ReactOS 0.4.16-dev-1946-g52006dd
Macros | Functions
secursup.c File Reference
#include "npfs.h"
Include dependency graph for secursup.c:

Go to the source code of this file.

Macros

#define NPFS_BUGCHECK_FILE_ID   (NPFS_BUGCHECK_SECURSUP)
 

Functions

NTSTATUS NTAPI NpImpersonateClientContext (IN PNP_CCB Ccb)
 
VOID NTAPI NpFreeClientSecurityContext (IN PSECURITY_CLIENT_CONTEXT ClientContext)
 
VOID NTAPI NpCopyClientContext (IN PNP_CCB Ccb, IN PNP_DATA_QUEUE_ENTRY DataQueueEntry)
 
VOID NTAPI NpUninitializeSecurity (IN PNP_CCB Ccb)
 
NTSTATUS NTAPI NpInitializeSecurity (IN PNP_CCB Ccb, IN PSECURITY_QUALITY_OF_SERVICE SecurityQos, IN PETHREAD Thread)
 
NTSTATUS NTAPI NpGetClientSecurityContext (IN ULONG NamedPipeEnd, IN PNP_CCB Ccb, IN PETHREAD Thread, IN PSECURITY_CLIENT_CONTEXT *Context)
 

Macro Definition Documentation

◆ NPFS_BUGCHECK_FILE_ID

#define NPFS_BUGCHECK_FILE_ID   (NPFS_BUGCHECK_SECURSUP)

Definition at line 14 of file secursup.c.

Function Documentation

◆ NpCopyClientContext()

VOID NTAPI NpCopyClientContext ( IN PNP_CCB  Ccb,
IN PNP_DATA_QUEUE_ENTRY  DataQueueEntry 
)

Definition at line 58 of file secursup.c.

60{
61 PAGED_CODE();
62
63 if (!DataQueueEntry->ClientSecurityContext) return;
64
65 NpFreeClientSecurityContext(Ccb->ClientContext);
66 Ccb->ClientContext = DataQueueEntry->ClientSecurityContext;
67 DataQueueEntry->ClientSecurityContext = NULL;
68}
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_EvalMethod.c:87
Ccb
_Inout_ PFILE_OBJECT _In_ TYPE_OF_OPEN PFCB _In_opt_ PCCB Ccb
Definition: cdprocs.h:592
NULL
#define NULL
Definition: types.h:112
NpFreeClientSecurityContext
VOID NTAPI NpFreeClientSecurityContext(IN PSECURITY_CLIENT_CONTEXT ClientContext)
Definition: secursup.c:40

Referenced by NpReadDataQueue().

◆ NpFreeClientSecurityContext()

VOID NTAPI NpFreeClientSecurityContext ( IN PSECURITY_CLIENT_CONTEXT  ClientContext)

Definition at line 40 of file secursup.c.

41{
42 TOKEN_TYPE TokenType;
43 PVOID ClientToken;
44
45 if (!ClientContext) return;
46
47 TokenType = SeTokenType(ClientContext->ClientToken);
48 ClientToken = ClientContext->ClientToken;
49 if ((TokenType == TokenPrimary) || (ClientToken))
50 {
51 ObDereferenceObject(ClientToken);
52 }
53 ExFreePool(ClientContext);
54}
TOKEN_TYPE
TOKEN_TYPE
Definition: asmpp.cpp:29
ExFreePool
#define ExFreePool(addr)
Definition: env_spec_w32.h:352
TokenPrimary
@ TokenPrimary
Definition: imports.h:273
SeTokenType
NTKERNELAPI TOKEN_TYPE NTAPI SeTokenType(IN PACCESS_TOKEN Token)
TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:411
ClientContext
_In_ PVOID ClientContext
Definition: netioddk.h:55
ObDereferenceObject
#define ObDereferenceObject
Definition: obfuncs.h:203

Referenced by NpAddDataQueueEntry(), NpCancelDataQueueIrp(), NpCopyClientContext(), NpRemoveDataQueueEntry(), NpUninitializeSecurity(), and NpWriteDataQueue().

◆ NpGetClientSecurityContext()

NTSTATUS NTAPI NpGetClientSecurityContext ( IN ULONG  NamedPipeEnd,
IN PNP_CCB  Ccb,
IN PETHREAD  Thread,
IN PSECURITY_CLIENT_CONTEXT Context 
)

Definition at line 129 of file secursup.c.

133{
134 PSECURITY_CLIENT_CONTEXT NewContext;
135 NTSTATUS Status;
136 PAGED_CODE();
137
138 if (NamedPipeEnd == FILE_PIPE_SERVER_END || Ccb->ClientQos.ContextTrackingMode != SECURITY_DYNAMIC_TRACKING)
139 {
140 NewContext = NULL;
141 Status = STATUS_SUCCESS;
142 }
143 else
144 {
145 NewContext = ExAllocatePoolWithQuotaTag(PagedPool | POOL_QUOTA_FAIL_INSTEAD_OF_RAISE,
146 sizeof(*NewContext),
147 NPFS_CLIENT_SEC_CTX_TAG);
148 if (!NewContext) return STATUS_INSUFFICIENT_RESOURCES;
149
150 Status = SeCreateClientSecurity(Thread, &Ccb->ClientQos, 0, NewContext);
151 if (!NT_SUCCESS(Status))
152 {
153 ExFreePool(NewContext);
154 NewContext = NULL;
155 }
156 }
157 *Context = NewContext;
158 return Status;
159}
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
NPFS_CLIENT_SEC_CTX_TAG
#define NPFS_CLIENT_SEC_CTX_TAG
Definition: npfs.h:62
PagedPool
#define PagedPool
Definition: env_spec_w32.h:308
NewContext
_In_ FLT_SET_CONTEXT_OPERATION _In_ PFLT_CONTEXT NewContext
Definition: fltkernel.h:1468
Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
Status
Status
Definition: gdiplustypes.h:25
SeCreateClientSecurity
NTKERNELAPI NTSTATUS NTAPI SeCreateClientSecurity(IN PETHREAD Thread, IN PSECURITY_QUALITY_OF_SERVICE QualityOfService, IN BOOLEAN RemoteClient, OUT PSECURITY_CLIENT_CONTEXT ClientContext)
FILE_PIPE_SERVER_END
#define FILE_PIPE_SERVER_END
Definition: iotypes.h:85
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_SECURITY_CLIENT_CONTEXT
Definition: imports.h:289
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
ExAllocatePoolWithQuotaTag
#define ExAllocatePoolWithQuotaTag(a, b, c)
Definition: exfuncs.h:530
POOL_QUOTA_FAIL_INSTEAD_OF_RAISE
#define POOL_QUOTA_FAIL_INSTEAD_OF_RAISE
SECURITY_DYNAMIC_TRACKING
#define SECURITY_DYNAMIC_TRACKING
Definition: setypes.h:103

Referenced by NpAddDataQueueEntry(), and NpWriteDataQueue().

◆ NpImpersonateClientContext()

NTSTATUS NTAPI NpImpersonateClientContext ( IN PNP_CCB  Ccb)

Definition at line 20 of file secursup.c.

21{
22 NTSTATUS Status;
23 PSECURITY_CLIENT_CONTEXT ClientContext;
24 PAGED_CODE();
25
26 ClientContext = Ccb->ClientContext;
27 if (ClientContext)
28 {
29 Status = SeImpersonateClientEx(ClientContext, NULL);
30 }
31 else
32 {
33 Status = STATUS_CANNOT_IMPERSONATE;
34 }
35 return Status;
36}
SeImpersonateClientEx
NTSTATUS NTAPI SeImpersonateClientEx(_In_ PSECURITY_CLIENT_CONTEXT ClientContext, _In_opt_ PETHREAD ServerThread)
Extended function that impersonates a client.
Definition: client.c:276
STATUS_CANNOT_IMPERSONATE
#define STATUS_CANNOT_IMPERSONATE
Definition: ntstatus.h:599

Referenced by NpImpersonate().

◆ NpInitializeSecurity()

NTSTATUS NTAPI NpInitializeSecurity ( IN PNP_CCB  Ccb,
IN PSECURITY_QUALITY_OF_SERVICE  SecurityQos,
IN PETHREAD  Thread 
)

Definition at line 82 of file secursup.c.

85{
86 PSECURITY_CLIENT_CONTEXT ClientContext;
87 NTSTATUS Status;
88 PAGED_CODE();
89
90 if (SecurityQos)
91 {
92 Ccb->ClientQos = *SecurityQos;
93 }
94 else
95 {
96 Ccb->ClientQos.Length = sizeof(Ccb->ClientQos);
97 Ccb->ClientQos.ImpersonationLevel = SecurityImpersonation;
98 Ccb->ClientQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
99 Ccb->ClientQos.EffectiveOnly = TRUE;
100 }
101
102 NpUninitializeSecurity(Ccb);
103
104 if (Ccb->ClientQos.ContextTrackingMode == SECURITY_DYNAMIC_TRACKING)
105 {
106 Status = STATUS_SUCCESS;
107 Ccb->ClientContext = NULL;
108 return Status;
109 }
110
111 ClientContext = ExAllocatePoolWithQuotaTag(PagedPool | POOL_QUOTA_FAIL_INSTEAD_OF_RAISE,
112 sizeof(*ClientContext),
113 NPFS_CLIENT_SEC_CTX_TAG);
114 Ccb->ClientContext = ClientContext;
115 if (!ClientContext) return STATUS_INSUFFICIENT_RESOURCES;
116
117 Status = SeCreateClientSecurity(Thread, &Ccb->ClientQos, 0, ClientContext);
118 if (!NT_SUCCESS(Status))
119 {
120 ExFreePool(Ccb->ClientContext);
121 Ccb->ClientContext = NULL;
122 }
123
124 return Status;
125}
TRUE
#define TRUE
Definition: types.h:120
SecurityImpersonation
@ SecurityImpersonation
Definition: lsa.idl:57
NpUninitializeSecurity
VOID NTAPI NpUninitializeSecurity(IN PNP_CCB Ccb)
Definition: secursup.c:72

Referenced by NpCreateClientEnd().

◆ NpUninitializeSecurity()

VOID NTAPI NpUninitializeSecurity ( IN PNP_CCB  Ccb)

Definition at line 72 of file secursup.c.

73{
74 PAGED_CODE();
75
76 NpFreeClientSecurityContext(Ccb->ClientContext);
77 Ccb->ClientContext = NULL;
78}

Referenced by NpCreateClientEnd(), NpDeleteCcb(), NpDisconnect(), NpInitializeSecurity(), NpListen(), NpSetClosingPipeState(), and NpSetDisconnectedPipeState().