Author: ekohl Date: Tue Oct 23 21:59:43 2012 New Revision: 57601

URL: http://svn.reactos.org/svn/reactos?rev=57601&view=rev Log: [ADVAPI32] - Use LookupAccountNameW to retrieve the account SID when a user tries to log-on to a computer. - Little clean-up of LogonUserW. This is the first step to get rid of hard-coded logon stuff.

Modified: trunk/reactos/dll/win32/advapi32/misc/logon.c

Modified: trunk/reactos/dll/win32/advapi32/misc/logon.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/misc/log... ============================================================================== --- trunk/reactos/dll/win32/advapi32/misc/logon.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/advapi32/misc/logon.c [iso-8859-1] Tue Oct 23 21:59:43 2012 @@ -310,53 +310,72 @@ GetUserSid(LPCWSTR UserName, PSID *Sid) { - PSID AccountDomainSid = NULL; - ULONG ulUserRid; - DWORD dwLength; - HKEY hNamesKey = NULL; - BOOL bResult = TRUE; - - if (!GetAccountDomainSid(&AccountDomainSid)) - { - return FALSE; - } - - /* Open the Users\Names key */ - if (RegOpenKeyExW(HKEY_LOCAL_MACHINE, - L"SAM\SAM\Domains\Account\Users\Names", - 0, - KEY_READ, - &hNamesKey)) - { - ERR("Failed to open Users\Names key! (Error %lu)\n", GetLastError()); - bResult = FALSE; + PSID SidBuffer = NULL; + PWSTR DomainBuffer = NULL; + DWORD cbSidSize = 0; + DWORD cchDomSize = 0; + SID_NAME_USE Use; + BOOL res = TRUE; + + *Sid = NULL; + + LookupAccountNameW(NULL, + UserName, + NULL, + &cbSidSize, + NULL, + &cchDomSize, + &Use); + + if (cbSidSize == 0 || cchDomSize == 0) + return FALSE; + + SidBuffer = RtlAllocateHeap(RtlGetProcessHeap(), + HEAP_ZERO_MEMORY, + cbSidSize); + if (SidBuffer == NULL) + return FALSE; + + DomainBuffer = RtlAllocateHeap(RtlGetProcessHeap(), + HEAP_ZERO_MEMORY, + cchDomSize * sizeof(WCHAR)); + if (DomainBuffer == NULL) + { + res = FALSE; goto done; }

- /* Read the user RID */ - dwLength = sizeof(ULONG); - if (RegQueryValueExW(hNamesKey, - UserName, - NULL, - NULL, - (LPBYTE)&ulUserRid, - &dwLength)) - { - ERR("Failed to read the SID! (Error %ld)\n", GetLastError()); - bResult = FALSE; + if (!LookupAccountNameW(NULL, + UserName, + SidBuffer, + &cbSidSize, + DomainBuffer, + &cchDomSize, + &Use)) + { + res = FALSE; goto done; }

- *Sid = AppendRidToSid(AccountDomainSid, ulUserRid); + if (Use != SidTypeUser) + { + res = FALSE; + goto done; + } + + *Sid = SidBuffer;

done: - if (hNamesKey != NULL) - RegCloseKey(hNamesKey); - - if (AccountDomainSid != NULL) - RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid); - - return bResult; + if (DomainBuffer != NULL) + RtlFreeHeap(RtlGetProcessHeap(), 0, DomainBuffer); + + if (res == FALSE) + { + if (SidBuffer != NULL) + RtlFreeHeap(RtlGetProcessHeap(), 0, SidBuffer); + } + + return res; }

@@ -593,8 +612,8 @@ TOKEN_USER TokenUser; TOKEN_OWNER TokenOwner; TOKEN_PRIMARY_GROUP TokenPrimaryGroup; - PTOKEN_GROUPS TokenGroups; - PTOKEN_PRIVILEGES TokenPrivileges; + PTOKEN_GROUPS TokenGroups = NULL; + PTOKEN_PRIVILEGES TokenPrivileges = NULL; TOKEN_DEFAULT_DACL TokenDefaultDacl; LARGE_INTEGER ExpirationTime; LUID AuthenticationId; @@ -603,10 +622,10 @@ PSID PrimaryGroupSid = NULL; PSID OwnerSid = NULL; PSID LocalSystemSid; - PACL Dacl; - NTSTATUS Status; + PACL Dacl = NULL; SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY}; unsigned i; + NTSTATUS Status = STATUS_SUCCESS;

Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE); Qos.ImpersonationLevel = SecurityAnonymous; @@ -641,11 +660,10 @@ /* Allocate and initialize token groups */ TokenGroups = AllocateGroupSids(&PrimaryGroupSid, &OwnerSid); - if (NULL == TokenGroups) - { - RtlFreeSid(UserSid); - SetLastError(ERROR_OUTOFMEMORY); - return FALSE; + if (TokenGroups == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; }

/* Allocate and initialize token privileges */ @@ -653,12 +671,10 @@ sizeof(TOKEN_PRIVILEGES) + sizeof(DefaultPrivs) / sizeof(DefaultPrivs[0]) * sizeof(LUID_AND_ATTRIBUTES)); - if (NULL == TokenPrivileges) - { - FreeGroupSids(TokenGroups); - RtlFreeSid(UserSid); - SetLastError(ERROR_OUTOFMEMORY); - return FALSE; + if (TokenPrivileges == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; }

TokenPrivileges->PrivilegeCount = 0; @@ -683,21 +699,13 @@ Dacl = RtlAllocateHeap(GetProcessHeap(), 0, 1024); if (Dacl == NULL) { - FreeGroupSids(TokenGroups); - RtlFreeSid(UserSid); - SetLastError(ERROR_OUTOFMEMORY); - return FALSE; + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; }

Status = RtlCreateAcl(Dacl, 1024, ACL_REVISION); if (!NT_SUCCESS(Status)) - { - RtlFreeHeap(GetProcessHeap(), 0, Dacl); - FreeGroupSids(TokenGroups); - RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges); - RtlFreeSid(UserSid); - return FALSE; - } + goto done;

RtlAddAccessAllowedAce(Dacl, ACL_REVISION, @@ -754,10 +762,18 @@ &TokenDefaultDacl, &TokenSource);

- RtlFreeHeap(GetProcessHeap(), 0, Dacl); - FreeGroupSids(TokenGroups); - RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges); - RtlFreeSid(UserSid); +done: + if (Dacl != NULL) + RtlFreeHeap(GetProcessHeap(), 0, Dacl); + + if (TokenGroups != NULL) + FreeGroupSids(TokenGroups); + + if (TokenPrivileges != NULL) + RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges); + + if (UserSid != NULL) + RtlFreeHeap(GetProcessHeap(), 0, UserSid);

return NT_SUCCESS(Status); }