📄 ntlm.cxx
字号:
}
NtClose( hProcessToken );
}
}
if (!NT_SUCCESS (Status))
{
SspPrint((SSP_CRITICAL, "SpInitialize, could not acquire SYSTEM token %d\n", Status));
goto CleanUp;
}
//
// Init the Credential stuff
//
Status = SspCredentialInitialize();
if (!NT_SUCCESS (Status))
{
SspPrint((SSP_CRITICAL, "SpInitialize, Error from SspCredentialInitializeis %d\n", Status));
goto CleanUp;
}
NtLmCredentialInitialized = TRUE;
//
// Init the Context stuff
//
Status = SspContextInitialize();
if (!NT_SUCCESS (Status))
{
SspPrint((SSP_CRITICAL, "SpInitialize, Error from SspContextInitializeis %d\n", Status));
goto CleanUp;
}
NtLmContextInitialized = TRUE;
//
// Get the locale and check if it is FRANCE, which doesn't allow
// encryption
//
NtLmGlobalEncryptionEnabled = IsEncryptionPermitted();
//
// Init the random number generator stuff
//
if( !NtLmInitializeRNG() ) {
SspPrint((SSP_CRITICAL, "SpInitialize, Error from NtLmInitializeRNG\n"));
Status = STATUS_UNSUCCESSFUL;
goto CleanUp;
}
NtLmRNGInitialized = TRUE;
if( !NtLmInitializeProtectedMemory() ) {
SspPrint((SSP_CRITICAL, "SpInitialize, Error from NtLmInitializeProtectedMemory\n"));
Status = STATUS_UNSUCCESSFUL;
goto CleanUp;
}
NtLmCheckLmCompatibility();
NtLmQueryMappedDomains();
// Do the Init stuff for the MSV authentication package
// Passing FunctionTable as a (PLSA_DISPATCH_TABLE).
// Well, the first 11 entries are the same. Cheating a
// bit.
Status = LsaApInitializePackage(
(ULONG) PackageId,
(PLSA_DISPATCH_TABLE)FunctionTable,
NULL,
NULL,
NULL);
if (!NT_SUCCESS (Status))
{
SspPrint((SSP_CRITICAL, "SpInitialize, Error from LsaApInitializePackage is %d\n", Status));
goto CleanUp;
}
Status = NtLmRegisterForPolicyChange(PolicyNotifyDnsDomainInformation);
if (!NT_SUCCESS (Status))
{
SspPrint((SSP_CRITICAL, "SpInitialize, Error from NtLmRegisterForPolicyChange is %d\n", Status));
goto CleanUp;
}
CleanUp:
if (!NT_SUCCESS (Status))
{
SpShutdown();
}
SspPrint((SSP_API, "Leaving SpInitialize\n"));
return(SspNtStatusToSecStatus(Status, SEC_E_INTERNAL_ERROR));
}
//+--------------------------------------------------------------------
//
// Function: SpShutdown
//
// Synopsis: Exported function to shutdown the Security package.
//
// Effects: Forces the freeing of all credentials, contexts
// and frees all global data
//
// Arguments: none
//
// Returns:
//
// Notes: SEC_E_OK in all cases
// Most of the stuff was taken from SspCommonShutdown()
// from svcdlls\ntlmssp\common\initcomn.c
//
//
//---------------------------------------------------------------------
NTSTATUS NTAPI
SpShutdown(
VOID
)
{
SspPrint((SSP_API, "Entering SpShutdown\n"));
//
// comment out LSA mode cleanup code, per NTBUG 400026,
// which can result in access violations during shutdown when
// calls into package are still occuring during shutdown.
//
#if 0
if (NtLmContextInitialized)
{
SspContextTerminate();
NtLmContextInitialized = FALSE;
}
if (NtLmCredentialInitialized)
{
SspCredentialTerminate();
NtLmCredentialInitialized = FALSE;
}
if (NtLmGlobalOemComputerNameString.Buffer != NULL)
{
RtlFreeOemString(&NtLmGlobalOemComputerNameString);
NtLmGlobalOemComputerNameString.Buffer = NULL;
}
if (NtLmGlobalOemPrimaryDomainNameString.Buffer != NULL)
{
RtlFreeOemString(&NtLmGlobalOemPrimaryDomainNameString);
NtLmGlobalOemPrimaryDomainNameString.Buffer = NULL;
}
if (NtLmGlobalNtLm3TargetInfo.Buffer != NULL)
{
NtLmFree (NtLmGlobalNtLm3TargetInfo.Buffer);
NtLmGlobalNtLm3TargetInfo.Buffer = NULL;
}
if ( NtLmSecPkg.DomainName.Buffer != NULL )
{
NtLmFree (NtLmSecPkg.DomainName.Buffer);
}
if ( NtLmSecPkg.DnsDomainName.Buffer != NULL )
{
NtLmFree (NtLmSecPkg.DnsDomainName.Buffer);
}
if ( NtLmSecPkg.DomainSid != NULL )
{
NtLmFree (NtLmSecPkg.DomainSid);
}
if (NtLmGlobalLocalSystemSid != NULL)
{
FreeSid( NtLmGlobalLocalSystemSid);
NtLmGlobalLocalSystemSid = NULL;
}
if (NtLmGlobalAliasAdminsSid != NULL)
{
FreeSid( NtLmGlobalAliasAdminsSid);
NtLmGlobalAliasAdminsSid = NULL;
}
if (NtLmRNGInitialized)
{
NtLmCleanupRNG();
NtLmRNGInitialized = FALSE;
}
NtLmFreeMappedDomains();
NtLmUnregisterForPolicyChange(PolicyNotifyDnsDomainInformation);
if (NtLmGlobalAccessTokenSystem != NULL) {
NtClose( NtLmGlobalAccessTokenSystem );
NtLmGlobalAccessTokenSystem = NULL;
}
DeleteCriticalSection(&NtLmGlobalCritSect);
SspPrint((SSP_API, "Leaving SpShutdown\n"));
#if DBG
DeleteCriticalSection(&SspGlobalLogFileCritSect);
#endif
#endif // NTBUG 400026
NtLmCleanupProtectedMemory();
return(SEC_E_OK);
}
//+--------------------------------------------------------------------
//
// Function: SpGetInfo
//
// Synopsis: Returns information about the package
//
// Effects: returns pointers to global data
//
// Arguments: PackageInfo - Receives security package information
//
// Returns: SEC_E_OK in all cases
//
// Notes: Pointers to constants ok. Lsa will copy the data
// before sending it to someone else
//
//---------------------------------------------------------------------
NTSTATUS NTAPI
SpGetInfo(
OUT PSecPkgInfo PackageInfo
)
{
SspPrint((SSP_API, "Entering SpGetInfo\n"));
// BUGBUG Do we remove the PRIVACY flags if Encryption is not enabled?
PackageInfo->fCapabilities = NTLMSP_CAPS;
PackageInfo->wVersion = SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION;
PackageInfo->wRPCID = RPC_C_AUTHN_WINNT;
PackageInfo->cbMaxToken = NTLMSP_MAX_TOKEN_SIZE;
PackageInfo->Name = NTLMSP_NAME;
PackageInfo->Comment = NTLMSP_COMMENT;
SspPrint((SSP_API, "Leaving SpGetInfo\n"));
return(SEC_E_OK);
}
NTSTATUS
NTAPI
SpGetExtendedInformation(
IN SECPKG_EXTENDED_INFORMATION_CLASS Class,
OUT PSECPKG_EXTENDED_INFORMATION * ppInformation
)
{
return SEC_E_UNSUPPORTED_FUNCTION ;
}
NTSTATUS
NTAPI
SpSetExtendedInformation(
IN SECPKG_EXTENDED_INFORMATION_CLASS Class,
IN PSECPKG_EXTENDED_INFORMATION Info
)
{
NTSTATUS Status ;
switch ( Class )
{
case SecpkgMutualAuthLevel:
NtLmGlobalMutualAuthLevel = Info->Info.MutualAuthLevel.MutualAuthLevel ;
Status = SEC_E_OK ;
break;
default:
Status = SEC_E_UNSUPPORTED_FUNCTION ;
break;
}
return Status ;
}
VOID
NtLmCheckLmCompatibility(
)
/*++
Routine Description:
This routine checks to see if we should support the LM challenge
response protocol by looking in the registry under
system\currentcontrolset\Control\Lsa\LmCompatibilityLevel. The level
indicates whether to send the LM reponse by default and whether to
ever send the LM response
Arguments:
none.
Return Value:
None
--*/
{
NTSTATUS NtStatus;
UNICODE_STRING KeyName;
OBJECT_ATTRIBUTES ObjectAttributes;
HANDLE KeyHandle;
//
// initialize defaults
// Assume that LM is supported.
//
NtLmGlobalLmProtocolSupported = 0;
NtLmGlobalRequireNtlm2 = FALSE;
NtLmGlobalDatagramUse128BitEncryption = FALSE;
NtLmGlobalDatagramUse56BitEncryption = FALSE;
//
// Open the Lsa key in the registry
//
RtlInitUnicodeString(
&KeyName,
L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\Lsa"
);
InitializeObjectAttributes(
&ObjectAttributes,
&KeyName,
OBJ_CASE_INSENSITIVE,
0,
NULL
);
NtStatus = NtOpenKey(
&KeyHandle,
KEY_READ,
&ObjectAttributes
);
if (!NT_SUCCESS(NtStatus)) {
return;
}
//
// save away registry key so we can use it for notification events.
//
NtLmGlobalLsaKey = (HKEY)KeyHandle;
// now open the MSV1_0 subkey...
RtlInitUnicodeString(
&KeyName,
L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\Lsa\\Msv1_0"
);
InitializeObjectAttributes(
&ObjectAttributes,
&KeyName,
OBJ_CASE_INSENSITIVE,
0,
NULL
);
NtStatus = NtOpenKey(
&KeyHandle,
KEY_READ,
&ObjectAttributes
);
if (!NT_SUCCESS(NtStatus)) {
return;
}
//
// save away registry key so we can use it for notification events.
//
NtLmGlobalLsaMsv1_0Key = (HKEY)KeyHandle;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -