archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/gina/refgp/sid.c

443 lines
11 KiB
Raw Normal View History

Add source files
4 years ago
  1. //*************************************************************
  2. //
  3. // SID management functions.
  4. //
  5. // THESE FUNCTIONS ARE WINDOWS NT SPECIFIC!!!!!
  6. //
  7. // Microsoft Confidential
  8. // Copyright (c) Microsoft Corporation 1995
  9. // All rights reserved
  10. //
  11. //*************************************************************
  13. #include "refgp.h"
  15. /***************************************************************************\
  16. * GetSidString
  17. *
  18. * Allocates and returns a string representing the sid of the current user
  19. * The returned pointer should be freed using DeleteSidString().
  20. *
  21. * Returns a pointer to the string or NULL on failure.
  22. *
  23. * History:
  24. * 26-Aug-92 Davidc Created
  25. *
  26. \***************************************************************************/
  27. LPTSTR GetSidString(HANDLE UserToken)
  28. {
  29. NTSTATUS NtStatus;
  30. PSID UserSid;
  31. UNICODE_STRING UnicodeString;
  32. LPTSTR lpEnd;
  33. #ifndef UNICODE
  34. STRING String;
  35. #endif
  37. //
  38. // Get the user sid
  39. //
  41. UserSid = GetUserSid(UserToken);
  42. if (UserSid == NULL) {
  43. return NULL;
  44. }
  46. //
  47. // Convert user SID to a string.
  48. //
  50. NtStatus = RtlConvertSidToUnicodeString(
  51. &UnicodeString,
  52. UserSid,
  53. (BOOLEAN)TRUE // Allocate
  54. );
  55. //
  56. // We're finished with the user sid
  57. //
  59. DeleteUserSid(UserSid);
  61. //
  62. // See if the conversion to a string worked
  63. //
  65. if (!NT_SUCCESS(NtStatus)) {
  66. return NULL;
  67. }
  69. #ifdef UNICODE
  72. return(UnicodeString.Buffer);
  74. #else
  76. //
  77. // Convert the string to ansi
  78. //
  80. NtStatus = RtlUnicodeStringToAnsiString(&String, &UnicodeString, TRUE);
  81. RtlFreeUnicodeString(&UnicodeString);
  82. if (!NT_SUCCESS(NtStatus)) {
  83. return NULL;
  84. }
  87. return(String.Buffer);
  89. #endif
  91. }
  94. /***************************************************************************\
  95. * DeleteSidString
  96. *
  97. * Frees up a sid string previously returned by GetSidString()
  98. *
  99. * Returns nothing.
  100. *
  101. * History:
  102. * 26-Aug-92 Davidc Created
  103. *
  104. \***************************************************************************/
  105. VOID DeleteSidString(LPTSTR SidString)
  106. {
  108. #ifdef UNICODE
  109. UNICODE_STRING String;
  111. RtlInitUnicodeString(&String, SidString);
  113. RtlFreeUnicodeString(&String);
  114. #else
  115. ANSI_STRING String;
  117. RtlInitAnsiString(&String, SidString);
  119. RtlFreeAnsiString(&String);
  120. #endif
  122. }
  126. /***************************************************************************\
  127. * GetUserSid
  128. *
  129. * Allocs space for the user sid, fills it in and returns a pointer. Caller
  130. * The sid should be freed by calling DeleteUserSid.
  131. *
  132. * Note the sid returned is the user's real sid, not the per-logon sid.
  133. *
  134. * Returns pointer to sid or NULL on failure.
  135. *
  136. * History:
  137. * 26-Aug-92 Davidc Created.
  138. \***************************************************************************/
  139. PSID GetUserSid (HANDLE UserToken)
  140. {
  141. PTOKEN_USER pUser, pTemp;
  142. PSID pSid;
  143. DWORD BytesRequired = 200;
  144. NTSTATUS status;
  147. //
  148. // Allocate space for the user info
  149. //
  151. pUser = (PTOKEN_USER)LocalAlloc(LMEM_FIXED, BytesRequired);
  154. if (pUser == NULL) {
  155. return NULL;
  156. }
  159. //
  160. // Read in the UserInfo
  161. //
  163. status = NtQueryInformationToken(
  164. UserToken, // Handle
  165. TokenUser, // TokenInformationClass
  166. pUser, // TokenInformation
  167. BytesRequired, // TokenInformationLength
  168. &BytesRequired // ReturnLength
  169. );
  171. if (status == STATUS_BUFFER_TOO_SMALL) {
  173. //
  174. // Allocate a bigger buffer and try again.
  175. //
  177. pTemp = LocalReAlloc(pUser, BytesRequired, LMEM_MOVEABLE);
  178. if (pTemp == NULL) {
  179. LocalFree (pUser);
  180. return NULL;
  181. }
  183. pUser = pTemp;
  185. status = NtQueryInformationToken(
  186. UserToken, // Handle
  187. TokenUser, // TokenInformationClass
  188. pUser, // TokenInformation
  189. BytesRequired, // TokenInformationLength
  190. &BytesRequired // ReturnLength
  191. );
  193. }
  195. if (!NT_SUCCESS(status)) {
  196. LocalFree(pUser);
  197. return NULL;
  198. }
  201. BytesRequired = RtlLengthSid(pUser->User.Sid);
  202. pSid = LocalAlloc(LMEM_FIXED, BytesRequired);
  203. if (pSid == NULL) {
  204. LocalFree(pUser);
  205. return NULL;
  206. }
  209. status = RtlCopySid(BytesRequired, pSid, pUser->User.Sid);
  211. LocalFree(pUser);
  213. if (!NT_SUCCESS(status)) {
  214. LocalFree(pSid);
  215. pSid = NULL;
  216. }
  219. return pSid;
  220. }
  223. /***************************************************************************\
  224. * DeleteUserSid
  225. *
  226. * Deletes a user sid previously returned by GetUserSid()
  227. *
  228. * Returns nothing.
  229. *
  230. * History:
  231. * 26-Aug-92 Davidc Created
  232. *
  233. \***************************************************************************/
  234. VOID DeleteUserSid(PSID Sid)
  235. {
  236. LocalFree(Sid);
  237. }
  239. //+--------------------------------------------------------------------------
  240. //
  241. // Function: AllocateAndInitSidFromString
  242. //
  243. // Synopsis: given the string representation of a SID, this function
  244. // allocate and initializes a SID which the string represents
  245. // For more information on the string representation of SIDs
  246. // refer to ntseapi.h & ntrtl.h
  247. //
  248. // Arguments: [in] lpszSidStr : the string representation of the SID
  249. // [out] pSID : the actual SID structure created from the string
  250. //
  251. // Returns: STATUS_SUCCESS : if the sid structure was successfully created
  252. // or an error code based on errors that might occur
  253. //
  254. // History: 10/6/1998 RahulTh created
  255. //
  256. //---------------------------------------------------------------------------
  257. NTSTATUS AllocateAndInitSidFromString (const WCHAR* lpszSidStr, PSID* ppSid)
  258. {
  259. WCHAR * pSidStr = 0;
  260. WCHAR* pString = 0;
  261. NTSTATUS Status;
  262. WCHAR* pEnd = 0;
  263. int count;
  264. BYTE SubAuthCount;
  265. DWORD SubAuths[8] = {0, 0, 0, 0, 0, 0, 0, 0};
  266. ULONG n;
  267. SID_IDENTIFIER_AUTHORITY Auth;
  269. pSidStr = LocalAlloc(LPTR, (lstrlen (lpszSidStr) + 1)*sizeof(WCHAR));;
  270. if (!pSidStr)
  271. {
  272. Status = STATUS_NO_MEMORY;
  273. goto AllocAndInitSidFromStr_End;
  274. }
  276. lstrcpy (pSidStr, lpszSidStr);
  277. pString = pSidStr;
  278. *ppSid = NULL;
  280. count = 0;
  281. do
  282. {
  283. pString = wcschr (pString, '-');
  284. if (NULL == pString)
  285. break;
  286. count++;
  287. pString++;
  288. } while (1);
  290. SubAuthCount = (BYTE)(count - 2);
  291. if (0 > SubAuthCount || 8 < SubAuthCount)
  292. {
  293. Status = ERROR_INVALID_SID;
  294. goto AllocAndInitSidFromStr_End;
  295. }
  297. pString = wcschr (pSidStr, L'-');
  298. pString++;
  299. pString = wcschr (pString, L'-'); //ignore the revision #
  300. pString++;
  301. pEnd = wcschr (pString, L'-'); //go to the beginning of subauths.
  302. if (NULL != pEnd) *pEnd = L'\0';
  304. Status = LoadSidAuthFromString (pString, &Auth);
  306. if (STATUS_SUCCESS != Status)
  307. goto AllocAndInitSidFromStr_End;
  309. for (count = 0; count < SubAuthCount; count++)
  310. {
  311. pString = pEnd + 1;
  312. pEnd = wcschr (pString, L'-');
  313. if (pEnd)
  314. *pEnd = L'\0';
  315. Status = GetIntFromUnicodeString (pString, 10, &n);
  316. if (STATUS_SUCCESS != Status)
  317. goto AllocAndInitSidFromStr_End;
  318. SubAuths[count] = n;
  319. }
  321. Status = RtlAllocateAndInitializeSid (&Auth, SubAuthCount,
  322. SubAuths[0], SubAuths[1], SubAuths[2],
  323. SubAuths[3], SubAuths[4], SubAuths[5],
  324. SubAuths[6], SubAuths[7], ppSid);
  326. AllocAndInitSidFromStr_End:
  327. if (pSidStr)
  328. LocalFree( pSidStr );
  329. return Status;
  330. }
  332. //+--------------------------------------------------------------------------
  333. //
  334. // Function: LoadSidAuthFromString
  335. //
  336. // Synopsis: given a string representing the SID authority (as it is
  337. // normally represented in string format, fill the SID_AUTH..
  338. // structure. For more details on the format of the string
  339. // representation of the sid authority, refer to ntseapi.h and
  340. // ntrtl.h
  341. //
  342. // Arguments: [in] pString : pointer to the unicode string
  343. // [out] pSidAuth : pointer to the SID_IDENTIFIER_AUTH.. that is
  344. // desired
  345. //
  346. // Returns: STATUS_SUCCESS if it succeeds
  347. // or an error code
  348. //
  349. // History: 9/29/1998 RahulTh created
  350. //
  351. //---------------------------------------------------------------------------
  352. NTSTATUS LoadSidAuthFromString (const WCHAR* pString,
  353. PSID_IDENTIFIER_AUTHORITY pSidAuth)
  354. {
  355. size_t len;
  356. int i;
  357. NTSTATUS Status;
  358. const ULONG LowByteMask = 0xFF;
  359. ULONG n;
  361. len = lstrlenW (pString);
  363. if (len > 2 && 'x' == pString[1])
  364. {
  365. //this is in hex.
  366. //so we must have exactly 14 characters
  367. //(2 each for each of the 6 bytes) + 2 for the leading 0x
  368. if (14 != len)
  369. {
  370. Status = ERROR_INVALID_SID;
  371. goto LoadAuthEnd;
  372. }
  374. for (i=0; i < 6; i++)
  375. {
  376. pString += 2; //we need to skip the leading 0x
  377. pSidAuth->Value[i] = (UCHAR)(((pString[0] - L'0') << 4) +
  378. (pString[1] - L'0'));
  379. }
  380. }
  381. else
  382. {
  383. //this is in decimal
  384. Status = GetIntFromUnicodeString (pString, 10, &n);
  385. if (Status != STATUS_SUCCESS)
  386. goto LoadAuthEnd;
  388. pSidAuth->Value[0] = pSidAuth->Value[1] = 0;
  389. for (i = 5; i >=2; i--, n>>=8)
  390. pSidAuth->Value[i] = (UCHAR)(n & LowByteMask);
  391. }
  393. Status = STATUS_SUCCESS;
  395. LoadAuthEnd:
  396. return Status;
  397. }
  399. //+--------------------------------------------------------------------------
  400. //
  401. // Function: GetIntfromUnicodeString
  402. //
  403. // Synopsis: converts a unicode string into an integer
  404. //
  405. // Arguments: [in] szNum : the number represented as a unicode string
  406. // [in] Base : the base in which the resultant int is desired
  407. // [out] pValue : pointer to the integer representation of the
  408. // number
  409. //
  410. // Returns: STATUS_SUCCESS if successful.
  411. // or some other error code
  412. //
  413. // History: 9/29/1998 RahulTh created
  414. //
  415. //---------------------------------------------------------------------------
  416. NTSTATUS GetIntFromUnicodeString (const WCHAR* szNum, ULONG Base, PULONG pValue)
  417. {
  418. WCHAR * pwszNumStr = 0;
  419. UNICODE_STRING StringW;
  420. size_t len;
  421. NTSTATUS Status;
  423. len = lstrlen (szNum);
  424. pwszNumStr = LocalAlloc( LPTR, (len + 1) * sizeof(WCHAR));
  426. if (!pwszNumStr)
  427. {
  428. Status = STATUS_NO_MEMORY;
  429. goto GetNumEnd;
  430. }
  432. lstrcpy (pwszNumStr, szNum);
  433. StringW.Length = len * sizeof(WCHAR);
  434. StringW.MaximumLength = StringW.Length + sizeof (WCHAR);
  435. StringW.Buffer = pwszNumStr;
  437. Status = RtlUnicodeStringToInteger (&StringW, Base, pValue);
  439. GetNumEnd:
  440. if (pwszNumStr)
  441. LocalFree( pwszNumStr );
  442. return Status;
  443. }