Author: ekohl Date: Mon Mar 11 21:01:30 2013 New Revision: 58472

URL: http://svn.reactos.org/svn/reactos?rev=58472&view=rev Log: [SAMSRV] - Implement SamIConnect. - Add a trusted caller flag to the database object type and inherit it to opened or created sub objects. - Restrict access to SamrQueryInformationUser.UserInternal1Information for non-trusted callers.

Modified: trunk/reactos/dll/win32/samsrv/database.c trunk/reactos/dll/win32/samsrv/samrpc.c trunk/reactos/dll/win32/samsrv/samsrv.c trunk/reactos/dll/win32/samsrv/samsrv.h trunk/reactos/dll/win32/samsrv/samsrv.spec

Modified: trunk/reactos/dll/win32/samsrv/database.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/database.c... ============================================================================== --- trunk/reactos/dll/win32/samsrv/database.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/database.c [iso-8859-1] Mon Mar 11 21:01:30 2013 @@ -210,7 +210,7 @@ }

NewObject = RtlAllocateHeap(RtlGetProcessHeap(), - 0, + HEAP_ZERO_MEMORY, sizeof(SAM_DB_OBJECT)); if (NewObject == NULL) { @@ -243,6 +243,9 @@ NewObject->RelativeId = RelativeId; NewObject->ParentObject = ParentObject;

+ if (ParentObject != NULL) + NewObject->Trusted = ParentObject->Trusted; + *DbObject = NewObject;

return STATUS_SUCCESS; @@ -359,7 +362,7 @@ }

NewObject = RtlAllocateHeap(RtlGetProcessHeap(), - 0, + HEAP_ZERO_MEMORY, sizeof(SAM_DB_OBJECT)); if (NewObject == NULL) { @@ -391,6 +394,9 @@ NewObject->RelativeId = RelativeId; NewObject->ParentObject = ParentObject;

+ if (ParentObject != NULL) + NewObject->Trusted = ParentObject->Trusted; + *DbObject = NewObject;

return STATUS_SUCCESS;

Modified: trunk/reactos/dll/win32/samsrv/samrpc.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samrpc.c?r... ============================================================================== --- trunk/reactos/dll/win32/samsrv/samrpc.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/samrpc.c [iso-8859-1] Mon Mar 11 21:01:30 2013 @@ -56,6 +56,8 @@ USER_EXECUTE, USER_ALL_ACCESS }; + +PGENERIC_MAPPING pServerMapping = &ServerMapping;

/* FUNCTIONS *****************************************************************/ @@ -6043,13 +6045,18 @@ }

-static NTSTATUS +static +NTSTATUS SampQueryUserInternal1(PSAM_DB_OBJECT UserObject, - PSAMPR_USER_INFO_BUFFER *Buffer) + PSAMPR_USER_INFO_BUFFER *Buffer) { PSAMPR_USER_INFO_BUFFER InfoBuffer = NULL; ULONG Length = 0; NTSTATUS Status = STATUS_SUCCESS; + + /* Fail, if the caller is not a trusted caller */ + if (UserObject->Trusted == FALSE) + return STATUS_INVALID_INFO_CLASS;

*Buffer = NULL;

Modified: trunk/reactos/dll/win32/samsrv/samsrv.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samsrv.c?r... ============================================================================== --- trunk/reactos/dll/win32/samsrv/samsrv.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/samsrv.c [iso-8859-1] Mon Mar 11 21:01:30 2013 @@ -24,6 +24,43 @@ WINE_DEFAULT_DEBUG_CHANNEL(samsrv);

/* FUNCTIONS ****************************************************************/ + +NTSTATUS +NTAPI +SamIConnect(IN PSAMPR_SERVER_NAME ServerName, + OUT SAMPR_HANDLE *ServerHandle, + IN ACCESS_MASK DesiredAccess, + IN BOOLEAN Trusted) +{ + PSAM_DB_OBJECT ServerObject; + NTSTATUS Status; + + TRACE("SamIConnect(%p %p %lx %ld)\n", + ServerName, ServerHandle, DesiredAccess, Trusted); + + /* Map generic access rights */ + RtlMapGenericMask(&DesiredAccess, + pServerMapping); + + /* Open the Server Object */ + Status = SampOpenDbObject(NULL, + NULL, + L"SAM", + 0, + SamDbServerObject, + DesiredAccess, + &ServerObject); + if (NT_SUCCESS(Status)) + { + ServerObject->Trusted = Trusted; + *ServerHandle = (SAMPR_HANDLE)ServerObject; + } + + TRACE("SamIConnect done (Status 0x%08lx)\n", Status); + + return Status; +} +

NTSTATUS NTAPI

Modified: trunk/reactos/dll/win32/samsrv/samsrv.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samsrv.h?r... ============================================================================== --- trunk/reactos/dll/win32/samsrv/samsrv.h [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/samsrv.h [iso-8859-1] Mon Mar 11 21:01:30 2013 @@ -50,6 +50,7 @@ HANDLE KeyHandle; HANDLE MembersKeyHandle; // only used by Aliases ULONG RelativeId; + BOOLEAN Trusted; struct _SAM_DB_OBJECT *ParentObject; } SAM_DB_OBJECT, *PSAM_DB_OBJECT;

@@ -113,6 +114,9 @@ } SAM_USER_FIXED_DATA, *PSAM_USER_FIXED_DATA;

+extern PGENERIC_MAPPING pServerMapping; + + /* database.c */

NTSTATUS

Modified: trunk/reactos/dll/win32/samsrv/samsrv.spec URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samsrv.spe... ============================================================================== --- trunk/reactos/dll/win32/samsrv/samsrv.spec [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/samsrv.spec [iso-8859-1] Mon Mar 11 21:01:30 2013 @@ -4,7 +4,7 @@ @ stub SamIAmIGC @ stub SamIChangePasswordForeignUser @ stub SamIChangePasswordForeignUser2 -@ stub SamIConnect +@ stdcall SamIConnect(ptr ptr long long) @ stub SamICreateAccountByRid @ stub SamIDemote @ stub SamIDemoteUndo @@ -156,4 +156,4 @@ @ stdcall SamrTestPrivateFunctionsDomain(ptr) @ stdcall SamrTestPrivateFunctionsUser(ptr) @ stdcall SamrUnicodeChangePasswordUser2(ptr ptr ptr ptr ptr long ptr ptr) -; EOF +; EOF