archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/authz/test/samplerm/samplerm.c

120 lines
3.1 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #include "pch.h"
  3. BOOL
  4. MyAccessCheck(
  5. IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext,
  6. IN PACE_HEADER pAce,
  7. IN PVOID pArgs OPTIONAL,
  8. IN OUT PBOOL pbAceApplicable
  9. )
  11. /*++
  13. Routine Description
  15. This is a very trivial example of a callback access check routine. Here we randomly decide
  16. if the ACE applies to the given client context.
  18. Arguments
  20. hAuthzClientContext - handle to AuthzClientContext.
  21. pAce - pointer to Ace header.
  22. pArgs - optional arguments that can be used in evaluating the ACE.
  23. pbAceApplicable - returns the result of the evaluation.
  25. Return value
  27. Bool, true if ACE is applicable, false otherwise.
  28. --*/
  29. {
  30. *pbAceApplicable = (BOOL) rand() % 2;
  32. return TRUE;
  33. }
  35. BOOL
  36. MyComputeDynamicGroups(
  37. IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext,
  38. IN PVOID Args,
  39. OUT PSID_AND_ATTRIBUTES *pSidAttrArray,
  40. OUT PDWORD pSidCount,
  41. OUT PSID_AND_ATTRIBUTES *pRestrictedSidAttrArray,
  42. OUT PDWORD pRestrictedSidCount
  43. )
  45. /*++
  47. Routine Description
  49. Resource manager callback to compute dynamic groups. This is used by the RM
  50. to decide if the specified client context should be included in any RM defined groups.
  52. Arguments
  54. hAuthzClientContext - handle to client context.
  55. Args - optional parameter to pass information for evaluating group membership.
  56. pSidAttrArray - computed group membership SIDs
  57. pSidCount - count of SIDs
  58. pRestrictedSidAttrArray - computed group membership restricted SIDs
  59. pRestrictedSidCount - count of restricted SIDs
  61. Return Value
  63. Bool, true for success, false on failure.
  65. --*/
  66. {
  67. ULONG Length = 0;
  69. if (Args == -1)
  70. {
  71. return TRUE;
  72. }
  74. *pSidCount = 2;
  75. *pRestrictedSidCount = 0;
  77. *pRestrictedSidAttrArray = 0;
  79. Length = RtlLengthSid((PSID) KedarSid);
  80. Length += RtlLengthSid((PSID) RahulSid);
  82. if (!(*pSidAttrArray = malloc(sizeof(SID_AND_ATTRIBUTES) * 2 + Length)))
  83. {
  84. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  85. return FALSE;
  86. }
  88. (*pSidAttrArray)[0].Attributes = SE_GROUP_ENABLED;
  89. (*pSidAttrArray)[0].Sid = ((PUCHAR) (*pSidAttrArray)) + 2 * sizeof(SID_AND_ATTRIBUTES);
  90. RtlCopySid(Length/2, (*pSidAttrArray)[0].Sid, (PSID) KedarSid);
  92. (*pSidAttrArray)[1].Attributes = SE_GROUP_USE_FOR_DENY_ONLY;
  93. (*pSidAttrArray)[1].Sid = ((PUCHAR) (*pSidAttrArray)) + 2 * sizeof(SID_AND_ATTRIBUTES) + Length/2;
  94. RtlCopySid(Length/2, (*pSidAttrArray)[1].Sid, (PSID) RahulSid);
  96. return TRUE;
  97. }
  99. VOID
  100. MyFreeDynamicGroups (
  101. IN PSID_AND_ATTRIBUTES pSidAttrArray
  102. )
  104. /*++
  106. Routine Description
  108. Frees memory allocated for the dynamic group array.
  110. Arguments
  112. pSidAttrArray - array to free.
  114. Return Value
  115. None.
  116. --*/
  117. {
  118. if (pSidAttrArray) free(pSidAttrArray);
  119. }