jeff/NSspi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #12 from antiduh/pr/11

Browse Source 
Pr/11 Integrate @SteveSyfuhs Thread.CurrentPrinciple changes
This commit is contained in:
Kevin Thompson
2018-04-01 18:10:28 -04:00
committed by GitHub
parent 8355a6b821 19716405b8
commit 5c63105acf
3 changed files with 30 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
NSspi/Contexts/ImpersonationHandle.cs
View File

@@ -1,4 +1,6 @@
using System; using System;
using System.Security.Principal;
using System.Threading;
namespace NSspi.Contexts namespace NSspi.Contexts
{ {

31
NSspi/Contexts/ServerContext.cs
View File

@@ -1,5 +1,7 @@
using System; using System;
using System.Runtime.CompilerServices; using System.Runtime.CompilerServices;
using System.Security.Principal;
using System.Threading;
using NSspi.Buffers; using NSspi.Buffers;
using NSspi.Credentials; using NSspi.Credentials;
@@ -14,19 +16,25 @@ namespace NSspi.Contexts
private ContextAttrib finalAttribs; private ContextAttrib finalAttribs;
private bool impersonating; private bool impersonating;
private bool impersonationSetsThreadPrinciple;
/// <summary> /// <summary>
/// Performs basic initialization of a new instance of the ServerContext class. The ServerContext /// Performs basic initialization of a new instance of the ServerContext class. The
/// is not ready for message manipulation until a security context has been established with a client. /// ServerContext is not ready for message manipulation until a security context has been
/// established with a client.
/// </summary> /// </summary>
/// <param name="cred"></param> /// <param name="cred"></param>
/// <param name="requestedAttribs"></param> /// <param name="requestedAttribs"></param>
public ServerContext( Credential cred, ContextAttrib requestedAttribs ) : base( cred ) /// <param name="impersonationSetsThreadPrinciple">
/// If true, the `Thread.CurrentPrinciple` property will be modified by successful impersonation.
/// </param>
public ServerContext( Credential cred, ContextAttrib requestedAttribs, bool impersonationSetsThreadPrinciple = false ) : base( cred )
{ {
this.requestedAttribs = requestedAttribs; this.requestedAttribs = requestedAttribs;
this.finalAttribs = ContextAttrib.Zero; this.finalAttribs = ContextAttrib.Zero;
this.impersonating = false; this.impersonating = false;
this.impersonationSetsThreadPrinciple = impersonationSetsThreadPrinciple;
this.SupportsImpersonate = this.Credential.PackageInfo.Capabilities.HasFlag( SecPkgCapability.Impersonation ); this.SupportsImpersonate = this.Credential.PackageInfo.Capabilities.HasFlag( SecPkgCapability.Impersonation );
} }
@@ -220,7 +228,7 @@ namespace NSspi.Contexts
this.ContextHandle.DangerousRelease(); this.ContextHandle.DangerousRelease();
this.impersonating = true; this.impersonating = status == SecurityStatus.OK;
} }
} }
@@ -237,6 +245,11 @@ namespace NSspi.Contexts
throw new SSPIException( "Failed to impersonate the client", status ); throw new SSPIException( "Failed to impersonate the client", status );
} }
if( this.impersonating && this.impersonationSetsThreadPrinciple )
{
SetThreadPrinciple();
}
return handle; return handle;
} }
@@ -299,5 +312,15 @@ namespace NSspi.Contexts
base.Dispose( disposing ); base.Dispose( disposing );
} }
/// <summary>
/// Set the current thread security context to the impersonated identity.
/// </summary>
private void SetThreadPrinciple()
{
Thread.CurrentPrincipal = new WindowsPrincipal(
WindowsIdentity.GetCurrent( TokenAccessLevels.AllAccess )
);
}
} }
} }

2
NSspi/Credentials/AuthData.cs
View File

@@ -50,6 +50,6 @@ namespace NSspi.Credentials
{ {
Ansi = 1, Ansi = 1,
Unicode = 1 Unicode = 2
} }
} }