mirror of
https://github.com/reactos/reactos.git
synced 2025-01-07 14:51:00 +00:00
161 lines
4.2 KiB
C
161 lines
4.2 KiB
C
/*
|
|
* PROJECT: ReactOS Named Pipe FileSystem
|
|
* LICENSE: BSD - See COPYING.ARM in the top level directory
|
|
* FILE: drivers/filesystems/npfs/secursup.c
|
|
* PURPOSE: Pipes Security Support
|
|
* PROGRAMMERS: ReactOS Portable Systems Group
|
|
*/
|
|
|
|
/* INCLUDES *******************************************************************/
|
|
|
|
#include "npfs.h"
|
|
|
|
// File ID number for NPFS bugchecking support
|
|
#define NPFS_BUGCHECK_FILE_ID (NPFS_BUGCHECK_SECURSUP)
|
|
|
|
/* FUNCTIONS ******************************************************************/
|
|
|
|
NTSTATUS
|
|
NTAPI
|
|
NpImpersonateClientContext(IN PNP_CCB Ccb)
|
|
{
|
|
NTSTATUS Status;
|
|
PSECURITY_CLIENT_CONTEXT ClientContext;
|
|
PAGED_CODE();
|
|
|
|
ClientContext = Ccb->ClientContext;
|
|
if (ClientContext)
|
|
{
|
|
Status = SeImpersonateClientEx(ClientContext, NULL);
|
|
}
|
|
else
|
|
{
|
|
Status = STATUS_CANNOT_IMPERSONATE;
|
|
}
|
|
return Status;
|
|
}
|
|
|
|
VOID
|
|
NTAPI
|
|
NpFreeClientSecurityContext(IN PSECURITY_CLIENT_CONTEXT ClientContext)
|
|
{
|
|
TOKEN_TYPE TokenType;
|
|
PVOID ClientToken;
|
|
|
|
if (!ClientContext) return;
|
|
|
|
TokenType = SeTokenType(ClientContext->ClientToken);
|
|
ClientToken = ClientContext->ClientToken;
|
|
if ((TokenType == TokenPrimary) || (ClientToken))
|
|
{
|
|
ObDereferenceObject(ClientToken);
|
|
}
|
|
ExFreePool(ClientContext);
|
|
}
|
|
|
|
VOID
|
|
NTAPI
|
|
NpCopyClientContext(IN PNP_CCB Ccb,
|
|
IN PNP_DATA_QUEUE_ENTRY DataQueueEntry)
|
|
{
|
|
PAGED_CODE();
|
|
|
|
if (!DataQueueEntry->ClientSecurityContext) return;
|
|
|
|
NpFreeClientSecurityContext(Ccb->ClientContext);
|
|
Ccb->ClientContext = DataQueueEntry->ClientSecurityContext;
|
|
DataQueueEntry->ClientSecurityContext = NULL;
|
|
}
|
|
|
|
VOID
|
|
NTAPI
|
|
NpUninitializeSecurity(IN PNP_CCB Ccb)
|
|
{
|
|
PAGED_CODE();
|
|
|
|
NpFreeClientSecurityContext(Ccb->ClientContext);
|
|
Ccb->ClientContext = NULL;
|
|
}
|
|
|
|
NTSTATUS
|
|
NTAPI
|
|
NpInitializeSecurity(IN PNP_CCB Ccb,
|
|
IN PSECURITY_QUALITY_OF_SERVICE SecurityQos,
|
|
IN PETHREAD Thread)
|
|
{
|
|
PSECURITY_CLIENT_CONTEXT ClientContext;
|
|
NTSTATUS Status;
|
|
PAGED_CODE();
|
|
|
|
if (SecurityQos)
|
|
{
|
|
Ccb->ClientQos = *SecurityQos;
|
|
}
|
|
else
|
|
{
|
|
Ccb->ClientQos.Length = sizeof(Ccb->ClientQos);
|
|
Ccb->ClientQos.ImpersonationLevel = SecurityImpersonation;
|
|
Ccb->ClientQos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
|
|
Ccb->ClientQos.EffectiveOnly = TRUE;
|
|
}
|
|
|
|
NpUninitializeSecurity(Ccb);
|
|
|
|
if (Ccb->ClientQos.ContextTrackingMode == SECURITY_DYNAMIC_TRACKING)
|
|
{
|
|
Status = STATUS_SUCCESS;
|
|
Ccb->ClientContext = NULL;
|
|
return Status;
|
|
}
|
|
|
|
ClientContext = ExAllocatePoolWithQuotaTag(PagedPool | POOL_QUOTA_FAIL_INSTEAD_OF_RAISE,
|
|
sizeof(*ClientContext),
|
|
NPFS_CLIENT_SEC_CTX_TAG);
|
|
Ccb->ClientContext = ClientContext;
|
|
if (!ClientContext) return STATUS_INSUFFICIENT_RESOURCES;
|
|
|
|
Status = SeCreateClientSecurity(Thread, &Ccb->ClientQos, 0, ClientContext);
|
|
if (!NT_SUCCESS(Status))
|
|
{
|
|
ExFreePool(Ccb->ClientContext);
|
|
Ccb->ClientContext = NULL;
|
|
}
|
|
|
|
return Status;
|
|
}
|
|
|
|
NTSTATUS
|
|
NTAPI
|
|
NpGetClientSecurityContext(IN ULONG NamedPipeEnd,
|
|
IN PNP_CCB Ccb,
|
|
IN PETHREAD Thread,
|
|
IN PSECURITY_CLIENT_CONTEXT *Context)
|
|
{
|
|
PSECURITY_CLIENT_CONTEXT NewContext;
|
|
NTSTATUS Status;
|
|
PAGED_CODE();
|
|
|
|
if (NamedPipeEnd == FILE_PIPE_SERVER_END || Ccb->ClientQos.ContextTrackingMode != SECURITY_DYNAMIC_TRACKING)
|
|
{
|
|
NewContext = NULL;
|
|
Status = STATUS_SUCCESS;
|
|
}
|
|
else
|
|
{
|
|
NewContext = ExAllocatePoolWithQuotaTag(PagedPool | POOL_QUOTA_FAIL_INSTEAD_OF_RAISE,
|
|
sizeof(*NewContext),
|
|
NPFS_CLIENT_SEC_CTX_TAG);
|
|
if (!NewContext) return STATUS_INSUFFICIENT_RESOURCES;
|
|
|
|
Status = SeCreateClientSecurity(Thread, &Ccb->ClientQos, 0, NewContext);
|
|
if (!NT_SUCCESS(Status))
|
|
{
|
|
ExFreePool(NewContext);
|
|
NewContext = NULL;
|
|
}
|
|
}
|
|
*Context = NewContext;
|
|
return Status;
|
|
}
|
|
|
|
/* EOF */
|