search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Make 'exist' in wcmd handle both file and directories.
[wine/wine64.git] / dlls / advapi32 / security.c
blob6b12d94e5eb81b31683c2d5b844f7f913f1ab672
1 /*
2 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
3 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 *
19 */
20
21 #include <stdarg.h>
22 #include <string.h>
23
24 #include "windef.h"
25 #include "winbase.h"
26 #include "winerror.h"
27 #include "rpcnterr.h"
28 #include "winreg.h"
29 #include "winternl.h"
30 #include "ntstatus.h"
31 #include "ntsecapi.h"
32 #include "accctrl.h"
33 #include "sddl.h"
34 #include "winsvc.h"
35 #include "aclapi.h"
36
37 #include "wine/debug.h"
38 #include "wine/unicode.h"
39
40 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
41
42 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes);
43 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
44 PACL pAcl, LPDWORD cBytes);
45 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl);
46 static BYTE ParseAceStringType(LPCWSTR* StringAcl);
47 static DWORD ParseAceStringRights(LPCWSTR* StringAcl);
48 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
49 LPCWSTR StringSecurityDescriptor,
50 SECURITY_DESCRIPTOR* SecurityDescriptor,
51 LPDWORD cBytes);
52 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl);
53
54 typedef struct _ACEFLAG
55 {
56 LPCWSTR wstr;
57 DWORD value;
58 } ACEFLAG, *LPACEFLAG;
59
60 /*
61 * ACE access rights
62 */
63 static const WCHAR SDDL_READ_CONTROL[] = {'R','C',0};
64 static const WCHAR SDDL_WRITE_DAC[] = {'W','D',0};
65 static const WCHAR SDDL_WRITE_OWNER[] = {'W','O',0};
66 static const WCHAR SDDL_STANDARD_DELETE[] = {'S','D',0};
67 static const WCHAR SDDL_GENERIC_ALL[] = {'G','A',0};
68 static const WCHAR SDDL_GENERIC_READ[] = {'G','R',0};
69 static const WCHAR SDDL_GENERIC_WRITE[] = {'G','W',0};
70 static const WCHAR SDDL_GENERIC_EXECUTE[] = {'G','X',0};
71
72 /*
73 * ACE types
74 */
75 static const WCHAR SDDL_ACCESS_ALLOWED[] = {'A',0};
76 static const WCHAR SDDL_ACCESS_DENIED[] = {'D',0};
77 static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[] = {'O','A',0};
78 static const WCHAR SDDL_OBJECT_ACCESS_DENIED[] = {'O','D',0};
79 static const WCHAR SDDL_AUDIT[] = {'A','U',0};
80 static const WCHAR SDDL_ALARM[] = {'A','L',0};
81 static const WCHAR SDDL_OBJECT_AUDIT[] = {'O','U',0};
82 static const WCHAR SDDL_OBJECT_ALARMp[] = {'O','L',0};
83
84 /*
85 * ACE flags
86 */
87 static const WCHAR SDDL_CONTAINER_INHERIT[] = {'C','I',0};
88 static const WCHAR SDDL_OBJECT_INHERIT[] = {'O','I',0};
89 static const WCHAR SDDL_NO_PROPAGATE[] = {'N','P',0};
90 static const WCHAR SDDL_INHERIT_ONLY[] = {'I','O',0};
91 static const WCHAR SDDL_INHERITED[] = {'I','D',0};
92 static const WCHAR SDDL_AUDIT_SUCCESS[] = {'S','A',0};
93 static const WCHAR SDDL_AUDIT_FAILURE[] = {'F','A',0};
94
95 /* set last error code from NT status and get the proper boolean return value */
96 /* used for functions that are a simple wrapper around the corresponding ntdll API */
97 static inline BOOL set_ntstatus( NTSTATUS status )
98 {
99 if (status) SetLastError( RtlNtStatusToDosError( status ));
100 return !status;
101 }
102
103 static void dumpLsaAttributes( PLSA_OBJECT_ATTRIBUTES oa )
104 {
105 if (oa)
106 {
107 TRACE("\n\tlength=%lu, rootdir=%p, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
108 oa->Length, oa->RootDirectory,
109 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
110 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
111 }
112 }
113
114 /************************************************************
115 * ADVAPI_IsLocalComputer
116 *
117 * Checks whether the server name indicates local machine.
118 */
119 BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
120 {
121 if (!ServerName)
122 {
123 return TRUE;
124 }
125 else if (!ServerName[0])
126 {
127 return TRUE;
128 }
129 else
130 {
131 DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
132 BOOL Result;
133 LPWSTR buf;
134
135 buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
136 Result = GetComputerNameW(buf, &dwSize);
137 if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
138 ServerName += 2;
139 Result = Result && !lstrcmpW(ServerName, buf);
140 HeapFree(GetProcessHeap(), 0, buf);
141
142 return Result;
143 }
144 }
145
146 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
147 if (!ADVAPI_IsLocalComputer(ServerName)) \
148 { \
149 FIXME("Action Implemented for local computer only. " \
150 "Requested for server %s\n", debugstr_w(ServerName)); \
151 return FailureCode; \
152 }
153
154 /* ##############################
155 ###### TOKEN FUNCTIONS ######
156 ##############################
157 */
158
159 /******************************************************************************
160 * OpenProcessToken [ADVAPI32.@]
161 * Opens the access token associated with a process handle.
162 *
163 * PARAMS
164 * ProcessHandle [I] Handle to process
165 * DesiredAccess [I] Desired access to process
166 * TokenHandle [O] Pointer to handle of open access token
167 *
168 * RETURNS
169 * Success: TRUE. TokenHandle contains the access token.
170 * Failure: FALSE.
171 *
172 * NOTES
173 * See NtOpenProcessToken.
174 */
175 BOOL WINAPI
176 OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
177 HANDLE *TokenHandle )
178 {
179 return set_ntstatus(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
180 }
181
182 /******************************************************************************
183 * OpenThreadToken [ADVAPI32.@]
184 *
185 * Opens the access token associated with a thread handle.
186 *
187 * PARAMS
188 * ThreadHandle [I] Handle to process
189 * DesiredAccess [I] Desired access to the thread
190 * OpenAsSelf [I] ???
191 * TokenHandle [O] Destination for the token handle
192 *
193 * RETURNS
194 * Success: TRUE. TokenHandle contains the access token.
195 * Failure: FALSE.
196 *
197 * NOTES
198 * See NtOpenThreadToken.
199 */
200 BOOL WINAPI
201 OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
202 BOOL OpenAsSelf, HANDLE *TokenHandle)
203 {
204 return set_ntstatus( NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
205 }
206
207 BOOL WINAPI
208 AdjustTokenGroups( HANDLE TokenHandle, BOOL ResetToDefault, PTOKEN_GROUPS NewState,
209 DWORD BufferLength, PTOKEN_GROUPS PreviousState, PDWORD ReturnLength )
210 {
211 return set_ntstatus( NtAdjustGroupsToken(TokenHandle, ResetToDefault, NewState, BufferLength,
212 PreviousState, ReturnLength));
213 }
214
215 /******************************************************************************
216 * AdjustTokenPrivileges [ADVAPI32.@]
217 *
218 * Adjust the privileges of an open token handle.
219 *
220 * PARAMS
221 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
222 * DisableAllPrivileges [I] TRUE=Remove all privileges, FALSE=Use NewState
223 * NewState [I] Desired new privileges of the token
224 * BufferLength [I] Length of NewState
225 * PreviousState [O] Destination for the previous state
226 * ReturnLength [I/O] Size of PreviousState
227 *
228 *
229 * RETURNS
230 * Success: TRUE. Privileges are set to NewState and PreviousState is updated.
231 * Failure: FALSE.
232 *
233 * NOTES
234 * See NtAdjustPrivilegesToken.
235 */
236 BOOL WINAPI
237 AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
238 LPVOID NewState, DWORD BufferLength,
239 LPVOID PreviousState, LPDWORD ReturnLength )
240 {
241 NTSTATUS status;
242
243 TRACE("\n");
244
245 status = NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges,
246 NewState, BufferLength, PreviousState,
247 ReturnLength);
248 SetLastError( RtlNtStatusToDosError( status ));
249 if ((status == STATUS_SUCCESS) || (status == STATUS_NOT_ALL_ASSIGNED))
250 return TRUE;
251 else
252 return FALSE;
253 }
254
255 /******************************************************************************
256 * CheckTokenMembership [ADVAPI32.@]
257 *
258 * Determine if an access token is a member of a SID.
259 *
260 * PARAMS
261 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
262 * SidToCheck [I] SID that possibly contains the token
263 * IsMember [O] Destination for result.
264 *
265 * RETURNS
266 * Success: TRUE. IsMember is TRUE if TokenHandle is a member, FALSE otherwise.
267 * Failure: FALSE.
268 */
269 BOOL WINAPI
270 CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
271 PBOOL IsMember )
272 {
273 FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
274
275 *IsMember = TRUE;
276 return(TRUE);
277 }
278
279 /******************************************************************************
280 * GetTokenInformation [ADVAPI32.@]
281 *
282 * PARAMS
283 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
284 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
285 * tokeninfo [O] Destination for token information
286 * tokeninfolength [I] Length of tokeninfo
287 * retlen [O] Destination for returned token information length
288 *
289 * RETURNS
290 * Success: TRUE. tokeninfo contains retlen bytes of token information
291 * Failure: FALSE.
292 *
293 * NOTES
294 * See NtQueryInformationToken.
295 */
296 BOOL WINAPI
297 GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
298 LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
299 {
300 TRACE("(%p, %s, %p, %ld, %p): \n",
301 token,
302 (tokeninfoclass == TokenUser) ? "TokenUser" :
303 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
304 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
305 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
306 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
307 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
308 (tokeninfoclass == TokenSource) ? "TokenSource" :
309 (tokeninfoclass == TokenType) ? "TokenType" :
310 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
311 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
312 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
313 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
314 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
315 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
316 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
317 "Unknown",
318 tokeninfo, tokeninfolength, retlen);
319 return set_ntstatus( NtQueryInformationToken( token, tokeninfoclass, tokeninfo,
320 tokeninfolength, retlen));
321 }
322
323 /******************************************************************************
324 * SetTokenInformation [ADVAPI32.@]
325 *
326 * Set information for an access token.
327 *
328 * PARAMS
329 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
330 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
331 * tokeninfo [I] Token information to set
332 * tokeninfolength [I] Length of tokeninfo
333 *
334 * RETURNS
335 * Success: TRUE. The information for the token is set to tokeninfo.
336 * Failure: FALSE.
337 */
338 BOOL WINAPI
339 SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
340 LPVOID tokeninfo, DWORD tokeninfolength )
341 {
342 TRACE("(%p, %s, %p, %ld): stub\n",
343 token,
344 (tokeninfoclass == TokenUser) ? "TokenUser" :
345 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
346 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
347 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
348 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
349 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
350 (tokeninfoclass == TokenSource) ? "TokenSource" :
351 (tokeninfoclass == TokenType) ? "TokenType" :
352 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
353 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
354 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
355 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
356 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
357 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
358 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
359 "Unknown",
360 tokeninfo, tokeninfolength);
361
362 return set_ntstatus( NtSetInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength ));
363 }
364
365 /*************************************************************************
366 * SetThreadToken [ADVAPI32.@]
367 *
368 * Assigns an 'impersonation token' to a thread so it can assume the
369 * security privileges of another thread or process. Can also remove
370 * a previously assigned token.
371 *
372 * PARAMS
373 * thread [O] Handle to thread to set the token for
374 * token [I] Token to set
375 *
376 * RETURNS
377 * Success: TRUE. The threads access token is set to token
378 * Failure: FALSE.
379 *
380 * NOTES
381 * Only supported on NT or higher. On Win9X this function does nothing.
382 * See SetTokenInformation.
383 */
384 BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
385 {
386 return set_ntstatus( NtSetInformationThread( thread ? *thread : GetCurrentThread(),
387 ThreadImpersonationToken, &token, sizeof token ));
388 }
389
390 /* ##############################
391 ###### SID FUNCTIONS ######
392 ##############################
393 */
394
395 /******************************************************************************
396 * AllocateAndInitializeSid [ADVAPI32.@]
397 *
398 * PARAMS
399 * pIdentifierAuthority []
400 * nSubAuthorityCount []
401 * nSubAuthority0 []
402 * nSubAuthority1 []
403 * nSubAuthority2 []
404 * nSubAuthority3 []
405 * nSubAuthority4 []
406 * nSubAuthority5 []
407 * nSubAuthority6 []
408 * nSubAuthority7 []
409 * pSid []
410 */
411 BOOL WINAPI
412 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
413 BYTE nSubAuthorityCount,
414 DWORD nSubAuthority0, DWORD nSubAuthority1,
415 DWORD nSubAuthority2, DWORD nSubAuthority3,
416 DWORD nSubAuthority4, DWORD nSubAuthority5,
417 DWORD nSubAuthority6, DWORD nSubAuthority7,
418 PSID *pSid )
419 {
420 return set_ntstatus( RtlAllocateAndInitializeSid(
421 pIdentifierAuthority, nSubAuthorityCount,
422 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
423 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
424 pSid ));
425 }
426
427 /******************************************************************************
428 * FreeSid [ADVAPI32.@]
429 *
430 * PARAMS
431 * pSid []
432 */
433 PVOID WINAPI
434 FreeSid( PSID pSid )
435 {
436 RtlFreeSid(pSid);
437 return NULL; /* is documented like this */
438 }
439
440 /******************************************************************************
441 * CopySid [ADVAPI32.@]
442 *
443 * PARAMS
444 * nDestinationSidLength []
445 * pDestinationSid []
446 * pSourceSid []
447 */
448 BOOL WINAPI
449 CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
450 {
451 return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
452 }
453
454 BOOL WINAPI
455 IsTokenRestricted( HANDLE TokenHandle )
456 {
457 FIXME("%p - stub\n", TokenHandle);
458
459 return FALSE;
460 }
461
462 /******************************************************************************
463 * IsValidSid [ADVAPI32.@]
464 *
465 * PARAMS
466 * pSid []
467 */
468 BOOL WINAPI
469 IsValidSid( PSID pSid )
470 {
471 return RtlValidSid( pSid );
472 }
473
474 /******************************************************************************
475 * EqualSid [ADVAPI32.@]
476 *
477 * PARAMS
478 * pSid1 []
479 * pSid2 []
480 */
481 BOOL WINAPI
482 EqualSid( PSID pSid1, PSID pSid2 )
483 {
484 return RtlEqualSid( pSid1, pSid2 );
485 }
486
487 /******************************************************************************
488 * EqualPrefixSid [ADVAPI32.@]
489 */
490 BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
491 {
492 return RtlEqualPrefixSid(pSid1, pSid2);
493 }
494
495 /******************************************************************************
496 * GetSidLengthRequired [ADVAPI32.@]
497 *
498 * PARAMS
499 * nSubAuthorityCount []
500 */
501 DWORD WINAPI
502 GetSidLengthRequired( BYTE nSubAuthorityCount )
503 {
504 return RtlLengthRequiredSid(nSubAuthorityCount);
505 }
506
507 /******************************************************************************
508 * InitializeSid [ADVAPI32.@]
509 *
510 * PARAMS
511 * pIdentifierAuthority []
512 */
513 BOOL WINAPI
514 InitializeSid (
515 PSID pSid,
516 PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
517 BYTE nSubAuthorityCount)
518 {
519 return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
520 }
521
522 DWORD WINAPI
523 GetEffectiveRightsFromAclA( PACL pacl, PTRUSTEEA pTrustee, PACCESS_MASK pAccessRights )
524 {
525 FIXME("%p %p %p - stub\n", pacl, pTrustee, pAccessRights);
526
527 return 1;
528 }
529
530 DWORD WINAPI
531 GetEffectiveRightsFromAclW( PACL pacl, PTRUSTEEW pTrustee, PACCESS_MASK pAccessRights )
532 {
533 FIXME("%p %p %p - stub\n", pacl, pTrustee, pAccessRights);
534
535 return 1;
536 }
537
538 /******************************************************************************
539 * GetSidIdentifierAuthority [ADVAPI32.@]
540 *
541 * PARAMS
542 * pSid []
543 */
544 PSID_IDENTIFIER_AUTHORITY WINAPI
545 GetSidIdentifierAuthority( PSID pSid )
546 {
547 return RtlIdentifierAuthoritySid(pSid);
548 }
549
550 /******************************************************************************
551 * GetSidSubAuthority [ADVAPI32.@]
552 *
553 * PARAMS
554 * pSid []
555 * nSubAuthority []
556 */
557 PDWORD WINAPI
558 GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
559 {
560 return RtlSubAuthoritySid(pSid, nSubAuthority);
561 }
562
563 /******************************************************************************
564 * GetSidSubAuthorityCount [ADVAPI32.@]
565 *
566 * PARAMS
567 * pSid []
568 */
569 PUCHAR WINAPI
570 GetSidSubAuthorityCount (PSID pSid)
571 {
572 return RtlSubAuthorityCountSid(pSid);
573 }
574
575 /******************************************************************************
576 * GetLengthSid [ADVAPI32.@]
577 *
578 * PARAMS
579 * pSid []
580 */
581 DWORD WINAPI
582 GetLengthSid (PSID pSid)
583 {
584 return RtlLengthSid(pSid);
585 }
586
587 /* ##############################################
588 ###### SECURITY DESCRIPTOR FUNCTIONS ######
589 ##############################################
590 */
591
592 /******************************************************************************
593 * InitializeSecurityDescriptor [ADVAPI32.@]
594 *
595 * PARAMS
596 * pDescr []
597 * revision []
598 */
599 BOOL WINAPI
600 InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR pDescr, DWORD revision )
601 {
602 return set_ntstatus( RtlCreateSecurityDescriptor(pDescr, revision ));
603 }
604
605
606 /******************************************************************************
607 * MakeAbsoluteSD [ADVAPI32.@]
608 */
609 BOOL WINAPI MakeAbsoluteSD (
610 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
611 OUT PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
612 OUT LPDWORD lpdwAbsoluteSecurityDescriptorSize,
613 OUT PACL pDacl,
614 OUT LPDWORD lpdwDaclSize,
615 OUT PACL pSacl,
616 OUT LPDWORD lpdwSaclSize,
617 OUT PSID pOwner,
618 OUT LPDWORD lpdwOwnerSize,
619 OUT PSID pPrimaryGroup,
620 OUT LPDWORD lpdwPrimaryGroupSize)
621 {
622 return set_ntstatus( RtlSelfRelativeToAbsoluteSD(pSelfRelativeSecurityDescriptor,
623 pAbsoluteSecurityDescriptor,
624 lpdwAbsoluteSecurityDescriptorSize,
625 pDacl, lpdwDaclSize, pSacl, lpdwSaclSize,
626 pOwner, lpdwOwnerSize,
627 pPrimaryGroup, lpdwPrimaryGroupSize));
628 }
629
630 BOOL WINAPI GetKernelObjectSecurity(
631 HANDLE Handle,
632 SECURITY_INFORMATION RequestedInformation,
633 PSECURITY_DESCRIPTOR pSecurityDescriptor,
634 DWORD nLength,
635 LPDWORD lpnLengthNeeded )
636 {
637 FIXME("%p 0x%08lx %p 0x%08lx %p - stub\n", Handle, RequestedInformation,
638 pSecurityDescriptor, nLength, lpnLengthNeeded);
639
640 return FALSE;
641 }
642
643 BOOL WINAPI GetPrivateObjectSecurity(
644 PSECURITY_DESCRIPTOR ObjectDescriptor,
645 SECURITY_INFORMATION SecurityInformation,
646 PSECURITY_DESCRIPTOR ResultantDescriptor,
647 DWORD DescriptorLength,
648 PDWORD ReturnLength )
649 {
650 FIXME("%p 0x%08lx %p 0x%08lx %p - stub\n", ObjectDescriptor, SecurityInformation,
651 ResultantDescriptor, DescriptorLength, ReturnLength);
652
653 return FALSE;
654 }
655
656 /******************************************************************************
657 * GetSecurityDescriptorLength [ADVAPI32.@]
658 */
659 DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR pDescr)
660 {
661 return RtlLengthSecurityDescriptor(pDescr);
662 }
663
664 /******************************************************************************
665 * GetSecurityDescriptorOwner [ADVAPI32.@]
666 *
667 * PARAMS
668 * pOwner []
669 * lpbOwnerDefaulted []
670 */
671 BOOL WINAPI
672 GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pDescr, PSID *pOwner,
673 LPBOOL lpbOwnerDefaulted )
674 {
675 BOOLEAN defaulted;
676 BOOL ret = set_ntstatus( RtlGetOwnerSecurityDescriptor( pDescr, pOwner, &defaulted ));
677 *lpbOwnerDefaulted = defaulted;
678 return ret;
679 }
680
681 /******************************************************************************
682 * SetSecurityDescriptorOwner [ADVAPI32.@]
683 *
684 * PARAMS
685 */
686 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
687 PSID pOwner, BOOL bOwnerDefaulted)
688 {
689 return set_ntstatus( RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
690 }
691 /******************************************************************************
692 * GetSecurityDescriptorGroup [ADVAPI32.@]
693 */
694 BOOL WINAPI GetSecurityDescriptorGroup(
695 PSECURITY_DESCRIPTOR SecurityDescriptor,
696 PSID *Group,
697 LPBOOL GroupDefaulted)
698 {
699 BOOLEAN defaulted;
700 BOOL ret = set_ntstatus( RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, &defaulted ));
701 *GroupDefaulted = defaulted;
702 return ret;
703 }
704 /******************************************************************************
705 * SetSecurityDescriptorGroup [ADVAPI32.@]
706 */
707 BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
708 PSID Group, BOOL GroupDefaulted)
709 {
710 return set_ntstatus( RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
711 }
712
713 /******************************************************************************
714 * IsValidSecurityDescriptor [ADVAPI32.@]
715 *
716 * PARAMS
717 * lpsecdesc []
718 */
719 BOOL WINAPI
720 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
721 {
722 return set_ntstatus( RtlValidSecurityDescriptor(SecurityDescriptor));
723 }
724
725 /******************************************************************************
726 * GetSecurityDescriptorDacl [ADVAPI32.@]
727 */
728 BOOL WINAPI GetSecurityDescriptorDacl(
729 IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
730 OUT LPBOOL lpbDaclPresent,
731 OUT PACL *pDacl,
732 OUT LPBOOL lpbDaclDefaulted)
733 {
734 BOOLEAN present, defaulted;
735 BOOL ret = set_ntstatus( RtlGetDaclSecurityDescriptor(pSecurityDescriptor, &present, pDacl, &defaulted));
736 *lpbDaclPresent = present;
737 *lpbDaclDefaulted = defaulted;
738 return ret;
739 }
740
741 /******************************************************************************
742 * SetSecurityDescriptorDacl [ADVAPI32.@]
743 */
744 BOOL WINAPI
745 SetSecurityDescriptorDacl (
746 PSECURITY_DESCRIPTOR lpsd,
747 BOOL daclpresent,
748 PACL dacl,
749 BOOL dacldefaulted )
750 {
751 return set_ntstatus( RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ) );
752 }
753 /******************************************************************************
754 * GetSecurityDescriptorSacl [ADVAPI32.@]
755 */
756 BOOL WINAPI GetSecurityDescriptorSacl(
757 IN PSECURITY_DESCRIPTOR lpsd,
758 OUT LPBOOL lpbSaclPresent,
759 OUT PACL *pSacl,
760 OUT LPBOOL lpbSaclDefaulted)
761 {
762 BOOLEAN present, defaulted;
763 BOOL ret = set_ntstatus( RtlGetSaclSecurityDescriptor(lpsd, &present, pSacl, &defaulted) );
764 *lpbSaclPresent = present;
765 *lpbSaclDefaulted = defaulted;
766 return ret;
767 }
768
769 /**************************************************************************
770 * SetSecurityDescriptorSacl [ADVAPI32.@]
771 */
772 BOOL WINAPI SetSecurityDescriptorSacl (
773 PSECURITY_DESCRIPTOR lpsd,
774 BOOL saclpresent,
775 PACL lpsacl,
776 BOOL sacldefaulted)
777 {
778 return set_ntstatus (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
779 }
780 /******************************************************************************
781 * MakeSelfRelativeSD [ADVAPI32.@]
782 *
783 * PARAMS
784 * lpabssecdesc []
785 * lpselfsecdesc []
786 * lpbuflen []
787 */
788 BOOL WINAPI
789 MakeSelfRelativeSD(
790 IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
791 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
792 IN OUT LPDWORD lpdwBufferLength)
793 {
794 return set_ntstatus( RtlMakeSelfRelativeSD( pAbsoluteSecurityDescriptor,
795 pSelfRelativeSecurityDescriptor, lpdwBufferLength));
796 }
797
798 /******************************************************************************
799 * GetSecurityDescriptorControl [ADVAPI32.@]
800 */
801
802 BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR pSecurityDescriptor,
803 PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
804 {
805 return set_ntstatus( RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
806 }
807
808 /* ##############################
809 ###### ACL FUNCTIONS ######
810 ##############################
811 */
812
813 /*************************************************************************
814 * InitializeAcl [ADVAPI32.@]
815 */
816 BOOL WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
817 {
818 return set_ntstatus( RtlCreateAcl(acl, size, rev));
819 }
820
821 BOOL WINAPI ImpersonateNamedPipeClient( HANDLE hNamedPipe )
822 {
823 FIXME("%p - stub\n", hNamedPipe);
824
825 return FALSE;
826 }
827
828 /******************************************************************************
829 * AddAccessAllowedAce [ADVAPI32.@]
830 */
831 BOOL WINAPI AddAccessAllowedAce(
832 IN OUT PACL pAcl,
833 IN DWORD dwAceRevision,
834 IN DWORD AccessMask,
835 IN PSID pSid)
836 {
837 return set_ntstatus(RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid));
838 }
839
840 /******************************************************************************
841 * AddAccessAllowedAceEx [ADVAPI32.@]
842 */
843 BOOL WINAPI AddAccessAllowedAceEx(
844 IN OUT PACL pAcl,
845 IN DWORD dwAceRevision,
846 IN DWORD AceFlags,
847 IN DWORD AccessMask,
848 IN PSID pSid)
849 {
850 return set_ntstatus(RtlAddAccessAllowedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
851 }
852
853 /******************************************************************************
854 * AddAccessDeniedAce [ADVAPI32.@]
855 */
856 BOOL WINAPI AddAccessDeniedAce(
857 IN OUT PACL pAcl,
858 IN DWORD dwAceRevision,
859 IN DWORD AccessMask,
860 IN PSID pSid)
861 {
862 return set_ntstatus(RtlAddAccessDeniedAce(pAcl, dwAceRevision, AccessMask, pSid));
863 }
864
865 /******************************************************************************
866 * AddAccessDeniedAceEx [ADVAPI32.@]
867 */
868 BOOL WINAPI AddAccessDeniedAceEx(
869 IN OUT PACL pAcl,
870 IN DWORD dwAceRevision,
871 IN DWORD AceFlags,
872 IN DWORD AccessMask,
873 IN PSID pSid)
874 {
875 return set_ntstatus(RtlAddAccessDeniedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
876 }
877
878 /******************************************************************************
879 * AddAce [ADVAPI32.@]
880 */
881 BOOL WINAPI AddAce(
882 IN OUT PACL pAcl,
883 IN DWORD dwAceRevision,
884 IN DWORD dwStartingAceIndex,
885 LPVOID pAceList,
886 DWORD nAceListLength)
887 {
888 return set_ntstatus(RtlAddAce(pAcl, dwAceRevision, dwStartingAceIndex, pAceList, nAceListLength));
889 }
890
891 /******************************************************************************
892 * DeleteAce [ADVAPI32.@]
893 */
894 BOOL WINAPI DeleteAce(PACL pAcl, DWORD dwAceIndex)
895 {
896 return set_ntstatus(RtlDeleteAce(pAcl, dwAceIndex));
897 }
898
899 /******************************************************************************
900 * FindFirstFreeAce [ADVAPI32.@]
901 */
902 BOOL WINAPI FindFirstFreeAce(IN PACL pAcl, LPVOID * pAce)
903 {
904 return RtlFirstFreeAce(pAcl, (PACE_HEADER *)pAce);
905 }
906
907 /******************************************************************************
908 * GetAce [ADVAPI32.@]
909 */
910 BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
911 {
912 return set_ntstatus(RtlGetAce(pAcl, dwAceIndex, pAce));
913 }
914
915 /******************************************************************************
916 * GetAclInformation [ADVAPI32.@]
917 */
918 BOOL WINAPI GetAclInformation(
919 PACL pAcl,
920 LPVOID pAclInformation,
921 DWORD nAclInformationLength,
922 ACL_INFORMATION_CLASS dwAclInformationClass)
923 {
924 return set_ntstatus(RtlQueryInformationAcl(pAcl, pAclInformation,
925 nAclInformationLength, dwAclInformationClass));
926 }
927
928 /******************************************************************************
929 * IsValidAcl [ADVAPI32.@]
930 */
931 BOOL WINAPI IsValidAcl(IN PACL pAcl)
932 {
933 return RtlValidAcl(pAcl);
934 }
935
936 /* ##############################
937 ###### MISC FUNCTIONS ######
938 ##############################
939 */
940
941 /******************************************************************************
942 * AllocateLocallyUniqueId [ADVAPI32.@]
943 *
944 * PARAMS
945 * lpLuid []
946 */
947 BOOL WINAPI AllocateLocallyUniqueId( PLUID lpLuid )
948 {
949 return set_ntstatus(NtAllocateLocallyUniqueId(lpLuid));
950 }
951
952 static const WCHAR SE_CREATE_TOKEN_NAME_W[] =
953 { 'S','e','C','r','e','a','t','e','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
954 static const WCHAR SE_ASSIGNPRIMARYTOKEN_NAME_W[] =
955 { 'S','e','A','s','s','i','g','n','P','r','i','m','a','r','y','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
956 static const WCHAR SE_LOCK_MEMORY_NAME_W[] =
957 { 'S','e','L','o','c','k','M','e','m','o','r','y','P','r','i','v','i','l','e','g','e',0 };
958 static const WCHAR SE_INCREASE_QUOTA_NAME_W[] =
959 { 'S','e','I','n','c','r','e','a','s','e','Q','u','o','t','a','P','r','i','v','i','l','e','g','e',0 };
960 static const WCHAR SE_MACHINE_ACCOUNT_NAME_W[] =
961 { 'S','e','M','a','c','h','i','n','e','A','c','c','o','u','n','t','P','r','i','v','i','l','e','g','e',0 };
962 static const WCHAR SE_TCB_NAME_W[] =
963 { 'S','e','T','c','b','P','r','i','v','i','l','e','g','e',0 };
964 static const WCHAR SE_SECURITY_NAME_W[] =
965 { 'S','e','S','e','c','u','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
966 static const WCHAR SE_TAKE_OWNERSHIP_NAME_W[] =
967 { 'S','e','T','a','k','e','O','w','n','e','r','s','h','i','p','P','r','i','v','i','l','e','g','e',0 };
968 static const WCHAR SE_LOAD_DRIVER_NAME_W[] =
969 { 'S','e','L','o','a','d','D','r','i','v','e','r','P','r','i','v','i','l','e','g','e',0 };
970 static const WCHAR SE_SYSTEM_PROFILE_NAME_W[] =
971 { 'S','e','S','y','s','t','e','m','P','r','o','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
972 static const WCHAR SE_SYSTEMTIME_NAME_W[] =
973 { 'S','e','S','y','s','t','e','m','t','i','m','e','P','r','i','v','i','l','e','g','e',0 };
974 static const WCHAR SE_PROF_SINGLE_PROCESS_NAME_W[] =
975 { 'S','e','P','r','o','f','i','l','e','S','i','n','g','l','e','P','r','o','c','e','s','s','P','r','i','v','i','l','e','g','e',0 };
976 static const WCHAR SE_INC_BASE_PRIORITY_NAME_W[] =
977 { 'S','e','I','n','c','r','e','a','s','e','B','a','s','e','P','r','i','o','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
978 static const WCHAR SE_CREATE_PAGEFILE_NAME_W[] =
979 { 'S','e','C','r','e','a','t','e','P','a','g','e','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
980 static const WCHAR SE_CREATE_PERMANENT_NAME_W[] =
981 { 'S','e','C','r','e','a','t','e','P','e','r','m','a','n','e','n','t','P','r','i','v','i','l','e','g','e',0 };
982 static const WCHAR SE_BACKUP_NAME_W[] =
983 { 'S','e','B','a','c','k','u','p','P','r','i','v','i','l','e','g','e',0 };
984 static const WCHAR SE_RESTORE_NAME_W[] =
985 { 'S','e','R','e','s','t','o','r','e','P','r','i','v','i','l','e','g','e',0 };
986 static const WCHAR SE_SHUTDOWN_NAME_W[] =
987 { 'S','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
988 static const WCHAR SE_DEBUG_NAME_W[] =
989 { 'S','e','D','e','b','u','g','P','r','i','v','i','l','e','g','e',0 };
990 static const WCHAR SE_AUDIT_NAME_W[] =
991 { 'S','e','A','u','d','i','t','P','r','i','v','i','l','e','g','e',0 };
992 static const WCHAR SE_SYSTEM_ENVIRONMENT_NAME_W[] =
993 { 'S','e','S','y','s','t','e','m','E','n','v','i','r','o','n','m','e','n','t','P','r','i','v','i','l','e','g','e',0 };
994 static const WCHAR SE_CHANGE_NOTIFY_NAME_W[] =
995 { 'S','e','C','h','a','n','g','e','N','o','t','i','f','y','P','r','i','v','i','l','e','g','e',0 };
996 static const WCHAR SE_REMOTE_SHUTDOWN_NAME_W[] =
997 { 'S','e','R','e','m','o','t','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
998 static const WCHAR SE_UNDOCK_NAME_W[] =
999 { 'S','e','U','n','d','o','c','k','P','r','i','v','i','l','e','g','e',0 };
1000 static const WCHAR SE_SYNC_AGENT_NAME_W[] =
1001 { 'S','e','S','y','n','c','A','g','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1002 static const WCHAR SE_ENABLE_DELEGATION_NAME_W[] =
1003 { 'S','e','E','n','a','b','l','e','D','e','l','e','g','a','t','i','o','n','P','r','i','v','i','l','e','g','e',0 };
1004 static const WCHAR SE_MANAGE_VOLUME_NAME_W[] =
1005 { 'S','e','M','a','n','a','g','e','V','o','l','u','m','e','P','r','i','v','i','l','e','g','e',0 };
1006 static const WCHAR SE_IMPERSONATE_NAME_W[] =
1007 { 'S','e','I','m','p','e','r','s','o','n','a','t','e','P','r','i','v','i','l','e','g','e',0 };
1008 static const WCHAR SE_CREATE_GLOBAL_NAME_W[] =
1009 { 'S','e','C','r','e','a','t','e','G','l','o','b','a','l','P','r','i','v','i','l','e','g','e',0 };
1010
1011 static const WCHAR * const WellKnownPrivNames[SE_MAX_WELL_KNOWN_PRIVILEGE + 1] =
1012 {
1013 NULL,
1014 NULL,
1015 SE_CREATE_TOKEN_NAME_W,
1016 SE_ASSIGNPRIMARYTOKEN_NAME_W,
1017 SE_LOCK_MEMORY_NAME_W,
1018 SE_INCREASE_QUOTA_NAME_W,
1019 SE_MACHINE_ACCOUNT_NAME_W,
1020 SE_TCB_NAME_W,
1021 SE_SECURITY_NAME_W,
1022 SE_TAKE_OWNERSHIP_NAME_W,
1023 SE_LOAD_DRIVER_NAME_W,
1024 SE_SYSTEM_PROFILE_NAME_W,
1025 SE_SYSTEMTIME_NAME_W,
1026 SE_PROF_SINGLE_PROCESS_NAME_W,
1027 SE_INC_BASE_PRIORITY_NAME_W,
1028 SE_CREATE_PAGEFILE_NAME_W,
1029 SE_CREATE_PERMANENT_NAME_W,
1030 SE_BACKUP_NAME_W,
1031 SE_RESTORE_NAME_W,
1032 SE_SHUTDOWN_NAME_W,
1033 SE_DEBUG_NAME_W,
1034 SE_AUDIT_NAME_W,
1035 SE_SYSTEM_ENVIRONMENT_NAME_W,
1036 SE_CHANGE_NOTIFY_NAME_W,
1037 SE_REMOTE_SHUTDOWN_NAME_W,
1038 SE_UNDOCK_NAME_W,
1039 SE_SYNC_AGENT_NAME_W,
1040 SE_ENABLE_DELEGATION_NAME_W,
1041 SE_MANAGE_VOLUME_NAME_W,
1042 SE_IMPERSONATE_NAME_W,
1043 SE_CREATE_GLOBAL_NAME_W,
1044 };
1045
1046 /******************************************************************************
1047 * LookupPrivilegeValueW [ADVAPI32.@]
1048 *
1049 * See LookupPrivilegeValueA.
1050 */
1051 BOOL WINAPI
1052 LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid )
1053 {
1054 UINT i;
1055
1056 TRACE("%s,%s,%p\n",debugstr_w(lpSystemName), debugstr_w(lpName), lpLuid);
1057
1058 if (!ADVAPI_IsLocalComputer(lpSystemName))
1059 {
1060 SetLastError(RPC_S_SERVER_UNAVAILABLE);
1061 return FALSE;
1062 }
1063 if (!lpName)
1064 {
1065 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1066 return FALSE;
1067 }
1068 for( i=SE_MIN_WELL_KNOWN_PRIVILEGE; i<SE_MAX_WELL_KNOWN_PRIVILEGE; i++ )
1069 {
1070 if( !WellKnownPrivNames[i] )
1071 continue;
1072 if( strcmpiW( WellKnownPrivNames[i], lpName) )
1073 continue;
1074 lpLuid->LowPart = i;
1075 lpLuid->HighPart = 0;
1076 TRACE( "%s -> %08lx-%08lx\n",debugstr_w( lpSystemName ),
1077 lpLuid->HighPart, lpLuid->LowPart );
1078 return TRUE;
1079 }
1080 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1081 return FALSE;
1082 }
1083
1084 /******************************************************************************
1085 * LookupPrivilegeValueA [ADVAPI32.@]
1086 *
1087 * Retrieves LUID used on a system to represent the privilege name.
1088 *
1089 * PARAMS
1090 * lpSystemName [I] Name of the system
1091 * lpName [I] Name of the privilege
1092 * lpLuid [O] Destination for the resulting LUID
1093 *
1094 * RETURNS
1095 * Success: TRUE. lpLuid contains the requested LUID.
1096 * Failure: FALSE.
1097 */
1098 BOOL WINAPI
1099 LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid )
1100 {
1101 UNICODE_STRING lpSystemNameW;
1102 UNICODE_STRING lpNameW;
1103 BOOL ret;
1104
1105 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1106 RtlCreateUnicodeStringFromAsciiz(&lpNameW,lpName);
1107 ret = LookupPrivilegeValueW(lpSystemNameW.Buffer, lpNameW.Buffer, lpLuid);
1108 RtlFreeUnicodeString(&lpNameW);
1109 RtlFreeUnicodeString(&lpSystemNameW);
1110 return ret;
1111 }
1112
1113 BOOL WINAPI LookupPrivilegeDisplayNameA( LPCSTR lpSystemName, LPCSTR lpName, LPSTR lpDisplayName,
1114 LPDWORD cchDisplayName, LPDWORD lpLanguageId )
1115 {
1116 FIXME("%s %s %s %p %p - stub\n", debugstr_a(lpSystemName), debugstr_a(lpName),
1117 debugstr_a(lpDisplayName), cchDisplayName, lpLanguageId);
1118
1119 return FALSE;
1120 }
1121
1122 BOOL WINAPI LookupPrivilegeDisplayNameW( LPCWSTR lpSystemName, LPCWSTR lpName, LPWSTR lpDisplayName,
1123 LPDWORD cchDisplayName, LPDWORD lpLanguageId )
1124 {
1125 FIXME("%s %s %s %p %p - stub\n", debugstr_w(lpSystemName), debugstr_w(lpName),
1126 debugstr_w(lpDisplayName), cchDisplayName, lpLanguageId);
1127
1128 return FALSE;
1129 }
1130
1131 /******************************************************************************
1132 * LookupPrivilegeNameA [ADVAPI32.@]
1133 *
1134 * See LookupPrivilegeNameW
1135 */
1136 BOOL WINAPI
1137 LookupPrivilegeNameA( LPCSTR lpSystemName, PLUID lpLuid, LPSTR lpName,
1138 LPDWORD cchName)
1139 {
1140 UNICODE_STRING lpSystemNameW;
1141 BOOL ret;
1142 DWORD wLen = 0;
1143
1144 TRACE("%s %p %p %p\n", debugstr_a(lpSystemName), lpLuid, lpName, cchName);
1145
1146 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1147 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, NULL, &wLen);
1148 if (!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
1149 {
1150 LPWSTR lpNameW = HeapAlloc(GetProcessHeap(), 0, wLen * sizeof(WCHAR));
1151
1152 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, lpNameW,
1153 &wLen);
1154 if (ret)
1155 {
1156 /* Windows crashes if cchName is NULL, so will I */
1157 int len = WideCharToMultiByte(CP_ACP, 0, lpNameW, -1, lpName,
1158 *cchName, NULL, NULL);
1159
1160 if (len == 0)
1161 {
1162 /* WideCharToMultiByte failed */
1163 ret = FALSE;
1164 }
1165 else if (len > *cchName)
1166 {
1167 *cchName = len;
1168 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1169 ret = FALSE;
1170 }
1171 else
1172 {
1173 /* WideCharToMultiByte succeeded, output length needs to be
1174 * length not including NULL terminator
1175 */
1176 *cchName = len - 1;
1177 }
1178 }
1179 HeapFree(GetProcessHeap(), 0, lpNameW);
1180 }
1181 RtlFreeUnicodeString(&lpSystemNameW);
1182 return ret;
1183 }
1184
1185 /******************************************************************************
1186 * LookupPrivilegeNameW [ADVAPI32.@]
1187 *
1188 * Retrieves the privilege name referred to by the LUID lpLuid.
1189 *
1190 * PARAMS
1191 * lpSystemName [I] Name of the system
1192 * lpLuid [I] Privilege value
1193 * lpName [O] Name of the privilege
1194 * cchName [I/O] Number of characters in lpName.
1195 *
1196 * RETURNS
1197 * Success: TRUE. lpName contains the name of the privilege whose value is
1198 * *lpLuid.
1199 * Failure: FALSE.
1200 *
1201 * REMARKS
1202 * Only well-known privilege names (those defined in winnt.h) can be retrieved
1203 * using this function.
1204 * If the length of lpName is too small, on return *cchName will contain the
1205 * number of WCHARs needed to contain the privilege, including the NULL
1206 * terminator, and GetLastError will return ERROR_INSUFFICIENT_BUFFER.
1207 * On success, *cchName will contain the number of characters stored in
1208 * lpName, NOT including the NULL terminator.
1209 */
1210 BOOL WINAPI
1211 LookupPrivilegeNameW( LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName,
1212 LPDWORD cchName)
1213 {
1214 size_t privNameLen;
1215
1216 TRACE("%s,%p,%p,%p\n",debugstr_w(lpSystemName), lpLuid, lpName, cchName);
1217
1218 if (!ADVAPI_IsLocalComputer(lpSystemName))
1219 {
1220 SetLastError(RPC_S_SERVER_UNAVAILABLE);
1221 return FALSE;
1222 }
1223 if (lpLuid->HighPart || (lpLuid->LowPart < SE_MIN_WELL_KNOWN_PRIVILEGE ||
1224 lpLuid->LowPart > SE_MAX_WELL_KNOWN_PRIVILEGE))
1225 {
1226 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1227 return FALSE;
1228 }
1229 privNameLen = strlenW(WellKnownPrivNames[lpLuid->LowPart]);
1230 /* Windows crashes if cchName is NULL, so will I */
1231 if (*cchName <= privNameLen)
1232 {
1233 *cchName = privNameLen + 1;
1234 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1235 return FALSE;
1236 }
1237 else
1238 {
1239 strcpyW(lpName, WellKnownPrivNames[lpLuid->LowPart]);
1240 *cchName = privNameLen;
1241 return TRUE;
1242 }
1243 }
1244
1245 /******************************************************************************
1246 * GetFileSecurityA [ADVAPI32.@]
1247 *
1248 * Obtains Specified information about the security of a file or directory.
1249 *
1250 * PARAMS
1251 * lpFileName [I] Name of the file to get info for
1252 * RequestedInformation [I] SE_ flags from "winnt.h"
1253 * pSecurityDescriptor [O] Destination for security information
1254 * nLength [I] Length of pSecurityDescriptor
1255 * lpnLengthNeeded [O] Destination for length of returned security information
1256 *
1257 * RETURNS
1258 * Success: TRUE. pSecurityDescriptor contains the requested information.
1259 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
1260 *
1261 * NOTES
1262 * The information returned is constrained by the callers access rights and
1263 * privileges.
1264 */
1265 BOOL WINAPI
1266 GetFileSecurityA( LPCSTR lpFileName,
1267 SECURITY_INFORMATION RequestedInformation,
1268 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1269 DWORD nLength, LPDWORD lpnLengthNeeded )
1270 {
1271 DWORD len;
1272 BOOL r;
1273 LPWSTR name = NULL;
1274
1275 if( lpFileName )
1276 {
1277 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
1278 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1279 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
1280 }
1281
1282 r = GetFileSecurityW( name, RequestedInformation, pSecurityDescriptor,
1283 nLength, lpnLengthNeeded );
1284 HeapFree( GetProcessHeap(), 0, name );
1285
1286 return r;
1287 }
1288
1289 /******************************************************************************
1290 * GetFileSecurityW [ADVAPI32.@]
1291 *
1292 * See GetFileSecurityA.
1293 */
1294 BOOL WINAPI
1295 GetFileSecurityW( LPCWSTR lpFileName,
1296 SECURITY_INFORMATION RequestedInformation,
1297 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1298 DWORD nLength, LPDWORD lpnLengthNeeded )
1299 {
1300 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
1301 return TRUE;
1302 }
1303
1304
1305 /******************************************************************************
1306 * LookupAccountSidA [ADVAPI32.@]
1307 */
1308 BOOL WINAPI
1309 LookupAccountSidA(
1310 IN LPCSTR system,
1311 IN PSID sid,
1312 OUT LPSTR account,
1313 IN OUT LPDWORD accountSize,
1314 OUT LPSTR domain,
1315 IN OUT LPDWORD domainSize,
1316 OUT PSID_NAME_USE name_use )
1317 {
1318 static const char ac[] = "Administrator";
1319 static const char dm[] = "DOMAIN";
1320 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1321 debugstr_a(system),sid,
1322 account,accountSize,accountSize?*accountSize:0,
1323 domain,domainSize,domainSize?*domainSize:0,
1324 name_use);
1325
1326 if (accountSize) *accountSize = strlen(ac)+1;
1327 if (account && (*accountSize > strlen(ac)))
1328 strcpy(account, ac);
1329
1330 if (domainSize) *domainSize = strlen(dm)+1;
1331 if (domain && (*domainSize > strlen(dm)))
1332 strcpy(domain,dm);
1333
1334 if (name_use) *name_use = SidTypeUser;
1335 return TRUE;
1336 }
1337
1338 /******************************************************************************
1339 * LookupAccountSidW [ADVAPI32.@]
1340 *
1341 * PARAMS
1342 * system []
1343 * sid []
1344 * account []
1345 * accountSize []
1346 * domain []
1347 * domainSize []
1348 * name_use []
1349 */
1350 BOOL WINAPI
1351 LookupAccountSidW(
1352 IN LPCWSTR system,
1353 IN PSID sid,
1354 OUT LPWSTR account,
1355 IN OUT LPDWORD accountSize,
1356 OUT LPWSTR domain,
1357 IN OUT LPDWORD domainSize,
1358 OUT PSID_NAME_USE name_use )
1359 {
1360 static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
1361 static const WCHAR dm[] = {'D','O','M','A','I','N',0};
1362 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1363 debugstr_w(system),sid,
1364 account,accountSize,accountSize?*accountSize:0,
1365 domain,domainSize,domainSize?*domainSize:0,
1366 name_use);
1367
1368 if (accountSize) *accountSize = strlenW(ac)+1;
1369 if (account && (*accountSize > strlenW(ac)))
1370 strcpyW(account, ac);
1371
1372 if (domainSize) *domainSize = strlenW(dm)+1;
1373 if (domain && (*domainSize > strlenW(dm)))
1374 strcpyW(domain,dm);
1375
1376 if (name_use) *name_use = SidTypeUser;
1377 return TRUE;
1378 }
1379
1380 /******************************************************************************
1381 * SetFileSecurityA [ADVAPI32.@]
1382 * Sets the security of a file or directory
1383 */
1384 BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
1385 SECURITY_INFORMATION RequestedInformation,
1386 PSECURITY_DESCRIPTOR pSecurityDescriptor)
1387 {
1388 DWORD len;
1389 BOOL r;
1390 LPWSTR name = NULL;
1391
1392 if( lpFileName )
1393 {
1394 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
1395 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1396 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
1397 }
1398
1399 r = SetFileSecurityW( name, RequestedInformation, pSecurityDescriptor );
1400 HeapFree( GetProcessHeap(), 0, name );
1401
1402 return r;
1403 }
1404
1405 /******************************************************************************
1406 * SetFileSecurityW [ADVAPI32.@]
1407 * Sets the security of a file or directory
1408 *
1409 * PARAMS
1410 * lpFileName []
1411 * RequestedInformation []
1412 * pSecurityDescriptor []
1413 */
1414 BOOL WINAPI
1415 SetFileSecurityW( LPCWSTR lpFileName,
1416 SECURITY_INFORMATION RequestedInformation,
1417 PSECURITY_DESCRIPTOR pSecurityDescriptor )
1418 {
1419 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
1420 return TRUE;
1421 }
1422
1423 /******************************************************************************
1424 * QueryWindows31FilesMigration [ADVAPI32.@]
1425 *
1426 * PARAMS
1427 * x1 []
1428 */
1429 BOOL WINAPI
1430 QueryWindows31FilesMigration( DWORD x1 )
1431 {
1432 FIXME("(%ld):stub\n",x1);
1433 return TRUE;
1434 }
1435
1436 /******************************************************************************
1437 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
1438 *
1439 * PARAMS
1440 * x1 []
1441 * x2 []
1442 * x3 []
1443 * x4 []
1444 */
1445 BOOL WINAPI
1446 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
1447 DWORD x4 )
1448 {
1449 FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
1450 return TRUE;
1451 }
1452
1453 NTSTATUS WINAPI
1454 LsaEnumerateTrustedDomains(
1455 LSA_HANDLE PolicyHandle,
1456 PLSA_ENUMERATION_HANDLE EnumerationContext,
1457 PVOID* Buffer,
1458 ULONG PreferedMaximumLength,
1459 PULONG CountReturned)
1460 {
1461 FIXME("(%p,%p,%p,0x%08lx,%p):stub\n", PolicyHandle, EnumerationContext,
1462 Buffer, PreferedMaximumLength, CountReturned);
1463
1464 if (CountReturned) *CountReturned = 0;
1465 return STATUS_SUCCESS;
1466 }
1467
1468 NTSTATUS WINAPI
1469 LsaLookupNames(
1470 LSA_HANDLE PolicyHandle,
1471 ULONG Count,
1472 PLSA_UNICODE_STRING Names,
1473 PLSA_REFERENCED_DOMAIN_LIST* ReferencedDomains,
1474 PLSA_TRANSLATED_SID* Sids)
1475 {
1476 FIXME("(%p,0x%08lx,%p,%p,%p):stub\n", PolicyHandle, Count, Names,
1477 ReferencedDomains, Sids);
1478
1479 return STATUS_NONE_MAPPED;
1480 }
1481
1482 /******************************************************************************
1483 * LsaOpenPolicy [ADVAPI32.@]
1484 *
1485 * PARAMS
1486 * SystemName [I]
1487 * ObjectAttributes [I]
1488 * DesiredAccess [I]
1489 * PolicyHandle [I/O]
1490 */
1491 NTSTATUS WINAPI
1492 LsaOpenPolicy(
1493 IN PLSA_UNICODE_STRING SystemName,
1494 IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
1495 IN ACCESS_MASK DesiredAccess,
1496 IN OUT PLSA_HANDLE PolicyHandle)
1497 {
1498 FIXME("(%s,%p,0x%08lx,%p):stub\n",
1499 SystemName?debugstr_w(SystemName->Buffer):"null",
1500 ObjectAttributes, DesiredAccess, PolicyHandle);
1501 ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
1502 STATUS_ACCESS_VIOLATION);
1503 dumpLsaAttributes(ObjectAttributes);
1504 if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
1505 return STATUS_SUCCESS;
1506 }
1507
1508 /******************************************************************************
1509 * LsaQueryInformationPolicy [ADVAPI32.@]
1510 */
1511 NTSTATUS WINAPI
1512 LsaQueryInformationPolicy(
1513 IN LSA_HANDLE PolicyHandle,
1514 IN POLICY_INFORMATION_CLASS InformationClass,
1515 OUT PVOID *Buffer)
1516 {
1517 FIXME("(%p,0x%08x,%p):stub\n",
1518 PolicyHandle, InformationClass, Buffer);
1519
1520 if(!Buffer) return FALSE;
1521 switch (InformationClass)
1522 {
1523 case PolicyAuditEventsInformation: /* 2 */
1524 {
1525 PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(POLICY_AUDIT_EVENTS_INFO));
1526 p->AuditingMode = FALSE; /* no auditing */
1527 *Buffer = p;
1528 }
1529 break;
1530 case PolicyPrimaryDomainInformation: /* 3 */
1531 case PolicyAccountDomainInformation: /* 5 */
1532 {
1533 struct di
1534 { POLICY_PRIMARY_DOMAIN_INFO ppdi;
1535 SID sid;
1536 };
1537 SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
1538
1539 struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(xdi));
1540 HKEY key;
1541 BOOL useDefault = TRUE;
1542 LONG ret;
1543
1544 if ((ret = RegOpenKeyExA(HKEY_LOCAL_MACHINE,
1545 "System\\CurrentControlSet\\Services\\VxD\\VNETSUP", 0,
1546 KEY_READ, &key)) == ERROR_SUCCESS)
1547 {
1548 DWORD size = 0;
1549 static const WCHAR wg[] = { 'W','o','r','k','g','r','o','u','p',0 };
1550
1551 ret = RegQueryValueExW(key, wg, NULL, NULL, NULL, &size);
1552 if (ret == ERROR_MORE_DATA || ret == ERROR_SUCCESS)
1553 {
1554 xdi->ppdi.Name.Buffer = HeapAlloc(GetProcessHeap(),
1555 HEAP_ZERO_MEMORY, size);
1556 if ((ret = RegQueryValueExW(key, wg, NULL, NULL,
1557 (LPBYTE)xdi->ppdi.Name.Buffer, &size)) == ERROR_SUCCESS)
1558 {
1559 xdi->ppdi.Name.Length = (USHORT)size;
1560 useDefault = FALSE;
1561 }
1562 else
1563 {
1564 HeapFree(GetProcessHeap(), 0, xdi->ppdi.Name.Buffer);
1565 xdi->ppdi.Name.Buffer = NULL;
1566 }
1567 }
1568 RegCloseKey(key);
1569 }
1570 if (useDefault)
1571 RtlCreateUnicodeStringFromAsciiz(&(xdi->ppdi.Name), "DOMAIN");
1572 TRACE("setting domain to %s\n", debugstr_w(xdi->ppdi.Name.Buffer));
1573
1574 xdi->ppdi.Sid = &(xdi->sid);
1575 xdi->sid.Revision = SID_REVISION;
1576 xdi->sid.SubAuthorityCount = 1;
1577 xdi->sid.IdentifierAuthority = localSidAuthority;
1578 xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
1579 *Buffer = xdi;
1580 }
1581 break;
1582 case PolicyAuditLogInformation:
1583 case PolicyPdAccountInformation:
1584 case PolicyLsaServerRoleInformation:
1585 case PolicyReplicaSourceInformation:
1586 case PolicyDefaultQuotaInformation:
1587 case PolicyModificationInformation:
1588 case PolicyAuditFullSetInformation:
1589 case PolicyAuditFullQueryInformation:
1590 case PolicyDnsDomainInformation:
1591 {
1592 FIXME("category not implemented\n");
1593 return FALSE;
1594 }
1595 }
1596 return TRUE;
1597 }
1598
1599 NTSTATUS WINAPI
1600 LsaSetInformationPolicy(
1601 LSA_HANDLE PolicyHandle,
1602 POLICY_INFORMATION_CLASS InformationClass,
1603 PVOID Buffer)
1604 {
1605 FIXME("(%p,0x%08x,%p):stub\n", PolicyHandle, InformationClass, Buffer);
1606
1607 return STATUS_UNSUCCESSFUL;
1608 }
1609
1610 /******************************************************************************
1611 * LsaLookupSids [ADVAPI32.@]
1612 */
1613 NTSTATUS WINAPI
1614 LsaLookupSids(
1615 IN LSA_HANDLE PolicyHandle,
1616 IN ULONG Count,
1617 IN PSID *Sids,
1618 OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1619 OUT PLSA_TRANSLATED_NAME *Names )
1620 {
1621 FIXME("%p %lu %p %p %p\n",
1622 PolicyHandle, Count, Sids, ReferencedDomains, Names);
1623 return FALSE;
1624 }
1625
1626 /******************************************************************************
1627 * LsaFreeMemory [ADVAPI32.@]
1628 */
1629 NTSTATUS WINAPI
1630 LsaFreeMemory(IN PVOID Buffer)
1631 {
1632 TRACE("(%p)\n",Buffer);
1633 return HeapFree(GetProcessHeap(), 0, Buffer);
1634 }
1635 /******************************************************************************
1636 * LsaClose [ADVAPI32.@]
1637 */
1638 NTSTATUS WINAPI
1639 LsaClose(IN LSA_HANDLE ObjectHandle)
1640 {
1641 FIXME("(%p):stub\n",ObjectHandle);
1642 return 0xc0000000;
1643 }
1644
1645 /******************************************************************************
1646 * LsaStorePrivateData [ADVAPI32.@]
1647 */
1648 NTSTATUS WINAPI LsaStorePrivateData( LSA_HANDLE PolicyHandle,
1649 PLSA_UNICODE_STRING KeyName, PLSA_UNICODE_STRING PrivateData)
1650 {
1651 FIXME("%p %p %p\n", PolicyHandle, KeyName, PrivateData);
1652 return STATUS_OBJECT_NAME_NOT_FOUND;
1653 }
1654
1655 /******************************************************************************
1656 * LsaRetrievePrivateData [ADVAPI32.@]
1657 */
1658 NTSTATUS WINAPI LsaRetrievePrivateData( LSA_HANDLE PolicyHandle,
1659 PLSA_UNICODE_STRING KeyName, PLSA_UNICODE_STRING* PrivateData)
1660 {
1661 FIXME("%p %p %p\n", PolicyHandle, KeyName, PrivateData);
1662 return STATUS_OBJECT_NAME_NOT_FOUND;
1663 }
1664
1665 /******************************************************************************
1666 * LsaNtStatusToWinError [ADVAPI32.@]
1667 *
1668 * PARAMS
1669 * Status [I]
1670 */
1671 ULONG WINAPI
1672 LsaNtStatusToWinError(NTSTATUS Status)
1673 {
1674 return RtlNtStatusToDosError(Status);
1675 }
1676
1677 /******************************************************************************
1678 * NotifyBootConfigStatus [ADVAPI32.@]
1679 *
1680 * PARAMS
1681 * x1 []
1682 */
1683 BOOL WINAPI
1684 NotifyBootConfigStatus( DWORD x1 )
1685 {
1686 FIXME("(0x%08lx):stub\n",x1);
1687 return 1;
1688 }
1689
1690 /******************************************************************************
1691 * RevertToSelf [ADVAPI32.@]
1692 *
1693 * PARAMS
1694 * void []
1695 */
1696 BOOL WINAPI
1697 RevertToSelf( void )
1698 {
1699 FIXME("(), stub\n");
1700 return TRUE;
1701 }
1702
1703 /******************************************************************************
1704 * ImpersonateSelf [ADVAPI32.@]
1705 */
1706 BOOL WINAPI
1707 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1708 {
1709 return RtlImpersonateSelf(ImpersonationLevel);
1710 }
1711
1712 /******************************************************************************
1713 * ImpersonateLoggedOnUser [ADVAPI32.@]
1714 */
1715 BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
1716 {
1717 FIXME("(%p):stub returning FALSE\n", hToken);
1718 return FALSE;
1719 }
1720
1721 /******************************************************************************
1722 * AccessCheck [ADVAPI32.@]
1723 */
1724 BOOL WINAPI
1725 AccessCheck(
1726 PSECURITY_DESCRIPTOR SecurityDescriptor,
1727 HANDLE ClientToken,
1728 DWORD DesiredAccess,
1729 PGENERIC_MAPPING GenericMapping,
1730 PPRIVILEGE_SET PrivilegeSet,
1731 LPDWORD PrivilegeSetLength,
1732 LPDWORD GrantedAccess,
1733 LPBOOL AccessStatus)
1734 {
1735 NTSTATUS access_status;
1736 BOOL ret = set_ntstatus( NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
1737 GenericMapping, PrivilegeSet, PrivilegeSetLength,
1738 GrantedAccess, &access_status) );
1739 if (ret) *AccessStatus = set_ntstatus( access_status );
1740 return ret;
1741 }
1742
1743
1744 /******************************************************************************
1745 * AccessCheckByType [ADVAPI32.@]
1746 */
1747 BOOL WINAPI AccessCheckByType(
1748 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1749 PSID PrincipalSelfSid,
1750 HANDLE ClientToken,
1751 DWORD DesiredAccess,
1752 POBJECT_TYPE_LIST ObjectTypeList,
1753 DWORD ObjectTypeListLength,
1754 PGENERIC_MAPPING GenericMapping,
1755 PPRIVILEGE_SET PrivilegeSet,
1756 LPDWORD PrivilegeSetLength,
1757 LPDWORD GrantedAccess,
1758 LPBOOL AccessStatus)
1759 {
1760 FIXME("stub\n");
1761
1762 *AccessStatus = TRUE;
1763
1764 return !*AccessStatus;
1765 }
1766
1767 VOID WINAPI MapGenericMask( PDWORD AccessMask, PGENERIC_MAPPING GenericMapping )
1768 {
1769 FIXME("%p %p - stub\n", AccessMask, GenericMapping);
1770
1771 *AccessMask |= GenericMapping->GenericRead;
1772 *AccessMask |= GenericMapping->GenericWrite;
1773 *AccessMask |= GenericMapping->GenericExecute;
1774 *AccessMask |= GenericMapping->GenericAll;
1775 }
1776
1777 /*************************************************************************
1778 * SetKernelObjectSecurity [ADVAPI32.@]
1779 */
1780 BOOL WINAPI SetKernelObjectSecurity (
1781 IN HANDLE Handle,
1782 IN SECURITY_INFORMATION SecurityInformation,
1783 IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1784 {
1785 return set_ntstatus (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1786 }
1787
1788
1789 /******************************************************************************
1790 * AddAuditAccessAce [ADVAPI32.@]
1791 */
1792 BOOL WINAPI AddAuditAccessAce(
1793 IN OUT PACL pAcl,
1794 IN DWORD dwAceRevision,
1795 IN DWORD dwAccessMask,
1796 IN PSID pSid,
1797 IN BOOL bAuditSuccess,
1798 IN BOOL bAuditFailure)
1799 {
1800 FIXME("Stub\n");
1801 return TRUE;
1802 }
1803
1804 /******************************************************************************
1805 * LookupAccountNameA [ADVAPI32.@]
1806 */
1807 BOOL WINAPI
1808 LookupAccountNameA(
1809 IN LPCSTR system,
1810 IN LPCSTR account,
1811 OUT PSID sid,
1812 OUT LPDWORD cbSid,
1813 LPSTR ReferencedDomainName,
1814 IN OUT LPDWORD cbReferencedDomainName,
1815 OUT PSID_NAME_USE name_use )
1816 {
1817 /* Default implementation: Always return a default SID */
1818 SID_IDENTIFIER_AUTHORITY identifierAuthority = {SECURITY_NT_AUTHORITY};
1819 BOOL ret;
1820 PSID pSid;
1821 static const char dm[] = "DOMAIN";
1822
1823 FIXME("(%s,%s,%p,%p,%p,%p,%p), stub.\n",system,account,sid,cbSid,ReferencedDomainName,cbReferencedDomainName,name_use);
1824
1825 ret = AllocateAndInitializeSid(&identifierAuthority,
1826 2,
1827 SECURITY_BUILTIN_DOMAIN_RID,
1828 DOMAIN_ALIAS_RID_ADMINS,
1829 0, 0, 0, 0, 0, 0,
1830 &pSid);
1831
1832 if (!ret)
1833 return FALSE;
1834 if(!RtlValidSid(pSid))
1835 {
1836 FreeSid(pSid);
1837 return FALSE;
1838 }
1839
1840 if (sid != NULL && (*cbSid >= GetLengthSid(pSid)))
1841 CopySid(*cbSid, sid, pSid);
1842 if (*cbSid < GetLengthSid(pSid))
1843 {
1844 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1845 ret = FALSE;
1846 }
1847 *cbSid = GetLengthSid(pSid);
1848
1849 if (ReferencedDomainName != NULL && (*cbReferencedDomainName > strlen(dm)))
1850 strcpy(ReferencedDomainName, dm);
1851 if (*cbReferencedDomainName <= strlen(dm))
1852 {
1853 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1854 ret = FALSE;
1855 }
1856 *cbReferencedDomainName = strlen(dm)+1;
1857
1858 FreeSid(pSid);
1859
1860 return ret;
1861 }
1862
1863 BOOL WINAPI LookupAccountNameW( LPCWSTR lpSystemName, LPCWSTR lpAccountName, PSID Sid,
1864 LPDWORD cbSid, LPWSTR ReferencedDomainName,
1865 LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse )
1866 {
1867 FIXME("%s %s %p %p %p %p %p - stub\n", debugstr_w(lpSystemName), debugstr_w(lpAccountName),
1868 Sid, cbSid, ReferencedDomainName, cchReferencedDomainName, peUse);
1869
1870 return FALSE;
1871 }
1872
1873 /******************************************************************************
1874 * PrivilegeCheck [ADVAPI32.@]
1875 */
1876 BOOL WINAPI PrivilegeCheck( HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
1877 {
1878 FIXME("stub %p %p %p\n", ClientToken, RequiredPrivileges, pfResult);
1879 if (pfResult)
1880 *pfResult=TRUE;
1881 return TRUE;
1882 }
1883
1884 /******************************************************************************
1885 * AccessCheckAndAuditAlarmA [ADVAPI32.@]
1886 */
1887 BOOL WINAPI AccessCheckAndAuditAlarmA(LPCSTR Subsystem, LPVOID HandleId, LPSTR ObjectTypeName,
1888 LPSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
1889 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
1890 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
1891 {
1892 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_a(Subsystem),
1893 HandleId, debugstr_a(ObjectTypeName), debugstr_a(ObjectName),
1894 SecurityDescriptor, DesiredAccess, GenericMapping,
1895 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
1896 return TRUE;
1897 }
1898
1899 /******************************************************************************
1900 * AccessCheckAndAuditAlarmW [ADVAPI32.@]
1901 */
1902 BOOL WINAPI AccessCheckAndAuditAlarmW(LPCWSTR Subsystem, LPVOID HandleId, LPWSTR ObjectTypeName,
1903 LPWSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
1904 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
1905 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
1906 {
1907 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_w(Subsystem),
1908 HandleId, debugstr_w(ObjectTypeName), debugstr_w(ObjectName),
1909 SecurityDescriptor, DesiredAccess, GenericMapping,
1910 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
1911 return TRUE;
1912 }
1913
1914 BOOL WINAPI ObjectCloseAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
1915 {
1916 FIXME("stub (%s,%p,%x)\n", debugstr_a(SubsystemName), HandleId, GenerateOnClose);
1917
1918 return TRUE;
1919 }
1920
1921 BOOL WINAPI ObjectCloseAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
1922 {
1923 FIXME("stub (%s,%p,%x)\n", debugstr_w(SubsystemName), HandleId, GenerateOnClose);
1924
1925 return TRUE;
1926 }
1927
1928 BOOL WINAPI ObjectOpenAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, LPSTR ObjectTypeName,
1929 LPSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess,
1930 DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted,
1931 LPBOOL GenerateOnClose)
1932 {
1933 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_a(SubsystemName),
1934 HandleId, debugstr_a(ObjectTypeName), debugstr_a(ObjectName), pSecurityDescriptor,
1935 ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted,
1936 GenerateOnClose);
1937
1938 return TRUE;
1939 }
1940
1941 BOOL WINAPI ObjectOpenAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, LPWSTR ObjectTypeName,
1942 LPWSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess,
1943 DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted,
1944 LPBOOL GenerateOnClose)
1945 {
1946 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_w(SubsystemName),
1947 HandleId, debugstr_w(ObjectTypeName), debugstr_w(ObjectName), pSecurityDescriptor,
1948 ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted,
1949 GenerateOnClose);
1950
1951 return TRUE;
1952 }
1953
1954 BOOL WINAPI ObjectPrivilegeAuditAlarmA( LPCSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken,
1955 DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
1956 {
1957 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_a(SubsystemName), HandleId, ClientToken,
1958 DesiredAccess, Privileges, AccessGranted);
1959
1960 return TRUE;
1961 }
1962
1963 BOOL WINAPI ObjectPrivilegeAuditAlarmW( LPCWSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken,
1964 DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
1965 {
1966 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_w(SubsystemName), HandleId, ClientToken,
1967 DesiredAccess, Privileges, AccessGranted);
1968
1969 return TRUE;
1970 }
1971
1972 BOOL WINAPI PrivilegedServiceAuditAlarmA( LPCSTR SubsystemName, LPCSTR ServiceName, HANDLE ClientToken,
1973 PPRIVILEGE_SET Privileges, BOOL AccessGranted)
1974 {
1975 FIXME("stub (%s,%s,%p,%p,%x)\n", debugstr_a(SubsystemName), debugstr_a(ServiceName),
1976 ClientToken, Privileges, AccessGranted);
1977
1978 return TRUE;
1979 }
1980
1981 BOOL WINAPI PrivilegedServiceAuditAlarmW( LPCWSTR SubsystemName, LPCWSTR ServiceName, HANDLE ClientToken,
1982 PPRIVILEGE_SET Privileges, BOOL AccessGranted)
1983 {
1984 FIXME("stub %s,%s,%p,%p,%x)\n", debugstr_w(SubsystemName), debugstr_w(ServiceName),
1985 ClientToken, Privileges, AccessGranted);
1986
1987 return TRUE;
1988 }
1989
1990 /******************************************************************************
1991 * GetSecurityInfo [ADVAPI32.@]
1992 */
1993 DWORD WINAPI GetSecurityInfo(
1994 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
1995 SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner,
1996 PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl,
1997 PSECURITY_DESCRIPTOR *ppSecurityDescriptor
1998 )
1999 {
2000 FIXME("stub!\n");
2001 return ERROR_BAD_PROVIDER;
2002 }
2003
2004 /******************************************************************************
2005 * GetSecurityInfoExW [ADVAPI32.@]
2006 */
2007 DWORD WINAPI GetSecurityInfoExW(
2008 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
2009 SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider,
2010 LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList,
2011 PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup
2012 )
2013 {
2014 FIXME("stub!\n");
2015 return ERROR_BAD_PROVIDER;
2016 }
2017
2018 /******************************************************************************
2019 * BuildExplicitAccessWithNameA [ADVAPI32.@]
2020 */
2021 VOID WINAPI BuildExplicitAccessWithNameA( PEXPLICIT_ACCESSA pExplicitAccess,
2022 LPSTR pTrusteeName, DWORD AccessPermissions,
2023 ACCESS_MODE AccessMode, DWORD Inheritance )
2024 {
2025 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess, debugstr_a(pTrusteeName),
2026 AccessPermissions, AccessMode, Inheritance);
2027
2028 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2029 pExplicitAccess->grfAccessMode = AccessMode;
2030 pExplicitAccess->grfInheritance = Inheritance;
2031
2032 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2033 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2034 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2035 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2036 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2037 }
2038
2039 /******************************************************************************
2040 * BuildExplicitAccessWithNameW [ADVAPI32.@]
2041 */
2042 VOID WINAPI BuildExplicitAccessWithNameW( PEXPLICIT_ACCESSW pExplicitAccess,
2043 LPWSTR pTrusteeName, DWORD AccessPermissions,
2044 ACCESS_MODE AccessMode, DWORD Inheritance )
2045 {
2046 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess, debugstr_w(pTrusteeName),
2047 AccessPermissions, AccessMode, Inheritance);
2048
2049 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2050 pExplicitAccess->grfAccessMode = AccessMode;
2051 pExplicitAccess->grfInheritance = Inheritance;
2052
2053 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2054 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2055 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2056 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2057 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2058 }
2059
2060 /******************************************************************************
2061 * BuildTrusteeWithObjectsAndNameA [ADVAPI32.@]
2062 */
2063 VOID WINAPI BuildTrusteeWithObjectsAndNameA( PTRUSTEEA pTrustee, POBJECTS_AND_NAME_A pObjName,
2064 SE_OBJECT_TYPE ObjectType, LPSTR ObjectTypeName,
2065 LPSTR InheritedObjectTypeName, LPSTR Name )
2066 {
2067 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2068 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_a(Name));
2069
2070 pTrustee->pMultipleTrustee = NULL;
2071 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2072 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2073 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2074 pTrustee->ptstrName = Name;
2075 }
2076
2077 /******************************************************************************
2078 * BuildTrusteeWithObjectsAndNameW [ADVAPI32.@]
2079 */
2080 VOID WINAPI BuildTrusteeWithObjectsAndNameW( PTRUSTEEW pTrustee, POBJECTS_AND_NAME_W pObjName,
2081 SE_OBJECT_TYPE ObjectType, LPWSTR ObjectTypeName,
2082 LPWSTR InheritedObjectTypeName, LPWSTR Name )
2083 {
2084 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2085 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_w(Name));
2086
2087 pTrustee->pMultipleTrustee = NULL;
2088 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2089 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2090 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2091 pTrustee->ptstrName = Name;
2092 }
2093
2094 VOID WINAPI BuildTrusteeWithObjectsAndSidA( PTRUSTEEA pTrustee, POBJECTS_AND_SID pObjSid,
2095 GUID* pObjectGuid, GUID* pInheritedObjectGuid, PSID pSid )
2096 {
2097 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2098
2099 pTrustee->pMultipleTrustee = NULL;
2100 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2101 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2102 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2103 pTrustee->ptstrName = (LPSTR) pSid;
2104 }
2105
2106 VOID WINAPI BuildTrusteeWithObjectsAndSidW( PTRUSTEEW pTrustee, POBJECTS_AND_SID pObjSid,
2107 GUID* pObjectGuid, GUID* pInheritedObjectGuid, PSID pSid )
2108 {
2109 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2110
2111 pTrustee->pMultipleTrustee = NULL;
2112 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2113 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2114 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2115 pTrustee->ptstrName = (LPWSTR) pSid;
2116 }
2117
2118 /******************************************************************************
2119 * BuildTrusteeWithSidA [ADVAPI32.@]
2120 */
2121 VOID WINAPI BuildTrusteeWithSidA(PTRUSTEEA pTrustee, PSID pSid)
2122 {
2123 TRACE("%p %p\n", pTrustee, pSid);
2124
2125 pTrustee->pMultipleTrustee = NULL;
2126 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2127 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2128 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2129 pTrustee->ptstrName = (LPSTR) pSid;
2130 }
2131
2132 /******************************************************************************
2133 * BuildTrusteeWithSidW [ADVAPI32.@]
2134 */
2135 VOID WINAPI BuildTrusteeWithSidW(PTRUSTEEW pTrustee, PSID pSid)
2136 {
2137 TRACE("%p %p\n", pTrustee, pSid);
2138
2139 pTrustee->pMultipleTrustee = NULL;
2140 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2141 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2142 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2143 pTrustee->ptstrName = (LPWSTR) pSid;
2144 }
2145
2146 /******************************************************************************
2147 * BuildTrusteeWithNameA [ADVAPI32.@]
2148 */
2149 VOID WINAPI BuildTrusteeWithNameA(PTRUSTEEA pTrustee, LPSTR name)
2150 {
2151 TRACE("%p %s\n", pTrustee, debugstr_a(name) );
2152
2153 pTrustee->pMultipleTrustee = NULL;
2154 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2155 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2156 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2157 pTrustee->ptstrName = name;
2158 }
2159
2160 /******************************************************************************
2161 * BuildTrusteeWithNameW [ADVAPI32.@]
2162 */
2163 VOID WINAPI BuildTrusteeWithNameW(PTRUSTEEW pTrustee, LPWSTR name)
2164 {
2165 TRACE("%p %s\n", pTrustee, debugstr_w(name) );
2166
2167 pTrustee->pMultipleTrustee = NULL;
2168 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2169 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2170 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2171 pTrustee->ptstrName = name;
2172 }
2173
2174 BOOL WINAPI SetAclInformation( PACL pAcl, LPVOID pAclInformation,
2175 DWORD nAclInformationLength,
2176 ACL_INFORMATION_CLASS dwAclInformationClass )
2177 {
2178 FIXME("%p %p 0x%08lx 0x%08x - stub\n", pAcl, pAclInformation,
2179 nAclInformationLength, dwAclInformationClass);
2180
2181 return TRUE;
2182 }
2183
2184 /******************************************************************************
2185 * SetEntriesInAclA [ADVAPI32.@]
2186 */
2187 DWORD WINAPI SetEntriesInAclA( ULONG count, PEXPLICIT_ACCESSA pEntries,
2188 PACL OldAcl, PACL* NewAcl )
2189 {
2190 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
2191 return ERROR_CALL_NOT_IMPLEMENTED;
2192 }
2193
2194 /******************************************************************************
2195 * SetEntriesInAclW [ADVAPI32.@]
2196 */
2197 DWORD WINAPI SetEntriesInAclW( ULONG count, PEXPLICIT_ACCESSW pEntries,
2198 PACL OldAcl, PACL* NewAcl )
2199 {
2200 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
2201 return ERROR_CALL_NOT_IMPLEMENTED;
2202 }
2203
2204 /******************************************************************************
2205 * SetNamedSecurityInfoA [ADVAPI32.@]
2206 */
2207 DWORD WINAPI SetNamedSecurityInfoA(LPSTR pObjectName,
2208 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2209 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
2210 {
2211 DWORD len;
2212 LPWSTR wstr = NULL;
2213 DWORD r;
2214
2215 TRACE("%s %d %ld %p %p %p %p\n", debugstr_a(pObjectName), ObjectType,
2216 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
2217
2218 if( pObjectName )
2219 {
2220 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
2221 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
2222 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
2223 }
2224
2225 r = SetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, psidOwner,
2226 psidGroup, pDacl, pSacl );
2227
2228 HeapFree( GetProcessHeap(), 0, wstr );
2229
2230 return r;
2231 }
2232
2233 BOOL WINAPI SetPrivateObjectSecurity( SECURITY_INFORMATION SecurityInformation,
2234 PSECURITY_DESCRIPTOR ModificationDescriptor,
2235 PSECURITY_DESCRIPTOR* ObjectsSecurityDescriptor,
2236 PGENERIC_MAPPING GenericMapping,
2237 HANDLE Token )
2238 {
2239 FIXME("0x%08lx %p %p %p %p - stub\n", SecurityInformation, ModificationDescriptor,
2240 ObjectsSecurityDescriptor, GenericMapping, Token);
2241
2242 return TRUE;
2243 }
2244
2245 BOOL WINAPI SetSecurityDescriptorControl( PSECURITY_DESCRIPTOR pSecurityDescriptor,
2246 SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest,
2247 SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet )
2248 {
2249 FIXME("%p 0x%08x 0x%08x - stub\n", pSecurityDescriptor, ControlBitsOfInterest,
2250 ControlBitsToSet);
2251
2252 return TRUE;
2253 }
2254
2255 BOOL WINAPI AreAllAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
2256 {
2257 return RtlAreAllAccessesGranted( GrantedAccess, DesiredAccess );
2258 }
2259
2260 /******************************************************************************
2261 * AreAnyAccessesGranted [ADVAPI32.@]
2262 *
2263 * Determines whether or not any of a set of specified access permissions have
2264 * been granted or not.
2265 *
2266 * PARAMS
2267 * GrantedAccess [I] The permissions that have been granted.
2268 * DesiredAccess [I] The permissions that you want to have.
2269 *
2270 * RETURNS
2271 * Nonzero if any of the permissions have been granted, zero if none of the
2272 * permissions have been granted.
2273 */
2274
2275 BOOL WINAPI AreAnyAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
2276 {
2277 return RtlAreAnyAccessesGranted( GrantedAccess, DesiredAccess );
2278 }
2279
2280 /******************************************************************************
2281 * SetNamedSecurityInfoW [ADVAPI32.@]
2282 */
2283 DWORD WINAPI SetNamedSecurityInfoW(LPWSTR pObjectName,
2284 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2285 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
2286 {
2287 FIXME("%s %d %ld %p %p %p %p\n", debugstr_w(pObjectName), ObjectType,
2288 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
2289 return ERROR_CALL_NOT_IMPLEMENTED;
2290 }
2291
2292 /******************************************************************************
2293 * GetExplicitEntriesFromAclA [ADVAPI32.@]
2294 */
2295 DWORD WINAPI GetExplicitEntriesFromAclA( PACL pacl, PULONG pcCountOfExplicitEntries,
2296 PEXPLICIT_ACCESSA* pListOfExplicitEntries)
2297 {
2298 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
2299 return ERROR_CALL_NOT_IMPLEMENTED;
2300 }
2301
2302 /******************************************************************************
2303 * GetExplicitEntriesFromAclW [ADVAPI32.@]
2304 */
2305 DWORD WINAPI GetExplicitEntriesFromAclW( PACL pacl, PULONG pcCountOfExplicitEntries,
2306 PEXPLICIT_ACCESSW* pListOfExplicitEntries)
2307 {
2308 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
2309 return ERROR_CALL_NOT_IMPLEMENTED;
2310 }
2311
2312
2313 /******************************************************************************
2314 * ParseAclStringFlags
2315 */
2316 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl)
2317 {
2318 DWORD flags = 0;
2319 LPCWSTR szAcl = *StringAcl;
2320
2321 while (*szAcl != '(')
2322 {
2323 if (*szAcl == 'P')
2324 {
2325 flags |= SE_DACL_PROTECTED;
2326 }
2327 else if (*szAcl == 'A')
2328 {
2329 szAcl++;
2330 if (*szAcl == 'R')
2331 flags |= SE_DACL_AUTO_INHERIT_REQ;
2332 else if (*szAcl == 'I')
2333 flags |= SE_DACL_AUTO_INHERITED;
2334 }
2335 szAcl++;
2336 }
2337
2338 *StringAcl = szAcl;
2339 return flags;
2340 }
2341
2342 /******************************************************************************
2343 * ParseAceStringType
2344 */
2345 ACEFLAG AceType[] =
2346 {
2347 { SDDL_ACCESS_ALLOWED, ACCESS_ALLOWED_ACE_TYPE },
2348 { SDDL_ALARM, SYSTEM_ALARM_ACE_TYPE },
2349 { SDDL_AUDIT, SYSTEM_AUDIT_ACE_TYPE },
2350 { SDDL_ACCESS_DENIED, ACCESS_DENIED_ACE_TYPE },
2351 /*
2352 { SDDL_OBJECT_ACCESS_ALLOWED, ACCESS_ALLOWED_OBJECT_ACE_TYPE },
2353 { SDDL_OBJECT_ACCESS_DENIED, ACCESS_DENIED_OBJECT_ACE_TYPE },
2354 { SDDL_OBJECT_ALARM, SYSTEM_ALARM_OBJECT_ACE_TYPE },
2355 { SDDL_OBJECT_AUDIT, SYSTEM_AUDIT_OBJECT_ACE_TYPE },
2356 */
2357 { NULL, 0 },
2358 };
2359
2360 static BYTE ParseAceStringType(LPCWSTR* StringAcl)
2361 {
2362 UINT len = 0;
2363 LPCWSTR szAcl = *StringAcl;
2364 LPACEFLAG lpaf = AceType;
2365
2366 while (lpaf->wstr &&
2367 (len = strlenW(lpaf->wstr)) &&
2368 strncmpW(lpaf->wstr, szAcl, len))
2369 lpaf++;
2370
2371 if (!lpaf->wstr)
2372 return 0;
2373
2374 *StringAcl += len;
2375 return lpaf->value;
2376 }
2377
2378
2379 /******************************************************************************
2380 * ParseAceStringFlags
2381 */
2382 ACEFLAG AceFlags[] =
2383 {
2384 { SDDL_CONTAINER_INHERIT, CONTAINER_INHERIT_ACE },
2385 { SDDL_AUDIT_FAILURE, FAILED_ACCESS_ACE_FLAG },
2386 { SDDL_INHERITED, INHERITED_ACE },
2387 { SDDL_INHERIT_ONLY, INHERIT_ONLY_ACE },
2388 { SDDL_NO_PROPAGATE, NO_PROPAGATE_INHERIT_ACE },
2389 { SDDL_OBJECT_INHERIT, OBJECT_INHERIT_ACE },
2390 { SDDL_AUDIT_SUCCESS, SUCCESSFUL_ACCESS_ACE_FLAG },
2391 { NULL, 0 },
2392 };
2393
2394 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl)
2395 {
2396 UINT len = 0;
2397 BYTE flags = 0;
2398 LPCWSTR szAcl = *StringAcl;
2399
2400 while (*szAcl != ';')
2401 {
2402 LPACEFLAG lpaf = AceFlags;
2403
2404 while (lpaf->wstr &&
2405 (len = strlenW(lpaf->wstr)) &&
2406 strncmpW(lpaf->wstr, szAcl, len))
2407 lpaf++;
2408
2409 if (!lpaf->wstr)
2410 return 0;
2411
2412 flags |= lpaf->value;
2413 szAcl += len;
2414 }
2415
2416 *StringAcl = szAcl;
2417 return flags;
2418 }
2419
2420
2421 /******************************************************************************
2422 * ParseAceStringRights
2423 */
2424 ACEFLAG AceRights[] =
2425 {
2426 { SDDL_GENERIC_ALL, GENERIC_ALL },
2427 { SDDL_GENERIC_READ, GENERIC_READ },
2428 { SDDL_GENERIC_WRITE, GENERIC_WRITE },
2429 { SDDL_GENERIC_EXECUTE, GENERIC_EXECUTE },
2430 { SDDL_READ_CONTROL, READ_CONTROL },
2431 { SDDL_STANDARD_DELETE, DELETE },
2432 { SDDL_WRITE_DAC, WRITE_DAC },
2433 { SDDL_WRITE_OWNER, WRITE_OWNER },
2434 { NULL, 0 },
2435 };
2436
2437 static DWORD ParseAceStringRights(LPCWSTR* StringAcl)
2438 {
2439 UINT len = 0;
2440 DWORD rights = 0;
2441 LPCWSTR szAcl = *StringAcl;
2442
2443 if ((*szAcl == '0') && (*(szAcl + 1) == 'x'))
2444 {
2445 LPCWSTR p = szAcl;
2446
2447 while (*p && *p != ';')
2448 p++;
2449
2450 if (p - szAcl <= 8)
2451 {
2452 rights = strtoulW(szAcl, NULL, 16);
2453 *StringAcl = p;
2454 }
2455 else
2456 WARN("Invalid rights string format: %s\n", debugstr_wn(szAcl, p - szAcl));
2457 }
2458 else
2459 {
2460 while (*szAcl != ';')
2461 {
2462 LPACEFLAG lpaf = AceRights;
2463
2464 while (lpaf->wstr &&
2465 (len = strlenW(lpaf->wstr)) &&
2466 strncmpW(lpaf->wstr, szAcl, len))
2467 {
2468 lpaf++;
2469 }
2470
2471 if (!lpaf->wstr)
2472 return 0;
2473
2474 rights |= lpaf->value;
2475 szAcl += len;
2476 }
2477 }
2478
2479 *StringAcl = szAcl;
2480 return rights;
2481 }
2482
2483
2484 /******************************************************************************
2485 * ParseStringAclToAcl
2486 *
2487 * dacl_flags(string_ace1)(string_ace2)... (string_acen)
2488 */
2489 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
2490 PACL pAcl, LPDWORD cBytes)
2491 {
2492 DWORD val;
2493 DWORD sidlen;
2494 DWORD length = sizeof(ACL);
2495 PACCESS_ALLOWED_ACE pAce = NULL; /* pointer to current ACE */
2496
2497 TRACE("%s\n", debugstr_w(StringAcl));
2498
2499 if (!StringAcl)
2500 return FALSE;
2501
2502 if (pAcl) /* pAce is only useful if we're setting values */
2503 pAce = (PACCESS_ALLOWED_ACE) ((LPBYTE)pAcl + sizeof(PACL));
2504
2505 /* Parse ACL flags */
2506 *lpdwFlags = ParseAclStringFlags(&StringAcl);
2507
2508 /* Parse ACE */
2509 while (*StringAcl == '(')
2510 {
2511 StringAcl++;
2512
2513 /* Parse ACE type */
2514 val = ParseAceStringType(&StringAcl);
2515 if (pAce)
2516 pAce->Header.AceType = (BYTE) val;
2517 if (*StringAcl != ';')
2518 goto lerr;
2519 StringAcl++;
2520
2521 /* Parse ACE flags */
2522 val = ParseAceStringFlags(&StringAcl);
2523 if (pAce)
2524 pAce->Header.AceFlags = (BYTE) val;
2525 if (*StringAcl != ';')
2526 goto lerr;
2527 StringAcl++;
2528
2529 /* Parse ACE rights */
2530 val = ParseAceStringRights(&StringAcl);
2531 if (pAce)
2532 pAce->Mask = val;
2533 if (*StringAcl != ';')
2534 goto lerr;
2535 StringAcl++;
2536
2537 /* Parse ACE object guid */
2538 if (*StringAcl != ';')
2539 {
2540 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2541 goto lerr;
2542 }
2543 StringAcl++;
2544
2545 /* Parse ACE inherit object guid */
2546 if (*StringAcl != ';')
2547 {
2548 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2549 goto lerr;
2550 }
2551 StringAcl++;
2552
2553 /* Parse ACE account sid */
2554 if (ParseStringSidToSid(StringAcl, pAce ? (PSID)&pAce->SidStart : NULL, &sidlen))
2555 {
2556 while (*StringAcl && *StringAcl != ')')
2557 StringAcl++;
2558 }
2559
2560 if (*StringAcl != ')')
2561 goto lerr;
2562 StringAcl++;
2563
2564 length += sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + sidlen;
2565 }
2566
2567 *cBytes = length;
2568 return TRUE;
2569
2570 lerr:
2571 WARN("Invalid ACE string format\n");
2572 return FALSE;
2573 }
2574
2575
2576 /******************************************************************************
2577 * ParseStringSecurityDescriptorToSecurityDescriptor
2578 */
2579 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
2580 LPCWSTR StringSecurityDescriptor,
2581 SECURITY_DESCRIPTOR* SecurityDescriptor,
2582 LPDWORD cBytes)
2583 {
2584 BOOL bret = FALSE;
2585 WCHAR toktype;
2586 WCHAR tok[MAX_PATH];
2587 LPCWSTR lptoken;
2588 LPBYTE lpNext = NULL;
2589
2590 *cBytes = 0;
2591
2592 if (SecurityDescriptor)
2593 lpNext = ((LPBYTE) SecurityDescriptor) + sizeof(SECURITY_DESCRIPTOR);
2594
2595 while (*StringSecurityDescriptor)
2596 {
2597 toktype = *StringSecurityDescriptor;
2598
2599 /* Expect char identifier followed by ':' */
2600 StringSecurityDescriptor++;
2601 if (*StringSecurityDescriptor != ':')
2602 {
2603 SetLastError(ERROR_INVALID_PARAMETER);
2604 goto lend;
2605 }
2606 StringSecurityDescriptor++;
2607
2608 /* Extract token */
2609 lptoken = StringSecurityDescriptor;
2610 while (*lptoken && *lptoken != ':')
2611 lptoken++;
2612
2613 if (*lptoken)
2614 lptoken--;
2615
2616 strncpyW(tok, StringSecurityDescriptor, lptoken - StringSecurityDescriptor);
2617
2618 switch (toktype)
2619 {
2620 case 'O':
2621 {
2622 DWORD bytes;
2623
2624 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
2625 goto lend;
2626
2627 if (SecurityDescriptor)
2628 {
2629 SecurityDescriptor->Owner = (PSID) ((DWORD) lpNext -
2630 (DWORD) SecurityDescriptor);
2631 lpNext += bytes; /* Advance to next token */
2632 }
2633
2634 *cBytes += bytes;
2635
2636 break;
2637 }
2638
2639 case 'G':
2640 {
2641 DWORD bytes;
2642
2643 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
2644 goto lend;
2645
2646 if (SecurityDescriptor)
2647 {
2648 SecurityDescriptor->Group = (PSID) ((DWORD) lpNext -
2649 (DWORD) SecurityDescriptor);
2650 lpNext += bytes; /* Advance to next token */
2651 }
2652
2653 *cBytes += bytes;
2654
2655 break;
2656 }
2657
2658 case 'D':
2659 {
2660 DWORD flags;
2661 DWORD bytes;
2662
2663 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2664 goto lend;
2665
2666 if (SecurityDescriptor)
2667 {
2668 SecurityDescriptor->Control |= SE_DACL_PRESENT | flags;
2669 SecurityDescriptor->Dacl = (PACL) ((DWORD) lpNext -
2670 (DWORD) SecurityDescriptor);
2671 lpNext += bytes; /* Advance to next token */
2672 }
2673
2674 *cBytes += bytes;
2675
2676 break;
2677 }
2678
2679 case 'S':
2680 {
2681 DWORD flags;
2682 DWORD bytes;
2683
2684 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2685 goto lend;
2686
2687 if (SecurityDescriptor)
2688 {
2689 SecurityDescriptor->Control |= SE_SACL_PRESENT | flags;
2690 SecurityDescriptor->Sacl = (PACL) ((DWORD) lpNext -
2691 (DWORD) SecurityDescriptor);
2692 lpNext += bytes; /* Advance to next token */
2693 }
2694
2695 *cBytes += bytes;
2696
2697 break;
2698 }
2699
2700 default:
2701 FIXME("Unknown token\n");
2702 SetLastError(ERROR_INVALID_PARAMETER);
2703 goto lend;
2704 }
2705
2706 StringSecurityDescriptor = lptoken;
2707 }
2708
2709 bret = TRUE;
2710
2711 lend:
2712 return bret;
2713 }
2714
2715 /******************************************************************************
2716 * ConvertStringSecurityDescriptorToSecurityDescriptorA [ADVAPI32.@]
2717 */
2718 BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA(
2719 LPCSTR StringSecurityDescriptor,
2720 DWORD StringSDRevision,
2721 PSECURITY_DESCRIPTOR* SecurityDescriptor,
2722 PULONG SecurityDescriptorSize)
2723 {
2724 UINT len;
2725 BOOL ret = FALSE;
2726 LPWSTR StringSecurityDescriptorW;
2727
2728 len = MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, NULL, 0);
2729 StringSecurityDescriptorW = (LPWSTR)HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
2730
2731 if (StringSecurityDescriptorW)
2732 {
2733 MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, StringSecurityDescriptorW, len);
2734
2735 ret = ConvertStringSecurityDescriptorToSecurityDescriptorW(StringSecurityDescriptorW,
2736 StringSDRevision, SecurityDescriptor,
2737 SecurityDescriptorSize);
2738 HeapFree(GetProcessHeap(), 0, StringSecurityDescriptorW);
2739 }
2740
2741 return ret;
2742 }
2743
2744 /******************************************************************************
2745 * ConvertStringSecurityDescriptorToSecurityDescriptorW [ADVAPI32.@]
2746 */
2747 BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW(
2748 LPCWSTR StringSecurityDescriptor,
2749 DWORD StringSDRevision,
2750 PSECURITY_DESCRIPTOR* SecurityDescriptor,
2751 PULONG SecurityDescriptorSize)
2752 {
2753 DWORD cBytes;
2754 SECURITY_DESCRIPTOR* psd;
2755 BOOL bret = FALSE;
2756
2757 TRACE("%s\n", debugstr_w(StringSecurityDescriptor));
2758
2759 if (GetVersion() & 0x80000000)
2760 {
2761 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2762 goto lend;
2763 }
2764 else if (StringSDRevision != SID_REVISION)
2765 {
2766 SetLastError(ERROR_UNKNOWN_REVISION);
2767 goto lend;
2768 }
2769
2770 /* Compute security descriptor length */
2771 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2772 NULL, &cBytes))
2773 goto lend;
2774
2775 psd = *SecurityDescriptor = (SECURITY_DESCRIPTOR*) LocalAlloc(
2776 GMEM_ZEROINIT, cBytes);
2777
2778 psd->Revision = SID_REVISION;
2779 psd->Control |= SE_SELF_RELATIVE;
2780
2781 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2782 psd, &cBytes))
2783 {
2784 LocalFree(psd);
2785 goto lend;
2786 }
2787
2788 if (SecurityDescriptorSize)
2789 *SecurityDescriptorSize = cBytes;
2790
2791 bret = TRUE;
2792
2793 lend:
2794 TRACE(" ret=%d\n", bret);
2795 return bret;
2796 }
2797
2798 /******************************************************************************
2799 * ConvertStringSidToSidW [ADVAPI32.@]
2800 */
2801 BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID* Sid)
2802 {
2803 BOOL bret = FALSE;
2804 DWORD cBytes;
2805
2806 TRACE("%s, %p\n", debugstr_w(StringSid), Sid);
2807 if (GetVersion() & 0x80000000)
2808 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2809 else if (!StringSid || !Sid)
2810 SetLastError(ERROR_INVALID_PARAMETER);
2811 else if (ParseStringSidToSid(StringSid, NULL, &cBytes))
2812 {
2813 PSID pSid = *Sid = (PSID) LocalAlloc(0, cBytes);
2814
2815 bret = ParseStringSidToSid(StringSid, pSid, &cBytes);
2816 if (!bret)
2817 LocalFree(*Sid);
2818 }
2819 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
2820 return bret;
2821 }
2822
2823 /******************************************************************************
2824 * ConvertStringSidToSidA [ADVAPI32.@]
2825 */
2826 BOOL WINAPI ConvertStringSidToSidA(LPCSTR StringSid, PSID* Sid)
2827 {
2828 BOOL bret = FALSE;
2829
2830 TRACE("%s, %p\n", debugstr_a(StringSid), Sid);
2831 if (GetVersion() & 0x80000000)
2832 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2833 else if (!StringSid || !Sid)
2834 SetLastError(ERROR_INVALID_PARAMETER);
2835 else
2836 {
2837 UINT len = MultiByteToWideChar(CP_ACP, 0, StringSid, -1, NULL, 0);
2838 LPWSTR wStringSid = (LPWSTR)HeapAlloc(GetProcessHeap(), 0,
2839 len * sizeof(WCHAR));
2840
2841 MultiByteToWideChar(CP_ACP, 0, StringSid, -1, wStringSid, len);
2842 bret = ConvertStringSidToSidW(wStringSid, Sid);
2843 HeapFree(GetProcessHeap(), 0, wStringSid);
2844 }
2845 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
2846 return bret;
2847 }
2848
2849 /******************************************************************************
2850 * ConvertSidToStringSidW [ADVAPI32.@]
2851 *
2852 * format of SID string is:
2853 * S-<count>-<auth>-<subauth1>-<subauth2>-<subauth3>...
2854 * where
2855 * <rev> is the revision of the SID encoded as decimal
2856 * <auth> is the identifier authority encoded as hex
2857 * <subauthN> is the subauthority id encoded as decimal
2858 */
2859 BOOL WINAPI ConvertSidToStringSidW( PSID pSid, LPWSTR *pstr )
2860 {
2861 DWORD sz, i;
2862 LPWSTR str;
2863 WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 };
2864 WCHAR subauthfmt[] = { '-','%','u',0 };
2865 SID* pisid=pSid;
2866
2867 TRACE("%p %p\n", pSid, pstr );
2868
2869 if( !IsValidSid( pSid ) )
2870 return FALSE;
2871
2872 if (pisid->Revision != SDDL_REVISION)
2873 return FALSE;
2874 if (pisid->IdentifierAuthority.Value[0] ||
2875 pisid->IdentifierAuthority.Value[1])
2876 {
2877 FIXME("not matching MS' bugs\n");
2878 return FALSE;
2879 }
2880
2881 sz = 14 + pisid->SubAuthorityCount * 11;
2882 str = LocalAlloc( 0, sz*sizeof(WCHAR) );
2883 sprintfW( str, fmt, pisid->Revision, MAKELONG(
2884 MAKEWORD( pisid->IdentifierAuthority.Value[5],
2885 pisid->IdentifierAuthority.Value[4] ),
2886 MAKEWORD( pisid->IdentifierAuthority.Value[3],
2887 pisid->IdentifierAuthority.Value[2] ) ) );
2888 for( i=0; i<pisid->SubAuthorityCount; i++ )
2889 sprintfW( str + strlenW(str), subauthfmt, pisid->SubAuthority[i] );
2890 *pstr = str;
2891
2892 return TRUE;
2893 }
2894
2895 /******************************************************************************
2896 * ConvertSidToStringSidA [ADVAPI32.@]
2897 */
2898 BOOL WINAPI ConvertSidToStringSidA(PSID pSid, LPSTR *pstr)
2899 {
2900 LPWSTR wstr = NULL;
2901 LPSTR str;
2902 UINT len;
2903
2904 TRACE("%p %p\n", pSid, pstr );
2905
2906 if( !ConvertSidToStringSidW( pSid, &wstr ) )
2907 return FALSE;
2908
2909 len = WideCharToMultiByte( CP_ACP, 0, wstr, -1, NULL, 0, NULL, NULL );
2910 str = LocalAlloc( 0, len );
2911 WideCharToMultiByte( CP_ACP, 0, wstr, -1, str, len, NULL, NULL );
2912 LocalFree( wstr );
2913
2914 *pstr = str;
2915
2916 return TRUE;
2917 }
2918
2919 BOOL WINAPI CreatePrivateObjectSecurity(
2920 PSECURITY_DESCRIPTOR ParentDescriptor,
2921 PSECURITY_DESCRIPTOR CreatorDescriptor,
2922 PSECURITY_DESCRIPTOR* NewDescriptor,
2923 BOOL IsDirectoryObject,
2924 HANDLE Token,
2925 PGENERIC_MAPPING GenericMapping )
2926 {
2927 FIXME("%p %p %p %d %p %p - stub\n", ParentDescriptor, CreatorDescriptor,
2928 NewDescriptor, IsDirectoryObject, Token, GenericMapping);
2929
2930 return FALSE;
2931 }
2932
2933 BOOL WINAPI DestroyPrivateObjectSecurity( PSECURITY_DESCRIPTOR* ObjectDescriptor )
2934 {
2935 FIXME("%p - stub\n", ObjectDescriptor);
2936
2937 return TRUE;
2938 }
2939
2940 BOOL WINAPI CreateProcessAsUserA(
2941 HANDLE hToken,
2942 LPCSTR lpApplicationName,
2943 LPSTR lpCommandLine,
2944 LPSECURITY_ATTRIBUTES lpProcessAttributes,
2945 LPSECURITY_ATTRIBUTES lpThreadAttributes,
2946 BOOL bInheritHandles,
2947 DWORD dwCreationFlags,
2948 LPVOID lpEnvironment,
2949 LPCSTR lpCurrentDirectory,
2950 LPSTARTUPINFOA lpStartupInfo,
2951 LPPROCESS_INFORMATION lpProcessInformation )
2952 {
2953 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - stub\n", hToken, debugstr_a(lpApplicationName),
2954 debugstr_a(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
2955 dwCreationFlags, lpEnvironment, debugstr_a(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
2956
2957 return FALSE;
2958 }
2959
2960 BOOL WINAPI CreateProcessAsUserW(
2961 HANDLE hToken,
2962 LPCWSTR lpApplicationName,
2963 LPWSTR lpCommandLine,
2964 LPSECURITY_ATTRIBUTES lpProcessAttributes,
2965 LPSECURITY_ATTRIBUTES lpThreadAttributes,
2966 BOOL bInheritHandles,
2967 DWORD dwCreationFlags,
2968 LPVOID lpEnvironment,
2969 LPCWSTR lpCurrentDirectory,
2970 LPSTARTUPINFOW lpStartupInfo,
2971 LPPROCESS_INFORMATION lpProcessInformation )
2972 {
2973 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - stub\n", hToken, debugstr_w(lpApplicationName),
2974 debugstr_w(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
2975 dwCreationFlags, lpEnvironment, debugstr_w(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
2976
2977 return FALSE;
2978 }
2979
2980 /******************************************************************************
2981 * ComputeStringSidSize
2982 */
2983 static DWORD ComputeStringSidSize(LPCWSTR StringSid)
2984 {
2985 int ctok = 0;
2986 DWORD size = sizeof(SID);
2987
2988 while (*StringSid)
2989 {
2990 if (*StringSid == '-')
2991 ctok++;
2992 StringSid++;
2993 }
2994
2995 if (ctok > 3)
2996 size += (ctok - 3) * sizeof(DWORD);
2997
2998 return size;
2999 }
3000
3001 BOOL WINAPI DuplicateTokenEx(
3002 HANDLE ExistingTokenHandle, DWORD dwDesiredAccess,
3003 LPSECURITY_ATTRIBUTES lpTokenAttributes,
3004 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3005 TOKEN_TYPE TokenType,
3006 PHANDLE DuplicateTokenHandle )
3007 {
3008 OBJECT_ATTRIBUTES ObjectAttributes;
3009
3010 TRACE("%p 0x%08lx 0x%08x 0x%08x %p\n", ExistingTokenHandle, dwDesiredAccess,
3011 ImpersonationLevel, TokenType, DuplicateTokenHandle);
3012
3013 InitializeObjectAttributes(
3014 &ObjectAttributes,
3015 NULL,
3016 (lpTokenAttributes && lpTokenAttributes->bInheritHandle) ? OBJ_INHERIT : 0,
3017 NULL,
3018 lpTokenAttributes ? lpTokenAttributes->lpSecurityDescriptor : NULL );
3019
3020 return set_ntstatus( NtDuplicateToken( ExistingTokenHandle,
3021 dwDesiredAccess,
3022 &ObjectAttributes,
3023 ImpersonationLevel,
3024 TokenType,
3025 DuplicateTokenHandle ) );
3026 }
3027
3028 BOOL WINAPI DuplicateToken(
3029 HANDLE ExistingTokenHandle,
3030 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3031 PHANDLE DuplicateTokenHandle )
3032 {
3033 return DuplicateTokenEx( ExistingTokenHandle, 0, NULL, ImpersonationLevel,
3034 TokenImpersonation, DuplicateTokenHandle );
3035 }
3036
3037 BOOL WINAPI EnumDependentServicesA(
3038 SC_HANDLE hService,
3039 DWORD dwServiceState,
3040 LPENUM_SERVICE_STATUSA lpServices,
3041 DWORD cbBufSize,
3042 LPDWORD pcbBytesNeeded,
3043 LPDWORD lpServicesReturned )
3044 {
3045 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService, dwServiceState,
3046 lpServices, cbBufSize, pcbBytesNeeded, lpServicesReturned);
3047
3048 return FALSE;
3049 }
3050
3051 BOOL WINAPI EnumDependentServicesW(
3052 SC_HANDLE hService,
3053 DWORD dwServiceState,
3054 LPENUM_SERVICE_STATUSW lpServices,
3055 DWORD cbBufSize,
3056 LPDWORD pcbBytesNeeded,
3057 LPDWORD lpServicesReturned )
3058 {
3059 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService, dwServiceState,
3060 lpServices, cbBufSize, pcbBytesNeeded, lpServicesReturned);
3061
3062 return FALSE;
3063 }
3064
3065 /******************************************************************************
3066 * ParseStringSidToSid
3067 */
3068 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
3069 {
3070 BOOL bret = FALSE;
3071 SID* pisid=pSid;
3072
3073 TRACE("%s, %p, %p\n", debugstr_w(StringSid), pSid, cBytes);
3074 if (!StringSid)
3075 {
3076 SetLastError(ERROR_INVALID_PARAMETER);
3077 TRACE("StringSid is NULL, returning FALSE\n");
3078 return FALSE;
3079 }
3080
3081 *cBytes = ComputeStringSidSize(StringSid);
3082 if (!pisid) /* Simply compute the size */
3083 {
3084 TRACE("only size requested, returning TRUE\n");
3085 return TRUE;
3086 }
3087
3088 if (*StringSid != 'S' || *StringSid != '-') /* S-R-I-S-S */
3089 {
3090 DWORD i = 0, identAuth;
3091 DWORD csubauth = ((*cBytes - sizeof(SID)) / sizeof(DWORD)) + 1;
3092
3093 StringSid += 2; /* Advance to Revision */
3094 pisid->Revision = atoiW(StringSid);
3095
3096 if (pisid->Revision != SDDL_REVISION)
3097 {
3098 TRACE("Revision %d is unknown\n", pisid->Revision);
3099 goto lend; /* ERROR_INVALID_SID */
3100 }
3101 if (csubauth == 0)
3102 {
3103 TRACE("SubAuthorityCount is 0\n");
3104 goto lend; /* ERROR_INVALID_SID */
3105 }
3106
3107 pisid->SubAuthorityCount = csubauth;
3108
3109 /* Advance to identifier authority */
3110 while (*StringSid && *StringSid != '-')
3111 StringSid++;
3112 if (*StringSid == '-')
3113 StringSid++;
3114
3115 /* MS' implementation can't handle values greater than 2^32 - 1, so
3116 * we don't either; assume most significant bytes are always 0
3117 */
3118 pisid->IdentifierAuthority.Value[0] = 0;
3119 pisid->IdentifierAuthority.Value[1] = 0;
3120 identAuth = atoiW(StringSid);
3121 pisid->IdentifierAuthority.Value[5] = identAuth & 0xff;
3122 pisid->IdentifierAuthority.Value[4] = (identAuth & 0xff00) >> 8;
3123 pisid->IdentifierAuthority.Value[3] = (identAuth & 0xff0000) >> 16;
3124 pisid->IdentifierAuthority.Value[2] = (identAuth & 0xff000000) >> 24;
3125
3126 /* Advance to first sub authority */
3127 while (*StringSid && *StringSid != '-')
3128 StringSid++;
3129 if (*StringSid == '-')
3130 StringSid++;
3131
3132 while (*StringSid)
3133 {
3134 while (*StringSid && *StringSid != '-')
3135 StringSid++;
3136
3137 pisid->SubAuthority[i++] = atoiW(StringSid);
3138 }
3139
3140 if (i != pisid->SubAuthorityCount)
3141 goto lend; /* ERROR_INVALID_SID */
3142
3143 bret = TRUE;
3144 }
3145 else /* String constant format - Only available in winxp and above */
3146 {
3147 pisid->Revision = SDDL_REVISION;
3148 pisid->SubAuthorityCount = 1;
3149
3150 FIXME("String constant not supported: %s\n", debugstr_wn(StringSid, 2));
3151
3152 /* TODO: Lookup string of well-known SIDs in table */
3153 pisid->IdentifierAuthority.Value[5] = 0;
3154 pisid->SubAuthority[0] = 0;
3155
3156 bret = TRUE;
3157 }
3158
3159 lend:
3160 if (!bret)
3161 SetLastError(ERROR_INVALID_SID);
3162
3163 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
3164 return bret;
3165 }
3166
3167 /******************************************************************************
3168 * GetNamedSecurityInfoA [ADVAPI32.@]
3169 */
3170 DWORD WINAPI GetNamedSecurityInfoA(LPSTR pObjectName,
3171 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
3172 PSID* ppsidOwner, PSID* ppsidGroup, PACL* ppDacl, PACL* ppSacl,
3173 PSECURITY_DESCRIPTOR* ppSecurityDescriptor)
3174 {
3175 DWORD len;
3176 LPWSTR wstr = NULL;
3177 DWORD r;
3178
3179 TRACE("%s %d %ld %p %p %p %p %p\n", pObjectName, ObjectType, SecurityInfo,
3180 ppsidOwner, ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor);
3181
3182 if( pObjectName )
3183 {
3184 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
3185 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
3186 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
3187 }
3188
3189 r = GetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, ppsidOwner,
3190 ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor );
3191
3192 HeapFree( GetProcessHeap(), 0, wstr );
3193
3194 return r;
3195 }
3196
3197 /******************************************************************************
3198 * GetNamedSecurityInfoW [ADVAPI32.@]
3199 */
3200 DWORD WINAPI GetNamedSecurityInfoW(LPWSTR pObjectName,
3201 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
3202 PSID* ppsidOwner, PSID* ppsidGroup, PACL* ppDacl, PACL* ppSacl,
3203 PSECURITY_DESCRIPTOR* ppSecurityDescriptor)
3204 {
3205 FIXME("%s %d %ld %p %p %p %p %p\n", debugstr_w(pObjectName), ObjectType, SecurityInfo,
3206 ppsidOwner, ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor);
3207 return ERROR_CALL_NOT_IMPLEMENTED;
3208 }
3209
3210 /******************************************************************************
3211 * DecryptFileW [ADVAPI32.@]
3212 */
3213 BOOL WINAPI DecryptFileW(LPCWSTR lpFileName, DWORD dwReserved)
3214 {
3215 FIXME("%s %08lx\n", debugstr_w(lpFileName), dwReserved);
3216 return TRUE;
3217 }
3218
3219 /******************************************************************************
3220 * DecryptFileA [ADVAPI32.@]
3221 */
3222 BOOL WINAPI DecryptFileA(LPCSTR lpFileName, DWORD dwReserved)
3223 {
3224 FIXME("%s %08lx\n", debugstr_a(lpFileName), dwReserved);
3225 return TRUE;
3226 }
3227
3228 /******************************************************************************
3229 * EncryptFileW [ADVAPI32.@]
3230 */
3231 BOOL WINAPI EncryptFileW(LPCWSTR lpFileName)
3232 {
3233 FIXME("%s\n", debugstr_w(lpFileName));
3234 return TRUE;
3235 }
3236
3237 /******************************************************************************
3238 * EncryptFileA [ADVAPI32.@]
3239 */
3240 BOOL WINAPI EncryptFileA(LPCSTR lpFileName)
3241 {
3242 FIXME("%s\n", debugstr_a(lpFileName));
3243 return TRUE;
3244 }