mirror of
https://github.com/reactos/reactos.git
synced 2024-09-05 18:26:53 +00:00
Implement CreateWellKnownSid and IsWellKnownSid, by ripping the Wine implementation (created by Robert Reif)
svn path=/trunk/; revision=23503
This commit is contained in:
Hervé Poussineau
parent
b1079a9149
commit
918b7c6c45
|
|
@ -666,7 +666,7 @@ LogonUserW (LPWSTR lpszUsername,
|
|||
DPRINT ("SamGetUserSid() failed\n");
|
||||
RtlAllocateAndInitializeSid (&SystemAuthority,
|
||||
5,
|
||||
SECURITY_NT_NON_UNIQUE_RID,
|
||||
SECURITY_NT_NON_UNIQUE,
|
||||
0x12345678,
|
||||
0x12345678,
|
||||
0x12345678,
|
||||
|
|
|
|||
|
|
@ -31,6 +31,63 @@ typedef struct _ACEFLAG
|
|||
DWORD value;
|
||||
} ACEFLAG, *LPACEFLAG;
|
||||
|
||||
typedef struct _MAX_SID
|
||||
{
|
||||
/* same fields as struct _SID */
|
||||
BYTE Revision;
|
||||
BYTE SubAuthorityCount;
|
||||
SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
|
||||
DWORD SubAuthority[SID_MAX_SUB_AUTHORITIES];
|
||||
} MAX_SID;
|
||||
|
||||
typedef struct WELLKNOWNSID
|
||||
{
|
||||
WCHAR wstr[2];
|
||||
WELL_KNOWN_SID_TYPE Type;
|
||||
MAX_SID Sid;
|
||||
} WELLKNOWNSID;
|
||||
|
||||
static const WELLKNOWNSID WellKnownSids[] =
|
||||
{
|
||||
{ {0,0}, WinNullSid, { SID_REVISION, 1, { SECURITY_NULL_SID_AUTHORITY }, { SECURITY_NULL_RID } } },
|
||||
{ {'W','D'}, WinWorldSid, { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY }, { SECURITY_WORLD_RID } } },
|
||||
{ {0,0}, WinLocalSid, { SID_REVISION, 1, { SECURITY_LOCAL_SID_AUTHORITY }, { SECURITY_LOCAL_RID } } },
|
||||
{ {'C','O'}, WinCreatorOwnerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_RID } } },
|
||||
{ {'C','G'}, WinCreatorGroupSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_RID } } },
|
||||
{ {0,0}, WinCreatorOwnerServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_SERVER_RID } } },
|
||||
{ {0,0}, WinCreatorGroupServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_SERVER_RID } } },
|
||||
{ {0,0}, WinNtAuthoritySid, { SID_REVISION, 0, { SECURITY_NT_AUTHORITY }, { } } },
|
||||
{ {0,0}, WinDialupSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_DIALUP_RID } } },
|
||||
{ {'N','U'}, WinNetworkSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_RID } } },
|
||||
{ {0,0}, WinBatchSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BATCH_RID } } },
|
||||
{ {'I','U'}, WinInteractiveSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_INTERACTIVE_RID } } },
|
||||
{ {'S','U'}, WinServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_SERVICE_RID } } },
|
||||
{ {'A','N'}, WinAnonymousSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ANONYMOUS_LOGON_RID } } },
|
||||
{ {0,0}, WinProxySid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PROXY_RID } } },
|
||||
{ {'E','D'}, WinEnterpriseControllersSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ENTERPRISE_CONTROLLERS_RID } } },
|
||||
{ {'P','S'}, WinSelfSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PRINCIPAL_SELF_RID } } },
|
||||
{ {'A','U'}, WinAuthenticatedUserSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_AUTHENTICATED_USER_RID } } },
|
||||
{ {'R','C'}, WinRestrictedCodeSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_RESTRICTED_CODE_RID } } },
|
||||
{ {0,0}, WinTerminalServerSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_TERMINAL_SERVER_RID } } },
|
||||
{ {0,0}, WinRemoteLogonIdSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_REMOTE_LOGON_RID } } },
|
||||
{ {'S','Y'}, WinLocalSystemSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SYSTEM_RID } } },
|
||||
{ {'L','S'}, WinLocalServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SERVICE_RID } } },
|
||||
{ {'N','S'}, WinNetworkServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_SERVICE_RID } } },
|
||||
{ {0,0}, WinBuiltinDomainSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID } } },
|
||||
{ {'B','A'}, WinBuiltinAdministratorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS } } },
|
||||
{ {'B','U'}, WinBuiltinUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_USERS } } },
|
||||
{ {'B','G'}, WinBuiltinGuestsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_GUESTS } } },
|
||||
{ {'P','U'}, WinBuiltinPowerUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_POWER_USERS } } },
|
||||
{ {'A','O'}, WinBuiltinAccountOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ACCOUNT_OPS } } },
|
||||
{ {'S','O'}, WinBuiltinSystemOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_SYSTEM_OPS } } },
|
||||
{ {'P','O'}, WinBuiltinPrintOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PRINT_OPS } } },
|
||||
{ {'B','O'}, WinBuiltinBackupOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_BACKUP_OPS } } },
|
||||
{ {'R','E'}, WinBuiltinReplicatorSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REPLICATOR } } },
|
||||
{ {'R','U'}, WinBuiltinPreWindows2000CompatibleAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PREW2KCOMPACCESS } } },
|
||||
{ {'R','D'}, WinBuiltinRemoteDesktopUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS } } },
|
||||
{ {'N','O'}, WinBuiltinNetworkConfigurationOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS } } },
|
||||
};
|
||||
|
||||
static const SID sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } };
|
||||
|
||||
/*
|
||||
|
|
@ -68,6 +125,57 @@ static const WCHAR SDDL_INHERITED[] = {'I','D',0};
|
|||
static const WCHAR SDDL_AUDIT_SUCCESS[] = {'S','A',0};
|
||||
static const WCHAR SDDL_AUDIT_FAILURE[] = {'F','A',0};
|
||||
|
||||
static const char * debugstr_sid(PSID sid)
|
||||
{
|
||||
int auth = 0;
|
||||
SID * psid = (SID *)sid;
|
||||
|
||||
if (psid == NULL)
|
||||
return "(null)";
|
||||
|
||||
auth = psid->IdentifierAuthority.Value[5] +
|
||||
(psid->IdentifierAuthority.Value[4] << 8) +
|
||||
(psid->IdentifierAuthority.Value[3] << 16) +
|
||||
(psid->IdentifierAuthority.Value[2] << 24);
|
||||
|
||||
switch (psid->SubAuthorityCount) {
|
||||
case 0:
|
||||
return wine_dbg_sprintf("S-%d-%d", psid->Revision, auth);
|
||||
case 1:
|
||||
return wine_dbg_sprintf("S-%d-%d-%lu", psid->Revision, auth,
|
||||
psid->SubAuthority[0]);
|
||||
case 2:
|
||||
return wine_dbg_sprintf("S-%d-%d-%lu-%lu", psid->Revision, auth,
|
||||
psid->SubAuthority[0], psid->SubAuthority[1]);
|
||||
case 3:
|
||||
return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu", psid->Revision, auth,
|
||||
psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2]);
|
||||
case 4:
|
||||
return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu", psid->Revision, auth,
|
||||
psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
|
||||
psid->SubAuthority[3]);
|
||||
case 5:
|
||||
return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
|
||||
psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
|
||||
psid->SubAuthority[3], psid->SubAuthority[4]);
|
||||
case 6:
|
||||
return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
|
||||
psid->SubAuthority[3], psid->SubAuthority[1], psid->SubAuthority[2],
|
||||
psid->SubAuthority[0], psid->SubAuthority[4], psid->SubAuthority[5]);
|
||||
case 7:
|
||||
return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
|
||||
psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
|
||||
psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
|
||||
psid->SubAuthority[6]);
|
||||
case 8:
|
||||
return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
|
||||
psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
|
||||
psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
|
||||
psid->SubAuthority[6], psid->SubAuthority[7]);
|
||||
}
|
||||
return "(too-big)";
|
||||
}
|
||||
|
||||
/* set last error code from NT status and get the proper boolean return value */
|
||||
/* used for functions that are a simple wrapper around the corresponding ntdll API */
|
||||
static __inline BOOL set_ntstatus( NTSTATUS status )
|
||||
|
|
@ -1020,7 +1128,36 @@ CreateWellKnownSid(IN WELL_KNOWN_SID_TYPE WellKnownSidType,
|
|||
OUT PSID pSid,
|
||||
IN OUT DWORD* cbSid)
|
||||
{
|
||||
FIXME("unimplemented!\n", __FUNCTION__);
|
||||
int i;
|
||||
TRACE("(%d, %s, %p, %p)\n", WellKnownSidType, debugstr_sid(DomainSid), pSid, cbSid);
|
||||
|
||||
if (DomainSid != NULL) {
|
||||
FIXME("Only local computer supported!\n");
|
||||
SetLastError(ERROR_INVALID_PARAMETER); /* FIXME */
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (cbSid == NULL || pSid == NULL) {
|
||||
SetLastError(ERROR_INVALID_PARAMETER);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++) {
|
||||
if (WellKnownSids[i].Type == WellKnownSidType) {
|
||||
DWORD length = GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount);
|
||||
|
||||
if (*cbSid < length) {
|
||||
SetLastError(ERROR_INSUFFICIENT_BUFFER);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
CopyMemory(pSid, &WellKnownSids[i].Sid.Revision, length);
|
||||
*cbSid = length;
|
||||
return TRUE;
|
||||
}
|
||||
}
|
||||
|
||||
SetLastError(ERROR_INVALID_PARAMETER);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
|
|
@ -1032,7 +1169,14 @@ BOOL STDCALL
|
|||
IsWellKnownSid(IN PSID pSid,
|
||||
IN WELL_KNOWN_SID_TYPE WellKnownSidType)
|
||||
{
|
||||
FIXME("unimplemented!\n", __FUNCTION__);
|
||||
int i;
|
||||
TRACE("(%s, %d)\n", debugstr_sid(pSid), WellKnownSidType);
|
||||
|
||||
for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++)
|
||||
if (WellKnownSids[i].Type == WellKnownSidType)
|
||||
if (EqualSid(pSid, (PSID)&(WellKnownSids[i].Sid.Revision)))
|
||||
return TRUE;
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -529,19 +529,39 @@ typedef DWORD FLONG;
|
|||
|
||||
#define SECURITY_LOGON_IDS_RID_COUNT 0x3
|
||||
#define SID_REVISION 1
|
||||
#define DOMAIN_USER_RID_ADMIN 0x1F4L
|
||||
#define DOMAIN_USER_RID_GUEST 0x1F5L
|
||||
#define DOMAIN_GROUP_RID_ADMINS 0x200L
|
||||
#define DOMAIN_GROUP_RID_USERS 0x201L
|
||||
#define DOMAIN_ALIAS_RID_ADMINS 0x220L
|
||||
#define DOMAIN_ALIAS_RID_USERS 0x221L
|
||||
#define DOMAIN_ALIAS_RID_GUESTS 0x222L
|
||||
#define DOMAIN_ALIAS_RID_POWER_USERS 0x223L
|
||||
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS 0x224L
|
||||
#define DOMAIN_ALIAS_RID_SYSTEM_OPS 0x225L
|
||||
#define DOMAIN_ALIAS_RID_PRINT_OPS 0x226L
|
||||
#define DOMAIN_ALIAS_RID_BACKUP_OPS 0x227L
|
||||
#define DOMAIN_ALIAS_RID_REPLICATOR 0x228L
|
||||
|
||||
#define FOREST_USER_RID_MAX 0x000001F3L
|
||||
#define DOMAIN_USER_RID_ADMIN 0x000001F4L
|
||||
#define DOMAIN_USER_RID_GUEST 0x000001F5L
|
||||
#define DOMAIN_USER_RID_KRBTGT 0x000001F6L
|
||||
#define DOMAIN_USER_RID_MAX 0x000003E7L
|
||||
|
||||
#define DOMAIN_GROUP_RID_ADMINS 0x00000200L
|
||||
#define DOMAIN_GROUP_RID_USERS 0x00000201L
|
||||
#define DOMAIN_GROUP_RID_GUESTS 0x00000202L
|
||||
|
||||
#define DOMAIN_ALIAS_RID_ADMINS 0x00000220L
|
||||
#define DOMAIN_ALIAS_RID_USERS 0x00000221L
|
||||
#define DOMAIN_ALIAS_RID_GUESTS 0x00000222L
|
||||
#define DOMAIN_ALIAS_RID_POWER_USERS 0x00000223L
|
||||
|
||||
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS 0x00000224L
|
||||
#define DOMAIN_ALIAS_RID_SYSTEM_OPS 0x00000225L
|
||||
#define DOMAIN_ALIAS_RID_PRINT_OPS 0x00000226L
|
||||
#define DOMAIN_ALIAS_RID_BACKUP_OPS 0x00000227L
|
||||
|
||||
#define DOMAIN_ALIAS_RID_REPLICATOR 0x00000228L
|
||||
#define DOMAIN_ALIAS_RID_RAS_SERVERS 0x00000229L
|
||||
#define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS 0x0000022AL
|
||||
#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS 0x0000022BL
|
||||
#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS 0x0000022CL
|
||||
#define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS 0x0000022DL
|
||||
|
||||
#define DOMAIN_ALIAS_RID_MONITORING_USERS 0x0000022EL
|
||||
#define DOMAIN_ALIAS_RID_LOGGING_USERS 0x0000022FL
|
||||
#define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS 0x00000230L
|
||||
#define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS 0x00000231L
|
||||
#define DOMAIN_ALIAS_RID_DCOM_USERS 0x00000232L
|
||||
|
||||
typedef enum
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in a new issue