Commit 1b8cfc51 authored by Robert Reif's avatar Robert Reif Committed by Alexandre Julliard

advapi32: Add a computer SID to the registry.

parent 46d2886d
...@@ -462,17 +462,12 @@ NTSTATUS WINAPI LsaQueryInformationPolicy( ...@@ -462,17 +462,12 @@ NTSTATUS WINAPI LsaQueryInformationPolicy(
/* read the computer SID from the registry */ /* read the computer SID from the registry */
if (!ADVAPI_GetComputerSid(&(xdi->sid))) if (!ADVAPI_GetComputerSid(&(xdi->sid)))
{ {
SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY}; HeapFree(GetProcessHeap(), 0, buf);
HeapFree(GetProcessHeap(), 0, xdi);
xdi->sid.Revision = SID_REVISION; WARN("Computer SID not found\n");
xdi->sid.SubAuthorityCount = 4;
xdi->sid.IdentifierAuthority = localSidAuthority;
xdi->sid.SubAuthority[0] = SECURITY_NT_NON_UNIQUE;
xdi->sid.SubAuthority[1] = 0;
xdi->sid.SubAuthority[2] = 0;
xdi->sid.SubAuthority[3] = 0;
WARN("Computer SID not found in registry\n"); return STATUS_UNSUCCESSFUL;
} }
TRACE("setting SID to %s\n", debugstr_sid(&xdi->sid)); TRACE("setting SID to %s\n", debugstr_sid(&xdi->sid));
......
...@@ -352,12 +352,12 @@ BOOL ADVAPI_GetComputerSid(PSID sid) ...@@ -352,12 +352,12 @@ BOOL ADVAPI_GetComputerSid(PSID sid)
{ {
HKEY key; HKEY key;
LONG ret; LONG ret;
static const WCHAR Account[] = { 'S','E','C','U','R','I','T','Y','\\','S','A','M','\\','D','o','m','a','i','n','s','\\','A','c','c','o','u','n','t',0 };
static const WCHAR V[] = { 'V',0 };
if ((ret = RegOpenKeyExA(HKEY_LOCAL_MACHINE, if ((ret = RegOpenKeyExW(HKEY_LOCAL_MACHINE, Account, 0,
"SECURITY\\SAM\\Domains\\Account", 0,
KEY_READ, &key)) == ERROR_SUCCESS) KEY_READ, &key)) == ERROR_SUCCESS)
{ {
static const WCHAR V[] = { 'V',0 };
DWORD size = 0; DWORD size = 0;
ret = RegQueryValueExW(key, V, NULL, NULL, NULL, &size); ret = RegQueryValueExW(key, V, NULL, NULL, NULL, &size);
if (ret == ERROR_MORE_DATA || ret == ERROR_SUCCESS) if (ret == ERROR_MORE_DATA || ret == ERROR_SUCCESS)
...@@ -370,8 +370,35 @@ BOOL ADVAPI_GetComputerSid(PSID sid) ...@@ -370,8 +370,35 @@ BOOL ADVAPI_GetComputerSid(PSID sid)
{ {
/* the SID is in the last 24 bytes of the binary data */ /* the SID is in the last 24 bytes of the binary data */
CopyMemory(sid, &data[size-24], 24); CopyMemory(sid, &data[size-24], 24);
HeapFree(GetProcessHeap(), 0, data);
RegCloseKey(key);
return TRUE; return TRUE;
} }
HeapFree(GetProcessHeap(), 0, data);
}
}
RegCloseKey(key);
}
/* create a new random SID */
if (RegCreateKeyExW(HKEY_LOCAL_MACHINE, Account,
0, NULL, 0, KEY_ALL_ACCESS, NULL, &key, NULL) == ERROR_SUCCESS)
{
PSID new_sid;
SID_IDENTIFIER_AUTHORITY identifierAuthority = {SECURITY_NT_AUTHORITY};
DWORD id[3];
if (RtlGenRandom(&id, sizeof(id)))
{
if (AllocateAndInitializeSid(&identifierAuthority, 4, SECURITY_NT_NON_UNIQUE, id[0], id[1], id[2], 0, 0, 0, 0, &new_sid))
{
if (RegSetValueExW(key, V, 0, REG_BINARY, new_sid, GetLengthSid(new_sid)) == ERROR_SUCCESS)
{
FreeSid(new_sid);
RegCloseKey(key);
return CopySid(GetLengthSid(new_sid), sid, &new_sid);
}
FreeSid(new_sid);
} }
} }
RegCloseKey(key); RegCloseKey(key);
......
...@@ -290,6 +290,10 @@ typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS ...@@ -290,6 +290,10 @@ typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS
PolicyNotifyMachineAccountPasswordInformation PolicyNotifyMachineAccountPasswordInformation
} POLICY_NOTIFICATION_INFORMATION_CLASS, *PPOLICY_NOTIFICATION_INFORMATION_CLASS; } POLICY_NOTIFICATION_INFORMATION_CLASS, *PPOLICY_NOTIFICATION_INFORMATION_CLASS;
#define RtlGenRandom SystemFunction036
BOOLEAN WINAPI RtlGenRandom(PVOID,ULONG);
NTSTATUS WINAPI LsaAddAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING,ULONG); NTSTATUS WINAPI LsaAddAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING,ULONG);
NTSTATUS WINAPI LsaCallAuthenticationPackage(HANDLE,ULONG,PVOID,ULONG,PVOID*,PULONG,PNTSTATUS); NTSTATUS WINAPI LsaCallAuthenticationPackage(HANDLE,ULONG,PVOID,ULONG,PVOID*,PULONG,PNTSTATUS);
NTSTATUS WINAPI LsaClose(LSA_HANDLE); NTSTATUS WINAPI LsaClose(LSA_HANDLE);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment