search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
advapi32: Make ADVAPI_IsLocalComputer global and remove duplicate copy.
[wine/wine-kai.git] / dlls / advapi32 / lsa.c
blob62b20757d09e7d85859d57944ca8b38291d95630
1 /*
2 * Implementation of the Local Security Authority API
3 *
4 * Copyright 1999 Juergen Schmied
5 * Copyright 2002 Andriy Palamarchuk
6 * Copyright 2004 Mike McCormack
7 * Copyright 2005 Hans Leidekker
8 *
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
13 *
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 */
23
24 #include <stdarg.h>
25
26 #include "ntstatus.h"
27 #define WIN32_NO_STATUS
28 #include "windef.h"
29 #include "winbase.h"
30 #include "winreg.h"
31 #include "winternl.h"
32 #include "ntsecapi.h"
33 #include "advapi32_misc.h"
34
35 #include "wine/debug.h"
36
37 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
38
39 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
40 if (!ADVAPI_IsLocalComputer(ServerName)) \
41 { \
42 FIXME("Action Implemented for local computer only. " \
43 "Requested for server %s\n", debugstr_w(ServerName)); \
44 return FailureCode; \
45 }
46
47 static void dumpLsaAttributes(PLSA_OBJECT_ATTRIBUTES oa)
48 {
49 if (oa)
50 {
51 TRACE("\n\tlength=%lu, rootdir=%p, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
52 oa->Length, oa->RootDirectory,
53 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
54 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
55 }
56 }
57
58 /******************************************************************************
59 * LsaAddAccountRights [ADVAPI32.@]
60 *
61 */
62 NTSTATUS WINAPI LsaAddAccountRights(
63 LSA_HANDLE policy,
64 PSID sid,
65 PLSA_UNICODE_STRING rights,
66 ULONG count)
67 {
68 FIXME("(%p,%p,%p,0x%08lx) stub\n", policy, sid, rights, count);
69 return STATUS_OBJECT_NAME_NOT_FOUND;
70 }
71
72 /******************************************************************************
73 * LsaClose [ADVAPI32.@]
74 *
75 * Closes a handle to a Policy or TrustedDomain.
76 *
77 * PARAMS
78 * ObjectHandle [I] Handle to a Policy or TrustedDomain.
79 *
80 * RETURNS
81 * Success: STATUS_SUCCESS.
82 * Failure: NTSTATUS code.
83 */
84 NTSTATUS WINAPI LsaClose(IN LSA_HANDLE ObjectHandle)
85 {
86 FIXME("(%p) stub\n", ObjectHandle);
87 return STATUS_SUCCESS;
88 }
89
90 /******************************************************************************
91 * LsaCreateTrustedDomainEx [ADVAPI32.@]
92 *
93 */
94 NTSTATUS WINAPI LsaCreateTrustedDomainEx(
95 LSA_HANDLE policy,
96 PTRUSTED_DOMAIN_INFORMATION_EX domain_info,
97 PTRUSTED_DOMAIN_AUTH_INFORMATION auth_info,
98 ACCESS_MASK access,
99 PLSA_HANDLE domain)
100 {
101 FIXME("(%p,%p,%p,0x%08lx,%p) stub\n", policy, domain_info, auth_info,
102 access, domain);
103 return STATUS_SUCCESS;
104 }
105
106 /******************************************************************************
107 * LsaDeleteTrustedDomain [ADVAPI32.@]
108 *
109 */
110 NTSTATUS WINAPI LsaDeleteTrustedDomain(LSA_HANDLE policy, PSID sid)
111 {
112 FIXME("(%p,%p) stub\n", policy, sid);
113 return STATUS_SUCCESS;
114 }
115
116 /******************************************************************************
117 * LsaEnumerateAccountRights [ADVAPI32.@]
118 *
119 */
120 NTSTATUS WINAPI LsaEnumerateAccountRights(
121 LSA_HANDLE policy,
122 PSID sid,
123 PLSA_UNICODE_STRING *rights,
124 PULONG count)
125 {
126 FIXME("(%p,%p,%p,%p) stub\n", policy, sid, rights, count);
127 return STATUS_OBJECT_NAME_NOT_FOUND;
128 }
129
130 /******************************************************************************
131 * LsaEnumerateAccountsWithUserRight [ADVAPI32.@]
132 *
133 */
134 NTSTATUS WINAPI LsaEnumerateAccountsWithUserRight(
135 LSA_HANDLE policy,
136 PLSA_UNICODE_STRING rights,
137 PVOID *buffer,
138 PULONG count)
139 {
140 FIXME("(%p,%p,%p,%p) stub\n", policy, rights, buffer, count);
141 return STATUS_NO_MORE_ENTRIES;
142 }
143
144 /******************************************************************************
145 * LsaEnumerateTrustedDomains [ADVAPI32.@]
146 *
147 * Returns the names and SIDs of trusted domains.
148 *
149 * PARAMS
150 * PolicyHandle [I] Handle to a Policy object.
151 * EnumerationContext [I] Pointer to an enumeration handle.
152 * Buffer [O] Contains the names and SIDs of trusted domains.
153 * PreferredMaximumLength[I] Preferred maximum size in bytes of Buffer.
154 * CountReturned [O] Number of elements in Buffer.
155 *
156 * RETURNS
157 * Success: STATUS_SUCCESS,
158 * STATUS_MORE_ENTRIES,
159 * STATUS_NO_MORE_ENTRIES
160 * Failure: NTSTATUS code.
161 *
162 * NOTES
163 * LsaEnumerateTrustedDomains can be called multiple times to enumerate
164 * all trusted domains.
165 */
166 NTSTATUS WINAPI LsaEnumerateTrustedDomains(
167 IN LSA_HANDLE PolicyHandle,
168 IN PLSA_ENUMERATION_HANDLE EnumerationContext,
169 OUT PVOID* Buffer,
170 IN ULONG PreferredMaximumLength,
171 OUT PULONG CountReturned)
172 {
173 FIXME("(%p,%p,%p,0x%08lx,%p) stub\n", PolicyHandle, EnumerationContext,
174 Buffer, PreferredMaximumLength, CountReturned);
175
176 if (CountReturned) *CountReturned = 0;
177 return STATUS_SUCCESS;
178 }
179
180 /******************************************************************************
181 * LsaEnumerateTrustedDomainsEx [ADVAPI32.@]
182 *
183 */
184 NTSTATUS WINAPI LsaEnumerateTrustedDomainsEx(
185 LSA_HANDLE policy,
186 PLSA_ENUMERATION_HANDLE context,
187 PVOID *buffer,
188 ULONG length,
189 PULONG count)
190 {
191 FIXME("(%p,%p,%p,0x%08lx,%p) stub\n", policy, context, buffer, length, count);
192
193 if (count) *count = 0;
194 return STATUS_SUCCESS;
195 }
196
197 /******************************************************************************
198 * LsaFreeMemory [ADVAPI32.@]
199 *
200 * Frees memory allocated by a LSA function.
201 *
202 * PARAMS
203 * Buffer [I] Memory buffer to free.
204 *
205 * RETURNS
206 * Success: STATUS_SUCCESS.
207 * Failure: NTSTATUS code.
208 */
209 NTSTATUS WINAPI LsaFreeMemory(IN PVOID Buffer)
210 {
211 TRACE("(%p)\n", Buffer);
212 return HeapFree(GetProcessHeap(), 0, Buffer);
213 }
214
215 /******************************************************************************
216 * LsaLookupNames [ADVAPI32.@]
217 *
218 * Returns the SIDs of an array of user, group, or local group names.
219 *
220 * PARAMS
221 * PolicyHandle [I] Handle to a Policy object.
222 * Count [I] Number of names in Names.
223 * Names [I] Array of names to lookup.
224 * ReferencedDomains [O] Array of domains where the names were found.
225 * Sids [O] Array of SIDs corresponding to Names.
226 *
227 * RETURNS
228 * Success: STATUS_SUCCESS,
229 * STATUS_SOME_NOT_MAPPED
230 * Failure: STATUS_NONE_MAPPED or NTSTATUS code.
231 */
232 NTSTATUS WINAPI LsaLookupNames(
233 IN LSA_HANDLE PolicyHandle,
234 IN ULONG Count,
235 IN PLSA_UNICODE_STRING Names,
236 OUT PLSA_REFERENCED_DOMAIN_LIST* ReferencedDomains,
237 OUT PLSA_TRANSLATED_SID* Sids)
238 {
239 FIXME("(%p,0x%08lx,%p,%p,%p) stub\n", PolicyHandle, Count, Names,
240 ReferencedDomains, Sids);
241
242 return STATUS_NONE_MAPPED;
243 }
244
245 /******************************************************************************
246 * LsaLookupNames2 [ADVAPI32.@]
247 *
248 */
249 NTSTATUS WINAPI LsaLookupNames2(
250 LSA_HANDLE policy,
251 ULONG flags,
252 ULONG count,
253 PLSA_UNICODE_STRING names,
254 PLSA_REFERENCED_DOMAIN_LIST *domains,
255 PLSA_TRANSLATED_SID2 *sids)
256 {
257 FIXME("(%p,0x%08lx,0x%08lx,%p,%p,%p) stub\n", policy, flags, count, names, domains, sids);
258 return STATUS_NONE_MAPPED;
259 }
260
261 /******************************************************************************
262 * LsaLookupSids [ADVAPI32.@]
263 *
264 * Looks up the names that correspond to an array of SIDs.
265 *
266 * PARAMS
267 * PolicyHandle [I] Handle to a Policy object.
268 * Count [I] Number of SIDs in the Sids array.
269 * Sids [I] Array of SIDs to lookup.
270 * ReferencedDomains [O] Array of domains where the sids were found.
271 * Names [O] Array of names corresponding to Sids.
272 *
273 * RETURNS
274 * Success: STATUS_SUCCESS,
275 * STATUS_SOME_NOT_MAPPED
276 * Failure: STATUS_NONE_MAPPED or NTSTATUS code.
277 */
278 NTSTATUS WINAPI LsaLookupSids(
279 IN LSA_HANDLE PolicyHandle,
280 IN ULONG Count,
281 IN PSID *Sids,
282 OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
283 OUT PLSA_TRANSLATED_NAME *Names )
284 {
285 FIXME("(%p,%lu,%p,%p,%p) stub\n", PolicyHandle, Count, Sids,
286 ReferencedDomains, Names);
287
288 return STATUS_NONE_MAPPED;
289 }
290
291 /******************************************************************************
292 * LsaNtStatusToWinError [ADVAPI32.@]
293 *
294 * Converts an LSA NTSTATUS code to a Windows error code.
295 *
296 * PARAMS
297 * Status [I] NTSTATUS code.
298 *
299 * RETURNS
300 * Success: Corresponding Windows error code.
301 * Failure: ERROR_MR_MID_NOT_FOUND.
302 */
303 ULONG WINAPI LsaNtStatusToWinError(NTSTATUS Status)
304 {
305 return RtlNtStatusToDosError(Status);
306 }
307
308 /******************************************************************************
309 * LsaOpenPolicy [ADVAPI32.@]
310 *
311 * Opens a handle to the Policy object on a local or remote system.
312 *
313 * PARAMS
314 * SystemName [I] Name of the target system.
315 * ObjectAttributes [I] Connection attributes.
316 * DesiredAccess [I] Requested access rights.
317 * PolicyHandle [I/O] Handle to the Policy object.
318 *
319 * RETURNS
320 * Success: STATUS_SUCCESS.
321 * Failure: NTSTATUS code.
322 *
323 * NOTES
324 * Set SystemName to NULL to open the local Policy object.
325 */
326 NTSTATUS WINAPI LsaOpenPolicy(
327 IN PLSA_UNICODE_STRING SystemName,
328 IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
329 IN ACCESS_MASK DesiredAccess,
330 IN OUT PLSA_HANDLE PolicyHandle)
331 {
332 FIXME("(%s,%p,0x%08lx,%p) stub\n",
333 SystemName?debugstr_w(SystemName->Buffer):"(null)",
334 ObjectAttributes, DesiredAccess, PolicyHandle);
335
336 ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
337 STATUS_ACCESS_VIOLATION);
338 dumpLsaAttributes(ObjectAttributes);
339
340 if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
341 return STATUS_SUCCESS;
342 }
343
344 /******************************************************************************
345 * LsaOpenTrustedDomainByName [ADVAPI32.@]
346 *
347 */
348 NTSTATUS WINAPI LsaOpenTrustedDomainByName(
349 LSA_HANDLE policy,
350 PLSA_UNICODE_STRING name,
351 ACCESS_MASK access,
352 PLSA_HANDLE handle)
353 {
354 FIXME("(%p,%p,0x%08lx,%p) stub\n", policy, name, access, handle);
355 return STATUS_OBJECT_NAME_NOT_FOUND;
356 }
357
358 /******************************************************************************
359 * LsaQueryInformationPolicy [ADVAPI32.@]
360 *
361 * Returns information about a Policy object.
362 *
363 * PARAMS
364 * PolicyHandle [I] Handle to a Policy object.
365 * InformationClass [I] Type of information to retrieve.
366 * Buffer [O] Pointer to the requested information.
367 *
368 * RETURNS
369 * Success: STATUS_SUCCESS.
370 * Failure: NTSTATUS code.
371 */
372 NTSTATUS WINAPI LsaQueryInformationPolicy(
373 IN LSA_HANDLE PolicyHandle,
374 IN POLICY_INFORMATION_CLASS InformationClass,
375 OUT PVOID *Buffer)
376 {
377 FIXME("(%p,0x%08x,%p) stub\n", PolicyHandle, InformationClass, Buffer);
378
379 if(!Buffer) return STATUS_INVALID_PARAMETER;
380 switch (InformationClass)
381 {
382 case PolicyAuditEventsInformation: /* 2 */
383 {
384 PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,
385 sizeof(POLICY_AUDIT_EVENTS_INFO));
386 p->AuditingMode = FALSE; /* no auditing */
387 *Buffer = p;
388 }
389 break;
390 case PolicyPrimaryDomainInformation: /* 3 */
391 case PolicyAccountDomainInformation: /* 5 */
392 {
393 struct di
394 {
395 POLICY_PRIMARY_DOMAIN_INFO ppdi;
396 SID sid;
397 };
398
399 SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
400
401 struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(*xdi));
402 HKEY key;
403 BOOL useDefault = TRUE;
404 LONG ret;
405
406 if ((ret = RegOpenKeyExA(HKEY_LOCAL_MACHINE,
407 "System\\CurrentControlSet\\Services\\VxD\\VNETSUP", 0,
408 KEY_READ, &key)) == ERROR_SUCCESS)
409 {
410 DWORD size = 0;
411 static const WCHAR wg[] = { 'W','o','r','k','g','r','o','u','p',0 };
412
413 ret = RegQueryValueExW(key, wg, NULL, NULL, NULL, &size);
414 if (ret == ERROR_MORE_DATA || ret == ERROR_SUCCESS)
415 {
416 xdi->ppdi.Name.Buffer = HeapAlloc(GetProcessHeap(),
417 HEAP_ZERO_MEMORY, size);
418
419 if ((ret = RegQueryValueExW(key, wg, NULL, NULL,
420 (LPBYTE)xdi->ppdi.Name.Buffer, &size)) == ERROR_SUCCESS)
421 {
422 xdi->ppdi.Name.Length = (USHORT)size;
423 useDefault = FALSE;
424 }
425 else
426 {
427 HeapFree(GetProcessHeap(), 0, xdi->ppdi.Name.Buffer);
428 xdi->ppdi.Name.Buffer = NULL;
429 }
430 }
431 RegCloseKey(key);
432 }
433 if (useDefault)
434 RtlCreateUnicodeStringFromAsciiz(&(xdi->ppdi.Name), "DOMAIN");
435
436 TRACE("setting domain to %s\n", debugstr_w(xdi->ppdi.Name.Buffer));
437
438 xdi->ppdi.Sid = &(xdi->sid);
439 xdi->sid.Revision = SID_REVISION;
440 xdi->sid.SubAuthorityCount = 1;
441 xdi->sid.IdentifierAuthority = localSidAuthority;
442 xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
443 *Buffer = xdi;
444 }
445 break;
446 case PolicyAuditLogInformation:
447 case PolicyPdAccountInformation:
448 case PolicyLsaServerRoleInformation:
449 case PolicyReplicaSourceInformation:
450 case PolicyDefaultQuotaInformation:
451 case PolicyModificationInformation:
452 case PolicyAuditFullSetInformation:
453 case PolicyAuditFullQueryInformation:
454 case PolicyDnsDomainInformation:
455 {
456 FIXME("category not implemented\n");
457 return STATUS_UNSUCCESSFUL;
458 }
459 }
460 return STATUS_SUCCESS;
461 }
462
463 /******************************************************************************
464 * LsaQueryTrustedDomainInfo [ADVAPI32.@]
465 *
466 */
467 NTSTATUS WINAPI LsaQueryTrustedDomainInfo(
468 LSA_HANDLE policy,
469 PSID sid,
470 TRUSTED_INFORMATION_CLASS class,
471 PVOID *buffer)
472 {
473 FIXME("(%p,%p,%d,%p) stub\n", policy, sid, class, buffer);
474 return STATUS_OBJECT_NAME_NOT_FOUND;
475 }
476
477 /******************************************************************************
478 * LsaQueryTrustedDomainInfoByName [ADVAPI32.@]
479 *
480 */
481 NTSTATUS WINAPI LsaQueryTrustedDomainInfoByName(
482 LSA_HANDLE policy,
483 PLSA_UNICODE_STRING name,
484 TRUSTED_INFORMATION_CLASS class,
485 PVOID *buffer)
486 {
487 FIXME("(%p,%p,%d,%p) stub\n", policy, name, class, buffer);
488 return STATUS_OBJECT_NAME_NOT_FOUND;
489 }
490
491 /******************************************************************************
492 * LsaRegisterPolicyChangeNotification [ADVAPI32.@]
493 *
494 */
495 NTSTATUS WINAPI LsaRegisterPolicyChangeNotification(
496 POLICY_NOTIFICATION_INFORMATION_CLASS class,
497 HANDLE event)
498 {
499 FIXME("(%d,%p) stub\n", class, event);
500 return STATUS_UNSUCCESSFUL;
501 }
502
503 /******************************************************************************
504 * LsaRemoveAccountRights [ADVAPI32.@]
505 *
506 */
507 NTSTATUS WINAPI LsaRemoveAccountRights(
508 LSA_HANDLE policy,
509 PSID sid,
510 BOOLEAN all,
511 PLSA_UNICODE_STRING rights,
512 ULONG count)
513 {
514 FIXME("(%p,%p,%d,%p,0x%08lx) stub\n", policy, sid, all, rights, count);
515 return STATUS_SUCCESS;
516 }
517
518 /******************************************************************************
519 * LsaRetrievePrivateData [ADVAPI32.@]
520 *
521 * Retrieves data stored by LsaStorePrivateData.
522 *
523 * PARAMS
524 * PolicyHandle [I] Handle to a Policy object.
525 * KeyName [I] Name of the key where the data is stored.
526 * PrivateData [O] Pointer to the private data.
527 *
528 * RETURNS
529 * Success: STATUS_SUCCESS.
530 * Failure: STATUS_OBJECT_NAME_NOT_FOUND or NTSTATUS code.
531 */
532 NTSTATUS WINAPI LsaRetrievePrivateData(
533 IN LSA_HANDLE PolicyHandle,
534 IN PLSA_UNICODE_STRING KeyName,
535 OUT PLSA_UNICODE_STRING* PrivateData)
536 {
537 FIXME("(%p,%p,%p) stub\n", PolicyHandle, KeyName, PrivateData);
538 return STATUS_OBJECT_NAME_NOT_FOUND;
539 }
540
541 /******************************************************************************
542 * LsaSetInformationPolicy [ADVAPI32.@]
543 *
544 * Modifies information in a Policy object.
545 *
546 * PARAMS
547 * PolicyHandle [I] Handle to a Policy object.
548 * InformationClass [I] Type of information to set.
549 * Buffer [I] Pointer to the information to set.
550 *
551 * RETURNS
552 * Success: STATUS_SUCCESS.
553 * Failure: NTSTATUS code.
554 */
555 NTSTATUS WINAPI LsaSetInformationPolicy(
556 IN LSA_HANDLE PolicyHandle,
557 IN POLICY_INFORMATION_CLASS InformationClass,
558 IN PVOID Buffer)
559 {
560 FIXME("(%p,0x%08x,%p) stub\n", PolicyHandle, InformationClass, Buffer);
561
562 return STATUS_UNSUCCESSFUL;
563 }
564
565 /******************************************************************************
566 * LsaSetTrustedDomainInfoByName [ADVAPI32.@]
567 *
568 */
569 NTSTATUS WINAPI LsaSetTrustedDomainInfoByName(
570 LSA_HANDLE policy,
571 PLSA_UNICODE_STRING name,
572 TRUSTED_INFORMATION_CLASS class,
573 PVOID buffer)
574 {
575 FIXME("(%p,%p,%d,%p) stub\n", policy, name, class, buffer);
576 return STATUS_SUCCESS;
577 }
578
579 /******************************************************************************
580 * LsaSetTrustedDomainInformation [ADVAPI32.@]
581 *
582 */
583 NTSTATUS WINAPI LsaSetTrustedDomainInformation(
584 LSA_HANDLE policy,
585 PSID sid,
586 TRUSTED_INFORMATION_CLASS class,
587 PVOID buffer)
588 {
589 FIXME("(%p,%p,%d,%p) stub\n", policy, sid, class, buffer);
590 return STATUS_SUCCESS;
591 }
592
593 /******************************************************************************
594 * LsaStorePrivateData [ADVAPI32.@]
595 *
596 * Stores or deletes a Policy object's data under the specified reg key.
597 *
598 * PARAMS
599 * PolicyHandle [I] Handle to a Policy object.
600 * KeyName [I] Name of the key where the data will be stored.
601 * PrivateData [O] Pointer to the private data.
602 *
603 * RETURNS
604 * Success: STATUS_SUCCESS.
605 * Failure: STATUS_OBJECT_NAME_NOT_FOUND or NTSTATUS code.
606 */
607 NTSTATUS WINAPI LsaStorePrivateData(
608 IN LSA_HANDLE PolicyHandle,
609 IN PLSA_UNICODE_STRING KeyName,
610 IN PLSA_UNICODE_STRING PrivateData)
611 {
612 FIXME("(%p,%p,%p) stub\n", PolicyHandle, KeyName, PrivateData);
613 return STATUS_OBJECT_NAME_NOT_FOUND;
614 }
615
616 /******************************************************************************
617 * LsaUnregisterPolicyChangeNotification [ADVAPI32.@]
618 *
619 */
620 NTSTATUS WINAPI LsaUnregisterPolicyChangeNotification(
621 POLICY_NOTIFICATION_INFORMATION_CLASS class,
622 HANDLE event)
623 {
624 FIXME("(%d,%p) stub\n", class, event);
625 return STATUS_SUCCESS;
626 }
Work in progress by Kai Blin