archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/tools/ksetup/realmflags.cxx

618 lines
15 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. REALMFLAGS.CXX
  5. Copyright (C) 1999 Microsoft Corporation, all rights reserved.
  7. DESCRIPTION: realm-flag manipulation code.
  9. Created, Jan 10, 2000 by DavidCHR.
  11. CONTENTS: CompareFlagIds
  12. VerboselyPrintAndRemoveFlagsById
  13. LookupRealmFlagByName
  14. PrintAndRemoveFlagNames
  15. SearchRealmFlagListByAttribute
  16. CompareFlagNames
  18. --*/
  21. #include "everything.hxx"
  23. typedef struct {
  25. ULONG Id; // from kerberos\client2\mitutil.h
  26. LPWSTR Name; // short string identifier
  27. LPSTR Explanation; // what this flag does.
  28. LPSTR MoreExplanation; // if you have to run to the next line.
  30. } KERB_REALM_FLAG_MAPPING, *PKERB_REALM_FLAG_MAPPING;
  32. /* These flags are defined in kerberos\client2\mitutil.h.
  33. However, there's other gunk in there that I'd rather not
  34. copy out so I'll just duplicate them.
  36. I'd consider auto-generating code fragments from the file
  37. to keep this file instantly up-to-date, but it wouldn't
  38. be guaranteed to provide human readable information */
  40. KERB_REALM_FLAG_MAPPING
  41. KerbRealmFlagMappings[] = {
  43. /* The order of "none" in the list is important. It must be
  44. before any of the other flags so that code that handles
  45. multiple flags as a mask will not hit this unless the
  46. whole mask is zero. */
  48. { 0x0,
  49. L"None",
  50. "No Realm Flags"
  51. },
  53. { 0x1,
  54. L"SendAddress",
  55. "Include IP numbers within tickets.",
  56. "Useful for solving SOME compatibility issues."
  57. },
  59. { 0x2,
  60. L"TcpSupported",
  61. "Indicates that this realm supports TCP.",
  62. "(as opposed to just UDP)" },
  64. { 0x4,
  65. L"Delegate",
  66. "Everyone in this realm is trusted for delegation" },
  68. { 0x8,
  69. L"NcSupported",
  70. "This realm supports Name Canonicalization" },
  72. };
  74. ULONG
  75. RealmFlagCount = ( sizeof( KerbRealmFlagMappings ) /
  76. sizeof( KerbRealmFlagMappings[ 0 ] ) );
  79. /* NOTES on REALMLISTCOMPAREFUNCTION:
  81. If your REALMLISTCOMPAREFUNCTION is designed to return multiple
  82. mappings or interpret multiple mappings (e.g. as a mask), then
  83. you must special case "None" in the array above. Otherwise,
  84. your output may include "none", which doesn't make any sense. */
  86. typedef BOOL REALMLISTCOMPAREFUNCTION( IN PVOID, // pvAttribute
  87. IN PKERB_REALM_FLAG_MAPPING );
  90. /*++**************************************************************
  91. NAME: CompareFlagIds
  93. compares a flag map to a flag id.
  94. pvAttribute is a pointer to the desired flag id.
  96. RETURNS: TRUE if this is the correct flagid
  97. FALSE otherwise.
  98. CREATED: Jan 10, 2000
  99. CALLED BY: SearchRealmFlagListByAttribute
  100. FREE WITH: n/a -- no resources are allocated
  102. **************************************************************--*/
  104. BOOL // REALMLISTCOMPAREFUNCTION
  105. CompareFlagIds( IN PVOID pvAttribute,
  106. IN PKERB_REALM_FLAG_MAPPING pMap ) {
  108. return ( pMap->Id == *(( PULONG ) pvAttribute) );
  110. }
  113. /*++**************************************************************
  114. NAME: CompareFlagNames
  116. Compares a mapping to a string for the flagname.
  118. RETURNS: TRUE if this mapping corresponds to the given string
  119. FALSE otherwise.
  120. CREATED: Jan 10, 2000
  121. CALLED BY: SearchRealmFlagListByAttribute
  122. FREE WITH: n/a -- no resources are allocated
  124. **************************************************************--*/
  127. BOOL // REALMLISTCOMPAREFUNCTION
  128. CompareFlagNames( IN PVOID pvAttribute,
  129. IN PKERB_REALM_FLAG_MAPPING pMap ) {
  131. return ( 0 == _wcsicmp( (LPWSTR) pvAttribute,
  132. pMap->Name ) );
  133. }
  135. /*++**************************************************************
  136. NAME: PrintAndRemoveFlagsById
  138. if the flag id matches, it is removed from the passed-in value,
  139. and the flagname is printed.
  141. MODIFIES: pvAttribute -- may be stripped of a bit
  143. TAKES: pvAttribute -- flagId to check
  144. pMap -- table entry to check against
  146. RETURNS: TRUE if pvAttribute is zero (stop searching)
  147. FALSE otherwise (keep searching)
  149. CREATED: Jan 10, 2000
  150. CALLED BY: SearchRealmFlagListByAttribute
  151. FREE WITH: n/a -- no resources are allocated
  153. **************************************************************--*/
  155. BOOL
  156. PrintAndRemoveFlagsById( IN PVOID pvAttribute,
  157. IN PKERB_REALM_FLAG_MAPPING pMap ) {
  159. if ( !pMap->Id ) {
  161. /* We special-case "none" so that we only print it
  162. if there are no other flags-- if other flags exist,
  163. "none" will be skipped over in the array */
  165. if ( !*(( PULONG ) pvAttribute ) ) {
  166. printf( " %ws",
  167. pMap->Name );
  169. return TRUE;
  170. } else {
  171. return FALSE;
  172. }
  173. }
  175. if ( ( *(( PULONG ) pvAttribute) & pMap->Id )
  176. == pMap->Id ) {
  178. *( (PULONG) pvAttribute ) &= ~pMap->Id;
  179. printf( " %ws",
  180. pMap->Name );
  182. }
  184. return *( (PULONG) pvAttribute ) == 0;
  186. }
  188. /*++**************************************************************
  189. NAME: VerboselyPrintAndRemoveFlagsById
  191. like PrintAndRemoveFlagsById, but it also dumps the
  192. flag id and explanation field.
  194. LOGGING: lots of it.
  195. CREATED: Jan 10, 2000
  196. CALLED BY: SearchRealmFlagListByAttribute
  197. FREE WITH: n/a -- no resources are allocated
  199. **************************************************************--*/
  201. BOOL
  202. VerboselyPrintAndRemoveFlagsById( IN PVOID pvAttribute,
  203. IN PKERB_REALM_FLAG_MAPPING pMap ) {
  205. #if 0
  206. if ( !pMap->Id ) {
  208. /* We special-case "none" so that we only print it
  209. if there are no other flags-- if other flags exist,
  210. "none" will be skipped over in the array */
  212. if ( !*(( PULONG ) pvAttribute ) ) {
  213. printf( "0x%02x %ws \t%hs\n",
  214. pMap->Id,
  215. pMap->Name,
  216. pMap->Explanation );
  218. return TRUE;
  219. } else {
  220. return FALSE;
  221. }
  222. }
  223. #endif
  225. if ( ( *(( PULONG ) pvAttribute) & pMap->Id )
  226. == pMap->Id ) {
  228. *( (PULONG) pvAttribute ) &= ~pMap->Id;
  229. printf( "0x%02x %-12ws %hs\n",
  230. pMap->Id,
  231. pMap->Name,
  232. pMap->Explanation );
  234. if ( pMap->MoreExplanation ) {
  236. printf( "%-17hs %hs\n",
  237. "",
  238. pMap->MoreExplanation );
  239. }
  241. }
  243. return *( (PULONG) pvAttribute ) == 0;
  245. }
  248. /*++**************************************************************
  249. NAME: SearchRealmFlagListByAttribute
  251. searches the realmlist for a particular attribute.
  253. MODIFIES: ppMapping -- receives the given mapping.
  255. TAKES: pvAttribute -- attribute value to search for
  256. pFunc -- function to use to find it
  258. RETURNS: TRUE if the value could be found
  259. FALSE otherwise.
  260. LASTERROR: not set
  262. LOGGING: none
  263. CREATED: Jan 10, 2000
  264. LOCKING: none
  265. CALLED BY: anyone
  266. FREE WITH: n/a -- no resources are allocated
  268. **************************************************************--*/
  271. BOOL
  272. SearchRealmFlagListByAttribute( IN PVOID pvAttribute,
  273. IN REALMLISTCOMPAREFUNCTION *pFunc,
  274. OUT PKERB_REALM_FLAG_MAPPING *ppMapping ) {
  276. ULONG i;
  277. PKERB_REALM_FLAG_MAPPING pMapping = &KerbRealmFlagMappings[ 0 ];
  279. for ( i = 0 ;
  280. i < RealmFlagCount ;
  281. i ++, pMapping++ ) {
  283. if ( pFunc( pvAttribute,
  284. pMapping ) ) {
  286. if ( ppMapping ) *ppMapping = pMapping;
  287. return TRUE;
  289. }
  290. }
  292. return FALSE;
  294. }
  297. /*++**************************************************************
  298. NAME: LookupRealmFlagByName
  300. given a name, maps it to a realm flag mapping structure
  302. MODIFIES: ppMapping -- receives the entry pointer
  303. TAKES: RealmFlagName -- name for which to search
  305. RETURNS: TRUE if the realmflag could be found.
  306. FALSE otherwise.
  307. LASTERROR:
  309. LOGGING:
  310. CREATED: Jan 10, 2000
  311. LOCKING:
  312. CALLED BY: anyone
  313. FREE WITH: n/a -- no resources are allocated
  315. **************************************************************--*/
  317. BOOL
  318. LookupRealmFlagByName( IN LPWSTR RealmFlagName,
  319. OUT PKERB_REALM_FLAG_MAPPING *ppMapping ) {
  321. return SearchRealmFlagListByAttribute( RealmFlagName,
  322. CompareFlagNames,
  323. ppMapping );
  325. }
  327. VOID
  328. PrintRealmFlags( IN ULONG RealmFlags ) {
  330. ULONG i;
  331. ULONG ioFlags = RealmFlags;
  333. if ( RealmFlags == 0 ) {
  335. printf( " none" );
  337. } else {
  339. if ( !SearchRealmFlagListByAttribute( &ioFlags,
  340. PrintAndRemoveFlagsById,
  341. NULL ) ) {
  342. printf( " [unknown" );
  344. if ( ioFlags != RealmFlags ) {
  346. printf( ": 0x%x",
  347. ioFlags );
  349. }
  351. printf( "]" );
  353. }
  355. }
  356. }
  361. NTSTATUS
  362. ListRealmFlags( LPWSTR * Ignored) {
  364. ULONG RealmFlags = ~0;
  366. printf( "\n"
  367. "Ksetup knows the following realm flags: \n" );
  369. SearchRealmFlagListByAttribute( &RealmFlags,
  370. VerboselyPrintAndRemoveFlagsById,
  371. NULL );
  372. printf( "\n" );
  374. exit( 0 ); /* Jump out. */
  376. return STATUS_SUCCESS;
  378. }
  380. NTSTATUS
  381. GetRealmFlags( IN LPWSTR RealmName,
  382. OUT PULONG pulRealmFlags ) {
  384. HKEY hKey;
  385. NTSTATUS N = STATUS_UNSUCCESSFUL;
  386. DWORD dwErr, Type, Len = sizeof( *pulRealmFlags );
  388. dwErr = OpenSubKey( &RealmName,
  389. &hKey );
  391. if ( dwErr == ERROR_SUCCESS ) {
  393. dwErr = RegQueryValueEx( hKey,
  394. KERB_DOMAIN_REALM_FLAGS_VALUE,
  395. NULL, // mbz
  396. &Type,
  397. (LPBYTE) pulRealmFlags,
  398. &Len );
  400. switch ( dwErr ) {
  402. case ERROR_SUCCESS:
  404. N = STATUS_SUCCESS;
  405. break;
  407. case ERROR_FILE_NOT_FOUND:
  408. case ERROR_PATH_NOT_FOUND:
  410. /* 453545: if the realm flags aren't specified,
  411. don't complain about it. */
  413. N = STATUS_SUCCESS;
  414. *pulRealmFlags = 0;
  415. break;
  417. default:
  419. printf( "Failed to query %ws for %ws: 0x%x\n",
  420. KERB_DOMAIN_REALM_FLAGS_VALUE,
  421. RealmName,
  422. dwErr );
  423. }
  425. RegCloseKey( hKey );
  427. } // else error has already been printed.
  429. return N;
  430. }
  432. NTSTATUS
  433. SetRealmFlags( IN LPWSTR RealmName,
  434. IN ULONG ulRealmFlags ) {
  436. HKEY hKey;
  437. NTSTATUS N = STATUS_UNSUCCESSFUL;
  438. DWORD dwErr, Len = sizeof( ulRealmFlags );
  440. dwErr = OpenSubKey( &RealmName,
  441. &hKey );
  443. if ( dwErr == ERROR_SUCCESS ) {
  445. dwErr = RegSetValueEx( hKey,
  446. KERB_DOMAIN_REALM_FLAGS_VALUE,
  447. NULL, // mbz
  448. REG_DWORD,
  449. (LPBYTE) &ulRealmFlags,
  450. Len );
  452. switch ( dwErr ) {
  454. case ERROR_SUCCESS:
  456. DEBUGPRINT( DEBUG_REGISTRY,
  457. ( "Set Realm Flags for %ws to 0x%x\n",
  458. RealmName,
  459. ulRealmFlags ) ) ;
  461. N = STATUS_SUCCESS;
  462. break;
  464. default:
  466. printf( "Failed to write %ws for %ws: 0x%x\n",
  467. KERB_DOMAIN_REALM_FLAGS_VALUE,
  468. RealmName,
  469. dwErr );
  470. }
  472. RegCloseKey( hKey );
  474. } // else error has already been printed.
  476. return N;
  477. }
  481. NTSTATUS
  482. ResolveRealmFlags( IN LPWSTR *Params,
  483. IN OUT PULONG pulFlags ) {
  485. ULONG id;
  486. LPWSTR Cursor, *pFlagCursor = Params;
  487. PKERB_REALM_FLAG_MAPPING pMap;
  488. NTSTATUS N = STATUS_SUCCESS;
  490. do {
  492. DEBUGPRINT( DEBUG_OPTIONS,
  493. ( "Checking realmflag \"%ws\"...\n",
  494. *pFlagCursor ) );
  496. // first, try to convert to hex.
  498. id = wcstoul( *pFlagCursor,
  499. &Cursor,
  500. 0 ); // use defaults
  502. if ( *Cursor != '\0' ) {
  504. if ( !LookupRealmFlagByName( *pFlagCursor,
  505. &pMap ) ) {
  507. printf( "Unknown Realm Flag: \"%ws\"\n",
  508. *pFlagCursor );
  510. N = STATUS_INVALID_PARAMETER;
  511. break;
  513. } else {
  515. id = pMap->Id;
  517. }
  519. } // otherwise, the work's already been done.
  521. pFlagCursor++;
  522. *pulFlags |= id;
  524. } while( *pFlagCursor != NULL );
  526. return N;
  528. }
  530. NTSTATUS
  531. SetRealmFlags( IN LPWSTR *Params ) {
  533. LPWSTR RealmName = Params[ 0 ];
  534. ULONG RealmFlags = 0;
  535. NTSTATUS N = STATUS_SUCCESS; // 279621: this was uninitialized.
  537. if( Params[1] != NULL )
  538. {
  539. N = ResolveRealmFlags( Params+1,
  540. &RealmFlags );
  542. if ( NT_SUCCESS( N ) )
  543. {
  544. N = SetRealmFlags( RealmName,
  545. RealmFlags );
  546. }
  547. }
  548. else // Clear all realm flags
  549. {
  550. SetRealmFlags( RealmName, 0 );
  551. }
  553. return N;
  555. }
  557. NTSTATUS
  558. AddRealmFlags( IN LPWSTR *Params ) {
  560. LPWSTR RealmName = Params[ 0 ];
  561. ULONG RealmFlags = 0;
  562. NTSTATUS N;
  564. N = GetRealmFlags( RealmName,
  565. &RealmFlags );
  567. if ( NT_SUCCESS( N ) ) {
  568. N = ResolveRealmFlags( Params+1,
  569. &RealmFlags );
  571. if ( NT_SUCCESS( N ) ) {
  573. N = SetRealmFlags( RealmName,
  574. RealmFlags );
  576. }
  577. }
  579. return N;
  581. }
  585. NTSTATUS
  586. DelRealmFlags( IN LPWSTR *Params ) {
  588. LPWSTR RealmName = Params[ 0 ];
  589. ULONG RealmFlags = 0;
  590. ULONG DeleteFlags = 0;
  591. NTSTATUS N;
  593. N = GetRealmFlags( RealmName,
  594. &RealmFlags );
  596. if ( NT_SUCCESS( N ) ) {
  597. N = ResolveRealmFlags( Params+1,
  598. &DeleteFlags );
  600. if ( NT_SUCCESS( N ) ) {
  602. N = SetRealmFlags( RealmName,
  603. RealmFlags &~ DeleteFlags );
  605. }
  606. }
  608. return N;
  610. }