search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
janitorial: Remove redundant NULL pointer checks before HeapFree'ing them.
[wine/gsoc_dplay.git] / dlls / advapi32 / security.c
blobf61b38a12509d1725140c96b04b90960ff0f5793
1 /*
2 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
3 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 *
19 */
20
21 #include <stdarg.h>
22 #include <string.h>
23
24 #include "ntstatus.h"
25 #define WIN32_NO_STATUS
26 #include "windef.h"
27 #include "winbase.h"
28 #include "winerror.h"
29 #include "rpcnterr.h"
30 #include "winreg.h"
31 #include "winternl.h"
32 #include "winioctl.h"
33 #include "ntsecapi.h"
34 #include "accctrl.h"
35 #include "sddl.h"
36 #include "winsvc.h"
37 #include "aclapi.h"
38
39 #include "wine/debug.h"
40 #include "wine/unicode.h"
41
42 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
43
44 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes);
45 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
46 PACL pAcl, LPDWORD cBytes);
47 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl);
48 static BYTE ParseAceStringType(LPCWSTR* StringAcl);
49 static DWORD ParseAceStringRights(LPCWSTR* StringAcl);
50 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
51 LPCWSTR StringSecurityDescriptor,
52 SECURITY_DESCRIPTOR* SecurityDescriptor,
53 LPDWORD cBytes);
54 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl);
55
56 typedef struct _ACEFLAG
57 {
58 LPCWSTR wstr;
59 DWORD value;
60 } ACEFLAG, *LPACEFLAG;
61
62 static SID const sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } };
63
64 /*
65 * ACE access rights
66 */
67 static const WCHAR SDDL_READ_CONTROL[] = {'R','C',0};
68 static const WCHAR SDDL_WRITE_DAC[] = {'W','D',0};
69 static const WCHAR SDDL_WRITE_OWNER[] = {'W','O',0};
70 static const WCHAR SDDL_STANDARD_DELETE[] = {'S','D',0};
71 static const WCHAR SDDL_GENERIC_ALL[] = {'G','A',0};
72 static const WCHAR SDDL_GENERIC_READ[] = {'G','R',0};
73 static const WCHAR SDDL_GENERIC_WRITE[] = {'G','W',0};
74 static const WCHAR SDDL_GENERIC_EXECUTE[] = {'G','X',0};
75
76 /*
77 * ACE types
78 */
79 static const WCHAR SDDL_ACCESS_ALLOWED[] = {'A',0};
80 static const WCHAR SDDL_ACCESS_DENIED[] = {'D',0};
81 static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[] = {'O','A',0};
82 static const WCHAR SDDL_OBJECT_ACCESS_DENIED[] = {'O','D',0};
83 static const WCHAR SDDL_AUDIT[] = {'A','U',0};
84 static const WCHAR SDDL_ALARM[] = {'A','L',0};
85 static const WCHAR SDDL_OBJECT_AUDIT[] = {'O','U',0};
86 static const WCHAR SDDL_OBJECT_ALARMp[] = {'O','L',0};
87
88 /*
89 * ACE flags
90 */
91 static const WCHAR SDDL_CONTAINER_INHERIT[] = {'C','I',0};
92 static const WCHAR SDDL_OBJECT_INHERIT[] = {'O','I',0};
93 static const WCHAR SDDL_NO_PROPAGATE[] = {'N','P',0};
94 static const WCHAR SDDL_INHERIT_ONLY[] = {'I','O',0};
95 static const WCHAR SDDL_INHERITED[] = {'I','D',0};
96 static const WCHAR SDDL_AUDIT_SUCCESS[] = {'S','A',0};
97 static const WCHAR SDDL_AUDIT_FAILURE[] = {'F','A',0};
98
99 /* set last error code from NT status and get the proper boolean return value */
100 /* used for functions that are a simple wrapper around the corresponding ntdll API */
101 static inline BOOL set_ntstatus( NTSTATUS status )
102 {
103 if (status) SetLastError( RtlNtStatusToDosError( status ));
104 return !status;
105 }
106
107 #define WINE_SIZE_OF_WORLD_ACCESS_ACL (sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD))
108
109 static void GetWorldAccessACL(PACL pACL)
110 {
111 PACCESS_ALLOWED_ACE pACE = (PACCESS_ALLOWED_ACE) (pACL + 1);
112
113 pACL->AclRevision = ACL_REVISION;
114 pACL->Sbz1 = 0;
115 pACL->AclSize = WINE_SIZE_OF_WORLD_ACCESS_ACL;
116 pACL->AceCount = 1;
117 pACL->Sbz2 = 0;
118
119 pACE->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
120 pACE->Header.AceFlags = CONTAINER_INHERIT_ACE;
121 pACE->Header.AceSize = sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD);
122 pACE->Mask = 0xf3ffffff; /* Everything except reserved bits */
123 memcpy(&pACE->SidStart, &sidWorld, sizeof(sidWorld));
124 }
125
126 /************************************************************
127 * ADVAPI_IsLocalComputer
128 *
129 * Checks whether the server name indicates local machine.
130 */
131 static BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
132 {
133 DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
134 BOOL Result;
135 LPWSTR buf;
136
137 if (!ServerName || !ServerName[0])
138 return TRUE;
139
140 buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
141 Result = GetComputerNameW(buf, &dwSize);
142 if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
143 ServerName += 2;
144 Result = Result && !lstrcmpW(ServerName, buf);
145 HeapFree(GetProcessHeap(), 0, buf);
146
147 return Result;
148 }
149
150 /* ##############################
151 ###### TOKEN FUNCTIONS ######
152 ##############################
153 */
154
155 /******************************************************************************
156 * OpenProcessToken [ADVAPI32.@]
157 * Opens the access token associated with a process handle.
158 *
159 * PARAMS
160 * ProcessHandle [I] Handle to process
161 * DesiredAccess [I] Desired access to process
162 * TokenHandle [O] Pointer to handle of open access token
163 *
164 * RETURNS
165 * Success: TRUE. TokenHandle contains the access token.
166 * Failure: FALSE.
167 *
168 * NOTES
169 * See NtOpenProcessToken.
170 */
171 BOOL WINAPI
172 OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
173 HANDLE *TokenHandle )
174 {
175 return set_ntstatus(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
176 }
177
178 /******************************************************************************
179 * OpenThreadToken [ADVAPI32.@]
180 *
181 * Opens the access token associated with a thread handle.
182 *
183 * PARAMS
184 * ThreadHandle [I] Handle to process
185 * DesiredAccess [I] Desired access to the thread
186 * OpenAsSelf [I] ???
187 * TokenHandle [O] Destination for the token handle
188 *
189 * RETURNS
190 * Success: TRUE. TokenHandle contains the access token.
191 * Failure: FALSE.
192 *
193 * NOTES
194 * See NtOpenThreadToken.
195 */
196 BOOL WINAPI
197 OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
198 BOOL OpenAsSelf, HANDLE *TokenHandle)
199 {
200 return set_ntstatus( NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
201 }
202
203 BOOL WINAPI
204 AdjustTokenGroups( HANDLE TokenHandle, BOOL ResetToDefault, PTOKEN_GROUPS NewState,
205 DWORD BufferLength, PTOKEN_GROUPS PreviousState, PDWORD ReturnLength )
206 {
207 return set_ntstatus( NtAdjustGroupsToken(TokenHandle, ResetToDefault, NewState, BufferLength,
208 PreviousState, ReturnLength));
209 }
210
211 /******************************************************************************
212 * AdjustTokenPrivileges [ADVAPI32.@]
213 *
214 * Adjust the privileges of an open token handle.
215 *
216 * PARAMS
217 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
218 * DisableAllPrivileges [I] TRUE=Remove all privileges, FALSE=Use NewState
219 * NewState [I] Desired new privileges of the token
220 * BufferLength [I] Length of NewState
221 * PreviousState [O] Destination for the previous state
222 * ReturnLength [I/O] Size of PreviousState
223 *
224 *
225 * RETURNS
226 * Success: TRUE. Privileges are set to NewState and PreviousState is updated.
227 * Failure: FALSE.
228 *
229 * NOTES
230 * See NtAdjustPrivilegesToken.
231 */
232 BOOL WINAPI
233 AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
234 LPVOID NewState, DWORD BufferLength,
235 LPVOID PreviousState, LPDWORD ReturnLength )
236 {
237 NTSTATUS status;
238
239 TRACE("\n");
240
241 status = NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges,
242 NewState, BufferLength, PreviousState,
243 ReturnLength);
244 SetLastError( RtlNtStatusToDosError( status ));
245 if ((status == STATUS_SUCCESS) || (status == STATUS_NOT_ALL_ASSIGNED))
246 return TRUE;
247 else
248 return FALSE;
249 }
250
251 /******************************************************************************
252 * CheckTokenMembership [ADVAPI32.@]
253 *
254 * Determine if an access token is a member of a SID.
255 *
256 * PARAMS
257 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
258 * SidToCheck [I] SID that possibly contains the token
259 * IsMember [O] Destination for result.
260 *
261 * RETURNS
262 * Success: TRUE. IsMember is TRUE if TokenHandle is a member, FALSE otherwise.
263 * Failure: FALSE.
264 */
265 BOOL WINAPI
266 CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
267 PBOOL IsMember )
268 {
269 FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
270
271 *IsMember = TRUE;
272 return(TRUE);
273 }
274
275 /******************************************************************************
276 * GetTokenInformation [ADVAPI32.@]
277 *
278 * Get a type of information about an access token.
279 *
280 * PARAMS
281 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
282 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
283 * tokeninfo [O] Destination for token information
284 * tokeninfolength [I] Length of tokeninfo
285 * retlen [O] Destination for returned token information length
286 *
287 * RETURNS
288 * Success: TRUE. tokeninfo contains retlen bytes of token information
289 * Failure: FALSE.
290 *
291 * NOTES
292 * See NtQueryInformationToken.
293 */
294 BOOL WINAPI
295 GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
296 LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
297 {
298 TRACE("(%p, %s, %p, %ld, %p):\n",
299 token,
300 (tokeninfoclass == TokenUser) ? "TokenUser" :
301 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
302 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
303 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
304 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
305 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
306 (tokeninfoclass == TokenSource) ? "TokenSource" :
307 (tokeninfoclass == TokenType) ? "TokenType" :
308 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
309 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
310 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
311 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
312 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
313 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
314 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
315 "Unknown",
316 tokeninfo, tokeninfolength, retlen);
317 return set_ntstatus( NtQueryInformationToken( token, tokeninfoclass, tokeninfo,
318 tokeninfolength, retlen));
319 }
320
321 /******************************************************************************
322 * SetTokenInformation [ADVAPI32.@]
323 *
324 * Set information for an access token.
325 *
326 * PARAMS
327 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
328 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
329 * tokeninfo [I] Token information to set
330 * tokeninfolength [I] Length of tokeninfo
331 *
332 * RETURNS
333 * Success: TRUE. The information for the token is set to tokeninfo.
334 * Failure: FALSE.
335 */
336 BOOL WINAPI
337 SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
338 LPVOID tokeninfo, DWORD tokeninfolength )
339 {
340 TRACE("(%p, %s, %p, %ld): stub\n",
341 token,
342 (tokeninfoclass == TokenUser) ? "TokenUser" :
343 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
344 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
345 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
346 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
347 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
348 (tokeninfoclass == TokenSource) ? "TokenSource" :
349 (tokeninfoclass == TokenType) ? "TokenType" :
350 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
351 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
352 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
353 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
354 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
355 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
356 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
357 "Unknown",
358 tokeninfo, tokeninfolength);
359
360 return set_ntstatus( NtSetInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength ));
361 }
362
363 /*************************************************************************
364 * SetThreadToken [ADVAPI32.@]
365 *
366 * Assigns an 'impersonation token' to a thread so it can assume the
367 * security privileges of another thread or process. Can also remove
368 * a previously assigned token.
369 *
370 * PARAMS
371 * thread [O] Handle to thread to set the token for
372 * token [I] Token to set
373 *
374 * RETURNS
375 * Success: TRUE. The threads access token is set to token
376 * Failure: FALSE.
377 *
378 * NOTES
379 * Only supported on NT or higher. On Win9X this function does nothing.
380 * See SetTokenInformation.
381 */
382 BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
383 {
384 return set_ntstatus( NtSetInformationThread( thread ? *thread : GetCurrentThread(),
385 ThreadImpersonationToken, &token, sizeof token ));
386 }
387
388 /* ##############################
389 ###### SID FUNCTIONS ######
390 ##############################
391 */
392
393 /******************************************************************************
394 * AllocateAndInitializeSid [ADVAPI32.@]
395 *
396 * PARAMS
397 * pIdentifierAuthority []
398 * nSubAuthorityCount []
399 * nSubAuthority0 []
400 * nSubAuthority1 []
401 * nSubAuthority2 []
402 * nSubAuthority3 []
403 * nSubAuthority4 []
404 * nSubAuthority5 []
405 * nSubAuthority6 []
406 * nSubAuthority7 []
407 * pSid []
408 */
409 BOOL WINAPI
410 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
411 BYTE nSubAuthorityCount,
412 DWORD nSubAuthority0, DWORD nSubAuthority1,
413 DWORD nSubAuthority2, DWORD nSubAuthority3,
414 DWORD nSubAuthority4, DWORD nSubAuthority5,
415 DWORD nSubAuthority6, DWORD nSubAuthority7,
416 PSID *pSid )
417 {
418 return set_ntstatus( RtlAllocateAndInitializeSid(
419 pIdentifierAuthority, nSubAuthorityCount,
420 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
421 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
422 pSid ));
423 }
424
425 /******************************************************************************
426 * FreeSid [ADVAPI32.@]
427 *
428 * PARAMS
429 * pSid []
430 */
431 PVOID WINAPI
432 FreeSid( PSID pSid )
433 {
434 RtlFreeSid(pSid);
435 return NULL; /* is documented like this */
436 }
437
438 /******************************************************************************
439 * CopySid [ADVAPI32.@]
440 *
441 * PARAMS
442 * nDestinationSidLength []
443 * pDestinationSid []
444 * pSourceSid []
445 */
446 BOOL WINAPI
447 CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
448 {
449 return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
450 }
451
452 BOOL WINAPI
453 IsTokenRestricted( HANDLE TokenHandle )
454 {
455 TOKEN_GROUPS *groups;
456 DWORD size;
457 NTSTATUS status;
458 BOOL restricted;
459
460 TRACE("(%p)\n", TokenHandle);
461
462 status = NtQueryInformationToken(TokenHandle, TokenRestrictedSids, NULL, 0, &size);
463 if (status != STATUS_BUFFER_TOO_SMALL)
464 return FALSE;
465
466 groups = HeapAlloc(GetProcessHeap(), 0, size);
467 if (!groups)
468 {
469 SetLastError(ERROR_OUTOFMEMORY);
470 return FALSE;
471 }
472
473 status = NtQueryInformationToken(TokenHandle, TokenRestrictedSids, groups, size, &size);
474 if (status != STATUS_SUCCESS)
475 {
476 HeapFree(GetProcessHeap(), 0, groups);
477 return set_ntstatus(status);
478 }
479
480 if (groups->GroupCount)
481 restricted = TRUE;
482 else
483 restricted = FALSE;
484
485 HeapFree(GetProcessHeap(), 0, groups);
486
487 return restricted;
488 }
489
490 /******************************************************************************
491 * IsValidSid [ADVAPI32.@]
492 *
493 * PARAMS
494 * pSid []
495 */
496 BOOL WINAPI
497 IsValidSid( PSID pSid )
498 {
499 return RtlValidSid( pSid );
500 }
501
502 /******************************************************************************
503 * EqualSid [ADVAPI32.@]
504 *
505 * PARAMS
506 * pSid1 []
507 * pSid2 []
508 */
509 BOOL WINAPI
510 EqualSid( PSID pSid1, PSID pSid2 )
511 {
512 return RtlEqualSid( pSid1, pSid2 );
513 }
514
515 /******************************************************************************
516 * EqualPrefixSid [ADVAPI32.@]
517 */
518 BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
519 {
520 return RtlEqualPrefixSid(pSid1, pSid2);
521 }
522
523 /******************************************************************************
524 * GetSidLengthRequired [ADVAPI32.@]
525 *
526 * PARAMS
527 * nSubAuthorityCount []
528 */
529 DWORD WINAPI
530 GetSidLengthRequired( BYTE nSubAuthorityCount )
531 {
532 return RtlLengthRequiredSid(nSubAuthorityCount);
533 }
534
535 /******************************************************************************
536 * InitializeSid [ADVAPI32.@]
537 *
538 * PARAMS
539 * pIdentifierAuthority []
540 */
541 BOOL WINAPI
542 InitializeSid (
543 PSID pSid,
544 PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
545 BYTE nSubAuthorityCount)
546 {
547 return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
548 }
549
550 DWORD WINAPI
551 GetEffectiveRightsFromAclA( PACL pacl, PTRUSTEEA pTrustee, PACCESS_MASK pAccessRights )
552 {
553 FIXME("%p %p %p - stub\n", pacl, pTrustee, pAccessRights);
554
555 return 1;
556 }
557
558 DWORD WINAPI
559 GetEffectiveRightsFromAclW( PACL pacl, PTRUSTEEW pTrustee, PACCESS_MASK pAccessRights )
560 {
561 FIXME("%p %p %p - stub\n", pacl, pTrustee, pAccessRights);
562
563 return 1;
564 }
565
566 /******************************************************************************
567 * GetSidIdentifierAuthority [ADVAPI32.@]
568 *
569 * PARAMS
570 * pSid []
571 */
572 PSID_IDENTIFIER_AUTHORITY WINAPI
573 GetSidIdentifierAuthority( PSID pSid )
574 {
575 return RtlIdentifierAuthoritySid(pSid);
576 }
577
578 /******************************************************************************
579 * GetSidSubAuthority [ADVAPI32.@]
580 *
581 * PARAMS
582 * pSid []
583 * nSubAuthority []
584 */
585 PDWORD WINAPI
586 GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
587 {
588 return RtlSubAuthoritySid(pSid, nSubAuthority);
589 }
590
591 /******************************************************************************
592 * GetSidSubAuthorityCount [ADVAPI32.@]
593 *
594 * PARAMS
595 * pSid []
596 */
597 PUCHAR WINAPI
598 GetSidSubAuthorityCount (PSID pSid)
599 {
600 return RtlSubAuthorityCountSid(pSid);
601 }
602
603 /******************************************************************************
604 * GetLengthSid [ADVAPI32.@]
605 *
606 * PARAMS
607 * pSid []
608 */
609 DWORD WINAPI
610 GetLengthSid (PSID pSid)
611 {
612 return RtlLengthSid(pSid);
613 }
614
615 /* ##############################################
616 ###### SECURITY DESCRIPTOR FUNCTIONS ######
617 ##############################################
618 */
619
620 /******************************************************************************
621 * BuildSecurityDescriptorA [ADVAPI32.@]
622 *
623 * Builds a SD from
624 *
625 * PARAMS
626 * pOwner [I]
627 * pGroup [I]
628 * cCountOfAccessEntries [I]
629 * pListOfAccessEntries [I]
630 * cCountOfAuditEntries [I]
631 * pListofAuditEntries [I]
632 * pOldSD [I]
633 * lpdwBufferLength [I/O]
634 * pNewSD [O]
635 *
636 * RETURNS
637 * Success: ERROR_SUCCESS
638 * Failure: nonzero error code from Winerror.h
639 */
640 DWORD WINAPI BuildSecurityDescriptorA(
641 IN PTRUSTEEA pOwner,
642 IN PTRUSTEEA pGroup,
643 IN ULONG cCountOfAccessEntries,
644 IN PEXPLICIT_ACCESSA pListOfAccessEntries,
645 IN ULONG cCountOfAuditEntries,
646 IN PEXPLICIT_ACCESSA pListofAuditEntries,
647 IN PSECURITY_DESCRIPTOR pOldSD,
648 IN OUT PULONG lpdwBufferLength,
649 OUT PSECURITY_DESCRIPTOR* pNewSD)
650 {
651 FIXME("(%p,%p,%ld,%p,%ld,%p,%p,%p,%p) stub!\n",pOwner,pGroup,
652 cCountOfAccessEntries,pListOfAccessEntries,cCountOfAuditEntries,
653 pListofAuditEntries,pOldSD,lpdwBufferLength,pNewSD);
654
655 return ERROR_CALL_NOT_IMPLEMENTED;
656 }
657
658 /******************************************************************************
659 * BuildSecurityDescriptorW [ADVAPI32.@]
660 *
661 * See BuildSecurityDescriptorA.
662 */
663 DWORD WINAPI BuildSecurityDescriptorW(
664 IN PTRUSTEEW pOwner,
665 IN PTRUSTEEW pGroup,
666 IN ULONG cCountOfAccessEntries,
667 IN PEXPLICIT_ACCESSW pListOfAccessEntries,
668 IN ULONG cCountOfAuditEntries,
669 IN PEXPLICIT_ACCESSW pListofAuditEntries,
670 IN PSECURITY_DESCRIPTOR pOldSD,
671 IN OUT PULONG lpdwBufferLength,
672 OUT PSECURITY_DESCRIPTOR* pNewSD)
673 {
674 FIXME("(%p,%p,%ld,%p,%ld,%p,%p,%p,%p) stub!\n",pOwner,pGroup,
675 cCountOfAccessEntries,pListOfAccessEntries,cCountOfAuditEntries,
676 pListofAuditEntries,pOldSD,lpdwBufferLength,pNewSD);
677
678 return ERROR_CALL_NOT_IMPLEMENTED;
679 }
680
681 /******************************************************************************
682 * InitializeSecurityDescriptor [ADVAPI32.@]
683 *
684 * PARAMS
685 * pDescr []
686 * revision []
687 */
688 BOOL WINAPI
689 InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR pDescr, DWORD revision )
690 {
691 return set_ntstatus( RtlCreateSecurityDescriptor(pDescr, revision ));
692 }
693
694
695 /******************************************************************************
696 * MakeAbsoluteSD [ADVAPI32.@]
697 */
698 BOOL WINAPI MakeAbsoluteSD (
699 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
700 OUT PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
701 OUT LPDWORD lpdwAbsoluteSecurityDescriptorSize,
702 OUT PACL pDacl,
703 OUT LPDWORD lpdwDaclSize,
704 OUT PACL pSacl,
705 OUT LPDWORD lpdwSaclSize,
706 OUT PSID pOwner,
707 OUT LPDWORD lpdwOwnerSize,
708 OUT PSID pPrimaryGroup,
709 OUT LPDWORD lpdwPrimaryGroupSize)
710 {
711 return set_ntstatus( RtlSelfRelativeToAbsoluteSD(pSelfRelativeSecurityDescriptor,
712 pAbsoluteSecurityDescriptor,
713 lpdwAbsoluteSecurityDescriptorSize,
714 pDacl, lpdwDaclSize, pSacl, lpdwSaclSize,
715 pOwner, lpdwOwnerSize,
716 pPrimaryGroup, lpdwPrimaryGroupSize));
717 }
718
719 /******************************************************************************
720 * GetKernelObjectSecurity [ADVAPI32.@]
721 */
722 BOOL WINAPI GetKernelObjectSecurity(
723 HANDLE Handle,
724 SECURITY_INFORMATION RequestedInformation,
725 PSECURITY_DESCRIPTOR pSecurityDescriptor,
726 DWORD nLength,
727 LPDWORD lpnLengthNeeded )
728 {
729 TRACE("(%p,0x%08lx,%p,0x%08lx,%p)\n", Handle, RequestedInformation,
730 pSecurityDescriptor, nLength, lpnLengthNeeded);
731
732 return set_ntstatus( NtQuerySecurityObject(Handle, RequestedInformation, pSecurityDescriptor,
733 nLength, lpnLengthNeeded ));
734 }
735
736 /******************************************************************************
737 * GetPrivateObjectSecurity [ADVAPI32.@]
738 */
739 BOOL WINAPI GetPrivateObjectSecurity(
740 PSECURITY_DESCRIPTOR ObjectDescriptor,
741 SECURITY_INFORMATION SecurityInformation,
742 PSECURITY_DESCRIPTOR ResultantDescriptor,
743 DWORD DescriptorLength,
744 PDWORD ReturnLength )
745 {
746 TRACE("(%p,0x%08lx,%p,0x%08lx,%p)\n", ObjectDescriptor, SecurityInformation,
747 ResultantDescriptor, DescriptorLength, ReturnLength);
748
749 return set_ntstatus( NtQuerySecurityObject(ObjectDescriptor, SecurityInformation,
750 ResultantDescriptor, DescriptorLength, ReturnLength ));
751 }
752
753 /******************************************************************************
754 * GetSecurityDescriptorLength [ADVAPI32.@]
755 */
756 DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR pDescr)
757 {
758 return RtlLengthSecurityDescriptor(pDescr);
759 }
760
761 /******************************************************************************
762 * GetSecurityDescriptorOwner [ADVAPI32.@]
763 *
764 * PARAMS
765 * pOwner []
766 * lpbOwnerDefaulted []
767 */
768 BOOL WINAPI
769 GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pDescr, PSID *pOwner,
770 LPBOOL lpbOwnerDefaulted )
771 {
772 BOOLEAN defaulted;
773 BOOL ret = set_ntstatus( RtlGetOwnerSecurityDescriptor( pDescr, pOwner, &defaulted ));
774 *lpbOwnerDefaulted = defaulted;
775 return ret;
776 }
777
778 /******************************************************************************
779 * SetSecurityDescriptorOwner [ADVAPI32.@]
780 *
781 * PARAMS
782 */
783 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
784 PSID pOwner, BOOL bOwnerDefaulted)
785 {
786 return set_ntstatus( RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
787 }
788 /******************************************************************************
789 * GetSecurityDescriptorGroup [ADVAPI32.@]
790 */
791 BOOL WINAPI GetSecurityDescriptorGroup(
792 PSECURITY_DESCRIPTOR SecurityDescriptor,
793 PSID *Group,
794 LPBOOL GroupDefaulted)
795 {
796 BOOLEAN defaulted;
797 BOOL ret = set_ntstatus( RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, &defaulted ));
798 *GroupDefaulted = defaulted;
799 return ret;
800 }
801 /******************************************************************************
802 * SetSecurityDescriptorGroup [ADVAPI32.@]
803 */
804 BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
805 PSID Group, BOOL GroupDefaulted)
806 {
807 return set_ntstatus( RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
808 }
809
810 /******************************************************************************
811 * IsValidSecurityDescriptor [ADVAPI32.@]
812 *
813 * PARAMS
814 * lpsecdesc []
815 */
816 BOOL WINAPI
817 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
818 {
819 return set_ntstatus( RtlValidSecurityDescriptor(SecurityDescriptor));
820 }
821
822 /******************************************************************************
823 * GetSecurityDescriptorDacl [ADVAPI32.@]
824 */
825 BOOL WINAPI GetSecurityDescriptorDacl(
826 IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
827 OUT LPBOOL lpbDaclPresent,
828 OUT PACL *pDacl,
829 OUT LPBOOL lpbDaclDefaulted)
830 {
831 BOOLEAN present, defaulted;
832 BOOL ret = set_ntstatus( RtlGetDaclSecurityDescriptor(pSecurityDescriptor, &present, pDacl, &defaulted));
833 *lpbDaclPresent = present;
834 *lpbDaclDefaulted = defaulted;
835 return ret;
836 }
837
838 /******************************************************************************
839 * SetSecurityDescriptorDacl [ADVAPI32.@]
840 */
841 BOOL WINAPI
842 SetSecurityDescriptorDacl (
843 PSECURITY_DESCRIPTOR lpsd,
844 BOOL daclpresent,
845 PACL dacl,
846 BOOL dacldefaulted )
847 {
848 return set_ntstatus( RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ) );
849 }
850 /******************************************************************************
851 * GetSecurityDescriptorSacl [ADVAPI32.@]
852 */
853 BOOL WINAPI GetSecurityDescriptorSacl(
854 IN PSECURITY_DESCRIPTOR lpsd,
855 OUT LPBOOL lpbSaclPresent,
856 OUT PACL *pSacl,
857 OUT LPBOOL lpbSaclDefaulted)
858 {
859 BOOLEAN present, defaulted;
860 BOOL ret = set_ntstatus( RtlGetSaclSecurityDescriptor(lpsd, &present, pSacl, &defaulted) );
861 *lpbSaclPresent = present;
862 *lpbSaclDefaulted = defaulted;
863 return ret;
864 }
865
866 /**************************************************************************
867 * SetSecurityDescriptorSacl [ADVAPI32.@]
868 */
869 BOOL WINAPI SetSecurityDescriptorSacl (
870 PSECURITY_DESCRIPTOR lpsd,
871 BOOL saclpresent,
872 PACL lpsacl,
873 BOOL sacldefaulted)
874 {
875 return set_ntstatus (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
876 }
877 /******************************************************************************
878 * MakeSelfRelativeSD [ADVAPI32.@]
879 *
880 * PARAMS
881 * lpabssecdesc []
882 * lpselfsecdesc []
883 * lpbuflen []
884 */
885 BOOL WINAPI
886 MakeSelfRelativeSD(
887 IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
888 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
889 IN OUT LPDWORD lpdwBufferLength)
890 {
891 return set_ntstatus( RtlMakeSelfRelativeSD( pAbsoluteSecurityDescriptor,
892 pSelfRelativeSecurityDescriptor, lpdwBufferLength));
893 }
894
895 /******************************************************************************
896 * GetSecurityDescriptorControl [ADVAPI32.@]
897 */
898
899 BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR pSecurityDescriptor,
900 PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
901 {
902 return set_ntstatus( RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
903 }
904
905 /* ##############################
906 ###### ACL FUNCTIONS ######
907 ##############################
908 */
909
910 /*************************************************************************
911 * InitializeAcl [ADVAPI32.@]
912 */
913 BOOL WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
914 {
915 return set_ntstatus( RtlCreateAcl(acl, size, rev));
916 }
917
918 BOOL WINAPI ImpersonateNamedPipeClient( HANDLE hNamedPipe )
919 {
920 TRACE("(%p)\n", hNamedPipe);
921
922 return set_ntstatus( NtFsControlFile(hNamedPipe, NULL, NULL, NULL, NULL,
923 FSCTL_PIPE_IMPERSONATE, NULL, 0, NULL, 0) );
924 }
925
926 /******************************************************************************
927 * AddAccessAllowedAce [ADVAPI32.@]
928 */
929 BOOL WINAPI AddAccessAllowedAce(
930 IN OUT PACL pAcl,
931 IN DWORD dwAceRevision,
932 IN DWORD AccessMask,
933 IN PSID pSid)
934 {
935 return set_ntstatus(RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid));
936 }
937
938 /******************************************************************************
939 * AddAccessAllowedAceEx [ADVAPI32.@]
940 */
941 BOOL WINAPI AddAccessAllowedAceEx(
942 IN OUT PACL pAcl,
943 IN DWORD dwAceRevision,
944 IN DWORD AceFlags,
945 IN DWORD AccessMask,
946 IN PSID pSid)
947 {
948 return set_ntstatus(RtlAddAccessAllowedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
949 }
950
951 /******************************************************************************
952 * AddAccessDeniedAce [ADVAPI32.@]
953 */
954 BOOL WINAPI AddAccessDeniedAce(
955 IN OUT PACL pAcl,
956 IN DWORD dwAceRevision,
957 IN DWORD AccessMask,
958 IN PSID pSid)
959 {
960 return set_ntstatus(RtlAddAccessDeniedAce(pAcl, dwAceRevision, AccessMask, pSid));
961 }
962
963 /******************************************************************************
964 * AddAccessDeniedAceEx [ADVAPI32.@]
965 */
966 BOOL WINAPI AddAccessDeniedAceEx(
967 IN OUT PACL pAcl,
968 IN DWORD dwAceRevision,
969 IN DWORD AceFlags,
970 IN DWORD AccessMask,
971 IN PSID pSid)
972 {
973 return set_ntstatus(RtlAddAccessDeniedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
974 }
975
976 /******************************************************************************
977 * AddAce [ADVAPI32.@]
978 */
979 BOOL WINAPI AddAce(
980 IN OUT PACL pAcl,
981 IN DWORD dwAceRevision,
982 IN DWORD dwStartingAceIndex,
983 LPVOID pAceList,
984 DWORD nAceListLength)
985 {
986 return set_ntstatus(RtlAddAce(pAcl, dwAceRevision, dwStartingAceIndex, pAceList, nAceListLength));
987 }
988
989 /******************************************************************************
990 * DeleteAce [ADVAPI32.@]
991 */
992 BOOL WINAPI DeleteAce(PACL pAcl, DWORD dwAceIndex)
993 {
994 return set_ntstatus(RtlDeleteAce(pAcl, dwAceIndex));
995 }
996
997 /******************************************************************************
998 * FindFirstFreeAce [ADVAPI32.@]
999 */
1000 BOOL WINAPI FindFirstFreeAce(IN PACL pAcl, LPVOID * pAce)
1001 {
1002 return RtlFirstFreeAce(pAcl, (PACE_HEADER *)pAce);
1003 }
1004
1005 /******************************************************************************
1006 * GetAce [ADVAPI32.@]
1007 */
1008 BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
1009 {
1010 return set_ntstatus(RtlGetAce(pAcl, dwAceIndex, pAce));
1011 }
1012
1013 /******************************************************************************
1014 * GetAclInformation [ADVAPI32.@]
1015 */
1016 BOOL WINAPI GetAclInformation(
1017 PACL pAcl,
1018 LPVOID pAclInformation,
1019 DWORD nAclInformationLength,
1020 ACL_INFORMATION_CLASS dwAclInformationClass)
1021 {
1022 return set_ntstatus(RtlQueryInformationAcl(pAcl, pAclInformation,
1023 nAclInformationLength, dwAclInformationClass));
1024 }
1025
1026 /******************************************************************************
1027 * IsValidAcl [ADVAPI32.@]
1028 */
1029 BOOL WINAPI IsValidAcl(IN PACL pAcl)
1030 {
1031 return RtlValidAcl(pAcl);
1032 }
1033
1034 /* ##############################
1035 ###### MISC FUNCTIONS ######
1036 ##############################
1037 */
1038
1039 /******************************************************************************
1040 * AllocateLocallyUniqueId [ADVAPI32.@]
1041 *
1042 * PARAMS
1043 * lpLuid []
1044 */
1045 BOOL WINAPI AllocateLocallyUniqueId( PLUID lpLuid )
1046 {
1047 return set_ntstatus(NtAllocateLocallyUniqueId(lpLuid));
1048 }
1049
1050 static const WCHAR SE_CREATE_TOKEN_NAME_W[] =
1051 { 'S','e','C','r','e','a','t','e','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
1052 static const WCHAR SE_ASSIGNPRIMARYTOKEN_NAME_W[] =
1053 { 'S','e','A','s','s','i','g','n','P','r','i','m','a','r','y','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
1054 static const WCHAR SE_LOCK_MEMORY_NAME_W[] =
1055 { 'S','e','L','o','c','k','M','e','m','o','r','y','P','r','i','v','i','l','e','g','e',0 };
1056 static const WCHAR SE_INCREASE_QUOTA_NAME_W[] =
1057 { 'S','e','I','n','c','r','e','a','s','e','Q','u','o','t','a','P','r','i','v','i','l','e','g','e',0 };
1058 static const WCHAR SE_MACHINE_ACCOUNT_NAME_W[] =
1059 { 'S','e','M','a','c','h','i','n','e','A','c','c','o','u','n','t','P','r','i','v','i','l','e','g','e',0 };
1060 static const WCHAR SE_TCB_NAME_W[] =
1061 { 'S','e','T','c','b','P','r','i','v','i','l','e','g','e',0 };
1062 static const WCHAR SE_SECURITY_NAME_W[] =
1063 { 'S','e','S','e','c','u','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
1064 static const WCHAR SE_TAKE_OWNERSHIP_NAME_W[] =
1065 { 'S','e','T','a','k','e','O','w','n','e','r','s','h','i','p','P','r','i','v','i','l','e','g','e',0 };
1066 static const WCHAR SE_LOAD_DRIVER_NAME_W[] =
1067 { 'S','e','L','o','a','d','D','r','i','v','e','r','P','r','i','v','i','l','e','g','e',0 };
1068 static const WCHAR SE_SYSTEM_PROFILE_NAME_W[] =
1069 { 'S','e','S','y','s','t','e','m','P','r','o','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
1070 static const WCHAR SE_SYSTEMTIME_NAME_W[] =
1071 { 'S','e','S','y','s','t','e','m','t','i','m','e','P','r','i','v','i','l','e','g','e',0 };
1072 static const WCHAR SE_PROF_SINGLE_PROCESS_NAME_W[] =
1073 { 'S','e','P','r','o','f','i','l','e','S','i','n','g','l','e','P','r','o','c','e','s','s','P','r','i','v','i','l','e','g','e',0 };
1074 static const WCHAR SE_INC_BASE_PRIORITY_NAME_W[] =
1075 { 'S','e','I','n','c','r','e','a','s','e','B','a','s','e','P','r','i','o','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
1076 static const WCHAR SE_CREATE_PAGEFILE_NAME_W[] =
1077 { 'S','e','C','r','e','a','t','e','P','a','g','e','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
1078 static const WCHAR SE_CREATE_PERMANENT_NAME_W[] =
1079 { 'S','e','C','r','e','a','t','e','P','e','r','m','a','n','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1080 static const WCHAR SE_BACKUP_NAME_W[] =
1081 { 'S','e','B','a','c','k','u','p','P','r','i','v','i','l','e','g','e',0 };
1082 static const WCHAR SE_RESTORE_NAME_W[] =
1083 { 'S','e','R','e','s','t','o','r','e','P','r','i','v','i','l','e','g','e',0 };
1084 static const WCHAR SE_SHUTDOWN_NAME_W[] =
1085 { 'S','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
1086 static const WCHAR SE_DEBUG_NAME_W[] =
1087 { 'S','e','D','e','b','u','g','P','r','i','v','i','l','e','g','e',0 };
1088 static const WCHAR SE_AUDIT_NAME_W[] =
1089 { 'S','e','A','u','d','i','t','P','r','i','v','i','l','e','g','e',0 };
1090 static const WCHAR SE_SYSTEM_ENVIRONMENT_NAME_W[] =
1091 { 'S','e','S','y','s','t','e','m','E','n','v','i','r','o','n','m','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1092 static const WCHAR SE_CHANGE_NOTIFY_NAME_W[] =
1093 { 'S','e','C','h','a','n','g','e','N','o','t','i','f','y','P','r','i','v','i','l','e','g','e',0 };
1094 static const WCHAR SE_REMOTE_SHUTDOWN_NAME_W[] =
1095 { 'S','e','R','e','m','o','t','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
1096 static const WCHAR SE_UNDOCK_NAME_W[] =
1097 { 'S','e','U','n','d','o','c','k','P','r','i','v','i','l','e','g','e',0 };
1098 static const WCHAR SE_SYNC_AGENT_NAME_W[] =
1099 { 'S','e','S','y','n','c','A','g','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1100 static const WCHAR SE_ENABLE_DELEGATION_NAME_W[] =
1101 { 'S','e','E','n','a','b','l','e','D','e','l','e','g','a','t','i','o','n','P','r','i','v','i','l','e','g','e',0 };
1102 static const WCHAR SE_MANAGE_VOLUME_NAME_W[] =
1103 { 'S','e','M','a','n','a','g','e','V','o','l','u','m','e','P','r','i','v','i','l','e','g','e',0 };
1104 static const WCHAR SE_IMPERSONATE_NAME_W[] =
1105 { 'S','e','I','m','p','e','r','s','o','n','a','t','e','P','r','i','v','i','l','e','g','e',0 };
1106 static const WCHAR SE_CREATE_GLOBAL_NAME_W[] =
1107 { 'S','e','C','r','e','a','t','e','G','l','o','b','a','l','P','r','i','v','i','l','e','g','e',0 };
1108
1109 static const WCHAR * const WellKnownPrivNames[SE_MAX_WELL_KNOWN_PRIVILEGE + 1] =
1110 {
1111 NULL,
1112 NULL,
1113 SE_CREATE_TOKEN_NAME_W,
1114 SE_ASSIGNPRIMARYTOKEN_NAME_W,
1115 SE_LOCK_MEMORY_NAME_W,
1116 SE_INCREASE_QUOTA_NAME_W,
1117 SE_MACHINE_ACCOUNT_NAME_W,
1118 SE_TCB_NAME_W,
1119 SE_SECURITY_NAME_W,
1120 SE_TAKE_OWNERSHIP_NAME_W,
1121 SE_LOAD_DRIVER_NAME_W,
1122 SE_SYSTEM_PROFILE_NAME_W,
1123 SE_SYSTEMTIME_NAME_W,
1124 SE_PROF_SINGLE_PROCESS_NAME_W,
1125 SE_INC_BASE_PRIORITY_NAME_W,
1126 SE_CREATE_PAGEFILE_NAME_W,
1127 SE_CREATE_PERMANENT_NAME_W,
1128 SE_BACKUP_NAME_W,
1129 SE_RESTORE_NAME_W,
1130 SE_SHUTDOWN_NAME_W,
1131 SE_DEBUG_NAME_W,
1132 SE_AUDIT_NAME_W,
1133 SE_SYSTEM_ENVIRONMENT_NAME_W,
1134 SE_CHANGE_NOTIFY_NAME_W,
1135 SE_REMOTE_SHUTDOWN_NAME_W,
1136 SE_UNDOCK_NAME_W,
1137 SE_SYNC_AGENT_NAME_W,
1138 SE_ENABLE_DELEGATION_NAME_W,
1139 SE_MANAGE_VOLUME_NAME_W,
1140 SE_IMPERSONATE_NAME_W,
1141 SE_CREATE_GLOBAL_NAME_W,
1142 };
1143
1144 /******************************************************************************
1145 * LookupPrivilegeValueW [ADVAPI32.@]
1146 *
1147 * See LookupPrivilegeValueA.
1148 */
1149 BOOL WINAPI
1150 LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid )
1151 {
1152 UINT i;
1153
1154 TRACE("%s,%s,%p\n",debugstr_w(lpSystemName), debugstr_w(lpName), lpLuid);
1155
1156 if (!ADVAPI_IsLocalComputer(lpSystemName))
1157 {
1158 SetLastError(RPC_S_SERVER_UNAVAILABLE);
1159 return FALSE;
1160 }
1161 if (!lpName)
1162 {
1163 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1164 return FALSE;
1165 }
1166 for( i=SE_MIN_WELL_KNOWN_PRIVILEGE; i<SE_MAX_WELL_KNOWN_PRIVILEGE; i++ )
1167 {
1168 if( !WellKnownPrivNames[i] )
1169 continue;
1170 if( strcmpiW( WellKnownPrivNames[i], lpName) )
1171 continue;
1172 lpLuid->LowPart = i;
1173 lpLuid->HighPart = 0;
1174 TRACE( "%s -> %08lx-%08lx\n",debugstr_w( lpSystemName ),
1175 lpLuid->HighPart, lpLuid->LowPart );
1176 return TRUE;
1177 }
1178 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1179 return FALSE;
1180 }
1181
1182 /******************************************************************************
1183 * LookupPrivilegeValueA [ADVAPI32.@]
1184 *
1185 * Retrieves LUID used on a system to represent the privilege name.
1186 *
1187 * PARAMS
1188 * lpSystemName [I] Name of the system
1189 * lpName [I] Name of the privilege
1190 * lpLuid [O] Destination for the resulting LUID
1191 *
1192 * RETURNS
1193 * Success: TRUE. lpLuid contains the requested LUID.
1194 * Failure: FALSE.
1195 */
1196 BOOL WINAPI
1197 LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid )
1198 {
1199 UNICODE_STRING lpSystemNameW;
1200 UNICODE_STRING lpNameW;
1201 BOOL ret;
1202
1203 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1204 RtlCreateUnicodeStringFromAsciiz(&lpNameW,lpName);
1205 ret = LookupPrivilegeValueW(lpSystemNameW.Buffer, lpNameW.Buffer, lpLuid);
1206 RtlFreeUnicodeString(&lpNameW);
1207 RtlFreeUnicodeString(&lpSystemNameW);
1208 return ret;
1209 }
1210
1211 BOOL WINAPI LookupPrivilegeDisplayNameA( LPCSTR lpSystemName, LPCSTR lpName, LPSTR lpDisplayName,
1212 LPDWORD cchDisplayName, LPDWORD lpLanguageId )
1213 {
1214 FIXME("%s %s %s %p %p - stub\n", debugstr_a(lpSystemName), debugstr_a(lpName),
1215 debugstr_a(lpDisplayName), cchDisplayName, lpLanguageId);
1216
1217 return FALSE;
1218 }
1219
1220 BOOL WINAPI LookupPrivilegeDisplayNameW( LPCWSTR lpSystemName, LPCWSTR lpName, LPWSTR lpDisplayName,
1221 LPDWORD cchDisplayName, LPDWORD lpLanguageId )
1222 {
1223 FIXME("%s %s %s %p %p - stub\n", debugstr_w(lpSystemName), debugstr_w(lpName),
1224 debugstr_w(lpDisplayName), cchDisplayName, lpLanguageId);
1225
1226 return FALSE;
1227 }
1228
1229 /******************************************************************************
1230 * LookupPrivilegeNameA [ADVAPI32.@]
1231 *
1232 * See LookupPrivilegeNameW.
1233 */
1234 BOOL WINAPI
1235 LookupPrivilegeNameA( LPCSTR lpSystemName, PLUID lpLuid, LPSTR lpName,
1236 LPDWORD cchName)
1237 {
1238 UNICODE_STRING lpSystemNameW;
1239 BOOL ret;
1240 DWORD wLen = 0;
1241
1242 TRACE("%s %p %p %p\n", debugstr_a(lpSystemName), lpLuid, lpName, cchName);
1243
1244 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1245 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, NULL, &wLen);
1246 if (!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
1247 {
1248 LPWSTR lpNameW = HeapAlloc(GetProcessHeap(), 0, wLen * sizeof(WCHAR));
1249
1250 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, lpNameW,
1251 &wLen);
1252 if (ret)
1253 {
1254 /* Windows crashes if cchName is NULL, so will I */
1255 int len = WideCharToMultiByte(CP_ACP, 0, lpNameW, -1, lpName,
1256 *cchName, NULL, NULL);
1257
1258 if (len == 0)
1259 {
1260 /* WideCharToMultiByte failed */
1261 ret = FALSE;
1262 }
1263 else if (len > *cchName)
1264 {
1265 *cchName = len;
1266 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1267 ret = FALSE;
1268 }
1269 else
1270 {
1271 /* WideCharToMultiByte succeeded, output length needs to be
1272 * length not including NULL terminator
1273 */
1274 *cchName = len - 1;
1275 }
1276 }
1277 HeapFree(GetProcessHeap(), 0, lpNameW);
1278 }
1279 RtlFreeUnicodeString(&lpSystemNameW);
1280 return ret;
1281 }
1282
1283 /******************************************************************************
1284 * LookupPrivilegeNameW [ADVAPI32.@]
1285 *
1286 * Retrieves the privilege name referred to by the LUID lpLuid.
1287 *
1288 * PARAMS
1289 * lpSystemName [I] Name of the system
1290 * lpLuid [I] Privilege value
1291 * lpName [O] Name of the privilege
1292 * cchName [I/O] Number of characters in lpName.
1293 *
1294 * RETURNS
1295 * Success: TRUE. lpName contains the name of the privilege whose value is
1296 * *lpLuid.
1297 * Failure: FALSE.
1298 *
1299 * REMARKS
1300 * Only well-known privilege names (those defined in winnt.h) can be retrieved
1301 * using this function.
1302 * If the length of lpName is too small, on return *cchName will contain the
1303 * number of WCHARs needed to contain the privilege, including the NULL
1304 * terminator, and GetLastError will return ERROR_INSUFFICIENT_BUFFER.
1305 * On success, *cchName will contain the number of characters stored in
1306 * lpName, NOT including the NULL terminator.
1307 */
1308 BOOL WINAPI
1309 LookupPrivilegeNameW( LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName,
1310 LPDWORD cchName)
1311 {
1312 size_t privNameLen;
1313
1314 TRACE("%s,%p,%p,%p\n",debugstr_w(lpSystemName), lpLuid, lpName, cchName);
1315
1316 if (!ADVAPI_IsLocalComputer(lpSystemName))
1317 {
1318 SetLastError(RPC_S_SERVER_UNAVAILABLE);
1319 return FALSE;
1320 }
1321 if (lpLuid->HighPart || (lpLuid->LowPart < SE_MIN_WELL_KNOWN_PRIVILEGE ||
1322 lpLuid->LowPart > SE_MAX_WELL_KNOWN_PRIVILEGE))
1323 {
1324 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1325 return FALSE;
1326 }
1327 privNameLen = strlenW(WellKnownPrivNames[lpLuid->LowPart]);
1328 /* Windows crashes if cchName is NULL, so will I */
1329 if (*cchName <= privNameLen)
1330 {
1331 *cchName = privNameLen + 1;
1332 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1333 return FALSE;
1334 }
1335 else
1336 {
1337 strcpyW(lpName, WellKnownPrivNames[lpLuid->LowPart]);
1338 *cchName = privNameLen;
1339 return TRUE;
1340 }
1341 }
1342
1343 /******************************************************************************
1344 * GetFileSecurityA [ADVAPI32.@]
1345 *
1346 * Obtains Specified information about the security of a file or directory.
1347 *
1348 * PARAMS
1349 * lpFileName [I] Name of the file to get info for
1350 * RequestedInformation [I] SE_ flags from "winnt.h"
1351 * pSecurityDescriptor [O] Destination for security information
1352 * nLength [I] Length of pSecurityDescriptor
1353 * lpnLengthNeeded [O] Destination for length of returned security information
1354 *
1355 * RETURNS
1356 * Success: TRUE. pSecurityDescriptor contains the requested information.
1357 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
1358 *
1359 * NOTES
1360 * The information returned is constrained by the callers access rights and
1361 * privileges.
1362 */
1363 BOOL WINAPI
1364 GetFileSecurityA( LPCSTR lpFileName,
1365 SECURITY_INFORMATION RequestedInformation,
1366 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1367 DWORD nLength, LPDWORD lpnLengthNeeded )
1368 {
1369 DWORD len;
1370 BOOL r;
1371 LPWSTR name = NULL;
1372
1373 if( lpFileName )
1374 {
1375 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
1376 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1377 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
1378 }
1379
1380 r = GetFileSecurityW( name, RequestedInformation, pSecurityDescriptor,
1381 nLength, lpnLengthNeeded );
1382 HeapFree( GetProcessHeap(), 0, name );
1383
1384 return r;
1385 }
1386
1387 /******************************************************************************
1388 * GetFileSecurityW [ADVAPI32.@]
1389 *
1390 * See GetFileSecurityA.
1391 */
1392 BOOL WINAPI
1393 GetFileSecurityW( LPCWSTR lpFileName,
1394 SECURITY_INFORMATION RequestedInformation,
1395 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1396 DWORD nLength, LPDWORD lpnLengthNeeded )
1397 {
1398 DWORD nNeeded;
1399 LPBYTE pBuffer;
1400 DWORD iLocNow;
1401 SECURITY_DESCRIPTOR_RELATIVE *pSDRelative;
1402
1403 if(INVALID_FILE_ATTRIBUTES == GetFileAttributesW(lpFileName))
1404 return FALSE;
1405
1406 FIXME("(%s) : returns fake SECURITY_DESCRIPTOR\n", debugstr_w(lpFileName) );
1407
1408 nNeeded = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
1409 if (RequestedInformation & OWNER_SECURITY_INFORMATION)
1410 nNeeded += sizeof(sidWorld);
1411 if (RequestedInformation & GROUP_SECURITY_INFORMATION)
1412 nNeeded += sizeof(sidWorld);
1413 if (RequestedInformation & DACL_SECURITY_INFORMATION)
1414 nNeeded += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1415 if (RequestedInformation & SACL_SECURITY_INFORMATION)
1416 nNeeded += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1417
1418 *lpnLengthNeeded = nNeeded;
1419
1420 if (nNeeded > nLength)
1421 return TRUE;
1422
1423 if (!InitializeSecurityDescriptor(pSecurityDescriptor, SECURITY_DESCRIPTOR_REVISION))
1424 return FALSE;
1425
1426 pSDRelative = (PISECURITY_DESCRIPTOR_RELATIVE) pSecurityDescriptor;
1427 pSDRelative->Control |= SE_SELF_RELATIVE;
1428 pBuffer = (LPBYTE) pSDRelative;
1429 iLocNow = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
1430
1431 if (RequestedInformation & OWNER_SECURITY_INFORMATION)
1432 {
1433 memcpy(pBuffer + iLocNow, &sidWorld, sizeof(sidWorld));
1434 pSDRelative->Owner = iLocNow;
1435 iLocNow += sizeof(sidWorld);
1436 }
1437 if (RequestedInformation & GROUP_SECURITY_INFORMATION)
1438 {
1439 memcpy(pBuffer + iLocNow, &sidWorld, sizeof(sidWorld));
1440 pSDRelative->Group = iLocNow;
1441 iLocNow += sizeof(sidWorld);
1442 }
1443 if (RequestedInformation & DACL_SECURITY_INFORMATION)
1444 {
1445 GetWorldAccessACL((PACL) (pBuffer + iLocNow));
1446 pSDRelative->Dacl = iLocNow;
1447 iLocNow += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1448 }
1449 if (RequestedInformation & SACL_SECURITY_INFORMATION)
1450 {
1451 GetWorldAccessACL((PACL) (pBuffer + iLocNow));
1452 pSDRelative->Sacl = iLocNow;
1453 /* iLocNow += WINE_SIZE_OF_WORLD_ACCESS_ACL; */
1454 }
1455 return TRUE;
1456 }
1457
1458
1459 /******************************************************************************
1460 * LookupAccountSidA [ADVAPI32.@]
1461 */
1462 BOOL WINAPI
1463 LookupAccountSidA(
1464 IN LPCSTR system,
1465 IN PSID sid,
1466 OUT LPSTR account,
1467 IN OUT LPDWORD accountSize,
1468 OUT LPSTR domain,
1469 IN OUT LPDWORD domainSize,
1470 OUT PSID_NAME_USE name_use )
1471 {
1472 static const char ac[] = "Administrator";
1473 static const char dm[] = "DOMAIN";
1474 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1475 debugstr_a(system),sid,
1476 account,accountSize,accountSize?*accountSize:0,
1477 domain,domainSize,domainSize?*domainSize:0,
1478 name_use);
1479
1480 if (accountSize) *accountSize = strlen(ac)+1;
1481 if (account && (*accountSize > strlen(ac)))
1482 strcpy(account, ac);
1483
1484 if (domainSize) *domainSize = strlen(dm)+1;
1485 if (domain && (*domainSize > strlen(dm)))
1486 strcpy(domain,dm);
1487
1488 if (name_use) *name_use = SidTypeUser;
1489 return TRUE;
1490 }
1491
1492 /******************************************************************************
1493 * LookupAccountSidW [ADVAPI32.@]
1494 *
1495 * PARAMS
1496 * system []
1497 * sid []
1498 * account []
1499 * accountSize []
1500 * domain []
1501 * domainSize []
1502 * name_use []
1503 */
1504 BOOL WINAPI
1505 LookupAccountSidW(
1506 IN LPCWSTR system,
1507 IN PSID sid,
1508 OUT LPWSTR account,
1509 IN OUT LPDWORD accountSize,
1510 OUT LPWSTR domain,
1511 IN OUT LPDWORD domainSize,
1512 OUT PSID_NAME_USE name_use )
1513 {
1514 static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
1515 static const WCHAR dm[] = {'D','O','M','A','I','N',0};
1516 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1517 debugstr_w(system),sid,
1518 account,accountSize,accountSize?*accountSize:0,
1519 domain,domainSize,domainSize?*domainSize:0,
1520 name_use);
1521
1522 if (accountSize) *accountSize = strlenW(ac)+1;
1523 if (account && (*accountSize > strlenW(ac)))
1524 strcpyW(account, ac);
1525
1526 if (domainSize) *domainSize = strlenW(dm)+1;
1527 if (domain && (*domainSize > strlenW(dm)))
1528 strcpyW(domain,dm);
1529
1530 if (name_use) *name_use = SidTypeUser;
1531 return TRUE;
1532 }
1533
1534 /******************************************************************************
1535 * SetFileSecurityA [ADVAPI32.@]
1536 *
1537 * See SetFileSecurityW.
1538 */
1539 BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
1540 SECURITY_INFORMATION RequestedInformation,
1541 PSECURITY_DESCRIPTOR pSecurityDescriptor)
1542 {
1543 DWORD len;
1544 BOOL r;
1545 LPWSTR name = NULL;
1546
1547 if( lpFileName )
1548 {
1549 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
1550 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1551 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
1552 }
1553
1554 r = SetFileSecurityW( name, RequestedInformation, pSecurityDescriptor );
1555 HeapFree( GetProcessHeap(), 0, name );
1556
1557 return r;
1558 }
1559
1560 /******************************************************************************
1561 * SetFileSecurityW [ADVAPI32.@]
1562 *
1563 * Sets the security of a file or directory.
1564 *
1565 * PARAMS
1566 * lpFileName []
1567 * RequestedInformation []
1568 * pSecurityDescriptor []
1569 *
1570 * RETURNS
1571 * Success: TRUE.
1572 * Failure: FALSE.
1573 */
1574 BOOL WINAPI
1575 SetFileSecurityW( LPCWSTR lpFileName,
1576 SECURITY_INFORMATION RequestedInformation,
1577 PSECURITY_DESCRIPTOR pSecurityDescriptor )
1578 {
1579 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
1580 return TRUE;
1581 }
1582
1583 /******************************************************************************
1584 * QueryWindows31FilesMigration [ADVAPI32.@]
1585 *
1586 * PARAMS
1587 * x1 []
1588 */
1589 BOOL WINAPI
1590 QueryWindows31FilesMigration( DWORD x1 )
1591 {
1592 FIXME("(%ld):stub\n",x1);
1593 return TRUE;
1594 }
1595
1596 /******************************************************************************
1597 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
1598 *
1599 * PARAMS
1600 * x1 []
1601 * x2 []
1602 * x3 []
1603 * x4 []
1604 */
1605 BOOL WINAPI
1606 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
1607 DWORD x4 )
1608 {
1609 FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
1610 return TRUE;
1611 }
1612
1613 /******************************************************************************
1614 * NotifyBootConfigStatus [ADVAPI32.@]
1615 *
1616 * PARAMS
1617 * x1 []
1618 */
1619 BOOL WINAPI
1620 NotifyBootConfigStatus( BOOL x1 )
1621 {
1622 FIXME("(0x%08d):stub\n",x1);
1623 return 1;
1624 }
1625
1626 /******************************************************************************
1627 * RevertToSelf [ADVAPI32.@]
1628 *
1629 * Ends the impersonation of a user.
1630 *
1631 * PARAMS
1632 * void []
1633 *
1634 * RETURNS
1635 * Success: TRUE.
1636 * Failure: FALSE.
1637 */
1638 BOOL WINAPI
1639 RevertToSelf( void )
1640 {
1641 HANDLE Token = NULL;
1642 return set_ntstatus( NtSetInformationThread( GetCurrentThread(),
1643 ThreadImpersonationToken, &Token, sizeof(Token) ) );
1644 }
1645
1646 /******************************************************************************
1647 * ImpersonateSelf [ADVAPI32.@]
1648 *
1649 * Makes an impersonation token that represents the process user and assigns
1650 * to the current thread.
1651 *
1652 * PARAMS
1653 * ImpersonationLevel [I] Level at which to impersonate.
1654 *
1655 * RETURNS
1656 * Success: TRUE.
1657 * Failure: FALSE.
1658 */
1659 BOOL WINAPI
1660 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1661 {
1662 return set_ntstatus( RtlImpersonateSelf( ImpersonationLevel ) );
1663 }
1664
1665 /******************************************************************************
1666 * ImpersonateLoggedOnUser [ADVAPI32.@]
1667 */
1668 BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
1669 {
1670 NTSTATUS Status;
1671 HANDLE ImpersonationToken;
1672 TOKEN_TYPE Type = TokenImpersonation;
1673
1674 FIXME( "(%p)\n", hToken );
1675
1676 /* FIXME: get token type */
1677
1678 if (Type == TokenPrimary)
1679 {
1680 OBJECT_ATTRIBUTES ObjectAttributes;
1681
1682 InitializeObjectAttributes( &ObjectAttributes, NULL, 0, NULL, NULL );
1683
1684 Status = NtDuplicateToken( hToken,
1685 TOKEN_IMPERSONATE | TOKEN_QUERY,
1686 &ObjectAttributes,
1687 SecurityImpersonation,
1688 TokenImpersonation,
1689 &ImpersonationToken );
1690 if (Status != STATUS_SUCCESS)
1691 {
1692 ERR( "NtDuplicateToken failed with error 0x%08lx\n", Status );
1693 SetLastError( RtlNtStatusToDosError( Status ) );
1694 return FALSE;
1695 }
1696 }
1697 else
1698 ImpersonationToken = hToken;
1699
1700 Status = NtSetInformationThread( GetCurrentThread(),
1701 ThreadImpersonationToken,
1702 &ImpersonationToken,
1703 sizeof(ImpersonationToken) );
1704
1705 if (Type == TokenPrimary)
1706 NtClose( ImpersonationToken );
1707
1708 if (Status != STATUS_SUCCESS)
1709 {
1710 ERR( "NtSetInformationThread failed with error 0x%08lx\n", Status );
1711 SetLastError( RtlNtStatusToDosError( Status ) );
1712 return FALSE;
1713 }
1714
1715 return TRUE;
1716 }
1717
1718 /******************************************************************************
1719 * AccessCheck [ADVAPI32.@]
1720 */
1721 BOOL WINAPI
1722 AccessCheck(
1723 PSECURITY_DESCRIPTOR SecurityDescriptor,
1724 HANDLE ClientToken,
1725 DWORD DesiredAccess,
1726 PGENERIC_MAPPING GenericMapping,
1727 PPRIVILEGE_SET PrivilegeSet,
1728 LPDWORD PrivilegeSetLength,
1729 LPDWORD GrantedAccess,
1730 LPBOOL AccessStatus)
1731 {
1732 NTSTATUS access_status;
1733 BOOL ret = set_ntstatus( NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
1734 GenericMapping, PrivilegeSet, PrivilegeSetLength,
1735 GrantedAccess, &access_status) );
1736 if (ret) *AccessStatus = set_ntstatus( access_status );
1737 return ret;
1738 }
1739
1740
1741 /******************************************************************************
1742 * AccessCheckByType [ADVAPI32.@]
1743 */
1744 BOOL WINAPI AccessCheckByType(
1745 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1746 PSID PrincipalSelfSid,
1747 HANDLE ClientToken,
1748 DWORD DesiredAccess,
1749 POBJECT_TYPE_LIST ObjectTypeList,
1750 DWORD ObjectTypeListLength,
1751 PGENERIC_MAPPING GenericMapping,
1752 PPRIVILEGE_SET PrivilegeSet,
1753 LPDWORD PrivilegeSetLength,
1754 LPDWORD GrantedAccess,
1755 LPBOOL AccessStatus)
1756 {
1757 FIXME("stub\n");
1758
1759 *AccessStatus = TRUE;
1760
1761 return !*AccessStatus;
1762 }
1763
1764 /******************************************************************************
1765 * MapGenericMask [ADVAPI32.@]
1766 *
1767 * Maps generic access rights into specific access rights according to the
1768 * supplied mapping.
1769 *
1770 * PARAMS
1771 * AccessMask [I/O] Access rights.
1772 * GenericMapping [I] The mapping between generic and specific rights.
1773 *
1774 * RETURNS
1775 * Nothing.
1776 */
1777 VOID WINAPI MapGenericMask( PDWORD AccessMask, PGENERIC_MAPPING GenericMapping )
1778 {
1779 RtlMapGenericMask( AccessMask, GenericMapping );
1780 }
1781
1782 /*************************************************************************
1783 * SetKernelObjectSecurity [ADVAPI32.@]
1784 */
1785 BOOL WINAPI SetKernelObjectSecurity (
1786 IN HANDLE Handle,
1787 IN SECURITY_INFORMATION SecurityInformation,
1788 IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1789 {
1790 return set_ntstatus (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1791 }
1792
1793
1794 /******************************************************************************
1795 * AddAuditAccessAce [ADVAPI32.@]
1796 */
1797 BOOL WINAPI AddAuditAccessAce(
1798 IN OUT PACL pAcl,
1799 IN DWORD dwAceRevision,
1800 IN DWORD dwAccessMask,
1801 IN PSID pSid,
1802 IN BOOL bAuditSuccess,
1803 IN BOOL bAuditFailure)
1804 {
1805 return set_ntstatus( RtlAddAuditAccessAce(pAcl, dwAceRevision, dwAccessMask, pSid,
1806 bAuditSuccess, bAuditFailure) );
1807 }
1808
1809 /******************************************************************************
1810 * LookupAccountNameA [ADVAPI32.@]
1811 */
1812 BOOL WINAPI
1813 LookupAccountNameA(
1814 IN LPCSTR system,
1815 IN LPCSTR account,
1816 OUT PSID sid,
1817 OUT LPDWORD cbSid,
1818 LPSTR ReferencedDomainName,
1819 IN OUT LPDWORD cbReferencedDomainName,
1820 OUT PSID_NAME_USE name_use )
1821 {
1822 BOOL ret;
1823 UNICODE_STRING lpSystemW;
1824 UNICODE_STRING lpAccountW;
1825 LPWSTR lpReferencedDomainNameW = NULL;
1826
1827 RtlCreateUnicodeStringFromAsciiz(&lpSystemW, system);
1828 RtlCreateUnicodeStringFromAsciiz(&lpAccountW, account);
1829
1830 if (ReferencedDomainName)
1831 lpReferencedDomainNameW = HeapAlloc(GetProcessHeap(), 0, *cbReferencedDomainName * sizeof(WCHAR));
1832
1833 ret = LookupAccountNameW(lpSystemW.Buffer, lpAccountW.Buffer, sid, cbSid, lpReferencedDomainNameW,
1834 cbReferencedDomainName, name_use);
1835
1836 if (ret && lpReferencedDomainNameW)
1837 {
1838 WideCharToMultiByte(CP_ACP, 0, lpReferencedDomainNameW, *cbReferencedDomainName,
1839 ReferencedDomainName, *cbReferencedDomainName, NULL, NULL);
1840 }
1841
1842 RtlFreeUnicodeString(&lpSystemW);
1843 RtlFreeUnicodeString(&lpAccountW);
1844 HeapFree(GetProcessHeap(), 0, lpReferencedDomainNameW);
1845
1846 return ret;
1847 }
1848
1849 /******************************************************************************
1850 * LookupAccountNameW [ADVAPI32.@]
1851 */
1852 BOOL WINAPI LookupAccountNameW( LPCWSTR lpSystemName, LPCWSTR lpAccountName, PSID Sid,
1853 LPDWORD cbSid, LPWSTR ReferencedDomainName,
1854 LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse )
1855 {
1856 /* Default implementation: Always return a default SID */
1857 SID_IDENTIFIER_AUTHORITY identifierAuthority = {SECURITY_NT_AUTHORITY};
1858 BOOL ret;
1859 PSID pSid;
1860 static const WCHAR dm[] = {'D','O','M','A','I','N'};
1861
1862 FIXME("%s %s %p %p %p %p %p - stub\n", debugstr_w(lpSystemName), debugstr_w(lpAccountName),
1863 Sid, cbSid, ReferencedDomainName, cchReferencedDomainName, peUse);
1864
1865 ret = AllocateAndInitializeSid(&identifierAuthority,
1866 2,
1867 SECURITY_BUILTIN_DOMAIN_RID,
1868 DOMAIN_ALIAS_RID_ADMINS,
1869 0, 0, 0, 0, 0, 0,
1870 &pSid);
1871
1872 if (!ret)
1873 return FALSE;
1874
1875 if (!RtlValidSid(pSid))
1876 {
1877 FreeSid(pSid);
1878 return FALSE;
1879 }
1880
1881 if (Sid != NULL && (*cbSid >= GetLengthSid(pSid)))
1882 CopySid(*cbSid, Sid, pSid);
1883 if (*cbSid < GetLengthSid(pSid))
1884 {
1885 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1886 ret = FALSE;
1887 }
1888 *cbSid = GetLengthSid(pSid);
1889
1890 if (ReferencedDomainName != NULL && (*cchReferencedDomainName > strlenW(dm)))
1891 strcpyW(ReferencedDomainName, dm);
1892
1893 if (*cchReferencedDomainName <= strlenW(dm))
1894 {
1895 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1896 ret = FALSE;
1897 }
1898
1899 *cchReferencedDomainName = strlenW(dm)+1;
1900
1901 FreeSid(pSid);
1902
1903 return ret;
1904 }
1905
1906 /******************************************************************************
1907 * PrivilegeCheck [ADVAPI32.@]
1908 */
1909 BOOL WINAPI PrivilegeCheck( HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
1910 {
1911 BOOL ret;
1912 BOOLEAN Result;
1913
1914 TRACE("%p %p %p\n", ClientToken, RequiredPrivileges, pfResult);
1915
1916 ret = set_ntstatus (NtPrivilegeCheck (ClientToken, RequiredPrivileges, &Result));
1917 if (ret)
1918 *pfResult = Result;
1919 return ret;
1920 }
1921
1922 /******************************************************************************
1923 * AccessCheckAndAuditAlarmA [ADVAPI32.@]
1924 */
1925 BOOL WINAPI AccessCheckAndAuditAlarmA(LPCSTR Subsystem, LPVOID HandleId, LPSTR ObjectTypeName,
1926 LPSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
1927 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
1928 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
1929 {
1930 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_a(Subsystem),
1931 HandleId, debugstr_a(ObjectTypeName), debugstr_a(ObjectName),
1932 SecurityDescriptor, DesiredAccess, GenericMapping,
1933 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
1934 return TRUE;
1935 }
1936
1937 /******************************************************************************
1938 * AccessCheckAndAuditAlarmW [ADVAPI32.@]
1939 */
1940 BOOL WINAPI AccessCheckAndAuditAlarmW(LPCWSTR Subsystem, LPVOID HandleId, LPWSTR ObjectTypeName,
1941 LPWSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
1942 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
1943 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
1944 {
1945 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_w(Subsystem),
1946 HandleId, debugstr_w(ObjectTypeName), debugstr_w(ObjectName),
1947 SecurityDescriptor, DesiredAccess, GenericMapping,
1948 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
1949 return TRUE;
1950 }
1951
1952 BOOL WINAPI ObjectCloseAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
1953 {
1954 FIXME("stub (%s,%p,%x)\n", debugstr_a(SubsystemName), HandleId, GenerateOnClose);
1955
1956 return TRUE;
1957 }
1958
1959 BOOL WINAPI ObjectCloseAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
1960 {
1961 FIXME("stub (%s,%p,%x)\n", debugstr_w(SubsystemName), HandleId, GenerateOnClose);
1962
1963 return TRUE;
1964 }
1965
1966 BOOL WINAPI ObjectDeleteAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
1967 {
1968 FIXME("stub (%s,%p,%x)\n", debugstr_w(SubsystemName), HandleId, GenerateOnClose);
1969
1970 return TRUE;
1971 }
1972
1973 BOOL WINAPI ObjectOpenAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, LPSTR ObjectTypeName,
1974 LPSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess,
1975 DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted,
1976 LPBOOL GenerateOnClose)
1977 {
1978 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_a(SubsystemName),
1979 HandleId, debugstr_a(ObjectTypeName), debugstr_a(ObjectName), pSecurityDescriptor,
1980 ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted,
1981 GenerateOnClose);
1982
1983 return TRUE;
1984 }
1985
1986 BOOL WINAPI ObjectOpenAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, LPWSTR ObjectTypeName,
1987 LPWSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess,
1988 DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted,
1989 LPBOOL GenerateOnClose)
1990 {
1991 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_w(SubsystemName),
1992 HandleId, debugstr_w(ObjectTypeName), debugstr_w(ObjectName), pSecurityDescriptor,
1993 ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted,
1994 GenerateOnClose);
1995
1996 return TRUE;
1997 }
1998
1999 BOOL WINAPI ObjectPrivilegeAuditAlarmA( LPCSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken,
2000 DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2001 {
2002 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_a(SubsystemName), HandleId, ClientToken,
2003 DesiredAccess, Privileges, AccessGranted);
2004
2005 return TRUE;
2006 }
2007
2008 BOOL WINAPI ObjectPrivilegeAuditAlarmW( LPCWSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken,
2009 DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2010 {
2011 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_w(SubsystemName), HandleId, ClientToken,
2012 DesiredAccess, Privileges, AccessGranted);
2013
2014 return TRUE;
2015 }
2016
2017 BOOL WINAPI PrivilegedServiceAuditAlarmA( LPCSTR SubsystemName, LPCSTR ServiceName, HANDLE ClientToken,
2018 PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2019 {
2020 FIXME("stub (%s,%s,%p,%p,%x)\n", debugstr_a(SubsystemName), debugstr_a(ServiceName),
2021 ClientToken, Privileges, AccessGranted);
2022
2023 return TRUE;
2024 }
2025
2026 BOOL WINAPI PrivilegedServiceAuditAlarmW( LPCWSTR SubsystemName, LPCWSTR ServiceName, HANDLE ClientToken,
2027 PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2028 {
2029 FIXME("stub %s,%s,%p,%p,%x)\n", debugstr_w(SubsystemName), debugstr_w(ServiceName),
2030 ClientToken, Privileges, AccessGranted);
2031
2032 return TRUE;
2033 }
2034
2035 /******************************************************************************
2036 * GetSecurityInfo [ADVAPI32.@]
2037 */
2038 DWORD WINAPI GetSecurityInfo(
2039 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
2040 SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner,
2041 PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl,
2042 PSECURITY_DESCRIPTOR *ppSecurityDescriptor
2043 )
2044 {
2045 FIXME("stub!\n");
2046 return ERROR_BAD_PROVIDER;
2047 }
2048
2049 /******************************************************************************
2050 * GetSecurityInfoExW [ADVAPI32.@]
2051 */
2052 DWORD WINAPI GetSecurityInfoExW(
2053 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
2054 SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider,
2055 LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList,
2056 PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup
2057 )
2058 {
2059 FIXME("stub!\n");
2060 return ERROR_BAD_PROVIDER;
2061 }
2062
2063 /******************************************************************************
2064 * BuildExplicitAccessWithNameA [ADVAPI32.@]
2065 */
2066 VOID WINAPI BuildExplicitAccessWithNameA( PEXPLICIT_ACCESSA pExplicitAccess,
2067 LPSTR pTrusteeName, DWORD AccessPermissions,
2068 ACCESS_MODE AccessMode, DWORD Inheritance )
2069 {
2070 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess, debugstr_a(pTrusteeName),
2071 AccessPermissions, AccessMode, Inheritance);
2072
2073 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2074 pExplicitAccess->grfAccessMode = AccessMode;
2075 pExplicitAccess->grfInheritance = Inheritance;
2076
2077 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2078 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2079 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2080 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2081 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2082 }
2083
2084 /******************************************************************************
2085 * BuildExplicitAccessWithNameW [ADVAPI32.@]
2086 */
2087 VOID WINAPI BuildExplicitAccessWithNameW( PEXPLICIT_ACCESSW pExplicitAccess,
2088 LPWSTR pTrusteeName, DWORD AccessPermissions,
2089 ACCESS_MODE AccessMode, DWORD Inheritance )
2090 {
2091 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess, debugstr_w(pTrusteeName),
2092 AccessPermissions, AccessMode, Inheritance);
2093
2094 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2095 pExplicitAccess->grfAccessMode = AccessMode;
2096 pExplicitAccess->grfInheritance = Inheritance;
2097
2098 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2099 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2100 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2101 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2102 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2103 }
2104
2105 /******************************************************************************
2106 * BuildTrusteeWithObjectsAndNameA [ADVAPI32.@]
2107 */
2108 VOID WINAPI BuildTrusteeWithObjectsAndNameA( PTRUSTEEA pTrustee, POBJECTS_AND_NAME_A pObjName,
2109 SE_OBJECT_TYPE ObjectType, LPSTR ObjectTypeName,
2110 LPSTR InheritedObjectTypeName, LPSTR Name )
2111 {
2112 DWORD ObjectsPresent = 0;
2113
2114 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2115 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_a(Name));
2116
2117 /* Fill the OBJECTS_AND_NAME structure */
2118 pObjName->ObjectType = ObjectType;
2119 if (ObjectTypeName != NULL)
2120 {
2121 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2122 }
2123
2124 pObjName->InheritedObjectTypeName = InheritedObjectTypeName;
2125 if (InheritedObjectTypeName != NULL)
2126 {
2127 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2128 }
2129
2130 pObjName->ObjectsPresent = ObjectsPresent;
2131 pObjName->ptstrName = Name;
2132
2133 /* Fill the TRUSTEE structure */
2134 pTrustee->pMultipleTrustee = NULL;
2135 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2136 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2137 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2138 pTrustee->ptstrName = (LPSTR)pObjName;
2139 }
2140
2141 /******************************************************************************
2142 * BuildTrusteeWithObjectsAndNameW [ADVAPI32.@]
2143 */
2144 VOID WINAPI BuildTrusteeWithObjectsAndNameW( PTRUSTEEW pTrustee, POBJECTS_AND_NAME_W pObjName,
2145 SE_OBJECT_TYPE ObjectType, LPWSTR ObjectTypeName,
2146 LPWSTR InheritedObjectTypeName, LPWSTR Name )
2147 {
2148 DWORD ObjectsPresent = 0;
2149
2150 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2151 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_w(Name));
2152
2153 /* Fill the OBJECTS_AND_NAME structure */
2154 pObjName->ObjectType = ObjectType;
2155 if (ObjectTypeName != NULL)
2156 {
2157 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2158 }
2159
2160 pObjName->InheritedObjectTypeName = InheritedObjectTypeName;
2161 if (InheritedObjectTypeName != NULL)
2162 {
2163 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2164 }
2165
2166 pObjName->ObjectsPresent = ObjectsPresent;
2167 pObjName->ptstrName = Name;
2168
2169 /* Fill the TRUSTEE structure */
2170 pTrustee->pMultipleTrustee = NULL;
2171 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2172 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2173 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2174 pTrustee->ptstrName = (LPWSTR)pObjName;
2175 }
2176
2177 VOID WINAPI BuildTrusteeWithObjectsAndSidA( PTRUSTEEA pTrustee, POBJECTS_AND_SID pObjSid,
2178 GUID* pObjectGuid, GUID* pInheritedObjectGuid, PSID pSid )
2179 {
2180 DWORD ObjectsPresent = 0;
2181
2182 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2183
2184 /* Fill the OBJECTS_AND_SID structure */
2185 if (pObjectGuid != NULL)
2186 {
2187 pObjSid->ObjectTypeGuid = *pObjectGuid;
2188 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2189 }
2190 else
2191 {
2192 ZeroMemory(&pObjSid->ObjectTypeGuid,
2193 sizeof(GUID));
2194 }
2195
2196 if (pInheritedObjectGuid != NULL)
2197 {
2198 pObjSid->InheritedObjectTypeGuid = *pInheritedObjectGuid;
2199 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2200 }
2201 else
2202 {
2203 ZeroMemory(&pObjSid->InheritedObjectTypeGuid,
2204 sizeof(GUID));
2205 }
2206
2207 pObjSid->ObjectsPresent = ObjectsPresent;
2208 pObjSid->pSid = pSid;
2209
2210 /* Fill the TRUSTEE structure */
2211 pTrustee->pMultipleTrustee = NULL;
2212 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2213 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2214 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2215 pTrustee->ptstrName = (LPSTR) pObjSid;
2216 }
2217
2218 VOID WINAPI BuildTrusteeWithObjectsAndSidW( PTRUSTEEW pTrustee, POBJECTS_AND_SID pObjSid,
2219 GUID* pObjectGuid, GUID* pInheritedObjectGuid, PSID pSid )
2220 {
2221 DWORD ObjectsPresent = 0;
2222
2223 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2224
2225 /* Fill the OBJECTS_AND_SID structure */
2226 if (pObjectGuid != NULL)
2227 {
2228 pObjSid->ObjectTypeGuid = *pObjectGuid;
2229 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2230 }
2231 else
2232 {
2233 ZeroMemory(&pObjSid->ObjectTypeGuid,
2234 sizeof(GUID));
2235 }
2236
2237 if (pInheritedObjectGuid != NULL)
2238 {
2239 pObjSid->InheritedObjectTypeGuid = *pInheritedObjectGuid;
2240 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2241 }
2242 else
2243 {
2244 ZeroMemory(&pObjSid->InheritedObjectTypeGuid,
2245 sizeof(GUID));
2246 }
2247
2248 pObjSid->ObjectsPresent = ObjectsPresent;
2249 pObjSid->pSid = pSid;
2250
2251 /* Fill the TRUSTEE structure */
2252 pTrustee->pMultipleTrustee = NULL;
2253 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2254 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2255 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2256 pTrustee->ptstrName = (LPWSTR) pObjSid;
2257 }
2258
2259 /******************************************************************************
2260 * BuildTrusteeWithSidA [ADVAPI32.@]
2261 */
2262 VOID WINAPI BuildTrusteeWithSidA(PTRUSTEEA pTrustee, PSID pSid)
2263 {
2264 TRACE("%p %p\n", pTrustee, pSid);
2265
2266 pTrustee->pMultipleTrustee = NULL;
2267 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2268 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2269 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2270 pTrustee->ptstrName = (LPSTR) pSid;
2271 }
2272
2273 /******************************************************************************
2274 * BuildTrusteeWithSidW [ADVAPI32.@]
2275 */
2276 VOID WINAPI BuildTrusteeWithSidW(PTRUSTEEW pTrustee, PSID pSid)
2277 {
2278 TRACE("%p %p\n", pTrustee, pSid);
2279
2280 pTrustee->pMultipleTrustee = NULL;
2281 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2282 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2283 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2284 pTrustee->ptstrName = (LPWSTR) pSid;
2285 }
2286
2287 /******************************************************************************
2288 * BuildTrusteeWithNameA [ADVAPI32.@]
2289 */
2290 VOID WINAPI BuildTrusteeWithNameA(PTRUSTEEA pTrustee, LPSTR name)
2291 {
2292 TRACE("%p %s\n", pTrustee, debugstr_a(name) );
2293
2294 pTrustee->pMultipleTrustee = NULL;
2295 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2296 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2297 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2298 pTrustee->ptstrName = name;
2299 }
2300
2301 /******************************************************************************
2302 * BuildTrusteeWithNameW [ADVAPI32.@]
2303 */
2304 VOID WINAPI BuildTrusteeWithNameW(PTRUSTEEW pTrustee, LPWSTR name)
2305 {
2306 TRACE("%p %s\n", pTrustee, debugstr_w(name) );
2307
2308 pTrustee->pMultipleTrustee = NULL;
2309 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2310 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2311 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2312 pTrustee->ptstrName = name;
2313 }
2314
2315 /******************************************************************************
2316 * GetTrusteeFormA [ADVAPI32.@]
2317 */
2318 TRUSTEE_FORM WINAPI GetTrusteeFormA(PTRUSTEEA pTrustee)
2319 {
2320 TRACE("(%p)\n", pTrustee);
2321
2322 if (!pTrustee)
2323 return TRUSTEE_BAD_FORM;
2324
2325 return pTrustee->TrusteeForm;
2326 }
2327
2328 /******************************************************************************
2329 * GetTrusteeFormW [ADVAPI32.@]
2330 */
2331 TRUSTEE_FORM WINAPI GetTrusteeFormW(PTRUSTEEW pTrustee)
2332 {
2333 TRACE("(%p)\n", pTrustee);
2334
2335 if (!pTrustee)
2336 return TRUSTEE_BAD_FORM;
2337
2338 return pTrustee->TrusteeForm;
2339 }
2340
2341 /******************************************************************************
2342 * GetTrusteeNameA [ADVAPI32.@]
2343 */
2344 LPSTR WINAPI GetTrusteeNameA(PTRUSTEEA pTrustee)
2345 {
2346 TRACE("(%p)\n", pTrustee);
2347
2348 if (!pTrustee)
2349 return NULL;
2350
2351 return pTrustee->ptstrName;
2352 }
2353
2354 /******************************************************************************
2355 * GetTrusteeNameW [ADVAPI32.@]
2356 */
2357 LPWSTR WINAPI GetTrusteeNameW(PTRUSTEEW pTrustee)
2358 {
2359 TRACE("(%p)\n", pTrustee);
2360
2361 if (!pTrustee)
2362 return NULL;
2363
2364 return pTrustee->ptstrName;
2365 }
2366
2367 /******************************************************************************
2368 * GetTrusteeTypeA [ADVAPI32.@]
2369 */
2370 TRUSTEE_TYPE WINAPI GetTrusteeTypeA(PTRUSTEEA pTrustee)
2371 {
2372 TRACE("(%p)\n", pTrustee);
2373
2374 if (!pTrustee)
2375 return TRUSTEE_IS_UNKNOWN;
2376
2377 return pTrustee->TrusteeType;
2378 }
2379
2380 /******************************************************************************
2381 * GetTrusteeTypeW [ADVAPI32.@]
2382 */
2383 TRUSTEE_TYPE WINAPI GetTrusteeTypeW(PTRUSTEEW pTrustee)
2384 {
2385 TRACE("(%p)\n", pTrustee);
2386
2387 if (!pTrustee)
2388 return TRUSTEE_IS_UNKNOWN;
2389
2390 return pTrustee->TrusteeType;
2391 }
2392
2393 BOOL WINAPI SetAclInformation( PACL pAcl, LPVOID pAclInformation,
2394 DWORD nAclInformationLength,
2395 ACL_INFORMATION_CLASS dwAclInformationClass )
2396 {
2397 FIXME("%p %p 0x%08lx 0x%08x - stub\n", pAcl, pAclInformation,
2398 nAclInformationLength, dwAclInformationClass);
2399
2400 return TRUE;
2401 }
2402
2403 /******************************************************************************
2404 * SetEntriesInAclA [ADVAPI32.@]
2405 */
2406 DWORD WINAPI SetEntriesInAclA( ULONG count, PEXPLICIT_ACCESSA pEntries,
2407 PACL OldAcl, PACL* NewAcl )
2408 {
2409 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
2410 return ERROR_CALL_NOT_IMPLEMENTED;
2411 }
2412
2413 /******************************************************************************
2414 * SetEntriesInAclW [ADVAPI32.@]
2415 */
2416 DWORD WINAPI SetEntriesInAclW( ULONG count, PEXPLICIT_ACCESSW pEntries,
2417 PACL OldAcl, PACL* NewAcl )
2418 {
2419 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
2420 return ERROR_CALL_NOT_IMPLEMENTED;
2421 }
2422
2423 /******************************************************************************
2424 * SetNamedSecurityInfoA [ADVAPI32.@]
2425 */
2426 DWORD WINAPI SetNamedSecurityInfoA(LPSTR pObjectName,
2427 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2428 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
2429 {
2430 DWORD len;
2431 LPWSTR wstr = NULL;
2432 DWORD r;
2433
2434 TRACE("%s %d %ld %p %p %p %p\n", debugstr_a(pObjectName), ObjectType,
2435 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
2436
2437 if( pObjectName )
2438 {
2439 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
2440 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
2441 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
2442 }
2443
2444 r = SetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, psidOwner,
2445 psidGroup, pDacl, pSacl );
2446
2447 HeapFree( GetProcessHeap(), 0, wstr );
2448
2449 return r;
2450 }
2451
2452 BOOL WINAPI SetPrivateObjectSecurity( SECURITY_INFORMATION SecurityInformation,
2453 PSECURITY_DESCRIPTOR ModificationDescriptor,
2454 PSECURITY_DESCRIPTOR* ObjectsSecurityDescriptor,
2455 PGENERIC_MAPPING GenericMapping,
2456 HANDLE Token )
2457 {
2458 FIXME("0x%08lx %p %p %p %p - stub\n", SecurityInformation, ModificationDescriptor,
2459 ObjectsSecurityDescriptor, GenericMapping, Token);
2460
2461 return TRUE;
2462 }
2463
2464 BOOL WINAPI SetSecurityDescriptorControl( PSECURITY_DESCRIPTOR pSecurityDescriptor,
2465 SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest,
2466 SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet )
2467 {
2468 FIXME("%p 0x%08x 0x%08x - stub\n", pSecurityDescriptor, ControlBitsOfInterest,
2469 ControlBitsToSet);
2470
2471 return TRUE;
2472 }
2473
2474 BOOL WINAPI AreAllAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
2475 {
2476 return RtlAreAllAccessesGranted( GrantedAccess, DesiredAccess );
2477 }
2478
2479 /******************************************************************************
2480 * AreAnyAccessesGranted [ADVAPI32.@]
2481 *
2482 * Determines whether or not any of a set of specified access permissions have
2483 * been granted or not.
2484 *
2485 * PARAMS
2486 * GrantedAccess [I] The permissions that have been granted.
2487 * DesiredAccess [I] The permissions that you want to have.
2488 *
2489 * RETURNS
2490 * Nonzero if any of the permissions have been granted, zero if none of the
2491 * permissions have been granted.
2492 */
2493
2494 BOOL WINAPI AreAnyAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
2495 {
2496 return RtlAreAnyAccessesGranted( GrantedAccess, DesiredAccess );
2497 }
2498
2499 /******************************************************************************
2500 * SetNamedSecurityInfoW [ADVAPI32.@]
2501 */
2502 DWORD WINAPI SetNamedSecurityInfoW(LPWSTR pObjectName,
2503 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2504 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
2505 {
2506 FIXME("%s %d %ld %p %p %p %p\n", debugstr_w(pObjectName), ObjectType,
2507 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
2508 return ERROR_SUCCESS;
2509 }
2510
2511 /******************************************************************************
2512 * GetExplicitEntriesFromAclA [ADVAPI32.@]
2513 */
2514 DWORD WINAPI GetExplicitEntriesFromAclA( PACL pacl, PULONG pcCountOfExplicitEntries,
2515 PEXPLICIT_ACCESSA* pListOfExplicitEntries)
2516 {
2517 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
2518 return ERROR_CALL_NOT_IMPLEMENTED;
2519 }
2520
2521 /******************************************************************************
2522 * GetExplicitEntriesFromAclW [ADVAPI32.@]
2523 */
2524 DWORD WINAPI GetExplicitEntriesFromAclW( PACL pacl, PULONG pcCountOfExplicitEntries,
2525 PEXPLICIT_ACCESSW* pListOfExplicitEntries)
2526 {
2527 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
2528 return ERROR_CALL_NOT_IMPLEMENTED;
2529 }
2530
2531
2532 /******************************************************************************
2533 * ParseAclStringFlags
2534 */
2535 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl)
2536 {
2537 DWORD flags = 0;
2538 LPCWSTR szAcl = *StringAcl;
2539
2540 while (*szAcl != '(')
2541 {
2542 if (*szAcl == 'P')
2543 {
2544 flags |= SE_DACL_PROTECTED;
2545 }
2546 else if (*szAcl == 'A')
2547 {
2548 szAcl++;
2549 if (*szAcl == 'R')
2550 flags |= SE_DACL_AUTO_INHERIT_REQ;
2551 else if (*szAcl == 'I')
2552 flags |= SE_DACL_AUTO_INHERITED;
2553 }
2554 szAcl++;
2555 }
2556
2557 *StringAcl = szAcl;
2558 return flags;
2559 }
2560
2561 /******************************************************************************
2562 * ParseAceStringType
2563 */
2564 ACEFLAG AceType[] =
2565 {
2566 { SDDL_ACCESS_ALLOWED, ACCESS_ALLOWED_ACE_TYPE },
2567 { SDDL_ALARM, SYSTEM_ALARM_ACE_TYPE },
2568 { SDDL_AUDIT, SYSTEM_AUDIT_ACE_TYPE },
2569 { SDDL_ACCESS_DENIED, ACCESS_DENIED_ACE_TYPE },
2570 /*
2571 { SDDL_OBJECT_ACCESS_ALLOWED, ACCESS_ALLOWED_OBJECT_ACE_TYPE },
2572 { SDDL_OBJECT_ACCESS_DENIED, ACCESS_DENIED_OBJECT_ACE_TYPE },
2573 { SDDL_OBJECT_ALARM, SYSTEM_ALARM_OBJECT_ACE_TYPE },
2574 { SDDL_OBJECT_AUDIT, SYSTEM_AUDIT_OBJECT_ACE_TYPE },
2575 */
2576 { NULL, 0 },
2577 };
2578
2579 static BYTE ParseAceStringType(LPCWSTR* StringAcl)
2580 {
2581 UINT len = 0;
2582 LPCWSTR szAcl = *StringAcl;
2583 LPACEFLAG lpaf = AceType;
2584
2585 while (lpaf->wstr &&
2586 (len = strlenW(lpaf->wstr)) &&
2587 strncmpW(lpaf->wstr, szAcl, len))
2588 lpaf++;
2589
2590 if (!lpaf->wstr)
2591 return 0;
2592
2593 *StringAcl += len;
2594 return lpaf->value;
2595 }
2596
2597
2598 /******************************************************************************
2599 * ParseAceStringFlags
2600 */
2601 ACEFLAG AceFlags[] =
2602 {
2603 { SDDL_CONTAINER_INHERIT, CONTAINER_INHERIT_ACE },
2604 { SDDL_AUDIT_FAILURE, FAILED_ACCESS_ACE_FLAG },
2605 { SDDL_INHERITED, INHERITED_ACE },
2606 { SDDL_INHERIT_ONLY, INHERIT_ONLY_ACE },
2607 { SDDL_NO_PROPAGATE, NO_PROPAGATE_INHERIT_ACE },
2608 { SDDL_OBJECT_INHERIT, OBJECT_INHERIT_ACE },
2609 { SDDL_AUDIT_SUCCESS, SUCCESSFUL_ACCESS_ACE_FLAG },
2610 { NULL, 0 },
2611 };
2612
2613 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl)
2614 {
2615 UINT len = 0;
2616 BYTE flags = 0;
2617 LPCWSTR szAcl = *StringAcl;
2618
2619 while (*szAcl != ';')
2620 {
2621 LPACEFLAG lpaf = AceFlags;
2622
2623 while (lpaf->wstr &&
2624 (len = strlenW(lpaf->wstr)) &&
2625 strncmpW(lpaf->wstr, szAcl, len))
2626 lpaf++;
2627
2628 if (!lpaf->wstr)
2629 return 0;
2630
2631 flags |= lpaf->value;
2632 szAcl += len;
2633 }
2634
2635 *StringAcl = szAcl;
2636 return flags;
2637 }
2638
2639
2640 /******************************************************************************
2641 * ParseAceStringRights
2642 */
2643 ACEFLAG AceRights[] =
2644 {
2645 { SDDL_GENERIC_ALL, GENERIC_ALL },
2646 { SDDL_GENERIC_READ, GENERIC_READ },
2647 { SDDL_GENERIC_WRITE, GENERIC_WRITE },
2648 { SDDL_GENERIC_EXECUTE, GENERIC_EXECUTE },
2649 { SDDL_READ_CONTROL, READ_CONTROL },
2650 { SDDL_STANDARD_DELETE, DELETE },
2651 { SDDL_WRITE_DAC, WRITE_DAC },
2652 { SDDL_WRITE_OWNER, WRITE_OWNER },
2653 { NULL, 0 },
2654 };
2655
2656 static DWORD ParseAceStringRights(LPCWSTR* StringAcl)
2657 {
2658 UINT len = 0;
2659 DWORD rights = 0;
2660 LPCWSTR szAcl = *StringAcl;
2661
2662 if ((*szAcl == '0') && (*(szAcl + 1) == 'x'))
2663 {
2664 LPCWSTR p = szAcl;
2665
2666 while (*p && *p != ';')
2667 p++;
2668
2669 if (p - szAcl <= 8)
2670 {
2671 rights = strtoulW(szAcl, NULL, 16);
2672 *StringAcl = p;
2673 }
2674 else
2675 WARN("Invalid rights string format: %s\n", debugstr_wn(szAcl, p - szAcl));
2676 }
2677 else
2678 {
2679 while (*szAcl != ';')
2680 {
2681 LPACEFLAG lpaf = AceRights;
2682
2683 while (lpaf->wstr &&
2684 (len = strlenW(lpaf->wstr)) &&
2685 strncmpW(lpaf->wstr, szAcl, len))
2686 {
2687 lpaf++;
2688 }
2689
2690 if (!lpaf->wstr)
2691 return 0;
2692
2693 rights |= lpaf->value;
2694 szAcl += len;
2695 }
2696 }
2697
2698 *StringAcl = szAcl;
2699 return rights;
2700 }
2701
2702
2703 /******************************************************************************
2704 * ParseStringAclToAcl
2705 *
2706 * dacl_flags(string_ace1)(string_ace2)... (string_acen)
2707 */
2708 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
2709 PACL pAcl, LPDWORD cBytes)
2710 {
2711 DWORD val;
2712 DWORD sidlen;
2713 DWORD length = sizeof(ACL);
2714 PACCESS_ALLOWED_ACE pAce = NULL; /* pointer to current ACE */
2715
2716 TRACE("%s\n", debugstr_w(StringAcl));
2717
2718 if (!StringAcl)
2719 return FALSE;
2720
2721 if (pAcl) /* pAce is only useful if we're setting values */
2722 pAce = (PACCESS_ALLOWED_ACE) ((LPBYTE)pAcl + sizeof(PACL));
2723
2724 /* Parse ACL flags */
2725 *lpdwFlags = ParseAclStringFlags(&StringAcl);
2726
2727 /* Parse ACE */
2728 while (*StringAcl == '(')
2729 {
2730 StringAcl++;
2731
2732 /* Parse ACE type */
2733 val = ParseAceStringType(&StringAcl);
2734 if (pAce)
2735 pAce->Header.AceType = (BYTE) val;
2736 if (*StringAcl != ';')
2737 goto lerr;
2738 StringAcl++;
2739
2740 /* Parse ACE flags */
2741 val = ParseAceStringFlags(&StringAcl);
2742 if (pAce)
2743 pAce->Header.AceFlags = (BYTE) val;
2744 if (*StringAcl != ';')
2745 goto lerr;
2746 StringAcl++;
2747
2748 /* Parse ACE rights */
2749 val = ParseAceStringRights(&StringAcl);
2750 if (pAce)
2751 pAce->Mask = val;
2752 if (*StringAcl != ';')
2753 goto lerr;
2754 StringAcl++;
2755
2756 /* Parse ACE object guid */
2757 if (*StringAcl != ';')
2758 {
2759 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2760 goto lerr;
2761 }
2762 StringAcl++;
2763
2764 /* Parse ACE inherit object guid */
2765 if (*StringAcl != ';')
2766 {
2767 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2768 goto lerr;
2769 }
2770 StringAcl++;
2771
2772 /* Parse ACE account sid */
2773 if (ParseStringSidToSid(StringAcl, pAce ? (PSID)&pAce->SidStart : NULL, &sidlen))
2774 {
2775 while (*StringAcl && *StringAcl != ')')
2776 StringAcl++;
2777 }
2778
2779 if (*StringAcl != ')')
2780 goto lerr;
2781 StringAcl++;
2782
2783 length += sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + sidlen;
2784 }
2785
2786 *cBytes = length;
2787 return TRUE;
2788
2789 lerr:
2790 WARN("Invalid ACE string format\n");
2791 return FALSE;
2792 }
2793
2794
2795 /******************************************************************************
2796 * ParseStringSecurityDescriptorToSecurityDescriptor
2797 */
2798 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
2799 LPCWSTR StringSecurityDescriptor,
2800 SECURITY_DESCRIPTOR* SecurityDescriptor,
2801 LPDWORD cBytes)
2802 {
2803 BOOL bret = FALSE;
2804 WCHAR toktype;
2805 WCHAR tok[MAX_PATH];
2806 LPCWSTR lptoken;
2807 LPBYTE lpNext = NULL;
2808 DWORD len;
2809
2810 *cBytes = 0;
2811
2812 if (SecurityDescriptor)
2813 lpNext = ((LPBYTE) SecurityDescriptor) + sizeof(SECURITY_DESCRIPTOR);
2814
2815 while (*StringSecurityDescriptor)
2816 {
2817 toktype = *StringSecurityDescriptor;
2818
2819 /* Expect char identifier followed by ':' */
2820 StringSecurityDescriptor++;
2821 if (*StringSecurityDescriptor != ':')
2822 {
2823 SetLastError(ERROR_INVALID_PARAMETER);
2824 goto lend;
2825 }
2826 StringSecurityDescriptor++;
2827
2828 /* Extract token */
2829 lptoken = StringSecurityDescriptor;
2830 while (*lptoken && *lptoken != ':')
2831 lptoken++;
2832
2833 if (*lptoken)
2834 lptoken--;
2835
2836 len = lptoken - StringSecurityDescriptor;
2837 memcpy( tok, StringSecurityDescriptor, len * sizeof(WCHAR) );
2838 tok[len] = 0;
2839
2840 switch (toktype)
2841 {
2842 case 'O':
2843 {
2844 DWORD bytes;
2845
2846 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
2847 goto lend;
2848
2849 if (SecurityDescriptor)
2850 {
2851 SecurityDescriptor->Owner = (PSID)(lpNext - (LPBYTE)SecurityDescriptor);
2852 lpNext += bytes; /* Advance to next token */
2853 }
2854
2855 *cBytes += bytes;
2856
2857 break;
2858 }
2859
2860 case 'G':
2861 {
2862 DWORD bytes;
2863
2864 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
2865 goto lend;
2866
2867 if (SecurityDescriptor)
2868 {
2869 SecurityDescriptor->Group = (PSID)(lpNext - (LPBYTE)SecurityDescriptor);
2870 lpNext += bytes; /* Advance to next token */
2871 }
2872
2873 *cBytes += bytes;
2874
2875 break;
2876 }
2877
2878 case 'D':
2879 {
2880 DWORD flags;
2881 DWORD bytes;
2882
2883 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2884 goto lend;
2885
2886 if (SecurityDescriptor)
2887 {
2888 SecurityDescriptor->Control |= SE_DACL_PRESENT | flags;
2889 SecurityDescriptor->Dacl = (PACL)(lpNext - (LPBYTE)SecurityDescriptor);
2890 lpNext += bytes; /* Advance to next token */
2891 }
2892
2893 *cBytes += bytes;
2894
2895 break;
2896 }
2897
2898 case 'S':
2899 {
2900 DWORD flags;
2901 DWORD bytes;
2902
2903 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2904 goto lend;
2905
2906 if (SecurityDescriptor)
2907 {
2908 SecurityDescriptor->Control |= SE_SACL_PRESENT | flags;
2909 SecurityDescriptor->Sacl = (PACL)(lpNext - (LPBYTE)SecurityDescriptor);
2910 lpNext += bytes; /* Advance to next token */
2911 }
2912
2913 *cBytes += bytes;
2914
2915 break;
2916 }
2917
2918 default:
2919 FIXME("Unknown token\n");
2920 SetLastError(ERROR_INVALID_PARAMETER);
2921 goto lend;
2922 }
2923
2924 StringSecurityDescriptor = lptoken;
2925 }
2926
2927 bret = TRUE;
2928
2929 lend:
2930 return bret;
2931 }
2932
2933 /******************************************************************************
2934 * ConvertStringSecurityDescriptorToSecurityDescriptorA [ADVAPI32.@]
2935 */
2936 BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA(
2937 LPCSTR StringSecurityDescriptor,
2938 DWORD StringSDRevision,
2939 PSECURITY_DESCRIPTOR* SecurityDescriptor,
2940 PULONG SecurityDescriptorSize)
2941 {
2942 UINT len;
2943 BOOL ret = FALSE;
2944 LPWSTR StringSecurityDescriptorW;
2945
2946 len = MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, NULL, 0);
2947 StringSecurityDescriptorW = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
2948
2949 if (StringSecurityDescriptorW)
2950 {
2951 MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, StringSecurityDescriptorW, len);
2952
2953 ret = ConvertStringSecurityDescriptorToSecurityDescriptorW(StringSecurityDescriptorW,
2954 StringSDRevision, SecurityDescriptor,
2955 SecurityDescriptorSize);
2956 HeapFree(GetProcessHeap(), 0, StringSecurityDescriptorW);
2957 }
2958
2959 return ret;
2960 }
2961
2962 /******************************************************************************
2963 * ConvertStringSecurityDescriptorToSecurityDescriptorW [ADVAPI32.@]
2964 */
2965 BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW(
2966 LPCWSTR StringSecurityDescriptor,
2967 DWORD StringSDRevision,
2968 PSECURITY_DESCRIPTOR* SecurityDescriptor,
2969 PULONG SecurityDescriptorSize)
2970 {
2971 DWORD cBytes;
2972 SECURITY_DESCRIPTOR* psd;
2973 BOOL bret = FALSE;
2974
2975 TRACE("%s\n", debugstr_w(StringSecurityDescriptor));
2976
2977 if (GetVersion() & 0x80000000)
2978 {
2979 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2980 goto lend;
2981 }
2982 else if (StringSDRevision != SID_REVISION)
2983 {
2984 SetLastError(ERROR_UNKNOWN_REVISION);
2985 goto lend;
2986 }
2987
2988 /* Compute security descriptor length */
2989 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2990 NULL, &cBytes))
2991 goto lend;
2992
2993 psd = *SecurityDescriptor = (SECURITY_DESCRIPTOR*) LocalAlloc(
2994 GMEM_ZEROINIT, cBytes);
2995
2996 psd->Revision = SID_REVISION;
2997 psd->Control |= SE_SELF_RELATIVE;
2998
2999 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
3000 psd, &cBytes))
3001 {
3002 LocalFree(psd);
3003 goto lend;
3004 }
3005
3006 if (SecurityDescriptorSize)
3007 *SecurityDescriptorSize = cBytes;
3008
3009 bret = TRUE;
3010
3011 lend:
3012 TRACE(" ret=%d\n", bret);
3013 return bret;
3014 }
3015
3016 /******************************************************************************
3017 * ConvertStringSidToSidW [ADVAPI32.@]
3018 */
3019 BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID* Sid)
3020 {
3021 BOOL bret = FALSE;
3022 DWORD cBytes;
3023
3024 TRACE("%s, %p\n", debugstr_w(StringSid), Sid);
3025 if (GetVersion() & 0x80000000)
3026 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
3027 else if (!StringSid || !Sid)
3028 SetLastError(ERROR_INVALID_PARAMETER);
3029 else if (ParseStringSidToSid(StringSid, NULL, &cBytes))
3030 {
3031 PSID pSid = *Sid = (PSID) LocalAlloc(0, cBytes);
3032
3033 bret = ParseStringSidToSid(StringSid, pSid, &cBytes);
3034 if (!bret)
3035 LocalFree(*Sid);
3036 }
3037 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
3038 return bret;
3039 }
3040
3041 /******************************************************************************
3042 * ConvertStringSidToSidA [ADVAPI32.@]
3043 */
3044 BOOL WINAPI ConvertStringSidToSidA(LPCSTR StringSid, PSID* Sid)
3045 {
3046 BOOL bret = FALSE;
3047
3048 TRACE("%s, %p\n", debugstr_a(StringSid), Sid);
3049 if (GetVersion() & 0x80000000)
3050 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
3051 else if (!StringSid || !Sid)
3052 SetLastError(ERROR_INVALID_PARAMETER);
3053 else
3054 {
3055 UINT len = MultiByteToWideChar(CP_ACP, 0, StringSid, -1, NULL, 0);
3056 LPWSTR wStringSid = HeapAlloc(GetProcessHeap(), 0,
3057 len * sizeof(WCHAR));
3058
3059 MultiByteToWideChar(CP_ACP, 0, StringSid, -1, wStringSid, len);
3060 bret = ConvertStringSidToSidW(wStringSid, Sid);
3061 HeapFree(GetProcessHeap(), 0, wStringSid);
3062 }
3063 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
3064 return bret;
3065 }
3066
3067 /******************************************************************************
3068 * ConvertSidToStringSidW [ADVAPI32.@]
3069 *
3070 * format of SID string is:
3071 * S-<count>-<auth>-<subauth1>-<subauth2>-<subauth3>...
3072 * where
3073 * <rev> is the revision of the SID encoded as decimal
3074 * <auth> is the identifier authority encoded as hex
3075 * <subauthN> is the subauthority id encoded as decimal
3076 */
3077 BOOL WINAPI ConvertSidToStringSidW( PSID pSid, LPWSTR *pstr )
3078 {
3079 DWORD sz, i;
3080 LPWSTR str;
3081 WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 };
3082 WCHAR subauthfmt[] = { '-','%','u',0 };
3083 SID* pisid=pSid;
3084
3085 TRACE("%p %p\n", pSid, pstr );
3086
3087 if( !IsValidSid( pSid ) )
3088 return FALSE;
3089
3090 if (pisid->Revision != SDDL_REVISION)
3091 return FALSE;
3092 if (pisid->IdentifierAuthority.Value[0] ||
3093 pisid->IdentifierAuthority.Value[1])
3094 {
3095 FIXME("not matching MS' bugs\n");
3096 return FALSE;
3097 }
3098
3099 sz = 14 + pisid->SubAuthorityCount * 11;
3100 str = LocalAlloc( 0, sz*sizeof(WCHAR) );
3101 sprintfW( str, fmt, pisid->Revision, MAKELONG(
3102 MAKEWORD( pisid->IdentifierAuthority.Value[5],
3103 pisid->IdentifierAuthority.Value[4] ),
3104 MAKEWORD( pisid->IdentifierAuthority.Value[3],
3105 pisid->IdentifierAuthority.Value[2] ) ) );
3106 for( i=0; i<pisid->SubAuthorityCount; i++ )
3107 sprintfW( str + strlenW(str), subauthfmt, pisid->SubAuthority[i] );
3108 *pstr = str;
3109
3110 return TRUE;
3111 }
3112
3113 /******************************************************************************
3114 * ConvertSidToStringSidA [ADVAPI32.@]
3115 */
3116 BOOL WINAPI ConvertSidToStringSidA(PSID pSid, LPSTR *pstr)
3117 {
3118 LPWSTR wstr = NULL;
3119 LPSTR str;
3120 UINT len;
3121
3122 TRACE("%p %p\n", pSid, pstr );
3123
3124 if( !ConvertSidToStringSidW( pSid, &wstr ) )
3125 return FALSE;
3126
3127 len = WideCharToMultiByte( CP_ACP, 0, wstr, -1, NULL, 0, NULL, NULL );
3128 str = LocalAlloc( 0, len );
3129 WideCharToMultiByte( CP_ACP, 0, wstr, -1, str, len, NULL, NULL );
3130 LocalFree( wstr );
3131
3132 *pstr = str;
3133
3134 return TRUE;
3135 }
3136
3137 BOOL WINAPI CreatePrivateObjectSecurity(
3138 PSECURITY_DESCRIPTOR ParentDescriptor,
3139 PSECURITY_DESCRIPTOR CreatorDescriptor,
3140 PSECURITY_DESCRIPTOR* NewDescriptor,
3141 BOOL IsDirectoryObject,
3142 HANDLE Token,
3143 PGENERIC_MAPPING GenericMapping )
3144 {
3145 FIXME("%p %p %p %d %p %p - stub\n", ParentDescriptor, CreatorDescriptor,
3146 NewDescriptor, IsDirectoryObject, Token, GenericMapping);
3147
3148 return FALSE;
3149 }
3150
3151 BOOL WINAPI DestroyPrivateObjectSecurity( PSECURITY_DESCRIPTOR* ObjectDescriptor )
3152 {
3153 FIXME("%p - stub\n", ObjectDescriptor);
3154
3155 return TRUE;
3156 }
3157
3158 BOOL WINAPI CreateProcessAsUserA(
3159 HANDLE hToken,
3160 LPCSTR lpApplicationName,
3161 LPSTR lpCommandLine,
3162 LPSECURITY_ATTRIBUTES lpProcessAttributes,
3163 LPSECURITY_ATTRIBUTES lpThreadAttributes,
3164 BOOL bInheritHandles,
3165 DWORD dwCreationFlags,
3166 LPVOID lpEnvironment,
3167 LPCSTR lpCurrentDirectory,
3168 LPSTARTUPINFOA lpStartupInfo,
3169 LPPROCESS_INFORMATION lpProcessInformation )
3170 {
3171 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - stub\n", hToken, debugstr_a(lpApplicationName),
3172 debugstr_a(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
3173 dwCreationFlags, lpEnvironment, debugstr_a(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
3174
3175 return FALSE;
3176 }
3177
3178 BOOL WINAPI CreateProcessAsUserW(
3179 HANDLE hToken,
3180 LPCWSTR lpApplicationName,
3181 LPWSTR lpCommandLine,
3182 LPSECURITY_ATTRIBUTES lpProcessAttributes,
3183 LPSECURITY_ATTRIBUTES lpThreadAttributes,
3184 BOOL bInheritHandles,
3185 DWORD dwCreationFlags,
3186 LPVOID lpEnvironment,
3187 LPCWSTR lpCurrentDirectory,
3188 LPSTARTUPINFOW lpStartupInfo,
3189 LPPROCESS_INFORMATION lpProcessInformation )
3190 {
3191 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - semi- stub\n", hToken,
3192 debugstr_w(lpApplicationName), debugstr_w(lpCommandLine), lpProcessAttributes,
3193 lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment,
3194 debugstr_w(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
3195
3196 /* We should create the process with a suspended main thread */
3197 if (!CreateProcessW (lpApplicationName,
3198 lpCommandLine,
3199 lpProcessAttributes,
3200 lpThreadAttributes,
3201 bInheritHandles,
3202 dwCreationFlags, /* CREATE_SUSPENDED */
3203 lpEnvironment,
3204 lpCurrentDirectory,
3205 lpStartupInfo,
3206 lpProcessInformation))
3207 {
3208 return FALSE;
3209 }
3210
3211 return TRUE;
3212 }
3213
3214 /******************************************************************************
3215 * ComputeStringSidSize
3216 */
3217 static DWORD ComputeStringSidSize(LPCWSTR StringSid)
3218 {
3219 int ctok = 0;
3220 DWORD size = sizeof(SID);
3221
3222 while (*StringSid)
3223 {
3224 if (*StringSid == '-')
3225 ctok++;
3226 StringSid++;
3227 }
3228
3229 if (ctok > 3)
3230 size += (ctok - 3) * sizeof(DWORD);
3231
3232 return size;
3233 }
3234
3235 BOOL WINAPI DuplicateTokenEx(
3236 HANDLE ExistingTokenHandle, DWORD dwDesiredAccess,
3237 LPSECURITY_ATTRIBUTES lpTokenAttributes,
3238 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3239 TOKEN_TYPE TokenType,
3240 PHANDLE DuplicateTokenHandle )
3241 {
3242 OBJECT_ATTRIBUTES ObjectAttributes;
3243
3244 TRACE("%p 0x%08lx 0x%08x 0x%08x %p\n", ExistingTokenHandle, dwDesiredAccess,
3245 ImpersonationLevel, TokenType, DuplicateTokenHandle);
3246
3247 InitializeObjectAttributes(
3248 &ObjectAttributes,
3249 NULL,
3250 (lpTokenAttributes && lpTokenAttributes->bInheritHandle) ? OBJ_INHERIT : 0,
3251 NULL,
3252 lpTokenAttributes ? lpTokenAttributes->lpSecurityDescriptor : NULL );
3253
3254 return set_ntstatus( NtDuplicateToken( ExistingTokenHandle,
3255 dwDesiredAccess,
3256 &ObjectAttributes,
3257 ImpersonationLevel,
3258 TokenType,
3259 DuplicateTokenHandle ) );
3260 }
3261
3262 BOOL WINAPI DuplicateToken(
3263 HANDLE ExistingTokenHandle,
3264 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3265 PHANDLE DuplicateTokenHandle )
3266 {
3267 return DuplicateTokenEx( ExistingTokenHandle, TOKEN_IMPERSONATE | TOKEN_QUERY,
3268 NULL, ImpersonationLevel, TokenImpersonation,
3269 DuplicateTokenHandle );
3270 }
3271
3272 BOOL WINAPI EnumDependentServicesA(
3273 SC_HANDLE hService,
3274 DWORD dwServiceState,
3275 LPENUM_SERVICE_STATUSA lpServices,
3276 DWORD cbBufSize,
3277 LPDWORD pcbBytesNeeded,
3278 LPDWORD lpServicesReturned )
3279 {
3280 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService, dwServiceState,
3281 lpServices, cbBufSize, pcbBytesNeeded, lpServicesReturned);
3282
3283 return FALSE;
3284 }
3285
3286 BOOL WINAPI EnumDependentServicesW(
3287 SC_HANDLE hService,
3288 DWORD dwServiceState,
3289 LPENUM_SERVICE_STATUSW lpServices,
3290 DWORD cbBufSize,
3291 LPDWORD pcbBytesNeeded,
3292 LPDWORD lpServicesReturned )
3293 {
3294 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService, dwServiceState,
3295 lpServices, cbBufSize, pcbBytesNeeded, lpServicesReturned);
3296
3297 return FALSE;
3298 }
3299
3300 /******************************************************************************
3301 * ParseStringSidToSid
3302 */
3303 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
3304 {
3305 BOOL bret = FALSE;
3306 SID* pisid=pSid;
3307
3308 TRACE("%s, %p, %p\n", debugstr_w(StringSid), pSid, cBytes);
3309 if (!StringSid)
3310 {
3311 SetLastError(ERROR_INVALID_PARAMETER);
3312 TRACE("StringSid is NULL, returning FALSE\n");
3313 return FALSE;
3314 }
3315
3316 *cBytes = ComputeStringSidSize(StringSid);
3317 if (!pisid) /* Simply compute the size */
3318 {
3319 TRACE("only size requested, returning TRUE\n");
3320 return TRUE;
3321 }
3322
3323 if (StringSid[0] == 'S' && StringSid[1] == '-') /* S-R-I-S-S */
3324 {
3325 DWORD i = 0, identAuth;
3326 DWORD csubauth = ((*cBytes - sizeof(SID)) / sizeof(DWORD)) + 1;
3327
3328 StringSid += 2; /* Advance to Revision */
3329 pisid->Revision = atoiW(StringSid);
3330
3331 if (pisid->Revision != SDDL_REVISION)
3332 {
3333 TRACE("Revision %d is unknown\n", pisid->Revision);
3334 goto lend; /* ERROR_INVALID_SID */
3335 }
3336 if (csubauth == 0)
3337 {
3338 TRACE("SubAuthorityCount is 0\n");
3339 goto lend; /* ERROR_INVALID_SID */
3340 }
3341
3342 pisid->SubAuthorityCount = csubauth;
3343
3344 /* Advance to identifier authority */
3345 while (*StringSid && *StringSid != '-')
3346 StringSid++;
3347 if (*StringSid == '-')
3348 StringSid++;
3349
3350 /* MS' implementation can't handle values greater than 2^32 - 1, so
3351 * we don't either; assume most significant bytes are always 0
3352 */
3353 pisid->IdentifierAuthority.Value[0] = 0;
3354 pisid->IdentifierAuthority.Value[1] = 0;
3355 identAuth = atoiW(StringSid);
3356 pisid->IdentifierAuthority.Value[5] = identAuth & 0xff;
3357 pisid->IdentifierAuthority.Value[4] = (identAuth & 0xff00) >> 8;
3358 pisid->IdentifierAuthority.Value[3] = (identAuth & 0xff0000) >> 16;
3359 pisid->IdentifierAuthority.Value[2] = (identAuth & 0xff000000) >> 24;
3360
3361 /* Advance to first sub authority */
3362 while (*StringSid && *StringSid != '-')
3363 StringSid++;
3364 if (*StringSid == '-')
3365 StringSid++;
3366
3367 while (*StringSid)
3368 {
3369 while (*StringSid && *StringSid != '-')
3370 StringSid++;
3371
3372 pisid->SubAuthority[i++] = atoiW(StringSid);
3373 }
3374
3375 if (i != pisid->SubAuthorityCount)
3376 goto lend; /* ERROR_INVALID_SID */
3377
3378 bret = TRUE;
3379 }
3380 else /* String constant format - Only available in winxp and above */
3381 {
3382 pisid->Revision = SDDL_REVISION;
3383 pisid->SubAuthorityCount = 1;
3384
3385 FIXME("String constant not supported: %s\n", debugstr_wn(StringSid, 2));
3386
3387 /* TODO: Lookup string of well-known SIDs in table */
3388 pisid->IdentifierAuthority.Value[5] = 0;
3389 pisid->SubAuthority[0] = 0;
3390
3391 bret = TRUE;
3392 }
3393
3394 lend:
3395 if (!bret)
3396 SetLastError(ERROR_INVALID_SID);
3397
3398 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
3399 return bret;
3400 }
3401
3402 /******************************************************************************
3403 * GetNamedSecurityInfoA [ADVAPI32.@]
3404 */
3405 DWORD WINAPI GetNamedSecurityInfoA(LPSTR pObjectName,
3406 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
3407 PSID* ppsidOwner, PSID* ppsidGroup, PACL* ppDacl, PACL* ppSacl,
3408 PSECURITY_DESCRIPTOR* ppSecurityDescriptor)
3409 {
3410 DWORD len;
3411 LPWSTR wstr = NULL;
3412 DWORD r;
3413
3414 TRACE("%s %d %ld %p %p %p %p %p\n", pObjectName, ObjectType, SecurityInfo,
3415 ppsidOwner, ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor);
3416
3417 if( pObjectName )
3418 {
3419 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
3420 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
3421 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
3422 }
3423
3424 r = GetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, ppsidOwner,
3425 ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor );
3426
3427 HeapFree( GetProcessHeap(), 0, wstr );
3428
3429 return r;
3430 }
3431
3432 /******************************************************************************
3433 * GetNamedSecurityInfoW [ADVAPI32.@]
3434 */
3435 DWORD WINAPI GetNamedSecurityInfoW( LPWSTR name, SE_OBJECT_TYPE type,
3436 SECURITY_INFORMATION info, PSID* owner, PSID* group, PACL* dacl,
3437 PACL* sacl, PSECURITY_DESCRIPTOR* descriptor )
3438 {
3439 DWORD needed, offset;
3440 SECURITY_DESCRIPTOR_RELATIVE *relative;
3441 BYTE *buffer;
3442
3443 TRACE( "%s %d %ld %p %p %p %p %p\n", debugstr_w(name), type, info, owner,
3444 group, dacl, sacl, descriptor );
3445
3446 if (!name || !descriptor) return ERROR_INVALID_PARAMETER;
3447
3448 needed = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
3449 if (info & OWNER_SECURITY_INFORMATION)
3450 needed += sizeof(sidWorld);
3451 if (info & GROUP_SECURITY_INFORMATION)
3452 needed += sizeof(sidWorld);
3453 if (info & DACL_SECURITY_INFORMATION)
3454 needed += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3455 if (info & SACL_SECURITY_INFORMATION)
3456 needed += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3457
3458 /* must be freed by caller */
3459 *descriptor = HeapAlloc( GetProcessHeap(), 0, needed );
3460 if (!*descriptor) return ERROR_NOT_ENOUGH_MEMORY;
3461
3462 if (!InitializeSecurityDescriptor( *descriptor, SECURITY_DESCRIPTOR_REVISION ))
3463 {
3464 HeapFree( GetProcessHeap(), 0, *descriptor );
3465 return ERROR_INVALID_SECURITY_DESCR;
3466 }
3467
3468 relative = (SECURITY_DESCRIPTOR_RELATIVE *)*descriptor;
3469 relative->Control |= SE_SELF_RELATIVE;
3470 buffer = (BYTE *)relative;
3471 offset = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
3472
3473 if (owner && (info & OWNER_SECURITY_INFORMATION))
3474 {
3475 memcpy( buffer + offset, &sidWorld, sizeof(sidWorld) );
3476 relative->Owner = offset;
3477 *owner = buffer + offset;
3478 offset += sizeof(sidWorld);
3479 }
3480 if (group && (info & GROUP_SECURITY_INFORMATION))
3481 {
3482 memcpy( buffer + offset, &sidWorld, sizeof(sidWorld) );
3483 relative->Group = offset;
3484 *group = buffer + offset;
3485 offset += sizeof(sidWorld);
3486 }
3487 if (dacl && (info & DACL_SECURITY_INFORMATION))
3488 {
3489 GetWorldAccessACL( (PACL)(buffer + offset) );
3490 relative->Dacl = offset;
3491 *dacl = (PACL)(buffer + offset);
3492 offset += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3493 }
3494 if (sacl && (info & SACL_SECURITY_INFORMATION))
3495 {
3496 GetWorldAccessACL( (PACL)(buffer + offset) );
3497 relative->Sacl = offset;
3498 *sacl = (PACL)(buffer + offset);
3499 }
3500 return ERROR_SUCCESS;
3501 }
3502
3503 /******************************************************************************
3504 * DecryptFileW [ADVAPI32.@]
3505 */
3506 BOOL WINAPI DecryptFileW(LPCWSTR lpFileName, DWORD dwReserved)
3507 {
3508 FIXME("%s %08lx\n", debugstr_w(lpFileName), dwReserved);
3509 return TRUE;
3510 }
3511
3512 /******************************************************************************
3513 * DecryptFileA [ADVAPI32.@]
3514 */
3515 BOOL WINAPI DecryptFileA(LPCSTR lpFileName, DWORD dwReserved)
3516 {
3517 FIXME("%s %08lx\n", debugstr_a(lpFileName), dwReserved);
3518 return TRUE;
3519 }
3520
3521 /******************************************************************************
3522 * EncryptFileW [ADVAPI32.@]
3523 */
3524 BOOL WINAPI EncryptFileW(LPCWSTR lpFileName)
3525 {
3526 FIXME("%s\n", debugstr_w(lpFileName));
3527 return TRUE;
3528 }
3529
3530 /******************************************************************************
3531 * EncryptFileA [ADVAPI32.@]
3532 */
3533 BOOL WINAPI EncryptFileA(LPCSTR lpFileName)
3534 {
3535 FIXME("%s\n", debugstr_a(lpFileName));
3536 return TRUE;
3537 }
3538
3539 /******************************************************************************
3540 * SetSecurityInfo [ADVAPI32.@]
3541 */
3542 DWORD WINAPI SetSecurityInfo(HANDLE handle, SE_OBJECT_TYPE ObjectType,
3543 SECURITY_INFORMATION SecurityInfo, PSID psidOwner,
3544 PSID psidGroup, PACL pDacl, PACL pSacl) {
3545 FIXME("stub\n");
3546 return ERROR_SUCCESS;
3547 }
DirectPlay implementation for GSoC