advapi32: Use a fixed computer SID that matches local user SIDs.
This commit is contained in:
parent
c65bcce589
commit
837fc836aa
|
@ -656,7 +656,6 @@ NTSTATUS WINAPI LsaQueryInformationPolicy(
|
||||||
|
|
||||||
xdi->info.DomainSid = &xdi->sid;
|
xdi->info.DomainSid = &xdi->sid;
|
||||||
|
|
||||||
/* read the computer SID from the registry */
|
|
||||||
if (!ADVAPI_GetComputerSid(&xdi->sid))
|
if (!ADVAPI_GetComputerSid(&xdi->sid))
|
||||||
{
|
{
|
||||||
HeapFree(GetProcessHeap(), 0, xdi);
|
HeapFree(GetProcessHeap(), 0, xdi);
|
||||||
|
|
|
@ -446,64 +446,20 @@ BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
|
||||||
|
|
||||||
/************************************************************
|
/************************************************************
|
||||||
* ADVAPI_GetComputerSid
|
* ADVAPI_GetComputerSid
|
||||||
*
|
|
||||||
* Reads the computer SID from the registry.
|
|
||||||
*/
|
*/
|
||||||
BOOL ADVAPI_GetComputerSid(PSID sid)
|
BOOL ADVAPI_GetComputerSid(PSID sid)
|
||||||
{
|
{
|
||||||
HKEY key;
|
static const struct /* same fields as struct SID */
|
||||||
LONG ret;
|
|
||||||
BOOL retval = FALSE;
|
|
||||||
static const WCHAR Account[] = { 'S','E','C','U','R','I','T','Y','\\','S','A','M','\\','D','o','m','a','i','n','s','\\','A','c','c','o','u','n','t',0 };
|
|
||||||
static const WCHAR V[] = { 'V',0 };
|
|
||||||
|
|
||||||
if ((ret = RegOpenKeyExW(HKEY_LOCAL_MACHINE, Account, 0,
|
|
||||||
KEY_READ, &key)) == ERROR_SUCCESS)
|
|
||||||
{
|
{
|
||||||
DWORD size = 0;
|
BYTE Revision;
|
||||||
ret = RegQueryValueExW(key, V, NULL, NULL, NULL, &size);
|
BYTE SubAuthorityCount;
|
||||||
if (ret == ERROR_MORE_DATA || ret == ERROR_SUCCESS)
|
SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
|
||||||
{
|
DWORD SubAuthority[4];
|
||||||
BYTE * data = HeapAlloc(GetProcessHeap(), 0, size);
|
} computer_sid =
|
||||||
if (data)
|
{ SID_REVISION, 4, { SECURITY_NT_AUTHORITY }, { SECURITY_NT_NON_UNIQUE, 0, 0, 0 } };
|
||||||
{
|
|
||||||
if ((ret = RegQueryValueExW(key, V, NULL, NULL,
|
|
||||||
data, &size)) == ERROR_SUCCESS)
|
|
||||||
{
|
|
||||||
/* the SID is in the last 24 bytes of the binary data */
|
|
||||||
CopyMemory(sid, &data[size-24], 24);
|
|
||||||
retval = TRUE;
|
|
||||||
}
|
|
||||||
HeapFree(GetProcessHeap(), 0, data);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
RegCloseKey(key);
|
|
||||||
}
|
|
||||||
|
|
||||||
if(retval == TRUE) return retval;
|
memcpy( sid, &computer_sid, sizeof(computer_sid) );
|
||||||
|
return TRUE;
|
||||||
/* create a new random SID */
|
|
||||||
if (RegCreateKeyExW(HKEY_LOCAL_MACHINE, Account,
|
|
||||||
0, NULL, 0, KEY_ALL_ACCESS, NULL, &key, NULL) == ERROR_SUCCESS)
|
|
||||||
{
|
|
||||||
PSID new_sid;
|
|
||||||
SID_IDENTIFIER_AUTHORITY identifierAuthority = {SECURITY_NT_AUTHORITY};
|
|
||||||
DWORD id[3];
|
|
||||||
|
|
||||||
if (RtlGenRandom(id, sizeof(id)))
|
|
||||||
{
|
|
||||||
if (AllocateAndInitializeSid(&identifierAuthority, 4, SECURITY_NT_NON_UNIQUE, id[0], id[1], id[2], 0, 0, 0, 0, &new_sid))
|
|
||||||
{
|
|
||||||
if (RegSetValueExW(key, V, 0, REG_BINARY, new_sid, GetLengthSid(new_sid)) == ERROR_SUCCESS)
|
|
||||||
retval = CopySid(GetLengthSid(new_sid), sid, new_sid);
|
|
||||||
|
|
||||||
FreeSid(new_sid);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
RegCloseKey(key);
|
|
||||||
}
|
|
||||||
|
|
||||||
return retval;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ##############################
|
/* ##############################
|
||||||
|
|
Loading…
Reference in New Issue