archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/printscan/faxsrv/print/faxprint/faxui/security.cpp

808 lines
22 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //
  2. // ISecurityInformation interface implementation
  3. //
  5. #include <aclui.h>
  6. #include "faxui.h"
  8. class CFaxSecurity : public ISecurityInformation
  9. {
  10. protected:
  11. ULONG m_cRef;
  13. STDMETHOD(MakeSelfRelativeCopy)(PSECURITY_DESCRIPTOR psdOriginal,
  14. PSECURITY_DESCRIPTOR* ppsdNew);
  15. public:
  16. CFaxSecurity() : m_cRef(1) {}
  17. virtual ~CFaxSecurity() {}
  19. // IUnknown methods
  20. STDMETHOD(QueryInterface)(REFIID, LPVOID *);
  21. STDMETHOD_(ULONG, AddRef)();
  22. STDMETHOD_(ULONG, Release)();
  24. // ISecurityInformation methods
  25. STDMETHOD(GetObjectInformation)(PSI_OBJECT_INFO pObjectInfo);
  27. STDMETHOD(GetSecurity)(SECURITY_INFORMATION si,
  28. PSECURITY_DESCRIPTOR *ppSD,
  29. BOOL fDefault);
  31. STDMETHOD(SetSecurity)(SECURITY_INFORMATION si,
  32. PSECURITY_DESCRIPTOR pSD);
  34. STDMETHOD(GetAccessRights)(const GUID* pguidObjectType,
  35. DWORD dwFlags,
  36. PSI_ACCESS *ppAccess,
  37. ULONG *pcAccesses,
  38. ULONG *piDefaultAccess);
  40. STDMETHOD(MapGeneric)(const GUID *pguidObjectType,
  41. UCHAR *pAceFlags,
  42. ACCESS_MASK *pmask);
  44. STDMETHOD(GetInheritTypes)(PSI_INHERIT_TYPE *ppInheritTypes,
  45. ULONG *pcInheritTypes);
  47. STDMETHOD(PropertySheetPageCallback)(HWND hwnd,
  48. UINT uMsg,
  49. SI_PAGE_TYPE uPage);
  50. };
  53. CFaxSecurity* g_pFaxSecurity = NULL;
  56. ///////////////////////////////////////////////////////////
  57. //
  58. // IUnknown methods
  59. //
  60. ///////////////////////////////////////////////////////////
  62. STDMETHODIMP_(ULONG)
  63. CFaxSecurity::AddRef()
  64. {
  65. return ++m_cRef;
  66. }
  68. STDMETHODIMP_(ULONG)
  69. CFaxSecurity::Release()
  70. {
  71. if (--m_cRef == 0)
  72. {
  73. delete this;
  74. g_pFaxSecurity = NULL;
  75. return 0;
  76. }
  78. return m_cRef;
  79. }
  81. STDMETHODIMP
  82. CFaxSecurity::QueryInterface(REFIID riid, LPVOID FAR* ppv)
  83. {
  84. if (IsEqualIID(riid, IID_IUnknown) || IsEqualIID(riid, IID_ISecurityInformation))
  85. {
  86. *ppv = (LPSECURITYINFO)this;
  87. m_cRef++;
  88. return S_OK;
  89. }
  90. else
  91. {
  92. *ppv = NULL;
  93. return E_NOINTERFACE;
  94. }
  95. }
  98. ///////////////////////////////////////////////////////////
  99. //
  100. // ISecurityInformation methods
  101. //
  102. ///////////////////////////////////////////////////////////
  104. STDMETHODIMP
  105. CFaxSecurity::GetObjectInformation(PSI_OBJECT_INFO pObjectInfo)
  106. // *** ISecurityInformation methods implementation ***
  107. /*
  108. - CFaxSecurity::GetObjectInformation
  109. -
  110. * Purpose:
  111. * Performs an access check against the fax service security descriptor
  112. *
  113. * Arguments:
  114. * [in] pObjectInfo - pointer to object information structure.
  115. *
  116. * Return:
  117. * OLE error code
  118. */
  119. {
  120. DWORD ec = ERROR_SUCCESS;
  122. if(!Connect(NULL, FALSE))
  123. {
  124. return S_FALSE;
  125. }
  127. HANDLE hPrivBeforeSE_TAKE_OWNERSHIP = INVALID_HANDLE_VALUE;
  128. HANDLE hPrivBeforeSE_SECURITY = INVALID_HANDLE_VALUE;
  130. if( pObjectInfo == NULL )
  131. {
  132. Error(("Invalid parameter - pObjectInfo == NULL\n"));
  133. Assert( pObjectInfo != NULL );
  134. return E_POINTER;
  135. }
  137. //
  138. // Set Flags
  139. //
  140. pObjectInfo->dwFlags = SI_EDIT_ALL |
  141. SI_NO_TREE_APPLY |
  142. SI_NO_ACL_PROTECT |
  143. SI_ADVANCED |
  144. SI_PAGE_TITLE;
  146. //
  147. // Check if to add SI_READONLY
  148. //
  149. if (!FaxAccessCheckEx(g_hFaxSvcHandle, WRITE_DAC, NULL))
  150. {
  151. ec = GetLastError();
  152. if (ERROR_SUCCESS == ec)
  153. {
  154. pObjectInfo->dwFlags |= SI_READONLY;
  155. }
  156. else
  157. {
  158. Error(("FaxAccessCheckEx(WRITE_DAC) failed with %d \n", ec));
  159. goto exit;
  160. }
  161. }
  163. //
  164. // Check if to add SI_OWNER_READONLY
  165. //
  166. hPrivBeforeSE_TAKE_OWNERSHIP = EnablePrivilege (SE_TAKE_OWNERSHIP_NAME);
  167. //
  168. // No error checking - If we failed we will get ERROR_ACCESS_DENIED in the access check
  169. //
  170. if (!FaxAccessCheckEx(g_hFaxSvcHandle,WRITE_OWNER, NULL))
  171. {
  172. ec = GetLastError();
  173. if (ERROR_SUCCESS == ec)
  174. {
  175. pObjectInfo->dwFlags |= SI_OWNER_READONLY;
  176. }
  177. else
  178. {
  179. Error(("FaxAccessCheckEx(WRITE_OWNER) failed with %d \n", ec));
  180. goto exit;
  181. }
  182. }
  184. //
  185. // Check if to remove SI_EDIT_AUDITS
  186. //
  187. hPrivBeforeSE_SECURITY = EnablePrivilege (SE_SECURITY_NAME);
  188. //
  189. // No error checking - If we failed we will get ERROR_ACCESS_DENIED in the access check
  190. //
  191. if (!FaxAccessCheckEx(g_hFaxSvcHandle, ACCESS_SYSTEM_SECURITY, NULL))
  192. {
  193. ec = GetLastError();
  194. if (ERROR_SUCCESS == ec)
  195. {
  196. pObjectInfo->dwFlags &= ~SI_EDIT_AUDITS;
  197. }
  198. else
  199. {
  200. Error(("FaxAccessCheckEx(ACCESS_SYSTEM_SECURITY) failed with %d \n", ec));
  201. goto exit;
  202. }
  203. }
  206. //
  207. // Set all other fields
  208. //
  209. static TCHAR tszPageTitle[MAX_PATH] = {0};
  210. if(LoadString((HINSTANCE)g_hResource, IDS_SECURITY_TITLE, tszPageTitle, ARR_SIZE(tszPageTitle)))
  211. {
  212. pObjectInfo->pszPageTitle = tszPageTitle;
  213. }
  214. else
  215. {
  216. ec = GetLastError();
  217. Error(("LoadString(IDS_SECURITY_TITLE) failed with %d \n", ec));
  219. pObjectInfo->pszPageTitle = NULL;
  220. }
  222. static TCHAR tszPrinterName[MAX_PATH] = {0};
  223. if(GetFirstLocalFaxPrinterName(tszPrinterName, ARR_SIZE(tszPrinterName)))
  224. {
  225. pObjectInfo->pszObjectName = tszPrinterName;
  226. }
  227. else
  228. {
  229. ec = GetLastError();
  230. Error(("GetFirstLocalFaxPrinterName() failed with %d \n", ec));
  232. pObjectInfo->pszObjectName = NULL;
  233. }
  235. pObjectInfo->hInstance = (HINSTANCE)g_hResource;
  236. pObjectInfo->pszServerName = NULL;
  238. exit:
  239. ReleasePrivilege (hPrivBeforeSE_SECURITY);
  240. ReleasePrivilege (hPrivBeforeSE_TAKE_OWNERSHIP);
  241. return HRESULT_FROM_WIN32(ec);
  243. } // CFaxSecurity::GetObjectInformation
  246. STDMETHODIMP
  247. CFaxSecurity::GetSecurity(SECURITY_INFORMATION si,
  248. PSECURITY_DESCRIPTOR* ppSD,
  249. BOOL fDefault)
  250. /*
  251. - CFaxSecurityInformation::GetSecurity
  252. -
  253. * Purpose:
  254. * requests a security descriptor for the securable object whose
  255. * security descriptor is being edited. The access control editor
  256. * calls this method to retrieve the object's current or default security descriptor.
  257. *
  258. * Arguments:
  259. * [in] RequestedInformation - security information.
  260. * [out] ppSecurityDescriptor - pointer to security descriptor.
  261. * [in] fDefault - not implemented
  262. *
  263. * Return:
  264. * OLE error code
  265. */
  266. {
  267. HRESULT hRc = S_OK;
  268. DWORD ec = ERROR_SUCCESS;
  270. PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL;
  272. HANDLE hPrivBeforeSE_SECURITY = INVALID_HANDLE_VALUE;
  274. Assert(ppSD);
  276. if(!Connect(NULL, FALSE))
  277. {
  278. return S_FALSE;
  279. }
  281. if( fDefault == TRUE )
  282. {
  283. Error(("Non implemeted feature -> fDefault == TRUE\n"));
  284. return E_NOTIMPL;
  285. }
  287. if (si & SACL_SECURITY_INFORMATION)
  288. {
  289. hPrivBeforeSE_SECURITY = EnablePrivilege (SE_SECURITY_NAME);
  290. }
  292. //
  293. // Get the current relative descriptor from the fax server
  294. //
  295. if(!FaxGetSecurityEx(g_hFaxSvcHandle, si, &pSecurityDescriptor))
  296. {
  297. ec = GetLastError();
  298. Error(("FaxGetSecurityEx() failed with %d\n", ec));
  299. hRc = HRESULT_FROM_WIN32(ec);
  300. goto exit;
  301. }
  303. //
  304. // return a self relative descriptor copy allocated with LocalAlloc()
  305. //
  306. hRc = MakeSelfRelativeCopy( pSecurityDescriptor, ppSD );
  307. if( FAILED( hRc ) )
  308. {
  309. Error(("MakeSelfRelativeCopy() failed with %08X\n", hRc));
  310. goto exit;
  311. }
  313. Assert(S_OK == hRc);
  315. exit:
  316. if (pSecurityDescriptor)
  317. {
  318. FaxFreeBuffer(pSecurityDescriptor);
  319. }
  320. ReleasePrivilege (hPrivBeforeSE_SECURITY);
  322. return hRc;
  324. } // CFaxSecurity::GetSecurity
  326. STDMETHODIMP
  327. CFaxSecurity::SetSecurity(SECURITY_INFORMATION si,
  328. PSECURITY_DESCRIPTOR pSD)
  329. /*
  330. - CFaxSecurityInformation::SetSecurity
  331. -
  332. * Purpose:
  333. * Provides a security descriptor containing the security information
  334. * the user wants to apply to the securable object. The access control
  335. * editor calls this method when the user clicks the Okay or Apply buttons.
  336. *
  337. * Arguments:
  338. * [in] SecurityInformation - security information structure.
  339. * [in] pSecurityDescriptor - pointer to security descriptor.
  340. *
  341. * Return:
  342. * OLE error code
  343. */
  344. {
  345. HRESULT hRc = S_OK;
  346. DWORD ec = ERROR_SUCCESS;
  348. PSECURITY_DESCRIPTOR psdSelfRelativeCopy = NULL;
  350. HANDLE hPrivBeforeSE_TAKE_OWNERSHIP = INVALID_HANDLE_VALUE;
  351. HANDLE hPrivBeforeSE_SECURITY = INVALID_HANDLE_VALUE;
  353. Assert(pSD);
  354. Assert( IsValidSecurityDescriptor( pSD ));
  356. if(!Connect(NULL, FALSE))
  357. {
  358. return S_FALSE;
  359. }
  361. //
  362. // Prepare self relative descriptor
  363. //
  364. hRc = MakeSelfRelativeCopy( pSD, &psdSelfRelativeCopy );
  365. if( FAILED( hRc ) )
  366. {
  367. Error(("MakeSelfRelativeCopy() failed with %08X\n", hRc));
  368. goto exit;
  369. }
  371. if (si & OWNER_SECURITY_INFORMATION)
  372. {
  373. hPrivBeforeSE_TAKE_OWNERSHIP = EnablePrivilege (SE_TAKE_OWNERSHIP_NAME);
  374. }
  376. if (si & SACL_SECURITY_INFORMATION)
  377. {
  378. hPrivBeforeSE_SECURITY = EnablePrivilege (SE_SECURITY_NAME);
  379. }
  381. //
  382. // save the new relative descriptor to the fax server
  383. //
  384. if(!FaxSetSecurity(g_hFaxSvcHandle, si, psdSelfRelativeCopy))
  385. {
  386. ec = GetLastError();
  387. Error(("FaxSetSecurity() failed with %d\n", ec));
  388. hRc = HRESULT_FROM_WIN32(ec);
  389. goto exit;
  390. }
  392. Assert( S_OK == hRc || E_ACCESSDENIED == hRc);
  394. exit:
  395. if (psdSelfRelativeCopy)
  396. {
  397. ::LocalFree(psdSelfRelativeCopy);
  398. }
  400. ReleasePrivilege (hPrivBeforeSE_SECURITY);
  401. ReleasePrivilege (hPrivBeforeSE_TAKE_OWNERSHIP);
  403. return hRc;
  405. } // CFaxSecurity::SetSecurity
  407. STDMETHODIMP
  408. CFaxSecurity::GetAccessRights(const GUID* pguidObjectType,
  409. DWORD dwFlags,
  410. PSI_ACCESS* ppAccess,
  411. ULONG* pcAccesses,
  412. ULONG* piDefaultAccess)
  413. /*
  414. - CFaxSecurityInformation::GetAccessRights
  415. -
  416. * Purpose:
  417. * Requests information about the access rights that can be
  418. * controlled for a securable object. The access control
  419. * editor calls this method to retrieve display strings and
  420. * other information used to initialize the property pages.
  421. *
  422. * Arguments:
  423. * [in] pguidObjectType - Pointer to a GUID structure that
  424. * identifies the type of object for which
  425. * access rights are being requested.
  426. * [in] dwFlags - A set of bit flags that indicate the property
  427. * page being initialized
  428. * [out] ppAccess - Pointer to a variable that you should
  429. * set to a pointer to an array of SI_ACCESS
  430. * structures.
  431. * [out] pcAccesses - Pointer to a variable that you should set
  432. * to indicate the number of entries in the ppAccess array.
  433. * [out] piDefaultAccess - Pointer to a variable that you should set
  434. * to indicate the zero-based index of the array entry that contains
  435. * the default access rights.
  436. * The access control editor uses this entry as the initial access rights in a new ACE.
  437. *
  438. * Return:
  439. * OLE error code
  440. */
  441. {
  442. Assert( ppAccess );
  443. Assert( pcAccesses );
  444. Assert( piDefaultAccess );
  446. //
  447. // Access rights for the Basic security page
  448. //
  449. static SI_ACCESS siFaxBasicAccess[] =
  450. {
  451. // 0 Fax
  452. {
  453. &GUID_NULL,
  454. FAX_ACCESS_SUBMIT_HIGH | FAX_ACCESS_SUBMIT_NORMAL | FAX_ACCESS_SUBMIT | FAX_ACCESS_QUERY_IN_ARCHIVE,
  455. MAKEINTRESOURCE(IDS_RIGHT_FAX),
  456. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  457. },
  458. // 1 Manage fax configuration
  459. {
  460. &GUID_NULL,
  461. FAX_ACCESS_MANAGE_CONFIG | FAX_ACCESS_QUERY_CONFIG,
  462. MAKEINTRESOURCE(IDS_RIGHT_MNG_CFG),
  463. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  464. },
  465. // 2 Manage fax documents
  466. {
  467. &GUID_NULL,
  468. FAX_ACCESS_MANAGE_JOBS | FAX_ACCESS_QUERY_JOBS |
  469. FAX_ACCESS_MANAGE_IN_ARCHIVE | FAX_ACCESS_QUERY_IN_ARCHIVE |
  470. FAX_ACCESS_MANAGE_OUT_ARCHIVE | FAX_ACCESS_QUERY_OUT_ARCHIVE,
  471. MAKEINTRESOURCE(IDS_RIGHT_MNG_DOC),
  472. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  473. }
  474. };
  476. //
  477. // Access rights for the Advanced security page
  478. //
  479. static SI_ACCESS siFaxAccess[] =
  480. {
  481. // 0 submit permission
  482. {
  483. &GUID_NULL,
  484. FAX_ACCESS_SUBMIT ,
  485. MAKEINTRESOURCE(IDS_FAXSEC_SUB_LOW),
  486. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  487. },
  488. // 1 submit normal permission
  489. {
  490. &GUID_NULL,
  491. FAX_ACCESS_SUBMIT_NORMAL ,
  492. MAKEINTRESOURCE(IDS_FAXSEC_SUB_NORMAL),
  493. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  494. },
  495. // 2 submit high permission
  496. {
  497. &GUID_NULL,
  498. FAX_ACCESS_SUBMIT_HIGH ,
  499. MAKEINTRESOURCE(IDS_FAXSEC_SUB_HIGH),
  500. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  501. },
  502. // 3 query jobs
  503. {
  504. &GUID_NULL,
  505. FAX_ACCESS_QUERY_JOBS,
  506. MAKEINTRESOURCE(IDS_FAXSEC_JOB_QRY),
  507. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  508. },
  509. // 4 Manage jobs
  510. {
  511. &GUID_NULL,
  512. FAX_ACCESS_MANAGE_JOBS,
  513. MAKEINTRESOURCE(IDS_FAXSEC_JOB_MNG),
  514. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  515. },
  516. // 5 query configuration
  517. {
  518. &GUID_NULL,
  519. FAX_ACCESS_QUERY_CONFIG,
  520. MAKEINTRESOURCE(IDS_FAXSEC_CONFIG_QRY),
  521. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  522. },
  523. // 6 Manage configuration
  524. {
  525. &GUID_NULL,
  526. FAX_ACCESS_MANAGE_CONFIG,
  527. MAKEINTRESOURCE(IDS_FAXSEC_CONFIG_SET),
  528. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  529. },
  530. // 7 Query incoming faxes archive
  531. {
  532. &GUID_NULL,
  533. FAX_ACCESS_QUERY_IN_ARCHIVE,
  534. MAKEINTRESOURCE(IDS_FAXSEC_QRY_IN_ARCH),
  535. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  536. },
  537. // 8 Manage incoming faxes archive
  538. {
  539. &GUID_NULL,
  540. FAX_ACCESS_MANAGE_IN_ARCHIVE,
  541. MAKEINTRESOURCE(IDS_FAXSEC_MNG_IN_ARCH),
  542. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  543. },
  544. // 9 Query outgoing faxes archive
  545. {
  546. &GUID_NULL,
  547. FAX_ACCESS_QUERY_OUT_ARCHIVE,
  548. MAKEINTRESOURCE(IDS_FAXSEC_QRY_OUT_ARCH),
  549. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  550. },
  551. // 10 Manage outgoing faxes archive
  552. {
  553. &GUID_NULL,
  554. FAX_ACCESS_MANAGE_OUT_ARCHIVE,
  555. MAKEINTRESOURCE(IDS_FAXSEC_MNG_OUT_ARCH),
  556. SI_ACCESS_GENERAL | SI_ACCESS_SPECIFIC
  557. },
  558. // specific permissions
  559. // 11 Read permission
  560. {
  561. &GUID_NULL,
  562. READ_CONTROL,
  563. MAKEINTRESOURCE(IDS_FAXSEC_READ_PERM),
  564. SI_ACCESS_SPECIFIC
  565. },
  566. // 12 Change Permissions
  567. {
  568. &GUID_NULL,
  569. WRITE_DAC,
  570. MAKEINTRESOURCE(IDS_FAXSEC_CHNG_PERM),
  571. SI_ACCESS_SPECIFIC
  572. },
  573. // 13 Take ownership
  574. {
  575. &GUID_NULL,
  576. WRITE_OWNER,
  577. MAKEINTRESOURCE(IDS_FAXSEC_CHNG_OWNER),
  578. SI_ACCESS_SPECIFIC
  579. }
  580. };
  582. *ppAccess = (0 == dwFlags) ? siFaxBasicAccess : siFaxAccess;
  583. *pcAccesses = ULONG((0 == dwFlags) ? ARR_SIZE(siFaxBasicAccess) : ARR_SIZE(siFaxAccess));
  584. *piDefaultAccess = (0 == dwFlags) ? 0 : 1;
  586. return S_OK;
  588. } // CFaxSecurity::GetAccessRights
  591. STDMETHODIMP
  592. CFaxSecurity::MapGeneric(const GUID* pguidObjectType,
  593. UCHAR* pAceFlags,
  594. ACCESS_MASK* pmask)
  595. /*
  596. - CFaxSecurityInformation::MapGeneric
  597. -
  598. * Purpose:
  599. * Requests that the generic access rights in an access mask
  600. * be mapped to their corresponding standard and specific access rights.
  601. *
  602. * Arguments:
  603. *
  604. * Return:
  605. * OLE error code
  606. */
  607. {
  608. static GENERIC_MAPPING genericMapping =
  609. {
  610. (STANDARD_RIGHTS_READ | FAX_GENERIC_READ), // GenericRead
  611. (STANDARD_RIGHTS_WRITE | FAX_GENERIC_WRITE), // GenericWrite
  612. (STANDARD_RIGHTS_EXECUTE | FAX_GENERIC_EXECUTE), // GenericExecute
  613. (READ_CONTROL | WRITE_DAC | WRITE_OWNER | FAX_GENERIC_ALL) // GenericAll
  614. };
  616. MapGenericMask(pmask, &genericMapping);
  618. return S_OK;
  619. }
  621. STDMETHODIMP
  622. CFaxSecurity::GetInheritTypes(PSI_INHERIT_TYPE* ppInheritTypes,
  623. ULONG* pcInheritTypes)
  624. {
  625. return E_NOTIMPL;
  626. }
  628. STDMETHODIMP
  629. CFaxSecurity::PropertySheetPageCallback(HWND hwnd,
  630. UINT uMsg,
  631. SI_PAGE_TYPE uPage)
  632. {
  633. return S_OK;
  634. }
  637. HRESULT
  638. CFaxSecurity::MakeSelfRelativeCopy(PSECURITY_DESCRIPTOR psdOriginal,
  639. PSECURITY_DESCRIPTOR* ppsdNew)
  640. /*
  641. - CFaxSecurityInformation::MakeSelfRelativeCopy
  642. -
  643. * Purpose:
  644. * This pravite method copies Security descriptors
  645. *
  646. * Arguments:
  647. *
  648. * Return:
  649. * OLE error code
  650. */
  651. {
  652. Assert( NULL != psdOriginal );
  654. //
  655. // we have to find out whether the original is already self-relative
  656. //
  657. SECURITY_DESCRIPTOR_CONTROL sdc = 0;
  658. PSECURITY_DESCRIPTOR psdSelfRelativeCopy = NULL;
  659. DWORD dwRevision = 0;
  660. DWORD cb = 0;
  662. Assert(IsValidSecurityDescriptor( psdOriginal ) );
  664. if( !::GetSecurityDescriptorControl( psdOriginal, &sdc, &dwRevision ) )
  665. {
  666. DWORD err = ::GetLastError();
  667. Error(("GetSecurityDescriptorControl() failed with %d\n", err));
  668. return HRESULT_FROM_WIN32( err );
  669. }
  671. if( sdc & SE_SELF_RELATIVE )
  672. {
  673. // the original is in self-relative format, just byte-copy it
  675. // get size
  676. cb = ::GetSecurityDescriptorLength( psdOriginal );
  678. // alloc the memory
  679. psdSelfRelativeCopy = (PSECURITY_DESCRIPTOR) ::LocalAlloc( LMEM_ZEROINIT, cb );
  680. if(NULL == psdSelfRelativeCopy)
  681. {
  682. Error(("Out of memory.\n"));
  683. return E_OUTOFMEMORY;
  684. }
  686. // make the copy
  687. ::memcpy( psdSelfRelativeCopy, psdOriginal, cb );
  688. }
  689. else
  690. {
  691. // the original is in absolute format, convert-copy it
  693. // get new size - it will fail and set cb to the correct buffer size
  694. ::MakeSelfRelativeSD( psdOriginal, NULL, &cb );
  696. // alloc the new amount of memory
  697. psdSelfRelativeCopy = (PSECURITY_DESCRIPTOR) ::LocalAlloc( LMEM_ZEROINIT, cb );
  698. if(!psdSelfRelativeCopy)
  699. {
  700. Error(("Out of memory.\n"));
  701. return E_OUTOFMEMORY; // just in case the exception is ignored
  702. }
  704. if( !::MakeSelfRelativeSD( psdOriginal, psdSelfRelativeCopy, &cb ) )
  705. {
  706. DWORD err = ::GetLastError();
  707. Error(("MakeSelfRelativeSD() failed with %d\n", err));
  709. ::LocalFree( psdSelfRelativeCopy );
  711. return HRESULT_FROM_WIN32( err );
  712. }
  713. }
  715. *ppsdNew = psdSelfRelativeCopy;
  716. return S_OK;
  717. }
  720. ///////////////////////////////////////////////////////////////////////////////
  721. //
  722. // This is the entry point function called from our code
  723. //
  724. ///////////////////////////////////////////////////////////////////////////////
  726. HMODULE g_hAclui = NULL;
  728. extern "C"
  729. HPROPSHEETPAGE
  730. CreateFaxSecurityPage()
  731. {
  732. HPROPSHEETPAGE hPage = NULL;
  733. HPROPSHEETPAGE (*pfCreateSecurityPage)(LPSECURITYINFO) = NULL;
  735. if(!IsWinXPOS())
  736. {
  737. //
  738. // The security page should bge added only to the local fax printer on XP OS.
  739. //
  740. Assert(FALSE);
  741. return NULL;
  742. }
  744. //
  745. // CreateSecurityPage() Requires Windows 2000 or later, so we connect to it dynamically
  746. //
  747. if(!g_hAclui)
  748. {
  749. g_hAclui = LoadLibrary(TEXT("aclui.dll"));
  750. if(!g_hAclui)
  751. {
  752. Error(("LoadLibrary(aclui.dll) failed with %d\n", GetLastError()));
  753. goto error;
  754. }
  755. }
  757. (FARPROC&)pfCreateSecurityPage = GetProcAddress(g_hAclui, "CreateSecurityPage");
  758. if(!pfCreateSecurityPage)
  759. {
  760. Error(("GetProcAddress(CreateSecurityPage) failed with %d\n", GetLastError()));
  761. goto error;
  762. }
  764. if(!g_pFaxSecurity)
  765. {
  766. g_pFaxSecurity = new CFaxSecurity();
  767. }
  769. if(!g_pFaxSecurity)
  770. {
  771. Error(("Out of memory.\n"));
  772. goto error;
  773. }
  775. hPage = pfCreateSecurityPage(g_pFaxSecurity);
  776. if(!hPage)
  777. {
  778. Error(("CreateSecurityPage() failed with %d\n", ::GetLastError()));
  779. goto error;
  780. }
  782. return hPage;
  784. error:
  786. if(g_hAclui)
  787. {
  788. FreeLibrary(g_hAclui);
  789. g_hAclui = NULL;
  790. }
  792. return NULL;
  793. }
  795. extern "C"
  796. void
  797. ReleaseFaxSecurity()
  798. {
  799. if(g_pFaxSecurity)
  800. {
  801. g_pFaxSecurity->Release();
  802. }
  804. if(g_hAclui)
  805. {
  806. FreeLibrary(g_hAclui);
  807. g_hAclui = NULL;
  808. }
  809. }