You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
318 lines
9.1 KiB
318 lines
9.1 KiB
//***************************************************************************
|
|
//
|
|
// Copyright (c) 1998-1999 Microsoft Corporation
|
|
//
|
|
// security.h
|
|
//
|
|
// alanbos 25-Sep-98 Created.
|
|
//
|
|
// Defines the CSWbemSecurity and subsiduary objects
|
|
//
|
|
//***************************************************************************
|
|
|
|
#ifndef _SECURITY_H_
|
|
#define _SECURITY_H_
|
|
|
|
//***************************************************************************
|
|
//
|
|
// CLASS NAME:
|
|
//
|
|
// CWbemLocatorSecurity
|
|
//
|
|
// DESCRIPTION:
|
|
//
|
|
// Implements the ISWbemSecurity interface for SWbemLocator objects.
|
|
//
|
|
//***************************************************************************
|
|
|
|
class CWbemLocatorSecurity : public ISWbemSecurity,
|
|
public ISupportErrorInfo,
|
|
public IProvideClassInfo
|
|
{
|
|
private:
|
|
CSWbemPrivilegeSet *m_pPrivilegeSet;
|
|
CDispatchHelp m_Dispatch;
|
|
bool m_impLevelSet;
|
|
WbemImpersonationLevelEnum m_impLevel;
|
|
bool m_authnLevelSet;
|
|
WbemAuthenticationLevelEnum m_authnLevel;
|
|
|
|
protected:
|
|
long m_cRef; //Object reference count
|
|
|
|
public:
|
|
CWbemLocatorSecurity (CSWbemPrivilegeSet *pPrivilegeSet);
|
|
CWbemLocatorSecurity (CWbemLocatorSecurity *pCWbemLocatorSecurity);
|
|
virtual ~CWbemLocatorSecurity (void);
|
|
|
|
//Non-delegating object IUnknown
|
|
|
|
STDMETHODIMP QueryInterface(REFIID, LPVOID*);
|
|
STDMETHODIMP_(ULONG) AddRef(void);
|
|
STDMETHODIMP_(ULONG) Release(void);
|
|
|
|
// IDispatch
|
|
|
|
STDMETHODIMP GetTypeInfoCount(UINT* pctinfo)
|
|
{return m_Dispatch.GetTypeInfoCount(pctinfo);}
|
|
STDMETHODIMP GetTypeInfo(UINT itinfo, LCID lcid, ITypeInfo** pptinfo)
|
|
{return m_Dispatch.GetTypeInfo(itinfo, lcid, pptinfo);}
|
|
STDMETHODIMP GetIDsOfNames(REFIID riid, OLECHAR** rgszNames,
|
|
UINT cNames, LCID lcid, DISPID* rgdispid)
|
|
{return m_Dispatch.GetIDsOfNames(riid, rgszNames, cNames,
|
|
lcid,
|
|
rgdispid);}
|
|
STDMETHODIMP Invoke(DISPID dispidMember, REFIID riid, LCID lcid,
|
|
WORD wFlags, DISPPARAMS* pdispparams, VARIANT* pvarResult,
|
|
EXCEPINFO* pexcepinfo, UINT* puArgErr)
|
|
{return m_Dispatch.Invoke(dispidMember, riid, lcid, wFlags,
|
|
pdispparams, pvarResult, pexcepinfo, puArgErr);}
|
|
|
|
// ISWbemSecurity methods
|
|
|
|
HRESULT STDMETHODCALLTYPE get_ImpersonationLevel
|
|
(
|
|
/* [out] */ WbemImpersonationLevelEnum *iImpersonationLevel
|
|
);
|
|
|
|
HRESULT STDMETHODCALLTYPE put_ImpersonationLevel
|
|
(
|
|
/* [in] */ WbemImpersonationLevelEnum iImpersonationLevel
|
|
);
|
|
|
|
HRESULT STDMETHODCALLTYPE get_AuthenticationLevel
|
|
(
|
|
/* [out] */ WbemAuthenticationLevelEnum *iAuthenticationLevel
|
|
);
|
|
|
|
HRESULT STDMETHODCALLTYPE put_AuthenticationLevel
|
|
(
|
|
/* [in] */ WbemAuthenticationLevelEnum iAuthenticationLevel
|
|
);
|
|
|
|
HRESULT STDMETHODCALLTYPE get_Privileges
|
|
(
|
|
/* [out] */ ISWbemPrivilegeSet **objWbemPrivileges
|
|
);
|
|
|
|
// ISupportErrorInfo methods
|
|
HRESULT STDMETHODCALLTYPE InterfaceSupportsErrorInfo
|
|
(
|
|
/* [in] */ REFIID riid
|
|
);
|
|
|
|
// IProvideClassInfo methods
|
|
HRESULT STDMETHODCALLTYPE GetClassInfo
|
|
(
|
|
/* [in] */ ITypeInfo **ppTI
|
|
)
|
|
{
|
|
return m_Dispatch.GetClassInfo (ppTI);
|
|
}
|
|
|
|
// CWbemLocatorSecurity methods
|
|
bool IsImpersonationSet () { return m_impLevelSet; }
|
|
bool IsAuthenticationSet () { return m_authnLevelSet; }
|
|
BOOL SetSecurity (BSTR bsUser, bool &needToResetSecurity, HANDLE &hThreadToken);
|
|
void ResetSecurity (HANDLE hThreadToken);
|
|
|
|
CSWbemPrivilegeSet *GetPrivilegeSet ()
|
|
{
|
|
CSWbemPrivilegeSet *pPrivSet = m_pPrivilegeSet;
|
|
|
|
if (pPrivSet)
|
|
pPrivSet->AddRef ();
|
|
|
|
return pPrivSet;
|
|
}
|
|
};
|
|
|
|
//***************************************************************************
|
|
//
|
|
// CLASS NAME:
|
|
//
|
|
// CSWbemSecurity
|
|
//
|
|
// DESCRIPTION:
|
|
//
|
|
// Implements the ISWbemSecurity interface for non-SWbemLocator objects.
|
|
//
|
|
//***************************************************************************
|
|
|
|
class CSWbemSecurity : public ISWbemSecurity,
|
|
public ISupportErrorInfo,
|
|
public ISWbemInternalSecurity,
|
|
public IProvideClassInfo
|
|
{
|
|
private:
|
|
CSWbemPrivilegeSet *m_pPrivilegeSet;
|
|
CDispatchHelp m_Dispatch;
|
|
CSWbemProxyCache *m_pProxyCache;
|
|
IUnknown *m_pCurProxy;
|
|
|
|
CSWbemProxyCache *GetProxyCache ()
|
|
{
|
|
CSWbemProxyCache *pCache = m_pProxyCache;
|
|
|
|
if (pCache)
|
|
pCache->AddRef ();
|
|
|
|
return pCache;
|
|
}
|
|
|
|
// Sundry statics
|
|
static bool s_bInitialized;
|
|
static bool s_bIsNT;
|
|
static DWORD s_dwNTMajorVersion;
|
|
static HINSTANCE s_hAdvapi;
|
|
static bool s_bCanRevert;
|
|
static WbemImpersonationLevelEnum s_dwDefaultImpersonationLevel;
|
|
|
|
static SECURITY_IMPERSONATION_LEVEL MapImpersonationLevel(WbemImpersonationLevelEnum ImpersonationLevel);
|
|
|
|
protected:
|
|
long m_cRef; //Object reference count
|
|
|
|
public:
|
|
|
|
CSWbemSecurity (IUnknown *pUnk,
|
|
BSTR bsAuthority = NULL,
|
|
BSTR bsUser = NULL, BSTR bsPassword = NULL,
|
|
CWbemLocatorSecurity *pSecurity = NULL);
|
|
CSWbemSecurity (IUnknown *pUnk,
|
|
COAUTHIDENTITY *pCoAuthIdentity,
|
|
BSTR bsPrincipal,
|
|
BSTR bsAuthority);
|
|
CSWbemSecurity (CSWbemSecurity *pSecurity);
|
|
CSWbemSecurity (IUnknown *pUnk,
|
|
CSWbemSecurity *pSecurity);
|
|
CSWbemSecurity (IUnknown *pUnk,
|
|
ISWbemInternalSecurity *pSecurity);
|
|
virtual ~CSWbemSecurity (void);
|
|
|
|
//Non-delegating object IUnknown
|
|
|
|
STDMETHODIMP QueryInterface(REFIID, LPVOID*);
|
|
STDMETHODIMP_(ULONG) AddRef(void);
|
|
STDMETHODIMP_(ULONG) Release(void);
|
|
|
|
// IDispatch
|
|
|
|
STDMETHODIMP GetTypeInfoCount(UINT* pctinfo)
|
|
{return m_Dispatch.GetTypeInfoCount(pctinfo);}
|
|
STDMETHODIMP GetTypeInfo(UINT itinfo, LCID lcid, ITypeInfo** pptinfo)
|
|
{return m_Dispatch.GetTypeInfo(itinfo, lcid, pptinfo);}
|
|
STDMETHODIMP GetIDsOfNames(REFIID riid, OLECHAR** rgszNames,
|
|
UINT cNames, LCID lcid, DISPID* rgdispid)
|
|
{return m_Dispatch.GetIDsOfNames(riid, rgszNames, cNames,
|
|
lcid,
|
|
rgdispid);}
|
|
STDMETHODIMP Invoke(DISPID dispidMember, REFIID riid, LCID lcid,
|
|
WORD wFlags, DISPPARAMS* pdispparams, VARIANT* pvarResult,
|
|
EXCEPINFO* pexcepinfo, UINT* puArgErr)
|
|
{return m_Dispatch.Invoke(dispidMember, riid, lcid, wFlags,
|
|
pdispparams, pvarResult, pexcepinfo, puArgErr);}
|
|
|
|
// ISWbemSecurity methods
|
|
|
|
HRESULT STDMETHODCALLTYPE get_ImpersonationLevel
|
|
(
|
|
/* [out] */ WbemImpersonationLevelEnum *iImpersonationLevel
|
|
);
|
|
|
|
HRESULT STDMETHODCALLTYPE put_ImpersonationLevel
|
|
(
|
|
/* [in] */ WbemImpersonationLevelEnum iImpersonationLevel
|
|
);
|
|
|
|
HRESULT STDMETHODCALLTYPE get_AuthenticationLevel
|
|
(
|
|
/* [out] */ WbemAuthenticationLevelEnum *iAuthenticationLevel
|
|
);
|
|
|
|
HRESULT STDMETHODCALLTYPE put_AuthenticationLevel
|
|
(
|
|
/* [in] */ WbemAuthenticationLevelEnum iAuthenticationLevel
|
|
);
|
|
|
|
HRESULT STDMETHODCALLTYPE get_Privileges
|
|
(
|
|
/* [out] */ ISWbemPrivilegeSet **objWbemPrivileges
|
|
);
|
|
|
|
// ISupportErrorInfo methods
|
|
HRESULT STDMETHODCALLTYPE InterfaceSupportsErrorInfo
|
|
(
|
|
/* [in] */ REFIID riid
|
|
);
|
|
|
|
// IProvideClassInfo methods
|
|
HRESULT STDMETHODCALLTYPE GetClassInfo
|
|
(
|
|
/* [in] */ ITypeInfo **ppTI
|
|
)
|
|
{
|
|
return m_Dispatch.GetClassInfo (ppTI);
|
|
}
|
|
|
|
// ISWbemInternalSecurity methods
|
|
HRESULT STDMETHODCALLTYPE GetAuthority (BSTR *bsAuthority);
|
|
HRESULT STDMETHODCALLTYPE GetUPD (BSTR *bsUser, BSTR *bsPassword, BSTR *bsDomain);
|
|
HRESULT STDMETHODCALLTYPE GetPrincipal (BSTR *bsPrincipal);
|
|
|
|
// CSWbemSecurity methods
|
|
|
|
COAUTHIDENTITY *GetCoAuthIdentity () { return (m_pProxyCache ? m_pProxyCache->GetCoAuthIdentity () : NULL); }
|
|
BSTR GetPrincipal () { return (m_pProxyCache ? m_pProxyCache->GetPrincipal (): NULL); }
|
|
BSTR GetAuthority () { return (m_pProxyCache ? m_pProxyCache->GetAuthority (): NULL); }
|
|
bool IsUsingExplicitUserName () { return (m_pProxyCache ? m_pProxyCache->IsUsingExplicitUserName (): false); }
|
|
|
|
IUnknown *GetProxy ()
|
|
{
|
|
IUnknown *pProxy = m_pCurProxy;
|
|
|
|
if (pProxy)
|
|
pProxy->AddRef ();
|
|
|
|
return pProxy;
|
|
}
|
|
|
|
CSWbemPrivilegeSet *GetPrivilegeSet ()
|
|
{
|
|
CSWbemPrivilegeSet *pPrivSet = m_pPrivilegeSet;
|
|
|
|
if (pPrivSet)
|
|
pPrivSet->AddRef ();
|
|
|
|
return pPrivSet;
|
|
}
|
|
|
|
void SecureInterface (IUnknown *pUnk);
|
|
void SecureInterfaceRev (IUnknown *pUnk);
|
|
|
|
// Sundry Privilege-related functions
|
|
static BOOL AdjustTokenPrivileges (HANDLE hHandle, CSWbemPrivilegeSet *pPrivilegeSet);
|
|
static BOOL LookupPrivilegeValue (LPCTSTR lpName, PLUID pLuid);
|
|
static void LookupPrivilegeDisplayName (LPCTSTR lpName, BSTR *pDisplayName);
|
|
|
|
BOOL SetSecurity (bool &needToResetSecurity, HANDLE &hThreadToken);
|
|
void ResetSecurity (HANDLE hThreadToken);
|
|
|
|
// Used to define resources
|
|
static void Initialize ();
|
|
static void Uninitialize ();
|
|
|
|
// Sundry OS versioning helper routines
|
|
static bool IsNT () { return s_bIsNT; }
|
|
static DWORD GetNTMajorVersion () { return s_dwNTMajorVersion; }
|
|
static bool CanRevertToSelf () { return s_bCanRevert; }
|
|
static WbemImpersonationLevelEnum GetDefaultImpersonationLevel ()
|
|
{ return s_dwDefaultImpersonationLevel; }
|
|
static bool IsImpersonating (bool useDefaultUser, bool useDefaultAuthority);
|
|
|
|
#ifdef WSCRPDEBUG
|
|
static void PrintPrivileges (HANDLE hToken);
|
|
#endif
|
|
};
|
|
|
|
#endif
|