Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-01-02 12:32:47 +00:00
Code Issues Projects Releases Packages Wiki Activity

[LSASRV]

Browse source 
- Allocate buffers for account and domain names in the well-known sid list instead of using pointers to strings.
- Add a string load routine and convert all hard-coded SID names to resources.
A german translation will follow soon.

svn path=/trunk/; revision=60013
This commit is contained in:
Eric Kohl 2013-09-10 21:20:22 +00:00
parent 179f3eb806
commit 13abedbf7a
7 changed files with 381 additions and 77 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
reactos/dll/win32/lsasrv/CMakeLists.txt
View file

@ -18,6 +18,7 @@ list(APPEND SOURCE
privileges.c privileges.c
registry.c registry.c
security.c security.c
utils.c
lsasrv.rc lsasrv.rc
${CMAKE_CURRENT_BINARY_DIR}/lsasrv_stubs.c ${CMAKE_CURRENT_BINARY_DIR}/lsasrv_stubs.c
${CMAKE_CURRENT_BINARY_DIR}/lsasrv.def ${CMAKE_CURRENT_BINARY_DIR}/lsasrv.def

44
reactos/dll/win32/lsasrv/lang/en-US.rc Normal file
View file

@ -0,0 +1,44 @@
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
STRINGTABLE
BEGIN
IDS_NT_AUTHORITY "NT AUTHORITY"
IDS_NULL_RID "NULL SID"
IDS_WORLD_RID "Everyone"
IDS_LOCAL_RID "LOCAL"
IDS_CREATOR_OWNER_RID "CREATOR OWNER"
IDS_CREATOR_GROUP_RID "CREATOR GROUP"
IDS_CREATOR_OWNER_SERVER_RID "CREATOR OWNER SERVER"
IDS_CREATOR_GROUP_SERVER_RID "CREATOR GROUP SERVER"
IDS_DIALUP_RID "DIALUP"
IDS_NETWORK_RID "NETWORK"
IDS_BATCH_RID "BATCH"
IDS_INTERACTIVE_RID "INTERACTIVE"
IDS_SERVICE_RID "SERVICE"
IDS_ANONYMOUS_LOGON_RID "ANONYMOUS LOGON"
IDS_PROXY_RID "PROXY"
IDS_ENTERPRISE_CONTROLLERS_RID "ENTERPRISE DOMAIN CONTROLLERS"
IDS_PRINCIPAL_SELF_RID "SELF"
IDS_AUTHENTICATED_USER_RID "Authenticated Users"
IDS_RESTRICTED_CODE_RID "RESTRICTED"
IDS_TERMINAL_SERVER_RID "TERMINAL SERVER USER"
IDS_REMOTE_LOGON_RID "REMOTE INTERACTIVE LOGON"
IDS_THIS_ORGANIZATION_RID "This Organization"
IDS_LOCAL_SYSTEM_RID "SYSTEM"
IDS_LOCAL_SERVICE_RID "LOCAL SERVICE"
IDS_NETWORK_SERVICE_RID "NETWORK SERVICE"
IDS_BUILTIN_DOMAIN_RID "BUILTIN"
IDS_ALIAS_RID_ADMINS "Administrators"
IDS_ALIAS_RID_USERS "Users"
IDS_ALIAS_RID_GUESTS "Guests"
IDS_ALIAS_RID_POWER_USERS "Power Users"
IDS_ALIAS_RID_ACCOUNT_OPS "Account Operators"
IDS_ALIAS_RID_SYSTEM_OPS "Server Operators"
IDS_ALIAS_RID_PRINT_OPS "Print Operators"
IDS_ALIAS_RID_BACKUP_OPS "Backup Operators"
IDS_ALIAS_RID_REPLICATOR "Replicators"
IDS_ALIAS_RID_RAS_SERVERS "RAS and IAS Servers"
IDS_ALIAS_RID_PREW2KCOMPACCESS "Pre-Windows 2000 Compatible Access"
IDS_ALIAS_RID_REMOTE_DESKTOP_USERS "Remote Desktop Users"
IDS_ALIAS_RID_NETWORK_CONFIGURATION_OPS "Network Configuration Operators"
END

265
reactos/dll/win32/lsasrv/lookup.c
View file

@ -235,11 +235,38 @@ LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
*p = SubAuthorities[i]; *p = SubAuthorities[i];
} }
RtlInitUnicodeString(&SidEntry->AccountName, // RtlInitUnicodeString(&SidEntry->AccountName,
AccountName); // AccountName);
SidEntry->AccountName.Length = wcslen(AccountName) * sizeof(WCHAR);
SidEntry->AccountName.MaximumLength = SidEntry->AccountName.Length + sizeof(WCHAR);
SidEntry->AccountName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), 0,
SidEntry->AccountName.MaximumLength);
if (SidEntry->AccountName.Buffer == NULL)
{
RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry->Sid);
RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry);
return FALSE;
}
RtlInitUnicodeString(&SidEntry->DomainName, wcscpy(SidEntry->AccountName.Buffer,
DomainName); AccountName);
// RtlInitUnicodeString(&SidEntry->DomainName,
// DomainName);
SidEntry->DomainName.Length = wcslen(DomainName) * sizeof(WCHAR);
SidEntry->DomainName.MaximumLength = SidEntry->DomainName.Length + sizeof(WCHAR);
SidEntry->DomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), 0,
SidEntry->DomainName.MaximumLength);
if (SidEntry->DomainName.Buffer == NULL)
{
RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry->AccountName.Buffer);
RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry->Sid);
RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry);
return FALSE;
}
wcscpy(SidEntry->DomainName.Buffer,
DomainName);
SidEntry->Use = Use; SidEntry->Use = Use;
@ -253,223 +280,278 @@ LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
NTSTATUS NTSTATUS
LsapInitSids(VOID) LsapInitSids(VOID)
{ {
WCHAR szAccountName[80];
WCHAR szDomainName[80];
ULONG SubAuthorities[8]; ULONG SubAuthorities[8];
HINSTANCE hInstance;
InitializeListHead(&WellKnownSidListHead); InitializeListHead(&WellKnownSidListHead);
hInstance = GetModuleHandleW(L"lsasrv.dll");
/* NT Authority */ /* NT Authority */
LsapLoadString(hInstance, IDS_NT_AUTHORITY, szAccountName, 80);
LsapLoadString(hInstance, IDS_NT_AUTHORITY, szDomainName, 80);
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
0, 0,
NULL, NULL,
L"NT AUTHORITY", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeDomain); SidTypeDomain);
/* Null Sid */ /* Null Sid */
LsapLoadString(hInstance, IDS_NULL_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_NULL_RID; SubAuthorities[0] = SECURITY_NULL_RID;
LsapCreateSid(&NullSidAuthority, LsapCreateSid(&NullSidAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"NULL SID", szAccountName,
L"", L"",
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* World Sid */ /* World Sid */
LsapLoadString(hInstance, IDS_WORLD_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_WORLD_RID; SubAuthorities[0] = SECURITY_WORLD_RID;
LsapCreateSid(&WorldSidAuthority, LsapCreateSid(&WorldSidAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"Everyone", szAccountName,
L"", L"",
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Local Sid */ /* Local Sid */
LsapLoadString(hInstance, IDS_LOCAL_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_LOCAL_RID; SubAuthorities[0] = SECURITY_LOCAL_RID;
LsapCreateSid(&LocalSidAuthority, LsapCreateSid(&LocalSidAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"LOCAL", szAccountName,
L"", L"",
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Creator Owner Sid */ /* Creator Owner Sid */
LsapLoadString(hInstance, IDS_CREATOR_OWNER_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_CREATOR_OWNER_RID; SubAuthorities[0] = SECURITY_CREATOR_OWNER_RID;
LsapCreateSid(&CreatorSidAuthority, LsapCreateSid(&CreatorSidAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"CREATOR OWNER", szAccountName,
L"", L"",
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Creator Group Sid */ /* Creator Group Sid */
LsapLoadString(hInstance, IDS_CREATOR_GROUP_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_CREATOR_GROUP_RID; SubAuthorities[0] = SECURITY_CREATOR_GROUP_RID;
LsapCreateSid(&CreatorSidAuthority, LsapCreateSid(&CreatorSidAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"CREATOR GROUP", szAccountName,
L"", L"",
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Creator Owner Server Sid */ /* Creator Owner Server Sid */
LsapLoadString(hInstance, IDS_CREATOR_OWNER_SERVER_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_CREATOR_OWNER_SERVER_RID; SubAuthorities[0] = SECURITY_CREATOR_OWNER_SERVER_RID;
LsapCreateSid(&CreatorSidAuthority, LsapCreateSid(&CreatorSidAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"CREATOR OWNER SERVER", szAccountName,
L"", L"",
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Creator Group Server Sid */ /* Creator Group Server Sid */
LsapLoadString(hInstance, IDS_CREATOR_GROUP_SERVER_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_CREATOR_GROUP_SERVER_RID; SubAuthorities[0] = SECURITY_CREATOR_GROUP_SERVER_RID;
LsapCreateSid(&CreatorSidAuthority, LsapCreateSid(&CreatorSidAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"CREATOR GROUP SERVER", szAccountName,
L"", L"",
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Dialup Sid */ /* Dialup Sid */
LsapLoadString(hInstance, IDS_DIALUP_RID, szAccountName, 80);
LsapLoadString(hInstance, IDS_NT_AUTHORITY, szDomainName, 80);
SubAuthorities[0] = SECURITY_DIALUP_RID; SubAuthorities[0] = SECURITY_DIALUP_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"DIALUP", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Network Sid */ /* Network Sid */
LsapLoadString(hInstance, IDS_DIALUP_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_NETWORK_RID; SubAuthorities[0] = SECURITY_NETWORK_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"NETWORK", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Batch Sid*/ /* Batch Sid*/
LsapLoadString(hInstance, IDS_BATCH_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_BATCH_RID; SubAuthorities[0] = SECURITY_BATCH_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"BATCH", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Interactive Sid */ /* Interactive Sid */
LsapLoadString(hInstance, IDS_INTERACTIVE_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_INTERACTIVE_RID; SubAuthorities[0] = SECURITY_INTERACTIVE_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"INTERACTIVE", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Service Sid */ /* Service Sid */
LsapLoadString(hInstance, IDS_SERVICE_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_SERVICE_RID; SubAuthorities[0] = SECURITY_SERVICE_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"SERVICE", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Anonymous Logon Sid */ /* Anonymous Logon Sid */
LsapLoadString(hInstance, IDS_ANONYMOUS_LOGON_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_ANONYMOUS_LOGON_RID; SubAuthorities[0] = SECURITY_ANONYMOUS_LOGON_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"ANONYMOUS LOGON", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Proxy Sid */ /* Proxy Sid */
LsapLoadString(hInstance, IDS_PROXY_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_PROXY_RID; SubAuthorities[0] = SECURITY_PROXY_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"PROXY", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Enterprise Controllers Sid */ /* Enterprise Controllers Sid */
LsapLoadString(hInstance, IDS_ENTERPRISE_CONTROLLERS_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_ENTERPRISE_CONTROLLERS_RID; SubAuthorities[0] = SECURITY_ENTERPRISE_CONTROLLERS_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"ENTERPRISE DOMAIN CONTROLLERS", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Principal Self Sid */ /* Principal Self Sid */
LsapLoadString(hInstance, IDS_PRINCIPAL_SELF_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_PRINCIPAL_SELF_RID; SubAuthorities[0] = SECURITY_PRINCIPAL_SELF_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"SELF", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Authenticated Users Sid */ /* Authenticated Users Sid */
LsapLoadString(hInstance, IDS_AUTHENTICATED_USER_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_AUTHENTICATED_USER_RID; SubAuthorities[0] = SECURITY_AUTHENTICATED_USER_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"Authenticated Users", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Restricted Code Sid */ /* Restricted Code Sid */
LsapLoadString(hInstance, IDS_RESTRICTED_CODE_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_RESTRICTED_CODE_RID; SubAuthorities[0] = SECURITY_RESTRICTED_CODE_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"RESTRICTED", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Terminal Server Sid */ /* Terminal Server Sid */
LsapLoadString(hInstance, IDS_TERMINAL_SERVER_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_TERMINAL_SERVER_RID; SubAuthorities[0] = SECURITY_TERMINAL_SERVER_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"TERMINAL SERVER USER", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Remote Logon Sid */ /* Remote Logon Sid */
LsapLoadString(hInstance, IDS_REMOTE_LOGON_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_REMOTE_LOGON_RID; SubAuthorities[0] = SECURITY_REMOTE_LOGON_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"REMOTE INTERACTIVE LOGON", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* This Organization Sid */ /* This Organization Sid */
LsapLoadString(hInstance, IDS_THIS_ORGANIZATION_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_THIS_ORGANIZATION_RID; SubAuthorities[0] = SECURITY_THIS_ORGANIZATION_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"This Organization", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Local System Sid */ /* Local System Sid */
LsapLoadString(hInstance, IDS_LOCAL_SYSTEM_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_LOCAL_SYSTEM_RID; SubAuthorities[0] = SECURITY_LOCAL_SYSTEM_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"SYSTEM", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Local Service Sid */ /* Local Service Sid */
LsapLoadString(hInstance, IDS_LOCAL_SERVICE_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_LOCAL_SERVICE_RID; SubAuthorities[0] = SECURITY_LOCAL_SERVICE_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"LOCAL SERVICE", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
@ -480,12 +562,14 @@ LsapInitSids(VOID)
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Network Service Sid */ /* Network Service Sid */
LsapLoadString(hInstance, IDS_NETWORK_SERVICE_RID, szAccountName, 80);
SubAuthorities[0] = SECURITY_NETWORK_SERVICE_RID; SubAuthorities[0] = SECURITY_NETWORK_SERVICE_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"NETWORK SERVICE", szAccountName,
L"NT AUTHORITY", szDomainName,
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
@ -496,144 +580,171 @@ LsapInitSids(VOID)
SidTypeWellKnownGroup); SidTypeWellKnownGroup);
/* Builtin Domain Sid */ /* Builtin Domain Sid */
LsapLoadString(hInstance, IDS_BUILTIN_DOMAIN_RID, szAccountName, 80);
LsapLoadString(hInstance, IDS_BUILTIN_DOMAIN_RID, szDomainName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
1, 1,
SubAuthorities, SubAuthorities,
L"BUILTIN", szAccountName,
L"BUILTIN", szDomainName,
SidTypeDomain); SidTypeDomain);
/* Administrators Alias Sid */ /* Administrators Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_ADMINS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_ADMINS; SubAuthorities[1] = DOMAIN_ALIAS_RID_ADMINS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Administrators", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
/* Users Alias Sid */ /* Users Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_USERS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_USERS; SubAuthorities[1] = DOMAIN_ALIAS_RID_USERS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Users", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
/* Guests Alias Sid */ /* Guests Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_GUESTS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_GUESTS; SubAuthorities[1] = DOMAIN_ALIAS_RID_GUESTS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Guests", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
/* Power User Alias Sid */ /* Power User Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_POWER_USERS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_POWER_USERS; SubAuthorities[1] = DOMAIN_ALIAS_RID_POWER_USERS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Power User", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
/* Account Operators Alias Sid */ /* Account Operators Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_ACCOUNT_OPS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_ACCOUNT_OPS; SubAuthorities[1] = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Account Operators", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
/* System Operators Alias Sid */ /* System Operators Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_SYSTEM_OPS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_SYSTEM_OPS; SubAuthorities[1] = DOMAIN_ALIAS_RID_SYSTEM_OPS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Server Operators", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
/* Print Operators Alias Sid */ /* Print Operators Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_PRINT_OPS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_PRINT_OPS; SubAuthorities[1] = DOMAIN_ALIAS_RID_PRINT_OPS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Print Operators", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
/* Backup Operators Alias Sid */ /* Backup Operators Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_BACKUP_OPS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_BACKUP_OPS; SubAuthorities[1] = DOMAIN_ALIAS_RID_BACKUP_OPS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Backup Operators", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
/* Replicators Alias Sid */ /* Replicators Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_REPLICATOR, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_REPLICATOR; SubAuthorities[1] = DOMAIN_ALIAS_RID_REPLICATOR;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Replicators", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
#if 0
/* RAS Servers Alias Sid */ /* RAS Servers Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_RAS_SERVERS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_RAS_SERVERS; SubAuthorities[1] = DOMAIN_ALIAS_RID_RAS_SERVERS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Backup Operators", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
#endif
/* Pre-Windows 2000 Compatible Access Alias Sid */ /* Pre-Windows 2000 Compatible Access Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_PREW2KCOMPACCESS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_PREW2KCOMPACCESS; SubAuthorities[1] = DOMAIN_ALIAS_RID_PREW2KCOMPACCESS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Pre-Windows 2000 Compatible Access", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
/* Remote Desktop Users Alias Sid */ /* Remote Desktop Users Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_REMOTE_DESKTOP_USERS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS; SubAuthorities[1] = DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Remote Desktop Users", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
/* Network Configuration Operators Alias Sid */ /* Network Configuration Operators Alias Sid */
LsapLoadString(hInstance, IDS_ALIAS_RID_NETWORK_CONFIGURATION_OPS, szAccountName, 80);
SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID; SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
SubAuthorities[1] = DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS; SubAuthorities[1] = DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS;
LsapCreateSid(&NtAuthority, LsapCreateSid(&NtAuthority,
2, 2,
SubAuthorities, SubAuthorities,
L"Network Configuration Operators", szAccountName,
L"BUILTIN", szDomainName,
SidTypeAlias); SidTypeAlias);
/* FIXME: Add more well known sids */ /* FIXME: Add more well known sids */

9
reactos/dll/win32/lsasrv/lsasrv.h
View file

@ -14,6 +14,7 @@
#include <windef.h> #include <windef.h>
#include <winbase.h> #include <winbase.h>
#include <winreg.h> #include <winreg.h>
#include <winuser.h>
#define NTOS_MODE_USER #define NTOS_MODE_USER
#include <ndk/cmfuncs.h> #include <ndk/cmfuncs.h>
#include <ndk/kefuncs.h> #include <ndk/kefuncs.h>
@ -39,6 +40,7 @@
#include <wine/debug.h> #include <wine/debug.h>
#include "resources.h"
typedef enum _LSA_DB_OBJECT_TYPE typedef enum _LSA_DB_OBJECT_TYPE
{ {
@ -381,4 +383,11 @@ NTSTATUS
LsapCreateSecretSd(PSECURITY_DESCRIPTOR *SecretSd, LsapCreateSecretSd(PSECURITY_DESCRIPTOR *SecretSd,
PULONG SecretSdSize); PULONG SecretSdSize);
/* utils.c */
INT
LsapLoadString(HINSTANCE hInstance,
UINT uId,
LPWSTR lpBuffer,
INT nBufferMax);
/* EOF */ /* EOF */

19
reactos/dll/win32/lsasrv/lsasrv.rc
View file

@ -1,5 +1,24 @@
#include <windows.h>
#include "resources.h"
#define REACTOS_VERSION_DLL #define REACTOS_VERSION_DLL
#define REACTOS_STR_FILE_DESCRIPTION "LSA server DLL\0" #define REACTOS_STR_FILE_DESCRIPTION "LSA server DLL\0"
#define REACTOS_STR_INTERNAL_NAME "lsasrv\0" #define REACTOS_STR_INTERNAL_NAME "lsasrv\0"
#define REACTOS_STR_ORIGINAL_FILENAME "lsasrv.dll\0" #define REACTOS_STR_ORIGINAL_FILENAME "lsasrv.dll\0"
#define REACTOS_FILEVERSION 5,1,2600,0
#define REACTOS_STR_FILE_VERSION "5.1.2600\0"
#include <reactos/version.rc> #include <reactos/version.rc>
LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
/*
* Everything specific to any language goes in one of the specific
* files. Note that you can and may override resources which also have
* a neutral version. This is to get localized bitmaps for example.
*/
/* UTF-8 */
#pragma code_page(65001)
#ifdef LANGUAGE_EN_US
#include "lang/en-US.rc"
#endif

52
reactos/dll/win32/lsasrv/resources.h Normal file
View file

@ -0,0 +1,52 @@
/*
* PROJECT: Local Security Authority Server DLL
* LICENSE: GPL - See COPYING in the top level directory
* FILE: dll/win32/lsasrv/resource.h
* PURPOSE: Resource IDs
* COPYRIGHT: Copyright 2013 Eric Kohl
*/
#pragma once
#define IDS_NT_AUTHORITY 100
#define IDS_NULL_RID 110
#define IDS_WORLD_RID 111
#define IDS_LOCAL_RID 112
#define IDS_CREATOR_OWNER_RID 113
#define IDS_CREATOR_GROUP_RID 114
#define IDS_CREATOR_OWNER_SERVER_RID 115
#define IDS_CREATOR_GROUP_SERVER_RID 116
#define IDS_DIALUP_RID 117
#define IDS_NETWORK_RID 118
#define IDS_BATCH_RID 119
#define IDS_INTERACTIVE_RID 120
#define IDS_SERVICE_RID 121
#define IDS_ANONYMOUS_LOGON_RID 122
#define IDS_PROXY_RID 123
#define IDS_ENTERPRISE_CONTROLLERS_RID 124
#define IDS_PRINCIPAL_SELF_RID 125
#define IDS_AUTHENTICATED_USER_RID 126
#define IDS_RESTRICTED_CODE_RID 127
#define IDS_TERMINAL_SERVER_RID 128
#define IDS_REMOTE_LOGON_RID 129
#define IDS_THIS_ORGANIZATION_RID 130
#define IDS_LOCAL_SYSTEM_RID 131
#define IDS_LOCAL_SERVICE_RID 132
#define IDS_NETWORK_SERVICE_RID 133
#define IDS_BUILTIN_DOMAIN_RID 134
#define IDS_ALIAS_RID_ADMINS 135
#define IDS_ALIAS_RID_USERS 136
#define IDS_ALIAS_RID_GUESTS 137
#define IDS_ALIAS_RID_POWER_USERS 138
#define IDS_ALIAS_RID_ACCOUNT_OPS 139
#define IDS_ALIAS_RID_SYSTEM_OPS 140
#define IDS_ALIAS_RID_PRINT_OPS 141
#define IDS_ALIAS_RID_BACKUP_OPS 142
#define IDS_ALIAS_RID_REPLICATOR 143
#define IDS_ALIAS_RID_RAS_SERVERS 144
#define IDS_ALIAS_RID_PREW2KCOMPACCESS 145
#define IDS_ALIAS_RID_REMOTE_DESKTOP_USERS 146
#define IDS_ALIAS_RID_NETWORK_CONFIGURATION_OPS 147
/* EOF */

68
reactos/dll/win32/lsasrv/utils.c Normal file
View file

@ -0,0 +1,68 @@
/*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: Security Account Manager (SAM) Server
* FILE: reactos/dll/win32/lsasrv/utils.c
* PURPOSE: Utility functions
*
* PROGRAMMERS: Eric Kohl
*/
/* INCLUDES ****************************************************************/
#include "lsasrv.h"
WINE_DEFAULT_DEBUG_CHANNEL(lsasrv);
/* GLOBALS *****************************************************************/
/* FUNCTIONS ***************************************************************/
INT
LsapLoadString(HINSTANCE hInstance,
UINT uId,
LPWSTR lpBuffer,
INT nBufferMax)
{
HGLOBAL hmem;
HRSRC hrsrc;
WCHAR *p;
int string_num;
int i;
/* Use loword (incremented by 1) as resourceid */
hrsrc = FindResourceW(hInstance,
MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1),
(LPWSTR)RT_STRING);
if (!hrsrc)
return 0;
hmem = LoadResource(hInstance, hrsrc);
if (!hmem)
return 0;
p = LockResource(hmem);
string_num = uId & 0x000f;
for (i = 0; i < string_num; i++)
p += *p + 1;
i = min(nBufferMax - 1, *p);
if (i > 0)
{
memcpy(lpBuffer, p + 1, i * sizeof(WCHAR));
lpBuffer[i] = 0;
}
else
{
if (nBufferMax > 1)
{
lpBuffer[0] = 0;
return 0;
}
}
return i;
}
/* EOF */