archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
3.8 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/termsrv/setup/dll/secupgrd.h

503 lines
10 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. #include <tchar.h>
  2. #include <list>
  3. #include <Sddl.h>
  4. #include <aclapi.h>
  6. using namespace std;
  9. class CDefaultSD;
  10. class CNameAndSD;
  12. typedef list<CNameAndSD> CNameAndSDList;
  14. class TSState;
  16. //from privs.cpp
  17. DWORD GrantRemotePrivilegeToEveryone( IN BOOL addPrivilage ); // add or remove
  18. //from securd.cpp
  19. DWORD SetupWorker(IN const TSState &State);
  20. //from users.cpp
  21. DWORD CopyUsersGroupToRDUsersGroup();
  22. DWORD RemoveAllFromRDUsersGroup();
  23. DWORD CopyUsersGroupToRDUsersGroup();
  25. //
  26. DWORD
  27. GetDacl(
  28. IN PSECURITY_DESCRIPTOR pSD,
  29. OUT PACL *ppDacl);
  31. DWORD
  32. GetSacl(
  33. IN PSECURITY_DESCRIPTOR pSD,
  34. OUT PACL *ppSacl);
  36. DWORD
  37. EnumWinStationSecurityDescriptors(
  38. IN HKEY hKeyParent,
  39. OUT CNameAndSDList *pNameSDList);
  41. DWORD
  42. GetWinStationSecurity(
  43. IN HKEY hKeyParent,
  44. IN PWINSTATIONNAME pWSName,
  45. IN LPCTSTR szValueName,
  46. OUT PSECURITY_DESCRIPTOR *ppSecurityDescriptor );
  48. DWORD
  49. SetWinStationSecurity(
  50. IN HKEY hKeyParent,
  51. IN PWINSTATIONNAME pWSName,
  52. IN PSECURITY_DESCRIPTOR pSecurityDescriptor );
  54. DWORD
  55. AddRemoteUsersToWinstationSD(
  56. IN HKEY hKeyParent,
  57. IN CNameAndSD *pNameSD);
  59. DWORD
  60. AddLocalAndNetworkServiceToWinstationSD(
  61. IN HKEY hKeyParent,
  62. IN CNameAndSD *pNameSD);
  64. DWORD
  65. AddUserToDacl(
  66. IN HKEY hKeyParent,
  67. IN PACL pOldACL,
  68. IN PSID pSid,
  69. IN DWORD dwAccessMask,
  70. IN CNameAndSD *pNameSD);
  72. DWORD
  73. RemoveWinstationSecurity(
  74. IN HKEY hKeyParent,
  75. IN PWINSTATIONNAME pWSName);
  77. DWORD
  78. SetNewDefaultSecurity(
  79. IN HKEY hKey);
  81. DWORD
  82. SetNewConsoleSecurity(
  83. IN HKEY hKeyParent,
  84. IN BOOL bServer);
  86. DWORD
  87. SetupWorkerNotStandAlone(
  88. IN BOOL bClean,
  89. IN BOOL bServer,
  90. IN BOOL bAppServer );
  92. DWORD
  93. GrantRemoteUsersAccessToWinstations(
  94. IN HKEY hKey,
  95. IN BOOL bServer,
  96. IN BOOL bAppServer);
  98. BOOL
  99. LookupSid(
  100. IN PSID pSid,
  101. OUT LPWSTR *ppName,
  102. OUT SID_NAME_USE *peUse);
  104. BOOL
  105. IsLocal(
  106. IN LPWSTR wszLocalCompName,
  107. IN OUT LPWSTR wszDomainandname);
  109. DWORD
  110. GetAbsoluteSD(
  111. IN PSECURITY_DESCRIPTOR pSelfRelativeSD,
  112. OUT PSECURITY_DESCRIPTOR *ppAbsoluteSD,
  113. OUT PACL *ppDacl,
  114. OUT PACL *ppSacl,
  115. OUT PSID *ppOwner,
  116. OUT PSID *ppPrimaryGroup);
  118. DWORD
  119. GetSelfRelativeSD(
  120. PSECURITY_DESCRIPTOR pAbsoluteSD,
  121. PSECURITY_DESCRIPTOR *ppSelfRelativeSD);
  123. enum DefaultSDType {
  124. DefaultRDPSD = 0,
  125. DefaultConsoleSD
  126. };
  129. /*++ class CDefaultSD
  131. Class Description:
  133. Represents the the default security descriptor
  134. in binary (self relative) form
  136. Revision History:
  138. 06-June-2000 a-skuzin Created
  139. --*/
  140. class CDefaultSD
  141. {
  142. private:
  143. PSECURITY_DESCRIPTOR m_pSD;
  144. DWORD m_dwSDSize;
  145. public:
  147. CDefaultSD() : m_pSD(NULL), m_dwSDSize(0)
  148. {
  149. }
  151. ~CDefaultSD()
  152. {
  153. if(m_pSD)
  154. {
  155. LocalFree(m_pSD);
  156. }
  157. }
  159. //read default SD from the registry
  160. DWORD Init(HKEY hKey, DefaultSDType Type)
  161. {
  162. DWORD err;
  164. if(Type == DefaultConsoleSD)
  165. {
  166. err = GetWinStationSecurity(hKey,NULL,_T("ConsoleSecurity"),&m_pSD);
  168. if(err == ERROR_FILE_NOT_FOUND)
  169. {
  170. //No "ConsoleSecurity" value means that
  171. //"DefaultSecurity" value is used as a
  172. //default SD for the console.
  173. err = GetWinStationSecurity(hKey,NULL,_T("DefaultSecurity"),&m_pSD);
  174. }
  175. }
  176. else
  177. {
  178. err = GetWinStationSecurity(hKey,NULL,_T("DefaultSecurity"),&m_pSD);
  179. }
  181. if(err == ERROR_SUCCESS)
  182. {
  183. m_dwSDSize = GetSecurityDescriptorLength(m_pSD);
  184. }
  186. return err;
  187. }
  189. // Must be a self-relative type of security descr, since after all, it is comming from
  190. // the registry
  191. BOOL IsEqual(const PSECURITY_DESCRIPTOR pSD) const
  192. {
  193. return ((m_dwSDSize == GetSecurityDescriptorLength(pSD)) &&
  194. !memcmp(pSD,m_pSD,m_dwSDSize));
  195. }
  197. // Must be a self-relative type of security descr, since after all, it is comming from
  198. // the registry
  199. DWORD CopySD(PSECURITY_DESCRIPTOR *ppSD) const
  200. {
  201. *ppSD = ( PSECURITY_DESCRIPTOR )LocalAlloc( LMEM_FIXED , m_dwSDSize );
  203. if( *ppSD )
  204. {
  205. memcpy(*ppSD,m_pSD,m_dwSDSize);
  206. return ERROR_SUCCESS;
  207. }
  208. else
  209. {
  210. return ERROR_NOT_ENOUGH_MEMORY;
  211. }
  212. }
  214. DWORD DoesDefaultSDHaveRemoteUsers(OUT LPBOOL pbHas);
  215. };
  217. /*++ class CNameAndSD
  219. Class Description:
  221. Represents the the name of a winstation along with its
  222. security descriptor
  224. Revision History:
  226. 30-March-2000 a-skuzin Created
  227. --*/
  228. class CNameAndSD
  229. {
  230. public:
  231. PWINSTATIONNAME m_pName;
  232. PSECURITY_DESCRIPTOR m_pSD;
  234. CNameAndSD() :
  235. m_pName(NULL), m_pSD(NULL)
  236. {
  237. }
  239. CNameAndSD(LPCTSTR szName) :
  240. m_pName(NULL), m_pSD(NULL)
  241. {
  242. if(szName)
  243. {
  244. m_pName = (PWINSTATIONNAME)LocalAlloc(LPTR,(_tcslen(szName)+1)*sizeof(TCHAR));
  245. if(m_pName)
  246. {
  247. _tcscpy(m_pName,szName);
  248. }
  249. }
  250. }
  252. CNameAndSD(const CNameAndSD &ns) :
  253. m_pName(NULL), m_pSD(NULL)
  254. {
  255. *this=ns;
  256. }
  258. ~CNameAndSD()
  259. {
  260. if(m_pSD)
  261. {
  262. LocalFree(m_pSD);
  263. }
  264. if(m_pName)
  265. {
  266. LocalFree(m_pName);
  267. }
  268. }
  270. void operator=(const CNameAndSD &ns)
  271. {
  272. if(m_pSD)
  273. {
  274. LocalFree(m_pSD);
  275. m_pSD = NULL;
  276. }
  277. if(m_pName)
  278. {
  279. LocalFree(m_pName);
  280. m_pName = NULL;
  281. }
  283. if(ns.m_pName)
  284. {
  285. m_pName = (PWINSTATIONNAME)LocalAlloc(LPTR,(_tcslen(ns.m_pName)+1)*sizeof(TCHAR));
  286. if(m_pName)
  287. {
  288. _tcscpy(m_pName,ns.m_pName);
  289. }
  290. }
  292. if(ns.m_pSD)
  293. {
  294. DWORD dwSize = GetSecurityDescriptorLength(ns.m_pSD);
  296. m_pSD = (PWINSTATIONNAME)LocalAlloc(LPTR,GetSecurityDescriptorLength(ns.m_pSD));
  297. if(m_pSD)
  298. {
  299. memcpy(m_pSD,ns.m_pSD,dwSize);
  300. }
  301. }
  303. }
  305. BOOL IsDefaultOrEmpty(const CDefaultSD *pds, //Default RDP SD
  306. const CDefaultSD *pcs) const //Default console SD
  307. {
  308. if(!m_pSD)
  309. {
  310. return TRUE;
  311. }
  312. else
  313. {
  314. if(IsConsole())
  315. {
  316. ASSERT(pcs);
  317. return pcs->IsEqual(m_pSD);
  318. }
  319. else
  320. {
  321. ASSERT(pds);
  322. return pds->IsEqual(m_pSD);
  323. }
  324. }
  325. }
  327. // Inilialize the security descriptor of this object to be the one being passed into it.
  328. DWORD SetDefault(const CDefaultSD &ds)
  329. {
  330. if (m_pSD)
  331. {
  332. LocalFree(m_pSD);
  333. m_pSD = NULL;
  334. }
  335. return ds.CopySD(&m_pSD);
  336. }
  338. BOOL IsConsole() const
  339. {
  340. if(m_pName && !(_tcsicmp(m_pName,_T("Console"))))
  341. {
  342. return TRUE;
  343. }
  345. return FALSE;
  346. }
  348. void SetSD(PSECURITY_DESCRIPTOR pSD)
  349. {
  350. if (m_pSD)
  351. {
  352. LocalFree(m_pSD);
  353. m_pSD = NULL;
  354. }
  355. m_pSD = pSD;
  356. }
  357. };
  359. /*++ class CNameSID
  361. Class Description:
  363. Represents the the name of a user or a group
  364. along with it's SID
  366. Revision History:
  368. 09-March-2001 skuzin Created
  369. --*/
  370. class CNameSID
  371. {
  372. private:
  373. LPWSTR m_wszName;
  374. PSID m_pSID;
  375. LPWSTR m_wszSID;
  376. public:
  378. CNameSID() :
  379. m_pSID(NULL), m_wszName(NULL), m_wszSID(NULL)
  380. {
  381. }
  383. CNameSID(LPCWSTR wszName, PSID pSID) :
  384. m_pSID(NULL), m_wszName(NULL), m_wszSID(NULL)
  385. {
  386. if(wszName)
  387. {
  388. m_wszName = (LPWSTR)LocalAlloc(LPTR,(wcslen(wszName)+1)*sizeof(WCHAR));
  389. if(m_wszName)
  390. {
  391. wcscpy(m_wszName,wszName);
  392. }
  393. }
  395. if(pSID)
  396. {
  397. DWORD dwSidLength = GetLengthSid(pSID);
  398. m_pSID = (PSID)LocalAlloc(LPTR,dwSidLength);
  399. if(m_pSID)
  400. {
  401. CopySid(dwSidLength,m_pSID,pSID);
  402. }
  403. }
  404. }
  406. CNameSID(const CNameSID &ns) :
  407. m_pSID(NULL), m_wszName(NULL), m_wszSID(NULL)
  408. {
  409. *this=ns;
  410. }
  412. ~CNameSID()
  413. {
  414. if(m_pSID)
  415. {
  416. LocalFree(m_pSID);
  417. m_pSID = NULL;
  418. }
  419. if(m_wszName)
  420. {
  421. LocalFree(m_wszName);
  422. m_wszName = NULL;
  423. }
  424. if(m_wszSID)
  425. {
  426. LocalFree(m_wszSID);
  427. m_wszSID = NULL;
  428. }
  429. }
  431. void operator=(const CNameSID &ns)
  432. {
  433. if(m_pSID)
  434. {
  435. LocalFree(m_pSID);
  436. m_pSID = NULL;
  437. }
  438. if(m_wszName)
  439. {
  440. LocalFree(m_wszName);
  441. m_wszName = NULL;
  442. }
  443. if(m_wszSID)
  444. {
  445. LocalFree(m_wszSID);
  446. m_wszSID = NULL;
  447. }
  449. if(ns.m_wszName)
  450. {
  451. m_wszName = (LPWSTR)LocalAlloc(LPTR,(wcslen(ns.m_wszName)+1)*sizeof(WCHAR));
  452. if(m_wszName)
  453. {
  454. wcscpy(m_wszName,ns.m_wszName);
  455. }
  456. }
  458. if(ns.m_pSID)
  459. {
  460. DWORD dwSidLength = GetLengthSid(ns.m_pSID);
  461. m_pSID = (PSID)LocalAlloc(LPTR,dwSidLength);
  462. if(m_pSID)
  463. {
  464. CopySid(dwSidLength,m_pSID,ns.m_pSID);
  465. }
  466. }
  468. if(ns.m_wszSID)
  469. {
  470. m_wszSID = (LPWSTR)LocalAlloc(LPTR,(wcslen(ns.m_wszSID)+1)*sizeof(WCHAR));
  471. if(m_wszSID)
  472. {
  473. wcscpy(m_wszSID,ns.m_wszSID);
  474. }
  475. }
  477. }
  479. LPCWSTR GetName()
  480. {
  481. return m_wszName;
  482. }
  484. const PSID GetSID()
  485. {
  486. if(!m_pSID && m_wszSID)
  487. {
  488. ConvertStringSidToSidW(m_wszSID,&m_pSID);
  489. }
  491. return m_pSID;
  492. }
  494. LPCWSTR GetTextSID()
  495. {
  496. if(!m_wszSID && m_pSID)
  497. {
  498. ConvertSidToStringSidW(m_pSID,&m_wszSID);
  499. }
  501. return m_wszSID;
  502. }
  504. };