archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/winsafer/saferp.h

581 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1997-2000 Microsoft Corporation
  5. Module Name:
  7. saferp.h
  9. Abstract:
  11. This file implements the private (internal) functions, data types,
  12. data structures, and definitions used by the other WinSAFER
  13. code implementations. All of the APIs listed in this header are
  14. not exported by ADVAPI32.DLL at all and are only callable by
  15. other code actually located within advapi.
  17. Author:
  19. Jeffrey Lawson (JLawson)
  21. Revision History:
  23. --*/
  25. #ifndef _AUTHZSAFERP_H_
  26. #define _AUTHZSAFERP_H_
  28. #include "safewild.h"
  31. #ifdef __cplusplus
  32. extern "C" {
  33. #endif
  35. // ---------------------------------------------------------
  38. //
  39. // Convenient macro for determining the number of elements in an array.
  40. //
  41. #ifndef ARRAYSIZE
  42. #define ARRAYSIZE(a) (sizeof(a)/sizeof(a[0]))
  43. #endif
  46. //
  47. // Simple inlined function to return true if a GUID is all zeros.
  48. //
  49. FORCEINLINE BOOLEAN IsZeroGUID(REFGUID rguid1)
  50. {
  51. return (
  52. ((unsigned long *) rguid1)[0] == 0 &&
  53. ((unsigned long *) rguid1)[1] == 0 &&
  54. ((unsigned long *) rguid1)[2] == 0 &&
  55. ((unsigned long *) rguid1)[3] == 0);
  56. }
  60. //
  61. // Private structure used to store a table of all of the defined
  62. // WinSafer Levels as we enumerate them to evaluate the matching one.
  63. //
  64. typedef struct _AUTHZLEVELTABLERECORD
  65. {
  66. // The user-defined integer value that controls the relative ranking
  67. // of authorization level between Code Authorization Level.
  68. DWORD dwLevelId;
  70. // Boolean indicating whether this level is a "built-in" one.
  71. BOOLEAN Builtin;
  73. // Boolean indicating whether this level is enumerable
  74. BOOLEAN isEnumerable;
  76. // To load friendly name and description so that server apps can change
  77. // threadlocale.
  79. UINT uResourceID;
  81. // The short friendly name and the description.
  82. // UNICODE_STRING UnicodeFriendlyName;
  83. // UNICODE_STRING UnicodeDescription;
  85. // All of the following attributes are needed for
  86. // actual creation of the restricted token.
  87. BOOL DisallowExecution; // block execution entirely
  88. BOOL DisableMaxPrivileges; // privilege options
  89. PSID DefaultOwner; // default owner SID
  90. DWORD SaferFlags; // special job execution flags
  92. BOOL InvertDisableSids; // SIDs specified are negative
  93. DWORD DisableSidCount; // number of deny-only SIDs
  94. DWORD DisableSidUsedCount; // number actually used
  95. PAUTHZ_WILDCARDSID SidsToDisable; // deny-only SIDs
  97. BOOL InvertDeletePrivs; // privileges specified are negative
  98. DWORD DeletePrivilegeCount; // number of privileges
  99. DWORD DeletePrivilegeUsedCount; // number actually used
  100. PLUID_AND_ATTRIBUTES PrivilegesToDelete; // privileges
  102. DWORD RestrictedSidsInvCount; // number of inverted restricting SIDs
  103. DWORD RestrictedSidsInvUsedCount; // number actually used
  104. PAUTHZ_WILDCARDSID RestrictedSidsInv; // list of inverted restricting SIDs
  106. DWORD RestrictedSidsAddedCount; // number of restricting SIDs
  107. DWORD RestrictedSidsAddedUsedCount; // number actually used
  108. PSID_AND_ATTRIBUTES RestrictedSidsAdded; // list of restricting SIDs
  110. }
  111. AUTHZLEVELTABLERECORD, *PAUTHZLEVELTABLERECORD;
  114. //
  115. // Private structure to store all code identifications.
  116. //
  117. #pragma warning(push)
  118. #pragma warning(disable:4201) // nonstandard extension used : nameless struct/union
  120. typedef struct _AUTHZIDENTSTABLERECORD
  121. {
  122. // unique identifier that distinguishes this code identity.
  123. GUID IdentGuid;
  125. // the following enumeration specifies what type of
  126. // code identity this record represents.
  127. SAFER_IDENTIFICATION_TYPES dwIdentityType;
  129. // Specifies what Level this Code Identification maps to.
  130. DWORD dwLevelId;
  132. // Specifies what scope this Code Identity was loaded from.
  133. DWORD dwScopeId;
  135. // Actual details about this identity.
  136. union {
  137. struct {
  138. BOOL bExpandVars;
  139. UNICODE_STRING ImagePath;
  140. DWORD dwSaferFlags;
  141. } ImageNameInfo;
  142. struct {
  143. LARGE_INTEGER ImageSize;
  144. DWORD HashSize;
  145. BYTE ImageHash[SAFER_MAX_HASH_SIZE];
  146. ALG_ID HashAlgorithm;
  147. DWORD dwSaferFlags;
  148. } ImageHashInfo;
  149. struct {
  150. DWORD UrlZoneId;
  151. DWORD dwSaferFlags;
  152. } ImageZone;
  153. };
  154. }
  155. AUTHZIDENTSTABLERECORD, *PAUTHZIDENTSTABLERECORD;
  156. #pragma warning(pop)
  159. //
  160. // Private structure representation of a Level handle. The
  161. // typedef SAFER_LEVEL_HANDLE is an opaque reference to a structure of
  162. // this type, accessed via the RtlHandleTable functions.
  163. //
  164. typedef struct _AUTHZLEVELHANDLESTRUCT_
  165. {
  166. // This first header is required by the RTL_HANDLE_TABLE system.
  167. // All allocated handles will implicitly have bit 0 set. All other
  168. // remaining bits can be used for our own purposes if we want.
  169. RTL_HANDLE_TABLE_ENTRY HandleHeader;
  171. // The following information is redundant. It can be found by
  172. // also accessing the pLevelRecord directly.
  173. DWORD dwLevelId;
  175. // This scope identifier specifies the value that was passed to
  176. // the Win32 API SaferCreateLevel and is really only looked at
  177. // by SaferGetLevelInformation for the Identity GUID enums.
  178. DWORD dwScopeId; // (same as from pIdentRecord)
  180. // Stores the matching identity record that gave this result.
  181. // May be NULL, as in case of direct SaferCreateLevel or a
  182. // default Level match.
  183. GUID identGuid;
  185. // This value stores the Safer Flags that were derived from the
  186. // Identity Entry record when SaferIdentifyLevel finds a match.
  187. DWORD dwSaferFlags;
  189. // The sequence value indicates the "generation" at which a handle
  190. // was originally opened. If this value does not match the current
  191. // value in the global g_dwLevelHandleSequence, then this handle
  192. // should be considered a no-longer valid handle.
  193. DWORD dwHandleSequence;
  195. // Extended error information - applicable for certificate rules.
  196. DWORD dwExtendedError;
  198. // the following enumeration specifies what type of
  199. // code identity this handle represents.
  200. SAFER_IDENTIFICATION_TYPES IdentificationType;
  202. // For future use and padding purposes.
  203. DWORD dwReserved;
  204. }
  205. AUTHZLEVELHANDLESTRUCT, *PAUTHZLEVELHANDLESTRUCT;
  208. //
  209. // Private structure definition used to pass around all state
  210. // information needed during the SaferIdentifyLevel execution.
  211. //
  212. typedef struct _LOCALIDENTITYCONTEXT
  213. {
  214. // Original query request data.
  215. DWORD dwCheckFlags; // copy of original function input
  216. PSAFER_CODE_PROPERTIES CodeProps; // RO: original function input
  218. // Information about the hash that may have been computed.
  219. BOOLEAN bHaveHash;
  220. BYTE FinalHash[SAFER_MAX_HASH_SIZE];
  221. DWORD FinalHashSize;
  222. ALG_ID FinalHashAlgorithm;
  224. // File handle that may have been opened or supplied by the caller.
  225. HANDLE hFileHandle;
  227. // File handle status. If this is TRUE then hFileHandle needs to
  228. // be closed before returning.
  229. BOOLEAN bCloseFileHandle;
  231. // Fully qualified NT filename of the input file.
  232. UNICODE_STRING UnicodeFullyQualfiedLongFileName;
  234. // Information about the image that may have been mapped.
  235. LARGE_INTEGER ImageSize;
  236. PVOID pImageMemory;
  238. // Memory mapped file status. If this is TRUE then
  239. // pImageMemory needs to be unmapped before returning.
  240. BOOLEAN bImageMemoryNeedUnmap;
  241. }
  242. LOCALIDENTITYCONTEXT, *PLOCALIDENTITYCONTEXT;
  247. //
  248. // Various globals that are used for the cache of levels and
  249. // identities so that we do not need to go to the registry each time.
  250. //
  251. extern BOOLEAN g_bInitializedFirstTime;
  253. extern CRITICAL_SECTION g_TableCritSec;
  254. extern HANDLE g_hKeyCustomRoot;
  255. extern DWORD g_dwKeyOptions;
  257. extern BOOLEAN g_bNeedCacheReload;
  259. extern RTL_GENERIC_TABLE g_CodeLevelObjTable;
  260. extern RTL_GENERIC_TABLE g_CodeIdentitiesTable;
  261. extern RTL_HANDLE_TABLE g_LevelHandleTable;
  262. extern DWORD g_dwLevelHandleSequence;
  264. extern BOOLEAN g_bHonorScopeUser;
  266. extern PAUTHZLEVELTABLERECORD g_DefaultCodeLevel;
  267. extern PAUTHZLEVELTABLERECORD g_DefaultCodeLevelUser;
  268. extern PAUTHZLEVELTABLERECORD g_DefaultCodeLevelMachine;
  271. extern LARGE_INTEGER g_SaferPolicyTimeStamp;
  272. extern DWORD g_dwNumHandlesAllocated;
  274. //
  275. // Private function prototypes defined within SAFEINIT.C
  276. //
  278. NTSTATUS NTAPI
  279. CodeAuthzInitializeGlobals(VOID);
  282. VOID NTAPI
  283. CodeAuthzDeinitializeGlobals(VOID);
  286. NTSTATUS NTAPI
  287. CodeAuthzReloadCacheTables(
  288. IN HANDLE hKeyCustomRoot OPTIONAL,
  289. IN DWORD dwKeyOptions,
  290. IN BOOLEAN bImmediateLoad
  291. );
  294. NTSTATUS NTAPI
  295. CodeAuthzpImmediateReloadCacheTables(
  296. VOID
  297. );
  300. NTSTATUS NTAPI
  301. CodeAuthzpDeleteKeyRecursively(
  302. IN HANDLE hBaseKey,
  303. IN PUNICODE_STRING pSubKey OPTIONAL
  304. );
  307. NTSTATUS NTAPI
  308. CodeAuthzpFormatLevelKeyPath(
  309. IN DWORD dwLevelId,
  310. IN OUT PUNICODE_STRING UnicodeSuffix
  311. );
  313. NTSTATUS NTAPI
  314. CodeAuthzpFormatIdentityKeyPath(
  315. IN DWORD dwLevelId,
  316. IN LPCWSTR szIdentityType,
  317. IN REFGUID refIdentGuid,
  318. IN OUT PUNICODE_STRING UnicodeSuffix
  319. );
  321. NTSTATUS NTAPI
  322. CodeAuthzpOpenPolicyRootKey(
  323. IN DWORD dwScopeId,
  324. IN HANDLE hKeyCustomBase OPTIONAL,
  325. IN LPCWSTR szRegistrySuffix OPTIONAL,
  326. IN ACCESS_MASK DesiredAccess,
  327. IN BOOLEAN bCreateKey,
  328. OUT HANDLE *OpenedHandle
  329. );
  331. VOID NTAPI
  332. CodeAuthzpRecomputeEffectiveDefaultLevel(VOID);
  336. //
  337. // Private function prototypes defined within SAFEHAND.C
  338. //
  341. NTSTATUS NTAPI
  342. CodeAuthzpCreateLevelHandleFromRecord(
  343. IN PAUTHZLEVELTABLERECORD pLevelRecord,
  344. IN DWORD dwScopeId,
  345. IN DWORD dwSaferFlags OPTIONAL,
  346. IN DWORD dwExtendedError,
  347. IN SAFER_IDENTIFICATION_TYPES IdentificationType,
  348. IN REFGUID refIdentGuid OPTIONAL,
  349. OUT SAFER_LEVEL_HANDLE *pLevelHandle
  350. );
  352. NTSTATUS NTAPI
  353. CodeAuthzHandleToLevelStruct(
  354. IN SAFER_LEVEL_HANDLE hLevelObject,
  355. OUT PAUTHZLEVELHANDLESTRUCT *pLevelStruct
  356. );
  358. NTSTATUS NTAPI
  359. CodeAuthzCreateLevelHandle(
  360. IN DWORD dwLevelId,
  361. IN DWORD OpenFlags,
  362. IN DWORD dwScopeId,
  363. IN DWORD dwSaferFlags OPTIONAL,
  364. OUT SAFER_LEVEL_HANDLE *pLevelHandle);
  366. NTSTATUS NTAPI
  367. CodeAuthzCloseLevelHandle(
  368. IN SAFER_LEVEL_HANDLE hLevelObject
  369. );
  374. //
  375. // Functions related to WinSafer Level enumeration (SAFEIDEP.C)
  376. //
  378. VOID NTAPI
  379. CodeAuthzLevelObjpInitializeTable(
  380. IN OUT PRTL_GENERIC_TABLE pAuthzObjTable
  381. );
  384. NTSTATUS NTAPI
  385. CodeAuthzLevelObjpLoadTable (
  386. IN OUT PRTL_GENERIC_TABLE pAuthzObjTable,
  387. IN DWORD dwScopeId,
  388. IN HANDLE hKeyCustomRoot
  389. );
  391. VOID NTAPI
  392. CodeAuthzLevelObjpEntireTableFree (
  393. IN OUT PRTL_GENERIC_TABLE pAuthzObjTable
  394. );
  396. PAUTHZLEVELTABLERECORD NTAPI
  397. CodeAuthzLevelObjpLookupByLevelId (
  398. IN PRTL_GENERIC_TABLE pAuthzObjTable,
  399. IN DWORD dwLevelId
  400. );
  404. //
  405. // Functions related to WinSafer Code Identity enumeration. (SAFEIDEP.C)
  406. //
  408. VOID NTAPI
  409. CodeAuthzGuidIdentsInitializeTable(
  410. IN OUT PRTL_GENERIC_TABLE pAuthzObjTable
  411. );
  413. NTSTATUS NTAPI
  414. CodeAuthzGuidIdentsLoadTableAll (
  415. IN PRTL_GENERIC_TABLE pAuthzLevelTable,
  416. IN OUT PRTL_GENERIC_TABLE pAuthzIdentTable,
  417. IN DWORD dwScopeId,
  418. IN HANDLE hKeyCustomBase
  419. );
  421. VOID NTAPI
  422. CodeAuthzGuidIdentsEntireTableFree (
  423. IN OUT PRTL_GENERIC_TABLE pAuthzIdentTable
  424. );
  426. PAUTHZIDENTSTABLERECORD NTAPI
  427. CodeAuthzIdentsLookupByGuid (
  428. IN PRTL_GENERIC_TABLE pAuthzIdentTable,
  429. IN REFGUID pIdentGuid
  430. );
  433. //
  434. // Helper functions that are used during actual identification (SAFEIDEP.C)
  435. //
  437. LONG NTAPI
  438. CodeAuthzpCompareImagePath(
  439. IN LPCWSTR szPathFragment,
  440. IN LPCWSTR szFullImagePath);
  442. NTSTATUS NTAPI
  443. CodeAuthzpComputeImageHash(
  444. IN PVOID pImageMemory,
  445. IN DWORD dwImageSize,
  446. OUT PBYTE pComputedHash OPTIONAL,
  447. IN OUT PDWORD pdwHashSize OPTIONAL,
  448. OUT ALG_ID *pHashAlgorithm OPTIONAL
  449. );
  453. //
  454. // Private function prototypes for low-level policy reading/writing. (SAFEPOLR.C)
  455. //
  457. NTSTATUS NTAPI
  458. CodeAuthzPol_GetInfoCached_LevelListRaw(
  459. IN DWORD dwScopeId,
  460. IN DWORD InfoBufferSize OPTIONAL,
  461. OUT PVOID InfoBuffer OPTIONAL,
  462. OUT PDWORD InfoBufferRetSize OPTIONAL
  463. );
  465. NTSTATUS NTAPI
  466. CodeAuthzPol_GetInfoCached_DefaultLevel(
  467. IN DWORD dwScopeId,
  468. IN DWORD InfoBufferSize OPTIONAL,
  469. OUT PVOID InfoBuffer OPTIONAL,
  470. OUT PDWORD InfoBufferRetSize OPTIONAL
  471. );
  473. NTSTATUS NTAPI
  474. CodeAuthzPol_GetInfoRegistry_DefaultLevel(
  475. IN DWORD dwScopeId,
  476. IN DWORD InfoBufferSize OPTIONAL,
  477. OUT PVOID InfoBuffer OPTIONAL,
  478. OUT PDWORD InfoBufferRetSize OPTIONAL
  479. );
  481. NTSTATUS NTAPI
  482. CodeAuthzPol_SetInfoDual_DefaultLevel(
  483. IN DWORD dwScopeId,
  484. IN DWORD InfoBufferSize,
  485. OUT PVOID InfoBuffer
  486. );
  488. NTSTATUS NTAPI
  489. CodeAuthzPol_GetInfoCached_HonorUserIdentities(
  490. IN DWORD dwScopeId,
  491. IN DWORD InfoBufferSize OPTIONAL,
  492. OUT PVOID InfoBuffer OPTIONAL,
  493. OUT PDWORD InfoBufferRetSize OPTIONAL
  494. );
  496. NTSTATUS NTAPI
  497. CodeAuthzPol_GetInfoRegistry_HonorUserIdentities(
  498. IN DWORD dwScopeId,
  499. IN DWORD InfoBufferSize OPTIONAL,
  500. OUT PVOID InfoBuffer OPTIONAL,
  501. OUT PDWORD InfoBufferRetSize OPTIONAL
  502. );
  504. NTSTATUS NTAPI
  505. CodeAuthzPol_SetInfoDual_HonorUserIdentities(
  506. IN DWORD dwScopeId,
  507. IN DWORD InfoBufferSize,
  508. IN PVOID InfoBuffer
  509. );
  511. NTSTATUS NTAPI
  512. CodeAuthzPol_GetInfoRegistry_TransparentEnabled(
  513. IN DWORD dwScopeId,
  514. IN DWORD InfoBufferSize OPTIONAL,
  515. OUT PVOID InfoBuffer OPTIONAL,
  516. OUT PDWORD InfoBufferRetSize OPTIONAL
  517. );
  519. NTSTATUS NTAPI
  520. CodeAuthzPol_SetInfoRegistry_TransparentEnabled(
  521. IN DWORD dwScopeId,
  522. IN DWORD InfoBufferSize,
  523. IN PVOID InfoBuffer
  524. );
  526. NTSTATUS NTAPI
  527. CodeAuthzPol_GetInfoRegistry_ScopeFlags(
  528. IN DWORD dwScopeId,
  529. IN DWORD InfoBufferSize OPTIONAL,
  530. OUT PVOID InfoBuffer OPTIONAL,
  531. OUT PDWORD InfoBufferRetSize OPTIONAL
  532. );
  534. NTSTATUS NTAPI
  535. CodeAuthzPol_SetInfoRegistry_ScopeFlags(
  536. IN DWORD dwScopeId,
  537. IN DWORD InfoBufferSize,
  538. IN PVOID InfoBuffer
  539. );
  542. //
  543. // Private function prototypes defined elsewhere.
  544. //
  546. LPVOID NTAPI
  547. CodeAuthzpGetTokenInformation(
  548. IN HANDLE TokenHandle,
  549. IN TOKEN_INFORMATION_CLASS TokenInformationClass
  550. );
  552. NTSTATUS NTAPI
  553. CodeAuthzIsExecutableFileType(
  554. IN PUNICODE_STRING szFullPathname,
  555. IN BOOLEAN bFromShellExecute,
  556. OUT PBOOLEAN pbResult
  557. );
  559. NTSTATUS NTAPI
  560. CodeAuthzFullyQualifyFilename(
  561. IN HANDLE hFileHandle OPTIONAL,
  562. IN BOOLEAN bSourceIsNtPath,
  563. IN LPCWSTR szSourceFilePath,
  564. OUT PUNICODE_STRING pUnicodeResult
  565. );
  567. BOOL NTAPI
  568. SaferpLoadUnicodeResourceString(
  569. IN HANDLE hModule,
  570. IN UINT wID,
  571. OUT PUNICODE_STRING pUnicodeString,
  572. IN WORD wLangId
  573. );
  576. #ifdef __cplusplus
  577. }
  578. #endif
  580. #endif