archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/inetsrv/iis/setup/osrc/common.cxx

629 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 2001 Microsoft Corporation
  5. Module Name :
  7. common.cxx
  9. Abstract:
  11. Class that are used to do a number of commonly needed things
  13. Author:
  15. Christopher Achille (cachille)
  17. Project:
  19. Internet Services Setup
  21. Revision History:
  23. August 2001: Created
  25. --*/
  27. #include "stdafx.h"
  28. #include "common.hxx"
  29. #include "dcomperm.h"
  31. // function: VerifyParameters
  32. //
  33. // Verify the parameters are correct
  34. //
  35. // Parameters of ciParams
  36. // 0 params - The caller want to know if this is an upgrade, period
  37. // 2 params - The caller wants to know if this is an upgrade in the range from param(0) to param(1) (inclusive)
  38. //
  39. BOOL
  40. CIsUpgrade::VerifyParameters(CItemList &ciParams)
  41. {
  42. if ( ( ciParams.GetNumberOfItems() == 0 ) ||
  43. ( ( ciParams.GetNumberOfItems() == 2 ) &&
  44. ( ciParams.IsNumber(0) ) &&
  45. ( ciParams.IsNumber(1) )
  46. )
  47. )
  48. {
  49. return TRUE;
  50. }
  52. return FALSE;
  53. }
  55. // function: GetMethodName
  56. //
  57. // Returns the name of the CIsMetabase call
  58. //
  59. LPTSTR
  60. CIsUpgrade::GetMethodName()
  61. {
  62. return _T("IsUpgrade");
  63. }
  65. // function: DoInternalWork
  66. //
  67. // Do the Verification of the upgrade
  68. //
  69. BOOL
  70. CIsUpgrade::DoInternalWork(CItemList &ciParams)
  71. {
  72. BOOL fRet = TRUE;
  73. DWORD dwUpgradeType = g_pTheApp->m_eUpgradeType;
  75. // Init return to installmode==upgrade
  76. fRet = g_pTheApp->m_eInstallMode == IM_UPGRADE;
  78. if (ciParams.GetNumberOfItems() == 0)
  79. {
  80. // We only wanted to know if it was an upgrade, so return
  81. return fRet;
  82. }
  84. // Check lower bound
  85. if (fRet)
  86. {
  87. DWORD dwMin = ciParams.GetNumber(0);
  89. switch ( dwUpgradeType )
  90. {
  91. case UT_10:
  92. case UT_10_W95:
  93. fRet = dwMin <= 1;
  94. break;
  95. case UT_20:
  96. fRet = dwMin <= 2;
  97. break;
  98. case UT_30:
  99. case UT_351:
  100. fRet = dwMin <= 3;
  101. break;
  102. case UT_40:
  103. fRet = dwMin <= 4;
  104. break;
  105. case UT_50:
  106. case UT_51:
  107. fRet = dwMin <= 5;
  108. break;
  109. case UT_60:
  110. fRet = dwMin <= 6;
  111. break;
  112. default:
  113. fRet = FALSE;
  114. }
  115. }
  117. // Check upper bound
  118. if (fRet)
  119. {
  120. DWORD dwMax = ciParams.GetNumber(1);
  122. switch ( dwUpgradeType )
  123. {
  124. case UT_10:
  125. case UT_10_W95:
  126. fRet = dwMax >= 1;
  127. break;
  128. case UT_20:
  129. fRet = dwMax >= 2;
  130. break;
  131. case UT_30:
  132. case UT_351:
  133. fRet = dwMax >= 3;
  134. break;
  135. case UT_40:
  136. fRet = dwMax >= 4;
  137. break;
  138. case UT_50:
  139. case UT_51:
  140. fRet = dwMax >= 5;
  141. break;
  142. case UT_60:
  143. fRet = dwMax >= 6;
  144. break;
  145. default:
  146. fRet = FALSE;
  147. } // switch
  148. }
  150. return fRet;
  151. }
  153. // function: AddAceToSD
  154. //
  155. // Add an ACE (Access Control List) to a Source Descriptor.
  156. //
  157. // Parameters:
  158. // hObject - Handle to the object
  159. // ObjectType - The type of object
  160. // pszTustee - The trustee for new ACE
  161. // TrusteeForm - The format of the trustee structure
  162. // dwAccessRights - Access Mask for the New ACE
  163. // AccessMode - Type of ACE
  164. // dwInderitance - Inheritance Flags for ACE
  165. // bAddToExisting - TRUE==add ace to existing ACL, FALSE==ignore existing ACL
  166. //
  167. // Return
  168. // TRUE - It was successful
  169. // FALSE - It failed
  170. BOOL
  171. CFileSys_Acl::AddAcetoSD( HANDLE hObject, // handle to object
  172. SE_OBJECT_TYPE ObjectType, // type of object
  173. LPTSTR pszTrustee, // trustee for new ACE
  174. TRUSTEE_FORM TrusteeForm, // format of TRUSTEE structure
  175. DWORD dwAccessRights, // access mask for new ACE
  176. ACCESS_MODE AccessMode, // type of ACE
  177. DWORD dwInheritance, // inheritance flags for new ACE
  178. BOOL bAddToExisting // add the new ace to the old SD, if not create a new SD
  179. )
  180. {
  181. DWORD dwErr = ERROR_SUCCESS;
  182. PACL pNewDacl = NULL;
  183. PACL pOldDacl = NULL;
  184. EXPLICIT_ACCESS ea;
  185. PSECURITY_DESCRIPTOR pSD = NULL;
  187. if ( bAddToExisting )
  188. {
  189. // If we are adding, then lets retrieve the old SD
  190. dwErr = GetSecurityInfo( hObject,
  191. ObjectType,
  192. DACL_SECURITY_INFORMATION,
  193. NULL,
  194. NULL,
  195. &pOldDacl,
  196. NULL,
  197. &pSD);
  199. if ( dwErr == ERROR_SUCCESS )
  200. {
  201. // It is possible that we did not retrieve any acl's for this file,
  202. // so don't try to remove a user from them
  203. if ( pOldDacl )
  204. {
  205. RemoveUserFromAcl( pOldDacl, pszTrustee);
  206. }
  207. }
  208. }
  210. // Create new SD with the new ACE
  211. if ( dwErr == ERROR_SUCCESS )
  212. {
  213. ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
  214. ea.grfAccessPermissions = dwAccessRights;
  215. ea.grfAccessMode = AccessMode;
  216. ea.grfInheritance = dwInheritance;
  217. ea.Trustee.TrusteeForm = TrusteeForm;
  218. ea.Trustee.ptstrName = pszTrustee;
  220. dwErr = SetEntriesInAcl(1, &ea, pOldDacl, &pNewDacl);
  221. }
  223. if ( ( dwErr == ERROR_SUCCESS ) &&
  224. ( pNewDacl )
  225. )
  226. {
  227. dwErr = SetSecurityInfo( hObject,
  228. ObjectType,
  229. DACL_SECURITY_INFORMATION |
  230. ( bAddToExisting ?
  231. UNPROTECTED_DACL_SECURITY_INFORMATION :
  232. PROTECTED_DACL_SECURITY_INFORMATION ),
  233. NULL,
  234. NULL,
  235. pNewDacl,
  236. NULL);
  237. }
  239. if ( pSD )
  240. {
  241. LocalFree( pSD );
  242. }
  244. if ( pNewDacl )
  245. {
  246. LocalFree( pNewDacl );
  247. }
  249. return dwErr == ERROR_SUCCESS;
  250. }
  252. // function: RemoveUserFromAcl
  253. //
  254. // Remove a User from the Acl
  255. //
  256. // Parameters
  257. // pAcl - A pointer to the Acl
  258. // szUserName - The user to remove
  259. BOOL
  260. CFileSys_Acl::RemoveUserFromAcl(PACL pAcl, LPTSTR szUserName)
  261. {
  262. BOOL bUserExisted;
  264. do {
  265. bUserExisted = FALSE;
  266. // Keep removing until all instances of that user are gone.
  267. } while ( ( RemovePrincipalFromACL(pAcl,szUserName,&bUserExisted) == ERROR_SUCCESS) && bUserExisted );
  269. return TRUE;
  270. }
  272. // function: VerifyParameters
  273. //
  274. // Verify the parameters are correct
  275. //
  276. BOOL
  277. CFileSys_AddAcl::VerifyParameters(CItemList &ciParams)
  278. {
  279. if ( ( ciParams.GetNumberOfItems() == 6 ) &&
  280. ciParams.IsNumber(3) &&
  281. ciParams.IsNumber(4) &&
  282. ciParams.IsNumber(5)
  283. )
  284. {
  285. return TRUE;
  286. }
  288. return FALSE;
  289. }
  291. // function: GetMethodName
  292. //
  293. // Return the Method Name for this Class
  294. //
  295. LPTSTR
  296. CFileSys_AddAcl::GetMethodName()
  297. {
  298. return _T("FilSys_AddAcl");
  299. }
  301. // function: CreateFullFileName
  302. //
  303. // Create the Full FileName from the Path with wildcards, and the filename
  304. //
  305. // Parameters:
  306. // buffFullFileName [out] - The FileName including the path
  307. // szFullPathwithWildCard [in] - The search path (ie. c:\winnt\system32\inetsrv\*.*)
  308. // szFileName [in] - The filename to append to the seach path (ie. asp.dll)
  309. //
  310. BOOL
  311. CFileSys_Acl::CreateFullFileName(BUFFER &buffFullFileName, LPTSTR szFullPathwithWildCard, LPTSTR szFileName)
  312. {
  313. LPTSTR szLastSlash;
  315. if ( !buffFullFileName.Resize( ( _tcslen(szFullPathwithWildCard) + _tcslen(szFileName) + 1 ) * sizeof(TCHAR) ) )
  316. {
  317. // Could not allocate memory needed
  318. return FALSE;
  319. }
  321. // Copy the full path to the buffer
  322. _tcscpy( (LPTSTR) buffFullFileName.QueryPtr(), szFullPathwithWildCard);
  324. // Look for last part of path
  325. szLastSlash = _tcsrchr( (LPTSTR) buffFullFileName.QueryPtr(), L'\\' );
  327. if (!szLastSlash)
  328. {
  329. return FALSE;
  330. }
  332. // Copy the filename on top of the end of the path
  333. _tcscpy( szLastSlash + 1, szFileName);
  335. return TRUE;
  336. }
  338. // function: SetFileAcl
  339. //
  340. // Add the file/directory acl
  341. //
  342. BOOL
  343. CFileSys_Acl::SetFileAcl(LPTSTR szFileName, LPTSTR szUserName, SE_OBJECT_TYPE ObjectType,
  344. DWORD dwAccessMask, BOOL bAllowAccess, DWORD dwInheritable, BOOL bAddAcetoOriginal)
  345. {
  346. HANDLE hFile;
  347. BOOL bRet;
  349. hFile = CreateFile( szFileName,
  350. WRITE_DAC|READ_CONTROL,
  351. 0,
  352. NULL,
  353. OPEN_EXISTING,
  354. FILE_ATTRIBUTE_NORMAL|FILE_FLAG_BACKUP_SEMANTICS,
  355. NULL);
  357. if ( hFile == INVALID_HANDLE_VALUE )
  358. {
  359. return FALSE;
  360. }
  362. bRet = AddAcetoSD( hFile, ObjectType, szUserName, TRUSTEE_IS_NAME, dwAccessMask,
  363. bAllowAccess ? SET_ACCESS: DENY_ACCESS, dwInheritable,
  364. bAddAcetoOriginal );
  365. // bAllowAccess ? GRANT_ACCESS: DENY_ACCESS, dwInheritable);
  367. CloseHandle( hFile );
  369. return bRet;
  370. }
  372. // function: RemoveUserAcl
  373. //
  374. // Remove a User's ACL from a file
  375. //
  376. BOOL
  377. CFileSys_Acl::RemoveUserAcl(LPTSTR szFile, LPTSTR szUserName)
  378. {
  379. HANDLE hFile;
  380. DWORD dwErr;
  381. PACL pDacl;
  382. PSECURITY_DESCRIPTOR pSD = NULL;
  384. hFile = CreateFile( szFile,
  385. WRITE_DAC|READ_CONTROL,
  386. 0,
  387. NULL,
  388. OPEN_EXISTING,
  389. FILE_ATTRIBUTE_NORMAL|FILE_FLAG_BACKUP_SEMANTICS,
  390. NULL);
  392. if ( hFile == INVALID_HANDLE_VALUE )
  393. {
  394. return FALSE;
  395. }
  397. dwErr = GetSecurityInfo( hFile,
  398. SE_FILE_OBJECT,
  399. DACL_SECURITY_INFORMATION,
  400. NULL,
  401. NULL,
  402. &pDacl,
  403. NULL,
  404. &pSD);
  406. if ( ( dwErr == ERROR_SUCCESS ) &&
  407. ( pDacl )
  408. )
  409. {
  410. RemoveUserFromAcl( pDacl, szUserName);
  412. dwErr = SetSecurityInfo(hFile,
  413. SE_FILE_OBJECT,
  414. DACL_SECURITY_INFORMATION,
  415. NULL,
  416. NULL,
  417. pDacl,
  418. NULL);
  419. }
  421. CloseHandle( hFile );
  423. if ( pSD )
  424. {
  425. LocalFree( pSD );
  426. }
  428. return dwErr == ERROR_SUCCESS;
  429. }
  431. // function: DoSetAcl
  432. //
  433. // Set or remove an ACL on a file.
  434. // If it is Set, then we will either add or just set based on bIgnorePreviousAcls
  435. //
  436. // Parameters
  437. // bAdd - Add the ace. FALSE==remove the ace from the acl
  438. // bAddAcltoOrignial - TRUE==add ace, FALSE==do not add to old ace, just replace
  439. //
  440. // ciList - The list of the parameters from the inf file
  441. // 0 - A list of files (full paths)
  442. // 1 - The exclusion list, list of files to not be inclused (file names only)
  443. // 2 - The user(s) to have access for
  444. // the following are needed it bAdd is true...
  445. // 3 - Access Mask
  446. // 4 - bAllowAccess (FALSE==Denuy Access)
  447. // 5 - Inheritance Flags
  448. //
  449. BOOL
  450. CFileSys_Acl::DoAcling(CItemList &ciList, BOOL bAdd, BOOL bAddAcltoOriginal)
  451. {
  452. HANDLE hFileList;
  453. WIN32_FIND_DATA sFD;
  454. BUFFER BuffFullFileName;
  455. CItemList ciExclusionList;
  456. CItemList ciUserList;
  458. // Load exclusion list, and userlist
  459. if ( (!ciExclusionList.LoadSubList(ciList.GetItem(1))) ||
  460. (!ciUserList.LoadSubList(ciList.GetItem(2)))
  461. )
  462. {
  463. return FALSE;
  464. }
  466. if ( !_tcsstr( ciList.GetItem(0), _T("*")) )
  467. {
  468. for (DWORD i = 0; i < ciUserList.GetNumberOfItems(); i++)
  469. {
  470. if ( bAdd )
  471. {
  472. // It is only a single file, so only call it once
  473. SetFileAcl( (LPTSTR) ciList.GetItem(0), // FileName
  474. ciUserList.GetItem(i), // UserName
  475. SE_FILE_OBJECT, // The type of object
  476. ciList.GetNumber(3), // dwAccess Mask
  477. ciList.GetNumber(4), // bAllow access
  478. ciList.GetNumber(5), // bInhertance Flags
  479. bAddAcltoOriginal );
  480. }
  481. else
  482. {
  483. RemoveUserAcl(ciList.GetItem(0),ciUserList.GetItem(i));
  484. }
  485. }
  487. return TRUE;
  488. }
  490. hFileList = FindFirstFile( ciList.GetItem(0), &sFD );
  492. if (hFileList == INVALID_HANDLE_VALUE)
  493. {
  494. return FALSE;
  495. }
  497. do {
  498. if ( ( !ciExclusionList.FindItem( sFD.cFileName, FALSE ) ) &&
  499. ( _tcscmp( sFD.cFileName, _T(".") ) ) &&
  500. ( _tcscmp( sFD.cFileName, _T("..") ) ) &&
  501. ( CreateFullFileName( BuffFullFileName, ciList.GetItem(0), sFD.cFileName ) )
  502. )
  503. {
  504. for (DWORD i = 0; i < ciUserList.GetNumberOfItems(); i++)
  505. {
  506. if ( bAdd )
  507. {
  508. SetFileAcl( (LPTSTR) BuffFullFileName.QueryPtr(), // FileName
  509. ciUserList.GetItem(i), // UserName
  510. SE_FILE_OBJECT, // The type of object
  511. ciList.GetNumber(3), // dwAccess Mask
  512. ciList.GetNumber(4), // bAllow access
  513. ciList.GetNumber(5), // bInhertance Flags
  514. bAddAcltoOriginal );
  515. }
  516. else
  517. {
  518. RemoveUserAcl((LPTSTR) BuffFullFileName.QueryPtr(),ciUserList.GetItem(i));
  519. }
  520. }
  521. }
  523. } while ( FindNextFile( hFileList, &sFD ) );
  525. FindClose( hFileList );
  527. return TRUE;
  528. }
  530. // function: DoInternalWork
  531. //
  532. // Add the Acl for the files specified
  533. //
  534. // Parameters
  535. // ciList - The list of the parameters from the inf file
  536. // 0 - A list of files (full paths)
  537. // 1 - The exclusion list, list of files to not be inclused (file names only)
  538. // 2 - The user(s) to have access for
  539. // 3 - Access Mask
  540. // 4 - bAllowAccess (FALSE==Denuy Access)
  541. // 5 - Inheritance Flags
  542. BOOL
  543. CFileSys_AddAcl::DoInternalWork(CItemList &ciList)
  544. {
  545. return DoAcling( ciList, TRUE, TRUE );
  546. }
  548. // function: VerifyParameters
  549. //
  550. // Verify the parameters are correct
  551. //
  552. BOOL
  553. CFileSys_RemoveAcl::VerifyParameters(CItemList &ciParams)
  554. {
  555. return ciParams.GetNumberOfItems() == 3;
  556. }
  558. // function: GetMethodName
  559. //
  560. // Return the Method Name for this Class
  561. //
  562. LPTSTR
  563. CFileSys_RemoveAcl::GetMethodName()
  564. {
  565. return _T("FilSys_RemoveAcl");
  566. }
  568. // function: DoInternalWork
  569. //
  570. // Remove an Acl for a specific user
  571. //
  572. // Parameters
  573. // ciList - The list of the parameters from the inf file
  574. // 0 - A list of files (full paths)
  575. // 1 - The exclusion list, list of files to not be inclused (file names only)
  576. // 2 - The user(s) to remove access for
  577. BOOL
  578. CFileSys_RemoveAcl::DoInternalWork(CItemList &ciList)
  579. {
  580. return DoAcling( ciList, FALSE );
  581. }
  583. // function: VerifyParameters
  584. //
  585. // Verify the parameters are correct
  586. //
  587. BOOL
  588. CFileSys_SetAcl::VerifyParameters(CItemList &ciParams)
  589. {
  590. if ( ( ciParams.GetNumberOfItems() == 6 ) &&
  591. ciParams.IsNumber(3) &&
  592. ciParams.IsNumber(4) &&
  593. ciParams.IsNumber(5)
  594. )
  595. {
  596. return TRUE;
  597. }
  599. return FALSE;
  600. }
  602. // function: GetMethodName
  603. //
  604. // Return the Method Name for this Class
  605. //
  606. LPTSTR
  607. CFileSys_SetAcl::GetMethodName()
  608. {
  609. return _T("FilSys_SetAcl");
  610. }
  612. // function: DoInternalWork
  613. //
  614. // Set the Acl for the files specified (ignoring previous acl's)
  615. //
  616. // Parameters
  617. // ciList - The list of the parameters from the inf file
  618. // 0 - A list of files (full paths)
  619. // 1 - The exclusion list, list of files to not be inclused (file names only)
  620. // 2 - The user(s) to have access for
  621. // 3 - Access Mask
  622. // 4 - bAllowAccess (FALSE==Denuy Access)
  623. // 5 - Inheritance Flags
  624. BOOL
  625. CFileSys_SetAcl::DoInternalWork(CItemList &ciList)
  626. {
  627. return DoAcling( ciList, TRUE, FALSE );
  628. }