internal static extern NtStatus LsaLogonUser(
SafeLsaLogonHandle LsaHandle,
LsaString OriginName,
SecurityLogonType LogonType,
uint AuthenticationPackage,
SafeBuffer AuthenticationInformation,
int AuthenticationInformationLength,
SafeTokenGroupsBuffer LocalGroups,
TOKEN_SOURCE SourceContext,
out SafeLsaReturnBufferHandle ProfileBuffer,
out int ProfileBufferLength,
out Luid LogonId,
out SafeKernelObjectHandle Token,
QUOTA_LIMITS Quotas,
out NtStatus SubStatus
);
private static NtResult <KerberosTicketCacheInfo[]> QueryTicketCacheList(SafeLsaLogonHandle handle, Luid logon_id, bool throw_on_error)
{
var package = handle.LookupAuthPackage(AuthenticationPackage.KERBEROS_NAME, throw_on_error);
if (!package.IsSuccess)
{
return(package.Cast <KerberosTicketCacheInfo[]>());
}
var request_struct = new KERB_QUERY_TKT_CACHE_REQUEST()
{
LogonId = logon_id,
MessageType = KERB_PROTOCOL_MESSAGE_TYPE.KerbQueryTicketCacheMessage
};
using (var request = request_struct.ToBuffer())
{
using (var result = handle.CallPackage(package.Result, request, throw_on_error))
{
if (!result.IsSuccess)
{
return(result.Cast <KerberosTicketCacheInfo[]>());
}
if (!result.Result.Status.IsSuccess())
{
return(result.Result.Status.CreateResultFromError <KerberosTicketCacheInfo[]>(throw_on_error));
}
var response = result.Result.Buffer.Read <KERB_QUERY_TKT_CACHE_RESPONSE_HEADER>(0);
if (response.CountOfTickets == 0)
{
return(new KerberosTicketCacheInfo[0].CreateResult());
}
var buffer = BufferUtils.GetStructAtOffset <KERB_QUERY_TKT_CACHE_RESPONSE>(result.Result.Buffer, 0);
KERB_TICKET_CACHE_INFO[] infos = new KERB_TICKET_CACHE_INFO[response.CountOfTickets];
buffer.Data.ReadArray(0, infos, 0, response.CountOfTickets);
return(infos.Select(i => new KerberosTicketCacheInfo(i)).ToArray().CreateResult());
}
}
}
private static NtResult <SafeLsaReturnBufferHandle> QueryCachedTicket(SafeLsaLogonHandle handle, uint auth_package, string target_name, KERB_RETRIEVE_TICKET_FLAGS flags,
Luid logon_id, SecHandle sec_handle, bool throw_on_error)
{
int string_length = (target_name.Length) * 2;
int max_string_length = string_length + 2;
using (var request = new SafeStructureInOutBuffer <KERB_RETRIEVE_TKT_REQUEST>(max_string_length, true))
{
request.Data.WriteUnicodeString(target_name + '\0');
var request_str = new KERB_RETRIEVE_TKT_REQUEST()
{
CacheOptions = flags,
CredentialsHandle = sec_handle,
LogonId = logon_id,
MessageType = KERB_PROTOCOL_MESSAGE_TYPE.KerbRetrieveEncodedTicketMessage,
TargetName = new UnicodeStringOut()
{
Length = (ushort)string_length,
MaximumLength = (ushort)max_string_length,
Buffer = request.Data.DangerousGetHandle()
}
};
request.Result = request_str;
using (var result = handle.CallPackage(auth_package, request, throw_on_error))
{
if (!result.IsSuccess)
{
return(result.Cast <SafeLsaReturnBufferHandle>());
}
if (!result.Result.Status.IsSuccess())
{
return(result.Result.Status.CreateResultFromError <SafeLsaReturnBufferHandle>(throw_on_error));
}
return(result.Result.Buffer.Detach().CreateResult());
}
}
}
private static NtResult <NtToken> LsaLogonUser(SecurityLogonType type, string auth_package, string origin_name,
SafeBuffer buffer, IEnumerable <UserGroup> local_groups, bool throw_on_error)
{
using (var list = new DisposableList())
{
var hlsa = list.AddResource(SafeLsaLogonHandle.Connect(throw_on_error));
if (!hlsa.IsSuccess)
{
return(hlsa.Cast <NtToken>());
}
var auth_pkg = hlsa.Result.LookupAuthPackage(auth_package, throw_on_error);
if (!auth_pkg.IsSuccess)
{
return(auth_pkg.Cast <NtToken>());
}
var groups = local_groups == null ? SafeTokenGroupsBuffer.Null
: list.AddResource(SafeTokenGroupsBuffer.Create(local_groups));
TOKEN_SOURCE tokenSource = new TOKEN_SOURCE("NT.NET");
SecurityNativeMethods.AllocateLocallyUniqueId(out tokenSource.SourceIdentifier);
QUOTA_LIMITS quota_limits = new QUOTA_LIMITS();
return(SecurityNativeMethods.LsaLogonUser(hlsa.Result, new LsaString(origin_name),
type, auth_pkg.Result, buffer, buffer.GetLength(), groups,
tokenSource, out SafeLsaReturnBufferHandle profile,
out int cbProfile, out Luid logon_id, out SafeKernelObjectHandle token_handle,
quota_limits, out NtStatus subStatus).CreateResult(throw_on_error, () =>
{
using (profile)
{
return NtToken.FromHandle(token_handle);
}
}));
}
}
private static NtResult <KerberosExternalTicket> QueryCachedTicket(SafeLsaLogonHandle handle, string target_name, KERB_RETRIEVE_TICKET_FLAGS flags,
Luid logon_id, SecHandle sec_handle, bool throw_on_error)
{
var package = handle.LookupAuthPackage(AuthenticationPackage.KERBEROS_NAME, throw_on_error);
if (!package.IsSuccess)
{
return(package.Cast <KerberosExternalTicket>());
}
using (var buffer = QueryCachedTicket(handle, package.Result, target_name, flags, logon_id, sec_handle, throw_on_error)) {
if (!buffer.IsSuccess)
{
return(buffer.Cast <KerberosExternalTicket>());
}
KERB_EXTERNAL_TICKET ticket = buffer.Result.Read <KERB_EXTERNAL_TICKET>(0);
if (!KerberosExternalTicket.TryParse(ticket, out KerberosExternalTicket ret))
{
return(NtStatus.STATUS_INVALID_PARAMETER.CreateResultFromError <KerberosExternalTicket>(throw_on_error));
}
return(ret.CreateResult());
}
}
internal static extern NtStatus LsaLookupAuthenticationPackage(SafeLsaLogonHandle LsaHandle, LsaString PackageName, out uint AuthenticationPackage);
internal static extern NtStatus LsaRegisterLogonProcess(
LsaString LogonProcessName,
out SafeLsaLogonHandle LsaHandle,
out uint SecurityMode // PLSA_OPERATIONAL_MODE
);
internal static extern NtStatus LsaConnectUntrusted(out SafeLsaLogonHandle handle);
/// <summary>
/// Connect to LSA and register as a logon process.
/// </summary>
/// <param name="process_name">The arbitrary name of the process.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The LSA logon handle.</returns>
public static NtResult <LsaLogonHandle> RegisterLogonProcess(string process_name, bool throw_on_error)
{
return(SafeLsaLogonHandle.RegisterLogonProcess(process_name, throw_on_error).Map(h => new LsaLogonHandle(h)));
}
/// <summary>
/// Connect to the LSA untrusted.
/// </summary>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The LSA logon handle.</returns>
public static NtResult <LsaLogonHandle> ConnectUntrusted(bool throw_on_error)
{
return(SafeLsaLogonHandle.ConnectUntrusted(throw_on_error).Map(h => new LsaLogonHandle(h)));
}
private LsaLogonHandle(SafeLsaLogonHandle handle)
{
_handle = handle;
}
