archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/printscan/fax/setup/wizdll/security.c

550 lines
13 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1996 Microsoft Corporation
  5. Module Name:
  7. service.c
  9. Abstract:
  11. This file provides access to the service control
  12. manager for starting, stopping, adding, and removing
  13. services.
  15. Environment:
  17. WIN32 User Mode
  19. Author:
  21. Wesley Witt (wesw) 17-Feb-1996
  23. --*/
  25. #include <nt.h>
  26. #include <ntrtl.h>
  27. #include <nturtl.h>
  29. #include "wizard.h"
  31. #include <ntsecapi.h>
  32. #include <lm.h>
  36. NTSTATUS
  37. OpenPolicy(
  38. LPWSTR ServerName, // machine to open policy on (Unicode)
  39. DWORD DesiredAccess, // desired access to policy
  40. PLSA_HANDLE PolicyHandle // resultant policy handle
  41. );
  43. BOOL
  44. GetAccountSid(
  45. LPTSTR SystemName, // where to lookup account
  46. LPTSTR AccountName, // account of interest
  47. PSID *Sid // resultant buffer containing SID
  48. );
  50. NTSTATUS
  51. SetPrivilegeOnAccount(
  52. LSA_HANDLE PolicyHandle, // open policy handle
  53. PSID AccountSid, // SID to grant privilege to
  54. LPWSTR PrivilegeName, // privilege to grant (Unicode)
  55. BOOL bEnable // enable or disable
  56. );
  58. void
  59. InitLsaString(
  60. PLSA_UNICODE_STRING LsaString, // destination
  61. LPWSTR String // source (Unicode)
  62. );
  64. void
  65. DisplayNtStatus(
  66. LPSTR szAPI, // pointer to function name (ANSI)
  67. NTSTATUS Status // NTSTATUS error value
  68. );
  70. void
  71. DisplayWinError(
  72. LPSTR szAPI, // pointer to function name (ANSI)
  73. DWORD WinError // DWORD WinError
  74. );
  76. #define RTN_OK 0
  77. #define RTN_USAGE 1
  78. #define RTN_ERROR 13
  80. //
  81. // If you have the ddk, include ntstatus.h.
  82. //
  83. #ifndef STATUS_SUCCESS
  84. #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
  85. #endif
  88. BOOL
  89. GetDefaultDomainName(
  90. LPWSTR DomainName
  91. )
  92. {
  93. OBJECT_ATTRIBUTES ObjectAttributes;
  94. NTSTATUS NtStatus;
  95. DWORD err = 0;
  96. LSA_HANDLE LsaPolicyHandle = NULL;
  97. PPOLICY_ACCOUNT_DOMAIN_INFO DomainInfo = NULL;
  100. //
  101. // Open a handle to the local machine's LSA policy object.
  102. //
  104. InitializeObjectAttributes( &ObjectAttributes, // object attributes
  105. NULL, // name
  106. 0L, // attributes
  107. NULL, // root directory
  108. NULL ); // security descriptor
  110. NtStatus = LsaOpenPolicy( NULL, // system name
  111. &ObjectAttributes, // object attributes
  112. POLICY_EXECUTE, // access mask
  113. &LsaPolicyHandle ); // policy handle
  115. if( !NT_SUCCESS( NtStatus ) )
  116. {
  117. return FALSE;
  118. }
  120. //
  121. // Query the domain information from the policy object.
  122. //
  123. NtStatus = LsaQueryInformationPolicy( LsaPolicyHandle,
  124. PolicyAccountDomainInformation,
  125. (PVOID *) &DomainInfo );
  127. if (!NT_SUCCESS(NtStatus))
  128. {
  129. LsaClose(LsaPolicyHandle);
  130. return FALSE;
  131. }
  134. (void) LsaClose(LsaPolicyHandle);
  136. //
  137. // Copy the domain name into our cache, and
  138. //
  140. CopyMemory( DomainName,
  141. DomainInfo->DomainName.Buffer,
  142. DomainInfo->DomainName.Length );
  144. //
  145. // Null terminate it appropriately
  146. //
  148. DomainName[DomainInfo->DomainName.Length / sizeof(WCHAR)] = L'\0';
  150. //
  151. // Clean up
  152. //
  153. LsaFreeMemory( (PVOID)DomainInfo );
  155. return TRUE;
  156. }
  159. LPWSTR
  160. GetMachineName(
  161. LPWSTR AccountName
  162. )
  163. {
  164. LSA_HANDLE PolicyHandle = NULL;
  165. WCHAR DomainName[128];
  166. WCHAR LocalComputerName[128];
  167. LPWSTR MachineName = NULL;
  168. LPWSTR p;
  169. LPWSTR DCName = NULL;
  170. NET_API_STATUS NetStatus;
  171. UNICODE_STRING NameStrings;
  172. PLSA_REFERENCED_DOMAIN_LIST ReferencedDomains = NULL;
  173. PLSA_TRANSLATED_SID LsaSids = NULL;
  174. PUSER_MODALS_INFO_1 Modals = NULL;
  175. DWORD Size;
  176. NTSTATUS Status;
  179. //
  180. // get the domain name
  181. //
  183. p = wcschr( AccountName, L'\\' );
  184. if (p) {
  185. *p = 0;
  186. wcscpy( DomainName, AccountName );
  187. *p = L'\\';
  188. } else {
  189. wcscpy( DomainName, AccountName );
  190. }
  192. //
  193. // Open the policy on the target machine.
  194. //
  195. Status = OpenPolicy(
  196. NULL,
  197. POLICY_CREATE_ACCOUNT | POLICY_LOOKUP_NAMES,
  198. &PolicyHandle
  199. );
  200. if (Status != STATUS_SUCCESS) {
  201. goto exit;
  202. }
  204. //
  205. // lookup the domain name for the account
  206. //
  208. InitLsaString( &NameStrings, AccountName );
  210. Status = LsaLookupNames(
  211. PolicyHandle,
  212. 1,
  213. &NameStrings,
  214. &ReferencedDomains,
  215. &LsaSids
  216. );
  217. if (Status != STATUS_SUCCESS) {
  218. goto exit;
  219. }
  221. //
  222. // get the local computer name
  223. //
  225. Size = sizeof(LocalComputerName);
  226. if (!GetComputerName( LocalComputerName, &Size )) {
  227. goto exit;
  228. }
  230. //
  231. // see if we are tring to set a local account
  232. //
  234. if (wcscmp( LocalComputerName, ReferencedDomains->Domains->Name.Buffer ) != 0) {
  236. //
  237. // see what part of the domain we are attempting to set
  238. //
  240. NetStatus = NetUserModalsGet( NULL, 1, (LPBYTE*) &Modals );
  241. if (NetStatus != NERR_Success) {
  242. goto exit;
  243. }
  245. if (Modals->usrmod1_role != UAS_ROLE_PRIMARY) {
  247. //
  248. // we know we are remote, so get the real dc name
  249. //
  251. NetStatus = NetGetDCName( NULL, DomainName, (LPBYTE*) &DCName );
  252. if (NetStatus != NERR_Success) {
  253. goto exit;
  254. }
  256. MachineName = StringDup( DCName );
  258. }
  259. }
  262. exit:
  263. if (Modals) {
  264. NetApiBufferFree( Modals );
  265. }
  266. if (DCName) {
  267. NetApiBufferFree( DCName );
  268. }
  269. if (ReferencedDomains) {
  270. LsaFreeMemory( ReferencedDomains );
  271. }
  272. if (LsaSids) {
  273. LsaFreeMemory( LsaSids );
  274. }
  275. if (PolicyHandle) {
  276. LsaClose( PolicyHandle );
  277. }
  279. return MachineName;
  280. }
  284. DWORD
  285. SetServiceSecurity(
  286. LPWSTR AccountName
  287. )
  288. {
  289. LSA_HANDLE PolicyHandle;
  290. PSID pSid;
  291. NTSTATUS Status;
  292. int iRetVal=RTN_ERROR;
  293. LPWSTR MachineName;
  294. WCHAR NewAccountName[512];
  297. if (AccountName[0] == L'.') {
  298. if (GetDefaultDomainName( NewAccountName )) {
  299. wcscat( NewAccountName, &AccountName[1] );
  300. AccountName = NewAccountName;
  301. }
  302. }
  304. //
  305. // try to get the correct machine name
  306. //
  307. MachineName = GetMachineName( AccountName );
  309. //
  310. // Open the policy on the target machine.
  311. //
  312. Status = OpenPolicy(
  313. MachineName,
  314. POLICY_CREATE_ACCOUNT | POLICY_LOOKUP_NAMES,
  315. &PolicyHandle
  316. );
  317. if (Status != STATUS_SUCCESS) {
  318. return RTN_ERROR;
  319. }
  321. //
  322. // Obtain the SID of the user/group.
  323. // Note that we could target a specific machine, but we don't.
  324. // Specifying NULL for target machine searches for the SID in the
  325. // following order: well-known, Built-in and local, primary domain,
  326. // trusted domains.
  327. //
  328. if(GetAccountSid(
  329. MachineName, // target machine
  330. AccountName,// account to obtain SID
  331. &pSid // buffer to allocate to contain resultant SID
  332. )) {
  333. //
  334. // We only grant the privilege if we succeeded in obtaining the
  335. // SID. We can actually add SIDs which cannot be looked up, but
  336. // looking up the SID is a good sanity check which is suitable for
  337. // most cases.
  339. //
  340. // Grant the SeServiceLogonRight to users represented by pSid.
  341. //
  342. if((Status=SetPrivilegeOnAccount(
  343. PolicyHandle, // policy handle
  344. pSid, // SID to grant privilege
  345. L"SeServiceLogonRight", // Unicode privilege
  346. TRUE // enable the privilege
  347. )) == STATUS_SUCCESS) {
  348. iRetVal=RTN_OK;
  349. }
  350. }
  352. //
  353. // Close the policy handle.
  354. //
  355. LsaClose(PolicyHandle);
  357. //
  358. // Free memory allocated for SID.
  359. //
  360. if(pSid != NULL) MemFree(pSid);
  362. return iRetVal;
  363. }
  366. void
  367. InitLsaString(
  368. PLSA_UNICODE_STRING LsaString,
  369. LPWSTR String
  370. )
  371. {
  372. DWORD StringLength;
  374. if (String == NULL) {
  375. LsaString->Buffer = NULL;
  376. LsaString->Length = 0;
  377. LsaString->MaximumLength = 0;
  378. return;
  379. }
  381. StringLength = wcslen(String);
  382. LsaString->Buffer = String;
  383. LsaString->Length = (USHORT) StringLength * sizeof(WCHAR);
  384. LsaString->MaximumLength=(USHORT)(StringLength+1) * sizeof(WCHAR);
  385. }
  387. NTSTATUS
  388. OpenPolicy(
  389. LPWSTR ServerName,
  390. DWORD DesiredAccess,
  391. PLSA_HANDLE PolicyHandle
  392. )
  393. {
  394. LSA_OBJECT_ATTRIBUTES ObjectAttributes;
  395. LSA_UNICODE_STRING ServerString;
  396. PLSA_UNICODE_STRING Server = NULL;
  398. //
  399. // Always initialize the object attributes to all zeroes.
  400. //
  401. ZeroMemory(&ObjectAttributes, sizeof(ObjectAttributes));
  403. if (ServerName != NULL) {
  404. //
  405. // Make a LSA_UNICODE_STRING out of the LPWSTR passed in
  406. //
  407. InitLsaString(&ServerString, ServerName);
  408. Server = &ServerString;
  409. }
  411. //
  412. // Attempt to open the policy.
  413. //
  414. return LsaOpenPolicy(
  415. Server,
  416. &ObjectAttributes,
  417. DesiredAccess,
  418. PolicyHandle
  419. );
  420. }
  422. /*++
  423. This function attempts to obtain a SID representing the supplied
  424. account on the supplied system.
  426. If the function succeeds, the return value is TRUE. A buffer is
  427. allocated which contains the SID representing the supplied account.
  428. This buffer should be freed when it is no longer needed by calling
  429. HeapFree(GetProcessHeap(), 0, buffer)
  431. If the function fails, the return value is FALSE. Call GetLastError()
  432. to obtain extended error information.
  433. --*/
  435. BOOL
  436. GetAccountSid(
  437. LPTSTR SystemName,
  438. LPTSTR AccountName,
  439. PSID *Sid
  440. )
  441. {
  442. LPTSTR ReferencedDomain=NULL;
  443. DWORD cbSid=128; // initial allocation attempt
  444. DWORD cbReferencedDomain=32; // initial allocation size
  445. SID_NAME_USE peUse;
  446. BOOL bSuccess=FALSE; // assume this function will fail
  448. __try {
  450. //
  451. // initial memory allocations
  452. //
  453. if((*Sid=MemAlloc(cbSid)) == NULL) __leave;
  454. if((ReferencedDomain=MemAlloc(cbReferencedDomain)) == NULL) __leave;
  456. //
  457. // Obtain the SID of the specified account on the specified system.
  458. //
  459. while(!LookupAccountName(
  460. SystemName, // machine to lookup account on
  461. AccountName, // account to lookup
  462. *Sid, // SID of interest
  463. &cbSid, // size of SID
  464. ReferencedDomain, // domain account was found on
  465. &cbReferencedDomain,
  466. &peUse
  467. )) {
  468. if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) {
  469. //
  470. // reallocate memory
  471. //
  472. if((*Sid=HeapReAlloc(
  473. GetProcessHeap(),
  474. 0,
  475. *Sid,
  476. cbSid
  477. )) == NULL) __leave;
  479. if((ReferencedDomain=HeapReAlloc(
  480. GetProcessHeap(),
  481. 0,
  482. ReferencedDomain,
  483. cbReferencedDomain
  484. )) == NULL) __leave;
  485. }
  486. else __leave;
  487. }
  489. //
  490. // Indicate success.
  491. //
  492. bSuccess=TRUE;
  494. } // finally
  495. __finally {
  497. //
  498. // Cleanup and indicate failure, if appropriate.
  499. //
  501. MemFree(ReferencedDomain);
  503. if(!bSuccess) {
  504. if(*Sid != NULL) {
  505. MemFree(*Sid);
  506. *Sid = NULL;
  507. }
  508. }
  510. } // finally
  512. return bSuccess;
  513. }
  515. NTSTATUS
  516. SetPrivilegeOnAccount(
  517. LSA_HANDLE PolicyHandle, // open policy handle
  518. PSID AccountSid, // SID to grant privilege to
  519. LPWSTR PrivilegeName, // privilege to grant (Unicode)
  520. BOOL bEnable // enable or disable
  521. )
  522. {
  523. LSA_UNICODE_STRING PrivilegeString;
  525. //
  526. // Create a LSA_UNICODE_STRING for the privilege name.
  527. //
  528. InitLsaString(&PrivilegeString, PrivilegeName);
  530. //
  531. // grant or revoke the privilege, accordingly
  532. //
  533. if(bEnable) {
  534. return LsaAddAccountRights(
  535. PolicyHandle, // open policy handle
  536. AccountSid, // target SID
  537. &PrivilegeString, // privileges
  538. 1 // privilege count
  539. );
  540. }
  541. else {
  542. return LsaRemoveAccountRights(
  543. PolicyHandle, // open policy handle
  544. AccountSid, // target SID
  545. FALSE, // do not disable all rights
  546. &PrivilegeString, // privileges
  547. 1 // privilege count
  548. );
  549. }
  550. }