From ad21f9ddae25db841f59d9fb463e44104760876c Mon Sep 17 00:00:00 2001 From: Eric Kohl Date: Sat, 31 Jul 2010 11:24:16 +0000 Subject: [PATCH] [LSASRV] - Move all includes into a common header file. - Create a (still incomplete) well-known-sid lookup table and use it in LsarLookupSids. - Add missing file headers. svn path=/trunk/; revision=48378 --- reactos/dll/win32/advapi32/sec/misc.c | 117 ------- reactos/dll/win32/lsasrv/authport.c | 7 - reactos/dll/win32/lsasrv/lsarpc.c | 35 +- reactos/dll/win32/lsasrv/lsasrv.c | 10 +- reactos/dll/win32/lsasrv/lsasrv.h | 25 +- reactos/dll/win32/lsasrv/lsasrv.rbuild | 1 + reactos/dll/win32/lsasrv/privileges.c | 19 +- reactos/dll/win32/lsasrv/sids.c | 422 +++++++++++++++++++++++++ 8 files changed, 471 insertions(+), 165 deletions(-) create mode 100644 reactos/dll/win32/lsasrv/sids.c diff --git a/reactos/dll/win32/advapi32/sec/misc.c b/reactos/dll/win32/advapi32/sec/misc.c index 03c4587a65f..f03c1a0bb9c 100644 --- a/reactos/dll/win32/advapi32/sec/misc.c +++ b/reactos/dll/win32/advapi32/sec/misc.c @@ -16,123 +16,6 @@ WINE_DEFAULT_DEBUG_CHANNEL(advapi); -/* Needed for LookupAccountNameW implementation from Wine */ - -typedef struct _AccountSid -{ - WELL_KNOWN_SID_TYPE type; - LPCWSTR account; - LPCWSTR domain; - SID_NAME_USE name_use; -} AccountSid; - -static const WCHAR Account_Operators[] = { 'A','c','c','o','u','n','t',' ','O','p','e','r','a','t','o','r','s',0 }; -static const WCHAR Administrator[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0 }; -static const WCHAR Administrators[] = { 'A','d','m','i','n','i','s','t','r','a','t','o','r','s',0 }; -static const WCHAR ANONYMOUS_LOGON[] = { 'A','N','O','N','Y','M','O','U','S',' ','L','O','G','O','N',0 }; -static const WCHAR Authenticated_Users[] = { 'A','u','t','h','e','n','t','i','c','a','t','e','d',' ','U','s','e','r','s',0 }; -static const WCHAR Backup_Operators[] = { 'B','a','c','k','u','p',' ','O','p','e','r','a','t','o','r','s',0 }; -static const WCHAR BATCH[] = { 'B','A','T','C','H',0 }; -static const WCHAR Blank[] = { 0 }; -static const WCHAR BUILTIN[] = { 'B','U','I','L','T','I','N',0 }; -static const WCHAR Cert_Publishers[] = { 'C','e','r','t',' ','P','u','b','l','i','s','h','e','r','s',0 }; -static const WCHAR CREATOR_GROUP[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',0 }; -static const WCHAR CREATOR_GROUP_SERVER[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',' ','S','E','R','V','E','R',0 }; -static const WCHAR CREATOR_OWNER[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',0 }; -static const WCHAR CREATOR_OWNER_SERVER[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',' ','S','E','R','V','E','R',0 }; -static const WCHAR DIALUP[] = { 'D','I','A','L','U','P',0 }; -static const WCHAR Digest_Authentication[] = { 'D','i','g','e','s','t',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 }; -static const WCHAR DOMAIN[] = {'D','O','M','A','I','N',0}; -static const WCHAR Domain_Admins[] = { 'D','o','m','a','i','n',' ','A','d','m','i','n','s',0 }; -static const WCHAR Domain_Computers[] = { 'D','o','m','a','i','n',' ','C','o','m','p','u','t','e','r','s',0 }; -static const WCHAR Domain_Controllers[] = { 'D','o','m','a','i','n',' ','C','o','n','t','r','o','l','l','e','r','s',0 }; -static const WCHAR Domain_Guests[] = { 'D','o','m','a','i','n',' ','G','u','e','s','t','s',0 }; -static const WCHAR Domain_Users[] = { 'D','o','m','a','i','n',' ','U','s','e','r','s',0 }; -static const WCHAR Enterprise_Admins[] = { 'E','n','t','e','r','p','r','i','s','e',' ','A','d','m','i','n','s',0 }; -static const WCHAR ENTERPRISE_DOMAIN_CONTROLLERS[] = { 'E','N','T','E','R','P','R','I','S','E',' ','D','O','M','A','I','N',' ','C','O','N','T','R','O','L','L','E','R','S',0 }; -static const WCHAR Everyone[] = { 'E','v','e','r','y','o','n','e',0 }; -static const WCHAR Group_Policy_Creator_Owners[] = { 'G','r','o','u','p',' ','P','o','l','i','c','y',' ','C','r','e','a','t','o','r',' ','O','w','n','e','r','s',0 }; -static const WCHAR Guest[] = { 'G','u','e','s','t',0 }; -static const WCHAR Guests[] = { 'G','u','e','s','t','s',0 }; -static const WCHAR INTERACTIVE[] = { 'I','N','T','E','R','A','C','T','I','V','E',0 }; -static const WCHAR LOCAL[] = { 'L','O','C','A','L',0 }; -static const WCHAR LOCAL_SERVICE[] = { 'L','O','C','A','L',' ','S','E','R','V','I','C','E',0 }; -static const WCHAR NETWORK[] = { 'N','E','T','W','O','R','K',0 }; -static const WCHAR Network_Configuration_Operators[] = { 'N','e','t','w','o','r','k',' ','C','o','n','f','i','g','u','r','a','t','i','o','n',' ','O','p','e','r','a','t','o','r','s',0 }; -static const WCHAR NETWORK_SERVICE[] = { 'N','E','T','W','O','R','K',' ','S','E','R','V','I','C','E',0 }; -static const WCHAR NT_AUTHORITY[] = { 'N','T',' ','A','U','T','H','O','R','I','T','Y',0 }; -static const WCHAR NT_Pseudo_Domain[] = { 'N','T',' ','P','s','e','u','d','o',' ','D','o','m','a','i','n',0 }; -static const WCHAR NTML_Authentication[] = { 'N','T','M','L',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 }; -static const WCHAR NULL_SID[] = { 'N','U','L','L',' ','S','I','D',0 }; -static const WCHAR Other_Organization[] = { 'O','t','h','e','r',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 }; -static const WCHAR Performance_Log_Users[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','L','o','g',' ','U','s','e','r','s',0 }; -static const WCHAR Performance_Monitor_Users[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','M','o','n','i','t','o','r',' ','U','s','e','r','s',0 }; -static const WCHAR Power_Users[] = { 'P','o','w','e','r',' ','U','s','e','r','s',0 }; -static const WCHAR Pre_Windows_2000_Compatible_Access[] = { 'P','r','e','-','W','i','n','d','o','w','s',' ','2','0','0','0',' ','C','o','m','p','a','t','i','b','l','e',' ','A','c','c','e','s','s',0 }; -static const WCHAR Print_Operators[] = { 'P','r','i','n','t',' ','O','p','e','r','a','t','o','r','s',0 }; -static const WCHAR PROXY[] = { 'P','R','O','X','Y',0 }; -static const WCHAR RAS_and_IAS_Servers[] = { 'R','A','S',' ','a','n','d',' ','I','A','S',' ','S','e','r','v','e','r','s',0 }; -static const WCHAR Remote_Desktop_Users[] = { 'R','e','m','o','t','e',' ','D','e','s','k','t','o','p',' ','U','s','e','r','s',0 }; -static const WCHAR REMOTE_INTERACTIVE_LOGON[] = { 'R','E','M','O','T','E',' ','I','N','T','E','R','A','C','T','I','V','E',' ','L','O','G','O','N',0 }; -static const WCHAR Replicators[] = { 'R','e','p','l','i','c','a','t','o','r','s',0 }; -static const WCHAR RESTRICTED[] = { 'R','E','S','T','R','I','C','T','E','D',0 }; -static const WCHAR SChannel_Authentication[] = { 'S','C','h','a','n','n','e','l',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 }; -static const WCHAR Schema_Admins[] = { 'S','c','h','e','m','a',' ','A','d','m','i','n','s',0 }; -static const WCHAR SELF[] = { 'S','E','L','F',0 }; -static const WCHAR Server_Operators[] = { 'S','e','r','v','e','r',' ','O','p','e','r','a','t','o','r','s',0 }; -static const WCHAR SERVICE[] = { 'S','E','R','V','I','C','E',0 }; -static const WCHAR SYSTEM[] = { 'S','Y','S','T','E','M',0 }; -static const WCHAR TERMINAL_SERVER_USER[] = { 'T','E','R','M','I','N','A','L',' ','S','E','R','V','E','R',' ','U','S','E','R',0 }; -static const WCHAR This_Organization[] = { 'T','h','i','s',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 }; -static const WCHAR Users[] = { 'U','s','e','r','s',0 }; - -static const AccountSid ACCOUNT_SIDS[] = { - { WinNullSid, NULL_SID, Blank, SidTypeWellKnownGroup }, - { WinWorldSid, Everyone, Blank, SidTypeWellKnownGroup }, - { WinLocalSid, LOCAL, Blank, SidTypeWellKnownGroup }, - { WinCreatorOwnerSid, CREATOR_OWNER, Blank, SidTypeWellKnownGroup }, - { WinCreatorGroupSid, CREATOR_GROUP, Blank, SidTypeWellKnownGroup }, - { WinCreatorOwnerServerSid, CREATOR_OWNER_SERVER, Blank, SidTypeWellKnownGroup }, - { WinCreatorGroupServerSid, CREATOR_GROUP_SERVER, Blank, SidTypeWellKnownGroup }, - { WinNtAuthoritySid, NT_Pseudo_Domain, NT_Pseudo_Domain, SidTypeDomain }, - { WinDialupSid, DIALUP, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinNetworkSid, NETWORK, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinBatchSid, BATCH, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinInteractiveSid, INTERACTIVE, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinServiceSid, SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinAnonymousSid, ANONYMOUS_LOGON, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinProxySid, PROXY, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinEnterpriseControllersSid, ENTERPRISE_DOMAIN_CONTROLLERS, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinSelfSid, SELF, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinAuthenticatedUserSid, Authenticated_Users, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinRestrictedCodeSid, RESTRICTED, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinTerminalServerSid, TERMINAL_SERVER_USER, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinRemoteLogonIdSid, REMOTE_INTERACTIVE_LOGON, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinLocalSystemSid, SYSTEM, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinLocalServiceSid, LOCAL_SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinNetworkServiceSid, NETWORK_SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinBuiltinDomainSid, BUILTIN, BUILTIN, SidTypeDomain }, - { WinBuiltinAdministratorsSid, Administrators, BUILTIN, SidTypeAlias }, - { WinBuiltinUsersSid, Users, BUILTIN, SidTypeAlias }, - { WinBuiltinGuestsSid, Guests, BUILTIN, SidTypeAlias }, - { WinBuiltinPowerUsersSid, Power_Users, BUILTIN, SidTypeAlias }, - { WinBuiltinAccountOperatorsSid, Account_Operators, BUILTIN, SidTypeAlias }, - { WinBuiltinSystemOperatorsSid, Server_Operators, BUILTIN, SidTypeAlias }, - { WinBuiltinPrintOperatorsSid, Print_Operators, BUILTIN, SidTypeAlias }, - { WinBuiltinBackupOperatorsSid, Backup_Operators, BUILTIN, SidTypeAlias }, - { WinBuiltinReplicatorSid, Replicators, BUILTIN, SidTypeAlias }, - { WinBuiltinPreWindows2000CompatibleAccessSid, Pre_Windows_2000_Compatible_Access, BUILTIN, SidTypeAlias }, - { WinBuiltinRemoteDesktopUsersSid, Remote_Desktop_Users, BUILTIN, SidTypeAlias }, - { WinBuiltinNetworkConfigurationOperatorsSid, Network_Configuration_Operators, BUILTIN, SidTypeAlias }, - { WinNTLMAuthenticationSid, NTML_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinDigestAuthenticationSid, Digest_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinSChannelAuthenticationSid, SChannel_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinThisOrganizationSid, This_Organization, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinOtherOrganizationSid, Other_Organization, NT_AUTHORITY, SidTypeWellKnownGroup }, - { WinBuiltinPerfMonitoringUsersSid, Performance_Monitor_Users, BUILTIN, SidTypeAlias }, - { WinBuiltinPerfLoggingUsersSid, Performance_Log_Users, BUILTIN, SidTypeAlias }, -}; - /* Interface to ntmarta.dll ***************************************************/ diff --git a/reactos/dll/win32/lsasrv/authport.c b/reactos/dll/win32/lsasrv/authport.c index dd5a69dbbb7..769fd1922dc 100644 --- a/reactos/dll/win32/lsasrv/authport.c +++ b/reactos/dll/win32/lsasrv/authport.c @@ -8,16 +8,9 @@ /* INCLUDES ****************************************************************/ -#define WIN32_NO_STATUS -#include -#define NTOS_MODE_USER -#include -#include "lsass.h" #include "lsasrv.h" -#include "wine/debug.h" - WINE_DEFAULT_DEBUG_CHANNEL(lsasrv); diff --git a/reactos/dll/win32/lsasrv/lsarpc.c b/reactos/dll/win32/lsasrv/lsarpc.c index 1a83d007f00..6100e0748e3 100644 --- a/reactos/dll/win32/lsasrv/lsarpc.c +++ b/reactos/dll/win32/lsasrv/lsarpc.c @@ -1,17 +1,15 @@ +/* + * COPYRIGHT: See COPYING in the top level directory + * PROJECT: Local Security Authority (LSA) Server + * FILE: reactos/dll/win32/lsasrv/lsarpc.h + * PURPOSE: RPC interface functions + * + * PROGRAMMERS: Eric Kohl + */ + /* INCLUDES ****************************************************************/ -#define WIN32_NO_STATUS -#include -#include -#define NTOS_MODE_USER -#include - -#include - #include "lsasrv.h" -#include "lsa_s.h" - -#include typedef enum _LSA_DB_HANDLE_TYPE { @@ -432,7 +430,6 @@ NTSTATUS LsarLookupSids( { SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY}; static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN"); - static const UNICODE_STRING UserName = RTL_CONSTANT_STRING(L"Administrator"); PLSAPR_REFERENCED_DOMAIN_LIST OutputDomains = NULL; PLSAPR_TRANSLATED_NAME OutputNames = NULL; ULONG OutputNamesLength; @@ -501,16 +498,8 @@ NTSTATUS LsarLookupSids( RtlCopyMemory(OutputDomains->Domains[i].Name.Buffer, DomainName.Buffer, DomainName.MaximumLength); } - - for (i = 0; i < SidEnumBuffer->Entries; i++) - { - OutputNames[i].Use = SidTypeWellKnownGroup; - OutputNames[i].DomainIndex = i; - OutputNames[i].Name.Buffer = MIDL_user_allocate(UserName.MaximumLength); - OutputNames[i].Name.Length = UserName.Length; - OutputNames[i].Name.MaximumLength = UserName.MaximumLength; - RtlCopyMemory(OutputNames[i].Name.Buffer, UserName.Buffer, UserName.MaximumLength); - } + Status = LsapLookupSids(SidEnumBuffer, + OutputNames); *ReferencedDomains = OutputDomains; @@ -519,7 +508,7 @@ NTSTATUS LsarLookupSids( TranslatedNames->Entries = SidEnumBuffer->Entries; TranslatedNames->Names = OutputNames; - return STATUS_SUCCESS; + return Status; } diff --git a/reactos/dll/win32/lsasrv/lsasrv.c b/reactos/dll/win32/lsasrv/lsasrv.c index 2b791088d46..fee42913afe 100644 --- a/reactos/dll/win32/lsasrv/lsasrv.c +++ b/reactos/dll/win32/lsasrv/lsasrv.c @@ -8,15 +8,8 @@ /* INCLUDES ****************************************************************/ -#define WIN32_NO_STATUS -#include -#define NTOS_MODE_USER -#include - #include "lsasrv.h" -#include "wine/debug.h" - WINE_DEFAULT_DEBUG_CHANNEL(lsasrv); @@ -30,6 +23,9 @@ LsapInitLsa(VOID) TRACE("LsapInitLsa() called\n"); + /* Initialize the well known SIDs */ + LsapInitSids(); + /* Start the RPC server */ LsarStartRpcServer(); diff --git a/reactos/dll/win32/lsasrv/lsasrv.h b/reactos/dll/win32/lsasrv/lsasrv.h index 00b1a77f1ed..45fc4f96409 100644 --- a/reactos/dll/win32/lsasrv/lsasrv.h +++ b/reactos/dll/win32/lsasrv/lsasrv.h @@ -7,6 +7,20 @@ * PROGRAMMERS: Eric Kohl */ +#define WIN32_NO_STATUS +#include +#include +#define NTOS_MODE_USER +#include + +#include + +#include "lsass.h" +#include "lsa_s.h" + +#include + + /* authport.c */ NTSTATUS StartAuthenticationPort(VOID); @@ -20,4 +34,13 @@ LsarpLookupPrivilegeName(PLUID Value, NTSTATUS LsarpLookupPrivilegeValue(PUNICODE_STRING Name, - PLUID Value); \ No newline at end of file + PLUID Value); + +/* sids.h */ +NTSTATUS +LsapInitSids(VOID); + +NTSTATUS +LsapLookupSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, + PLSAPR_TRANSLATED_NAME OutputNames); + diff --git a/reactos/dll/win32/lsasrv/lsasrv.rbuild b/reactos/dll/win32/lsasrv/lsasrv.rbuild index d1d122e9ed6..1102aa4e1be 100644 --- a/reactos/dll/win32/lsasrv/lsasrv.rbuild +++ b/reactos/dll/win32/lsasrv/lsasrv.rbuild @@ -12,5 +12,6 @@ lsarpc.c lsasrv.c privileges.c + sids.c lsasrv.rc diff --git a/reactos/dll/win32/lsasrv/privileges.c b/reactos/dll/win32/lsasrv/privileges.c index 103bf729fba..2c988501cfe 100644 --- a/reactos/dll/win32/lsasrv/privileges.c +++ b/reactos/dll/win32/lsasrv/privileges.c @@ -1,14 +1,13 @@ -#define WIN32_NO_STATUS -#include -#include -#define NTOS_MODE_USER -#include +/* + * COPYRIGHT: See COPYING in the top level directory + * PROJECT: Local Security Authority (LSA) Server + * FILE: reactos/dll/win32/lsasrv/privileges.c + * PURPOSE: Privilege lookup functions + * + * PROGRAMMERS: Eric Kohl + */ -#include -#include - - -#include +#include "lsasrv.h" typedef struct diff --git a/reactos/dll/win32/lsasrv/sids.c b/reactos/dll/win32/lsasrv/sids.c new file mode 100644 index 00000000000..169ca739228 --- /dev/null +++ b/reactos/dll/win32/lsasrv/sids.c @@ -0,0 +1,422 @@ +/* + * COPYRIGHT: See COPYING in the top level directory + * PROJECT: Local Security Authority (LSA) Server + * FILE: reactos/dll/win32/lsasrv/sids.c + * PURPOSE: Sid / Name lookup functions + * + * PROGRAMMERS: Eric Kohl + */ +#include "lsasrv.h" + +WINE_DEFAULT_DEBUG_CHANNEL(lsasrv); + + +typedef struct _WELL_KNOWN_SID +{ + LIST_ENTRY ListEntry; + PSID Sid; + UNICODE_STRING Name; + UNICODE_STRING Domain; + SID_NAME_USE NameUse; +} WELL_KNOWN_SID, *PWELL_KNOWN_SID; + + +static SID_IDENTIFIER_AUTHORITY NullSidAuthority = {SECURITY_NULL_SID_AUTHORITY}; +static SID_IDENTIFIER_AUTHORITY WorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY}; +static SID_IDENTIFIER_AUTHORITY LocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY}; +static SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY}; +static SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY}; + +LIST_ENTRY WellKnownSidListHead; + + + +#if 0 +typedef struct _AccountSid +{ + WELL_KNOWN_SID_TYPE type; + LPCWSTR account; + LPCWSTR domain; + SID_NAME_USE name_use; +} AccountSid; + +static const WCHAR Account_Operators[] = { 'A','c','c','o','u','n','t',' ','O','p','e','r','a','t','o','r','s',0 }; +static const WCHAR Administrator[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0 }; +static const WCHAR Administrators[] = { 'A','d','m','i','n','i','s','t','r','a','t','o','r','s',0 }; +static const WCHAR ANONYMOUS_LOGON[] = { 'A','N','O','N','Y','M','O','U','S',' ','L','O','G','O','N',0 }; +static const WCHAR Authenticated_Users[] = { 'A','u','t','h','e','n','t','i','c','a','t','e','d',' ','U','s','e','r','s',0 }; +static const WCHAR Backup_Operators[] = { 'B','a','c','k','u','p',' ','O','p','e','r','a','t','o','r','s',0 }; +static const WCHAR BATCH[] = { 'B','A','T','C','H',0 }; +static const WCHAR Blank[] = { 0 }; +static const WCHAR BUILTIN[] = { 'B','U','I','L','T','I','N',0 }; +static const WCHAR Cert_Publishers[] = { 'C','e','r','t',' ','P','u','b','l','i','s','h','e','r','s',0 }; +static const WCHAR CREATOR_GROUP[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',0 }; +static const WCHAR CREATOR_GROUP_SERVER[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',' ','S','E','R','V','E','R',0 }; +static const WCHAR CREATOR_OWNER[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',0 }; +static const WCHAR CREATOR_OWNER_SERVER[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',' ','S','E','R','V','E','R',0 }; +static const WCHAR DIALUP[] = { 'D','I','A','L','U','P',0 }; +static const WCHAR Digest_Authentication[] = { 'D','i','g','e','s','t',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 }; +static const WCHAR DOMAIN[] = {'D','O','M','A','I','N',0}; +static const WCHAR Domain_Admins[] = { 'D','o','m','a','i','n',' ','A','d','m','i','n','s',0 }; +static const WCHAR Domain_Computers[] = { 'D','o','m','a','i','n',' ','C','o','m','p','u','t','e','r','s',0 }; +static const WCHAR Domain_Controllers[] = { 'D','o','m','a','i','n',' ','C','o','n','t','r','o','l','l','e','r','s',0 }; +static const WCHAR Domain_Guests[] = { 'D','o','m','a','i','n',' ','G','u','e','s','t','s',0 }; +static const WCHAR Domain_Users[] = { 'D','o','m','a','i','n',' ','U','s','e','r','s',0 }; +static const WCHAR Enterprise_Admins[] = { 'E','n','t','e','r','p','r','i','s','e',' ','A','d','m','i','n','s',0 }; +static const WCHAR ENTERPRISE_DOMAIN_CONTROLLERS[] = { 'E','N','T','E','R','P','R','I','S','E',' ','D','O','M','A','I','N',' ','C','O','N','T','R','O','L','L','E','R','S',0 }; +static const WCHAR Everyone[] = { 'E','v','e','r','y','o','n','e',0 }; +static const WCHAR Group_Policy_Creator_Owners[] = { 'G','r','o','u','p',' ','P','o','l','i','c','y',' ','C','r','e','a','t','o','r',' ','O','w','n','e','r','s',0 }; +static const WCHAR Guest[] = { 'G','u','e','s','t',0 }; +static const WCHAR Guests[] = { 'G','u','e','s','t','s',0 }; +static const WCHAR INTERACTIVE[] = { 'I','N','T','E','R','A','C','T','I','V','E',0 }; +static const WCHAR LOCAL[] = { 'L','O','C','A','L',0 }; +static const WCHAR LOCAL_SERVICE[] = { 'L','O','C','A','L',' ','S','E','R','V','I','C','E',0 }; +static const WCHAR NETWORK[] = { 'N','E','T','W','O','R','K',0 }; +static const WCHAR Network_Configuration_Operators[] = { 'N','e','t','w','o','r','k',' ','C','o','n','f','i','g','u','r','a','t','i','o','n',' ','O','p','e','r','a','t','o','r','s',0 }; +static const WCHAR NETWORK_SERVICE[] = { 'N','E','T','W','O','R','K',' ','S','E','R','V','I','C','E',0 }; +static const WCHAR NT_AUTHORITY[] = { 'N','T',' ','A','U','T','H','O','R','I','T','Y',0 }; +static const WCHAR NT_Pseudo_Domain[] = { 'N','T',' ','P','s','e','u','d','o',' ','D','o','m','a','i','n',0 }; +static const WCHAR NTML_Authentication[] = { 'N','T','M','L',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 }; +static const WCHAR NULL_SID[] = { 'N','U','L','L',' ','S','I','D',0 }; +static const WCHAR Other_Organization[] = { 'O','t','h','e','r',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 }; +static const WCHAR Performance_Log_Users[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','L','o','g',' ','U','s','e','r','s',0 }; +static const WCHAR Performance_Monitor_Users[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','M','o','n','i','t','o','r',' ','U','s','e','r','s',0 }; +static const WCHAR Power_Users[] = { 'P','o','w','e','r',' ','U','s','e','r','s',0 }; +static const WCHAR Pre_Windows_2000_Compatible_Access[] = { 'P','r','e','-','W','i','n','d','o','w','s',' ','2','0','0','0',' ','C','o','m','p','a','t','i','b','l','e',' ','A','c','c','e','s','s',0 }; +static const WCHAR Print_Operators[] = { 'P','r','i','n','t',' ','O','p','e','r','a','t','o','r','s',0 }; +static const WCHAR PROXY[] = { 'P','R','O','X','Y',0 }; +static const WCHAR RAS_and_IAS_Servers[] = { 'R','A','S',' ','a','n','d',' ','I','A','S',' ','S','e','r','v','e','r','s',0 }; +static const WCHAR Remote_Desktop_Users[] = { 'R','e','m','o','t','e',' ','D','e','s','k','t','o','p',' ','U','s','e','r','s',0 }; +static const WCHAR REMOTE_INTERACTIVE_LOGON[] = { 'R','E','M','O','T','E',' ','I','N','T','E','R','A','C','T','I','V','E',' ','L','O','G','O','N',0 }; +static const WCHAR Replicators[] = { 'R','e','p','l','i','c','a','t','o','r','s',0 }; +static const WCHAR RESTRICTED[] = { 'R','E','S','T','R','I','C','T','E','D',0 }; +static const WCHAR SChannel_Authentication[] = { 'S','C','h','a','n','n','e','l',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 }; +static const WCHAR Schema_Admins[] = { 'S','c','h','e','m','a',' ','A','d','m','i','n','s',0 }; +static const WCHAR SELF[] = { 'S','E','L','F',0 }; +static const WCHAR Server_Operators[] = { 'S','e','r','v','e','r',' ','O','p','e','r','a','t','o','r','s',0 }; +static const WCHAR SERVICE[] = { 'S','E','R','V','I','C','E',0 }; +static const WCHAR SYSTEM[] = { 'S','Y','S','T','E','M',0 }; +static const WCHAR TERMINAL_SERVER_USER[] = { 'T','E','R','M','I','N','A','L',' ','S','E','R','V','E','R',' ','U','S','E','R',0 }; +static const WCHAR This_Organization[] = { 'T','h','i','s',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 }; +static const WCHAR Users[] = { 'U','s','e','r','s',0 }; + +static const AccountSid ACCOUNT_SIDS[] = { + { WinNullSid, NULL_SID, Blank, SidTypeWellKnownGroup }, + { WinWorldSid, Everyone, Blank, SidTypeWellKnownGroup }, + { WinLocalSid, LOCAL, Blank, SidTypeWellKnownGroup }, + { WinCreatorOwnerSid, CREATOR_OWNER, Blank, SidTypeWellKnownGroup }, + { WinCreatorGroupSid, CREATOR_GROUP, Blank, SidTypeWellKnownGroup }, + { WinCreatorOwnerServerSid, CREATOR_OWNER_SERVER, Blank, SidTypeWellKnownGroup }, + { WinCreatorGroupServerSid, CREATOR_GROUP_SERVER, Blank, SidTypeWellKnownGroup }, + { WinNtAuthoritySid, NT_Pseudo_Domain, NT_Pseudo_Domain, SidTypeDomain }, + { WinDialupSid, DIALUP, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinNetworkSid, NETWORK, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinBatchSid, BATCH, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinInteractiveSid, INTERACTIVE, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinServiceSid, SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinAnonymousSid, ANONYMOUS_LOGON, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinProxySid, PROXY, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinEnterpriseControllersSid, ENTERPRISE_DOMAIN_CONTROLLERS, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinSelfSid, SELF, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinAuthenticatedUserSid, Authenticated_Users, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinRestrictedCodeSid, RESTRICTED, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinTerminalServerSid, TERMINAL_SERVER_USER, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinRemoteLogonIdSid, REMOTE_INTERACTIVE_LOGON, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinLocalSystemSid, SYSTEM, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinLocalServiceSid, LOCAL_SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinNetworkServiceSid, NETWORK_SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinBuiltinDomainSid, BUILTIN, BUILTIN, SidTypeDomain }, + { WinBuiltinAdministratorsSid, Administrators, BUILTIN, SidTypeAlias }, + { WinBuiltinUsersSid, Users, BUILTIN, SidTypeAlias }, + { WinBuiltinGuestsSid, Guests, BUILTIN, SidTypeAlias }, + { WinBuiltinPowerUsersSid, Power_Users, BUILTIN, SidTypeAlias }, + { WinBuiltinAccountOperatorsSid, Account_Operators, BUILTIN, SidTypeAlias }, + { WinBuiltinSystemOperatorsSid, Server_Operators, BUILTIN, SidTypeAlias }, + { WinBuiltinPrintOperatorsSid, Print_Operators, BUILTIN, SidTypeAlias }, + { WinBuiltinBackupOperatorsSid, Backup_Operators, BUILTIN, SidTypeAlias }, + { WinBuiltinReplicatorSid, Replicators, BUILTIN, SidTypeAlias }, + { WinBuiltinPreWindows2000CompatibleAccessSid, Pre_Windows_2000_Compatible_Access, BUILTIN, SidTypeAlias }, + { WinBuiltinRemoteDesktopUsersSid, Remote_Desktop_Users, BUILTIN, SidTypeAlias }, + { WinBuiltinNetworkConfigurationOperatorsSid, Network_Configuration_Operators, BUILTIN, SidTypeAlias }, + { WinNTLMAuthenticationSid, NTML_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinDigestAuthenticationSid, Digest_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinSChannelAuthenticationSid, SChannel_Authentication, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinThisOrganizationSid, This_Organization, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinOtherOrganizationSid, Other_Organization, NT_AUTHORITY, SidTypeWellKnownGroup }, + { WinBuiltinPerfMonitoringUsersSid, Performance_Monitor_Users, BUILTIN, SidTypeAlias }, + { WinBuiltinPerfLoggingUsersSid, Performance_Log_Users, BUILTIN, SidTypeAlias }, +}; +#endif + + +BOOLEAN +LsapCreateSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, + UCHAR SubAuthorityCount, + PULONG SubAuthorities, + PWSTR Name, + PWSTR Domain, + SID_NAME_USE NameUse) +{ + PWELL_KNOWN_SID SidEntry; + PULONG p; + ULONG i; + + SidEntry = RtlAllocateHeap(RtlGetProcessHeap(), 0, sizeof(WELL_KNOWN_SID)); + if (SidEntry == NULL) + return FALSE; + + InitializeListHead(&SidEntry->ListEntry); + + SidEntry->Sid = RtlAllocateHeap(RtlGetProcessHeap(), + 0, + RtlLengthRequiredSid(SubAuthorityCount)); + if (SidEntry->Sid == NULL) + { + RtlFreeHeap(RtlGetProcessHeap(), 0, SidEntry); + return FALSE; + } + + RtlInitializeSid(SidEntry->Sid, + IdentifierAuthority, + SubAuthorityCount); + + for (i = 0; i < (ULONG)SubAuthorityCount; i++) + { + p = RtlSubAuthoritySid(SidEntry->Sid, i); + *p = SubAuthorities[i]; + } + + RtlInitUnicodeString(&SidEntry->Name, + Name); + + RtlInitUnicodeString(&SidEntry->Domain, + Domain); + + SidEntry->NameUse = NameUse; + + InsertTailList(&WellKnownSidListHead, + &SidEntry->ListEntry); + + return TRUE; +} + + +NTSTATUS +LsapInitSids(VOID) +{ + ULONG SubAuthorities[5]; + + InitializeListHead(&WellKnownSidListHead); + + /* Null Sid */ + SubAuthorities[0] = SECURITY_NULL_RID; + LsapCreateSid(&NullSidAuthority, + 1, + SubAuthorities, + L"NULL SID", + L"", + SidTypeWellKnownGroup); + + /* World Sid */ + SubAuthorities[0] = SECURITY_WORLD_RID; + LsapCreateSid(&WorldSidAuthority, + 1, + SubAuthorities, + L"Everyone", + L"", + SidTypeWellKnownGroup); + + /* Local Sid */ + SubAuthorities[0] = SECURITY_LOCAL_RID; + LsapCreateSid(&LocalSidAuthority, + 1, + SubAuthorities, + L"LOCAL", + L"", + SidTypeWellKnownGroup); + + /* Creator Owner Sid */ + SubAuthorities[0] = SECURITY_CREATOR_OWNER_RID; + LsapCreateSid(&CreatorSidAuthority, + 1, + SubAuthorities, + L"CREATOR OWNER", + L"", + SidTypeWellKnownGroup); + + /* Creator Group Sid */ + SubAuthorities[0] = SECURITY_CREATOR_GROUP_RID; + LsapCreateSid(&CreatorSidAuthority, + 1, + SubAuthorities, + L"CREATOR GROUP", + L"", + SidTypeWellKnownGroup); + + /* Creator Owner Server Sid */ + SubAuthorities[0] = SECURITY_CREATOR_OWNER_SERVER_RID; + LsapCreateSid(&CreatorSidAuthority, + 1, + SubAuthorities, + L"CREATOR OWNER SERVER", + L"", + SidTypeWellKnownGroup); + + /* Creator Group Server Sid */ + SubAuthorities[0] = SECURITY_CREATOR_GROUP_SERVER_RID; + LsapCreateSid(&CreatorSidAuthority, + 1, + SubAuthorities, + L"CREATOR GROUP SERVER", + L"", + SidTypeWellKnownGroup); + + /* NT Domain Sid */ + LsapCreateSid(&NtAuthority, + 0, + NULL, + L"", + L"NT Pseudo Domain", + SidTypeDomain); + + /* Dialup Sid */ + SubAuthorities[0] = SECURITY_DIALUP_RID; + LsapCreateSid(&NtAuthority, + 1, + SubAuthorities, + L"DIALUP", + L"NT AUTHORITY", + SidTypeWellKnownGroup); + + /* Network Sid */ + SubAuthorities[0] = SECURITY_NETWORK_RID; + LsapCreateSid(&NtAuthority, + 1, + SubAuthorities, + L"NETWORK", + L"NT AUTHORITY", + SidTypeWellKnownGroup); + + /* Batch Sid*/ + SubAuthorities[0] = SECURITY_BATCH_RID; + LsapCreateSid(&NtAuthority, + 1, + SubAuthorities, + L"BATCH", + L"NT AUTHORITY", + SidTypeWellKnownGroup); + + /* Interactive Sid */ + SubAuthorities[0] = SECURITY_INTERACTIVE_RID; + LsapCreateSid(&NtAuthority, + 1, + SubAuthorities, + L"INTERACTIVE", + L"NT AUTHORITY", + SidTypeWellKnownGroup); + + /* Service Sid */ + SubAuthorities[0] = SECURITY_SERVICE_RID; + LsapCreateSid(&NtAuthority, + 1, + SubAuthorities, + L"SERVICE", + L"NT AUTHORITY", + SidTypeWellKnownGroup); + + /* Anonymous Logon Sid */ + SubAuthorities[0] = SECURITY_ANONYMOUS_LOGON_RID; + LsapCreateSid(&NtAuthority, + 1, + SubAuthorities, + L"ANONYMOUS LOGON", + L"NT AUTHORITY", + SidTypeWellKnownGroup); + + /* FIXME: Add more well known sids */ + + return STATUS_SUCCESS; +} + + +PWELL_KNOWN_SID +LsapLookupWellKnownSid(PSID Sid) +{ + PLIST_ENTRY ListEntry; + PWELL_KNOWN_SID Ptr; + + ListEntry = WellKnownSidListHead.Flink; + while (ListEntry != &WellKnownSidListHead) + { + Ptr = CONTAINING_RECORD(ListEntry, + WELL_KNOWN_SID, + ListEntry); + if (RtlEqualSid(Sid, Ptr->Sid)) + { + return Ptr; + } + + ListEntry = ListEntry->Flink; + } + + return NULL; +} + + +NTSTATUS +LsapLookupSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, + PLSAPR_TRANSLATED_NAME OutputNames) +{ + static const UNICODE_STRING UserName = RTL_CONSTANT_STRING(L"Administrator"); + PWELL_KNOWN_SID ptr; + ULONG Mapped = 0; + ULONG i; + NTSTATUS Status; + + PSID *Sids = (PSID *) SidEnumBuffer->SidInfo; + +TRACE("LsapLookupSids(%p, %p)\n", SidEnumBuffer, OutputNames); +TRACE("SidEnumBuffer->Entries: %lu\n", SidEnumBuffer->Entries); +TRACE("SidEnumBuffer->SidInfo: %p\n", SidEnumBuffer->SidInfo); + + for (i = 0; i < SidEnumBuffer->Entries; i++) + { +TRACE("i: %lu\n", i); + ptr = LsapLookupWellKnownSid(Sids[i]); + if (ptr != NULL) + { + OutputNames[i].Use = ptr->NameUse; + + OutputNames[i].DomainIndex = i; /* Fixme */ + + OutputNames[i].Name.Buffer = MIDL_user_allocate(ptr->Name.MaximumLength); + OutputNames[i].Name.Length = ptr->Name.Length; + OutputNames[i].Name.MaximumLength = ptr->Name.MaximumLength; + RtlCopyMemory(OutputNames[i].Name.Buffer, ptr->Name.Buffer, ptr->Name.MaximumLength); + + Mapped++; + } + else + { + OutputNames[i].Use = SidTypeWellKnownGroup; + OutputNames[i].DomainIndex = i; + OutputNames[i].Name.Buffer = MIDL_user_allocate(UserName.MaximumLength); + OutputNames[i].Name.Length = UserName.Length; + OutputNames[i].Name.MaximumLength = UserName.MaximumLength; + RtlCopyMemory(OutputNames[i].Name.Buffer, UserName.Buffer, UserName.MaximumLength); + + Mapped++; + } + } + + if (Mapped == 0) + Status = STATUS_NONE_MAPPED; + else if (Mapped < SidEnumBuffer->Entries) + Status = STATUS_SOME_NOT_MAPPED; + else + Status = STATUS_SUCCESS; + + return Status; +} + +/* EOF */