archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/inetsrv/iis/svcs/mdadmin/ntsec.cxx

339 lines
8.2 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*===================================================================
  2. Microsoft IIS
  4. Microsoft Confidential.
  5. Copyright 1996-1997 Microsoft Corporation. All Rights Reserved.
  7. Component: Server object
  9. File: NTSec.cxx
  11. Owner: AndrewS
  13. This file contains code related to NT security on WinSta's and Desktops
  14. ===================================================================*/
  16. #include <dbgutil.h>
  17. #include <apiutil.h>
  18. #include <loadmd.hxx>
  19. #include <loadadm.hxx>
  20. #include <ole2.h>
  21. #include <inetsvcs.h>
  22. #include "ntsec.h"
  24. // Globals
  25. HWINSTA ghWinSta = NULL;
  26. HWINSTA ghWinStaPrev = NULL;
  27. HDESK ghDesktop = NULL;
  28. HDESK ghdeskPrev = NULL;
  30. HRESULT InitOleSecurity(BOOL);
  32. /*===================================================================
  33. InitDesktopWinsta
  35. Create a desktop and a winstation for IIS to use
  37. Parameters:
  39. Returns:
  40. HRESULT NOERROR on success
  42. Side effects
  43. Sets global variables
  44. ===================================================================*/
  45. HRESULT InitDesktopWinsta(
  46. BOOL fAllowError
  47. )
  48. {
  49. HRESULT hr = NOERROR;
  50. DWORD err;
  51. HWINSTA hWinSta = NULL;
  52. HDESK hDesktop = NULL;
  53. OSVERSIONINFO osInfo;
  54. BOOL fWinNT = FALSE;
  56. osInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
  58. if ( GetVersionEx( &osInfo ) ) {
  59. fWinNT = (osInfo.dwPlatformId == VER_PLATFORM_WIN32_NT);
  60. }
  62. // Only applies to NT
  63. if ( !fWinNT )
  64. return(NOERROR);
  66. // Save our old window station so we can restore it later
  67. ghWinStaPrev = GetProcessWindowStation();
  68. if (ghWinStaPrev == NULL)
  69. goto LErr;
  71. // Create a winsta for IIS to use
  72. if ((hWinSta = CreateWindowStation(SZ_IIS_WINSTA, NULL, WINSTA_ALL, NULL)) == NULL)
  73. {
  74. if ( !fAllowError )
  75. {
  76. goto LErr;
  77. }
  78. }
  79. else
  80. {
  81. // Set this as IIS's window station
  82. if (!SetProcessWindowStation(hWinSta))
  83. goto LErr;
  84. }
  86. // Save the old desktop because we might need it later for an obscure error condition
  87. if ((ghdeskPrev = GetThreadDesktop(GetCurrentThreadId())) == NULL)
  88. {
  89. goto LErr;
  90. }
  92. // Create a desktop for IIS to use
  93. if ((hDesktop = CreateDesktop(SZ_IIS_DESKTOP, NULL, NULL, 0, DESKTOP_ALL, NULL)) == NULL)
  94. {
  95. if ( !fAllowError )
  96. {
  97. goto LErr;
  98. }
  99. }
  101. // store these handles in the globals
  102. ghWinSta = hWinSta;
  103. ghDesktop = hDesktop;
  105. // Now initialize Ole security
  106. hr = InitOleSecurity(fAllowError);
  108. return(hr);
  110. LErr:
  112. if (ghWinStaPrev != NULL)
  113. SetProcessWindowStation(ghWinStaPrev);
  114. if (hWinSta != NULL)
  115. CloseWindowStation(hWinSta);
  116. if (hDesktop != NULL)
  117. CloseDesktop(hDesktop);
  119. err = GetLastError();
  120. hr = HRESULT_FROM_WIN32(err);
  121. return(hr);
  122. }
  124. /*===================================================================
  125. UnInitDesktopWinsta
  127. Destroy the IIS desktop and winstation
  129. Parameters:
  130. None
  132. Returns:
  133. Nothing
  135. Side effects
  136. Sets global variables
  137. ===================================================================*/
  138. VOID UnInitDesktopWinsta()
  139. {
  140. BOOL fClosed;
  142. if (ghWinSta != NULL)
  143. {
  144. // Set winsta back to the old winsta so we can close the new one
  145. fClosed = SetProcessWindowStation(ghWinStaPrev);
  146. DBG_ASSERT(fClosed);
  148. fClosed = CloseWindowStation(ghWinSta);
  149. DBG_ASSERT(fClosed);
  150. ghWinSta = NULL;
  151. }
  153. if (ghDesktop != NULL)
  154. {
  155. BOOL fRetried = FALSE;
  156. LRetry:
  157. DBG_ASSERT(ghDesktop != NULL);
  158. fClosed = CloseDesktop(ghDesktop);
  159. // If this fails, it probably means that we are in the obscure case where
  160. // IIS's CacheExtensions registry setting is 0. In this case, we are shutting
  161. // down in a worker thread. This worker thread is using the desktop, so
  162. // it cant be closed. In this case, attempt to set the desktop back to the
  163. // original IIS desktop, and then retry closing the desktop. Only retry once.
  164. if (!fClosed && !fRetried)
  165. {
  166. fRetried = TRUE;
  167. if (!SetThreadDesktop(ghdeskPrev))
  168. DBG_ASSERT(FALSE);
  169. goto LRetry;
  170. }
  171. DBG_ASSERT(fClosed);
  172. ghDesktop = NULL;
  173. }
  175. return;
  176. }
  178. /*===================================================================
  179. SetDesktop
  181. Set the desktop for the calling thread
  183. Parameters:
  184. None
  186. Returns:
  187. NOERROR on success
  189. Side effects:
  190. Sets desktop
  191. ===================================================================*/
  192. HRESULT SetDesktop(
  193. BOOL fAllowError
  194. )
  195. {
  196. DWORD err;
  198. if (!SetThreadDesktop(ghDesktop))
  199. goto LErr;
  201. return(NOERROR);
  203. LErr:
  204. if ( !fAllowError )
  205. {
  206. DBG_ASSERT(FALSE);
  207. }
  209. err = GetLastError();
  210. return(HRESULT_FROM_WIN32(err));
  211. }
  214. /*===================================================================
  215. InitOleSecurity
  217. Setup for and call CoInitializeSecurity. This will avoid problems with
  218. DCOM security on sites that have no default security.
  220. Parameters:
  221. None
  223. Returns:
  224. Retail -- Always returns NOERROR, failures are ignored.
  225. We dont want to have a failure of setting up security
  226. stop IIS from running at all.
  228. Debug -- DBG_ASSERTs on error and returns error code
  230. Side effects:
  231. Sets desktop
  232. ===================================================================*/
  233. HRESULT InitOleSecurity(
  234. BOOL fAllowError
  235. )
  236. {
  237. HRESULT hr = NOERROR;
  238. BOOL fDoCoUninit = TRUE;
  239. DWORD err;
  240. SECURITY_DESCRIPTOR SecurityDesc;
  241. SID NullSid = { SID_REVISION, 1, SECURITY_NULL_SID_AUTHORITY, SECURITY_NULL_RID };
  242. HDESK hdeskSave = NULL;
  244. /*
  245. * We need to set up a security descriptor with an empty ACL so that
  246. * we can CoInitializeSecurity but not give everyone access to the server.
  247. */
  248. if (!InitializeSecurityDescriptor(&SecurityDesc, SECURITY_DESCRIPTOR_REVISION))
  249. goto LErr;
  251. ACL Acl;
  252. // Initialize a new ACL.
  253. if (!InitializeAcl(&Acl, sizeof(ACL), ACL_REVISION2))
  254. goto LErr;
  256. // Add new ACL to the security descriptor.
  257. if (!SetSecurityDescriptorDacl( &SecurityDesc, TRUE, &Acl, FALSE ))
  258. goto LErr;
  260. if (!SetSecurityDescriptorOwner(&SecurityDesc, &NullSid, FALSE))
  261. goto LErr;
  263. if (!SetSecurityDescriptorGroup(&SecurityDesc, &NullSid, FALSE))
  264. goto LErr;
  266. /*
  267. * This work must be done on the desktop that our threads are going to use.
  268. * However, we are currently running on IIS's thread, and we dont want to
  269. * whack their desktop. So, set to our desktop, do the CoInitializeSecurity,
  270. * then set the old desktop back again. Ole will cache the desktop that
  271. * was set when this CoInitSec was done.
  272. */
  273. if (FAILED(hr = SetDesktop(fAllowError)))
  274. {
  275. goto LErr;
  276. }
  278. hr = CoInitialize(NULL);
  279. if( FAILED(hr) )
  280. {
  281. fDoCoUninit = FALSE;
  282. }
  284. hr = CoInitializeSecurity(
  285. NULL,
  286. -1,
  287. NULL,
  288. NULL,
  289. RPC_C_AUTHN_LEVEL_CONNECT,
  290. RPC_C_IMP_LEVEL_IMPERSONATE,
  291. NULL,
  292. EOAC_DYNAMIC_CLOAKING,
  293. NULL );
  294. if( FAILED(hr) )
  295. {
  296. DBGERROR(( DBG_CONTEXT,
  297. "CoInitializeSecurity failed running with default "
  298. "DCOM security settings, hr=%8x\n",
  299. hr
  300. ));
  301. }
  303. if( fDoCoUninit )
  304. {
  305. CoUninitialize();
  306. }
  308. // Set the desktop back to what IIS expected it to be
  309. if (!SetThreadDesktop(ghdeskPrev))
  310. {
  311. // Nothing we can do if this fails
  312. DBG_ASSERT(FALSE);
  313. }
  315. //
  316. // This may fire if CoInitializeSecurity fails. So it is probably
  317. // overactive we would have let the CoInitializeSecurity call fail
  318. // in the past, before some PREFIX changes.
  319. //
  321. DBG_ASSERT(SUCCEEDED(hr));
  323. return(hr);
  325. LErr:
  326. DBG_ASSERT(FALSE);
  328. if (SUCCEEDED(hr))
  329. {
  330. err = GetLastError();
  331. hr = HRESULT_FROM_WIN32(err);
  332. }
  333. #ifdef DEBUG
  334. return(hr);
  335. #else
  336. return(NOERROR);
  337. #endif
  338. }