archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/termsrv/syslib/secutil.c

438 lines
13 KiB
Raw Normal View History

commiting as it is
4 years ago
  2. /*************************************************************************
  3. *
  4. * secutil.c
  5. *
  6. * Security Related utility functions
  7. *
  8. * copyright notice: Copyright 1998, Microsoft.
  9. *
  10. *
  11. *
  12. *************************************************************************/
  14. // Include NT headers
  15. #include <nt.h>
  16. #include <ntrtl.h>
  17. #include <nturtl.h>
  18. #include <ntseapi.h>
  20. #include "windows.h"
  21. #include <winsta.h>
  22. #include <syslib.h>
  25. /*****************************************************************************
  26. *
  27. * TestUserForAdmin
  28. *
  29. * Returns whether the current thread is running under admin
  30. * security.
  31. *
  32. * ENTRY:
  33. *
  34. * EXIT:
  35. * TRUE/FALSE - whether user is specified admin
  36. *
  37. ****************************************************************************/
  39. BOOL
  40. TestUserForAdmin( VOID )
  41. {
  42. BOOL IsMember, IsAnAdmin;
  43. SID_IDENTIFIER_AUTHORITY SystemSidAuthority = SECURITY_NT_AUTHORITY;
  44. PSID AdminSid;
  47. IsAnAdmin = FALSE;
  49. if (NT_SUCCESS(RtlAllocateAndInitializeSid(
  50. &SystemSidAuthority,
  51. 2,
  52. SECURITY_BUILTIN_DOMAIN_RID,
  53. DOMAIN_ALIAS_RID_ADMINS,
  54. 0, 0, 0, 0, 0, 0,
  55. &AdminSid
  56. ) ) )
  57. {
  58. CheckTokenMembership( NULL,
  59. AdminSid,
  60. &IsAnAdmin);
  61. RtlFreeSid(AdminSid);
  62. }
  64. return IsAnAdmin;
  66. }
  70. /*****************************************************************************
  71. *
  72. * TestUserForGroup
  73. *
  74. * Returns whether the current thread is a member of the requested group.
  75. *
  76. * ENTRY:
  77. * pwszGrouName (input)
  78. *
  79. * EXIT:
  80. * STATUS_SUCCESS - no error
  81. *
  82. ****************************************************************************/
  83. /* unused
  84. BOOL
  85. TestUserForGroup( PWCHAR pwszGroupName )
  86. {
  87. HANDLE Token;
  88. ULONG InfoLength;
  89. PTOKEN_GROUPS TokenGroupList;
  90. ULONG GroupIndex;
  91. BOOL GroupMember = FALSE;
  92. PSID pGroupSid = NULL;
  93. DWORD cbGroupSid = 0;
  94. NTSTATUS Status;
  95. PWCHAR pwszDomain = NULL;
  96. DWORD cbDomain = 0;
  97. SID_NAME_USE peUse;
  99. //
  100. // Open current thread/process token
  101. //
  102. Status = NtOpenThreadToken( NtCurrentThread(), TOKEN_QUERY, FALSE, &Token );
  103. if ( !NT_SUCCESS( Status ) ) {
  104. Status = NtOpenProcessToken( NtCurrentProcess(), TOKEN_QUERY, &Token );
  105. if ( !NT_SUCCESS( Status ) ) {
  106. return( FALSE );
  107. }
  108. }
  110. //
  111. // Retrieve the requested sid
  112. //
  113. if ( !LookupAccountNameW( NULL,
  114. pwszGroupName,
  115. pGroupSid,
  116. &cbGroupSid,
  117. pwszDomain,
  118. &cbDomain,
  119. &peUse ) ) {
  121. //
  122. // other eror
  123. //
  124. if ( GetLastError() != ERROR_INSUFFICIENT_BUFFER ) {
  125. NtClose(Token);
  126. return(FALSE);
  127. }
  129. //
  130. // alloc group sid
  131. //
  132. pGroupSid = LocalAlloc(LPTR, cbGroupSid);
  133. if (pGroupSid == NULL) {
  134. NtClose(Token);
  135. return(FALSE);
  136. }
  138. //
  139. // alloc domain name
  140. //
  141. cbDomain *= sizeof(WCHAR);
  142. pwszDomain = LocalAlloc(LPTR, cbDomain);
  143. if (pwszDomain == NULL) {
  144. LocalFree(pGroupSid);
  145. NtClose(Token);
  146. return(FALSE);
  147. }
  149. //
  150. // Retrieve the requested sid
  151. //
  152. if ( !LookupAccountNameW( NULL,
  153. pwszGroupName,
  154. pGroupSid,
  155. &cbGroupSid,
  156. pwszDomain,
  157. &cbDomain,
  158. &peUse ) ) {
  159. LocalFree(pGroupSid);
  160. LocalFree(pwszDomain);
  161. NtClose( Token );
  162. return( FALSE );
  163. }
  164. }
  165. else {
  166. #if DBG
  167. DbgPrint("***ERROR*** this path should never get hit\n");
  168. #endif
  169. NtClose( Token );
  170. return( FALSE );
  171. }
  173. ASSERT(pGroupSid != NULL);
  174. ASSERT(pwszDomain != NULL);
  176. //
  177. // Get a list of groups in the token
  178. //
  179. Status = NtQueryInformationToken(
  180. Token, // Handle
  181. TokenGroups, // TokenInformationClass
  182. NULL, // TokenInformation
  183. 0, // TokenInformationLength
  184. &InfoLength // ReturnLength
  185. );
  186. if ((Status != STATUS_SUCCESS) && (Status != STATUS_BUFFER_TOO_SMALL)) {
  187. LocalFree(pwszDomain);
  188. LocalFree(pGroupSid);
  189. NtClose(Token);
  190. return( FALSE );
  191. }
  193. TokenGroupList = LocalAlloc(LPTR, InfoLength);
  194. if (TokenGroupList == NULL) {
  195. LocalFree(pwszDomain);
  196. LocalFree(pGroupSid);
  197. NtClose(Token);
  198. return(FALSE);
  199. }
  201. Status = NtQueryInformationToken(
  202. Token, // Handle
  203. TokenGroups, // TokenInformationClass
  204. TokenGroupList, // TokenInformation
  205. InfoLength, // TokenInformationLength
  206. &InfoLength // ReturnLength
  207. );
  208. if (!NT_SUCCESS(Status)) {
  209. LocalFree(TokenGroupList);
  210. LocalFree(pwszDomain);
  211. LocalFree(pGroupSid);
  212. NtClose(Token);
  213. return(FALSE);
  214. }
  216. //
  217. // Search group list for membership
  218. //
  219. GroupMember = FALSE;
  220. for (GroupIndex=0; GroupIndex < TokenGroupList->GroupCount; GroupIndex++ ) {
  221. if (RtlEqualSid(TokenGroupList->Groups[GroupIndex].Sid, pGroupSid)) {
  222. GroupMember = TRUE;
  223. break;
  224. }
  225. }
  227. //
  228. // Tidy up
  229. //
  230. LocalFree(TokenGroupList);
  231. LocalFree(pwszDomain);
  232. LocalFree(pGroupSid);
  233. NtClose(Token);
  235. return(GroupMember);
  236. }
  237. */
  239. /***************************************************************************\
  240. * FUNCTION: CtxImpersonateUser
  241. *
  242. * PURPOSE: Impersonates the user by setting the users token
  243. * on the specified thread. If no thread is specified the token
  244. * is set on the current thread.
  245. *
  246. * RETURNS: Handle to be used on call to StopImpersonating() or NULL on failure
  247. * If a non-null thread handle was passed in, the handle returned will
  248. * be the one passed in. (See note)
  249. *
  250. * NOTES: Take care when passing in a thread handle and then calling
  251. * StopImpersonating() with the handle returned by this routine.
  252. * StopImpersonating() will close any thread handle passed to it -
  253. * even yours !
  254. *
  255. * HISTORY:
  256. *
  257. * 04-21-92 Davidc Created.
  258. * 12-18-96 cjc copied from \windows\gina\msgina\wlsec.c
  259. *
  260. \***************************************************************************/
  263. HANDLE
  264. CtxImpersonateUser(
  265. PCTX_USER_DATA UserData,
  266. HANDLE ThreadHandle
  267. )
  268. {
  269. NTSTATUS Status, IgnoreStatus;
  270. HANDLE UserToken = UserData->UserToken;
  271. SECURITY_QUALITY_OF_SERVICE SecurityQualityOfService;
  272. OBJECT_ATTRIBUTES ObjectAttributes;
  273. HANDLE ImpersonationToken;
  274. BOOL ThreadHandleOpened = FALSE;
  276. if (ThreadHandle == NULL) {
  278. //
  279. // Get a handle to the current thread.
  280. // Once we have this handle, we can set the user's impersonation
  281. // token into the thread and remove it later even though we ARE
  282. // the user for the removal operation. This is because the handle
  283. // contains the access rights - the access is not re-evaluated
  284. // at token removal time.
  285. //
  287. Status = NtDuplicateObject( NtCurrentProcess(), // Source process
  288. NtCurrentThread(), // Source handle
  289. NtCurrentProcess(), // Target process
  290. &ThreadHandle, // Target handle
  291. THREAD_SET_THREAD_TOKEN,// Access
  292. 0L, // Attributes
  293. DUPLICATE_SAME_ATTRIBUTES
  294. );
  295. if (!NT_SUCCESS(Status)) {
  296. return(NULL);
  297. }
  299. ThreadHandleOpened = TRUE;
  300. }
  303. //
  304. // If the usertoken is NULL, there's nothing to do
  305. //
  307. if (UserToken != NULL) {
  309. //
  310. // UserToken is a primary token - create an impersonation token version
  311. // of it so we can set it on our thread
  312. //
  314. InitializeObjectAttributes(
  315. &ObjectAttributes,
  316. NULL,
  317. 0L,
  318. NULL,
  319. UserData->NewThreadTokenSD);
  321. SecurityQualityOfService.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
  322. SecurityQualityOfService.ImpersonationLevel = SecurityImpersonation;
  323. SecurityQualityOfService.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
  324. SecurityQualityOfService.EffectiveOnly = FALSE;
  326. ObjectAttributes.SecurityQualityOfService = &SecurityQualityOfService;
  329. Status = NtDuplicateToken( UserToken,
  330. TOKEN_IMPERSONATE | TOKEN_ADJUST_PRIVILEGES |
  331. TOKEN_QUERY,
  332. &ObjectAttributes,
  333. FALSE,
  334. TokenImpersonation,
  335. &ImpersonationToken
  336. );
  337. if (!NT_SUCCESS(Status)) {
  339. if (ThreadHandleOpened) {
  340. IgnoreStatus = NtClose(ThreadHandle);
  341. ASSERT(NT_SUCCESS(IgnoreStatus));
  342. }
  344. return(NULL);
  345. }
  349. //
  350. // Set the impersonation token on this thread so we 'are' the user
  351. //
  353. Status = NtSetInformationThread( ThreadHandle,
  354. ThreadImpersonationToken,
  355. (PVOID)&ImpersonationToken,
  356. sizeof(ImpersonationToken)
  357. );
  358. //
  359. // We're finished with our handle to the impersonation token
  360. //
  362. IgnoreStatus = NtClose(ImpersonationToken);
  363. ASSERT(NT_SUCCESS(IgnoreStatus));
  365. //
  366. // Check we set the token on our thread ok
  367. //
  369. if (!NT_SUCCESS(Status)) {
  371. if (ThreadHandleOpened) {
  372. IgnoreStatus = NtClose(ThreadHandle);
  373. ASSERT(NT_SUCCESS(IgnoreStatus));
  374. }
  376. return(NULL);
  377. }
  378. }
  381. return(ThreadHandle);
  383. }
  386. /***************************************************************************\
  387. * FUNCTION: CtxStopImpersonating
  388. *
  389. * PURPOSE: Stops impersonating the client by removing the token on the
  390. * current thread.
  391. *
  392. * PARAMETERS: ThreadHandle - handle returned by ImpersonateUser() call.
  393. *
  394. * RETURNS: TRUE on success, FALSE on failure
  395. *
  396. * NOTES: If a thread handle was passed in to ImpersonateUser() then the
  397. * handle returned was one and the same. If this is passed to
  398. * StopImpersonating() the handle will be closed. Take care !
  399. *
  400. * HISTORY:
  401. *
  402. * 04-21-92 Davidc Created.
  403. * 12-18-96 cjc copied from \windows\gina\msgina\wlsec.c
  404. *
  405. \***************************************************************************/
  407. BOOL
  408. CtxStopImpersonating(
  409. HANDLE ThreadHandle
  410. )
  411. {
  412. NTSTATUS Status, IgnoreStatus;
  413. HANDLE ImpersonationToken;
  416. if (ThreadHandle == NULL) {
  417. return FALSE;
  418. }
  419. //
  420. // Remove the user's token from our thread so we are 'ourself' again
  421. //
  423. ImpersonationToken = NULL;
  425. Status = NtSetInformationThread( ThreadHandle,
  426. ThreadImpersonationToken,
  427. (PVOID)&ImpersonationToken,
  428. sizeof(ImpersonationToken)
  429. );
  430. //
  431. // We're finished with the thread handle
  432. //
  434. IgnoreStatus = NtClose(ThreadHandle);
  435. ASSERT(NT_SUCCESS(IgnoreStatus));
  437. return(NT_SUCCESS(Status));
  438. }