ReactOS Fundraising Campaign 2012
 
€ 4,410 / € 30,000

Information | Donate

Home | Info | Community | Development | myReactOS | Contact Us

Navigation
  1. Home
  2. Community
  3. Development
  4. myReactOS
  5. Fundraiser 2012

Doxygen
  1. Main Page
  2. Alphabetical List
  3. Data Structures
  4. Directories
  5. File List
  6. Data Fields
  7. Globals
  8. Related Pages

Search

ReactOS Development > Doxygen

security.c
Go to the documentation of this file.
00001 /*
00002  * COPYRIGHT:         See COPYING in the top level directory
00003  * PROJECT:           ReactOS system libraries
00004  * FILE:              lib/rtl/security.c
00005  * PURPOSE:           Security related functions and Security Objects
00006  * PROGRAMMER:        Eric Kohl
00007  */
00008 
00009 /* INCLUDES *****************************************************************/
00010 
00011 #include <rtl.h>
00012 
00013 #define NDEBUG
00014 #include <debug.h>
00015 
00016 /* FUNCTIONS ***************************************************************/
00017 
00018 /*
00019  * @implemented
00020  */
00021 NTSTATUS NTAPI
00022 RtlImpersonateSelf(IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
00023 {
00024    HANDLE ProcessToken;
00025    HANDLE ImpersonationToken;
00026    NTSTATUS Status;
00027    OBJECT_ATTRIBUTES ObjAttr;
00028    SECURITY_QUALITY_OF_SERVICE Sqos;
00029 
00030    PAGED_CODE_RTL();
00031 
00032    Status = ZwOpenProcessToken(NtCurrentProcess(),
00033                                TOKEN_DUPLICATE,
00034                                &ProcessToken);
00035    if (!NT_SUCCESS(Status))
00036    {
00037       DPRINT1("NtOpenProcessToken() failed (Status %lx)\n", Status);
00038       return(Status);
00039    }
00040 
00041    Sqos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
00042    Sqos.ImpersonationLevel = ImpersonationLevel;
00043    Sqos.ContextTrackingMode = 0;
00044    Sqos.EffectiveOnly = FALSE;
00045 
00046    InitializeObjectAttributes(
00047       &ObjAttr,
00048       NULL,
00049       0,
00050       NULL,
00051       NULL
00052       );
00053 
00054    ObjAttr.SecurityQualityOfService = &Sqos;
00055 
00056    Status = ZwDuplicateToken(ProcessToken,
00057                              TOKEN_IMPERSONATE,
00058                              &ObjAttr,
00059                              Sqos.EffectiveOnly, /* why both here _and_ in Sqos? */
00060                              TokenImpersonation,
00061                              &ImpersonationToken);
00062    if (!NT_SUCCESS(Status))
00063    {
00064       DPRINT1("NtDuplicateToken() failed (Status %lx)\n", Status);
00065       NtClose(ProcessToken);
00066       return(Status);
00067    }
00068 
00069    Status = ZwSetInformationThread(NtCurrentThread(),
00070                                    ThreadImpersonationToken,
00071                                    &ImpersonationToken,
00072                                    sizeof(HANDLE));
00073    if (!NT_SUCCESS(Status))
00074    {
00075      DPRINT1("NtSetInformationThread() failed (Status %lx)\n", Status);
00076    }
00077 
00078    ZwClose(ImpersonationToken);
00079    ZwClose(ProcessToken);
00080 
00081    return(Status);
00082 }
00083 
00084 /*
00085  * @unimplemented
00086  */
00087 NTSTATUS
00088 NTAPI
00089 RtlAcquirePrivilege(IN PULONG Privilege,
00090                     IN ULONG NumPriv,
00091                     IN ULONG Flags,
00092                     OUT PVOID *ReturnedState)
00093 {
00094     UNIMPLEMENTED;
00095     return STATUS_NOT_IMPLEMENTED;
00096 }
00097 
00098 /*
00099  * @unimplemented
00100  */
00101 VOID
00102 NTAPI
00103 RtlReleasePrivilege(IN PVOID ReturnedState)
00104 {
00105     UNIMPLEMENTED;
00106 }
00107 
00108 /*
00109  * @implemented
00110  */
00111 NTSTATUS NTAPI
00112 RtlAdjustPrivilege(IN ULONG Privilege,
00113                    IN BOOLEAN Enable,
00114                    IN BOOLEAN CurrentThread,
00115                    OUT PBOOLEAN Enabled)
00116 {
00117    TOKEN_PRIVILEGES NewState;
00118    TOKEN_PRIVILEGES OldState;
00119    ULONG ReturnLength;
00120    HANDLE TokenHandle;
00121    NTSTATUS Status;
00122 
00123    PAGED_CODE_RTL();
00124 
00125    DPRINT ("RtlAdjustPrivilege() called\n");
00126 
00127    if (CurrentThread)
00128    {
00129       Status = ZwOpenThreadToken (NtCurrentThread (),
00130                                   TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
00131                                   FALSE,
00132                                   &TokenHandle);
00133    }
00134    else
00135    {
00136       Status = ZwOpenProcessToken (NtCurrentProcess (),
00137                                    TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
00138                                    &TokenHandle);
00139    }
00140 
00141    if (!NT_SUCCESS (Status))
00142    {
00143       DPRINT1 ("Retrieving token handle failed (Status %lx)\n", Status);
00144       return Status;
00145    }
00146 
00147    OldState.PrivilegeCount = 1;
00148 
00149    NewState.PrivilegeCount = 1;
00150    NewState.Privileges[0].Luid.LowPart = Privilege;
00151    NewState.Privileges[0].Luid.HighPart = 0;
00152    NewState.Privileges[0].Attributes = (Enable) ? SE_PRIVILEGE_ENABLED : 0;
00153 
00154    Status = ZwAdjustPrivilegesToken (TokenHandle,
00155                                      FALSE,
00156                                      &NewState,
00157                                      sizeof(TOKEN_PRIVILEGES),
00158                                      &OldState,
00159                                      &ReturnLength);
00160    ZwClose (TokenHandle);
00161    if (Status == STATUS_NOT_ALL_ASSIGNED)
00162    {
00163       DPRINT1 ("Failed to assign all privileges\n");
00164       return STATUS_PRIVILEGE_NOT_HELD;
00165    }
00166    if (!NT_SUCCESS(Status))
00167    {
00168       DPRINT1 ("NtAdjustPrivilegesToken() failed (Status %lx)\n", Status);
00169       return Status;
00170    }
00171 
00172    if (OldState.PrivilegeCount == 0)
00173    {
00174       *Enabled = Enable;
00175    }
00176    else
00177    {
00178       *Enabled = (OldState.Privileges[0].Attributes & SE_PRIVILEGE_ENABLED);
00179    }
00180 
00181    DPRINT ("RtlAdjustPrivilege() done\n");
00182 
00183    return STATUS_SUCCESS;
00184 }
00185 
00186 /*
00187  * @implemented
00188  */
00189 NTSTATUS
00190 NTAPI
00191 RtlDeleteSecurityObject(IN PSECURITY_DESCRIPTOR *ObjectDescriptor)
00192 {
00193     DPRINT("RtlDeleteSecurityObject(%p)\n", ObjectDescriptor);
00194 
00195     RtlFreeHeap(RtlGetProcessHeap(),
00196                 0,
00197                 *ObjectDescriptor);
00198 
00199     return STATUS_SUCCESS;
00200 }
00201 
00202 
00203 /*
00204  * @unimplemented
00205  */
00206 NTSTATUS
00207 NTAPI
00208 RtlNewSecurityObject(IN PSECURITY_DESCRIPTOR ParentDescriptor,
00209                      IN PSECURITY_DESCRIPTOR CreatorDescriptor,
00210                      OUT PSECURITY_DESCRIPTOR *NewDescriptor,
00211                      IN BOOLEAN IsDirectoryObject,
00212                      IN HANDLE Token,
00213                      IN PGENERIC_MAPPING GenericMapping)
00214 {
00215     UNIMPLEMENTED;
00216     return STATUS_NOT_IMPLEMENTED;
00217 }
00218 
00219 
00220 /*
00221  * @unimplemented
00222  */
00223 NTSTATUS
00224 NTAPI
00225 RtlQuerySecurityObject(IN PSECURITY_DESCRIPTOR ObjectDescriptor,
00226                        IN SECURITY_INFORMATION SecurityInformation,
00227                        OUT PSECURITY_DESCRIPTOR ResultantDescriptor,
00228                        IN ULONG DescriptorLength,
00229                        OUT PULONG ReturnLength)
00230 {
00231     NTSTATUS Status;
00232     SECURITY_DESCRIPTOR desc;
00233     BOOLEAN defaulted, present;
00234     PACL pacl;
00235     PSID psid;
00236 
00237     Status = RtlCreateSecurityDescriptor(&desc, SECURITY_DESCRIPTOR_REVISION);
00238     if (!NT_SUCCESS(Status)) return Status;
00239 
00240     if (SecurityInformation & OWNER_SECURITY_INFORMATION)
00241     {
00242         Status = RtlGetOwnerSecurityDescriptor(ObjectDescriptor, &psid, &defaulted);
00243         if (!NT_SUCCESS(Status)) return Status;
00244         Status = RtlSetOwnerSecurityDescriptor(&desc, psid, defaulted);
00245         if (!NT_SUCCESS(Status)) return Status;
00246     }
00247 
00248     if (SecurityInformation & GROUP_SECURITY_INFORMATION)
00249     {
00250         Status = RtlGetGroupSecurityDescriptor(ObjectDescriptor, &psid, &defaulted);
00251         if (!NT_SUCCESS(Status)) return Status;
00252         Status = RtlSetGroupSecurityDescriptor(&desc, psid, defaulted);
00253         if (!NT_SUCCESS(Status)) return Status;
00254     }
00255 
00256     if (SecurityInformation & DACL_SECURITY_INFORMATION)
00257     {
00258         Status = RtlGetDaclSecurityDescriptor(ObjectDescriptor, &present, &pacl, &defaulted);
00259         if (!NT_SUCCESS(Status)) return Status;
00260         Status = RtlSetDaclSecurityDescriptor(&desc, present, pacl, defaulted);
00261         if (!NT_SUCCESS(Status)) return Status;
00262     }
00263 
00264     if (SecurityInformation & SACL_SECURITY_INFORMATION)
00265     {
00266         Status = RtlGetSaclSecurityDescriptor(ObjectDescriptor, &present, &pacl, &defaulted);
00267         if (!NT_SUCCESS(Status)) return Status;
00268         Status = RtlSetSaclSecurityDescriptor(&desc, present, pacl, defaulted);
00269         if (!NT_SUCCESS(Status)) return Status;
00270     }
00271 
00272     *ReturnLength = DescriptorLength;
00273     return RtlAbsoluteToSelfRelativeSD(&desc, ResultantDescriptor, ReturnLength);
00274 }
00275 
00276 
00277 /*
00278  * @unimplemented
00279  */
00280 NTSTATUS
00281 NTAPI
00282 RtlSetSecurityObject(IN SECURITY_INFORMATION SecurityInformation,
00283                      IN PSECURITY_DESCRIPTOR ModificationDescriptor,
00284                      OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
00285                      IN PGENERIC_MAPPING GenericMapping,
00286                      IN HANDLE Token)
00287 {
00288     UNIMPLEMENTED;
00289     return STATUS_NOT_IMPLEMENTED;
00290 }
00291 
00292 /*
00293  * @unimplemented
00294  */
00295 NTSTATUS
00296 NTAPI
00297 RtlRegisterSecureMemoryCacheCallback(IN PRTL_SECURE_MEMORY_CACHE_CALLBACK Callback)
00298 {
00299     UNIMPLEMENTED;
00300     return STATUS_NOT_IMPLEMENTED;
00301 }
00302 
00303 /*
00304  * @unimplemented
00305  */
00306 BOOLEAN
00307 NTAPI
00308 RtlFlushSecureMemoryCache(IN PVOID MemoryCache,
00309                           IN OPTIONAL SIZE_T MemoryLength)
00310 {
00311     UNIMPLEMENTED;
00312     return FALSE;
00313 }
Generated on Sun May 27 2012 04:17:42 for ReactOS by doxygen 1.7.6.1
ReactOS is a registered trademark or a trademark of ReactOS Foundation in the United States and other countries.