archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/base/lsa/server/samhooks.cxx

1925 lines
44 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 1997.
  5. //
  6. // File: samhooks.cxx
  7. //
  8. // Contents: SAM Hooks for security packages
  9. //
  10. // Classes:
  11. //
  12. // Functions:
  13. //
  14. // History: 3-10-97 RichardW Created
  15. //
  16. //----------------------------------------------------------------------------
  19. #include <lsapch.hxx>
  21. #include <lmcons.h>
  22. #include <ntsam.h>
  23. #include <samrpc.h>
  24. #include <samisrv.h>
  25. #include <ntmsv1_0.h>
  26. #include <pac.hxx>
  27. #include "samhooks.hxx"
  32. //+---------------------------------------------------------------------------
  33. //
  34. // Function: LsapMakeDomainRelativeSid
  35. //
  36. // Synopsis: Build a new SID based on a domain SID and a RID
  37. //
  38. // Arguments: [DomainId] --
  39. // [RelativeId] --
  40. //
  41. // History: 3-11-97 RichardW Created
  42. //
  43. // Notes:
  44. //
  45. //----------------------------------------------------------------------------
  46. PSID
  47. LsapMakeDomainRelativeSid(
  48. IN PSID DomainId,
  49. IN ULONG RelativeId
  50. )
  52. {
  53. UCHAR DomainIdSubAuthorityCount;
  54. ULONG Size;
  55. PSID Sid;
  57. if ( !DomainId ) {
  59. return( NULL );
  60. }
  62. //
  63. // Allocate a Sid which has one more sub-authority than the domain ID.
  64. //
  66. DomainIdSubAuthorityCount = *(RtlSubAuthorityCountSid( DomainId ));
  67. Size = RtlLengthRequiredSid(DomainIdSubAuthorityCount+1);
  69. if ((Sid = LsapAllocateLsaHeap( Size )) == NULL ) {
  70. return NULL;
  71. }
  73. //
  74. // Initialize the new SID to have the same inital value as the
  75. // domain ID.
  76. //
  78. if ( !NT_SUCCESS( RtlCopySid( Size, Sid, DomainId ) ) ) {
  79. LsapFreeLsaHeap( Sid );
  80. return NULL;
  81. }
  83. //
  84. // Adjust the sub-authority count and
  85. // add the relative Id unique to the newly allocated SID
  86. //
  88. (*(RtlSubAuthorityCountSid( Sid ))) ++;
  89. *RtlSubAuthoritySid( Sid, DomainIdSubAuthorityCount ) = RelativeId;
  92. return Sid;
  93. }
  95. PSID
  96. LsapMakeDomainRelativeSid2(
  97. IN PSID DomainId,
  98. IN ULONG RelativeId
  99. )
  101. {
  102. UCHAR DomainIdSubAuthorityCount;
  103. ULONG Size;
  104. PSID Sid;
  106. if ( !DomainId ) {
  108. return( NULL );
  109. }
  111. //
  112. // Allocate a Sid which has one more sub-authority than the domain ID.
  113. //
  115. DomainIdSubAuthorityCount = *(RtlSubAuthorityCountSid( DomainId ));
  116. Size = RtlLengthRequiredSid(DomainIdSubAuthorityCount+1);
  118. if ((Sid = LsapAllocatePrivateHeap( Size )) == NULL ) {
  119. return NULL;
  120. }
  122. //
  123. // Initialize the new SID to have the same inital value as the
  124. // domain ID.
  125. //
  127. if ( !NT_SUCCESS( RtlCopySid( Size, Sid, DomainId ) ) ) {
  128. LsapFreePrivateHeap( Sid );
  129. return NULL;
  130. }
  132. //
  133. // Adjust the sub-authority count and
  134. // add the relative Id unique to the newly allocated SID
  135. //
  137. (*(RtlSubAuthorityCountSid( Sid ))) ++;
  138. *RtlSubAuthoritySid( Sid, DomainIdSubAuthorityCount ) = RelativeId;
  141. return Sid;
  142. }
  144. //+-------------------------------------------------------------------------
  145. //
  146. // Function: LsapDuplicateSid
  147. //
  148. // Synopsis: Duplicates a SID
  149. //
  150. // Effects: allocates memory with LsaFunctions.AllocateLsaHeap
  151. //
  152. // Arguments: DestinationSid - Receives a copy of the SourceSid
  153. // SourceSid - SID to copy
  154. //
  155. // Requires:
  156. //
  157. // Returns: STATUS_SUCCESS - the copy succeeded
  158. // STATUS_INSUFFICIENT_RESOURCES - the call to allocate memory
  159. // failed
  160. //
  161. // Notes:
  162. //
  163. //
  164. //--------------------------------------------------------------------------
  165. NTSTATUS
  166. LsapDuplicateSid(
  167. OUT PSID * DestinationSid,
  168. IN PSID SourceSid
  169. )
  170. {
  171. ULONG SidSize;
  173. DsysAssert(RtlValidSid(SourceSid));
  175. SidSize = RtlLengthSid(SourceSid);
  177. *DestinationSid = (PSID) LsapAllocateLsaHeap( SidSize );
  179. if (*DestinationSid == NULL)
  180. {
  181. return(STATUS_INSUFFICIENT_RESOURCES);
  182. }
  184. RtlCopyMemory(
  185. *DestinationSid,
  186. SourceSid,
  187. SidSize
  188. );
  190. return(STATUS_SUCCESS);
  191. }
  193. NTSTATUS
  194. LsapDuplicateSid2(
  195. OUT PSID * DestinationSid,
  196. IN PSID SourceSid
  197. )
  198. {
  199. ULONG SidSize;
  201. DsysAssert(RtlValidSid(SourceSid));
  203. SidSize = RtlLengthSid(SourceSid);
  205. *DestinationSid = (PSID) LsapAllocatePrivateHeap( SidSize );
  207. if (*DestinationSid == NULL)
  208. {
  209. return(STATUS_INSUFFICIENT_RESOURCES);
  210. }
  212. RtlCopyMemory(
  213. *DestinationSid,
  214. SourceSid,
  215. SidSize
  216. );
  218. return(STATUS_SUCCESS);
  219. }
  221. //+---------------------------------------------------------------------------
  222. //
  223. // Function: LsapCaptureSamInfo
  224. //
  225. // Synopsis: Capture current SAM info for building a PAC
  226. //
  227. // Arguments: [DomainSid] -- Returns domain SID
  228. // [DomainName] -- returns domain name
  229. // [MachineName] -- returns current machine name
  230. //
  231. // History: 3-14-97 RichardW Created
  232. //
  233. // Notes:
  234. //
  235. //----------------------------------------------------------------------------
  236. NTSTATUS
  237. LsapCaptureSamInfo(
  238. PSID * DomainSid,
  239. PUNICODE_STRING DomainName,
  240. PUNICODE_STRING MachineName
  241. )
  242. {
  243. NTSTATUS Status;
  244. PLSAPR_POLICY_INFORMATION PolicyInformation = NULL;
  245. UNICODE_STRING String;
  246. WCHAR LocalMachineName[ CNLEN + 1 ];
  247. DWORD Size ;
  248. PSID Sid ;
  250. Size = CNLEN + 1;
  252. if ( GetComputerName( LocalMachineName, &Size ) )
  253. {
  254. RtlInitUnicodeString( &String, LocalMachineName );
  256. Status = LsapDuplicateString( MachineName, &String );
  257. }
  258. else
  259. {
  260. MachineName->Buffer = (PWSTR) LsapAllocateLsaHeap( Size *
  261. sizeof(WCHAR) + 2 );
  263. if ( MachineName->Buffer )
  264. {
  265. MachineName->MaximumLength = (USHORT) (Size * sizeof(WCHAR) + 2);
  267. GetComputerName( MachineName->Buffer, &Size );
  269. MachineName->Length = (USHORT) (Size * sizeof( WCHAR ) );;
  271. Status = STATUS_SUCCESS ;
  272. }
  273. else
  274. {
  275. Status = STATUS_NO_MEMORY ;
  276. }
  277. }
  279. if ( !NT_SUCCESS( Status ) )
  280. {
  281. DebugLog(( DEB_ERROR, "Failed to get computer name, %x\n", Status ));
  282. goto Cleanup;
  283. }
  285. Status = LsarQueryInformationPolicy(
  286. LsapPolicyHandle,
  287. PolicyAccountDomainInformation,
  288. &PolicyInformation
  289. );
  291. if (!NT_SUCCESS(Status))
  292. {
  293. DebugLog((DEB_ERROR,"Failed to query information policy: 0x%x\n",Status));
  294. goto Cleanup;
  295. }
  297. Status = LsapDuplicateString(
  298. DomainName,
  299. (PUNICODE_STRING) &PolicyInformation->PolicyAccountDomainInfo.DomainName
  300. );
  301. if (!NT_SUCCESS(Status))
  302. {
  303. goto Cleanup;
  304. }
  306. Sid = (PSID) LocalAlloc(0, RtlLengthSid(
  307. PolicyInformation->PolicyAccountDomainInfo.DomainSid)
  308. );
  310. if ( Sid == NULL )
  311. {
  312. Status = STATUS_INSUFFICIENT_RESOURCES;
  313. goto Cleanup;
  314. }
  315. RtlCopyMemory(
  316. Sid,
  317. PolicyInformation->PolicyAccountDomainInfo.DomainSid,
  318. RtlLengthSid(PolicyInformation->PolicyAccountDomainInfo.DomainSid)
  319. );
  321. *DomainSid = Sid ;
  323. Cleanup:
  324. if (PolicyInformation != NULL)
  325. {
  326. LsaIFree_LSAPR_POLICY_INFORMATION(
  327. PolicyPrimaryDomainInformation,
  328. PolicyInformation
  329. );
  330. }
  332. return( Status );
  334. }
  337. //+---------------------------------------------------------------------------
  338. //
  339. // Function: LsaOpenSamUser
  340. //
  341. // Synopsis: Opens a handle to the SAM user as specified by Name and NameType
  342. //
  343. // Arguments: [Name] -- Name of user to find
  344. // [NameType] -- SAM or AlternateId
  345. // [Prefix] -- Prefix for AlternateId lookup
  346. // [AllowGuest] -- Open guest if user not found
  347. // [Reserved] --
  348. // [UserHandle] -- Returned user handle
  349. //
  350. // History: 3-14-97 RichardW Created
  351. //
  352. // Notes:
  353. //
  354. //----------------------------------------------------------------------------
  355. NTSTATUS
  356. NTAPI
  357. LsaOpenSamUser(
  358. PSECURITY_STRING Name,
  359. SECPKG_NAME_TYPE NameType,
  360. PSECURITY_STRING Prefix,
  361. BOOLEAN AllowGuest,
  362. ULONG Reserved,
  363. PVOID * UserHandle
  364. )
  365. {
  366. NTSTATUS Status = STATUS_NOT_IMPLEMENTED ;
  367. SECURITY_STRING CombinedName ;
  368. PSECURITY_STRING EffectiveName ;
  369. SAMPR_ULONG_ARRAY RelativeIdArray;
  370. SAMPR_ULONG_ARRAY UseArray;
  371. UNICODE_STRING TempString;
  373. RelativeIdArray.Element = NULL;
  374. UseArray.Element = NULL;
  378. if ( NameType == SecNameAlternateId )
  379. {
  380. if ( !Prefix )
  381. {
  382. return STATUS_INVALID_PARAMETER ;
  383. }
  385. CombinedName.MaximumLength = Name->Length + Prefix->Length +
  386. 2 * sizeof( WCHAR );
  388. CombinedName.Length = CombinedName.MaximumLength - sizeof( WCHAR );
  390. CombinedName.Buffer = (PWSTR) LsapAllocateLsaHeap( CombinedName.MaximumLength );
  393. if ( CombinedName.Buffer )
  394. {
  395. CopyMemory( CombinedName.Buffer, Prefix->Buffer, Prefix->Length );
  397. CombinedName.Buffer[ Prefix->Length / sizeof( WCHAR ) ] = L':';
  399. CopyMemory( &CombinedName.Buffer[ Prefix->Length / sizeof( WCHAR ) + 1],
  400. Name->Buffer,
  401. Name->Length + sizeof( WCHAR ) );
  403. EffectiveName = &CombinedName ;
  405. }
  406. else
  407. {
  408. return SEC_E_INSUFFICIENT_MEMORY ;
  409. }
  411. }
  412. else
  413. {
  414. EffectiveName = Name ;
  415. }
  417. if ( NameType == SecNameSamCompatible )
  418. {
  419. Status = SamrLookupNamesInDomain(
  420. LsapAccountDomainHandle,
  421. 1,
  422. (PRPC_UNICODE_STRING) Name,
  423. &RelativeIdArray,
  424. &UseArray
  425. );
  427. if (!NT_SUCCESS(Status))
  428. {
  429. DebugLog((DEB_ERROR,"Failed to lookup name %wZ in domain: 0x%x\n",
  430. Name, Status));
  432. goto CheckGuest ;
  433. }
  435. if (UseArray.Element[0] != SidTypeUser)
  436. {
  437. Status = STATUS_NO_SUCH_USER;
  439. goto CheckGuest ;
  440. }
  443. Status = SamrOpenUser(
  444. LsapAccountDomainHandle,
  445. USER_ALL_ACCESS,
  446. RelativeIdArray.Element[0],
  447. UserHandle
  448. );
  450. SamIFree_SAMPR_ULONG_ARRAY( &RelativeIdArray );
  451. SamIFree_SAMPR_ULONG_ARRAY( &UseArray );
  453. RelativeIdArray.Element = NULL;
  454. UseArray.Element = NULL;
  457. if (!NT_SUCCESS(Status))
  458. {
  459. DebugLog((DEB_ERROR,"Failed to open user by relative ID: 0x%x\n",Status));
  461. goto CheckGuest ;
  462. }
  464. }
  465. else if ( NameType == SecNameAlternateId )
  466. {
  468. Status = SamIOpenUserByAlternateId(
  469. LsapAccountDomainHandle,
  470. USER_ALL_ACCESS,
  471. EffectiveName,
  472. UserHandle );
  474. if ( !NT_SUCCESS( Status ) )
  475. {
  476. DebugLog(( DEB_TRACE_SAM, "Failed to find user by alternate id, %x\n", Status ));
  478. goto CheckGuest ;
  479. }
  480. }
  481. else
  482. {
  483. Status = STATUS_NOT_IMPLEMENTED ;
  485. AllowGuest = FALSE ;
  486. }
  488. if ( RelativeIdArray.Element )
  489. {
  490. SamIFree_SAMPR_ULONG_ARRAY( &RelativeIdArray );
  492. RelativeIdArray.Element = NULL;
  493. }
  494. if ( UseArray.Element )
  495. {
  496. SamIFree_SAMPR_ULONG_ARRAY( &UseArray );
  498. UseArray.Element = NULL;
  499. }
  501. if ( EffectiveName == &CombinedName )
  502. {
  503. LsapFreeLsaHeap( EffectiveName->Buffer );
  504. }
  506. return Status ;
  508. CheckGuest:
  510. if ( RelativeIdArray.Element )
  511. {
  512. SamIFree_SAMPR_ULONG_ARRAY( &RelativeIdArray );
  514. RelativeIdArray.Element = NULL;
  515. }
  516. if ( UseArray.Element )
  517. {
  518. SamIFree_SAMPR_ULONG_ARRAY( &UseArray );
  520. UseArray.Element = NULL;
  521. }
  523. if ( AllowGuest )
  524. {
  525. Status = SamrOpenUser(
  526. LsapAccountDomainHandle,
  527. USER_ALL_ACCESS,
  528. DOMAIN_USER_RID_GUEST,
  529. UserHandle );
  530. }
  532. if ( EffectiveName == &CombinedName )
  533. {
  534. LsapFreeLsaHeap( EffectiveName->Buffer );
  535. }
  538. return Status ;
  539. }
  541. //+---------------------------------------------------------------------------
  542. //
  543. // Function: LsaCloseSamUser
  544. //
  545. // Synopsis: Close a SAM user opened by LsaOpenSamUser
  546. //
  547. // Arguments: [UserHandle] --
  548. //
  549. // History: 3-14-97 RichardW Created
  550. //
  551. // Notes:
  552. //
  553. //----------------------------------------------------------------------------
  554. NTSTATUS
  555. NTAPI
  556. LsaCloseSamUser(
  557. PVOID UserHandle
  558. )
  559. {
  560. return SamrCloseHandle( &((SAMPR_HANDLE) UserHandle) );
  561. }
  564. //+---------------------------------------------------------------------------
  565. //
  566. // Function: LsaGetUserCredentials
  567. //
  568. // Synopsis: Pull the creds for the user
  569. //
  570. // Arguments: [UserHandle] --
  571. // [PrimaryCreds] --
  572. // [PrimaryCredsSize] --
  573. // [SupplementalCreds] --
  574. // [SupplementalCredsSize] --
  575. //
  576. // Requires:
  577. //
  578. // Returns:
  579. //
  580. // Signals:
  581. //
  582. // Modifies:
  583. //
  584. // Algorithm:
  585. //
  586. // History: 3-14-97 RichardW Created
  587. //
  588. // Notes:
  589. //
  590. //----------------------------------------------------------------------------
  591. NTSTATUS
  592. NTAPI
  593. LsaGetUserCredentials(
  594. PVOID UserHandle,
  595. PVOID * PrimaryCreds,
  596. PULONG PrimaryCredsSize,
  597. PVOID * SupplementalCreds,
  598. PULONG SupplementalCredsSize
  599. )
  600. {
  601. return SEC_E_UNSUPPORTED_FUNCTION ;
  602. }
  605. NTSTATUS
  606. NTAPI
  607. LsaGetUserAuthData(
  608. PVOID UserHandle,
  609. PUCHAR * UserAuthData,
  610. PULONG UserAuthDataSize
  611. )
  612. {
  613. PSAMPR_USER_ALL_INFORMATION UserAll = NULL ;
  614. PSAMPR_USER_INFO_BUFFER UserAllInfo = NULL ;
  615. NTSTATUS Status ;
  616. PPACTYPE pNewPac = NULL ;
  617. PSAMPR_GET_GROUPS_BUFFER GroupsBuffer = NULL ;
  618. PPACTYPE Pac ;
  619. UNICODE_STRING Domain ;
  620. UNICODE_STRING Machine ;
  621. PSID Sid ;
  623. Sid = NULL ;
  624. Machine.Buffer = NULL ;
  625. Domain.Buffer = NULL ;
  627. *UserAuthData = NULL ;
  629. Status = SamrQueryInformationUser(
  630. (SAMPR_HANDLE) UserHandle,
  631. UserAllInformation,
  632. &UserAllInfo );
  634. if ( !NT_SUCCESS( Status ) )
  635. {
  636. return( Status );
  637. }
  639. UserAll = &UserAllInfo->All ;
  641. if ( UserAll->UserAccountControl & USER_ACCOUNT_DISABLED )
  642. {
  643. Status = STATUS_ACCOUNT_DISABLED ;
  645. goto GetPac_Cleanup;
  646. }
  648. Status = SamrGetGroupsForUser(
  649. (SAMPR_HANDLE) UserHandle,
  650. &GroupsBuffer );
  652. if ( !NT_SUCCESS( Status ) )
  653. {
  654. goto GetPac_Cleanup ;
  655. }
  657. Status = LsapCaptureSamInfo( &Sid, &Domain, &Machine );
  659. if ( !NT_SUCCESS( Status ) )
  660. {
  661. goto GetPac_Cleanup ;
  662. }
  664. Status = PAC_Init( UserAll,
  665. GroupsBuffer,
  666. NULL, // no extra groups
  667. Sid,
  668. &Domain,
  669. &Machine,
  670. 0, // no signature
  671. 0, // no additional data
  672. NULL, // no additional data
  673. &Pac );
  676. if ( !NT_SUCCESS( Status ) )
  677. {
  678. goto GetPac_Cleanup ;
  679. }
  681. *UserAuthDataSize = PAC_GetSize( Pac );
  683. *UserAuthData = (PUCHAR) LsapAllocateLsaHeap( *UserAuthDataSize );
  685. if ( *UserAuthData )
  686. {
  687. PAC_Marshal( Pac, *UserAuthDataSize, *UserAuthData );
  688. }
  689. else
  690. {
  691. Status = SEC_E_INSUFFICIENT_MEMORY ;
  692. }
  694. MIDL_user_free( Pac );
  696. GetPac_Cleanup:
  698. if ( UserAllInfo )
  699. {
  700. SamIFree_SAMPR_USER_INFO_BUFFER( UserAllInfo, UserAllInformation );
  701. }
  703. if ( GroupsBuffer )
  704. {
  705. SamIFree_SAMPR_GET_GROUPS_BUFFER( GroupsBuffer );
  706. }
  707. if ( Sid )
  708. {
  709. LsapFreeLsaHeap( Sid );
  710. }
  712. if ( Domain.Buffer )
  713. {
  714. LsapFreeLsaHeap( Domain.Buffer );
  715. }
  717. if ( Machine.Buffer )
  718. {
  719. LsapFreeLsaHeap( Machine.Buffer );
  720. }
  722. return( Status );
  724. }
  726. //+-------------------------------------------------------------------------
  727. //
  728. // Function: LsapMakeTokenInformationV1
  729. //
  730. // Synopsis: This routine makes copies of all the pertinent
  731. // information from the UserInfo and generates a
  732. // LSA_TOKEN_INFORMATION_V1 data structure.
  733. //
  734. // Effects:
  735. //
  736. // Arguments:
  737. //
  738. // UserInfo - Contains the validation information which is
  739. // to be copied into the TokenInformation.
  740. //
  741. // TokenInformation - Returns a pointer to a properly Version 1 token
  742. // information structures. The structure and individual fields are
  743. // allocated properly as described in ntlsa.h.
  744. //
  745. // Requires:
  746. //
  747. // Returns: STATUS_SUCCESS - Indicates the service completed successfully.
  748. //
  749. // STATUS_INSUFFICIENT_RESOURCES - This error indicates that
  750. // the logon could not be completed because the client
  751. // does not have sufficient quota to allocate the return
  752. // buffer.
  753. //
  754. // Notes: stolen from kerberos\client2\krbtoken.cxx, where it was
  755. // stolen from msv1_0\nlp.c:NlpMakeTokenInformationV1
  756. //
  757. //
  758. //--------------------------------------------------------------------------
  759. NTSTATUS
  760. LsapMakeTokenInformationV1(
  761. IN PNETLOGON_VALIDATION_SAM_INFO3 UserInfo,
  762. OUT PLSA_TOKEN_INFORMATION_V1 *TokenInformation
  763. )
  764. {
  765. NTSTATUS Status;
  766. PLSA_TOKEN_INFORMATION_V1 V1;
  767. ULONG Size, i;
  771. //
  772. // Allocate the structure itself
  773. //
  775. Size = (ULONG)sizeof(LSA_TOKEN_INFORMATION_V1);
  776. V1 = (PLSA_TOKEN_INFORMATION_V1) LsapAllocateLsaHeap( Size );
  777. if ( V1 == NULL ) {
  778. return STATUS_INSUFFICIENT_RESOURCES;
  779. }
  781. RtlZeroMemory(
  782. V1,
  783. Size
  784. );
  786. V1->User.User.Sid = NULL;
  787. V1->Groups = NULL;
  788. V1->PrimaryGroup.PrimaryGroup = NULL;
  789. OLD_TO_NEW_LARGE_INTEGER( UserInfo->KickOffTime, V1->ExpirationTime );
  792. //
  793. // Make a copy of the user SID (a required field)
  794. //
  796. V1->User.User.Attributes = 0;
  798. //
  799. // Allocate an array to hold the groups
  800. //
  802. Size = ( (ULONG)sizeof(TOKEN_GROUPS)
  803. + (UserInfo->GroupCount * (ULONG)sizeof(SID_AND_ATTRIBUTES))
  804. - (ANYSIZE_ARRAY * (ULONG)sizeof(SID_AND_ATTRIBUTES))
  805. );
  807. //
  808. // If there are extra SIDs, add space for them
  809. //
  811. if (UserInfo->UserFlags & LOGON_EXTRA_SIDS) {
  812. Size += UserInfo->SidCount * (ULONG)sizeof(SID_AND_ATTRIBUTES);
  813. }
  815. //
  816. // If there are resource groups, add space for them
  817. //
  818. if (UserInfo->UserFlags & LOGON_RESOURCE_GROUPS) {
  819. Size += UserInfo->ResourceGroupCount * (ULONG)sizeof(SID_AND_ATTRIBUTES);
  821. if ((UserInfo->ResourceGroupCount != 0) &&
  822. ((UserInfo->ResourceGroupIds == NULL) ||
  823. (UserInfo->ResourceGroupDomainSid == NULL)))
  824. {
  825. Status = STATUS_INVALID_PARAMETER;
  826. goto Cleanup;
  827. }
  828. }
  832. V1->Groups = (PTOKEN_GROUPS) LsapAllocatePrivateHeap( Size );
  834. if ( V1->Groups == NULL ) {
  835. Status = STATUS_INSUFFICIENT_RESOURCES;
  836. goto Cleanup;
  837. }
  839. RtlZeroMemory(
  840. V1->Groups,
  841. Size
  842. );
  844. V1->Groups->GroupCount = 0;
  846. //
  847. // Start copying SIDs into the structure
  848. //
  852. //
  853. // If the UserId is non-zero, then it contians the users RID.
  854. //
  856. if ( UserInfo->UserId ) {
  857. V1->User.User.Sid =
  858. LsapMakeDomainRelativeSid( UserInfo->LogonDomainId,
  859. UserInfo->UserId );
  861. if( V1->User.User.Sid == NULL ) {
  862. Status = STATUS_INSUFFICIENT_RESOURCES;
  863. goto Cleanup;
  864. }
  866. }
  868. //
  869. // Make a copy of the primary group (a required field).
  870. //
  873. V1->PrimaryGroup.PrimaryGroup = LsapMakeDomainRelativeSid(
  874. UserInfo->LogonDomainId,
  875. UserInfo->PrimaryGroupId );
  877. if ( V1->PrimaryGroup.PrimaryGroup == NULL ) {
  878. Status = STATUS_INSUFFICIENT_RESOURCES;
  879. goto Cleanup;
  880. }
  886. //
  887. // Copy over all the groups passed as RIDs
  888. //
  890. for ( i=0; i < UserInfo->GroupCount; i++ ) {
  892. V1->Groups->Groups[V1->Groups->GroupCount].Attributes = UserInfo->GroupIds[i].Attributes;
  894. V1->Groups->Groups[V1->Groups->GroupCount].Sid = LsapMakeDomainRelativeSid2(
  895. UserInfo->LogonDomainId,
  896. UserInfo->GroupIds[i].RelativeId );
  898. if( V1->Groups->Groups[V1->Groups->GroupCount].Sid == NULL ) {
  899. Status = STATUS_INSUFFICIENT_RESOURCES;
  900. goto Cleanup;
  901. }
  903. V1->Groups->GroupCount++;
  904. }
  907. //
  908. // Add in the extra SIDs
  909. //
  911. if (UserInfo->UserFlags & LOGON_EXTRA_SIDS) {
  913. ULONG index = 0;
  914. //
  915. // If the user SID wasn't passed as a RID, it is the first
  916. // SID.
  917. //
  919. if ( !V1->User.User.Sid ) {
  920. if ( UserInfo->SidCount <= index ) {
  922. Status = STATUS_INSUFFICIENT_LOGON_INFO;
  923. goto Cleanup;
  924. }
  925. Status = LsapDuplicateSid(
  926. &V1->User.User.Sid,
  927. UserInfo->ExtraSids[index].Sid
  928. );
  930. if (!NT_SUCCESS(Status)) {
  931. goto Cleanup;
  932. }
  934. index++;
  935. }
  937. //
  938. // Copy over all additional SIDs as groups.
  939. //
  941. for ( ; index < UserInfo->SidCount; index++ ) {
  943. V1->Groups->Groups[V1->Groups->GroupCount].Attributes =
  944. UserInfo->ExtraSids[index].Attributes;
  946. Status = LsapDuplicateSid2(
  947. &V1->Groups->Groups[V1->Groups->GroupCount].Sid,
  948. UserInfo->ExtraSids[index].Sid
  949. );
  950. if (!NT_SUCCESS(Status) ) {
  951. goto Cleanup;
  952. }
  955. V1->Groups->GroupCount++;
  956. }
  957. }
  959. //
  960. // Check to see if any resouce groups exist
  961. //
  963. if (UserInfo->UserFlags & LOGON_RESOURCE_GROUPS) {
  966. for ( i=0; i < UserInfo->ResourceGroupCount; i++ ) {
  968. V1->Groups->Groups[V1->Groups->GroupCount].Attributes = UserInfo->ResourceGroupIds[i].Attributes;
  970. V1->Groups->Groups[V1->Groups->GroupCount].Sid = LsapMakeDomainRelativeSid2(
  971. UserInfo->ResourceGroupDomainSid,
  972. UserInfo->ResourceGroupIds[i].RelativeId );
  974. if( V1->Groups->Groups[V1->Groups->GroupCount].Sid == NULL ) {
  975. Status = STATUS_INSUFFICIENT_RESOURCES;
  976. goto Cleanup;
  977. }
  979. V1->Groups->GroupCount++;
  980. }
  981. }
  983. if (!V1->User.User.Sid) {
  985. Status = STATUS_INSUFFICIENT_LOGON_INFO;
  986. goto Cleanup;
  987. }
  989. //
  990. // There are no default privileges supplied.
  991. // We don't have an explicit owner SID.
  992. // There is no default DACL.
  993. //
  995. V1->Privileges = NULL;
  996. V1->Owner.Owner = NULL;
  997. V1->DefaultDacl.DefaultDacl = NULL;
  999. //
  1000. // Return the Validation Information to the caller.
  1001. //
  1003. *TokenInformation = V1;
  1004. return STATUS_SUCCESS;
  1006. //
  1007. // Deallocate any memory we've allocated
  1008. //
  1010. Cleanup:
  1011. if ( V1->User.User.Sid != NULL ) {
  1012. LsapFreeLsaHeap( V1->User.User.Sid );
  1013. }
  1015. if ( V1->Groups != NULL ) {
  1016. LsapFreeTokenGroups( V1->Groups );
  1017. }
  1019. if ( V1->PrimaryGroup.PrimaryGroup != NULL ) {
  1020. LsapFreeLsaHeap( V1->PrimaryGroup.PrimaryGroup );
  1021. }
  1023. LsapFreeLsaHeap( V1 );
  1025. return Status;
  1027. }
  1029. //+---------------------------------------------------------------------------
  1030. //
  1031. // Function: LsaFreeTokenInfo
  1032. //
  1033. // Synopsis: Frees a TokenInformation structure that was allocated by
  1034. // the LSA
  1035. //
  1036. // Arguments: [TokenInfoType] --
  1037. // [TokenInformation] --
  1038. //
  1039. // History: 3-14-97 RichardW Created
  1040. //
  1041. // Notes:
  1042. //
  1043. //----------------------------------------------------------------------------
  1044. NTSTATUS
  1045. NTAPI
  1046. LsaFreeTokenInfo(
  1047. LSA_TOKEN_INFORMATION_TYPE TokenInfoType,
  1048. PVOID TokenInformation
  1049. )
  1050. {
  1052. switch (TokenInfoType) {
  1054. case LsaTokenInformationNull:
  1056. LsapFreeTokenInformationNull( (PLSA_TOKEN_INFORMATION_NULL) TokenInformation );
  1057. break;
  1059. case LsaTokenInformationV1:
  1061. LsapFreeTokenInformationV1( (PLSA_TOKEN_INFORMATION_V1) TokenInformation );
  1062. break;
  1064. case LsaTokenInformationV2:
  1066. LsapFreeTokenInformationV2( (PLSA_TOKEN_INFORMATION_V2) TokenInformation );
  1067. break;
  1069. }
  1070. return STATUS_SUCCESS ;
  1071. }
  1074. //+---------------------------------------------------------------------------
  1075. //
  1076. // Function: LsaConvertAuthDataToToken
  1077. //
  1078. // Synopsis: Convert an opaque PAC structure into a token.
  1079. //
  1080. // Arguments: [UserAuthData] --
  1081. // [UserAuthDataSize] --
  1082. // [TokenInformation] --
  1083. // [TokenInformationType] --
  1084. //
  1085. // History: 3-14-97 RichardW Created
  1086. //
  1087. // Notes:
  1088. //
  1089. //----------------------------------------------------------------------------
  1090. NTSTATUS
  1091. NTAPI
  1092. LsaConvertAuthDataToToken(
  1093. IN PVOID UserAuthData,
  1094. IN ULONG UserAuthDataSize,
  1095. IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
  1096. IN PTOKEN_SOURCE TokenSource,
  1097. IN SECURITY_LOGON_TYPE LogonType,
  1098. IN PUNICODE_STRING AuthorityName,
  1099. OUT PHANDLE TokenHandle,
  1100. OUT PLUID LogonId,
  1101. OUT PUNICODE_STRING AccountName,
  1102. OUT PNTSTATUS SubStatus
  1103. )
  1104. {
  1105. NTSTATUS Status ;
  1106. PPACTYPE Pac = NULL ;
  1107. PPAC_INFO_BUFFER LogonInfo = NULL ;
  1108. PNETLOGON_VALIDATION_SAM_INFO3 ValidationInfo = NULL ;
  1109. PLSA_TOKEN_INFORMATION_V1 TokenInfo = NULL ;
  1112. LogonId->HighPart = LogonId->LowPart = 0;
  1113. *TokenHandle = NULL;
  1114. RtlInitUnicodeString(
  1115. AccountName,
  1116. NULL
  1117. );
  1118. *SubStatus = STATUS_SUCCESS;
  1120. Pac = (PPACTYPE) UserAuthData ;
  1122. if ( PAC_UnMarshal( Pac, UserAuthDataSize ) == 0 )
  1123. {
  1124. DebugLog(( DEB_ERROR, "Failed to unmarshall pac\n" ));
  1126. Status = STATUS_INVALID_PARAMETER ;
  1128. goto CreateToken_Cleanup ;
  1129. }
  1131. LogonInfo = PAC_Find( Pac, PAC_LOGON_INFO, NULL );
  1133. if ( !LogonInfo )
  1134. {
  1135. DebugLog(( DEB_ERROR, "Failed to find logon info in pac\n" ));
  1137. Status = STATUS_INVALID_PARAMETER ;
  1139. goto CreateToken_Cleanup ;
  1140. }
  1143. Status = PAC_UnmarshallValidationInfo(
  1144. &ValidationInfo,
  1145. LogonInfo->Data,
  1146. LogonInfo->cbBufferSize
  1147. );
  1149. if (!NT_SUCCESS(Status))
  1150. {
  1151. DebugLog((DEB_ERROR,"Failed to unmarshall validation info: 0x%x\n",
  1152. Status));
  1154. goto CreateToken_Cleanup;
  1155. }
  1157. //
  1158. // Now we need to build a LSA_TOKEN_INFORMATION_V1 from the validation
  1159. // information
  1160. //
  1162. Status = LsapMakeTokenInformationV1(
  1163. ValidationInfo,
  1164. &TokenInfo
  1165. );
  1167. if (!NT_SUCCESS(Status))
  1168. {
  1169. DebugLog((DEB_ERROR,"Failed to make token informatin v1: 0x%x\n",
  1170. Status));
  1171. goto CreateToken_Cleanup;
  1172. }
  1174. //
  1175. // Now, copy the user name.
  1176. //
  1178. Status = LsapDuplicateString( AccountName, &ValidationInfo->EffectiveName );
  1180. if ( !NT_SUCCESS( Status ) )
  1181. {
  1182. goto CreateToken_Cleanup ;
  1183. }
  1185. //
  1186. // Now create a logon session
  1187. //
  1189. Status = LsapCreateLogonSession( LogonId );
  1190. if (!NT_SUCCESS(Status))
  1191. {
  1192. goto CreateToken_Cleanup;
  1193. }
  1195. //
  1196. // Now create the token
  1197. //
  1199. Status = LsapCreateToken(
  1200. LogonId,
  1201. TokenSource,
  1202. LogonType,
  1203. ImpersonationLevel,
  1204. LsaTokenInformationV1,
  1205. TokenInfo,
  1206. NULL, // no token groups
  1207. AccountName,
  1208. AuthorityName,
  1209. NULL,
  1210. &ValidationInfo->ProfilePath,
  1211. TokenHandle,
  1212. SubStatus
  1213. );
  1215. //
  1216. // NULL out the TokenInfo pointer. LsapCreateToken will
  1217. // free the memory under all conditions
  1218. //
  1220. TokenInfo = NULL ;
  1222. if (!NT_SUCCESS(Status))
  1223. {
  1224. goto CreateToken_Cleanup;
  1225. }
  1227. //
  1228. // We don't need to free the token information because CreateToken does
  1229. // that for us.
  1230. //
  1233. MIDL_user_free(ValidationInfo);
  1234. return Status ;
  1236. CreateToken_Cleanup:
  1238. if ( TokenInfo )
  1239. {
  1240. LsaFreeTokenInfo( LsaTokenInformationV1, TokenInfo );
  1241. }
  1242. if ((LogonId->LowPart != 0) || (LogonId->HighPart != 0))
  1243. {
  1244. LsapDeleteLogonSession(LogonId);
  1245. }
  1247. LsapFreeString(
  1248. AccountName
  1249. );
  1251. if (ValidationInfo != NULL)
  1252. {
  1253. MIDL_user_free(ValidationInfo);
  1255. }
  1256. return Status ;
  1257. }
  1259. //+---------------------------------------------------------------------------
  1260. //
  1261. // Function: LsaGetAuthDataForUser
  1262. //
  1263. // Synopsis: Helper function - retrieves all auth data for a user
  1264. // based on Name, NameType, and prefix
  1265. //
  1266. // Arguments: [Name] -- Name to search for
  1267. // [NameType] -- Type of name supplied
  1268. // [Prefix] -- String prefix for name
  1269. // [UserAuthData] --
  1270. // [UserAuthDataSize] --
  1271. //
  1272. // History: 6-08-98 RichardW Created
  1273. //
  1274. // Notes:
  1275. //
  1276. //----------------------------------------------------------------------------
  1277. NTSTATUS
  1278. LsaGetAuthDataForUser(
  1279. PSECURITY_STRING Name,
  1280. SECPKG_NAME_TYPE NameType,
  1281. PSECURITY_STRING Prefix OPTIONAL,
  1282. PUCHAR * UserAuthData,
  1283. PULONG UserAuthDataSize,
  1284. PUNICODE_STRING UserFlatName OPTIONAL
  1285. )
  1286. {
  1287. NTSTATUS Status ;
  1288. ULONG SamFlags ;
  1289. PUNICODE_STRING AccountName ;
  1290. UNICODE_STRING CombinedName = { 0 };
  1291. SID_AND_ATTRIBUTES_LIST ReverseMembership ;
  1292. PSAMPR_USER_ALL_INFORMATION UserAll = NULL ;
  1293. PSAMPR_USER_INFO_BUFFER UserAllInfo = NULL ;
  1294. PPACTYPE pNewPac = NULL ;
  1295. PPACTYPE Pac ;
  1296. UNICODE_STRING Domain ;
  1297. UNICODE_STRING Machine ;
  1298. PSID Sid ;
  1300. Sid = NULL ;
  1301. Machine.Buffer = NULL ;
  1302. Domain.Buffer = NULL ;
  1304. ReverseMembership.Count = 0 ;
  1306. *UserAuthData = NULL ;
  1308. if ( UserFlatName )
  1309. {
  1310. ZeroMemory( UserFlatName, sizeof( UNICODE_STRING ) );
  1311. }
  1314. SamFlags = 0 ;
  1315. switch ( NameType )
  1316. {
  1317. case SecNameSamCompatible:
  1318. AccountName = Name ;
  1319. break;
  1321. case SecNameAlternateId:
  1322. SamFlags |= SAM_OPEN_BY_ALTERNATE_ID ;
  1323. if ( !Prefix )
  1324. {
  1325. return STATUS_INVALID_PARAMETER ;
  1326. }
  1328. CombinedName.MaximumLength = Name->Length + Prefix->Length +
  1329. 2 * sizeof( WCHAR );
  1331. CombinedName.Length = CombinedName.MaximumLength - sizeof( WCHAR );
  1333. CombinedName.Buffer = (PWSTR) LsapAllocateLsaHeap( CombinedName.MaximumLength );
  1336. if ( CombinedName.Buffer )
  1337. {
  1338. CopyMemory( CombinedName.Buffer, Prefix->Buffer, Prefix->Length );
  1340. CombinedName.Buffer[ Prefix->Length / sizeof( WCHAR ) ] = L':';
  1342. CopyMemory( &CombinedName.Buffer[ Prefix->Length / sizeof( WCHAR ) + 1],
  1343. Name->Buffer,
  1344. Name->Length + sizeof( WCHAR ) );
  1346. AccountName = &CombinedName ;
  1348. }
  1349. else
  1350. {
  1351. return SEC_E_INSUFFICIENT_MEMORY ;
  1352. }
  1354. break;
  1356. case SecNameFlat:
  1357. SamFlags |= SAM_OPEN_BY_UPN ;
  1358. AccountName = Name ;
  1359. break;
  1361. default:
  1362. return STATUS_INVALID_PARAMETER ;
  1363. }
  1365. Status = SamIGetUserLogonInformation(
  1366. LsapAccountDomainHandle,
  1367. SamFlags,
  1368. AccountName,
  1369. &UserAllInfo,
  1370. &ReverseMembership,
  1371. NULL );
  1374. //
  1375. // Free the combined name (if appropriate)
  1376. //
  1378. if ( CombinedName.Buffer )
  1379. {
  1380. LsapFreeLsaHeap( CombinedName.Buffer );
  1381. }
  1383. if ( !NT_SUCCESS( Status ) )
  1384. {
  1385. return( Status );
  1386. }
  1388. UserAll = &UserAllInfo->All ;
  1390. if ( UserFlatName )
  1391. {
  1392. Status = LsapDuplicateString(
  1393. UserFlatName,
  1394. (PUNICODE_STRING) &UserAll->UserName );
  1396. if ( !NT_SUCCESS( Status ) )
  1397. {
  1398. goto GetPac_Cleanup;
  1399. }
  1400. }
  1402. if ( UserAll->UserAccountControl & USER_ACCOUNT_DISABLED )
  1403. {
  1404. Status = STATUS_ACCOUNT_DISABLED ;
  1406. goto GetPac_Cleanup;
  1407. }
  1409. if ( UserAll->UserAccountControl & USER_ACCOUNT_AUTO_LOCKED )
  1410. {
  1411. Status = STATUS_ACCOUNT_LOCKED_OUT ;
  1413. goto GetPac_Cleanup ;
  1414. }
  1416. Status = LsapCaptureSamInfo( &Sid, &Domain, &Machine );
  1418. if ( !NT_SUCCESS( Status ) )
  1419. {
  1420. goto GetPac_Cleanup ;
  1421. }
  1423. Status = PAC_Init( UserAll,
  1424. NULL,
  1425. &ReverseMembership, // no extra groups
  1426. Sid,
  1427. &Domain,
  1428. &Machine,
  1429. 0, // no signature
  1430. 0, // no additional data
  1431. NULL, // no additional data
  1432. &Pac );
  1435. if ( !NT_SUCCESS( Status ) )
  1436. {
  1437. goto GetPac_Cleanup ;
  1438. }
  1440. *UserAuthDataSize = PAC_GetSize( Pac );
  1442. *UserAuthData = (PUCHAR) LsapAllocateLsaHeap( *UserAuthDataSize );
  1444. if ( *UserAuthData )
  1445. {
  1446. PAC_Marshal( Pac, *UserAuthDataSize, *UserAuthData );
  1447. }
  1448. else
  1449. {
  1450. Status = SEC_E_INSUFFICIENT_MEMORY ;
  1451. }
  1453. MIDL_user_free( Pac );
  1455. GetPac_Cleanup:
  1457. if ( UserAllInfo )
  1458. {
  1459. SamIFree_SAMPR_USER_INFO_BUFFER( UserAllInfo, UserAllInformation );
  1460. }
  1462. if ( ReverseMembership.Count )
  1463. {
  1464. SamIFreeSidAndAttributesList( &ReverseMembership );
  1465. }
  1467. if ( Sid )
  1468. {
  1469. LsapFreeLsaHeap( Sid );
  1470. }
  1472. if ( Domain.Buffer )
  1473. {
  1474. LsapFreeLsaHeap( Domain.Buffer );
  1475. }
  1477. if ( Machine.Buffer )
  1478. {
  1479. LsapFreeLsaHeap( Machine.Buffer );
  1480. }
  1482. return( Status );
  1484. }
  1486. NTSTATUS
  1487. NTAPI
  1488. LsaCrackSingleName(
  1489. ULONG FormatOffered,
  1490. BOOLEAN PerformAtGC,
  1491. PUNICODE_STRING NameInput,
  1492. PUNICODE_STRING Prefix OPTIONAL,
  1493. ULONG RequestedFormat,
  1494. PUNICODE_STRING CrackedName,
  1495. PUNICODE_STRING DnsDomainName,
  1496. PULONG SubStatus
  1497. )
  1498. {
  1499. NTSTATUS Status = STATUS_SUCCESS ;
  1500. UNICODE_STRING DnsDomain ;
  1501. UNICODE_STRING Name ;
  1502. DWORD Ret ;
  1503. DWORD DnsDomainLength ;
  1504. DWORD NameLength ;
  1505. UNICODE_STRING CombinedName = { 0 };
  1506. PUNICODE_STRING AccountName ;
  1508. if ( !SampUsingDsData() )
  1509. {
  1510. return SEC_E_UNSUPPORTED_FUNCTION ;
  1511. }
  1513. //
  1514. // Cruft up the call to the DS
  1515. //
  1518. Name.Buffer = (PWSTR) LsapAllocateLsaHeap( MAX_PATH * sizeof(WCHAR) * 2 );
  1519. DnsDomain.Buffer = (PWSTR) LsapAllocateLsaHeap( MAX_PATH * sizeof(WCHAR) );
  1521. if ( Name.Buffer && DnsDomain.Buffer )
  1522. {
  1523. Name.MaximumLength = MAX_PATH * sizeof(WCHAR) * 2 ;
  1524. Name.Length = 0 ;
  1526. DnsDomain.MaximumLength = MAX_PATH * sizeof(WCHAR) ;
  1527. DnsDomain.Length = 0 ;
  1529. NameLength = MAX_PATH * 2 ;
  1530. DnsDomainLength = MAX_PATH ;
  1532. Name.Buffer[ 0 ] = L'\0';
  1533. DnsDomain.Buffer[ 0 ] = L'\0';
  1535. if ( Prefix )
  1536. {
  1537. CombinedName.MaximumLength = NameInput->Length + Prefix->Length +
  1538. 2 * sizeof( WCHAR );
  1540. CombinedName.Length = CombinedName.MaximumLength - sizeof( WCHAR );
  1542. CombinedName.Buffer = (PWSTR) LsapAllocatePrivateHeap( CombinedName.MaximumLength );
  1545. if ( CombinedName.Buffer )
  1546. {
  1547. CopyMemory( CombinedName.Buffer, Prefix->Buffer, Prefix->Length );
  1549. CombinedName.Buffer[ Prefix->Length / sizeof( WCHAR ) ] = L':';
  1551. CopyMemory( &CombinedName.Buffer[ Prefix->Length / sizeof( WCHAR ) + 1],
  1552. NameInput->Buffer,
  1553. NameInput->Length + sizeof( WCHAR ) );
  1555. AccountName = &CombinedName ;
  1557. }
  1558. else
  1559. {
  1560. AccountName = NULL ;
  1561. }
  1563. }
  1564. else
  1565. {
  1566. AccountName = NameInput ;
  1567. }
  1569. if ( AccountName )
  1570. {
  1571. __try
  1572. {
  1573. Ret = CrackSingleName(
  1574. FormatOffered,
  1575. PerformAtGC ?
  1576. DS_NAME_FLAG_GCVERIFY : 0,
  1577. AccountName->Buffer,
  1578. RequestedFormat,
  1579. &DnsDomainLength,
  1580. DnsDomain.Buffer,
  1581. &NameLength,
  1582. Name.Buffer,
  1583. SubStatus );
  1585. if ( Ret != 0 )
  1586. {
  1587. Status = STATUS_UNSUCCESSFUL ;
  1588. }
  1589. else
  1590. {
  1591. Status = STATUS_SUCCESS ;
  1593. RtlInitUnicodeString( &DnsDomain, DnsDomain.Buffer );
  1594. RtlInitUnicodeString( &Name, Name.Buffer );
  1596. *CrackedName = Name ;
  1597. *DnsDomainName = DnsDomain ;
  1600. }
  1603. }
  1604. __except( EXCEPTION_EXECUTE_HANDLER )
  1605. {
  1606. Status = STATUS_UNSUCCESSFUL ;
  1607. }
  1609. if ( CombinedName.Buffer )
  1610. {
  1611. LsapFreePrivateHeap( CombinedName.Buffer );
  1612. }
  1614. }
  1616. }
  1617. else
  1618. {
  1619. Status = SEC_E_INSUFFICIENT_MEMORY ;
  1621. }
  1623. if ( !NT_SUCCESS( Status ) )
  1624. {
  1625. if ( Name.Buffer )
  1626. {
  1627. LsapFreeLsaHeap( Name.Buffer );
  1628. }
  1630. if ( DnsDomain.Buffer )
  1631. {
  1632. LsapFreeLsaHeap( DnsDomain.Buffer );
  1633. }
  1634. }
  1636. return Status ;
  1638. }
  1640. NTSTATUS
  1641. LsapBuildPacSidList(
  1642. IN PNETLOGON_VALIDATION_SAM_INFO3 UserInfo,
  1643. OUT PSAMPR_PSID_ARRAY Sids
  1644. )
  1645. {
  1646. ULONG Size = 0, i;
  1647. NTSTATUS Status = STATUS_SUCCESS ;
  1649. Sids->Count = 0;
  1650. Sids->Sids = NULL;
  1653. if (UserInfo->UserId != 0)
  1654. {
  1655. Size += sizeof( SAMPR_SID_INFORMATION );
  1656. }
  1658. Size += UserInfo->GroupCount * (ULONG)sizeof( SAMPR_SID_INFORMATION );
  1661. //
  1662. // If there are extra SIDs, add space for them
  1663. //
  1665. if (UserInfo->UserFlags & LOGON_EXTRA_SIDS)
  1666. {
  1667. Size += UserInfo->SidCount * (ULONG)sizeof(SAMPR_SID_INFORMATION);
  1668. }
  1670. Sids->Sids = (PSAMPR_SID_INFORMATION) MIDL_user_allocate( Size );
  1672. if ( Sids->Sids == NULL )
  1673. {
  1674. Status = STATUS_NO_MEMORY ;
  1675. goto Cleanup;
  1676. }
  1678. RtlZeroMemory(
  1679. Sids->Sids,
  1680. Size
  1681. );
  1684. //
  1685. // Start copying SIDs into the structure
  1686. //
  1688. i = 0;
  1690. //
  1691. // If the UserId is non-zero, then it contians the users RID.
  1692. //
  1694. if ( UserInfo->UserId )
  1695. {
  1696. Sids->Sids[0].SidPointer = (PRPC_SID)
  1697. LsapMakeDomainRelativeSid( UserInfo->LogonDomainId,
  1698. UserInfo->UserId );
  1700. if( Sids->Sids[0].SidPointer == NULL )
  1701. {
  1702. Status = STATUS_NO_MEMORY ;
  1703. goto Cleanup;
  1704. }
  1705. Sids->Count++;
  1706. }
  1708. //
  1709. // Copy over all the groups passed as RIDs
  1710. //
  1712. for ( i=0; i < UserInfo->GroupCount; i++ )
  1713. {
  1715. Sids->Sids[Sids->Count].SidPointer = (PRPC_SID)
  1716. LsapMakeDomainRelativeSid(
  1717. UserInfo->LogonDomainId,
  1718. UserInfo->GroupIds[i].RelativeId );
  1720. if( Sids->Sids[Sids->Count].SidPointer == NULL )
  1721. {
  1722. Status = STATUS_NO_MEMORY ;
  1723. goto Cleanup;
  1724. }
  1726. Sids->Count++;
  1727. }
  1730. //
  1731. // Add in the extra SIDs
  1732. //
  1734. //
  1735. // No need to allocate these, but...
  1736. //
  1737. if (UserInfo->UserFlags & LOGON_EXTRA_SIDS)
  1738. {
  1740. for ( i = 0; i < UserInfo->SidCount; i++ )
  1741. {
  1743. Status = LsapDuplicateSid(
  1744. (PSID *) &Sids->Sids[Sids->Count].SidPointer,
  1745. UserInfo->ExtraSids[i].Sid );
  1747. if ( !NT_SUCCESS( Status ) )
  1748. {
  1749. goto Cleanup ;
  1750. }
  1751. Sids->Count++;
  1752. }
  1753. }
  1756. //
  1757. // Deallocate any memory we've allocated
  1758. //
  1760. Cleanup:
  1761. if (!NT_SUCCESS( Status ))
  1762. {
  1763. if (Sids->Sids != NULL)
  1764. {
  1765. for (i = 0; i < Sids->Count ;i++ )
  1766. {
  1767. if (Sids->Sids[i].SidPointer != NULL)
  1768. {
  1769. MIDL_user_free(Sids->Sids[i].SidPointer);
  1770. }
  1771. }
  1772. MIDL_user_free(Sids->Sids);
  1773. Sids->Sids = NULL;
  1774. Sids->Count = 0;
  1775. }
  1776. }
  1777. return Status ;
  1779. }
  1783. NTSTATUS
  1784. NTAPI
  1785. LsaExpandAuthDataForDomain(
  1786. IN PUCHAR UserAuthData,
  1787. IN ULONG UserAuthDataSize,
  1788. IN PVOID Reserved,
  1789. OUT PUCHAR * ExpandedAuthData,
  1790. OUT PULONG ExpandedAuthDataSize
  1791. )
  1792. {
  1793. NTSTATUS Status = STATUS_SUCCESS ;
  1794. PPACTYPE Pac = NULL ;
  1795. PPAC_INFO_BUFFER LogonInfo = NULL ;
  1796. PNETLOGON_VALIDATION_SAM_INFO3 ValidationInfo = NULL ;
  1797. PLSA_TOKEN_INFORMATION_V1 TokenInfo = NULL ;
  1798. SAMPR_PSID_ARRAY SidList = {0};
  1799. PSAMPR_PSID_ARRAY ResourceGroups = NULL;
  1800. PPACTYPE NewPac = NULL ;
  1801. ULONG Index ;
  1804. Pac = (PPACTYPE) UserAuthData ;
  1806. if ( PAC_UnMarshal( Pac, UserAuthDataSize ) == 0 )
  1807. {
  1808. DebugLog(( DEB_ERROR, "Failed to unmarshall pac\n" ));
  1810. Status = STATUS_INVALID_PARAMETER ;
  1812. goto Expand_Cleanup ;
  1813. }
  1815. LogonInfo = PAC_Find( Pac, PAC_LOGON_INFO, NULL );
  1817. if ( !LogonInfo )
  1818. {
  1819. DebugLog(( DEB_ERROR, "Failed to find logon info in pac\n" ));
  1821. Status = STATUS_INVALID_PARAMETER ;
  1823. goto Expand_Cleanup ;
  1824. }
  1827. Status = PAC_UnmarshallValidationInfo(
  1828. &ValidationInfo,
  1829. LogonInfo->Data,
  1830. LogonInfo->cbBufferSize
  1831. );
  1833. if (!NT_SUCCESS(Status))
  1834. {
  1835. DebugLog((DEB_ERROR,"Failed to unmarshall validation info: 0x%x\n",
  1836. Status));
  1838. goto Expand_Cleanup;
  1839. }
  1841. Status = LsapBuildPacSidList(
  1842. ValidationInfo,
  1843. &SidList );
  1845. if ( !NT_SUCCESS( Status ) )
  1846. {
  1847. goto Expand_Cleanup ;
  1848. }
  1851. //
  1852. // Call SAM to get the sids
  1853. //
  1855. Status = SamIGetResourceGroupMembershipsTransitive(
  1856. LsapAccountDomainHandle,
  1857. &SidList,
  1858. 0, // no flags
  1859. &ResourceGroups
  1860. );
  1862. if (!NT_SUCCESS(Status))
  1863. {
  1864. DebugLog((DEB_ERROR,"Failed to get resource groups: 0x%x\n",Status));
  1865. goto Expand_Cleanup;
  1866. }
  1868. //
  1869. // Now build a new pac
  1870. //
  1872. Status = PAC_InitAndUpdateGroups(
  1873. ValidationInfo,
  1874. ResourceGroups,
  1875. Pac,
  1876. &NewPac
  1877. );
  1879. if ( !NT_SUCCESS( Status ) )
  1880. {
  1881. goto Expand_Cleanup ;
  1882. }
  1884. *ExpandedAuthDataSize = PAC_GetSize( NewPac );
  1886. *ExpandedAuthData = (PUCHAR) LsapAllocateLsaHeap( *ExpandedAuthDataSize );
  1888. if ( *ExpandedAuthData )
  1889. {
  1890. PAC_Marshal( NewPac, *ExpandedAuthDataSize, *ExpandedAuthData );
  1891. }
  1892. else
  1893. {
  1894. Status = STATUS_NO_MEMORY ;
  1895. }
  1897. MIDL_user_free( NewPac );
  1900. Expand_Cleanup:
  1902. if ( ValidationInfo )
  1903. {
  1904. MIDL_user_free( ValidationInfo );
  1905. }
  1907. if (SidList.Sids != NULL)
  1908. {
  1909. for (Index = 0; Index < SidList.Count ;Index++ )
  1910. {
  1911. if (SidList.Sids[Index].SidPointer != NULL)
  1912. {
  1913. MIDL_user_free(SidList.Sids[Index].SidPointer);
  1914. }
  1915. }
  1916. MIDL_user_free(SidList.Sids);
  1917. }
  1919. SamIFreeSidArray(
  1920. ResourceGroups
  1921. );
  1923. return Status ;
  1925. }