archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
4.9 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/admin/admt/common/include/sd.hpp

156 lines
5.9 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*---------------------------------------------------------------------------
  2. File: SD.hpp
  4. Comments: A generic class for managing security descriptors.
  5. The constructor takes a security descriptor in self-relative format.
  7. (c) Copyright 1995-1998, Mission Critical Software, Inc., All Rights Reserved
  8. Proprietary and confidential to Mission Critical Software, Inc.
  10. REVISION LOG ENTRY
  11. Revision By: Christy Boles
  12. Revised on 01-Oct-98 12:30:26
  14. ---------------------------------------------------------------------------
  15. */
  16. #include <stdlib.h>
  17. #include <malloc.h>
  19. #define SD_DEFAULT_STRUCT_SIZE (sizeof (SECURITY_DESCRIPTOR) )
  20. #define SD_DEFAULT_ACL_SIZE 787
  21. #define SD_DEFAULT_SID_SIZE 30
  22. #define SD_DEFAULT_SIZE 400
  24. #define DACL_FULLCONTROL_MASK (FILE_GENERIC_READ | FILE_ALL_ACCESS)
  25. #define DACL_CHANGE_MASK (FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_GENERIC_EXECUTE | DELETE)
  26. #define DACL_READ_MASK ( FILE_GENERIC_READ | FILE_GENERIC_EXECUTE )
  27. #define DACL_NO_MASK 0
  29. #define SACL_READ_MASK (ACCESS_SYSTEM_SECURITY | FILE_GENERIC_READ)
  30. #define SACL_WRITE_MASK (ACCESS_SYSTEM_SECURITY | FILE_GENERIC_WRITE)
  31. #define SACL_EXECUTE_MASK ( SYNCHRONIZE | FILE_GENERIC_EXECUTE )
  32. #define SACL_DELETE_MASK (DELETE)
  33. #define SACL_CHANGEPERMS_MASK (WRITE_DAC)
  34. #define SACL_CHANGEOWNER_MASK (WRITE_OWNER)
  36. #define SET_SID_FAILED -1
  37. #define SET_SID_NOTLARGEENOUGH 0
  38. #define SET_SID_SUCCEEDED 1
  40. typedef enum { McsUnknownSD=0, McsFileSD, McsDirectorySD, McsShareSD, McsMailboxSD, McsExchangeSD, McsRegistrySD, McsPrinterSD } SecuredObjectType;
  42. class TSecurableObject;
  43. class TACE
  44. {
  45. ACCESS_ALLOWED_ACE * m_pAce;
  46. BOOL m_bNeedToFree;
  48. public:
  49. TACE(BYTE type,BYTE flags,DWORD mask, PSID sid); // allocates and initializes a new ace
  50. TACE(void * pAce) { m_pAce = (ACCESS_ALLOWED_ACE *)pAce; m_bNeedToFree = FALSE; } // manages an existing ace
  51. ~TACE() { if ( m_bNeedToFree ) free(m_pAce); }
  52. void * GetBuffer() { return m_pAce; }
  53. void SetBuffer(void * pAce, BOOL bNeedToFree = FALSE) { m_pAce = (ACCESS_ALLOWED_ACE *)pAce; m_bNeedToFree = bNeedToFree;}
  55. BYTE GetType();
  56. BYTE GetFlags();
  57. DWORD GetMask();
  58. PSID GetSid();
  59. WORD GetSize();
  61. BOOL SetType(BYTE newType);
  62. BOOL SetFlags(BYTE newFlags);
  63. BOOL SetMask(DWORD newMask);
  64. DWORD SetSid(PSID sid);
  66. BOOL IsAccessAllowedAce();
  67. };
  69. class TSD
  70. {
  71. friend class TSecurableObject;
  72. protected:
  73. SECURITY_DESCRIPTOR * m_absSD; // SD in absolute format
  74. BOOL m_bOwnerChanged;
  75. BOOL m_bGroupChanged;
  76. BOOL m_bDACLChanged;
  77. BOOL m_bSACLChanged;
  78. BOOL m_bNeedToFreeSD;
  79. BOOL m_bNeedToFreeOwner;
  80. BOOL m_bNeedToFreeGroup;
  81. BOOL m_bNeedToFreeDacl;
  82. BOOL m_bNeedToFreeSacl;
  83. SecuredObjectType m_ObjectType;
  85. public:
  86. TSD(SECURITY_DESCRIPTOR * pSD, SecuredObjectType objectType, BOOL bResponsibleForDelete);
  87. TSD(TSD * pTSD);
  88. TSD(SecuredObjectType objectType);
  89. ~TSD();
  91. SECURITY_DESCRIPTOR const * GetSD() const { return m_absSD; } // returns a pointer to the absolute-format SD
  93. SECURITY_DESCRIPTOR * MakeAbsSD() const; // returns a copy of the SD in absolute format
  94. SECURITY_DESCRIPTOR * MakeRelSD() const; // returns a copy of the SD in self-relative format
  96. // type of secured object
  97. SecuredObjectType GetType() const { return m_ObjectType; }
  98. void SetType(SecuredObjectType newType) { m_ObjectType = newType;}
  100. // Security Descriptor parts
  101. PSID const GetOwner() const;
  102. void SetOwner(PSID pNewOwner);
  103. PSID const GetGroup() const;
  104. void SetGroup(PSID const pNewGroup);
  105. PACL const GetDacl() const;
  106. // SetDacl will free the buffer pNewAcl.
  107. BOOL SetDacl(PACL pNewAcl,BOOL present = TRUE);
  108. PACL const GetSacl() const;
  109. // SetSacl will free the buffer pNewAcl.
  110. void SetSacl(PACL pNewAcl, BOOL present = TRUE);
  112. // Security Descriptor flags
  113. BOOL IsOwnerDefaulted() const;
  114. BOOL IsGroupDefaulted() const;
  115. BOOL IsDaclDefaulted() const;
  116. BOOL IsDaclPresent() const;
  117. BOOL IsSaclDefaulted() const;
  118. BOOL IsSaclPresent() const;
  120. // Change tracking functions
  121. BOOL IsOwnerChanged() const { return m_bOwnerChanged; }
  122. BOOL IsGroupChanged() const { return m_bGroupChanged; }
  123. BOOL IsDACLChanged() const { return m_bDACLChanged; }
  124. BOOL IsSACLChanged() const { return m_bSACLChanged; }
  125. BOOL IsChanged() const { return ( m_bOwnerChanged || m_bGroupChanged || m_bDACLChanged || m_bSACLChanged ); }
  126. void MarkAllChanged(BOOL bChanged) { m_bOwnerChanged=bChanged; m_bGroupChanged=bChanged; m_bDACLChanged=bChanged; m_bSACLChanged=bChanged; }
  127. // Functions to manage ACLs
  128. int GetNumDaclAces() { return ACLGetNumAces(GetDacl()); }
  129. void AddDaclAce(TACE * pAce);
  130. void RemoveDaclAce(int ndx);
  131. void * GetDaclAce(int ndx) { return ACLGetAce(GetDacl(),ndx); }
  133. int GetNumSaclAces() { return ACLGetNumAces(GetSacl()); }
  134. void AddSaclAce(TACE * pAce);
  135. void RemoveSaclAce(int ndx);
  136. void * GetSaclAce(int ndx) { return ACLGetAce(GetSacl(),ndx); }
  138. BOOL IsValid() { return (m_absSD && IsValidSecurityDescriptor(m_absSD)); }
  140. void FreeAbsSD(SECURITY_DESCRIPTOR * pSD, BOOL bAll = TRUE);
  141. void ACLAddAce(PACL * ppAcl, TACE * pAce, int pos);
  142. void * ACLGetAce(PACL acl, int ndx);
  143. protected:
  144. // Implementation - helper functions
  145. // Comparison functions
  147. // ACL manipulation functions
  148. int ACLGetNumAces(PACL acl);
  149. DWORD ACLGetFreeBytes(PACL acl);
  150. DWORD ACLGetBytesInUse(PACL acl);
  152. void ACLDeleteAce(PACL acl, int ndx);
  153. SECURITY_DESCRIPTOR * MakeAbsSD(SECURITY_DESCRIPTOR * pSD) const;
  155. };