archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
3.8 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/net/rras/cm/common/source/dumpsecinfo.cpp

286 lines
9.5 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. //+----------------------------------------------------------------------------
  2. //
  3. // File: DumpSecInfo.cpp
  4. //
  5. // Module: as required
  6. //
  7. // Synopsis: Functions to help figure out Permissions issues. To fix "NULL DACL"
  8. // security issues, or try and figure out permissions bugs, this module
  9. // may be useful. Entry point is DumpAclInfo.
  10. //
  11. // Copyright (c) 1998-2001 Microsoft Corporation
  12. //
  13. // Author: SumitC Created 18-Dec-2000
  14. //
  15. //+----------------------------------------------------------------------------
  17. #include "winbase.h"
  18. #include "sddl.h"
  20. //
  21. // support for dynamically loading Advapi32 Security functions
  22. //
  24. HMODULE g_hAdvapi32 = NULL;
  26. typedef BOOL (WINAPI *pfnLookupAccountSid) (LPCWSTR, PSID, LPWSTR, LPDWORD, LPWSTR, LPDWORD, PSID_NAME_USE);
  27. typedef BOOL (WINAPI *pfnGetUserObjectSecurity) (HANDLE, PSECURITY_INFORMATION, PSECURITY_DESCRIPTOR, DWORD, LPDWORD);
  28. typedef BOOL (WINAPI *pfnConvertSidToStringSid) (PSID, LPWSTR*);
  29. typedef BOOL (WINAPI *pfnGetSecurityDescriptorOwner) (PSECURITY_DESCRIPTOR, PSID *, LPBOOL);
  30. typedef BOOL (WINAPI *pfnGetSecurityDescriptorSacl) (PSECURITY_DESCRIPTOR, LPBOOL, PACL *, LPBOOL);
  31. typedef BOOL (WINAPI *pfnGetSecurityDescriptorDacl) (PSECURITY_DESCRIPTOR, LPBOOL, PACL *, LPBOOL);
  32. typedef BOOL (WINAPI *pfnGetAce) (PACL, DWORD, LPVOID *);
  34. pfnLookupAccountSid g_pfnLookupAccountSid = NULL;
  35. pfnGetUserObjectSecurity g_pfnGetUserObjectSecurity = NULL;
  36. pfnConvertSidToStringSid g_pfnConvertSidToStringSid = NULL;
  37. pfnGetSecurityDescriptorOwner g_pfnGetSecurityDescriptorOwner = NULL;
  38. pfnGetSecurityDescriptorSacl g_pfnGetSecurityDescriptorSacl = NULL;
  39. pfnGetSecurityDescriptorDacl g_pfnGetSecurityDescriptorDacl = NULL;
  40. pfnGetAce g_pfnGetAce = NULL;
  42. //+----------------------------------------------------------------------------
  43. //
  44. // Function: GetSidType
  45. //
  46. // Synopsis: Returns the string corresponding to a given SID type
  47. //
  48. // Arguments: [i] -- index representing the SID
  49. //
  50. // Returns: LPTSTR - static string containing a displayable Sid type
  51. //
  52. // Notes:
  53. //
  54. //-----------------------------------------------------------------------------
  55. LPTSTR GetSidType(int i)
  56. {
  57. static LPTSTR szMap[] =
  58. {
  59. TEXT("User"),
  60. TEXT("Group"),
  61. TEXT("Domain"),
  62. TEXT("Alias"),
  63. TEXT("WellKnownGroup"),
  64. TEXT("DeletedAccount"),
  65. TEXT("Invalid"),
  66. TEXT("Unknown"),
  67. TEXT("Computer")
  68. };
  70. if (i >= 1 && i <= 9)
  71. {
  72. return szMap[i - 1];
  73. }
  74. else
  75. {
  76. return TEXT("");
  77. }
  79. }
  82. //+----------------------------------------------------------------------------
  83. //
  84. // Function: DumpSid
  85. //
  86. // Synopsis: returns information for a give SID
  87. //
  88. // Arguments: [psid] -- ptr to SecurityID
  89. // [pszBuffer] -- where to return SID string (caller must free)
  90. //
  91. // Returns: LPTSTR - ptr to pszBuffer if success, NULL if failure
  92. //
  93. // Notes:
  94. //
  95. //-----------------------------------------------------------------------------
  96. LPTSTR DumpSid(PSID psid, LPTSTR pszBuffer)
  97. {
  98. LPTSTR pszSID = NULL;
  99. TCHAR szName[MAX_PATH + 1];
  100. DWORD cbName = MAX_PATH;
  101. TCHAR szDomain[MAX_PATH + 1];
  102. DWORD cbDomain = MAX_PATH;
  103. SID_NAME_USE snu;
  104. BOOL fDone = FALSE;
  106. CMASSERTMSG(pszBuffer, TEXT("DumpSid - pszBuffer must be allocated by caller"));
  108. if (g_pfnConvertSidToStringSid(psid, &pszSID) &&
  109. g_pfnLookupAccountSid(NULL, psid, szName, &cbName, szDomain, &cbDomain, &snu))
  110. {
  111. wsprintf(pszBuffer, TEXT("%s\\%s %s %s"), szDomain, szName, GetSidType(snu), pszSID);
  112. // looks like NTDEV\sumitc User xxxx-xxx-xxx-xxx
  113. fDone = TRUE;
  114. }
  116. if (pszSID)
  117. {
  118. LocalFree(pszSID);
  119. }
  121. return fDone ? pszBuffer : NULL;
  122. }
  125. //+----------------------------------------------------------------------------
  126. //
  127. // Function: DumpAclInfo
  128. //
  129. // Synopsis: Dumps out all ACL info for a given object
  130. //
  131. // Arguments: [h] -- handle to object about which info is needed
  132. //
  133. // Returns: (void)
  134. //
  135. // Notes:
  136. //
  137. //-----------------------------------------------------------------------------
  138. void DumpAclInfo(HANDLE h)
  139. {
  140. if (!OS_NT)
  141. {
  142. CMTRACE(TEXT("DumpAclInfo will not work on 9x systems"));
  143. return;
  144. }
  146. TCHAR szBuf[MAX_PATH];
  147. SECURITY_INFORMATION si = 0;
  149. //
  150. // dynamically pick up the DLLs we need
  151. //
  152. g_hAdvapi32 = LoadLibrary(TEXT("ADVAPI32.DLL"));
  154. if (NULL == g_hAdvapi32)
  155. {
  156. CMTRACE(TEXT("DumpAclInfo: failed to load advapi32.dll"));
  157. return;
  158. }
  160. g_pfnLookupAccountSid = (pfnLookupAccountSid) GetProcAddress(g_hAdvapi32, "LookupAccountSidW");
  161. g_pfnGetUserObjectSecurity = (pfnGetUserObjectSecurity) GetProcAddress(g_hAdvapi32, "GetUserObjectSecurity");
  162. g_pfnConvertSidToStringSid = (pfnConvertSidToStringSid) GetProcAddress(g_hAdvapi32, "ConvertSidToStringSidW");
  163. g_pfnGetSecurityDescriptorOwner = (pfnGetSecurityDescriptorOwner) GetProcAddress(g_hAdvapi32, "GetSecurityDescriptorOwner");
  164. g_pfnGetSecurityDescriptorSacl = (pfnGetSecurityDescriptorSacl) GetProcAddress(g_hAdvapi32, "GetSecurityDescriptorSacl");
  165. g_pfnGetSecurityDescriptorDacl = (pfnGetSecurityDescriptorDacl) GetProcAddress(g_hAdvapi32, "GetSecurityDescriptorDacl");
  166. g_pfnGetAce = (pfnGetAce) GetProcAddress(g_hAdvapi32, "GetAce");
  168. if (!(g_pfnLookupAccountSid && g_pfnGetUserObjectSecurity &&
  169. g_pfnConvertSidToStringSid && g_pfnGetSecurityDescriptorOwner &&
  170. g_pfnGetSecurityDescriptorSacl && g_pfnGetSecurityDescriptorDacl &&
  171. g_pfnGetAce))
  172. {
  173. CMTRACE(TEXT("DumpAclInfo: failed to load required functions in advapi32.dll"));
  174. goto Cleanup;
  175. }
  177. //
  178. // dump information on the ACL
  179. //
  180. DWORD dw;
  182. si |= OWNER_SECURITY_INFORMATION;
  183. si |= DACL_SECURITY_INFORMATION;
  185. if (!g_pfnGetUserObjectSecurity(h, &si, NULL, 0, &dw) &&
  186. ERROR_INSUFFICIENT_BUFFER == GetLastError())
  187. {
  188. PSECURITY_DESCRIPTOR pSD = NULL;
  190. pSD = (PSECURITY_DESCRIPTOR) CmMalloc(dw);
  192. if (g_pfnGetUserObjectSecurity(h, &si, pSD, dw, &dw))
  193. {
  194. // get the owner
  195. PSID psidOwner;
  196. BOOL fDefaulted;
  198. if (g_pfnGetSecurityDescriptorOwner(pSD, &psidOwner, &fDefaulted))
  199. {
  200. CMTRACE1(TEXT("SIDINFO: Owner is: %s"), DumpSid(psidOwner, szBuf));
  201. }
  203. PACL pacl;
  204. BOOL fPresent;
  205. int i;
  207. g_pfnGetSecurityDescriptorSacl(pSD, &fPresent, &pacl, &fDefaulted);
  208. CMTRACE1(TEXT("sacl gle=%d"), GetLastError());
  209. if (fPresent)
  210. {
  211. CMTRACE(TEXT("SIDINFO: found a SACL"));
  212. // has a SACL
  213. void * pv;
  214. for (i = 0 ; i < 15; ++i)
  215. {
  216. if (g_pfnGetAce(pacl, i, &pv))
  217. {
  218. // try access allowed ace
  219. //
  220. ACCESS_ALLOWED_ACE * pACE = (ACCESS_ALLOWED_ACE *)pv;
  221. if (pACE->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
  222. {
  223. CMTRACE1(TEXT("SIDINFO: allowed is: %s"), DumpSid(&(pACE->SidStart), szBuf));
  224. }
  225. else
  226. {
  227. ACCESS_DENIED_ACE * pACE = (ACCESS_DENIED_ACE *)pv;
  228. if (pACE->Header.AceType == ACCESS_DENIED_ACE_TYPE)
  229. {
  230. CMTRACE1(TEXT("SIDINFO: denied is: %s"), DumpSid(&(pACE->SidStart), szBuf));
  231. }
  232. }
  233. }
  234. }
  235. }
  237. g_pfnGetSecurityDescriptorDacl(pSD, &fPresent, &pacl, &fDefaulted);
  238. CMTRACE1(TEXT("dacl gle=%d"), GetLastError());
  239. if (fPresent)
  240. {
  241. CMTRACE(TEXT("SIDINFO: found a DACL"));
  242. // has a DACL
  243. void * pv;
  244. for (i = 0 ; i < 15; ++i)
  245. {
  246. if (g_pfnGetAce(pacl, i, &pv))
  247. {
  248. // try access allowed ace
  249. //
  250. ACCESS_ALLOWED_ACE * pACE = (ACCESS_ALLOWED_ACE *)pv;
  251. if (pACE->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
  252. {
  253. CMTRACE1(TEXT("SIDINFO: allowed is: %s"), DumpSid(&(pACE->SidStart), szBuf));
  254. }
  255. else
  256. {
  257. ACCESS_DENIED_ACE * pACE = (ACCESS_DENIED_ACE *)pv;
  258. if (pACE->Header.AceType == ACCESS_DENIED_ACE_TYPE)
  259. {
  260. CMTRACE1(TEXT("SIDINFO: denied is: %s"), DumpSid(&(pACE->SidStart), szBuf));
  261. }
  262. }
  263. }
  264. }
  265. }
  266. }
  267. CmFree(pSD);
  268. }
  270. Cleanup:
  272. if (g_hAdvapi32)
  273. {
  274. FreeLibrary(g_hAdvapi32);
  275. g_hAdvapi32 = NULL;
  277. g_pfnLookupAccountSid = NULL;
  278. g_pfnGetUserObjectSecurity = NULL;
  279. g_pfnConvertSidToStringSid = NULL;
  280. g_pfnGetSecurityDescriptorOwner = NULL;
  281. g_pfnGetSecurityDescriptorSacl = NULL;
  282. g_pfnGetSecurityDescriptorDacl = NULL;
  283. g_pfnGetAce = NULL;
  284. }
  285. }