aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src/sid.cpp
blob: 879e4a7ea8854c49b61a7fbe2bfef341a5124c9d (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
// Copyright (c) 2016 Egor Tensin <Egor.Tensin@gmail.com>
// This file is part of the "Privilege check" project.
// For details, see https://github.com/egor-tensin/privilege-check.
// Distributed under the MIT License.

#include "error.hpp"
#include "sid.hpp"

#include <Windows.h>
#include <sddl.h>

#include <memory>
#include <string>

namespace sid
{
    SidBuffer well_known(WELL_KNOWN_SID_TYPE type)
    {
        SidBuffer buffer;
        DWORD cb = static_cast<DWORD>(buffer.size());

        if (!CreateWellKnownSid(type, NULL, buffer.data(), &cb))
            error::raise("CreateWellKnownSid");

        return buffer;
    }

    SidBuffer builtin_administrators()
    {
        /*
        void* sid = nullptr;
        SID_IDENTIFIER_AUTHORITY authority = SECURITY_NT_AUTHORITY;

        if (!AllocateAndInitializeSid(
            &authority,
            2,
            SECURITY_BUILTIN_DOMAIN_RID,
            DOMAIN_ALIAS_RID_ADMINS,
            0, 0, 0, 0, 0, 0,
            &sid))
        {
            error::raise("AllocateAndInitializeSid");
        }

        return std::unique_ptr<void, FreeSid>{sid};
        */

        return well_known(WinBuiltinAdministratorsSid);
    }

    namespace
    {
        struct LocalDelete
        {
            void operator()(wchar_t* s) const
            {
                LocalFree(s);
            }
        };
    }

    std::wstring to_string(const SidBuffer& sid)
    {
        wchar_t* s = nullptr;

        if (!ConvertSidToStringSidW(const_cast<unsigned char*>(sid.data()), &s))
            error::raise("ConvertSidToStringSidW");

        return std::unique_ptr<wchar_t, LocalDelete>{s}.get();
    }
}