Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
bd56916f
Commit
bd56916f
authored
Nov 16, 2009
by
Rob Shearman
Committed by
Alexandre Julliard
Nov 17, 2009
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
server: Extend get_token_user server call to also retrieve SIDs for the token's…
server: Extend get_token_user server call to also retrieve SIDs for the token's owner or primary group.
parent
184f1fe3
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
89 additions
and
56 deletions
+89
-56
nt.c
dlls/ntdll/nt.c
+28
-23
server_protocol.h
include/wine/server_protocol.h
+9
-8
protocol.def
server/protocol.def
+5
-4
request.h
server/request.h
+6
-5
token.c
server/token.c
+33
-9
trace.c
server/trace.c
+8
-7
No files found.
dlls/ntdll/nt.c
View file @
bd56916f
...
...
@@ -257,12 +257,6 @@ NTSTATUS WINAPI NtQueryInformationToken(
switch
(
tokeninfoclass
)
{
case
TokenOwner
:
len
=
sizeof
(
TOKEN_OWNER
)
+
sizeof
(
SID
);
break
;
case
TokenPrimaryGroup
:
len
=
sizeof
(
TOKEN_PRIMARY_GROUP
);
break
;
case
TokenSource
:
len
=
sizeof
(
TOKEN_SOURCE
);
break
;
...
...
@@ -287,16 +281,17 @@ NTSTATUS WINAPI NtQueryInformationToken(
switch
(
tokeninfoclass
)
{
case
TokenUser
:
SERVER_START_REQ
(
get_token_
user
)
SERVER_START_REQ
(
get_token_
sid
)
{
TOKEN_USER
*
tuser
=
tokeninfo
;
PSID
sid
=
tuser
+
1
;
DWORD
sid_len
=
tokeninfolength
<
sizeof
(
TOKEN_USER
)
?
0
:
tokeninfolength
-
sizeof
(
TOKEN_USER
);
req
->
handle
=
wine_server_obj_handle
(
token
);
req
->
which_sid
=
tokeninfoclass
;
wine_server_set_reply
(
req
,
sid
,
sid_len
);
status
=
wine_server_call
(
req
);
if
(
retlen
)
*
retlen
=
reply
->
user
_len
+
sizeof
(
TOKEN_USER
);
if
(
retlen
)
*
retlen
=
reply
->
sid
_len
+
sizeof
(
TOKEN_USER
);
if
(
status
==
STATUS_SUCCESS
)
{
tuser
->
User
.
Sid
=
sid
;
...
...
@@ -372,17 +367,21 @@ NTSTATUS WINAPI NtQueryInformationToken(
break
;
}
case
TokenPrimaryGroup
:
if
(
tokeninfo
)
SERVER_START_REQ
(
get_token_sid
)
{
TOKEN_PRIMARY_GROUP
*
tgroup
=
tokeninfo
;
SID_IDENTIFIER_AUTHORITY
sid
=
{
SECURITY_NT_AUTHORITY
};
RtlAllocateAndInitializeSid
(
&
sid
,
2
,
SECURITY_BUILTIN_DOMAIN_RID
,
DOMAIN_ALIAS_RID_ADMINS
,
0
,
0
,
0
,
0
,
0
,
0
,
&
(
tgroup
->
PrimaryGroup
));
PSID
sid
=
tgroup
+
1
;
DWORD
sid_len
=
tokeninfolength
<
sizeof
(
TOKEN_PRIMARY_GROUP
)
?
0
:
tokeninfolength
-
sizeof
(
TOKEN_PRIMARY_GROUP
);
req
->
handle
=
wine_server_obj_handle
(
token
);
req
->
which_sid
=
tokeninfoclass
;
wine_server_set_reply
(
req
,
sid
,
sid_len
);
status
=
wine_server_call
(
req
);
if
(
retlen
)
*
retlen
=
reply
->
sid_len
+
sizeof
(
TOKEN_PRIMARY_GROUP
);
if
(
status
==
STATUS_SUCCESS
)
tgroup
->
PrimaryGroup
=
sid
;
}
SERVER_END_REQ
;
break
;
case
TokenPrivileges
:
SERVER_START_REQ
(
get_token_privileges
)
...
...
@@ -398,15 +397,21 @@ NTSTATUS WINAPI NtQueryInformationToken(
SERVER_END_REQ
;
break
;
case
TokenOwner
:
if
(
tokeninfo
)
SERVER_START_REQ
(
get_token_sid
)
{
TOKEN_OWNER
*
owner
=
tokeninfo
;
PSID
sid
=
owner
+
1
;
SID_IDENTIFIER_AUTHORITY
localSidAuthority
=
{
SECURITY_NT_AUTHORITY
};
RtlInitializeSid
(
sid
,
&
localSidAuthority
,
1
);
*
(
RtlSubAuthoritySid
(
sid
,
0
))
=
SECURITY_INTERACTIVE_RID
;
owner
->
Owner
=
sid
;
TOKEN_OWNER
*
towner
=
tokeninfo
;
PSID
sid
=
towner
+
1
;
DWORD
sid_len
=
tokeninfolength
<
sizeof
(
TOKEN_OWNER
)
?
0
:
tokeninfolength
-
sizeof
(
TOKEN_OWNER
);
req
->
handle
=
wine_server_obj_handle
(
token
);
req
->
which_sid
=
tokeninfoclass
;
wine_server_set_reply
(
req
,
sid
,
sid_len
);
status
=
wine_server_call
(
req
);
if
(
retlen
)
*
retlen
=
reply
->
sid_len
+
sizeof
(
TOKEN_OWNER
);
if
(
status
==
STATUS_SUCCESS
)
towner
->
Owner
=
sid
;
}
SERVER_END_REQ
;
break
;
case
TokenImpersonationLevel
:
SERVER_START_REQ
(
get_token_impersonation_level
)
...
...
include/wine/server_protocol.h
View file @
bd56916f
...
...
@@ -4123,16 +4123,17 @@ struct access_check_reply
char
__pad_20
[
4
];
};
struct
get_token_
user
_request
struct
get_token_
sid
_request
{
struct
request_header
__header
;
obj_handle_t
handle
;
unsigned
int
which_sid
;
};
struct
get_token_
user
_reply
struct
get_token_
sid
_reply
{
struct
reply_header
__header
;
data_size_t
user
_len
;
/* VARARG(
user
,SID); */
data_size_t
sid
_len
;
/* VARARG(
sid
,SID); */
char
__pad_12
[
4
];
};
...
...
@@ -4862,7 +4863,7 @@ enum request
REQ_check_token_privileges
,
REQ_duplicate_token
,
REQ_access_check
,
REQ_get_token_
user
,
REQ_get_token_
sid
,
REQ_get_token_groups
,
REQ_get_token_default_dacl
,
REQ_set_token_default_dacl
,
...
...
@@ -5110,7 +5111,7 @@ union generic_request
struct
check_token_privileges_request
check_token_privileges_request
;
struct
duplicate_token_request
duplicate_token_request
;
struct
access_check_request
access_check_request
;
struct
get_token_
user_request
get_token_user
_request
;
struct
get_token_
sid_request
get_token_sid
_request
;
struct
get_token_groups_request
get_token_groups_request
;
struct
get_token_default_dacl_request
get_token_default_dacl_request
;
struct
set_token_default_dacl_request
set_token_default_dacl_request
;
...
...
@@ -5356,7 +5357,7 @@ union generic_reply
struct
check_token_privileges_reply
check_token_privileges_reply
;
struct
duplicate_token_reply
duplicate_token_reply
;
struct
access_check_reply
access_check_reply
;
struct
get_token_
user_reply
get_token_user
_reply
;
struct
get_token_
sid_reply
get_token_sid
_reply
;
struct
get_token_groups_reply
get_token_groups_reply
;
struct
get_token_default_dacl_reply
get_token_default_dacl_reply
;
struct
set_token_default_dacl_reply
set_token_default_dacl_reply
;
...
...
@@ -5393,6 +5394,6 @@ union generic_reply
struct
free_user_handle_reply
free_user_handle_reply
;
};
#define SERVER_PROTOCOL_VERSION 39
3
#define SERVER_PROTOCOL_VERSION 39
4
#endif
/* __WINE_WINE_SERVER_PROTOCOL_H */
server/protocol.def
View file @
bd56916f
...
...
@@ -2924,18 +2924,19 @@ enum message_type
VARARG(privileges,LUID_AND_ATTRIBUTES); /* privileges used during access check */
@END
@REQ(get_token_
user
)
@REQ(get_token_
sid
)
obj_handle_t handle; /* handle to the token */
unsigned int which_sid; /* which SID to retrieve from the token */
@REPLY
data_size_t
user_len; /* length needed to store user
*/
VARARG(
user,SID); /* sid of the user the token represents
*/
data_size_t
sid_len; /* length needed to store sid
*/
VARARG(
sid,SID); /* the sid specified by which_sid from the token
*/
@END
@REQ(get_token_groups)
obj_handle_t handle; /* handle to the token */
@REPLY
data_size_t user_len; /* length needed to store user */
VARARG(user,token_groups); /* groups the token's user belongs to */
VARARG(user,token_groups);
/* groups the token's user belongs to */
@END
@REQ(get_token_default_dacl)
...
...
server/request.h
View file @
bd56916f
...
...
@@ -317,7 +317,7 @@ DECL_HANDLER(get_token_privileges);
DECL_HANDLER
(
check_token_privileges
);
DECL_HANDLER
(
duplicate_token
);
DECL_HANDLER
(
access_check
);
DECL_HANDLER
(
get_token_
user
);
DECL_HANDLER
(
get_token_
sid
);
DECL_HANDLER
(
get_token_groups
);
DECL_HANDLER
(
get_token_default_dacl
);
DECL_HANDLER
(
set_token_default_dacl
);
...
...
@@ -564,7 +564,7 @@ static const req_handler req_handlers[REQ_NB_REQUESTS] =
(
req_handler
)
req_check_token_privileges
,
(
req_handler
)
req_duplicate_token
,
(
req_handler
)
req_access_check
,
(
req_handler
)
req_get_token_
user
,
(
req_handler
)
req_get_token_
sid
,
(
req_handler
)
req_get_token_groups
,
(
req_handler
)
req_get_token_default_dacl
,
(
req_handler
)
req_set_token_default_dacl
,
...
...
@@ -1755,9 +1755,10 @@ C_ASSERT( FIELD_OFFSET(struct access_check_reply, access_granted) == 8 );
C_ASSERT
(
FIELD_OFFSET
(
struct
access_check_reply
,
access_status
)
==
12
);
C_ASSERT
(
FIELD_OFFSET
(
struct
access_check_reply
,
privileges_len
)
==
16
);
C_ASSERT
(
sizeof
(
struct
access_check_reply
)
==
24
);
C_ASSERT
(
FIELD_OFFSET
(
struct
get_token_user_request
,
handle
)
==
12
);
C_ASSERT
(
FIELD_OFFSET
(
struct
get_token_user_reply
,
user_len
)
==
8
);
C_ASSERT
(
sizeof
(
struct
get_token_user_reply
)
==
16
);
C_ASSERT
(
FIELD_OFFSET
(
struct
get_token_sid_request
,
handle
)
==
12
);
C_ASSERT
(
FIELD_OFFSET
(
struct
get_token_sid_request
,
which_sid
)
==
16
);
C_ASSERT
(
FIELD_OFFSET
(
struct
get_token_sid_reply
,
sid_len
)
==
8
);
C_ASSERT
(
sizeof
(
struct
get_token_sid_reply
)
==
16
);
C_ASSERT
(
FIELD_OFFSET
(
struct
get_token_groups_request
,
handle
)
==
12
);
C_ASSERT
(
FIELD_OFFSET
(
struct
get_token_groups_reply
,
user_len
)
==
8
);
C_ASSERT
(
sizeof
(
struct
get_token_groups_reply
)
==
16
);
...
...
server/token.c
View file @
bd56916f
...
...
@@ -1225,27 +1225,51 @@ DECL_HANDLER(access_check)
}
/* retrieves the SID of the user that the token represents */
DECL_HANDLER
(
get_token_
user
)
DECL_HANDLER
(
get_token_
sid
)
{
struct
token
*
token
;
reply
->
user
_len
=
0
;
reply
->
sid
_len
=
0
;
if
((
token
=
(
struct
token
*
)
get_handle_obj
(
current
->
process
,
req
->
handle
,
TOKEN_QUERY
,
&
token_ops
)))
{
const
SID
*
user
=
token
->
user
;
const
SID
*
sid
=
NULL
;
reply
->
user_len
=
FIELD_OFFSET
(
SID
,
SubAuthority
[
user
->
SubAuthorityCount
]);
if
(
reply
->
user_len
<=
get_reply_max_size
())
switch
(
req
->
which_sid
)
{
case
TokenUser
:
assert
(
token
->
user
);
sid
=
token
->
user
;
break
;
case
TokenPrimaryGroup
:
sid
=
token
->
primary_group
;
break
;
case
TokenOwner
:
{
SID
*
user_reply
=
set_reply_data_size
(
reply
->
user_len
);
if
(
user_reply
)
memcpy
(
user_reply
,
user
,
reply
->
user_len
);
struct
group
*
group
;
LIST_FOR_EACH_ENTRY
(
group
,
&
token
->
groups
,
struct
group
,
entry
)
{
if
(
group
->
owner
)
{
sid
=
&
group
->
sid
;
break
;
}
}
break
;
}
default
:
set_error
(
STATUS_INVALID_PARAMETER
);
break
;
}
else
set_error
(
STATUS_BUFFER_TOO_SMALL
);
if
(
sid
)
{
reply
->
sid_len
=
FIELD_OFFSET
(
SID
,
SubAuthority
[
sid
->
SubAuthorityCount
]);
if
(
reply
->
sid_len
<=
get_reply_max_size
())
set_reply_data
(
sid
,
reply
->
sid_len
);
else
set_error
(
STATUS_BUFFER_TOO_SMALL
);
}
release_object
(
token
);
}
}
...
...
server/trace.c
View file @
bd56916f
...
...
@@ -3426,15 +3426,16 @@ static void dump_access_check_reply( const struct access_check_reply *req )
dump_varargs_LUID_AND_ATTRIBUTES
(
", privileges="
,
cur_size
);
}
static
void
dump_get_token_
user_request
(
const
struct
get_token_user
_request
*
req
)
static
void
dump_get_token_
sid_request
(
const
struct
get_token_sid
_request
*
req
)
{
fprintf
(
stderr
,
" handle=%04x"
,
req
->
handle
);
fprintf
(
stderr
,
", which_sid=%08x"
,
req
->
which_sid
);
}
static
void
dump_get_token_
user_reply
(
const
struct
get_token_user
_reply
*
req
)
static
void
dump_get_token_
sid_reply
(
const
struct
get_token_sid
_reply
*
req
)
{
fprintf
(
stderr
,
"
user_len=%u"
,
req
->
user
_len
);
dump_varargs_SID
(
",
user
="
,
cur_size
);
fprintf
(
stderr
,
"
sid_len=%u"
,
req
->
sid
_len
);
dump_varargs_SID
(
",
sid
="
,
cur_size
);
}
static
void
dump_get_token_groups_request
(
const
struct
get_token_groups_request
*
req
)
...
...
@@ -4012,7 +4013,7 @@ static const dump_func req_dumpers[REQ_NB_REQUESTS] = {
(
dump_func
)
dump_check_token_privileges_request
,
(
dump_func
)
dump_duplicate_token_request
,
(
dump_func
)
dump_access_check_request
,
(
dump_func
)
dump_get_token_
user
_request
,
(
dump_func
)
dump_get_token_
sid
_request
,
(
dump_func
)
dump_get_token_groups_request
,
(
dump_func
)
dump_get_token_default_dacl_request
,
(
dump_func
)
dump_set_token_default_dacl_request
,
...
...
@@ -4256,7 +4257,7 @@ static const dump_func reply_dumpers[REQ_NB_REQUESTS] = {
(
dump_func
)
dump_check_token_privileges_reply
,
(
dump_func
)
dump_duplicate_token_reply
,
(
dump_func
)
dump_access_check_reply
,
(
dump_func
)
dump_get_token_
user
_reply
,
(
dump_func
)
dump_get_token_
sid
_reply
,
(
dump_func
)
dump_get_token_groups_reply
,
(
dump_func
)
dump_get_token_default_dacl_reply
,
NULL
,
...
...
@@ -4500,7 +4501,7 @@ static const char * const req_names[REQ_NB_REQUESTS] = {
"check_token_privileges"
,
"duplicate_token"
,
"access_check"
,
"get_token_
user
"
,
"get_token_
sid
"
,
"get_token_groups"
,
"get_token_default_dacl"
,
"set_token_default_dacl"
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment