archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/ds/security/cryptoapi/secstor/common/secmisc.c

1010 lines
24 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1996, 1997 Microsoft Corporation
  5. Module Name:
  7. secmisc.c
  9. Abstract:
  11. This module contains miscellaneous security routines for the Protected
  12. Storage.
  15. Author:
  17. Scott Field (sfield) 25-Mar-97
  19. --*/
  21. #include <nt.h>
  22. #include <ntrtl.h>
  23. #include <nturtl.h>
  25. #include <windows.h>
  26. #include "secmisc.h"
  28. #include "unicode5.h"
  29. #include "debug.h"
  31. BOOL
  32. GetUserHKEYEx(
  33. IN LPCWSTR szUser,
  34. IN DWORD dwDesiredAccess,
  35. IN OUT HKEY *hKeyUser,
  36. IN BOOL fCheckDefault // check .Default registry hive when user's not available?
  37. )
  38. {
  39. HKEY hKey = NULL;
  40. LONG lRet;
  42. //
  43. // first, try HKEY_USERS\szUser
  44. // note on WinNT, szUser is an textual sid of the form S-1-5-21-xxx ...
  45. // on Win95, szUser is the username associated with the logged on user
  46. //
  48. //
  49. // unfortunately, if szUser is null or empty, the RegOpenKeyEx below will
  50. // succeed, which is not correct behavior for us. Check for this case
  51. // and retry with default on if fCheckDefault is TRUE.
  52. //
  54. if(szUser == NULL || szUser[0] == L'\0') {
  55. // invalid szUser specified.
  56. lRet = ERROR_FILE_NOT_FOUND;
  57. } else {
  58. lRet = RegOpenKeyExU(
  59. HKEY_USERS,
  60. szUser,
  61. 0, // dwOptions
  62. dwDesiredAccess,
  63. &hKey
  64. );
  65. }
  67. if( lRet != ERROR_SUCCESS && fCheckDefault ) {
  69. //
  70. // if that failed, try HKEY_USERS\.Default (for services on NT).
  71. // TODO (lookat), for now, don't fall back to HKEY_USERS\.Default on Win95
  72. // because that is shared across users when profiles are disabled.
  73. //
  75. lRet = RegOpenKeyExU(
  76. HKEY_USERS,
  77. L".Default",
  78. 0, // dwOptions
  79. dwDesiredAccess,
  80. &hKey
  81. );
  82. }
  84. if(lRet != ERROR_SUCCESS) {
  85. SetLastError( (DWORD)lRet );
  86. return FALSE;
  87. }
  89. *hKeyUser = hKey;
  91. return TRUE;
  92. }
  94. BOOL
  95. GetUserHKEY(
  96. IN LPCWSTR szUser,
  97. IN DWORD dwDesiredAccess,
  98. IN OUT HKEY *hKeyUser
  99. )
  100. {
  101. //
  102. // winnt: try HKEY_USERS\.Default
  103. // win95: don't go to HKEY_USERS\.Default when profiles disabled.
  104. //
  106. BOOL fRet = GetUserHKEYEx(szUser, dwDesiredAccess, hKeyUser, FALSE);
  108. if(!fRet)
  109. {
  110. //
  111. // see if local system. If so, retry against .Default
  112. //
  114. static const WCHAR szTextualSidSystem[] = TEXTUAL_SID_LOCAL_SYSTEM;
  116. if( memcmp(szUser, szTextualSidSystem, sizeof(szTextualSidSystem)) == 0 )
  117. fRet = GetUserHKEYEx(szUser, dwDesiredAccess, hKeyUser, TRUE);
  119. }
  121. return fRet;
  122. }
  124. BOOL
  125. GetUserTextualSid(
  126. IN HANDLE hUserToken, // optional
  127. IN OUT LPWSTR lpBuffer,
  128. IN OUT LPDWORD nSize
  129. )
  130. {
  131. HANDLE hToken;
  132. PSID pSidUser = NULL;
  133. BOOL fSuccess = FALSE;
  135. if(hUserToken == NULL)
  136. {
  137. if(!OpenThreadToken(
  138. GetCurrentThread(),
  139. TOKEN_QUERY,
  140. TRUE,
  141. &hToken
  142. ))
  143. {
  144. return FALSE;
  145. }
  146. }
  147. else
  148. {
  149. hToken = hUserToken;
  150. }
  152. fSuccess = GetTokenUserSid(hToken, &pSidUser);
  154. if(fSuccess)
  155. {
  156. //
  157. // obtain the textual representaion of the Sid
  158. //
  160. fSuccess = GetTextualSid(
  161. pSidUser, // user binary Sid
  162. lpBuffer, // buffer for TextualSid
  163. nSize // required/result buffer size in chars (including NULL)
  164. );
  165. }
  167. if(pSidUser)
  168. SSFree(pSidUser);
  170. if(hToken != hUserToken)
  171. {
  172. CloseHandle(hToken);
  173. }
  175. return fSuccess;
  176. }
  178. BOOL
  179. GetTextualSid(
  180. IN PSID pSid, // binary Sid
  181. IN OUT LPWSTR TextualSid, // buffer for Textual representaion of Sid
  182. IN OUT LPDWORD dwBufferLen // required/provided TextualSid buffersize
  183. )
  184. {
  185. PSID_IDENTIFIER_AUTHORITY psia;
  186. DWORD dwSubAuthorities;
  187. DWORD dwCounter;
  188. DWORD dwSidSize;
  191. if(!IsValidSid(pSid)) return FALSE;
  193. // obtain SidIdentifierAuthority
  194. psia = GetSidIdentifierAuthority(pSid);
  196. // obtain sidsubauthority count
  197. dwSubAuthorities = *GetSidSubAuthorityCount(pSid);
  199. //
  200. // compute buffer length (conservative guess)
  201. // S-SID_REVISION- + identifierauthority- + subauthorities- + NULL
  202. //
  203. dwSidSize=(15 + 12 + (12 * dwSubAuthorities) + 1) * sizeof(WCHAR);
  205. //
  206. // check provided buffer length.
  207. // If not large enough, indicate proper size and setlasterror
  208. //
  209. if(*dwBufferLen < dwSidSize) {
  210. *dwBufferLen = dwSidSize;
  211. SetLastError(ERROR_INSUFFICIENT_BUFFER);
  212. return FALSE;
  213. }
  215. //
  216. // prepare S-SID_REVISION-
  217. //
  218. dwSidSize = wsprintfW(TextualSid, L"S-%lu-", SID_REVISION );
  220. //
  221. // prepare SidIdentifierAuthority
  222. //
  223. if ( (psia->Value[0] != 0) || (psia->Value[1] != 0) ) {
  224. dwSidSize += wsprintfW(TextualSid + dwSidSize,
  225. L"0x%02hx%02hx%02hx%02hx%02hx%02hx",
  226. (USHORT)psia->Value[0],
  227. (USHORT)psia->Value[1],
  228. (USHORT)psia->Value[2],
  229. (USHORT)psia->Value[3],
  230. (USHORT)psia->Value[4],
  231. (USHORT)psia->Value[5]);
  232. } else {
  233. dwSidSize += wsprintfW(TextualSid + dwSidSize,
  234. L"%lu",
  235. (ULONG)(psia->Value[5] ) +
  236. (ULONG)(psia->Value[4] << 8) +
  237. (ULONG)(psia->Value[3] << 16) +
  238. (ULONG)(psia->Value[2] << 24) );
  239. }
  241. //
  242. // loop through SidSubAuthorities
  243. //
  244. for (dwCounter = 0 ; dwCounter < dwSubAuthorities ; dwCounter++) {
  245. dwSidSize += wsprintfW(TextualSid + dwSidSize,
  246. L"-%lu", *GetSidSubAuthority(pSid, dwCounter) );
  247. }
  249. *dwBufferLen = dwSidSize + 1; // tell caller how many chars (include NULL)
  251. return TRUE;
  252. }
  254. BOOL
  255. GetThreadAuthenticationId(
  256. IN HANDLE hThread,
  257. IN OUT PLUID AuthenticationId
  258. )
  259. /*++
  261. This function retrieves the authentication Id (LUID) from the access token
  262. specified by the calling thread.
  264. The thread specified by hThread must be impersonating a client.
  266. --*/
  267. {
  268. HANDLE hToken;
  269. TOKEN_STATISTICS TokenInfo;
  270. DWORD dwReturnLen;
  271. BOOL bSuccess;
  273. if(!OpenThreadToken(
  274. hThread,
  275. TOKEN_QUERY,
  276. TRUE,
  277. &hToken
  278. )) return FALSE;
  280. bSuccess = GetTokenInformation(
  281. hToken,
  282. TokenStatistics,
  283. &TokenInfo,
  284. sizeof(TokenInfo),
  285. &dwReturnLen
  286. );
  288. CloseHandle(hToken);
  290. if(!bSuccess) return FALSE;
  292. memcpy(AuthenticationId, &(TokenInfo.AuthenticationId), sizeof(LUID));
  293. return TRUE;
  294. }
  296. BOOL
  297. GetTokenAuthenticationId(
  298. IN HANDLE hUserToken,
  299. IN OUT PLUID AuthenticationId
  300. )
  301. /*++
  303. This function retrieves the authentication Id (LUID) from the specified
  304. access token.
  306. --*/
  307. {
  308. TOKEN_STATISTICS TokenInfo;
  309. DWORD dwReturnLen;
  310. BOOL bSuccess;
  311. HANDLE hToken = NULL;
  313. if(hUserToken == NULL)
  314. {
  315. if(!OpenThreadToken(
  316. GetCurrentThread(),
  317. TOKEN_QUERY,
  318. TRUE,
  319. &hToken
  320. ))
  321. {
  322. return FALSE;
  323. }
  324. }
  325. else
  326. {
  327. hToken = hUserToken;
  328. }
  330. bSuccess = GetTokenInformation(
  331. hToken,
  332. TokenStatistics,
  333. &TokenInfo,
  334. sizeof(TokenInfo),
  335. &dwReturnLen
  336. );
  338. if(hToken != hUserToken)
  339. {
  340. CloseHandle(hToken);
  341. }
  343. if(!bSuccess) return FALSE;
  345. memcpy(AuthenticationId, &(TokenInfo.AuthenticationId), sizeof(LUID));
  346. return TRUE;
  347. }
  349. BOOL
  350. GetTokenUserSid(
  351. IN HANDLE hUserToken, // token to query
  352. IN OUT PSID *ppUserSid // resultant user sid
  353. )
  354. /*++
  356. This function queries the access token specified by the
  357. hToken parameter, and returns an allocated copy of the
  358. TokenUser information on success.
  360. The access token specified by hToken must be opened for
  361. TOKEN_QUERY access.
  363. On success, the return value is TRUE. The caller is
  364. responsible for freeing the resultant UserSid via a call
  365. to SSFree().
  367. On failure, the return value is FALSE. The caller does
  368. not need to free any buffer.
  370. --*/
  371. {
  372. BYTE FastBuffer[256];
  373. LPBYTE SlowBuffer = NULL;
  374. PTOKEN_USER ptgUser;
  375. DWORD cbBuffer;
  376. BOOL fSuccess = FALSE;
  377. HANDLE hToken = NULL;
  379. *ppUserSid = NULL;
  381. if(hUserToken == NULL)
  382. {
  383. if(!OpenThreadToken(
  384. GetCurrentThread(),
  385. TOKEN_QUERY,
  386. TRUE,
  387. &hToken
  388. ))
  389. {
  390. return FALSE;
  391. }
  392. }
  393. else
  394. {
  395. hToken = hUserToken;
  396. }
  398. //
  399. // try querying based on a fast stack based buffer first.
  400. //
  402. ptgUser = (PTOKEN_USER)FastBuffer;
  403. cbBuffer = sizeof(FastBuffer);
  405. fSuccess = GetTokenInformation(
  406. hToken, // identifies access token
  407. TokenUser, // TokenUser info type
  408. ptgUser, // retrieved info buffer
  409. cbBuffer, // size of buffer passed-in
  410. &cbBuffer // required buffer size
  411. );
  413. if(!fSuccess) {
  415. if(GetLastError() == ERROR_INSUFFICIENT_BUFFER) {
  417. //
  418. // try again with the specified buffer size
  419. //
  421. SlowBuffer = (LPBYTE)SSAlloc(cbBuffer);
  423. if(SlowBuffer != NULL) {
  424. ptgUser = (PTOKEN_USER)SlowBuffer;
  426. fSuccess = GetTokenInformation(
  427. hToken, // identifies access token
  428. TokenUser, // TokenUser info type
  429. ptgUser, // retrieved info buffer
  430. cbBuffer, // size of buffer passed-in
  431. &cbBuffer // required buffer size
  432. );
  433. }
  434. }
  435. }
  437. //
  438. // if we got the token info successfully, copy the
  439. // relevant element for the caller.
  440. //
  442. if(fSuccess) {
  444. DWORD cbSid;
  446. // reset to assume failure
  447. fSuccess = FALSE;
  449. cbSid = GetLengthSid(ptgUser->User.Sid);
  451. *ppUserSid = SSAlloc( cbSid );
  453. if(*ppUserSid != NULL) {
  454. fSuccess = CopySid(cbSid, *ppUserSid, ptgUser->User.Sid);
  455. }
  456. else
  457. {
  458. fSuccess = FALSE;
  459. }
  460. }
  462. if(!fSuccess) {
  463. if(*ppUserSid) {
  464. SSFree(*ppUserSid);
  465. *ppUserSid = NULL;
  466. }
  467. }
  469. if(SlowBuffer)
  470. SSFree(SlowBuffer);
  472. if(hToken != hUserToken)
  473. {
  474. CloseHandle(hToken);
  475. }
  477. return fSuccess;
  478. }
  480. BOOL
  481. SetRegistrySecurity(
  482. IN HKEY hKey
  483. )
  484. /*++
  486. The function applies security to the specifed registry key such that only
  487. Local System has Full Control to the registry key. Note that the owner
  488. is not set, which results in a default owner of Administrators.
  490. The specified hKey must to opened for WRITE_DAC access.
  492. --*/
  493. {
  494. SID_IDENTIFIER_AUTHORITY sia = SECURITY_NT_AUTHORITY;
  495. PSID pLocalSystemSid = NULL;
  496. SECURITY_DESCRIPTOR sd;
  497. PACL pDacl = NULL;
  498. PACCESS_ALLOWED_ACE pAce;
  499. DWORD dwAclSize;
  500. LONG lRetCode;
  501. BOOL bSuccess = FALSE; // assume this function fails
  503. //
  504. // prepare a Sid representing the Local System account
  505. //
  507. if(!AllocateAndInitializeSid(
  508. &sia,
  509. 1,
  510. SECURITY_LOCAL_SYSTEM_RID,
  511. 0, 0, 0, 0, 0, 0, 0,
  512. &pLocalSystemSid
  513. )) goto cleanup;
  515. //
  516. // compute size of new acl
  517. //
  519. dwAclSize = sizeof(ACL) +
  520. 1 * ( sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) ) +
  521. GetLengthSid(pLocalSystemSid) ;
  523. //
  524. // allocate storage for Acl
  525. //
  527. pDacl = (PACL)SSAlloc(dwAclSize);
  528. if(pDacl == NULL) goto cleanup;
  530. if(!InitializeAcl(pDacl, dwAclSize, ACL_REVISION))
  531. goto cleanup;
  533. if(!AddAccessAllowedAce(
  534. pDacl,
  535. ACL_REVISION,
  536. KEY_ALL_ACCESS,
  537. pLocalSystemSid
  538. )) goto cleanup;
  540. //
  541. // make it container inherit.
  542. //
  544. if(!GetAce(pDacl, 0, &pAce))
  545. goto cleanup;
  547. pAce->Header.AceFlags = CONTAINER_INHERIT_ACE;
  549. if(!InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION))
  550. goto cleanup;
  552. if(!SetSecurityDescriptorDacl(&sd, TRUE, pDacl, FALSE)) {
  553. goto cleanup;
  554. }
  556. //
  557. // apply the security descriptor to the registry key
  558. //
  560. lRetCode = RegSetKeySecurity(
  561. hKey,
  562. (SECURITY_INFORMATION)DACL_SECURITY_INFORMATION,
  563. &sd
  564. );
  566. if(lRetCode != ERROR_SUCCESS) {
  567. goto cleanup;
  568. }
  570. bSuccess = TRUE; // indicate success
  572. cleanup:
  574. //
  575. // free allocated resources
  576. //
  578. if(pDacl != NULL)
  579. SSFree(pDacl);
  581. if(pLocalSystemSid != NULL)
  582. FreeSid(pLocalSystemSid);
  584. return bSuccess;
  585. }
  587. BOOL
  588. SetPrivilege(
  589. HANDLE hToken, // token handle
  590. LPCWSTR Privilege, // Privilege to enable/disable
  591. BOOL bEnablePrivilege // to enable or disable privilege
  592. )
  593. {
  594. TOKEN_PRIVILEGES tp;
  595. LUID luid;
  596. TOKEN_PRIVILEGES tpPrevious;
  597. DWORD cbPrevious=sizeof(TOKEN_PRIVILEGES);
  599. if(!LookupPrivilegeValueW( NULL, Privilege, &luid )) return FALSE;
  601. //
  602. // first pass. get current privilege setting
  603. //
  604. tp.PrivilegeCount = 1;
  605. tp.Privileges[0].Luid = luid;
  606. tp.Privileges[0].Attributes = 0;
  608. AdjustTokenPrivileges(
  609. hToken,
  610. FALSE,
  611. &tp,
  612. sizeof(TOKEN_PRIVILEGES),
  613. &tpPrevious,
  614. &cbPrevious
  615. );
  617. if (GetLastError() != ERROR_SUCCESS) return FALSE;
  619. //
  620. // second pass. set privilege based on previous setting
  621. //
  622. tpPrevious.PrivilegeCount = 1;
  623. tpPrevious.Privileges[0].Luid = luid;
  625. if(bEnablePrivilege) {
  626. tpPrevious.Privileges[0].Attributes |= (SE_PRIVILEGE_ENABLED);
  627. }
  628. else {
  629. tpPrevious.Privileges[0].Attributes ^= (SE_PRIVILEGE_ENABLED &
  630. tpPrevious.Privileges[0].Attributes);
  631. }
  633. AdjustTokenPrivileges(
  634. hToken,
  635. FALSE,
  636. &tpPrevious,
  637. cbPrevious,
  638. NULL,
  639. NULL
  640. );
  642. if (GetLastError() != ERROR_SUCCESS) return FALSE;
  644. return TRUE;
  645. }
  647. BOOL
  648. SetCurrentPrivilege(
  649. LPCWSTR Privilege, // Privilege to enable/disable
  650. BOOL bEnablePrivilege // to enable or disable privilege
  651. )
  652. {
  653. BOOL bSuccess=FALSE; // assume failure
  654. HANDLE hToken;
  656. if(OpenProcessToken(
  657. GetCurrentProcess(),
  658. TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES,
  659. &hToken
  660. ))
  661. {
  663. if(SetPrivilege(hToken, Privilege, bEnablePrivilege)) bSuccess=TRUE;
  665. CloseHandle(hToken);
  666. }
  668. return bSuccess;
  669. }
  671. #if 0
  672. BOOL
  673. IsDelegating(
  674. IN HANDLE hToken // token to query, open for at least TOKEN_QUERY access
  675. )
  676. /*++
  678. This function determines if the specified access token represents an
  679. impersonation at the delegation impersonate level.
  681. The access token specified by the hToken parameter must be opened for
  682. at least TOKEN_QUERY access.
  684. If the return value is TRUE, the specified hToken is impersonating at
  685. delegation level.
  687. If the return value is FALSE, hToken does not represent delegation level
  688. impersonation.
  690. --*/
  691. {
  692. DWORD dwImpersonationLevel;
  693. DWORD cbTokenInfo;
  695. if( GetTokenInformation(
  696. hToken,
  697. TokenImpersonationLevel,
  698. &dwImpersonationLevel,
  699. sizeof(dwImpersonationLevel),
  700. &cbTokenInfo
  701. ) && dwImpersonationLevel == SecurityDelegation ) {
  703. return TRUE;
  704. }
  706. return FALSE;
  707. }
  708. #endif
  710. BOOL
  711. IsUserSidInDomain(
  712. IN PSID pSidDomain, // domain Sid
  713. IN PSID pSidUser // user Sid
  714. )
  715. /*++
  717. This function determines if the user associated with the
  718. pSidUser parameter exists in the domain specified by pSidDomain.
  720. If the user is in the specified domain, the return value is TRUE.
  721. Otherwise, the return value is FALSE.
  723. --*/
  724. {
  725. DWORD dwSubauthorityCount;
  726. DWORD dwSubauthIndex;
  728. //
  729. // pickup count of subauthorities in domain sid. The domain Sid
  730. // is the prefix associated with user sids, so use that count
  731. // as the basis for our comparison.
  732. //
  734. dwSubauthorityCount = (DWORD)*GetSidSubAuthorityCount( pSidDomain );
  736. if( dwSubauthorityCount >= (DWORD)*GetSidSubAuthorityCount( pSidUser ) )
  737. return FALSE;
  739. //
  740. // compare identifier authority values.
  741. //
  743. if(memcmp( GetSidIdentifierAuthority(pSidDomain),
  744. GetSidIdentifierAuthority(pSidUser),
  745. sizeof(SID_IDENTIFIER_AUTHORITY) ) != 0)
  746. return FALSE;
  748. //
  749. // loop through subauthorities comparing equality.
  750. //
  752. for(dwSubauthIndex = 0 ;
  753. dwSubauthIndex < dwSubauthorityCount ;
  754. dwSubauthIndex++) {
  756. if( *GetSidSubAuthority(pSidDomain, dwSubauthIndex) !=
  757. *GetSidSubAuthority(pSidUser, dwSubauthIndex) )
  758. return FALSE;
  759. }
  762. return TRUE;
  763. }
  765. #if 0
  766. BOOL
  767. IsAdministrator(
  768. VOID
  769. )
  770. /*++
  772. This function determines if the calling user is an Administrator.
  774. On Windows 95, this function always returns TRUE, as there is
  775. no difference between users on that platform.
  777. On Windows NT, the caller of this function must be impersonating
  778. the user which is to be queried. If the caller is not impersonating,
  779. this function will always return FALSE.
  781. --*/
  782. {
  783. HANDLE hAccessToken;
  784. SID_IDENTIFIER_AUTHORITY siaNtAuthority = SECURITY_NT_AUTHORITY;
  785. PSID psidAdministrators = NULL;
  786. BOOL bSuccess;
  788. if(!OpenThreadToken(
  789. GetCurrentThread(),
  790. TOKEN_QUERY,
  791. TRUE,
  792. &hAccessToken
  793. )) return FALSE;
  795. bSuccess = AllocateAndInitializeSid(
  796. &siaNtAuthority,
  797. 2,
  798. SECURITY_BUILTIN_DOMAIN_RID,
  799. DOMAIN_ALIAS_RID_ADMINS,
  800. 0, 0, 0, 0, 0, 0,
  801. &psidAdministrators
  802. );
  804. if( bSuccess ) {
  805. BOOL fIsMember = FALSE;
  807. bSuccess = CheckTokenMembership( hAccessToken, psidAdministrators, &fIsMember );
  809. if( bSuccess && !fIsMember )
  810. bSuccess = FALSE;
  812. }
  814. CloseHandle( hAccessToken );
  816. if(psidAdministrators)
  817. FreeSid(psidAdministrators);
  819. return bSuccess;
  820. }
  821. #endif
  823. BOOL
  824. IsLocal(
  825. VOID
  826. )
  827. /*++
  829. This function determines if the calling user is logged on locally
  831. On Windows NT, the caller of this function must be impersonating
  832. the user which is to be queried. If the caller is not impersonating,
  833. this function will always return FALSE.
  835. --*/
  836. {
  837. HANDLE hAccessToken;
  838. SID_IDENTIFIER_AUTHORITY siaLocalAuthority = SECURITY_LOCAL_SID_AUTHORITY;
  839. PSID psidLocal = NULL;
  840. BOOL bSuccess;
  842. if(!OpenThreadToken(
  843. GetCurrentThread(),
  844. TOKEN_QUERY,
  845. TRUE,
  846. &hAccessToken
  847. )) return FALSE;
  849. bSuccess = AllocateAndInitializeSid(
  850. &siaLocalAuthority,
  851. 1,
  852. SECURITY_LOCAL_RID,
  853. 0, 0, 0, 0, 0, 0, 0,
  854. &psidLocal
  855. );
  857. if( bSuccess ) {
  858. BOOL fIsMember = FALSE;
  860. bSuccess = CheckTokenMembership( hAccessToken, psidLocal, &fIsMember );
  862. if( bSuccess && !fIsMember )
  863. bSuccess = FALSE;
  865. }
  867. CloseHandle( hAccessToken );
  869. if(psidLocal)
  870. FreeSid(psidLocal);
  872. return bSuccess;
  873. }
  876. BOOL
  877. IsDomainController(
  878. VOID
  879. )
  880. /*++
  882. This function returns TRUE if the current machine is a Windows NT
  883. domain controller.
  885. The function returns FALSE if the current machine is not a Windows NT
  886. domain controller.
  888. --*/
  889. {
  890. HMODULE hNtDll;
  892. typedef BOOLEAN (NTAPI *RTLGETNTPRODUCTTYPE)(
  893. OUT PNT_PRODUCT_TYPE NtProductType
  894. );
  896. RTLGETNTPRODUCTTYPE _RtlGetNtProductType;
  897. NT_PRODUCT_TYPE NtProductType;
  899. hNtDll = GetModuleHandleW(L"ntdll.dll");
  900. if( hNtDll == NULL )
  901. return FALSE;
  904. _RtlGetNtProductType = (RTLGETNTPRODUCTTYPE)GetProcAddress( hNtDll, "RtlGetNtProductType" );
  905. if( _RtlGetNtProductType == NULL )
  906. return FALSE;
  909. if(_RtlGetNtProductType( &NtProductType )) {
  910. if( NtProductType == NtProductLanManNt )
  911. return TRUE;
  912. }
  914. return FALSE;
  915. }
  917. #if 0
  918. LONG
  919. SecureRegDeleteValueU(
  920. IN HKEY hKey, // handle of key
  921. IN LPCWSTR lpValueName // address of value name
  922. )
  923. /*++
  925. This function securely deletes a value from the registry. This approach
  926. avoids leaving a copy of the old data in the registry backing file after
  927. the delete has occurred.
  929. The specified registry handle hKey must be opened for
  930. REG_QUERY_VALUE | REG_SET_VALUE | DELETE access.
  932. On success, the return value is ERROR_SUCCESS.
  933. On error, the return value is a Win32 error code.
  935. --*/
  936. {
  937. DWORD dwType;
  938. DWORD cbData;
  940. BYTE FastBuffer[ 256 ];
  941. LPBYTE lpData;
  942. LPBYTE SlowBuffer = NULL;
  944. LONG lRet;
  946. cbData = 0; // query size of value data.
  948. //
  949. // query the current size of the registry data.
  950. // zero the current registry data of current size.
  951. // delete the registry data.
  952. // flush the change to disk.
  953. // If errors occur, just do a regular delete.
  954. //
  956. lRet = RegQueryValueExU(
  957. hKey,
  958. lpValueName,
  959. NULL,
  960. &dwType,
  961. NULL,
  962. &cbData
  963. );
  965. if( lRet == ERROR_MORE_DATA ) {
  967. BOOL fSet = TRUE; // assume ok to set
  969. //
  970. // select fast buffer if large enough. otherwise, allocate a buffer
  971. //
  973. if(cbData <= sizeof(FastBuffer)) {
  974. lpData = FastBuffer;
  975. } else {
  976. SlowBuffer = (LPBYTE)SSAlloc( cbData );
  978. if(SlowBuffer == NULL) {
  979. fSet = FALSE; // failure.
  980. } else {
  981. lpData = SlowBuffer;
  982. }
  984. }
  986. if( fSet ) {
  988. ZeroMemory( lpData, cbData );
  990. RegSetValueExU(
  991. hKey,
  992. lpValueName,
  993. 0,
  994. dwType,
  995. lpData,
  996. cbData
  997. );
  998. }
  999. }
  1001. lRet = RegDeleteValueU( hKey, lpValueName );
  1003. RegFlushKey( hKey );
  1005. if( SlowBuffer )
  1006. SSFree( SlowBuffer );
  1008. return lRet;
  1009. }
  1010. #endif