diff --git a/reactos/dll/win32/advapi32/sec/lsa.c b/reactos/dll/win32/advapi32/sec/lsa.c index 4a89b0f0753..90a257b8a60 100644 --- a/reactos/dll/win32/advapi32/sec/lsa.c +++ b/reactos/dll/win32/advapi32/sec/lsa.c @@ -348,47 +348,47 @@ LsaFreeMemory(PVOID Buffer) */ NTSTATUS WINAPI -LsaLookupNames( - LSA_HANDLE PolicyHandle, - ULONG Count, - PLSA_UNICODE_STRING Names, - PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, - PLSA_TRANSLATED_SID *Sids) +LsaLookupNames(IN LSA_HANDLE PolicyHandle, + IN ULONG Count, + IN PLSA_UNICODE_STRING Names, + OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, + OUT PLSA_TRANSLATED_SID *Sids) { - PLSA_TRANSLATED_SID2 Sids2; - LSA_TRANSLATED_SID *TranslatedSids; - ULONG i; + LSAPR_TRANSLATED_SIDS TranslatedSids; + ULONG MappedCount = 0; NTSTATUS Status; TRACE("(%p,0x%08x,%p,%p,%p)\n", PolicyHandle, Count, Names, ReferencedDomains, Sids); - /* Call LsaLookupNames2, which supersedes this function */ - Status = LsaLookupNames2(PolicyHandle, Count, 0, Names, ReferencedDomains, &Sids2); - if (!NT_SUCCESS(Status)) - return Status; + RpcTryExcept + { + *ReferencedDomains = NULL; + *Sids = NULL; - /* Translate the returned structure */ - TranslatedSids = RtlAllocateHeap(RtlGetProcessHeap(), 0, Count * sizeof(LSA_TRANSLATED_SID)); - if (!TranslatedSids) - { - LsaFreeMemory(Sids2); - return SCESTATUS_NOT_ENOUGH_RESOURCE; + TranslatedSids.Entries = Count; + TranslatedSids.Sids = *Sids; + + Status = LsarLookupNames((LSAPR_HANDLE)PolicyHandle, + Count, + (PRPC_UNICODE_STRING)Names, + (PLSAPR_REFERENCED_DOMAIN_LIST *)ReferencedDomains, + &TranslatedSids, + LsapLookupWksta, + &MappedCount); + + *Sids = (PLSA_TRANSLATED_SID)TranslatedSids.Sids; } - RtlZeroMemory(Sids, Count * sizeof(PLSA_TRANSLATED_SID)); - for (i = 0; i < Count; i++) + RpcExcept(EXCEPTION_EXECUTE_HANDLER) { - TranslatedSids[i].Use = Sids2[i].Use; - if (Sids2[i].Use != SidTypeInvalid && Sids2[i].Use != SidTypeUnknown) + if (TranslatedSids.Sids != NULL) { - TranslatedSids[i].DomainIndex = Sids2[i].DomainIndex; - if (Sids2[i].Use != SidTypeDomain) - TranslatedSids[i].RelativeId = *GetSidSubAuthority(Sids2[i].Sid, 0); + MIDL_user_free(TranslatedSids.Sids); } - } - LsaFreeMemory(Sids2); - *Sids = TranslatedSids; + Status = I_RpcMapWin32Status(RpcExceptionCode()); + } + RpcEndExcept; return Status; } @@ -487,12 +487,11 @@ LsaLookupPrivilegeValue(IN LSA_HANDLE PolicyHandle, */ NTSTATUS WINAPI -LsaLookupSids( - LSA_HANDLE PolicyHandle, - ULONG Count, - PSID *Sids, - PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, - PLSA_TRANSLATED_NAME *Names) +LsaLookupSids(IN LSA_HANDLE PolicyHandle, + IN ULONG Count, + IN PSID *Sids, + OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, + OUT PLSA_TRANSLATED_NAME *Names) { LSAPR_SID_ENUM_BUFFER SidEnumBuffer; LSAPR_TRANSLATED_NAMES TranslatedNames; diff --git a/reactos/dll/win32/advapi32/sec/misc.c b/reactos/dll/win32/advapi32/sec/misc.c index 154ad8a84f2..f8a6ef05aa3 100644 --- a/reactos/dll/win32/advapi32/sec/misc.c +++ b/reactos/dll/win32/advapi32/sec/misc.c @@ -1177,7 +1177,7 @@ LookupAccountNameA(LPCSTR SystemName, /****************************************************************************** * LookupAccountNameW [ADVAPI32.@] * - * @unimplemented + * @implemented */ BOOL WINAPI @@ -1189,78 +1189,94 @@ LookupAccountNameW(LPCWSTR lpSystemName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse) { - /* Default implementation: Always return a default SID */ - SID_IDENTIFIER_AUTHORITY identifierAuthority = {SECURITY_NT_AUTHORITY}; - BOOL ret; - PSID pSid; - static const WCHAR dm[] = {'D','O','M','A','I','N',0}; - unsigned int i; + OBJECT_ATTRIBUTES ObjectAttributes = {0}; + UNICODE_STRING SystemName; + UNICODE_STRING AccountName; + LSA_HANDLE PolicyHandle = NULL; + PLSA_REFERENCED_DOMAIN_LIST ReferencedDomains = NULL; + PLSA_TRANSLATED_SID TranslatedSid = NULL; + PSID pDomainSid; + DWORD dwDomainNameLength; + DWORD dwSidLength; + UCHAR nSubAuthorities; + BOOL bResult; + NTSTATUS Status; - TRACE("%s %s %p %p %p %p %p - stub\n", lpSystemName, lpAccountName, + TRACE("%s %s %p %p %p %p %p\n", lpSystemName, lpAccountName, Sid, cbSid, ReferencedDomainName, cchReferencedDomainName, peUse); - if (!ADVAPI_IsLocalComputer(lpSystemName)) + RtlInitUnicodeString(&SystemName, + lpSystemName); + + Status = LsaOpenPolicy(lpSystemName ? &SystemName : NULL, + &ObjectAttributes, + POLICY_LOOKUP_NAMES, + &PolicyHandle); + if (!NT_SUCCESS(Status)) { - SetLastError(RPC_S_SERVER_UNAVAILABLE); + SetLastError(LsaNtStatusToWinError(Status)); return FALSE; } - for (i = 0; i < (sizeof(ACCOUNT_SIDS) / sizeof(ACCOUNT_SIDS[0])); i++) + RtlInitUnicodeString(&AccountName, + lpAccountName); + + Status = LsaLookupNames(PolicyHandle, + 1, + &AccountName, + &ReferencedDomains, + &TranslatedSid); + + LsaClose(PolicyHandle); + + if (!NT_SUCCESS(Status) || Status == STATUS_SOME_NOT_MAPPED) { - if (!wcscmp(lpAccountName, ACCOUNT_SIDS[i].account)) - { - if (*cchReferencedDomainName) - *ReferencedDomainName = '\0'; - *cchReferencedDomainName = 0; - *peUse = SidTypeWellKnownGroup; - return CreateWellKnownSid(ACCOUNT_SIDS[i].type, NULL, Sid, cbSid); - } - } - - ret = AllocateAndInitializeSid(&identifierAuthority, - 2, - SECURITY_BUILTIN_DOMAIN_RID, - DOMAIN_ALIAS_RID_ADMINS, - 0, 0, 0, 0, 0, 0, - &pSid); - - if (!ret) - return FALSE; - - if (!RtlValidSid(pSid)) - { - FreeSid(pSid); - return FALSE; - } - - if (Sid != NULL && (*cbSid >= GetLengthSid(pSid))) - CopySid(*cbSid, Sid, pSid); - - if (*cbSid < GetLengthSid(pSid)) - { - SetLastError(ERROR_INSUFFICIENT_BUFFER); - ret = FALSE; - } - - *cbSid = GetLengthSid(pSid); - - if (ReferencedDomainName != NULL && (*cchReferencedDomainName > wcslen(dm))) - wcscpy(ReferencedDomainName, dm); - - if ((*cchReferencedDomainName <= wcslen(dm)) || (!ret)) - { - SetLastError(ERROR_INSUFFICIENT_BUFFER); - ret = FALSE; - *cchReferencedDomainName = wcslen(dm) + 1; + SetLastError(LsaNtStatusToWinError(Status)); + bResult = FALSE; } else { - *cchReferencedDomainName = wcslen(dm); + pDomainSid = ReferencedDomains->Domains[TranslatedSid->DomainIndex].Sid; + nSubAuthorities = *GetSidSubAuthorityCount(pDomainSid); + dwSidLength = GetSidLengthRequired(nSubAuthorities + 1); + + dwDomainNameLength = ReferencedDomains->Domains->Name.Length / sizeof(WCHAR); + + if (*cbSid < dwSidLength || + *cchReferencedDomainName < dwDomainNameLength + 1) + { + *cbSid = dwSidLength; + *cchReferencedDomainName = dwDomainNameLength + 1; + + bResult = FALSE; + } + else + { + CopySid(*cbSid, Sid, pDomainSid); + *GetSidSubAuthorityCount(Sid) = nSubAuthorities + 1; + *GetSidSubAuthority(Sid, (DWORD)nSubAuthorities) = TranslatedSid->RelativeId; + + RtlCopyMemory(ReferencedDomainName, ReferencedDomains->Domains->Name.Buffer, dwDomainNameLength * sizeof(WCHAR)); + ReferencedDomainName[dwDomainNameLength] = L'\0'; + + *cchReferencedDomainName = dwDomainNameLength; + + *peUse = TranslatedSid->Use; + + bResult = TRUE; + } + + if (bResult == FALSE) + SetLastError(ERROR_INSUFFICIENT_BUFFER); } - FreeSid(pSid); + if (ReferencedDomains != NULL) + LsaFreeMemory(ReferencedDomains); - return ret; + if (TranslatedSid != NULL) + LsaFreeMemory(TranslatedSid); + + return bResult; } @@ -1499,11 +1515,11 @@ LookupPrivilegeNameW(LPCWSTR lpSystemName, &PrivilegeName); if (NT_SUCCESS(Status)) { - if (PrivilegeName->Length + sizeof(WCHAR) > (*cchName) * sizeof(WCHAR)) + if (PrivilegeName->Length + sizeof(WCHAR) > *cchName * sizeof(WCHAR)) { Status = STATUS_BUFFER_TOO_SMALL; - (*cchName) = (PrivilegeName->Length + sizeof(WCHAR)) / sizeof(WCHAR); + *cchName = (PrivilegeName->Length + sizeof(WCHAR)) / sizeof(WCHAR); } else { @@ -1512,7 +1528,7 @@ LookupPrivilegeNameW(LPCWSTR lpSystemName, PrivilegeName->Length); lpName[PrivilegeName->Length / sizeof(WCHAR)] = 0; - (*cchName) = PrivilegeName->Length / sizeof(WCHAR); + *cchName = PrivilegeName->Length / sizeof(WCHAR); } LsaFreeMemory(PrivilegeName->Buffer); diff --git a/reactos/dll/win32/lsasrv/lsarpc.c b/reactos/dll/win32/lsasrv/lsarpc.c index acca2f6e77f..1a83d007f00 100644 --- a/reactos/dll/win32/lsasrv/lsarpc.c +++ b/reactos/dll/win32/lsasrv/lsarpc.c @@ -333,8 +333,91 @@ NTSTATUS LsarLookupNames( LSAP_LOOKUP_LEVEL LookupLevel, DWORD *MappedCount) { - UNIMPLEMENTED; - return STATUS_NOT_IMPLEMENTED; + SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY}; + static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN"); + PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains = NULL; + PLSA_TRANSLATED_SID OutputSids = NULL; + ULONG OutputSidsLength; + ULONG i; + PSID Sid; + ULONG SidLength; + NTSTATUS Status; + + TRACE("LsarLookupNames(%p, %lu, %p, %p, %p, %d, %p)\n", + PolicyHandle, Count, Names, ReferencedDomains, TranslatedSids, + LookupLevel, MappedCount); + + TranslatedSids->Entries = Count; + TranslatedSids->Sids = NULL; + *ReferencedDomains = NULL; + + OutputSidsLength = Count * sizeof(LSA_TRANSLATED_SID); + OutputSids = MIDL_user_allocate(OutputSidsLength); + if (OutputSids == NULL) + { + return STATUS_INSUFFICIENT_RESOURCES; + } + + RtlZeroMemory(OutputSids, OutputSidsLength); + + OutputDomains = MIDL_user_allocate(sizeof(LSAPR_REFERENCED_DOMAIN_LIST)); + if (OutputDomains == NULL) + { + MIDL_user_free(OutputSids); + return STATUS_INSUFFICIENT_RESOURCES; + } + + OutputDomains->Entries = Count; + OutputDomains->Domains = MIDL_user_allocate(Count * sizeof(LSA_TRUST_INFORMATION)); + if (OutputDomains->Domains == NULL) + { + MIDL_user_free(OutputDomains); + MIDL_user_free(OutputSids); + return STATUS_INSUFFICIENT_RESOURCES; + } + + Status = RtlAllocateAndInitializeSid(&IdentifierAuthority, + 2, + SECURITY_BUILTIN_DOMAIN_RID, + DOMAIN_ALIAS_RID_ADMINS, + 0, 0, 0, 0, 0, 0, + &Sid); + if (!NT_SUCCESS(Status)) + { + MIDL_user_free(OutputDomains->Domains); + MIDL_user_free(OutputDomains); + MIDL_user_free(OutputSids); + return Status; + } + + SidLength = RtlLengthSid(Sid); + + for (i = 0; i < Count; i++) + { + OutputDomains->Domains[i].Sid = MIDL_user_allocate(SidLength); + RtlCopyMemory(OutputDomains->Domains[i].Sid, Sid, SidLength); + + OutputDomains->Domains[i].Name.Buffer = MIDL_user_allocate(DomainName.MaximumLength); + OutputDomains->Domains[i].Name.Length = DomainName.Length; + OutputDomains->Domains[i].Name.MaximumLength = DomainName.MaximumLength; + RtlCopyMemory(OutputDomains->Domains[i].Name.Buffer, DomainName.Buffer, DomainName.MaximumLength); + } + + for (i = 0; i < Count; i++) + { + OutputSids[i].Use = SidTypeWellKnownGroup; + OutputSids[i].RelativeId = DOMAIN_ALIAS_RID_ADMINS; + OutputSids[i].DomainIndex = i; + } + + *ReferencedDomains = OutputDomains; + + *MappedCount = Count; + + TranslatedSids->Entries = Count; + TranslatedSids->Sids = OutputSids; + + return STATUS_SUCCESS; }