archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/netapi/netlib/secobj2.c

328 lines
8.5 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1991-1992 Microsoft Corporation
  5. Module Name:
  7. secobj.c
  9. Abstract:
  11. This module provides support routines to simplify the creation of
  12. security descriptors for user-mode objects.
  14. Author:
  16. Cliff Van Dyke (CliffV) 09-Feb-1994
  18. Environment:
  20. Contains NT specific code.
  22. Revision History:
  24. Cliff Van Dyke (CliffV) 09-Feb-1994
  25. Split off from secobj.c so NtLmSsp can reference secobj.c
  26. without loading the rpc libaries.
  28. --*/
  30. #include <nt.h>
  31. #include <ntrtl.h>
  32. #include <nturtl.h>
  34. #include <windows.h> // DWORD.
  35. #include <lmcons.h> // NET_API_STATUS.
  37. #include <netlib.h>
  38. #include <lmerr.h>
  40. #include <netdebug.h>
  41. #include <debuglib.h>
  43. #include <rpc.h>
  44. #include <rpcutil.h>
  46. #include <secobj.h>
  50. NET_API_STATUS
  51. NetpAccessCheckAndAudit(
  52. IN LPTSTR SubsystemName,
  53. IN LPTSTR ObjectTypeName,
  54. IN PSECURITY_DESCRIPTOR SecurityDescriptor,
  55. IN ACCESS_MASK DesiredAccess,
  56. IN PGENERIC_MAPPING GenericMapping
  57. )
  58. /*++
  60. Routine Description:
  62. This function impersonates the caller so that it can perform access
  63. validation using NtAccessCheckAndAuditAlarm; and reverts back to
  64. itself before returning.
  66. Arguments:
  68. SubsystemName - Supplies a name string identifying the subsystem
  69. calling this routine.
  71. ObjectTypeName - Supplies the name of the type of the object being
  72. accessed.
  74. SecurityDescriptor - A pointer to the Security Descriptor against which
  75. acccess is to be checked.
  77. DesiredAccess - Supplies desired acccess mask. This mask must have been
  78. previously mapped to contain no generic accesses.
  80. GenericMapping - Supplies a pointer to the generic mapping associated
  81. with this object type.
  83. Return Value:
  85. NET_API_STATUS - NERR_Success or reason for failure.
  87. --*/
  88. {
  90. NTSTATUS NtStatus;
  91. RPC_STATUS RpcStatus;
  92. BOOLEAN fWasEnabled;
  94. UNICODE_STRING Subsystem;
  95. UNICODE_STRING ObjectType;
  96. UNICODE_STRING ObjectName;
  98. #ifndef UNICODE
  99. OEM_STRING AnsiString;
  100. #endif
  102. ACCESS_MASK GrantedAccess;
  103. BOOLEAN GenerateOnClose;
  104. NTSTATUS AccessStatus;
  107. #ifdef UNICODE
  108. RtlInitUnicodeString(&Subsystem, SubsystemName);
  109. RtlInitUnicodeString(&ObjectType, ObjectTypeName);
  110. #else
  111. NetpInitOemString( &AnsiString, SubsystemName );
  112. NtStatus = RtlOemStringToUnicodeString(
  113. &Subsystem,
  114. &AnsiString,
  115. TRUE
  116. );
  118. if ( !NT_SUCCESS( NtStatus )) {
  119. NetpKdPrint(("[Netlib] Error calling RtlOemStringToUnicodeString %08lx\n",
  120. NtStatus));
  121. return NetpNtStatusToApiStatus( NtStatus );
  122. }
  124. NetpInitOemString( &AnsiString, ObjectTypeName );
  126. NtStatus = RtlOemStringToUnicodeString(&ObjectType,
  127. &AnsiString,
  128. TRUE);
  130. if ( !NT_SUCCESS( NtStatus )) {
  131. NetpKdPrint(("[Netlib] Error calling RtlOemStringToUnicodeString %08lx\n",
  132. NtStatus));
  133. RtlFreeUnicodeString( &Subsystem );
  134. return NetpNtStatusToApiStatus( NtStatus );
  135. }
  136. #endif
  138. //
  139. // Make sure SE_AUDIT_PRIVILEGE is enabled for this process (rather
  140. // than the thread) since the audit privilege is checked in the process
  141. // token (and not the thread token). Leave it enabled since there's
  142. // no harm in doing so once it's been enabled (since the process needs
  143. // to have the privilege in the first place).
  144. //
  146. RtlAdjustPrivilege(SE_AUDIT_PRIVILEGE,
  147. TRUE,
  148. FALSE,
  149. &fWasEnabled);
  151. RtlInitUnicodeString(&ObjectName, NULL); // No object name
  153. if ((RpcStatus = RpcImpersonateClient(NULL)) != RPC_S_OK) {
  154. NetpKdPrint(("[Netlib] Failed to impersonate client %08lx\n",
  155. RpcStatus));
  156. return NetpRpcStatusToApiStatus(RpcStatus);
  157. }
  159. NtStatus = NtAccessCheckAndAuditAlarm(
  160. &Subsystem,
  161. NULL, // No handle for object
  162. &ObjectType,
  163. &ObjectName,
  164. SecurityDescriptor,
  165. DesiredAccess,
  166. GenericMapping,
  167. FALSE,
  168. &GrantedAccess,
  169. &AccessStatus,
  170. &GenerateOnClose
  171. );
  173. #ifndef UNICODE
  174. RtlFreeUnicodeString( &Subsystem );
  175. RtlFreeUnicodeString( &ObjectType );
  176. #endif
  178. if ((RpcStatus = RpcRevertToSelf()) != RPC_S_OK) {
  179. NetpKdPrint(("[Netlib] Fail to revert to self %08lx\n", RpcStatus));
  180. NetpAssert(FALSE);
  181. }
  183. if (! NT_SUCCESS(NtStatus)) {
  184. NetpKdPrint(("[Netlib] Error calling NtAccessCheckAndAuditAlarm %08lx\n",
  185. NtStatus));
  186. return ERROR_ACCESS_DENIED;
  187. }
  189. if (AccessStatus != STATUS_SUCCESS) {
  190. IF_DEBUG(SECURITY) {
  191. NetpKdPrint(("[Netlib] Access status is %08lx\n", AccessStatus));
  192. }
  193. return ERROR_ACCESS_DENIED;
  194. }
  196. return NERR_Success;
  197. }
  201. NET_API_STATUS
  202. NetpAccessCheck(
  203. IN PSECURITY_DESCRIPTOR SecurityDescriptor,
  204. IN ACCESS_MASK DesiredAccess,
  205. IN PGENERIC_MAPPING GenericMapping
  206. )
  207. /*++
  209. Routine Description:
  211. This function impersonates the caller so that it can perform access
  212. validation using NtAccessCheck; and reverts back to
  213. itself before returning.
  215. This routine differs from NetpAccessCheckAndAudit in that it doesn't require
  216. the caller to have SE_AUDIT_PRIVILEGE nor does it generate audits.
  217. That is typically fine since the passed in security descriptor typically doesn't
  218. have a SACL requesting an audit.
  220. Arguments:
  222. SecurityDescriptor - A pointer to the Security Descriptor against which
  223. acccess is to be checked.
  225. DesiredAccess - Supplies desired acccess mask. This mask must have been
  226. previously mapped to contain no generic accesses.
  228. GenericMapping - Supplies a pointer to the generic mapping associated
  229. with this object type.
  231. Return Value:
  233. NET_API_STATUS - NERR_Success or reason for failure.
  235. --*/
  236. {
  237. NET_API_STATUS NetStatus;
  238. NET_API_STATUS TempStatus;
  240. HANDLE ClientToken = NULL;
  242. DWORD GrantedAccess;
  243. BOOL AccessStatus;
  244. BYTE PrivilegeSet[500]; // Large buffer
  245. DWORD PrivilegeSetSize;
  248. //
  249. // Impersonate the client.
  250. //
  252. NetStatus = RpcImpersonateClient(NULL);
  254. if ( NetStatus != RPC_S_OK ) {
  255. NetpKdPrint(("[Netlib] Failed to impersonate client %08lx\n",
  256. NetStatus));
  257. return NetpRpcStatusToApiStatus(NetStatus);
  258. }
  260. //
  261. // Open the impersonated token.
  262. //
  264. if ( !OpenThreadToken( GetCurrentThread(),
  265. TOKEN_QUERY,
  266. TRUE, // Use NtLmSvc security context to open token
  267. &ClientToken )) {
  269. NetStatus = GetLastError();
  270. NetpKdPrint(("[Netlib] Error calling GetCurrentThread %ld\n",
  271. NetStatus));
  273. goto Cleanup;
  274. }
  276. //
  277. // Check if the client has the required access.
  278. //
  280. PrivilegeSetSize = sizeof(PrivilegeSet);
  282. if ( !AccessCheck( SecurityDescriptor,
  283. ClientToken,
  284. DesiredAccess,
  285. GenericMapping,
  286. (PPRIVILEGE_SET) PrivilegeSet,
  287. &PrivilegeSetSize,
  288. &GrantedAccess,
  289. &AccessStatus ) ) {
  291. NetStatus = GetLastError();
  292. NetpKdPrint(("[Netlib] Error calling AccessCheck %ld\n",
  293. NetStatus));
  295. goto Cleanup;
  297. }
  299. if ( !AccessStatus ) {
  300. NetStatus = GetLastError();
  301. IF_DEBUG(SECURITY) {
  302. NetpKdPrint(("[Netlib] Access status is %ld\n", NetStatus ));
  303. }
  304. goto Cleanup;
  305. }
  307. //
  308. // Success
  309. //
  311. NetStatus = NERR_Success;
  313. //
  314. // Free locally used resources
  315. //
  316. Cleanup:
  317. TempStatus = RpcRevertToSelf();
  318. if ( TempStatus != RPC_S_OK ) {
  319. NetpKdPrint(("[Netlib] Fail to revert to self %08lx\n", TempStatus));
  320. NetpAssert(FALSE);
  321. }
  323. if ( ClientToken != NULL ) {
  324. CloseHandle( ClientToken );
  325. }
  327. return NetStatus;
  328. }