Currently CreateProcessAsUserCommon doesn't set a default descriptor for the newly duplicated token object for the new process nor it sets any security information for both the process and thread. This is wrong, because when the process is created on behalf of the user's security context,
it still uses the previous security information of the creator that initially gave birth to the process. CreateDefaultProcessSecurityCommon function will serve as a placeholder until CreatePrivateObjectSecurity is implemented.
Refactor the function in such a way that it can jump to a single exit but most importantly, implement a "rinse and repeat" mechanism where we assign a primary token to process by disabling impersonation first and retry with impersonation later.
More info can be found in the documention within the code.
Instead of duplicating the token and masquerade it as if the token was filtered (which is a big hack), properly implement CreateRestrictedToken function by calling NtFilterToken which it'll create a restricted token for us.
In current implementation, when regedit opens HKCR root key, an error is logged
err:(dll/win32/advapi32/reg/hkcr.c:964) Returning 259.
This is not correct as the code 259 is ERROR_NO_MORE_ITEMS which is the nominal return value when end of enumeration is reached.
- Reserve the pipe NtControlPipe0 for the security process.
- Count regular service control pipes from 1.
- Use I_ScIsSecurityProcess to identify the security process.
- Services.exe uses the SECURITY_SERVICES_STARTED event to notify the security process that NtControlPipe0 is ready for use.
TOKEN_SOURCE::SourceString is an 8 char non-null-terminated string. Copy it as such.
Fixes GCC 8 warning:
dll/win32/advapi32/misc/logon.c:638:5: error: 'strncpy' output truncated before terminating nul copying 8 bytes from a string of the same length [-Werror=stringop-truncation]
strncpy(TokenSource.SourceName, "Advapi ", sizeof(TokenSource.SourceName));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* [ADVAPI32] Simplify RtlCreateUnicodeStringFromAsciiz() return value check
RtlCreateUnicodeStringFromAsciiz() returns a BOOLEAN, not a BOOL.
No functional change.
Addendum to
CORE-14271
* [USER32] Simplify RtlCreateUnicodeStringFromAsciiz() return value check
RtlCreateUnicodeStringFromAsciiz() returns a BOOLEAN, not a UINT.
Also, add a FIXME.
No functional change.
Addendum to
CORE-14271
* [USER32] Simplify RegisterClipboardFormatA/W() a bit
No functional change.
* [UDFS] Simplify SeSinglePrivilegeCheck() return value check
No functional change.
Addendum to
CORE-14271
This fixes the following compiler error:
../dll/win32/advapi32/service/eventlog.c:658:59: error: passing argument 3 of 'ElfrChangeNotify' makes integer from pointer without a cast [-Werror=int-conversion]
dll/win32/advapi32/eventlogrpc_c.h:391:20: note: expected 'ULONG {aka long unsigned int}' but argument is of type 'HANDLE {aka void *}'
There is no need to compile our DLLs as shared libraries since we are
managing symbols exports and imports through spec files.
On my system, this reduces the configure-time by a factor of two.
This is wrong and messes up with internal structures (such as TEB).
For the two needed functions which are "NT6+", they were exported
with NT6, but already existed in W2K3 SP2.
This might fix random bugs
CORE-15526
- Check whether the user-provided token is a primary token.
- Do not fail when the RtlAdjustPrivilege() call fails (see the code
comment for an explanation). TL;DR is: that call may indeed fail but
the privilege may also not be necessary because the user-provided
token is a restricted version of the caller's primary token.
And this is situation is perfectly fine.
This fixes Java 7 installation, CORE-14874.
Also comment about the observed behaviour of the returned number of "characters"
returned by the ANSI versions of these APIs (which is tested by advapi32_winetest:service).
[ADVAPI32:SCM] Add a comment concerning wide characters vs. bytes mismatch.
- Encrypt passwords before passing them to the service manager. Right now, we are using a fixed encryption key. This will be fixed later.
- Replace the calls to ZeroMemory which are used to wipe the password buffers by calls to SecureZeroMemory.
- Use a common helper function used by both the ANSI and UNICODE functions
so that the large code block that deals with setting the new process token
becomes automatically common to both these functions, while the ANSI vs.
UNICODE conversions are handled directly via the CreateProcessA/W() calls.
- Duplicate the token and acquire the process primary token assignment
privilege before calling NtSetInformationProcess().
Import the following Wine commits:
* 79636bebbfa Michael Müller: advapi32: Set last error to ERROR_SUCCESS in GetSidIdentifierAuthority.
* 1d03ba76116 Hans Leidekker: advapi32: Fix parsing empty DACL/SACL security descriptor strings.
* 5bc2e83c7ab Hans Leidekker: advapi32: Fix size returned from ConvertStringSecurityDescriptorToSecurityDescriptor on 64-bit.
ScControlService:
- SEH-protext the calls to service control handlers.
- Return ERROR_EXCEPTION_IN_SERVICE if a service control handler throws an exception.
- Return ERROR_SERVICE_CANNOT_ACCEPT_CTRL if no service control handler has been registered for the service.
