archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 75c48ba87f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75c48ba87f'
${ noResults }
windows-xp/Source/XPSP1/NT/termsrv/license/tlserver/server/utils.cpp

633 lines
15 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+--------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1996-1998
  5. //
  6. // File: utils.cpp
  7. //
  8. // Contents: Hydra License Server Service Control Manager Interface
  9. //
  10. // History: 12-09-97 HueiWang Modified from MSDN RPC Service Sample
  11. //
  12. //---------------------------------------------------------------------------
  13. #include "pch.cpp"
  14. #include <lm.h>
  15. #include <time.h>
  17. #include "utils.h"
  20. /////////////////////////////////////////////////////////////////////////////
  21. BOOL
  22. FileExists(
  23. IN PCTSTR FileName,
  24. OUT PWIN32_FIND_DATA FindData OPTIONAL
  25. )
  27. /*++
  29. Routine Description:
  31. Determine if a file exists and is accessible.
  32. Errormode is set (and then restored) so the user will not see
  33. any pop-ups.
  35. Arguments:
  37. FileName - supplies full path of file to check for existance.
  39. FindData - if specified, receives find data for the file.
  41. Return Value:
  43. TRUE if the file exists and is accessible.
  44. FALSE if not. GetLastError() returns extended error info.
  46. --*/
  48. {
  49. WIN32_FIND_DATA findData;
  50. HANDLE FindHandle;
  51. DWORD Error;
  53. FindHandle = FindFirstFile(FileName,&findData);
  54. if(FindHandle == INVALID_HANDLE_VALUE)
  55. {
  56. Error = GetLastError();
  57. }
  58. else
  59. {
  60. FindClose(FindHandle);
  61. if(FindData)
  62. {
  63. *FindData = findData;
  64. }
  65. Error = NO_ERROR;
  66. }
  68. SetLastError(Error);
  69. return (Error == NO_ERROR);
  70. }
  72. /*----------------------------------------------------------------------------
  73. Routine Description:
  75. This function checks to see whether the specified sid is enabled in
  76. the specified token.
  78. Arguments:
  80. TokenHandle - If present, this token is checked for the sid. If not
  81. present then the current effective token will be used. This must
  82. be an impersonation token.
  84. SidToCheck - The sid to check for presence in the token
  86. IsMember - If the sid is enabled in the token, contains TRUE otherwise
  87. false.
  89. Return Value:
  91. TRUE - The API completed successfully. It does not indicate that the
  92. sid is a member of the token.
  94. FALSE - The API failed. A more detailed status code can be retrieved
  95. via GetLastError()
  98. Note : Code modified from 5.0 \\rastaman\ntwin\src\base\advapi\security.c
  99. ----------------------------------------------------------------------------*/
  100. BOOL
  101. TLSCheckTokenMembership(
  102. IN HANDLE TokenHandle OPTIONAL,
  103. IN PSID SidToCheck,
  104. OUT PBOOL IsMember
  105. )
  106. {
  107. HANDLE ProcessToken = NULL;
  108. HANDLE EffectiveToken = NULL;
  109. DWORD Status = ERROR_SUCCESS;
  110. PISECURITY_DESCRIPTOR SecDesc = NULL;
  111. ULONG SecurityDescriptorSize;
  112. GENERIC_MAPPING GenericMapping = { STANDARD_RIGHTS_READ,
  113. STANDARD_RIGHTS_EXECUTE,
  114. STANDARD_RIGHTS_WRITE,
  115. STANDARD_RIGHTS_ALL };
  116. //
  117. // The size of the privilege set needs to contain the set itself plus
  118. // any privileges that may be used. The privileges that are used
  119. // are SeTakeOwnership and SeSecurity, plus one for good measure
  120. //
  121. BYTE PrivilegeSetBuffer[sizeof(PRIVILEGE_SET) + 3*sizeof(LUID_AND_ATTRIBUTES)];
  122. PPRIVILEGE_SET PrivilegeSet = (PPRIVILEGE_SET) PrivilegeSetBuffer;
  123. ULONG PrivilegeSetLength = sizeof(PrivilegeSetBuffer);
  124. ACCESS_MASK AccessGranted = 0;
  125. BOOL AccessStatus = FALSE;
  126. PACL Dacl = NULL;
  128. #define MEMBER_ACCESS 1
  130. *IsMember = FALSE;
  132. //
  133. // Get a handle to the token
  134. //
  135. if (TokenHandle != NULL)
  136. {
  137. EffectiveToken = TokenHandle;
  138. }
  139. else
  140. {
  141. if(!OpenThreadToken(GetCurrentThread(),
  142. TOKEN_QUERY,
  143. FALSE, // don't open as self
  144. &EffectiveToken))
  145. {
  146. //
  147. // if there is no thread token, try the process token
  148. //
  149. if((Status=GetLastError()) == ERROR_NO_TOKEN)
  150. {
  151. if(!OpenProcessToken(GetCurrentProcess(),
  152. TOKEN_QUERY | TOKEN_DUPLICATE,
  153. &ProcessToken))
  154. {
  155. Status = GetLastError();
  156. }
  158. //
  159. // If we have a process token, we need to convert it to an
  160. // impersonation token
  161. //
  162. if (Status == ERROR_SUCCESS)
  163. {
  164. BOOL Result;
  165. Result = DuplicateToken(ProcessToken,
  166. SecurityImpersonation,
  167. &EffectiveToken);
  168. CloseHandle(ProcessToken);
  169. if (!Result)
  170. {
  171. return(FALSE);
  172. }
  173. }
  174. }
  176. if (Status != ERROR_SUCCESS)
  177. {
  178. goto Cleanup;
  179. }
  180. }
  181. }
  183. //
  184. // Construct a security descriptor to pass to access check
  185. //
  187. //
  188. // The size is equal to the size of an SD + twice the length of the SID
  189. // (for owner and group) + size of the DACL = sizeof ACL + size of the
  190. // ACE, which is an ACE + length of
  191. // ths SID.
  192. //
  194. SecurityDescriptorSize = sizeof(SECURITY_DESCRIPTOR) +
  195. sizeof(ACCESS_ALLOWED_ACE) +
  196. sizeof(ACL) +
  197. 3 * GetLengthSid(SidToCheck);
  199. SecDesc = (PISECURITY_DESCRIPTOR) LocalAlloc(LMEM_ZEROINIT, SecurityDescriptorSize );
  200. if (SecDesc == NULL)
  201. {
  202. Status = ERROR_OUTOFMEMORY;
  203. goto Cleanup;
  204. }
  205. Dacl = (PACL) (SecDesc + 1);
  207. InitializeSecurityDescriptor(SecDesc, SECURITY_DESCRIPTOR_REVISION);
  209. //
  210. // Fill in fields of security descriptor
  211. //
  212. SetSecurityDescriptorOwner(SecDesc, SidToCheck, FALSE);
  213. SetSecurityDescriptorGroup(SecDesc, SidToCheck, FALSE);
  215. if(!InitializeAcl( Dacl,
  216. SecurityDescriptorSize - sizeof(SECURITY_DESCRIPTOR),
  217. ACL_REVISION))
  218. {
  219. Status=GetLastError();
  220. goto Cleanup;
  221. }
  223. if(!AddAccessAllowedAce(Dacl, ACL_REVISION, MEMBER_ACCESS, SidToCheck))
  224. {
  225. Status=GetLastError();
  226. goto Cleanup;
  227. }
  229. if(!SetSecurityDescriptorDacl(SecDesc, TRUE, Dacl, FALSE))
  230. {
  231. Status=GetLastError();
  232. goto Cleanup;
  233. }
  235. if(!AccessCheck(SecDesc,
  236. EffectiveToken,
  237. MEMBER_ACCESS,
  238. &GenericMapping,
  239. PrivilegeSet,
  240. &PrivilegeSetLength,
  241. &AccessGranted,
  242. &AccessStatus))
  243. {
  244. Status=GetLastError();
  245. goto Cleanup;
  246. }
  248. //
  249. // if the access check failed, then the sid is not a member of the
  250. // token
  251. //
  252. if ((AccessStatus == TRUE) && (AccessGranted == MEMBER_ACCESS))
  253. {
  254. *IsMember = TRUE;
  255. }
  258. Cleanup:
  259. if (TokenHandle == NULL && EffectiveToken != NULL)
  260. {
  261. CloseHandle(EffectiveToken);
  262. }
  264. if (SecDesc != NULL)
  265. {
  266. LocalFree(SecDesc);
  267. }
  269. return (Status == ERROR_SUCCESS) ? TRUE : FALSE;
  270. }
  273. /*------------------------------------------------------------------------
  275. BOOL IsAdmin(void)
  277. returns TRUE if user is an admin
  278. FALSE if user is not an admin
  279. ------------------------------------------------------------------------*/
  280. DWORD
  281. IsAdmin(
  282. BOOL* bMember
  283. )
  284. {
  285. PSID psidAdministrators;
  286. SID_IDENTIFIER_AUTHORITY siaNtAuthority = SECURITY_NT_AUTHORITY;
  287. DWORD dwStatus=ERROR_SUCCESS;
  289. do {
  290. if(!AllocateAndInitializeSid(&siaNtAuthority,
  291. 2,
  292. SECURITY_BUILTIN_DOMAIN_RID,
  293. DOMAIN_ALIAS_RID_ADMINS,
  294. 0, 0, 0, 0, 0, 0,
  295. &psidAdministrators))
  296. {
  297. dwStatus=GetLastError();
  298. continue;
  299. }
  301. // assume that we don't find the admin SID.
  302. if(!TLSCheckTokenMembership(NULL,
  303. psidAdministrators,
  304. bMember))
  305. {
  306. dwStatus=GetLastError();
  307. }
  309. FreeSid(psidAdministrators);
  311. } while(FALSE);
  313. return dwStatus;
  314. }
  316. /////////////////////////////////////////////////////////////////////////////
  318. BOOL
  319. LoadResourceString(
  320. DWORD dwId,
  321. LPTSTR szBuf,
  322. DWORD dwBufSize
  323. )
  324. {
  325. int dwRet;
  327. dwRet=LoadString(GetModuleHandle(NULL), dwId, szBuf, dwBufSize);
  329. return (dwRet != 0);
  330. }
  332. /////////////////////////////////////////////////////////////////////////////
  334. HRESULT
  335. LogEvent(
  336. LPTSTR lpszSource,
  337. DWORD dwEventType,
  338. DWORD dwIdEvent,
  339. WORD cStrings,
  340. TCHAR **apwszStrings
  341. )
  342. /*++
  344. --*/
  345. {
  346. HANDLE hAppLog=NULL;
  347. BOOL bSuccess=FALSE;
  348. WORD wElogType;
  350. wElogType = (WORD) dwEventType;
  351. if(hAppLog=RegisterEventSource(NULL, lpszSource))
  352. {
  353. bSuccess = ReportEvent(
  354. hAppLog,
  355. wElogType,
  356. 0,
  357. dwIdEvent,
  358. NULL,
  359. cStrings,
  360. 0,
  361. (const TCHAR **) apwszStrings,
  362. NULL
  363. );
  365. DeregisterEventSource(hAppLog);
  366. }
  368. return((bSuccess) ? ERROR_SUCCESS : GetLastError());
  369. }
  371. /////////////////////////////////////////////////////////////////////////////
  373. void
  374. TLSLogInfoEvent(
  375. IN DWORD code
  376. )
  377. /*++
  379. --*/
  380. {
  381. LogEvent(
  382. _TEXT(SZSERVICENAME),
  383. EVENTLOG_INFORMATION_TYPE,
  384. code,
  385. 0,
  386. NULL
  387. );
  388. }
  390. /////////////////////////////////////////////////////////////////////////////
  392. void
  393. TLSLogWarningEvent(
  394. IN DWORD code
  395. )
  396. /*++
  398. --*/
  399. {
  400. LogEvent(
  401. _TEXT(SZSERVICENAME),
  402. EVENTLOG_WARNING_TYPE,
  403. code,
  404. 0,
  405. NULL
  406. );
  407. }
  409. /////////////////////////////////////////////////////////////////////////////
  411. void
  412. TLSLogErrorEvent(
  413. IN DWORD errCode
  414. )
  415. /*++
  417. --*/
  418. {
  419. LogEvent(
  420. _TEXT(SZSERVICENAME),
  421. EVENTLOG_ERROR_TYPE,
  422. errCode,
  423. 0,
  424. NULL
  425. );
  426. }
  428. /////////////////////////////////////////////////////////////////////////////
  430. void
  431. TLSLogEventString(
  432. IN DWORD dwEventType,
  433. IN DWORD dwEventId,
  434. IN WORD wNumString,
  435. IN LPCTSTR* lpStrings
  436. )
  437. /*++
  440. --*/
  441. {
  442. HANDLE hAppLog=NULL;
  443. BOOL bSuccess=FALSE;
  444. WORD wElogType = (WORD) dwEventType;
  446. __try {
  447. if(hAppLog=RegisterEventSource(NULL, _TEXT(SZSERVICENAME)))
  448. {
  449. bSuccess = ReportEvent(
  450. hAppLog,
  451. wElogType,
  452. 0,
  453. dwEventId,
  454. NULL,
  455. wNumString,
  456. 0,
  457. (const TCHAR **) lpStrings,
  458. NULL
  459. );
  461. DeregisterEventSource(hAppLog);
  462. }
  463. }
  464. __except(EXCEPTION_EXECUTE_HANDLER) {
  465. }
  467. return;
  468. }
  470. /////////////////////////////////////////////////////////////////////////////
  472. void
  473. TLSLogEvent(
  474. IN DWORD type,
  475. IN DWORD EventId,
  476. IN DWORD code, ...
  477. )
  478. /*
  479. */
  480. {
  481. va_list marker;
  482. va_start( marker, code );
  483. DWORD dwRet;
  484. LPTSTR lpszTemp = NULL;
  486. __try {
  487. dwRet=FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_HMODULE |
  488. FORMAT_MESSAGE_FROM_SYSTEM,
  489. NULL,
  490. code,
  491. LANG_NEUTRAL,
  492. (LPTSTR)&lpszTemp,
  493. 0,
  494. &marker);
  496. if(dwRet != 0)
  497. {
  498. LogEvent(_TEXT(SZSERVICENAME), type, EventId, 1, &lpszTemp);
  499. if(lpszTemp)
  500. {
  501. LocalFree((HLOCAL)lpszTemp);
  502. }
  503. }
  504. }
  505. __except(EXCEPTION_EXECUTE_HANDLER) {
  506. // this is only for putting a break point here
  507. SetLastError(GetLastError());
  508. }
  510. va_end( marker );
  511. return;
  512. }
  514. ///////////////////////////////////////////////////////////////////////
  516. BOOL
  517. TLSSystemTimeToFileTime(
  518. SYSTEMTIME* pSysTime,
  519. LPFILETIME pfTime
  520. )
  521. /*++
  523. --*/
  524. {
  525. DoConvert:
  527. if(SystemTimeToFileTime(pSysTime, pfTime) == FALSE)
  528. {
  529. if(GetLastError() != ERROR_INVALID_PARAMETER)
  530. {
  531. TLSASSERT(FALSE);
  532. return FALSE;
  533. }
  535. if(pSysTime->wMonth == 2)
  536. {
  537. if(pSysTime->wDay > 29)
  538. {
  539. pSysTime->wDay = 29;
  540. goto DoConvert;
  541. }
  542. else if(pSysTime->wDay == 29)
  543. {
  544. pSysTime->wDay = 28;
  545. goto DoConvert;
  546. }
  547. }
  548. else if ((pSysTime->wMonth == 9) ||
  549. (pSysTime->wMonth == 4) ||
  550. (pSysTime->wMonth == 6) ||
  551. (pSysTime->wMonth == 11))
  552. {
  553. if (pSysTime->wDay > 30)
  554. {
  555. pSysTime->wDay = 30;
  556. goto DoConvert;
  557. }
  558. }
  559. }
  561. return TRUE;
  562. }
  564. ///////////////////////////////////////////////////////////////////////
  565. BOOL
  566. FileTimeToLicenseDate(
  567. LPFILETIME pft,
  568. DWORD* t
  569. )
  570. /*++
  572. ++*/
  573. {
  574. SYSTEMTIME sysTime;
  575. struct tm gmTime;
  576. FILETIME localFt;
  577. time_t licenseTime;
  579. if(FileTimeToLocalFileTime(pft, &localFt) == FALSE)
  580. {
  581. return FALSE;
  582. }
  584. if(FileTimeToSystemTime(&localFt, &sysTime) == FALSE)
  585. {
  586. return FALSE;
  587. }
  589. if(sysTime.wYear >= 2038)
  590. {
  591. licenseTime = INT_MAX;
  592. }
  593. else
  594. {
  595. // Unix time support up to 2038/1/18
  596. // restrict any expiration data
  597. memset(&gmTime, 0, sizeof(gmTime));
  598. gmTime.tm_sec = sysTime.wSecond;
  599. gmTime.tm_min = sysTime.wMinute;
  600. gmTime.tm_hour = sysTime.wHour;
  601. gmTime.tm_year = sysTime.wYear - 1900;
  602. gmTime.tm_mon = sysTime.wMonth - 1;
  603. gmTime.tm_mday = sysTime.wDay;
  604. gmTime.tm_isdst = -1;
  606. if((licenseTime = mktime(&gmTime)) == (time_t)-1)
  607. {
  608. SetLastError(ERROR_INVALID_PARAMETER);
  609. }
  610. }
  612. *t = (DWORD)licenseTime;
  614. return licenseTime != (time_t)-1;
  615. }
  618. ///////////////////////////////////////////////////////////////////////
  620. void
  621. UnixTimeToFileTime(
  622. time_t t,
  623. LPFILETIME pft
  624. )
  625. {
  626. LARGE_INTEGER li;
  628. li.QuadPart = Int32x32To64(t, 10000000) + 116444736000000000;
  630. pft->dwHighDateTime = li.HighPart;
  631. pft->dwLowDateTime = li.LowPart;
  632. }