wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2024-09-13 09:17:20 -07:00
Code Issues Packages Projects Releases Wiki Activity

Added patch to fix various issues related to advapi32.LookupAccountSidA.

Browse Source
This commit is contained in:
Sebastian Lackner 2015-04-29 16:08:58 +02:00
parent e390275c1d
commit 1f8b2211dc
7 changed files with 245 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
debian/changelog vendored
View File

@ -3,6 +3,7 @@ wine-staging (1.7.42) UNRELEASED; urgency=low
* Added patch to update timezone information in wine.inf.
* Added patch to fix check for texture levels in wined3d_device_update_texture.
* Added patch to ignore garbage after decoding gif lines.
* Added patch to fix various issues related to advapi32.LookupAccountSidA.
* Removed patch to avoid crash when trying to bind mshtml event scripts to window (fixed upstream).
* Removed patch for stub of ntdll.WinSqmIsOptedIn (fixed upstream).
* Removed patch to fix issues with invalid console handles for new processes (accepted upstream).

95
patches/advapi32-LsaLookupSids/0005-advapi32-tests-Test-prefix-and-use-of-TokenPrimaryGr.patch Normal file
View File

@ -0,0 +1,95 @@
From f0290aad953e988b1a15e214ecfc57f21dc136af Mon Sep 17 00:00:00 2001
From: Qian Hong <qhong@codeweavers.com>
Date: Tue, 28 Apr 2015 23:28:50 +0800
Subject: advapi32/tests: Test prefix and use of TokenPrimaryGroup Sid.
---
dlls/advapi32/tests/security.c | 35 ++++++++++++++++++++++++++++++-----
1 file changed, 30 insertions(+), 5 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index f3fc682..6a716d6 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -2514,19 +2514,21 @@ static void test_granted_access(HANDLE handle, ACCESS_MASK access,
static void test_process_security(void)
{
BOOL res;
+ PTOKEN_USER user;
PTOKEN_OWNER owner;
PTOKEN_PRIMARY_GROUP group;
- PSID AdminSid = NULL, UsersSid = NULL;
+ PSID AdminSid = NULL, UsersSid = NULL, UserSid = NULL;
PACL Acl = NULL, ThreadAcl = NULL;
SECURITY_DESCRIPTOR *SecurityDescriptor = NULL, *ThreadSecurityDescriptor = NULL;
- char buffer[MAX_PATH];
+ char buffer[MAX_PATH], account[MAX_PATH], domain[MAX_PATH];
PROCESS_INFORMATION info;
STARTUPINFOA startup;
SECURITY_ATTRIBUTES psa, tsa;
HANDLE token, event;
- DWORD size;
+ DWORD size, acc_size, dom_size, ret;
SID_IDENTIFIER_AUTHORITY SIDAuthWorld = { SECURITY_WORLD_SID_AUTHORITY };
PSID EveryoneSid = NULL;
+ SID_NAME_USE use;
Acl = HeapAlloc(GetProcessHeap(), 0, 256);
res = InitializeAcl(Acl, 256, ACL_REVISION);
@@ -2558,7 +2560,8 @@ static void test_process_security(void)
owner = HeapAlloc(GetProcessHeap(), 0, size);
res = GetTokenInformation( token, TokenOwner, owner, size, &size );
ok(res, "GetTokenInformation failed with error %d\n", GetLastError());
- AdminSid = ((TOKEN_OWNER*)owner)->Owner;
+ AdminSid = owner->Owner;
+ test_sid_str(AdminSid);
res = GetTokenInformation( token, TokenPrimaryGroup, NULL, 0, &size );
ok(!res, "Expected failure, got %d\n", res);
@@ -2568,13 +2571,34 @@ static void test_process_security(void)
group = HeapAlloc(GetProcessHeap(), 0, size);
res = GetTokenInformation( token, TokenPrimaryGroup, group, size, &size );
ok(res, "GetTokenInformation failed with error %d\n", GetLastError());
- UsersSid = ((TOKEN_PRIMARY_GROUP*)group)->PrimaryGroup;
+ UsersSid = group->PrimaryGroup;
+ test_sid_str(UsersSid);
+
+ acc_size = sizeof(account);
+ dom_size = sizeof(domain);
+ ret = LookupAccountSidA( NULL, UsersSid, account, &acc_size, domain, &dom_size, &use );
+ ok(ret, "LookupAccountSid failed with %d\n", ret);
+ todo_wine ok(use == SidTypeGroup, "expect SidTypeGroup, got %d\n", use);
+ todo_wine ok(!strcmp(account, "None"), "expect None, got %s\n", account);
+
+ res = GetTokenInformation( token, TokenUser, NULL, 0, &size );
+ ok(!res, "Expected failure, got %d\n", res);
+ ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER,
+ "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n", GetLastError());
+
+ user = HeapAlloc(GetProcessHeap(), 0, size);
+ res = GetTokenInformation( token, TokenUser, user, size, &size );
+ ok(res, "GetTokenInformation failed with error %d\n", GetLastError());
+ UserSid = user->User.Sid;
+ test_sid_str(UserSid);
+ todo_wine ok(EqualPrefixSid(UsersSid, UserSid), "TokenPrimaryGroup Sid and TokenUser Sid don't match.\n");
CloseHandle( token );
if (!res)
{
HeapFree(GetProcessHeap(), 0, group);
HeapFree(GetProcessHeap(), 0, owner);
+ HeapFree(GetProcessHeap(), 0, user);
HeapFree(GetProcessHeap(), 0, Acl);
return;
}
@@ -2681,6 +2705,7 @@ static void test_process_security(void)
CloseHandle( event );
HeapFree(GetProcessHeap(), 0, group);
HeapFree(GetProcessHeap(), 0, owner);
+ HeapFree(GetProcessHeap(), 0, user);
HeapFree(GetProcessHeap(), 0, Acl);
HeapFree(GetProcessHeap(), 0, SecurityDescriptor);
HeapFree(GetProcessHeap(), 0, ThreadAcl);
--
2.3.5

38
patches/advapi32-LsaLookupSids/0006-server-Create-primary-group-using-DOMAIN_GROUP_RID_U.patch Normal file
View File

@ -0,0 +1,38 @@
From 5487b4720e24aaa7a10719fc36bc23c851a48a9b Mon Sep 17 00:00:00 2001
From: Qian Hong <qhong@codeweavers.com>
Date: Tue, 28 Apr 2015 22:35:26 +0800
Subject: server: Create primary group using DOMAIN_GROUP_RID_USERS.
---
dlls/advapi32/tests/security.c | 2 +-
server/token.c | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 25b34ba4..573119f 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -2591,7 +2591,7 @@ static void test_process_security(void)
ok(res, "GetTokenInformation failed with error %d\n", GetLastError());
UserSid = user->User.Sid;
test_sid_str(UserSid);
- todo_wine ok(EqualPrefixSid(UsersSid, UserSid), "TokenPrimaryGroup Sid and TokenUser Sid don't match.\n");
+ ok(EqualPrefixSid(UsersSid, UserSid), "TokenPrimaryGroup Sid and TokenUser Sid don't match.\n");
CloseHandle( token );
if (!res)
diff --git a/server/token.c b/server/token.c
index e57cbc6..be8c53b 100644
--- a/server/token.c
+++ b/server/token.c
@@ -695,6 +695,7 @@ struct token *token_create_admin( void )
{ security_local_sid, SE_GROUP_ENABLED|SE_GROUP_ENABLED_BY_DEFAULT|SE_GROUP_MANDATORY },
{ security_interactive_sid, SE_GROUP_ENABLED|SE_GROUP_ENABLED_BY_DEFAULT|SE_GROUP_MANDATORY },
{ security_authenticated_user_sid, SE_GROUP_ENABLED|SE_GROUP_ENABLED_BY_DEFAULT|SE_GROUP_MANDATORY },
+ { security_domain_users_sid, SE_GROUP_ENABLED|SE_GROUP_ENABLED_BY_DEFAULT|SE_GROUP_MANDATORY|SE_GROUP_OWNER },
{ alias_admins_sid, SE_GROUP_ENABLED|SE_GROUP_ENABLED_BY_DEFAULT|SE_GROUP_MANDATORY|SE_GROUP_OWNER },
{ alias_users_sid, SE_GROUP_ENABLED|SE_GROUP_ENABLED_BY_DEFAULT|SE_GROUP_MANDATORY },
{ logon_sid, SE_GROUP_ENABLED|SE_GROUP_ENABLED_BY_DEFAULT|SE_GROUP_MANDATORY|SE_GROUP_LOGON_ID },
--
2.3.5

53
patches/advapi32-LsaLookupSids/0007-advapi32-Fix-name-and-use-of-DOMAIN_GROUP_RID_USERS.patch Normal file
View File

@ -0,0 +1,53 @@
From 83517396c266c2de290670128d678770f5d79cc9 Mon Sep 17 00:00:00 2001
From: Qian Hong <qhong@codeweavers.com>
Date: Tue, 28 Apr 2015 23:00:08 +0800
Subject: advapi32: Fix name and use of DOMAIN_GROUP_RID_USERS.
---
dlls/advapi32/security.c | 7 +++++--
dlls/advapi32/tests/security.c | 4 ++--
2 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index d27b2e7..2362dd5 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -191,7 +191,7 @@ static const WCHAR Domain_Admins[] = { 'D','o','m','a','i','n',' ','A','d','m','
static const WCHAR Domain_Computers[] = { 'D','o','m','a','i','n',' ','C','o','m','p','u','t','e','r','s',0 };
static const WCHAR Domain_Controllers[] = { 'D','o','m','a','i','n',' ','C','o','n','t','r','o','l','l','e','r','s',0 };
static const WCHAR Domain_Guests[] = { 'D','o','m','a','i','n',' ','G','u','e','s','t','s',0 };
-static const WCHAR Domain_Users[] = { 'D','o','m','a','i','n',' ','U','s','e','r','s',0 };
+static const WCHAR None[] = { 'N','o','n','e',0 };
static const WCHAR Enterprise_Admins[] = { 'E','n','t','e','r','p','r','i','s','e',' ','A','d','m','i','n','s',0 };
static const WCHAR ENTERPRISE_DOMAIN_CONTROLLERS[] = { 'E','N','T','E','R','P','R','I','S','E',' ','D','O','M','A','I','N',' ','C','O','N','T','R','O','L','L','E','R','S',0 };
static const WCHAR Everyone[] = { 'E','v','e','r','y','o','n','e',0 };
@@ -2206,7 +2206,10 @@ LookupAccountSidW(
ac = Domain_Admins;
break;
case DOMAIN_GROUP_RID_USERS:
- ac = Domain_Users;
+ /* MSDN says the name of DOMAIN_GROUP_RID_USERS is Domain Users,
+ * tests show that MSDN seems to be wrong. */
+ ac = None;
+ use = 2;
break;
case DOMAIN_GROUP_RID_GUESTS:
ac = Domain_Guests;
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 573119f..490ce26 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -2578,8 +2578,8 @@ static void test_process_security(void)
dom_size = sizeof(domain);
ret = LookupAccountSidA( NULL, UsersSid, account, &acc_size, domain, &dom_size, &use );
ok(ret, "LookupAccountSid failed with %d\n", ret);
- todo_wine ok(use == SidTypeGroup, "expect SidTypeGroup, got %d\n", use);
- todo_wine ok(!strcmp(account, "None"), "expect None, got %s\n", account);
+ ok(use == SidTypeGroup, "expect SidTypeGroup, got %d\n", use);
+ ok(!strcmp(account, "None"), "expect None, got %s\n", account);
res = GetTokenInformation( token, TokenUser, NULL, 0, &size );
ok(!res, "Expected failure, got %d\n", res);
--
2.3.5

2
patches/advapi32-LsaLookupSids/definition Normal file
View File

@ -0,0 +1,2 @@
Depends: server-Misc_ACL
Depends: server-CreateProcess_ACLs

91
patches/patchinstall.sh
View File

@ -1435,6 +1435,17 @@ if test "$enable_d3dx9_24_ID3DXEffect" -eq 1; then
enable_d3dx9_25_ID3DXEffect=1
fi
if test "$enable_advapi32_LsaLookupSids" -eq 1; then
if test "$enable_server_CreateProcess_ACLs" -gt 1; then
abort "Patchset server-CreateProcess_ACLs disabled, but advapi32-LsaLookupSids depends on that."
fi
if test "$enable_server_Misc_ACL" -gt 1; then
abort "Patchset server-Misc_ACL disabled, but advapi32-LsaLookupSids depends on that."
fi
enable_server_CreateProcess_ACLs=1
enable_server_Misc_ACL=1
fi
if test "$enable_Exagear" -eq 1; then
if test "$enable_ntdll_WRITECOPY" -gt 1; then
abort "Patchset ntdll-WRITECOPY disabled, but Exagear depends on that."
@ -1579,21 +1590,63 @@ if test "$enable_Staging" -eq 1; then
) >> "$patchlist"
fi
# Patchset server-Misc_ACL
# |
# | This patchset fixes the following Wine bugs:
# | * [#15980] GetSecurityInfo returns NULL DACL for process object
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, server/process.c, server/security.h, server/token.c
# |
if test "$enable_server_Misc_ACL" -eq 1; then
patch_apply server-Misc_ACL/0001-server-Add-default-security-descriptor-ownership-for.patch
patch_apply server-Misc_ACL/0002-server-Add-default-security-descriptor-DACL-for-proc.patch
(
echo '+ { "Erich E. Hoover", "server: Add default security descriptor ownership for processes.", 1 },';
echo '+ { "Erich E. Hoover", "server: Add default security descriptor DACL for processes.", 1 },';
) >> "$patchlist"
fi
# Patchset server-CreateProcess_ACLs
# |
# | This patchset fixes the following Wine bugs:
# | * [#22006] Support for process ACLs
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, dlls/kernel32/process.c, server/process.c, server/protocol.def
# |
if test "$enable_server_CreateProcess_ACLs" -eq 1; then
patch_apply server-CreateProcess_ACLs/0001-server-Support-for-thread-and-process-security-descr.patch
patch_apply server-CreateProcess_ACLs/0002-kernel32-Implement-passing-security-descriptors-from.patch
patch_apply server-CreateProcess_ACLs/0003-advapi32-tests-Add-additional-tests-for-passing-a-th.patch
(
echo '+ { "Sebastian Lackner", "server: Support for thread and process security descriptors in new_process wineserver call.", 2 },';
echo '+ { "Sebastian Lackner", "kernel32: Implement passing security descriptors from CreateProcess to the wineserver.", 2 },';
echo '+ { "Joris van der Wel", "advapi32/tests: Add additional tests for passing a thread sd to CreateProcess.", 1 },';
) >> "$patchlist"
fi
# Patchset advapi32-LsaLookupSids
# |
# | Modified files:
# | * dlls/advapi32/lsa.c
# | * dlls/advapi32/lsa.c, dlls/advapi32/security.c, dlls/advapi32/tests/security.c, server/token.c
# |
if test "$enable_advapi32_LsaLookupSids" -eq 1; then
patch_apply advapi32-LsaLookupSids/0001-advapi32-Initialize-buffer-length-to-zero-in-LsaLook.patch
patch_apply advapi32-LsaLookupSids/0002-advapi32-Prepend-a-hidden-LSA_TRUST_INFORMATION-in-L.patch
patch_apply advapi32-LsaLookupSids/0003-advapi32-Prepend-a-hidden-LSA_TRUST_INFORMATION-in-L.patch
patch_apply advapi32-LsaLookupSids/0004-advapi32-Fallback-to-Sid-string-when-LookupAccountSi.patch
patch_apply advapi32-LsaLookupSids/0005-advapi32-tests-Test-prefix-and-use-of-TokenPrimaryGr.patch
patch_apply advapi32-LsaLookupSids/0006-server-Create-primary-group-using-DOMAIN_GROUP_RID_U.patch
patch_apply advapi32-LsaLookupSids/0007-advapi32-Fix-name-and-use-of-DOMAIN_GROUP_RID_USERS.patch
(
echo '+ { "Qian Hong", "advapi32: Initialize buffer length to zero in LsaLookupSids to prevent crash.", 2 },';
echo '+ { "Qian Hong", "advapi32: Prepend a hidden LSA_TRUST_INFORMATION in LsaLookupSids to avoid crash when Domains[-1] incorrectly accessed by application.", 2 },';
echo '+ { "Qian Hong", "advapi32: Prepend a hidden LSA_TRUST_INFORMATION in LsaLookupNames2 to avoid crash when Domains[-1] incorrectly accessed by application.", 2 },';
echo '+ { "Qian Hong", "advapi32: Fallback to Sid string when LookupAccountSid fails.", 1 },';
echo '+ { "Qian Hong", "advapi32/tests: Test prefix and use of TokenPrimaryGroup Sid.", 1 },';
echo '+ { "Qian Hong", "server: Create primary group using DOMAIN_GROUP_RID_USERS.", 1 },';
echo '+ { "Qian Hong", "advapi32: Fix name and use of DOMAIN_GROUP_RID_USERS.", 1 },';
) >> "$patchlist"
fi
@ -4087,25 +4140,6 @@ if test "$enable_server_ClipCursor" -eq 1; then
) >> "$patchlist"
fi
# Patchset server-CreateProcess_ACLs
# |
# | This patchset fixes the following Wine bugs:
# | * [#22006] Support for process ACLs
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, dlls/kernel32/process.c, server/process.c, server/protocol.def
# |
if test "$enable_server_CreateProcess_ACLs" -eq 1; then
patch_apply server-CreateProcess_ACLs/0001-server-Support-for-thread-and-process-security-descr.patch
patch_apply server-CreateProcess_ACLs/0002-kernel32-Implement-passing-security-descriptors-from.patch
patch_apply server-CreateProcess_ACLs/0003-advapi32-tests-Add-additional-tests-for-passing-a-th.patch
(
echo '+ { "Sebastian Lackner", "server: Support for thread and process security descriptors in new_process wineserver call.", 2 },';
echo '+ { "Sebastian Lackner", "kernel32: Implement passing security descriptors from CreateProcess to the wineserver.", 2 },';
echo '+ { "Joris van der Wel", "advapi32/tests: Add additional tests for passing a thread sd to CreateProcess.", 1 },';
) >> "$patchlist"
fi
# Patchset server-Delete_On_Close
# |
# | This patchset fixes the following Wine bugs:
@ -4123,23 +4157,6 @@ if test "$enable_server_Delete_On_Close" -eq 1; then
) >> "$patchlist"
fi
# Patchset server-Misc_ACL
# |
# | This patchset fixes the following Wine bugs:
# | * [#15980] GetSecurityInfo returns NULL DACL for process object
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, server/process.c, server/security.h, server/token.c
# |
if test "$enable_server_Misc_ACL" -eq 1; then
patch_apply server-Misc_ACL/0001-server-Add-default-security-descriptor-ownership-for.patch
patch_apply server-Misc_ACL/0002-server-Add-default-security-descriptor-DACL-for-proc.patch
(
echo '+ { "Erich E. Hoover", "server: Add default security descriptor ownership for processes.", 1 },';
echo '+ { "Erich E. Hoover", "server: Add default security descriptor DACL for processes.", 1 },';
) >> "$patchlist"
fi
# Patchset server-OpenProcess
# |
# | This patchset fixes the following Wine bugs:

4
patches/wined3d-CSMT_Main/9999-IfDefined.patch
View File

@ -463,7 +463,7 @@ diff --git a/dlls/wined3d/state.c b/dlls/wined3d/state.c
diff --git a/dlls/d3d8/tests/visual.c b/dlls/d3d8/tests/visual.c
--- a/dlls/d3d8/tests/visual.c
+++ b/dlls/d3d8/tests/visual.c
@@ -5110,7 +5110,11 @@
@@ -5408,7 +5408,11 @@
fill_surface(surface_managed, 0x0000ff00, D3DLOCK_NO_DIRTY_UPDATE);
add_dirty_rect_test_draw(device);
color = getPixelColor(device, 320, 240);
@ -1685,7 +1685,7 @@ diff --git a/dlls/wined3d/stateblock.c b/dlls/wined3d/stateblock.c
diff --git a/dlls/d3d9/tests/visual.c b/dlls/d3d9/tests/visual.c
--- a/dlls/d3d9/tests/visual.c
+++ b/dlls/d3d9/tests/visual.c
@@ -16806,7 +16806,11 @@
@@ -16877,7 +16877,11 @@
fill_surface(surface_managed, 0x0000ff00, D3DLOCK_NO_DIRTY_UPDATE);
add_dirty_rect_test_draw(device);
color = getPixelColor(device, 320, 240);