ReactOS 0.4.15-dev-7934-g1dc8d80
Macros | Functions | Variables
misc.c File Reference
#include <advapi32.h>
Include dependency graph for misc.c:

Go to the source code of this file.

Macros

#define FindNtMartaProc(Name)
 

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (advapi)
 
static DWORD LoadAndInitializeNtMarta (VOID)
 
DWORD CheckNtMartaPresent (VOID)
 
VOID UnloadNtMarta (VOID)
 
BOOL WINAPI ImpersonateAnonymousToken (IN HANDLE ThreadHandle)
 
BOOL WINAPI ImpersonateLoggedOnUser (HANDLE hToken)
 
BOOL WINAPI GetUserNameA (LPSTR lpszName, LPDWORD lpSize)
 
BOOL WINAPI GetUserNameW (LPWSTR lpszName, LPDWORD lpSize)
 
BOOL WINAPI LookupAccountSidA (LPCSTR lpSystemName, PSID lpSid, LPSTR lpName, LPDWORD cchName, LPSTR lpReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse)
 
BOOL WINAPI LookupAccountSidW (LPCWSTR pSystemName, PSID pSid, LPWSTR pAccountName, LPDWORD pdwAccountName, LPWSTR pDomainName, LPDWORD pdwDomainName, PSID_NAME_USE peUse)
 
BOOL WINAPI LookupAccountNameW (LPCWSTR lpSystemName, LPCWSTR lpAccountName, PSID Sid, LPDWORD cbSid, LPWSTR ReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse)
 
BOOL WINAPI LookupPrivilegeValueA (LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid)
 
BOOL WINAPI LookupPrivilegeValueW (LPCWSTR lpSystemName, LPCWSTR lpPrivilegeName, PLUID lpLuid)
 
BOOL WINAPI LookupPrivilegeNameW (LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName, LPDWORD cchName)
 
BOOL WINAPI LookupPrivilegeDisplayNameW (LPCWSTR lpSystemName, LPCWSTR lpName, LPWSTR lpDisplayName, LPDWORD cchDisplayName, LPDWORD lpLanguageId)
 
static DWORD pGetSecurityInfoCheck (SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
 
static DWORD pSetSecurityInfoCheck (PSECURITY_DESCRIPTOR pSecurityDescriptor, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
 
DWORD WINAPI GetNamedSecurityInfoW (LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
 
DWORD WINAPI SetNamedSecurityInfoW (LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
 
DWORD WINAPI GetSecurityInfo (HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
 
DWORD WINAPI SetSecurityInfo (HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
 
BOOL WINAPI CreatePrivateObjectSecurity (PSECURITY_DESCRIPTOR ParentDescriptor, PSECURITY_DESCRIPTOR CreatorDescriptor, PSECURITY_DESCRIPTOR *NewDescriptor, BOOL IsDirectoryObject, HANDLE Token, PGENERIC_MAPPING GenericMapping)
 
BOOL WINAPI CreatePrivateObjectSecurityEx (PSECURITY_DESCRIPTOR ParentDescriptor, PSECURITY_DESCRIPTOR CreatorDescriptor, PSECURITY_DESCRIPTOR *NewDescriptor, GUID *ObjectType, BOOL IsContainerObject, ULONG AutoInheritFlags, HANDLE Token, PGENERIC_MAPPING GenericMapping)
 
BOOL WINAPI CreatePrivateObjectSecurityWithMultipleInheritance (PSECURITY_DESCRIPTOR ParentDescriptor, PSECURITY_DESCRIPTOR CreatorDescriptor, PSECURITY_DESCRIPTOR *NewDescriptor, GUID **ObjectTypes, ULONG GuidCount, BOOL IsContainerObject, ULONG AutoInheritFlags, HANDLE Token, PGENERIC_MAPPING GenericMapping)
 
BOOL WINAPI DestroyPrivateObjectSecurity (PSECURITY_DESCRIPTOR *ObjectDescriptor)
 
BOOL WINAPI GetPrivateObjectSecurity (IN PSECURITY_DESCRIPTOR ObjectDescriptor, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR ResultantDescriptor OPTIONAL, IN DWORD DescriptorLength, OUT PDWORD ReturnLength)
 
BOOL WINAPI SetPrivateObjectSecurity (SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR ModificationDescriptor, PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, PGENERIC_MAPPING GenericMapping, HANDLE Token)
 
DWORD WINAPI TreeResetNamedSecurityInfoW (LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID pOwner, PSID pGroup, PACL pDacl, PACL pSacl, BOOL KeepExplicit, FN_PROGRESSW fnProgress, PROG_INVOKE_SETTING ProgressInvokeSetting, PVOID Args)
 
DWORD WINAPI TreeResetNamedSecurityInfoA (LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID pOwner, PSID pGroup, PACL pDacl, PACL pSacl, BOOL KeepExplicit, FN_PROGRESSA fnProgress, PROG_INVOKE_SETTING ProgressInvokeSetting, PVOID Args)
 

Variables

NTMARTA NtMartaStatic = { 0 }
 
static PNTMARTA NtMarta = NULL
 

Macro Definition Documentation

◆ FindNtMartaProc

#define FindNtMartaProc (   Name)
Value:
NtMartaStatic.Name = (PVOID)GetProcAddress(NtMartaStatic.hDllInstance, \
"Acc" # Name ); \
if (NtMartaStatic.Name == NULL) \
{ \
return GetLastError(); \
}
NULL
#define NULL
Definition: types.h:112
NtMartaStatic
NTMARTA NtMartaStatic
Definition: misc.c:19
GetProcAddress
#define GetProcAddress(x, y)
Definition: compat.h:753
NameRec_
Definition: apinames.c:49
_NTMARTA::hDllInstance
HINSTANCE hDllInstance
Definition: advapi32.h:78
PVOID
void * PVOID
Definition: typedefs.h:50
GetLastError
DWORD WINAPI GetLastError(void)
Definition: except.c:1042

Definition at line 22 of file misc.c.

Function Documentation

◆ CheckNtMartaPresent()

DWORD CheckNtMartaPresent ( VOID  )

Definition at line 74 of file misc.c.

75{
76 DWORD ErrorCode;
77
78 if (InterlockedCompareExchangePointer((PVOID)&NtMarta,
79 NULL,
80 NULL) == NULL)
81 {
82 /* we're the first one trying to use ntmarta, initialize it and change
83 the pointer after initialization */
84 ErrorCode = LoadAndInitializeNtMarta();
85
86 if (ErrorCode == ERROR_SUCCESS)
87 {
88 /* try change the NtMarta pointer */
89 if (InterlockedCompareExchangePointer((PVOID)&NtMarta,
90 &NtMartaStatic,
91 NULL) != NULL)
92 {
93 /* another thread initialized ntmarta in the meanwhile, release
94 the reference of the dll loaded. */
95 FreeLibrary(NtMartaStatic.hDllInstance);
96 }
97 }
98#if DBG
99 else
100 {
101 ERR("Failed to initialize ntmarta.dll! Error: 0x%x\n", ErrorCode);
102 }
103#endif
104 }
105 else
106 {
107 /* ntmarta was already initialized */
108 ErrorCode = ERROR_SUCCESS;
109 }
110
111 return ErrorCode;
112}
ERR
#define ERR(fmt,...)
Definition: debug.h:110
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
LoadAndInitializeNtMarta
static DWORD LoadAndInitializeNtMarta(VOID)
Definition: misc.c:32
NtMarta
static PNTMARTA NtMarta
Definition: misc.c:20
FreeLibrary
#define FreeLibrary(x)
Definition: compat.h:748
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
InterlockedCompareExchangePointer
#define InterlockedCompareExchangePointer
Definition: interlocked.h:129
ErrorCode
_In_ NDIS_ERROR_CODE ErrorCode
Definition: ndis.h:4436

Referenced by FreeInheritedFromArray(), GetExplicitEntriesFromAclW(), GetInheritanceSourceW(), GetNamedSecurityInfoW(), GetSecurityInfo(), SetEntriesInAclW(), SetNamedSecurityInfoW(), SetSecurityInfo(), and TreeResetNamedSecurityInfoW().

◆ CreatePrivateObjectSecurity()

BOOL WINAPI CreatePrivateObjectSecurity ( PSECURITY_DESCRIPTOR  ParentDescriptor,
PSECURITY_DESCRIPTOR  CreatorDescriptor,
PSECURITY_DESCRIPTOR NewDescriptor,
BOOL  IsDirectoryObject,
HANDLE  Token,
PGENERIC_MAPPING  GenericMapping 
)

Definition at line 1340 of file misc.c.

1346{
1347 NTSTATUS Status;
1348
1349 Status = RtlNewSecurityObject(ParentDescriptor,
1350 CreatorDescriptor,
1351 NewDescriptor,
1352 IsDirectoryObject,
1353 Token,
1354 GenericMapping);
1355 if (!NT_SUCCESS(Status))
1356 {
1357 SetLastError(RtlNtStatusToDosError(Status));
1358 return FALSE;
1359 }
1360
1361 return TRUE;
1362}
GenericMapping
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:752
Status
Status
Definition: gdiplustypes.h:25
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
RtlNewSecurityObject
NTSYSAPI NTSTATUS NTAPI RtlNewSecurityObject(_In_ PSECURITY_DESCRIPTOR ParentDescriptor, _In_ PSECURITY_DESCRIPTOR CreatorDescriptor, _Out_ PSECURITY_DESCRIPTOR *NewDescriptor, _In_ BOOLEAN IsDirectoryObject, _In_ HANDLE Token, _In_ PGENERIC_MAPPING GenericMapping)
IsDirectoryObject
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN IsDirectoryObject
Definition: sefuncs.h:31
NewDescriptor
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR * NewDescriptor
Definition: sefuncs.h:30

Referenced by CreatePrivateObjectSecurityWithMultipleInheritance().

◆ CreatePrivateObjectSecurityEx()

BOOL WINAPI CreatePrivateObjectSecurityEx ( PSECURITY_DESCRIPTOR  ParentDescriptor,
PSECURITY_DESCRIPTOR  CreatorDescriptor,
PSECURITY_DESCRIPTOR NewDescriptor,
GUID ObjectType,
BOOL  IsContainerObject,
ULONG  AutoInheritFlags,
HANDLE  Token,
PGENERIC_MAPPING  GenericMapping 
)

Definition at line 1370 of file misc.c.

1378{
1379 FIXME("%s() not implemented!\n", __FUNCTION__);
1380 return FALSE;
1381}
FIXME
#define FIXME(fmt,...)
Definition: debug.h:111
__FUNCTION__
#define __FUNCTION__
Definition: types.h:116

◆ CreatePrivateObjectSecurityWithMultipleInheritance()

BOOL WINAPI CreatePrivateObjectSecurityWithMultipleInheritance ( PSECURITY_DESCRIPTOR  ParentDescriptor,
PSECURITY_DESCRIPTOR  CreatorDescriptor,
PSECURITY_DESCRIPTOR NewDescriptor,
GUID **  ObjectTypes,
ULONG  GuidCount,
BOOL  IsContainerObject,
ULONG  AutoInheritFlags,
HANDLE  Token,
PGENERIC_MAPPING  GenericMapping 
)

Definition at line 1389 of file misc.c.

1398{
1399 FIXME("%s() semi-stub\n", __FUNCTION__);
1400 return CreatePrivateObjectSecurity(ParentDescriptor, CreatorDescriptor, NewDescriptor, IsContainerObject, Token, GenericMapping);
1401}
CreatePrivateObjectSecurity
BOOL WINAPI CreatePrivateObjectSecurity(PSECURITY_DESCRIPTOR ParentDescriptor, PSECURITY_DESCRIPTOR CreatorDescriptor, PSECURITY_DESCRIPTOR *NewDescriptor, BOOL IsDirectoryObject, HANDLE Token, PGENERIC_MAPPING GenericMapping)
Definition: misc.c:1340

◆ DestroyPrivateObjectSecurity()

BOOL WINAPI DestroyPrivateObjectSecurity ( PSECURITY_DESCRIPTOR ObjectDescriptor)

Definition at line 1409 of file misc.c.

1410{
1411 NTSTATUS Status;
1412
1413 Status = RtlDeleteSecurityObject(ObjectDescriptor);
1414 if (!NT_SUCCESS(Status))
1415 {
1416 SetLastError(RtlNtStatusToDosError(Status));
1417 return FALSE;
1418 }
1419
1420 return TRUE;
1421}
RtlDeleteSecurityObject
NTSYSAPI NTSTATUS NTAPI RtlDeleteSecurityObject(_In_ PSECURITY_DESCRIPTOR *ObjectDescriptor)

◆ GetNamedSecurityInfoW()

DWORD WINAPI GetNamedSecurityInfoW ( LPWSTR  pObjectName,
SE_OBJECT_TYPE  ObjectType,
SECURITY_INFORMATION  SecurityInfo,
PSID ppsidOwner,
PSID ppsidGroup,
PACL ppDacl,
PACL ppSacl,
PSECURITY_DESCRIPTOR ppSecurityDescriptor 
)

Definition at line 1147 of file misc.c.

1155{
1156 DWORD ErrorCode;
1157
1158 if (pObjectName != NULL)
1159 {
1160 ErrorCode = CheckNtMartaPresent();
1161 if (ErrorCode == ERROR_SUCCESS)
1162 {
1163 ErrorCode = pGetSecurityInfoCheck(SecurityInfo,
1164 ppsidOwner,
1165 ppsidGroup,
1166 ppDacl,
1167 ppSacl,
1168 ppSecurityDescriptor);
1169
1170 if (ErrorCode == ERROR_SUCCESS)
1171 {
1172 /* call the MARTA provider */
1173 ErrorCode = AccRewriteGetNamedRights(pObjectName,
1174 ObjectType,
1175 SecurityInfo,
1176 ppsidOwner,
1177 ppsidGroup,
1178 ppDacl,
1179 ppSacl,
1180 ppSecurityDescriptor);
1181 }
1182 }
1183 }
1184 else
1185 ErrorCode = ERROR_INVALID_PARAMETER;
1186
1187 return ErrorCode;
1188}
AccRewriteGetNamedRights
#define AccRewriteGetNamedRights
Definition: advapi32.h:171
CheckNtMartaPresent
DWORD CheckNtMartaPresent(VOID)
Definition: misc.c:74
pGetSecurityInfoCheck
static DWORD pGetSecurityInfoCheck(SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
Definition: misc.c:965
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
ObjectType
ObjectType
Definition: metafile.c:81

Referenced by GetNamedSecurityInfoA(), and ISecurityInformation_fnGetSecurity().

◆ GetPrivateObjectSecurity()

BOOL WINAPI GetPrivateObjectSecurity ( IN PSECURITY_DESCRIPTOR  ObjectDescriptor,
IN SECURITY_INFORMATION  SecurityInformation,
OUT PSECURITY_DESCRIPTOR ResultantDescriptor  OPTIONAL,
IN DWORD  DescriptorLength,
OUT PDWORD  ReturnLength 
)

Definition at line 1429 of file misc.c.

1434{
1435 NTSTATUS Status;
1436
1437 /* Call RTL */
1438 Status = RtlQuerySecurityObject(ObjectDescriptor,
1439 SecurityInformation,
1440 ResultantDescriptor,
1441 DescriptorLength,
1442 ReturnLength);
1443 if (!NT_SUCCESS(Status))
1444 {
1445 /* Fail */
1446 SetLastError(RtlNtStatusToDosError(Status));
1447 return FALSE;
1448 }
1449
1450 /* Success */
1451 return TRUE;
1452}
ReturnLength
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:43
SecurityInformation
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1340
RtlQuerySecurityObject
NTSYSAPI NTSTATUS NTAPI RtlQuerySecurityObject(_In_ PSECURITY_DESCRIPTOR ObjectDescriptor, _In_ SECURITY_INFORMATION SecurityInformation, _Out_ PSECURITY_DESCRIPTOR ResultantDescriptor, _In_ ULONG DescriptorLength, _Out_ PULONG ReturnLength)

Referenced by test_PrivateObjectSecurity().

◆ GetSecurityInfo()

DWORD WINAPI GetSecurityInfo ( HANDLE  handle,
SE_OBJECT_TYPE  ObjectType,
SECURITY_INFORMATION  SecurityInfo,
PSID ppsidOwner,
PSID ppsidGroup,
PACL ppDacl,
PACL ppSacl,
PSECURITY_DESCRIPTOR ppSecurityDescriptor 
)

Definition at line 1244 of file misc.c.

1252{
1253 DWORD ErrorCode;
1254
1255 if (handle != NULL)
1256 {
1257 ErrorCode = CheckNtMartaPresent();
1258 if (ErrorCode == ERROR_SUCCESS)
1259 {
1260 ErrorCode = pGetSecurityInfoCheck(SecurityInfo,
1261 ppsidOwner,
1262 ppsidGroup,
1263 ppDacl,
1264 ppSacl,
1265 ppSecurityDescriptor);
1266
1267 if (ErrorCode == ERROR_SUCCESS)
1268 {
1269 /* call the MARTA provider */
1270 ErrorCode = AccRewriteGetHandleRights(handle,
1271 ObjectType,
1272 SecurityInfo,
1273 ppsidOwner,
1274 ppsidGroup,
1275 ppDacl,
1276 ppSacl,
1277 ppSecurityDescriptor);
1278 }
1279 }
1280 }
1281 else
1282 ErrorCode = ERROR_INVALID_HANDLE;
1283
1284 return ErrorCode;
1285}
AccRewriteGetHandleRights
#define AccRewriteGetHandleRights
Definition: advapi32.h:173
ERROR_INVALID_HANDLE
#define ERROR_INVALID_HANDLE
Definition: compat.h:98

Referenced by PerfDataRefresh(), RSAENH_CPGetProvParam(), and test_system_security_access().

◆ GetUserNameA()

BOOL WINAPI GetUserNameA ( LPSTR  lpszName,
LPDWORD  lpSize 
)

Definition at line 246 of file misc.c.

248{
249 UNICODE_STRING NameW;
250 ANSI_STRING NameA;
251 BOOL Ret;
252
253 /* apparently Win doesn't check whether lpSize is valid at all! */
254
255 NameW.MaximumLength = (*lpSize) * sizeof(WCHAR);
256 NameW.Buffer = LocalAlloc(LMEM_FIXED, NameW.MaximumLength);
257 if(NameW.Buffer == NULL)
258 {
259 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
260 return FALSE;
261 }
262
263 NameA.Length = 0;
264 NameA.MaximumLength = ((*lpSize) < 0xFFFF ? (USHORT)(*lpSize) : 0xFFFF);
265 NameA.Buffer = lpszName;
266
267 Ret = GetUserNameW(NameW.Buffer,
268 lpSize);
269 if(Ret)
270 {
271 NameW.Length = (*lpSize - 1) * sizeof(WCHAR);
272 RtlUnicodeStringToAnsiString(&NameA, &NameW, FALSE);
273
274 *lpSize = NameA.Length + 1;
275 }
276
277 LocalFree(NameW.Buffer);
278
279 return Ret;
280}
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
GetUserNameW
BOOL WINAPI GetUserNameW(LPWSTR lpszName, LPDWORD lpSize)
Definition: misc.c:291
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
LocalAlloc
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1390
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
RtlUnicodeStringToAnsiString
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString, PUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
USHORT
unsigned short USHORT
Definition: pedump.c:61
_ANSI_STRING
Definition: env_spec_w32.h:375
_ANSI_STRING::Buffer
PSTR Buffer
Definition: env_spec_w32.h:378
_ANSI_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:377
_ANSI_STRING::Length
USHORT Length
Definition: env_spec_w32.h:376
_UNICODE_STRING
Definition: env_spec_w32.h:368
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
LMEM_FIXED
#define LMEM_FIXED
Definition: winbase.h:368
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180

Referenced by load_encryption_key(), map_user_to_ids(), nfs41_client_owner(), PrintSystemInfo(), RSAENH_CPAcquireContext(), test_create_delete_svc(), test_GetUserNameA(), test_LookupAccountName(), test_LookupAccountSid(), and WNetGetUserA().

◆ GetUserNameW()

BOOL WINAPI GetUserNameW ( LPWSTR  lpszName,
LPDWORD  lpSize 
)

Definition at line 291 of file misc.c.

293{
294 HANDLE hToken = INVALID_HANDLE_VALUE;
295 DWORD tu_len = 0;
296 char* tu_buf = NULL;
297 TOKEN_USER* token_user = NULL;
298 DWORD an_len = 0;
299 SID_NAME_USE snu = SidTypeUser;
300 WCHAR* domain_name = NULL;
301 DWORD dn_len = 0;
302
303 if (!OpenThreadToken (GetCurrentThread(), TOKEN_QUERY, FALSE, &hToken))
304 {
305 DWORD dwLastError = GetLastError();
306 if (dwLastError != ERROR_NO_TOKEN
307 && dwLastError != ERROR_NO_IMPERSONATION_TOKEN)
308 {
309 /* don't call SetLastError(),
310 as OpenThreadToken() ought to have set one */
311 return FALSE;
312 }
313
314 if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
315 {
316 /* don't call SetLastError(),
317 as OpenProcessToken() ought to have set one */
318 return FALSE;
319 }
320 }
321
322 tu_buf = LocalAlloc(LMEM_FIXED, 36);
323 if (!tu_buf)
324 {
325 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
326 CloseHandle(hToken);
327 return FALSE;
328 }
329
330 if (!GetTokenInformation(hToken, TokenUser, tu_buf, 36, &tu_len) || tu_len > 36)
331 {
332 LocalFree(tu_buf);
333 tu_buf = LocalAlloc(LMEM_FIXED, tu_len);
334 if (!tu_buf)
335 {
336 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
337 CloseHandle(hToken);
338 return FALSE;
339 }
340
341 if (!GetTokenInformation(hToken, TokenUser, tu_buf, tu_len, &tu_len))
342 {
343 /* don't call SetLastError(),
344 as GetTokenInformation() ought to have set one */
345 LocalFree(tu_buf);
346 CloseHandle(hToken);
347 return FALSE;
348 }
349 }
350
351 CloseHandle(hToken);
352 token_user = (TOKEN_USER*)tu_buf;
353
354 an_len = *lpSize;
355 dn_len = 32;
356 domain_name = LocalAlloc(LMEM_FIXED, dn_len * sizeof(WCHAR));
357 if (!domain_name)
358 {
359 LocalFree(tu_buf);
360 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
361 return FALSE;
362 }
363
364 if (!LookupAccountSidW(NULL, token_user->User.Sid, lpszName, &an_len, domain_name, &dn_len, &snu)
365 || dn_len > 32)
366 {
367 if (dn_len > 32)
368 {
369 LocalFree(domain_name);
370 domain_name = LocalAlloc(LMEM_FIXED, dn_len * sizeof(WCHAR));
371 if (!domain_name)
372 {
373 LocalFree(tu_buf);
374 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
375 return FALSE;
376 }
377 }
378
379 an_len = *lpSize;
380 if (!LookupAccountSidW(NULL, token_user->User.Sid, lpszName, &an_len, domain_name, &dn_len, &snu))
381 {
382 /* don't call SetLastError(),
383 as LookupAccountSid() ought to have set one */
384 LocalFree(domain_name);
385 LocalFree(tu_buf);
386 *lpSize = an_len;
387 return FALSE;
388 }
389 }
390
391 LocalFree(domain_name);
392 LocalFree(tu_buf);
393 *lpSize = an_len + 1;
394 return TRUE;
395}
LookupAccountSidW
BOOL WINAPI LookupAccountSidW(LPCWSTR pSystemName, PSID pSid, LPWSTR pAccountName, LPDWORD pdwAccountName, LPWSTR pDomainName, LPDWORD pdwDomainName, PSID_NAME_USE peUse)
Definition: misc.c:537
GetTokenInformation
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
Definition: security.c:411
OpenProcessToken
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:294
OpenThreadToken
BOOL WINAPI OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, HANDLE *TokenHandle)
Definition: security.c:336
CloseHandle
#define CloseHandle
Definition: compat.h:739
INVALID_HANDLE_VALUE
#define INVALID_HANDLE_VALUE
Definition: compat.h:731
GetCurrentProcess
#define GetCurrentProcess()
Definition: compat.h:759
SID_NAME_USE
enum _SID_NAME_USE SID_NAME_USE
SidTypeUser
@ SidTypeUser
Definition: lsa.idl:118
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506
_TOKEN_USER
Definition: setypes.h:1009
_TOKEN_USER::User
SID_AND_ATTRIBUTES User
Definition: setypes.h:1010
GetCurrentThread
HANDLE WINAPI GetCurrentThread(void)
Definition: proc.c:1148
ERROR_NO_IMPERSONATION_TOKEN
#define ERROR_NO_IMPERSONATION_TOKEN
Definition: winerror.h:791
ERROR_NO_TOKEN
#define ERROR_NO_TOKEN
Definition: winerror.h:587
TOKEN_QUERY
#define TOKEN_QUERY
Definition: setypes.h:928
TokenUser
@ TokenUser
Definition: setypes.h:966

Referenced by _build_action_map(), _configure_devices(), _set_action_map(), _SHExpandEnvironmentStrings(), create_cookie_url(), CreateJob(), enumeration_callback(), FTP_Connect(), get_owner(), get_username(), GetCurrentLoggedOnUserName(), GetUserNameA(), GetUserNameExW(), init_access_tests(), init_wksta_tests(), JoystickWGenericImpl_BuildActionMap(), NetWkstaUserGetInfo(), OnCreate(), set_installer_properties(), set_user_sid_prop(), ShellShutdownDialog(), test_GetUserNameW(), test_Win32_ComputerSystem(), WNetGetUserW(), and WTSQuerySessionInformationW().

◆ ImpersonateAnonymousToken()

BOOL WINAPI ImpersonateAnonymousToken ( IN HANDLE  ThreadHandle)

Definition at line 133 of file misc.c.

134{
135 NTSTATUS Status;
136
137 Status = NtImpersonateAnonymousToken(ThreadHandle);
138 if (!NT_SUCCESS(Status))
139 {
140 SetLastError(RtlNtStatusToDosError(Status));
141 return FALSE;
142 }
143
144 return TRUE;
145}
NtImpersonateAnonymousToken
NTSTATUS NTAPI NtImpersonateAnonymousToken(_In_ HANDLE ThreadHandle)
Allows the calling thread to impersonate the system's anonymous logon token.
Definition: token.c:2612

◆ ImpersonateLoggedOnUser()

BOOL WINAPI ImpersonateLoggedOnUser ( HANDLE  hToken)

Definition at line 152 of file misc.c.

153{
154 SECURITY_QUALITY_OF_SERVICE Qos;
155 OBJECT_ATTRIBUTES ObjectAttributes;
156 HANDLE NewToken;
157 TOKEN_TYPE Type;
158 ULONG ReturnLength;
159 BOOL Duplicated;
160 NTSTATUS Status;
161
162 /* Get the token type */
163 Status = NtQueryInformationToken(hToken,
164 TokenType,
165 &Type,
166 sizeof(TOKEN_TYPE),
167 &ReturnLength);
168 if (!NT_SUCCESS(Status))
169 {
170 SetLastError(RtlNtStatusToDosError(Status));
171 return FALSE;
172 }
173
174 if (Type == TokenPrimary)
175 {
176 /* Create a duplicate impersonation token */
177 Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
178 Qos.ImpersonationLevel = SecurityImpersonation;
179 Qos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
180 Qos.EffectiveOnly = FALSE;
181
182 ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);
183 ObjectAttributes.RootDirectory = NULL;
184 ObjectAttributes.ObjectName = NULL;
185 ObjectAttributes.Attributes = 0;
186 ObjectAttributes.SecurityDescriptor = NULL;
187 ObjectAttributes.SecurityQualityOfService = &Qos;
188
189 Status = NtDuplicateToken(hToken,
190 TOKEN_IMPERSONATE | TOKEN_QUERY,
191 &ObjectAttributes,
192 FALSE,
193 TokenImpersonation,
194 &NewToken);
195 if (!NT_SUCCESS(Status))
196 {
197 ERR("NtDuplicateToken failed: Status %08x\n", Status);
198 SetLastError(RtlNtStatusToDosError(Status));
199 return FALSE;
200 }
201
202 Duplicated = TRUE;
203 }
204 else
205 {
206 /* User the original impersonation token */
207 NewToken = hToken;
208 Duplicated = FALSE;
209 }
210
211 /* Impersonate the the current thread */
212 Status = NtSetInformationThread(NtCurrentThread(),
213 ThreadImpersonationToken,
214 &NewToken,
215 sizeof(HANDLE));
216
217 if (Duplicated != FALSE)
218 {
219 NtClose(NewToken);
220 }
221
222 if (!NT_SUCCESS(Status))
223 {
224 ERR("NtSetInformationThread failed: Status %08x\n", Status);
225 SetLastError(RtlNtStatusToDosError(Status));
226 return FALSE;
227 }
228
229 return TRUE;
230}
Type
Type
Definition: Type.h:7
TOKEN_TYPE
TOKEN_TYPE
Definition: asmpp.cpp:29
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
ThreadImpersonationToken
@ ThreadImpersonationToken
Definition: compat.h:940
SecurityImpersonation
@ SecurityImpersonation
Definition: lsa.idl:57
SECURITY_QUALITY_OF_SERVICE
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
TokenImpersonation
@ TokenImpersonation
Definition: imports.h:274
TokenPrimary
@ TokenPrimary
Definition: imports.h:273
TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:411
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
NtSetInformationThread
NTSTATUS NTAPI NtSetInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength)
Definition: query.c:2018
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63
_SECURITY_QUALITY_OF_SERVICE::ContextTrackingMode
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
_SECURITY_QUALITY_OF_SERVICE::EffectiveOnly
BOOLEAN EffectiveOnly
Definition: lsa.idl:67
_SECURITY_QUALITY_OF_SERVICE::Length
DWORD Length
Definition: lsa.idl:64
_SECURITY_QUALITY_OF_SERVICE::ImpersonationLevel
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
NtQueryInformationToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
Definition: tokencls.c:473
NtDuplicateToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
Definition: tokenlif.c:1869
ULONG
uint32_t ULONG
Definition: typedefs.h:59
OBJECT_ATTRIBUTES
struct _OBJECT_ATTRIBUTES OBJECT_ATTRIBUTES
TOKEN_IMPERSONATE
#define TOKEN_IMPERSONATE
Definition: setypes.h:927
SECURITY_DYNAMIC_TRACKING
#define SECURITY_DYNAMIC_TRACKING
Definition: setypes.h:103
NtCurrentThread
#define NtCurrentThread()

Referenced by CreateUserEnvironment(), KillComProcesses(), LogoffShutdownThread(), OnShutDown(), PerfDataRefresh(), PlayEventSound(), PlayLogoffSound(), PlayLogonSoundThread(), RestoreAllConnections(), ScmStartUserModeService(), ScreenSaverThreadMain(), SetDefaultLanguage(), StartScreenSaver(), test_AccessCheck(), and WlxScreenSaverNotify().

◆ LoadAndInitializeNtMarta()

static DWORD LoadAndInitializeNtMarta ( VOID  )
static

Definition at line 32 of file misc.c.

33{
34 /* this code may be executed simultaneously by multiple threads in case they're
35 trying to initialize the interface at the same time, but that's no problem
36 because the pointers returned by GetProcAddress will be the same. However,
37 only one of the threads will change the NtMarta pointer to the NtMartaStatic
38 structure, the others threads will detect that there were other threads
39 initializing the structure faster and will release the reference to the
40 DLL */
41
42 NtMartaStatic.hDllInstance = LoadLibraryW(L"ntmarta.dll");
43 if (NtMartaStatic.hDllInstance == NULL)
44 {
45 return GetLastError();
46 }
47
48#if 0
49 FindNtMartaProc(LookupAccountTrustee);
50 FindNtMartaProc(LookupAccountName);
51 FindNtMartaProc(LookupAccountSid);
52 FindNtMartaProc(SetEntriesInAList);
53 FindNtMartaProc(ConvertAccessToSecurityDescriptor);
54 FindNtMartaProc(ConvertSDToAccess);
55 FindNtMartaProc(ConvertAclToAccess);
56 FindNtMartaProc(GetAccessForTrustee);
57 FindNtMartaProc(GetExplicitEntries);
58#endif
59 FindNtMartaProc(RewriteGetNamedRights);
60 FindNtMartaProc(RewriteSetNamedRights);
61 FindNtMartaProc(RewriteGetHandleRights);
62 FindNtMartaProc(RewriteSetHandleRights);
63 FindNtMartaProc(RewriteSetEntriesInAcl);
64 FindNtMartaProc(RewriteGetExplicitEntriesFromAcl);
65 FindNtMartaProc(TreeResetNamedSecurityInfo);
66 FindNtMartaProc(GetInheritanceSource);
67 FindNtMartaProc(FreeIndexArray);
68
69 return ERROR_SUCCESS;
70}
GetInheritanceSource
#define GetInheritanceSource
Definition: aclapi.h:234
FindNtMartaProc
#define FindNtMartaProc(Name)
Definition: misc.c:22
LoadLibraryW
#define LoadLibraryW(x)
Definition: compat.h:747
L
#define L(x)
Definition: ntvdm.h:50
LookupAccountSid
#define LookupAccountSid
Definition: winbase.h:3867
LookupAccountName
#define LookupAccountName
Definition: winbase.h:3866

Referenced by CheckNtMartaPresent().

◆ LookupAccountNameW()

BOOL WINAPI LookupAccountNameW ( LPCWSTR  lpSystemName,
LPCWSTR  lpAccountName,
PSID  Sid,
LPDWORD  cbSid,
LPWSTR  ReferencedDomainName,
LPDWORD  cchReferencedDomainName,
PSID_NAME_USE  peUse 
)

Definition at line 626 of file misc.c.

633{
634 OBJECT_ATTRIBUTES ObjectAttributes = {0};
635 UNICODE_STRING SystemName;
636 UNICODE_STRING AccountName;
637 LSA_HANDLE PolicyHandle = NULL;
638 PLSA_REFERENCED_DOMAIN_LIST ReferencedDomains = NULL;
639 PLSA_TRANSLATED_SID TranslatedSid = NULL;
640 PSID pDomainSid;
641 DWORD dwDomainNameLength;
642 DWORD dwSidLength;
643 UCHAR nSubAuthorities;
644 BOOL bResult;
645 NTSTATUS Status;
646
647 TRACE("%s %s %p %p %p %p %p\n", lpSystemName, lpAccountName,
648 Sid, cbSid, ReferencedDomainName, cchReferencedDomainName, peUse);
649
650 RtlInitUnicodeString(&SystemName,
651 lpSystemName);
652
653 Status = LsaOpenPolicy(lpSystemName ? &SystemName : NULL,
654 &ObjectAttributes,
655 POLICY_LOOKUP_NAMES,
656 &PolicyHandle);
657 if (!NT_SUCCESS(Status))
658 {
659 SetLastError(LsaNtStatusToWinError(Status));
660 return FALSE;
661 }
662
663 RtlInitUnicodeString(&AccountName,
664 lpAccountName);
665
666 Status = LsaLookupNames(PolicyHandle,
667 1,
668 &AccountName,
669 &ReferencedDomains,
670 &TranslatedSid);
671
672 LsaClose(PolicyHandle);
673
674 if (!NT_SUCCESS(Status) || Status == STATUS_SOME_NOT_MAPPED)
675 {
676 SetLastError(LsaNtStatusToWinError(Status));
677 bResult = FALSE;
678 }
679 else
680 {
681 pDomainSid = ReferencedDomains->Domains[TranslatedSid->DomainIndex].Sid;
682 nSubAuthorities = *GetSidSubAuthorityCount(pDomainSid);
683 dwSidLength = GetSidLengthRequired(nSubAuthorities + 1);
684
685 dwDomainNameLength = ReferencedDomains->Domains->Name.Length / sizeof(WCHAR);
686
687 if (*cbSid < dwSidLength ||
688 *cchReferencedDomainName < dwDomainNameLength + 1)
689 {
690 *cbSid = dwSidLength;
691 *cchReferencedDomainName = dwDomainNameLength + 1;
692
693 bResult = FALSE;
694 }
695 else
696 {
697 CopySid(*cbSid, Sid, pDomainSid);
698 *GetSidSubAuthorityCount(Sid) = nSubAuthorities + 1;
699 *GetSidSubAuthority(Sid, (DWORD)nSubAuthorities) = TranslatedSid->RelativeId;
700
701 RtlCopyMemory(ReferencedDomainName, ReferencedDomains->Domains->Name.Buffer, dwDomainNameLength * sizeof(WCHAR));
702 ReferencedDomainName[dwDomainNameLength] = L'\0';
703
704 *cchReferencedDomainName = dwDomainNameLength;
705
706 *peUse = TranslatedSid->Use;
707
708 bResult = TRUE;
709 }
710
711 if (bResult == FALSE)
712 SetLastError(ERROR_INSUFFICIENT_BUFFER);
713 }
714
715 if (ReferencedDomains != NULL)
716 LsaFreeMemory(ReferencedDomains);
717
718 if (TranslatedSid != NULL)
719 LsaFreeMemory(TranslatedSid);
720
721 return bResult;
722}
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10
LsaOpenPolicy
NTSTATUS WINAPI LsaOpenPolicy(IN PLSA_UNICODE_STRING SystemName OPTIONAL, IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes, IN ACCESS_MASK DesiredAccess, OUT PLSA_HANDLE PolicyHandle)
Definition: lsa.c:1183
LsaNtStatusToWinError
ULONG WINAPI LsaNtStatusToWinError(IN NTSTATUS Status)
Definition: lsa.c:1131
LsaFreeMemory
NTSTATUS WINAPI LsaFreeMemory(IN PVOID Buffer)
Definition: lsa.c:701
LsaLookupNames
NTSTATUS WINAPI LsaLookupNames(IN LSA_HANDLE PolicyHandle, IN ULONG Count, IN PLSA_UNICODE_STRING Names, OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, OUT PLSA_TRANSLATED_SID *Sids)
Definition: lsa.c:855
LsaClose
NTSTATUS WINAPI LsaClose(IN LSA_HANDLE ObjectHandle)
Definition: lsa.c:194
GetSidSubAuthority
PDWORD WINAPI GetSidSubAuthority(PSID pSid, DWORD nSubAuthority)
Definition: security.c:896
GetSidLengthRequired
DWORD WINAPI GetSidLengthRequired(UCHAR nSubAuthorityCount)
Definition: security.c:852
CopySid
BOOL WINAPI CopySid(DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid)
Definition: security.c:712
GetSidSubAuthorityCount
PUCHAR WINAPI GetSidSubAuthorityCount(PSID pSid)
Definition: security.c:908
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1133
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
POLICY_LOOKUP_NAMES
#define POLICY_LOOKUP_NAMES
Definition: ntsecapi.h:72
STATUS_SOME_NOT_MAPPED
#define STATUS_SOME_NOT_MAPPED
Definition: ntstatus.h:86
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_LSA_REFERENCED_DOMAIN_LIST
Definition: ntsecapi.h:406
_LSA_REFERENCED_DOMAIN_LIST::Domains
PLSA_TRUST_INFORMATION Domains
Definition: ntsecapi.h:408
_LSA_TRANSLATED_SID
Definition: ntsecapi.h:410
_LSA_TRANSLATED_SID::RelativeId
ULONG RelativeId
Definition: ntsecapi.h:412
_LSA_TRANSLATED_SID::DomainIndex
LONG DomainIndex
Definition: ntsecapi.h:413
_LSA_TRANSLATED_SID::Use
SID_NAME_USE Use
Definition: ntsecapi.h:411
_LSA_TRUST_INFORMATION::Sid
PSID Sid
Definition: ntsecapi.h:404
_LSA_TRUST_INFORMATION::Name
LSA_UNICODE_STRING Name
Definition: ntsecapi.h:403
_LSA_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: ntsecapi.h:168
_LSA_UNICODE_STRING::Length
USHORT Length
Definition: ntsecapi.h:163
_SID
Definition: ms-dtyp.idl:198
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
cbSid
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD cbSid
Definition: winbase.h:2743
peUse
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD _Out_writes_to_opt_ cchReferencedDomainName LPSTR _Inout_ LPDWORD _Out_ PSID_NAME_USE peUse
Definition: winbase.h:2746
cchReferencedDomainName
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD _Out_writes_to_opt_ cchReferencedDomainName LPSTR _Inout_ LPDWORD cchReferencedDomainName
Definition: winbase.h:2745
ReferencedDomainName
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD _Out_writes_to_opt_ cchReferencedDomainName LPSTR ReferencedDomainName
Definition: winbase.h:2744
lpAccountName
_In_ LPCSTR lpAccountName
Definition: winbase.h:2741
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181

Referenced by LookupAccountNameA(), MsiSourceListAddSourceW(), and set_user_sid_prop().

◆ LookupAccountSidA()

BOOL WINAPI LookupAccountSidA ( LPCSTR  lpSystemName,
PSID  lpSid,
LPSTR  lpName,
LPDWORD  cchName,
LPSTR  lpReferencedDomainName,
LPDWORD  cchReferencedDomainName,
PSID_NAME_USE  peUse 
)

Definition at line 405 of file misc.c.

412{
413 UNICODE_STRING NameW, ReferencedDomainNameW, SystemNameW;
414 LPWSTR NameBuffer = NULL;
415 LPWSTR ReferencedDomainNameBuffer = NULL;
416 DWORD dwName, dwReferencedDomainName;
417 BOOL Ret;
418
419 /*
420 * save the buffer sizes the caller passed to us, as they may get modified and
421 * we require the original values when converting back to ansi
422 */
423 dwName = *cchName;
424 dwReferencedDomainName = *cchReferencedDomainName;
425
426 /* allocate buffers for the unicode strings to receive */
427 if (dwName > 0)
428 {
429 NameBuffer = LocalAlloc(LMEM_FIXED, dwName * sizeof(WCHAR));
430 if (NameBuffer == NULL)
431 {
432 SetLastError(ERROR_OUTOFMEMORY);
433 return FALSE;
434 }
435 }
436 else
437 NameBuffer = NULL;
438
439 if (dwReferencedDomainName > 0)
440 {
441 ReferencedDomainNameBuffer = LocalAlloc(LMEM_FIXED, dwReferencedDomainName * sizeof(WCHAR));
442 if (ReferencedDomainNameBuffer == NULL)
443 {
444 if (dwName > 0)
445 {
446 LocalFree(NameBuffer);
447 }
448
449 SetLastError(ERROR_OUTOFMEMORY);
450 return FALSE;
451 }
452 }
453 else
454 ReferencedDomainNameBuffer = NULL;
455
456
457 /* convert the system name to unicode - if present */
458 if (lpSystemName != NULL)
459 {
460 ANSI_STRING SystemNameA;
461
462 RtlInitAnsiString(&SystemNameA, lpSystemName);
463 RtlAnsiStringToUnicodeString(&SystemNameW, &SystemNameA, TRUE);
464 }
465 else
466 SystemNameW.Buffer = NULL;
467
468 /* it's time to call the unicode version */
469 Ret = LookupAccountSidW(SystemNameW.Buffer,
470 lpSid,
471 NameBuffer,
472 cchName,
473 ReferencedDomainNameBuffer,
474 cchReferencedDomainName,
475 peUse);
476 if (Ret)
477 {
478 /*
479 * convert unicode strings back to ansi, don't forget that we can't convert
480 * more than 0xFFFF (USHORT) characters! Also don't forget to explicitly
481 * terminate the converted string, the Rtl functions don't do that!
482 */
483 if (lpName != NULL)
484 {
485 ANSI_STRING NameA;
486
487 NameA.Length = 0;
488 NameA.MaximumLength = ((dwName <= 0xFFFF) ? (USHORT)dwName : 0xFFFF);
489 NameA.Buffer = lpName;
490
491 RtlInitUnicodeString(&NameW, NameBuffer);
492 RtlUnicodeStringToAnsiString(&NameA, &NameW, FALSE);
493 NameA.Buffer[NameA.Length] = '\0';
494 }
495
496 if (lpReferencedDomainName != NULL)
497 {
498 ANSI_STRING ReferencedDomainNameA;
499
500 ReferencedDomainNameA.Length = 0;
501 ReferencedDomainNameA.MaximumLength = ((dwReferencedDomainName <= 0xFFFF) ?
502 (USHORT)dwReferencedDomainName : 0xFFFF);
503 ReferencedDomainNameA.Buffer = lpReferencedDomainName;
504
505 RtlInitUnicodeString(&ReferencedDomainNameW, ReferencedDomainNameBuffer);
506 RtlUnicodeStringToAnsiString(&ReferencedDomainNameA, &ReferencedDomainNameW, FALSE);
507 ReferencedDomainNameA.Buffer[ReferencedDomainNameA.Length] = '\0';
508 }
509 }
510
511 /* free previously allocated buffers */
512 if (SystemNameW.Buffer != NULL)
513 {
514 RtlFreeUnicodeString(&SystemNameW);
515 }
516
517 if (NameBuffer != NULL)
518 {
519 LocalFree(NameBuffer);
520 }
521
522 if (ReferencedDomainNameBuffer != NULL)
523 {
524 LocalFree(ReferencedDomainNameBuffer);
525 }
526
527 return Ret;
528}
ERROR_OUTOFMEMORY
#define ERROR_OUTOFMEMORY
Definition: deptool.c:13
RtlAnsiStringToUnicodeString
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
RtlFreeUnicodeString
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
RtlInitAnsiString
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
lpName
_In_ LPCSTR lpName
Definition: winbase.h:2789
cchName
_In_ PSID _Out_writes_to_opt_ cchName LPSTR _Inout_ LPDWORD cchName
Definition: winbase.h:2767
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

Referenced by get_sid_info(), test_LookupAccountSid(), test_process_security(), test_sid_str(), and test_token_attr().

◆ LookupAccountSidW()

BOOL WINAPI LookupAccountSidW ( LPCWSTR  pSystemName,
PSID  pSid,
LPWSTR  pAccountName,
LPDWORD  pdwAccountName,
LPWSTR  pDomainName,
LPDWORD  pdwDomainName,
PSID_NAME_USE  peUse 
)

Definition at line 537 of file misc.c.

544{
545 LSA_UNICODE_STRING SystemName;
546 LSA_OBJECT_ATTRIBUTES ObjectAttributes = {0};
547 LSA_HANDLE PolicyHandle = NULL;
548 NTSTATUS Status;
549 PLSA_REFERENCED_DOMAIN_LIST ReferencedDomain = NULL;
550 PLSA_TRANSLATED_NAME TranslatedName = NULL;
551 BOOL ret;
552 DWORD dwAccountName, dwDomainName;
553
554 RtlInitUnicodeString(&SystemName, pSystemName);
555 Status = LsaOpenPolicy(&SystemName, &ObjectAttributes, POLICY_LOOKUP_NAMES, &PolicyHandle);
556 if (!NT_SUCCESS(Status))
557 {
558 SetLastError(LsaNtStatusToWinError(Status));
559 return FALSE;
560 }
561
562 Status = LsaLookupSids(PolicyHandle, 1, &pSid, &ReferencedDomain, &TranslatedName);
563
564 LsaClose(PolicyHandle);
565
566 if (!NT_SUCCESS(Status) || Status == STATUS_SOME_NOT_MAPPED)
567 {
568 SetLastError(LsaNtStatusToWinError(Status));
569 ret = FALSE;
570 }
571 else
572 {
573 ret = TRUE;
574
575 dwAccountName = TranslatedName->Name.Length / sizeof(WCHAR);
576 if (ReferencedDomain && ReferencedDomain->Entries > 0)
577 dwDomainName = ReferencedDomain->Domains[0].Name.Length / sizeof(WCHAR);
578 else
579 dwDomainName = 0;
580
581 if (*pdwAccountName <= dwAccountName || *pdwDomainName <= dwDomainName)
582 {
583 /* One or two buffers are insufficient, add up a char for NULL termination */
584 *pdwAccountName = dwAccountName + 1;
585 *pdwDomainName = dwDomainName + 1;
586 ret = FALSE;
587 }
588 else
589 {
590 /* Lengths are sufficient, copy the data */
591 if (dwAccountName)
592 RtlCopyMemory(pAccountName, TranslatedName->Name.Buffer, dwAccountName * sizeof(WCHAR));
593 pAccountName[dwAccountName] = L'\0';
594
595 if (dwDomainName)
596 RtlCopyMemory(pDomainName, ReferencedDomain->Domains[0].Name.Buffer, dwDomainName * sizeof(WCHAR));
597 pDomainName[dwDomainName] = L'\0';
598
599 *pdwAccountName = dwAccountName;
600 *pdwDomainName = dwDomainName;
601
602 if (peUse)
603 *peUse = TranslatedName->Use;
604 }
605
606 if (!ret)
607 SetLastError(ERROR_INSUFFICIENT_BUFFER);
608 }
609
610 if (ReferencedDomain)
611 LsaFreeMemory(ReferencedDomain);
612
613 if (TranslatedName)
614 LsaFreeMemory(TranslatedName);
615
616 return ret;
617}
LsaLookupSids
NTSTATUS WINAPI LsaLookupSids(IN LSA_HANDLE PolicyHandle, IN ULONG Count, IN PSID *Sids, OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, OUT PLSA_TRANSLATED_NAME *Names)
Definition: lsa.c:1069
pSid
static PSID pSid
Definition: security.c:74
_LSA_OBJECT_ATTRIBUTES
Definition: ntsecapi.h:177
_LSA_REFERENCED_DOMAIN_LIST::Entries
ULONG Entries
Definition: ntsecapi.h:407
_LSA_TRANSLATED_NAME
Definition: ntsecapi.h:421
_LSA_TRANSLATED_NAME::Name
LSA_UNICODE_STRING Name
Definition: ntsecapi.h:423
_LSA_TRANSLATED_NAME::Use
SID_NAME_USE Use
Definition: ntsecapi.h:422
_LSA_UNICODE_STRING
Definition: ntsecapi.h:162
ret
int ret
Definition: wcstombs-tests.c:31

Referenced by GetEventUserName(), GetProfileName(), GetUserAndDomainName(), GetUserNameW(), LookupAccountSidA(), SidToUserName(), test_LookupAccountSid(), and WhoamiGroups().

◆ LookupPrivilegeDisplayNameW()

BOOL WINAPI LookupPrivilegeDisplayNameW ( LPCWSTR  lpSystemName,
LPCWSTR  lpName,
LPWSTR  lpDisplayName,
LPDWORD  cchDisplayName,
LPDWORD  lpLanguageId 
)

Definition at line 901 of file misc.c.

906{
907 OBJECT_ATTRIBUTES ObjectAttributes = {0};
908 UNICODE_STRING SystemName, Name;
909 PUNICODE_STRING DisplayName;
910 LSA_HANDLE PolicyHandle = NULL;
911 USHORT LanguageId;
912 NTSTATUS Status;
913
914 TRACE("%S,%S,%p,%p,%p\n", lpSystemName, lpName, lpDisplayName, cchDisplayName, lpLanguageId);
915
916 RtlInitUnicodeString(&SystemName, lpSystemName);
917 RtlInitUnicodeString(&Name, lpName);
918
919 Status = LsaOpenPolicy(lpSystemName ? &SystemName : NULL,
920 &ObjectAttributes,
921 POLICY_LOOKUP_NAMES,
922 &PolicyHandle);
923 if (!NT_SUCCESS(Status))
924 {
925 SetLastError(LsaNtStatusToWinError(Status));
926 return FALSE;
927 }
928
929 Status = LsaLookupPrivilegeDisplayName(PolicyHandle, &Name, &DisplayName, &LanguageId);
930 if (NT_SUCCESS(Status))
931 {
932 *lpLanguageId = LanguageId;
933 if (DisplayName->Length + sizeof(WCHAR) > *cchDisplayName * sizeof(WCHAR))
934 {
935 Status = STATUS_BUFFER_TOO_SMALL;
936
937 *cchDisplayName = (DisplayName->Length + sizeof(WCHAR)) / sizeof(WCHAR);
938 }
939 else
940 {
941 RtlMoveMemory(lpDisplayName,
942 DisplayName->Buffer,
943 DisplayName->Length);
944 lpDisplayName[DisplayName->Length / sizeof(WCHAR)] = 0;
945
946 *cchDisplayName = DisplayName->Length / sizeof(WCHAR);
947 }
948
949 LsaFreeMemory(DisplayName->Buffer);
950 LsaFreeMemory(DisplayName);
951 }
952
953 LsaClose(PolicyHandle);
954
955 if (!NT_SUCCESS(Status))
956 {
957 SetLastError(LsaNtStatusToWinError(Status));
958 return FALSE;
959 }
960
961 return TRUE;
962}
Name
struct NameRec_ * Name
Definition: cdprocs.h:460
LsaLookupPrivilegeDisplayName
NTSTATUS WINAPI LsaLookupPrivilegeDisplayName(IN LSA_HANDLE PolicyHandle, IN PLSA_UNICODE_STRING Name, OUT PLSA_UNICODE_STRING *DisplayName, OUT PUSHORT LanguageReturned)
Definition: lsa.c:960
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
RtlMoveMemory
#define RtlMoveMemory(Destination, Source, Length)
Definition: typedefs.h:264
lpDisplayName
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR lpDisplayName
Definition: winbase.h:2790
lpLanguageId
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR _Inout_ LPDWORD _Out_ LPDWORD lpLanguageId
Definition: winbase.h:2792
cchDisplayName
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR _Inout_ LPDWORD cchDisplayName
Definition: winbase.h:2791

Referenced by LookupPrivilegeDisplayNameA(), and WhoamiPriv().

◆ LookupPrivilegeNameW()

BOOL WINAPI LookupPrivilegeNameW ( LPCWSTR  lpSystemName,
PLUID  lpLuid,
LPWSTR  lpName,
LPDWORD  cchName 
)

Definition at line 832 of file misc.c.

836{
837 OBJECT_ATTRIBUTES ObjectAttributes = {0};
838 UNICODE_STRING SystemName;
839 PUNICODE_STRING PrivilegeName = NULL;
840 LSA_HANDLE PolicyHandle = NULL;
841 NTSTATUS Status;
842
843 TRACE("%S,%p,%p,%p\n", lpSystemName, lpLuid, lpName, cchName);
844
845 RtlInitUnicodeString(&SystemName,
846 lpSystemName);
847
848 Status = LsaOpenPolicy(lpSystemName ? &SystemName : NULL,
849 &ObjectAttributes,
850 POLICY_LOOKUP_NAMES,
851 &PolicyHandle);
852 if (!NT_SUCCESS(Status))
853 {
854 SetLastError(LsaNtStatusToWinError(Status));
855 return FALSE;
856 }
857
858 Status = LsaLookupPrivilegeName(PolicyHandle,
859 lpLuid,
860 &PrivilegeName);
861 if (NT_SUCCESS(Status))
862 {
863 if (PrivilegeName->Length + sizeof(WCHAR) > *cchName * sizeof(WCHAR))
864 {
865 Status = STATUS_BUFFER_TOO_SMALL;
866
867 *cchName = (PrivilegeName->Length + sizeof(WCHAR)) / sizeof(WCHAR);
868 }
869 else
870 {
871 RtlMoveMemory(lpName,
872 PrivilegeName->Buffer,
873 PrivilegeName->Length);
874 lpName[PrivilegeName->Length / sizeof(WCHAR)] = 0;
875
876 *cchName = PrivilegeName->Length / sizeof(WCHAR);
877 }
878
879 LsaFreeMemory(PrivilegeName->Buffer);
880 LsaFreeMemory(PrivilegeName);
881 }
882
883 LsaClose(PolicyHandle);
884
885 if (!NT_SUCCESS(Status))
886 {
887 SetLastError(LsaNtStatusToWinError(Status));
888 return FALSE;
889 }
890
891 return TRUE;
892}
LsaLookupPrivilegeName
NTSTATUS WINAPI LsaLookupPrivilegeName(IN LSA_HANDLE PolicyHandle, IN PLUID Value, OUT PUNICODE_STRING *Name)
Definition: lsa.c:1000
lpLuid
_In_ PLUID lpLuid
Definition: winbase.h:2809

Referenced by LookupPrivilegeNameA(), and WhoamiPriv().

◆ LookupPrivilegeValueA()

BOOL WINAPI LookupPrivilegeValueA ( LPCSTR  lpSystemName,
LPCSTR  lpName,
PLUID  lpLuid 
)

Definition at line 732 of file misc.c.

735{
736 UNICODE_STRING SystemName;
737 UNICODE_STRING Name;
738 BOOL Result;
739
740 /* Remote system? */
741 if (lpSystemName != NULL)
742 {
743 RtlCreateUnicodeStringFromAsciiz(&SystemName,
744 (LPSTR)lpSystemName);
745 }
746 else
747 SystemName.Buffer = NULL;
748
749 /* Check the privilege name is not NULL */
750 if (lpName == NULL)
751 {
752 SetLastError(ERROR_NO_SUCH_PRIVILEGE);
753 return FALSE;
754 }
755
756 RtlCreateUnicodeStringFromAsciiz(&Name,
757 (LPSTR)lpName);
758
759 Result = LookupPrivilegeValueW(SystemName.Buffer,
760 Name.Buffer,
761 lpLuid);
762
763 RtlFreeUnicodeString(&Name);
764
765 /* Remote system? */
766 if (SystemName.Buffer != NULL)
767 {
768 RtlFreeUnicodeString(&SystemName);
769 }
770
771 return Result;
772}
LookupPrivilegeValueW
BOOL WINAPI LookupPrivilegeValueW(LPCWSTR lpSystemName, LPCWSTR lpPrivilegeName, PLUID lpLuid)
Definition: misc.c:782
RtlCreateUnicodeStringFromAsciiz
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
ERROR_NO_SUCH_PRIVILEGE
#define ERROR_NO_SUCH_PRIVILEGE
Definition: winerror.h:795
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
LPSTR
char * LPSTR
Definition: xmlstorage.h:182

Referenced by set_privileges(), test_AdjustTokenPrivileges(), test_CreateRestrictedToken(), test_SetFileValidData(), test_system_security_access(), and WinMain().

◆ LookupPrivilegeValueW()

BOOL WINAPI LookupPrivilegeValueW ( LPCWSTR  lpSystemName,
LPCWSTR  lpPrivilegeName,
PLUID  lpLuid 
)

Definition at line 782 of file misc.c.

785{
786 OBJECT_ATTRIBUTES ObjectAttributes = {0};
787 UNICODE_STRING SystemName;
788 UNICODE_STRING PrivilegeName;
789 LSA_HANDLE PolicyHandle = NULL;
790 NTSTATUS Status;
791
792 TRACE("%S,%S,%p\n", lpSystemName, lpPrivilegeName, lpLuid);
793
794 RtlInitUnicodeString(&SystemName,
795 lpSystemName);
796
797 Status = LsaOpenPolicy(lpSystemName ? &SystemName : NULL,
798 &ObjectAttributes,
799 POLICY_LOOKUP_NAMES,
800 &PolicyHandle);
801 if (!NT_SUCCESS(Status))
802 {
803 SetLastError(LsaNtStatusToWinError(Status));
804 return FALSE;
805 }
806
807 RtlInitUnicodeString(&PrivilegeName,
808 lpPrivilegeName);
809
810 Status = LsaLookupPrivilegeValue(PolicyHandle,
811 &PrivilegeName,
812 lpLuid);
813
814 LsaClose(PolicyHandle);
815
816 if (!NT_SUCCESS(Status))
817 {
818 SetLastError(LsaNtStatusToWinError(Status));
819 return FALSE;
820 }
821
822 return TRUE;
823}
LsaLookupPrivilegeValue
NTSTATUS WINAPI LsaLookupPrivilegeValue(IN LSA_HANDLE PolicyHandle, IN PLSA_UNICODE_STRING Name, OUT PLUID Value)
Definition: lsa.c:1036

Referenced by AddDeviceW(), AdjustEnableDefaultPriv(), DisablePrivilege(), DoesUserHavePrivilege(), EnablePrivilege(), EnableProcessPrivileges(), enableTokenPrivilege(), FormatEx2(), LookupPrivilegeValueA(), PauseBalanceW(), pSetupEnablePrivilege(), RecvSubvolGUIW(), RecvSubvolW(), RemoveDeviceW(), ResetStatsW(), ResizeDeviceW(), SendSubvolGUIW(), SendSubvolW(), SetDriverLoadPrivilege(), SHInvokePrivilegedFunctionW(), ShowScrubW(), SHTestTokenPrivilegeW(), ShutdownSystem(), StartBalanceW(), StartScrubW(), StopBalanceW(), StopScrubW(), SystemSetLocalTime(), SystemSetTime(), UpdateDriver(), and wWinMain().

◆ pGetSecurityInfoCheck()

static DWORD pGetSecurityInfoCheck ( SECURITY_INFORMATION  SecurityInfo,
PSID ppsidOwner,
PSID ppsidGroup,
PACL ppDacl,
PACL ppSacl,
PSECURITY_DESCRIPTOR ppSecurityDescriptor 
)
static

Definition at line 965 of file misc.c.

971{
972 if ((SecurityInfo & (OWNER_SECURITY_INFORMATION |
973 GROUP_SECURITY_INFORMATION |
974 DACL_SECURITY_INFORMATION |
975 SACL_SECURITY_INFORMATION)) &&
976 ppSecurityDescriptor == NULL)
977 {
978 /* if one of the SIDs or ACLs are present, the security descriptor
979 most not be NULL */
980 return ERROR_INVALID_PARAMETER;
981 }
982 else
983 {
984 /* reset the pointers unless they're ignored */
985 if ((SecurityInfo & OWNER_SECURITY_INFORMATION) &&
986 ppsidOwner != NULL)
987 {
988 *ppsidOwner = NULL;
989 }
990 if ((SecurityInfo & GROUP_SECURITY_INFORMATION) &&
991 ppsidGroup != NULL)
992 {
993 *ppsidGroup = NULL;
994 }
995 if ((SecurityInfo & DACL_SECURITY_INFORMATION) &&
996 ppDacl != NULL)
997 {
998 *ppDacl = NULL;
999 }
1000 if ((SecurityInfo & SACL_SECURITY_INFORMATION) &&
1001 ppSacl != NULL)
1002 {
1003 *ppSacl = NULL;
1004 }
1005
1006 if (SecurityInfo & (OWNER_SECURITY_INFORMATION |
1007 GROUP_SECURITY_INFORMATION |
1008 DACL_SECURITY_INFORMATION |
1009 SACL_SECURITY_INFORMATION))
1010 {
1011 *ppSecurityDescriptor = NULL;
1012 }
1013
1014 return ERROR_SUCCESS;
1015 }
1016}
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
OWNER_SECURITY_INFORMATION
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
GROUP_SECURITY_INFORMATION
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
SACL_SECURITY_INFORMATION
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126

Referenced by GetNamedSecurityInfoW(), and GetSecurityInfo().

◆ pSetSecurityInfoCheck()

static DWORD pSetSecurityInfoCheck ( PSECURITY_DESCRIPTOR  pSecurityDescriptor,
SECURITY_INFORMATION  SecurityInfo,
PSID  psidOwner,
PSID  psidGroup,
PACL  pDacl,
PACL  pSacl 
)
static

Definition at line 1020 of file misc.c.

1026{
1027 /* initialize a security descriptor on the stack */
1028 if (!InitializeSecurityDescriptor(pSecurityDescriptor,
1029 SECURITY_DESCRIPTOR_REVISION))
1030 {
1031 return GetLastError();
1032 }
1033
1034 if (SecurityInfo & OWNER_SECURITY_INFORMATION)
1035 {
1036 if (RtlValidSid(psidOwner))
1037 {
1038 if (!SetSecurityDescriptorOwner(pSecurityDescriptor,
1039 psidOwner,
1040 FALSE))
1041 {
1042 return GetLastError();
1043 }
1044 }
1045 else
1046 {
1047 return ERROR_INVALID_PARAMETER;
1048 }
1049 }
1050
1051 if (SecurityInfo & GROUP_SECURITY_INFORMATION)
1052 {
1053 if (RtlValidSid(psidGroup))
1054 {
1055 if (!SetSecurityDescriptorGroup(pSecurityDescriptor,
1056 psidGroup,
1057 FALSE))
1058 {
1059 return GetLastError();
1060 }
1061 }
1062 else
1063 {
1064 return ERROR_INVALID_PARAMETER;
1065 }
1066 }
1067
1068 if (SecurityInfo & DACL_SECURITY_INFORMATION)
1069 {
1070 if (pDacl != NULL)
1071 {
1072 if (SetSecurityDescriptorDacl(pSecurityDescriptor,
1073 TRUE,
1074 pDacl,
1075 FALSE))
1076 {
1077 /* check if the DACL needs to be protected from being
1078 modified by inheritable ACEs */
1079 if (SecurityInfo & PROTECTED_DACL_SECURITY_INFORMATION)
1080 {
1081 goto ProtectDacl;
1082 }
1083 }
1084 else
1085 {
1086 return GetLastError();
1087 }
1088 }
1089 else
1090 {
1091ProtectDacl:
1092 /* protect the DACL from being modified by inheritable ACEs */
1093 if (!SetSecurityDescriptorControl(pSecurityDescriptor,
1094 SE_DACL_PROTECTED,
1095 SE_DACL_PROTECTED))
1096 {
1097 return GetLastError();
1098 }
1099 }
1100 }
1101
1102 if (SecurityInfo & SACL_SECURITY_INFORMATION)
1103 {
1104 if (pSacl != NULL)
1105 {
1106 if (SetSecurityDescriptorSacl(pSecurityDescriptor,
1107 TRUE,
1108 pSacl,
1109 FALSE))
1110 {
1111 /* check if the SACL needs to be protected from being
1112 modified by inheritable ACEs */
1113 if (SecurityInfo & PROTECTED_SACL_SECURITY_INFORMATION)
1114 {
1115 goto ProtectSacl;
1116 }
1117 }
1118 else
1119 {
1120 return GetLastError();
1121 }
1122 }
1123 else
1124 {
1125ProtectSacl:
1126 /* protect the SACL from being modified by inheritable ACEs */
1127 if (!SetSecurityDescriptorControl(pSecurityDescriptor,
1128 SE_SACL_PROTECTED,
1129 SE_SACL_PROTECTED))
1130 {
1131 return GetLastError();
1132 }
1133 }
1134 }
1135
1136 return ERROR_SUCCESS;
1137}
InitializeSecurityDescriptor
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
Definition: security.c:929
RtlValidSid
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21
SetSecurityDescriptorControl
BOOL WINAPI SetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest, SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet)
Definition: sec.c:238
SetSecurityDescriptorDacl
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
Definition: sec.c:262
SetSecurityDescriptorOwner
BOOL WINAPI SetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID pOwner, BOOL bOwnerDefaulted)
Definition: sec.c:312
SetSecurityDescriptorSacl
BOOL WINAPI SetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bSaclPresent, PACL pSacl, BOOL bSaclDefaulted)
Definition: sec.c:351
SetSecurityDescriptorGroup
BOOL WINAPI SetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID pGroup, BOOL bGroupDefaulted)
Definition: sec.c:288
SE_SACL_PROTECTED
#define SE_SACL_PROTECTED
Definition: setypes.h:832
SE_DACL_PROTECTED
#define SE_DACL_PROTECTED
Definition: setypes.h:831
SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
PROTECTED_DACL_SECURITY_INFORMATION
#define PROTECTED_DACL_SECURITY_INFORMATION
Definition: setypes.h:129
PROTECTED_SACL_SECURITY_INFORMATION
#define PROTECTED_SACL_SECURITY_INFORMATION
Definition: setypes.h:130

Referenced by SetNamedSecurityInfoW(), and SetSecurityInfo().

◆ SetNamedSecurityInfoW()

DWORD WINAPI SetNamedSecurityInfoW ( LPWSTR  pObjectName,
SE_OBJECT_TYPE  ObjectType,
SECURITY_INFORMATION  SecurityInfo,
PSID  psidOwner,
PSID  psidGroup,
PACL  pDacl,
PACL  pSacl 
)

Definition at line 1197 of file misc.c.

1204{
1205 DWORD ErrorCode;
1206
1207 if (pObjectName != NULL)
1208 {
1209 ErrorCode = CheckNtMartaPresent();
1210 if (ErrorCode == ERROR_SUCCESS)
1211 {
1212 SECURITY_DESCRIPTOR SecurityDescriptor;
1213
1214 ErrorCode = pSetSecurityInfoCheck(&SecurityDescriptor,
1215 SecurityInfo,
1216 psidOwner,
1217 psidGroup,
1218 pDacl,
1219 pSacl);
1220
1221 if (ErrorCode == ERROR_SUCCESS)
1222 {
1223 /* call the MARTA provider */
1224 ErrorCode = AccRewriteSetNamedRights(pObjectName,
1225 ObjectType,
1226 SecurityInfo,
1227 &SecurityDescriptor);
1228 }
1229 }
1230 }
1231 else
1232 ErrorCode = ERROR_INVALID_PARAMETER;
1233
1234 return ErrorCode;
1235}
AccRewriteSetNamedRights
#define AccRewriteSetNamedRights
Definition: advapi32.h:172
pSetSecurityInfoCheck
static DWORD pSetSecurityInfoCheck(PSECURITY_DESCRIPTOR pSecurityDescriptor, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
Definition: misc.c:1020
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191

Referenced by SetNamedSecurityInfoA(), and SetupCommitFileQueueW().

◆ SetPrivateObjectSecurity()

BOOL WINAPI SetPrivateObjectSecurity ( SECURITY_INFORMATION  SecurityInformation,
PSECURITY_DESCRIPTOR  ModificationDescriptor,
PSECURITY_DESCRIPTOR ObjectsSecurityDescriptor,
PGENERIC_MAPPING  GenericMapping,
HANDLE  Token 
)

Definition at line 1460 of file misc.c.

1465{
1466 NTSTATUS Status;
1467
1468 Status = RtlSetSecurityObject(SecurityInformation,
1469 ModificationDescriptor,
1470 ObjectsSecurityDescriptor,
1471 GenericMapping,
1472 Token);
1473 if (!NT_SUCCESS(Status))
1474 {
1475 SetLastError(RtlNtStatusToDosError(Status));
1476 return FALSE;
1477 }
1478
1479 return TRUE;
1480}
RtlSetSecurityObject
NTSYSAPI NTSTATUS NTAPI RtlSetSecurityObject(_In_ SECURITY_INFORMATION SecurityInformation, _In_ PSECURITY_DESCRIPTOR ModificationDescriptor, _Out_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, _In_ PGENERIC_MAPPING GenericMapping, _In_ HANDLE Token)

◆ SetSecurityInfo()

DWORD WINAPI SetSecurityInfo ( HANDLE  handle,
SE_OBJECT_TYPE  ObjectType,
SECURITY_INFORMATION  SecurityInfo,
PSID  psidOwner,
PSID  psidGroup,
PACL  pDacl,
PACL  pSacl 
)

Definition at line 1295 of file misc.c.

1302{
1303 DWORD ErrorCode;
1304
1305 if (handle != NULL)
1306 {
1307 ErrorCode = CheckNtMartaPresent();
1308 if (ErrorCode == ERROR_SUCCESS)
1309 {
1310 SECURITY_DESCRIPTOR SecurityDescriptor;
1311
1312 ErrorCode = pSetSecurityInfoCheck(&SecurityDescriptor,
1313 SecurityInfo,
1314 psidOwner,
1315 psidGroup,
1316 pDacl,
1317 pSacl);
1318
1319 if (ErrorCode == ERROR_SUCCESS)
1320 {
1321 /* call the MARTA provider */
1322 ErrorCode = AccRewriteSetHandleRights(handle,
1323 ObjectType,
1324 SecurityInfo,
1325 &SecurityDescriptor);
1326 }
1327 }
1328 }
1329 else
1330 ErrorCode = ERROR_INVALID_HANDLE;
1331
1332 return ErrorCode;
1333}
AccRewriteSetHandleRights
#define AccRewriteSetHandleRights
Definition: advapi32.h:174

Referenced by RSAENH_CPSetProvParam().

◆ TreeResetNamedSecurityInfoA()

DWORD WINAPI TreeResetNamedSecurityInfoA ( LPSTR  pObjectName,
SE_OBJECT_TYPE  ObjectType,
SECURITY_INFORMATION  SecurityInfo,
PSID  pOwner,
PSID  pGroup,
PACL  pDacl,
PACL  pSacl,
BOOL  KeepExplicit,
FN_PROGRESSA  fnProgress,
PROG_INVOKE_SETTING  ProgressInvokeSetting,
PVOID  Args 
)

Definition at line 1621 of file misc.c.

1632{
1633#ifndef HAS_FN_PROGRESSW
1634 /* That's all this function does, at least up to w2k3... Even MS was too
1635 lazy to implement it... */
1636 return ERROR_CALL_NOT_IMPLEMENTED;
1637#else
1638 INTERNAL_FNPROGRESSW_DATA ifnProgressData;
1639 UNICODE_STRING ObjectName;
1640 DWORD Ret;
1641
1642 if (!RtlCreateUnicodeStringFromAsciiz(&ObjectName, pObjectName))
1643 {
1644 return ERROR_NOT_ENOUGH_MEMORY;
1645 }
1646
1647 ifnProgressData.fnProgress = fnProgress;
1648 ifnProgressData.Args = Args;
1649
1650 Ret = TreeResetNamedSecurityInfoW(ObjectName.Buffer,
1651 ObjectType,
1652 SecurityInfo,
1653 pOwner,
1654 pGroup,
1655 pDacl,
1656 pSacl,
1657 KeepExplicit,
1658 (fnProgress != NULL ? InternalfnProgressW : NULL),
1659 ProgressInvokeSetting,
1660 &ifnProgressData);
1661
1662 RtlFreeUnicodeString(&ObjectName);
1663
1664 return Ret;
1665#endif
1666}
Args
char ** Args
Definition: acdebug.h:353
TreeResetNamedSecurityInfoW
DWORD WINAPI TreeResetNamedSecurityInfoW(LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID pOwner, PSID pGroup, PACL pDacl, PACL pSacl, BOOL KeepExplicit, FN_PROGRESSW fnProgress, PROG_INVOKE_SETTING ProgressInvokeSetting, PVOID Args)
Definition: misc.c:1488
ERROR_CALL_NOT_IMPLEMENTED
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:102
ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:64

◆ TreeResetNamedSecurityInfoW()

DWORD WINAPI TreeResetNamedSecurityInfoW ( LPWSTR  pObjectName,
SE_OBJECT_TYPE  ObjectType,
SECURITY_INFORMATION  SecurityInfo,
PSID  pOwner,
PSID  pGroup,
PACL  pDacl,
PACL  pSacl,
BOOL  KeepExplicit,
FN_PROGRESSW  fnProgress,
PROG_INVOKE_SETTING  ProgressInvokeSetting,
PVOID  Args 
)

Definition at line 1488 of file misc.c.

1499{
1500 DWORD ErrorCode;
1501
1502 if (pObjectName != NULL)
1503 {
1504 ErrorCode = CheckNtMartaPresent();
1505 if (ErrorCode == ERROR_SUCCESS)
1506 {
1507 switch (ObjectType)
1508 {
1509 case SE_FILE_OBJECT:
1510 case SE_REGISTRY_KEY:
1511 {
1512 /* check the SecurityInfo flags for sanity (both, the protected
1513 and unprotected dacl/sacl flag must not be passed together) */
1514 if (((SecurityInfo & DACL_SECURITY_INFORMATION) &&
1515 (SecurityInfo & (PROTECTED_DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION)) ==
1516 (PROTECTED_DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION))
1517
1518 ||
1519
1520 ((SecurityInfo & SACL_SECURITY_INFORMATION) &&
1521 (SecurityInfo & (PROTECTED_SACL_SECURITY_INFORMATION | UNPROTECTED_SACL_SECURITY_INFORMATION)) ==
1522 (PROTECTED_SACL_SECURITY_INFORMATION | UNPROTECTED_SACL_SECURITY_INFORMATION)))
1523 {
1524 ErrorCode = ERROR_INVALID_PARAMETER;
1525 break;
1526 }
1527
1528 /* call the MARTA provider */
1529 ErrorCode = AccTreeResetNamedSecurityInfo(pObjectName,
1530 ObjectType,
1531 SecurityInfo,
1532 pOwner,
1533 pGroup,
1534 pDacl,
1535 pSacl,
1536 KeepExplicit,
1537 fnProgress,
1538 ProgressInvokeSetting,
1539 Args);
1540 break;
1541 }
1542
1543 default:
1544 /* object type not supported */
1545 ErrorCode = ERROR_INVALID_PARAMETER;
1546 break;
1547 }
1548 }
1549 }
1550 else
1551 ErrorCode = ERROR_INVALID_PARAMETER;
1552
1553 return ErrorCode;
1554}
SE_FILE_OBJECT
@ SE_FILE_OBJECT
Definition: accctrl.h:160
SE_REGISTRY_KEY
@ SE_REGISTRY_KEY
Definition: accctrl.h:163
AccTreeResetNamedSecurityInfo
#define AccTreeResetNamedSecurityInfo
Definition: advapi32.h:177
UNPROTECTED_SACL_SECURITY_INFORMATION
#define UNPROTECTED_SACL_SECURITY_INFORMATION
Definition: setypes.h:132
UNPROTECTED_DACL_SECURITY_INFORMATION
#define UNPROTECTED_DACL_SECURITY_INFORMATION
Definition: setypes.h:131

Referenced by TreeResetNamedSecurityInfoA().

◆ UnloadNtMarta()

VOID UnloadNtMarta ( VOID  )

Definition at line 116 of file misc.c.

117{
118 if (InterlockedExchangePointer((PVOID)&NtMarta,
119 NULL) != NULL)
120 {
121 FreeLibrary(NtMartaStatic.hDllInstance);
122 }
123}
InterlockedExchangePointer
#define InterlockedExchangePointer(Target, Value)
Definition: dshow.h:45

Referenced by DllMain().

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( advapi  )

Variable Documentation

◆ NtMarta

PNTMARTA NtMarta = NULL
static

Definition at line 20 of file misc.c.

Referenced by CheckNtMartaPresent(), and UnloadNtMarta().

◆ NtMartaStatic

NTMARTA NtMartaStatic = { 0 }

Definition at line 19 of file misc.c.

Referenced by CheckNtMartaPresent(), LoadAndInitializeNtMarta(), and UnloadNtMarta().