Ros-diffs October 2012

ros-diffs@reactos.org

14 participants
211 discussions

[ekohl] 57520: [LSASRV] - Add missing SAM domain lookup code. - Fix a bug in the calls to SamrCloseHandle.
by ekohl＠svn.reactos.org 08 Oct '12

08 Oct '12

Author: ekohl Date: Mon Oct 8 19:23:06 2012 New Revision: 57520 URL: http://svn.reactos.org/svn/reactos?rev=57520&view=rev Log: [LSASRV] - Add missing SAM domain lookup code. - Fix a bug in the calls to SamrCloseHandle. Modified: trunk/reactos/dll/win32/lsasrv/sids.c Modified: trunk/reactos/dll/win32/lsasrv/sids.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/sids.c?re… ============================================================================== --- trunk/reactos/dll/win32/lsasrv/sids.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/sids.c [iso-8859-1] Mon Oct 8 19:23:06 2012 @@ -58,6 +58,14 @@ IN ULONG *RelativeIds, OUT PSAMPR_RETURNED_USTRING_ARRAY Names, OUT PSAMPR_ULONG_ARRAY Use); + +NTSTATUS +NTAPI +SamrLookupNamesInDomain(IN SAMPR_HANDLE DomainHandle, + IN ULONG Count, + IN RPC_UNICODE_STRING Names[], + OUT PSAMPR_ULONG_ARRAY RelativeIds, + OUT PSAMPR_ULONG_ARRAY Use); typedef struct _WELL_KNOWN_SID @@ -895,6 +903,44 @@ } +static PSID +CreateSidFromSidAndRid(PSID SrcSid, + ULONG RelativeId) +{ + UCHAR RidCount; + PSID DstSid; + ULONG i; + ULONG DstSidSize; + PULONG p, q; + + RidCount = *RtlSubAuthorityCountSid(SrcSid); + if (RidCount >= 8) + return NULL; + + DstSidSize = RtlLengthRequiredSid(RidCount + 1); + + DstSid = MIDL_user_allocate(DstSidSize); + if (DstSid == NULL) + return FALSE; + + RtlInitializeSid(DstSid, + RtlIdentifierAuthoritySid(SrcSid), + RidCount + 1); + + for (i = 0; i < (ULONG)RidCount; i++) + { + p = RtlSubAuthoritySid(SrcSid, i); + q = RtlSubAuthoritySid(DstSid, i); + *q = *p; + } + + q = RtlSubAuthoritySid(DstSid, (ULONG)RidCount); + *q = RelativeId; + + return DstSid; +} + + static NTSTATUS LsapLookupIsolatedNames(DWORD Count, @@ -908,7 +954,6 @@ ULONG DomainIndex; ULONG i; NTSTATUS Status = STATUS_SUCCESS; - LPWSTR SidString = NULL; for (i = 0; i < Count; i++) { @@ -960,14 +1005,26 @@ continue; } - /* FIXME: Look-up the built-in domain */ - - ConvertSidToStringSidW(AccountDomainSid, &SidString); - TRACE("Account Domain SID: %S\n", SidString); - LocalFree(SidString); - SidString = NULL; - - TRACE("Account Domain Name: %wZ\n", &AccountDomainName); + /* Look-up the built-in domain */ + if (RtlEqualUnicodeString((PUNICODE_STRING)&AccountNames[i], &BuiltinDomainName, TRUE)) + { + SidsBuffer[i].Use = SidTypeDomain; + SidsBuffer[i].Sid = BuiltinDomainSid; + SidsBuffer[i].DomainIndex = -1; + SidsBuffer[i].Flags = 0; + + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &BuiltinDomainName, + BuiltinDomainSid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + SidsBuffer[i].DomainIndex = DomainIndex; + + (*Mapped)++; + continue; + } /* Look-up the account domain */ if (RtlEqualUnicodeString((PUNICODE_STRING)&AccountNames[i], &AccountDomainName, TRUE)) @@ -994,18 +1051,380 @@ /* FIXME: Look-up the trusted domains */ - /* FIXME: Look-up accounts in the built-in domain */ - - /* FIXME: Look-up accounts in the account domain */ - - /* FIXME: Look-up accounts in the primary domain */ - - /* FIXME: Look-up accounts in the trusted domains */ } done: return Status; } + + +static +NTSTATUS +LsapLookupIsolatedBuiltinNames(DWORD Count, + PRPC_UNICODE_STRING DomainNames, + PRPC_UNICODE_STRING AccountNames, + PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, + PLSAPR_TRANSLATED_SID_EX2 SidsBuffer, + PULONG Mapped) +{ + SAMPR_HANDLE ServerHandle = NULL; + SAMPR_HANDLE DomainHandle = NULL; + SAMPR_ULONG_ARRAY RelativeIds = {0, NULL}; + SAMPR_ULONG_ARRAY Use = {0, NULL}; + ULONG DomainIndex; + ULONG i; + NTSTATUS Status = STATUS_SUCCESS; + + Status = SamrConnect(NULL, + &ServerHandle, + SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN); + if (!NT_SUCCESS(Status)) + { + TRACE("SamrConnect failed (Status %08lx)\n", Status); + goto done; + } + + Status = SamrOpenDomain(ServerHandle, + DOMAIN_LOOKUP, + BuiltinDomainSid, + &DomainHandle); + if (!NT_SUCCESS(Status)) + { + TRACE("SamOpenDomain failed (Status %08lx)\n", Status); + goto done; + } + + for (i = 0; i < Count; i++) + { + /* Ignore names which were already mapped */ + if (SidsBuffer[i].Use != SidTypeUnknown) + continue; + + /* Ignore fully qualified account names */ + if (DomainNames[i].Length != 0) + continue; + + Status = SamrLookupNamesInDomain(DomainHandle, + 1, + &AccountNames[i], + &RelativeIds, + &Use); + if (NT_SUCCESS(Status)) + { + SidsBuffer[i].Use = Use.Element[0]; + SidsBuffer[i].Sid = CreateSidFromSidAndRid(BuiltinDomainSid, + RelativeIds.Element[0]); + if (SidsBuffer[i].Sid == NULL) + goto done; + + SidsBuffer[i].DomainIndex = -1; + SidsBuffer[i].Flags = 0; + + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &BuiltinDomainName, + BuiltinDomainSid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + SidsBuffer[i].DomainIndex = DomainIndex; + + (*Mapped)++; + } + + SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds); + SamIFree_SAMPR_ULONG_ARRAY(&Use); + } + +done: + if (DomainHandle != NULL) + SamrCloseHandle(&DomainHandle); + + if (ServerHandle != NULL) + SamrCloseHandle(&ServerHandle); + + return Status; +} + + +static +NTSTATUS +LsapLookupIsolatedAccountNames(DWORD Count, + PRPC_UNICODE_STRING DomainNames, + PRPC_UNICODE_STRING AccountNames, + PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, + PLSAPR_TRANSLATED_SID_EX2 SidsBuffer, + PULONG Mapped) +{ + SAMPR_HANDLE ServerHandle = NULL; + SAMPR_HANDLE DomainHandle = NULL; + SAMPR_ULONG_ARRAY RelativeIds = {0, NULL}; + SAMPR_ULONG_ARRAY Use = {0, NULL}; + ULONG DomainIndex; + ULONG i; + NTSTATUS Status = STATUS_SUCCESS; + + TRACE("()\n"); + + Status = SamrConnect(NULL, + &ServerHandle, + SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN); + if (!NT_SUCCESS(Status)) + { + TRACE("SamrConnect failed (Status %08lx)\n", Status); + goto done; + } + + Status = SamrOpenDomain(ServerHandle, + DOMAIN_LOOKUP, + AccountDomainSid, + &DomainHandle); + if (!NT_SUCCESS(Status)) + { + TRACE("SamOpenDomain failed (Status %08lx)\n", Status); + goto done; + } + + for (i = 0; i < Count; i++) + { + /* Ignore names which were already mapped */ + if (SidsBuffer[i].Use != SidTypeUnknown) + continue; + + /* Ignore fully qualified account names */ + if (DomainNames[i].Length != 0) + continue; + + TRACE("Mapping name: %wZ\n", &AccountNames[i]); + + Status = SamrLookupNamesInDomain(DomainHandle, + 1, + &AccountNames[i], + &RelativeIds, + &Use); + if (NT_SUCCESS(Status)) + { + TRACE("Found relative ID: %lu\n", RelativeIds.Element[0]); + + SidsBuffer[i].Use = Use.Element[0]; + SidsBuffer[i].Sid = CreateSidFromSidAndRid(AccountDomainSid, + RelativeIds.Element[0]); + if (SidsBuffer[i].Sid == NULL) + goto done; + + SidsBuffer[i].DomainIndex = -1; + SidsBuffer[i].Flags = 0; + + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &AccountDomainName, + AccountDomainSid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + SidsBuffer[i].DomainIndex = DomainIndex; + + (*Mapped)++; + } + + SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds); + SamIFree_SAMPR_ULONG_ARRAY(&Use); + } + +done: + if (DomainHandle != NULL) + SamrCloseHandle(&DomainHandle); + + if (ServerHandle != NULL) + SamrCloseHandle(&ServerHandle); + + return Status; +} + + +static +NTSTATUS +LsapLookupBuiltinNames(DWORD Count, + PRPC_UNICODE_STRING DomainNames, + PRPC_UNICODE_STRING AccountNames, + PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, + PLSAPR_TRANSLATED_SID_EX2 SidsBuffer, + PULONG Mapped) +{ + SAMPR_HANDLE ServerHandle = NULL; + SAMPR_HANDLE DomainHandle = NULL; + SAMPR_ULONG_ARRAY RelativeIds = {0, NULL}; + SAMPR_ULONG_ARRAY Use = {0, NULL}; + ULONG DomainIndex; + ULONG i; + NTSTATUS Status = STATUS_SUCCESS; + + Status = SamrConnect(NULL, + &ServerHandle, + SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN); + if (!NT_SUCCESS(Status)) + { + TRACE("SamrConnect failed (Status %08lx)\n", Status); + goto done; + } + + Status = SamrOpenDomain(ServerHandle, + DOMAIN_LOOKUP, + BuiltinDomainSid, + &DomainHandle); + if (!NT_SUCCESS(Status)) + { + TRACE("SamOpenDomain failed (Status %08lx)\n", Status); + goto done; + } + + for (i = 0; i < Count; i++) + { + /* Ignore names which were already mapped */ + if (SidsBuffer[i].Use != SidTypeUnknown) + continue; + + /* Ignore isolated account names */ + if (DomainNames[i].Length == 0) + continue; + + if (!RtlEqualUnicodeString((PUNICODE_STRING)&DomainNames[i], &BuiltinDomainName, TRUE)) + continue; + + Status = SamrLookupNamesInDomain(DomainHandle, + 1, + &AccountNames[i], + &RelativeIds, + &Use); + if (NT_SUCCESS(Status)) + { + SidsBuffer[i].Use = Use.Element[0]; + SidsBuffer[i].Sid = CreateSidFromSidAndRid(BuiltinDomainSid, + RelativeIds.Element[0]); + if (SidsBuffer[i].Sid == NULL) + goto done; + + SidsBuffer[i].DomainIndex = -1; + SidsBuffer[i].Flags = 0; + + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &BuiltinDomainName, + BuiltinDomainSid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + SidsBuffer[i].DomainIndex = DomainIndex; + + (*Mapped)++; + } + + SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds); + SamIFree_SAMPR_ULONG_ARRAY(&Use); + } + +done: + if (DomainHandle != NULL) + SamrCloseHandle(&DomainHandle); + + if (ServerHandle != NULL) + SamrCloseHandle(&ServerHandle); + + return Status; +} + + +static +NTSTATUS +LsapLookupAccountNames(DWORD Count, + PRPC_UNICODE_STRING DomainNames, + PRPC_UNICODE_STRING AccountNames, + PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, + PLSAPR_TRANSLATED_SID_EX2 SidsBuffer, + PULONG Mapped) +{ + SAMPR_HANDLE ServerHandle = NULL; + SAMPR_HANDLE DomainHandle = NULL; + SAMPR_ULONG_ARRAY RelativeIds = {0, NULL}; + SAMPR_ULONG_ARRAY Use = {0, NULL}; + ULONG DomainIndex; + ULONG i; + NTSTATUS Status = STATUS_SUCCESS; + + Status = SamrConnect(NULL, + &ServerHandle, + SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN); + if (!NT_SUCCESS(Status)) + { + TRACE("SamrConnect failed (Status %08lx)\n", Status); + goto done; + } + + Status = SamrOpenDomain(ServerHandle, + DOMAIN_LOOKUP, + AccountDomainSid, + &DomainHandle); + if (!NT_SUCCESS(Status)) + { + TRACE("SamOpenDomain failed (Status %08lx)\n", Status); + goto done; + } + + for (i = 0; i < Count; i++) + { + /* Ignore names which were already mapped */ + if (SidsBuffer[i].Use != SidTypeUnknown) + continue; + + /* Ignore isolated account names */ + if (DomainNames[i].Length == 0) + continue; + + if (!RtlEqualUnicodeString((PUNICODE_STRING)&DomainNames[i], &AccountDomainName, TRUE)) + continue; + + Status = SamrLookupNamesInDomain(DomainHandle, + 1, + &AccountNames[i], + &RelativeIds, + &Use); + if (NT_SUCCESS(Status)) + { + SidsBuffer[i].Use = Use.Element[0]; + SidsBuffer[i].Sid = CreateSidFromSidAndRid(AccountDomainSid, + RelativeIds.Element[0]); + if (SidsBuffer[i].Sid == NULL) + goto done; + + SidsBuffer[i].DomainIndex = -1; + SidsBuffer[i].Flags = 0; + + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &AccountDomainName, + AccountDomainSid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + SidsBuffer[i].DomainIndex = DomainIndex; + + (*Mapped)++; + } + + SamIFree_SAMPR_ULONG_ARRAY(&RelativeIds); + SamIFree_SAMPR_ULONG_ARRAY(&Use); + } + +done: + if (DomainHandle != NULL) + SamrCloseHandle(&DomainHandle); + + if (ServerHandle != NULL) + SamrCloseHandle(&ServerHandle); + + return Status; +} + NTSTATUS @@ -1081,6 +1500,7 @@ goto done; } + Status = LsapLookupIsolatedNames(Count, DomainNames, AccountNames, @@ -1094,57 +1514,57 @@ goto done; -#if 0 - for (i = 0; i < Count; i++) - { -//TRACE("Name: %wZ\n", &Names[i]); - -//TRACE("Domain name: %wZ\n", &DomainNames[i]); -//TRACE("Account name: %wZ\n", &AccountNames[i]); - ptr2 = NULL; - ptr = LsapLookupWellKnownName((PUNICODE_STRING)&AccountNames[i]); - if (ptr != NULL) - { -//TRACE("Found well known account!\n"); - SidsBuffer[i].Use = ptr->Use; - SidsBuffer[i].Sid = ptr->Sid; - - SidsBuffer[i].DomainIndex = -1; - SidsBuffer[i].Flags = 0; - - if (DomainNames[i].Length != 0) - { - ptr2= LsapLookupWellKnownName((PUNICODE_STRING)&DomainNames[i]); - if (ptr2 != NULL) - { - Status = LsapAddDomainToDomainsList(DomainsBuffer, - &ptr2->Name, - ptr2->Sid, - &DomainIndex); - if (NT_SUCCESS(Status)) - SidsBuffer[i].DomainIndex = DomainIndex; - } - } - - if (ptr2 == NULL && ptr->Domain.Length != 0) - { - ptr2= LsapLookupWellKnownName(&ptr->Domain); - if (ptr2 != NULL) - { - Status = LsapAddDomainToDomainsList(DomainsBuffer, - &ptr2->Name, - ptr2->Sid, - &DomainIndex); - if (NT_SUCCESS(Status)) - SidsBuffer[i].DomainIndex = DomainIndex; - } - } - - Mapped++; - continue; - } - } -#endif + Status = LsapLookupIsolatedBuiltinNames(Count, + DomainNames, + AccountNames, + DomainsBuffer, + SidsBuffer, + &Mapped); + if (!NT_SUCCESS(Status)) + goto done; + + if (Mapped == Count) + goto done; + + + Status = LsapLookupIsolatedAccountNames(Count, + DomainNames, + AccountNames, + DomainsBuffer, + SidsBuffer, + &Mapped); + if (!NT_SUCCESS(Status)) + goto done; + + if (Mapped == Count) + goto done; + + + + Status = LsapLookupBuiltinNames(Count, + DomainNames, + AccountNames, + DomainsBuffer, + SidsBuffer, + &Mapped); + if (!NT_SUCCESS(Status)) + goto done; + + if (Mapped == Count) + goto done; + + + Status = LsapLookupAccountNames(Count, + DomainNames, + AccountNames, + DomainsBuffer, + SidsBuffer, + &Mapped); + if (!NT_SUCCESS(Status)) + goto done; + + if (Mapped == Count) + goto done; done: // TRACE("done: Status %lx\n", Status); @@ -1273,7 +1693,7 @@ static NTSTATUS -LsapLookupAccountDomainSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, +LsapLookupBuiltinDomainSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, PLSAPR_TRANSLATED_NAME_EX NamesBuffer, PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, PULONG Mapped) @@ -1299,7 +1719,7 @@ Status = SamrOpenDomain(ServerHandle, DOMAIN_LOOKUP, - AccountDomainSid, + BuiltinDomainSid, &DomainHandle); if (!NT_SUCCESS(Status)) { @@ -1318,27 +1738,27 @@ LocalFree(SidString); SidString = NULL; - if (RtlEqualSid(AccountDomainSid, SidEnumBuffer->SidInfo[i].Sid)) - { - TRACE("Found account domain!\n"); + if (RtlEqualSid(BuiltinDomainSid, SidEnumBuffer->SidInfo[i].Sid)) + { + TRACE("Found builtin domain!\n"); NamesBuffer[i].Use = SidTypeDomain; NamesBuffer[i].Flags = 0; - NamesBuffer[i].Name.Length = AccountDomainName.Length; - NamesBuffer[i].Name.MaximumLength = AccountDomainName.MaximumLength; - NamesBuffer[i].Name.Buffer = MIDL_user_allocate(AccountDomainName.MaximumLength); + NamesBuffer[i].Name.Length = BuiltinDomainName.Length; + NamesBuffer[i].Name.MaximumLength = BuiltinDomainName.MaximumLength; + NamesBuffer[i].Name.Buffer = MIDL_user_allocate(BuiltinDomainName.MaximumLength); if (NamesBuffer[i].Name.Buffer == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; } - RtlCopyMemory(NamesBuffer[i].Name.Buffer, AccountDomainName.Buffer, AccountDomainName.MaximumLength); + RtlCopyMemory(NamesBuffer[i].Name.Buffer, BuiltinDomainName.Buffer, BuiltinDomainName.MaximumLength); Status = LsapAddDomainToDomainsList(DomainsBuffer, - &AccountDomainName, - AccountDomainSid, + &BuiltinDomainName, + BuiltinDomainSid, &DomainIndex); if (!NT_SUCCESS(Status)) goto done; @@ -1350,9 +1770,9 @@ (*Mapped)++; continue; } - else if (LsapIsPrefixSid(AccountDomainSid, SidEnumBuffer->SidInfo[i].Sid)) - { - TRACE("Found account domain account!\n"); + else if (LsapIsPrefixSid(BuiltinDomainSid, SidEnumBuffer->SidInfo[i].Sid)) + { + TRACE("Found builtin domain account!\n"); RelativeIds[0] = LsapGetRelativeIdFromSid(SidEnumBuffer->SidInfo[i].Sid); @@ -1367,11 +1787,11 @@ goto done; } - NamesBuffer[i].Use = Use.Element[0]; //SidTypeUser; + NamesBuffer[i].Use = Use.Element[0]; NamesBuffer[i].Flags = 0; - NamesBuffer[i].Name.Length = Names.Element[0].Length; //TestName.Length; - NamesBuffer[i].Name.MaximumLength = Names.Element[0].MaximumLength; //TestName.MaximumLength; + NamesBuffer[i].Name.Length = Names.Element[0].Length; + NamesBuffer[i].Name.MaximumLength = Names.Element[0].MaximumLength; NamesBuffer[i].Name.Buffer = MIDL_user_allocate(Names.Element[0].MaximumLength); if (NamesBuffer[i].Name.Buffer == NULL) { @@ -1386,6 +1806,97 @@ SamIFree_SAMPR_RETURNED_USTRING_ARRAY(&Names); SamIFree_SAMPR_ULONG_ARRAY(&Use); + + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &BuiltinDomainName, + BuiltinDomainSid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + NamesBuffer[i].DomainIndex = DomainIndex; + + TRACE("Mapped to: %wZ\n", &NamesBuffer[i].Name); + + (*Mapped)++; + continue; + } + } + +done: + if (DomainHandle != NULL) + SamrCloseHandle(&DomainHandle); + + if (ServerHandle != NULL) + SamrCloseHandle(&ServerHandle); + + return Status; +} + + +static NTSTATUS +LsapLookupAccountDomainSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, + PLSAPR_TRANSLATED_NAME_EX NamesBuffer, + PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, + PULONG Mapped) +{ + SAMPR_HANDLE ServerHandle = NULL; + SAMPR_HANDLE DomainHandle = NULL; + SAMPR_RETURNED_USTRING_ARRAY Names = {0, NULL}; + SAMPR_ULONG_ARRAY Use = {0, NULL}; + LPWSTR SidString = NULL; + ULONG DomainIndex; + ULONG RelativeIds[1]; + ULONG i; + NTSTATUS Status = STATUS_SUCCESS; + + Status = SamrConnect(NULL, + &ServerHandle, + SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN); + if (!NT_SUCCESS(Status)) + { + TRACE("SamrConnect failed (Status %08lx)\n", Status); + goto done; + } + + Status = SamrOpenDomain(ServerHandle, + DOMAIN_LOOKUP, + AccountDomainSid, + &DomainHandle); + if (!NT_SUCCESS(Status)) + { + TRACE("SamOpenDomain failed (Status %08lx)\n", Status); + goto done; + } + + for (i = 0; i < SidEnumBuffer->Entries; i++) + { + /* Ignore SIDs which are already mapped */ + if (NamesBuffer[i].Use != SidTypeUnknown) + continue; + + ConvertSidToStringSidW(SidEnumBuffer->SidInfo[i].Sid, &SidString); + TRACE("Mapping SID: %S\n", SidString); + LocalFree(SidString); + SidString = NULL; + + if (RtlEqualSid(AccountDomainSid, SidEnumBuffer->SidInfo[i].Sid)) + { + TRACE("Found account domain!\n"); + + NamesBuffer[i].Use = SidTypeDomain; + NamesBuffer[i].Flags = 0; + + NamesBuffer[i].Name.Length = AccountDomainName.Length; + NamesBuffer[i].Name.MaximumLength = AccountDomainName.MaximumLength; + NamesBuffer[i].Name.Buffer = MIDL_user_allocate(AccountDomainName.MaximumLength); + if (NamesBuffer[i].Name.Buffer == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + RtlCopyMemory(NamesBuffer[i].Name.Buffer, AccountDomainName.Buffer, AccountDomainName.MaximumLength); Status = LsapAddDomainToDomainsList(DomainsBuffer, &AccountDomainName, @@ -1401,14 +1912,65 @@ (*Mapped)++; continue; } + else if (LsapIsPrefixSid(AccountDomainSid, SidEnumBuffer->SidInfo[i].Sid)) + { + TRACE("Found account domain account!\n"); + + RelativeIds[0] = LsapGetRelativeIdFromSid(SidEnumBuffer->SidInfo[i].Sid); + + Status = SamrLookupIdsInDomain(DomainHandle, + 1, + RelativeIds, + &Names, + &Use); + if (!NT_SUCCESS(Status)) + { + TRACE("SamLookupIdsInDomain failed (Status %08lx)\n", Status); + goto done; + } + + NamesBuffer[i].Use = Use.Element[0]; + NamesBuffer[i].Flags = 0; + + NamesBuffer[i].Name.Length = Names.Element[0].Length; + NamesBuffer[i].Name.MaximumLength = Names.Element[0].MaximumLength; + NamesBuffer[i].Name.Buffer = MIDL_user_allocate(Names.Element[0].MaximumLength); + if (NamesBuffer[i].Name.Buffer == NULL) + { + SamIFree_SAMPR_RETURNED_USTRING_ARRAY(&Names); + SamIFree_SAMPR_ULONG_ARRAY(&Use); + + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + RtlCopyMemory(NamesBuffer[i].Name.Buffer, Names.Element[0].Buffer, Names.Element[0].MaximumLength); + + SamIFree_SAMPR_RETURNED_USTRING_ARRAY(&Names); + SamIFree_SAMPR_ULONG_ARRAY(&Use); + + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &AccountDomainName, + AccountDomainSid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + NamesBuffer[i].DomainIndex = DomainIndex; + + TRACE("Mapped to: %wZ\n", &NamesBuffer[i].Name); + + (*Mapped)++; + continue; + } } done: if (DomainHandle != NULL) - SamrCloseHandle(DomainHandle); + SamrCloseHandle(&DomainHandle); if (ServerHandle != NULL) - SamrCloseHandle(ServerHandle); + SamrCloseHandle(&ServerHandle); return Status; } @@ -1553,6 +2115,17 @@ if (Mapped == SidEnumBuffer->Entries) goto done; + /* Look-up builtin domain SIDs */ + Status = LsapLookupBuiltinDomainSids(SidEnumBuffer, + NamesBuffer, + DomainsBuffer, + &Mapped); + if (!NT_SUCCESS(Status)) + goto done; + + if (Mapped == SidEnumBuffer->Entries) + goto done; + /* Look-up account domain SIDs */ Status = LsapLookupAccountDomainSids(SidEnumBuffer, NamesBuffer,

1 0

[tfaber] 57519: [CSQ] - Do not complete IRP while likely holding a spinlock
by tfaber＠svn.reactos.org 08 Oct '12

08 Oct '12

Author: tfaber Date: Mon Oct 8 10:11:42 2012 New Revision: 57519 URL: http://svn.reactos.org/svn/reactos?rev=57519&view=rev Log: [CSQ] - Do not complete IRP while likely holding a spinlock Modified: trunk/reactos/lib/drivers/csq/csq.c (contents, props changed) Modified: trunk/reactos/lib/drivers/csq/csq.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/lib/drivers/csq/csq.c?rev=… ============================================================================== --- trunk/reactos/lib/drivers/csq/csq.c [iso-8859-1] (original) +++ trunk/reactos/lib/drivers/csq/csq.c [iso-8859-1] Mon Oct 8 10:11:42 2012 @@ -23,7 +23,6 @@ * all happen at DISPATCH_LEVEL all of the time, so thread switching on a single * processor can create races too. */ -/* $Id$ */ #include <ntdef.h> #undef DECLSPEC_IMPORT @@ -68,11 +67,10 @@ /* Now that we have our CSQ, complete the IRP */ Csq->CsqAcquireLock(Csq, &Irql); - { - Csq->CsqRemoveIrp(Csq, Irp); - Csq->CsqCompleteCanceledIrp(Csq, Irp); - } + Csq->CsqRemoveIrp(Csq, Irp); Csq->CsqReleaseLock(Csq, Irql); + + Csq->CsqCompleteCanceledIrp(Csq, Irp); } Propchange: trunk/reactos/lib/drivers/csq/csq.c ------------------------------------------------------------------------------ --- svn:keywords (original) +++ svn:keywords (removed) @@ -1,1 +1,0 @@ -author date id revision

1 0

[tkreuzer] 57518: [RTL] - Fix a bug in RtlAreAnyAccessesGranted - Fix an MSVC warning in RtlEqualPrefixSid [CRT] - Fix an MSVC warning in _ui64tow_s [NTOSKRNL] - DPRINT the filename when MmLoadSyst...
by tkreuzer＠svn.reactos.org 07 Oct '12

07 Oct '12

Author: tkreuzer Date: Sun Oct 7 21:36:50 2012 New Revision: 57518 URL: http://svn.reactos.org/svn/reactos?rev=57518&view=rev Log: [RTL] - Fix a bug in RtlAreAnyAccessesGranted - Fix an MSVC warning in RtlEqualPrefixSid [CRT] - Fix an MSVC warning in _ui64tow_s [NTOSKRNL] - DPRINT the filename when MmLoadSystemImage fails - Fix a few MSVC warnings Modified: trunk/reactos/lib/rtl/access.c trunk/reactos/lib/rtl/sid.c trunk/reactos/lib/sdk/crt/string/itow.c trunk/reactos/ntoskrnl/cache/section/sptab.c trunk/reactos/ntoskrnl/ex/sysinfo.c trunk/reactos/ntoskrnl/fsrtl/name.c trunk/reactos/ntoskrnl/mm/ARM3/expool.c trunk/reactos/ntoskrnl/mm/ARM3/section.c trunk/reactos/ntoskrnl/mm/ARM3/sysldr.c trunk/reactos/ntoskrnl/mm/ARM3/virtual.c Modified: trunk/reactos/lib/rtl/access.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/lib/rtl/access.c?rev=57518… ============================================================================== --- trunk/reactos/lib/rtl/access.c [iso-8859-1] (original) +++ trunk/reactos/lib/rtl/access.c [iso-8859-1] Sun Oct 7 21:36:50 2012 @@ -38,7 +38,7 @@ PAGED_CODE_RTL(); /* Return if there's any leftover bits after granting all of them */ - return (GrantedAccess & DesiredAccess); + return ((GrantedAccess & DesiredAccess) != 0); } /* Modified: trunk/reactos/lib/rtl/sid.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/lib/rtl/sid.c?rev=57518&r1… ============================================================================== --- trunk/reactos/lib/rtl/sid.c [iso-8859-1] (original) +++ trunk/reactos/lib/rtl/sid.c [iso-8859-1] Sun Oct 7 21:36:50 2012 @@ -222,7 +222,7 @@ if (!Sid1->SubAuthorityCount) return TRUE; /* Now compare all the subauthority values BUT the last one */ - for (i = 0; i < (Sid1->SubAuthorityCount - 1); i++) + for (i = 0; (i + 1) < Sid1->SubAuthorityCount; i++) { /* Does any mismatch? */ if (Sid1->SubAuthority[i] != Sid2->SubAuthority[i]) Modified: trunk/reactos/lib/sdk/crt/string/itow.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/lib/sdk/crt/string/itow.c?… ============================================================================== --- trunk/reactos/lib/sdk/crt/string/itow.c [iso-8859-1] (original) +++ trunk/reactos/lib/sdk/crt/string/itow.c [iso-8859-1] Sun Oct 7 21:36:50 2012 @@ -194,7 +194,7 @@ *--pos = 'a' + digit - 10; } while (value != 0); - if(buffer-pos+65 > size) { + if((size_t)(buffer-pos+65) > size) { MSVCRT_INVALID_PMT("str[size] is too small"); #ifndef _LIBCNT_ *_errno() = EINVAL; Modified: trunk/reactos/ntoskrnl/cache/section/sptab.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/cache/section/spt… ============================================================================== --- trunk/reactos/ntoskrnl/cache/section/sptab.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/cache/section/sptab.c [iso-8859-1] Sun Oct 7 21:36:50 2012 @@ -196,7 +196,7 @@ ASSERT(MiSectionPageTableGet(&Segment->PageTable, Offset)); PageTable->Segment = Segment; - PageIndex = (Offset->QuadPart - PageTable->FileOffset.QuadPart) / PAGE_SIZE; + PageIndex = (ULONG_PTR)((Offset->QuadPart - PageTable->FileOffset.QuadPart) / PAGE_SIZE); OldEntry = PageTable->PageEntries[PageIndex]; DPRINT("MiSetPageEntrySectionSegment(%p,%08x%08x,%x=>%x)\n", @@ -215,7 +215,7 @@ ASSERT(!Entry || IS_SWAP_FROM_SSE(Entry)); MmDeleteSectionAssociation(PFN_FROM_SSE(OldEntry)); } else if (IS_SWAP_FROM_SSE(Entry)) { - ASSERT(!IS_SWAP_FROM_SSE(OldEntry) || + ASSERT(!IS_SWAP_FROM_SSE(OldEntry) || SWAPENTRY_FROM_SSE(OldEntry) == MM_WAIT_ENTRY); if (OldEntry && SWAPENTRY_FROM_SSE(OldEntry) != MM_WAIT_ENTRY) MmDeleteSectionAssociation(PFN_FROM_SSE(OldEntry)); @@ -247,7 +247,7 @@ ENTRIES_PER_ELEMENT * PAGE_SIZE); PageTable = MiSectionPageTableGet(&Segment->PageTable, &FileOffset); if (!PageTable) return 0; - PageIndex = (Offset->QuadPart - PageTable->FileOffset.QuadPart) / PAGE_SIZE; + PageIndex = (ULONG_PTR)((Offset->QuadPart - PageTable->FileOffset.QuadPart) / PAGE_SIZE); Result = PageTable->PageEntries[PageIndex]; #if 0 DPRINTC Modified: trunk/reactos/ntoskrnl/ex/sysinfo.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/sysinfo.c?rev=… ============================================================================== --- trunk/reactos/ntoskrnl/ex/sysinfo.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ex/sysinfo.c [iso-8859-1] Sun Oct 7 21:36:50 2012 @@ -280,7 +280,7 @@ RtlInitAnsiString(&AValue, AnsiValueBuffer); /* Initialize a UNICODE string from the callers buffer */ - RtlInitEmptyUnicodeString(&WValue, ValueBuffer, ValueBufferLength); + RtlInitEmptyUnicodeString(&WValue, ValueBuffer, (USHORT)ValueBufferLength); /* Convert the result to UNICODE */ Status = RtlAnsiStringToUnicodeString(&WValue, &AValue, FALSE); Modified: trunk/reactos/ntoskrnl/fsrtl/name.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/fsrtl/name.c?rev=… ============================================================================== --- trunk/reactos/ntoskrnl/fsrtl/name.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/fsrtl/name.c [iso-8859-1] Sun Oct 7 21:36:50 2012 @@ -27,6 +27,7 @@ PUSHORT BackTracking = NULL; UNICODE_STRING IntExpression; USHORT ExpressionPosition = 0, NamePosition = 0, MatchingChars; + WCHAR CompareChar; PAGED_CODE(); /* Check if we were given strings at all */ @@ -99,10 +100,13 @@ } } - while (NamePosition < Name->Length / sizeof(WCHAR) && ExpressionPosition < Expression->Length / sizeof(WCHAR)) + while ((NamePosition < Name->Length / sizeof(WCHAR)) && + (ExpressionPosition < Expression->Length / sizeof(WCHAR))) { /* Basic check to test if chars are equal */ - if (Expression->Buffer[ExpressionPosition] == (IgnoreCase ? UpcaseTable[Name->Buffer[NamePosition]] : Name->Buffer[NamePosition])) + CompareChar = IgnoreCase ? UpcaseTable[Name->Buffer[NamePosition]] : + Name->Buffer[NamePosition]; + if (Expression->Buffer[ExpressionPosition] == CompareChar) { NamePosition++; ExpressionPosition++; @@ -118,7 +122,8 @@ else if (Expression->Buffer[ExpressionPosition] == L'*') { /* Skip contigous stars */ - while (ExpressionPosition + 1 < Expression->Length / sizeof(WCHAR) && Expression->Buffer[ExpressionPosition + 1] == L'*') + while ((ExpressionPosition + 1 < (USHORT)(Expression->Length / sizeof(WCHAR))) && + (Expression->Buffer[ExpressionPosition + 1] == L'*')) { ExpressionPosition++; } @@ -409,7 +414,7 @@ * * @param Expression * The string in which we've to find Name. It can contain wildcards. - * If IgnoreCase is set to TRUE, this string MUST BE uppercase. + * If IgnoreCase is set to TRUE, this string MUST BE uppercase. * * @param Name * The string to find. It cannot contain wildcards @@ -419,7 +424,7 @@ * * @param UpcaseTable * If not NULL, and if IgnoreCase is set to TRUE, it will be used to - * upcase the both strings + * upcase the both strings * * @return TRUE if Name is in Expression, FALSE otherwise * Modified: trunk/reactos/ntoskrnl/mm/ARM3/expool.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/ARM3/expool.c?… ============================================================================== --- trunk/reactos/ntoskrnl/mm/ARM3/expool.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/mm/ARM3/expool.c [iso-8859-1] Sun Oct 7 21:36:50 2012 @@ -43,7 +43,7 @@ ULONG PoolHitTag; BOOLEAN ExStopBadTags; KSPIN_LOCK ExpLargePoolTableLock; -LONG ExpPoolBigEntriesInUse; +ULONG ExpPoolBigEntriesInUse; ULONG ExpPoolFlags; ULONG ExPoolFailures; @@ -1246,10 +1246,10 @@ // keep losing the race or that we are not finding a free entry anymore, // which implies a massive number of concurrent big pool allocations. // - InterlockedIncrement(&ExpPoolBigEntriesInUse); + InterlockedIncrementUL(&ExpPoolBigEntriesInUse); if ((i >= 16) && (ExpPoolBigEntriesInUse > (TableSize / 4))) { - DPRINT1("Should attempt expansion since we now have %d entries\n", + DPRINT1("Should attempt expansion since we now have %lu entries\n", ExpPoolBigEntriesInUse); } @@ -1348,7 +1348,7 @@ // the lock and return the tag that was located // InterlockedIncrement((PLONG)&Entry->Va); - InterlockedDecrement(&ExpPoolBigEntriesInUse); + InterlockedDecrementUL(&ExpPoolBigEntriesInUse); KeReleaseSpinLock(&ExpLargePoolTableLock, OldIrql); return PoolTag; } Modified: trunk/reactos/ntoskrnl/mm/ARM3/section.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/ARM3/section.c… ============================================================================== --- trunk/reactos/ntoskrnl/mm/ARM3/section.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/mm/ARM3/section.c [iso-8859-1] Sun Oct 7 21:36:50 2012 @@ -1049,7 +1049,7 @@ MiDereferenceControlArea(ControlArea); return STATUS_NO_MEMORY; } - + /* What's the underlying session? */ if (Session == &MmSession) { @@ -2472,7 +2472,7 @@ ASSERT(ControlArea->u.Flags.WasPurged == FALSE); /* Make sure the segment and the section are the same size, or the section is smaller */ - ASSERT(NewSection->SizeOfSection.QuadPart <= NewSection->Segment->SizeOfSegment); + ASSERT((ULONG64)NewSection->SizeOfSection.QuadPart <= NewSection->Segment->SizeOfSegment); /* Return the object and the creation status */ *SectionObject = (PVOID)NewSection; Modified: trunk/reactos/ntoskrnl/mm/ARM3/sysldr.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/ARM3/sysldr.c?… ============================================================================== --- trunk/reactos/ntoskrnl/mm/ARM3/sysldr.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/mm/ARM3/sysldr.c [iso-8859-1] Sun Oct 7 21:36:50 2012 @@ -1385,7 +1385,7 @@ /* Compute the number of pages we expect to free */ PagesFreed = (PFN_NUMBER)(MiAddressToPte(InitEnd) - PointerPte + 1); - + /* Try to actually free them */ PagesFreed = MiDeleteSystemPageableVm(PointerPte, PagesFreed, @@ -1406,7 +1406,7 @@ PIMAGE_NT_HEADERS NtHeader; PIMAGE_SECTION_HEADER Section, LastSection; BOOLEAN InitFound; - + /* So we don't free our own code yet */ InitCode = (ULONG_PTR)&MiFindInitializationCode; @@ -1423,7 +1423,7 @@ /* Get the loader entry and its DLL base */ LdrEntry = CONTAINING_RECORD(NextEntry, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks); DllBase = (ULONG_PTR)LdrEntry->DllBase; - + /* Get the NT header */ NtHeader = RtlImageNtHeader((PVOID)DllBase); if (!NtHeader) @@ -1454,13 +1454,13 @@ { /* Pick the biggest size -- either raw or virtual */ Size = max(Section->SizeOfRawData, Section->Misc.VirtualSize); - + /* Read the section alignment */ Alignment = NtHeader->OptionalHeader.SectionAlignment; /* Align the start and end addresses appropriately */ InitStart = DllBase + Section->VirtualAddress; - InitEnd = ((Alignment + InitStart + Size - 2) & 0xFFFFF000) - 1; + InitEnd = ((Alignment + InitStart + Size - 2) & 0xFFFFF000) - 1; InitStart = (InitStart + (PAGE_SIZE - 1)) & 0xFFFFF000; /* Have we reached the last section? */ @@ -1532,12 +1532,12 @@ } } } - + /* Move to the next section */ SectionCount--; Section++; } - + /* Move to the next module */ NextEntry = NextEntry->Flink; } @@ -1546,7 +1546,7 @@ KeLeaveCriticalRegion(); } -/* +/* * Note: This function assumes that all discardable sections are at the end of * the PE file. It searches backwards until it finds the non-discardable section */ @@ -2960,7 +2960,8 @@ 0); if (!NT_SUCCESS(Status)) { - DPRINT1("ZwOpenFile failed with status 0x%x\n", Status); + DPRINT1("ZwOpenFile failed for '%wZ' with status 0x%x\n", + FileName, Status); goto Quickie; } Modified: trunk/reactos/ntoskrnl/mm/ARM3/virtual.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/ARM3/virtual.c… ============================================================================== --- trunk/reactos/ntoskrnl/mm/ARM3/virtual.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/mm/ARM3/virtual.c [iso-8859-1] Sun Oct 7 21:36:50 2012 @@ -1744,7 +1744,7 @@ return Status; } -ULONG +BOOLEAN NTAPI MiIsEntireRangeCommitted(IN ULONG_PTR StartingAddress, IN ULONG_PTR EndingAddress,

1 0

[ekohl] 57517: [LSASRV] Implement lookup of accounts in the account domain of the SAM database. The advapi32 security winetest shows proper domain and account names for the administrator and guest ...
by ekohl＠svn.reactos.org 07 Oct '12

07 Oct '12

Author: ekohl Date: Sun Oct 7 18:33:48 2012 New Revision: 57517 URL: http://svn.reactos.org/svn/reactos?rev=57517&view=rev Log: [LSASRV] Implement lookup of accounts in the account domain of the SAM database. The advapi32 security winetest shows proper domain and account names for the administrator and guest SIDs. Modified: trunk/reactos/dll/win32/lsasrv/CMakeLists.txt trunk/reactos/dll/win32/lsasrv/lsasrv.h trunk/reactos/dll/win32/lsasrv/sids.c Modified: trunk/reactos/dll/win32/lsasrv/CMakeLists.txt URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/CMakeList… ============================================================================== --- trunk/reactos/dll/win32/lsasrv/CMakeLists.txt [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/CMakeLists.txt [iso-8859-1] Sun Oct 7 18:33:48 2012 @@ -27,7 +27,7 @@ set_module_type(lsasrv win32dll ENTRYPOINT 0 UNICODE) target_link_libraries(lsasrv wine ${PSEH_LIB}) -add_importlibs(lsasrv rpcrt4 msvcrt kernel32 advapi32 ntdll) +add_importlibs(lsasrv samsrv rpcrt4 msvcrt kernel32 advapi32 ntdll) add_pch(lsasrv lsasrv.h) add_dependencies(lsasrv psdk) add_cd_file(TARGET lsasrv DESTINATION reactos/system32 FOR all) Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.h?… ============================================================================== --- trunk/reactos/dll/win32/lsasrv/lsasrv.h [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/lsasrv.h [iso-8859-1] Sun Oct 7 18:33:48 2012 @@ -18,6 +18,7 @@ #include <ndk/rtlfuncs.h> #include <ndk/setypes.h> +#include <ntsam.h> #include <ntlsa.h> #include <ntsecapi.h> #include <sddl.h> Modified: trunk/reactos/dll/win32/lsasrv/sids.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/sids.c?re… ============================================================================== --- trunk/reactos/dll/win32/lsasrv/sids.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/sids.c [iso-8859-1] Sun Oct 7 18:33:48 2012 @@ -9,6 +9,55 @@ #include "lsasrv.h" WINE_DEFAULT_DEBUG_CHANNEL(lsasrv); + +typedef wchar_t *PSAMPR_SERVER_NAME; +typedef void *SAMPR_HANDLE; + +typedef struct _SAMPR_RETURNED_USTRING_ARRAY +{ + unsigned long Count; + PRPC_UNICODE_STRING Element; +} SAMPR_RETURNED_USTRING_ARRAY, *PSAMPR_RETURNED_USTRING_ARRAY; + +typedef struct _SAMPR_ULONG_ARRAY +{ + unsigned long Count; + unsigned long *Element; +} SAMPR_ULONG_ARRAY, *PSAMPR_ULONG_ARRAY; + + +VOID +NTAPI +SamIFree_SAMPR_RETURNED_USTRING_ARRAY(PSAMPR_RETURNED_USTRING_ARRAY Ptr); + +VOID +NTAPI +SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr); + +NTSTATUS +NTAPI +SamrConnect(IN PSAMPR_SERVER_NAME ServerName, + OUT SAMPR_HANDLE *ServerHandle, + IN ACCESS_MASK DesiredAccess); + +NTSTATUS +NTAPI +SamrCloseHandle(IN OUT SAMPR_HANDLE *SamHandle); + +NTSTATUS +NTAPI +SamrOpenDomain(IN SAMPR_HANDLE ServerHandle, + IN ACCESS_MASK DesiredAccess, + IN PRPC_SID DomainId, + OUT SAMPR_HANDLE *DomainHandle); + +NTSTATUS +NTAPI +SamrLookupIdsInDomain(IN SAMPR_HANDLE DomainHandle, + IN ULONG Count, + IN ULONG *RelativeIds, + OUT PSAMPR_RETURNED_USTRING_ARRAY Names, + OUT PSAMPR_ULONG_ARRAY Use); typedef struct _WELL_KNOWN_SID @@ -800,6 +849,40 @@ } +static BOOLEAN +LsapIsPrefixSid(IN PSID PrefixSid, + IN PSID Sid) +{ + PISID Sid1 = PrefixSid, Sid2 = Sid; + ULONG i; + + if (Sid1->Revision != Sid2->Revision) + return FALSE; + + if ((Sid1->IdentifierAuthority.Value[0] != Sid2->IdentifierAuthority.Value[0]) || + (Sid1->IdentifierAuthority.Value[1] != Sid2->IdentifierAuthority.Value[1]) || + (Sid1->IdentifierAuthority.Value[2] != Sid2->IdentifierAuthority.Value[2]) || + (Sid1->IdentifierAuthority.Value[3] != Sid2->IdentifierAuthority.Value[3]) || + (Sid1->IdentifierAuthority.Value[4] != Sid2->IdentifierAuthority.Value[4]) || + (Sid1->IdentifierAuthority.Value[5] != Sid2->IdentifierAuthority.Value[5])) + return FALSE; + + if (Sid1->SubAuthorityCount >= Sid2->SubAuthorityCount) + return FALSE; + + if (Sid1->SubAuthorityCount == 0) + return TRUE; + + for (i = 0; i < Sid1->SubAuthorityCount; i++) + { + if (Sid1->SubAuthority[i] != Sid2->SubAuthority[i]) + return FALSE; + } + + return TRUE; +} + + ULONG LsapGetRelativeIdFromSid(PSID Sid_) { @@ -1150,7 +1233,7 @@ continue; ConvertSidToStringSidW(SidEnumBuffer->SidInfo[i].Sid, &SidString); - TRACE("Unmapped SID: %S\n", SidString); + TRACE("Mapping SID: %S\n", SidString); LocalFree(SidString); SidString = NULL; @@ -1172,8 +1255,10 @@ &ptr2->Name, ptr2->Sid, &DomainIndex); - if (NT_SUCCESS(Status)) - NamesBuffer[i].DomainIndex = DomainIndex; + if (!NT_SUCCESS(Status)) + goto done; + + NamesBuffer[i].DomainIndex = DomainIndex; } TRACE("Mapped to: %wZ\n", &NamesBuffer[i].Name); @@ -1182,18 +1267,45 @@ } } +done: return Status; } static NTSTATUS -LsapLookupLocalDomainSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, - PLSAPR_TRANSLATED_NAME_EX NamesBuffer, - PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, - PULONG Mapped) -{ +LsapLookupAccountDomainSids(PLSAPR_SID_ENUM_BUFFER SidEnumBuffer, + PLSAPR_TRANSLATED_NAME_EX NamesBuffer, + PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, + PULONG Mapped) +{ + SAMPR_HANDLE ServerHandle = NULL; + SAMPR_HANDLE DomainHandle = NULL; + SAMPR_RETURNED_USTRING_ARRAY Names = {0, NULL}; + SAMPR_ULONG_ARRAY Use = {0, NULL}; LPWSTR SidString = NULL; + ULONG DomainIndex; + ULONG RelativeIds[1]; ULONG i; + NTSTATUS Status = STATUS_SUCCESS; + + Status = SamrConnect(NULL, + &ServerHandle, + SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN); + if (!NT_SUCCESS(Status)) + { + TRACE("SamrConnect failed (Status %08lx)\n", Status); + goto done; + } + + Status = SamrOpenDomain(ServerHandle, + DOMAIN_LOOKUP, + AccountDomainSid, + &DomainHandle); + if (!NT_SUCCESS(Status)) + { + TRACE("SamOpenDomain failed (Status %08lx)\n", Status); + goto done; + } for (i = 0; i < SidEnumBuffer->Entries; i++) { @@ -1202,12 +1314,103 @@ continue; ConvertSidToStringSidW(SidEnumBuffer->SidInfo[i].Sid, &SidString); - TRACE("Unmapped SID: %S\n", SidString); + TRACE("Mapping SID: %S\n", SidString); LocalFree(SidString); SidString = NULL; - } - - return STATUS_SUCCESS; + + if (RtlEqualSid(AccountDomainSid, SidEnumBuffer->SidInfo[i].Sid)) + { + TRACE("Found account domain!\n"); + + NamesBuffer[i].Use = SidTypeDomain; + NamesBuffer[i].Flags = 0; + + NamesBuffer[i].Name.Length = AccountDomainName.Length; + NamesBuffer[i].Name.MaximumLength = AccountDomainName.MaximumLength; + NamesBuffer[i].Name.Buffer = MIDL_user_allocate(AccountDomainName.MaximumLength); + if (NamesBuffer[i].Name.Buffer == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + RtlCopyMemory(NamesBuffer[i].Name.Buffer, AccountDomainName.Buffer, AccountDomainName.MaximumLength); + + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &AccountDomainName, + AccountDomainSid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + NamesBuffer[i].DomainIndex = DomainIndex; + + TRACE("Mapped to: %wZ\n", &NamesBuffer[i].Name); + + (*Mapped)++; + continue; + } + else if (LsapIsPrefixSid(AccountDomainSid, SidEnumBuffer->SidInfo[i].Sid)) + { + TRACE("Found account domain account!\n"); + + RelativeIds[0] = LsapGetRelativeIdFromSid(SidEnumBuffer->SidInfo[i].Sid); + + Status = SamrLookupIdsInDomain(DomainHandle, + 1, + RelativeIds, + &Names, + &Use); + if (!NT_SUCCESS(Status)) + { + TRACE("SamLookupIdsInDomain failed (Status %08lx)\n", Status); + goto done; + } + + NamesBuffer[i].Use = Use.Element[0]; //SidTypeUser; + NamesBuffer[i].Flags = 0; + + NamesBuffer[i].Name.Length = Names.Element[0].Length; //TestName.Length; + NamesBuffer[i].Name.MaximumLength = Names.Element[0].MaximumLength; //TestName.MaximumLength; + NamesBuffer[i].Name.Buffer = MIDL_user_allocate(Names.Element[0].MaximumLength); + if (NamesBuffer[i].Name.Buffer == NULL) + { + SamIFree_SAMPR_RETURNED_USTRING_ARRAY(&Names); + SamIFree_SAMPR_ULONG_ARRAY(&Use); + + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + RtlCopyMemory(NamesBuffer[i].Name.Buffer, Names.Element[0].Buffer, Names.Element[0].MaximumLength); + + SamIFree_SAMPR_RETURNED_USTRING_ARRAY(&Names); + SamIFree_SAMPR_ULONG_ARRAY(&Use); + + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &AccountDomainName, + AccountDomainSid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + NamesBuffer[i].DomainIndex = DomainIndex; + + TRACE("Mapped to: %wZ\n", &NamesBuffer[i].Name); + + (*Mapped)++; + continue; + } + } + +done: + if (DomainHandle != NULL) + SamrCloseHandle(DomainHandle); + + if (ServerHandle != NULL) + SamrCloseHandle(ServerHandle); + + return Status; } @@ -1218,8 +1421,8 @@ PULONG Mapped) { SID_IDENTIFIER_AUTHORITY IdentifierAuthority = {SECURITY_NT_AUTHORITY}; - static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"DOMAIN"); - static const UNICODE_STRING AdminName = RTL_CONSTANT_STRING(L"Administrator"); + static const UNICODE_STRING DomainName = RTL_CONSTANT_STRING(L"UNKNOWN"); + static const UNICODE_STRING AdminName = RTL_CONSTANT_STRING(L"Test"); PSID AdminsSid = NULL; LPWSTR SidString = NULL; ULONG SidLength; @@ -1246,7 +1449,7 @@ ConvertSidToStringSidW(SidEnumBuffer->SidInfo[i].Sid, &SidString); - TRACE("Unmapped SID: %S\n", SidString); + TRACE("Mapping SID: %S\n", SidString); LocalFree(SidString); SidString = NULL; @@ -1257,14 +1460,22 @@ NamesBuffer[i].Name.Length = AdminName.Length; NamesBuffer[i].Name.MaximumLength = AdminName.MaximumLength; NamesBuffer[i].Name.Buffer = MIDL_user_allocate(AdminName.MaximumLength); + if (NamesBuffer[i].Name.Buffer == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + RtlCopyMemory(NamesBuffer[i].Name.Buffer, AdminName.Buffer, AdminName.MaximumLength); Status = LsapAddDomainToDomainsList(DomainsBuffer, (PUNICODE_STRING)&DomainName, AdminsSid, &DomainIndex); - if (NT_SUCCESS(Status)) - NamesBuffer[i].DomainIndex = DomainIndex; + if (!NT_SUCCESS(Status)) + goto done; + + NamesBuffer[i].DomainIndex = DomainIndex; TRACE("Mapped to: %wZ\n", &NamesBuffer[i].Name); @@ -1331,7 +1542,7 @@ NamesBuffer[i].Flags = 0; } - /* Look-up all well-known SIDs */ + /* Look-up well-known SIDs */ Status = LsapLookupWellKnownSids(SidEnumBuffer, NamesBuffer, DomainsBuffer, @@ -1342,11 +1553,11 @@ if (Mapped == SidEnumBuffer->Entries) goto done; - /* Look-up all Domain SIDs */ - Status = LsapLookupLocalDomainSids(SidEnumBuffer, - NamesBuffer, - DomainsBuffer, - &Mapped); + /* Look-up account domain SIDs */ + Status = LsapLookupAccountDomainSids(SidEnumBuffer, + NamesBuffer, + DomainsBuffer, + &Mapped); if (!NT_SUCCESS(Status)) goto done;

1 0

[ekohl] 57516: [SAMSRV] Implement SamIFree_SAMPR_RETURNED_USTRING_ARRAY and SamIFree_SAMPR_ULONG_ARRAY. These functions are used to free structures that were allocated by calls to Samr-functions.
by ekohl＠svn.reactos.org 07 Oct '12

07 Oct '12

Author: ekohl Date: Sun Oct 7 17:38:16 2012 New Revision: 57516 URL: http://svn.reactos.org/svn/reactos?rev=57516&view=rev Log: [SAMSRV] Implement SamIFree_SAMPR_RETURNED_USTRING_ARRAY and SamIFree_SAMPR_ULONG_ARRAY. These functions are used to free structures that were allocated by calls to Samr-functions. Modified: trunk/reactos/dll/win32/samsrv/samsrv.c trunk/reactos/dll/win32/samsrv/samsrv.spec Modified: trunk/reactos/dll/win32/samsrv/samsrv.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samsrv.c?… ============================================================================== --- trunk/reactos/dll/win32/samsrv/samsrv.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/samsrv.c [iso-8859-1] Sun Oct 7 17:38:16 2012 @@ -63,4 +63,39 @@ return STATUS_SUCCESS; } + +VOID +NTAPI +SamIFree_SAMPR_RETURNED_USTRING_ARRAY(PSAMPR_RETURNED_USTRING_ARRAY Ptr) +{ + ULONG i; + + if (Ptr != NULL) + { + if (Ptr->Element != NULL) + { + for (i = 0; i < Ptr->Count; i++) + { + if (Ptr->Element[i].Buffer != NULL) + MIDL_user_free(Ptr->Element[i].Buffer); + } + + MIDL_user_free(Ptr->Element); + } + } +} + + +VOID +NTAPI +SamIFree_SAMPR_ULONG_ARRAY(PSAMPR_ULONG_ARRAY Ptr) +{ + if (Ptr != NULL) + { + if (Ptr->Element != NULL) + MIDL_user_free(Ptr->Element); + } + +} + /* EOF */ Modified: trunk/reactos/dll/win32/samsrv/samsrv.spec URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samsrv.sp… ============================================================================== --- trunk/reactos/dll/win32/samsrv/samsrv.spec [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/samsrv.spec [iso-8859-1] Sun Oct 7 17:38:16 2012 @@ -10,9 +10,9 @@ @ stub SamIFree_SAMPR_GET_MEMBERS_BUFFER @ stub SamIFree_SAMPR_GROUP_INFO_BUFFER @ stub SamIFree_SAMPR_PSID_ARRAY -@ stub SamIFree_SAMPR_RETURNED_USTRING_ARRAY +@ stdcall SamIFree_SAMPR_RETURNED_USTRING_ARRAY(ptr) @ stub SamIFree_SAMPR_SR_SECURITY_DESCRIPTOR -@ stub SamIFree_SAMPR_ULONG_ARRAY +@ stdcall SamIFree_SAMPR_ULONG_ARRAY(ptr) @ stub SamIFree_SAMPR_USER_INFO_BUFFER @ stub SamIGetPrivateData @ stub SamIGetSerialNumberDomain

1 0

[hbelusca] 57515: [APITEST:NTDLL] Add a parameter for displaying the current test number when something fails.
by hbelusca＠svn.reactos.org 07 Oct '12

07 Oct '12

Author: hbelusca Date: Sun Oct 7 14:17:37 2012 New Revision: 57515 URL: http://svn.reactos.org/svn/reactos?rev=57515&view=rev Log: [APITEST:NTDLL] Add a parameter for displaying the current test number when something fails. Modified: trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c Modified: trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c URL: http://svn.reactos.org/svn/reactos/trunk/rostests/apitests/ntdll/NtQuerySys… ============================================================================== --- trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c [iso-8859-1] (original) +++ trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c [iso-8859-1] Sun Oct 7 14:17:37 2012 @@ -49,7 +49,8 @@ {STATUS_SUCCESS , RTL_CONSTANT_STRING(L"LastKnownGood"), TRUE , MAX_BUFFER_LENGTH, MIN_BUFFER_LENGTH, MAX_BUFFER_LENGTH}, }; -static void Test_API(IN PTEST_CASE TestCase) +static void Test_API(IN ULONG TestNumber, + IN PTEST_CASE TestCase) { NTSTATUS Status = STATUS_SUCCESS; BOOLEAN WasEnabled = FALSE; @@ -66,7 +67,7 @@ TRUE, FALSE, &WasEnabled); - ok(NT_SUCCESS(Status), "RtlAdjustPrivilege failed : 0x%08lx\n", Status); + ok(NT_SUCCESS(Status), "RtlAdjustPrivilege(%lu) failed : 0x%08lx\n", TestNumber, Status); } // @@ -89,12 +90,14 @@ // Now check the results. // ok(Status == TestCase->Result, - "NtQuerySystemEnvironmentValue failed, returned 0x%08lx, expected 0x%08lx\n", + "NtQuerySystemEnvironmentValue(%lu) failed : returned 0x%08lx, expected 0x%08lx\n", + TestNumber, Status, TestCase->Result); ok( ((TestCase->MinimalExpectedReturnedLength <= ReturnedLength) && (ReturnedLength <= TestCase->MaximalExpectedReturnedLength)), - "Returned length %lu, expected between %lu and %lu\n", + "NtQuerySystemEnvironmentValue(%lu) failed : returned length %lu, expected between %lu and %lu\n", + TestNumber, ReturnedLength, TestCase->MinimalExpectedReturnedLength, TestCase->MaximalExpectedReturnedLength); @@ -106,7 +109,7 @@ for (i = 0 ; i < COUNT_OF(TestCases) ; ++i) { - Test_API(&TestCases[i]); + Test_API(i, &TestCases[i]); } }

1 0

[hbelusca] 57514: [NTOSKRNL] In NtQuerySystemEnvironmentValue : - Use a fixed-length buffer size for holding a temporary variable. - Correct the pool TAG.
by hbelusca＠svn.reactos.org 07 Oct '12

07 Oct '12

Author: hbelusca Date: Sun Oct 7 14:16:13 2012 New Revision: 57514 URL: http://svn.reactos.org/svn/reactos?rev=57514&view=rev Log: [NTOSKRNL] In NtQuerySystemEnvironmentValue : - Use a fixed-length buffer size for holding a temporary variable. - Correct the pool TAG. Modified: trunk/reactos/ntoskrnl/ex/sysinfo.c Modified: trunk/reactos/ntoskrnl/ex/sysinfo.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/sysinfo.c?rev=… ============================================================================== --- trunk/reactos/ntoskrnl/ex/sysinfo.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ex/sysinfo.c [iso-8859-1] Sun Oct 7 14:16:13 2012 @@ -13,6 +13,9 @@ #include <ntoskrnl.h> #define NDEBUG #include <debug.h> + +/* The maximum size of an environment value (in bytes) */ +#define MAX_ENVVAL_SIZE 1024 FAST_MUTEX ExpEnvironmentLock; ERESOURCE ExpFirmwareTableResource; @@ -246,10 +249,7 @@ /* Copy the name to kernel space if necessary */ Status = ProbeAndCaptureUnicodeString(&WName, PreviousMode, VariableName); - if (!NT_SUCCESS(Status)) - { - return Status; - } + if (!NT_SUCCESS(Status)) return Status; /* Convert the name to ANSI and release the captured UNICODE string */ Status = RtlUnicodeStringToAnsiString(&AName, &WName, TRUE); @@ -257,7 +257,7 @@ if (!NT_SUCCESS(Status)) return Status; /* Allocate a buffer for the ANSI environment variable */ - AnsiValueBuffer = ExAllocatePoolWithTag(NonPagedPool, ValueBufferLength, 'pmeT'); + AnsiValueBuffer = ExAllocatePoolWithTag(NonPagedPool, MAX_ENVVAL_SIZE, 'rvnE'); if (AnsiValueBuffer == NULL) { RtlFreeAnsiString(&AName); @@ -266,7 +266,7 @@ /* Get the environment variable and free the ANSI name */ Result = HalGetEnvironmentVariable(AName.Buffer, - (USHORT)ValueBufferLength, + MAX_ENVVAL_SIZE, AnsiValueBuffer); RtlFreeAnsiString(&AName); @@ -286,9 +286,7 @@ Status = RtlAnsiStringToUnicodeString(&WValue, &AValue, FALSE); if (ReturnLength != NULL) - { *ReturnLength = WValue.Length; - } } _SEH2_EXCEPT(ExSystemExceptionFilter()) { @@ -302,7 +300,7 @@ } /* Free the allocated ANSI value buffer */ - ExFreePoolWithTag(AnsiValueBuffer, 'pmeT'); + ExFreePoolWithTag(AnsiValueBuffer, 'rvnE'); return Status; }

1 0

[hbelusca] 57513: [APITEST:NTDLL] Improve the code.
by hbelusca＠svn.reactos.org 07 Oct '12

07 Oct '12

Author: hbelusca Date: Sun Oct 7 12:46:44 2012 New Revision: 57513 URL: http://svn.reactos.org/svn/reactos?rev=57513&view=rev Log: [APITEST:NTDLL] Improve the code. Modified: trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c Modified: trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c URL: http://svn.reactos.org/svn/reactos/trunk/rostests/apitests/ntdll/NtQuerySys… ============================================================================== --- trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c [iso-8859-1] (original) +++ trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c [iso-8859-1] Sun Oct 7 12:46:44 2012 @@ -16,7 +16,7 @@ #define COUNT_OF(x) (sizeof((x))/sizeof((x)[0])) -static struct TEST_CASES +typedef struct _TEST_CASE { NTSTATUS Result; UNICODE_STRING VariableName; @@ -24,7 +24,9 @@ ULONG ValueBufferLength; ULONG MinimalExpectedReturnedLength; ULONG MaximalExpectedReturnedLength; -} TestCases[] = +} TEST_CASE, *PTEST_CASE; + +static TEST_CASE TestCases[] = { // // Non-existent variable name. @@ -47,20 +49,18 @@ {STATUS_SUCCESS , RTL_CONSTANT_STRING(L"LastKnownGood"), TRUE , MAX_BUFFER_LENGTH, MIN_BUFFER_LENGTH, MAX_BUFFER_LENGTH}, }; -static NTSTATUS Test_API(IN BOOLEAN AdjustPrivileges, - IN PUNICODE_STRING VariableName, - OUT PWSTR ValueBuffer, - IN ULONG ValueBufferLength, - IN OUT PULONG ReturnLength OPTIONAL) +static void Test_API(IN PTEST_CASE TestCase) { - NTSTATUS Status; - BOOLEAN WasEnabled; + NTSTATUS Status = STATUS_SUCCESS; + BOOLEAN WasEnabled = FALSE; + WCHAR ValueBuffer[MAX_BUFFER_LENGTH / sizeof(WCHAR)]; + ULONG ReturnedLength = 0; // // Adjust the privileges if asked for (we need to // have already administrator privileges to do so). // - if (AdjustPrivileges) + if (TestCase->AdjustPrivileges) { Status = RtlAdjustPrivilege(SE_SYSTEM_ENVIRONMENT_PRIVILEGE, TRUE, @@ -72,12 +72,12 @@ // // Get the system environment value and set the privilege back. // - Status = NtQuerySystemEnvironmentValue(VariableName, + Status = NtQuerySystemEnvironmentValue(&TestCase->VariableName, ValueBuffer, - ValueBufferLength, - ReturnLength); + TestCase->ValueBufferLength, + &ReturnedLength); - if (AdjustPrivileges) + if (TestCase->AdjustPrivileges) { RtlAdjustPrivilege(SE_SYSTEM_ENVIRONMENT_PRIVILEGE, WasEnabled, @@ -85,34 +85,28 @@ &WasEnabled); } - return Status; + // + // Now check the results. + // + ok(Status == TestCase->Result, + "NtQuerySystemEnvironmentValue failed, returned 0x%08lx, expected 0x%08lx\n", + Status, + TestCase->Result); + + ok( ((TestCase->MinimalExpectedReturnedLength <= ReturnedLength) && (ReturnedLength <= TestCase->MaximalExpectedReturnedLength)), + "Returned length %lu, expected between %lu and %lu\n", + ReturnedLength, + TestCase->MinimalExpectedReturnedLength, + TestCase->MaximalExpectedReturnedLength); } START_TEST(NtQuerySystemEnvironmentValue) { - NTSTATUS Status; - WCHAR ValueBuffer[MAX_BUFFER_LENGTH / sizeof(WCHAR)]; - ULONG ReturnedLength = 0; ULONG i; for (i = 0 ; i < COUNT_OF(TestCases) ; ++i) { - Status = Test_API(TestCases[i].AdjustPrivileges, - &TestCases[i].VariableName, - ValueBuffer, - TestCases[i].ValueBufferLength, - &ReturnedLength); - - ok(Status == TestCases[i].Result, - "NtQuerySystemEnvironmentValue failed, returned 0x%08lx, expected 0x%08lx\n", - Status, - TestCases[i].Result); - - ok( ((TestCases[i].MinimalExpectedReturnedLength <= ReturnedLength) && (ReturnedLength <= TestCases[i].MaximalExpectedReturnedLength)), - "Returned length %lu, expected between %lu and %lu\n", - ReturnedLength, - TestCases[i].MinimalExpectedReturnedLength, - TestCases[i].MaximalExpectedReturnedLength); + Test_API(&TestCases[i]); } }

1 0

[hbelusca] 57512: [APITEST:NTDLL] Add a test for the NtQuerySystemEnvironmentValue API. Tested successfully under Win2k3 SP1 and Win7.
by hbelusca＠svn.reactos.org 07 Oct '12

07 Oct '12

Author: hbelusca Date: Sun Oct 7 12:31:13 2012 New Revision: 57512 URL: http://svn.reactos.org/svn/reactos?rev=57512&view=rev Log: [APITEST:NTDLL] Add a test for the NtQuerySystemEnvironmentValue API. Tested successfully under Win2k3 SP1 and Win7. Added: trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c (with props) Modified: trunk/rostests/apitests/ntdll/CMakeLists.txt trunk/rostests/apitests/ntdll/testlist.c Modified: trunk/rostests/apitests/ntdll/CMakeLists.txt URL: http://svn.reactos.org/svn/reactos/trunk/rostests/apitests/ntdll/CMakeLists… ============================================================================== --- trunk/rostests/apitests/ntdll/CMakeLists.txt [iso-8859-1] (original) +++ trunk/rostests/apitests/ntdll/CMakeLists.txt [iso-8859-1] Sun Oct 7 12:31:13 2012 @@ -2,6 +2,7 @@ list(APPEND SOURCE NtAllocateVirtualMemory.c NtFreeVirtualMemory.c + NtQuerySystemEnvironmentValue.c RtlBitmap.c RtlDetermineDosPathNameType.c RtlDoesFileExists.c Added: trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c URL: http://svn.reactos.org/svn/reactos/trunk/rostests/apitests/ntdll/NtQuerySys… ============================================================================== --- trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c (added) +++ trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c [iso-8859-1] Sun Oct 7 12:31:13 2012 @@ -1,0 +1,119 @@ +/* + * PROJECT: ReactOS API Tests + * LICENSE: GPLv2+ - See COPYING in the top level directory + * PURPOSE: Test for the NtQuerySystemEnvironmentValue. + * PROGRAMMER: HermÃ¨s BÃLUSCA - MAÃTO <hermes.belusca(a)sfr.fr> + */ + +#define WIN32_NO_STATUS +#include <stdio.h> +#include <wine/test.h> +#include <ndk/ntndk.h> + +// Arbitrary-defined constants +#define MIN_BUFFER_LENGTH 4L +#define MAX_BUFFER_LENGTH 2048L + +#define COUNT_OF(x) (sizeof((x))/sizeof((x)[0])) + +static struct TEST_CASES +{ + NTSTATUS Result; + UNICODE_STRING VariableName; + BOOLEAN AdjustPrivileges; + ULONG ValueBufferLength; + ULONG MinimalExpectedReturnedLength; + ULONG MaximalExpectedReturnedLength; +} TestCases[] = +{ + // + // Non-existent variable name. + // + {STATUS_PRIVILEGE_NOT_HELD, RTL_CONSTANT_STRING(L"NonExistent"), FALSE, 0, 0, 0}, + {STATUS_PRIVILEGE_NOT_HELD, RTL_CONSTANT_STRING(L"NonExistent"), FALSE, MIN_BUFFER_LENGTH, 0, 0}, + {STATUS_PRIVILEGE_NOT_HELD, RTL_CONSTANT_STRING(L"NonExistent"), FALSE, MAX_BUFFER_LENGTH, 0, 0}, + {STATUS_UNSUCCESSFUL , RTL_CONSTANT_STRING(L"NonExistent"), TRUE , 0, 0, 0}, + {STATUS_UNSUCCESSFUL , RTL_CONSTANT_STRING(L"NonExistent"), TRUE , MIN_BUFFER_LENGTH, 0, 0}, + {STATUS_UNSUCCESSFUL , RTL_CONSTANT_STRING(L"NonExistent"), TRUE , MAX_BUFFER_LENGTH, 0, 0}, + + // + // Existent variable name. + // + {STATUS_PRIVILEGE_NOT_HELD, RTL_CONSTANT_STRING(L"LastKnownGood"), FALSE, 0, 0, 0}, + {STATUS_PRIVILEGE_NOT_HELD, RTL_CONSTANT_STRING(L"LastKnownGood"), FALSE, MIN_BUFFER_LENGTH, 0, 0}, + {STATUS_PRIVILEGE_NOT_HELD, RTL_CONSTANT_STRING(L"LastKnownGood"), FALSE, MAX_BUFFER_LENGTH, 0, 0}, + {STATUS_BUFFER_OVERFLOW , RTL_CONSTANT_STRING(L"LastKnownGood"), TRUE , 0 , MIN_BUFFER_LENGTH, MAX_BUFFER_LENGTH}, + {STATUS_BUFFER_OVERFLOW , RTL_CONSTANT_STRING(L"LastKnownGood"), TRUE , MIN_BUFFER_LENGTH, MIN_BUFFER_LENGTH, MAX_BUFFER_LENGTH}, + {STATUS_SUCCESS , RTL_CONSTANT_STRING(L"LastKnownGood"), TRUE , MAX_BUFFER_LENGTH, MIN_BUFFER_LENGTH, MAX_BUFFER_LENGTH}, +}; + +static NTSTATUS Test_API(IN BOOLEAN AdjustPrivileges, + IN PUNICODE_STRING VariableName, + OUT PWSTR ValueBuffer, + IN ULONG ValueBufferLength, + IN OUT PULONG ReturnLength OPTIONAL) +{ + NTSTATUS Status; + BOOLEAN WasEnabled; + + // + // Adjust the privileges if asked for (we need to + // have already administrator privileges to do so). + // + if (AdjustPrivileges) + { + Status = RtlAdjustPrivilege(SE_SYSTEM_ENVIRONMENT_PRIVILEGE, + TRUE, + FALSE, + &WasEnabled); + ok(NT_SUCCESS(Status), "RtlAdjustPrivilege failed : 0x%08lx\n", Status); + } + + // + // Get the system environment value and set the privilege back. + // + Status = NtQuerySystemEnvironmentValue(VariableName, + ValueBuffer, + ValueBufferLength, + ReturnLength); + + if (AdjustPrivileges) + { + RtlAdjustPrivilege(SE_SYSTEM_ENVIRONMENT_PRIVILEGE, + WasEnabled, + FALSE, + &WasEnabled); + } + + return Status; +} + +START_TEST(NtQuerySystemEnvironmentValue) +{ + NTSTATUS Status; + WCHAR ValueBuffer[MAX_BUFFER_LENGTH / sizeof(WCHAR)]; + ULONG ReturnedLength = 0; + ULONG i; + + for (i = 0 ; i < COUNT_OF(TestCases) ; ++i) + { + Status = Test_API(TestCases[i].AdjustPrivileges, + &TestCases[i].VariableName, + ValueBuffer, + TestCases[i].ValueBufferLength, + &ReturnedLength); + + ok(Status == TestCases[i].Result, + "NtQuerySystemEnvironmentValue failed, returned 0x%08lx, expected 0x%08lx\n", + Status, + TestCases[i].Result); + + ok( ((TestCases[i].MinimalExpectedReturnedLength <= ReturnedLength) && (ReturnedLength <= TestCases[i].MaximalExpectedReturnedLength)), + "Returned length %lu, expected between %lu and %lu\n", + ReturnedLength, + TestCases[i].MinimalExpectedReturnedLength, + TestCases[i].MaximalExpectedReturnedLength); + } +} + +/* EOF */ Propchange: trunk/rostests/apitests/ntdll/NtQuerySystemEnvironmentValue.c ------------------------------------------------------------------------------ svn:eol-style = native Modified: trunk/rostests/apitests/ntdll/testlist.c URL: http://svn.reactos.org/svn/reactos/trunk/rostests/apitests/ntdll/testlist.c… ============================================================================== --- trunk/rostests/apitests/ntdll/testlist.c [iso-8859-1] (original) +++ trunk/rostests/apitests/ntdll/testlist.c [iso-8859-1] Sun Oct 7 12:31:13 2012 @@ -7,6 +7,7 @@ extern void func_NtAllocateVirtualMemory(void); extern void func_NtFreeVirtualMemory(void); +extern void func_NtQuerySystemEnvironmentValue(void); extern void func_NtSystemInformation(void); extern void func_RtlBitmap(void); extern void func_RtlDetermineDosPathNameType(void); @@ -25,6 +26,7 @@ { { "NtAllocateVirtualMemory", func_NtAllocateVirtualMemory }, { "NtFreeVirtualMemory", func_NtFreeVirtualMemory }, + { "NtQuerySystemEnvironmentValue", func_NtQuerySystemEnvironmentValue }, { "NtSystemInformation", func_NtSystemInformation }, { "RtlBitmapApi", func_RtlBitmap }, { "RtlDetermineDosPathNameType", func_RtlDetermineDosPathNameType },

1 0

[ekohl] 57511: [LSASRV] - Store the names and SIDs of the built-in and account domains in global vaiables. - Move the lookup code for isolated names to a separate function.
by ekohl＠svn.reactos.org 07 Oct '12

07 Oct '12

Author: ekohl Date: Sun Oct 7 12:10:45 2012 New Revision: 57511 URL: http://svn.reactos.org/svn/reactos?rev=57511&view=rev Log: [LSASRV] - Store the names and SIDs of the built-in and account domains in global vaiables. - Move the lookup code for isolated names to a separate function. Modified: trunk/reactos/dll/win32/lsasrv/database.c trunk/reactos/dll/win32/lsasrv/lsasrv.h trunk/reactos/dll/win32/lsasrv/sids.c Modified: trunk/reactos/dll/win32/lsasrv/database.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/database.… ============================================================================== --- trunk/reactos/dll/win32/lsasrv/database.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/database.c [iso-8859-1] Sun Oct 7 12:10:45 2012 @@ -17,6 +17,17 @@ static HANDLE SecurityKeyHandle = NULL; +SID_IDENTIFIER_AUTHORITY NullSidAuthority = {SECURITY_NULL_SID_AUTHORITY}; +SID_IDENTIFIER_AUTHORITY WorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY}; +SID_IDENTIFIER_AUTHORITY LocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY}; +SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY}; +SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY}; + +PSID BuiltinDomainSid = NULL; +PSID AccountDomainSid = NULL; +UNICODE_STRING BuiltinDomainName = {0, 0, NULL}; +UNICODE_STRING AccountDomainName = {0, 0, NULL}; + /* FUNCTIONS ***************************************************************/ @@ -202,14 +213,13 @@ static NTSTATUS LsapCreateRandomDomainSid(OUT PSID *Sid) { - SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY}; LARGE_INTEGER SystemTime; PULONG Seed; NtQuerySystemTime(&SystemTime); Seed = &SystemTime.u.LowPart; - return RtlAllocateAndInitializeSid(&SystemAuthority, + return RtlAllocateAndInitializeSid(&NtAuthority, 4, SECURITY_NT_NON_UNIQUE, RtlUniform(Seed), @@ -380,6 +390,137 @@ } +static NTSTATUS +LsapGetDomainInfo(VOID) +{ + PLSA_DB_OBJECT PolicyObject = NULL; + PUNICODE_STRING DomainName = NULL; + ULONG AttributeSize; + LPWSTR SidString = NULL; + NTSTATUS Status; + + /* Get the built-in domain SID and name */ + Status = RtlAllocateAndInitializeSid(&NtAuthority, + 1, + SECURITY_BUILTIN_DOMAIN_RID, + 0, 0, 0, 0, 0, 0, 0, + &BuiltinDomainSid); + if (!NT_SUCCESS(Status)) + return Status; + + /**/ + RtlInitUnicodeString(&BuiltinDomainName, + L"BUILTIN"); + + /* Open the 'Policy' object */ + Status = LsapOpenDbObject(NULL, + NULL, + L"Policy", + LsaDbPolicyObject, + 0, + &PolicyObject); + if (!NT_SUCCESS(Status)) + goto done; + + /* Get the account domain SID */ + AttributeSize = 0; + Status = LsapGetObjectAttribute(PolicyObject, + L"PolAcDmS", + NULL, + &AttributeSize); + if (!NT_SUCCESS(Status)) + goto done; + + if (AttributeSize > 0) + { + AccountDomainSid = RtlAllocateHeap(RtlGetProcessHeap(), + HEAP_ZERO_MEMORY, + AttributeSize); + if (AccountDomainSid == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + Status = LsapGetObjectAttribute(PolicyObject, + L"PolAcDmS", + AccountDomainSid, + &AttributeSize); + if (!NT_SUCCESS(Status)) + goto done; + } + + /* Get the account domain name */ + AttributeSize = 0; + Status = LsapGetObjectAttribute(PolicyObject, + L"PolAcDmN", + NULL, + &AttributeSize); + if (!NT_SUCCESS(Status)) + goto done; + + if (AttributeSize > 0) + { + DomainName = RtlAllocateHeap(RtlGetProcessHeap(), + HEAP_ZERO_MEMORY, + AttributeSize); + if (DomainName == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + Status = LsapGetObjectAttribute(PolicyObject, + L"PolAcDmN", + DomainName, + &AttributeSize); + if (!NT_SUCCESS(Status)) + goto done; + + DomainName->Buffer = (LPWSTR)((ULONG_PTR)DomainName + (ULONG_PTR)DomainName->Buffer); + + AccountDomainName.Length = DomainName->Length; + AccountDomainName.MaximumLength = DomainName->Length + sizeof(WCHAR); + AccountDomainName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), + HEAP_ZERO_MEMORY, + AccountDomainName.MaximumLength); + if (AccountDomainName.Buffer == NULL) + { + ERR("Failed to allocate the account domain name buffer\n"); + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + RtlCopyMemory(AccountDomainName.Buffer, + DomainName->Buffer, + DomainName->Length); + } + + ConvertSidToStringSidW(BuiltinDomainSid, &SidString); + TRACE("Builtin Domain SID: %S\n", SidString); + LocalFree(SidString); + SidString = NULL; + + TRACE("Builtin Domain Name: %wZ\n", &BuiltinDomainName); + + ConvertSidToStringSidW(AccountDomainSid, &SidString); + TRACE("Account Domain SID: %S\n", SidString); + LocalFree(SidString); + SidString = NULL; + + TRACE("Account Domain Name: %wZ\n", &AccountDomainName); + +done: + if (DomainName != NULL) + RtlFreeHeap(RtlGetProcessHeap(), 0, DomainName); + + if (PolicyObject != NULL) + LsapCloseDbObject(PolicyObject); + + return Status; +} + + NTSTATUS LsapInitDatabase(VOID) { @@ -418,6 +559,13 @@ ERR("Failed to update the LSA database (Status: 0x%08lx)\n", Status); return Status; } + } + + Status = LsapGetDomainInfo(); + if (!NT_SUCCESS(Status)) + { + ERR("Failed to get the domain information (Status: 0x%08lx)\n", Status); + return Status; } TRACE("LsapInitDatabase() done\n"); Modified: trunk/reactos/dll/win32/lsasrv/lsasrv.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsasrv.h?… ============================================================================== --- trunk/reactos/dll/win32/lsasrv/lsasrv.h [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/lsasrv.h [iso-8859-1] Sun Oct 7 12:10:45 2012 @@ -60,6 +60,18 @@ } LSAP_POLICY_AUDIT_EVENTS_DATA, *PLSAP_POLICY_AUDIT_EVENTS_DATA; +extern SID_IDENTIFIER_AUTHORITY NullSidAuthority; +extern SID_IDENTIFIER_AUTHORITY WorldSidAuthority; +extern SID_IDENTIFIER_AUTHORITY LocalSidAuthority; +extern SID_IDENTIFIER_AUTHORITY CreatorSidAuthority; +extern SID_IDENTIFIER_AUTHORITY NtAuthority; + +extern PSID BuiltinDomainSid; +extern UNICODE_STRING BuiltinDomainName; +extern PSID AccountDomainSid; +extern UNICODE_STRING AccountDomainName; + + /* authport.c */ NTSTATUS StartAuthenticationPort(VOID); Modified: trunk/reactos/dll/win32/lsasrv/sids.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/sids.c?re… ============================================================================== --- trunk/reactos/dll/win32/lsasrv/sids.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/sids.c [iso-8859-1] Sun Oct 7 12:10:45 2012 @@ -21,15 +21,7 @@ } WELL_KNOWN_SID, *PWELL_KNOWN_SID; -static SID_IDENTIFIER_AUTHORITY NullSidAuthority = {SECURITY_NULL_SID_AUTHORITY}; -static SID_IDENTIFIER_AUTHORITY WorldSidAuthority = {SECURITY_WORLD_SID_AUTHORITY}; -static SID_IDENTIFIER_AUTHORITY LocalSidAuthority = {SECURITY_LOCAL_SID_AUTHORITY}; -static SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = {SECURITY_CREATOR_SID_AUTHORITY}; -static SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY}; - LIST_ENTRY WellKnownSidListHead; - - #if 0 typedef struct _AccountSid @@ -820,6 +812,119 @@ } +static +NTSTATUS +LsapLookupIsolatedNames(DWORD Count, + PRPC_UNICODE_STRING DomainNames, + PRPC_UNICODE_STRING AccountNames, + PLSAPR_REFERENCED_DOMAIN_LIST DomainsBuffer, + PLSAPR_TRANSLATED_SID_EX2 SidsBuffer, + PULONG Mapped) +{ + PWELL_KNOWN_SID ptr, ptr2; + ULONG DomainIndex; + ULONG i; + NTSTATUS Status = STATUS_SUCCESS; + LPWSTR SidString = NULL; + + for (i = 0; i < Count; i++) + { + /* Ignore names which were already mapped */ + if (SidsBuffer[i].Use != SidTypeUnknown) + continue; + + /* Ignore fully qualified account names */ + if (DomainNames[i].Length != 0) + continue; + + /* Look-up all well-known names */ + ptr = LsapLookupWellKnownName((PUNICODE_STRING)&AccountNames[i]); + if (ptr != NULL) + { + SidsBuffer[i].Use = ptr->Use; + SidsBuffer[i].Sid = ptr->Sid; + SidsBuffer[i].DomainIndex = -1; + SidsBuffer[i].Flags = 0; + + if (ptr->Use == SidTypeDomain) + { + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &ptr->Name, + ptr->Sid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + SidsBuffer[i].DomainIndex = DomainIndex; + } + else + { + ptr2= LsapLookupWellKnownName(&ptr->Domain); + if (ptr2 != NULL) + { + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &ptr2->Name, + ptr2->Sid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + SidsBuffer[i].DomainIndex = DomainIndex; + } + } + + (*Mapped)++; + continue; + } + + /* FIXME: Look-up the built-in domain */ + + ConvertSidToStringSidW(AccountDomainSid, &SidString); + TRACE("Account Domain SID: %S\n", SidString); + LocalFree(SidString); + SidString = NULL; + + TRACE("Account Domain Name: %wZ\n", &AccountDomainName); + + /* Look-up the account domain */ + if (RtlEqualUnicodeString((PUNICODE_STRING)&AccountNames[i], &AccountDomainName, TRUE)) + { + SidsBuffer[i].Use = SidTypeDomain; + SidsBuffer[i].Sid = AccountDomainSid; + SidsBuffer[i].DomainIndex = -1; + SidsBuffer[i].Flags = 0; + + Status = LsapAddDomainToDomainsList(DomainsBuffer, + &AccountDomainName, + AccountDomainSid, + &DomainIndex); + if (!NT_SUCCESS(Status)) + goto done; + + SidsBuffer[i].DomainIndex = DomainIndex; + + (*Mapped)++; + continue; + } + + /* FIXME: Look-up the primary domain */ + + /* FIXME: Look-up the trusted domains */ + + /* FIXME: Look-up accounts in the built-in domain */ + + /* FIXME: Look-up accounts in the account domain */ + + /* FIXME: Look-up accounts in the primary domain */ + + /* FIXME: Look-up accounts in the trusted domains */ + } + +done: + return Status; +} + + NTSTATUS LsapLookupNames(DWORD Count, PRPC_UNICODE_STRING Names, @@ -835,12 +940,12 @@ PRPC_UNICODE_STRING DomainNames = NULL; PRPC_UNICODE_STRING AccountNames = NULL; ULONG SidsBufferLength; - ULONG DomainIndex; +// ULONG DomainIndex; ULONG i; ULONG Mapped = 0; NTSTATUS Status = STATUS_SUCCESS; - PWELL_KNOWN_SID ptr, ptr2; +// PWELL_KNOWN_SID ptr, ptr2; //TRACE("()\n"); @@ -893,6 +998,20 @@ goto done; } + Status = LsapLookupIsolatedNames(Count, + DomainNames, + AccountNames, + DomainsBuffer, + SidsBuffer, + &Mapped); + if (!NT_SUCCESS(Status)) + goto done; + + if (Mapped == Count) + goto done; + + +#if 0 for (i = 0; i < Count; i++) { //TRACE("Name: %wZ\n", &Names[i]); @@ -941,10 +1060,8 @@ Mapped++; continue; } - - - - } + } +#endif done: // TRACE("done: Status %lx\n", Status);

1 0

← Newer
1
...
12
13
14
15
16
17
18
...
22
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Ros-diffs October 2012