2017-07-12 03:56:45 -07:00
|
|
|
From 393f8906d8b26414fb4fc89c692cb5247be6b4c2 Mon Sep 17 00:00:00 2001
|
2016-12-19 14:32:43 -08:00
|
|
|
From: Dmitry Timoshkov <dmitry@baikal.ru>
|
|
|
|
Date: Fri, 16 Dec 2016 13:23:15 +0800
|
|
|
|
Subject: advapi32/tests: Add a test that compares a well-known SID to a SID
|
|
|
|
created from a SDDL abbreviation.
|
|
|
|
|
|
|
|
---
|
|
|
|
dlls/advapi32/tests/security.c | 130 +++++++++++++++++++++++++++++------------
|
|
|
|
1 file changed, 92 insertions(+), 38 deletions(-)
|
|
|
|
|
|
|
|
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
|
2017-07-12 03:56:45 -07:00
|
|
|
index dfe2f871d42..808547ddbc0 100644
|
2016-12-19 14:32:43 -08:00
|
|
|
--- a/dlls/advapi32/tests/security.c
|
|
|
|
+++ b/dlls/advapi32/tests/security.c
|
|
|
|
@@ -2,7 +2,7 @@
|
|
|
|
* Unit tests for security functions
|
|
|
|
*
|
|
|
|
* Copyright (c) 2004 Mike McCormack
|
|
|
|
- * Copyright (c) 2011 Dmitry Timoshkov
|
|
|
|
+ * Copyright (c) 2011,2013,2014,2016 Dmitry Timoshkov
|
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
@@ -138,14 +138,6 @@ static HMODULE hmod;
|
|
|
|
static int myARGC;
|
|
|
|
static char** myARGV;
|
|
|
|
|
|
|
|
-struct strsid_entry
|
|
|
|
-{
|
|
|
|
- const char *str;
|
|
|
|
- DWORD flags;
|
|
|
|
-};
|
|
|
|
-#define STRSID_OK 0
|
|
|
|
-#define STRSID_OPT 1
|
|
|
|
-
|
|
|
|
#define SID_SLOTS 4
|
|
|
|
static char debugsid_str[SID_SLOTS][256];
|
|
|
|
static int debugsid_index = 0;
|
2017-07-12 03:56:45 -07:00
|
|
|
@@ -174,12 +166,6 @@ static const char* debugstr_sid(PSID sid)
|
2016-12-19 14:32:43 -08:00
|
|
|
return res;
|
|
|
|
}
|
|
|
|
|
|
|
|
-struct sidRef
|
|
|
|
-{
|
|
|
|
- SID_IDENTIFIER_AUTHORITY auth;
|
|
|
|
- const char *refStr;
|
|
|
|
-};
|
|
|
|
-
|
|
|
|
static void init(void)
|
|
|
|
{
|
|
|
|
HMODULE hntdll;
|
|
|
|
@@ -297,7 +283,11 @@ static void test_group_equal(HANDLE Handle, PSID expected, int line)
|
|
|
|
|
|
|
|
static void test_sid(void)
|
|
|
|
{
|
|
|
|
- struct sidRef refs[] = {
|
|
|
|
+ static struct
|
|
|
|
+ {
|
|
|
|
+ SID_IDENTIFIER_AUTHORITY auth;
|
|
|
|
+ const char *refStr;
|
|
|
|
+ } refs[] = {
|
|
|
|
{ { {0x00,0x00,0x33,0x44,0x55,0x66} }, "S-1-860116326-1" },
|
|
|
|
{ { {0x00,0x00,0x01,0x02,0x03,0x04} }, "S-1-16909060-1" },
|
|
|
|
{ { {0x00,0x00,0x00,0x01,0x02,0x03} }, "S-1-66051-1" },
|
|
|
|
@@ -305,24 +295,60 @@ static void test_sid(void)
|
|
|
|
{ { {0x00,0x00,0x00,0x00,0x00,0x02} }, "S-1-2-1" },
|
|
|
|
{ { {0x00,0x00,0x00,0x00,0x00,0x0c} }, "S-1-12-1" },
|
|
|
|
};
|
|
|
|
- struct strsid_entry strsid_table[] = {
|
|
|
|
- {"AO", STRSID_OK}, {"RU", STRSID_OK}, {"AN", STRSID_OK}, {"AU", STRSID_OK},
|
|
|
|
- {"BA", STRSID_OK}, {"BG", STRSID_OK}, {"BO", STRSID_OK}, {"BU", STRSID_OK},
|
|
|
|
- {"CA", STRSID_OPT}, {"CG", STRSID_OK}, {"CO", STRSID_OK}, {"DA", STRSID_OPT},
|
|
|
|
- {"DC", STRSID_OPT}, {"DD", STRSID_OPT}, {"DG", STRSID_OPT}, {"DU", STRSID_OPT},
|
|
|
|
- {"EA", STRSID_OPT}, {"ED", STRSID_OK}, {"WD", STRSID_OK}, {"PA", STRSID_OPT},
|
|
|
|
- {"IU", STRSID_OK}, {"LA", STRSID_OK}, {"LG", STRSID_OK}, {"LS", STRSID_OK},
|
|
|
|
- {"SY", STRSID_OK}, {"NU", STRSID_OK}, {"NO", STRSID_OK}, {"NS", STRSID_OK},
|
|
|
|
- {"PO", STRSID_OK}, {"PS", STRSID_OK}, {"PU", STRSID_OK}, {"RS", STRSID_OPT},
|
|
|
|
- {"RD", STRSID_OK}, {"RE", STRSID_OK}, {"RC", STRSID_OK}, {"SA", STRSID_OPT},
|
|
|
|
- {"SO", STRSID_OK}, {"SU", STRSID_OK}};
|
|
|
|
-
|
|
|
|
+ static const struct
|
|
|
|
+ {
|
|
|
|
+ const char *str;
|
|
|
|
+ WELL_KNOWN_SID_TYPE sid_type;
|
|
|
|
+ BOOL optional;
|
|
|
|
+ } strsid_table[] = {
|
|
|
|
+ /* Please keep the list sorted. */
|
|
|
|
+ { "AC", WinBuiltinAnyPackageSid, TRUE },
|
|
|
|
+ { "AN", WinAnonymousSid },
|
|
|
|
+ { "AO", WinBuiltinAccountOperatorsSid },
|
|
|
|
+ { "AU", WinAuthenticatedUserSid },
|
|
|
|
+ { "BA", WinBuiltinAdministratorsSid },
|
|
|
|
+ { "BG", WinBuiltinGuestsSid },
|
|
|
|
+ { "BO", WinBuiltinBackupOperatorsSid },
|
|
|
|
+ { "BU", WinBuiltinUsersSid },
|
|
|
|
+ { "CA", WinAccountCertAdminsSid, TRUE},
|
|
|
|
+ { "CG", WinCreatorGroupSid },
|
|
|
|
+ { "CO", WinCreatorOwnerSid },
|
|
|
|
+ { "DA", WinAccountDomainAdminsSid, TRUE},
|
|
|
|
+ { "DC", WinAccountComputersSid, TRUE},
|
|
|
|
+ { "DD", WinAccountControllersSid, TRUE},
|
|
|
|
+ { "DG", WinAccountDomainGuestsSid, TRUE},
|
|
|
|
+ { "DU", WinAccountDomainUsersSid, TRUE},
|
|
|
|
+ { "EA", WinAccountEnterpriseAdminsSid, TRUE},
|
|
|
|
+ { "ED", WinEnterpriseControllersSid },
|
|
|
|
+ { "IU", WinInteractiveSid },
|
|
|
|
+ { "LA", WinAccountAdministratorSid },
|
|
|
|
+ { "LG", WinAccountGuestSid },
|
|
|
|
+ { "LS", WinLocalServiceSid },
|
|
|
|
+ { "NO", WinBuiltinNetworkConfigurationOperatorsSid },
|
|
|
|
+ { "NS", WinNetworkServiceSid },
|
|
|
|
+ { "NU", WinNetworkSid },
|
|
|
|
+ { "PA", WinAccountPolicyAdminsSid, TRUE},
|
|
|
|
+ { "PO", WinBuiltinPrintOperatorsSid },
|
|
|
|
+ { "PS", WinSelfSid },
|
|
|
|
+ { "PU", WinBuiltinPowerUsersSid },
|
|
|
|
+ { "RC", WinRestrictedCodeSid },
|
|
|
|
+ { "RD", WinBuiltinRemoteDesktopUsersSid },
|
|
|
|
+ { "RE", WinBuiltinReplicatorSid },
|
|
|
|
+ { "RS", WinAccountRasAndIasServersSid, TRUE },
|
|
|
|
+ { "RU", WinBuiltinPreWindows2000CompatibleAccessSid },
|
|
|
|
+ { "SA", WinAccountSchemaAdminsSid, TRUE },
|
|
|
|
+ { "SO", WinBuiltinSystemOperatorsSid },
|
|
|
|
+ { "SU", WinServiceSid },
|
|
|
|
+ { "SY", WinLocalSystemSid },
|
|
|
|
+ { "WD", WinWorldSid },
|
|
|
|
+ };
|
|
|
|
+ SID_IDENTIFIER_AUTHORITY domain_ident = { SECURITY_NT_AUTHORITY };
|
|
|
|
const char noSubAuthStr[] = "S-1-5";
|
|
|
|
unsigned int i;
|
|
|
|
- PSID psid = NULL;
|
|
|
|
+ PSID psid, domain_sid;
|
|
|
|
SID *pisid;
|
|
|
|
BOOL r;
|
|
|
|
- LPSTR str = NULL;
|
|
|
|
+ LPSTR str;
|
|
|
|
|
2017-07-12 03:56:45 -07:00
|
|
|
if( !pConvertStringSidToSidA )
|
2016-12-19 14:32:43 -08:00
|
|
|
{
|
|
|
|
@@ -402,7 +428,7 @@ static void test_sid(void)
|
|
|
|
}
|
|
|
|
|
|
|
|
/* string constant format not supported before XP */
|
|
|
|
- r = pConvertStringSidToSidA(strsid_table[0].str, &psid);
|
|
|
|
+ r = pConvertStringSidToSidA("AN", &psid);
|
|
|
|
if(!r)
|
|
|
|
{
|
|
|
|
win_skip("String constant format not supported\n");
|
|
|
|
@@ -410,25 +436,51 @@ static void test_sid(void)
|
|
|
|
}
|
|
|
|
LocalFree(psid);
|
|
|
|
|
|
|
|
+ AllocateAndInitializeSid(&domain_ident, 4, SECURITY_NT_NON_UNIQUE, 0, 0, 0, 0, 0, 0, 0, &domain_sid);
|
|
|
|
+
|
|
|
|
for(i = 0; i < sizeof(strsid_table) / sizeof(strsid_table[0]); i++)
|
|
|
|
{
|
|
|
|
- char *temp;
|
|
|
|
-
|
|
|
|
SetLastError(0xdeadbeef);
|
|
|
|
r = pConvertStringSidToSidA(strsid_table[i].str, &psid);
|
|
|
|
|
|
|
|
- if (!(strsid_table[i].flags & STRSID_OPT))
|
|
|
|
+ if (!(strsid_table[i].optional))
|
|
|
|
{
|
|
|
|
ok(r, "%s: got %u\n", strsid_table[i].str, GetLastError());
|
|
|
|
}
|
|
|
|
|
|
|
|
if (r)
|
|
|
|
{
|
2017-07-12 03:56:45 -07:00
|
|
|
- if ((winetest_debug > 1) && (ConvertSidToStringSidA(psid, &temp)))
|
2016-12-19 14:32:43 -08:00
|
|
|
+ char buf[SECURITY_MAX_SID_SIZE];
|
|
|
|
+ char *sid_string, *well_known_sid_string;
|
|
|
|
+ DWORD n, size;
|
|
|
|
+
|
|
|
|
+ /* zero out domain id before comparison to simplify things */
|
|
|
|
+ if (strsid_table[i].sid_type == WinAccountAdministratorSid ||
|
|
|
|
+ strsid_table[i].sid_type == WinAccountGuestSid)
|
|
|
|
{
|
|
|
|
- trace(" %s: %s\n", strsid_table[i].str, temp);
|
|
|
|
- LocalFree(temp);
|
|
|
|
+ for (n = 1; n <= 3; n++)
|
|
|
|
+ *GetSidSubAuthority(psid, n) = 0;
|
|
|
|
}
|
|
|
|
+
|
2017-07-12 03:56:45 -07:00
|
|
|
+ r = ConvertSidToStringSidA(psid, &sid_string);
|
2016-12-19 14:32:43 -08:00
|
|
|
+ ok(r, "%s: ConvertSidToStringSid error %u\n", strsid_table[i].str, GetLastError());
|
|
|
|
+ if (winetest_debug > 1)
|
|
|
|
+ trace("%s => %s\n", strsid_table[i].str, sid_string);
|
|
|
|
+
|
|
|
|
+ size = sizeof(buf);
|
|
|
|
+ r = pCreateWellKnownSid(strsid_table[i].sid_type, domain_sid, buf, &size);
|
|
|
|
+ ok(r, "%u: CreateWellKnownSid(%u) error %u\n", i, strsid_table[i].sid_type, GetLastError());
|
|
|
|
+
|
2017-07-12 03:56:45 -07:00
|
|
|
+ r = ConvertSidToStringSidA(buf, &well_known_sid_string);
|
2016-12-19 14:32:43 -08:00
|
|
|
+ ok(r, "%u: ConvertSidToStringSi(%u) error %u\n", i, strsid_table[i].sid_type, GetLastError());
|
|
|
|
+ if (winetest_debug > 1)
|
|
|
|
+ trace("%u => %s\n", strsid_table[i].sid_type, well_known_sid_string);
|
|
|
|
+
|
|
|
|
+ ok(strcmp(sid_string, well_known_sid_string) == 0,
|
|
|
|
+ "%u: (%u) expected %s, got %s\n", i, strsid_table[i].sid_type, well_known_sid_string, sid_string);
|
|
|
|
+
|
|
|
|
+ LocalFree(well_known_sid_string);
|
|
|
|
+ LocalFree(sid_string);
|
|
|
|
LocalFree(psid);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
@@ -439,6 +491,8 @@ static void test_sid(void)
|
|
|
|
trace(" %s: couldn't be converted\n", strsid_table[i].str);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
+
|
|
|
|
+ LocalFree(domain_sid);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void test_trustee(void)
|
|
|
|
@@ -2288,7 +2342,7 @@ static void test_LookupAccountSid(void)
|
2017-07-12 03:56:45 -07:00
|
|
|
if (pCreateWellKnownSid)
|
2016-12-19 14:32:43 -08:00
|
|
|
{
|
|
|
|
trace("Well Known SIDs:\n");
|
|
|
|
- for (i = 0; i <= 60; i++)
|
|
|
|
+ for (i = 0; i <= 84; i++)
|
|
|
|
{
|
|
|
|
size = SECURITY_MAX_SID_SIZE;
|
|
|
|
if (pCreateWellKnownSid(i, NULL, &max_sid.sid, &size))
|
|
|
|
--
|
2017-07-12 03:56:45 -07:00
|
|
|
2.13.1
|
2016-12-19 14:32:43 -08:00
|
|
|
|