Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_tigervnc / 729598cb00d791bbdfe23ebe0023d3a1c3962f83 / . / win / rfb_win32 / Security.h
blob: 1e2e9068db40228b60e49d6d73d72763ec2f084f [file] [log] [blame]
Constantin Kaplinsky729598c2006-05-25 05:12:25 +0000[diff] [blame^]1/* Copyright (C) 2002-2005 RealVNC Ltd. All Rights Reserved.
2 *
3 * This is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
7 *
8 * This software is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License
14 * along with this software; if not, write to the Free Software
15 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
16 * USA.
17 */
18
19// Security.h
20
21// Wrapper classes for a few Windows NT security structures/functions
22// that are used by VNC
23
24#ifndef __RFB_WIN32_SECURITY_H__
25#define __RFB_WIN32_SECURITY_H__
26
27#include <rdr/types.h>
28#include <rfb_win32/LocalMem.h>
29#include <rfb_win32/TCharArray.h>
30#include <aclapi.h>
31
32namespace rfb {
33
34 namespace win32 {
35
36 struct Trustee : public TRUSTEE {
37 Trustee(const TCHAR* name,
38 TRUSTEE_FORM form=TRUSTEE_IS_NAME,
39 TRUSTEE_TYPE type=TRUSTEE_IS_UNKNOWN);
40 };
41
42 struct ExplicitAccess : public EXPLICIT_ACCESS {
43 ExplicitAccess(const TCHAR* name,
44 TRUSTEE_FORM type,
45 DWORD perms,
46 ACCESS_MODE mode,
47 DWORD inherit=0);
48 };
49
50 // Helper class for building access control lists
51 struct AccessEntries {
52 AccessEntries();
53 ~AccessEntries();
54 void allocMinEntries(int count);
55 void addEntry(const TCHAR* trusteeName,
56 DWORD permissions,
57 ACCESS_MODE mode);
58 void addEntry(const PSID sid,
59 DWORD permissions,
60 ACCESS_MODE mode);
61
62 EXPLICIT_ACCESS* entries;
63 int entry_count;
64 };
65
66 // Helper class for handling SIDs
67 struct Sid : rdr::U8Array {
68 Sid() {}
69 operator PSID() const {return (PSID)buf;}
70 PSID takePSID() {PSID r = (PSID)buf; buf = 0; return r;}
71
72 static PSID copySID(const PSID sid);
73
74 void setSID(const PSID sid);
75
76 void getUserNameAndDomain(TCHAR** name, TCHAR** domain);
77
78 struct Administrators;
79 struct SYSTEM;
80 struct FromToken;
81
82 private:
83 Sid(const Sid&);
84 Sid& operator=(const Sid&);
85 };
86
87 struct Sid::Administrators : public Sid {
88 Administrators();
89 };
90 struct Sid::SYSTEM : public Sid {
91 SYSTEM();
92 };
93 struct Sid::FromToken : public Sid {
94 FromToken(HANDLE h);
95 };
96
97 // Helper class for handling & freeing ACLs
98 struct AccessControlList : public LocalMem {
99 AccessControlList(int size) : LocalMem(size) {}
100 AccessControlList(PACL acl_=0) : LocalMem(acl_) {}
101 operator PACL() {return (PACL)ptr;}
102 };
103
104 // Create a new ACL based on supplied entries and, if supplied, existing ACL
105 PACL CreateACL(const AccessEntries& ae, PACL existing_acl=0);
106
107 // Helper class for memory-management of self-relative SecurityDescriptors
108 struct SecurityDescriptorPtr : LocalMem {
109 SecurityDescriptorPtr(int size) : LocalMem(size) {}
110 SecurityDescriptorPtr(PSECURITY_DESCRIPTOR sd_=0) : LocalMem(sd_) {}
111 PSECURITY_DESCRIPTOR takeSD() {return takePtr();}
112 };
113
114 // Create a new self-relative Security Descriptor, owned by SYSTEM/Administrators,
115 // with the supplied DACL and no SACL. The returned value can be assigned
116 // to a SecurityDescriptorPtr to be managed.
117 PSECURITY_DESCRIPTOR CreateSdWithDacl(const PACL dacl);
118
119 }
120
121}
122
123#endif