
|
|
|
if ( GroupGeneral != NULL ) {
|
|
SamIFree_SAMPR_GROUP_INFO_BUFFER( GroupGeneral,
|
|
GroupReplicationInformation );
|
|
}
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if( !NT_SUCCESS(Status) ) {
|
|
NlFreeDBDelta( Delta );
|
|
*BufferSize = 0;
|
|
}
|
|
|
|
STOPPACKTIMER;
|
|
|
|
NlPrint((NL_REPL_OBJ_TIME,"Time taken to pack GROUP object:\n"));
|
|
PRINTPACKTIMER;
|
|
PRINTSAMTIMER;
|
|
|
|
return Status;
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
NlPackSamGroupMember (
|
|
IN ULONG RelativeId,
|
|
IN OUT PNETLOGON_DELTA_ENUM Delta,
|
|
IN PDB_INFO DBInfo,
|
|
LPDWORD BufferSize
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Pack a description of the membership of the specified group into
|
|
the specified buffer.
|
|
|
|
Arguments:
|
|
|
|
RelativeId - The relative Id of the group query.
|
|
|
|
Delta: pointer to the delta structure where the new delta will
|
|
be returned.
|
|
|
|
DBInfo: pointer to the database info structure.
|
|
|
|
BufferSize: size of MIDL buffer that is consumed for this delta is
|
|
returned here.
|
|
|
|
Return Value:
|
|
|
|
NT status code.
|
|
|
|
--*/
|
|
{
|
|
NTSTATUS Status;
|
|
SAMPR_HANDLE GroupHandle = NULL;
|
|
DWORD Size;
|
|
PNETLOGON_DELTA_GROUP_MEMBER DeltaGroupMember;
|
|
|
|
//
|
|
// Information returned from SAM
|
|
//
|
|
|
|
PSAMPR_GET_MEMBERS_BUFFER MembersBuffer = NULL;
|
|
|
|
DEFPACKTIMER;
|
|
DEFSAMTIMER;
|
|
|
|
INITPACKTIMER;
|
|
INITSAMTIMER;
|
|
|
|
STARTPACKTIMER;
|
|
|
|
NlPrint((NL_SYNC_MORE, "Packing GroupMember Object %lx\n", RelativeId));
|
|
|
|
*BufferSize = 0;
|
|
|
|
Delta->DeltaType = ChangeGroupMembership;
|
|
Delta->DeltaID.Rid = RelativeId;
|
|
Delta->DeltaUnion.DeltaGroupMember = NULL;
|
|
|
|
//
|
|
// Open a handle to the specified group.
|
|
//
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamIOpenAccount( DBInfo->DBHandle,
|
|
RelativeId,
|
|
SecurityDbObjectSamGroup,
|
|
&GroupHandle );
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
GroupHandle = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
//
|
|
// Find out everything there is to know about the group.
|
|
//
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamrGetMembersInGroup( GroupHandle, &MembersBuffer );
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
MembersBuffer = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
DeltaGroupMember = (PNETLOGON_DELTA_GROUP_MEMBER)
|
|
MIDL_user_allocate( sizeof(NETLOGON_DELTA_GROUP_MEMBER) );
|
|
|
|
if( DeltaGroupMember == NULL ) {
|
|
|
|
Status = STATUS_NO_MEMORY;
|
|
goto Cleanup;
|
|
}
|
|
|
|
//
|
|
// wipe off the buffer so that cleanup will not be in fault.
|
|
//
|
|
|
|
RtlZeroMemory( DeltaGroupMember,
|
|
sizeof(NETLOGON_DELTA_GROUP_MEMBER) );
|
|
|
|
Delta->DeltaUnion.DeltaGroupMember = DeltaGroupMember;
|
|
*BufferSize += sizeof(NETLOGON_DELTA_GROUP_MEMBER);
|
|
|
|
if ( MembersBuffer->MemberCount != 0 ) {
|
|
Size = MembersBuffer->MemberCount * sizeof(*MembersBuffer->Members);
|
|
|
|
*BufferSize += NlCopyData(
|
|
(LPBYTE *)&MembersBuffer->Members,
|
|
(LPBYTE *)&DeltaGroupMember->MemberIds,
|
|
Size );
|
|
|
|
Size = MembersBuffer->MemberCount *
|
|
sizeof(*MembersBuffer->Attributes);
|
|
|
|
*BufferSize += NlCopyData(
|
|
(LPBYTE *)&MembersBuffer->Attributes,
|
|
(LPBYTE *)&DeltaGroupMember->Attributes,
|
|
Size );
|
|
}
|
|
|
|
DeltaGroupMember->MemberCount = MembersBuffer->MemberCount;
|
|
|
|
//
|
|
// Initialize placeholder strings to NULL.
|
|
//
|
|
|
|
DeltaGroupMember->DummyLong1 = 0;
|
|
DeltaGroupMember->DummyLong2 = 0;
|
|
DeltaGroupMember->DummyLong3 = 0;
|
|
DeltaGroupMember->DummyLong4 = 0;
|
|
|
|
//
|
|
// All Done
|
|
//
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
Cleanup:
|
|
STARTSAMTIMER;
|
|
|
|
if( GroupHandle != NULL ) {
|
|
(VOID) SamrCloseHandle( &GroupHandle );
|
|
}
|
|
|
|
if ( MembersBuffer != NULL ) {
|
|
SamIFree_SAMPR_GET_MEMBERS_BUFFER( MembersBuffer );
|
|
}
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if( !NT_SUCCESS(Status) ) {
|
|
NlFreeDBDelta( Delta );
|
|
*BufferSize = 0;
|
|
}
|
|
|
|
STOPPACKTIMER;
|
|
|
|
NlPrint((NL_REPL_OBJ_TIME,"Time taken to pack GROUPMEMBER object:\n"));
|
|
PRINTPACKTIMER;
|
|
PRINTSAMTIMER;
|
|
|
|
return Status;
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
NlPackSamAlias (
|
|
IN ULONG RelativeId,
|
|
IN OUT PNETLOGON_DELTA_ENUM Delta,
|
|
IN PDB_INFO DBInfo,
|
|
LPDWORD BufferSize
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Pack a description of the specified alias into the specified buffer.
|
|
|
|
Arguments:
|
|
|
|
RelativeId - The relative Id of the alias query.
|
|
|
|
Delta: pointer to the delta structure where the new delta will
|
|
be returned.
|
|
|
|
DBInfo: pointer to the database info structure.
|
|
|
|
BufferSize: size of MIDL buffer that is consumed for this delta is
|
|
returned here.
|
|
|
|
Return Value:
|
|
|
|
NT status code.
|
|
|
|
--*/
|
|
{
|
|
NTSTATUS Status;
|
|
SAMPR_HANDLE AliasHandle = NULL;
|
|
PNETLOGON_DELTA_ALIAS DeltaAlias;
|
|
|
|
//
|
|
// Information returned from SAM
|
|
//
|
|
|
|
PSAMPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor = NULL;
|
|
|
|
PSAMPR_ALIAS_INFO_BUFFER AliasGeneral = NULL;
|
|
|
|
DEFPACKTIMER;
|
|
DEFSAMTIMER;
|
|
|
|
INITPACKTIMER;
|
|
INITSAMTIMER;
|
|
|
|
STARTPACKTIMER;
|
|
|
|
NlPrint((NL_SYNC_MORE, "Packing Alias Object %lx\n", RelativeId));
|
|
|
|
*BufferSize = 0;
|
|
|
|
Delta->DeltaType = AddOrChangeAlias;
|
|
Delta->DeltaID.Rid = RelativeId;
|
|
Delta->DeltaUnion.DeltaAlias = NULL;
|
|
|
|
//
|
|
// Open a handle to the specified alias.
|
|
//
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamIOpenAccount( DBInfo->DBHandle,
|
|
RelativeId,
|
|
SecurityDbObjectSamAlias,
|
|
&AliasHandle );
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
AliasHandle = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
QUERY_SAM_SECOBJ_INFO(AliasHandle);
|
|
|
|
//
|
|
// Determine the alias name.
|
|
//
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamrQueryInformationAlias(
|
|
AliasHandle,
|
|
AliasReplicationInformation,
|
|
&AliasGeneral );
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
AliasGeneral = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
NlPrint((NL_SYNC_MORE, "\t Alias Object name %wZ\n",
|
|
(PUNICODE_STRING)&(AliasGeneral->General.Name)));
|
|
|
|
DeltaAlias = (PNETLOGON_DELTA_ALIAS)
|
|
MIDL_user_allocate( sizeof(NETLOGON_DELTA_ALIAS) );
|
|
|
|
if( DeltaAlias == NULL ) {
|
|
|
|
Status = STATUS_NO_MEMORY;
|
|
goto Cleanup;
|
|
}
|
|
|
|
//
|
|
// wipe off the buffer so that cleanup will not be in fault.
|
|
//
|
|
|
|
RtlZeroMemory( DeltaAlias, sizeof(NETLOGON_DELTA_ALIAS) );
|
|
// INIT_PLACE_HOLDER(DeltaAlias);
|
|
|
|
Delta->DeltaUnion.DeltaAlias = DeltaAlias;
|
|
*BufferSize += sizeof(NETLOGON_DELTA_ALIAS);
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&(AliasGeneral->General.Name),
|
|
&DeltaAlias->Name );
|
|
|
|
DeltaAlias->RelativeId = RelativeId;
|
|
|
|
DELTA_SECOBJ_INFO(DeltaAlias);
|
|
|
|
//
|
|
// copy comment string
|
|
//
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&(AliasGeneral->General.AdminComment),
|
|
&DeltaAlias->DummyString1 );
|
|
|
|
//
|
|
// All Done
|
|
//
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
Cleanup:
|
|
STARTSAMTIMER;
|
|
|
|
if( AliasHandle != NULL ) {
|
|
(VOID) SamrCloseHandle( &AliasHandle );
|
|
}
|
|
|
|
if ( SecurityDescriptor != NULL ) {
|
|
SamIFree_SAMPR_SR_SECURITY_DESCRIPTOR( SecurityDescriptor );
|
|
}
|
|
|
|
|
|
if( AliasGeneral != NULL ) {
|
|
|
|
SamIFree_SAMPR_ALIAS_INFO_BUFFER (
|
|
AliasGeneral,
|
|
AliasReplicationInformation );
|
|
}
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if( !NT_SUCCESS(Status) ) {
|
|
NlFreeDBDelta( Delta );
|
|
*BufferSize = 0;
|
|
}
|
|
|
|
STOPPACKTIMER;
|
|
|
|
NlPrint((NL_REPL_OBJ_TIME,"Time taken to pack ALIAS object:\n"));
|
|
PRINTPACKTIMER;
|
|
PRINTSAMTIMER;
|
|
|
|
return Status;
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
NlPackSamAliasMember (
|
|
IN ULONG RelativeId,
|
|
IN OUT PNETLOGON_DELTA_ENUM Delta,
|
|
IN PDB_INFO DBInfo,
|
|
LPDWORD BufferSize
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Pack a description of the membership of the specified alias into
|
|
the specified buffer.
|
|
|
|
Arguments:
|
|
|
|
RelativeId - The relative Id of the alias query.
|
|
|
|
Delta: pointer to the delta structure where the new delta will
|
|
be returned.
|
|
|
|
DBInfo: pointer to the database info structure.
|
|
|
|
BufferSize: size of MIDL buffer that is consumed for this delta is
|
|
returned here.
|
|
|
|
Return Value:
|
|
|
|
NT status code.
|
|
|
|
--*/
|
|
{
|
|
NTSTATUS Status;
|
|
SAMPR_HANDLE AliasHandle = NULL;
|
|
PNETLOGON_DELTA_ALIAS_MEMBER DeltaAliasMember;
|
|
DWORD i;
|
|
|
|
//
|
|
// Information returned from SAM
|
|
//
|
|
|
|
NLPR_SID_ARRAY Members;
|
|
PNLPR_SID_INFORMATION Sids;
|
|
|
|
DEFPACKTIMER;
|
|
DEFSAMTIMER;
|
|
|
|
INITPACKTIMER;
|
|
INITSAMTIMER;
|
|
|
|
STARTPACKTIMER;
|
|
|
|
NlPrint((NL_SYNC_MORE, "Packing AliasMember Object %lx\n", RelativeId));
|
|
|
|
*BufferSize = 0;
|
|
|
|
Delta->DeltaType = ChangeAliasMembership;
|
|
Delta->DeltaID.Rid = RelativeId;
|
|
Delta->DeltaUnion.DeltaAliasMember = NULL;
|
|
|
|
Members.Sids = NULL;
|
|
|
|
|
|
//
|
|
// Open a handle to the specified alias.
|
|
//
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamIOpenAccount( DBInfo->DBHandle,
|
|
RelativeId,
|
|
SecurityDbObjectSamAlias,
|
|
&AliasHandle );
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
AliasHandle = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
//
|
|
// Find out everything there is to know about the alias.
|
|
//
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamrGetMembersInAlias( AliasHandle,
|
|
(PSAMPR_PSID_ARRAY_OUT)&Members );
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
Members.Sids = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
|
|
DeltaAliasMember = (PNETLOGON_DELTA_ALIAS_MEMBER)
|
|
MIDL_user_allocate( sizeof(NETLOGON_DELTA_ALIAS_MEMBER) );
|
|
|
|
if( DeltaAliasMember == NULL ) {
|
|
|
|
Status = STATUS_NO_MEMORY;
|
|
goto Cleanup;
|
|
}
|
|
|
|
//
|
|
// wipe off the buffer so that cleanup will not be in fault.
|
|
//
|
|
|
|
RtlZeroMemory( DeltaAliasMember,
|
|
sizeof(NETLOGON_DELTA_ALIAS_MEMBER) );
|
|
|
|
Delta->DeltaUnion.DeltaAliasMember = DeltaAliasMember;
|
|
*BufferSize += sizeof(NETLOGON_DELTA_ALIAS_MEMBER);
|
|
|
|
//
|
|
// tie up sam return node to our return node
|
|
//
|
|
|
|
DeltaAliasMember->Members = Members;
|
|
|
|
//
|
|
// however, compute the MIDL buffer consumed for members node.
|
|
//
|
|
|
|
for(i = 0, Sids = Members.Sids; i < Members.Count; ++i, Sids++) {
|
|
|
|
*BufferSize += (sizeof(PNLPR_SID_INFORMATION) +
|
|
RtlLengthSid(Sids->SidPointer));
|
|
|
|
}
|
|
|
|
*BufferSize += sizeof(SAMPR_PSID_ARRAY);
|
|
|
|
//
|
|
// Initialize placeholder strings to NULL.
|
|
//
|
|
|
|
DeltaAliasMember->DummyLong1 = 0;
|
|
DeltaAliasMember->DummyLong2 = 0;
|
|
DeltaAliasMember->DummyLong3 = 0;
|
|
DeltaAliasMember->DummyLong4 = 0;
|
|
|
|
//
|
|
// All Done
|
|
//
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
Cleanup:
|
|
|
|
STARTSAMTIMER;
|
|
|
|
if( AliasHandle != NULL ) {
|
|
(VOID) SamrCloseHandle( &AliasHandle );
|
|
}
|
|
|
|
if ( Members.Sids != NULL ) {
|
|
|
|
//
|
|
// don't free this node because we have tied up this
|
|
// node to our return info to RPC which will free it up
|
|
// when it is done with it.
|
|
//
|
|
// however, free this node under error conditions
|
|
//
|
|
|
|
}
|
|
|
|
if( !NT_SUCCESS(Status) ) {
|
|
|
|
SamIFree_SAMPR_PSID_ARRAY( (PSAMPR_PSID_ARRAY)&Members );
|
|
|
|
if( Delta->DeltaUnion.DeltaAliasMember != NULL ) {
|
|
Delta->DeltaUnion.DeltaAliasMember->Members.Sids = NULL;
|
|
}
|
|
|
|
NlFreeDBDelta( Delta );
|
|
*BufferSize = 0;
|
|
}
|
|
|
|
STOPSAMTIMER;
|
|
|
|
STOPPACKTIMER;
|
|
|
|
NlPrint((NL_REPL_OBJ_TIME,"Timing for ALIASMEBER object packing:\n"));
|
|
PRINTPACKTIMER;
|
|
PRINTSAMTIMER;
|
|
|
|
return Status;
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
NlPackSamDomain (
|
|
IN OUT PNETLOGON_DELTA_ENUM Delta,
|
|
IN PDB_INFO DBInfo,
|
|
IN LPDWORD BufferSize
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Pack a description of the sam domain into the specified buffer.
|
|
|
|
Arguments:
|
|
|
|
Delta: pointer to the delta structure where the new delta will
|
|
be returned.
|
|
|
|
DBInfo: pointer to the database info structure.
|
|
|
|
BufferSize: size of MIDL buffer that is consumed for this delta is
|
|
returned here.
|
|
|
|
Return Value:
|
|
|
|
NT status code.
|
|
|
|
--*/
|
|
{
|
|
NTSTATUS Status;
|
|
|
|
PNETLOGON_DELTA_DOMAIN DeltaDomain = NULL;
|
|
|
|
//
|
|
// Information returned from SAM
|
|
//
|
|
|
|
PSAMPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor = NULL;
|
|
PSAMPR_DOMAIN_INFO_BUFFER DomainGeneral = NULL;
|
|
PSAMPR_DOMAIN_INFO_BUFFER DomainPassword = NULL;
|
|
PSAMPR_DOMAIN_INFO_BUFFER DomainModified = NULL;
|
|
PSAMPR_DOMAIN_INFO_BUFFER DomainLockout = NULL;
|
|
|
|
DEFPACKTIMER;
|
|
DEFSAMTIMER;
|
|
|
|
INITPACKTIMER;
|
|
INITSAMTIMER;
|
|
|
|
STARTPACKTIMER;
|
|
|
|
NlPrint((NL_SYNC_MORE, "Packing Domain Object\n"));
|
|
|
|
*BufferSize = 0;
|
|
|
|
Delta->DeltaType = AddOrChangeDomain;
|
|
Delta->DeltaID.Rid = 0;
|
|
Delta->DeltaUnion.DeltaDomain = NULL;
|
|
|
|
|
|
QUERY_SAM_SECOBJ_INFO(DBInfo->DBHandle);
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamrQueryInformationDomain(
|
|
DBInfo->DBHandle,
|
|
DomainGeneralInformation,
|
|
&DomainGeneral );
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
DomainGeneral = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamrQueryInformationDomain(
|
|
DBInfo->DBHandle,
|
|
DomainPasswordInformation,
|
|
&DomainPassword );
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
DomainPassword = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamrQueryInformationDomain(
|
|
DBInfo->DBHandle,
|
|
DomainModifiedInformation,
|
|
&DomainModified );
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
DomainModified = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
STARTSAMTIMER;
|
|
|
|
Status = SamrQueryInformationDomain(
|
|
DBInfo->DBHandle,
|
|
DomainLockoutInformation,
|
|
&DomainLockout );
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if (!NT_SUCCESS(Status)) {
|
|
DomainLockout = NULL;
|
|
goto Cleanup;
|
|
}
|
|
|
|
//
|
|
// Fill in the delta structure
|
|
//
|
|
|
|
|
|
DeltaDomain = (PNETLOGON_DELTA_DOMAIN)
|
|
MIDL_user_allocate( sizeof(NETLOGON_DELTA_DOMAIN) );
|
|
|
|
if( DeltaDomain == NULL ) {
|
|
|
|
Status = STATUS_NO_MEMORY;
|
|
goto Cleanup;
|
|
}
|
|
|
|
//
|
|
// Zero the buffer so that cleanup will not access violate.
|
|
//
|
|
|
|
RtlZeroMemory( DeltaDomain, sizeof(NETLOGON_DELTA_DOMAIN) );
|
|
// INIT_PLACE_HOLDER(DeltaDomain);
|
|
|
|
Delta->DeltaUnion.DeltaDomain = DeltaDomain;
|
|
*BufferSize += sizeof(NETLOGON_DELTA_DOMAIN);
|
|
|
|
*BufferSize += NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&DomainGeneral->General.DomainName,
|
|
&DeltaDomain->DomainName );
|
|
|
|
*BufferSize = NlCopyUnicodeString(
|
|
(PUNICODE_STRING)&DomainGeneral->General.OemInformation,
|
|
&DeltaDomain->OemInformation );
|
|
|
|
DeltaDomain->ForceLogoff = DomainGeneral->General.ForceLogoff;
|
|
DeltaDomain->MinPasswordLength =
|
|
DomainPassword->Password.MinPasswordLength;
|
|
DeltaDomain->PasswordHistoryLength =
|
|
DomainPassword->Password.PasswordHistoryLength;
|
|
|
|
NEW_TO_OLD_LARGE_INTEGER(
|
|
DomainPassword->Password.MaxPasswordAge,
|
|
DeltaDomain->MaxPasswordAge );
|
|
|
|
NEW_TO_OLD_LARGE_INTEGER(
|
|
DomainPassword->Password.MinPasswordAge,
|
|
DeltaDomain->MinPasswordAge );
|
|
|
|
NEW_TO_OLD_LARGE_INTEGER(
|
|
DomainModified->Modified.DomainModifiedCount,
|
|
DeltaDomain->DomainModifiedCount );
|
|
|
|
NEW_TO_OLD_LARGE_INTEGER(
|
|
DomainModified->Modified.CreationTime,
|
|
DeltaDomain->DomainCreationTime );
|
|
|
|
|
|
DELTA_SECOBJ_INFO(DeltaDomain);
|
|
|
|
//
|
|
// replicate PasswordProperties using reserved field.
|
|
//
|
|
|
|
DeltaDomain->DummyLong1 =
|
|
DomainPassword->Password.PasswordProperties;
|
|
|
|
//
|
|
// Replicate DOMAIN_LOCKOUT_INFORMATION using reserved field.
|
|
//
|
|
|
|
DeltaDomain->DummyString1.Buffer = (LPWSTR) DomainLockout;
|
|
DeltaDomain->DummyString1.MaximumLength =
|
|
DeltaDomain->DummyString1.Length = sizeof( DomainLockout->Lockout);
|
|
DomainLockout = NULL;
|
|
|
|
//
|
|
// All Done
|
|
//
|
|
|
|
Status = STATUS_SUCCESS;
|
|
|
|
Cleanup:
|
|
|
|
STARTSAMTIMER;
|
|
|
|
if ( SecurityDescriptor != NULL ) {
|
|
SamIFree_SAMPR_SR_SECURITY_DESCRIPTOR( SecurityDescriptor );
|
|
}
|
|
|
|
if ( DomainGeneral != NULL ) {
|
|
SamIFree_SAMPR_DOMAIN_INFO_BUFFER( DomainGeneral,
|
|
DomainGeneralInformation );
|
|
}
|
|
|
|
if ( DomainPassword != NULL ) {
|
|
SamIFree_SAMPR_DOMAIN_INFO_BUFFER( DomainPassword,
|
|
DomainPasswordInformation );
|
|
}
|
|
|
|
if ( DomainModified != NULL ) {
|
|
SamIFree_SAMPR_DOMAIN_INFO_BUFFER( DomainModified,
|
|
DomainModifiedInformation );
|
|
}
|
|
|
|
if ( DomainLockout != NULL ) {
|
|
SamIFree_SAMPR_DOMAIN_INFO_BUFFER( DomainLockout,
|
|
DomainLockoutInformation );
|
|
}
|
|
|
|
STOPSAMTIMER;
|
|
|
|
if( !NT_SUCCESS(Status) ) {
|
|
NlFreeDBDelta( Delta );
|
|
*BufferSize = 0;
|
|
}
|
|
|
|
STOPPACKTIMER;
|
|
|
|
NlPrint((NL_REPL_OBJ_TIME,"Timing for DOMAIN object packing:\n"));
|
|
PRINTPACKTIMER;
|
|
PRINTSAMTIMER;
|
|
|
|
return Status;
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
NTSTATUS
|
|
NlEncryptSensitiveData(
|
|
IN OUT PCRYPT_BUFFER Data,
|
|
IN PSESSION_INFO SessionInfo
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Encrypt data using the the server session key.
|
|
|
|
Either DES or RC4 will be used depending on the negotiated flags in SessionInfo.
|
|
|
|
Arguments:
|
|
|
|
Data: Pointer to the data to be decrypted. If the decrypted data is longer
|
|
than the encrypt data, this routine will allocate a buffer for
|
|
the returned data using MIDL_user_allocate and return a description to
|
|
that buffer here. In that case, this routine will free the buffer
|
|
containing the encrypted text data using MIDL_user_free.
|
|
|
|
SessionInfo: Info describing BDC that's calling us
|
|
|
|
Return Value:
|
|
|
|
NT status code
|
|
|
|
--*/
|
|
{
|
|
NTSTATUS Status;
|
|
DATA_KEY KeyData;
|
|
|
|
|
|
//
|
|
// If both sides support RC4 encryption, use it.
|
|
//
|
|
|
|
if ( SessionInfo->NegotiatedFlags & NETLOGON_SUPPORTS_RC4_ENCRYPTION ) {
|
|
|
|
NlEncryptRC4( Data->Buffer, Data->Length, SessionInfo );
|
|
Status = STATUS_SUCCESS;
|
|
|
|
|
|
//
|
|
// If the other side is running NT 3.1,
|
|
// use the slower DES based encryption.
|
|
//
|
|
|
|
} else {
|
|
CYPHER_DATA TempData;
|
|
|
|
//
|
|
// Build a data buffer to describe the encryption key.
|
|
//
|
|
|
|
KeyData.Length = sizeof(NETLOGON_SESSION_KEY);
|
|
KeyData.MaximumLength = sizeof(NETLOGON_SESSION_KEY);
|
|
KeyData.Buffer = (PVOID)&SessionInfo->SessionKey;
|
|
|
|
//
|
|
// Build a data buffer to describe the encrypted data.
|
|
//
|
|
|
|
TempData.Length = 0;
|
|
TempData.MaximumLength = 0;
|
|
TempData.Buffer = NULL;
|
|
|
|
//
|
|
// First time make the encrypt call to determine the length.
|
|
//
|
|
|
|
Status = RtlEncryptData(
|
|
(PCLEAR_DATA)Data,
|
|
&KeyData,
|
|
&TempData );
|
|
|
|
if( Status != STATUS_BUFFER_TOO_SMALL ) {
|
|
return(Status);
|
|
}
|
|
|
|
//
|
|
// allocate output buffer.
|
|
//
|
|
|
|
TempData.MaximumLength = TempData.Length;
|
|
TempData.Buffer = MIDL_user_allocate( TempData.Length );
|
|
|
|
if( TempData.Buffer == NULL ) {
|
|
return(STATUS_NO_MEMORY);
|
|
}
|
|
|
|
//
|
|
// Encrypt the data.
|
|
//
|
|
|
|
IF_NL_DEBUG( ENCRYPT ) {
|
|
NlPrint((NL_ENCRYPT, "NlEncryptSensitiveData: Clear data: " ));
|
|
NlpDumpBuffer( NL_ENCRYPT, Data->Buffer, Data->Length );
|
|
}
|
|
|
|
Status = RtlEncryptData(
|
|
(PCLEAR_DATA)Data,
|
|
&KeyData,
|
|
&TempData );
|
|
|
|
IF_NL_DEBUG( ENCRYPT ) {
|
|
NlPrint((NL_ENCRYPT, "NlEncryptSensitiveData: Encrypted data: " ));
|
|
NlpDumpBuffer( NL_ENCRYPT, TempData.Buffer, TempData.Length );
|
|
}
|
|
|
|
//
|
|
// Return either the clear text or encrypted buffer to the caller.
|
|
//
|
|
|
|
if( NT_SUCCESS(Status) ) {
|
|
MIDL_user_free( Data->Buffer );
|
|
Data->Length = TempData.Length;
|
|
Data->MaximumLength = TempData.MaximumLength;
|
|
Data->Buffer = TempData.Buffer;
|
|
} else {
|
|
MIDL_user_free( TempData.Buffer );
|
|
}
|
|
|
|
}
|
|
|
|
return( Status );
|
|
|
|
}
|
|
|