mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
288 lines
6.6 KiB
288 lines
6.6 KiB
/*++
|
|
|
|
Copyright (c) 2001 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
context.cxx
|
|
|
|
Abstract:
|
|
|
|
Routines implementing the client context API
|
|
|
|
Author:
|
|
|
|
Cliff Van Dyke (cliffv) 22-May-2001
|
|
|
|
--*/
|
|
|
|
#include "pch.hxx"
|
|
|
|
DWORD
|
|
AzpClientContextInit(
|
|
IN PGENERIC_OBJECT ParentGenericObject,
|
|
IN PGENERIC_OBJECT ChildGenericObject
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This routine is a worker routine for AzInitializeClientContextFrom*. It does any object specific
|
|
initialization that needs to be done.
|
|
|
|
On entry, AzGlResource must be locked exclusively.
|
|
|
|
Arguments:
|
|
|
|
ParentGenericObject - Specifies the parent object to add the child object onto.
|
|
The reference count has been incremented on this object.
|
|
|
|
ChildGenericObject - Specifies the newly allocated child object.
|
|
The reference count has been incremented on this object.
|
|
|
|
Return Value:
|
|
|
|
NO_ERROR - The operation was successful
|
|
ERROR_NOT_ENOUGH_MEMORY - not enough memory
|
|
Other exception status codes
|
|
|
|
--*/
|
|
{
|
|
PAZP_CLIENT_CONTEXT ClientContext = (PAZP_CLIENT_CONTEXT) ChildGenericObject;
|
|
UNREFERENCED_PARAMETER( ParentGenericObject );
|
|
|
|
//
|
|
// Initialization
|
|
//
|
|
|
|
ASSERT( AzpIsLockedExclusive( &AzGlResource ) );
|
|
|
|
//
|
|
// ClientContexts are referenced by "Applications"
|
|
// Let the generic object manager know all of the lists we support
|
|
// This is a "back" link so we don't need to define which applications can reference this client context.
|
|
//
|
|
|
|
ChildGenericObject->GenericObjectLists = &ClientContext->backApplications;
|
|
|
|
// Back link to applications
|
|
ObInitObjectList( &ClientContext->backApplications,
|
|
NULL,
|
|
TRUE, // Backward link
|
|
0, // No link pair id
|
|
NULL,
|
|
NULL,
|
|
NULL );
|
|
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
|
|
VOID
|
|
AzpClientContextFree(
|
|
IN PGENERIC_OBJECT GenericObject
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This routine is a worker routine for ClientContext object free. It does any object specific
|
|
cleanup that needs to be done.
|
|
|
|
On entry, AzGlResource must be locked exclusively.
|
|
|
|
Arguments:
|
|
|
|
GenericObject - Specifies a pointer to the object to be deleted.
|
|
|
|
Return Value:
|
|
|
|
None
|
|
|
|
--*/
|
|
{
|
|
PAZP_CLIENT_CONTEXT ClientContext = (PAZP_CLIENT_CONTEXT) GenericObject;
|
|
|
|
//
|
|
// Initialization
|
|
//
|
|
|
|
ASSERT( AzpIsLockedExclusive( &AzGlResource ) );
|
|
|
|
//
|
|
// Free any local strings
|
|
//
|
|
|
|
|
|
//
|
|
// Free any authz context
|
|
//
|
|
|
|
if ( ClientContext->AuthzClientContext != NULL ) {
|
|
if ( !AuthzFreeContext( ClientContext->AuthzClientContext ) ) {
|
|
ASSERT( FALSE );
|
|
}
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
DWORD
|
|
AzpClientContextGetProperty(
|
|
IN PGENERIC_OBJECT GenericObject,
|
|
IN ULONG PropertyId,
|
|
OUT PVOID *PropertyValue
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This routine is a worker routine for AzClientContextGetProperty. It does any object specific
|
|
property gets.
|
|
|
|
On entry, AzGlResource must be locked shared.
|
|
|
|
Arguments:
|
|
|
|
GenericObject - Specifies a pointer to the object to be queried
|
|
|
|
PropertyId - Specifies which property to return.
|
|
|
|
PropertyValue - Specifies a pointer to return the property in.
|
|
The returned pointer must be freed using AzFreeMemory.
|
|
The returned value and type depends in PropertyId. The valid values are:
|
|
|
|
AZ_PROP_CLIENT_CONTEXT_TYPE PULONG - ClientContext type of the group
|
|
AZ_PROP_CLIENT_CONTEXT_APP_MEMBERS AZ_STRING_ARRAY - Application groups that are members of this group
|
|
???
|
|
|
|
Return Value:
|
|
|
|
Status of the operation
|
|
|
|
--*/
|
|
{
|
|
DWORD WinStatus = NO_ERROR;
|
|
PAZP_CLIENT_CONTEXT ClientContext = (PAZP_CLIENT_CONTEXT) GenericObject;
|
|
|
|
//
|
|
// Initialization
|
|
//
|
|
|
|
ASSERT( AzpIsLockedShared( &AzGlResource ) );
|
|
|
|
|
|
//
|
|
// Return any object specific attribute
|
|
//
|
|
//
|
|
switch ( PropertyId ) {
|
|
case 1:
|
|
UNREFERENCED_PARAMETER( PropertyValue );
|
|
UNREFERENCED_PARAMETER( ClientContext );
|
|
break;
|
|
default:
|
|
AzPrint(( AZD_INVPARM, "AzpClientContextGetProperty: invalid opcode\n", PropertyId ));
|
|
WinStatus = ERROR_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
return WinStatus;
|
|
}
|
|
|
|
|
|
|
|
DWORD
|
|
AzInitializeContextFromToken(
|
|
IN AZ_HANDLE ApplicationHandle,
|
|
IN HANDLE TokenHandle,
|
|
IN DWORD Reserved,
|
|
OUT PAZ_HANDLE ClientContextHandle
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This routine is a worker routine for AzGroupCreate. It does any object specific
|
|
initialization that needs to be done.
|
|
|
|
On entry, AzGlResource must be locked exclusively.
|
|
|
|
Arguments:
|
|
|
|
ApplicationHandle - Specifies a handle to the application object that
|
|
is this client context applies to.
|
|
|
|
TokenHandle - Handle to the NT token describing the cleint.
|
|
NULL implies the impersonation token of the caller's thread.
|
|
The token mast have been opened for TOKEN_QUERY, TOKEN_IMPERSONATION, and
|
|
TOKEN_DUPLICATE access.
|
|
|
|
Reserved - Reserved. Must by zero.
|
|
|
|
ClientContextHandle - Return a handle to the client context
|
|
The caller must close this handle by calling AzCloseHandle.
|
|
|
|
Return Value:
|
|
|
|
NO_ERROR - The operation was successful
|
|
ERROR_NOT_ENOUGH_MEMORY - not enough memory
|
|
Other exception status codes
|
|
|
|
--*/
|
|
{
|
|
DWORD WinStatus;
|
|
LUID Identifier = {0};
|
|
PAZP_CLIENT_CONTEXT ClientContext = NULL;
|
|
|
|
//
|
|
// Call the common routine to create our client context object
|
|
//
|
|
|
|
WinStatus = ObCommonCreateObject(
|
|
(PGENERIC_OBJECT) ApplicationHandle,
|
|
OBJECT_TYPE_APPLICATION,
|
|
&(((PAZP_APPLICATION)ApplicationHandle)->ClientContexts),
|
|
OBJECT_TYPE_CLIENT_CONTEXT,
|
|
NULL,
|
|
Reserved,
|
|
(PGENERIC_OBJECT *) &ClientContext );
|
|
|
|
if ( WinStatus != NO_ERROR ) {
|
|
goto Cleanup;
|
|
}
|
|
|
|
//
|
|
// Initialize Authz
|
|
//
|
|
|
|
if ( !AuthzInitializeContextFromToken(
|
|
0, // No Flags
|
|
TokenHandle,
|
|
(((PAZP_APPLICATION)ApplicationHandle)->AuthzResourceManager),
|
|
NULL, // No expiration time
|
|
Identifier,
|
|
NULL, // No dynamic group args
|
|
&ClientContext->AuthzClientContext ) ) {
|
|
|
|
WinStatus = GetLastError();
|
|
goto Cleanup;
|
|
}
|
|
|
|
|
|
WinStatus = NO_ERROR;
|
|
*ClientContextHandle = ClientContext;
|
|
ClientContext = NULL;
|
|
|
|
//
|
|
// Free any local resources
|
|
//
|
|
Cleanup:
|
|
if ( ClientContext != NULL ) {
|
|
AzCloseHandle( ClientContext, 0 );
|
|
}
|
|
|
|
return WinStatus;
|
|
}
|