marko10_000
/
wine-wine
forked from Mirrors/wine-wine
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

kernelbase: Implement EqualDomainSid. 

Signed-off-by: Dmitry Timoshkov <dmitry@baikal.ru>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
stable
Dmitry Timoshkov 2019-11-08 14:12:52 +08:00 committed by Alexandre Julliard
parent 27bf34bb51
commit fde235da03
9 changed files with 141 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dlls/advapi32/advapi32.spec
View File

@ -281,7 +281,7 @@
@ stdcall EnumServicesStatusW (long long long ptr long ptr ptr ptr)
@ stdcall EnumerateTraceGuids(ptr long ptr)
# @ stub EnumerateTraceGuidsEx
# @ stub EqualDomainSid
@ stdcall -import EqualDomainSid(ptr ptr ptr)
@ stdcall -import EqualPrefixSid(ptr ptr)
@ stdcall -import EqualSid(ptr ptr)
# @ stub EventAccessControl

78
dlls/advapi32/tests/security.c
View File

@ -130,6 +130,7 @@ static NTSTATUS (WINAPI *pNtCreateFile)(PHANDLE,ACCESS_MASK,POBJECT_ATTRIBUTES,P
static BOOL (WINAPI *pRtlDosPathNameToNtPathName_U)(LPCWSTR,PUNICODE_STRING,PWSTR*,CURDIR*);
static NTSTATUS (WINAPI *pRtlAnsiStringToUnicodeString)(PUNICODE_STRING,PCANSI_STRING,BOOLEAN);
static BOOL (WINAPI *pGetWindowsAccountDomainSid)(PSID,PSID,DWORD*);
static BOOL (WINAPI *pEqualDomainSid)(PSID,PSID,BOOL*);
static void (WINAPI *pRtlInitAnsiString)(PANSI_STRING,PCSZ);
static NTSTATUS (WINAPI *pRtlFreeUnicodeString)(PUNICODE_STRING);
static PSID_IDENTIFIER_AUTHORITY (WINAPI *pGetSidIdentifierAuthority)(PSID);
@ -218,6 +219,7 @@ static void init(void)
pGetAclInformation = (void *)GetProcAddress(hmod, "GetAclInformation");
pGetAce = (void *)GetProcAddress(hmod, "GetAce");
pGetWindowsAccountDomainSid = (void *)GetProcAddress(hmod, "GetWindowsAccountDomainSid");
pEqualDomainSid = (void *)GetProcAddress(hmod, "EqualDomainSid");
pGetSidIdentifierAuthority = (void *)GetProcAddress(hmod, "GetSidIdentifierAuthority");
pDuplicateTokenEx = (void *)GetProcAddress(hmod, "DuplicateTokenEx");
pGetExplicitEntriesFromAclW = (void *)GetProcAddress(hmod, "GetExplicitEntriesFromAclW");
@ -7570,6 +7572,81 @@ static void test_BuildSecurityDescriptorW(void)
LocalFree(new_sd);
}
static void test_EqualDomainSid(void)
{
SID_IDENTIFIER_AUTHORITY ident = { SECURITY_NT_AUTHORITY };
char sid_buffer[SECURITY_MAX_SID_SIZE], sid_buffer2[SECURITY_MAX_SID_SIZE];
PSID domainsid, sid = sid_buffer, sid2 = sid_buffer2;
DWORD size;
BOOL ret, equal;
unsigned int i;
if (!pEqualDomainSid)
{
win_skip("EqualDomainSid not available\n");
return;
}
if (!pCreateWellKnownSid)
{
win_skip("CreateWellKnownSid not available\n");
return;
}
ret = AllocateAndInitializeSid(&ident, 6, SECURITY_NT_NON_UNIQUE, 12, 23, 34, 45, 56, 0, 0, &domainsid);
ok(ret, "AllocateAndInitializeSid error %u\n", GetLastError());
SetLastError(0xdeadbeef);
ret = pEqualDomainSid(NULL, NULL, NULL);
ok(!ret, "got %d\n", ret);
ok(GetLastError() == ERROR_INVALID_SID, "got %u\n", GetLastError());
SetLastError(0xdeadbeef);
ret = pEqualDomainSid(domainsid, domainsid, NULL);
ok(!ret, "got %d\n", ret);
ok(GetLastError() == ERROR_INVALID_PARAMETER, "got %u\n", GetLastError());
for (i = 0; i < ARRAY_SIZE(well_known_sid_values); i++)
{
SID *pisid = sid;
size = sizeof(sid_buffer);
if (!pCreateWellKnownSid(i, NULL, sid, &size))
{
trace("Well known SID %u not supported\n", i);
continue;
}
equal = 0xdeadbeef;
SetLastError(0xdeadbeef);
ret = pEqualDomainSid(sid, domainsid, &equal);
if (pisid->SubAuthority[0] != SECURITY_BUILTIN_DOMAIN_RID)
{
ok(!ret, "%u: got %d\n", i, ret);
ok(GetLastError() == ERROR_NON_DOMAIN_SID, "%u: got %u\n", i, GetLastError());
ok(equal == 0xdeadbeef, "%u: got %d\n", i, equal);
continue;
}
ok(ret, "%u: got %d\n", i, ret);
ok(GetLastError() == 0, "%u: got %u\n", i, GetLastError());
ok(equal == 0, "%u: got %d\n", i, equal);
size = sizeof(sid_buffer2);
ret = pCreateWellKnownSid(i, well_known_sid_values[i].without_domain ? NULL : domainsid, sid2, &size);
ok(ret, "%u: CreateWellKnownSid error %u\n", i, GetLastError());
equal = 0xdeadbeef;
SetLastError(0xdeadbeef);
ret = pEqualDomainSid(sid, sid2, &equal);
ok(ret, "%u: got %d\n", i, ret);
ok(GetLastError() == 0, "%u: got %u\n", i, GetLastError());
ok(equal == 1, "%u: got %d\n", i, equal);
}
FreeSid(domainsid);
}
START_TEST(security)
{
init();
@ -7606,6 +7683,7 @@ START_TEST(security)
test_PrivateObjectSecurity();
test_acls();
test_GetWindowsAccountDomainSid();
test_EqualDomainSid();
test_GetSecurityInfo();
test_GetSidSubAuthority();
test_CheckTokenMembership();

2
dlls/api-ms-win-downlevel-advapi32-l1-1-0/api-ms-win-downlevel-advapi32-l1-1-0.spec
View File

@ -35,7 +35,7 @@
@ stdcall DestroyPrivateObjectSecurity(ptr) advapi32.DestroyPrivateObjectSecurity
@ stdcall DuplicateToken(long long ptr) advapi32.DuplicateToken
@ stdcall DuplicateTokenEx(long long ptr long long ptr) advapi32.DuplicateTokenEx
@ stub EqualDomainSid
@ stdcall EqualDomainSid(ptr ptr ptr) advapi32.EqualDomainSid
@ stdcall EqualPrefixSid(ptr ptr) advapi32.EqualPrefixSid
@ stdcall EqualSid(ptr ptr) advapi32.EqualSid
@ stdcall EventActivityIdControl(long ptr) advapi32.EventActivityIdControl

2
dlls/api-ms-win-security-base-l1-1-0/api-ms-win-security-base-l1-1-0.spec
View File

@ -34,7 +34,7 @@
@ stdcall DestroyPrivateObjectSecurity(ptr) advapi32.DestroyPrivateObjectSecurity
@ stdcall DuplicateToken(long long ptr) advapi32.DuplicateToken
@ stdcall DuplicateTokenEx(long long ptr long long ptr) advapi32.DuplicateTokenEx
@ stub EqualDomainSid
@ stdcall EqualDomainSid(ptr ptr ptr) advapi32.EqualDomainSid
@ stdcall EqualPrefixSid(ptr ptr) advapi32.EqualPrefixSid
@ stdcall EqualSid(ptr ptr) advapi32.EqualSid
@ stdcall FindFirstFreeAce(ptr ptr) advapi32.FindFirstFreeAce

2
dlls/api-ms-win-security-base-l1-2-0/api-ms-win-security-base-l1-2-0.spec
View File

@ -38,7 +38,7 @@
@ stdcall DestroyPrivateObjectSecurity(ptr) advapi32.DestroyPrivateObjectSecurity
@ stdcall DuplicateToken(long long ptr) advapi32.DuplicateToken
@ stdcall DuplicateTokenEx(long long ptr long long ptr) advapi32.DuplicateTokenEx
@ stub EqualDomainSid
@ stdcall EqualDomainSid(ptr ptr ptr) advapi32.EqualDomainSid
@ stdcall EqualPrefixSid(ptr ptr) advapi32.EqualPrefixSid
@ stdcall EqualSid(ptr ptr) advapi32.EqualSid
@ stdcall FindFirstFreeAce(ptr ptr) advapi32.FindFirstFreeAce

2
dlls/kernelbase/kernelbase.spec
View File

@ -323,7 +323,7 @@
@ stdcall EnumUILanguagesW(ptr long long)
# @ stub EnumerateStateAtomValues
# @ stub EnumerateStateContainerItems
@ stub EqualDomainSid
@ stdcall EqualDomainSid(ptr ptr ptr)
@ stdcall EqualPrefixSid(ptr ptr)
@ stdcall EqualSid(ptr ptr)
@ stdcall EscapeCommFunction(long long)

55
dlls/kernelbase/security.c
View File

@ -274,6 +274,61 @@ BOOL WINAPI EqualSid( PSID sid1, PSID sid2 )
return ret;
}
/******************************************************************************
* EqualDomainSid (kernelbase.@)
*/
BOOL WINAPI EqualDomainSid( PSID sid1, PSID sid2, BOOL *equal )
{
MAX_SID builtin_sid, domain_sid1, domain_sid2;
DWORD size;
TRACE( "(%p,%p,%p)\n", sid1, sid2, equal );
if (!IsValidSid( sid1 ) || !IsValidSid( sid2 ))
{
SetLastError( ERROR_INVALID_SID );
return FALSE;
}
if (!equal)
{
SetLastError( ERROR_INVALID_PARAMETER );
return FALSE;
}
size = sizeof(domain_sid1);
if (GetWindowsAccountDomainSid( sid1, &domain_sid1, &size ))
{
size = sizeof(domain_sid2);
if (GetWindowsAccountDomainSid( sid2, &domain_sid2, &size ))
{
*equal = EqualSid( &domain_sid1, &domain_sid2 );
SetLastError( 0 );
return TRUE;
}
}
size = sizeof(builtin_sid);
if (!CreateWellKnownSid( WinBuiltinDomainSid, NULL, &builtin_sid, &size ))
return FALSE;
if (!memcmp(GetSidIdentifierAuthority( sid1 )->Value, builtin_sid.IdentifierAuthority.Value, sizeof(builtin_sid.IdentifierAuthority.Value)) &&
!memcmp(GetSidIdentifierAuthority( sid2 )->Value, builtin_sid.IdentifierAuthority.Value, sizeof(builtin_sid.IdentifierAuthority.Value)))
{
if (*GetSidSubAuthorityCount( sid1 ) != 0 && *GetSidSubAuthorityCount( sid2 ) != 0 &&
(*GetSidSubAuthority( sid1, 0 ) == SECURITY_BUILTIN_DOMAIN_RID ||
*GetSidSubAuthority( sid2, 0 ) == SECURITY_BUILTIN_DOMAIN_RID))
{
*equal = EqualSid( sid1, sid2 );
SetLastError( 0 );
return TRUE;
}
}
SetLastError( ERROR_NON_DOMAIN_SID );
return FALSE;
}
/******************************************************************************
* FreeSid (kernelbase.@)
*/

1
include/winbase.h
View File

@ -2002,6 +2002,7 @@ WINBASEAPI BOOL WINAPI EnumResourceTypesW(HMODULE,ENUMRESTYPEPROCW,LONG_P
WINBASEAPI BOOL WINAPI EnumResourceTypesExA(HMODULE,ENUMRESTYPEPROCA,LONG_PTR,DWORD,LANGID);
WINBASEAPI BOOL WINAPI EnumResourceTypesExW(HMODULE,ENUMRESTYPEPROCW,LONG_PTR,DWORD,LANGID);
#define EnumResourceTypesEx WINELIB_NAME_AW(EnumResourceTypesEx)
WINADVAPI BOOL WINAPI EqualDomainSid(PSID,PSID,BOOL*);
WINADVAPI BOOL WINAPI EqualSid(PSID, PSID);
WINADVAPI BOOL WINAPI EqualPrefixSid(PSID,PSID);
WINBASEAPI DWORD WINAPI EraseTape(HANDLE,DWORD,BOOL);

2
include/winerror.h
View File

@ -762,6 +762,8 @@ static inline HRESULT HRESULT_FROM_WIN32(unsigned int x)
#define ERROR_NOT_SUPPORTED_ON_SBS 1254
#define ERROR_SERVER_SHUTDOWN_IN_PROGRESS 1255
#define ERROR_HOST_DOWN 1256
#define ERROR_NON_ACCOUNT_SID 1257
#define ERROR_NON_DOMAIN_SID 1258
#define ERROR_ACCESS_DISABLED_BY_POLICY 1260
#define ERROR_REG_NAT_CONSUMPTION 1261
#define ERROR_PKINIT_FAILURE 1263