Author: cwittich Date: Tue Dec 9 01:09:25 2008 New Revision: 37954 URL: http://svn.reactos.org/svn/reactos?rev=37954&view=rev Log: sync CreateWellKnownSid with wine Modified: trunk/reactos/dll/win32/advapi32/sec/sid.c Modified: trunk/reactos/dll/win32/advapi32/sec/sid.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/sec/sid… ============================================================================== --- trunk/reactos/dll/win32/advapi32/sec/sid.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/advapi32/sec/sid.c [iso-8859-1] Tue Dec 9 01:09:25 2008 @@ -97,6 +97,39 @@ { {'R','U'}, WinBuiltinPreWindows2000CompatibleAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PREW2KCOMPACCESS } } }, { {'R','D'}, WinBuiltinRemoteDesktopUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS } } }, { {'N','O'}, WinBuiltinNetworkConfigurationOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS } } }, + { {0,0}, WinNTLMAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_NTLM_RID } } }, + { {0,0}, WinDigestAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_DIGEST_RID } } }, + { {0,0}, WinSChannelAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_SCHANNEL_RID } } }, + { {0,0}, WinThisOrganizationSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_THIS_ORGANIZATION_RID } } }, + { {0,0}, WinOtherOrganizationSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_OTHER_ORGANIZATION_RID } } }, + { {0,0}, WinBuiltinIncomingForestTrustBuildersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS } } }, + { {0,0}, WinBuiltinPerfMonitoringUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_MONITORING_USERS } } }, + { {0,0}, WinBuiltinPerfLoggingUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_LOGGING_USERS } } }, + { {0,0}, WinBuiltinAuthorizationAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS } } }, + { {0,0}, WinBuiltinTerminalServerLicenseServersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS } } }, + { {0,0}, WinBuiltinDCOMUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_DCOM_USERS } } }, +}; + +typedef struct WELLKNOWNRID +{ + WELL_KNOWN_SID_TYPE Type; + DWORD Rid; +} WELLKNOWNRID; + +static const WELLKNOWNRID WellKnownRids[] = { + { WinAccountAdministratorSid, DOMAIN_USER_RID_ADMIN }, + { WinAccountGuestSid, DOMAIN_USER_RID_GUEST }, + { WinAccountKrbtgtSid, DOMAIN_USER_RID_KRBTGT }, + { WinAccountDomainAdminsSid, DOMAIN_GROUP_RID_ADMINS }, + { WinAccountDomainUsersSid, DOMAIN_GROUP_RID_USERS }, + { WinAccountDomainGuestsSid, DOMAIN_GROUP_RID_GUESTS }, + { WinAccountComputersSid, DOMAIN_GROUP_RID_COMPUTERS }, + { WinAccountControllersSid, DOMAIN_GROUP_RID_CONTROLLERS }, + { WinAccountCertAdminsSid, DOMAIN_GROUP_RID_CERT_ADMINS }, + { WinAccountSchemaAdminsSid, DOMAIN_GROUP_RID_SCHEMA_ADMINS }, + { WinAccountEnterpriseAdminsSid, DOMAIN_GROUP_RID_ENTERPRISE_ADMINS }, + { WinAccountPolicyAdminsSid, DOMAIN_GROUP_RID_POLICY_ADMINS }, + { WinAccountRasAndIasServersSid, DOMAIN_ALIAS_RID_RAS_SERVERS }, }; static const SID sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } }; @@ -1533,27 +1566,16 @@ unsigned int i; TRACE("(%d, %s, %p, %p)\n", WellKnownSidType, debugstr_sid(DomainSid), pSid, cbSid); - if (DomainSid != NULL) - { - FIXME("Only local computer supported!\n"); - SetLastError(ERROR_INVALID_PARAMETER); /* FIXME */ - return FALSE; - } - - if (cbSid == NULL || pSid == NULL) - { + if (cbSid == NULL || pSid == NULL || (DomainSid && !IsValidSid(DomainSid))) { SetLastError(ERROR_INVALID_PARAMETER); return FALSE; } - for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++) - { - if (WellKnownSids[i].Type == WellKnownSidType) - { + for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++) { + if (WellKnownSids[i].Type == WellKnownSidType) { DWORD length = GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount); - if (*cbSid < length) - { + if (*cbSid < length) { SetLastError(ERROR_INSUFFICIENT_BUFFER); return FALSE; } @@ -1563,6 +1585,30 @@ return TRUE; } } + + if (DomainSid == NULL || *GetSidSubAuthorityCount(DomainSid) == SID_MAX_SUB_AUTHORITIES) + { + SetLastError(ERROR_INVALID_PARAMETER); + return FALSE; + } + + for (i = 0; i < sizeof(WellKnownRids)/sizeof(WellKnownRids[0]); i++) + if (WellKnownRids[i].Type == WellKnownSidType) { + UCHAR domain_subauth = *GetSidSubAuthorityCount(DomainSid); + DWORD domain_sid_length = GetSidLengthRequired(domain_subauth); + DWORD output_sid_length = GetSidLengthRequired(domain_subauth + 1); + + if (*cbSid < output_sid_length) { + SetLastError(ERROR_INSUFFICIENT_BUFFER); + return FALSE; + } + + CopyMemory(pSid, DomainSid, domain_sid_length); + (*GetSidSubAuthorityCount(pSid))++; + (*GetSidSubAuthority(pSid, domain_subauth)) = WellKnownRids[i].Rid; + *cbSid = output_sid_length; + return TRUE; + } SetLastError(ERROR_INVALID_PARAMETER); return FALSE;