geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Bug 303657. Fix for session management of Vista. Admin users have 2 LUIDs. Make these the same userId

Browse Source
This commit is contained in:
Jim Norman 2007-08-23 16:58:51 +00:00
parent 2c9bdbb3c1
commit 4cb470084c
5 changed files with 81 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CASA/extern/w32/namedpipes/AppModule.NamedPipes/APipeConnection.cs vendored
View File

@ -189,9 +189,9 @@ namespace AppModule.NamedPipes {
return (int)this.Handle.Handle;
}
}
public int GetLocalUserID(ref int lowPart, ref int highPart, ref string sSIDString)
public int GetLocalUserID(ref int lowPart, ref int highPart, ref string sSIDString, ref int lowPartElevated, ref int highPartElevated)
{
return ImpersonateWrapper.GetLocalUserID(this.Handle, ref lowPart, ref highPart, ref sSIDString);
return ImpersonateWrapper.GetLocalUserID(this.Handle, ref lowPart, ref highPart, ref sSIDString, ref lowPartElevated, ref highPartElevated);
}
}
}

42
CASA/extern/w32/namedpipes/AppModule.NamedPipes/ImpersonateWrapper.cs vendored
View File

@ -168,7 +168,7 @@ namespace AppModule.NamedPipes
// first call gets length of TokenInformation
ImpersonateNative.GetTokenInformation(token, ImpersonateNative.TOKEN_INFORMATION_CLASS.TokenLinkedToken, IntPtr.Zero, TokenInfLength, ref TokenInfLength);
try
{
@ -181,10 +181,11 @@ namespace AppModule.NamedPipes
linkedToken = (ImpersonateNative.TOKEN_LINKED_TOKEN)Marshal.PtrToStructure(ptrLinkedToken, typeof(ImpersonateNative.TOKEN_LINKED_TOKEN));
}
}
catch (OutOfMemoryException e)
catch (Exception e)
{
System.Diagnostics.Trace.WriteLine(e.ToString());
System.Diagnostics.Trace.WriteLine(e.ToString());
}
finally
{
if (ptrLinkedToken != IntPtr.Zero)
@ -197,7 +198,7 @@ namespace AppModule.NamedPipes
return TokenInfoSuccess;
}
public static int GetLocalUserID(PipeHandle handle, ref int lowPart, ref int highPart, ref string SidString)
public static int GetLocalUserID(PipeHandle handle, ref int lowPart, ref int highPart, ref string SidString, ref int lowPartElevated, ref int highPartElevated)
{
int rcode = -1;
// get client userID
@ -214,6 +215,7 @@ namespace AppModule.NamedPipes
IntPtr hThread = ImpersonateNative.GetCurrentThread();
uint iDesiredInfo = 24; //TOKEN_QUERY | TOKEN_QUERY_SOURCE;
IntPtr userToken = Marshal.AllocHGlobal(4);
IntPtr userTokenElevated = IntPtr.Zero;
if (ImpersonateNative.OpenThreadToken(hThread, iDesiredInfo, true, out userToken))
{
@ -225,7 +227,7 @@ namespace AppModule.NamedPipes
// on Vista use the elevated token if there is one.
System.OperatingSystem os = System.Environment.OSVersion;
System.Diagnostics.Trace.WriteLine("OS Version: {0}", os.Version.ToString());
System.Diagnostics.Trace.WriteLine("OS Version: " + os.Version.ToString());
if (os.Version.Major > 5)
{
if (ImpersonateNative.GetTokenInformation(userToken, ImpersonateNative.TOKEN_INFORMATION_CLASS.TokenElevationType, tu, cb, ref cb))
@ -233,20 +235,24 @@ namespace AppModule.NamedPipes
int iTokenType;
iTokenType = (int)Marshal.PtrToStructure(tu, typeof(int));
System.Diagnostics.Trace.WriteLine("Token Type : {0}", iTokenType.ToString());
if (iTokenType == 3) //.ToString().Equals(ImpersonateNative.TOKEN_ELEVATION_TYPE.TokenElevationTypeLimited))
System.Diagnostics.Trace.WriteLine("Token Type: " + iTokenType.ToString());
if (iTokenType == (int)ImpersonateNative.TOKEN_ELEVATION_TYPE.TokenElevationTypeLimited)
{
System.Diagnostics.Trace.WriteLine("Getting linked token");
ImpersonateNative.TOKEN_LINKED_TOKEN newLinkedToken;
if (GetLinkedToken(userToken, out newLinkedToken))
{
userToken = newLinkedToken.LinkedToken;
//userToken = newLinkedToken.LinkedToken;
userTokenElevated = Marshal.AllocHGlobal(4);
userTokenElevated = newLinkedToken.LinkedToken;
}
}
}
else
{
uint error = ImpersonateNative.GetLastError();
System.Diagnostics.Trace.WriteLine("linked token error: {0}", error.ToString());
System.Diagnostics.Trace.WriteLine("linked token error: " + error.ToString());
}
}
@ -273,6 +279,20 @@ namespace AppModule.NamedPipes
highPart = stats.AuthenticationId.HighPart;
rcode = -1;
}
// get elevated token stats
if (userTokenElevated != IntPtr.Zero)
{
cb = bufLength;
if (ImpersonateNative.GetTokenInformation(userTokenElevated, ImpersonateNative.TOKEN_INFORMATION_CLASS.TokenStatistics, tu, cb, ref cb))
{
stats = (ImpersonateNative.TOKEN_STATISTICS)Marshal.PtrToStructure(tu, typeof(ImpersonateNative.TOKEN_STATISTICS));
// copy low and high part
lowPartElevated = stats.AuthenticationId.LowPart;
highPartElevated = stats.AuthenticationId.HighPart;
rcode = -1;
}
}
}
else
{
@ -295,6 +315,10 @@ namespace AppModule.NamedPipes
}
Marshal.FreeHGlobal(userToken);
if (userTokenElevated != IntPtr.Zero)
{
Marshal.FreeHGlobal(userTokenElevated);
}
}
catch (Exception ex)
{

5
CASA/logincapture/windows/lcredmgr.cpp
View File

@ -410,6 +410,11 @@ NPLogonNotify (
extension.version = 0x00010000; // 1.0.0
extension.ext = (void *)lpLogonId;
#ifdef _DEBUG
DebugPrint("Setting credential for: %d (high) %d (low)\r\n", lpLogonId->HighPart, lpLogonId->LowPart);
#endif
ccode = (*pCASASetCredential)(
0,
&desktopCredential,

22
CASA/micasad/common/WinUserIdentifier.cs
View File

@ -28,8 +28,24 @@ namespace sscs.common
{
private int uidLow;
private int uidHigh;
private int elevatedUidLow = 0;
private int elevatedUidHigh = 0;
private string m_sSID = "";
internal WinUserIdentifier(int uidLowPart, int uidHighPart, string sSID, int elevatedUidLow, int elevatedUidHigh)
{
this.uidLow = uidLowPart;
this.uidHigh = uidHighPart;
this.m_sSID = sSID;
if (elevatedUidLow != null)
this.elevatedUidLow = elevatedUidLow;
if (elevatedUidHigh != null)
this.elevatedUidHigh = elevatedUidHigh;
}
internal WinUserIdentifier(int uidLowPart, int uidHighPart, string sSID)
{
this.uidLow = uidLowPart;
@ -51,8 +67,10 @@ namespace sscs.common
public override bool Equals(Object obj)
{
WinUserIdentifier u = (WinUserIdentifier)obj;
if ((u.uidLow == uidLow) && (u.uidHigh == uidHigh))
WinUserIdentifier u = (WinUserIdentifier)obj;
if (((u.uidLow == uidLow) && (u.uidHigh == uidHigh)) ||
((u.uidLow == elevatedUidLow) && (u.uidHigh == elevatedUidHigh)) ||
((u.elevatedUidLow == uidLow) && (u.elevatedUidHigh == uidHigh)))
{
// we have a match, set the SID if we can
if ((this.m_sSID.Length < 1) && (u.GetSID().Length>0))

26
CASA/micasad/communication/WinIPCChannel.cs
View File

@ -68,6 +68,8 @@ namespace sscs.communication
{
int localUserIDLow = 0;
int localUserIDHigh = 0;
int localUserIDLowElevated = 0;
int localUserIDHighElevated = 0;
string sSIDString = "";
byte[] incoming = null;
@ -77,12 +79,26 @@ namespace sscs.communication
incoming = m_serverPipeConnection.ReadBytes();
// get local Userid and SID
m_serverPipeConnection.GetLocalUserID(ref localUserIDLow, ref localUserIDHigh, ref sSIDString);
m_serverPipeConnection.GetLocalUserID(ref localUserIDLow,
ref localUserIDHigh,
ref sSIDString,
ref localUserIDLowElevated,
ref localUserIDHighElevated);
if (localUserIDLow != 0 || localUserIDHigh !=0)
{
userId = new WinUserIdentifier(localUserIDLow, localUserIDHigh, sSIDString);
}
if (localUserIDLowElevated != 0 || localUserIDHighElevated != 0)
{
if (localUserIDLow != 0 || localUserIDHigh != 0)
{
userId = new WinUserIdentifier(localUserIDLow, localUserIDHigh, sSIDString, localUserIDLowElevated, localUserIDHighElevated);
}
}
else
{
if (localUserIDLow != 0 || localUserIDHigh != 0)
{
userId = new WinUserIdentifier(localUserIDLow, localUserIDHigh, sSIDString);
}
}
return incoming;
}