public static void Main(string[] args) { var queuePath = new QueuePath(".", "queue"); try { var aceMask = MSMQSecurity.GetAccessMask(queuePath, @"username"); Console.WriteLine(aceMask); if ((aceMask & MQQUEUEACCESSMASK.MQSEC_RECEIVE_MESSAGE) == MQQUEUEACCESSMASK.MQSEC_RECEIVE_MESSAGE) { Console.WriteLine("Has receive access"); } else { Console.WriteLine("Doesn't have receive access"); } } catch (Exception e) { Console.WriteLine(e.Message); } Console.ReadKey(); }
private static ACCESS_ALLOWED_ACE GetAce(IntPtr pSecurityDescriptor, string sid) { bool daclPresent; bool daclDefaulted; IntPtr pAcl = IntPtr.Zero; MSMQSecurity.GetSecurityDescriptorDacl(pSecurityDescriptor, out daclPresent, ref pAcl, out daclDefaulted); if (daclPresent) { ACL_SIZE_INFORMATION AclSize = new ACL_SIZE_INFORMATION(); MSMQSecurity.GetAclInformation(pAcl, ref AclSize, (uint)Marshal.SizeOf(typeof(ACL_SIZE_INFORMATION)), ACL_INFORMATION_CLASS.AclSizeInformation); for (int i = 0; i < AclSize.AceCount; i++) { IntPtr pAce; var err = MSMQSecurity.GetAce(pAcl, i, out pAce); ACCESS_ALLOWED_ACE ace = (ACCESS_ALLOWED_ACE)Marshal.PtrToStructure(pAce, typeof(ACCESS_ALLOWED_ACE)); IntPtr iter = (IntPtr)((long)pAce + (long)Marshal.OffsetOf(typeof(ACCESS_ALLOWED_ACE), "SidStart")); byte[] bSID = null; int size = (int)MSMQSecurity.GetLengthSid(iter); bSID = new byte[size]; Marshal.Copy(iter, bSID, 0, size); IntPtr ptrSid; MSMQSecurity.ConvertSidToStringSid(bSID, out ptrSid); string strSID = Marshal.PtrToStringAuto(ptrSid); if (strSID == sid) { return(ace); } } throw new Exception(string.Format("No ACE for SID {0} found in security descriptor", sid)); } else { throw new Exception("No DACL found for security descriptor"); } }
private static GCHandle GetSecurityDescriptorHandle(QueuePath queuePath) { byte[] securityDescriptorBytes; int length; int lengthNeeded; uint result; string formatName = queuePath.ToString(); //Call MQGetQueueSecurity two times. The first time, set the nLength //parameter to 0. The function then informs you of the size that you need for the //security descriptor in lpnLengthNeeded. result = MSMQSecurity.MQGetQueueSecurity( formatName , (int)SecurityInformation.Dacl , IntPtr.Zero , 0 , out lengthNeeded); if (result != MSMQSecurity.MQ_ERROR_SECURITY_DESCRIPTOR_TOO_SMALL) { //Something went wrong. Display error, and then exit. string message = "There was an error calling MQGetQueueSecurity." + Environment.NewLine + "Error Number: " + result.ToString() + Environment.NewLine + "Error Message: " + MSMQSecurity.GetErrorMessage(result); throw new Exception(message); } //Now we know how big to make the security descriptor. length = lengthNeeded; securityDescriptorBytes = new byte[length]; //Get a pointer to the SD IntPtr pSecurityDescriptor = new IntPtr(); GCHandle gcHandleSecurityDescriptor = GCHandle.Alloc(securityDescriptorBytes, GCHandleType.Pinned); pSecurityDescriptor = gcHandleSecurityDescriptor.AddrOfPinnedObject(); //Call MQGetQueueSecurity result = MSMQSecurity.MQGetQueueSecurity( formatName , (int)SecurityInformation.Dacl , pSecurityDescriptor , length , out lengthNeeded); if (result != MSMQSecurity.MQ_OK) { gcHandleSecurityDescriptor.Free(); //Something else went wrong. Display error, and then exit. string message = "There was an error calling MQGetQueueSecurity to read the SecurityDescriptor." + Environment.NewLine + "Error Number: " + result.ToString() + Environment.NewLine + "Error Message: " + MSMQSecurity.GetErrorMessage(result); throw new Exception(message); } var securityDescriptor = new SECURITY_DESCRIPTOR(); Marshal.PtrToStructure(pSecurityDescriptor, securityDescriptor); return(gcHandleSecurityDescriptor); }