Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

310 lines
7.7 KiB

//+---------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1992 - 1997.
//
// File: credapi.c
//
// Contents: Credential related API
//
// Classes:
//
// Functions:
//
// History: 2-24-97 RichardW Created
//
//----------------------------------------------------------------------------
#include "xtcbpkg.h"
//+---------------------------------------------------------------------------
//
// Function: XtcbAcceptCredentials
//
// Synopsis: Accept credentials stored during a prior logon session.
//
// Arguments: [LogonType] -- Type of logon
// [UserName] -- name logged on with
// [PrimaryCred] -- Primary credential data
// [SupplementalCreds] -- supplemental credential data
//
// History: 2-19-97 RichardW Created
//
// Notes:
//
//----------------------------------------------------------------------------
SECURITY_STATUS SEC_ENTRY
XtcbAcceptCredentials(
IN SECURITY_LOGON_TYPE LogonType,
IN PUNICODE_STRING UserName,
IN PSECPKG_PRIMARY_CRED PrimaryCred,
IN PSECPKG_SUPPLEMENTAL_CRED SupplementalCreds)
{
PXTCB_CREDS Creds ;
DebugLog(( DEB_TRACE_CALLS, "AcceptCredentials( %d, %ws, ...)\n",
LogonType, UserName->Buffer ));
Creds = XtcbCreateCreds( &PrimaryCred->LogonId );
if ( Creds )
{
return SEC_E_OK ;
}
return SEC_E_INSUFFICIENT_MEMORY ;
}
//+---------------------------------------------------------------------------
//
// Function: XtcbAcquireCredentialsHandle
//
// Synopsis: Acquire a handle representing the user.
//
// Arguments: [psPrincipal] -- claimed name of user
// [fCredentials] -- credential use
// [pLogonID] -- logon id of the calling thread
// [pvAuthData] -- provided auth data pointer (unmapped)
// [pvGetKeyFn] -- function in calling process for key data
// [pvGetKeyArgument] -- argument to be passed
// [pdwHandle] -- returned handle
// [ptsExpiry] -- expiration time
//
// History: 2-19-97 RichardW Created
//
// Notes:
//
//----------------------------------------------------------------------------
SECURITY_STATUS SEC_ENTRY
XtcbAcquireCredentialsHandle(
PSECURITY_STRING psPrincipal,
ULONG fCredentials,
PLUID pLogonId,
PVOID pvAuthData,
PVOID pvGetKeyFn,
PVOID pvGetKeyArgument,
PLSA_SEC_HANDLE pCredHandle,
PTimeStamp ptsExpiry)
{
PXTCB_CREDS Creds;
PXTCB_CRED_HANDLE Handle ;
SECPKG_CLIENT_INFO Info ;
PSEC_WINNT_AUTH_IDENTITY AuthData ;
DebugLog(( DEB_TRACE_CALLS, "AcquireCredentialsHandle(..., %x:%x, %x, ...)\n",
pLogonId->HighPart, pLogonId->LowPart,
pvAuthData ));
Creds = NULL ;
if ( pvAuthData == NULL )
{
if ( (pLogonId->LowPart == 0) && (pLogonId->HighPart == 0) )
{
LsaTable->GetClientInfo( &Info );
*pLogonId = Info.LogonId ;
}
Creds = XtcbFindCreds( pLogonId, TRUE );
if ( !Creds )
{
//
// Time to create credentials for this user
//
Creds = XtcbCreateCreds( pLogonId );
if ( !Creds )
{
return SEC_E_INSUFFICIENT_MEMORY ;
}
if ( Creds->Pac == NULL )
{
Creds->Pac = XtcbCreatePacForCaller();
}
}
}
else
{
return SEC_E_UNKNOWN_CREDENTIALS ;
}
Handle = XtcbAllocateCredHandle( Creds );
XtcbDerefCreds( Creds );
*pCredHandle = (LSA_SEC_HANDLE) Handle ;
*ptsExpiry = XtcbNever ;
if ( Handle )
{
Handle->Usage = fCredentials ;
return SEC_E_OK ;
}
else
{
return SEC_E_INSUFFICIENT_MEMORY ;
}
}
//+---------------------------------------------------------------------------
//
// Function: XtcbQueryCredentialsAttributes
//
// Synopsis: Return information about credentials
//
// Arguments: [dwCredHandle] -- Handle to check
// [dwAttribute] -- attribute to return
// [Buffer] -- Buffer to fill with attribute
//
// History: 2-20-97 RichardW Created
//
// Notes:
//
//----------------------------------------------------------------------------
SECURITY_STATUS
SEC_ENTRY
XtcbQueryCredentialsAttributes(
LSA_SEC_HANDLE CredHandle,
ULONG dwAttribute,
PVOID Buffer)
{
NTSTATUS Status ;
PXTCB_CRED_HANDLE Handle ;
SecPkgCredentials_NamesW Names;
DebugLog(( DEB_TRACE_CALLS, "QueryCredentialsAttribute( %p, %d, ... )\n",
CredHandle, dwAttribute ));
Handle = (PXTCB_CRED_HANDLE) CredHandle ;
#if DBG
if ( Handle->Check != XTCB_CRED_HANDLE_CHECK )
{
return SEC_E_INVALID_HANDLE ;
}
#endif
//
// We only know about one credential attribute right now:
//
if ( dwAttribute != SECPKG_CRED_ATTR_NAMES )
{
return SEC_E_UNSUPPORTED_FUNCTION ;
}
Status = SEC_E_UNSUPPORTED_FUNCTION ;
return Status ;
}
//+---------------------------------------------------------------------------
//
// Function: XtcbFreeCredentialsHandle
//
// Synopsis: Dereferences a credential handle from AcquireCredHandle
//
// Arguments: [dwHandle] --
//
// History: 2-20-97 RichardW Created
//
// Notes:
//
//----------------------------------------------------------------------------
SECURITY_STATUS
SEC_ENTRY
XtcbFreeCredentialsHandle(
LSA_SEC_HANDLE CredHandle
)
{
PXTCB_CRED_HANDLE Handle ;
DebugLog(( DEB_TRACE_CALLS, "FreeCredentialsHandle( %p )\n", CredHandle ));
Handle = (PXTCB_CRED_HANDLE) CredHandle ;
if ( Handle->Check == XTCB_CRED_HANDLE_CHECK )
{
XtcbDerefCredHandle( Handle );
return SEC_E_OK ;
}
return( SEC_E_INVALID_HANDLE );
}
//+---------------------------------------------------------------------------
//
// Function: XtcbLogonTerminated
//
// Synopsis: Called when the logon session has terminated (all tokens closed)
//
// Arguments: [pLogonId] -- Logon session that has terminated
//
// History: 2-20-97 RichardW Created
//
// Notes:
//
//----------------------------------------------------------------------------
VOID
SEC_ENTRY
XtcbLogonTerminated(PLUID pLogonId)
{
PXTCB_CREDS Creds ;
DebugLog(( DEB_TRACE_CALLS, "LogonTerminated( %x:%x )\n",
pLogonId->HighPart, pLogonId->LowPart ));
Creds = XtcbFindCreds( pLogonId, FALSE );
if ( Creds )
{
Creds->Flags |= XTCB_CRED_TERMINATED ;
XtcbDerefCreds( Creds );
}
return;
}
//+---------------------------------------------------------------------------
//
// Function: XtcbGetUserInfo
//
// Synopsis: Return information about a user to the LSA
//
// Arguments: [pLogonId] --
// [fFlags] --
// [ppUserInfo] --
//
// History: 2-20-97 RichardW Created
//
// Notes:
//
//----------------------------------------------------------------------------
SECURITY_STATUS
SEC_ENTRY
XtcbGetUserInfo( PLUID pLogonId,
ULONG fFlags,
PSecurityUserData * ppUserInfo)
{
PSecurityUserData pInfo ;
PXTCB_CREDS Creds ;
SECURITY_STATUS Status ;
DebugLog(( DEB_TRACE_CALLS, "GetUserInfo( %x:%x, %x, ...)\n",
pLogonId->HighPart, pLogonId->LowPart, fFlags ));
return SEC_E_UNSUPPORTED_FUNCTION ;
}