archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/sdktools/pview/mytoken.c

569 lines
15 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /****************************************************************************
  3. PROGRAM: MYTOKEN.C
  5. PURPOSE: Contains routines that manipulate tokens
  7. ****************************************************************************/
  9. #include "PVIEWP.h"
  11. typedef PVOID *PPVOID;
  14. HANDLE OpenToken(
  15. HANDLE hMyToken,
  16. ACCESS_MASK DesiredAccess);
  18. BOOL CloseToken(
  19. HANDLE Token);
  21. BOOL GetTokenInfo(
  22. HANDLE Token,
  23. TOKEN_INFORMATION_CLASS TokenInformationClass,
  24. PPVOID pBuffer);
  26. BOOL SetTokenInfo(
  27. HANDLE Token,
  28. TOKEN_INFORMATION_CLASS TokenInformationClass,
  29. PVOID Buffer);
  31. BOOL FreeTokenInfo(
  32. PVOID Buffer);
  34. HANDLE AllocMyToken(VOID);
  35. BOOL ReadMyToken(HANDLE);
  36. BOOL WriteMyToken(HWND, HANDLE);
  37. BOOL FreeMyToken(HANDLE);
  38. PVOID AllocTokenInfo(HANDLE, TOKEN_INFORMATION_CLASS);
  41. /****************************************************************************
  43. FUNCTION: OpenMyToken
  45. PURPOSE: Opens the token of the specified process or thread.
  47. RETURNS : Handle to mytoken on success, or NULL on failure.
  49. ****************************************************************************/
  51. HANDLE OpenMyToken(
  52. HANDLE Token,
  53. LPWSTR Name
  54. )
  55. {
  56. PMYTOKEN pMyToken;
  57. HANDLE hMyToken;
  59. //
  60. // Build a MYTOKEN structure.
  62. hMyToken = AllocMyToken();
  63. if (hMyToken == NULL) {
  64. return(NULL);
  65. }
  67. pMyToken = (PMYTOKEN)hMyToken;
  69. pMyToken->Token = Token;
  71. pMyToken->Name = Alloc((lstrlenW(Name) + 1) * sizeof(WCHAR));
  72. if (pMyToken->Name == NULL) {
  73. Free(pMyToken);
  74. return(NULL);
  75. }
  76. lstrcpyW(pMyToken->Name, Name);
  79. if (!ReadMyToken(hMyToken)) {
  80. DbgPrint("PVIEW : Failed to read token info\n");
  81. Free(pMyToken->Name);
  82. Free(pMyToken);
  83. return(NULL);
  84. }
  86. return(hMyToken);
  87. }
  90. /****************************************************************************
  92. FUNCTION: ReadMyToken
  94. PURPOSE: Reads the token info and stores in mytoken structure
  96. RETURNS : TRUE on success, FALSE on failure
  98. ****************************************************************************/
  100. BOOL ReadMyToken(
  101. HANDLE hMyToken)
  102. {
  103. HANDLE Token;
  104. PMYTOKEN pMyToken = (PMYTOKEN)hMyToken;
  106. Token = OpenToken(hMyToken, TOKEN_QUERY);
  108. if (Token == NULL) {
  109. DbgPrint("PVIEW : Failed to open the token with TOKEN_QUERY access\n");
  110. return(FALSE);
  111. }
  113. if (!GetTokenInfo(Token, TokenStatistics, (PPVOID)&(pMyToken->TokenStats))) {
  114. DbgPrint("PVIEW : Failed to read token statistics from token\n");
  115. }
  117. if (!GetTokenInfo(Token, TokenGroups, (PPVOID)&(pMyToken->Groups))) {
  118. DbgPrint("PVIEW : Failed to read group info from token\n");
  119. }
  121. if (!GetTokenInfo(Token, TokenUser, (PPVOID)&(pMyToken->UserId))) {
  122. DbgPrint("PVIEW : Failed to read userid from token\n");
  123. }
  125. if (!GetTokenInfo(Token, TokenOwner, (PPVOID)&(pMyToken->DefaultOwner))) {
  126. DbgPrint("PVIEW : Failed to read default owner from token\n");
  127. }
  129. if (!GetTokenInfo(Token, TokenPrimaryGroup, (PPVOID)&(pMyToken->PrimaryGroup))) {
  130. DbgPrint("PVIEW : Failed to read primary group from token\n");
  131. }
  133. if (!GetTokenInfo(Token, TokenPrivileges, (PPVOID)&(pMyToken->Privileges))) {
  134. DbgPrint("PVIEW : Failed to read privilege info from token\n");
  135. }
  137. if ( !GetTokenInfo( Token, TokenRestrictedSids, (PPVOID) &(pMyToken->RestrictedSids) ) )
  138. {
  139. pMyToken->RestrictedSids = NULL ;
  140. }
  143. CloseToken(Token);
  145. return(TRUE);
  146. }
  149. /****************************************************************************
  151. FUNCTION: CloseMyToken
  153. PURPOSE: Closes the specified mytoken handle
  154. If fSaveChanges = TRUE, the token information is saved,
  155. otherwise it is discarded.
  157. RETURNS : TRUE on success, FALSE on failure.
  159. ****************************************************************************/
  161. BOOL CloseMyToken(
  162. HWND hDlg,
  163. HANDLE hMyToken,
  164. BOOL fSaveChanges)
  165. {
  166. if (fSaveChanges) {
  167. WriteMyToken(hDlg, hMyToken);
  168. }
  170. return FreeMyToken(hMyToken);
  171. }
  173. /****************************************************************************
  175. FUNCTION: AllocMyToken
  177. PURPOSE: Allocates space for mytoken structure.
  179. RETURNS : HANDLE to mytoken or NULL on failure.
  181. ****************************************************************************/
  183. HANDLE AllocMyToken(VOID)
  184. {
  185. PMYTOKEN pMyToken;
  187. pMyToken = (PMYTOKEN)Alloc(sizeof(MYTOKEN));
  189. return((HANDLE)pMyToken);
  190. }
  193. /****************************************************************************
  195. FUNCTION: FreeMyToken
  197. PURPOSE: Frees the memory allocated to mytoken structure.
  199. RETURNS : TRUE on success, FALSE on failure.
  201. ****************************************************************************/
  203. BOOL FreeMyToken(
  204. HANDLE hMyToken)
  205. {
  206. PMYTOKEN pMyToken = (PMYTOKEN)hMyToken;
  208. if (pMyToken->TokenStats != NULL) {
  209. FreeTokenInfo((PVOID)(pMyToken->TokenStats));
  210. }
  212. if (pMyToken->UserId != NULL) {
  213. FreeTokenInfo((PVOID)(pMyToken->UserId));
  214. }
  216. if (pMyToken->PrimaryGroup != NULL) {
  217. FreeTokenInfo((PVOID)(pMyToken->PrimaryGroup));
  218. }
  220. if (pMyToken->DefaultOwner != NULL) {
  221. FreeTokenInfo((PVOID)(pMyToken->DefaultOwner));
  222. }
  224. if (pMyToken->Groups != NULL) {
  225. FreeTokenInfo((PVOID)(pMyToken->Groups));
  226. }
  228. if (pMyToken->Privileges != NULL) {
  229. FreeTokenInfo((PVOID)(pMyToken->Privileges));
  230. }
  232. if (pMyToken->Name != NULL) {
  233. Free((PVOID)pMyToken->Name);
  234. }
  236. Free((PVOID)pMyToken);
  238. return(TRUE);
  239. }
  242. /****************************************************************************
  244. FUNCTION: WriteMyToken
  246. PURPOSE: Writes the token information out to the token
  248. RETURNS : TRUE on success, FALSE on failure.
  250. ****************************************************************************/
  252. BOOL WriteMyToken(
  253. HWND hDlg,
  254. HANDLE hMyToken)
  255. {
  256. PMYTOKEN pMyToken = (PMYTOKEN)hMyToken;
  257. HANDLE Token;
  259. //
  260. // Save default owner and primary group
  261. //
  263. Token = OpenToken(hMyToken, TOKEN_ADJUST_DEFAULT);
  265. if (Token == NULL) {
  267. DbgPrint("PVIEW: Failed to open token with TOKEN_ADJUST_DEFAULT access\n");
  268. MessageBox(hDlg, "Failed to open token with access required\nUnable to change default owner or primary group", NULL, MB_ICONSTOP | MB_APPLMODAL | MB_OK);
  270. } else {
  272. // Set default owner
  273. //
  274. if ((pMyToken->DefaultOwner != NULL) &&
  275. (!SetTokenInfo(Token, TokenOwner, (PVOID)(pMyToken->DefaultOwner)))) {
  276. MessageBox(hDlg, "Failed to set default owner", NULL, MB_ICONSTOP | MB_APPLMODAL | MB_OK);
  277. }
  279. // Set primary group
  280. //
  281. if ((pMyToken->PrimaryGroup != NULL) &&
  282. (!SetTokenInfo(Token, TokenPrimaryGroup, (PVOID)(pMyToken->PrimaryGroup)))) {
  283. MessageBox(hDlg, "Failed to set primary group", NULL, MB_ICONSTOP | MB_APPLMODAL | MB_OK);
  284. }
  286. CloseToken(Token);
  287. }
  289. //
  290. // Save group info
  291. //
  293. Token = OpenToken(hMyToken, TOKEN_ADJUST_GROUPS);
  295. if (Token == NULL) {
  297. DbgPrint("PVIEW: Failed to open token with TOKEN_ADJUST_GROUPS access\n");
  298. MessageBox(hDlg, "Failed to open token with access required\nUnable to change group settings", NULL, MB_ICONSTOP | MB_APPLMODAL | MB_OK);
  300. } else {
  302. if ((pMyToken->Groups != NULL) &&
  303. (!SetTokenInfo(Token, TokenGroups, (PVOID)(pMyToken->Groups)))) {
  304. MessageBox(hDlg, "Failed to change group settings", NULL, MB_ICONSTOP | MB_APPLMODAL | MB_OK);
  305. }
  307. CloseToken(Token);
  308. }
  311. //
  312. // Change privileges
  313. //
  315. Token = OpenToken(hMyToken, TOKEN_ADJUST_PRIVILEGES);
  317. if (Token == NULL) {
  319. DbgPrint("PVIEW: Failed to open token with TOKEN_ADJUST_PRIVILEGES access\n");
  320. MessageBox(hDlg, "Failed to open token with access required\nUnable to change privilege settings", NULL, MB_ICONSTOP | MB_APPLMODAL | MB_OK);
  322. } else {
  324. if ((pMyToken->Privileges != NULL) &&
  325. (!SetTokenInfo(Token, TokenPrivileges, (PVOID)(pMyToken->Privileges)))) {
  326. MessageBox(hDlg, "Failed to change privilege settings", NULL, MB_ICONSTOP | MB_APPLMODAL | MB_OK);
  327. }
  329. CloseToken(Token);
  330. }
  332. return(TRUE);
  333. }
  336. /****************************************************************************
  338. FUNCTION: OpenToken
  340. PURPOSE: Opens the token with the specified access
  342. RETURNS : Handle to token on success, or NULL on failure.
  344. ****************************************************************************/
  346. HANDLE OpenToken(
  347. HANDLE hMyToken,
  348. ACCESS_MASK DesiredAccess)
  349. {
  350. PMYTOKEN pMyToken = (PMYTOKEN)hMyToken;
  352. return(pMyToken->Token);
  353. }
  356. /****************************************************************************
  358. FUNCTION: CloseToken
  360. PURPOSE: Closes the specified token handle
  362. RETURNS : TRUE on success, FALSE on failure.
  364. ****************************************************************************/
  366. BOOL CloseToken(
  367. HANDLE Token)
  368. {
  369. return(TRUE);
  370. }
  373. /****************************************************************************
  375. FUNCTION: AllocTokenInfo
  377. PURPOSE: Allocates memory to hold the parameter that
  378. NTQueryInformationToken will return.
  379. Memory should be freed later using FreeTokenInfo
  381. RETURNS : Pointer to allocated memory or NULL on failure
  383. ****************************************************************************/
  385. PVOID AllocTokenInfo(
  386. HANDLE Token,
  387. TOKEN_INFORMATION_CLASS TokenInformationClass)
  388. {
  389. NTSTATUS Status;
  390. ULONG InfoLength;
  392. Status = NtQueryInformationToken(
  393. Token, // Handle
  394. TokenInformationClass, // TokenInformationClass
  395. NULL, // TokenInformation
  396. 0, // TokenInformationLength
  397. &InfoLength // ReturnLength
  398. );
  400. if (Status != STATUS_BUFFER_TOO_SMALL) {
  401. DbgPrint("PVIEW: NtQueryInformationToken did NOT return buffer_too_small, status = 0x%lx\n", Status);
  402. return(NULL);
  403. }
  405. return Alloc(InfoLength);
  406. }
  409. /****************************************************************************
  411. FUNCTION: FreeTokenInfo
  413. PURPOSE: Frees the memory previously allocated with AllocTokenInfo
  415. RETURNS : TRUE on success, otherwise FALSE
  417. ****************************************************************************/
  419. BOOL FreeTokenInfo(
  420. PVOID Buffer)
  421. {
  422. return(Free(Buffer));
  423. }
  426. /****************************************************************************
  428. FUNCTION: GetTokenInfo
  430. PURPOSE: Allocates a buffer and reads the specified data
  431. out of the token and into it.
  433. RETURNS : TRUE on success otherwise FALSE.
  435. ****************************************************************************/
  437. BOOL GetTokenInfo(
  438. HANDLE Token,
  439. TOKEN_INFORMATION_CLASS TokenInformationClass,
  440. PPVOID pBuffer)
  441. {
  442. NTSTATUS Status;
  443. ULONG BufferSize;
  444. ULONG InfoLength;
  445. PVOID Buffer;
  447. *pBuffer = NULL; // Prepare for failure
  449. Buffer = AllocTokenInfo(Token, TokenInformationClass);
  450. if (Buffer == NULL) {
  451. return(FALSE);
  452. }
  454. BufferSize = GetAllocSize(Buffer);
  456. Status = NtQueryInformationToken(
  457. Token, // Handle
  458. TokenInformationClass, // TokenInformationClass
  459. Buffer, // TokenInformation
  460. BufferSize, // TokenInformationLength
  461. &InfoLength // ReturnLength
  462. );
  464. if (!NT_SUCCESS(Status)) {
  465. DbgPrint("PVIEW: NtQueryInformationToken failed, status = 0x%lx\n", Status);
  466. FreeTokenInfo(Buffer);
  467. return(FALSE);
  468. }
  470. if (InfoLength > BufferSize) {
  471. DbgPrint("PVIEW: NtQueryInformationToken failed, DataSize > BufferSize");
  472. FreeTokenInfo(Buffer);
  473. return(FALSE);
  474. }
  476. *pBuffer = Buffer;
  478. return(TRUE);
  479. }
  482. /****************************************************************************
  484. FUNCTION: SetTokenInfo
  486. PURPOSE: Sets the specified information in the given token.
  488. RETURNS : TRUE on success otherwise FALSE.
  490. ****************************************************************************/
  492. BOOL SetTokenInfo(
  493. HANDLE Token,
  494. TOKEN_INFORMATION_CLASS TokenInformationClass,
  495. PVOID Buffer)
  496. {
  497. NTSTATUS Status;
  498. ULONG BufferSize;
  500. BufferSize = GetAllocSize(Buffer);
  502. switch (TokenInformationClass) {
  504. case TokenOwner:
  505. case TokenPrimaryGroup:
  506. case TokenDefaultDacl:
  508. Status = NtSetInformationToken(
  509. Token, // Handle
  510. TokenInformationClass, // TokenInformationClass
  511. Buffer, // TokenInformation
  512. BufferSize // TokenInformationLength
  513. );
  515. if (!NT_SUCCESS(Status)) {
  516. DbgPrint("PVIEW: NtSetInformationToken failed, info class = 0x%x, status = 0x%lx\n",
  517. TokenInformationClass, Status);
  518. return(FALSE);
  519. }
  520. break;
  523. case TokenGroups:
  525. Status = NtAdjustGroupsToken(
  526. Token, // Handle
  527. FALSE, // Reset to default
  528. (PTOKEN_GROUPS)Buffer, // New State
  529. BufferSize, // Buffer Length
  530. NULL, // Previous State
  531. NULL // Return Length
  532. );
  534. if (!NT_SUCCESS(Status)) {
  535. DbgPrint("PVIEW: NtAdjustGroupsToken failed, status = 0x%lx\n", Status);
  536. return(FALSE);
  537. }
  538. break;
  541. case TokenPrivileges:
  543. Status = NtAdjustPrivilegesToken(
  544. Token, // Handle
  545. FALSE, // Disable all privileges
  546. (PTOKEN_PRIVILEGES)Buffer, // New State
  547. BufferSize, // Buffer Length
  548. NULL, // Previous State
  549. NULL // Return Length
  550. );
  552. if (!NT_SUCCESS(Status)) {
  553. DbgPrint("PVIEW: NtAdjustPrivilegesToken failed, status = 0x%lx\n", Status);
  554. return(FALSE);
  555. }
  556. break;
  559. default:
  561. // Unrecognised information type
  562. DbgPrint("PVIEW: SetTokenInfo passed unrecognised infoclass, class = 0x%x\n", TokenInformationClass);
  564. return(FALSE);
  565. }
  567. return(TRUE);
  568. }