bool MWinAccessControlList::AddAccessDeny(const char *accountname,DWORD permission)
{
BYTE sidbuffer[100];
PSID psid=(SID *)&sidbuffer;
DWORD sidsize=sizeof(sidbuffer);
char domainbuffer[100];
DWORD domainbuffersize=sizeof(domainbuffer);
SID_NAME_USE snu;
if(LookupAccountNameA(NULL,accountname,psid,&sidsize
,(LPSTR)&domainbuffer,&domainbuffersize,&snu)==FALSE)
{
return false;
}
if(AddAccessDeniedAce(mpACL,ACL_REVISION,permission,psid)==false)
{
return false;
}
return true;
}
void
TestLookupNameA(
LPSTR Name
)
{
//
// LookupAccountNameA test
//
BOOL Bool;
DWORD cbSid = 0;
UCHAR Sid[BUFFER_SIZE];
SID_NAME_USE peUse = SidTypeUser;
DWORD cbReferencedDomainName = 0;
UCHAR ReferencedDomainName[BUFFER_SIZE];
printf(" LookupA call . . . . . . . . . . . . . . . . . ");
Bool = LookupAccountNameA(
NULL,
Name,
Sid,
&cbSid,
ReferencedDomainName,
&cbReferencedDomainName,
&peUse
);
//
// Expect failure here
//
if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) {
printf("** FAILED **\n");
printf(" First call.\n");
printf(" Status: %d\n", GetLastError());
printf(" Sid Length: %d\n", cbSid);
printf(" Domain Name Length: %d\n", cbReferencedDomainName);
} else {
Bool = LookupAccountNameA(
NULL,
Name,
Sid,
&cbSid,
ReferencedDomainName,
&cbReferencedDomainName,
&peUse
);
if ( !Bool ) {
printf("** FAILED **\n");
printf(" Second call.\n");
printf(" Status: %d\n", GetLastError());
printf(" Sid Length: %d\n", cbSid);
printf(" Domain Name Length: %d\n", cbReferencedDomainName);
} else {
printf("Succeeded\n");
printf(" Sid Length: %d\n", cbSid);
printf(" Sid: ");
DisplayAccountSid( Sid );
printf("\n");
printf(" Domain Name Length: %d\n", cbReferencedDomainName);
printf(" Domain Name: *%s*\n", ReferencedDomainName);
printf(" Use: ");
DisplayUse( peUse );
printf("\n\n");
}
}
}
BOOL
GetAccountSid(
LPCSTR SystemName,
LPCSTR AccountName,
PSID *Sid
)
{
LPSTR ReferencedDomain=NULL;
DWORD cbSid=128; // initial allocation attempt
DWORD cchReferencedDomain=16; // initial allocation size
SID_NAME_USE peUse;
BOOL bSuccess=FALSE; // assume this function will fail
try
{
//
// initial memory allocations
//
*Sid = (PSID)HeapAlloc(GetProcessHeap(), 0, cbSid);
if(*Sid == NULL) throw;
ReferencedDomain = (LPSTR)HeapAlloc(
GetProcessHeap(),
0,
cchReferencedDomain * sizeof(CHAR)
);
if(ReferencedDomain == NULL) throw;
//
// Obtain the SID of the specified account on the specified system.
//
while(!LookupAccountNameA(
SystemName, // machine to lookup account on
AccountName, // account to lookup
*Sid, // SID of interest
&cbSid, // size of SID
ReferencedDomain, // domain account was found on
&cchReferencedDomain,
&peUse
)) {
if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) {
//
// reallocate memory
//
*Sid = (PSID)HeapReAlloc(
GetProcessHeap(),
0,
*Sid,
cbSid
);
if(*Sid == NULL) throw;
ReferencedDomain = (LPSTR)HeapReAlloc(
GetProcessHeap(),
0,
ReferencedDomain,
cchReferencedDomain * sizeof(CHAR)
);
if(ReferencedDomain == NULL) throw;
}
else throw;
}
//
// Indicate success.
//
bSuccess = TRUE;
} // try
catch(...)
{
//
// Cleanup and indicate failure, if appropriate.
//
HeapFree(GetProcessHeap(), 0, ReferencedDomain);
if(!bSuccess) {
if(*Sid != NULL) {
HeapFree(GetProcessHeap(), 0, *Sid);
*Sid = NULL;
}
}
} // finally
return bSuccess;
}
rc_t
_GetSidAndSizeNoLock ( const char * Name, SID ** Sid, DWORD * SidSize )
{
rc_t RCt;
DWORD Size1, Size2;
SID_NAME_USE NameUse;
SID * RetSid;
BYTE SomeByte [ XFS_SIZE_128 ];
RCt = 0;
Size1 = Size2 = 0;
RetSid = NULL;
if ( Name == NULL || Sid == NULL || SidSize == NULL ) {
return XFS_RC ( rcNull );
}
* Sid = NULL;
* SidSize = 0;
/*) First we should know size of SID
(*/
if ( LookupAccountNameA (
NULL,
Name,
NULL,
& Size1,
NULL,
& Size2,
& NameUse
) == 0
) {
if ( GetLastError () != ERROR_INSUFFICIENT_BUFFER ) {
return XFS_RC ( rcExhausted );
}
}
RetSid = calloc ( Size1, sizeof ( BYTE ) );
if ( RetSid == NULL ) {
return XFS_RC ( rcExhausted );
}
if ( LookupAccountNameA (
NULL,
Name,
RetSid,
& Size1,
SomeByte,
& Size2,
& NameUse
) == 0
) {
free ( RetSid );
return XFS_RC ( rcInvalid );
}
* Sid = RetSid;
* SidSize = Size1;
return 0;
} /* _GetSidAndSizeNoLock () */
