search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Added YUV routines needed for v4l driver, and in the future possibly
[wine/gsoc-2012-control.git] / dlls / advapi32 / security.c
blob5bbb4eaf300591431ab80a86268363af33a8cd50
1 /*
2 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
3 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 *
19 */
20
21 #include <stdarg.h>
22 #include <string.h>
23
24 #include "windef.h"
25 #include "winbase.h"
26 #include "winerror.h"
27 #include "rpcnterr.h"
28 #include "winreg.h"
29 #include "winternl.h"
30 #include "ntstatus.h"
31 #include "ntsecapi.h"
32 #include "accctrl.h"
33 #include "sddl.h"
34 #include "winsvc.h"
35 #include "aclapi.h"
36
37 #include "wine/debug.h"
38 #include "wine/unicode.h"
39
40 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
41
42 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes);
43 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
44 PACL pAcl, LPDWORD cBytes);
45 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl);
46 static BYTE ParseAceStringType(LPCWSTR* StringAcl);
47 static DWORD ParseAceStringRights(LPCWSTR* StringAcl);
48 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
49 LPCWSTR StringSecurityDescriptor,
50 SECURITY_DESCRIPTOR* SecurityDescriptor,
51 LPDWORD cBytes);
52 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl);
53
54 typedef struct _ACEFLAG
55 {
56 LPCWSTR wstr;
57 DWORD value;
58 } ACEFLAG, *LPACEFLAG;
59
60 static SID const sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } };
61
62 /*
63 * ACE access rights
64 */
65 static const WCHAR SDDL_READ_CONTROL[] = {'R','C',0};
66 static const WCHAR SDDL_WRITE_DAC[] = {'W','D',0};
67 static const WCHAR SDDL_WRITE_OWNER[] = {'W','O',0};
68 static const WCHAR SDDL_STANDARD_DELETE[] = {'S','D',0};
69 static const WCHAR SDDL_GENERIC_ALL[] = {'G','A',0};
70 static const WCHAR SDDL_GENERIC_READ[] = {'G','R',0};
71 static const WCHAR SDDL_GENERIC_WRITE[] = {'G','W',0};
72 static const WCHAR SDDL_GENERIC_EXECUTE[] = {'G','X',0};
73
74 /*
75 * ACE types
76 */
77 static const WCHAR SDDL_ACCESS_ALLOWED[] = {'A',0};
78 static const WCHAR SDDL_ACCESS_DENIED[] = {'D',0};
79 static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[] = {'O','A',0};
80 static const WCHAR SDDL_OBJECT_ACCESS_DENIED[] = {'O','D',0};
81 static const WCHAR SDDL_AUDIT[] = {'A','U',0};
82 static const WCHAR SDDL_ALARM[] = {'A','L',0};
83 static const WCHAR SDDL_OBJECT_AUDIT[] = {'O','U',0};
84 static const WCHAR SDDL_OBJECT_ALARMp[] = {'O','L',0};
85
86 /*
87 * ACE flags
88 */
89 static const WCHAR SDDL_CONTAINER_INHERIT[] = {'C','I',0};
90 static const WCHAR SDDL_OBJECT_INHERIT[] = {'O','I',0};
91 static const WCHAR SDDL_NO_PROPAGATE[] = {'N','P',0};
92 static const WCHAR SDDL_INHERIT_ONLY[] = {'I','O',0};
93 static const WCHAR SDDL_INHERITED[] = {'I','D',0};
94 static const WCHAR SDDL_AUDIT_SUCCESS[] = {'S','A',0};
95 static const WCHAR SDDL_AUDIT_FAILURE[] = {'F','A',0};
96
97 /* set last error code from NT status and get the proper boolean return value */
98 /* used for functions that are a simple wrapper around the corresponding ntdll API */
99 static inline BOOL set_ntstatus( NTSTATUS status )
100 {
101 if (status) SetLastError( RtlNtStatusToDosError( status ));
102 return !status;
103 }
104
105 static void dumpLsaAttributes( PLSA_OBJECT_ATTRIBUTES oa )
106 {
107 if (oa)
108 {
109 TRACE("\n\tlength=%lu, rootdir=%p, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
110 oa->Length, oa->RootDirectory,
111 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
112 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
113 }
114 }
115
116 #define WINE_SIZE_OF_WORLD_ACCESS_ACL (sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD))
117
118 static void GetWorldAccessACL(PACL pACL)
119 {
120 PACCESS_ALLOWED_ACE pACE = (PACCESS_ALLOWED_ACE) (pACL + 1);
121
122 pACL->AclRevision = ACL_REVISION;
123 pACL->Sbz1 = 0;
124 pACL->AclSize = WINE_SIZE_OF_WORLD_ACCESS_ACL;
125 pACL->AceCount = 1;
126 pACL->Sbz2 = 0;
127
128 pACE->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
129 pACE->Header.AceFlags = CONTAINER_INHERIT_ACE;
130 pACE->Header.AceSize = sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD);
131 pACE->Mask = 0xf3ffffff; /* Everything except reserved bits */
132 memcpy(&pACE->SidStart, &sidWorld, sizeof(sidWorld));
133 }
134
135 /************************************************************
136 * ADVAPI_IsLocalComputer
137 *
138 * Checks whether the server name indicates local machine.
139 */
140 BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
141 {
142 if (!ServerName)
143 {
144 return TRUE;
145 }
146 else if (!ServerName[0])
147 {
148 return TRUE;
149 }
150 else
151 {
152 DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
153 BOOL Result;
154 LPWSTR buf;
155
156 buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
157 Result = GetComputerNameW(buf, &dwSize);
158 if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
159 ServerName += 2;
160 Result = Result && !lstrcmpW(ServerName, buf);
161 HeapFree(GetProcessHeap(), 0, buf);
162
163 return Result;
164 }
165 }
166
167 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
168 if (!ADVAPI_IsLocalComputer(ServerName)) \
169 { \
170 FIXME("Action Implemented for local computer only. " \
171 "Requested for server %s\n", debugstr_w(ServerName)); \
172 return FailureCode; \
173 }
174
175 /* ##############################
176 ###### TOKEN FUNCTIONS ######
177 ##############################
178 */
179
180 /******************************************************************************
181 * OpenProcessToken [ADVAPI32.@]
182 * Opens the access token associated with a process handle.
183 *
184 * PARAMS
185 * ProcessHandle [I] Handle to process
186 * DesiredAccess [I] Desired access to process
187 * TokenHandle [O] Pointer to handle of open access token
188 *
189 * RETURNS
190 * Success: TRUE. TokenHandle contains the access token.
191 * Failure: FALSE.
192 *
193 * NOTES
194 * See NtOpenProcessToken.
195 */
196 BOOL WINAPI
197 OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
198 HANDLE *TokenHandle )
199 {
200 return set_ntstatus(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
201 }
202
203 /******************************************************************************
204 * OpenThreadToken [ADVAPI32.@]
205 *
206 * Opens the access token associated with a thread handle.
207 *
208 * PARAMS
209 * ThreadHandle [I] Handle to process
210 * DesiredAccess [I] Desired access to the thread
211 * OpenAsSelf [I] ???
212 * TokenHandle [O] Destination for the token handle
213 *
214 * RETURNS
215 * Success: TRUE. TokenHandle contains the access token.
216 * Failure: FALSE.
217 *
218 * NOTES
219 * See NtOpenThreadToken.
220 */
221 BOOL WINAPI
222 OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
223 BOOL OpenAsSelf, HANDLE *TokenHandle)
224 {
225 return set_ntstatus( NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
226 }
227
228 BOOL WINAPI
229 AdjustTokenGroups( HANDLE TokenHandle, BOOL ResetToDefault, PTOKEN_GROUPS NewState,
230 DWORD BufferLength, PTOKEN_GROUPS PreviousState, PDWORD ReturnLength )
231 {
232 return set_ntstatus( NtAdjustGroupsToken(TokenHandle, ResetToDefault, NewState, BufferLength,
233 PreviousState, ReturnLength));
234 }
235
236 /******************************************************************************
237 * AdjustTokenPrivileges [ADVAPI32.@]
238 *
239 * Adjust the privileges of an open token handle.
240 *
241 * PARAMS
242 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
243 * DisableAllPrivileges [I] TRUE=Remove all privileges, FALSE=Use NewState
244 * NewState [I] Desired new privileges of the token
245 * BufferLength [I] Length of NewState
246 * PreviousState [O] Destination for the previous state
247 * ReturnLength [I/O] Size of PreviousState
248 *
249 *
250 * RETURNS
251 * Success: TRUE. Privileges are set to NewState and PreviousState is updated.
252 * Failure: FALSE.
253 *
254 * NOTES
255 * See NtAdjustPrivilegesToken.
256 */
257 BOOL WINAPI
258 AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
259 LPVOID NewState, DWORD BufferLength,
260 LPVOID PreviousState, LPDWORD ReturnLength )
261 {
262 NTSTATUS status;
263
264 TRACE("\n");
265
266 status = NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges,
267 NewState, BufferLength, PreviousState,
268 ReturnLength);
269 SetLastError( RtlNtStatusToDosError( status ));
270 if ((status == STATUS_SUCCESS) || (status == STATUS_NOT_ALL_ASSIGNED))
271 return TRUE;
272 else
273 return FALSE;
274 }
275
276 /******************************************************************************
277 * CheckTokenMembership [ADVAPI32.@]
278 *
279 * Determine if an access token is a member of a SID.
280 *
281 * PARAMS
282 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
283 * SidToCheck [I] SID that possibly contains the token
284 * IsMember [O] Destination for result.
285 *
286 * RETURNS
287 * Success: TRUE. IsMember is TRUE if TokenHandle is a member, FALSE otherwise.
288 * Failure: FALSE.
289 */
290 BOOL WINAPI
291 CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
292 PBOOL IsMember )
293 {
294 FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
295
296 *IsMember = TRUE;
297 return(TRUE);
298 }
299
300 /******************************************************************************
301 * GetTokenInformation [ADVAPI32.@]
302 *
303 * PARAMS
304 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
305 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
306 * tokeninfo [O] Destination for token information
307 * tokeninfolength [I] Length of tokeninfo
308 * retlen [O] Destination for returned token information length
309 *
310 * RETURNS
311 * Success: TRUE. tokeninfo contains retlen bytes of token information
312 * Failure: FALSE.
313 *
314 * NOTES
315 * See NtQueryInformationToken.
316 */
317 BOOL WINAPI
318 GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
319 LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
320 {
321 TRACE("(%p, %s, %p, %ld, %p): \n",
322 token,
323 (tokeninfoclass == TokenUser) ? "TokenUser" :
324 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
325 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
326 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
327 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
328 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
329 (tokeninfoclass == TokenSource) ? "TokenSource" :
330 (tokeninfoclass == TokenType) ? "TokenType" :
331 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
332 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
333 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
334 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
335 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
336 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
337 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
338 "Unknown",
339 tokeninfo, tokeninfolength, retlen);
340 return set_ntstatus( NtQueryInformationToken( token, tokeninfoclass, tokeninfo,
341 tokeninfolength, retlen));
342 }
343
344 /******************************************************************************
345 * SetTokenInformation [ADVAPI32.@]
346 *
347 * Set information for an access token.
348 *
349 * PARAMS
350 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
351 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
352 * tokeninfo [I] Token information to set
353 * tokeninfolength [I] Length of tokeninfo
354 *
355 * RETURNS
356 * Success: TRUE. The information for the token is set to tokeninfo.
357 * Failure: FALSE.
358 */
359 BOOL WINAPI
360 SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
361 LPVOID tokeninfo, DWORD tokeninfolength )
362 {
363 TRACE("(%p, %s, %p, %ld): stub\n",
364 token,
365 (tokeninfoclass == TokenUser) ? "TokenUser" :
366 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
367 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
368 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
369 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
370 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
371 (tokeninfoclass == TokenSource) ? "TokenSource" :
372 (tokeninfoclass == TokenType) ? "TokenType" :
373 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
374 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
375 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
376 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
377 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
378 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
379 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
380 "Unknown",
381 tokeninfo, tokeninfolength);
382
383 return set_ntstatus( NtSetInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength ));
384 }
385
386 /*************************************************************************
387 * SetThreadToken [ADVAPI32.@]
388 *
389 * Assigns an 'impersonation token' to a thread so it can assume the
390 * security privileges of another thread or process. Can also remove
391 * a previously assigned token.
392 *
393 * PARAMS
394 * thread [O] Handle to thread to set the token for
395 * token [I] Token to set
396 *
397 * RETURNS
398 * Success: TRUE. The threads access token is set to token
399 * Failure: FALSE.
400 *
401 * NOTES
402 * Only supported on NT or higher. On Win9X this function does nothing.
403 * See SetTokenInformation.
404 */
405 BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
406 {
407 return set_ntstatus( NtSetInformationThread( thread ? *thread : GetCurrentThread(),
408 ThreadImpersonationToken, &token, sizeof token ));
409 }
410
411 /* ##############################
412 ###### SID FUNCTIONS ######
413 ##############################
414 */
415
416 /******************************************************************************
417 * AllocateAndInitializeSid [ADVAPI32.@]
418 *
419 * PARAMS
420 * pIdentifierAuthority []
421 * nSubAuthorityCount []
422 * nSubAuthority0 []
423 * nSubAuthority1 []
424 * nSubAuthority2 []
425 * nSubAuthority3 []
426 * nSubAuthority4 []
427 * nSubAuthority5 []
428 * nSubAuthority6 []
429 * nSubAuthority7 []
430 * pSid []
431 */
432 BOOL WINAPI
433 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
434 BYTE nSubAuthorityCount,
435 DWORD nSubAuthority0, DWORD nSubAuthority1,
436 DWORD nSubAuthority2, DWORD nSubAuthority3,
437 DWORD nSubAuthority4, DWORD nSubAuthority5,
438 DWORD nSubAuthority6, DWORD nSubAuthority7,
439 PSID *pSid )
440 {
441 return set_ntstatus( RtlAllocateAndInitializeSid(
442 pIdentifierAuthority, nSubAuthorityCount,
443 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
444 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
445 pSid ));
446 }
447
448 /******************************************************************************
449 * FreeSid [ADVAPI32.@]
450 *
451 * PARAMS
452 * pSid []
453 */
454 PVOID WINAPI
455 FreeSid( PSID pSid )
456 {
457 RtlFreeSid(pSid);
458 return NULL; /* is documented like this */
459 }
460
461 /******************************************************************************
462 * CopySid [ADVAPI32.@]
463 *
464 * PARAMS
465 * nDestinationSidLength []
466 * pDestinationSid []
467 * pSourceSid []
468 */
469 BOOL WINAPI
470 CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
471 {
472 return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
473 }
474
475 BOOL WINAPI
476 IsTokenRestricted( HANDLE TokenHandle )
477 {
478 FIXME("%p - stub\n", TokenHandle);
479
480 return FALSE;
481 }
482
483 /******************************************************************************
484 * IsValidSid [ADVAPI32.@]
485 *
486 * PARAMS
487 * pSid []
488 */
489 BOOL WINAPI
490 IsValidSid( PSID pSid )
491 {
492 return RtlValidSid( pSid );
493 }
494
495 /******************************************************************************
496 * EqualSid [ADVAPI32.@]
497 *
498 * PARAMS
499 * pSid1 []
500 * pSid2 []
501 */
502 BOOL WINAPI
503 EqualSid( PSID pSid1, PSID pSid2 )
504 {
505 return RtlEqualSid( pSid1, pSid2 );
506 }
507
508 /******************************************************************************
509 * EqualPrefixSid [ADVAPI32.@]
510 */
511 BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
512 {
513 return RtlEqualPrefixSid(pSid1, pSid2);
514 }
515
516 /******************************************************************************
517 * GetSidLengthRequired [ADVAPI32.@]
518 *
519 * PARAMS
520 * nSubAuthorityCount []
521 */
522 DWORD WINAPI
523 GetSidLengthRequired( BYTE nSubAuthorityCount )
524 {
525 return RtlLengthRequiredSid(nSubAuthorityCount);
526 }
527
528 /******************************************************************************
529 * InitializeSid [ADVAPI32.@]
530 *
531 * PARAMS
532 * pIdentifierAuthority []
533 */
534 BOOL WINAPI
535 InitializeSid (
536 PSID pSid,
537 PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
538 BYTE nSubAuthorityCount)
539 {
540 return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
541 }
542
543 DWORD WINAPI
544 GetEffectiveRightsFromAclA( PACL pacl, PTRUSTEEA pTrustee, PACCESS_MASK pAccessRights )
545 {
546 FIXME("%p %p %p - stub\n", pacl, pTrustee, pAccessRights);
547
548 return 1;
549 }
550
551 DWORD WINAPI
552 GetEffectiveRightsFromAclW( PACL pacl, PTRUSTEEW pTrustee, PACCESS_MASK pAccessRights )
553 {
554 FIXME("%p %p %p - stub\n", pacl, pTrustee, pAccessRights);
555
556 return 1;
557 }
558
559 /******************************************************************************
560 * GetSidIdentifierAuthority [ADVAPI32.@]
561 *
562 * PARAMS
563 * pSid []
564 */
565 PSID_IDENTIFIER_AUTHORITY WINAPI
566 GetSidIdentifierAuthority( PSID pSid )
567 {
568 return RtlIdentifierAuthoritySid(pSid);
569 }
570
571 /******************************************************************************
572 * GetSidSubAuthority [ADVAPI32.@]
573 *
574 * PARAMS
575 * pSid []
576 * nSubAuthority []
577 */
578 PDWORD WINAPI
579 GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
580 {
581 return RtlSubAuthoritySid(pSid, nSubAuthority);
582 }
583
584 /******************************************************************************
585 * GetSidSubAuthorityCount [ADVAPI32.@]
586 *
587 * PARAMS
588 * pSid []
589 */
590 PUCHAR WINAPI
591 GetSidSubAuthorityCount (PSID pSid)
592 {
593 return RtlSubAuthorityCountSid(pSid);
594 }
595
596 /******************************************************************************
597 * GetLengthSid [ADVAPI32.@]
598 *
599 * PARAMS
600 * pSid []
601 */
602 DWORD WINAPI
603 GetLengthSid (PSID pSid)
604 {
605 return RtlLengthSid(pSid);
606 }
607
608 /* ##############################################
609 ###### SECURITY DESCRIPTOR FUNCTIONS ######
610 ##############################################
611 */
612
613 /******************************************************************************
614 * InitializeSecurityDescriptor [ADVAPI32.@]
615 *
616 * PARAMS
617 * pDescr []
618 * revision []
619 */
620 BOOL WINAPI
621 InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR pDescr, DWORD revision )
622 {
623 return set_ntstatus( RtlCreateSecurityDescriptor(pDescr, revision ));
624 }
625
626
627 /******************************************************************************
628 * MakeAbsoluteSD [ADVAPI32.@]
629 */
630 BOOL WINAPI MakeAbsoluteSD (
631 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
632 OUT PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
633 OUT LPDWORD lpdwAbsoluteSecurityDescriptorSize,
634 OUT PACL pDacl,
635 OUT LPDWORD lpdwDaclSize,
636 OUT PACL pSacl,
637 OUT LPDWORD lpdwSaclSize,
638 OUT PSID pOwner,
639 OUT LPDWORD lpdwOwnerSize,
640 OUT PSID pPrimaryGroup,
641 OUT LPDWORD lpdwPrimaryGroupSize)
642 {
643 return set_ntstatus( RtlSelfRelativeToAbsoluteSD(pSelfRelativeSecurityDescriptor,
644 pAbsoluteSecurityDescriptor,
645 lpdwAbsoluteSecurityDescriptorSize,
646 pDacl, lpdwDaclSize, pSacl, lpdwSaclSize,
647 pOwner, lpdwOwnerSize,
648 pPrimaryGroup, lpdwPrimaryGroupSize));
649 }
650
651 BOOL WINAPI GetKernelObjectSecurity(
652 HANDLE Handle,
653 SECURITY_INFORMATION RequestedInformation,
654 PSECURITY_DESCRIPTOR pSecurityDescriptor,
655 DWORD nLength,
656 LPDWORD lpnLengthNeeded )
657 {
658 FIXME("%p 0x%08lx %p 0x%08lx %p - stub\n", Handle, RequestedInformation,
659 pSecurityDescriptor, nLength, lpnLengthNeeded);
660
661 return FALSE;
662 }
663
664 BOOL WINAPI GetPrivateObjectSecurity(
665 PSECURITY_DESCRIPTOR ObjectDescriptor,
666 SECURITY_INFORMATION SecurityInformation,
667 PSECURITY_DESCRIPTOR ResultantDescriptor,
668 DWORD DescriptorLength,
669 PDWORD ReturnLength )
670 {
671 FIXME("%p 0x%08lx %p 0x%08lx %p - stub\n", ObjectDescriptor, SecurityInformation,
672 ResultantDescriptor, DescriptorLength, ReturnLength);
673
674 return FALSE;
675 }
676
677 /******************************************************************************
678 * GetSecurityDescriptorLength [ADVAPI32.@]
679 */
680 DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR pDescr)
681 {
682 return RtlLengthSecurityDescriptor(pDescr);
683 }
684
685 /******************************************************************************
686 * GetSecurityDescriptorOwner [ADVAPI32.@]
687 *
688 * PARAMS
689 * pOwner []
690 * lpbOwnerDefaulted []
691 */
692 BOOL WINAPI
693 GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pDescr, PSID *pOwner,
694 LPBOOL lpbOwnerDefaulted )
695 {
696 BOOLEAN defaulted;
697 BOOL ret = set_ntstatus( RtlGetOwnerSecurityDescriptor( pDescr, pOwner, &defaulted ));
698 *lpbOwnerDefaulted = defaulted;
699 return ret;
700 }
701
702 /******************************************************************************
703 * SetSecurityDescriptorOwner [ADVAPI32.@]
704 *
705 * PARAMS
706 */
707 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
708 PSID pOwner, BOOL bOwnerDefaulted)
709 {
710 return set_ntstatus( RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
711 }
712 /******************************************************************************
713 * GetSecurityDescriptorGroup [ADVAPI32.@]
714 */
715 BOOL WINAPI GetSecurityDescriptorGroup(
716 PSECURITY_DESCRIPTOR SecurityDescriptor,
717 PSID *Group,
718 LPBOOL GroupDefaulted)
719 {
720 BOOLEAN defaulted;
721 BOOL ret = set_ntstatus( RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, &defaulted ));
722 *GroupDefaulted = defaulted;
723 return ret;
724 }
725 /******************************************************************************
726 * SetSecurityDescriptorGroup [ADVAPI32.@]
727 */
728 BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
729 PSID Group, BOOL GroupDefaulted)
730 {
731 return set_ntstatus( RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
732 }
733
734 /******************************************************************************
735 * IsValidSecurityDescriptor [ADVAPI32.@]
736 *
737 * PARAMS
738 * lpsecdesc []
739 */
740 BOOL WINAPI
741 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
742 {
743 return set_ntstatus( RtlValidSecurityDescriptor(SecurityDescriptor));
744 }
745
746 /******************************************************************************
747 * GetSecurityDescriptorDacl [ADVAPI32.@]
748 */
749 BOOL WINAPI GetSecurityDescriptorDacl(
750 IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
751 OUT LPBOOL lpbDaclPresent,
752 OUT PACL *pDacl,
753 OUT LPBOOL lpbDaclDefaulted)
754 {
755 BOOLEAN present, defaulted;
756 BOOL ret = set_ntstatus( RtlGetDaclSecurityDescriptor(pSecurityDescriptor, &present, pDacl, &defaulted));
757 *lpbDaclPresent = present;
758 *lpbDaclDefaulted = defaulted;
759 return ret;
760 }
761
762 /******************************************************************************
763 * SetSecurityDescriptorDacl [ADVAPI32.@]
764 */
765 BOOL WINAPI
766 SetSecurityDescriptorDacl (
767 PSECURITY_DESCRIPTOR lpsd,
768 BOOL daclpresent,
769 PACL dacl,
770 BOOL dacldefaulted )
771 {
772 return set_ntstatus( RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ) );
773 }
774 /******************************************************************************
775 * GetSecurityDescriptorSacl [ADVAPI32.@]
776 */
777 BOOL WINAPI GetSecurityDescriptorSacl(
778 IN PSECURITY_DESCRIPTOR lpsd,
779 OUT LPBOOL lpbSaclPresent,
780 OUT PACL *pSacl,
781 OUT LPBOOL lpbSaclDefaulted)
782 {
783 BOOLEAN present, defaulted;
784 BOOL ret = set_ntstatus( RtlGetSaclSecurityDescriptor(lpsd, &present, pSacl, &defaulted) );
785 *lpbSaclPresent = present;
786 *lpbSaclDefaulted = defaulted;
787 return ret;
788 }
789
790 /**************************************************************************
791 * SetSecurityDescriptorSacl [ADVAPI32.@]
792 */
793 BOOL WINAPI SetSecurityDescriptorSacl (
794 PSECURITY_DESCRIPTOR lpsd,
795 BOOL saclpresent,
796 PACL lpsacl,
797 BOOL sacldefaulted)
798 {
799 return set_ntstatus (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
800 }
801 /******************************************************************************
802 * MakeSelfRelativeSD [ADVAPI32.@]
803 *
804 * PARAMS
805 * lpabssecdesc []
806 * lpselfsecdesc []
807 * lpbuflen []
808 */
809 BOOL WINAPI
810 MakeSelfRelativeSD(
811 IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
812 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
813 IN OUT LPDWORD lpdwBufferLength)
814 {
815 return set_ntstatus( RtlMakeSelfRelativeSD( pAbsoluteSecurityDescriptor,
816 pSelfRelativeSecurityDescriptor, lpdwBufferLength));
817 }
818
819 /******************************************************************************
820 * GetSecurityDescriptorControl [ADVAPI32.@]
821 */
822
823 BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR pSecurityDescriptor,
824 PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
825 {
826 return set_ntstatus( RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
827 }
828
829 /* ##############################
830 ###### ACL FUNCTIONS ######
831 ##############################
832 */
833
834 /*************************************************************************
835 * InitializeAcl [ADVAPI32.@]
836 */
837 BOOL WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
838 {
839 return set_ntstatus( RtlCreateAcl(acl, size, rev));
840 }
841
842 BOOL WINAPI ImpersonateNamedPipeClient( HANDLE hNamedPipe )
843 {
844 FIXME("%p - stub\n", hNamedPipe);
845
846 return FALSE;
847 }
848
849 /******************************************************************************
850 * AddAccessAllowedAce [ADVAPI32.@]
851 */
852 BOOL WINAPI AddAccessAllowedAce(
853 IN OUT PACL pAcl,
854 IN DWORD dwAceRevision,
855 IN DWORD AccessMask,
856 IN PSID pSid)
857 {
858 return set_ntstatus(RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid));
859 }
860
861 /******************************************************************************
862 * AddAccessAllowedAceEx [ADVAPI32.@]
863 */
864 BOOL WINAPI AddAccessAllowedAceEx(
865 IN OUT PACL pAcl,
866 IN DWORD dwAceRevision,
867 IN DWORD AceFlags,
868 IN DWORD AccessMask,
869 IN PSID pSid)
870 {
871 return set_ntstatus(RtlAddAccessAllowedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
872 }
873
874 /******************************************************************************
875 * AddAccessDeniedAce [ADVAPI32.@]
876 */
877 BOOL WINAPI AddAccessDeniedAce(
878 IN OUT PACL pAcl,
879 IN DWORD dwAceRevision,
880 IN DWORD AccessMask,
881 IN PSID pSid)
882 {
883 return set_ntstatus(RtlAddAccessDeniedAce(pAcl, dwAceRevision, AccessMask, pSid));
884 }
885
886 /******************************************************************************
887 * AddAccessDeniedAceEx [ADVAPI32.@]
888 */
889 BOOL WINAPI AddAccessDeniedAceEx(
890 IN OUT PACL pAcl,
891 IN DWORD dwAceRevision,
892 IN DWORD AceFlags,
893 IN DWORD AccessMask,
894 IN PSID pSid)
895 {
896 return set_ntstatus(RtlAddAccessDeniedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
897 }
898
899 /******************************************************************************
900 * AddAce [ADVAPI32.@]
901 */
902 BOOL WINAPI AddAce(
903 IN OUT PACL pAcl,
904 IN DWORD dwAceRevision,
905 IN DWORD dwStartingAceIndex,
906 LPVOID pAceList,
907 DWORD nAceListLength)
908 {
909 return set_ntstatus(RtlAddAce(pAcl, dwAceRevision, dwStartingAceIndex, pAceList, nAceListLength));
910 }
911
912 /******************************************************************************
913 * DeleteAce [ADVAPI32.@]
914 */
915 BOOL WINAPI DeleteAce(PACL pAcl, DWORD dwAceIndex)
916 {
917 return set_ntstatus(RtlDeleteAce(pAcl, dwAceIndex));
918 }
919
920 /******************************************************************************
921 * FindFirstFreeAce [ADVAPI32.@]
922 */
923 BOOL WINAPI FindFirstFreeAce(IN PACL pAcl, LPVOID * pAce)
924 {
925 return RtlFirstFreeAce(pAcl, (PACE_HEADER *)pAce);
926 }
927
928 /******************************************************************************
929 * GetAce [ADVAPI32.@]
930 */
931 BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
932 {
933 return set_ntstatus(RtlGetAce(pAcl, dwAceIndex, pAce));
934 }
935
936 /******************************************************************************
937 * GetAclInformation [ADVAPI32.@]
938 */
939 BOOL WINAPI GetAclInformation(
940 PACL pAcl,
941 LPVOID pAclInformation,
942 DWORD nAclInformationLength,
943 ACL_INFORMATION_CLASS dwAclInformationClass)
944 {
945 return set_ntstatus(RtlQueryInformationAcl(pAcl, pAclInformation,
946 nAclInformationLength, dwAclInformationClass));
947 }
948
949 /******************************************************************************
950 * IsValidAcl [ADVAPI32.@]
951 */
952 BOOL WINAPI IsValidAcl(IN PACL pAcl)
953 {
954 return RtlValidAcl(pAcl);
955 }
956
957 /* ##############################
958 ###### MISC FUNCTIONS ######
959 ##############################
960 */
961
962 /******************************************************************************
963 * AllocateLocallyUniqueId [ADVAPI32.@]
964 *
965 * PARAMS
966 * lpLuid []
967 */
968 BOOL WINAPI AllocateLocallyUniqueId( PLUID lpLuid )
969 {
970 return set_ntstatus(NtAllocateLocallyUniqueId(lpLuid));
971 }
972
973 static const WCHAR SE_CREATE_TOKEN_NAME_W[] =
974 { 'S','e','C','r','e','a','t','e','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
975 static const WCHAR SE_ASSIGNPRIMARYTOKEN_NAME_W[] =
976 { 'S','e','A','s','s','i','g','n','P','r','i','m','a','r','y','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
977 static const WCHAR SE_LOCK_MEMORY_NAME_W[] =
978 { 'S','e','L','o','c','k','M','e','m','o','r','y','P','r','i','v','i','l','e','g','e',0 };
979 static const WCHAR SE_INCREASE_QUOTA_NAME_W[] =
980 { 'S','e','I','n','c','r','e','a','s','e','Q','u','o','t','a','P','r','i','v','i','l','e','g','e',0 };
981 static const WCHAR SE_MACHINE_ACCOUNT_NAME_W[] =
982 { 'S','e','M','a','c','h','i','n','e','A','c','c','o','u','n','t','P','r','i','v','i','l','e','g','e',0 };
983 static const WCHAR SE_TCB_NAME_W[] =
984 { 'S','e','T','c','b','P','r','i','v','i','l','e','g','e',0 };
985 static const WCHAR SE_SECURITY_NAME_W[] =
986 { 'S','e','S','e','c','u','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
987 static const WCHAR SE_TAKE_OWNERSHIP_NAME_W[] =
988 { 'S','e','T','a','k','e','O','w','n','e','r','s','h','i','p','P','r','i','v','i','l','e','g','e',0 };
989 static const WCHAR SE_LOAD_DRIVER_NAME_W[] =
990 { 'S','e','L','o','a','d','D','r','i','v','e','r','P','r','i','v','i','l','e','g','e',0 };
991 static const WCHAR SE_SYSTEM_PROFILE_NAME_W[] =
992 { 'S','e','S','y','s','t','e','m','P','r','o','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
993 static const WCHAR SE_SYSTEMTIME_NAME_W[] =
994 { 'S','e','S','y','s','t','e','m','t','i','m','e','P','r','i','v','i','l','e','g','e',0 };
995 static const WCHAR SE_PROF_SINGLE_PROCESS_NAME_W[] =
996 { 'S','e','P','r','o','f','i','l','e','S','i','n','g','l','e','P','r','o','c','e','s','s','P','r','i','v','i','l','e','g','e',0 };
997 static const WCHAR SE_INC_BASE_PRIORITY_NAME_W[] =
998 { 'S','e','I','n','c','r','e','a','s','e','B','a','s','e','P','r','i','o','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
999 static const WCHAR SE_CREATE_PAGEFILE_NAME_W[] =
1000 { 'S','e','C','r','e','a','t','e','P','a','g','e','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
1001 static const WCHAR SE_CREATE_PERMANENT_NAME_W[] =
1002 { 'S','e','C','r','e','a','t','e','P','e','r','m','a','n','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1003 static const WCHAR SE_BACKUP_NAME_W[] =
1004 { 'S','e','B','a','c','k','u','p','P','r','i','v','i','l','e','g','e',0 };
1005 static const WCHAR SE_RESTORE_NAME_W[] =
1006 { 'S','e','R','e','s','t','o','r','e','P','r','i','v','i','l','e','g','e',0 };
1007 static const WCHAR SE_SHUTDOWN_NAME_W[] =
1008 { 'S','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
1009 static const WCHAR SE_DEBUG_NAME_W[] =
1010 { 'S','e','D','e','b','u','g','P','r','i','v','i','l','e','g','e',0 };
1011 static const WCHAR SE_AUDIT_NAME_W[] =
1012 { 'S','e','A','u','d','i','t','P','r','i','v','i','l','e','g','e',0 };
1013 static const WCHAR SE_SYSTEM_ENVIRONMENT_NAME_W[] =
1014 { 'S','e','S','y','s','t','e','m','E','n','v','i','r','o','n','m','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1015 static const WCHAR SE_CHANGE_NOTIFY_NAME_W[] =
1016 { 'S','e','C','h','a','n','g','e','N','o','t','i','f','y','P','r','i','v','i','l','e','g','e',0 };
1017 static const WCHAR SE_REMOTE_SHUTDOWN_NAME_W[] =
1018 { 'S','e','R','e','m','o','t','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
1019 static const WCHAR SE_UNDOCK_NAME_W[] =
1020 { 'S','e','U','n','d','o','c','k','P','r','i','v','i','l','e','g','e',0 };
1021 static const WCHAR SE_SYNC_AGENT_NAME_W[] =
1022 { 'S','e','S','y','n','c','A','g','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1023 static const WCHAR SE_ENABLE_DELEGATION_NAME_W[] =
1024 { 'S','e','E','n','a','b','l','e','D','e','l','e','g','a','t','i','o','n','P','r','i','v','i','l','e','g','e',0 };
1025 static const WCHAR SE_MANAGE_VOLUME_NAME_W[] =
1026 { 'S','e','M','a','n','a','g','e','V','o','l','u','m','e','P','r','i','v','i','l','e','g','e',0 };
1027 static const WCHAR SE_IMPERSONATE_NAME_W[] =
1028 { 'S','e','I','m','p','e','r','s','o','n','a','t','e','P','r','i','v','i','l','e','g','e',0 };
1029 static const WCHAR SE_CREATE_GLOBAL_NAME_W[] =
1030 { 'S','e','C','r','e','a','t','e','G','l','o','b','a','l','P','r','i','v','i','l','e','g','e',0 };
1031
1032 static const WCHAR * const WellKnownPrivNames[SE_MAX_WELL_KNOWN_PRIVILEGE + 1] =
1033 {
1034 NULL,
1035 NULL,
1036 SE_CREATE_TOKEN_NAME_W,
1037 SE_ASSIGNPRIMARYTOKEN_NAME_W,
1038 SE_LOCK_MEMORY_NAME_W,
1039 SE_INCREASE_QUOTA_NAME_W,
1040 SE_MACHINE_ACCOUNT_NAME_W,
1041 SE_TCB_NAME_W,
1042 SE_SECURITY_NAME_W,
1043 SE_TAKE_OWNERSHIP_NAME_W,
1044 SE_LOAD_DRIVER_NAME_W,
1045 SE_SYSTEM_PROFILE_NAME_W,
1046 SE_SYSTEMTIME_NAME_W,
1047 SE_PROF_SINGLE_PROCESS_NAME_W,
1048 SE_INC_BASE_PRIORITY_NAME_W,
1049 SE_CREATE_PAGEFILE_NAME_W,
1050 SE_CREATE_PERMANENT_NAME_W,
1051 SE_BACKUP_NAME_W,
1052 SE_RESTORE_NAME_W,
1053 SE_SHUTDOWN_NAME_W,
1054 SE_DEBUG_NAME_W,
1055 SE_AUDIT_NAME_W,
1056 SE_SYSTEM_ENVIRONMENT_NAME_W,
1057 SE_CHANGE_NOTIFY_NAME_W,
1058 SE_REMOTE_SHUTDOWN_NAME_W,
1059 SE_UNDOCK_NAME_W,
1060 SE_SYNC_AGENT_NAME_W,
1061 SE_ENABLE_DELEGATION_NAME_W,
1062 SE_MANAGE_VOLUME_NAME_W,
1063 SE_IMPERSONATE_NAME_W,
1064 SE_CREATE_GLOBAL_NAME_W,
1065 };
1066
1067 /******************************************************************************
1068 * LookupPrivilegeValueW [ADVAPI32.@]
1069 *
1070 * See LookupPrivilegeValueA.
1071 */
1072 BOOL WINAPI
1073 LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid )
1074 {
1075 UINT i;
1076
1077 TRACE("%s,%s,%p\n",debugstr_w(lpSystemName), debugstr_w(lpName), lpLuid);
1078
1079 if (!ADVAPI_IsLocalComputer(lpSystemName))
1080 {
1081 SetLastError(RPC_S_SERVER_UNAVAILABLE);
1082 return FALSE;
1083 }
1084 if (!lpName)
1085 {
1086 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1087 return FALSE;
1088 }
1089 for( i=SE_MIN_WELL_KNOWN_PRIVILEGE; i<SE_MAX_WELL_KNOWN_PRIVILEGE; i++ )
1090 {
1091 if( !WellKnownPrivNames[i] )
1092 continue;
1093 if( strcmpiW( WellKnownPrivNames[i], lpName) )
1094 continue;
1095 lpLuid->LowPart = i;
1096 lpLuid->HighPart = 0;
1097 TRACE( "%s -> %08lx-%08lx\n",debugstr_w( lpSystemName ),
1098 lpLuid->HighPart, lpLuid->LowPart );
1099 return TRUE;
1100 }
1101 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1102 return FALSE;
1103 }
1104
1105 /******************************************************************************
1106 * LookupPrivilegeValueA [ADVAPI32.@]
1107 *
1108 * Retrieves LUID used on a system to represent the privilege name.
1109 *
1110 * PARAMS
1111 * lpSystemName [I] Name of the system
1112 * lpName [I] Name of the privilege
1113 * lpLuid [O] Destination for the resulting LUID
1114 *
1115 * RETURNS
1116 * Success: TRUE. lpLuid contains the requested LUID.
1117 * Failure: FALSE.
1118 */
1119 BOOL WINAPI
1120 LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid )
1121 {
1122 UNICODE_STRING lpSystemNameW;
1123 UNICODE_STRING lpNameW;
1124 BOOL ret;
1125
1126 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1127 RtlCreateUnicodeStringFromAsciiz(&lpNameW,lpName);
1128 ret = LookupPrivilegeValueW(lpSystemNameW.Buffer, lpNameW.Buffer, lpLuid);
1129 RtlFreeUnicodeString(&lpNameW);
1130 RtlFreeUnicodeString(&lpSystemNameW);
1131 return ret;
1132 }
1133
1134 BOOL WINAPI LookupPrivilegeDisplayNameA( LPCSTR lpSystemName, LPCSTR lpName, LPSTR lpDisplayName,
1135 LPDWORD cchDisplayName, LPDWORD lpLanguageId )
1136 {
1137 FIXME("%s %s %s %p %p - stub\n", debugstr_a(lpSystemName), debugstr_a(lpName),
1138 debugstr_a(lpDisplayName), cchDisplayName, lpLanguageId);
1139
1140 return FALSE;
1141 }
1142
1143 BOOL WINAPI LookupPrivilegeDisplayNameW( LPCWSTR lpSystemName, LPCWSTR lpName, LPWSTR lpDisplayName,
1144 LPDWORD cchDisplayName, LPDWORD lpLanguageId )
1145 {
1146 FIXME("%s %s %s %p %p - stub\n", debugstr_w(lpSystemName), debugstr_w(lpName),
1147 debugstr_w(lpDisplayName), cchDisplayName, lpLanguageId);
1148
1149 return FALSE;
1150 }
1151
1152 /******************************************************************************
1153 * LookupPrivilegeNameA [ADVAPI32.@]
1154 *
1155 * See LookupPrivilegeNameW
1156 */
1157 BOOL WINAPI
1158 LookupPrivilegeNameA( LPCSTR lpSystemName, PLUID lpLuid, LPSTR lpName,
1159 LPDWORD cchName)
1160 {
1161 UNICODE_STRING lpSystemNameW;
1162 BOOL ret;
1163 DWORD wLen = 0;
1164
1165 TRACE("%s %p %p %p\n", debugstr_a(lpSystemName), lpLuid, lpName, cchName);
1166
1167 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1168 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, NULL, &wLen);
1169 if (!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
1170 {
1171 LPWSTR lpNameW = HeapAlloc(GetProcessHeap(), 0, wLen * sizeof(WCHAR));
1172
1173 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, lpNameW,
1174 &wLen);
1175 if (ret)
1176 {
1177 /* Windows crashes if cchName is NULL, so will I */
1178 int len = WideCharToMultiByte(CP_ACP, 0, lpNameW, -1, lpName,
1179 *cchName, NULL, NULL);
1180
1181 if (len == 0)
1182 {
1183 /* WideCharToMultiByte failed */
1184 ret = FALSE;
1185 }
1186 else if (len > *cchName)
1187 {
1188 *cchName = len;
1189 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1190 ret = FALSE;
1191 }
1192 else
1193 {
1194 /* WideCharToMultiByte succeeded, output length needs to be
1195 * length not including NULL terminator
1196 */
1197 *cchName = len - 1;
1198 }
1199 }
1200 HeapFree(GetProcessHeap(), 0, lpNameW);
1201 }
1202 RtlFreeUnicodeString(&lpSystemNameW);
1203 return ret;
1204 }
1205
1206 /******************************************************************************
1207 * LookupPrivilegeNameW [ADVAPI32.@]
1208 *
1209 * Retrieves the privilege name referred to by the LUID lpLuid.
1210 *
1211 * PARAMS
1212 * lpSystemName [I] Name of the system
1213 * lpLuid [I] Privilege value
1214 * lpName [O] Name of the privilege
1215 * cchName [I/O] Number of characters in lpName.
1216 *
1217 * RETURNS
1218 * Success: TRUE. lpName contains the name of the privilege whose value is
1219 * *lpLuid.
1220 * Failure: FALSE.
1221 *
1222 * REMARKS
1223 * Only well-known privilege names (those defined in winnt.h) can be retrieved
1224 * using this function.
1225 * If the length of lpName is too small, on return *cchName will contain the
1226 * number of WCHARs needed to contain the privilege, including the NULL
1227 * terminator, and GetLastError will return ERROR_INSUFFICIENT_BUFFER.
1228 * On success, *cchName will contain the number of characters stored in
1229 * lpName, NOT including the NULL terminator.
1230 */
1231 BOOL WINAPI
1232 LookupPrivilegeNameW( LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName,
1233 LPDWORD cchName)
1234 {
1235 size_t privNameLen;
1236
1237 TRACE("%s,%p,%p,%p\n",debugstr_w(lpSystemName), lpLuid, lpName, cchName);
1238
1239 if (!ADVAPI_IsLocalComputer(lpSystemName))
1240 {
1241 SetLastError(RPC_S_SERVER_UNAVAILABLE);
1242 return FALSE;
1243 }
1244 if (lpLuid->HighPart || (lpLuid->LowPart < SE_MIN_WELL_KNOWN_PRIVILEGE ||
1245 lpLuid->LowPart > SE_MAX_WELL_KNOWN_PRIVILEGE))
1246 {
1247 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1248 return FALSE;
1249 }
1250 privNameLen = strlenW(WellKnownPrivNames[lpLuid->LowPart]);
1251 /* Windows crashes if cchName is NULL, so will I */
1252 if (*cchName <= privNameLen)
1253 {
1254 *cchName = privNameLen + 1;
1255 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1256 return FALSE;
1257 }
1258 else
1259 {
1260 strcpyW(lpName, WellKnownPrivNames[lpLuid->LowPart]);
1261 *cchName = privNameLen;
1262 return TRUE;
1263 }
1264 }
1265
1266 /******************************************************************************
1267 * GetFileSecurityA [ADVAPI32.@]
1268 *
1269 * Obtains Specified information about the security of a file or directory.
1270 *
1271 * PARAMS
1272 * lpFileName [I] Name of the file to get info for
1273 * RequestedInformation [I] SE_ flags from "winnt.h"
1274 * pSecurityDescriptor [O] Destination for security information
1275 * nLength [I] Length of pSecurityDescriptor
1276 * lpnLengthNeeded [O] Destination for length of returned security information
1277 *
1278 * RETURNS
1279 * Success: TRUE. pSecurityDescriptor contains the requested information.
1280 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
1281 *
1282 * NOTES
1283 * The information returned is constrained by the callers access rights and
1284 * privileges.
1285 */
1286 BOOL WINAPI
1287 GetFileSecurityA( LPCSTR lpFileName,
1288 SECURITY_INFORMATION RequestedInformation,
1289 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1290 DWORD nLength, LPDWORD lpnLengthNeeded )
1291 {
1292 DWORD len;
1293 BOOL r;
1294 LPWSTR name = NULL;
1295
1296 if( lpFileName )
1297 {
1298 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
1299 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1300 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
1301 }
1302
1303 r = GetFileSecurityW( name, RequestedInformation, pSecurityDescriptor,
1304 nLength, lpnLengthNeeded );
1305 HeapFree( GetProcessHeap(), 0, name );
1306
1307 return r;
1308 }
1309
1310 /******************************************************************************
1311 * GetFileSecurityW [ADVAPI32.@]
1312 *
1313 * See GetFileSecurityA.
1314 */
1315 BOOL WINAPI
1316 GetFileSecurityW( LPCWSTR lpFileName,
1317 SECURITY_INFORMATION RequestedInformation,
1318 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1319 DWORD nLength, LPDWORD lpnLengthNeeded )
1320 {
1321 DWORD nNeeded;
1322 LPBYTE pBuffer;
1323 DWORD iLocNow;
1324 SECURITY_DESCRIPTOR_RELATIVE *pSDRelative;
1325
1326 if(INVALID_FILE_ATTRIBUTES == GetFileAttributesW(lpFileName))
1327 return FALSE;
1328
1329 FIXME("(%s) : returns fake SECURITY_DESCRIPTOR\n", debugstr_w(lpFileName) );
1330
1331 nNeeded = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
1332 if (RequestedInformation & OWNER_SECURITY_INFORMATION)
1333 nNeeded += sizeof(sidWorld);
1334 if (RequestedInformation & GROUP_SECURITY_INFORMATION)
1335 nNeeded += sizeof(sidWorld);
1336 if (RequestedInformation & DACL_SECURITY_INFORMATION)
1337 nNeeded += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1338 if (RequestedInformation & SACL_SECURITY_INFORMATION)
1339 nNeeded += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1340
1341 *lpnLengthNeeded = nNeeded;
1342
1343 if (nNeeded > nLength)
1344 return TRUE;
1345
1346 if (!InitializeSecurityDescriptor(pSecurityDescriptor, SECURITY_DESCRIPTOR_REVISION))
1347 return FALSE;
1348
1349 pSDRelative = (PISECURITY_DESCRIPTOR_RELATIVE) pSecurityDescriptor;
1350 pSDRelative->Control |= SE_SELF_RELATIVE;
1351 pBuffer = (LPBYTE) pSDRelative;
1352 iLocNow = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
1353
1354 if (RequestedInformation & OWNER_SECURITY_INFORMATION)
1355 {
1356 memcpy(pBuffer + iLocNow, &sidWorld, sizeof(sidWorld));
1357 pSDRelative->Owner = iLocNow;
1358 iLocNow += sizeof(sidWorld);
1359 }
1360 if (RequestedInformation & GROUP_SECURITY_INFORMATION)
1361 {
1362 memcpy(pBuffer + iLocNow, &sidWorld, sizeof(sidWorld));
1363 pSDRelative->Group = iLocNow;
1364 iLocNow += sizeof(sidWorld);
1365 }
1366 if (RequestedInformation & DACL_SECURITY_INFORMATION)
1367 {
1368 GetWorldAccessACL((PACL) (pBuffer + iLocNow));
1369 pSDRelative->Dacl = iLocNow;
1370 iLocNow += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1371 }
1372 if (RequestedInformation & SACL_SECURITY_INFORMATION)
1373 {
1374 GetWorldAccessACL((PACL) (pBuffer + iLocNow));
1375 pSDRelative->Sacl = iLocNow;
1376 /* iLocNow += WINE_SIZE_OF_WORLD_ACCESS_ACL; */
1377 }
1378 return TRUE;
1379 }
1380
1381
1382 /******************************************************************************
1383 * LookupAccountSidA [ADVAPI32.@]
1384 */
1385 BOOL WINAPI
1386 LookupAccountSidA(
1387 IN LPCSTR system,
1388 IN PSID sid,
1389 OUT LPSTR account,
1390 IN OUT LPDWORD accountSize,
1391 OUT LPSTR domain,
1392 IN OUT LPDWORD domainSize,
1393 OUT PSID_NAME_USE name_use )
1394 {
1395 static const char ac[] = "Administrator";
1396 static const char dm[] = "DOMAIN";
1397 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1398 debugstr_a(system),sid,
1399 account,accountSize,accountSize?*accountSize:0,
1400 domain,domainSize,domainSize?*domainSize:0,
1401 name_use);
1402
1403 if (accountSize) *accountSize = strlen(ac)+1;
1404 if (account && (*accountSize > strlen(ac)))
1405 strcpy(account, ac);
1406
1407 if (domainSize) *domainSize = strlen(dm)+1;
1408 if (domain && (*domainSize > strlen(dm)))
1409 strcpy(domain,dm);
1410
1411 if (name_use) *name_use = SidTypeUser;
1412 return TRUE;
1413 }
1414
1415 /******************************************************************************
1416 * LookupAccountSidW [ADVAPI32.@]
1417 *
1418 * PARAMS
1419 * system []
1420 * sid []
1421 * account []
1422 * accountSize []
1423 * domain []
1424 * domainSize []
1425 * name_use []
1426 */
1427 BOOL WINAPI
1428 LookupAccountSidW(
1429 IN LPCWSTR system,
1430 IN PSID sid,
1431 OUT LPWSTR account,
1432 IN OUT LPDWORD accountSize,
1433 OUT LPWSTR domain,
1434 IN OUT LPDWORD domainSize,
1435 OUT PSID_NAME_USE name_use )
1436 {
1437 static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
1438 static const WCHAR dm[] = {'D','O','M','A','I','N',0};
1439 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1440 debugstr_w(system),sid,
1441 account,accountSize,accountSize?*accountSize:0,
1442 domain,domainSize,domainSize?*domainSize:0,
1443 name_use);
1444
1445 if (accountSize) *accountSize = strlenW(ac)+1;
1446 if (account && (*accountSize > strlenW(ac)))
1447 strcpyW(account, ac);
1448
1449 if (domainSize) *domainSize = strlenW(dm)+1;
1450 if (domain && (*domainSize > strlenW(dm)))
1451 strcpyW(domain,dm);
1452
1453 if (name_use) *name_use = SidTypeUser;
1454 return TRUE;
1455 }
1456
1457 /******************************************************************************
1458 * SetFileSecurityA [ADVAPI32.@]
1459 * Sets the security of a file or directory
1460 */
1461 BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
1462 SECURITY_INFORMATION RequestedInformation,
1463 PSECURITY_DESCRIPTOR pSecurityDescriptor)
1464 {
1465 DWORD len;
1466 BOOL r;
1467 LPWSTR name = NULL;
1468
1469 if( lpFileName )
1470 {
1471 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
1472 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1473 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
1474 }
1475
1476 r = SetFileSecurityW( name, RequestedInformation, pSecurityDescriptor );
1477 HeapFree( GetProcessHeap(), 0, name );
1478
1479 return r;
1480 }
1481
1482 /******************************************************************************
1483 * SetFileSecurityW [ADVAPI32.@]
1484 * Sets the security of a file or directory
1485 *
1486 * PARAMS
1487 * lpFileName []
1488 * RequestedInformation []
1489 * pSecurityDescriptor []
1490 */
1491 BOOL WINAPI
1492 SetFileSecurityW( LPCWSTR lpFileName,
1493 SECURITY_INFORMATION RequestedInformation,
1494 PSECURITY_DESCRIPTOR pSecurityDescriptor )
1495 {
1496 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
1497 return TRUE;
1498 }
1499
1500 /******************************************************************************
1501 * QueryWindows31FilesMigration [ADVAPI32.@]
1502 *
1503 * PARAMS
1504 * x1 []
1505 */
1506 BOOL WINAPI
1507 QueryWindows31FilesMigration( DWORD x1 )
1508 {
1509 FIXME("(%ld):stub\n",x1);
1510 return TRUE;
1511 }
1512
1513 /******************************************************************************
1514 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
1515 *
1516 * PARAMS
1517 * x1 []
1518 * x2 []
1519 * x3 []
1520 * x4 []
1521 */
1522 BOOL WINAPI
1523 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
1524 DWORD x4 )
1525 {
1526 FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
1527 return TRUE;
1528 }
1529
1530 NTSTATUS WINAPI
1531 LsaEnumerateTrustedDomains(
1532 LSA_HANDLE PolicyHandle,
1533 PLSA_ENUMERATION_HANDLE EnumerationContext,
1534 PVOID* Buffer,
1535 ULONG PreferedMaximumLength,
1536 PULONG CountReturned)
1537 {
1538 FIXME("(%p,%p,%p,0x%08lx,%p):stub\n", PolicyHandle, EnumerationContext,
1539 Buffer, PreferedMaximumLength, CountReturned);
1540
1541 if (CountReturned) *CountReturned = 0;
1542 return STATUS_SUCCESS;
1543 }
1544
1545 NTSTATUS WINAPI
1546 LsaLookupNames(
1547 LSA_HANDLE PolicyHandle,
1548 ULONG Count,
1549 PLSA_UNICODE_STRING Names,
1550 PLSA_REFERENCED_DOMAIN_LIST* ReferencedDomains,
1551 PLSA_TRANSLATED_SID* Sids)
1552 {
1553 FIXME("(%p,0x%08lx,%p,%p,%p):stub\n", PolicyHandle, Count, Names,
1554 ReferencedDomains, Sids);
1555
1556 return STATUS_NONE_MAPPED;
1557 }
1558
1559 /******************************************************************************
1560 * LsaOpenPolicy [ADVAPI32.@]
1561 *
1562 * PARAMS
1563 * SystemName [I]
1564 * ObjectAttributes [I]
1565 * DesiredAccess [I]
1566 * PolicyHandle [I/O]
1567 */
1568 NTSTATUS WINAPI
1569 LsaOpenPolicy(
1570 IN PLSA_UNICODE_STRING SystemName,
1571 IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
1572 IN ACCESS_MASK DesiredAccess,
1573 IN OUT PLSA_HANDLE PolicyHandle)
1574 {
1575 FIXME("(%s,%p,0x%08lx,%p):stub\n",
1576 SystemName?debugstr_w(SystemName->Buffer):"null",
1577 ObjectAttributes, DesiredAccess, PolicyHandle);
1578 ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
1579 STATUS_ACCESS_VIOLATION);
1580 dumpLsaAttributes(ObjectAttributes);
1581 if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
1582 return STATUS_SUCCESS;
1583 }
1584
1585 /******************************************************************************
1586 * LsaQueryInformationPolicy [ADVAPI32.@]
1587 */
1588 NTSTATUS WINAPI
1589 LsaQueryInformationPolicy(
1590 IN LSA_HANDLE PolicyHandle,
1591 IN POLICY_INFORMATION_CLASS InformationClass,
1592 OUT PVOID *Buffer)
1593 {
1594 FIXME("(%p,0x%08x,%p):stub\n",
1595 PolicyHandle, InformationClass, Buffer);
1596
1597 if(!Buffer) return FALSE;
1598 switch (InformationClass)
1599 {
1600 case PolicyAuditEventsInformation: /* 2 */
1601 {
1602 PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(POLICY_AUDIT_EVENTS_INFO));
1603 p->AuditingMode = FALSE; /* no auditing */
1604 *Buffer = p;
1605 }
1606 break;
1607 case PolicyPrimaryDomainInformation: /* 3 */
1608 case PolicyAccountDomainInformation: /* 5 */
1609 {
1610 struct di
1611 { POLICY_PRIMARY_DOMAIN_INFO ppdi;
1612 SID sid;
1613 };
1614 SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
1615
1616 struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(xdi));
1617 HKEY key;
1618 BOOL useDefault = TRUE;
1619 LONG ret;
1620
1621 if ((ret = RegOpenKeyExA(HKEY_LOCAL_MACHINE,
1622 "System\\CurrentControlSet\\Services\\VxD\\VNETSUP", 0,
1623 KEY_READ, &key)) == ERROR_SUCCESS)
1624 {
1625 DWORD size = 0;
1626 static const WCHAR wg[] = { 'W','o','r','k','g','r','o','u','p',0 };
1627
1628 ret = RegQueryValueExW(key, wg, NULL, NULL, NULL, &size);
1629 if (ret == ERROR_MORE_DATA || ret == ERROR_SUCCESS)
1630 {
1631 xdi->ppdi.Name.Buffer = HeapAlloc(GetProcessHeap(),
1632 HEAP_ZERO_MEMORY, size);
1633 if ((ret = RegQueryValueExW(key, wg, NULL, NULL,
1634 (LPBYTE)xdi->ppdi.Name.Buffer, &size)) == ERROR_SUCCESS)
1635 {
1636 xdi->ppdi.Name.Length = (USHORT)size;
1637 useDefault = FALSE;
1638 }
1639 else
1640 {
1641 HeapFree(GetProcessHeap(), 0, xdi->ppdi.Name.Buffer);
1642 xdi->ppdi.Name.Buffer = NULL;
1643 }
1644 }
1645 RegCloseKey(key);
1646 }
1647 if (useDefault)
1648 RtlCreateUnicodeStringFromAsciiz(&(xdi->ppdi.Name), "DOMAIN");
1649 TRACE("setting domain to %s\n", debugstr_w(xdi->ppdi.Name.Buffer));
1650
1651 xdi->ppdi.Sid = &(xdi->sid);
1652 xdi->sid.Revision = SID_REVISION;
1653 xdi->sid.SubAuthorityCount = 1;
1654 xdi->sid.IdentifierAuthority = localSidAuthority;
1655 xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
1656 *Buffer = xdi;
1657 }
1658 break;
1659 case PolicyAuditLogInformation:
1660 case PolicyPdAccountInformation:
1661 case PolicyLsaServerRoleInformation:
1662 case PolicyReplicaSourceInformation:
1663 case PolicyDefaultQuotaInformation:
1664 case PolicyModificationInformation:
1665 case PolicyAuditFullSetInformation:
1666 case PolicyAuditFullQueryInformation:
1667 case PolicyDnsDomainInformation:
1668 {
1669 FIXME("category not implemented\n");
1670 return FALSE;
1671 }
1672 }
1673 return TRUE;
1674 }
1675
1676 /******************************************************************************
1677 * LsaSetInformationPolicy [ADVAPI32.@]
1678 */
1679 NTSTATUS WINAPI
1680 LsaSetInformationPolicy(
1681 LSA_HANDLE PolicyHandle,
1682 POLICY_INFORMATION_CLASS InformationClass,
1683 PVOID Buffer)
1684 {
1685 FIXME("(%p,0x%08x,%p):stub\n", PolicyHandle, InformationClass, Buffer);
1686
1687 return STATUS_UNSUCCESSFUL;
1688 }
1689
1690 /******************************************************************************
1691 * LsaLookupSids [ADVAPI32.@]
1692 */
1693 NTSTATUS WINAPI
1694 LsaLookupSids(
1695 IN LSA_HANDLE PolicyHandle,
1696 IN ULONG Count,
1697 IN PSID *Sids,
1698 OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1699 OUT PLSA_TRANSLATED_NAME *Names )
1700 {
1701 FIXME("%p %lu %p %p %p\n",
1702 PolicyHandle, Count, Sids, ReferencedDomains, Names);
1703 return FALSE;
1704 }
1705
1706 /******************************************************************************
1707 * LsaFreeMemory [ADVAPI32.@]
1708 */
1709 NTSTATUS WINAPI
1710 LsaFreeMemory(IN PVOID Buffer)
1711 {
1712 TRACE("(%p)\n",Buffer);
1713 return HeapFree(GetProcessHeap(), 0, Buffer);
1714 }
1715 /******************************************************************************
1716 * LsaClose [ADVAPI32.@]
1717 */
1718 NTSTATUS WINAPI
1719 LsaClose(IN LSA_HANDLE ObjectHandle)
1720 {
1721 FIXME("(%p):stub\n",ObjectHandle);
1722 return 0xc0000000;
1723 }
1724
1725 /******************************************************************************
1726 * LsaStorePrivateData [ADVAPI32.@]
1727 */
1728 NTSTATUS WINAPI LsaStorePrivateData( LSA_HANDLE PolicyHandle,
1729 PLSA_UNICODE_STRING KeyName, PLSA_UNICODE_STRING PrivateData)
1730 {
1731 FIXME("%p %p %p\n", PolicyHandle, KeyName, PrivateData);
1732 return STATUS_OBJECT_NAME_NOT_FOUND;
1733 }
1734
1735 /******************************************************************************
1736 * LsaRetrievePrivateData [ADVAPI32.@]
1737 */
1738 NTSTATUS WINAPI LsaRetrievePrivateData( LSA_HANDLE PolicyHandle,
1739 PLSA_UNICODE_STRING KeyName, PLSA_UNICODE_STRING* PrivateData)
1740 {
1741 FIXME("%p %p %p\n", PolicyHandle, KeyName, PrivateData);
1742 return STATUS_OBJECT_NAME_NOT_FOUND;
1743 }
1744
1745 /******************************************************************************
1746 * LsaNtStatusToWinError [ADVAPI32.@]
1747 *
1748 * PARAMS
1749 * Status [I]
1750 */
1751 ULONG WINAPI
1752 LsaNtStatusToWinError(NTSTATUS Status)
1753 {
1754 return RtlNtStatusToDosError(Status);
1755 }
1756
1757 /******************************************************************************
1758 * NotifyBootConfigStatus [ADVAPI32.@]
1759 *
1760 * PARAMS
1761 * x1 []
1762 */
1763 BOOL WINAPI
1764 NotifyBootConfigStatus( DWORD x1 )
1765 {
1766 FIXME("(0x%08lx):stub\n",x1);
1767 return 1;
1768 }
1769
1770 /******************************************************************************
1771 * RevertToSelf [ADVAPI32.@]
1772 *
1773 * PARAMS
1774 * void []
1775 */
1776 BOOL WINAPI
1777 RevertToSelf( void )
1778 {
1779 FIXME("(), stub\n");
1780 return TRUE;
1781 }
1782
1783 /******************************************************************************
1784 * ImpersonateSelf [ADVAPI32.@]
1785 */
1786 BOOL WINAPI
1787 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1788 {
1789 return RtlImpersonateSelf(ImpersonationLevel);
1790 }
1791
1792 /******************************************************************************
1793 * ImpersonateLoggedOnUser [ADVAPI32.@]
1794 */
1795 BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
1796 {
1797 FIXME("(%p):stub returning FALSE\n", hToken);
1798 return FALSE;
1799 }
1800
1801 /******************************************************************************
1802 * AccessCheck [ADVAPI32.@]
1803 */
1804 BOOL WINAPI
1805 AccessCheck(
1806 PSECURITY_DESCRIPTOR SecurityDescriptor,
1807 HANDLE ClientToken,
1808 DWORD DesiredAccess,
1809 PGENERIC_MAPPING GenericMapping,
1810 PPRIVILEGE_SET PrivilegeSet,
1811 LPDWORD PrivilegeSetLength,
1812 LPDWORD GrantedAccess,
1813 LPBOOL AccessStatus)
1814 {
1815 NTSTATUS access_status;
1816 BOOL ret = set_ntstatus( NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
1817 GenericMapping, PrivilegeSet, PrivilegeSetLength,
1818 GrantedAccess, &access_status) );
1819 if (ret) *AccessStatus = set_ntstatus( access_status );
1820 return ret;
1821 }
1822
1823
1824 /******************************************************************************
1825 * AccessCheckByType [ADVAPI32.@]
1826 */
1827 BOOL WINAPI AccessCheckByType(
1828 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1829 PSID PrincipalSelfSid,
1830 HANDLE ClientToken,
1831 DWORD DesiredAccess,
1832 POBJECT_TYPE_LIST ObjectTypeList,
1833 DWORD ObjectTypeListLength,
1834 PGENERIC_MAPPING GenericMapping,
1835 PPRIVILEGE_SET PrivilegeSet,
1836 LPDWORD PrivilegeSetLength,
1837 LPDWORD GrantedAccess,
1838 LPBOOL AccessStatus)
1839 {
1840 FIXME("stub\n");
1841
1842 *AccessStatus = TRUE;
1843
1844 return !*AccessStatus;
1845 }
1846
1847 VOID WINAPI MapGenericMask( PDWORD AccessMask, PGENERIC_MAPPING GenericMapping )
1848 {
1849 FIXME("%p %p - stub\n", AccessMask, GenericMapping);
1850
1851 *AccessMask |= GenericMapping->GenericRead;
1852 *AccessMask |= GenericMapping->GenericWrite;
1853 *AccessMask |= GenericMapping->GenericExecute;
1854 *AccessMask |= GenericMapping->GenericAll;
1855 }
1856
1857 /*************************************************************************
1858 * SetKernelObjectSecurity [ADVAPI32.@]
1859 */
1860 BOOL WINAPI SetKernelObjectSecurity (
1861 IN HANDLE Handle,
1862 IN SECURITY_INFORMATION SecurityInformation,
1863 IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1864 {
1865 return set_ntstatus (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1866 }
1867
1868
1869 /******************************************************************************
1870 * AddAuditAccessAce [ADVAPI32.@]
1871 */
1872 BOOL WINAPI AddAuditAccessAce(
1873 IN OUT PACL pAcl,
1874 IN DWORD dwAceRevision,
1875 IN DWORD dwAccessMask,
1876 IN PSID pSid,
1877 IN BOOL bAuditSuccess,
1878 IN BOOL bAuditFailure)
1879 {
1880 FIXME("Stub\n");
1881 return TRUE;
1882 }
1883
1884 /******************************************************************************
1885 * LookupAccountNameA [ADVAPI32.@]
1886 */
1887 BOOL WINAPI
1888 LookupAccountNameA(
1889 IN LPCSTR system,
1890 IN LPCSTR account,
1891 OUT PSID sid,
1892 OUT LPDWORD cbSid,
1893 LPSTR ReferencedDomainName,
1894 IN OUT LPDWORD cbReferencedDomainName,
1895 OUT PSID_NAME_USE name_use )
1896 {
1897 /* Default implementation: Always return a default SID */
1898 SID_IDENTIFIER_AUTHORITY identifierAuthority = {SECURITY_NT_AUTHORITY};
1899 BOOL ret;
1900 PSID pSid;
1901 static const char dm[] = "DOMAIN";
1902
1903 FIXME("(%s,%s,%p,%p,%p,%p,%p), stub.\n",system,account,sid,cbSid,ReferencedDomainName,cbReferencedDomainName,name_use);
1904
1905 ret = AllocateAndInitializeSid(&identifierAuthority,
1906 2,
1907 SECURITY_BUILTIN_DOMAIN_RID,
1908 DOMAIN_ALIAS_RID_ADMINS,
1909 0, 0, 0, 0, 0, 0,
1910 &pSid);
1911
1912 if (!ret)
1913 return FALSE;
1914 if(!RtlValidSid(pSid))
1915 {
1916 FreeSid(pSid);
1917 return FALSE;
1918 }
1919
1920 if (sid != NULL && (*cbSid >= GetLengthSid(pSid)))
1921 CopySid(*cbSid, sid, pSid);
1922 if (*cbSid < GetLengthSid(pSid))
1923 {
1924 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1925 ret = FALSE;
1926 }
1927 *cbSid = GetLengthSid(pSid);
1928
1929 if (ReferencedDomainName != NULL && (*cbReferencedDomainName > strlen(dm)))
1930 strcpy(ReferencedDomainName, dm);
1931 if (*cbReferencedDomainName <= strlen(dm))
1932 {
1933 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1934 ret = FALSE;
1935 }
1936 *cbReferencedDomainName = strlen(dm)+1;
1937
1938 FreeSid(pSid);
1939
1940 return ret;
1941 }
1942
1943 /******************************************************************************
1944 * LookupAccountNameW [ADVAPI32.@]
1945 */
1946 BOOL WINAPI LookupAccountNameW( LPCWSTR lpSystemName, LPCWSTR lpAccountName, PSID Sid,
1947 LPDWORD cbSid, LPWSTR ReferencedDomainName,
1948 LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse )
1949 {
1950 FIXME("%s %s %p %p %p %p %p - stub\n", debugstr_w(lpSystemName), debugstr_w(lpAccountName),
1951 Sid, cbSid, ReferencedDomainName, cchReferencedDomainName, peUse);
1952
1953 return FALSE;
1954 }
1955
1956 /******************************************************************************
1957 * PrivilegeCheck [ADVAPI32.@]
1958 */
1959 BOOL WINAPI PrivilegeCheck( HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
1960 {
1961 BOOL ret;
1962 BOOLEAN Result;
1963
1964 TRACE("%p %p %p\n", ClientToken, RequiredPrivileges, pfResult);
1965
1966 ret = set_ntstatus (NtPrivilegeCheck (ClientToken, RequiredPrivileges, &Result));
1967 if (ret)
1968 *pfResult = Result;
1969 return ret;
1970 }
1971
1972 /******************************************************************************
1973 * AccessCheckAndAuditAlarmA [ADVAPI32.@]
1974 */
1975 BOOL WINAPI AccessCheckAndAuditAlarmA(LPCSTR Subsystem, LPVOID HandleId, LPSTR ObjectTypeName,
1976 LPSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
1977 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
1978 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
1979 {
1980 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_a(Subsystem),
1981 HandleId, debugstr_a(ObjectTypeName), debugstr_a(ObjectName),
1982 SecurityDescriptor, DesiredAccess, GenericMapping,
1983 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
1984 return TRUE;
1985 }
1986
1987 /******************************************************************************
1988 * AccessCheckAndAuditAlarmW [ADVAPI32.@]
1989 */
1990 BOOL WINAPI AccessCheckAndAuditAlarmW(LPCWSTR Subsystem, LPVOID HandleId, LPWSTR ObjectTypeName,
1991 LPWSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
1992 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
1993 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
1994 {
1995 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_w(Subsystem),
1996 HandleId, debugstr_w(ObjectTypeName), debugstr_w(ObjectName),
1997 SecurityDescriptor, DesiredAccess, GenericMapping,
1998 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
1999 return TRUE;
2000 }
2001
2002 BOOL WINAPI ObjectCloseAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
2003 {
2004 FIXME("stub (%s,%p,%x)\n", debugstr_a(SubsystemName), HandleId, GenerateOnClose);
2005
2006 return TRUE;
2007 }
2008
2009 BOOL WINAPI ObjectCloseAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
2010 {
2011 FIXME("stub (%s,%p,%x)\n", debugstr_w(SubsystemName), HandleId, GenerateOnClose);
2012
2013 return TRUE;
2014 }
2015
2016 BOOL WINAPI ObjectOpenAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, LPSTR ObjectTypeName,
2017 LPSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess,
2018 DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted,
2019 LPBOOL GenerateOnClose)
2020 {
2021 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_a(SubsystemName),
2022 HandleId, debugstr_a(ObjectTypeName), debugstr_a(ObjectName), pSecurityDescriptor,
2023 ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted,
2024 GenerateOnClose);
2025
2026 return TRUE;
2027 }
2028
2029 BOOL WINAPI ObjectOpenAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, LPWSTR ObjectTypeName,
2030 LPWSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess,
2031 DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted,
2032 LPBOOL GenerateOnClose)
2033 {
2034 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_w(SubsystemName),
2035 HandleId, debugstr_w(ObjectTypeName), debugstr_w(ObjectName), pSecurityDescriptor,
2036 ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted,
2037 GenerateOnClose);
2038
2039 return TRUE;
2040 }
2041
2042 BOOL WINAPI ObjectPrivilegeAuditAlarmA( LPCSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken,
2043 DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2044 {
2045 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_a(SubsystemName), HandleId, ClientToken,
2046 DesiredAccess, Privileges, AccessGranted);
2047
2048 return TRUE;
2049 }
2050
2051 BOOL WINAPI ObjectPrivilegeAuditAlarmW( LPCWSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken,
2052 DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2053 {
2054 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_w(SubsystemName), HandleId, ClientToken,
2055 DesiredAccess, Privileges, AccessGranted);
2056
2057 return TRUE;
2058 }
2059
2060 BOOL WINAPI PrivilegedServiceAuditAlarmA( LPCSTR SubsystemName, LPCSTR ServiceName, HANDLE ClientToken,
2061 PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2062 {
2063 FIXME("stub (%s,%s,%p,%p,%x)\n", debugstr_a(SubsystemName), debugstr_a(ServiceName),
2064 ClientToken, Privileges, AccessGranted);
2065
2066 return TRUE;
2067 }
2068
2069 BOOL WINAPI PrivilegedServiceAuditAlarmW( LPCWSTR SubsystemName, LPCWSTR ServiceName, HANDLE ClientToken,
2070 PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2071 {
2072 FIXME("stub %s,%s,%p,%p,%x)\n", debugstr_w(SubsystemName), debugstr_w(ServiceName),
2073 ClientToken, Privileges, AccessGranted);
2074
2075 return TRUE;
2076 }
2077
2078 /******************************************************************************
2079 * GetSecurityInfo [ADVAPI32.@]
2080 */
2081 DWORD WINAPI GetSecurityInfo(
2082 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
2083 SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner,
2084 PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl,
2085 PSECURITY_DESCRIPTOR *ppSecurityDescriptor
2086 )
2087 {
2088 FIXME("stub!\n");
2089 return ERROR_BAD_PROVIDER;
2090 }
2091
2092 /******************************************************************************
2093 * GetSecurityInfoExW [ADVAPI32.@]
2094 */
2095 DWORD WINAPI GetSecurityInfoExW(
2096 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
2097 SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider,
2098 LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList,
2099 PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup
2100 )
2101 {
2102 FIXME("stub!\n");
2103 return ERROR_BAD_PROVIDER;
2104 }
2105
2106 /******************************************************************************
2107 * BuildExplicitAccessWithNameA [ADVAPI32.@]
2108 */
2109 VOID WINAPI BuildExplicitAccessWithNameA( PEXPLICIT_ACCESSA pExplicitAccess,
2110 LPSTR pTrusteeName, DWORD AccessPermissions,
2111 ACCESS_MODE AccessMode, DWORD Inheritance )
2112 {
2113 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess, debugstr_a(pTrusteeName),
2114 AccessPermissions, AccessMode, Inheritance);
2115
2116 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2117 pExplicitAccess->grfAccessMode = AccessMode;
2118 pExplicitAccess->grfInheritance = Inheritance;
2119
2120 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2121 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2122 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2123 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2124 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2125 }
2126
2127 /******************************************************************************
2128 * BuildExplicitAccessWithNameW [ADVAPI32.@]
2129 */
2130 VOID WINAPI BuildExplicitAccessWithNameW( PEXPLICIT_ACCESSW pExplicitAccess,
2131 LPWSTR pTrusteeName, DWORD AccessPermissions,
2132 ACCESS_MODE AccessMode, DWORD Inheritance )
2133 {
2134 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess, debugstr_w(pTrusteeName),
2135 AccessPermissions, AccessMode, Inheritance);
2136
2137 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2138 pExplicitAccess->grfAccessMode = AccessMode;
2139 pExplicitAccess->grfInheritance = Inheritance;
2140
2141 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2142 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2143 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2144 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2145 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2146 }
2147
2148 /******************************************************************************
2149 * BuildTrusteeWithObjectsAndNameA [ADVAPI32.@]
2150 */
2151 VOID WINAPI BuildTrusteeWithObjectsAndNameA( PTRUSTEEA pTrustee, POBJECTS_AND_NAME_A pObjName,
2152 SE_OBJECT_TYPE ObjectType, LPSTR ObjectTypeName,
2153 LPSTR InheritedObjectTypeName, LPSTR Name )
2154 {
2155 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2156 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_a(Name));
2157
2158 pTrustee->pMultipleTrustee = NULL;
2159 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2160 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2161 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2162 pTrustee->ptstrName = Name;
2163 }
2164
2165 /******************************************************************************
2166 * BuildTrusteeWithObjectsAndNameW [ADVAPI32.@]
2167 */
2168 VOID WINAPI BuildTrusteeWithObjectsAndNameW( PTRUSTEEW pTrustee, POBJECTS_AND_NAME_W pObjName,
2169 SE_OBJECT_TYPE ObjectType, LPWSTR ObjectTypeName,
2170 LPWSTR InheritedObjectTypeName, LPWSTR Name )
2171 {
2172 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2173 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_w(Name));
2174
2175 pTrustee->pMultipleTrustee = NULL;
2176 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2177 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2178 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2179 pTrustee->ptstrName = Name;
2180 }
2181
2182 VOID WINAPI BuildTrusteeWithObjectsAndSidA( PTRUSTEEA pTrustee, POBJECTS_AND_SID pObjSid,
2183 GUID* pObjectGuid, GUID* pInheritedObjectGuid, PSID pSid )
2184 {
2185 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2186
2187 pTrustee->pMultipleTrustee = NULL;
2188 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2189 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2190 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2191 pTrustee->ptstrName = (LPSTR) pSid;
2192 }
2193
2194 VOID WINAPI BuildTrusteeWithObjectsAndSidW( PTRUSTEEW pTrustee, POBJECTS_AND_SID pObjSid,
2195 GUID* pObjectGuid, GUID* pInheritedObjectGuid, PSID pSid )
2196 {
2197 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2198
2199 pTrustee->pMultipleTrustee = NULL;
2200 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2201 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2202 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2203 pTrustee->ptstrName = (LPWSTR) pSid;
2204 }
2205
2206 /******************************************************************************
2207 * BuildTrusteeWithSidA [ADVAPI32.@]
2208 */
2209 VOID WINAPI BuildTrusteeWithSidA(PTRUSTEEA pTrustee, PSID pSid)
2210 {
2211 TRACE("%p %p\n", pTrustee, pSid);
2212
2213 pTrustee->pMultipleTrustee = NULL;
2214 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2215 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2216 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2217 pTrustee->ptstrName = (LPSTR) pSid;
2218 }
2219
2220 /******************************************************************************
2221 * BuildTrusteeWithSidW [ADVAPI32.@]
2222 */
2223 VOID WINAPI BuildTrusteeWithSidW(PTRUSTEEW pTrustee, PSID pSid)
2224 {
2225 TRACE("%p %p\n", pTrustee, pSid);
2226
2227 pTrustee->pMultipleTrustee = NULL;
2228 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2229 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2230 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2231 pTrustee->ptstrName = (LPWSTR) pSid;
2232 }
2233
2234 /******************************************************************************
2235 * BuildTrusteeWithNameA [ADVAPI32.@]
2236 */
2237 VOID WINAPI BuildTrusteeWithNameA(PTRUSTEEA pTrustee, LPSTR name)
2238 {
2239 TRACE("%p %s\n", pTrustee, debugstr_a(name) );
2240
2241 pTrustee->pMultipleTrustee = NULL;
2242 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2243 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2244 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2245 pTrustee->ptstrName = name;
2246 }
2247
2248 /******************************************************************************
2249 * BuildTrusteeWithNameW [ADVAPI32.@]
2250 */
2251 VOID WINAPI BuildTrusteeWithNameW(PTRUSTEEW pTrustee, LPWSTR name)
2252 {
2253 TRACE("%p %s\n", pTrustee, debugstr_w(name) );
2254
2255 pTrustee->pMultipleTrustee = NULL;
2256 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2257 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2258 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2259 pTrustee->ptstrName = name;
2260 }
2261
2262 BOOL WINAPI SetAclInformation( PACL pAcl, LPVOID pAclInformation,
2263 DWORD nAclInformationLength,
2264 ACL_INFORMATION_CLASS dwAclInformationClass )
2265 {
2266 FIXME("%p %p 0x%08lx 0x%08x - stub\n", pAcl, pAclInformation,
2267 nAclInformationLength, dwAclInformationClass);
2268
2269 return TRUE;
2270 }
2271
2272 /******************************************************************************
2273 * SetEntriesInAclA [ADVAPI32.@]
2274 */
2275 DWORD WINAPI SetEntriesInAclA( ULONG count, PEXPLICIT_ACCESSA pEntries,
2276 PACL OldAcl, PACL* NewAcl )
2277 {
2278 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
2279 return ERROR_CALL_NOT_IMPLEMENTED;
2280 }
2281
2282 /******************************************************************************
2283 * SetEntriesInAclW [ADVAPI32.@]
2284 */
2285 DWORD WINAPI SetEntriesInAclW( ULONG count, PEXPLICIT_ACCESSW pEntries,
2286 PACL OldAcl, PACL* NewAcl )
2287 {
2288 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
2289 return ERROR_CALL_NOT_IMPLEMENTED;
2290 }
2291
2292 /******************************************************************************
2293 * SetNamedSecurityInfoA [ADVAPI32.@]
2294 */
2295 DWORD WINAPI SetNamedSecurityInfoA(LPSTR pObjectName,
2296 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2297 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
2298 {
2299 DWORD len;
2300 LPWSTR wstr = NULL;
2301 DWORD r;
2302
2303 TRACE("%s %d %ld %p %p %p %p\n", debugstr_a(pObjectName), ObjectType,
2304 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
2305
2306 if( pObjectName )
2307 {
2308 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
2309 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
2310 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
2311 }
2312
2313 r = SetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, psidOwner,
2314 psidGroup, pDacl, pSacl );
2315
2316 HeapFree( GetProcessHeap(), 0, wstr );
2317
2318 return r;
2319 }
2320
2321 BOOL WINAPI SetPrivateObjectSecurity( SECURITY_INFORMATION SecurityInformation,
2322 PSECURITY_DESCRIPTOR ModificationDescriptor,
2323 PSECURITY_DESCRIPTOR* ObjectsSecurityDescriptor,
2324 PGENERIC_MAPPING GenericMapping,
2325 HANDLE Token )
2326 {
2327 FIXME("0x%08lx %p %p %p %p - stub\n", SecurityInformation, ModificationDescriptor,
2328 ObjectsSecurityDescriptor, GenericMapping, Token);
2329
2330 return TRUE;
2331 }
2332
2333 BOOL WINAPI SetSecurityDescriptorControl( PSECURITY_DESCRIPTOR pSecurityDescriptor,
2334 SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest,
2335 SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet )
2336 {
2337 FIXME("%p 0x%08x 0x%08x - stub\n", pSecurityDescriptor, ControlBitsOfInterest,
2338 ControlBitsToSet);
2339
2340 return TRUE;
2341 }
2342
2343 BOOL WINAPI AreAllAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
2344 {
2345 return RtlAreAllAccessesGranted( GrantedAccess, DesiredAccess );
2346 }
2347
2348 /******************************************************************************
2349 * AreAnyAccessesGranted [ADVAPI32.@]
2350 *
2351 * Determines whether or not any of a set of specified access permissions have
2352 * been granted or not.
2353 *
2354 * PARAMS
2355 * GrantedAccess [I] The permissions that have been granted.
2356 * DesiredAccess [I] The permissions that you want to have.
2357 *
2358 * RETURNS
2359 * Nonzero if any of the permissions have been granted, zero if none of the
2360 * permissions have been granted.
2361 */
2362
2363 BOOL WINAPI AreAnyAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
2364 {
2365 return RtlAreAnyAccessesGranted( GrantedAccess, DesiredAccess );
2366 }
2367
2368 /******************************************************************************
2369 * SetNamedSecurityInfoW [ADVAPI32.@]
2370 */
2371 DWORD WINAPI SetNamedSecurityInfoW(LPWSTR pObjectName,
2372 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2373 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
2374 {
2375 FIXME("%s %d %ld %p %p %p %p\n", debugstr_w(pObjectName), ObjectType,
2376 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
2377 return ERROR_SUCCESS;
2378 }
2379
2380 /******************************************************************************
2381 * GetExplicitEntriesFromAclA [ADVAPI32.@]
2382 */
2383 DWORD WINAPI GetExplicitEntriesFromAclA( PACL pacl, PULONG pcCountOfExplicitEntries,
2384 PEXPLICIT_ACCESSA* pListOfExplicitEntries)
2385 {
2386 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
2387 return ERROR_CALL_NOT_IMPLEMENTED;
2388 }
2389
2390 /******************************************************************************
2391 * GetExplicitEntriesFromAclW [ADVAPI32.@]
2392 */
2393 DWORD WINAPI GetExplicitEntriesFromAclW( PACL pacl, PULONG pcCountOfExplicitEntries,
2394 PEXPLICIT_ACCESSW* pListOfExplicitEntries)
2395 {
2396 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
2397 return ERROR_CALL_NOT_IMPLEMENTED;
2398 }
2399
2400
2401 /******************************************************************************
2402 * ParseAclStringFlags
2403 */
2404 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl)
2405 {
2406 DWORD flags = 0;
2407 LPCWSTR szAcl = *StringAcl;
2408
2409 while (*szAcl != '(')
2410 {
2411 if (*szAcl == 'P')
2412 {
2413 flags |= SE_DACL_PROTECTED;
2414 }
2415 else if (*szAcl == 'A')
2416 {
2417 szAcl++;
2418 if (*szAcl == 'R')
2419 flags |= SE_DACL_AUTO_INHERIT_REQ;
2420 else if (*szAcl == 'I')
2421 flags |= SE_DACL_AUTO_INHERITED;
2422 }
2423 szAcl++;
2424 }
2425
2426 *StringAcl = szAcl;
2427 return flags;
2428 }
2429
2430 /******************************************************************************
2431 * ParseAceStringType
2432 */
2433 ACEFLAG AceType[] =
2434 {
2435 { SDDL_ACCESS_ALLOWED, ACCESS_ALLOWED_ACE_TYPE },
2436 { SDDL_ALARM, SYSTEM_ALARM_ACE_TYPE },
2437 { SDDL_AUDIT, SYSTEM_AUDIT_ACE_TYPE },
2438 { SDDL_ACCESS_DENIED, ACCESS_DENIED_ACE_TYPE },
2439 /*
2440 { SDDL_OBJECT_ACCESS_ALLOWED, ACCESS_ALLOWED_OBJECT_ACE_TYPE },
2441 { SDDL_OBJECT_ACCESS_DENIED, ACCESS_DENIED_OBJECT_ACE_TYPE },
2442 { SDDL_OBJECT_ALARM, SYSTEM_ALARM_OBJECT_ACE_TYPE },
2443 { SDDL_OBJECT_AUDIT, SYSTEM_AUDIT_OBJECT_ACE_TYPE },
2444 */
2445 { NULL, 0 },
2446 };
2447
2448 static BYTE ParseAceStringType(LPCWSTR* StringAcl)
2449 {
2450 UINT len = 0;
2451 LPCWSTR szAcl = *StringAcl;
2452 LPACEFLAG lpaf = AceType;
2453
2454 while (lpaf->wstr &&
2455 (len = strlenW(lpaf->wstr)) &&
2456 strncmpW(lpaf->wstr, szAcl, len))
2457 lpaf++;
2458
2459 if (!lpaf->wstr)
2460 return 0;
2461
2462 *StringAcl += len;
2463 return lpaf->value;
2464 }
2465
2466
2467 /******************************************************************************
2468 * ParseAceStringFlags
2469 */
2470 ACEFLAG AceFlags[] =
2471 {
2472 { SDDL_CONTAINER_INHERIT, CONTAINER_INHERIT_ACE },
2473 { SDDL_AUDIT_FAILURE, FAILED_ACCESS_ACE_FLAG },
2474 { SDDL_INHERITED, INHERITED_ACE },
2475 { SDDL_INHERIT_ONLY, INHERIT_ONLY_ACE },
2476 { SDDL_NO_PROPAGATE, NO_PROPAGATE_INHERIT_ACE },
2477 { SDDL_OBJECT_INHERIT, OBJECT_INHERIT_ACE },
2478 { SDDL_AUDIT_SUCCESS, SUCCESSFUL_ACCESS_ACE_FLAG },
2479 { NULL, 0 },
2480 };
2481
2482 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl)
2483 {
2484 UINT len = 0;
2485 BYTE flags = 0;
2486 LPCWSTR szAcl = *StringAcl;
2487
2488 while (*szAcl != ';')
2489 {
2490 LPACEFLAG lpaf = AceFlags;
2491
2492 while (lpaf->wstr &&
2493 (len = strlenW(lpaf->wstr)) &&
2494 strncmpW(lpaf->wstr, szAcl, len))
2495 lpaf++;
2496
2497 if (!lpaf->wstr)
2498 return 0;
2499
2500 flags |= lpaf->value;
2501 szAcl += len;
2502 }
2503
2504 *StringAcl = szAcl;
2505 return flags;
2506 }
2507
2508
2509 /******************************************************************************
2510 * ParseAceStringRights
2511 */
2512 ACEFLAG AceRights[] =
2513 {
2514 { SDDL_GENERIC_ALL, GENERIC_ALL },
2515 { SDDL_GENERIC_READ, GENERIC_READ },
2516 { SDDL_GENERIC_WRITE, GENERIC_WRITE },
2517 { SDDL_GENERIC_EXECUTE, GENERIC_EXECUTE },
2518 { SDDL_READ_CONTROL, READ_CONTROL },
2519 { SDDL_STANDARD_DELETE, DELETE },
2520 { SDDL_WRITE_DAC, WRITE_DAC },
2521 { SDDL_WRITE_OWNER, WRITE_OWNER },
2522 { NULL, 0 },
2523 };
2524
2525 static DWORD ParseAceStringRights(LPCWSTR* StringAcl)
2526 {
2527 UINT len = 0;
2528 DWORD rights = 0;
2529 LPCWSTR szAcl = *StringAcl;
2530
2531 if ((*szAcl == '0') && (*(szAcl + 1) == 'x'))
2532 {
2533 LPCWSTR p = szAcl;
2534
2535 while (*p && *p != ';')
2536 p++;
2537
2538 if (p - szAcl <= 8)
2539 {
2540 rights = strtoulW(szAcl, NULL, 16);
2541 *StringAcl = p;
2542 }
2543 else
2544 WARN("Invalid rights string format: %s\n", debugstr_wn(szAcl, p - szAcl));
2545 }
2546 else
2547 {
2548 while (*szAcl != ';')
2549 {
2550 LPACEFLAG lpaf = AceRights;
2551
2552 while (lpaf->wstr &&
2553 (len = strlenW(lpaf->wstr)) &&
2554 strncmpW(lpaf->wstr, szAcl, len))
2555 {
2556 lpaf++;
2557 }
2558
2559 if (!lpaf->wstr)
2560 return 0;
2561
2562 rights |= lpaf->value;
2563 szAcl += len;
2564 }
2565 }
2566
2567 *StringAcl = szAcl;
2568 return rights;
2569 }
2570
2571
2572 /******************************************************************************
2573 * ParseStringAclToAcl
2574 *
2575 * dacl_flags(string_ace1)(string_ace2)... (string_acen)
2576 */
2577 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
2578 PACL pAcl, LPDWORD cBytes)
2579 {
2580 DWORD val;
2581 DWORD sidlen;
2582 DWORD length = sizeof(ACL);
2583 PACCESS_ALLOWED_ACE pAce = NULL; /* pointer to current ACE */
2584
2585 TRACE("%s\n", debugstr_w(StringAcl));
2586
2587 if (!StringAcl)
2588 return FALSE;
2589
2590 if (pAcl) /* pAce is only useful if we're setting values */
2591 pAce = (PACCESS_ALLOWED_ACE) ((LPBYTE)pAcl + sizeof(PACL));
2592
2593 /* Parse ACL flags */
2594 *lpdwFlags = ParseAclStringFlags(&StringAcl);
2595
2596 /* Parse ACE */
2597 while (*StringAcl == '(')
2598 {
2599 StringAcl++;
2600
2601 /* Parse ACE type */
2602 val = ParseAceStringType(&StringAcl);
2603 if (pAce)
2604 pAce->Header.AceType = (BYTE) val;
2605 if (*StringAcl != ';')
2606 goto lerr;
2607 StringAcl++;
2608
2609 /* Parse ACE flags */
2610 val = ParseAceStringFlags(&StringAcl);
2611 if (pAce)
2612 pAce->Header.AceFlags = (BYTE) val;
2613 if (*StringAcl != ';')
2614 goto lerr;
2615 StringAcl++;
2616
2617 /* Parse ACE rights */
2618 val = ParseAceStringRights(&StringAcl);
2619 if (pAce)
2620 pAce->Mask = val;
2621 if (*StringAcl != ';')
2622 goto lerr;
2623 StringAcl++;
2624
2625 /* Parse ACE object guid */
2626 if (*StringAcl != ';')
2627 {
2628 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2629 goto lerr;
2630 }
2631 StringAcl++;
2632
2633 /* Parse ACE inherit object guid */
2634 if (*StringAcl != ';')
2635 {
2636 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2637 goto lerr;
2638 }
2639 StringAcl++;
2640
2641 /* Parse ACE account sid */
2642 if (ParseStringSidToSid(StringAcl, pAce ? (PSID)&pAce->SidStart : NULL, &sidlen))
2643 {
2644 while (*StringAcl && *StringAcl != ')')
2645 StringAcl++;
2646 }
2647
2648 if (*StringAcl != ')')
2649 goto lerr;
2650 StringAcl++;
2651
2652 length += sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + sidlen;
2653 }
2654
2655 *cBytes = length;
2656 return TRUE;
2657
2658 lerr:
2659 WARN("Invalid ACE string format\n");
2660 return FALSE;
2661 }
2662
2663
2664 /******************************************************************************
2665 * ParseStringSecurityDescriptorToSecurityDescriptor
2666 */
2667 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
2668 LPCWSTR StringSecurityDescriptor,
2669 SECURITY_DESCRIPTOR* SecurityDescriptor,
2670 LPDWORD cBytes)
2671 {
2672 BOOL bret = FALSE;
2673 WCHAR toktype;
2674 WCHAR tok[MAX_PATH];
2675 LPCWSTR lptoken;
2676 LPBYTE lpNext = NULL;
2677 DWORD len;
2678
2679 *cBytes = 0;
2680
2681 if (SecurityDescriptor)
2682 lpNext = ((LPBYTE) SecurityDescriptor) + sizeof(SECURITY_DESCRIPTOR);
2683
2684 while (*StringSecurityDescriptor)
2685 {
2686 toktype = *StringSecurityDescriptor;
2687
2688 /* Expect char identifier followed by ':' */
2689 StringSecurityDescriptor++;
2690 if (*StringSecurityDescriptor != ':')
2691 {
2692 SetLastError(ERROR_INVALID_PARAMETER);
2693 goto lend;
2694 }
2695 StringSecurityDescriptor++;
2696
2697 /* Extract token */
2698 lptoken = StringSecurityDescriptor;
2699 while (*lptoken && *lptoken != ':')
2700 lptoken++;
2701
2702 if (*lptoken)
2703 lptoken--;
2704
2705 len = lptoken - StringSecurityDescriptor;
2706 memcpy( tok, StringSecurityDescriptor, len * sizeof(WCHAR) );
2707 tok[len] = 0;
2708
2709 switch (toktype)
2710 {
2711 case 'O':
2712 {
2713 DWORD bytes;
2714
2715 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
2716 goto lend;
2717
2718 if (SecurityDescriptor)
2719 {
2720 SecurityDescriptor->Owner = (PSID) ((DWORD) lpNext -
2721 (DWORD) SecurityDescriptor);
2722 lpNext += bytes; /* Advance to next token */
2723 }
2724
2725 *cBytes += bytes;
2726
2727 break;
2728 }
2729
2730 case 'G':
2731 {
2732 DWORD bytes;
2733
2734 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
2735 goto lend;
2736
2737 if (SecurityDescriptor)
2738 {
2739 SecurityDescriptor->Group = (PSID) ((DWORD) lpNext -
2740 (DWORD) SecurityDescriptor);
2741 lpNext += bytes; /* Advance to next token */
2742 }
2743
2744 *cBytes += bytes;
2745
2746 break;
2747 }
2748
2749 case 'D':
2750 {
2751 DWORD flags;
2752 DWORD bytes;
2753
2754 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2755 goto lend;
2756
2757 if (SecurityDescriptor)
2758 {
2759 SecurityDescriptor->Control |= SE_DACL_PRESENT | flags;
2760 SecurityDescriptor->Dacl = (PACL) ((DWORD) lpNext -
2761 (DWORD) SecurityDescriptor);
2762 lpNext += bytes; /* Advance to next token */
2763 }
2764
2765 *cBytes += bytes;
2766
2767 break;
2768 }
2769
2770 case 'S':
2771 {
2772 DWORD flags;
2773 DWORD bytes;
2774
2775 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2776 goto lend;
2777
2778 if (SecurityDescriptor)
2779 {
2780 SecurityDescriptor->Control |= SE_SACL_PRESENT | flags;
2781 SecurityDescriptor->Sacl = (PACL) ((DWORD) lpNext -
2782 (DWORD) SecurityDescriptor);
2783 lpNext += bytes; /* Advance to next token */
2784 }
2785
2786 *cBytes += bytes;
2787
2788 break;
2789 }
2790
2791 default:
2792 FIXME("Unknown token\n");
2793 SetLastError(ERROR_INVALID_PARAMETER);
2794 goto lend;
2795 }
2796
2797 StringSecurityDescriptor = lptoken;
2798 }
2799
2800 bret = TRUE;
2801
2802 lend:
2803 return bret;
2804 }
2805
2806 /******************************************************************************
2807 * ConvertStringSecurityDescriptorToSecurityDescriptorA [ADVAPI32.@]
2808 */
2809 BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA(
2810 LPCSTR StringSecurityDescriptor,
2811 DWORD StringSDRevision,
2812 PSECURITY_DESCRIPTOR* SecurityDescriptor,
2813 PULONG SecurityDescriptorSize)
2814 {
2815 UINT len;
2816 BOOL ret = FALSE;
2817 LPWSTR StringSecurityDescriptorW;
2818
2819 len = MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, NULL, 0);
2820 StringSecurityDescriptorW = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
2821
2822 if (StringSecurityDescriptorW)
2823 {
2824 MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, StringSecurityDescriptorW, len);
2825
2826 ret = ConvertStringSecurityDescriptorToSecurityDescriptorW(StringSecurityDescriptorW,
2827 StringSDRevision, SecurityDescriptor,
2828 SecurityDescriptorSize);
2829 HeapFree(GetProcessHeap(), 0, StringSecurityDescriptorW);
2830 }
2831
2832 return ret;
2833 }
2834
2835 /******************************************************************************
2836 * ConvertStringSecurityDescriptorToSecurityDescriptorW [ADVAPI32.@]
2837 */
2838 BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW(
2839 LPCWSTR StringSecurityDescriptor,
2840 DWORD StringSDRevision,
2841 PSECURITY_DESCRIPTOR* SecurityDescriptor,
2842 PULONG SecurityDescriptorSize)
2843 {
2844 DWORD cBytes;
2845 SECURITY_DESCRIPTOR* psd;
2846 BOOL bret = FALSE;
2847
2848 TRACE("%s\n", debugstr_w(StringSecurityDescriptor));
2849
2850 if (GetVersion() & 0x80000000)
2851 {
2852 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2853 goto lend;
2854 }
2855 else if (StringSDRevision != SID_REVISION)
2856 {
2857 SetLastError(ERROR_UNKNOWN_REVISION);
2858 goto lend;
2859 }
2860
2861 /* Compute security descriptor length */
2862 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2863 NULL, &cBytes))
2864 goto lend;
2865
2866 psd = *SecurityDescriptor = (SECURITY_DESCRIPTOR*) LocalAlloc(
2867 GMEM_ZEROINIT, cBytes);
2868
2869 psd->Revision = SID_REVISION;
2870 psd->Control |= SE_SELF_RELATIVE;
2871
2872 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2873 psd, &cBytes))
2874 {
2875 LocalFree(psd);
2876 goto lend;
2877 }
2878
2879 if (SecurityDescriptorSize)
2880 *SecurityDescriptorSize = cBytes;
2881
2882 bret = TRUE;
2883
2884 lend:
2885 TRACE(" ret=%d\n", bret);
2886 return bret;
2887 }
2888
2889 /******************************************************************************
2890 * ConvertStringSidToSidW [ADVAPI32.@]
2891 */
2892 BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID* Sid)
2893 {
2894 BOOL bret = FALSE;
2895 DWORD cBytes;
2896
2897 TRACE("%s, %p\n", debugstr_w(StringSid), Sid);
2898 if (GetVersion() & 0x80000000)
2899 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2900 else if (!StringSid || !Sid)
2901 SetLastError(ERROR_INVALID_PARAMETER);
2902 else if (ParseStringSidToSid(StringSid, NULL, &cBytes))
2903 {
2904 PSID pSid = *Sid = (PSID) LocalAlloc(0, cBytes);
2905
2906 bret = ParseStringSidToSid(StringSid, pSid, &cBytes);
2907 if (!bret)
2908 LocalFree(*Sid);
2909 }
2910 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
2911 return bret;
2912 }
2913
2914 /******************************************************************************
2915 * ConvertStringSidToSidA [ADVAPI32.@]
2916 */
2917 BOOL WINAPI ConvertStringSidToSidA(LPCSTR StringSid, PSID* Sid)
2918 {
2919 BOOL bret = FALSE;
2920
2921 TRACE("%s, %p\n", debugstr_a(StringSid), Sid);
2922 if (GetVersion() & 0x80000000)
2923 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2924 else if (!StringSid || !Sid)
2925 SetLastError(ERROR_INVALID_PARAMETER);
2926 else
2927 {
2928 UINT len = MultiByteToWideChar(CP_ACP, 0, StringSid, -1, NULL, 0);
2929 LPWSTR wStringSid = HeapAlloc(GetProcessHeap(), 0,
2930 len * sizeof(WCHAR));
2931
2932 MultiByteToWideChar(CP_ACP, 0, StringSid, -1, wStringSid, len);
2933 bret = ConvertStringSidToSidW(wStringSid, Sid);
2934 HeapFree(GetProcessHeap(), 0, wStringSid);
2935 }
2936 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
2937 return bret;
2938 }
2939
2940 /******************************************************************************
2941 * ConvertSidToStringSidW [ADVAPI32.@]
2942 *
2943 * format of SID string is:
2944 * S-<count>-<auth>-<subauth1>-<subauth2>-<subauth3>...
2945 * where
2946 * <rev> is the revision of the SID encoded as decimal
2947 * <auth> is the identifier authority encoded as hex
2948 * <subauthN> is the subauthority id encoded as decimal
2949 */
2950 BOOL WINAPI ConvertSidToStringSidW( PSID pSid, LPWSTR *pstr )
2951 {
2952 DWORD sz, i;
2953 LPWSTR str;
2954 WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 };
2955 WCHAR subauthfmt[] = { '-','%','u',0 };
2956 SID* pisid=pSid;
2957
2958 TRACE("%p %p\n", pSid, pstr );
2959
2960 if( !IsValidSid( pSid ) )
2961 return FALSE;
2962
2963 if (pisid->Revision != SDDL_REVISION)
2964 return FALSE;
2965 if (pisid->IdentifierAuthority.Value[0] ||
2966 pisid->IdentifierAuthority.Value[1])
2967 {
2968 FIXME("not matching MS' bugs\n");
2969 return FALSE;
2970 }
2971
2972 sz = 14 + pisid->SubAuthorityCount * 11;
2973 str = LocalAlloc( 0, sz*sizeof(WCHAR) );
2974 sprintfW( str, fmt, pisid->Revision, MAKELONG(
2975 MAKEWORD( pisid->IdentifierAuthority.Value[5],
2976 pisid->IdentifierAuthority.Value[4] ),
2977 MAKEWORD( pisid->IdentifierAuthority.Value[3],
2978 pisid->IdentifierAuthority.Value[2] ) ) );
2979 for( i=0; i<pisid->SubAuthorityCount; i++ )
2980 sprintfW( str + strlenW(str), subauthfmt, pisid->SubAuthority[i] );
2981 *pstr = str;
2982
2983 return TRUE;
2984 }
2985
2986 /******************************************************************************
2987 * ConvertSidToStringSidA [ADVAPI32.@]
2988 */
2989 BOOL WINAPI ConvertSidToStringSidA(PSID pSid, LPSTR *pstr)
2990 {
2991 LPWSTR wstr = NULL;
2992 LPSTR str;
2993 UINT len;
2994
2995 TRACE("%p %p\n", pSid, pstr );
2996
2997 if( !ConvertSidToStringSidW( pSid, &wstr ) )
2998 return FALSE;
2999
3000 len = WideCharToMultiByte( CP_ACP, 0, wstr, -1, NULL, 0, NULL, NULL );
3001 str = LocalAlloc( 0, len );
3002 WideCharToMultiByte( CP_ACP, 0, wstr, -1, str, len, NULL, NULL );
3003 LocalFree( wstr );
3004
3005 *pstr = str;
3006
3007 return TRUE;
3008 }
3009
3010 BOOL WINAPI CreatePrivateObjectSecurity(
3011 PSECURITY_DESCRIPTOR ParentDescriptor,
3012 PSECURITY_DESCRIPTOR CreatorDescriptor,
3013 PSECURITY_DESCRIPTOR* NewDescriptor,
3014 BOOL IsDirectoryObject,
3015 HANDLE Token,
3016 PGENERIC_MAPPING GenericMapping )
3017 {
3018 FIXME("%p %p %p %d %p %p - stub\n", ParentDescriptor, CreatorDescriptor,
3019 NewDescriptor, IsDirectoryObject, Token, GenericMapping);
3020
3021 return FALSE;
3022 }
3023
3024 BOOL WINAPI DestroyPrivateObjectSecurity( PSECURITY_DESCRIPTOR* ObjectDescriptor )
3025 {
3026 FIXME("%p - stub\n", ObjectDescriptor);
3027
3028 return TRUE;
3029 }
3030
3031 BOOL WINAPI CreateProcessAsUserA(
3032 HANDLE hToken,
3033 LPCSTR lpApplicationName,
3034 LPSTR lpCommandLine,
3035 LPSECURITY_ATTRIBUTES lpProcessAttributes,
3036 LPSECURITY_ATTRIBUTES lpThreadAttributes,
3037 BOOL bInheritHandles,
3038 DWORD dwCreationFlags,
3039 LPVOID lpEnvironment,
3040 LPCSTR lpCurrentDirectory,
3041 LPSTARTUPINFOA lpStartupInfo,
3042 LPPROCESS_INFORMATION lpProcessInformation )
3043 {
3044 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - stub\n", hToken, debugstr_a(lpApplicationName),
3045 debugstr_a(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
3046 dwCreationFlags, lpEnvironment, debugstr_a(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
3047
3048 return FALSE;
3049 }
3050
3051 BOOL WINAPI CreateProcessAsUserW(
3052 HANDLE hToken,
3053 LPCWSTR lpApplicationName,
3054 LPWSTR lpCommandLine,
3055 LPSECURITY_ATTRIBUTES lpProcessAttributes,
3056 LPSECURITY_ATTRIBUTES lpThreadAttributes,
3057 BOOL bInheritHandles,
3058 DWORD dwCreationFlags,
3059 LPVOID lpEnvironment,
3060 LPCWSTR lpCurrentDirectory,
3061 LPSTARTUPINFOW lpStartupInfo,
3062 LPPROCESS_INFORMATION lpProcessInformation )
3063 {
3064 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - semi- stub\n", hToken,
3065 debugstr_w(lpApplicationName), debugstr_w(lpCommandLine), lpProcessAttributes,
3066 lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment,
3067 debugstr_w(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
3068
3069 /* We should create the process with a suspended main thread */
3070 if (!CreateProcessW (lpApplicationName,
3071 lpCommandLine,
3072 lpProcessAttributes,
3073 lpThreadAttributes,
3074 bInheritHandles,
3075 dwCreationFlags, /* CREATE_SUSPENDED */
3076 lpEnvironment,
3077 lpCurrentDirectory,
3078 lpStartupInfo,
3079 lpProcessInformation))
3080 {
3081 return FALSE;
3082 }
3083
3084 return TRUE;
3085 }
3086
3087 /******************************************************************************
3088 * ComputeStringSidSize
3089 */
3090 static DWORD ComputeStringSidSize(LPCWSTR StringSid)
3091 {
3092 int ctok = 0;
3093 DWORD size = sizeof(SID);
3094
3095 while (*StringSid)
3096 {
3097 if (*StringSid == '-')
3098 ctok++;
3099 StringSid++;
3100 }
3101
3102 if (ctok > 3)
3103 size += (ctok - 3) * sizeof(DWORD);
3104
3105 return size;
3106 }
3107
3108 BOOL WINAPI DuplicateTokenEx(
3109 HANDLE ExistingTokenHandle, DWORD dwDesiredAccess,
3110 LPSECURITY_ATTRIBUTES lpTokenAttributes,
3111 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3112 TOKEN_TYPE TokenType,
3113 PHANDLE DuplicateTokenHandle )
3114 {
3115 OBJECT_ATTRIBUTES ObjectAttributes;
3116
3117 TRACE("%p 0x%08lx 0x%08x 0x%08x %p\n", ExistingTokenHandle, dwDesiredAccess,
3118 ImpersonationLevel, TokenType, DuplicateTokenHandle);
3119
3120 InitializeObjectAttributes(
3121 &ObjectAttributes,
3122 NULL,
3123 (lpTokenAttributes && lpTokenAttributes->bInheritHandle) ? OBJ_INHERIT : 0,
3124 NULL,
3125 lpTokenAttributes ? lpTokenAttributes->lpSecurityDescriptor : NULL );
3126
3127 return set_ntstatus( NtDuplicateToken( ExistingTokenHandle,
3128 dwDesiredAccess,
3129 &ObjectAttributes,
3130 ImpersonationLevel,
3131 TokenType,
3132 DuplicateTokenHandle ) );
3133 }
3134
3135 BOOL WINAPI DuplicateToken(
3136 HANDLE ExistingTokenHandle,
3137 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3138 PHANDLE DuplicateTokenHandle )
3139 {
3140 return DuplicateTokenEx( ExistingTokenHandle, 0, NULL, ImpersonationLevel,
3141 TokenImpersonation, DuplicateTokenHandle );
3142 }
3143
3144 BOOL WINAPI EnumDependentServicesA(
3145 SC_HANDLE hService,
3146 DWORD dwServiceState,
3147 LPENUM_SERVICE_STATUSA lpServices,
3148 DWORD cbBufSize,
3149 LPDWORD pcbBytesNeeded,
3150 LPDWORD lpServicesReturned )
3151 {
3152 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService, dwServiceState,
3153 lpServices, cbBufSize, pcbBytesNeeded, lpServicesReturned);
3154
3155 return FALSE;
3156 }
3157
3158 BOOL WINAPI EnumDependentServicesW(
3159 SC_HANDLE hService,
3160 DWORD dwServiceState,
3161 LPENUM_SERVICE_STATUSW lpServices,
3162 DWORD cbBufSize,
3163 LPDWORD pcbBytesNeeded,
3164 LPDWORD lpServicesReturned )
3165 {
3166 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService, dwServiceState,
3167 lpServices, cbBufSize, pcbBytesNeeded, lpServicesReturned);
3168
3169 return FALSE;
3170 }
3171
3172 /******************************************************************************
3173 * ParseStringSidToSid
3174 */
3175 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
3176 {
3177 BOOL bret = FALSE;
3178 SID* pisid=pSid;
3179
3180 TRACE("%s, %p, %p\n", debugstr_w(StringSid), pSid, cBytes);
3181 if (!StringSid)
3182 {
3183 SetLastError(ERROR_INVALID_PARAMETER);
3184 TRACE("StringSid is NULL, returning FALSE\n");
3185 return FALSE;
3186 }
3187
3188 *cBytes = ComputeStringSidSize(StringSid);
3189 if (!pisid) /* Simply compute the size */
3190 {
3191 TRACE("only size requested, returning TRUE\n");
3192 return TRUE;
3193 }
3194
3195 if (*StringSid != 'S' || *StringSid != '-') /* S-R-I-S-S */
3196 {
3197 DWORD i = 0, identAuth;
3198 DWORD csubauth = ((*cBytes - sizeof(SID)) / sizeof(DWORD)) + 1;
3199
3200 StringSid += 2; /* Advance to Revision */
3201 pisid->Revision = atoiW(StringSid);
3202
3203 if (pisid->Revision != SDDL_REVISION)
3204 {
3205 TRACE("Revision %d is unknown\n", pisid->Revision);
3206 goto lend; /* ERROR_INVALID_SID */
3207 }
3208 if (csubauth == 0)
3209 {
3210 TRACE("SubAuthorityCount is 0\n");
3211 goto lend; /* ERROR_INVALID_SID */
3212 }
3213
3214 pisid->SubAuthorityCount = csubauth;
3215
3216 /* Advance to identifier authority */
3217 while (*StringSid && *StringSid != '-')
3218 StringSid++;
3219 if (*StringSid == '-')
3220 StringSid++;
3221
3222 /* MS' implementation can't handle values greater than 2^32 - 1, so
3223 * we don't either; assume most significant bytes are always 0
3224 */
3225 pisid->IdentifierAuthority.Value[0] = 0;
3226 pisid->IdentifierAuthority.Value[1] = 0;
3227 identAuth = atoiW(StringSid);
3228 pisid->IdentifierAuthority.Value[5] = identAuth & 0xff;
3229 pisid->IdentifierAuthority.Value[4] = (identAuth & 0xff00) >> 8;
3230 pisid->IdentifierAuthority.Value[3] = (identAuth & 0xff0000) >> 16;
3231 pisid->IdentifierAuthority.Value[2] = (identAuth & 0xff000000) >> 24;
3232
3233 /* Advance to first sub authority */
3234 while (*StringSid && *StringSid != '-')
3235 StringSid++;
3236 if (*StringSid == '-')
3237 StringSid++;
3238
3239 while (*StringSid)
3240 {
3241 while (*StringSid && *StringSid != '-')
3242 StringSid++;
3243
3244 pisid->SubAuthority[i++] = atoiW(StringSid);
3245 }
3246
3247 if (i != pisid->SubAuthorityCount)
3248 goto lend; /* ERROR_INVALID_SID */
3249
3250 bret = TRUE;
3251 }
3252 else /* String constant format - Only available in winxp and above */
3253 {
3254 pisid->Revision = SDDL_REVISION;
3255 pisid->SubAuthorityCount = 1;
3256
3257 FIXME("String constant not supported: %s\n", debugstr_wn(StringSid, 2));
3258
3259 /* TODO: Lookup string of well-known SIDs in table */
3260 pisid->IdentifierAuthority.Value[5] = 0;
3261 pisid->SubAuthority[0] = 0;
3262
3263 bret = TRUE;
3264 }
3265
3266 lend:
3267 if (!bret)
3268 SetLastError(ERROR_INVALID_SID);
3269
3270 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
3271 return bret;
3272 }
3273
3274 /******************************************************************************
3275 * GetNamedSecurityInfoA [ADVAPI32.@]
3276 */
3277 DWORD WINAPI GetNamedSecurityInfoA(LPSTR pObjectName,
3278 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
3279 PSID* ppsidOwner, PSID* ppsidGroup, PACL* ppDacl, PACL* ppSacl,
3280 PSECURITY_DESCRIPTOR* ppSecurityDescriptor)
3281 {
3282 DWORD len;
3283 LPWSTR wstr = NULL;
3284 DWORD r;
3285
3286 TRACE("%s %d %ld %p %p %p %p %p\n", pObjectName, ObjectType, SecurityInfo,
3287 ppsidOwner, ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor);
3288
3289 if( pObjectName )
3290 {
3291 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
3292 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
3293 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
3294 }
3295
3296 r = GetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, ppsidOwner,
3297 ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor );
3298
3299 HeapFree( GetProcessHeap(), 0, wstr );
3300
3301 return r;
3302 }
3303
3304 /******************************************************************************
3305 * GetNamedSecurityInfoW [ADVAPI32.@]
3306 */
3307 DWORD WINAPI GetNamedSecurityInfoW( LPWSTR name, SE_OBJECT_TYPE type,
3308 SECURITY_INFORMATION info, PSID* owner, PSID* group, PACL* dacl,
3309 PACL* sacl, PSECURITY_DESCRIPTOR* descriptor )
3310 {
3311 DWORD needed, offset;
3312 SECURITY_DESCRIPTOR_RELATIVE *relative;
3313 BYTE *buffer;
3314
3315 TRACE( "%s %d %ld %p %p %p %p %p\n", debugstr_w(name), type, info, owner,
3316 group, dacl, sacl, descriptor );
3317
3318 if (!name || !descriptor) return ERROR_INVALID_PARAMETER;
3319
3320 needed = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
3321 if (info & OWNER_SECURITY_INFORMATION)
3322 needed += sizeof(sidWorld);
3323 if (info & GROUP_SECURITY_INFORMATION)
3324 needed += sizeof(sidWorld);
3325 if (info & DACL_SECURITY_INFORMATION)
3326 needed += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3327 if (info & SACL_SECURITY_INFORMATION)
3328 needed += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3329
3330 /* must be freed by caller */
3331 *descriptor = HeapAlloc( GetProcessHeap(), 0, needed );
3332 if (!*descriptor) return ERROR_NOT_ENOUGH_MEMORY;
3333
3334 if (!InitializeSecurityDescriptor( *descriptor, SECURITY_DESCRIPTOR_REVISION ))
3335 {
3336 HeapFree( GetProcessHeap(), 0, *descriptor );
3337 return ERROR_INVALID_SECURITY_DESCR;
3338 }
3339
3340 relative = (SECURITY_DESCRIPTOR_RELATIVE *)*descriptor;
3341 relative->Control |= SE_SELF_RELATIVE;
3342 buffer = (BYTE *)relative;
3343 offset = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
3344
3345 if (owner && (info & OWNER_SECURITY_INFORMATION))
3346 {
3347 memcpy( buffer + offset, &sidWorld, sizeof(sidWorld) );
3348 relative->Owner = offset;
3349 *owner = buffer + offset;
3350 offset += sizeof(sidWorld);
3351 }
3352 if (group && (info & GROUP_SECURITY_INFORMATION))
3353 {
3354 memcpy( buffer + offset, &sidWorld, sizeof(sidWorld) );
3355 relative->Group = offset;
3356 *group = buffer + offset;
3357 offset += sizeof(sidWorld);
3358 }
3359 if (dacl && (info & DACL_SECURITY_INFORMATION))
3360 {
3361 GetWorldAccessACL( (PACL)(buffer + offset) );
3362 relative->Dacl = offset;
3363 *dacl = (PACL)(buffer + offset);
3364 offset += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3365 }
3366 if (sacl && (info & SACL_SECURITY_INFORMATION))
3367 {
3368 GetWorldAccessACL( (PACL)(buffer + offset) );
3369 relative->Sacl = offset;
3370 *sacl = (PACL)(buffer + offset);
3371 }
3372 return ERROR_SUCCESS;
3373 }
3374
3375 /******************************************************************************
3376 * DecryptFileW [ADVAPI32.@]
3377 */
3378 BOOL WINAPI DecryptFileW(LPCWSTR lpFileName, DWORD dwReserved)
3379 {
3380 FIXME("%s %08lx\n", debugstr_w(lpFileName), dwReserved);
3381 return TRUE;
3382 }
3383
3384 /******************************************************************************
3385 * DecryptFileA [ADVAPI32.@]
3386 */
3387 BOOL WINAPI DecryptFileA(LPCSTR lpFileName, DWORD dwReserved)
3388 {
3389 FIXME("%s %08lx\n", debugstr_a(lpFileName), dwReserved);
3390 return TRUE;
3391 }
3392
3393 /******************************************************************************
3394 * EncryptFileW [ADVAPI32.@]
3395 */
3396 BOOL WINAPI EncryptFileW(LPCWSTR lpFileName)
3397 {
3398 FIXME("%s\n", debugstr_w(lpFileName));
3399 return TRUE;
3400 }
3401
3402 /******************************************************************************
3403 * EncryptFileA [ADVAPI32.@]
3404 */
3405 BOOL WINAPI EncryptFileA(LPCSTR lpFileName)
3406 {
3407 FIXME("%s\n", debugstr_a(lpFileName));
3408 return TRUE;
3409 }
3410
3411 /******************************************************************************
3412 * SetSecurityInfo [ADVAPI32.@]
3413 */
3414 DWORD WINAPI SetSecurityInfo(HANDLE handle, SE_OBJECT_TYPE ObjectType,
3415 SECURITY_INFORMATION SecurityInfo, PSID psidOwner,
3416 PSID psidGroup, PACL pDacl, PACL pSacl) {
3417 FIXME("stub\n");
3418 return ERROR_SUCCESS;
3419 }
GSOC 2012 project to enhance the control panel