[ekohl] 57601: [ADVAPI32] - Use LookupAccountNameW to retrieve the account SID when a user tries to log-on to a computer. - Little clean-up of LogonUserW. This is the first step to get rid of hard-...
23 Oct
2012
23 Oct
'12
9:59 p.m.
Author: ekohl
Date: Tue Oct 23 21:59:43 2012
New Revision: 57601
URL: http://svn.reactos.org/svn/reactos?rev=57601&view=rev
Log:
[ADVAPI32]
- Use LookupAccountNameW to retrieve the account SID when a user tries to log-on to a
computer.
- Little clean-up of LogonUserW.
This is the first step to get rid of hard-coded logon stuff.
Modified:
trunk/reactos/dll/win32/advapi32/misc/logon.c
Modified: trunk/reactos/dll/win32/advapi32/misc/logon.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/misc/lo…
==============================================================================
--- trunk/reactos/dll/win32/advapi32/misc/logon.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/advapi32/misc/logon.c [iso-8859-1] Tue Oct 23 21:59:43 2012
@@ -310,53 +310,72 @@
GetUserSid(LPCWSTR UserName,
PSID *Sid)
{
- PSID AccountDomainSid = NULL;
- ULONG ulUserRid;
- DWORD dwLength;
- HKEY hNamesKey = NULL;
- BOOL bResult = TRUE;
-
- if (!GetAccountDomainSid(&AccountDomainSid))
- {
- return FALSE;
- }
-
- /* Open the Users\Names key */
- if (RegOpenKeyExW(HKEY_LOCAL_MACHINE,
- L"SAM\\SAM\\Domains\\Account\\Users\\Names",
- 0,
- KEY_READ,
- &hNamesKey))
- {
- ERR("Failed to open Users\\Names key! (Error %lu)\n", GetLastError());
- bResult = FALSE;
+ PSID SidBuffer = NULL;
+ PWSTR DomainBuffer = NULL;
+ DWORD cbSidSize = 0;
+ DWORD cchDomSize = 0;
+ SID_NAME_USE Use;
+ BOOL res = TRUE;
+
+ *Sid = NULL;
+
+ LookupAccountNameW(NULL,
+ UserName,
+ NULL,
+ &cbSidSize,
+ NULL,
+ &cchDomSize,
+ &Use);
+
+ if (cbSidSize == 0 || cchDomSize == 0)
+ return FALSE;
+
+ SidBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
+ HEAP_ZERO_MEMORY,
+ cbSidSize);
+ if (SidBuffer == NULL)
+ return FALSE;
+
+ DomainBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
+ HEAP_ZERO_MEMORY,
+ cchDomSize * sizeof(WCHAR));
+ if (DomainBuffer == NULL)
+ {
+ res = FALSE;
goto done;
}
- /* Read the user RID */
- dwLength = sizeof(ULONG);
- if (RegQueryValueExW(hNamesKey,
- UserName,
- NULL,
- NULL,
- (LPBYTE)&ulUserRid,
- &dwLength))
- {
- ERR("Failed to read the SID! (Error %ld)\n", GetLastError());
- bResult = FALSE;
+ if (!LookupAccountNameW(NULL,
+ UserName,
+ SidBuffer,
+ &cbSidSize,
+ DomainBuffer,
+ &cchDomSize,
+ &Use))
+ {
+ res = FALSE;
goto done;
}
- *Sid = AppendRidToSid(AccountDomainSid, ulUserRid);
+ if (Use != SidTypeUser)
+ {
+ res = FALSE;
+ goto done;
+ }
+
+ *Sid = SidBuffer;
done:
- if (hNamesKey != NULL)
- RegCloseKey(hNamesKey);
-
- if (AccountDomainSid != NULL)
- RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);
-
- return bResult;
+ if (DomainBuffer != NULL)
+ RtlFreeHeap(RtlGetProcessHeap(), 0, DomainBuffer);
+
+ if (res == FALSE)
+ {
+ if (SidBuffer != NULL)
+ RtlFreeHeap(RtlGetProcessHeap(), 0, SidBuffer);
+ }
+
+ return res;
}
@@ -593,8 +612,8 @@
TOKEN_USER TokenUser;
TOKEN_OWNER TokenOwner;
TOKEN_PRIMARY_GROUP TokenPrimaryGroup;
- PTOKEN_GROUPS TokenGroups;
- PTOKEN_PRIVILEGES TokenPrivileges;
+ PTOKEN_GROUPS TokenGroups = NULL;
+ PTOKEN_PRIVILEGES TokenPrivileges = NULL;
TOKEN_DEFAULT_DACL TokenDefaultDacl;
LARGE_INTEGER ExpirationTime;
LUID AuthenticationId;
@@ -603,10 +622,10 @@
PSID PrimaryGroupSid = NULL;
PSID OwnerSid = NULL;
PSID LocalSystemSid;
- PACL Dacl;
- NTSTATUS Status;
+ PACL Dacl = NULL;
SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY};
unsigned i;
+ NTSTATUS Status = STATUS_SUCCESS;
Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
Qos.ImpersonationLevel = SecurityAnonymous;
@@ -641,11 +660,10 @@
/* Allocate and initialize token groups */
TokenGroups = AllocateGroupSids(&PrimaryGroupSid,
&OwnerSid);
- if (NULL == TokenGroups)
- {
- RtlFreeSid(UserSid);
- SetLastError(ERROR_OUTOFMEMORY);
- return FALSE;
+ if (TokenGroups == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
}
/* Allocate and initialize token privileges */
@@ -653,12 +671,10 @@
sizeof(TOKEN_PRIVILEGES)
+ sizeof(DefaultPrivs) / sizeof(DefaultPrivs[0])
* sizeof(LUID_AND_ATTRIBUTES));
- if (NULL == TokenPrivileges)
- {
- FreeGroupSids(TokenGroups);
- RtlFreeSid(UserSid);
- SetLastError(ERROR_OUTOFMEMORY);
- return FALSE;
+ if (TokenPrivileges == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
}
TokenPrivileges->PrivilegeCount = 0;
@@ -683,21 +699,13 @@
Dacl = RtlAllocateHeap(GetProcessHeap(), 0, 1024);
if (Dacl == NULL)
{
- FreeGroupSids(TokenGroups);
- RtlFreeSid(UserSid);
- SetLastError(ERROR_OUTOFMEMORY);
- return FALSE;
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
}
Status = RtlCreateAcl(Dacl, 1024, ACL_REVISION);
if (!NT_SUCCESS(Status))
- {
- RtlFreeHeap(GetProcessHeap(), 0, Dacl);
- FreeGroupSids(TokenGroups);
- RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges);
- RtlFreeSid(UserSid);
- return FALSE;
- }
+ goto done;
RtlAddAccessAllowedAce(Dacl,
ACL_REVISION,
@@ -754,10 +762,18 @@
&TokenDefaultDacl,
&TokenSource);
- RtlFreeHeap(GetProcessHeap(), 0, Dacl);
- FreeGroupSids(TokenGroups);
- RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges);
- RtlFreeSid(UserSid);
+done:
+ if (Dacl != NULL)
+ RtlFreeHeap(GetProcessHeap(), 0, Dacl);
+
+ if (TokenGroups != NULL)
+ FreeGroupSids(TokenGroups);
+
+ if (TokenPrivileges != NULL)
+ RtlFreeHeap(GetProcessHeap(), 0, TokenPrivileges);
+
+ if (UserSid != NULL)
+ RtlFreeHeap(GetProcessHeap(), 0, UserSid);
return NT_SUCCESS(Status);
}
4406
days inactive
4406
days old
0 comments
1 participants
participants (1)
-
ekohl@svn.reactos.org