You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
475 lines
15 KiB
475 lines
15 KiB
/******************************************************************************
|
|
* PROCUTIL.C
|
|
*
|
|
* This is a scaled down version of procutil.c from utils\citrix\utilsub
|
|
* that is included here.
|
|
*
|
|
* We can not use utilsub.lib unless we modify every user of perflib.lib
|
|
* to also include this library. Also since utilsub.lib includes 'C' runtimes
|
|
* such as malloc() and free(), we would have to also include 'C' runtimes
|
|
* with every user of this library. (Currently advapi32.dll and winlogon.exe)
|
|
*
|
|
*
|
|
* Copyright Citrix Systems Inc. 1994
|
|
* Copyright (C) 1997-1999 Microsoft Corp.
|
|
*
|
|
* Author: John Richardson
|
|
*******************************************************************************/
|
|
|
|
#include "precomp.h"
|
|
#pragma hdrstop
|
|
|
|
|
|
#define MAX_USER_NAME_LENGTH (MAX_PATH*sizeof(WCHAR))
|
|
#define MAX_WINSTATION_NAME_LENGTH (MAX_PATH*sizeof(WCHAR))
|
|
|
|
#define ALLOCMEM(heap, flags, size) HeapAlloc (heap, flags, size)
|
|
#define REALLOCMEM(heap, flags, pointer, newsize) \
|
|
HeapReAlloc (heap, flags, pointer, newsize)
|
|
#define FREEMEM(heap, flags, pointer) HeapFree (heap, flags, pointer)
|
|
|
|
/*
|
|
* Set MAX_DOMAIN_LENGTH to MAX_USER_NAME_LENGTH
|
|
*/
|
|
|
|
#define MAX_DOMAIN_LENGTH MAX_USER_NAME_LENGTH
|
|
|
|
/*
|
|
* Local function prototypes.
|
|
*/
|
|
VOID LookupSidUser( PSID pSid, PWCHAR pUserName, PULONG pcbUserName );
|
|
VOID RefreshUserSidCrcCache( void );
|
|
|
|
|
|
/*******************************************************************************
|
|
*
|
|
* CalculateCrc16
|
|
*
|
|
* Calculates a 16-bit CRC of the specified buffer.
|
|
*
|
|
* ENTRY:
|
|
* pBuffer (input)
|
|
* Points to buffer to calculate CRC for.
|
|
* length (input)
|
|
* Length in bytes of the buffer.
|
|
*
|
|
* EXIT:
|
|
* (USHORT)
|
|
* The 16-bit CRC of the buffer.
|
|
*
|
|
******************************************************************************/
|
|
|
|
/*
|
|
* updcrc macro derived from article Copyright (C) 1986 Stephen Satchell.
|
|
* NOTE: First argument must be in range 0 to 255.
|
|
* Second argument is referenced twice.
|
|
*
|
|
* Programmers may incorporate any or all code into their programs,
|
|
* giving proper credit within the source. Publication of the
|
|
* source routines is permitted so long as proper credit is given
|
|
* to Stephen Satchell, Satchell Evaluations and Chuck Forsberg,
|
|
* Omen Technology.
|
|
*/
|
|
|
|
#define updcrc(cp, crc) ( crctab[((crc >> 8) & 255)] ^ (crc << 8) ^ cp)
|
|
|
|
|
|
/* crctab calculated by Mark G. Mendel, Network Systems Corporation */
|
|
unsigned short crctab[256] = {
|
|
0x0000, 0x1021, 0x2042, 0x3063, 0x4084, 0x50a5, 0x60c6, 0x70e7,
|
|
0x8108, 0x9129, 0xa14a, 0xb16b, 0xc18c, 0xd1ad, 0xe1ce, 0xf1ef,
|
|
0x1231, 0x0210, 0x3273, 0x2252, 0x52b5, 0x4294, 0x72f7, 0x62d6,
|
|
0x9339, 0x8318, 0xb37b, 0xa35a, 0xd3bd, 0xc39c, 0xf3ff, 0xe3de,
|
|
0x2462, 0x3443, 0x0420, 0x1401, 0x64e6, 0x74c7, 0x44a4, 0x5485,
|
|
0xa56a, 0xb54b, 0x8528, 0x9509, 0xe5ee, 0xf5cf, 0xc5ac, 0xd58d,
|
|
0x3653, 0x2672, 0x1611, 0x0630, 0x76d7, 0x66f6, 0x5695, 0x46b4,
|
|
0xb75b, 0xa77a, 0x9719, 0x8738, 0xf7df, 0xe7fe, 0xd79d, 0xc7bc,
|
|
0x48c4, 0x58e5, 0x6886, 0x78a7, 0x0840, 0x1861, 0x2802, 0x3823,
|
|
0xc9cc, 0xd9ed, 0xe98e, 0xf9af, 0x8948, 0x9969, 0xa90a, 0xb92b,
|
|
0x5af5, 0x4ad4, 0x7ab7, 0x6a96, 0x1a71, 0x0a50, 0x3a33, 0x2a12,
|
|
0xdbfd, 0xcbdc, 0xfbbf, 0xeb9e, 0x9b79, 0x8b58, 0xbb3b, 0xab1a,
|
|
0x6ca6, 0x7c87, 0x4ce4, 0x5cc5, 0x2c22, 0x3c03, 0x0c60, 0x1c41,
|
|
0xedae, 0xfd8f, 0xcdec, 0xddcd, 0xad2a, 0xbd0b, 0x8d68, 0x9d49,
|
|
0x7e97, 0x6eb6, 0x5ed5, 0x4ef4, 0x3e13, 0x2e32, 0x1e51, 0x0e70,
|
|
0xff9f, 0xefbe, 0xdfdd, 0xcffc, 0xbf1b, 0xaf3a, 0x9f59, 0x8f78,
|
|
0x9188, 0x81a9, 0xb1ca, 0xa1eb, 0xd10c, 0xc12d, 0xf14e, 0xe16f,
|
|
0x1080, 0x00a1, 0x30c2, 0x20e3, 0x5004, 0x4025, 0x7046, 0x6067,
|
|
0x83b9, 0x9398, 0xa3fb, 0xb3da, 0xc33d, 0xd31c, 0xe37f, 0xf35e,
|
|
0x02b1, 0x1290, 0x22f3, 0x32d2, 0x4235, 0x5214, 0x6277, 0x7256,
|
|
0xb5ea, 0xa5cb, 0x95a8, 0x8589, 0xf56e, 0xe54f, 0xd52c, 0xc50d,
|
|
0x34e2, 0x24c3, 0x14a0, 0x0481, 0x7466, 0x6447, 0x5424, 0x4405,
|
|
0xa7db, 0xb7fa, 0x8799, 0x97b8, 0xe75f, 0xf77e, 0xc71d, 0xd73c,
|
|
0x26d3, 0x36f2, 0x0691, 0x16b0, 0x6657, 0x7676, 0x4615, 0x5634,
|
|
0xd94c, 0xc96d, 0xf90e, 0xe92f, 0x99c8, 0x89e9, 0xb98a, 0xa9ab,
|
|
0x5844, 0x4865, 0x7806, 0x6827, 0x18c0, 0x08e1, 0x3882, 0x28a3,
|
|
0xcb7d, 0xdb5c, 0xeb3f, 0xfb1e, 0x8bf9, 0x9bd8, 0xabbb, 0xbb9a,
|
|
0x4a75, 0x5a54, 0x6a37, 0x7a16, 0x0af1, 0x1ad0, 0x2ab3, 0x3a92,
|
|
0xfd2e, 0xed0f, 0xdd6c, 0xcd4d, 0xbdaa, 0xad8b, 0x9de8, 0x8dc9,
|
|
0x7c26, 0x6c07, 0x5c64, 0x4c45, 0x3ca2, 0x2c83, 0x1ce0, 0x0cc1,
|
|
0xef1f, 0xff3e, 0xcf5d, 0xdf7c, 0xaf9b, 0xbfba, 0x8fd9, 0x9ff8,
|
|
0x6e17, 0x7e36, 0x4e55, 0x5e74, 0x2e93, 0x3eb2, 0x0ed1, 0x1ef0
|
|
};
|
|
|
|
USHORT
|
|
CalculateCrc16( PBYTE pBuffer,
|
|
USHORT length )
|
|
{
|
|
|
|
USHORT Crc = 0;
|
|
USHORT Data;
|
|
|
|
while ( length-- ) {
|
|
Data = (USHORT) *pBuffer++;
|
|
Crc = updcrc( Data, Crc );
|
|
}
|
|
|
|
return(Crc);
|
|
|
|
} /* CalculateCrc16() */
|
|
|
|
/*
|
|
* RefreshCitrixObjectCaches()
|
|
*
|
|
* Refresh (invalidate) any caches that may be used by Citrix object
|
|
* utilities.
|
|
*
|
|
*/
|
|
VOID
|
|
RefreshCitrixObjectCaches()
|
|
{
|
|
RefreshUserSidCrcCache();
|
|
}
|
|
|
|
/*
|
|
* This is the cache maintained by the GetUserNameFromSid function
|
|
*
|
|
* It is thread safe through the use of ULock.
|
|
*/
|
|
|
|
typedef struct TAGUSERSIDLIST {
|
|
struct TAGUSERSIDLIST *Next;
|
|
USHORT SidCrc;
|
|
WCHAR UserName[MAX_USER_NAME_LENGTH];
|
|
} USERSIDLIST, *PUSERSIDLIST;
|
|
|
|
static PUSERSIDLIST pUList = NULL;
|
|
static RTL_CRITICAL_SECTION ULock;
|
|
static BOOLEAN ULockInited = FALSE;
|
|
|
|
/***************************************************************************
|
|
*
|
|
* InitULock
|
|
*
|
|
* Since we do not require the user to call an initialize function,
|
|
* we must initialize our critical section in a thread safe manner.
|
|
*
|
|
* The problem is, a critical section is needed to guard against multiple
|
|
* threads trying to init the critical section at the same time.
|
|
*
|
|
* The solution that Nt uses, in which RtlInitializeCriticalSection itself
|
|
* uses, is to wait on a kernel supported process wide Mutant before proceding.
|
|
* This Mutant almost works by itself, but RtlInitializeCriticalSection does
|
|
* not wait on it until after trashing the semaphore count. So we wait on
|
|
* it ourselves, since it can be acquired recursively.
|
|
*
|
|
***************************************************************************/
|
|
NTSTATUS InitULock()
|
|
{
|
|
NTSTATUS Status = STATUS_SUCCESS;
|
|
|
|
RtlEnterCriticalSection((PRTL_CRITICAL_SECTION)NtCurrentPeb()->LoaderLock);
|
|
|
|
|
|
/*
|
|
* Make sure another thread did not beat us here
|
|
*/
|
|
if( ULockInited == FALSE ){
|
|
Status = RtlInitializeCriticalSection( &ULock );
|
|
if (NT_SUCCESS(Status)) {
|
|
ULockInited = TRUE;
|
|
}
|
|
}
|
|
|
|
RtlLeaveCriticalSection((PRTL_CRITICAL_SECTION)NtCurrentPeb()->LoaderLock);
|
|
return Status;
|
|
}
|
|
|
|
|
|
/***************************************************************************
|
|
*
|
|
* RefreshUserSidCrcCache
|
|
*
|
|
* Invalidate the User/SidCrc cache so that the newest information
|
|
* will be fetched from the system.
|
|
*
|
|
***************************************************************************/
|
|
VOID
|
|
RefreshUserSidCrcCache( void )
|
|
{
|
|
PUSERSIDLIST pEntry, pNext;
|
|
NTSTATUS Status;
|
|
|
|
if( pUList == NULL ) return;
|
|
|
|
/*
|
|
* Make sure critical section has been inited
|
|
*/
|
|
if( !ULockInited ) {
|
|
Status = InitULock();
|
|
if (!NT_SUCCESS(Status)) {
|
|
return;
|
|
}
|
|
}
|
|
|
|
RtlEnterCriticalSection( &ULock );
|
|
|
|
pEntry = pUList;
|
|
|
|
while( pEntry ) {
|
|
pNext = pEntry->Next;
|
|
FREEMEM( RtlProcessHeap(), 0, pEntry );
|
|
pEntry = pNext;
|
|
}
|
|
|
|
pUList = NULL;
|
|
|
|
RtlLeaveCriticalSection( &ULock );
|
|
}
|
|
|
|
/******************************************************************************
|
|
*
|
|
* GetUserNameFromSid
|
|
*
|
|
* Attempts to retrieve the user (login) name of the process by first looking
|
|
* in our User/SidCrc cache table, then (if no match) looking up the SID in
|
|
* the SAM database and adding the new entry to the User/SidCrc table.
|
|
*
|
|
* Input
|
|
*
|
|
* IN pUserSid Sid pointer
|
|
*
|
|
* OUT ppName pointer to PWCHAR
|
|
*
|
|
* Will always return a user name, which will be "(unknown)" if the SID is
|
|
* invalid or can't determine the user/SID relationship for any other reason.
|
|
*
|
|
*****************************************************************************/
|
|
|
|
NTSTATUS
|
|
GetUserNameFromSid( PSID pUserSid, PWCHAR *ppName )
|
|
{
|
|
USHORT SidCrc = 0;
|
|
PUSERSIDLIST pEntry;
|
|
WCHAR pNameBuf[MAX_USER_NAME_LENGTH];
|
|
ULONG NameLength;
|
|
NTSTATUS Status;
|
|
|
|
/*
|
|
* Make sure critical section has been inited
|
|
*/
|
|
if( !ULockInited ) {
|
|
Status = InitULock();
|
|
if (!NT_SUCCESS(Status)) {
|
|
return Status;
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Determine SID length in bytes and calculate a 16-bit CRC for it,
|
|
* to facilitate quick matching.
|
|
*/
|
|
if ( pUserSid ) {
|
|
SidCrc = CalculateCrc16( (PBYTE)pUserSid,
|
|
(USHORT)GetLengthSid(pUserSid) );
|
|
}
|
|
else {
|
|
// A NULL SID has a CRC of 0
|
|
SidCrc = 0;
|
|
}
|
|
|
|
/*
|
|
* First: Before performing the expensive LookupAccountSid() function,
|
|
* see if we've encountered this SID already, and match the user name
|
|
* if so.
|
|
*/
|
|
if ( pUList ) {
|
|
|
|
RtlEnterCriticalSection( &ULock );
|
|
|
|
pEntry = pUList;
|
|
|
|
while( pEntry ) {
|
|
|
|
if ( SidCrc == pEntry->SidCrc ) {
|
|
|
|
// We got a hit, return the name
|
|
*ppName = pEntry->UserName;
|
|
|
|
RtlLeaveCriticalSection( &ULock );
|
|
return(STATUS_SUCCESS);
|
|
}
|
|
pEntry = pEntry->Next;
|
|
}
|
|
|
|
RtlLeaveCriticalSection( &ULock );
|
|
}
|
|
|
|
/*
|
|
* Last resort: Determine the user name associated with the SID using
|
|
* the LookupAccountSid() API, embedded in our local function
|
|
* LookupSidUser().
|
|
*/
|
|
NameLength = MAX_USER_NAME_LENGTH;
|
|
if( pUserSid ) {
|
|
LookupSidUser( pUserSid, pNameBuf, &NameLength );
|
|
}
|
|
else {
|
|
// NULL SID maps the the "Idle" user name string
|
|
wcscpy( pNameBuf, L"Idle" );
|
|
}
|
|
|
|
/*
|
|
* Add this new User/Sid relationship in our User/Sid cache list.
|
|
*/
|
|
RtlEnterCriticalSection( &ULock );
|
|
|
|
if ( (pEntry = (PUSERSIDLIST)ALLOCMEM(RtlProcessHeap(), 0, sizeof(USERSIDLIST))) ) {
|
|
|
|
pEntry->SidCrc = SidCrc;
|
|
wcsncpy( pEntry->UserName, pNameBuf, MAX_USER_NAME_LENGTH - 1 );
|
|
pEntry->UserName[MAX_USER_NAME_LENGTH-1] = 0;
|
|
pEntry->Next = pUList;
|
|
pUList = pEntry;
|
|
// Return the name
|
|
*ppName = pEntry->UserName;
|
|
}
|
|
|
|
RtlLeaveCriticalSection( &ULock );
|
|
|
|
return(STATUS_SUCCESS);
|
|
}
|
|
|
|
|
|
/******************************************************************************
|
|
* LookupSidUser
|
|
*
|
|
* Fetch the user name associated with the specified SID.
|
|
*
|
|
* ENTRY:
|
|
* pSid (input)
|
|
* Points to SID to match to user name.
|
|
* pUserName (output)
|
|
* Points to buffer to place the user name into.
|
|
* pcbUserName (input/output)
|
|
* Specifies the size in bytes of the user name buffer. The returned
|
|
* user name will be truncated to fit this buffer (including NUL
|
|
* terminator) if necessary and this variable set to the number of
|
|
* characters copied to pUserName.
|
|
*
|
|
* EXIT:
|
|
*
|
|
* LookupSidUser() will always return a user name. If the specified
|
|
* SID fails to match to a user name, then the user name "(unknown)" will
|
|
* be returned.
|
|
*
|
|
*****************************************************************************/
|
|
|
|
VOID
|
|
LookupSidUser( PSID pSid,
|
|
PWCHAR pUserName,
|
|
PULONG pcbUserName )
|
|
{
|
|
WCHAR DomainBuffer[MAX_DOMAIN_LENGTH], UserBuffer[MAX_USER_NAME_LENGTH];
|
|
DWORD cDomainBuffer = sizeof(DomainBuffer) / sizeof(WCHAR);
|
|
DWORD cUserBuffer = sizeof(UserBuffer) / sizeof(WCHAR);
|
|
DWORD Error;
|
|
PWCHAR pDomainBuffer = NULL, pUserBuffer = NULL;
|
|
SID_NAME_USE SidNameUse;
|
|
PWCHAR pUnknown = L"(Unknown)";
|
|
|
|
/*
|
|
* Fetch user name from SID: try user lookup with a reasonable Domain and
|
|
* Sid buffer size first, before resorting to alloc.
|
|
*/
|
|
if ( !LookupAccountSid( NULL, pSid,
|
|
UserBuffer, &cUserBuffer,
|
|
DomainBuffer, &cDomainBuffer, &SidNameUse ) ) {
|
|
|
|
if ( ((Error = GetLastError()) == ERROR_INSUFFICIENT_BUFFER) ) {
|
|
|
|
if ( cDomainBuffer > (sizeof(DomainBuffer) / sizeof(WCHAR)) ) {
|
|
|
|
if ( !(pDomainBuffer =
|
|
(PWCHAR)ALLOCMEM( RtlProcessHeap(), 0,
|
|
cDomainBuffer * sizeof(WCHAR))) ) {
|
|
|
|
Error = ERROR_NOT_ENOUGH_MEMORY;
|
|
goto BadDomainAlloc;
|
|
}
|
|
}
|
|
|
|
if ( cUserBuffer > (sizeof(UserBuffer) / sizeof(WCHAR)) ) {
|
|
|
|
if ( !(pUserBuffer =
|
|
(PWCHAR)ALLOCMEM( RtlProcessHeap(), 0,
|
|
cUserBuffer * sizeof(WCHAR))) ) {
|
|
|
|
Error = ERROR_NOT_ENOUGH_MEMORY;
|
|
goto BadUserAlloc;
|
|
}
|
|
}
|
|
|
|
if ( !LookupAccountSid( NULL, pSid,
|
|
pUserBuffer ?
|
|
pUserBuffer : UserBuffer,
|
|
&cUserBuffer,
|
|
pDomainBuffer ?
|
|
pDomainBuffer : DomainBuffer,
|
|
&cDomainBuffer,
|
|
&SidNameUse ) ) {
|
|
|
|
Error = GetLastError();
|
|
goto BadLookup;
|
|
}
|
|
|
|
} else {
|
|
|
|
goto BadLookup;
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Copy the user name into the specified buffer, truncating if necessary.
|
|
*/
|
|
wcsncpy( pUserName, pUserBuffer ? pUserBuffer : UserBuffer,
|
|
((*pcbUserName)-1) );
|
|
pUserName[((*pcbUserName)-1)] = 0;
|
|
*pcbUserName = wcslen(pUserName);
|
|
|
|
/*
|
|
* Free our allocs (if any) and return.
|
|
*/
|
|
if ( pDomainBuffer )
|
|
FREEMEM( RtlProcessHeap(), 0, pDomainBuffer);
|
|
if ( pUserBuffer )
|
|
FREEMEM( RtlProcessHeap(), 0, pUserBuffer);
|
|
return;
|
|
|
|
/*--------------------------------------
|
|
* Error clean-up and return...
|
|
*/
|
|
BadLookup:
|
|
BadUserAlloc:
|
|
BadDomainAlloc:
|
|
if ( pDomainBuffer )
|
|
FREEMEM( RtlProcessHeap(), 0, pDomainBuffer);
|
|
if ( pUserBuffer )
|
|
FREEMEM( RtlProcessHeap(), 0, pUserBuffer);
|
|
wcsncpy( pUserName, pUnknown, ((*pcbUserName)-1) );
|
|
pUserName[((*pcbUserName)-1)] = 0;
|
|
*pcbUserName = wcslen(pUserName);
|
|
return;
|
|
}
|
|
|
|
|
|
|