advapi32: Add a computer SID to the registry
Robert Reif
reif at earthlink.net
Thu Aug 3 20:47:50 CDT 2006
-------------- next part --------------
diff -p -u -r1.12 lsa.c
--- dlls/advapi32/lsa.c 2 Aug 2006 11:49:38 -0000 1.12
+++ dlls/advapi32/lsa.c 4 Aug 2006 01:42:26 -0000
@@ -462,17 +462,12 @@ NTSTATUS WINAPI LsaQueryInformationPolic
/* read the computer SID from the registry */
if (!ADVAPI_GetComputerSid(&(xdi->sid)))
{
- SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
+ HeapFree(GetProcessHeap(), 0, buf);
+ HeapFree(GetProcessHeap(), 0, xdi);
- xdi->sid.Revision = SID_REVISION;
- xdi->sid.SubAuthorityCount = 4;
- xdi->sid.IdentifierAuthority = localSidAuthority;
- xdi->sid.SubAuthority[0] = SECURITY_NT_NON_UNIQUE;
- xdi->sid.SubAuthority[1] = 0;
- xdi->sid.SubAuthority[2] = 0;
- xdi->sid.SubAuthority[3] = 0;
+ WARN("Computer SID not found\n");
- WARN("Computer SID not found in registry\n");
+ return STATUS_UNSUCCESSFUL;
}
TRACE("setting SID to %s\n", debugstr_sid(&xdi->sid));
diff -p -u -r1.142 security.c
--- dlls/advapi32/security.c 31 Jul 2006 15:39:39 -0000 1.142
+++ dlls/advapi32/security.c 4 Aug 2006 01:42:28 -0000
@@ -332,7 +332,7 @@ BOOL ADVAPI_IsLocalComputer(LPCWSTR Serv
if (!ServerName || !ServerName[0])
return TRUE;
-
+
buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
Result = GetComputerNameW(buf, &dwSize);
if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
@@ -352,12 +352,12 @@ BOOL ADVAPI_GetComputerSid(PSID sid)
{
HKEY key;
LONG ret;
-
- if ((ret = RegOpenKeyExA(HKEY_LOCAL_MACHINE,
- "SECURITY\\SAM\\Domains\\Account", 0,
+ static const WCHAR Account[] = { 'S','E','C','U','R','I','T','Y','\\','S','A','M','\\','D','o','m','a','i','n','s','\\','A','c','c','o','u','n','t',0 };
+ static const WCHAR V[] = { 'V',0 };
+
+ if ((ret = RegOpenKeyExW(HKEY_LOCAL_MACHINE, Account, 0,
KEY_READ, &key)) == ERROR_SUCCESS)
{
- static const WCHAR V[] = { 'V',0 };
DWORD size = 0;
ret = RegQueryValueExW(key, V, NULL, NULL, NULL, &size);
if (ret == ERROR_MORE_DATA || ret == ERROR_SUCCESS)
@@ -370,13 +370,40 @@ BOOL ADVAPI_GetComputerSid(PSID sid)
{
/* the SID is in the last 24 bytes of the binary data */
CopyMemory(sid, &data[size-24], 24);
+ HeapFree(GetProcessHeap(), 0, data);
+ RegCloseKey(key);
return TRUE;
}
+ HeapFree(GetProcessHeap(), 0, data);
+ }
+ }
+ RegCloseKey(key);
+ }
+
+ /* create a new random SID */
+ if (RegCreateKeyExW(HKEY_LOCAL_MACHINE, Account,
+ 0, NULL, 0, KEY_ALL_ACCESS, NULL, &key, NULL) == ERROR_SUCCESS)
+ {
+ PSID new_sid;
+ SID_IDENTIFIER_AUTHORITY identifierAuthority = {SECURITY_NT_AUTHORITY};
+ DWORD id[3];
+
+ if (RtlGenRandom(&id, sizeof(id)))
+ {
+ if (AllocateAndInitializeSid(&identifierAuthority, 4, SECURITY_NT_NON_UNIQUE, id[0], id[1], id[2], 0, 0, 0, 0, &new_sid))
+ {
+ if (RegSetValueExW(key, V, 0, REG_BINARY, new_sid, GetLengthSid(new_sid)) == ERROR_SUCCESS)
+ {
+ FreeSid(new_sid);
+ RegCloseKey(key);
+ return CopySid(GetLengthSid(new_sid), sid, &new_sid);
+ }
+ FreeSid(new_sid);
}
}
RegCloseKey(key);
}
-
+
return FALSE;
}
diff -p -u -r1.21 ntsecapi.h
--- include/ntsecapi.h 12 Jul 2006 11:46:39 -0000 1.21
+++ include/ntsecapi.h 4 Aug 2006 01:42:31 -0000
@@ -290,6 +290,10 @@ typedef enum _POLICY_NOTIFICATION_INFORM
PolicyNotifyMachineAccountPasswordInformation
} POLICY_NOTIFICATION_INFORMATION_CLASS, *PPOLICY_NOTIFICATION_INFORMATION_CLASS;
+#define RtlGenRandom SystemFunction036
+
+BOOLEAN WINAPI RtlGenRandom(PVOID,ULONG);
+
NTSTATUS WINAPI LsaAddAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING,ULONG);
NTSTATUS WINAPI LsaCallAuthenticationPackage(HANDLE,ULONG,PVOID,ULONG,PVOID*,PULONG,PNTSTATUS);
NTSTATUS WINAPI LsaClose(LSA_HANDLE);
More information about the wine-patches
mailing list