2 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
3 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
25 #define WIN32_NO_STATUS
39 #include "wine/debug.h"
40 #include "wine/unicode.h"
42 WINE_DEFAULT_DEBUG_CHANNEL(advapi
);
44 static BOOL
ParseStringSidToSid(LPCWSTR StringSid
, PSID pSid
, LPDWORD cBytes
);
45 static BOOL
ParseStringAclToAcl(LPCWSTR StringAcl
, LPDWORD lpdwFlags
,
46 PACL pAcl
, LPDWORD cBytes
);
47 static BYTE
ParseAceStringFlags(LPCWSTR
* StringAcl
);
48 static BYTE
ParseAceStringType(LPCWSTR
* StringAcl
);
49 static DWORD
ParseAceStringRights(LPCWSTR
* StringAcl
);
50 static BOOL
ParseStringSecurityDescriptorToSecurityDescriptor(
51 LPCWSTR StringSecurityDescriptor
,
52 SECURITY_DESCRIPTOR
* SecurityDescriptor
,
54 static DWORD
ParseAclStringFlags(LPCWSTR
* StringAcl
);
56 typedef struct _ACEFLAG
60 } ACEFLAG
, *LPACEFLAG
;
62 typedef struct WELLKNOWNSID
65 SID_IDENTIFIER_AUTHORITY auth
;
66 BYTE nSubAuthorityCount
;
67 DWORD SubAuthority
[8];
70 static SID
const sidWorld
= { SID_REVISION
, 1, { SECURITY_WORLD_SID_AUTHORITY
} , { SECURITY_WORLD_RID
} };
75 static const WCHAR SDDL_READ_CONTROL
[] = {'R','C',0};
76 static const WCHAR SDDL_WRITE_DAC
[] = {'W','D',0};
77 static const WCHAR SDDL_WRITE_OWNER
[] = {'W','O',0};
78 static const WCHAR SDDL_STANDARD_DELETE
[] = {'S','D',0};
79 static const WCHAR SDDL_GENERIC_ALL
[] = {'G','A',0};
80 static const WCHAR SDDL_GENERIC_READ
[] = {'G','R',0};
81 static const WCHAR SDDL_GENERIC_WRITE
[] = {'G','W',0};
82 static const WCHAR SDDL_GENERIC_EXECUTE
[] = {'G','X',0};
87 static const WCHAR SDDL_ACCESS_ALLOWED
[] = {'A',0};
88 static const WCHAR SDDL_ACCESS_DENIED
[] = {'D',0};
89 static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED
[] = {'O','A',0};
90 static const WCHAR SDDL_OBJECT_ACCESS_DENIED
[] = {'O','D',0};
91 static const WCHAR SDDL_AUDIT
[] = {'A','U',0};
92 static const WCHAR SDDL_ALARM
[] = {'A','L',0};
93 static const WCHAR SDDL_OBJECT_AUDIT
[] = {'O','U',0};
94 static const WCHAR SDDL_OBJECT_ALARMp
[] = {'O','L',0};
99 static const WCHAR SDDL_CONTAINER_INHERIT
[] = {'C','I',0};
100 static const WCHAR SDDL_OBJECT_INHERIT
[] = {'O','I',0};
101 static const WCHAR SDDL_NO_PROPAGATE
[] = {'N','P',0};
102 static const WCHAR SDDL_INHERIT_ONLY
[] = {'I','O',0};
103 static const WCHAR SDDL_INHERITED
[] = {'I','D',0};
104 static const WCHAR SDDL_AUDIT_SUCCESS
[] = {'S','A',0};
105 static const WCHAR SDDL_AUDIT_FAILURE
[] = {'F','A',0};
107 /* set last error code from NT status and get the proper boolean return value */
108 /* used for functions that are a simple wrapper around the corresponding ntdll API */
109 static inline BOOL
set_ntstatus( NTSTATUS status
)
111 if (status
) SetLastError( RtlNtStatusToDosError( status
));
115 #define WINE_SIZE_OF_WORLD_ACCESS_ACL (sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD))
117 static void GetWorldAccessACL(PACL pACL
)
119 PACCESS_ALLOWED_ACE pACE
= (PACCESS_ALLOWED_ACE
) (pACL
+ 1);
121 pACL
->AclRevision
= ACL_REVISION
;
123 pACL
->AclSize
= WINE_SIZE_OF_WORLD_ACCESS_ACL
;
127 pACE
->Header
.AceType
= ACCESS_ALLOWED_ACE_TYPE
;
128 pACE
->Header
.AceFlags
= CONTAINER_INHERIT_ACE
;
129 pACE
->Header
.AceSize
= sizeof(ACCESS_ALLOWED_ACE
) + sizeof(sidWorld
) - sizeof(DWORD
);
130 pACE
->Mask
= 0xf3ffffff; /* Everything except reserved bits */
131 memcpy(&pACE
->SidStart
, &sidWorld
, sizeof(sidWorld
));
134 /************************************************************
135 * ADVAPI_IsLocalComputer
137 * Checks whether the server name indicates local machine.
139 static BOOL
ADVAPI_IsLocalComputer(LPCWSTR ServerName
)
141 DWORD dwSize
= MAX_COMPUTERNAME_LENGTH
+ 1;
145 if (!ServerName
|| !ServerName
[0])
148 buf
= HeapAlloc(GetProcessHeap(), 0, dwSize
* sizeof(WCHAR
));
149 Result
= GetComputerNameW(buf
, &dwSize
);
150 if (Result
&& (ServerName
[0] == '\\') && (ServerName
[1] == '\\'))
152 Result
= Result
&& !lstrcmpW(ServerName
, buf
);
153 HeapFree(GetProcessHeap(), 0, buf
);
158 /* ##############################
159 ###### TOKEN FUNCTIONS ######
160 ##############################
163 /******************************************************************************
164 * OpenProcessToken [ADVAPI32.@]
165 * Opens the access token associated with a process handle.
168 * ProcessHandle [I] Handle to process
169 * DesiredAccess [I] Desired access to process
170 * TokenHandle [O] Pointer to handle of open access token
173 * Success: TRUE. TokenHandle contains the access token.
177 * See NtOpenProcessToken.
180 OpenProcessToken( HANDLE ProcessHandle
, DWORD DesiredAccess
,
181 HANDLE
*TokenHandle
)
183 return set_ntstatus(NtOpenProcessToken( ProcessHandle
, DesiredAccess
, TokenHandle
));
186 /******************************************************************************
187 * OpenThreadToken [ADVAPI32.@]
189 * Opens the access token associated with a thread handle.
192 * ThreadHandle [I] Handle to process
193 * DesiredAccess [I] Desired access to the thread
195 * TokenHandle [O] Destination for the token handle
198 * Success: TRUE. TokenHandle contains the access token.
202 * See NtOpenThreadToken.
205 OpenThreadToken( HANDLE ThreadHandle
, DWORD DesiredAccess
,
206 BOOL OpenAsSelf
, HANDLE
*TokenHandle
)
208 return set_ntstatus( NtOpenThreadToken(ThreadHandle
, DesiredAccess
, OpenAsSelf
, TokenHandle
));
212 AdjustTokenGroups( HANDLE TokenHandle
, BOOL ResetToDefault
, PTOKEN_GROUPS NewState
,
213 DWORD BufferLength
, PTOKEN_GROUPS PreviousState
, PDWORD ReturnLength
)
215 return set_ntstatus( NtAdjustGroupsToken(TokenHandle
, ResetToDefault
, NewState
, BufferLength
,
216 PreviousState
, ReturnLength
));
219 /******************************************************************************
220 * AdjustTokenPrivileges [ADVAPI32.@]
222 * Adjust the privileges of an open token handle.
225 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
226 * DisableAllPrivileges [I] TRUE=Remove all privileges, FALSE=Use NewState
227 * NewState [I] Desired new privileges of the token
228 * BufferLength [I] Length of NewState
229 * PreviousState [O] Destination for the previous state
230 * ReturnLength [I/O] Size of PreviousState
234 * Success: TRUE. Privileges are set to NewState and PreviousState is updated.
238 * See NtAdjustPrivilegesToken.
241 AdjustTokenPrivileges( HANDLE TokenHandle
, BOOL DisableAllPrivileges
,
242 LPVOID NewState
, DWORD BufferLength
,
243 LPVOID PreviousState
, LPDWORD ReturnLength
)
249 status
= NtAdjustPrivilegesToken(TokenHandle
, DisableAllPrivileges
,
250 NewState
, BufferLength
, PreviousState
,
252 SetLastError( RtlNtStatusToDosError( status
));
253 if ((status
== STATUS_SUCCESS
) || (status
== STATUS_NOT_ALL_ASSIGNED
))
259 /******************************************************************************
260 * CheckTokenMembership [ADVAPI32.@]
262 * Determine if an access token is a member of a SID.
265 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
266 * SidToCheck [I] SID that possibly contains the token
267 * IsMember [O] Destination for result.
270 * Success: TRUE. IsMember is TRUE if TokenHandle is a member, FALSE otherwise.
274 CheckTokenMembership( HANDLE TokenHandle
, PSID SidToCheck
,
277 FIXME("(%p %p %p) stub!\n", TokenHandle
, SidToCheck
, IsMember
);
283 /******************************************************************************
284 * GetTokenInformation [ADVAPI32.@]
286 * Get a type of information about an access token.
289 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
290 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
291 * tokeninfo [O] Destination for token information
292 * tokeninfolength [I] Length of tokeninfo
293 * retlen [O] Destination for returned token information length
296 * Success: TRUE. tokeninfo contains retlen bytes of token information
300 * See NtQueryInformationToken.
303 GetTokenInformation( HANDLE token
, TOKEN_INFORMATION_CLASS tokeninfoclass
,
304 LPVOID tokeninfo
, DWORD tokeninfolength
, LPDWORD retlen
)
306 TRACE("(%p, %s, %p, %ld, %p):\n",
308 (tokeninfoclass
== TokenUser
) ? "TokenUser" :
309 (tokeninfoclass
== TokenGroups
) ? "TokenGroups" :
310 (tokeninfoclass
== TokenPrivileges
) ? "TokenPrivileges" :
311 (tokeninfoclass
== TokenOwner
) ? "TokenOwner" :
312 (tokeninfoclass
== TokenPrimaryGroup
) ? "TokenPrimaryGroup" :
313 (tokeninfoclass
== TokenDefaultDacl
) ? "TokenDefaultDacl" :
314 (tokeninfoclass
== TokenSource
) ? "TokenSource" :
315 (tokeninfoclass
== TokenType
) ? "TokenType" :
316 (tokeninfoclass
== TokenImpersonationLevel
) ? "TokenImpersonationLevel" :
317 (tokeninfoclass
== TokenStatistics
) ? "TokenStatistics" :
318 (tokeninfoclass
== TokenRestrictedSids
) ? "TokenRestrictedSids" :
319 (tokeninfoclass
== TokenSessionId
) ? "TokenSessionId" :
320 (tokeninfoclass
== TokenGroupsAndPrivileges
) ? "TokenGroupsAndPrivileges" :
321 (tokeninfoclass
== TokenSessionReference
) ? "TokenSessionReference" :
322 (tokeninfoclass
== TokenSandBoxInert
) ? "TokenSandBoxInert" :
324 tokeninfo
, tokeninfolength
, retlen
);
325 return set_ntstatus( NtQueryInformationToken( token
, tokeninfoclass
, tokeninfo
,
326 tokeninfolength
, retlen
));
329 /******************************************************************************
330 * SetTokenInformation [ADVAPI32.@]
332 * Set information for an access token.
335 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
336 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
337 * tokeninfo [I] Token information to set
338 * tokeninfolength [I] Length of tokeninfo
341 * Success: TRUE. The information for the token is set to tokeninfo.
345 SetTokenInformation( HANDLE token
, TOKEN_INFORMATION_CLASS tokeninfoclass
,
346 LPVOID tokeninfo
, DWORD tokeninfolength
)
348 TRACE("(%p, %s, %p, %ld): stub\n",
350 (tokeninfoclass
== TokenUser
) ? "TokenUser" :
351 (tokeninfoclass
== TokenGroups
) ? "TokenGroups" :
352 (tokeninfoclass
== TokenPrivileges
) ? "TokenPrivileges" :
353 (tokeninfoclass
== TokenOwner
) ? "TokenOwner" :
354 (tokeninfoclass
== TokenPrimaryGroup
) ? "TokenPrimaryGroup" :
355 (tokeninfoclass
== TokenDefaultDacl
) ? "TokenDefaultDacl" :
356 (tokeninfoclass
== TokenSource
) ? "TokenSource" :
357 (tokeninfoclass
== TokenType
) ? "TokenType" :
358 (tokeninfoclass
== TokenImpersonationLevel
) ? "TokenImpersonationLevel" :
359 (tokeninfoclass
== TokenStatistics
) ? "TokenStatistics" :
360 (tokeninfoclass
== TokenRestrictedSids
) ? "TokenRestrictedSids" :
361 (tokeninfoclass
== TokenSessionId
) ? "TokenSessionId" :
362 (tokeninfoclass
== TokenGroupsAndPrivileges
) ? "TokenGroupsAndPrivileges" :
363 (tokeninfoclass
== TokenSessionReference
) ? "TokenSessionReference" :
364 (tokeninfoclass
== TokenSandBoxInert
) ? "TokenSandBoxInert" :
366 tokeninfo
, tokeninfolength
);
368 return set_ntstatus( NtSetInformationToken( token
, tokeninfoclass
, tokeninfo
, tokeninfolength
));
371 /*************************************************************************
372 * SetThreadToken [ADVAPI32.@]
374 * Assigns an 'impersonation token' to a thread so it can assume the
375 * security privileges of another thread or process. Can also remove
376 * a previously assigned token.
379 * thread [O] Handle to thread to set the token for
380 * token [I] Token to set
383 * Success: TRUE. The threads access token is set to token
387 * Only supported on NT or higher. On Win9X this function does nothing.
388 * See SetTokenInformation.
390 BOOL WINAPI
SetThreadToken(PHANDLE thread
, HANDLE token
)
392 return set_ntstatus( NtSetInformationThread( thread
? *thread
: GetCurrentThread(),
393 ThreadImpersonationToken
, &token
, sizeof token
));
396 /* ##############################
397 ###### SID FUNCTIONS ######
398 ##############################
401 /******************************************************************************
402 * AllocateAndInitializeSid [ADVAPI32.@]
405 * pIdentifierAuthority []
406 * nSubAuthorityCount []
418 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority
,
419 BYTE nSubAuthorityCount
,
420 DWORD nSubAuthority0
, DWORD nSubAuthority1
,
421 DWORD nSubAuthority2
, DWORD nSubAuthority3
,
422 DWORD nSubAuthority4
, DWORD nSubAuthority5
,
423 DWORD nSubAuthority6
, DWORD nSubAuthority7
,
426 return set_ntstatus( RtlAllocateAndInitializeSid(
427 pIdentifierAuthority
, nSubAuthorityCount
,
428 nSubAuthority0
, nSubAuthority1
, nSubAuthority2
, nSubAuthority3
,
429 nSubAuthority4
, nSubAuthority5
, nSubAuthority6
, nSubAuthority7
,
433 /******************************************************************************
434 * FreeSid [ADVAPI32.@]
443 return NULL
; /* is documented like this */
446 /******************************************************************************
447 * CopySid [ADVAPI32.@]
450 * nDestinationSidLength []
455 CopySid( DWORD nDestinationSidLength
, PSID pDestinationSid
, PSID pSourceSid
)
457 return RtlCopySid(nDestinationSidLength
, pDestinationSid
, pSourceSid
);
461 IsTokenRestricted( HANDLE TokenHandle
)
463 TOKEN_GROUPS
*groups
;
468 TRACE("(%p)\n", TokenHandle
);
470 status
= NtQueryInformationToken(TokenHandle
, TokenRestrictedSids
, NULL
, 0, &size
);
471 if (status
!= STATUS_BUFFER_TOO_SMALL
)
474 groups
= HeapAlloc(GetProcessHeap(), 0, size
);
477 SetLastError(ERROR_OUTOFMEMORY
);
481 status
= NtQueryInformationToken(TokenHandle
, TokenRestrictedSids
, groups
, size
, &size
);
482 if (status
!= STATUS_SUCCESS
)
484 HeapFree(GetProcessHeap(), 0, groups
);
485 return set_ntstatus(status
);
488 if (groups
->GroupCount
)
493 HeapFree(GetProcessHeap(), 0, groups
);
498 /******************************************************************************
499 * IsValidSid [ADVAPI32.@]
505 IsValidSid( PSID pSid
)
507 return RtlValidSid( pSid
);
510 /******************************************************************************
511 * EqualSid [ADVAPI32.@]
518 EqualSid( PSID pSid1
, PSID pSid2
)
520 return RtlEqualSid( pSid1
, pSid2
);
523 /******************************************************************************
524 * EqualPrefixSid [ADVAPI32.@]
526 BOOL WINAPI
EqualPrefixSid (PSID pSid1
, PSID pSid2
)
528 return RtlEqualPrefixSid(pSid1
, pSid2
);
531 /******************************************************************************
532 * GetSidLengthRequired [ADVAPI32.@]
535 * nSubAuthorityCount []
538 GetSidLengthRequired( BYTE nSubAuthorityCount
)
540 return RtlLengthRequiredSid(nSubAuthorityCount
);
543 /******************************************************************************
544 * InitializeSid [ADVAPI32.@]
547 * pIdentifierAuthority []
552 PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority
,
553 BYTE nSubAuthorityCount
)
555 return RtlInitializeSid(pSid
, pIdentifierAuthority
, nSubAuthorityCount
);
559 GetEffectiveRightsFromAclA( PACL pacl
, PTRUSTEEA pTrustee
, PACCESS_MASK pAccessRights
)
561 FIXME("%p %p %p - stub\n", pacl
, pTrustee
, pAccessRights
);
567 GetEffectiveRightsFromAclW( PACL pacl
, PTRUSTEEW pTrustee
, PACCESS_MASK pAccessRights
)
569 FIXME("%p %p %p - stub\n", pacl
, pTrustee
, pAccessRights
);
574 /******************************************************************************
575 * GetSidIdentifierAuthority [ADVAPI32.@]
580 PSID_IDENTIFIER_AUTHORITY WINAPI
581 GetSidIdentifierAuthority( PSID pSid
)
583 return RtlIdentifierAuthoritySid(pSid
);
586 /******************************************************************************
587 * GetSidSubAuthority [ADVAPI32.@]
594 GetSidSubAuthority( PSID pSid
, DWORD nSubAuthority
)
596 return RtlSubAuthoritySid(pSid
, nSubAuthority
);
599 /******************************************************************************
600 * GetSidSubAuthorityCount [ADVAPI32.@]
606 GetSidSubAuthorityCount (PSID pSid
)
608 return RtlSubAuthorityCountSid(pSid
);
611 /******************************************************************************
612 * GetLengthSid [ADVAPI32.@]
618 GetLengthSid (PSID pSid
)
620 return RtlLengthSid(pSid
);
623 /* ##############################################
624 ###### SECURITY DESCRIPTOR FUNCTIONS ######
625 ##############################################
628 /******************************************************************************
629 * BuildSecurityDescriptorA [ADVAPI32.@]
636 * cCountOfAccessEntries [I]
637 * pListOfAccessEntries [I]
638 * cCountOfAuditEntries [I]
639 * pListofAuditEntries [I]
641 * lpdwBufferLength [I/O]
645 * Success: ERROR_SUCCESS
646 * Failure: nonzero error code from Winerror.h
648 DWORD WINAPI
BuildSecurityDescriptorA(
651 IN ULONG cCountOfAccessEntries
,
652 IN PEXPLICIT_ACCESSA pListOfAccessEntries
,
653 IN ULONG cCountOfAuditEntries
,
654 IN PEXPLICIT_ACCESSA pListofAuditEntries
,
655 IN PSECURITY_DESCRIPTOR pOldSD
,
656 IN OUT PULONG lpdwBufferLength
,
657 OUT PSECURITY_DESCRIPTOR
* pNewSD
)
659 FIXME("(%p,%p,%ld,%p,%ld,%p,%p,%p,%p) stub!\n",pOwner
,pGroup
,
660 cCountOfAccessEntries
,pListOfAccessEntries
,cCountOfAuditEntries
,
661 pListofAuditEntries
,pOldSD
,lpdwBufferLength
,pNewSD
);
663 return ERROR_CALL_NOT_IMPLEMENTED
;
666 /******************************************************************************
667 * BuildSecurityDescriptorW [ADVAPI32.@]
669 * See BuildSecurityDescriptorA.
671 DWORD WINAPI
BuildSecurityDescriptorW(
674 IN ULONG cCountOfAccessEntries
,
675 IN PEXPLICIT_ACCESSW pListOfAccessEntries
,
676 IN ULONG cCountOfAuditEntries
,
677 IN PEXPLICIT_ACCESSW pListofAuditEntries
,
678 IN PSECURITY_DESCRIPTOR pOldSD
,
679 IN OUT PULONG lpdwBufferLength
,
680 OUT PSECURITY_DESCRIPTOR
* pNewSD
)
682 FIXME("(%p,%p,%ld,%p,%ld,%p,%p,%p,%p) stub!\n",pOwner
,pGroup
,
683 cCountOfAccessEntries
,pListOfAccessEntries
,cCountOfAuditEntries
,
684 pListofAuditEntries
,pOldSD
,lpdwBufferLength
,pNewSD
);
686 return ERROR_CALL_NOT_IMPLEMENTED
;
689 /******************************************************************************
690 * InitializeSecurityDescriptor [ADVAPI32.@]
697 InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR pDescr
, DWORD revision
)
699 return set_ntstatus( RtlCreateSecurityDescriptor(pDescr
, revision
));
703 /******************************************************************************
704 * MakeAbsoluteSD [ADVAPI32.@]
706 BOOL WINAPI
MakeAbsoluteSD (
707 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor
,
708 OUT PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor
,
709 OUT LPDWORD lpdwAbsoluteSecurityDescriptorSize
,
711 OUT LPDWORD lpdwDaclSize
,
713 OUT LPDWORD lpdwSaclSize
,
715 OUT LPDWORD lpdwOwnerSize
,
716 OUT PSID pPrimaryGroup
,
717 OUT LPDWORD lpdwPrimaryGroupSize
)
719 return set_ntstatus( RtlSelfRelativeToAbsoluteSD(pSelfRelativeSecurityDescriptor
,
720 pAbsoluteSecurityDescriptor
,
721 lpdwAbsoluteSecurityDescriptorSize
,
722 pDacl
, lpdwDaclSize
, pSacl
, lpdwSaclSize
,
723 pOwner
, lpdwOwnerSize
,
724 pPrimaryGroup
, lpdwPrimaryGroupSize
));
727 /******************************************************************************
728 * GetKernelObjectSecurity [ADVAPI32.@]
730 BOOL WINAPI
GetKernelObjectSecurity(
732 SECURITY_INFORMATION RequestedInformation
,
733 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
735 LPDWORD lpnLengthNeeded
)
737 TRACE("(%p,0x%08lx,%p,0x%08lx,%p)\n", Handle
, RequestedInformation
,
738 pSecurityDescriptor
, nLength
, lpnLengthNeeded
);
740 return set_ntstatus( NtQuerySecurityObject(Handle
, RequestedInformation
, pSecurityDescriptor
,
741 nLength
, lpnLengthNeeded
));
744 /******************************************************************************
745 * GetPrivateObjectSecurity [ADVAPI32.@]
747 BOOL WINAPI
GetPrivateObjectSecurity(
748 PSECURITY_DESCRIPTOR ObjectDescriptor
,
749 SECURITY_INFORMATION SecurityInformation
,
750 PSECURITY_DESCRIPTOR ResultantDescriptor
,
751 DWORD DescriptorLength
,
752 PDWORD ReturnLength
)
754 TRACE("(%p,0x%08lx,%p,0x%08lx,%p)\n", ObjectDescriptor
, SecurityInformation
,
755 ResultantDescriptor
, DescriptorLength
, ReturnLength
);
757 return set_ntstatus( NtQuerySecurityObject(ObjectDescriptor
, SecurityInformation
,
758 ResultantDescriptor
, DescriptorLength
, ReturnLength
));
761 /******************************************************************************
762 * GetSecurityDescriptorLength [ADVAPI32.@]
764 DWORD WINAPI
GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR pDescr
)
766 return RtlLengthSecurityDescriptor(pDescr
);
769 /******************************************************************************
770 * GetSecurityDescriptorOwner [ADVAPI32.@]
774 * lpbOwnerDefaulted []
777 GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pDescr
, PSID
*pOwner
,
778 LPBOOL lpbOwnerDefaulted
)
781 BOOL ret
= set_ntstatus( RtlGetOwnerSecurityDescriptor( pDescr
, pOwner
, &defaulted
));
782 *lpbOwnerDefaulted
= defaulted
;
786 /******************************************************************************
787 * SetSecurityDescriptorOwner [ADVAPI32.@]
791 BOOL WINAPI
SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor
,
792 PSID pOwner
, BOOL bOwnerDefaulted
)
794 return set_ntstatus( RtlSetOwnerSecurityDescriptor(pSecurityDescriptor
, pOwner
, bOwnerDefaulted
));
796 /******************************************************************************
797 * GetSecurityDescriptorGroup [ADVAPI32.@]
799 BOOL WINAPI
GetSecurityDescriptorGroup(
800 PSECURITY_DESCRIPTOR SecurityDescriptor
,
802 LPBOOL GroupDefaulted
)
805 BOOL ret
= set_ntstatus( RtlGetGroupSecurityDescriptor(SecurityDescriptor
, Group
, &defaulted
));
806 *GroupDefaulted
= defaulted
;
809 /******************************************************************************
810 * SetSecurityDescriptorGroup [ADVAPI32.@]
812 BOOL WINAPI
SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor
,
813 PSID Group
, BOOL GroupDefaulted
)
815 return set_ntstatus( RtlSetGroupSecurityDescriptor( SecurityDescriptor
, Group
, GroupDefaulted
));
818 /******************************************************************************
819 * IsValidSecurityDescriptor [ADVAPI32.@]
825 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor
)
827 return set_ntstatus( RtlValidSecurityDescriptor(SecurityDescriptor
));
830 /******************************************************************************
831 * GetSecurityDescriptorDacl [ADVAPI32.@]
833 BOOL WINAPI
GetSecurityDescriptorDacl(
834 IN PSECURITY_DESCRIPTOR pSecurityDescriptor
,
835 OUT LPBOOL lpbDaclPresent
,
837 OUT LPBOOL lpbDaclDefaulted
)
839 BOOLEAN present
, defaulted
;
840 BOOL ret
= set_ntstatus( RtlGetDaclSecurityDescriptor(pSecurityDescriptor
, &present
, pDacl
, &defaulted
));
841 *lpbDaclPresent
= present
;
842 *lpbDaclDefaulted
= defaulted
;
846 /******************************************************************************
847 * SetSecurityDescriptorDacl [ADVAPI32.@]
850 SetSecurityDescriptorDacl (
851 PSECURITY_DESCRIPTOR lpsd
,
856 return set_ntstatus( RtlSetDaclSecurityDescriptor (lpsd
, daclpresent
, dacl
, dacldefaulted
) );
858 /******************************************************************************
859 * GetSecurityDescriptorSacl [ADVAPI32.@]
861 BOOL WINAPI
GetSecurityDescriptorSacl(
862 IN PSECURITY_DESCRIPTOR lpsd
,
863 OUT LPBOOL lpbSaclPresent
,
865 OUT LPBOOL lpbSaclDefaulted
)
867 BOOLEAN present
, defaulted
;
868 BOOL ret
= set_ntstatus( RtlGetSaclSecurityDescriptor(lpsd
, &present
, pSacl
, &defaulted
) );
869 *lpbSaclPresent
= present
;
870 *lpbSaclDefaulted
= defaulted
;
874 /**************************************************************************
875 * SetSecurityDescriptorSacl [ADVAPI32.@]
877 BOOL WINAPI
SetSecurityDescriptorSacl (
878 PSECURITY_DESCRIPTOR lpsd
,
883 return set_ntstatus (RtlSetSaclSecurityDescriptor(lpsd
, saclpresent
, lpsacl
, sacldefaulted
));
885 /******************************************************************************
886 * MakeSelfRelativeSD [ADVAPI32.@]
895 IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor
,
896 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor
,
897 IN OUT LPDWORD lpdwBufferLength
)
899 return set_ntstatus( RtlMakeSelfRelativeSD( pAbsoluteSecurityDescriptor
,
900 pSelfRelativeSecurityDescriptor
, lpdwBufferLength
));
903 /******************************************************************************
904 * GetSecurityDescriptorControl [ADVAPI32.@]
907 BOOL WINAPI
GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR pSecurityDescriptor
,
908 PSECURITY_DESCRIPTOR_CONTROL pControl
, LPDWORD lpdwRevision
)
910 return set_ntstatus( RtlGetControlSecurityDescriptor(pSecurityDescriptor
,pControl
,lpdwRevision
));
913 /* ##############################
914 ###### ACL FUNCTIONS ######
915 ##############################
918 /*************************************************************************
919 * InitializeAcl [ADVAPI32.@]
921 BOOL WINAPI
InitializeAcl(PACL acl
, DWORD size
, DWORD rev
)
923 return set_ntstatus( RtlCreateAcl(acl
, size
, rev
));
926 BOOL WINAPI
ImpersonateNamedPipeClient( HANDLE hNamedPipe
)
928 TRACE("(%p)\n", hNamedPipe
);
930 return set_ntstatus( NtFsControlFile(hNamedPipe
, NULL
, NULL
, NULL
, NULL
,
931 FSCTL_PIPE_IMPERSONATE
, NULL
, 0, NULL
, 0) );
934 /******************************************************************************
935 * AddAccessAllowedAce [ADVAPI32.@]
937 BOOL WINAPI
AddAccessAllowedAce(
939 IN DWORD dwAceRevision
,
943 return set_ntstatus(RtlAddAccessAllowedAce(pAcl
, dwAceRevision
, AccessMask
, pSid
));
946 /******************************************************************************
947 * AddAccessAllowedAceEx [ADVAPI32.@]
949 BOOL WINAPI
AddAccessAllowedAceEx(
951 IN DWORD dwAceRevision
,
956 return set_ntstatus(RtlAddAccessAllowedAceEx(pAcl
, dwAceRevision
, AceFlags
, AccessMask
, pSid
));
959 /******************************************************************************
960 * AddAccessDeniedAce [ADVAPI32.@]
962 BOOL WINAPI
AddAccessDeniedAce(
964 IN DWORD dwAceRevision
,
968 return set_ntstatus(RtlAddAccessDeniedAce(pAcl
, dwAceRevision
, AccessMask
, pSid
));
971 /******************************************************************************
972 * AddAccessDeniedAceEx [ADVAPI32.@]
974 BOOL WINAPI
AddAccessDeniedAceEx(
976 IN DWORD dwAceRevision
,
981 return set_ntstatus(RtlAddAccessDeniedAceEx(pAcl
, dwAceRevision
, AceFlags
, AccessMask
, pSid
));
984 /******************************************************************************
985 * AddAce [ADVAPI32.@]
989 IN DWORD dwAceRevision
,
990 IN DWORD dwStartingAceIndex
,
992 DWORD nAceListLength
)
994 return set_ntstatus(RtlAddAce(pAcl
, dwAceRevision
, dwStartingAceIndex
, pAceList
, nAceListLength
));
997 /******************************************************************************
998 * DeleteAce [ADVAPI32.@]
1000 BOOL WINAPI
DeleteAce(PACL pAcl
, DWORD dwAceIndex
)
1002 return set_ntstatus(RtlDeleteAce(pAcl
, dwAceIndex
));
1005 /******************************************************************************
1006 * FindFirstFreeAce [ADVAPI32.@]
1008 BOOL WINAPI
FindFirstFreeAce(IN PACL pAcl
, LPVOID
* pAce
)
1010 return RtlFirstFreeAce(pAcl
, (PACE_HEADER
*)pAce
);
1013 /******************************************************************************
1014 * GetAce [ADVAPI32.@]
1016 BOOL WINAPI
GetAce(PACL pAcl
,DWORD dwAceIndex
,LPVOID
*pAce
)
1018 return set_ntstatus(RtlGetAce(pAcl
, dwAceIndex
, pAce
));
1021 /******************************************************************************
1022 * GetAclInformation [ADVAPI32.@]
1024 BOOL WINAPI
GetAclInformation(
1026 LPVOID pAclInformation
,
1027 DWORD nAclInformationLength
,
1028 ACL_INFORMATION_CLASS dwAclInformationClass
)
1030 return set_ntstatus(RtlQueryInformationAcl(pAcl
, pAclInformation
,
1031 nAclInformationLength
, dwAclInformationClass
));
1034 /******************************************************************************
1035 * IsValidAcl [ADVAPI32.@]
1037 BOOL WINAPI
IsValidAcl(IN PACL pAcl
)
1039 return RtlValidAcl(pAcl
);
1042 /* ##############################
1043 ###### MISC FUNCTIONS ######
1044 ##############################
1047 /******************************************************************************
1048 * AllocateLocallyUniqueId [ADVAPI32.@]
1053 BOOL WINAPI
AllocateLocallyUniqueId( PLUID lpLuid
)
1055 return set_ntstatus(NtAllocateLocallyUniqueId(lpLuid
));
1058 static const WCHAR SE_CREATE_TOKEN_NAME_W
[] =
1059 { 'S','e','C','r','e','a','t','e','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
1060 static const WCHAR SE_ASSIGNPRIMARYTOKEN_NAME_W
[] =
1061 { 'S','e','A','s','s','i','g','n','P','r','i','m','a','r','y','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
1062 static const WCHAR SE_LOCK_MEMORY_NAME_W
[] =
1063 { 'S','e','L','o','c','k','M','e','m','o','r','y','P','r','i','v','i','l','e','g','e',0 };
1064 static const WCHAR SE_INCREASE_QUOTA_NAME_W
[] =
1065 { 'S','e','I','n','c','r','e','a','s','e','Q','u','o','t','a','P','r','i','v','i','l','e','g','e',0 };
1066 static const WCHAR SE_MACHINE_ACCOUNT_NAME_W
[] =
1067 { 'S','e','M','a','c','h','i','n','e','A','c','c','o','u','n','t','P','r','i','v','i','l','e','g','e',0 };
1068 static const WCHAR SE_TCB_NAME_W
[] =
1069 { 'S','e','T','c','b','P','r','i','v','i','l','e','g','e',0 };
1070 static const WCHAR SE_SECURITY_NAME_W
[] =
1071 { 'S','e','S','e','c','u','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
1072 static const WCHAR SE_TAKE_OWNERSHIP_NAME_W
[] =
1073 { 'S','e','T','a','k','e','O','w','n','e','r','s','h','i','p','P','r','i','v','i','l','e','g','e',0 };
1074 static const WCHAR SE_LOAD_DRIVER_NAME_W
[] =
1075 { 'S','e','L','o','a','d','D','r','i','v','e','r','P','r','i','v','i','l','e','g','e',0 };
1076 static const WCHAR SE_SYSTEM_PROFILE_NAME_W
[] =
1077 { 'S','e','S','y','s','t','e','m','P','r','o','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
1078 static const WCHAR SE_SYSTEMTIME_NAME_W
[] =
1079 { 'S','e','S','y','s','t','e','m','t','i','m','e','P','r','i','v','i','l','e','g','e',0 };
1080 static const WCHAR SE_PROF_SINGLE_PROCESS_NAME_W
[] =
1081 { 'S','e','P','r','o','f','i','l','e','S','i','n','g','l','e','P','r','o','c','e','s','s','P','r','i','v','i','l','e','g','e',0 };
1082 static const WCHAR SE_INC_BASE_PRIORITY_NAME_W
[] =
1083 { 'S','e','I','n','c','r','e','a','s','e','B','a','s','e','P','r','i','o','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
1084 static const WCHAR SE_CREATE_PAGEFILE_NAME_W
[] =
1085 { 'S','e','C','r','e','a','t','e','P','a','g','e','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
1086 static const WCHAR SE_CREATE_PERMANENT_NAME_W
[] =
1087 { 'S','e','C','r','e','a','t','e','P','e','r','m','a','n','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1088 static const WCHAR SE_BACKUP_NAME_W
[] =
1089 { 'S','e','B','a','c','k','u','p','P','r','i','v','i','l','e','g','e',0 };
1090 static const WCHAR SE_RESTORE_NAME_W
[] =
1091 { 'S','e','R','e','s','t','o','r','e','P','r','i','v','i','l','e','g','e',0 };
1092 static const WCHAR SE_SHUTDOWN_NAME_W
[] =
1093 { 'S','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
1094 static const WCHAR SE_DEBUG_NAME_W
[] =
1095 { 'S','e','D','e','b','u','g','P','r','i','v','i','l','e','g','e',0 };
1096 static const WCHAR SE_AUDIT_NAME_W
[] =
1097 { 'S','e','A','u','d','i','t','P','r','i','v','i','l','e','g','e',0 };
1098 static const WCHAR SE_SYSTEM_ENVIRONMENT_NAME_W
[] =
1099 { 'S','e','S','y','s','t','e','m','E','n','v','i','r','o','n','m','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1100 static const WCHAR SE_CHANGE_NOTIFY_NAME_W
[] =
1101 { 'S','e','C','h','a','n','g','e','N','o','t','i','f','y','P','r','i','v','i','l','e','g','e',0 };
1102 static const WCHAR SE_REMOTE_SHUTDOWN_NAME_W
[] =
1103 { 'S','e','R','e','m','o','t','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
1104 static const WCHAR SE_UNDOCK_NAME_W
[] =
1105 { 'S','e','U','n','d','o','c','k','P','r','i','v','i','l','e','g','e',0 };
1106 static const WCHAR SE_SYNC_AGENT_NAME_W
[] =
1107 { 'S','e','S','y','n','c','A','g','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1108 static const WCHAR SE_ENABLE_DELEGATION_NAME_W
[] =
1109 { 'S','e','E','n','a','b','l','e','D','e','l','e','g','a','t','i','o','n','P','r','i','v','i','l','e','g','e',0 };
1110 static const WCHAR SE_MANAGE_VOLUME_NAME_W
[] =
1111 { 'S','e','M','a','n','a','g','e','V','o','l','u','m','e','P','r','i','v','i','l','e','g','e',0 };
1112 static const WCHAR SE_IMPERSONATE_NAME_W
[] =
1113 { 'S','e','I','m','p','e','r','s','o','n','a','t','e','P','r','i','v','i','l','e','g','e',0 };
1114 static const WCHAR SE_CREATE_GLOBAL_NAME_W
[] =
1115 { 'S','e','C','r','e','a','t','e','G','l','o','b','a','l','P','r','i','v','i','l','e','g','e',0 };
1117 static const WCHAR
* const WellKnownPrivNames
[SE_MAX_WELL_KNOWN_PRIVILEGE
+ 1] =
1121 SE_CREATE_TOKEN_NAME_W
,
1122 SE_ASSIGNPRIMARYTOKEN_NAME_W
,
1123 SE_LOCK_MEMORY_NAME_W
,
1124 SE_INCREASE_QUOTA_NAME_W
,
1125 SE_MACHINE_ACCOUNT_NAME_W
,
1128 SE_TAKE_OWNERSHIP_NAME_W
,
1129 SE_LOAD_DRIVER_NAME_W
,
1130 SE_SYSTEM_PROFILE_NAME_W
,
1131 SE_SYSTEMTIME_NAME_W
,
1132 SE_PROF_SINGLE_PROCESS_NAME_W
,
1133 SE_INC_BASE_PRIORITY_NAME_W
,
1134 SE_CREATE_PAGEFILE_NAME_W
,
1135 SE_CREATE_PERMANENT_NAME_W
,
1141 SE_SYSTEM_ENVIRONMENT_NAME_W
,
1142 SE_CHANGE_NOTIFY_NAME_W
,
1143 SE_REMOTE_SHUTDOWN_NAME_W
,
1145 SE_SYNC_AGENT_NAME_W
,
1146 SE_ENABLE_DELEGATION_NAME_W
,
1147 SE_MANAGE_VOLUME_NAME_W
,
1148 SE_IMPERSONATE_NAME_W
,
1149 SE_CREATE_GLOBAL_NAME_W
,
1152 /******************************************************************************
1153 * LookupPrivilegeValueW [ADVAPI32.@]
1155 * See LookupPrivilegeValueA.
1158 LookupPrivilegeValueW( LPCWSTR lpSystemName
, LPCWSTR lpName
, PLUID lpLuid
)
1162 TRACE("%s,%s,%p\n",debugstr_w(lpSystemName
), debugstr_w(lpName
), lpLuid
);
1164 if (!ADVAPI_IsLocalComputer(lpSystemName
))
1166 SetLastError(RPC_S_SERVER_UNAVAILABLE
);
1171 SetLastError(ERROR_NO_SUCH_PRIVILEGE
);
1174 for( i
=SE_MIN_WELL_KNOWN_PRIVILEGE
; i
<SE_MAX_WELL_KNOWN_PRIVILEGE
; i
++ )
1176 if( !WellKnownPrivNames
[i
] )
1178 if( strcmpiW( WellKnownPrivNames
[i
], lpName
) )
1180 lpLuid
->LowPart
= i
;
1181 lpLuid
->HighPart
= 0;
1182 TRACE( "%s -> %08lx-%08lx\n",debugstr_w( lpSystemName
),
1183 lpLuid
->HighPart
, lpLuid
->LowPart
);
1186 SetLastError(ERROR_NO_SUCH_PRIVILEGE
);
1190 /******************************************************************************
1191 * LookupPrivilegeValueA [ADVAPI32.@]
1193 * Retrieves LUID used on a system to represent the privilege name.
1196 * lpSystemName [I] Name of the system
1197 * lpName [I] Name of the privilege
1198 * lpLuid [O] Destination for the resulting LUID
1201 * Success: TRUE. lpLuid contains the requested LUID.
1205 LookupPrivilegeValueA( LPCSTR lpSystemName
, LPCSTR lpName
, PLUID lpLuid
)
1207 UNICODE_STRING lpSystemNameW
;
1208 UNICODE_STRING lpNameW
;
1211 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW
, lpSystemName
);
1212 RtlCreateUnicodeStringFromAsciiz(&lpNameW
,lpName
);
1213 ret
= LookupPrivilegeValueW(lpSystemNameW
.Buffer
, lpNameW
.Buffer
, lpLuid
);
1214 RtlFreeUnicodeString(&lpNameW
);
1215 RtlFreeUnicodeString(&lpSystemNameW
);
1219 BOOL WINAPI
LookupPrivilegeDisplayNameA( LPCSTR lpSystemName
, LPCSTR lpName
, LPSTR lpDisplayName
,
1220 LPDWORD cchDisplayName
, LPDWORD lpLanguageId
)
1222 FIXME("%s %s %s %p %p - stub\n", debugstr_a(lpSystemName
), debugstr_a(lpName
),
1223 debugstr_a(lpDisplayName
), cchDisplayName
, lpLanguageId
);
1228 BOOL WINAPI
LookupPrivilegeDisplayNameW( LPCWSTR lpSystemName
, LPCWSTR lpName
, LPWSTR lpDisplayName
,
1229 LPDWORD cchDisplayName
, LPDWORD lpLanguageId
)
1231 FIXME("%s %s %s %p %p - stub\n", debugstr_w(lpSystemName
), debugstr_w(lpName
),
1232 debugstr_w(lpDisplayName
), cchDisplayName
, lpLanguageId
);
1237 /******************************************************************************
1238 * LookupPrivilegeNameA [ADVAPI32.@]
1240 * See LookupPrivilegeNameW.
1243 LookupPrivilegeNameA( LPCSTR lpSystemName
, PLUID lpLuid
, LPSTR lpName
,
1246 UNICODE_STRING lpSystemNameW
;
1250 TRACE("%s %p %p %p\n", debugstr_a(lpSystemName
), lpLuid
, lpName
, cchName
);
1252 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW
, lpSystemName
);
1253 ret
= LookupPrivilegeNameW(lpSystemNameW
.Buffer
, lpLuid
, NULL
, &wLen
);
1254 if (!ret
&& GetLastError() == ERROR_INSUFFICIENT_BUFFER
)
1256 LPWSTR lpNameW
= HeapAlloc(GetProcessHeap(), 0, wLen
* sizeof(WCHAR
));
1258 ret
= LookupPrivilegeNameW(lpSystemNameW
.Buffer
, lpLuid
, lpNameW
,
1262 /* Windows crashes if cchName is NULL, so will I */
1263 int len
= WideCharToMultiByte(CP_ACP
, 0, lpNameW
, -1, lpName
,
1264 *cchName
, NULL
, NULL
);
1268 /* WideCharToMultiByte failed */
1271 else if (len
> *cchName
)
1274 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1279 /* WideCharToMultiByte succeeded, output length needs to be
1280 * length not including NULL terminator
1285 HeapFree(GetProcessHeap(), 0, lpNameW
);
1287 RtlFreeUnicodeString(&lpSystemNameW
);
1291 /******************************************************************************
1292 * LookupPrivilegeNameW [ADVAPI32.@]
1294 * Retrieves the privilege name referred to by the LUID lpLuid.
1297 * lpSystemName [I] Name of the system
1298 * lpLuid [I] Privilege value
1299 * lpName [O] Name of the privilege
1300 * cchName [I/O] Number of characters in lpName.
1303 * Success: TRUE. lpName contains the name of the privilege whose value is
1308 * Only well-known privilege names (those defined in winnt.h) can be retrieved
1309 * using this function.
1310 * If the length of lpName is too small, on return *cchName will contain the
1311 * number of WCHARs needed to contain the privilege, including the NULL
1312 * terminator, and GetLastError will return ERROR_INSUFFICIENT_BUFFER.
1313 * On success, *cchName will contain the number of characters stored in
1314 * lpName, NOT including the NULL terminator.
1317 LookupPrivilegeNameW( LPCWSTR lpSystemName
, PLUID lpLuid
, LPWSTR lpName
,
1322 TRACE("%s,%p,%p,%p\n",debugstr_w(lpSystemName
), lpLuid
, lpName
, cchName
);
1324 if (!ADVAPI_IsLocalComputer(lpSystemName
))
1326 SetLastError(RPC_S_SERVER_UNAVAILABLE
);
1329 if (lpLuid
->HighPart
|| (lpLuid
->LowPart
< SE_MIN_WELL_KNOWN_PRIVILEGE
||
1330 lpLuid
->LowPart
> SE_MAX_WELL_KNOWN_PRIVILEGE
))
1332 SetLastError(ERROR_NO_SUCH_PRIVILEGE
);
1335 privNameLen
= strlenW(WellKnownPrivNames
[lpLuid
->LowPart
]);
1336 /* Windows crashes if cchName is NULL, so will I */
1337 if (*cchName
<= privNameLen
)
1339 *cchName
= privNameLen
+ 1;
1340 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1345 strcpyW(lpName
, WellKnownPrivNames
[lpLuid
->LowPart
]);
1346 *cchName
= privNameLen
;
1351 /******************************************************************************
1352 * GetFileSecurityA [ADVAPI32.@]
1354 * Obtains Specified information about the security of a file or directory.
1357 * lpFileName [I] Name of the file to get info for
1358 * RequestedInformation [I] SE_ flags from "winnt.h"
1359 * pSecurityDescriptor [O] Destination for security information
1360 * nLength [I] Length of pSecurityDescriptor
1361 * lpnLengthNeeded [O] Destination for length of returned security information
1364 * Success: TRUE. pSecurityDescriptor contains the requested information.
1365 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
1368 * The information returned is constrained by the callers access rights and
1372 GetFileSecurityA( LPCSTR lpFileName
,
1373 SECURITY_INFORMATION RequestedInformation
,
1374 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
1375 DWORD nLength
, LPDWORD lpnLengthNeeded
)
1383 len
= MultiByteToWideChar( CP_ACP
, 0, lpFileName
, -1, NULL
, 0 );
1384 name
= HeapAlloc( GetProcessHeap(), 0, len
*sizeof(WCHAR
) );
1385 MultiByteToWideChar( CP_ACP
, 0, lpFileName
, -1, name
, len
);
1388 r
= GetFileSecurityW( name
, RequestedInformation
, pSecurityDescriptor
,
1389 nLength
, lpnLengthNeeded
);
1390 HeapFree( GetProcessHeap(), 0, name
);
1395 /******************************************************************************
1396 * GetFileSecurityW [ADVAPI32.@]
1398 * See GetFileSecurityA.
1401 GetFileSecurityW( LPCWSTR lpFileName
,
1402 SECURITY_INFORMATION RequestedInformation
,
1403 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
1404 DWORD nLength
, LPDWORD lpnLengthNeeded
)
1409 SECURITY_DESCRIPTOR_RELATIVE
*pSDRelative
;
1411 if(INVALID_FILE_ATTRIBUTES
== GetFileAttributesW(lpFileName
))
1414 FIXME("(%s) : returns fake SECURITY_DESCRIPTOR\n", debugstr_w(lpFileName
) );
1416 nNeeded
= sizeof(SECURITY_DESCRIPTOR_RELATIVE
);
1417 if (RequestedInformation
& OWNER_SECURITY_INFORMATION
)
1418 nNeeded
+= sizeof(sidWorld
);
1419 if (RequestedInformation
& GROUP_SECURITY_INFORMATION
)
1420 nNeeded
+= sizeof(sidWorld
);
1421 if (RequestedInformation
& DACL_SECURITY_INFORMATION
)
1422 nNeeded
+= WINE_SIZE_OF_WORLD_ACCESS_ACL
;
1423 if (RequestedInformation
& SACL_SECURITY_INFORMATION
)
1424 nNeeded
+= WINE_SIZE_OF_WORLD_ACCESS_ACL
;
1426 *lpnLengthNeeded
= nNeeded
;
1428 if (nNeeded
> nLength
)
1431 if (!InitializeSecurityDescriptor(pSecurityDescriptor
, SECURITY_DESCRIPTOR_REVISION
))
1434 pSDRelative
= (PISECURITY_DESCRIPTOR_RELATIVE
) pSecurityDescriptor
;
1435 pSDRelative
->Control
|= SE_SELF_RELATIVE
;
1436 pBuffer
= (LPBYTE
) pSDRelative
;
1437 iLocNow
= sizeof(SECURITY_DESCRIPTOR_RELATIVE
);
1439 if (RequestedInformation
& OWNER_SECURITY_INFORMATION
)
1441 memcpy(pBuffer
+ iLocNow
, &sidWorld
, sizeof(sidWorld
));
1442 pSDRelative
->Owner
= iLocNow
;
1443 iLocNow
+= sizeof(sidWorld
);
1445 if (RequestedInformation
& GROUP_SECURITY_INFORMATION
)
1447 memcpy(pBuffer
+ iLocNow
, &sidWorld
, sizeof(sidWorld
));
1448 pSDRelative
->Group
= iLocNow
;
1449 iLocNow
+= sizeof(sidWorld
);
1451 if (RequestedInformation
& DACL_SECURITY_INFORMATION
)
1453 GetWorldAccessACL((PACL
) (pBuffer
+ iLocNow
));
1454 pSDRelative
->Dacl
= iLocNow
;
1455 iLocNow
+= WINE_SIZE_OF_WORLD_ACCESS_ACL
;
1457 if (RequestedInformation
& SACL_SECURITY_INFORMATION
)
1459 GetWorldAccessACL((PACL
) (pBuffer
+ iLocNow
));
1460 pSDRelative
->Sacl
= iLocNow
;
1461 /* iLocNow += WINE_SIZE_OF_WORLD_ACCESS_ACL; */
1467 /******************************************************************************
1468 * LookupAccountSidA [ADVAPI32.@]
1475 IN OUT LPDWORD accountSize
,
1477 IN OUT LPDWORD domainSize
,
1478 OUT PSID_NAME_USE name_use
)
1480 static const char ac
[] = "Administrator";
1481 static const char dm
[] = "DOMAIN";
1482 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1483 debugstr_a(system
),sid
,
1484 account
,accountSize
,accountSize
?*accountSize
:0,
1485 domain
,domainSize
,domainSize
?*domainSize
:0,
1488 if (accountSize
) *accountSize
= strlen(ac
)+1;
1489 if (account
&& (*accountSize
> strlen(ac
)))
1490 strcpy(account
, ac
);
1492 if (domainSize
) *domainSize
= strlen(dm
)+1;
1493 if (domain
&& (*domainSize
> strlen(dm
)))
1496 if (name_use
) *name_use
= SidTypeUser
;
1500 /******************************************************************************
1501 * LookupAccountSidW [ADVAPI32.@]
1517 IN OUT LPDWORD accountSize
,
1519 IN OUT LPDWORD domainSize
,
1520 OUT PSID_NAME_USE name_use
)
1522 static const WCHAR ac
[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
1523 static const WCHAR dm
[] = {'D','O','M','A','I','N',0};
1524 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1525 debugstr_w(system
),sid
,
1526 account
,accountSize
,accountSize
?*accountSize
:0,
1527 domain
,domainSize
,domainSize
?*domainSize
:0,
1530 if (accountSize
) *accountSize
= strlenW(ac
)+1;
1531 if (account
&& (*accountSize
> strlenW(ac
)))
1532 strcpyW(account
, ac
);
1534 if (domainSize
) *domainSize
= strlenW(dm
)+1;
1535 if (domain
&& (*domainSize
> strlenW(dm
)))
1538 if (name_use
) *name_use
= SidTypeUser
;
1542 /******************************************************************************
1543 * SetFileSecurityA [ADVAPI32.@]
1545 * See SetFileSecurityW.
1547 BOOL WINAPI
SetFileSecurityA( LPCSTR lpFileName
,
1548 SECURITY_INFORMATION RequestedInformation
,
1549 PSECURITY_DESCRIPTOR pSecurityDescriptor
)
1557 len
= MultiByteToWideChar( CP_ACP
, 0, lpFileName
, -1, NULL
, 0 );
1558 name
= HeapAlloc( GetProcessHeap(), 0, len
*sizeof(WCHAR
) );
1559 MultiByteToWideChar( CP_ACP
, 0, lpFileName
, -1, name
, len
);
1562 r
= SetFileSecurityW( name
, RequestedInformation
, pSecurityDescriptor
);
1563 HeapFree( GetProcessHeap(), 0, name
);
1568 /******************************************************************************
1569 * SetFileSecurityW [ADVAPI32.@]
1571 * Sets the security of a file or directory.
1575 * RequestedInformation []
1576 * pSecurityDescriptor []
1583 SetFileSecurityW( LPCWSTR lpFileName
,
1584 SECURITY_INFORMATION RequestedInformation
,
1585 PSECURITY_DESCRIPTOR pSecurityDescriptor
)
1587 FIXME("(%s) : stub\n", debugstr_w(lpFileName
) );
1591 /******************************************************************************
1592 * QueryWindows31FilesMigration [ADVAPI32.@]
1598 QueryWindows31FilesMigration( DWORD x1
)
1600 FIXME("(%ld):stub\n",x1
);
1604 /******************************************************************************
1605 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
1614 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1
, DWORD x2
, DWORD x3
,
1617 FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1
,x2
,x3
,x4
);
1621 /******************************************************************************
1622 * NotifyBootConfigStatus [ADVAPI32.@]
1628 NotifyBootConfigStatus( BOOL x1
)
1630 FIXME("(0x%08d):stub\n",x1
);
1634 /******************************************************************************
1635 * RevertToSelf [ADVAPI32.@]
1637 * Ends the impersonation of a user.
1647 RevertToSelf( void )
1649 HANDLE Token
= NULL
;
1650 return set_ntstatus( NtSetInformationThread( GetCurrentThread(),
1651 ThreadImpersonationToken
, &Token
, sizeof(Token
) ) );
1654 /******************************************************************************
1655 * ImpersonateSelf [ADVAPI32.@]
1657 * Makes an impersonation token that represents the process user and assigns
1658 * to the current thread.
1661 * ImpersonationLevel [I] Level at which to impersonate.
1668 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
)
1670 return set_ntstatus( RtlImpersonateSelf( ImpersonationLevel
) );
1673 /******************************************************************************
1674 * ImpersonateLoggedOnUser [ADVAPI32.@]
1676 BOOL WINAPI
ImpersonateLoggedOnUser(HANDLE hToken
)
1679 HANDLE ImpersonationToken
;
1680 TOKEN_TYPE Type
= TokenImpersonation
;
1682 FIXME( "(%p)\n", hToken
);
1684 /* FIXME: get token type */
1686 if (Type
== TokenPrimary
)
1688 OBJECT_ATTRIBUTES ObjectAttributes
;
1690 InitializeObjectAttributes( &ObjectAttributes
, NULL
, 0, NULL
, NULL
);
1692 Status
= NtDuplicateToken( hToken
,
1693 TOKEN_IMPERSONATE
| TOKEN_QUERY
,
1695 SecurityImpersonation
,
1697 &ImpersonationToken
);
1698 if (Status
!= STATUS_SUCCESS
)
1700 ERR( "NtDuplicateToken failed with error 0x%08lx\n", Status
);
1701 SetLastError( RtlNtStatusToDosError( Status
) );
1706 ImpersonationToken
= hToken
;
1708 Status
= NtSetInformationThread( GetCurrentThread(),
1709 ThreadImpersonationToken
,
1710 &ImpersonationToken
,
1711 sizeof(ImpersonationToken
) );
1713 if (Type
== TokenPrimary
)
1714 NtClose( ImpersonationToken
);
1716 if (Status
!= STATUS_SUCCESS
)
1718 ERR( "NtSetInformationThread failed with error 0x%08lx\n", Status
);
1719 SetLastError( RtlNtStatusToDosError( Status
) );
1726 /******************************************************************************
1727 * AccessCheck [ADVAPI32.@]
1731 PSECURITY_DESCRIPTOR SecurityDescriptor
,
1733 DWORD DesiredAccess
,
1734 PGENERIC_MAPPING GenericMapping
,
1735 PPRIVILEGE_SET PrivilegeSet
,
1736 LPDWORD PrivilegeSetLength
,
1737 LPDWORD GrantedAccess
,
1738 LPBOOL AccessStatus
)
1740 NTSTATUS access_status
;
1741 BOOL ret
= set_ntstatus( NtAccessCheck(SecurityDescriptor
, ClientToken
, DesiredAccess
,
1742 GenericMapping
, PrivilegeSet
, PrivilegeSetLength
,
1743 GrantedAccess
, &access_status
) );
1744 if (ret
) *AccessStatus
= set_ntstatus( access_status
);
1749 /******************************************************************************
1750 * AccessCheckByType [ADVAPI32.@]
1752 BOOL WINAPI
AccessCheckByType(
1753 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
1754 PSID PrincipalSelfSid
,
1756 DWORD DesiredAccess
,
1757 POBJECT_TYPE_LIST ObjectTypeList
,
1758 DWORD ObjectTypeListLength
,
1759 PGENERIC_MAPPING GenericMapping
,
1760 PPRIVILEGE_SET PrivilegeSet
,
1761 LPDWORD PrivilegeSetLength
,
1762 LPDWORD GrantedAccess
,
1763 LPBOOL AccessStatus
)
1767 *AccessStatus
= TRUE
;
1769 return !*AccessStatus
;
1772 /******************************************************************************
1773 * MapGenericMask [ADVAPI32.@]
1775 * Maps generic access rights into specific access rights according to the
1779 * AccessMask [I/O] Access rights.
1780 * GenericMapping [I] The mapping between generic and specific rights.
1785 VOID WINAPI
MapGenericMask( PDWORD AccessMask
, PGENERIC_MAPPING GenericMapping
)
1787 RtlMapGenericMask( AccessMask
, GenericMapping
);
1790 /*************************************************************************
1791 * SetKernelObjectSecurity [ADVAPI32.@]
1793 BOOL WINAPI
SetKernelObjectSecurity (
1795 IN SECURITY_INFORMATION SecurityInformation
,
1796 IN PSECURITY_DESCRIPTOR SecurityDescriptor
)
1798 return set_ntstatus (NtSetSecurityObject (Handle
, SecurityInformation
, SecurityDescriptor
));
1802 /******************************************************************************
1803 * AddAuditAccessAce [ADVAPI32.@]
1805 BOOL WINAPI
AddAuditAccessAce(
1807 IN DWORD dwAceRevision
,
1808 IN DWORD dwAccessMask
,
1810 IN BOOL bAuditSuccess
,
1811 IN BOOL bAuditFailure
)
1813 return set_ntstatus( RtlAddAuditAccessAce(pAcl
, dwAceRevision
, dwAccessMask
, pSid
,
1814 bAuditSuccess
, bAuditFailure
) );
1817 /******************************************************************************
1818 * LookupAccountNameA [ADVAPI32.@]
1826 LPSTR ReferencedDomainName
,
1827 IN OUT LPDWORD cbReferencedDomainName
,
1828 OUT PSID_NAME_USE name_use
)
1831 UNICODE_STRING lpSystemW
;
1832 UNICODE_STRING lpAccountW
;
1833 LPWSTR lpReferencedDomainNameW
= NULL
;
1835 RtlCreateUnicodeStringFromAsciiz(&lpSystemW
, system
);
1836 RtlCreateUnicodeStringFromAsciiz(&lpAccountW
, account
);
1838 if (ReferencedDomainName
)
1839 lpReferencedDomainNameW
= HeapAlloc(GetProcessHeap(), 0, *cbReferencedDomainName
* sizeof(WCHAR
));
1841 ret
= LookupAccountNameW(lpSystemW
.Buffer
, lpAccountW
.Buffer
, sid
, cbSid
, lpReferencedDomainNameW
,
1842 cbReferencedDomainName
, name_use
);
1844 if (ret
&& lpReferencedDomainNameW
)
1846 WideCharToMultiByte(CP_ACP
, 0, lpReferencedDomainNameW
, *cbReferencedDomainName
,
1847 ReferencedDomainName
, *cbReferencedDomainName
, NULL
, NULL
);
1850 RtlFreeUnicodeString(&lpSystemW
);
1851 RtlFreeUnicodeString(&lpAccountW
);
1852 HeapFree(GetProcessHeap(), 0, lpReferencedDomainNameW
);
1857 /******************************************************************************
1858 * LookupAccountNameW [ADVAPI32.@]
1860 BOOL WINAPI
LookupAccountNameW( LPCWSTR lpSystemName
, LPCWSTR lpAccountName
, PSID Sid
,
1861 LPDWORD cbSid
, LPWSTR ReferencedDomainName
,
1862 LPDWORD cchReferencedDomainName
, PSID_NAME_USE peUse
)
1864 /* Default implementation: Always return a default SID */
1865 SID_IDENTIFIER_AUTHORITY identifierAuthority
= {SECURITY_NT_AUTHORITY
};
1868 static const WCHAR dm
[] = {'D','O','M','A','I','N',0};
1870 FIXME("%s %s %p %p %p %p %p - stub\n", debugstr_w(lpSystemName
), debugstr_w(lpAccountName
),
1871 Sid
, cbSid
, ReferencedDomainName
, cchReferencedDomainName
, peUse
);
1873 ret
= AllocateAndInitializeSid(&identifierAuthority
,
1875 SECURITY_BUILTIN_DOMAIN_RID
,
1876 DOMAIN_ALIAS_RID_ADMINS
,
1883 if (!RtlValidSid(pSid
))
1889 if (Sid
!= NULL
&& (*cbSid
>= GetLengthSid(pSid
)))
1890 CopySid(*cbSid
, Sid
, pSid
);
1891 if (*cbSid
< GetLengthSid(pSid
))
1893 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1896 *cbSid
= GetLengthSid(pSid
);
1898 if (ReferencedDomainName
!= NULL
&& (*cchReferencedDomainName
> strlenW(dm
)))
1899 strcpyW(ReferencedDomainName
, dm
);
1901 if (*cchReferencedDomainName
<= strlenW(dm
))
1903 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1907 *cchReferencedDomainName
= strlenW(dm
)+1;
1914 /******************************************************************************
1915 * PrivilegeCheck [ADVAPI32.@]
1917 BOOL WINAPI
PrivilegeCheck( HANDLE ClientToken
, PPRIVILEGE_SET RequiredPrivileges
, LPBOOL pfResult
)
1922 TRACE("%p %p %p\n", ClientToken
, RequiredPrivileges
, pfResult
);
1924 ret
= set_ntstatus (NtPrivilegeCheck (ClientToken
, RequiredPrivileges
, &Result
));
1930 /******************************************************************************
1931 * AccessCheckAndAuditAlarmA [ADVAPI32.@]
1933 BOOL WINAPI
AccessCheckAndAuditAlarmA(LPCSTR Subsystem
, LPVOID HandleId
, LPSTR ObjectTypeName
,
1934 LPSTR ObjectName
, PSECURITY_DESCRIPTOR SecurityDescriptor
, DWORD DesiredAccess
,
1935 PGENERIC_MAPPING GenericMapping
, BOOL ObjectCreation
, LPDWORD GrantedAccess
,
1936 LPBOOL AccessStatus
, LPBOOL pfGenerateOnClose
)
1938 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_a(Subsystem
),
1939 HandleId
, debugstr_a(ObjectTypeName
), debugstr_a(ObjectName
),
1940 SecurityDescriptor
, DesiredAccess
, GenericMapping
,
1941 ObjectCreation
, GrantedAccess
, AccessStatus
, pfGenerateOnClose
);
1945 /******************************************************************************
1946 * AccessCheckAndAuditAlarmW [ADVAPI32.@]
1948 BOOL WINAPI
AccessCheckAndAuditAlarmW(LPCWSTR Subsystem
, LPVOID HandleId
, LPWSTR ObjectTypeName
,
1949 LPWSTR ObjectName
, PSECURITY_DESCRIPTOR SecurityDescriptor
, DWORD DesiredAccess
,
1950 PGENERIC_MAPPING GenericMapping
, BOOL ObjectCreation
, LPDWORD GrantedAccess
,
1951 LPBOOL AccessStatus
, LPBOOL pfGenerateOnClose
)
1953 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_w(Subsystem
),
1954 HandleId
, debugstr_w(ObjectTypeName
), debugstr_w(ObjectName
),
1955 SecurityDescriptor
, DesiredAccess
, GenericMapping
,
1956 ObjectCreation
, GrantedAccess
, AccessStatus
, pfGenerateOnClose
);
1960 BOOL WINAPI
ObjectCloseAuditAlarmA(LPCSTR SubsystemName
, LPVOID HandleId
, BOOL GenerateOnClose
)
1962 FIXME("stub (%s,%p,%x)\n", debugstr_a(SubsystemName
), HandleId
, GenerateOnClose
);
1967 BOOL WINAPI
ObjectCloseAuditAlarmW(LPCWSTR SubsystemName
, LPVOID HandleId
, BOOL GenerateOnClose
)
1969 FIXME("stub (%s,%p,%x)\n", debugstr_w(SubsystemName
), HandleId
, GenerateOnClose
);
1974 BOOL WINAPI
ObjectDeleteAuditAlarmW(LPCWSTR SubsystemName
, LPVOID HandleId
, BOOL GenerateOnClose
)
1976 FIXME("stub (%s,%p,%x)\n", debugstr_w(SubsystemName
), HandleId
, GenerateOnClose
);
1981 BOOL WINAPI
ObjectOpenAuditAlarmA(LPCSTR SubsystemName
, LPVOID HandleId
, LPSTR ObjectTypeName
,
1982 LPSTR ObjectName
, PSECURITY_DESCRIPTOR pSecurityDescriptor
, HANDLE ClientToken
, DWORD DesiredAccess
,
1983 DWORD GrantedAccess
, PPRIVILEGE_SET Privileges
, BOOL ObjectCreation
, BOOL AccessGranted
,
1984 LPBOOL GenerateOnClose
)
1986 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_a(SubsystemName
),
1987 HandleId
, debugstr_a(ObjectTypeName
), debugstr_a(ObjectName
), pSecurityDescriptor
,
1988 ClientToken
, DesiredAccess
, GrantedAccess
, Privileges
, ObjectCreation
, AccessGranted
,
1994 BOOL WINAPI
ObjectOpenAuditAlarmW(LPCWSTR SubsystemName
, LPVOID HandleId
, LPWSTR ObjectTypeName
,
1995 LPWSTR ObjectName
, PSECURITY_DESCRIPTOR pSecurityDescriptor
, HANDLE ClientToken
, DWORD DesiredAccess
,
1996 DWORD GrantedAccess
, PPRIVILEGE_SET Privileges
, BOOL ObjectCreation
, BOOL AccessGranted
,
1997 LPBOOL GenerateOnClose
)
1999 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_w(SubsystemName
),
2000 HandleId
, debugstr_w(ObjectTypeName
), debugstr_w(ObjectName
), pSecurityDescriptor
,
2001 ClientToken
, DesiredAccess
, GrantedAccess
, Privileges
, ObjectCreation
, AccessGranted
,
2007 BOOL WINAPI
ObjectPrivilegeAuditAlarmA( LPCSTR SubsystemName
, LPVOID HandleId
, HANDLE ClientToken
,
2008 DWORD DesiredAccess
, PPRIVILEGE_SET Privileges
, BOOL AccessGranted
)
2010 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_a(SubsystemName
), HandleId
, ClientToken
,
2011 DesiredAccess
, Privileges
, AccessGranted
);
2016 BOOL WINAPI
ObjectPrivilegeAuditAlarmW( LPCWSTR SubsystemName
, LPVOID HandleId
, HANDLE ClientToken
,
2017 DWORD DesiredAccess
, PPRIVILEGE_SET Privileges
, BOOL AccessGranted
)
2019 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_w(SubsystemName
), HandleId
, ClientToken
,
2020 DesiredAccess
, Privileges
, AccessGranted
);
2025 BOOL WINAPI
PrivilegedServiceAuditAlarmA( LPCSTR SubsystemName
, LPCSTR ServiceName
, HANDLE ClientToken
,
2026 PPRIVILEGE_SET Privileges
, BOOL AccessGranted
)
2028 FIXME("stub (%s,%s,%p,%p,%x)\n", debugstr_a(SubsystemName
), debugstr_a(ServiceName
),
2029 ClientToken
, Privileges
, AccessGranted
);
2034 BOOL WINAPI
PrivilegedServiceAuditAlarmW( LPCWSTR SubsystemName
, LPCWSTR ServiceName
, HANDLE ClientToken
,
2035 PPRIVILEGE_SET Privileges
, BOOL AccessGranted
)
2037 FIXME("stub %s,%s,%p,%p,%x)\n", debugstr_w(SubsystemName
), debugstr_w(ServiceName
),
2038 ClientToken
, Privileges
, AccessGranted
);
2043 /******************************************************************************
2044 * GetSecurityInfo [ADVAPI32.@]
2046 DWORD WINAPI
GetSecurityInfo(
2047 HANDLE hObject
, SE_OBJECT_TYPE ObjectType
,
2048 SECURITY_INFORMATION SecurityInfo
, PSID
*ppsidOwner
,
2049 PSID
*ppsidGroup
, PACL
*ppDacl
, PACL
*ppSacl
,
2050 PSECURITY_DESCRIPTOR
*ppSecurityDescriptor
2054 return ERROR_BAD_PROVIDER
;
2057 /******************************************************************************
2058 * GetSecurityInfoExW [ADVAPI32.@]
2060 DWORD WINAPI
GetSecurityInfoExW(
2061 HANDLE hObject
, SE_OBJECT_TYPE ObjectType
,
2062 SECURITY_INFORMATION SecurityInfo
, LPCWSTR lpProvider
,
2063 LPCWSTR lpProperty
, PACTRL_ACCESSW
*ppAccessList
,
2064 PACTRL_AUDITW
*ppAuditList
, LPWSTR
*lppOwner
, LPWSTR
*lppGroup
2068 return ERROR_BAD_PROVIDER
;
2071 /******************************************************************************
2072 * BuildExplicitAccessWithNameA [ADVAPI32.@]
2074 VOID WINAPI
BuildExplicitAccessWithNameA( PEXPLICIT_ACCESSA pExplicitAccess
,
2075 LPSTR pTrusteeName
, DWORD AccessPermissions
,
2076 ACCESS_MODE AccessMode
, DWORD Inheritance
)
2078 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess
, debugstr_a(pTrusteeName
),
2079 AccessPermissions
, AccessMode
, Inheritance
);
2081 pExplicitAccess
->grfAccessPermissions
= AccessPermissions
;
2082 pExplicitAccess
->grfAccessMode
= AccessMode
;
2083 pExplicitAccess
->grfInheritance
= Inheritance
;
2085 pExplicitAccess
->Trustee
.pMultipleTrustee
= NULL
;
2086 pExplicitAccess
->Trustee
.MultipleTrusteeOperation
= NO_MULTIPLE_TRUSTEE
;
2087 pExplicitAccess
->Trustee
.TrusteeForm
= TRUSTEE_IS_NAME
;
2088 pExplicitAccess
->Trustee
.TrusteeType
= TRUSTEE_IS_UNKNOWN
;
2089 pExplicitAccess
->Trustee
.ptstrName
= pTrusteeName
;
2092 /******************************************************************************
2093 * BuildExplicitAccessWithNameW [ADVAPI32.@]
2095 VOID WINAPI
BuildExplicitAccessWithNameW( PEXPLICIT_ACCESSW pExplicitAccess
,
2096 LPWSTR pTrusteeName
, DWORD AccessPermissions
,
2097 ACCESS_MODE AccessMode
, DWORD Inheritance
)
2099 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess
, debugstr_w(pTrusteeName
),
2100 AccessPermissions
, AccessMode
, Inheritance
);
2102 pExplicitAccess
->grfAccessPermissions
= AccessPermissions
;
2103 pExplicitAccess
->grfAccessMode
= AccessMode
;
2104 pExplicitAccess
->grfInheritance
= Inheritance
;
2106 pExplicitAccess
->Trustee
.pMultipleTrustee
= NULL
;
2107 pExplicitAccess
->Trustee
.MultipleTrusteeOperation
= NO_MULTIPLE_TRUSTEE
;
2108 pExplicitAccess
->Trustee
.TrusteeForm
= TRUSTEE_IS_NAME
;
2109 pExplicitAccess
->Trustee
.TrusteeType
= TRUSTEE_IS_UNKNOWN
;
2110 pExplicitAccess
->Trustee
.ptstrName
= pTrusteeName
;
2113 /******************************************************************************
2114 * BuildTrusteeWithObjectsAndNameA [ADVAPI32.@]
2116 VOID WINAPI
BuildTrusteeWithObjectsAndNameA( PTRUSTEEA pTrustee
, POBJECTS_AND_NAME_A pObjName
,
2117 SE_OBJECT_TYPE ObjectType
, LPSTR ObjectTypeName
,
2118 LPSTR InheritedObjectTypeName
, LPSTR Name
)
2120 DWORD ObjectsPresent
= 0;
2122 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee
, pObjName
,
2123 ObjectType
, ObjectTypeName
, InheritedObjectTypeName
, debugstr_a(Name
));
2125 /* Fill the OBJECTS_AND_NAME structure */
2126 pObjName
->ObjectType
= ObjectType
;
2127 if (ObjectTypeName
!= NULL
)
2129 ObjectsPresent
|= ACE_OBJECT_TYPE_PRESENT
;
2132 pObjName
->InheritedObjectTypeName
= InheritedObjectTypeName
;
2133 if (InheritedObjectTypeName
!= NULL
)
2135 ObjectsPresent
|= ACE_INHERITED_OBJECT_TYPE_PRESENT
;
2138 pObjName
->ObjectsPresent
= ObjectsPresent
;
2139 pObjName
->ptstrName
= Name
;
2141 /* Fill the TRUSTEE structure */
2142 pTrustee
->pMultipleTrustee
= NULL
;
2143 pTrustee
->MultipleTrusteeOperation
= NO_MULTIPLE_TRUSTEE
;
2144 pTrustee
->TrusteeForm
= TRUSTEE_IS_OBJECTS_AND_NAME
;
2145 pTrustee
->TrusteeType
= TRUSTEE_IS_UNKNOWN
;
2146 pTrustee
->ptstrName
= (LPSTR
)pObjName
;
2149 /******************************************************************************
2150 * BuildTrusteeWithObjectsAndNameW [ADVAPI32.@]
2152 VOID WINAPI
BuildTrusteeWithObjectsAndNameW( PTRUSTEEW pTrustee
, POBJECTS_AND_NAME_W pObjName
,
2153 SE_OBJECT_TYPE ObjectType
, LPWSTR ObjectTypeName
,
2154 LPWSTR InheritedObjectTypeName
, LPWSTR Name
)
2156 DWORD ObjectsPresent
= 0;
2158 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee
, pObjName
,
2159 ObjectType
, ObjectTypeName
, InheritedObjectTypeName
, debugstr_w(Name
));
2161 /* Fill the OBJECTS_AND_NAME structure */
2162 pObjName
->ObjectType
= ObjectType
;
2163 if (ObjectTypeName
!= NULL
)
2165 ObjectsPresent
|= ACE_OBJECT_TYPE_PRESENT
;
2168 pObjName
->InheritedObjectTypeName
= InheritedObjectTypeName
;
2169 if (InheritedObjectTypeName
!= NULL
)
2171 ObjectsPresent
|= ACE_INHERITED_OBJECT_TYPE_PRESENT
;
2174 pObjName
->ObjectsPresent
= ObjectsPresent
;
2175 pObjName
->ptstrName
= Name
;
2177 /* Fill the TRUSTEE structure */
2178 pTrustee
->pMultipleTrustee
= NULL
;
2179 pTrustee
->MultipleTrusteeOperation
= NO_MULTIPLE_TRUSTEE
;
2180 pTrustee
->TrusteeForm
= TRUSTEE_IS_OBJECTS_AND_NAME
;
2181 pTrustee
->TrusteeType
= TRUSTEE_IS_UNKNOWN
;
2182 pTrustee
->ptstrName
= (LPWSTR
)pObjName
;
2185 /******************************************************************************
2186 * BuildTrusteeWithObjectsAndSidA [ADVAPI32.@]
2188 VOID WINAPI
BuildTrusteeWithObjectsAndSidA( PTRUSTEEA pTrustee
, POBJECTS_AND_SID pObjSid
,
2189 GUID
* pObjectGuid
, GUID
* pInheritedObjectGuid
, PSID pSid
)
2191 DWORD ObjectsPresent
= 0;
2193 TRACE("%p %p %p %p %p\n", pTrustee
, pObjSid
, pObjectGuid
, pInheritedObjectGuid
, pSid
);
2195 /* Fill the OBJECTS_AND_SID structure */
2196 if (pObjectGuid
!= NULL
)
2198 pObjSid
->ObjectTypeGuid
= *pObjectGuid
;
2199 ObjectsPresent
|= ACE_OBJECT_TYPE_PRESENT
;
2203 ZeroMemory(&pObjSid
->ObjectTypeGuid
,
2207 if (pInheritedObjectGuid
!= NULL
)
2209 pObjSid
->InheritedObjectTypeGuid
= *pInheritedObjectGuid
;
2210 ObjectsPresent
|= ACE_INHERITED_OBJECT_TYPE_PRESENT
;
2214 ZeroMemory(&pObjSid
->InheritedObjectTypeGuid
,
2218 pObjSid
->ObjectsPresent
= ObjectsPresent
;
2219 pObjSid
->pSid
= pSid
;
2221 /* Fill the TRUSTEE structure */
2222 pTrustee
->pMultipleTrustee
= NULL
;
2223 pTrustee
->MultipleTrusteeOperation
= NO_MULTIPLE_TRUSTEE
;
2224 pTrustee
->TrusteeForm
= TRUSTEE_IS_OBJECTS_AND_SID
;
2225 pTrustee
->TrusteeType
= TRUSTEE_IS_UNKNOWN
;
2226 pTrustee
->ptstrName
= (LPSTR
) pObjSid
;
2229 /******************************************************************************
2230 * BuildTrusteeWithObjectsAndSidW [ADVAPI32.@]
2232 VOID WINAPI
BuildTrusteeWithObjectsAndSidW( PTRUSTEEW pTrustee
, POBJECTS_AND_SID pObjSid
,
2233 GUID
* pObjectGuid
, GUID
* pInheritedObjectGuid
, PSID pSid
)
2235 DWORD ObjectsPresent
= 0;
2237 TRACE("%p %p %p %p %p\n", pTrustee
, pObjSid
, pObjectGuid
, pInheritedObjectGuid
, pSid
);
2239 /* Fill the OBJECTS_AND_SID structure */
2240 if (pObjectGuid
!= NULL
)
2242 pObjSid
->ObjectTypeGuid
= *pObjectGuid
;
2243 ObjectsPresent
|= ACE_OBJECT_TYPE_PRESENT
;
2247 ZeroMemory(&pObjSid
->ObjectTypeGuid
,
2251 if (pInheritedObjectGuid
!= NULL
)
2253 pObjSid
->InheritedObjectTypeGuid
= *pInheritedObjectGuid
;
2254 ObjectsPresent
|= ACE_INHERITED_OBJECT_TYPE_PRESENT
;
2258 ZeroMemory(&pObjSid
->InheritedObjectTypeGuid
,
2262 pObjSid
->ObjectsPresent
= ObjectsPresent
;
2263 pObjSid
->pSid
= pSid
;
2265 /* Fill the TRUSTEE structure */
2266 pTrustee
->pMultipleTrustee
= NULL
;
2267 pTrustee
->MultipleTrusteeOperation
= NO_MULTIPLE_TRUSTEE
;
2268 pTrustee
->TrusteeForm
= TRUSTEE_IS_OBJECTS_AND_SID
;
2269 pTrustee
->TrusteeType
= TRUSTEE_IS_UNKNOWN
;
2270 pTrustee
->ptstrName
= (LPWSTR
) pObjSid
;
2273 /******************************************************************************
2274 * BuildTrusteeWithSidA [ADVAPI32.@]
2276 VOID WINAPI
BuildTrusteeWithSidA(PTRUSTEEA pTrustee
, PSID pSid
)
2278 TRACE("%p %p\n", pTrustee
, pSid
);
2280 pTrustee
->pMultipleTrustee
= NULL
;
2281 pTrustee
->MultipleTrusteeOperation
= NO_MULTIPLE_TRUSTEE
;
2282 pTrustee
->TrusteeForm
= TRUSTEE_IS_SID
;
2283 pTrustee
->TrusteeType
= TRUSTEE_IS_UNKNOWN
;
2284 pTrustee
->ptstrName
= (LPSTR
) pSid
;
2287 /******************************************************************************
2288 * BuildTrusteeWithSidW [ADVAPI32.@]
2290 VOID WINAPI
BuildTrusteeWithSidW(PTRUSTEEW pTrustee
, PSID pSid
)
2292 TRACE("%p %p\n", pTrustee
, pSid
);
2294 pTrustee
->pMultipleTrustee
= NULL
;
2295 pTrustee
->MultipleTrusteeOperation
= NO_MULTIPLE_TRUSTEE
;
2296 pTrustee
->TrusteeForm
= TRUSTEE_IS_SID
;
2297 pTrustee
->TrusteeType
= TRUSTEE_IS_UNKNOWN
;
2298 pTrustee
->ptstrName
= (LPWSTR
) pSid
;
2301 /******************************************************************************
2302 * BuildTrusteeWithNameA [ADVAPI32.@]
2304 VOID WINAPI
BuildTrusteeWithNameA(PTRUSTEEA pTrustee
, LPSTR name
)
2306 TRACE("%p %s\n", pTrustee
, debugstr_a(name
) );
2308 pTrustee
->pMultipleTrustee
= NULL
;
2309 pTrustee
->MultipleTrusteeOperation
= NO_MULTIPLE_TRUSTEE
;
2310 pTrustee
->TrusteeForm
= TRUSTEE_IS_NAME
;
2311 pTrustee
->TrusteeType
= TRUSTEE_IS_UNKNOWN
;
2312 pTrustee
->ptstrName
= name
;
2315 /******************************************************************************
2316 * BuildTrusteeWithNameW [ADVAPI32.@]
2318 VOID WINAPI
BuildTrusteeWithNameW(PTRUSTEEW pTrustee
, LPWSTR name
)
2320 TRACE("%p %s\n", pTrustee
, debugstr_w(name
) );
2322 pTrustee
->pMultipleTrustee
= NULL
;
2323 pTrustee
->MultipleTrusteeOperation
= NO_MULTIPLE_TRUSTEE
;
2324 pTrustee
->TrusteeForm
= TRUSTEE_IS_NAME
;
2325 pTrustee
->TrusteeType
= TRUSTEE_IS_UNKNOWN
;
2326 pTrustee
->ptstrName
= name
;
2329 /******************************************************************************
2330 * GetTrusteeFormA [ADVAPI32.@]
2332 TRUSTEE_FORM WINAPI
GetTrusteeFormA(PTRUSTEEA pTrustee
)
2334 TRACE("(%p)\n", pTrustee
);
2337 return TRUSTEE_BAD_FORM
;
2339 return pTrustee
->TrusteeForm
;
2342 /******************************************************************************
2343 * GetTrusteeFormW [ADVAPI32.@]
2345 TRUSTEE_FORM WINAPI
GetTrusteeFormW(PTRUSTEEW pTrustee
)
2347 TRACE("(%p)\n", pTrustee
);
2350 return TRUSTEE_BAD_FORM
;
2352 return pTrustee
->TrusteeForm
;
2355 /******************************************************************************
2356 * GetTrusteeNameA [ADVAPI32.@]
2358 LPSTR WINAPI
GetTrusteeNameA(PTRUSTEEA pTrustee
)
2360 TRACE("(%p)\n", pTrustee
);
2365 return pTrustee
->ptstrName
;
2368 /******************************************************************************
2369 * GetTrusteeNameW [ADVAPI32.@]
2371 LPWSTR WINAPI
GetTrusteeNameW(PTRUSTEEW pTrustee
)
2373 TRACE("(%p)\n", pTrustee
);
2378 return pTrustee
->ptstrName
;
2381 /******************************************************************************
2382 * GetTrusteeTypeA [ADVAPI32.@]
2384 TRUSTEE_TYPE WINAPI
GetTrusteeTypeA(PTRUSTEEA pTrustee
)
2386 TRACE("(%p)\n", pTrustee
);
2389 return TRUSTEE_IS_UNKNOWN
;
2391 return pTrustee
->TrusteeType
;
2394 /******************************************************************************
2395 * GetTrusteeTypeW [ADVAPI32.@]
2397 TRUSTEE_TYPE WINAPI
GetTrusteeTypeW(PTRUSTEEW pTrustee
)
2399 TRACE("(%p)\n", pTrustee
);
2402 return TRUSTEE_IS_UNKNOWN
;
2404 return pTrustee
->TrusteeType
;
2407 BOOL WINAPI
SetAclInformation( PACL pAcl
, LPVOID pAclInformation
,
2408 DWORD nAclInformationLength
,
2409 ACL_INFORMATION_CLASS dwAclInformationClass
)
2411 FIXME("%p %p 0x%08lx 0x%08x - stub\n", pAcl
, pAclInformation
,
2412 nAclInformationLength
, dwAclInformationClass
);
2417 /******************************************************************************
2418 * SetEntriesInAclA [ADVAPI32.@]
2420 DWORD WINAPI
SetEntriesInAclA( ULONG count
, PEXPLICIT_ACCESSA pEntries
,
2421 PACL OldAcl
, PACL
* NewAcl
)
2423 FIXME("%ld %p %p %p\n",count
,pEntries
,OldAcl
,NewAcl
);
2424 return ERROR_CALL_NOT_IMPLEMENTED
;
2427 /******************************************************************************
2428 * SetEntriesInAclW [ADVAPI32.@]
2430 DWORD WINAPI
SetEntriesInAclW( ULONG count
, PEXPLICIT_ACCESSW pEntries
,
2431 PACL OldAcl
, PACL
* NewAcl
)
2433 FIXME("%ld %p %p %p\n",count
,pEntries
,OldAcl
,NewAcl
);
2434 return ERROR_CALL_NOT_IMPLEMENTED
;
2437 /******************************************************************************
2438 * SetNamedSecurityInfoA [ADVAPI32.@]
2440 DWORD WINAPI
SetNamedSecurityInfoA(LPSTR pObjectName
,
2441 SE_OBJECT_TYPE ObjectType
, SECURITY_INFORMATION SecurityInfo
,
2442 PSID psidOwner
, PSID psidGroup
, PACL pDacl
, PACL pSacl
)
2448 TRACE("%s %d %ld %p %p %p %p\n", debugstr_a(pObjectName
), ObjectType
,
2449 SecurityInfo
, psidOwner
, psidGroup
, pDacl
, pSacl
);
2453 len
= MultiByteToWideChar( CP_ACP
, 0, pObjectName
, -1, NULL
, 0 );
2454 wstr
= HeapAlloc( GetProcessHeap(), 0, len
*sizeof(WCHAR
));
2455 MultiByteToWideChar( CP_ACP
, 0, pObjectName
, -1, wstr
, len
);
2458 r
= SetNamedSecurityInfoW( wstr
, ObjectType
, SecurityInfo
, psidOwner
,
2459 psidGroup
, pDacl
, pSacl
);
2461 HeapFree( GetProcessHeap(), 0, wstr
);
2466 BOOL WINAPI
SetPrivateObjectSecurity( SECURITY_INFORMATION SecurityInformation
,
2467 PSECURITY_DESCRIPTOR ModificationDescriptor
,
2468 PSECURITY_DESCRIPTOR
* ObjectsSecurityDescriptor
,
2469 PGENERIC_MAPPING GenericMapping
,
2472 FIXME("0x%08lx %p %p %p %p - stub\n", SecurityInformation
, ModificationDescriptor
,
2473 ObjectsSecurityDescriptor
, GenericMapping
, Token
);
2478 BOOL WINAPI
SetSecurityDescriptorControl( PSECURITY_DESCRIPTOR pSecurityDescriptor
,
2479 SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest
,
2480 SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet
)
2482 FIXME("%p 0x%08x 0x%08x - stub\n", pSecurityDescriptor
, ControlBitsOfInterest
,
2488 BOOL WINAPI
AreAllAccessesGranted( DWORD GrantedAccess
, DWORD DesiredAccess
)
2490 return RtlAreAllAccessesGranted( GrantedAccess
, DesiredAccess
);
2493 /******************************************************************************
2494 * AreAnyAccessesGranted [ADVAPI32.@]
2496 * Determines whether or not any of a set of specified access permissions have
2497 * been granted or not.
2500 * GrantedAccess [I] The permissions that have been granted.
2501 * DesiredAccess [I] The permissions that you want to have.
2504 * Nonzero if any of the permissions have been granted, zero if none of the
2505 * permissions have been granted.
2508 BOOL WINAPI
AreAnyAccessesGranted( DWORD GrantedAccess
, DWORD DesiredAccess
)
2510 return RtlAreAnyAccessesGranted( GrantedAccess
, DesiredAccess
);
2513 /******************************************************************************
2514 * SetNamedSecurityInfoW [ADVAPI32.@]
2516 DWORD WINAPI
SetNamedSecurityInfoW(LPWSTR pObjectName
,
2517 SE_OBJECT_TYPE ObjectType
, SECURITY_INFORMATION SecurityInfo
,
2518 PSID psidOwner
, PSID psidGroup
, PACL pDacl
, PACL pSacl
)
2520 FIXME("%s %d %ld %p %p %p %p\n", debugstr_w(pObjectName
), ObjectType
,
2521 SecurityInfo
, psidOwner
, psidGroup
, pDacl
, pSacl
);
2522 return ERROR_SUCCESS
;
2525 /******************************************************************************
2526 * GetExplicitEntriesFromAclA [ADVAPI32.@]
2528 DWORD WINAPI
GetExplicitEntriesFromAclA( PACL pacl
, PULONG pcCountOfExplicitEntries
,
2529 PEXPLICIT_ACCESSA
* pListOfExplicitEntries
)
2531 FIXME("%p %p %p\n",pacl
, pcCountOfExplicitEntries
, pListOfExplicitEntries
);
2532 return ERROR_CALL_NOT_IMPLEMENTED
;
2535 /******************************************************************************
2536 * GetExplicitEntriesFromAclW [ADVAPI32.@]
2538 DWORD WINAPI
GetExplicitEntriesFromAclW( PACL pacl
, PULONG pcCountOfExplicitEntries
,
2539 PEXPLICIT_ACCESSW
* pListOfExplicitEntries
)
2541 FIXME("%p %p %p\n",pacl
, pcCountOfExplicitEntries
, pListOfExplicitEntries
);
2542 return ERROR_CALL_NOT_IMPLEMENTED
;
2546 /******************************************************************************
2547 * ParseAclStringFlags
2549 static DWORD
ParseAclStringFlags(LPCWSTR
* StringAcl
)
2552 LPCWSTR szAcl
= *StringAcl
;
2554 while (*szAcl
!= '(')
2558 flags
|= SE_DACL_PROTECTED
;
2560 else if (*szAcl
== 'A')
2564 flags
|= SE_DACL_AUTO_INHERIT_REQ
;
2565 else if (*szAcl
== 'I')
2566 flags
|= SE_DACL_AUTO_INHERITED
;
2575 /******************************************************************************
2576 * ParseAceStringType
2578 static const ACEFLAG AceType
[] =
2580 { SDDL_ACCESS_ALLOWED
, ACCESS_ALLOWED_ACE_TYPE
},
2581 { SDDL_ALARM
, SYSTEM_ALARM_ACE_TYPE
},
2582 { SDDL_AUDIT
, SYSTEM_AUDIT_ACE_TYPE
},
2583 { SDDL_ACCESS_DENIED
, ACCESS_DENIED_ACE_TYPE
},
2585 { SDDL_OBJECT_ACCESS_ALLOWED, ACCESS_ALLOWED_OBJECT_ACE_TYPE },
2586 { SDDL_OBJECT_ACCESS_DENIED, ACCESS_DENIED_OBJECT_ACE_TYPE },
2587 { SDDL_OBJECT_ALARM, SYSTEM_ALARM_OBJECT_ACE_TYPE },
2588 { SDDL_OBJECT_AUDIT, SYSTEM_AUDIT_OBJECT_ACE_TYPE },
2593 static BYTE
ParseAceStringType(LPCWSTR
* StringAcl
)
2596 LPCWSTR szAcl
= *StringAcl
;
2597 const ACEFLAG
*lpaf
= AceType
;
2599 while (lpaf
->wstr
&&
2600 (len
= strlenW(lpaf
->wstr
)) &&
2601 strncmpW(lpaf
->wstr
, szAcl
, len
))
2612 /******************************************************************************
2613 * ParseAceStringFlags
2615 static const ACEFLAG AceFlags
[] =
2617 { SDDL_CONTAINER_INHERIT
, CONTAINER_INHERIT_ACE
},
2618 { SDDL_AUDIT_FAILURE
, FAILED_ACCESS_ACE_FLAG
},
2619 { SDDL_INHERITED
, INHERITED_ACE
},
2620 { SDDL_INHERIT_ONLY
, INHERIT_ONLY_ACE
},
2621 { SDDL_NO_PROPAGATE
, NO_PROPAGATE_INHERIT_ACE
},
2622 { SDDL_OBJECT_INHERIT
, OBJECT_INHERIT_ACE
},
2623 { SDDL_AUDIT_SUCCESS
, SUCCESSFUL_ACCESS_ACE_FLAG
},
2627 static BYTE
ParseAceStringFlags(LPCWSTR
* StringAcl
)
2631 LPCWSTR szAcl
= *StringAcl
;
2633 while (*szAcl
!= ';')
2635 const ACEFLAG
*lpaf
= AceFlags
;
2637 while (lpaf
->wstr
&&
2638 (len
= strlenW(lpaf
->wstr
)) &&
2639 strncmpW(lpaf
->wstr
, szAcl
, len
))
2645 flags
|= lpaf
->value
;
2654 /******************************************************************************
2655 * ParseAceStringRights
2657 static const ACEFLAG AceRights
[] =
2659 { SDDL_GENERIC_ALL
, GENERIC_ALL
},
2660 { SDDL_GENERIC_READ
, GENERIC_READ
},
2661 { SDDL_GENERIC_WRITE
, GENERIC_WRITE
},
2662 { SDDL_GENERIC_EXECUTE
, GENERIC_EXECUTE
},
2663 { SDDL_READ_CONTROL
, READ_CONTROL
},
2664 { SDDL_STANDARD_DELETE
, DELETE
},
2665 { SDDL_WRITE_DAC
, WRITE_DAC
},
2666 { SDDL_WRITE_OWNER
, WRITE_OWNER
},
2670 static DWORD
ParseAceStringRights(LPCWSTR
* StringAcl
)
2674 LPCWSTR szAcl
= *StringAcl
;
2676 if ((*szAcl
== '0') && (*(szAcl
+ 1) == 'x'))
2680 while (*p
&& *p
!= ';')
2685 rights
= strtoulW(szAcl
, NULL
, 16);
2689 WARN("Invalid rights string format: %s\n", debugstr_wn(szAcl
, p
- szAcl
));
2693 while (*szAcl
!= ';')
2695 const ACEFLAG
*lpaf
= AceRights
;
2697 while (lpaf
->wstr
&&
2698 (len
= strlenW(lpaf
->wstr
)) &&
2699 strncmpW(lpaf
->wstr
, szAcl
, len
))
2707 rights
|= lpaf
->value
;
2717 /******************************************************************************
2718 * ParseStringAclToAcl
2720 * dacl_flags(string_ace1)(string_ace2)... (string_acen)
2722 static BOOL
ParseStringAclToAcl(LPCWSTR StringAcl
, LPDWORD lpdwFlags
,
2723 PACL pAcl
, LPDWORD cBytes
)
2727 DWORD length
= sizeof(ACL
);
2728 PACCESS_ALLOWED_ACE pAce
= NULL
; /* pointer to current ACE */
2730 TRACE("%s\n", debugstr_w(StringAcl
));
2735 if (pAcl
) /* pAce is only useful if we're setting values */
2736 pAce
= (PACCESS_ALLOWED_ACE
) ((LPBYTE
)pAcl
+ sizeof(PACL
));
2738 /* Parse ACL flags */
2739 *lpdwFlags
= ParseAclStringFlags(&StringAcl
);
2742 while (*StringAcl
== '(')
2746 /* Parse ACE type */
2747 val
= ParseAceStringType(&StringAcl
);
2749 pAce
->Header
.AceType
= (BYTE
) val
;
2750 if (*StringAcl
!= ';')
2754 /* Parse ACE flags */
2755 val
= ParseAceStringFlags(&StringAcl
);
2757 pAce
->Header
.AceFlags
= (BYTE
) val
;
2758 if (*StringAcl
!= ';')
2762 /* Parse ACE rights */
2763 val
= ParseAceStringRights(&StringAcl
);
2766 if (*StringAcl
!= ';')
2770 /* Parse ACE object guid */
2771 if (*StringAcl
!= ';')
2773 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2778 /* Parse ACE inherit object guid */
2779 if (*StringAcl
!= ';')
2781 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2786 /* Parse ACE account sid */
2787 if (ParseStringSidToSid(StringAcl
, pAce
? (PSID
)&pAce
->SidStart
: NULL
, &sidlen
))
2789 while (*StringAcl
&& *StringAcl
!= ')')
2793 if (*StringAcl
!= ')')
2797 length
+= sizeof(ACCESS_ALLOWED_ACE
) - sizeof(DWORD
) + sidlen
;
2804 WARN("Invalid ACE string format\n");
2809 /******************************************************************************
2810 * ParseStringSecurityDescriptorToSecurityDescriptor
2812 static BOOL
ParseStringSecurityDescriptorToSecurityDescriptor(
2813 LPCWSTR StringSecurityDescriptor
,
2814 SECURITY_DESCRIPTOR
* SecurityDescriptor
,
2819 WCHAR tok
[MAX_PATH
];
2821 LPBYTE lpNext
= NULL
;
2826 if (SecurityDescriptor
)
2827 lpNext
= ((LPBYTE
) SecurityDescriptor
) + sizeof(SECURITY_DESCRIPTOR
);
2829 while (*StringSecurityDescriptor
)
2831 toktype
= *StringSecurityDescriptor
;
2833 /* Expect char identifier followed by ':' */
2834 StringSecurityDescriptor
++;
2835 if (*StringSecurityDescriptor
!= ':')
2837 SetLastError(ERROR_INVALID_PARAMETER
);
2840 StringSecurityDescriptor
++;
2843 lptoken
= StringSecurityDescriptor
;
2844 while (*lptoken
&& *lptoken
!= ':')
2850 len
= lptoken
- StringSecurityDescriptor
;
2851 memcpy( tok
, StringSecurityDescriptor
, len
* sizeof(WCHAR
) );
2860 if (!ParseStringSidToSid(tok
, (PSID
)lpNext
, &bytes
))
2863 if (SecurityDescriptor
)
2865 SecurityDescriptor
->Owner
= (PSID
)(lpNext
- (LPBYTE
)SecurityDescriptor
);
2866 lpNext
+= bytes
; /* Advance to next token */
2878 if (!ParseStringSidToSid(tok
, (PSID
)lpNext
, &bytes
))
2881 if (SecurityDescriptor
)
2883 SecurityDescriptor
->Group
= (PSID
)(lpNext
- (LPBYTE
)SecurityDescriptor
);
2884 lpNext
+= bytes
; /* Advance to next token */
2897 if (!ParseStringAclToAcl(tok
, &flags
, (PACL
)lpNext
, &bytes
))
2900 if (SecurityDescriptor
)
2902 SecurityDescriptor
->Control
|= SE_DACL_PRESENT
| flags
;
2903 SecurityDescriptor
->Dacl
= (PACL
)(lpNext
- (LPBYTE
)SecurityDescriptor
);
2904 lpNext
+= bytes
; /* Advance to next token */
2917 if (!ParseStringAclToAcl(tok
, &flags
, (PACL
)lpNext
, &bytes
))
2920 if (SecurityDescriptor
)
2922 SecurityDescriptor
->Control
|= SE_SACL_PRESENT
| flags
;
2923 SecurityDescriptor
->Sacl
= (PACL
)(lpNext
- (LPBYTE
)SecurityDescriptor
);
2924 lpNext
+= bytes
; /* Advance to next token */
2933 FIXME("Unknown token\n");
2934 SetLastError(ERROR_INVALID_PARAMETER
);
2938 StringSecurityDescriptor
= lptoken
;
2947 /******************************************************************************
2948 * ConvertStringSecurityDescriptorToSecurityDescriptorA [ADVAPI32.@]
2950 BOOL WINAPI
ConvertStringSecurityDescriptorToSecurityDescriptorA(
2951 LPCSTR StringSecurityDescriptor
,
2952 DWORD StringSDRevision
,
2953 PSECURITY_DESCRIPTOR
* SecurityDescriptor
,
2954 PULONG SecurityDescriptorSize
)
2958 LPWSTR StringSecurityDescriptorW
;
2960 len
= MultiByteToWideChar(CP_ACP
, 0, StringSecurityDescriptor
, -1, NULL
, 0);
2961 StringSecurityDescriptorW
= HeapAlloc(GetProcessHeap(), 0, len
* sizeof(WCHAR
));
2963 if (StringSecurityDescriptorW
)
2965 MultiByteToWideChar(CP_ACP
, 0, StringSecurityDescriptor
, -1, StringSecurityDescriptorW
, len
);
2967 ret
= ConvertStringSecurityDescriptorToSecurityDescriptorW(StringSecurityDescriptorW
,
2968 StringSDRevision
, SecurityDescriptor
,
2969 SecurityDescriptorSize
);
2970 HeapFree(GetProcessHeap(), 0, StringSecurityDescriptorW
);
2976 /******************************************************************************
2977 * ConvertStringSecurityDescriptorToSecurityDescriptorW [ADVAPI32.@]
2979 BOOL WINAPI
ConvertStringSecurityDescriptorToSecurityDescriptorW(
2980 LPCWSTR StringSecurityDescriptor
,
2981 DWORD StringSDRevision
,
2982 PSECURITY_DESCRIPTOR
* SecurityDescriptor
,
2983 PULONG SecurityDescriptorSize
)
2986 SECURITY_DESCRIPTOR
* psd
;
2989 TRACE("%s\n", debugstr_w(StringSecurityDescriptor
));
2991 if (GetVersion() & 0x80000000)
2993 SetLastError(ERROR_CALL_NOT_IMPLEMENTED
);
2996 else if (StringSDRevision
!= SID_REVISION
)
2998 SetLastError(ERROR_UNKNOWN_REVISION
);
3002 /* Compute security descriptor length */
3003 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor
,
3007 psd
= *SecurityDescriptor
= (SECURITY_DESCRIPTOR
*) LocalAlloc(
3008 GMEM_ZEROINIT
, cBytes
);
3010 psd
->Revision
= SID_REVISION
;
3011 psd
->Control
|= SE_SELF_RELATIVE
;
3013 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor
,
3020 if (SecurityDescriptorSize
)
3021 *SecurityDescriptorSize
= cBytes
;
3026 TRACE(" ret=%d\n", bret
);
3030 /******************************************************************************
3031 * ConvertStringSidToSidW [ADVAPI32.@]
3033 BOOL WINAPI
ConvertStringSidToSidW(LPCWSTR StringSid
, PSID
* Sid
)
3038 TRACE("%s, %p\n", debugstr_w(StringSid
), Sid
);
3039 if (GetVersion() & 0x80000000)
3040 SetLastError(ERROR_CALL_NOT_IMPLEMENTED
);
3041 else if (!StringSid
|| !Sid
)
3042 SetLastError(ERROR_INVALID_PARAMETER
);
3043 else if (ParseStringSidToSid(StringSid
, NULL
, &cBytes
))
3045 PSID pSid
= *Sid
= (PSID
) LocalAlloc(0, cBytes
);
3047 bret
= ParseStringSidToSid(StringSid
, pSid
, &cBytes
);
3051 TRACE("returning %s\n", bret
? "TRUE" : "FALSE");
3055 /******************************************************************************
3056 * ConvertStringSidToSidA [ADVAPI32.@]
3058 BOOL WINAPI
ConvertStringSidToSidA(LPCSTR StringSid
, PSID
* Sid
)
3062 TRACE("%s, %p\n", debugstr_a(StringSid
), Sid
);
3063 if (GetVersion() & 0x80000000)
3064 SetLastError(ERROR_CALL_NOT_IMPLEMENTED
);
3065 else if (!StringSid
|| !Sid
)
3066 SetLastError(ERROR_INVALID_PARAMETER
);
3069 UINT len
= MultiByteToWideChar(CP_ACP
, 0, StringSid
, -1, NULL
, 0);
3070 LPWSTR wStringSid
= HeapAlloc(GetProcessHeap(), 0,
3071 len
* sizeof(WCHAR
));
3073 MultiByteToWideChar(CP_ACP
, 0, StringSid
, -1, wStringSid
, len
);
3074 bret
= ConvertStringSidToSidW(wStringSid
, Sid
);
3075 HeapFree(GetProcessHeap(), 0, wStringSid
);
3077 TRACE("returning %s\n", bret
? "TRUE" : "FALSE");
3081 /******************************************************************************
3082 * ConvertSidToStringSidW [ADVAPI32.@]
3084 * format of SID string is:
3085 * S-<count>-<auth>-<subauth1>-<subauth2>-<subauth3>...
3087 * <rev> is the revision of the SID encoded as decimal
3088 * <auth> is the identifier authority encoded as hex
3089 * <subauthN> is the subauthority id encoded as decimal
3091 BOOL WINAPI
ConvertSidToStringSidW( PSID pSid
, LPWSTR
*pstr
)
3095 WCHAR fmt
[] = { 'S','-','%','u','-','%','d',0 };
3096 WCHAR subauthfmt
[] = { '-','%','u',0 };
3099 TRACE("%p %p\n", pSid
, pstr
);
3101 if( !IsValidSid( pSid
) )
3104 if (pisid
->Revision
!= SDDL_REVISION
)
3106 if (pisid
->IdentifierAuthority
.Value
[0] ||
3107 pisid
->IdentifierAuthority
.Value
[1])
3109 FIXME("not matching MS' bugs\n");
3113 sz
= 14 + pisid
->SubAuthorityCount
* 11;
3114 str
= LocalAlloc( 0, sz
*sizeof(WCHAR
) );
3115 sprintfW( str
, fmt
, pisid
->Revision
, MAKELONG(
3116 MAKEWORD( pisid
->IdentifierAuthority
.Value
[5],
3117 pisid
->IdentifierAuthority
.Value
[4] ),
3118 MAKEWORD( pisid
->IdentifierAuthority
.Value
[3],
3119 pisid
->IdentifierAuthority
.Value
[2] ) ) );
3120 for( i
=0; i
<pisid
->SubAuthorityCount
; i
++ )
3121 sprintfW( str
+ strlenW(str
), subauthfmt
, pisid
->SubAuthority
[i
] );
3127 /******************************************************************************
3128 * ConvertSidToStringSidA [ADVAPI32.@]
3130 BOOL WINAPI
ConvertSidToStringSidA(PSID pSid
, LPSTR
*pstr
)
3136 TRACE("%p %p\n", pSid
, pstr
);
3138 if( !ConvertSidToStringSidW( pSid
, &wstr
) )
3141 len
= WideCharToMultiByte( CP_ACP
, 0, wstr
, -1, NULL
, 0, NULL
, NULL
);
3142 str
= LocalAlloc( 0, len
);
3143 WideCharToMultiByte( CP_ACP
, 0, wstr
, -1, str
, len
, NULL
, NULL
);
3151 BOOL WINAPI
CreatePrivateObjectSecurity(
3152 PSECURITY_DESCRIPTOR ParentDescriptor
,
3153 PSECURITY_DESCRIPTOR CreatorDescriptor
,
3154 PSECURITY_DESCRIPTOR
* NewDescriptor
,
3155 BOOL IsDirectoryObject
,
3157 PGENERIC_MAPPING GenericMapping
)
3159 FIXME("%p %p %p %d %p %p - stub\n", ParentDescriptor
, CreatorDescriptor
,
3160 NewDescriptor
, IsDirectoryObject
, Token
, GenericMapping
);
3165 BOOL WINAPI
DestroyPrivateObjectSecurity( PSECURITY_DESCRIPTOR
* ObjectDescriptor
)
3167 FIXME("%p - stub\n", ObjectDescriptor
);
3172 BOOL WINAPI
CreateProcessAsUserA(
3174 LPCSTR lpApplicationName
,
3175 LPSTR lpCommandLine
,
3176 LPSECURITY_ATTRIBUTES lpProcessAttributes
,
3177 LPSECURITY_ATTRIBUTES lpThreadAttributes
,
3178 BOOL bInheritHandles
,
3179 DWORD dwCreationFlags
,
3180 LPVOID lpEnvironment
,
3181 LPCSTR lpCurrentDirectory
,
3182 LPSTARTUPINFOA lpStartupInfo
,
3183 LPPROCESS_INFORMATION lpProcessInformation
)
3185 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - stub\n", hToken
, debugstr_a(lpApplicationName
),
3186 debugstr_a(lpCommandLine
), lpProcessAttributes
, lpThreadAttributes
, bInheritHandles
,
3187 dwCreationFlags
, lpEnvironment
, debugstr_a(lpCurrentDirectory
), lpStartupInfo
, lpProcessInformation
);
3192 BOOL WINAPI
CreateProcessAsUserW(
3194 LPCWSTR lpApplicationName
,
3195 LPWSTR lpCommandLine
,
3196 LPSECURITY_ATTRIBUTES lpProcessAttributes
,
3197 LPSECURITY_ATTRIBUTES lpThreadAttributes
,
3198 BOOL bInheritHandles
,
3199 DWORD dwCreationFlags
,
3200 LPVOID lpEnvironment
,
3201 LPCWSTR lpCurrentDirectory
,
3202 LPSTARTUPINFOW lpStartupInfo
,
3203 LPPROCESS_INFORMATION lpProcessInformation
)
3205 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - semi- stub\n", hToken
,
3206 debugstr_w(lpApplicationName
), debugstr_w(lpCommandLine
), lpProcessAttributes
,
3207 lpThreadAttributes
, bInheritHandles
, dwCreationFlags
, lpEnvironment
,
3208 debugstr_w(lpCurrentDirectory
), lpStartupInfo
, lpProcessInformation
);
3210 /* We should create the process with a suspended main thread */
3211 if (!CreateProcessW (lpApplicationName
,
3213 lpProcessAttributes
,
3216 dwCreationFlags
, /* CREATE_SUSPENDED */
3220 lpProcessInformation
))
3228 BOOL WINAPI
DuplicateTokenEx(
3229 HANDLE ExistingTokenHandle
, DWORD dwDesiredAccess
,
3230 LPSECURITY_ATTRIBUTES lpTokenAttributes
,
3231 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
,
3232 TOKEN_TYPE TokenType
,
3233 PHANDLE DuplicateTokenHandle
)
3235 OBJECT_ATTRIBUTES ObjectAttributes
;
3237 TRACE("%p 0x%08lx 0x%08x 0x%08x %p\n", ExistingTokenHandle
, dwDesiredAccess
,
3238 ImpersonationLevel
, TokenType
, DuplicateTokenHandle
);
3240 InitializeObjectAttributes(
3243 (lpTokenAttributes
&& lpTokenAttributes
->bInheritHandle
) ? OBJ_INHERIT
: 0,
3245 lpTokenAttributes
? lpTokenAttributes
->lpSecurityDescriptor
: NULL
);
3247 return set_ntstatus( NtDuplicateToken( ExistingTokenHandle
,
3252 DuplicateTokenHandle
) );
3255 BOOL WINAPI
DuplicateToken(
3256 HANDLE ExistingTokenHandle
,
3257 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
,
3258 PHANDLE DuplicateTokenHandle
)
3260 return DuplicateTokenEx( ExistingTokenHandle
, TOKEN_IMPERSONATE
| TOKEN_QUERY
,
3261 NULL
, ImpersonationLevel
, TokenImpersonation
,
3262 DuplicateTokenHandle
);
3265 BOOL WINAPI
EnumDependentServicesA(
3267 DWORD dwServiceState
,
3268 LPENUM_SERVICE_STATUSA lpServices
,
3270 LPDWORD pcbBytesNeeded
,
3271 LPDWORD lpServicesReturned
)
3273 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService
, dwServiceState
,
3274 lpServices
, cbBufSize
, pcbBytesNeeded
, lpServicesReturned
);
3279 BOOL WINAPI
EnumDependentServicesW(
3281 DWORD dwServiceState
,
3282 LPENUM_SERVICE_STATUSW lpServices
,
3284 LPDWORD pcbBytesNeeded
,
3285 LPDWORD lpServicesReturned
)
3287 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService
, dwServiceState
,
3288 lpServices
, cbBufSize
, pcbBytesNeeded
, lpServicesReturned
);
3293 static const WELLKNOWNSID WellKnownSids
[] =
3295 { {'W','D'}, { SECURITY_WORLD_SID_AUTHORITY
}, 1, { SECURITY_WORLD_RID
} },
3296 { {'B','A'}, { SECURITY_NT_AUTHORITY
}, 2, { SECURITY_BUILTIN_DOMAIN_RID
, DOMAIN_GROUP_RID_ADMINS
} },
3297 { {'B','G'}, { SECURITY_NT_AUTHORITY
}, 2, { SECURITY_BUILTIN_DOMAIN_RID
, DOMAIN_GROUP_RID_GUESTS
} },
3298 { {'B','U'}, { SECURITY_NT_AUTHORITY
}, 2, { SECURITY_BUILTIN_DOMAIN_RID
, DOMAIN_GROUP_RID_USERS
} },
3299 { {'I','U'}, { SECURITY_NT_AUTHORITY
}, 1, { SECURITY_INTERACTIVE_RID
} },
3300 { {'L','S'}, { SECURITY_NT_AUTHORITY
}, 1, { SECURITY_SERVICE_RID
} },
3301 { {'S','Y'}, { SECURITY_NT_AUTHORITY
}, 1, { SECURITY_LOCAL_SYSTEM_RID
} },
3304 /******************************************************************************
3305 * ComputeStringSidSize
3307 static DWORD
ComputeStringSidSize(LPCWSTR StringSid
)
3309 DWORD size
= sizeof(SID
);
3311 if (StringSid
[0] == 'S' && StringSid
[1] == '-') /* S-R-I-S-S */
3316 if (*StringSid
== '-')
3322 size
+= (ctok
- 3) * sizeof(DWORD
);
3324 else /* String constant format - Only available in winxp and above */
3328 for (i
= 0; i
< sizeof(WellKnownSids
)/sizeof(WellKnownSids
[0]); i
++)
3329 if (!strncmpW(WellKnownSids
[i
].wstr
, StringSid
, 2))
3330 size
+= (WellKnownSids
[i
].nSubAuthorityCount
- 1) * sizeof(DWORD
);
3336 /******************************************************************************
3337 * ParseStringSidToSid
3339 static BOOL
ParseStringSidToSid(LPCWSTR StringSid
, PSID pSid
, LPDWORD cBytes
)
3344 TRACE("%s, %p, %p\n", debugstr_w(StringSid
), pSid
, cBytes
);
3347 SetLastError(ERROR_INVALID_PARAMETER
);
3348 TRACE("StringSid is NULL, returning FALSE\n");
3352 *cBytes
= ComputeStringSidSize(StringSid
);
3353 if (!pisid
) /* Simply compute the size */
3355 TRACE("only size requested, returning TRUE\n");
3359 if (StringSid
[0] == 'S' && StringSid
[1] == '-') /* S-R-I-S-S */
3361 DWORD i
= 0, identAuth
;
3362 DWORD csubauth
= ((*cBytes
- sizeof(SID
)) / sizeof(DWORD
)) + 1;
3364 StringSid
+= 2; /* Advance to Revision */
3365 pisid
->Revision
= atoiW(StringSid
);
3367 if (pisid
->Revision
!= SDDL_REVISION
)
3369 TRACE("Revision %d is unknown\n", pisid
->Revision
);
3370 goto lend
; /* ERROR_INVALID_SID */
3374 TRACE("SubAuthorityCount is 0\n");
3375 goto lend
; /* ERROR_INVALID_SID */
3378 pisid
->SubAuthorityCount
= csubauth
;
3380 /* Advance to identifier authority */
3381 while (*StringSid
&& *StringSid
!= '-')
3383 if (*StringSid
== '-')
3386 /* MS' implementation can't handle values greater than 2^32 - 1, so
3387 * we don't either; assume most significant bytes are always 0
3389 pisid
->IdentifierAuthority
.Value
[0] = 0;
3390 pisid
->IdentifierAuthority
.Value
[1] = 0;
3391 identAuth
= atoiW(StringSid
);
3392 pisid
->IdentifierAuthority
.Value
[5] = identAuth
& 0xff;
3393 pisid
->IdentifierAuthority
.Value
[4] = (identAuth
& 0xff00) >> 8;
3394 pisid
->IdentifierAuthority
.Value
[3] = (identAuth
& 0xff0000) >> 16;
3395 pisid
->IdentifierAuthority
.Value
[2] = (identAuth
& 0xff000000) >> 24;
3397 /* Advance to first sub authority */
3398 while (*StringSid
&& *StringSid
!= '-')
3400 if (*StringSid
== '-')
3405 while (*StringSid
&& *StringSid
!= '-')
3407 if (*StringSid
== '-')
3410 pisid
->SubAuthority
[i
++] = atoiW(StringSid
);
3413 if (i
!= pisid
->SubAuthorityCount
)
3414 goto lend
; /* ERROR_INVALID_SID */
3418 else /* String constant format - Only available in winxp and above */
3421 pisid
->Revision
= SDDL_REVISION
;
3423 for (i
= 0; i
< sizeof(WellKnownSids
)/sizeof(WellKnownSids
[0]); i
++)
3424 if (!strncmpW(WellKnownSids
[i
].wstr
, StringSid
, 2))
3427 pisid
->SubAuthorityCount
= WellKnownSids
[i
].nSubAuthorityCount
;
3428 pisid
->IdentifierAuthority
= WellKnownSids
[i
].auth
;
3429 for (j
= 0; j
< WellKnownSids
[i
].nSubAuthorityCount
; j
++)
3430 pisid
->SubAuthority
[j
] = WellKnownSids
[i
].SubAuthority
[j
];
3435 FIXME("String constant not supported: %s\n", debugstr_wn(StringSid
, 2));
3440 SetLastError(ERROR_INVALID_SID
);
3442 TRACE("returning %s\n", bret
? "TRUE" : "FALSE");
3446 /******************************************************************************
3447 * GetNamedSecurityInfoA [ADVAPI32.@]
3449 DWORD WINAPI
GetNamedSecurityInfoA(LPSTR pObjectName
,
3450 SE_OBJECT_TYPE ObjectType
, SECURITY_INFORMATION SecurityInfo
,
3451 PSID
* ppsidOwner
, PSID
* ppsidGroup
, PACL
* ppDacl
, PACL
* ppSacl
,
3452 PSECURITY_DESCRIPTOR
* ppSecurityDescriptor
)
3458 TRACE("%s %d %ld %p %p %p %p %p\n", pObjectName
, ObjectType
, SecurityInfo
,
3459 ppsidOwner
, ppsidGroup
, ppDacl
, ppSacl
, ppSecurityDescriptor
);
3463 len
= MultiByteToWideChar( CP_ACP
, 0, pObjectName
, -1, NULL
, 0 );
3464 wstr
= HeapAlloc( GetProcessHeap(), 0, len
*sizeof(WCHAR
));
3465 MultiByteToWideChar( CP_ACP
, 0, pObjectName
, -1, wstr
, len
);
3468 r
= GetNamedSecurityInfoW( wstr
, ObjectType
, SecurityInfo
, ppsidOwner
,
3469 ppsidGroup
, ppDacl
, ppSacl
, ppSecurityDescriptor
);
3471 HeapFree( GetProcessHeap(), 0, wstr
);
3476 /******************************************************************************
3477 * GetNamedSecurityInfoW [ADVAPI32.@]
3479 DWORD WINAPI
GetNamedSecurityInfoW( LPWSTR name
, SE_OBJECT_TYPE type
,
3480 SECURITY_INFORMATION info
, PSID
* owner
, PSID
* group
, PACL
* dacl
,
3481 PACL
* sacl
, PSECURITY_DESCRIPTOR
* descriptor
)
3483 DWORD needed
, offset
;
3484 SECURITY_DESCRIPTOR_RELATIVE
*relative
;
3487 TRACE( "%s %d %ld %p %p %p %p %p\n", debugstr_w(name
), type
, info
, owner
,
3488 group
, dacl
, sacl
, descriptor
);
3490 if (!name
|| !descriptor
) return ERROR_INVALID_PARAMETER
;
3492 needed
= sizeof(SECURITY_DESCRIPTOR_RELATIVE
);
3493 if (info
& OWNER_SECURITY_INFORMATION
)
3494 needed
+= sizeof(sidWorld
);
3495 if (info
& GROUP_SECURITY_INFORMATION
)
3496 needed
+= sizeof(sidWorld
);
3497 if (info
& DACL_SECURITY_INFORMATION
)
3498 needed
+= WINE_SIZE_OF_WORLD_ACCESS_ACL
;
3499 if (info
& SACL_SECURITY_INFORMATION
)
3500 needed
+= WINE_SIZE_OF_WORLD_ACCESS_ACL
;
3502 /* must be freed by caller */
3503 *descriptor
= HeapAlloc( GetProcessHeap(), 0, needed
);
3504 if (!*descriptor
) return ERROR_NOT_ENOUGH_MEMORY
;
3506 if (!InitializeSecurityDescriptor( *descriptor
, SECURITY_DESCRIPTOR_REVISION
))
3508 HeapFree( GetProcessHeap(), 0, *descriptor
);
3509 return ERROR_INVALID_SECURITY_DESCR
;
3512 relative
= (SECURITY_DESCRIPTOR_RELATIVE
*)*descriptor
;
3513 relative
->Control
|= SE_SELF_RELATIVE
;
3514 buffer
= (BYTE
*)relative
;
3515 offset
= sizeof(SECURITY_DESCRIPTOR_RELATIVE
);
3517 if (owner
&& (info
& OWNER_SECURITY_INFORMATION
))
3519 memcpy( buffer
+ offset
, &sidWorld
, sizeof(sidWorld
) );
3520 relative
->Owner
= offset
;
3521 *owner
= buffer
+ offset
;
3522 offset
+= sizeof(sidWorld
);
3524 if (group
&& (info
& GROUP_SECURITY_INFORMATION
))
3526 memcpy( buffer
+ offset
, &sidWorld
, sizeof(sidWorld
) );
3527 relative
->Group
= offset
;
3528 *group
= buffer
+ offset
;
3529 offset
+= sizeof(sidWorld
);
3531 if (dacl
&& (info
& DACL_SECURITY_INFORMATION
))
3533 GetWorldAccessACL( (PACL
)(buffer
+ offset
) );
3534 relative
->Dacl
= offset
;
3535 *dacl
= (PACL
)(buffer
+ offset
);
3536 offset
+= WINE_SIZE_OF_WORLD_ACCESS_ACL
;
3538 if (sacl
&& (info
& SACL_SECURITY_INFORMATION
))
3540 GetWorldAccessACL( (PACL
)(buffer
+ offset
) );
3541 relative
->Sacl
= offset
;
3542 *sacl
= (PACL
)(buffer
+ offset
);
3544 return ERROR_SUCCESS
;
3547 /******************************************************************************
3548 * DecryptFileW [ADVAPI32.@]
3550 BOOL WINAPI
DecryptFileW(LPCWSTR lpFileName
, DWORD dwReserved
)
3552 FIXME("%s %08lx\n", debugstr_w(lpFileName
), dwReserved
);
3556 /******************************************************************************
3557 * DecryptFileA [ADVAPI32.@]
3559 BOOL WINAPI
DecryptFileA(LPCSTR lpFileName
, DWORD dwReserved
)
3561 FIXME("%s %08lx\n", debugstr_a(lpFileName
), dwReserved
);
3565 /******************************************************************************
3566 * EncryptFileW [ADVAPI32.@]
3568 BOOL WINAPI
EncryptFileW(LPCWSTR lpFileName
)
3570 FIXME("%s\n", debugstr_w(lpFileName
));
3574 /******************************************************************************
3575 * EncryptFileA [ADVAPI32.@]
3577 BOOL WINAPI
EncryptFileA(LPCSTR lpFileName
)
3579 FIXME("%s\n", debugstr_a(lpFileName
));
3583 /******************************************************************************
3584 * FileEncryptionStatusW [ADVAPI32.@]
3586 BOOL WINAPI
FileEncryptionStatusW(LPCWSTR lpFileName
, LPDWORD lpStatus
)
3588 FIXME("(%s %p): stub\n", debugstr_w(lpFileName
), lpStatus
);
3591 *lpStatus
= FILE_SYSTEM_NOT_SUPPORT
;
3595 /******************************************************************************
3596 * FileEncryptionStatusA [ADVAPI32.@]
3598 BOOL WINAPI
FileEncryptionStatusA(LPCSTR lpFileName
, LPDWORD lpStatus
)
3600 FIXME("(%s %p): stub\n", debugstr_a(lpFileName
), lpStatus
);
3603 *lpStatus
= FILE_SYSTEM_NOT_SUPPORT
;
3607 /******************************************************************************
3608 * SetSecurityInfo [ADVAPI32.@]
3610 DWORD WINAPI
SetSecurityInfo(HANDLE handle
, SE_OBJECT_TYPE ObjectType
,
3611 SECURITY_INFORMATION SecurityInfo
, PSID psidOwner
,
3612 PSID psidGroup
, PACL pDacl
, PACL pSacl
) {
3614 return ERROR_SUCCESS
;