自学教程：C++ GetLengthSid函数代码示例

			PVOID built(PSECURITY_DESCRIPTOR pSD) 			{				PSID   psidEveryone = NULL;				PACL   pDACL   = NULL;				BOOL   bResult = FALSE;				__try 				{					SID_IDENTIFIER_AUTHORITY siaWorld = SECURITY_WORLD_SID_AUTHORITY;					//SECURITY_INFORMATION si = DACL_SECURITY_INFORMATION;					if (!::InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION))						__leave;					if (!::AllocateAndInitializeSid(&siaWorld, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &psidEveryone)) 						__leave;					DWORD dwAclLength = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(psidEveryone);					pDACL = (PACL)::HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwAclLength);					if (!pDACL) 						__leave;					if (!::InitializeAcl(pDACL, dwAclLength, ACL_REVISION)) 						__leave;					if (!::AddAccessAllowedAce(pDACL, ACL_REVISION, GENERIC_ALL, psidEveryone)) 						__leave;					if (!::SetSecurityDescriptorDacl(pSD, TRUE, pDACL, FALSE)) 						__leave;					bResult = TRUE;				} 				__finally 				{					if (psidEveryone) 						::FreeSid(psidEveryone);				}				if (bResult == FALSE) 				{					if (pDACL) ::HeapFree(::GetProcessHeap(), 0, pDACL);					pDACL = NULL;				}				return (PVOID) pDACL;			}

DWORD GetCurrentUserSID (    PSID *Sid){    TOKEN_USER *tokenUser = NULL;    HANDLE tokenHandle;    DWORD tokenSize;    DWORD sidLength;    if (OpenProcessToken (GetCurrentProcess(), TOKEN_QUERY, &tokenHandle))    {        GetTokenInformation (tokenHandle,            TokenUser,            tokenUser,            0,            &tokenSize);        tokenUser = (TOKEN_USER *) malloc (tokenSize);        if (GetTokenInformation(tokenHandle,            TokenUser,            tokenUser,            tokenSize,            &tokenSize))        {            sidLength = GetLengthSid (tokenUser->User.Sid);            *Sid = (PSID) malloc (sidLength);            memcpy (*Sid, tokenUser->User.Sid, sidLength);            CloseHandle (tokenHandle);        }         else        {            free (tokenUser);            return GetLastError();        }    }     else    {        free (tokenUser);        return GetLastError();    }    free (tokenUser);    return ERROR_SUCCESS;}

NTSTATUS kuhl_m_sid_add(int argc, wchar_t * argv[]){	PLDAP ld;	DWORD dwErr;	PCWCHAR szName;	PWCHAR domain = NULL;	PLDAPMessage pMessage = NULL;	BERVAL NewSid;	PBERVAL pNewSid[2] = {&NewSid, NULL};	LDAPMod Modification = {LDAP_MOD_ADD | LDAP_MOD_BVALUES, L"sIDHistory"};	PLDAPMod pModification[2] = {&Modification, NULL};	Modification.mod_vals.modv_bvals = pNewSid;	if(kull_m_string_args_byName(argc, argv, L"new", &szName, NULL))	{		if(ConvertStringSidToSid(szName, (PSID *) &NewSid.bv_val) || kull_m_token_getSidDomainFromName(szName, (PSID *) &NewSid.bv_val, &domain, NULL, NULL))		{			if(IsValidSid((PSID) NewSid.bv_val))			{				NewSid.bv_len = GetLengthSid((PSID) NewSid.bv_val);				if(kuhl_m_sid_quickSearch(argc, argv, TRUE, NULL, &ld, &pMessage))				{					kprintf(L"/n  * Will try to add /'%s/' this new SID:/'", Modification.mod_type);					kull_m_string_displaySID(NewSid.bv_val);					kprintf(L"/': ");					dwErr = ldap_modify_s(ld, ldap_get_dn(ld, pMessage), pModification);					if(dwErr == LDAP_SUCCESS)						kprintf(L"OK!/n");					else PRINT_ERROR(L"ldap_modify_s 0x%x (%u)/n", dwErr, dwErr);					if(pMessage)						ldap_msgfree(pMessage);					ldap_unbind(ld);				}			}			else PRINT_ERROR(L"Invalid SID/n");			LocalFree(NewSid.bv_val);			if(domain)				LocalFree(domain);		}		else PRINT_ERROR_AUTO(L"ConvertStringSidToSid / kull_m_token_getSidDomainFromName");	}	else PRINT_ERROR(L"/new:sid or /new:resolvable_name is needed");	return STATUS_SUCCESS;}

BOOL SetTokenIL(HANDLE hToken, DWORD dwIntegrityLevel){    BOOL                  fRet = FALSE;    PSID                  pIntegritySid = NULL;    TOKEN_MANDATORY_LABEL TIL = { 0 };    // Low integrity SID    WCHAR wszIntegritySid[32];    if (FAILED(StringCbPrintf(wszIntegritySid, sizeof(wszIntegritySid), L"S-1-16-%d", dwIntegrityLevel)))    {        printf("Error creating IL SID/n");        goto CleanExit;    }    fRet = ConvertStringSidToSid(wszIntegritySid, &pIntegritySid);    if (!fRet)    {        printf("Error converting IL string %ls/n", GetErrorMessage().c_str());        goto CleanExit;    }    TIL.Label.Attributes = SE_GROUP_INTEGRITY;    TIL.Label.Sid = pIntegritySid;    fRet = SetTokenInformation(hToken,                               TokenIntegrityLevel,                               &TIL,                               sizeof(TOKEN_MANDATORY_LABEL) + GetLengthSid(pIntegritySid));    if (!fRet)    {        printf("Error setting IL %d/n", GetLastError());        goto CleanExit;    }CleanExit:    LocalFree(pIntegritySid);    return fRet;}

bool SecurityHelper::GetLogonSid(HANDLE htok, void* psid, DWORD cbMax){    DWORD cb;    GetTokenInformation(htok, TokenGroups, 0, 0, &cb);    TOKEN_GROUPS* ptg = (TOKEN_GROUPS*)LocalAlloc(LMEM_FIXED, cb);    if (!ptg)	{        LOOM;        return false;    }    bool success = false;    if (GetTokenInformation(htok, TokenGroups, ptg, cb, &cb))	{        // search for the logon SID		DWORD i = 0;        for (i = 0; i < ptg->GroupCount; ++i)		{            if (ptg->Groups[i].Attributes & SE_GROUP_LOGON_ID)			{                void* logonSid = ptg->Groups[i].Sid;                const DWORD cb = GetLengthSid(logonSid);                if (cbMax < cb) return false; // sanity check caller's buffer size                if (!CopySid(cb, psid, logonSid))				{                    LCF1(L"CopySid failed: %d", GetLastError());                    break;                }                success = true;                break;            }        }        if (i == ptg->GroupCount)		{            LCF(L"Failed to find a logon SID in the user's access token!");        }    }    else LCF1(L"GetTokenInformation(TokenGroups) failed: %d", GetLastError());    LocalFree(ptg);    return success;}

static intiwin32_gid_current (group_id_t *gid){  HANDLE               thread_tok;  DWORD                needed;  TOKEN_PRIMARY_GROUP *group;  DWORD                sid_size;  assert (gid        != NULL);  assert (gid->value == NULL);  if (!OpenProcessToken (GetCurrentProcess(),    STANDARD_RIGHTS_READ | READ_CONTROL | TOKEN_QUERY, &thread_tok)) return 0;  /*   * Is this _really_ correct?   */  if (!GetTokenInformation (thread_tok, TokenPrimaryGroup, NULL, 0, &needed)) {    if (GetLastError () == ERROR_INSUFFICIENT_BUFFER) {      group = malloc (needed);      if (group == NULL) return 0;      if (GetTokenInformation (thread_tok, TokenPrimaryGroup, group, needed, &needed)) {        sid_size   = GetLengthSid (group->PrimaryGroup);        gid->value = malloc (sid_size);        if (gid->value == NULL) {          free (group);          return 0;        }        if (!CopySid (sid_size, gid->value, group->PrimaryGroup)) {          free (gid->value);          free (group);          return 0;        }      }      free (group);    } else {      return 0;    }  }  return 1;}

VOID QueueHashAdd(Queue *pQueue, PSID Sid, VOID *pValue, BOOL EnterCritSec) {    QueueHashNode *pQueueHashNode;    DWORD SidLength;    ASSERT(pQueue != NULL);    if (pQueue->lpCriticalSection != NULL && EnterCritSec) EnterCriticalSection(pQueue->lpCriticalSection);#ifdef DEBUG2    DbgMsgRecord(TEXT("-> QueueHashAdd/n"));#endif    pQueueHashNode = (QueueHashNode *) AutoHeapAlloc(sizeof(QueueHashNode));    SidLength = GetLengthSid(Sid);    // We need to copy the key so that if the original    // copy gets deallocated we still have one.    if ((pQueueHashNode->pKey = AutoHeapAlloc(SidLength)) == NULL) {        AddToMessageLog(TEXT("QueueHashAdd: AutoHeapAlloc failed"));        if (pQueue->lpCriticalSection != NULL && EnterCritSec) LeaveCriticalSection(pQueue->lpCriticalSection);        return;    }    if (CopySid(SidLength, pQueueHashNode->pKey, Sid) == 0) {        AddToMessageLogProcFailure(TEXT("QueueHashAdd: CopySid"), GetLastError());        if (pQueue->lpCriticalSection != NULL && EnterCritSec) LeaveCriticalSection(pQueue->lpCriticalSection);        return;        }    pQueueHashNode->pValue = pValue;    QueueAdd(pQueue, (VOID *) pQueueHashNode, FALSE);#ifdef DEBUG2    DbgMsgRecord(TEXT("<- QueueHashAdd/n"));#endif    if (pQueue->lpCriticalSection != NULL && EnterCritSec) LeaveCriticalSection(pQueue->lpCriticalSection);}

PWCHAR kuhl_m_sid_filterFromArgs(int argc, wchar_t * argv[]){	PWCHAR filter = NULL;	PCWCHAR szName;	DWORD i, sidLen;	size_t buffLen;	PSID pSid;	if(kull_m_string_args_byName(argc, argv, L"sam", &szName, NULL))	{		buffLen = wcslen(L"(sAMAccountName=") + wcslen(szName) + wcslen(L")") + 1;		if(filter = (PWCHAR) LocalAlloc(LPTR, buffLen * sizeof(wchar_t)))		{			if(swprintf_s(filter, buffLen, L"(sAMAccountName=%s)", szName) != (buffLen - 1))				filter = (PWCHAR) LocalFree(filter);		}	}	else if(kull_m_string_args_byName(argc, argv, L"sid", &szName, NULL))	{		if(ConvertStringSidToSid(szName, &pSid))		{			if(IsValidSid(pSid))			{				sidLen = GetLengthSid(pSid);				buffLen = wcslen(L"(objectSid=") + (sidLen * 3) + wcslen(L")") + 1;				if(filter = (PWCHAR) LocalAlloc(LPTR, buffLen * sizeof(wchar_t)))				{					RtlCopyMemory(filter, L"(objectSid=", sizeof(L"(objectSid="));					for(i = 0; i < sidLen; i++)						swprintf_s(filter + ARRAYSIZE(L"(objectSid=") - 1 + (i * 3), 3 + 1, L"//%02x", ((PBYTE) pSid)[i]);					filter[buffLen - 2] = L')';				}			}			else PRINT_ERROR(L"Invalid SID/n");			LocalFree(pSid);		}		else PRINT_ERROR_AUTO(L"ConvertStringSidToSid");	}	else PRINT_ERROR(L"/sam or /sid to target the account is needed/n");		return filter;}

BOOL kuhl_m_pac_marshall_sid(PISID pSid, PVOID * current, DWORD * size){	BOOL status = FALSE;	PVOID newbuffer;	DWORD sidSize, actualsize;	sidSize = GetLengthSid(pSid);	actualsize = sizeof(ULONG32) + sidSize;	if(newbuffer = LocalAlloc(LPTR, *size + actualsize))	{		RtlCopyMemory(newbuffer, *current, *size);		(*(PULONG32) ((PBYTE) newbuffer + *size)) = pSid->SubAuthorityCount;		RtlCopyMemory((PBYTE) newbuffer + *size + sizeof(ULONG32), pSid, sidSize);		LocalFree(*current);		*current = newbuffer;		*size += actualsize;		status = TRUE;	}	return status;}

HRESULT COpcSecurity::GetCurrentUserSID(PSID *ppSid){	HANDLE tkHandle;	if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &tkHandle))	{		TOKEN_USER *tkUser;		DWORD tkSize;		DWORD sidLength;		// Call to get size information for alloc		GetTokenInformation(tkHandle, TokenUser, NULL, 0, &tkSize);		tkUser = (TOKEN_USER *) malloc(tkSize);		if (tkUser == NULL)			return E_OUTOFMEMORY;		// Now make the real call		if (GetTokenInformation(tkHandle, TokenUser, tkUser, tkSize, &tkSize))		{			sidLength = GetLengthSid(tkUser->User.Sid);			*ppSid = (PSID) malloc(sidLength);			if (*ppSid == NULL)				return E_OUTOFMEMORY;			memcpy(*ppSid, tkUser->User.Sid, sidLength);			CloseHandle(tkHandle);			free(tkUser);			return S_OK;		}		else		{			free(tkUser);			return HRESULT_FROM_WIN32(GetLastError());		}	}	return HRESULT_FROM_WIN32(GetLastError());}

static PSIDGetCurrentUserSid (void){    PSID sid = NULL;    guint32 size = 0;    gpointer token = ves_icall_System_Security_Principal_WindowsIdentity_GetCurrentToken ();    GetTokenInformation (token, TokenUser, NULL, size, (PDWORD)&size);    if (size > 0) {        TOKEN_USER *tu = g_malloc0 (size);        if (GetTokenInformation (token, TokenUser, tu, size, (PDWORD)&size)) {            DWORD length = GetLengthSid (tu->User.Sid);            sid = (PSID) g_malloc0 (length);            if (!CopySid (length, sid, tu->User.Sid)) {                g_free (sid);                sid = NULL;            }        }        g_free (tu);    }    /* Note: this SID must be freed with g_free () */    return sid;}

PSID convert_jsstring_to_sid(JSContext * cx, JSString * curMemberString, DWORD * errorCode){	PSID curMember;	if(!ConvertStringSidToSid((LPWSTR)JS_GetStringChars(curMemberString), &curMember))	{		DWORD sidSize = 0, cbDomain;		SID_NAME_USE peUse;		*errorCode = GetLastError();		JS_YieldRequest(cx);		if(!LookupAccountName(NULL, (LPWSTR)JS_GetStringChars(curMemberString), NULL, &sidSize, NULL, &cbDomain, &peUse) && GetLastError() != ERROR_INSUFFICIENT_BUFFER)		{			*errorCode = GetLastError();			return NULL;		}		curMember = (PSID)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sidSize);		JS_YieldRequest(cx);		LPTSTR domainName = (LPTSTR)HeapAlloc(GetProcessHeap(), 0, cbDomain * sizeof(TCHAR));		if(!LookupAccountName(NULL, (LPWSTR)JS_GetStringChars(curMemberString), curMember, &sidSize, domainName, &cbDomain, &peUse))		{			*errorCode = GetLastError();			HeapFree(GetProcessHeap(), 0, curMember);			HeapFree(GetProcessHeap(), 0, domainName);			return NULL;		}		HeapFree(GetProcessHeap(), 0, domainName);		*errorCode = ERROR_SUCCESS;	}	else	{		DWORD sidSize = GetLengthSid(curMember);		PSID retMember = (PSID)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sidSize);		CopySid(sidSize, retMember, curMember);		LocalFree(curMember);		curMember = retMember;	}	return curMember;}

void AddDefaultUserdata(PluginPanelItem* Item,int level,int sortorder,int itemtype,PSID sid,const wchar_t* wide_name,const wchar_t* filename){  TCHAR* item_filename=(TCHAR*)malloc((_tcslen(filename)+1)*sizeof(TCHAR));  Item->FileName=item_filename;  if(item_filename)  {    if(item_filename) _tcscpy(item_filename,filename);  }  PluginUserData *user_data;  int user_data_size=sizeof(PluginUserData),sid_size=0,name_size=0;  if(sid&&IsValidSid(sid))    sid_size=GetLengthSid(sid);  name_size=(wcslen(wide_name)+1)*sizeof(wchar_t);  user_data_size+=sid_size+name_size;  user_data=(PluginUserData *)malloc(user_data_size);  if(user_data)  {    user_data->size=user_data_size;    user_data->level=level;    user_data->sortorder=sortorder;    user_data->itemtype=itemtype;    if(sid_size)    {      CopySid(sid_size,(PSID)(user_data+1),sid);      user_data->user_diff=sizeof(PluginUserData);    }    if(name_size)    {      wchar_t *ptr=(wchar_t *)((char *)(user_data+1)+sid_size);      user_data->wide_name_diff=sizeof(PluginUserData)+sid_size;      wcscpy(ptr,wide_name);    }    Item->UserData.FreeData=FreeUserData;    Item->UserData.Data=user_data;  }}

DWORDIDMCloneSid(    PSID pSid,    PSID *ppNewSid    ){    DWORD dwError = 0;    DWORD sidLen = 0;    PSID pNewSid = NULL;    if (!IsValidSid(pSid))    {        dwError = ERROR_INVALID_SID;        BAIL_ON_ERROR(dwError);    }    sidLen = GetLengthSid(pSid);    dwError = IDMAllocateMemory(                    sidLen,                    (PVOID*) &pNewSid);    BAIL_ON_ERROR(dwError);    if (!CopySid(sidLen, pNewSid, pSid))    {        dwError = GetLastError();        BAIL_ON_ERROR(dwError);    }    *ppNewSid = pNewSid;error:    if (dwError)    {        IDM_SAFE_FREE_MEMORY(pNewSid);    }    return dwError;}

BOOL RemoveAceFromWindowStation(HWINSTA hwinsta, PSID psid){    // Obtain the DACL for the window station.    SECURITY_INFORMATION si = DACL_SECURITY_INFORMATION;    DWORD sd_length = 0;    if (!GetUserObjectSecurity(hwinsta, &si, NULL, 0, &sd_length)) {        if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {            printf("GetUserObjectSecurity() failed: %d/n", GetLastError());            return FALSE;        }    }    auto_buffer<PSECURITY_DESCRIPTOR> psd(sd_length);    if (!GetUserObjectSecurity(hwinsta, &si, psd.get(), sd_length, &sd_length)) {        printf("GetUserObjectSecurity() failed: %d/n", GetLastError());        return FALSE;    }    // Create a new DACL.    auto_buffer<PSECURITY_DESCRIPTOR> psd_new(sd_length);    if (!InitializeSecurityDescriptor(psd_new.get(), SECURITY_DESCRIPTOR_REVISION)) {        printf("InitializeSecurityDescriptor() failed: %d/n", GetLastError());        return FALSE;    }    // Get the DACL from the security descriptor.    BOOL bDaclPresent;    PACL pacl;    BOOL bDaclExist;    if (!GetSecurityDescriptorDacl(psd.get(), &bDaclPresent, &pacl, &bDaclExist)) {        printf("GetSecurityDescriptorDacl() failed: %d/n", GetLastError());        return FALSE;    }        // Initialize the ACL.    ACL_SIZE_INFORMATION aclSizeInfo = {};    aclSizeInfo.AclBytesInUse = sizeof(ACL);    if (NULL != pacl) {        // get the file ACL size info        if (!GetAclInformation(pacl, &aclSizeInfo, sizeof aclSizeInfo, AclSizeInformation)) {            printf("GetAclInformation() failed: %d/n", GetLastError());            return FALSE;        }    }    // Compute the size of the new ACL.    DWORD new_acl_size = aclSizeInfo.AclBytesInUse -                         ((2 * sizeof(ACCESS_ALLOWED_ACE)) +                           (2 * GetLengthSid(psid)) - (2 * sizeof(DWORD)));    auto_buffer<PACL> new_acl(new_acl_size);    // Initialize the new DACL.    if (!InitializeAcl(new_acl.get(), new_acl_size, ACL_REVISION)) {        printf("InitializeAcl() failed: %d/n", GetLastError());        return FALSE;    }    // If DACL is present, copy it to a new DACL.    if (bDaclPresent) {        // Copy the ACEs to the new ACL.        for (DWORD i = 0; i != aclSizeInfo.AceCount; ++i) {            ACCESS_ALLOWED_ACE* pace;            if (!GetAce(pacl, i, (void**)&pace)) {                printf("GetAce() failed: %d/n", GetLastError());                return FALSE;            }            if (!EqualSid(psid, &pace->SidStart)) {                if (!AddAce(new_acl.get(), ACL_REVISION, MAXDWORD,                            pace, pace->Header.AceSize)) {                    printf("AddAce() failed: %d/n", GetLastError());                    return FALSE;                }            }        }    }    // Set a new DACL for the security descriptor.    if (!SetSecurityDescriptorDacl(psd_new.get(), TRUE, new_acl.get(), FALSE)) {        printf("SetSecurityDescriptorDacl() failed: %d/n", GetLastError());        return FALSE;    }    // Set the new security descriptor for the window station.    if (!SetUserObjectSecurity(hwinsta, &si, psd_new.get())) {        printf("SetUserObjectSecurity() failed: %d/n", GetLastError());        return FALSE;    }    return TRUE;}

//.........这里部分代码省略.........      // Get the DACL from the security descriptor.      if (!GetSecurityDescriptorDacl(            psd,            &bDaclPresent,            &pacl,            &bDaclExist)      )         throw;      // Initialize the ACL.      ZeroMemory(&aclSizeInfo, sizeof(ACL_SIZE_INFORMATION));      aclSizeInfo.AclBytesInUse = sizeof(ACL);      // Call only if the DACL is not NULL.      if (pacl != NULL)      {         // get the file ACL size info         if (!GetAclInformation(               pacl,               (LPVOID)&aclSizeInfo,               sizeof(ACL_SIZE_INFORMATION),               AclSizeInformation)         )            throw;      }      // Compute the size of the new ACL.      dwNewAclSize = aclSizeInfo.AclBytesInUse +            (2*sizeof(ACCESS_ALLOWED_ACE)) + (2*GetLengthSid(psid)) -            (2*sizeof(DWORD));      // Allocate memory for the new ACL.      pNewAcl = (PACL)HeapAlloc(            GetProcessHeap(),            HEAP_ZERO_MEMORY,            dwNewAclSize);      if (pNewAcl == NULL)         throw;      // Initialize the new DACL.      if (!InitializeAcl(pNewAcl, dwNewAclSize, ACL_REVISION))         throw;      // If DACL is present, copy it to a new DACL.      if (bDaclPresent)      {         // Copy the ACEs to the new ACL.         if (aclSizeInfo.AceCount)         {            for (i=0; i < aclSizeInfo.AceCount; i++)            {               // Get an ACE.               if (!GetAce(pacl, i, &pTempAce))                  throw;               // Add the ACE to the new ACL.               if (!AddAce(

/*---------------------------------------------------------------------------*/ * NAME: MakeSDAbsolute  * --------------------------------------------------------------------------* * DESCRIPTION: Takes a self-relative security descriptor and returns a * newly created absolute security descriptor./*---------------------------------------------------------------------------*/DWORD MakeSDAbsolute (    PSECURITY_DESCRIPTOR psidOld,    PSECURITY_DESCRIPTOR *psidNew    ){    PSECURITY_DESCRIPTOR  pSid           = NULL;    DWORD                 cbDescriptor   = 0;    DWORD                 cbDacl         = 0;    DWORD                 cbSacl         = 0;    DWORD                 cbOwnerSID     = 0;    DWORD                 cbGroupSID     = 0;    PACL                  pDacl          = NULL;    PACL                  pSacl          = NULL;    PSID                  psidOwner      = NULL;    PSID                  psidGroup      = NULL;    BOOL                  fPresent       = FALSE;    BOOL                  fSystemDefault = FALSE;    DWORD                 dwReturnValue  = ERROR_SUCCESS;    // Get SACL    if (!GetSecurityDescriptorSacl (psidOld, &fPresent, &pSacl, &fSystemDefault))    {        dwReturnValue = GetLastError();        goto CLEANUP;    }    if (pSacl && fPresent)    {        cbSacl = pSacl->AclSize;    }     // Get DACL    if (!GetSecurityDescriptorDacl (psidOld, &fPresent, &pDacl, &fSystemDefault))    {        dwReturnValue = GetLastError();        goto CLEANUP;    }    if (pDacl && fPresent)    {        cbDacl = pDacl->AclSize;    }     // Get Owner    if (!GetSecurityDescriptorOwner (psidOld, &psidOwner, &fSystemDefault))    {        dwReturnValue = GetLastError();        goto CLEANUP;    }    cbOwnerSID = GetLengthSid (psidOwner);    // Get Group    if (!GetSecurityDescriptorGroup (psidOld, &psidGroup, &fSystemDefault))    {        dwReturnValue = GetLastError();        goto CLEANUP;    }    cbGroupSID = GetLengthSid (psidGroup);    // Do the conversion    cbDescriptor = 0;    MakeAbsoluteSD (psidOld, pSid, &cbDescriptor, pDacl, &cbDacl, pSacl,                    &cbSacl, psidOwner, &cbOwnerSID, psidGroup,                    &cbGroupSID);    pSid = (PSECURITY_DESCRIPTOR) malloc(cbDescriptor);    if(!pSid)    {        dwReturnValue = ERROR_OUTOFMEMORY;        goto CLEANUP;    }    ZeroMemory(pSid, cbDescriptor);        if (!InitializeSecurityDescriptor (pSid, SECURITY_DESCRIPTOR_REVISION))    {        dwReturnValue = GetLastError();        goto CLEANUP;    }    if (!MakeAbsoluteSD (psidOld, pSid, &cbDescriptor, pDacl, &cbDacl, pSacl,                         &cbSacl, psidOwner, &cbOwnerSID, psidGroup,                         &cbGroupSID))    {        dwReturnValue = GetLastError();        goto CLEANUP;    }CLEANUP:    if(dwReturnValue != ERROR_SUCCESS && pSid)//.........这里部分代码省略.........

/*---------------------------------------------------------------------------*/ * NAME: CreateNewSD  * --------------------------------------------------------------------------* * DESCRIPTION: Creates a new security descriptor./*---------------------------------------------------------------------------*/DWORD CreateNewSD (    SECURITY_DESCRIPTOR **ppSecurityDesc    ){    PACL    pAcl          = NULL;    DWORD   cbSid         = 0;    PSID    pSid          = NULL;    PSID    psidGroup     = NULL;    PSID    psidOwner     = NULL;    DWORD   dwReturnValue = ERROR_SUCCESS;    SID_IDENTIFIER_AUTHORITY SystemSidAuthority= SECURITY_NT_AUTHORITY;    if(!ppSecurityDesc) return ERROR_BAD_ARGUMENTS;        *ppSecurityDesc = NULL;    //Create a SID for the owner (BUILTIN/Administrators)    if ( ! AllocateAndInitializeSid ( &SystemSidAuthority, 2,             SECURITY_BUILTIN_DOMAIN_RID,             DOMAIN_ALIAS_RID_ADMINS,            0, 0, 0, 0, 0, 0, &pSid) )    {        dwReturnValue = GetLastError();        goto CLEANUP;    }        cbSid = GetLengthSid (pSid);    *ppSecurityDesc = (SECURITY_DESCRIPTOR *) malloc (         sizeof (ACL) +  (2 * cbSid) + sizeof (SECURITY_DESCRIPTOR));    if(!*ppSecurityDesc)    {        dwReturnValue = ERROR_OUTOFMEMORY;        goto CLEANUP;    }    psidGroup = (SID *) (*ppSecurityDesc + 1);    psidOwner = (SID *) (((BYTE *) psidGroup) + cbSid);    pAcl = (ACL *) (((BYTE *) psidOwner) + cbSid);    if (!InitializeSecurityDescriptor (*ppSecurityDesc, SECURITY_DESCRIPTOR_REVISION))    {        dwReturnValue = GetLastError();        goto CLEANUP;    }    if (!InitializeAcl (pAcl,                        sizeof (ACL)+sizeof (ACCESS_ALLOWED_ACE)+cbSid,                        ACL_REVISION2))    {        dwReturnValue = GetLastError();        goto CLEANUP;    }    if (!SetSecurityDescriptorDacl (*ppSecurityDesc, TRUE, pAcl, FALSE))    {        dwReturnValue = GetLastError();        goto CLEANUP;    }    memcpy (psidGroup, pSid, cbSid);    if (!SetSecurityDescriptorGroup (*ppSecurityDesc, psidGroup, FALSE))    {        dwReturnValue = GetLastError();        goto CLEANUP;    }    memcpy (psidOwner, pSid, cbSid);    if (!SetSecurityDescriptorOwner (*ppSecurityDesc, psidOwner, FALSE))    {        dwReturnValue = GetLastError();        goto CLEANUP;    }CLEANUP:    if(dwReturnValue != ERROR_SUCCESS)    {        if(*ppSecurityDesc) free (*ppSecurityDesc);    }    if(pSid) FreeSid(pSid);    return dwReturnValue;}

int my_security_attr_create(SECURITY_ATTRIBUTES **psa, const char **perror,                            DWORD owner_rights, DWORD everyone_rights){    /* Top-level SID authority */    SID_IDENTIFIER_AUTHORITY world_auth= SECURITY_WORLD_SID_AUTHORITY;    PSID everyone_sid= 0;    HANDLE htoken= 0;    SECURITY_ATTRIBUTES *sa= 0;    PACL dacl= 0;    DWORD owner_token_length, dacl_length;    SECURITY_DESCRIPTOR *sd;    PTOKEN_USER owner_token;    PSID owner_sid;    My_security_attr *attr;    if (! is_nt())    {        *psa= 0;        return 0;    }    /*      Get SID of Everyone group. Easier to retrieve all SIDs each time      this function is called than worry about thread safety.    */    if (! AllocateAndInitializeSid(&world_auth, 1, SECURITY_WORLD_RID,                                   0, 0, 0, 0, 0, 0, 0, &everyone_sid))    {        *perror= "Failed to retrieve the SID of Everyone group";        goto error;    }    /*      Get SID of the owner. Using GetSecurityInfo this task can be done      in just one call instead of five, but GetSecurityInfo declared in      aclapi.h, so I hesitate to use it.      SIC: OpenThreadToken works only if there is an active impersonation      token, hence OpenProcessToken is used.    */    if (! OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &htoken))    {        *perror= "Failed to retrieve thread access token";        goto error;    }    GetTokenInformation(htoken, TokenUser, 0, 0, &owner_token_length);    if (! my_multi_malloc(MYF(MY_WME),                          &sa, ALIGN_SIZE(sizeof(SECURITY_ATTRIBUTES)) +                          sizeof(My_security_attr),                          &sd, sizeof(SECURITY_DESCRIPTOR),                          &owner_token, owner_token_length,                          0))    {        *perror= "Failed to allocate memory for SECURITY_ATTRIBUTES";        goto error;    }    bzero(owner_token, owner_token_length);    if (! GetTokenInformation(htoken, TokenUser, owner_token,                              owner_token_length, &owner_token_length))    {        *perror= "GetTokenInformation failed";        goto error;    }    owner_sid= owner_token->User.Sid;    if (! IsValidSid(owner_sid))    {        *perror= "IsValidSid failed";        goto error;    }    /* Calculate the amount of memory that must be allocated for the DACL */    dacl_length= sizeof(ACL) + (sizeof(ACCESS_ALLOWED_ACE)-sizeof(DWORD)) * 2 +                 GetLengthSid(everyone_sid) + GetLengthSid(owner_sid);    /* Create an ACL */    if (! (dacl= (PACL) my_malloc(dacl_length, MYF(MY_ZEROFILL|MY_WME))))    {        *perror= "Failed to allocate memory for DACL";        goto error;    }    if (! InitializeAcl(dacl, dacl_length, ACL_REVISION))    {        *perror= "Failed to initialize DACL";        goto error;    }    if (! AddAccessAllowedAce(dacl, ACL_REVISION, everyone_rights, everyone_sid))    {        *perror= "Failed to set up DACL";        goto error;    }    if (! AddAccessAllowedAce(dacl, ACL_REVISION, owner_rights, owner_sid))    {        *perror= "Failed to set up DACL";        goto error;    }    if (! InitializeSecurityDescriptor(sd, SECURITY_DESCRIPTOR_REVISION))    {        *perror= "Could not initialize security descriptor";        goto error;//.........这里部分代码省略.........

/* * @unimplemented */AUTHZAPIBOOLWINAPIAuthzInitializeContextFromSid(IN DWORD Flags,                              IN PSID UserSid,                              IN AUTHZ_RESOURCE_MANAGER_HANDLE AuthzResourceManager,                              IN PLARGE_INTEGER pExpirationTime,                              IN LUID Identifier,                              IN PVOID DynamicGroupArgs,                              OUT PAUTHZ_CLIENT_CONTEXT_HANDLE pAuthzClientContext){    BOOL Ret = FALSE;    if (AuthzResourceManager != NULL && pExpirationTime != NULL && pAuthzClientContext != NULL &&        UserSid != NULL && IsValidSid(UserSid) && !(Flags & (AUTHZ_SKIP_TOKEN_GROUPS | AUTHZ_REQUIRE_S4U_LOGON)))    {        PAUTHZ_CLIENT_CONTEXT ClientCtx;        //PAUTHZ_RESMAN ResMan = (PAUTHZ_RESMAN)AuthzResourceManager;        VALIDATE_RESMAN_HANDLE(AuthzResourceManager);        ClientCtx = (PAUTHZ_CLIENT_CONTEXT)LocalAlloc(LMEM_FIXED,                                                      sizeof(AUTHZ_CLIENT_CONTEXT));        if (ClientCtx != NULL)        {            DWORD SidLen;            /* initialize the client context structure */#if DBG            ClientCtx->Tag = CLIENTCTX_TAG;#endif            /* simply copy the SID */            SidLen = GetLengthSid(UserSid);            ClientCtx->UserSid = (PSID)LocalAlloc(LMEM_FIXED,                                                  SidLen);            if (ClientCtx->UserSid == NULL)            {                LocalFree((HLOCAL)ClientCtx);                goto FailNoMemory;            }            CopySid(SidLen,                    ClientCtx->UserSid,                    UserSid);            ClientCtx->AuthzResourceManager = AuthzResourceManager;            ClientCtx->Luid = Identifier;            ClientCtx->ExpirationTime.QuadPart = (pExpirationTime != NULL ? pExpirationTime->QuadPart : 0);            ClientCtx->ServerContext = NULL; /* FIXME */            ClientCtx->DynamicGroupArgs = DynamicGroupArgs;            /* return the client context handle */            *pAuthzClientContext = (AUTHZ_CLIENT_CONTEXT_HANDLE)ClientCtx;            Ret = TRUE;        }        else        {FailNoMemory:            SetLastError(ERROR_NOT_ENOUGH_MEMORY);        }    }    else        SetLastError(ERROR_INVALID_PARAMETER);    return Ret;}

/* * @unimplemented */AUTHZAPIBOOLWINAPIAuthzGetInformationFromContext(IN AUTHZ_CLIENT_CONTEXT_HANDLE hAuthzClientContext,                               IN AUTHZ_CONTEXT_INFORMATION_CLASS InfoClass,                               IN DWORD BufferSize,                               OUT PDWORD pSizeRequired,                               OUT PVOID Buffer){    BOOL Ret = FALSE;    if (hAuthzClientContext != NULL && pSizeRequired != NULL)    {        PAUTHZ_CLIENT_CONTEXT ClientCtx = (PAUTHZ_CLIENT_CONTEXT)hAuthzClientContext;        VALIDATE_CLIENTCTX_HANDLE(hAuthzClientContext);        switch (InfoClass)        {            case AuthzContextInfoUserSid:            {                DWORD SidLen = GetLengthSid(ClientCtx->UserSid);                *pSizeRequired = SidLen;                if (BufferSize < SidLen)                {                    SetLastError(ERROR_INSUFFICIENT_BUFFER);                }                else                {                    Ret = CopySid(SidLen,                                  (PSID)Buffer,                                  ClientCtx->UserSid);                }                break;            }            case AuthzContextInfoGroupsSids:                SetLastError(ERROR_CALL_NOT_IMPLEMENTED);                break;            case AuthzContextInfoRestrictedSids:                SetLastError(ERROR_CALL_NOT_IMPLEMENTED);                break;            case AuthzContextInfoPrivileges:                SetLastError(ERROR_CALL_NOT_IMPLEMENTED);                break;            case AuthzContextInfoExpirationTime:                *pSizeRequired = sizeof(LARGE_INTEGER);                if (BufferSize < sizeof(LARGE_INTEGER) || Buffer == NULL)                {                    SetLastError(ERROR_INSUFFICIENT_BUFFER);                }                else                {                    *((PLARGE_INTEGER)Buffer) = ClientCtx->ExpirationTime;                    Ret = TRUE;                }                break;            case AuthzContextInfoServerContext:                *pSizeRequired = sizeof(AUTHZ_CLIENT_CONTEXT_HANDLE);                if (BufferSize < sizeof(AUTHZ_CLIENT_CONTEXT_HANDLE) || Buffer == NULL)                {                    SetLastError(ERROR_INSUFFICIENT_BUFFER);                }                else                {                    *((PAUTHZ_CLIENT_CONTEXT_HANDLE)Buffer) = ClientCtx->ServerContext;                    Ret = TRUE;                }                break;            case AuthzContextInfoIdentifier:                *pSizeRequired = sizeof(LUID);                if (BufferSize < sizeof(LUID) || Buffer == NULL)                {                    SetLastError(ERROR_INSUFFICIENT_BUFFER);                }                else                {                    *((PLUID)Buffer) = ClientCtx->Luid;                    Ret = TRUE;                }                break;            default:                SetLastError(ERROR_INVALID_PARAMETER);                break;        }    }    else        SetLastError(ERROR_INVALID_PARAMETER);    return Ret;}

//.........这里部分代码省略.........      if (!GetSecurityDescriptorDacl(            psd,            &bDaclPresent,            &pacl,            &bDaclExist)      )         throw;      // Initialize.      ZeroMemory(&aclSizeInfo, sizeof(ACL_SIZE_INFORMATION));      aclSizeInfo.AclBytesInUse = sizeof(ACL);      // Call only if NULL DACL.      if (pacl != NULL)      {         // Determine the size of the ACL information.         if (!GetAclInformation(               pacl,               (LPVOID)&aclSizeInfo,               sizeof(ACL_SIZE_INFORMATION),               AclSizeInformation)         )            throw;      }      // Compute the size of the new ACL.      dwNewAclSize = aclSizeInfo.AclBytesInUse +            sizeof(ACCESS_ALLOWED_ACE) +            GetLengthSid(psid) - sizeof(DWORD);      // Allocate buffer for the new ACL.      pNewAcl = (PACL)HeapAlloc(            GetProcessHeap(),            HEAP_ZERO_MEMORY,            dwNewAclSize);      if (pNewAcl == NULL)         throw;      // Initialize the new ACL.      if (!InitializeAcl(pNewAcl, dwNewAclSize, ACL_REVISION))         throw;      // If DACL is present, copy it to a new DACL.      if (bDaclPresent)      {         // Copy the ACEs to the new ACL.         if (aclSizeInfo.AceCount)         {            for (i=0; i < aclSizeInfo.AceCount; i++)            {               // Get an ACE.               if (!GetAce(pacl, i, &pTempAce))                  throw;               // Add the ACE to the new ACL.               if (!AddAce(                  pNewAcl,

BOOL RemoveAceFromDesktop(HDESK hdesk, PSID psid){    // Obtain the security descriptor for the desktop object.    SECURITY_INFORMATION si = DACL_SECURITY_INFORMATION;    DWORD sd_size = 0;    if (!GetUserObjectSecurity(hdesk, &si, NULL, 0, &sd_size)) {         if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {            printf("GetUserObjectSecurity() failed: %d/n", GetLastError());            return FALSE;         }    }    auto_buffer<PSECURITY_DESCRIPTOR> psd(sd_size);    if (!GetUserObjectSecurity(hdesk, &si, psd.get(), sd_size, &sd_size)) {        printf("GetUserObjectSecurity() failed: %d/n", GetLastError());        return FALSE;    }    // Create a new security descriptor.    auto_buffer<PSECURITY_DESCRIPTOR> psd_new(sd_size);    if (!InitializeSecurityDescriptor(psd_new.get(), SECURITY_DESCRIPTOR_REVISION)) {        printf("InitializeSecurityDescriptor() failed: %d/n", GetLastError());        return FALSE;    }    // Obtain the DACL from the security descriptor.    BOOL bDaclPresent;    PACL pacl;    BOOL bDaclExist;    if (!GetSecurityDescriptorDacl(psd.get(), &bDaclPresent, &pacl, &bDaclExist)) {        printf("GetSecurityDescriptorDacl() failed: %d/n", GetLastError());        return FALSE;    }    // Initialize.    ACL_SIZE_INFORMATION aclSizeInfo = {};    aclSizeInfo.AclBytesInUse = sizeof(ACL);    if (pacl != NULL) {        // Determine the size of the ACL information.        if (!GetAclInformation(pacl, (LPVOID)&aclSizeInfo, sizeof aclSizeInfo, AclSizeInformation)) {            printf("GetAclInformation() failed: %d/n", GetLastError());            return FALSE;        }    }    // Allocate buffer for the new ACL.    DWORD dwNewAclSize = aclSizeInfo.AclBytesInUse -                         (sizeof(ACCESS_ALLOWED_ACE) +                          GetLengthSid(psid) - sizeof(DWORD));    auto_buffer<PACL> new_acl(dwNewAclSize);    // Initialize the new ACL.    if (!InitializeAcl(new_acl.get(), dwNewAclSize, ACL_REVISION)) {        printf("InitializeAcl() failed: %d/n", GetLastError());        return FALSE;    }    // If DACL is present, copy it to a new DACL.    if (bDaclPresent) {        // Copy the ACEs to the new ACL.        for (DWORD i = 0; i != aclSizeInfo.AceCount; ++i) {            // Get an ACE.            ACCESS_ALLOWED_ACE* pace;            if (!GetAce(pacl, i, (void**)&pace)) {                printf("GetAce() failed: %d/n", GetLastError());                return FALSE;            }            if (!EqualSid(psid, &pace->SidStart)) {                // Add the ACE to the new ACL.                if (!AddAce(new_acl.get(), ACL_REVISION,MAXDWORD, pace,                            pace->Header.AceSize)) {                    printf("AddAce() failed: %d/n", GetLastError());                    return FALSE;                }            }        }    }    // Set new DACL to the new security descriptor.    if (!SetSecurityDescriptorDacl(psd_new.get(), TRUE, new_acl.get(), FALSE)) {        printf("SetSecurityDescriptorDacl() failed: %d/n", GetLastError());        return FALSE;    }    // Set the new security descriptor for the desktop object.    if (!SetUserObjectSecurity(hdesk, &si, psd_new.get())) {        printf("SetUserObjectSecurity() failed: %d/n", GetLastError());        return FALSE;    }        return TRUE;}

void impersonateToGetData(PCSTR user, PCSTR domain, PCSTR password, PCSTR kdc, PSID *sid, DWORD *rid, PCSTR usingWhat){	NTSTATUS status;	DWORD ret, *aRid, *usage;	ANSI_STRING aUser, aKdc, aDomain, aPass, aProg;	UNICODE_STRING uUser, uKdc, uDomain, uPass, uProg;	SAMPR_HANDLE hServerHandle, hDomainHandle;	PSID domainSid;	HANDLE hToken, hNewToken;	PROCESS_INFORMATION processInfos;	STARTUPINFOW startupInfo;	RtlZeroMemory(&startupInfo, sizeof(STARTUPINFOW));	startupInfo.cb = sizeof(STARTUPINFOW);	RtlInitString(&aUser, user);	RtlInitString(&aKdc, kdc);	RtlInitString(&aDomain, domain);	RtlInitString(&aPass, password);	RtlInitString(&aProg, usingWhat ? usingWhat : "winver.exe");	if(NT_SUCCESS(RtlAnsiStringToUnicodeString(&uUser, &aUser, TRUE)))	{		if(NT_SUCCESS(RtlAnsiStringToUnicodeString(&uKdc, &aKdc, TRUE)))		{			if(NT_SUCCESS(RtlAnsiStringToUnicodeString(&uDomain, &aDomain, TRUE)))			{				if(NT_SUCCESS(RtlAnsiStringToUnicodeString(&uPass, &aPass, TRUE)))				{					if(NT_SUCCESS(RtlAnsiStringToUnicodeString(&uProg, &aProg, TRUE)))					{						if(CreateProcessWithLogonW(uUser.Buffer, uDomain.Buffer, uPass.Buffer, LOGON_NETCREDENTIALS_ONLY, uProg.Buffer, NULL, CREATE_SUSPENDED, NULL, NULL, &startupInfo, &processInfos))						{							if(OpenProcessToken(processInfos.hProcess, TOKEN_DUPLICATE, &hToken))							{								if(DuplicateTokenEx(hToken, TOKEN_QUERY | TOKEN_IMPERSONATE, NULL, SecurityDelegation, TokenImpersonation, &hNewToken))								{									if(SetThreadToken(NULL, hNewToken))									{										kprintf("[AUTH] Impersonation/n");										if(!(*sid && *rid))										{											kprintf("[SID/RID] /'%s @ %s/' must be translated to SID/RID/n", user, domain);											status = SamConnect(&uKdc, &hServerHandle, SAM_SERVER_CONNECT | SAM_SERVER_LOOKUP_DOMAIN, FALSE);											if(NT_SUCCESS(status))											{												status = SamLookupDomainInSamServer(hServerHandle, &uDomain, &domainSid);												if(NT_SUCCESS(status))												{													status = SamOpenDomain(hServerHandle, DOMAIN_LIST_ACCOUNTS | DOMAIN_LOOKUP, domainSid, &hDomainHandle);													if(NT_SUCCESS(status))													{														status = SamLookupNamesInDomain(hDomainHandle, 1, &uUser, &aRid, &usage);														if(NT_SUCCESS(status))															*rid = *aRid;														else PRINT_ERROR("SamLookupNamesInDomain %08x/n", status);													}													else PRINT_ERROR("SamOpenDomain %08x/n", status);													ret = GetLengthSid(domainSid);													if(*sid = (PSID) LocalAlloc(LPTR, ret))													{														if(!CopySid(ret, *sid, domainSid))														{															*sid = (PSID) LocalFree(*sid);															PRINT_ERROR_AUTO("CopySid");														}													}													SamFreeMemory(domainSid);												}												else PRINT_ERROR("SamLookupDomainInSamServer %08x/n", status);												SamCloseHandle(hServerHandle);											}											else PRINT_ERROR("SamConnect %08x/n", status);										}										RevertToSelf();									}									else PRINT_ERROR_AUTO("SetThreadToken");									CloseHandle(hNewToken);								}								else PRINT_ERROR_AUTO("DuplicateTokenEx");								CloseHandle(hToken);							}							else PRINT_ERROR_AUTO("OpenProcessToken");							TerminateProcess(processInfos.hProcess, 0);							CloseHandle(processInfos.hProcess);							CloseHandle(processInfos.hThread);						}						else PRINT_ERROR_AUTO("CreateProcessWithLogonW");						RtlFreeUnicodeString(&uProg);					}					RtlFreeUnicodeString(&uPass);				}				RtlFreeUnicodeString(&uDomain);			}			RtlFreeUnicodeString(&uKdc);		}		RtlFreeUnicodeString(&uUser);	}}

DWORDSm::GetThreadSID( SID  ** ppSID ){	BidxScopeAutoSNI1( SNIAPI_TAG _T( "ppSID: %p{SID**}/n"), ppSID );	BOOL			fReturn      = FALSE;	HANDLE      	TokenHandle  = NULL;	PTOKEN_USER		pUserToken	 = NULL;	DWORD       	dwSizeNeeded = 0;	DWORD			dwError		 = ERROR_SUCCESS;	PSID			pSID		 = NULL;	*ppSID						 = NULL;			BOOL fThreadSID =  OpenThreadToken( GetCurrentThread(),										TOKEN_READ,										FALSE,										&TokenHandle );	if (fThreadSID)	{		fReturn = GetTokenInformation( TokenHandle,									   TokenUser,									   NULL,									   0,									   &dwSizeNeeded );		if( FALSE == fReturn )		{			if( ERROR_INSUFFICIENT_BUFFER != (dwError = GetLastError()) )			{				SNI_SET_LAST_ERROR( SM_PROV, SNIE_10, dwError );				goto ErrorExit;			}		}		pUserToken = (PTOKEN_USER) NewNoX(gpmo) BYTE[dwSizeNeeded];		if( !pUserToken )		{			dwError = ERROR_OUTOFMEMORY;			SNI_SET_LAST_ERROR( SM_PROV, SNIE_4, dwError );			goto ErrorExit;		}		fReturn = GetTokenInformation( TokenHandle,									TokenUser,									(LPVOID) pUserToken,									dwSizeNeeded,									&dwSizeNeeded );		if( FALSE == fReturn )		{			dwError = GetLastError();			SNI_SET_LAST_ERROR( SM_PROV, SNIE_10, dwError );			goto ErrorExit;		}		pSID = pUserToken->User.Sid;	}	//Grab the Process SID (which is already available from the SOS)	else	{		//We merely grab the SID for the process		if( ERROR_NO_TOKEN == (dwError = GetLastError()))		{			pSID = SOS_OS::GetProcessSID();		}		else		{			dwError = GetLastError();			SNI_SET_LAST_ERROR( SM_PROV, SNIE_10, dwError );			goto ErrorExit;		}	}	// Validate the SID before copying.  	//	if( !IsValidSid( pSID ) )	{		dwError = GetLastError();		SNI_SET_LAST_ERROR( SM_PROV, SNIE_10, dwError );		goto ErrorExit;	}		// Let's make a copy the SID	//	dwSizeNeeded = GetLengthSid( pSID );	*ppSID = (SID *) NewNoX(gpmo) BYTE[dwSizeNeeded];	if( !*ppSID )	{		dwError = ERROR_OUTOFMEMORY;		SNI_SET_LAST_ERROR( SM_PROV, SNIE_4, dwError );		goto ErrorExit;	}	fReturn =  CopySid( dwSizeNeeded,						*ppSID,						pSID );//.........这里部分代码省略.........

BOOL AddAceToWindowStation(HWINSTA hwinsta, PSID psid){    // Obtain the DACL for the window station.    SECURITY_INFORMATION si = DACL_SECURITY_INFORMATION;    DWORD sd_length = 0;    if (!GetUserObjectSecurity(hwinsta, &si, NULL, 0, &sd_length)) {        if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {            printf("GetUserObjectSecurity() failed: %d/n", GetLastError());            return FALSE;        }    }    auto_buffer<PSECURITY_DESCRIPTOR> psd(sd_length);    if (!GetUserObjectSecurity(hwinsta, &si, psd.get(), sd_length, &sd_length)) {        printf("GetUserObjectSecurity() failed: %d/n", GetLastError());        return FALSE;    }    // Create a new DACL.    auto_buffer<PSECURITY_DESCRIPTOR> psd_new(sd_length);    if (!InitializeSecurityDescriptor(psd_new.get(), SECURITY_DESCRIPTOR_REVISION)) {        printf("InitializeSecurityDescriptor() failed: %d/n", GetLastError());        return FALSE;    }    // Get the DACL from the security descriptor.    BOOL bDaclPresent;    PACL pacl;    BOOL bDaclExist;    if (!GetSecurityDescriptorDacl(psd.get(), &bDaclPresent, &pacl, &bDaclExist)) {        printf("GetSecurityDescriptorDacl() failed: %d/n", GetLastError());        return FALSE;    }        // Initialize the ACL.    ACL_SIZE_INFORMATION aclSizeInfo = {};    aclSizeInfo.AclBytesInUse = sizeof(ACL);    if (NULL != pacl) {        // get the file ACL size info        if (!GetAclInformation(pacl, &aclSizeInfo, sizeof aclSizeInfo, AclSizeInformation)) {            printf("GetAclInformation() failed: %d/n", GetLastError());            return FALSE;        }    }    // Compute the size of the new ACL.    DWORD new_acl_size = aclSizeInfo.AclBytesInUse +                         (2 * sizeof(ACCESS_ALLOWED_ACE)) +                          (2 * GetLengthSid(psid)) - (2 * sizeof(DWORD));    auto_buffer<PACL> new_acl(new_acl_size);    // Initialize the new DACL.    if (!InitializeAcl(new_acl.get(), new_acl_size, ACL_REVISION)) {        printf("InitializeAcl() failed: %d/n", GetLastError());        return FALSE;    }    // If DACL is present, copy it to a new DACL.    if (bDaclPresent) {        // Copy the ACEs to the new ACL.        if (aclSizeInfo.AceCount) {            for (DWORD i = 0; i != aclSizeInfo.AceCount; ++i) {                LPVOID pTempAce;                if (!GetAce(pacl, i, &pTempAce)) {                    printf("GetAce() failed: %d/n", GetLastError());                    return FALSE;                }                if (!AddAce(new_acl.get(), ACL_REVISION, MAXDWORD,                            pTempAce, ((PACE_HEADER)pTempAce)->AceSize)) {                    printf("AddAce() failed: %d/n", GetLastError());                    return FALSE;                }            }        }    }    // Add the first ACE to the window station.    auto_buffer<ACCESS_ALLOWED_ACE*> ace(sizeof(ACCESS_ALLOWED_ACE) +                                         GetLengthSid(psid) -                                         sizeof(DWORD));    ace->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;    ace->Header.AceFlags = CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE | OBJECT_INHERIT_ACE;    ace->Header.AceSize = (WORD) (sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(psid) - sizeof(DWORD));    ace->Mask = GENERIC_ACCESS;    if (!CopySid(GetLengthSid(psid), &ace->SidStart, psid)) {        printf("CopySid() failed: %d/n", GetLastError());        return FALSE;    }    if (!AddAce(new_acl.get(), ACL_REVISION, MAXDWORD, ace.get(), ace->Header.AceSize)) {        printf("AddAce() failed: %d/n", GetLastError());        return FALSE;    }    // Add the second ACE to the window station.    ace->Header.AceFlags = NO_PROPAGATE_INHERIT_ACE;    ace->Mask = WINSTA_ALL;    if (!AddAce(new_acl.get(), ACL_REVISION,MAXDWORD, ace.get(), ace->Header.AceSize)) {        printf("AddAce() failed: %d/n", GetLastError());        return FALSE;    }//.........这里部分代码省略.........

bool CSecRunAsUser::SetObjectPermission(CString strDirFile, DWORD lGrantedAccess){	if (!m_hADVAPI32_DLL){		ASSERT ( false );		return false;	}	if ( strDirFile.IsEmpty() )		return true;	SID_NAME_USE   snuType;	TCHAR* szDomain = NULL;	LPVOID pUserSID = NULL;	PACL pNewACL = NULL;	PSECURITY_DESCRIPTOR pSD = NULL;	BOOL fAPISuccess;		try {		// get user sid		DWORD cbDomain = 0;		DWORD cbUserSID = 0;		fAPISuccess = LookupAccountName(NULL, EMULEACCOUNTW, pUserSID, &cbUserSID, szDomain, &cbDomain, &snuType);		if ( (!fAPISuccess) && GetLastError() != ERROR_INSUFFICIENT_BUFFER)			throw CString(_T("Run as unpriveleged user: Error: LookupAccountName() failed,"));		pUserSID = MHeapAlloc(cbUserSID);		if (!pUserSID)			throw CString(_T("Run as unpriveleged user: Error: Allocating memory failed,"));				szDomain = (TCHAR*)MHeapAlloc(cbDomain * sizeof(TCHAR));		if (!szDomain)			throw CString(_T("Run as unpriveleged user: Error: Allocating memory failed,"));		fAPISuccess = LookupAccountName(NULL, EMULEACCOUNTW, pUserSID, &cbUserSID, szDomain, &cbDomain, &snuType);		if (!fAPISuccess)			throw CString(_T("Run as unpriveleged user: Error: LookupAccountName()2 failed"));		if (CStringW(szDomain) != m_strDomain)			throw CString(_T("Run as unpriveleged user: Logical Error: Domainname mismatch"));		// get old ACL		PACL pOldACL = NULL;		fAPISuccess = GetNamedSecurityInfo(strDirFile.GetBuffer(), SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &pOldACL, NULL, &pSD);		strDirFile.ReleaseBuffer();		if (fAPISuccess != ERROR_SUCCESS){			throw CString(_T("Run as unpriveleged user: Error: GetNamedSecurityInfo() failed"));		}		// calculate size for new ACL		ACL_SIZE_INFORMATION AclInfo;		AclInfo.AceCount = 0; // Assume NULL DACL.		AclInfo.AclBytesFree = 0;		AclInfo.AclBytesInUse = sizeof(ACL);		if (pOldACL != NULL && !GetAclInformation(pOldACL, &AclInfo, sizeof(ACL_SIZE_INFORMATION), AclSizeInformation))  			throw CString(_T("Run as unpriveleged user: Error: GetAclInformation() failed"));		// Create new ACL		DWORD cbNewACL = AclInfo.AclBytesInUse + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(pUserSID) - sizeof(DWORD);		pNewACL = (PACL)MHeapAlloc(cbNewACL);		if (!pNewACL)			throw CString(_T("Run as unpriveleged user: Error: Allocating memory failed,"));		if (!InitializeAcl(pNewACL, cbNewACL, ACL_REVISION2))			throw CString(_T("Run as unpriveleged user: Error: Allocating memory failed,"));		// copy the entries form the old acl into the new one and enter a new ace in the right order		uint32 newAceIndex = 0;		uint32 CurrentAceIndex = 0;		if (AclInfo.AceCount) {			for (CurrentAceIndex = 0; CurrentAceIndex < AclInfo.AceCount; CurrentAceIndex++) {					LPVOID pTempAce = NULL;					if (!GetAce(pOldACL, CurrentAceIndex, &pTempAce))						throw CString(_T("Run as unpriveleged user: Error: GetAce() failed,"));					if (((ACCESS_ALLOWED_ACE *)pTempAce)->Header.AceFlags						& INHERITED_ACE)						break;					// no multiple entries					if (EqualSid(pUserSID, &(((ACCESS_ALLOWED_ACE *)pTempAce)->SidStart)))						continue;					if (!AddAce(pNewACL, ACL_REVISION, MAXDWORD, pTempAce, ((PACE_HEADER) pTempAce)->AceSize))						throw CString(_T("Run as unpriveleged user: Error: AddAce()1 failed,"));					newAceIndex++;			}		}		// here we add the actually entry		if (!AddAccessAllowedAceEx(pNewACL, ACL_REVISION2, CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE, lGrantedAccess, pUserSID))			throw CString(_T("Run as unpriveleged user: Error: AddAccessAllowedAceEx() failed,"));					// copy the rest		if (AclInfo.AceCount) {			for (; CurrentAceIndex < AclInfo.AceCount; CurrentAceIndex++) {					LPVOID pTempAce = NULL;					if (!GetAce(pOldACL, CurrentAceIndex, &pTempAce))						throw CString(_T("Run as unpriveleged user: Error: GetAce()2 failed,"));//.........这里部分代码省略.........