Added patch to implement LsaLookupPrivilege[Display]Name stubs.

patches/advapi-LsaLookupPrivilegeName/0001-advapi32-Fix-error-code-when-calling-LsaOpenPolicy-f.patch

@@ -0,0 +1,55 @@
+From ce0ab0ccd6e4953a9673d15e00cf602668469c2c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
+Date: Sun, 5 Mar 2017 23:04:36 +0100
+Subject: advapi32: Fix error code when calling LsaOpenPolicy for non existing
+ remote machine.
+
+---
+ dlls/advapi32/lsa.c       |  2 +-
+ dlls/advapi32/tests/lsa.c | 10 ++++++++++
+ 2 files changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/dlls/advapi32/lsa.c b/dlls/advapi32/lsa.c
+index b8dedbd6d58..e5e3b1649c0 100644
+--- a/dlls/advapi32/lsa.c
++++ b/dlls/advapi32/lsa.c
+@@ -692,7 +692,7 @@ NTSTATUS WINAPI LsaOpenPolicy(
+           ObjectAttributes, DesiredAccess, PolicyHandle);
+ 
+     ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
+-                              STATUS_ACCESS_VIOLATION);
++                              RPC_NT_SERVER_UNAVAILABLE);
+     dumpLsaAttributes(ObjectAttributes);
+ 
+     if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
+diff --git a/dlls/advapi32/tests/lsa.c b/dlls/advapi32/tests/lsa.c
+index 4daf75f58d1..7ddda731be2 100644
+--- a/dlls/advapi32/tests/lsa.c
++++ b/dlls/advapi32/tests/lsa.c
+@@ -70,6 +70,8 @@ static BOOL init(void)
+ 
+ static void test_lsa(void)
+ {
++    static WCHAR machineW[] = {'W','i','n','e','N','o','M','a','c','h','i','n','e',0};
++    LSA_UNICODE_STRING machine;
+     NTSTATUS status;
+     LSA_HANDLE handle;
+     LSA_OBJECT_ATTRIBUTES object_attributes;
+@@ -77,6 +79,14 @@ static void test_lsa(void)
+     ZeroMemory(&object_attributes, sizeof(object_attributes));
+     object_attributes.Length = sizeof(object_attributes);
+ 
++    machine.Buffer = machineW;
++    machine.Length = sizeof(machineW) - 2;
++    machine.MaximumLength = sizeof(machineW);
++
++    status = pLsaOpenPolicy( &machine, &object_attributes, POLICY_LOOKUP_NAMES, &handle);
++    ok(status == RPC_NT_SERVER_UNAVAILABLE,
++       "LsaOpenPolicy(POLICY_LOOKUP_NAMES) for invalid machine returned 0x%08x\n", status);
++
+     status = pLsaOpenPolicy( NULL, &object_attributes, POLICY_ALL_ACCESS, &handle);
+     ok(status == STATUS_SUCCESS || status == STATUS_ACCESS_DENIED,
+        "LsaOpenPolicy(POLICY_ALL_ACCESS) returned 0x%08x\n", status);
+-- 
+2.11.0
+

patches/advapi-LsaLookupPrivilegeName/0002-advapi32-Use-TRACE-for-LsaOpenPolicy-LsaClose.patch

@@ -0,0 +1,34 @@
+From 1941137bff72a2297812bbd05fb6f6a1578426b0 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
+Date: Sun, 5 Mar 2017 23:05:54 +0100
+Subject: advapi32: Use TRACE for LsaOpenPolicy/LsaClose.
+
+---
+ dlls/advapi32/lsa.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/dlls/advapi32/lsa.c b/dlls/advapi32/lsa.c
+index e5e3b1649c0..0f2167d19ab 100644
+--- a/dlls/advapi32/lsa.c
++++ b/dlls/advapi32/lsa.c
+@@ -136,7 +136,7 @@ NTSTATUS WINAPI LsaAddAccountRights(
+  */
+ NTSTATUS WINAPI LsaClose(IN LSA_HANDLE ObjectHandle)
+ {
+-    FIXME("(%p) stub\n", ObjectHandle);
++    TRACE("(%p) semi-stub\n", ObjectHandle);
+     return STATUS_SUCCESS;
+ }
+ 
+@@ -687,7 +687,7 @@ NTSTATUS WINAPI LsaOpenPolicy(
+     IN ACCESS_MASK DesiredAccess,
+     IN OUT PLSA_HANDLE PolicyHandle)
+ {
+-    FIXME("(%s,%p,0x%08x,%p) stub\n",
++    TRACE("(%s,%p,0x%08x,%p) semi-stub\n",
+           SystemName?debugstr_w(SystemName->Buffer):"(null)",
+           ObjectAttributes, DesiredAccess, PolicyHandle);
+ 
+-- 
+2.11.0
+

patches/advapi-LsaLookupPrivilegeName/0003-advapi32-Implement-LsaLookupPrivilegeName.patch

@@ -0,0 +1,162 @@
+From fdc085e009942fa89ef5f0cd4104ab78c9d80b1b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
+Date: Sun, 5 Mar 2017 23:50:06 +0100
+Subject: advapi32: Implement LsaLookupPrivilegeName.
+
+---
+ dlls/advapi32/advapi32.spec   |  2 +-
+ dlls/advapi32/advapi32_misc.h |  2 ++
+ dlls/advapi32/lsa.c           | 38 ++++++++++++++++++++++++++++++++++++++
+ dlls/advapi32/security.c      | 27 ++++++++++++++++++---------
+ include/ntsecapi.h            |  1 +
+ 5 files changed, 60 insertions(+), 10 deletions(-)
+
+diff --git a/dlls/advapi32/advapi32.spec b/dlls/advapi32/advapi32.spec
+index 3000973265c..2c599c8bd92 100644
+--- a/dlls/advapi32/advapi32.spec
++++ b/dlls/advapi32/advapi32.spec
+@@ -446,7 +446,7 @@
+ @ stdcall LsaLookupNames2(ptr long long ptr ptr ptr)
+ @ stdcall LsaLookupNames(long long ptr ptr ptr)
+ @ stub LsaLookupPrivilegeDisplayName
+-# @ stub LsaLookupPrivilegeName
++@ stdcall LsaLookupPrivilegeName(long ptr ptr)
+ # @ stub LsaLookupPrivilegeValue
+ @ stdcall LsaLookupSids(ptr long ptr ptr ptr)
+ # @ stub LsaManageSidNameMapping
+diff --git a/dlls/advapi32/advapi32_misc.h b/dlls/advapi32/advapi32_misc.h
+index d116ecb836e..ecb07f635a6 100644
+--- a/dlls/advapi32/advapi32_misc.h
++++ b/dlls/advapi32/advapi32_misc.h
+@@ -68,4 +68,6 @@ static inline WCHAR *strdupAW( const char *src )
+     return dst;
+ }
+ 
++const WCHAR * const WellKnownPrivNames[SE_MAX_WELL_KNOWN_PRIVILEGE + 1];
++
+ #endif /* __WINE_ADVAPI32MISC_H */
+diff --git a/dlls/advapi32/lsa.c b/dlls/advapi32/lsa.c
+index 0f2167d19ab..6a7a69a9eb7 100644
+--- a/dlls/advapi32/lsa.c
++++ b/dlls/advapi32/lsa.c
+@@ -1012,3 +1012,41 @@ NTSTATUS WINAPI LsaUnregisterPolicyChangeNotification(
+     FIXME("(%d,%p) stub\n", class, event);
+     return STATUS_SUCCESS;
+ }
++
++/******************************************************************************
++ * LsaLookupPrivilegeName [ADVAPI32.@]
++ *
++ */
++NTSTATUS WINAPI LsaLookupPrivilegeName(
++    LSA_HANDLE handle,
++    PLUID lpLuid,
++    PUNICODE_STRING *name)
++{
++    UNICODE_STRING *priv_unicode;
++    size_t priv_size;
++    WCHAR *strW;
++
++    TRACE("(%p, %p, %p)\n", handle, lpLuid, name);
++
++    if (!handle)
++        return STATUS_INVALID_HANDLE;
++
++    if (!name)
++        return STATUS_INVALID_PARAMETER;
++
++    if (lpLuid->HighPart ||
++        (lpLuid->LowPart < SE_MIN_WELL_KNOWN_PRIVILEGE ||
++         lpLuid->LowPart > SE_MAX_WELL_KNOWN_PRIVILEGE))
++        return STATUS_NO_SUCH_PRIVILEGE;
++
++    priv_size = (strlenW(WellKnownPrivNames[lpLuid->LowPart]) + 1) * sizeof(WCHAR);
++    priv_unicode = heap_alloc(sizeof(*priv_unicode) + priv_size);
++    if (!priv_unicode) return STATUS_NO_MEMORY;
++
++    strW = (WCHAR *)(priv_unicode + 1);
++    strcpyW(strW, WellKnownPrivNames[lpLuid->LowPart]);
++    RtlInitUnicodeString(priv_unicode, strW);
++
++    *name = priv_unicode;
++    return STATUS_SUCCESS;
++}
+diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
+index b0b368d6abf..24ec3099713 100644
+--- a/dlls/advapi32/security.c
++++ b/dlls/advapi32/security.c
+@@ -1840,7 +1840,7 @@ static const WCHAR SE_IMPERSONATE_NAME_W[] =
+ static const WCHAR SE_CREATE_GLOBAL_NAME_W[] =
+  { 'S','e','C','r','e','a','t','e','G','l','o','b','a','l','P','r','i','v','i','l','e','g','e',0 };
+ 
+-static const WCHAR * const WellKnownPrivNames[SE_MAX_WELL_KNOWN_PRIVILEGE + 1] =
++const WCHAR * const WellKnownPrivNames[SE_MAX_WELL_KNOWN_PRIVILEGE + 1] =
+ {
+     NULL,
+     NULL,
+@@ -2043,33 +2043,42 @@ BOOL WINAPI
+ LookupPrivilegeNameW( LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName,
+  LPDWORD cchName)
+ {
++    UNICODE_STRING system_name, *priv;
++    LSA_HANDLE lsa;
++    NTSTATUS status;
+     size_t privNameLen;
+ 
+     TRACE("%s,%p,%p,%p\n",debugstr_w(lpSystemName), lpLuid, lpName, cchName);
+ 
+-    if (!ADVAPI_IsLocalComputer(lpSystemName))
++    RtlInitUnicodeString(&system_name, lpSystemName);
++    status = LsaOpenPolicy(&system_name, NULL, POLICY_LOOKUP_NAMES, &lsa);
++    if (status)
+     {
+-        SetLastError(RPC_S_SERVER_UNAVAILABLE);
++        SetLastError(LsaNtStatusToWinError(status));
+         return FALSE;
+     }
+-    if (lpLuid->HighPart || (lpLuid->LowPart < SE_MIN_WELL_KNOWN_PRIVILEGE ||
+-     lpLuid->LowPart > SE_MAX_WELL_KNOWN_PRIVILEGE))
++
++    status = LsaLookupPrivilegeName(&lsa, lpLuid, &priv);
++    LsaClose(lsa);
++    if (status)
+     {
+-        SetLastError(ERROR_NO_SUCH_PRIVILEGE);
++        SetLastError(LsaNtStatusToWinError(status));
+         return FALSE;
+     }
+-    privNameLen = strlenW(WellKnownPrivNames[lpLuid->LowPart]);
+-    /* Windows crashes if cchName is NULL, so will I */
++
++    privNameLen = priv->Length / sizeof(WCHAR);
+     if (*cchName <= privNameLen)
+     {
+         *cchName = privNameLen + 1;
++        LsaFreeMemory(priv);
+         SetLastError(ERROR_INSUFFICIENT_BUFFER);
+         return FALSE;
+     }
+     else
+     {
+-        strcpyW(lpName, WellKnownPrivNames[lpLuid->LowPart]);
++        strcpyW(lpName, priv->Buffer);
+         *cchName = privNameLen;
++        LsaFreeMemory(priv);
+         return TRUE;
+     }
+ }
+diff --git a/include/ntsecapi.h b/include/ntsecapi.h
+index 2bb3d312e43..0bf0eca43ed 100644
+--- a/include/ntsecapi.h
++++ b/include/ntsecapi.h
+@@ -370,6 +370,7 @@ NTSTATUS WINAPI LsaLookupNames(LSA_HANDLE,ULONG,PLSA_UNICODE_STRING,PLSA_REFEREN
+                                PLSA_TRANSLATED_SID*);
+ NTSTATUS WINAPI LsaLookupNames2(LSA_HANDLE,ULONG,ULONG,PLSA_UNICODE_STRING,PLSA_REFERENCED_DOMAIN_LIST*,
+                                 PLSA_TRANSLATED_SID2*);
++NTSTATUS WINAPI LsaLookupPrivilegeName(LSA_HANDLE,PLUID,PUNICODE_STRING*);
+ NTSTATUS WINAPI LsaLookupSids(LSA_HANDLE,ULONG,PSID *,PLSA_REFERENCED_DOMAIN_LIST *,PLSA_TRANSLATED_NAME *);
+ ULONG WINAPI LsaNtStatusToWinError(NTSTATUS);
+ NTSTATUS WINAPI LsaOpenPolicy(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,ACCESS_MASK,PLSA_HANDLE);
+-- 
+2.11.0
+

patches/advapi-LsaLookupPrivilegeName/0004-advapi32-Add-stub-for-LsaLookupPrivilegeDisplayName.patch

@@ -0,0 +1,62 @@
+From 01efac6b4fa338715ad775c147a6bfc42e0bc38e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
+Date: Mon, 6 Mar 2017 00:01:53 +0100
+Subject: advapi32: Add stub for LsaLookupPrivilegeDisplayName.
+
+---
+ dlls/advapi32/advapi32.spec |  2 +-
+ dlls/advapi32/lsa.c         | 21 +++++++++++++++++++++
+ 2 files changed, 22 insertions(+), 1 deletion(-)
+
+diff --git a/dlls/advapi32/advapi32.spec b/dlls/advapi32/advapi32.spec
+index 2c599c8bd92..ce1838d8c5a 100644
+--- a/dlls/advapi32/advapi32.spec
++++ b/dlls/advapi32/advapi32.spec
+@@ -445,7 +445,7 @@
+ # @ stub LsaICLookupSidsWithCreds
+ @ stdcall LsaLookupNames2(ptr long long ptr ptr ptr)
+ @ stdcall LsaLookupNames(long long ptr ptr ptr)
+-@ stub LsaLookupPrivilegeDisplayName
++@ stdcall LsaLookupPrivilegeDisplayName(long ptr ptr ptr)
+ @ stdcall LsaLookupPrivilegeName(long ptr ptr)
+ # @ stub LsaLookupPrivilegeValue
+ @ stdcall LsaLookupSids(ptr long ptr ptr ptr)
+diff --git a/dlls/advapi32/lsa.c b/dlls/advapi32/lsa.c
+index 6a7a69a9eb7..fdb238f74b2 100644
+--- a/dlls/advapi32/lsa.c
++++ b/dlls/advapi32/lsa.c
+@@ -45,6 +45,12 @@ WINE_DEFAULT_DEBUG_CHANNEL(advapi);
+         return FailureCode; \
+ }
+ 
++static LPCSTR debugstr_us( const UNICODE_STRING *us )
++{
++    if (!us) return "(null)";
++    return debugstr_wn(us->Buffer, us->Length / sizeof(WCHAR));
++}
++
+ static void dumpLsaAttributes(const LSA_OBJECT_ATTRIBUTES *oa)
+ {
+     if (oa)
+@@ -1050,3 +1056,18 @@ NTSTATUS WINAPI LsaLookupPrivilegeName(
+     *name = priv_unicode;
+     return STATUS_SUCCESS;
+ }
++
++/******************************************************************************
++ * LsaLookupPrivilegeDisplayName [ADVAPI32.@]
++ *
++ */
++NTSTATUS WINAPI LsaLookupPrivilegeDisplayName(
++    LSA_HANDLE handle,
++    PLSA_UNICODE_STRING name,
++    PLSA_UNICODE_STRING *dispname,
++    SHORT *language)
++{
++    FIXME("(%p, %s, %p, %p)\n", handle, debugstr_us(name), dispname, language);
++
++    return STATUS_NO_SUCH_PRIVILEGE;
++}
+-- 
+2.11.0
+

patches/advapi-LsaLookupPrivilegeName/definition

@@ -0,0 +1 @@
+Fixes: Add LsaLookupPrivilege[Display]Name stubs

patches/patchinstall.sh

@@ -86,6 +86,7 @@ patch_enable_all ()
 	enable_Coverity="$1"
 	enable_Pipelight="$1"
 	enable_Staging="$1"
+	enable_advapi_LsaLookupPrivilegeName="$1"
 	enable_advapi32_GetExplicitEntriesFromAclW="$1"
 	enable_advapi32_LsaLookupSids="$1"
 	enable_advapi32_SetSecurityInfo="$1"
@@ -479,6 +480,9 @@ patch_enable ()
 		Staging)
 			enable_Staging="$2"
 			;;
+		advapi-LsaLookupPrivilegeName)
+			enable_advapi_LsaLookupPrivilegeName="$2"
+			;;
 		advapi32-GetExplicitEntriesFromAclW)
 			enable_advapi32_GetExplicitEntriesFromAclW="$2"
 			;;
@@ -2565,6 +2569,25 @@ if test "$enable_Staging" -eq 1; then
 	) >> "$patchlist"
 fi
 
+# Patchset advapi-LsaLookupPrivilegeName
+# |
+# | Modified files:
+# |   *	dlls/advapi32/advapi32.spec, dlls/advapi32/advapi32_misc.h, dlls/advapi32/lsa.c, dlls/advapi32/security.c,
+# | 	dlls/advapi32/tests/lsa.c, include/ntsecapi.h
+# |
+if test "$enable_advapi_LsaLookupPrivilegeName" -eq 1; then
+	patch_apply advapi-LsaLookupPrivilegeName/0001-advapi32-Fix-error-code-when-calling-LsaOpenPolicy-f.patch
+	patch_apply advapi-LsaLookupPrivilegeName/0002-advapi32-Use-TRACE-for-LsaOpenPolicy-LsaClose.patch
+	patch_apply advapi-LsaLookupPrivilegeName/0003-advapi32-Implement-LsaLookupPrivilegeName.patch
+	patch_apply advapi-LsaLookupPrivilegeName/0004-advapi32-Add-stub-for-LsaLookupPrivilegeDisplayName.patch
+	(
+		printf '%s\n' '+    { "Michael Müller", "advapi32: Fix error code when calling LsaOpenPolicy for non existing remote machine.", 1 },';
+		printf '%s\n' '+    { "Michael Müller", "advapi32: Use TRACE for LsaOpenPolicy/LsaClose.", 1 },';
+		printf '%s\n' '+    { "Michael Müller", "advapi32: Implement LsaLookupPrivilegeName.", 1 },';
+		printf '%s\n' '+    { "Michael Müller", "advapi32: Add stub for LsaLookupPrivilegeDisplayName.", 1 },';
+	) >> "$patchlist"
+fi
+
 # Patchset advapi32-GetExplicitEntriesFromAclW
 # |
 # | Modified files: