search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
widl: Encode coclass types in typelibs.
[wine/winequartzdrv.git] / dlls / advapi32 / security.c
blob658fa446d7ae80f7e2c5782defd2cb6ea6550451
1 /*
2 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
3 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 *
19 */
20
21 #include <stdarg.h>
22 #include <string.h>
23
24 #include "ntstatus.h"
25 #define WIN32_NO_STATUS
26 #include "windef.h"
27 #include "winbase.h"
28 #include "winerror.h"
29 #include "rpcnterr.h"
30 #include "winreg.h"
31 #include "winternl.h"
32 #include "winioctl.h"
33 #include "ntsecapi.h"
34 #include "accctrl.h"
35 #include "sddl.h"
36 #include "winsvc.h"
37 #include "aclapi.h"
38
39 #include "wine/debug.h"
40 #include "wine/unicode.h"
41
42 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
43
44 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes);
45 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
46 PACL pAcl, LPDWORD cBytes);
47 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl);
48 static BYTE ParseAceStringType(LPCWSTR* StringAcl);
49 static DWORD ParseAceStringRights(LPCWSTR* StringAcl);
50 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
51 LPCWSTR StringSecurityDescriptor,
52 SECURITY_DESCRIPTOR* SecurityDescriptor,
53 LPDWORD cBytes);
54 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl);
55
56 typedef struct _ACEFLAG
57 {
58 LPCWSTR wstr;
59 DWORD value;
60 } ACEFLAG, *LPACEFLAG;
61
62 typedef struct _MAX_SID
63 {
64 /* same fields as struct _SID */
65 BYTE Revision;
66 BYTE SubAuthorityCount;
67 SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
68 DWORD SubAuthority[SID_MAX_SUB_AUTHORITIES];
69 } MAX_SID;
70
71 typedef struct WELLKNOWNSID
72 {
73 WCHAR wstr[2];
74 WELL_KNOWN_SID_TYPE Type;
75 MAX_SID Sid;
76 } WELLKNOWNSID;
77
78 static const WELLKNOWNSID WellKnownSids[] =
79 {
80 { {0,0}, WinNullSid, { SID_REVISION, 1, { SECURITY_NULL_SID_AUTHORITY }, { SECURITY_NULL_RID } } },
81 { {'W','D'}, WinWorldSid, { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY }, { SECURITY_WORLD_RID } } },
82 { {0,0}, WinLocalSid, { SID_REVISION, 1, { SECURITY_LOCAL_SID_AUTHORITY }, { SECURITY_LOCAL_RID } } },
83 { {'C','O'}, WinCreatorOwnerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_RID } } },
84 { {'C','G'}, WinCreatorGroupSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_RID } } },
85 { {0,0}, WinCreatorOwnerServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_SERVER_RID } } },
86 { {0,0}, WinCreatorGroupServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_SERVER_RID } } },
87 { {0,0}, WinNtAuthoritySid, { SID_REVISION, 0, { SECURITY_NT_AUTHORITY }, { } } },
88 { {0,0}, WinDialupSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_DIALUP_RID } } },
89 { {'N','U'}, WinNetworkSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_RID } } },
90 { {0,0}, WinBatchSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BATCH_RID } } },
91 { {'I','U'}, WinInteractiveSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_INTERACTIVE_RID } } },
92 { {'S','U'}, WinServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_SERVICE_RID } } },
93 { {'A','N'}, WinAnonymousSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ANONYMOUS_LOGON_RID } } },
94 { {0,0}, WinProxySid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PROXY_RID } } },
95 { {'E','D'}, WinEnterpriseControllersSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ENTERPRISE_CONTROLLERS_RID } } },
96 { {'P','S'}, WinSelfSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PRINCIPAL_SELF_RID } } },
97 { {'A','U'}, WinAuthenticatedUserSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_AUTHENTICATED_USER_RID } } },
98 { {'R','C'}, WinRestrictedCodeSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_RESTRICTED_CODE_RID } } },
99 { {0,0}, WinTerminalServerSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_TERMINAL_SERVER_RID } } },
100 { {0,0}, WinRemoteLogonIdSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_REMOTE_LOGON_RID } } },
101 { {'S','Y'}, WinLocalSystemSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SYSTEM_RID } } },
102 { {'L','S'}, WinLocalServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SERVICE_RID } } },
103 { {'N','S'}, WinNetworkServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_SERVICE_RID } } },
104 { {0,0}, WinBuiltinDomainSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID } } },
105 { {'B','A'}, WinBuiltinAdministratorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS } } },
106 { {'B','U'}, WinBuiltinUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_USERS } } },
107 { {'B','G'}, WinBuiltinGuestsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_GUESTS } } },
108 { {'P','U'}, WinBuiltinPowerUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_POWER_USERS } } },
109 { {'A','O'}, WinBuiltinAccountOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ACCOUNT_OPS } } },
110 { {'S','O'}, WinBuiltinSystemOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_SYSTEM_OPS } } },
111 { {'P','O'}, WinBuiltinPrintOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PRINT_OPS } } },
112 { {'B','O'}, WinBuiltinBackupOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_BACKUP_OPS } } },
113 { {'R','E'}, WinBuiltinReplicatorSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REPLICATOR } } },
114 { {'R','U'}, WinBuiltinPreWindows2000CompatibleAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PREW2KCOMPACCESS } } },
115 { {'R','D'}, WinBuiltinRemoteDesktopUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS } } },
116 { {'N','O'}, WinBuiltinNetworkConfigurationOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS } } },
117 };
118
119 static SID const sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } };
120
121 typedef struct _AccountSid {
122 WELL_KNOWN_SID_TYPE type;
123 LPCWSTR account;
124 LPCWSTR domain;
125 SID_NAME_USE name_use;
126 } AccountSid;
127
128 static const WCHAR Account_Operators[] = { 'A','c','c','o','u','n','t',' ','O','p','e','r','a','t','o','r','s',0 };
129 static const WCHAR Administrator[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0 };
130 static const WCHAR Administrators[] = { 'A','d','m','i','n','i','s','t','r','a','t','o','r','s',0 };
131 static const WCHAR ANONYMOUS_LOGON[] = { 'A','N','O','N','Y','M','O','U','S',' ','L','O','G','O','N',0 };
132 static const WCHAR Authenticated_Users[] = { 'A','u','t','h','e','n','t','i','c','a','t','e','d',' ','U','s','e','r','s',0 };
133 static const WCHAR Backup_Operators[] = { 'B','a','c','k','u','p',' ','O','p','e','r','a','t','o','r','s',0 };
134 static const WCHAR BATCH[] = { 'B','A','T','C','H',0 };
135 static const WCHAR Blank[] = { 0 };
136 static const WCHAR BUILTIN[] = { 'B','U','I','L','T','I','N',0 };
137 static const WCHAR CREATOR_GROUP[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',0 };
138 static const WCHAR CREATOR_GROUP_SERVER[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',' ','S','E','R','V','E','R',0 };
139 static const WCHAR CREATOR_OWNER[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',0 };
140 static const WCHAR CREATOR_OWNER_SERVER[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',' ','S','E','R','V','E','R',0 };
141 static const WCHAR DIALUP[] = { 'D','I','A','L','U','P',0 };
142 static const WCHAR DOMAIN[] = {'D','O','M','A','I','N',0};
143 static const WCHAR ENTERPRISE_DOMAIN_CONTROLLERS[] = { 'E','N','T','E','R','P','R','I','S','E',' ','D','O','M','A','I','N',' ','C','O','N','T','R','O','L','L','E','R','S',0 };
144 static const WCHAR Everyone[] = { 'E','v','e','r','y','o','n','e',0 };
145 static const WCHAR Guests[] = { 'G','u','e','s','t','s',0 };
146 static const WCHAR INTERACTIVE[] = { 'I','N','T','E','R','A','C','T','I','V','E',0 };
147 static const WCHAR LOCAL[] = { 'L','O','C','A','L',0 };
148 static const WCHAR LOCAL_SERVICE[] = { 'L','O','C','A','L',' ','S','E','R','V','I','C','E',0 };
149 static const WCHAR NETWORK[] = { 'N','E','T','W','O','R','K',0 };
150 static const WCHAR Network_Configuration_Operators[] = { 'N','e','t','w','o','r','k',' ','C','o','n','f','i','g','u','r','a','t','i','o','n',' ','O','p','e','r','a','t','o','r','s',0 };
151 static const WCHAR NETWORK_SERVICE[] = { 'N','E','T','W','O','R','K',' ','S','E','R','V','I','C','E',0 };
152 static const WCHAR NT_AUTHORITY[] = { 'N','T',' ','A','U','T','H','O','R','I','T','Y',0 };
153 static const WCHAR NT_Pseudo_Domain[] = { 'N','T',' ','P','s','e','u','d','o',' ','D','o','m','a','i','n',0 };
154 static const WCHAR NULL_SID[] = { 'N','U','L','L',' ','S','I','D',0 };
155 static const WCHAR Power_Users[] = { 'P','o','w','e','r',' ','U','s','e','r','s',0 };
156 static const WCHAR Print_Operators[] = { 'P','r','i','n','t',' ','O','p','e','r','a','t','o','r','s',0 };
157 static const WCHAR PROXY[] = { 'P','R','O','X','Y',0 };
158 static const WCHAR Remote_Desktop_Users[] = { 'R','e','m','o','t','e',' ','D','e','s','k','t','o','p',' ','U','s','e','r','s',0 };
159 static const WCHAR REMOTE_INTERACTIVE_LOGON[] = { 'R','E','M','O','T','E',' ','I','N','T','E','R','A','C','T','I','V','E',' ','L','O','G','O','N',0 };
160 static const WCHAR Replicators[] = { 'R','e','p','l','i','c','a','t','o','r','s',0 };
161 static const WCHAR RESTRICTED[] = { 'R','E','S','T','R','I','C','T','E','D',0 };
162 static const WCHAR SELF[] = { 'S','E','L','F',0 };
163 static const WCHAR Server_Operators[] = { 'S','e','r','v','e','r',' ','O','p','e','r','a','t','o','r','s',0 };
164 static const WCHAR SERVICE[] = { 'S','E','R','V','I','C','E',0 };
165 static const WCHAR SYSTEM[] = { 'S','Y','S','T','E','M',0 };
166 static const WCHAR TERMINAL_SERVER_USER[] = { 'T','E','R','M','I','N','A','L',' ','S','E','R','V','E','R',' ','U','S','E','R',0 };
167 static const WCHAR Users[] = { 'U','s','e','r','s',0 };
168
169 static const AccountSid ACCOUNT_SIDS[] = {
170 { WinNullSid, NULL_SID, Blank, SidTypeWellKnownGroup },
171 { WinWorldSid, Everyone, Blank, SidTypeWellKnownGroup },
172 { WinLocalSid, LOCAL, Blank, SidTypeWellKnownGroup },
173 { WinCreatorOwnerSid, CREATOR_OWNER, Blank, SidTypeWellKnownGroup },
174 { WinCreatorGroupSid, CREATOR_GROUP, Blank, SidTypeWellKnownGroup },
175 { WinCreatorOwnerServerSid, CREATOR_OWNER_SERVER, Blank, SidTypeWellKnownGroup },
176 { WinCreatorGroupServerSid, CREATOR_GROUP_SERVER, Blank, SidTypeWellKnownGroup },
177 { WinNtAuthoritySid, NT_Pseudo_Domain, NT_Pseudo_Domain, SidTypeDomain },
178 { WinDialupSid, DIALUP, NT_AUTHORITY, SidTypeWellKnownGroup },
179 { WinNetworkSid, NETWORK, NT_AUTHORITY, SidTypeWellKnownGroup },
180 { WinBatchSid, BATCH, NT_AUTHORITY, SidTypeWellKnownGroup },
181 { WinInteractiveSid, INTERACTIVE, NT_AUTHORITY, SidTypeWellKnownGroup },
182 { WinServiceSid, SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup },
183 { WinAnonymousSid, ANONYMOUS_LOGON, NT_AUTHORITY, SidTypeWellKnownGroup },
184 { WinProxySid, PROXY, NT_AUTHORITY, SidTypeWellKnownGroup },
185 { WinEnterpriseControllersSid, ENTERPRISE_DOMAIN_CONTROLLERS, NT_AUTHORITY, SidTypeWellKnownGroup },
186 { WinSelfSid, SELF, NT_AUTHORITY, SidTypeWellKnownGroup },
187 { WinAuthenticatedUserSid, Authenticated_Users, NT_AUTHORITY, SidTypeWellKnownGroup },
188 { WinRestrictedCodeSid, RESTRICTED, NT_AUTHORITY, SidTypeWellKnownGroup },
189 { WinTerminalServerSid, TERMINAL_SERVER_USER, NT_AUTHORITY, SidTypeWellKnownGroup },
190 { WinRemoteLogonIdSid, REMOTE_INTERACTIVE_LOGON, NT_AUTHORITY, SidTypeWellKnownGroup },
191 { WinLocalSystemSid, SYSTEM, NT_AUTHORITY, SidTypeWellKnownGroup },
192 { WinLocalServiceSid, LOCAL_SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup },
193 { WinNetworkServiceSid, NETWORK_SERVICE, NT_AUTHORITY, SidTypeWellKnownGroup },
194 { WinBuiltinDomainSid, BUILTIN, BUILTIN, SidTypeDomain },
195 { WinBuiltinAdministratorsSid, Administrators, BUILTIN, SidTypeAlias },
196 { WinBuiltinUsersSid, Users, BUILTIN, SidTypeAlias },
197 { WinBuiltinGuestsSid, Guests, BUILTIN, SidTypeAlias },
198 { WinBuiltinPowerUsersSid, Power_Users, BUILTIN, SidTypeAlias },
199 { WinBuiltinAccountOperatorsSid, Account_Operators, BUILTIN, SidTypeAlias },
200 { WinBuiltinSystemOperatorsSid, Server_Operators, BUILTIN, SidTypeAlias },
201 { WinBuiltinPrintOperatorsSid, Print_Operators, BUILTIN, SidTypeAlias },
202 { WinBuiltinBackupOperatorsSid, Backup_Operators, BUILTIN, SidTypeAlias },
203 { WinBuiltinReplicatorSid, Replicators, BUILTIN, SidTypeAlias },
204 { WinBuiltinRemoteDesktopUsersSid, Remote_Desktop_Users, BUILTIN, SidTypeAlias },
205 { WinBuiltinNetworkConfigurationOperatorsSid, Network_Configuration_Operators, BUILTIN, SidTypeAlias },
206 };
207 /*
208 * ACE access rights
209 */
210 static const WCHAR SDDL_READ_CONTROL[] = {'R','C',0};
211 static const WCHAR SDDL_WRITE_DAC[] = {'W','D',0};
212 static const WCHAR SDDL_WRITE_OWNER[] = {'W','O',0};
213 static const WCHAR SDDL_STANDARD_DELETE[] = {'S','D',0};
214 static const WCHAR SDDL_GENERIC_ALL[] = {'G','A',0};
215 static const WCHAR SDDL_GENERIC_READ[] = {'G','R',0};
216 static const WCHAR SDDL_GENERIC_WRITE[] = {'G','W',0};
217 static const WCHAR SDDL_GENERIC_EXECUTE[] = {'G','X',0};
218
219 /*
220 * ACE types
221 */
222 static const WCHAR SDDL_ACCESS_ALLOWED[] = {'A',0};
223 static const WCHAR SDDL_ACCESS_DENIED[] = {'D',0};
224 static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[] = {'O','A',0};
225 static const WCHAR SDDL_OBJECT_ACCESS_DENIED[] = {'O','D',0};
226 static const WCHAR SDDL_AUDIT[] = {'A','U',0};
227 static const WCHAR SDDL_ALARM[] = {'A','L',0};
228 static const WCHAR SDDL_OBJECT_AUDIT[] = {'O','U',0};
229 static const WCHAR SDDL_OBJECT_ALARMp[] = {'O','L',0};
230
231 /*
232 * ACE flags
233 */
234 static const WCHAR SDDL_CONTAINER_INHERIT[] = {'C','I',0};
235 static const WCHAR SDDL_OBJECT_INHERIT[] = {'O','I',0};
236 static const WCHAR SDDL_NO_PROPAGATE[] = {'N','P',0};
237 static const WCHAR SDDL_INHERIT_ONLY[] = {'I','O',0};
238 static const WCHAR SDDL_INHERITED[] = {'I','D',0};
239 static const WCHAR SDDL_AUDIT_SUCCESS[] = {'S','A',0};
240 static const WCHAR SDDL_AUDIT_FAILURE[] = {'F','A',0};
241
242 static const char * debugstr_sid(PSID sid)
243 {
244 int auth = 0;
245 SID * psid = (SID *)sid;
246
247 if (psid == NULL)
248 return "(null)";
249
250 auth = psid->IdentifierAuthority.Value[5] +
251 (psid->IdentifierAuthority.Value[4] << 8) +
252 (psid->IdentifierAuthority.Value[3] << 16) +
253 (psid->IdentifierAuthority.Value[2] << 24);
254
255 switch (psid->SubAuthorityCount) {
256 case 0:
257 return wine_dbg_sprintf("S-%d-%d", psid->Revision, auth);
258 case 1:
259 return wine_dbg_sprintf("S-%d-%d-%lu", psid->Revision, auth,
260 psid->SubAuthority[0]);
261 case 2:
262 return wine_dbg_sprintf("S-%d-%d-%lu-%lu", psid->Revision, auth,
263 psid->SubAuthority[0], psid->SubAuthority[1]);
264 case 3:
265 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu", psid->Revision, auth,
266 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2]);
267 case 4:
268 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu", psid->Revision, auth,
269 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
270 psid->SubAuthority[3]);
271 case 5:
272 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
273 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
274 psid->SubAuthority[3], psid->SubAuthority[4]);
275 case 6:
276 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
277 psid->SubAuthority[3], psid->SubAuthority[1], psid->SubAuthority[2],
278 psid->SubAuthority[0], psid->SubAuthority[4], psid->SubAuthority[5]);
279 case 7:
280 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
281 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
282 psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
283 psid->SubAuthority[6]);
284 case 8:
285 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
286 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
287 psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
288 psid->SubAuthority[6], psid->SubAuthority[7]);
289 }
290 return "(too-big)";
291 }
292
293 /* set last error code from NT status and get the proper boolean return value */
294 /* used for functions that are a simple wrapper around the corresponding ntdll API */
295 static inline BOOL set_ntstatus( NTSTATUS status )
296 {
297 if (status) SetLastError( RtlNtStatusToDosError( status ));
298 return !status;
299 }
300
301 #define WINE_SIZE_OF_WORLD_ACCESS_ACL (sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD))
302
303 static void GetWorldAccessACL(PACL pACL)
304 {
305 PACCESS_ALLOWED_ACE pACE = (PACCESS_ALLOWED_ACE) (pACL + 1);
306
307 pACL->AclRevision = ACL_REVISION;
308 pACL->Sbz1 = 0;
309 pACL->AclSize = WINE_SIZE_OF_WORLD_ACCESS_ACL;
310 pACL->AceCount = 1;
311 pACL->Sbz2 = 0;
312
313 pACE->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
314 pACE->Header.AceFlags = CONTAINER_INHERIT_ACE;
315 pACE->Header.AceSize = sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD);
316 pACE->Mask = 0xf3ffffff; /* Everything except reserved bits */
317 memcpy(&pACE->SidStart, &sidWorld, sizeof(sidWorld));
318 }
319
320 /************************************************************
321 * ADVAPI_IsLocalComputer
322 *
323 * Checks whether the server name indicates local machine.
324 */
325 static BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
326 {
327 DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
328 BOOL Result;
329 LPWSTR buf;
330
331 if (!ServerName || !ServerName[0])
332 return TRUE;
333
334 buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
335 Result = GetComputerNameW(buf, &dwSize);
336 if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
337 ServerName += 2;
338 Result = Result && !lstrcmpW(ServerName, buf);
339 HeapFree(GetProcessHeap(), 0, buf);
340
341 return Result;
342 }
343
344 /* ##############################
345 ###### TOKEN FUNCTIONS ######
346 ##############################
347 */
348
349 /******************************************************************************
350 * OpenProcessToken [ADVAPI32.@]
351 * Opens the access token associated with a process handle.
352 *
353 * PARAMS
354 * ProcessHandle [I] Handle to process
355 * DesiredAccess [I] Desired access to process
356 * TokenHandle [O] Pointer to handle of open access token
357 *
358 * RETURNS
359 * Success: TRUE. TokenHandle contains the access token.
360 * Failure: FALSE.
361 *
362 * NOTES
363 * See NtOpenProcessToken.
364 */
365 BOOL WINAPI
366 OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
367 HANDLE *TokenHandle )
368 {
369 return set_ntstatus(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
370 }
371
372 /******************************************************************************
373 * OpenThreadToken [ADVAPI32.@]
374 *
375 * Opens the access token associated with a thread handle.
376 *
377 * PARAMS
378 * ThreadHandle [I] Handle to process
379 * DesiredAccess [I] Desired access to the thread
380 * OpenAsSelf [I] ???
381 * TokenHandle [O] Destination for the token handle
382 *
383 * RETURNS
384 * Success: TRUE. TokenHandle contains the access token.
385 * Failure: FALSE.
386 *
387 * NOTES
388 * See NtOpenThreadToken.
389 */
390 BOOL WINAPI
391 OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
392 BOOL OpenAsSelf, HANDLE *TokenHandle)
393 {
394 return set_ntstatus( NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
395 }
396
397 BOOL WINAPI
398 AdjustTokenGroups( HANDLE TokenHandle, BOOL ResetToDefault, PTOKEN_GROUPS NewState,
399 DWORD BufferLength, PTOKEN_GROUPS PreviousState, PDWORD ReturnLength )
400 {
401 return set_ntstatus( NtAdjustGroupsToken(TokenHandle, ResetToDefault, NewState, BufferLength,
402 PreviousState, ReturnLength));
403 }
404
405 /******************************************************************************
406 * AdjustTokenPrivileges [ADVAPI32.@]
407 *
408 * Adjust the privileges of an open token handle.
409 *
410 * PARAMS
411 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
412 * DisableAllPrivileges [I] TRUE=Remove all privileges, FALSE=Use NewState
413 * NewState [I] Desired new privileges of the token
414 * BufferLength [I] Length of NewState
415 * PreviousState [O] Destination for the previous state
416 * ReturnLength [I/O] Size of PreviousState
417 *
418 *
419 * RETURNS
420 * Success: TRUE. Privileges are set to NewState and PreviousState is updated.
421 * Failure: FALSE.
422 *
423 * NOTES
424 * See NtAdjustPrivilegesToken.
425 */
426 BOOL WINAPI
427 AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
428 LPVOID NewState, DWORD BufferLength,
429 LPVOID PreviousState, LPDWORD ReturnLength )
430 {
431 NTSTATUS status;
432
433 TRACE("\n");
434
435 status = NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges,
436 NewState, BufferLength, PreviousState,
437 ReturnLength);
438 SetLastError( RtlNtStatusToDosError( status ));
439 if ((status == STATUS_SUCCESS) || (status == STATUS_NOT_ALL_ASSIGNED))
440 return TRUE;
441 else
442 return FALSE;
443 }
444
445 /******************************************************************************
446 * CheckTokenMembership [ADVAPI32.@]
447 *
448 * Determine if an access token is a member of a SID.
449 *
450 * PARAMS
451 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
452 * SidToCheck [I] SID that possibly contains the token
453 * IsMember [O] Destination for result.
454 *
455 * RETURNS
456 * Success: TRUE. IsMember is TRUE if TokenHandle is a member, FALSE otherwise.
457 * Failure: FALSE.
458 */
459 BOOL WINAPI
460 CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
461 PBOOL IsMember )
462 {
463 FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
464
465 *IsMember = TRUE;
466 return(TRUE);
467 }
468
469 /******************************************************************************
470 * GetTokenInformation [ADVAPI32.@]
471 *
472 * Get a type of information about an access token.
473 *
474 * PARAMS
475 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
476 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
477 * tokeninfo [O] Destination for token information
478 * tokeninfolength [I] Length of tokeninfo
479 * retlen [O] Destination for returned token information length
480 *
481 * RETURNS
482 * Success: TRUE. tokeninfo contains retlen bytes of token information
483 * Failure: FALSE.
484 *
485 * NOTES
486 * See NtQueryInformationToken.
487 */
488 BOOL WINAPI
489 GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
490 LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
491 {
492 TRACE("(%p, %s, %p, %ld, %p):\n",
493 token,
494 (tokeninfoclass == TokenUser) ? "TokenUser" :
495 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
496 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
497 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
498 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
499 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
500 (tokeninfoclass == TokenSource) ? "TokenSource" :
501 (tokeninfoclass == TokenType) ? "TokenType" :
502 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
503 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
504 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
505 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
506 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
507 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
508 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
509 "Unknown",
510 tokeninfo, tokeninfolength, retlen);
511 return set_ntstatus( NtQueryInformationToken( token, tokeninfoclass, tokeninfo,
512 tokeninfolength, retlen));
513 }
514
515 /******************************************************************************
516 * SetTokenInformation [ADVAPI32.@]
517 *
518 * Set information for an access token.
519 *
520 * PARAMS
521 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
522 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
523 * tokeninfo [I] Token information to set
524 * tokeninfolength [I] Length of tokeninfo
525 *
526 * RETURNS
527 * Success: TRUE. The information for the token is set to tokeninfo.
528 * Failure: FALSE.
529 */
530 BOOL WINAPI
531 SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
532 LPVOID tokeninfo, DWORD tokeninfolength )
533 {
534 TRACE("(%p, %s, %p, %ld): stub\n",
535 token,
536 (tokeninfoclass == TokenUser) ? "TokenUser" :
537 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
538 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
539 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
540 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
541 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
542 (tokeninfoclass == TokenSource) ? "TokenSource" :
543 (tokeninfoclass == TokenType) ? "TokenType" :
544 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
545 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
546 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
547 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
548 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
549 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
550 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
551 "Unknown",
552 tokeninfo, tokeninfolength);
553
554 return set_ntstatus( NtSetInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength ));
555 }
556
557 /*************************************************************************
558 * SetThreadToken [ADVAPI32.@]
559 *
560 * Assigns an 'impersonation token' to a thread so it can assume the
561 * security privileges of another thread or process. Can also remove
562 * a previously assigned token.
563 *
564 * PARAMS
565 * thread [O] Handle to thread to set the token for
566 * token [I] Token to set
567 *
568 * RETURNS
569 * Success: TRUE. The threads access token is set to token
570 * Failure: FALSE.
571 *
572 * NOTES
573 * Only supported on NT or higher. On Win9X this function does nothing.
574 * See SetTokenInformation.
575 */
576 BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
577 {
578 return set_ntstatus( NtSetInformationThread( thread ? *thread : GetCurrentThread(),
579 ThreadImpersonationToken, &token, sizeof token ));
580 }
581
582 /* ##############################
583 ###### SID FUNCTIONS ######
584 ##############################
585 */
586
587 /******************************************************************************
588 * AllocateAndInitializeSid [ADVAPI32.@]
589 *
590 * PARAMS
591 * pIdentifierAuthority []
592 * nSubAuthorityCount []
593 * nSubAuthority0 []
594 * nSubAuthority1 []
595 * nSubAuthority2 []
596 * nSubAuthority3 []
597 * nSubAuthority4 []
598 * nSubAuthority5 []
599 * nSubAuthority6 []
600 * nSubAuthority7 []
601 * pSid []
602 */
603 BOOL WINAPI
604 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
605 BYTE nSubAuthorityCount,
606 DWORD nSubAuthority0, DWORD nSubAuthority1,
607 DWORD nSubAuthority2, DWORD nSubAuthority3,
608 DWORD nSubAuthority4, DWORD nSubAuthority5,
609 DWORD nSubAuthority6, DWORD nSubAuthority7,
610 PSID *pSid )
611 {
612 return set_ntstatus( RtlAllocateAndInitializeSid(
613 pIdentifierAuthority, nSubAuthorityCount,
614 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
615 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
616 pSid ));
617 }
618
619 /******************************************************************************
620 * FreeSid [ADVAPI32.@]
621 *
622 * PARAMS
623 * pSid []
624 */
625 PVOID WINAPI
626 FreeSid( PSID pSid )
627 {
628 RtlFreeSid(pSid);
629 return NULL; /* is documented like this */
630 }
631
632 /******************************************************************************
633 * CopySid [ADVAPI32.@]
634 *
635 * PARAMS
636 * nDestinationSidLength []
637 * pDestinationSid []
638 * pSourceSid []
639 */
640 BOOL WINAPI
641 CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
642 {
643 return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
644 }
645
646 /******************************************************************************
647 * CreateWellKnownSid [ADVAPI32.@]
648 */
649 BOOL WINAPI
650 CreateWellKnownSid( WELL_KNOWN_SID_TYPE WellKnownSidType,
651 PSID DomainSid,
652 PSID pSid,
653 DWORD* cbSid)
654 {
655 int i;
656 TRACE("(%d, %s, %p, %p)\n", WellKnownSidType, debugstr_sid(DomainSid), pSid, cbSid);
657
658 if (DomainSid != NULL) {
659 FIXME("Only local computer supported!\n");
660 SetLastError(ERROR_INVALID_PARAMETER); /* FIXME */
661 return FALSE;
662 }
663
664 if (cbSid == NULL || pSid == NULL) {
665 SetLastError(ERROR_INVALID_PARAMETER);
666 return FALSE;
667 }
668
669 for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++) {
670 if (WellKnownSids[i].Type == WellKnownSidType) {
671 DWORD length = GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount);
672
673 if (*cbSid < length) {
674 SetLastError(ERROR_INSUFFICIENT_BUFFER);
675 return FALSE;
676 }
677
678 CopyMemory(pSid, &WellKnownSids[i].Sid.Revision, length);
679 *cbSid = length;
680 return TRUE;
681 }
682 }
683
684 SetLastError(ERROR_INVALID_PARAMETER);
685 return FALSE;
686 }
687
688 /******************************************************************************
689 * IsWellKnownSid [ADVAPI32.@]
690 */
691 BOOL WINAPI
692 IsWellKnownSid( PSID pSid, WELL_KNOWN_SID_TYPE WellKnownSidType )
693 {
694 int i;
695 TRACE("(%s, %d)\n", debugstr_sid(pSid), WellKnownSidType);
696
697 for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++)
698 if (WellKnownSids[i].Type == WellKnownSidType)
699 if (EqualSid(pSid, (PSID)&(WellKnownSids[i].Sid.Revision)))
700 return TRUE;
701
702 return FALSE;
703 }
704
705 BOOL WINAPI
706 IsTokenRestricted( HANDLE TokenHandle )
707 {
708 TOKEN_GROUPS *groups;
709 DWORD size;
710 NTSTATUS status;
711 BOOL restricted;
712
713 TRACE("(%p)\n", TokenHandle);
714
715 status = NtQueryInformationToken(TokenHandle, TokenRestrictedSids, NULL, 0, &size);
716 if (status != STATUS_BUFFER_TOO_SMALL)
717 return FALSE;
718
719 groups = HeapAlloc(GetProcessHeap(), 0, size);
720 if (!groups)
721 {
722 SetLastError(ERROR_OUTOFMEMORY);
723 return FALSE;
724 }
725
726 status = NtQueryInformationToken(TokenHandle, TokenRestrictedSids, groups, size, &size);
727 if (status != STATUS_SUCCESS)
728 {
729 HeapFree(GetProcessHeap(), 0, groups);
730 return set_ntstatus(status);
731 }
732
733 if (groups->GroupCount)
734 restricted = TRUE;
735 else
736 restricted = FALSE;
737
738 HeapFree(GetProcessHeap(), 0, groups);
739
740 return restricted;
741 }
742
743 /******************************************************************************
744 * IsValidSid [ADVAPI32.@]
745 *
746 * PARAMS
747 * pSid []
748 */
749 BOOL WINAPI
750 IsValidSid( PSID pSid )
751 {
752 return RtlValidSid( pSid );
753 }
754
755 /******************************************************************************
756 * EqualSid [ADVAPI32.@]
757 *
758 * PARAMS
759 * pSid1 []
760 * pSid2 []
761 */
762 BOOL WINAPI
763 EqualSid( PSID pSid1, PSID pSid2 )
764 {
765 return RtlEqualSid( pSid1, pSid2 );
766 }
767
768 /******************************************************************************
769 * EqualPrefixSid [ADVAPI32.@]
770 */
771 BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
772 {
773 return RtlEqualPrefixSid(pSid1, pSid2);
774 }
775
776 /******************************************************************************
777 * GetSidLengthRequired [ADVAPI32.@]
778 *
779 * PARAMS
780 * nSubAuthorityCount []
781 */
782 DWORD WINAPI
783 GetSidLengthRequired( BYTE nSubAuthorityCount )
784 {
785 return RtlLengthRequiredSid(nSubAuthorityCount);
786 }
787
788 /******************************************************************************
789 * InitializeSid [ADVAPI32.@]
790 *
791 * PARAMS
792 * pIdentifierAuthority []
793 */
794 BOOL WINAPI
795 InitializeSid (
796 PSID pSid,
797 PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
798 BYTE nSubAuthorityCount)
799 {
800 return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
801 }
802
803 DWORD WINAPI
804 GetEffectiveRightsFromAclA( PACL pacl, PTRUSTEEA pTrustee, PACCESS_MASK pAccessRights )
805 {
806 FIXME("%p %p %p - stub\n", pacl, pTrustee, pAccessRights);
807
808 return 1;
809 }
810
811 DWORD WINAPI
812 GetEffectiveRightsFromAclW( PACL pacl, PTRUSTEEW pTrustee, PACCESS_MASK pAccessRights )
813 {
814 FIXME("%p %p %p - stub\n", pacl, pTrustee, pAccessRights);
815
816 return 1;
817 }
818
819 /******************************************************************************
820 * GetSidIdentifierAuthority [ADVAPI32.@]
821 *
822 * PARAMS
823 * pSid []
824 */
825 PSID_IDENTIFIER_AUTHORITY WINAPI
826 GetSidIdentifierAuthority( PSID pSid )
827 {
828 return RtlIdentifierAuthoritySid(pSid);
829 }
830
831 /******************************************************************************
832 * GetSidSubAuthority [ADVAPI32.@]
833 *
834 * PARAMS
835 * pSid []
836 * nSubAuthority []
837 */
838 PDWORD WINAPI
839 GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
840 {
841 return RtlSubAuthoritySid(pSid, nSubAuthority);
842 }
843
844 /******************************************************************************
845 * GetSidSubAuthorityCount [ADVAPI32.@]
846 *
847 * PARAMS
848 * pSid []
849 */
850 PUCHAR WINAPI
851 GetSidSubAuthorityCount (PSID pSid)
852 {
853 return RtlSubAuthorityCountSid(pSid);
854 }
855
856 /******************************************************************************
857 * GetLengthSid [ADVAPI32.@]
858 *
859 * PARAMS
860 * pSid []
861 */
862 DWORD WINAPI
863 GetLengthSid (PSID pSid)
864 {
865 return RtlLengthSid(pSid);
866 }
867
868 /* ##############################################
869 ###### SECURITY DESCRIPTOR FUNCTIONS ######
870 ##############################################
871 */
872
873 /******************************************************************************
874 * BuildSecurityDescriptorA [ADVAPI32.@]
875 *
876 * Builds a SD from
877 *
878 * PARAMS
879 * pOwner [I]
880 * pGroup [I]
881 * cCountOfAccessEntries [I]
882 * pListOfAccessEntries [I]
883 * cCountOfAuditEntries [I]
884 * pListofAuditEntries [I]
885 * pOldSD [I]
886 * lpdwBufferLength [I/O]
887 * pNewSD [O]
888 *
889 * RETURNS
890 * Success: ERROR_SUCCESS
891 * Failure: nonzero error code from Winerror.h
892 */
893 DWORD WINAPI BuildSecurityDescriptorA(
894 IN PTRUSTEEA pOwner,
895 IN PTRUSTEEA pGroup,
896 IN ULONG cCountOfAccessEntries,
897 IN PEXPLICIT_ACCESSA pListOfAccessEntries,
898 IN ULONG cCountOfAuditEntries,
899 IN PEXPLICIT_ACCESSA pListofAuditEntries,
900 IN PSECURITY_DESCRIPTOR pOldSD,
901 IN OUT PULONG lpdwBufferLength,
902 OUT PSECURITY_DESCRIPTOR* pNewSD)
903 {
904 FIXME("(%p,%p,%ld,%p,%ld,%p,%p,%p,%p) stub!\n",pOwner,pGroup,
905 cCountOfAccessEntries,pListOfAccessEntries,cCountOfAuditEntries,
906 pListofAuditEntries,pOldSD,lpdwBufferLength,pNewSD);
907
908 return ERROR_CALL_NOT_IMPLEMENTED;
909 }
910
911 /******************************************************************************
912 * BuildSecurityDescriptorW [ADVAPI32.@]
913 *
914 * See BuildSecurityDescriptorA.
915 */
916 DWORD WINAPI BuildSecurityDescriptorW(
917 IN PTRUSTEEW pOwner,
918 IN PTRUSTEEW pGroup,
919 IN ULONG cCountOfAccessEntries,
920 IN PEXPLICIT_ACCESSW pListOfAccessEntries,
921 IN ULONG cCountOfAuditEntries,
922 IN PEXPLICIT_ACCESSW pListofAuditEntries,
923 IN PSECURITY_DESCRIPTOR pOldSD,
924 IN OUT PULONG lpdwBufferLength,
925 OUT PSECURITY_DESCRIPTOR* pNewSD)
926 {
927 FIXME("(%p,%p,%ld,%p,%ld,%p,%p,%p,%p) stub!\n",pOwner,pGroup,
928 cCountOfAccessEntries,pListOfAccessEntries,cCountOfAuditEntries,
929 pListofAuditEntries,pOldSD,lpdwBufferLength,pNewSD);
930
931 return ERROR_CALL_NOT_IMPLEMENTED;
932 }
933
934 /******************************************************************************
935 * InitializeSecurityDescriptor [ADVAPI32.@]
936 *
937 * PARAMS
938 * pDescr []
939 * revision []
940 */
941 BOOL WINAPI
942 InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR pDescr, DWORD revision )
943 {
944 return set_ntstatus( RtlCreateSecurityDescriptor(pDescr, revision ));
945 }
946
947
948 /******************************************************************************
949 * MakeAbsoluteSD [ADVAPI32.@]
950 */
951 BOOL WINAPI MakeAbsoluteSD (
952 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
953 OUT PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
954 OUT LPDWORD lpdwAbsoluteSecurityDescriptorSize,
955 OUT PACL pDacl,
956 OUT LPDWORD lpdwDaclSize,
957 OUT PACL pSacl,
958 OUT LPDWORD lpdwSaclSize,
959 OUT PSID pOwner,
960 OUT LPDWORD lpdwOwnerSize,
961 OUT PSID pPrimaryGroup,
962 OUT LPDWORD lpdwPrimaryGroupSize)
963 {
964 return set_ntstatus( RtlSelfRelativeToAbsoluteSD(pSelfRelativeSecurityDescriptor,
965 pAbsoluteSecurityDescriptor,
966 lpdwAbsoluteSecurityDescriptorSize,
967 pDacl, lpdwDaclSize, pSacl, lpdwSaclSize,
968 pOwner, lpdwOwnerSize,
969 pPrimaryGroup, lpdwPrimaryGroupSize));
970 }
971
972 /******************************************************************************
973 * GetKernelObjectSecurity [ADVAPI32.@]
974 */
975 BOOL WINAPI GetKernelObjectSecurity(
976 HANDLE Handle,
977 SECURITY_INFORMATION RequestedInformation,
978 PSECURITY_DESCRIPTOR pSecurityDescriptor,
979 DWORD nLength,
980 LPDWORD lpnLengthNeeded )
981 {
982 TRACE("(%p,0x%08lx,%p,0x%08lx,%p)\n", Handle, RequestedInformation,
983 pSecurityDescriptor, nLength, lpnLengthNeeded);
984
985 return set_ntstatus( NtQuerySecurityObject(Handle, RequestedInformation, pSecurityDescriptor,
986 nLength, lpnLengthNeeded ));
987 }
988
989 /******************************************************************************
990 * GetPrivateObjectSecurity [ADVAPI32.@]
991 */
992 BOOL WINAPI GetPrivateObjectSecurity(
993 PSECURITY_DESCRIPTOR ObjectDescriptor,
994 SECURITY_INFORMATION SecurityInformation,
995 PSECURITY_DESCRIPTOR ResultantDescriptor,
996 DWORD DescriptorLength,
997 PDWORD ReturnLength )
998 {
999 TRACE("(%p,0x%08lx,%p,0x%08lx,%p)\n", ObjectDescriptor, SecurityInformation,
1000 ResultantDescriptor, DescriptorLength, ReturnLength);
1001
1002 return set_ntstatus( NtQuerySecurityObject(ObjectDescriptor, SecurityInformation,
1003 ResultantDescriptor, DescriptorLength, ReturnLength ));
1004 }
1005
1006 /******************************************************************************
1007 * GetSecurityDescriptorLength [ADVAPI32.@]
1008 */
1009 DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR pDescr)
1010 {
1011 return RtlLengthSecurityDescriptor(pDescr);
1012 }
1013
1014 /******************************************************************************
1015 * GetSecurityDescriptorOwner [ADVAPI32.@]
1016 *
1017 * PARAMS
1018 * pOwner []
1019 * lpbOwnerDefaulted []
1020 */
1021 BOOL WINAPI
1022 GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pDescr, PSID *pOwner,
1023 LPBOOL lpbOwnerDefaulted )
1024 {
1025 BOOLEAN defaulted;
1026 BOOL ret = set_ntstatus( RtlGetOwnerSecurityDescriptor( pDescr, pOwner, &defaulted ));
1027 *lpbOwnerDefaulted = defaulted;
1028 return ret;
1029 }
1030
1031 /******************************************************************************
1032 * SetSecurityDescriptorOwner [ADVAPI32.@]
1033 *
1034 * PARAMS
1035 */
1036 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
1037 PSID pOwner, BOOL bOwnerDefaulted)
1038 {
1039 return set_ntstatus( RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
1040 }
1041 /******************************************************************************
1042 * GetSecurityDescriptorGroup [ADVAPI32.@]
1043 */
1044 BOOL WINAPI GetSecurityDescriptorGroup(
1045 PSECURITY_DESCRIPTOR SecurityDescriptor,
1046 PSID *Group,
1047 LPBOOL GroupDefaulted)
1048 {
1049 BOOLEAN defaulted;
1050 BOOL ret = set_ntstatus( RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, &defaulted ));
1051 *GroupDefaulted = defaulted;
1052 return ret;
1053 }
1054 /******************************************************************************
1055 * SetSecurityDescriptorGroup [ADVAPI32.@]
1056 */
1057 BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
1058 PSID Group, BOOL GroupDefaulted)
1059 {
1060 return set_ntstatus( RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
1061 }
1062
1063 /******************************************************************************
1064 * IsValidSecurityDescriptor [ADVAPI32.@]
1065 *
1066 * PARAMS
1067 * lpsecdesc []
1068 */
1069 BOOL WINAPI
1070 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
1071 {
1072 return set_ntstatus( RtlValidSecurityDescriptor(SecurityDescriptor));
1073 }
1074
1075 /******************************************************************************
1076 * GetSecurityDescriptorDacl [ADVAPI32.@]
1077 */
1078 BOOL WINAPI GetSecurityDescriptorDacl(
1079 IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
1080 OUT LPBOOL lpbDaclPresent,
1081 OUT PACL *pDacl,
1082 OUT LPBOOL lpbDaclDefaulted)
1083 {
1084 BOOLEAN present, defaulted;
1085 BOOL ret = set_ntstatus( RtlGetDaclSecurityDescriptor(pSecurityDescriptor, &present, pDacl, &defaulted));
1086 *lpbDaclPresent = present;
1087 *lpbDaclDefaulted = defaulted;
1088 return ret;
1089 }
1090
1091 /******************************************************************************
1092 * SetSecurityDescriptorDacl [ADVAPI32.@]
1093 */
1094 BOOL WINAPI
1095 SetSecurityDescriptorDacl (
1096 PSECURITY_DESCRIPTOR lpsd,
1097 BOOL daclpresent,
1098 PACL dacl,
1099 BOOL dacldefaulted )
1100 {
1101 return set_ntstatus( RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ) );
1102 }
1103 /******************************************************************************
1104 * GetSecurityDescriptorSacl [ADVAPI32.@]
1105 */
1106 BOOL WINAPI GetSecurityDescriptorSacl(
1107 IN PSECURITY_DESCRIPTOR lpsd,
1108 OUT LPBOOL lpbSaclPresent,
1109 OUT PACL *pSacl,
1110 OUT LPBOOL lpbSaclDefaulted)
1111 {
1112 BOOLEAN present, defaulted;
1113 BOOL ret = set_ntstatus( RtlGetSaclSecurityDescriptor(lpsd, &present, pSacl, &defaulted) );
1114 *lpbSaclPresent = present;
1115 *lpbSaclDefaulted = defaulted;
1116 return ret;
1117 }
1118
1119 /**************************************************************************
1120 * SetSecurityDescriptorSacl [ADVAPI32.@]
1121 */
1122 BOOL WINAPI SetSecurityDescriptorSacl (
1123 PSECURITY_DESCRIPTOR lpsd,
1124 BOOL saclpresent,
1125 PACL lpsacl,
1126 BOOL sacldefaulted)
1127 {
1128 return set_ntstatus (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
1129 }
1130 /******************************************************************************
1131 * MakeSelfRelativeSD [ADVAPI32.@]
1132 *
1133 * PARAMS
1134 * lpabssecdesc []
1135 * lpselfsecdesc []
1136 * lpbuflen []
1137 */
1138 BOOL WINAPI
1139 MakeSelfRelativeSD(
1140 IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
1141 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
1142 IN OUT LPDWORD lpdwBufferLength)
1143 {
1144 return set_ntstatus( RtlMakeSelfRelativeSD( pAbsoluteSecurityDescriptor,
1145 pSelfRelativeSecurityDescriptor, lpdwBufferLength));
1146 }
1147
1148 /******************************************************************************
1149 * GetSecurityDescriptorControl [ADVAPI32.@]
1150 */
1151
1152 BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR pSecurityDescriptor,
1153 PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
1154 {
1155 return set_ntstatus( RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
1156 }
1157
1158 /* ##############################
1159 ###### ACL FUNCTIONS ######
1160 ##############################
1161 */
1162
1163 /*************************************************************************
1164 * InitializeAcl [ADVAPI32.@]
1165 */
1166 BOOL WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
1167 {
1168 return set_ntstatus( RtlCreateAcl(acl, size, rev));
1169 }
1170
1171 BOOL WINAPI ImpersonateNamedPipeClient( HANDLE hNamedPipe )
1172 {
1173 TRACE("(%p)\n", hNamedPipe);
1174
1175 return set_ntstatus( NtFsControlFile(hNamedPipe, NULL, NULL, NULL, NULL,
1176 FSCTL_PIPE_IMPERSONATE, NULL, 0, NULL, 0) );
1177 }
1178
1179 /******************************************************************************
1180 * AddAccessAllowedAce [ADVAPI32.@]
1181 */
1182 BOOL WINAPI AddAccessAllowedAce(
1183 IN OUT PACL pAcl,
1184 IN DWORD dwAceRevision,
1185 IN DWORD AccessMask,
1186 IN PSID pSid)
1187 {
1188 return set_ntstatus(RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid));
1189 }
1190
1191 /******************************************************************************
1192 * AddAccessAllowedAceEx [ADVAPI32.@]
1193 */
1194 BOOL WINAPI AddAccessAllowedAceEx(
1195 IN OUT PACL pAcl,
1196 IN DWORD dwAceRevision,
1197 IN DWORD AceFlags,
1198 IN DWORD AccessMask,
1199 IN PSID pSid)
1200 {
1201 return set_ntstatus(RtlAddAccessAllowedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
1202 }
1203
1204 /******************************************************************************
1205 * AddAccessDeniedAce [ADVAPI32.@]
1206 */
1207 BOOL WINAPI AddAccessDeniedAce(
1208 IN OUT PACL pAcl,
1209 IN DWORD dwAceRevision,
1210 IN DWORD AccessMask,
1211 IN PSID pSid)
1212 {
1213 return set_ntstatus(RtlAddAccessDeniedAce(pAcl, dwAceRevision, AccessMask, pSid));
1214 }
1215
1216 /******************************************************************************
1217 * AddAccessDeniedAceEx [ADVAPI32.@]
1218 */
1219 BOOL WINAPI AddAccessDeniedAceEx(
1220 IN OUT PACL pAcl,
1221 IN DWORD dwAceRevision,
1222 IN DWORD AceFlags,
1223 IN DWORD AccessMask,
1224 IN PSID pSid)
1225 {
1226 return set_ntstatus(RtlAddAccessDeniedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
1227 }
1228
1229 /******************************************************************************
1230 * AddAce [ADVAPI32.@]
1231 */
1232 BOOL WINAPI AddAce(
1233 IN OUT PACL pAcl,
1234 IN DWORD dwAceRevision,
1235 IN DWORD dwStartingAceIndex,
1236 LPVOID pAceList,
1237 DWORD nAceListLength)
1238 {
1239 return set_ntstatus(RtlAddAce(pAcl, dwAceRevision, dwStartingAceIndex, pAceList, nAceListLength));
1240 }
1241
1242 /******************************************************************************
1243 * DeleteAce [ADVAPI32.@]
1244 */
1245 BOOL WINAPI DeleteAce(PACL pAcl, DWORD dwAceIndex)
1246 {
1247 return set_ntstatus(RtlDeleteAce(pAcl, dwAceIndex));
1248 }
1249
1250 /******************************************************************************
1251 * FindFirstFreeAce [ADVAPI32.@]
1252 */
1253 BOOL WINAPI FindFirstFreeAce(IN PACL pAcl, LPVOID * pAce)
1254 {
1255 return RtlFirstFreeAce(pAcl, (PACE_HEADER *)pAce);
1256 }
1257
1258 /******************************************************************************
1259 * GetAce [ADVAPI32.@]
1260 */
1261 BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
1262 {
1263 return set_ntstatus(RtlGetAce(pAcl, dwAceIndex, pAce));
1264 }
1265
1266 /******************************************************************************
1267 * GetAclInformation [ADVAPI32.@]
1268 */
1269 BOOL WINAPI GetAclInformation(
1270 PACL pAcl,
1271 LPVOID pAclInformation,
1272 DWORD nAclInformationLength,
1273 ACL_INFORMATION_CLASS dwAclInformationClass)
1274 {
1275 return set_ntstatus(RtlQueryInformationAcl(pAcl, pAclInformation,
1276 nAclInformationLength, dwAclInformationClass));
1277 }
1278
1279 /******************************************************************************
1280 * IsValidAcl [ADVAPI32.@]
1281 */
1282 BOOL WINAPI IsValidAcl(IN PACL pAcl)
1283 {
1284 return RtlValidAcl(pAcl);
1285 }
1286
1287 /* ##############################
1288 ###### MISC FUNCTIONS ######
1289 ##############################
1290 */
1291
1292 /******************************************************************************
1293 * AllocateLocallyUniqueId [ADVAPI32.@]
1294 *
1295 * PARAMS
1296 * lpLuid []
1297 */
1298 BOOL WINAPI AllocateLocallyUniqueId( PLUID lpLuid )
1299 {
1300 return set_ntstatus(NtAllocateLocallyUniqueId(lpLuid));
1301 }
1302
1303 static const WCHAR SE_CREATE_TOKEN_NAME_W[] =
1304 { 'S','e','C','r','e','a','t','e','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
1305 static const WCHAR SE_ASSIGNPRIMARYTOKEN_NAME_W[] =
1306 { 'S','e','A','s','s','i','g','n','P','r','i','m','a','r','y','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
1307 static const WCHAR SE_LOCK_MEMORY_NAME_W[] =
1308 { 'S','e','L','o','c','k','M','e','m','o','r','y','P','r','i','v','i','l','e','g','e',0 };
1309 static const WCHAR SE_INCREASE_QUOTA_NAME_W[] =
1310 { 'S','e','I','n','c','r','e','a','s','e','Q','u','o','t','a','P','r','i','v','i','l','e','g','e',0 };
1311 static const WCHAR SE_MACHINE_ACCOUNT_NAME_W[] =
1312 { 'S','e','M','a','c','h','i','n','e','A','c','c','o','u','n','t','P','r','i','v','i','l','e','g','e',0 };
1313 static const WCHAR SE_TCB_NAME_W[] =
1314 { 'S','e','T','c','b','P','r','i','v','i','l','e','g','e',0 };
1315 static const WCHAR SE_SECURITY_NAME_W[] =
1316 { 'S','e','S','e','c','u','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
1317 static const WCHAR SE_TAKE_OWNERSHIP_NAME_W[] =
1318 { 'S','e','T','a','k','e','O','w','n','e','r','s','h','i','p','P','r','i','v','i','l','e','g','e',0 };
1319 static const WCHAR SE_LOAD_DRIVER_NAME_W[] =
1320 { 'S','e','L','o','a','d','D','r','i','v','e','r','P','r','i','v','i','l','e','g','e',0 };
1321 static const WCHAR SE_SYSTEM_PROFILE_NAME_W[] =
1322 { 'S','e','S','y','s','t','e','m','P','r','o','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
1323 static const WCHAR SE_SYSTEMTIME_NAME_W[] =
1324 { 'S','e','S','y','s','t','e','m','t','i','m','e','P','r','i','v','i','l','e','g','e',0 };
1325 static const WCHAR SE_PROF_SINGLE_PROCESS_NAME_W[] =
1326 { 'S','e','P','r','o','f','i','l','e','S','i','n','g','l','e','P','r','o','c','e','s','s','P','r','i','v','i','l','e','g','e',0 };
1327 static const WCHAR SE_INC_BASE_PRIORITY_NAME_W[] =
1328 { 'S','e','I','n','c','r','e','a','s','e','B','a','s','e','P','r','i','o','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
1329 static const WCHAR SE_CREATE_PAGEFILE_NAME_W[] =
1330 { 'S','e','C','r','e','a','t','e','P','a','g','e','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
1331 static const WCHAR SE_CREATE_PERMANENT_NAME_W[] =
1332 { 'S','e','C','r','e','a','t','e','P','e','r','m','a','n','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1333 static const WCHAR SE_BACKUP_NAME_W[] =
1334 { 'S','e','B','a','c','k','u','p','P','r','i','v','i','l','e','g','e',0 };
1335 static const WCHAR SE_RESTORE_NAME_W[] =
1336 { 'S','e','R','e','s','t','o','r','e','P','r','i','v','i','l','e','g','e',0 };
1337 static const WCHAR SE_SHUTDOWN_NAME_W[] =
1338 { 'S','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
1339 static const WCHAR SE_DEBUG_NAME_W[] =
1340 { 'S','e','D','e','b','u','g','P','r','i','v','i','l','e','g','e',0 };
1341 static const WCHAR SE_AUDIT_NAME_W[] =
1342 { 'S','e','A','u','d','i','t','P','r','i','v','i','l','e','g','e',0 };
1343 static const WCHAR SE_SYSTEM_ENVIRONMENT_NAME_W[] =
1344 { 'S','e','S','y','s','t','e','m','E','n','v','i','r','o','n','m','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1345 static const WCHAR SE_CHANGE_NOTIFY_NAME_W[] =
1346 { 'S','e','C','h','a','n','g','e','N','o','t','i','f','y','P','r','i','v','i','l','e','g','e',0 };
1347 static const WCHAR SE_REMOTE_SHUTDOWN_NAME_W[] =
1348 { 'S','e','R','e','m','o','t','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
1349 static const WCHAR SE_UNDOCK_NAME_W[] =
1350 { 'S','e','U','n','d','o','c','k','P','r','i','v','i','l','e','g','e',0 };
1351 static const WCHAR SE_SYNC_AGENT_NAME_W[] =
1352 { 'S','e','S','y','n','c','A','g','e','n','t','P','r','i','v','i','l','e','g','e',0 };
1353 static const WCHAR SE_ENABLE_DELEGATION_NAME_W[] =
1354 { 'S','e','E','n','a','b','l','e','D','e','l','e','g','a','t','i','o','n','P','r','i','v','i','l','e','g','e',0 };
1355 static const WCHAR SE_MANAGE_VOLUME_NAME_W[] =
1356 { 'S','e','M','a','n','a','g','e','V','o','l','u','m','e','P','r','i','v','i','l','e','g','e',0 };
1357 static const WCHAR SE_IMPERSONATE_NAME_W[] =
1358 { 'S','e','I','m','p','e','r','s','o','n','a','t','e','P','r','i','v','i','l','e','g','e',0 };
1359 static const WCHAR SE_CREATE_GLOBAL_NAME_W[] =
1360 { 'S','e','C','r','e','a','t','e','G','l','o','b','a','l','P','r','i','v','i','l','e','g','e',0 };
1361
1362 static const WCHAR * const WellKnownPrivNames[SE_MAX_WELL_KNOWN_PRIVILEGE + 1] =
1363 {
1364 NULL,
1365 NULL,
1366 SE_CREATE_TOKEN_NAME_W,
1367 SE_ASSIGNPRIMARYTOKEN_NAME_W,
1368 SE_LOCK_MEMORY_NAME_W,
1369 SE_INCREASE_QUOTA_NAME_W,
1370 SE_MACHINE_ACCOUNT_NAME_W,
1371 SE_TCB_NAME_W,
1372 SE_SECURITY_NAME_W,
1373 SE_TAKE_OWNERSHIP_NAME_W,
1374 SE_LOAD_DRIVER_NAME_W,
1375 SE_SYSTEM_PROFILE_NAME_W,
1376 SE_SYSTEMTIME_NAME_W,
1377 SE_PROF_SINGLE_PROCESS_NAME_W,
1378 SE_INC_BASE_PRIORITY_NAME_W,
1379 SE_CREATE_PAGEFILE_NAME_W,
1380 SE_CREATE_PERMANENT_NAME_W,
1381 SE_BACKUP_NAME_W,
1382 SE_RESTORE_NAME_W,
1383 SE_SHUTDOWN_NAME_W,
1384 SE_DEBUG_NAME_W,
1385 SE_AUDIT_NAME_W,
1386 SE_SYSTEM_ENVIRONMENT_NAME_W,
1387 SE_CHANGE_NOTIFY_NAME_W,
1388 SE_REMOTE_SHUTDOWN_NAME_W,
1389 SE_UNDOCK_NAME_W,
1390 SE_SYNC_AGENT_NAME_W,
1391 SE_ENABLE_DELEGATION_NAME_W,
1392 SE_MANAGE_VOLUME_NAME_W,
1393 SE_IMPERSONATE_NAME_W,
1394 SE_CREATE_GLOBAL_NAME_W,
1395 };
1396
1397 /******************************************************************************
1398 * LookupPrivilegeValueW [ADVAPI32.@]
1399 *
1400 * See LookupPrivilegeValueA.
1401 */
1402 BOOL WINAPI
1403 LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid )
1404 {
1405 UINT i;
1406
1407 TRACE("%s,%s,%p\n",debugstr_w(lpSystemName), debugstr_w(lpName), lpLuid);
1408
1409 if (!ADVAPI_IsLocalComputer(lpSystemName))
1410 {
1411 SetLastError(RPC_S_SERVER_UNAVAILABLE);
1412 return FALSE;
1413 }
1414 if (!lpName)
1415 {
1416 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1417 return FALSE;
1418 }
1419 for( i=SE_MIN_WELL_KNOWN_PRIVILEGE; i<SE_MAX_WELL_KNOWN_PRIVILEGE; i++ )
1420 {
1421 if( !WellKnownPrivNames[i] )
1422 continue;
1423 if( strcmpiW( WellKnownPrivNames[i], lpName) )
1424 continue;
1425 lpLuid->LowPart = i;
1426 lpLuid->HighPart = 0;
1427 TRACE( "%s -> %08lx-%08lx\n",debugstr_w( lpSystemName ),
1428 lpLuid->HighPart, lpLuid->LowPart );
1429 return TRUE;
1430 }
1431 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1432 return FALSE;
1433 }
1434
1435 /******************************************************************************
1436 * LookupPrivilegeValueA [ADVAPI32.@]
1437 *
1438 * Retrieves LUID used on a system to represent the privilege name.
1439 *
1440 * PARAMS
1441 * lpSystemName [I] Name of the system
1442 * lpName [I] Name of the privilege
1443 * lpLuid [O] Destination for the resulting LUID
1444 *
1445 * RETURNS
1446 * Success: TRUE. lpLuid contains the requested LUID.
1447 * Failure: FALSE.
1448 */
1449 BOOL WINAPI
1450 LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid )
1451 {
1452 UNICODE_STRING lpSystemNameW;
1453 UNICODE_STRING lpNameW;
1454 BOOL ret;
1455
1456 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1457 RtlCreateUnicodeStringFromAsciiz(&lpNameW,lpName);
1458 ret = LookupPrivilegeValueW(lpSystemNameW.Buffer, lpNameW.Buffer, lpLuid);
1459 RtlFreeUnicodeString(&lpNameW);
1460 RtlFreeUnicodeString(&lpSystemNameW);
1461 return ret;
1462 }
1463
1464 BOOL WINAPI LookupPrivilegeDisplayNameA( LPCSTR lpSystemName, LPCSTR lpName, LPSTR lpDisplayName,
1465 LPDWORD cchDisplayName, LPDWORD lpLanguageId )
1466 {
1467 FIXME("%s %s %s %p %p - stub\n", debugstr_a(lpSystemName), debugstr_a(lpName),
1468 debugstr_a(lpDisplayName), cchDisplayName, lpLanguageId);
1469
1470 return FALSE;
1471 }
1472
1473 BOOL WINAPI LookupPrivilegeDisplayNameW( LPCWSTR lpSystemName, LPCWSTR lpName, LPWSTR lpDisplayName,
1474 LPDWORD cchDisplayName, LPDWORD lpLanguageId )
1475 {
1476 FIXME("%s %s %s %p %p - stub\n", debugstr_w(lpSystemName), debugstr_w(lpName),
1477 debugstr_w(lpDisplayName), cchDisplayName, lpLanguageId);
1478
1479 return FALSE;
1480 }
1481
1482 /******************************************************************************
1483 * LookupPrivilegeNameA [ADVAPI32.@]
1484 *
1485 * See LookupPrivilegeNameW.
1486 */
1487 BOOL WINAPI
1488 LookupPrivilegeNameA( LPCSTR lpSystemName, PLUID lpLuid, LPSTR lpName,
1489 LPDWORD cchName)
1490 {
1491 UNICODE_STRING lpSystemNameW;
1492 BOOL ret;
1493 DWORD wLen = 0;
1494
1495 TRACE("%s %p %p %p\n", debugstr_a(lpSystemName), lpLuid, lpName, cchName);
1496
1497 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1498 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, NULL, &wLen);
1499 if (!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
1500 {
1501 LPWSTR lpNameW = HeapAlloc(GetProcessHeap(), 0, wLen * sizeof(WCHAR));
1502
1503 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, lpNameW,
1504 &wLen);
1505 if (ret)
1506 {
1507 /* Windows crashes if cchName is NULL, so will I */
1508 int len = WideCharToMultiByte(CP_ACP, 0, lpNameW, -1, lpName,
1509 *cchName, NULL, NULL);
1510
1511 if (len == 0)
1512 {
1513 /* WideCharToMultiByte failed */
1514 ret = FALSE;
1515 }
1516 else if (len > *cchName)
1517 {
1518 *cchName = len;
1519 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1520 ret = FALSE;
1521 }
1522 else
1523 {
1524 /* WideCharToMultiByte succeeded, output length needs to be
1525 * length not including NULL terminator
1526 */
1527 *cchName = len - 1;
1528 }
1529 }
1530 HeapFree(GetProcessHeap(), 0, lpNameW);
1531 }
1532 RtlFreeUnicodeString(&lpSystemNameW);
1533 return ret;
1534 }
1535
1536 /******************************************************************************
1537 * LookupPrivilegeNameW [ADVAPI32.@]
1538 *
1539 * Retrieves the privilege name referred to by the LUID lpLuid.
1540 *
1541 * PARAMS
1542 * lpSystemName [I] Name of the system
1543 * lpLuid [I] Privilege value
1544 * lpName [O] Name of the privilege
1545 * cchName [I/O] Number of characters in lpName.
1546 *
1547 * RETURNS
1548 * Success: TRUE. lpName contains the name of the privilege whose value is
1549 * *lpLuid.
1550 * Failure: FALSE.
1551 *
1552 * REMARKS
1553 * Only well-known privilege names (those defined in winnt.h) can be retrieved
1554 * using this function.
1555 * If the length of lpName is too small, on return *cchName will contain the
1556 * number of WCHARs needed to contain the privilege, including the NULL
1557 * terminator, and GetLastError will return ERROR_INSUFFICIENT_BUFFER.
1558 * On success, *cchName will contain the number of characters stored in
1559 * lpName, NOT including the NULL terminator.
1560 */
1561 BOOL WINAPI
1562 LookupPrivilegeNameW( LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName,
1563 LPDWORD cchName)
1564 {
1565 size_t privNameLen;
1566
1567 TRACE("%s,%p,%p,%p\n",debugstr_w(lpSystemName), lpLuid, lpName, cchName);
1568
1569 if (!ADVAPI_IsLocalComputer(lpSystemName))
1570 {
1571 SetLastError(RPC_S_SERVER_UNAVAILABLE);
1572 return FALSE;
1573 }
1574 if (lpLuid->HighPart || (lpLuid->LowPart < SE_MIN_WELL_KNOWN_PRIVILEGE ||
1575 lpLuid->LowPart > SE_MAX_WELL_KNOWN_PRIVILEGE))
1576 {
1577 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
1578 return FALSE;
1579 }
1580 privNameLen = strlenW(WellKnownPrivNames[lpLuid->LowPart]);
1581 /* Windows crashes if cchName is NULL, so will I */
1582 if (*cchName <= privNameLen)
1583 {
1584 *cchName = privNameLen + 1;
1585 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1586 return FALSE;
1587 }
1588 else
1589 {
1590 strcpyW(lpName, WellKnownPrivNames[lpLuid->LowPart]);
1591 *cchName = privNameLen;
1592 return TRUE;
1593 }
1594 }
1595
1596 /******************************************************************************
1597 * GetFileSecurityA [ADVAPI32.@]
1598 *
1599 * Obtains Specified information about the security of a file or directory.
1600 *
1601 * PARAMS
1602 * lpFileName [I] Name of the file to get info for
1603 * RequestedInformation [I] SE_ flags from "winnt.h"
1604 * pSecurityDescriptor [O] Destination for security information
1605 * nLength [I] Length of pSecurityDescriptor
1606 * lpnLengthNeeded [O] Destination for length of returned security information
1607 *
1608 * RETURNS
1609 * Success: TRUE. pSecurityDescriptor contains the requested information.
1610 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
1611 *
1612 * NOTES
1613 * The information returned is constrained by the callers access rights and
1614 * privileges.
1615 */
1616 BOOL WINAPI
1617 GetFileSecurityA( LPCSTR lpFileName,
1618 SECURITY_INFORMATION RequestedInformation,
1619 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1620 DWORD nLength, LPDWORD lpnLengthNeeded )
1621 {
1622 DWORD len;
1623 BOOL r;
1624 LPWSTR name = NULL;
1625
1626 if( lpFileName )
1627 {
1628 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
1629 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1630 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
1631 }
1632
1633 r = GetFileSecurityW( name, RequestedInformation, pSecurityDescriptor,
1634 nLength, lpnLengthNeeded );
1635 HeapFree( GetProcessHeap(), 0, name );
1636
1637 return r;
1638 }
1639
1640 /******************************************************************************
1641 * GetFileSecurityW [ADVAPI32.@]
1642 *
1643 * See GetFileSecurityA.
1644 */
1645 BOOL WINAPI
1646 GetFileSecurityW( LPCWSTR lpFileName,
1647 SECURITY_INFORMATION RequestedInformation,
1648 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1649 DWORD nLength, LPDWORD lpnLengthNeeded )
1650 {
1651 DWORD nNeeded;
1652 LPBYTE pBuffer;
1653 DWORD iLocNow;
1654 SECURITY_DESCRIPTOR_RELATIVE *pSDRelative;
1655
1656 if(INVALID_FILE_ATTRIBUTES == GetFileAttributesW(lpFileName))
1657 return FALSE;
1658
1659 FIXME("(%s) : returns fake SECURITY_DESCRIPTOR\n", debugstr_w(lpFileName) );
1660
1661 nNeeded = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
1662 if (RequestedInformation & OWNER_SECURITY_INFORMATION)
1663 nNeeded += sizeof(sidWorld);
1664 if (RequestedInformation & GROUP_SECURITY_INFORMATION)
1665 nNeeded += sizeof(sidWorld);
1666 if (RequestedInformation & DACL_SECURITY_INFORMATION)
1667 nNeeded += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1668 if (RequestedInformation & SACL_SECURITY_INFORMATION)
1669 nNeeded += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1670
1671 *lpnLengthNeeded = nNeeded;
1672
1673 if (nNeeded > nLength)
1674 return TRUE;
1675
1676 if (!InitializeSecurityDescriptor(pSecurityDescriptor, SECURITY_DESCRIPTOR_REVISION))
1677 return FALSE;
1678
1679 pSDRelative = (PISECURITY_DESCRIPTOR_RELATIVE) pSecurityDescriptor;
1680 pSDRelative->Control |= SE_SELF_RELATIVE;
1681 pBuffer = (LPBYTE) pSDRelative;
1682 iLocNow = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
1683
1684 if (RequestedInformation & OWNER_SECURITY_INFORMATION)
1685 {
1686 memcpy(pBuffer + iLocNow, &sidWorld, sizeof(sidWorld));
1687 pSDRelative->Owner = iLocNow;
1688 iLocNow += sizeof(sidWorld);
1689 }
1690 if (RequestedInformation & GROUP_SECURITY_INFORMATION)
1691 {
1692 memcpy(pBuffer + iLocNow, &sidWorld, sizeof(sidWorld));
1693 pSDRelative->Group = iLocNow;
1694 iLocNow += sizeof(sidWorld);
1695 }
1696 if (RequestedInformation & DACL_SECURITY_INFORMATION)
1697 {
1698 GetWorldAccessACL((PACL) (pBuffer + iLocNow));
1699 pSDRelative->Dacl = iLocNow;
1700 iLocNow += WINE_SIZE_OF_WORLD_ACCESS_ACL;
1701 }
1702 if (RequestedInformation & SACL_SECURITY_INFORMATION)
1703 {
1704 GetWorldAccessACL((PACL) (pBuffer + iLocNow));
1705 pSDRelative->Sacl = iLocNow;
1706 /* iLocNow += WINE_SIZE_OF_WORLD_ACCESS_ACL; */
1707 }
1708 return TRUE;
1709 }
1710
1711
1712 /******************************************************************************
1713 * LookupAccountSidA [ADVAPI32.@]
1714 */
1715 BOOL WINAPI
1716 LookupAccountSidA(
1717 IN LPCSTR system,
1718 IN PSID sid,
1719 OUT LPSTR account,
1720 IN OUT LPDWORD accountSize,
1721 OUT LPSTR domain,
1722 IN OUT LPDWORD domainSize,
1723 OUT PSID_NAME_USE name_use )
1724 {
1725 DWORD len;
1726 BOOL r;
1727 LPWSTR systemW = NULL;
1728 LPWSTR accountW = NULL;
1729 LPWSTR domainW = NULL;
1730 DWORD accountSizeW = *accountSize * sizeof(WCHAR);
1731 DWORD domainSizeW = *domainSize * sizeof(WCHAR);
1732
1733 TRACE("(%s,sid=%s,%p,%p(%lu),%p,%p(%lu),%p)\n",
1734 debugstr_a(system),debugstr_sid(sid),
1735 account,accountSize,accountSize?*accountSize:0,
1736 domain,domainSize,domainSize?*domainSize:0,
1737 name_use);
1738
1739 if (system) {
1740 len = MultiByteToWideChar( CP_ACP, 0, system, -1, NULL, 0 );
1741 systemW = HeapAlloc( GetProcessHeap(), 0, (len+1)*sizeof(WCHAR) );
1742 MultiByteToWideChar( CP_ACP, 0, system, -1, systemW, len );
1743 }
1744 accountW = HeapAlloc( GetProcessHeap(), 0, accountSizeW );
1745 domainW = HeapAlloc( GetProcessHeap(), 0, domainSizeW );
1746
1747 r = LookupAccountSidW(systemW, sid, accountW, &accountSizeW, domainW, &domainSizeW, name_use );
1748
1749 if (r) {
1750 len = WideCharToMultiByte( CP_ACP, 0, accountW, -1, NULL, 0, NULL, NULL );
1751 WideCharToMultiByte( CP_ACP, 0, accountW, -1, account, len, NULL, NULL );
1752 *accountSize = len;
1753
1754 len = WideCharToMultiByte( CP_ACP, 0, domainW, -1, NULL, 0, NULL, NULL );
1755 WideCharToMultiByte( CP_ACP, 0, domainW, -1, domain, len, NULL, NULL );
1756 *domainSize = len;
1757 }
1758
1759 HeapFree( GetProcessHeap(), 0, systemW );
1760 HeapFree( GetProcessHeap(), 0, accountW );
1761 HeapFree( GetProcessHeap(), 0, domainW );
1762
1763 return r;
1764 }
1765
1766 /******************************************************************************
1767 * LookupAccountSidW [ADVAPI32.@]
1768 *
1769 * PARAMS
1770 * system []
1771 * sid []
1772 * account []
1773 * accountSize []
1774 * domain []
1775 * domainSize []
1776 * name_use []
1777 */
1778
1779 BOOL WINAPI
1780 LookupAccountSidW(
1781 IN LPCWSTR system,
1782 IN PSID sid,
1783 OUT LPWSTR account,
1784 IN OUT LPDWORD accountSize,
1785 OUT LPWSTR domain,
1786 IN OUT LPDWORD domainSize,
1787 OUT PSID_NAME_USE name_use )
1788 {
1789 int i, j;
1790 const WCHAR * ac = Administrator; /* FIXME */
1791 const WCHAR * dm = DOMAIN; /* FIXME */
1792 SID_NAME_USE use = SidTypeUser; /* FIXME */
1793
1794 TRACE("(%s,sid=%s,%p,%p(%lu),%p,%p(%lu),%p)\n",
1795 debugstr_w(system),debugstr_sid(sid),
1796 account,accountSize,accountSize?*accountSize:0,
1797 domain,domainSize,domainSize?*domainSize:0,
1798 name_use);
1799
1800 if (!ADVAPI_IsLocalComputer(system)) {
1801 FIXME("Only local computer supported!\n");
1802 SetLastError(ERROR_NONE_MAPPED);
1803 return FALSE;
1804 }
1805
1806 for (i = 0; i <= 60; i++) {
1807 if (IsWellKnownSid(sid, i)) {
1808 for (j = 0; j < (sizeof(ACCOUNT_SIDS) / sizeof(ACCOUNT_SIDS[0])); j++) {
1809 if (ACCOUNT_SIDS[j].type == i) {
1810 ac = ACCOUNT_SIDS[j].account;
1811 dm = ACCOUNT_SIDS[j].domain;
1812 use = ACCOUNT_SIDS[j].name_use;
1813 }
1814 }
1815 break;
1816 }
1817 }
1818
1819 *accountSize = strlenW(ac)+1;
1820 if (account && (*accountSize > strlenW(ac)))
1821 strcpyW(account, ac);
1822
1823 *domainSize = strlenW(dm)+1;
1824 if (domain && (*domainSize > strlenW(dm)))
1825 strcpyW(domain,dm);
1826
1827 *name_use = use;
1828 return TRUE;
1829 }
1830
1831 /******************************************************************************
1832 * SetFileSecurityA [ADVAPI32.@]
1833 *
1834 * See SetFileSecurityW.
1835 */
1836 BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
1837 SECURITY_INFORMATION RequestedInformation,
1838 PSECURITY_DESCRIPTOR pSecurityDescriptor)
1839 {
1840 DWORD len;
1841 BOOL r;
1842 LPWSTR name = NULL;
1843
1844 if( lpFileName )
1845 {
1846 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
1847 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1848 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
1849 }
1850
1851 r = SetFileSecurityW( name, RequestedInformation, pSecurityDescriptor );
1852 HeapFree( GetProcessHeap(), 0, name );
1853
1854 return r;
1855 }
1856
1857 /******************************************************************************
1858 * SetFileSecurityW [ADVAPI32.@]
1859 *
1860 * Sets the security of a file or directory.
1861 *
1862 * PARAMS
1863 * lpFileName []
1864 * RequestedInformation []
1865 * pSecurityDescriptor []
1866 *
1867 * RETURNS
1868 * Success: TRUE.
1869 * Failure: FALSE.
1870 */
1871 BOOL WINAPI
1872 SetFileSecurityW( LPCWSTR lpFileName,
1873 SECURITY_INFORMATION RequestedInformation,
1874 PSECURITY_DESCRIPTOR pSecurityDescriptor )
1875 {
1876 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
1877 return TRUE;
1878 }
1879
1880 /******************************************************************************
1881 * QueryWindows31FilesMigration [ADVAPI32.@]
1882 *
1883 * PARAMS
1884 * x1 []
1885 */
1886 BOOL WINAPI
1887 QueryWindows31FilesMigration( DWORD x1 )
1888 {
1889 FIXME("(%ld):stub\n",x1);
1890 return TRUE;
1891 }
1892
1893 /******************************************************************************
1894 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
1895 *
1896 * PARAMS
1897 * x1 []
1898 * x2 []
1899 * x3 []
1900 * x4 []
1901 */
1902 BOOL WINAPI
1903 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
1904 DWORD x4 )
1905 {
1906 FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
1907 return TRUE;
1908 }
1909
1910 /******************************************************************************
1911 * NotifyBootConfigStatus [ADVAPI32.@]
1912 *
1913 * PARAMS
1914 * x1 []
1915 */
1916 BOOL WINAPI
1917 NotifyBootConfigStatus( BOOL x1 )
1918 {
1919 FIXME("(0x%08d):stub\n",x1);
1920 return 1;
1921 }
1922
1923 /******************************************************************************
1924 * RevertToSelf [ADVAPI32.@]
1925 *
1926 * Ends the impersonation of a user.
1927 *
1928 * PARAMS
1929 * void []
1930 *
1931 * RETURNS
1932 * Success: TRUE.
1933 * Failure: FALSE.
1934 */
1935 BOOL WINAPI
1936 RevertToSelf( void )
1937 {
1938 HANDLE Token = NULL;
1939 return set_ntstatus( NtSetInformationThread( GetCurrentThread(),
1940 ThreadImpersonationToken, &Token, sizeof(Token) ) );
1941 }
1942
1943 /******************************************************************************
1944 * ImpersonateSelf [ADVAPI32.@]
1945 *
1946 * Makes an impersonation token that represents the process user and assigns
1947 * to the current thread.
1948 *
1949 * PARAMS
1950 * ImpersonationLevel [I] Level at which to impersonate.
1951 *
1952 * RETURNS
1953 * Success: TRUE.
1954 * Failure: FALSE.
1955 */
1956 BOOL WINAPI
1957 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1958 {
1959 return set_ntstatus( RtlImpersonateSelf( ImpersonationLevel ) );
1960 }
1961
1962 /******************************************************************************
1963 * ImpersonateLoggedOnUser [ADVAPI32.@]
1964 */
1965 BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
1966 {
1967 DWORD size;
1968 NTSTATUS Status;
1969 HANDLE ImpersonationToken;
1970 TOKEN_TYPE Type;
1971
1972 FIXME( "(%p)\n", hToken );
1973
1974 if (!GetTokenInformation( hToken, TokenType, &Type,
1975 sizeof(TOKEN_TYPE), &size ))
1976 return FALSE;
1977
1978 if (Type == TokenPrimary)
1979 {
1980 OBJECT_ATTRIBUTES ObjectAttributes;
1981
1982 InitializeObjectAttributes( &ObjectAttributes, NULL, 0, NULL, NULL );
1983
1984 Status = NtDuplicateToken( hToken,
1985 TOKEN_IMPERSONATE | TOKEN_QUERY,
1986 &ObjectAttributes,
1987 SecurityImpersonation,
1988 TokenImpersonation,
1989 &ImpersonationToken );
1990 if (Status != STATUS_SUCCESS)
1991 {
1992 ERR( "NtDuplicateToken failed with error 0x%08lx\n", Status );
1993 SetLastError( RtlNtStatusToDosError( Status ) );
1994 return FALSE;
1995 }
1996 }
1997 else
1998 ImpersonationToken = hToken;
1999
2000 Status = NtSetInformationThread( GetCurrentThread(),
2001 ThreadImpersonationToken,
2002 &ImpersonationToken,
2003 sizeof(ImpersonationToken) );
2004
2005 if (Type == TokenPrimary)
2006 NtClose( ImpersonationToken );
2007
2008 if (Status != STATUS_SUCCESS)
2009 {
2010 ERR( "NtSetInformationThread failed with error 0x%08lx\n", Status );
2011 SetLastError( RtlNtStatusToDosError( Status ) );
2012 return FALSE;
2013 }
2014
2015 return TRUE;
2016 }
2017
2018 /******************************************************************************
2019 * AccessCheck [ADVAPI32.@]
2020 */
2021 BOOL WINAPI
2022 AccessCheck(
2023 PSECURITY_DESCRIPTOR SecurityDescriptor,
2024 HANDLE ClientToken,
2025 DWORD DesiredAccess,
2026 PGENERIC_MAPPING GenericMapping,
2027 PPRIVILEGE_SET PrivilegeSet,
2028 LPDWORD PrivilegeSetLength,
2029 LPDWORD GrantedAccess,
2030 LPBOOL AccessStatus)
2031 {
2032 NTSTATUS access_status;
2033 BOOL ret = set_ntstatus( NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
2034 GenericMapping, PrivilegeSet, PrivilegeSetLength,
2035 GrantedAccess, &access_status) );
2036 if (ret) *AccessStatus = set_ntstatus( access_status );
2037 return ret;
2038 }
2039
2040
2041 /******************************************************************************
2042 * AccessCheckByType [ADVAPI32.@]
2043 */
2044 BOOL WINAPI AccessCheckByType(
2045 PSECURITY_DESCRIPTOR pSecurityDescriptor,
2046 PSID PrincipalSelfSid,
2047 HANDLE ClientToken,
2048 DWORD DesiredAccess,
2049 POBJECT_TYPE_LIST ObjectTypeList,
2050 DWORD ObjectTypeListLength,
2051 PGENERIC_MAPPING GenericMapping,
2052 PPRIVILEGE_SET PrivilegeSet,
2053 LPDWORD PrivilegeSetLength,
2054 LPDWORD GrantedAccess,
2055 LPBOOL AccessStatus)
2056 {
2057 FIXME("stub\n");
2058
2059 *AccessStatus = TRUE;
2060
2061 return !*AccessStatus;
2062 }
2063
2064 /******************************************************************************
2065 * MapGenericMask [ADVAPI32.@]
2066 *
2067 * Maps generic access rights into specific access rights according to the
2068 * supplied mapping.
2069 *
2070 * PARAMS
2071 * AccessMask [I/O] Access rights.
2072 * GenericMapping [I] The mapping between generic and specific rights.
2073 *
2074 * RETURNS
2075 * Nothing.
2076 */
2077 VOID WINAPI MapGenericMask( PDWORD AccessMask, PGENERIC_MAPPING GenericMapping )
2078 {
2079 RtlMapGenericMask( AccessMask, GenericMapping );
2080 }
2081
2082 /*************************************************************************
2083 * SetKernelObjectSecurity [ADVAPI32.@]
2084 */
2085 BOOL WINAPI SetKernelObjectSecurity (
2086 IN HANDLE Handle,
2087 IN SECURITY_INFORMATION SecurityInformation,
2088 IN PSECURITY_DESCRIPTOR SecurityDescriptor )
2089 {
2090 return set_ntstatus (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
2091 }
2092
2093
2094 /******************************************************************************
2095 * AddAuditAccessAce [ADVAPI32.@]
2096 */
2097 BOOL WINAPI AddAuditAccessAce(
2098 IN OUT PACL pAcl,
2099 IN DWORD dwAceRevision,
2100 IN DWORD dwAccessMask,
2101 IN PSID pSid,
2102 IN BOOL bAuditSuccess,
2103 IN BOOL bAuditFailure)
2104 {
2105 return set_ntstatus( RtlAddAuditAccessAce(pAcl, dwAceRevision, dwAccessMask, pSid,
2106 bAuditSuccess, bAuditFailure) );
2107 }
2108
2109 /******************************************************************************
2110 * LookupAccountNameA [ADVAPI32.@]
2111 */
2112 BOOL WINAPI
2113 LookupAccountNameA(
2114 IN LPCSTR system,
2115 IN LPCSTR account,
2116 OUT PSID sid,
2117 OUT LPDWORD cbSid,
2118 LPSTR ReferencedDomainName,
2119 IN OUT LPDWORD cbReferencedDomainName,
2120 OUT PSID_NAME_USE name_use )
2121 {
2122 BOOL ret;
2123 UNICODE_STRING lpSystemW;
2124 UNICODE_STRING lpAccountW;
2125 LPWSTR lpReferencedDomainNameW = NULL;
2126
2127 RtlCreateUnicodeStringFromAsciiz(&lpSystemW, system);
2128 RtlCreateUnicodeStringFromAsciiz(&lpAccountW, account);
2129
2130 if (ReferencedDomainName)
2131 lpReferencedDomainNameW = HeapAlloc(GetProcessHeap(), 0, *cbReferencedDomainName * sizeof(WCHAR));
2132
2133 ret = LookupAccountNameW(lpSystemW.Buffer, lpAccountW.Buffer, sid, cbSid, lpReferencedDomainNameW,
2134 cbReferencedDomainName, name_use);
2135
2136 if (ret && lpReferencedDomainNameW)
2137 {
2138 WideCharToMultiByte(CP_ACP, 0, lpReferencedDomainNameW, *cbReferencedDomainName,
2139 ReferencedDomainName, *cbReferencedDomainName, NULL, NULL);
2140 }
2141
2142 RtlFreeUnicodeString(&lpSystemW);
2143 RtlFreeUnicodeString(&lpAccountW);
2144 HeapFree(GetProcessHeap(), 0, lpReferencedDomainNameW);
2145
2146 return ret;
2147 }
2148
2149 /******************************************************************************
2150 * LookupAccountNameW [ADVAPI32.@]
2151 */
2152 BOOL WINAPI LookupAccountNameW( LPCWSTR lpSystemName, LPCWSTR lpAccountName, PSID Sid,
2153 LPDWORD cbSid, LPWSTR ReferencedDomainName,
2154 LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse )
2155 {
2156 /* Default implementation: Always return a default SID */
2157 SID_IDENTIFIER_AUTHORITY identifierAuthority = {SECURITY_NT_AUTHORITY};
2158 BOOL ret;
2159 PSID pSid;
2160 static const WCHAR dm[] = {'D','O','M','A','I','N',0};
2161
2162 FIXME("%s %s %p %p %p %p %p - stub\n", debugstr_w(lpSystemName), debugstr_w(lpAccountName),
2163 Sid, cbSid, ReferencedDomainName, cchReferencedDomainName, peUse);
2164
2165 ret = AllocateAndInitializeSid(&identifierAuthority,
2166 2,
2167 SECURITY_BUILTIN_DOMAIN_RID,
2168 DOMAIN_ALIAS_RID_ADMINS,
2169 0, 0, 0, 0, 0, 0,
2170 &pSid);
2171
2172 if (!ret)
2173 return FALSE;
2174
2175 if (!RtlValidSid(pSid))
2176 {
2177 FreeSid(pSid);
2178 return FALSE;
2179 }
2180
2181 if (Sid != NULL && (*cbSid >= GetLengthSid(pSid)))
2182 CopySid(*cbSid, Sid, pSid);
2183 if (*cbSid < GetLengthSid(pSid))
2184 {
2185 SetLastError(ERROR_INSUFFICIENT_BUFFER);
2186 ret = FALSE;
2187 }
2188 *cbSid = GetLengthSid(pSid);
2189
2190 if (ReferencedDomainName != NULL && (*cchReferencedDomainName > strlenW(dm)))
2191 strcpyW(ReferencedDomainName, dm);
2192
2193 if (*cchReferencedDomainName <= strlenW(dm))
2194 {
2195 SetLastError(ERROR_INSUFFICIENT_BUFFER);
2196 ret = FALSE;
2197 }
2198
2199 *cchReferencedDomainName = strlenW(dm)+1;
2200
2201 FreeSid(pSid);
2202
2203 return ret;
2204 }
2205
2206 /******************************************************************************
2207 * PrivilegeCheck [ADVAPI32.@]
2208 */
2209 BOOL WINAPI PrivilegeCheck( HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
2210 {
2211 BOOL ret;
2212 BOOLEAN Result;
2213
2214 TRACE("%p %p %p\n", ClientToken, RequiredPrivileges, pfResult);
2215
2216 ret = set_ntstatus (NtPrivilegeCheck (ClientToken, RequiredPrivileges, &Result));
2217 if (ret)
2218 *pfResult = Result;
2219 return ret;
2220 }
2221
2222 /******************************************************************************
2223 * AccessCheckAndAuditAlarmA [ADVAPI32.@]
2224 */
2225 BOOL WINAPI AccessCheckAndAuditAlarmA(LPCSTR Subsystem, LPVOID HandleId, LPSTR ObjectTypeName,
2226 LPSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
2227 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
2228 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
2229 {
2230 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_a(Subsystem),
2231 HandleId, debugstr_a(ObjectTypeName), debugstr_a(ObjectName),
2232 SecurityDescriptor, DesiredAccess, GenericMapping,
2233 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
2234 return TRUE;
2235 }
2236
2237 /******************************************************************************
2238 * AccessCheckAndAuditAlarmW [ADVAPI32.@]
2239 */
2240 BOOL WINAPI AccessCheckAndAuditAlarmW(LPCWSTR Subsystem, LPVOID HandleId, LPWSTR ObjectTypeName,
2241 LPWSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
2242 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
2243 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
2244 {
2245 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_w(Subsystem),
2246 HandleId, debugstr_w(ObjectTypeName), debugstr_w(ObjectName),
2247 SecurityDescriptor, DesiredAccess, GenericMapping,
2248 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
2249 return TRUE;
2250 }
2251
2252 BOOL WINAPI ObjectCloseAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
2253 {
2254 FIXME("stub (%s,%p,%x)\n", debugstr_a(SubsystemName), HandleId, GenerateOnClose);
2255
2256 return TRUE;
2257 }
2258
2259 BOOL WINAPI ObjectCloseAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
2260 {
2261 FIXME("stub (%s,%p,%x)\n", debugstr_w(SubsystemName), HandleId, GenerateOnClose);
2262
2263 return TRUE;
2264 }
2265
2266 BOOL WINAPI ObjectDeleteAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, BOOL GenerateOnClose)
2267 {
2268 FIXME("stub (%s,%p,%x)\n", debugstr_w(SubsystemName), HandleId, GenerateOnClose);
2269
2270 return TRUE;
2271 }
2272
2273 BOOL WINAPI ObjectOpenAuditAlarmA(LPCSTR SubsystemName, LPVOID HandleId, LPSTR ObjectTypeName,
2274 LPSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess,
2275 DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted,
2276 LPBOOL GenerateOnClose)
2277 {
2278 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_a(SubsystemName),
2279 HandleId, debugstr_a(ObjectTypeName), debugstr_a(ObjectName), pSecurityDescriptor,
2280 ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted,
2281 GenerateOnClose);
2282
2283 return TRUE;
2284 }
2285
2286 BOOL WINAPI ObjectOpenAuditAlarmW(LPCWSTR SubsystemName, LPVOID HandleId, LPWSTR ObjectTypeName,
2287 LPWSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess,
2288 DWORD GrantedAccess, PPRIVILEGE_SET Privileges, BOOL ObjectCreation, BOOL AccessGranted,
2289 LPBOOL GenerateOnClose)
2290 {
2291 FIXME("stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_w(SubsystemName),
2292 HandleId, debugstr_w(ObjectTypeName), debugstr_w(ObjectName), pSecurityDescriptor,
2293 ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted,
2294 GenerateOnClose);
2295
2296 return TRUE;
2297 }
2298
2299 BOOL WINAPI ObjectPrivilegeAuditAlarmA( LPCSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken,
2300 DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2301 {
2302 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_a(SubsystemName), HandleId, ClientToken,
2303 DesiredAccess, Privileges, AccessGranted);
2304
2305 return TRUE;
2306 }
2307
2308 BOOL WINAPI ObjectPrivilegeAuditAlarmW( LPCWSTR SubsystemName, LPVOID HandleId, HANDLE ClientToken,
2309 DWORD DesiredAccess, PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2310 {
2311 FIXME("stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_w(SubsystemName), HandleId, ClientToken,
2312 DesiredAccess, Privileges, AccessGranted);
2313
2314 return TRUE;
2315 }
2316
2317 BOOL WINAPI PrivilegedServiceAuditAlarmA( LPCSTR SubsystemName, LPCSTR ServiceName, HANDLE ClientToken,
2318 PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2319 {
2320 FIXME("stub (%s,%s,%p,%p,%x)\n", debugstr_a(SubsystemName), debugstr_a(ServiceName),
2321 ClientToken, Privileges, AccessGranted);
2322
2323 return TRUE;
2324 }
2325
2326 BOOL WINAPI PrivilegedServiceAuditAlarmW( LPCWSTR SubsystemName, LPCWSTR ServiceName, HANDLE ClientToken,
2327 PPRIVILEGE_SET Privileges, BOOL AccessGranted)
2328 {
2329 FIXME("stub %s,%s,%p,%p,%x)\n", debugstr_w(SubsystemName), debugstr_w(ServiceName),
2330 ClientToken, Privileges, AccessGranted);
2331
2332 return TRUE;
2333 }
2334
2335 /******************************************************************************
2336 * GetSecurityInfo [ADVAPI32.@]
2337 */
2338 DWORD WINAPI GetSecurityInfo(
2339 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
2340 SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner,
2341 PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl,
2342 PSECURITY_DESCRIPTOR *ppSecurityDescriptor
2343 )
2344 {
2345 FIXME("stub!\n");
2346 return ERROR_BAD_PROVIDER;
2347 }
2348
2349 /******************************************************************************
2350 * GetSecurityInfoExW [ADVAPI32.@]
2351 */
2352 DWORD WINAPI GetSecurityInfoExW(
2353 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
2354 SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider,
2355 LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList,
2356 PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup
2357 )
2358 {
2359 FIXME("stub!\n");
2360 return ERROR_BAD_PROVIDER;
2361 }
2362
2363 /******************************************************************************
2364 * BuildExplicitAccessWithNameA [ADVAPI32.@]
2365 */
2366 VOID WINAPI BuildExplicitAccessWithNameA( PEXPLICIT_ACCESSA pExplicitAccess,
2367 LPSTR pTrusteeName, DWORD AccessPermissions,
2368 ACCESS_MODE AccessMode, DWORD Inheritance )
2369 {
2370 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess, debugstr_a(pTrusteeName),
2371 AccessPermissions, AccessMode, Inheritance);
2372
2373 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2374 pExplicitAccess->grfAccessMode = AccessMode;
2375 pExplicitAccess->grfInheritance = Inheritance;
2376
2377 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2378 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2379 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2380 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2381 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2382 }
2383
2384 /******************************************************************************
2385 * BuildExplicitAccessWithNameW [ADVAPI32.@]
2386 */
2387 VOID WINAPI BuildExplicitAccessWithNameW( PEXPLICIT_ACCESSW pExplicitAccess,
2388 LPWSTR pTrusteeName, DWORD AccessPermissions,
2389 ACCESS_MODE AccessMode, DWORD Inheritance )
2390 {
2391 TRACE("%p %s 0x%08lx 0x%08x 0x%08lx\n", pExplicitAccess, debugstr_w(pTrusteeName),
2392 AccessPermissions, AccessMode, Inheritance);
2393
2394 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2395 pExplicitAccess->grfAccessMode = AccessMode;
2396 pExplicitAccess->grfInheritance = Inheritance;
2397
2398 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2399 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2400 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2401 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2402 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2403 }
2404
2405 /******************************************************************************
2406 * BuildTrusteeWithObjectsAndNameA [ADVAPI32.@]
2407 */
2408 VOID WINAPI BuildTrusteeWithObjectsAndNameA( PTRUSTEEA pTrustee, POBJECTS_AND_NAME_A pObjName,
2409 SE_OBJECT_TYPE ObjectType, LPSTR ObjectTypeName,
2410 LPSTR InheritedObjectTypeName, LPSTR Name )
2411 {
2412 DWORD ObjectsPresent = 0;
2413
2414 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2415 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_a(Name));
2416
2417 /* Fill the OBJECTS_AND_NAME structure */
2418 pObjName->ObjectType = ObjectType;
2419 if (ObjectTypeName != NULL)
2420 {
2421 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2422 }
2423
2424 pObjName->InheritedObjectTypeName = InheritedObjectTypeName;
2425 if (InheritedObjectTypeName != NULL)
2426 {
2427 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2428 }
2429
2430 pObjName->ObjectsPresent = ObjectsPresent;
2431 pObjName->ptstrName = Name;
2432
2433 /* Fill the TRUSTEE structure */
2434 pTrustee->pMultipleTrustee = NULL;
2435 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2436 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2437 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2438 pTrustee->ptstrName = (LPSTR)pObjName;
2439 }
2440
2441 /******************************************************************************
2442 * BuildTrusteeWithObjectsAndNameW [ADVAPI32.@]
2443 */
2444 VOID WINAPI BuildTrusteeWithObjectsAndNameW( PTRUSTEEW pTrustee, POBJECTS_AND_NAME_W pObjName,
2445 SE_OBJECT_TYPE ObjectType, LPWSTR ObjectTypeName,
2446 LPWSTR InheritedObjectTypeName, LPWSTR Name )
2447 {
2448 DWORD ObjectsPresent = 0;
2449
2450 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2451 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_w(Name));
2452
2453 /* Fill the OBJECTS_AND_NAME structure */
2454 pObjName->ObjectType = ObjectType;
2455 if (ObjectTypeName != NULL)
2456 {
2457 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2458 }
2459
2460 pObjName->InheritedObjectTypeName = InheritedObjectTypeName;
2461 if (InheritedObjectTypeName != NULL)
2462 {
2463 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2464 }
2465
2466 pObjName->ObjectsPresent = ObjectsPresent;
2467 pObjName->ptstrName = Name;
2468
2469 /* Fill the TRUSTEE structure */
2470 pTrustee->pMultipleTrustee = NULL;
2471 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2472 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2473 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2474 pTrustee->ptstrName = (LPWSTR)pObjName;
2475 }
2476
2477 /******************************************************************************
2478 * BuildTrusteeWithObjectsAndSidA [ADVAPI32.@]
2479 */
2480 VOID WINAPI BuildTrusteeWithObjectsAndSidA( PTRUSTEEA pTrustee, POBJECTS_AND_SID pObjSid,
2481 GUID* pObjectGuid, GUID* pInheritedObjectGuid, PSID pSid )
2482 {
2483 DWORD ObjectsPresent = 0;
2484
2485 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2486
2487 /* Fill the OBJECTS_AND_SID structure */
2488 if (pObjectGuid != NULL)
2489 {
2490 pObjSid->ObjectTypeGuid = *pObjectGuid;
2491 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2492 }
2493 else
2494 {
2495 ZeroMemory(&pObjSid->ObjectTypeGuid,
2496 sizeof(GUID));
2497 }
2498
2499 if (pInheritedObjectGuid != NULL)
2500 {
2501 pObjSid->InheritedObjectTypeGuid = *pInheritedObjectGuid;
2502 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2503 }
2504 else
2505 {
2506 ZeroMemory(&pObjSid->InheritedObjectTypeGuid,
2507 sizeof(GUID));
2508 }
2509
2510 pObjSid->ObjectsPresent = ObjectsPresent;
2511 pObjSid->pSid = pSid;
2512
2513 /* Fill the TRUSTEE structure */
2514 pTrustee->pMultipleTrustee = NULL;
2515 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2516 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2517 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2518 pTrustee->ptstrName = (LPSTR) pObjSid;
2519 }
2520
2521 /******************************************************************************
2522 * BuildTrusteeWithObjectsAndSidW [ADVAPI32.@]
2523 */
2524 VOID WINAPI BuildTrusteeWithObjectsAndSidW( PTRUSTEEW pTrustee, POBJECTS_AND_SID pObjSid,
2525 GUID* pObjectGuid, GUID* pInheritedObjectGuid, PSID pSid )
2526 {
2527 DWORD ObjectsPresent = 0;
2528
2529 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2530
2531 /* Fill the OBJECTS_AND_SID structure */
2532 if (pObjectGuid != NULL)
2533 {
2534 pObjSid->ObjectTypeGuid = *pObjectGuid;
2535 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2536 }
2537 else
2538 {
2539 ZeroMemory(&pObjSid->ObjectTypeGuid,
2540 sizeof(GUID));
2541 }
2542
2543 if (pInheritedObjectGuid != NULL)
2544 {
2545 pObjSid->InheritedObjectTypeGuid = *pInheritedObjectGuid;
2546 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2547 }
2548 else
2549 {
2550 ZeroMemory(&pObjSid->InheritedObjectTypeGuid,
2551 sizeof(GUID));
2552 }
2553
2554 pObjSid->ObjectsPresent = ObjectsPresent;
2555 pObjSid->pSid = pSid;
2556
2557 /* Fill the TRUSTEE structure */
2558 pTrustee->pMultipleTrustee = NULL;
2559 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2560 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2561 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2562 pTrustee->ptstrName = (LPWSTR) pObjSid;
2563 }
2564
2565 /******************************************************************************
2566 * BuildTrusteeWithSidA [ADVAPI32.@]
2567 */
2568 VOID WINAPI BuildTrusteeWithSidA(PTRUSTEEA pTrustee, PSID pSid)
2569 {
2570 TRACE("%p %p\n", pTrustee, pSid);
2571
2572 pTrustee->pMultipleTrustee = NULL;
2573 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2574 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2575 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2576 pTrustee->ptstrName = (LPSTR) pSid;
2577 }
2578
2579 /******************************************************************************
2580 * BuildTrusteeWithSidW [ADVAPI32.@]
2581 */
2582 VOID WINAPI BuildTrusteeWithSidW(PTRUSTEEW pTrustee, PSID pSid)
2583 {
2584 TRACE("%p %p\n", pTrustee, pSid);
2585
2586 pTrustee->pMultipleTrustee = NULL;
2587 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2588 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2589 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2590 pTrustee->ptstrName = (LPWSTR) pSid;
2591 }
2592
2593 /******************************************************************************
2594 * BuildTrusteeWithNameA [ADVAPI32.@]
2595 */
2596 VOID WINAPI BuildTrusteeWithNameA(PTRUSTEEA pTrustee, LPSTR name)
2597 {
2598 TRACE("%p %s\n", pTrustee, debugstr_a(name) );
2599
2600 pTrustee->pMultipleTrustee = NULL;
2601 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2602 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2603 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2604 pTrustee->ptstrName = name;
2605 }
2606
2607 /******************************************************************************
2608 * BuildTrusteeWithNameW [ADVAPI32.@]
2609 */
2610 VOID WINAPI BuildTrusteeWithNameW(PTRUSTEEW pTrustee, LPWSTR name)
2611 {
2612 TRACE("%p %s\n", pTrustee, debugstr_w(name) );
2613
2614 pTrustee->pMultipleTrustee = NULL;
2615 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2616 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2617 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2618 pTrustee->ptstrName = name;
2619 }
2620
2621 /******************************************************************************
2622 * GetTrusteeFormA [ADVAPI32.@]
2623 */
2624 TRUSTEE_FORM WINAPI GetTrusteeFormA(PTRUSTEEA pTrustee)
2625 {
2626 TRACE("(%p)\n", pTrustee);
2627
2628 if (!pTrustee)
2629 return TRUSTEE_BAD_FORM;
2630
2631 return pTrustee->TrusteeForm;
2632 }
2633
2634 /******************************************************************************
2635 * GetTrusteeFormW [ADVAPI32.@]
2636 */
2637 TRUSTEE_FORM WINAPI GetTrusteeFormW(PTRUSTEEW pTrustee)
2638 {
2639 TRACE("(%p)\n", pTrustee);
2640
2641 if (!pTrustee)
2642 return TRUSTEE_BAD_FORM;
2643
2644 return pTrustee->TrusteeForm;
2645 }
2646
2647 /******************************************************************************
2648 * GetTrusteeNameA [ADVAPI32.@]
2649 */
2650 LPSTR WINAPI GetTrusteeNameA(PTRUSTEEA pTrustee)
2651 {
2652 TRACE("(%p)\n", pTrustee);
2653
2654 if (!pTrustee)
2655 return NULL;
2656
2657 return pTrustee->ptstrName;
2658 }
2659
2660 /******************************************************************************
2661 * GetTrusteeNameW [ADVAPI32.@]
2662 */
2663 LPWSTR WINAPI GetTrusteeNameW(PTRUSTEEW pTrustee)
2664 {
2665 TRACE("(%p)\n", pTrustee);
2666
2667 if (!pTrustee)
2668 return NULL;
2669
2670 return pTrustee->ptstrName;
2671 }
2672
2673 /******************************************************************************
2674 * GetTrusteeTypeA [ADVAPI32.@]
2675 */
2676 TRUSTEE_TYPE WINAPI GetTrusteeTypeA(PTRUSTEEA pTrustee)
2677 {
2678 TRACE("(%p)\n", pTrustee);
2679
2680 if (!pTrustee)
2681 return TRUSTEE_IS_UNKNOWN;
2682
2683 return pTrustee->TrusteeType;
2684 }
2685
2686 /******************************************************************************
2687 * GetTrusteeTypeW [ADVAPI32.@]
2688 */
2689 TRUSTEE_TYPE WINAPI GetTrusteeTypeW(PTRUSTEEW pTrustee)
2690 {
2691 TRACE("(%p)\n", pTrustee);
2692
2693 if (!pTrustee)
2694 return TRUSTEE_IS_UNKNOWN;
2695
2696 return pTrustee->TrusteeType;
2697 }
2698
2699 BOOL WINAPI SetAclInformation( PACL pAcl, LPVOID pAclInformation,
2700 DWORD nAclInformationLength,
2701 ACL_INFORMATION_CLASS dwAclInformationClass )
2702 {
2703 FIXME("%p %p 0x%08lx 0x%08x - stub\n", pAcl, pAclInformation,
2704 nAclInformationLength, dwAclInformationClass);
2705
2706 return TRUE;
2707 }
2708
2709 /******************************************************************************
2710 * SetEntriesInAclA [ADVAPI32.@]
2711 */
2712 DWORD WINAPI SetEntriesInAclA( ULONG count, PEXPLICIT_ACCESSA pEntries,
2713 PACL OldAcl, PACL* NewAcl )
2714 {
2715 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
2716 return ERROR_CALL_NOT_IMPLEMENTED;
2717 }
2718
2719 /******************************************************************************
2720 * SetEntriesInAclW [ADVAPI32.@]
2721 */
2722 DWORD WINAPI SetEntriesInAclW( ULONG count, PEXPLICIT_ACCESSW pEntries,
2723 PACL OldAcl, PACL* NewAcl )
2724 {
2725 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
2726 return ERROR_CALL_NOT_IMPLEMENTED;
2727 }
2728
2729 /******************************************************************************
2730 * SetNamedSecurityInfoA [ADVAPI32.@]
2731 */
2732 DWORD WINAPI SetNamedSecurityInfoA(LPSTR pObjectName,
2733 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2734 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
2735 {
2736 DWORD len;
2737 LPWSTR wstr = NULL;
2738 DWORD r;
2739
2740 TRACE("%s %d %ld %p %p %p %p\n", debugstr_a(pObjectName), ObjectType,
2741 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
2742
2743 if( pObjectName )
2744 {
2745 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
2746 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
2747 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
2748 }
2749
2750 r = SetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, psidOwner,
2751 psidGroup, pDacl, pSacl );
2752
2753 HeapFree( GetProcessHeap(), 0, wstr );
2754
2755 return r;
2756 }
2757
2758 BOOL WINAPI SetPrivateObjectSecurity( SECURITY_INFORMATION SecurityInformation,
2759 PSECURITY_DESCRIPTOR ModificationDescriptor,
2760 PSECURITY_DESCRIPTOR* ObjectsSecurityDescriptor,
2761 PGENERIC_MAPPING GenericMapping,
2762 HANDLE Token )
2763 {
2764 FIXME("0x%08lx %p %p %p %p - stub\n", SecurityInformation, ModificationDescriptor,
2765 ObjectsSecurityDescriptor, GenericMapping, Token);
2766
2767 return TRUE;
2768 }
2769
2770 BOOL WINAPI SetSecurityDescriptorControl( PSECURITY_DESCRIPTOR pSecurityDescriptor,
2771 SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest,
2772 SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet )
2773 {
2774 FIXME("%p 0x%08x 0x%08x - stub\n", pSecurityDescriptor, ControlBitsOfInterest,
2775 ControlBitsToSet);
2776
2777 return TRUE;
2778 }
2779
2780 BOOL WINAPI AreAllAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
2781 {
2782 return RtlAreAllAccessesGranted( GrantedAccess, DesiredAccess );
2783 }
2784
2785 /******************************************************************************
2786 * AreAnyAccessesGranted [ADVAPI32.@]
2787 *
2788 * Determines whether or not any of a set of specified access permissions have
2789 * been granted or not.
2790 *
2791 * PARAMS
2792 * GrantedAccess [I] The permissions that have been granted.
2793 * DesiredAccess [I] The permissions that you want to have.
2794 *
2795 * RETURNS
2796 * Nonzero if any of the permissions have been granted, zero if none of the
2797 * permissions have been granted.
2798 */
2799
2800 BOOL WINAPI AreAnyAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
2801 {
2802 return RtlAreAnyAccessesGranted( GrantedAccess, DesiredAccess );
2803 }
2804
2805 /******************************************************************************
2806 * SetNamedSecurityInfoW [ADVAPI32.@]
2807 */
2808 DWORD WINAPI SetNamedSecurityInfoW(LPWSTR pObjectName,
2809 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2810 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
2811 {
2812 FIXME("%s %d %ld %p %p %p %p\n", debugstr_w(pObjectName), ObjectType,
2813 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
2814 return ERROR_SUCCESS;
2815 }
2816
2817 /******************************************************************************
2818 * GetExplicitEntriesFromAclA [ADVAPI32.@]
2819 */
2820 DWORD WINAPI GetExplicitEntriesFromAclA( PACL pacl, PULONG pcCountOfExplicitEntries,
2821 PEXPLICIT_ACCESSA* pListOfExplicitEntries)
2822 {
2823 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
2824 return ERROR_CALL_NOT_IMPLEMENTED;
2825 }
2826
2827 /******************************************************************************
2828 * GetExplicitEntriesFromAclW [ADVAPI32.@]
2829 */
2830 DWORD WINAPI GetExplicitEntriesFromAclW( PACL pacl, PULONG pcCountOfExplicitEntries,
2831 PEXPLICIT_ACCESSW* pListOfExplicitEntries)
2832 {
2833 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
2834 return ERROR_CALL_NOT_IMPLEMENTED;
2835 }
2836
2837
2838 /******************************************************************************
2839 * ParseAclStringFlags
2840 */
2841 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl)
2842 {
2843 DWORD flags = 0;
2844 LPCWSTR szAcl = *StringAcl;
2845
2846 while (*szAcl != '(')
2847 {
2848 if (*szAcl == 'P')
2849 {
2850 flags |= SE_DACL_PROTECTED;
2851 }
2852 else if (*szAcl == 'A')
2853 {
2854 szAcl++;
2855 if (*szAcl == 'R')
2856 flags |= SE_DACL_AUTO_INHERIT_REQ;
2857 else if (*szAcl == 'I')
2858 flags |= SE_DACL_AUTO_INHERITED;
2859 }
2860 szAcl++;
2861 }
2862
2863 *StringAcl = szAcl;
2864 return flags;
2865 }
2866
2867 /******************************************************************************
2868 * ParseAceStringType
2869 */
2870 static const ACEFLAG AceType[] =
2871 {
2872 { SDDL_ACCESS_ALLOWED, ACCESS_ALLOWED_ACE_TYPE },
2873 { SDDL_ALARM, SYSTEM_ALARM_ACE_TYPE },
2874 { SDDL_AUDIT, SYSTEM_AUDIT_ACE_TYPE },
2875 { SDDL_ACCESS_DENIED, ACCESS_DENIED_ACE_TYPE },
2876 /*
2877 { SDDL_OBJECT_ACCESS_ALLOWED, ACCESS_ALLOWED_OBJECT_ACE_TYPE },
2878 { SDDL_OBJECT_ACCESS_DENIED, ACCESS_DENIED_OBJECT_ACE_TYPE },
2879 { SDDL_OBJECT_ALARM, SYSTEM_ALARM_OBJECT_ACE_TYPE },
2880 { SDDL_OBJECT_AUDIT, SYSTEM_AUDIT_OBJECT_ACE_TYPE },
2881 */
2882 { NULL, 0 },
2883 };
2884
2885 static BYTE ParseAceStringType(LPCWSTR* StringAcl)
2886 {
2887 UINT len = 0;
2888 LPCWSTR szAcl = *StringAcl;
2889 const ACEFLAG *lpaf = AceType;
2890
2891 while (lpaf->wstr &&
2892 (len = strlenW(lpaf->wstr)) &&
2893 strncmpW(lpaf->wstr, szAcl, len))
2894 lpaf++;
2895
2896 if (!lpaf->wstr)
2897 return 0;
2898
2899 *StringAcl += len;
2900 return lpaf->value;
2901 }
2902
2903
2904 /******************************************************************************
2905 * ParseAceStringFlags
2906 */
2907 static const ACEFLAG AceFlags[] =
2908 {
2909 { SDDL_CONTAINER_INHERIT, CONTAINER_INHERIT_ACE },
2910 { SDDL_AUDIT_FAILURE, FAILED_ACCESS_ACE_FLAG },
2911 { SDDL_INHERITED, INHERITED_ACE },
2912 { SDDL_INHERIT_ONLY, INHERIT_ONLY_ACE },
2913 { SDDL_NO_PROPAGATE, NO_PROPAGATE_INHERIT_ACE },
2914 { SDDL_OBJECT_INHERIT, OBJECT_INHERIT_ACE },
2915 { SDDL_AUDIT_SUCCESS, SUCCESSFUL_ACCESS_ACE_FLAG },
2916 { NULL, 0 },
2917 };
2918
2919 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl)
2920 {
2921 UINT len = 0;
2922 BYTE flags = 0;
2923 LPCWSTR szAcl = *StringAcl;
2924
2925 while (*szAcl != ';')
2926 {
2927 const ACEFLAG *lpaf = AceFlags;
2928
2929 while (lpaf->wstr &&
2930 (len = strlenW(lpaf->wstr)) &&
2931 strncmpW(lpaf->wstr, szAcl, len))
2932 lpaf++;
2933
2934 if (!lpaf->wstr)
2935 return 0;
2936
2937 flags |= lpaf->value;
2938 szAcl += len;
2939 }
2940
2941 *StringAcl = szAcl;
2942 return flags;
2943 }
2944
2945
2946 /******************************************************************************
2947 * ParseAceStringRights
2948 */
2949 static const ACEFLAG AceRights[] =
2950 {
2951 { SDDL_GENERIC_ALL, GENERIC_ALL },
2952 { SDDL_GENERIC_READ, GENERIC_READ },
2953 { SDDL_GENERIC_WRITE, GENERIC_WRITE },
2954 { SDDL_GENERIC_EXECUTE, GENERIC_EXECUTE },
2955 { SDDL_READ_CONTROL, READ_CONTROL },
2956 { SDDL_STANDARD_DELETE, DELETE },
2957 { SDDL_WRITE_DAC, WRITE_DAC },
2958 { SDDL_WRITE_OWNER, WRITE_OWNER },
2959 { NULL, 0 },
2960 };
2961
2962 static DWORD ParseAceStringRights(LPCWSTR* StringAcl)
2963 {
2964 UINT len = 0;
2965 DWORD rights = 0;
2966 LPCWSTR szAcl = *StringAcl;
2967
2968 if ((*szAcl == '0') && (*(szAcl + 1) == 'x'))
2969 {
2970 LPCWSTR p = szAcl;
2971
2972 while (*p && *p != ';')
2973 p++;
2974
2975 if (p - szAcl <= 8)
2976 {
2977 rights = strtoulW(szAcl, NULL, 16);
2978 *StringAcl = p;
2979 }
2980 else
2981 WARN("Invalid rights string format: %s\n", debugstr_wn(szAcl, p - szAcl));
2982 }
2983 else
2984 {
2985 while (*szAcl != ';')
2986 {
2987 const ACEFLAG *lpaf = AceRights;
2988
2989 while (lpaf->wstr &&
2990 (len = strlenW(lpaf->wstr)) &&
2991 strncmpW(lpaf->wstr, szAcl, len))
2992 {
2993 lpaf++;
2994 }
2995
2996 if (!lpaf->wstr)
2997 return 0;
2998
2999 rights |= lpaf->value;
3000 szAcl += len;
3001 }
3002 }
3003
3004 *StringAcl = szAcl;
3005 return rights;
3006 }
3007
3008
3009 /******************************************************************************
3010 * ParseStringAclToAcl
3011 *
3012 * dacl_flags(string_ace1)(string_ace2)... (string_acen)
3013 */
3014 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
3015 PACL pAcl, LPDWORD cBytes)
3016 {
3017 DWORD val;
3018 DWORD sidlen;
3019 DWORD length = sizeof(ACL);
3020 PACCESS_ALLOWED_ACE pAce = NULL; /* pointer to current ACE */
3021
3022 TRACE("%s\n", debugstr_w(StringAcl));
3023
3024 if (!StringAcl)
3025 return FALSE;
3026
3027 if (pAcl) /* pAce is only useful if we're setting values */
3028 pAce = (PACCESS_ALLOWED_ACE) ((LPBYTE)pAcl + sizeof(PACL));
3029
3030 /* Parse ACL flags */
3031 *lpdwFlags = ParseAclStringFlags(&StringAcl);
3032
3033 /* Parse ACE */
3034 while (*StringAcl == '(')
3035 {
3036 StringAcl++;
3037
3038 /* Parse ACE type */
3039 val = ParseAceStringType(&StringAcl);
3040 if (pAce)
3041 pAce->Header.AceType = (BYTE) val;
3042 if (*StringAcl != ';')
3043 goto lerr;
3044 StringAcl++;
3045
3046 /* Parse ACE flags */
3047 val = ParseAceStringFlags(&StringAcl);
3048 if (pAce)
3049 pAce->Header.AceFlags = (BYTE) val;
3050 if (*StringAcl != ';')
3051 goto lerr;
3052 StringAcl++;
3053
3054 /* Parse ACE rights */
3055 val = ParseAceStringRights(&StringAcl);
3056 if (pAce)
3057 pAce->Mask = val;
3058 if (*StringAcl != ';')
3059 goto lerr;
3060 StringAcl++;
3061
3062 /* Parse ACE object guid */
3063 if (*StringAcl != ';')
3064 {
3065 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
3066 goto lerr;
3067 }
3068 StringAcl++;
3069
3070 /* Parse ACE inherit object guid */
3071 if (*StringAcl != ';')
3072 {
3073 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
3074 goto lerr;
3075 }
3076 StringAcl++;
3077
3078 /* Parse ACE account sid */
3079 if (ParseStringSidToSid(StringAcl, pAce ? (PSID)&pAce->SidStart : NULL, &sidlen))
3080 {
3081 while (*StringAcl && *StringAcl != ')')
3082 StringAcl++;
3083 }
3084
3085 if (*StringAcl != ')')
3086 goto lerr;
3087 StringAcl++;
3088
3089 length += sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + sidlen;
3090 }
3091
3092 *cBytes = length;
3093 return TRUE;
3094
3095 lerr:
3096 WARN("Invalid ACE string format\n");
3097 return FALSE;
3098 }
3099
3100
3101 /******************************************************************************
3102 * ParseStringSecurityDescriptorToSecurityDescriptor
3103 */
3104 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
3105 LPCWSTR StringSecurityDescriptor,
3106 SECURITY_DESCRIPTOR* SecurityDescriptor,
3107 LPDWORD cBytes)
3108 {
3109 BOOL bret = FALSE;
3110 WCHAR toktype;
3111 WCHAR tok[MAX_PATH];
3112 LPCWSTR lptoken;
3113 LPBYTE lpNext = NULL;
3114 DWORD len;
3115
3116 *cBytes = 0;
3117
3118 if (SecurityDescriptor)
3119 lpNext = ((LPBYTE) SecurityDescriptor) + sizeof(SECURITY_DESCRIPTOR);
3120
3121 while (*StringSecurityDescriptor)
3122 {
3123 toktype = *StringSecurityDescriptor;
3124
3125 /* Expect char identifier followed by ':' */
3126 StringSecurityDescriptor++;
3127 if (*StringSecurityDescriptor != ':')
3128 {
3129 SetLastError(ERROR_INVALID_PARAMETER);
3130 goto lend;
3131 }
3132 StringSecurityDescriptor++;
3133
3134 /* Extract token */
3135 lptoken = StringSecurityDescriptor;
3136 while (*lptoken && *lptoken != ':')
3137 lptoken++;
3138
3139 if (*lptoken)
3140 lptoken--;
3141
3142 len = lptoken - StringSecurityDescriptor;
3143 memcpy( tok, StringSecurityDescriptor, len * sizeof(WCHAR) );
3144 tok[len] = 0;
3145
3146 switch (toktype)
3147 {
3148 case 'O':
3149 {
3150 DWORD bytes;
3151
3152 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
3153 goto lend;
3154
3155 if (SecurityDescriptor)
3156 {
3157 SecurityDescriptor->Owner = (PSID)(lpNext - (LPBYTE)SecurityDescriptor);
3158 lpNext += bytes; /* Advance to next token */
3159 }
3160
3161 *cBytes += bytes;
3162
3163 break;
3164 }
3165
3166 case 'G':
3167 {
3168 DWORD bytes;
3169
3170 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
3171 goto lend;
3172
3173 if (SecurityDescriptor)
3174 {
3175 SecurityDescriptor->Group = (PSID)(lpNext - (LPBYTE)SecurityDescriptor);
3176 lpNext += bytes; /* Advance to next token */
3177 }
3178
3179 *cBytes += bytes;
3180
3181 break;
3182 }
3183
3184 case 'D':
3185 {
3186 DWORD flags;
3187 DWORD bytes;
3188
3189 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
3190 goto lend;
3191
3192 if (SecurityDescriptor)
3193 {
3194 SecurityDescriptor->Control |= SE_DACL_PRESENT | flags;
3195 SecurityDescriptor->Dacl = (PACL)(lpNext - (LPBYTE)SecurityDescriptor);
3196 lpNext += bytes; /* Advance to next token */
3197 }
3198
3199 *cBytes += bytes;
3200
3201 break;
3202 }
3203
3204 case 'S':
3205 {
3206 DWORD flags;
3207 DWORD bytes;
3208
3209 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
3210 goto lend;
3211
3212 if (SecurityDescriptor)
3213 {
3214 SecurityDescriptor->Control |= SE_SACL_PRESENT | flags;
3215 SecurityDescriptor->Sacl = (PACL)(lpNext - (LPBYTE)SecurityDescriptor);
3216 lpNext += bytes; /* Advance to next token */
3217 }
3218
3219 *cBytes += bytes;
3220
3221 break;
3222 }
3223
3224 default:
3225 FIXME("Unknown token\n");
3226 SetLastError(ERROR_INVALID_PARAMETER);
3227 goto lend;
3228 }
3229
3230 StringSecurityDescriptor = lptoken;
3231 }
3232
3233 bret = TRUE;
3234
3235 lend:
3236 return bret;
3237 }
3238
3239 /******************************************************************************
3240 * ConvertStringSecurityDescriptorToSecurityDescriptorA [ADVAPI32.@]
3241 */
3242 BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA(
3243 LPCSTR StringSecurityDescriptor,
3244 DWORD StringSDRevision,
3245 PSECURITY_DESCRIPTOR* SecurityDescriptor,
3246 PULONG SecurityDescriptorSize)
3247 {
3248 UINT len;
3249 BOOL ret = FALSE;
3250 LPWSTR StringSecurityDescriptorW;
3251
3252 len = MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, NULL, 0);
3253 StringSecurityDescriptorW = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
3254
3255 if (StringSecurityDescriptorW)
3256 {
3257 MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, StringSecurityDescriptorW, len);
3258
3259 ret = ConvertStringSecurityDescriptorToSecurityDescriptorW(StringSecurityDescriptorW,
3260 StringSDRevision, SecurityDescriptor,
3261 SecurityDescriptorSize);
3262 HeapFree(GetProcessHeap(), 0, StringSecurityDescriptorW);
3263 }
3264
3265 return ret;
3266 }
3267
3268 /******************************************************************************
3269 * ConvertStringSecurityDescriptorToSecurityDescriptorW [ADVAPI32.@]
3270 */
3271 BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW(
3272 LPCWSTR StringSecurityDescriptor,
3273 DWORD StringSDRevision,
3274 PSECURITY_DESCRIPTOR* SecurityDescriptor,
3275 PULONG SecurityDescriptorSize)
3276 {
3277 DWORD cBytes;
3278 SECURITY_DESCRIPTOR* psd;
3279 BOOL bret = FALSE;
3280
3281 TRACE("%s\n", debugstr_w(StringSecurityDescriptor));
3282
3283 if (GetVersion() & 0x80000000)
3284 {
3285 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
3286 goto lend;
3287 }
3288 else if (StringSDRevision != SID_REVISION)
3289 {
3290 SetLastError(ERROR_UNKNOWN_REVISION);
3291 goto lend;
3292 }
3293
3294 /* Compute security descriptor length */
3295 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
3296 NULL, &cBytes))
3297 goto lend;
3298
3299 psd = *SecurityDescriptor = (SECURITY_DESCRIPTOR*) LocalAlloc(
3300 GMEM_ZEROINIT, cBytes);
3301
3302 psd->Revision = SID_REVISION;
3303 psd->Control |= SE_SELF_RELATIVE;
3304
3305 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
3306 psd, &cBytes))
3307 {
3308 LocalFree(psd);
3309 goto lend;
3310 }
3311
3312 if (SecurityDescriptorSize)
3313 *SecurityDescriptorSize = cBytes;
3314
3315 bret = TRUE;
3316
3317 lend:
3318 TRACE(" ret=%d\n", bret);
3319 return bret;
3320 }
3321
3322 /******************************************************************************
3323 * ConvertStringSidToSidW [ADVAPI32.@]
3324 */
3325 BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID* Sid)
3326 {
3327 BOOL bret = FALSE;
3328 DWORD cBytes;
3329
3330 TRACE("%s, %p\n", debugstr_w(StringSid), Sid);
3331 if (GetVersion() & 0x80000000)
3332 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
3333 else if (!StringSid || !Sid)
3334 SetLastError(ERROR_INVALID_PARAMETER);
3335 else if (ParseStringSidToSid(StringSid, NULL, &cBytes))
3336 {
3337 PSID pSid = *Sid = (PSID) LocalAlloc(0, cBytes);
3338
3339 bret = ParseStringSidToSid(StringSid, pSid, &cBytes);
3340 if (!bret)
3341 LocalFree(*Sid);
3342 }
3343 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
3344 return bret;
3345 }
3346
3347 /******************************************************************************
3348 * ConvertStringSidToSidA [ADVAPI32.@]
3349 */
3350 BOOL WINAPI ConvertStringSidToSidA(LPCSTR StringSid, PSID* Sid)
3351 {
3352 BOOL bret = FALSE;
3353
3354 TRACE("%s, %p\n", debugstr_a(StringSid), Sid);
3355 if (GetVersion() & 0x80000000)
3356 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
3357 else if (!StringSid || !Sid)
3358 SetLastError(ERROR_INVALID_PARAMETER);
3359 else
3360 {
3361 UINT len = MultiByteToWideChar(CP_ACP, 0, StringSid, -1, NULL, 0);
3362 LPWSTR wStringSid = HeapAlloc(GetProcessHeap(), 0,
3363 len * sizeof(WCHAR));
3364
3365 MultiByteToWideChar(CP_ACP, 0, StringSid, -1, wStringSid, len);
3366 bret = ConvertStringSidToSidW(wStringSid, Sid);
3367 HeapFree(GetProcessHeap(), 0, wStringSid);
3368 }
3369 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
3370 return bret;
3371 }
3372
3373 /******************************************************************************
3374 * ConvertSidToStringSidW [ADVAPI32.@]
3375 *
3376 * format of SID string is:
3377 * S-<count>-<auth>-<subauth1>-<subauth2>-<subauth3>...
3378 * where
3379 * <rev> is the revision of the SID encoded as decimal
3380 * <auth> is the identifier authority encoded as hex
3381 * <subauthN> is the subauthority id encoded as decimal
3382 */
3383 BOOL WINAPI ConvertSidToStringSidW( PSID pSid, LPWSTR *pstr )
3384 {
3385 DWORD sz, i;
3386 LPWSTR str;
3387 WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 };
3388 WCHAR subauthfmt[] = { '-','%','u',0 };
3389 SID* pisid=pSid;
3390
3391 TRACE("%p %p\n", pSid, pstr );
3392
3393 if( !IsValidSid( pSid ) )
3394 return FALSE;
3395
3396 if (pisid->Revision != SDDL_REVISION)
3397 return FALSE;
3398 if (pisid->IdentifierAuthority.Value[0] ||
3399 pisid->IdentifierAuthority.Value[1])
3400 {
3401 FIXME("not matching MS' bugs\n");
3402 return FALSE;
3403 }
3404
3405 sz = 14 + pisid->SubAuthorityCount * 11;
3406 str = LocalAlloc( 0, sz*sizeof(WCHAR) );
3407 sprintfW( str, fmt, pisid->Revision, MAKELONG(
3408 MAKEWORD( pisid->IdentifierAuthority.Value[5],
3409 pisid->IdentifierAuthority.Value[4] ),
3410 MAKEWORD( pisid->IdentifierAuthority.Value[3],
3411 pisid->IdentifierAuthority.Value[2] ) ) );
3412 for( i=0; i<pisid->SubAuthorityCount; i++ )
3413 sprintfW( str + strlenW(str), subauthfmt, pisid->SubAuthority[i] );
3414 *pstr = str;
3415
3416 return TRUE;
3417 }
3418
3419 /******************************************************************************
3420 * ConvertSidToStringSidA [ADVAPI32.@]
3421 */
3422 BOOL WINAPI ConvertSidToStringSidA(PSID pSid, LPSTR *pstr)
3423 {
3424 LPWSTR wstr = NULL;
3425 LPSTR str;
3426 UINT len;
3427
3428 TRACE("%p %p\n", pSid, pstr );
3429
3430 if( !ConvertSidToStringSidW( pSid, &wstr ) )
3431 return FALSE;
3432
3433 len = WideCharToMultiByte( CP_ACP, 0, wstr, -1, NULL, 0, NULL, NULL );
3434 str = LocalAlloc( 0, len );
3435 WideCharToMultiByte( CP_ACP, 0, wstr, -1, str, len, NULL, NULL );
3436 LocalFree( wstr );
3437
3438 *pstr = str;
3439
3440 return TRUE;
3441 }
3442
3443 BOOL WINAPI CreatePrivateObjectSecurity(
3444 PSECURITY_DESCRIPTOR ParentDescriptor,
3445 PSECURITY_DESCRIPTOR CreatorDescriptor,
3446 PSECURITY_DESCRIPTOR* NewDescriptor,
3447 BOOL IsDirectoryObject,
3448 HANDLE Token,
3449 PGENERIC_MAPPING GenericMapping )
3450 {
3451 FIXME("%p %p %p %d %p %p - stub\n", ParentDescriptor, CreatorDescriptor,
3452 NewDescriptor, IsDirectoryObject, Token, GenericMapping);
3453
3454 return FALSE;
3455 }
3456
3457 BOOL WINAPI DestroyPrivateObjectSecurity( PSECURITY_DESCRIPTOR* ObjectDescriptor )
3458 {
3459 FIXME("%p - stub\n", ObjectDescriptor);
3460
3461 return TRUE;
3462 }
3463
3464 BOOL WINAPI CreateProcessAsUserA(
3465 HANDLE hToken,
3466 LPCSTR lpApplicationName,
3467 LPSTR lpCommandLine,
3468 LPSECURITY_ATTRIBUTES lpProcessAttributes,
3469 LPSECURITY_ATTRIBUTES lpThreadAttributes,
3470 BOOL bInheritHandles,
3471 DWORD dwCreationFlags,
3472 LPVOID lpEnvironment,
3473 LPCSTR lpCurrentDirectory,
3474 LPSTARTUPINFOA lpStartupInfo,
3475 LPPROCESS_INFORMATION lpProcessInformation )
3476 {
3477 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - stub\n", hToken, debugstr_a(lpApplicationName),
3478 debugstr_a(lpCommandLine), lpProcessAttributes, lpThreadAttributes, bInheritHandles,
3479 dwCreationFlags, lpEnvironment, debugstr_a(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
3480
3481 return FALSE;
3482 }
3483
3484 BOOL WINAPI CreateProcessAsUserW(
3485 HANDLE hToken,
3486 LPCWSTR lpApplicationName,
3487 LPWSTR lpCommandLine,
3488 LPSECURITY_ATTRIBUTES lpProcessAttributes,
3489 LPSECURITY_ATTRIBUTES lpThreadAttributes,
3490 BOOL bInheritHandles,
3491 DWORD dwCreationFlags,
3492 LPVOID lpEnvironment,
3493 LPCWSTR lpCurrentDirectory,
3494 LPSTARTUPINFOW lpStartupInfo,
3495 LPPROCESS_INFORMATION lpProcessInformation )
3496 {
3497 FIXME("%p %s %s %p %p %d 0x%08lx %p %s %p %p - semi- stub\n", hToken,
3498 debugstr_w(lpApplicationName), debugstr_w(lpCommandLine), lpProcessAttributes,
3499 lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment,
3500 debugstr_w(lpCurrentDirectory), lpStartupInfo, lpProcessInformation);
3501
3502 /* We should create the process with a suspended main thread */
3503 if (!CreateProcessW (lpApplicationName,
3504 lpCommandLine,
3505 lpProcessAttributes,
3506 lpThreadAttributes,
3507 bInheritHandles,
3508 dwCreationFlags, /* CREATE_SUSPENDED */
3509 lpEnvironment,
3510 lpCurrentDirectory,
3511 lpStartupInfo,
3512 lpProcessInformation))
3513 {
3514 return FALSE;
3515 }
3516
3517 return TRUE;
3518 }
3519
3520 BOOL WINAPI DuplicateTokenEx(
3521 HANDLE ExistingTokenHandle, DWORD dwDesiredAccess,
3522 LPSECURITY_ATTRIBUTES lpTokenAttributes,
3523 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3524 TOKEN_TYPE TokenType,
3525 PHANDLE DuplicateTokenHandle )
3526 {
3527 OBJECT_ATTRIBUTES ObjectAttributes;
3528
3529 TRACE("%p 0x%08lx 0x%08x 0x%08x %p\n", ExistingTokenHandle, dwDesiredAccess,
3530 ImpersonationLevel, TokenType, DuplicateTokenHandle);
3531
3532 InitializeObjectAttributes(
3533 &ObjectAttributes,
3534 NULL,
3535 (lpTokenAttributes && lpTokenAttributes->bInheritHandle) ? OBJ_INHERIT : 0,
3536 NULL,
3537 lpTokenAttributes ? lpTokenAttributes->lpSecurityDescriptor : NULL );
3538
3539 return set_ntstatus( NtDuplicateToken( ExistingTokenHandle,
3540 dwDesiredAccess,
3541 &ObjectAttributes,
3542 ImpersonationLevel,
3543 TokenType,
3544 DuplicateTokenHandle ) );
3545 }
3546
3547 BOOL WINAPI DuplicateToken(
3548 HANDLE ExistingTokenHandle,
3549 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3550 PHANDLE DuplicateTokenHandle )
3551 {
3552 return DuplicateTokenEx( ExistingTokenHandle, TOKEN_IMPERSONATE | TOKEN_QUERY,
3553 NULL, ImpersonationLevel, TokenImpersonation,
3554 DuplicateTokenHandle );
3555 }
3556
3557 BOOL WINAPI EnumDependentServicesA(
3558 SC_HANDLE hService,
3559 DWORD dwServiceState,
3560 LPENUM_SERVICE_STATUSA lpServices,
3561 DWORD cbBufSize,
3562 LPDWORD pcbBytesNeeded,
3563 LPDWORD lpServicesReturned )
3564 {
3565 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService, dwServiceState,
3566 lpServices, cbBufSize, pcbBytesNeeded, lpServicesReturned);
3567
3568 return FALSE;
3569 }
3570
3571 BOOL WINAPI EnumDependentServicesW(
3572 SC_HANDLE hService,
3573 DWORD dwServiceState,
3574 LPENUM_SERVICE_STATUSW lpServices,
3575 DWORD cbBufSize,
3576 LPDWORD pcbBytesNeeded,
3577 LPDWORD lpServicesReturned )
3578 {
3579 FIXME("%p 0x%08lx %p 0x%08lx %p %p - stub\n", hService, dwServiceState,
3580 lpServices, cbBufSize, pcbBytesNeeded, lpServicesReturned);
3581
3582 return FALSE;
3583 }
3584
3585 /******************************************************************************
3586 * ComputeStringSidSize
3587 */
3588 static DWORD ComputeStringSidSize(LPCWSTR StringSid)
3589 {
3590 DWORD size = sizeof(SID);
3591
3592 if (StringSid[0] == 'S' && StringSid[1] == '-') /* S-R-I-S-S */
3593 {
3594 int ctok = 0;
3595 while (*StringSid)
3596 {
3597 if (*StringSid == '-')
3598 ctok++;
3599 StringSid++;
3600 }
3601
3602 if (ctok > 3)
3603 size += (ctok - 3) * sizeof(DWORD);
3604 }
3605 else /* String constant format - Only available in winxp and above */
3606 {
3607 int i;
3608
3609 for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++)
3610 if (!strncmpW(WellKnownSids[i].wstr, StringSid, 2))
3611 size += (WellKnownSids[i].Sid.SubAuthorityCount - 1) * sizeof(DWORD);
3612 }
3613
3614 return size;
3615 }
3616
3617 /******************************************************************************
3618 * ParseStringSidToSid
3619 */
3620 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
3621 {
3622 BOOL bret = FALSE;
3623 SID* pisid=pSid;
3624
3625 TRACE("%s, %p, %p\n", debugstr_w(StringSid), pSid, cBytes);
3626 if (!StringSid)
3627 {
3628 SetLastError(ERROR_INVALID_PARAMETER);
3629 TRACE("StringSid is NULL, returning FALSE\n");
3630 return FALSE;
3631 }
3632
3633 *cBytes = ComputeStringSidSize(StringSid);
3634 if (!pisid) /* Simply compute the size */
3635 {
3636 TRACE("only size requested, returning TRUE\n");
3637 return TRUE;
3638 }
3639
3640 if (StringSid[0] == 'S' && StringSid[1] == '-') /* S-R-I-S-S */
3641 {
3642 DWORD i = 0, identAuth;
3643 DWORD csubauth = ((*cBytes - sizeof(SID)) / sizeof(DWORD)) + 1;
3644
3645 StringSid += 2; /* Advance to Revision */
3646 pisid->Revision = atoiW(StringSid);
3647
3648 if (pisid->Revision != SDDL_REVISION)
3649 {
3650 TRACE("Revision %d is unknown\n", pisid->Revision);
3651 goto lend; /* ERROR_INVALID_SID */
3652 }
3653 if (csubauth == 0)
3654 {
3655 TRACE("SubAuthorityCount is 0\n");
3656 goto lend; /* ERROR_INVALID_SID */
3657 }
3658
3659 pisid->SubAuthorityCount = csubauth;
3660
3661 /* Advance to identifier authority */
3662 while (*StringSid && *StringSid != '-')
3663 StringSid++;
3664 if (*StringSid == '-')
3665 StringSid++;
3666
3667 /* MS' implementation can't handle values greater than 2^32 - 1, so
3668 * we don't either; assume most significant bytes are always 0
3669 */
3670 pisid->IdentifierAuthority.Value[0] = 0;
3671 pisid->IdentifierAuthority.Value[1] = 0;
3672 identAuth = atoiW(StringSid);
3673 pisid->IdentifierAuthority.Value[5] = identAuth & 0xff;
3674 pisid->IdentifierAuthority.Value[4] = (identAuth & 0xff00) >> 8;
3675 pisid->IdentifierAuthority.Value[3] = (identAuth & 0xff0000) >> 16;
3676 pisid->IdentifierAuthority.Value[2] = (identAuth & 0xff000000) >> 24;
3677
3678 /* Advance to first sub authority */
3679 while (*StringSid && *StringSid != '-')
3680 StringSid++;
3681 if (*StringSid == '-')
3682 StringSid++;
3683
3684 while (*StringSid)
3685 {
3686 while (*StringSid && *StringSid != '-')
3687 StringSid++;
3688 if (*StringSid == '-')
3689 StringSid++;
3690
3691 pisid->SubAuthority[i++] = atoiW(StringSid);
3692 }
3693
3694 if (i != pisid->SubAuthorityCount)
3695 goto lend; /* ERROR_INVALID_SID */
3696
3697 bret = TRUE;
3698 }
3699 else /* String constant format - Only available in winxp and above */
3700 {
3701 int i;
3702 pisid->Revision = SDDL_REVISION;
3703
3704 for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++)
3705 if (!strncmpW(WellKnownSids[i].wstr, StringSid, 2))
3706 {
3707 DWORD j;
3708 pisid->SubAuthorityCount = WellKnownSids[i].Sid.SubAuthorityCount;
3709 pisid->IdentifierAuthority = WellKnownSids[i].Sid.IdentifierAuthority;
3710 for (j = 0; j < WellKnownSids[i].Sid.SubAuthorityCount; j++)
3711 pisid->SubAuthority[j] = WellKnownSids[i].Sid.SubAuthority[j];
3712 bret = TRUE;
3713 }
3714
3715 if (!bret)
3716 FIXME("String constant not supported: %s\n", debugstr_wn(StringSid, 2));
3717 }
3718
3719 lend:
3720 if (!bret)
3721 SetLastError(ERROR_INVALID_SID);
3722
3723 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
3724 return bret;
3725 }
3726
3727 /******************************************************************************
3728 * GetNamedSecurityInfoA [ADVAPI32.@]
3729 */
3730 DWORD WINAPI GetNamedSecurityInfoA(LPSTR pObjectName,
3731 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
3732 PSID* ppsidOwner, PSID* ppsidGroup, PACL* ppDacl, PACL* ppSacl,
3733 PSECURITY_DESCRIPTOR* ppSecurityDescriptor)
3734 {
3735 DWORD len;
3736 LPWSTR wstr = NULL;
3737 DWORD r;
3738
3739 TRACE("%s %d %ld %p %p %p %p %p\n", pObjectName, ObjectType, SecurityInfo,
3740 ppsidOwner, ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor);
3741
3742 if( pObjectName )
3743 {
3744 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
3745 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
3746 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
3747 }
3748
3749 r = GetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, ppsidOwner,
3750 ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor );
3751
3752 HeapFree( GetProcessHeap(), 0, wstr );
3753
3754 return r;
3755 }
3756
3757 /******************************************************************************
3758 * GetNamedSecurityInfoW [ADVAPI32.@]
3759 */
3760 DWORD WINAPI GetNamedSecurityInfoW( LPWSTR name, SE_OBJECT_TYPE type,
3761 SECURITY_INFORMATION info, PSID* owner, PSID* group, PACL* dacl,
3762 PACL* sacl, PSECURITY_DESCRIPTOR* descriptor )
3763 {
3764 DWORD needed, offset;
3765 SECURITY_DESCRIPTOR_RELATIVE *relative;
3766 BYTE *buffer;
3767
3768 TRACE( "%s %d %ld %p %p %p %p %p\n", debugstr_w(name), type, info, owner,
3769 group, dacl, sacl, descriptor );
3770
3771 if (!name || !descriptor) return ERROR_INVALID_PARAMETER;
3772
3773 needed = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
3774 if (info & OWNER_SECURITY_INFORMATION)
3775 needed += sizeof(sidWorld);
3776 if (info & GROUP_SECURITY_INFORMATION)
3777 needed += sizeof(sidWorld);
3778 if (info & DACL_SECURITY_INFORMATION)
3779 needed += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3780 if (info & SACL_SECURITY_INFORMATION)
3781 needed += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3782
3783 /* must be freed by caller */
3784 *descriptor = HeapAlloc( GetProcessHeap(), 0, needed );
3785 if (!*descriptor) return ERROR_NOT_ENOUGH_MEMORY;
3786
3787 if (!InitializeSecurityDescriptor( *descriptor, SECURITY_DESCRIPTOR_REVISION ))
3788 {
3789 HeapFree( GetProcessHeap(), 0, *descriptor );
3790 return ERROR_INVALID_SECURITY_DESCR;
3791 }
3792
3793 relative = (SECURITY_DESCRIPTOR_RELATIVE *)*descriptor;
3794 relative->Control |= SE_SELF_RELATIVE;
3795 buffer = (BYTE *)relative;
3796 offset = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
3797
3798 if (owner && (info & OWNER_SECURITY_INFORMATION))
3799 {
3800 memcpy( buffer + offset, &sidWorld, sizeof(sidWorld) );
3801 relative->Owner = offset;
3802 *owner = buffer + offset;
3803 offset += sizeof(sidWorld);
3804 }
3805 if (group && (info & GROUP_SECURITY_INFORMATION))
3806 {
3807 memcpy( buffer + offset, &sidWorld, sizeof(sidWorld) );
3808 relative->Group = offset;
3809 *group = buffer + offset;
3810 offset += sizeof(sidWorld);
3811 }
3812 if (dacl && (info & DACL_SECURITY_INFORMATION))
3813 {
3814 GetWorldAccessACL( (PACL)(buffer + offset) );
3815 relative->Dacl = offset;
3816 *dacl = (PACL)(buffer + offset);
3817 offset += WINE_SIZE_OF_WORLD_ACCESS_ACL;
3818 }
3819 if (sacl && (info & SACL_SECURITY_INFORMATION))
3820 {
3821 GetWorldAccessACL( (PACL)(buffer + offset) );
3822 relative->Sacl = offset;
3823 *sacl = (PACL)(buffer + offset);
3824 }
3825 return ERROR_SUCCESS;
3826 }
3827
3828 /******************************************************************************
3829 * DecryptFileW [ADVAPI32.@]
3830 */
3831 BOOL WINAPI DecryptFileW(LPCWSTR lpFileName, DWORD dwReserved)
3832 {
3833 FIXME("%s %08lx\n", debugstr_w(lpFileName), dwReserved);
3834 return TRUE;
3835 }
3836
3837 /******************************************************************************
3838 * DecryptFileA [ADVAPI32.@]
3839 */
3840 BOOL WINAPI DecryptFileA(LPCSTR lpFileName, DWORD dwReserved)
3841 {
3842 FIXME("%s %08lx\n", debugstr_a(lpFileName), dwReserved);
3843 return TRUE;
3844 }
3845
3846 /******************************************************************************
3847 * EncryptFileW [ADVAPI32.@]
3848 */
3849 BOOL WINAPI EncryptFileW(LPCWSTR lpFileName)
3850 {
3851 FIXME("%s\n", debugstr_w(lpFileName));
3852 return TRUE;
3853 }
3854
3855 /******************************************************************************
3856 * EncryptFileA [ADVAPI32.@]
3857 */
3858 BOOL WINAPI EncryptFileA(LPCSTR lpFileName)
3859 {
3860 FIXME("%s\n", debugstr_a(lpFileName));
3861 return TRUE;
3862 }
3863
3864 /******************************************************************************
3865 * FileEncryptionStatusW [ADVAPI32.@]
3866 */
3867 BOOL WINAPI FileEncryptionStatusW(LPCWSTR lpFileName, LPDWORD lpStatus)
3868 {
3869 FIXME("(%s %p): stub\n", debugstr_w(lpFileName), lpStatus);
3870 if (!lpStatus)
3871 return FALSE;
3872 *lpStatus = FILE_SYSTEM_NOT_SUPPORT;
3873 return TRUE;
3874 }
3875
3876 /******************************************************************************
3877 * FileEncryptionStatusA [ADVAPI32.@]
3878 */
3879 BOOL WINAPI FileEncryptionStatusA(LPCSTR lpFileName, LPDWORD lpStatus)
3880 {
3881 FIXME("(%s %p): stub\n", debugstr_a(lpFileName), lpStatus);
3882 if (!lpStatus)
3883 return FALSE;
3884 *lpStatus = FILE_SYSTEM_NOT_SUPPORT;
3885 return TRUE;
3886 }
3887
3888 /******************************************************************************
3889 * SetSecurityInfo [ADVAPI32.@]
3890 */
3891 DWORD WINAPI SetSecurityInfo(HANDLE handle, SE_OBJECT_TYPE ObjectType,
3892 SECURITY_INFORMATION SecurityInfo, PSID psidOwner,
3893 PSID psidGroup, PACL pDacl, PACL pSacl) {
3894 FIXME("stub\n");
3895 return ERROR_SUCCESS;
3896 }
quartzdrv for OS X