2 * PROJECT: ReactOS Named Pipe FileSystem
3 * LICENSE: BSD - See COPYING.ARM in the top level directory
4 * FILE: drivers/filesystems/npfs/secursup.c
5 * PURPOSE: Pipes Security Support
6 * PROGRAMMERS: ReactOS Portable Systems Group
9 /* INCLUDES *******************************************************************/
13 // File ID number for NPFS bugchecking support
14 #define NPFS_BUGCHECK_FILE_ID (NPFS_BUGCHECK_SECURSUP)
16 /* FUNCTIONS ******************************************************************/
20 NpImpersonateClientContext(IN PNP_CCB Ccb
)
23 PSECURITY_CLIENT_CONTEXT ClientContext
;
26 ClientContext
= Ccb
->ClientContext
;
29 Status
= SeImpersonateClientEx(ClientContext
, NULL
);
33 Status
= STATUS_CANNOT_IMPERSONATE
;
40 NpFreeClientSecurityContext(IN PSECURITY_CLIENT_CONTEXT ClientContext
)
45 if (!ClientContext
) return;
47 TokenType
= SeTokenType(ClientContext
->ClientToken
);
48 ClientToken
= ClientContext
->ClientToken
;
49 if ((TokenType
== TokenPrimary
) || (ClientToken
))
51 ObDereferenceObject(ClientToken
);
53 ExFreePool(ClientContext
);
58 NpCopyClientContext(IN PNP_CCB Ccb
,
59 IN PNP_DATA_QUEUE_ENTRY DataQueueEntry
)
63 if (!DataQueueEntry
->ClientSecurityContext
) return;
65 NpFreeClientSecurityContext(Ccb
->ClientContext
);
66 Ccb
->ClientContext
= DataQueueEntry
->ClientSecurityContext
;
67 DataQueueEntry
->ClientSecurityContext
= NULL
;
72 NpUninitializeSecurity(IN PNP_CCB Ccb
)
76 NpFreeClientSecurityContext(Ccb
->ClientContext
);
77 Ccb
->ClientContext
= NULL
;
82 NpInitializeSecurity(IN PNP_CCB Ccb
,
83 IN PSECURITY_QUALITY_OF_SERVICE SecurityQos
,
86 PSECURITY_CLIENT_CONTEXT ClientContext
;
92 Ccb
->ClientQos
= *SecurityQos
;
96 Ccb
->ClientQos
.Length
= sizeof(Ccb
->ClientQos
);
97 Ccb
->ClientQos
.ImpersonationLevel
= SecurityImpersonation
;
98 Ccb
->ClientQos
.ContextTrackingMode
= SECURITY_DYNAMIC_TRACKING
;
99 Ccb
->ClientQos
.EffectiveOnly
= TRUE
;
102 NpUninitializeSecurity(Ccb
);
104 if (Ccb
->ClientQos
.ContextTrackingMode
== SECURITY_DYNAMIC_TRACKING
)
106 Status
= STATUS_SUCCESS
;
107 Ccb
->ClientContext
= NULL
;
111 ClientContext
= ExAllocatePoolWithQuotaTag(PagedPool
| POOL_QUOTA_FAIL_INSTEAD_OF_RAISE
,
112 sizeof(*ClientContext
),
113 NPFS_CLIENT_SEC_CTX_TAG
);
114 Ccb
->ClientContext
= ClientContext
;
115 if (!ClientContext
) return STATUS_INSUFFICIENT_RESOURCES
;
117 Status
= SeCreateClientSecurity(Thread
, &Ccb
->ClientQos
, 0, ClientContext
);
118 if (!NT_SUCCESS(Status
))
120 ExFreePool(Ccb
->ClientContext
);
121 Ccb
->ClientContext
= NULL
;
129 NpGetClientSecurityContext(IN ULONG NamedPipeEnd
,
132 IN PSECURITY_CLIENT_CONTEXT
*Context
)
134 PSECURITY_CLIENT_CONTEXT NewContext
;
138 if (NamedPipeEnd
== FILE_PIPE_SERVER_END
|| Ccb
->ClientQos
.ContextTrackingMode
!= SECURITY_DYNAMIC_TRACKING
)
141 Status
= STATUS_SUCCESS
;
145 NewContext
= ExAllocatePoolWithQuotaTag(PagedPool
| POOL_QUOTA_FAIL_INSTEAD_OF_RAISE
,
147 NPFS_CLIENT_SEC_CTX_TAG
);
148 if (!NewContext
) return STATUS_INSUFFICIENT_RESOURCES
;
150 Status
= SeCreateClientSecurity(Thread
, &Ccb
->ClientQos
, 0, NewContext
);
151 if (!NT_SUCCESS(Status
))
153 ExFreePool(NewContext
);
157 *Context
= NewContext
;