Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-03 14:45:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

[TDILIB][IPHLPAPI][WSHTCPIP]

Browse source 
- Request only the access rights that are actually required in openTcpFile. Fixes many should-be access denied errors originating from netshell. While this doesn't fix the root cause of CORE-9172, it is a required step if we ever want netshell to work for non-Admin users.
CORE-9172

svn path=/trunk/; revision=66300
This commit is contained in:
Thomas Faber 2015-02-15 17:57:34 +00:00
parent 4db087dde9
commit b3038d2a51
9 changed files with 32 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

2
reactos/dll/win32/iphlpapi/address.c
View file

@ -306,7 +306,7 @@ GetAdaptersAddresses(
ZeroMemory(Ptr, RemainingSize); ZeroMemory(Ptr, RemainingSize);
/* open the tcpip driver */ /* open the tcpip driver */
Status = openTcpFile(&TcpFile); Status = openTcpFile(&TcpFile, FILE_READ_DATA);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
ERR("Could not open handle to tcpip.sys. Status %08x\n", Status); ERR("Could not open handle to tcpip.sys. Status %08x\n", Status);

22
reactos/dll/win32/iphlpapi/ifenum_reactos.c
View file

@ -225,7 +225,7 @@ static DWORD getNumInterfacesInt(BOOL onlyNonLoopback)
NTSTATUS status; NTSTATUS status;
int i; int i;
status = openTcpFile( &tcpFile ); status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( !NT_SUCCESS(status) ) { if( !NT_SUCCESS(status) ) {
WARN("getNumInterfaces: failed %08x\n", status ); WARN("getNumInterfaces: failed %08x\n", status );
@ -350,7 +350,7 @@ const char *getInterfaceNameByIndex(DWORD index)
IFInfo ifInfo; IFInfo ifInfo;
HANDLE tcpFile; HANDLE tcpFile;
char *interfaceName = 0, *adapter_name = 0; char *interfaceName = 0, *adapter_name = 0;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) { if( NT_SUCCESS(status) ) {
status = getInterfaceInfoByIndex( tcpFile, index, &ifInfo ); status = getInterfaceInfoByIndex( tcpFile, index, &ifInfo );
@ -379,7 +379,7 @@ DWORD getInterfaceIndexByName(const char *name, PDWORD index)
{ {
IFInfo ifInfo; IFInfo ifInfo;
HANDLE tcpFile; HANDLE tcpFile;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) { if( NT_SUCCESS(status) ) {
status = getInterfaceInfoByName( tcpFile, (char *)name, &ifInfo ); status = getInterfaceInfoByName( tcpFile, (char *)name, &ifInfo );
@ -400,7 +400,7 @@ InterfaceIndexTable *getInterfaceIndexTableInt( BOOL nonLoopbackOnly ) {
IFInfo *ifInfo; IFInfo *ifInfo;
InterfaceIndexTable *ret = 0; InterfaceIndexTable *ret = 0;
HANDLE tcpFile; HANDLE tcpFile;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) { if( NT_SUCCESS(status) ) {
status = getInterfaceInfoSet( tcpFile, &ifInfo, &numInterfaces ); status = getInterfaceInfoSet( tcpFile, &ifInfo, &numInterfaces );
@ -476,7 +476,7 @@ DWORD getAddrByIndexOrName( char *name, DWORD index, IPHLPAddrType addrType ) {
NTSTATUS status = STATUS_SUCCESS; NTSTATUS status = STATUS_SUCCESS;
DWORD addrOut = INADDR_ANY; DWORD addrOut = INADDR_ANY;
status = openTcpFile( &tcpFile ); status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) { if( NT_SUCCESS(status) ) {
status = getIPAddrEntryForIf( tcpFile, name, index, &ifInfo ); status = getIPAddrEntryForIf( tcpFile, name, index, &ifInfo );
@ -527,7 +527,7 @@ DWORD getInterfacePhysicalByName(const char *name, PDWORD len, PBYTE addr,
{ {
HANDLE tcpFile; HANDLE tcpFile;
IFInfo info; IFInfo info;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) { if( NT_SUCCESS(status) ) {
status = getInterfaceInfoByName( tcpFile, (char *)name, &info ); status = getInterfaceInfoByName( tcpFile, (char *)name, &info );
@ -544,7 +544,7 @@ DWORD getInterfacePhysicalByIndex(DWORD index, PDWORD len, PBYTE addr,
{ {
HANDLE tcpFile; HANDLE tcpFile;
IFInfo info; IFInfo info;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( NT_SUCCESS(status) ) { if( NT_SUCCESS(status) ) {
status = getInterfaceInfoByIndex( tcpFile, index, &info ); status = getInterfaceInfoByIndex( tcpFile, index, &info );
@ -581,7 +581,7 @@ DWORD getInterfaceEntryByName(const char *name, PMIB_IFROW entry)
{ {
HANDLE tcpFile; HANDLE tcpFile;
IFInfo info; IFInfo info;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
TRACE("Called.\n"); TRACE("Called.\n");
@ -606,7 +606,7 @@ DWORD getInterfaceEntryByIndex(DWORD index, PMIB_IFROW entry)
{ {
HANDLE tcpFile; HANDLE tcpFile;
IFInfo info; IFInfo info;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
TRACE("Called.\n"); TRACE("Called.\n");
@ -641,7 +641,7 @@ NTSTATUS addIPAddress( IPAddr Address, IPMask Mask, DWORD IfIndex,
PULONG NteContext, PULONG NteInstance ) PULONG NteContext, PULONG NteInstance )
{ {
HANDLE tcpFile; HANDLE tcpFile;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA | FILE_WRITE_DATA );
IP_SET_DATA Data; IP_SET_DATA Data;
IO_STATUS_BLOCK Iosb; IO_STATUS_BLOCK Iosb;
@ -682,7 +682,7 @@ NTSTATUS addIPAddress( IPAddr Address, IPMask Mask, DWORD IfIndex,
NTSTATUS deleteIpAddress( ULONG NteContext ) NTSTATUS deleteIpAddress( ULONG NteContext )
{ {
HANDLE tcpFile; HANDLE tcpFile;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA | FILE_WRITE_DATA );
IO_STATUS_BLOCK Iosb; IO_STATUS_BLOCK Iosb;
TRACE("Called.\n"); TRACE("Called.\n");

4
reactos/dll/win32/iphlpapi/iphlpapi_main.c
View file

@ -2145,7 +2145,7 @@ DWORD WINAPI SetIpNetEntry(PMIB_IPNETROW pArpEntry)
if (!pArpEntry) if (!pArpEntry)
return ERROR_INVALID_PARAMETER; return ERROR_INVALID_PARAMETER;
if (!NT_SUCCESS(openTcpFile( &tcpFile ))) if (!NT_SUCCESS(openTcpFile( &tcpFile, FILE_READ_DATA | FILE_WRITE_DATA )))
return ERROR_NOT_SUPPORTED; return ERROR_NOT_SUPPORTED;
if (!NT_SUCCESS(getNthIpEntity( tcpFile, pArpEntry->dwIndex, &id ))) if (!NT_SUCCESS(getNthIpEntity( tcpFile, pArpEntry->dwIndex, &id )))
@ -2312,7 +2312,7 @@ DWORD WINAPI DECLSPEC_HOTPATCH GetAdaptersAddresses(ULONG Family,ULONG Flags,PVO
if (!indexTable) if (!indexTable)
return ERROR_NOT_ENOUGH_MEMORY; return ERROR_NOT_ENOUGH_MEMORY;
ret = openTcpFile(&tcpFile); ret = openTcpFile(&tcpFile, FILE_READ_DATA);
if (!NT_SUCCESS(ret)) if (!NT_SUCCESS(ret))
return ERROR_NO_DATA; return ERROR_NO_DATA;

8
reactos/dll/win32/iphlpapi/ipstats_reactos.c
View file

@ -366,7 +366,7 @@ DWORD getNumRoutes(void)
TRACE("called.\n"); TRACE("called.\n");
status = openTcpFile( &tcpFile ); status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( !NT_SUCCESS(status) ) { if( !NT_SUCCESS(status) ) {
TRACE("failure: %08x\n", (int)status ); TRACE("failure: %08x\n", (int)status );
@ -421,7 +421,7 @@ RouteTable *getRouteTable(void)
DWORD numRoutes = getNumRoutes(), routesAdded = 0; DWORD numRoutes = getNumRoutes(), routesAdded = 0;
TDIEntityID ent; TDIEntityID ent;
HANDLE tcpFile; HANDLE tcpFile;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA );
int i; int i;
if( !NT_SUCCESS(status) ) if( !NT_SUCCESS(status) )
@ -498,7 +498,7 @@ DWORD getNumArpEntries(void)
TRACE("called.\n"); TRACE("called.\n");
status = openTcpFile( &tcpFile ); status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( !NT_SUCCESS(status) ) { if( !NT_SUCCESS(status) ) {
TRACE("failure: %08x\n", (int)status ); TRACE("failure: %08x\n", (int)status );
@ -550,7 +550,7 @@ PMIB_IPNETTABLE getArpTable(void)
totalNumber = getNumArpEntries(); totalNumber = getNumArpEntries();
status = openTcpFile( &tcpFile ); status = openTcpFile( &tcpFile, FILE_READ_DATA );
if( !NT_SUCCESS(status) ) { if( !NT_SUCCESS(status) ) {
TRACE("failure: %08x\n", (int)status ); TRACE("failure: %08x\n", (int)status );

4
reactos/dll/win32/iphlpapi/route_reactos.c
View file

@ -31,7 +31,7 @@ WINE_DEFAULT_DEBUG_CHANNEL(iphlpapi);
DWORD createIpForwardEntry( PMIB_IPFORWARDROW pRoute ) { DWORD createIpForwardEntry( PMIB_IPFORWARDROW pRoute ) {
HANDLE tcpFile; HANDLE tcpFile;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA | FILE_WRITE_DATA );
TCP_REQUEST_SET_INFORMATION_EX_ROUTE_ENTRY req = TCP_REQUEST_SET_INFORMATION_EX_ROUTE_ENTRY req =
TCP_REQUEST_SET_INFORMATION_INIT; TCP_REQUEST_SET_INFORMATION_INIT;
IPRouteEntry *rte; IPRouteEntry *rte;
@ -96,7 +96,7 @@ DWORD setIpForwardEntry( PMIB_IPFORWARDROW pRoute ) {
DWORD deleteIpForwardEntry( PMIB_IPFORWARDROW pRoute ) { DWORD deleteIpForwardEntry( PMIB_IPFORWARDROW pRoute ) {
HANDLE tcpFile; HANDLE tcpFile;
NTSTATUS status = openTcpFile( &tcpFile ); NTSTATUS status = openTcpFile( &tcpFile, FILE_READ_DATA | FILE_WRITE_DATA );
TCP_REQUEST_SET_INFORMATION_EX_ROUTE_ENTRY req = TCP_REQUEST_SET_INFORMATION_EX_ROUTE_ENTRY req =
TCP_REQUEST_SET_INFORMATION_INIT; TCP_REQUEST_SET_INFORMATION_INIT;
IPRouteEntry *rte; IPRouteEntry *rte;

4
reactos/dll/win32/wshtcpip/wshtcpip.c
View file

@ -391,7 +391,7 @@ SendRequest(
HANDLE TcpCC; HANDLE TcpCC;
DWORD BytesReturned; DWORD BytesReturned;
if (openTcpFile(&TcpCC) != STATUS_SUCCESS) if (openTcpFile(&TcpCC, FILE_READ_DATA | FILE_WRITE_DATA) != STATUS_SUCCESS)
return WSAEINVAL; return WSAEINVAL;
Status = DeviceIoControl(TcpCC, Status = DeviceIoControl(TcpCC,
@ -449,7 +449,7 @@ WSHNotify(
case WSH_NOTIFY_BIND: case WSH_NOTIFY_BIND:
DPRINT("WSHNotify: WSH_NOTIFY_BIND\n"); DPRINT("WSHNotify: WSH_NOTIFY_BIND\n");
Status = openTcpFile(&TcpCC); Status = openTcpFile(&TcpCC, FILE_READ_DATA);
if (Status != STATUS_SUCCESS) if (Status != STATUS_SUCCESS)
return WSAEINVAL; return WSAEINVAL;

14
reactos/lib/tdilib/handle.c
View file

@ -9,7 +9,7 @@
const PWCHAR TcpFileName = L"\\Device\\Tcp"; const PWCHAR TcpFileName = L"\\Device\\Tcp";
NTSTATUS openTcpFile(PHANDLE tcpFile) NTSTATUS openTcpFile(PHANDLE tcpFile, ACCESS_MASK DesiredAccess)
{ {
UNICODE_STRING fileName; UNICODE_STRING fileName;
OBJECT_ATTRIBUTES objectAttributes; OBJECT_ATTRIBUTES objectAttributes;
@ -24,18 +24,12 @@ NTSTATUS openTcpFile(PHANDLE tcpFile)
NULL, NULL,
NULL ); NULL );
status = ZwCreateFile( tcpFile, status = NtOpenFile( tcpFile,
SYNCHRONIZE | GENERIC_EXECUTE | DesiredAccess | SYNCHRONIZE,
GENERIC_READ | GENERIC_WRITE,
&objectAttributes, &objectAttributes,
&ioStatusBlock, &ioStatusBlock,
NULL,
FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE,
FILE_OPEN_IF, FILE_SYNCHRONOUS_IO_NONALERT);
FILE_SYNCHRONOUS_IO_NONALERT,
0,
0 );
/* String does not need to be freed: it points to the constant /* String does not need to be freed: it points to the constant
* string we provided */ * string we provided */

2
reactos/lib/tdilib/tdilib.h
View file

@ -7,7 +7,7 @@
#pragma once #pragma once
NTSTATUS openTcpFile(PHANDLE tcpFile); NTSTATUS openTcpFile(PHANDLE tcpFile, ACCESS_MASK DesiredAccess);
VOID closeTcpFile(HANDLE tcpFile); VOID closeTcpFile(HANDLE tcpFile);
NTSTATUS tdiGetEntityIDSet( HANDLE tcpFile, TDIEntityID **entitySet, NTSTATUS tdiGetEntityIDSet( HANDLE tcpFile, TDIEntityID **entitySet,
PDWORD numEntities ); PDWORD numEntities );