archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/mergedcomponents/advapi32/termutil.c

448 lines
13 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. #include <nt.h>
  2. #include <ntrtl.h>
  3. #include <nturtl.h>
  4. #include <windows.h>
  6. #include "tsappcmp.h"
  7. #include <regapi.h>
  9. PTERMSRVCREATEREGENTRY gpfnTermsrvCreateRegEntry;
  11. PTERMSRVOPENREGENTRY gpfnTermsrvOpenRegEntry;
  13. PTERMSRVSETVALUEKEY gpfnTermsrvSetValueKey;
  15. PTERMSRVDELETEKEY gpfnTermsrvDeleteKey;
  17. PTERMSRVDELETEVALUE gpfnTermsrvDeleteValue;
  19. PTERMSRVRESTOREKEY gpfnTermsrvRestoreKey;
  21. PTERMSRVSETKEYSECURITY gpfnTermsrvSetKeySecurity;
  23. PTERMSRVOPENUSERCLASSES gpfnTermsrvOpenUserClasses;
  25. PTERMSRVGETPRESETVALUE gpfnTermsrvGetPreSetValue;
  27. DWORD gdwRegistryExtensionFlags=0;
  29. BOOL IsTerminalServerCompatible(VOID)
  30. {
  32. PIMAGE_NT_HEADERS NtHeader = RtlImageNtHeader( NtCurrentPeb()->ImageBaseAddress );
  34. if ((NtHeader) && (NtHeader->OptionalHeader.DllCharacteristics & IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE)) {
  35. return TRUE;
  36. } else {
  37. return FALSE;
  38. }
  39. }
  41. BOOL IsSystemLUID(VOID)
  42. {
  43. HANDLE TokenHandle;
  44. UCHAR TokenInformation[ sizeof( TOKEN_STATISTICS ) ];
  45. ULONG ReturnLength;
  46. LUID CurrentLUID = { 0, 0 };
  47. LUID SystemLUID = SYSTEM_LUID;
  48. NTSTATUS Status;
  50. if ( CurrentLUID.LowPart == 0 && CurrentLUID.HighPart == 0 ) {
  52. Status = NtOpenProcessToken( NtCurrentProcess(),
  53. TOKEN_QUERY,
  54. &TokenHandle );
  55. if ( !NT_SUCCESS( Status ) )
  56. return(TRUE);
  58. NtQueryInformationToken( TokenHandle, TokenStatistics, &TokenInformation,
  59. sizeof(TokenInformation), &ReturnLength );
  60. NtClose( TokenHandle );
  62. RtlCopyLuid(&CurrentLUID,
  63. &(((PTOKEN_STATISTICS)TokenInformation)->AuthenticationId));
  64. }
  66. if (RtlEqualLuid(&CurrentLUID, &SystemLUID)) {
  67. return(TRUE);
  68. } else {
  69. return(FALSE );
  70. }
  71. }
  73. /**
  75. Params:
  76. [out] Boolean *RelaxedSecurityMode
  77. If TRUE, then we are running app server in relaxed security mode
  78. which means that the TsUserSID will be present in user's token, allowing
  79. user more access to various reg and file system components.
  81. Retrun:
  82. TRUE means app server is enabled, and it is in app-compat mode ( the default)
  83. FALSE means this is not an app server
  85. **/
  86. BOOL IsTSAppCompatEnabled( BOOLEAN *RelaxedSecurityMode )
  87. {
  89. NTSTATUS NtStatus;
  90. OBJECT_ATTRIBUTES ObjectAttributes;
  91. UNICODE_STRING UniString;
  92. HKEY hKey = 0;
  93. ULONG ul, ulcbuf;
  94. PKEY_VALUE_PARTIAL_INFORMATION pKeyValInfo = NULL;
  96. BOOL retval = TRUE;
  99. RtlInitUnicodeString(&UniString,REG_NTAPI_CONTROL_TSERVER);
  103. // Determine the value info buffer size
  104. ulcbuf = sizeof(KEY_VALUE_FULL_INFORMATION) + MAX_PATH*sizeof(WCHAR) +
  105. sizeof(ULONG);
  107. pKeyValInfo = RtlAllocateHeap(RtlProcessHeap(),
  108. 0,
  109. ulcbuf);
  111. // Did everything initialize OK?
  112. if (UniString.Buffer && pKeyValInfo) {
  114. InitializeObjectAttributes(&ObjectAttributes,
  115. &UniString,
  116. OBJ_CASE_INSENSITIVE,
  117. NULL,
  118. NULL
  119. );
  121. NtStatus = NtOpenKey(&hKey, KEY_READ, &ObjectAttributes);
  123. if (NT_SUCCESS(NtStatus)) {
  125. RtlInitUnicodeString(&UniString,
  126. L"TSAppCompat");
  127. NtStatus = NtQueryValueKey(hKey,
  128. &UniString,
  129. KeyValuePartialInformation,
  130. pKeyValInfo,
  131. ulcbuf,
  132. &ul);
  134. if (NT_SUCCESS(NtStatus) && (REG_DWORD == pKeyValInfo->Type)) {
  136. if ((*(PULONG)pKeyValInfo->Data) == 0) {
  137. retval = FALSE;
  138. }
  139. }
  141. RtlInitUnicodeString(&UniString,
  142. L"TSUserEnabled");
  144. NtStatus = NtQueryValueKey(hKey,
  145. &UniString,
  146. KeyValuePartialInformation,
  147. pKeyValInfo,
  148. ulcbuf,
  149. &ul);
  151. if (NT_SUCCESS(NtStatus) && (REG_DWORD == pKeyValInfo->Type) )
  152. {
  153. *RelaxedSecurityMode = (BOOLEAN ) (*(PULONG)pKeyValInfo->Data);
  154. }
  155. else // in case of any problems, assume standard security mode
  156. {
  157. *RelaxedSecurityMode = FALSE;
  158. }
  160. NtClose(hKey);
  161. }
  162. }
  164. // Free up the buffers we allocated
  165. // Need to zero out the buffers, because some apps (MS Internet Assistant)
  166. // won't install if the heap is not zero filled.
  167. if (pKeyValInfo) {
  168. memset(pKeyValInfo, 0, ulcbuf);
  169. RtlFreeHeap( RtlProcessHeap(), 0, pKeyValInfo );
  170. }
  172. return(retval);
  174. }
  177. ULONG GetCompatFlags()
  178. {
  179. ULONG ulAppFlags = 0;
  180. PRTL_USER_PROCESS_PARAMETERS pUserParam;
  181. PWCHAR pwch, pwchext;
  182. WCHAR pwcAppName[MAX_PATH+1];
  183. NTSTATUS NtStatus;
  184. OBJECT_ATTRIBUTES ObjectAttributes;
  185. UNICODE_STRING UniString;
  186. HKEY hKey = 0;
  187. ULONG ul, ulcbuf;
  188. PKEY_VALUE_PARTIAL_INFORMATION pKeyValInfo = NULL;
  189. LPWSTR UniBuff = NULL;
  191. ULONG dwCompatFlags = 0;
  192. UniString.Buffer = NULL;
  196. // Get the path of the executable name
  197. pUserParam = NtCurrentPeb()->ProcessParameters;
  199. // Get the executable name, if there's no \ just use the name as it is
  200. pwch = wcsrchr(pUserParam->ImagePathName.Buffer, L'\\');
  201. if (pwch) {
  202. pwch++;
  203. } else {
  204. pwch = pUserParam->ImagePathName.Buffer;
  205. }
  206. wcscpy(pwcAppName, pwch);
  207. pwch = pwcAppName;
  209. // Remove the extension
  210. if (pwchext = wcsrchr(pwch, L'.')) {
  211. *pwchext = '\0';
  212. }
  215. UniString.Buffer = NULL;
  218. ul = sizeof(TERMSRV_COMPAT_APP) + (wcslen(pwch) + 1)*sizeof(WCHAR);
  220. UniBuff = RtlAllocateHeap(RtlProcessHeap(),
  221. 0,
  222. ul);
  224. if (UniBuff) {
  225. wcscpy(UniBuff, TERMSRV_COMPAT_APP);
  226. wcscat(UniBuff, pwch);
  228. RtlInitUnicodeString(&UniString, UniBuff);
  229. }
  231. // Determine the value info buffer size
  232. ulcbuf = sizeof(KEY_VALUE_FULL_INFORMATION) + MAX_PATH*sizeof(WCHAR) +
  233. sizeof(ULONG);
  235. pKeyValInfo = RtlAllocateHeap(RtlProcessHeap(),
  236. 0,
  237. ulcbuf);
  239. // Did everything initialize OK?
  240. if (UniString.Buffer && pKeyValInfo) {
  242. InitializeObjectAttributes(&ObjectAttributes,
  243. &UniString,
  244. OBJ_CASE_INSENSITIVE,
  245. NULL,
  246. NULL
  247. );
  249. NtStatus = NtOpenKey(&hKey, KEY_READ, &ObjectAttributes);
  251. if (NT_SUCCESS(NtStatus)) {
  253. RtlInitUnicodeString(&UniString,
  254. COMPAT_FLAGS);
  255. NtStatus = NtQueryValueKey(hKey,
  256. &UniString,
  257. KeyValuePartialInformation,
  258. pKeyValInfo,
  259. ulcbuf,
  260. &ul);
  262. if (NT_SUCCESS(NtStatus) && (REG_DWORD == pKeyValInfo->Type)) {
  265. dwCompatFlags = *(PULONG)pKeyValInfo->Data;
  267. }
  269. NtClose(hKey);
  270. }
  271. }
  273. // Free up the buffers we allocated
  274. // Need to zero out the buffers, because some apps (MS Internet Assistant)
  275. // won't install if the heap is not zero filled.
  276. if (UniBuff) {
  277. memset(UniBuff, 0, UniString.MaximumLength);
  278. RtlFreeHeap( RtlProcessHeap(), 0, UniBuff );
  279. }
  280. if (pKeyValInfo) {
  281. memset(pKeyValInfo, 0, ulcbuf);
  282. RtlFreeHeap( RtlProcessHeap(), 0, pKeyValInfo );
  283. }
  285. return(dwCompatFlags);
  287. }
  289. /**
  291. Return code :
  292. TRUE means app compat is enabled for this app
  293. FALSE means app compat is not enabled for this app
  295. **/
  296. BOOLEAN AdvApi_InitializeTermsrvFpns( BOOLEAN *pIsInRelaxedSecurityMode , DWORD *pdwCompatFlags )
  297. {
  299. HANDLE dllHandle;
  300. ULONG dwCompatFlags;
  301. BOOLEAN rc=FALSE;
  304. if (IsTerminalServerCompatible() || (!IsTSAppCompatEnabled( pIsInRelaxedSecurityMode ))) {
  305. return rc;
  306. }
  308. *pdwCompatFlags = dwCompatFlags = GetCompatFlags();
  311. //Don't load app compatibility dll for system components
  313. if (IsSystemLUID()) {
  315. if ( (dwCompatFlags & (TERMSRV_COMPAT_SYSREGMAP | TERMSRV_COMPAT_WIN32))
  316. != (TERMSRV_COMPAT_SYSREGMAP | TERMSRV_COMPAT_WIN32) ) {
  318. //
  319. // Process is running as SYSTEM and we don't have an app
  320. // compatibility flag telling us to do the regmap stuff.
  321. //
  323. return rc;
  325. }
  327. } else if ( (dwCompatFlags & (TERMSRV_COMPAT_NOREGMAP | TERMSRV_COMPAT_WIN32))
  328. == (TERMSRV_COMPAT_NOREGMAP | TERMSRV_COMPAT_WIN32) ) {
  329. //
  330. // We don't want to do registry mapping for this user process
  331. //
  332. return rc;
  334. }
  336. //
  337. // Load Terminal Server application compatibility dll
  338. //
  339. dllHandle = LoadLibrary("tsappcmp.dll");
  341. if (dllHandle) {
  343. gpfnTermsrvCreateRegEntry =
  344. (PTERMSRVCREATEREGENTRY)GetProcAddress(dllHandle,"TermsrvCreateRegEntry");
  346. gpfnTermsrvOpenRegEntry =
  347. (PTERMSRVOPENREGENTRY)GetProcAddress(dllHandle,"TermsrvOpenRegEntry");
  349. gpfnTermsrvSetValueKey =
  350. (PTERMSRVSETVALUEKEY)GetProcAddress(dllHandle,"TermsrvSetValueKey");
  352. gpfnTermsrvDeleteKey =
  353. (PTERMSRVDELETEKEY)GetProcAddress(dllHandle,"TermsrvDeleteKey");
  355. gpfnTermsrvDeleteValue =
  356. (PTERMSRVDELETEVALUE)GetProcAddress(dllHandle,"TermsrvDeleteValue");
  358. gpfnTermsrvRestoreKey =
  359. (PTERMSRVRESTOREKEY)GetProcAddress(dllHandle,"TermsrvRestoreKey");
  361. gpfnTermsrvSetKeySecurity =
  362. (PTERMSRVSETKEYSECURITY)GetProcAddress(dllHandle,"TermsrvSetKeySecurity");
  364. gpfnTermsrvOpenUserClasses =
  365. (PTERMSRVOPENUSERCLASSES)GetProcAddress(dllHandle,"TermsrvOpenUserClasses");
  367. gpfnTermsrvGetPreSetValue =
  368. (PTERMSRVGETPRESETVALUE)GetProcAddress(dllHandle,"TermsrvGetPreSetValue");
  370. rc = TRUE;
  371. }
  373. return rc;
  374. }
  377. void
  378. GetRegistryExtensionFlags( DWORD dwCompatFlags )
  379. /*++
  380. GetRegistryExtensionFlags
  382. Routine Description:
  384. Reads DWORD value of
  385. Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\RegistryExtensionFlags
  387. Arguments:
  389. none
  391. Return Value:
  393. none
  395. --*/
  396. {
  398. DWORD dwResult=0;
  399. NTSTATUS Status;
  400. HANDLE hKey;
  401. UNICODE_STRING KeyName;
  402. PCWSTR wszKeyName=TERMSRV_BASE;
  403. OBJECT_ATTRIBUTES ObjAttr;
  405. RtlInitUnicodeString(&KeyName,wszKeyName );
  406. InitializeObjectAttributes(&ObjAttr,&KeyName,OBJ_CASE_INSENSITIVE,NULL,NULL);
  407. Status = NtOpenKey(&hKey,KEY_QUERY_VALUE,&ObjAttr);
  409. if(NT_SUCCESS(Status)){
  412. UNICODE_STRING ValueName;
  413. PKEY_VALUE_PARTIAL_INFORMATION pKeyValInfo = NULL;
  414. ULONG ulSize = sizeof(KEY_VALUE_PARTIAL_INFORMATION)+sizeof(DWORD);
  416. pKeyValInfo = RtlAllocateHeap(RtlProcessHeap(), 0, ulSize);
  418. if(pKeyValInfo){
  420. PCWSTR wszValueName=L"RegistryExtensionFlags";
  422. RtlInitUnicodeString(&ValueName,wszValueName );
  424. Status=NtQueryValueKey(hKey,&ValueName,KeyValuePartialInformation,
  425. (PVOID)pKeyValInfo,ulSize,&ulSize);
  427. if(NT_SUCCESS(Status)){
  428. gdwRegistryExtensionFlags=*((LPDWORD)(pKeyValInfo->Data));
  429. }
  431. RtlFreeHeap( RtlProcessHeap(), 0, pKeyValInfo );
  433. // the global advapi extension flags might be turned off for this app, so check.
  434. if ( dwCompatFlags & TERMSRV_COMPAT_NO_PER_USER_CLASSES_REDIRECTION )
  435. {
  436. gdwRegistryExtensionFlags &= ~ TERMSRV_ENABLE_PER_USER_CLASSES_REDIRECTION;
  437. }
  439. if ( dwCompatFlags & TERMSRV_COMPAT_NO_ENABLE_ACCESS_FLAG_MODIFICATION )
  440. {
  441. gdwRegistryExtensionFlags &= ~TERMSRV_ENABLE_ACCESS_FLAG_MODIFICATION;
  442. }
  443. }
  445. NtClose(hKey);
  446. }
  448. }