sean-m
/
Vanara
mirror of https://github.com/dahall/Vanara.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Updates for use of PSID

pull/83/head
David Hall 2019-08-09 16:37:09 -06:00
parent 0c73576e40
commit a4212024ce
2 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Security/AccessControl/SystemSecurity.cs
View File

@ -191,7 +191,7 @@ namespace Vanara.Security.AccessControl
var ts = sids.DangerousGetHandle().ToIEnum<LSA_TRANSLATED_SID2>(names.Length).ToArray(); var ts = sids.DangerousGetHandle().ToIEnum<LSA_TRANSLATED_SID2>(names.Length).ToArray();
var retVal = new SystemAccountInfo[names.Length]; var retVal = new SystemAccountInfo[names.Length];
for (var i = 0; i < names.Length; i++) for (var i = 0; i < names.Length; i++)
retVal[i] = new SystemAccountInfo(names[i], ts[i].Use, IsValidSid(ts[i].Use) ? new SecurityIdentifier(ts[i].Sid) : null, ts[i].DomainIndex, d); retVal[i] = new SystemAccountInfo(names[i], ts[i].Use, IsValidSid(ts[i].Use) ? new SecurityIdentifier((IntPtr)ts[i].Sid) : null, ts[i].DomainIndex, d);
return retVal; return retVal;
} }
@ -208,7 +208,7 @@ namespace Vanara.Security.AccessControl
var opts = (preferInternetNames ? LsaLookupSidsFlags.LSA_LOOKUP_PREFER_INTERNET_NAMES : 0) | var opts = (preferInternetNames ? LsaLookupSidsFlags.LSA_LOOKUP_PREFER_INTERNET_NAMES : 0) |
(disallowConnectedAccts ? LsaLookupSidsFlags.LSA_LOOKUP_DISALLOW_CONNECTED_ACCOUNT_INTERNET_SID : 0); (disallowConnectedAccts ? LsaLookupSidsFlags.LSA_LOOKUP_DISALLOW_CONNECTED_ACCOUNT_INTERNET_SID : 0);
var psids = sids.Select(s => new PinnedSid(s)); var psids = sids.Select(s => new PinnedSid(s));
var ret = LsaLookupSids2(Handle, opts, (uint)sids.Length, psids.Select(s => (IntPtr)s).ToArray(), out var domains, out var names); var ret = LsaLookupSids2(Handle, opts, (uint)sids.Length, psids.Select(s => s.PSID).ToArray(), out var domains, out var names);
if (ret != NTStatus.STATUS_SUCCESS && ret != NTStatus.STATUS_SOME_NOT_MAPPED) if (ret != NTStatus.STATUS_SUCCESS && ret != NTStatus.STATUS_SOME_NOT_MAPPED)
ThrowIfLsaError(ret); ThrowIfLsaError(ret);
var d = domains.DangerousGetHandle().ToStructure<LSA_REFERENCED_DOMAIN_LIST>().DomainList.ToArray(); var d = domains.DangerousGetHandle().ToStructure<LSA_REFERENCED_DOMAIN_LIST>().DomainList.ToArray();
@ -239,14 +239,14 @@ namespace Vanara.Security.AccessControl
private static string FromPriv(SystemPrivilege priv) => SystemPrivilegeTypeConverter.PrivLookup[priv]; private static string FromPriv(SystemPrivilege priv) => SystemPrivilegeTypeConverter.PrivLookup[priv];
private static void ThrowIfLsaError(uint lsaRetVal) private static void ThrowIfLsaError(NTStatus lsaRetVal)
{ {
LsaNtStatusToWinError(lsaRetVal).ThrowIfFailed(); LsaNtStatusToWinError(lsaRetVal).ThrowIfFailed();
} }
private void AddRights(string accountName, params string[] privilegeNames) private void AddRights(string accountName, params string[] privilegeNames)
{ {
ThrowIfLsaError(LsaAddAccountRights(Handle, GetSid(accountName), privilegeNames, privilegeNames.Length)); ThrowIfLsaError(LsaAddAccountRights(Handle, GetSid(accountName), privilegeNames, (uint)privilegeNames.Length));
} }
private SafeLSA_HANDLE GetAccount(string accountName, LsaAccountAccessMask mask = LsaAccountAccessMask.ACCOUNT_VIEW) private SafeLSA_HANDLE GetAccount(string accountName, LsaAccountAccessMask mask = LsaAccountAccessMask.ACCOUNT_VIEW)
@ -299,7 +299,7 @@ namespace Vanara.Security.AccessControl
private void RemoveRights(string accountName, params string[] privilegeNames) private void RemoveRights(string accountName, params string[] privilegeNames)
{ {
ThrowIfLsaError(LsaRemoveAccountRights(Handle, GetSid(accountName), false, privilegeNames, privilegeNames.Length)); ThrowIfLsaError(LsaRemoveAccountRights(Handle, GetSid(accountName), false, privilegeNames, (uint)privilegeNames.Length));
} }
private static void SetSystemAccess(SafeLSA_HANDLE hAcct, AccountLogonRights rights) private static void SetSystemAccess(SafeLSA_HANDLE hAcct, AccountLogonRights rights)

4
UnitTests/PInvoke/Security/AdvApi32/PSIDTests.cs
View File

@ -29,10 +29,10 @@ namespace Vanara.PInvoke.Tests
var sid4 = new SafePSID(100); var sid4 = new SafePSID(100);
Assert.That(!sid4.IsClosed); Assert.That(!sid4.IsClosed);
Assert.That(!sid4.IsValidSid); Assert.That(!sid4.IsValidSid);
Assert.That(sid4.Size, Is.EqualTo(100)); Assert.That((int)sid4.Size, Is.EqualTo(100));
sid4.Dispose(); sid4.Dispose();
Assert.That(sid4.IsClosed); Assert.That(sid4.IsClosed);
Assert.That(sid4.Size, Is.EqualTo(0)); Assert.That((int)sid4.Size, Is.EqualTo(0));
Assert.That(sid.Equals("X"), Is.False); Assert.That(sid.Equals("X"), Is.False);
Assert.That(sid.Equals(sid3), Is.False); Assert.That(sid.Equals(sid3), Is.False);