d5/d97/base_2services_2rpcss_2setup_8c_source.html

 /*
  * PROJECT:     ReactOS RPC Subsystem Service
  * LICENSE:     GPL-2.0+ (https://spdx.org/licenses/GPL-2.0+)
  * PURPOSE:     One-time service setup configuration.
  * COPYRIGHT:   Copyright 2018 Hermes Belusca-Maito
  */

 /* INCLUDES *****************************************************************/

 /* PSDK/NDK Headers */
 #define WIN32_NO_STATUS
 #include <windef.h>
 #include <winbase.h>
 #include <winreg.h>
 #include <winsvc.h>

 #include <ndk/rtlfuncs.h>
 #include <ntsecapi.h>

 #include "wine/debug.h"

 WINE_DEFAULT_DEBUG_CHANNEL(rpcss);

 /* FUNCTIONS ****************************************************************/

 static BOOL
 SetupIsActive(VOID)
 {
     LONG lResult;
     HKEY hKey;
     DWORD dwData = 0;
     DWORD cbData = sizeof(dwData);
     DWORD dwType = REG_NONE;

     lResult = RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"SYSTEM\\Setup", 0, KEY_QUERY_VALUE, &hKey);
     if (lResult != ERROR_SUCCESS)
         return FALSE;

     lResult = RegQueryValueExW(hKey, L"SystemSetupInProgress", NULL,
                                &dwType, (LPBYTE)&dwData, &cbData);
     RegCloseKey(hKey);

     if ((lResult == ERROR_SUCCESS) && (dwType == REG_DWORD) &&
         (cbData == sizeof(dwData)) && (dwData == 1))
     {
         return TRUE;
     }

     return FALSE;
 }

 static BOOL
 RunningAsSYSTEM(VOID)
 {
     /* S-1-5-18 -- Local System */
     static SID SystemSid = { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SYSTEM_RID } };

     BOOL bRet = FALSE;
     PTOKEN_USER pTokenUser;
     HANDLE hToken;
     DWORD cbTokenBuffer = 0;

     /* Get the process token */
     if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
         return FALSE;

     /* Retrieve token's information */
     if (!GetTokenInformation(hToken, TokenUser, NULL, 0, &cbTokenBuffer) &&
         GetLastError() != ERROR_INSUFFICIENT_BUFFER)
     {
         goto Quit;
     }

     pTokenUser = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, cbTokenBuffer);
     if (!pTokenUser)
         goto Quit;

     if (GetTokenInformation(hToken, TokenUser, pTokenUser, cbTokenBuffer, &cbTokenBuffer))
     {
         /* Compare with SYSTEM SID */
         bRet = EqualSid(pTokenUser->User.Sid, &SystemSid);
     }

     HeapFree(GetProcessHeap(), 0, pTokenUser);

 Quit:
     CloseHandle(hToken);
     return bRet;
 }

 static VOID
 RpcSsConfigureAsNetworkService(VOID)
 {
     SC_HANDLE hSCManager, hService;

     /* Open the service controller */
     hSCManager = OpenSCManagerW(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_CONNECT);
     if (!hSCManager)
     {
         ERR("OpenSCManager() failed with error 0x%lx\n", GetLastError());
         return;
     }

     /* Open the RPCSS service */
     hService = OpenServiceW(hSCManager, L"RPCSS", SERVICE_CHANGE_CONFIG);
     if (!hService)
         ERR("OpenService(\"RPCSS\") failed with error 0x%lx\n", GetLastError());
     if (hService)
     {
         /* Use the NetworkService account */
         if (!ChangeServiceConfigW(hService,
                                   SERVICE_NO_CHANGE,
                                   SERVICE_NO_CHANGE,
                                   SERVICE_NO_CHANGE,
                                   NULL,
                                   NULL,
                                   NULL,
                                   NULL,
                                   L"NT AUTHORITY\\NetworkService",
                                   L"",
                                   NULL))
         {
             ERR("ChangeServiceConfig(\"RPCSS\") failed with error 0x%lx\n", GetLastError());
         }

         CloseServiceHandle(hService);
     }

     CloseServiceHandle(hSCManager);
 }

 static VOID
 AddImpersonatePrivilege(VOID)
 {
     /* S-1-5-6 -- "Service" group */
     static SID ServiceSid = { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_SERVICE_RID } };

     NTSTATUS Status;
     LSA_HANDLE PolicyHandle;
     LSA_OBJECT_ATTRIBUTES ObjectAttributes;
     LSA_UNICODE_STRING RightString;

     ZeroMemory(&ObjectAttributes, sizeof(ObjectAttributes));
     Status = LsaOpenPolicy(NULL, &ObjectAttributes,
                            POLICY_CREATE_ACCOUNT | POLICY_LOOKUP_NAMES,
                            &PolicyHandle);
     if (!NT_SUCCESS(Status))
     {
         ERR("LsaOpenPolicy() failed with Status 0x%08lx\n", Status);
         return;
     }

     RtlInitUnicodeString(&RightString, L"SeImpersonatePrivilege");
     Status = LsaAddAccountRights(PolicyHandle, &ServiceSid, &RightString, 1);
     if (!NT_SUCCESS(Status))
     {
         ERR("LsaAddAccountRights(\"S-1-5-6\", \"%wZ\") failed with Status 0x%08lx\n", Status, &RightString);
     }

     LsaClose(PolicyHandle);
 }

 VOID DoRpcSsSetupConfiguration(VOID)
 {
     /*
      * On first run during the setup phase, the RPCSS service runs under
      * the LocalSystem account. RPCSS then re-configures itself to run
      * under the NetworkService account and adds the Impersonate privilege
      * to the "Service" group.
      * This is done in this way, because the NetworkService account does not
      * initially exist when the setup phase is running and the RPCSS service
      * is started, but this account is created later during the setup phase.
      */
     if (SetupIsActive() && RunningAsSYSTEM())
     {
         RpcSsConfigureAsNetworkService();
         AddImpersonatePrivilege();
     }
 }
TokenUser
Definition: setypes.h:912

ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35

SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:546

TRUE
#define TRUE
Definition: types.h:120

CloseHandle
#define CloseHandle
Definition: compat.h:406

_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:478

ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10

_SID
Definition: ms-dtyp.idl:198

SC_MANAGER_CONNECT
#define SC_MANAGER_CONNECT
Definition: winsvc.h:14

winsvc.h

SERVICES_ACTIVE_DATABASE
#define SERVICES_ACTIVE_DATABASE
Definition: winsvc.h:564

debug.h

EqualSid
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
Definition: security.c:708

winbase.h

SID_REVISION
#define SID_REVISION
Definition: setypes.h:453

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

RpcSsConfigureAsNetworkService
static VOID RpcSsConfigureAsNetworkService(VOID)
Definition: setup.c:92

LsaClose
NTSTATUS WINAPI LsaClose(IN LSA_HANDLE ObjectHandle)
Definition: lsa.c:192

dwData
static HANDLE ULONG_PTR dwData
Definition: file.c:35

GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059

ZeroMemory
#define ZeroMemory
Definition: winbase.h:1642

AddImpersonatePrivilege
static VOID AddImpersonatePrivilege(VOID)
Definition: setup.c:133

_LSA_OBJECT_ATTRIBUTES
Definition: ntsecapi.h:177

SERVICE_NO_CHANGE
#define SERVICE_NO_CHANGE
Definition: winsvc.h:20

LsaOpenPolicy
NTSTATUS WINAPI LsaOpenPolicy(IN PLSA_UNICODE_STRING SystemName OPTIONAL, IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes, IN ACCESS_MASK DesiredAccess, OUT PLSA_HANDLE PolicyHandle)
Definition: lsa.c:1181

RegCloseKey
LONG WINAPI RegCloseKey(HKEY hKey)
Definition: reg.c:423

LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:52

rtlfuncs.h

BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94

_LSA_UNICODE_STRING
Definition: ntsecapi.h:162

LONG
long LONG
Definition: pedump.c:60

FALSE
Definition: jmorecfg.h:365

ChangeServiceConfigW
BOOL WINAPI ChangeServiceConfigW(SC_HANDLE hService, DWORD dwServiceType, DWORD dwStartType, DWORD dwErrorControl, LPCWSTR lpBinaryPathName, LPCWSTR lpLoadOrderGroup, LPDWORD lpdwTagId, LPCWSTR lpDependencies, LPCWSTR lpServiceStartName, LPCWSTR lpPassword, LPCWSTR lpDisplayName)
Definition: scm.c:480

OpenServiceW
SC_HANDLE WINAPI OpenServiceW(SC_HANDLE hSCManager, LPCWSTR lpServiceName, DWORD dwDesiredAccess)
Definition: scm.c:2103

CloseServiceHandle
BOOL WINAPI CloseServiceHandle(SC_HANDLE hSCObject)
Definition: scm.c:577

SetupIsActive
static BOOL SetupIsActive(VOID)
Definition: setup.c:27

NULL
smooth NULL
Definition: ftsmooth.c:416

ntsecapi.h

SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:526

DoRpcSsSetupConfiguration
VOID DoRpcSsSetupConfiguration(VOID)
Definition: setup.c:163

POLICY_LOOKUP_NAMES
#define POLICY_LOOKUP_NAMES
Definition: ntsecapi.h:72

RunningAsSYSTEM
static BOOL RunningAsSYSTEM(VOID)
Definition: setup.c:53

GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:403

HeapAlloc
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)

TOKEN_QUERY
#define TOKEN_QUERY
Definition: setypes.h:874

RegQueryValueExW
LONG WINAPI RegQueryValueExW(_In_ HKEY hkeyorg, _In_ LPCWSTR name, _In_ LPDWORD reserved, _In_ LPDWORD type, _In_ LPBYTE data, _In_ LPDWORD count)
Definition: reg.c:4116

NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32

GetCurrentProcess
HANDLE WINAPI GetCurrentProcess(VOID)
Definition: proc.c:1138

SERVICE_CHANGE_CONFIG
#define SERVICE_CHANGE_CONFIG
Definition: winsvc.h:54

DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95

_TOKEN_USER
Definition: setypes.h:955

windef.h

L
static const WCHAR L[]
Definition: oid.c:1250

OpenSCManagerW
SC_HANDLE WINAPI OpenSCManagerW(LPCWSTR lpMachineName, LPCWSTR lpDatabaseName, DWORD dwDesiredAccess)
Definition: scm.c:2011

WINE_DEFAULT_DEBUG_CHANNEL
WINE_DEFAULT_DEBUG_CHANNEL(rpcss)

hSCManager
SC_HANDLE hSCManager
Definition: sc.c:12

Status
Status
Definition: gdiplustypes.h:24

winreg.h

ERR
#define ERR(fmt,...)
Definition: debug.h:109

LsaAddAccountRights
NTSTATUS WINAPI LsaAddAccountRights(IN LSA_HANDLE PolicyHandle, IN PSID AccountSid, IN PLSA_UNICODE_STRING UserRights, IN ULONG CountOfRights)
Definition: lsa.c:103

KEY_QUERY_VALUE
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016

OpenProcessToken
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:296

HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:123

SECURITY_SERVICE_RID
#define SECURITY_SERVICE_RID
Definition: setypes.h:534

GetTokenInformation
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
Definition: security.c:413

RegOpenKeyExW
LONG WINAPI RegOpenKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
Definition: reg.c:3366

RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

_TOKEN_USER::User
SID_AND_ATTRIBUTES User
Definition: setypes.h:956

REG_NONE
#define REG_NONE
Definition: nt_native.h:1492

void
Definition: nsiface.idl:2306

POLICY_CREATE_ACCOUNT
#define POLICY_CREATE_ACCOUNT
Definition: ntsecapi.h:65

REG_DWORD
#define REG_DWORD
Definition: sdbapi.c:596

HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:402

HKEY_LOCAL_MACHINE
#define HKEY_LOCAL_MACHINE
Definition: winreg.h:12

ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10