1 /*
2 * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 #include <jni.h>
27 #include "com_sun_security_auth_module_NTSystem.h"
28
29 #include <windows.h>
30 #include <stdio.h>
31 #include <wchar.h>
32 #include <ntsecapi.h>
33 #include <lmerr.h>
34
35 static BOOL debug = FALSE;
36
37 BOOL getToken(PHANDLE);
38 BOOL getUser(HANDLE tokenHandle, LPTSTR *userName,
39 LPTSTR *domainName, LPTSTR *userSid, LPTSTR *domainSid);
40 BOOL getPrimaryGroup(HANDLE tokenHandle, LPTSTR *primaryGroup);
41 BOOL getGroups(HANDLE tokenHandle, PDWORD numGroups, LPTSTR **groups);
42 BOOL getImpersonationToken(PHANDLE impersonationToken);
43 BOOL getTextualSid(PSID pSid, LPTSTR TextualSid, LPDWORD lpdwBufferLen);
44 void DisplayErrorText(DWORD dwLastError);
45
46 static void throwIllegalArgumentException(JNIEnv *env, const char *msg) {
47 jclass clazz = (*env)->FindClass(env, "java/lang/IllegalArgumentException");
48 if (clazz != NULL)
49 (*env)->ThrowNew(env, clazz, msg);
50 }
51
52 JNIEXPORT jlong JNICALL
53 Java_com_sun_security_auth_module_NTSystem_getImpersonationToken0
54 (JNIEnv *env, jobject obj) {
55 HANDLE impersonationToken = 0; // impersonation token
56 if (debug) {
57 printf("getting impersonation token\n");
58 }
59 if (getImpersonationToken(&impersonationToken) == FALSE) {
60 return 0;
61 }
62 return (jlong)impersonationToken;
63 }
64
65 JNIEXPORT void JNICALL
66 Java_com_sun_security_auth_module_NTSystem_getCurrent
67 (JNIEnv *env, jobject obj, jboolean debugNative) {
68
69 long i, j = 0;
70 HANDLE tokenHandle = INVALID_HANDLE_VALUE;
71
72 LPTSTR userName = NULL; // user name
73 LPTSTR userSid = NULL; // user sid
74 LPTSTR domainName = NULL; // domain name
75 LPTSTR domainSid = NULL; // domain sid
76 LPTSTR primaryGroup = NULL; // primary group sid
77 DWORD numGroups = 0; // num groups
78 LPTSTR *groups = NULL; // groups array
79 long pIndex = -1; // index of primaryGroup in groups array
80
81 jfieldID fid;
82 jstring jstr;
83 jobjectArray jgroups;
84 jclass stringClass = 0;
85 jclass cls = (*env)->GetObjectClass(env, obj);
86
87 debug = debugNative;
88
89 // get NT information first
90
91 if (debug) {
92 printf("getting access token\n");
93 }
94 if (getToken(&tokenHandle) == FALSE) {
95 return;
96 }
97
98 if (debug) {
99 printf("getting user info\n");
100 }
101 if (getUser
102 (tokenHandle, &userName, &domainName, &userSid, &domainSid) == FALSE) {
103 return;
104 }
105
106 if (debug) {
107 printf("getting primary group\n");
108 }
109 if (getPrimaryGroup(tokenHandle, &primaryGroup) == FALSE) {
110 return;
111 }
112
113 if (debug) {
114 printf("getting supplementary groups\n");
115 }
116 if (getGroups(tokenHandle, &numGroups, &groups) == FALSE) {
117 return;
118 }
119
120 // then set values into NTSystem
121
122 fid = (*env)->GetFieldID(env, cls, "userName", "Ljava/lang/String;");
123 if (fid == 0) {
124 (*env)->ExceptionClear(env);
125 throwIllegalArgumentException(env, "invalid field: userName");
126 goto cleanup;
127 }
128 jstr = (*env)->NewStringUTF(env, userName);
129 if (jstr == NULL)
130 goto cleanup;
131 (*env)->SetObjectField(env, obj, fid, jstr);
132
133 fid = (*env)->GetFieldID(env, cls, "userSID", "Ljava/lang/String;");
134 if (fid == 0) {
135 (*env)->ExceptionClear(env);
136 throwIllegalArgumentException(env, "invalid field: userSID");
137 goto cleanup;
138 }
139 jstr = (*env)->NewStringUTF(env, userSid);
140 if (jstr == NULL)
141 goto cleanup;
142 (*env)->SetObjectField(env, obj, fid, jstr);
143
144 fid = (*env)->GetFieldID(env, cls, "domain", "Ljava/lang/String;");
145 if (fid == 0) {
146 (*env)->ExceptionClear(env);
147 throwIllegalArgumentException(env, "invalid field: domain");
148 goto cleanup;
149 }
150 jstr = (*env)->NewStringUTF(env, domainName);
151 if (jstr == NULL)
152 goto cleanup;
153 (*env)->SetObjectField(env, obj, fid, jstr);
154
155 if (domainSid != NULL) {
156 fid = (*env)->GetFieldID(env, cls, "domainSID", "Ljava/lang/String;");
157 if (fid == 0) {
158 (*env)->ExceptionClear(env);
159 throwIllegalArgumentException(env, "invalid field: domainSID");
160 goto cleanup;
161 }
162 jstr = (*env)->NewStringUTF(env, domainSid);
163 if (jstr == NULL)
164 goto cleanup;
165 (*env)->SetObjectField(env, obj, fid, jstr);
166 }
167
168 fid = (*env)->GetFieldID(env, cls, "primaryGroupID", "Ljava/lang/String;");
169 if (fid == 0) {
170 (*env)->ExceptionClear(env);
171 throwIllegalArgumentException(env, "invalid field: PrimaryGroupID");
172 goto cleanup;
173 }
174 jstr = (*env)->NewStringUTF(env, primaryGroup);
175 if (jstr == NULL)
176 goto cleanup;
177 (*env)->SetObjectField(env, obj, fid, jstr);
178
179 // primary group may or may not be part of supplementary groups
180 for (i = 0; i < (long)numGroups; i++) {
181 if (strcmp(primaryGroup, groups[i]) == 0) {
182 // found primary group in groups array
183 pIndex = i;
184 break;
185 }
186 }
187
188 if (numGroups == 0 || (pIndex == 0 && numGroups == 1)) {
189 // primary group is only group in groups array
190
191 if (debug) {
192 printf("no secondary groups\n");
193 }
194 } else {
195
196 // the groups array is non-empty,
197 // and may or may not contain the primary group
198
199 fid = (*env)->GetFieldID(env, cls, "groupIDs", "[Ljava/lang/String;");
200 if (fid == 0) {
201 (*env)->ExceptionClear(env);
202 throwIllegalArgumentException(env, "groupIDs");
203 goto cleanup;
204 }
205
206 stringClass = (*env)->FindClass(env, "java/lang/String");
207 if (stringClass == NULL)
208 goto cleanup;
209
210 if (pIndex == -1) {
211 // primary group not in groups array
212 jgroups = (*env)->NewObjectArray(env, numGroups, stringClass, 0);
213 } else {
214 // primary group in groups array -
215 // allocate one less array entry and do not add into new array
216 jgroups = (*env)->NewObjectArray(env, numGroups-1, stringClass, 0);
217 }
218 if (jgroups == NULL)
219 goto cleanup;
220
221 for (i = 0, j = 0; i < (long)numGroups; i++) {
222 if (pIndex == i) {
223 // continue if equal to primary group
224 continue;
225 }
226 jstr = (*env)->NewStringUTF(env, groups[i]);
227 if (jstr == NULL)
228 goto cleanup;
229 (*env)->SetObjectArrayElement(env, jgroups, j++, jstr);
230 }
231 (*env)->SetObjectField(env, obj, fid, jgroups);
232 }
233
234 cleanup:
235 if (userName != NULL) {
236 HeapFree(GetProcessHeap(), 0, userName);
237 }
238 if (domainName != NULL) {
239 HeapFree(GetProcessHeap(), 0, domainName);
240 }
241 if (userSid != NULL) {
242 HeapFree(GetProcessHeap(), 0, userSid);
243 }
244 if (domainSid != NULL) {
245 HeapFree(GetProcessHeap(), 0, domainSid);
246 }
247 if (primaryGroup != NULL) {
248 HeapFree(GetProcessHeap(), 0, primaryGroup);
249 }
250 if (groups != NULL) {
251 for (i = 0; i < (long)numGroups; i++) {
252 if (groups[i] != NULL) {
253 HeapFree(GetProcessHeap(), 0, groups[i]);
254 }
255 }
256 HeapFree(GetProcessHeap(), 0, groups);
257 }
258 CloseHandle(tokenHandle);
259
260 return;
261 }
262
263 BOOL getToken(PHANDLE tokenHandle) {
264
265 // first try the thread token
266 if (OpenThreadToken(GetCurrentThread(),
267 TOKEN_READ,
268 FALSE,
269 tokenHandle) == 0) {
270 if (debug) {
271 printf(" [getToken] OpenThreadToken error [%d]: ", GetLastError());
272 DisplayErrorText(GetLastError());
273 }
274
275 // next try the process token
276 if (OpenProcessToken(GetCurrentProcess(),
277 TOKEN_READ,
278 tokenHandle) == 0) {
279 if (debug) {
280 printf(" [getToken] OpenProcessToken error [%d]: ",
281 GetLastError());
282 DisplayErrorText(GetLastError());
283 }
284 return FALSE;
285 }
286 }
287
288 if (debug) {
289 printf(" [getToken] got user access token\n");
290 }
291
292 return TRUE;
293 }
294
295 BOOL getUser(HANDLE tokenHandle, LPTSTR *userName,
296 LPTSTR *domainName, LPTSTR *userSid, LPTSTR *domainSid) {
297
298 BOOL error = FALSE;
299 DWORD bufSize = 0;
300 DWORD buf2Size = 0;
301 DWORD retBufSize = 0;
302 PTOKEN_USER tokenUserInfo = NULL; // getTokenInformation
303 SID_NAME_USE nameUse; // LookupAccountSid
304
305 PSID dSid = NULL;
306 LPTSTR domainSidName = NULL;
307
308 // get token information
309 GetTokenInformation(tokenHandle,
310 TokenUser,
311 NULL, // TokenInformation - if NULL get buffer size
312 0, // since TokenInformation is NULL
313 &bufSize);
314
315 tokenUserInfo = (PTOKEN_USER)HeapAlloc(GetProcessHeap(), 0, bufSize);
316 if (GetTokenInformation(tokenHandle,
317 TokenUser,
318 tokenUserInfo,
319 bufSize,
320 &retBufSize) == 0) {
321 if (debug) {
322 printf(" [getUser] GetTokenInformation error [%d]: ",
323 GetLastError());
324 DisplayErrorText(GetLastError());
325 }
326 error = TRUE;
327 goto cleanup;
328 }
329
330 if (debug) {
331 printf(" [getUser] Got TokenUser info\n");
332 }
333
334 // get userName
335 bufSize = 0;
336 buf2Size = 0;
337 LookupAccountSid(NULL, // local host
338 tokenUserInfo->User.Sid,
339 NULL,
340 &bufSize,
341 NULL,
342 &buf2Size,
343 &nameUse);
344
345 *userName = (LPTSTR)HeapAlloc(GetProcessHeap(), 0, bufSize);
346 *domainName = (LPTSTR)HeapAlloc(GetProcessHeap(), 0, buf2Size);
347 if (LookupAccountSid(NULL, // local host
348 tokenUserInfo->User.Sid,
349 *userName,
350 &bufSize,
351 *domainName,
352 &buf2Size,
353 &nameUse) == 0) {
354 if (debug) {
355 printf(" [getUser] LookupAccountSid error [%d]: ",
356 GetLastError());
357 DisplayErrorText(GetLastError());
358 }
359 error = TRUE;
360 goto cleanup;
361 }
362
363 if (debug) {
364 printf(" [getUser] userName: %s, domainName = %s\n",
365 *userName, *domainName);
366 }
367
368 bufSize = 0;
369 getTextualSid(tokenUserInfo->User.Sid, NULL, &bufSize);
370 *userSid = (LPTSTR)HeapAlloc(GetProcessHeap(), 0, bufSize);
371 getTextualSid(tokenUserInfo->User.Sid, *userSid, &bufSize);
372 if (debug) {
373 printf(" [getUser] userSid: %s\n", *userSid);
374 }
375
376 // get domainSid
377 bufSize = 0;
378 buf2Size = 0;
379 LookupAccountName(NULL, // local host
380 *domainName,
381 NULL,
382 &bufSize,
383 NULL,
384 &buf2Size,
385 &nameUse);
386
387 dSid = (PSID)HeapAlloc(GetProcessHeap(), 0, bufSize);
388 domainSidName = (LPTSTR)HeapAlloc(GetProcessHeap(), 0, buf2Size);
389 if (LookupAccountName(NULL, // local host
390 *domainName,
391 dSid,
392 &bufSize,
393 domainSidName,
394 &buf2Size,
395 &nameUse) == 0) {
396 if (debug) {
397 printf(" [getUser] LookupAccountName error [%d]: ",
398 GetLastError());
399 DisplayErrorText(GetLastError());
400 }
401 // ok not to have a domain SID (no error)
402 goto cleanup;
403 }
404
405 bufSize = 0;
406 getTextualSid(dSid, NULL, &bufSize);
407 *domainSid = (LPTSTR)HeapAlloc(GetProcessHeap(), 0, bufSize);
408 getTextualSid(dSid, *domainSid, &bufSize);
409 if (debug) {
410 printf(" [getUser] domainSid: %s\n", *domainSid);
411 }
412
413 cleanup:
414 if (tokenUserInfo != NULL) {
415 HeapFree(GetProcessHeap(), 0, tokenUserInfo);
416 }
417 if (dSid != NULL) {
418 HeapFree(GetProcessHeap(), 0, dSid);
419 }
420 if (domainSidName != NULL) {
421 HeapFree(GetProcessHeap(), 0, domainSidName);
422 }
423 if (error) {
424 return FALSE;
425 }
426 return TRUE;
427 }
428
429 BOOL getPrimaryGroup(HANDLE tokenHandle, LPTSTR *primaryGroup) {
430
431 BOOL error = FALSE;
432 DWORD bufSize = 0;
433 DWORD retBufSize = 0;
434
435 PTOKEN_PRIMARY_GROUP tokenGroupInfo = NULL;
436
437 // get token information
438 GetTokenInformation(tokenHandle,
439 TokenPrimaryGroup,
440 NULL, // TokenInformation - if NULL get buffer size
441 0, // since TokenInformation is NULL
442 &bufSize);
443
444 tokenGroupInfo = (PTOKEN_PRIMARY_GROUP)HeapAlloc
445 (GetProcessHeap(), 0, bufSize);
446 if (GetTokenInformation(tokenHandle,
447 TokenPrimaryGroup,
448 tokenGroupInfo,
449 bufSize,
450 &retBufSize) == 0) {
451 if (debug) {
452 printf(" [getPrimaryGroup] GetTokenInformation error [%d]: ",
453 GetLastError());
454 DisplayErrorText(GetLastError());
455 }
456 error = TRUE;
457 goto cleanup;
458 }
459
460 if (debug) {
461 printf(" [getPrimaryGroup] Got TokenPrimaryGroup info\n");
462 }
463
464 bufSize = 0;
465 getTextualSid(tokenGroupInfo->PrimaryGroup, NULL, &bufSize);
466 *primaryGroup = (LPTSTR)HeapAlloc(GetProcessHeap(), 0, bufSize);
467 getTextualSid(tokenGroupInfo->PrimaryGroup, *primaryGroup, &bufSize);
468 if (debug) {
469 printf(" [getPrimaryGroup] primaryGroup: %s\n", *primaryGroup);
470 }
471
472 cleanup:
473 if (tokenGroupInfo != NULL) {
474 HeapFree(GetProcessHeap(), 0, tokenGroupInfo);
475 }
476 if (error) {
477 return FALSE;
478 }
479 return TRUE;
480 }
481
482 BOOL getGroups(HANDLE tokenHandle, PDWORD numGroups, LPTSTR **groups) {
483
484 BOOL error = FALSE;
485 DWORD bufSize = 0;
486 DWORD retBufSize = 0;
487 long i = 0;
488
489 PTOKEN_GROUPS tokenGroupInfo = NULL;
490
491 // get token information
492 GetTokenInformation(tokenHandle,
493 TokenGroups,
494 NULL, // TokenInformation - if NULL get buffer size
495 0, // since TokenInformation is NULL
496 &bufSize);
497
498 tokenGroupInfo = (PTOKEN_GROUPS)HeapAlloc(GetProcessHeap(), 0, bufSize);
499 if (GetTokenInformation(tokenHandle,
500 TokenGroups,
501 tokenGroupInfo,
502 bufSize,
503 &retBufSize) == 0) {
504 if (debug) {
505 printf(" [getGroups] GetTokenInformation error [%d]: ",
506 GetLastError());
507 DisplayErrorText(GetLastError());
508 }
509 error = TRUE;
510 goto cleanup;
511 }
512
513 if (debug) {
514 printf(" [getGroups] Got TokenGroups info\n");
515 }
516
517 if (tokenGroupInfo->GroupCount == 0) {
518 // no groups
519 goto cleanup;
520 }
521
522 // return group info
523 *numGroups = tokenGroupInfo->GroupCount;
524 *groups = (LPTSTR *)HeapAlloc
525 (GetProcessHeap(), 0, (*numGroups) * sizeof(LPTSTR));
526 for (i = 0; i < (long)*numGroups; i++) {
527 bufSize = 0;
528 getTextualSid(tokenGroupInfo->Groups[i].Sid, NULL, &bufSize);
529 (*groups)[i] = (LPTSTR)HeapAlloc(GetProcessHeap(), 0, bufSize);
530 getTextualSid(tokenGroupInfo->Groups[i].Sid, (*groups)[i], &bufSize);
531 if (debug) {
532 printf(" [getGroups] group %d: %s\n", i, (*groups)[i]);
533 }
534 }
535
536 cleanup:
537 if (tokenGroupInfo != NULL) {
538 HeapFree(GetProcessHeap(), 0, tokenGroupInfo);
539 }
540 if (error) {
541 return FALSE;
542 }
543 return TRUE;
544 }
545
546 BOOL getImpersonationToken(PHANDLE impersonationToken) {
547
548 HANDLE dupToken;
549
550 if (OpenThreadToken(GetCurrentThread(),
551 TOKEN_DUPLICATE,
552 FALSE,
553 &dupToken) == 0) {
554 if (OpenProcessToken(GetCurrentProcess(),
555 TOKEN_DUPLICATE,
556 &dupToken) == 0) {
557 if (debug) {
558 printf
559 (" [getImpersonationToken] OpenProcessToken error [%d]: ",
560 GetLastError());
561 DisplayErrorText(GetLastError());
562 }
563 return FALSE;
564 }
565 }
566
567 if (DuplicateToken(dupToken,
568 SecurityImpersonation,
569 impersonationToken) == 0) {
570 if (debug) {
571 printf(" [getImpersonationToken] DuplicateToken error [%d]: ",
572 GetLastError());
573 DisplayErrorText(GetLastError());
574 }
575 return FALSE;
576 }
577 CloseHandle(dupToken);
578
579 if (debug) {
580 printf(" [getImpersonationToken] token = %p\n",
581 (void *)*impersonationToken);
582 }
583 return TRUE;
584 }
585
586 BOOL getTextualSid
587 (PSID pSid, // binary SID
588 LPTSTR TextualSid, // buffer for Textual representation of SID
589 LPDWORD lpdwBufferLen) { // required/provided TextualSid buffersize
590
591 PSID_IDENTIFIER_AUTHORITY psia;
592 DWORD dwSubAuthorities;
593 DWORD dwSidRev=SID_REVISION;
594 DWORD dwCounter;
595 DWORD dwSidSize;
596
597 // Validate the binary SID.
598 if(!IsValidSid(pSid)) return FALSE;
599
600 // Get the identifier authority value from the SID.
601 psia = GetSidIdentifierAuthority(pSid);
602
603 // Get the number of subauthorities in the SID.
604 dwSubAuthorities = *GetSidSubAuthorityCount(pSid);
605
606 // Compute the buffer length.
607 // S-SID_REVISION- + IdentifierAuthority- + subauthorities- + NULL
608 dwSidSize=(15 + 12 + (12 * dwSubAuthorities) + 1) * sizeof(TCHAR);
609
610 // Check input buffer length.
611 // If too small, indicate the proper size and set last error.
612 if (*lpdwBufferLen < dwSidSize) {
613 *lpdwBufferLen = dwSidSize;
614 SetLastError(ERROR_INSUFFICIENT_BUFFER);
615 return FALSE;
616 }
617
618 // Add 'S' prefix and revision number to the string.
619 dwSidSize=wsprintf(TextualSid, TEXT("S-%lu-"), dwSidRev );
620
621 // Add SID identifier authority to the string.
622 if ((psia->Value[0] != 0) || (psia->Value[1] != 0)) {
623 dwSidSize+=wsprintf(TextualSid + lstrlen(TextualSid),
624 TEXT("0x%02hx%02hx%02hx%02hx%02hx%02hx"),
625 (USHORT)psia->Value[0],
626 (USHORT)psia->Value[1],
627 (USHORT)psia->Value[2],
628 (USHORT)psia->Value[3],
629 (USHORT)psia->Value[4],
630 (USHORT)psia->Value[5]);
631 } else {
632 dwSidSize+=wsprintf(TextualSid + lstrlen(TextualSid),
633 TEXT("%lu"),
634 (ULONG)(psia->Value[5] ) +
635 (ULONG)(psia->Value[4] << 8) +
636 (ULONG)(psia->Value[3] << 16) +
637 (ULONG)(psia->Value[2] << 24) );
638 }
639
640 // Add SID subauthorities to the string.
641 for (dwCounter=0 ; dwCounter < dwSubAuthorities ; dwCounter++) {
642 dwSidSize+=wsprintf(TextualSid + dwSidSize, TEXT("-%lu"),
643 *GetSidSubAuthority(pSid, dwCounter) );
644 }
645
646 return TRUE;
647 }
648
649 void DisplayErrorText(DWORD dwLastError) {
650 HMODULE hModule = NULL; // default to system source
651 LPSTR MessageBuffer;
652 DWORD dwBufferLength;
653
654 DWORD dwFormatFlags = FORMAT_MESSAGE_ALLOCATE_BUFFER |
655 FORMAT_MESSAGE_IGNORE_INSERTS |
656 FORMAT_MESSAGE_FROM_SYSTEM ;
657
658 //
659 // If dwLastError is in the network range,
660 // load the message source.
661 //
662
663 if(dwLastError >= NERR_BASE && dwLastError <= MAX_NERR) {
664 hModule = LoadLibraryEx(TEXT("netmsg.dll"),
665 NULL,
666 LOAD_LIBRARY_AS_DATAFILE);
667
668 if(hModule != NULL)
669 dwFormatFlags |= FORMAT_MESSAGE_FROM_HMODULE;
670 }
671
672 //
673 // Call FormatMessage() to allow for message
674 // text to be acquired from the system
675 // or from the supplied module handle.
676 //
677
678 if(dwBufferLength = FormatMessageA(dwFormatFlags,
679 hModule, // module to get message from (NULL == system)
680 dwLastError,
681 MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // default language
682 (LPSTR) &MessageBuffer,
683 0,
684 NULL)) {
685 DWORD dwBytesWritten;
686
687 //
688 // Output message string on stderr.
689 //
690 WriteFile(GetStdHandle(STD_ERROR_HANDLE),
691 MessageBuffer,
692 dwBufferLength,
693 &dwBytesWritten,
694 NULL);
695
696 //
697 // Free the buffer allocated by the system.
698 //
699 LocalFree(MessageBuffer);
700 }
701
702 //
703 // If we loaded a message source, unload it.
704 //
705 if(hModule != NULL)
706 FreeLibrary(hModule);
707 }
708
709 /**
710 * 1. comment out first two #includes
711 * 2. set 'debug' to TRUE
712 * 3. comment out 'getCurrent'
713 * 4. uncomment 'main'
714 * 5. cc -c nt.c
715 * 6. link nt.obj user32.lib advapi32.lib /out:nt.exe
716 */
717 /*
718 void main(int argc, char *argv[]) {
719
720 long i = 0;
721 HANDLE tokenHandle = INVALID_HANDLE_VALUE;
722
723 LPTSTR userName = NULL;
724 LPTSTR userSid = NULL;
725 LPTSTR domainName = NULL;
726 LPTSTR domainSid = NULL;
727 LPTSTR primaryGroup = NULL;
728 DWORD numGroups = 0;
729 LPTSTR *groups = NULL;
730 HANDLE impersonationToken = 0;
731
732 printf("getting access token\n");
733 if (getToken(&tokenHandle) == FALSE) {
734 exit(1);
735 }
736
737 printf("getting user info\n");
738 if (getUser
739 (tokenHandle, &userName, &domainName, &userSid, &domainSid) == FALSE) {
740 exit(1);
741 }
742
743 printf("getting primary group\n");
744 if (getPrimaryGroup(tokenHandle, &primaryGroup) == FALSE) {
745 exit(1);
746 }
747
748 printf("getting supplementary groups\n");
749 if (getGroups(tokenHandle, &numGroups, &groups) == FALSE) {
750 exit(1);
751 }
752
753 printf("getting impersonation token\n");
754 if (getImpersonationToken(&impersonationToken) == FALSE) {
755 exit(1);
756 }
757
758 printf("userName = %s, userSid = %s, domainName = %s, domainSid = %s\n",
759 userName, userSid, domainName, domainSid);
760 printf("primaryGroup = %s\n", primaryGroup);
761 for (i = 0; i < numGroups; i++) {
762 printf("Group[%d] = %s\n", i, groups[i]);
763 }
764 printf("impersonationToken = %ld\n", impersonationToken);
765
766 if (userName != NULL) {
767 HeapFree(GetProcessHeap(), 0, userName);
768 }
769 if (userSid != NULL) {
770 HeapFree(GetProcessHeap(), 0, userSid);
771 }
772 if (domainName != NULL) {
773 HeapFree(GetProcessHeap(), 0, domainName);
774 }
775 if (domainSid != NULL) {
776 HeapFree(GetProcessHeap(), 0, domainSid);
777 }
778 if (primaryGroup != NULL) {
779 HeapFree(GetProcessHeap(), 0, primaryGroup);
780 }
781 if (groups != NULL) {
782 for (i = 0; i < numGroups; i++) {
783 if (groups[i] != NULL) {
784 HeapFree(GetProcessHeap(), 0, groups[i]);
785 }
786 }
787 HeapFree(GetProcessHeap(), 0, groups);
788 }
789 CloseHandle(impersonationToken);
790 CloseHandle(tokenHandle);
791 }
792 */
793
794 /**
795 * extra main method for testing debug printing
796 */
797 /*
798 void main(int argc, char *argv[]) {
799 if(argc != 2) {
800 fprintf(stderr,"Usage: %s <error number>\n", argv[0]);
801 }
802
803 DisplayErrorText(atoi(argv[1]));
804 }
805 */