ReactOS  0.4.15-dev-1177-g6cb3b62
resman.c
Go to the documentation of this file.
1 /*
2  * ReactOS Authorization Framework
3  * Copyright (C) 2005 - 2006 ReactOS Team
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Lesser General Public
7  * License as published by the Free Software Foundation; either
8  * version 2.1 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public
16  * License along with this library; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18  */
19 /*
20  * PROJECT: ReactOS Authorization Framework
21  * FILE: lib/authz/resman.c
22  * PURPOSE: Authorization Framework
23  * PROGRAMMER: Thomas Weidenmueller <w3seek@reactos.com>
24  *
25  * UPDATE HISTORY:
26  * 10/07/2005 Created
27  */
28 
29 #include "precomp.h"
30 
31 #define NDEBUG
32 #include <debug.h>
33 
34 static BOOL
36  IN HANDLE hToken)
37 {
38  TOKEN_USER User;
39  TOKEN_STATISTICS Statistics;
40  DWORD BufLen;
41  PSID UserSid = NULL;
42  BOOL Ret = FALSE;
43 
44  /* query information about the user */
45  BufLen = sizeof(User);
46  Ret = GetTokenInformation(hToken,
47  TokenUser,
48  &User,
49  BufLen,
50  &BufLen);
51  if (Ret)
52  {
53  BufLen = GetLengthSid(User.User.Sid);
54  if (BufLen != 0)
55  {
56  UserSid = (PSID)LocalAlloc(LMEM_FIXED,
57  BufLen);
58  if (UserSid != NULL)
59  {
60  CopyMemory(UserSid,
61  User.User.Sid,
62  BufLen);
63  }
64  else
65  Ret = FALSE;
66  }
67  else
68  Ret = FALSE;
69  }
70 
71  if (Ret)
72  {
73  /* query general information */
74  BufLen = sizeof(Statistics);
75  Ret = GetTokenInformation(hToken,
76  TokenUser,
77  &Statistics,
78  BufLen,
79  &BufLen);
80  }
81 
82  if (Ret)
83  {
84  ResMan->UserSid = UserSid;
85  ResMan->AuthenticationId = Statistics.AuthenticationId;
86  Ret = TRUE;
87  }
88  else
89  {
90  if (UserSid != NULL)
91  {
92  LocalFree((HLOCAL)UserSid);
93  }
94  }
95 
96  return Ret;
97 }
98 
99 static BOOL
101 {
102  HANDLE hToken;
103  BOOL Ret;
104 
106  TOKEN_QUERY,
107  TRUE,
108  &hToken);
109  if (Ret)
110  {
111  Ret = AuthzpQueryToken(ResMan,
112  hToken);
113  CloseHandle(hToken);
114  }
115 
116  return Ret;
117 }
118 
119 static BOOL
121 {
122  HANDLE hToken;
123  BOOL Ret;
124 
126  TOKEN_QUERY,
127  &hToken);
128  if (Ret)
129  {
130  Ret = AuthzpQueryToken(ResMan,
131  hToken);
132  CloseHandle(hToken);
133  }
134 
135  return Ret;
136 }
137 
138 
139 /*
140  * @unimplemented
141  */
142 AUTHZAPI
143 BOOL
144 WINAPI
147  IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups OPTIONAL,
148  IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups OPTIONAL,
149  IN PCWSTR ResourceManagerName OPTIONAL,
150  IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager)
151 {
152  BOOL Ret = FALSE;
153 
154  if (pAuthzResourceManager != NULL &&
156  {
157  PAUTHZ_RESMAN ResMan;
158  SIZE_T RequiredSize = sizeof(AUTHZ_RESMAN);
159 
160  if (ResourceManagerName != NULL)
161  {
162  RequiredSize += wcslen(ResourceManagerName) * sizeof(WCHAR);
163  }
164 
166  RequiredSize);
167  if (ResMan != NULL)
168  {
169  /* initialize the resource manager structure */
170 #if DBG
171  ResMan->Tag = RESMAN_TAG;
172 #endif
173 
174  ResMan->flags = flags;
175  ResMan->UserSid = NULL;
176 
177  if (ResourceManagerName != NULL)
178  {
179  wcscpy(ResMan->ResourceManagerName,
180  ResourceManagerName);
181  }
182  else
183  ResMan->ResourceManagerName[0] = UNICODE_NULL;
184 
185  ResMan->pfnAccessCheck = pfnAccessCheck;
186  ResMan->pfnComputeDynamicGroups = pfnComputeDynamicGroups;
187  ResMan->pfnFreeDynamicGroups = pfnFreeDynamicGroups;
188 
189  if (!(flags & AUTHZ_RM_FLAG_NO_AUDIT))
190  {
191  /* FIXME - initialize auditing */
192  DPRINT1("Auditing not implemented!\n");
193  }
194 
196  {
197  Ret = AuthzpInitUnderImpersonation(ResMan);
198  }
199  else
200  {
201  Ret = AuthzpInitSelf(ResMan);
202  }
203 
204  if (Ret)
205  {
206  /* finally return the handle */
207  *pAuthzResourceManager = (AUTHZ_RESOURCE_MANAGER_HANDLE)ResMan;
208  }
209  else
210  {
211  DPRINT1("Querying the token failed!\n");
212  LocalFree((HLOCAL)ResMan);
213  }
214  }
215  }
216  else
218 
219  return Ret;
220 }
221 
222 
223 /*
224  * @unimplemented
225  */
226 AUTHZAPI
227 BOOL
228 WINAPI
230 {
231  BOOL Ret = FALSE;
232 
233  if (AuthzResourceManager != NULL)
234  {
235  PAUTHZ_RESMAN ResMan = (PAUTHZ_RESMAN)AuthzResourceManager;
236 
237  VALIDATE_RESMAN_HANDLE(AuthzResourceManager);
238 
239  if (!(ResMan->flags & AUTHZ_RM_FLAG_NO_AUDIT))
240  {
241  /* FIXME - cleanup auditing */
242  }
243 
244  if (ResMan->UserSid != NULL)
245  {
246  LocalFree((HLOCAL)ResMan->UserSid);
247  }
248 
249  LocalFree((HLOCAL)AuthzResourceManager);
250  Ret = TRUE;
251  }
252  else
254 
255  return Ret;
256 }
257 
LUID AuthenticationId
Definition: setypes.h:1033
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
AUTHZAPI BOOL WINAPI AuthzInitializeResourceManager(IN DWORD flags, IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck OPTIONAL, IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups OPTIONAL, IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups OPTIONAL, IN PCWSTR ResourceManagerName OPTIONAL, IN PAUTHZ_RESOURCE_MANAGER_HANDLE pAuthzResourceManager)
Definition: resman.c:145
const uint16_t * PCWSTR
Definition: typedefs.h:57
#define IN
Definition: typedefs.h:39
#define CloseHandle
Definition: compat.h:487
#define BufLen
Definition: fatfs.h:167
AUTHZAPI BOOL WINAPI AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager)
Definition: resman.c:229
#define TRUE
Definition: types.h:120
PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups
Definition: precomp.h:39
DWORD flags
Definition: precomp.h:41
_Inout_ PRTL_BUFFER _In_ SIZE_T RequiredSize
struct _AUTHZ_RESMAN AUTHZ_RESMAN
PSID UserSid
Definition: precomp.h:42
WCHAR ResourceManagerName[1]
Definition: precomp.h:45
#define FALSE
Definition: types.h:117
#define UNICODE_NULL
HANDLE WINAPI GetCurrentThread(VOID)
Definition: proc.c:1148
unsigned int BOOL
Definition: ntddk_ex.h:94
HANDLE AUTHZ_RESOURCE_MANAGER_HANDLE
Definition: authz.h:50
smooth NULL
Definition: ftsmooth.c:416
BOOL(CALLBACK * PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS)(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN PVOID Args, OUT PSID_AND_ATTRIBUTES *pSidAttrArray, OUT PDWORD pSidCount, OUT PSID_AND_ATTRIBUTES *pRestrictedSidAttrArray, OUT PDWORD pRestrictedSidCount)
Definition: authz.h:113
static BOOL AuthzpInitSelf(IN OUT PAUTHZ_RESMAN ResMan)
Definition: resman.c:120
PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck
Definition: precomp.h:37
#define LMEM_FIXED
Definition: winbase.h:349
#define TOKEN_QUERY
Definition: setypes.h:874
__wchar_t WCHAR
Definition: xmlstorage.h:180
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:798
BOOL(CALLBACK * PFN_AUTHZ_DYNAMIC_ACCESS_CHECK)(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext, IN PACE_HEADER pAce, IN PVOID pArgs OPTIONAL, IN OUT PBOOL pbAceApplicable)
Definition: authz.h:108
#define VALIDATE_RESMAN_HANDLE(handle)
Definition: precomp.h:26
#define WINAPI
Definition: msvc.h:6
#define CopyMemory
Definition: winbase.h:1646
unsigned long DWORD
Definition: ntddk_ex.h:95
#define SetLastError(x)
Definition: compat.h:500
GLbitfield flags
Definition: glext.h:7161
struct _SID * PSID
Definition: eventlog.c:35
struct _AUTHZ_RESMAN * PAUTHZ_RESMAN
#define AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION
Definition: authz.h:43
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
#define GetCurrentProcess()
Definition: compat.h:507
PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups
Definition: precomp.h:38
ULONG_PTR SIZE_T
Definition: typedefs.h:80
BOOL WINAPI OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, HANDLE *TokenHandle)
Definition: security.c:338
#define AUTHZ_RM_FLAG_NO_AUDIT
Definition: authz.h:42
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
static BOOL AuthzpInitUnderImpersonation(IN OUT PAUTHZ_RESMAN ResMan)
Definition: resman.c:100
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:296
#define DPRINT1
Definition: precomp.h:8
#define OUT
Definition: typedefs.h:40
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
Definition: security.c:413
SID_AND_ATTRIBUTES User
Definition: setypes.h:956
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373
#define AUTHZAPI
Definition: authz.h:21
static BOOL AuthzpQueryToken(IN OUT PAUTHZ_RESMAN ResMan, IN HANDLE hToken)
Definition: resman.c:35
size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
VOID(CALLBACK * PFN_AUTHZ_FREE_DYNAMIC_GROUPS)(IN PSID_AND_ATTRIBUTES pSidAttrArray)
Definition: authz.h:120
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68