test: seclient.c File Reference

00218 : 00219 00220 This service initializes a context block to represent a client's 00221 security context. This may simply result in a reference to the 00222 client's token, or may cause the client's token to be duplicated, 00223 depending upon the security quality of service information specified. 00224 00225 NOTE 00226 00227 The code in this routine is optimized for DYNAMIC context 00228 tracking. This is only mode in which direct access to a 00229 caller's token is allowed, and the mode expected to be used 00230 most often. STATIC context tracking always requires the 00231 caller's token to be copied. 00232 00233 00234 Arguments: 00235 00236 ClientThread - Points to the client's thread. This is used to 00237 locate the client's security context (token). 00238 00239 ClientSecurityQos - Points to the security quality of service 00240 parameters specified by the client for this communication 00241 session. 00242 00243 ServerIsRemote - Provides an indication as to whether the session 00244 this context block is being used for is an inter-system 00245 session or intra-system session. This is reconciled with the 00246 impersonation level of the client thread's token (in case the 00247 client has a client of his own that didn't specify delegation). 00248 00249 ClientContext - Points to the client security context block to be 00250 initialized. 00251 00252 00253 Return Value: 00254 00255 STATUS_SUCCESS - The service completed successfully. 00256 00257 STATUS_BAD_IMPERSONATION_LEVEL - The client is currently 00258 impersonating either an Anonymous or Identification level 00259 token, which can not be passed on for use by another server. 00260 This status may also be returned if the security context 00261 block is for an inter-system communication session and the 00262 client thread is impersonating a client of its own using 00263 other than delegation impersonation level. 00264 00265 00266 --*/ 00267 00268 { 00269 NTSTATUS Status = STATUS_SUCCESS; 00270 PACCESS_TOKEN Token; 00271 TOKEN_TYPE TokenType; 00272 BOOLEAN ThreadEffectiveOnly; 00273 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; 00274 PACCESS_TOKEN DuplicateToken; 00275 00276 PAGED_CODE(); 00277 00278 // 00279 // Gain access to the client thread's effective token 00280 // 00281 00282 Token = PsReferenceEffectiveToken( 00283 ClientThread, 00284 &TokenType, 00285 &ThreadEffectiveOnly, 00286 &ImpersonationLevel 00287 ); 00288 00289 00290 Status = SepCreateClientSecurity( 00291 Token, 00292 ClientSecurityQos, 00293 ServerIsRemote, 00294 TokenType, 00295 ThreadEffectiveOnly, 00296 ImpersonationLevel, 00297 ClientContext ); 00298 00299 return Status ; 00300 }

00720 : 00721 00722 This service initializes a context block to represent a client's 00723 security context. This may simply result in a reference to the 00724 client's token, or may cause the client's token to be duplicated, 00725 depending upon the security quality of service information specified. 00726 00727 NOTE 00728 00729 The code in this routine is optimized for DYNAMIC context 00730 tracking. This is only mode in which direct access to a 00731 caller's token is allowed, and the mode expected to be used 00732 most often. STATIC context tracking always requires the 00733 caller's token to be copied. 00734 00735 00736 Arguments: 00737 00738 SubjectContext - Points to the SubjectContext that should serve 00739 as the basis for this client context. 00740 00741 ClientSecurityQos - Points to the security quality of service 00742 parameters specified by the client for this communication 00743 session. 00744 00745 ServerIsRemote - Provides an indication as to whether the session 00746 this context block is being used for is an inter-system 00747 session or intra-system session. This is reconciled with the 00748 impersonation level of the client thread's token (in case the 00749 client has a client of his own that didn't specify delegation). 00750 00751 ClientContext - Points to the client security context block to be 00752 initialized. 00753 00754 00755 Return Value: 00756 00757 STATUS_SUCCESS - The service completed successfully. 00758 00759 STATUS_BAD_IMPERSONATION_LEVEL - The client is currently 00760 impersonating either an Anonymous or Identification level 00761 token, which can not be passed on for use by another server. 00762 This status may also be returned if the security context 00763 block is for an inter-system communication session and the 00764 client thread is impersonating a client of its own using 00765 other than delegation impersonation level. 00766 00767 00768 --*/ 00769 00770 { 00771 NTSTATUS Status = STATUS_SUCCESS; 00772 PACCESS_TOKEN Token; 00773 TOKEN_TYPE Type; 00774 BOOLEAN ThreadEffectiveOnly; 00775 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; 00776 PACCESS_TOKEN DuplicateToken; 00777 00778 PAGED_CODE(); 00779 00780 Token = SeQuerySubjectContextToken( 00781 SubjectContext 00782 ); 00783 00784 ObReferenceObject( Token ); 00785 00786 if ( SubjectContext->ClientToken ) 00787 { 00788 Type = TokenImpersonation ; 00789 } 00790 else 00791 { 00792 Type = TokenPrimary ; 00793 } 00794 00795 Status = SepCreateClientSecurity( 00796 Token, 00797 ClientSecurityQos, 00798 ServerIsRemote, 00799 Type, 00800 FALSE, 00801 SubjectContext->ImpersonationLevel, 00802 ClientContext 00803 ); 00804 00805 00806 return Status ; 00807 }

00599 : 00600 00601 This service is used to cause the calling thread to impersonate a 00602 client. The client security context in ClientContext is assumed to 00603 be up to date. 00604 00605 00606 Arguments: 00607 00608 ClientContext - Points to client security context block. 00609 00610 ServerThread - (Optional) Specifies the thread which is to be made to 00611 impersonate the client. If not specified, the calling thread is 00612 used. 00613 00614 00615 Return Value: 00616 00617 None. 00618 00619 00620 --*/ 00621 00622 00623 { 00624 00625 PAGED_CODE(); 00626 00627 #if DBG 00628 DbgPrint("SE: Obsolete call: SeImpersonateClient\n"); 00629 #endif 00630 00631 (VOID) SeImpersonateClientEx( ClientContext, ServerThread ); 00632 }

00642 : 00643 00644 This service is used to cause the calling thread to impersonate a 00645 client. The client security context in ClientContext is assumed to 00646 be up to date. 00647 00648 00649 Arguments: 00650 00651 ClientContext - Points to client security context block. 00652 00653 ServerThread - (Optional) Specifies the thread which is to be made to 00654 impersonate the client. If not specified, the calling thread is 00655 used. 00656 00657 00658 Return Value: 00659 00660 None. 00661 00662 00663 --*/ 00664 00665 00666 { 00667 00668 BOOLEAN EffectiveValueToUse; 00669 PETHREAD Thread; 00670 NTSTATUS Status ; 00671 00672 PAGED_CODE(); 00673 00674 if (ClientContext->DirectlyAccessClientToken) { 00675 EffectiveValueToUse = ClientContext->DirectAccessEffectiveOnly; 00676 } else { 00677 EffectiveValueToUse = ClientContext->SecurityQos.EffectiveOnly; 00678 } 00679 00680 00681 00682 // 00683 // if a ServerThread wasn't specified, then default to the current 00684 // thread. 00685 // 00686 00687 if (!ARGUMENT_PRESENT(ServerThread)) { 00688 Thread = PsGetCurrentThread(); 00689 } else { 00690 Thread = ServerThread; 00691 } 00692 00693 00694 00695 // 00696 // Assign the context to the calling thread 00697 // 00698 00699 Status = PsImpersonateClient( Thread, 00700 ClientContext->ClientToken, 00701 TRUE, 00702 EffectiveValueToUse, 00703 ClientContext->SecurityQos.ImpersonationLevel 00704 ); 00705 00706 return Status ; 00707 00708 }

00071 { 00072 NTSTATUS Status = STATUS_SUCCESS; 00073 PACCESS_TOKEN DuplicateToken; 00074 00075 PAGED_CODE(); 00076 00077 00078 // 00079 // Make sure the client is not trying to abuse use of a 00080 // client of its own by attempting an invalid impersonation. 00081 // Also set the ClientContext->DirectAccessEffectiveOnly flag 00082 // appropriately if the impersonation is legitimate. The 00083 // DirectAccessEffectiveOnly flag value will end up being ignored 00084 // if STATIC mode is requested, but this is the most efficient 00085 // place to calculate it, and we are optimizing for DYNAMIC mode. 00086 // 00087 00088 if (TokenType == TokenImpersonation) { 00089 00090 if ( ClientSecurityQos->ImpersonationLevel > ImpersonationLevel) { 00091 00092 PsDereferenceImpersonationToken( Token ); 00093 return STATUS_BAD_IMPERSONATION_LEVEL; 00094 00095 } 00096 00097 00098 if ( SepBadImpersonationLevel(ImpersonationLevel,ServerIsRemote)) { 00099 00100 PsDereferenceImpersonationToken( Token ); 00101 return STATUS_BAD_IMPERSONATION_LEVEL; 00102 00103 } else { 00104 00105 // 00106 // TokenType is TokenImpersonation and the impersonation is legit. 00107 // Set the DirectAccessEffectiveOnly flag to be the minimum of 00108 // the current thread value and the caller specified value. 00109 // 00110 00111 ClientContext->DirectAccessEffectiveOnly = 00112 ( (ThreadEffectiveOnly || (ClientSecurityQos->EffectiveOnly)) ? 00113 TRUE : FALSE ); 00114 } 00115 00116 } else { 00117 00118 // 00119 // TokenType is TokenPrimary. In this case, the client specified 00120 // EffectiveOnly value is always used. 00121 // 00122 00123 ClientContext->DirectAccessEffectiveOnly = 00124 ClientSecurityQos->EffectiveOnly; 00125 } 00126 00127 00128 00129 // 00130 // Copy the token if necessary (i.e., static tracking requested) 00131 // 00132 00133 if (ClientSecurityQos->ContextTrackingMode == SECURITY_STATIC_TRACKING) { 00134 00135 ClientContext->DirectlyAccessClientToken = FALSE; 00136 00137 Status = SeCopyClientToken( 00138 Token, 00139 ClientSecurityQos->ImpersonationLevel, 00140 KernelMode, 00141 &DuplicateToken 00142 ); 00143 00144 00145 if ( NT_SUCCESS(Status) ) { 00146 ObDeleteCapturedInsertInfo(DuplicateToken); 00147 } 00148 // 00149 // No longer need the pointer to the client's token 00150 // 00151 00152 if (TokenType == TokenPrimary) { 00153 PsDereferencePrimaryToken( Token ); 00154 } else { 00155 PsDereferenceImpersonationToken( Token ); 00156 } 00157 00158 Token = DuplicateToken; 00159 00160 00161 // 00162 // If there was an error, we're done. 00163 // 00164 if (!NT_SUCCESS(Status)) { 00165 return Status; 00166 } 00167 00168 } else { 00169 00170 ClientContext->DirectlyAccessClientToken = TRUE; 00171 00172 if (ServerIsRemote) { 00173 // 00174 // Get a copy of the client token's control information 00175 // so that we can tell if it changes in the future. 00176 // 00177 00178 SeGetTokenControlInformation( Token, 00179 &ClientContext->ClientTokenControl 00180 ); 00181 00182 } 00183 00184 } 00185 00186 00187 00188 ClientContext->SecurityQos.Length = 00189 (ULONG)sizeof(SECURITY_QUALITY_OF_SERVICE); 00190 00191 ClientContext->SecurityQos.ImpersonationLevel = 00192 ClientSecurityQos->ImpersonationLevel; 00193 00194 ClientContext->SecurityQos.ContextTrackingMode = 00195 ClientSecurityQos->ContextTrackingMode; 00196 00197 ClientContext->SecurityQos.EffectiveOnly = 00198 ClientSecurityQos->EffectiveOnly; 00199 00200 ClientContext->ServerIsRemote = ServerIsRemote; 00201 00202 ClientContext->ClientToken = Token; 00203 00204 return STATUS_SUCCESS; 00205 00206 }


Functions
NTSTATUS	SepCreateClientSecurity (IN PACCESS_TOKEN Token, IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, IN BOOLEAN ServerIsRemote, TOKEN_TYPE TokenType, BOOLEAN ThreadEffectiveOnly, SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, OUT PSECURITY_CLIENT_CONTEXT ClientContext)
NTSTATUS	SeCreateClientSecurity (IN PETHREAD ClientThread, IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, IN BOOLEAN ServerIsRemote, OUT PSECURITY_CLIENT_CONTEXT ClientContext)
VOID	SeImpersonateClient (IN PSECURITY_CLIENT_CONTEXT ClientContext, IN PETHREAD ServerThread OPTIONAL)
NTSTATUS	SeImpersonateClientEx (IN PSECURITY_CLIENT_CONTEXT ClientContext, IN PETHREAD ServerThread OPTIONAL)
NTSTATUS	SeCreateClientSecurityFromSubjectContext (IN PSECURITY_SUBJECT_CONTEXT SubjectContext, IN PSECURITY_QUALITY_OF_SERVICE ClientSecurityQos, IN BOOLEAN ServerIsRemote, OUT PSECURITY_CLIENT_CONTEXT ClientContext)

seclient.c File Reference

Functions

Function Documentation