bool vncImportACL::FillAceData(const TCHAR *type, DWORD mask, const TCHAR *user){ ACE_TYPE acetype; TCHAR *domainaccount = NULL; PSID pSID = NULL; //type if (_tcsicmp(type, _T("allow")) == 0) acetype = ACCESS_ALLOWED; else if (_tcsicmp(type, _T("deny")) == 0) acetype = ACCESS_DENIED; else { _ftprintf(stderr, _T("error with ACE type, neither 'allow' nor 'deny'\n")); return false; } //mask mask &= ALL_RIGHTS; // if name starts with ".\", replace the dot with the computername. // if name starts with "..\", replace the dots with the domainname. if (_tcsncmp(user, _T(".\\"), 2) == 0) domainaccount = AddComputername(user); else if (_tcsncmp(user, _T("..\\"), 2) == 0) domainaccount = AddDomainname(user); else { domainaccount = new TCHAR[_tcslen(user)+1]; _tcscpy(domainaccount,user); } pSID = GetSID(domainaccount); if (!pSID) return false; _tprintf(_T("account: %s, mask: %x, type: %s\n"), domainaccount, mask, acetype == ACCESS_ALLOWED ? _T("allow") : _T("deny")); ACE_DATA *ace = new ACE_DATA; ace->type = acetype; ace->mask = mask; ace->pSID = pSID; switch (acetype){ case ACCESS_ALLOWED: ace->next = lastAllowACE; lastAllowACE = ace; break; case ACCESS_DENIED: ace->next = lastDenyACE; lastDenyACE = ace; break; default: break; } delete [] domainaccount; domainaccount = NULL; return true; // Needs better error signalling. }
void hkcu_init(void) { PSID sid = GetSID(); LPWSTR sidstr; ConvertSidToStringSidW(sid, &sidstr); g_hkcu.len = lstrlenW(sidstr) + lstrlenW(L"\\REGISTRY\\USER\\"); g_hkcu.hkcu_string = malloc((g_hkcu.len + 1) * sizeof(wchar_t)); wcscpy(g_hkcu.hkcu_string, L"\\REGISTRY\\USER\\"); wcscat(g_hkcu.hkcu_string, sidstr); LocalFree(sidstr); }
/* * read or write I/O to a file * buffer is allocated by the procedure. path is UTF-8 */ BOOL FileIO(BOOL save, char* path, char** buffer, DWORD* size) { SECURITY_ATTRIBUTES s_attr, *ps = NULL; SECURITY_DESCRIPTOR s_desc; PSID sid = NULL; HANDLE handle; BOOL r; BOOL ret = FALSE; // Change the owner from admin to regular user sid = GetSID(); if ( (sid != NULL) && InitializeSecurityDescriptor(&s_desc, SECURITY_DESCRIPTOR_REVISION) && SetSecurityDescriptorOwner(&s_desc, sid, FALSE) ) { s_attr.nLength = sizeof(SECURITY_ATTRIBUTES); s_attr.bInheritHandle = FALSE; s_attr.lpSecurityDescriptor = &s_desc; ps = &s_attr; } else { uprintf("Could not set security descriptor: %s\n", WindowsErrorString()); } if (!save) { *buffer = NULL; } handle = CreateFileU(path, save?GENERIC_WRITE:GENERIC_READ, FILE_SHARE_READ, ps, save?CREATE_ALWAYS:OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); if (handle == INVALID_HANDLE_VALUE) { uprintf("Could not %s file '%s'\n", save?"create":"open", path); goto out; } if (save) { r = WriteFile(handle, *buffer, *size, size, NULL); } else { *size = GetFileSize(handle, NULL); *buffer = (char*)malloc(*size); if (*buffer == NULL) { uprintf("Could not allocate buffer for reading file\n"); goto out; } r = ReadFile(handle, *buffer, *size, size, NULL); } if (!r) { uprintf("I/O Error: %s\n", WindowsErrorString()); goto out; } PrintInfoDebug(0, save?MSG_216:MSG_215, path); ret = TRUE; out: CloseHandle(handle); if (!ret) { // Only leave a buffer allocated if successful *size = 0; if (!save) { safe_free(*buffer); } } return ret; }
HRESULT TCUserAccount::SetRunAsUser(LPCTSTR szAppID, LPCTSTR szUserName, LPCTSTR szPassword) { // Not supported under Windows9x if (IsWin9x()) return S_FALSE; // Copy the specified AppID string to a non-const wide string USES_CONVERSION; UINT cchAppID = max(_tcslen(szAppID), 48) + 1; LPWSTR pszAppID = (LPWSTR)_alloca(cchAppID * sizeof(WCHAR)); wcscpy(pszAppID, T2CW(szAppID)); // Resolve the specified string to an AppID HKEY hkey = NULL; RETURN_FAILED(ResolveAppID(pszAppID, &hkey)); CRegKey key; key.Attach(hkey); // Ensure that we have a domain name LPCTSTR pszUserName = szUserName; LPCTSTR pszWhack = _tcschr(szUserName, TEXT('\\')); if (!pszWhack || pszWhack == szUserName || (pszWhack == (szUserName + 1) && TEXT('.') == *szUserName)) { // Get the domain name and user name TCCoTaskPtr<LPTSTR> spszDomainName; RETURN_FAILED(GetSID(szUserName, NULL, &spszDomainName)); LPCTSTR pszUserOnly = pszWhack ? pszWhack + 1 : szUserName; // Concatenate the user name onto the domain name UINT cch = _tcslen(spszDomainName) + _tcslen(pszUserOnly) + 2; LPTSTR pszUserNameTemp = (LPTSTR)_alloca(cch * sizeof(TCHAR)); _tcscpy(pszUserNameTemp, spszDomainName); _tcscat(pszUserNameTemp, TEXT("\\")); _tcscat(pszUserNameTemp, pszUserOnly); pszUserName = pszUserNameTemp; } // Open the local security policy TCLsaHandle hPolicy; LSA_OBJECT_ATTRIBUTES oa = {sizeof(oa)}; RETURN_FAILED(LsaOpenPolicy(NULL, &oa, POLICY_CREATE_SECRET, &hPolicy)); // Format the key string WCHAR szKey[48] = L"SCM:"; wcscat(szKey, pszAppID); // Create an LSA_UNICODE_STRING for the key name LSA_UNICODE_STRING lsaKeyString; lsaKeyString.Length = (wcslen(szKey) + 1) * sizeof(WCHAR); lsaKeyString.MaximumLength = lsaKeyString.Length; lsaKeyString.Buffer = szKey; // Copy the specified password string to a non-const wide string UINT cchPassword = _tcslen(szPassword); LPWSTR pszPassword = (LPWSTR)_alloca((cchPassword + 1) * sizeof(WCHAR)); wcscpy(pszPassword, T2CW(szPassword)); // Create an LSA_UNICODE_STRING for the password string LSA_UNICODE_STRING lsaPasswordString; lsaPasswordString.Length = (cchPassword + 1) * sizeof(WCHAR); lsaPasswordString.MaximumLength = lsaPasswordString.Length; lsaPasswordString.Buffer = pszPassword; // Store the specified password RETURN_FAILED(LsaStorePrivateData(hPolicy, &lsaKeyString, &lsaPasswordString)); // Set the specified user name as the RunAs user for the AppID // mdvalley: Another former SetStringValue LONG lr = key.SetValue(TEXT("RunAs"), pszUserName); if (lr) return HRESULT_FROM_WIN32(lr); // Indicate success return S_OK; }
HRESULT TCUserAccount::Init(LPCWSTR szUserName) { // Not supported under Windows9x if (IsWin9x()) return S_FALSE; // Delete any previous user name m_spszUserName = NULL; // Delete any previous SID m_spSIDPrincipal = NULL; // Get the SID and domain name of the specified user RETURN_FAILED(GetSID(szUserName, &m_spSIDPrincipal, &m_spszDomainName)); // Get a pointer to just the user name (no domain) LPCWSTR pszWhack = wcschr(szUserName, L'\\'); LPCWSTR pszUserOnly = pszWhack ? pszWhack + 1 : szUserName; // Save the user name int cchUserName = wcslen(pszUserOnly) + 1; m_spszUserName = (LPWSTR)CoTaskMemAlloc(cchUserName * sizeof(WCHAR)); wcscpy(m_spszUserName, pszUserOnly); // Get the server information of the local machine TCNetApiPtr<SERVER_INFO_101*> si101; DWORD dw = NetServerGetInfo(NULL, 101, (LPBYTE*)&si101); if (NERR_Success != dw) return HRESULT_FROM_WIN32(dw); // Declare and initialize an LSA_OBJECT_ATTRIBUTES structure LSA_OBJECT_ATTRIBUTES oa = {sizeof(oa)}; // Special processing when the local computer is a backup domain controller TCNetApiPtr<WCHAR*> domainController; if (si101->sv101_type & SV_TYPE_DOMAIN_BAKCTRL) { // Get the server name of the primary domain controller TCNetApiPtr<USER_MODALS_INFO_2*> umi2; if (0 == (dw = NetUserModalsGet(NULL, 2, (LPBYTE*)&umi2))) { // Get the domain name of the primary domain controller NetGetDCName(NULL, umi2->usrmod2_domain_name, (LPBYTE*)&domainController); // Create an LSA_UNICODE_STRING for the name of the PDC LSA_UNICODE_STRING lsaPDC; lsaPDC.Length = (USHORT)((wcslen(domainController) * sizeof(WCHAR))-2); lsaPDC.MaximumLength = (USHORT)(lsaPDC.Length + sizeof(WCHAR)); lsaPDC.Buffer = &domainController[2]; // Open the policy of the primary domain controller RETURN_FAILED(LsaOpenPolicy(&lsaPDC, &oa, POLICY_CREATE_ACCOUNT | POLICY_LOOKUP_NAMES, &m_hPolicy)); } } // Open the policy of the local computer if not a BDC or if anything failed if (domainController.IsNull()) { RETURN_FAILED(LsaOpenPolicy(NULL, &oa, POLICY_CREATE_ACCOUNT | POLICY_LOOKUP_NAMES, &m_hPolicy)); } // Indicate success return S_OK; }