Commit Graph

951 Commits

Author SHA1 Message Date
Esme Povirk 66a91fe683 sechost: Implement hexadecimal SID parsing.
Signed-off-by: Esme Povirk <esme@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-06-18 16:48:48 +02:00
Esme Povirk f3b4e1695f sechost: SID strings are case-insensitive.
Signed-off-by: Esme Povirk <esme@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-06-14 10:05:23 +02:00
Esme Povirk 9032eeecbe sechost: Reject string SIDs with too many characters.
Signed-off-by: Esme Povirk <esme@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-06-14 10:05:18 +02:00
Damjan Jovanovic 31e984a09d server: The owner of a securable object should have all the standard access rights.
Cygwin fork() fails in NtCreateSymbolicLinkObject(). We successfully
create the link but then fail to alloc_handle() with STATUS_ACCESS_DENIED,
because the requested access rights exceed what the owner is allowed.
Allow it more.

Thank you to Dmitry Timoshkov for debugging the security details from
alloc_handle() onwards.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=48891
Signed-off-by: Damjan Jovanovic <damjan.jov@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-06-08 22:28:44 +02:00
Andrew Eikum 08306780dd advapi32/tests: Avoid gcc 11 misleading-indentation warning.
dlls/advapi32/tests/cred.c:809:5: warning: this ‘else’ clause does not guard... [-Wmisleading-indentation]
    include/wine/test.h:116:32: note: ...this statement, but the latter is misleadingly indented as if it were guarded by the ‘else’

Signed-off-by: Andrew Eikum <aeikum@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-06-07 21:41:15 +02:00
Francois Gouget ec517d4f07 advapi32/tests: Time zones should have both MUI and regular strings.
However a few time zones were missing the MUI display name in some
Windows 1809 versions.

Signed-off-by: Francois Gouget <fgouget@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-05-17 18:49:10 +02:00
Francois Gouget 832b7f1e86 advapi32/tests: Trace failures to open the event log.
Signed-off-by: Francois Gouget <fgouget@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-05-17 17:42:14 +02:00
Francois Gouget 59588b66ce advapi32/tests: Trace GetLastError() when an event log API fails.
Signed-off-by: Francois Gouget <fgouget@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-05-17 17:42:14 +02:00
Zebediah Figura bb3d74c2e1 sechost: Allow hexadecimal and string rights flags to be interleaved.
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-05-12 10:43:07 +02:00
Giovanni Mascellani 4581f50819 advapi32/tests: Check that registry time zone records have a display name.
While the display name is not a member of TIME_ZONE_INFORMATION, it is
still available in the registry. In English it corresponds to the
comments preceding groups of time zones in Unicode CLDR's
windowsZones.xml.

Signed-off-by: Giovanni Mascellani <gmascellani@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-04-27 16:52:30 +02:00
Zebediah Figura a17cd35d6d server: Map a SD group to Unix group modes if the SD owner is present anywhere in the current user's token.
Instead of requiring the SD owner to match the token user.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=44691
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-04-22 21:12:57 +02:00
Zebediah Figura b3dc0c16a7 advapi32/tests: Add a test for setting the SD owner of a directory to a group.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-04-22 21:12:57 +02:00
Giovanni Mascellani 9bf5cb3fa5 advapi32/tests: Use wide character string literals in registry.c.
Signed-off-by: Giovanni Mascellani <gmascellani@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-04-07 22:36:11 +02:00
Adam Gashlin 23ffd0a798 advapi32: Don't revoke ACCESS_DENIED_ACE.
REVOKE_ACCESS is only documented to remove ACCESS_ALLOWED_ACE and
SYSTEM_AUDIT_ACE.

Signed-off-by: Adam Gashlin <agashlin@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-03-15 22:23:02 +01:00
Francois Gouget 187423060f advapi32/tests: Fix the spelling of a couple of ok() messages.
Signed-off-by: Francois Gouget <fgouget@free.fr>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-03-02 20:41:50 +01:00
Paul Gofman 992117ac98 advapi32: Handle exceptions from dereferencing invalid crypt objects' handles.
Fixes crash on start in "Re:ZERO -Starting Life in Another World- The
Prophecy of the Throne".

Signed-off-by: Paul Gofman <pgofman@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-23 22:30:31 +01:00
Paul Gofman 7d4eaa30a4 advapi32: Return ERROR_INVALID_PARAMETER for invalid crypt objects' handles.
Signed-off-by: Paul Gofman <pgofman@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-23 22:30:30 +01:00
Akihiro Sagawa 2f93be4bdd advapi32/tests: Add another key unloading test with NtUnloadKey.
Signed-off-by: Akihiro Sagawa <sagawa.aki@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-17 22:21:13 +01:00
Zebediah Figura 3c677c3f08 ntdll: Implement NtQueryInformationToken(TokenElevation).
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-17 21:42:01 +01:00
Zebediah Figura ec9244f056 ntdll: Implement NtQueryInformationToken(TokenLinkedToken).
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-17 21:41:59 +01:00
Zebediah Figura 133e061244 advapi32/tests: Add some tests for token elevation.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-17 16:27:58 +01:00
Zebediah Figura 16955db2aa advapi32/tests: Add a few tests for GetKernelObjectSecurity() parameter validation.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-17 16:27:58 +01:00
Zebediah Figura d6fed9c360 advapi32/tests: Skip test_token_label() if AddMandatoryAce() is not present.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-16 08:53:36 +01:00
Zebediah Figura f6a723f121 advapi32/tests: Explicitly test the ACL contents in test_AddMandatoryAce().
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-16 08:53:31 +01:00
Zebediah Figura 50cf8ee9c0 advapi32/tests: Rename test_acls() to test_InitializeAcl().
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-16 08:53:24 +01:00
Zebediah Figura b250831adc advapi32/tests: Get rid of the test_luid() helper.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-16 08:53:19 +01:00
Zebediah Figura 0c0a7b7be7 advapi32/tests: Rename test_sid() to test_ConvertStringSidToSid().
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-16 08:53:13 +01:00
Zebediah Figura be98f67f10 ntdll: Check the output buffer length in NtAccessCheck().
Based on a patch by Qian Hong.

Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-08 11:09:25 +01:00
Zebediah Figura d14cf677b5 ntdll: Do not touch the privilege output buffers if access_check fails.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-08 11:09:23 +01:00
Zebediah Figura bdc10c65ca ntdll: Always return at least sizeof(PRIVILEGE_SET) in NtAccessCheck().
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-08 11:09:21 +01:00
Zebediah Figura f9d2db9345 advapi32/tests: Add a couple tests for DuplicateTokenEx() access flags.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-08 11:07:33 +01:00
Alexandre Julliard d6ef9401b3 server: Use the object type information to implement access mapping.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-05 22:53:46 +01:00
Zebediah Figura e030234354 advapi32: Support GetSecurityInfo() with special root HKEY constants.
This fixes a message box with the ASCOM Platform installer.

Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-05 15:38:22 +01:00
Zebediah Figura e9ea436052 advapi32/tests: Add some tests for querying the security of pseudo-handles.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-05 15:38:22 +01:00
Francois Gouget 58ff2a0a88 advapi32/tests: Don't check the display name if not in an English locale.
Service display names are often translated.

Signed-off-by: Francois Gouget <fgouget@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-11-30 21:36:12 +01:00
Gerald Pfeifer 42c03ef03f advapi32/tests: Initialize luid in test_CreateRestrictedToken.
Signed-off-by: Gerald Pfeifer <gerald@pfeifer.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-11-25 21:39:19 +01:00
Dmitry Timoshkov b940c5e7c9 advapi32: Implement LsaGetUserName.
Signed-off-by: Dmitry Timoshkov <dmitry@baikal.ru>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-11-10 20:31:58 +01:00
Dmitry Timoshkov 65cab573ab advapi32/tests: Fix compilation with PSDK compiler.
Signed-off-by: Dmitry Timoshkov <dmitry@baikal.ru>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-11-10 20:31:55 +01:00
Dmitry Timoshkov de679af492 advapi32/tests: Add QueryServiceStatusEx test for the EventLog service.
Signed-off-by: Dmitry Timoshkov <dmitry@baikal.ru>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-10-15 20:59:05 +02:00
Dmitry Timoshkov 7e7e81f0c6 wevtsvc: Add EventLog service stub.
Signed-off-by: Dmitry Timoshkov <dmitry@baikal.ru>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-28 17:03:57 +02:00
Zebediah Figura fa1b0fcf6c server: Check duplicated handle access against the calling thread token and target process token.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-24 15:22:36 +02:00
Michael Müller d0bea3d702 server: Implement support for creating a process with a specified token.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-24 15:21:43 +02:00
Zebediah Figura d694928ec2 advapi32/tests: Add basic tests for CreateProcessAsUser().
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-24 15:18:29 +02:00
Zebediah Figura 6946d78ed9 kernelbase: Implement CreateRestrictedToken().
Based on a patch by Michael Müller.

Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-23 15:58:45 +02:00
Zebediah Figura 67f7d6872b advapi32/tests: Add more tests for CreateRestrictedToken().
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-23 15:46:48 +02:00
Zebediah Figura 965ebac6c1 advapi32/tests: Test which tokens DuplicateHandle() validates access against.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-23 15:46:46 +02:00
Vladimir Panteleev 7ad5e1bc8a kernelbase: Preserve last error when GetEnvironmentVariableA succeeds.
Avoid clobbering last error with NO_ERROR when GetEnvironmentVariableA
succeeds, matching the behavior of GetEnvironmentVariableW and
Windows.

Instead of naively saving and restoring the last error, call
RtlQueryEnvironmentVariable_U directly to avoid unnecessarily setting
it in the first place.

Signed-off-by: Vladimir Panteleev <git@vladimir.panteleev.md>
Signed-off-by: Gijs Vermeulen <gijsvrm@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-05-15 14:08:51 +02:00
Zebediah Figura d01f58a3f2 advapi32: Reimplement EnumServicesStatusW() on top of EnumServicesStatusExW().
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-04-28 11:21:47 +02:00
Serge Gautherie c7a12a851b advapi32/tests: Check RegGetValueA() RRF_SUBKEY_WOW64??KEY validation.
Signed-off-by: Serge Gautherie <winehq-git_serge_180711@gautherie.fr>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-03-27 21:16:13 +01:00
Jefferson Carpenter f070d040eb kernelbase: Zero out retkey in the ERROR_INVALID_HANDLE case in RegOpenKeyExW.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=48798
Signed-off-by: Jefferson Carpenter <jeffersoncarpenter2@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-03-27 21:16:12 +01:00