diff --git a/reactos/dll/win32/advapi32/misc/logon.c b/reactos/dll/win32/advapi32/misc/logon.c index 689e1c192f0..5e333ab4911 100644 --- a/reactos/dll/win32/advapi32/misc/logon.c +++ b/reactos/dll/win32/advapi32/misc/logon.c @@ -211,9 +211,104 @@ UsernameDone: static BOOL WINAPI -SamGetUserSid(LPCWSTR UserName, - PSID *Sid) +GetAccountDomainSid(PSID *Sid) { + PPOLICY_ACCOUNT_DOMAIN_INFO Info = NULL; + LSA_OBJECT_ATTRIBUTES ObjectAttributes; + LSA_HANDLE PolicyHandle; + PSID lpSid; + ULONG Length; + NTSTATUS Status; + + *Sid = NULL; + + memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES)); + ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES); + + Status = LsaOpenPolicy(NULL, + &ObjectAttributes, + POLICY_VIEW_LOCAL_INFORMATION, + &PolicyHandle); + if (!NT_SUCCESS(Status)) + { + ERR("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status); + return FALSE; + } + + Status = LsaQueryInformationPolicy(PolicyHandle, + PolicyAccountDomainInformation, + (PVOID *)&Info); + if (!NT_SUCCESS(Status)) + { + ERR("LsaQueryInformationPolicy failed (Status: 0x%08lx)\n", Status); + LsaClose(PolicyHandle); + return FALSE; + } + + Length = RtlLengthSid(Info->DomainSid); + + lpSid = RtlAllocateHeap(RtlGetProcessHeap(), + 0, + Length); + if (lpSid == NULL) + { + ERR("Failed to allocate SID buffer!\n"); + LsaFreeMemory(Info); + LsaClose(PolicyHandle); + return FALSE; + } + + memcpy(lpSid, Info->DomainSid, Length); + + *Sid = lpSid; + + LsaFreeMemory(Info); + LsaClose(PolicyHandle); + + return TRUE; +} + + +static PSID +AppendRidToSid(PSID SrcSid, + ULONG Rid) +{ + ULONG Rids[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + UCHAR RidCount; + PSID DstSid; + ULONG i; + + RidCount = *RtlSubAuthorityCountSid(SrcSid); + if (RidCount >= 8) + return NULL; + + for (i = 0; i < RidCount; i++) + Rids[i] = *RtlSubAuthoritySid(SrcSid, i); + + Rids[RidCount] = Rid; + RidCount++; + + RtlAllocateAndInitializeSid(RtlIdentifierAuthoritySid(SrcSid), + RidCount, + Rids[0], + Rids[1], + Rids[2], + Rids[3], + Rids[4], + Rids[5], + Rids[6], + Rids[7], + &DstSid); + + return DstSid; +} + + +static BOOL WINAPI +GetUserSid(LPCWSTR UserName, + PSID *Sid) +{ +#if 0 PSID lpSid; DWORD dwLength; HKEY hUsersKey; @@ -303,100 +398,56 @@ SamGetUserSid(LPCWSTR UserName, *Sid = lpSid; return TRUE; -} +#endif + PSID AccountDomainSid = NULL; + ULONG ulUserRid; + DWORD dwLength; + HKEY hNamesKey = NULL; + LONG lError; + BOOL bResult = TRUE; -static BOOL WINAPI -GetDomainSid(PSID *Sid) -{ - PPOLICY_ACCOUNT_DOMAIN_INFO Info = NULL; - LSA_OBJECT_ATTRIBUTES ObjectAttributes; - LSA_HANDLE PolicyHandle; - PSID lpSid; - ULONG Length; - NTSTATUS Status; - - *Sid = NULL; - - memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES)); - ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES); - - Status = LsaOpenPolicy(NULL, - &ObjectAttributes, - POLICY_TRUST_ADMIN, - &PolicyHandle); - if (!NT_SUCCESS(Status)) + if (!GetAccountDomainSid(&AccountDomainSid)) { - ERR("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status); return FALSE; } - Status = LsaQueryInformationPolicy(PolicyHandle, - PolicyAccountDomainInformation, - (PVOID *)&Info); - if (!NT_SUCCESS(Status)) + /* Open the Users\Names key */ + if (RegOpenKeyExW(HKEY_LOCAL_MACHINE, + L"SAM\\SAM\\Domains\\Account\\Users\\Names", + 0, + KEY_READ, + &hNamesKey)) { - ERR("LsaQueryInformationPolicy failed (Status: 0x%08lx)\n", Status); - LsaClose(PolicyHandle); - return FALSE; + ERR("Failed to open Users\\Names key! (Error %lu)\n", GetLastError()); + bResult = FALSE; + goto done; } - Length = RtlLengthSid(Info->DomainSid); - - lpSid = RtlAllocateHeap(RtlGetProcessHeap(), - 0, - Length); - if (lpSid == NULL) + /* Read the user RID */ + dwLength = sizeof(ULONG); + if (RegQueryValueExW(hNamesKey, + UserName, + NULL, + NULL, + (LPBYTE)&ulUserRid, + &dwLength)) { - ERR("Failed to allocate SID buffer!\n"); - LsaFreeMemory(Info); - LsaClose(PolicyHandle); - return FALSE; + ERR("Failed to read the SID! (Error %ld)\n", lError); + bResult = FALSE; + goto done; } - memcpy(lpSid, Info->DomainSid, Length); + *Sid = AppendRidToSid(AccountDomainSid, ulUserRid); - *Sid = lpSid; +done: + if (hNamesKey != NULL) + RegCloseKey(hNamesKey); - LsaFreeMemory(Info); - LsaClose(PolicyHandle); + if (AccountDomainSid != NULL) + RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid); - return TRUE; -} - - -static PSID -AppendRidToSid(PSID SrcSid, - ULONG Rid) -{ - ULONG Rids[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - UCHAR RidCount; - PSID DstSid; - ULONG i; - - RidCount = *RtlSubAuthorityCountSid(SrcSid); - if (RidCount >= 8) - return NULL; - - for (i = 0; i < RidCount; i++) - Rids[i] = *RtlSubAuthoritySid(SrcSid, i); - - Rids[RidCount] = Rid; - RidCount++; - - RtlAllocateAndInitializeSid(RtlIdentifierAuthoritySid(SrcSid), - RidCount, - Rids[0], - Rids[1], - Rids[2], - Rids[3], - Rids[4], - Rids[5], - Rids[6], - Rids[7], - &DstSid); - - return DstSid; + return bResult; } @@ -419,7 +470,7 @@ AllocateGroupSids(OUT PSID *PrimaryGroupSid, if (!NT_SUCCESS(Status)) return NULL; - if (!GetDomainSid(&DomainSid)) + if (!GetAccountDomainSid(&DomainSid)) return NULL; TokenGroups = RtlAllocateHeap( @@ -669,7 +720,7 @@ LogonUserW(LPWSTR lpszUsername, ExpirationTime.QuadPart = -1; /* Get the user SID from the registry */ - if (!SamGetUserSid (lpszUsername, &UserSid)) + if (!GetUserSid (lpszUsername, &UserSid)) { ERR("SamGetUserSid() failed\n"); return FALSE; diff --git a/reactos/dll/win32/samlib/samlib.c b/reactos/dll/win32/samlib/samlib.c index 3dc63702773..d77543b1469 100644 --- a/reactos/dll/win32/samlib/samlib.c +++ b/reactos/dll/win32/samlib/samlib.c @@ -36,286 +36,6 @@ WINE_DEFAULT_DEBUG_CHANNEL(samlib); /* FUNCTIONS *****************************************************************/ -/* - * ERROR_USER_EXISTS - */ -BOOL WINAPI -SamCreateUser (PWSTR UserName, - PWSTR UserPassword, - PSID UserSid) -{ - DWORD dwDisposition; - HKEY hUsersKey; - HKEY hUserKey; - - TRACE("SamCreateUser() called\n"); - - /* FIXME: Check whether the SID is a real user sid */ - - /* Open the Users key */ - if (RegOpenKeyExW (HKEY_LOCAL_MACHINE, - L"SAM\\SAM\\Domains\\Account\\Users", - 0, - KEY_ALL_ACCESS, - &hUsersKey)) - { - ERR("Failed to open Account key! (Error %lu)\n", GetLastError()); - return FALSE; - } - - /* Create user name key */ - if (RegCreateKeyExW (hUsersKey, - UserName, - 0, - NULL, - REG_OPTION_NON_VOLATILE, - KEY_ALL_ACCESS, - NULL, - &hUserKey, - &dwDisposition)) - { - ERR("Failed to create/open the user key! (Error %lu)\n", GetLastError()); - RegCloseKey (hUsersKey); - return FALSE; - } - - RegCloseKey (hUsersKey); - - if (dwDisposition == REG_OPENED_EXISTING_KEY) - { - ERR("User already exists!\n"); - RegCloseKey (hUserKey); - SetLastError (ERROR_USER_EXISTS); - return FALSE; - } - - - /* Set 'Name' value */ - if (RegSetValueExW (hUserKey, - L"Name", - 0, - REG_SZ, - (LPBYTE)UserName, - (wcslen (UserName) + 1) * sizeof (WCHAR))) - { - ERR("Failed to set the user name value! (Error %lu)\n", GetLastError()); - RegCloseKey (hUserKey); - return FALSE; - } - - /* Set 'Password' value */ - if (RegSetValueExW (hUserKey, - L"Password", - 0, - REG_SZ, - (LPBYTE)UserPassword, - (wcslen (UserPassword) + 1) * sizeof (WCHAR))) - { - ERR("Failed to set the user name value! (Error %lu)\n", GetLastError()); - RegCloseKey (hUserKey); - return FALSE; - } - - /* Set 'Sid' value */ - if (RegSetValueExW (hUserKey, - L"Sid", - 0, - REG_BINARY, - (LPBYTE)UserSid, - RtlLengthSid (UserSid))) - { - ERR("Failed to set the user SID value! (Error %lu)\n", GetLastError()); - RegCloseKey (hUserKey); - return FALSE; - } - - RegCloseKey (hUserKey); - - TRACE("SamCreateUser() done\n"); - - return TRUE; -} - - -/* - * ERROR_WRONG_PASSWORD - * ERROR_NO_SUCH_USER - */ -BOOL WINAPI -SamCheckUserPassword (PWSTR UserName, - PWSTR UserPassword) -{ - WCHAR szPassword[256]; - DWORD dwLength; - HKEY hUsersKey; - HKEY hUserKey; - - TRACE("SamCheckUserPassword() called\n"); - - /* Open the Users key */ - if (RegOpenKeyExW (HKEY_LOCAL_MACHINE, - L"SAM\\SAM\\Domains\\Account\\Users", - 0, - KEY_READ, - &hUsersKey)) - { - ERR("Failed to open Users key! (Error %lu)\n", GetLastError()); - return FALSE; - } - - /* Open the user key */ - if (RegOpenKeyExW (hUsersKey, - UserName, - 0, - KEY_READ, - &hUserKey)) - { - if (GetLastError () == ERROR_FILE_NOT_FOUND) - { - ERR("Invalid user name!\n"); - SetLastError (ERROR_NO_SUCH_USER); - } - else - { - ERR("Failed to open user key! (Error %lu)\n", GetLastError()); - } - - RegCloseKey (hUsersKey); - return FALSE; - } - - RegCloseKey (hUsersKey); - - /* Get the password */ - dwLength = 256 * sizeof(WCHAR); - if (RegQueryValueExW (hUserKey, - L"Password", - NULL, - NULL, - (LPBYTE)szPassword, - &dwLength)) - { - ERR("Failed to read the password! (Error %lu)\n", GetLastError()); - RegCloseKey (hUserKey); - return FALSE; - } - - RegCloseKey (hUserKey); - - /* Compare passwords */ - if ((wcslen (szPassword) != wcslen (UserPassword)) || - (wcscmp (szPassword, UserPassword) != 0)) - { - ERR("Wrong password!\n"); - SetLastError (ERROR_WRONG_PASSWORD); - return FALSE; - } - - TRACE("SamCheckUserPassword() done\n"); - - return TRUE; -} - - -BOOL WINAPI -SamGetUserSid (PWSTR UserName, - PSID *Sid) -{ - PSID lpSid; - DWORD dwLength; - HKEY hUsersKey; - HKEY hUserKey; - - TRACE("SamGetUserSid() called\n"); - - if (Sid != NULL) - *Sid = NULL; - - /* Open the Users key */ - if (RegOpenKeyExW (HKEY_LOCAL_MACHINE, - L"SAM\\SAM\\Domains\\Account\\Users", - 0, - KEY_READ, - &hUsersKey)) - { - ERR("Failed to open Users key! (Error %lu)\n", GetLastError()); - return FALSE; - } - - /* Open the user key */ - if (RegOpenKeyExW (hUsersKey, - UserName, - 0, - KEY_READ, - &hUserKey)) - { - if (GetLastError () == ERROR_FILE_NOT_FOUND) - { - ERR("Invalid user name!\n"); - SetLastError (ERROR_NO_SUCH_USER); - } - else - { - ERR("Failed to open user key! (Error %lu)\n", GetLastError()); - } - - RegCloseKey (hUsersKey); - return FALSE; - } - - RegCloseKey (hUsersKey); - - /* Get SID size */ - dwLength = 0; - if (RegQueryValueExW (hUserKey, - L"Sid", - NULL, - NULL, - NULL, - &dwLength)) - { - ERR("Failed to read the SID size! (Error %lu)\n", GetLastError()); - RegCloseKey (hUserKey); - return FALSE; - } - - /* Allocate sid buffer */ - TRACE("Required SID buffer size: %lu\n", dwLength); - lpSid = (PSID)RtlAllocateHeap (RtlGetProcessHeap (), - 0, - dwLength); - if (lpSid == NULL) - { - ERR("Failed to allocate SID buffer!\n"); - RegCloseKey (hUserKey); - return FALSE; - } - - /* Read sid */ - if (RegQueryValueExW (hUserKey, - L"Sid", - NULL, - NULL, - (LPBYTE)lpSid, - &dwLength)) - { - ERR("Failed to read the SID! (Error %lu)\n", GetLastError()); - RtlFreeHeap (RtlGetProcessHeap (), - 0, - lpSid); - RegCloseKey (hUserKey); - return FALSE; - } - - RegCloseKey (hUserKey); - - *Sid = lpSid; - - TRACE("SamGetUserSid() done\n"); - - return TRUE; -} - void __RPC_FAR * __RPC_USER midl_user_allocate(SIZE_T len) { return HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len); diff --git a/reactos/dll/win32/samlib/samlib.spec b/reactos/dll/win32/samlib/samlib.spec index b2a53077018..6abfa9f64f3 100644 --- a/reactos/dll/win32/samlib/samlib.spec +++ b/reactos/dll/win32/samlib/samlib.spec @@ -63,7 +63,3 @@ @ stub SamiSetBootKeyInformation @ stub SamiSetDSRMPassword @ stub SamiSetDSRMPasswordOWF - -@ stdcall SamCreateUser(wstr wstr ptr) -@ stdcall SamCheckUserPassword(wstr wstr) -@ stdcall SamGetUserSid(wstr ptr) diff --git a/reactos/dll/win32/syssetup/globals.h b/reactos/dll/win32/syssetup/globals.h index 483a6d4d7f5..385b5c810c4 100644 --- a/reactos/dll/win32/syssetup/globals.h +++ b/reactos/dll/win32/syssetup/globals.h @@ -64,7 +64,6 @@ extern SETUPDATA SetupData; /* security.c */ NTSTATUS SetAccountDomain(LPCWSTR DomainName, PSID DomainSid); -NTSTATUS GetAccountDomainInfo(PPOLICY_ACCOUNT_DOMAIN_INFO *AccountDomainInfo); VOID InstallSecurity(VOID); /* wizard.c */ diff --git a/reactos/dll/win32/syssetup/install.c b/reactos/dll/win32/syssetup/install.c index 01b99dde738..8b1450cc67d 100644 --- a/reactos/dll/win32/syssetup/install.c +++ b/reactos/dll/win32/syssetup/install.c @@ -224,40 +224,6 @@ CreateShortcutFolder(int csidl, UINT nID, LPTSTR pszName, int cchNameLen) return CreateDirectory(szPath, NULL) || GetLastError()==ERROR_ALREADY_EXISTS; } -static VOID -AppendRidToSid( - OUT PSID *Dst, - IN PSID Src, - IN ULONG NewRid) -{ - ULONG Rid[8] = {0, 0, 0, 0, 0, 0, 0, 0}; - UCHAR RidCount; - ULONG i; - - RidCount = *RtlSubAuthorityCountSid (Src); - - for (i = 0; i < RidCount; i++) - Rid[i] = *RtlSubAuthoritySid (Src, i); - - if (RidCount < 8) - { - Rid[RidCount] = NewRid; - RidCount++; - } - - RtlAllocateAndInitializeSid( - RtlIdentifierAuthoritySid(Src), - RidCount, - Rid[0], - Rid[1], - Rid[2], - Rid[3], - Rid[4], - Rid[5], - Rid[6], - Rid[7], - Dst); -} static VOID CreateTempDir( @@ -848,10 +814,7 @@ SetSetupType(DWORD dwSetupType) DWORD WINAPI InstallReactOS(HINSTANCE hInstance) { - PPOLICY_ACCOUNT_DOMAIN_INFO AccountDomainInfo = NULL; - PSID AdminSid = NULL; TCHAR szBuffer[MAX_PATH]; - DWORD LastError; HANDLE token; TOKEN_PRIVILEGES privs; HKEY hKey; @@ -865,18 +828,6 @@ InstallReactOS(HINSTANCE hInstance) return 0; } - /* Get account domain information */ - if (GetAccountDomainInfo(&AccountDomainInfo) != STATUS_SUCCESS) - { - FatalError("GetAccountDomainInfo() failed!"); - return 0; - } - - /* Append the Admin-RID */ - AppendRidToSid(&AdminSid, AccountDomainInfo->DomainSid, DOMAIN_USER_RID_ADMIN); - - LsaFreeMemory(AccountDomainInfo); - CreateTempDir(L"TEMP"); CreateTempDir(L"TMP"); @@ -917,25 +868,6 @@ InstallReactOS(HINSTANCE hInstance) InstallSecurity(); - /* Create the Administrator account */ - if (!SamCreateUser(L"Administrator", L"", AdminSid)) - { - /* Check what the error was. - * If the Admin Account already exists, then it means Setup - * wasn't allowed to finish properly. Instead of rebooting - * and not completing it, let it restart instead - */ - LastError = GetLastError(); - if (LastError != ERROR_USER_EXISTS) - { - FatalError("SamCreateUser() failed!"); - RtlFreeSid(AdminSid); - return 0; - } - } - - RtlFreeSid(AdminSid); - if (!CreateShortcuts()) { FatalError("CreateShortcuts() failed"); diff --git a/reactos/dll/win32/syssetup/security.c b/reactos/dll/win32/syssetup/security.c index 3d822fb9daf..a8a449add00 100644 --- a/reactos/dll/win32/syssetup/security.c +++ b/reactos/dll/win32/syssetup/security.c @@ -89,38 +89,6 @@ SetAccountDomain(LPCWSTR DomainName, } -NTSTATUS -GetAccountDomainInfo(PPOLICY_ACCOUNT_DOMAIN_INFO *AccountDomainInfo) -{ - LSA_OBJECT_ATTRIBUTES ObjectAttributes; - LSA_HANDLE PolicyHandle; - NTSTATUS Status; - - DPRINT1("SYSSETUP: GetAccountDomain\n"); - - memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES)); - ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES); - - Status = LsaOpenPolicy(NULL, - &ObjectAttributes, - POLICY_TRUST_ADMIN, - &PolicyHandle); - if (Status != STATUS_SUCCESS) - { - DPRINT("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status); - return Status; - } - - Status = LsaQueryInformationPolicy(PolicyHandle, - PolicyAccountDomainInformation, - (PVOID *)AccountDomainInfo); - - LsaClose(PolicyHandle); - - return Status; -} - - static VOID InstallBuiltinAccounts(VOID)