archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/base/fs/remotefs/dfs/lib/security/authzsecurity.cxx

183 lines
4.4 KiB
Raw Normal View History

commiting as it is
4 years ago
  2. //
  3. // Copyright (C) 2000-2002, Microsoft Corporation
  4. //
  5. // File: Authzsecurity.c
  6. //
  7. // Contents: miscellaneous dfs functions.
  8. //
  9. // History: April 16 2002, Author: Rohanp
  10. //
  11. //-----------------------------------------------------------------------------
  13. #include <nt.h>
  14. #include <ntrtl.h>
  15. #include <nturtl.h>
  16. #include <windows.h>
  17. #include <stdio.h>
  18. #include <stdlib.h>
  19. #include <malloc.h>
  20. #include <dsgetdc.h>
  21. #include <lm.h>
  22. #include <dfsheader.h>
  23. #include <dfsmisc.h>
  24. #include <shellapi.h>
  25. #include <Aclapi.h>
  26. #include <authz.h>
  27. #include "securitylogmacros.hxx"
  29. AUTHZ_RESOURCE_MANAGER_HANDLE g_DfsAuthzResourceManager = NULL;
  31. BOOL
  32. DfsInitializeAuthz(void)
  33. {
  34. BOOL RetVal = FALSE;
  36. RetVal = AuthzInitializeResourceManager(AUTHZ_RM_FLAG_NO_AUDIT, NULL, NULL,
  37. NULL, L"DFSSECURITY",
  38. &g_DfsAuthzResourceManager);
  40. return RetVal;
  42. }
  45. BOOL
  46. DfsTerminateAuthz(void)
  47. {
  48. BOOL RetVal = FALSE;
  50. if(g_DfsAuthzResourceManager)
  51. {
  52. RetVal = AuthzFreeResourceManager(g_DfsAuthzResourceManager);
  53. g_DfsAuthzResourceManager = NULL;
  54. }
  56. return RetVal;
  58. }
  60. DWORD
  61. DfsIsAccessGrantedBySid(DWORD dwDesiredAccess,
  62. PSECURITY_DESCRIPTOR pSD,
  63. PSID TheSID,
  64. GENERIC_MAPPING * DfsGenericMapping)
  65. {
  67. DWORD Status = 0;
  68. DWORD dwError = 0;
  69. BOOL RetVal = FALSE;
  70. ACCESS_MASK GrantedMask = 0;;
  71. AUTHZ_CLIENT_CONTEXT_HANDLE AuthzCC = NULL;
  72. LUID Luid = {0, 0};
  73. AUTHZ_ACCESS_REQUEST AuthzRequest;
  74. AUTHZ_ACCESS_REPLY AuthzReply;
  76. if(g_DfsAuthzResourceManager == NULL)
  77. {
  78. Status = ERROR_INVALID_PARAMETER;
  79. goto Exit;
  80. }
  82. RetVal = AuthzInitializeContextFromSid(AUTHZ_SKIP_TOKEN_GROUPS,
  83. TheSID, g_DfsAuthzResourceManager,
  84. NULL, Luid, NULL, &AuthzCC);
  85. if(RetVal == FALSE)
  86. {
  87. Status = GetLastError();
  88. goto Exit;
  89. }
  91. MapGenericMask(&dwDesiredAccess, DfsGenericMapping);
  93. ZeroMemory((void *) &AuthzRequest, sizeof(AuthzRequest));
  94. AuthzRequest.DesiredAccess = dwDesiredAccess;
  96. ZeroMemory((void *) &AuthzReply, sizeof(AuthzReply));
  97. AuthzReply.ResultListLength = 1;
  98. AuthzReply.GrantedAccessMask = &GrantedMask;
  99. AuthzReply.Error = &dwError;
  101. RetVal = AuthzAccessCheck (0, AuthzCC, &AuthzRequest, NULL,
  102. pSD, NULL, 0, &AuthzReply, 0);
  103. if(RetVal == FALSE)
  104. {
  105. Status = GetLastError();
  106. goto Exit;
  107. }
  109. Status = dwError;
  111. Exit:
  113. if(AuthzCC)
  114. {
  115. AuthzFreeContext(AuthzCC);
  116. }
  118. return Status;
  120. }
  123. DWORD
  124. DfsIsAccessGrantedByToken(DWORD dwDesiredAccess,
  125. PSECURITY_DESCRIPTOR pSD,
  126. HANDLE TheToken,
  127. GENERIC_MAPPING * DfsGenericMapping)
  128. {
  130. DWORD Status = 0;
  131. DWORD dwError = 0;
  132. BOOL RetVal = FALSE;
  133. ACCESS_MASK GrantedMask = 0;;
  134. AUTHZ_CLIENT_CONTEXT_HANDLE AuthzCC = NULL;
  135. LUID Luid = {0, 0};
  136. AUTHZ_ACCESS_REQUEST AuthzRequest;
  137. AUTHZ_ACCESS_REPLY AuthzReply;
  139. if(g_DfsAuthzResourceManager == NULL)
  140. {
  141. Status = ERROR_INVALID_PARAMETER;
  142. goto Exit;
  143. }
  145. RetVal = AuthzInitializeContextFromToken(AUTHZ_SKIP_TOKEN_GROUPS,
  146. TheToken, g_DfsAuthzResourceManager,
  147. NULL, Luid, NULL, &AuthzCC);
  148. if(RetVal == FALSE)
  149. {
  150. Status = GetLastError();
  151. goto Exit;
  152. }
  154. MapGenericMask(&dwDesiredAccess, DfsGenericMapping);
  156. ZeroMemory((void *) &AuthzRequest, sizeof(AuthzRequest));
  157. AuthzRequest.DesiredAccess = dwDesiredAccess;
  159. ZeroMemory((void *) &AuthzReply, sizeof(AuthzReply));
  160. AuthzReply.ResultListLength = 1;
  161. AuthzReply.GrantedAccessMask = &GrantedMask;
  162. AuthzReply.Error = &dwError;
  164. RetVal = AuthzAccessCheck (0, AuthzCC, &AuthzRequest, NULL,
  165. pSD, NULL, 0, &AuthzReply, 0);
  166. if(RetVal == FALSE)
  167. {
  168. Status = GetLastError();
  169. goto Exit;
  170. }
  172. Status = dwError;
  174. Exit:
  176. if(AuthzCC)
  177. {
  178. AuthzFreeContext(AuthzCC);
  179. }
  181. return Status;
  183. }