src/TortoisePlink/Windows/security-api.h

   1 /*
   2  * security-api.h: some miscellaneous security-related helper functions,
   3  * defined in utils/security.c, that use the advapi32 library. Also
   4  * centralises the machinery for dynamically loading that library.
   5  */
   6
   7 #include <aclapi.h>
   8
   9 /*
  10  * Functions loaded from advapi32.dll.
  11  */
  12 DECL_WINDOWS_FUNCTION(extern, BOOL, OpenProcessToken,
  13                       (HANDLE, DWORD, PHANDLE));
  14 DECL_WINDOWS_FUNCTION(extern, BOOL, GetTokenInformation,
  15                       (HANDLE, TOKEN_INFORMATION_CLASS,
  16                        LPVOID, DWORD, PDWORD));
  17 DECL_WINDOWS_FUNCTION(extern, BOOL, InitializeSecurityDescriptor,
  18                       (PSECURITY_DESCRIPTOR, DWORD));
  19 DECL_WINDOWS_FUNCTION(extern, BOOL, SetSecurityDescriptorOwner,
  20                       (PSECURITY_DESCRIPTOR, PSID, BOOL));
  21 DECL_WINDOWS_FUNCTION(extern, DWORD, GetSecurityInfo,
  22                       (HANDLE, SE_OBJECT_TYPE, SECURITY_INFORMATION,
  23                        PSID *, PSID *, PACL *, PACL *,
  24                        PSECURITY_DESCRIPTOR *));
  25 DECL_WINDOWS_FUNCTION(extern, DWORD, SetSecurityInfo,
  26                       (HANDLE, SE_OBJECT_TYPE, SECURITY_INFORMATION,
  27                        PSID, PSID, PACL, PACL));
  28 DECL_WINDOWS_FUNCTION(extern, DWORD, SetEntriesInAclA,
  29                       (ULONG, PEXPLICIT_ACCESS, PACL, PACL *));
  30 bool got_advapi(void);
  31
  32 /*
  33  * Find the SID describing the current user. The return value (if not
  34  * NULL for some error-related reason) is smalloced.
  35  */
  36 PSID get_user_sid(void);
  37
  38 /*
  39  * Construct a PSECURITY_DESCRIPTOR of the type used for named pipe
  40  * servers, i.e. allowing access only to the current user id and also
  41  * only local (i.e. not over SMB) connections.
  42  *
  43  * If this function returns true, then 'psd' and 'acl' will have been
  44  * filled in with memory allocated using LocalAlloc (and hence must be
  45  * freed later using LocalFree). If it returns false, then instead
  46  * 'error' has been filled with a dynamically allocated error message.
  47  */
  48 bool make_private_security_descriptor(
  49     DWORD permissions, PSECURITY_DESCRIPTOR *psd, PACL *acl, char **error);