archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/com/ole32/dcomss/olescm/winsta.cxx

529 lines
18 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1997.
  5. //
  6. // File: winsta.cxx
  7. //
  8. // Contents: winstation caching code
  9. //
  10. //--------------------------------------------------------------------------
  12. #include "act.hxx"
  14. #ifndef _CHICAGO_
  16. //
  17. // Private Types.
  18. //
  20. //-------------------------------------------------------------------------
  21. // Definitions for Runas Cache
  22. // NOTE: This exists to overcome limitation on NT Winstations of 15
  23. // Reusing same token will map to same winstation. We also cache
  24. // winstation once we get it.
  25. //-------------------------------------------------------------------------
  26. const DWORD RUN_AS_TIMEOUT = 360000;
  28. #define RUNAS_CACHE_SIZE 200
  30. // The pUser and pGroups fields are assumed to point to one contiguous memory
  31. // block that can be freed by a single call to Free(pUser).
  32. WCHAR wszRunAsWinstaDesktop[RUNAS_CACHE_SIZE][100];
  33. typedef struct SRunAsCache
  34. {
  35. HANDLE hToken;
  36. WCHAR *pwszWinstaDesktop;
  37. WCHAR *pwszWDStore;
  38. LONG dwRefCount;
  39. DWORD lHash;
  40. TOKEN_USER *pUser;
  41. TOKEN_GROUPS *pGroups;
  42. TOKEN_GROUPS *pRestrictions;
  43. DWORD lBirth;
  44. struct SRunAsCache *pNext;
  45. SRunAsCache()
  46. {
  47. hToken = NULL;
  48. pwszWinstaDesktop = NULL;
  49. pwszWDStore = NULL;
  50. dwRefCount = 0;
  51. lHash = 0;
  52. pUser = NULL;
  53. pGroups = NULL;
  54. pRestrictions = NULL;
  55. lBirth = 0;
  56. pNext = NULL;
  57. }
  58. } SRunAsCache;
  61. #define RUNAS_CACHECTRL_CREATENOTFOUND 1
  62. #define RUNAS_CACHECTRL_REFERENCE 2
  63. #define RUNAS_CACHECTRL_GETTOKEN 4
  65. //Macro to invalidate an entry -- must be idempotent
  66. #define INVALIDATE_RUNAS_ENTRY(pEntry) pEntry->lHash = 0
  68. // Lock for LogonUser cache.
  69. CRITICAL_SECTION gTokenCS;
  71. // The run as cache is an array of entries divided into 2 circular lists.
  72. // The gRunAsHead list contains cache entries in use with the most
  73. // frequently used entries first. The gRunAsFree list contains free
  74. // entries.
  75. extern SRunAsCache gRunAsFree;
  77. static SRunAsCache gRunAsCache[RUNAS_CACHE_SIZE];
  79. #if 0
  80. // Make the table smaller in debug to test the cache full case.
  81. SRunAsCache gRunAsCache[] =
  82. {
  83. { NULL, NULL, &wszRunAsWinstaDesktop[0][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[1] },
  84. { NULL, NULL, &wszRunAsWinstaDesktop[1][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[2] },
  85. { NULL, NULL, &wszRunAsWinstaDesktop[2][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[3] },
  86. { NULL, NULL, &wszRunAsWinstaDesktop[3][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[4] },
  87. { NULL, NULL, &wszRunAsWinstaDesktop[4][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[5] },
  88. #if DBG == 1
  89. { NULL, NULL, &wszRunAsWinstaDesktop[5][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsFree }
  90. #else
  91. { NULL, NULL, &wszRunAsWinstaDesktop[5][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[6] },
  92. { NULL, NULL, &wszRunAsWinstaDesktop[6][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[7] },
  93. { NULL, NULL, &wszRunAsWinstaDesktop[7][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[8] },
  94. { NULL, NULL, &wszRunAsWinstaDesktop[8][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[9] },
  95. { NULL, NULL, &wszRunAsWinstaDesktop[9][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[10] },
  96. { NULL, NULL, &wszRunAsWinstaDesktop[10][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[11] },
  97. { NULL, NULL, &wszRunAsWinstaDesktop[11][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[12] },
  98. { NULL, NULL, &wszRunAsWinstaDesktop[12][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[13] },
  99. { NULL, NULL, &wszRunAsWinstaDesktop[13][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[14] },
  100. { NULL, NULL, &wszRunAsWinstaDesktop[14][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[15] },
  101. { NULL, NULL, &wszRunAsWinstaDesktop[15][0], 0, 0, NULL, NULL, NULL, 0, &gRunAsFree }
  102. #endif
  103. };
  105. SRunAsCache gRunAsHead = { NULL, NULL, NULL, 0, 0, NULL, NULL, NULL, 0, &gRunAsHead };
  106. SRunAsCache gRunAsFree = { NULL, NULL, NULL, 0, 0, NULL, NULL, NULL, 0, &gRunAsCache[0] };
  107. #endif
  109. SRunAsCache gRunAsHead;
  110. SRunAsCache gRunAsFree;
  113. //+-------------------------------------------------------------------------
  114. //
  115. // Function: InitRunAsCache
  116. //
  117. // Synopsis: One time initialization of runas cache
  118. //
  119. //+-------------------------------------------------------------------------
  120. void InitRunAsCache()
  121. {
  122. for (int i=0; i < (RUNAS_CACHE_SIZE-1); i++)
  123. {
  124. gRunAsCache[i].pNext = &gRunAsCache[i+1];
  125. gRunAsCache[i].pwszWDStore = &wszRunAsWinstaDesktop[i][0];
  126. }
  128. gRunAsCache[i].pNext = &gRunAsFree;
  129. gRunAsCache[i].pwszWDStore = &wszRunAsWinstaDesktop[i][0];
  131. gRunAsHead.pNext = &gRunAsHead;
  132. gRunAsFree.pNext = &gRunAsCache[0];
  133. }
  135. //+-------------------------------------------------------------------------
  136. //
  137. // Function: HashSid
  138. //
  139. // Synopsis: Compute a DWORD hash for a SID.
  140. //
  141. //--------------------------------------------------------------------------
  142. DWORD HashSid( PSID pVoid )
  143. {
  144. SID *pSID = (SID *) pVoid;
  145. DWORD lHash = 0;
  146. DWORD i;
  148. // Hash the identifier authority.
  149. for (i = 0; i < 6; i++)
  150. lHash ^= pSID->IdentifierAuthority.Value[i];
  152. // Hash the sub authority.
  153. for (i = 0; i < pSID->SubAuthorityCount; i++)
  154. lHash ^= pSID->SubAuthority[i];
  155. return lHash;
  156. }
  158. //+-------------------------------------------------------------------------
  159. //
  160. // Function: RunAsCache
  161. //
  162. // Synopsis: Return a token from the cache if present. Otherwise
  163. // return the original token.
  164. //
  165. // Description: This function caches LogonUser tokens because each
  166. // token has its own windowstation. Since there are
  167. // a limited number of windowstations, by caching tokens
  168. // we can reduce the number of windowstations used and thus
  169. // allow more servers to be created. The cache moves the
  170. // most frequently used tokens to the head of the list and
  171. // discards tokens from the end of the list when full.
  172. // When the cache is full, alternating requests for different
  173. // tokens will prevent the last token from having a chance
  174. // to advance in the list.
  175. // [vinaykr - 9/1/98]
  176. // Token caching alone is not enough because Tokens time out.
  177. // So we cache winstations and reference count them to
  178. // ensure proper allocation to a window station.
  179. //
  180. // Notes: Tokens in the cache must be timed out so that changes to
  181. // the user name, user groups, user privileges, and user
  182. // password take effect. The timeout must be balanced
  183. // between the need to cache as many tokens as possible and
  184. // the fact that cached tokens are useless when the password
  185. // changes.
  186. // [vinaykr - 9/1/98]
  187. // Time out removed in favour of reference counting.
  188. // Entry cleaned up when reference count goes to 0.
  189. //--------------------------------------------------------------------------
  190. HRESULT RunAsCache(IN DWORD dwCacheCtrl,
  191. IN HANDLE &hToken,
  192. OUT SRunAsCache** ppRunAsCache)
  193. {
  194. HRESULT hr;
  195. BOOL fSuccess;
  196. DWORD cbUser = 0;
  197. DWORD cbGroups = 0;
  198. DWORD cbRestrictions = 0;
  199. TOKEN_USER *pUser = NULL;
  200. TOKEN_GROUPS *pGroups;
  201. TOKEN_GROUPS *pRestrictions;
  202. DWORD lHash;
  203. DWORD i;
  204. HANDLE hCopy;
  205. DWORD lNow;
  206. SRunAsCache *pCurr = NULL;
  207. SRunAsCache *pPrev;
  208. SRunAsCache sSwap;
  210. *ppRunAsCache = NULL;
  212. // Find out how large the user SID is.
  213. GetTokenInformation( hToken, TokenUser, NULL, 0, &cbUser );
  214. if (cbUser == 0) { hr = E_UNEXPECTED; goto Cleanup; }
  216. // Find out how large the group SIDs are.
  217. GetTokenInformation( hToken, TokenGroups, NULL, 0, &cbGroups );
  219. // Find out how large the restricted SIDs are.
  220. GetTokenInformation( hToken, TokenRestrictedSids, NULL, 0, &cbRestrictions );
  222. // Allocate memory to hold the SIDs.
  223. cbUser = (cbUser + 7) & ~7;
  224. cbGroups = (cbGroups + 7) & ~7;
  225. pUser = (TOKEN_USER *) PrivMemAlloc( cbUser + cbGroups + cbRestrictions );
  226. pGroups = (TOKEN_GROUPS *) (((BYTE *) pUser) + cbUser);
  227. pRestrictions = (TOKEN_GROUPS *) (((BYTE *) pGroups) + cbGroups);
  228. if (pUser == NULL) { hr = E_OUTOFMEMORY; goto Cleanup; }
  230. // Get the user SID.
  231. fSuccess = GetTokenInformation( hToken, TokenUser, pUser, cbUser, &cbUser );
  232. if (!fSuccess) { hr = HRESULT_FROM_WIN32(GetLastError()); goto Cleanup; }
  234. // Get the group SIDs.
  235. fSuccess = GetTokenInformation( hToken, TokenGroups, pGroups, cbGroups, &cbGroups );
  236. if (!fSuccess) { hr = HRESULT_FROM_WIN32(GetLastError()); goto Cleanup; }
  238. // Get the restricted SIDs.
  239. fSuccess = GetTokenInformation( hToken, TokenRestrictedSids, pRestrictions,
  240. cbRestrictions, &cbRestrictions );
  241. if (!fSuccess) { hr = HRESULT_FROM_WIN32(GetLastError()); goto Cleanup; }
  243. // Get the SID hash but skip the logon group that is unique for every
  244. // call to logon user.
  245. lHash = HashSid( pUser->User.Sid );
  246. for (i = 0; i < pGroups->GroupCount; i++)
  247. if ((pGroups->Groups[i].Attributes & SE_GROUP_LOGON_ID) == 0)
  248. lHash ^= HashSid( pGroups->Groups[i].Sid );
  249. for (i = 0; i < pRestrictions->GroupCount; i++)
  250. lHash ^= HashSid( pRestrictions->Groups[i].Sid );
  252. // Take lock.
  253. EnterCriticalSection( &gTokenCS );
  255. // Look for an existing token.
  256. lNow = GetTickCount();
  257. pPrev = &gRunAsHead;
  258. pCurr = pPrev->pNext;
  259. while (pPrev->pNext != &gRunAsHead)
  260. {
  261. // If the current entry is too old, delete it.
  262. // (lNow - pCurr->lBirth >= RUN_AS_TIMEOUT))
  263. // [vinaykr 9/1] Changed to use refcount
  264. // If refcount is 0 delete entry
  265. if (!pCurr->dwRefCount)
  266. {
  267. CloseHandle( pCurr->hToken );
  268. PrivMemFree( pCurr->pUser );
  269. pPrev->pNext = pCurr->pNext;
  270. pCurr->pNext = gRunAsFree.pNext;
  271. gRunAsFree.pNext = pCurr;
  272. }
  273. else
  274. {
  275. // If the current entry matches, break.
  276. if (pCurr->lHash == lHash &&
  277. pCurr->pGroups->GroupCount == pGroups->GroupCount)
  278. {
  279. // Check the user SID.
  280. if (EqualSid(pCurr->pUser->User.Sid, pUser->User.Sid))
  281. {
  282. // Check the group SIDs.
  283. for (i = 0; i < pGroups->GroupCount; i++)
  284. if ((pGroups->Groups[i].Attributes & SE_GROUP_LOGON_ID) == 0)
  285. if (!EqualSid( pCurr->pGroups->Groups[i].Sid,
  286. pGroups->Groups[i].Sid ))
  287. break;
  289. // If those matched, check the restricted SIDs
  290. if (i >= pGroups->GroupCount)
  291. {
  292. for (i = 0; i < pRestrictions->GroupCount; i++)
  293. if (!EqualSid( pCurr->pRestrictions->Groups[i].Sid,
  294. pRestrictions->Groups[i].Sid ))
  295. break;
  297. if (i >= pRestrictions->GroupCount)
  298. break;
  299. }
  300. }
  301. }
  302. pPrev = pPrev->pNext;
  303. }
  304. pCurr = pPrev->pNext;
  305. }
  308. fSuccess = (pCurr != &gRunAsHead);
  310. // Found a token
  311. if (fSuccess)
  312. {
  313. // Duplicate this token if token requested
  314. if (dwCacheCtrl & RUNAS_CACHECTRL_GETTOKEN)
  315. {
  316. fSuccess = DuplicateTokenEx( pCurr->hToken, MAXIMUM_ALLOWED,
  317. NULL, SecurityDelegation, TokenPrimary,
  318. &hCopy );
  319. }
  321. if (fSuccess)
  322. {
  323. // Discard the passed in token and return a copy of the cached
  324. // token.
  325. CloseHandle( hToken );
  326. hToken = hCopy;
  327. }
  328. }
  330. // If not found, find an empty slot only if we are trying to
  331. // set into this. Note this can also be taken if unable to
  332. // duplicate found token above.
  333. if ((!fSuccess) &&
  334. (dwCacheCtrl & RUNAS_CACHECTRL_CREATENOTFOUND))
  335. {
  336. // Duplicate this token.
  337. fSuccess = DuplicateTokenEx( hToken, MAXIMUM_ALLOWED, NULL,
  338. SecurityDelegation, TokenPrimary, &hCopy );
  340. if (fSuccess)
  341. {
  342. // Get an entry from the free list.
  343. if (gRunAsFree.pNext != &gRunAsFree)
  344. {
  345. pCurr = gRunAsFree.pNext;
  346. gRunAsFree.pNext = pCurr->pNext;
  347. pCurr->pNext = &gRunAsHead;
  348. pPrev->pNext = pCurr;
  349. }
  351. // If no empty slot, release the last used entry.
  352. else
  353. {
  354. pCurr = pPrev;
  355. CloseHandle( pCurr->hToken );
  356. PrivMemFree( pCurr->pUser );
  357. }
  359. // Save the duplicate.
  360. pCurr->hToken = hCopy;
  361. pCurr->lHash = lHash;
  362. pCurr->pUser = pUser;
  363. pCurr->pGroups = pGroups;
  364. pCurr->pRestrictions = pRestrictions;
  365. pCurr->lBirth = lNow;
  366. pCurr->dwRefCount = 0;
  367. pCurr->pwszWinstaDesktop = NULL;
  368. pUser = NULL;
  369. }
  370. else
  371. {
  372. hr = HRESULT_FROM_WIN32(GetLastError());
  373. }
  374. }
  376. // If an entry was computed and a reference
  377. // to it was requested, refcount it.
  378. if (fSuccess)
  379. {
  380. if (dwCacheCtrl & RUNAS_CACHECTRL_REFERENCE)
  381. pCurr->dwRefCount++;
  382. }
  384. // Release lock.
  385. LeaveCriticalSection( &gTokenCS );
  387. // Free any resources allocated by the function.
  388. Cleanup:
  389. if (pUser != NULL)
  390. PrivMemFree(pUser);
  392. if (SUCCEEDED(hr))
  393. {
  394. ASSERT(pCurr);
  395. *ppRunAsCache = pCurr;
  396. }
  398. return hr;
  399. }
  402. //+-------------------------------------------------------------------------
  403. //+
  404. //+ Function: RunAsGetTokenElem
  405. //+
  406. //+ Synopsis: Gets token and/or Winstationdesktop string given a token
  407. //+ Assumption is that if an entry is found in the cache a handle
  408. //+ to the entry is returned with a reference being taken on the
  409. //+ entry. This handle can then be used for other operations and
  410. //+ needs to be explicitly released to release the entry.
  411. //+
  412. //+-------------------------------------------------------------------------
  413. HRESULT RunAsGetTokenElem(IN OUT HANDLE *pToken,
  414. OUT void **ppvElemHandle)
  415. {
  416. HRESULT hr;
  417. SRunAsCache* pElem = NULL;
  419. *ppvElemHandle = NULL;
  421. hr = RunAsCache(RUNAS_CACHECTRL_REFERENCE |
  422. RUNAS_CACHECTRL_GETTOKEN |
  423. RUNAS_CACHECTRL_CREATENOTFOUND,
  424. *pToken,
  425. &pElem);
  426. if (SUCCEEDED(hr))
  427. {
  428. *ppvElemHandle = (void*)pElem;
  429. }
  431. return hr;
  432. }
  435. //+-------------------------------------------------------------------------
  436. //+
  437. //+ Function: RunAsSetWinstaDesktop
  438. //+
  439. //+ Synopsis: Given a handle to an entry, sets the desktop string
  440. //+ Assumption is that entry is referenced and therefore
  441. //+ a valid one.
  442. //+
  443. //+-------------------------------------------------------------------------
  444. void RunAsSetWinstaDesktop(void *pvElemHandle, WCHAR *pwszWinstaDesktop)
  445. {
  446. if (!pvElemHandle)
  447. return;
  449. SRunAsCache* pElem = (SRunAsCache*) pvElemHandle;
  450. Win4Assert( (!pElem->pwszWinstaDesktop) ||
  451. (lstrcmpW(pElem->pwszWinstaDesktop, pwszWinstaDesktop)
  452. ==0) );
  453. if (!pElem->pwszWinstaDesktop)
  454. {
  455. lstrcpyW(pElem->pwszWDStore, pwszWinstaDesktop);
  456. pElem->pwszWinstaDesktop = pElem->pwszWDStore;
  457. }
  458. }
  460. //+-------------------------------------------------------------------------
  461. //+
  462. //+ Function: RunAsRelease
  463. //+
  464. //+ Synopsis: Given a handle to an entry, releases reference on it
  465. //+ Assumption is that entry is referenced and therefore
  466. //+ a valid one.
  467. //+
  468. //+-------------------------------------------------------------------------
  469. void RunAsRelease(void *pvElemHandle)
  470. {
  471. if (!pvElemHandle)
  472. return;
  474. SRunAsCache* pElem = (SRunAsCache*) pvElemHandle;
  476. // When refcount goes to 0 allow lazy clean up based on token
  477. // time out
  479. // Take lock.
  480. EnterCriticalSection( &gTokenCS );
  482. if ((--pElem->dwRefCount) == 0)
  483. {
  484. INVALIDATE_RUNAS_ENTRY(pElem);
  485. }
  487. LeaveCriticalSection( &gTokenCS );
  488. // Release lock.
  489. }
  491. //+-------------------------------------------------------------------------
  492. //+
  493. //+ Function: RunAsInvalidateAndRelease
  494. //+
  495. //+ Synopsis: Given a handle to an entry, invalidates it and releases
  496. //+ reference on it in response to some error.
  497. //+ Assumption is that entry is referenced and therefore
  498. //+ a valid one.
  499. //+
  500. //+-------------------------------------------------------------------------
  501. void RunAsInvalidateAndRelease(void *pvElemHandle)
  502. {
  503. if (!pvElemHandle)
  504. return;
  506. SRunAsCache* pElem = (SRunAsCache*) pvElemHandle;
  508. // Take lock.
  509. EnterCriticalSection( &gTokenCS );
  511. INVALIDATE_RUNAS_ENTRY(pElem);
  513. // Release lock.
  514. LeaveCriticalSection( &gTokenCS );
  516. RunAsRelease(pvElemHandle);
  517. }
  519. WCHAR *RunAsGetWinsta(void *pvElemHandle)
  520. {
  521. if (!pvElemHandle)
  522. return NULL;
  524. SRunAsCache* pElem = (SRunAsCache*) pvElemHandle;
  526. return pElem->pwszWinstaDesktop;
  527. }
  529. #endif // _CHICAGO_