archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/protocols/digest/user.cxx

675 lines
18 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+-----------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (c) Microsoft Corporation 2000
  6. //
  7. // File: user.cxx
  8. //
  9. // Contents: Context manipulation functions
  10. //
  11. //
  12. // History: KDamour 15Mar00 Derrived from NTLM context.cxx
  13. //
  14. //------------------------------------------------------------------------
  15. #include "global.h"
  17. // This list contains all of the User Contexts
  18. LIST_ENTRY l_UserCtxtList;
  20. // Lock for access to UserCtxtList
  21. RTL_CRITICAL_SECTION l_UserCtxtCritSect;
  24. // Indicate if completed Initialization of Credential Handler
  25. BOOL g_bUserContextInitialized = FALSE;
  29. //+--------------------------------------------------------------------
  30. //
  31. // Function: UserCtxtHandlerInit
  32. //
  33. // Synopsis: Initializes the context manager package
  34. //
  35. // Arguments: none
  36. //
  37. // Returns: NTSTATUS
  38. //
  39. // Notes: Called by SpInstanceInit
  40. //
  41. //---------------------------------------------------------------------
  42. NTSTATUS
  43. UserCtxtHandlerInit(VOID)
  44. {
  45. NTSTATUS Status = STATUS_SUCCESS;
  47. //
  48. // Initialize the Context list to be empty.
  49. //
  51. Status = RtlInitializeCriticalSection(&l_UserCtxtCritSect);
  52. if (!NT_SUCCESS(Status))
  53. {
  54. DebugLog((DEB_ERROR, "UserCtxtHandlerInit: Failed to initialize critsec 0x%x\n", Status));
  55. goto CleanUp;
  56. }
  58. InitializeListHead( &l_UserCtxtList );
  61. // Simple variable test to make sure all initialized;
  62. g_bUserContextInitialized = TRUE;
  64. CleanUp:
  66. return Status;
  67. }
  70. // Add a Context into the UserMode Context List
  71. NTSTATUS
  72. UserCtxtHandlerInsertCred(
  73. IN PDIGEST_USERCONTEXT pUserContext
  74. )
  75. {
  76. RtlEnterCriticalSection( &l_UserCtxtCritSect );
  77. DebugLog((DEB_TRACE, "UserCtxtHandlerRelease: (RefCount) UserContextInit linked 0x%x\n", pUserContext->LsaContext));
  78. InsertHeadList( &l_UserCtxtList, &pUserContext->Next );
  79. RtlLeaveCriticalSection( &l_UserCtxtCritSect );
  81. return STATUS_SUCCESS;
  82. }
  85. // Initialize a UserMode Context
  86. NTSTATUS NTAPI
  87. UserCtxtInit(
  88. PDIGEST_USERCONTEXT pContext
  89. )
  90. {
  92. NTSTATUS Status = STATUS_SUCCESS;
  94. DebugLog((DEB_TRACE_FUNC, "UserCtxtInit: Entering\n"));
  95. ASSERT(pContext);
  97. if (!pContext)
  98. {
  99. return STATUS_INVALID_PARAMETER;
  100. }
  102. ZeroMemory(pContext, sizeof(DIGEST_USERCONTEXT));
  104. DebugLog((DEB_TRACE_FUNC, "UserCtxtInit: Leaving \n"));
  105. return Status;
  106. }
  109. // Once done with a context - release the resouces
  110. NTSTATUS NTAPI
  111. UserCtxtFree(
  112. IN PDIGEST_USERCONTEXT pContext
  113. )
  114. {
  115. NTSTATUS Status = STATUS_SUCCESS;
  116. int i = 0;
  118. DebugLog((DEB_TRACE_FUNC, "UserCtxtFree: Entering with LSA context 0x%x\n", pContext->LsaContext));
  119. ASSERT(pContext);
  120. ASSERT(pContext->lReferences == 0);
  122. if (!pContext)
  123. {
  124. return STATUS_INVALID_PARAMETER;
  125. }
  127. if (pContext->ClientTokenHandle)
  128. {
  129. NTSTATUS IgnoreStatus;
  130. IgnoreStatus = NtClose(pContext->ClientTokenHandle);
  131. // ASSERT (NT_SUCCESS (IgnoreStatus));
  132. if (!NT_SUCCESS(IgnoreStatus))
  133. {
  134. DebugLog((DEB_ERROR, "UserCtxtFree: Could not Close the TokenHandle!!!!\n"));
  135. }
  136. pContext->ClientTokenHandle = NULL;
  137. }
  139. if (pContext->hSealCryptKey)
  140. {
  141. CryptDestroyKey( pContext->hSealCryptKey );
  142. pContext->hSealCryptKey = NULL;
  143. }
  145. if (pContext->hUnsealCryptKey)
  146. {
  147. CryptDestroyKey( pContext->hUnsealCryptKey );
  148. pContext->hUnsealCryptKey = NULL;
  149. }
  151. StringFree(&(pContext->strSessionKey));
  152. UnicodeStringFree(&(pContext->ustrAccountName));
  154. //
  155. // Values utilized in the Initial Digest Auth ChallResponse
  156. // Can be utilized for defaults in future MakeSignature/VerifySignature
  157. //
  158. for (i=0; i < MD5_AUTH_LAST; i++)
  159. {
  160. StringFree(&(pContext->strParam[i]));
  161. }
  163. DigestFreeMemory(pContext);
  165. DebugLog((DEB_TRACE_FUNC, "UserCtxtFree: Leaving\n"));
  166. return Status;
  167. }
  171. /*++
  173. Routine Description:
  175. This routine checks to see if the Context is for the specified
  176. Client Connection, and references the Context if it is valid.
  178. The caller may optionally request that the Context be
  179. removed from the list of valid Contexts - preventing future
  180. requests from finding this Context.
  182. Arguments:
  184. ContextHandle - Points to the ContextHandle of the Context
  185. to be referenced.
  187. RemoveContext - This boolean value indicates whether the caller
  188. wants the Context to be removed from the list
  189. of Contexts. TRUE indicates the Context is to be removed.
  190. FALSE indicates the Context is not to be removed.
  193. Return Value:
  195. NULL - the Context was not found.
  197. Otherwise - returns a pointer to the referenced Context.
  199. --*/
  200. NTSTATUS NTAPI
  201. UserCtxtHandlerHandleToContext(
  202. IN ULONG_PTR ContextHandle,
  203. IN BOOLEAN RemoveContext,
  204. OUT PDIGEST_USERCONTEXT *ppContext
  205. )
  206. {
  207. NTSTATUS Status = STATUS_SUCCESS;
  208. PLIST_ENTRY ListEntry = NULL;
  209. PDIGEST_USERCONTEXT pContext = NULL;
  210. LONG lReferences = 0;
  212. DebugLog((DEB_TRACE_FUNC, "UserCtxtHandlerHandleToContext: Entering\n" ));
  215. //
  216. // Acquire exclusive access to the Context list
  217. //
  219. RtlEnterCriticalSection( &l_UserCtxtCritSect );
  221. //
  222. // Now walk the list of Contexts looking for a match.
  223. //
  225. for ( ListEntry = l_UserCtxtList.Flink;
  226. ListEntry != &l_UserCtxtList;
  227. ListEntry = ListEntry->Flink )
  228. {
  230. pContext = CONTAINING_RECORD( ListEntry, DIGEST_USERCONTEXT, Next );
  232. //
  233. // Found a match ... reference this Context
  234. // (if the Context is being removed, we would increment
  235. // and then decrement the reference, so don't bother doing
  236. // either - since they cancel each other out).
  237. //
  239. DebugLog((DEB_TRACE, "UserCtxtHandlerHandleToContext: Checking context %lx for userctxt %lx\n",
  240. pContext->LsaContext, ContextHandle ));
  242. if (pContext->LsaContext != ContextHandle)
  243. {
  244. continue;
  245. }
  248. if (!RemoveContext)
  249. {
  250. lReferences = InterlockedIncrement(&pContext->lReferences);
  251. }
  252. else
  253. {
  254. DebugLog((DEB_TRACE, "UserCtxtHandlerRelease: (RefCount) UserContextInit delinked 0x%x\n", ContextHandle));
  255. RemoveEntryList( &pContext->Next );
  256. }
  258. DebugLog((DEB_TRACE, "CtxtHandlerHandleToContext FOUND Context = 0x%x, RemoveContext = %d, ReferenceCount = %ld\n",
  259. pContext, RemoveContext, pContext->lReferences));
  260. *ppContext = pContext;
  261. goto CleanUp;
  263. }
  265. //
  266. // No match found
  267. //
  269. DebugLog((DEB_WARN, "UserCtxtHandlerHandleToContext: Tried to reference unknown Context 0x%lx\n", ContextHandle ));
  270. Status = STATUS_OBJECT_NAME_NOT_FOUND;
  271. *ppContext = NULL;
  273. CleanUp:
  275. RtlLeaveCriticalSection( &l_UserCtxtCritSect );
  276. DebugLog((DEB_TRACE_FUNC, "UserCtxtHandlerHandleToContext: Leaving Status 0x%x\n", Status ));
  278. return(Status);
  279. }
  283. // Check the Creation time with the Current time.
  284. // If the difference is greater than the MAX allowed, Context is no longer valid
  285. BOOL
  286. UserCtxtHandlerTimeHasElapsed(
  287. PDIGEST_USERCONTEXT pContext)
  288. {
  289. BOOL bStatus = FALSE;
  290. DWORD dwTimeElapsed = 0;
  291. time_t timeCurrent = time(NULL);
  293. return FALSE;
  295. // dwTimeElapsed = (DWORD)(timeCurrent - pContext->TimeCreated);
  297. if (dwTimeElapsed > g_dwParameter_Lifetime)
  298. {
  299. bStatus = TRUE;
  300. }
  302. return(bStatus);
  303. }
  307. //+--------------------------------------------------------------------
  308. //
  309. // Function: CtxtHandlerRelease
  310. //
  311. // Synopsis: Releases the Context by decreasing reference counter
  312. //
  313. // Arguments: pContext - pointer to credential to de-reference
  314. //
  315. // Returns: NTSTATUS
  316. //
  317. // Notes: Called by ASC. Since multiple threads must wait for ownership
  318. // of a context, reference count must be either 0 (unused) or 1 (in process)
  319. //
  320. //---------------------------------------------------------------------
  321. NTSTATUS
  322. UserCtxtHandlerRelease(
  323. PDIGEST_USERCONTEXT pUserContext)
  324. {
  325. NTSTATUS Status = STATUS_SUCCESS;
  326. LONG lReferences = 0;
  328. lReferences = InterlockedDecrement(&pUserContext->lReferences);
  330. DebugLog((DEB_TRACE, "UserCtxtHandlerRelease: (RefCount) UserContextInit deref 0x%x references %ld\n",
  331. pUserContext, lReferences));
  333. ASSERT( lReferences >= 0 );
  335. //
  336. // If the count has dropped to zero, then free all alloced stuff
  337. //
  339. if (lReferences == 0)
  340. {
  341. DebugLog((DEB_TRACE, "UserCtxtHandlerRelease: (RefCount) UserContextInit freed 0x%x\n", pUserContext));
  342. Status = UserCtxtFree(pUserContext);
  343. }
  345. return(Status);
  346. }
  349. // Following functions make use of the lock for insuring single threaded operation
  352. /*++
  354. RoutineDescription:
  356. Creates a new DACL for the token granting the server and client
  357. all access to the token.
  359. Arguments:
  361. Token - Handle to an impersonation token open for TOKEN_QUERY and
  362. WRITE_DAC
  364. Return Value:
  366. STATUS_INSUFFICIENT_RESOURCES - insufficient memory to complete
  367. the function.
  369. Errors from NtSetSecurityObject
  371. --*/
  372. NTSTATUS
  373. SspCreateTokenDacl(
  374. HANDLE Token
  375. )
  376. {
  377. NTSTATUS Status = STATUS_SUCCESS;
  378. PTOKEN_USER ProcessTokenUser = NULL;
  379. PTOKEN_USER ThreadTokenUser = NULL;
  380. PTOKEN_USER ImpersonationTokenUser = NULL;
  381. HANDLE ProcessToken = NULL;
  382. HANDLE ImpersonationToken = NULL;
  383. BOOL fInsertImpersonatingUser = FALSE;
  384. SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
  385. ULONG AclLength = 0;
  386. PACL NewDacl = NULL;
  387. SECURITY_DESCRIPTOR SecurityDescriptor;
  389. BOOL fReleaseContextLock = FALSE;
  392. DebugLog((DEB_TRACE_FUNC, "SspCreateTokenDacl: Entering Token is 0x%x\n", Token));
  394. //
  395. // Build the two well known sids we need.
  396. //
  398. if (g_NtDigestGlobalLocalSystemSid == NULL || g_NtDigestGlobalAliasAdminsSid == NULL ) {
  400. RtlEnterCriticalSection(&l_UserCtxtCritSect);
  401. fReleaseContextLock = TRUE;
  403. if (g_NtDigestGlobalLocalSystemSid == NULL)
  404. {
  405. PSID pLocalSidSystem = NULL;
  406. DebugLog((DEB_TRACE, "SspCreateTokenDacl: Allocate and Init LocalSystem SID\n"));
  407. Status = RtlAllocateAndInitializeSid(
  408. &NtAuthority,
  409. 1,
  410. SECURITY_LOCAL_SYSTEM_RID,
  411. 0,0,0,0,0,0,0,
  412. &pLocalSidSystem
  413. );
  414. if (!NT_SUCCESS(Status))
  415. {
  416. DebugLog((DEB_ERROR, "SspCreateTokenDacl: RtlAllocateAndInitializeSid returns 0x%lx\n", Status ));
  417. goto Cleanup;
  418. }
  419. DebugLog((DEB_TRACE, "SspCreateTokenDacl: Allocate and Init LocalSystem SID DONE\n"));
  420. g_NtDigestGlobalLocalSystemSid = pLocalSidSystem;
  421. }
  423. if (g_NtDigestGlobalAliasAdminsSid == NULL)
  424. {
  425. PSID pLocalSidAdmins = NULL;
  427. DebugLog((DEB_TRACE, "SspCreateTokenDacl: Allocate and Init AliasAdmin SID\n"));
  428. Status = RtlAllocateAndInitializeSid(
  429. &NtAuthority,
  430. 2,
  431. SECURITY_BUILTIN_DOMAIN_RID,
  432. DOMAIN_ALIAS_RID_ADMINS,
  433. 0,0,0,0,0,0,
  434. &pLocalSidAdmins
  435. );
  436. if (!NT_SUCCESS(Status))
  437. {
  438. DebugLog((DEB_ERROR, "SspCreateTokenDacl, RtlAllocateAndInitializeSid returns 0x%lx\n", Status ));
  439. goto Cleanup;
  440. }
  442. DebugLog((DEB_TRACE, "SspCreateTokenDacl: Allocate and Init AliasAdmin SID DONE\n"));
  443. g_NtDigestGlobalAliasAdminsSid = pLocalSidAdmins;
  444. }
  446. RtlLeaveCriticalSection(&l_UserCtxtCritSect);
  447. fReleaseContextLock = FALSE;
  448. }
  450. //
  451. // it's possible that the current thread is impersonating a user.
  452. // if that's the case, get it's token user, and revert to insure we
  453. // can open the process token.
  454. //
  456. Status = NtOpenThreadToken(
  457. NtCurrentThread(),
  458. TOKEN_QUERY | TOKEN_IMPERSONATE,
  459. TRUE,
  460. &ImpersonationToken
  461. );
  463. if( NT_SUCCESS(Status) )
  464. {
  465. //
  466. // stop impersonating.
  467. //
  469. RevertToSelf();
  471. //
  472. // get the token user for the impersonating user.
  473. //
  474. Status = SspGetTokenUser(
  475. ImpersonationToken,
  476. &ImpersonationTokenUser
  477. );
  479. if (!NT_SUCCESS(Status))
  480. {
  481. DebugLog((DEB_ERROR, "SspCreateTokenDacl: SspGetTokenUser (1) returns 0x%lx\n", Status ));
  482. goto Cleanup;
  483. }
  484. }
  486. //
  487. // Open the process token to find out the user sid
  488. //
  490. Status = NtOpenProcessToken(
  491. NtCurrentProcess(),
  492. TOKEN_QUERY,
  493. &ProcessToken
  494. );
  496. if(!NT_SUCCESS(Status))
  497. {
  498. DebugLog((DEB_ERROR, "SspCreateTokenDacl: NtOpenProcessToken returns 0x%lx\n", Status ));
  499. goto Cleanup;
  500. }
  502. //
  503. // get the token user for the process token.
  504. //
  505. Status = SspGetTokenUser(
  506. ProcessToken,
  507. &ProcessTokenUser
  508. );
  510. if (!NT_SUCCESS(Status))
  511. {
  512. DebugLog((DEB_ERROR, "SspCreateTokenDacl: SspGetTokenUser (2) returns 0x%lx\n", Status ));
  513. goto Cleanup;
  514. }
  517. //
  518. // Now get the token user for the thread.
  519. //
  520. Status = SspGetTokenUser(
  521. Token,
  522. &ThreadTokenUser
  523. );
  525. if (!NT_SUCCESS(Status))
  526. {
  527. DebugLog((DEB_ERROR, "SspCreateTokenDacl: SspGetTokenUser (3) returns 0x%lx\n", Status ));
  528. goto Cleanup;
  529. }
  532. AclLength = 4 * sizeof( ACCESS_ALLOWED_ACE ) - 4 * sizeof( ULONG ) +
  533. RtlLengthSid( ProcessTokenUser->User.Sid ) +
  534. RtlLengthSid( ThreadTokenUser->User.Sid ) +
  535. RtlLengthSid( g_NtDigestGlobalLocalSystemSid ) +
  536. RtlLengthSid( g_NtDigestGlobalAliasAdminsSid ) +
  537. sizeof( ACL );
  539. //
  540. // determine if we need to add impersonation token sid onto the token Dacl.
  541. //
  543. if( ImpersonationTokenUser &&
  544. !RtlEqualSid( ImpersonationTokenUser->User.Sid, ProcessTokenUser->User.Sid ) &&
  545. !RtlEqualSid( ImpersonationTokenUser->User.Sid, ThreadTokenUser->User.Sid )
  546. )
  547. {
  548. AclLength += (sizeof(ACCESS_ALLOWED_ACE) - sizeof( ULONG )) +
  549. RtlLengthSid( ImpersonationTokenUser->User.Sid );
  551. fInsertImpersonatingUser = TRUE;
  552. }
  555. NewDacl = (PACL)DigestAllocateMemory(AclLength );
  557. if (NewDacl == NULL) {
  559. Status = STATUS_INSUFFICIENT_RESOURCES;
  560. DebugLog((DEB_ERROR, "SspCreateTokenDacl: NtLmallocate returns 0x%lx\n", NewDacl));
  561. goto Cleanup;
  562. }
  564. Status = RtlCreateAcl( NewDacl, AclLength, ACL_REVISION2 );
  565. ASSERT(NT_SUCCESS( Status ));
  567. Status = RtlAddAccessAllowedAce (
  568. NewDacl,
  569. ACL_REVISION2,
  570. TOKEN_ALL_ACCESS,
  571. ProcessTokenUser->User.Sid
  572. );
  573. ASSERT( NT_SUCCESS( Status ));
  575. Status = RtlAddAccessAllowedAce (
  576. NewDacl,
  577. ACL_REVISION2,
  578. TOKEN_ALL_ACCESS,
  579. ThreadTokenUser->User.Sid
  580. );
  581. ASSERT( NT_SUCCESS( Status ));
  583. if( fInsertImpersonatingUser )
  584. {
  585. Status = RtlAddAccessAllowedAce (
  586. NewDacl,
  587. ACL_REVISION2,
  588. TOKEN_ALL_ACCESS,
  589. ImpersonationTokenUser->User.Sid
  590. );
  591. ASSERT( NT_SUCCESS( Status ));
  592. }
  594. Status = RtlAddAccessAllowedAce (
  595. NewDacl,
  596. ACL_REVISION2,
  597. TOKEN_ALL_ACCESS,
  598. g_NtDigestGlobalAliasAdminsSid
  599. );
  600. ASSERT( NT_SUCCESS( Status ));
  602. Status = RtlAddAccessAllowedAce (
  603. NewDacl,
  604. ACL_REVISION2,
  605. TOKEN_ALL_ACCESS,
  606. g_NtDigestGlobalLocalSystemSid
  607. );
  608. ASSERT( NT_SUCCESS( Status ));
  610. Status = RtlCreateSecurityDescriptor (
  611. &SecurityDescriptor,
  612. SECURITY_DESCRIPTOR_REVISION
  613. );
  614. ASSERT( NT_SUCCESS( Status ));
  616. Status = RtlSetDaclSecurityDescriptor(
  617. &SecurityDescriptor,
  618. TRUE,
  619. NewDacl,
  620. FALSE
  621. );
  623. ASSERT( NT_SUCCESS( Status ));
  625. Status = NtSetSecurityObject(
  626. Token,
  627. DACL_SECURITY_INFORMATION,
  628. &SecurityDescriptor
  629. );
  631. ASSERT( NT_SUCCESS( Status ));
  634. Cleanup:
  636. if( fReleaseContextLock )
  637. RtlLeaveCriticalSection(&l_UserCtxtCritSect);
  639. if (ImpersonationToken != NULL)
  640. {
  641. //
  642. // put the thread token back if we were impersonating.
  643. //
  645. SetThreadToken( NULL, ImpersonationToken );
  646. NtClose(ImpersonationToken);
  647. }
  649. if (ThreadTokenUser != NULL) {
  650. DigestFreeMemory( ThreadTokenUser );
  651. }
  653. if (ProcessTokenUser != NULL) {
  654. DigestFreeMemory( ProcessTokenUser );
  655. }
  657. if (ImpersonationTokenUser != NULL) {
  659. DigestFreeMemory( ImpersonationTokenUser );
  660. }
  662. if (NewDacl != NULL) {
  663. DigestFreeMemory( NewDacl );
  664. }
  666. if (ProcessToken != NULL)
  667. {
  668. NtClose(ProcessToken);
  669. }
  671. DebugLog((DEB_TRACE_FUNC, "SspCreateTokenDacl: Leaving Token is 0x%x\n", Token));
  673. return( Status );
  674. }