23ffd0a798
advapi32: Don't revoke ACCESS_DENIED_ACE.
...
REVOKE_ACCESS is only documented to remove ACCESS_ALLOWED_ACE and
SYSTEM_AUDIT_ACE.
Signed-off-by: Adam Gashlin <agashlin@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-03-15 22:23:02 +01:00
187423060f
advapi32/tests: Fix the spelling of a couple of ok() messages.
...
Signed-off-by: Francois Gouget <fgouget@free.fr>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-03-02 20:41:50 +01:00
3c677c3f08
ntdll: Implement NtQueryInformationToken(TokenElevation).
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-17 21:42:01 +01:00
ec9244f056
ntdll: Implement NtQueryInformationToken(TokenLinkedToken).
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-17 21:41:59 +01:00
133e061244
advapi32/tests: Add some tests for token elevation.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-17 16:27:58 +01:00
16955db2aa
advapi32/tests: Add a few tests for GetKernelObjectSecurity() parameter validation.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-17 16:27:58 +01:00
d6fed9c360
advapi32/tests: Skip test_token_label() if AddMandatoryAce() is not present.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-16 08:53:36 +01:00
f6a723f121
advapi32/tests: Explicitly test the ACL contents in test_AddMandatoryAce().
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-16 08:53:31 +01:00
50cf8ee9c0
advapi32/tests: Rename test_acls() to test_InitializeAcl().
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-16 08:53:24 +01:00
b250831adc
advapi32/tests: Get rid of the test_luid() helper.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-16 08:53:19 +01:00
0c0a7b7be7
advapi32/tests: Rename test_sid() to test_ConvertStringSidToSid().
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-16 08:53:13 +01:00
be98f67f10
ntdll: Check the output buffer length in NtAccessCheck().
...
Based on a patch by Qian Hong.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-08 11:09:25 +01:00
d14cf677b5
ntdll: Do not touch the privilege output buffers if access_check fails.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-08 11:09:23 +01:00
bdc10c65ca
ntdll: Always return at least sizeof(PRIVILEGE_SET) in NtAccessCheck().
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-08 11:09:21 +01:00
f9d2db9345
advapi32/tests: Add a couple tests for DuplicateTokenEx() access flags.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-08 11:07:33 +01:00
d6ef9401b3
server: Use the object type information to implement access mapping.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-05 22:53:46 +01:00
e030234354
advapi32: Support GetSecurityInfo() with special root HKEY constants.
...
This fixes a message box with the ASCOM Platform installer.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-05 15:38:22 +01:00
e9ea436052
advapi32/tests: Add some tests for querying the security of pseudo-handles.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-02-05 15:38:22 +01:00
42c03ef03f
advapi32/tests: Initialize luid in test_CreateRestrictedToken.
...
Signed-off-by: Gerald Pfeifer <gerald@pfeifer.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-11-25 21:39:19 +01:00
fa1b0fcf6c
server: Check duplicated handle access against the calling thread token and target process token.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-24 15:22:36 +02:00
d0bea3d702
server: Implement support for creating a process with a specified token.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-24 15:21:43 +02:00
d694928ec2
advapi32/tests: Add basic tests for CreateProcessAsUser().
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-24 15:18:29 +02:00
6946d78ed9
kernelbase: Implement CreateRestrictedToken().
...
Based on a patch by Michael Müller.
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-23 15:58:45 +02:00
67f7d6872b
advapi32/tests: Add more tests for CreateRestrictedToken().
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-23 15:46:48 +02:00
965ebac6c1
advapi32/tests: Test which tokens DuplicateHandle() validates access against.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-09-23 15:46:46 +02:00
7ad5e1bc8a
kernelbase: Preserve last error when GetEnvironmentVariableA succeeds.
...
Avoid clobbering last error with NO_ERROR when GetEnvironmentVariableA
succeeds, matching the behavior of GetEnvironmentVariableW and
Windows.
Instead of naively saving and restoring the last error, call
RtlQueryEnvironmentVariable_U directly to avoid unnecessarily setting
it in the first place.
Signed-off-by: Vladimir Panteleev <git@vladimir.panteleev.md>
Signed-off-by: Gijs Vermeulen <gijsvrm@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-05-15 14:08:51 +02:00
a909baeb4e
tests: Report all errors when failing to wait for a child process.
...
Report the line number where the test failed to wait for the child so
one can identify which child process did not behave as expected.
Also wait_child_process() is meant for the general case so report
all non-crash error cases as test failures so they are accounted for.
Omit the "winetest_" prefix to match the other Wine test functions and
so the underlying winetest_wait_child_process() function can be wrapped
with the usual line-capturing macros.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=48651
Signed-off-by: Francois Gouget <fgouget@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-03-17 10:51:44 +01:00
efb5050894
advapi32/tests: Simplify the name of the test unit for child processes.
...
The official name (shown by --list) has no path nor extension.
Signed-off-by: Francois Gouget <fgouget@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-02-21 00:55:44 +01:00
0024d18430
advapi32: Fix the name and use of DOMAIN_GROUP_RID_USERS.
...
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-02-02 18:48:23 +01:00
a7e1e4f72e
advapi32/tests: Use CreateWellKnownSid() directly.
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-01-10 18:41:06 +01:00
10646ddb91
advapi32/tests: Remove some workarounds for older versions.
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-01-09 09:25:01 +01:00
2114a4dd9b
advapi32/tests: Don't test function directly when reporting GetLastError().
...
Found with Coccinelle.
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-01-06 19:36:32 +01:00
4429b9f803
advapi32/tests: Use debug.h functions.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-12-17 16:55:16 +01:00
fde235da03
kernelbase: Implement EqualDomainSid.
...
Signed-off-by: Dmitry Timoshkov <dmitry@baikal.ru>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-11-12 22:05:58 +01:00
70bb655155
advapi32/tests: Fix test_process_security with non-English locale.
...
Signed-off-by: Gijs Vermeulen <gijsvrm@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-10-17 21:04:45 +02:00
1058647e14
server: Create primary group using DOMAIN_GROUP_RID_USERS.
...
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-05-01 11:15:29 +02:00
a7b8e84567
advapi32/tests: Add additional tests for NtAccessCheck.
...
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-04-26 21:36:25 +02:00
48821e2b16
advapi32/tests: Test prefix and use of TokenPrimaryGroup Sid.
...
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-04-26 21:28:19 +02:00
5a79077250
server: Add default security descriptor DACL for processes.
...
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=15980
Signed-off-by: Erich E. Hoover <erich.e.hoover@gmail.com>
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-04-24 21:57:48 +02:00
e11e8705eb
server: Add default security descriptor ownership for processes.
...
Signed-off-by: Erich E. Hoover <erich.e.hoover@gmail.com>
Signed-off-by: Vijay Kiran Kamuju <infyquest@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-04-24 21:57:48 +02:00
2600ecd4ed
server: Use a separated object for each opened named pipe device file.
...
Allows using proper options for ioctl pseudo fd.
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-10-30 00:10:14 +01:00
afaada7e5f
advapi32: Add a name for WinBuiltinAnyPackageSid.
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-10-08 09:32:36 +02:00
7c0cd8c740
advapi32: Add WinCreatorOwnerRightsSid to wellknown list.
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-10-08 09:32:21 +02:00
7f30ad1e47
advapi32/tests: Test return SIDs for wellknown two-character names.
...
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-10-08 09:32:14 +02:00
ac7ae92af1
server: Allow specifying the security descriptor for a new process.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-09-20 14:50:48 +02:00
39afcaac4a
server: Create the initial thread as a separate request.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-09-20 14:50:48 +02:00
adede14dc2
advapi32/tests: Add additional tests for passing a thread sd to CreateProcess.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-09-18 21:07:17 +02:00
056c0039b2
advapi32/tests: Allow ERROR_ACCESS_DENIED for newer Win10.
...
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-09-17 18:33:48 +02:00
56885a1ca9
advapi32/tests: Allow ERROR_ACCESS_DENIED for newer Win10.
...
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-09-10 12:31:58 +02:00
58233b47e0
kernel32: Always create file with FILE_READ_ATTRIBUTES access in CreateFile.
...
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-08-21 23:02:28 +02:00
Adam Gashlin