archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
3.3 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/com/ole32/dcomss/olescm/winsta.cxx

487 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1997.
  5. //
  6. // File: winsta.cxx
  7. //
  8. // Contents: winstation caching code
  9. //
  10. //--------------------------------------------------------------------------
  12. #include "act.hxx"
  15. //
  16. // Private Types.
  17. //
  19. //-------------------------------------------------------------------------
  20. // Definitions for Runas Cache
  21. // NOTE: This exists to overcome limitation on NT Winstations of 15
  22. // Reusing same token will map to same winstation. We also cache
  23. // winstation once we get it.
  24. //-------------------------------------------------------------------------
  25. const DWORD RUN_AS_TIMEOUT = 360000;
  27. #define RUNAS_CACHE_SIZE 200
  29. // The pUser and pGroups fields are assumed to point to one contiguous memory
  30. // block that can be freed by a single call to Free(pUser).
  31. WCHAR wszRunAsWinstaDesktop[RUNAS_CACHE_SIZE][100];
  32. typedef struct SRunAsCache
  33. {
  34. HANDLE hToken;
  35. WCHAR *pwszWinstaDesktop;
  36. WCHAR *pwszWDStore;
  37. LONG dwRefCount;
  38. DWORD lHash;
  39. TOKEN_USER *pUser;
  40. TOKEN_GROUPS *pGroups;
  41. TOKEN_GROUPS *pRestrictions;
  42. DWORD lBirth;
  43. struct SRunAsCache *pNext;
  44. SRunAsCache()
  45. {
  46. hToken = NULL;
  47. pwszWinstaDesktop = NULL;
  48. pwszWDStore = NULL;
  49. dwRefCount = 0;
  50. lHash = 0;
  51. pUser = NULL;
  52. pGroups = NULL;
  53. pRestrictions = NULL;
  54. lBirth = 0;
  55. pNext = NULL;
  56. }
  57. } SRunAsCache;
  60. #define RUNAS_CACHECTRL_CREATENOTFOUND 1
  61. #define RUNAS_CACHECTRL_REFERENCE 2
  62. #define RUNAS_CACHECTRL_GETTOKEN 4
  64. //Macro to invalidate an entry -- must be idempotent
  65. #define INVALIDATE_RUNAS_ENTRY(pEntry) pEntry->lHash = 0
  67. // Lock for LogonUser cache.
  68. CRITICAL_SECTION gTokenCS;
  70. // The run as cache is an array of entries divided into 2 circular lists.
  71. // The gRunAsHead list contains cache entries in use with the most
  72. // frequently used entries first. The gRunAsFree list contains free
  73. // entries.
  74. extern SRunAsCache gRunAsFree;
  76. static SRunAsCache gRunAsCache[RUNAS_CACHE_SIZE];
  78. SRunAsCache gRunAsHead;
  79. SRunAsCache gRunAsFree;
  82. //+-------------------------------------------------------------------------
  83. //
  84. // Function: InitRunAsCache
  85. //
  86. // Synopsis: One time initialization of runas cache
  87. //
  88. //+-------------------------------------------------------------------------
  89. void InitRunAsCache()
  90. {
  91. for (int i=0; i < (RUNAS_CACHE_SIZE-1); i++)
  92. {
  93. gRunAsCache[i].pNext = &gRunAsCache[i+1];
  94. gRunAsCache[i].pwszWDStore = &wszRunAsWinstaDesktop[i][0];
  95. }
  97. gRunAsCache[i].pNext = &gRunAsFree;
  98. gRunAsCache[i].pwszWDStore = &wszRunAsWinstaDesktop[i][0];
  100. gRunAsHead.pNext = &gRunAsHead;
  101. gRunAsFree.pNext = &gRunAsCache[0];
  102. }
  104. //+-------------------------------------------------------------------------
  105. //
  106. // Function: HashSid
  107. //
  108. // Synopsis: Compute a DWORD hash for a SID.
  109. //
  110. //--------------------------------------------------------------------------
  111. DWORD HashSid( PSID pVoid )
  112. {
  113. SID *pSID = (SID *) pVoid;
  114. DWORD lHash = 0;
  115. DWORD i;
  117. // Hash the identifier authority.
  118. for (i = 0; i < 6; i++)
  119. lHash ^= pSID->IdentifierAuthority.Value[i];
  121. // Hash the sub authority.
  122. for (i = 0; i < pSID->SubAuthorityCount; i++)
  123. lHash ^= pSID->SubAuthority[i];
  124. return lHash;
  125. }
  127. //+-------------------------------------------------------------------------
  128. //
  129. // Function: RunAsCache
  130. //
  131. // Synopsis: Return a token from the cache if present. Otherwise
  132. // return the original token.
  133. //
  134. // Description: This function caches LogonUser tokens because each
  135. // token has its own windowstation. Since there are
  136. // a limited number of windowstations, by caching tokens
  137. // we can reduce the number of windowstations used and thus
  138. // allow more servers to be created. The cache moves the
  139. // most frequently used tokens to the head of the list and
  140. // discards tokens from the end of the list when full.
  141. // When the cache is full, alternating requests for different
  142. // tokens will prevent the last token from having a chance
  143. // to advance in the list.
  144. // [vinaykr - 9/1/98]
  145. // Token caching alone is not enough because Tokens time out.
  146. // So we cache winstations and reference count them to
  147. // ensure proper allocation to a window station.
  148. //
  149. // Notes: Tokens in the cache must be timed out so that changes to
  150. // the user name, user groups, user privileges, and user
  151. // password take effect. The timeout must be balanced
  152. // between the need to cache as many tokens as possible and
  153. // the fact that cached tokens are useless when the password
  154. // changes.
  155. // [vinaykr - 9/1/98]
  156. // Time out removed in favour of reference counting.
  157. // Entry cleaned up when reference count goes to 0.
  158. //--------------------------------------------------------------------------
  159. HRESULT RunAsCache(IN DWORD dwCacheCtrl,
  160. IN HANDLE &hToken,
  161. OUT SRunAsCache** ppRunAsCache)
  162. {
  163. HRESULT hr = S_OK;
  164. BOOL fSuccess;
  165. DWORD cbUser = 0;
  166. DWORD cbGroups = 0;
  167. DWORD cbRestrictions = 0;
  168. TOKEN_USER *pUser = NULL;
  169. TOKEN_GROUPS *pGroups;
  170. TOKEN_GROUPS *pRestrictions;
  171. DWORD lHash;
  172. DWORD i;
  173. HANDLE hCopy = NULL;
  174. DWORD lNow;
  175. SRunAsCache *pCurr = NULL;
  176. SRunAsCache *pPrev;
  177. SRunAsCache sSwap;
  179. *ppRunAsCache = NULL;
  181. // Find out how large the user SID is.
  182. GetTokenInformation( hToken, TokenUser, NULL, 0, &cbUser );
  183. if (cbUser == 0) { hr = E_UNEXPECTED; goto Cleanup; }
  185. // Find out how large the group SIDs are.
  186. GetTokenInformation( hToken, TokenGroups, NULL, 0, &cbGroups );
  188. // Find out how large the restricted SIDs are.
  189. GetTokenInformation( hToken, TokenRestrictedSids, NULL, 0, &cbRestrictions );
  191. // Allocate memory to hold the SIDs.
  192. cbUser = (cbUser + 7) & ~7;
  193. cbGroups = (cbGroups + 7) & ~7;
  194. pUser = (TOKEN_USER *) PrivMemAlloc( cbUser + cbGroups + cbRestrictions );
  195. pGroups = (TOKEN_GROUPS *) (((BYTE *) pUser) + cbUser);
  196. pRestrictions = (TOKEN_GROUPS *) (((BYTE *) pGroups) + cbGroups);
  197. if (pUser == NULL) { hr = E_OUTOFMEMORY; goto Cleanup; }
  199. // Get the user SID.
  200. fSuccess = GetTokenInformation( hToken, TokenUser, pUser, cbUser, &cbUser );
  201. if (!fSuccess) { hr = HRESULT_FROM_WIN32(GetLastError()); goto Cleanup; }
  203. // Get the group SIDs.
  204. fSuccess = GetTokenInformation( hToken, TokenGroups, pGroups, cbGroups, &cbGroups );
  205. if (!fSuccess) { hr = HRESULT_FROM_WIN32(GetLastError()); goto Cleanup; }
  207. // Get the restricted SIDs.
  208. fSuccess = GetTokenInformation( hToken, TokenRestrictedSids, pRestrictions,
  209. cbRestrictions, &cbRestrictions );
  210. if (!fSuccess) { hr = HRESULT_FROM_WIN32(GetLastError()); goto Cleanup; }
  212. // Get the SID hash but skip the logon group that is unique for every
  213. // call to logon user.
  214. lHash = HashSid( pUser->User.Sid );
  215. for (i = 0; i < pGroups->GroupCount; i++)
  216. if ((pGroups->Groups[i].Attributes & SE_GROUP_LOGON_ID) == 0)
  217. lHash ^= HashSid( pGroups->Groups[i].Sid );
  218. for (i = 0; i < pRestrictions->GroupCount; i++)
  219. lHash ^= HashSid( pRestrictions->Groups[i].Sid );
  221. // Take lock.
  222. EnterCriticalSection( &gTokenCS );
  224. // Look for an existing token.
  225. lNow = GetTickCount();
  226. pPrev = &gRunAsHead;
  227. pCurr = pPrev->pNext;
  228. while (pPrev->pNext != &gRunAsHead)
  229. {
  230. // If the current entry is too old, delete it.
  231. // (lNow - pCurr->lBirth >= RUN_AS_TIMEOUT))
  232. // [vinaykr 9/1] Changed to use refcount
  233. // If refcount is 0 delete entry
  234. if (!pCurr->dwRefCount)
  235. {
  236. CloseHandle( pCurr->hToken );
  237. PrivMemFree( pCurr->pUser );
  238. pPrev->pNext = pCurr->pNext;
  239. pCurr->pNext = gRunAsFree.pNext;
  240. gRunAsFree.pNext = pCurr;
  241. }
  242. else
  243. {
  244. // If the current entry matches, break.
  245. if (pCurr->lHash == lHash &&
  246. pCurr->pGroups->GroupCount == pGroups->GroupCount)
  247. {
  248. // Check the user SID.
  249. if (EqualSid(pCurr->pUser->User.Sid, pUser->User.Sid))
  250. {
  251. // Check the group SIDs.
  252. for (i = 0; i < pGroups->GroupCount; i++)
  253. if ((pGroups->Groups[i].Attributes & SE_GROUP_LOGON_ID) == 0)
  254. if (!EqualSid( pCurr->pGroups->Groups[i].Sid,
  255. pGroups->Groups[i].Sid ))
  256. break;
  258. // If those matched, check the restricted SIDs
  259. if (i >= pGroups->GroupCount)
  260. {
  261. for (i = 0; i < pRestrictions->GroupCount; i++)
  262. if (!EqualSid( pCurr->pRestrictions->Groups[i].Sid,
  263. pRestrictions->Groups[i].Sid ))
  264. break;
  266. if (i >= pRestrictions->GroupCount)
  267. break;
  268. }
  269. }
  270. }
  271. pPrev = pPrev->pNext;
  272. }
  273. pCurr = pPrev->pNext;
  274. }
  277. fSuccess = (pCurr != &gRunAsHead);
  279. // Found a token
  280. if (fSuccess)
  281. {
  282. // Duplicate this token if token requested
  283. if (dwCacheCtrl & RUNAS_CACHECTRL_GETTOKEN)
  284. {
  285. fSuccess = DuplicateTokenEx( pCurr->hToken, MAXIMUM_ALLOWED,
  286. NULL, SecurityDelegation, TokenPrimary,
  287. &hCopy );
  288. }
  290. if (fSuccess)
  291. {
  292. // Discard the passed in token and return a copy of the cached
  293. // token.
  294. CloseHandle( hToken );
  295. hToken = hCopy;
  296. }
  297. }
  299. // If not found, find an empty slot only if we are trying to
  300. // set into this. Note this can also be taken if unable to
  301. // duplicate found token above.
  302. if ((!fSuccess) &&
  303. (dwCacheCtrl & RUNAS_CACHECTRL_CREATENOTFOUND))
  304. {
  305. // Duplicate this token.
  306. fSuccess = DuplicateTokenEx( hToken, MAXIMUM_ALLOWED, NULL,
  307. SecurityDelegation, TokenPrimary, &hCopy );
  309. if (fSuccess)
  310. {
  311. // Get an entry from the free list.
  312. if (gRunAsFree.pNext != &gRunAsFree)
  313. {
  314. pCurr = gRunAsFree.pNext;
  315. gRunAsFree.pNext = pCurr->pNext;
  316. pCurr->pNext = &gRunAsHead;
  317. pPrev->pNext = pCurr;
  318. }
  320. // If no empty slot, release the last used entry.
  321. else
  322. {
  323. pCurr = pPrev;
  324. CloseHandle( pCurr->hToken );
  325. PrivMemFree( pCurr->pUser );
  326. }
  328. // Save the duplicate.
  329. pCurr->hToken = hCopy;
  330. pCurr->lHash = lHash;
  331. pCurr->pUser = pUser;
  332. pCurr->pGroups = pGroups;
  333. pCurr->pRestrictions = pRestrictions;
  334. pCurr->lBirth = lNow;
  335. pCurr->dwRefCount = 0;
  336. pCurr->pwszWinstaDesktop = NULL;
  337. pUser = NULL;
  338. }
  339. else
  340. {
  341. hr = HRESULT_FROM_WIN32(GetLastError());
  342. }
  343. }
  345. // If an entry was computed and a reference
  346. // to it was requested, refcount it.
  347. if (fSuccess)
  348. {
  349. if (dwCacheCtrl & RUNAS_CACHECTRL_REFERENCE)
  350. pCurr->dwRefCount++;
  351. }
  353. // Release lock.
  354. LeaveCriticalSection( &gTokenCS );
  356. // Free any resources allocated by the function.
  357. Cleanup:
  358. if (pUser != NULL)
  359. PrivMemFree(pUser);
  361. if (SUCCEEDED(hr))
  362. {
  363. ASSERT(pCurr);
  364. *ppRunAsCache = pCurr;
  365. }
  367. return hr;
  368. }
  371. //+-------------------------------------------------------------------------
  372. //+
  373. //+ Function: RunAsGetTokenElem
  374. //+
  375. //+ Synopsis: Gets token and/or Winstationdesktop string given a token
  376. //+ Assumption is that if an entry is found in the cache a handle
  377. //+ to the entry is returned with a reference being taken on the
  378. //+ entry. This handle can then be used for other operations and
  379. //+ needs to be explicitly released to release the entry.
  380. //+
  381. //+-------------------------------------------------------------------------
  382. HRESULT RunAsGetTokenElem(IN OUT HANDLE *pToken,
  383. OUT void **ppvElemHandle)
  384. {
  385. HRESULT hr;
  386. SRunAsCache* pElem = NULL;
  388. *ppvElemHandle = NULL;
  390. hr = RunAsCache(RUNAS_CACHECTRL_REFERENCE |
  391. RUNAS_CACHECTRL_GETTOKEN |
  392. RUNAS_CACHECTRL_CREATENOTFOUND,
  393. *pToken,
  394. &pElem);
  395. if (SUCCEEDED(hr))
  396. {
  397. *ppvElemHandle = (void*)pElem;
  398. }
  400. return hr;
  401. }
  404. //+-------------------------------------------------------------------------
  405. //+
  406. //+ Function: RunAsSetWinstaDesktop
  407. //+
  408. //+ Synopsis: Given a handle to an entry, sets the desktop string
  409. //+ Assumption is that entry is referenced and therefore
  410. //+ a valid one.
  411. //+
  412. //+-------------------------------------------------------------------------
  413. void RunAsSetWinstaDesktop(void *pvElemHandle, WCHAR *pwszWinstaDesktop)
  414. {
  415. if (!pvElemHandle)
  416. return;
  418. SRunAsCache* pElem = (SRunAsCache*) pvElemHandle;
  419. ASSERT( (!pElem->pwszWinstaDesktop) ||
  420. (lstrcmpW(pElem->pwszWinstaDesktop, pwszWinstaDesktop)
  421. ==0) );
  422. if (!pElem->pwszWinstaDesktop)
  423. {
  424. lstrcpyW(pElem->pwszWDStore, pwszWinstaDesktop);
  425. pElem->pwszWinstaDesktop = pElem->pwszWDStore;
  426. }
  427. }
  429. //+-------------------------------------------------------------------------
  430. //+
  431. //+ Function: RunAsRelease
  432. //+
  433. //+ Synopsis: Given a handle to an entry, releases reference on it
  434. //+ Assumption is that entry is referenced and therefore
  435. //+ a valid one.
  436. //+
  437. //+-------------------------------------------------------------------------
  438. void RunAsRelease(void *pvElemHandle)
  439. {
  440. if (!pvElemHandle)
  441. return;
  443. SRunAsCache* pElem = (SRunAsCache*) pvElemHandle;
  445. // When refcount goes to 0 allow lazy clean up based on token
  446. // time out
  448. // Take lock.
  449. EnterCriticalSection( &gTokenCS );
  451. if ((--pElem->dwRefCount) == 0)
  452. {
  453. INVALIDATE_RUNAS_ENTRY(pElem);
  454. }
  456. LeaveCriticalSection( &gTokenCS );
  457. // Release lock.
  458. }
  460. //+-------------------------------------------------------------------------
  461. //+
  462. //+ Function: RunAsInvalidateAndRelease
  463. //+
  464. //+ Synopsis: Given a handle to an entry, invalidates it and releases
  465. //+ reference on it in response to some error.
  466. //+ Assumption is that entry is referenced and therefore
  467. //+ a valid one.
  468. //+
  469. //+-------------------------------------------------------------------------
  470. void RunAsInvalidateAndRelease(void *pvElemHandle)
  471. {
  472. if (!pvElemHandle)
  473. return;
  475. SRunAsCache* pElem = (SRunAsCache*) pvElemHandle;
  477. // Take lock.
  478. EnterCriticalSection( &gTokenCS );
  480. INVALIDATE_RUNAS_ENTRY(pElem);
  482. // Release lock.
  483. LeaveCriticalSection( &gTokenCS );
  485. RunAsRelease(pvElemHandle);
  486. }