From 4bbbc261d1298210ec3eaf49b783defc6988da83 Mon Sep 17 00:00:00 2001
From: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Date: Tue, 6 Feb 2018 04:19:37 +0000
Subject: [PATCH] ntdll: Support TokenLogonSid in NtQueryInformationToken.

Based on a patch by Andrew Wesie.

Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
---
 dlls/advapi32/tests/security.c |  4 ++--
 dlls/ntdll/nt.c                | 21 +++++++++++++++++++++
 server/token.c                 | 10 ++++++++++
 3 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 57889dc402d..bc14a803c4c 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -1843,11 +1843,11 @@ static void test_token_attr(void)
         todo_wine win_skip("TokenLogonSid not supported. Skipping tests\n");
     else
     {
-        todo_wine ok(!ret && (GetLastError() == ERROR_INSUFFICIENT_BUFFER),
+        ok(!ret && (GetLastError() == ERROR_INSUFFICIENT_BUFFER),
             "GetTokenInformation(TokenLogonSid) failed with error %d\n", GetLastError());
         Groups = HeapAlloc(GetProcessHeap(), 0, Size);
         ret = GetTokenInformation(Token, TokenLogonSid, Groups, Size, &Size);
-        todo_wine ok(ret,
+        ok(ret,
             "GetTokenInformation(TokenLogonSid) failed with error %d\n", GetLastError());
         if (ret)
         {
diff --git a/dlls/ntdll/nt.c b/dlls/ntdll/nt.c
index 8938d5d71c1..8995c362a9a 100644
--- a/dlls/ntdll/nt.c
+++ b/dlls/ntdll/nt.c
@@ -552,6 +552,27 @@ NTSTATUS WINAPI NtQueryInformationToken(
             *(DWORD*)tokeninfo = 0;
             break;
         }
+    case TokenLogonSid:
+        SERVER_START_REQ( get_token_sid )
+        {
+            TOKEN_GROUPS * groups = tokeninfo;
+            PSID sid = groups + 1;
+            DWORD sid_len = tokeninfolength < sizeof(TOKEN_GROUPS) ? 0 : tokeninfolength - sizeof(TOKEN_GROUPS);
+
+            req->handle = wine_server_obj_handle( token );
+            req->which_sid = tokeninfoclass;
+            wine_server_set_reply( req, sid, sid_len );
+            status = wine_server_call( req );
+            if (retlen) *retlen = reply->sid_len + sizeof(TOKEN_GROUPS);
+            if (status == STATUS_SUCCESS)
+            {
+                groups->GroupCount = 1;
+                groups->Groups[0].Sid = sid;
+                groups->Groups[0].Attributes = 0;
+            }
+        }
+        SERVER_END_REQ;
+        break;
     default:
         {
             ERR("Unhandled Token Information class %d!\n", tokeninfoclass);
diff --git a/server/token.c b/server/token.c
index 532d7b74059..85aab7384f4 100644
--- a/server/token.c
+++ b/server/token.c
@@ -92,6 +92,13 @@ static const struct /* same fields as struct SID */
     SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
     DWORD SubAuthority[2];
 } builtin_users_sid = { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_USERS } };
+static const struct /* same fields as struct SID */
+{
+    BYTE Revision;
+    BYTE SubAuthorityCount;
+    SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
+    DWORD SubAuthority[SECURITY_LOGON_IDS_RID_COUNT];
+} builtin_logon_sid = { SID_REVISION, SECURITY_LOGON_IDS_RID_COUNT, {SECURITY_NT_AUTHORITY}, {SECURITY_LOGON_IDS_RID, 0, 0} };
 
 const PSID security_world_sid = (PSID)&world_sid;
 static const PSID security_local_sid = (PSID)&local_sid;
@@ -1436,6 +1443,9 @@ DECL_HANDLER(get_token_sid)
             }
             break;
         }
+        case TokenLogonSid:
+            sid = (const SID *)&builtin_logon_sid;
+            break;
         default:
             set_error( STATUS_INVALID_PARAMETER );
             break;