2 * Copyright (c) 2008, 2009, 2010, 2011 Kernel Drivers, LLC.
3 * Copyright (c) 2009, 2010, 2011 Your File System, Inc.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * - Redistributions of source code must retain the above copyright notice,
11 * this list of conditions and the following disclaimer.
12 * - Redistributions in binary form must reproduce the above copyright
14 * this list of conditions and the following disclaimer in the
16 * and/or other materials provided with the distribution.
17 * - Neither the names of Kernel Drivers, LLC and Your File System, Inc.
18 * nor the names of their contributors may be used to endorse or promote
19 * products derived from this software without specific prior written
20 * permission from Kernel Drivers, LLC and Your File System, Inc.
22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
23 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
24 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
25 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
26 * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
27 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
28 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
29 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
30 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
31 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
32 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
44 #include "AFSUserDefines.h"
45 #include "AFSUserIoctl.h"
46 #include "AFSUserStructs.h"
52 printf("Usage: AFSAuthGroup < /sid <SID to use> | /ag <Auth Group GUID> /session <Session ID> | /thread <Thread Specific> | /active <Set Active> | \
53 /q <Query Active AuthGroup> | /l <Query AuthGroup List> | /c <Create new AuthGroup on process or thread> | /s <Set AuthGroup on process or thread> | \
54 /r <Reset AuthGroup list on process or thread> | /n <Create new AuthGroup>\n");
59 int main(int argc, char* argv[])
63 DWORD bytesReturned = 0;
64 HANDLE hControlDevice = NULL;
66 DWORD dwError = 0, dwIndex = 0;
67 BOOLEAN bQueryActiveAuthGroup = FALSE;
68 BOOLEAN bQueryProcessAuthGroupList = FALSE;
70 unsigned char *pchGUID = NULL;
71 WCHAR wchUserSID[ 256];
72 DWORD dwSessionId = (DWORD)-1;
73 BOOLEAN bThreadSpecific = FALSE;
74 BOOLEAN bSetActive = FALSE;
75 BOOLEAN bCreateSetAuthGroup = FALSE;
76 BOOLEAN bSetAuthGroup = FALSE;
77 BOOLEAN bResetAuthGroup = FALSE;
78 BOOLEAN bCreateAuthGroup = FALSE;
79 AFSAuthGroupRequestCB *pAuthGroupRequest = NULL;
80 DWORD dwAuthGroupRequestLen = 0;
93 memset( wchUserSID, '\0', 256 * sizeof( WCHAR));
95 memset( chGUID, '\0', 256);
97 while( dwIndex < (DWORD)argc)
100 if( _stricmp(argv[ dwIndex], "/q") == 0)
102 bQueryActiveAuthGroup = TRUE;
104 else if( _stricmp(argv[ dwIndex], "/l") == 0)
106 bQueryProcessAuthGroupList = TRUE;
108 else if( _stricmp(argv[ dwIndex], "/c") == 0)
110 bCreateSetAuthGroup = TRUE;
112 else if( _stricmp(argv[ dwIndex], "/s") == 0)
114 bSetAuthGroup = TRUE;
116 else if( _stricmp(argv[ dwIndex], "/r") == 0)
118 bResetAuthGroup = TRUE;
120 else if( _stricmp(argv[ dwIndex], "/n") == 0)
122 bCreateAuthGroup = TRUE;
124 else if( _stricmp( argv[ dwIndex], "/sid") == 0)
129 if( MultiByteToWideChar( CP_ACP,
134 (int)strlen( argv[dwIndex]) + 1) == 0)
140 else if( _stricmp( argv[ dwIndex], "/ag") == 0)
148 else if( _stricmp( argv[ dwIndex], "/session") == 0)
153 if( !StrToIntExA( argv[ dwIndex],
155 (int *)&dwSessionId))
162 else if( _stricmp( argv[ dwIndex], "/thread") == 0)
167 bThreadSpecific = TRUE;
169 else if( _stricmp( argv[ dwIndex], "/active") == 0)
191 hControlDevice = CreateFile( AFS_SYMLINK,
192 GENERIC_READ | GENERIC_WRITE,
193 FILE_SHARE_READ | FILE_SHARE_WRITE,
199 if( hControlDevice == INVALID_HANDLE_VALUE)
202 printf( "AFSAuthGroup: Failed to open control device error: %d\n", GetLastError());
207 if( bQueryActiveAuthGroup)
209 dwError = DeviceIoControl( hControlDevice,
210 IOCTL_AFS_AUTHGROUP_SID_QUERY,
220 printf( "AFSAuthGroup Failed to query auth group error %d\n", GetLastError());
225 if( UuidToString( (UUID *)&stAuthGroup,
226 &pchGUID) == RPC_S_OK)
228 printf("AFSAuthGroup Successfully retrieved auth group %s\n", pchGUID);
229 RpcStringFree( &pchGUID);
233 printf("AFSAuthGroup Failed to convert GUID to string\n");
237 else if( bQueryProcessAuthGroupList)
240 pBuffer = (char *)malloc( 0x1000);
244 printf("AFSAuthGroup Failed to allocate query buffer\n");
248 dwError = DeviceIoControl( hControlDevice,
249 IOCTL_AFS_AUTHGROUP_QUERY,
259 printf( "AFSAuthGroup Failed to query auth group list error %d\n", GetLastError());
264 GUID *pCurrentGUID = (GUID *)pBuffer;
266 if( bytesReturned == 0)
268 printf("AFSAuthGroup No custom auth groups assigned to process\n");
272 while( bytesReturned > 0)
274 if( UuidToString( (UUID *)pCurrentGUID,
275 &pchGUID) == RPC_S_OK)
277 printf("AFSAuthGroup Successfully retrieved auth group list entry %s\n", pchGUID);
278 RpcStringFree( &pchGUID);
282 printf("AFSAuthGroup Failed to convert GUID to string\n");
287 bytesReturned -= sizeof( GUID);
292 else if( bCreateSetAuthGroup)
295 dwAuthGroupRequestLen = (DWORD)(sizeof( AFSAuthGroupRequestCB) +
296 (wcslen( wchUserSID) * sizeof( WCHAR)));
298 pAuthGroupRequest = (AFSAuthGroupRequestCB *)malloc( dwAuthGroupRequestLen);
300 if( pAuthGroupRequest == NULL)
302 printf("AFSAuthGroup Failed to allocate request block\n");
306 memset( pAuthGroupRequest,
308 dwAuthGroupRequestLen);
310 pAuthGroupRequest->SIDLength = (USHORT)(wcslen( wchUserSID) * sizeof( WCHAR));
312 if( pAuthGroupRequest->SIDLength > 0)
314 wcscpy( &pAuthGroupRequest->SIDString[ 0], wchUserSID);
317 pAuthGroupRequest->SessionId = dwSessionId;
321 pAuthGroupRequest->Flags |= AFS_PAG_FLAGS_THREAD_AUTH_GROUP;
326 pAuthGroupRequest->Flags |= AFS_PAG_FLAGS_SET_AS_ACTIVE;
329 dwError = DeviceIoControl( hControlDevice,
330 IOCTL_AFS_AUTHGROUP_CREATE_AND_SET,
332 dwAuthGroupRequestLen,
340 printf( "AFSAuthGroup Failed to create and set auth group error %d\n", GetLastError());
344 printf( "AFSAuthGroup Successfully create and set auth group\n");
347 free( pAuthGroupRequest);
349 else if( bSetAuthGroup)
352 if( strlen( chGUID) == 0)
354 printf("AFSAuthGroup Failed to specify AuthGroup GUID when setting\n");
358 dwAuthGroupRequestLen = sizeof( AFSAuthGroupRequestCB);
360 pAuthGroupRequest = (AFSAuthGroupRequestCB *)malloc( dwAuthGroupRequestLen);
362 if( pAuthGroupRequest == NULL)
364 printf("AFSAuthGroup Failed to allocate request block\n");
368 memset( pAuthGroupRequest,
370 dwAuthGroupRequestLen);
374 pAuthGroupRequest->Flags |= AFS_PAG_FLAGS_THREAD_AUTH_GROUP;
379 pAuthGroupRequest->Flags |= AFS_PAG_FLAGS_SET_AS_ACTIVE;
382 if( UuidFromString( (unsigned char *)chGUID,
383 &pAuthGroupRequest->AuthGroup) != RPC_S_OK)
385 printf("AFSAuthGroup Failed to convert string to GUID\n");
386 free( pAuthGroupRequest);
390 dwError = DeviceIoControl( hControlDevice,
391 IOCTL_AFS_AUTHGROUP_SET,
393 dwAuthGroupRequestLen,
401 printf( "AFSAuthGroup Failed to set auth group error %d\n", GetLastError());
405 printf( "AFSAuthGroup Successfully set auth group\n");
408 free( pAuthGroupRequest);
410 else if( bResetAuthGroup)
413 dwAuthGroupRequestLen = sizeof( AFSAuthGroupRequestCB);
415 pAuthGroupRequest = (AFSAuthGroupRequestCB *)malloc( dwAuthGroupRequestLen);
417 if( pAuthGroupRequest == NULL)
419 printf("AFSAuthGroup Failed to allocate request block\n");
423 memset( pAuthGroupRequest,
425 dwAuthGroupRequestLen);
429 pAuthGroupRequest->Flags |= AFS_PAG_FLAGS_THREAD_AUTH_GROUP;
432 dwError = DeviceIoControl( hControlDevice,
433 IOCTL_AFS_AUTHGROUP_RESET,
435 dwAuthGroupRequestLen,
443 printf( "AFSAuthGroup Failed to reset auth group error %d\n", GetLastError());
447 printf( "AFSAuthGroup Successfully reset auth group\n");
450 free( pAuthGroupRequest);
452 else if( bCreateAuthGroup)
455 dwAuthGroupRequestLen = (DWORD)(sizeof( AFSAuthGroupRequestCB) +
456 (wcslen( wchUserSID) * sizeof( WCHAR)));
458 pAuthGroupRequest = (AFSAuthGroupRequestCB *)malloc( dwAuthGroupRequestLen);
460 if( pAuthGroupRequest == NULL)
462 printf("AFSAuthGroup Failed to allocate request block\n");
466 memset( pAuthGroupRequest,
468 dwAuthGroupRequestLen);
470 pAuthGroupRequest->SIDLength = (USHORT)((wcslen( wchUserSID) * sizeof( WCHAR)));
472 if( pAuthGroupRequest->SIDLength > 0)
474 wcscpy( &pAuthGroupRequest->SIDString[ 0], wchUserSID);
477 pAuthGroupRequest->SessionId = dwSessionId;
479 dwError = DeviceIoControl( hControlDevice,
480 IOCTL_AFS_AUTHGROUP_SID_CREATE,
482 dwAuthGroupRequestLen,
490 printf( "AFSAuthGroup Failed to create auth group error %d\n", GetLastError());
494 printf( "AFSAuthGroup Successfully create auth group\n");
497 free( pAuthGroupRequest);
501 printf("AFSAuthGroup Invalid request parameters\n");
512 if( hControlDevice != NULL)
514 CloseHandle( hControlDevice);