/*++ Copyright (c) 1991-92 Microsoft Corporation Module Name: Permit.h Abstract: Internal UAS constants, data structures. Author: Shanku Niyogi (W-SHANKN) 24-Oct-1991 Revision History: 24-Oct-1991 w-shankn Ported from LM2.0 code, removed unnecessary stuff. 07-Feb-1992 JohnRo Made changes suggested by PC-LINT. 03-Mar-1992 JohnRo Correct handling of byte flags (UAS_REC_DELETE, etc). 11-Mar-1992 JohnRo Include here to get UNITS_PER_WEEK. 18-Mar-1992 JohnRo Include for UAS_INFO_0. --*/ #ifndef _PERMIT_ #define _PERMIT_ #include // UNITS_PER_WEEK. #include // UAS_INFO_0. #include // Suppress natural alignment. // // Forward declarations for recursive structures. // typedef struct _UAS_AHDR UAS_AHDR, *LPUAS_AHDR; typedef struct _UAS_GROUP UAS_GROUP, *LPUAS_GROUP; typedef struct _UAS_GROUPREC UAS_GROUPREC, *LPUAS_GROUPREC; typedef struct _UAS_USERREC UAS_USERREC, *LPUAS_USERREC; typedef struct _UAS_USERINFO UAS_USERINFO, *LPUAS_USERINFO; typedef struct _UAS_DISKUSERHASH UAS_DISKUSERHASH, *LPUAS_DISKUSERHASH; typedef struct _UAS_PERM UAS_PERM, *LPUAS_PERM; typedef struct _UAS_ACCESSREC UAS_ACCESSREC, *LPUAS_ACCESSREC; typedef struct _UAS_ACCESS UAS_ACCESS, *LPUAS_ACCESS; typedef struct _UAS_VPERM UAS_VPERM, *LPUAS_VPERM; // // Constants. // #define UAS_MAXGROUP 256 // max number of groups allowed in UAS #define UAS_MAXACL 8192 // max number of access control list #define UAS_MAXSEG 8 // max number of segs for perm stuff #define UAS_ACCESSTBLSIZE 1027 // prime number for less collisions #define UAS_PSEGSIZE 1024*24 // Initla size of seg holding _pcb #define UAS_INITSEGSIZE 1024 // Initial size of segs holding perms #define UAS_URECSEGSIZE 1024*16 // Initial size of UAS logon cache seg #define UAS_SIZEINC 2048 // Size to grow each time #define UAS_MINUSER 3 // min number of users in database #define UAS_MINUREC 128 // cache at least 128 user records #define UAS_DEFAULT_USERS 128 // default number of records cached #define UAS_MAXCACHE_LIMIT 1000 // max user records allowed in cache #define UAS_DBIDINFO_SIZE 50 // database identifier string #define UAS_INITIALIZE_SEG 1 // manifest for DosSubSet after Alloc #define UAS_INTRUDER_DELAY 3000L // 3 sec delay to discourage intruders #define UAS_MAX_USERS 16000 // Ever, ever, ever #define UAS_DISK_BLOCK_SIZE 64 // size of block in disk pool #define UAS_FILE_GROW_INCREMENT 32 // Increment of file grow in disk blocks #define UAS_USER_HASH_ENTRIES 2048 #define WORDALIGN(a) (((a)+1) & (~1)) // Temporary definitions. LM20_PATHLEN in LMCONS.H is wrong, and // MAXPERMENTRIES may change(?), MAXWORKSTATIONS not in LMCONS.H #undef LM20_PATHLEN #define LM20_PATHLEN 260 #define LM20_MAXPERMENTRIES 64 #define MAXWORKSTATIONS 8 // // Maximum sizes // #define UAS_MAX_ACL_SIZE (sizeof(UAS_ACCESREC) + LM20_PATHLEN \ + sizeof(UAS_VPERM) \ + (LM20_MAXPERMENTRIES - 1) * sizeof(PERM)) #define UAS_MAX_USER_SIZE (sizeof(UAS_USERINFO) \ + sizeof(WORD) * 8) // Force header to sector size #define UAS_GROUP_HASH_START ((sizeof(UAS_AHDR) + 511) & ~511) #define UAS_GROUP_HASH_OFFSET(i) (UAS_GROUP_HASH_START \ + i * sizeof (UAS_GROUPREC)) #define UAS_HASH_TBL_OFFSET UAS_GROUP_HASH_OFFSET(UAS_MAXGROUP) #define UAS_HASH_ENTRY(i) (UAS_HASH_TBL_OFFSET \ + (i * sizeof (UAS_DISKUSERHASH))) #define UAS_HASH_TBL_SIZE (sizeof(UAS_DISKUSERHASH)*UAS_USER_HASH_ENTRIES) #define UAS_STRING(s,field) ((LPSTR)s + s->field) #define UAS_VPERM_PTR(acc) (LPUAS_VPERM)((acc)->resource \ + ((((acc)->namelen) + 1) & ~1)) // // Name Literal // #define UAS_USERNAME 0 #define UAS_GROUPNAME 1 #define UAS_ACCESSNAME 2 // // names of the database file(s) // #define UAS_ACCOUNTS_FILE "NET.ACC" #define UAS_ACCOUNTS_PATH "C:\\LANMAN\\ACCOUNTS\\" // // special values of uid and serial number for Local calls // #define UAS_LOCAL_UID -1 #define UAS_LOCAL_SERIAL 0L #define UAS_NONEXISTENT_GID -1 // // audit flags // #define UAS_AUDIT_ALL 0x1 #define UAS_AUDIT_OPTIONS 0xFFFE #define UAS_LMFILE_AUDIT_RESERVED 0xF006 #define UAS_PBFILE_AUDIT_RESERVED 0x3 // // Types of records // #define UAS_ACCESS_REC 2 #define UAS_GROUP_REC 1 #define UAS_USER_REC 0 // // Special Groups Info // #define UAS_NUM_SPECIAL_GROUPS 4 #define UAS_GROUP_ADMIN 0 #define UAS_GROUP_USERS 1 #define UAS_GROUP_GUEST 2 #define UAS_GROUP_LOCAL 3 #define UAS_GROUP_NT (DWORD)-1 #define UAS_GROUP_ADMIN_WNAME L"ADMINS" #define UAS_GROUP_USERS_WNAME L"USERS" #define UAS_GROUP_GUEST_WNAME L"GUESTS" #define UAS_GROUP_LOCAL_WNAME L"LOCAL" // // Signature, text strings // #define UAS_LMSIG "MICROSOFT LANMAN 2.0" #define UAS_DBIDINFO_TEXT "LANMAN 2.0 UAS DATABASE" #define UAS_ROLE_NAME_PRIMARY "PRIMARY" #define UAS_ROLE_NAME_BACKUP "BACKUP" #define UAS_ROLE_NAME_MEMBER "MEMBER" #define UAS_ROLE_NAME_STANDALONE "STANDALONE" #define UAS_DOMAIN_LOCAL "LOCAL" #define UAS_NLS_YES_KEY 'Y' #define UAS_NLS_NO_KEY 'N' #define UAS_DEFAULT_YES "(Y/N) [Y]" #define UAS_DEFAULT_NO "(Y/N) [N]" #define UAS_DEFAULT_PASSWORD "PASSWORD" // // # of records reserved as the header (store signature) .. // // Note // record size of group record = sizeof(UAS_GROUPREC) // record size of user record = sizeof(UAS_USERREC) // record size of access record = sizeof(UAS_ACCESSREC) // #define UAS_GROUPHDR 2 #define UAS_ACCESSHDR 1 #define UAS_USERHDR 1 // // File_Record Representation // It is in the first character of the record (name field) // #define UAS_REC_EMPTY '\0' #define UAS_REC_DELETE (BYTE)-1 #define UAS_REC_USE (BYTE)1 // // Status returned in UserId // #define UAS_NAME_NotFound -1 #define UAS_NAME_NotCache -2 // // General Purpose Macros // // BitMap macro #define UAS_MARKUSE(map, pos) ((map)[(pos) >> 3] |= (1 << ((pos) & 7 ) )) #define UAS_MARKOFF(map, pos) ((map)[(pos) >> 3] &= ~(1 << ((pos) & 7 ) )) #define UAS_ISBITON(map, id) ((map)[id >> 3] & ( 1 << ((id) & 0x7) ) ) #define UAS_ISBITOFF(map, id) !UAS_ISBITON((map), (id)) // Conversion from perm ptr back to the access ptr #define UAS_GETACCHDR(perm, len) (LPUAS_ACCESS) ((LPBYTE)(perm) \ - WORDALIGN(len) \ - sizeof(UAS_ACCESS) + 1) // Test if every user's record is cached #define UAS_ALLUSERCACHED (Ucb->usercnt < Ucb->maxuser) // Find the size of block needed to hold access record and perm entries #define UAS_ACCRECSIZE(len, cnt) WORDALIGN(sizeof(UAS_ACCESS) - 1 \ + (len) + sizeof(WORD) \ + (cnt)* sizeof(PERM)) // The size of disk record needed to hold access record and perm entries #define UAS_DISKACCRECSIZE(len, cnt) WORDALIGN(sizeof(UAS_ACCESSREC) - 1 \ + (len) + sizeof (WORD) \ + (cnt) * sizeof(UAS_PERM)) // // Record structures in UAS Database (NET.ACC) // // // Header block structure of NET.ACC // struct _UAS_AHDR { // typedef'ed above. BYTE signature[WORDALIGN(sizeof(UAS_LMSIG))]; // LANMAN signature WORD encryption_flag; // is database encrypted? WORD min_passwd_len; // password length modal DWORD min_passwd_age; // password age modal DWORD max_passwd_age; // password age modal DWORD force_logoff; // forced logoff modal WORD passwd_hist_len; // password history modal WORD max_bad_passwd; // max bad passwd try modal WORD role; // role under SSI UAS_INFO_0 local; // local database info UAS_INFO_0 primary; // primary database info BYTE DBIdInfo[UAS_DBIDINFO_SIZE]; // database identifier str DWORD alist_mtime; // last update to ACL's DWORD glist_mtime; // last upd to groups DWORD ulist_mtime; // last upd to users WORD num_users; // Total users in DB DWORD free_list; // Head of free list DWORD access_list; // Head of access list WORD integrity_flag; // if FALSE, UAS is corrupt }; #define UAS_INTEGRITY_OFFSET (sizeof(UAS_AHDR) - sizeof(WORD)) // // Structure of a group record in UAS Database // struct _UAS_GROUP { // typedef'ed above. BYTE name[LM20_GNLEN+1]; DWORD serial; }; struct _UAS_GROUPREC { // typedef'ed above. BYTE name[LM20_GNLEN+1]; BYTE comment[LM20_MAXCOMMENTSZ+1]; DWORD serial; }; // // Structure of a user record in UAS Database // // fields ending in _o are offsets from the start of the structure // to ASCIIZ strings. // // WARNING: When updating this structure update the matching structure // UAS_USERINFO. You may also have to update the UAS_MAX_USER_SIZE // macro. // struct _UAS_USERREC { // typedef'ed above. UAS_USER user; BYTE name[LM20_UNLEN+1]; // user name WORD size; // total size of user entry BYTE passwd[ENCRYPTED_PWLEN]; // encrypted password DWORD last; // last time passwd changed WORD directory_o; // directory & logon script WORD comment_o; // comment WORD flags; // User flags WORD script_o; // logon script name WORD full_name_o; WORD usr_comment_o; WORD parms_o; DWORD last_logon; DWORD last_logoff; DWORD max_storage; DWORD acct_expires; WORD bad_pw_count; WORD num_logons; BYTE logonhrs[UNITS_PER_WEEK/8]; WORD workstation_o; BYTE old_passwds[DEF_MAX_PWHIST * ENCRYPTED_PWLEN]; WORD logon_server_o; WORD country_code; WORD code_page; }; // // Decompressed user record. // struct _UAS_USERINFO { // typedef'ed above. UAS_USER user; BYTE name[LM20_UNLEN+1]; // user name BYTE passwd[ENCRYPTED_PWLEN]; // encrypted password DWORD last; // last time passwd changed BYTE directory[LM20_PATHLEN+1]; // directory & logon script BYTE comment[LM20_MAXCOMMENTSZ+1]; // comment WORD flags; // User flags BYTE script[LM20_PATHLEN+1]; // logon script name BYTE full_name[LM20_MAXCOMMENTSZ+1]; BYTE usr_comment[MAXCOMMENTSZ+1]; BYTE parms[MAXCOMMENTSZ+1]; DWORD last_logon; DWORD last_logoff; DWORD max_storage; DWORD acct_expires; WORD bad_pw_count; WORD num_logons; BYTE logonhrs[UNITS_PER_WEEK/8]; BYTE workstation[MAXWORKSTATIONS * (LM20_CNLEN+1)]; BYTE old_passwds[DEF_MAX_PWHIST * ENCRYPTED_PWLEN]; BYTE logon_server[LM20_UNCLEN+1]; WORD country_code; WORD code_page; }; #define UAS_URECSIZE UAS_MAX_USER_SIZE #define UAS_GRECSIZE sizeof(UAS_GROUPREC) typedef struct _UAS_DISK_OBJ_HDR { BYTE do_type; BYTE do_numblocks; DWORD do_next; DWORD do_prev; } UAS_DISK_OBJ_HDR, *LPUAS_DISK_OBJ_HDR; #define UAS_NEXT_OFFSET (2 * sizeof(BYTE)) #define UAS_PREV_OFFSET (2 * sizeof(BYTE) + sizeof(DWORD)) #define UAS_FREE_OBJECT_ID 0 #define UAS_USER_OBJECT_ID 1 #define UAS_ACCESS_OBJECT_ID 2 typedef struct _UAS_USER_OBJECT { UAS_DISK_OBJ_HDR uo_header; UAS_USERREC uo_record; BYTE uo_data[1]; // Variable size } UAS_USER_OBJECT, *LPUAS_USER_OBJECT; // // User hash table entry in memory // typedef struct _UAS_USERHASH { DWORD uh_disk; WORD uh_cache; DWORD uh_serial; } UAS_USERHASH, *LPUAS_USERHASH; // // User hash table entry on disk // struct _UAS_DISKUSERHASH { // typedef'ed above. DWORD dh_disk; DWORD dh_serial; }; // // Permission data // struct _UAS_PERM { // typedef'ed above. WORD uid; // bit 15: 0 = uid, 1 = gid DWORD serial; BYTE access; BYTE pad; // word align this puppy }; // // Access Record structure in Database (NET.ACC) // struct _UAS_ACCESSREC { // typedef'ed above. WORD attr; // audit attribute WORD recsize; WORD namelen; BYTE resource[1]; }; // // Internal access record structure in memory // struct _UAS_ACCESS { // typedef'ed above. LPUAS_ACCESS next; DWORD position; WORD attr; WORD recsize; WORD namelen; BYTE resource[1]; }; // // followed by variable number of permission entry // struct _UAS_VPERM { // typedef'ed above. WORD permcnt; UAS_PERM perm[1]; }; // Size (in bytes) of a variable size ACL #define UAS_ACL_RECORD_SIZE(acl,namelen,permcnt) \ (((sizeof(UAS_ACCESSREC) + namelen \ + sizeof (UAS_VPERM) \ + sizeof (UAS_PERM) * (permcnt - 1)) + 1) & ~1) typedef struct _UAS_ACCESS_OBJECT { UAS_DISK_OBJ_HDR ao_header; // Fixed length header UAS_ACCESSREC ao_record; // Variable length UAS_VPERM ao_data; // Variable length } UAS_ACCESS_OBJECT, *LPUAS_ACCESS_OBJECT; #include #endif // _PERMIT_