bool MWinAccessControlList::AddAccessDeny(const char *accountname,DWORD permission) { BYTE sidbuffer[100]; PSID psid=(SID *)&sidbuffer; DWORD sidsize=sizeof(sidbuffer); char domainbuffer[100]; DWORD domainbuffersize=sizeof(domainbuffer); SID_NAME_USE snu; if(LookupAccountNameA(NULL,accountname,psid,&sidsize ,(LPSTR)&domainbuffer,&domainbuffersize,&snu)==FALSE) { return false; } if(AddAccessDeniedAce(mpACL,ACL_REVISION,permission,psid)==false) { return false; } return true; }
void TestLookupNameA( LPSTR Name ) { // // LookupAccountNameA test // BOOL Bool; DWORD cbSid = 0; UCHAR Sid[BUFFER_SIZE]; SID_NAME_USE peUse = SidTypeUser; DWORD cbReferencedDomainName = 0; UCHAR ReferencedDomainName[BUFFER_SIZE]; printf(" LookupA call . . . . . . . . . . . . . . . . . "); Bool = LookupAccountNameA( NULL, Name, Sid, &cbSid, ReferencedDomainName, &cbReferencedDomainName, &peUse ); // // Expect failure here // if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) { printf("** FAILED **\n"); printf(" First call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Sid Length: %d\n", cbSid); printf(" Domain Name Length: %d\n", cbReferencedDomainName); } else { Bool = LookupAccountNameA( NULL, Name, Sid, &cbSid, ReferencedDomainName, &cbReferencedDomainName, &peUse ); if ( !Bool ) { printf("** FAILED **\n"); printf(" Second call.\n"); printf(" Status: %d\n", GetLastError()); printf(" Sid Length: %d\n", cbSid); printf(" Domain Name Length: %d\n", cbReferencedDomainName); } else { printf("Succeeded\n"); printf(" Sid Length: %d\n", cbSid); printf(" Sid: "); DisplayAccountSid( Sid ); printf("\n"); printf(" Domain Name Length: %d\n", cbReferencedDomainName); printf(" Domain Name: *%s*\n", ReferencedDomainName); printf(" Use: "); DisplayUse( peUse ); printf("\n\n"); } } }
BOOL GetAccountSid( LPCSTR SystemName, LPCSTR AccountName, PSID *Sid ) { LPSTR ReferencedDomain=NULL; DWORD cbSid=128; // initial allocation attempt DWORD cchReferencedDomain=16; // initial allocation size SID_NAME_USE peUse; BOOL bSuccess=FALSE; // assume this function will fail try { // // initial memory allocations // *Sid = (PSID)HeapAlloc(GetProcessHeap(), 0, cbSid); if(*Sid == NULL) throw; ReferencedDomain = (LPSTR)HeapAlloc( GetProcessHeap(), 0, cchReferencedDomain * sizeof(CHAR) ); if(ReferencedDomain == NULL) throw; // // Obtain the SID of the specified account on the specified system. // while(!LookupAccountNameA( SystemName, // machine to lookup account on AccountName, // account to lookup *Sid, // SID of interest &cbSid, // size of SID ReferencedDomain, // domain account was found on &cchReferencedDomain, &peUse )) { if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) { // // reallocate memory // *Sid = (PSID)HeapReAlloc( GetProcessHeap(), 0, *Sid, cbSid ); if(*Sid == NULL) throw; ReferencedDomain = (LPSTR)HeapReAlloc( GetProcessHeap(), 0, ReferencedDomain, cchReferencedDomain * sizeof(CHAR) ); if(ReferencedDomain == NULL) throw; } else throw; } // // Indicate success. // bSuccess = TRUE; } // try catch(...) { // // Cleanup and indicate failure, if appropriate. // HeapFree(GetProcessHeap(), 0, ReferencedDomain); if(!bSuccess) { if(*Sid != NULL) { HeapFree(GetProcessHeap(), 0, *Sid); *Sid = NULL; } } } // finally return bSuccess; }
rc_t _GetSidAndSizeNoLock ( const char * Name, SID ** Sid, DWORD * SidSize ) { rc_t RCt; DWORD Size1, Size2; SID_NAME_USE NameUse; SID * RetSid; BYTE SomeByte [ XFS_SIZE_128 ]; RCt = 0; Size1 = Size2 = 0; RetSid = NULL; if ( Name == NULL || Sid == NULL || SidSize == NULL ) { return XFS_RC ( rcNull ); } * Sid = NULL; * SidSize = 0; /*) First we should know size of SID (*/ if ( LookupAccountNameA ( NULL, Name, NULL, & Size1, NULL, & Size2, & NameUse ) == 0 ) { if ( GetLastError () != ERROR_INSUFFICIENT_BUFFER ) { return XFS_RC ( rcExhausted ); } } RetSid = calloc ( Size1, sizeof ( BYTE ) ); if ( RetSid == NULL ) { return XFS_RC ( rcExhausted ); } if ( LookupAccountNameA ( NULL, Name, RetSid, & Size1, SomeByte, & Size2, & NameUse ) == 0 ) { free ( RetSid ); return XFS_RC ( rcInvalid ); } * Sid = RetSid; * SidSize = Size1; return 0; } /* _GetSidAndSizeNoLock () */