archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/admin/cmdline/whoami/wstoken.cpp

503 lines
13 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) Microsoft Corporation
  5. Module Name:
  7. wstoken.cpp
  9. Abstract:
  11. This file intializes the members and methods of WsAccessToken class.
  13. Authors:
  15. Christophe Robert
  17. Revision History:
  19. 02-July-2001 : Updated by Wipro Technologies.
  21. --*/
  23. //common header files needed for this file
  24. #include "pch.h"
  25. #include "CommonHeaderFiles.h"
  28. WsAccessToken::WsAccessToken()
  29. /*++
  30. Routine Description:
  31. This function intializes the members of WsAccessToken class.
  33. Arguments:
  34. None
  35. Return Value:
  36. None
  37. --*/
  38. {
  39. // intialize the variables
  40. hToken = NULL ;
  42. dwDomainAttributes = NULL;
  44. }
  48. WsAccessToken::~WsAccessToken()
  49. /*++
  50. Routine Description:
  51. This function deallocates the members of WsAccessToken class.
  53. Arguments:
  54. None
  55. Return Value:
  56. None
  57. --*/
  58. {
  59. // release handle
  60. if(hToken){
  61. CloseHandle ( hToken ) ;
  62. }
  64. if (dwDomainAttributes)
  65. {
  66. FreeMemory ((LPVOID *) &dwDomainAttributes) ;
  67. }
  68. }
  71. DWORD
  72. WsAccessToken::InitGroups(
  73. OUT WsSid ***lppGroupsSid,
  74. OUT WsSid **lppLogonId,
  75. OUT DWORD *lpnbGroups
  76. )
  77. /*++
  78. Routine Description:
  79. This function retrieves and build groups SIDs array.
  81. Arguments:
  83. [OUT] lppGroupsSid : Stores group SID
  84. [OUT] lppLogonId : Stores logon ID
  85. [OUT] lpnbGroups : Stores the number of groups
  87. Return Value:
  88. EXIT_SUCCESS : On success
  89. EXIT_FAILURE : On failure
  90. --*/
  91. {
  92. // sub-local variables
  93. TOKEN_GROUPS *lpTokenGroups ;
  94. DWORD dwTokenGroups = 0;
  95. DWORD dwGroup = 0 ;
  96. WORD wloop = 0 ;
  97. BOOL bTokenInfo = FALSE;
  99. // Get groups size
  100. bTokenInfo = GetTokenInformation(hToken, TokenGroups, NULL, 0, &dwTokenGroups);
  101. // if required buffer size is zero...
  102. // So we assume that there are no groups present in the system
  103. if ( 0 == dwTokenGroups )
  104. {
  105. // return WIN32 error code
  106. return GetLastError () ;
  107. }
  109. // Allocate memory for the groups
  110. lpTokenGroups = ( TOKEN_GROUPS * ) AllocateMemory( dwTokenGroups );
  111. if ( NULL == lpTokenGroups )
  112. {
  113. // release memory
  114. FreeMemory ((LPVOID *) &lpTokenGroups) ;
  115. // return WIN32 error code
  116. return ERROR_NOT_ENOUGH_MEMORY ;
  117. }
  119. // Get the group names
  120. bTokenInfo = GetTokenInformation ( hToken, TokenGroups, lpTokenGroups, dwTokenGroups, &dwTokenGroups );
  121. if ( FALSE == bTokenInfo )
  122. {
  123. FreeMemory ((LPVOID *) &lpTokenGroups) ;
  124. return GetLastError () ;
  125. }
  127. //Build objects
  128. *lpnbGroups = (WORD) lpTokenGroups->GroupCount ;
  130. // check for logonid
  131. if(IsLogonId ( lpTokenGroups )){
  132. (*lpnbGroups)-- ;
  133. }
  134. else{
  135. *lppLogonId = NULL ;
  136. }
  138. // Allocate memory with the actual size
  139. *lppGroupsSid = (WsSid **) AllocateMemory ( *lpnbGroups * sizeof(WsSid**) ) ;
  140. if ( NULL == *lppGroupsSid )
  141. {
  142. FreeMemory ((LPVOID *) &lpTokenGroups) ;
  143. return ERROR_NOT_ENOUGH_MEMORY ;
  144. }
  146. // Get SID with respect to the group names
  147. for( wloop = 0 ; wloop < *lpnbGroups ; wloop++ ){
  148. (*lppGroupsSid)[wloop] = new WsSid () ;
  149. if ( NULL == (*lppGroupsSid)[wloop] )
  150. {
  151. // release memory
  152. FreeMemory ((LPVOID *) &lpTokenGroups) ;
  153. // return WIN32 error code
  154. return GetLastError () ;
  155. }
  156. }
  159. //Allocate memory for attributes
  160. dwDomainAttributes = (DWORD*) AllocateMemory ( (lpTokenGroups->GroupCount * sizeof(DWORD)) + 10) ;
  161. if ( 0 == dwDomainAttributes )
  162. {
  163. FreeMemory ((LPVOID *) &lpTokenGroups) ;
  164. return ERROR_NOT_ENOUGH_MEMORY ;
  165. }
  168. //Loop within groups
  169. for(wloop = 0 , dwGroup = 0;
  170. dwGroup < lpTokenGroups->GroupCount ;
  171. dwGroup++) {
  172. // store the domain attributes
  173. dwDomainAttributes[dwGroup] = lpTokenGroups->Groups[dwGroup].Attributes;
  175. //check whether SID is a logon SID
  176. if(lpTokenGroups->Groups[dwGroup].Attributes & SE_GROUP_LOGON_ID) {
  177. *lppLogonId = new WsSid () ;
  178. if ( NULL == *lppLogonId )
  179. {
  180. // release memory
  181. FreeMemory ((LPVOID *) &lpTokenGroups) ;
  182. // return WIN32 error code
  183. return GetLastError () ;
  184. }
  186. (*lppLogonId)->Init ( lpTokenGroups->Groups[dwGroup].Sid ) ;
  187. }
  188. else {
  189. (*lppGroupsSid)[wloop++]->Init(lpTokenGroups->Groups[dwGroup].Sid);
  190. }
  191. }
  193. dwDomainAttributes[dwGroup] = 0;
  195. //release memory
  196. FreeMemory ((LPVOID *) &lpTokenGroups) ;
  198. // return success
  199. return EXIT_SUCCESS ;
  200. }
  203. DWORD
  204. WsAccessToken::InitPrivs (
  205. OUT WsPrivilege ***lppPriv,
  206. OUT DWORD *lpnbPriv
  207. )
  208. /*++
  209. Routine Description:
  210. This function retrieves and build privileges array.
  212. Arguments:
  213. [OUT] lppPriv : Stores the privileges array
  214. [OUT] lpnbPriv : Stores the number of privileges
  216. Return Value:
  217. EXIT_SUCCESS : On success
  218. EXIT_FAILURE : On failure
  219. --*/
  220. {
  222. //sub-local variables
  223. DWORD dwTokenPriv = 0;
  224. TOKEN_PRIVILEGES *lpTokenPriv ;
  225. WORD wloop = 0 ;
  226. BOOL bTokenInfo = FALSE;
  228. // Get the privileges size
  229. bTokenInfo = GetTokenInformation(hToken,TokenPrivileges, NULL, 0, &dwTokenPriv);
  230. // if required buffer size is zero...
  231. // So we assume that there are no privileges present in the system
  232. if( 0 == dwTokenPriv )
  233. {
  234. // return WIN32 error code
  235. return GetLastError () ;
  236. }
  238. // allocate memory with actual size
  239. lpTokenPriv = (TOKEN_PRIVILEGES *) AllocateMemory ( dwTokenPriv ) ;
  240. if ( NULL == lpTokenPriv)
  241. {
  242. // return WIN32 error code
  243. return ERROR_NOT_ENOUGH_MEMORY ;
  244. }
  246. //Allocate memory for the privileges
  247. bTokenInfo = GetTokenInformation ( hToken, TokenPrivileges, lpTokenPriv, dwTokenPriv, &dwTokenPriv);
  248. if( FALSE == bTokenInfo )
  249. {
  250. // release memory
  251. FreeMemory ((LPVOID *) &lpTokenPriv) ;
  252. // return WIN32 error code
  253. return GetLastError () ;
  254. }
  256. //Get privilege count
  257. *lpnbPriv = (DWORD) lpTokenPriv->PrivilegeCount ;
  259. // allocate memory with the privilege count
  260. *lppPriv = (WsPrivilege **) AllocateMemory( *lpnbPriv * sizeof(WsPrivilege**) );
  262. if ( NULL == *lppPriv )
  263. {
  264. // release memory
  265. FreeMemory ((LPVOID *) &lpTokenPriv) ;
  266. // retrun WIN 32 error code
  267. return ERROR_NOT_ENOUGH_MEMORY ;
  268. }
  270. //Loop through the privileges to display their name
  271. for( wloop = 0 ; wloop < (WORD) lpTokenPriv->PrivilegeCount ; wloop++) {
  272. (*lppPriv)[wloop] = new WsPrivilege ( &lpTokenPriv->Privileges[wloop] ) ;
  274. if ( NULL == (*lppPriv)[wloop] )
  275. {
  276. // release memory
  277. FreeMemory ((LPVOID *) &lpTokenPriv) ;
  278. // retrun WIN 32 error code
  279. return GetLastError () ;
  280. }
  281. }
  283. // release memory
  284. FreeMemory ((LPVOID *) &lpTokenPriv) ;
  286. // return success
  287. return EXIT_SUCCESS ;
  288. }
  291. DWORD
  292. WsAccessToken::InitUserSid (
  293. OUT WsSid *lpSid
  294. )
  295. /*++
  296. Routine Description:
  297. This function initializes the user name and SID.
  299. Arguments:
  300. [OUT] lpSid : Stores the SID
  302. Return Value:
  303. EXIT_SUCCESS : On success
  304. EXIT_FAILURE : On failure
  305. --*/
  306. {
  308. // sub-local varibles
  309. DWORD dwUser = 0 ;
  310. TOKEN_USER *lpUser ;
  311. BOOL bTokenInfo = FALSE;
  312. DWORD dwRetVal = 0;
  314. // Get User name size
  315. bTokenInfo = GetTokenInformation ( hToken, TokenUser, NULL, 0, &dwUser);
  316. // if required buffer size is zero...
  317. if( 0 == dwUser )
  318. {
  319. // return WIN32 error code
  320. return GetLastError () ;
  321. }
  323. // allocate memory with the actual size
  324. lpUser = (TOKEN_USER *) AllocateMemory ( dwUser ) ;
  325. if ( NULL == lpUser )
  326. {
  327. // return WIN32 error code
  328. return ERROR_NOT_ENOUGH_MEMORY ;
  329. }
  331. // Get the information of Logged-on user and SID
  332. bTokenInfo = GetTokenInformation ( hToken, TokenUser, lpUser, dwUser, &dwUser );
  333. if( FALSE == bTokenInfo )
  334. {
  335. FreeMemory ((LPVOID *) &lpUser) ;
  336. // return WIN32 error code
  337. return GetLastError () ;
  338. }
  340. dwRetVal = lpSid->Init ( lpUser->User.Sid );
  342. // release memory
  343. FreeMemory ((LPVOID *) &lpUser) ;
  345. // return SID
  346. return dwRetVal ;
  347. }
  351. BOOL
  352. WsAccessToken::IsLogonId (
  353. OUT TOKEN_GROUPS *lpTokenGroups
  354. )
  355. /*++
  356. Routine Description:
  357. This function checks whether logon id is present or not.
  359. Arguments:
  360. [OUT] lpTokenGroups : Stores the token groups
  362. Return Value:
  363. TRUE : On success
  364. FALSE : On failure
  365. --*/
  366. {
  368. //sub-local variables
  369. DWORD dwGroup = 0;
  371. // Loop through and check whether the SID is a logon SID
  372. for(dwGroup = 0; dwGroup < lpTokenGroups->GroupCount ; dwGroup++) {
  373. if(lpTokenGroups->Groups[dwGroup].Attributes & SE_GROUP_LOGON_ID){
  374. // return 0
  375. return TRUE ;
  376. }
  377. }
  379. // return 1
  380. return FALSE ;
  381. }
  385. DWORD
  386. WsAccessToken::Open ( VOID )
  387. /*++
  388. Routine Description:
  389. This function opens the current access token.
  391. Arguments:
  392. None
  394. Return Value:
  395. EXIT_SUCCESS : On success
  396. EXIT_FAILURE : On failure
  397. --*/
  398. {
  400. // Open current process token
  401. if( FALSE == OpenProcessToken ( GetCurrentProcess(),
  402. TOKEN_QUERY | TOKEN_QUERY_SOURCE,
  403. &hToken )){
  404. //return WIN32 error code
  405. return GetLastError () ;
  406. }
  408. // return success
  409. return EXIT_SUCCESS ;
  410. }
  412. VOID
  413. WsAccessToken::GetDomainAttributes(
  414. IN DWORD dwAttributes,
  415. OUT LPWSTR szDmAttrib,
  416. IN DWORD dwSize
  417. )
  418. /*++
  419. Routine Description:
  420. Gets the domain attribute names
  422. Arguments:
  423. [IN] dwAttributes : attibute value
  424. [OUT] szDomainAttrib : attibute value
  426. Return Value:
  427. TRUE : On success
  428. FALSE : On failure
  429. --*/
  430. {
  431. WCHAR szDomainAttrib [2 * MAX_STRING_LENGTH] ;
  432. BOOL bFlag = FALSE;
  434. // initialize the variables
  435. SecureZeroMemory ( szDomainAttrib, SIZE_OF_ARRAY(szDomainAttrib) );
  437. //Mandatory group
  438. if( SE_GROUP_MANDATORY & dwAttributes )
  439. {
  440. StringConcat (szDomainAttrib, GetResString(IDS_ATTRIB_MANDATORY), SIZE_OF_ARRAY(szDomainAttrib));
  441. bFlag = TRUE;
  442. }
  444. // Enabled by default
  445. if( SE_GROUP_ENABLED_BY_DEFAULT & dwAttributes )
  446. {
  447. if ( TRUE == bFlag )
  448. {
  449. StringConcat (szDomainAttrib, L", ", SIZE_OF_ARRAY(szDomainAttrib));
  450. }
  451. StringConcat (szDomainAttrib, GetResString(IDS_ATTRIB_BYDEFAULT), SIZE_OF_ARRAY(szDomainAttrib));
  452. bFlag = TRUE;
  453. }
  455. //Enabled group
  456. if( SE_GROUP_ENABLED & dwAttributes )
  457. {
  458. if ( TRUE == bFlag )
  459. {
  460. StringConcat (szDomainAttrib, L", ", SIZE_OF_ARRAY(szDomainAttrib));
  461. }
  462. StringConcat (szDomainAttrib, GetResString(IDS_ATTRIB_ENABLED), SIZE_OF_ARRAY(szDomainAttrib));
  463. bFlag = TRUE;
  464. }
  466. //Group owner
  467. if( SE_GROUP_OWNER & dwAttributes )
  468. {
  469. if ( TRUE == bFlag )
  470. {
  471. StringConcat (szDomainAttrib, L", ", SIZE_OF_ARRAY(szDomainAttrib));
  472. }
  473. StringConcat (szDomainAttrib, GetResString(IDS_ATTRIB_OWNER), SIZE_OF_ARRAY(szDomainAttrib));
  474. bFlag = TRUE;
  475. }
  477. //Group use for deny only
  478. if( SE_GROUP_USE_FOR_DENY_ONLY & dwAttributes )
  479. {
  480. if ( TRUE == bFlag )
  481. {
  482. StringConcat (szDomainAttrib, L", ", SIZE_OF_ARRAY(szDomainAttrib));
  483. }
  484. StringConcat (szDomainAttrib, GetResString(IDS_ATTRIB_USEFORDENY), SIZE_OF_ARRAY(szDomainAttrib));
  485. bFlag = TRUE;
  486. }
  488. //local group
  489. if( SE_GROUP_RESOURCE & dwAttributes )
  490. {
  491. if ( TRUE == bFlag )
  492. {
  493. StringConcat (szDomainAttrib, L", ", SIZE_OF_ARRAY(szDomainAttrib));
  494. }
  496. StringConcat (szDomainAttrib, GetResString(IDS_ATTRIB_LOCAL), SIZE_OF_ARRAY(szDomainAttrib));
  497. bFlag = TRUE;
  498. }
  500. // Copy domain attrinutes
  501. StringCopy ( szDmAttrib, szDomainAttrib, dwSize );
  502. return;
  503. }