telnetd.cpp

telnet源码

#define WIN32_LEAN_AND_MEAN

#include <stdlib.h>
#include <windows.h>
#include <process.h>
#include <winsock2.h>
#include <stdio.h>

#define ERR_BUFF_LEN 1024

#pragma comment( lib, "wsock32" )
#pragma comment( lib, "advapi32" ) 

extern long restartCount;

extern volatile BOOL requestReset;


//Winsock Data block
WSADATA wi;
//Thread handles
UINT thrid_sock;
UINT thrid_console;
UINT thrid_error;
//Stdin/out handles
HANDLE stdinput;
HANDLE stdoutput;
HANDLE stderror;
// "Input" pipe for the console.
HANDLE readInput;
HANDLE writeInput;
// Console "Output" pipe.
HANDLE readOutput;
HANDLE writeOutput;
// Console stderr pipe.
HANDLE readError;
HANDLE writeError;
//Main "listen" socket.
sockaddr_in myaddr;
SOCKET sock;
//Telnet connection socket
SOCKET talk;
//"Share handles" security descriptor
SECURITY_ATTRIBUTES security = {
	sizeof(SECURITY_ATTRIBUTES),
		NULL,
		TRUE
};


//Console Process creation information
STARTUPINFO si;

PROCESS_INFORMATION pi;

HANDLE m_SocketClosed;

unsigned __stdcall run_sock(void*)
{
	char buffer;
	int read;
	DWORD writ;
	while(TRUE)
	{
		read=recv(talk,&buffer,1,0);
		if(!read || read == SOCKET_ERROR)
		{
			if( m_SocketClosed )
				::SetEvent(m_SocketClosed);
			break;
		}
		send(talk, &buffer, 1,0);
		WriteFile( writeInput, &buffer, read, &writ,NULL);
	}
	return 0;
}

#define BUFF_SIZE 256
unsigned __stdcall run_console(void*)
{
	char buffer[BUFF_SIZE];
	DWORD read;
	while(ReadFile(readOutput,buffer,BUFF_SIZE,&read,NULL))
		send(talk,buffer,read,0);
	if( m_SocketClosed )
		::SetEvent(m_SocketClosed);
	return 0;
}

unsigned __stdcall run_error(void*)
{
	char buffer[BUFF_SIZE];
	DWORD read;
	while(ReadFile(readError,buffer,BUFF_SIZE,&read,NULL))
		send(talk,buffer,read,0);
	if( m_SocketClosed )
		::SetEvent(m_SocketClosed);
	return 0;
}




static BOOL
getAndAllocateLogonSid(
	HANDLE hToken,
	PSID *pLogonSid
)
{
	PTOKEN_GROUPS	ptgGroups = NULL;
	DWORD			cbBuffer  = 0;  	/* allocation size */
	DWORD			dwSidLength;		/* required size to hold Sid */
	UINT			i;					/* Sid index counter */
	BOOL			bSuccess  = FALSE;	/* assume this function will fail */

	*pLogonSid = NULL; // invalidate pointer

	/*
	** Get neccessary memory allocation
	*/
	GetTokenInformation(hToken, TokenGroups, ptgGroups, cbBuffer, &cbBuffer);

	if (cbBuffer)
		ptgGroups = (PTOKEN_GROUPS)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, cbBuffer);

	/*
	**	Get Sids for all groups the user belongs to
	*/
	bSuccess = GetTokenInformation(
					hToken,
					TokenGroups,
					ptgGroups,
					cbBuffer,
					&cbBuffer
				);
	if (bSuccess == FALSE)
		goto finish3;

	/*
	** Get the logon Sid by looping through the Sids in the token
	*/
	for(i = 0 ; i < ptgGroups->GroupCount ; i++)
	{
		if (ptgGroups->Groups[i].Attributes & SE_GROUP_LOGON_ID)
		{
			/*
			** insure we are dealing with a valid Sid
			*/
			bSuccess = IsValidSid(ptgGroups->Groups[i].Sid);
			if (bSuccess == FALSE)
				goto finish3;

			/*
			** get required allocation size to copy the Sid
			*/
			dwSidLength=GetLengthSid(ptgGroups->Groups[i].Sid);

			/*
			** allocate storage for the Logon Sid
			*/
			if(
				(*pLogonSid = (PSID)HeapAlloc( GetProcessHeap(), HEAP_ZERO_MEMORY, dwSidLength))
				==
				NULL
			)
			{
				bSuccess = FALSE;
				goto finish3;
			}

			/*
			** copy the Logon Sid to the storage we just allocated
			*/
			bSuccess = CopySid(
							dwSidLength,
							*pLogonSid,
							ptgGroups->Groups[i].Sid
						);

			break;
		}
	}


finish3:
	/*
	** free allocated resources
	*/
	if (bSuccess == FALSE)
	{
		if(*pLogonSid != NULL)
		{
			HeapFree(GetProcessHeap(), 0, *pLogonSid);
			*pLogonSid = NULL;
		}
	}

	if (ptgGroups != NULL)
		HeapFree(GetProcessHeap(), 0, ptgGroups);

	return bSuccess;
}
 
 
static BOOL
setSidOnAcl(
	PSID pSid,
	PACL pAclSource,
	PACL *pAclDestination,
	DWORD AccessMask,
	BOOL bAddSid,
	BOOL bFreeOldAcl
)
{
	ACL_SIZE_INFORMATION	AclInfo;
	DWORD					dwNewAclSize;
	LPVOID					pAce;
	DWORD					AceCounter;
	BOOL					bSuccess=FALSE;

	/*
	** If we were given a NULL Acl, just provide a NULL Acl
	*/
	if (pAclSource == NULL)
	{
		*pAclDestination = NULL;
		return TRUE;
	}

	if (!IsValidSid(pSid)) return FALSE;

	/*
	**	Get ACL's parameters
	*/
	if (
		!GetAclInformation(
			pAclSource,
			&AclInfo,
			sizeof(ACL_SIZE_INFORMATION),
			AclSizeInformation
		)
	)
		return FALSE;

	/*
	**	Compute size for new ACL, based on
	**	addition or subtraction of ACE
	*/
	if (bAddSid)
	{
		dwNewAclSize = AclInfo.AclBytesInUse  +
							sizeof(ACCESS_ALLOWED_ACE)  +
							GetLengthSid(pSid)          -
							sizeof(DWORD)               ;
	}
	else
	{
		dwNewAclSize = AclInfo.AclBytesInUse  -
							sizeof(ACCESS_ALLOWED_ACE)  -
							GetLengthSid(pSid)          +
							sizeof(DWORD)               ;
	}

	*pAclDestination = (PACL) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwNewAclSize);
	if(*pAclDestination == NULL)
		return FALSE;

	/*
	** initialize new Acl
	*/
	bSuccess = InitializeAcl(*pAclDestination, dwNewAclSize, ACL_REVISION);
	if (bSuccess == FALSE)
		goto finish5;

	/*
	** copy existing ACEs to new ACL
	*/
	for(AceCounter = 0 ; AceCounter < AclInfo.AceCount ; AceCounter++)
	{
		/*
		** fetch existing ace
		*/
		bSuccess = GetAce(pAclSource, AceCounter, &pAce);
		if (bSuccess == FALSE)
			goto finish5;

		/*
		** check to see if we are removing the ACE
		*/
		if (!bAddSid)
		{
			/*
			** we only care about ACCESS_ALLOWED ACEs
			*/
			if ((((PACE_HEADER)pAce)->AceType) == ACCESS_ALLOWED_ACE_TYPE)
			{
				PSID pTempSid=(PSID)&((PACCESS_ALLOWED_ACE)pAce)->SidStart;
				/*
				** if the Sid matches, skip adding this Sid
				*/
				if (EqualSid(pSid, pTempSid)) continue;
			}
		}

		/*
		** append ACE to ACL
		*/
		bSuccess = AddAce(
						*pAclDestination,
						ACL_REVISION,
						0,  // maintain Ace order
						pAce,
						((PACE_HEADER)pAce)->AceSize
					);
		if (bSuccess == FALSE)
			goto finish5;

	}

	/*
	** If appropriate, add ACE representing pSid
	*/
	if (bAddSid)
		bSuccess = AddAccessAllowedAce(
						*pAclDestination,
						ACL_REVISION,
						AccessMask,
						pSid
					);

finish5:
	/*
	** free memory if an error occurred
	*/
	if (!bSuccess)
	{
		if(*pAclDestination != NULL)
			HeapFree(GetProcessHeap(), 0, *pAclDestination);
	}
	else if (bFreeOldAcl)
		HeapFree(GetProcessHeap(), 0, pAclSource);

	return bSuccess;
}

static BOOL
setWinstaDesktopSecurity(
	HWINSTA hWinsta,
	HDESK hDesktop,
	PSID pLogonSid,
	BOOL bGrant,
	HANDLE hToken
)
{
	SECURITY_INFORMATION	si = DACL_SECURITY_INFORMATION;
	PSECURITY_DESCRIPTOR	sdDesktop = NULL;
	PSECURITY_DESCRIPTOR	sdWinsta = NULL;
	SECURITY_DESCRIPTOR		sdNewDesktop;
	SECURITY_DESCRIPTOR		sdNewWinsta;
	DWORD					sdDesktopLength	= 0;	/* allocation size */
	DWORD					sdWinstaLength	= 0;	/* allocation size */
	PACL					pDesktopDacl;		/* previous Dacl on Desktop */
	PACL					pWinstaDacl;        /* previous Dacl on Winsta */
	PACL					pNewDesktopDacl	= NULL;	/* new Dacl for Desktop */
	PACL					pNewWinstaDacl	= NULL;	/* new Dacl for Winsta */
	BOOL					bDesktopDaclPresent;
	BOOL					bWinstaDaclPresent;
	BOOL					bDaclDefaultDesktop;
	BOOL					bDaclDefaultWinsta;
	BOOL					bSuccess		= FALSE;
	PSID					pUserSid = NULL;

	/*
	** Obtain security descriptor for Desktop
	*/
	GetUserObjectSecurity(
		hDesktop,
		&si,
		sdDesktop,
		sdDesktopLength,
		&sdDesktopLength
	);

	if (sdDesktopLength)
		sdDesktop = (PSECURITY_DESCRIPTOR)HeapAlloc(
						GetProcessHeap(), HEAP_ZERO_MEMORY, sdDesktopLength);

	bSuccess = GetUserObjectSecurity(
		hDesktop,
		&si,
		sdDesktop,
		sdDesktopLength,
		&sdDesktopLength
	);

	if (bSuccess == FALSE)
		goto finish4;

	/*
	** Obtain security descriptor for Window station
	*/
	GetUserObjectSecurity(
		hWinsta,
		&si,
		sdWinsta,
		sdWinstaLength,
		&sdWinstaLength
	);

	if (sdWinstaLength)
		sdWinsta = (PSECURITY_DESCRIPTOR)HeapAlloc(
							GetProcessHeap(), HEAP_ZERO_MEMORY, sdWinstaLength);

	bSuccess = GetUserObjectSecurity(
		hWinsta,
		&si,
		sdWinsta,
		sdWinstaLength,
		&sdWinstaLength
	);

	if (bSuccess == FALSE)
		goto finish4;

	/*