archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 9769ad7c3d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9769ad7c3d'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/azroles/adminmgr.cxx

699 lines
14 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 2001 Microsoft Corporation
  5. Module Name:
  7. adminmgr.cxx
  9. Abstract:
  11. Routines implementing the Admin Manager object
  13. Author:
  15. Cliff Van Dyke (cliffv) 11-Apr-2001
  17. --*/
  19. #include "pch.hxx"
  21. //
  22. // Global Data
  23. //
  25. //
  26. // Global list of all admin manager for this process
  27. // Access serialized by AzGlResource
  28. //
  30. GENERIC_OBJECT_HEAD AzGlAdminManagers;
  32. RTL_RESOURCE AzGlResource;
  34. BOOL ResourceInitialized = FALSE;
  36. GUID AzGlZeroGuid;
  38. #if DBG
  39. BOOL CritSectInitialized = FALSE;
  40. #endif // DBG
  44. BOOL
  45. AzDllInitialize(VOID)
  46. /*++
  48. Routine Description
  50. This initializes global events and variables for the DLL.
  52. Arguments
  54. none
  56. Return Value
  58. Boolean: TRUE on success, FALSE on fail.
  60. --*/
  61. {
  62. BOOL RetVal = TRUE;
  64. //
  65. // Don't call back on thread start/stop
  66. // ???
  69. RtlZeroMemory( &AzGlZeroGuid, sizeof(AzGlZeroGuid) );
  71. // Initialize the resource
  72. //
  73. __try {
  75. RtlInitializeResource( &AzGlResource );
  77. } __except( EXCEPTION_EXECUTE_HANDLER ) {
  78. RetVal = FALSE;
  79. KdPrint(("AzRoles.dll: RtlInitializeResource failed: 0x%lx\n",
  80. GetExceptionCode() ));
  81. }
  83. ResourceInitialized = TRUE;
  85. //
  86. // Initialize the root of the tree of objects
  87. //
  89. AzpLockResourceExclusive( &AzGlResource );
  90. ObInitGenericHead( &AzGlAdminManagers, OBJECT_TYPE_ADMIN_MANAGER, NULL, NULL, NULL );
  91. AzpUnlockResource( &AzGlResource );
  93. //
  94. // Initialize the stack allocator
  95. //
  97. SafeAllocaInitialize(
  98. SAFEALLOCA_USE_DEFAULT,
  99. SAFEALLOCA_USE_DEFAULT,
  100. AzpAllocateHeap,
  101. AzpFreeHeap
  102. );
  104. #if DBG
  105. //
  106. // Initialize the allocator
  107. //
  109. InitializeListHead ( &AzGlAllocatedBlocks );
  110. __try {
  111. InitializeCriticalSection ( &AzGlAllocatorCritSect );
  112. } __except( EXCEPTION_EXECUTE_HANDLER ) {
  113. RetVal = FALSE;
  114. KdPrint(("AzRoles.dll: InitializCriticalSection (AzGlAllocatorCritSect) failed: 0x%lx\n",
  115. GetExceptionCode() ));
  116. }
  118. CritSectInitialized = TRUE;
  119. #endif // DBG
  121. #ifdef AZROLESDBG
  122. //
  123. // Initialize debugging
  124. //
  125. __try {
  126. InitializeCriticalSection ( &AzGlLogFileCritSect );
  127. } __except( EXCEPTION_EXECUTE_HANDLER ) {
  128. RetVal = FALSE;
  129. KdPrint(("AzRoles.dll: InitializCriticalSection (AzGlLogFileCritSect) failed: 0x%lx\n",
  130. GetExceptionCode() ));
  131. }
  133. // AzGlDbFlag = AZD_ALL;
  134. AzGlDbFlag = AZD_INVPARM; // | AZD_PERSIST | AZD_PERSIST_MORE;
  135. // AzGlLogFile = INVALID_HANDLE_VALUE;
  136. #endif // AZROLESDBG
  138. return RetVal;
  140. }
  143. BOOL
  144. AzDllUnInitialize(VOID)
  145. /*++
  147. Routine Description
  149. This uninitializes global events and variables for the DLL.
  151. Arguments
  153. none
  155. Return Value
  157. Boolean: TRUE on success, FALSE on fail.
  159. --*/
  160. {
  161. BOOL RetVal = TRUE;
  163. //
  164. // Don't call back on thread start/stop
  165. //
  166. // Handle detaching from a process.
  167. //
  169. //
  170. // Delete the resource
  171. //
  173. if ( ResourceInitialized ) {
  174. RtlDeleteResource( &AzGlResource );
  175. ResourceInitialized = FALSE;
  176. }
  178. #if DBG
  179. //
  180. // Done with the allocator
  181. //
  183. if ( CritSectInitialized ) {
  184. ASSERT( IsListEmpty( &AzGlAllocatedBlocks ));
  185. DeleteCriticalSection ( &AzGlAllocatorCritSect );
  186. CritSectInitialized = FALSE;
  187. }
  188. #endif // DBG
  190. return RetVal;
  192. }
  194. VOID
  195. AzpUnload(
  196. VOID
  197. )
  198. /*++
  200. Routine Description
  202. Force the DLL unload routine to execute
  204. Arguments
  206. NONE
  208. Return Value
  210. NONE
  212. --*/
  214. {
  216. #if DBG // Don't check this in ???
  217. AzDllUnInitialize();
  218. ASSERT( IsListEmpty( &AzGlAllocatedBlocks ));
  219. #endif // DBG
  221. }
  223. DWORD
  224. AzpAdminManagerInit(
  225. IN PGENERIC_OBJECT ParentGenericObject,
  226. IN PGENERIC_OBJECT ChildGenericObject
  227. )
  228. /*++
  230. Routine Description:
  232. This routine is a worker routine for AzInitialize. It does any object specific
  233. initialization that needs to be done.
  235. On entry, AzGlResource must be locked exclusively.
  237. Arguments:
  239. ParentGenericObject - Specifies the parent object to add the child object onto.
  240. The reference count has been incremented on this object.
  242. ChildGenericObject - Specifies the newly allocated child object.
  243. The reference count has been incremented on this object.
  245. Return Value:
  247. NO_ERROR - The operation was successful
  248. ERROR_NOT_ENOUGH_MEMORY - not enough memory
  249. Other exception status codes
  251. --*/
  252. {
  253. PAZP_ADMIN_MANAGER AdminManager = (PAZP_ADMIN_MANAGER) ChildGenericObject;
  255. //
  256. // Initialization
  257. //
  259. ASSERT( AzpIsLockedExclusive( &AzGlResource ) );
  261. //
  262. // Initialize the lists of child objects
  263. // Let the generic object manager know all of the types of children we support
  264. //
  266. ASSERT( ParentGenericObject == NULL );
  267. UNREFERENCED_PARAMETER( ParentGenericObject );
  269. ChildGenericObject->ChildGenericObjectHead = &AdminManager->Applications;
  271. // List of child applications
  272. ObInitGenericHead( &AdminManager->Applications,
  273. OBJECT_TYPE_APPLICATION,
  274. ChildGenericObject,
  275. &AdminManager->Groups,
  276. NULL ); // Doesn't share namespace
  278. // List of child groups
  279. ObInitGenericHead( &AdminManager->Groups,
  280. OBJECT_TYPE_GROUP,
  281. ChildGenericObject,
  282. &AdminManager->AzpSids,
  283. NULL ); // Doesn't share namespace (YET)
  285. // List of child AzpSids
  286. ObInitGenericHead( &AdminManager->AzpSids,
  287. OBJECT_TYPE_SID,
  288. ChildGenericObject,
  289. NULL,
  290. NULL ); // Doesn't share namespace
  293. return NO_ERROR;
  294. }
  297. VOID
  298. AzpAdminManagerFree(
  299. IN PGENERIC_OBJECT GenericObject
  300. )
  301. /*++
  303. Routine Description:
  305. This routine is a worker routine for AdminManager object free. It does any object specific
  306. cleanup that needs to be done.
  308. On entry, AzGlResource must be locked exclusively.
  310. Arguments:
  312. GenericObject - Specifies a pointer to the object to be deleted.
  314. Return Value:
  316. None
  318. --*/
  319. {
  320. PAZP_ADMIN_MANAGER AdminManager = (PAZP_ADMIN_MANAGER) GenericObject;
  322. //
  323. // Initialization
  324. //
  326. ASSERT( AzpIsLockedExclusive( &AzGlResource ) );
  328. //
  329. // Free any local strings
  330. //
  332. AzpFreeString( &AdminManager->PolicyUrl );
  335. }
  339. DWORD
  340. WINAPI
  341. AzInitialize(
  342. IN DWORD StoreType,
  343. IN LPCWSTR PolicyUrl,
  344. IN DWORD Flags,
  345. IN DWORD Reserved,
  346. OUT PAZ_HANDLE AdminManagerHandle
  347. )
  348. /*++
  350. Routine Description:
  352. This routine initializes admin manager. This routine must be called before any other
  353. routine.
  355. Arguments:
  357. StoreType - Takes one of the AZ_ADMIN_STORE_* defines
  359. PolicyUrl - Specifies the location of the policy store
  361. Flags - Specifies flags that control the behavior of AzInitialize
  362. AZ_ADMIN_FLAG_CREATE: Create the policy database
  364. Reserved - Reserved. Must by zero.
  366. AdminManagerHandle - Return a handle to the AdminManager.
  367. The caller must close this handle by calling AzCloseHandle.
  370. Return Value:
  372. NO_ERROR - The operation was successful
  374. ERROR_ALREADY_EXISTS - AZ_ADMIN_FLAG_CREATE flag was specified and the policy already exists
  375. ERROR_FILE_NOT_FOUND - AZ_ADMIN_FLAG_CREATE flag was not specified and the policy does not already exist
  377. --*/
  378. {
  379. DWORD WinStatus;
  381. PGENERIC_OBJECT AdminManager = NULL;
  382. AZP_STRING AdminManagerName;
  383. AZP_STRING CapturedString;
  386. //
  387. // Grab the global lock
  388. //
  390. AzpLockResourceExclusive( &AzGlResource );
  391. AzpInitString( &AdminManagerName, NULL );
  392. AzpInitString( &CapturedString, NULL );
  394. //
  395. // Initialization
  396. //
  398. __try {
  399. *AdminManagerHandle = NULL;
  400. } __except( EXCEPTION_EXECUTE_HANDLER ) {
  402. WinStatus = RtlNtStatusToDosError( GetExceptionCode());
  403. goto Cleanup;
  404. }
  406. //
  407. // Validate the input parameters
  408. //
  409. if ( Reserved != 0 ) {
  410. AzPrint(( AZD_INVPARM, "AzInitialize: Reserved != 0\n" ));
  411. WinStatus = ERROR_INVALID_PARAMETER;
  412. goto Cleanup;
  413. }
  415. switch ( StoreType ) {
  416. case AZ_ADMIN_STORE_SAMPLE:
  417. break;
  419. case AZ_ADMIN_STORE_UNKNOWN:
  420. case AZ_ADMIN_STORE_AD:
  421. case AZ_ADMIN_STORE_XML:
  422. default:
  423. AzPrint(( AZD_INVPARM, "AzInitialize: StoreType invalid %ld\n", StoreType ));
  424. WinStatus = ERROR_INVALID_PARAMETER;
  425. goto Cleanup;
  426. }
  428. if ( Flags & ~AZ_ADMIN_FLAG_VALID ) {
  429. AzPrint(( AZD_INVPARM, "AzInitialize: Invalid flags 0x%lx\n", Flags ));
  430. WinStatus = ERROR_INVALID_FLAGS;
  431. goto Cleanup;
  432. }
  434. //
  435. // Capture the Policy URL
  436. //
  438. WinStatus = AzpCaptureString( &CapturedString,
  439. (LPWSTR) PolicyUrl,
  440. AZ_MAX_POLICY_URL_LENGTH,
  441. TRUE ); // NULL is OK
  443. if ( WinStatus != NO_ERROR ) {
  444. goto Cleanup;
  445. }
  447. //
  448. // Create the object
  449. //
  451. WinStatus = ObCreateObject(
  452. NULL, // There is no parent object
  453. &AzGlAdminManagers,
  454. OBJECT_TYPE_ADMIN_MANAGER,
  455. &AdminManagerName,
  456. &AdminManager );
  458. if ( WinStatus != NO_ERROR ) {
  459. goto Cleanup;
  460. }
  462. //
  463. // Set admin manager specific fields
  464. //
  466. AzpSwapStrings( &CapturedString, &((PAZP_ADMIN_MANAGER)AdminManager)->PolicyUrl );
  467. ((PAZP_ADMIN_MANAGER)AdminManager)->StoreType = StoreType;
  470. //
  471. // Load the objects for the database store
  472. //
  474. WinStatus = AzpPersistOpen(
  475. (PAZP_ADMIN_MANAGER)AdminManager,
  476. (Flags & AZ_ADMIN_FLAG_CREATE) != 0 );
  478. if ( WinStatus != NO_ERROR ) {
  479. goto Cleanup;
  480. }
  482. //
  483. // Return the handle to the caller
  484. //
  486. ObIncrHandleRefCount( AdminManager );
  487. *AdminManagerHandle = AdminManager;
  489. WinStatus = NO_ERROR;
  492. //
  493. // Free locally used resources
  494. //
  495. Cleanup:
  496. if ( AdminManager != NULL ) {
  497. ObDereferenceObject( AdminManager );
  498. }
  500. AzpFreeString( &CapturedString );
  502. //
  503. // Drop the global lock
  504. //
  506. AzpUnlockResource( &AzGlResource );
  508. return WinStatus;
  510. }
  514. DWORD
  515. WINAPI
  516. AzCloseHandle(
  517. IN AZ_HANDLE AzHandle,
  518. IN DWORD Reserved
  519. )
  520. /*++
  522. Routine Description:
  524. Close a handle returned from any of the Az* routines
  526. Arguments:
  528. AzHandle - Passes in the handle to be closed.
  530. Reserved - Reserved. Must by zero.
  532. Return Value:
  534. NO_ERROR - The operation was successful.
  536. ERROR_INVALID_HANDLE - The passed in handle was invalid
  538. ERROR_SERVER_HAS_OPEN_HANDLES - That passed in handle is an AdminManager handle
  539. and the caller open handles to child objects.
  541. --*/
  542. {
  543. DWORD WinStatus;
  545. PGENERIC_OBJECT ReferencedGenericObject = NULL;
  546. PGENERIC_OBJECT GenericObject = (PGENERIC_OBJECT) AzHandle;
  547. DWORD ObjectType;
  549. //
  550. // Grab the global lock
  551. // Only for the admin manager case do we modify anything.
  552. //
  554. AzpLockResourceShared( &AzGlResource );
  556. //
  557. // Validate the input parameters
  558. //
  559. if ( Reserved != 0 ) {
  560. AzPrint(( AZD_INVPARM, "AzCloseHandle: Reserved != 0\n" ));
  561. WinStatus = ERROR_INVALID_PARAMETER;
  562. goto Cleanup;
  563. }
  566. //
  567. // Determine the type of the object
  568. //
  570. WinStatus = ObGetHandleType( GenericObject,
  571. TRUE, // Ok to close handle for deleted object
  572. &ObjectType );
  574. if ( WinStatus != NO_ERROR ) {
  575. goto Cleanup;
  576. }
  578. //
  579. // Grab the lock exclusively if we're going to change the database
  580. //
  582. if ( ObjectType == OBJECT_TYPE_ADMIN_MANAGER ) {
  583. AzpLockResourceSharedToExclusive( &AzGlResource );
  584. }
  586. //
  587. // Validate the passed in handle
  588. //
  590. WinStatus = ObReferenceObjectByHandle( GenericObject,
  591. TRUE, // Allow deleted objects
  592. FALSE, // No need to refresh cache on a close
  593. ObjectType );
  595. if ( WinStatus != NO_ERROR ) {
  596. goto Cleanup;
  597. }
  599. ReferencedGenericObject = GenericObject;
  601. //
  602. // Handle close of AdminManager handles
  603. //
  605. if ( ObjectType == OBJECT_TYPE_ADMIN_MANAGER ) {
  608. PAZP_ADMIN_MANAGER AdminManager = (PAZP_ADMIN_MANAGER) GenericObject;
  610. //
  611. // Fail if there are any child handles open
  612. // Otherwise we'll have dangling references
  613. //
  615. if ( AdminManager->TotalHandleReferenceCount != 1 ) {
  616. WinStatus = ERROR_SERVER_HAS_OPEN_HANDLES;
  617. goto Cleanup;
  618. }
  620. //
  621. // Close the database store
  622. //
  624. AzpPersistClose( AdminManager );
  626. //
  627. // Remove the entry from the global list of AdminManagers
  628. //
  629. RemoveEntryList( &GenericObject->Next );
  631. // One from ObReferenceObjectByHandle,
  632. // one for being in the global list,
  633. // one because the handle itself isn't closed yet.
  634. ASSERT( GenericObject->ReferenceCount == 3 );
  636. // No longer in the global list
  637. ObDereferenceObject( GenericObject );
  639. }
  642. //
  643. // Actually close the handle
  644. //
  646. ObDecrHandleRefCount( GenericObject );
  648. //
  649. // ??? This is really an overactive assert. Yank it once someone complains.
  650. ASSERT( (GenericObject->Flags & GENOBJ_FLAGS_DIRTY) == 0 );
  652. WinStatus = NO_ERROR;
  655. //
  656. // Free locally used resources
  657. //
  658. Cleanup:
  660. if ( ReferencedGenericObject != NULL ) {
  661. ObDereferenceObject( ReferencedGenericObject );
  662. }
  664. //
  665. // Drop the global lock
  666. //
  668. AzpUnlockResource( &AzGlResource );
  670. return WinStatus;
  672. }
  675. VOID
  676. WINAPI
  677. AzFreeMemory(
  678. IN PVOID Buffer
  679. )
  680. /*++
  682. Routine Description
  684. Free memory returned from AzXXXGetProperty
  686. Arguments
  688. Buffer - address of buffer to free
  690. Return Value
  692. None
  694. --*/
  695. {
  696. if ( Buffer != NULL ) {
  697. AzpFreeHeap( Buffer );
  698. }
  699. }