archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 75c48ba87f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75c48ba87f'
${ noResults }
windows-xp/Source/XPSP1/NT/admin/admt/common/commonlib/isadmin.cpp

313 lines
9.6 KiB
Raw Normal View History

Add source files
4 years ago
  1. //#pragma title( "IsAdmin.cpp - Determine if user is administrator" )
  2. /*
  3. Copyright (c) 1995-1998, Mission Critical Software, Inc. All rights reserved.
  4. ===============================================================================
  5. Module - IsAdmin.cpp
  6. System - Common
  7. Author - Rich Denham
  8. Created - 1996-06-04
  9. Description - Determine if user is administrator (local or remote)
  10. Updates -
  11. ===============================================================================
  12. */
  14. #ifdef USE_STDAFX
  15. # include "stdafx.h"
  16. #else
  17. # include <windows.h>
  18. #endif
  20. #include <lm.h>
  22. #include "Common.hpp"
  23. #include "UString.hpp"
  24. #include "IsAdmin.hpp"
  27. namespace
  28. {
  30. #ifndef SECURITY_MAX_SID_SIZE
  31. #define SECURITY_MAX_SID_SIZE (sizeof(SID) - sizeof(DWORD) + (SID_MAX_SUB_AUTHORITIES * sizeof(DWORD)))
  32. #endif
  33. const DWORD MAX_VERSION_2_ACE_SIZE = sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + SECURITY_MAX_SID_SIZE;
  36. // GetEffectiveToken
  37. //
  38. // Brown, Keith. 2000. Programming Windows Security. Reading MA: Addison-Wesley
  39. // Pages 120-121
  41. HANDLE __stdcall GetEffectiveToken(DWORD dwDesiredAccess, BOOL bImpersonation, SECURITY_IMPERSONATION_LEVEL silLevel)
  42. {
  43. HANDLE hToken = 0;
  45. if (!OpenThreadToken(GetCurrentThread(), dwDesiredAccess, TRUE, &hToken))
  46. {
  47. if (GetLastError() == ERROR_NO_TOKEN)
  48. {
  49. DWORD dwAccess = bImpersonation ? TOKEN_DUPLICATE : dwDesiredAccess;
  51. if (OpenProcessToken(GetCurrentProcess(), dwAccess, &hToken))
  52. {
  53. if (bImpersonation)
  54. {
  55. // convert primary to impersonation token
  57. HANDLE hImpersonationToken = 0;
  58. DuplicateTokenEx(hToken, dwDesiredAccess, 0, silLevel, TokenImpersonation, &hImpersonationToken);
  59. CloseHandle(hToken);
  60. hToken = hImpersonationToken;
  61. }
  62. }
  63. }
  64. }
  66. return hToken;
  67. }
  70. // CheckTokenMembership
  71. //
  72. // Brown, Keith. 2000. Programming Windows Security. Reading MA: Addison-Wesley
  73. // Pages 130-131
  75. //#if (_WIN32_WINNT < 0x0500)
  76. #if TRUE // always use our function
  77. BOOL WINAPI AdmtCheckTokenMembership(HANDLE hToken, PSID pSid, PBOOL pbIsMember)
  78. {
  79. // if no token was passed, CTM uses the effective
  80. // security context (the thread or process token)
  82. if (!hToken)
  83. {
  84. hToken = GetEffectiveToken(TOKEN_QUERY, TRUE, SecurityIdentification);
  85. }
  87. if (!hToken)
  88. {
  89. return FALSE;
  90. }
  92. // create a security descriptor that grants a
  93. // specific permission only to the specified SID
  95. BYTE dacl[sizeof ACL + MAX_VERSION_2_ACE_SIZE];
  96. ACL* pdacl = (ACL*)dacl;
  97. InitializeAcl(pdacl, sizeof dacl, ACL_REVISION);
  98. AddAccessAllowedAce(pdacl, ACL_REVISION, 1, pSid);
  100. SECURITY_DESCRIPTOR sd;
  101. InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
  102. SID sidWorld = { SID_REVISION, 1, SECURITY_WORLD_SID_AUTHORITY, SECURITY_WORLD_RID };
  103. SetSecurityDescriptorOwner(&sd, &sidWorld, FALSE);
  104. SetSecurityDescriptorGroup(&sd, &sidWorld, FALSE);
  105. SetSecurityDescriptorDacl(&sd, TRUE, pdacl, FALSE);
  107. // now let AccessCheck do all the hard work
  109. GENERIC_MAPPING gm = { 0, 0, 0, 1 };
  110. PRIVILEGE_SET ps;
  111. DWORD cb = sizeof ps;
  112. DWORD ga;
  114. return AccessCheck(&sd, hToken, 1, &gm, &ps, &cb, &ga, pbIsMember);
  115. }
  116. #else
  117. #define AdmtCheckTokenMembership CheckTokenMembership
  118. #endif
  120. } // namespace
  123. ///////////////////////////////////////////////////////////////////////////////
  124. // Determine if user is administrator on local machine //
  125. ///////////////////////////////////////////////////////////////////////////////
  127. DWORD // ret-OS return code, 0=User is admin
  128. IsAdminLocal()
  129. {
  130. DWORD dwError = NO_ERROR;
  132. // create well known SID Administrators
  134. SID_IDENTIFIER_AUTHORITY siaNtAuthority = SECURITY_NT_AUTHORITY;
  136. PSID psidAdministrators;
  138. BOOL bSid = AllocateAndInitializeSid(
  139. &siaNtAuthority,
  140. 2,
  141. SECURITY_BUILTIN_DOMAIN_RID,
  142. DOMAIN_ALIAS_RID_ADMINS,
  143. 0,
  144. 0,
  145. 0,
  146. 0,
  147. 0,
  148. 0,
  149. &psidAdministrators
  150. );
  152. if (bSid)
  153. {
  154. // check if token membership includes Administrators
  156. BOOL bIsMember;
  158. if (AdmtCheckTokenMembership(0, psidAdministrators, &bIsMember))
  159. {
  160. dwError = bIsMember ? NO_ERROR : ERROR_ACCESS_DENIED;
  161. }
  162. else
  163. {
  164. dwError = GetLastError();
  165. }
  167. FreeSid(psidAdministrators);
  168. }
  169. else
  170. {
  171. dwError = GetLastError();
  172. }
  174. return dwError;
  175. }
  177. ///////////////////////////////////////////////////////////////////////////////
  178. // Determine if user is administrator on remote machine //
  179. ///////////////////////////////////////////////////////////////////////////////
  181. DWORD // ret-OS return code, 0=User is admin
  182. IsAdminRemote(
  183. WCHAR const * pMachine // in -\\machine name
  184. )
  185. {
  186. DWORD osRc; // OS return code
  187. HANDLE hToken=INVALID_HANDLE_VALUE; // process token
  188. BYTE bufTokenGroups[10000]; // token group information
  189. DWORD lenTokenGroups; // returned length of token group information
  190. BYTE bufTokenUser[1000];
  191. DWORD lenTokenUser;
  192. // SID_IDENTIFIER_AUTHORITY siaNtAuthority = SECURITY_NT_AUTHORITY;
  193. PTOKEN_GROUPS ptgGroups = (PTOKEN_GROUPS) bufTokenGroups;
  194. PTOKEN_USER ptUser = (PTOKEN_USER)bufTokenUser;
  195. // DWORD iGroup; // group number index
  196. LPLOCALGROUP_MEMBERS_INFO_0 pBuf = NULL;
  197. DWORD dwPrefMaxLen = 255;
  198. DWORD dwEntriesRead = 0;
  199. DWORD dwTotalEntries = 0;
  200. DWORD_PTR dwResumeHandle = 0;
  201. // DWORD dwTotalCount = 0;
  202. // DWORD rcOs = 0;
  203. WCHAR grpName[255];
  204. PSID pSid;
  205. SID_NAME_USE use;
  206. DWORD dwNameLen = 255;
  207. DWORD dwDomLen = 255;
  208. WCHAR domain[255];
  209. SID_IDENTIFIER_AUTHORITY sia = SECURITY_NT_AUTHORITY;
  210. // SID_IDENTIFIER_AUTHORITY creatorIA = SECURITY_CREATOR_SID_AUTHORITY;
  211. BOOL bIsAdmin = FALSE;
  213. if ( OpenProcessToken( GetCurrentProcess(), TOKEN_READ, &hToken ) )
  214. {
  215. if ( GetTokenInformation( hToken, TokenGroups, bufTokenGroups, sizeof bufTokenGroups, &lenTokenGroups ) )
  216. {
  217. if ( GetTokenInformation(hToken,TokenUser,bufTokenUser,sizeof bufTokenUser,&lenTokenUser) )
  218. {
  219. // build the Administrators SID
  220. if ( AllocateAndInitializeSid(
  221. &sia,
  222. 2,
  223. SECURITY_BUILTIN_DOMAIN_RID,
  224. DOMAIN_ALIAS_RID_ADMINS,
  225. 0, 0, 0, 0, 0, 0,
  226. &pSid
  227. ) )
  228. {
  229. // and look up the administrators group on the specified machine
  230. if ( LookupAccountSid(pMachine, pSid, grpName, &dwNameLen, domain, &dwDomLen, &use) )
  231. {
  232. /*
  233. // enumerate the contents of the administrators group on the specified machine
  234. do
  235. {
  236. osRc = NetLocalGroupGetMembers(
  237. const_cast<WCHAR*>(pMachine),
  238. grpName,
  239. 0,
  240. (LPBYTE*)&pBuf,
  241. dwPrefMaxLen,
  242. &dwEntriesRead,
  243. &dwTotalEntries,
  244. &dwResumeHandle
  245. );
  246. if ( !osRc || osRc == ERROR_MORE_DATA )
  247. {
  248. for ( UINT i = 0 ; i < dwEntriesRead ; i++ )
  249. {
  250. // for each SID in the administrators group, see if that SID is in our token
  251. if ( EqualSid( pBuf[i].lgrmi0_sid , ptUser->User.Sid) )
  252. {
  253. bIsAdmin = TRUE;
  254. break;
  255. }
  256. for ( iGroup = 0;
  257. iGroup < ptgGroups->GroupCount;
  258. iGroup++ )
  259. {
  261. if ( EqualSid( pBuf[i].lgrmi0_sid,ptgGroups->Groups[iGroup].Sid ) )
  262. {
  263. osRc = 0;
  264. bIsAdmin = TRUE;
  265. break;
  266. }
  267. }
  268. if ( bIsAdmin )
  269. break;
  270. }
  271. }
  272. if ( pBuf )
  273. NetApiBufferFree(pBuf);
  274. if ( bIsAdmin )
  275. break;
  276. } while ( osRc == ERROR_MORE_DATA );
  277. */
  278. // remove explict administrator check
  279. bIsAdmin = TRUE;
  280. }
  281. else
  282. osRc = GetLastError();
  283. FreeSid(pSid);
  284. }
  285. else
  286. osRc = GetLastError();
  287. }
  288. else
  289. osRc = GetLastError();
  290. }
  291. else
  292. osRc = GetLastError();
  293. }
  294. else
  295. osRc = GetLastError();
  297. if ( hToken != INVALID_HANDLE_VALUE )
  298. {
  299. CloseHandle( hToken );
  300. hToken = INVALID_HANDLE_VALUE;
  301. }
  304. if ( bIsAdmin )
  305. osRc = 0;
  306. else
  307. if ( ! osRc )
  308. osRc = ERROR_ACCESS_DENIED;
  310. return osRc;
  311. }
  313. // IsAdmin.cpp - end of file