search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Release 20030408.
[wine/gsoc-2012-control.git] / dlls / advapi32 / security.c
blobbe32689fd9ff8aef5372c4151e2ce0ab5cf8265c
1 /*
2 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17 *
18 * FIXME: for all functions thunking down to Rtl* functions: implement SetLastError()
19 */
20
21 #include <string.h>
22
23 #include "windef.h"
24 #include "winerror.h"
25 #include "rpcnterr.h"
26 #include "winternl.h"
27 #include "ntsecapi.h"
28 #include "accctrl.h"
29
30 #include "wine/debug.h"
31 #include "wine/unicode.h"
32
33 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
34
35 #define CallWin32ToNt(func) \
36 { NTSTATUS ret; \
37 ret = (func); \
38 if (ret !=STATUS_SUCCESS) \
39 { SetLastError (RtlNtStatusToDosError(ret)); return FALSE; } \
40 return TRUE; \
41 }
42
43 static void dumpLsaAttributes( PLSA_OBJECT_ATTRIBUTES oa )
44 {
45 if (oa)
46 {
47 TRACE("\n\tlength=%lu, rootdir=%p, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
48 oa->Length, oa->RootDirectory,
49 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
50 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
51 }
52 }
53
54 /************************************************************
55 * ADVAPI_IsLocalComputer
56 *
57 * Checks whether the server name indicates local machine.
58 */
59 BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
60 {
61 if (!ServerName)
62 {
63 return TRUE;
64 }
65 else
66 {
67 DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
68 BOOL Result;
69 LPWSTR buf;
70
71 buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
72 Result = GetComputerNameW(buf, &dwSize);
73 if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
74 ServerName += 2;
75 Result = Result && !lstrcmpW(ServerName, buf);
76 HeapFree(GetProcessHeap(), 0, buf);
77
78 return Result;
79 }
80 }
81
82 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
83 if (!ADVAPI_IsLocalComputer(ServerName)) \
84 { \
85 FIXME("Action Implemented for local computer only. " \
86 "Requested for server %s\n", debugstr_w(ServerName)); \
87 return FailureCode; \
88 }
89
90 /* ##############################
91 ###### TOKEN FUNCTIONS ######
92 ##############################
93 */
94
95 /******************************************************************************
96 * OpenProcessToken [ADVAPI32.@]
97 * Opens the access token associated with a process handle.
98 *
99 * PARAMS
100 * ProcessHandle [I] Handle to process
101 * DesiredAccess [I] Desired access to process
102 * TokenHandle [O] Pointer to handle of open access token
103 *
104 * RETURNS
105 * Success: TRUE. TokenHandle contains the access token.
106 * Failure: FALSE.
107 *
108 * NOTES
109 * See NtOpenProcessToken.
110 */
111 BOOL WINAPI
112 OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
113 HANDLE *TokenHandle )
114 {
115 CallWin32ToNt(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
116 }
117
118 /******************************************************************************
119 * OpenThreadToken [ADVAPI32.@]
120 *
121 * Opens the access token associated with a thread handle.
122 *
123 * PARAMS
124 * ThreadHandle [I] Handle to process
125 * DesiredAccess [I] Desired access to the thread
126 * OpenAsSelf [I] ???
127 * TokenHandle [O] Destination for the token handle
128 *
129 * RETURNS
130 * Success: TRUE. TokenHandle contains the access token.
131 * Failure: FALSE.
132 *
133 * NOTES
134 * See NtOpenThreadToken.
135 */
136 BOOL WINAPI
137 OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
138 BOOL OpenAsSelf, HANDLE *TokenHandle)
139 {
140 CallWin32ToNt (NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
141 }
142
143 /******************************************************************************
144 * AdjustTokenPrivileges [ADVAPI32.@]
145 *
146 * Adjust the privileges of an open token handle.
147 *
148 * PARAMS
149 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
150 * DisableAllPrivileges [I] TRUE=Remove all privileges, FALSE=Use NewState
151 * NewState [I] Desired new privileges of the token
152 * BufferLength [I] Length of NewState
153 * PreviousState [O] Destination for the previous state
154 * ReturnLength [I/O] Size of PreviousState
155 *
156 *
157 * RETURNS
158 * Success: TRUE. Privileges are set to NewState and PreviousState is updated.
159 * Failure: FALSE.
160 *
161 * NOTES
162 * See NtAdjustPrivilegesToken.
163 */
164 BOOL WINAPI
165 AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
166 LPVOID NewState, DWORD BufferLength,
167 LPVOID PreviousState, LPDWORD ReturnLength )
168 {
169 CallWin32ToNt(NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges, NewState, BufferLength, PreviousState, ReturnLength));
170 }
171
172 /******************************************************************************
173 * CheckTokenMembership [ADVAPI32.@]
174 *
175 * Determine if an access token is a member of a SID.
176 *
177 * PARAMS
178 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
179 * SidToCheck [I] SID that possibly contains the token
180 * IsMember [O] Destination for result.
181 *
182 * RETURNS
183 * Success: TRUE. IsMember is TRUE if TokenHandle is a member, FALSE otherwise.
184 * Failure: FALSE.
185 */
186 BOOL WINAPI
187 CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
188 PBOOL IsMember )
189 {
190 FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
191
192 *IsMember = TRUE;
193 return(TRUE);
194 }
195
196 /******************************************************************************
197 * GetTokenInformation [ADVAPI32.@]
198 *
199 * PARAMS
200 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
201 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
202 * tokeninfo [O] Destination for token information
203 * tokeninfolength [I] Length of tokeninfo
204 * retlen [O] Destination for returned token information length
205 *
206 * RETURNS
207 * Success: TRUE. tokeninfo contains retlen bytes of token information
208 * Failure: FALSE.
209 *
210 * NOTES
211 * See NtQueryInformationToken.
212 */
213 BOOL WINAPI
214 GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
215 LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
216 {
217 TRACE("(%p, %s, %p, %ld, %p): \n",
218 token,
219 (tokeninfoclass == TokenUser) ? "TokenUser" :
220 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
221 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
222 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
223 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
224 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
225 (tokeninfoclass == TokenSource) ? "TokenSource" :
226 (tokeninfoclass == TokenType) ? "TokenType" :
227 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
228 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
229 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
230 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
231 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
232 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
233 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
234 "Unknown",
235 tokeninfo, tokeninfolength, retlen);
236 CallWin32ToNt (NtQueryInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength, retlen));
237 }
238
239 /******************************************************************************
240 * SetTokenInformation [ADVAPI32.@]
241 *
242 * Set information for an access token.
243 *
244 * PARAMS
245 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
246 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
247 * tokeninfo [I] Token information to set
248 * tokeninfolength [I] Length of tokeninfo
249 *
250 * RETURNS
251 * Success: TRUE. The information for the token is set to tokeninfo.
252 * Failure: FALSE.
253 */
254 BOOL WINAPI
255 SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
256 LPVOID tokeninfo, DWORD tokeninfolength )
257 {
258 FIXME("(%p, %s, %p, %ld): stub\n",
259 token,
260 (tokeninfoclass == TokenUser) ? "TokenUser" :
261 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
262 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
263 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
264 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
265 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
266 (tokeninfoclass == TokenSource) ? "TokenSource" :
267 (tokeninfoclass == TokenType) ? "TokenType" :
268 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
269 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
270 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
271 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
272 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
273 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
274 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
275 "Unknown",
276 tokeninfo, tokeninfolength);
277
278 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
279
280 return FALSE;
281 }
282
283 /*************************************************************************
284 * SetThreadToken [ADVAPI32.@]
285 *
286 * Assigns an 'impersonation token' to a thread so it can assume the
287 * security privledges of another thread or process. Can also remove
288 * a previously assigned token.
289 *
290 * PARAMS
291 * thread [O] Handle to thread to set the token for
292 * token [I] Token to set
293 *
294 * RETURNS
295 * Success: TRUE. The threads access token is set to token
296 * Failure: FALSE.
297 *
298 * NOTES
299 * Only supported on NT or higher. On Win9X this function does nothing.
300 * See SetTokenInformation.
301 */
302 BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
303 {
304 FIXME("(%p, %p): stub (NT impl. only)\n", thread, token);
305
306 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
307
308 return FALSE;
309 }
310
311 /* ##############################
312 ###### SID FUNCTIONS ######
313 ##############################
314 */
315
316 /******************************************************************************
317 * AllocateAndInitializeSid [ADVAPI32.@]
318 *
319 * PARAMS
320 * pIdentifierAuthority []
321 * nSubAuthorityCount []
322 * nSubAuthority0 []
323 * nSubAuthority1 []
324 * nSubAuthority2 []
325 * nSubAuthority3 []
326 * nSubAuthority4 []
327 * nSubAuthority5 []
328 * nSubAuthority6 []
329 * nSubAuthority7 []
330 * pSid []
331 */
332 BOOL WINAPI
333 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
334 BYTE nSubAuthorityCount,
335 DWORD nSubAuthority0, DWORD nSubAuthority1,
336 DWORD nSubAuthority2, DWORD nSubAuthority3,
337 DWORD nSubAuthority4, DWORD nSubAuthority5,
338 DWORD nSubAuthority6, DWORD nSubAuthority7,
339 PSID *pSid )
340 {
341 CallWin32ToNt (RtlAllocateAndInitializeSid(
342 pIdentifierAuthority, nSubAuthorityCount,
343 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
344 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
345 pSid ));
346 }
347
348 /******************************************************************************
349 * FreeSid [ADVAPI32.@]
350 *
351 * PARAMS
352 * pSid []
353 */
354 PVOID WINAPI
355 FreeSid( PSID pSid )
356 {
357 RtlFreeSid(pSid);
358 return NULL; /* is documented like this */
359 }
360
361 /******************************************************************************
362 * CopySid [ADVAPI32.@]
363 *
364 * PARAMS
365 * nDestinationSidLength []
366 * pDestinationSid []
367 * pSourceSid []
368 */
369 BOOL WINAPI
370 CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
371 {
372 return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
373 }
374
375 /******************************************************************************
376 * IsValidSid [ADVAPI32.@]
377 *
378 * PARAMS
379 * pSid []
380 */
381 BOOL WINAPI
382 IsValidSid( PSID pSid )
383 {
384 return RtlValidSid( pSid );
385 }
386
387 /******************************************************************************
388 * EqualSid [ADVAPI32.@]
389 *
390 * PARAMS
391 * pSid1 []
392 * pSid2 []
393 */
394 BOOL WINAPI
395 EqualSid( PSID pSid1, PSID pSid2 )
396 {
397 return RtlEqualSid( pSid1, pSid2 );
398 }
399
400 /******************************************************************************
401 * EqualPrefixSid [ADVAPI32.@]
402 */
403 BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
404 {
405 return RtlEqualPrefixSid(pSid1, pSid2);
406 }
407
408 /******************************************************************************
409 * GetSidLengthRequired [ADVAPI32.@]
410 *
411 * PARAMS
412 * nSubAuthorityCount []
413 */
414 DWORD WINAPI
415 GetSidLengthRequired( BYTE nSubAuthorityCount )
416 {
417 return RtlLengthRequiredSid(nSubAuthorityCount);
418 }
419
420 /******************************************************************************
421 * InitializeSid [ADVAPI32.@]
422 *
423 * PARAMS
424 * pIdentifierAuthority []
425 */
426 BOOL WINAPI
427 InitializeSid (
428 PSID pSid,
429 PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
430 BYTE nSubAuthorityCount)
431 {
432 return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
433 }
434
435 /******************************************************************************
436 * GetSidIdentifierAuthority [ADVAPI32.@]
437 *
438 * PARAMS
439 * pSid []
440 */
441 PSID_IDENTIFIER_AUTHORITY WINAPI
442 GetSidIdentifierAuthority( PSID pSid )
443 {
444 return RtlIdentifierAuthoritySid(pSid);
445 }
446
447 /******************************************************************************
448 * GetSidSubAuthority [ADVAPI32.@]
449 *
450 * PARAMS
451 * pSid []
452 * nSubAuthority []
453 */
454 PDWORD WINAPI
455 GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
456 {
457 return RtlSubAuthoritySid(pSid, nSubAuthority);
458 }
459
460 /******************************************************************************
461 * GetSidSubAuthorityCount [ADVAPI32.@]
462 *
463 * PARAMS
464 * pSid []
465 */
466 PUCHAR WINAPI
467 GetSidSubAuthorityCount (PSID pSid)
468 {
469 return RtlSubAuthorityCountSid(pSid);
470 }
471
472 /******************************************************************************
473 * GetLengthSid [ADVAPI32.@]
474 *
475 * PARAMS
476 * pSid []
477 */
478 DWORD WINAPI
479 GetLengthSid (PSID pSid)
480 {
481 return RtlLengthSid(pSid);
482 }
483
484 /* ##############################################
485 ###### SECURITY DESCRIPTOR FUNCTIONS ######
486 ##############################################
487 */
488
489 /******************************************************************************
490 * InitializeSecurityDescriptor [ADVAPI32.@]
491 *
492 * PARAMS
493 * pDescr []
494 * revision []
495 */
496 BOOL WINAPI
497 InitializeSecurityDescriptor( SECURITY_DESCRIPTOR *pDescr, DWORD revision )
498 {
499 CallWin32ToNt (RtlCreateSecurityDescriptor(pDescr, revision ));
500 }
501
502 /******************************************************************************
503 * GetSecurityDescriptorLength [ADVAPI32.@]
504 */
505 DWORD WINAPI GetSecurityDescriptorLength( SECURITY_DESCRIPTOR *pDescr)
506 {
507 return (RtlLengthSecurityDescriptor(pDescr));
508 }
509
510 /******************************************************************************
511 * GetSecurityDescriptorOwner [ADVAPI32.@]
512 *
513 * PARAMS
514 * pOwner []
515 * lpbOwnerDefaulted []
516 */
517 BOOL WINAPI
518 GetSecurityDescriptorOwner( SECURITY_DESCRIPTOR *pDescr, PSID *pOwner,
519 LPBOOL lpbOwnerDefaulted )
520 {
521 CallWin32ToNt (RtlGetOwnerSecurityDescriptor( pDescr, pOwner, (PBOOLEAN)lpbOwnerDefaulted ));
522 }
523
524 /******************************************************************************
525 * SetSecurityDescriptorOwner [ADVAPI32.@]
526 *
527 * PARAMS
528 */
529 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
530 PSID pOwner, BOOL bOwnerDefaulted)
531 {
532 CallWin32ToNt (RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
533 }
534 /******************************************************************************
535 * GetSecurityDescriptorGroup [ADVAPI32.@]
536 */
537 BOOL WINAPI GetSecurityDescriptorGroup(
538 PSECURITY_DESCRIPTOR SecurityDescriptor,
539 PSID *Group,
540 LPBOOL GroupDefaulted)
541 {
542 CallWin32ToNt (RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, (PBOOLEAN)GroupDefaulted));
543 }
544 /******************************************************************************
545 * SetSecurityDescriptorGroup [ADVAPI32.@]
546 */
547 BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
548 PSID Group, BOOL GroupDefaulted)
549 {
550 CallWin32ToNt (RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
551 }
552
553 /******************************************************************************
554 * IsValidSecurityDescriptor [ADVAPI32.@]
555 *
556 * PARAMS
557 * lpsecdesc []
558 */
559 BOOL WINAPI
560 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
561 {
562 CallWin32ToNt (RtlValidSecurityDescriptor(SecurityDescriptor));
563 }
564
565 /******************************************************************************
566 * GetSecurityDescriptorDacl [ADVAPI32.@]
567 */
568 BOOL WINAPI GetSecurityDescriptorDacl(
569 IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
570 OUT LPBOOL lpbDaclPresent,
571 OUT PACL *pDacl,
572 OUT LPBOOL lpbDaclDefaulted)
573 {
574 CallWin32ToNt (RtlGetDaclSecurityDescriptor(pSecurityDescriptor, (PBOOLEAN)lpbDaclPresent,
575 pDacl, (PBOOLEAN)lpbDaclDefaulted));
576 }
577
578 /******************************************************************************
579 * SetSecurityDescriptorDacl [ADVAPI32.@]
580 */
581 BOOL WINAPI
582 SetSecurityDescriptorDacl (
583 PSECURITY_DESCRIPTOR lpsd,
584 BOOL daclpresent,
585 PACL dacl,
586 BOOL dacldefaulted )
587 {
588 CallWin32ToNt (RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ));
589 }
590 /******************************************************************************
591 * GetSecurityDescriptorSacl [ADVAPI32.@]
592 */
593 BOOL WINAPI GetSecurityDescriptorSacl(
594 IN PSECURITY_DESCRIPTOR lpsd,
595 OUT LPBOOL lpbSaclPresent,
596 OUT PACL *pSacl,
597 OUT LPBOOL lpbSaclDefaulted)
598 {
599 CallWin32ToNt (RtlGetSaclSecurityDescriptor(lpsd,
600 (PBOOLEAN)lpbSaclPresent, pSacl, (PBOOLEAN)lpbSaclDefaulted));
601 }
602
603 /**************************************************************************
604 * SetSecurityDescriptorSacl [ADVAPI32.@]
605 */
606 BOOL WINAPI SetSecurityDescriptorSacl (
607 PSECURITY_DESCRIPTOR lpsd,
608 BOOL saclpresent,
609 PACL lpsacl,
610 BOOL sacldefaulted)
611 {
612 CallWin32ToNt (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
613 }
614 /******************************************************************************
615 * MakeSelfRelativeSD [ADVAPI32.@]
616 *
617 * PARAMS
618 * lpabssecdesc []
619 * lpselfsecdesc []
620 * lpbuflen []
621 */
622 BOOL WINAPI
623 MakeSelfRelativeSD(
624 IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
625 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
626 IN OUT LPDWORD lpdwBufferLength)
627 {
628 CallWin32ToNt (RtlMakeSelfRelativeSD(pAbsoluteSecurityDescriptor,pSelfRelativeSecurityDescriptor, lpdwBufferLength));
629 }
630
631 /******************************************************************************
632 * GetSecurityDescriptorControl [ADVAPI32.@]
633 */
634
635 BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR pSecurityDescriptor,
636 PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
637 {
638 CallWin32ToNt (RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
639 }
640
641 /* ##############################
642 ###### ACL FUNCTIONS ######
643 ##############################
644 */
645
646 /*************************************************************************
647 * InitializeAcl [ADVAPI32.@]
648 */
649 DWORD WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
650 {
651 CallWin32ToNt (RtlCreateAcl(acl, size, rev));
652 }
653
654 /* ##############################
655 ###### MISC FUNCTIONS ######
656 ##############################
657 */
658
659 /******************************************************************************
660 * LookupPrivilegeValueW [ADVAPI32.@]
661 *
662 * See LookupPrivilegeValueA.
663 */
664 BOOL WINAPI
665 LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid )
666 {
667 FIXME("(%s,%s,%p): stub\n",debugstr_w(lpSystemName),
668 debugstr_w(lpName), lpLuid);
669 lpLuid->LowPart = 0x12345678;
670 lpLuid->HighPart = 0x87654321;
671 return TRUE;
672 }
673
674 /******************************************************************************
675 * LookupPrivilegeValueA [ADVAPI32.@]
676 *
677 * Retrieves LUID used on a system to represent the privilege name.
678 *
679 * PARAMS
680 * lpSystemName [I] Name of the system
681 * lpName [I] Name of the privilege
682 * pLuid [O] Destination for the resulting LUD
683 *
684 * RETURNS
685 * Success: TRUE. pLuid contains the requested LUID.
686 * Failure: FALSE.
687 */
688 BOOL WINAPI
689 LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid )
690 {
691 UNICODE_STRING lpSystemNameW;
692 UNICODE_STRING lpNameW;
693 BOOL ret;
694
695 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
696 RtlCreateUnicodeStringFromAsciiz(&lpNameW,lpName);
697 ret = LookupPrivilegeValueW(lpSystemNameW.Buffer, lpNameW.Buffer, lpLuid);
698 RtlFreeUnicodeString(&lpNameW);
699 RtlFreeUnicodeString(&lpSystemNameW);
700 return ret;
701 }
702
703 /******************************************************************************
704 * GetFileSecurityA [ADVAPI32.@]
705 *
706 * Obtains Specified information about the security of a file or directory.
707 *
708 * PARAMS
709 * lpFileName [I] Name of the file to get info for
710 * RequestedInformation [I] SE_ flags from "winnt.h"
711 * pSecurityDescriptor [O] Destination for security information
712 * nLength [I] Length of pSecurityDescriptor
713 * lpnLengthNeeded [O] Destination for length of returned security information
714 *
715 * RETURNS
716 * Success: TRUE. pSecurityDescriptor contains the requested information.
717 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
718 *
719 * NOTES
720 * The information returned is constrained by the callers access rights and
721 * privileges.
722 */
723 BOOL WINAPI
724 GetFileSecurityA( LPCSTR lpFileName,
725 SECURITY_INFORMATION RequestedInformation,
726 PSECURITY_DESCRIPTOR pSecurityDescriptor,
727 DWORD nLength, LPDWORD lpnLengthNeeded )
728 {
729 FIXME("(%s) : stub\n", debugstr_a(lpFileName));
730 return TRUE;
731 }
732
733 /******************************************************************************
734 * GetFileSecurityW [ADVAPI32.@]
735 *
736 * See GetFileSecurityA.
737 */
738 BOOL WINAPI
739 GetFileSecurityW( LPCWSTR lpFileName,
740 SECURITY_INFORMATION RequestedInformation,
741 PSECURITY_DESCRIPTOR pSecurityDescriptor,
742 DWORD nLength, LPDWORD lpnLengthNeeded )
743 {
744 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
745 return TRUE;
746 }
747
748
749 /******************************************************************************
750 * LookupAccountSidA [ADVAPI32.@]
751 */
752 BOOL WINAPI
753 LookupAccountSidA(
754 IN LPCSTR system,
755 IN PSID sid,
756 OUT LPSTR account,
757 IN OUT LPDWORD accountSize,
758 OUT LPSTR domain,
759 IN OUT LPDWORD domainSize,
760 OUT PSID_NAME_USE name_use )
761 {
762 static const char ac[] = "Administrator";
763 static const char dm[] = "DOMAIN";
764 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
765 debugstr_a(system),sid,
766 account,accountSize,accountSize?*accountSize:0,
767 domain,domainSize,domainSize?*domainSize:0,
768 name_use);
769
770 if (accountSize) *accountSize = strlen(ac)+1;
771 if (account && (*accountSize > strlen(ac)))
772 strcpy(account, ac);
773
774 if (domainSize) *domainSize = strlen(dm)+1;
775 if (domain && (*domainSize > strlen(dm)))
776 strcpy(domain,dm);
777
778 if (name_use) *name_use = SidTypeUser;
779 return TRUE;
780 }
781
782 /******************************************************************************
783 * LookupAccountSidW [ADVAPI32.@]
784 *
785 * PARAMS
786 * system []
787 * sid []
788 * account []
789 * accountSize []
790 * domain []
791 * domainSize []
792 * name_use []
793 */
794 BOOL WINAPI
795 LookupAccountSidW(
796 IN LPCWSTR system,
797 IN PSID sid,
798 OUT LPWSTR account,
799 IN OUT LPDWORD accountSize,
800 OUT LPWSTR domain,
801 IN OUT LPDWORD domainSize,
802 OUT PSID_NAME_USE name_use )
803 {
804 static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
805 static const WCHAR dm[] = {'D','O','M','A','I','N',0};
806 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
807 debugstr_w(system),sid,
808 account,accountSize,accountSize?*accountSize:0,
809 domain,domainSize,domainSize?*domainSize:0,
810 name_use);
811
812 if (accountSize) *accountSize = strlenW(ac)+1;
813 if (account && (*accountSize > strlenW(ac)))
814 strcpyW(account, ac);
815
816 if (domainSize) *domainSize = strlenW(dm)+1;
817 if (domain && (*domainSize > strlenW(dm)))
818 strcpyW(domain,dm);
819
820 if (name_use) *name_use = SidTypeUser;
821 return TRUE;
822 }
823
824 /******************************************************************************
825 * SetFileSecurityA [ADVAPI32.@]
826 * Sets the security of a file or directory
827 */
828 BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
829 SECURITY_INFORMATION RequestedInformation,
830 PSECURITY_DESCRIPTOR pSecurityDescriptor)
831 {
832 FIXME("(%s) : stub\n", debugstr_a(lpFileName));
833 return TRUE;
834 }
835
836 /******************************************************************************
837 * SetFileSecurityW [ADVAPI32.@]
838 * Sets the security of a file or directory
839 *
840 * PARAMS
841 * lpFileName []
842 * RequestedInformation []
843 * pSecurityDescriptor []
844 */
845 BOOL WINAPI
846 SetFileSecurityW( LPCWSTR lpFileName,
847 SECURITY_INFORMATION RequestedInformation,
848 PSECURITY_DESCRIPTOR pSecurityDescriptor )
849 {
850 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
851 return TRUE;
852 }
853
854 /******************************************************************************
855 * QueryWindows31FilesMigration [ADVAPI32.@]
856 *
857 * PARAMS
858 * x1 []
859 */
860 BOOL WINAPI
861 QueryWindows31FilesMigration( DWORD x1 )
862 {
863 FIXME("(%ld):stub\n",x1);
864 return TRUE;
865 }
866
867 /******************************************************************************
868 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
869 *
870 * PARAMS
871 * x1 []
872 * x2 []
873 * x3 []
874 * x4 []
875 */
876 BOOL WINAPI
877 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
878 DWORD x4 )
879 {
880 FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
881 return TRUE;
882 }
883
884 /******************************************************************************
885 * LsaOpenPolicy [ADVAPI32.@]
886 *
887 * PARAMS
888 * x1 []
889 * x2 []
890 * x3 []
891 * x4 []
892 */
893 NTSTATUS WINAPI
894 LsaOpenPolicy(
895 IN PLSA_UNICODE_STRING SystemName,
896 IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
897 IN ACCESS_MASK DesiredAccess,
898 IN OUT PLSA_HANDLE PolicyHandle)
899 {
900 FIXME("(%s,%p,0x%08lx,%p):stub\n",
901 SystemName?debugstr_w(SystemName->Buffer):"null",
902 ObjectAttributes, DesiredAccess, PolicyHandle);
903 ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
904 STATUS_ACCESS_VIOLATION);
905 dumpLsaAttributes(ObjectAttributes);
906 if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
907 return STATUS_SUCCESS;
908 }
909
910 /******************************************************************************
911 * LsaQueryInformationPolicy [ADVAPI32.@]
912 */
913 NTSTATUS WINAPI
914 LsaQueryInformationPolicy(
915 IN LSA_HANDLE PolicyHandle,
916 IN POLICY_INFORMATION_CLASS InformationClass,
917 OUT PVOID *Buffer)
918 {
919 FIXME("(%p,0x%08x,%p):stub\n",
920 PolicyHandle, InformationClass, Buffer);
921
922 if(!Buffer) return FALSE;
923 switch (InformationClass)
924 {
925 case PolicyAuditEventsInformation: /* 2 */
926 {
927 PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(POLICY_AUDIT_EVENTS_INFO));
928 p->AuditingMode = FALSE; /* no auditing */
929 *Buffer = p;
930 }
931 break;
932 case PolicyPrimaryDomainInformation: /* 3 */
933 case PolicyAccountDomainInformation: /* 5 */
934 {
935 struct di
936 { POLICY_PRIMARY_DOMAIN_INFO ppdi;
937 SID sid;
938 };
939 SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
940
941 struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(xdi));
942 RtlCreateUnicodeStringFromAsciiz(&(xdi->ppdi.Name), "DOMAIN");
943
944 xdi->ppdi.Sid = &(xdi->sid);
945 xdi->sid.Revision = SID_REVISION;
946 xdi->sid.SubAuthorityCount = 1;
947 xdi->sid.IdentifierAuthority = localSidAuthority;
948 xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
949 *Buffer = xdi;
950 }
951 break;
952 case PolicyAuditLogInformation:
953 case PolicyPdAccountInformation:
954 case PolicyLsaServerRoleInformation:
955 case PolicyReplicaSourceInformation:
956 case PolicyDefaultQuotaInformation:
957 case PolicyModificationInformation:
958 case PolicyAuditFullSetInformation:
959 case PolicyAuditFullQueryInformation:
960 case PolicyDnsDomainInformation:
961 {
962 FIXME("category not implemented\n");
963 return FALSE;
964 }
965 }
966 return TRUE;
967 }
968
969 /******************************************************************************
970 * LsaLookupSids [ADVAPI32.@]
971 */
972 typedef struct
973 {
974 SID_NAME_USE Use;
975 LSA_UNICODE_STRING Name;
976 LONG DomainIndex;
977 } LSA_TRANSLATED_NAME, *PLSA_TRANSLATED_NAME;
978
979 typedef struct
980 {
981 LSA_UNICODE_STRING Name;
982 PSID Sid;
983 } LSA_TRUST_INFORMATION, *PLSA_TRUST_INFORMATION;
984
985 typedef struct
986 {
987 ULONG Entries;
988 PLSA_TRUST_INFORMATION Domains;
989 } LSA_REFERENCED_DOMAIN_LIST, *PLSA_REFERENCED_DOMAIN_LIST;
990
991 NTSTATUS WINAPI
992 LsaLookupSids(
993 IN LSA_HANDLE PolicyHandle,
994 IN ULONG Count,
995 IN PSID *Sids,
996 OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
997 OUT PLSA_TRANSLATED_NAME *Names )
998 {
999 FIXME("%p %lu %p %p %p\n",
1000 PolicyHandle, Count, Sids, ReferencedDomains, Names);
1001 return FALSE;
1002 }
1003
1004 /******************************************************************************
1005 * LsaFreeMemory [ADVAPI32.@]
1006 */
1007 NTSTATUS WINAPI
1008 LsaFreeMemory(IN PVOID Buffer)
1009 {
1010 TRACE("(%p)\n",Buffer);
1011 return HeapFree(GetProcessHeap(), 0, Buffer);
1012 }
1013 /******************************************************************************
1014 * LsaClose [ADVAPI32.@]
1015 */
1016 NTSTATUS WINAPI
1017 LsaClose(IN LSA_HANDLE ObjectHandle)
1018 {
1019 FIXME("(%p):stub\n",ObjectHandle);
1020 return 0xc0000000;
1021 }
1022
1023 /******************************************************************************
1024 * LsaNtStatusToWinError [ADVAPI32.@]
1025 *
1026 * PARAMS
1027 * Status [I]
1028 */
1029 ULONG WINAPI
1030 LsaNtStatusToWinError(NTSTATUS Status)
1031 {
1032 return RtlNtStatusToDosError(Status);
1033 }
1034
1035 /******************************************************************************
1036 * NotifyBootConfigStatus [ADVAPI32.@]
1037 *
1038 * PARAMS
1039 * x1 []
1040 */
1041 BOOL WINAPI
1042 NotifyBootConfigStatus( DWORD x1 )
1043 {
1044 FIXME("(0x%08lx):stub\n",x1);
1045 return 1;
1046 }
1047
1048 /******************************************************************************
1049 * RevertToSelf [ADVAPI32.@]
1050 *
1051 * PARAMS
1052 * void []
1053 */
1054 BOOL WINAPI
1055 RevertToSelf( void )
1056 {
1057 FIXME("(), stub\n");
1058 return TRUE;
1059 }
1060
1061 /******************************************************************************
1062 * ImpersonateSelf [ADVAPI32.@]
1063 */
1064 BOOL WINAPI
1065 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1066 {
1067 return RtlImpersonateSelf(ImpersonationLevel);
1068 }
1069
1070 /******************************************************************************
1071 * ImpersonateLoggedOnUser [ADVAPI32.@]
1072 */
1073 BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
1074 {
1075 FIXME("(%p):stub returning FALSE\n", hToken);
1076 return FALSE;
1077 }
1078
1079 /******************************************************************************
1080 * AccessCheck [ADVAPI32.@]
1081 *
1082 * FIXME check cast LPBOOL to PBOOLEAN
1083 */
1084 BOOL WINAPI
1085 AccessCheck(
1086 PSECURITY_DESCRIPTOR SecurityDescriptor,
1087 HANDLE ClientToken,
1088 DWORD DesiredAccess,
1089 PGENERIC_MAPPING GenericMapping,
1090 PPRIVILEGE_SET PrivilegeSet,
1091 LPDWORD PrivilegeSetLength,
1092 LPDWORD GrantedAccess,
1093 LPBOOL AccessStatus)
1094 {
1095 CallWin32ToNt (NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
1096 GenericMapping, PrivilegeSet, PrivilegeSetLength, GrantedAccess, (PBOOLEAN)AccessStatus));
1097 }
1098
1099 /*************************************************************************
1100 * SetKernelObjectSecurity [ADVAPI32.@]
1101 */
1102 BOOL WINAPI SetKernelObjectSecurity (
1103 IN HANDLE Handle,
1104 IN SECURITY_INFORMATION SecurityInformation,
1105 IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1106 {
1107 CallWin32ToNt (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1108 }
1109
1110 /******************************************************************************
1111 * AddAccessAllowedAce [ADVAPI32.@]
1112 */
1113 BOOL WINAPI AddAccessAllowedAce(
1114 IN OUT PACL pAcl,
1115 IN DWORD dwAceRevision,
1116 IN DWORD AccessMask,
1117 IN PSID pSid)
1118 {
1119 return RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid);
1120 }
1121
1122 /******************************************************************************
1123 * LookupAccountNameA [ADVAPI32.@]
1124 */
1125 BOOL WINAPI
1126 LookupAccountNameA(
1127 IN LPCSTR system,
1128 IN LPCSTR account,
1129 OUT PSID sid,
1130 OUT LPDWORD cbSid,
1131 LPSTR ReferencedDomainName,
1132 IN OUT LPDWORD cbReferencedDomainName,
1133 OUT PSID_NAME_USE name_use )
1134 {
1135 FIXME("(%s,%s,%p,%p,%p,%p,%p), stub.\n",system,account,sid,cbSid,ReferencedDomainName,cbReferencedDomainName,name_use);
1136 return FALSE;
1137 }
1138
1139 /******************************************************************************
1140 * GetAce [ADVAPI32.@]
1141 */
1142 BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
1143 {
1144 CallWin32ToNt(RtlGetAce(pAcl, dwAceIndex, pAce));
1145 }
1146
1147 /******************************************************************************
1148 * PrivilegeCheck [ADVAPI32.@]
1149 */
1150 BOOL WINAPI PrivilegeCheck( HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
1151 {
1152 FIXME("stub %p %p %p\n", ClientToken, RequiredPrivileges, pfResult);
1153 if (pfResult)
1154 *pfResult=TRUE;
1155 return TRUE;
1156 }
1157
1158 /******************************************************************************
1159 * GetSecurityInfoExW [ADVAPI32.@]
1160 */
1161 DWORD WINAPI GetSecurityInfoExW(
1162 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
1163 SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider,
1164 LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList,
1165 PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup
1166 )
1167 {
1168 FIXME("stub!\n");
1169 return ERROR_BAD_PROVIDER;
1170 }
GSOC 2012 project to enhance the control panel