archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/netapi/svcdlls/dfs/client/dfsacl.c

938 lines
25 KiB
Raw Normal View History

Add source files
4 years ago
  1. //-----------------------------------------------------------------------------
  2. //
  3. // Copyright (C) 1998, Microsoft Corporation
  4. //
  5. // File: dfsacl.c
  7. // Contents: Functions to add/remove entries from ACL list(s).
  8. //
  9. // History: Nov 6, 1998 JHarper created
  10. //
  11. //-----------------------------------------------------------------------------
  13. #include <stdio.h>
  14. #include <nt.h>
  15. #include <ntrtl.h>
  16. #include <nturtl.h>
  17. #include <windows.h>
  18. #include <winldap.h>
  19. #include <ntldap.h>
  20. #include <stdlib.h>
  21. #include <dsgetdc.h>
  22. #include <lm.h>
  23. #include <sddl.h>
  25. #include "dfsacl.h"
  27. DWORD
  28. ReadDSObjSecDesc(
  29. PLDAP pLDAP,
  30. PWSTR pwszObject,
  31. SECURITY_INFORMATION SeInfo,
  32. PSECURITY_DESCRIPTOR *ppSD,
  33. PULONG pcSDSize);
  35. DWORD
  36. DfsGetObjSecurity(
  37. LDAP *pldap,
  38. LPWSTR pwszObjectName,
  39. LPWSTR *pwszStringSD);
  41. DWORD
  42. DfsStampSD(
  43. PWSTR pwszObject,
  44. ULONG cSDSize,
  45. SECURITY_INFORMATION SeInfo,
  46. PSECURITY_DESCRIPTOR pSD,
  47. PLDAP pLDAP);
  49. DWORD
  50. DfsAddAce(
  51. LDAP *pldap,
  52. LPWSTR wszObjectName,
  53. LPWSTR wszStringSD,
  54. LPWSTR wszwszStringSid);
  56. DWORD
  57. DfsRemoveAce(
  58. LDAP *pldap,
  59. LPWSTR wszObjectName,
  60. LPWSTR wszStringSD,
  61. LPWSTR wszwszStringSid);
  63. BOOL
  64. DfsFindSid(
  65. LPWSTR DcName,
  66. LPWSTR Name,
  67. PSID *Sid);
  69. BOOLEAN
  70. DfsSidInAce(
  71. LPWSTR wszAce,
  72. LPWSTR wszStringSid);
  74. #define ACTRL_SD_PROP_NAME L"nTSecurityDescriptor"
  76. //
  77. // Name of the attribute holding the ACL/ACE list
  78. //
  80. #define ACTRL_SD_PROP_NAME L"nTSecurityDescriptor"
  82. //
  83. // The sddl description of the ACE we will be adding
  84. //
  85. LPWSTR wszAce = L"(A;;RPWP;;;";
  87. #if DBG
  88. extern ULONG DfsDebug;
  89. #endif
  91. //+---------------------------------------------------------------------------
  92. //
  93. // Function: DfsAddMachineAce
  94. //
  95. // Synopsis: Adds an ACE representing this machine to the ACL list of the
  96. // object.
  97. //
  98. // Arguments: [pldap] -- The open LDAP connection
  99. // [wszDcName] -- The DC whose DS we are to use.
  100. // [wszObjectName] -- The fully-qualified name of the DS object
  101. // [wszRootName] -- The name of the machine/root we want to add
  102. //
  103. // Returns: ERROR_SUCCESS -- The object is reachable
  104. // ERROR_NOT_ENOUGH_MEMORY A memory allocation failed
  105. //
  106. //----------------------------------------------------------------------------
  107. DWORD
  108. DfsAddMachineAce(
  109. LDAP *pldap,
  110. LPWSTR wszDcName,
  111. LPWSTR wszObjectName,
  112. LPWSTR wszRootName)
  113. {
  114. ULONG dwErr = ERROR_SUCCESS;
  115. PSID Sid = NULL;
  116. BOOL Result;
  117. ULONG i;
  118. ULONG Len = 0;
  119. LPWSTR wszStringSD = NULL;
  120. LPWSTR wszStringSid = NULL;
  121. LPWSTR wszNewRootName = NULL;
  122. UNICODE_STRING DnsName;
  123. UNICODE_STRING NetBiosName;
  125. #if DBG
  126. if (DfsDebug)
  127. DbgPrint("DfsAddMachineAce(%ws,%ws)\n", wszObjectName, wszRootName);
  128. #endif
  129. //
  130. // Get Security Descriptor on the FtDfs object
  131. //
  132. dwErr = DfsGetObjSecurity(pldap, wszObjectName, &wszStringSD);
  133. if (dwErr != ERROR_SUCCESS)
  134. goto Cleanup;
  136. #if DBG
  137. if (DfsDebug)
  138. DbgPrint("ACL=[%ws]\n", wszStringSD);
  139. #endif
  141. Len = wcslen(wszRootName);
  142. wszNewRootName = malloc((Len + 2) * sizeof(WCHAR));
  143. if (wszNewRootName == NULL) {
  144. dwErr = ERROR_OUTOFMEMORY;
  145. goto Cleanup;
  146. }
  148. NetBiosName.Buffer = wszNewRootName;
  149. NetBiosName.MaximumLength = (USHORT)((Len + 2) * sizeof(WCHAR));
  150. NetBiosName.Length = 0;
  151. DnsName.Buffer = wszRootName;
  152. DnsName.Length = (USHORT)(Len * sizeof(WCHAR));
  153. DnsName.MaximumLength = DnsName.Length + sizeof(WCHAR);
  154. dwErr = RtlDnsHostNameToComputerName(
  155. &NetBiosName,
  156. &DnsName,
  157. FALSE);
  158. NetBiosName.Buffer[NetBiosName.Length/sizeof(WCHAR)] = L'\0';
  159. wcscat(wszNewRootName, L"$");
  161. //
  162. // Get SID representing root machine
  163. //
  164. Result = DfsFindSid(wszDcName,wszNewRootName, &Sid);
  165. if (Result != TRUE) {
  166. dwErr = ERROR_OBJECT_NOT_FOUND;
  167. goto Cleanup;
  168. }
  169. #if DBG
  170. if (DfsDebug)
  171. DbgPrint("Got SID for %ws\n", wszRootName);
  172. #endif
  173. //
  174. // Convert the machine SID to a string
  175. //
  176. Result = ConvertSidToStringSid(Sid, &wszStringSid);
  177. if (Result != TRUE) {
  178. dwErr = ERROR_OBJECT_NOT_FOUND;
  179. goto Cleanup;
  180. }
  181. #if DBG
  182. if (DfsDebug)
  183. DbgPrint("Sid=[%ws]\n", wszStringSid);
  184. #endif
  185. //
  186. // Now update the ACL list on the FtDfs object
  187. //
  188. dwErr = DfsAddAce(
  189. pldap,
  190. wszObjectName,
  191. wszStringSD,
  192. wszStringSid);
  194. Cleanup:
  195. if (wszNewRootName != NULL)
  196. free(wszNewRootName);
  197. if (wszStringSD != NULL)
  198. LocalFree(wszStringSD);
  199. if (wszStringSid != NULL)
  200. LocalFree(wszStringSid);
  201. if (Sid != NULL) {
  202. LocalFree(Sid);
  203. }
  205. #if DBG
  206. if (DfsDebug)
  207. DbgPrint("DfsAddMachineAce returning %d\n", dwErr);
  208. #endif
  209. return dwErr;
  211. }
  213. //+---------------------------------------------------------------------------
  214. //
  215. // Function: DfsRemoveMachineAce
  216. //
  217. // Synopsis: Removes an ACE representing this machine from the ACL list of the
  218. // object.
  219. //
  220. // Arguments: [pldap] -- The open LDAP connection
  221. // [wszDcName] -- The DC whose DS we are to use.
  222. // [wszObjectName] -- The fully-qualified name of the DS object
  223. // [wszRootName] -- The name of the machine/root we want to remove
  224. //
  225. // Returns: ERROR_SUCCESS -- The object is reachable
  226. // ERROR_NOT_ENOUGH_MEMORY A memory allocation failed
  227. //
  228. //----------------------------------------------------------------------------
  229. DWORD
  230. DfsRemoveMachineAce(
  231. LDAP *pldap,
  232. LPWSTR wszDcName,
  233. LPWSTR wszObjectName,
  234. LPWSTR wszRootName)
  235. {
  236. ULONG dwErr = ERROR_SUCCESS;
  237. PSID Sid = NULL;
  238. BOOL Result;
  239. LPWSTR wszStringSD = NULL;
  240. LPWSTR wszStringSid = NULL;
  241. LPWSTR wszNewRootName = NULL;
  242. ULONG i;
  243. ULONG Len = 0;
  244. UNICODE_STRING DnsName;
  245. UNICODE_STRING NetBiosName;
  247. #if DBG
  248. if (DfsDebug)
  249. DbgPrint("DfsRemoveMachineAce(%ws,%ws)\n", wszObjectName, wszRootName);
  250. #endif
  251. //
  252. // Get Security Descriptor on the FtDfs object
  253. //
  254. dwErr = DfsGetObjSecurity(pldap, wszObjectName, &wszStringSD);
  255. if (dwErr != ERROR_SUCCESS)
  256. goto Cleanup;
  258. #if DBG
  259. if (DfsDebug)
  260. DbgPrint("ACL=[%ws]\n", wszStringSD);
  261. #endif
  262. Len = wcslen(wszRootName);
  263. wszNewRootName = malloc((Len + 2) * sizeof(WCHAR));
  264. if (wszNewRootName == NULL) {
  265. dwErr = ERROR_OUTOFMEMORY;
  266. goto Cleanup;
  267. }
  269. NetBiosName.Buffer = wszNewRootName;
  270. NetBiosName.MaximumLength = (USHORT)((Len + 2) * sizeof(WCHAR));
  271. NetBiosName.Length = 0;
  272. DnsName.Buffer = wszRootName;
  273. DnsName.Length = (USHORT)(Len * sizeof(WCHAR));
  274. DnsName.MaximumLength = DnsName.Length + sizeof(WCHAR);
  275. dwErr = RtlDnsHostNameToComputerName(
  276. &NetBiosName,
  277. &DnsName,
  278. FALSE);
  279. NetBiosName.Buffer[NetBiosName.Length/sizeof(WCHAR)] = L'\0';
  280. wcscat(wszNewRootName, L"$");
  282. //
  283. // Get SID representing root machine
  284. //
  285. Result = DfsFindSid(wszDcName,wszNewRootName, &Sid);
  286. if (Result != TRUE) {
  287. dwErr = ERROR_OBJECT_NOT_FOUND;
  288. goto Cleanup;
  289. }
  290. #if DBG
  291. if (DfsDebug)
  292. DbgPrint("Got SID for %ws\n", wszRootName);
  293. #endif
  294. //
  295. // Convert the machine SID to a string
  296. //
  297. Result = ConvertSidToStringSid(Sid, &wszStringSid);
  298. if (Result != TRUE) {
  299. dwErr = ERROR_OBJECT_NOT_FOUND;
  300. goto Cleanup;
  301. }
  302. #if DBG
  303. if (DfsDebug)
  304. DbgPrint("Sid=[%ws]\n", wszStringSid);
  305. #endif
  306. //
  307. // Now update the ACL list on the FtDfs object
  308. //
  309. dwErr = DfsRemoveAce(
  310. pldap,
  311. wszObjectName,
  312. wszStringSD,
  313. wszStringSid);
  315. Cleanup:
  316. if (wszNewRootName != NULL)
  317. free(wszNewRootName);
  318. if (wszStringSD != NULL)
  319. LocalFree(wszStringSD);
  320. if (wszStringSid != NULL)
  321. LocalFree(wszStringSid);
  322. if (Sid != NULL) {
  323. LocalFree(Sid);
  324. }
  326. #if DBG
  327. if (DfsDebug)
  328. DbgPrint("DfsRemoveMachineAce exit %d\n", dwErr);
  329. #endif
  330. return dwErr;
  332. }
  334. //+---------------------------------------------------------------------------
  335. //
  336. // Function: ReadDSObjSecDesc
  337. //
  338. // Synopsis: Reads the security descriptor from the specied object via
  339. // the open ldap connection
  340. //
  341. // Arguments: [pLDAP] -- The open LDAP connection
  342. // [pwszDSObj] -- The DSObject to get the security
  343. // descriptor for
  344. // [SeInfo] -- Parts of the security descriptor to
  345. // read.
  346. // [ppSD] -- Where the security descriptor is
  347. // returned
  348. // [pcSDSize -- Size of the security descriptor
  349. //
  350. // Returns: ERROR_SUCCESS -- The object is reachable
  351. // ERROR_NOT_ENOUGH_MEMORY A memory allocation failed
  352. //
  353. // Notes: The returned security descriptor must be freed with LocalFree
  354. //
  355. //----------------------------------------------------------------------------
  356. DWORD
  357. ReadDSObjSecDesc(
  358. PLDAP pLDAP,
  359. PWSTR pwszObject,
  360. SECURITY_INFORMATION SeInfo,
  361. PSECURITY_DESCRIPTOR *ppSD,
  362. PULONG pcSDSize)
  363. {
  364. DWORD dwErr = ERROR_SUCCESS;
  365. PLDAPMessage pMsg = NULL;
  366. PWSTR rgAttribs[2];
  367. BYTE berValue[8];
  369. LDAPControl SeInfoControl =
  370. {
  371. LDAP_SERVER_SD_FLAGS_OID_W,
  372. {
  373. 5, (PCHAR)berValue
  374. },
  375. TRUE
  376. };
  378. PLDAPControl ServerControls[2] =
  379. {
  380. &SeInfoControl,
  381. NULL
  382. };
  384. #if DBG
  385. if (DfsDebug)
  386. DbgPrint("ReadDSObjSecDesc(%ws)\n", pwszObject);
  387. #endif
  389. berValue[0] = 0x30;
  390. berValue[1] = 0x03;
  391. berValue[2] = 0x02;
  392. berValue[3] = 0x01;
  393. berValue[4] = (BYTE)((ULONG)SeInfo & 0xF);
  396. rgAttribs[0] = ACTRL_SD_PROP_NAME;
  397. rgAttribs[1] = NULL;
  399. dwErr = ldap_search_ext_s(
  400. pLDAP,
  401. pwszObject,
  402. LDAP_SCOPE_BASE,
  403. L"(objectClass=*)",
  404. rgAttribs,
  405. 0,
  406. (PLDAPControl *)&ServerControls,
  407. NULL,
  408. NULL,
  409. 10000,
  410. &pMsg);
  412. dwErr = LdapMapErrorToWin32( dwErr );
  413. if(dwErr == ERROR_SUCCESS) {
  415. LDAPMessage *pEntry = NULL;
  416. PWSTR *ppwszValues = NULL;
  417. PLDAP_BERVAL *pSize = NULL;
  419. pEntry = ldap_first_entry(pLDAP, pMsg);
  420. if(pEntry != NULL) {
  421. //
  422. // Now, we'll have to get the values
  423. //
  424. ppwszValues = ldap_get_values(pLDAP, pEntry, rgAttribs[0]);
  425. if(ppwszValues != NULL) {
  426. pSize = ldap_get_values_len(pLDAP, pMsg, rgAttribs[0]);
  427. if(pSize != NULL) {
  428. //
  429. // Allocate the security descriptor to return
  430. //
  431. *ppSD = (PSECURITY_DESCRIPTOR)malloc((*pSize)->bv_len);
  432. if(*ppSD != NULL) {
  433. memcpy(*ppSD, (PBYTE)(*pSize)->bv_val, (*pSize)->bv_len);
  434. *pcSDSize = (*pSize)->bv_len;
  435. } else {
  436. dwErr = ERROR_NOT_ENOUGH_MEMORY;
  437. }
  438. ldap_value_free_len(pSize);
  439. } else {
  440. dwErr = LdapMapErrorToWin32( pLDAP->ld_errno );
  441. }
  442. ldap_value_free(ppwszValues);
  443. } else {
  444. dwErr = LdapMapErrorToWin32( pLDAP->ld_errno );
  445. }
  446. } else {
  447. dwErr = LdapMapErrorToWin32( pLDAP->ld_errno );
  448. }
  449. }
  450. if (pMsg != NULL)
  451. ldap_msgfree(pMsg);
  452. #if DBG
  453. if (DfsDebug)
  454. DbgPrint("ReadDSObjSecDesc returning %d\n", dwErr);
  455. #endif
  456. return(dwErr);
  457. }
  459. //+---------------------------------------------------------------------------
  460. //
  461. // Function: DfsGetObjSecurity
  462. //
  463. // Synopsis: Gets the ACL list of an object in sddl stringized form
  464. //
  465. // Arguments: [pldap] -- The open LDAP connection
  466. // [wszObjectName] -- The fully-qualified name of the DS object
  467. // [pwszStringSD] -- Pointer to pointer to SD in string form (sddl)
  468. //
  469. // Returns: ERROR_SUCCESS -- The object is reachable
  470. //
  471. //----------------------------------------------------------------------------
  472. DWORD
  473. DfsGetObjSecurity(
  474. LDAP *pldap,
  475. LPWSTR pwszObjectName,
  476. LPWSTR *pwszStringSD)
  477. {
  478. DWORD dwErr;
  479. SECURITY_INFORMATION si;
  480. PSECURITY_DESCRIPTOR pSD = NULL;
  481. ULONG cSDSize;
  483. #if DBG
  484. if (DfsDebug)
  485. DbgPrint("DfsGetObjSecurity(%ws)\n", pwszObjectName);
  486. #endif
  488. si = DACL_SECURITY_INFORMATION;
  490. dwErr = ReadDSObjSecDesc(
  491. pldap,
  492. pwszObjectName,
  493. si,
  494. &pSD,
  495. &cSDSize);
  497. if (dwErr == ERROR_SUCCESS) {
  498. if (!ConvertSecurityDescriptorToStringSecurityDescriptor(
  499. pSD,
  500. SDDL_REVISION_1,
  501. DACL_SECURITY_INFORMATION,
  502. pwszStringSD,
  503. NULL)
  504. ) {
  505. dwErr = GetLastError();
  506. #if DBG
  507. if (DfsDebug)
  508. DbgPrint("ConvertSecurityDescriptorToStringSecurityDescriptor FAILED %d:\n", dwErr);
  509. #endif
  510. }
  512. }
  514. #if DBG
  515. if (DfsDebug)
  516. DbgPrint("DfsGetObjSecurity returning %d\n", dwErr);
  517. #endif
  519. return(dwErr);
  521. }
  523. //+---------------------------------------------------------------------------
  524. //
  525. // Function: DfsFindSid
  526. //
  527. // Synopsis: Gets the SID for a name
  528. //
  529. // [DcName] -- The DC to remote to
  530. // [Name] -- The Name of the object
  531. // [Sid] -- Pointer to pointer to returned SID, which must be freed
  532. // using LocalFree
  533. //
  534. // Returns: TRUE or FALSE
  535. //
  536. //----------------------------------------------------------------------------
  537. BOOL
  538. DfsFindSid(
  539. LPWSTR DcName,
  540. LPWSTR Name,
  541. PSID *Sid
  542. )
  543. {
  544. DWORD SidLength = 0;
  545. WCHAR DomainName[256];
  546. DWORD DomainNameLength = 256;
  547. SID_NAME_USE Use;
  548. BOOL Result;
  550. #if DBG
  551. if (DfsDebug)
  552. DbgPrint("DfsFindSid(%ws,%ws)\n", DcName,Name);
  553. #endif
  555. Result = LookupAccountName(
  556. DcName,
  557. Name,
  558. (PSID)NULL,
  559. &SidLength,
  560. DomainName,
  561. &DomainNameLength,
  562. &Use);
  564. if ( !Result && (GetLastError() == ERROR_INSUFFICIENT_BUFFER) ) {
  566. *Sid = LocalAlloc( 0, SidLength );
  568. Result = LookupAccountName(
  569. DcName,
  570. Name,
  571. *Sid,
  572. &SidLength,
  573. DomainName,
  574. &DomainNameLength,
  575. &Use);
  577. }
  579. #if DBG
  580. if (DfsDebug)
  581. DbgPrint("DfsFindSid returning %s\n", Result == TRUE ? "TRUE" : "FALSE");
  582. #endif
  584. return( Result );
  585. }
  587. //+---------------------------------------------------------------------------
  588. //
  589. // Function: DfsAddAce
  590. //
  591. // Synopsis: Adds a string ACE to a string version of an objects SD
  592. // object. This is a string manipulation routine.
  593. //
  594. // Arguments: [pldap] -- The open LDAP connection
  595. // [wszObjectName] -- The fully-qualified name of the DS object
  596. // [wszStringSD] -- String version of SD
  597. // [wszStringSid] -- String version of SID to add
  598. //
  599. // Returns: ERROR_SUCCESS -- ACE was added
  600. //
  601. //----------------------------------------------------------------------------
  602. DWORD
  603. DfsAddAce(
  604. LDAP *pldap,
  605. LPWSTR wszObjectName,
  606. LPWSTR wszStringSD,
  607. LPWSTR wszStringSid)
  608. {
  609. DWORD dwErr = ERROR_SUCCESS;
  610. LPWSTR wszNewStringSD = NULL;
  611. SECURITY_INFORMATION si;
  612. PSECURITY_DESCRIPTOR pSD = NULL;
  613. BOOL Result;
  614. ULONG Size = 0;
  615. ULONG cSDSize = 0;
  617. #if DBG
  618. if (DfsDebug)
  619. DbgPrint("DfsAddAce(%ws)\n", wszObjectName);
  620. #endif
  622. Size = wcslen(wszStringSD) * sizeof(WCHAR) +
  623. wcslen(wszAce) * sizeof(WCHAR) +
  624. wcslen(wszStringSid) * sizeof(WCHAR) +
  625. wcslen(L")") * sizeof(WCHAR) +
  626. sizeof(WCHAR);
  628. wszNewStringSD = malloc(Size);
  630. if (wszNewStringSD != NULL) {
  631. wcscpy(wszNewStringSD,wszStringSD);
  632. wcscat(wszNewStringSD,wszAce);
  633. wcscat(wszNewStringSD,wszStringSid);
  634. wcscat(wszNewStringSD,L")");
  635. #if DBG
  636. if (DfsDebug)
  637. DbgPrint("NewSD=[%ws]\n", wszNewStringSD);
  638. #endif
  639. Result = ConvertStringSecurityDescriptorToSecurityDescriptor(
  640. wszNewStringSD,
  641. SDDL_REVISION_1,
  642. &pSD,
  643. &cSDSize);
  644. if (Result == TRUE) {
  645. si = DACL_SECURITY_INFORMATION;
  646. dwErr = DfsStampSD(
  647. wszObjectName,
  648. cSDSize,
  649. si,
  650. pSD,
  651. pldap);
  652. LocalFree(pSD);
  653. } else {
  654. dwErr = GetLastError();
  655. #if DBG
  656. if (DfsDebug)
  657. DbgPrint("Convert returned %d\n", dwErr);
  658. #endif
  659. }
  660. free(wszNewStringSD);
  661. } else {
  662. dwErr = ERROR_OUTOFMEMORY;
  663. }
  665. #if DBG
  666. if (DfsDebug)
  667. DbgPrint("DfsAddAce returning %d\n", dwErr);
  668. #endif
  669. return(dwErr);
  671. }
  673. //+---------------------------------------------------------------------------
  674. //
  675. // Function: DfsRemoveAce
  676. //
  677. // Synopsis: Finds and removes a string ACE from the string SD of an
  678. // object. This is a string manipulation routine.
  679. //
  680. // Arguments: [pldap] -- The open LDAP connection
  681. // [wszObjectName] -- The fully-qualified name of the DS object
  682. // [wszStringSD] -- String version of SD
  683. // [wszStringSid] -- String version of SID to remove
  684. //
  685. // Returns: ERROR_SUCCESS -- ACE was removed or was not present
  686. //
  687. //----------------------------------------------------------------------------
  688. DWORD
  689. DfsRemoveAce(
  690. LDAP *pldap,
  691. LPWSTR wszObjectName,
  692. LPWSTR wszStringSD,
  693. LPWSTR wszStringSid)
  694. {
  695. DWORD dwErr = ERROR_SUCCESS;
  696. LPWSTR wszNewStringSD = NULL;
  697. SECURITY_INFORMATION si;
  698. PSECURITY_DESCRIPTOR pSD = NULL;
  699. BOOL Result;
  700. ULONG Size = 0;
  701. ULONG cSDSize = 0;
  702. BOOLEAN fCopying;
  703. ULONG s1, s2;
  705. #if DBG
  706. if (DfsDebug)
  707. DbgPrint("DfsRemoveAce(%ws)\n", wszObjectName);
  708. #endif
  710. Size = wcslen(wszStringSD) * sizeof(WCHAR) + sizeof(WCHAR);
  712. wszNewStringSD = malloc(Size);
  714. if (wszNewStringSD != NULL) {
  716. RtlZeroMemory(wszNewStringSD, Size);
  718. //
  719. // We have to find the ACEs containing this SID, and remove them.
  720. //
  722. fCopying = TRUE;
  723. for (s1 = s2 = 0; wszStringSD[s1]; s1++) {
  725. //
  726. // If this is the start of an ACE that has this SID, stop copying
  727. //
  728. if (wszStringSD[s1] == L'(' && DfsSidInAce(&wszStringSD[s1],wszStringSid) == TRUE) {
  729. fCopying = FALSE;
  730. continue;
  731. }
  733. //
  734. // If this is the end of SID we are not copying, start copying again
  735. //
  736. if (wszStringSD[s1] == L')' && fCopying == FALSE) {
  737. fCopying = TRUE;
  738. continue;
  739. }
  741. //
  742. // If we are copying, do so.
  743. //
  744. if (fCopying == TRUE)
  745. wszNewStringSD[s2++] = wszStringSD[s1];
  746. }
  748. #if DBG
  749. if (DfsDebug)
  750. DbgPrint("NewSD=[%ws]\n", wszNewStringSD);
  751. #endif
  752. Result = ConvertStringSecurityDescriptorToSecurityDescriptor(
  753. wszNewStringSD,
  754. SDDL_REVISION_1,
  755. &pSD,
  756. &cSDSize);
  757. if (Result == TRUE) {
  758. si = DACL_SECURITY_INFORMATION;
  759. dwErr = DfsStampSD(
  760. wszObjectName,
  761. cSDSize,
  762. si,
  763. pSD,
  764. pldap);
  765. LocalFree(pSD);
  766. } else {
  767. dwErr = GetLastError();
  768. #if DBG
  769. if (DfsDebug)
  770. DbgPrint("Convert returned %d\n", dwErr);
  771. #endif
  772. }
  773. free(wszNewStringSD);
  774. } else {
  775. dwErr = ERROR_OUTOFMEMORY;
  776. }
  778. #if DBG
  779. if (DfsDebug)
  780. DbgPrint("DfsRemoveAce returning %d\n", dwErr);
  781. #endif
  782. return(dwErr);
  784. }
  786. //+---------------------------------------------------------------------------
  787. //
  788. // Function: DfsSidInAce
  789. //
  790. // Synopsis: Scans an ACE to see if the string SID is in it.
  791. //
  792. // Arguments: [wszAce] -- ACE to scan
  793. // [wszStringSid] -- SID to scan for
  794. //
  795. // Returns: TRUE -- SID is in this ACE
  796. // FALSE -- SID is not in this ACE
  797. //
  798. //----------------------------------------------------------------------------
  799. BOOLEAN
  800. DfsSidInAce(
  801. LPWSTR wszAce,
  802. LPWSTR wszStringSid)
  803. {
  804. ULONG i;
  805. ULONG SidLen = wcslen(wszStringSid);
  806. ULONG AceLen;
  807. WCHAR Oldcp;
  809. for (AceLen = 0; wszAce[AceLen] && wszAce[AceLen] != L')'; AceLen++)
  810. /* NOTHING */;
  812. Oldcp = wszAce[AceLen];
  813. wszAce[AceLen] = L'\0';
  814. #if DBG
  815. if (DfsDebug)
  816. DbgPrint("DfsSidInAce(%ws),%ws)\n", wszAce, wszStringSid);
  817. #endif
  818. wszAce[AceLen] = Oldcp;
  820. if (SidLen > AceLen || wszAce[0] != L'(') {
  821. #if DBG
  822. if (DfsDebug)
  823. DbgPrint("DfsSidInAce returning FALSE(1)\n");
  824. #endif
  825. return FALSE;
  826. }
  828. for (i = 0; i <= (AceLen - SidLen); i++) {
  830. if (wszAce[i] == wszStringSid[0] && wcsncmp(&wszAce[i],wszStringSid,SidLen) == 0) {
  831. #if DBG
  832. if (DfsDebug)
  833. DbgPrint("DfsSidInAce returning TRUE\n");
  834. #endif
  835. return TRUE;
  836. }
  838. }
  840. #if DBG
  841. if (DfsDebug)
  842. DbgPrint("DfsSidInAce returning FALSE(2)\n");
  843. #endif
  844. return FALSE;
  845. }
  847. //+---------------------------------------------------------------------------
  848. //
  849. // Function: DfsStampSD
  850. //
  851. // Synopsis: Actually stamps the security descriptor on the object.
  852. //
  853. // Arguments: [pwszObject] -- The object to stamp the SD on
  854. // [cSDSize] -- The size of the security descriptor
  855. // [SeInfo] -- SecurityInformation about the security
  856. // descriptor
  857. // [pSD] -- The SD to stamp
  858. // [pLDAP] -- The LDAP connection to use
  859. //
  860. // Returns: ERROR_SUCCESS -- Success
  861. //
  862. //----------------------------------------------------------------------------
  863. DWORD
  864. DfsStampSD(
  865. PWSTR pwszObject,
  866. ULONG cSDSize,
  867. SECURITY_INFORMATION SeInfo,
  868. PSECURITY_DESCRIPTOR pSD,
  869. PLDAP pLDAP)
  870. {
  871. DWORD dwErr = ERROR_SUCCESS;
  872. PLDAPMod rgMods[2];
  873. PLDAP_BERVAL pBVals[2];
  874. LDAPMod Mod;
  875. LDAP_BERVAL BVal;
  876. BYTE ControlBuffer[ 5 ];
  878. LDAPControl SeInfoControl =
  879. {
  880. LDAP_SERVER_SD_FLAGS_OID_W,
  881. {
  882. 5, (PCHAR) &ControlBuffer
  883. },
  884. TRUE
  885. };
  887. PLDAPControl ServerControls[2] =
  888. {
  889. &SeInfoControl,
  890. NULL
  891. };
  893. #if DBG
  894. if (DfsDebug)
  895. DbgPrint("DfsStampSD(%ws,%d)\n", pwszObject, cSDSize);
  896. #endif
  898. ASSERT(*(PULONG)pSD > 0xF );
  900. ControlBuffer[0] = 0x30;
  901. ControlBuffer[1] = 0x3;
  902. ControlBuffer[2] = 0x02; // Denotes an integer;
  903. ControlBuffer[3] = 0x01; // Size
  904. ControlBuffer[4] = (BYTE)((ULONG)SeInfo & 0xF);
  906. ASSERT(IsValidSecurityDescriptor( pSD ) );
  908. rgMods[0] = &Mod;
  909. rgMods[1] = NULL;
  911. pBVals[0] = &BVal;
  912. pBVals[1] = NULL;
  914. BVal.bv_len = cSDSize;
  915. BVal.bv_val = (PCHAR)pSD;
  917. Mod.mod_op = LDAP_MOD_REPLACE | LDAP_MOD_BVALUES;
  918. Mod.mod_type = ACTRL_SD_PROP_NAME;
  919. Mod.mod_values = (PWSTR *)pBVals;
  921. //
  922. // Now, we'll do the write...
  923. //
  924. dwErr = ldap_modify_ext_s(pLDAP,
  925. pwszObject,
  926. rgMods,
  927. (PLDAPControl *)&ServerControls,
  928. NULL);
  930. dwErr = LdapMapErrorToWin32(dwErr);
  932. #if DBG
  933. if (DfsDebug)
  934. DbgPrint("DfsStampSD returning %d\n", dwErr);
  935. #endif
  937. return(dwErr);
  938. }