advapi32: Implement GetPrivateObjectSecurity (with test).
This commit is contained in:
Mikolaj Zalewski
Alexandre Julliard
parent
0590dc9b5c
commit
8fd1cf0f56
@ -1123,11 +1123,51 @@ BOOL WINAPI GetPrivateObjectSecurity(
|
|||||||
DWORD DescriptorLength,
|
DWORD DescriptorLength,
|
||||||
PDWORD ReturnLength )
|
PDWORD ReturnLength )
|
||||||
{
|
{
|
||||||
|
SECURITY_DESCRIPTOR desc;
|
||||||
|
BOOL defaulted, present;
|
||||||
|
PACL pacl;
|
||||||
|
PSID psid;
|
||||||
|
|
||||||
TRACE("(%p,0x%08x,%p,0x%08x,%p)\n", ObjectDescriptor, SecurityInformation,
|
TRACE("(%p,0x%08x,%p,0x%08x,%p)\n", ObjectDescriptor, SecurityInformation,
|
||||||
ResultantDescriptor, DescriptorLength, ReturnLength);
|
ResultantDescriptor, DescriptorLength, ReturnLength);
|
||||||
|
|
||||||
return set_ntstatus( NtQuerySecurityObject(ObjectDescriptor, SecurityInformation,
|
if (!InitializeSecurityDescriptor(&desc, SECURITY_DESCRIPTOR_REVISION))
|
||||||
ResultantDescriptor, DescriptorLength, ReturnLength ));
|
return FALSE;
|
||||||
|
|
||||||
|
if (SecurityInformation & OWNER_SECURITY_INFORMATION)
|
||||||
|
{
|
||||||
|
if (!GetSecurityDescriptorOwner(ObjectDescriptor, &psid, &defaulted))
|
||||||
|
return FALSE;
|
||||||
|
SetSecurityDescriptorOwner(&desc, psid, defaulted);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (SecurityInformation & GROUP_SECURITY_INFORMATION)
|
||||||
|
{
|
||||||
|
if (!GetSecurityDescriptorGroup(ObjectDescriptor, &psid, &defaulted))
|
||||||
|
return FALSE;
|
||||||
|
SetSecurityDescriptorGroup(&desc, psid, defaulted);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (SecurityInformation & DACL_SECURITY_INFORMATION)
|
||||||
|
{
|
||||||
|
if (!GetSecurityDescriptorDacl(ObjectDescriptor, &present, &pacl, &defaulted))
|
||||||
|
return FALSE;
|
||||||
|
SetSecurityDescriptorDacl(&desc, present, pacl, defaulted);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (SecurityInformation & SACL_SECURITY_INFORMATION)
|
||||||
|
{
|
||||||
|
if (!GetSecurityDescriptorSacl(ObjectDescriptor, &present, &pacl, &defaulted))
|
||||||
|
return FALSE;
|
||||||
|
SetSecurityDescriptorSacl(&desc, present, pacl, defaulted);
|
||||||
|
}
|
||||||
|
|
||||||
|
*ReturnLength = DescriptorLength;
|
||||||
|
if (!MakeSelfRelativeSD(&desc, ResultantDescriptor, ReturnLength))
|
||||||
|
return FALSE;
|
||||||
|
GetSecurityDescriptorOwner(ResultantDescriptor, &psid, &defaulted);
|
||||||
|
FIXME("%p, sid=%p\n", &desc, psid);
|
||||||
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
/******************************************************************************
|
/******************************************************************************
|
||||||
|
|||||||
@ -2044,11 +2044,65 @@ static void test_ConvertSecurityDescriptorToString()
|
|||||||
AddAuditAccessAceEx(pacl, ACL_REVISION, NO_PROPAGATE_INHERIT_ACE, FILE_GENERIC_READ|FILE_GENERIC_WRITE, psid2, TRUE, FALSE);
|
AddAuditAccessAceEx(pacl, ACL_REVISION, NO_PROPAGATE_INHERIT_ACE, FILE_GENERIC_READ|FILE_GENERIC_WRITE, psid2, TRUE, FALSE);
|
||||||
ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(&desc, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed\n");
|
ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(&desc, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed\n");
|
||||||
CHECK_RESULT_AND_FREE("O:SYG:S-1-5-21-93476-23408-4576D:S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)");
|
CHECK_RESULT_AND_FREE("O:SYG:S-1-5-21-93476-23408-4576D:S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)");
|
||||||
|
|
||||||
|
|
||||||
#undef CHECK_RESULT_AND_FREE
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void test_PrivateObjectSecurity(void)
|
||||||
|
{
|
||||||
|
SECURITY_INFORMATION sec_info = OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION|SACL_SECURITY_INFORMATION;
|
||||||
|
SECURITY_DESCRIPTOR_CONTROL ctrl;
|
||||||
|
PSECURITY_DESCRIPTOR sec;
|
||||||
|
DWORD dwDescSize;
|
||||||
|
DWORD dwRevision;
|
||||||
|
DWORD retSize;
|
||||||
|
LPSTR string;
|
||||||
|
ULONG len;
|
||||||
|
PSECURITY_DESCRIPTOR buf;
|
||||||
|
|
||||||
|
ok(ConvertStringSecurityDescriptorToSecurityDescriptorA(
|
||||||
|
"O:SY"
|
||||||
|
"G:S-1-5-21-93476-23408-4576"
|
||||||
|
"D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)"
|
||||||
|
"S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)", SDDL_REVISION_1, &sec, &dwDescSize), "Creating descriptor failed\n");
|
||||||
|
buf = HeapAlloc(GetProcessHeap(), 0, dwDescSize);
|
||||||
|
SetSecurityDescriptorControl(sec, SE_DACL_PROTECTED, SE_DACL_PROTECTED);
|
||||||
|
GetSecurityDescriptorControl(sec, &ctrl, &dwRevision);
|
||||||
|
todo_wine expect_eq(ctrl, 0x9014, int, "%x");
|
||||||
|
|
||||||
|
ok(GetPrivateObjectSecurity(sec, GROUP_SECURITY_INFORMATION, buf, dwDescSize, &retSize),
|
||||||
|
"GetPrivateObjectSecurity failed (err=%u)\n", GetLastError());
|
||||||
|
ok(retSize <= dwDescSize, "Buffer too small (%d vs %d)\n", retSize, dwDescSize);
|
||||||
|
ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(buf, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed\n");
|
||||||
|
CHECK_RESULT_AND_FREE("G:S-1-5-21-93476-23408-4576");
|
||||||
|
GetSecurityDescriptorControl(buf, &ctrl, &dwRevision);
|
||||||
|
expect_eq(ctrl, 0x8000, int, "%x");
|
||||||
|
|
||||||
|
ok(GetPrivateObjectSecurity(sec, GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION, buf, dwDescSize, &retSize),
|
||||||
|
"GetPrivateObjectSecurity failed (err=%u)\n", GetLastError());
|
||||||
|
ok(retSize <= dwDescSize, "Buffer too small (%d vs %d)\n", retSize, dwDescSize);
|
||||||
|
ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(buf, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed err=%u\n", GetLastError());
|
||||||
|
CHECK_RESULT_AND_FREE("G:S-1-5-21-93476-23408-4576D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)");
|
||||||
|
GetSecurityDescriptorControl(buf, &ctrl, &dwRevision);
|
||||||
|
expect_eq(ctrl, 0x8004, int, "%x");
|
||||||
|
|
||||||
|
ok(GetPrivateObjectSecurity(sec, sec_info, buf, dwDescSize, &retSize),
|
||||||
|
"GetPrivateObjectSecurity failed (err=%u)\n", GetLastError());
|
||||||
|
ok(retSize == dwDescSize, "Buffer too small (%d vs %d)\n", retSize, dwDescSize);
|
||||||
|
ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(buf, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed\n");
|
||||||
|
CHECK_RESULT_AND_FREE("O:SY"
|
||||||
|
"G:S-1-5-21-93476-23408-4576"
|
||||||
|
"D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)"
|
||||||
|
"S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)");
|
||||||
|
GetSecurityDescriptorControl(buf, &ctrl, &dwRevision);
|
||||||
|
expect_eq(ctrl, 0x8014, int, "%x");
|
||||||
|
|
||||||
|
SetLastError(0xdeadbeef);
|
||||||
|
ok(GetPrivateObjectSecurity(sec, sec_info, buf, 5, &retSize) == FALSE, "GetPrivateObjectSecurity should have failed\n");
|
||||||
|
ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER, "Expected error ERROR_INSUFFICIENT_BUFFER, got %u\n", GetLastError());
|
||||||
|
|
||||||
|
LocalFree(sec);
|
||||||
|
}
|
||||||
|
#undef CHECK_RESULT_AND_FREE
|
||||||
|
|
||||||
START_TEST(security)
|
START_TEST(security)
|
||||||
{
|
{
|
||||||
init();
|
init();
|
||||||
@ -2074,4 +2128,5 @@ START_TEST(security)
|
|||||||
test_GetNamedSecurityInfoA();
|
test_GetNamedSecurityInfoA();
|
||||||
test_ConvertStringSecurityDescriptor();
|
test_ConvertStringSecurityDescriptor();
|
||||||
test_ConvertSecurityDescriptorToString();
|
test_ConvertSecurityDescriptorToString();
|
||||||
|
test_PrivateObjectSecurity();
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user