|
|
/*++
Copyright (c) 1996 Microsoft Corporation
Module Name:
security.c
Abstract:
This module provides security for the service.
Author:
Wesley Witt (wesw) 2-Dec-1996
Revision History:
--*/
#include "faxsvc.h"
#pragma hdrstop
//
// do this to avoid dragging in ntrtl.h since we already include some stuff
// from ntrtl.h
//
NTSYSAPIBOOLEANNTAPIRtlValidRelativeSecurityDescriptor ( IN PSECURITY_DESCRIPTOR SecurityDescriptorInput, IN ULONG SecurityDescriptorLength, IN SECURITY_INFORMATION RequiredInformation );
//
// Number of ACEs currently defined for fax.
//
#define FAX_ACE_COUNT 26
typedef struct _FAX_SECURITY { LPCTSTR RegKey; PSECURITY_DESCRIPTOR SecurityDescriptor; PGENERIC_MAPPING GenericMapping; DWORD AceCount; DWORD AceIdx[FAX_ACE_COUNT]; DWORD StringResource; // Resource Id of friendly name
} FAX_SECURITY, *PFAX_SECURITY;
typedef struct _ACE_DATA { ACCESS_MASK AccessMask; PSID *Sid; UCHAR AceType; UCHAR AceFlags;} ACE_DATA, *PACE_DATA;
typedef struct _ACE { ACE_HEADER Header; ACCESS_MASK Mask; //
// The SID follows in the buffer
//
} ACE, *PACE;
//
// Universal well known SIDs
//
PSID NullSid;PSID WorldSid;PSID LocalSid;PSID CreatorOwnerSid;PSID CreatorGroupSid;
//
// SIDs defined by NT
//
PSID DialupSid;PSID NetworkSid;PSID BatchSid;PSID InteractiveSid;PSID ServiceSid;PSID LocalSystemSid;PSID AliasAdminsSid;PSID AliasUsersSid;PSID AliasGuestsSid;PSID AliasPowerUsersSid;PSID AliasAccountOpsSid;PSID AliasSystemOpsSid;PSID AliasPrintOpsSid;PSID AliasBackupOpsSid;PSID AliasReplicatorSid;
// Note - Georgeje
//
// The number of security descriptors has been reduced from six
// to one. The tables in security.c have been left in place in
// case we need to add more security descriptos later.
GENERIC_MAPPING FaxGenericMapping[] ={ { STANDARD_RIGHTS_READ, STANDARD_RIGHTS_WRITE, STANDARD_RIGHTS_EXECUTE, STANDARD_RIGHTS_REQUIRED }};
//
// Indexes for the ACE Data Array:
//
// ACE 0 - unused
// ACE 1 - ADMIN Full
// ACE 2 - ADMIN Read
// ACE 3 - ADMIN Read Write
// ACE 4 - ADMIN Read Write Delete
// ACE 5 - Creator Full
// ACE 6 - Creator Read Write
// ACE 7 - World Full
// ACE 8 - World Read
// ACE 9 - World Read Write
// ACE 10 - World Read Write Delete
// ACE 11 - PowerUser Full
// ACE 12 - PowerUser Read Write
// ACE 13 - PowerUser Read Write Delete
// ACE 14 - System Ops Full
// ACE 15 - System Ops Read Write
// ACE 16 - System Ops Read Write Delete
// ACE 17 - System Full
// ACE 18 - System Read Write
// ACE 19 - System Read
// ACE 20 - ADMIN Read Write Execute
// ACE 21 - Interactive User Full
// ACE 22 - Interactive User Read
// ACE 23 - Interactive User Read Write
// ACE 24 - Interactive User Read Write Delete
// ACE 25 - Normal Users Read / Write
//
FAX_SECURITY FaxSecurity[] ={ { REGVAL_CONFIG_SET, NULL, &FaxGenericMapping[0], 5, {1,5,9,11,17}, IDS_SET_CONFIG }};
#define FaxSecurityCount (sizeof(FaxSecurity)/sizeof(FAX_SECURITY))
//
// Array of ACEs to be applied to fax. They will be
// initialized during program startup based on the data in the
// FaxAceDataTable. The index of each element corresponds to the
// ordinals used in the [ACL] section of perms.inf.
//
PACE AcesForFax[FAX_ACE_COUNT];
//
// Array that contains the size of each ACE in the
// array AceSizesForFax. These sizes are needed
// in order to allocate a buffer of the right size
// when we build an ACL.
//
ULONG AceSizesForFax[FAX_ACE_COUNT];
//
// Table describing the data to put into each ACE for fax.
//
// This table will be read during initialization and used to construct a
// series of ACEs. The index of each ACE in the FaxAces array defined below
// corresponds to fax ordinals used in the ACL section of perms.inf
//
ACE_DATA AceDataTableForFax[FAX_ACE_COUNT] = {
//
// Index 0 is unused
//
{ 0,NULL,0,0 },
//
//
// ACE 1 - ADMIN Full
// (for fax)
//
{ FAX_ALL_ACCESS, &AliasAdminsSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 2 - ADMIN Read
// (for fax)
//
{ FAX_READ, &AliasAdminsSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 3 - ADMIN Read Write
// (for fax)
//
{ FAX_READ | FAX_WRITE, &AliasAdminsSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 4 - ADMIN Read Write Delete
// (for fax)
//
{ FAX_READ | FAX_WRITE | FAX_JOB_MANAGE, &AliasAdminsSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 5 - Creator Full
// (for fax)
//
{ FAX_ALL_ACCESS, &CreatorOwnerSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 6 - Creator Read Write
// (for fax)
//
{ FAX_READ | FAX_WRITE, &CreatorOwnerSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 7 - World Full
// (for fax)
//
{ FAX_ALL_ACCESS, &WorldSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 8 - World Read
// (for fax)
//
{ FAX_READ, &WorldSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 9 - World Read Write
// (for fax)
//
{ FAX_READ | FAX_WRITE, &WorldSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 10 - World Read Write Delete
// (for fax)
//
{ FAX_READ | FAX_WRITE | FAX_JOB_MANAGE, &WorldSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 11 - PowerUser Full
// (for fax)
//
{ FAX_ALL_ACCESS, &AliasPowerUsersSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 12 - PowerUser Read Write
// (for fax)
//
{ FAX_READ | FAX_WRITE, &AliasPowerUsersSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 13 - PowerUser Read Write Delete
// (for fax)
//
{ FAX_READ | FAX_WRITE | FAX_JOB_MANAGE, &AliasPowerUsersSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 14 - System Ops Full
// (for fax)
//
{ FAX_ALL_ACCESS, &AliasSystemOpsSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 15 - System Ops Read Write
// (for fax)
//
{ FAX_READ | FAX_WRITE, &AliasSystemOpsSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 16 - System Ops Read Write Delete
// (for fax)
//
{ FAX_READ | FAX_WRITE | FAX_JOB_MANAGE, &AliasSystemOpsSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 17 - System Full
// (for fax)
//
{ FAX_ALL_ACCESS, &LocalSystemSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 18 - System Read Write
// (for fax)
//
{ FAX_READ | FAX_WRITE| FAX_JOB_MANAGE, &LocalSystemSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 19 - System Read
// (for fax)
//
{ FAX_READ, &LocalSystemSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 20 - ADMIN Read Write Execute
// (for fax)
//
{ FAX_READ | FAX_WRITE, &AliasAdminsSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 21 - Interactive User Full
// (for fax)
//
{ FAX_ALL_ACCESS, &InteractiveSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 22 - Interactive User Read
// (for fax)
//
{ FAX_READ, &InteractiveSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 23 - Interactive User Read Write
// (for fax)
//
{ FAX_READ | FAX_WRITE, &InteractiveSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 24 - Interactive User Read Write Delete
// (for fax)
//
{ FAX_READ | FAX_WRITE| FAX_JOB_MANAGE, &InteractiveSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
//
// ACE 25 - Normal Users Read / Write
// (for fax)
//
{ FAX_READ | FAX_WRITE, &AliasUsersSid, ACCESS_ALLOWED_ACE_TYPE, CONTAINER_INHERIT_ACE },
};
static CRITICAL_SECTION CsSecurity;static BOOL CsInit = FALSE;
DWORDInitializeSids( VOID );
VOIDTearDownSids( VOID );
DWORDInitializeAces( IN OUT PACE_DATA DataTable, IN OUT PACE* AcesArray, IN OUT PULONG AceSizesArray, IN ULONG ArrayCount );
VOIDTearDownAces( IN OUT PACE* AcesArray, IN ULONG ArrayCount );
DWORDInitializeSids( VOID )
/*++
Routine Description:
This function initializes the global variables used by and exposed by security.
Arguments:
None.
Return Value:
Win32 error indicating outcome.
--*/
{ SID_IDENTIFIER_AUTHORITY NullSidAuthority = SECURITY_NULL_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY WorldSidAuthority = SECURITY_WORLD_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY LocalSidAuthority = SECURITY_LOCAL_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = SECURITY_CREATOR_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
BOOL b = TRUE;
//
// Ensure the SIDs are in a well-known state
//
NullSid = NULL; WorldSid = NULL; LocalSid = NULL; CreatorOwnerSid = NULL; CreatorGroupSid = NULL; DialupSid = NULL; NetworkSid = NULL; BatchSid = NULL; InteractiveSid = NULL; ServiceSid = NULL; LocalSystemSid = NULL; AliasAdminsSid = NULL; AliasUsersSid = NULL; AliasGuestsSid = NULL; AliasPowerUsersSid = NULL; AliasAccountOpsSid = NULL; AliasSystemOpsSid = NULL; AliasPrintOpsSid = NULL; AliasBackupOpsSid = NULL; AliasReplicatorSid = NULL;
//
// Allocate and initialize the universal SIDs
//
b = b && AllocateAndInitializeSid( &NullSidAuthority, 1, SECURITY_NULL_RID, 0,0,0,0,0,0,0, &NullSid );
b = b && AllocateAndInitializeSid( &WorldSidAuthority, 1, SECURITY_WORLD_RID, 0,0,0,0,0,0,0, &WorldSid );
b = b && AllocateAndInitializeSid( &LocalSidAuthority, 1, SECURITY_LOCAL_RID, 0,0,0,0,0,0,0, &LocalSid );
b = b && AllocateAndInitializeSid( &CreatorSidAuthority, 1, SECURITY_CREATOR_OWNER_RID, 0,0,0,0,0,0,0, &CreatorOwnerSid );
b = b && AllocateAndInitializeSid( &CreatorSidAuthority, 1, SECURITY_CREATOR_GROUP_RID, 0,0,0,0,0,0,0, &CreatorGroupSid );
//
// Allocate and initialize the NT defined SIDs
//
b = b && AllocateAndInitializeSid( &NtAuthority, 1, SECURITY_DIALUP_RID, 0,0,0,0,0,0,0, &DialupSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 1, SECURITY_NETWORK_RID, 0,0,0,0,0,0,0, &NetworkSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 1, SECURITY_BATCH_RID, 0,0,0,0,0,0,0, &BatchSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 1, SECURITY_INTERACTIVE_RID, 0,0,0,0,0,0,0, &InteractiveSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 1, SECURITY_SERVICE_RID, 0,0,0,0,0,0,0, &ServiceSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 1, SECURITY_LOCAL_SYSTEM_RID, 0,0,0,0,0,0,0, &LocalSystemSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0,0,0,0,0,0, &AliasAdminsSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_USERS, 0,0,0,0,0,0, &AliasUsersSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_GUESTS, 0,0,0,0,0,0, &AliasGuestsSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_POWER_USERS, 0,0,0,0,0,0, &AliasPowerUsersSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ACCOUNT_OPS, 0,0,0,0,0,0, &AliasAccountOpsSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_SYSTEM_OPS, 0,0,0,0,0,0, &AliasSystemOpsSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PRINT_OPS, 0,0,0,0,0,0, &AliasPrintOpsSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_BACKUP_OPS, 0,0,0,0,0,0, &AliasBackupOpsSid );
b = b && AllocateAndInitializeSid( &NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REPLICATOR, 0,0,0,0,0,0, &AliasReplicatorSid );
if(!b) { TearDownSids(); }
return(b ? NO_ERROR : GetLastError() ? GetLastError() : 1 );}
VOIDTearDownSids( VOID ){ if(NullSid) { FreeSid(NullSid); } if(WorldSid) { FreeSid(WorldSid); } if(LocalSid) { FreeSid(LocalSid); } if(CreatorOwnerSid) { FreeSid(CreatorOwnerSid); } if(CreatorGroupSid) { FreeSid(CreatorGroupSid); } if(DialupSid) { FreeSid(DialupSid); } if(NetworkSid) { FreeSid(NetworkSid); } if(BatchSid) { FreeSid(BatchSid); } if(InteractiveSid) { FreeSid(InteractiveSid); } if(ServiceSid) { FreeSid(ServiceSid); } if(LocalSystemSid) { FreeSid(LocalSystemSid); } if(AliasAdminsSid) { FreeSid(AliasAdminsSid); } if(AliasUsersSid) { FreeSid(AliasUsersSid); } if(AliasGuestsSid) { FreeSid(AliasGuestsSid); } if(AliasPowerUsersSid) { FreeSid(AliasPowerUsersSid); } if(AliasAccountOpsSid) { FreeSid(AliasAccountOpsSid); } if(AliasSystemOpsSid) { FreeSid(AliasSystemOpsSid); } if(AliasPrintOpsSid) { FreeSid(AliasPrintOpsSid); } if(AliasBackupOpsSid) { FreeSid(AliasBackupOpsSid); } if(AliasReplicatorSid) { FreeSid(AliasReplicatorSid); }}
DWORDInitializeAces( IN OUT PACE_DATA DataTable, IN OUT PACE* AcesArray, IN OUT PULONG AceSizesArray, IN ULONG ArrayCount )
/*++
Routine Description:
Initializes the array of ACEs as described in the DataTable
Arguments:
DataTable - Pointer to the array that contains the data describing each ACE. AcesArray - Array that will contain the ACEs.
AceSizesArray - Array that contains the sizes for each ACE.
ArrayCount - Number of elements in each array.
Return Value:
Win32 error code indicating outcome.
--*/
{ unsigned u; DWORD Length; DWORD rc; BOOL b; DWORD SidLength;
//
// Initialize to a known state.
//
ZeroMemory(AcesArray,ArrayCount*sizeof(PACE));
//
// Create ACEs for each item in the data table.
// This involves merging the ace data with the SID data, which
// are initialized in an earlier step.
//
for(u=1; u<ArrayCount; u++) {
SidLength = GetLengthSid(*(DataTable[u].Sid)); Length = SidLength + sizeof(ACE) + sizeof(ACCESS_MASK)- sizeof(ULONG); AceSizesArray[u] = Length;
AcesArray[u] = MemAlloc(Length); if(!AcesArray[u]) { TearDownAces(AcesArray, ArrayCount); return(ERROR_NOT_ENOUGH_MEMORY); }
AcesArray[u]->Header.AceType = DataTable[u].AceType; AcesArray[u]->Header.AceFlags = DataTable[u].AceFlags; AcesArray[u]->Header.AceSize = (WORD)Length;
AcesArray[u]->Mask = DataTable[u].AccessMask;
b = CopySid( SidLength, // Length - sizeof(ACE) + sizeof(ULONG),
(PUCHAR)AcesArray[u] + sizeof(ACE), *(DataTable[u].Sid) );
if(!b) { rc = GetLastError(); TearDownAces(AcesArray, ArrayCount); return(rc); } }
return(NO_ERROR);}
VOIDTearDownAces( IN OUT PACE* AcesArray, IN ULONG ArrayCount )
/*++
Routine Description:
Destroys the array of ACEs as described in the DataTable
Arguments:
None
Return Value:
None
--*/
{ unsigned u;
for(u=1; u<ArrayCount; u++) {
if(AcesArray[u]) { MemFree(AcesArray[u]); } }}
BOOLFaxSvcAccessCheck( DWORD SecurityType, ACCESS_MASK DesiredAccess ){ DWORD rc; DWORD GrantedAccess; BOOL AccessStatus; HANDLE ClientToken = NULL; BYTE PrivilegeSet[512]; DWORD PrivilegeSetSize;
//
// sanity check
//
if (SecurityType >= FaxSecurityCount) { return FALSE; }
//
// Impersonate the client.
//
if ((rc = RpcImpersonateClient(NULL)) != RPC_S_OK) { return FALSE; }
EnterCriticalSection( &CsSecurity ); //
// Open the impersonated token.
//
if (!OpenThreadToken( GetCurrentThread(), TOKEN_QUERY, TRUE, &ClientToken )) { rc = GetLastError(); goto exit; }
//
// purify the access mask
//
MapGenericMask( &DesiredAccess, FaxSecurity[SecurityType].GenericMapping );
//
// Check if the client has the required access.
//
PrivilegeSetSize = sizeof(PrivilegeSet);
if (!AccessCheck( FaxSecurity[SecurityType].SecurityDescriptor, ClientToken, DesiredAccess, FaxSecurity[SecurityType].GenericMapping, (PPRIVILEGE_SET) PrivilegeSet, &PrivilegeSetSize, &GrantedAccess, &AccessStatus ) ) { rc = GetLastError(); goto exit; }
if (!AccessStatus) { rc = GetLastError(); goto exit; }
rc = 0;
exit: RpcRevertToSelf();
if (ClientToken) { CloseHandle( ClientToken ); }
if (rc != 0) { DebugPrint(( TEXT("FaxSvcAccessCheck() failed to authenticate, 0x%08x, 0x%08x\n"), SecurityType, DesiredAccess )); }
LeaveCriticalSection( &CsSecurity );
return rc == 0;}
PVOIDMyGetTokenInformation( HANDLE hToken, TOKEN_INFORMATION_CLASS TokenInformationClass ){ PVOID TokenInformation = NULL; DWORD Size = 0;
if (!GetTokenInformation( hToken, TokenInformationClass, NULL, 0, &Size ) && GetLastError() == ERROR_INSUFFICIENT_BUFFER && (TokenInformation = MemAlloc( Size )) && GetTokenInformation( hToken, TokenInformationClass, TokenInformation, Size, &Size )) { return TokenInformation; }
MemFree( TokenInformation ); return NULL;}
DWORDInitializeFaxSecurityDescriptors( VOID ){ #define BUFFER_SIZE 4096
DWORD i,j; DWORD rc = ERROR_SUCCESS; DWORD Ace; DWORD Size; HKEY hKey = NULL; DWORD Disposition; LPBYTE Buffer = NULL; BYTE AclBuffer[512]; SECURITY_DESCRIPTOR SecurityDescriptor; DWORD Type; PACL Acl; HANDLE ServiceToken; PTOKEN_OWNER Owner; PTOKEN_GROUPS Groups; PSECURITY_DESCRIPTOR AbsSD; DWORD AbsSdSize = 0; DWORD DaclSize = 0; DWORD SaclSize = 0; DWORD OwnerSize = 0; DWORD GroupSize = 0; PACL pAbsDacl = NULL; PACL pAbsSacl = NULL; PSID pAbsOwner = NULL; PSID pAbsGroup = NULL;
if (!CsInit) { InitializeCriticalSection( &CsSecurity ); CsInit = TRUE; } //
// Initialize SIDs
//
rc = InitializeSids(); if (rc != NO_ERROR) { goto exit; }
//
// Initialize Fax ACEs
//
rc = InitializeAces( AceDataTableForFax, AcesForFax, AceSizesForFax, FAX_ACE_COUNT ); if (rc != NO_ERROR) { goto exit; }
if (!OpenProcessToken( GetCurrentProcess(), TOKEN_QUERY, &ServiceToken )) { rc = GetLastError(); goto exit; }
Owner = MyGetTokenInformation( ServiceToken, TokenOwner ); if (!Owner) { rc = ERROR_NOT_ENOUGH_MEMORY; goto exit; }
Groups = MyGetTokenInformation( ServiceToken, TokenGroups ); if (!Groups) { rc = ERROR_NOT_ENOUGH_MEMORY; goto exit; }
CloseHandle( ServiceToken );
rc = RegCreateKeyEx( HKEY_LOCAL_MACHINE, REGKEY_FAX_SECURITY, 0, TEXT(""), 0, KEY_ALL_ACCESS, NULL, &hKey, &Disposition ); if (rc != ERROR_SUCCESS) { goto exit; }
Buffer = (LPBYTE) MemAlloc( BUFFER_SIZE ); if (!Buffer) { rc = ERROR_NOT_ENOUGH_MEMORY; goto exit; }
for (i=0; i<FaxSecurityCount; i++) { Size = BUFFER_SIZE; ZeroMemory( Buffer, Size ); rc = RegQueryValueEx( hKey, FaxSecurity[i].RegKey, 0, &Type, Buffer, &Size ); if (rc == ERROR_SUCCESS) {
if (!IsValidSecurityDescriptor( (PSECURITY_DESCRIPTOR) Buffer )) { rc = GetLastError(); DebugPrint(( TEXT("IsValidSecurityDescriptor() failed, ec=%d"), rc )); goto exit; }
//
// the security descriptor needs to be converted to absolute format.
//
AbsSdSize = 0; DaclSize = 0; SaclSize = 0; OwnerSize = 0; GroupSize = 0;
rc = MakeAbsoluteSD( (PSECURITY_DESCRIPTOR) Buffer, NULL, &AbsSdSize, NULL, &DaclSize, NULL, &SaclSize, NULL, &OwnerSize, NULL, &GroupSize ); if (rc || GetLastError() != ERROR_INSUFFICIENT_BUFFER) { rc = GetLastError(); goto exit; }
AbsSD = MemAlloc(AbsSdSize); pAbsDacl = MemAlloc(DaclSize); pAbsSacl = MemAlloc(SaclSize); pAbsOwner = MemAlloc(OwnerSize); pAbsGroup = MemAlloc(GroupSize);
if (NULL == AbsSD || NULL == pAbsDacl || NULL == pAbsSacl || NULL == pAbsOwner || NULL == pAbsGroup) { rc = ERROR_NOT_ENOUGH_MEMORY; goto exit; }
MakeAbsoluteSD( (PSECURITY_DESCRIPTOR) Buffer, AbsSD, &AbsSdSize, pAbsDacl, &DaclSize, pAbsSacl, &SaclSize, pAbsOwner, &OwnerSize, pAbsGroup, &GroupSize );
FaxSecurity[i].SecurityDescriptor = AbsSD;
if (!IsValidSecurityDescriptor( FaxSecurity[i].SecurityDescriptor )) { rc = GetLastError(); DebugPrint(( TEXT("IsValidSecurityDescriptor() failed, ec=%d"), rc )); goto exit; }
continue; }
//
// Initialize a security descriptor and an ACL.
// We use a large static buffer to contain the ACL.
//
ZeroMemory( AclBuffer, sizeof(AclBuffer) );
Acl = (PACL)AclBuffer; if(!InitializeAcl( Acl, sizeof(AclBuffer), ACL_REVISION2) || !InitializeSecurityDescriptor( &SecurityDescriptor, SECURITY_DESCRIPTOR_REVISION )) { rc = GetLastError(); goto exit; }
//
// Build up the DACL from the indices
//
for (Ace=0; Ace<FaxSecurity[i].AceCount; Ace++) {
if (!AddAce( Acl, ACL_REVISION2, MAXDWORD, AcesForFax[FaxSecurity[i].AceIdx[Ace]], AcesForFax[FaxSecurity[i].AceIdx[Ace]]->Header.AceSize )) { rc = GetLastError(); goto exit; } }
//
// Add the ACL to the security descriptor as the DACL
//
if (!SetSecurityDescriptorDacl( &SecurityDescriptor, TRUE, Acl, FALSE )) { rc = GetLastError(); goto exit; }
//
// set the owner
//
if (!SetSecurityDescriptorOwner( &SecurityDescriptor, Owner->Owner, FALSE )) { rc = GetLastError(); goto exit; }
//
// set the groups
//
for (j=0; j<Groups->GroupCount; j++) { if (!SetSecurityDescriptorGroup( &SecurityDescriptor, Groups->Groups[j].Sid, FALSE )) { rc = GetLastError(); goto exit; } }
//
// make the security descriptor self relative
//
Size = BUFFER_SIZE; if (!MakeSelfRelativeSD( &SecurityDescriptor, (PSECURITY_DESCRIPTOR) Buffer, &Size )) { rc = GetLastError(); goto exit; }
//
// store the security descriptor in the registry
//
Size = GetSecurityDescriptorLength( (PSECURITY_DESCRIPTOR) Buffer );
FaxSecurity[i].SecurityDescriptor = (PSECURITY_DESCRIPTOR) MemAlloc( Size ); if (!FaxSecurity[i].SecurityDescriptor) { rc = ERROR_NOT_ENOUGH_MEMORY; goto exit; }
CopyMemory( FaxSecurity[i].SecurityDescriptor, Buffer, Size );
rc = RegSetValueEx( hKey, FaxSecurity[i].RegKey, 0, REG_BINARY, (LPBYTE) FaxSecurity[i].SecurityDescriptor, Size ); if (rc) { goto exit; } }
exit: if (hKey) { RegCloseKey( hKey ); } if (Buffer) { MemFree( Buffer ); } if (Owner) { MemFree( Owner ); } if (Groups) { MemFree( Groups ); } return rc;}
LPWSTRGetClientUserName( VOID ){ WCHAR UserName[128]; DWORD Size;
if (RpcImpersonateClient(NULL) != RPC_S_OK) { return NULL; }
Size = sizeof(UserName) / sizeof(WCHAR); if (!GetUserName( UserName, &Size )) { RpcRevertToSelf(); return NULL; }
RpcRevertToSelf();
return StringDup( UserName );}
error_status_tFAX_GetSecurityDescriptorCount( IN handle_t FaxHandle, OUT LPDWORD Count )
/*++
Routine Description:
Arguments:
Return Value:
--*/
{ *Count = FaxSecurityCount; return ERROR_SUCCESS;}
error_status_tFAX_SetSecurityDescriptor( IN handle_t FaxHandle, IN const LPBYTE Buffer, IN DWORD BufferSize ){ DWORD rVal = ERROR_SUCCESS; PFAX_SECURITY_DESCRIPTOR FaxSecDesc = (PFAX_SECURITY_DESCRIPTOR) Buffer; HKEY hKey; DWORD Disposition; DWORD SecDescBufferSize;
if (!FaxSvcAccessCheck( SEC_CONFIG_SET, FAX_CONFIG_SET )) { return ERROR_ACCESS_DENIED; }
// Check that the buffer is large enough to hold a FAX_SECURITY_DESCRIPTOR
if (BufferSize < sizeof (FAX_SECURITY_DESCRIPTOR)) { return ERROR_INVALID_PARAMETER; }
if (FaxSecDesc->Id > FaxSecurityCount) { return ERROR_INVALID_CATEGORY; }
// Check that the offset is within the buffer.
if (PtrToUlong(FaxSecDesc->SecurityDescriptor) >= BufferSize) { return ERROR_INVALID_PARAMETER; }
// Calculate the size of the security descriptor buffer for validation
SecDescBufferSize = BufferSize - PtrToUlong(FaxSecDesc->SecurityDescriptor);
FaxSecDesc->SecurityDescriptor = (PSECURITY_DESCRIPTOR) FixupString(Buffer, FaxSecDesc->SecurityDescriptor);
// Validate the passed security descriptor.
if (!RtlValidRelativeSecurityDescriptor(FaxSecDesc->SecurityDescriptor, SecDescBufferSize, 0)) { return ERROR_INVALID_DATA; } rVal = RegCreateKeyEx( HKEY_LOCAL_MACHINE, REGKEY_FAX_SECURITY, 0, TEXT(""), 0, KEY_ALL_ACCESS, NULL, &hKey, &Disposition ); if (rVal != ERROR_SUCCESS) { return rVal; }
rVal = RegSetValueEx( hKey, FaxSecurity[FaxSecDesc->Id].RegKey, 0, REG_BINARY, (LPBYTE) FaxSecDesc->SecurityDescriptor, GetSecurityDescriptorLength( FaxSecDesc->SecurityDescriptor ) );
if (FaxSecurity[FaxSecDesc->Id].SecurityDescriptor) { MemFree( FaxSecurity[FaxSecDesc->Id].SecurityDescriptor ); } rVal = InitializeFaxSecurityDescriptors(); RegCloseKey( hKey );
return rVal;}
error_status_tFAX_GetSecurityDescriptor( IN handle_t FaxHandle, IN DWORD Id, OUT LPBYTE *Buffer, OUT LPDWORD BufferSize )
/*++
Routine Description:
Retrieves the FAX configuration from the FAX server. The SizeOfStruct in the FaxConfig argument MUST be set to a value == sizeof(FAX_CONFIGURATION). If the BufferSize is not big enough, return an error and set BytesNeeded to the required size.
Arguments:
FaxHandle - FAX handle obtained from FaxConnectFaxServer. Buffer - Pointer to a FAX_CONFIGURATION structure. BufferSize - Size of Buffer BytesNeeded - Number of bytes needed
Return Value:
TRUE - Success FALSE - Failure, call GetLastError() for more error information.
--*/
{ error_status_t rVal = ERROR_SUCCESS; PFAX_SECURITY_DESCRIPTOR FaxSecDesc; ULONG_PTR Offset; LPWSTR FriendlyName; DWORD DescLength; HKEY hKey; DWORD Type; DWORD Size; DWORD Disposition;
if (!FaxSvcAccessCheck( SEC_CONFIG_QUERY, FAX_CONFIG_QUERY )) { return ERROR_ACCESS_DENIED; }
if (Id > FaxSecurityCount) { return ERROR_INVALID_CATEGORY; } rVal = RegCreateKeyEx( HKEY_LOCAL_MACHINE, REGKEY_FAX_SECURITY, 0, TEXT(""), 0, KEY_ALL_ACCESS, NULL, &hKey, &Disposition ); if (rVal != ERROR_SUCCESS) { return rVal; }
FriendlyName = GetString( FaxSecurity[Id].StringResource ); //
// count up the number of bytes needed
//
rVal = RegQueryValueEx( hKey, FaxSecurity[Id].RegKey, 0, &Type, NULL, &DescLength ); if (rVal != ERROR_SUCCESS) { goto exit; } Offset = sizeof(FAX_SECURITY_DESCRIPTOR);
*BufferSize = (DWORD)(Offset + DescLength + (wcslen(FriendlyName) + 1) * sizeof(WCHAR));
*Buffer = MemAlloc( *BufferSize ); if (*Buffer == NULL) { rVal = ERROR_NOT_ENOUGH_MEMORY; goto exit; }
FaxSecDesc = (PFAX_SECURITY_DESCRIPTOR) *Buffer;
FaxSecDesc->Id = Id; StoreString( FriendlyName, (PULONG_PTR)&FaxSecDesc->FriendlyName, *Buffer, &Offset ); rVal = RegQueryValueEx( hKey, FaxSecurity[Id].RegKey, 0, &Type, *Buffer + Offset, &Size );
FaxSecDesc->SecurityDescriptor = (LPBYTE) Offset;
exit: RegCloseKey( hKey ); return rVal;}
BOOLPostClientMessage( PFAX_CLIENT_DATA ClientData, PFAX_EVENT FaxEvent )
/*++
Routine Description:
attempts to post a message to client on another windowstation and desktop
Arguments:
ClientData - pointer to a FAX_CLIENT_DATA structure. FaxEvent - pointer to a FAX_EVENT structure. Return Value:
TRUE - Success FALSE - Failure, call GetLastError() for more error information.
--*/
{ HWINSTA hWindowStation, hOldWindowStation=NULL; HDESK hDesktop, hOldDesktop=NULL; BOOL bStatus = FALSE;
//
// need to restore windowstation and desktop
//
if (! (hOldWindowStation = GetProcessWindowStation()) ) { DebugPrint(( TEXT("GetProcessWindowStation failed, ec = %d\n"), GetLastError() )); return FALSE; }
if (! (hOldDesktop = GetThreadDesktop( GetCurrentThreadId() )) ) { DebugPrint(( TEXT("GetThreadDesktop failed, ec = %d\n"), GetLastError() )); return FALSE; }
//
// impersonate the client
//
if (! SetThreadToken( NULL, ClientData->hClientToken ) ) { DebugPrint(( TEXT("SetThreadToken failed, ec = %d\n"), GetLastError() )); return FALSE; }
//
// get a handle to the windowstation, switch to new windowstation
//
if (! (hWindowStation = OpenWindowStation(ClientData->WindowStation, FALSE, //bInherit,
WINSTA_READATTRIBUTES | WINSTA_WRITEATTRIBUTES)) ) { DebugPrint(( TEXT("OpenWindowStation failed, ec = %d\n"), GetLastError() )); goto exit; }
if (! SetProcessWindowStation( hWindowStation ) ) { DebugPrint(( TEXT("SetProcessWindowStation failed, ec = %d\n"), GetLastError() )); goto exit; }
//
// get a handle to the desktop, switch to new desktop
//
if (! (hDesktop = OpenDesktop(ClientData->Desktop, 0, FALSE, DESKTOP_READOBJECTS | DESKTOP_WRITEOBJECTS)) ) { DebugPrint(( TEXT("OpenDesktop failed, ec = %d\n"), GetLastError() )); goto exit; }
if (! SetThreadDesktop( hDesktop ) ) { DebugPrint(( TEXT("SetThreadDesktop failed, ec = %d\n"), GetLastError() )); goto exit; }
//
// post the message to the proper window if it exits
//
if (! IsWindow( ClientData->hWnd )) { DebugPrint(( TEXT("Hwnd %x doesn't exist on current desktop\n"), ClientData->hWnd )); goto exit; }
if (! PostMessage( ClientData->hWnd, ClientData->MessageStart + FaxEvent->EventId, (WPARAM)FaxEvent->DeviceId, (LPARAM)FaxEvent->JobId )) { DebugPrint(( TEXT("PostMessage failed, ec = %d\n"), GetLastError() )); goto exit; }
bStatus = TRUE;
exit:
//
// revert to old thread context (NULL means stop impersonating)
//
SetThreadToken( NULL, NULL ); if (hOldWindowStation) { SetProcessWindowStation( hOldWindowStation ); CloseWindowStation( hWindowStation ); } if (hOldDesktop) { SetThreadDesktop( hOldDesktop ); CloseDesktop( hDesktop ); } return bStatus;
}
BOOLBuildSecureSD( OUT PSECURITY_DESCRIPTOR *SDIn )/*++
Routine Description:
builds a secure security descriptor to be used in securing a globally named object. Our "secure" SD's DACL consists of the following permissions: Authenticated users get "generic read" access. Administrators get "generic all" access.
Arguments:
SDIn - pointer to the PSECURITY_DESCRIPTOR to be created. Return Value:
TRUE - Success, the SECURITY_DESCRIPTOR was created successfully. The caller is responsible for freeing the SECURITY_DESCRIPTOR
--*/{ SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY; PSID AuthenticatedUsers; PSID BuiltInAdministrators; PSECURITY_DESCRIPTOR Sd = NULL; ACL *Acl; ULONG AclSize; BOOL RetVal = TRUE; *SDIn = NULL;
//
// Allocate and initialize the required SIDs
//
if (!AllocateAndInitializeSid( &NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0,0,0,0,0,0, &BuiltInAdministrators)) { return(FALSE); }
if (!AllocateAndInitializeSid( &NtAuthority, 1, SECURITY_AUTHENTICATED_USER_RID, 0,0,0,0,0,0,0, &AuthenticatedUsers)) { RetVal = FALSE; goto e0; }
//
// "- sizeof (ULONG)" represents the SidStart field of the
// ACCESS_ALLOWED_ACE. Since we're adding the entire length of the
// SID, this field is counted twice.
//
AclSize = sizeof (ACL) + (2 * (sizeof (ACCESS_ALLOWED_ACE) - sizeof (ULONG))) + GetLengthSid(AuthenticatedUsers) + GetLengthSid(BuiltInAdministrators);
Sd = MemAlloc(SECURITY_DESCRIPTOR_MIN_LENGTH + AclSize);
if (!Sd) {
RetVal = FALSE; goto e1;
}
Acl = (ACL *)((BYTE *)Sd + SECURITY_DESCRIPTOR_MIN_LENGTH);
if (!InitializeAcl(Acl, AclSize, ACL_REVISION)) { RetVal = FALSE; goto e2;
} else if (!AddAccessAllowedAce(Acl, ACL_REVISION, SYNCHRONIZE | GENERIC_READ, AuthenticatedUsers)) {
// Failed to build the ACE granting "Authenticated users"
// (SYNCHRONIZE | GENERIC_READ) access.
RetVal = FALSE; goto e2;
} else if (!AddAccessAllowedAce(Acl, ACL_REVISION, GENERIC_ALL, BuiltInAdministrators)) {
// Failed to build the ACE granting "Built-in Administrators"
// GENERIC_ALL access.
RetVal = FALSE; goto e2;
} else if (!InitializeSecurityDescriptor(Sd, SECURITY_DESCRIPTOR_REVISION)) { RetVal = FALSE; goto e2;
} else if (!SetSecurityDescriptorDacl(Sd, TRUE, Acl, FALSE)) {
// error
RetVal = FALSE; goto e2; }
if (!IsValidSecurityDescriptor(Sd)) { DebugPrint(( TEXT("invalid security descriptor, ec = %d\n"), GetLastError() )); RetVal = FALSE; goto e2; }
//
// success
//
*SDIn = Sd; goto e1;
e2: MemFree(Sd);e1: FreeSid(AuthenticatedUsers);e0: FreeSid(BuiltInAdministrators);
return(RetVal);}
|
