|
|
//+---------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1992 - 1997.
//
// File: mgroup.c
//
// Contents: LSA Mode Context API
//
// Classes:
//
// Functions:
//
// History: 2-24-97 RichardW Created
//
//----------------------------------------------------------------------------
#include "xtcbpkg.h"
#include <cryptdll.h>
LIST_ENTRY MachineGroupList ;CRITICAL_SECTION MachineGroupLock ;WCHAR MachineLocalName[ MAX_PATH ];
#define LOOPBACK_KEY L"Loopback"
#define GROUPKEY_VALUE L"$$GroupKey"
PXTCB_MACHINE_GROUP_ENTRYMGpCreateGroupEntry( PWSTR MachineName, PUCHAR Key ){ PXTCB_MACHINE_GROUP_ENTRY Entry ; ULONG Length ;
Length = wcslen( MachineName ) + 1; Entry = LocalAlloc( LMEM_FIXED, sizeof( XTCB_MACHINE_GROUP_ENTRY ) + (Length * sizeof(WCHAR) ) );
if ( Entry ) { Entry->MachineName = (PWSTR) (Entry + 1); CopyMemory( Entry->UniqueKey, Key, SEED_KEY_SIZE );
CopyMemory( Entry->MachineName, MachineName, Length * sizeof(WCHAR) );
if ( _wcsicmp( MachineName, MachineLocalName ) == 0 ) { Entry->Flags = MGROUP_ENTRY_SELF ; } else { Entry->Flags = 0; }
}
return Entry ; }
VOIDMGpFreeGroup( PXTCB_MACHINE_GROUP Group ){ ULONG i ;
for ( i = 0 ; i < Group->Count ; i++ ) { LocalFree( Group->GroupList[ i ] ); }
LocalFree( Group );}
PXTCB_MACHINE_GROUPMGpCreateMachineGroup( HKEY Root, PWSTR KeyName ){ ULONG Count ; ULONG Size ; ULONG Type ; UCHAR Key[ SEED_KEY_SIZE ]; PWSTR Name ; ULONG MaxName ; ULONG NameSize ; ULONG Index ; PXTCB_MACHINE_GROUP Group ; int err ;
err = RegQueryInfoKey( Root, NULL, NULL, NULL, NULL, NULL, NULL, &Count, &MaxName, NULL, NULL, NULL );
if ( err ) { return NULL ; }
MaxName++;
Name = LocalAlloc( LMEM_FIXED, (MaxName) * sizeof( WCHAR ) );
if ( !Name ) { return NULL ; }
Group = LocalAlloc( LMEM_FIXED, sizeof( XTCB_MACHINE_GROUP ) + ( Count ) * sizeof( PXTCB_MACHINE_GROUP_ENTRY ) + ( wcslen( KeyName ) + 1 ) * sizeof( WCHAR ) );
if ( !Group ) { LocalFree( Name ); return NULL ; }
//
// We've got all the base structures. Let's load it in:
//
Group->List.Flink = NULL ; Group->List.Blink = NULL ; Group->Count = 0 ; Group->GroupList = (PXTCB_MACHINE_GROUP_ENTRY *) (Group + 1); Group->Group.Buffer = (PWSTR) ((PUCHAR) Group->GroupList + (Count * sizeof( PXTCB_MACHINE_GROUP_ENTRY ) ) );
wcscpy( Group->Group.Buffer, KeyName ); Group->Group.Length = wcslen( Group->Group.Buffer ) * sizeof( WCHAR ); Group->Group.MaximumLength = Group->Group.Length + sizeof( WCHAR );
for ( Index = 0 ; Index < Count ; Index++ ) { NameSize = MaxName ; Size = SEED_KEY_SIZE ;
err = RegEnumValue( Root, Index, Name, &NameSize, NULL, &Type, Key, &Size );
if ( (err == 0) && (Type == REG_BINARY) ) { if ( _wcsicmp( Name, GROUPKEY_VALUE ) == 0 ) { CopyMemory( Group->SeedKey, Key, Size );
continue; }
Group->GroupList[ Group->Count ] = MGpCreateGroupEntry( Name, Key ); if ( Group->GroupList[ Group->Count ] ) { Group->Count++ ; } }
}
LocalFree( Name );
if ( Group->Count == 0 ) { DebugLog(( DEB_ERROR, "No machines found in group %ws\n", KeyName )); LocalFree( Group ); Group = NULL ; }
if ( Group ) { for ( Index = 0 ; Index < Group->Count ; Index++ ) { if ( Group->GroupList[ Index ]->Flags & MGROUP_ENTRY_SELF ) { break; } }
if ( Index == Group->Count ) { DebugLog(( DEB_ERROR, "No entry for self found in group %ws\n", KeyName )); MGpFreeGroup( Group ); Group = NULL ; } }
return Group ;}
VOIDMGpCreateLoopback( HKEY RootKey ){ int err ; DWORD Disp ; HKEY LoopbackKey ; UCHAR Random1[ XTCB_SEED_LENGTH ]; UCHAR Random2[ XTCB_SEED_LENGTH ];
err = RegCreateKeyEx( RootKey, LOOPBACK_KEY, 0, NULL, REG_OPTION_VOLATILE, KEY_READ | KEY_WRITE, NULL, &LoopbackKey, &Disp );
if ( err == 0 ) { if ( Disp == REG_OPENED_EXISTING_KEY ) { RegCloseKey( LoopbackKey ); return; }
CDGenerateRandomBits( Random1, XTCB_SEED_LENGTH ); CDGenerateRandomBits( Random2, XTCB_SEED_LENGTH );
(VOID) RegSetValueEx( LoopbackKey, GROUPKEY_VALUE, 0, REG_BINARY, Random2, XTCB_SEED_LENGTH );
(VOID) RegSetValueEx( LoopbackKey, L"LocalHost", 0, REG_BINARY, Random1, XTCB_SEED_LENGTH );
(VOID) RegSetValueEx( LoopbackKey, XtcbUnicodeDnsName.Buffer, 0, REG_BINARY, Random1, XTCB_SEED_LENGTH );
//
// Enumerate and stick aliases for this machine in the key here.
//
RegCloseKey( LoopbackKey ); }}
BOOLMGpLoadGroups( VOID ){ HKEY RootKey = NULL ; HKEY Enum ; int err ; DWORD Index ; DWORD Disp ; PXTCB_MACHINE_GROUP Group ; DWORD MaxLen ; PWSTR KeyName = NULL ; WCHAR Buffer[ 32 ]; DWORD Len ; BOOL Success = FALSE ; ULONG KeyCount ;
err = RegCreateKeyEx( HKEY_LOCAL_MACHINE, L"System\\CurrentControlSet\\Control\\LSA\\XTCB\\Groups", 0, NULL, REG_OPTION_NON_VOLATILE, KEY_READ | KEY_WRITE, NULL, &RootKey, &Disp );
if ( err ) { return FALSE ; }
MGpCreateLoopback( RootKey );
err = RegQueryInfoKey( RootKey, NULL, NULL, NULL, &KeyCount, &MaxLen, NULL, NULL, NULL, NULL, NULL, NULL );
if ( err ) { goto Cleanup ;
}
DebugLog(( DEB_TRACE, "Found %d groups\n", KeyCount ));
if ( MaxLen < 32 ) { KeyName = Buffer ; MaxLen = 32 ; } else { KeyName = LocalAlloc( LMEM_FIXED, (MaxLen + 1) * sizeof( WCHAR ) );
if ( KeyName == NULL ) { goto Cleanup ; } }
Index = 0 ;
while ( Index < KeyCount ) {
Len = MaxLen ; err = RegEnumKeyEx( RootKey, Index, KeyName, &Len, NULL, NULL, NULL, NULL );
if ( err ) { Index++ ; continue; }
err = RegOpenKeyEx( RootKey, KeyName, REG_OPTION_NON_VOLATILE, KEY_READ, &Enum );
if ( err ) { err = RegOpenKeyEx( RootKey, KeyName, REG_OPTION_VOLATILE, KEY_READ, &Enum ); }
if ( err == 0 ) { DebugLog(( DEB_TRACE, "Processing group %d:%ws\n", Index, KeyName ));
Group = MGpCreateMachineGroup( Enum, KeyName );
RegCloseKey( Enum );
if ( Group ) { InsertTailList( &MachineGroupList, &Group->List ); } } else { DebugLog(( DEB_TRACE, "Unable to open key %ws\n", KeyName )); }
Index++ ;
} Success = TRUE ;
Cleanup: if ( RootKey ) { RegCloseKey( RootKey ); }
if ( KeyName ) { if ( KeyName != Buffer ) { LocalFree( KeyName ); } }
return Success ;
}
BOOLMGroupReload( VOID ){ PLIST_ENTRY List ; PXTCB_MACHINE_GROUP Group ; BOOL Success ; DWORD Size = MAX_PATH ;
EnterCriticalSection( &MachineGroupLock );
while ( !IsListEmpty( &MachineGroupList ) ) { List = RemoveHeadList( &MachineGroupList );
Group = CONTAINING_RECORD( List, XTCB_MACHINE_GROUP, List );
MGpFreeGroup( Group ); }
GetComputerNameEx( ComputerNamePhysicalDnsFullyQualified, MachineLocalName, &Size );
Success = MGpLoadGroups();
LeaveCriticalSection( &MachineGroupLock );
return Success ;
}
BOOLMGroupInitialize( VOID ){ BOOL Success = TRUE ; try {
InitializeCriticalSection( &MachineGroupLock ); } except ( EXCEPTION_EXECUTE_HANDLER ) { Success = FALSE ; }
InitializeListHead( &MachineGroupList );
if ( Success ) { Success = MGroupReload(); }
return Success ;}
BOOLMGroupLocateInboundKey( IN PSECURITY_STRING GroupName, IN PSECURITY_STRING Origin, OUT PUCHAR TargetKey, OUT PUCHAR GroupKey, OUT PUCHAR MyKey ){ PLIST_ENTRY Scan ; PXTCB_MACHINE_GROUP Group ; PXTCB_MACHINE_GROUP_ENTRY Entry ; PXTCB_MACHINE_GROUP_ENTRY Self = NULL ; ULONG i ; BOOL Success = FALSE ;
EnterCriticalSection( &MachineGroupLock );
Scan = MachineGroupList.Flink ;
while ( Scan != &MachineGroupList ) { Group = CONTAINING_RECORD( Scan, XTCB_MACHINE_GROUP, List );
if ( RtlEqualUnicodeString( GroupName, &Group->Group, TRUE ) ) { for ( i = 0 ; i < Group->Count ; i++ ) { Entry = Group->GroupList[ i ]; if ( Entry->Flags & MGROUP_ENTRY_SELF ) { Self = Entry ; } if ( _wcsicmp( Origin->Buffer, Entry->MachineName ) == 0 ) { //
// We have a hit:
//
Success = TRUE ; CopyMemory( TargetKey, Entry->UniqueKey, SEED_KEY_SIZE ); CopyMemory( GroupKey, Group->SeedKey, SEED_KEY_SIZE ); break; } }
}
if ( Success ) { break; }
Scan = Scan->Flink ; Self = NULL ;
}
if ( Success && ( Self == NULL ) ) { //
// Continue through the group, looking for the
// self entry
//
for ( ; i < Group->Count ; i++ ) { if ( Group->GroupList[ i ]->Flags & MGROUP_ENTRY_SELF ) { Self = Group->GroupList[ i ]; break; } } }
if ( Success ) { CopyMemory( MyKey, Self->UniqueKey, SEED_KEY_SIZE ); }
LeaveCriticalSection( &MachineGroupLock );
return Success ;
}
BOOLMGroupLocateKeys( IN PWSTR Target, OUT PSECURITY_STRING * GroupName, OUT PUCHAR TargetKey, OUT PUCHAR GroupKey, OUT PUCHAR MyKey ){ PLIST_ENTRY Scan ; PXTCB_MACHINE_GROUP Group ; PXTCB_MACHINE_GROUP_ENTRY Entry ; PXTCB_MACHINE_GROUP_ENTRY Self = NULL ; ULONG i ; BOOL Success = FALSE ;
EnterCriticalSection( &MachineGroupLock );
Scan = MachineGroupList.Flink ;
while ( Scan != &MachineGroupList ) { Group = CONTAINING_RECORD( Scan, XTCB_MACHINE_GROUP, List );
for ( i = 0 ; i < Group->Count ; i++ ) { Entry = Group->GroupList[ i ]; if ( Entry->Flags & MGROUP_ENTRY_SELF ) { Self = Entry ; } if ( _wcsicmp( Target, Entry->MachineName ) == 0 ) { //
// We have a hit:
//
Success = TRUE ; CopyMemory( TargetKey, Entry->UniqueKey, SEED_KEY_SIZE ); CopyMemory( GroupKey, Group->SeedKey, SEED_KEY_SIZE ); *GroupName = &Group->Group ; break; } }
if ( Success ) { break; }
Scan = Scan->Flink ; Self = NULL ;
}
if ( Success && ( Self == NULL ) ) { //
// Continue through the group, looking for the
// self entry
//
for ( ; i < Group->Count ; i++ ) { if ( Group->GroupList[ i ]->Flags & MGROUP_ENTRY_SELF ) { Self = Group->GroupList[ i ]; break; } } }
if ( Success ) { CopyMemory( MyKey, Self->UniqueKey, SEED_KEY_SIZE ); }
LeaveCriticalSection( &MachineGroupLock );
return Success ;}
BOOLMGroupParseTarget( PWSTR TargetSpn, PWSTR * MachineName ){ PWSTR Scan ; PWSTR Tail ; PWSTR Copy ; ULONG Length ;
*MachineName = NULL ;
Scan = wcschr( TargetSpn, L'/' );
if ( !Scan ) { return FALSE ; }
Scan++ ; Tail = wcschr( Scan, L'/' );
if ( Tail != NULL ) { //
// three-part SPN (e.g. HOST/hostname.domain.com).
// null out this slash for now
//
*Tail = L'\0';
}
Length = wcslen( Scan );
Copy = LocalAlloc( LMEM_FIXED, (Length + 1) * sizeof( WCHAR ) );
if ( Copy ) { CopyMemory( Copy, Scan, (Length + 1) * sizeof( WCHAR ) ); }
if ( Tail ) { *Tail = L'/' ; }
*MachineName = Copy ;
return ( Copy != NULL ); }
|
