bool MWinAccessControlList::AddAccessDeny(const char *accountname,DWORD permission)
	{
	BYTE sidbuffer[100];
	PSID psid=(SID *)&sidbuffer;
	DWORD sidsize=sizeof(sidbuffer);
	char domainbuffer[100];
	DWORD domainbuffersize=sizeof(domainbuffer);
	SID_NAME_USE snu;

	if(LookupAccountNameA(NULL,accountname,psid,&sidsize
			,(LPSTR)&domainbuffer,&domainbuffersize,&snu)==FALSE)
		{
		return false;
		}

	if(AddAccessDeniedAce(mpACL,ACL_REVISION,permission,psid)==false)
		{
		return false;
		}

	return true;
	}
Exemplo n.º 2
0
Arquivo: tse.c Projeto: mingpen/OpenNT
void
TestLookupNameA(
    LPSTR Name
    )

{

    //
    // LookupAccountNameA test
    //

    BOOL          Bool;
    DWORD         cbSid = 0;
    UCHAR         Sid[BUFFER_SIZE];
    SID_NAME_USE  peUse = SidTypeUser;
    DWORD         cbReferencedDomainName = 0;
    UCHAR         ReferencedDomainName[BUFFER_SIZE];


    printf("      LookupA call . . . . . . . . . . . . . . . . . ");


    Bool = LookupAccountNameA(
               NULL,
               Name,
               Sid,
               &cbSid,
               ReferencedDomainName,
               &cbReferencedDomainName,
               &peUse
               );

    //
    // Expect failure here
    //

    if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) {
        printf("** FAILED **\n");
        printf("        First call.\n");
        printf("        Status:             %d\n", GetLastError());
        printf("        Sid  Length:        %d\n", cbSid);
        printf("        Domain Name Length: %d\n", cbReferencedDomainName);
    } else {


        Bool = LookupAccountNameA(
                   NULL,
                   Name,
                   Sid,
                   &cbSid,
                   ReferencedDomainName,
                   &cbReferencedDomainName,
                   &peUse
                   );

        if ( !Bool ) {
            printf("** FAILED **\n");
            printf("        Second call.\n");
            printf("        Status:             %d\n", GetLastError());
            printf("        Sid  Length:        %d\n", cbSid);
            printf("        Domain Name Length: %d\n", cbReferencedDomainName);
        } else {
            printf("Succeeded\n");
            printf("        Sid  Length:        %d\n", cbSid);
            printf("        Sid:                ");
            DisplayAccountSid( Sid );
            printf("\n");
            printf("        Domain Name Length: %d\n", cbReferencedDomainName);
            printf("        Domain Name:        *%s*\n", ReferencedDomainName);
            printf("        Use:                ");
            DisplayUse( peUse );
            printf("\n\n");
        }
    }

}
Exemplo n.º 3
0
BOOL
GetAccountSid(
    LPCSTR SystemName,
    LPCSTR AccountName,
    PSID *Sid
    )
{
    LPSTR ReferencedDomain=NULL;
    DWORD cbSid=128;    // initial allocation attempt
    DWORD cchReferencedDomain=16; // initial allocation size
    SID_NAME_USE peUse;
    BOOL bSuccess=FALSE; // assume this function will fail

    try
    {
        //
        // initial memory allocations
        //
        *Sid = (PSID)HeapAlloc(GetProcessHeap(), 0, cbSid);

        if(*Sid == NULL) throw;

        ReferencedDomain = (LPSTR)HeapAlloc(
                        GetProcessHeap(),
                        0,
                        cchReferencedDomain * sizeof(CHAR)
                        );

        if(ReferencedDomain == NULL) throw;

        //
        // Obtain the SID of the specified account on the specified system.
        //
        while(!LookupAccountNameA(
                        SystemName,         // machine to lookup account on
                        AccountName,        // account to lookup
                        *Sid,               // SID of interest
                        &cbSid,             // size of SID
                        ReferencedDomain,   // domain account was found on
                        &cchReferencedDomain,
                        &peUse
                        )) {
            if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) {
                //
                // reallocate memory
                //
                *Sid = (PSID)HeapReAlloc(
                            GetProcessHeap(),
                            0,
                            *Sid,
                            cbSid
                            );
                if(*Sid == NULL) throw;

                ReferencedDomain = (LPSTR)HeapReAlloc(
                            GetProcessHeap(),
                            0,
                            ReferencedDomain,
                            cchReferencedDomain * sizeof(CHAR)
                            );
                if(ReferencedDomain == NULL) throw;
            }
            else throw;
        }

        //
        // Indicate success.
        //
        bSuccess = TRUE;

    } // try
    catch(...)
    {
        //
        // Cleanup and indicate failure, if appropriate.
        //

        HeapFree(GetProcessHeap(), 0, ReferencedDomain);

        if(!bSuccess) {
            if(*Sid != NULL) {
                HeapFree(GetProcessHeap(), 0, *Sid);
                *Sid = NULL;
            }
        }
    } // finally

    return bSuccess;
}
Exemplo n.º 4
0
rc_t
_GetSidAndSizeNoLock ( const  char * Name, SID ** Sid, DWORD * SidSize )
{
    rc_t RCt;
    DWORD Size1, Size2;
    SID_NAME_USE NameUse;
    SID * RetSid;
    BYTE SomeByte [ XFS_SIZE_128 ];

    RCt = 0;
    Size1 = Size2 = 0;
    RetSid = NULL;

    if ( Name == NULL || Sid == NULL || SidSize == NULL ) {
        return XFS_RC ( rcNull );
    }
    * Sid = NULL;
    * SidSize = 0;

        /*) First we should know size of SID
         (*/
    if ( LookupAccountNameA (
                        NULL,
                        Name,
                        NULL,
                        & Size1,
                        NULL,
                        & Size2,
                        & NameUse
                        ) == 0
    ) {
        if ( GetLastError () != ERROR_INSUFFICIENT_BUFFER ) {
            return XFS_RC ( rcExhausted );
        }
    }

    RetSid = calloc ( Size1, sizeof ( BYTE ) );
    if ( RetSid == NULL ) {
        return XFS_RC ( rcExhausted );
    }

    if ( LookupAccountNameA (
                        NULL,
                        Name,
                        RetSid,
                        & Size1,
                        SomeByte,
                        & Size2,
                        & NameUse
                        ) == 0
    ) {
        free ( RetSid );

        return XFS_RC ( rcInvalid );
    }

    * Sid = RetSid;
    * SidSize = Size1;

    return 0;
}   /* _GetSidAndSizeNoLock () */