Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-02-24 17:34:57 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ADVAPI32]

Browse source 
- Use LookupAccountNameW to retrieve the account SID when a user tries to log-on to a computer.
- Little clean-up of LogonUserW.
This is the first step to get rid of hard-coded logon stuff.

svn path=/trunk/; revision=57601
This commit is contained in:
Eric Kohl 2012-10-23 21:59:43 +00:00
parent f24aa3981d
commit e5723cc926
1 changed files with 76 additions and 60 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

136
reactos/dll/win32/advapi32/misc/logon.c
View file

@ -310,53 +310,72 @@ static BOOL WINAPI
GetUserSid(LPCWSTR UserName, GetUserSid(LPCWSTR UserName,
PSID *Sid) PSID *Sid)
{ {
PSID AccountDomainSid = NULL; PSID SidBuffer = NULL;
ULONG ulUserRid; PWSTR DomainBuffer = NULL;
DWORD dwLength; DWORD cbSidSize = 0;
HKEY hNamesKey = NULL; DWORD cchDomSize = 0;
BOOL bResult = TRUE; SID_NAME_USE Use;
BOOL res = TRUE;
if (!GetAccountDomainSid(&AccountDomainSid)) *Sid = NULL;
{
LookupAccountNameW(NULL,
UserName,
NULL,
&cbSidSize,
NULL,
&cchDomSize,
&Use);
if (cbSidSize == 0 || cchDomSize == 0)
return FALSE; return FALSE;
}
/* Open the Users\Names key */ SidBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
if (RegOpenKeyExW(HKEY_LOCAL_MACHINE, HEAP_ZERO_MEMORY,
L"SAM\\SAM\\Domains\\Account\\Users\\Names", cbSidSize);
0, if (SidBuffer == NULL)
KEY_READ, return FALSE;
&hNamesKey))
DomainBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
HEAP_ZERO_MEMORY,
cchDomSize * sizeof(WCHAR));
if (DomainBuffer == NULL)
{ {
ERR("Failed to open Users\\Names key! (Error %lu)\n", GetLastError()); res = FALSE;
bResult = FALSE;
goto done; goto done;
} }
/* Read the user RID */ if (!LookupAccountNameW(NULL,
dwLength = sizeof(ULONG); UserName,
if (RegQueryValueExW(hNamesKey, SidBuffer,
UserName, &cbSidSize,
NULL, DomainBuffer,
NULL, &cchDomSize,
(LPBYTE)&ulUserRid, &Use))
&dwLength))
{ {
ERR("Failed to read the SID! (Error %ld)\n", GetLastError()); res = FALSE;
bResult = FALSE;
goto done; goto done;
} }
*Sid = AppendRidToSid(AccountDomainSid, ulUserRid); if (Use != SidTypeUser)
{
res = FALSE;
goto done;
}
*Sid = SidBuffer;
done: done:
if (hNamesKey != NULL) if (DomainBuffer != NULL)
RegCloseKey(hNamesKey); RtlFreeHeap(RtlGetProcessHeap(), 0, DomainBuffer);
if (AccountDomainSid != NULL) if (res == FALSE)
RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid); {
if (SidBuffer != NULL)
RtlFreeHeap(RtlGetProcessHeap(), 0, SidBuffer);
}
return bResult; return res;
} }
@ -593,8 +612,8 @@ LogonUserW(LPWSTR lpszUsername,
TOKEN_USER TokenUser; TOKEN_USER TokenUser;
TOKEN_OWNER TokenOwner; TOKEN_OWNER TokenOwner;
TOKEN_PRIMARY_GROUP TokenPrimaryGroup; TOKEN_PRIMARY_GROUP TokenPrimaryGroup;
PTOKEN_GROUPS TokenGroups; PTOKEN_GROUPS TokenGroups = NULL;
PTOKEN_PRIVILEGES TokenPrivileges; PTOKEN_PRIVILEGES TokenPrivileges = NULL;
TOKEN_DEFAULT_DACL TokenDefaultDacl; TOKEN_DEFAULT_DACL TokenDefaultDacl;
LARGE_INTEGER ExpirationTime; LARGE_INTEGER ExpirationTime;
LUID AuthenticationId; LUID AuthenticationId;
@ -603,10 +622,10 @@ LogonUserW(LPWSTR lpszUsername,
PSID PrimaryGroupSid = NULL; PSID PrimaryGroupSid = NULL;
PSID OwnerSid = NULL; PSID OwnerSid = NULL;
PSID LocalSystemSid; PSID LocalSystemSid;
PACL Dacl; PACL Dacl = NULL;
NTSTATUS Status;
SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY}; SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
unsigned i; unsigned i;
NTSTATUS Status = STATUS_SUCCESS;
Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE); Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
Qos.ImpersonationLevel = SecurityAnonymous; Qos.ImpersonationLevel = SecurityAnonymous;
@ -641,11 +660,10 @@ LogonUserW(LPWSTR lpszUsername,
/* Allocate and initialize token groups */ /* Allocate and initialize token groups */
TokenGroups = AllocateGroupSids(&PrimaryGroupSid, TokenGroups = AllocateGroupSids(&PrimaryGroupSid,
&OwnerSid); &OwnerSid);
if (NULL == TokenGroups) if (TokenGroups == NULL)
{ {
RtlFreeSid(UserSid); Status = STATUS_INSUFFICIENT_RESOURCES;
SetLastError(ERROR_OUTOFMEMORY); goto done;
return FALSE;
} }
/* Allocate and initialize token privileges */ /* Allocate and initialize token privileges */
@ -653,12 +671,10 @@ LogonUserW(LPWSTR lpszUsername,
sizeof(TOKEN_PRIVILEGES) sizeof(TOKEN_PRIVILEGES)
+ sizeof(DefaultPrivs) / sizeof(DefaultPrivs[0]) + sizeof(DefaultPrivs) / sizeof(DefaultPrivs[0])
* sizeof(LUID_AND_ATTRIBUTES)); * sizeof(LUID_AND_ATTRIBUTES));
if (NULL == TokenPrivileges) if (TokenPrivileges == NULL)
{ {
FreeGroupSids(TokenGroups); Status = STATUS_INSUFFICIENT_RESOURCES;
RtlFreeSid(UserSid); goto done;
SetLastError(ERROR_OUTOFMEMORY);
return FALSE;
} }
TokenPrivileges->PrivilegeCount = 0; TokenPrivileges->PrivilegeCount = 0;
@ -683,21 +699,13 @@ LogonUserW(LPWSTR lpszUsername,
Dacl = RtlAllocateHeap(GetProcessHeap(), 0, 1024); Dacl = RtlAllocateHeap(GetProcessHeap(), 0, 1024);
if (Dacl == NULL) if (Dacl == NULL)
{ {
FreeGroupSids(TokenGroups); Status = STATUS_INSUFFICIENT_RESOURCES;
RtlFreeSid(UserSid); goto done;
SetLastError(ERROR_OUTOFMEMORY);
return FALSE;
} }
Status = RtlCreateAcl(Dacl, 1024, ACL_REVISION); Status = RtlCreateAcl(Dacl, 1024, ACL_REVISION);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ goto done;
RtlFreeHeap(GetProcessHeap(), 0, Dacl);
FreeGroupSids(TokenGroups);
RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges);
RtlFreeSid(UserSid);
return FALSE;
}
RtlAddAccessAllowedAce(Dacl, RtlAddAccessAllowedAce(Dacl,
ACL_REVISION, ACL_REVISION,
@ -754,10 +762,18 @@ LogonUserW(LPWSTR lpszUsername,
&TokenDefaultDacl, &TokenDefaultDacl,
&TokenSource); &TokenSource);
RtlFreeHeap(GetProcessHeap(), 0, Dacl); done:
FreeGroupSids(TokenGroups); if (Dacl != NULL)
RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges); RtlFreeHeap(GetProcessHeap(), 0, Dacl);
RtlFreeSid(UserSid);
if (TokenGroups != NULL)
FreeGroupSids(TokenGroups);
if (TokenPrivileges != NULL)
RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges);
if (UserSid != NULL)
RtlFreeHeap(GetProcessHeap(), 0, UserSid);
return NT_SUCCESS(Status); return NT_SUCCESS(Status);
} }