archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 75c48ba87f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75c48ba87f'
${ noResults }
windows-xp/Source/XPSP1/NT/termsrv/httpproxy/isapi/tsproxyacl.cpp

243 lines
5.3 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 2000 Microsoft Corporation
  5. Module Name:
  7. Terminal Server ACL module
  9. Abstract:
  11. This module implements ACL checking for the ISAPI extension.
  13. Author:
  15. Marc Reyhner 9/7/2000
  17. --*/
  19. #include "stdafx.h"
  20. #include <atlbase.h>
  21. #include <atlconv.h>
  22. #include "tsproxyacl.h"
  23. #include "tsproxy.h"
  25. #define USER_ACL_KEY TS_PROXY_REG_KEY _T("\\User Permissions")
  26. #define DENY_LIST _T("Server Deny List")
  27. #define ALLOW_LIST _T("Server Allow List")
  28. #define DENY_BY_DEFAULT _T("Deny By Default")
  30. // our local helper function
  32. static BOOL ServerOnDenyList(LPSTR server);
  33. static BOOL ServerOnAllowList(LPSTR server);
  34. static BOOL CheckUserPermissions(LPSTR server, LPSTR user);
  35. static DWORD GetRegDword(LPTSTR key, LPTSTR value, DWORD dwDefault);
  36. static LPTSTR GetRegMultiString(LPTSTR key, LPTSTR value);
  37. static LPVOID GetAndAllocateRegValue(LPTSTR key, LPTSTR value, DWORD type);
  39. BOOL
  40. VerifyServerAccess(
  41. IN LPEXTENSION_CONTROL_BLOCK lpECB,
  42. IN LPSTR server,
  43. IN LPSTR user
  44. )
  46. /*++
  48. Routine Description:
  50. This checks to see if the user is allowed access to the
  51. given server
  53. Arguments:
  55. lpECB - extension control block
  57. server - Server access is requested to
  59. user - User requesting access
  61. Return Value:
  63. TRUE - Access is allowed
  65. FALSE - Access is denied
  67. --*/
  68. {
  69. if (0 == GetRegDword(TS_PROXY_REG_KEY,DENY_BY_DEFAULT,0)) {
  70. if (ServerOnDenyList(server)) {
  71. return FALSE;
  72. }
  74. // allow by default so return TRUE since they aren't on
  75. // the deny list
  77. return TRUE;
  78. }
  80. if (ServerOnDenyList(server)) {
  81. return FALSE;
  82. }
  84. if (ServerOnAllowList(server)) {
  85. return TRUE;
  86. }
  88. return CheckUserPermissions(server,user);
  89. }
  92. BOOL ServerOnDenyList(LPSTR server)
  93. {
  94. USES_CONVERSION;
  95. LPTSTR serverList;
  96. LPTSTR currentServer;
  97. UINT serverLength;
  99. serverList = GetRegMultiString(TS_PROXY_REG_KEY,DENY_LIST);
  100. if (!serverList) {
  101. return FALSE;
  102. }
  104. currentServer = serverList;
  105. while (serverLength = _tcslen(currentServer)) {
  106. if (_tcsicmp(A2T(server),currentServer)==0) {
  107. HeapFree(GetProcessHeap(),0,serverList);
  108. return TRUE;
  109. }
  110. currentServer += (serverLength+1);
  111. }
  113. HeapFree(GetProcessHeap(),0,serverList);
  114. return FALSE;
  115. }
  117. BOOL ServerOnAllowList(LPSTR server)
  118. {
  120. USES_CONVERSION;
  121. LPTSTR serverList;
  122. LPTSTR currentServer;
  123. UINT serverLength;
  125. serverList = GetRegMultiString(TS_PROXY_REG_KEY,ALLOW_LIST);
  126. if (!serverList) {
  127. return FALSE;
  128. }
  129. currentServer = serverList;
  130. while (serverLength = _tcslen(currentServer)) {
  131. if (_tcsicmp(A2T(server),currentServer)==0) {
  132. HeapFree(GetProcessHeap(),0,serverList);
  133. return TRUE;
  134. }
  135. currentServer += (serverLength+1);
  136. }
  138. HeapFree(GetProcessHeap(),0,serverList);
  139. return FALSE;
  140. }
  142. BOOL CheckUserPermissions(LPSTR server, LPSTR user)
  143. {
  145. USES_CONVERSION;
  146. LPTSTR serverList;
  147. LPTSTR currentServer;
  148. UINT serverLength;
  150. serverList = GetRegMultiString(USER_ACL_KEY,A2T(user));
  151. if (!serverList) {
  152. return FALSE;
  153. }
  154. currentServer = serverList;
  155. while (serverLength = _tcslen(currentServer)) {
  156. if (_tcsicmp(A2T(server),currentServer)==0) {
  157. HeapFree(GetProcessHeap(),0,serverList);
  158. return TRUE;
  159. }
  160. currentServer += (serverLength+1);
  161. }
  163. HeapFree(GetProcessHeap(),0,serverList);
  164. return FALSE;
  165. }
  167. DWORD GetRegDword(LPTSTR key, LPTSTR value, DWORD dwDefault)
  168. {
  169. DWORD dwResult;
  170. LPDWORD lpdwRegValue;
  172. lpdwRegValue = (LPDWORD)GetAndAllocateRegValue(key,value,REG_DWORD);
  173. if (lpdwRegValue) {
  174. dwResult = *lpdwRegValue;
  175. HeapFree(GetProcessHeap(),0,lpdwRegValue);
  176. } else {
  177. dwResult = dwDefault;
  178. }
  179. return dwResult;
  180. }
  182. LPTSTR GetRegMultiString(LPTSTR key, LPTSTR value)
  183. {
  184. return (LPTSTR)GetAndAllocateRegValue(key,value,REG_MULTI_SZ);
  185. }
  187. LPVOID GetAndAllocateRegValue(LPTSTR key, LPTSTR value, DWORD type)
  188. {
  189. LONG retCode;
  190. HKEY hRegKey;
  191. LPBYTE lpValueData;
  192. DWORD dwValueSize;
  193. DWORD dwType;
  194. BOOL failure;
  196. hRegKey = NULL;
  197. failure = FALSE;
  198. lpValueData = NULL;
  200. retCode = RegOpenKeyEx(HKEY_LOCAL_MACHINE,key,0,KEY_QUERY_VALUE,&hRegKey);
  201. if (ERROR_SUCCESS != retCode) {
  202. failure = TRUE;
  203. goto CLEANUP_AND_EXIT;
  204. }
  206. retCode = RegQueryValueEx(hRegKey,value,NULL,&dwType,NULL,&dwValueSize);
  207. if (retCode != ERROR_SUCCESS) {
  208. failure = TRUE;
  209. goto CLEANUP_AND_EXIT;
  210. }
  212. // Make sure the data is the type they requested
  213. if (dwType != type) {
  214. failure = TRUE;
  215. goto CLEANUP_AND_EXIT;
  216. }
  218. lpValueData = (LPBYTE)HeapAlloc(GetProcessHeap(),0,dwValueSize);
  219. if (!lpValueData) {
  220. failure = TRUE;
  221. goto CLEANUP_AND_EXIT;
  222. }
  224. retCode = RegQueryValueEx(hRegKey,value,NULL,&dwType,lpValueData,
  225. &dwValueSize);
  226. if (retCode != ERROR_SUCCESS) {
  227. failure = TRUE;
  228. goto CLEANUP_AND_EXIT;
  229. }
  231. CLEANUP_AND_EXIT:
  232. if (failure) {
  233. if (lpValueData) {
  234. HeapFree(GetProcessHeap(),0,lpValueData);
  235. lpValueData = NULL;
  236. }
  237. }
  239. if (hRegKey) {
  240. RegCloseKey(hRegKey);
  241. }
  243. return lpValueData;
  244. }