archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/base/lsa/server/spinit.cxx

833 lines
20 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+-----------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (c) Microsoft Corporation 1991 - 1992
  6. //
  7. // File: SPInit.cxx
  8. //
  9. // Contents: Initialization code for SPMgr/LSA
  10. //
  11. // Functions: LoadPackages -- Loads all the packages
  12. // InitThreadData -- Creates TLS values
  13. // InitSystemLogon -- Initializes the System logon
  14. // LsapEnableCreateTokenPrivilege -- Enables the privilege
  15. // InitLocatorAndOle -- Initializes Locator cache, Ole
  16. // InitKDCData -- Initializes knowledge about KDC
  17. //
  18. //
  19. // History: 08 Sep 92, RichardW Created from spmgr.c, etc.
  20. // 26 Mar 93, MikeSw Converted from C->C++
  21. //
  22. //------------------------------------------------------------------------
  24. //
  25. // precompiled headers
  26. //
  28. #include <lsapch.hxx>
  29. extern "C"
  30. {
  31. #include "spinit.h"
  32. #include <lmcons.h>
  33. #include <crypt.h>
  34. #include <logonmsv.h>
  35. #include <ssi.h>
  36. #include <lsads.h>
  37. }
  39. // #include <crypto.h>
  50. //+-------------------------------------------------------------------------
  51. //
  52. // Function: LoadPackages
  53. //
  54. // Synopsis: Loads all the specified security packages
  55. //
  56. // Effects: Packages loaded, global structures updated
  57. //
  58. // Arguments: comma-separated list of package names (DLL names)
  59. //
  60. // Requires:
  61. //
  62. // Returns: SUCCESS, or some failures
  63. //
  64. // Notes: This is run during SPM Init, while the process is still
  65. // single threaded, and not handling any calls.
  66. //
  67. //--------------------------------------------------------------------------
  69. extern "C"
  70. NTSTATUS
  71. LoadPackages( PWSTR * ppszPackages,
  72. PWSTR * ppszOldPkgs,
  73. PWSTR pszPreferred)
  74. {
  75. PWSTR pszPackage;
  76. NTSTATUS scRet;
  77. SECURITY_STRING sStr;
  78. SECPKG_PARAMETERS Parameters;
  79. ULONG iPackage = 0;
  80. ULONG iOldPkg = 0;
  81. ULONG LoadCount = 0;
  82. ULONG NewCount = 0;
  83. ULONG PreferredPackage = 0;
  84. PLSAPR_POLICY_DNS_DOMAIN_INFO DnsDomainInfo = NULL;
  85. PLSAP_SECURITY_PACKAGE Package;
  86. SECPKG_EVENT_PACKAGE_CHANGE Event;
  87. NT_PRODUCT_TYPE ProductType ;
  90. //
  91. // Get our global state.
  92. //
  94. if (LsapIsEncryptionPermitted())
  95. {
  96. lsState.fState |= SPMSTATE_PRIVACY_OK;
  97. }
  100. if (!SpmpInitializePackageControl())
  101. {
  102. return( STATUS_INSUFFICIENT_RESOURCES );
  103. }
  104. //
  105. // Build up the initialization message, to give the packages a better idea
  106. // of what is going on, and reduce their later calls for the same info.
  107. //
  109. Parameters.MachineState = ((lsState.fState & SPMSTATE_PRIVACY_OK) != 0) ? SECPKG_STATE_ENCRYPTION_PERMITTED : 0;
  111. #ifndef LSASRV_EXPORT
  112. Parameters.MachineState |= SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED;
  113. #endif
  114. Parameters.SetupMode = SetupPhase;
  117. scRet = LsaIQueryInformationPolicyTrusted(
  118. PolicyDnsDomainInformation,
  119. (PLSAPR_POLICY_INFORMATION *) &DnsDomainInfo
  120. );
  122. if (!NT_SUCCESS(scRet))
  123. {
  124. DebugLog((DEB_ERROR,"Failed to get primary domain info: 0x%x\n",scRet));
  125. return(scRet);
  126. }
  128. Parameters.DomainName = * (PUNICODE_STRING) &DnsDomainInfo->Name;
  129. Parameters.DnsDomainName = * (PUNICODE_STRING) &DnsDomainInfo->DnsDomainName;
  130. Parameters.DomainSid = (PSID) DnsDomainInfo->Sid;
  131. Parameters.DomainGuid = (GUID) DnsDomainInfo->DomainGuid;
  134. if ( RtlGetNtProductType( &ProductType ) )
  135. {
  136. if ( ProductType == NtProductLanManNt )
  137. {
  138. Parameters.MachineState |= SECPKG_STATE_DOMAIN_CONTROLLER ;
  139. }
  140. else
  141. {
  142. if (Parameters.DomainSid != NULL)
  143. {
  144. Parameters.MachineState |= SECPKG_STATE_WORKSTATION;
  145. }
  146. else
  147. {
  148. Parameters.MachineState |= SECPKG_STATE_STANDALONE;
  149. }
  150. }
  151. }
  152. else
  153. {
  154. Parameters.MachineState |= SECPKG_STATE_STANDALONE;
  155. }
  157. LoadCount = 0;
  158. NewCount = 0;
  160. DebugLog((DEB_TRACE_INIT, "Init Parameters = %d, %s\n",
  161. Parameters.MachineState,
  162. (Parameters.SetupMode ? "Setup" : "Normal") ));
  164. //
  165. // Add the built in Negotiate package first. It will hook all subsequent
  166. // package loads and unloads, so that it can keep a table running of all
  167. // the packages and their negotiate options.
  168. //
  170. if ( SpmpLoadBuiltin( 0, &NegTable, &Parameters ) )
  171. {
  172. LoadCount ++ ;
  173. }
  174. //
  175. // Set the preferred package to be the first non-negotiate package
  176. //
  178. PreferredPackage = LoadCount;
  181. //
  182. // Now load the new DLLs:
  183. //
  185. while (pszPackage = ppszPackages[iPackage])
  186. {
  187. if (SpmpLoadDll( pszPackage, &Parameters ))
  188. {
  189. LoadCount++;
  190. NewCount++;
  191. }
  193. iPackage++;
  195. }
  197. //
  198. // Now, load old style packages, or just the MSV package for now.
  199. //
  201. while (pszPackage = ppszOldPkgs[iOldPkg])
  202. {
  203. if (SpmpLoadAuthPkgDll( pszPackage ))
  204. {
  205. LoadCount++;
  206. }
  208. iOldPkg++;
  210. }
  213. //
  214. // Select the preferred package.
  215. //
  217. if ( pszPreferred == NULL )
  218. {
  219. Package = SpmpLocatePackage( PreferredPackage );
  220. }
  221. else
  222. {
  223. RtlInitUnicodeString( &sStr, pszPreferred );
  225. Package = SpmpLookupPackage( &sStr );
  226. }
  228. //
  229. // If there are no new packages, do not enabled a preferred
  230. // package. It will mess up the negotiate package
  231. //
  233. if ( NewCount == 0 )
  234. {
  235. Package = NULL ;
  236. }
  238. if ( Package )
  239. {
  240. Package->fPackage |= SP_PREFERRED ;
  242. Event.PackageId = Package->dwPackageID;
  243. Event.PackageName = Package->Name;
  244. Event.ChangeType = SECPKG_PACKAGE_CHANGE_SELECT ;
  246. LsapEventNotify(
  247. NOTIFY_CLASS_PACKAGE_CHANGE,
  248. 0,
  249. sizeof( Event ),
  250. &Event );
  253. }
  259. //
  260. // All the strings are actually offsets from the zeroth string
  261. //
  264. if (ppszPackages[0] != NULL)
  265. {
  266. LsapFreeLsaHeap(ppszPackages[0]);
  267. }
  270. //
  271. // Finally, free the array:
  272. //
  274. LsapFreeLsaHeap(ppszPackages);
  276. //
  277. // Get rid of the old package array, as well:
  278. //
  280. if (ppszOldPkgs[0] != NULL)
  281. {
  282. LsapFreeLsaHeap(ppszOldPkgs[0]);
  283. }
  285. LsapFreeLsaHeap(ppszOldPkgs);
  288. #if DBG
  289. SpmpLoadBuiltinAuthPkg( &DbgTable );
  290. #endif
  292. //
  293. // Free the primary domain info
  294. //
  296. LsaIFree_LSAPR_POLICY_INFORMATION(
  297. PolicyDnsDomainInformation,
  298. (PLSAPR_POLICY_INFORMATION) DnsDomainInfo
  299. );
  301. //
  302. // If at least the primary loaded, then return OK. If not that,
  303. // then return an error:
  304. //
  306. if ( LoadCount )
  307. {
  308. return(S_OK);
  309. }
  310. else
  311. {
  312. return(SEC_E_CANNOT_INSTALL);
  313. }
  315. }
  319. //+-------------------------------------------------------------------------
  320. //
  321. // Function: InitThreadData
  322. //
  323. // Synopsis: Initializes Tls* data slots
  324. //
  325. // Effects:
  326. //
  327. // Arguments:
  328. //
  329. // Requires:
  330. //
  331. // Returns:
  332. //
  333. // Notes:
  334. //
  335. //--------------------------------------------------------------------------
  336. extern "C"
  337. void
  338. InitThreadData(void)
  339. {
  340. dwSession = TlsAlloc();
  341. dwLastError = TlsAlloc();
  342. dwExceptionInfo = TlsAlloc();
  343. dwCallInfo = TlsAlloc();
  344. dwThreadPackage = TlsAlloc();
  345. LsapDsThreadState = TlsAlloc();
  346. dwThreadHeap = TlsAlloc();
  348. #ifdef DBG
  349. SafeLockInit();
  350. #endif
  351. }
  353. #ifdef LSAP_VERIFY_PACKAGE_ID
  354. BOOL RefSetCurrentPackageId(ULONG_PTR dwPackageId)
  355. {
  356. ULONG_PTR dwCurId;
  357. char szTmp[32];
  358. WCHAR szw[64];
  360. dwCurId = (ULONG_PTR) TlsGetValue(dwThreadPackage);
  362. sprintf(szTmp, "%ld (%ld)", dwPackageId, dwCurId);
  364. // wsprintf(szw, L"*** %x ==> %d\n", GetCurrentThreadId(), dwPackageId);
  365. // OutputDebugString(szw);
  367. if (dwCurId == SPMGR_ID)
  368. {
  369. DsysAssertMsg(dwPackageId != SPMGR_ID, szTmp);
  370. }
  372. return TlsSetValue(dwThreadPackage, (PVOID)dwPackageId);
  373. }
  374. #endif // LSAP_VERIFY_PACKAGE_ID
  376. //+-------------------------------------------------------------------------
  377. //
  378. // Function: InitSystemLogon
  379. //
  380. // Synopsis: Creates system logon credentials
  381. //
  382. // Effects: Creates credentials for NTLM and Kerberos for the Machine
  383. // in the system logon.
  384. //
  385. // Arguments:
  386. //
  387. // Requires:
  388. //
  389. // Returns:
  390. //
  391. // Notes:
  392. //
  393. //--------------------------------------------------------------------------
  395. extern "C"
  396. void
  397. InitSystemLogon(void)
  398. {
  399. UNICODE_STRING ComputerPrincipalName;
  400. PLSAP_SECURITY_PACKAGE pAuxPackage;
  401. PSession pSession = GetCurrentSession();
  402. UNICODE_STRING SecretName;
  403. ULONG_PTR iPackage;
  404. NTSTATUS scRet;
  405. SECPKG_PRIMARY_CRED PrimaryCred;
  406. PLSAPR_POLICY_INFORMATION PolicyInfo = NULL;
  407. PLSAPR_POLICY_INFORMATION DnsPolicyInfo = NULL;
  408. PLSAPR_CR_CIPHER_VALUE CrWkstaPassword = NULL;
  409. PLSAPR_CR_CIPHER_VALUE CrWkstaOldPassword = NULL;
  410. SID SystemSid = {SID_REVISION, 1,
  411. SECURITY_NT_AUTHORITY,
  412. SECURITY_LOCAL_SYSTEM_RID};
  413. LSAPR_HANDLE SecretHandle = NULL;
  414. UNICODE_STRING DomainCopy ;
  415. UNICODE_STRING MachineCopy ;
  416. PSID SidCopy ;
  420. RtlZeroMemory(
  421. &PrimaryCred,
  422. sizeof(PrimaryCred)
  423. );
  426. ComputerPrincipalName.Buffer = NULL;
  428. //
  429. // Build the computer principal name, which is the computer name followed
  430. // by a '$'
  431. //
  433. ComputerPrincipalName.Length = MachineName.Length + sizeof(WCHAR);
  434. ComputerPrincipalName.MaximumLength = MachineName.Length + 2 * sizeof(WCHAR);
  436. ComputerPrincipalName.Buffer = (LPWSTR) LsapAllocateLsaHeap(ComputerPrincipalName.MaximumLength);
  437. if (ComputerPrincipalName.Buffer == NULL)
  438. {
  439. goto Cleanup;
  440. }
  442. RtlCopyMemory(
  443. ComputerPrincipalName.Buffer,
  444. MachineName.Buffer,
  445. MachineName.Length
  446. );
  447. ComputerPrincipalName.Buffer[MachineName.Length/sizeof(WCHAR)] =
  448. SSI_ACCOUNT_NAME_POSTFIX_CHAR;
  449. ComputerPrincipalName.Buffer[1+MachineName.Length/sizeof(WCHAR)] =
  450. L'\0';
  454. PrimaryCred.LogonId = SystemLogonId;
  455. PrimaryCred.UserSid = &SystemSid;
  456. PrimaryCred.DownlevelName.Buffer = wcsrchr(ComputerPrincipalName.Buffer,L'\\');
  457. if (PrimaryCred.DownlevelName.Buffer == NULL)
  458. {
  459. PrimaryCred.DownlevelName = ComputerPrincipalName;
  460. }
  461. else
  462. {
  463. PrimaryCred.DownlevelName.Buffer++;
  464. RtlInitUnicodeString(
  465. &PrimaryCred.DownlevelName,
  466. PrimaryCred.DownlevelName.Buffer
  467. );
  469. }
  472. //
  473. // Get the machine account password, if there is one
  474. //
  476. RtlInitUnicodeString(
  477. &SecretName,
  478. SSI_SECRET_NAME
  479. );
  481. scRet = LsarOpenSecret(
  482. LsapPolicyHandle,
  483. (PLSAPR_UNICODE_STRING) &SecretName,
  484. SECRET_ALL_ACCESS,
  485. &SecretHandle
  486. );
  487. if (NT_SUCCESS(scRet))
  488. {
  489. scRet = LsarQuerySecret(
  490. SecretHandle,
  491. &CrWkstaPassword,
  492. NULL, // we don't want current val set time
  493. &CrWkstaOldPassword,
  494. NULL // ditto for old val
  495. );
  496. }
  498. //
  499. // We don't want to fail to boot if we don't have a password, so continue
  500. // after an error
  501. //
  503. if (NT_SUCCESS(scRet) && (CrWkstaPassword != NULL))
  504. {
  505. PrimaryCred.Password.Buffer = (LPWSTR) CrWkstaPassword->Buffer;
  506. PrimaryCred.Password.Length = (USHORT) CrWkstaPassword->Length;
  507. PrimaryCred.Password.MaximumLength = (USHORT) CrWkstaPassword->MaximumLength;
  508. PrimaryCred.Flags = PRIMARY_CRED_CLEAR_PASSWORD;
  510. if (CrWkstaOldPassword != NULL)
  511. {
  512. PrimaryCred.OldPassword.Buffer = (LPWSTR) CrWkstaOldPassword->Buffer;
  513. PrimaryCred.OldPassword.Length = (USHORT) CrWkstaOldPassword->Length;
  514. PrimaryCred.OldPassword.MaximumLength = (USHORT) CrWkstaOldPassword->MaximumLength;
  515. }
  516. }
  519. scRet = LsaIQueryInformationPolicyTrusted(
  520. PolicyDnsDomainInformation,
  521. &DnsPolicyInfo
  522. );
  523. if(!NT_SUCCESS(scRet))
  524. {
  525. scRet = LsaIQueryInformationPolicyTrusted(
  526. PolicyPrimaryDomainInformation,
  527. &PolicyInfo
  528. );
  529. if (NT_SUCCESS(scRet))
  530. {
  531. PrimaryCred.DomainName = *(PUNICODE_STRING) &PolicyInfo->PolicyPrimaryDomainInfo.Name;
  532. }
  533. } else {
  534. PrimaryCred.DomainName = *(PUNICODE_STRING) &DnsPolicyInfo->PolicyDnsDomainInfo.Name;
  535. PrimaryCred.DnsDomainName = *(PUNICODE_STRING) &DnsPolicyInfo->PolicyDnsDomainInfo.DnsDomainName;
  536. }
  538. //
  539. // Update the logon session with the "real" name:
  540. //
  542. scRet = LsapDuplicateString(
  543. &DomainCopy,
  544. &PrimaryCred.DomainName );
  546. if ( NT_SUCCESS( scRet ) )
  547. {
  548. scRet = LsapDuplicateString(
  549. &MachineCopy,
  550. &PrimaryCred.DownlevelName );
  552. if ( NT_SUCCESS( scRet ) )
  553. {
  554. scRet = LsapDuplicateSid(
  555. &SidCopy,
  556. PrimaryCred.UserSid );
  558. if ( NT_SUCCESS( scRet ) )
  559. {
  560. LsapSetLogonSessionAccountInfo(
  561. &SystemLogonId,
  562. &MachineCopy,
  563. &DomainCopy,
  564. NULL,
  565. &SidCopy,
  566. (SECURITY_LOGON_TYPE) 0,
  567. &PrimaryCred
  568. );
  570. //
  571. // If successful, LsapSetLogonSessionAccountInfo will have taken
  572. // ownership of UserSid
  573. //
  575. if ( SidCopy != NULL ) {
  576. LsapFreeLsaHeap( SidCopy );
  577. }
  578. }
  579. }
  580. }
  583. DebugLog((DEB_TRACE_INIT, "Establishing credentials for machine %ws\n", MachineName.Buffer));
  586. pAuxPackage = SpmpIteratePackagesByRequest( NULL, SP_ORDINAL_ACCEPTCREDS );
  588. while (pAuxPackage)
  589. {
  590. iPackage = pAuxPackage->dwPackageID;
  592. DebugLog((DEB_TRACE_INIT, "Whacking package %ws with %x:%x = %ws\n",
  593. pAuxPackage->Name.Buffer,
  594. SystemLogonId.HighPart, SystemLogonId.LowPart,
  595. MachineName.Buffer));
  597. SetCurrentPackageId(iPackage);
  599. __try
  600. {
  602. scRet = pAuxPackage->FunctionTable.AcceptCredentials(
  603. Interactive,
  604. &ComputerPrincipalName,
  605. &PrimaryCred,
  606. NULL // no supplemental credentials
  607. );
  608. }
  609. __except (EXCEPTION_EXECUTE_HANDLER)
  610. {
  611. scRet = (NTSTATUS) GetExceptionCode();
  612. scRet = SPException(scRet, iPackage);
  613. }
  615. // Note: if an exception occurs, we don't fail the logon, we just
  616. // do the magic on the package that blew. If the package blows,
  617. // the other packages may succeed, and so the user may not be able
  618. // to use that provider.
  620. pAuxPackage = SpmpIteratePackagesByRequest( pAuxPackage,
  621. SP_ORDINAL_ACCEPTCREDS );
  623. }
  627. Cleanup:
  629. //
  630. // Finally, set this thread back to being a SPM thread:
  631. //
  633. SetCurrentPackageId( SPMGR_ID );
  635. if (CrWkstaPassword != NULL)
  636. {
  637. LsaIFree_LSAPR_CR_CIPHER_VALUE(
  638. CrWkstaPassword
  639. );
  640. }
  641. if (CrWkstaOldPassword != NULL)
  642. {
  643. LsaIFree_LSAPR_CR_CIPHER_VALUE(
  644. CrWkstaOldPassword
  645. );
  646. }
  647. if (SecretHandle != NULL)
  648. {
  649. LsarClose(&SecretHandle);
  650. }
  652. if (PolicyInfo != NULL)
  653. {
  654. LsaIFree_LSAPR_POLICY_INFORMATION(
  655. PolicyPrimaryDomainInformation,
  656. PolicyInfo
  657. );
  658. }
  659. if (DnsPolicyInfo != NULL)
  660. {
  661. LsaIFree_LSAPR_POLICY_INFORMATION(
  662. PolicyDnsDomainInformation,
  663. DnsPolicyInfo
  664. );
  665. }
  666. if (ComputerPrincipalName.Buffer == NULL)
  667. {
  668. LsapFreeLsaHeap(ComputerPrincipalName.Buffer);
  669. }
  670. }
  673. HANDLE
  674. SpmpOpenEvent( IN PWSTR EventName )
  675. {
  676. NTSTATUS NtStatus;
  677. HANDLE InstallationEvent;
  678. OBJECT_ATTRIBUTES EventAttributes;
  679. UNICODE_STRING UnicodeEventName;
  682. //
  683. // If the following event exists, it is an indication that
  684. // installation is in progress and that further security
  685. // initialization should be delayed until the event is
  686. // signalled. This is expected to be a NOTIFICATION event.
  687. //
  689. RtlInitUnicodeString( &UnicodeEventName, EventName);
  690. InitializeObjectAttributes( &EventAttributes, &UnicodeEventName, 0, 0, NULL );
  692. NtStatus = NtOpenEvent(
  693. &InstallationEvent,
  694. SYNCHRONIZE,
  695. &EventAttributes
  696. );
  698. if (NT_SUCCESS(NtStatus))
  699. {
  700. return(InstallationEvent);
  701. }
  702. else
  703. return(NULL);
  705. }
  707. HANDLE
  708. SpmpOpenSetupEvent( VOID )
  709. {
  710. return( SpmpOpenEvent(L"\\INSTALLATION_SECURITY_HOLD"));
  711. }
  713. extern "C"
  714. BOOLEAN
  715. SpmpIsSetupPass( VOID )
  716. {
  718. HANDLE hEvent;
  720. if (hEvent = SpmpOpenSetupEvent())
  721. {
  722. NtClose(hEvent);
  723. return(TRUE);
  724. }
  725. return(FALSE);
  726. }
  728. extern "C"
  729. BOOLEAN
  730. SpmpIsMiniSetupPass( VOID )
  731. {
  732. DWORD rc;
  733. DWORD d = 0;
  734. DWORD Type;
  735. HKEY hKey;
  737. //
  738. // See if this is a "mini" setup, in which case we
  739. // don't need to generate the domain SID.
  740. //
  741. rc = RegOpenKeyExW( HKEY_LOCAL_MACHINE,
  742. L"System\\Setup",
  743. 0,
  744. KEY_READ,
  745. &hKey );
  746. if( rc == ERROR_SUCCESS ) {
  748. //
  749. // Just get the size (ALPHA workaround). All
  750. // we care about is if the key exists...
  751. //
  752. rc = RegQueryValueExW( hKey,
  753. L"MiniSetupInProgress",
  754. NULL,
  755. &Type,
  756. (LPBYTE)NULL,
  757. &d );
  759. RegCloseKey( hKey );
  761. if( rc == ERROR_SUCCESS ) {
  762. return( TRUE );
  763. }
  764. }
  765. return( FALSE );
  766. }
  769. NTSTATUS
  770. LsapInstallationPause( VOID )
  773. /*++
  775. Routine Description:
  777. This function checks to see if the system is in an
  778. installation state. If so, it suspends further initialization
  779. until the installation state is complete.
  781. Installation state is signified by the existance of a well known
  782. event.
  785. Arguments:
  787. None.
  789. Return Value:
  792. STATUS_SUCCESS - Proceed with initialization.
  794. Other status values are unexpected.
  796. --*/
  798. {
  799. HANDLE InstallationEvent;
  800. NTSTATUS NtStatus;
  801. NTSTATUS TmpStatus;
  803. InstallationEvent = SpmpOpenSetupEvent();
  805. if ( InstallationEvent ) {
  807. //
  808. // The event exists - installation created it and will signal it
  809. // when it is ok to proceed with security initialization.
  810. // Installation code is responsible for deleting the event after
  811. // signalling it.
  812. //
  814. NtStatus = NtWaitForSingleObject( InstallationEvent, TRUE, 0 );
  815. TmpStatus = NtClose( InstallationEvent );
  816. ASSERT(NT_SUCCESS(TmpStatus));
  818. //
  819. // Now, strobe the state changed event, to indicate to the
  820. // rest of the threads that life has changed
  821. //
  823. SpmSetEvent(hStateChangeEvent);
  825. } else {
  826. NtStatus = STATUS_SUCCESS; // Indicate everything is as expected
  827. }
  829. return(NtStatus);
  831. }