Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-01-04 21:38:43 +00:00
Code Issues Projects Releases Packages Wiki Activity

partial implementation of AuthzInitializeContextFromSid(), AuthzGetInformationFromContext() and AuthzFreeContext()

Browse source 
svn path=/trunk/; revision=20798
This commit is contained in:
Thomas Bluemel 2006-01-12 00:23:47 +00:00
parent 05a3678a52
commit 78a4d9117f
5 changed files with 276 additions and 69 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
reactos/lib/authz/authz.c
View file

@ -116,19 +116,6 @@ AuthzFreeAuditEvent(IN AUTHZ_AUDIT_EVENT_HANDLE pAuditEventInfo)
}
/*
* @unimplemented
*/
AUTHZAPI
BOOL
WINAPI
AuthzFreeContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzClientContext)
{
UNIMPLEMENTED;
return FALSE;
}
/*
* @unimplemented
*/
@ -142,23 +129,6 @@ AuthzFreeHandle(IN AUTHZ_ACCESS_CHECK_RESULTS_HANDLE AuthzHandle)
}
/*
* @unimplemented
*/
AUTHZAPI
BOOL
WINAPI
AuthzGetInformationFromContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext,
IN AUTHZ_CONTEXT_INFORMATION_CLASS InfoClass,
IN DWORD BufferSize,
OUT PDWORD pSizeRequired,
OUT PVOID Buffer)
{
UNIMPLEMENTED;
return FALSE;
}
/*
* @unimplemented
*/
@ -177,25 +147,6 @@ AuthzInitializeContextFromAuthzContext(IN DWORD flags,
}
/*
* @unimplemented
*/
AUTHZAPI
BOOL
WINAPI
AuthzInitializeContextFromSid(IN DWORD Flags,
IN PSID UserSid,
IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager,
IN PLARGE_INTEGER pExpirationTime,
IN LUID Identifier,
IN PVOID DynamicGroupArgs,
OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext)
{
UNIMPLEMENTED;
return FALSE;
}
/*
* @unimplemented
*/

1
reactos/lib/authz/authz.xml
View file

@ -11,6 +11,7 @@
<library>kernel32</library>
<library>advapi32</library>
<file>authz.c</file>
<file>clictx.c</file>
<file>resman.c</file>
<file>authz.rc</file>
<pch>precomp.h</pch>

233
reactos/lib/authz/clictx.c Normal file
View file

@ -0,0 +1,233 @@
/*
* ReactOS Authorization Framework
* Copyright (C) 2005 - 2006 ReactOS Team
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/* $Id: aclui.c 18173 2005-09-30 18:54:48Z weiden $
*
* PROJECT: ReactOS Authorization Framework
* FILE: lib/authz/clictx.c
* PURPOSE: Authorization Framework
* PROGRAMMER: Thomas Weidenmueller <w3seek@reactos.com>
*
* UPDATE HISTORY:
* 10/07/2005 Created
*/
#include <precomp.h>
/*
* @unimplemented
*/
AUTHZAPI
BOOL
WINAPI
AuthzInitializeContextFromSid(IN DWORD Flags,
IN PSID UserSid,
IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager,
IN PLARGE_INTEGER pExpirationTime,
IN LUID Identifier,
IN PVOID DynamicGroupArgs,
OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext)
{
BOOL Ret = FALSE;
if (AuthzResourceManager != NULL && pExpirationTime != NULL && pAuthzClientContext != NULL &&
UserSid != NULL && IsValidSid(UserSid) && !(Flags & (AUTHZ_SKIP_TOKEN_GROUPS | AUTHZ_REQUIRE_S4U_LOGON)))
{
PAUTHZ_CLIENT_CONTEXT ClientCtx;
//PAUTHZ_RESMAN ResMan = (PAUTHZ_RESMAN)AuthzResourceManager;
VALIDATE_RESMAN_HANDLE(AuthzResourceManager);
ClientCtx = (PAUTHZ_CLIENT_CONTEXT)LocalAlloc(LMEM_FIXED,
sizeof(AUTHZ_CLIENT_CONTEXT));
if (ClientCtx != NULL)
{
DWORD SidLen;
/* initialize the client context structure */
#if DBG
ClientCtx->Tag = CLIENTCTX_TAG;
#endif
/* simply copy the SID */
SidLen = GetLengthSid(UserSid);
ClientCtx->UserSid = (PSID)LocalAlloc(LMEM_FIXED,
SidLen);
if (ClientCtx->UserSid == NULL)
{
LocalFree((HLOCAL)ClientCtx);
goto FailNoMemory;
}
CopySid(SidLen,
ClientCtx->UserSid,
UserSid);
ClientCtx->AuthzResourceManager = AuthzResourceManager;
ClientCtx->Luid = Identifier;
ClientCtx->ExpirationTime.QuadPart = (pExpirationTime != NULL ? pExpirationTime->QuadPart : 0);
ClientCtx->ServerContext = NULL; /* FIXME */
ClientCtx->DynamicGroupArgs = DynamicGroupArgs;
/* return the client context handle */
*pAuthzClientContext = (AUTHZ_CLIENT_CONTEXT_HANDLE)ClientCtx;
Ret = TRUE;
}
else
{
FailNoMemory:
SetLastError(ERROR_NOT_ENOUGH_MEMORY);
}
}
else
SetLastError(ERROR_INVALID_PARAMETER);
return Ret;
}
/*
* @unimplemented
*/
AUTHZAPI
BOOL
WINAPI
AuthzGetInformationFromContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext,
IN AUTHZ_CONTEXT_INFORMATION_CLASS InfoClass,
IN DWORD BufferSize,
OUT PDWORD pSizeRequired,
OUT PVOID Buffer)
{
BOOL Ret = FALSE;
if (hAuthzClientContext != NULL && pSizeRequired != NULL)
{
PAUTHZ_CLIENT_CONTEXT ClientCtx = (PAUTHZ_CLIENT_CONTEXT)hAuthzClientContext;
VALIDATE_CLIENTCTX_HANDLE(hAuthzClientContext);
switch (InfoClass)
{
case AuthzContextInfoUserSid:
{
DWORD SidLen = GetLengthSid(ClientCtx->UserSid);
*pSizeRequired = SidLen;
if (BufferSize < SidLen)
{
SetLastError(ERROR_INSUFFICIENT_BUFFER);
}
else
{
Ret = CopySid(SidLen,
(PSID)Buffer,
ClientCtx->UserSid);
}
break;
}
case AuthzContextInfoGroupsSids:
SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
break;
case AuthzContextInfoRestrictedSids:
SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
break;
case AuthzContextInfoPrivileges:
SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
break;
case AuthzContextInfoExpirationTime:
*pSizeRequired = sizeof(LARGE_INTEGER);
if (BufferSize < sizeof(LARGE_INTEGER) || Buffer == NULL)
{
SetLastError(ERROR_INSUFFICIENT_BUFFER);
}
else
{
*((PLARGE_INTEGER)Buffer) = ClientCtx->ExpirationTime;
Ret = TRUE;
}
break;
case AuthzContextInfoServerContext:
*pSizeRequired = sizeof(AUTHZ_CLIENT_CONTEXT_HANDLE);
if (BufferSize < sizeof(AUTHZ_CLIENT_CONTEXT_HANDLE) || Buffer == NULL)
{
SetLastError(ERROR_INSUFFICIENT_BUFFER);
}
else
{
*((PAUTHZ_CLIENT_CONTEXT_HANDLE)Buffer) = ClientCtx->ServerContext;
Ret = TRUE;
}
break;
case AuthzContextInfoIdentifier:
*pSizeRequired = sizeof(LUID);
if (BufferSize < sizeof(LUID) || Buffer == NULL)
{
SetLastError(ERROR_INSUFFICIENT_BUFFER);
}
else
{
*((PLUID)Buffer) = ClientCtx->Luid;
Ret = TRUE;
}
break;
default:
SetLastError(ERROR_INVALID_PARAMETER);
break;
}
}
else
SetLastError(ERROR_INVALID_PARAMETER);
return Ret;
}
/*
* @implemented
*/
AUTHZAPI
BOOL
WINAPI
AuthzFreeContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE AuthzClientContext)
{
BOOL Ret = FALSE;
if (AuthzClientContext != NULL)
{
PAUTHZ_CLIENT_CONTEXT ClientCtx = (PAUTHZ_CLIENT_CONTEXT)AuthzClientContext;
VALIDATE_CLIENTCTX_HANDLE(AuthzClientContext);
if (ClientCtx->UserSid != NULL)
{
LocalFree((HLOCAL)ClientCtx->UserSid);
}
LocalFree((HLOCAL)ClientCtx);
Ret = TRUE;
}
else
SetLastError(ERROR_INVALID_PARAMETER);
return Ret;
}

42
reactos/lib/authz/precomp.h
View file

@ -1,3 +1,6 @@
#ifndef __AUTHZ_PRECOMP_H
#define __AUTHZ_PRECOMP_H
#define _AUTHZ_
#include <windows.h>
#include <authz.h>
@ -14,19 +17,54 @@ ULONG DbgPrint(PCH Format,...);
#if DBG
#define RESMAN_TAG 0x89ABCDEF
#define VALID_RESMAN_HANDLE(handle) ASSERT(((PAUTHZ_RESMAN)handle)->Tag == RESMAN_TAG)
#define CLIENTCTX_TAG 0x789ABCDE
#define VALIDATE_RESMAN_HANDLE(handle) ASSERT(((PAUTHZ_RESMAN)handle)->Tag == RESMAN_TAG)
#define VALIDATE_CLIENTCTX_HANDLE(handle) ASSERT(((PAUTHZ_CLIENT_CONTEXT)handle)->Tag == CLIENTCTX_TAG)
#ifndef ASSERT
#define ASSERT(cond) if (!(cond)) { DbgPrint("%s:%i: ASSERTION %s failed!\n", __FILE__, __LINE__, #cond ); }
#endif
#else
#define VALID_RESMAN_HANDLE(handle)
#define VALIDATE_RESMAN_HANDLE(handle)
#define VALIDATE_CLIENTCTX_HANDLE(handle)
#ifndef ASSERT
#define ASSERT(cond)
#endif
#endif
typedef struct _AUTHZ_RESMAN
{
#if DBG
DWORD Tag;
#endif
PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck;
PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups;
PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups;
DWORD flags;
PSID UserSid;
LUID AuthenticationId;
WCHAR ResourceManagerName[1];
} AUTHZ_RESMAN, *PAUTHZ_RESMAN;
typedef struct _AUTHZ_CLIENT_CONTEXT
{
#if DBG
DWORD Tag;
#endif
PSID UserSid;
AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager;
LUID Luid;
LARGE_INTEGER ExpirationTime;
AUTHZ_CLIENT_CONTEXT_HANDLE ServerContext;
PVOID DynamicGroupArgs;
} AUTHZ_CLIENT_CONTEXT, *PAUTHZ_CLIENT_CONTEXT;
#endif /* __AUTHZ_PRECOMP_H */
/* EOF */

20
reactos/lib/authz/resman.c
View file

@ -1,6 +1,6 @@
/*
* ReactOS Authorization Framework
* Copyright (C) 2005 ReactOS Team
* Copyright (C) 2005 - 2006 ReactOS Team
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@ -28,22 +28,6 @@
*/
#include <precomp.h>
typedef struct _AUTHZ_RESMAN
{
#if DBG
DWORD Tag;
#endif
PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck;
PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups;
PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups;
DWORD flags;
PSID UserSid;
LUID AuthenticationId;
WCHAR ResourceManagerName[1];
} AUTHZ_RESMAN, *PAUTHZ_RESMAN;
static BOOL
AuthzpQueryToken(IN OUT PAUTHZ_RESMAN ResMan,
@ -248,7 +232,7 @@ AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager)
{
PAUTHZ_RESMAN ResMan = (PAUTHZ_RESMAN)AuthzResourceManager;
VALID_RESMAN_HANDLE(AuthzResourceManager);
VALIDATE_RESMAN_HANDLE(AuthzResourceManager);
if (!(ResMan->flags & AUTHZ_RM_FLAG_NO_AUDIT))
{