archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 75c48ba87f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75c48ba87f'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/azroles/context.cxx

288 lines
6.6 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 2001 Microsoft Corporation
  5. Module Name:
  7. context.cxx
  9. Abstract:
  11. Routines implementing the client context API
  13. Author:
  15. Cliff Van Dyke (cliffv) 22-May-2001
  17. --*/
  19. #include "pch.hxx"
  21. DWORD
  22. AzpClientContextInit(
  23. IN PGENERIC_OBJECT ParentGenericObject,
  24. IN PGENERIC_OBJECT ChildGenericObject
  25. )
  26. /*++
  28. Routine Description:
  30. This routine is a worker routine for AzInitializeClientContextFrom*. It does any object specific
  31. initialization that needs to be done.
  33. On entry, AzGlResource must be locked exclusively.
  35. Arguments:
  37. ParentGenericObject - Specifies the parent object to add the child object onto.
  38. The reference count has been incremented on this object.
  40. ChildGenericObject - Specifies the newly allocated child object.
  41. The reference count has been incremented on this object.
  43. Return Value:
  45. NO_ERROR - The operation was successful
  46. ERROR_NOT_ENOUGH_MEMORY - not enough memory
  47. Other exception status codes
  49. --*/
  50. {
  51. PAZP_CLIENT_CONTEXT ClientContext = (PAZP_CLIENT_CONTEXT) ChildGenericObject;
  52. UNREFERENCED_PARAMETER( ParentGenericObject );
  54. //
  55. // Initialization
  56. //
  58. ASSERT( AzpIsLockedExclusive( &AzGlResource ) );
  60. //
  61. // ClientContexts are referenced by "Applications"
  62. // Let the generic object manager know all of the lists we support
  63. // This is a "back" link so we don't need to define which applications can reference this client context.
  64. //
  66. ChildGenericObject->GenericObjectLists = &ClientContext->backApplications;
  68. // Back link to applications
  69. ObInitObjectList( &ClientContext->backApplications,
  70. NULL,
  71. TRUE, // Backward link
  72. 0, // No link pair id
  73. NULL,
  74. NULL,
  75. NULL );
  78. return NO_ERROR;
  79. }
  82. VOID
  83. AzpClientContextFree(
  84. IN PGENERIC_OBJECT GenericObject
  85. )
  86. /*++
  88. Routine Description:
  90. This routine is a worker routine for ClientContext object free. It does any object specific
  91. cleanup that needs to be done.
  93. On entry, AzGlResource must be locked exclusively.
  95. Arguments:
  97. GenericObject - Specifies a pointer to the object to be deleted.
  99. Return Value:
  101. None
  103. --*/
  104. {
  105. PAZP_CLIENT_CONTEXT ClientContext = (PAZP_CLIENT_CONTEXT) GenericObject;
  107. //
  108. // Initialization
  109. //
  111. ASSERT( AzpIsLockedExclusive( &AzGlResource ) );
  113. //
  114. // Free any local strings
  115. //
  118. //
  119. // Free any authz context
  120. //
  122. if ( ClientContext->AuthzClientContext != NULL ) {
  123. if ( !AuthzFreeContext( ClientContext->AuthzClientContext ) ) {
  124. ASSERT( FALSE );
  125. }
  126. }
  129. }
  132. DWORD
  133. AzpClientContextGetProperty(
  134. IN PGENERIC_OBJECT GenericObject,
  135. IN ULONG PropertyId,
  136. OUT PVOID *PropertyValue
  137. )
  138. /*++
  140. Routine Description:
  142. This routine is a worker routine for AzClientContextGetProperty. It does any object specific
  143. property gets.
  145. On entry, AzGlResource must be locked shared.
  147. Arguments:
  149. GenericObject - Specifies a pointer to the object to be queried
  151. PropertyId - Specifies which property to return.
  153. PropertyValue - Specifies a pointer to return the property in.
  154. The returned pointer must be freed using AzFreeMemory.
  155. The returned value and type depends in PropertyId. The valid values are:
  157. AZ_PROP_CLIENT_CONTEXT_TYPE PULONG - ClientContext type of the group
  158. AZ_PROP_CLIENT_CONTEXT_APP_MEMBERS AZ_STRING_ARRAY - Application groups that are members of this group
  159. ???
  161. Return Value:
  163. Status of the operation
  165. --*/
  166. {
  167. DWORD WinStatus = NO_ERROR;
  168. PAZP_CLIENT_CONTEXT ClientContext = (PAZP_CLIENT_CONTEXT) GenericObject;
  170. //
  171. // Initialization
  172. //
  174. ASSERT( AzpIsLockedShared( &AzGlResource ) );
  177. //
  178. // Return any object specific attribute
  179. //
  180. //
  181. switch ( PropertyId ) {
  182. case 1:
  183. UNREFERENCED_PARAMETER( PropertyValue );
  184. UNREFERENCED_PARAMETER( ClientContext );
  185. break;
  186. default:
  187. AzPrint(( AZD_INVPARM, "AzpClientContextGetProperty: invalid opcode\n", PropertyId ));
  188. WinStatus = ERROR_INVALID_PARAMETER;
  189. break;
  190. }
  192. return WinStatus;
  193. }
  197. DWORD
  198. AzInitializeContextFromToken(
  199. IN AZ_HANDLE ApplicationHandle,
  200. IN HANDLE TokenHandle,
  201. IN DWORD Reserved,
  202. OUT PAZ_HANDLE ClientContextHandle
  203. )
  204. /*++
  206. Routine Description:
  208. This routine is a worker routine for AzGroupCreate. It does any object specific
  209. initialization that needs to be done.
  211. On entry, AzGlResource must be locked exclusively.
  213. Arguments:
  215. ApplicationHandle - Specifies a handle to the application object that
  216. is this client context applies to.
  218. TokenHandle - Handle to the NT token describing the cleint.
  219. NULL implies the impersonation token of the caller's thread.
  220. The token mast have been opened for TOKEN_QUERY, TOKEN_IMPERSONATION, and
  221. TOKEN_DUPLICATE access.
  223. Reserved - Reserved. Must by zero.
  225. ClientContextHandle - Return a handle to the client context
  226. The caller must close this handle by calling AzCloseHandle.
  228. Return Value:
  230. NO_ERROR - The operation was successful
  231. ERROR_NOT_ENOUGH_MEMORY - not enough memory
  232. Other exception status codes
  234. --*/
  235. {
  236. DWORD WinStatus;
  237. LUID Identifier = {0};
  238. PAZP_CLIENT_CONTEXT ClientContext = NULL;
  240. //
  241. // Call the common routine to create our client context object
  242. //
  244. WinStatus = ObCommonCreateObject(
  245. (PGENERIC_OBJECT) ApplicationHandle,
  246. OBJECT_TYPE_APPLICATION,
  247. &(((PAZP_APPLICATION)ApplicationHandle)->ClientContexts),
  248. OBJECT_TYPE_CLIENT_CONTEXT,
  249. NULL,
  250. Reserved,
  251. (PGENERIC_OBJECT *) &ClientContext );
  253. if ( WinStatus != NO_ERROR ) {
  254. goto Cleanup;
  255. }
  257. //
  258. // Initialize Authz
  259. //
  261. if ( !AuthzInitializeContextFromToken(
  262. 0, // No Flags
  263. TokenHandle,
  264. (((PAZP_APPLICATION)ApplicationHandle)->AuthzResourceManager),
  265. NULL, // No expiration time
  266. Identifier,
  267. NULL, // No dynamic group args
  268. &ClientContext->AuthzClientContext ) ) {
  270. WinStatus = GetLastError();
  271. goto Cleanup;
  272. }
  275. WinStatus = NO_ERROR;
  276. *ClientContextHandle = ClientContext;
  277. ClientContext = NULL;
  279. //
  280. // Free any local resources
  281. //
  282. Cleanup:
  283. if ( ClientContext != NULL ) {
  284. AzCloseHandle( ClientContext, 0 );
  285. }
  287. return WinStatus;
  288. }