|
|
/*++
Copyright (c) 1991-92 Microsoft Corporation
Module Name:
Permit.h
Abstract:
Internal UAS constants, data structures.
Author:
Shanku Niyogi (W-SHANKN) 24-Oct-1991
Revision History:
24-Oct-1991 w-shankn Ported from LM2.0 code, removed unnecessary stuff. 07-Feb-1992 JohnRo Made changes suggested by PC-LINT. 03-Mar-1992 JohnRo Correct handling of byte flags (UAS_REC_DELETE, etc). 11-Mar-1992 JohnRo Include <lmaccess.h> here to get UNITS_PER_WEEK. 18-Mar-1992 JohnRo Include <uascache.h> for UAS_INFO_0.
--*/
#ifndef _PERMIT_
#define _PERMIT_
#include <lmaccess.h> // UNITS_PER_WEEK.
#include <uascache.h> // UAS_INFO_0.
#include <packon.h> // Suppress natural alignment.
//
// Forward declarations for recursive structures.
//
typedef struct _UAS_AHDR UAS_AHDR, *LPUAS_AHDR; typedef struct _UAS_GROUP UAS_GROUP, *LPUAS_GROUP; typedef struct _UAS_GROUPREC UAS_GROUPREC, *LPUAS_GROUPREC; typedef struct _UAS_USERREC UAS_USERREC, *LPUAS_USERREC; typedef struct _UAS_USERINFO UAS_USERINFO, *LPUAS_USERINFO; typedef struct _UAS_DISKUSERHASH UAS_DISKUSERHASH, *LPUAS_DISKUSERHASH; typedef struct _UAS_PERM UAS_PERM, *LPUAS_PERM; typedef struct _UAS_ACCESSREC UAS_ACCESSREC, *LPUAS_ACCESSREC; typedef struct _UAS_ACCESS UAS_ACCESS, *LPUAS_ACCESS; typedef struct _UAS_VPERM UAS_VPERM, *LPUAS_VPERM;
//
// Constants.
//
#define UAS_MAXGROUP 256 // max number of groups allowed in UAS
#define UAS_MAXACL 8192 // max number of access control list
#define UAS_MAXSEG 8 // max number of segs for perm stuff
#define UAS_ACCESSTBLSIZE 1027 // prime number for less collisions
#define UAS_PSEGSIZE 1024*24 // Initla size of seg holding _pcb
#define UAS_INITSEGSIZE 1024 // Initial size of segs holding perms
#define UAS_URECSEGSIZE 1024*16 // Initial size of UAS logon cache seg
#define UAS_SIZEINC 2048 // Size to grow each time
#define UAS_MINUSER 3 // min number of users in database
#define UAS_MINUREC 128 // cache at least 128 user records
#define UAS_DEFAULT_USERS 128 // default number of records cached
#define UAS_MAXCACHE_LIMIT 1000 // max user records allowed in cache
#define UAS_DBIDINFO_SIZE 50 // database identifier string
#define UAS_INITIALIZE_SEG 1 // manifest for DosSubSet after Alloc
#define UAS_INTRUDER_DELAY 3000L // 3 sec delay to discourage intruders
#define UAS_MAX_USERS 16000 // Ever, ever, ever
#define UAS_DISK_BLOCK_SIZE 64 // size of block in disk pool
#define UAS_FILE_GROW_INCREMENT 32 // Increment of file grow in disk blocks
#define UAS_USER_HASH_ENTRIES 2048
#define WORDALIGN(a) (((a)+1) & (~1))
// Temporary definitions. LM20_PATHLEN in LMCONS.H is wrong, and
// MAXPERMENTRIES may change(?), MAXWORKSTATIONS not in LMCONS.H
#undef LM20_PATHLEN
#define LM20_PATHLEN 260
#define LM20_MAXPERMENTRIES 64
#define MAXWORKSTATIONS 8
//
// Maximum sizes
//
#define UAS_MAX_ACL_SIZE (sizeof(UAS_ACCESREC) + LM20_PATHLEN \
+ sizeof(UAS_VPERM) \ + (LM20_MAXPERMENTRIES - 1) * sizeof(PERM))
#define UAS_MAX_USER_SIZE (sizeof(UAS_USERINFO) \
+ sizeof(WORD) * 8)
// Force header to sector size
#define UAS_GROUP_HASH_START ((sizeof(UAS_AHDR) + 511) & ~511)
#define UAS_GROUP_HASH_OFFSET(i) (UAS_GROUP_HASH_START \
+ i * sizeof (UAS_GROUPREC))
#define UAS_HASH_TBL_OFFSET UAS_GROUP_HASH_OFFSET(UAS_MAXGROUP)
#define UAS_HASH_ENTRY(i) (UAS_HASH_TBL_OFFSET \
+ (i * sizeof (UAS_DISKUSERHASH)))
#define UAS_HASH_TBL_SIZE (sizeof(UAS_DISKUSERHASH)*UAS_USER_HASH_ENTRIES)
#define UAS_STRING(s,field) ((LPSTR)s + s->field)
#define UAS_VPERM_PTR(acc) (LPUAS_VPERM)((acc)->resource \
+ ((((acc)->namelen) + 1) & ~1))
//
// Name Literal
//
#define UAS_USERNAME 0
#define UAS_GROUPNAME 1
#define UAS_ACCESSNAME 2
//
// names of the database file(s)
//
#define UAS_ACCOUNTS_FILE "NET.ACC"
#define UAS_ACCOUNTS_PATH "C:\\LANMAN\\ACCOUNTS\\"
//
// special values of uid and serial number for Local calls
//
#define UAS_LOCAL_UID -1
#define UAS_LOCAL_SERIAL 0L
#define UAS_NONEXISTENT_GID -1
//
// audit flags
//
#define UAS_AUDIT_ALL 0x1
#define UAS_AUDIT_OPTIONS 0xFFFE
#define UAS_LMFILE_AUDIT_RESERVED 0xF006
#define UAS_PBFILE_AUDIT_RESERVED 0x3
//
// Types of records
//
#define UAS_ACCESS_REC 2
#define UAS_GROUP_REC 1
#define UAS_USER_REC 0
//
// Special Groups Info
//
#define UAS_NUM_SPECIAL_GROUPS 4
#define UAS_GROUP_ADMIN 0
#define UAS_GROUP_USERS 1
#define UAS_GROUP_GUEST 2
#define UAS_GROUP_LOCAL 3
#define UAS_GROUP_NT (DWORD)-1
#define UAS_GROUP_ADMIN_WNAME L"ADMINS"
#define UAS_GROUP_USERS_WNAME L"USERS"
#define UAS_GROUP_GUEST_WNAME L"GUESTS"
#define UAS_GROUP_LOCAL_WNAME L"LOCAL"
//
// Signature, text strings
//
#define UAS_LMSIG "MICROSOFT LANMAN 2.0"
#define UAS_DBIDINFO_TEXT "LANMAN 2.0 UAS DATABASE"
#define UAS_ROLE_NAME_PRIMARY "PRIMARY"
#define UAS_ROLE_NAME_BACKUP "BACKUP"
#define UAS_ROLE_NAME_MEMBER "MEMBER"
#define UAS_ROLE_NAME_STANDALONE "STANDALONE"
#define UAS_DOMAIN_LOCAL "LOCAL"
#define UAS_NLS_YES_KEY 'Y'
#define UAS_NLS_NO_KEY 'N'
#define UAS_DEFAULT_YES "(Y/N) [Y]"
#define UAS_DEFAULT_NO "(Y/N) [N]"
#define UAS_DEFAULT_PASSWORD "PASSWORD"
//
// # of records reserved as the header (store signature) ..
//
// Note
// record size of group record = sizeof(UAS_GROUPREC)
// record size of user record = sizeof(UAS_USERREC)
// record size of access record = sizeof(UAS_ACCESSREC)
//
#define UAS_GROUPHDR 2
#define UAS_ACCESSHDR 1
#define UAS_USERHDR 1
//
// File_Record Representation
// It is in the first character of the record (name field)
//
#define UAS_REC_EMPTY '\0'
#define UAS_REC_DELETE (BYTE)-1
#define UAS_REC_USE (BYTE)1
//
// Status returned in UserId
//
#define UAS_NAME_NotFound -1
#define UAS_NAME_NotCache -2
//
// General Purpose Macros
//
// BitMap macro
#define UAS_MARKUSE(map, pos) ((map)[(pos) >> 3] |= (1 << ((pos) & 7 ) ))
#define UAS_MARKOFF(map, pos) ((map)[(pos) >> 3] &= ~(1 << ((pos) & 7 ) ))
#define UAS_ISBITON(map, id) ((map)[id >> 3] & ( 1 << ((id) & 0x7) ) )
#define UAS_ISBITOFF(map, id) !UAS_ISBITON((map), (id))
// Conversion from perm ptr back to the access ptr
#define UAS_GETACCHDR(perm, len) (LPUAS_ACCESS) ((LPBYTE)(perm) \
- WORDALIGN(len) \ - sizeof(UAS_ACCESS) + 1)
// Test if every user's record is cached
#define UAS_ALLUSERCACHED (Ucb->usercnt < Ucb->maxuser)
// Find the size of block needed to hold access record and perm entries
#define UAS_ACCRECSIZE(len, cnt) WORDALIGN(sizeof(UAS_ACCESS) - 1 \
+ (len) + sizeof(WORD) \ + (cnt)* sizeof(PERM))
// The size of disk record needed to hold access record and perm entries
#define UAS_DISKACCRECSIZE(len, cnt) WORDALIGN(sizeof(UAS_ACCESSREC) - 1 \
+ (len) + sizeof (WORD) \ + (cnt) * sizeof(UAS_PERM))
//
// Record structures in UAS Database (NET.ACC)
//
//
// Header block structure of NET.ACC
//
struct _UAS_AHDR { // typedef'ed above.
BYTE signature[WORDALIGN(sizeof(UAS_LMSIG))]; // LANMAN signature
WORD encryption_flag; // is database encrypted?
WORD min_passwd_len; // password length modal
DWORD min_passwd_age; // password age modal
DWORD max_passwd_age; // password age modal
DWORD force_logoff; // forced logoff modal
WORD passwd_hist_len; // password history modal
WORD max_bad_passwd; // max bad passwd try modal
WORD role; // role under SSI
UAS_INFO_0 local; // local database info
UAS_INFO_0 primary; // primary database info
BYTE DBIdInfo[UAS_DBIDINFO_SIZE]; // database identifier str
DWORD alist_mtime; // last update to ACL's
DWORD glist_mtime; // last upd to groups
DWORD ulist_mtime; // last upd to users
WORD num_users; // Total users in DB
DWORD free_list; // Head of free list
DWORD access_list; // Head of access list
WORD integrity_flag; // if FALSE, UAS is corrupt
};
#define UAS_INTEGRITY_OFFSET (sizeof(UAS_AHDR) - sizeof(WORD))
//
// Structure of a group record in UAS Database
//
struct _UAS_GROUP { // typedef'ed above.
BYTE name[LM20_GNLEN+1]; DWORD serial;
};
struct _UAS_GROUPREC { // typedef'ed above.
BYTE name[LM20_GNLEN+1]; BYTE comment[LM20_MAXCOMMENTSZ+1]; DWORD serial;
};
//
// Structure of a user record in UAS Database
//
// fields ending in _o are offsets from the start of the structure
// to ASCIIZ strings.
//
// WARNING: When updating this structure update the matching structure
// UAS_USERINFO. You may also have to update the UAS_MAX_USER_SIZE
// macro.
//
struct _UAS_USERREC { // typedef'ed above.
UAS_USER user; BYTE name[LM20_UNLEN+1]; // user name
WORD size; // total size of user entry
BYTE passwd[ENCRYPTED_PWLEN]; // encrypted password
DWORD last; // last time passwd changed
WORD directory_o; // directory & logon script
WORD comment_o; // comment
WORD flags; // User flags
WORD script_o; // logon script name
WORD full_name_o; WORD usr_comment_o; WORD parms_o; DWORD last_logon; DWORD last_logoff; DWORD max_storage; DWORD acct_expires; WORD bad_pw_count; WORD num_logons; BYTE logonhrs[UNITS_PER_WEEK/8]; WORD workstation_o; BYTE old_passwds[DEF_MAX_PWHIST * ENCRYPTED_PWLEN]; WORD logon_server_o; WORD country_code; WORD code_page;
};
//
// Decompressed user record.
//
struct _UAS_USERINFO { // typedef'ed above.
UAS_USER user; BYTE name[LM20_UNLEN+1]; // user name
BYTE passwd[ENCRYPTED_PWLEN]; // encrypted password
DWORD last; // last time passwd changed
BYTE directory[LM20_PATHLEN+1]; // directory & logon script
BYTE comment[LM20_MAXCOMMENTSZ+1]; // comment
WORD flags; // User flags
BYTE script[LM20_PATHLEN+1]; // logon script name
BYTE full_name[LM20_MAXCOMMENTSZ+1]; BYTE usr_comment[MAXCOMMENTSZ+1]; BYTE parms[MAXCOMMENTSZ+1]; DWORD last_logon; DWORD last_logoff; DWORD max_storage; DWORD acct_expires; WORD bad_pw_count; WORD num_logons; BYTE logonhrs[UNITS_PER_WEEK/8]; BYTE workstation[MAXWORKSTATIONS * (LM20_CNLEN+1)]; BYTE old_passwds[DEF_MAX_PWHIST * ENCRYPTED_PWLEN]; BYTE logon_server[LM20_UNCLEN+1]; WORD country_code; WORD code_page;
};
#define UAS_URECSIZE UAS_MAX_USER_SIZE
#define UAS_GRECSIZE sizeof(UAS_GROUPREC)
typedef struct _UAS_DISK_OBJ_HDR {
BYTE do_type; BYTE do_numblocks; DWORD do_next; DWORD do_prev;
} UAS_DISK_OBJ_HDR, *LPUAS_DISK_OBJ_HDR;
#define UAS_NEXT_OFFSET (2 * sizeof(BYTE))
#define UAS_PREV_OFFSET (2 * sizeof(BYTE) + sizeof(DWORD))
#define UAS_FREE_OBJECT_ID 0
#define UAS_USER_OBJECT_ID 1
#define UAS_ACCESS_OBJECT_ID 2
typedef struct _UAS_USER_OBJECT {
UAS_DISK_OBJ_HDR uo_header; UAS_USERREC uo_record; BYTE uo_data[1]; // Variable size
} UAS_USER_OBJECT, *LPUAS_USER_OBJECT;
//
// User hash table entry in memory
//
typedef struct _UAS_USERHASH {
DWORD uh_disk; WORD uh_cache; DWORD uh_serial;
} UAS_USERHASH, *LPUAS_USERHASH;
//
// User hash table entry on disk
//
struct _UAS_DISKUSERHASH { // typedef'ed above.
DWORD dh_disk; DWORD dh_serial;
};
//
// Permission data
//
struct _UAS_PERM { // typedef'ed above.
WORD uid; // bit 15: 0 = uid, 1 = gid
DWORD serial; BYTE access; BYTE pad; // word align this puppy
};
//
// Access Record structure in Database (NET.ACC)
//
struct _UAS_ACCESSREC { // typedef'ed above.
WORD attr; // audit attribute
WORD recsize; WORD namelen; BYTE resource[1];
};
//
// Internal access record structure in memory
//
struct _UAS_ACCESS { // typedef'ed above.
LPUAS_ACCESS next; DWORD position; WORD attr; WORD recsize; WORD namelen; BYTE resource[1];
};
//
// followed by variable number of permission entry
//
struct _UAS_VPERM { // typedef'ed above.
WORD permcnt; UAS_PERM perm[1];
};
// Size (in bytes) of a variable size ACL
#define UAS_ACL_RECORD_SIZE(acl,namelen,permcnt) \
(((sizeof(UAS_ACCESSREC) + namelen \ + sizeof (UAS_VPERM) \ + sizeof (UAS_PERM) * (permcnt - 1)) + 1) & ~1)
typedef struct _UAS_ACCESS_OBJECT {
UAS_DISK_OBJ_HDR ao_header; // Fixed length header
UAS_ACCESSREC ao_record; // Variable length
UAS_VPERM ao_data; // Variable length
} UAS_ACCESS_OBJECT, *LPUAS_ACCESS_OBJECT;
#include <packoff.h>
#endif // _PERMIT_
|