bool vncImportACL::FillAceData(const TCHAR *type,
DWORD mask,
const TCHAR *user){
ACE_TYPE acetype;
TCHAR *domainaccount = NULL;
PSID pSID = NULL;
//type
if (_tcsicmp(type, _T("allow")) == 0)
acetype = ACCESS_ALLOWED;
else if (_tcsicmp(type, _T("deny")) == 0)
acetype = ACCESS_DENIED;
else {
_ftprintf(stderr, _T("error with ACE type, neither 'allow' nor 'deny'\n"));
return false;
}
//mask
mask &= ALL_RIGHTS;
// if name starts with ".\", replace the dot with the computername.
// if name starts with "..\", replace the dots with the domainname.
if (_tcsncmp(user, _T(".\\"), 2) == 0)
domainaccount = AddComputername(user);
else if (_tcsncmp(user, _T("..\\"), 2) == 0)
domainaccount = AddDomainname(user);
else {
domainaccount = new TCHAR[_tcslen(user)+1];
_tcscpy(domainaccount,user);
}
pSID = GetSID(domainaccount);
if (!pSID)
return false;
_tprintf(_T("account: %s, mask: %x, type: %s\n"),
domainaccount, mask, acetype == ACCESS_ALLOWED ? _T("allow") : _T("deny"));
ACE_DATA *ace = new ACE_DATA;
ace->type = acetype;
ace->mask = mask;
ace->pSID = pSID;
switch (acetype){
case ACCESS_ALLOWED:
ace->next = lastAllowACE;
lastAllowACE = ace;
break;
case ACCESS_DENIED:
ace->next = lastDenyACE;
lastDenyACE = ace;
break;
default:
break;
}
delete [] domainaccount;
domainaccount = NULL;
return true; // Needs better error signalling.
}
void hkcu_init(void)
{
PSID sid = GetSID();
LPWSTR sidstr;
ConvertSidToStringSidW(sid, &sidstr);
g_hkcu.len = lstrlenW(sidstr) + lstrlenW(L"\\REGISTRY\\USER\\");
g_hkcu.hkcu_string = malloc((g_hkcu.len + 1) * sizeof(wchar_t));
wcscpy(g_hkcu.hkcu_string, L"\\REGISTRY\\USER\\");
wcscat(g_hkcu.hkcu_string, sidstr);
LocalFree(sidstr);
}
/*
* read or write I/O to a file
* buffer is allocated by the procedure. path is UTF-8
*/
BOOL FileIO(BOOL save, char* path, char** buffer, DWORD* size)
{
SECURITY_ATTRIBUTES s_attr, *ps = NULL;
SECURITY_DESCRIPTOR s_desc;
PSID sid = NULL;
HANDLE handle;
BOOL r;
BOOL ret = FALSE;
// Change the owner from admin to regular user
sid = GetSID();
if ( (sid != NULL)
&& InitializeSecurityDescriptor(&s_desc, SECURITY_DESCRIPTOR_REVISION)
&& SetSecurityDescriptorOwner(&s_desc, sid, FALSE) ) {
s_attr.nLength = sizeof(SECURITY_ATTRIBUTES);
s_attr.bInheritHandle = FALSE;
s_attr.lpSecurityDescriptor = &s_desc;
ps = &s_attr;
} else {
uprintf("Could not set security descriptor: %s\n", WindowsErrorString());
}
if (!save) {
*buffer = NULL;
}
handle = CreateFileU(path, save?GENERIC_WRITE:GENERIC_READ, FILE_SHARE_READ,
ps, save?CREATE_ALWAYS:OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
if (handle == INVALID_HANDLE_VALUE) {
uprintf("Could not %s file '%s'\n", save?"create":"open", path);
goto out;
}
if (save) {
r = WriteFile(handle, *buffer, *size, size, NULL);
} else {
*size = GetFileSize(handle, NULL);
*buffer = (char*)malloc(*size);
if (*buffer == NULL) {
uprintf("Could not allocate buffer for reading file\n");
goto out;
}
r = ReadFile(handle, *buffer, *size, size, NULL);
}
if (!r) {
uprintf("I/O Error: %s\n", WindowsErrorString());
goto out;
}
PrintInfoDebug(0, save?MSG_216:MSG_215, path);
ret = TRUE;
out:
CloseHandle(handle);
if (!ret) {
// Only leave a buffer allocated if successful
*size = 0;
if (!save) {
safe_free(*buffer);
}
}
return ret;
}
HRESULT TCUserAccount::SetRunAsUser(LPCTSTR szAppID, LPCTSTR szUserName, LPCTSTR szPassword)
{
// Not supported under Windows9x
if (IsWin9x())
return S_FALSE;
// Copy the specified AppID string to a non-const wide string
USES_CONVERSION;
UINT cchAppID = max(_tcslen(szAppID), 48) + 1;
LPWSTR pszAppID = (LPWSTR)_alloca(cchAppID * sizeof(WCHAR));
wcscpy(pszAppID, T2CW(szAppID));
// Resolve the specified string to an AppID
HKEY hkey = NULL;
RETURN_FAILED(ResolveAppID(pszAppID, &hkey));
CRegKey key;
key.Attach(hkey);
// Ensure that we have a domain name
LPCTSTR pszUserName = szUserName;
LPCTSTR pszWhack = _tcschr(szUserName, TEXT('\\'));
if (!pszWhack || pszWhack == szUserName ||
(pszWhack == (szUserName + 1) && TEXT('.') == *szUserName))
{
// Get the domain name and user name
TCCoTaskPtr<LPTSTR> spszDomainName;
RETURN_FAILED(GetSID(szUserName, NULL, &spszDomainName));
LPCTSTR pszUserOnly = pszWhack ? pszWhack + 1 : szUserName;
// Concatenate the user name onto the domain name
UINT cch = _tcslen(spszDomainName) + _tcslen(pszUserOnly) + 2;
LPTSTR pszUserNameTemp = (LPTSTR)_alloca(cch * sizeof(TCHAR));
_tcscpy(pszUserNameTemp, spszDomainName);
_tcscat(pszUserNameTemp, TEXT("\\"));
_tcscat(pszUserNameTemp, pszUserOnly);
pszUserName = pszUserNameTemp;
}
// Open the local security policy
TCLsaHandle hPolicy;
LSA_OBJECT_ATTRIBUTES oa = {sizeof(oa)};
RETURN_FAILED(LsaOpenPolicy(NULL, &oa, POLICY_CREATE_SECRET, &hPolicy));
// Format the key string
WCHAR szKey[48] = L"SCM:";
wcscat(szKey, pszAppID);
// Create an LSA_UNICODE_STRING for the key name
LSA_UNICODE_STRING lsaKeyString;
lsaKeyString.Length = (wcslen(szKey) + 1) * sizeof(WCHAR);
lsaKeyString.MaximumLength = lsaKeyString.Length;
lsaKeyString.Buffer = szKey;
// Copy the specified password string to a non-const wide string
UINT cchPassword = _tcslen(szPassword);
LPWSTR pszPassword = (LPWSTR)_alloca((cchPassword + 1) * sizeof(WCHAR));
wcscpy(pszPassword, T2CW(szPassword));
// Create an LSA_UNICODE_STRING for the password string
LSA_UNICODE_STRING lsaPasswordString;
lsaPasswordString.Length = (cchPassword + 1) * sizeof(WCHAR);
lsaPasswordString.MaximumLength = lsaPasswordString.Length;
lsaPasswordString.Buffer = pszPassword;
// Store the specified password
RETURN_FAILED(LsaStorePrivateData(hPolicy, &lsaKeyString,
&lsaPasswordString));
// Set the specified user name as the RunAs user for the AppID
// mdvalley: Another former SetStringValue
LONG lr = key.SetValue(TEXT("RunAs"), pszUserName);
if (lr)
return HRESULT_FROM_WIN32(lr);
// Indicate success
return S_OK;
}
HRESULT TCUserAccount::Init(LPCWSTR szUserName)
{
// Not supported under Windows9x
if (IsWin9x())
return S_FALSE;
// Delete any previous user name
m_spszUserName = NULL;
// Delete any previous SID
m_spSIDPrincipal = NULL;
// Get the SID and domain name of the specified user
RETURN_FAILED(GetSID(szUserName, &m_spSIDPrincipal, &m_spszDomainName));
// Get a pointer to just the user name (no domain)
LPCWSTR pszWhack = wcschr(szUserName, L'\\');
LPCWSTR pszUserOnly = pszWhack ? pszWhack + 1 : szUserName;
// Save the user name
int cchUserName = wcslen(pszUserOnly) + 1;
m_spszUserName = (LPWSTR)CoTaskMemAlloc(cchUserName * sizeof(WCHAR));
wcscpy(m_spszUserName, pszUserOnly);
// Get the server information of the local machine
TCNetApiPtr<SERVER_INFO_101*> si101;
DWORD dw = NetServerGetInfo(NULL, 101, (LPBYTE*)&si101);
if (NERR_Success != dw)
return HRESULT_FROM_WIN32(dw);
// Declare and initialize an LSA_OBJECT_ATTRIBUTES structure
LSA_OBJECT_ATTRIBUTES oa = {sizeof(oa)};
// Special processing when the local computer is a backup domain controller
TCNetApiPtr<WCHAR*> domainController;
if (si101->sv101_type & SV_TYPE_DOMAIN_BAKCTRL)
{
// Get the server name of the primary domain controller
TCNetApiPtr<USER_MODALS_INFO_2*> umi2;
if (0 == (dw = NetUserModalsGet(NULL, 2, (LPBYTE*)&umi2)))
{
// Get the domain name of the primary domain controller
NetGetDCName(NULL, umi2->usrmod2_domain_name, (LPBYTE*)&domainController);
// Create an LSA_UNICODE_STRING for the name of the PDC
LSA_UNICODE_STRING lsaPDC;
lsaPDC.Length = (USHORT)((wcslen(domainController) * sizeof(WCHAR))-2);
lsaPDC.MaximumLength = (USHORT)(lsaPDC.Length + sizeof(WCHAR));
lsaPDC.Buffer = &domainController[2];
// Open the policy of the primary domain controller
RETURN_FAILED(LsaOpenPolicy(&lsaPDC, &oa,
POLICY_CREATE_ACCOUNT | POLICY_LOOKUP_NAMES, &m_hPolicy));
}
}
// Open the policy of the local computer if not a BDC or if anything failed
if (domainController.IsNull())
{
RETURN_FAILED(LsaOpenPolicy(NULL, &oa,
POLICY_CREATE_ACCOUNT | POLICY_LOOKUP_NAMES, &m_hPolicy));
}
// Indicate success
return S_OK;
}
