archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/termsrv/winsta/server/regnw.c

734 lines
19 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  2. /*************************************************************************
  3. *
  4. * nw.c
  5. *
  6. * Netware security support
  7. *
  8. * Copyright Microsoft Corporation, 1998
  9. *
  10. *
  11. *************************************************************************/
  13. /*
  14. * Includes
  15. */
  16. #include "precomp.h"
  17. #pragma hdrstop
  18. #include <ntlsa.h>
  20. #include <rpc.h>
  23. #if DBG
  24. ULONG
  25. DbgPrint(
  26. PCH Format,
  27. ...
  28. );
  29. #define DBGPRINT(x) DbgPrint x
  30. #if DBGTRACE
  31. #define TRACE0(x) DbgPrint x
  32. #define TRACE1(x) DbgPrint x
  33. #else
  34. #define TRACE0(x)
  35. #define TRACE1(x)
  36. #endif
  37. #else
  38. #define DBGPRINT(x)
  39. #define TRACE0(x)
  40. #define TRACE1(x)
  41. #endif
  44. /*
  45. * This is the prefix for the secret object name.
  46. */
  47. #define CITRIX_NW_SECRET_NAME L"CTX_NW_INFO_"
  50. /*=============================================================================
  51. == Public functions
  52. =============================================================================*/
  56. /*=============================================================================
  57. == Functions Used
  58. =============================================================================*/
  59. NTSTATUS CreateSecretInLsa(
  60. PWCHAR pSecretName,
  61. PWCHAR pSecretData
  62. );
  64. NTSTATUS
  65. QuerySecretInLsa(
  66. PWCHAR pSecretName,
  67. PWCHAR pSecretData,
  68. DWORD ByteCount
  69. );
  71. BOOL
  72. IsCallerSystem( VOID );
  74. BOOL
  75. IsCallerAdmin( VOID );
  77. BOOL
  78. TestUserForAdmin( VOID );
  82. NTSTATUS
  83. IsZeroterminateStringA(
  84. PBYTE pString,
  85. DWORD dwLength
  86. );
  90. NTSTATUS
  91. IsZeroterminateStringW(
  92. PWCHAR pwString,
  93. DWORD dwLength
  94. ) ;
  95. /*=============================================================================
  96. == Global data
  97. =============================================================================*/
  100. /*******************************************************************************
  101. *
  102. * RpcServerNWLogonSetAdmin (UNICODE)
  103. *
  104. * Creates or updates the specified server's NWLogon Domain Administrator
  105. * UserID and Password in the SAM secret objects of the specified server.
  106. *
  107. * The caller must be ADMIN.
  108. *
  109. * ENTRY:
  110. * pServerName (input)
  111. * Server to store info for. This server is typically a domain controller.
  112. *
  113. * pNWLogon (input)
  114. * Pointer to a NWLOGONADMIN structure containing specified server's
  115. * domain admin and password.
  116. *
  117. * EXIT:
  118. * ERROR_SUCCESS - no error
  119. * ERROR_INSUFFICIENT_BUFFER - pUserConfig buffer too small
  120. * otherwise: the error code
  121. *
  122. ******************************************************************************/
  124. BOOLEAN
  125. RpcServerNWLogonSetAdmin(
  126. HANDLE hServer,
  127. DWORD *pResult,
  128. PWCHAR pServerName,
  129. DWORD ServerNameSize,
  130. PNWLOGONADMIN pNWLogon,
  131. DWORD ByteCount
  132. )
  133. {
  134. DWORD Size;
  135. DWORD Result;
  136. PWCHAR pDomain;
  137. UINT LocalFlag;
  138. PWCHAR pSecretName;
  139. RPC_STATUS RpcStatus;
  140. WCHAR UserPass[ USERNAME_LENGTH + PASSWORD_LENGTH + DOMAIN_LENGTH + 3 ];
  142. // Do minimal buffer validation
  144. if (pNWLogon == NULL ) {
  145. *pResult = STATUS_INVALID_USER_BUFFER;
  146. return FALSE;
  147. }
  149. if( pServerName == NULL ) {
  150. DBGPRINT(("NWLogonSetAdmin: No ServerName\n"));
  151. *pResult = (ULONG)STATUS_INVALID_PARAMETER;
  152. return( FALSE );
  153. }
  155. *pResult = IsZeroterminateStringW(pServerName, ServerNameSize );
  157. if (*pResult != STATUS_SUCCESS) {
  158. return FALSE;
  159. }
  162. pNWLogon->Username[USERNAME_LENGTH] = (WCHAR) 0;
  163. pNWLogon->Password[PASSWORD_LENGTH] = (WCHAR) 0;
  164. pNWLogon->Domain[DOMAIN_LENGTH] = (WCHAR) 0;
  166. //
  167. // Only a SYSTEM mode caller (IE: Winlogon) is allowed
  168. // to query this value.
  169. //
  170. RpcStatus = RpcImpersonateClient( NULL );
  171. if( RpcStatus != RPC_S_OK ) {
  172. DBGPRINT(("RpcServerNWLogonSetAdmin: Not impersonating! RpcStatus 0x%x\n",RpcStatus));
  173. *pResult = (ULONG)STATUS_CANNOT_IMPERSONATE;
  174. return( FALSE );
  175. }
  177. //
  178. // Inquire if local RPC call
  179. //
  180. RpcStatus = I_RpcBindingIsClientLocal(
  181. 0, // Active RPC call we are servicing
  182. &LocalFlag
  183. );
  185. if( RpcStatus != RPC_S_OK ) {
  186. DBGPRINT(("NWLogonSetAdmin Could not query local client RpcStatus 0x%x\n",RpcStatus));
  187. RpcRevertToSelf();
  188. *pResult = (ULONG)STATUS_ACCESS_DENIED;
  189. return( FALSE );
  190. }
  192. if( !LocalFlag ) {
  193. DBGPRINT(("NWLogonSetAdmin Not a local client call\n"));
  194. RpcRevertToSelf();
  195. *pResult = (ULONG)STATUS_ACCESS_DENIED;
  196. return( FALSE );
  197. }
  199. if( !IsCallerAdmin() ) {
  200. RpcRevertToSelf();
  201. DBGPRINT(("RpcServerNWLogonSetAdmin: Caller Not SYSTEM\n"));
  202. *pResult = (ULONG)STATUS_ACCESS_DENIED;
  203. return( FALSE );
  204. }
  206. RpcRevertToSelf();
  209. if( ByteCount < sizeof(NWLOGONADMIN) ) {
  210. DBGPRINT(("NWLogonSetAdmin: Bad size %d\n",ByteCount));
  211. *pResult = (ULONG)STATUS_INFO_LENGTH_MISMATCH;
  212. return( FALSE );
  213. }
  215. // check for username, and if there is one then encrypt username and pw
  217. TRACE0(("NWLogonSetAdmin: UserName %ws\n",pNWLogon->Username));
  219. // concatenate the username, password, and domain together
  220. wcscpy(UserPass, pNWLogon->Username);
  221. wcscat(UserPass, L"/");
  222. wcscat(UserPass, pNWLogon->Password);
  223. wcscat(UserPass, L"/");
  225. // Skip over any \\ backslashes (if a machine name was passed in)
  226. pDomain = pNWLogon->Domain;
  227. while (*pDomain == L'\\') {
  228. pDomain++;
  229. }
  230. wcscat(UserPass, pDomain);
  232. //
  233. // Build the secret name from the server name.
  234. //
  235. // This is because each domain will have a different entry.
  236. //
  238. // Skip over any \\ backslashes (if a machine name was passed in)
  239. while (*pServerName == L'\\') {
  240. pServerName++;
  241. }
  242. Size = wcslen(pServerName) + 1;
  243. Size *= sizeof(WCHAR);
  244. Size += sizeof(CITRIX_NW_SECRET_NAME);
  246. pSecretName = MemAlloc( Size );
  247. if( pSecretName == NULL ) {
  248. DBGPRINT(("NWLogonSetAdmin: No memory\n"));
  249. *pResult = (ULONG)STATUS_NO_MEMORY;
  250. return( FALSE );
  251. }
  253. wcscpy(pSecretName, CITRIX_NW_SECRET_NAME );
  254. wcscat(pSecretName, pServerName );
  256. // check for username, and if there is one then encrypt username and pw
  257. if ( wcslen( pNWLogon->Username ) ) {
  258. // store encrypted username
  259. Result = CreateSecretInLsa( pSecretName, UserPass );
  260. } else {
  261. // If there wasn't a username, clear this secret object.
  262. Result = CreateSecretInLsa( pSecretName, L"");
  263. DBGPRINT(("TERMSRV: RpcServerNWLogonSetAdmin: UserName not supplied\n"));
  264. }
  265. MemFree( pSecretName );
  267. *pResult = Result;
  268. return( Result == STATUS_SUCCESS );
  269. }
  272. /*******************************************************************************
  273. *
  274. * RpcServerQueryNWLogonAdmin
  275. *
  276. * Query NWLOGONADMIN structure from the SAM Secret object on the given
  277. * WinFrame server.
  278. *
  279. * The caller must be SYSTEM context, IE: WinLogon.
  280. *
  281. * ENTRY:
  282. * hServer (input)
  283. * Rpc handle
  284. *
  285. * pServerName (input)
  286. * Server to store info for. This server is typically a domain controller.
  287. *
  288. * pNWLogon (output)
  289. * pointer to NWLOGONADMIN structure
  290. *
  291. * EXIT:
  292. * nothing
  293. *
  294. ******************************************************************************/
  296. BOOLEAN
  297. RpcServerNWLogonQueryAdmin(
  298. HANDLE hServer,
  299. DWORD *pResult,
  300. PWCHAR pServerName,
  301. DWORD ServerNameSize,
  302. PNWLOGONADMIN pNWLogon,
  303. DWORD ByteCount
  304. )
  305. {
  306. PWCHAR pwch;
  307. DWORD Size;
  308. ULONG ulcsep;
  309. UINT LocalFlag;
  310. NTSTATUS Status;
  311. PWCHAR pSecretName;
  312. RPC_STATUS RpcStatus;
  313. WCHAR encString[ USERNAME_LENGTH + PASSWORD_LENGTH + DOMAIN_LENGTH + 3 ];
  314. BOOLEAN SystemCaller = FALSE;
  316. // Do minimal buffer validation
  318. if (pNWLogon == NULL) {
  319. *pResult = STATUS_INVALID_USER_BUFFER;
  320. return FALSE;
  321. }
  323. if( pServerName == NULL ) {
  324. DBGPRINT(("NWLogonQueryAdmin: No ServerName\n"));
  325. *pResult = (ULONG)STATUS_INVALID_PARAMETER;
  326. return( FALSE );
  327. }
  329. *pResult = IsZeroterminateStringW(pServerName, ServerNameSize );
  331. if (*pResult != STATUS_SUCCESS) {
  332. return FALSE;
  333. }
  336. pNWLogon->Username[USERNAME_LENGTH] = (WCHAR) 0;
  337. pNWLogon->Password[PASSWORD_LENGTH] = (WCHAR) 0;
  338. pNWLogon->Domain[DOMAIN_LENGTH] = (WCHAR) 0;
  340. //
  344. //
  345. // Only a SYSTEM mode caller (IE: Winlogon) is allowed
  346. // to query this value.
  347. //
  348. RpcStatus = RpcImpersonateClient( NULL );
  349. if( RpcStatus != RPC_S_OK ) {
  350. DBGPRINT(("RpcServerNWLogonQueryAdmin: Not impersonating! RpcStatus 0x%x\n",RpcStatus));
  351. *pResult = (ULONG)STATUS_CANNOT_IMPERSONATE;
  352. return( FALSE );
  353. }
  355. //
  356. // Inquire if local RPC call
  357. //
  358. RpcStatus = I_RpcBindingIsClientLocal(
  359. 0, // Active RPC call we are servicing
  360. &LocalFlag
  361. );
  363. if( RpcStatus != RPC_S_OK ) {
  364. DBGPRINT(("NWLogonQueryAdmin Could not query local client RpcStatus 0x%x\n",RpcStatus));
  365. RpcRevertToSelf();
  366. *pResult = (ULONG)STATUS_ACCESS_DENIED;
  367. return( FALSE );
  368. }
  370. if( !LocalFlag ) {
  371. DBGPRINT(("NWLogonQueryAdmin Not a local client call\n"));
  372. RpcRevertToSelf();
  373. *pResult = (ULONG)STATUS_ACCESS_DENIED;
  374. return( FALSE );
  375. }
  377. /* find out who is calling us system has complete access, admin can't get password, user is kicked out */
  378. if( IsCallerSystem() ) {
  379. SystemCaller = TRUE;
  380. }
  381. if( !TestUserForAdmin() && (SystemCaller != TRUE) ) {
  382. RpcRevertToSelf();
  383. DBGPRINT(("RpcServerNWLogonQueryAdmin: Caller Not SYSTEM or Admin\n"));
  384. *pResult = (ULONG)STATUS_ACCESS_DENIED;
  385. return( FALSE );
  386. }
  388. RpcRevertToSelf();
  391. if( ByteCount < sizeof(NWLOGONADMIN) ) {
  392. DBGPRINT(("NWLogonQueryAdmin: Bad size %d\n",ByteCount));
  393. *pResult = (ULONG)STATUS_INFO_LENGTH_MISMATCH;
  394. return( FALSE );
  395. }
  397. //
  398. // Build the secret name from the server name.
  399. //
  400. // This is because each domain will have a different entry.
  401. //
  403. // Skip over any \\ backslashes (if a machine name was passed in)
  404. while (*pServerName == L'\\') {
  405. pServerName++;
  406. }
  407. Size = wcslen(pServerName) + 1;
  408. Size *= sizeof(WCHAR);
  409. Size += sizeof(CITRIX_NW_SECRET_NAME);
  411. pSecretName = MemAlloc( Size );
  412. if( pSecretName == NULL ) {
  413. DBGPRINT(("NWLogonSetAdmin: No memory\n"));
  414. *pResult = (ULONG)STATUS_NO_MEMORY;
  415. return( FALSE );
  416. }
  418. wcscpy(pSecretName, CITRIX_NW_SECRET_NAME );
  419. wcscat(pSecretName, pServerName );
  421. Status = QuerySecretInLsa(
  422. pSecretName,
  423. encString,
  424. sizeof(encString)
  425. );
  427. MemFree( pSecretName );
  429. if( !NT_SUCCESS(Status) ) {
  430. *pResult = Status;
  431. DBGPRINT(("NWLogonQueryAdmin: Error 0x%x querying secret object\n",Status));
  432. return( FALSE );
  433. }
  435. // check for username/password if there is one then decrypt it
  436. if ( wcslen( encString ) ) {
  438. // Change the '/' seperator to null
  439. pwch = &encString[0];
  440. ulcsep = 0;
  441. while (pwch && *pwch) {
  442. pwch = wcschr(pwch, L'/');
  443. if (pwch) {
  444. *pwch = L'\0';
  445. pwch++;
  446. ulcsep++;
  447. }
  448. }
  450. // get clear text username
  451. wcscpy( pNWLogon->Username, &encString[0] );
  453. if (ulcsep >= 1) {
  454. // Skip to the password
  455. pwch = &encString[0] + wcslen(&encString[0]) + 1;
  457. if( SystemCaller == TRUE ){
  458. // get clear text password
  459. wcscpy( pNWLogon->Password, pwch);
  460. } else {
  461. *pNWLogon->Password = L'\0';
  462. }
  464. } else {
  465. *pNWLogon->Password = L'\0';
  466. }
  467. if (ulcsep >= 2) {
  468. // Skip to the domain string
  469. pwch = pwch + wcslen(pwch) + 1;
  471. // get clear text domain
  472. wcscpy( pNWLogon->Domain, pwch);
  473. } else {
  474. *pNWLogon->Domain = L'\0';
  475. }
  477. TRACE0(("NwLogonQueryAdmin :%ws:%ws:%ws:\n",pNWLogon->Username,pNWLogon->Domain,pNWLogon->Password));
  479. *pResult = STATUS_SUCCESS;
  480. return( TRUE );
  481. }
  482. else {
  483. DBGPRINT(("RpcServerNWLogonQueryAdmin: zero length data\n"));
  485. // set to username and password to NULL strings
  486. pNWLogon->Password[0] = L'\0';
  487. pNWLogon->Username[0] = L'\0';
  488. pNWLogon->Domain[0] = L'\0';
  490. *pResult = STATUS_SUCCESS;
  491. return( TRUE );
  492. }
  493. }
  495. /*******************************************************************************
  496. *
  497. * CreateSecretInLsa
  498. *
  499. * Create the secret object in the LSA to keep it from prying eyes.
  500. *
  501. * NOTE: There is no need to encode the data since it is RSA encrypted
  502. * by the LSA secret routines.
  503. *
  504. * ENTRY:
  505. * pSecretName (input)
  506. * Secret name to create.
  507. *
  508. * pSecretData (input)
  509. * Data to store in secret
  510. *
  511. * EXIT:
  512. * NTSTATUS
  513. *
  514. ******************************************************************************/
  516. NTSTATUS
  517. CreateSecretInLsa(
  518. PWCHAR pSecretName,
  519. PWCHAR pSecretData
  520. )
  521. {
  522. NTSTATUS Status;
  523. OBJECT_ATTRIBUTES ObjectAttributes;
  524. SECURITY_QUALITY_OF_SERVICE SecurityQualityOfService;
  525. LSA_HANDLE PolicyHandle;
  526. UNICODE_STRING SecretName;
  527. UNICODE_STRING SecretValue;
  528. LSA_HANDLE SecretHandle;
  529. ACCESS_MASK DesiredAccess;
  531. if( pSecretName == NULL ) {
  532. DBGPRINT(("CreateSecretInLsa: NULL SecretName\n"));
  533. return( STATUS_INVALID_PARAMETER );
  534. }
  536. SecurityQualityOfService.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
  537. SecurityQualityOfService.ImpersonationLevel = SecurityImpersonation;
  538. SecurityQualityOfService.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
  539. SecurityQualityOfService.EffectiveOnly = FALSE;
  541. InitializeObjectAttributes(
  542. &ObjectAttributes,
  543. NULL,
  544. 0L,
  545. NULL,
  546. NULL
  547. );
  549. ObjectAttributes.SecurityQualityOfService = &SecurityQualityOfService;
  551. Status = LsaOpenPolicy(
  552. NULL, // SystemName (Local)
  553. &ObjectAttributes,
  554. GENERIC_ALL,
  555. &PolicyHandle
  556. );
  558. if( !NT_SUCCESS(Status) ) {
  559. DBGPRINT(("Error 0x%x Opening Policy\n",Status));
  560. return( Status );
  561. }
  563. RtlInitUnicodeString( &SecretName, pSecretName );
  565. DesiredAccess = GENERIC_ALL;
  567. TRACE0(("Creating Secret name :%ws:\n",pSecretName));
  569. Status = LsaCreateSecret(
  570. PolicyHandle,
  571. &SecretName,
  572. DesiredAccess,
  573. &SecretHandle
  574. );
  576. // Its OK if the name already exits, we will set a new value or delete
  577. if( Status == STATUS_OBJECT_NAME_COLLISION ) {
  578. TRACE0(("CreateSecretInLsa: Existing Entry, Opening\n"));
  579. Status = LsaOpenSecret(
  580. PolicyHandle,
  581. &SecretName,
  582. DesiredAccess,
  583. &SecretHandle
  584. );
  585. }
  587. if( !NT_SUCCESS(Status) ) {
  588. DBGPRINT(("Error 0x%x Creating Secret\n",Status));
  590. /* makarp; Close Policy Handle in case of LsaCreateSecrete, LsaopenSecret failures. #182787 */
  591. LsaClose( PolicyHandle );
  592. return( Status );
  593. }
  595. TRACE0(("CreateSecretInLsa: Status 0x%x\n",Status));
  597. if ( wcslen(pSecretData) != 0 ){
  598. RtlInitUnicodeString( &SecretValue, pSecretData );
  600. Status = LsaSetSecret( SecretHandle, &SecretValue, NULL );
  602. TRACE0(("CreateSecretInLsa: LsaSetSecret Status 0x%x\n",Status));
  604. LsaClose(SecretHandle);
  605. }
  606. else{
  607. Status = LsaDelete(SecretHandle);
  608. }
  610. LsaClose( PolicyHandle );
  612. return( Status );
  613. }
  615. /*******************************************************************************
  616. *
  617. * QuerySecretInLsa
  618. *
  619. * Query the secret object in the LSA.
  620. *
  621. * ENTRY:
  622. * pSecretName (input)
  623. * Secret name to create.
  624. *
  625. * pSecretData (output)
  626. * Buffer to store secret data.
  627. *
  628. * ByteCount (input)
  629. * Maximum size of buffer to store result.
  630. *
  631. * EXIT:
  632. * NTSTATUS
  633. *
  634. ******************************************************************************/
  636. NTSTATUS
  637. QuerySecretInLsa(
  638. PWCHAR pSecretName,
  639. PWCHAR pSecretData,
  640. DWORD ByteCount
  641. )
  642. {
  643. NTSTATUS Status;
  644. OBJECT_ATTRIBUTES ObjectAttributes;
  645. SECURITY_QUALITY_OF_SERVICE SecurityQualityOfService;
  646. LSA_HANDLE PolicyHandle;
  647. UNICODE_STRING SecretName;
  648. LSA_HANDLE SecretHandle;
  649. ACCESS_MASK DesiredAccess;
  650. LARGE_INTEGER CurrentTime;
  651. PUNICODE_STRING pCurrentValue = NULL;
  653. SecurityQualityOfService.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
  654. SecurityQualityOfService.ImpersonationLevel = SecurityImpersonation;
  655. SecurityQualityOfService.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
  656. SecurityQualityOfService.EffectiveOnly = FALSE;
  658. InitializeObjectAttributes(
  659. &ObjectAttributes,
  660. NULL,
  661. 0L,
  662. NULL,
  663. NULL
  664. );
  666. ObjectAttributes.SecurityQualityOfService = &SecurityQualityOfService;
  668. Status = LsaOpenPolicy(
  669. NULL, // SystemName (Local)
  670. &ObjectAttributes,
  671. GENERIC_ALL,
  672. &PolicyHandle
  673. );
  675. if( !NT_SUCCESS(Status) ) {
  676. DBGPRINT(("Error 0x%x Opening Policy\n",Status));
  677. return( Status );
  678. }
  680. RtlInitUnicodeString( &SecretName, pSecretName );
  682. DesiredAccess = GENERIC_ALL;
  684. Status = LsaOpenSecret(
  685. PolicyHandle,
  686. &SecretName,
  687. DesiredAccess,
  688. &SecretHandle
  689. );
  691. if( !NT_SUCCESS(Status) ) {
  692. DBGPRINT(("Error 0x%x Opening Secret :%ws:\n",Status,pSecretName));
  694. /* makarp; Close Policy Handle in case of LsaopenSecret failures. #182787 */
  695. LsaClose( PolicyHandle );
  697. return( Status );
  698. }
  700. Status = LsaQuerySecret(
  701. SecretHandle,
  702. &pCurrentValue,
  703. &CurrentTime,
  704. NULL,
  705. NULL
  706. );
  708. TRACE0(("QuerySecretInLsa: Status 0x%x\n",Status));
  710. if( NT_SUCCESS(Status) ) {
  711. if (pCurrentValue != NULL) {
  712. if( (pCurrentValue->Length+sizeof(WCHAR)) > ByteCount ) {
  713. Status = STATUS_INFO_LENGTH_MISMATCH;
  714. }
  715. else {
  716. RtlMoveMemory( pSecretData, pCurrentValue->Buffer, pCurrentValue->Length );
  717. pSecretData[pCurrentValue->Length/sizeof(WCHAR)] = 0;
  718. }
  719. LsaFreeMemory( pCurrentValue );
  720. } else {
  721. pSecretData[0] = (WCHAR) 0;
  722. }
  724. }
  726. LsaClose(SecretHandle);
  728. LsaClose( PolicyHandle );
  730. TRACE0(("QuerySecretInLsa: Final Status 0x%x\n",Status));
  732. return( Status );
  733. }