Index: /trunk/src/VBox/Runtime/testcase/Makefile.kmk =================================================================== --- /trunk/src/VBox/Runtime/testcase/Makefile.kmk (revision 27436) +++ /trunk/src/VBox/Runtime/testcase/Makefile.kmk (revision 27437) @@ -394,4 +394,5 @@ tstRTProcCreateEx_TEMPLATE = VBOXR3TSTEXE tstRTProcCreateEx_SOURCES = tstRTProcCreateEx.cpp +tstRTProcCreateEx_LIBS += Secur32.lib tstRTProcWait_SOURCES = tstRTProcWait.cpp @@ -470,5 +471,5 @@ # -# odds and ends +# odds and ends # Index: /trunk/src/VBox/Runtime/testcase/tstRTProcCreateEx.cpp =================================================================== --- /trunk/src/VBox/Runtime/testcase/tstRTProcCreateEx.cpp (revision 27436) +++ /trunk/src/VBox/Runtime/testcase/tstRTProcCreateEx.cpp (revision 27437) @@ -39,4 +39,5 @@ #include #include +#include #include #include @@ -47,4 +48,9 @@ #include +#ifdef RT_OS_WINDOWS +# define SECURITY_WIN32 +# include +# include +#endif /******************************************************************************* @@ -69,4 +75,98 @@ }; +static int tstRTCreateProcEx5Child(int argc, char **argv) +{ + int rc = RTR3Init(); + if (rc) + return RTMsgInitFailure(rc); + +#ifdef RT_OS_WINDOWS + char szUser[_1K]; + DWORD cbLen = sizeof(szUser); + /** @todo Does not yet handle ERROR_MORE_DATA for user names longer than 32767. */ + if (!GetUserNameEx(NameSamCompatible, szUser, &cbLen)) + { + RTPrintf("GetUserNameEx failed with last error=%ld\n", GetLastError()); + return VERR_AUTHENTICATION_FAILURE; + } + else + { + DWORD cbSid = 0; + DWORD cbDomain = 0; + SID_NAME_USE sidUse; + /* First try to figure out how much space for SID + domain name we need. */ + BOOL bRet = LookupAccountName(NULL /* current system*/, + szUser, + NULL, + &cbSid, + NULL, + &cbDomain, + &sidUse); + if (!bRet) + { + DWORD dwErr = GetLastError(); + if (dwErr != ERROR_INSUFFICIENT_BUFFER) + { + RTPrintf("LookupAccountName(1) failed with last error=%ld\n", dwErr); + return VERR_AUTHENTICATION_FAILURE; + } + } + + /* Now try getting the real SID + domain name. */ + SID *pSid = (SID *)RTMemAlloc(cbSid); + AssertPtr(pSid); + char *pszDomain = (char *)RTMemAlloc(cbDomain); /* Size in TCHAR! */ + AssertPtr(pszDomain); + + if (!LookupAccountName(NULL /* Current system */, + szUser, + pSid, + &cbSid, + pszDomain, + &cbDomain, + &sidUse)) + { + RTPrintf("LookupAccountName(2) failed with last error=%ld\n", GetLastError()); + return VERR_AUTHENTICATION_FAILURE; + } + else + { + RTPrintf("NameSamCompatible: %s\n" + "DomainName: %s\n", + pszDomain, szUser); + } + RTMemFree(pSid); + RTMemFree(pszDomain); + } +#else + /** @todo Lookup UID/effective UID, maybe GID? */ +#endif + return rc; +} + +static void tstRTCreateProcEx5(void) +{ + RTTestISub("Impersonation (as user)"); + + const char * apszArgs[3] = + { + "test", /* user name */ + "--testcase-child-5", + NULL + }; + + RTPROCESS hProc; + RTTESTI_CHECK_RC_RETV(RTProcCreateEx(g_szExecName, apszArgs, RTENV_DEFAULT, 0 /*fFlags*/, NULL, + NULL, NULL, NULL, &hProc), VINF_SUCCESS); + RTPROCSTATUS ProcStatus = { -1, RTPROCEXITREASON_ABEND }; + RTTESTI_CHECK_RC(RTProcWait(hProc, RTPROCWAIT_FLAGS_BLOCK, &ProcStatus), VINF_SUCCESS); + + if (ProcStatus.enmReason != RTPROCEXITREASON_NORMAL || ProcStatus.iStatus != 0) + RTTestIFailed("enmReason=%d iStatus=%d", ProcStatus.enmReason, ProcStatus.iStatus); + else + RTTestIPassed(NULL); +} + + static int tstRTCreateProcEx4Child(int argc, char **argv) { @@ -316,4 +416,6 @@ if (argc >= 5 && !strcmp(argv[1], "--testcase-child-4")) return tstRTCreateProcEx4Child(argc, argv); + if (argc == 2 && !strcmp(argv[1], "--testcase-child-5")) + return tstRTCreateProcEx5Child(argc, argv); if (argc != 1) return 99; @@ -335,5 +437,7 @@ tstRTCreateProcEx3(); tstRTCreateProcEx4(); - /** @todo Cover files, pszAsUser, ++ */ + /** @todo Do not run tstRTCreateProcEx5 on NT4, may not work (?) */ + tstRTCreateProcEx5(); + /** @todo Cover files, ++ */ /*