search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
kernel32: Get rid of the last parameter to PROFILE_CopyEntry().
[wine.git] / dlls / kernelbase / security.c
blobd1736e61b80fb7867542f95fa433b30bc7ead0f4
1 /*
2 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
3 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
4 * Copyright 2006 Robert Reif
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 *
20 */
21
22 #include <stdarg.h>
23 #include <string.h>
24
25 #include "ntstatus.h"
26 #define WIN32_NO_STATUS
27 #include "windef.h"
28 #include "winbase.h"
29 #include "winerror.h"
30 #include "winternl.h"
31 #include "winioctl.h"
32
33 #include "kernelbase.h"
34 #include "wine/debug.h"
35 #include "wine/heap.h"
36
37 WINE_DEFAULT_DEBUG_CHANNEL(security);
38
39
40 /******************************************************************************
41 * SID functions
42 ******************************************************************************/
43
44 typedef struct _MAX_SID
45 {
46 /* same fields as struct _SID */
47 BYTE Revision;
48 BYTE SubAuthorityCount;
49 SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
50 DWORD SubAuthority[SID_MAX_SUB_AUTHORITIES];
51 } MAX_SID;
52
53 typedef struct WELLKNOWNSID
54 {
55 WELL_KNOWN_SID_TYPE Type;
56 MAX_SID Sid;
57 } WELLKNOWNSID;
58
59 static const WELLKNOWNSID WellKnownSids[] =
60 {
61 { WinNullSid, { SID_REVISION, 1, { SECURITY_NULL_SID_AUTHORITY }, { SECURITY_NULL_RID } } },
62 { WinWorldSid, { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY }, { SECURITY_WORLD_RID } } },
63 { WinLocalSid, { SID_REVISION, 1, { SECURITY_LOCAL_SID_AUTHORITY }, { SECURITY_LOCAL_RID } } },
64 { WinCreatorOwnerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_RID } } },
65 { WinCreatorGroupSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_RID } } },
66 { WinCreatorOwnerRightsSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_RIGHTS_RID } } },
67 { WinCreatorOwnerServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_SERVER_RID } } },
68 { WinCreatorGroupServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_SERVER_RID } } },
69 { WinNtAuthoritySid, { SID_REVISION, 0, { SECURITY_NT_AUTHORITY }, { SECURITY_NULL_RID } } },
70 { WinDialupSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_DIALUP_RID } } },
71 { WinNetworkSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_RID } } },
72 { WinBatchSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BATCH_RID } } },
73 { WinInteractiveSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_INTERACTIVE_RID } } },
74 { WinServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_SERVICE_RID } } },
75 { WinAnonymousSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ANONYMOUS_LOGON_RID } } },
76 { WinProxySid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PROXY_RID } } },
77 { WinEnterpriseControllersSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ENTERPRISE_CONTROLLERS_RID } } },
78 { WinSelfSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PRINCIPAL_SELF_RID } } },
79 { WinAuthenticatedUserSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_AUTHENTICATED_USER_RID } } },
80 { WinRestrictedCodeSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_RESTRICTED_CODE_RID } } },
81 { WinTerminalServerSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_TERMINAL_SERVER_RID } } },
82 { WinRemoteLogonIdSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_REMOTE_LOGON_RID } } },
83 { WinLogonIdsSid, { SID_REVISION, SECURITY_LOGON_IDS_RID_COUNT, { SECURITY_NT_AUTHORITY }, { SECURITY_LOGON_IDS_RID } } },
84 { WinLocalSystemSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SYSTEM_RID } } },
85 { WinLocalServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SERVICE_RID } } },
86 { WinNetworkServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_SERVICE_RID } } },
87 { WinBuiltinDomainSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID } } },
88 { WinBuiltinAdministratorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS } } },
89 { WinBuiltinUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_USERS } } },
90 { WinBuiltinGuestsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_GUESTS } } },
91 { WinBuiltinPowerUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_POWER_USERS } } },
92 { WinBuiltinAccountOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ACCOUNT_OPS } } },
93 { WinBuiltinSystemOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_SYSTEM_OPS } } },
94 { WinBuiltinPrintOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PRINT_OPS } } },
95 { WinBuiltinBackupOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_BACKUP_OPS } } },
96 { WinBuiltinReplicatorSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REPLICATOR } } },
97 { WinBuiltinPreWindows2000CompatibleAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PREW2KCOMPACCESS } } },
98 { WinBuiltinRemoteDesktopUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS } } },
99 { WinBuiltinNetworkConfigurationOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS } } },
100 { WinNTLMAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_NTLM_RID } } },
101 { WinDigestAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_DIGEST_RID } } },
102 { WinSChannelAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_SCHANNEL_RID } } },
103 { WinThisOrganizationSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_THIS_ORGANIZATION_RID } } },
104 { WinOtherOrganizationSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_OTHER_ORGANIZATION_RID } } },
105 { WinBuiltinIncomingForestTrustBuildersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS } } },
106 { WinBuiltinPerfMonitoringUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_MONITORING_USERS } } },
107 { WinBuiltinPerfLoggingUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_LOGGING_USERS } } },
108 { WinBuiltinAuthorizationAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS } } },
109 { WinBuiltinTerminalServerLicenseServersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS } } },
110 { WinBuiltinDCOMUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_DCOM_USERS } } },
111 { WinLowLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_LOW_RID} } },
112 { WinMediumLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_MEDIUM_RID } } },
113 { WinHighLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_HIGH_RID } } },
114 { WinSystemLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_SYSTEM_RID } } },
115 { WinBuiltinAnyPackageSid, { SID_REVISION, 2, { SECURITY_APP_PACKAGE_AUTHORITY }, { SECURITY_APP_PACKAGE_BASE_RID, SECURITY_BUILTIN_PACKAGE_ANY_PACKAGE } } },
116 };
117
118 /* these SIDs must be constructed as relative to some domain - only the RID is well-known */
119 typedef struct WELLKNOWNRID
120 {
121 WELL_KNOWN_SID_TYPE Type;
122 DWORD Rid;
123 } WELLKNOWNRID;
124
125 static const WELLKNOWNRID WellKnownRids[] =
126 {
127 { WinAccountAdministratorSid, DOMAIN_USER_RID_ADMIN },
128 { WinAccountGuestSid, DOMAIN_USER_RID_GUEST },
129 { WinAccountKrbtgtSid, DOMAIN_USER_RID_KRBTGT },
130 { WinAccountDomainAdminsSid, DOMAIN_GROUP_RID_ADMINS },
131 { WinAccountDomainUsersSid, DOMAIN_GROUP_RID_USERS },
132 { WinAccountDomainGuestsSid, DOMAIN_GROUP_RID_GUESTS },
133 { WinAccountComputersSid, DOMAIN_GROUP_RID_COMPUTERS },
134 { WinAccountControllersSid, DOMAIN_GROUP_RID_CONTROLLERS },
135 { WinAccountCertAdminsSid, DOMAIN_GROUP_RID_CERT_ADMINS },
136 { WinAccountSchemaAdminsSid, DOMAIN_GROUP_RID_SCHEMA_ADMINS },
137 { WinAccountEnterpriseAdminsSid, DOMAIN_GROUP_RID_ENTERPRISE_ADMINS },
138 { WinAccountPolicyAdminsSid, DOMAIN_GROUP_RID_POLICY_ADMINS },
139 { WinAccountRasAndIasServersSid, DOMAIN_ALIAS_RID_RAS_SERVERS },
140 };
141
142 static const SID world_sid = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } };
143 static const DWORD world_access_acl_size = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(world_sid) - sizeof(DWORD);
144
145 static void get_world_access_acl( PACL acl )
146 {
147 PACCESS_ALLOWED_ACE ace = (PACCESS_ALLOWED_ACE)(acl + 1);
148
149 acl->AclRevision = ACL_REVISION;
150 acl->Sbz1 = 0;
151 acl->AclSize = world_access_acl_size;
152 acl->AceCount = 1;
153 acl->Sbz2 = 0;
154 ace->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
155 ace->Header.AceFlags = CONTAINER_INHERIT_ACE;
156 ace->Header.AceSize = sizeof(ACCESS_ALLOWED_ACE) + sizeof(world_sid) - sizeof(DWORD);
157 ace->Mask = 0xf3ffffff; /* Everything except reserved bits */
158 memcpy( &ace->SidStart, &world_sid, sizeof(world_sid) );
159 }
160
161
162 static NTSTATUS open_file( LPCWSTR name, DWORD access, HANDLE *file )
163 {
164 UNICODE_STRING file_nameW;
165 OBJECT_ATTRIBUTES attr;
166 IO_STATUS_BLOCK io;
167 NTSTATUS status;
168
169 if ((status = RtlDosPathNameToNtPathName_U_WithStatus( name, &file_nameW, NULL, NULL ))) return status;
170 attr.Length = sizeof(attr);
171 attr.RootDirectory = 0;
172 attr.Attributes = OBJ_CASE_INSENSITIVE;
173 attr.ObjectName = &file_nameW;
174 attr.SecurityDescriptor = NULL;
175 status = NtCreateFile( file, access|SYNCHRONIZE, &attr, &io, NULL, FILE_FLAG_BACKUP_SEMANTICS,
176 FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN,
177 FILE_OPEN_FOR_BACKUP_INTENT, NULL, 0 );
178 RtlFreeUnicodeString( &file_nameW );
179 return status;
180 }
181
182 static const char *debugstr_sid( PSID sid )
183 {
184 int auth;
185 SID * psid = sid;
186
187 if (psid == NULL) return "(null)";
188
189 auth = psid->IdentifierAuthority.Value[5] +
190 (psid->IdentifierAuthority.Value[4] << 8) +
191 (psid->IdentifierAuthority.Value[3] << 16) +
192 (psid->IdentifierAuthority.Value[2] << 24);
193
194 switch (psid->SubAuthorityCount) {
195 case 0:
196 return wine_dbg_sprintf("S-%d-%d", psid->Revision, auth);
197 case 1:
198 return wine_dbg_sprintf("S-%d-%d-%u", psid->Revision, auth,
199 psid->SubAuthority[0]);
200 case 2:
201 return wine_dbg_sprintf("S-%d-%d-%u-%u", psid->Revision, auth,
202 psid->SubAuthority[0], psid->SubAuthority[1]);
203 case 3:
204 return wine_dbg_sprintf("S-%d-%d-%u-%u-%u", psid->Revision, auth,
205 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2]);
206 case 4:
207 return wine_dbg_sprintf("S-%d-%d-%u-%u-%u-%u", psid->Revision, auth,
208 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
209 psid->SubAuthority[3]);
210 case 5:
211 return wine_dbg_sprintf("S-%d-%d-%u-%u-%u-%u-%u", psid->Revision, auth,
212 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
213 psid->SubAuthority[3], psid->SubAuthority[4]);
214 case 6:
215 return wine_dbg_sprintf("S-%d-%d-%u-%u-%u-%u-%u-%u", psid->Revision, auth,
216 psid->SubAuthority[3], psid->SubAuthority[1], psid->SubAuthority[2],
217 psid->SubAuthority[0], psid->SubAuthority[4], psid->SubAuthority[5]);
218 case 7:
219 return wine_dbg_sprintf("S-%d-%d-%u-%u-%u-%u-%u-%u-%u", psid->Revision, auth,
220 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
221 psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
222 psid->SubAuthority[6]);
223 case 8:
224 return wine_dbg_sprintf("S-%d-%d-%u-%u-%u-%u-%u-%u-%u-%u", psid->Revision, auth,
225 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
226 psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
227 psid->SubAuthority[6], psid->SubAuthority[7]);
228 }
229 return "(too-big)";
230 }
231
232 /******************************************************************************
233 * AllocateAndInitializeSid (kernelbase.@)
234 */
235 BOOL WINAPI AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY auth, BYTE count,
236 DWORD auth0, DWORD auth1, DWORD auth2, DWORD auth3,
237 DWORD auth4, DWORD auth5, DWORD auth6, DWORD auth7, PSID *sid )
238 {
239 return set_ntstatus( RtlAllocateAndInitializeSid( auth, count, auth0, auth1, auth2, auth3,
240 auth4, auth5, auth6, auth7, sid ));
241 }
242
243 /***********************************************************************
244 * AllocateLocallyUniqueId (kernelbase.@)
245 */
246 BOOL WINAPI AllocateLocallyUniqueId( PLUID luid )
247 {
248 return set_ntstatus( NtAllocateLocallyUniqueId( luid ));
249 }
250
251 /******************************************************************************
252 * CopySid (kernelbase.@)
253 */
254 BOOL WINAPI CopySid( DWORD len, PSID dest, PSID source )
255 {
256 return RtlCopySid( len, dest, source );
257 }
258
259 /******************************************************************************
260 * EqualPrefixSid (kernelbase.@)
261 */
262 BOOL WINAPI EqualPrefixSid( PSID sid1, PSID sid2 )
263 {
264 return RtlEqualPrefixSid( sid1, sid2 );
265 }
266
267 /******************************************************************************
268 * EqualSid (kernelbase.@)
269 */
270 BOOL WINAPI EqualSid( PSID sid1, PSID sid2 )
271 {
272 BOOL ret = RtlEqualSid( sid1, sid2 );
273 SetLastError(ERROR_SUCCESS);
274 return ret;
275 }
276
277 /******************************************************************************
278 * EqualDomainSid (kernelbase.@)
279 */
280 BOOL WINAPI EqualDomainSid( PSID sid1, PSID sid2, BOOL *equal )
281 {
282 MAX_SID builtin_sid, domain_sid1, domain_sid2;
283 DWORD size;
284
285 TRACE( "(%p,%p,%p)\n", sid1, sid2, equal );
286
287 if (!IsValidSid( sid1 ) || !IsValidSid( sid2 ))
288 {
289 SetLastError( ERROR_INVALID_SID );
290 return FALSE;
291 }
292
293 if (!equal)
294 {
295 SetLastError( ERROR_INVALID_PARAMETER );
296 return FALSE;
297 }
298
299 size = sizeof(domain_sid1);
300 if (GetWindowsAccountDomainSid( sid1, &domain_sid1, &size ))
301 {
302 size = sizeof(domain_sid2);
303 if (GetWindowsAccountDomainSid( sid2, &domain_sid2, &size ))
304 {
305 *equal = EqualSid( &domain_sid1, &domain_sid2 );
306 SetLastError( 0 );
307 return TRUE;
308 }
309 }
310
311 size = sizeof(builtin_sid);
312 if (!CreateWellKnownSid( WinBuiltinDomainSid, NULL, &builtin_sid, &size ))
313 return FALSE;
314
315 if (!memcmp(GetSidIdentifierAuthority( sid1 )->Value, builtin_sid.IdentifierAuthority.Value, sizeof(builtin_sid.IdentifierAuthority.Value)) &&
316 !memcmp(GetSidIdentifierAuthority( sid2 )->Value, builtin_sid.IdentifierAuthority.Value, sizeof(builtin_sid.IdentifierAuthority.Value)))
317 {
318 if (*GetSidSubAuthorityCount( sid1 ) != 0 && *GetSidSubAuthorityCount( sid2 ) != 0 &&
319 (*GetSidSubAuthority( sid1, 0 ) == SECURITY_BUILTIN_DOMAIN_RID ||
320 *GetSidSubAuthority( sid2, 0 ) == SECURITY_BUILTIN_DOMAIN_RID))
321 {
322 *equal = EqualSid( sid1, sid2 );
323 SetLastError( 0 );
324 return TRUE;
325 }
326 }
327
328 SetLastError( ERROR_NON_DOMAIN_SID );
329 return FALSE;
330 }
331
332 /******************************************************************************
333 * FreeSid (kernelbase.@)
334 */
335 void * WINAPI FreeSid( PSID pSid )
336 {
337 RtlFreeSid(pSid);
338 return NULL; /* is documented like this */
339 }
340
341 /******************************************************************************
342 * GetLengthSid (kernelbase.@)
343 */
344 DWORD WINAPI GetLengthSid( PSID sid )
345 {
346 return RtlLengthSid( sid );
347 }
348
349 /******************************************************************************
350 * GetSidIdentifierAuthority (kernelbase.@)
351 */
352 PSID_IDENTIFIER_AUTHORITY WINAPI GetSidIdentifierAuthority( PSID sid )
353 {
354 SetLastError(ERROR_SUCCESS);
355 return RtlIdentifierAuthoritySid( sid );
356 }
357
358 /******************************************************************************
359 * GetSidLengthRequired (kernelbase.@)
360 */
361 DWORD WINAPI GetSidLengthRequired( BYTE count )
362 {
363 return RtlLengthRequiredSid( count );
364 }
365
366 /******************************************************************************
367 * GetSidSubAuthority (kernelbase.@)
368 */
369 PDWORD WINAPI GetSidSubAuthority( PSID sid, DWORD auth )
370 {
371 SetLastError(ERROR_SUCCESS);
372 return RtlSubAuthoritySid( sid, auth );
373 }
374
375 /******************************************************************************
376 * GetSidSubAuthorityCount (kernelbase.@)
377 */
378 PUCHAR WINAPI GetSidSubAuthorityCount( PSID sid )
379 {
380 SetLastError(ERROR_SUCCESS);
381 return RtlSubAuthorityCountSid( sid );
382 }
383
384 /******************************************************************************
385 * GetWindowsAccountDomainSid (kernelbase.@)
386 */
387 BOOL WINAPI GetWindowsAccountDomainSid( PSID sid, PSID domain_sid, DWORD *size )
388 {
389 SID_IDENTIFIER_AUTHORITY domain_ident = { SECURITY_NT_AUTHORITY };
390 DWORD required_size;
391 int i;
392
393 FIXME( "(%p %p %p): semi-stub\n", sid, domain_sid, size );
394
395 if (!sid || !IsValidSid( sid ))
396 {
397 SetLastError( ERROR_INVALID_SID );
398 return FALSE;
399 }
400
401 if (!size)
402 {
403 SetLastError( ERROR_INVALID_PARAMETER );
404 return FALSE;
405 }
406
407 if (*GetSidSubAuthorityCount( sid ) < 4)
408 {
409 SetLastError( ERROR_INVALID_SID );
410 return FALSE;
411 }
412
413 required_size = GetSidLengthRequired( 4 );
414 if (*size < required_size || !domain_sid)
415 {
416 *size = required_size;
417 SetLastError( domain_sid ? ERROR_INSUFFICIENT_BUFFER : ERROR_INVALID_PARAMETER );
418 return FALSE;
419 }
420
421 InitializeSid( domain_sid, &domain_ident, 4 );
422 for (i = 0; i < 4; i++)
423 *GetSidSubAuthority( domain_sid, i ) = *GetSidSubAuthority( sid, i );
424
425 *size = required_size;
426 return TRUE;
427 }
428
429 /******************************************************************************
430 * InitializeSid (kernelbase.@)
431 */
432 BOOL WINAPI InitializeSid ( PSID sid, PSID_IDENTIFIER_AUTHORITY auth, BYTE count )
433 {
434 return RtlInitializeSid( sid, auth, count );
435 }
436
437 /******************************************************************************
438 * IsValidSid (kernelbase.@)
439 */
440 BOOL WINAPI IsValidSid( PSID sid )
441 {
442 return RtlValidSid( sid );
443 }
444
445 /******************************************************************************
446 * CreateWellKnownSid (kernelbase.@)
447 */
448 BOOL WINAPI CreateWellKnownSid( WELL_KNOWN_SID_TYPE type, PSID domain, PSID sid, DWORD *size )
449 {
450 unsigned int i;
451
452 TRACE("(%d, %s, %p, %p)\n", type, debugstr_sid(domain), sid, size);
453
454 if (size == NULL || (domain && !IsValidSid(domain)))
455 {
456 SetLastError(ERROR_INVALID_PARAMETER);
457 return FALSE;
458 }
459
460 for (i = 0; i < ARRAY_SIZE(WellKnownSids); i++)
461 {
462 if (WellKnownSids[i].Type == type)
463 {
464 DWORD length = GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount);
465
466 if (*size < length)
467 {
468 *size = length;
469 SetLastError(ERROR_INSUFFICIENT_BUFFER);
470 return FALSE;
471 }
472 if (!sid)
473 {
474 SetLastError(ERROR_INVALID_PARAMETER);
475 return FALSE;
476 }
477 CopyMemory(sid, &WellKnownSids[i].Sid.Revision, length);
478 *size = length;
479 return TRUE;
480 }
481 }
482
483 if (domain == NULL || *GetSidSubAuthorityCount(domain) == SID_MAX_SUB_AUTHORITIES)
484 {
485 SetLastError(ERROR_INVALID_PARAMETER);
486 return FALSE;
487 }
488
489 for (i = 0; i < ARRAY_SIZE(WellKnownRids); i++)
490 {
491 if (WellKnownRids[i].Type == type)
492 {
493 UCHAR domain_subauth = *GetSidSubAuthorityCount(domain);
494 DWORD domain_sid_length = GetSidLengthRequired(domain_subauth);
495 DWORD output_sid_length = GetSidLengthRequired(domain_subauth + 1);
496
497 if (*size < output_sid_length)
498 {
499 *size = output_sid_length;
500 SetLastError(ERROR_INSUFFICIENT_BUFFER);
501 return FALSE;
502 }
503 if (!sid)
504 {
505 SetLastError(ERROR_INVALID_PARAMETER);
506 return FALSE;
507 }
508 CopyMemory(sid, domain, domain_sid_length);
509 (*GetSidSubAuthorityCount(sid))++;
510 (*GetSidSubAuthority(sid, domain_subauth)) = WellKnownRids[i].Rid;
511 *size = output_sid_length;
512 return TRUE;
513 }
514 }
515 SetLastError(ERROR_INVALID_PARAMETER);
516 return FALSE;
517 }
518
519 /******************************************************************************
520 * IsWellKnownSid (kernelbase.@)
521 */
522 BOOL WINAPI IsWellKnownSid( PSID sid, WELL_KNOWN_SID_TYPE type )
523 {
524 unsigned int i;
525
526 TRACE("(%s, %d)\n", debugstr_sid(sid), type);
527
528 for (i = 0; i < ARRAY_SIZE(WellKnownSids); i++)
529 if (WellKnownSids[i].Type == type)
530 if (EqualSid(sid, (PSID)&WellKnownSids[i].Sid.Revision))
531 return TRUE;
532
533 return FALSE;
534 }
535
536
537 /******************************************************************************
538 * Token functions
539 ******************************************************************************/
540
541
542 /******************************************************************************
543 * AdjustTokenGroups (kernelbase.@)
544 */
545 BOOL WINAPI AdjustTokenGroups( HANDLE token, BOOL reset, PTOKEN_GROUPS new,
546 DWORD len, PTOKEN_GROUPS prev, PDWORD ret_len )
547 {
548 return set_ntstatus( NtAdjustGroupsToken( token, reset, new, len, prev, ret_len ));
549 }
550
551 /******************************************************************************
552 * AdjustTokenPrivileges (kernelbase.@)
553 */
554 BOOL WINAPI AdjustTokenPrivileges( HANDLE token, BOOL disable, PTOKEN_PRIVILEGES new, DWORD len,
555 PTOKEN_PRIVILEGES prev, PDWORD ret_len )
556 {
557 NTSTATUS status;
558
559 TRACE("(%p %d %p %d %p %p)\n", token, disable, new, len, prev, ret_len );
560
561 status = NtAdjustPrivilegesToken( token, disable, new, len, prev, ret_len );
562 SetLastError( RtlNtStatusToDosError( status ));
563 return (status == STATUS_SUCCESS) || (status == STATUS_NOT_ALL_ASSIGNED);
564 }
565
566 /******************************************************************************
567 * CheckTokenMembership (kernelbase.@)
568 */
569 BOOL WINAPI CheckTokenMembership( HANDLE token, PSID sid_to_check, PBOOL is_member )
570 {
571 PTOKEN_GROUPS token_groups = NULL;
572 HANDLE thread_token = NULL;
573 DWORD size, i;
574 BOOL ret;
575
576 TRACE("(%p %s %p)\n", token, debugstr_sid(sid_to_check), is_member);
577
578 *is_member = FALSE;
579
580 if (!token)
581 {
582 if (!OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, TRUE, &thread_token))
583 {
584 HANDLE process_token;
585 ret = OpenProcessToken(GetCurrentProcess(), TOKEN_DUPLICATE, &process_token);
586 if (!ret)
587 goto exit;
588 ret = DuplicateTokenEx(process_token, TOKEN_QUERY, NULL, SecurityImpersonation,
589 TokenImpersonation, &thread_token);
590 CloseHandle(process_token);
591 if (!ret)
592 goto exit;
593 }
594 token = thread_token;
595 }
596 else
597 {
598 TOKEN_TYPE type;
599
600 ret = GetTokenInformation(token, TokenType, &type, sizeof(TOKEN_TYPE), &size);
601 if (!ret) goto exit;
602
603 if (type == TokenPrimary)
604 {
605 SetLastError(ERROR_NO_IMPERSONATION_TOKEN);
606 return FALSE;
607 }
608 }
609
610 ret = GetTokenInformation(token, TokenGroups, NULL, 0, &size);
611 if (!ret && GetLastError() != ERROR_INSUFFICIENT_BUFFER)
612 goto exit;
613
614 token_groups = heap_alloc(size);
615 if (!token_groups)
616 {
617 ret = FALSE;
618 goto exit;
619 }
620
621 ret = GetTokenInformation(token, TokenGroups, token_groups, size, &size);
622 if (!ret)
623 goto exit;
624
625 for (i = 0; i < token_groups->GroupCount; i++)
626 {
627 TRACE("Groups[%d]: {0x%x, %s}\n", i,
628 token_groups->Groups[i].Attributes,
629 debugstr_sid(token_groups->Groups[i].Sid));
630 if ((token_groups->Groups[i].Attributes & SE_GROUP_ENABLED) &&
631 EqualSid(sid_to_check, token_groups->Groups[i].Sid))
632 {
633 *is_member = TRUE;
634 TRACE("sid enabled and found in token\n");
635 break;
636 }
637 }
638
639 exit:
640 heap_free(token_groups);
641 if (thread_token != NULL) CloseHandle(thread_token);
642 return ret;
643 }
644
645 /*************************************************************************
646 * CreateRestrictedToken (kernelbase.@)
647 */
648 BOOL WINAPI CreateRestrictedToken( HANDLE token, DWORD flags,
649 DWORD disable_count, PSID_AND_ATTRIBUTES disable_sids,
650 DWORD delete_count, PLUID_AND_ATTRIBUTES delete_privs,
651 DWORD restrict_count, PSID_AND_ATTRIBUTES restrict_sids, PHANDLE ret )
652 {
653 TOKEN_TYPE type;
654 SECURITY_IMPERSONATION_LEVEL level = SecurityAnonymous;
655 DWORD size;
656
657 FIXME("(%p, 0x%x, %u, %p, %u, %p, %u, %p, %p): stub\n",
658 token, flags, disable_count, disable_sids, delete_count, delete_privs,
659 restrict_count, restrict_sids, ret );
660
661 size = sizeof(type);
662 if (!GetTokenInformation( token, TokenType, &type, size, &size )) return FALSE;
663 if (type == TokenImpersonation)
664 {
665 size = sizeof(level);
666 if (!GetTokenInformation( token, TokenImpersonationLevel, &level, size, &size ))
667 return FALSE;
668 }
669 return DuplicateTokenEx( token, MAXIMUM_ALLOWED, NULL, level, type, ret );
670 }
671
672 /******************************************************************************
673 * DuplicateToken (kernelbase.@)
674 */
675 BOOL WINAPI DuplicateToken( HANDLE token, SECURITY_IMPERSONATION_LEVEL level, PHANDLE ret )
676 {
677 return DuplicateTokenEx( token, TOKEN_IMPERSONATE|TOKEN_QUERY, NULL, level, TokenImpersonation, ret );
678 }
679
680 /******************************************************************************
681 * DuplicateTokenEx (kernelbase.@)
682 */
683 BOOL WINAPI DuplicateTokenEx( HANDLE token, DWORD access, LPSECURITY_ATTRIBUTES sa,
684 SECURITY_IMPERSONATION_LEVEL level, TOKEN_TYPE type, PHANDLE ret )
685 {
686 OBJECT_ATTRIBUTES attr;
687
688 TRACE("%p 0x%08x 0x%08x 0x%08x %p\n", token, access, level, type, ret );
689
690 InitializeObjectAttributes( &attr, NULL, (sa && sa->bInheritHandle) ? OBJ_INHERIT : 0,
691 NULL, sa ? sa->lpSecurityDescriptor : NULL );
692 return set_ntstatus( NtDuplicateToken( token, access, &attr, level, type, ret ));
693 }
694
695 /******************************************************************************
696 * GetTokenInformation (kernelbase.@)
697 */
698 BOOL WINAPI GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS class,
699 LPVOID info, DWORD len, LPDWORD retlen )
700 {
701 TRACE("(%p, %s, %p, %d, %p):\n",
702 token,
703 (class == TokenUser) ? "TokenUser" :
704 (class == TokenGroups) ? "TokenGroups" :
705 (class == TokenPrivileges) ? "TokenPrivileges" :
706 (class == TokenOwner) ? "TokenOwner" :
707 (class == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
708 (class == TokenDefaultDacl) ? "TokenDefaultDacl" :
709 (class == TokenSource) ? "TokenSource" :
710 (class == TokenType) ? "TokenType" :
711 (class == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
712 (class == TokenStatistics) ? "TokenStatistics" :
713 (class == TokenRestrictedSids) ? "TokenRestrictedSids" :
714 (class == TokenSessionId) ? "TokenSessionId" :
715 (class == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
716 (class == TokenSessionReference) ? "TokenSessionReference" :
717 (class == TokenSandBoxInert) ? "TokenSandBoxInert" :
718 "Unknown",
719 info, len, retlen);
720
721 return set_ntstatus( NtQueryInformationToken( token, class, info, len, retlen ));
722 }
723
724 /******************************************************************************
725 * ImpersonateAnonymousToken (kernelbase.@)
726 */
727 BOOL WINAPI ImpersonateAnonymousToken( HANDLE thread )
728 {
729 TRACE("(%p)\n", thread);
730 return set_ntstatus( NtImpersonateAnonymousToken( thread ) );
731 }
732
733 /******************************************************************************
734 * ImpersonateLoggedOnUser (kernelbase.@)
735 */
736 BOOL WINAPI ImpersonateLoggedOnUser( HANDLE token )
737 {
738 DWORD size;
739 BOOL ret;
740 HANDLE dup;
741 TOKEN_TYPE type;
742 static BOOL warn = TRUE;
743
744 if (warn)
745 {
746 FIXME( "(%p)\n", token );
747 warn = FALSE;
748 }
749 if (!GetTokenInformation( token, TokenType, &type, sizeof(type), &size )) return FALSE;
750
751 if (type == TokenPrimary)
752 {
753 if (!DuplicateToken( token, SecurityImpersonation, &dup )) return FALSE;
754 ret = SetThreadToken( NULL, dup );
755 NtClose( dup );
756 }
757 else ret = SetThreadToken( NULL, token );
758
759 return ret;
760 }
761
762 /******************************************************************************
763 * ImpersonateNamedPipeClient (kernelbase.@)
764 */
765 BOOL WINAPI ImpersonateNamedPipeClient( HANDLE pipe )
766 {
767 IO_STATUS_BLOCK io_block;
768
769 return set_ntstatus( NtFsControlFile( pipe, NULL, NULL, NULL, &io_block,
770 FSCTL_PIPE_IMPERSONATE, NULL, 0, NULL, 0 ));
771 }
772
773 /******************************************************************************
774 * ImpersonateSelf (kernelbase.@)
775 */
776 BOOL WINAPI ImpersonateSelf( SECURITY_IMPERSONATION_LEVEL level )
777 {
778 return set_ntstatus( RtlImpersonateSelf( level ) );
779 }
780
781 /******************************************************************************
782 * IsTokenRestricted (kernelbase.@)
783 */
784 BOOL WINAPI IsTokenRestricted( HANDLE token )
785 {
786 TOKEN_GROUPS *groups;
787 DWORD size;
788 NTSTATUS status;
789 BOOL restricted;
790
791 TRACE("(%p)\n", token);
792
793 status = NtQueryInformationToken(token, TokenRestrictedSids, NULL, 0, &size);
794 if (status != STATUS_BUFFER_TOO_SMALL) return set_ntstatus(status);
795
796 groups = heap_alloc(size);
797 if (!groups)
798 {
799 SetLastError(ERROR_OUTOFMEMORY);
800 return FALSE;
801 }
802
803 status = NtQueryInformationToken(token, TokenRestrictedSids, groups, size, &size);
804 if (status != STATUS_SUCCESS)
805 {
806 heap_free(groups);
807 return set_ntstatus(status);
808 }
809
810 restricted = groups->GroupCount > 0;
811 heap_free(groups);
812
813 return restricted;
814 }
815
816 /******************************************************************************
817 * OpenProcessToken (kernelbase.@)
818 */
819 BOOL WINAPI OpenProcessToken( HANDLE process, DWORD access, HANDLE *handle )
820 {
821 return set_ntstatus( NtOpenProcessToken( process, access, handle ));
822 }
823
824 /******************************************************************************
825 * OpenThreadToken (kernelbase.@)
826 */
827 BOOL WINAPI OpenThreadToken( HANDLE thread, DWORD access, BOOL self, HANDLE *handle )
828 {
829 return set_ntstatus( NtOpenThreadToken( thread, access, self, handle ));
830 }
831
832 /******************************************************************************
833 * PrivilegeCheck (kernelbase.@)
834 */
835 BOOL WINAPI PrivilegeCheck( HANDLE token, PPRIVILEGE_SET privs, LPBOOL result )
836 {
837 BOOLEAN res;
838 BOOL ret = set_ntstatus( NtPrivilegeCheck( token, privs, &res ));
839 if (ret) *result = res;
840 return ret;
841 }
842
843 /******************************************************************************
844 * RevertToSelf (kernelbase.@)
845 */
846 BOOL WINAPI RevertToSelf(void)
847 {
848 return SetThreadToken( NULL, 0 );
849 }
850
851 /*************************************************************************
852 * SetThreadToken (kernelbase.@)
853 */
854 BOOL WINAPI SetThreadToken( PHANDLE thread, HANDLE token )
855 {
856 return set_ntstatus( NtSetInformationThread( thread ? *thread : GetCurrentThread(),
857 ThreadImpersonationToken, &token, sizeof(token) ));
858 }
859
860 /******************************************************************************
861 * SetTokenInformation (kernelbase.@)
862 */
863 BOOL WINAPI SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS class, LPVOID info, DWORD len )
864 {
865 TRACE("(%p, %s, %p, %d)\n",
866 token,
867 (class == TokenUser) ? "TokenUser" :
868 (class == TokenGroups) ? "TokenGroups" :
869 (class == TokenPrivileges) ? "TokenPrivileges" :
870 (class == TokenOwner) ? "TokenOwner" :
871 (class == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
872 (class == TokenDefaultDacl) ? "TokenDefaultDacl" :
873 (class == TokenSource) ? "TokenSource" :
874 (class == TokenType) ? "TokenType" :
875 (class == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
876 (class == TokenStatistics) ? "TokenStatistics" :
877 (class == TokenRestrictedSids) ? "TokenRestrictedSids" :
878 (class == TokenSessionId) ? "TokenSessionId" :
879 (class == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
880 (class == TokenSessionReference) ? "TokenSessionReference" :
881 (class == TokenSandBoxInert) ? "TokenSandBoxInert" :
882 "Unknown",
883 info, len);
884
885 return set_ntstatus( NtSetInformationToken( token, class, info, len ));
886 }
887
888
889 /******************************************************************************
890 * Security descriptor functions
891 ******************************************************************************/
892
893
894 /******************************************************************************
895 * ConvertToAutoInheritPrivateObjectSecurity (kernelbase.@)
896 */
897 BOOL WINAPI ConvertToAutoInheritPrivateObjectSecurity( PSECURITY_DESCRIPTOR parent,
898 PSECURITY_DESCRIPTOR current,
899 PSECURITY_DESCRIPTOR *descr,
900 GUID *type, BOOL is_dir,
901 PGENERIC_MAPPING mapping )
902 {
903 FIXME("%p %p %p %p %d %p - stub\n", parent, current, descr, type, is_dir, mapping );
904 return FALSE;
905 }
906
907 /******************************************************************************
908 * CreatePrivateObjectSecurity (kernelbase.@)
909 */
910 BOOL WINAPI CreatePrivateObjectSecurity( PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator,
911 PSECURITY_DESCRIPTOR *descr, BOOL is_container, HANDLE token,
912 PGENERIC_MAPPING mapping )
913 {
914 return CreatePrivateObjectSecurityEx( parent, creator, descr, NULL, is_container, 0, token, mapping );
915 }
916
917 /******************************************************************************
918 * CreatePrivateObjectSecurityEx (kernelbase.@)
919 */
920 BOOL WINAPI CreatePrivateObjectSecurityEx( PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator,
921 PSECURITY_DESCRIPTOR *descr, GUID *type, BOOL is_container,
922 ULONG flags, HANDLE token, PGENERIC_MAPPING mapping )
923 {
924 SECURITY_DESCRIPTOR_RELATIVE *relative;
925 DWORD needed, offset;
926 BYTE *buffer;
927
928 FIXME( "%p %p %p %p %d %u %p %p - returns fake SECURITY_DESCRIPTOR\n",
929 parent, creator, descr, type, is_container, flags, token, mapping );
930
931 needed = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
932 needed += sizeof(world_sid);
933 needed += sizeof(world_sid);
934 needed += world_access_acl_size;
935 needed += world_access_acl_size;
936
937 if (!(buffer = heap_alloc( needed ))) return FALSE;
938 relative = (SECURITY_DESCRIPTOR_RELATIVE *)buffer;
939 if (!InitializeSecurityDescriptor( relative, SECURITY_DESCRIPTOR_REVISION ))
940 {
941 heap_free( buffer );
942 return FALSE;
943 }
944 relative->Control |= SE_SELF_RELATIVE;
945 offset = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
946
947 memcpy( buffer + offset, &world_sid, sizeof(world_sid) );
948 relative->Owner = offset;
949 offset += sizeof(world_sid);
950
951 memcpy( buffer + offset, &world_sid, sizeof(world_sid) );
952 relative->Group = offset;
953 offset += sizeof(world_sid);
954
955 get_world_access_acl( (ACL *)(buffer + offset) );
956 relative->Dacl = offset;
957 offset += world_access_acl_size;
958
959 get_world_access_acl( (ACL *)(buffer + offset) );
960 relative->Sacl = offset;
961
962 *descr = relative;
963 return TRUE;
964 }
965
966 /******************************************************************************
967 * CreatePrivateObjectSecurityWithMultipleInheritance (kernelbase.@)
968 */
969 BOOL WINAPI CreatePrivateObjectSecurityWithMultipleInheritance( PSECURITY_DESCRIPTOR parent,
970 PSECURITY_DESCRIPTOR creator,
971 PSECURITY_DESCRIPTOR *descr,
972 GUID **types, ULONG count,
973 BOOL is_container, ULONG flags,
974 HANDLE token, PGENERIC_MAPPING mapping )
975 {
976 FIXME(": semi-stub\n");
977 return CreatePrivateObjectSecurityEx( parent, creator, descr, NULL, is_container,
978 flags, token, mapping );
979 }
980
981 /******************************************************************************
982 * DestroyPrivateObjectSecurity (kernelbase.@)
983 */
984 BOOL WINAPI DestroyPrivateObjectSecurity( PSECURITY_DESCRIPTOR *descr )
985 {
986 FIXME("%p - stub\n", descr);
987 heap_free( *descr );
988 return TRUE;
989 }
990
991 /******************************************************************************
992 * GetFileSecurityW (kernelbase.@)
993 */
994 BOOL WINAPI GetFileSecurityW( LPCWSTR name, SECURITY_INFORMATION info,
995 PSECURITY_DESCRIPTOR descr, DWORD len, LPDWORD ret_len )
996 {
997 HANDLE file;
998 NTSTATUS status;
999 DWORD access = 0;
1000
1001 TRACE( "(%s,%d,%p,%d,%p)\n", debugstr_w(name), info, descr, len, ret_len );
1002
1003 if (info & (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION))
1004 access |= READ_CONTROL;
1005 if (info & SACL_SECURITY_INFORMATION)
1006 access |= ACCESS_SYSTEM_SECURITY;
1007
1008 if (!(status = open_file( name, access, &file )))
1009 {
1010 status = NtQuerySecurityObject( file, info, descr, len, ret_len );
1011 NtClose( file );
1012 }
1013 return set_ntstatus( status );
1014 }
1015
1016 /******************************************************************************
1017 * GetKernelObjectSecurity (kernelbase.@)
1018 */
1019 BOOL WINAPI GetKernelObjectSecurity( HANDLE handle, SECURITY_INFORMATION info,
1020 PSECURITY_DESCRIPTOR descr, DWORD len, LPDWORD ret_len )
1021 {
1022 return set_ntstatus( NtQuerySecurityObject( handle, info, descr, len, ret_len ));
1023 }
1024
1025 /******************************************************************************
1026 * GetPrivateObjectSecurity (kernelbase.@)
1027 */
1028 BOOL WINAPI GetPrivateObjectSecurity( PSECURITY_DESCRIPTOR obj_descr, SECURITY_INFORMATION info,
1029 PSECURITY_DESCRIPTOR ret_descr, DWORD len, PDWORD ret_len )
1030 {
1031 SECURITY_DESCRIPTOR desc;
1032 BOOL defaulted, present;
1033 PACL pacl;
1034 PSID psid;
1035
1036 TRACE("(%p,0x%08x,%p,0x%08x,%p)\n", obj_descr, info, ret_descr, len, ret_len );
1037
1038 if (!InitializeSecurityDescriptor(&desc, SECURITY_DESCRIPTOR_REVISION)) return FALSE;
1039
1040 if (info & OWNER_SECURITY_INFORMATION)
1041 {
1042 if (!GetSecurityDescriptorOwner(obj_descr, &psid, &defaulted)) return FALSE;
1043 SetSecurityDescriptorOwner(&desc, psid, defaulted);
1044 }
1045 if (info & GROUP_SECURITY_INFORMATION)
1046 {
1047 if (!GetSecurityDescriptorGroup(obj_descr, &psid, &defaulted)) return FALSE;
1048 SetSecurityDescriptorGroup(&desc, psid, defaulted);
1049 }
1050 if (info & DACL_SECURITY_INFORMATION)
1051 {
1052 if (!GetSecurityDescriptorDacl(obj_descr, &present, &pacl, &defaulted)) return FALSE;
1053 SetSecurityDescriptorDacl(&desc, present, pacl, defaulted);
1054 }
1055 if (info & SACL_SECURITY_INFORMATION)
1056 {
1057 if (!GetSecurityDescriptorSacl(obj_descr, &present, &pacl, &defaulted)) return FALSE;
1058 SetSecurityDescriptorSacl(&desc, present, pacl, defaulted);
1059 }
1060
1061 *ret_len = len;
1062 return MakeSelfRelativeSD(&desc, ret_descr, ret_len);
1063 }
1064
1065 /******************************************************************************
1066 * GetSecurityDescriptorControl (kernelbase.@)
1067 */
1068 BOOL WINAPI GetSecurityDescriptorControl( PSECURITY_DESCRIPTOR descr, PSECURITY_DESCRIPTOR_CONTROL control,
1069 LPDWORD revision)
1070 {
1071 return set_ntstatus( RtlGetControlSecurityDescriptor( descr, control, revision ));
1072 }
1073
1074 /******************************************************************************
1075 * GetSecurityDescriptorDacl (kernelbase.@)
1076 */
1077 BOOL WINAPI GetSecurityDescriptorDacl( PSECURITY_DESCRIPTOR descr, LPBOOL dacl_present, PACL *dacl,
1078 LPBOOL dacl_defaulted )
1079 {
1080 BOOLEAN present, defaulted;
1081 BOOL ret = set_ntstatus( RtlGetDaclSecurityDescriptor( descr, &present, dacl, &defaulted ));
1082 *dacl_present = present;
1083 *dacl_defaulted = defaulted;
1084 return ret;
1085 }
1086
1087 /******************************************************************************
1088 * GetSecurityDescriptorGroup (kernelbase.@)
1089 */
1090 BOOL WINAPI GetSecurityDescriptorGroup( PSECURITY_DESCRIPTOR descr, PSID *group, LPBOOL group_defaulted )
1091 {
1092 BOOLEAN defaulted;
1093 BOOL ret = set_ntstatus( RtlGetGroupSecurityDescriptor( descr, group, &defaulted ));
1094 *group_defaulted = defaulted;
1095 return ret;
1096 }
1097
1098 /******************************************************************************
1099 * GetSecurityDescriptorLength (kernelbase.@)
1100 */
1101 DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR descr )
1102 {
1103 return RtlLengthSecurityDescriptor( descr );
1104 }
1105
1106 /******************************************************************************
1107 * GetSecurityDescriptorOwner (kernelbase.@)
1108 */
1109 BOOL WINAPI GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR descr, PSID *owner, LPBOOL owner_defaulted )
1110 {
1111 BOOLEAN defaulted;
1112 BOOL ret = set_ntstatus( RtlGetOwnerSecurityDescriptor( descr, owner, &defaulted ));
1113 *owner_defaulted = defaulted;
1114 return ret;
1115 }
1116
1117 /******************************************************************************
1118 * GetSecurityDescriptorSacl (kernelbase.@)
1119 */
1120 BOOL WINAPI GetSecurityDescriptorSacl( PSECURITY_DESCRIPTOR descr, LPBOOL sacl_present, PACL *sacl,
1121 LPBOOL sacl_defaulted )
1122 {
1123 BOOLEAN present, defaulted;
1124 BOOL ret = set_ntstatus( RtlGetSaclSecurityDescriptor( descr, &present, sacl, &defaulted ));
1125 *sacl_present = present;
1126 *sacl_defaulted = defaulted;
1127 return ret;
1128 }
1129
1130 /******************************************************************************
1131 * InitializeSecurityDescriptor (kernelbase.@)
1132 */
1133 BOOL WINAPI InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR descr, DWORD revision )
1134 {
1135 return set_ntstatus( RtlCreateSecurityDescriptor( descr, revision ));
1136 }
1137
1138 /******************************************************************************
1139 * IsValidSecurityDescriptor (kernelbase.@)
1140 */
1141 BOOL WINAPI IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR descr )
1142 {
1143 return set_ntstatus( RtlValidSecurityDescriptor( descr ));
1144 }
1145
1146 /******************************************************************************
1147 * MakeAbsoluteSD (kernelbase.@)
1148 */
1149 BOOL WINAPI MakeAbsoluteSD ( PSECURITY_DESCRIPTOR rel_descr, PSECURITY_DESCRIPTOR abs_descr,
1150 LPDWORD abs_size, PACL dacl, LPDWORD dacl_size, PACL sacl, LPDWORD sacl_size,
1151 PSID owner, LPDWORD owner_size, PSID group, LPDWORD group_size )
1152 {
1153 return set_ntstatus( RtlSelfRelativeToAbsoluteSD( rel_descr, abs_descr, abs_size,
1154 dacl, dacl_size, sacl, sacl_size,
1155 owner, owner_size, group, group_size ));
1156 }
1157
1158 /******************************************************************************
1159 * MakeSelfRelativeSD (kernelbase.@)
1160 */
1161 BOOL WINAPI MakeSelfRelativeSD( PSECURITY_DESCRIPTOR abs_descr, PSECURITY_DESCRIPTOR rel_descr,
1162 LPDWORD len )
1163 {
1164 return set_ntstatus( RtlMakeSelfRelativeSD( abs_descr, rel_descr, len ));
1165 }
1166
1167 /******************************************************************************
1168 * SetFileSecurityW (kernelbase.@)
1169 */
1170 BOOL WINAPI SetFileSecurityW( LPCWSTR name, SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr )
1171 {
1172 HANDLE file;
1173 DWORD access = 0;
1174 NTSTATUS status;
1175
1176 TRACE( "(%s, 0x%x, %p)\n", debugstr_w(name), info, descr );
1177
1178 if (info & (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION)) access |= WRITE_OWNER;
1179 if (info & SACL_SECURITY_INFORMATION) access |= ACCESS_SYSTEM_SECURITY;
1180 if (info & DACL_SECURITY_INFORMATION) access |= WRITE_DAC;
1181
1182 if (!(status = open_file( name, access, &file )))
1183 {
1184 status = NtSetSecurityObject( file, info, descr );
1185 NtClose( file );
1186 }
1187 return set_ntstatus( status );
1188 }
1189
1190 /*************************************************************************
1191 * SetKernelObjectSecurity (kernelbase.@)
1192 */
1193 BOOL WINAPI SetKernelObjectSecurity( HANDLE handle, SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr )
1194 {
1195 return set_ntstatus( NtSetSecurityObject( handle, info, descr ));
1196 }
1197
1198 /*************************************************************************
1199 * SetPrivateObjectSecurity (kernelbase.@)
1200 */
1201 BOOL WINAPI SetPrivateObjectSecurity( SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr,
1202 PSECURITY_DESCRIPTOR *obj_descr, PGENERIC_MAPPING mapping,
1203 HANDLE token )
1204 {
1205 FIXME( "0x%08x %p %p %p %p - stub\n", info, descr, obj_descr, mapping, token );
1206 return TRUE;
1207 }
1208
1209 /*************************************************************************
1210 * SetPrivateObjectSecurityEx (kernelbase.@)
1211 */
1212 BOOL WINAPI SetPrivateObjectSecurityEx( SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr,
1213 PSECURITY_DESCRIPTOR *obj_descr, ULONG flags,
1214 PGENERIC_MAPPING mapping, HANDLE token )
1215 {
1216 FIXME( "0x%08x %p %p %u %p %p - stub\n", info, descr, obj_descr, flags, mapping, token );
1217 return TRUE;
1218 }
1219
1220 /******************************************************************************
1221 * SetSecurityDescriptorControl (kernelbase.@)
1222 */
1223 BOOL WINAPI SetSecurityDescriptorControl( PSECURITY_DESCRIPTOR descr, SECURITY_DESCRIPTOR_CONTROL mask,
1224 SECURITY_DESCRIPTOR_CONTROL set )
1225 {
1226 return set_ntstatus( RtlSetControlSecurityDescriptor( descr, mask, set ));
1227 }
1228
1229 /******************************************************************************
1230 * SetSecurityDescriptorDacl (kernelbase.@)
1231 */
1232 BOOL WINAPI SetSecurityDescriptorDacl( PSECURITY_DESCRIPTOR descr, BOOL present, PACL dacl, BOOL defaulted )
1233 {
1234 return set_ntstatus( RtlSetDaclSecurityDescriptor( descr, present, dacl, defaulted ));
1235 }
1236
1237 /******************************************************************************
1238 * SetSecurityDescriptorGroup (kernelbase.@)
1239 */
1240 BOOL WINAPI SetSecurityDescriptorGroup( PSECURITY_DESCRIPTOR descr, PSID group, BOOL defaulted )
1241 {
1242 return set_ntstatus( RtlSetGroupSecurityDescriptor( descr, group, defaulted ));
1243 }
1244
1245 /******************************************************************************
1246 * SetSecurityDescriptorOwner (kernelbase.@)
1247 */
1248 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR descr, PSID owner, BOOL defaulted )
1249 {
1250 return set_ntstatus( RtlSetOwnerSecurityDescriptor( descr, owner, defaulted ));
1251 }
1252
1253 /**************************************************************************
1254 * SetSecurityDescriptorSacl (kernelbase.@)
1255 */
1256 BOOL WINAPI SetSecurityDescriptorSacl ( PSECURITY_DESCRIPTOR descr, BOOL present, PACL sacl, BOOL defaulted )
1257 {
1258 return set_ntstatus( RtlSetSaclSecurityDescriptor( descr, present, sacl, defaulted ));
1259 }
1260
1261
1262 /******************************************************************************
1263 * Access control functions
1264 ******************************************************************************/
1265
1266
1267 /******************************************************************************
1268 * AccessCheck (kernelbase.@)
1269 */
1270 BOOL WINAPI AccessCheck( PSECURITY_DESCRIPTOR descr, HANDLE token, DWORD access, PGENERIC_MAPPING mapping,
1271 PPRIVILEGE_SET priv, LPDWORD priv_len, LPDWORD granted, LPBOOL status )
1272 {
1273 NTSTATUS access_status;
1274 BOOL ret = set_ntstatus( NtAccessCheck( descr, token, access, mapping, priv, priv_len,
1275 granted, &access_status ));
1276 if (ret) *status = set_ntstatus( access_status );
1277 return ret;
1278 }
1279
1280 /******************************************************************************
1281 * AccessCheckAndAuditAlarmW (kernelbase.@)
1282 */
1283 BOOL WINAPI AccessCheckAndAuditAlarmW( LPCWSTR subsystem, LPVOID id, LPWSTR type_name,
1284 LPWSTR name, PSECURITY_DESCRIPTOR descr, DWORD access,
1285 PGENERIC_MAPPING mapping, BOOL creation,
1286 LPDWORD granted, LPBOOL status, LPBOOL on_close )
1287 {
1288 FIXME( "stub (%s,%p,%s,%s,%p,%08x,%p,%x,%p,%p,%p)\n", debugstr_w(subsystem),
1289 id, debugstr_w(type_name), debugstr_w(name), descr, access, mapping,
1290 creation, granted, status, on_close );
1291 return TRUE;
1292 }
1293
1294 /******************************************************************************
1295 * AccessCheckByType (kernelbase.@)
1296 */
1297 BOOL WINAPI AccessCheckByType( PSECURITY_DESCRIPTOR descr, PSID sid, HANDLE token, DWORD access,
1298 POBJECT_TYPE_LIST types, DWORD types_len, PGENERIC_MAPPING mapping,
1299 PPRIVILEGE_SET priv, LPDWORD priv_len, LPDWORD granted, LPBOOL status )
1300 {
1301 FIXME("stub\n");
1302 *status = TRUE;
1303 return !*status;
1304 }
1305
1306 /******************************************************************************
1307 * AddAccessAllowedAce (kernelbase.@)
1308 */
1309 BOOL WINAPI AddAccessAllowedAce( PACL acl, DWORD rev, DWORD access, PSID sid )
1310 {
1311 return set_ntstatus( RtlAddAccessAllowedAce( acl, rev, access, sid ));
1312 }
1313
1314 /******************************************************************************
1315 * AddAccessAllowedAceEx (kernelbase.@)
1316 */
1317 BOOL WINAPI AddAccessAllowedAceEx( PACL acl, DWORD rev, DWORD flags, DWORD access, PSID sid )
1318 {
1319 return set_ntstatus( RtlAddAccessAllowedAceEx( acl, rev, flags, access, sid ));
1320 }
1321
1322 /******************************************************************************
1323 * AddAccessAllowedObjectAce (kernelbase.@)
1324 */
1325 BOOL WINAPI AddAccessAllowedObjectAce( PACL acl, DWORD rev, DWORD flags, DWORD access,
1326 GUID *type, GUID *inherit, PSID sid )
1327 {
1328 return set_ntstatus( RtlAddAccessAllowedObjectAce( acl, rev, flags, access, type, inherit, sid ));
1329 }
1330
1331 /******************************************************************************
1332 * AddAccessDeniedAce (kernelbase.@)
1333 */
1334 BOOL WINAPI AddAccessDeniedAce( PACL acl, DWORD rev, DWORD access, PSID sid )
1335 {
1336 return set_ntstatus( RtlAddAccessDeniedAce( acl, rev, access, sid ));
1337 }
1338
1339 /******************************************************************************
1340 * AddAccessDeniedAceEx (kernelbase.@)
1341 */
1342 BOOL WINAPI AddAccessDeniedAceEx( PACL acl, DWORD rev, DWORD flags, DWORD access, PSID sid )
1343 {
1344 return set_ntstatus( RtlAddAccessDeniedAceEx( acl, rev, flags, access, sid ));
1345 }
1346
1347 /******************************************************************************
1348 * AddAccessDeniedObjectAce (kernelbase.@)
1349 */
1350 BOOL WINAPI AddAccessDeniedObjectAce( PACL acl, DWORD rev, DWORD flags, DWORD access,
1351 GUID *type, GUID *inherit, PSID sid )
1352 {
1353 return set_ntstatus( RtlAddAccessDeniedObjectAce( acl, rev, flags, access, type, inherit, sid ));
1354 }
1355
1356 /******************************************************************************
1357 * AddAce (kernelbase.@)
1358 */
1359 BOOL WINAPI AddAce( PACL acl, DWORD rev, DWORD index, LPVOID list, DWORD len )
1360 {
1361 return set_ntstatus( RtlAddAce( acl, rev, index, list, len ));
1362 }
1363
1364 /******************************************************************************
1365 * AddAuditAccessAce (kernelbase.@)
1366 */
1367 BOOL WINAPI AddAuditAccessAce( PACL acl, DWORD rev, DWORD access, PSID sid, BOOL success, BOOL failure )
1368 {
1369 return set_ntstatus( RtlAddAuditAccessAce( acl, rev, access, sid, success, failure ));
1370 }
1371
1372 /******************************************************************************
1373 * AddAuditAccessAceEx (kernelbase.@)
1374 */
1375 BOOL WINAPI AddAuditAccessAceEx( PACL acl, DWORD rev, DWORD flags, DWORD access,
1376 PSID sid, BOOL success, BOOL failure )
1377 {
1378 return set_ntstatus( RtlAddAuditAccessAceEx( acl, rev, flags, access, sid, success, failure ));
1379 }
1380
1381 /******************************************************************************
1382 * AddAuditAccessObjectAce (kernelbase.@)
1383 */
1384 BOOL WINAPI AddAuditAccessObjectAce( PACL acl, DWORD rev, DWORD flags, DWORD access,
1385 GUID *type, GUID *inherit, PSID sid, BOOL success, BOOL failure )
1386 {
1387 return set_ntstatus( RtlAddAuditAccessObjectAce( acl, rev, flags, access,
1388 type, inherit, sid, success, failure ));
1389 }
1390
1391 /******************************************************************************
1392 * AddMandatoryAce (kernelbase.@)
1393 */
1394 BOOL WINAPI AddMandatoryAce( PACL acl, DWORD rev, DWORD flags, DWORD policy, PSID sid )
1395 {
1396 return set_ntstatus( RtlAddMandatoryAce( acl, rev, flags, policy,
1397 SYSTEM_MANDATORY_LABEL_ACE_TYPE, sid ));
1398 }
1399
1400 /******************************************************************************
1401 * AreAllAccessesGranted (kernelbase.@)
1402 */
1403 BOOL WINAPI AreAllAccessesGranted( DWORD granted, DWORD desired )
1404 {
1405 return RtlAreAllAccessesGranted( granted, desired );
1406 }
1407
1408 /******************************************************************************
1409 * AreAnyAccessesGranted (kernelbase.@)
1410 */
1411 BOOL WINAPI AreAnyAccessesGranted( DWORD granted, DWORD desired )
1412 {
1413 return RtlAreAnyAccessesGranted( granted, desired );
1414 }
1415
1416 /******************************************************************************
1417 * DeleteAce (kernelbase.@)
1418 */
1419 BOOL WINAPI DeleteAce( PACL acl, DWORD index )
1420 {
1421 return set_ntstatus( RtlDeleteAce( acl, index ));
1422 }
1423
1424 /******************************************************************************
1425 * FindFirstFreeAce (kernelbase.@)
1426 */
1427 BOOL WINAPI FindFirstFreeAce( PACL acl, LPVOID *ace)
1428 {
1429 return RtlFirstFreeAce( acl, (PACE_HEADER *)ace );
1430 }
1431
1432 /******************************************************************************
1433 * GetAce (kernelbase.@)
1434 */
1435 BOOL WINAPI GetAce( PACL acl, DWORD index, LPVOID *ace )
1436 {
1437 return set_ntstatus( RtlGetAce( acl, index, ace ));
1438 }
1439
1440 /******************************************************************************
1441 * GetAclInformation (kernelbase.@)
1442 */
1443 BOOL WINAPI GetAclInformation( PACL acl, LPVOID info, DWORD len, ACL_INFORMATION_CLASS class )
1444 {
1445 return set_ntstatus( RtlQueryInformationAcl( acl, info, len, class ));
1446 }
1447
1448 /*************************************************************************
1449 * InitializeAcl (kernelbase.@)
1450 */
1451 BOOL WINAPI InitializeAcl( PACL acl, DWORD size, DWORD rev )
1452 {
1453 return set_ntstatus( RtlCreateAcl( acl, size, rev ));
1454 }
1455
1456 /******************************************************************************
1457 * IsValidAcl (kernelbase.@)
1458 */
1459 BOOL WINAPI IsValidAcl( PACL acl )
1460 {
1461 return RtlValidAcl( acl );
1462 }
1463
1464 /******************************************************************************
1465 * MapGenericMask (kernelbase.@)
1466 */
1467 void WINAPI MapGenericMask( PDWORD access, PGENERIC_MAPPING mapping )
1468 {
1469 RtlMapGenericMask( access, mapping );
1470 }
1471
1472 /******************************************************************************
1473 * ObjectCloseAuditAlarmW (kernelbase.@)
1474 */
1475 BOOL WINAPI ObjectCloseAuditAlarmW( LPCWSTR subsystem, LPVOID id, BOOL on_close )
1476 {
1477 FIXME( "stub (%s,%p,%x)\n", debugstr_w(subsystem), id, on_close );
1478 return TRUE;
1479 }
1480
1481 /******************************************************************************
1482 * ObjectDeleteAuditAlarmW (kernelbase.@)
1483 */
1484 BOOL WINAPI ObjectDeleteAuditAlarmW( LPCWSTR subsystem, LPVOID id, BOOL on_close )
1485 {
1486 FIXME( "stub (%s,%p,%x)\n", debugstr_w(subsystem), id, on_close );
1487 return TRUE;
1488 }
1489
1490 /******************************************************************************
1491 * ObjectOpenAuditAlarmW (kernelbase.@)
1492 */
1493 BOOL WINAPI ObjectOpenAuditAlarmW( LPCWSTR subsystem, LPVOID id, LPWSTR type, LPWSTR name,
1494 PSECURITY_DESCRIPTOR descr, HANDLE token, DWORD desired,
1495 DWORD granted, PPRIVILEGE_SET privs, BOOL creation,
1496 BOOL access, LPBOOL on_close )
1497 {
1498 FIXME( "stub (%s,%p,%s,%s,%p,%p,0x%08x,0x%08x,%p,%x,%x,%p)\n", debugstr_w(subsystem),
1499 id, debugstr_w(type), debugstr_w(name), descr, token, desired, granted,
1500 privs, creation, access, on_close );
1501 return TRUE;
1502 }
1503
1504 /******************************************************************************
1505 * ObjectPrivilegeAuditAlarmW (kernelbase.@)
1506 */
1507 BOOL WINAPI ObjectPrivilegeAuditAlarmW( LPCWSTR subsystem, LPVOID id, HANDLE token,
1508 DWORD desired, PPRIVILEGE_SET privs, BOOL granted )
1509 {
1510 FIXME( "stub (%s,%p,%p,0x%08x,%p,%x)\n", debugstr_w(subsystem), id, token, desired, privs, granted );
1511 return TRUE;
1512 }
1513
1514 /******************************************************************************
1515 * PrivilegedServiceAuditAlarmW (kernelbase.@)
1516 */
1517 BOOL WINAPI PrivilegedServiceAuditAlarmW( LPCWSTR subsystem, LPCWSTR service, HANDLE token,
1518 PPRIVILEGE_SET privs, BOOL granted )
1519 {
1520 FIXME( "stub %s,%s,%p,%p,%x)\n", debugstr_w(subsystem), debugstr_w(service), token, privs, granted );
1521 return TRUE;
1522 }
1523
1524 /******************************************************************************
1525 * SetAclInformation (kernelbase.@)
1526 */
1527 BOOL WINAPI SetAclInformation( PACL acl, LPVOID info, DWORD len, ACL_INFORMATION_CLASS class )
1528 {
1529 FIXME( "%p %p 0x%08x 0x%08x - stub\n", acl, info, len, class );
1530 return TRUE;
1531 }
Windows API implementation