/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
#include <jni.h>
#include "com_sun_security_auth_module_NTSystem.h"
#include <windows.h>
#include <stdio.h>
#include <wchar.h>
#include <ntsecapi.h>
#include <lmerr.h>
if (debug) {
printf("getting impersonation token\n");
}
return 0;
}
return (jlong)impersonationToken;
}
long i, j = 0;
debug = debugNative;
// get NT information first
if (debug) {
printf("getting access token\n");
}
return;
}
if (debug) {
printf("getting user info\n");
}
if (getUser
return;
}
if (debug) {
printf("getting primary group\n");
}
return;
}
if (debug) {
printf("getting supplementary groups\n");
}
return;
}
// then set values into NTSystem
if (fid == 0) {
if (newExcCls == 0) {
// Unable to find exception class
systemError = TRUE;
goto out;
}
}
if (fid == 0) {
if (newExcCls == 0) {
systemError = TRUE;
goto out;
}
}
if (fid == 0) {
if (newExcCls == 0) {
systemError = TRUE;
goto out;
}
}
if (fid == 0) {
if (newExcCls == 0) {
systemError = TRUE;
goto out;
}
}
}
if (fid == 0) {
if (newExcCls == 0) {
systemError = TRUE;
goto out;
}
}
// primary group may or may not be part of supplementary groups
for (i = 0; i < (long)numGroups; i++) {
// found primary group in groups array
pIndex = i;
break;
}
}
// primary group is only group in groups array
if (debug) {
printf("no secondary groups\n");
}
} else {
// the groups array is non-empty,
// and may or may not contain the primary group
if (fid == 0) {
if (newExcCls == 0) {
systemError = TRUE;
goto out;
}
}
if (stringClass == 0) {
goto out;
}
if (pIndex == -1) {
// primary group not in groups array
} else {
// primary group in groups array -
// allocate one less array entry and do not add into new array
}
for (i = 0, j = 0; i < (long)numGroups; i++) {
if (pIndex == i) {
// continue if equal to primary group
continue;
}
}
}
out:
}
if (domainName != NULL) {
}
}
}
if (primaryGroup != NULL) {
}
for (i = 0; i < (long)numGroups; i++) {
}
}
}
if (systemError && debug) {
printf(" [getCurrent] System Error: ");
printf("unable to find IllegalArgumentException class\n");
}
return;
}
// first try the thread token
if (OpenThreadToken(GetCurrentThread(),
tokenHandle) == 0) {
if (debug) {
}
// next try the process token
tokenHandle) == 0) {
if (debug) {
printf(" [getToken] OpenProcessToken error [%d]: ",
GetLastError());
}
return FALSE;
}
}
if (debug) {
printf(" [getToken] got user access token\n");
}
return TRUE;
}
// get token information
NULL, // TokenInformation - if NULL get buffer size
0, // since TokenInformation is NULL
&bufSize);
&retBufSize) == 0) {
if (debug) {
printf(" [getUser] GetTokenInformation error [%d]: ",
GetLastError());
}
goto out;
}
if (debug) {
printf(" [getUser] Got TokenUser info\n");
}
// get userName
bufSize = 0;
buf2Size = 0;
NULL,
&bufSize,
NULL,
&buf2Size,
&nameUse);
*userName,
&bufSize,
&buf2Size,
&nameUse) == 0) {
if (debug) {
printf(" [getUser] LookupAccountSid error [%d]: ",
GetLastError());
}
goto out;
}
if (debug) {
printf(" [getUser] userName: %s, domainName = %s\n",
*userName, *domainName);
}
bufSize = 0;
if (debug) {
}
// get domainSid
bufSize = 0;
buf2Size = 0;
NULL,
&bufSize,
NULL,
&buf2Size,
&nameUse);
dSid,
&bufSize,
&buf2Size,
&nameUse) == 0) {
if (debug) {
printf(" [getUser] LookupAccountName error [%d]: ",
GetLastError());
}
// ok not to have a domain SID (no error)
goto out;
}
bufSize = 0;
if (debug) {
}
out:
if (tokenUserInfo != NULL) {
}
}
if (domainSidName != NULL) {
}
if (error) {
return FALSE;
}
return TRUE;
}
// get token information
NULL, // TokenInformation - if NULL get buffer size
0, // since TokenInformation is NULL
&bufSize);
(GetProcessHeap(), 0, bufSize);
&retBufSize) == 0) {
if (debug) {
printf(" [getPrimaryGroup] GetTokenInformation error [%d]: ",
GetLastError());
}
goto out;
}
if (debug) {
printf(" [getPrimaryGroup] Got TokenPrimaryGroup info\n");
}
bufSize = 0;
if (debug) {
}
out:
if (tokenGroupInfo != NULL) {
}
if (error) {
return FALSE;
}
return TRUE;
}
long i = 0;
// get token information
NULL, // TokenInformation - if NULL get buffer size
0, // since TokenInformation is NULL
&bufSize);
&retBufSize) == 0) {
if (debug) {
printf(" [getGroups] GetTokenInformation error [%d]: ",
GetLastError());
}
goto out;
}
if (debug) {
printf(" [getGroups] Got TokenGroups info\n");
}
if (tokenGroupInfo->GroupCount == 0) {
// no groups
goto out;
}
// return group info
for (i = 0; i < (long)*numGroups; i++) {
bufSize = 0;
if (debug) {
}
}
out:
if (tokenGroupInfo != NULL) {
}
if (error) {
return FALSE;
}
return TRUE;
}
if (OpenThreadToken(GetCurrentThread(),
&dupToken) == 0) {
&dupToken) == 0) {
if (debug) {
(" [getImpersonationToken] OpenProcessToken error [%d]: ",
GetLastError());
}
return FALSE;
}
}
if (DuplicateToken(dupToken,
impersonationToken) == 0) {
if (debug) {
printf(" [getImpersonationToken] DuplicateToken error [%d]: ",
GetLastError());
}
return FALSE;
}
if (debug) {
}
return TRUE;
}
// Validate the binary SID.
// Get the identifier authority value from the SID.
// Get the number of subauthorities in the SID.
// Compute the buffer length.
// S-SID_REVISION- + IdentifierAuthority- + subauthorities- + NULL
// Check input buffer length.
// If too small, indicate the proper size and set last error.
if (*lpdwBufferLen < dwSidSize) {
return FALSE;
}
// Add 'S' prefix and revision number to the string.
// Add SID identifier authority to the string.
TEXT("0x%02hx%02hx%02hx%02hx%02hx%02hx"),
} else {
TEXT("%lu"),
}
// Add SID subauthorities to the string.
}
return TRUE;
}
//
// If dwLastError is in the network range,
// load the message source.
//
NULL,
}
//
// Call FormatMessage() to allow for message
// text to be acquired from the system
// or from the supplied module handle.
//
hModule, // module to get message from (NULL == system)
(LPSTR) &MessageBuffer,
0,
NULL)) {
//
// Output message string on stderr.
//
NULL);
//
// Free the buffer allocated by the system.
//
}
//
// If we loaded a message source, unload it.
//
}
/**
* 1. comment out first two #includes
* 2. set 'debug' to TRUE
* 3. comment out 'getCurrent'
* 4. uncomment 'main'
* 5. cc -c nt.c
* 6. link nt.obj user32.lib advapi32.lib /out:nt.exe
*/
/*
void main(int argc, char *argv[]) {
long i = 0;
HANDLE tokenHandle = INVALID_HANDLE_VALUE;
LPTSTR userName = NULL;
LPTSTR userSid = NULL;
LPTSTR domainName = NULL;
LPTSTR domainSid = NULL;
LPTSTR primaryGroup = NULL;
DWORD numGroups = 0;
LPTSTR *groups = NULL;
HANDLE impersonationToken = 0;
printf("getting access token\n");
if (getToken(&tokenHandle) == FALSE) {
exit(1);
}
printf("getting user info\n");
if (getUser
(tokenHandle, &userName, &domainName, &userSid, &domainSid) == FALSE) {
exit(1);
}
printf("getting primary group\n");
if (getPrimaryGroup(tokenHandle, &primaryGroup) == FALSE) {
exit(1);
}
printf("getting supplementary groups\n");
if (getGroups(tokenHandle, &numGroups, &groups) == FALSE) {
exit(1);
}
printf("getting impersonation token\n");
if (getImpersonationToken(&impersonationToken) == FALSE) {
exit(1);
}
printf("userName = %s, userSid = %s, domainName = %s, domainSid = %s\n",
userName, userSid, domainName, domainSid);
printf("primaryGroup = %s\n", primaryGroup);
for (i = 0; i < numGroups; i++) {
printf("Group[%d] = %s\n", i, groups[i]);
}
printf("impersonationToken = %ld\n", impersonationToken);
if (userName != NULL) {
HeapFree(GetProcessHeap(), 0, userName);
}
if (userSid != NULL) {
HeapFree(GetProcessHeap(), 0, userSid);
}
if (domainName != NULL) {
HeapFree(GetProcessHeap(), 0, domainName);
}
if (domainSid != NULL) {
HeapFree(GetProcessHeap(), 0, domainSid);
}
if (primaryGroup != NULL) {
HeapFree(GetProcessHeap(), 0, primaryGroup);
}
if (groups != NULL) {
for (i = 0; i < numGroups; i++) {
if (groups[i] != NULL) {
HeapFree(GetProcessHeap(), 0, groups[i]);
}
}
HeapFree(GetProcessHeap(), 0, groups);
}
CloseHandle(impersonationToken);
CloseHandle(tokenHandle);
}
*/
/**
* extra main method for testing debug printing
*/
/*
void main(int argc, char *argv[]) {
if(argc != 2) {
fprintf(stderr,"Usage: %s <error number>\n", argv[0]);
}
DisplayErrorText(atoi(argv[1]));
}
*/