This effectively removes the temporary hacks introduced in r73486 (a35a785b)
and in r73487 (0ce031f7) for the LocalService and NetworkService accounts.
Now these accounts (and their corresponding user profiles) are created
on the fly, the first time a service that needs these is started.
The code introduced in r73501 (ade0d2cd) is now re-enabled: this has
been made possible thanks to commit f42b4bbe (thanks Eric!).
Dedicated to Joachim Henze ;-)
CORE-12541, CORE-12279
Refactor the font engine code in "win32ss/gdi/ntgdi/freetype.c".
- Add "g_" prefix to global variables.
- Make the locking macros function-like.
CORE-13065
- Overhaul SepCreateToken() and SepDuplicateToken() so that they
implement the "variable information area" of the token, where
immutable lists of user & groups and privileges reside, and the
"dynamic information area" (allocated separately in paged pool),
where mutable data such as the token's default DACL is stored.
Perform the necessary adaptations in SepDeleteToken() and in
NtSetInformationToken().
- Actually dereference the token's logon session, when needed, in the
'TokenSessionReference' case in NtSetInformationToken().
- Overhaul SepFindPrimaryGroupAndDefaultOwner() so that it returns
the indices of candidate primary group and default owner within the
token's user & groups array. This allows for fixing the 'TokenOwner'
and 'TokenPrimaryGroup' cases of NtSetInformationToken(), since the
owner or primary group being set *MUST* already exist in the token's
user & groups array (as a by-product, memory corruptions that existed
before due to the broken way of setting these properties disappear too).
- Lock tokens every time operations are performed on them (NOTE: we
still use a global token lock!).
- Touch the ModifiedId LUID member of tokens everytime a write operation
(property change, etc...) is made on them.
- Fix some group attributes in the SYSTEM process token, SepCreateSystemProcessToken().
- Make the SeCreateTokenPrivilege mandatory when calling NtCreateToken().
- Update the token pool tags.
- Explicitly use the Ex*ResourceLite() versions of the locking functions
in the token locking macros.
- Use TRUE/FALSE instead of 1/0 for booleans.
- Use NULL instead of 0 for null pointers.
- Print 0x prefix for hex values in DPRINTs.
- Use new annotations for SepCreateToken() and SepDuplicateToken().
Caught while debugging, in the case the ImpersonationLevel value was
uninitialized, due to the fact it was left untouched on purpose by
PsReferenceEffectiveToken().
- Use a common helper function used by both the ANSI and UNICODE functions
so that the large code block that deals with setting the new process token
becomes automatically common to both these functions, while the ANSI vs.
UNICODE conversions are handled directly via the CreateProcessA/W() calls.
- Duplicate the token and acquire the process primary token assignment
privilege before calling NtSetInformationProcess().
Function TRASH_CanTrashFile() would always fail because GetVolumeInformationW() requires only the base root path. The path (stored in buffer wszRootPathName) was not being stripped correctly.
CORE-12340
