AccessControl SidString support [Anders]

1. static void SetIdentifierAuthority32(SID_IDENTIFIER_AUTHORITY&sia, DWORD value)
2. {
3.   sia.Value[5] = (BYTE)((value & 0x000000FF) >> 0);
4.   sia.Value[4] = (BYTE)((value & 0x0000FF00) >> 8);
5.   sia.Value[3] = (BYTE)((value & 0x00FF0000) >> 16);
6.   sia.Value[2] = (BYTE)((value & 0xFF000000) >> 24);
7.   sia.Value[1] = sia.Value[0] = 0;
8. }
9.  
10. // Based on GetBinarySid function from http://www.codeguru.com/cpp/w-p/system/security/article.php/c5659.
11. BOOL MyConvertStringSidToSid(TCHAR* szSid, PSID* ppSid)
12. {  
13.   *ppSid = NULL;
14.   SID_IDENTIFIER_AUTHORITY identAuthority;
15.   BYTE nByteAuthorityCount = 0;
16.   DWORD dwSubAuthority[8];
17.   static const struct { char id0, id1; BYTE ia, sa0, sa1; } sidmap[] = {
18.     {'A'|32,'N'|32, (5), (7) , 0}, // NT AUTHORITY\ANONYMOUS LOGON
19.     {'A'|32,'U'|32, (5), (11), 0}, // NT AUTHORITY\Authenticated Users
20.     {'B'|32,'A'|32, (5), (32), (544)-500}, // BUILTIN\Administrators
21.     {'B'|32,'U'|32, (5), (32), (545)-500}, // BUILTIN\Users
22.     {'I'|32,'U'|32, (5), (4) , 0}, // NT AUTHORITY\INTERACTIVE
23.     {'S'|32,'Y'|32, (5), (18), 0}, // NT AUTHORITY\SYSTEM
24.     {'W'|32,'D'|32, (1), (0) , 0}, // Everyone
25.   };
26.  
27.   // Try to lookup a SID string
28.   for (int i = 0; i < SIZE_OF_ARRAY(sidmap); ++i)
29.   {
30.     if ((szSid[0]|32) != sidmap[i].id0 || (szSid[1]|32) != sidmap[i].id1 || szSid[2]) continue;
31.     SetIdentifierAuthority32(identAuthority, sidmap[i].ia);
32.     dwSubAuthority[nByteAuthorityCount++] = sidmap[i].sa0;
33.     if (sidmap[i].sa1) dwSubAuthority[nByteAuthorityCount++] = (DWORD)sidmap[i].sa1 + 500;
34.     goto initSid;
35.   }
36.  
37.   // S-SID_REVISION- + identifierauthority- + subauthorities- + NULL
38.   // Skip S
39.   PTSTR ptr;
40.   if (!(ptr = CharPos(szSid, lstrlen(szSid), TEXT('-')))) return FALSE;
41.   ptr++;
42.  
43.   // Skip SID_REVISION
44.   if (!(ptr = CharPos(ptr, lstrlen(ptr), TEXT('-')))) return FALSE;
45.   ptr++;
46.  
47.   // Skip identifierauthority
48.   PTSTR ptr1;
49.   if (!(ptr1 = CharPos(ptr, lstrlen(ptr), TEXT('-')))) return FALSE;
50.   *ptr1 = 0;
51.  
52.   if ((*ptr == TEXT('0')) && (*(ptr+1) == TEXT('x')))
53.   {
54.     identAuthority.Value[0] = FromHex(ptr);
55.     identAuthority.Value[1] = FromHex(ptr + 2);
56.     identAuthority.Value[2] = FromHex(ptr + 4);
57.     identAuthority.Value[3] = FromHex(ptr + 8);
58.     identAuthority.Value[4] = FromHex(ptr + 10);
59.     identAuthority.Value[5] = FromHex(ptr + 12);
60.   }
61.   else
62.   {
63.     SetIdentifierAuthority32(identAuthority, myatou(ptr));
64.   }
65.  
66.   // Skip -
67.   *ptr1 = TEXT('-'), ptr = ptr1, ptr1++;
68.  
69.   for (int i = 0; i < 8; i++)
70.   {
71.     // Get subauthority.
72.     if (!(ptr = CharPos(ptr, lstrlen(ptr), TEXT('-')))) break;
73.     *ptr = 0, ptr++, nByteAuthorityCount++;
74.   }
75.  
76.   for (int i = 0; i < nByteAuthorityCount; i++)
77.   {
78.     // Get subauthority.
79.     dwSubAuthority[i] = myatou(ptr1);
80.     ptr1 += lstrlen(ptr1) + 1;
81.   }
82. initSid:
83.   if (!AllocateAndInitializeSid(&identAuthority,
84.       nByteAuthorityCount,
85.       dwSubAuthority[0],
86.       dwSubAuthority[1],
87.       dwSubAuthority[2],
88.       dwSubAuthority[3],
89.       dwSubAuthority[4],
90.       dwSubAuthority[5],
91.       dwSubAuthority[6],
92.       dwSubAuthority[7],
93.       ppSid))
94.       *ppSid = NULL;
95.  
96.   return TRUE;
97. }