ReactOS 0.4.15-dev-8058-ga7cbb60
client.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS Kernel
3 * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4 * PURPOSE: Security client support routines
5 * COPYRIGHT: Copyright Alex Ionescu <alex@relsoft.net>
6 */
7
8/* INCLUDES *******************************************************************/
9
10#include <ntoskrnl.h>
11#define NDEBUG
12#include <debug.h>
13
14/* PRIVATE FUNCTIONS **********************************************************/
15
51NTSTATUS
52NTAPI
53SepCreateClientSecurity(
54 _In_ PACCESS_TOKEN Token,
55 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
56 _In_ BOOLEAN ServerIsRemote,
57 _In_ TOKEN_TYPE TokenType,
58 _In_ BOOLEAN ThreadEffectiveOnly,
59 _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
60 _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
61{
62 NTSTATUS Status;
63 PACCESS_TOKEN NewToken;
64 PAGED_CODE();
65
66 /* Check for bogus impersonation level */
67 if (!VALID_IMPERSONATION_LEVEL(ClientSecurityQos->ImpersonationLevel))
68 {
69 /* Fail the call */
70 return STATUS_INVALID_PARAMETER;
71 }
72
73 /* Check what kind of token this is */
74 if (TokenType != TokenImpersonation)
75 {
76 /* On a primary token, if we do direct access, copy the flag from the QOS */
77 ClientContext->DirectAccessEffectiveOnly = ClientSecurityQos->EffectiveOnly;
78 }
79 else
80 {
81 /* This is an impersonation token, is the level ok? */
82 if (ClientSecurityQos->ImpersonationLevel > ImpersonationLevel)
83 {
84 /* Nope, fail */
85 return STATUS_BAD_IMPERSONATION_LEVEL;
86 }
87
88 /* Is the level too low, or are we doing something other than delegation remotely */
89 if ((ImpersonationLevel == SecurityAnonymous) ||
90 (ImpersonationLevel == SecurityIdentification) ||
91 ((ServerIsRemote) && (ImpersonationLevel != SecurityDelegation)))
92 {
93 /* Fail the call */
94 return STATUS_BAD_IMPERSONATION_LEVEL;
95 }
96
97 /* Pick either the thread setting or the QOS setting */
98 ClientContext->DirectAccessEffectiveOnly =
99 ((ThreadEffectiveOnly) || (ClientSecurityQos->EffectiveOnly)) ? TRUE : FALSE;
100 }
101
102 /* Is this static tracking */
103 if (ClientSecurityQos->ContextTrackingMode == SECURITY_STATIC_TRACKING)
104 {
105 /* Do not use direct access and make a copy */
106 ClientContext->DirectlyAccessClientToken = FALSE;
107 Status = SeCopyClientToken(Token,
108 ClientSecurityQos->ImpersonationLevel,
109 KernelMode,
110 &NewToken);
111 if (!NT_SUCCESS(Status))
112 return Status;
113 }
114 else
115 {
116 /* Use direct access and check if this is local */
117 ClientContext->DirectlyAccessClientToken = TRUE;
118 if (ServerIsRemote)
119 {
120 /* We are doing delegation, so make a copy of the control data */
121 SeGetTokenControlInformation(Token,
122 &ClientContext->ClientTokenControl);
123 }
124
125 /* Keep the same token */
126 NewToken = Token;
127 }
128
129 /* Fill out the context and return success */
130 ClientContext->SecurityQos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
131 ClientContext->SecurityQos.ImpersonationLevel = ClientSecurityQos->ImpersonationLevel;
132 ClientContext->SecurityQos.ContextTrackingMode = ClientSecurityQos->ContextTrackingMode;
133 ClientContext->SecurityQos.EffectiveOnly = ClientSecurityQos->EffectiveOnly;
134 ClientContext->ServerIsRemote = ServerIsRemote;
135 ClientContext->ClientToken = NewToken;
136 return STATUS_SUCCESS;
137}
138
139/* PUBLIC FUNCTIONS ***********************************************************/
140
160NTSTATUS
161NTAPI
162SeCreateClientSecurity(
163 _In_ PETHREAD Thread,
164 _In_ PSECURITY_QUALITY_OF_SERVICE Qos,
165 _In_ BOOLEAN RemoteClient,
166 _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
167{
168 TOKEN_TYPE TokenType;
169 BOOLEAN ThreadEffectiveOnly;
170 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
171 PACCESS_TOKEN Token;
172 NTSTATUS Status;
173 PAGED_CODE();
174
175 /* Reference the correct token */
176 Token = PsReferenceEffectiveToken(Thread,
177 &TokenType,
178 &ThreadEffectiveOnly,
179 &ImpersonationLevel);
180
181 /* Create client security from it */
182 Status = SepCreateClientSecurity(Token,
183 Qos,
184 RemoteClient,
185 TokenType,
186 ThreadEffectiveOnly,
187 ImpersonationLevel,
188 ClientContext);
189
190 /* Check if we failed or static tracking was used */
191 if (!(NT_SUCCESS(Status)) || (Qos->ContextTrackingMode == SECURITY_STATIC_TRACKING))
192 {
193 /* Dereference our copy since it's not being used */
194 ObDereferenceObject(Token);
195 }
196
197 /* Return status */
198 return Status;
199}
200
222NTSTATUS
223NTAPI
224SeCreateClientSecurityFromSubjectContext(
225 _In_ PSECURITY_SUBJECT_CONTEXT SubjectContext,
226 _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos,
227 _In_ BOOLEAN ServerIsRemote,
228 _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
229{
230 PACCESS_TOKEN Token;
231 NTSTATUS Status;
232 PAGED_CODE();
233
234 /* Get the right token and reference it */
235 Token = SeQuerySubjectContextToken(SubjectContext);
236 ObReferenceObject(Token);
237
238 /* Create the context */
239 Status = SepCreateClientSecurity(Token,
240 ClientSecurityQos,
241 ServerIsRemote,
242 SubjectContext->ClientToken ?
243 TokenImpersonation : TokenPrimary,
244 FALSE,
245 SubjectContext->ImpersonationLevel,
246 ClientContext);
247
248 /* Check if we failed or static tracking was used */
249 if (!(NT_SUCCESS(Status)) ||
250 (ClientSecurityQos->ContextTrackingMode == SECURITY_STATIC_TRACKING))
251 {
252 /* Dereference our copy since it's not being used */
253 ObDereferenceObject(Token);
254 }
255
256 /* Return status */
257 return Status;
258}
259
274NTSTATUS
275NTAPI
276SeImpersonateClientEx(
277 _In_ PSECURITY_CLIENT_CONTEXT ClientContext,
278 _In_opt_ PETHREAD ServerThread)
279{
280 BOOLEAN EffectiveOnly;
281 PAGED_CODE();
282
283 /* Check if direct access is requested */
284 if (!ClientContext->DirectlyAccessClientToken)
285 {
286 /* No, so get the flag from QOS */
287 EffectiveOnly = ClientContext->SecurityQos.EffectiveOnly;
288 }
289 else
290 {
291 /* Yes, so see if direct access should be effective only */
292 EffectiveOnly = ClientContext->DirectAccessEffectiveOnly;
293 }
294
295 /* Use the current thread if one was not passed */
296 if (!ServerThread) ServerThread = PsGetCurrentThread();
297
298 /* Call the lower layer routine */
299 return PsImpersonateClient(ServerThread,
300 ClientContext->ClientToken,
301 TRUE,
302 EffectiveOnly,
303 ClientContext->SecurityQos.ImpersonationLevel);
304}
305
319VOID
320NTAPI
321SeImpersonateClient(
322 _In_ PSECURITY_CLIENT_CONTEXT ClientContext,
323 _In_opt_ PETHREAD ServerThread)
324{
325 PAGED_CODE();
326
327 /* Call the new API */
328 SeImpersonateClientEx(ClientContext, ServerThread);
329}
330
331/* EOF */
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_EvalMethod.c:87
ServerThread
UINT CALLBACK ServerThread(_Inout_ PVOID Parameter)
Definition: NtAcceptConnectPort.c:33
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
TOKEN_TYPE
TOKEN_TYPE
Definition: asmpp.cpp:29
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PsGetCurrentThread
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
SubjectContext
_Inout_ PLIST_ENTRY _In_ PVOID _In_ PSTRING _In_ BOOLEAN _In_ BOOLEAN _In_ ULONG _In_ PFLT_CALLBACK_DATA _In_opt_ PCHECK_FOR_TRAVERSE_ACCESS _In_opt_ PSECURITY_SUBJECT_CONTEXT SubjectContext
Definition: fltkernel.h:2246
Status
Status
Definition: gdiplustypes.h:25
SECURITY_IMPERSONATION_LEVEL
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
SecurityAnonymous
@ SecurityAnonymous
Definition: lsa.idl:55
SecurityDelegation
@ SecurityDelegation
Definition: lsa.idl:58
SecurityIdentification
@ SecurityIdentification
Definition: lsa.idl:56
SECURITY_QUALITY_OF_SERVICE
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
TokenImpersonation
@ TokenImpersonation
Definition: imports.h:274
TokenPrimary
@ TokenPrimary
Definition: imports.h:273
_Out_
#define _Out_
Definition: ms_sal.h:345
_In_
#define _In_
Definition: ms_sal.h:308
_In_opt_
#define _In_opt_
Definition: ms_sal.h:309
KernelMode
#define KernelMode
Definition: asm.h:34
EffectiveOnly
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN EffectiveOnly
Definition: sefuncs.h:410
TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:411
ClientContext
_In_ PVOID ClientContext
Definition: netioddk.h:55
SeCopyClientToken
NTSTATUS NTAPI SeCopyClientToken(_In_ PACCESS_TOKEN Token, _In_ SECURITY_IMPERSONATION_LEVEL Level, _In_ KPROCESSOR_MODE PreviousMode, _Out_ PACCESS_TOKEN *NewToken)
Copies an existing access token (technically duplicating a new one).
Definition: token.c:1542
SeGetTokenControlInformation
VOID NTAPI SeGetTokenControlInformation(_In_ PACCESS_TOKEN _Token, _Out_ PTOKEN_CONTROL TokenControl)
Retrieves token control information.
Definition: token.c:1720
PsImpersonateClient
NTSTATUS NTAPI PsImpersonateClient(IN PETHREAD Thread, IN PACCESS_TOKEN Token, IN BOOLEAN CopyOnOpen, IN BOOLEAN EffectiveOnly, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:610
SepCreateClientSecurity
NTSTATUS NTAPI SepCreateClientSecurity(_In_ PACCESS_TOKEN Token, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN ServerIsRemote, _In_ TOKEN_TYPE TokenType, _In_ BOOLEAN ThreadEffectiveOnly, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
Creates a client security context based upon an access token.
Definition: client.c:53
SeImpersonateClient
VOID NTAPI SeImpersonateClient(_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
Impersonates a client user.
Definition: client.c:321
SeCreateClientSecurity
NTSTATUS NTAPI SeCreateClientSecurity(_In_ PETHREAD Thread, _In_ PSECURITY_QUALITY_OF_SERVICE Qos, _In_ BOOLEAN RemoteClient, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
Creates a client security context.
Definition: client.c:162
SeCreateClientSecurityFromSubjectContext
NTSTATUS NTAPI SeCreateClientSecurityFromSubjectContext(_In_ PSECURITY_SUBJECT_CONTEXT SubjectContext, _In_ PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, _In_ BOOLEAN ServerIsRemote, _Out_ PSECURITY_CLIENT_CONTEXT ClientContext)
Creates a client security context based upon the captured security subject context.
Definition: client.c:224
SeImpersonateClientEx
NTSTATUS NTAPI SeImpersonateClientEx(_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
Extended function that impersonates a client.
Definition: client.c:276
STATUS_BAD_IMPERSONATION_LEVEL
#define STATUS_BAD_IMPERSONATION_LEVEL
Definition: ntstatus.h:401
PsReferenceEffectiveToken
PACCESS_TOKEN NTAPI PsReferenceEffectiveToken(IN PETHREAD Thread, OUT IN PTOKEN_TYPE TokenType, OUT PBOOLEAN EffectiveOnly, OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:802
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_ETHREAD
Definition: pstypes.h:1102
_SECURITY_CLIENT_CONTEXT
Definition: imports.h:289
_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63
_SECURITY_SUBJECT_CONTEXT
Definition: setypes.h:217
NTAPI
#define NTAPI
Definition: typedefs.h:36
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
ObDereferenceObject
#define ObDereferenceObject
Definition: obfuncs.h:203
ObReferenceObject
#define ObReferenceObject
Definition: obfuncs.h:204
ImpersonationLevel
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:156
SeQuerySubjectContextToken
#define SeQuerySubjectContextToken(SubjectContext)
Definition: sefuncs.h:583
SECURITY_STATIC_TRACKING
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
VALID_IMPERSONATION_LEVEL
#define VALID_IMPERSONATION_LEVEL(Level)
Definition: setypes.h:101