[PATCH v2 0/2] MR907: secur32: Implement basic functionality for LsaGetLogonSessionData.
This basic implementation is sufficient to fix .NET applications that use System.Security.Principal.WindowsIdentity.AuthenticationType.
-- v2: secur32: Implement basic functionality for LsaGetLogonSessionData.
From: Owen Rudge orudge@codeweavers.com
--- dlls/secur32/tests/Makefile.in | 1 + dlls/secur32/tests/lsa.c | 68 ++++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+) create mode 100644 dlls/secur32/tests/lsa.c
diff --git a/dlls/secur32/tests/Makefile.in b/dlls/secur32/tests/Makefile.in index 089d1c3117b..d9f140a5069 100644 --- a/dlls/secur32/tests/Makefile.in +++ b/dlls/secur32/tests/Makefile.in @@ -2,6 +2,7 @@ TESTDLL = secur32.dll IMPORTS = secur32 crypt32 advapi32 ws2_32
C_SRCS = \ + lsa.c \ main.c \ negotiate.c \ ntlm.c \ diff --git a/dlls/secur32/tests/lsa.c b/dlls/secur32/tests/lsa.c new file mode 100644 index 00000000000..3c3203c9fb6 --- /dev/null +++ b/dlls/secur32/tests/lsa.c @@ -0,0 +1,68 @@ +/* + * LSA tests + * + * Copyright 2022 Owen Rudge for CodeWeavers + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include <stdio.h> +#include <stdarg.h> +#include <windef.h> +#define SECURITY_WIN32 +#include <ntsecapi.h> + +#include "wine/test.h" + +static void test_get_logon_session_data(void) +{ + SECURITY_LOGON_SESSION_DATA *data = NULL; + TOKEN_STATISTICS ts; + HANDLE thread_hdl; + NTSTATUS status; + DWORD ret_len; + BOOL ret; + + ret = OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &thread_hdl); + ok(ret, "got %ld\n", GetLastError()); + + if (!ret) return; + + ret_len = sizeof(TOKEN_STATISTICS); + ret = GetTokenInformation(thread_hdl, TokenStatistics, &ts, sizeof(TOKEN_STATISTICS), &ret_len); + ok(ret, "got %ld\n", GetLastError()); + + if (!ret) goto cleanup; + + status = LsaGetLogonSessionData(&ts.AuthenticationId, &data); + todo_wine ok(!status, "got %08lx\n", status); + + if (status) goto cleanup; + + ok(data->Size >= sizeof(SECURITY_LOGON_SESSION_DATA), "Size == %ld\n", data->Size); + ok(!memcmp(&data->LogonId, &ts.AuthenticationId, sizeof(LUID)), "LogonId mismatch\n"); + + /* We can't easily verify the content of the various logon parameters, so just ensure data is present */ + ok(data->AuthenticationPackage.Length > 0, "AuthenticationPackage missing\n"); + +cleanup: + CloseHandle(thread_hdl); + if (data != NULL) LsaFreeReturnBuffer(data); +} + +START_TEST(lsa) +{ + test_get_logon_session_data(); +}
From: Owen Rudge orudge@codeweavers.com
--- dlls/secur32/lsa.c | 29 ++++++++++++++++++++++++++--- dlls/secur32/tests/lsa.c | 2 +- 2 files changed, 27 insertions(+), 4 deletions(-)
diff --git a/dlls/secur32/lsa.c b/dlls/secur32/lsa.c index 9368d3728e4..06372658527 100644 --- a/dlls/secur32/lsa.c +++ b/dlls/secur32/lsa.c @@ -43,6 +43,8 @@ WINE_DEFAULT_DEBUG_CHANNEL(secur32); #define LSA_MAGIC_CREDENTIALS ('L' << 24 | 'S' << 16 | 'A' << 8 | '1') #define LSA_MAGIC_CONTEXT ('L' << 24 | 'S' << 16 | 'A' << 8 | '2')
+static const WCHAR *default_authentication_package = L"Negotiate"; + struct lsa_package { ULONG package_id; @@ -157,9 +159,30 @@ NTSTATUS WINAPI LsaFreeReturnBuffer(PVOID buffer) NTSTATUS WINAPI LsaGetLogonSessionData(PLUID LogonId, PSECURITY_LOGON_SESSION_DATA* ppLogonSessionData) { - FIXME("%p %p stub\n", LogonId, ppLogonSessionData); - *ppLogonSessionData = NULL; - return STATUS_NOT_IMPLEMENTED; + SECURITY_LOGON_SESSION_DATA *data; + int authpkg_len; + WCHAR *end; + + FIXME("%p %p semi-stub\n", LogonId, ppLogonSessionData); + + authpkg_len = wcslen(default_authentication_package) * sizeof(WCHAR); + + data = malloc(sizeof(SECURITY_LOGON_SESSION_DATA) + authpkg_len + sizeof(WCHAR)); + memset(data, 0, sizeof(SECURITY_LOGON_SESSION_DATA) + authpkg_len + sizeof(WCHAR)); + + data->Size = sizeof(SECURITY_LOGON_SESSION_DATA); + memcpy(&data->LogonId, LogonId, sizeof(LUID)); + + end = (WCHAR *)(data + sizeof(SECURITY_LOGON_SESSION_DATA)); + wcscpy(end, default_authentication_package); + + data->AuthenticationPackage.Length = authpkg_len; + data->AuthenticationPackage.MaximumLength = authpkg_len + sizeof(WCHAR); + data->AuthenticationPackage.Buffer = end; + + *ppLogonSessionData = data; + + return STATUS_SUCCESS; }
NTSTATUS WINAPI LsaLogonUser(HANDLE LsaHandle, PLSA_STRING OriginName, diff --git a/dlls/secur32/tests/lsa.c b/dlls/secur32/tests/lsa.c index 3c3203c9fb6..9a675168429 100644 --- a/dlls/secur32/tests/lsa.c +++ b/dlls/secur32/tests/lsa.c @@ -47,7 +47,7 @@ static void test_get_logon_session_data(void) if (!ret) goto cleanup;
status = LsaGetLogonSessionData(&ts.AuthenticationId, &data); - todo_wine ok(!status, "got %08lx\n", status); + ok(!status, "got %08lx\n", status);
if (status) goto cleanup;
On Wed Sep 21 13:47:30 2022 +0000, **** wrote:
Marvin replied on the mailing list:
Hi, It looks like your patch introduced the new failures shown below. Please investigate and fix them before resubmitting your patch. If they are not new, fixing them anyway would help a lot. Otherwise please ask for the known failures list to be updated. The tests also ran into some preexisting test failures. If you know how to fix them that would be helpful. See the TestBot job for the details: The full results can be found at: https://testbot.winehq.org/JobDetails.pl?Key=123894 Your paranoid android. === w1064v1507 (testbot log) === WineRunTask.pl:error: The previous 1 run(s) terminated abnormally
Failures appear to be in the schannel tests which shouldn't be affected by my patches.
Huw Davies (@huw) commented about dlls/secur32/lsa.c:
NTSTATUS WINAPI LsaGetLogonSessionData(PLUID LogonId, PSECURITY_LOGON_SESSION_DATA* ppLogonSessionData) {
- FIXME("%p %p stub\n", LogonId, ppLogonSessionData);
- *ppLogonSessionData = NULL;
- return STATUS_NOT_IMPLEMENTED;
- SECURITY_LOGON_SESSION_DATA *data;
- int authpkg_len;
- WCHAR *end;
- FIXME("%p %p semi-stub\n", LogonId, ppLogonSessionData);
- authpkg_len = wcslen(default_authentication_package) * sizeof(WCHAR);
- data = malloc(sizeof(SECURITY_LOGON_SESSION_DATA) + authpkg_len + sizeof(WCHAR));
- memset(data, 0, sizeof(SECURITY_LOGON_SESSION_DATA) + authpkg_len + sizeof(WCHAR));
```c calloc(1, <size>); ``` is your friend.
Huw Davies (@huw) commented about dlls/secur32/lsa.c:
- FIXME("%p %p stub\n", LogonId, ppLogonSessionData);
- *ppLogonSessionData = NULL;
- return STATUS_NOT_IMPLEMENTED;
- SECURITY_LOGON_SESSION_DATA *data;
- int authpkg_len;
- WCHAR *end;
- FIXME("%p %p semi-stub\n", LogonId, ppLogonSessionData);
- authpkg_len = wcslen(default_authentication_package) * sizeof(WCHAR);
- data = malloc(sizeof(SECURITY_LOGON_SESSION_DATA) + authpkg_len + sizeof(WCHAR));
- memset(data, 0, sizeof(SECURITY_LOGON_SESSION_DATA) + authpkg_len + sizeof(WCHAR));
- data->Size = sizeof(SECURITY_LOGON_SESSION_DATA);
- memcpy(&data->LogonId, LogonId, sizeof(LUID));
```c data->LogonId = *LogonId; ``` would be simpler.
Huw Davies (@huw) commented about dlls/secur32/lsa.c:
- return STATUS_NOT_IMPLEMENTED;
- SECURITY_LOGON_SESSION_DATA *data;
- int authpkg_len;
- WCHAR *end;
- FIXME("%p %p semi-stub\n", LogonId, ppLogonSessionData);
- authpkg_len = wcslen(default_authentication_package) * sizeof(WCHAR);
- data = malloc(sizeof(SECURITY_LOGON_SESSION_DATA) + authpkg_len + sizeof(WCHAR));
- memset(data, 0, sizeof(SECURITY_LOGON_SESSION_DATA) + authpkg_len + sizeof(WCHAR));
- data->Size = sizeof(SECURITY_LOGON_SESSION_DATA);
- memcpy(&data->LogonId, LogonId, sizeof(LUID));
- end = (WCHAR *)(data + sizeof(SECURITY_LOGON_SESSION_DATA));
```suggestion:-0+0 end = (WCHAR *)(data + 1); ```
-
Huw Davies (@huw) -
Owen Rudge
-
Owen Rudge (@orudge)