launcher: compute user name from client token

dll: np: do not pass user name as launcher argument
2025-04-22 08:23:05 -05:00 · 2017-11-29 16:20:15 -08:00 · 2017-11-29 16:20:15 -08:00 · 69d68eb22f
commit 69d68eb22f
parent d58f4b84a5
2 changed files with 114 additions and 13 deletions
--- a/src/dll/np.c
+++ b/src/dll/np.c
@ -17,7 +17,6 @@

 #include <dll/library.h>
 #include <launcher/launcher.h>
-#include <lmcons.h>
 #include <npapi.h>
 #include <wincred.h>

@ -169,12 +168,6 @@ static inline BOOLEAN FspNpParseRemoteUserName(PWSTR RemoteName,
    return FALSE;
 }

-static inline BOOLEAN FspNpGetLocalUserName(
-    PWSTR UserName, ULONG UserNameSize/* in chars */)
-{
-    return GetUserName(UserName, &UserNameSize);
-}
-
 static inline DWORD FspNpCallLauncherPipe(PWSTR PipeBuf, ULONG SendSize, ULONG RecvSize)
 {
    DWORD NpResult;
@ -496,7 +489,6 @@ DWORD APIENTRY NPAddConnection(LPNETRESOURCEW lpNetResource, LPWSTR lpPassword,
    WCHAR LocalNameBuf[3];
    PWSTR ClassName, InstanceName, RemoteName, P;
    ULONG ClassNameLen, InstanceNameLen;
-    WCHAR LocalUserName[UNLEN + 1];
    DWORD CredentialsKind;
    PWSTR PipeBuf = 0;
 #if defined(FSP_NP_CREDENTIAL_MANAGER)
@ -525,9 +517,6 @@ DWORD APIENTRY NPAddConnection(LPNETRESOURCEW lpNetResource, LPWSTR lpPassword,
            return WN_ALREADY_CONNECTED;
    }

-    if (!FspNpGetLocalUserName(LocalUserName, sizeof LocalUserName / sizeof LocalUserName[0]))
-        LocalUserName[0] = L'\0';
-
    FspNpGetCredentialsKind(lpRemoteName, &CredentialsKind);

 #if defined(FSP_NP_CREDENTIAL_MANAGER)
@ -582,7 +571,6 @@ DWORD APIENTRY NPAddConnection(LPNETRESOURCEW lpNetResource, LPWSTR lpPassword,
    memcpy(P, InstanceName, InstanceNameLen * sizeof(WCHAR)); P += InstanceNameLen; *P++ = L'\0';
    lstrcpyW(P, RemoteName); P += lstrlenW(RemoteName) + 1;
    lstrcpyW(P, LocalNameBuf); P += lstrlenW(LocalNameBuf) + 1;
-    lstrcpyW(P, LocalUserName); P += lstrlenW(LocalUserName) + 1;
    if (FSP_NP_CREDENTIALS_USERPASS == CredentialsKind)
    {
        lstrcpyW(P, lpUserName); P += lstrlenW(lpUserName) + 1;
--- a/src/launcher/launcher.c
+++ b/src/launcher/launcher.c
@ -67,6 +67,76 @@ BOOL CreateOverlappedPipe(
    return TRUE;
 }

+static NTSTATUS GetTokenUserName(HANDLE Token, PWSTR *PUserName)
+{
+    TOKEN_USER *User = 0;
+    WCHAR Name[256], Domn[256];
+    DWORD UserSize, NameSize, DomnSize;
+    SID_NAME_USE Use;
+    PWSTR P;
+    NTSTATUS Result;
+
+    *PUserName = 0;
+
+    if (GetTokenInformation(Token, TokenUser, 0, 0, &UserSize))
+    {
+        Result = STATUS_INVALID_PARAMETER;
+        goto exit;
+    }
+    if (ERROR_INSUFFICIENT_BUFFER != GetLastError())
+    {
+        Result = FspNtStatusFromWin32(GetLastError());
+        goto exit;
+    }
+
+    User = MemAlloc(UserSize);
+    if (0 == User)
+    {
+        Result = STATUS_INSUFFICIENT_RESOURCES;
+        goto exit;
+    }
+
+    if (!GetTokenInformation(Token, TokenUser, User, UserSize, &UserSize))
+    {
+        Result = FspNtStatusFromWin32(GetLastError());
+        goto exit;
+    }
+
+    NameSize = sizeof Name / sizeof Name[0];
+    DomnSize = sizeof Domn / sizeof Domn[0];
+    if (!LookupAccountSidW(0, User->User.Sid, Name, &NameSize, Domn, &DomnSize, &Use))
+    {
+        Result = FspNtStatusFromWin32(GetLastError());
+        goto exit;
+    }
+
+    NameSize = lstrlenW(Name);
+    DomnSize = lstrlenW(Domn);
+
+    P = *PUserName = MemAlloc((DomnSize + 1 + NameSize + 1) * sizeof(WCHAR));
+    if (0 == P)
+    {
+        Result = STATUS_INSUFFICIENT_RESOURCES;
+        goto exit;
+    }
+
+    if (0 < DomnSize)
+    {
+        memcpy(P, Domn, DomnSize * sizeof(WCHAR));
+        P[DomnSize] = L'\\';
+        P += DomnSize + 1;
+    }
+    memcpy(P, Name, NameSize * sizeof(WCHAR));
+    P[NameSize] = L'\0';
+
+    Result = STATUS_SUCCESS;
+
+exit:
+    MemFree(User);
+
+    return Result;
+}
+
 typedef struct
 {
    HANDLE Process;
@ -142,6 +212,17 @@ typedef struct
 static CRITICAL_SECTION SvcInstanceLock;
 static HANDLE SvcInstanceEvent;
 static LIST_ENTRY SvcInstanceList = { &SvcInstanceList, &SvcInstanceList };
+static DWORD SvcInstanceTlsKey = TLS_OUT_OF_INDEXES;
+
+static inline PWSTR SvcInstanceUserName(VOID)
+{
+    return TlsGetValue(SvcInstanceTlsKey);
+}
+
+static inline VOID SvcInstanceSetUserName(PWSTR UserName)
+{
+    TlsSetValue(SvcInstanceTlsKey, UserName);
+}

 static VOID CALLBACK SvcInstanceTerminated(PVOID Context, BOOLEAN Timeout);

@ -210,6 +291,14 @@ static NTSTATUS SvcInstanceReplaceArguments(PWSTR String, ULONG Argc, PWSTR *Arg
                else
                    Length += SvcInstanceArgumentLength(EmptyArg);
            }
+            else
+            if (L'U' == *P)
+            {
+                if (0 != SvcInstanceUserName())
+                    Length += SvcInstanceArgumentLength(SvcInstanceUserName());
+                else
+                    Length += SvcInstanceArgumentLength(EmptyArg);
+            }
            else
                Length++;
            break;
@ -236,6 +325,14 @@ static NTSTATUS SvcInstanceReplaceArguments(PWSTR String, ULONG Argc, PWSTR *Arg
                else
                    Q = SvcInstanceArgumentCopy(Q, EmptyArg);
            }
+            else
+            if (L'U' == *P)
+            {
+                if (0 != SvcInstanceUserName())
+                    Q = SvcInstanceArgumentCopy(Q, SvcInstanceUserName());
+                else
+                    Q = SvcInstanceArgumentCopy(Q, EmptyArg);
+            }
            else
                *Q++ = *P;
            break;
@ -918,6 +1015,10 @@ static NTSTATUS SvcStart(FSP_SERVICE *Service, ULONG argc, PWSTR *argv)
    if (0 == SvcInstanceEvent)
        goto fail;

+    SvcInstanceTlsKey = TlsAlloc();
+    if (TLS_OUT_OF_INDEXES == SvcInstanceTlsKey)
+        goto fail;
+
    SvcJob = CreateJobObjectW(0, 0);
    if (0 != SvcJob)
    {
@ -980,6 +1081,9 @@ fail:
    if (0 != SvcJob)
        CloseHandle(SvcJob);

+    if (TLS_OUT_OF_INDEXES != SvcInstanceTlsKey)
+        TlsFree(SvcInstanceTlsKey);
+
    if (0 != SvcInstanceEvent)
        CloseHandle(SvcInstanceEvent);

@ -1023,6 +1127,9 @@ static NTSTATUS SvcStop(FSP_SERVICE *Service)
    if (0 != SvcJob)
        CloseHandle(SvcJob);

+    if (TLS_OUT_OF_INDEXES != SvcInstanceTlsKey)
+        TlsFree(SvcInstanceTlsKey);
+
    if (0 != SvcInstanceEvent)
        CloseHandle(SvcInstanceEvent);

@ -1194,13 +1301,16 @@ static VOID SvcPipeTransact(HANDLE ClientToken, PWSTR PipeBuf, PULONG PSize)
        return;

    PWSTR P = PipeBuf, PipeBufEnd = PipeBuf + *PSize / sizeof(WCHAR);
-    PWSTR ClassName, InstanceName;
+    PWSTR ClassName, InstanceName, UserName;
    ULONG Argc; PWSTR Argv[9];
    BOOLEAN HasSecret = FALSE;
    NTSTATUS Result;

    *PSize = 0;

+    GetTokenUserName(ClientToken, &UserName);
+    SvcInstanceSetUserName(UserName);
+
    switch (*P++)
    {
    case LauncherSvcInstanceStartWithSecret:
@ -1264,6 +1374,9 @@ static VOID SvcPipeTransact(HANDLE ClientToken, PWSTR PipeBuf, PULONG PSize)
        SvcPipeTransactResult(STATUS_INVALID_PARAMETER, PipeBuf, PSize);
        break;
    }
+
+    SvcInstanceSetUserName(0);
+    MemFree(UserName);
 }

 int wmain(int argc, wchar_t **argv)