Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

877 lines
30 KiB

  1. /****************************************************************************\
  2. SHARE.C / OPK Wizard (SETUPMGR.EXE)
  3. Microsoft Confidential
  4. Copyright (c) Microsoft Corporation 1998
  5. All rights reserved
  6. Source file for the OPK Wizard that contains the external and internal
  7. functions used by the "Distribution Share" dialog page.
  8. 01/01 - Jason Cohen (JCOHEN)
  9. Added this new source file for the OPK Wizard. It includes the new
  10. ability to set the account and share information in the WinPE section
  11. of the WINBOM file. Will also automatically share out the local
  12. folder.
  13. \****************************************************************************/
  14. //
  15. // Include File(s):
  16. //
  17. #include "pch.h"
  18. #include <shgina.h> // ILocalMachine
  19. #include <aclapi.h>
  20. #include "wizard.h"
  21. #include "resource.h"
  22. //
  23. // Internal Defined Value(s):
  24. //
  25. #define INI_SEC_SHARE _T("DistShare")
  26. #define INI_KEY_SHARE_PATH _T("Folder")
  27. #define INI_KEY_SHARE_USERNAME _T("Username")
  28. #define INI_KEY_SHARE_PASSOWRD _T("Password")
  29. //
  30. // Internal Function Prototype(s):
  31. //
  32. LRESULT CALLBACK ShareDlgProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam);
  33. static BOOL OnInit(HWND hwnd, HWND hwndFocus, LPARAM lParam);
  34. static void OnCommand(HWND hwnd, INT id, HWND hwndCtl, UINT codeNotify);
  35. static BOOL OnOk(HWND hwnd);
  36. static void EnableControls(HWND hwnd);
  37. static PSECURITY_DESCRIPTOR CreateShareAccess(LPTSTR lpUsername, LPTSTR lpDomain, PSID * lppsid, PACL * lppacl);
  38. static BOOL IsLocalShare(LPTSTR lpszUnc);
  39. static BOOL GuestAccount(BOOL bSet);
  40. static PSID GetAccountSid(LPCTSTR lpszUserName);
  41. static PSID GetWorldSid(VOID);
  42. static BOOL AddDirAce(PACL pacl, ACCESS_MASK Mask, PSID psid);
  43. static BOOL SetDirectoryPermissions(LPTSTR lpDirectory, PSID psid, ACCESS_MASK dwMask);
  44. //
  45. // External Function(s):
  46. //
  47. BOOL DistributionShareDialog(HWND hwndParent)
  48. {
  49. // ISSUE-2002/02/27-stelo,swamip - We need to check for -1 Error condition also.
  50. return ( DialogBox(g_App.hInstance, MAKEINTRESOURCE(IDD_SHARE), hwndParent, ShareDlgProc) != 0 );
  51. }
  52. // NOTE: it is assumes lpszPath points to a buffer at least MAX_PATH in length
  53. BOOL GetShareSettings(LPTSTR lpszPath, DWORD cbszPath, LPTSTR lpszUsername, DWORD cbszUserName, LPTSTR lpszPassword, DWORD cbszPassword)
  54. {
  55. BOOL bRet = TRUE;
  56. // First try to get the path from the ini file.
  57. //
  58. *lpszPath = NULLCHR;
  59. GetPrivateProfileString(INI_SEC_SHARE, INI_KEY_SHARE_PATH, NULLSTR, lpszPath, cbszPath, g_App.szSetupMgrIniFile);
  60. if ( *lpszPath == NULLCHR )
  61. {
  62. //
  63. // Just create the default network path to use with this computer
  64. // name and either the share name of the installed directory or
  65. // just the directory name if it isn't shared.
  66. //
  67. // Check if the install directory is shared and create the share name
  68. // path if it is.
  69. //
  70. if ( !IsFolderShared(g_App.szOpkDir, lpszPath, cbszPath) )
  71. {
  72. TCHAR szOpkDir[MAX_PATH],
  73. szFullPath[MAX_PATH] = NULLSTR;
  74. LPTSTR lpFilePart = NULL;
  75. HRESULT hrCat;
  76. // Need the path to the OPK dir w/o a trailing backslash (very important,
  77. // or we don't get the file part pointer back from GetFullPathName().
  78. //
  79. lstrcpyn(szOpkDir, g_App.szOpkDir,AS(szOpkDir));
  80. StrRTrm(szOpkDir, CHR_BACKSLASH);
  81. // It isn't shared, so just use the actual name of the install directory.
  82. //
  83. // Note: szFullPath is MAX_PATH, so this should not overflow
  84. if ( GetFullPathName(szOpkDir, AS(szFullPath), szFullPath, &lpFilePart) && szFullPath[0] && lpFilePart )
  85. hrCat=StringCchCat(lpszPath, MAX_PATH, lpFilePart);
  86. else
  87. hrCat=StringCchCat(lpszPath, MAX_PATH, INI_VAL_WINPE_SHARENAME);
  88. // We have to return false because the folder isn't shared.
  89. //
  90. bRet = FALSE;
  91. }
  92. }
  93. // Get the user name and password from the registry.
  94. //
  95. *lpszUsername = NULLCHR;
  96. *lpszPassword = NULLCHR;
  97. GetPrivateProfileString(INI_SEC_SHARE, INI_KEY_SHARE_USERNAME, NULLSTR, lpszUsername, cbszUserName, g_App.szSetupMgrIniFile);
  98. GetPrivateProfileString(INI_SEC_SHARE, INI_KEY_SHARE_PASSOWRD, NULLSTR, lpszPassword, cbszPassword, g_App.szSetupMgrIniFile);
  99. // If we have an empty string, use guest
  100. //
  101. if ( *lpszUsername == NULLCHR )
  102. lstrcpyn(lpszUsername, _T("guest"), cbszUserName);
  103. // We only return TRUE if we actually got a path from the registry
  104. // or verified that the folder we installed to is shared.
  105. //
  106. return bRet;
  107. }
  108. //
  109. // Internal Function(s):
  110. //
  111. LRESULT CALLBACK ShareDlgProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam)
  112. {
  113. switch (uMsg)
  114. {
  115. HANDLE_MSG(hwnd, WM_INITDIALOG, OnInit);
  116. HANDLE_MSG(hwnd, WM_COMMAND, OnCommand);
  117. case WM_CLOSE:
  118. EndDialog(hwnd, 0);
  119. return FALSE;
  120. default:
  121. return FALSE;
  122. }
  123. return TRUE;
  124. }
  125. static BOOL OnInit(HWND hwnd, HWND hwndFocus, LPARAM lParam)
  126. {
  127. TCHAR szPath[MAX_PATH],
  128. szUsername[256],
  129. szPassword[256];
  130. // Get the share settings and populate the edit boxes.
  131. //
  132. GetShareSettings(szPath, AS(szPath), szUsername, AS(szUsername), szPassword, AS(szPassword));
  133. // If we are going to use guest, we do not want to display in the username control
  134. //
  135. if (!LSTRCMPI(szUsername, _T("guest"))) {
  136. szUsername[0] = NULLCHR;
  137. CheckRadioButton(hwnd, IDC_SHARE_ACCOUNT_GUEST, IDC_SHARE_ACCOUNT_SPECIFY, IDC_SHARE_ACCOUNT_GUEST);
  138. } else {
  139. // otherwise, default to account specify
  140. CheckRadioButton(hwnd, IDC_SHARE_ACCOUNT_GUEST, IDC_SHARE_ACCOUNT_SPECIFY, IDC_SHARE_ACCOUNT_SPECIFY);
  141. }
  142. SetDlgItemText(hwnd, IDC_SHARE_PATH, szPath);
  143. SetDlgItemText(hwnd, IDC_SHARE_USERNAME, szUsername);
  144. SetDlgItemText(hwnd, IDC_SHARE_PASSWORD, szPassword);
  145. SetDlgItemText(hwnd, IDC_SHARE_CONFIRM, szPassword);
  146. EnableControls(hwnd);
  147. // Always return false to WM_INITDIALOG.
  148. //
  149. return FALSE;
  150. }
  151. static void OnCommand(HWND hwnd, INT id, HWND hwndCtl, UINT codeNotify)
  152. {
  153. switch ( id )
  154. {
  155. case IDOK:
  156. if ( OnOk(hwnd) )
  157. EndDialog(hwnd, 1);
  158. break;
  159. case IDCANCEL:
  160. SendMessage(hwnd, WM_CLOSE, 0, 0L);
  161. break;
  162. case IDC_SHARE_ACCOUNT_GUEST:
  163. case IDC_SHARE_ACCOUNT_SPECIFY:
  164. EnableControls(hwnd);
  165. break;
  166. }
  167. }
  168. static BOOL OnOk(HWND hwnd)
  169. {
  170. TCHAR szPath[MAX_PATH] = NULLSTR,
  171. szNetUse[MAX_PATH],
  172. szUsername[256] = NULLSTR,
  173. szPassword[256] = _T("\""),
  174. szDomain[256];
  175. LPTSTR lpSearch,
  176. lpUser;
  177. BOOL bAccount = ( IsDlgButtonChecked(hwnd, IDC_SHARE_ACCOUNT_SPECIFY) == BST_CHECKED ),
  178. bGuest,
  179. bLocal,
  180. bNoWarn = FALSE;
  181. USE_INFO_2 ui2;
  182. NET_API_STATUS nerr_NetUse;
  183. HRESULT hrCat;
  184. // If they checked the account radio button, get that info.
  185. //
  186. if ( bAccount )
  187. {
  188. // First get the password and confirmation of the password and
  189. // make sure they match.
  190. //
  191. GetDlgItemText(hwnd, IDC_SHARE_PASSWORD, szPassword + 1, AS(szPassword) - 1);
  192. GetDlgItemText(hwnd, IDC_SHARE_CONFIRM, szUsername, AS(szUsername));
  193. if ( lstrcmp(szPassword + 1, szUsername) != 0 )
  194. {
  195. // Didn't match, so error out.
  196. //
  197. MsgBox(hwnd, IDS_ERR_CONFIRMPASSWORD, IDS_APPNAME, MB_ERRORBOX);
  198. SetDlgItemText(hwnd, IDC_SHARE_PASSWORD, NULLSTR);
  199. SetDlgItemText(hwnd, IDC_SHARE_CONFIRM, NULLSTR);
  200. SetFocus(GetDlgItem(hwnd, IDC_SHARE_PASSWORD));
  201. return FALSE;
  202. }
  203. // Now get the user name.
  204. //
  205. szUsername[0] = NULLCHR;
  206. GetDlgItemText(hwnd, IDC_SHARE_USERNAME, szUsername, AS(szUsername));
  207. }
  208. // Get the share name.
  209. //
  210. GetDlgItemText(hwnd, IDC_SHARE_PATH, szPath, AS(szPath));
  211. // Make sure they have entered a valid UNC path.
  212. //
  213. // Here are all the checks we do:
  214. // 1. Must have a backslash as the 1st and 2nd characters.
  215. // 2. Must have a non backslash as the 3rd character.
  216. // 3. Must have at least one more backslash in the path.
  217. // 4. Must be at least one non backslash character after
  218. // that one more backslash.
  219. // 5. Must not contain any invalid characters.
  220. //
  221. // Note: We use the lpSearch below assuming it is at the first
  222. // character of the share name, so don't change the if
  223. // with out thinking about that first.
  224. //
  225. if ( ( szPath[0] != CHR_BACKSLASH ) ||
  226. ( szPath[1] != CHR_BACKSLASH ) ||
  227. ( szPath[2] == NULLCHR ) ||
  228. ( szPath[2] == CHR_BACKSLASH ) ||
  229. ( (lpSearch = StrChr(szPath + 3, CHR_BACKSLASH)) == NULL ) ||
  230. ( *(++lpSearch) == NULLCHR ) ||
  231. ( *lpSearch == CHR_BACKSLASH ) ||
  232. ( StrChr(szPath, _T('/')) != NULL ) ||
  233. ( StrChr(szPath, _T(':')) != NULL ) ||
  234. ( StrChr(szPath, _T('?')) != NULL ) ||
  235. ( StrChr(szPath, _T('"')) != NULL ) ||
  236. ( StrChr(szPath, _T('<')) != NULL ) ||
  237. ( StrChr(szPath, _T('>')) != NULL ) ||
  238. ( StrChr(szPath, _T('|')) != NULL ) )
  239. {
  240. MsgBox(hwnd, IDS_ERR_NODISTSHARE, IDS_APPNAME, MB_ERRORBOX);
  241. SetFocus(GetDlgItem(hwnd, IDC_SHARE_PATH));
  242. return FALSE;
  243. }
  244. // Need just the "\\computer\share" part of the path. Just use
  245. // lpSearch as the staring point because it should point to the
  246. // first character of the share name. So just find the next
  247. // backslash and copy everything before it.
  248. //
  249. if ( lpSearch = StrChr(lpSearch, CHR_BACKSLASH) )
  250. lstrcpyn(szNetUse, szPath, (int)((lpSearch - szPath) + 1));
  251. else
  252. lstrcpyn(szNetUse, szPath,AS(szNetUse));
  253. // Init the user info struct for NetUserAdd().
  254. //
  255. ZeroMemory(&ui2, sizeof(ui2));
  256. ui2.ui2_remote = szNetUse;
  257. ui2.ui2_asg_type = USE_DISKDEV;
  258. ui2.ui2_password = szPassword + 1;
  259. // See if the UNC share they specified is local.
  260. //
  261. bLocal = IsLocalShare(szPath);
  262. // Check to see if we are using the guest account (basically
  263. // an empty username).
  264. //
  265. bGuest = ( szUsername[0] == NULLCHR || !LSTRCMPI(szUsername, _T("guest")));
  266. if (bGuest)
  267. {
  268. // Ask then if they want to share out this local folder.
  269. //
  270. switch ( MsgBox(hwnd, IDS_ASK_USEGUEST, IDS_APPNAME, MB_YESNOCANCEL | MB_APPLMODAL | MB_DEFBUTTON3) )
  271. {
  272. case IDYES:
  273. break;
  274. case IDNO:
  275. case IDCANCEL:
  276. // If they pressed cancel, return so they can enter
  277. // different credintials.
  278. //
  279. SetFocus(GetDlgItem(hwnd, IDC_SHARE_ACCOUNT_GUEST));
  280. return FALSE;
  281. }
  282. }
  283. // If the user specified a username of the form "domain\username"
  284. // use the domain specified here.
  285. //
  286. lstrcpyn(szDomain, szUsername,AS(szDomain));
  287. if ( ( !bGuest ) &&
  288. ( lpUser = StrChr(szDomain, CHR_BACKSLASH) ) )
  289. {
  290. // Put a NULL character after the domain part of the user name
  291. // and advance the pointer to point to the actual user name.
  292. //
  293. *(lpUser++) = NULLCHR;
  294. }
  295. else
  296. {
  297. // Use the computer name in the path as the domain name.
  298. //
  299. if ( lpSearch = StrChr(szPath + 2, CHR_BACKSLASH) )
  300. lstrcpyn(szDomain, szPath + 2, (int)((lpSearch - (szPath + 2)) + 1));
  301. else
  302. lstrcpyn(szDomain, szPath + 2, AS(szDomain));
  303. // Set the lpUser to point to the user name. If no user
  304. // name, use the guest account.
  305. //
  306. if ( bGuest )
  307. lstrcpyn(szUsername, _T("guest"),AS(szUsername));
  308. lpUser = szUsername;
  309. }
  310. // Set the domain and user name pointers into our struct.
  311. //
  312. ui2.ui2_domainname = szDomain;
  313. ui2.ui2_username = lpUser;
  314. // Last try to disconnect any possible connection we might already
  315. // have to the share.
  316. //
  317. NetUseDel(NULL, szNetUse, USE_NOFORCE);
  318. // See if we need to enable the guest account (only works
  319. // on XP, not Win2K).
  320. //
  321. if ( ( g_App.dwOsVer >= OS_XP ) &&
  322. ( bLocal && bGuest ) )
  323. {
  324. CoInitialize(NULL);
  325. if ( !GuestAccount(FALSE) )
  326. {
  327. // Ask then if they want to share out this local folder.
  328. //
  329. switch ( MsgBox(hwnd, IDS_ASK_ENABLEGUEST, IDS_APPNAME, MB_YESNOCANCEL | MB_APPLMODAL) )
  330. {
  331. case IDYES:
  332. // If they pressed yes, try to enable the guess account.
  333. //
  334. GuestAccount(TRUE);
  335. break;
  336. case IDCANCEL:
  337. // If they pressed cancel, return so they can enter
  338. // different credintials.
  339. //
  340. SetFocus(GetDlgItem(hwnd, IDC_SHARE_ACCOUNT_GUEST));
  341. CoUninitialize();
  342. return FALSE;
  343. }
  344. }
  345. CoUninitialize();
  346. }
  347. // Try to connect to the share.
  348. //
  349. if ( (nerr_NetUse = NetUseAdd(NULL, 2, (LPBYTE) &ui2, NULL)) != NERR_Success )
  350. {
  351. // If the share doesn't exist, we might be able to create it.
  352. //
  353. if ( ERROR_BAD_NET_NAME == nerr_NetUse )
  354. {
  355. LPTSTR lpShareName;
  356. TCHAR szShare[MAX_PATH],
  357. szRootDir[] = _T("_:\\");
  358. // Get the root dir to the drive we are considering creating a share on.
  359. //
  360. szRootDir[0] = g_App.szOpkDir[0];
  361. // Get just the share from the UNC path they specified.
  362. //
  363. lstrcpyn(szShare, szNetUse,AS(szShare));
  364. if ( lpShareName = StrChr(szShare + 2, CHR_BACKSLASH) )
  365. lpShareName++;
  366. // Now check to make sure the UNC path points to this computer,
  367. // that we can make a share on the drive we are installed to
  368. // (meaning it isn't a mapped network drive), that the folder
  369. // isn't already shared, and that we have a share name.
  370. //
  371. if ( ( lpShareName && *lpShareName ) &&
  372. ( bLocal ) &&
  373. ( ISLET(szRootDir[0]) ) &&
  374. ( GetDriveType(szRootDir) != DRIVE_REMOTE ) &&
  375. ( !IsFolderShared(g_App.szOpkDir, NULL, 0) ) )
  376. {
  377. SHARE_INFO_502 si502;
  378. NET_API_STATUS nerr_ShareAdd;
  379. PSID psid;
  380. PACL pacl;
  381. // Ask then if they want to share out this local folder.
  382. //
  383. switch ( MsgBox(hwnd, IDS_ASK_SHAREFOLDER, IDS_APPNAME, MB_YESNOCANCEL | MB_ICONQUESTION | MB_APPLMODAL, lpShareName, g_App.szOpkDir) )
  384. {
  385. case IDYES:
  386. //
  387. // If they pressed yes, try to the share out the folder.
  388. //
  389. // Setup the share info struct.
  390. //
  391. ZeroMemory(&si502, sizeof(SHARE_INFO_502));
  392. si502.shi502_netname = lpShareName;
  393. si502.shi502_type = STYPE_DISKTREE;
  394. si502.shi502_remark = NULLSTR;
  395. si502.shi502_permissions = ACCESS_READ;
  396. si502.shi502_passwd = szPassword + 1;
  397. si502.shi502_max_uses = -1;
  398. si502.shi502_path = g_App.szOpkDir;
  399. si502.shi502_security_descriptor = CreateShareAccess(bGuest ? NULL : lpUser, szDomain, &psid, &pacl);
  400. // Now try to create the share.
  401. //
  402. if ( NERR_Success != (nerr_ShareAdd = NetShareAdd(NULL, 502, (LPBYTE) &si502, NULL)) )
  403. {
  404. LPTSTR lpError;
  405. // Try to get the description of the error.
  406. //
  407. if ( FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM, NULL, nerr_ShareAdd, 0, (LPTSTR) &lpError, 0, NULL) == 0 )
  408. lpError = NULL;
  409. else
  410. StrRTrm(lpError, _T('\n'));
  411. // Can't authenticate to the server, warn the user.
  412. //
  413. MsgBox(hwnd, IDS_ERR_CANTSHARE, IDS_APPNAME, MB_ERRORBOX, lpError ? lpError : NULLSTR);
  414. // Free the text from FormatMessage().
  415. //
  416. if ( lpError )
  417. LocalFree((HLOCAL) lpError);
  418. }
  419. else
  420. {
  421. ACCESS_MASK dwPermissions;
  422. // Access permissions to the shared directory
  423. //
  424. dwPermissions = FILE_READ_ATTRIBUTES | FILE_READ_DATA | FILE_READ_EA | FILE_LIST_DIRECTORY | SYNCHRONIZE | READ_CONTROL;
  425. // Set the security permissions
  426. //
  427. SetDirectoryPermissions( g_App.szOpkDir, psid, dwPermissions );
  428. }
  429. // Make sure we free the security descriptor.
  430. //
  431. if ( si502.shi502_security_descriptor )
  432. {
  433. FREE(si502.shi502_security_descriptor);
  434. FREE(psid);
  435. FREE(pacl);
  436. }
  437. // We hit an error so we must return to the dialog.
  438. //
  439. if ( nerr_ShareAdd != NERR_Success )
  440. return FALSE;
  441. // Now we only use the computer and share name part of the UNC path.
  442. //
  443. lstrcpyn(szPath, szShare,AS(szPath));
  444. break;
  445. case IDCANCEL:
  446. // If they pressed cancel, then return so they can enter
  447. // another path.
  448. //
  449. SetFocus(GetDlgItem(hwnd, IDC_SHARE_PATH));
  450. return FALSE;
  451. }
  452. // Set this so we don't error out again or do
  453. // any more checks.
  454. //
  455. bNoWarn = TRUE;
  456. }
  457. }
  458. // Only warn if we didn't offer to share the folder already.
  459. //
  460. if ( !bNoWarn )
  461. {
  462. LPTSTR lpError;
  463. // Try to get the description of the error.
  464. //
  465. if ( FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM, NULL, nerr_NetUse, 0, (LPTSTR) &lpError, 0, NULL) == 0 )
  466. lpError = NULL;
  467. // Can't authenticate to the server, warn the user.
  468. //
  469. if ( MsgBox(hwnd, IDS_ERR_NETSHAREACCESS, IDS_APPNAME, MB_YESNO | MB_ICONWARNING | MB_APPLMODAL | MB_DEFBUTTON2, szPath, lpError ? lpError : NULLSTR) == IDYES )
  470. bNoWarn = TRUE;
  471. // Free the text from FormatMessage().
  472. //
  473. if ( lpError )
  474. LocalFree((HLOCAL) lpError);
  475. // Get out now if we the pressed cancel (bNoWarn gets set
  476. // to TRUE if they don't care about the error).
  477. //
  478. if ( !bNoWarn )
  479. {
  480. SetFocus(GetDlgItem(hwnd, IDC_SHARE_PATH));
  481. return FALSE;
  482. }
  483. }
  484. }
  485. // Don't want them to get two error messages if they already said OK.
  486. //
  487. if ( !bNoWarn )
  488. {
  489. TCHAR szCheckPath[MAX_PATH];
  490. // Create the path to where the OEM.TAG file should be.
  491. //
  492. lstrcpyn(szCheckPath, szPath,AS(szCheckPath));
  493. AddPathN(szCheckPath, DIR_WIZARDFILES,AS(szCheckPath));
  494. AddPathN(szCheckPath, FILE_OEM_TAG,AS(szCheckPath));
  495. // Now make sure the tag file is there or that they are
  496. // okay to continue with out it.
  497. //
  498. if ( ( !FileExists(szCheckPath) ) &&
  499. ( MsgBox(hwnd, IDS_ERR_INVALIDSHARE, IDS_APPNAME, MB_YESNO | MB_ICONWARNING | MB_APPLMODAL | MB_DEFBUTTON2, szPath) == IDNO ) )
  500. {
  501. SetFocus(GetDlgItem(hwnd, IDC_SHARE_PATH));
  502. return FALSE;
  503. }
  504. }
  505. // If we net used to a share, lets disconnect it.
  506. //
  507. if ( NERR_Success == nerr_NetUse )
  508. NetUseDel(NULL, szNetUse, USE_NOFORCE);
  509. // Reset the user name if we used the default guest account.
  510. //
  511. if ( bGuest )
  512. lstrcpyn(szUsername, _T("guest"),AS(szUsername));
  513. // If there is a password, add the trailing quote.
  514. //
  515. if ( szPassword[1] )
  516. hrCat=StringCchCat(szPassword, AS(szPassword), _T("\""));
  517. else
  518. szPassword[0] = NULLCHR;
  519. // Now commit all the settings to the ini file.
  520. //
  521. WritePrivateProfileString(INI_SEC_SHARE, INI_KEY_SHARE_PATH, szPath, g_App.szSetupMgrIniFile);
  522. WritePrivateProfileString(INI_SEC_SHARE, INI_KEY_SHARE_USERNAME, ( bAccount ? szUsername : NULL ), g_App.szSetupMgrIniFile);
  523. WritePrivateProfileString(INI_SEC_SHARE, INI_KEY_SHARE_PASSOWRD, ( bAccount ? szPassword : NULL ), g_App.szSetupMgrIniFile);
  524. return TRUE;
  525. }
  526. static void EnableControls(HWND hwnd)
  527. {
  528. BOOL fEnable = ( IsDlgButtonChecked(hwnd, IDC_SHARE_ACCOUNT_SPECIFY) == BST_CHECKED );
  529. EnableWindow(GetDlgItem(hwnd, IDC_SHARE_USERNAME_TEXT), fEnable);
  530. EnableWindow(GetDlgItem(hwnd, IDC_SHARE_USERNAME), fEnable);
  531. EnableWindow(GetDlgItem(hwnd, IDC_SHARE_PASSWORD_TEXT), fEnable);
  532. EnableWindow(GetDlgItem(hwnd, IDC_SHARE_PASSWORD), fEnable);
  533. EnableWindow(GetDlgItem(hwnd, IDC_SHARE_CONFIRM_TEXT), fEnable);
  534. EnableWindow(GetDlgItem(hwnd, IDC_SHARE_CONFIRM), fEnable);
  535. }
  536. static PSECURITY_DESCRIPTOR CreateShareAccess(LPTSTR lpUsername, LPTSTR lpDomain, PSID * lppsid, PACL * lppacl)
  537. {
  538. TCHAR szAccount[256];
  539. PSECURITY_DESCRIPTOR lpsd;
  540. PSID psid;
  541. PACL pacl;
  542. DWORD cbacl;
  543. BOOL bRet = FALSE;
  544. HRESULT hrPrintf;
  545. // Need the user name and domain in one string.
  546. //
  547. if ( lpUsername && lpDomain )
  548. hrPrintf=StringCchPrintf(szAccount, AS(szAccount), _T("%s\\%s"), lpDomain, lpUsername);
  549. else
  550. szAccount[0] = NULLCHR;
  551. // Need to allocate the security descriptor and sid for the account.
  552. //
  553. if ( ( lpsd = MALLOC(sizeof(SECURITY_DESCRIPTOR)) ) &&
  554. ( psid = ( szAccount[0] ? GetAccountSid(szAccount) : GetWorldSid() ) ) )
  555. {
  556. // Allocate space for and initialize the ACL.
  557. //
  558. cbacl = GetLengthSid(psid) + sizeof(ACL) + (1 * (sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD)));
  559. if ( pacl = (PACL) MALLOC(cbacl) )
  560. {
  561. // Initialize the ACL.
  562. //
  563. if ( InitializeAcl(pacl, cbacl, ACL_REVISION) )
  564. {
  565. // Add Aces for the User.
  566. //
  567. AddDirAce(pacl, GENERIC_READ | GENERIC_EXECUTE, psid);
  568. // Put together the security descriptor.
  569. //
  570. if ( InitializeSecurityDescriptor(lpsd, SECURITY_DESCRIPTOR_REVISION) &&
  571. SetSecurityDescriptorDacl(lpsd, TRUE, pacl, FALSE) )
  572. {
  573. bRet = TRUE;
  574. }
  575. }
  576. // Clean up the ACL allocated.
  577. //
  578. if ( !bRet )
  579. FREE(pacl);
  580. }
  581. // Clean up the SID allocated.
  582. //
  583. if ( !bRet )
  584. FREE(psid);
  585. }
  586. // If we failed anywhere, just free the security descriptor.
  587. //
  588. if ( bRet )
  589. {
  590. // Return the allocated security descriptor if successful.
  591. //
  592. *lppsid = psid;
  593. *lppacl = pacl;
  594. return lpsd;
  595. }
  596. // Didn't work, free and return.
  597. //
  598. FREE(lpsd);
  599. return NULL;
  600. }
  601. static BOOL IsLocalShare(LPTSTR lpszUnc)
  602. {
  603. LPTSTR lpBackslash;
  604. TCHAR szThisComputer[MAX_COMPUTERNAME_LENGTH + 1],
  605. szRemoteComputer[MAX_COMPUTERNAME_LENGTH + 1];
  606. DWORD dwSize = AS(szThisComputer);
  607. // Get just the computer from the UNC path they specified.
  608. //
  609. lstrcpyn(szRemoteComputer, lpszUnc + 2, AS(szRemoteComputer));
  610. if ( lpBackslash = StrChr(szRemoteComputer, CHR_BACKSLASH) )
  611. *lpBackslash = NULLCHR;
  612. // Now check to make sure the UNC path points to this computer.
  613. //
  614. return ( ( GetComputerName(szThisComputer, &dwSize) ) &&
  615. ( lstrcmpi(szThisComputer, szRemoteComputer) == 0 ) );
  616. }
  617. static BOOL GuestAccount(BOOL bSet)
  618. {
  619. HRESULT hr;
  620. ILocalMachine *pLM;
  621. BOOL bRet = TRUE;
  622. VARIANT_BOOL vbEnabled;
  623. hr = CoCreateInstance(&CLSID_ShellLocalMachine, NULL, CLSCTX_INPROC_SERVER, &IID_ILocalMachine, (LPVOID *) &pLM);
  624. if ( SUCCEEDED(hr) )
  625. {
  626. hr = pLM->lpVtbl->get_isGuestEnabled(pLM, ILM_GUEST_NETWORK_LOGON, &vbEnabled);
  627. if ( SUCCEEDED(hr) )
  628. {
  629. bRet = vbEnabled;
  630. if ( !bRet && bSet )
  631. {
  632. hr = pLM->lpVtbl->EnableGuest(pLM, ILM_GUEST_NETWORK_LOGON);
  633. if ( SUCCEEDED(hr) )
  634. {
  635. bRet = TRUE;
  636. }
  637. }
  638. }
  639. pLM->lpVtbl->Release(pLM);
  640. }
  641. return bRet;
  642. }
  643. static PSID GetAccountSid(LPCTSTR lpszUserName)
  644. {
  645. TCHAR szDomain[64];
  646. DWORD cbSid = 0,
  647. cbDomain = AS(szDomain);
  648. PSID pSid = NULL;
  649. SID_NAME_USE peUse;
  650. if ( (!LookupAccountName(NULL, lpszUserName, pSid, &cbSid, szDomain, &cbDomain, &peUse) ) &&
  651. ( GetLastError() == ERROR_INSUFFICIENT_BUFFER ) &&
  652. ( pSid = (PSID) MALLOC(cbSid) ) )
  653. {
  654. cbDomain = AS(szDomain);
  655. if ( !LookupAccountName(NULL, lpszUserName, pSid, &cbSid, szDomain, &cbDomain, &peUse) )
  656. FREE(pSid);
  657. }
  658. return pSid;
  659. }
  660. static PSID GetWorldSid()
  661. {
  662. SID_IDENTIFIER_AUTHORITY authWorld = SECURITY_WORLD_SID_AUTHORITY;
  663. PSID pSid = NULL,
  664. psidWorld;
  665. DWORD cbSid;
  666. if ( AllocateAndInitializeSid(&authWorld, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &psidWorld) )
  667. {
  668. cbSid = GetLengthSid(psidWorld);
  669. if ( ( pSid = (PSID) MALLOC(cbSid) ) &&
  670. ( !CopySid(cbSid, pSid, psidWorld) ) )
  671. {
  672. FREE(pSid);
  673. }
  674. FreeSid(psidWorld);
  675. }
  676. return pSid;
  677. }
  678. static BOOL AddDirAce(PACL pacl, ACCESS_MASK Mask, PSID psid)
  679. {
  680. WORD AceSize;
  681. ACCESS_ALLOWED_ACE *pAce;
  682. BOOL bResult;
  683. AceSize = (USHORT) (sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(psid));
  684. pAce = (ACCESS_ALLOWED_ACE *) MALLOC(AceSize);
  685. // Fill in the ACE.
  686. //
  687. memcpy(&pAce->SidStart, psid, GetLengthSid(psid));
  688. pAce->Mask = Mask;
  689. pAce->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
  690. pAce->Header.AceFlags = CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE;
  691. pAce->Header.AceSize = AceSize;
  692. // Put the ACE into the ACL.
  693. //
  694. bResult = AddAce(pacl,
  695. pacl->AclRevision,
  696. 0xFFFFFFFF,
  697. pAce,
  698. pAce->Header.AceSize);
  699. FREE(pAce);
  700. return bResult;
  701. }
  702. static BOOL SetDirectoryPermissions(LPTSTR lpDirectory, PSID psid, ACCESS_MASK dwMask)
  703. {
  704. EXPLICIT_ACCESS AccessEntry;
  705. PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL;
  706. PACL pOldAccessList = NULL;
  707. PACL pNewAccessList = NULL;
  708. DWORD dwRes;
  709. BOOL bReturn = FALSE;
  710. // Zero out the memory
  711. //
  712. ZeroMemory(&AccessEntry, sizeof(EXPLICIT_ACCESS));
  713. // Check to make sure we have the necessary parameters
  714. //
  715. if ( !(lpDirectory && *lpDirectory && psid) )
  716. {
  717. return FALSE;
  718. }
  719. // Make sure we are able to get the security information on the directory
  720. //
  721. if ( GetNamedSecurityInfo(lpDirectory,SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &pOldAccessList, NULL, &pSecurityDescriptor) == ERROR_SUCCESS )
  722. {
  723. // Build Trustee list
  724. //
  725. BuildTrusteeWithSid(&(AccessEntry.Trustee), psid);
  726. //
  727. AccessEntry.grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT;
  728. AccessEntry.grfAccessMode = GRANT_ACCESS;
  729. // Set permissions in structure
  730. //
  731. AccessEntry.grfAccessPermissions = dwMask;
  732. if ( (SetEntriesInAcl(1, &AccessEntry, pOldAccessList, &pNewAccessList) == ERROR_SUCCESS) &&
  733. (SetNamedSecurityInfo(lpDirectory, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, pNewAccessList, NULL) == ERROR_SUCCESS) )
  734. {
  735. bReturn = TRUE;
  736. }
  737. // Clean up some of the memory
  738. //
  739. FREE(pNewAccessList);
  740. FREE(pSecurityDescriptor);
  741. }
  742. return bReturn;
  743. }