archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/inetsrv/iis/admin/snapin/setperm.cpp

299 lines
7.5 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1994-1999 Microsoft Corporation
  5. Module Name :
  6. setperm.cpp
  8. Abstract:
  9. IIS Security Wizard helper file
  11. Author:
  12. Sergei Antonov (sergeia)
  14. Project:
  15. Internet Services Manager
  17. Revision History:
  18. 7/12/99 created
  19. --*/
  21. //
  22. // Include Files
  23. //
  24. #include "stdafx.h"
  25. #include "common.h"
  26. #include "inetprop.h"
  27. #include "resource.h"
  28. #include "pwiz.h"
  29. #include <aclapi.h>
  30. //#include <ntseapi.h>
  31. #include <shlwapi.h>
  33. static HRESULT
  34. SetSecurityDeep(
  35. LPTSTR *ppszBuffer,
  36. UINT * pcchBuffer,
  37. DWORD dwAttributes,
  38. SECURITY_INFORMATION si,
  39. PACL pDacl,
  40. PACL pSacl
  41. );
  43. static BOOL
  44. PathIsDotOrDotDot(LPCTSTR pszPath)
  45. {
  46. if (TEXT('.') == *pszPath++)
  47. {
  48. if (TEXT('\0') == *pszPath || (TEXT('.') == *pszPath && TEXT('\0') == *(pszPath + 1)))
  49. return TRUE;
  50. }
  51. return FALSE;
  52. }
  54. HRESULT
  55. CPWSummary::SetPermToChildren(
  56. IN CString& FileName,
  57. IN SECURITY_INFORMATION si,
  58. IN PACL pDacl,
  59. IN PACL pSacl
  60. )
  61. {
  62. HRESULT hr = S_OK;
  63. LPTSTR pszBuffer = NULL;
  64. UINT cchBuffer = 0, cchFolder;
  65. HANDLE hFind;
  66. WIN32_FIND_DATA fd;
  68. pszBuffer = (LPTSTR)LocalAlloc(LMEM_FIXED, 2 * MAX_PATH * sizeof(TCHAR));
  69. if (pszBuffer == NULL)
  70. return E_OUTOFMEMORY;
  71. cchBuffer = (UINT)LocalSize(pszBuffer) / sizeof(TCHAR);
  72. lstrcpy(pszBuffer, FileName);
  73. cchFolder = lstrlen(pszBuffer);
  74. // Append a backslash if it's not there already
  75. if (pszBuffer[cchFolder-1] != TEXT('\\'))
  76. {
  77. pszBuffer[cchFolder] = TEXT('\\');
  78. cchFolder++;
  79. }
  81. // Append the '*' wildcard
  82. pszBuffer[cchFolder] = TEXT('*');
  83. pszBuffer[cchFolder+1] = TEXT('\0');
  85. if (INVALID_HANDLE_VALUE != (hFind = FindFirstFile(pszBuffer, &fd)))
  86. {
  87. do
  88. {
  89. if (PathIsDotOrDotDot(fd.cFileName))
  90. continue;
  91. //
  92. // Build full path name and recurse
  93. //
  94. lstrcpyn(pszBuffer + cchFolder, fd.cFileName, cchBuffer - cchFolder);
  95. if (fd.dwFileAttributes == FILE_ATTRIBUTE_DIRECTORY)
  96. {
  97. hr = SetSecurityDeep(&pszBuffer,
  98. &cchBuffer,
  99. fd.dwFileAttributes,
  100. si,
  101. pDacl,
  102. pSacl);
  103. }
  104. else
  105. {
  106. hr = HRESULT_FROM_WIN32(SetNamedSecurityInfo(
  107. pszBuffer,
  108. SE_FILE_OBJECT,
  109. si,
  110. NULL,
  111. NULL,
  112. pDacl,
  113. pSacl));
  114. }
  115. }
  116. while (S_OK == hr && FindNextFile(hFind, &fd));
  117. FindClose(hFind);
  118. }
  119. if (pszBuffer != NULL)
  120. LocalFree(pszBuffer);
  121. return hr;
  122. }
  124. static HRESULT
  125. SetSecurityDeep(
  126. LPTSTR *ppszBuffer,
  127. UINT * pcchBuffer,
  128. DWORD dwAttributes,
  129. SECURITY_INFORMATION si,
  130. PACL pDacl,
  131. PACL pSacl
  132. )
  133. {
  134. HRESULT hr = S_OK;
  135. DWORD dwErr = NOERROR;
  136. LPTSTR pszBuffer;
  137. BOOL bWriteDone = FALSE;
  139. pszBuffer = *ppszBuffer;
  140. //
  141. // Recursively apply the new SD to subfolders
  142. //
  143. if (dwAttributes & FILE_ATTRIBUTE_DIRECTORY)
  144. {
  145. HANDLE hFind;
  146. WIN32_FIND_DATA fd;
  147. UINT cchFolder;
  148. UINT cchSizeRequired;
  150. cchFolder = lstrlen(pszBuffer);
  152. //
  153. // If the buffer is getting tight, realloc
  154. //
  155. cchSizeRequired = cchFolder + 1 + sizeof(fd.cFileName) / sizeof(TCHAR); // 1 for backslash
  156. if (cchSizeRequired > *pcchBuffer)
  157. {
  158. cchSizeRequired += MAX_PATH; // so we don't realloc as often
  159. pszBuffer = (LPTSTR)LocalReAlloc(*ppszBuffer, cchSizeRequired * sizeof(TCHAR), LMEM_MOVEABLE);
  160. if (pszBuffer)
  161. {
  162. *ppszBuffer = pszBuffer;
  163. *pcchBuffer = cchSizeRequired;
  164. }
  165. else
  166. {
  167. // fd.cFileName typically has some empty space, so we
  168. // may be able to continue
  169. pszBuffer = *ppszBuffer;
  170. if (*pcchBuffer < cchFolder + 3) // backslash, '*', and NULL
  171. return E_OUTOFMEMORY;
  172. }
  173. }
  175. // Append a backslash if it's not there already
  176. if (pszBuffer[cchFolder-1] != TEXT('\\'))
  177. {
  178. pszBuffer[cchFolder] = TEXT('\\');
  179. cchFolder++;
  180. }
  182. // Append the '*' wildcard
  183. pszBuffer[cchFolder] = TEXT('*');
  184. pszBuffer[cchFolder+1] = TEXT('\0');
  186. //
  187. // Enumerate the folder contents
  188. //
  189. hFind = FindFirstFile(pszBuffer, &fd);
  191. if (INVALID_HANDLE_VALUE == hFind)
  192. {
  193. dwErr = GetLastError();
  195. if (ERROR_ACCESS_DENIED == dwErr)
  196. {
  197. // Remove the '*' wildcard
  198. pszBuffer[cchFolder-1] = TEXT('\0');
  200. if (si & DACL_SECURITY_INFORMATION)
  201. {
  202. //
  203. // The user may be granting themselves access, so call
  204. // WriteObjectSecurity and retry FindFirstFile.
  205. //
  206. // Don't blindly call WriteObjectSecurity before FindFirstFile
  207. // since it's possible the user has access now but is removing
  208. // their own access.
  209. //
  210. bWriteDone = TRUE;
  211. hr = HRESULT_FROM_WIN32(SetNamedSecurityInfo(
  212. pszBuffer,
  213. SE_FILE_OBJECT,
  214. si,
  215. NULL,
  216. NULL,
  217. pDacl,
  218. pSacl));
  219. if (SUCCEEDED(hr))
  220. {
  221. // Retry FindFirstFile
  222. pszBuffer[cchFolder-1] = TEXT('\\');
  223. hFind = FindFirstFile(pszBuffer, &fd);
  224. }
  225. }
  226. }
  227. }
  229. if (hFind != INVALID_HANDLE_VALUE)
  230. {
  231. do
  232. {
  233. if (PathIsDotOrDotDot(fd.cFileName))
  234. continue;
  236. //
  237. // Build full path name and recurse
  238. //
  239. lstrcpyn(pszBuffer + cchFolder, fd.cFileName, *pcchBuffer - cchFolder);
  240. hr = SetSecurityDeep(ppszBuffer,
  241. pcchBuffer,
  242. fd.dwFileAttributes,
  243. si,
  244. pDacl,
  245. pSacl);
  247. // In case the buffer was reallocated
  248. pszBuffer = *ppszBuffer;
  249. }
  250. while (S_OK == hr && FindNextFile(hFind, &fd));
  252. FindClose(hFind);
  253. }
  254. else if (NOERROR != dwErr)
  255. {
  256. hr = S_FALSE; // abort
  257. }
  259. // Truncate the path back to the original length (sans backslash)
  260. pszBuffer[cchFolder-1] = TEXT('\0');
  261. }
  263. //
  264. // Finally, write out the new security descriptor
  265. //
  266. if (!bWriteDone)
  267. {
  268. hr = HRESULT_FROM_WIN32(SetNamedSecurityInfo(
  269. pszBuffer,
  270. SE_FILE_OBJECT,
  271. si,
  272. NULL,
  273. NULL,
  274. pDacl,
  275. pSacl));
  276. }
  277. if (SUCCEEDED(hr))
  278. {
  279. //
  280. // Notify the shell if we change permissions on a folder (48220)
  281. //
  282. if ( (dwAttributes & FILE_ATTRIBUTE_DIRECTORY)
  283. && (si & DACL_SECURITY_INFORMATION)
  284. )
  285. {
  286. SHChangeNotify(
  287. SHCNE_UPDATEDIR,
  288. SHCNF_PATH | SHCNF_FLUSH | SHCNF_FLUSHNOWAIT,
  289. pszBuffer,
  290. NULL);
  291. }
  292. }
  293. else
  294. {
  295. hr = S_FALSE; // abort
  296. }
  297. return hr;
  298. }