Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

316 lines
8.7 KiB

  1. //***************************************************************************
  2. //
  3. // Copyright (c) 1998-1999 Microsoft Corporation
  4. //
  5. // security.h
  6. //
  7. // alanbos 25-Sep-98 Created.
  8. //
  9. // Defines the CSWbemSecurity and subsiduary objects
  10. //
  11. //***************************************************************************
  12. #ifndef _SECURITY_H_
  13. #define _SECURITY_H_
  14. //***************************************************************************
  15. //
  16. // CLASS NAME:
  17. //
  18. // CWbemLocatorSecurity
  19. //
  20. // DESCRIPTION:
  21. //
  22. // Implements the ISWbemSecurity interface for SWbemLocator objects.
  23. //
  24. //***************************************************************************
  25. class CWbemLocatorSecurity : public ISWbemSecurity,
  26. public ISupportErrorInfo,
  27. public IProvideClassInfo
  28. {
  29. private:
  30. CSWbemPrivilegeSet *m_pPrivilegeSet;
  31. CDispatchHelp m_Dispatch;
  32. bool m_impLevelSet;
  33. WbemImpersonationLevelEnum m_impLevel;
  34. bool m_authnLevelSet;
  35. WbemAuthenticationLevelEnum m_authnLevel;
  36. protected:
  37. long m_cRef; //Object reference count
  38. public:
  39. CWbemLocatorSecurity (CSWbemPrivilegeSet *pPrivilegeSet);
  40. CWbemLocatorSecurity (CWbemLocatorSecurity *pCWbemLocatorSecurity);
  41. virtual ~CWbemLocatorSecurity (void);
  42. //Non-delegating object IUnknown
  43. STDMETHODIMP QueryInterface(REFIID, LPVOID*);
  44. STDMETHODIMP_(ULONG) AddRef(void);
  45. STDMETHODIMP_(ULONG) Release(void);
  46. // IDispatch
  47. STDMETHODIMP GetTypeInfoCount(UINT* pctinfo)
  48. {return m_Dispatch.GetTypeInfoCount(pctinfo);}
  49. STDMETHODIMP GetTypeInfo(UINT itinfo, LCID lcid, ITypeInfo** pptinfo)
  50. {return m_Dispatch.GetTypeInfo(itinfo, lcid, pptinfo);}
  51. STDMETHODIMP GetIDsOfNames(REFIID riid, OLECHAR** rgszNames,
  52. UINT cNames, LCID lcid, DISPID* rgdispid)
  53. {return m_Dispatch.GetIDsOfNames(riid, rgszNames, cNames,
  54. lcid,
  55. rgdispid);}
  56. STDMETHODIMP Invoke(DISPID dispidMember, REFIID riid, LCID lcid,
  57. WORD wFlags, DISPPARAMS* pdispparams, VARIANT* pvarResult,
  58. EXCEPINFO* pexcepinfo, UINT* puArgErr)
  59. {return m_Dispatch.Invoke(dispidMember, riid, lcid, wFlags,
  60. pdispparams, pvarResult, pexcepinfo, puArgErr);}
  61. // ISWbemSecurity methods
  62. HRESULT STDMETHODCALLTYPE get_ImpersonationLevel
  63. (
  64. /* [out] */ WbemImpersonationLevelEnum *iImpersonationLevel
  65. );
  66. HRESULT STDMETHODCALLTYPE put_ImpersonationLevel
  67. (
  68. /* [in] */ WbemImpersonationLevelEnum iImpersonationLevel
  69. );
  70. HRESULT STDMETHODCALLTYPE get_AuthenticationLevel
  71. (
  72. /* [out] */ WbemAuthenticationLevelEnum *iAuthenticationLevel
  73. );
  74. HRESULT STDMETHODCALLTYPE put_AuthenticationLevel
  75. (
  76. /* [in] */ WbemAuthenticationLevelEnum iAuthenticationLevel
  77. );
  78. HRESULT STDMETHODCALLTYPE get_Privileges
  79. (
  80. /* [out] */ ISWbemPrivilegeSet **objWbemPrivileges
  81. );
  82. // ISupportErrorInfo methods
  83. HRESULT STDMETHODCALLTYPE InterfaceSupportsErrorInfo
  84. (
  85. /* [in] */ REFIID riid
  86. );
  87. // IProvideClassInfo methods
  88. HRESULT STDMETHODCALLTYPE GetClassInfo
  89. (
  90. /* [in] */ ITypeInfo **ppTI
  91. )
  92. {
  93. return m_Dispatch.GetClassInfo (ppTI);
  94. }
  95. // CWbemLocatorSecurity methods
  96. bool IsImpersonationSet () { return m_impLevelSet; }
  97. bool IsAuthenticationSet () { return m_authnLevelSet; }
  98. BOOL SetSecurity (BSTR bsUser, bool &needToResetSecurity, HANDLE &hThreadToken);
  99. void ResetSecurity (HANDLE hThreadToken);
  100. CSWbemPrivilegeSet *GetPrivilegeSet ()
  101. {
  102. CSWbemPrivilegeSet *pPrivSet = m_pPrivilegeSet;
  103. if (pPrivSet)
  104. pPrivSet->AddRef ();
  105. return pPrivSet;
  106. }
  107. };
  108. //***************************************************************************
  109. //
  110. // CLASS NAME:
  111. //
  112. // CSWbemSecurity
  113. //
  114. // DESCRIPTION:
  115. //
  116. // Implements the ISWbemSecurity interface for non-SWbemLocator objects.
  117. //
  118. //***************************************************************************
  119. class CSWbemSecurity : public ISWbemSecurity,
  120. public ISupportErrorInfo,
  121. public ISWbemInternalSecurity,
  122. public IProvideClassInfo
  123. {
  124. private:
  125. CSWbemPrivilegeSet *m_pPrivilegeSet;
  126. CDispatchHelp m_Dispatch;
  127. CSWbemProxyCache *m_pProxyCache;
  128. IUnknown *m_pCurProxy;
  129. CSWbemProxyCache *GetProxyCache ()
  130. {
  131. CSWbemProxyCache *pCache = m_pProxyCache;
  132. if (pCache)
  133. pCache->AddRef ();
  134. return pCache;
  135. }
  136. // Sundry statics
  137. static bool s_bInitialized;
  138. static bool s_bIsNT;
  139. static DWORD s_dwNTMajorVersion;
  140. static HINSTANCE s_hAdvapi;
  141. static bool s_bCanRevert;
  142. static WbemImpersonationLevelEnum s_dwDefaultImpersonationLevel;
  143. protected:
  144. long m_cRef; //Object reference count
  145. public:
  146. CSWbemSecurity (IUnknown *pUnk,
  147. BSTR bsAuthority = NULL,
  148. BSTR bsUser = NULL, BSTR bsPassword = NULL,
  149. CWbemLocatorSecurity *pSecurity = NULL);
  150. CSWbemSecurity (IUnknown *pUnk,
  151. COAUTHIDENTITY *pCoAuthIdentity,
  152. BSTR bsPrincipal,
  153. BSTR bsAuthority);
  154. CSWbemSecurity (CSWbemSecurity *pSecurity);
  155. CSWbemSecurity (IUnknown *pUnk,
  156. CSWbemSecurity *pSecurity);
  157. CSWbemSecurity (IUnknown *pUnk,
  158. ISWbemInternalSecurity *pSecurity);
  159. virtual ~CSWbemSecurity (void);
  160. //Non-delegating object IUnknown
  161. STDMETHODIMP QueryInterface(REFIID, LPVOID*);
  162. STDMETHODIMP_(ULONG) AddRef(void);
  163. STDMETHODIMP_(ULONG) Release(void);
  164. // IDispatch
  165. STDMETHODIMP GetTypeInfoCount(UINT* pctinfo)
  166. {return m_Dispatch.GetTypeInfoCount(pctinfo);}
  167. STDMETHODIMP GetTypeInfo(UINT itinfo, LCID lcid, ITypeInfo** pptinfo)
  168. {return m_Dispatch.GetTypeInfo(itinfo, lcid, pptinfo);}
  169. STDMETHODIMP GetIDsOfNames(REFIID riid, OLECHAR** rgszNames,
  170. UINT cNames, LCID lcid, DISPID* rgdispid)
  171. {return m_Dispatch.GetIDsOfNames(riid, rgszNames, cNames,
  172. lcid,
  173. rgdispid);}
  174. STDMETHODIMP Invoke(DISPID dispidMember, REFIID riid, LCID lcid,
  175. WORD wFlags, DISPPARAMS* pdispparams, VARIANT* pvarResult,
  176. EXCEPINFO* pexcepinfo, UINT* puArgErr)
  177. {return m_Dispatch.Invoke(dispidMember, riid, lcid, wFlags,
  178. pdispparams, pvarResult, pexcepinfo, puArgErr);}
  179. // ISWbemSecurity methods
  180. HRESULT STDMETHODCALLTYPE get_ImpersonationLevel
  181. (
  182. /* [out] */ WbemImpersonationLevelEnum *iImpersonationLevel
  183. );
  184. HRESULT STDMETHODCALLTYPE put_ImpersonationLevel
  185. (
  186. /* [in] */ WbemImpersonationLevelEnum iImpersonationLevel
  187. );
  188. HRESULT STDMETHODCALLTYPE get_AuthenticationLevel
  189. (
  190. /* [out] */ WbemAuthenticationLevelEnum *iAuthenticationLevel
  191. );
  192. HRESULT STDMETHODCALLTYPE put_AuthenticationLevel
  193. (
  194. /* [in] */ WbemAuthenticationLevelEnum iAuthenticationLevel
  195. );
  196. HRESULT STDMETHODCALLTYPE get_Privileges
  197. (
  198. /* [out] */ ISWbemPrivilegeSet **objWbemPrivileges
  199. );
  200. // ISupportErrorInfo methods
  201. HRESULT STDMETHODCALLTYPE InterfaceSupportsErrorInfo
  202. (
  203. /* [in] */ REFIID riid
  204. );
  205. // IProvideClassInfo methods
  206. HRESULT STDMETHODCALLTYPE GetClassInfo
  207. (
  208. /* [in] */ ITypeInfo **ppTI
  209. )
  210. {
  211. return m_Dispatch.GetClassInfo (ppTI);
  212. }
  213. // ISWbemInternalSecurity methods
  214. HRESULT STDMETHODCALLTYPE GetAuthority (BSTR *bsAuthority);
  215. HRESULT STDMETHODCALLTYPE GetUPD (BSTR *bsUser, BSTR *bsPassword, BSTR *bsDomain);
  216. HRESULT STDMETHODCALLTYPE GetPrincipal (BSTR *bsPrincipal);
  217. // CSWbemSecurity methods
  218. COAUTHIDENTITY *GetCoAuthIdentity () { return (m_pProxyCache ? m_pProxyCache->GetCoAuthIdentity () : NULL); }
  219. BSTR GetPrincipal () { return (m_pProxyCache ? m_pProxyCache->GetPrincipal (): NULL); }
  220. BSTR GetAuthority () { return (m_pProxyCache ? m_pProxyCache->GetAuthority (): NULL); }
  221. bool IsUsingExplicitUserName () { return (m_pProxyCache ? m_pProxyCache->IsUsingExplicitUserName (): false); }
  222. IUnknown *GetProxy ()
  223. {
  224. IUnknown *pProxy = m_pCurProxy;
  225. if (pProxy)
  226. pProxy->AddRef ();
  227. return pProxy;
  228. }
  229. CSWbemPrivilegeSet *GetPrivilegeSet ()
  230. {
  231. CSWbemPrivilegeSet *pPrivSet = m_pPrivilegeSet;
  232. if (pPrivSet)
  233. pPrivSet->AddRef ();
  234. return pPrivSet;
  235. }
  236. void SecureInterface (IUnknown *pUnk);
  237. void SecureInterfaceRev (IUnknown *pUnk);
  238. // Sundry Privilege-related functions
  239. static void AdjustTokenPrivileges (HANDLE hHandle, CSWbemPrivilegeSet *pPrivilegeSet);
  240. static BOOL LookupPrivilegeValue (LPCTSTR lpName, PLUID pLuid);
  241. static void LookupPrivilegeDisplayName (LPCTSTR lpName, BSTR *pDisplayName);
  242. BOOL SetSecurity (bool &needToResetSecurity, HANDLE &hThreadToken);
  243. void ResetSecurity (HANDLE hThreadToken);
  244. // Used to define resources
  245. static void Initialize ();
  246. static void Uninitialize ();
  247. // Sundry OS versioning helper routines
  248. static bool IsNT () { return s_bIsNT; }
  249. static DWORD GetNTMajorVersion () { return s_dwNTMajorVersion; }
  250. static bool CanRevertToSelf () { return s_bCanRevert; }
  251. static WbemImpersonationLevelEnum GetDefaultImpersonationLevel ()
  252. { return s_dwDefaultImpersonationLevel; }
  253. static bool IsImpersonating (bool useDefaultUser, bool useDefaultAuthority);
  254. #ifdef WSCRPDEBUG
  255. static void PrintPrivileges (HANDLE hToken);
  256. #endif
  257. };
  258. #endif