|
|
//#pragma title( "SDResolve.hpp - SDResolve Class definitions" )
/*
Copyright (c) 1995-1998, Mission Critical Software, Inc. All rights reserved.===============================================================================Module - SecureObject.hppSystem - Domain Consolidation ToolkitAuthor - Christy BolesCreated - 97/06/27Description - Securable object classes (File, Share, and Exchange) for FST and EST. Updates -===============================================================================*/
#include <lm.h>
#include <lmshare.h>
#include <winspool.h>
//#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
#include <process.h>
#ifndef TNODEINCLUDED
#include "Tnode.hpp"
#define TNODEINCLUDED
#endif
#ifdef SDRESOLVE
#include "sdstat.hpp"
#include "STArgs.hpp"
#endif
#include "UString.hpp"
#include "EaLen.hpp"
class TSecurableObject{ protected: TNodeList changelog; WCHAR pathname[LEN_Path]; HANDLE handle; bool owner_changed; bool group_changed; bool dacl_changed; bool sacl_changed; TSD * m_sd;
public: TSecurableObject(){ pathname[0]=0; handle = INVALID_HANDLE_VALUE; daceNS = 0;saceNS = 0;daceEx = 0;saceEx = 0; daceU = 0;saceU = 0;daceNT = 0;saceNT = 0; unkown = false; unkgrp = false; m_sd = NULL; } ~TSecurableObject(); LPWSTR GetPathName() const { return (LPWSTR) &pathname; } void ResetHandle() { handle = INVALID_HANDLE_VALUE; } bool Changed() const { return (owner_changed || group_changed || dacl_changed || sacl_changed) ; } void Changed(bool bChanged) { m_sd->MarkAllChanged(bChanged); } int daceNS; // not selected
int saceNS; int daceU; // unknown
int saceU; int daceEx; // examined
int saceEx; int daceNT; // no target
int saceNT; bool unkown; // unknown owners
bool unkgrp; // unknown groups
bool UnknownOwner() const { return unkown;} bool UnknownGroup() const { return unkgrp; } void CopyAccessData(TSecurableObject * sourceFSD); virtual bool WriteSD() = 0; virtual bool ReadSD(const LPWSTR path) = 0; bool HasSecurity() const { return m_sd != NULL; } bool HasDacl() const { return ( m_sd && (m_sd->GetDacl()!=NULL) ) ; } bool HasSacl() const { return ( m_sd && (m_sd->GetSacl()!=NULL) ) ; } bool IsDaclChanged() const { return dacl_changed; } bool IsSaclChanged() const { return sacl_changed; } TSD * GetSecurity() { return m_sd; }#ifdef SDRESOLVE
const TNodeList * GetChangeLog() const { return &changelog; } void LogOwnerChange(TAcctNode *acct){ changelog.InsertTop((TNode *)new TStatNode(acct,TStatNode::owner,TRUE)); } void LogGroupChange(TAcctNode *acct){ changelog.InsertTop((TNode *)new TStatNode(acct,TStatNode::group,TRUE)); } void LogDACEChange(TAcctNode *acct) { changelog.InsertTop((TNode *)new TStatNode(acct,TStatNode::dace,TRUE)); } void LogSACEChange(TAcctNode *acct) { changelog.InsertTop((TNode *)new TStatNode(acct,TStatNode::sace,TRUE)); } bool ResolveSD( SecurityTranslatorArgs * args, // in -cache to lookup accounts in
TSDResolveStats * stat, // in -stats object to increment counters
objectType type, // in -is this file or dir or share
TSecurableObject * Last // in -Last SD for cache comparison
);
protected: PACL ResolveACL(PACL acl, TAccountCache *cache, TSDResolveStats *stat, bool *changes, BOOL verbose,int opType,objectType objType, BOOL bUseMapFile); public: bool ResolveSDInternal( TAccountCache *cache, TSDResolveStats *stat, BOOL verbose,int opType, objectType objType, BOOL bUseMapFile); #endif
};
/////////////////////////////////////////////////////////////////////////////////
///////////File and directory Acls
/////////////////////////////////////////////////////////////////////////////////
class TFileSD:public TSecurableObject{protected: bool m_bSystemFile;
public: TFileSD(const LPWSTR fpath, bool bSystemFile = false); ~TFileSD(); virtual bool WriteSD(); virtual bool ReadSD(const LPWSTR path); };
class TShareSD : public TSecurableObject{private: SHARE_INFO_502 * shareInfo; WCHAR * serverName;public: TShareSD(const LPWSTR name); ~TShareSD() { if (shareInfo) { NetApiBufferFree(shareInfo); shareInfo = NULL; } if ( serverName ) { delete serverName; serverName = NULL; } } virtual bool WriteSD(); virtual bool ReadSD(const LPWSTR path); bool SetSD(TSD* sd);};
class TMapiSD : public TSecurableObject{ WCHAR name[LEN_DistName];
public: TMapiSD(SECURITY_DESCRIPTOR * pSD) { m_sd = new TSD(pSD,McsMailboxSD,FALSE); } void SetName(WCHAR const * str) { safecopy(name,str); } bool ReadSD(const LPWSTR path) { MCSASSERT(FALSE); return false; } bool WriteSD() { MCSASSERT(FALSE);return false; }};
class TRegSD : public TSecurableObject{ HKEY m_hKey; WCHAR name[LEN_DistName];public: TRegSD(const LPWSTR name, HKEY hKey); ~TRegSD() { } virtual bool WriteSD(); virtual bool ReadSD(HKEY hKey); virtual bool ReadSD(const LPWSTR path) { MCSASSERT(FALSE); return false; }};
class TPrintSD: public TSecurableObject{ WCHAR name[MAX_PATH]; HANDLE hPrinter; BYTE * buffer;public: TPrintSD(const LPWSTR name); ~TPrintSD() { if ( hPrinter != INVALID_HANDLE_VALUE ) ClosePrinter(hPrinter); if ( buffer ) delete buffer; } virtual bool WriteSD(); virtual bool ReadSD(const LPWSTR path); };
#ifdef SDRESOLVE
int ResolveAll( SecurityTranslatorArgs * args, // in - arguments that determine settings for the translation
TSDResolveStats * stats // in - object used for counting objects examined, modified, etc.
);#endif
WCHAR * // ret -machine-name prefix of pathname if pathname is a UNC path, otherwise returns NULL
GetMachineName( const LPWSTR pathname // in -pathname from which to extract machine name
);
int EqualSignIndex(char * str);int ColonIndex(TCHAR * str);BOOL BuiltinRid(DWORD rid);#ifdef SDRESOLVE
DWORD PrintSD(SECURITY_DESCRIPTOR * sd,WCHAR const * path);DWORD PermsPrint(WCHAR* path,objectType objType);#endif
|
