archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/ds/security/cryptoapi/secstor/svr/acl.cpp

245 lines
5.6 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1996, 1997 Microsoft Corporation
  5. Module Name:
  7. acl.cpp
  9. Abstract:
  11. This module contains routines to support core security operations in
  12. the Protected Storage Server.
  14. Author:
  16. Scott Field (sfield) 25-Nov-96
  18. --*/
  20. #include <pch.cpp>
  21. #pragma hdrstop
  28. BOOL
  29. FImpersonateClient(
  30. IN PST_PROVIDER_HANDLE *hPSTProv
  31. )
  32. {
  33. handle_t hBinding = ((PCALL_STATE)hPSTProv)->hBinding;
  34. RPC_STATUS RpcStatus;
  36. if(!FIsWinNT())
  37. return TRUE;
  39. if(hPSTProv == NULL)
  40. return FALSE;
  42. if (hBinding == NULL)
  43. {
  44. if ((hPSTProv->LowPart == 0) && (hPSTProv->HighPart == 0) )
  45. return ImpersonateSelf(SecurityImpersonation);
  46. else
  47. return FALSE;
  48. }
  50. RpcStatus = RpcImpersonateClient(hBinding);
  52. if(RpcStatus != RPC_S_OK) {
  53. SetLastError(RpcStatus);
  54. return FALSE;
  55. }
  57. return TRUE;
  58. }
  60. BOOL
  61. FRevertToSelf(
  62. IN PST_PROVIDER_HANDLE *hPSTProv
  63. )
  64. {
  65. handle_t hBinding = ((PCALL_STATE)hPSTProv)->hBinding;
  66. RPC_STATUS RpcStatus;
  68. if(!FIsWinNT())
  69. return TRUE;
  71. if(hPSTProv == NULL)
  72. return FALSE;
  74. if (hBinding == NULL)
  75. {
  76. if ((hPSTProv->LowPart == 0) && (hPSTProv->HighPart == 0) )
  77. return RevertToSelf();
  78. else
  79. return FALSE;
  80. }
  82. RpcStatus = RpcRevertToSelfEx(hBinding);
  84. if(RpcStatus != RPC_S_OK) {
  85. SetLastError(RpcStatus);
  86. return FALSE;
  87. }
  89. return TRUE;
  90. }
  93. // dispatch module callback interface given to providers to ask about callers
  95. BOOL
  96. FGetUserName(
  97. IN PST_PROVIDER_HANDLE *hPSTProv,
  98. OUT LPWSTR* ppszUser
  99. )
  100. /*++
  101. This routine obtains the username (Win95) or Textual Sid (WinNT)
  102. associated with the calling thread. If the cached entry is not present,
  103. the cached entry is initialized with the current user name, and for WinNT,
  104. the authentication Id associated with the username. For WinNT, on
  105. subsequent calls, the calling threads authentication Id is checked to see
  106. if it matches the cached authentication Id - if true, the cached user
  107. string is released, otherwise, the current thread is evaluated and the
  108. result released to the client (note this is unlikely to happen unless
  109. the client process is impersonating multiple users and using the same
  110. context handle).
  112. If ppszUser parameter is set to NULL, the function does not allocate
  113. and copy user string to caller. This is useful to initialize the cached
  114. entry or to determine if the user string is valid and available.
  116. --*/
  117. {
  118. DWORD cch = MAX_PATH;
  119. WCHAR szBuf[MAX_PATH];
  120. BOOL f = FALSE; // assume failure. indicates if we inited OK, too.
  122. if (FIsWinNT())
  123. {
  124. // impersonating client should be easy way of nabbing this info
  125. if(!FImpersonateClient(hPSTProv))
  126. return FALSE;
  128. f = GetUserTextualSid(
  129. NULL,
  130. szBuf,
  131. &cch);
  133. if(!FRevertToSelf(hPSTProv))
  134. return FALSE;
  135. } else {
  136. f = GetUserNameU(
  137. szBuf,
  138. &cch);
  140. if(!f) {
  141. // for Win95, if nobody is logged on, empty user name
  142. if(GetLastError() == ERROR_NOT_LOGGED_ON) {
  143. szBuf[ 0 ] = L'\0';
  144. cch = 1;
  145. f = TRUE;
  146. }
  147. }
  148. }
  150. if (!f)
  151. return FALSE;
  153. if( ppszUser ) {
  154. *ppszUser = (LPWSTR)SSAlloc( cch * sizeof(WCHAR) );
  155. if (*ppszUser == NULL)
  156. return FALSE;
  157. CopyMemory(*ppszUser, szBuf, cch * sizeof(WCHAR) );
  158. }
  160. return TRUE;
  161. }
  163. // gets the image name for the process
  164. BOOL
  165. FGetParentFileName(
  166. IN PST_PROVIDER_HANDLE *hPSTProv,
  167. OUT LPWSTR* ppszName,
  168. OUT DWORD_PTR *lpdwBaseAddress
  169. )
  170. /*++
  172. If ppszName parameter is set to NULL, the function does not allocate
  173. and copy string to caller. This is useful to initialize the cached
  174. entry or to determine if the string is valid and available.
  176. If lpdwBaseAddress is NULL, the caller is not provided the base address
  177. associated with the process image.
  179. --*/
  180. {
  181. CALL_STATE *pCallState = (CALL_STATE *)hPSTProv;
  183. if(pCallState->hProcess == NULL)
  184. return FALSE;
  186. if( ppszName ) {
  187. *ppszName = (LPWSTR)SSAlloc( sizeof(WCHAR) );
  188. if(*ppszName == NULL)
  189. return FALSE;
  191. ZeroMemory( *ppszName, sizeof(WCHAR) );
  192. }
  194. if(lpdwBaseAddress) {
  195. *lpdwBaseAddress = 0;
  196. }
  198. return TRUE;
  199. }
  201. #if 0
  202. BOOL
  203. FGetDiskHash(
  204. IN PST_PROVIDER_HANDLE *hPSTProv,
  205. IN LPWSTR szImageName,
  206. IN BYTE Hash[A_SHA_DIGEST_LEN]
  207. )
  208. {
  209. BOOL bImpersonated = FALSE;
  210. HANDLE hFile;
  211. BOOL bSuccess = FALSE;
  213. if (FIsWinNT())
  214. {
  215. //
  216. // impersonate around hashing disk image since file may be on network
  217. // if impersonation fails, just try it anyway
  218. //
  220. bImpersonated = FImpersonateClient(hPSTProv);
  221. }
  224. hFile = CreateFileU(
  225. szImageName,
  226. GENERIC_READ,
  227. FILE_SHARE_READ,
  228. NULL,
  229. OPEN_EXISTING,
  230. FILE_FLAG_SEQUENTIAL_SCAN,
  231. NULL
  232. );
  234. if( hFile != INVALID_HANDLE_VALUE ) {
  236. bSuccess = HashDiskImage( hFile, Hash );
  237. CloseHandle( hFile );
  238. }
  240. if(bImpersonated)
  241. FRevertToSelf(hPSTProv);
  243. return bSuccess;
  244. }
  245. #endif