archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
4.9 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/termsrv/winsta/server/misc.c

337 lines
10 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /****************************************************************************/
  2. // misc.c
  3. //
  4. // TermSrv general code.
  5. //
  6. // Copyright (C) 1997-2000 Microsoft Corporation
  7. /****************************************************************************/
  9. #include "precomp.h"
  10. #pragma hdrstop
  12. #include <rpc.h>
  13. #include <msaudite.h>
  14. #include <ntlsa.h>
  15. #include <authz.h>
  16. #include <authzi.h>
  17. //external procedures used
  18. extern NTSTATUS
  19. AuthzReportEventW( IN PAUTHZ_AUDIT_EVENT_TYPE_HANDLE pHAET,
  20. IN DWORD Flags,
  21. IN ULONG EventId,
  22. IN PSID pUserID,
  23. IN USHORT NumStrings,
  24. IN ULONG DataSize OPTIONAL, //Future - DO NOT USE
  25. IN PUNICODE_STRING* Strings,
  26. IN PVOID Data OPTIONAL //Future - DO NOT USE
  27. );
  30. extern BOOL
  31. AuthzInit( IN DWORD Flags,
  32. IN USHORT CategoryID,
  33. IN USHORT AuditID,
  34. IN USHORT ParameterCount,
  35. OUT PAUTHZ_AUDIT_EVENT_TYPE_HANDLE phAuditEventType
  36. );
  41. NTSTATUS ConfigureEnable(
  42. IN PWSTR ValueName,
  43. IN ULONG ValueType,
  44. IN PVOID ValueData,
  45. IN ULONG ValueLength,
  46. IN PVOID Context,
  47. IN PVOID EntryContext)
  48. {
  49. if (ValueType == REG_DWORD && *(PULONG)ValueData != 0)
  50. return STATUS_SUCCESS;
  51. return STATUS_UNSUCCESSFUL;
  52. }
  55. RTL_QUERY_REGISTRY_TABLE WinStationEnableTable[] = {
  56. { ConfigureEnable, RTL_QUERY_REGISTRY_REQUIRED, WIN_ENABLEWINSTATION,
  57. NULL, REG_NONE, NULL, 0},
  58. { NULL, 0, NULL, NULL, REG_NONE, NULL, 0}
  59. };
  62. NTSTATUS CheckWinStationEnable(LPWSTR WinStationName)
  63. {
  64. NTSTATUS Status;
  66. PWCHAR PathBuf = MemAlloc((wcslen(REG_TSERVER_WINSTATIONS L"\\") + wcslen(WinStationName) + 1) * sizeof(WCHAR));
  67. if (!PathBuf)
  68. {
  69. return STATUS_NO_MEMORY;
  70. }
  72. wcscpy(PathBuf, REG_TSERVER_WINSTATIONS L"\\");
  73. wcscat(PathBuf, WinStationName);
  75. /*
  76. * Check if WinStation is enabled, and return error if not.
  77. */
  78. Status = RtlQueryRegistryValues(RTL_REGISTRY_CONTROL, PathBuf,
  79. WinStationEnableTable, NULL, NULL);
  81. MemFree(PathBuf);
  82. return Status;
  83. }
  86. void InitializeSystemTrace(HKEY hKeyTermSrv)
  87. {
  88. ICA_TRACE Trace;
  89. NTSTATUS Status;
  90. WCHAR SystemDir[256];
  91. DWORD ValueType;
  92. DWORD ValueSize;
  93. ULONG fDebugger;
  94. UINT uiWinDirSize;
  96. ASSERT(hKeyTermSrv != NULL);
  99. RtlZeroMemory( &Trace , sizeof( ICA_TRACE ) );
  100. /*
  101. * Query trace enable flag
  102. */
  103. ValueSize = sizeof(Trace.TraceEnable);
  104. Status = RegQueryValueEx(hKeyTermSrv, WIN_TRACEENABLE, NULL, &ValueType,
  105. (LPBYTE) &Trace.TraceEnable, &ValueSize);
  106. if (Status == ERROR_SUCCESS && Trace.TraceEnable != 0) {
  107. /*
  108. * Query trace class flag
  109. */
  110. ValueSize = sizeof(Trace.TraceClass);
  111. Status = RegQueryValueEx(hKeyTermSrv, WIN_TRACECLASS, NULL,
  112. &ValueType, (LPBYTE)&Trace.TraceClass, &ValueSize);
  113. if (Status != ERROR_SUCCESS) {
  114. Trace.TraceClass = 0xffffffff;
  115. }
  117. /*
  118. * Query trace to debugger flag
  119. */
  120. ValueSize = sizeof(fDebugger);
  121. Status = RegQueryValueEx(hKeyTermSrv, WIN_TRACEDEBUGGER, NULL,
  122. &ValueType, (LPBYTE)&fDebugger, &ValueSize);
  123. if (Status != ERROR_SUCCESS) {
  124. fDebugger = FALSE;
  125. }
  127. Trace.fDebugger = (BOOLEAN)fDebugger;
  128. Trace.fTimestamp = TRUE;
  130. uiWinDirSize = GetWindowsDirectory(SystemDir, sizeof(SystemDir)/sizeof(WCHAR));
  131. if ((uiWinDirSize == 0) ||
  132. ((uiWinDirSize + wcslen(L"\\ICADD.log") + 1) > sizeof(Trace.TraceFile)/sizeof(WCHAR)))
  133. {
  134. // we failed to get the windows directory or we dont have enough buffer for the logfile.
  135. Trace.TraceEnable = 0;
  137. }
  138. else
  139. {
  141. wsprintf(Trace.TraceFile, L"%s\\ICADD.log", SystemDir);
  143. /*
  144. * Open TermDD.
  145. */
  146. Status = IcaOpen(&hTrace);
  147. if (NT_SUCCESS(Status)) {
  148. Status = IcaIoControl(hTrace, IOCTL_ICA_SET_SYSTEM_TRACE, &Trace,
  149. sizeof(Trace), NULL, 0, NULL);
  150. if (!NT_SUCCESS(Status)) {
  151. IcaClose(hTrace);
  152. hTrace = NULL;
  153. }
  154. }
  156. KdPrintEx((DPFLTR_TERMSRV_ID, DPFLTR_TRACE_LEVEL, "TRACE: %S, c:%x, e:%x d:%d, Status=0x%x\n", Trace.TraceFile,
  157. Trace.TraceClass, Trace.TraceEnable, Trace.fDebugger, Status ));
  158. }
  159. }
  160. }
  163. void InitializeTrace(
  164. PWINSTATION pWinStation,
  165. BOOLEAN fListen,
  166. PICA_TRACE pTrace)
  167. {
  168. PWINSTATIONNAME pWinStationName;
  169. NTSTATUS Status;
  170. WCHAR SystemDir[256];
  171. ULONG fDebugger;
  172. ULONG ulSize;
  174. /*
  175. * Use WinStation name if set, else try ListenName,
  176. * otherwise nothing to be done.
  177. */
  178. if (pWinStation->WinStationName[0])
  179. pWinStationName = pWinStation->WinStationName;
  180. else if (pWinStation->ListenName[0])
  181. pWinStationName = pWinStation->ListenName;
  182. else
  183. return;
  185. /*
  186. * Check if trace should be enabled for this WinStation
  187. */
  188. Status = RegWinStationQueryNumValue(SERVERNAME_CURRENT, pWinStationName,
  189. WIN_TRACEENABLE, &pTrace->TraceEnable);
  191. KdPrintEx((DPFLTR_TERMSRV_ID, DPFLTR_TRACE_LEVEL, "TERMSRV: InitializeTrace: LogonId %d, fListen %u, Status=0x%x\n",
  192. pWinStation->LogonId, fListen, Status ));
  194. if (Status == ERROR_SUCCESS && pTrace->TraceEnable != 0) {
  195. /*
  196. * Enable trace for this WinStation
  197. */
  198. if (RegWinStationQueryNumValue(SERVERNAME_CURRENT, pWinStationName,
  199. WIN_TRACECLASS, &pTrace->TraceClass))
  200. pTrace->TraceClass = 0xffffffff;
  202. if (RegWinStationQueryNumValue(SERVERNAME_CURRENT, pWinStationName,
  203. WIN_TRACEDEBUGGER, &fDebugger))
  204. fDebugger = FALSE;
  206. pTrace->fDebugger = (BOOLEAN)fDebugger;
  207. pTrace->fTimestamp = TRUE;
  209. if (RegWinStationQueryValue(SERVERNAME_CURRENT, pWinStationName,
  210. WIN_TRACEOPTION, pTrace->TraceOption,
  211. sizeof(pTrace->TraceOption), &ulSize))
  212. memset(pTrace->TraceOption, 0, sizeof(pTrace->TraceOption));
  214. if (GetWindowsDirectory(SystemDir, sizeof(SystemDir)/sizeof(WCHAR)) == 0) {
  215. return;
  216. }
  218. if (fListen)
  219. wsprintf(pTrace->TraceFile, L"%s\\%s.log", SystemDir,
  220. pWinStationName);
  221. else
  222. wsprintf(pTrace->TraceFile, L"%s\\%u.log", SystemDir,
  223. pWinStation->LogonId);
  225. Status = IcaIoControl(pWinStation->hIca, IOCTL_ICA_SET_TRACE, pTrace,
  226. sizeof(ICA_TRACE), NULL, 0, NULL);
  228. KdPrintEx((DPFLTR_TERMSRV_ID, DPFLTR_TRACE_LEVEL, "TRACE: %S, c:%x, e:%x d:%d, Status=0x%x\n", pTrace->TraceFile,
  229. pTrace->TraceClass, pTrace->TraceEnable, pTrace->fDebugger, Status ));
  230. }
  231. }
  234. /*
  235. * Retrieves non-trace systemwide registry entries and conveys them to TermDD.
  236. * Single location for configuration params.
  237. */
  238. void GetSetSystemParameters(HKEY hKeyTermSrv)
  239. {
  240. TERMSRV_SYSTEM_PARAMS SysParams;
  241. NTSTATUS Status;
  242. DWORD ValueType;
  243. DWORD ValueSize;
  244. HANDLE hTermDD;
  246. ASSERT(hKeyTermSrv != NULL);
  248. // Read the mouse throttle size.
  249. ValueSize = sizeof(SysParams.MouseThrottleSize);
  250. if (RegQueryValueEx(hKeyTermSrv, REG_MOUSE_THROTTLE_SIZE, NULL,
  251. &ValueType, (PCHAR)&SysParams.MouseThrottleSize, &ValueSize) ==
  252. ERROR_SUCCESS) {
  253. // Round the retrieved value up to the next multiple of the
  254. // input size.
  255. SysParams.MouseThrottleSize = (SysParams.MouseThrottleSize +
  256. sizeof(MOUSE_INPUT_DATA) - 1) &
  257. ~(sizeof(MOUSE_INPUT_DATA) - 1);
  258. }
  259. else {
  260. // Set default value.
  261. SysParams.MouseThrottleSize = DEFAULT_MOUSE_THROTTLE_SIZE;
  262. }
  264. // Read the keyboard throttle size.
  265. ValueSize = sizeof(SysParams.KeyboardThrottleSize);
  266. if (RegQueryValueEx(hKeyTermSrv, REG_KEYBOARD_THROTTLE_SIZE, NULL,
  267. &ValueType, (PCHAR)&SysParams.KeyboardThrottleSize, &ValueSize) ==
  268. ERROR_SUCCESS) {
  269. // Round the retrieved value up to the next multiple of the
  270. // input size.
  271. SysParams.KeyboardThrottleSize = (SysParams.KeyboardThrottleSize +
  272. sizeof(KEYBOARD_INPUT_DATA) - 1) &
  273. ~(sizeof(KEYBOARD_INPUT_DATA) - 1);
  274. }
  275. else {
  276. // Set default value.
  277. SysParams.KeyboardThrottleSize = DEFAULT_KEYBOARD_THROTTLE_SIZE;
  278. }
  280. // Open TermDD and send IOCTL.
  281. Status = IcaOpen(&hTermDD);
  282. if (NT_SUCCESS(Status)) {
  283. Status = IcaIoControl(hTermDD, IOCTL_ICA_SET_SYSTEM_PARAMETERS,
  284. &SysParams, sizeof(SysParams), NULL, 0, NULL);
  285. IcaClose(hTermDD);
  286. }
  288. KdPrintEx((DPFLTR_TERMSRV_ID, DPFLTR_TRACE_LEVEL, "SysParams: MouseThrottle=%u, KbdThrottle=%u, Status=0x%x\n",
  289. SysParams.MouseThrottleSize, SysParams.KeyboardThrottleSize,
  290. Status));
  291. }
  294. VOID AuditShutdownEvent(void)
  295. {
  296. RPC_STATUS RPCStatus;
  297. NTSTATUS NtStatus;
  298. AUTHZ_AUDIT_EVENT_TYPE_HANDLE hAET = NULL;
  300. RPCStatus = RpcImpersonateClient(NULL);
  302. if (RPCStatus != RPC_S_OK)
  303. {
  304. DBGPRINT(("TERMSRV: AuditShutdownEvent: Not impersonating! RpcStatus 0x%x\n",RPCStatus));
  305. return;
  306. }
  308. //
  309. //authz Changes
  310. //
  311. if( !AuthzInit( 0, SE_CATEGID_SYSTEM, SE_AUDITID_SYSTEM_SHUTDOWN, 0, &hAET ))
  312. goto ExitFunc;
  314. NtStatus = AuthzReportEventW( &hAET,
  315. APF_AuditSuccess,
  316. 0,
  317. NULL,
  318. 0,
  319. 0,
  320. NULL,
  321. NULL
  322. );
  325. //end authz changes
  327. if (!NT_SUCCESS(NtStatus)) {
  328. KdPrintEx((DPFLTR_TERMSRV_ID, DPFLTR_ERROR_LEVEL, "TERMSRV: Failed to report shutdown event.\n"));
  329. }
  331. ExitFunc:
  332. if( hAET != NULL )
  333. AuthziFreeAuditEventType( hAET );
  334. if (RPCStatus == RPC_S_OK)
  335. RpcRevertToSelf();
  336. }