BOOL SetFileDacl(LPCWSTR path)
{
BOOL bRet = FALSE;
WCHAR sddl[MAX_KRNLOBJNAME] = {L'\0'};
PSECURITY_DESCRIPTOR pSD = NULL;
LPWSTR pszUserSid;
if(GetUserSid(&pszUserSid))
{
_snwprintf_s(sddl, _TRUNCATE, L"D:%s(A;;FR;;;RC)(A;;FA;;;SY)(A;;FA;;;BA)(A;;FA;;;%s)",
(IsVersion62AndOver() ? L"(A;;FR;;;AC)" : L""), pszUserSid);
LocalFree(pszUserSid);
}
if(ConvertStringSecurityDescriptorToSecurityDescriptorW(sddl, SDDL_REVISION_1, &pSD, NULL))
{
if(SetFileSecurityW(path, DACL_SECURITY_INFORMATION, pSD))
{
bRet = TRUE;
}
LocalFree(pSD);
}
return bRet;
}
BOOL SetFileDacl(LPCWSTR path)
{
BOOL bRet = FALSE;
WCHAR sddl[MAX_KRNLOBJNAME] = {L'\0'};
PSECURITY_DESCRIPTOR psd = nullptr;
LPWSTR pszUserSid;
if(GetUserSid(&pszUserSid))
{
// SDDL_ALL_APP_PACKAGES / SDDL_RESTRICTED_CODE / SDDL_LOCAL_SYSTEM / SDDL_BUILTIN_ADMINISTRATORS / User SID
_snwprintf_s(sddl, _TRUNCATE, L"D:%s(A;;FR;;;RC)(A;;FA;;;SY)(A;;FA;;;BA)(A;;FA;;;%s)",
(IsWindowsVersion62OrLater() ? L"(A;;FR;;;AC)" : L""), pszUserSid);
LocalFree(pszUserSid);
}
if(ConvertStringSecurityDescriptorToSecurityDescriptorW(sddl, SDDL_REVISION_1, &psd, nullptr))
{
if(SetFileSecurityW(path, DACL_SECURITY_INFORMATION, psd))
{
bRet = TRUE;
}
LocalFree(psd);
}
return bRet;
}
void CreateIpcName()
{
ZeroMemory(krnlobjsddl, sizeof(krnlobjsddl));
ZeroMemory(mgrpipename, sizeof(mgrpipename));
ZeroMemory(mgrmutexname, sizeof(mgrmutexname));
LPWSTR pszUserSid = nullptr;
if(GetUserSid(&pszUserSid))
{
// SDDL_ALL_APP_PACKAGES / SDDL_RESTRICTED_CODE / SDDL_LOCAL_SYSTEM / SDDL_BUILTIN_ADMINISTRATORS / User SID
_snwprintf_s(krnlobjsddl, _TRUNCATE, L"D:%s(A;;GA;;;RC)(A;;GA;;;SY)(A;;GA;;;BA)(A;;GA;;;%s)",
(IsWindowsVersion62OrLater() ? L"(A;;GA;;;AC)" : L""), pszUserSid);
// (SDDL_MANDATORY_LABEL, SDDL_NO_WRITE_UP, SDDL_ML_LOW)
wcsncat_s(krnlobjsddl, L"S:(ML;;NW;;;LW)", _TRUNCATE);
LocalFree(pszUserSid);
}
LPWSTR pszUserUUID = nullptr;
if(GetUserUUID(&pszUserUUID))
{
_snwprintf_s(mgrpipename, _TRUNCATE, L"%s%s", IMCRVMGRPIPE, pszUserUUID);
_snwprintf_s(mgrmutexname, _TRUNCATE, L"%s%s", IMCRVMGRMUTEX, pszUserUUID);
LocalFree(pszUserUUID);
}
}
void CreateConfigPath()
{
WCHAR appdata[MAX_PATH];
pathconfigxml[0] = L'\0';
if(SHGetFolderPathW(NULL, CSIDL_APPDATA | CSIDL_FLAG_DONT_VERIFY, NULL, SHGFP_TYPE_CURRENT, appdata) != S_OK)
{
appdata[0] = L'\0';
return;
}
wcsncat_s(appdata, L"\\", _TRUNCATE);
wcsncat_s(appdata, TextServiceDesc, _TRUNCATE);
wcsncat_s(appdata, L"\\", _TRUNCATE);
_wmkdir(appdata);
SetCurrentDirectoryW(appdata);
_snwprintf_s(pathconfigxml, _TRUNCATE, L"%s%s", appdata, fnconfigxml);
LPWSTR pszUserSid;
WCHAR szDigest[32+1];
MD5_DIGEST digest;
int i;
ZeroMemory(cnfmutexname, sizeof(cnfmutexname));
ZeroMemory(szDigest, sizeof(szDigest));
if(GetUserSid(&pszUserSid))
{
if(GetMD5(&digest, (CONST BYTE *)pszUserSid, (DWORD)wcslen(pszUserSid)*sizeof(WCHAR)))
{
for(i=0; i<_countof(digest.digest); i++)
{
_snwprintf_s(&szDigest[i*2], _countof(szDigest)-i*2, _TRUNCATE, L"%02x", digest.digest[i]);
}
}
LocalFree(pszUserSid);
}
_snwprintf_s(cnfmutexname, _TRUNCATE, L"%s%s", VIMCNFMUTEX, szDigest);
}
// Initialize the User Conversation Interface.
DWORD InitConvInterface ( VOID )
{
HANDLE hThread, hThreadTcpip;
DWORD dwThreadID, dwThreadIDTcpip;
PSID pOwnerSid = NULL, pGroupSid = NULL;
BOOL fSuccess = TRUE;
PACL pAcl = NULL;
DWORD cbAcl;
DWORD dwRetCode;
PSID pSystemSid = NULL, pAnonymousSid = NULL, pInteractiveSid = NULL;
__try {
#ifndef TREESVR_STANDALONE
pOwnerSid = GetUserSid();
if( pOwnerSid == NULL )
__leave;
/*
fSuccess = GetAccountSid( NULL, "TreeServer Users", &pGroupSid );
if ( !fSuccess )
__leave;
*/
pGroupSid = CreateWorldSid();
if( pGroupSid == NULL )
__leave;
pSystemSid = CreateSystemSid();
if( pSystemSid == NULL )
__leave;
pAnonymousSid = CreateAnonymousSid();
if( pAnonymousSid == NULL )
__leave;
pInteractiveSid = CreateInteractiveSid();
if( pInteractiveSid == NULL )
__leave;
cbAcl = GetLengthSid( pOwnerSid ) + GetLengthSid( pGroupSid ) +
GetLengthSid( pSystemSid ) + GetLengthSid( pAnonymousSid ) + GetLengthSid( pInteractiveSid ) +
sizeof(ACL) + (5 * (sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD)));
pAcl = (PACL) HeapAlloc(GetProcessHeap(), 0, cbAcl);
if (NULL == pAcl)
__leave;
fSuccess = InitializeAcl(pAcl,
cbAcl,
ACL_REVISION);
if (FALSE == fSuccess)
__leave;
fSuccess = AddAccessAllowedAce(pAcl,
ACL_REVISION,
GENERIC_ALL,
pOwnerSid);
if (FALSE == fSuccess)
__leave;
fSuccess = AddAccessAllowedAce(pAcl,
ACL_REVISION,
GENERIC_ALL,//GENERIC_READ|GENERIC_WRITE,
pGroupSid);
if (FALSE == fSuccess)
__leave;
fSuccess = AddAccessAllowedAce(pAcl,
ACL_REVISION,
GENERIC_ALL,
pSystemSid);
if (FALSE == fSuccess)
__leave;
fSuccess = AddAccessAllowedAce(pAcl,
ACL_REVISION,
GENERIC_ALL,
pInteractiveSid);
if (FALSE == fSuccess)
__leave;
fSuccess = AddAccessAllowedAce(pAcl,
ACL_REVISION,
GENERIC_ALL,
pAnonymousSid);
if (FALSE == fSuccess)
__leave;
InitializeSecurityDescriptor( &sd, SECURITY_DESCRIPTOR_REVISION );
fSuccess = SetSecurityDescriptorDacl(&sd,
TRUE,
pAcl,
FALSE);
if (FALSE == fSuccess)
__leave;
fSuccess = SetSecurityDescriptorOwner(
&sd,
pOwnerSid,
FALSE );
if ( !fSuccess )
__leave;
fSuccess = SetSecurityDescriptorGroup(
&sd,
pGroupSid,
FALSE );
if ( !fSuccess )
__leave;
sa.nLength = sizeof( SECURITY_ATTRIBUTES );
sa.lpSecurityDescriptor = (LPVOID)&sd;
sa.bInheritHandle = FALSE;
#endif
// Create the NamedPipe server thread, Process the user's connection.
hThread = CreateThread( NULL,
0,
(LPTHREAD_START_ROUTINE)PipeSelectConnectThread,
(LPVOID)NULL,
0,
&dwThreadID );
// If operation not completed, return the system error code.
if( hThread == NULL )
{
fSuccess = FALSE;
__leave;
}
#ifndef TREESVR_STANDALONE
hThreadTcpip = CreateThread( NULL,
0,
(LPTHREAD_START_ROUTINE)TcpipSelectConnectThread,
(LPVOID)NULL,
0,
&dwThreadIDTcpip );
// If operation not completed, return the system error code.
if( hThreadTcpip == NULL )
{
fSuccess = FALSE;
__leave;
}
#endif
}
__finally {
if( fSuccess ) {
// Set the thread Prority Class.
SetThreadPriority( hThread, THREAD_PRIORITY_ABOVE_NORMAL );
SystemResInfo.hConvThread = hThread;
SystemResInfo.dwConvThreadId = dwThreadID;
#ifndef TREESVR_STANDALONE
// Set the thread Prority Class.
SetThreadPriority( hThreadTcpip, THREAD_PRIORITY_ABOVE_NORMAL );
SystemResInfo.hConvThreadTcpip = hThreadTcpip;
SystemResInfo.dwConvThreadIdTcpip = dwThreadIDTcpip;
#endif
dwRetCode = TERR_SUCCESS;
}
else {
if( hThread != NULL ) {
CloseHandle( hThread );
}
dwRetCode = GetLastError();
if( pOwnerSid )
HeapFree( GetProcessHeap(), 0, pOwnerSid );
if( pGroupSid )
HeapFree( GetProcessHeap(), 0, pGroupSid );
if( pSystemSid )
HeapFree( GetProcessHeap(), 0, pSystemSid );
if( pInteractiveSid )
HeapFree( GetProcessHeap(), 0, pInteractiveSid );
if( pAnonymousSid )
HeapFree( GetProcessHeap(), 0, pAnonymousSid );
if( pAcl )
HeapFree( GetProcessHeap(), 0, pAcl );
}
}
return dwRetCode;
}
//
// Create a primary access token for specified user account
//
HANDLE CreateToken(LPCTSTR szUserName)
{
SID_IDENTIFIER_AUTHORITY nt = SECURITY_NT_AUTHORITY;
SECURITY_QUALITY_OF_SERVICE sqos = { sizeof(sqos), SecurityAnonymous, SECURITY_STATIC_TRACKING, FALSE };
HANDLE hToken;
PSID sid;
TOKEN_USER user;
LUID authid = SYSTEM_LUID;
OBJECT_ATTRIBUTES oa = { sizeof(oa), 0, 0, 0, 0, &sqos };
TOKEN_SOURCE source = {{'*', '*', 'A', 'N', 'O', 'N', '*', '*'}, {0, 0}};
HANDLE hToken2 = 0;
PTOKEN_STATISTICS stats;
PVOID tokarr[5];
int i;
DWORD status;
// Get address of Nt/ZwCreateToken from NTDLL.DLL
ZwCreateToken = (PVOID)GetProcAddress(GetModuleHandle("ntdll.dll"), "ZwCreateToken");
RtlNtStatusToDosError = (PVOID)GetProcAddress(GetModuleHandle("ntdll.dll"), "RtlNtStatusToDosError");
if(ZwCreateToken == 0 || RtlNtStatusToDosError == 0)
return 0;
// Must have SeCreateToken privilege
if(!EnablePrivilege(SE_CREATE_TOKEN_NAME, TRUE)){
DBG("EnablePrivilege failed\n");
}
// Use an existing process token as our basic for a new token
if(!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_QUERY_SOURCE, &hToken))
return 0;
// Convert username to a SID
if((sid = GetUserSid(szUserName)) == 0)
{
CloseHandle(hToken);
return 0;
}
user.User.Attributes = 0;
user.User.Sid = sid;
if(!AllocateLocallyUniqueId(&source.SourceIdentifier))
{
free(sid);
CloseHandle(hToken);
return 0;
}
if(!GetTokenInfo(hToken, TokenStatistics, &stats))
{
free(sid);
CloseHandle(hToken);
return 0;
}
//
// Undocumented ZwCreateToken service: will not work for us
// under WIN2003, will need to do this from WINLOGON process in future?
//
status = ZwCreateToken(&hToken2, TOKEN_ALL_ACCESS, &oa, TokenPrimary,
(PLUID)&authid,
(PLARGE_INTEGER)&stats->ExpirationTime,
&user,
(PTOKEN_GROUPS) GetTokenInfo(hToken, TokenGroups, &tokarr[0]),
(PTOKEN_PRIVILEGES) GetTokenInfo(hToken, TokenPrivileges, &tokarr[1]),
(PTOKEN_OWNER) GetTokenInfo(hToken, TokenOwner, &tokarr[2]),
(PTOKEN_PRIMARY_GROUP) GetTokenInfo(hToken, TokenPrimaryGroup, &tokarr[3]),
(PTOKEN_DEFAULT_DACL) GetTokenInfo(hToken, TokenDefaultDacl, &tokarr[4]),
&source);
for(i = 0; i < 5; i++)
free(tokarr[i]);
free(stats);
free(sid);
CloseHandle(hToken);
SetLastError(RtlNtStatusToDosError(status));
return hToken2;
}
static
BOOL
GetUserAndDomainName(IN HANDLE hToken,
OUT LPWSTR *UserName,
OUT LPWSTR *DomainName)
{
BOOL bRet = TRUE;
PSID Sid = NULL;
LPWSTR lpUserName = NULL;
LPWSTR lpDomainName = NULL;
DWORD cbUserName = 0;
DWORD cbDomainName = 0;
SID_NAME_USE SidNameUse;
Sid = GetUserSid(hToken);
if (Sid == NULL)
{
DPRINT1("GetUserSid() failed\n");
return FALSE;
}
if (!LookupAccountSidW(NULL,
Sid,
NULL,
&cbUserName,
NULL,
&cbDomainName,
&SidNameUse))
{
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
{
bRet = FALSE;
goto done;
}
}
lpUserName = LocalAlloc(LPTR, cbUserName * sizeof(WCHAR));
if (lpUserName == NULL)
{
bRet = FALSE;
goto done;
}
lpDomainName = LocalAlloc(LPTR, cbDomainName * sizeof(WCHAR));
if (lpDomainName == NULL)
{
bRet = FALSE;
goto done;
}
if (!LookupAccountSidW(NULL,
Sid,
lpUserName,
&cbUserName,
lpDomainName,
&cbDomainName,
&SidNameUse))
{
bRet = FALSE;
goto done;
}
*UserName = lpUserName;
*DomainName = lpDomainName;
done:
if (bRet == FALSE)
{
if (lpUserName != NULL)
LocalFree(lpUserName);
if (lpDomainName != NULL)
LocalFree(lpDomainName);
}
LocalFree(Sid);
return bRet;
}
