archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/admin/wmi/wbem/winmgmt/provsubsys/decoupledadaptor/globals.cpp

932 lines
22 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (C) 1996-2001 Microsoft Corporation
  5. Module Name:
  7. Globals.cpp
  9. Abstract:
  12. History:
  14. --*/
  15. #include "precomp.h"
  16. #include <windows.h>
  17. #include <objbase.h>
  19. #include <initguid.h>
  20. #ifndef INITGUID
  21. #define INITGUID
  22. #endif
  24. #include <wbemcli.h>
  25. #include <wbemint.h>
  27. #include <comdef.h>
  28. #include <strsafe.h>
  29. #include <winntsec.h>
  30. #include <callsec.h>
  31. #include <cominit.h>
  33. #include <Guids.h>
  35. #include <BasicTree.h>
  36. #include <Thread.h>
  37. #include <Logging.h>
  39. #include "Globals.h"
  40. #include "aggregator.h"
  41. #include "os.h"
  42. /******************************************************************************
  43. *
  44. * Name:
  45. *
  46. *
  47. * Description:
  48. *
  49. *
  50. *****************************************************************************/
  52. WmiAllocator *DecoupledProviderSubSystem_Globals :: s_Allocator = NULL ;
  55. LONG DecoupledProviderSubSystem_Globals :: s_LocksInProgress = 0 ;
  56. LONG DecoupledProviderSubSystem_Globals :: s_ObjectsInProgress = 0 ;
  57. LONG DecoupledProviderSubSystem_Globals :: s_RegistrarUsers = 0 ;
  59. LONG DecoupledProviderSubSystem_Globals :: s_CServerClassFactory_ObjectsInProgress = 0 ;
  60. LONG DecoupledProviderSubSystem_Globals :: s_CServerObject_ProviderRegistrar_ObjectsInProgress = 0 ;
  61. LONG DecoupledProviderSubSystem_Globals :: s_CServerObject_ProviderEvents_ObjectsInProgress = 0 ;
  62. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemSyncProvider_ObjectsInProgress = 0 ;
  63. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemServices_Stub_ObjectsInProgress = 0 ;
  64. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemProviderInitSink_ObjectsInProgress = 0 ;
  65. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemWaitingObjectSink_ObjectsInProgress = 0 ;
  66. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemObjectSink_ObjectsInProgress = 0 ;
  67. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemSyncObjectSink_ObjectsInProgress = 0 ;
  68. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemFilteringObjectSink_ObjectsInProgress = 0 ;
  69. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemSyncFilteringObjectSink_ObjectsInProgress = 0 ;
  70. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemObjectSinkEx_ObjectsInProgress = 0 ;
  71. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemSyncObjectSinkEx_ObjectsInProgress = 0 ;
  72. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemCombiningObjectSink_ObjectsInProgress = 0 ;
  73. LONG DecoupledProviderSubSystem_Globals :: s_CDecoupledAggregator_IWbemProvider_ObjectsInProgress=0;
  74. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemDecoupledUnboundObjectSink_ObjectsInProgress=0;
  75. LONG DecoupledProviderSubSystem_Globals :: s_CDecoupled_Batching_IWbemSyncObjectSink_ObjectsInProgress=0;
  76. LONG DecoupledProviderSubSystem_Globals :: s_CDecoupled_IWbemSyncObjectSink_ObjectsInProgress=0;
  77. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_DecoupledClient_ObjectsInProgress =0;
  78. LONG DecoupledProviderSubSystem_Globals :: s_CInterceptor_IWbemDecoupledProvider_ObjectsInProgress = 0;
  79. LONG DecoupledProviderSubSystem_Globals :: s_CDecoupled_IWbemUnboundObjectSink_ObjectsInProgress=0;
  80. /******************************************************************************
  81. *
  82. * Name:
  83. *
  84. *
  85. * Description:
  86. *
  87. *
  88. *****************************************************************************/
  90. HRESULT DecoupledProviderSubSystem_Globals :: Global_Startup ()
  91. {
  92. HRESULT t_Result = S_OK ;
  94. if ( ! s_Allocator )
  95. {
  96. /*
  97. * Use the global process heap for this particular boot operation
  98. */
  100. WmiAllocator t_Allocator ;
  101. WmiStatusCode t_StatusCode = t_Allocator.New (
  103. ( void ** ) & s_Allocator ,
  104. sizeof ( WmiAllocator )
  105. ) ;
  107. if ( t_StatusCode == e_StatusCode_Success )
  108. {
  109. :: new ( ( void * ) s_Allocator ) WmiAllocator ;
  111. t_StatusCode = s_Allocator->Initialize () ;
  112. if ( t_StatusCode != e_StatusCode_Success )
  113. {
  114. t_Result = WBEM_E_OUT_OF_MEMORY ;
  115. }
  116. }
  117. else
  118. {
  119. t_Result = WBEM_E_OUT_OF_MEMORY ;
  120. }
  121. }
  123. if ( SUCCEEDED ( t_Result ) )
  124. {
  125. WmiStatusCode t_StatusCode = WmiThread <ULONG> :: Static_Initialize ( *s_Allocator ) ;
  126. }
  128. if ( SUCCEEDED ( t_Result ) )
  129. {
  130. t_Result = DecoupledProviderSubSystem_Globals::CreateSystemAces ();
  131. }
  132. if ( SUCCEEDED ( t_Result ) )
  133. {
  134. t_Result = ProviderSubSystem_Common_Globals :: CreateMethodSecurityDescriptor () ;
  135. }
  137. return t_Result ;
  138. }
  141. /******************************************************************************
  142. *
  143. * Name:
  144. *
  145. *
  146. * Description:
  147. *
  148. *
  149. *****************************************************************************/
  151. HRESULT DecoupledProviderSubSystem_Globals :: Global_Shutdown ()
  152. {
  153. HRESULT t_Result = S_OK ;
  155. WmiStatusCode t_StatusCode = WmiThread <ULONG> :: Static_UnInitialize ( *s_Allocator ) ;
  157. if ( s_Allocator )
  158. {
  159. WmiAllocator t_Allocator ;
  160. t_StatusCode = t_Allocator.Delete (
  162. ( void * ) s_Allocator
  163. ) ;
  164. }
  166. t_Result = DecoupledProviderSubSystem_Globals::DeleteSystemAces () ;
  167. t_Result = ProviderSubSystem_Common_Globals :: DeleteMethodSecurityDescriptor () ;
  171. return t_Result ;
  172. }
  175. HRESULT
  176. DecoupledProviderSubSystem_Globals::CreateSystemAces()
  177. {
  178. if (!OS::secureOS_) return S_OK;
  180. return ProviderSubSystem_Common_Globals::CreateSystemAces();
  181. };
  183. HRESULT
  184. DecoupledProviderSubSystem_Globals::DeleteSystemAces()
  185. {
  186. if (!OS::secureOS_)
  187. return S_OK;
  188. return ProviderSubSystem_Common_Globals::DeleteSystemAces();
  189. };
  191. /******************************************************************************
  192. *
  193. * Name:
  194. *
  195. *
  196. * Description:
  197. *
  198. *
  199. *****************************************************************************/
  200. HRESULT
  201. DecoupledProviderSubSystem_Globals::SetCloaking (
  202. IUnknown *a_Unknown ,
  203. DWORD a_AuthenticationLevel ,
  204. DWORD a_ImpersonationLevel)
  205. {
  206. if ( !OS::secureOS_) return S_OK;
  208. DWORD cloaking = (OS::osVer_ > OS::NT4) ? EOAC_DYNAMIC_CLOAKING : 0;
  209. DWORD impersonationLevel = (OS::osVer_ > OS::NT4) ? a_ImpersonationLevel : min(a_ImpersonationLevel,RPC_C_IMP_LEVEL_IDENTIFY) ;
  211. IClientSecurity *t_ClientSecurity = NULL ;
  213. HRESULT t_Result = a_Unknown->QueryInterface (
  215. IID_IClientSecurity ,
  216. ( void ** ) & t_ClientSecurity
  217. ) ;
  219. if ( SUCCEEDED ( t_Result ) )
  220. {
  221. t_Result = t_ClientSecurity->SetBlanket (
  223. a_Unknown ,
  224. RPC_C_AUTHN_WINNT ,
  225. RPC_C_AUTHZ_NONE ,
  226. NULL ,
  227. a_AuthenticationLevel ,
  228. impersonationLevel ,
  229. NULL ,
  230. cloaking
  231. ) ;
  233. t_ClientSecurity->Release () ;
  234. }
  235. return t_Result ;
  236. };
  239. HRESULT DecoupledProviderSubSystem_Globals :: BeginImpersonation (
  241. IUnknown *&a_OldContext ,
  242. IServerSecurity *&a_OldSecurity ,
  243. BOOL &a_Impersonating,
  244. DWORD *a_AuthenticationLevel
  245. )
  246. {
  247. if (!OS::secureOS_)
  248. return S_OK;
  250. HRESULT t_Result = S_OK ;
  252. IServerSecurity *t_ServerSecurity = NULL ;
  254. t_Result = CoGetCallContext ( IID_IUnknown , ( void ** ) & a_OldContext ) ;
  255. if ( SUCCEEDED ( t_Result ) )
  256. {
  257. t_Result = a_OldContext->QueryInterface ( IID_IServerSecurity , ( void ** ) & t_ServerSecurity ) ;
  258. if ( SUCCEEDED ( t_Result ) )
  259. {
  260. a_Impersonating = t_ServerSecurity->IsImpersonating () ;
  261. }
  262. else
  263. {
  264. a_Impersonating = FALSE ;
  265. }
  266. }
  270. CWbemCallSecurity * pSec = new CWbemCallSecurity(NULL);
  271. _IWmiCallSec *t_CallSecurity = NULL ;
  273. if (pSec == 0)
  274. t_Result = WBEM_E_OUT_OF_MEMORY;
  275. else
  276. t_Result = pSec->QueryInterface(IID__IWmiCallSec, ( void ** ) & t_CallSecurity);
  278. if ( SUCCEEDED ( t_Result ) )
  279. {
  280. _IWmiThreadSecHandle *t_ThreadSecurity = NULL ;
  281. t_Result = t_CallSecurity->GetThreadSecurity ( ( WMI_THREAD_SECURITY_ORIGIN ) ( WMI_ORIGIN_THREAD | WMI_ORIGIN_EXISTING | WMI_ORIGIN_RPC ) , & t_ThreadSecurity ) ;
  282. if ( SUCCEEDED ( t_Result ) )
  283. {
  284. t_Result = t_CallSecurity->SetThreadSecurity ( t_ThreadSecurity ) ;
  285. if ( SUCCEEDED ( t_Result ) )
  286. {
  287. t_Result = t_CallSecurity->QueryInterface ( IID_IServerSecurity , ( void ** ) & a_OldSecurity ) ;
  288. if ( SUCCEEDED ( t_Result ) )
  289. {
  290. if ( a_AuthenticationLevel )
  291. {
  292. t_Result = t_ThreadSecurity->GetAuthentication ( a_AuthenticationLevel ) ;
  293. }
  295. if ( a_Impersonating )
  296. {
  297. t_ServerSecurity->RevertToSelf () ;
  298. }
  299. }
  300. }
  302. t_ThreadSecurity->Release () ;
  303. }
  305. t_CallSecurity->Release () ;
  306. }
  308. if ( t_ServerSecurity )
  309. {
  310. t_ServerSecurity->Release () ;
  311. }
  313. return t_Result ;
  314. }
  316. HRESULT DecoupledProviderSubSystem_Globals :: BeginCallbackImpersonation (
  318. IUnknown *&a_OldContext ,
  319. IServerSecurity *&a_OldSecurity ,
  320. BOOL &a_Impersonating
  321. )
  322. {
  323. if (!OS::secureOS_)
  324. return S_OK;
  326. HRESULT t_Result = S_OK ;
  328. IServerSecurity *t_ServerSecurity = NULL ;
  330. t_Result = CoGetCallContext ( IID_IUnknown , ( void ** ) & a_OldContext ) ;
  331. if ( SUCCEEDED ( t_Result ) )
  332. {
  333. t_Result = a_OldContext->QueryInterface ( IID_IServerSecurity , ( void ** ) & t_ServerSecurity ) ;
  334. if ( SUCCEEDED ( t_Result ) )
  335. {
  336. a_Impersonating = t_ServerSecurity->IsImpersonating () ;
  337. }
  338. else
  339. {
  340. a_Impersonating = FALSE ;
  341. }
  342. }
  344. CWbemCallSecurity * pSec = new CWbemCallSecurity(NULL);
  345. _IWmiCallSec *t_CallSecurity = NULL ;
  347. if (pSec == 0)
  348. t_Result = WBEM_E_OUT_OF_MEMORY;
  349. else
  350. t_Result = pSec->QueryInterface(IID__IWmiCallSec, ( void ** ) & t_CallSecurity);
  352. if ( SUCCEEDED ( t_Result ) )
  353. {
  354. _IWmiThreadSecHandle *t_ThreadSecurity = NULL ;
  355. t_Result = t_CallSecurity->GetThreadSecurity ( ( WMI_THREAD_SECURITY_ORIGIN ) ( WMI_ORIGIN_THREAD ) , & t_ThreadSecurity ) ;
  356. if ( SUCCEEDED ( t_Result ) )
  357. {
  358. t_Result = t_CallSecurity->SetThreadSecurity ( t_ThreadSecurity ) ;
  359. if ( SUCCEEDED ( t_Result ) )
  360. {
  361. t_Result = t_CallSecurity->QueryInterface ( IID_IServerSecurity , ( void ** ) & a_OldSecurity ) ;
  362. if ( SUCCEEDED ( t_Result ) )
  363. {
  364. if ( a_Impersonating )
  365. {
  366. t_ServerSecurity->RevertToSelf () ;
  367. }
  368. }
  369. }
  371. t_ThreadSecurity->Release () ;
  372. }
  374. t_CallSecurity->Release () ;
  375. }
  377. if ( t_ServerSecurity )
  378. {
  379. t_ServerSecurity->Release () ;
  380. }
  382. return t_Result ;
  383. }
  385. /******************************************************************************
  386. *
  387. * Name:
  388. *
  389. *
  390. * Description:
  391. *
  392. *
  393. *****************************************************************************/
  395. HRESULT DecoupledProviderSubSystem_Globals :: BeginThreadImpersonation (
  397. IUnknown *&a_OldContext ,
  398. IServerSecurity *&a_OldSecurity ,
  399. BOOL &a_Impersonating
  400. )
  401. {
  402. HRESULT t_Result = S_OK ;
  404. IServerSecurity *t_ServerSecurity = NULL ;
  406. t_Result = CoGetCallContext ( IID_IUnknown , ( void ** ) & a_OldContext ) ;
  407. if ( SUCCEEDED ( t_Result ) )
  408. {
  409. t_Result = a_OldContext->QueryInterface ( IID_IServerSecurity , ( void ** ) & t_ServerSecurity ) ;
  410. if ( SUCCEEDED ( t_Result ) )
  411. {
  412. a_Impersonating = t_ServerSecurity->IsImpersonating () ;
  413. }
  414. else
  415. {
  416. a_Impersonating = FALSE ;
  417. }
  418. }
  420. CWbemCallSecurity *t_CallSecurity = CWbemCallSecurity :: New () ;
  422. if ( t_CallSecurity )
  423. {
  424. t_CallSecurity->AddRef () ;
  426. _IWmiThreadSecHandle *t_ThreadSecurity = NULL ;
  427. t_Result = t_CallSecurity->GetThreadSecurity ( ( WMI_THREAD_SECURITY_ORIGIN ) ( WMI_ORIGIN_THREAD ) , & t_ThreadSecurity ) ;
  428. if ( SUCCEEDED ( t_Result ) )
  429. {
  430. t_Result = t_CallSecurity->SetThreadSecurity ( t_ThreadSecurity ) ;
  431. if ( SUCCEEDED ( t_Result ) )
  432. {
  433. t_Result = t_CallSecurity->QueryInterface ( IID_IServerSecurity , ( void ** ) & a_OldSecurity ) ;
  434. if ( SUCCEEDED ( t_Result ) )
  435. {
  436. if ( a_Impersonating )
  437. {
  438. t_ServerSecurity->RevertToSelf () ;
  439. }
  440. }
  441. }
  443. t_ThreadSecurity->Release () ;
  444. }
  446. t_CallSecurity->Release () ;
  447. }
  449. if ( t_ServerSecurity )
  450. {
  451. t_ServerSecurity->Release () ;
  452. }
  454. return t_Result ;
  455. }
  457. /******************************************************************************
  458. *
  459. * Name:
  460. *
  461. *
  462. * Description:
  463. *
  464. *
  465. *****************************************************************************/
  467. HRESULT DecoupledProviderSubSystem_Globals :: EndThreadImpersonation (
  469. IUnknown *a_OldContext ,
  470. IServerSecurity *a_OldSecurity ,
  471. BOOL a_Impersonating
  473. )
  474. {
  475. HRESULT t_Result = S_OK ;
  477. IUnknown *t_NewContext = NULL ;
  479. t_Result = CoSwitchCallContext ( a_OldContext , & t_NewContext ) ;
  480. if ( SUCCEEDED ( t_Result ) )
  481. {
  482. if ( a_OldContext )
  483. {
  484. if ( a_Impersonating )
  485. {
  486. IServerSecurity *t_ServerSecurity = NULL ;
  487. t_Result = a_OldContext->QueryInterface ( IID_IServerSecurity , ( void ** ) & t_ServerSecurity ) ;
  488. if ( SUCCEEDED ( t_Result ) )
  489. {
  490. t_ServerSecurity->ImpersonateClient () ;
  492. t_ServerSecurity->Release () ;
  493. }
  494. }
  495. }
  497. if ( a_OldSecurity )
  498. {
  499. a_OldSecurity->Release() ;
  500. }
  501. }
  502. else
  503. {
  504. t_Result = WBEM_E_OUT_OF_MEMORY ;
  505. }
  507. /*
  508. * CoGetCallContext AddReffed this thing so now we have to release it.
  509. */
  511. if ( a_OldContext )
  512. {
  513. a_OldContext->Release () ;
  514. }
  516. return t_Result ;
  517. }
  519. /******************************************************************************
  520. *
  521. * Name:
  522. *
  523. *
  524. * Description:
  525. *
  526. *
  527. *****************************************************************************/
  528. HRESULT DecoupledProviderSubSystem_Globals :: Begin_IdentifyCall_PrvHost (
  530. WmiInternalContext a_InternalContext ,
  531. BOOL &a_Impersonating ,
  532. IUnknown *&a_OldContext ,
  533. IServerSecurity *&a_OldSecurity
  534. )
  535. {
  536. if (!OS::secureOS_)
  537. return S_OK;
  539. HRESULT t_Result = WBEM_E_INVALID_PARAMETER ;
  541. if ( a_InternalContext.m_IdentifyHandle )
  542. {
  543. HANDLE t_IdentifyToken = ( HANDLE ) a_InternalContext.m_IdentifyHandle ;
  545. BOOL t_Status = SetThreadToken ( NULL , t_IdentifyToken ) ;
  546. if ( t_Status )
  547. {
  548. t_Result = BeginThreadImpersonation ( a_OldContext , a_OldSecurity , a_Impersonating ) ;
  550. RevertToSelf () ;
  551. }
  552. else
  553. {
  554. t_Result = WBEM_E_ACCESS_DENIED ;
  555. }
  557. CloseHandle ( t_IdentifyToken ) ;
  558. }
  560. return t_Result ;
  561. }
  563. /******************************************************************************
  564. *
  565. * Name:
  566. *
  567. *
  568. * Description:
  569. *
  570. *
  571. *****************************************************************************/
  573. HRESULT DecoupledProviderSubSystem_Globals :: End_IdentifyCall_PrvHost (
  575. WmiInternalContext a_InternalContext ,
  576. IUnknown *&a_OldContext ,
  577. IServerSecurity *&a_OldSecurity ,
  578. BOOL &a_Impersonating
  579. )
  580. {
  581. if (!OS::secureOS_)
  582. return S_OK;
  584. EndThreadImpersonation ( a_OldContext , a_OldSecurity , a_Impersonating ) ;
  586. RevertToSelf () ;
  588. return S_OK ;
  589. }
  592. /******************************************************************************
  593. *
  594. * Name:
  595. *
  596. *
  597. * Description:
  598. *
  599. *
  600. *****************************************************************************/
  602. HRESULT DecoupledProviderSubSystem_Globals :: SetProxyState_SvcHost (
  604. ProxyContainer &a_Container ,
  605. ULONG a_ProxyIndex ,
  606. REFIID a_InterfaceId ,
  607. IUnknown *a_Interface ,
  608. IUnknown *&a_Proxy ,
  609. BOOL &a_Revert ,
  610. DWORD a_ProcessIdentifier ,
  611. HANDLE &a_IdentifyToken ,
  612. ACCESS_ALLOWED_ACE *a_Ace ,
  613. WORD a_AceSize,
  614. SECURITY_IMPERSONATION_LEVEL t_ImpersonationLevel
  615. )
  616. {
  617. if (!OS::secureOS_)
  618. return S_OK;
  620. a_Revert = FALSE ;
  622. HRESULT t_Result = ProviderSubSystem_Common_Globals::GetProxy ( a_Container , a_ProxyIndex , a_InterfaceId , a_Interface , a_Proxy ) ;
  623. if ( SUCCEEDED ( t_Result ) )
  624. {
  625. t_Result = CoImpersonateClient () ;
  626. if ( SUCCEEDED ( t_Result ) )
  627. {
  628. a_Revert = TRUE ;
  630. // At this point, our thread token contains all the privileges that the
  631. // client has enabled for us; however, those privileges are not enabled.
  632. // Since we are calling into a proxied provider, we need to enable all
  633. // these privileges so that they would propagate to the provider
  634. // =====================================================================
  636. HRESULT t_TempResult = ProviderSubSystem_Common_Globals::EnableAllPrivileges () ;
  638. // Get the token's impersonation level
  639. // ===================================
  641. if ( (t_ImpersonationLevel == SecurityImpersonation || t_ImpersonationLevel == SecurityDelegation ) && (OS::osVer_ > OS::NT4) )
  642. {
  643. a_IdentifyToken = 0 ;
  644. }
  645. else
  646. {
  647. t_Result = ProviderSubSystem_Common_Globals::ConstructIdentifyToken_SvcHost (
  649. a_Revert ,
  650. a_ProcessIdentifier ,
  651. a_IdentifyToken ,
  652. a_Ace ,
  653. a_AceSize,
  654. t_ImpersonationLevel
  655. ) ;
  657. if ( SUCCEEDED ( t_Result ) )
  658. {
  659. t_Result = SetInterfaceSecurity (
  661. a_Proxy ,
  662. NULL ,
  663. NULL ,
  664. NULL ,
  665. DWORD(RPC_C_AUTHN_LEVEL_DEFAULT),
  666. RPC_C_IMP_LEVEL_IDENTIFY
  667. ) ;
  668. }
  669. }
  670. }
  671. else
  672. {
  673. t_Result = WBEM_E_ACCESS_DENIED ;
  674. }
  675. }
  676. else
  677. {
  678. if ( t_Result == WBEM_E_NOT_FOUND )
  679. {
  680. }
  681. else
  682. {
  683. t_Result = WBEM_E_CRITICAL_ERROR ;
  684. }
  685. }
  687. return t_Result ;
  688. }
  690. /******************************************************************************
  691. *
  692. * Name:
  693. *
  694. *
  695. * Description:
  696. *
  697. *
  698. *****************************************************************************/
  700. HRESULT DecoupledProviderSubSystem_Globals :: RevertProxyState_SvcHost (
  702. ProxyContainer &a_Container ,
  703. ULONG a_ProxyIndex ,
  704. IUnknown *a_Proxy ,
  705. BOOL a_Revert ,
  706. DWORD a_ProcessIdentifier ,
  707. HANDLE a_IdentifyToken
  708. )
  709. {
  710. if (!OS::secureOS_)
  711. return S_OK;
  713. HRESULT t_Result = S_OK ;
  715. WmiHelper :: EnterCriticalSection ( & a_Container.GetCriticalSection () ) ;
  717. WmiStatusCode t_StatusCode = a_Container.Return ( a_Proxy , a_ProxyIndex ) ;
  718. if ( t_StatusCode == e_StatusCode_Success )
  719. {
  720. }
  721. else
  722. {
  723. a_Proxy->Release () ;
  725. t_Result = WBEM_E_OUT_OF_MEMORY ;
  726. }
  728. WmiHelper :: LeaveCriticalSection ( & a_Container.GetCriticalSection () ) ;
  730. if ( a_Revert )
  731. {
  732. t_Result = CoRevertToSelf () ;
  733. }
  735. return t_Result ;
  736. }
  738. /******************************************************************************
  739. *
  740. * Name:
  741. *
  742. *
  743. * Description:
  744. *
  745. *
  746. *****************************************************************************/
  748. HRESULT DecoupledProviderSubSystem_Globals :: GetAceWithProcessTokenUser (
  750. DWORD a_ProcessIdentifier ,
  751. WORD &a_AceSize ,
  752. ACCESS_ALLOWED_ACE *&a_Ace
  753. )
  754. {
  755. if (!OS::secureOS_)
  756. return S_OK;
  758. HRESULT t_Result = WBEM_E_ACCESS_DENIED ;
  760. HANDLE t_ProcessHandle = OpenProcess (
  762. MAXIMUM_ALLOWED ,
  763. FALSE ,
  764. a_ProcessIdentifier
  765. ) ;
  767. if ( t_ProcessHandle )
  768. {
  769. HANDLE t_ProcessToken = NULL ;
  770. BOOL t_Status = OpenProcessToken (
  772. t_ProcessHandle ,
  773. TOKEN_QUERY | TOKEN_DUPLICATE ,
  774. & t_ProcessToken
  775. ) ;
  777. if ( t_Status )
  778. {
  779. DWORD t_OwnerSize = 0 ;
  780. PSID t_OwnerSid = NULL ;
  781. BOOL t_OwnerDefaulted = FALSE ;
  783. t_Result = GetUserSid (
  785. t_ProcessToken ,
  786. & t_OwnerSize ,
  787. t_OwnerSid
  788. ) ;
  790. if ( SUCCEEDED ( t_Result ) )
  791. {
  792. ACCESS_ALLOWED_ACE *t_Ace = NULL ;
  793. DWORD t_AceSize = 0 ;
  795. t_AceSize = sizeof(ACCESS_ALLOWED_ACE) + (WORD) ( t_OwnerSize - sizeof(DWORD) ) ;
  796. t_Ace = (ACCESS_ALLOWED_ACE*) new BYTE [ t_AceSize ] ;
  797. if ( t_Ace )
  798. {
  799. CopySid ( t_OwnerSize, (PSID) & t_Ace->SidStart, t_OwnerSid ) ;
  800. t_Ace->Mask = TOKEN_ALL_ACCESS ;
  801. t_Ace->Header.AceType = 0 ;
  802. t_Ace->Header.AceFlags = 0 ;
  803. t_Ace->Header.AceSize = t_AceSize ;
  805. a_Ace = t_Ace ;
  806. a_AceSize = t_AceSize ;
  807. }
  808. else
  809. {
  810. t_Result = WBEM_E_OUT_OF_MEMORY ;
  811. }
  813. delete [] ( BYTE * ) t_OwnerSid ;
  814. }
  816. CloseHandle ( t_ProcessToken ) ;
  817. }
  819. CloseHandle ( t_ProcessHandle ) ;
  820. }
  821. else
  822. {
  823. t_Result = WBEM_E_TRANSPORT_FAILURE;
  824. }
  826. return t_Result ;
  827. }
  829. /******************************************************************************
  830. *
  831. * Name:
  832. *
  833. *
  834. * Description:
  835. *
  836. *
  837. *****************************************************************************/
  839. HRESULT DecoupledProviderSubSystem_Globals :: GetUserSid (
  841. HANDLE a_Token ,
  842. ULONG *a_Size ,
  843. PSID &a_Sid
  844. )
  845. {
  846. if (!OS::secureOS_)
  847. return S_OK;
  849. HRESULT t_Result = WBEM_E_FAILED ;
  851. if ( a_Token )
  852. {
  853. if ( a_Size )
  854. {
  855. TOKEN_USER *t_TokenUser = NULL ;
  856. DWORD t_ReturnLength = 0 ;
  857. TOKEN_INFORMATION_CLASS t_TokenInformationClass = TokenUser ;
  859. BOOL t_TokenStatus = GetTokenInformation (
  861. a_Token ,
  862. t_TokenInformationClass ,
  863. t_TokenUser ,
  864. t_ReturnLength ,
  865. & t_ReturnLength
  866. ) ;
  868. if ( ! t_TokenStatus )
  869. {
  870. DWORD t_LastError = GetLastError () ;
  871. switch ( t_LastError )
  872. {
  873. case ERROR_INSUFFICIENT_BUFFER:
  874. {
  875. t_TokenUser = ( TOKEN_USER * ) new BYTE [ t_ReturnLength ] ;
  876. if ( t_TokenUser )
  877. {
  878. t_TokenStatus = GetTokenInformation (
  880. a_Token ,
  881. t_TokenInformationClass ,
  882. t_TokenUser ,
  883. t_ReturnLength ,
  884. & t_ReturnLength
  885. ) ;
  887. if ( t_TokenStatus )
  888. {
  889. DWORD t_SidLength = GetLengthSid ( t_TokenUser->User.Sid ) ;
  890. *a_Size = t_SidLength ;
  892. a_Sid = new BYTE [ t_SidLength ] ;
  893. if ( a_Sid )
  894. {
  895. CopyMemory ( a_Sid , t_TokenUser->User.Sid , t_SidLength ) ;
  897. t_Result = S_OK ;
  898. }
  899. else
  900. {
  901. t_Result = WBEM_E_OUT_OF_MEMORY ;
  902. }
  903. }
  905. delete [] t_TokenUser ;
  906. }
  907. else
  908. {
  909. t_Result = WBEM_E_OUT_OF_MEMORY ;
  910. }
  911. }
  912. break ;
  914. default:
  915. {
  916. }
  917. break ;
  918. }
  919. }
  920. }
  921. else
  922. {
  923. t_Result = WBEM_E_INVALID_PARAMETER ;
  924. }
  925. }
  926. else
  927. {
  928. t_Result = ( ERROR_INVALID_HANDLE | 0x80070000 ) ;
  929. }
  931. return t_Result ;
  932. }