[ros-diffs] [weiden] 18308: partly implemented AuthzInitializeResourceManager and AuthzFreeResourceManager (no support for auditing so far)

7 Oct 2005

partly implemented AuthzInitializeResourceManager and
AuthzFreeResourceManager (no support for auditing so far)
Modified: trunk/reactos/lib/authz/authz.c
Modified: trunk/reactos/lib/authz/authz.xml
Modified: trunk/reactos/lib/authz/precomp.h
Added: trunk/reactos/lib/authz/resman.c
  _____
Modified: trunk/reactos/lib/authz/authz.c

--- trunk/reactos/lib/authz/authz.c	2005-10-07 00:35:10 UTC (rev
18307)
+++ trunk/reactos/lib/authz/authz.c	2005-10-07 02:28:42 UTC (rev
18308)
@@ -148,19 +148,6 @@
AUTHZAPI
 BOOL
 WINAPI
-AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE
AuthzResourceManager)
-{
-    UNIMPLEMENTED;
-    return FALSE;
-}
-
-
-/*
- * @unimplemented
- */
-AUTHZAPI
-BOOL
-WINAPI
 AuthzGetInformationFromContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE
hAuthzClientContext,
                                IN AUTHZ_CONTEXT_INFORMATION_CLASS
InfoClass,
                                IN DWORD BufferSize,
@@ -275,24 +262,6 @@
 AUTHZAPI
 BOOL
 WINAPI
-AuthzInitializeResourceManager(IN DWORD flags,
-                               IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK
pfnAccessCheck,
-                               IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS
pfnComputeDynamicGroups,
-                               IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS
pfnFreeDynamicGroups,
-                               IN PCWSTR ResourceManagerName,
-                               IN PAUTHZ_RESOURCE_MANAGER_HANDLE
pAuthzResourceManager)
-{
-    UNIMPLEMENTED;
-    return FALSE;
-}
-
-
-/*
- * @unimplemented
- */
-AUTHZAPI
-BOOL
-WINAPI
 AuthzInstallSecurityEventSource(IN DWORD dwFlags,
                                 IN PAUTHZ_SOURCE_SCHEMA_REGISTRATION
pRegistration)
 {
  _____
Modified: trunk/reactos/lib/authz/authz.xml
--- trunk/reactos/lib/authz/authz.xml	2005-10-07 00:35:10 UTC (rev
18307)
+++ trunk/reactos/lib/authz/authz.xml	2005-10-07 02:28:42 UTC (rev
18308)
@@ -11,6 +11,7 @@
<library>kernel32</library>
    <library>advapi32</library>
    <file>authz.c</file>
+	<file>resman.c</file>
    <file>authz.rc</file>
    <pch>precomp.h</pch>
 </module>
  _____
Modified: trunk/reactos/lib/authz/precomp.h
--- trunk/reactos/lib/authz/precomp.h	2005-10-07 00:35:10 UTC (rev
18307)
+++ trunk/reactos/lib/authz/precomp.h	2005-10-07 02:28:42 UTC (rev
18308)
@@ -11,5 +11,22 @@
#define UNIMPLEMENTED DbgPrint("AUTHZ.DLL: %s is UNIMPLEMENTED!\n",
__FUNCTION__)
 #endif
+#if DBG
+#define RESMAN_TAG  0x89ABCDEF
+#define VALID_RESMAN_HANDLE(handle) ASSERT(((PAUTHZ_RESMAN)handle)->Tag
== RESMAN_TAG)
+#ifndef ASSERT
+#define ASSERT(cond) if (!(cond)) { DbgPrint("%s:%i: ASSERTION %s
failed!\n", __FILE__, __LINE__, #cond ); }
+#endif
+
+#else
+
+#define VALID_RESMAN_HANDLE(handle)
+#ifndef ASSERT
+#define ASSERT(cond)
+#endif
+
+#endif
+
+
 /* EOF */
  _____
Added: trunk/reactos/lib/authz/resman.c
--- trunk/reactos/lib/authz/resman.c	2005-10-07 00:35:10 UTC (rev
18307)
+++ trunk/reactos/lib/authz/resman.c	2005-10-07 02:28:42 UTC (rev
18308)
@@ -0,0 +1,271 @@
+/*
+ * ReactOS Authorization Framework
+ * Copyright (C) 2005 ReactOS Team
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
USA
+ */
+/* $Id: aclui.c 18173 2005-09-30 18:54:48Z weiden $
+ *
+ * PROJECT:         ReactOS Authorization Framework
+ * FILE:            lib/authz/resman.c
+ * PURPOSE:         Authorization Framework
+ * PROGRAMMER:      Thomas Weidenmueller w3seek@reactos.com
+ *
+ * UPDATE HISTORY:
+ *      10/07/2005  Created
+ */
+#include <precomp.h>
+
+typedef struct _AUTHZ_RESMAN
+{
+#if DBG
+    DWORD Tag;
+#endif
+
+    PFN_AUTHZ_DYNAMIC_ACCESS_CHECK pfnAccessCheck;
+    PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS pfnComputeDynamicGroups;
+    PFN_AUTHZ_FREE_DYNAMIC_GROUPS pfnFreeDynamicGroups;
+    
+    DWORD flags;
+    PSID UserSid;
+    LUID AuthenticationId;
+
+    WCHAR ResourceManagerName[1];
+} AUTHZ_RESMAN, *PAUTHZ_RESMAN;
+
+static BOOL
+AuthzpQueryToken(IN OUT PAUTHZ_RESMAN ResMan,
+                 IN HANDLE hToken)
+{
+    TOKEN_USER User;
+    TOKEN_STATISTICS Statistics;
+    DWORD BufLen;
+    PSID UserSid = NULL;
+    BOOL Ret = FALSE;
+    
+    /* query information about the user */
+    BufLen = sizeof(User);
+    Ret = GetTokenInformation(hToken,
+                              TokenUser,
+                              &User,
+                              BufLen,
+                              &BufLen);
+    if (Ret)
+    {
+        BufLen = GetLengthSid(User.User.Sid);
+        if (BufLen != 0)
+        {
+            UserSid = (PSID)LocalAlloc(LMEM_FIXED,
+                                       BufLen);
+            if (UserSid != NULL)
+            {
+                CopyMemory(UserSid,
+                           User.User.Sid,
+                           BufLen);
+            }
+            else
+                Ret = FALSE;
+        }
+        else
+            Ret = FALSE;
+    }
+    
+    if (Ret)
+    {
+        /* query general information */
+        BufLen = sizeof(Statistics);
+        Ret = GetTokenInformation(hToken,
+                                  TokenUser,
+                                  &Statistics,
+                                  BufLen,
+                                  &BufLen);
+    }
+    
+    if (Ret)
+    {
+        ResMan->UserSid = UserSid;
+        ResMan->AuthenticationId = Statistics.AuthenticationId;
+        Ret = TRUE;
+    }
+    else
+    {
+        if (UserSid != NULL)
+        {
+            LocalFree((HLOCAL)UserSid);
+        }
+    }
+
+    return Ret;
+}
+
+static BOOL
+AuthzpInitUnderImpersonation(IN OUT PAUTHZ_RESMAN ResMan)
+{
+    HANDLE hToken;
+    BOOL Ret;
+
+    Ret = OpenThreadToken(GetCurrentThread(),
+                          TOKEN_QUERY,
+                          TRUE,
+                          &hToken);
+    if (Ret)
+    {
+        Ret = AuthzpQueryToken(ResMan,
+                               hToken);
+        CloseHandle(hToken);
+    }
+    
+    return Ret;
+}
+
+static BOOL
+AuthzpInitSelf(IN OUT PAUTHZ_RESMAN ResMan)
+{
+    HANDLE hToken;
+    BOOL Ret;
+
+    Ret = OpenProcessToken(GetCurrentProcess(),
+                           TOKEN_QUERY,
+                           &hToken);
+    if (Ret)
+    {
+        Ret = AuthzpQueryToken(ResMan,
+                               hToken);
+        CloseHandle(hToken);
+    }
+
+    return Ret;
+}
+
+
+/*
+ * @unimplemented
+ */
+AUTHZAPI
+BOOL
+WINAPI
+AuthzInitializeResourceManager(IN DWORD flags,
+                               IN PFN_AUTHZ_DYNAMIC_ACCESS_CHECK
pfnAccessCheck  OPTIONAL,
+                               IN PFN_AUTHZ_COMPUTE_DYNAMIC_GROUPS
pfnComputeDynamicGroups  OPTIONAL,
+                               IN PFN_AUTHZ_FREE_DYNAMIC_GROUPS
pfnFreeDynamicGroups  OPTIONAL,
+                               IN PCWSTR ResourceManagerName  OPTIONAL,
+                               IN PAUTHZ_RESOURCE_MANAGER_HANDLE
pAuthzResourceManager)
+{
+    BOOL Ret = FALSE;
+
+    if (pAuthzResourceManager != NULL &&
+        !(flags & ~(AUTHZ_RM_FLAG_NO_AUDIT |
AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION)))
+    {
+        PAUTHZ_RESMAN ResMan;
+        SIZE_T RequiredSize = sizeof(AUTHZ_RESMAN);
+        
+        if (ResourceManagerName != NULL)
+        {
+            RequiredSize += wcslen(ResourceManagerName) *
sizeof(WCHAR);
+        }
+        
+        ResMan = (PAUTHZ_RESMAN)LocalAlloc(LMEM_FIXED,
+                                           RequiredSize);
+        if (ResMan != NULL)
+        {
+            /* initialize the resource manager structure */
+#if DBG
+            ResMan->Tag = RESMAN_TAG;
+#endif
+
+            ResMan->flags = flags;
+            ResMan->UserSid = NULL;
+
+            if (ResourceManagerName != NULL)
+            {
+                wcscpy(ResMan->ResourceManagerName,
+                       ResourceManagerName);
+            }
+            else
+                ResMan->ResourceManagerName[0] = UNICODE_NULL;
+            
+            ResMan->pfnAccessCheck = pfnAccessCheck;
+            ResMan->pfnComputeDynamicGroups = pfnComputeDynamicGroups;
+            ResMan->pfnFreeDynamicGroups = pfnFreeDynamicGroups;
+            
+            if (!(flags & AUTHZ_RM_FLAG_NO_AUDIT))
+            {
+                /* FIXME - initialize auditing */
+                DPRINT1("Auditing not implemented!\n");
+            }
+            
+            if (flags & AUTHZ_RM_FLAG_INITIALIZE_UNDER_IMPERSONATION)
+            {
+                Ret = AuthzpInitUnderImpersonation(ResMan);
+            }
+            else
+            {
+                Ret = AuthzpInitSelf(ResMan);
+            }
+            
+            if (Ret)
+            {
+                /* finally return the handle */
+                *pAuthzResourceManager =
(AUTHZ_RESOURCE_MANAGER_HANDLE)ResMan;
+            }
+            else
+            {
+                DPRINT1("Querying the token failed!\n");
+                LocalFree((HLOCAL)ResMan);
+            }
+        }
+    }
+    else
+        SetLastError(ERROR_INVALID_PARAMETER);
+    
+    return Ret;
+}
+
+
+/*
+ * @unimplemented
+ */
+AUTHZAPI
+BOOL
+WINAPI
+AuthzFreeResourceManager(IN AUTHZ_RESOURCE_MANAGER_HANDLE
AuthzResourceManager)
+{
+    BOOL Ret = FALSE;
+
+    if (AuthzResourceManager != NULL)
+    {
+        PAUTHZ_RESMAN ResMan = (PAUTHZ_RESMAN)AuthzResourceManager;
+        
+        VALID_RESMAN_HANDLE(AuthzResourceManager);
+        
+        if (!(ResMan->flags & AUTHZ_RM_FLAG_NO_AUDIT))
+        {
+            /* FIXME - cleanup auditing */
+        }
+        
+        if (ResMan->UserSid != NULL)
+        {
+            LocalFree((HLOCAL)ResMan->UserSid);
+        }
+        
+        LocalFree((HLOCAL)AuthzResourceManager);
+        Ret = TRUE;
+    }
+    else
+        SetLastError(ERROR_INVALID_PARAMETER);
+
+    return Ret;
+}
+
Property changes on: trunk/reactos/lib/authz/resman.c
___________________________________________________________________
Name: svn:keywords
   + author date revision
Name: svn:eol-style
   + native

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[ros-diffs] [weiden] 18308: partly implemented AuthzInitializeResourceManager and AuthzFreeResourceManager (no support for auditing so far)