7 Oct
2005
7 Oct
'05
2:28 a.m.
partly implemented AuthzInitializeResourceManager and
AuthzFreeResourceManager (no support for auditing so far)
Modified: trunk/reactos/lib/authz/authz.c
Modified: trunk/reactos/lib/authz/authz.xml
Modified: trunk/reactos/lib/authz/precomp.h
Added: trunk/reactos/lib/authz/resman.c
_____
Modified: trunk/reactos/lib/authz/authz.c
--- trunk/reactos/lib/authz/authz.c 2005-10-07 00:35:10 UTC (rev
18307)
+++ trunk/reactos/lib/authz/authz.c 2005-10-07 02:28:42 UTC (rev
18308)
@@ -148,19 +148,6 @@
AUTHZAPI
BOOL
WINAPI
-AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE
AuthzResourceManager)
-{
- UNIMPLEMENTED;
- return FALSE;
-}
-
-
-/*
- * @unimplemented
- */
-AUTHZAPI
-BOOL
-WINAPI
AuthzGetInformationFromContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE
hAuthzClientContext,
IN AUTHZ_CONTEXT_INFORMATION_CLASS
InfoClass,
IN DWORD BufferSize,
@@ -275,24 +262,6 @@
AUTHZAPI
BOOL
WINAPI
-AuthzInitializeResourceManager(IN DWORD flags,
- IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK
pfnAccessCheck,
- IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS
pfnComputeDynamicGroups,
- IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS
pfnFreeDynamicGroups,
- IN PCWSTR ResourceManagerName,
- IN PAUTHZ_RESOURCE_MANAGER_HANDLE
pAuthzResourceManager)
-{
- UNIMPLEMENTED;
- return FALSE;
-}
-
-
-/*
- * @unimplemented
- */
-AUTHZAPI
-BOOL
-WINAPI
AuthzInstallSecurityEventSource(IN DWORD dwFlags,
IN PAUTHZ_SOURCE_SCHEMA_REGISTRATION
pRegistration)
{
_____
Modified: trunk/reactos/lib/authz/authz.xml
--- trunk/reactos/lib/authz/authz.xml 2005-10-07 00:35:10 UTC (rev
18307)
+++ trunk/reactos/lib/authz/authz.xml 2005-10-07 02:28:42 UTC (rev
18308)
@@ -11,6 +11,7 @@
<library>kernel32</library>
<library>advapi32</library>
<file>authz.c</file>
+ <file>resman.c</file>
<file>authz.rc</file>
<pch>precomp.h</pch>
</module>
_____
Modified: trunk/reactos/lib/authz/precomp.h
--- trunk/reactos/lib/authz/precomp.h 2005-10-07 00:35:10 UTC (rev
18307)
+++ trunk/reactos/lib/authz/precomp.h 2005-10-07 02:28:42 UTC (rev
18308)
@@ -11,5 +11,22 @@
#define UNIMPLEMENTED DbgPrint("AUTHZ.DLL: %s is UNIMPLEMENTED!\n",
__FUNCTION__)
#endif
+#if DBG
+#define RESMAN_TAG 0x89ABCDEF
+#define VALID_RESMAN_HANDLE(handle) ASSERT(((PAUTHZ_RESMAN)handle)->Tag
== RESMAN_TAG)
+#ifndef ASSERT
+#define ASSERT(cond) if (!(cond)) { DbgPrint("%s:%i: ASSERTION %s
failed!\n", __FILE__, __LINE__, #cond ); }
+#endif
+
+#else
+
+#define VALID_RESMAN_HANDLE(handle)
+#ifndef ASSERT
+#define ASSERT(cond)
+#endif
+
+#endif
+
+
/* EOF */
_____
Added: trunk/reactos/lib/authz/resman.c
--- trunk/reactos/lib/authz/resman.c 2005-10-07 00:35:10 UTC (rev
18307)
+++ trunk/reactos/lib/authz/resman.c 2005-10-07 02:28:42 UTC (rev
18308)
@@ -0,0 +1,271 @@
+/*
+ * ReactOS Authorization Framework
+ * Copyright (C) 2005 ReactOS Team
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
USA
+ */
+/* $Id: aclui.c 18173 2005-09-30 18:54:48Z weiden $
+ *
+ * PROJECT: ReactOS Authorization Framework
+ * FILE: lib/authz/resman.c
+ * PURPOSE: Authorization Framework
+ * PROGRAMMER: Thomas Weidenmueller <w3seek(a)reactos.com>
+ *
+ * UPDATE HISTORY:
+ * 10/07/2005 Created
+ */
+#include <precomp.h>
+
+typedef struct _AUTHZ_RESMAN
+{
+#if DBG
+ DWORD Tag;
+#endif
+
+ PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck;
+ PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups;
+ PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups;
+
+ DWORD flags;
+ PSID UserSid;
+ LUID AuthenticationId;
+
+ WCHAR ResourceManagerName[1];
+} AUTHZ_RESMAN, *PAUTHZ_RESMAN;
+
+static BOOL
+AuthzpQueryToken(IN OUT PAUTHZ_RESMAN ResMan,
+ IN HANDLE hToken)
+{
+ TOKEN_USER User;
+ TOKEN_STATISTICS Statistics;
+ DWORD BufLen;
+ PSID UserSid = NULL;
+ BOOL Ret = FALSE;
+
+ /* query information about the user */
+ BufLen = sizeof(User);
+ Ret = GetTokenInformation(hToken,
+ TokenUser,
+ &User,
+ BufLen,
+ &BufLen);
+ if (Ret)
+ {
+ BufLen = GetLengthSid(User.User.Sid);
+ if (BufLen != 0)
+ {
+ UserSid = (PSID)LocalAlloc(LMEM_FIXED,
+ BufLen);
+ if (UserSid != NULL)
+ {
+ CopyMemory(UserSid,
+ User.User.Sid,
+ BufLen);
+ }
+ else
+ Ret = FALSE;
+ }
+ else
+ Ret = FALSE;
+ }
+
+ if (Ret)
+ {
+ /* query general information */
+ BufLen = sizeof(Statistics);
+ Ret = GetTokenInformation(hToken,
+ TokenUser,
+ &Statistics,
+ BufLen,
+ &BufLen);
+ }
+
+ if (Ret)
+ {
+ ResMan->UserSid = UserSid;
+ ResMan->AuthenticationId = Statistics.AuthenticationId;
+ Ret = TRUE;
+ }
+ else
+ {
+ if (UserSid != NULL)
+ {
+ LocalFree((HLOCAL)UserSid);
+ }
+ }
+
+ return Ret;
+}
+
+static BOOL
+AuthzpInitUnderImpersonation(IN OUT PAUTHZ_RESMAN ResMan)
+{
+ HANDLE hToken;
+ BOOL Ret;
+
+ Ret = OpenThreadToken(GetCurrentThread(),
+ TOKEN_QUERY,
+ TRUE,
+ &hToken);
+ if (Ret)
+ {
+ Ret = AuthzpQueryToken(ResMan,
+ hToken);
+ CloseHandle(hToken);
+ }
+
+ return Ret;
+}
+
+static BOOL
+AuthzpInitSelf(IN OUT PAUTHZ_RESMAN ResMan)
+{
+ HANDLE hToken;
+ BOOL Ret;
+
+ Ret = OpenProcessToken(GetCurrentProcess(),
+ TOKEN_QUERY,
+ &hToken);
+ if (Ret)
+ {
+ Ret = AuthzpQueryToken(ResMan,
+ hToken);
+ CloseHandle(hToken);
+ }
+
+ return Ret;
+}
+
+
+/*
+ * @unimplemented
+ */
+AUTHZAPI
+BOOL
+WINAPI
+AuthzInitializeResourceManager(IN DWORD flags,
+ IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK
pfnAccessCheck OPTIONAL,
+ IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS
pfnComputeDynamicGroups OPTIONAL,
+ IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS
pfnFreeDynamicGroups OPTIONAL,
+ IN PCWSTR ResourceManagerName OPTIONAL,
+ IN PAUTHZ_RESOURCE_MANAGER_HANDLE
pAuthzResourceManager)
+{
+ BOOL Ret = FALSE;
+
+ if (pAuthzResourceManager != NULL &&
+ !(flags & ~(AUTHZ_RM_FLAG_NO_AUDIT |
AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION)))
+ {
+ PAUTHZ_RESMAN ResMan;
+ SIZE_T RequiredSize = sizeof(AUTHZ_RESMAN);
+
+ if (ResourceManagerName != NULL)
+ {
+ RequiredSize += wcslen(ResourceManagerName) *
sizeof(WCHAR);
+ }
+
+ ResMan = (PAUTHZ_RESMAN)LocalAlloc(LMEM_FIXED,
+ RequiredSize);
+ if (ResMan != NULL)
+ {
+ /* initialize the resource manager structure */
+#if DBG
+ ResMan->Tag = RESMAN_TAG;
+#endif
+
+ ResMan->flags = flags;
+ ResMan->UserSid = NULL;
+
+ if (ResourceManagerName != NULL)
+ {
+ wcscpy(ResMan->ResourceManagerName,
+ ResourceManagerName);
+ }
+ else
+ ResMan->ResourceManagerName[0] = UNICODE_NULL;
+
+ ResMan->pfnAccessCheck = pfnAccessCheck;
+ ResMan->pfnComputeDynamicGroups = pfnComputeDynamicGroups;
+ ResMan->pfnFreeDynamicGroups = pfnFreeDynamicGroups;
+
+ if (!(flags & AUTHZ_RM_FLAG_NO_AUDIT))
+ {
+ /* FIXME - initialize auditing */
+ DPRINT1("Auditing not implemented!\n");
+ }
+
+ if (flags & AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION)
+ {
+ Ret = AuthzpInitUnderImpersonation(ResMan);
+ }
+ else
+ {
+ Ret = AuthzpInitSelf(ResMan);
+ }
+
+ if (Ret)
+ {
+ /* finally return the handle */
+ *pAuthzResourceManager =
(AUTHZ_RESOURCE_MANAGER_HANDLE)ResMan;
+ }
+ else
+ {
+ DPRINT1("Querying the token failed!\n");
+ LocalFree((HLOCAL)ResMan);
+ }
+ }
+ }
+ else
+ SetLastError(ERROR_INVALID_PARAMETER);
+
+ return Ret;
+}
+
+
+/*
+ * @unimplemented
+ */
+AUTHZAPI
+BOOL
+WINAPI
+AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE
AuthzResourceManager)
+{
+ BOOL Ret = FALSE;
+
+ if (AuthzResourceManager != NULL)
+ {
+ PAUTHZ_RESMAN ResMan = (PAUTHZ_RESMAN)AuthzResourceManager;
+
+ VALID_RESMAN_HANDLE(AuthzResourceManager);
+
+ if (!(ResMan->flags & AUTHZ_RM_FLAG_NO_AUDIT))
+ {
+ /* FIXME - cleanup auditing */
+ }
+
+ if (ResMan->UserSid != NULL)
+ {
+ LocalFree((HLOCAL)ResMan->UserSid);
+ }
+
+ LocalFree((HLOCAL)AuthzResourceManager);
+ Ret = TRUE;
+ }
+ else
+ SetLastError(ERROR_INVALID_PARAMETER);
+
+ return Ret;
+}
+
Property changes on: trunk/reactos/lib/authz/resman.c
___________________________________________________________________
Name: svn:keywords
+ author date revision
Name: svn:eol-style
+ native