d1/d72/dll_2win32_2advapi32_2sec_2misc_8c_source.html

/*

 * COPYRIGHT:       See COPYING in the top level directory

 * WINE COPYRIGHT:

 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>

 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)

 * Copyright 2006 Robert Reif

 *

 * PROJECT:         ReactOS system libraries

 * FILE:            dll/win32/advapi32/sec/misc.c

 * PURPOSE:         Miscellaneous security functions (some ported from Wine)

 */


#include <advapi32.h>


WINE_DEFAULT_DEBUG_CHANNEL(advapi);


/* Interface to ntmarta.dll ***************************************************/


NTMARTA NtMartaStatic = { 0 };

static PNTMARTA NtMarta = NULL;


#define FindNtMartaProc(Name)                                                  \

    NtMartaStatic.Name = (PVOID)GetProcAddress(NtMartaStatic.hDllInstance,     \

                                               "Acc" # Name );                 \

    if (NtMartaStatic.Name == NULL)                                            \

    {                                                                          \

        return GetLastError();                                                 \

    }


static DWORD

LoadAndInitializeNtMarta(VOID)

{

    /* this code may be executed simultaneously by multiple threads in case they're

       trying to initialize the interface at the same time, but that's no problem

       because the pointers returned by GetProcAddress will be the same. However,

       only one of the threads will change the NtMarta pointer to the NtMartaStatic

       structure, the others threads will detect that there were other threads

       initializing the structure faster and will release the reference to the

       DLL */


    NtMartaStatic.hDllInstance = LoadLibraryW(L"ntmarta.dll");

    if (NtMartaStatic.hDllInstance == NULL)

    {

        return GetLastError();

    }


#if 0

    FindNtMartaProc(LookupAccountTrustee);

    FindNtMartaProc(LookupAccountName);

    FindNtMartaProc(LookupAccountSid);

    FindNtMartaProc(SetEntriesInAList);

    FindNtMartaProc(ConvertAccessToSecurityDescriptor);

    FindNtMartaProc(ConvertSDToAccess);

    FindNtMartaProc(ConvertAclToAccess);

    FindNtMartaProc(GetAccessForTrustee);

    FindNtMartaProc(GetExplicitEntries);

#endif

    FindNtMartaProc(RewriteGetNamedRights);

    FindNtMartaProc(RewriteSetNamedRights);

    FindNtMartaProc(RewriteGetHandleRights);

    FindNtMartaProc(RewriteSetHandleRights);

    FindNtMartaProc(RewriteSetEntriesInAcl);

    FindNtMartaProc(RewriteGetExplicitEntriesFromAcl);

    FindNtMartaProc(TreeResetNamedSecurityInfo);

    FindNtMartaProc(GetInheritanceSource);

    FindNtMartaProc(FreeIndexArray);


    return ERROR_SUCCESS;

}


DWORD

CheckNtMartaPresent(VOID)

{

    DWORD ErrorCode;


    if (InterlockedCompareExchangePointer((PVOID)&NtMarta,

                                          NULL,

                                          NULL) == NULL)

    {

        /* we're the first one trying to use ntmarta, initialize it and change

           the pointer after initialization */

        ErrorCode = LoadAndInitializeNtMarta();


        if (ErrorCode == ERROR_SUCCESS)

        {

            /* try change the NtMarta pointer */

            if (InterlockedCompareExchangePointer((PVOID)&NtMarta,

                                                  &NtMartaStatic,

                                                  NULL) != NULL)

            {

                /* another thread initialized ntmarta in the meanwhile, release

                   the reference of the dll loaded. */

                FreeLibrary(NtMartaStatic.hDllInstance);

            }

        }

#if DBG

        else

        {

            ERR("Failed to initialize ntmarta.dll! Error: 0x%x\n", ErrorCode);

        }

#endif

    }

    else

    {

        /* ntmarta was already initialized */

        ErrorCode = ERROR_SUCCESS;

    }


    return ErrorCode;

}


VOID

UnloadNtMarta(VOID)

{

    if (InterlockedExchangePointer((PVOID)&NtMarta,

                                   NULL) != NULL)

    {

        FreeLibrary(NtMartaStatic.hDllInstance);

    }

}


/******************************************************************************/


/*

 * @implemented

 */

BOOL

WINAPI

ImpersonateAnonymousToken(IN HANDLE ThreadHandle)

{

    NTSTATUS Status;


    Status = NtImpersonateAnonymousToken(ThreadHandle);

    if (!NT_SUCCESS(Status))

    {

        SetLastError(RtlNtStatusToDosError(Status));

        return FALSE;

    }


    return TRUE;

}


/*

 * @implemented

 */

BOOL

WINAPI

ImpersonateLoggedOnUser(HANDLE hToken)

{

    SECURITY_QUALITY_OF_SERVICE Qos;

    OBJECT_ATTRIBUTES ObjectAttributes;

    HANDLE NewToken;

    TOKEN_TYPE Type;

    ULONG ReturnLength;

    BOOL Duplicated;

    NTSTATUS Status;


    /* Get the token type */

    Status = NtQueryInformationToken(hToken,

                                     TokenType,

                                     &Type,

                                     sizeof(TOKEN_TYPE),

                                     &ReturnLength);

    if (!NT_SUCCESS(Status))

    {

        SetLastError(RtlNtStatusToDosError(Status));

        return FALSE;

    }


    if (Type == TokenPrimary)

    {

        /* Create a duplicate impersonation token */

        Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);

        Qos.ImpersonationLevel = SecurityImpersonation;

        Qos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;

        Qos.EffectiveOnly = FALSE;


        ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);

        ObjectAttributes.RootDirectory = NULL;

        ObjectAttributes.ObjectName = NULL;

        ObjectAttributes.Attributes = 0;

        ObjectAttributes.SecurityDescriptor = NULL;

        ObjectAttributes.SecurityQualityOfService = &Qos;


        Status = NtDuplicateToken(hToken,

                                  TOKEN_IMPERSONATE | TOKEN_QUERY,

                                  &ObjectAttributes,

                                  FALSE,

                                  TokenImpersonation,

                                  &NewToken);

        if (!NT_SUCCESS(Status))

        {

            ERR("NtDuplicateToken failed: Status %08x\n", Status);

            SetLastError(RtlNtStatusToDosError(Status));

            return FALSE;

        }


        Duplicated = TRUE;

    }

    else

    {

        /* User the original impersonation token */

        NewToken = hToken;

        Duplicated = FALSE;

    }


    /* Impersonate the the current thread */

    Status = NtSetInformationThread(NtCurrentThread(),

                                    ThreadImpersonationToken,

                                    &NewToken,

                                    sizeof(HANDLE));


    if (Duplicated != FALSE)

    {

        NtClose(NewToken);

    }


    if (!NT_SUCCESS(Status))

    {

        ERR("NtSetInformationThread failed: Status %08x\n", Status);

        SetLastError(RtlNtStatusToDosError(Status));

        return FALSE;

    }


    return TRUE;

}


/******************************************************************************

 * GetUserNameA [ADVAPI32.@]

 *

 * Get the current user name.

 *

 * PARAMS

 *  lpszName [O]   Destination for the user name.

 *  lpSize   [I/O] Size of lpszName.

 *

 *

 * @implemented

 */

BOOL

WINAPI

GetUserNameA(LPSTR lpszName,

             LPDWORD lpSize)

{

    UNICODE_STRING NameW;

    ANSI_STRING NameA;

    BOOL Ret;


    /* apparently Win doesn't check whether lpSize is valid at all! */


    NameW.MaximumLength = (*lpSize) * sizeof(WCHAR);

    NameW.Buffer = LocalAlloc(LMEM_FIXED, NameW.MaximumLength);

    if(NameW.Buffer == NULL)

    {

        SetLastError(ERROR_NOT_ENOUGH_MEMORY);

        return FALSE;

    }


    NameA.Length = 0;

    NameA.MaximumLength = ((*lpSize) < 0xFFFF ? (USHORT)(*lpSize) : 0xFFFF);

    NameA.Buffer = lpszName;


    Ret = GetUserNameW(NameW.Buffer,

                       lpSize);

    if(Ret)

    {

        NameW.Length = (*lpSize - 1) * sizeof(WCHAR);

        RtlUnicodeStringToAnsiString(&NameA, &NameW, FALSE);


        *lpSize = NameA.Length + 1;

    }


    LocalFree(NameW.Buffer);


    return Ret;

}


/******************************************************************************

 * GetUserNameW [ADVAPI32.@]

 *

 * See GetUserNameA.

 *

 * @implemented

 */

BOOL

WINAPI

GetUserNameW(LPWSTR lpszName,

             LPDWORD lpSize)

{

    HANDLE hToken = INVALID_HANDLE_VALUE;

    DWORD tu_len = 0;

    char* tu_buf = NULL;

    TOKEN_USER* token_user = NULL;

    DWORD an_len = 0;

    SID_NAME_USE snu = SidTypeUser;

    WCHAR* domain_name = NULL;

    DWORD dn_len = 0;


    if (!OpenThreadToken (GetCurrentThread(), TOKEN_QUERY, FALSE, &hToken))

    {

        DWORD dwLastError = GetLastError();

        if (dwLastError != ERROR_NO_TOKEN

            && dwLastError != ERROR_NO_IMPERSONATION_TOKEN)

        {

            /* don't call SetLastError(),

               as OpenThreadToken() ought to have set one */

            return FALSE;

        }


        if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))

        {

            /* don't call SetLastError(),

               as OpenProcessToken() ought to have set one */

            return FALSE;

        }

    }


    tu_buf = LocalAlloc(LMEM_FIXED, 36);

    if (!tu_buf)

    {

        SetLastError(ERROR_NOT_ENOUGH_MEMORY);

        CloseHandle(hToken);

        return FALSE;

    }


    if (!GetTokenInformation(hToken, TokenUser, tu_buf, 36, &tu_len) || tu_len > 36)

    {

        LocalFree(tu_buf);

        tu_buf = LocalAlloc(LMEM_FIXED, tu_len);

        if (!tu_buf)

        {

            SetLastError(ERROR_NOT_ENOUGH_MEMORY);

            CloseHandle(hToken);

            return FALSE;

        }


        if (!GetTokenInformation(hToken, TokenUser, tu_buf, tu_len, &tu_len))

        {

            /* don't call SetLastError(),

               as GetTokenInformation() ought to have set one */

            LocalFree(tu_buf);

            CloseHandle(hToken);

            return FALSE;

        }

    }


    CloseHandle(hToken);

    token_user = (TOKEN_USER*)tu_buf;


    an_len = *lpSize;

    dn_len = 32;

    domain_name = LocalAlloc(LMEM_FIXED, dn_len * sizeof(WCHAR));

    if (!domain_name)

    {

        LocalFree(tu_buf);

        SetLastError(ERROR_NOT_ENOUGH_MEMORY);

        return FALSE;

    }


    if (!LookupAccountSidW(NULL, token_user->User.Sid, lpszName, &an_len, domain_name, &dn_len, &snu)

        || dn_len > 32)

    {

        if (dn_len > 32)

        {

            LocalFree(domain_name);

            domain_name = LocalAlloc(LMEM_FIXED, dn_len * sizeof(WCHAR));

            if (!domain_name)

            {

                LocalFree(tu_buf);

                SetLastError(ERROR_NOT_ENOUGH_MEMORY);

                return FALSE;

            }

        }


        an_len = *lpSize;

        if (!LookupAccountSidW(NULL, token_user->User.Sid, lpszName, &an_len, domain_name, &dn_len, &snu))

        {

            /* don't call SetLastError(),

               as LookupAccountSid() ought to have set one */

            LocalFree(domain_name);

            LocalFree(tu_buf);

            *lpSize = an_len;

            return FALSE;

        }

    }


    LocalFree(domain_name);

    LocalFree(tu_buf);

    *lpSize = an_len + 1;

    return TRUE;

}


/******************************************************************************

 * LookupAccountSidA [ADVAPI32.@]

 *

 * @implemented

 */

BOOL

WINAPI

LookupAccountSidA(LPCSTR lpSystemName,

                  PSID lpSid,

                  LPSTR lpName,

                  LPDWORD cchName,

                  LPSTR lpReferencedDomainName,

                  LPDWORD cchReferencedDomainName,

                  PSID_NAME_USE peUse)

{

    UNICODE_STRING NameW, ReferencedDomainNameW, SystemNameW;

    LPWSTR NameBuffer = NULL;

    LPWSTR ReferencedDomainNameBuffer = NULL;

    DWORD dwName, dwReferencedDomainName;

    BOOL Ret;


    /*

     * save the buffer sizes the caller passed to us, as they may get modified and

     * we require the original values when converting back to ansi

     */

    dwName = *cchName;

    dwReferencedDomainName = *cchReferencedDomainName;


    /* allocate buffers for the unicode strings to receive */

    if (dwName > 0)

    {

        NameBuffer = LocalAlloc(LMEM_FIXED, dwName * sizeof(WCHAR));

        if (NameBuffer == NULL)

        {

            SetLastError(ERROR_OUTOFMEMORY);

            return FALSE;

        }

    }

    else

        NameBuffer = NULL;


    if (dwReferencedDomainName > 0)

    {

        ReferencedDomainNameBuffer = LocalAlloc(LMEM_FIXED, dwReferencedDomainName * sizeof(WCHAR));

        if (ReferencedDomainNameBuffer == NULL)

        {

            if (dwName > 0)

            {

                LocalFree(NameBuffer);

            }


            SetLastError(ERROR_OUTOFMEMORY);

            return FALSE;

        }

    }

    else

        ReferencedDomainNameBuffer = NULL;


    /* convert the system name to unicode - if present */

    if (lpSystemName != NULL)

    {

        ANSI_STRING SystemNameA;


        RtlInitAnsiString(&SystemNameA, lpSystemName);

        RtlAnsiStringToUnicodeString(&SystemNameW, &SystemNameA, TRUE);

    }

    else

        SystemNameW.Buffer = NULL;


    /* it's time to call the unicode version */

    Ret = LookupAccountSidW(SystemNameW.Buffer,

                            lpSid,

                            NameBuffer,

                            cchName,

                            ReferencedDomainNameBuffer,

                            cchReferencedDomainName,

                            peUse);

    if (Ret)

    {

        /*

         * convert unicode strings back to ansi, don't forget that we can't convert

         * more than 0xFFFF (USHORT) characters! Also don't forget to explicitly

         * terminate the converted string, the Rtl functions don't do that!

         */

        if (lpName != NULL)

        {

            ANSI_STRING NameA;


            NameA.Length = 0;

            NameA.MaximumLength = ((dwName <= 0xFFFF) ? (USHORT)dwName : 0xFFFF);

            NameA.Buffer = lpName;


            RtlInitUnicodeString(&NameW, NameBuffer);

            RtlUnicodeStringToAnsiString(&NameA, &NameW, FALSE);

            NameA.Buffer[NameA.Length] = '\0';

        }


        if (lpReferencedDomainName != NULL)

        {

            ANSI_STRING ReferencedDomainNameA;


            ReferencedDomainNameA.Length = 0;

            ReferencedDomainNameA.MaximumLength = ((dwReferencedDomainName <= 0xFFFF) ?

                                                   (USHORT)dwReferencedDomainName : 0xFFFF);

            ReferencedDomainNameA.Buffer = lpReferencedDomainName;


            RtlInitUnicodeString(&ReferencedDomainNameW, ReferencedDomainNameBuffer);

            RtlUnicodeStringToAnsiString(&ReferencedDomainNameA, &ReferencedDomainNameW, FALSE);

            ReferencedDomainNameA.Buffer[ReferencedDomainNameA.Length] = '\0';

        }

    }


    /* free previously allocated buffers */

    if (SystemNameW.Buffer != NULL)

    {

        RtlFreeUnicodeString(&SystemNameW);

    }


    if (NameBuffer != NULL)

    {

        LocalFree(NameBuffer);

    }


    if (ReferencedDomainNameBuffer != NULL)

    {

        LocalFree(ReferencedDomainNameBuffer);

    }


    return Ret;

}


/******************************************************************************

 * LookupAccountSidW [ADVAPI32.@]

 *

 * @implemented

 */

BOOL WINAPI

LookupAccountSidW(LPCWSTR pSystemName,

                  PSID pSid,

                  LPWSTR pAccountName,

                  LPDWORD pdwAccountName,

                  LPWSTR pDomainName,

                  LPDWORD pdwDomainName,

                  PSID_NAME_USE peUse)

{

    LSA_UNICODE_STRING SystemName;

    LSA_OBJECT_ATTRIBUTES ObjectAttributes = {0};

    LSA_HANDLE PolicyHandle = NULL;

    NTSTATUS Status;

    PLSA_REFERENCED_DOMAIN_LIST ReferencedDomain = NULL;

    PLSA_TRANSLATED_NAME TranslatedName = NULL;

    BOOL ret;

    DWORD dwAccountName, dwDomainName;


    RtlInitUnicodeString(&SystemName, pSystemName);

    Status = LsaOpenPolicy(&SystemName, &ObjectAttributes, POLICY_LOOKUP_NAMES, &PolicyHandle);

    if (!NT_SUCCESS(Status))

    {

        SetLastError(LsaNtStatusToWinError(Status));

        return FALSE;

    }


    Status = LsaLookupSids(PolicyHandle, 1, &pSid, &ReferencedDomain, &TranslatedName);


    LsaClose(PolicyHandle);


    if (!NT_SUCCESS(Status) || Status == STATUS_SOME_NOT_MAPPED)

    {

        SetLastError(LsaNtStatusToWinError(Status));

        ret = FALSE;

    }

    else

    {

        ret = TRUE;


        dwAccountName = TranslatedName->Name.Length / sizeof(WCHAR);

        if (ReferencedDomain && ReferencedDomain->Entries > 0)

            dwDomainName = ReferencedDomain->Domains[0].Name.Length / sizeof(WCHAR);

        else

            dwDomainName = 0;


        if (*pdwAccountName <= dwAccountName || *pdwDomainName <= dwDomainName)

        {

            /* One or two buffers are insufficient, add up a char for NULL termination */

            *pdwAccountName = dwAccountName + 1;

            *pdwDomainName = dwDomainName + 1;

            ret = FALSE;

        }

        else

        {

            /* Lengths are sufficient, copy the data */

            if (dwAccountName)

                RtlCopyMemory(pAccountName, TranslatedName->Name.Buffer, dwAccountName * sizeof(WCHAR));

            pAccountName[dwAccountName] = L'\0';


            if (dwDomainName)

                RtlCopyMemory(pDomainName, ReferencedDomain->Domains[0].Name.Buffer, dwDomainName * sizeof(WCHAR));

            pDomainName[dwDomainName] = L'\0';


            *pdwAccountName = dwAccountName;

            *pdwDomainName = dwDomainName;


            if (peUse)

                *peUse = TranslatedName->Use;

        }


        if (!ret)

            SetLastError(ERROR_INSUFFICIENT_BUFFER);

    }


    if (ReferencedDomain)

        LsaFreeMemory(ReferencedDomain);


    if (TranslatedName)

        LsaFreeMemory(TranslatedName);


    return ret;

}


/******************************************************************************

 * LookupAccountNameW [ADVAPI32.@]

 *

 * @implemented

 */

BOOL

WINAPI

LookupAccountNameW(LPCWSTR lpSystemName,

                   LPCWSTR lpAccountName,

                   PSID Sid,

                   LPDWORD cbSid,

                   LPWSTR ReferencedDomainName,

                   LPDWORD cchReferencedDomainName,

                   PSID_NAME_USE peUse)

{

    OBJECT_ATTRIBUTES ObjectAttributes = {0};

    UNICODE_STRING SystemName;

    UNICODE_STRING AccountName;

    LSA_HANDLE PolicyHandle = NULL;

    PLSA_REFERENCED_DOMAIN_LIST ReferencedDomains = NULL;

    PLSA_TRANSLATED_SID TranslatedSid = NULL;

    PSID pDomainSid;

    DWORD dwDomainNameLength;

    DWORD dwSidLength;

    UCHAR nSubAuthorities;

    BOOL bResult;

    NTSTATUS Status;


    TRACE("%s %s %p %p %p %p %p\n", lpSystemName, lpAccountName,

          Sid, cbSid, ReferencedDomainName, cchReferencedDomainName, peUse);


    RtlInitUnicodeString(&SystemName,

                         lpSystemName);


    Status = LsaOpenPolicy(lpSystemName ? &SystemName : NULL,

                           &ObjectAttributes,

                           POLICY_LOOKUP_NAMES,

                           &PolicyHandle);

    if (!NT_SUCCESS(Status))

    {

        SetLastError(LsaNtStatusToWinError(Status));

        return FALSE;

    }


    RtlInitUnicodeString(&AccountName,

                         lpAccountName);


    Status = LsaLookupNames(PolicyHandle,

                            1,

                            &AccountName,

                            &ReferencedDomains,

                            &TranslatedSid);


    LsaClose(PolicyHandle);


    if (!NT_SUCCESS(Status) || Status == STATUS_SOME_NOT_MAPPED)

    {

        SetLastError(LsaNtStatusToWinError(Status));

        bResult = FALSE;

    }

    else

    {

        pDomainSid = ReferencedDomains->Domains[TranslatedSid->DomainIndex].Sid;

        nSubAuthorities = *GetSidSubAuthorityCount(pDomainSid);

        dwSidLength = GetSidLengthRequired(nSubAuthorities + 1);


        dwDomainNameLength = ReferencedDomains->Domains->Name.Length / sizeof(WCHAR);


        if (*cbSid < dwSidLength ||

            *cchReferencedDomainName < dwDomainNameLength + 1)

        {

            *cbSid = dwSidLength;

            *cchReferencedDomainName = dwDomainNameLength + 1;


            bResult = FALSE;

        }

        else

        {

            CopySid(*cbSid, Sid, pDomainSid);

            *GetSidSubAuthorityCount(Sid) = nSubAuthorities + 1;

            *GetSidSubAuthority(Sid, (DWORD)nSubAuthorities) = TranslatedSid->RelativeId;


            RtlCopyMemory(ReferencedDomainName, ReferencedDomains->Domains->Name.Buffer, dwDomainNameLength * sizeof(WCHAR));

            ReferencedDomainName[dwDomainNameLength] = L'\0';


            *cchReferencedDomainName = dwDomainNameLength;


            *peUse = TranslatedSid->Use;


            bResult = TRUE;

        }


        if (bResult == FALSE)

            SetLastError(ERROR_INSUFFICIENT_BUFFER);

    }


    if (ReferencedDomains != NULL)

        LsaFreeMemory(ReferencedDomains);


    if (TranslatedSid != NULL)

        LsaFreeMemory(TranslatedSid);


    return bResult;

}


/**********************************************************************

 * LookupPrivilegeValueA                EXPORTED

 *

 * @implemented

 */

BOOL

WINAPI

LookupPrivilegeValueA(LPCSTR lpSystemName,

                      LPCSTR lpName,

                      PLUID lpLuid)

{

    UNICODE_STRING SystemName;

    UNICODE_STRING Name;

    BOOL Result;


    /* Remote system? */

    if (lpSystemName != NULL)

    {

        RtlCreateUnicodeStringFromAsciiz(&SystemName,

                                         (LPSTR)lpSystemName);

    }

    else

        SystemName.Buffer = NULL;


    /* Check the privilege name is not NULL */

    if (lpName == NULL)

    {

        SetLastError(ERROR_NO_SUCH_PRIVILEGE);

        return FALSE;

    }


    RtlCreateUnicodeStringFromAsciiz(&Name,

                                     (LPSTR)lpName);


    Result = LookupPrivilegeValueW(SystemName.Buffer,

                                   Name.Buffer,

                                   lpLuid);


    RtlFreeUnicodeString(&Name);


    /* Remote system? */

    if (SystemName.Buffer != NULL)

    {

        RtlFreeUnicodeString(&SystemName);

    }


    return Result;

}


/**********************************************************************

 * LookupPrivilegeValueW

 *

 * @implemented

 */

BOOL

WINAPI

LookupPrivilegeValueW(LPCWSTR lpSystemName,

                      LPCWSTR lpPrivilegeName,

                      PLUID lpLuid)

{

    OBJECT_ATTRIBUTES ObjectAttributes = {0};

    UNICODE_STRING SystemName;

    UNICODE_STRING PrivilegeName;

    LSA_HANDLE PolicyHandle = NULL;

    NTSTATUS Status;


    TRACE("%S,%S,%p\n", lpSystemName, lpPrivilegeName, lpLuid);


    RtlInitUnicodeString(&SystemName,

                         lpSystemName);


    Status = LsaOpenPolicy(lpSystemName ? &SystemName : NULL,

                           &ObjectAttributes,

                           POLICY_LOOKUP_NAMES,

                           &PolicyHandle);

    if (!NT_SUCCESS(Status))

    {

        SetLastError(LsaNtStatusToWinError(Status));

        return FALSE;

    }


    RtlInitUnicodeString(&PrivilegeName,

                         lpPrivilegeName);


    Status = LsaLookupPrivilegeValue(PolicyHandle,

                                     &PrivilegeName,

                                     lpLuid);


    LsaClose(PolicyHandle);


    if (!NT_SUCCESS(Status))

    {

        SetLastError(LsaNtStatusToWinError(Status));

        return FALSE;

    }


    return TRUE;

}


/**********************************************************************

 * LookupPrivilegeNameW             EXPORTED

 *

 * @implemented

 */

BOOL

WINAPI

LookupPrivilegeNameW(LPCWSTR lpSystemName,

                     PLUID lpLuid,

                     LPWSTR lpName,

                     LPDWORD cchName)

{

    OBJECT_ATTRIBUTES ObjectAttributes = {0};

    UNICODE_STRING SystemName;

    PUNICODE_STRING PrivilegeName = NULL;

    LSA_HANDLE PolicyHandle = NULL;

    NTSTATUS Status;


    TRACE("%S,%p,%p,%p\n", lpSystemName, lpLuid, lpName, cchName);


    RtlInitUnicodeString(&SystemName,

                         lpSystemName);


    Status = LsaOpenPolicy(lpSystemName ? &SystemName : NULL,

                           &ObjectAttributes,

                           POLICY_LOOKUP_NAMES,

                           &PolicyHandle);

    if (!NT_SUCCESS(Status))

    {

        SetLastError(LsaNtStatusToWinError(Status));

        return FALSE;

    }


    Status = LsaLookupPrivilegeName(PolicyHandle,

                                    lpLuid,

                                    &PrivilegeName);

    if (NT_SUCCESS(Status))

    {

        if (PrivilegeName->Length + sizeof(WCHAR) > *cchName * sizeof(WCHAR))

        {

            Status = STATUS_BUFFER_TOO_SMALL;


            *cchName = (PrivilegeName->Length + sizeof(WCHAR)) / sizeof(WCHAR);

        }

        else

        {

            RtlMoveMemory(lpName,

                          PrivilegeName->Buffer,

                          PrivilegeName->Length);

            lpName[PrivilegeName->Length / sizeof(WCHAR)] = 0;


            *cchName = PrivilegeName->Length / sizeof(WCHAR);

        }


        LsaFreeMemory(PrivilegeName->Buffer);

        LsaFreeMemory(PrivilegeName);

    }


    LsaClose(PolicyHandle);


    if (!NT_SUCCESS(Status))

    {

        SetLastError(LsaNtStatusToWinError(Status));

        return FALSE;

    }


    return TRUE;

}


/**********************************************************************

 * LookupPrivilegeDisplayNameW          EXPORTED

 *

 * @unimplemented

 */

BOOL

WINAPI

LookupPrivilegeDisplayNameW(LPCWSTR lpSystemName,

                            LPCWSTR lpName,

                            LPWSTR lpDisplayName,

                            LPDWORD cchDisplayName,

                            LPDWORD lpLanguageId)

{

    OBJECT_ATTRIBUTES ObjectAttributes = {0};

    UNICODE_STRING SystemName, Name;

    PUNICODE_STRING DisplayName;

    LSA_HANDLE PolicyHandle = NULL;

    USHORT LanguageId;

    NTSTATUS Status;


    TRACE("%S,%S,%p,%p,%p\n", lpSystemName, lpName, lpDisplayName, cchDisplayName, lpLanguageId);


    RtlInitUnicodeString(&SystemName, lpSystemName);

    RtlInitUnicodeString(&Name, lpName);


    Status = LsaOpenPolicy(lpSystemName ? &SystemName : NULL,

                           &ObjectAttributes,

                           POLICY_LOOKUP_NAMES,

                           &PolicyHandle);

    if (!NT_SUCCESS(Status))

    {

        SetLastError(LsaNtStatusToWinError(Status));

        return FALSE;

    }


    Status = LsaLookupPrivilegeDisplayName(PolicyHandle, &Name, &DisplayName, &LanguageId);

    if (NT_SUCCESS(Status))

    {

        *lpLanguageId = LanguageId;

        if (DisplayName->Length + sizeof(WCHAR) > *cchDisplayName * sizeof(WCHAR))

        {

            Status = STATUS_BUFFER_TOO_SMALL;


            *cchDisplayName = (DisplayName->Length + sizeof(WCHAR)) / sizeof(WCHAR);

        }

        else

        {

            RtlMoveMemory(lpDisplayName,

                          DisplayName->Buffer,

                          DisplayName->Length);

            lpDisplayName[DisplayName->Length / sizeof(WCHAR)] = 0;


            *cchDisplayName = DisplayName->Length / sizeof(WCHAR);

        }


        LsaFreeMemory(DisplayName->Buffer);

        LsaFreeMemory(DisplayName);

    }


    LsaClose(PolicyHandle);


    if (!NT_SUCCESS(Status))

    {

        SetLastError(LsaNtStatusToWinError(Status));

        return FALSE;

    }


    return TRUE;

}


static DWORD

pGetSecurityInfoCheck(SECURITY_INFORMATION SecurityInfo,

                      PSID *ppsidOwner,

                      PSID *ppsidGroup,

                      PACL *ppDacl,

                      PACL *ppSacl,

                      PSECURITY_DESCRIPTOR* ppSecurityDescriptor)

{

    if ((SecurityInfo & (OWNER_SECURITY_INFORMATION |

                         GROUP_SECURITY_INFORMATION |

                         DACL_SECURITY_INFORMATION |

                         SACL_SECURITY_INFORMATION)) &&

        ppSecurityDescriptor == NULL)

    {

        /* if one of the SIDs or ACLs are present, the security descriptor

           most not be NULL */

        return ERROR_INVALID_PARAMETER;

    }

    else

    {

        /* reset the pointers unless they're ignored */

        if ((SecurityInfo & OWNER_SECURITY_INFORMATION) &&

            ppsidOwner != NULL)

        {

            *ppsidOwner = NULL;

        }

        if ((SecurityInfo & GROUP_SECURITY_INFORMATION) &&

            ppsidGroup != NULL)

        {

            *ppsidGroup = NULL;

        }

        if ((SecurityInfo & DACL_SECURITY_INFORMATION) &&

            ppDacl != NULL)

        {

            *ppDacl = NULL;

        }

        if ((SecurityInfo & SACL_SECURITY_INFORMATION) &&

            ppSacl != NULL)

        {

            *ppSacl = NULL;

        }


        if (SecurityInfo & (OWNER_SECURITY_INFORMATION |

                            GROUP_SECURITY_INFORMATION |

                            DACL_SECURITY_INFORMATION |

                            SACL_SECURITY_INFORMATION))

        {

            *ppSecurityDescriptor = NULL;

        }


        return ERROR_SUCCESS;

    }

}


static DWORD

pSetSecurityInfoCheck(PSECURITY_DESCRIPTOR pSecurityDescriptor,

                      SECURITY_INFORMATION SecurityInfo,

                      PSID psidOwner,

                      PSID psidGroup,

                      PACL pDacl,

                      PACL pSacl)

{

    /* initialize a security descriptor on the stack */

    if (!InitializeSecurityDescriptor(pSecurityDescriptor,

                                      SECURITY_DESCRIPTOR_REVISION))

    {

        return GetLastError();

    }


    if (SecurityInfo & OWNER_SECURITY_INFORMATION)

    {

        if (RtlValidSid(psidOwner))

        {

            if (!SetSecurityDescriptorOwner(pSecurityDescriptor,

                                            psidOwner,

                                            FALSE))

            {

                return GetLastError();

            }

        }

        else

        {

            return ERROR_INVALID_PARAMETER;

        }

    }


    if (SecurityInfo & GROUP_SECURITY_INFORMATION)

    {

        if (RtlValidSid(psidGroup))

        {

            if (!SetSecurityDescriptorGroup(pSecurityDescriptor,

                                            psidGroup,

                                            FALSE))

            {

                return GetLastError();

            }

        }

        else

        {

            return ERROR_INVALID_PARAMETER;

        }

    }


    if (SecurityInfo & DACL_SECURITY_INFORMATION)

    {

        if (pDacl != NULL)

        {

            if (SetSecurityDescriptorDacl(pSecurityDescriptor,

                                          TRUE,

                                          pDacl,

                                          FALSE))

            {

                /* check if the DACL needs to be protected from being

                   modified by inheritable ACEs */

                if (SecurityInfo & PROTECTED_DACL_SECURITY_INFORMATION)

                {

                    goto ProtectDacl;

                }

            }

            else

            {

                return GetLastError();

            }

        }

        else

        {

ProtectDacl:

            /* protect the DACL from being modified by inheritable ACEs */

            if (!SetSecurityDescriptorControl(pSecurityDescriptor,

                                              SE_DACL_PROTECTED,

                                              SE_DACL_PROTECTED))

            {

                return GetLastError();

            }

        }

    }


    if (SecurityInfo & SACL_SECURITY_INFORMATION)

    {

        if (pSacl != NULL)

        {

            if (SetSecurityDescriptorSacl(pSecurityDescriptor,

                                          TRUE,

                                          pSacl,

                                          FALSE))

            {

                /* check if the SACL needs to be protected from being

                   modified by inheritable ACEs */

                if (SecurityInfo & PROTECTED_SACL_SECURITY_INFORMATION)

                {

                    goto ProtectSacl;

                }

            }

            else

            {

                return GetLastError();

            }

        }

        else

        {

ProtectSacl:

            /* protect the SACL from being modified by inheritable ACEs */

            if (!SetSecurityDescriptorControl(pSecurityDescriptor,

                                              SE_SACL_PROTECTED,

                                              SE_SACL_PROTECTED))

            {

                return GetLastError();

            }

        }

    }


    return ERROR_SUCCESS;

}


/**********************************************************************

 * GetNamedSecurityInfoW            EXPORTED

 *

 * @implemented

 */

DWORD

WINAPI

GetNamedSecurityInfoW(LPWSTR pObjectName,

                      SE_OBJECT_TYPE ObjectType,

                      SECURITY_INFORMATION SecurityInfo,

                      PSID *ppsidOwner,

                      PSID *ppsidGroup,

                      PACL *ppDacl,

                      PACL *ppSacl,

                      PSECURITY_DESCRIPTOR *ppSecurityDescriptor)

{

    DWORD ErrorCode;


    if (pObjectName != NULL)

    {

        ErrorCode = CheckNtMartaPresent();

        if (ErrorCode == ERROR_SUCCESS)

        {

            ErrorCode = pGetSecurityInfoCheck(SecurityInfo,

                                              ppsidOwner,

                                              ppsidGroup,

                                              ppDacl,

                                              ppSacl,

                                              ppSecurityDescriptor);


            if (ErrorCode == ERROR_SUCCESS)

            {

                /* call the MARTA provider */

                ErrorCode = AccRewriteGetNamedRights(pObjectName,

                                                     ObjectType,

                                                     SecurityInfo,

                                                     ppsidOwner,

                                                     ppsidGroup,

                                                     ppDacl,

                                                     ppSacl,

                                                     ppSecurityDescriptor);

            }

        }

    }

    else

        ErrorCode = ERROR_INVALID_PARAMETER;


    return ErrorCode;

}


/**********************************************************************

 * SetNamedSecurityInfoW            EXPORTED

 *

 * @implemented

 */

DWORD

WINAPI

SetNamedSecurityInfoW(LPWSTR pObjectName,

                      SE_OBJECT_TYPE ObjectType,

                      SECURITY_INFORMATION SecurityInfo,

                      PSID psidOwner,

                      PSID psidGroup,

                      PACL pDacl,

                      PACL pSacl)

{

    DWORD ErrorCode;


    if (pObjectName != NULL)

    {

        ErrorCode = CheckNtMartaPresent();

        if (ErrorCode == ERROR_SUCCESS)

        {

            SECURITY_DESCRIPTOR SecurityDescriptor;


            ErrorCode = pSetSecurityInfoCheck(&SecurityDescriptor,

                                              SecurityInfo,

                                              psidOwner,

                                              psidGroup,

                                              pDacl,

                                              pSacl);


            if (ErrorCode == ERROR_SUCCESS)

            {

                /* call the MARTA provider */

                ErrorCode = AccRewriteSetNamedRights(pObjectName,

                                                     ObjectType,

                                                     SecurityInfo,

                                                     &SecurityDescriptor);

            }

        }

    }

    else

        ErrorCode = ERROR_INVALID_PARAMETER;


    return ErrorCode;

}


/**********************************************************************

 * GetSecurityInfo              EXPORTED

 *

 * @implemented

 */

DWORD

WINAPI

GetSecurityInfo(HANDLE handle,

                SE_OBJECT_TYPE ObjectType,

                SECURITY_INFORMATION SecurityInfo,

                PSID *ppsidOwner,

                PSID *ppsidGroup,

                PACL *ppDacl,

                PACL *ppSacl,

                PSECURITY_DESCRIPTOR *ppSecurityDescriptor)

{

    DWORD ErrorCode;


    if (handle != NULL)

    {

        ErrorCode = CheckNtMartaPresent();

        if (ErrorCode == ERROR_SUCCESS)

        {

            ErrorCode = pGetSecurityInfoCheck(SecurityInfo,

                                              ppsidOwner,

                                              ppsidGroup,

                                              ppDacl,

                                              ppSacl,

                                              ppSecurityDescriptor);


            if (ErrorCode == ERROR_SUCCESS)

            {

                /* call the MARTA provider */

                ErrorCode = AccRewriteGetHandleRights(handle,

                                                      ObjectType,

                                                      SecurityInfo,

                                                      ppsidOwner,

                                                      ppsidGroup,

                                                      ppDacl,

                                                      ppSacl,

                                                      ppSecurityDescriptor);

            }

        }

    }

    else

        ErrorCode = ERROR_INVALID_HANDLE;


    return ErrorCode;

}


/**********************************************************************

 * SetSecurityInfo              EXPORTED

 *

 * @implemented

 */

DWORD

WINAPI

SetSecurityInfo(HANDLE handle,

                SE_OBJECT_TYPE ObjectType,

                SECURITY_INFORMATION SecurityInfo,

                PSID psidOwner,

                PSID psidGroup,

                PACL pDacl,

                PACL pSacl)

{

    DWORD ErrorCode;


    if (handle != NULL)

    {

        ErrorCode = CheckNtMartaPresent();

        if (ErrorCode == ERROR_SUCCESS)

        {

            SECURITY_DESCRIPTOR SecurityDescriptor;


            ErrorCode = pSetSecurityInfoCheck(&SecurityDescriptor,

                                              SecurityInfo,

                                              psidOwner,

                                              psidGroup,

                                              pDacl,

                                              pSacl);


            if (ErrorCode == ERROR_SUCCESS)

            {

                /* call the MARTA provider */

                ErrorCode = AccRewriteSetHandleRights(handle,

                                                      ObjectType,

                                                      SecurityInfo,

                                                      &SecurityDescriptor);

            }

        }

    }

    else

        ErrorCode = ERROR_INVALID_HANDLE;


    return ErrorCode;

}


/*

 * @implemented

 */

BOOL

WINAPI

CreatePrivateObjectSecurity(PSECURITY_DESCRIPTOR ParentDescriptor,

                            PSECURITY_DESCRIPTOR CreatorDescriptor,

                            PSECURITY_DESCRIPTOR *NewDescriptor,

                            BOOL IsDirectoryObject,

                            HANDLE Token,

                            PGENERIC_MAPPING GenericMapping)

{

    NTSTATUS Status;


    Status = RtlNewSecurityObject(ParentDescriptor,

                                  CreatorDescriptor,

                                  NewDescriptor,

                                  IsDirectoryObject,

                                  Token,

                                  GenericMapping);

    if (!NT_SUCCESS(Status))

    {

        SetLastError(RtlNtStatusToDosError(Status));

        return FALSE;

    }


    return TRUE;

}


/*

 * @unimplemented

 */

BOOL

WINAPI

CreatePrivateObjectSecurityEx(PSECURITY_DESCRIPTOR ParentDescriptor,

                              PSECURITY_DESCRIPTOR CreatorDescriptor,

                              PSECURITY_DESCRIPTOR* NewDescriptor,

                              GUID* ObjectType,

                              BOOL IsContainerObject,

                              ULONG AutoInheritFlags,

                              HANDLE Token,

                              PGENERIC_MAPPING GenericMapping)

{

    FIXME("%s() not implemented!\n", __FUNCTION__);

    return FALSE;

}


/*

 * @unimplemented

 */

BOOL

WINAPI

CreatePrivateObjectSecurityWithMultipleInheritance(PSECURITY_DESCRIPTOR ParentDescriptor,

                                                   PSECURITY_DESCRIPTOR CreatorDescriptor,

                                                   PSECURITY_DESCRIPTOR* NewDescriptor,

                                                   GUID** ObjectTypes,

                                                   ULONG GuidCount,

                                                   BOOL IsContainerObject,

                                                   ULONG AutoInheritFlags,

                                                   HANDLE Token,

                                                   PGENERIC_MAPPING GenericMapping)

{

    FIXME("%s() semi-stub\n", __FUNCTION__);

    return CreatePrivateObjectSecurity(ParentDescriptor, CreatorDescriptor, NewDescriptor, IsContainerObject, Token, GenericMapping);

}


/*

 * @implemented

 */

BOOL

WINAPI

DestroyPrivateObjectSecurity(PSECURITY_DESCRIPTOR *ObjectDescriptor)

{

    NTSTATUS Status;


    Status = RtlDeleteSecurityObject(ObjectDescriptor);

    if (!NT_SUCCESS(Status))

    {

        SetLastError(RtlNtStatusToDosError(Status));

        return FALSE;

    }


    return TRUE;

}


/*

 * @implemented

 */

BOOL

WINAPI

GetPrivateObjectSecurity(IN PSECURITY_DESCRIPTOR ObjectDescriptor,

                         IN SECURITY_INFORMATION SecurityInformation,

                         OUT PSECURITY_DESCRIPTOR ResultantDescriptor OPTIONAL,

                         IN DWORD DescriptorLength,

                         OUT PDWORD ReturnLength)

{

    NTSTATUS Status;


    /* Call RTL */

    Status = RtlQuerySecurityObject(ObjectDescriptor,

                                    SecurityInformation,

                                    ResultantDescriptor,

                                    DescriptorLength,

                                    ReturnLength);

    if (!NT_SUCCESS(Status))

    {

        /* Fail */

        SetLastError(RtlNtStatusToDosError(Status));

        return FALSE;

    }


    /* Success */

    return TRUE;

}


/*

 * @implemented

 */

BOOL

WINAPI

SetPrivateObjectSecurity(SECURITY_INFORMATION SecurityInformation,

                         PSECURITY_DESCRIPTOR ModificationDescriptor,

                         PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,

                         PGENERIC_MAPPING GenericMapping,

                         HANDLE Token)

{

    NTSTATUS Status;


    Status = RtlSetSecurityObject(SecurityInformation,

                                  ModificationDescriptor,

                                  ObjectsSecurityDescriptor,

                                  GenericMapping,

                                  Token);

    if (!NT_SUCCESS(Status))

    {

        SetLastError(RtlNtStatusToDosError(Status));

        return FALSE;

    }


    return TRUE;

}


/*

 * @implemented

 */

DWORD

WINAPI

TreeResetNamedSecurityInfoW(LPWSTR pObjectName,

                            SE_OBJECT_TYPE ObjectType,

                            SECURITY_INFORMATION SecurityInfo,

                            PSID pOwner,

                            PSID pGroup,

                            PACL pDacl,

                            PACL pSacl,

                            BOOL KeepExplicit,

                            FN_PROGRESSW fnProgress,

                            PROG_INVOKE_SETTING ProgressInvokeSetting,

                            PVOID Args)

{

    DWORD ErrorCode;


    if (pObjectName != NULL)

    {

        ErrorCode = CheckNtMartaPresent();

        if (ErrorCode == ERROR_SUCCESS)

        {

            switch (ObjectType)

            {

                case SE_FILE_OBJECT:

                case SE_REGISTRY_KEY:

                {

                    /* check the SecurityInfo flags for sanity (both, the protected

                       and unprotected dacl/sacl flag must not be passed together) */

                    if (((SecurityInfo & DACL_SECURITY_INFORMATION) &&

                         (SecurityInfo & (PROTECTED_DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION)) ==

                             (PROTECTED_DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION))


                        ||


                        ((SecurityInfo & SACL_SECURITY_INFORMATION) &&

                         (SecurityInfo & (PROTECTED_SACL_SECURITY_INFORMATION | UNPROTECTED_SACL_SECURITY_INFORMATION)) ==

                             (PROTECTED_SACL_SECURITY_INFORMATION | UNPROTECTED_SACL_SECURITY_INFORMATION)))

                    {

                        ErrorCode = ERROR_INVALID_PARAMETER;

                        break;

                    }


                    /* call the MARTA provider */

                    ErrorCode = AccTreeResetNamedSecurityInfo(pObjectName,

                                                              ObjectType,

                                                              SecurityInfo,

                                                              pOwner,

                                                              pGroup,

                                                              pDacl,

                                                              pSacl,

                                                              KeepExplicit,

                                                              fnProgress,

                                                              ProgressInvokeSetting,

                                                              Args);

                    break;

                }


                default:

                    /* object type not supported */

                    ErrorCode = ERROR_INVALID_PARAMETER;

                    break;

            }

        }

    }

    else

        ErrorCode = ERROR_INVALID_PARAMETER;


    return ErrorCode;

}


#ifdef HAS_FN_PROGRESSW


typedef struct _INTERNAL_FNPROGRESSW_DATA

{

    FN_PROGRESSA fnProgress;

    PVOID Args;

} INTERNAL_FNPROGRESSW_DATA, *PINTERNAL_FNPROGRESSW_DATA;


static VOID WINAPI

InternalfnProgressW(LPWSTR pObjectName,

                    DWORD Status,

                    PPROG_INVOKE_SETTING pInvokeSetting,

                    PVOID Args,

                    BOOL SecuritySet)

{

    PINTERNAL_FNPROGRESSW_DATA pifnProgressData = (PINTERNAL_FNPROGRESSW_DATA)Args;

    INT ObjectNameSize;

    LPSTR pObjectNameA;


    ObjectNameSize = WideCharToMultiByte(CP_ACP,

                                         0,

                                         pObjectName,

                                         -1,

                                         NULL,

                                         0,

                                         NULL,

                                         NULL);


    if (ObjectNameSize > 0)

    {

        pObjectNameA = RtlAllocateHeap(RtlGetProcessHeap(),

                                       0,

                                       ObjectNameSize);

        if (pObjectNameA != NULL)

        {

            pObjectNameA[0] = '\0';

            WideCharToMultiByte(CP_ACP,

                                0,

                                pObjectName,

                                -1,

                                pObjectNameA,

                                ObjectNameSize,

                                NULL,

                                NULL);


            pifnProgressData->fnProgress((LPWSTR)pObjectNameA, /* FIXME: wrong cast!! */

                                         Status,

                                         pInvokeSetting,

                                         pifnProgressData->Args,

                                         SecuritySet);


            RtlFreeHeap(RtlGetProcessHeap(),

                        0,

                        pObjectNameA);

        }

    }

}

#endif


/*

 * @implemented

 */

DWORD

WINAPI

TreeResetNamedSecurityInfoA(LPSTR pObjectName,

                            SE_OBJECT_TYPE ObjectType,

                            SECURITY_INFORMATION SecurityInfo,

                            PSID pOwner,

                            PSID pGroup,

                            PACL pDacl,

                            PACL pSacl,

                            BOOL KeepExplicit,

                            FN_PROGRESSA fnProgress,

                            PROG_INVOKE_SETTING ProgressInvokeSetting,

                            PVOID Args)

{

#ifndef HAS_FN_PROGRESSW

    /* That's all this function does, at least up to w2k3... Even MS was too

       lazy to implement it... */

    return ERROR_CALL_NOT_IMPLEMENTED;

#else

    INTERNAL_FNPROGRESSW_DATA ifnProgressData;

    UNICODE_STRING ObjectName;

    DWORD Ret;


    if (!RtlCreateUnicodeStringFromAsciiz(&ObjectName, pObjectName))

    {

        return ERROR_NOT_ENOUGH_MEMORY;

    }


    ifnProgressData.fnProgress = fnProgress;

    ifnProgressData.Args = Args;


    Ret = TreeResetNamedSecurityInfoW(ObjectName.Buffer,

                                      ObjectType,

                                      SecurityInfo,

                                      pOwner,

                                      pGroup,

                                      pDacl,

                                      pSacl,

                                      KeepExplicit,

                                      (fnProgress != NULL ? InternalfnProgressW : NULL),

                                      ProgressInvokeSetting,

                                      &ifnProgressData);


    RtlFreeUnicodeString(&ObjectName);


    return Ret;

#endif

}


/* EOF */

GenericMapping
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11

Type
Type
Definition: Type.h:7

PPROG_INVOKE_SETTING
enum _PROG_INVOKE_SETTING * PPROG_INVOKE_SETTING

SE_FILE_OBJECT
@ SE_FILE_OBJECT
Definition: accctrl.h:160

SE_REGISTRY_KEY
@ SE_REGISTRY_KEY
Definition: accctrl.h:163

PROG_INVOKE_SETTING
enum _PROG_INVOKE_SETTING PROG_INVOKE_SETTING

SE_OBJECT_TYPE
enum _SE_OBJECT_TYPE SE_OBJECT_TYPE
Definition: security.c:104

Args
char ** Args
Definition: acdebug.h:353

GetInheritanceSource
#define GetInheritanceSource
Definition: aclapi.h:234

advapi32.h

FN_PROGRESSA
#define FN_PROGRESSA
Definition: advapi32.h:52

AccTreeResetNamedSecurityInfo
#define AccTreeResetNamedSecurityInfo
Definition: advapi32.h:177

FN_PROGRESSW
#define FN_PROGRESSW
Definition: advapi32.h:49

AccRewriteGetHandleRights
#define AccRewriteGetHandleRights
Definition: advapi32.h:173

AccRewriteSetHandleRights
#define AccRewriteSetHandleRights
Definition: advapi32.h:174

AccRewriteSetNamedRights
#define AccRewriteSetNamedRights
Definition: advapi32.h:172

AccRewriteGetNamedRights
#define AccRewriteGetNamedRights
Definition: advapi32.h:171

Name
struct NameRec_ * Name
Definition: cdprocs.h:460

TOKEN_TYPE
TOKEN_TYPE
Definition: asmpp.cpp:29

WINE_DEFAULT_DEBUG_CHANNEL
#define WINE_DEFAULT_DEBUG_CHANNEL(t)
Definition: precomp.h:23

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

FIXME
#define FIXME(fmt,...)
Definition: debug.h:111

ERR
#define ERR(fmt,...)
Definition: debug.h:110

RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588

RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606

Token
Definition: tokenizer.hpp:28

ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36

ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7

ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10

ERROR_OUTOFMEMORY
#define ERROR_OUTOFMEMORY
Definition: deptool.c:13

ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10

NULL
#define NULL
Definition: types.h:112

TRUE
#define TRUE
Definition: types.h:120

FALSE
#define FALSE
Definition: types.h:117

NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32

LsaLookupPrivilegeDisplayName
NTSTATUS WINAPI LsaLookupPrivilegeDisplayName(IN LSA_HANDLE PolicyHandle, IN PLSA_UNICODE_STRING Name, OUT PLSA_UNICODE_STRING *DisplayName, OUT PUSHORT LanguageReturned)
Definition: lsa.c:960

LsaOpenPolicy
NTSTATUS WINAPI LsaOpenPolicy(IN PLSA_UNICODE_STRING SystemName OPTIONAL, IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes, IN ACCESS_MASK DesiredAccess, OUT PLSA_HANDLE PolicyHandle)
Definition: lsa.c:1183

LsaLookupPrivilegeName
NTSTATUS WINAPI LsaLookupPrivilegeName(IN LSA_HANDLE PolicyHandle, IN PLUID Value, OUT PUNICODE_STRING *Name)
Definition: lsa.c:1000

LsaLookupSids
NTSTATUS WINAPI LsaLookupSids(IN LSA_HANDLE PolicyHandle, IN ULONG Count, IN PSID *Sids, OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, OUT PLSA_TRANSLATED_NAME *Names)
Definition: lsa.c:1069

LsaNtStatusToWinError
ULONG WINAPI LsaNtStatusToWinError(IN NTSTATUS Status)
Definition: lsa.c:1131

LsaLookupPrivilegeValue
NTSTATUS WINAPI LsaLookupPrivilegeValue(IN LSA_HANDLE PolicyHandle, IN PLSA_UNICODE_STRING Name, OUT PLUID Value)
Definition: lsa.c:1036

LsaFreeMemory
NTSTATUS WINAPI LsaFreeMemory(IN PVOID Buffer)
Definition: lsa.c:701

LsaLookupNames
NTSTATUS WINAPI LsaLookupNames(IN LSA_HANDLE PolicyHandle, IN ULONG Count, IN PLSA_UNICODE_STRING Names, OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains, OUT PLSA_TRANSLATED_SID *Sids)
Definition: lsa.c:855

LsaClose
NTSTATUS WINAPI LsaClose(IN LSA_HANDLE ObjectHandle)
Definition: lsa.c:194

CreatePrivateObjectSecurityEx
BOOL WINAPI CreatePrivateObjectSecurityEx(PSECURITY_DESCRIPTOR ParentDescriptor, PSECURITY_DESCRIPTOR CreatorDescriptor, PSECURITY_DESCRIPTOR *NewDescriptor, GUID *ObjectType, BOOL IsContainerObject, ULONG AutoInheritFlags, HANDLE Token, PGENERIC_MAPPING GenericMapping)
Definition: misc.c:1370

UnloadNtMarta
VOID UnloadNtMarta(VOID)
Definition: misc.c:116

DestroyPrivateObjectSecurity
BOOL WINAPI DestroyPrivateObjectSecurity(PSECURITY_DESCRIPTOR *ObjectDescriptor)
Definition: misc.c:1409

LookupPrivilegeValueW
BOOL WINAPI LookupPrivilegeValueW(LPCWSTR lpSystemName, LPCWSTR lpPrivilegeName, PLUID lpLuid)
Definition: misc.c:782

LookupAccountNameW
BOOL WINAPI LookupAccountNameW(LPCWSTR lpSystemName, LPCWSTR lpAccountName, PSID Sid, LPDWORD cbSid, LPWSTR ReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse)
Definition: misc.c:626

CreatePrivateObjectSecurityWithMultipleInheritance
BOOL WINAPI CreatePrivateObjectSecurityWithMultipleInheritance(PSECURITY_DESCRIPTOR ParentDescriptor, PSECURITY_DESCRIPTOR CreatorDescriptor, PSECURITY_DESCRIPTOR *NewDescriptor, GUID **ObjectTypes, ULONG GuidCount, BOOL IsContainerObject, ULONG AutoInheritFlags, HANDLE Token, PGENERIC_MAPPING GenericMapping)
Definition: misc.c:1389

LookupPrivilegeValueA
BOOL WINAPI LookupPrivilegeValueA(LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid)
Definition: misc.c:732

CheckNtMartaPresent
DWORD CheckNtMartaPresent(VOID)
Definition: misc.c:74

FindNtMartaProc
#define FindNtMartaProc(Name)
Definition: misc.c:22

SetPrivateObjectSecurity
BOOL WINAPI SetPrivateObjectSecurity(SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR ModificationDescriptor, PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, PGENERIC_MAPPING GenericMapping, HANDLE Token)
Definition: misc.c:1460

NtMartaStatic
NTMARTA NtMartaStatic
Definition: misc.c:19

GetNamedSecurityInfoW
DWORD WINAPI GetNamedSecurityInfoW(LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
Definition: misc.c:1147

LookupPrivilegeDisplayNameW
BOOL WINAPI LookupPrivilegeDisplayNameW(LPCWSTR lpSystemName, LPCWSTR lpName, LPWSTR lpDisplayName, LPDWORD cchDisplayName, LPDWORD lpLanguageId)
Definition: misc.c:901

LookupAccountSidA
BOOL WINAPI LookupAccountSidA(LPCSTR lpSystemName, PSID lpSid, LPSTR lpName, LPDWORD cchName, LPSTR lpReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse)
Definition: misc.c:405

CreatePrivateObjectSecurity
BOOL WINAPI CreatePrivateObjectSecurity(PSECURITY_DESCRIPTOR ParentDescriptor, PSECURITY_DESCRIPTOR CreatorDescriptor, PSECURITY_DESCRIPTOR *NewDescriptor, BOOL IsDirectoryObject, HANDLE Token, PGENERIC_MAPPING GenericMapping)
Definition: misc.c:1340

SetSecurityInfo
DWORD WINAPI SetSecurityInfo(HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
Definition: misc.c:1295

LookupPrivilegeNameW
BOOL WINAPI LookupPrivilegeNameW(LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName, LPDWORD cchName)
Definition: misc.c:832

TreeResetNamedSecurityInfoW
DWORD WINAPI TreeResetNamedSecurityInfoW(LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID pOwner, PSID pGroup, PACL pDacl, PACL pSacl, BOOL KeepExplicit, FN_PROGRESSW fnProgress, PROG_INVOKE_SETTING ProgressInvokeSetting, PVOID Args)
Definition: misc.c:1488

SetNamedSecurityInfoW
DWORD WINAPI SetNamedSecurityInfoW(LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
Definition: misc.c:1197

LoadAndInitializeNtMarta
static DWORD LoadAndInitializeNtMarta(VOID)
Definition: misc.c:32

GetUserNameW
BOOL WINAPI GetUserNameW(LPWSTR lpszName, LPDWORD lpSize)
Definition: misc.c:291

GetPrivateObjectSecurity
BOOL WINAPI GetPrivateObjectSecurity(IN PSECURITY_DESCRIPTOR ObjectDescriptor, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR ResultantDescriptor OPTIONAL, IN DWORD DescriptorLength, OUT PDWORD ReturnLength)
Definition: misc.c:1429

pSetSecurityInfoCheck
static DWORD pSetSecurityInfoCheck(PSECURITY_DESCRIPTOR pSecurityDescriptor, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
Definition: misc.c:1020

GetSecurityInfo
DWORD WINAPI GetSecurityInfo(HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
Definition: misc.c:1244

GetUserNameA
BOOL WINAPI GetUserNameA(LPSTR lpszName, LPDWORD lpSize)
Definition: misc.c:246

TreeResetNamedSecurityInfoA
DWORD WINAPI TreeResetNamedSecurityInfoA(LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID pOwner, PSID pGroup, PACL pDacl, PACL pSacl, BOOL KeepExplicit, FN_PROGRESSA fnProgress, PROG_INVOKE_SETTING ProgressInvokeSetting, PVOID Args)
Definition: misc.c:1621

pGetSecurityInfoCheck
static DWORD pGetSecurityInfoCheck(SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
Definition: misc.c:965

ImpersonateLoggedOnUser
BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
Definition: misc.c:152

ImpersonateAnonymousToken
BOOL WINAPI ImpersonateAnonymousToken(IN HANDLE ThreadHandle)
Definition: misc.c:133

NtMarta
static PNTMARTA NtMarta
Definition: misc.c:20

LookupAccountSidW
BOOL WINAPI LookupAccountSidW(LPCWSTR pSystemName, PSID pSid, LPWSTR pAccountName, LPDWORD pdwAccountName, LPWSTR pDomainName, LPDWORD pdwDomainName, PSID_NAME_USE peUse)
Definition: misc.c:537

GetTokenInformation
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
Definition: security.c:413

OpenProcessToken
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:296

GetSidSubAuthority
PDWORD WINAPI GetSidSubAuthority(PSID pSid, DWORD nSubAuthority)
Definition: security.c:898

GetSidLengthRequired
DWORD WINAPI GetSidLengthRequired(UCHAR nSubAuthorityCount)
Definition: security.c:854

CopySid
BOOL WINAPI CopySid(DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid)
Definition: security.c:714

GetSidSubAuthorityCount
PUCHAR WINAPI GetSidSubAuthorityCount(PSID pSid)
Definition: security.c:910

InitializeSecurityDescriptor
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
Definition: security.c:931

OpenThreadToken
BOOL WINAPI OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, HANDLE *TokenHandle)
Definition: security.c:338

CloseHandle
#define CloseHandle
Definition: compat.h:739

ERROR_CALL_NOT_IMPLEMENTED
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:102

ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101

CP_ACP
#define CP_ACP
Definition: compat.h:109

SetLastError
#define SetLastError(x)
Definition: compat.h:752

INVALID_HANDLE_VALUE
#define INVALID_HANDLE_VALUE
Definition: compat.h:731

ThreadImpersonationToken
@ ThreadImpersonationToken
Definition: compat.h:940

FreeLibrary
#define FreeLibrary(x)
Definition: compat.h:748

GetCurrentProcess
#define GetCurrentProcess()
Definition: compat.h:759

ERROR_INVALID_HANDLE
#define ERROR_INVALID_HANDLE
Definition: compat.h:98

WideCharToMultiByte
#define WideCharToMultiByte
Definition: compat.h:111

LoadLibraryW
#define LoadLibraryW(x)
Definition: compat.h:747

__FUNCTION__
#define __FUNCTION__
Definition: types.h:116

InterlockedExchangePointer
#define InterlockedExchangePointer(Target, Value)
Definition: dshow.h:45

ReturnLength
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:43

BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94

DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95

SecurityInformation
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1340

Status
Status
Definition: gdiplustypes.h:25

LocalAlloc
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1390

LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594

RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)

GUID
Definition: shobjidl.idl:2871

void
Definition: nsiface.idl:2307

InterlockedCompareExchangePointer
#define InterlockedCompareExchangePointer
Definition: interlocked.h:129

SID_NAME_USE
enum _SID_NAME_USE SID_NAME_USE

SecurityImpersonation
@ SecurityImpersonation
Definition: lsa.idl:57

PSID_NAME_USE
enum _SID_NAME_USE * PSID_NAME_USE

SECURITY_QUALITY_OF_SERVICE
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE

SidTypeUser
@ SidTypeUser
Definition: lsa.idl:118

TokenImpersonation
@ TokenImpersonation
Definition: imports.h:274

TokenPrimary
@ TokenPrimary
Definition: imports.h:273

pSid
static PSID pSid
Definition: security.c:74

ObjectType
ObjectType
Definition: metafile.c:81

SECURITY_INFORMATION
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311

ErrorCode
_In_ NDIS_ERROR_CODE ErrorCode
Definition: ndis.h:4436

RtlSetSecurityObject
NTSYSAPI NTSTATUS NTAPI RtlSetSecurityObject(_In_ SECURITY_INFORMATION SecurityInformation, _In_ PSECURITY_DESCRIPTOR ModificationDescriptor, _Out_ PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, _In_ PGENERIC_MAPPING GenericMapping, _In_ HANDLE Token)

RtlNewSecurityObject
NTSYSAPI NTSTATUS NTAPI RtlNewSecurityObject(_In_ PSECURITY_DESCRIPTOR ParentDescriptor, _In_ PSECURITY_DESCRIPTOR CreatorDescriptor, _Out_ PSECURITY_DESCRIPTOR *NewDescriptor, _In_ BOOLEAN IsDirectoryObject, _In_ HANDLE Token, _In_ PGENERIC_MAPPING GenericMapping)

RtlDeleteSecurityObject
NTSYSAPI NTSTATUS NTAPI RtlDeleteSecurityObject(_In_ PSECURITY_DESCRIPTOR *ObjectDescriptor)

RtlQuerySecurityObject
NTSYSAPI NTSTATUS NTAPI RtlQuerySecurityObject(_In_ PSECURITY_DESCRIPTOR ObjectDescriptor, _In_ SECURITY_INFORMATION SecurityInformation, _Out_ PSECURITY_DESCRIPTOR ResultantDescriptor, _In_ ULONG DescriptorLength, _Out_ PULONG ReturnLength)

RtlValidSid
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21

Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1133

RtlCreateUnicodeStringFromAsciiz
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)

TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:411

RtlUnicodeStringToAnsiString
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString, PUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)

RtlAnsiStringToUnicodeString
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)

RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402

RtlFreeUnicodeString
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)

RtlInitAnsiString
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)

NtSetInformationThread
NTSTATUS NTAPI NtSetInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength)
Definition: query.c:2018

NtImpersonateAnonymousToken
NTSTATUS NTAPI NtImpersonateAnonymousToken(_In_ HANDLE ThreadHandle)
Allows the calling thread to impersonate the system's anonymous logon token.
Definition: token.c:2610

POLICY_LOOKUP_NAMES
#define POLICY_LOOKUP_NAMES
Definition: ntsecapi.h:72

STATUS_SOME_NOT_MAPPED
#define STATUS_SOME_NOT_MAPPED
Definition: ntstatus.h:86

L
#define L(x)
Definition: ntvdm.h:50

PDWORD
DWORD * PDWORD
Definition: pedump.c:68

USHORT
unsigned short USHORT
Definition: pedump.c:61

SetSecurityDescriptorControl
BOOL WINAPI SetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest, SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet)
Definition: sec.c:238

SetSecurityDescriptorDacl
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
Definition: sec.c:262

SetSecurityDescriptorOwner
BOOL WINAPI SetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID pOwner, BOOL bOwnerDefaulted)
Definition: sec.c:312

SetSecurityDescriptorSacl
BOOL WINAPI SetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bSaclPresent, PACL pSacl, BOOL bSaclDefaulted)
Definition: sec.c:351

SetSecurityDescriptorGroup
BOOL WINAPI SetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID pGroup, BOOL bGroupDefaulted)
Definition: sec.c:288

STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69

TRACE
#define TRACE(s)
Definition: solgame.cpp:4

OPTIONAL
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68

NameRec_
Definition: apinames.c:49

_ACL
Definition: ms-dtyp.idl:293

_ANSI_STRING
Definition: env_spec_w32.h:375

_ANSI_STRING::Buffer
PSTR Buffer
Definition: env_spec_w32.h:378

_ANSI_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:377

_ANSI_STRING::Length
USHORT Length
Definition: env_spec_w32.h:376

_GENERIC_MAPPING
Definition: nt_native.h:564

_LSA_OBJECT_ATTRIBUTES
Definition: ntsecapi.h:177

_LSA_REFERENCED_DOMAIN_LIST
Definition: ntsecapi.h:406

_LSA_REFERENCED_DOMAIN_LIST::Entries
ULONG Entries
Definition: ntsecapi.h:407

_LSA_REFERENCED_DOMAIN_LIST::Domains
PLSA_TRUST_INFORMATION Domains
Definition: ntsecapi.h:408

_LSA_TRANSLATED_NAME
Definition: ntsecapi.h:421

_LSA_TRANSLATED_NAME::Name
LSA_UNICODE_STRING Name
Definition: ntsecapi.h:423

_LSA_TRANSLATED_NAME::Use
SID_NAME_USE Use
Definition: ntsecapi.h:422

_LSA_TRANSLATED_SID
Definition: ntsecapi.h:410

_LSA_TRANSLATED_SID::RelativeId
ULONG RelativeId
Definition: ntsecapi.h:412

_LSA_TRANSLATED_SID::DomainIndex
LONG DomainIndex
Definition: ntsecapi.h:413

_LSA_TRANSLATED_SID::Use
SID_NAME_USE Use
Definition: ntsecapi.h:411

_LSA_TRUST_INFORMATION::Sid
PSID Sid
Definition: ntsecapi.h:404

_LSA_TRUST_INFORMATION::Name
LSA_UNICODE_STRING Name
Definition: ntsecapi.h:403

_LSA_UNICODE_STRING
Definition: ntsecapi.h:162

_LSA_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: ntsecapi.h:168

_LSA_UNICODE_STRING::Length
USHORT Length
Definition: ntsecapi.h:163

_LUID
Definition: devicetopology.idl:137

_NTMARTA
Definition: advapi32.h:77

_NTMARTA::hDllInstance
HINSTANCE hDllInstance
Definition: advapi32.h:78

_OBJECT_ATTRIBUTES
Definition: umtypes.h:182

_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301

_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63

_SECURITY_QUALITY_OF_SERVICE::ContextTrackingMode
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66

_SECURITY_QUALITY_OF_SERVICE::EffectiveOnly
BOOLEAN EffectiveOnly
Definition: lsa.idl:67

_SECURITY_QUALITY_OF_SERVICE::Length
DWORD Length
Definition: lsa.idl:64

_SECURITY_QUALITY_OF_SERVICE::ImpersonationLevel
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65

_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506

_SID
Definition: ms-dtyp.idl:198

_TOKEN_USER
Definition: setypes.h:1009

_TOKEN_USER::User
SID_AND_ATTRIBUTES User
Definition: setypes.h:1010

_UNICODE_STRING
Definition: env_spec_w32.h:368

_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369

_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370

_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371

handle
Definition: rpc_generic.c:61

NtQueryInformationToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
Definition: tokencls.c:473

NtDuplicateToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
Definition: tokenlif.c:1869

LPDWORD
uint32_t * LPDWORD
Definition: typedefs.h:59

INT
int32_t INT
Definition: typedefs.h:58

RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263

IN
#define IN
Definition: typedefs.h:39

RtlMoveMemory
#define RtlMoveMemory(Destination, Source, Length)
Definition: typedefs.h:264

ULONG
uint32_t ULONG
Definition: typedefs.h:59

OUT
#define OUT
Definition: typedefs.h:40

OBJECT_ATTRIBUTES
struct _OBJECT_ATTRIBUTES OBJECT_ATTRIBUTES

ret
int ret
Definition: wcstombs-tests.c:31

lpLuid
_In_ PLUID lpLuid
Definition: winbase.h:2799

lpDisplayName
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR lpDisplayName
Definition: winbase.h:2780

GetLastError
DWORD WINAPI GetLastError(void)
Definition: except.c:1042

LookupAccountSid
#define LookupAccountSid
Definition: winbase.h:3792

lpLanguageId
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR _Inout_ LPDWORD _Out_ LPDWORD lpLanguageId
Definition: winbase.h:2782

cbSid
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD cbSid
Definition: winbase.h:2733

GetCurrentThread
HANDLE WINAPI GetCurrentThread(void)
Definition: proc.c:1148

lpName
_In_ LPCSTR lpName
Definition: winbase.h:2779

peUse
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD _Out_writes_to_opt_ cchReferencedDomainName LPSTR _Inout_ LPDWORD _Out_ PSID_NAME_USE peUse
Definition: winbase.h:2736

LookupAccountName
#define LookupAccountName
Definition: winbase.h:3791

cchReferencedDomainName
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD _Out_writes_to_opt_ cchReferencedDomainName LPSTR _Inout_ LPDWORD cchReferencedDomainName
Definition: winbase.h:2735

LMEM_FIXED
#define LMEM_FIXED
Definition: winbase.h:368

cchDisplayName
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR _Inout_ LPDWORD cchDisplayName
Definition: winbase.h:2781

ReferencedDomainName
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD _Out_writes_to_opt_ cchReferencedDomainName LPSTR ReferencedDomainName
Definition: winbase.h:2734

cchName
_In_ PSID _Out_writes_to_opt_ cchName LPSTR _Inout_ LPDWORD cchName
Definition: winbase.h:2757

lpAccountName
_In_ LPCSTR lpAccountName
Definition: winbase.h:2731

WINAPI
#define WINAPI
Definition: msvc.h:6

ERROR_NO_SUCH_PRIVILEGE
#define ERROR_NO_SUCH_PRIVILEGE
Definition: winerror.h:795

ERROR_NO_IMPERSONATION_TOKEN
#define ERROR_NO_IMPERSONATION_TOKEN
Definition: winerror.h:791

ERROR_NO_TOKEN
#define ERROR_NO_TOKEN
Definition: winerror.h:587

SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191

Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409

ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:64

IsDirectoryObject
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN IsDirectoryObject
Definition: sefuncs.h:31

NewDescriptor
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR * NewDescriptor
Definition: sefuncs.h:30

DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125

SE_SACL_PROTECTED
#define SE_SACL_PROTECTED
Definition: setypes.h:832

SE_DACL_PROTECTED
#define SE_DACL_PROTECTED
Definition: setypes.h:831

TOKEN_QUERY
#define TOKEN_QUERY
Definition: setypes.h:928

OWNER_SECURITY_INFORMATION
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123

UNPROTECTED_SACL_SECURITY_INFORMATION
#define UNPROTECTED_SACL_SECURITY_INFORMATION
Definition: setypes.h:132

UNPROTECTED_DACL_SECURITY_INFORMATION
#define UNPROTECTED_DACL_SECURITY_INFORMATION
Definition: setypes.h:131

TokenUser
@ TokenUser
Definition: setypes.h:966

SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58

GROUP_SECURITY_INFORMATION
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124

TOKEN_IMPERSONATE
#define TOKEN_IMPERSONATE
Definition: setypes.h:927

SACL_SECURITY_INFORMATION
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126

PROTECTED_DACL_SECURITY_INFORMATION
#define PROTECTED_DACL_SECURITY_INFORMATION
Definition: setypes.h:129

PROTECTED_SACL_SECURITY_INFORMATION
#define PROTECTED_SACL_SECURITY_INFORMATION
Definition: setypes.h:130

SECURITY_DYNAMIC_TRACKING
#define SECURITY_DYNAMIC_TRACKING
Definition: setypes.h:103

LPCSTR
const char * LPCSTR
Definition: xmlstorage.h:183

LPSTR
char * LPSTR
Definition: xmlstorage.h:182

UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181

WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180

LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

LPCWSTR
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185

NtCurrentThread
#define NtCurrentThread()