archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 9769ad7c3d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9769ad7c3d'
${ noResults }
windows-xp/Source/XPSP1/NT/termsrv/admtools/c2config/c2acls/c2ntfacl.c

427 lines
12 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1994 Microsoft Corporation
  5. Module Name:
  7. c2NtfAcl.c
  9. Abstract:
  11. NTFS File and Directory Security processing and display functions
  13. Author:
  15. Bob Watson (a-robw)
  17. Revision History:
  19. 23 Dec 94
  21. --*/
  22. #include <windows.h>
  23. #include <tchar.h>
  24. #include <stdio.h>
  25. #include <c2dll.h>
  26. #include <c2inc.h>
  27. #include <c2utils.h>
  28. #include <strings.h>
  29. #include "c2acls.h"
  30. #include "c2aclres.h"
  33. // define action codes here. They are only meaningful in the
  34. // context of this module.
  36. #define AC_NTFS_ACLS_MAKE_C2 1
  37. #define AC_NTFS_ACLS_MAKE_NOTC2 2
  39. #define SECURE C2DLL_C2
  41. #define FS_UNKNOWN 0x00000000
  42. #define FS_FAT 0x00000001
  43. #define FS_NTFS 0x00000002
  44. #define FS_HPFS 0x00000004
  46. static
  47. DWORD
  48. GetSystemDriveFileSystem (
  49. )
  50. {
  51. TCHAR szSystemDir[MAX_PATH];
  52. TCHAR szVolumeName[MAX_PATH];
  53. TCHAR szFileSystemName[MAX_PATH];
  54. DWORD dwVolumeSerialNumber;
  55. DWORD dwMaxComponentLength;
  56. DWORD dwFileSystemFlags;
  58. DWORD dwReturn = FS_UNKNOWN;
  60. if (GetSystemDirectory (szSystemDir, (sizeof(szSystemDir)/sizeof(TCHAR))) > 0) {
  61. // truncate path and just keep drive letter, colon & backslash
  62. szSystemDir[3] = 0;
  63. if (GetDriveType(szSystemDir) == DRIVE_FIXED) {
  64. // only check fixed disk volumes
  65. if (GetVolumeInformation(szSystemDir,
  66. szVolumeName,
  67. sizeof(szVolumeName) / sizeof(TCHAR),
  68. &dwVolumeSerialNumber,
  69. &dwMaxComponentLength,
  70. &dwFileSystemFlags,
  71. szFileSystemName,
  72. sizeof(szFileSystemName) / sizeof(TCHAR))) {
  73. // volume information returned so see if it's NOT NTFS..
  75. if (lstrcmpi(szFileSystemName,
  76. GetStringResource (GetDllInstance(), IDS_NTFS)) == 0) {
  77. dwReturn = FS_NTFS;
  78. } else if (lstrcmpi(szFileSystemName,
  79. GetStringResource (GetDllInstance(), IDS_FAT)) == 0) {
  80. dwReturn = FS_FAT;
  81. } else if (lstrcmpi(szFileSystemName,
  82. GetStringResource (GetDllInstance(), IDS_HPFS)) == 0) {
  83. dwReturn = FS_HPFS;
  84. } else {
  85. //return Unknown
  86. }
  87. } else {
  88. // unable to read volume information
  89. }
  90. } else {
  91. // unable to get drive type
  92. }
  93. } else {
  94. // unable to look up system dir
  95. }
  96. return dwReturn;
  97. }
  99. //static
  100. LONG
  101. ProcessNtfsInf (
  102. IN LPCTSTR szInfFileName
  103. )
  104. /*++
  106. Routine Description:
  108. Read the NTFS security INF file and update the registry key security
  111. Return Value:
  113. WIN32 status of function
  115. --*/
  116. {
  118. LONG lReturn;
  119. LONG lStatus;
  121. DWORD dwReturnSize;
  122. DWORD dwPathListSize;
  123. LPTSTR mszPathList;
  124. LPTSTR szThisPath;
  125. LPCTSTR szFilePath;
  127. TCHAR mszThisSection[SMALL_BUFFER_SIZE];
  129. DWORD dwDirFlags;
  131. PACL paclFile;
  132. PACL paclDir;
  134. SECURITY_DESCRIPTOR sdFile;
  135. SECURITY_DESCRIPTOR sdDir;
  137. if (FileExists(szInfFileName)) {
  138. // file found, so continue
  139. dwReturnSize = 0;
  140. dwPathListSize = 0;
  141. mszPathList = NULL;
  142. do {
  143. // allocate buffer to hold key list
  144. dwPathListSize += MAX_PATH * 1024; // add room for 1K keys
  146. // free any previous allocations
  147. GLOBAL_FREE_IF_ALLOC (mszPathList);
  149. mszPathList = (LPTSTR)GLOBAL_ALLOC(dwPathListSize * sizeof(TCHAR));
  151. // read the keys to process (i.e. get a list of the section
  152. // headers in the .ini file.
  154. dwReturnSize = GetPrivateProfileString (
  155. NULL, // list all sections
  156. NULL, // not used
  157. cmszEmptyString, // empty string for default,
  158. mszPathList,
  159. dwPathListSize, // buffer size in characters
  160. szInfFileName); // file name
  162. } while (dwReturnSize == (dwPathListSize -2)); // this value indicates truncation
  164. if (dwReturnSize != 0) {
  165. // process all file paths in list
  166. for (szThisPath = mszPathList;
  167. *szThisPath != 0;
  168. szThisPath += lstrlen(szThisPath)+1) {
  170. // read in all the ACEs for this key
  171. dwReturnSize = GetPrivateProfileSection (
  172. szThisPath,
  173. mszThisSection,
  174. SMALL_BUFFER_SIZE,
  175. szInfFileName);
  177. if (dwReturnSize != 0) {
  178. // make 2 security Descriptors, one to be assigned
  179. // to files (containing access for just the file)
  180. // and one for directories that have access for
  181. // directories themselves as well as the sub-items
  182. // (files and dirs)
  183. paclFile = (PACL)GLOBAL_ALLOC(SMALL_BUFFER_SIZE);
  184. paclDir = (PACL)GLOBAL_ALLOC(SMALL_BUFFER_SIZE);
  185. if ((paclFile != NULL) && (paclDir != NULL)){
  186. InitializeSecurityDescriptor (&sdFile,
  187. SECURITY_DESCRIPTOR_REVISION);
  188. InitializeSecurityDescriptor (&sdDir,
  189. SECURITY_DESCRIPTOR_REVISION);
  190. if (InitializeAcl(paclFile, SMALL_BUFFER_SIZE, ACL_REVISION) &&
  191. InitializeAcl(paclDir, SMALL_BUFFER_SIZE, ACL_REVISION)) {
  192. // make ACL from section
  193. szFilePath = GetFilePathFromHeader (
  194. szThisPath, &dwDirFlags);
  196. lStatus = MakeAclFromNtfsSection (
  197. mszThisSection,
  198. TRUE,
  199. paclDir);
  201. // add ACL to Security Descriptor
  202. SetSecurityDescriptorDacl (
  203. &sdDir,
  204. TRUE,
  205. paclDir,
  206. FALSE);
  208. lStatus = MakeAclFromNtfsSection (
  209. mszThisSection,
  210. FALSE,
  211. paclFile);
  213. // add ACL to Security Descriptor
  214. SetSecurityDescriptorDacl (
  215. &sdFile,
  216. TRUE,
  217. paclFile,
  218. FALSE);
  220. // DACL built now update key
  222. lStatus = SetNtfsFileSecurity (
  223. szFilePath,
  224. dwDirFlags,
  225. &sdDir,
  226. &sdFile);
  227. } else {
  228. // unable to initialize ACL
  229. }
  230. GLOBAL_FREE_IF_ALLOC (paclFile);
  231. GLOBAL_FREE_IF_ALLOC (paclDir);
  232. } else {
  233. // unable to allocate ACL buffer
  234. }
  235. } else {
  236. // no entries found in this section
  237. }
  238. } // end while scanning list of sections
  239. } else {
  240. // no section list returned
  241. }
  242. GLOBAL_FREE_IF_ALLOC (mszPathList);
  243. } else {
  244. lReturn = ERROR_FILE_NOT_FOUND;
  245. }
  246. return lReturn;
  247. }
  249. LONG
  250. C2QueryNtfsFiles (
  251. IN LPARAM lParam
  252. )
  253. /*++
  255. Routine Description:
  257. Function called to find out the current state of this configuration
  258. item. This function reads the current state of the item and
  259. sets the C2 Compliance flag and the Status string to reflect
  260. the current value of the configuration item.
  262. For the moment, the registry is not read and compared so no status
  263. is returned.
  265. Arguments:
  267. Pointer to the Dll data block passed as an LPARAM.
  269. ReturnValue:
  271. ERROR_SUCCESS if the function succeeds otherwise a
  272. WIN32 error is returned if an error occurs
  274. --*/
  275. {
  276. PC2DLL_DATA pC2Data;
  278. if (lParam != 0) {
  279. pC2Data = (PC2DLL_DATA)lParam;
  280. // return message based on flag for now
  281. pC2Data->lC2Compliance = C2DLL_UNKNOWN;
  282. lstrcpy (pC2Data->szStatusName,
  283. GetStringResource (GetDllInstance(), IDS_UNABLE_READ));
  284. return ERROR_SUCCESS;
  285. } else {
  286. return ERROR_BAD_ARGUMENTS;
  287. }
  288. }
  290. LONG
  291. C2SetNtfsFiles (
  292. IN LPARAM lParam
  293. )
  294. /*++
  296. Routine Description:
  298. Function called to change the current state of this configuration
  299. item based on an action code passed in the DLL data block. If
  300. this function successfully sets the state of the configuration
  301. item, then the C2 Compliance flag and the Status string to reflect
  302. the new value of the configuration item.
  304. Arguments:
  306. Pointer to the Dll data block passed as an LPARAM.
  308. ReturnValue:
  310. ERROR_SUCCESS if the function succeeds otherwise a
  311. WIN32 error is returned if an error occurs
  313. --*/
  314. {
  315. PC2DLL_DATA pC2Data;
  316. TCHAR szInfFileName[MAX_PATH];
  318. if (lParam != 0) {
  319. pC2Data = (PC2DLL_DATA)lParam;
  320. switch (pC2Data->lActionCode ) {
  321. case AC_NTFS_ACLS_MAKE_C2:
  322. if (DisplayDllMessageBox(
  323. pC2Data->hWnd,
  324. IDS_NTFS_ACLS_CONFIRM,
  325. IDS_NTFS_ACLS_CAPTION,
  326. MBOKCANCEL_QUESTION) == IDOK) {
  328. SET_WAIT_CURSOR;
  330. if (GetFilePath(
  331. GetStringResource(GetDllInstance(), IDS_NTFS_ACL_INF),
  332. szInfFileName)) {
  333. if (ProcessNtfsInf(szInfFileName) == ERROR_SUCCESS) {
  334. pC2Data->lC2Compliance = SECURE;
  335. lstrcpy (pC2Data->szStatusName,
  336. GetStringResource(GetDllInstance(), IDS_NTFS_ACLS_COMPLY));
  337. } else {
  338. // unable to set acl security
  339. }
  340. } else {
  341. // unable to get acl file path
  342. }
  343. SET_ARROW_CURSOR;
  344. } else {
  345. // user opted not to set acls
  346. }
  347. break;
  349. default:
  350. // no change;
  351. break;
  352. }
  353. } else {
  354. return ERROR_BAD_ARGUMENTS;
  355. }
  357. return ERROR_SUCCESS;
  358. }
  360. LONG
  361. C2DisplayNtfsFiles (
  362. IN LPARAM lParam
  363. )
  364. /*++
  366. Routine Description:
  368. Function called to display more information on the configuration
  369. item and provide the user with the option to change the current
  370. setting (if appropriate). If the User "OK's" out of the UI,
  371. then the action code field in the DLL data block is set to the
  372. appropriate (and configuration item-specific) action code so the
  373. "Set" function can be called to perform the desired action. If
  374. the user Cancels out of the UI, then the Action code field is
  375. set to 0 (no action) and no action is performed.
  377. Arguments:
  379. Pointer to the Dll data block passed as an LPARAM.
  381. ReturnValue:
  383. ERROR_SUCCESS if the function succeeds otherwise a
  384. WIN32 error is returned if an error occurs
  386. --*/
  387. {
  388. PC2DLL_DATA pC2Data;
  390. if (lParam != 0) {
  391. pC2Data = (PC2DLL_DATA)lParam;
  392. } else {
  393. return ERROR_BAD_ARGUMENTS;
  394. }
  395. if (GetSystemDriveFileSystem() == FS_NTFS) {
  396. if (pC2Data->lC2Compliance == SECURE) {
  397. DisplayDllMessageBox (
  398. pC2Data->hWnd,
  399. IDS_NTFS_ACLS_COMPLY,
  400. IDS_NTFS_ACLS_CAPTION,
  401. MBOK_INFO);
  402. } else {
  403. if (DisplayDllMessageBox (
  404. pC2Data->hWnd,
  405. IDS_NTFS_ACLS_QUERY_SET,
  406. IDS_NTFS_ACLS_CAPTION,
  407. MBOKCANCEL_QUESTION) == IDOK) {
  408. pC2Data->lActionCode = AC_NTFS_ACLS_MAKE_C2;
  409. pC2Data->lActionValue = 0; // not used
  410. } else {
  411. pC2Data->lActionCode = 0; // no action
  412. pC2Data->lActionValue = 0; // not used
  413. }
  414. }
  415. } else {
  416. DisplayDllMessageBox (
  417. pC2Data->hWnd,
  418. IDS_NTFS_ACLS_NOT_NTFS,
  419. IDS_NTFS_ACLS_CAPTION,
  420. MBOK_EXCLAIM);
  421. pC2Data->lActionCode = 0; // no action
  422. pC2Data->lActionValue = 0; // not used
  423. }
  424. return ERROR_SUCCESS;
  425. }