Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

318 lines
9.1 KiB

//***************************************************************************
//
// Copyright (c) 1998-1999 Microsoft Corporation
//
// security.h
//
// alanbos 25-Sep-98 Created.
//
// Defines the CSWbemSecurity and subsiduary objects
//
//***************************************************************************
#ifndef _SECURITY_H_
#define _SECURITY_H_
//***************************************************************************
//
// CLASS NAME:
//
// CWbemLocatorSecurity
//
// DESCRIPTION:
//
// Implements the ISWbemSecurity interface for SWbemLocator objects.
//
//***************************************************************************
class CWbemLocatorSecurity : public ISWbemSecurity,
public ISupportErrorInfo,
public IProvideClassInfo
{
private:
CSWbemPrivilegeSet *m_pPrivilegeSet;
CDispatchHelp m_Dispatch;
bool m_impLevelSet;
WbemImpersonationLevelEnum m_impLevel;
bool m_authnLevelSet;
WbemAuthenticationLevelEnum m_authnLevel;
protected:
long m_cRef; //Object reference count
public:
CWbemLocatorSecurity (CSWbemPrivilegeSet *pPrivilegeSet);
CWbemLocatorSecurity (CWbemLocatorSecurity *pCWbemLocatorSecurity);
virtual ~CWbemLocatorSecurity (void);
//Non-delegating object IUnknown
STDMETHODIMP QueryInterface(REFIID, LPVOID*);
STDMETHODIMP_(ULONG) AddRef(void);
STDMETHODIMP_(ULONG) Release(void);
// IDispatch
STDMETHODIMP GetTypeInfoCount(UINT* pctinfo)
{return m_Dispatch.GetTypeInfoCount(pctinfo);}
STDMETHODIMP GetTypeInfo(UINT itinfo, LCID lcid, ITypeInfo** pptinfo)
{return m_Dispatch.GetTypeInfo(itinfo, lcid, pptinfo);}
STDMETHODIMP GetIDsOfNames(REFIID riid, OLECHAR** rgszNames,
UINT cNames, LCID lcid, DISPID* rgdispid)
{return m_Dispatch.GetIDsOfNames(riid, rgszNames, cNames,
lcid,
rgdispid);}
STDMETHODIMP Invoke(DISPID dispidMember, REFIID riid, LCID lcid,
WORD wFlags, DISPPARAMS* pdispparams, VARIANT* pvarResult,
EXCEPINFO* pexcepinfo, UINT* puArgErr)
{return m_Dispatch.Invoke(dispidMember, riid, lcid, wFlags,
pdispparams, pvarResult, pexcepinfo, puArgErr);}
// ISWbemSecurity methods
HRESULT STDMETHODCALLTYPE get_ImpersonationLevel
(
/* [out] */ WbemImpersonationLevelEnum *iImpersonationLevel
);
HRESULT STDMETHODCALLTYPE put_ImpersonationLevel
(
/* [in] */ WbemImpersonationLevelEnum iImpersonationLevel
);
HRESULT STDMETHODCALLTYPE get_AuthenticationLevel
(
/* [out] */ WbemAuthenticationLevelEnum *iAuthenticationLevel
);
HRESULT STDMETHODCALLTYPE put_AuthenticationLevel
(
/* [in] */ WbemAuthenticationLevelEnum iAuthenticationLevel
);
HRESULT STDMETHODCALLTYPE get_Privileges
(
/* [out] */ ISWbemPrivilegeSet **objWbemPrivileges
);
// ISupportErrorInfo methods
HRESULT STDMETHODCALLTYPE InterfaceSupportsErrorInfo
(
/* [in] */ REFIID riid
);
// IProvideClassInfo methods
HRESULT STDMETHODCALLTYPE GetClassInfo
(
/* [in] */ ITypeInfo **ppTI
)
{
return m_Dispatch.GetClassInfo (ppTI);
}
// CWbemLocatorSecurity methods
bool IsImpersonationSet () { return m_impLevelSet; }
bool IsAuthenticationSet () { return m_authnLevelSet; }
BOOL SetSecurity (BSTR bsUser, bool &needToResetSecurity, HANDLE &hThreadToken);
void ResetSecurity (HANDLE hThreadToken);
CSWbemPrivilegeSet *GetPrivilegeSet ()
{
CSWbemPrivilegeSet *pPrivSet = m_pPrivilegeSet;
if (pPrivSet)
pPrivSet->AddRef ();
return pPrivSet;
}
};
//***************************************************************************
//
// CLASS NAME:
//
// CSWbemSecurity
//
// DESCRIPTION:
//
// Implements the ISWbemSecurity interface for non-SWbemLocator objects.
//
//***************************************************************************
class CSWbemSecurity : public ISWbemSecurity,
public ISupportErrorInfo,
public ISWbemInternalSecurity,
public IProvideClassInfo
{
private:
CSWbemPrivilegeSet *m_pPrivilegeSet;
CDispatchHelp m_Dispatch;
CSWbemProxyCache *m_pProxyCache;
IUnknown *m_pCurProxy;
CSWbemProxyCache *GetProxyCache ()
{
CSWbemProxyCache *pCache = m_pProxyCache;
if (pCache)
pCache->AddRef ();
return pCache;
}
// Sundry statics
static bool s_bInitialized;
static bool s_bIsNT;
static DWORD s_dwNTMajorVersion;
static HINSTANCE s_hAdvapi;
static bool s_bCanRevert;
static WbemImpersonationLevelEnum s_dwDefaultImpersonationLevel;
static SECURITY_IMPERSONATION_LEVEL MapImpersonationLevel(WbemImpersonationLevelEnum ImpersonationLevel);
protected:
long m_cRef; //Object reference count
public:
CSWbemSecurity (IUnknown *pUnk,
BSTR bsAuthority = NULL,
BSTR bsUser = NULL, BSTR bsPassword = NULL,
CWbemLocatorSecurity *pSecurity = NULL);
CSWbemSecurity (IUnknown *pUnk,
COAUTHIDENTITY *pCoAuthIdentity,
BSTR bsPrincipal,
BSTR bsAuthority);
CSWbemSecurity (CSWbemSecurity *pSecurity);
CSWbemSecurity (IUnknown *pUnk,
CSWbemSecurity *pSecurity);
CSWbemSecurity (IUnknown *pUnk,
ISWbemInternalSecurity *pSecurity);
virtual ~CSWbemSecurity (void);
//Non-delegating object IUnknown
STDMETHODIMP QueryInterface(REFIID, LPVOID*);
STDMETHODIMP_(ULONG) AddRef(void);
STDMETHODIMP_(ULONG) Release(void);
// IDispatch
STDMETHODIMP GetTypeInfoCount(UINT* pctinfo)
{return m_Dispatch.GetTypeInfoCount(pctinfo);}
STDMETHODIMP GetTypeInfo(UINT itinfo, LCID lcid, ITypeInfo** pptinfo)
{return m_Dispatch.GetTypeInfo(itinfo, lcid, pptinfo);}
STDMETHODIMP GetIDsOfNames(REFIID riid, OLECHAR** rgszNames,
UINT cNames, LCID lcid, DISPID* rgdispid)
{return m_Dispatch.GetIDsOfNames(riid, rgszNames, cNames,
lcid,
rgdispid);}
STDMETHODIMP Invoke(DISPID dispidMember, REFIID riid, LCID lcid,
WORD wFlags, DISPPARAMS* pdispparams, VARIANT* pvarResult,
EXCEPINFO* pexcepinfo, UINT* puArgErr)
{return m_Dispatch.Invoke(dispidMember, riid, lcid, wFlags,
pdispparams, pvarResult, pexcepinfo, puArgErr);}
// ISWbemSecurity methods
HRESULT STDMETHODCALLTYPE get_ImpersonationLevel
(
/* [out] */ WbemImpersonationLevelEnum *iImpersonationLevel
);
HRESULT STDMETHODCALLTYPE put_ImpersonationLevel
(
/* [in] */ WbemImpersonationLevelEnum iImpersonationLevel
);
HRESULT STDMETHODCALLTYPE get_AuthenticationLevel
(
/* [out] */ WbemAuthenticationLevelEnum *iAuthenticationLevel
);
HRESULT STDMETHODCALLTYPE put_AuthenticationLevel
(
/* [in] */ WbemAuthenticationLevelEnum iAuthenticationLevel
);
HRESULT STDMETHODCALLTYPE get_Privileges
(
/* [out] */ ISWbemPrivilegeSet **objWbemPrivileges
);
// ISupportErrorInfo methods
HRESULT STDMETHODCALLTYPE InterfaceSupportsErrorInfo
(
/* [in] */ REFIID riid
);
// IProvideClassInfo methods
HRESULT STDMETHODCALLTYPE GetClassInfo
(
/* [in] */ ITypeInfo **ppTI
)
{
return m_Dispatch.GetClassInfo (ppTI);
}
// ISWbemInternalSecurity methods
HRESULT STDMETHODCALLTYPE GetAuthority (BSTR *bsAuthority);
HRESULT STDMETHODCALLTYPE GetUPD (BSTR *bsUser, BSTR *bsPassword, BSTR *bsDomain);
HRESULT STDMETHODCALLTYPE GetPrincipal (BSTR *bsPrincipal);
// CSWbemSecurity methods
COAUTHIDENTITY *GetCoAuthIdentity () { return (m_pProxyCache ? m_pProxyCache->GetCoAuthIdentity () : NULL); }
BSTR GetPrincipal () { return (m_pProxyCache ? m_pProxyCache->GetPrincipal (): NULL); }
BSTR GetAuthority () { return (m_pProxyCache ? m_pProxyCache->GetAuthority (): NULL); }
bool IsUsingExplicitUserName () { return (m_pProxyCache ? m_pProxyCache->IsUsingExplicitUserName (): false); }
IUnknown *GetProxy ()
{
IUnknown *pProxy = m_pCurProxy;
if (pProxy)
pProxy->AddRef ();
return pProxy;
}
CSWbemPrivilegeSet *GetPrivilegeSet ()
{
CSWbemPrivilegeSet *pPrivSet = m_pPrivilegeSet;
if (pPrivSet)
pPrivSet->AddRef ();
return pPrivSet;
}
void SecureInterface (IUnknown *pUnk);
void SecureInterfaceRev (IUnknown *pUnk);
// Sundry Privilege-related functions
static BOOL AdjustTokenPrivileges (HANDLE hHandle, CSWbemPrivilegeSet *pPrivilegeSet);
static BOOL LookupPrivilegeValue (LPCTSTR lpName, PLUID pLuid);
static void LookupPrivilegeDisplayName (LPCTSTR lpName, BSTR *pDisplayName);
BOOL SetSecurity (bool &needToResetSecurity, HANDLE &hThreadToken);
void ResetSecurity (HANDLE hThreadToken);
// Used to define resources
static void Initialize ();
static void Uninitialize ();
// Sundry OS versioning helper routines
static bool IsNT () { return s_bIsNT; }
static DWORD GetNTMajorVersion () { return s_dwNTMajorVersion; }
static bool CanRevertToSelf () { return s_bCanRevert; }
static WbemImpersonationLevelEnum GetDefaultImpersonationLevel ()
{ return s_dwDefaultImpersonationLevel; }
static bool IsImpersonating (bool useDefaultUser, bool useDefaultAuthority);
#ifdef WSCRPDEBUG
static void PrintPrivileges (HANDLE hToken);
#endif
};
#endif