archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/base/ntsetup/textmode/cmdcons/util.c

694 lines
17 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1998 Microsoft Corporation
  5. Module Name:
  7. util.c
  9. Abstract:
  11. This module implements all utility functions.
  13. Author:
  15. Wesley Witt (wesw) 21-Oct-1998
  17. Revision History:
  19. --*/
  21. #include "cmdcons.h"
  22. #pragma hdrstop
  25. #include "remboot.h"
  27. HANDLE NetUseHandles[26] = { NULL };
  28. BOOLEAN RdrIsInKernelMode = FALSE;
  30. RC_ALLOWED_DIRECTORY AllowedDirs[] = {
  31. { FALSE, L"$WIN_NT$.~BT" },
  32. { FALSE, L"$WIN_NT$.~LS" },
  33. { FALSE, L"CMDCONS" },
  34. { TRUE, L"SYSTEM VOLUME INFORMATION" }
  35. };
  37. BOOLEAN
  38. RcIsPathNameAllowed(
  39. IN LPCWSTR FullPath,
  40. IN BOOLEAN RemovableMediaOk,
  41. IN BOOLEAN Mkdir
  42. )
  44. /*++
  46. Routine Description:
  48. This routine verifies that the specified path name is
  49. allowed based on the security context that the console
  50. user is logged into.
  52. Arguments:
  54. FullPath - specifies the full path to be verified.
  56. Return Value:
  58. FALSE if failure, indicating the path is not allowed.
  59. TRUE otherwise.
  61. --*/
  63. {
  64. WCHAR TempBuf[MAX_PATH*2];
  65. UNICODE_STRING UnicodeString;
  66. OBJECT_ATTRIBUTES Obja;
  67. HANDLE Handle;
  68. IO_STATUS_BLOCK IoStatusBlock;
  69. NTSTATUS Status;
  70. BOOL isDirectory = TRUE;
  72. //
  73. // should we bypass security?
  74. //
  76. if (AllowAllPaths) {
  77. return TRUE;
  78. }
  80. //
  81. // some special processing for dos paths
  82. // we must make sure that only the root and %systemdir% are allowed.
  83. //
  85. if (FullPath[1] == L':' && FullPath[2] == L'\\' && FullPath[3] == 0) {
  86. //
  87. // root directory is ok.
  88. //
  89. return TRUE;
  90. }
  92. SpStringToUpper((PWSTR)FullPath);
  94. if (!RcGetNTFileName((PWSTR)FullPath,TempBuf))
  95. return FALSE;
  97. INIT_OBJA(&Obja,&UnicodeString,TempBuf);
  99. Status = ZwOpenFile(
  100. &Handle,
  101. FILE_READ_ATTRIBUTES,
  102. &Obja,
  103. &IoStatusBlock,
  104. FILE_SHARE_READ | FILE_SHARE_WRITE,
  105. FILE_DIRECTORY_FILE
  106. );
  107. if( !NT_SUCCESS(Status) ) {
  108. isDirectory = FALSE;
  110. } else {
  111. ZwClose( Handle );
  112. }
  114. if (isDirectory == FALSE && wcsrchr( FullPath, L'\\' ) == ( &FullPath[2] )) {
  115. //
  116. // if the cannonicalized path has only one slash the user is trying to do something
  117. // to the files in the root, which we allow.
  118. //
  119. // however we do not allow users to mess with directories at the root
  120. //
  121. if (Mkdir) {
  122. return FALSE;
  123. } else {
  124. return TRUE;
  125. }
  126. }
  128. ASSERT(SelectedInstall != NULL);
  130. if(SelectedInstall != NULL) {
  131. //
  132. // Get the length of the first element in the path
  133. //
  134. PCWSTR sz;
  135. DWORD Len;
  136. DWORD i;
  137. WCHAR SelectedInstallDrive;
  139. sz = wcschr(FullPath + 3, L'\\');
  141. if(NULL == sz) {
  142. sz = FullPath + wcslen(FullPath);
  143. }
  145. Len = (DWORD) ((sz - FullPath) - 3);
  146. SelectedInstallDrive = RcToUpper(SelectedInstall->DriveLetter);
  148. //
  149. // See if path begins with the install path
  150. //
  151. if(FullPath[0] == SelectedInstallDrive && 0 == _wcsnicmp(FullPath + 3, SelectedInstall->Path, Len)) {
  152. return TRUE;
  153. }
  155. //
  156. // See if the path begins with an allowed dir
  157. //
  158. for(i = 0; i < sizeof(AllowedDirs) / sizeof(AllowedDirs[0]); ++i) {
  159. if((!AllowedDirs[i].MustBeOnInstallDrive || FullPath[0] == SelectedInstallDrive) &&
  160. 0 == _wcsnicmp(FullPath + 3, AllowedDirs[i].Directory, Len)) {
  161. return TRUE;
  162. }
  163. }
  164. }
  166. if (RcIsFileOnRemovableMedia(TempBuf) == STATUS_SUCCESS) {
  167. if (RemovableMediaOk) {
  168. return TRUE;
  169. }
  170. }
  172. if (RcIsNetworkDrive(TempBuf) == STATUS_SUCCESS) {
  173. //
  174. // Context that was used for connection will do appropriate security checking.
  175. //
  176. return TRUE;
  177. }
  179. return FALSE;
  180. }
  183. BOOLEAN
  184. RcDoesPathHaveWildCards(
  185. IN LPCWSTR FullPath
  186. )
  188. /*++
  190. Routine Description:
  192. This routine verifies that the specified path name is
  193. allowed based on the security context that the console
  194. user is logged into.
  196. Arguments:
  198. FullPath - specifies the full path to be verified.
  200. Return Value:
  202. FALSE if failure, indicating the path is not allowed.
  203. TRUE otherwise.
  205. --*/
  207. {
  208. if (wcsrchr( FullPath, L'*' )) {
  209. return TRUE;
  210. }
  212. if (wcsrchr( FullPath, L'?' )) {
  213. return TRUE;
  214. }
  216. return FALSE;
  217. }
  219. NTSTATUS
  220. RcIsNetworkDrive(
  221. IN PWSTR FileName
  222. )
  224. /*++
  226. Routine Description:
  228. This routine returns if the FileName given is a network path.
  230. Arguments:
  232. FileName - specifies the full path to be checked.
  234. Return Value:
  236. Any other than STATUS_SUCCESS if failure, indicating the path is not on the network,
  237. STATUS_SUCCESS otherwise.
  239. --*/
  241. {
  242. NTSTATUS Status;
  243. FILE_FS_DEVICE_INFORMATION DeviceInfo;
  244. PWSTR BaseNtName;
  246. if (wcsncmp(FileName, L"\\DosDevice", wcslen(L"\\DosDevice")) == 0) {
  247. Status = GetDriveLetterLinkTarget( FileName, &BaseNtName );
  249. if (!NT_SUCCESS(Status)) {
  250. return Status;
  251. }
  252. } else {
  253. BaseNtName = FileName;
  254. }
  256. Status = pRcGetDeviceInfo( BaseNtName, &DeviceInfo );
  257. if(NT_SUCCESS(Status)) {
  258. if (DeviceInfo.DeviceType != FILE_DEVICE_NETWORK_FILE_SYSTEM) {
  259. Status = STATUS_NO_MEDIA;
  260. }
  261. }
  263. return Status;
  264. }
  267. NTSTATUS
  268. RcDoNetUse(
  269. PWSTR Share,
  270. PWSTR User,
  271. PWSTR Password,
  272. PWSTR Drive
  273. )
  275. /*++
  277. Routine Description:
  279. This routine attempts to make a connection using the redirector to the remote server.
  281. Arguments:
  283. Share - A string of the form "\\server\share"
  285. User - A string of the form "domain\user"
  287. Password - A string containing the password information.
  289. Drive - Filled in with a string of the form "X", where X is the drive letter the share
  290. has been mapped to.
  292. Return Value:
  294. STATUS_SUCCESS if successful, indicating Drive contains the mapped drive letter,
  295. otherwise the appropriate error code.
  297. --*/
  299. {
  300. NTSTATUS Status;
  301. PWSTR NtDeviceName;
  302. ULONG ShareLength;
  303. WCHAR DriveLetter;
  304. WCHAR temporaryBuffer[128];
  305. PWCHAR Temp, Temp2;
  306. HANDLE Handle;
  307. ULONG EaBufferLength;
  308. PWSTR UserName;
  309. PWSTR DomainName;
  310. PVOID EaBuffer;
  311. UNICODE_STRING UnicodeString;
  312. UNICODE_STRING UnicodeString2;
  313. OBJECT_ATTRIBUTES ObjectAttributes;
  314. IO_STATUS_BLOCK IoStatusBlock;
  315. PFILE_FULL_EA_INFORMATION FullEaInfo;
  317. //
  318. // Switch the redirector to kernel-mode security if it is not.
  319. //
  320. if (!RdrIsInKernelMode) {
  321. Status = PutRdrInKernelMode();
  323. if (!NT_SUCCESS(Status)) {
  324. return Status;
  325. }
  327. RdrIsInKernelMode = TRUE;
  328. }
  330. //
  331. // Search for an open drive letter, starting at D: and working up.
  332. //
  333. wcscpy(temporaryBuffer, L"\\DosDevices\\D:");
  334. Temp = wcsstr(temporaryBuffer, L"D:");
  336. for (DriveLetter = L'D'; (Temp && (DriveLetter <= L'Z')); DriveLetter++) {
  337. *Temp = DriveLetter;
  339. Status = GetDriveLetterLinkTarget( temporaryBuffer, &Temp2 );
  341. if (!NT_SUCCESS(Status)) {
  342. break;
  343. }
  344. }
  346. if (DriveLetter > L'Z') {
  347. return STATUS_OBJECT_NAME_INVALID;
  348. }
  350. //
  351. // Build the NT device name.
  352. //
  353. ShareLength = wcslen(Share);
  354. NtDeviceName = SpMemAlloc(ShareLength * sizeof(WCHAR) + sizeof(L"\\Device\\LanmanRedirector\\;X:0"));
  355. if (NtDeviceName == NULL) {
  356. return STATUS_NO_MEMORY;
  357. }
  358. wcscpy(NtDeviceName, L"\\Device\\LanmanRedirector\\;");
  359. temporaryBuffer[0] = DriveLetter;
  360. temporaryBuffer[1] = UNICODE_NULL;
  361. wcscat(NtDeviceName, temporaryBuffer);
  362. wcscat(NtDeviceName, L":0");
  363. wcscat(NtDeviceName, Share + 1);
  365. //
  366. // Chop the username and domainname into individual values.
  367. //
  368. wcscpy(temporaryBuffer, User);
  369. DomainName = temporaryBuffer;
  370. UserName = wcsstr(temporaryBuffer, L"\\");
  372. if (UserName == NULL) {
  373. SpMemFree(NtDeviceName);
  374. return STATUS_OBJECT_NAME_INVALID;
  375. }
  376. *UserName = UNICODE_NULL;
  377. UserName++;
  379. //
  380. // Create buffer with user credentials
  381. //
  383. EaBufferLength = FIELD_OFFSET(FILE_FULL_EA_INFORMATION, EaName[0]);
  384. EaBufferLength += sizeof(EA_NAME_DOMAIN);
  385. EaBufferLength += (wcslen(DomainName) * sizeof(WCHAR));
  386. if (EaBufferLength & (sizeof(ULONG) - 1)) {
  387. //
  388. // Long align the next entry
  389. //
  390. EaBufferLength += (sizeof(ULONG) - (EaBufferLength & (sizeof(ULONG) - 1)));
  391. }
  393. EaBufferLength += FIELD_OFFSET(FILE_FULL_EA_INFORMATION, EaName[0]);
  394. EaBufferLength += sizeof(EA_NAME_USERNAME);
  395. EaBufferLength += (wcslen(UserName) * sizeof(WCHAR));
  396. if (EaBufferLength & (sizeof(ULONG) - 1)) {
  397. //
  398. // Long align the next entry
  399. //
  400. EaBufferLength += (sizeof(ULONG) - (EaBufferLength & (sizeof(ULONG) - 1)));
  401. }
  403. EaBufferLength += FIELD_OFFSET(FILE_FULL_EA_INFORMATION, EaName[0]);
  404. EaBufferLength += sizeof(EA_NAME_PASSWORD);
  405. EaBufferLength += (wcslen(Password) * sizeof(WCHAR));
  407. EaBuffer = SpMemAlloc(EaBufferLength);
  408. if (EaBuffer == NULL) {
  409. SpMemFree(NtDeviceName);
  410. return STATUS_NO_MEMORY;
  411. }
  413. FullEaInfo = (PFILE_FULL_EA_INFORMATION)EaBuffer;
  415. FullEaInfo->Flags = 0;
  416. FullEaInfo->EaNameLength = sizeof(EA_NAME_DOMAIN) - 1;
  417. FullEaInfo->EaValueLength = (wcslen(DomainName)) * sizeof(WCHAR);
  418. strcpy(&(FullEaInfo->EaName[0]), EA_NAME_DOMAIN);
  419. memcpy(&(FullEaInfo->EaName[FullEaInfo->EaNameLength + 1]), DomainName, FullEaInfo->EaValueLength);
  420. FullEaInfo->NextEntryOffset = FIELD_OFFSET(FILE_FULL_EA_INFORMATION, EaName[0]) +
  421. FullEaInfo->EaNameLength + 1 +
  422. FullEaInfo->EaValueLength;
  423. if (FullEaInfo->NextEntryOffset & (sizeof(ULONG) - 1)) {
  424. FullEaInfo->NextEntryOffset += (sizeof(ULONG) -
  425. (FullEaInfo->NextEntryOffset &
  426. (sizeof(ULONG) - 1)));
  427. }
  430. FullEaInfo = (PFILE_FULL_EA_INFORMATION)(((char *)FullEaInfo) + FullEaInfo->NextEntryOffset);
  432. FullEaInfo->Flags = 0;
  433. FullEaInfo->EaNameLength = sizeof(EA_NAME_USERNAME) - 1;
  434. FullEaInfo->EaValueLength = (wcslen(UserName)) * sizeof(WCHAR);
  435. strcpy(&(FullEaInfo->EaName[0]), EA_NAME_USERNAME);
  436. memcpy(&(FullEaInfo->EaName[FullEaInfo->EaNameLength + 1]), UserName, FullEaInfo->EaValueLength);
  437. FullEaInfo->NextEntryOffset = FIELD_OFFSET(FILE_FULL_EA_INFORMATION, EaName[0]) +
  438. FullEaInfo->EaNameLength + 1 +
  439. FullEaInfo->EaValueLength;
  440. if (FullEaInfo->NextEntryOffset & (sizeof(ULONG) - 1)) {
  441. FullEaInfo->NextEntryOffset += (sizeof(ULONG) -
  442. (FullEaInfo->NextEntryOffset &
  443. (sizeof(ULONG) - 1)));
  444. }
  447. FullEaInfo = (PFILE_FULL_EA_INFORMATION)(((char *)FullEaInfo) + FullEaInfo->NextEntryOffset);
  449. FullEaInfo->Flags = 0;
  450. FullEaInfo->EaNameLength = sizeof(EA_NAME_PASSWORD) - 1;
  451. FullEaInfo->EaValueLength = (wcslen(Password)) * sizeof(WCHAR);
  452. strcpy(&(FullEaInfo->EaName[0]), EA_NAME_PASSWORD);
  453. memcpy(&(FullEaInfo->EaName[FullEaInfo->EaNameLength + 1]), Password, FullEaInfo->EaValueLength);
  454. FullEaInfo->NextEntryOffset = 0;
  456. //
  457. // Now make the connection
  458. //
  459. RtlInitUnicodeString(&UnicodeString, NtDeviceName);
  460. InitializeObjectAttributes(&ObjectAttributes,
  461. &UnicodeString,
  462. OBJ_CASE_INSENSITIVE,
  463. NULL,
  464. NULL
  465. );
  467. Status = ZwCreateFile(&Handle,
  468. SYNCHRONIZE,
  469. &ObjectAttributes,
  470. &IoStatusBlock,
  471. NULL,
  472. FILE_ATTRIBUTE_NORMAL,
  473. FILE_SHARE_READ,
  474. FILE_OPEN_IF,
  475. (FILE_CREATE_TREE_CONNECTION | FILE_SYNCHRONOUS_IO_NONALERT),
  476. EaBuffer,
  477. EaBufferLength
  478. );
  480. if (NT_SUCCESS(Status) && NT_SUCCESS(IoStatusBlock.Status)) {
  481. //
  482. // Save off the handle so we can close it later if need be
  483. //
  484. NetUseHandles[DriveLetter - L'A'] = Handle;
  485. Drive[0] = DriveLetter;
  486. Drive[1] = L':';
  487. Drive[2] = UNICODE_NULL;
  489. //
  490. // Now create a symbolic link from the dos drive letter to the redirector
  491. //
  492. wcscpy(temporaryBuffer, L"\\DosDevices\\");
  493. wcscat(temporaryBuffer, Drive);
  494. RtlInitUnicodeString(&UnicodeString2, temporaryBuffer);
  496. Status = IoCreateSymbolicLink(&UnicodeString2, &UnicodeString);
  497. if (!NT_SUCCESS(Status)) {
  498. ZwClose(Handle);
  499. NetUseHandles[DriveLetter - L'A'] = NULL;
  500. } else {
  501. RcAddDrive(DriveLetter);
  502. }
  504. }
  506. SpMemFree(NtDeviceName);
  507. return Status;
  508. }
  511. NTSTATUS
  512. RcNetUnuse(
  513. PWSTR Drive
  514. )
  516. /*++
  518. Routine Description:
  520. This routine closes a network connection.
  522. Arguments:
  524. Drive - A string of the form "X:", where X is the drive letter returned by a previous call to
  525. NetDoNetUse().
  527. Return Value:
  529. STATUS_SUCCESS if successful, indicating the drive letter has been unmapped,
  530. otherwise the appropriate error code.
  532. --*/
  534. {
  535. NTSTATUS Status;
  536. WCHAR DriveLetter;
  537. WCHAR temporaryBuffer[128];
  538. UNICODE_STRING UnicodeString;
  540. DriveLetter = *Drive;
  541. if ((DriveLetter >= L'a') && (DriveLetter <= L'z')) {
  542. DriveLetter = L'A' + (DriveLetter - L'a');
  543. }
  545. if ((DriveLetter < L'A') | (DriveLetter > L'Z')) {
  546. return STATUS_OBJECT_NAME_INVALID;
  547. }
  549. if (NetUseHandles[DriveLetter - L'A'] == NULL) {
  550. return STATUS_OBJECT_NAME_INVALID;
  551. }
  553. if (RcGetCurrentDriveLetter() == DriveLetter) {
  554. return STATUS_CONNECTION_IN_USE;
  555. }
  557. wcscpy(temporaryBuffer, L"\\DosDevices\\");
  558. wcscat(temporaryBuffer, Drive);
  559. RtlInitUnicodeString(&UnicodeString, temporaryBuffer);
  561. Status = IoDeleteSymbolicLink(&UnicodeString);
  563. if (NT_SUCCESS(Status)) {
  564. ZwClose(NetUseHandles[DriveLetter - L'A']);
  565. NetUseHandles[DriveLetter - L'A'] = NULL;
  566. RcRemoveDrive(DriveLetter);
  567. }
  569. return Status;
  570. }
  574. NTSTATUS
  575. PutRdrInKernelMode(
  576. VOID
  577. )
  579. /*++
  581. Routine Description:
  583. This routine IOCTLs down to the rdr to force it to use kernel-mode security.
  585. Arguments:
  587. None.
  589. Return Value:
  591. STATUS_SUCCESS if successful, otherwise the appropriate error code.
  593. --*/
  595. {
  596. OBJECT_ATTRIBUTES ObjectAttributes;
  597. UNICODE_STRING UnicodeString;
  598. IO_STATUS_BLOCK IoStatusBlock;
  599. NTSTATUS Status;
  600. HANDLE Handle;
  602. RtlInitUnicodeString(&UnicodeString, DD_NFS_DEVICE_NAME_U);
  604. InitializeObjectAttributes(
  605. &ObjectAttributes,
  606. &UnicodeString,
  607. OBJ_CASE_INSENSITIVE,
  608. NULL,
  609. NULL
  610. );
  612. Status = ZwCreateFile(
  613. &Handle,
  614. GENERIC_READ | GENERIC_WRITE,
  615. &ObjectAttributes,
  616. &IoStatusBlock,
  617. NULL,
  618. 0,
  619. FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
  620. FILE_OPEN,
  621. FILE_SYNCHRONOUS_IO_NONALERT,
  622. NULL,
  623. 0
  624. );
  626. if (!NT_SUCCESS(Status)) {
  627. KdPrint(("SPCMDCON: Unable to open redirector. %x\n", Status));
  628. return Status;
  629. }
  631. Status = ZwDeviceIoControlFile(Handle,
  632. NULL,
  633. NULL,
  634. NULL,
  635. &IoStatusBlock,
  636. IOCTL_LMMR_USEKERNELSEC,
  637. NULL,
  638. 0,
  639. NULL,
  640. 0
  641. );
  643. if (NT_SUCCESS(Status)) {
  644. Status = IoStatusBlock.Status;
  645. }
  647. ZwClose(Handle);
  649. return Status;
  650. }
  652. BOOLEAN
  653. RcIsArc(
  654. VOID
  655. )
  657. /*++
  659. Routine Description:
  661. Run time check to determine if this is an Arc system. We attempt to read an
  662. Arc variable using the Hal. This will fail for Bios based systems.
  664. Arguments:
  666. None
  668. Return Value:
  670. True = This is an Arc system.
  672. --*/
  674. {
  675. #ifdef _X86_
  676. ARC_STATUS ArcStatus = EBADF;
  677. //
  678. // Get the env var into the temp buffer.
  679. //
  680. UCHAR wbuff[130];
  681. //
  682. // Get the env var into the temp buffer.
  683. //
  684. ArcStatus = HalGetEnvironmentVariable(
  685. "OsLoader",
  686. sizeof(wbuff),
  687. wbuff
  688. );
  690. return((ArcStatus == ESUCCESS) ? TRUE: FALSE);
  691. #else
  692. return TRUE;
  693. #endif
  694. }