archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
4.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/wmi/wbem/winmgmt/msg/rpcrecv.cpp

428 lines
10 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (C) 1996-2001 Microsoft Corporation
  5. Module Name:
  7. Abstract:
  9. History:
  11. --*/
  14. #include "precomp.h"
  15. #include <assert.h>
  16. #include <wbemcli.h>
  17. #include <wbemutil.h>
  18. #include <arrtempl.h>
  19. #include "rpcrecv.h"
  20. #include "rpcmsg.h"
  21. #include "rpchdr.h"
  22. #include "rpcctx.h"
  24. extern HRESULT RpcResToWmiRes( RPC_STATUS stat, HRESULT hrDefault );
  26. IWmiMessageSendReceive* g_pRcv = NULL;
  27. PSECURITY_DESCRIPTOR g_pSD = NULL;
  29. RPC_STATUS RPC_ENTRY RpcAuthCallback( RPC_IF_HANDLE Interface, void *Context )
  30. {
  31. RPC_STATUS stat;
  33. _DBG_ASSERT( g_pSD != NULL );
  35. stat = RpcImpersonateClient( Context );
  37. if ( stat == RPC_S_OK )
  38. {
  39. HANDLE hToken;
  41. if( OpenThreadToken( GetCurrentThread(), TOKEN_QUERY, TRUE, &hToken ) )
  42. {
  43. GENERIC_MAPPING map;
  44. ZeroMemory( &map, sizeof(GENERIC_MAPPING) );
  45. PRIVILEGE_SET ps;
  46. DWORD dwPrivLength = sizeof(ps);
  47. BOOL bStatus;
  48. DWORD dwGranted;
  50. if ( ::AccessCheck( g_pSD,
  51. hToken,
  52. 1,
  53. &map,
  54. &ps,
  55. &dwPrivLength,
  56. &dwGranted,
  57. &bStatus ) )
  58. {
  59. stat = bStatus ? RPC_S_OK : RPC_S_ACCESS_DENIED;
  60. }
  61. else
  62. {
  63. stat = RPC_S_ACCESS_DENIED;
  64. }
  66. CloseHandle( hToken );
  67. }
  68. else
  69. {
  70. stat = RPC_S_ACCESS_DENIED;
  71. }
  73. RpcRevertToSelf();
  74. }
  76. return stat;
  77. }
  79. long RcvrSendReceive( RPC_BINDING_HANDLE hClient,
  80. PBYTE pData,
  81. ULONG cData,
  82. PBYTE pAuxData,
  83. ULONG cAuxData )
  84. {
  85. HRESULT hr;
  87. ENTER_API_CALL
  89. CBuffer HdrStrm( pAuxData, cAuxData, FALSE );
  91. CMsgRpcHdr Hdr;
  93. hr = Hdr.Unpersist( HdrStrm );
  95. if ( FAILED(hr) )
  96. {
  97. return hr;
  98. }
  100. PBYTE pUserAuxData = HdrStrm.GetRawData() + HdrStrm.GetIndex();
  102. CMsgRpcRcvrCtx Ctx( &Hdr, hClient );
  104. hr = g_pRcv->SendReceive( pData,
  105. cData,
  106. pUserAuxData,
  107. Hdr.GetAuxDataLength(),
  108. 0,
  109. &Ctx );
  110. EXIT_API_CALL
  112. return hr;
  113. }
  115. HRESULT CreateAuthOnlySecurityDescriptor( PSECURITY_DESCRIPTOR* ppSD )
  116. {
  117. HRESULT hr;
  119. //
  120. // obtain the sid from the process token to use for owner and
  121. // group fields of SD.
  122. //
  124. HANDLE hProcessToken;
  126. if ( !OpenProcessToken( GetCurrentProcess(), TOKEN_QUERY, &hProcessToken ))
  127. {
  128. return HRESULT_FROM_WIN32( GetLastError() );
  129. }
  131. CCloseMe cm( hProcessToken );
  133. DWORD dwSize;
  134. GetTokenInformation( hProcessToken, TokenOwner, NULL, 0, &dwSize );
  136. if ( GetLastError() != ERROR_MORE_DATA &&
  137. GetLastError() != ERROR_INSUFFICIENT_BUFFER )
  138. {
  139. return HRESULT_FROM_WIN32( GetLastError() );
  140. }
  142. TOKEN_OWNER* pOwner = (TOKEN_OWNER*) new BYTE[dwSize];
  144. if ( pOwner == NULL )
  145. {
  146. return WBEM_E_OUT_OF_MEMORY;
  147. }
  149. CVectorDeleteMe<BYTE> vdm( (BYTE*)pOwner );
  151. if ( !GetTokenInformation( hProcessToken,
  152. TokenOwner,
  153. (BYTE*)pOwner,
  154. dwSize,
  155. &dwSize ) )
  156. {
  157. return HRESULT_FROM_WIN32( GetLastError() );
  158. }
  160. //
  161. // create a DACL that allows only authenticated users access.
  162. //
  164. SID AuthenticatedUsers;
  165. SID_IDENTIFIER_AUTHORITY idAuth = SECURITY_NT_AUTHORITY;
  166. InitializeSid( &AuthenticatedUsers, &idAuth, 1 );
  167. PDWORD pdwSubAuth = GetSidSubAuthority( &AuthenticatedUsers, 0 );
  168. *pdwSubAuth = SECURITY_AUTHENTICATED_USER_RID;
  169. _DBG_ASSERT( IsValidSid( &AuthenticatedUsers ) );
  171. dwSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) - 4 +
  172. GetLengthSid(&AuthenticatedUsers);
  174. PACL pAuthOnlyAcl = (PACL) new BYTE[dwSize];
  176. if ( pAuthOnlyAcl == NULL )
  177. {
  178. return WBEM_E_OUT_OF_MEMORY;
  179. }
  181. CVectorDeleteMe<BYTE> vdm2( (BYTE*)pAuthOnlyAcl );
  183. InitializeAcl( pAuthOnlyAcl, dwSize, ACL_REVISION );
  184. AddAccessAllowedAce( pAuthOnlyAcl, ACL_REVISION, 1, &AuthenticatedUsers );
  186. //
  187. // create and initialize SD
  188. //
  190. SECURITY_DESCRIPTOR AuthOnlySD;
  191. InitializeSecurityDescriptor( &AuthOnlySD, SECURITY_DESCRIPTOR_REVISION );
  193. SetSecurityDescriptorOwner( &AuthOnlySD, pOwner->Owner, TRUE );
  194. SetSecurityDescriptorGroup( &AuthOnlySD, pOwner->Owner, TRUE );
  195. SetSecurityDescriptorDacl( &AuthOnlySD, TRUE, pAuthOnlyAcl, FALSE );
  197. dwSize = 0;
  198. MakeSelfRelativeSD( &AuthOnlySD, NULL, &dwSize );
  200. if ( GetLastError() != ERROR_MORE_DATA &&
  201. GetLastError() != ERROR_INSUFFICIENT_BUFFER )
  202. {
  203. return HRESULT_FROM_WIN32( GetLastError() );
  204. }
  206. *ppSD = new BYTE[dwSize];
  208. if ( *ppSD == NULL )
  209. {
  210. return WBEM_E_OUT_OF_MEMORY;
  211. }
  213. if ( !MakeSelfRelativeSD( &AuthOnlySD, *ppSD, &dwSize ) )
  214. {
  215. delete [] *ppSD;
  216. *ppSD = NULL;
  217. return HRESULT_FROM_WIN32( GetLastError() );
  218. }
  220. return WBEM_S_NO_ERROR;
  221. }
  223. //
  224. // for now only one rpc receiver can be registered for the process. later
  225. // make the global state be the instance state for CMsgRpcReceiver.
  226. //
  228. STDMETHODIMP CMsgRpcReceiver::Open( LPCWSTR wszBinding,
  229. DWORD dwFlags,
  230. WMIMSG_RCVR_AUTH_INFOP pAuthInfo,
  231. IWmiMessageSendReceive* pRcv )
  232. {
  233. HRESULT hr;
  234. RPC_STATUS stat;
  236. hr = Close();
  238. if ( FAILED(hr) )
  239. {
  240. return hr;
  241. }
  243. //
  244. // first parse the binding string.
  245. //
  247. LPWSTR wszProtSeq, wszEndpoint;
  249. stat = RpcStringBindingParse( (LPWSTR)wszBinding,
  250. NULL,
  251. &wszProtSeq,
  252. NULL,
  253. &wszEndpoint,
  254. NULL );
  255. if ( stat != RPC_S_OK )
  256. {
  257. return RpcResToWmiRes( stat, S_OK );
  258. }
  260. //
  261. // init the protocol sequence
  262. //
  264. if ( *wszEndpoint == '\0' )
  265. {
  266. stat = RpcServerUseProtseq( wszProtSeq,
  267. RPC_C_PROTSEQ_MAX_REQS_DEFAULT,
  268. NULL );
  269. if ( stat == RPC_S_OK )
  270. {
  271. RPC_BINDING_VECTOR* pBindingVector;
  273. stat = RpcServerInqBindings( &pBindingVector );
  275. if ( stat == RPC_S_OK )
  276. {
  277. stat = RpcEpRegisterNoReplace(
  278. RcvrIWmiMessageRemoteSendReceive_v1_0_s_ifspec,
  279. pBindingVector,
  280. NULL,
  281. NULL );
  283. RpcBindingVectorFree( &pBindingVector );
  284. }
  285. }
  286. }
  287. else
  288. {
  289. stat = RpcServerUseProtseqEp( wszProtSeq,
  290. RPC_C_PROTSEQ_MAX_REQS_DEFAULT,
  291. wszEndpoint,
  292. NULL );
  293. }
  295. RpcStringFree( &wszProtSeq );
  296. RpcStringFree( &wszEndpoint );
  298. if ( stat != RPC_S_OK )
  299. {
  300. return RpcResToWmiRes( stat, S_OK );
  301. }
  303. //
  304. // enable negotiate authentication service ( negotiates between NTLM
  305. // and kerberos )
  306. //
  308. if ( pAuthInfo != NULL )
  309. {
  310. for( int i=0; i < pAuthInfo->cwszPrincipal; i++ )
  311. {
  312. stat = RpcServerRegisterAuthInfo(
  313. (LPWSTR)pAuthInfo->awszPrincipal[i],
  314. RPC_C_AUTHN_GSS_NEGOTIATE,
  315. NULL,
  316. NULL );
  317. if ( stat != RPC_S_OK )
  318. {
  319. return RpcResToWmiRes( stat, S_OK );
  320. }
  321. }
  322. }
  323. else
  324. {
  325. LPWSTR wszPrincipal;
  327. stat = RpcServerInqDefaultPrincName( RPC_C_AUTHN_GSS_NEGOTIATE,
  328. &wszPrincipal );
  329. if ( stat != RPC_S_OK )
  330. {
  331. return RpcResToWmiRes( stat, S_OK );
  332. }
  334. stat = RpcServerRegisterAuthInfo( wszPrincipal,
  335. RPC_C_AUTHN_GSS_NEGOTIATE,
  336. NULL,
  337. NULL );
  338. RpcStringFree( &wszPrincipal );
  340. if ( stat != RPC_S_OK )
  341. {
  342. return RpcResToWmiRes( stat, S_OK );
  343. }
  344. }
  346. RPC_IF_CALLBACK_FN* pAuthCallback = NULL;
  348. if ( dwFlags & WMIMSG_FLAG_RCVR_SECURE_ONLY )
  349. {
  350. PSECURITY_DESCRIPTOR pAuthOnlySD;
  352. hr = CreateAuthOnlySecurityDescriptor( &pAuthOnlySD );
  354. if ( FAILED(hr) )
  355. {
  356. return hr;
  357. }
  359. _DBG_ASSERT( g_pSD == NULL );
  360. g_pSD = pAuthOnlySD;
  362. pAuthCallback = RpcAuthCallback;
  363. }
  365. //
  366. // register the interface
  367. //
  369. DWORD dwRpcFlags = RPC_IF_AUTOLISTEN;
  371. stat = RpcServerRegisterIfEx(
  372. RcvrIWmiMessageRemoteSendReceive_v1_0_s_ifspec,
  373. NULL,
  374. NULL,
  375. dwRpcFlags,
  376. RPC_C_LISTEN_MAX_CALLS_DEFAULT,
  377. pAuthCallback );
  379. if ( stat != RPC_S_OK )
  380. {
  381. return RpcResToWmiRes( stat, S_OK );
  382. }
  384. _DBG_ASSERT( g_pRcv == NULL );
  386. pRcv->AddRef();
  387. g_pRcv = pRcv;
  389. return WBEM_S_NO_ERROR;
  390. }
  392. STDMETHODIMP CMsgRpcReceiver::Close()
  393. {
  394. RPC_STATUS stat;
  396. stat = RpcServerUnregisterIf(
  397. RcvrIWmiMessageRemoteSendReceive_v1_0_s_ifspec,
  398. NULL,
  399. 0 );
  401. RPC_BINDING_VECTOR* pBindingVector;
  402. stat = RpcServerInqBindings( &pBindingVector );
  404. if ( stat == RPC_S_OK )
  405. {
  406. stat = RpcEpUnregister(
  407. RcvrIWmiMessageRemoteSendReceive_v1_0_s_ifspec,
  408. pBindingVector,
  409. NULL );
  411. RpcBindingVectorFree( &pBindingVector );
  412. }
  414. if ( g_pRcv != NULL )
  415. {
  416. g_pRcv->Release();
  417. g_pRcv = NULL;
  418. }
  420. if ( g_pSD != NULL )
  421. {
  422. delete [] g_pSD;
  423. g_pSD = NULL;
  424. }
  426. return WBEM_S_NO_ERROR;
  427. }