mirror of
https://github.com/kasmtech/KasmVNC.git
synced 2025-01-12 00:48:19 +01:00
124 lines
3.7 KiB
C++
124 lines
3.7 KiB
C++
/* Copyright (C) 2002-2005 RealVNC Ltd. All Rights Reserved.
|
|
*
|
|
* This is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This software is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this software; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
|
|
* USA.
|
|
*/
|
|
|
|
// Security.h
|
|
|
|
// Wrapper classes for a few Windows NT security structures/functions
|
|
// that are used by VNC
|
|
|
|
#ifndef __RFB_WIN32_SECURITY_H__
|
|
#define __RFB_WIN32_SECURITY_H__
|
|
|
|
#include <rdr/types.h>
|
|
#include <rfb_win32/LocalMem.h>
|
|
#include <rfb_win32/TCharArray.h>
|
|
#include <aclapi.h>
|
|
|
|
namespace rfb {
|
|
|
|
namespace win32 {
|
|
|
|
struct Trustee : public TRUSTEE {
|
|
Trustee(const TCHAR* name,
|
|
TRUSTEE_FORM form=TRUSTEE_IS_NAME,
|
|
TRUSTEE_TYPE type=TRUSTEE_IS_UNKNOWN);
|
|
};
|
|
|
|
struct ExplicitAccess : public EXPLICIT_ACCESS {
|
|
ExplicitAccess(const TCHAR* name,
|
|
TRUSTEE_FORM type,
|
|
DWORD perms,
|
|
ACCESS_MODE mode,
|
|
DWORD inherit=0);
|
|
};
|
|
|
|
// Helper class for building access control lists
|
|
struct AccessEntries {
|
|
AccessEntries();
|
|
~AccessEntries();
|
|
void allocMinEntries(int count);
|
|
void addEntry(const TCHAR* trusteeName,
|
|
DWORD permissions,
|
|
ACCESS_MODE mode);
|
|
void addEntry(const PSID sid,
|
|
DWORD permissions,
|
|
ACCESS_MODE mode);
|
|
|
|
EXPLICIT_ACCESS* entries;
|
|
int entry_count;
|
|
};
|
|
|
|
// Helper class for handling SIDs
|
|
struct Sid : rdr::U8Array {
|
|
Sid() {}
|
|
operator PSID() const {return (PSID)buf;}
|
|
PSID takePSID() {PSID r = (PSID)buf; buf = 0; return r;}
|
|
|
|
static PSID copySID(const PSID sid);
|
|
|
|
void setSID(const PSID sid);
|
|
|
|
void getUserNameAndDomain(TCHAR** name, TCHAR** domain);
|
|
|
|
struct Administrators;
|
|
struct SYSTEM;
|
|
struct FromToken;
|
|
|
|
private:
|
|
Sid(const Sid&);
|
|
Sid& operator=(const Sid&);
|
|
};
|
|
|
|
struct Sid::Administrators : public Sid {
|
|
Administrators();
|
|
};
|
|
struct Sid::SYSTEM : public Sid {
|
|
SYSTEM();
|
|
};
|
|
struct Sid::FromToken : public Sid {
|
|
FromToken(HANDLE h);
|
|
};
|
|
|
|
// Helper class for handling & freeing ACLs
|
|
struct AccessControlList : public LocalMem {
|
|
AccessControlList(int size) : LocalMem(size) {}
|
|
AccessControlList(PACL acl_=0) : LocalMem(acl_) {}
|
|
operator PACL() {return (PACL)ptr;}
|
|
};
|
|
|
|
// Create a new ACL based on supplied entries and, if supplied, existing ACL
|
|
PACL CreateACL(const AccessEntries& ae, PACL existing_acl=0);
|
|
|
|
// Helper class for memory-management of self-relative SecurityDescriptors
|
|
struct SecurityDescriptorPtr : LocalMem {
|
|
SecurityDescriptorPtr(int size) : LocalMem(size) {}
|
|
SecurityDescriptorPtr(PSECURITY_DESCRIPTOR sd_=0) : LocalMem(sd_) {}
|
|
PSECURITY_DESCRIPTOR takeSD() {return (PSECURITY_DESCRIPTOR)takePtr();}
|
|
};
|
|
|
|
// Create a new self-relative Security Descriptor, owned by SYSTEM/Administrators,
|
|
// with the supplied DACL and no SACL. The returned value can be assigned
|
|
// to a SecurityDescriptorPtr to be managed.
|
|
PSECURITY_DESCRIPTOR CreateSdWithDacl(const PACL dacl);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif
|