[LSASRV]

- Add well-known account names "LOCALSERVICE" and "NETWORKSERVICE" as aliases of "LOCAL SERVICE" and "NETWORKSERVICE". They can be found on a german Windows XP. - Remove a part LsaLookupSids that returned "UNKNOWN\Test" for unknown SIDs. Was used for tests only. svn path=/trunk/; revision=57568
2025-04-20 04:20:46 +00:00 · 2012-10-17 20:16:06 +00:00 · 2012-10-17 20:16:06 +00:00 · c881b2b949
commit c881b2b949
parent 08f38d2ff7
1 changed files with 14 additions and 86 deletions
--- a/reactos/dll/win32/lsasrv/sids.c
+++ b/reactos/dll/win32/lsasrv/sids.c
@ -472,6 +472,13 @@ LsapInitSids(VOID)
                  L"NT AUTHORITY",
                  SidTypeWellKnownGroup);
    LsapCreateSid(&NtAuthority,
                  1,
                  SubAuthorities,
                  L"LOCALSERVICE",
                  L"NT AUTHORITY",
                  SidTypeWellKnownGroup);
    /* Network Service Sid */
    SubAuthorities[0] = SECURITY_NETWORK_SERVICE_RID;
    LsapCreateSid(&NtAuthority,
@ -481,6 +488,13 @@ LsapInitSids(VOID)
                  L"NT AUTHORITY",
                  SidTypeWellKnownGroup);
    LsapCreateSid(&NtAuthority,
                  1,
                  SubAuthorities,
                  L"NETWORKSERVICE",
                  L"NT AUTHORITY",
                  SidTypeWellKnownGroup);
    /* Builtin Domain Sid */
    SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
    LsapCreateSid(&NtAuthority,
@ -2062,82 +2076,6 @@ done:
 }
 static NTSTATUS
 LsapLookupUnknownSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
                      PLSAPR_TRANSLATED_NAME_EX NamesBuffer,
                      PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer,
                      PULONG Mapped)
 {
    SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY};
    static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"UNKNOWN");
    static const UNICODE_STRING AdminName = RTL_CONSTANT_STRING(L"Test");
    PSID AdminsSid = NULL;
    LPWSTR SidString = NULL;
    ULONG SidLength;
    ULONG DomainIndex;
    ULONG i;
    NTSTATUS Status;
    Status = RtlAllocateAndInitializeSid(&IdentifierAuthority,
                                         2,
                                         SECURITY_BUILTIN_DOMAIN_RID,
                                         DOMAIN_ALIAS_RID_ADMINS,
                                         0, 0, 0, 0, 0, 0,
                                         &AdminsSid);
    if (!NT_SUCCESS(Status))
        goto done;
    SidLength = RtlLengthSid(AdminsSid);
    for (i = 0; i < SidEnumBuffer->Entries; i++)
    {
        /* Ignore SIDs which are already mapped */
        if (NamesBuffer[i].Use != SidTypeUnknown)
            continue;
        ConvertSidToStringSidW(SidEnumBuffer->SidInfo[i].Sid, &SidString);
        TRACE("Mapping SID: %S\n", SidString);
        LocalFree(SidString);
        SidString = NULL;
        /* Hack: Map the SID to the Admin Account if it is not a well-known SID */
        NamesBuffer[i].Use = SidTypeUser;
        NamesBuffer[i].Flags = 0;
        NamesBuffer[i].Name.Length = AdminName.Length;
        NamesBuffer[i].Name.MaximumLength = AdminName.MaximumLength;
        NamesBuffer[i].Name.Buffer = MIDL_user_allocate(AdminName.MaximumLength);
        if (NamesBuffer[i].Name.Buffer == NULL)
        {
            Status = STATUS_INSUFFICIENT_RESOURCES;
            goto done;
        }
        RtlCopyMemory(NamesBuffer[i].Name.Buffer, AdminName.Buffer, AdminName.MaximumLength);
        Status = LsapAddDomainToDomainsList(DomainsBuffer,
                                            (PUNICODE_STRING)&DomainName,
                                            AdminsSid,
                                            &DomainIndex);
        if (!NT_SUCCESS(Status))
            goto done;
        NamesBuffer[i].DomainIndex = DomainIndex;
        TRACE("Mapped to: %wZ\n", &NamesBuffer[i].Name);
        (*Mapped)++;
    }
 done:
    if (AdminsSid != NULL)
        RtlFreeSid(AdminsSid);
    return Status;
 }
 NTSTATUS
 LsapLookupSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
               PLSAPR_REFERENCED_DOMAIN_LIST *ReferencedDomains,
@ -2229,16 +2167,6 @@ LsapLookupSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer,
    if (Mapped == SidEnumBuffer->Entries)
        goto done;
    /* Map unknown SIDs */
    Status = LsapLookupUnknownSids(SidEnumBuffer,
                                   NamesBuffer,
                                   DomainsBuffer,
                                   &Mapped);
    if (!NT_SUCCESS(Status) &&
        Status != STATUS_NONE_MAPPED &&
        Status != STATUS_SOME_NOT_MAPPED)
        goto done;
 done:
    TRACE("done Status: %lx  Mapped: %lu\n", Status, Mapped);