diff --git a/reactos/dll/win32/lsasrv/lsasrv.h b/reactos/dll/win32/lsasrv/lsasrv.h index 06bd2f1277e..47c00d389ab 100644 --- a/reactos/dll/win32/lsasrv/lsasrv.h +++ b/reactos/dll/win32/lsasrv/lsasrv.h @@ -479,6 +479,20 @@ LsapLoadString(HINSTANCE hInstance, LPWSTR lpBuffer, INT nBufferMax); +INT +LsapGetResourceStringLengthEx( + _In_ HINSTANCE hInstance, + _In_ UINT uId, + _In_ USHORT usLanguage); + +INT +LsapLoadStringEx( + _In_ HINSTANCE hInstance, + _In_ UINT uId, + _In_ USHORT usLanguage, + _Out_ LPWSTR lpBuffer, + _Out_ INT nBufferMax); + PSID LsapAppendRidToSid( PSID SrcSid, diff --git a/reactos/dll/win32/lsasrv/privileges.c b/reactos/dll/win32/lsasrv/privileges.c index 266abe8b427..f880b0c3d31 100644 --- a/reactos/dll/win32/lsasrv/privileges.c +++ b/reactos/dll/win32/lsasrv/privileges.c @@ -4,15 +4,17 @@ * FILE: reactos/dll/win32/lsasrv/privileges.c * PURPOSE: Privilege lookup functions * - * PROGRAMMERS: Eric Kohl + * PROGRAMMERS: Eric Kohl */ #include "lsasrv.h" +#include "resources.h" typedef struct { LUID Luid; LPCWSTR Name; + INT DisplayNameId; } PRIVILEGE_DATA; typedef struct @@ -26,35 +28,35 @@ typedef struct static const PRIVILEGE_DATA WellKnownPrivileges[] = { - {{SE_CREATE_TOKEN_PRIVILEGE, 0}, SE_CREATE_TOKEN_NAME}, - {{SE_ASSIGNPRIMARYTOKEN_PRIVILEGE, 0}, SE_ASSIGNPRIMARYTOKEN_NAME}, - {{SE_LOCK_MEMORY_PRIVILEGE, 0}, SE_LOCK_MEMORY_NAME}, - {{SE_INCREASE_QUOTA_PRIVILEGE, 0}, SE_INCREASE_QUOTA_NAME}, - {{SE_MACHINE_ACCOUNT_PRIVILEGE, 0}, SE_MACHINE_ACCOUNT_NAME}, - {{SE_TCB_PRIVILEGE, 0}, SE_TCB_NAME}, - {{SE_SECURITY_PRIVILEGE, 0}, SE_SECURITY_NAME}, - {{SE_TAKE_OWNERSHIP_PRIVILEGE, 0}, SE_TAKE_OWNERSHIP_NAME}, - {{SE_LOAD_DRIVER_PRIVILEGE, 0}, SE_LOAD_DRIVER_NAME}, - {{SE_SYSTEM_PROFILE_PRIVILEGE, 0}, SE_SYSTEM_PROFILE_NAME}, - {{SE_SYSTEMTIME_PRIVILEGE, 0}, SE_SYSTEMTIME_NAME}, - {{SE_PROF_SINGLE_PROCESS_PRIVILEGE, 0}, SE_PROF_SINGLE_PROCESS_NAME}, - {{SE_INC_BASE_PRIORITY_PRIVILEGE, 0}, SE_INC_BASE_PRIORITY_NAME}, - {{SE_CREATE_PAGEFILE_PRIVILEGE, 0}, SE_CREATE_PAGEFILE_NAME}, - {{SE_CREATE_PERMANENT_PRIVILEGE, 0}, SE_CREATE_PERMANENT_NAME}, - {{SE_BACKUP_PRIVILEGE, 0}, SE_BACKUP_NAME}, - {{SE_RESTORE_PRIVILEGE, 0}, SE_RESTORE_NAME}, - {{SE_SHUTDOWN_PRIVILEGE, 0}, SE_SHUTDOWN_NAME}, - {{SE_DEBUG_PRIVILEGE, 0}, SE_DEBUG_NAME}, - {{SE_AUDIT_PRIVILEGE, 0}, SE_AUDIT_NAME}, - {{SE_SYSTEM_ENVIRONMENT_PRIVILEGE, 0}, SE_SYSTEM_ENVIRONMENT_NAME}, - {{SE_CHANGE_NOTIFY_PRIVILEGE, 0}, SE_CHANGE_NOTIFY_NAME}, - {{SE_REMOTE_SHUTDOWN_PRIVILEGE, 0}, SE_REMOTE_SHUTDOWN_NAME}, - {{SE_UNDOCK_PRIVILEGE, 0}, SE_UNDOCK_NAME}, - {{SE_SYNC_AGENT_PRIVILEGE, 0}, SE_SYNC_AGENT_NAME}, - {{SE_ENABLE_DELEGATION_PRIVILEGE, 0}, SE_ENABLE_DELEGATION_NAME}, - {{SE_MANAGE_VOLUME_PRIVILEGE, 0}, SE_MANAGE_VOLUME_NAME}, - {{SE_IMPERSONATE_PRIVILEGE, 0}, SE_IMPERSONATE_NAME}, - {{SE_CREATE_GLOBAL_PRIVILEGE, 0}, SE_CREATE_GLOBAL_NAME} + {{SE_CREATE_TOKEN_PRIVILEGE, 0}, SE_CREATE_TOKEN_NAME, IDS_CREATE_TOKEN_PRIVILEGE}, + {{SE_ASSIGNPRIMARYTOKEN_PRIVILEGE, 0}, SE_ASSIGNPRIMARYTOKEN_NAME, IDS_ASSIGNPRIMARYTOKEN_PRIVILEGE}, + {{SE_LOCK_MEMORY_PRIVILEGE, 0}, SE_LOCK_MEMORY_NAME, IDS_LOCK_MEMORY_PRIVILEGE}, + {{SE_INCREASE_QUOTA_PRIVILEGE, 0}, SE_INCREASE_QUOTA_NAME, IDS_INCREASE_QUOTA_PRIVILEGE}, + {{SE_MACHINE_ACCOUNT_PRIVILEGE, 0}, SE_MACHINE_ACCOUNT_NAME, IDS_MACHINE_ACCOUNT_PRIVILEGE}, + {{SE_TCB_PRIVILEGE, 0}, SE_TCB_NAME, IDS_TCB_PRIVILEGE}, + {{SE_SECURITY_PRIVILEGE, 0}, SE_SECURITY_NAME, IDS_SECURITY_PRIVILEGE}, + {{SE_TAKE_OWNERSHIP_PRIVILEGE, 0}, SE_TAKE_OWNERSHIP_NAME, IDS_TAKE_OWNERSHIP_PRIVILEGE}, + {{SE_LOAD_DRIVER_PRIVILEGE, 0}, SE_LOAD_DRIVER_NAME, IDS_LOAD_DRIVER_PRIVILEGE}, + {{SE_SYSTEM_PROFILE_PRIVILEGE, 0}, SE_SYSTEM_PROFILE_NAME, IDS_SYSTEM_PROFILE_PRIVILEGE}, + {{SE_SYSTEMTIME_PRIVILEGE, 0}, SE_SYSTEMTIME_NAME, IDS_SYSTEMTIME_PRIVILEGE}, + {{SE_PROF_SINGLE_PROCESS_PRIVILEGE, 0}, SE_PROF_SINGLE_PROCESS_NAME, IDS_PROF_SINGLE_PROCESS_PRIVILEGE}, + {{SE_INC_BASE_PRIORITY_PRIVILEGE, 0}, SE_INC_BASE_PRIORITY_NAME, IDS_INC_BASE_PRIORITY_PRIVILEGE}, + {{SE_CREATE_PAGEFILE_PRIVILEGE, 0}, SE_CREATE_PAGEFILE_NAME, IDS_CREATE_PAGEFILE_PRIVILEGE}, + {{SE_CREATE_PERMANENT_PRIVILEGE, 0}, SE_CREATE_PERMANENT_NAME, IDS_CREATE_PERMANENT_PRIVILEGE}, + {{SE_BACKUP_PRIVILEGE, 0}, SE_BACKUP_NAME, IDS_BACKUP_PRIVILEGE}, + {{SE_RESTORE_PRIVILEGE, 0}, SE_RESTORE_NAME, IDS_RESTORE_PRIVILEGE}, + {{SE_SHUTDOWN_PRIVILEGE, 0}, SE_SHUTDOWN_NAME, IDS_SHUTDOWN_PRIVILEGE}, + {{SE_DEBUG_PRIVILEGE, 0}, SE_DEBUG_NAME, IDS_DEBUG_PRIVILEGE}, + {{SE_AUDIT_PRIVILEGE, 0}, SE_AUDIT_NAME, IDS_AUDIT_PRIVILEGE}, + {{SE_SYSTEM_ENVIRONMENT_PRIVILEGE, 0}, SE_SYSTEM_ENVIRONMENT_NAME, IDS_SYSTEM_ENVIRONMENT_PRIVILEGE}, + {{SE_CHANGE_NOTIFY_PRIVILEGE, 0}, SE_CHANGE_NOTIFY_NAME, IDS_CHANGE_NOTIFY_PRIVILEGE}, + {{SE_REMOTE_SHUTDOWN_PRIVILEGE, 0}, SE_REMOTE_SHUTDOWN_NAME, IDS_REMOTE_SHUTDOWN_PRIVILEGE}, + {{SE_UNDOCK_PRIVILEGE, 0}, SE_UNDOCK_NAME, IDS_UNDOCK_PRIVILEGE}, + {{SE_SYNC_AGENT_PRIVILEGE, 0}, SE_SYNC_AGENT_NAME, IDS_SYNC_AGENT_PRIVILEGE}, + {{SE_ENABLE_DELEGATION_PRIVILEGE, 0}, SE_ENABLE_DELEGATION_NAME, IDS_ENABLE_DELEGATION_PRIVILEGE}, + {{SE_MANAGE_VOLUME_PRIVILEGE, 0}, SE_MANAGE_VOLUME_NAME, IDS_MANAGE_VOLUME_PRIVILEGE}, + {{SE_IMPERSONATE_PRIVILEGE, 0}, SE_IMPERSONATE_NAME, IDS_IMPERSONATE_PRIVILEGE}, + {{SE_CREATE_GLOBAL_PRIVILEGE, 0}, SE_CREATE_GLOBAL_NAME, IDS_CREATE_GLOBAL_PRIVILEGE} }; static const RIGHT_DATA WellKnownRights[] = @@ -118,6 +120,7 @@ LsarpLookupPrivilegeName(PLUID Value, return STATUS_NO_SUCH_PRIVILEGE; } + NTSTATUS LsarpLookupPrivilegeDisplayName(PRPC_UNICODE_STRING Name, USHORT ClientLanguage, @@ -126,30 +129,97 @@ LsarpLookupPrivilegeDisplayName(PRPC_UNICODE_STRING Name, USHORT *LanguageReturned) { PRPC_UNICODE_STRING DisplayNameBuffer; - UNIMPLEMENTED; + HINSTANCE hInstance; + ULONG Index; + UINT nLength; - /* For now, description is equal to privilege name */ + TRACE("LsarpLookupPrivilegeDisplayName(%p 0x%04hu 0x%04hu %p %p)", + Name, ClientLanguage, ClientSystemDefaultLanguage, DisplayName, LanguageReturned); - DisplayNameBuffer = MIDL_user_allocate(sizeof(RPC_UNICODE_STRING)); - if (DisplayNameBuffer == NULL) + if (Name->Length == 0 || Name->Buffer == NULL) + return STATUS_INVALID_PARAMETER; + + hInstance = GetModuleHandleW(L"lsasrv.dll"); + + for (Index = 0; Index < ARRAYSIZE(WellKnownPrivileges); Index++) { - return STATUS_NO_MEMORY; - } - DisplayNameBuffer->Length = Name->Length; - DisplayNameBuffer->MaximumLength = Name->MaximumLength; + if (_wcsicmp(Name->Buffer, WellKnownPrivileges[Index].Name) == 0) + { + TRACE("Index: %u\n", Index); + nLength = LsapGetResourceStringLengthEx(hInstance, + IDS_CREATE_TOKEN_PRIVILEGE + Index, + ClientLanguage); + if (nLength != 0) + { + DisplayNameBuffer = MIDL_user_allocate(sizeof(RPC_UNICODE_STRING)); + if (DisplayNameBuffer == NULL) + return STATUS_NO_MEMORY; - DisplayNameBuffer->Buffer = MIDL_user_allocate(DisplayNameBuffer->MaximumLength); - if (DisplayNameBuffer->Buffer == NULL) - { - MIDL_user_free(DisplayNameBuffer); - return STATUS_NO_MEMORY; + DisplayNameBuffer->Length = nLength * sizeof(WCHAR); + DisplayNameBuffer->MaximumLength = DisplayNameBuffer->Length + sizeof(WCHAR); + + DisplayNameBuffer->Buffer = MIDL_user_allocate(DisplayNameBuffer->MaximumLength); + if (DisplayNameBuffer->Buffer == NULL) + { + MIDL_user_free(DisplayNameBuffer); + return STATUS_NO_MEMORY; + } + + LsapLoadStringEx(hInstance, + IDS_CREATE_TOKEN_PRIVILEGE + Index, + ClientLanguage, + DisplayNameBuffer->Buffer, + nLength); + + *DisplayName = DisplayNameBuffer; + *LanguageReturned = ClientLanguage; + } + else + { + nLength = LsapGetResourceStringLengthEx(hInstance, + IDS_CREATE_TOKEN_PRIVILEGE + Index, + ClientSystemDefaultLanguage); + if (nLength != 0) + { + DisplayNameBuffer = MIDL_user_allocate(sizeof(RPC_UNICODE_STRING)); + if (DisplayNameBuffer == NULL) + return STATUS_NO_MEMORY; + + DisplayNameBuffer->Length = nLength * sizeof(WCHAR); + DisplayNameBuffer->MaximumLength = DisplayNameBuffer->Length + sizeof(WCHAR); + + DisplayNameBuffer->Buffer = MIDL_user_allocate(DisplayNameBuffer->MaximumLength); + if (DisplayNameBuffer->Buffer == NULL) + { + MIDL_user_free(DisplayNameBuffer); + return STATUS_NO_MEMORY; + } + + LsapLoadStringEx(hInstance, + IDS_CREATE_TOKEN_PRIVILEGE + Index, + ClientSystemDefaultLanguage, + DisplayNameBuffer->Buffer, + nLength); + + *DisplayName = DisplayNameBuffer; + *LanguageReturned = ClientSystemDefaultLanguage; + } + else + { + return STATUS_INVALID_PARAMETER; +#if 0 + nLength = LsapGetResourceStringLengthEx(hInstance, + IDS_CREATE_TOKEN_PRIVILEGE + Index, + 0x409); +#endif + } + } + + return STATUS_SUCCESS; + } } - wcscpy(DisplayNameBuffer->Buffer, Name->Buffer); - - *DisplayName = DisplayNameBuffer; - - return STATUS_SUCCESS; + return STATUS_NO_SUCH_PRIVILEGE; } diff --git a/reactos/dll/win32/lsasrv/utils.c b/reactos/dll/win32/lsasrv/utils.c index 6db656d9ecb..11ad930907f 100644 --- a/reactos/dll/win32/lsasrv/utils.c +++ b/reactos/dll/win32/lsasrv/utils.c @@ -60,6 +60,94 @@ LsapLoadString(HINSTANCE hInstance, } +INT +LsapGetResourceStringLengthEx( + _In_ HINSTANCE hInstance, + _In_ UINT uId, + _In_ USHORT usLanguage) +{ + HGLOBAL hmem; + HRSRC hrsrc; + WCHAR *p; + UINT i, string_num; + + /* Use loword (incremented by 1) as resourceid */ +// hrsrc = FindResourceExW(hInstance, +// MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1), +// (LPWSTR)RT_STRING, +// usLanguage); + hrsrc = FindResourceW(hInstance, + MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1), + (LPWSTR)RT_STRING); + if (!hrsrc) + return 0; + + hmem = LoadResource(hInstance, hrsrc); + if (!hmem) + return 0; + + p = LockResource(hmem); + string_num = uId & 0x000f; + for (i = 0; i < string_num; i++) + p += *p + 1; + + return *p + 1; +} + + +INT +LsapLoadStringEx( + _In_ HINSTANCE hInstance, + _In_ UINT uId, + _In_ USHORT usLanguage, + _Out_ LPWSTR lpBuffer, + _Out_ INT nBufferMax) +{ + HGLOBAL hmem; + HRSRC hrsrc; + WCHAR *p; + int string_num; + int i; + + /* Use loword (incremented by 1) as resourceid */ +// hrsrc = FindResourceExW(hInstance, +// MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1), +// (LPWSTR)RT_STRING, +// usLanguage); + hrsrc = FindResourceW(hInstance, + MAKEINTRESOURCEW((LOWORD(uId) >> 4) + 1), + (LPWSTR)RT_STRING); + if (!hrsrc) + return 0; + + hmem = LoadResource(hInstance, hrsrc); + if (!hmem) + return 0; + + p = LockResource(hmem); + string_num = uId & 0x000f; + for (i = 0; i < string_num; i++) + p += *p + 1; + + i = min(nBufferMax - 1, *p); + if (i > 0) + { + memcpy(lpBuffer, p + 1, i * sizeof(WCHAR)); + lpBuffer[i] = 0; + } + else + { + if (nBufferMax > 1) + { + lpBuffer[0] = 0; + return 0; + } + } + + return i; +} + + PSID LsapAppendRidToSid( PSID SrcSid,