Robert Reif : advapi32: Add a computer SID to the registry.

Alexandre Julliard julliard at wine.codeweavers.com
Fri Aug 4 06:30:00 CDT 2006 

Module: wine
Branch: refs/heads/master
Commit: 1b8cfc5151885e3c2abb28fe7dfadd6d55e94a7f
URL:    http://source.winehq.org/git/?p=wine.git;a=commit;h=1b8cfc5151885e3c2abb28fe7dfadd6d55e94a7f

Author: Robert Reif <reif at earthlink.net>
Date:   Thu Aug  3 21:47:50 2006 -0400

advapi32: Add a computer SID to the registry.

---

 dlls/advapi32/lsa.c      |   13 ++++---------
 dlls/advapi32/security.c |   39 +++++++++++++++++++++++++++++++++------
 include/ntsecapi.h       |    4 ++++
 3 files changed, 41 insertions(+), 15 deletions(-)

diff --git a/dlls/advapi32/lsa.c b/dlls/advapi32/lsa.c
index c5c5e84..42221f3 100644
--- a/dlls/advapi32/lsa.c
+++ b/dlls/advapi32/lsa.c
@@ -462,17 +462,12 @@ NTSTATUS WINAPI LsaQueryInformationPolic
             /* read the computer SID from the registry */
             if (!ADVAPI_GetComputerSid(&(xdi->sid)))
             {
-                SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
+                HeapFree(GetProcessHeap(), 0, buf);
+                HeapFree(GetProcessHeap(), 0, xdi);
 
-                xdi->sid.Revision = SID_REVISION;
-                xdi->sid.SubAuthorityCount = 4;
-                xdi->sid.IdentifierAuthority = localSidAuthority;
-                xdi->sid.SubAuthority[0] = SECURITY_NT_NON_UNIQUE;
-                xdi->sid.SubAuthority[1] = 0;
-                xdi->sid.SubAuthority[2] = 0;
-                xdi->sid.SubAuthority[3] = 0;
+                WARN("Computer SID not found\n");
 
-                WARN("Computer SID not found in registry\n");
+                return STATUS_UNSUCCESSFUL;
             }
 
             TRACE("setting SID to %s\n", debugstr_sid(&xdi->sid));
diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index 53b2210..2eade3e 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -332,7 +332,7 @@ BOOL ADVAPI_IsLocalComputer(LPCWSTR Serv
 
     if (!ServerName || !ServerName[0])
         return TRUE;
-    
+
     buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
     Result = GetComputerNameW(buf,  &dwSize);
     if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
@@ -352,12 +352,12 @@ BOOL ADVAPI_GetComputerSid(PSID sid)
 {
     HKEY key;
     LONG ret;
-                                                                                
-    if ((ret = RegOpenKeyExA(HKEY_LOCAL_MACHINE,
-        "SECURITY\\SAM\\Domains\\Account", 0,
+    static const WCHAR Account[] = { 'S','E','C','U','R','I','T','Y','\\','S','A','M','\\','D','o','m','a','i','n','s','\\','A','c','c','o','u','n','t',0 };
+    static const WCHAR V[] = { 'V',0 };
+
+    if ((ret = RegOpenKeyExW(HKEY_LOCAL_MACHINE, Account, 0,
         KEY_READ, &key)) == ERROR_SUCCESS)
     {
-        static const WCHAR V[] = { 'V',0 };
         DWORD size = 0;
         ret = RegQueryValueExW(key, V, NULL, NULL, NULL, &size);
         if (ret == ERROR_MORE_DATA || ret == ERROR_SUCCESS)
@@ -370,13 +370,40 @@ BOOL ADVAPI_GetComputerSid(PSID sid)
                 {
                     /* the SID is in the last 24 bytes of the binary data */
                     CopyMemory(sid, &data[size-24], 24);
+                    HeapFree(GetProcessHeap(), 0, data);
+                    RegCloseKey(key);
                     return TRUE;
                 }
+                HeapFree(GetProcessHeap(), 0, data);
             }
         }
         RegCloseKey(key);
     }
-                                                                                
+
+    /* create a new random SID */
+    if (RegCreateKeyExW(HKEY_LOCAL_MACHINE, Account,
+        0, NULL, 0, KEY_ALL_ACCESS, NULL, &key, NULL) == ERROR_SUCCESS)
+    {
+        PSID new_sid;
+        SID_IDENTIFIER_AUTHORITY identifierAuthority = {SECURITY_NT_AUTHORITY};
+        DWORD id[3];
+
+        if (RtlGenRandom(&id, sizeof(id)))
+        {
+            if (AllocateAndInitializeSid(&identifierAuthority, 4, SECURITY_NT_NON_UNIQUE, id[0], id[1], id[2], 0, 0, 0, 0, &new_sid))
+            {
+                if (RegSetValueExW(key, V, 0, REG_BINARY, new_sid, GetLengthSid(new_sid)) == ERROR_SUCCESS)
+                {
+                    FreeSid(new_sid);
+                    RegCloseKey(key);
+                    return CopySid(GetLengthSid(new_sid), sid, &new_sid);
+                }
+                FreeSid(new_sid);
+            }
+        }
+        RegCloseKey(key);
+    }
+
     return FALSE;
 }
 
diff --git a/include/ntsecapi.h b/include/ntsecapi.h
index 7fa3c44..4ed878e 100644
--- a/include/ntsecapi.h
+++ b/include/ntsecapi.h
@@ -290,6 +290,10 @@ typedef enum _POLICY_NOTIFICATION_INFORM
     PolicyNotifyMachineAccountPasswordInformation
 } POLICY_NOTIFICATION_INFORMATION_CLASS, *PPOLICY_NOTIFICATION_INFORMATION_CLASS;
 
+#define RtlGenRandom                    SystemFunction036
+
+BOOLEAN WINAPI RtlGenRandom(PVOID,ULONG);
+
 NTSTATUS WINAPI LsaAddAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING,ULONG);
 NTSTATUS WINAPI LsaCallAuthenticationPackage(HANDLE,ULONG,PVOID,ULONG,PVOID*,PULONG,PNTSTATUS);
 NTSTATUS WINAPI LsaClose(LSA_HANDLE);

More information about the wine-cvs mailing list