mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
673 lines
16 KiB
673 lines
16 KiB
//
|
|
// Author: DebiM
|
|
// Date: September 1996
|
|
//
|
|
// File: csuser.cxx
|
|
//
|
|
// Maintains a list of class containers per User SID.
|
|
// Looks up this list for every IClassAccess call from OLE32/SCM.
|
|
//
|
|
//
|
|
//---------------------------------------------------------------------
|
|
|
|
#include "cstore.hxx"
|
|
|
|
//
|
|
// Link list pointer for Class Containers Seen
|
|
//
|
|
extern CLASSCONTAINER *gpContainerHead;
|
|
|
|
//
|
|
// Link list pointer for User Profiles Seen
|
|
//
|
|
extern USERPROFILE *gpUserHead;
|
|
|
|
|
|
// Initialzed in InitializeClassStore at startup
|
|
|
|
extern CRITICAL_SECTION ClassStoreBindList;
|
|
|
|
//-------------------------------------------------------------------------
|
|
//
|
|
// OpenUserRegKey
|
|
//
|
|
// Opens a key under a user's HKEY_CLASSES_ROOT registry key. On NT5
|
|
// HKCR is equivalent to HKEY_USERS\{sid string}\Software\Classes.
|
|
//
|
|
// A SID string is used to create
|
|
// the proper registry key name to open.
|
|
//
|
|
//-------------------------------------------------------------------------
|
|
DWORD
|
|
OpenUserRegKey(
|
|
IN PSID pSid,
|
|
IN WCHAR * pwszSubKey,
|
|
OUT HKEY * phKey
|
|
)
|
|
{
|
|
UNICODE_STRING UnicodeString;
|
|
WCHAR * pwszKey;
|
|
DWORD AllocSize;
|
|
NTSTATUS Status;
|
|
|
|
UnicodeString.Length = UnicodeString.MaximumLength = 0;
|
|
UnicodeString.Buffer = 0;
|
|
|
|
Status = RtlConvertSidToUnicodeString(
|
|
&UnicodeString,
|
|
pSid,
|
|
(BOOLEAN)TRUE // Allocate
|
|
);
|
|
|
|
//
|
|
// Don't return a raw NT status code. This is the only possible error
|
|
// condition presuming our sid is valid.
|
|
//
|
|
if ( Status != STATUS_SUCCESS )
|
|
return ERROR_OUTOFMEMORY;
|
|
|
|
//
|
|
// Your friendly reminder, unicode string length is in bytes and doesn't include
|
|
// null terminator, if any.
|
|
// Add byte for '\\' and end null.
|
|
//
|
|
AllocSize = UnicodeString.Length + ((1 + lstrlen(pwszSubKey) + 1) * sizeof(WCHAR));
|
|
pwszKey = (WCHAR *) alloca( AllocSize );
|
|
|
|
if ( pwszKey )
|
|
{
|
|
memcpy( pwszKey, UnicodeString.Buffer, UnicodeString.Length );
|
|
pwszKey[UnicodeString.Length / 2] = L'\\';
|
|
lstrcpyW( &pwszKey[(UnicodeString.Length / 2) + 1], pwszSubKey );
|
|
}
|
|
|
|
RtlFreeUnicodeString( &UnicodeString );
|
|
|
|
if ( ! pwszKey )
|
|
return ERROR_OUTOFMEMORY;
|
|
|
|
Status = RegOpenKeyEx(
|
|
HKEY_USERS,
|
|
pwszKey,
|
|
0,
|
|
KEY_READ,
|
|
phKey );
|
|
|
|
return Status;
|
|
}
|
|
|
|
//
|
|
// GetUserSid
|
|
// ----------
|
|
//
|
|
// Synopsis: return the user SID of the caller.
|
|
//
|
|
// Arguments: &PSID - Where to store the caller's PSID
|
|
//
|
|
// Returns: HRESULT - S_OK if successful
|
|
// E_FAIL otherwise
|
|
//
|
|
SID LocalSystemSid = { SID_REVISION, 1, SECURITY_NT_AUTHORITY, SECURITY_LOCAL_SYSTEM_RID };
|
|
|
|
|
|
HRESULT GetUserSid(PSID *ppUserSid, UINT *pCallType)
|
|
{
|
|
BYTE achBuffer[100];
|
|
PTOKEN_USER pUser = (PTOKEN_USER) &achBuffer;
|
|
PSID pSid;
|
|
DWORD dwBytesRequired;
|
|
BOOL fAllocatedBuffer = FALSE;
|
|
HRESULT hr = S_OK;
|
|
HANDLE hUserToken = NULL;
|
|
BOOL fImpersonated = TRUE;
|
|
|
|
|
|
*pCallType = CS_CALL_USERPROCESS;
|
|
|
|
// Initialize
|
|
*ppUserSid = NULL;
|
|
|
|
// Get caller's token while impersonating
|
|
|
|
if (!OpenThreadToken(GetCurrentThread(),
|
|
TOKEN_DUPLICATE | TOKEN_QUERY,
|
|
TRUE,
|
|
&hUserToken))
|
|
{
|
|
fImpersonated = FALSE;
|
|
if (ERROR_NO_TOKEN != GetLastError())
|
|
return HRESULT_FROM_WIN32(GetLastError());
|
|
|
|
if (!OpenProcessToken(GetCurrentProcess(),
|
|
TOKEN_DUPLICATE | TOKEN_QUERY,
|
|
&hUserToken))
|
|
{
|
|
return HRESULT_FROM_WIN32(GetLastError());
|
|
}
|
|
}
|
|
|
|
if (SUCCEEDED(hr))
|
|
{
|
|
if (!GetTokenInformation(
|
|
hUserToken, // Handle
|
|
TokenUser, // TokenInformationClass
|
|
pUser, // TokenInformation
|
|
sizeof(achBuffer), // TokenInformationLength
|
|
&dwBytesRequired // ReturnLength
|
|
))
|
|
{
|
|
|
|
//
|
|
// Need to handle the case of insufficient buffer size.
|
|
//
|
|
|
|
if (sizeof(achBuffer) >= dwBytesRequired)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(GetLastError());
|
|
}
|
|
|
|
|
|
if (SUCCEEDED(hr))
|
|
{
|
|
//
|
|
// Allocate space for the user info
|
|
//
|
|
|
|
pUser = (PTOKEN_USER) CoTaskMemAlloc(dwBytesRequired);
|
|
if (pUser == NULL)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
}
|
|
}
|
|
|
|
if (SUCCEEDED(hr))
|
|
{
|
|
fAllocatedBuffer = TRUE;
|
|
|
|
//
|
|
// Read in the UserInfo
|
|
//
|
|
|
|
|
|
if (!GetTokenInformation(
|
|
hUserToken, // Handle
|
|
TokenUser, // TokenInformationClass
|
|
pUser, // TokenInformation
|
|
dwBytesRequired, // TokenInformationLength
|
|
&dwBytesRequired // ReturnLength
|
|
))
|
|
|
|
{
|
|
hr = HRESULT_FROM_WIN32(GetLastError());
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
if (hUserToken)
|
|
{
|
|
CloseHandle( hUserToken );
|
|
hUserToken = NULL;
|
|
}
|
|
|
|
if (SUCCEEDED(hr))
|
|
{
|
|
|
|
//
|
|
// Distinguish between
|
|
// a) LOCAL_SYSTEM,
|
|
// b) Impersonated Call from a LOCAL_SYSTEM
|
|
// and c) In_proc call from a user process
|
|
//
|
|
// For case (c) make the SID null.
|
|
//
|
|
|
|
if (EqualSid(pUser->User.Sid, &LocalSystemSid))
|
|
{
|
|
*pCallType = CS_CALL_LOCALSYSTEM;
|
|
}
|
|
else
|
|
{
|
|
if (fImpersonated)
|
|
{
|
|
*pCallType = CS_CALL_IMPERSONATED;
|
|
}
|
|
else
|
|
{
|
|
*pCallType = CS_CALL_USERPROCESS;
|
|
}
|
|
}
|
|
|
|
// Alloc buffer for copy of SID
|
|
|
|
dwBytesRequired = GetLengthSid(pUser->User.Sid);
|
|
*ppUserSid = CoTaskMemAlloc(dwBytesRequired);
|
|
if (*ppUserSid == NULL)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
}
|
|
else
|
|
{
|
|
// Copy SID
|
|
|
|
if (!CopySid(dwBytesRequired, *ppUserSid, pUser->User.Sid))
|
|
{
|
|
hr = HRESULT_FROM_WIN32(GetLastError());
|
|
CoTaskMemFree(*ppUserSid);
|
|
*ppUserSid = NULL;
|
|
}
|
|
}
|
|
}
|
|
|
|
if (fAllocatedBuffer == TRUE)
|
|
{
|
|
CoTaskMemFree(pUser);
|
|
}
|
|
|
|
return hr;
|
|
}
|
|
|
|
|
|
#if 0
|
|
//
|
|
// GetDomainClassStore
|
|
// -------------------
|
|
//
|
|
// This will go away.
|
|
//
|
|
// Currently this is used to get the Class Store Path
|
|
// for the domain.
|
|
//
|
|
|
|
|
|
#define DEFAULTSTORENAME L"CN=ClassStore"
|
|
|
|
|
|
HRESULT
|
|
GetDomainClassStore(
|
|
LPOLESTR * pszDefaultContainer,
|
|
LPOLESTR * pszDefaultStore)
|
|
|
|
//
|
|
// Finds the Root Path for the DC for this machine
|
|
// Then gets the Default Known CLass Store for the DC
|
|
//
|
|
{
|
|
HRESULT hr;
|
|
LPOLESTR PathNames[2];
|
|
VARIANT * pVarFilter = NULL;
|
|
IEnumVARIANT * pEnum;
|
|
IADs * pADs;
|
|
VARIANT VariantArray[2];
|
|
IDispatch * pDispatch = NULL;
|
|
ULONG cFetched;
|
|
IADsContainer * pContainer = NULL;
|
|
|
|
//
|
|
// Do a bind to the DC by a GetObject for the Path LDAP:
|
|
//
|
|
hr = ADsGetObject(
|
|
L"LDAP:",
|
|
IID_IADsContainer,
|
|
(void **)&pContainer
|
|
);
|
|
|
|
RETURN_ON_FAILURE(hr);
|
|
|
|
hr = ADsBuildEnumerator(
|
|
pContainer,
|
|
&pEnum
|
|
);
|
|
|
|
hr = ADsEnumerateNext(
|
|
pEnum,
|
|
1,
|
|
VariantArray,
|
|
&cFetched
|
|
);
|
|
|
|
pEnum->Release();
|
|
|
|
if ((hr == S_FALSE) || (cFetched == 0))
|
|
{
|
|
return E_FAIL;
|
|
}
|
|
|
|
pDispatch = VariantArray[0].pdispVal;
|
|
memset(VariantArray, 0, sizeof(VARIANT)*2);
|
|
hr = pDispatch->QueryInterface(IID_IADs, (void **) &pADs) ;
|
|
pDispatch->Release();
|
|
|
|
pADs->get_ADsPath(pszDefaultContainer);
|
|
pADs->Release();
|
|
pContainer->Release();
|
|
|
|
*pszDefaultStore = DEFAULTSTORENAME;
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
PCLASSCONTAINER
|
|
GetClassStore (LPOLESTR pszPath)
|
|
{
|
|
|
|
PCLASSCONTAINER pCS = NULL;
|
|
|
|
pCS = (CLASSCONTAINER *) CoTaskMemAlloc (sizeof(CLASSCONTAINER));
|
|
if (!pCS)
|
|
return NULL;
|
|
|
|
pCS->gpClassStore = NULL;
|
|
pCS->cBindFailures = 0;
|
|
pCS->cAccess = 0;
|
|
pCS->cNotFound = 0;
|
|
pCS->pszClassStorePath = (LPOLESTR)CoTaskMemAlloc
|
|
(sizeof(WCHAR) * (wcslen(pszPath)+1));
|
|
if (!(pCS->pszClassStorePath))
|
|
{
|
|
CoTaskMemFree(pCS);
|
|
return NULL;
|
|
}
|
|
|
|
wcscpy (pCS->pszClassStorePath, pszPath);
|
|
//++cStores;
|
|
|
|
return pCS;
|
|
}
|
|
|
|
|
|
extern WCHAR pwszDebugPath [];
|
|
extern BOOL fDebugPath;
|
|
|
|
//
|
|
// GetPerUserClassStore
|
|
// ---------------------
|
|
//
|
|
// Synopsis: Gets the ADT Class Store List from the
|
|
// per-user Registry.
|
|
// Returns error if none defined,
|
|
//
|
|
// Arguments:
|
|
// [out] ppStoreList : where to store list of class container
|
|
// serial numbers
|
|
// [out] pcStores : where to store number of class containers
|
|
//
|
|
// Returns: S_OK,
|
|
//
|
|
// History: Changed by (DebiM)
|
|
// 2/24/97
|
|
// return a NULL list of Class Stores when none defined.
|
|
//
|
|
|
|
HRESULT GetPerUserClassStore(
|
|
PSID pSid,
|
|
UINT CallType,
|
|
LPOLESTR **ppStoreList,
|
|
DWORD *pcStores)
|
|
|
|
{
|
|
LONG lErrorCode;
|
|
DWORD dwDataLen = 0;
|
|
DWORD dwType;
|
|
HKEY hKey = NULL;
|
|
HRESULT hr = S_OK;
|
|
LPOLESTR pszPath, pszStart;
|
|
LPOLESTR *ppszPath;
|
|
LPWSTR pszPathList=NULL;
|
|
|
|
*pcStores = 0;
|
|
*ppStoreList = NULL;
|
|
|
|
if (!fDebugPath)
|
|
{
|
|
switch (CallType)
|
|
{
|
|
case CS_CALL_LOCALSYSTEM :
|
|
CSDBGPrint((L"Reading HKLM for class store path"));
|
|
break;
|
|
|
|
case CS_CALL_IMPERSONATED :
|
|
CSDBGPrint((L"Reading as an impersonated user for class store path"));
|
|
break;
|
|
|
|
case CS_CALL_USERPROCESS :
|
|
CSDBGPrint((L"Reading HKCU for class store path"));
|
|
break;
|
|
|
|
default:
|
|
return E_FAIL;
|
|
}
|
|
|
|
HRESULT hrCSPath;
|
|
|
|
hrCSPath = ReadClassStorePath(
|
|
CallType != CS_CALL_LOCALSYSTEM ? pSid : NULL,
|
|
&pszPathList);
|
|
|
|
if (FAILED(hrCSPath))
|
|
{
|
|
// treat as NULL list of Class Stores
|
|
delete [] pszPathList;
|
|
return S_OK;
|
|
}
|
|
}
|
|
else // Test Mode - Privately Set Path - Only for testing
|
|
{
|
|
wcscpy (&pszPathList[0], &pwszDebugPath[0]);
|
|
}
|
|
|
|
// counting the number of ';'s and the number of class stores.
|
|
// assuming that it ends with a ;
|
|
|
|
DWORD cTentativeStores = 0;
|
|
|
|
for (pszPath = pszPathList, cTentativeStores = 0;
|
|
(pszPath = wcschr(pszPath, L';'));)
|
|
{
|
|
++(cTentativeStores); pszPath++;
|
|
}
|
|
|
|
++(cTentativeStores);
|
|
|
|
pszPath = pszPathList;
|
|
|
|
ppszPath = *ppStoreList = (LPOLESTR *) CoTaskMemAlloc
|
|
(sizeof(LPOLESTR) * (cTentativeStores));
|
|
|
|
if (*ppStoreList == NULL)
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
|
|
memset (*ppStoreList, 0, sizeof(LPOLESTR) * (cTentativeStores));
|
|
|
|
//
|
|
// Parse the list to separate different class containers
|
|
//
|
|
|
|
while (*pszPath)
|
|
{
|
|
while (*pszPath == L' ')
|
|
++pszPath;
|
|
pszStart = pszPath;
|
|
|
|
if (!*pszPath)
|
|
break;
|
|
if (*pszPath == L';')
|
|
{
|
|
++pszPath;
|
|
continue;
|
|
}
|
|
|
|
while (*pszPath && (*pszPath != L';'))
|
|
++pszPath;
|
|
|
|
//
|
|
// got one. save it.
|
|
//
|
|
*ppszPath = (LPOLESTR) CoTaskMemAlloc (sizeof(WCHAR) * (ULONG) (pszPath - pszStart + 1));
|
|
|
|
if (!(*ppszPath))
|
|
ERROR_ON_FAILURE(hr=E_OUTOFMEMORY);
|
|
|
|
memcpy (*ppszPath, pszStart, sizeof (WCHAR) * (ULONG) (pszPath - pszStart));
|
|
*((*ppszPath)+(pszPath - pszStart)) = NULL;
|
|
|
|
(ppszPath)++;
|
|
|
|
if (*pszPath == L';')
|
|
{
|
|
++pszPath;
|
|
}
|
|
|
|
(*pcStores)++;
|
|
|
|
if ((*pcStores) == cTentativeStores)
|
|
break;
|
|
}
|
|
|
|
delete [] pszPathList;
|
|
return S_OK;
|
|
|
|
Error_Cleanup:
|
|
DWORD i;
|
|
for (i = 0; i < (*pcStores); i++)
|
|
{
|
|
if (ppszPath[i])
|
|
CoTaskMemFree(ppszPath[i]);
|
|
}
|
|
CoTaskMemFree(ppszPath);
|
|
|
|
ppStoreList = NULL;
|
|
|
|
(*pcStores) = 0;
|
|
if (pszPathList)
|
|
CoTaskMemFree(pszPathList);
|
|
|
|
return hr;
|
|
}
|
|
|
|
|
|
//
|
|
// GetUserClassStores
|
|
// ------------------
|
|
//
|
|
// Synopsis: This routine reads the Class Store list and parses it.
|
|
// If it has prior knowledge it reurns the parsed list.
|
|
// Arguments:
|
|
// [out] pcStores: Number of Class Stores
|
|
// [out] ppStoreIdList: Class Store Id List,
|
|
//
|
|
// Returns: S_OK
|
|
// May return a NULL list of Class Stores.
|
|
//
|
|
//
|
|
|
|
|
|
HRESULT GetUserClassStores(
|
|
PCLASSCONTAINER **ppStoreList,
|
|
DWORD *pcStores,
|
|
BOOL *pfCache,
|
|
PSID *ppUserSid)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
UINT CallType;
|
|
PCLASSCONTAINER *pList = NULL;
|
|
DWORD i;
|
|
|
|
//
|
|
// Get the SID of the calling process
|
|
//
|
|
|
|
hr = GetUserSid(ppUserSid, &CallType);
|
|
|
|
if (FAILED(hr))
|
|
{
|
|
*ppUserSid = NULL;
|
|
hr = S_OK;
|
|
}
|
|
|
|
*pfCache = (CallType == CS_CALL_IMPERSONATED);
|
|
|
|
if (gDebug)
|
|
{
|
|
if (*pfCache)
|
|
CSDBGPrint((L"Cache the class store"));
|
|
}
|
|
|
|
EnterCriticalSection (&ClassStoreBindList);
|
|
|
|
//
|
|
// Get the Class Store List
|
|
//
|
|
LPOLESTR *ppStoreNameList = NULL;
|
|
|
|
hr = GetPerUserClassStore(
|
|
*ppUserSid, CallType, &ppStoreNameList, pcStores);
|
|
|
|
//
|
|
// Note that the above may return a NULL list of Class Stores
|
|
//
|
|
|
|
CSDBGPrint((L"Found %d ClassStores", (*pcStores)));
|
|
|
|
if (SUCCEEDED(hr))
|
|
{
|
|
*ppStoreList = pList = (PCLASSCONTAINER *)
|
|
CoTaskMemAlloc (sizeof(PCLASSCONTAINER) * (*pcStores));
|
|
|
|
if (!(*ppStoreList))
|
|
hr = E_OUTOFMEMORY;
|
|
else
|
|
memset(pList, 0, sizeof(PCLASSCONTAINER) * (*pcStores));
|
|
}
|
|
|
|
if (SUCCEEDED(hr))
|
|
{
|
|
for (i=0; i < (*pcStores); i++)
|
|
{
|
|
*pList = GetClassStore (ppStoreNameList[i]);
|
|
if (!(*pList))
|
|
{
|
|
// free all the ones that have been allocated.
|
|
DWORD j;
|
|
for (j = 0; j < (*pcStores); j++)
|
|
if (*pList)
|
|
{
|
|
if ((*pList)->pszClassStorePath)
|
|
CoTaskMemFree((*pList)->pszClassStorePath);
|
|
CoTaskMemFree(*pList);
|
|
}
|
|
|
|
hr = E_OUTOFMEMORY;
|
|
(*pcStores) = 0;
|
|
break;
|
|
}
|
|
|
|
pList++;
|
|
}
|
|
}
|
|
|
|
if (ppStoreNameList)
|
|
{
|
|
for (i=0; i < (*pcStores); ++i)
|
|
{
|
|
if (ppStoreNameList[i])
|
|
CoTaskMemFree (ppStoreNameList[i]);
|
|
}
|
|
}
|
|
|
|
if (ppStoreNameList)
|
|
CoTaskMemFree (ppStoreNameList);
|
|
|
|
LeaveCriticalSection (&ClassStoreBindList);
|
|
|
|
return hr;
|
|
}
|
|
|
|
|
|
|