static DWORD VmAfdAllocateSidFromUid( uid_t uid, PSID *ppSid) { DWORD dwError = 0; NTSTATUS ntStatus = 0; PSID pSid = NULL; PSTR pszSid = NULL; dwError = VmAfdAllocateStringPrintf( &pszSid, "S-1-22-1-%d", /* Unix uid SID string */ uid); BAIL_ON_VMAFD_ERROR(dwError); ntStatus = RtlAllocateSidFromCString( &pSid, pszSid); dwError = LwNtStatusToWin32Error(ntStatus); BAIL_ON_VMAFD_ERROR(dwError); *ppSid = pSid; cleanup: VMAFD_SAFE_FREE_STRINGA(pszSid); return dwError; error: goto cleanup; }
/* * Converts array of sid strings to array of sids */ static PSID* create_sid_list(char **strlist) { int list_len = 0; PSID* sid_list = NULL; int i = 0; if (strlist == NULL) return NULL; /* count the elements (including terminating zero) */ while (strlist[list_len++]); /* allocate the wchar16_t strings array */ sid_list = (PSID*) malloc(sizeof(PSID) * list_len); if (sid_list == NULL) return NULL; memset((void*)sid_list, 0, sizeof(PSID) * list_len); /* copy mbs strings to wchar16_t strings */ for (i = 0; strlist[i] && i < list_len; i++) { RtlAllocateSidFromCString(&sid_list[i], strlist[i]); if (sid_list[i] == NULL) { i--; while (i >= 0) { RTL_FREE(&sid_list[i--]); } free(sid_list); return NULL; } } return sid_list; }
ULONG VmDirAllocateSidFromCString( PCSTR pszSidString, PSID* ppSid ) { return LwNtStatusToWin32Error( RtlAllocateSidFromCString(ppSid, (PCSTR)pszSidString)); }
static DWORD MapNameToSid( HANDLE hLsa, PCWSTR pwszName, PSID* ppSid ) { DWORD dwError = 0; PSTR pszName = NULL; LSA_QUERY_LIST QueryList; PLSA_SECURITY_OBJECT* ppObjects = NULL; dwError = LwWc16sToMbs(pwszName, &pszName); BAIL_ON_SRVSVC_ERROR(dwError); QueryList.ppszStrings = (PCSTR*) &pszName; dwError = LsaFindObjects( hLsa, NULL, 0, LSA_OBJECT_TYPE_UNDEFINED, LSA_QUERY_TYPE_BY_NAME, 1, QueryList, &ppObjects); BAIL_ON_SRVSVC_ERROR(dwError); if (ppObjects[0] == NULL) { dwError = LW_ERROR_NO_SUCH_OBJECT; BAIL_ON_SRVSVC_ERROR(dwError); } dwError = LwNtStatusToWin32Error( RtlAllocateSidFromCString(ppSid, ppObjects[0]->pszObjectSid)); BAIL_ON_SRVSVC_ERROR(dwError); cleanup: LsaFreeSecurityObjectList(1, ppObjects); LW_SAFE_FREE_STRING(pszName); return dwError; error: *ppSid = NULL; goto cleanup; }
static NTSTATUS LwIoFuseCreateAccessTokenForOther( PACCESS_TOKEN* ppOtherToken ) { NTSTATUS status = STATUS_SUCCESS; PACCESS_TOKEN pOtherToken = NULL; TOKEN_USER user = {{0}}; TOKEN_OWNER owner = {0}; TOKEN_GROUPS groups = {0}; TOKEN_PRIVILEGES privileges = {0}; TOKEN_PRIMARY_GROUP primaryGroup = {0}; TOKEN_DEFAULT_DACL dacl = {0}; status = RtlAllocateSidFromCString( &user.User.Sid, "S-1-1-0"); BAIL_ON_NT_STATUS(status); status = RtlCreateAccessToken( &pOtherToken, &user, &groups, &privileges, &owner, &primaryGroup, &dacl, NULL); BAIL_ON_NT_STATUS(status); *ppOtherToken = pOtherToken; cleanup: RTL_FREE(&user.User.Sid); return status; error: *ppOtherToken = NULL; if (pOtherToken) { RtlReleaseAccessToken(&pOtherToken); } goto cleanup; }
static DWORD VmAfdAllocateSidFromCString( PSID *ppSid, PSTR pszSid) { DWORD dwError = 0; NTSTATUS ntStatus = 0; ntStatus = RtlAllocateSidFromCString( ppSid, pszSid); dwError = LwNtStatusToWin32Error(ntStatus); return dwError; }
static DWORD ValidateParameters( PCSTR pszSid ) { DWORD dwError = 0; NTSTATUS ntStatus = STATUS_SUCCESS; PSID pSid = NULL; BAIL_ON_INVALID_STRING(pszSid); ntStatus = RtlAllocateSidFromCString(&pSid, pszSid); if (ntStatus != STATUS_SUCCESS) { dwError = LW_ERROR_INVALID_PARAMETER; BAIL_ON_LSA_ERROR(dwError); } if (RtlValidSid(pSid) && pSid->SubAuthorityCount != 4) { dwError = LW_ERROR_INVALID_PARAMETER; BAIL_ON_LSA_ERROR(dwError); } cleanup: if (pSid) { RTL_FREE(&pSid); } return dwError; error: goto cleanup; }
DWORD LocalMarshalAttrToSid( PDIRECTORY_ENTRY pEntry, PWSTR pwszAttrName, PSID *ppSid ) { DWORD dwError = 0; NTSTATUS ntStatus = 0; PDIRECTORY_ATTRIBUTE pAttr = NULL; PATTRIBUTE_VALUE pAttrValue = NULL; PSID pSid = NULL; DWORD dwSidSize = 0; PSID pRetSid = NULL; BAIL_ON_INVALID_POINTER(pEntry); dwError = LocalFindAttribute( pEntry, pwszAttrName, &pAttr); BAIL_ON_LSA_ERROR(dwError); if (pAttr->ulNumValues > 1) { dwError = LW_ERROR_DATA_ERROR; } else if (pAttr->ulNumValues == 0) { dwError = LW_ERROR_NO_ATTRIBUTE_VALUE; } else { pAttrValue = &pAttr->pValues[0]; if (pAttrValue->Type == DIRECTORY_ATTR_TYPE_UNICODE_STRING) { ntStatus = RtlAllocateSidFromWC16String( &pSid, pAttrValue->data.pwszStringValue); BAIL_ON_NT_STATUS(ntStatus); } else if (pAttrValue->Type == DIRECTORY_ATTR_TYPE_ANSI_STRING) { ntStatus = RtlAllocateSidFromCString( &pSid, pAttrValue->data.pszStringValue); BAIL_ON_NT_STATUS(ntStatus); } else { dwError = LW_ERROR_INVALID_ATTRIBUTE_VALUE; } } BAIL_ON_LSA_ERROR(dwError); dwSidSize = RtlLengthSid(pSid); dwError = LwAllocateMemory( dwSidSize, OUT_PPVOID(&pRetSid)); BAIL_ON_LSA_ERROR(dwError); ntStatus = RtlCopySid( dwSidSize, pRetSid, pSid); BAIL_ON_NT_STATUS(ntStatus); *ppSid = pRetSid; cleanup: RTL_FREE(&pSid); if (dwError == ERROR_SUCCESS && ntStatus != STATUS_SUCCESS) { dwError = LwNtStatusToWin32Error(ntStatus); } return dwError; error: LW_SAFE_FREE_MEMORY(pRetSid); *ppSid = NULL; goto cleanup; }
enum param_err fetch_value( PPARAMETER pParams, int count, const char *key, enum param_type type, void *val, const void *def ) { const char *value; NTSTATUS status; char **valstr, **defstr; char *valchar, *defchar; wchar16_t **valw16str; wchar16_t ***valw16str_list; int *valint, *defint; unsigned int *valuint, *defuint; PSID* valsid = NULL; PSID** valsid_list = NULL; char **strlist = NULL; enum param_err ret = perr_success; int i = 0; if (pParams && !key) return perr_nullptr_passed; if (!val) return perr_invalid_out_param; value = find_value(pParams, count, key); if (!value && !def) return perr_not_found; switch (type) { case pt_string: valstr = (char**)val; defstr = (char**)def; *valstr = (value) ? strdup(value) : strdup(*defstr); break; case pt_w16string: valw16str = (wchar16_t**)val; defstr = (char**)def; *valw16str = (value) ? ambstowc16s(value) : ambstowc16s(*defstr); break; case pt_w16string_list: valw16str_list = (wchar16_t***)val; defstr = (char**)def; strlist = (value) ? get_value_list(value) : get_value_list(*defstr); *valw16str_list = create_wc16str_list(strlist); if (*valw16str_list == NULL) ret = perr_invalid_out_param; break; case pt_char: valchar = (char*)val; defchar = (char*)def; *valchar = (value) ? value[0] : *defchar; break; case pt_int32: valint = (int*)val; defint = (int*)def; *valint = (value) ? atoi(value) : *defint; break; case pt_uint32: valuint = (unsigned int*)val; defuint = (unsigned int*)def; *valuint = (unsigned int)((value) ? atol(value) : *defuint); break; case pt_sid: valsid = (PSID*)val; defstr = (char**)def; status = RtlAllocateSidFromCString(valsid, ((value) ? (const char*)value : *defstr)); if (status != STATUS_SUCCESS) ret = perr_invalid_out_param; break; case pt_sid_list: valsid_list = (PSID**)val; defstr = (char**)def; strlist = get_value_list((value) ? (const char*)value : *defstr); *valsid_list = create_sid_list(strlist); if (*valsid_list == NULL) ret = perr_invalid_out_param; break; default: ret = perr_unknown_type; break; } if (strlist) { i = 0; while (strlist[i]) { free(strlist[i++]); } free(strlist); } return ret; }