mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
505 lines
14 KiB
505 lines
14 KiB
/*++
|
|
|
|
Copyright (c) 1991-92 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
Permit.h
|
|
|
|
Abstract:
|
|
|
|
Internal UAS constants, data structures.
|
|
|
|
Author:
|
|
|
|
Shanku Niyogi (W-SHANKN) 24-Oct-1991
|
|
|
|
Revision History:
|
|
|
|
24-Oct-1991 w-shankn
|
|
Ported from LM2.0 code, removed unnecessary stuff.
|
|
07-Feb-1992 JohnRo
|
|
Made changes suggested by PC-LINT.
|
|
03-Mar-1992 JohnRo
|
|
Correct handling of byte flags (UAS_REC_DELETE, etc).
|
|
11-Mar-1992 JohnRo
|
|
Include <lmaccess.h> here to get UNITS_PER_WEEK.
|
|
18-Mar-1992 JohnRo
|
|
Include <uascache.h> for UAS_INFO_0.
|
|
|
|
--*/
|
|
|
|
|
|
#ifndef _PERMIT_
|
|
#define _PERMIT_
|
|
|
|
|
|
#include <lmaccess.h> // UNITS_PER_WEEK.
|
|
#include <uascache.h> // UAS_INFO_0.
|
|
|
|
|
|
#include <packon.h> // Suppress natural alignment.
|
|
|
|
//
|
|
// Forward declarations for recursive structures.
|
|
//
|
|
|
|
typedef struct _UAS_AHDR UAS_AHDR, *LPUAS_AHDR;
|
|
typedef struct _UAS_GROUP UAS_GROUP, *LPUAS_GROUP;
|
|
typedef struct _UAS_GROUPREC UAS_GROUPREC, *LPUAS_GROUPREC;
|
|
typedef struct _UAS_USERREC UAS_USERREC, *LPUAS_USERREC;
|
|
typedef struct _UAS_USERINFO UAS_USERINFO, *LPUAS_USERINFO;
|
|
typedef struct _UAS_DISKUSERHASH UAS_DISKUSERHASH, *LPUAS_DISKUSERHASH;
|
|
typedef struct _UAS_PERM UAS_PERM, *LPUAS_PERM;
|
|
typedef struct _UAS_ACCESSREC UAS_ACCESSREC, *LPUAS_ACCESSREC;
|
|
typedef struct _UAS_ACCESS UAS_ACCESS, *LPUAS_ACCESS;
|
|
typedef struct _UAS_VPERM UAS_VPERM, *LPUAS_VPERM;
|
|
|
|
//
|
|
// Constants.
|
|
//
|
|
|
|
#define UAS_MAXGROUP 256 // max number of groups allowed in UAS
|
|
#define UAS_MAXACL 8192 // max number of access control list
|
|
#define UAS_MAXSEG 8 // max number of segs for perm stuff
|
|
#define UAS_ACCESSTBLSIZE 1027 // prime number for less collisions
|
|
#define UAS_PSEGSIZE 1024*24 // Initla size of seg holding _pcb
|
|
#define UAS_INITSEGSIZE 1024 // Initial size of segs holding perms
|
|
#define UAS_URECSEGSIZE 1024*16 // Initial size of UAS logon cache seg
|
|
#define UAS_SIZEINC 2048 // Size to grow each time
|
|
#define UAS_MINUSER 3 // min number of users in database
|
|
#define UAS_MINUREC 128 // cache at least 128 user records
|
|
#define UAS_DEFAULT_USERS 128 // default number of records cached
|
|
#define UAS_MAXCACHE_LIMIT 1000 // max user records allowed in cache
|
|
#define UAS_DBIDINFO_SIZE 50 // database identifier string
|
|
#define UAS_INITIALIZE_SEG 1 // manifest for DosSubSet after Alloc
|
|
#define UAS_INTRUDER_DELAY 3000L // 3 sec delay to discourage intruders
|
|
|
|
#define UAS_MAX_USERS 16000 // Ever, ever, ever
|
|
#define UAS_DISK_BLOCK_SIZE 64 // size of block in disk pool
|
|
|
|
#define UAS_FILE_GROW_INCREMENT 32 // Increment of file grow in disk blocks
|
|
|
|
#define UAS_USER_HASH_ENTRIES 2048
|
|
|
|
#define WORDALIGN(a) (((a)+1) & (~1))
|
|
|
|
// Temporary definitions. LM20_PATHLEN in LMCONS.H is wrong, and
|
|
// MAXPERMENTRIES may change(?), MAXWORKSTATIONS not in LMCONS.H
|
|
|
|
#undef LM20_PATHLEN
|
|
#define LM20_PATHLEN 260
|
|
#define LM20_MAXPERMENTRIES 64
|
|
#define MAXWORKSTATIONS 8
|
|
|
|
//
|
|
// Maximum sizes
|
|
//
|
|
|
|
#define UAS_MAX_ACL_SIZE (sizeof(UAS_ACCESREC) + LM20_PATHLEN \
|
|
+ sizeof(UAS_VPERM) \
|
|
+ (LM20_MAXPERMENTRIES - 1) * sizeof(PERM))
|
|
|
|
#define UAS_MAX_USER_SIZE (sizeof(UAS_USERINFO) \
|
|
+ sizeof(WORD) * 8)
|
|
|
|
// Force header to sector size
|
|
#define UAS_GROUP_HASH_START ((sizeof(UAS_AHDR) + 511) & ~511)
|
|
|
|
#define UAS_GROUP_HASH_OFFSET(i) (UAS_GROUP_HASH_START \
|
|
+ i * sizeof (UAS_GROUPREC))
|
|
|
|
#define UAS_HASH_TBL_OFFSET UAS_GROUP_HASH_OFFSET(UAS_MAXGROUP)
|
|
|
|
#define UAS_HASH_ENTRY(i) (UAS_HASH_TBL_OFFSET \
|
|
+ (i * sizeof (UAS_DISKUSERHASH)))
|
|
|
|
#define UAS_HASH_TBL_SIZE (sizeof(UAS_DISKUSERHASH)*UAS_USER_HASH_ENTRIES)
|
|
|
|
#define UAS_STRING(s,field) ((LPSTR)s + s->field)
|
|
|
|
#define UAS_VPERM_PTR(acc) (LPUAS_VPERM)((acc)->resource \
|
|
+ ((((acc)->namelen) + 1) & ~1))
|
|
|
|
//
|
|
// Name Literal
|
|
//
|
|
|
|
#define UAS_USERNAME 0
|
|
#define UAS_GROUPNAME 1
|
|
#define UAS_ACCESSNAME 2
|
|
|
|
//
|
|
// names of the database file(s)
|
|
//
|
|
|
|
#define UAS_ACCOUNTS_FILE "NET.ACC"
|
|
#define UAS_ACCOUNTS_PATH "C:\\LANMAN\\ACCOUNTS\\"
|
|
|
|
//
|
|
// special values of uid and serial number for Local calls
|
|
//
|
|
|
|
#define UAS_LOCAL_UID -1
|
|
#define UAS_LOCAL_SERIAL 0L
|
|
#define UAS_NONEXISTENT_GID -1
|
|
|
|
//
|
|
// audit flags
|
|
//
|
|
|
|
#define UAS_AUDIT_ALL 0x1
|
|
#define UAS_AUDIT_OPTIONS 0xFFFE
|
|
#define UAS_LMFILE_AUDIT_RESERVED 0xF006
|
|
#define UAS_PBFILE_AUDIT_RESERVED 0x3
|
|
|
|
|
|
//
|
|
// Types of records
|
|
//
|
|
|
|
#define UAS_ACCESS_REC 2
|
|
#define UAS_GROUP_REC 1
|
|
#define UAS_USER_REC 0
|
|
|
|
//
|
|
// Special Groups Info
|
|
//
|
|
|
|
#define UAS_NUM_SPECIAL_GROUPS 4
|
|
#define UAS_GROUP_ADMIN 0
|
|
#define UAS_GROUP_USERS 1
|
|
#define UAS_GROUP_GUEST 2
|
|
#define UAS_GROUP_LOCAL 3
|
|
#define UAS_GROUP_NT (DWORD)-1
|
|
|
|
#define UAS_GROUP_ADMIN_WNAME L"ADMINS"
|
|
#define UAS_GROUP_USERS_WNAME L"USERS"
|
|
#define UAS_GROUP_GUEST_WNAME L"GUESTS"
|
|
#define UAS_GROUP_LOCAL_WNAME L"LOCAL"
|
|
|
|
//
|
|
// Signature, text strings
|
|
//
|
|
|
|
#define UAS_LMSIG "MICROSOFT LANMAN 2.0"
|
|
#define UAS_DBIDINFO_TEXT "LANMAN 2.0 UAS DATABASE"
|
|
|
|
#define UAS_ROLE_NAME_PRIMARY "PRIMARY"
|
|
#define UAS_ROLE_NAME_BACKUP "BACKUP"
|
|
#define UAS_ROLE_NAME_MEMBER "MEMBER"
|
|
#define UAS_ROLE_NAME_STANDALONE "STANDALONE"
|
|
|
|
#define UAS_DOMAIN_LOCAL "LOCAL"
|
|
#define UAS_NLS_YES_KEY 'Y'
|
|
#define UAS_NLS_NO_KEY 'N'
|
|
#define UAS_DEFAULT_YES "(Y/N) [Y]"
|
|
#define UAS_DEFAULT_NO "(Y/N) [N]"
|
|
|
|
#define UAS_DEFAULT_PASSWORD "PASSWORD"
|
|
|
|
//
|
|
// # of records reserved as the header (store signature) ..
|
|
//
|
|
// Note
|
|
// record size of group record = sizeof(UAS_GROUPREC)
|
|
// record size of user record = sizeof(UAS_USERREC)
|
|
// record size of access record = sizeof(UAS_ACCESSREC)
|
|
//
|
|
|
|
#define UAS_GROUPHDR 2
|
|
#define UAS_ACCESSHDR 1
|
|
#define UAS_USERHDR 1
|
|
|
|
//
|
|
// File_Record Representation
|
|
// It is in the first character of the record (name field)
|
|
//
|
|
|
|
#define UAS_REC_EMPTY '\0'
|
|
#define UAS_REC_DELETE (BYTE)-1
|
|
#define UAS_REC_USE (BYTE)1
|
|
|
|
//
|
|
// Status returned in UserId
|
|
//
|
|
|
|
#define UAS_NAME_NotFound -1
|
|
#define UAS_NAME_NotCache -2
|
|
|
|
//
|
|
// General Purpose Macros
|
|
//
|
|
|
|
// BitMap macro
|
|
#define UAS_MARKUSE(map, pos) ((map)[(pos) >> 3] |= (1 << ((pos) & 7 ) ))
|
|
#define UAS_MARKOFF(map, pos) ((map)[(pos) >> 3] &= ~(1 << ((pos) & 7 ) ))
|
|
#define UAS_ISBITON(map, id) ((map)[id >> 3] & ( 1 << ((id) & 0x7) ) )
|
|
#define UAS_ISBITOFF(map, id) !UAS_ISBITON((map), (id))
|
|
|
|
// Conversion from perm ptr back to the access ptr
|
|
#define UAS_GETACCHDR(perm, len) (LPUAS_ACCESS) ((LPBYTE)(perm) \
|
|
- WORDALIGN(len) \
|
|
- sizeof(UAS_ACCESS) + 1)
|
|
|
|
// Test if every user's record is cached
|
|
#define UAS_ALLUSERCACHED (Ucb->usercnt < Ucb->maxuser)
|
|
|
|
// Find the size of block needed to hold access record and perm entries
|
|
#define UAS_ACCRECSIZE(len, cnt) WORDALIGN(sizeof(UAS_ACCESS) - 1 \
|
|
+ (len) + sizeof(WORD) \
|
|
+ (cnt)* sizeof(PERM))
|
|
|
|
// The size of disk record needed to hold access record and perm entries
|
|
#define UAS_DISKACCRECSIZE(len, cnt) WORDALIGN(sizeof(UAS_ACCESSREC) - 1 \
|
|
+ (len) + sizeof (WORD) \
|
|
+ (cnt) * sizeof(UAS_PERM))
|
|
|
|
//
|
|
// Record structures in UAS Database (NET.ACC)
|
|
//
|
|
|
|
//
|
|
// Header block structure of NET.ACC
|
|
//
|
|
|
|
struct _UAS_AHDR { // typedef'ed above.
|
|
|
|
BYTE signature[WORDALIGN(sizeof(UAS_LMSIG))]; // LANMAN signature
|
|
WORD encryption_flag; // is database encrypted?
|
|
WORD min_passwd_len; // password length modal
|
|
DWORD min_passwd_age; // password age modal
|
|
DWORD max_passwd_age; // password age modal
|
|
DWORD force_logoff; // forced logoff modal
|
|
WORD passwd_hist_len; // password history modal
|
|
WORD max_bad_passwd; // max bad passwd try modal
|
|
WORD role; // role under SSI
|
|
UAS_INFO_0 local; // local database info
|
|
UAS_INFO_0 primary; // primary database info
|
|
BYTE DBIdInfo[UAS_DBIDINFO_SIZE]; // database identifier str
|
|
DWORD alist_mtime; // last update to ACL's
|
|
DWORD glist_mtime; // last upd to groups
|
|
DWORD ulist_mtime; // last upd to users
|
|
WORD num_users; // Total users in DB
|
|
DWORD free_list; // Head of free list
|
|
DWORD access_list; // Head of access list
|
|
WORD integrity_flag; // if FALSE, UAS is corrupt
|
|
|
|
};
|
|
|
|
|
|
#define UAS_INTEGRITY_OFFSET (sizeof(UAS_AHDR) - sizeof(WORD))
|
|
|
|
//
|
|
// Structure of a group record in UAS Database
|
|
//
|
|
|
|
struct _UAS_GROUP { // typedef'ed above.
|
|
|
|
BYTE name[LM20_GNLEN+1];
|
|
DWORD serial;
|
|
|
|
};
|
|
|
|
struct _UAS_GROUPREC { // typedef'ed above.
|
|
|
|
BYTE name[LM20_GNLEN+1];
|
|
BYTE comment[LM20_MAXCOMMENTSZ+1];
|
|
DWORD serial;
|
|
|
|
};
|
|
|
|
//
|
|
// Structure of a user record in UAS Database
|
|
//
|
|
// fields ending in _o are offsets from the start of the structure
|
|
// to ASCIIZ strings.
|
|
//
|
|
// WARNING: When updating this structure update the matching structure
|
|
// UAS_USERINFO. You may also have to update the UAS_MAX_USER_SIZE
|
|
// macro.
|
|
//
|
|
|
|
struct _UAS_USERREC { // typedef'ed above.
|
|
|
|
UAS_USER user;
|
|
BYTE name[LM20_UNLEN+1]; // user name
|
|
WORD size; // total size of user entry
|
|
BYTE passwd[ENCRYPTED_PWLEN]; // encrypted password
|
|
DWORD last; // last time passwd changed
|
|
WORD directory_o; // directory & logon script
|
|
WORD comment_o; // comment
|
|
WORD flags; // User flags
|
|
WORD script_o; // logon script name
|
|
WORD full_name_o;
|
|
WORD usr_comment_o;
|
|
WORD parms_o;
|
|
DWORD last_logon;
|
|
DWORD last_logoff;
|
|
DWORD max_storage;
|
|
DWORD acct_expires;
|
|
WORD bad_pw_count;
|
|
WORD num_logons;
|
|
BYTE logonhrs[UNITS_PER_WEEK/8];
|
|
WORD workstation_o;
|
|
BYTE old_passwds[DEF_MAX_PWHIST * ENCRYPTED_PWLEN];
|
|
WORD logon_server_o;
|
|
WORD country_code;
|
|
WORD code_page;
|
|
|
|
};
|
|
|
|
//
|
|
// Decompressed user record.
|
|
//
|
|
|
|
struct _UAS_USERINFO { // typedef'ed above.
|
|
|
|
UAS_USER user;
|
|
BYTE name[LM20_UNLEN+1]; // user name
|
|
BYTE passwd[ENCRYPTED_PWLEN]; // encrypted password
|
|
DWORD last; // last time passwd changed
|
|
BYTE directory[LM20_PATHLEN+1]; // directory & logon script
|
|
BYTE comment[LM20_MAXCOMMENTSZ+1]; // comment
|
|
WORD flags; // User flags
|
|
BYTE script[LM20_PATHLEN+1]; // logon script name
|
|
BYTE full_name[LM20_MAXCOMMENTSZ+1];
|
|
BYTE usr_comment[MAXCOMMENTSZ+1];
|
|
BYTE parms[MAXCOMMENTSZ+1];
|
|
DWORD last_logon;
|
|
DWORD last_logoff;
|
|
DWORD max_storage;
|
|
DWORD acct_expires;
|
|
WORD bad_pw_count;
|
|
WORD num_logons;
|
|
BYTE logonhrs[UNITS_PER_WEEK/8];
|
|
BYTE workstation[MAXWORKSTATIONS * (LM20_CNLEN+1)];
|
|
BYTE old_passwds[DEF_MAX_PWHIST * ENCRYPTED_PWLEN];
|
|
BYTE logon_server[LM20_UNCLEN+1];
|
|
WORD country_code;
|
|
WORD code_page;
|
|
|
|
};
|
|
|
|
#define UAS_URECSIZE UAS_MAX_USER_SIZE
|
|
#define UAS_GRECSIZE sizeof(UAS_GROUPREC)
|
|
|
|
|
|
typedef struct _UAS_DISK_OBJ_HDR {
|
|
|
|
BYTE do_type;
|
|
BYTE do_numblocks;
|
|
DWORD do_next;
|
|
DWORD do_prev;
|
|
|
|
} UAS_DISK_OBJ_HDR, *LPUAS_DISK_OBJ_HDR;
|
|
|
|
#define UAS_NEXT_OFFSET (2 * sizeof(BYTE))
|
|
#define UAS_PREV_OFFSET (2 * sizeof(BYTE) + sizeof(DWORD))
|
|
|
|
#define UAS_FREE_OBJECT_ID 0
|
|
#define UAS_USER_OBJECT_ID 1
|
|
#define UAS_ACCESS_OBJECT_ID 2
|
|
|
|
typedef struct _UAS_USER_OBJECT {
|
|
|
|
UAS_DISK_OBJ_HDR uo_header;
|
|
UAS_USERREC uo_record;
|
|
BYTE uo_data[1]; // Variable size
|
|
|
|
} UAS_USER_OBJECT, *LPUAS_USER_OBJECT;
|
|
|
|
//
|
|
// User hash table entry in memory
|
|
//
|
|
|
|
typedef struct _UAS_USERHASH {
|
|
|
|
DWORD uh_disk;
|
|
WORD uh_cache;
|
|
DWORD uh_serial;
|
|
|
|
} UAS_USERHASH, *LPUAS_USERHASH;
|
|
|
|
//
|
|
// User hash table entry on disk
|
|
//
|
|
|
|
struct _UAS_DISKUSERHASH { // typedef'ed above.
|
|
|
|
DWORD dh_disk;
|
|
DWORD dh_serial;
|
|
|
|
};
|
|
|
|
//
|
|
// Permission data
|
|
//
|
|
|
|
struct _UAS_PERM { // typedef'ed above.
|
|
|
|
WORD uid; // bit 15: 0 = uid, 1 = gid
|
|
DWORD serial;
|
|
BYTE access;
|
|
BYTE pad; // word align this puppy
|
|
|
|
};
|
|
|
|
//
|
|
// Access Record structure in Database (NET.ACC)
|
|
//
|
|
|
|
struct _UAS_ACCESSREC { // typedef'ed above.
|
|
|
|
WORD attr; // audit attribute
|
|
WORD recsize;
|
|
WORD namelen;
|
|
BYTE resource[1];
|
|
|
|
};
|
|
|
|
//
|
|
// Internal access record structure in memory
|
|
//
|
|
|
|
struct _UAS_ACCESS { // typedef'ed above.
|
|
|
|
LPUAS_ACCESS next;
|
|
DWORD position;
|
|
WORD attr;
|
|
WORD recsize;
|
|
WORD namelen;
|
|
BYTE resource[1];
|
|
|
|
};
|
|
|
|
//
|
|
// followed by variable number of permission entry
|
|
//
|
|
|
|
struct _UAS_VPERM { // typedef'ed above.
|
|
|
|
WORD permcnt;
|
|
UAS_PERM perm[1];
|
|
|
|
};
|
|
|
|
// Size (in bytes) of a variable size ACL
|
|
|
|
#define UAS_ACL_RECORD_SIZE(acl,namelen,permcnt) \
|
|
(((sizeof(UAS_ACCESSREC) + namelen \
|
|
+ sizeof (UAS_VPERM) \
|
|
+ sizeof (UAS_PERM) * (permcnt - 1)) + 1) & ~1)
|
|
|
|
typedef struct _UAS_ACCESS_OBJECT {
|
|
|
|
UAS_DISK_OBJ_HDR ao_header; // Fixed length header
|
|
UAS_ACCESSREC ao_record; // Variable length
|
|
UAS_VPERM ao_data; // Variable length
|
|
|
|
} UAS_ACCESS_OBJECT, *LPUAS_ACCESS_OBJECT;
|
|
|
|
#include <packoff.h>
|
|
|
|
|
|
#endif // _PERMIT_
|