[hpoussin] 23503: Implement CreateWellKnownSid and IsWellKnownSid, by ripping the Wine implementation (created by Robert Reif)
6 Aug
2006
6 Aug
'06
6:22 p.m.
Author: hpoussin
Date: Sun Aug 6 22:22:36 2006
New Revision: 23503
URL: http://svn.reactos.org/svn/reactos?rev=23503&view=rev
Log:
Implement CreateWellKnownSid and IsWellKnownSid, by ripping the Wine implementation
(created by Robert Reif)
Modified:
trunk/reactos/dll/win32/advapi32/misc/logon.c
trunk/reactos/dll/win32/advapi32/sec/sid.c
trunk/reactos/include/psdk/winnt.h
Modified: trunk/reactos/dll/win32/advapi32/misc/logon.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/misc/lo…
==============================================================================
--- trunk/reactos/dll/win32/advapi32/misc/logon.c (original)
+++ trunk/reactos/dll/win32/advapi32/misc/logon.c Sun Aug 6 22:22:36 2006
@@ -666,7 +666,7 @@
DPRINT ("SamGetUserSid() failed\n");
RtlAllocateAndInitializeSid (&SystemAuthority,
5,
- SECURITY_NT_NON_UNIQUE_RID,
+ SECURITY_NT_NON_UNIQUE,
0x12345678,
0x12345678,
0x12345678,
Modified: trunk/reactos/dll/win32/advapi32/sec/sid.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/sec/sid…
==============================================================================
--- trunk/reactos/dll/win32/advapi32/sec/sid.c (original)
+++ trunk/reactos/dll/win32/advapi32/sec/sid.c Sun Aug 6 22:22:36 2006
@@ -31,6 +31,63 @@
DWORD value;
} ACEFLAG, *LPACEFLAG;
+typedef struct _MAX_SID
+{
+ /* same fields as struct _SID */
+ BYTE Revision;
+ BYTE SubAuthorityCount;
+ SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
+ DWORD SubAuthority[SID_MAX_SUB_AUTHORITIES];
+} MAX_SID;
+
+typedef struct WELLKNOWNSID
+{
+ WCHAR wstr[2];
+ WELL_KNOWN_SID_TYPE Type;
+ MAX_SID Sid;
+} WELLKNOWNSID;
+
+static const WELLKNOWNSID WellKnownSids[] =
+{
+ { {0,0}, WinNullSid, { SID_REVISION, 1, { SECURITY_NULL_SID_AUTHORITY }, {
SECURITY_NULL_RID } } },
+ { {'W','D'}, WinWorldSid, { SID_REVISION, 1, {
SECURITY_WORLD_SID_AUTHORITY }, { SECURITY_WORLD_RID } } },
+ { {0,0}, WinLocalSid, { SID_REVISION, 1, { SECURITY_LOCAL_SID_AUTHORITY }, {
SECURITY_LOCAL_RID } } },
+ { {'C','O'}, WinCreatorOwnerSid, { SID_REVISION, 1, {
SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_RID } } },
+ { {'C','G'}, WinCreatorGroupSid, { SID_REVISION, 1, {
SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_RID } } },
+ { {0,0}, WinCreatorOwnerServerSid, { SID_REVISION, 1, {
SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_SERVER_RID } } },
+ { {0,0}, WinCreatorGroupServerSid, { SID_REVISION, 1, {
SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_SERVER_RID } } },
+ { {0,0}, WinNtAuthoritySid, { SID_REVISION, 0, { SECURITY_NT_AUTHORITY }, { } } },
+ { {0,0}, WinDialupSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, {
SECURITY_DIALUP_RID } } },
+ { {'N','U'}, WinNetworkSid, { SID_REVISION, 1, {
SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_RID } } },
+ { {0,0}, WinBatchSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, {
SECURITY_BATCH_RID } } },
+ { {'I','U'}, WinInteractiveSid, { SID_REVISION, 1, {
SECURITY_NT_AUTHORITY }, { SECURITY_INTERACTIVE_RID } } },
+ { {'S','U'}, WinServiceSid, { SID_REVISION, 1, {
SECURITY_NT_AUTHORITY }, { SECURITY_SERVICE_RID } } },
+ { {'A','N'}, WinAnonymousSid, { SID_REVISION, 1, {
SECURITY_NT_AUTHORITY }, { SECURITY_ANONYMOUS_LOGON_RID } } },
+ { {0,0}, WinProxySid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, {
SECURITY_PROXY_RID } } },
+ { {'E','D'}, WinEnterpriseControllersSid, { SID_REVISION, 1, {
SECURITY_NT_AUTHORITY }, { SECURITY_ENTERPRISE_CONTROLLERS_RID } } },
+ { {'P','S'}, WinSelfSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY
}, { SECURITY_PRINCIPAL_SELF_RID } } },
+ { {'A','U'}, WinAuthenticatedUserSid, { SID_REVISION, 1, {
SECURITY_NT_AUTHORITY }, { SECURITY_AUTHENTICATED_USER_RID } } },
+ { {'R','C'}, WinRestrictedCodeSid, { SID_REVISION, 1, {
SECURITY_NT_AUTHORITY }, { SECURITY_RESTRICTED_CODE_RID } } },
+ { {0,0}, WinTerminalServerSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, {
SECURITY_TERMINAL_SERVER_RID } } },
+ { {0,0}, WinRemoteLogonIdSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, {
SECURITY_REMOTE_LOGON_RID } } },
+ { {'S','Y'}, WinLocalSystemSid, { SID_REVISION, 1, {
SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SYSTEM_RID } } },
+ { {'L','S'}, WinLocalServiceSid, { SID_REVISION, 1, {
SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SERVICE_RID } } },
+ { {'N','S'}, WinNetworkServiceSid, { SID_REVISION, 1, {
SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_SERVICE_RID } } },
+ { {0,0}, WinBuiltinDomainSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, {
SECURITY_BUILTIN_DOMAIN_RID } } },
+ { {'B','A'}, WinBuiltinAdministratorsSid, { SID_REVISION, 2, {
SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS } } },
+ { {'B','U'}, WinBuiltinUsersSid, { SID_REVISION, 2, {
SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_USERS } } },
+ { {'B','G'}, WinBuiltinGuestsSid, { SID_REVISION, 2, {
SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_GUESTS } } },
+ { {'P','U'}, WinBuiltinPowerUsersSid, { SID_REVISION, 2, {
SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_POWER_USERS } }
},
+ { {'A','O'}, WinBuiltinAccountOperatorsSid, { SID_REVISION, 2, {
SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ACCOUNT_OPS } }
},
+ { {'S','O'}, WinBuiltinSystemOperatorsSid, { SID_REVISION, 2, {
SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_SYSTEM_OPS } }
},
+ { {'P','O'}, WinBuiltinPrintOperatorsSid, { SID_REVISION, 2, {
SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PRINT_OPS } } },
+ { {'B','O'}, WinBuiltinBackupOperatorsSid, { SID_REVISION, 2, {
SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_BACKUP_OPS } }
},
+ { {'R','E'}, WinBuiltinReplicatorSid, { SID_REVISION, 2, {
SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REPLICATOR } }
},
+ { {'R','U'}, WinBuiltinPreWindows2000CompatibleAccessSid, {
SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_PREW2KCOMPACCESS } } },
+ { {'R','D'}, WinBuiltinRemoteDesktopUsersSid, { SID_REVISION, 2, {
SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS } } },
+ { {'N','O'}, WinBuiltinNetworkConfigurationOperatorsSid, {
SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS } } },
+};
+
static const SID sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , {
SECURITY_WORLD_RID } };
/*
@@ -67,6 +124,57 @@
static const WCHAR SDDL_INHERITED[] = {'I','D',0};
static const WCHAR SDDL_AUDIT_SUCCESS[] = {'S','A',0};
static const WCHAR SDDL_AUDIT_FAILURE[] = {'F','A',0};
+
+static const char * debugstr_sid(PSID sid)
+{
+ int auth = 0;
+ SID * psid = (SID *)sid;
+
+ if (psid == NULL)
+ return "(null)";
+
+ auth = psid->IdentifierAuthority.Value[5] +
+ (psid->IdentifierAuthority.Value[4] << 8) +
+ (psid->IdentifierAuthority.Value[3] << 16) +
+ (psid->IdentifierAuthority.Value[2] << 24);
+
+ switch (psid->SubAuthorityCount) {
+ case 0:
+ return wine_dbg_sprintf("S-%d-%d", psid->Revision, auth);
+ case 1:
+ return wine_dbg_sprintf("S-%d-%d-%lu", psid->Revision, auth,
+ psid->SubAuthority[0]);
+ case 2:
+ return wine_dbg_sprintf("S-%d-%d-%lu-%lu", psid->Revision, auth,
+ psid->SubAuthority[0], psid->SubAuthority[1]);
+ case 3:
+ return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu", psid->Revision,
auth,
+ psid->SubAuthority[0], psid->SubAuthority[1],
psid->SubAuthority[2]);
+ case 4:
+ return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu", psid->Revision,
auth,
+ psid->SubAuthority[0], psid->SubAuthority[1],
psid->SubAuthority[2],
+ psid->SubAuthority[3]);
+ case 5:
+ return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu",
psid->Revision, auth,
+ psid->SubAuthority[0], psid->SubAuthority[1],
psid->SubAuthority[2],
+ psid->SubAuthority[3], psid->SubAuthority[4]);
+ case 6:
+ return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu",
psid->Revision, auth,
+ psid->SubAuthority[3], psid->SubAuthority[1],
psid->SubAuthority[2],
+ psid->SubAuthority[0], psid->SubAuthority[4],
psid->SubAuthority[5]);
+ case 7:
+ return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu",
psid->Revision, auth,
+ psid->SubAuthority[0], psid->SubAuthority[1],
psid->SubAuthority[2],
+ psid->SubAuthority[3], psid->SubAuthority[4],
psid->SubAuthority[5],
+ psid->SubAuthority[6]);
+ case 8:
+ return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu-%lu",
psid->Revision, auth,
+ psid->SubAuthority[0], psid->SubAuthority[1],
psid->SubAuthority[2],
+ psid->SubAuthority[3], psid->SubAuthority[4],
psid->SubAuthority[5],
+ psid->SubAuthority[6], psid->SubAuthority[7]);
+ }
+ return "(too-big)";
+}
/* set last error code from NT status and get the proper boolean return value */
/* used for functions that are a simple wrapper around the corresponding ntdll API */
@@ -1020,7 +1128,36 @@
OUT PSID pSid,
IN OUT DWORD* cbSid)
{
- FIXME("unimplemented!\n", __FUNCTION__);
+ int i;
+ TRACE("(%d, %s, %p, %p)\n", WellKnownSidType, debugstr_sid(DomainSid),
pSid, cbSid);
+
+ if (DomainSid != NULL) {
+ FIXME("Only local computer supported!\n");
+ SetLastError(ERROR_INVALID_PARAMETER); /* FIXME */
+ return FALSE;
+ }
+
+ if (cbSid == NULL || pSid == NULL) {
+ SetLastError(ERROR_INVALID_PARAMETER);
+ return FALSE;
+ }
+
+ for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++) {
+ if (WellKnownSids[i].Type == WellKnownSidType) {
+ DWORD length = GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount);
+
+ if (*cbSid < length) {
+ SetLastError(ERROR_INSUFFICIENT_BUFFER);
+ return FALSE;
+ }
+
+ CopyMemory(pSid, &WellKnownSids[i].Sid.Revision, length);
+ *cbSid = length;
+ return TRUE;
+ }
+ }
+
+ SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
@@ -1032,7 +1169,14 @@
IsWellKnownSid(IN PSID pSid,
IN WELL_KNOWN_SID_TYPE WellKnownSidType)
{
- FIXME("unimplemented!\n", __FUNCTION__);
+ int i;
+ TRACE("(%s, %d)\n", debugstr_sid(pSid), WellKnownSidType);
+
+ for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++)
+ if (WellKnownSids[i].Type == WellKnownSidType)
+ if (EqualSid(pSid, (PSID)&(WellKnownSids[i].Sid.Revision)))
+ return TRUE;
+
return FALSE;
}
Modified: trunk/reactos/include/psdk/winnt.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/include/psdk/winnt.h?rev=2…
==============================================================================
--- trunk/reactos/include/psdk/winnt.h (original)
+++ trunk/reactos/include/psdk/winnt.h Sun Aug 6 22:22:36 2006
@@ -529,19 +529,39 @@
#define SECURITY_LOGON_IDS_RID_COUNT 0x3
#define SID_REVISION 1
-#define DOMAIN_USER_RID_ADMIN 0x1F4L
-#define DOMAIN_USER_RID_GUEST 0x1F5L
-#define DOMAIN_GROUP_RID_ADMINS 0x200L
-#define DOMAIN_GROUP_RID_USERS 0x201L
-#define DOMAIN_ALIAS_RID_ADMINS 0x220L
-#define DOMAIN_ALIAS_RID_USERS 0x221L
-#define DOMAIN_ALIAS_RID_GUESTS 0x222L
-#define DOMAIN_ALIAS_RID_POWER_USERS 0x223L
-#define DOMAIN_ALIAS_RID_ACCOUNT_OPS 0x224L
-#define DOMAIN_ALIAS_RID_SYSTEM_OPS 0x225L
-#define DOMAIN_ALIAS_RID_PRINT_OPS 0x226L
-#define DOMAIN_ALIAS_RID_BACKUP_OPS 0x227L
-#define DOMAIN_ALIAS_RID_REPLICATOR 0x228L
+
+#define FOREST_USER_RID_MAX 0x000001F3L
+#define DOMAIN_USER_RID_ADMIN 0x000001F4L
+#define DOMAIN_USER_RID_GUEST 0x000001F5L
+#define DOMAIN_USER_RID_KRBTGT 0x000001F6L
+#define DOMAIN_USER_RID_MAX 0x000003E7L
+
+#define DOMAIN_GROUP_RID_ADMINS 0x00000200L
+#define DOMAIN_GROUP_RID_USERS 0x00000201L
+#define DOMAIN_GROUP_RID_GUESTS 0x00000202L
+
+#define DOMAIN_ALIAS_RID_ADMINS 0x00000220L
+#define DOMAIN_ALIAS_RID_USERS 0x00000221L
+#define DOMAIN_ALIAS_RID_GUESTS 0x00000222L
+#define DOMAIN_ALIAS_RID_POWER_USERS 0x00000223L
+
+#define DOMAIN_ALIAS_RID_ACCOUNT_OPS 0x00000224L
+#define DOMAIN_ALIAS_RID_SYSTEM_OPS 0x00000225L
+#define DOMAIN_ALIAS_RID_PRINT_OPS 0x00000226L
+#define DOMAIN_ALIAS_RID_BACKUP_OPS 0x00000227L
+
+#define DOMAIN_ALIAS_RID_REPLICATOR 0x00000228L
+#define DOMAIN_ALIAS_RID_RAS_SERVERS 0x00000229L
+#define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS 0x0000022AL
+#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS 0x0000022BL
+#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS 0x0000022CL
+#define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS 0x0000022DL
+
+#define DOMAIN_ALIAS_RID_MONITORING_USERS 0x0000022EL
+#define DOMAIN_ALIAS_RID_LOGGING_USERS 0x0000022FL
+#define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS 0x00000230L
+#define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS 0x00000231L
+#define DOMAIN_ALIAS_RID_DCOM_USERS 0x00000232L
typedef enum
{
6718
days inactive
6718
days old
0 comments
1 participants
participants (1)
-
hpoussin@svn.reactos.org