[ros-diffs] [ekohl] 56680: [ADVAPI32] - Get the logon user SID using the new SAM keys and values. This is still a hack. [SAMLIB] - Remove all hacks. [SYSSETUP] - Remove all administrator account hacks.
ekohl at svn.reactos.org
ekohl at svn.reactos.org
Thu May 31 14:02:19 UTC 2012
Author: ekohl
Date: Thu May 31 14:02:19 2012
New Revision: 56680
URL: http://svn.reactos.org/svn/reactos?rev=56680&view=rev
Log:
[ADVAPI32]
- Get the logon user SID using the new SAM keys and values. This is still a hack.
[SAMLIB]
- Remove all hacks.
[SYSSETUP]
- Remove all administrator account hacks.
Modified:
trunk/reactos/dll/win32/advapi32/misc/logon.c
trunk/reactos/dll/win32/samlib/samlib.c
trunk/reactos/dll/win32/samlib/samlib.spec
trunk/reactos/dll/win32/syssetup/globals.h
trunk/reactos/dll/win32/syssetup/install.c
trunk/reactos/dll/win32/syssetup/security.c
Modified: trunk/reactos/dll/win32/advapi32/misc/logon.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/misc/logon.c?rev=56680&r1=56679&r2=56680&view=diff
==============================================================================
--- trunk/reactos/dll/win32/advapi32/misc/logon.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/advapi32/misc/logon.c [iso-8859-1] Thu May 31 14:02:19 2012
@@ -211,103 +211,7 @@
static BOOL WINAPI
-SamGetUserSid(LPCWSTR UserName,
- PSID *Sid)
-{
- PSID lpSid;
- DWORD dwLength;
- HKEY hUsersKey;
- HKEY hUserKey;
-
- if (Sid != NULL)
- *Sid = NULL;
-
- /* Open the Users key */
- if (RegOpenKeyExW(HKEY_LOCAL_MACHINE,
- L"SAM\\SAM\\Domains\\Account\\Users",
- 0,
- KEY_READ,
- &hUsersKey))
- {
- ERR("Failed to open Users key! (Error %lu)\n", GetLastError());
- return FALSE;
- }
-
- /* Open the user key */
- if (RegOpenKeyExW(hUsersKey,
- UserName,
- 0,
- KEY_READ,
- &hUserKey))
- {
- if (GetLastError() == ERROR_FILE_NOT_FOUND)
- {
- ERR("Invalid user name!\n");
- SetLastError(ERROR_NO_SUCH_USER);
- }
- else
- {
- ERR("Failed to open user key! (Error %lu)\n", GetLastError());
- }
-
- RegCloseKey(hUsersKey);
- return FALSE;
- }
-
- RegCloseKey (hUsersKey);
-
- /* Get SID size */
- dwLength = 0;
- if (RegQueryValueExW(hUserKey,
- L"Sid",
- NULL,
- NULL,
- NULL,
- &dwLength))
- {
- ERR("Failed to read the SID size! (Error %lu)\n", GetLastError());
- RegCloseKey(hUserKey);
- return FALSE;
- }
-
- /* Allocate sid buffer */
- TRACE("Required SID buffer size: %lu\n", dwLength);
- lpSid = (PSID)RtlAllocateHeap(RtlGetProcessHeap(),
- 0,
- dwLength);
- if (lpSid == NULL)
- {
- ERR("Failed to allocate SID buffer!\n");
- RegCloseKey(hUserKey);
- return FALSE;
- }
-
- /* Read sid */
- if (RegQueryValueExW(hUserKey,
- L"Sid",
- NULL,
- NULL,
- (LPBYTE)lpSid,
- &dwLength))
- {
- ERR("Failed to read the SID! (Error %lu)\n", GetLastError());
- RtlFreeHeap(RtlGetProcessHeap(),
- 0,
- lpSid);
- RegCloseKey(hUserKey);
- return FALSE;
- }
-
- RegCloseKey(hUserKey);
-
- *Sid = lpSid;
-
- return TRUE;
-}
-
-
-static BOOL WINAPI
-GetDomainSid(PSID *Sid)
+GetAccountDomainSid(PSID *Sid)
{
PPOLICY_ACCOUNT_DOMAIN_INFO Info = NULL;
LSA_OBJECT_ATTRIBUTES ObjectAttributes;
@@ -323,7 +227,7 @@
Status = LsaOpenPolicy(NULL,
&ObjectAttributes,
- POLICY_TRUST_ADMIN,
+ POLICY_VIEW_LOCAL_INFORMATION,
&PolicyHandle);
if (!NT_SUCCESS(Status))
{
@@ -400,6 +304,153 @@
}
+static BOOL WINAPI
+GetUserSid(LPCWSTR UserName,
+ PSID *Sid)
+{
+#if 0
+ PSID lpSid;
+ DWORD dwLength;
+ HKEY hUsersKey;
+ HKEY hUserKey;
+
+ if (Sid != NULL)
+ *Sid = NULL;
+
+ /* Open the Users key */
+ if (RegOpenKeyExW(HKEY_LOCAL_MACHINE,
+ L"SAM\\SAM\\Domains\\Account\\Users",
+ 0,
+ KEY_READ,
+ &hUsersKey))
+ {
+ ERR("Failed to open Users key! (Error %lu)\n", GetLastError());
+ return FALSE;
+ }
+
+ /* Open the user key */
+ if (RegOpenKeyExW(hUsersKey,
+ UserName,
+ 0,
+ KEY_READ,
+ &hUserKey))
+ {
+ if (GetLastError() == ERROR_FILE_NOT_FOUND)
+ {
+ ERR("Invalid user name!\n");
+ SetLastError(ERROR_NO_SUCH_USER);
+ }
+ else
+ {
+ ERR("Failed to open user key! (Error %lu)\n", GetLastError());
+ }
+
+ RegCloseKey(hUsersKey);
+ return FALSE;
+ }
+
+ RegCloseKey (hUsersKey);
+
+ /* Get SID size */
+ dwLength = 0;
+ if (RegQueryValueExW(hUserKey,
+ L"Sid",
+ NULL,
+ NULL,
+ NULL,
+ &dwLength))
+ {
+ ERR("Failed to read the SID size! (Error %lu)\n", GetLastError());
+ RegCloseKey(hUserKey);
+ return FALSE;
+ }
+
+ /* Allocate sid buffer */
+ TRACE("Required SID buffer size: %lu\n", dwLength);
+ lpSid = (PSID)RtlAllocateHeap(RtlGetProcessHeap(),
+ 0,
+ dwLength);
+ if (lpSid == NULL)
+ {
+ ERR("Failed to allocate SID buffer!\n");
+ RegCloseKey(hUserKey);
+ return FALSE;
+ }
+
+ /* Read sid */
+ if (RegQueryValueExW(hUserKey,
+ L"Sid",
+ NULL,
+ NULL,
+ (LPBYTE)lpSid,
+ &dwLength))
+ {
+ ERR("Failed to read the SID! (Error %lu)\n", GetLastError());
+ RtlFreeHeap(RtlGetProcessHeap(),
+ 0,
+ lpSid);
+ RegCloseKey(hUserKey);
+ return FALSE;
+ }
+
+ RegCloseKey(hUserKey);
+
+ *Sid = lpSid;
+
+ return TRUE;
+#endif
+
+ PSID AccountDomainSid = NULL;
+ ULONG ulUserRid;
+ DWORD dwLength;
+ HKEY hNamesKey = NULL;
+ LONG lError;
+ BOOL bResult = TRUE;
+
+ if (!GetAccountDomainSid(&AccountDomainSid))
+ {
+ return FALSE;
+ }
+
+ /* Open the Users\Names key */
+ if (RegOpenKeyExW(HKEY_LOCAL_MACHINE,
+ L"SAM\\SAM\\Domains\\Account\\Users\\Names",
+ 0,
+ KEY_READ,
+ &hNamesKey))
+ {
+ ERR("Failed to open Users\\Names key! (Error %lu)\n", GetLastError());
+ bResult = FALSE;
+ goto done;
+ }
+
+ /* Read the user RID */
+ dwLength = sizeof(ULONG);
+ if (RegQueryValueExW(hNamesKey,
+ UserName,
+ NULL,
+ NULL,
+ (LPBYTE)&ulUserRid,
+ &dwLength))
+ {
+ ERR("Failed to read the SID! (Error %ld)\n", lError);
+ bResult = FALSE;
+ goto done;
+ }
+
+ *Sid = AppendRidToSid(AccountDomainSid, ulUserRid);
+
+done:
+ if (hNamesKey != NULL)
+ RegCloseKey(hNamesKey);
+
+ if (AccountDomainSid != NULL)
+ RtlFreeHeap(RtlGetProcessHeap(), 0, AccountDomainSid);
+
+ return bResult;
+}
+
+
static PTOKEN_GROUPS
AllocateGroupSids(OUT PSID *PrimaryGroupSid,
OUT PSID *OwnerSid)
@@ -419,7 +470,7 @@
if (!NT_SUCCESS(Status))
return NULL;
- if (!GetDomainSid(&DomainSid))
+ if (!GetAccountDomainSid(&DomainSid))
return NULL;
TokenGroups = RtlAllocateHeap(
@@ -669,7 +720,7 @@
ExpirationTime.QuadPart = -1;
/* Get the user SID from the registry */
- if (!SamGetUserSid (lpszUsername, &UserSid))
+ if (!GetUserSid (lpszUsername, &UserSid))
{
ERR("SamGetUserSid() failed\n");
return FALSE;
Modified: trunk/reactos/dll/win32/samlib/samlib.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samlib/samlib.c?rev=56680&r1=56679&r2=56680&view=diff
==============================================================================
--- trunk/reactos/dll/win32/samlib/samlib.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/samlib/samlib.c [iso-8859-1] Thu May 31 14:02:19 2012
@@ -36,286 +36,6 @@
/* FUNCTIONS *****************************************************************/
-/*
- * ERROR_USER_EXISTS
- */
-BOOL WINAPI
-SamCreateUser (PWSTR UserName,
- PWSTR UserPassword,
- PSID UserSid)
-{
- DWORD dwDisposition;
- HKEY hUsersKey;
- HKEY hUserKey;
-
- TRACE("SamCreateUser() called\n");
-
- /* FIXME: Check whether the SID is a real user sid */
-
- /* Open the Users key */
- if (RegOpenKeyExW (HKEY_LOCAL_MACHINE,
- L"SAM\\SAM\\Domains\\Account\\Users",
- 0,
- KEY_ALL_ACCESS,
- &hUsersKey))
- {
- ERR("Failed to open Account key! (Error %lu)\n", GetLastError());
- return FALSE;
- }
-
- /* Create user name key */
- if (RegCreateKeyExW (hUsersKey,
- UserName,
- 0,
- NULL,
- REG_OPTION_NON_VOLATILE,
- KEY_ALL_ACCESS,
- NULL,
- &hUserKey,
- &dwDisposition))
- {
- ERR("Failed to create/open the user key! (Error %lu)\n", GetLastError());
- RegCloseKey (hUsersKey);
- return FALSE;
- }
-
- RegCloseKey (hUsersKey);
-
- if (dwDisposition == REG_OPENED_EXISTING_KEY)
- {
- ERR("User already exists!\n");
- RegCloseKey (hUserKey);
- SetLastError (ERROR_USER_EXISTS);
- return FALSE;
- }
-
-
- /* Set 'Name' value */
- if (RegSetValueExW (hUserKey,
- L"Name",
- 0,
- REG_SZ,
- (LPBYTE)UserName,
- (wcslen (UserName) + 1) * sizeof (WCHAR)))
- {
- ERR("Failed to set the user name value! (Error %lu)\n", GetLastError());
- RegCloseKey (hUserKey);
- return FALSE;
- }
-
- /* Set 'Password' value */
- if (RegSetValueExW (hUserKey,
- L"Password",
- 0,
- REG_SZ,
- (LPBYTE)UserPassword,
- (wcslen (UserPassword) + 1) * sizeof (WCHAR)))
- {
- ERR("Failed to set the user name value! (Error %lu)\n", GetLastError());
- RegCloseKey (hUserKey);
- return FALSE;
- }
-
- /* Set 'Sid' value */
- if (RegSetValueExW (hUserKey,
- L"Sid",
- 0,
- REG_BINARY,
- (LPBYTE)UserSid,
- RtlLengthSid (UserSid)))
- {
- ERR("Failed to set the user SID value! (Error %lu)\n", GetLastError());
- RegCloseKey (hUserKey);
- return FALSE;
- }
-
- RegCloseKey (hUserKey);
-
- TRACE("SamCreateUser() done\n");
-
- return TRUE;
-}
-
-
-/*
- * ERROR_WRONG_PASSWORD
- * ERROR_NO_SUCH_USER
- */
-BOOL WINAPI
-SamCheckUserPassword (PWSTR UserName,
- PWSTR UserPassword)
-{
- WCHAR szPassword[256];
- DWORD dwLength;
- HKEY hUsersKey;
- HKEY hUserKey;
-
- TRACE("SamCheckUserPassword() called\n");
-
- /* Open the Users key */
- if (RegOpenKeyExW (HKEY_LOCAL_MACHINE,
- L"SAM\\SAM\\Domains\\Account\\Users",
- 0,
- KEY_READ,
- &hUsersKey))
- {
- ERR("Failed to open Users key! (Error %lu)\n", GetLastError());
- return FALSE;
- }
-
- /* Open the user key */
- if (RegOpenKeyExW (hUsersKey,
- UserName,
- 0,
- KEY_READ,
- &hUserKey))
- {
- if (GetLastError () == ERROR_FILE_NOT_FOUND)
- {
- ERR("Invalid user name!\n");
- SetLastError (ERROR_NO_SUCH_USER);
- }
- else
- {
- ERR("Failed to open user key! (Error %lu)\n", GetLastError());
- }
-
- RegCloseKey (hUsersKey);
- return FALSE;
- }
-
- RegCloseKey (hUsersKey);
-
- /* Get the password */
- dwLength = 256 * sizeof(WCHAR);
- if (RegQueryValueExW (hUserKey,
- L"Password",
- NULL,
- NULL,
- (LPBYTE)szPassword,
- &dwLength))
- {
- ERR("Failed to read the password! (Error %lu)\n", GetLastError());
- RegCloseKey (hUserKey);
- return FALSE;
- }
-
- RegCloseKey (hUserKey);
-
- /* Compare passwords */
- if ((wcslen (szPassword) != wcslen (UserPassword)) ||
- (wcscmp (szPassword, UserPassword) != 0))
- {
- ERR("Wrong password!\n");
- SetLastError (ERROR_WRONG_PASSWORD);
- return FALSE;
- }
-
- TRACE("SamCheckUserPassword() done\n");
-
- return TRUE;
-}
-
-
-BOOL WINAPI
-SamGetUserSid (PWSTR UserName,
- PSID *Sid)
-{
- PSID lpSid;
- DWORD dwLength;
- HKEY hUsersKey;
- HKEY hUserKey;
-
- TRACE("SamGetUserSid() called\n");
-
- if (Sid != NULL)
- *Sid = NULL;
-
- /* Open the Users key */
- if (RegOpenKeyExW (HKEY_LOCAL_MACHINE,
- L"SAM\\SAM\\Domains\\Account\\Users",
- 0,
- KEY_READ,
- &hUsersKey))
- {
- ERR("Failed to open Users key! (Error %lu)\n", GetLastError());
- return FALSE;
- }
-
- /* Open the user key */
- if (RegOpenKeyExW (hUsersKey,
- UserName,
- 0,
- KEY_READ,
- &hUserKey))
- {
- if (GetLastError () == ERROR_FILE_NOT_FOUND)
- {
- ERR("Invalid user name!\n");
- SetLastError (ERROR_NO_SUCH_USER);
- }
- else
- {
- ERR("Failed to open user key! (Error %lu)\n", GetLastError());
- }
-
- RegCloseKey (hUsersKey);
- return FALSE;
- }
-
- RegCloseKey (hUsersKey);
-
- /* Get SID size */
- dwLength = 0;
- if (RegQueryValueExW (hUserKey,
- L"Sid",
- NULL,
- NULL,
- NULL,
- &dwLength))
- {
- ERR("Failed to read the SID size! (Error %lu)\n", GetLastError());
- RegCloseKey (hUserKey);
- return FALSE;
- }
-
- /* Allocate sid buffer */
- TRACE("Required SID buffer size: %lu\n", dwLength);
- lpSid = (PSID)RtlAllocateHeap (RtlGetProcessHeap (),
- 0,
- dwLength);
- if (lpSid == NULL)
- {
- ERR("Failed to allocate SID buffer!\n");
- RegCloseKey (hUserKey);
- return FALSE;
- }
-
- /* Read sid */
- if (RegQueryValueExW (hUserKey,
- L"Sid",
- NULL,
- NULL,
- (LPBYTE)lpSid,
- &dwLength))
- {
- ERR("Failed to read the SID! (Error %lu)\n", GetLastError());
- RtlFreeHeap (RtlGetProcessHeap (),
- 0,
- lpSid);
- RegCloseKey (hUserKey);
- return FALSE;
- }
-
- RegCloseKey (hUserKey);
-
- *Sid = lpSid;
-
- TRACE("SamGetUserSid() done\n");
-
- return TRUE;
-}
-
void __RPC_FAR * __RPC_USER midl_user_allocate(SIZE_T len)
{
return HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
Modified: trunk/reactos/dll/win32/samlib/samlib.spec
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samlib/samlib.spec?rev=56680&r1=56679&r2=56680&view=diff
==============================================================================
--- trunk/reactos/dll/win32/samlib/samlib.spec [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/samlib/samlib.spec [iso-8859-1] Thu May 31 14:02:19 2012
@@ -63,7 +63,3 @@
@ stub SamiSetBootKeyInformation
@ stub SamiSetDSRMPassword
@ stub SamiSetDSRMPasswordOWF
-
-@ stdcall SamCreateUser(wstr wstr ptr)
-@ stdcall SamCheckUserPassword(wstr wstr)
-@ stdcall SamGetUserSid(wstr ptr)
Modified: trunk/reactos/dll/win32/syssetup/globals.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/syssetup/globals.h?rev=56680&r1=56679&r2=56680&view=diff
==============================================================================
--- trunk/reactos/dll/win32/syssetup/globals.h [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/syssetup/globals.h [iso-8859-1] Thu May 31 14:02:19 2012
@@ -64,7 +64,6 @@
/* security.c */
NTSTATUS SetAccountDomain(LPCWSTR DomainName,
PSID DomainSid);
-NTSTATUS GetAccountDomainInfo(PPOLICY_ACCOUNT_DOMAIN_INFO *AccountDomainInfo);
VOID InstallSecurity(VOID);
/* wizard.c */
Modified: trunk/reactos/dll/win32/syssetup/install.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/syssetup/install.c?rev=56680&r1=56679&r2=56680&view=diff
==============================================================================
--- trunk/reactos/dll/win32/syssetup/install.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/syssetup/install.c [iso-8859-1] Thu May 31 14:02:19 2012
@@ -224,40 +224,6 @@
return CreateDirectory(szPath, NULL) || GetLastError()==ERROR_ALREADY_EXISTS;
}
-static VOID
-AppendRidToSid(
- OUT PSID *Dst,
- IN PSID Src,
- IN ULONG NewRid)
-{
- ULONG Rid[8] = {0, 0, 0, 0, 0, 0, 0, 0};
- UCHAR RidCount;
- ULONG i;
-
- RidCount = *RtlSubAuthorityCountSid (Src);
-
- for (i = 0; i < RidCount; i++)
- Rid[i] = *RtlSubAuthoritySid (Src, i);
-
- if (RidCount < 8)
- {
- Rid[RidCount] = NewRid;
- RidCount++;
- }
-
- RtlAllocateAndInitializeSid(
- RtlIdentifierAuthoritySid(Src),
- RidCount,
- Rid[0],
- Rid[1],
- Rid[2],
- Rid[3],
- Rid[4],
- Rid[5],
- Rid[6],
- Rid[7],
- Dst);
-}
static VOID
CreateTempDir(
@@ -848,10 +814,7 @@
DWORD WINAPI
InstallReactOS(HINSTANCE hInstance)
{
- PPOLICY_ACCOUNT_DOMAIN_INFO AccountDomainInfo = NULL;
- PSID AdminSid = NULL;
TCHAR szBuffer[MAX_PATH];
- DWORD LastError;
HANDLE token;
TOKEN_PRIVILEGES privs;
HKEY hKey;
@@ -864,18 +827,6 @@
FatalError("InitializeProfiles() failed");
return 0;
}
-
- /* Get account domain information */
- if (GetAccountDomainInfo(&AccountDomainInfo) != STATUS_SUCCESS)
- {
- FatalError("GetAccountDomainInfo() failed!");
- return 0;
- }
-
- /* Append the Admin-RID */
- AppendRidToSid(&AdminSid, AccountDomainInfo->DomainSid, DOMAIN_USER_RID_ADMIN);
-
- LsaFreeMemory(AccountDomainInfo);
CreateTempDir(L"TEMP");
CreateTempDir(L"TMP");
@@ -916,25 +867,6 @@
InstallWizard();
InstallSecurity();
-
- /* Create the Administrator account */
- if (!SamCreateUser(L"Administrator", L"", AdminSid))
- {
- /* Check what the error was.
- * If the Admin Account already exists, then it means Setup
- * wasn't allowed to finish properly. Instead of rebooting
- * and not completing it, let it restart instead
- */
- LastError = GetLastError();
- if (LastError != ERROR_USER_EXISTS)
- {
- FatalError("SamCreateUser() failed!");
- RtlFreeSid(AdminSid);
- return 0;
- }
- }
-
- RtlFreeSid(AdminSid);
if (!CreateShortcuts())
{
Modified: trunk/reactos/dll/win32/syssetup/security.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/syssetup/security.c?rev=56680&r1=56679&r2=56680&view=diff
==============================================================================
--- trunk/reactos/dll/win32/syssetup/security.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/syssetup/security.c [iso-8859-1] Thu May 31 14:02:19 2012
@@ -82,38 +82,6 @@
if (OrigInfo != NULL)
LsaFreeMemory(OrigInfo);
-
- LsaClose(PolicyHandle);
-
- return Status;
-}
-
-
-NTSTATUS
-GetAccountDomainInfo(PPOLICY_ACCOUNT_DOMAIN_INFO *AccountDomainInfo)
-{
- LSA_OBJECT_ATTRIBUTES ObjectAttributes;
- LSA_HANDLE PolicyHandle;
- NTSTATUS Status;
-
- DPRINT1("SYSSETUP: GetAccountDomain\n");
-
- memset(&ObjectAttributes, 0, sizeof(LSA_OBJECT_ATTRIBUTES));
- ObjectAttributes.Length = sizeof(LSA_OBJECT_ATTRIBUTES);
-
- Status = LsaOpenPolicy(NULL,
- &ObjectAttributes,
- POLICY_TRUST_ADMIN,
- &PolicyHandle);
- if (Status != STATUS_SUCCESS)
- {
- DPRINT("LsaOpenPolicy failed (Status: 0x%08lx)\n", Status);
- return Status;
- }
-
- Status = LsaQueryInformationPolicy(PolicyHandle,
- PolicyAccountDomainInformation,
- (PVOID *)AccountDomainInfo);
LsaClose(PolicyHandle);
More information about the Ros-diffs
mailing list