Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

342 lines
12 KiB

// --------------------------------------------------------------------------
// Module Name: ProfileUtil.cpp
//
// Copyright (c) 2000, Microsoft Corporation
//
// Class to handle profile loading and unloading without a token.
//
// History: 2000-06-21 vtan created
// --------------------------------------------------------------------------
#include <nt.h>
#include <ntrtl.h>
#include <nturtl.h>
#include <windows.h>
#include <sddl.h>
#include <lmaccess.h>
#include <lmapibuf.h>
#include <dsgetdc.h>
#include "ProfileUtil.h"
#include "TokenUtil.h"
#define ARRAYSIZE(x) (sizeof(x) / sizeof(x[0]))
#define TBOOL(x) (BOOL)(x)
#define TW32(x) (DWORD)(x)
// --------------------------------------------------------------------------
// CUserProfile::s_szUserHiveFilename
//
// Purpose: Default user hive name.
//
// History: 2000-06-21 vtan created
// --------------------------------------------------------------------------
const TCHAR CUserProfile::s_szUserHiveFilename[] = TEXT("ntuser.dat");
// --------------------------------------------------------------------------
// CUserProfile::CUserProfile
//
// Arguments: pszUsername = User name of profile to load.
// pszDomain = Domain for the user.
//
// Returns: <none>
//
// Purpose: Opens a handle to the given user's hive. If the hive isn't
// loaded then the hive is loaded and a handle opened.
//
// History: 2000-06-21 vtan created
// --------------------------------------------------------------------------
CUserProfile::CUserProfile (const TCHAR *pszUsername, const TCHAR *pszDomain) :
_hKeyProfile(NULL),
_pszSID(NULL),
_fLoaded(false)
{
// Validate parameter.
if (!IsBadStringPtr(pszUsername, static_cast<UINT_PTR>(-1)))
{
PSID pSID;
// Convert the username to a SID.
pSID = UsernameToSID(pszUsername, pszDomain);
if (pSID != NULL)
{
// Convert the SID to a string.
if (ConvertSidToStringSid(pSID, &_pszSID) != FALSE)
{
// Attempt to open the user's hive.
if (ERROR_SUCCESS != RegOpenKeyEx(HKEY_USERS,
_pszSID,
0,
KEY_ALL_ACCESS,
&_hKeyProfile))
{
TCHAR szProfilePath[MAX_PATH];
// If that failed then convert the string to a profile path.
if (SIDStringToProfilePath(_pszSID, szProfilePath))
{
// Prevent buffer overrun.
if ((lstrlen(szProfilePath) + sizeof('\\') + ARRAYSIZE(s_szUserHiveFilename)) < ARRAYSIZE(szProfilePath))
{
CPrivilegeEnable privilege(SE_RESTORE_NAME);
// Enable SE_RESTORE_PRIVILEGE and create the
// path to the user hive. Then load the hive.
lstrcat(szProfilePath, TEXT("\\"));
lstrcat(szProfilePath, s_szUserHiveFilename);
if (ERROR_SUCCESS == RegLoadKey(HKEY_USERS, _pszSID, szProfilePath))
{
// Mark the hive as loaded and open the handle.
_fLoaded = true;
TW32(RegOpenKeyEx(HKEY_USERS,
_pszSID,
0,
KEY_ALL_ACCESS,
&_hKeyProfile));
}
}
}
}
}
(HLOCAL)LocalFree(pSID);
}
}
}
// --------------------------------------------------------------------------
// CUserProfile::~CUserProfile
//
// Arguments: <none>
//
// Returns: <none>
//
// Purpose: Releases resources used by this object.
//
// History: 2000-06-21 vtan created
// --------------------------------------------------------------------------
CUserProfile::~CUserProfile (void)
{
if (_hKeyProfile != NULL)
{
TBOOL(RegCloseKey(_hKeyProfile));
}
if (_fLoaded)
{
CPrivilegeEnable privilege(SE_RESTORE_NAME);
TW32(RegUnLoadKey(HKEY_USERS, _pszSID));
_fLoaded = false;
}
if (_pszSID != NULL)
{
(HLOCAL)LocalFree(_pszSID);
_pszSID = NULL;
}
}
// --------------------------------------------------------------------------
// CUserProfile::operator HKEY
//
// Arguments: <none>
//
// Returns: HKEY
//
// Purpose: Returns the HKEY to the user's hive.
//
// History: 2000-06-21 vtan created
// --------------------------------------------------------------------------
CUserProfile::operator HKEY (void) const
{
return(_hKeyProfile);
}
// --------------------------------------------------------------------------
// CUserProfile::UsernameToSID
//
// Arguments: pszUsername = User name to convert.
// pszDomain = Domain for the user.
//
// Returns: PSID
//
// Purpose: Uses the security accounts manager to look up the account by
// name and return the SID.
//
// History: 2000-06-21 vtan created
// --------------------------------------------------------------------------
PSID CUserProfile::UsernameToSID (const TCHAR *pszUsername, const TCHAR *pszDomain)
{
DWORD dwSIDSize, dwComputerNameSize, dwReferencedDomainSize;
SID_NAME_USE eSIDUse;
PSID pSID, pSIDResult;
WCHAR *pszDomainControllerName;
DOMAIN_CONTROLLER_INFO *pDCI;
TCHAR szComputerName[CNLEN + sizeof('\0')];
pSIDResult = NULL;
dwComputerNameSize = ARRAYSIZE(szComputerName);
if (GetComputerName(szComputerName, &dwComputerNameSize) == FALSE)
{
szComputerName[0] = TEXT('\0');
}
if ((pszDomain != NULL) &&
(lstrcmpi(szComputerName, pszDomain) != 0) &&
(ERROR_SUCCESS == DsGetDcName(NULL,
pszDomain,
NULL,
NULL,
0,
&pDCI)))
{
pszDomainControllerName = pDCI->DomainControllerName;
}
else
{
pDCI = NULL;
pszDomainControllerName = NULL;
}
dwSIDSize = dwReferencedDomainSize = 0;
(BOOL)LookupAccountName(pszDomainControllerName,
pszUsername,
NULL,
&dwSIDSize,
NULL,
&dwReferencedDomainSize,
&eSIDUse);
pSID = LocalAlloc(LMEM_FIXED, dwSIDSize);
if (pSID != NULL)
{
TCHAR *pszReferencedDomain;
pszReferencedDomain = static_cast<TCHAR*>(LocalAlloc(LMEM_FIXED, dwReferencedDomainSize * sizeof(TCHAR)));
if (pszReferencedDomain != NULL)
{
if (LookupAccountName(pszDomainControllerName,
pszUsername,
pSID,
&dwSIDSize,
pszReferencedDomain,
&dwReferencedDomainSize,
&eSIDUse) != FALSE)
{
if (SidTypeUser == eSIDUse)
{
// If the account was successfully looked up and the
// account type is a user then return the result back
// to the caller and ensure that it's not released here.
pSIDResult = pSID;
pSID = NULL;
}
}
(HLOCAL)LocalFree(pszReferencedDomain);
}
if (pSID != NULL)
{
(HLOCAL)LocalFree(pSID);
}
}
if (pDCI != NULL)
{
(NET_API_STATUS)NetApiBufferFree(pDCI);
}
return(pSIDResult);
}
// --------------------------------------------------------------------------
// CUserProfile::SIDStringToProfilePath
//
// Arguments: pszSIDString = SID string to look up.
// pszProfilePath = Returned path to the profile.
//
// Returns: bool
//
// Purpose: Looks up the profile path for the given SID string in the
// location where userenv stores it. This doesn't change
// although no API exists for this information.
//
// History: 2000-06-21 vtan created
// --------------------------------------------------------------------------
bool CUserProfile::SIDStringToProfilePath (const TCHAR *pszSIDString, TCHAR *pszProfilePath)
{
bool fResult;
fResult = false;
if (!IsBadStringPtr(pszSIDString, static_cast<UINT_PTR>(-1)) && !IsBadWritePtr(pszProfilePath, MAX_PATH * sizeof(TCHAR)))
{
HKEY hKeyProfileList;
pszProfilePath[0] = TEXT('\0');
if (ERROR_SUCCESS == RegOpenKeyEx(HKEY_LOCAL_MACHINE,
TEXT("SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList"),
0,
KEY_QUERY_VALUE,
&hKeyProfileList))
{
HKEY hKeySID;
if (ERROR_SUCCESS == RegOpenKeyEx(hKeyProfileList,
pszSIDString,
0,
KEY_QUERY_VALUE,
&hKeySID))
{
DWORD dwType, dwProfilePathSize;
TCHAR szProfilePath[MAX_PATH];
dwProfilePathSize = ARRAYSIZE(szProfilePath);
if (ERROR_SUCCESS == RegQueryValueEx(hKeySID,
TEXT("ProfileImagePath"),
NULL,
&dwType,
reinterpret_cast<LPBYTE>(szProfilePath),
&dwProfilePathSize))
{
if (REG_EXPAND_SZ == dwType)
{
fResult = true;
if (ExpandEnvironmentStrings(szProfilePath, pszProfilePath, MAX_PATH) == 0)
{
dwType = REG_SZ;
}
}
if (REG_SZ == dwType)
{
fResult = true;
(TCHAR*)lstrcpy(pszProfilePath, szProfilePath);
}
}
TW32(RegCloseKey(hKeySID));
}
TW32(RegCloseKey(hKeyProfileList));
}
}
return(fResult);
}