advapi32: Move security descriptor functions to kernelbase.

Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Alexandre Julliard 2019-06-25 12:35:52 +02:00
parent 7557620aeb
commit 0ded440242
4 changed files with 453 additions and 533 deletions

View File

@ -131,12 +131,12 @@
@ stdcall ConvertStringSecurityDescriptorToSecurityDescriptorW(wstr long ptr ptr)
@ stdcall ConvertStringSidToSidA(ptr ptr)
@ stdcall ConvertStringSidToSidW(ptr ptr)
@ stdcall ConvertToAutoInheritPrivateObjectSecurity(ptr ptr ptr ptr long ptr)
@ stdcall -import ConvertToAutoInheritPrivateObjectSecurity(ptr ptr ptr ptr long ptr)
@ stdcall -import CopySid(long ptr ptr)
# @ stub CreateCodeAuthzLevel
@ stdcall CreatePrivateObjectSecurity(ptr ptr ptr long long ptr)
@ stdcall CreatePrivateObjectSecurityEx(ptr ptr ptr ptr long long long ptr)
@ stdcall CreatePrivateObjectSecurityWithMultipleInheritance(ptr ptr ptr ptr long long long long ptr)
@ stdcall -import CreatePrivateObjectSecurity(ptr ptr ptr long long ptr)
@ stdcall -import CreatePrivateObjectSecurityEx(ptr ptr ptr ptr long long long ptr)
@ stdcall -import CreatePrivateObjectSecurityWithMultipleInheritance(ptr ptr ptr ptr long long long long ptr)
@ stdcall CreateProcessAsUserA(long str str ptr ptr long long ptr str ptr ptr) kernel32.CreateProcessAsUserA
# @ stub CreateProcessAsUserSecure
@ stdcall CreateProcessAsUserW(long wstr wstr ptr ptr long long ptr wstr ptr ptr) kernel32.CreateProcessAsUserW
@ -237,7 +237,7 @@
@ stdcall DeleteAce(ptr long)
@ stdcall DeleteService(long)
@ stdcall DeregisterEventSource(long)
@ stdcall DestroyPrivateObjectSecurity(ptr)
@ stdcall -import DestroyPrivateObjectSecurity(ptr)
# @ stub DuplicateEncryptionInfoFile
@ stdcall -import DuplicateToken(long long ptr)
@ stdcall -import DuplicateTokenEx(long long ptr long long ptr)
@ -326,12 +326,12 @@
@ stdcall GetExplicitEntriesFromAclA(ptr ptr ptr)
@ stdcall GetExplicitEntriesFromAclW(ptr ptr ptr)
@ stdcall GetFileSecurityA(str long ptr long ptr)
@ stdcall GetFileSecurityW(wstr long ptr long ptr)
@ stdcall -import GetFileSecurityW(wstr long ptr long ptr)
# @ stub GetInformationCodeAuthzLevelW
# @ stub GetInformationCodeAuthzPolicyW
# @ stub GetInheritanceSourceA
# @ stub GetInheritanceSourceW
@ stdcall GetKernelObjectSecurity(long long ptr long ptr)
@ stdcall -import GetKernelObjectSecurity(long long ptr long ptr)
@ stdcall -import GetLengthSid(ptr)
# @ stub GetLocalManagedApplicationData
# @ stub GetLocalManagedApplications
@ -349,14 +349,14 @@
@ stdcall GetNumberOfEventLogRecords (long ptr)
@ stdcall GetOldestEventLogRecord (long ptr)
# @ stub GetOverlappedAccessResults
@ stdcall GetPrivateObjectSecurity(ptr long ptr long ptr)
@ stdcall GetSecurityDescriptorControl (ptr ptr ptr)
@ stdcall GetSecurityDescriptorDacl (ptr ptr ptr ptr)
@ stdcall GetSecurityDescriptorGroup(ptr ptr ptr)
@ stdcall GetSecurityDescriptorLength(ptr)
@ stdcall GetSecurityDescriptorOwner(ptr ptr ptr)
@ stdcall -import GetPrivateObjectSecurity(ptr long ptr long ptr)
@ stdcall -import GetSecurityDescriptorControl (ptr ptr ptr)
@ stdcall -import GetSecurityDescriptorDacl (ptr ptr ptr ptr)
@ stdcall -import GetSecurityDescriptorGroup(ptr ptr ptr)
@ stdcall -import GetSecurityDescriptorLength(ptr)
@ stdcall -import GetSecurityDescriptorOwner(ptr ptr ptr)
# @ stub GetSecurityDescriptorRMControl
@ stdcall GetSecurityDescriptorSacl (ptr ptr ptr ptr)
@ stdcall -import GetSecurityDescriptorSacl (ptr ptr ptr ptr)
@ stdcall GetSecurityInfo (long long long ptr ptr ptr ptr ptr)
@ stdcall GetSecurityInfoExA (long long long str str ptr ptr ptr ptr)
@ stdcall GetSecurityInfoExW (long long long wstr wstr ptr ptr ptr ptr)
@ -403,7 +403,7 @@
@ stdcall -import ImpersonateNamedPipeClient(long)
@ stdcall -import ImpersonateSelf(long)
@ stdcall InitializeAcl(ptr long long)
@ stdcall InitializeSecurityDescriptor(ptr long)
@ stdcall -import InitializeSecurityDescriptor(ptr long)
@ stdcall -import InitializeSid(ptr ptr long)
@ stdcall InitiateShutdownA(str str long long long)
@ stdcall InitiateShutdownW(wstr wstr long long long)
@ -418,7 +418,7 @@
# @ stub IsTokenUntrusted
@ stdcall IsValidAcl(ptr)
# @ stub IsValidRelativeSecurityDescriptor
@ stdcall IsValidSecurityDescriptor(ptr)
@ stdcall -import IsValidSecurityDescriptor(ptr)
@ stdcall -import IsValidSid(ptr)
@ stdcall -import IsWellKnownSid(ptr long)
@ stdcall LockServiceDatabase(ptr)
@ -518,9 +518,9 @@
# @ stub MIDL_user_free_Ext
# @ stub MSChapSrvChangePassword
# @ stub MSChapSrvChangePassword2
@ stdcall MakeAbsoluteSD(ptr ptr ptr ptr ptr ptr ptr ptr ptr ptr ptr)
@ stdcall -import MakeAbsoluteSD(ptr ptr ptr ptr ptr ptr ptr ptr ptr ptr ptr)
# @ stub MakeAbsoluteSD2
@ stdcall MakeSelfRelativeSD(ptr ptr ptr)
@ stdcall -import MakeSelfRelativeSD(ptr ptr ptr)
@ stdcall MapGenericMask(ptr ptr)
@ stdcall NotifyBootConfigStatus(long)
@ stdcall NotifyChangeEventLog (long long)
@ -740,23 +740,23 @@
# @ stub SetEntriesInAuditListA
# @ stub SetEntriesInAuditListW
@ stdcall SetFileSecurityA(str long ptr )
@ stdcall SetFileSecurityW(wstr long ptr)
@ stdcall -import SetFileSecurityW(wstr long ptr)
# @ stub SetInformationCodeAuthzLevelW
# @ stub SetInformationCodeAuthzPolicyW
@ stdcall SetKernelObjectSecurity(long long ptr)
@ stdcall -import SetKernelObjectSecurity(long long ptr)
@ stdcall SetNamedSecurityInfoA(str long long ptr ptr ptr ptr)
# @ stub SetNamedSecurityInfoExA
# @ stub SetNamedSecurityInfoExW
@ stdcall SetNamedSecurityInfoW(wstr long long ptr ptr ptr ptr)
@ stdcall SetPrivateObjectSecurity(long ptr ptr ptr long)
@ stdcall -import SetPrivateObjectSecurity(long ptr ptr ptr long)
# @ stub SetPrivateObjectSecurityEx
# @ stub SetSecurityAccessMask
@ stdcall SetSecurityDescriptorControl(ptr long long)
@ stdcall SetSecurityDescriptorDacl(ptr long ptr long)
@ stdcall SetSecurityDescriptorGroup (ptr ptr long)
@ stdcall SetSecurityDescriptorOwner (ptr ptr long)
@ stdcall -import SetSecurityDescriptorControl(ptr long long)
@ stdcall -import SetSecurityDescriptorDacl(ptr long ptr long)
@ stdcall -import SetSecurityDescriptorGroup (ptr ptr long)
@ stdcall -import SetSecurityDescriptorOwner (ptr ptr long)
# @ stub SetSecurityDescriptorRMControl
@ stdcall SetSecurityDescriptorSacl(ptr long ptr long)
@ stdcall -import SetSecurityDescriptorSacl(ptr long ptr long)
@ stdcall SetSecurityInfo (long long long ptr ptr ptr ptr)
# @ stub SetSecurityInfoExA
# @ stub SetSecurityInfoExW

View File

@ -156,8 +156,6 @@ static const WELLKNOWNRID WellKnownRids[] = {
};
static SID const sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } };
typedef struct _AccountSid {
WELL_KNOWN_SID_TYPE type;
LPCWSTR account;
@ -462,24 +460,6 @@ static inline DWORD get_security_regkey( LPWSTR full_key_name, DWORD access, HAN
return RegOpenKeyExW( hParent, p+1, 0, access, (HKEY *)key );
}
#define WINE_SIZE_OF_WORLD_ACCESS_ACL (sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD))
static void GetWorldAccessACL(PACL pACL)
{
PACCESS_ALLOWED_ACE pACE = (PACCESS_ALLOWED_ACE) (pACL + 1);
pACL->AclRevision = ACL_REVISION;
pACL->Sbz1 = 0;
pACL->AclSize = WINE_SIZE_OF_WORLD_ACCESS_ACL;
pACL->AceCount = 1;
pACL->Sbz2 = 0;
pACE->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
pACE->Header.AceFlags = CONTAINER_INHERIT_ACE;
pACE->Header.AceSize = sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD);
pACE->Mask = 0xf3ffffff; /* Everything except reserved bits */
memcpy(&pACE->SidStart, &sidWorld, sizeof(sidWorld));
}
/************************************************************
* ADVAPI_IsLocalComputer
@ -712,277 +692,6 @@ done:
return ret;
}
/******************************************************************************
* InitializeSecurityDescriptor [ADVAPI32.@]
*
* PARAMS
* pDescr []
* revision []
*/
BOOL WINAPI
InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR pDescr, DWORD revision )
{
return set_ntstatus( RtlCreateSecurityDescriptor(pDescr, revision ));
}
/******************************************************************************
* MakeAbsoluteSD [ADVAPI32.@]
*/
BOOL WINAPI MakeAbsoluteSD (
IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
OUT PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
OUT LPDWORD lpdwAbsoluteSecurityDescriptorSize,
OUT PACL pDacl,
OUT LPDWORD lpdwDaclSize,
OUT PACL pSacl,
OUT LPDWORD lpdwSaclSize,
OUT PSID pOwner,
OUT LPDWORD lpdwOwnerSize,
OUT PSID pPrimaryGroup,
OUT LPDWORD lpdwPrimaryGroupSize)
{
return set_ntstatus( RtlSelfRelativeToAbsoluteSD(pSelfRelativeSecurityDescriptor,
pAbsoluteSecurityDescriptor,
lpdwAbsoluteSecurityDescriptorSize,
pDacl, lpdwDaclSize, pSacl, lpdwSaclSize,
pOwner, lpdwOwnerSize,
pPrimaryGroup, lpdwPrimaryGroupSize));
}
/******************************************************************************
* GetKernelObjectSecurity [ADVAPI32.@]
*/
BOOL WINAPI GetKernelObjectSecurity(
HANDLE Handle,
SECURITY_INFORMATION RequestedInformation,
PSECURITY_DESCRIPTOR pSecurityDescriptor,
DWORD nLength,
LPDWORD lpnLengthNeeded )
{
TRACE("(%p,0x%08x,%p,0x%08x,%p)\n", Handle, RequestedInformation,
pSecurityDescriptor, nLength, lpnLengthNeeded);
return set_ntstatus( NtQuerySecurityObject(Handle, RequestedInformation, pSecurityDescriptor,
nLength, lpnLengthNeeded ));
}
/******************************************************************************
* GetPrivateObjectSecurity [ADVAPI32.@]
*/
BOOL WINAPI GetPrivateObjectSecurity(
PSECURITY_DESCRIPTOR ObjectDescriptor,
SECURITY_INFORMATION SecurityInformation,
PSECURITY_DESCRIPTOR ResultantDescriptor,
DWORD DescriptorLength,
PDWORD ReturnLength )
{
SECURITY_DESCRIPTOR desc;
BOOL defaulted, present;
PACL pacl;
PSID psid;
TRACE("(%p,0x%08x,%p,0x%08x,%p)\n", ObjectDescriptor, SecurityInformation,
ResultantDescriptor, DescriptorLength, ReturnLength);
if (!InitializeSecurityDescriptor(&desc, SECURITY_DESCRIPTOR_REVISION))
return FALSE;
if (SecurityInformation & OWNER_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorOwner(ObjectDescriptor, &psid, &defaulted))
return FALSE;
SetSecurityDescriptorOwner(&desc, psid, defaulted);
}
if (SecurityInformation & GROUP_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorGroup(ObjectDescriptor, &psid, &defaulted))
return FALSE;
SetSecurityDescriptorGroup(&desc, psid, defaulted);
}
if (SecurityInformation & DACL_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorDacl(ObjectDescriptor, &present, &pacl, &defaulted))
return FALSE;
SetSecurityDescriptorDacl(&desc, present, pacl, defaulted);
}
if (SecurityInformation & SACL_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorSacl(ObjectDescriptor, &present, &pacl, &defaulted))
return FALSE;
SetSecurityDescriptorSacl(&desc, present, pacl, defaulted);
}
*ReturnLength = DescriptorLength;
return MakeSelfRelativeSD(&desc, ResultantDescriptor, ReturnLength);
}
/******************************************************************************
* GetSecurityDescriptorLength [ADVAPI32.@]
*/
DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR pDescr)
{
return RtlLengthSecurityDescriptor(pDescr);
}
/******************************************************************************
* GetSecurityDescriptorOwner [ADVAPI32.@]
*
* PARAMS
* pOwner []
* lpbOwnerDefaulted []
*/
BOOL WINAPI
GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pDescr, PSID *pOwner,
LPBOOL lpbOwnerDefaulted )
{
BOOLEAN defaulted;
BOOL ret = set_ntstatus( RtlGetOwnerSecurityDescriptor( pDescr, pOwner, &defaulted ));
*lpbOwnerDefaulted = defaulted;
return ret;
}
/******************************************************************************
* SetSecurityDescriptorOwner [ADVAPI32.@]
*
* PARAMS
*/
BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
PSID pOwner, BOOL bOwnerDefaulted)
{
return set_ntstatus( RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
}
/******************************************************************************
* GetSecurityDescriptorGroup [ADVAPI32.@]
*/
BOOL WINAPI GetSecurityDescriptorGroup(
PSECURITY_DESCRIPTOR SecurityDescriptor,
PSID *Group,
LPBOOL GroupDefaulted)
{
BOOLEAN defaulted;
BOOL ret = set_ntstatus( RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, &defaulted ));
*GroupDefaulted = defaulted;
return ret;
}
/******************************************************************************
* SetSecurityDescriptorGroup [ADVAPI32.@]
*/
BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
PSID Group, BOOL GroupDefaulted)
{
return set_ntstatus( RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
}
/******************************************************************************
* IsValidSecurityDescriptor [ADVAPI32.@]
*
* PARAMS
* lpsecdesc []
*/
BOOL WINAPI
IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
{
return set_ntstatus( RtlValidSecurityDescriptor(SecurityDescriptor));
}
/******************************************************************************
* GetSecurityDescriptorDacl [ADVAPI32.@]
*/
BOOL WINAPI GetSecurityDescriptorDacl(
IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
OUT LPBOOL lpbDaclPresent,
OUT PACL *pDacl,
OUT LPBOOL lpbDaclDefaulted)
{
BOOLEAN present, defaulted;
BOOL ret = set_ntstatus( RtlGetDaclSecurityDescriptor(pSecurityDescriptor, &present, pDacl, &defaulted));
*lpbDaclPresent = present;
*lpbDaclDefaulted = defaulted;
return ret;
}
/******************************************************************************
* SetSecurityDescriptorDacl [ADVAPI32.@]
*/
BOOL WINAPI
SetSecurityDescriptorDacl (
PSECURITY_DESCRIPTOR lpsd,
BOOL daclpresent,
PACL dacl,
BOOL dacldefaulted )
{
return set_ntstatus( RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ) );
}
/******************************************************************************
* GetSecurityDescriptorSacl [ADVAPI32.@]
*/
BOOL WINAPI GetSecurityDescriptorSacl(
IN PSECURITY_DESCRIPTOR lpsd,
OUT LPBOOL lpbSaclPresent,
OUT PACL *pSacl,
OUT LPBOOL lpbSaclDefaulted)
{
BOOLEAN present, defaulted;
BOOL ret = set_ntstatus( RtlGetSaclSecurityDescriptor(lpsd, &present, pSacl, &defaulted) );
*lpbSaclPresent = present;
*lpbSaclDefaulted = defaulted;
return ret;
}
/**************************************************************************
* SetSecurityDescriptorSacl [ADVAPI32.@]
*/
BOOL WINAPI SetSecurityDescriptorSacl (
PSECURITY_DESCRIPTOR lpsd,
BOOL saclpresent,
PACL lpsacl,
BOOL sacldefaulted)
{
return set_ntstatus (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
}
/******************************************************************************
* MakeSelfRelativeSD [ADVAPI32.@]
*
* PARAMS
* lpabssecdesc []
* lpselfsecdesc []
* lpbuflen []
*/
BOOL WINAPI
MakeSelfRelativeSD(
IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
IN OUT LPDWORD lpdwBufferLength)
{
return set_ntstatus( RtlMakeSelfRelativeSD( pAbsoluteSecurityDescriptor,
pSelfRelativeSecurityDescriptor, lpdwBufferLength));
}
/******************************************************************************
* GetSecurityDescriptorControl [ADVAPI32.@]
*/
BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR pSecurityDescriptor,
PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
{
return set_ntstatus( RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
}
/******************************************************************************
* SetSecurityDescriptorControl [ADVAPI32.@]
*/
BOOL WINAPI SetSecurityDescriptorControl( PSECURITY_DESCRIPTOR pSecurityDescriptor,
SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest,
SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet )
{
return set_ntstatus( RtlSetControlSecurityDescriptor(
pSecurityDescriptor, ControlBitsOfInterest, ControlBitsToSet ) );
}
/* ##############################
###### ACL FUNCTIONS ######
@ -1485,45 +1194,6 @@ GetFileSecurityA( LPCSTR lpFileName,
return r;
}
/******************************************************************************
* GetFileSecurityW [ADVAPI32.@]
*
* See GetFileSecurityA.
*/
BOOL WINAPI
GetFileSecurityW( LPCWSTR lpFileName,
SECURITY_INFORMATION RequestedInformation,
PSECURITY_DESCRIPTOR pSecurityDescriptor,
DWORD nLength, LPDWORD lpnLengthNeeded )
{
HANDLE hfile;
NTSTATUS status;
DWORD access = 0, err;
TRACE("(%s,%d,%p,%d,%p)\n", debugstr_w(lpFileName),
RequestedInformation, pSecurityDescriptor,
nLength, lpnLengthNeeded);
if (RequestedInformation & (OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|
DACL_SECURITY_INFORMATION))
access |= READ_CONTROL;
if (RequestedInformation & SACL_SECURITY_INFORMATION)
access |= ACCESS_SYSTEM_SECURITY;
err = get_security_file( lpFileName, access, &hfile);
if (err)
{
SetLastError(err);
return FALSE;
}
status = NtQuerySecurityObject( hfile, RequestedInformation, pSecurityDescriptor,
nLength, lpnLengthNeeded );
CloseHandle( hfile );
return set_ntstatus( status );
}
/******************************************************************************
* LookupAccountSidA [ADVAPI32.@]
*/
@ -1806,52 +1476,6 @@ BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
return r;
}
/******************************************************************************
* SetFileSecurityW [ADVAPI32.@]
*
* Sets the security of a file or directory.
*
* PARAMS
* lpFileName []
* RequestedInformation []
* pSecurityDescriptor []
*
* RETURNS
* Success: TRUE.
* Failure: FALSE.
*/
BOOL WINAPI
SetFileSecurityW( LPCWSTR lpFileName,
SECURITY_INFORMATION RequestedInformation,
PSECURITY_DESCRIPTOR pSecurityDescriptor )
{
HANDLE file;
DWORD access = 0, err;
NTSTATUS status;
TRACE("(%s, 0x%x, %p)\n", debugstr_w(lpFileName), RequestedInformation,
pSecurityDescriptor );
if (RequestedInformation & OWNER_SECURITY_INFORMATION ||
RequestedInformation & GROUP_SECURITY_INFORMATION)
access |= WRITE_OWNER;
if (RequestedInformation & SACL_SECURITY_INFORMATION)
access |= ACCESS_SYSTEM_SECURITY;
if (RequestedInformation & DACL_SECURITY_INFORMATION)
access |= WRITE_DAC;
err = get_security_file( lpFileName, access, &file);
if (err)
{
SetLastError(err);
return FALSE;
}
status = NtSetSecurityObject( file, RequestedInformation, pSecurityDescriptor );
CloseHandle( file );
return set_ntstatus( status );
}
/******************************************************************************
* QueryWindows31FilesMigration [ADVAPI32.@]
*
@ -1959,17 +1583,6 @@ VOID WINAPI MapGenericMask( PDWORD AccessMask, PGENERIC_MAPPING GenericMapping )
RtlMapGenericMask( AccessMask, GenericMapping );
}
/*************************************************************************
* SetKernelObjectSecurity [ADVAPI32.@]
*/
BOOL WINAPI SetKernelObjectSecurity (
IN HANDLE Handle,
IN SECURITY_INFORMATION SecurityInformation,
IN PSECURITY_DESCRIPTOR SecurityDescriptor )
{
return set_ntstatus (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
}
/******************************************************************************
* AddAuditAccessAce [ADVAPI32.@]
@ -3380,18 +2993,6 @@ DWORD WINAPI SetNamedSecurityInfoA(LPSTR pObjectName,
return r;
}
BOOL WINAPI SetPrivateObjectSecurity( SECURITY_INFORMATION SecurityInformation,
PSECURITY_DESCRIPTOR ModificationDescriptor,
PSECURITY_DESCRIPTOR* ObjectsSecurityDescriptor,
PGENERIC_MAPPING GenericMapping,
HANDLE Token )
{
FIXME("0x%08x %p %p %p %p - stub\n", SecurityInformation, ModificationDescriptor,
ObjectsSecurityDescriptor, GenericMapping, Token);
return TRUE;
}
BOOL WINAPI AreAllAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
{
return RtlAreAllAccessesGranted( GrantedAccess, DesiredAccess );
@ -4652,88 +4253,6 @@ BOOL WINAPI ConvertSidToStringSidA(PSID pSid, LPSTR *pstr)
return TRUE;
}
BOOL WINAPI ConvertToAutoInheritPrivateObjectSecurity(
PSECURITY_DESCRIPTOR pdesc,
PSECURITY_DESCRIPTOR cdesc,
PSECURITY_DESCRIPTOR* ndesc,
GUID* objtype,
BOOL isdir,
PGENERIC_MAPPING genmap )
{
FIXME("%p %p %p %p %d %p - stub\n", pdesc, cdesc, ndesc, objtype, isdir, genmap);
return FALSE;
}
BOOL WINAPI CreatePrivateObjectSecurityEx(
PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator, PSECURITY_DESCRIPTOR *out,
GUID *objtype, BOOL is_directory, ULONG flags, HANDLE token, PGENERIC_MAPPING mapping)
{
SECURITY_DESCRIPTOR_RELATIVE *relative;
DWORD needed, offset;
BYTE *buffer;
FIXME("%p %p %p %p %d %u %p %p - returns fake SECURITY_DESCRIPTOR\n", parent, creator, out,
objtype, is_directory, flags, token, mapping);
needed = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
needed += sizeof(sidWorld);
needed += sizeof(sidWorld);
needed += WINE_SIZE_OF_WORLD_ACCESS_ACL;
needed += WINE_SIZE_OF_WORLD_ACCESS_ACL;
if (!(buffer = heap_alloc( needed ))) return FALSE;
relative = (SECURITY_DESCRIPTOR_RELATIVE *)buffer;
if (!InitializeSecurityDescriptor( relative, SECURITY_DESCRIPTOR_REVISION ))
{
heap_free( buffer );
return FALSE;
}
relative->Control |= SE_SELF_RELATIVE;
offset = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
memcpy( buffer + offset, &sidWorld, sizeof(sidWorld) );
relative->Owner = offset;
offset += sizeof(sidWorld);
memcpy( buffer + offset, &sidWorld, sizeof(sidWorld) );
relative->Group = offset;
offset += sizeof(sidWorld);
GetWorldAccessACL( (ACL *)(buffer + offset) );
relative->Dacl = offset;
offset += WINE_SIZE_OF_WORLD_ACCESS_ACL;
GetWorldAccessACL( (ACL *)(buffer + offset) );
relative->Sacl = offset;
*out = relative;
return TRUE;
}
BOOL WINAPI CreatePrivateObjectSecurity(
PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator, PSECURITY_DESCRIPTOR *out,
BOOL is_container, HANDLE token, PGENERIC_MAPPING mapping)
{
return CreatePrivateObjectSecurityEx(parent, creator, out, NULL, is_container, 0, token, mapping);
}
BOOL WINAPI CreatePrivateObjectSecurityWithMultipleInheritance(
PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator, PSECURITY_DESCRIPTOR *out,
GUID **types, ULONG count, BOOL is_container, ULONG flags, HANDLE token, PGENERIC_MAPPING mapping)
{
FIXME(": semi-stub\n");
return CreatePrivateObjectSecurityEx(parent, creator, out, NULL, is_container, flags, token, mapping);
}
BOOL WINAPI DestroyPrivateObjectSecurity( PSECURITY_DESCRIPTOR* ObjectDescriptor )
{
FIXME("%p - stub\n", ObjectDescriptor);
heap_free( *ObjectDescriptor );
return TRUE;
}
/******************************************************************************
* CreateProcessWithLogonW
*/

View File

@ -163,7 +163,7 @@
@ stdcall ConvertFiberToThread() kernel32.ConvertFiberToThread
@ stdcall ConvertThreadToFiber(ptr) kernel32.ConvertThreadToFiber
@ stdcall ConvertThreadToFiberEx(ptr long) kernel32.ConvertThreadToFiberEx
@ stdcall ConvertToAutoInheritPrivateObjectSecurity(ptr ptr ptr ptr long ptr) advapi32.ConvertToAutoInheritPrivateObjectSecurity
@ stdcall ConvertToAutoInheritPrivateObjectSecurity(ptr ptr ptr ptr long ptr)
# @ stub CopyContext
# @ stub CopyFile2
@ stdcall CopyFileExW(wstr wstr ptr ptr ptr long) kernel32.CopyFileExW
@ -202,9 +202,9 @@
@ stdcall CreateNamedPipeW(wstr long long long long long long ptr) kernel32.CreateNamedPipeW
@ stdcall CreatePipe(ptr ptr ptr long) kernel32.CreatePipe
# @ stub CreatePrivateNamespaceW
@ stdcall CreatePrivateObjectSecurity(ptr ptr ptr long long ptr) advapi32.CreatePrivateObjectSecurity
@ stdcall CreatePrivateObjectSecurityEx(ptr ptr ptr ptr long long long ptr) advapi32.CreatePrivateObjectSecurityEx
@ stdcall CreatePrivateObjectSecurityWithMultipleInheritance(ptr ptr ptr ptr long long long long ptr) advapi32.CreatePrivateObjectSecurityWithMultipleInheritance
@ stdcall CreatePrivateObjectSecurity(ptr ptr ptr long long ptr)
@ stdcall CreatePrivateObjectSecurityEx(ptr ptr ptr ptr long long long ptr)
@ stdcall CreatePrivateObjectSecurityWithMultipleInheritance(ptr ptr ptr ptr long long long long ptr)
@ stdcall CreateProcessA(str str ptr ptr long long ptr str ptr ptr) kernel32.CreateProcessA
@ stdcall CreateProcessAsUserA(long str str ptr ptr long long ptr str ptr ptr) kernel32.CreateProcessAsUserA
@ stdcall CreateProcessAsUserW(long wstr wstr ptr ptr long long ptr wstr ptr ptr) kernel32.CreateProcessAsUserW
@ -260,7 +260,7 @@
@ stdcall DeleteTimerQueueEx(long long) kernel32.DeleteTimerQueueEx
@ stdcall DeleteTimerQueueTimer(long long long) kernel32.DeleteTimerQueueTimer
@ stdcall DeleteVolumeMountPointW(wstr) kernel32.DeleteVolumeMountPointW
@ stdcall DestroyPrivateObjectSecurity(ptr) advapi32.DestroyPrivateObjectSecurity
@ stdcall DestroyPrivateObjectSecurity(ptr)
@ stdcall DeviceIoControl(long long ptr long ptr long ptr ptr) kernel32.DeviceIoControl
@ stdcall DisablePredefinedHandleTableInternal(long)
@ stdcall DisableThreadLibraryCalls(long) kernel32.DisableThreadLibraryCalls
@ -510,7 +510,7 @@
@ stdcall GetFileInformationByHandleEx(long long ptr long) kernel32.GetFileInformationByHandleEx
@ stdcall GetFileMUIInfo(long wstr ptr ptr) kernel32.GetFileMUIInfo
@ stdcall GetFileMUIPath(long wstr wstr ptr ptr ptr ptr) kernel32.GetFileMUIPath
@ stdcall GetFileSecurityW(wstr long ptr long ptr) advapi32.GetFileSecurityW
@ stdcall GetFileSecurityW(wstr long ptr long ptr)
@ stdcall GetFileSize(long ptr) kernel32.GetFileSize
@ stdcall GetFileSizeEx(long ptr) kernel32.GetFileSizeEx
@ stdcall GetFileTime(long ptr ptr ptr) kernel32.GetFileTime
@ -535,7 +535,7 @@
# @ stub GetHivePath
# @ stub GetIntegratedDisplaySize
# @ stub GetIsEdpEnabled
@ stdcall GetKernelObjectSecurity(long long ptr long ptr) advapi32.GetKernelObjectSecurity
@ stdcall GetKernelObjectSecurity(long long ptr long ptr)
@ stdcall GetLargePageMinimum() kernel32.GetLargePageMinimum
@ stdcall GetLargestConsoleWindowSize(long) kernel32.GetLargestConsoleWindowSize
@ stdcall GetLastError() kernel32.GetLastError
@ -618,7 +618,7 @@
@ stdcall GetPhysicallyInstalledSystemMemory(ptr) kernel32.GetPhysicallyInstalledSystemMemory
# @ stub GetPreviousFgPolicyRefreshInfoInternal
@ stdcall GetPriorityClass(long) kernel32.GetPriorityClass
@ stdcall GetPrivateObjectSecurity(ptr long ptr long ptr) advapi32.GetPrivateObjectSecurity
@ stdcall GetPrivateObjectSecurity(ptr long ptr long ptr)
@ stdcall GetProcAddress(long str) kernel32.GetProcAddress
# @ stub GetProcAddressForCaller
# @ stub GetProcessDefaultCpuSets
@ -649,13 +649,13 @@
@ stdcall GetQueuedCompletionStatusEx(ptr ptr long ptr long long) kernel32.GetQueuedCompletionStatusEx
# @ stub GetRegistryExtensionFlags
# @ stub GetRoamingLastObservedChangeTime
@ stdcall GetSecurityDescriptorControl(ptr ptr ptr) advapi32.GetSecurityDescriptorControl
@ stdcall GetSecurityDescriptorDacl(ptr ptr ptr ptr) advapi32.GetSecurityDescriptorDacl
@ stdcall GetSecurityDescriptorGroup(ptr ptr ptr) advapi32.GetSecurityDescriptorGroup
@ stdcall GetSecurityDescriptorLength(ptr) advapi32.GetSecurityDescriptorLength
@ stdcall GetSecurityDescriptorOwner(ptr ptr ptr) advapi32.GetSecurityDescriptorOwner
@ stdcall GetSecurityDescriptorControl(ptr ptr ptr)
@ stdcall GetSecurityDescriptorDacl(ptr ptr ptr ptr)
@ stdcall GetSecurityDescriptorGroup(ptr ptr ptr)
@ stdcall GetSecurityDescriptorLength(ptr)
@ stdcall GetSecurityDescriptorOwner(ptr ptr ptr)
@ stub GetSecurityDescriptorRMControl
@ stdcall GetSecurityDescriptorSacl(ptr ptr ptr ptr) advapi32.GetSecurityDescriptorSacl
@ stdcall GetSecurityDescriptorSacl(ptr ptr ptr ptr)
# @ stub GetSerializedAtomBytes
# @ stub GetSharedLocalFolder
@ stdcall GetShortPathNameW(wstr ptr long) kernel32.GetShortPathNameW
@ -809,7 +809,7 @@
# @ stub InitializeProcessForWsWatch
@ stdcall InitializeSListHead(ptr) kernel32.InitializeSListHead
@ stdcall InitializeSRWLock(ptr) kernel32.InitializeSRWLock
@ stdcall InitializeSecurityDescriptor(ptr long) advapi32.InitializeSecurityDescriptor
@ stdcall InitializeSecurityDescriptor(ptr long)
@ stdcall InitializeSid(ptr ptr long)
# @ stub InitializeSynchronizationBarrier
# @ stub InstallELAMCertificateInfo
@ -881,7 +881,7 @@
@ stdcall IsValidLocaleName(wstr) kernel32.IsValidLocaleName
# @ stub IsValidNLSVersion
@ stub IsValidRelativeSecurityDescriptor
@ stdcall IsValidSecurityDescriptor(ptr) advapi32.IsValidSecurityDescriptor
@ stdcall IsValidSecurityDescriptor(ptr)
@ stdcall IsValidSid(ptr)
@ stdcall IsWellKnownSid(ptr long)
@ stdcall IsWow64Process(ptr ptr) kernel32.IsWow64Process
@ -944,9 +944,9 @@
@ stdcall LockFile(long long long long long) kernel32.LockFile
@ stdcall LockFileEx(long long long long long ptr) kernel32.LockFileEx
@ stdcall LockResource(long) kernel32.LockResource
@ stdcall MakeAbsoluteSD(ptr ptr ptr ptr ptr ptr ptr ptr ptr ptr ptr) advapi32.MakeAbsoluteSD
@ stdcall MakeAbsoluteSD(ptr ptr ptr ptr ptr ptr ptr ptr ptr ptr ptr)
@ stub MakeAbsoluteSD2
@ stdcall MakeSelfRelativeSD(ptr ptr ptr) advapi32.MakeSelfRelativeSD
@ stdcall MakeSelfRelativeSD(ptr ptr ptr)
@ stdcall MapGenericMask(ptr ptr) advapi32.MapGenericMask
# @ stub MapPredefinedHandleInternal
@ stdcall MapUserPhysicalPages(ptr long ptr) kernel32.MapUserPhysicalPages
@ -1437,21 +1437,21 @@
# @ stub SetFileIoOverlappedRange
@ stdcall SetFilePointer(long long ptr long) kernel32.SetFilePointer
@ stdcall SetFilePointerEx(long int64 ptr long) kernel32.SetFilePointerEx
@ stdcall SetFileSecurityW(wstr long ptr) advapi32.SetFileSecurityW
@ stdcall SetFileSecurityW(wstr long ptr)
@ stdcall SetFileTime(long ptr ptr ptr) kernel32.SetFileTime
@ stdcall SetFileValidData(ptr int64) kernel32.SetFileValidData
@ stdcall SetHandleCount(long) kernel32.SetHandleCount
@ stdcall SetHandleInformation(long long long) kernel32.SetHandleInformation
# @ stub SetIsDeveloperModeEnabled
# @ stub SetIsSideloadingEnabled
@ stdcall SetKernelObjectSecurity(long long ptr) advapi32.SetKernelObjectSecurity
@ stdcall SetKernelObjectSecurity(long long ptr)
@ stub SetLastConsoleEventActive
@ stdcall SetLastError(long) kernel32.SetLastError
@ stdcall SetLocalTime(ptr) kernel32.SetLocalTime
@ stdcall SetLocaleInfoW(long long wstr) kernel32.SetLocaleInfoW
@ stdcall SetNamedPipeHandleState(long ptr ptr ptr) kernel32.SetNamedPipeHandleState
@ stdcall SetPriorityClass(long long) kernel32.SetPriorityClass
@ stdcall SetPrivateObjectSecurity(long ptr ptr ptr long) advapi32.SetPrivateObjectSecurity
@ stdcall SetPrivateObjectSecurity(long ptr ptr ptr long)
@ stub SetPrivateObjectSecurityEx
@ stdcall SetProcessAffinityUpdateMode(long long) kernel32.SetProcessAffinityUpdateMode
# @ stub SetProcessDefaultCpuSets
@ -1466,12 +1466,12 @@
# @ stub SetProtectedPolicy
# @ stub SetRoamingLastObservedChangeTime
@ stub SetSecurityAccessMask
@ stdcall SetSecurityDescriptorControl(ptr long long) advapi32.SetSecurityDescriptorControl
@ stdcall SetSecurityDescriptorDacl(ptr long ptr long) advapi32.SetSecurityDescriptorDacl
@ stdcall SetSecurityDescriptorGroup(ptr ptr long) advapi32.SetSecurityDescriptorGroup
@ stdcall SetSecurityDescriptorOwner(ptr ptr long) advapi32.SetSecurityDescriptorOwner
@ stdcall SetSecurityDescriptorControl(ptr long long)
@ stdcall SetSecurityDescriptorDacl(ptr long ptr long)
@ stdcall SetSecurityDescriptorGroup(ptr ptr long)
@ stdcall SetSecurityDescriptorOwner(ptr ptr long)
@ stub SetSecurityDescriptorRMControl
@ stdcall SetSecurityDescriptorSacl(ptr long ptr long) advapi32.SetSecurityDescriptorSacl
@ stdcall SetSecurityDescriptorSacl(ptr long ptr long)
# @ stub SetStateVersion
@ stdcall SetStdHandle(long long) kernel32.SetStdHandle
@ stub SetStdHandleEx

View File

@ -138,6 +138,45 @@ static const WELLKNOWNRID WellKnownRids[] =
{ WinAccountRasAndIasServersSid, DOMAIN_ALIAS_RID_RAS_SERVERS },
};
static const SID world_sid = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } };
static const DWORD world_access_acl_size = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(world_sid) - sizeof(DWORD);
static void get_world_access_acl( PACL acl )
{
PACCESS_ALLOWED_ACE ace = (PACCESS_ALLOWED_ACE)(acl + 1);
acl->AclRevision = ACL_REVISION;
acl->Sbz1 = 0;
acl->AclSize = world_access_acl_size;
acl->AceCount = 1;
acl->Sbz2 = 0;
ace->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
ace->Header.AceFlags = CONTAINER_INHERIT_ACE;
ace->Header.AceSize = sizeof(ACCESS_ALLOWED_ACE) + sizeof(world_sid) - sizeof(DWORD);
ace->Mask = 0xf3ffffff; /* Everything except reserved bits */
memcpy( &ace->SidStart, &world_sid, sizeof(world_sid) );
}
static NTSTATUS open_file( LPCWSTR name, DWORD access, HANDLE *file )
{
UNICODE_STRING file_nameW;
OBJECT_ATTRIBUTES attr;
IO_STATUS_BLOCK io;
NTSTATUS status;
if ((status = RtlDosPathNameToNtPathName_U_WithStatus( name, &file_nameW, NULL, NULL ))) return status;
attr.Length = sizeof(attr);
attr.RootDirectory = 0;
attr.Attributes = OBJ_CASE_INSENSITIVE;
attr.ObjectName = &file_nameW;
attr.SecurityDescriptor = NULL;
status = NtCreateFile( file, access|SYNCHRONIZE, &attr, &io, NULL, FILE_FLAG_BACKUP_SEMANTICS,
FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN,
FILE_OPEN_FOR_BACKUP_INTENT, NULL, 0 );
RtlFreeUnicodeString( &file_nameW );
return status;
}
static const char *debugstr_sid( PSID sid )
{
@ -795,3 +834,365 @@ BOOL WINAPI SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS class, LP
return set_ntstatus( NtSetInformationToken( token, class, info, len ));
}
/******************************************************************************
* Security descriptor functions
******************************************************************************/
/******************************************************************************
* ConvertToAutoInheritPrivateObjectSecurity (kernelbase.@)
*/
BOOL WINAPI ConvertToAutoInheritPrivateObjectSecurity( PSECURITY_DESCRIPTOR parent,
PSECURITY_DESCRIPTOR current,
PSECURITY_DESCRIPTOR *descr,
GUID *type, BOOL is_dir,
PGENERIC_MAPPING mapping )
{
FIXME("%p %p %p %p %d %p - stub\n", parent, current, descr, type, is_dir, mapping );
return FALSE;
}
/******************************************************************************
* CreatePrivateObjectSecurity (kernelbase.@)
*/
BOOL WINAPI CreatePrivateObjectSecurity( PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator,
PSECURITY_DESCRIPTOR *descr, BOOL is_container, HANDLE token,
PGENERIC_MAPPING mapping )
{
return CreatePrivateObjectSecurityEx( parent, creator, descr, NULL, is_container, 0, token, mapping );
}
/******************************************************************************
* CreatePrivateObjectSecurityEx (kernelbase.@)
*/
BOOL WINAPI CreatePrivateObjectSecurityEx( PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator,
PSECURITY_DESCRIPTOR *descr, GUID *type, BOOL is_container,
ULONG flags, HANDLE token, PGENERIC_MAPPING mapping )
{
SECURITY_DESCRIPTOR_RELATIVE *relative;
DWORD needed, offset;
BYTE *buffer;
FIXME( "%p %p %p %p %d %u %p %p - returns fake SECURITY_DESCRIPTOR\n",
parent, creator, descr, type, is_container, flags, token, mapping );
needed = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
needed += sizeof(world_sid);
needed += sizeof(world_sid);
needed += world_access_acl_size;
needed += world_access_acl_size;
if (!(buffer = heap_alloc( needed ))) return FALSE;
relative = (SECURITY_DESCRIPTOR_RELATIVE *)buffer;
if (!InitializeSecurityDescriptor( relative, SECURITY_DESCRIPTOR_REVISION ))
{
heap_free( buffer );
return FALSE;
}
relative->Control |= SE_SELF_RELATIVE;
offset = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
memcpy( buffer + offset, &world_sid, sizeof(world_sid) );
relative->Owner = offset;
offset += sizeof(world_sid);
memcpy( buffer + offset, &world_sid, sizeof(world_sid) );
relative->Group = offset;
offset += sizeof(world_sid);
get_world_access_acl( (ACL *)(buffer + offset) );
relative->Dacl = offset;
offset += world_access_acl_size;
get_world_access_acl( (ACL *)(buffer + offset) );
relative->Sacl = offset;
*descr = relative;
return TRUE;
}
/******************************************************************************
* CreatePrivateObjectSecurityWithMultipleInheritance (kernelbase.@)
*/
BOOL WINAPI CreatePrivateObjectSecurityWithMultipleInheritance( PSECURITY_DESCRIPTOR parent,
PSECURITY_DESCRIPTOR creator,
PSECURITY_DESCRIPTOR *descr,
GUID **types, ULONG count,
BOOL is_container, ULONG flags,
HANDLE token, PGENERIC_MAPPING mapping )
{
FIXME(": semi-stub\n");
return CreatePrivateObjectSecurityEx( parent, creator, descr, NULL, is_container,
flags, token, mapping );
}
/******************************************************************************
* DestroyPrivateObjectSecurity (kernelbase.@)
*/
BOOL WINAPI DestroyPrivateObjectSecurity( PSECURITY_DESCRIPTOR *descr )
{
FIXME("%p - stub\n", descr);
heap_free( *descr );
return TRUE;
}
/******************************************************************************
* GetFileSecurityW (kernelbase.@)
*/
BOOL WINAPI GetFileSecurityW( LPCWSTR name, SECURITY_INFORMATION info,
PSECURITY_DESCRIPTOR descr, DWORD len, LPDWORD ret_len )
{
HANDLE file;
NTSTATUS status;
DWORD access = 0;
TRACE( "(%s,%d,%p,%d,%p)\n", debugstr_w(name), info, descr, len, ret_len );
if (info & (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION))
access |= READ_CONTROL;
if (info & SACL_SECURITY_INFORMATION)
access |= ACCESS_SYSTEM_SECURITY;
if (!(status = open_file( name, access, &file )))
{
status = NtQuerySecurityObject( file, info, descr, len, ret_len );
NtClose( file );
}
return set_ntstatus( status );
}
/******************************************************************************
* GetKernelObjectSecurity (kernelbase.@)
*/
BOOL WINAPI GetKernelObjectSecurity( HANDLE handle, SECURITY_INFORMATION info,
PSECURITY_DESCRIPTOR descr, DWORD len, LPDWORD ret_len )
{
return set_ntstatus( NtQuerySecurityObject( handle, info, descr, len, ret_len ));
}
/******************************************************************************
* GetPrivateObjectSecurity (kernelbase.@)
*/
BOOL WINAPI GetPrivateObjectSecurity( PSECURITY_DESCRIPTOR obj_descr, SECURITY_INFORMATION info,
PSECURITY_DESCRIPTOR ret_descr, DWORD len, PDWORD ret_len )
{
SECURITY_DESCRIPTOR desc;
BOOL defaulted, present;
PACL pacl;
PSID psid;
TRACE("(%p,0x%08x,%p,0x%08x,%p)\n", obj_descr, info, ret_descr, len, ret_len );
if (!InitializeSecurityDescriptor(&desc, SECURITY_DESCRIPTOR_REVISION)) return FALSE;
if (info & OWNER_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorOwner(obj_descr, &psid, &defaulted)) return FALSE;
SetSecurityDescriptorOwner(&desc, psid, defaulted);
}
if (info & GROUP_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorGroup(obj_descr, &psid, &defaulted)) return FALSE;
SetSecurityDescriptorGroup(&desc, psid, defaulted);
}
if (info & DACL_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorDacl(obj_descr, &present, &pacl, &defaulted)) return FALSE;
SetSecurityDescriptorDacl(&desc, present, pacl, defaulted);
}
if (info & SACL_SECURITY_INFORMATION)
{
if (!GetSecurityDescriptorSacl(obj_descr, &present, &pacl, &defaulted)) return FALSE;
SetSecurityDescriptorSacl(&desc, present, pacl, defaulted);
}
*ret_len = len;
return MakeSelfRelativeSD(&desc, ret_descr, ret_len);
}
/******************************************************************************
* GetSecurityDescriptorControl (kernelbase.@)
*/
BOOL WINAPI GetSecurityDescriptorControl( PSECURITY_DESCRIPTOR descr, PSECURITY_DESCRIPTOR_CONTROL control,
LPDWORD revision)
{
return set_ntstatus( RtlGetControlSecurityDescriptor( descr, control, revision ));
}
/******************************************************************************
* GetSecurityDescriptorDacl (kernelbase.@)
*/
BOOL WINAPI GetSecurityDescriptorDacl( PSECURITY_DESCRIPTOR descr, LPBOOL dacl_present, PACL *dacl,
LPBOOL dacl_defaulted )
{
BOOLEAN present, defaulted;
BOOL ret = set_ntstatus( RtlGetDaclSecurityDescriptor( descr, &present, dacl, &defaulted ));
*dacl_present = present;
*dacl_defaulted = defaulted;
return ret;
}
/******************************************************************************
* GetSecurityDescriptorGroup (kernelbase.@)
*/
BOOL WINAPI GetSecurityDescriptorGroup( PSECURITY_DESCRIPTOR descr, PSID *group, LPBOOL group_defaulted )
{
BOOLEAN defaulted;
BOOL ret = set_ntstatus( RtlGetGroupSecurityDescriptor( descr, group, &defaulted ));
*group_defaulted = defaulted;
return ret;
}
/******************************************************************************
* GetSecurityDescriptorLength (kernelbase.@)
*/
DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR descr )
{
return RtlLengthSecurityDescriptor( descr );
}
/******************************************************************************
* GetSecurityDescriptorOwner (kernelbase.@)
*/
BOOL WINAPI GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR descr, PSID *owner, LPBOOL owner_defaulted )
{
BOOLEAN defaulted;
BOOL ret = set_ntstatus( RtlGetOwnerSecurityDescriptor( descr, owner, &defaulted ));
*owner_defaulted = defaulted;
return ret;
}
/******************************************************************************
* GetSecurityDescriptorSacl (kernelbase.@)
*/
BOOL WINAPI GetSecurityDescriptorSacl( PSECURITY_DESCRIPTOR descr, LPBOOL sacl_present, PACL *sacl,
LPBOOL sacl_defaulted )
{
BOOLEAN present, defaulted;
BOOL ret = set_ntstatus( RtlGetSaclSecurityDescriptor( descr, &present, sacl, &defaulted ));
*sacl_present = present;
*sacl_defaulted = defaulted;
return ret;
}
/******************************************************************************
* InitializeSecurityDescriptor (kernelbase.@)
*/
BOOL WINAPI InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR descr, DWORD revision )
{
return set_ntstatus( RtlCreateSecurityDescriptor( descr, revision ));
}
/******************************************************************************
* IsValidSecurityDescriptor (kernelbase.@)
*/
BOOL WINAPI IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR descr )
{
return set_ntstatus( RtlValidSecurityDescriptor( descr ));
}
/******************************************************************************
* MakeAbsoluteSD (kernelbase.@)
*/
BOOL WINAPI MakeAbsoluteSD ( PSECURITY_DESCRIPTOR rel_descr, PSECURITY_DESCRIPTOR abs_descr,
LPDWORD abs_size, PACL dacl, LPDWORD dacl_size, PACL sacl, LPDWORD sacl_size,
PSID owner, LPDWORD owner_size, PSID group, LPDWORD group_size )
{
return set_ntstatus( RtlSelfRelativeToAbsoluteSD( rel_descr, abs_descr, abs_size,
dacl, dacl_size, sacl, sacl_size,
owner, owner_size, group, group_size ));
}
/******************************************************************************
* MakeSelfRelativeSD (kernelbase.@)
*/
BOOL WINAPI MakeSelfRelativeSD( PSECURITY_DESCRIPTOR abs_descr, PSECURITY_DESCRIPTOR rel_descr,
LPDWORD len )
{
return set_ntstatus( RtlMakeSelfRelativeSD( abs_descr, rel_descr, len ));
}
/******************************************************************************
* SetFileSecurityW (kernelbase.@)
*/
BOOL WINAPI SetFileSecurityW( LPCWSTR name, SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr )
{
HANDLE file;
DWORD access = 0;
NTSTATUS status;
TRACE( "(%s, 0x%x, %p)\n", debugstr_w(name), info, descr );
if (info & (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION)) access |= WRITE_OWNER;
if (info & SACL_SECURITY_INFORMATION) access |= ACCESS_SYSTEM_SECURITY;
if (info & DACL_SECURITY_INFORMATION) access |= WRITE_DAC;
if (!(status = open_file( name, access, &file )))
{
status = NtSetSecurityObject( file, info, descr );
NtClose( file );
}
return set_ntstatus( status );
}
/*************************************************************************
* SetKernelObjectSecurity (kernelbase.@)
*/
BOOL WINAPI SetKernelObjectSecurity( HANDLE handle, SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr )
{
return set_ntstatus( NtSetSecurityObject( handle, info, descr ));
}
/*************************************************************************
* SetPrivateObjectSecurity (kernelbase.@)
*/
BOOL WINAPI SetPrivateObjectSecurity( SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr,
PSECURITY_DESCRIPTOR *obj_descr, PGENERIC_MAPPING mapping,
HANDLE token )
{
FIXME( "0x%08x %p %p %p %p - stub\n", info, descr, obj_descr, mapping, token );
return TRUE;
}
/******************************************************************************
* SetSecurityDescriptorControl (kernelbase.@)
*/
BOOL WINAPI SetSecurityDescriptorControl( PSECURITY_DESCRIPTOR descr, SECURITY_DESCRIPTOR_CONTROL mask,
SECURITY_DESCRIPTOR_CONTROL set )
{
return set_ntstatus( RtlSetControlSecurityDescriptor( descr, mask, set ));
}
/******************************************************************************
* SetSecurityDescriptorDacl (kernelbase.@)
*/
BOOL WINAPI SetSecurityDescriptorDacl( PSECURITY_DESCRIPTOR descr, BOOL present, PACL dacl, BOOL defaulted )
{
return set_ntstatus( RtlSetDaclSecurityDescriptor( descr, present, dacl, defaulted ));
}
/******************************************************************************
* SetSecurityDescriptorGroup (kernelbase.@)
*/
BOOL WINAPI SetSecurityDescriptorGroup( PSECURITY_DESCRIPTOR descr, PSID group, BOOL defaulted )
{
return set_ntstatus( RtlSetGroupSecurityDescriptor( descr, group, defaulted ));
}
/******************************************************************************
* SetSecurityDescriptorOwner (kernelbase.@)
*/
BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR descr, PSID owner, BOOL defaulted )
{
return set_ntstatus( RtlSetOwnerSecurityDescriptor( descr, owner, defaulted ));
}
/**************************************************************************
* SetSecurityDescriptorSacl (kernelbase.@)
*/
BOOL WINAPI SetSecurityDescriptorSacl ( PSECURITY_DESCRIPTOR descr, BOOL present, PACL sacl, BOOL defaulted )
{
return set_ntstatus( RtlSetSaclSecurityDescriptor( descr, present, sacl, defaulted ));
}