archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
3.8 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/protocols/digest/logsess.cxx

503 lines
14 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. //+-----------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (c) Microsoft Corporation 2000
  6. //
  7. // File: logsess.cxx
  8. //
  9. // Contents: LogonSession functions:
  10. //
  11. //
  12. // History: KDamour 15Mar00 Stolen from NTLM
  13. //
  14. //------------------------------------------------------------------------
  15. #include "global.h"
  17. //
  18. // Crit Sect to protect various globals in this module.
  19. //
  21. RTL_CRITICAL_SECTION l_LogSessCritSect;
  23. LIST_ENTRY l_LogSessList;
  25. // Simple variable to make sure that the package was initialize
  26. BOOL g_bLogSessInitialized = FALSE;
  30. //+--------------------------------------------------------------------
  31. //
  32. // Function: LogSessHandlerInit
  33. //
  34. // Synopsis: Initializes the LogonSession manager package
  35. //
  36. // Arguments: none
  37. //
  38. // Returns: NTSTATUS
  39. //
  40. // Notes: Called by SpInitialize
  41. //
  42. //---------------------------------------------------------------------
  43. NTSTATUS
  44. LogSessHandlerInit(VOID)
  45. {
  46. NTSTATUS Status = STATUS_SUCCESS;
  48. //
  49. // Initialize the LogonSession list to be empty.
  50. //
  52. Status = RtlInitializeCriticalSection(&l_LogSessCritSect);
  53. if (!NT_SUCCESS(Status))
  54. {
  55. DebugLog((DEB_ERROR, "LogSessHandlerInit: Failed to initialize critsec 0x%x\n", Status));
  56. goto CleanUp;
  57. }
  59. InitializeListHead( &l_LogSessList );
  61. // Simple variable test to make sure all initialized;
  62. g_bLogSessInitialized = TRUE;
  64. CleanUp:
  66. return Status;
  67. }
  69. NTSTATUS
  70. LogSessHandlerInsert(
  71. IN PDIGEST_LOGONSESSION pDigestLogSess
  72. )
  73. {
  74. RtlEnterCriticalSection( &l_LogSessCritSect );
  75. InsertHeadList( &l_LogSessList, &pDigestLogSess->Next );
  76. RtlLeaveCriticalSection( &l_LogSessCritSect );
  78. return STATUS_SUCCESS;
  79. }
  82. // Initialize the LogSess Structure
  83. NTSTATUS
  84. LogonSessionInit(
  85. IN PDIGEST_LOGONSESSION pLogonSession)
  86. {
  87. NTSTATUS Status = STATUS_SUCCESS;
  89. if (!pLogonSession)
  90. {
  91. return STATUS_INVALID_PARAMETER;
  92. }
  94. ZeroMemory(pLogonSession, sizeof(DIGEST_LOGONSESSION));
  95. pLogonSession->LogonSessionHandle = (ULONG_PTR)pLogonSession;
  96. pLogonSession->lReferences = 1;
  98. return(Status);
  99. }
  102. // Free up memory utilized by LogonSession Structure
  103. NTSTATUS
  104. LogonSessionFree(
  105. IN PDIGEST_LOGONSESSION pDigestLogSess)
  106. {
  107. NTSTATUS Status = STATUS_SUCCESS;
  109. // Free up all Unicode & String structures
  110. UnicodeStringFree(&(pDigestLogSess->ustrAccountName));
  111. UnicodeStringFree(&(pDigestLogSess->ustrDownlevelName));
  112. UnicodeStringFree(&(pDigestLogSess->ustrDomainName));
  113. UnicodeStringFree(&(pDigestLogSess->ustrPassword));
  114. UnicodeStringFree(&(pDigestLogSess->ustrDnsDomainName));
  115. UnicodeStringFree(&(pDigestLogSess->ustrUpn));
  116. UnicodeStringFree(&(pDigestLogSess->ustrLogonServer));
  118. DigestFreeMemory(pDigestLogSess);
  120. return(Status);
  121. }
  126. /*++
  128. Routine Description:
  130. This routine checks to see if the LogonID is from a currently
  131. active client, and references the LogSess if it is valid.
  133. The caller may optionally request that the client's LogSess be
  134. removed from the list of valid LogonSession - preventing future
  135. requests from finding this LogSess.
  137. For a client's LogSess to be valid, the LogSess value
  138. must be on our list of active LogonSession.
  141. Arguments:
  143. LogonSessionHandle - Points to the LogonSession Handle of the LogSess
  144. to be referenced.
  146. ForceRemove - This boolean value indicates whether the caller
  147. wants the logon process's LogSess to be removed from the list
  148. of LogonSession. TRUE indicates the LogSess is to be removed.
  149. FALSE indicates the LogSess is not to be removed.
  152. Return Value:
  154. STATUS_INVALID_HANDLE - the LogSess was not found.
  156. STATUS_SUCCESS - returns a pointer to the referenced LogonSession.
  159. --*/
  160. NTSTATUS
  161. LogSessHandlerLogonIdToPtr(
  162. IN PLUID pLogonId,
  163. IN BOOLEAN ForceRemove,
  164. OUT PDIGEST_LOGONSESSION * ppUserLogonSession
  165. )
  166. {
  167. PLIST_ENTRY ListEntry = NULL;
  168. PDIGEST_LOGONSESSION pLogonSession = NULL;
  169. NTSTATUS Status = STATUS_SUCCESS;
  170. LONG lReferences = 0;
  172. *ppUserLogonSession = NULL ;
  174. //
  175. // Acquire exclusive access to the LogonSession list
  176. //
  178. RtlEnterCriticalSection( &l_LogSessCritSect );
  181. //
  182. // Now walk the list of LogonSession looking for a match.
  183. //
  185. for ( ListEntry = l_LogSessList.Flink;
  186. ListEntry != &l_LogSessList;
  187. ListEntry = ListEntry->Flink )
  188. {
  190. pLogonSession = CONTAINING_RECORD( ListEntry, DIGEST_LOGONSESSION, Next );
  192. if (RtlEqualLuid(&(pLogonSession->LogonId), pLogonId))
  193. {
  194. // Found the LogonSession
  196. DebugLog((DEB_TRACE, "LogSessHandlerLogonIdToPtr: Found LogSess for LogonID (%x:%lx)\n",
  197. pLogonId->HighPart, pLogonId->LowPart ));
  199. if (!ForceRemove)
  200. {
  201. lReferences = InterlockedIncrement(&pLogonSession->lReferences);
  203. DebugLog((DEB_TRACE, "CredHandlerHandleToPtr: Incremented ReferenceCount %ld\n", lReferences));
  204. }
  205. else
  206. {
  207. // ForceRemove of True will unlink this LogonSession from the list of active LogonSessions
  208. // The structure pointet will be returned for the calling function to free up if required
  209. // Would call LogSessHandlerRelease to dereference the counter (and maybe free up)
  211. DebugLog((DEB_TRACE, "LogSessHandlerLogonIdToPtr: Unlinking 0x%lx Refcount = %d\n",
  212. pLogonSession, pLogonSession->lReferences));
  214. RemoveEntryList( &pLogonSession->Next );
  215. }
  217. // Return a pointer to the LogSess found
  218. *ppUserLogonSession = pLogonSession ;
  220. goto CleanUp;
  221. }
  222. }
  224. //
  225. // No match found
  226. //
  227. DebugLog((DEB_WARN, "LogSessHandlerLogonIdToPtr: Tried to reference unknown LogonID (%x:%lx)\n",
  228. pLogonId->HighPart, pLogonId->LowPart ));
  229. Status = STATUS_INVALID_HANDLE;
  231. CleanUp:
  233. RtlLeaveCriticalSection( &l_LogSessCritSect );
  235. return(Status);
  236. }
  240. // Locate a LogonSession based on a Principal Name (UserName) ok
  241. NTSTATUS
  242. LogSessHandlerAccNameToPtr(
  243. IN PUNICODE_STRING pustrAccountName,
  244. OUT PDIGEST_LOGONSESSION *ppUserLogonSession
  245. )
  246. {
  247. PLIST_ENTRY ListEntry = NULL;
  248. PDIGEST_LOGONSESSION pLogonSession = NULL;
  249. NTSTATUS Status = STATUS_SUCCESS;
  250. LONG lReferences = 0;
  253. *ppUserLogonSession = NULL ;
  255. if ((!pustrAccountName) || (!pustrAccountName->Length))
  256. {
  257. DebugLog((DEB_ERROR, "LogSessHandlerAccNameToPtr: No AccountName provided\n"));
  258. Status = STATUS_INVALID_PARAMETER_1;
  259. return(Status);
  260. }
  262. //
  263. // Acquire exclusive access to the LogonSession list
  264. //
  266. RtlEnterCriticalSection( &l_LogSessCritSect );
  269. //
  270. // Now walk the list of LogonSession looking for a match.
  271. //
  273. for ( ListEntry = l_LogSessList.Flink;
  274. ListEntry != &l_LogSessList;
  275. ListEntry = ListEntry->Flink )
  276. {
  278. pLogonSession = CONTAINING_RECORD( ListEntry, DIGEST_LOGONSESSION, Next );
  281. if ((pLogonSession->ustrAccountName).Length)
  282. {
  283. DebugLog((DEB_TRACE, "LogSessHandlerAccNameToPtr: Checking %wZ against AccountName %wZ\n",
  284. &(pLogonSession->ustrAccountName), pustrAccountName ));
  286. if (RtlEqualUnicodeString(&(pLogonSession->ustrAccountName), pustrAccountName, TRUE))
  287. {
  288. lReferences = InterlockedIncrement(&pLogonSession->lReferences);
  290. DebugLog((DEB_TRACE, "LogSessHandlerAccNameToPtr: Incremented ReferenceCount %ld\n", lReferences));
  292. // Found the LogonSession
  293. *ppUserLogonSession = pLogonSession ;
  295. goto CleanUp;
  296. }
  297. }
  299. }
  301. //
  302. // No match found
  303. //
  304. DebugLog((DEB_WARN, "LogSessHandlerAccNameToPtr: Tried to reference unknown AccountName %wZ\n",
  305. pustrAccountName ));
  307. Status = STATUS_OBJECT_NAME_NOT_FOUND;
  309. CleanUp:
  311. RtlLeaveCriticalSection( &l_LogSessCritSect );
  313. return(Status);
  314. }
  318. //+--------------------------------------------------------------------
  319. //
  320. // Function: LogSessHandlerRelease
  321. //
  322. // Synopsis: Releases the LogonSession by decrementing reference counter
  323. //
  324. // Arguments: pLogonSession - pointer to logonsession to de-reference
  325. //
  326. // Returns: NTSTATUS
  327. //
  328. // Notes: Called by ACH & AcceptCredentials. Since multiple threads can have a context
  329. // checked out, simply decrease the reference counter on release. LsaApLogonTerminated
  330. // is called by LSA to remove the LogonSession from the Active LIst.
  331. // There can be atmost only 1 reference for a handle (owned by LSA and release by call
  332. // to this function). The other references will be pointer references so these can
  333. // be decremented without it being attached to active logonsession list.
  334. //
  335. //---------------------------------------------------------------------
  336. NTSTATUS
  337. LogSessHandlerRelease(
  338. PDIGEST_LOGONSESSION pLogonSession)
  339. {
  340. NTSTATUS Status = STATUS_SUCCESS;
  342. LONG lReferences = 0;
  345. DebugLog((DEB_TRACE_FUNC, "LogSessHandlerRelease: Entering for LogonSession 0x%0x LogonID (%x:%lx) \n",
  346. pLogonSession, pLogonSession->LogonId.HighPart, pLogonSession->LogonId.LowPart));
  348. lReferences = InterlockedDecrement(&pLogonSession->lReferences);
  350. DebugLog((DEB_TRACE, "LogSessHandlerRelease: Decremented to ReferenceCount %ld\n", lReferences));
  352. ASSERT( lReferences >= 0 );
  353. //
  354. // If the count has dropped to zero, then free all alloced stuff
  355. //
  357. if (lReferences == 0)
  358. {
  359. DebugLog((DEB_TRACE, "LogSessHandlerRelease: Deleting LogonSession\n"));
  360. Status = LogonSessionFree(pLogonSession);
  361. }
  363. DebugLog((DEB_TRACE_FUNC, "LogSessHandlerRelease: Leaving Status 0x%x\n", Status));
  365. return(Status);
  366. }
  370. // Helper functions for processing fields within the logonsessions
  374. //+--------------------------------------------------------------------
  375. //
  376. // Function: LogSessHandlerPasswdSet
  377. //
  378. // Synopsis: Set the unicode string password in the LogonSession
  379. //
  380. // Arguments: pLogonID - pointer to LogonSession LogonID to use
  381. // pustrPasswd - pointer to new password
  382. //
  383. // Returns: NTSTATUS
  384. //
  385. // Notes:
  386. //
  387. //---------------------------------------------------------------------
  388. NTSTATUS
  389. LogSessHandlerPasswdSet(
  390. IN PLUID pLogonId,
  391. IN PUNICODE_STRING pustrPasswd)
  392. {
  394. PLIST_ENTRY ListEntry = NULL;
  395. PDIGEST_LOGONSESSION pLogonSession = NULL;
  396. NTSTATUS Status = STATUS_SUCCESS;
  399. DebugLog((DEB_TRACE_FUNC, "LogSessHandlerPasswdSet: Entering LogonID (%x:%lx)\n",
  400. pLogonId->HighPart, pLogonId->LowPart));
  402. //
  403. // Acquire exclusive access to the LogonSession list
  404. //
  406. RtlEnterCriticalSection( &l_LogSessCritSect );
  408. //
  409. // Now walk the list of LogonSession looking for a match.
  410. //
  412. for ( ListEntry = l_LogSessList.Flink;
  413. ListEntry != &l_LogSessList;
  414. ListEntry = ListEntry->Flink )
  415. {
  417. pLogonSession = CONTAINING_RECORD( ListEntry, DIGEST_LOGONSESSION, Next );
  419. if (RtlEqualLuid(&(pLogonSession->LogonId), pLogonId))
  420. {
  421. // Found the LogonSession
  423. DebugLog((DEB_TRACE, "LogSessHandlerLogonIdToPtr: Found LogSess with LogonID (%x:%lx)\n",
  424. pLogonId->HighPart, pLogonId->LowPart ));
  426. if (pLogonSession->ustrPassword.Buffer)
  427. {
  428. UnicodeStringFree(&(pLogonSession->ustrPassword));
  429. }
  430. Status = UnicodeStringDuplicatePassword(&(pLogonSession->ustrPassword), pustrPasswd);
  431. if (!NT_SUCCESS(Status))
  432. {
  433. DebugLog((DEB_ERROR, "LogSessHandlerPasswdGet: Error in setting LogonSession password, status 0x%0x\n", Status ));
  434. goto CleanUp;
  435. }
  437. DebugLog((DEB_TRACE, "LogSessHandlerPasswdSet: updated password\n"));
  439. goto CleanUp;
  440. }
  441. }
  443. //
  444. // No match found
  445. //
  446. DebugLog((DEB_WARN, "LogSessHandlerPasswdSet: Unable to locate LogonID (%x:%lx) \n",
  447. pLogonId->HighPart, pLogonId->LowPart ));
  449. Status = STATUS_INVALID_HANDLE;
  451. CleanUp:
  453. RtlLeaveCriticalSection( &l_LogSessCritSect );
  455. DebugLog((DEB_TRACE_FUNC, "LogSessHandlerPasswdSet: Exiting LogonID (%x:%lx)\n",
  456. pLogonId->HighPart, pLogonId->LowPart));
  458. return(Status);
  459. }
  463. //+--------------------------------------------------------------------
  464. //
  465. // Function: LogSessHandlerPasswdGet
  466. //
  467. // Synopsis: Get the unicode string password in the logonsession
  468. //
  469. // Arguments: pLogonSession - pointer to LogonSession to use
  470. // pustrPasswd - pointer to destination copy of password
  471. //
  472. // Returns: NTSTATUS
  473. //
  474. // Notes:
  475. //
  476. //---------------------------------------------------------------------
  477. NTSTATUS
  478. LogSessHandlerPasswdGet(
  479. IN PDIGEST_LOGONSESSION pLogonSession,
  480. OUT PUNICODE_STRING pustrPasswd)
  481. {
  482. NTSTATUS Status = STATUS_SUCCESS;
  484. DebugLog((DEB_TRACE_FUNC, "LogSessHandlerPasswdGet: Entering\n" ));
  486. if (pustrPasswd->Buffer)
  487. {
  488. UnicodeStringFree(pustrPasswd);
  489. }
  490. // Protect reading from the LogonSession
  491. RtlEnterCriticalSection( &l_LogSessCritSect );
  492. Status = UnicodeStringDuplicatePassword(pustrPasswd, &(pLogonSession->ustrPassword));
  493. RtlLeaveCriticalSection( &l_LogSessCritSect );
  494. if (!NT_SUCCESS(Status))
  495. {
  496. DebugLog((DEB_ERROR, "LogSessHandlerPasswdGet: Error in getting LogonSession password, status 0x%0x\n", Status ));
  497. }
  499. DebugLog((DEB_TRACE_FUNC, "LogSessHandlerPasswdGet: Exiting, status 0x%0x\n", Status ));
  501. return(Status);
  502. }