[ros-diffs] [ekohl] 53783: [LSA] - Implement the LSA object database. - Implement the information classes PolicyPrimaryDomainInformation and PolicyAccountDomainInformation of LsarSetInformationPolicy().

ekohl at svn.reactos.org ekohl at svn.reactos.org
Tue Sep 20 23:15:51 UTC 2011


Author: ekohl
Date: Tue Sep 20 23:15:51 2011
New Revision: 53783

URL: http://svn.reactos.org/svn/reactos?rev=53783&view=rev
Log:
[LSA]
- Implement the LSA object database.
- Implement the information classes PolicyPrimaryDomainInformation and PolicyAccountDomainInformation of LsarSetInformationPolicy().

Added:
    trunk/reactos/dll/win32/lsasrv/database.c   (with props)
    trunk/reactos/dll/win32/lsasrv/policy.c   (with props)
Modified:
    trunk/reactos/dll/win32/lsasrv/CMakeLists.txt
    trunk/reactos/dll/win32/lsasrv/lsarpc.c
    trunk/reactos/dll/win32/lsasrv/lsasrv.c
    trunk/reactos/dll/win32/lsasrv/lsasrv.h
    trunk/reactos/dll/win32/lsasrv/lsasrv.rbuild
    trunk/reactos/dll/win32/lsasrv/lsasrv.spec
    trunk/reactos/dll/win32/lsasrv/privileges.c

Modified: trunk/reactos/dll/win32/lsasrv/CMakeLists.txt
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/CMakeLists.txt?rev=53783&r1=53782&r2=53783&view=diff
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/CMakeLists.txt [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/CMakeLists.txt [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -12,8 +12,10 @@
 
 list(APPEND SOURCE
     authport.c
+    database.c
     lsarpc.c
     lsasrv.c
+    policy.c
     privileges.c
     sids.c
     lsasrv.rc

Added: trunk/reactos/dll/win32/lsasrv/database.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/database.c?rev=53783&view=auto
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/database.c (added)
+++ trunk/reactos/dll/win32/lsasrv/database.c [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -1,0 +1,476 @@
+/*
+ * PROJECT:     Local Security Authority Server DLL
+ * LICENSE:     GPL - See COPYING in the top level directory
+ * FILE:        dll/win32/lsasrv/database.c
+ * PURPOSE:     LSA object database
+ * COPYRIGHT:   Copyright 2011 Eric Kohl
+ */
+
+/* INCLUDES ****************************************************************/
+
+#include "lsasrv.h"
+
+WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
+
+
+/* GLOBALS *****************************************************************/
+
+static HANDLE SecurityKeyHandle = NULL;
+
+
+/* FUNCTIONS ***************************************************************/
+
+static NTSTATUS
+LsapOpenServiceKey(VOID)
+{
+    OBJECT_ATTRIBUTES ObjectAttributes;
+    UNICODE_STRING KeyName;
+    NTSTATUS Status;
+
+    RtlInitUnicodeString(&KeyName,
+                         L"\\Registry\\Machine\\SECURITY");
+
+    InitializeObjectAttributes(&ObjectAttributes,
+                               &KeyName,
+                               OBJ_CASE_INSENSITIVE,
+                               NULL,
+                               NULL);
+
+    Status = RtlpNtOpenKey(&SecurityKeyHandle,
+                           KEY_READ | KEY_CREATE_SUB_KEY | KEY_ENUMERATE_SUB_KEYS,
+                           &ObjectAttributes,
+                           0);
+
+    return Status;
+}
+
+
+static BOOLEAN
+LsapIsDatabaseInstalled(VOID)
+{
+    OBJECT_ATTRIBUTES ObjectAttributes;
+    UNICODE_STRING KeyName;
+    HANDLE KeyHandle;
+    NTSTATUS Status;
+
+    RtlInitUnicodeString(&KeyName,
+                         L"Policy");
+
+    InitializeObjectAttributes(&ObjectAttributes,
+                               &KeyName,
+                               OBJ_CASE_INSENSITIVE,
+                               SecurityKeyHandle,
+                               NULL);
+
+    Status = RtlpNtOpenKey(&KeyHandle,
+                           KEY_READ,
+                           &ObjectAttributes,
+                           0);
+    if (!NT_SUCCESS(Status))
+        return FALSE;
+
+    NtClose(KeyHandle);
+
+    return TRUE;
+}
+
+
+static NTSTATUS
+LsapInstallDatabase(VOID)
+{
+    OBJECT_ATTRIBUTES ObjectAttributes;
+    UNICODE_STRING KeyName;
+    HANDLE PolicyKeyHandle = NULL;
+    HANDLE AccountsKeyHandle = NULL;
+    HANDLE DomainsKeyHandle = NULL;
+    HANDLE SecretsKeyHandle = NULL;
+    NTSTATUS Status = STATUS_SUCCESS;
+
+    TRACE("LsapInstallDatabase()\n");
+
+    /* Create the 'Policy' key */
+    RtlInitUnicodeString(&KeyName,
+                         L"Policy");
+
+    InitializeObjectAttributes(&ObjectAttributes,
+                               &KeyName,
+                               OBJ_CASE_INSENSITIVE,
+                               SecurityKeyHandle,
+                               NULL);
+
+    Status = NtCreateKey(&PolicyKeyHandle,
+                         KEY_ALL_ACCESS,
+                         &ObjectAttributes,
+                         0,
+                         NULL,
+                         0,
+                         NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("Failed to create the 'Policy' key (Status: 0x%08lx)\n", Status);
+        goto Done;
+    }
+
+    /* Create the 'Accounts' key */
+    RtlInitUnicodeString(&KeyName,
+                         L"Accounts");
+
+    InitializeObjectAttributes(&ObjectAttributes,
+                               &KeyName,
+                               OBJ_CASE_INSENSITIVE,
+                               PolicyKeyHandle,
+                               NULL);
+
+    Status = NtCreateKey(&AccountsKeyHandle,
+                         KEY_ALL_ACCESS,
+                         &ObjectAttributes,
+                         0,
+                         NULL,
+                         0,
+                         NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("Failed to create the 'Accounts' key (Status: 0x%08lx)\n", Status);
+        goto Done;
+    }
+
+    /* Create the 'Domains' key */
+    RtlInitUnicodeString(&KeyName,
+                         L"Domains");
+
+    InitializeObjectAttributes(&ObjectAttributes,
+                               &KeyName,
+                               OBJ_CASE_INSENSITIVE,
+                               PolicyKeyHandle,
+                               NULL);
+
+    Status = NtCreateKey(&DomainsKeyHandle,
+                         KEY_ALL_ACCESS,
+                         &ObjectAttributes,
+                         0,
+                         NULL,
+                         0,
+                         NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("Failed to create the 'Domains' key (Status: 0x%08lx)\n", Status);
+        goto Done;
+    }
+
+    /* Create the 'Secrets' key */
+    RtlInitUnicodeString(&KeyName,
+                         L"Secrets");
+
+    InitializeObjectAttributes(&ObjectAttributes,
+                               &KeyName,
+                               OBJ_CASE_INSENSITIVE,
+                               PolicyKeyHandle,
+                               NULL);
+
+    Status = NtCreateKey(&SecretsKeyHandle,
+                         KEY_ALL_ACCESS,
+                         &ObjectAttributes,
+                         0,
+                         NULL,
+                         0,
+                         NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("Failed to create the 'Secrets' key (Status: 0x%08lx)\n", Status);
+        goto Done;
+    }
+
+
+Done:
+    if (SecretsKeyHandle != NULL)
+        NtClose(SecretsKeyHandle);
+
+    if (DomainsKeyHandle != NULL)
+        NtClose(DomainsKeyHandle);
+
+    if (AccountsKeyHandle != NULL)
+        NtClose(AccountsKeyHandle);
+
+    if (PolicyKeyHandle != NULL)
+        NtClose(PolicyKeyHandle);
+
+    TRACE("LsapInstallDatabase() done (Status: 0x%08lx)\n", Status);
+
+    return Status;
+}
+
+
+NTSTATUS
+LsapInitDatabase(VOID)
+{
+    NTSTATUS Status;
+
+    TRACE("LsapInitDatabase()\n");
+
+    Status = LsapOpenServiceKey();
+    if (!NT_SUCCESS(Status))
+    {
+        ERR("Failed to open the service key (Status: 0x%08lx)\n", Status);
+        return Status;
+    }
+
+    if (!LsapIsDatabaseInstalled())
+    {
+        Status = LsapInstallDatabase();
+        if (!NT_SUCCESS(Status))
+        {
+            ERR("Failed to install the LSA database (Status: 0x%08lx)\n", Status);
+            return Status;
+        }
+    }
+
+    TRACE("LsapInitDatabase() done\n");
+
+    return STATUS_SUCCESS;
+}
+
+
+LSAPR_HANDLE
+LsapCreateDbObject(LSAPR_HANDLE ParentHandle,
+                   LPWSTR ObjectName,
+                   BOOLEAN Open,
+                   LSA_DB_OBJECT_TYPE ObjectType,
+                   ACCESS_MASK DesiredAccess)
+{
+    PLSA_DB_OBJECT ParentObject = (PLSA_DB_OBJECT)ParentHandle;
+    PLSA_DB_OBJECT DbObject;
+    OBJECT_ATTRIBUTES ObjectAttributes;
+    UNICODE_STRING KeyName;
+    HANDLE ParentKeyHandle;
+    HANDLE ObjectKeyHandle;
+    NTSTATUS Status;
+
+    if (ParentHandle != NULL)
+        ParentKeyHandle = ParentObject->KeyHandle;
+    else
+        ParentKeyHandle = SecurityKeyHandle;
+
+    RtlInitUnicodeString(&KeyName,
+                         ObjectName);
+
+    InitializeObjectAttributes(&ObjectAttributes,
+                               &KeyName,
+                               OBJ_CASE_INSENSITIVE,
+                               ParentKeyHandle,
+                               NULL);
+
+    if (Open == TRUE)
+    {
+        Status = NtOpenKey(&ObjectKeyHandle,
+                           KEY_ALL_ACCESS,
+                           &ObjectAttributes);
+    }
+    else
+    {
+        Status = NtCreateKey(&ObjectKeyHandle,
+                             KEY_ALL_ACCESS,
+                             &ObjectAttributes,
+                             0,
+                             NULL,
+                             0,
+                             NULL);
+    }
+
+    if (!NT_SUCCESS(Status))
+    {
+        return NULL;
+    }
+
+    DbObject = (PLSA_DB_OBJECT)RtlAllocateHeap(RtlGetProcessHeap(),
+                                               0,
+                                               sizeof(LSA_DB_OBJECT));
+    if (DbObject == NULL)
+    {
+        NtClose(ObjectKeyHandle);
+        return NULL;
+    }
+
+    DbObject->Signature = LSAP_DB_SIGNATURE;
+    DbObject->RefCount = 0;
+    DbObject->ObjectType = ObjectType;
+    DbObject->Access = DesiredAccess;
+    DbObject->KeyHandle = ObjectKeyHandle;
+    DbObject->ParentObject = ParentObject;
+
+    if (ParentObject != NULL)
+        ParentObject->RefCount++;
+
+    return (LSAPR_HANDLE)DbObject;
+}
+
+
+NTSTATUS
+LsapValidateDbObject(LSAPR_HANDLE Handle,
+                     LSA_DB_OBJECT_TYPE ObjectType,
+                     ACCESS_MASK GrantedAccess)
+{
+    PLSA_DB_OBJECT DbObject = (PLSA_DB_OBJECT)Handle;
+    BOOLEAN bValid = FALSE;
+
+    _SEH2_TRY
+    {
+        if (DbObject->Signature == LSAP_DB_SIGNATURE)
+        {
+            if ((ObjectType == LsaDbIgnoreObject) ||
+                (DbObject->ObjectType == ObjectType))
+                bValid = TRUE;
+        }
+    }
+    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+    {
+        bValid = FALSE;
+    }
+    _SEH2_END;
+
+    if (bValid == FALSE)
+        return STATUS_INVALID_HANDLE;
+
+    if (GrantedAccess != 0)
+    {
+        /* FIXME: Check for granted access rights */
+    }
+
+    return STATUS_SUCCESS;
+}
+
+
+NTSTATUS
+LsapCloseDbObject(LSAPR_HANDLE Handle)
+{
+    PLSA_DB_OBJECT DbObject = (PLSA_DB_OBJECT)Handle;
+
+    if (DbObject->RefCount != 0)
+        return STATUS_UNSUCCESSFUL;
+
+    if (DbObject->ParentObject != NULL)
+        DbObject->ParentObject->RefCount--;
+
+    if (DbObject->KeyHandle != NULL)
+        NtClose(DbObject->KeyHandle);
+
+    RtlFreeHeap(RtlGetProcessHeap(), 0, DbObject);
+
+    return STATUS_SUCCESS;
+}
+
+
+NTSTATUS
+LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject,
+                       LPWSTR AttributeName,
+                       LPVOID AttributeData,
+                       ULONG AttributeSize)
+{
+    OBJECT_ATTRIBUTES ObjectAttributes;
+    UNICODE_STRING KeyName;
+    HANDLE AttributeKey;
+    NTSTATUS Status;
+
+    RtlInitUnicodeString(&KeyName,
+                         AttributeName);
+
+    InitializeObjectAttributes(&ObjectAttributes,
+                               &KeyName,
+                               OBJ_CASE_INSENSITIVE,
+                               DbObject->KeyHandle,
+                               NULL);
+
+    Status = NtCreateKey(&AttributeKey,
+                         KEY_SET_VALUE,
+                         &ObjectAttributes,
+                         0,
+                         NULL,
+                         REG_OPTION_NON_VOLATILE,
+                         NULL);
+    if (!NT_SUCCESS(Status))
+    {
+
+        return Status;
+    }
+
+    Status = RtlpNtSetValueKey(AttributeKey,
+                               REG_NONE,
+                               AttributeData,
+                               AttributeSize);
+
+    NtClose(AttributeKey);
+
+    return Status;
+}
+
+
+NTSTATUS
+LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject,
+                       LPWSTR AttributeName,
+                       LPVOID AttributeData,
+                       PULONG AttributeSize)
+{
+    OBJECT_ATTRIBUTES ObjectAttributes;
+    UNICODE_STRING KeyName;
+    HANDLE AttributeKey;
+    ULONG ValueSize;
+    NTSTATUS Status;
+
+    RtlInitUnicodeString(&KeyName,
+                         AttributeName);
+
+    InitializeObjectAttributes(&ObjectAttributes,
+                               &KeyName,
+                               OBJ_CASE_INSENSITIVE,
+                               DbObject->KeyHandle,
+                               NULL);
+
+    Status = NtOpenKey(&AttributeKey,
+                       KEY_QUERY_VALUE,
+                       &ObjectAttributes);
+    if (!NT_SUCCESS(Status))
+    {
+        return Status;
+    }
+
+    ValueSize = *AttributeSize;
+    Status = RtlpNtQueryValueKey(AttributeKey,
+                                 NULL,
+                                 NULL,
+                                 &ValueSize,
+                                 0);
+    if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW)
+    {
+        goto Done;
+    }
+
+    if (AttributeData == NULL || *AttributeSize == 0)
+    {
+        *AttributeSize = ValueSize;
+        Status == STATUS_SUCCESS;
+        goto Done;
+    }
+    else if (*AttributeSize < ValueSize)
+    {
+        *AttributeSize = ValueSize;
+        Status == STATUS_BUFFER_OVERFLOW;
+        goto Done;
+    }
+
+    Status = RtlpNtQueryValueKey(AttributeKey,
+                                 NULL,
+                                 AttributeData,
+                                 &ValueSize,
+                                 0);
+    if (NT_SUCCESS(Status))
+    {
+        *AttributeSize = ValueSize;
+    }
+
+Done:
+    NtClose(AttributeKey);
+
+    return Status;
+}
+
+/* EOF */
+

Propchange: trunk/reactos/dll/win32/lsasrv/database.c
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: trunk/reactos/dll/win32/lsasrv/database.c
------------------------------------------------------------------------------
    svn:keywords = author date id revision

Modified: trunk/reactos/dll/win32/lsasrv/lsarpc.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsarpc.c?rev=53783&r1=53782&r2=53783&view=diff
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -11,22 +11,6 @@
 
 #include "lsasrv.h"
 
-typedef enum _LSA_DB_HANDLE_TYPE
-{
-    LsaDbIgnoreHandle,
-    LsaDbPolicyHandle,
-    LsaDbAccountHandle
-} LSA_DB_HANDLE_TYPE, *PLSA_DB_HANDLE_TYPE;
-
-typedef struct _LSA_DB_HANDLE
-{
-    ULONG Signature;
-    LSA_DB_HANDLE_TYPE HandleType;
-    LONG RefCount;
-    ACCESS_MASK Access;
-} LSA_DB_HANDLE, *PLSA_DB_HANDLE;
-
-#define LSAP_DB_SIGNATURE 0x12345678
 
 static RTL_CRITICAL_SECTION PolicyHandleTableLock;
 
@@ -34,68 +18,6 @@
 
 
 /* FUNCTIONS ***************************************************************/
-
-static LSAPR_HANDLE
-LsapCreateDbHandle(LSA_DB_HANDLE_TYPE HandleType,
-                   ACCESS_MASK DesiredAccess)
-{
-    PLSA_DB_HANDLE DbHandle;
-
-//    RtlEnterCriticalSection(&PolicyHandleTableLock);
-
-    DbHandle = (PLSA_DB_HANDLE)RtlAllocateHeap(RtlGetProcessHeap(),
-                                               0,
-                                               sizeof(LSA_DB_HANDLE));
-    if (DbHandle != NULL)
-    {
-        DbHandle->Signature = LSAP_DB_SIGNATURE;
-        DbHandle->RefCount = 1;
-        DbHandle->HandleType = HandleType;
-        DbHandle->Access = DesiredAccess;
-    }
-
-//    RtlLeaveCriticalSection(&PolicyHandleTableLock);
-
-    return (LSAPR_HANDLE)DbHandle;
-}
-
-
-static NTSTATUS
-LsapValidateDbHandle(LSAPR_HANDLE Handle,
-                     LSA_DB_HANDLE_TYPE HandleType,
-                     ACCESS_MASK GrantedAccess)
-{
-    PLSA_DB_HANDLE DbHandle = (PLSA_DB_HANDLE)Handle;
-    BOOL bValid = FALSE;
-
-    _SEH2_TRY
-    {
-        if (DbHandle->Signature == LSAP_DB_SIGNATURE)
-        {
-            if (HandleType == LsaDbIgnoreHandle)
-                bValid = TRUE;
-            else if (DbHandle->HandleType == HandleType)
-                bValid = TRUE;
-        }
-    }
-    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
-    {
-        bValid = FALSE;
-    }
-    _SEH2_END;
-
-    if (bValid == FALSE)
-        return STATUS_INVALID_HANDLE;
-
-    if (GrantedAccess != 0)
-    {
-        /* FIXME: Check for granted access rights */
-    }
-
-    return STATUS_SUCCESS;
-}
-
-
 
 
 VOID
@@ -153,13 +75,12 @@
 
 //    RtlEnterCriticalSection(&PolicyHandleTableLock);
 
-    Status = LsapValidateDbHandle(*ObjectHandle,
-                                  LsaDbIgnoreHandle,
+    Status = LsapValidateDbObject(*ObjectHandle,
+                                  LsaDbIgnoreObject,
                                   0);
-
     if (Status == STATUS_SUCCESS)
     {
-        RtlFreeHeap(RtlGetProcessHeap(), 0, *ObjectHandle);
+        Status = LsapCloseDbObject(*ObjectHandle);
         *ObjectHandle = NULL;
     }
 
@@ -239,7 +160,10 @@
 
     RtlEnterCriticalSection(&PolicyHandleTableLock);
 
-    *PolicyHandle = LsapCreateDbHandle(LsaDbPolicyHandle,
+    *PolicyHandle = LsapCreateDbObject(NULL,
+                                       L"Policy",
+                                       TRUE,
+                                       LsaDbPolicyObject,
                                        DesiredAccess);
     if (*PolicyHandle == NULL)
         Status = STATUS_INSUFFICIENT_RESOURCES;
@@ -268,8 +192,8 @@
         TRACE("*PolicyInformation %p\n", *PolicyInformation);
     }
 
-    Status = LsapValidateDbHandle(PolicyHandle,
-                                  LsaDbPolicyHandle,
+    Status = LsapValidateDbObject(PolicyHandle,
+                                  LsaDbPolicyObject,
                                   0); /* FIXME */
     if (!NT_SUCCESS(Status))
         return Status;
@@ -409,8 +333,53 @@
     POLICY_INFORMATION_CLASS InformationClass,
     PLSAPR_POLICY_INFORMATION PolicyInformation)
 {
-    UNIMPLEMENTED;
-    return STATUS_NOT_IMPLEMENTED;
+    NTSTATUS Status;
+
+    TRACE("LsarSetInformationPolicy(%p,0x%08x,%p)\n",
+          PolicyHandle, InformationClass, PolicyInformation);
+
+    if (PolicyInformation)
+    {
+        TRACE("*PolicyInformation %p\n", *PolicyInformation);
+    }
+
+    Status = LsapValidateDbObject(PolicyHandle,
+                                  LsaDbPolicyObject,
+                                  0); /* FIXME */
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    switch (InformationClass)
+    {
+        case PolicyAuditEventsInformation:
+            Status = STATUS_NOT_IMPLEMENTED;
+            break;
+
+        case PolicyPrimaryDomainInformation:
+            Status = LsarSetPrimaryDomain(PolicyHandle,
+                                          (PLSAPR_POLICY_PRIMARY_DOM_INFO)PolicyInformation);
+            break;
+
+        case PolicyAccountDomainInformation:
+            Status = LsarSetAccountDomain(PolicyHandle,
+                                          (PLSAPR_POLICY_ACCOUNT_DOM_INFO)PolicyInformation);
+            break;
+
+        case PolicyDnsDomainInformation:
+            Status = LsarSetDnsDomain(PolicyHandle,
+                                      (PLSAPR_POLICY_DNS_DOMAIN_INFO)PolicyInformation);
+            break;
+
+        case PolicyLsaServerRoleInformation:
+            Status = STATUS_NOT_IMPLEMENTED;
+            break;
+
+        default:
+            Status = STATUS_INVALID_PARAMETER;
+            break;
+    }
+
+    return Status;
 }
 
 
@@ -838,8 +807,8 @@
     TRACE("LsarLookupPrivilegeValue(%p, %wZ, %p)\n",
           PolicyHandle, Name, Value);
 
-    Status = LsapValidateDbHandle(PolicyHandle,
-                                  LsaDbPolicyHandle,
+    Status = LsapValidateDbObject(PolicyHandle,
+                                  LsaDbPolicyObject,
                                   0); /* FIXME */
     if (!NT_SUCCESS(Status))
     {
@@ -867,8 +836,8 @@
     TRACE("LsarLookupPrivilegeName(%p, %p, %p)\n",
           PolicyHandle, Value, Name);
 
-    Status = LsapValidateDbHandle(PolicyHandle,
-                                  LsaDbPolicyHandle,
+    Status = LsapValidateDbObject(PolicyHandle,
+                                  LsaDbPolicyObject,
                                   0); /* FIXME */
     if (!NT_SUCCESS(Status))
     {
@@ -926,8 +895,8 @@
 
     FIXME("(%p,%p,%p) stub\n", PolicyHandle, AccountSid, UserRights);
 
-    Status = LsapValidateDbHandle(PolicyHandle,
-                                  LsaDbPolicyHandle,
+    Status = LsapValidateDbObject(PolicyHandle,
+                                  LsaDbPolicyObject,
                                   0); /* FIXME */
     if (!NT_SUCCESS(Status))
         return Status;

Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.c?rev=53783&r1=53782&r2=53783&view=diff
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsasrv.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsasrv.c [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -25,6 +25,9 @@
 
     /* Initialize the well known SIDs */
     LsapInitSids();
+
+    /* Initialize the LSA database */
+    LsapInitDatabase();
 
     /* Start the RPC server */
     LsarStartRpcServer();

Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.h?rev=53783&r1=53782&r2=53783&view=diff
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsasrv.h [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsasrv.h [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -9,12 +9,16 @@
 
 #define WIN32_NO_STATUS
 #include <windows.h>
-#include <ntsecapi.h>
 #define NTOS_MODE_USER
+#include <ndk/cmfuncs.h>
 #include <ndk/lpctypes.h>
 #include <ndk/lpcfuncs.h>
+#include <ndk/obfuncs.h>
 #include <ndk/rtlfuncs.h>
 #include <ndk/setypes.h>
+
+
+#include <ntsecapi.h>
 
 #include <string.h>
 
@@ -24,11 +28,80 @@
 #include <wine/debug.h>
 
 
+typedef enum _LSA_DB_OBJECT_TYPE
+{
+    LsaDbIgnoreObject,
+    LsaDbContainerObject,
+    LsaDbPolicyObject,
+    LsaDbAccountObject,
+    LsaDbDomainObject,
+    LsaDbSecretObject
+} LSA_DB_OBJECT_TYPE, *PLSA_DB_OBJECT_TYPE;
+
+typedef struct _LSA_DB_OBJECT
+{
+    ULONG Signature;
+    LSA_DB_OBJECT_TYPE ObjectType;
+    ULONG RefCount;
+    ACCESS_MASK Access;
+    HANDLE KeyHandle;
+    struct _LSA_DB_OBJECT *ParentObject;
+} LSA_DB_OBJECT, *PLSA_DB_OBJECT;
+
+#define LSAP_DB_SIGNATURE 0x12345678
+
+
 /* authport.c */
-NTSTATUS StartAuthenticationPort(VOID);
+NTSTATUS
+StartAuthenticationPort(VOID);
+
+/* database.c */
+NTSTATUS
+LsapInitDatabase(VOID);
+
+LSAPR_HANDLE
+LsapCreateDbObject(LSAPR_HANDLE ParentHandle,
+                   LPWSTR ObjectName,
+                   BOOLEAN Open,
+                   LSA_DB_OBJECT_TYPE HandleType,
+                   ACCESS_MASK DesiredAccess);
+
+NTSTATUS
+LsapValidateDbObject(LSAPR_HANDLE Handle,
+                     LSA_DB_OBJECT_TYPE HandleType,
+                     ACCESS_MASK GrantedAccess);
+
+NTSTATUS
+LsapCloseDbObject(LSAPR_HANDLE Handle);
+
+NTSTATUS
+LsapGetObjectAttribute(PLSA_DB_OBJECT DbObject,
+                       LPWSTR AttributeName,
+                       LPVOID AttributeData,
+                       PULONG AttributeSize);
+
+NTSTATUS
+LsapSetObjectAttribute(PLSA_DB_OBJECT DbObject,
+                       LPWSTR AttributeName,
+                       LPVOID AttributeData,
+                       ULONG AttributeSize);
 
 /* lsarpc.c */
-VOID LsarStartRpcServer(VOID);
+VOID
+LsarStartRpcServer(VOID);
+
+/* policy.c */
+NTSTATUS
+LsarSetPrimaryDomain(LSAPR_HANDLE PolicyObject,
+                     PLSAPR_POLICY_PRIMARY_DOM_INFO Info);
+
+NTSTATUS
+LsarSetAccountDomain(LSAPR_HANDLE PolicyObject,
+                     PLSAPR_POLICY_ACCOUNT_DOM_INFO Info);
+
+NTSTATUS
+LsarSetDnsDomain(LSAPR_HANDLE PolicyObject,
+                 PLSAPR_POLICY_DNS_DOMAIN_INFO Info);
 
 /* privileges.c */
 NTSTATUS

Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.rbuild
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.rbuild?rev=53783&r1=53782&r2=53783&view=diff
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsasrv.rbuild [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsasrv.rbuild [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -9,8 +9,10 @@
 	<library>ntdll</library>
 	<library>pseh</library>
 	<file>authport.c</file>
+	<file>database.c</file>
 	<file>lsarpc.c</file>
 	<file>lsasrv.c</file>
+	<file>policy.c</file>
 	<file>privileges.c</file>
 	<file>sids.c</file>
 	<file>lsasrv.rc</file>

Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.spec
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.spec?rev=53783&r1=53782&r2=53783&view=diff
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsasrv.spec [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsasrv.spec [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -35,11 +35,13 @@
  @ stdcall LsarCreateAccount(ptr ptr long ptr)
  @ stdcall LsarCreateSecret(ptr ptr long ptr)
  @ stdcall LsarCreateTrustedDomain(ptr ptr long ptr)
+ @ stub LsarCreateTrustedDomainEx
  @ stdcall LsarDelete(ptr)
  @ stdcall LsarEnumerateAccounts(ptr ptr ptr long)
  @ stdcall LsarEnumeratePrivileges(ptr ptr ptr long)
  @ stdcall LsarEnumeratePrivilegesAccount(ptr ptr)
  @ stdcall LsarEnumerateTrustedDomains(ptr ptr ptr long)
+ @ stub LsarEnumerateTrustedDomainsEx
  @ stdcall LsarGetQuotasForAccount(ptr ptr)
  @ stdcall LsarGetSystemAccessAccount(ptr ptr)
  @ stdcall LsarLookupNames(ptr long ptr ptr ptr long ptr)
@@ -47,19 +49,29 @@
  @ stdcall LsarLookupPrivilegeName(ptr ptr ptr)
  @ stdcall LsarLookupPrivilegeValue(ptr ptr ptr)
  @ stdcall LsarLookupSids(ptr ptr ptr ptr long ptr)
+ @ stub LsarLookupSids2
  @ stdcall LsarOpenAccount(ptr ptr long ptr)
  @ stdcall LsarOpenPolicy(ptr ptr long ptr)
+ @ stub LsarOpenPolicySce
  @ stdcall LsarOpenSecret(ptr ptr long ptr)
  @ stdcall LsarOpenTrustedDomain(ptr ptr long ptr)
+ @ stub LsarOpenTrustedDomainByName
+ @ stub LsarQueryDomainInformationPolicy
+ @ stub LsarQueryForestTrustInformation
  @ stdcall LsarQueryInfoTrustedDomain(ptr long ptr)
  @ stdcall LsarQueryInformationPolicy(ptr long ptr)
  @ stdcall LsarQuerySecret(ptr ptr ptr ptr ptr)
  @ stdcall LsarQuerySecurityObject(ptr long ptr)
+ @ stub LsarQueryTrustedDomainInfo
+ @ stub LsarQueryTrustedDomainInfoByName
  @ stdcall LsarRemovePrivilegesFromAccount(ptr long ptr)
+ @ stub LsarSetDomainInformationPolicy
+ @ stub LsarSetForestTrustInformation
  @ stdcall LsarSetInformationPolicy(ptr long ptr)
  @ stdcall LsarSetInformationTrustedDomain(ptr long ptr)
  @ stdcall LsarSetQuotasForAccount(ptr ptr)
  @ stdcall LsarSetSecret(ptr ptr ptr)
  @ stdcall LsarSetSecurityObject(ptr long ptr)
  @ stdcall LsarSetSystemAccessAccount(ptr long)
+ @ stub LsarSetTrustedDomainInfoByName
  @ stdcall ServiceInit()

Added: trunk/reactos/dll/win32/lsasrv/policy.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/policy.c?rev=53783&view=auto
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/policy.c (added)
+++ trunk/reactos/dll/win32/lsasrv/policy.c [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -1,0 +1,118 @@
+/*
+ * PROJECT:     Local Security Authority Server DLL
+ * LICENSE:     GPL - See COPYING in the top level directory
+ * FILE:        dll/win32/lsasrv/policy.c
+ * PURPOSE:     Policy object routines
+ * COPYRIGHT:   Copyright 2011 Eric Kohl
+ */
+
+/* INCLUDES ****************************************************************/
+
+#include "lsasrv.h"
+
+WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
+
+
+/* FUNCTIONS ***************************************************************/
+
+NTSTATUS
+LsarSetPrimaryDomain(LSAPR_HANDLE PolicyHandle,
+                     PLSAPR_POLICY_PRIMARY_DOM_INFO Info)
+{
+    PUNICODE_STRING Buffer;
+    ULONG Length = 0;
+    NTSTATUS Status;
+    LPWSTR Ptr;
+
+    TRACE("LsarSetPrimaryDomain(%p, %p)\n", PolicyHandle, Info);
+
+    Length = sizeof(UNICODE_STRING) + Info->Name.MaximumLength;
+    Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
+                             0,
+                             Length);
+    if (Buffer == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    Buffer->Length = Info->Name.Length;
+    Buffer->MaximumLength = Info->Name.MaximumLength;
+    Buffer->Buffer = (LPWSTR)sizeof(UNICODE_STRING);
+    Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING));
+    memcpy(Ptr, Info->Name.Buffer, Info->Name.MaximumLength);
+
+    Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
+                                    L"PolPrDmN",
+                                    Buffer, Length);
+
+    RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
+
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    Length = 0;
+    if (Info->Sid != NULL)
+        Length = RtlLengthSid(Info->Sid);
+
+    Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
+                                    L"PolPrDmS",
+                                    (LPBYTE)Info->Sid,
+                                    Length);
+
+    return Status;
+}
+
+
+NTSTATUS
+LsarSetAccountDomain(LSAPR_HANDLE PolicyHandle,
+                     PLSAPR_POLICY_ACCOUNT_DOM_INFO Info)
+{
+    PUNICODE_STRING Buffer;
+    ULONG Length = 0;
+    NTSTATUS Status;
+    LPWSTR Ptr;
+
+    TRACE("LsarSetAccountDomain(%p, %p)\n", PolicyHandle, Info);
+
+    Length = sizeof(UNICODE_STRING) + Info->DomainName.MaximumLength;
+    Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
+                             0,
+                             Length);
+    if (Buffer == NULL)
+        return STATUS_INSUFFICIENT_RESOURCES;
+
+    Buffer->Length = Info->DomainName.Length;
+    Buffer->MaximumLength = Info->DomainName.MaximumLength;
+    Buffer->Buffer = (LPWSTR)sizeof(UNICODE_STRING);
+    Ptr = (LPWSTR)((ULONG_PTR)Buffer + sizeof(UNICODE_STRING));
+    memcpy(Ptr, Info->DomainName.Buffer, Info->DomainName.MaximumLength);
+
+    Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
+                                    L"PolAcDmN",
+                                    Buffer, Length);
+
+    RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
+
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    Length = 0;
+    if (Info->Sid != NULL)
+        Length = RtlLengthSid(Info->Sid);
+
+    Status = LsapSetObjectAttribute((PLSA_DB_OBJECT)PolicyHandle,
+                                    L"PolAcDmS",
+                                    (LPBYTE)Info->Sid,
+                                    Length);
+
+    return Status;
+}
+
+
+NTSTATUS
+LsarSetDnsDomain(LSAPR_HANDLE PolicyHandle,
+                 PLSAPR_POLICY_DNS_DOMAIN_INFO Info)
+{
+
+    return STATUS_NOT_IMPLEMENTED;
+}
+
+/* EOF */

Propchange: trunk/reactos/dll/win32/lsasrv/policy.c
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: trunk/reactos/dll/win32/lsasrv/policy.c
------------------------------------------------------------------------------
    svn:keywords = author date id revision

Modified: trunk/reactos/dll/win32/lsasrv/privileges.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/privileges.c?rev=53783&r1=53782&r2=53783&view=diff
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/privileges.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/privileges.c [iso-8859-1] Tue Sep 20 23:15:51 2011
@@ -111,8 +111,9 @@
     {
         if (_wcsicmp(Name->Buffer, WellKnownPrivileges[Priv].Name) == 0)
         {
-            Value->LowPart = WellKnownPrivileges[Priv].Luid.LowPart;
-            Value->HighPart = WellKnownPrivileges[Priv].Luid.HighPart;
+//            Value->LowPart = WellKnownPrivileges[Priv].Luid.LowPart;
+//            Value->HighPart = WellKnownPrivileges[Priv].Luid.HighPart;
+            *Value = WellKnownPrivileges[Priv].Luid;
             return STATUS_SUCCESS;
         }
     }




More information about the Ros-diffs mailing list