archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/inetsrv/query/ntciutil/wsecstor.cxx

436 lines
13 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1997 - 1998.
  5. //
  6. // File: WSecStor.cxx
  7. //
  8. // Contents: Wrapper around the security store
  9. //
  10. // Classes: CSecurityStoreWrapper
  11. //
  12. // History: 7-14-97 srikants Created
  13. //
  14. //----------------------------------------------------------------------------
  16. #include <pch.cxx>
  17. #pragma hdrstop
  19. #include "wsecstor.hxx"
  20. #include <imprsnat.hxx>
  22. //+---------------------------------------------------------------------------
  23. //
  24. // Member: CSecurityStoreWrapper::CSecurityStoreWrapper
  25. //
  26. // Synopsis: Constructor of the security store wrapper. It stores the
  27. // ICiCAdviseStatus interface for use later during initialization
  28. // save and load.
  29. //
  30. // Arguments: [pAdviseStatus] - The ICiCAdviseStatus interface needed by
  31. // the CiStorage object.
  32. // [cMegToLeaveOnDisk] - Megabytes not to write to on disk
  33. //
  34. // History: 7-20-97 srikants Created
  35. // 01-Nov-98 KLam Added cMegToLeaveOnDisk to constructor
  36. //
  37. //----------------------------------------------------------------------------
  39. CSecurityStoreWrapper::CSecurityStoreWrapper( ICiCAdviseStatus *pAdviseStatus,
  40. ULONG cMegToLeaveOnDisk )
  41. :_lRefCount(1),
  42. _cMegToLeaveOnDisk( cMegToLeaveOnDisk )
  43. {
  44. Win4Assert( 0 != pAdviseStatus );
  45. pAdviseStatus->AddRef();
  46. _xAdviseStatus.Set( pAdviseStatus );
  47. }
  49. CSecurityStoreWrapper::~CSecurityStoreWrapper()
  50. {
  51. Win4Assert( 0 == _lRefCount );
  52. }
  55. //+---------------------------------------------------------------------------
  56. //
  57. // Member: CSecurityStoreWrapper::Init
  58. //
  59. // Synopsis: Initializes the security store using the given directory.
  60. // If a security store already exists in the directory, then
  61. // it is loaded. Otherwise, a new empty security store is
  62. // created.
  63. //
  64. // Arguments: [pwszDirectory] - Directory from which to load the security
  65. // table.
  66. //
  67. // Returns: S_OK if successful; Other error code as appropriate.
  68. //
  69. // Notes: Assumed to be operating in the system security context
  70. //
  71. // History: 7-20-97 srikants Created
  72. // 01-Nov-98 KLam Pass _cMegToLeaveOnDisk to CiStorage
  73. //
  74. //----------------------------------------------------------------------------
  76. SCODE CSecurityStoreWrapper::Init( WCHAR const * pwszDirectory )
  77. {
  79. if ( !_xStorage.IsNull() )
  80. return CI_E_ALREADY_INITIALIZED;
  82. SCODE sc = S_OK;
  84. TRY
  85. {
  86. XPtr<CiStorage> xStorage(new CiStorage( pwszDirectory,
  87. _xAdviseStatus.GetReference(),
  88. _cMegToLeaveOnDisk ) );
  90. _secStore.Init( xStorage.GetPointer() );
  91. _xStorage.Set( xStorage.Acquire() );
  92. }
  93. CATCH( CException, e )
  94. {
  95. sc = e.GetErrorCode();
  96. ciDebugOut(( DEB_ERROR,
  97. "Exception 0x%X caught in CSecurityStoreWrapper::Load\n",sc ));
  98. }
  99. END_CATCH
  101. return sc;
  102. }
  104. //+---------------------------------------------------------------------------
  105. //
  106. // Member: CSecurityStoreWrapper::Load
  107. //
  108. // Synopsis: Loads the data that was produced using a "Save". The files
  109. // specified in the pFileList are moved/copied to the target
  110. // directory. Note that the security table is not initialized
  111. // as a result of calling Load. An explicit Init must be called
  112. // after the Load to cause the new files to be used by the
  113. // security store.
  114. //
  115. // Arguments: [pwszDestDir] - Destination directory in which to
  116. // copy/move the files.
  117. // [pFileList] - List of files that must be loaded.
  118. // [pProgressNotify] - Progress notification (optional)
  119. // [fCallerOwnsFiles] - Set to TRUE if the caller owns files.
  120. // If set to FALSE, the caller expects us to cleanup the files
  121. // before returning.
  122. // [pfAbort] - Flag set to TRUE if the load must be
  123. // aborted prematurely.
  124. //
  125. // Returns: S_OK if successful. Other ole error code if there is an error.
  126. //
  127. // Notes: Assumed to be operating in the system security context
  128. //
  129. // History: 7-20-97 srikants Created
  130. // 01-Nov-98 KLam Passed _cMegToLeaveOnDisk to CiStorage
  131. //
  132. //----------------------------------------------------------------------------
  134. SCODE CSecurityStoreWrapper::Load(
  135. WCHAR const * pwszDestDir, // dest dir
  136. IEnumString * pFileList, // list of files to copy
  137. IProgressNotify * pProgressNotify,
  138. BOOL fCallerOwnsFiles,
  139. BOOL * pfAbort )
  140. {
  141. SCODE sc = S_OK;
  143. TRY
  144. {
  145. XPtr<CiStorage> xStorage(new CiStorage( pwszDestDir,
  146. _xAdviseStatus.GetReference(),
  147. _cMegToLeaveOnDisk ) );
  149. _secStore.Load( xStorage.GetPointer(),
  150. pFileList,
  151. pProgressNotify,
  152. fCallerOwnsFiles,
  153. pfAbort);
  154. }
  155. CATCH( CException, e )
  156. {
  157. sc = e.GetErrorCode();
  158. ciDebugOut((DEB_ERROR, "CSecurityStoreWrapper::Load caught exception 0x%X\n", sc));
  159. }
  160. END_CATCH
  162. return sc;
  164. }
  166. //+---------------------------------------------------------------------------
  167. //
  168. // Member: CSecurityStoreWrapper::Save
  169. //
  170. // Synopsis: Saves the current security table to the specified target
  171. // directory.
  172. //
  173. // Arguments: [pwszSaveDir] - Directory in which to serialize the
  174. // security store.
  175. // [pfAbort] - Flag to abort the save process prematurely.
  176. // [ppFileList] - If successful, on output will have the
  177. // list of files serialized.
  178. // [pProgress] - (optional) Progress Notification.
  179. //
  180. // Returns: S_OK if successful; Other error code as appropriate.
  181. //
  182. // Notes: Assumed to be operating in the system security context
  183. //
  184. // History: 7-20-97 srikants Created
  185. // 01-Nov-98 KLam Passed _cMegToLeaveOnDisk to CiStorage
  186. //
  187. //----------------------------------------------------------------------------
  189. SCODE
  190. CSecurityStoreWrapper::Save( WCHAR const * pwszSaveDir,
  191. BOOL * pfAbort,
  192. IEnumString ** ppFileList,
  193. IProgressNotify * pProgress )
  194. {
  195. if ( pwszSaveDir == 0 || pfAbort == 0 || ppFileList == 0 )
  196. return E_POINTER;
  198. SCODE sc= S_OK;
  200. TRY
  201. {
  202. XPtr<CiStorage> xStorage(
  203. new CiStorage( pwszSaveDir,
  204. _xAdviseStatus.GetReference(),
  205. _cMegToLeaveOnDisk ) );
  207. _secStore.Save( pProgress,
  208. *pfAbort,
  209. xStorage.GetReference(),
  210. ppFileList );
  211. }
  212. CATCH( CException, e )
  213. {
  214. sc = e.GetErrorCode();
  215. }
  216. END_CATCH
  218. return sc;
  219. }
  221. //+---------------------------------------------------------------------------
  222. //
  223. // Member: CSecurityStoreWrapper::Empty
  224. //
  225. // Synopsis: Empties the contents of the security store.
  226. //
  227. // Notes: Assumed to be operating in the system security context
  228. //
  229. // History: 7-20-97 srikants Created
  230. //
  231. //----------------------------------------------------------------------------
  233. SCODE
  234. CSecurityStoreWrapper::Empty()
  235. {
  236. SCODE sc = S_OK;
  238. TRY
  239. {
  240. _secStore.Empty();
  241. }
  242. CATCH( CException, e )
  243. {
  244. sc = e.GetErrorCode();
  245. ciDebugOut(( DEB_ERROR, "SecurityStoreWrapper::Empty exception 0x%X\n", sc ));
  246. }
  247. END_CATCH
  249. return sc;
  250. }
  252. //+---------------------------------------------------------------------------
  253. //
  254. // Member: CSecurityStoreWrapper::LookupSDID
  255. //
  256. // Synopsis: Looks up the SDID for the given security descriptor. If one
  257. // doesn't exist, a new SDID will be created for the SD.
  258. //
  259. // Arguments: [pSD] - Security descriptor.
  260. // [cbSD] - Length of the security descriptor.
  261. // [sdid] - [out] SDID of the security descriptor.
  262. //
  263. // Returns: S_OK if successful; Other error code as appropriate.
  264. //
  265. // History: 7-20-97 srikants Created
  266. //
  267. //----------------------------------------------------------------------------
  269. SCODE
  270. CSecurityStoreWrapper::LookupSDID( PSECURITY_DESCRIPTOR pSD,
  271. ULONG cbSD,
  272. SDID & sdid )
  273. {
  274. Win4Assert( !_xStorage.IsNull() );
  276. SCODE sc = S_OK;
  278. TRY
  279. {
  280. CImpersonateSystem impersonate;
  282. sdid = _secStore.LookupSDID( pSD, cbSD );
  283. }
  284. CATCH( CException, e )
  285. {
  286. sc = e.GetErrorCode();
  287. ciDebugOut(( DEB_ERROR, "Exception 0x%X in LookupSDID\n", sc ));
  288. }
  289. END_CATCH
  291. return sc;
  292. }
  294. //+---------------------------------------------------------------------------
  295. //
  296. // Member: CSecurityStoreWrapper::AccessCheck
  297. //
  298. // Synopsis: Verifies if the given token has the requested access to the
  299. // document with the given SDID.
  300. //
  301. // Arguments: [sdid] - The SDID to check security against.
  302. // [hToken] - The security token against which to check the
  303. // security.
  304. // [am] - Access mode requested.
  305. // [fGranted] - [out] Set to TRUE if access is granted. FALSE if
  306. // access is granted.
  307. // This parameter is valid only if this method returns success.
  308. //
  309. // Returns: S_OK if successful;
  310. // CI_E_NOT_FOUND if the given SDID not a valid one.
  311. // Other error code as appropriate.
  312. //
  313. // History: 7-20-97 srikants Created
  314. //
  315. //----------------------------------------------------------------------------
  317. SCODE
  318. CSecurityStoreWrapper::AccessCheck( SDID sdid,
  319. HANDLE hToken,
  320. ACCESS_MASK am,
  321. BOOL & fGranted )
  322. {
  323. Win4Assert( !_xStorage.IsNull() );
  325. SCODE sc = S_OK;
  327. TRY
  328. {
  329. CImpersonateSystem impersonate;
  331. if ( !_secStore.AccessCheck( sdid, hToken, am, fGranted ) )
  332. {
  333. sc = CI_E_NOT_FOUND;
  334. }
  335. }
  336. CATCH( CException, e )
  337. {
  338. sc = e.GetErrorCode();
  339. }
  340. END_CATCH
  342. return sc;
  343. }
  346. //+---------------------------------------------------------------------------
  347. //
  348. // Member: CSecurityStoreWrapper::GetSecurityDescriptor
  349. //
  350. // Synopsis: Obtains the security descriptor of the given SDID.
  351. //
  352. // Arguments: [sdid] - SDID whose Security Descriptor is needed.
  353. // [psd] - Pointer to the buffer in which to write the
  354. // security desciptor.
  355. // [cbSdIn] - Number of bytes in the psd buffer.
  356. // [cbSdOut] - Number of bytes in the security descriptor.
  357. //
  358. // Returns: S_OK if successful;
  359. // CI_E_NOT_FOUND if the given SDID is an invalid SDID.
  360. // S_FALSE if the sdid is found but the buffer is not big enough
  361. // to hold the security descriptor. cbSdOut will have the size
  362. // of the buffer needed to hold the security descriptor.
  363. //
  364. // History: 7-20-97 srikants Created
  365. //
  366. //----------------------------------------------------------------------------
  368. SCODE
  369. CSecurityStoreWrapper::GetSecurityDescriptor( SDID sdid,
  370. PSECURITY_DESCRIPTOR psd,
  371. ULONG cbSdIn,
  372. ULONG & cbSdOut )
  373. {
  374. Win4Assert( !_xStorage.IsNull() );
  376. SCODE sc = S_OK;
  378. TRY
  379. {
  380. CImpersonateSystem impersonate;
  382. sc = _secStore.GetSecurityDescriptor( sdid, psd, cbSdIn, cbSdOut );
  383. }
  384. CATCH( CException, e )
  385. {
  386. sc = e.GetErrorCode();
  387. }
  388. END_CATCH
  390. return sc;
  391. }
  394. //+---------------------------------------------------------------------------
  395. //
  396. // Function: CreateSecurityStore
  397. //
  398. // Synopsis: Creates the security store object and returns its pointer.
  399. //
  400. // Arguments: [ppSecurityStore] - Out parameter to hold the security store
  401. // pointer.
  402. // [cMegToLeaveOnDisk] - Number of megabytes to leave on disk
  403. //
  404. // Returns: S_OK if successful;
  405. // Other error code as appropriate.
  406. //
  407. // History: 7-14-97 srikants Created
  408. // 02-Nov-98 KLam Added cbDiskSpaceToLeave parameter
  409. //
  410. //----------------------------------------------------------------------------
  412. SCODE CreateSecurityStore( ICiCAdviseStatus * pAdviseStatus,
  413. PSecurityStore ** ppSecurityStore,
  414. ULONG cMegToLeaveOnDisk )
  415. {
  416. if ( 0 == ppSecurityStore)
  417. return E_POINTER;
  419. *ppSecurityStore = 0;
  421. SCODE sc = S_OK;
  423. TRY
  424. {
  425. *ppSecurityStore = new CSecurityStoreWrapper( pAdviseStatus, cMegToLeaveOnDisk );
  426. }
  427. CATCH( CException, e)
  428. {
  429. sc = e.GetErrorCode();
  430. ciDebugOut((DEB_ERROR, "CreateSecurityStore caught exception 0x%X\n", sc));
  431. }
  432. END_CATCH
  434. return sc;
  435. }