ReactOS  0.4.15-dev-4570-g4f8bbd1
security.c File Reference
#include <advapi32.h>
#include <sddl.h>
Include dependency graph for security.c:

Go to the source code of this file.

Classes

struct  _ACEFLAG
 
union  _MAX_SID
 
struct  WELLKNOWNSID
 
struct  WELLKNOWNRID
 

Macros

#define ADS_RIGHT_DS_CREATE_CHILD   0x0001
 
#define ADS_RIGHT_DS_DELETE_CHILD   0x0002
 
#define ADS_RIGHT_ACTRL_DS_LIST   0x0004
 
#define ADS_RIGHT_DS_SELF   0x0008
 
#define ADS_RIGHT_DS_READ_PROP   0x0010
 
#define ADS_RIGHT_DS_WRITE_PROP   0x0020
 
#define ADS_RIGHT_DS_DELETE_TREE   0x0040
 
#define ADS_RIGHT_DS_LIST_OBJECT   0x0080
 
#define ADS_RIGHT_DS_CONTROL_ACCESS   0x0100
 

Typedefs

typedef struct _ACEFLAG ACEFLAG
 
typedef struct _ACEFLAGLPACEFLAG
 
typedef struct _MAX_SID MAX_SID
 
typedef struct WELLKNOWNSID WELLKNOWNSID
 
typedef struct WELLKNOWNRID WELLKNOWNRID
 

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (advapi)
 
static BOOL ParseStringSidToSid (LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
 
static const chardebugstr_sid (PSID sid)
 
static __inline BOOL set_ntstatus (NTSTATUS status)
 
static LPWSTR SERV_dup (LPCSTR str)
 
BOOL ADVAPI_IsLocalComputer (LPCWSTR ServerName)
 
BOOL ADVAPI_GetComputerSid (PSID sid)
 
BOOL WINAPI OpenProcessToken (HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
 
BOOL WINAPI OpenThreadToken (HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, HANDLE *TokenHandle)
 
BOOL WINAPI AdjustTokenGroups (HANDLE TokenHandle, BOOL ResetToDefault, PTOKEN_GROUPS NewState, DWORD BufferLength, PTOKEN_GROUPS PreviousState, PDWORD ReturnLength)
 
BOOL WINAPI AdjustTokenPrivileges (HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength)
 
BOOL WINAPI GetTokenInformation (HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
 
BOOL WINAPI SetTokenInformation (HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength)
 
BOOL WINAPI SetThreadToken (IN PHANDLE ThreadHandle OPTIONAL, IN HANDLE TokenHandle)
 
BOOL WINAPI CreateRestrictedToken (_In_ HANDLE ExistingTokenHandle, _In_ DWORD Flags, _In_ DWORD DisableSidCount, _In_reads_opt_(DisableSidCount) PSID_AND_ATTRIBUTES SidsToDisable, _In_ DWORD DeletePrivilegeCount, _In_reads_opt_(DeletePrivilegeCount) PLUID_AND_ATTRIBUTES PrivilegesToDelete, _In_ DWORD RestrictedSidCount, _In_reads_opt_(RestrictedSidCount) PSID_AND_ATTRIBUTES SidsToRestrict, _Outptr_ PHANDLE NewTokenHandle)
 Creates a filtered token that is a restricted one of the regular access token. A restricted token can have disabled SIDs, deleted privileges and/or restricted SIDs added. More...
 
BOOL WINAPI AllocateAndInitializeSid (PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
 
PVOID WINAPI FreeSid (PSID pSid)
 
BOOL WINAPI CopySid (DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid)
 
BOOL WINAPI CreateWellKnownSid (IN WELL_KNOWN_SID_TYPE WellKnownSidType, IN PSID DomainSid OPTIONAL, OUT PSID pSid, IN OUT DWORD *cbSid)
 
BOOL WINAPI IsWellKnownSid (IN PSID pSid, IN WELL_KNOWN_SID_TYPE WellKnownSidType)
 
BOOL WINAPI IsValidSid (PSID pSid)
 
BOOL WINAPI EqualSid (PSID pSid1, PSID pSid2)
 
BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
 
DWORD WINAPI GetSidLengthRequired (UCHAR nSubAuthorityCount)
 
BOOL WINAPI InitializeSid (PSID Sid, PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount)
 
PSID_IDENTIFIER_AUTHORITY WINAPI GetSidIdentifierAuthority (PSID pSid)
 
PDWORD WINAPI GetSidSubAuthority (PSID pSid, DWORD nSubAuthority)
 
PUCHAR WINAPI GetSidSubAuthorityCount (PSID pSid)
 
DWORD WINAPI GetLengthSid (PSID pSid)
 
BOOL WINAPI InitializeSecurityDescriptor (PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
 
BOOL WINAPI MakeAbsoluteSD (PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, LPDWORD lpdwAbsoluteSecurityDescriptorSize, PACL pDacl, LPDWORD lpdwDaclSize, PACL pSacl, LPDWORD lpdwSaclSize, PSID pOwner, LPDWORD lpdwOwnerSize, PSID pPrimaryGroup, LPDWORD lpdwPrimaryGroupSize)
 
BOOL WINAPI GetKernelObjectSecurity (HANDLE Handle, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
 
BOOL WINAPI InitializeAcl (PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
 
BOOL WINAPI ImpersonateNamedPipeClient (HANDLE hNamedPipe)
 
BOOL WINAPI AddAccessAllowedAce (PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
 
BOOL WINAPI AddAccessAllowedAceEx (PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
 
BOOL WINAPI AddAccessDeniedAce (PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
 
BOOL WINAPI AddAccessDeniedAceEx (PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
 
BOOL WINAPI AddAce (PACL pAcl, DWORD dwAceRevision, DWORD dwStartingAceIndex, LPVOID pAceList, DWORD nAceListLength)
 
BOOL WINAPI DeleteAce (PACL pAcl, DWORD dwAceIndex)
 
BOOL WINAPI FindFirstFreeAce (PACL pAcl, LPVOID *pAce)
 
BOOL WINAPI GetAce (PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
 
BOOL WINAPI GetAclInformation (PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
 
BOOL WINAPI IsValidAcl (PACL pAcl)
 
BOOL WINAPI AllocateLocallyUniqueId (PLUID Luid)
 
BOOL WINAPI LookupPrivilegeDisplayNameA (LPCSTR lpSystemName, LPCSTR lpName, LPSTR lpDisplayName, LPDWORD cchDisplayName, LPDWORD lpLanguageId)
 
BOOL WINAPI LookupPrivilegeNameA (LPCSTR lpSystemName, PLUID lpLuid, LPSTR lpName, LPDWORD cchName)
 
BOOL WINAPI GetFileSecurityA (LPCSTR lpFileName, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
 
BOOL WINAPI GetFileSecurityW (LPCWSTR lpFileName, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
 
BOOL WINAPI SetFileSecurityA (LPCSTR lpFileName, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor)
 
BOOL WINAPI SetFileSecurityW (LPCWSTR lpFileName, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor)
 
BOOL WINAPI QueryWindows31FilesMigration (DWORD x1)
 
BOOL WINAPI SynchronizeWindows31FilesAndWindowsNTRegistry (DWORD x1, DWORD x2, DWORD x3, DWORD x4)
 
BOOL WINAPI RevertToSelf (VOID)
 
BOOL WINAPI ImpersonateSelf (SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
 
BOOL WINAPI AccessCheck (IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN HANDLE ClientToken, IN DWORD DesiredAccess, IN PGENERIC_MAPPING GenericMapping, OUT PPRIVILEGE_SET PrivilegeSet OPTIONAL, IN OUT LPDWORD PrivilegeSetLength, OUT LPDWORD GrantedAccess, OUT LPBOOL AccessStatus)
 
BOOL WINAPI AccessCheckByType (PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID PrincipalSelfSid, HANDLE ClientToken, DWORD DesiredAccess, POBJECT_TYPE_LIST ObjectTypeList, DWORD ObjectTypeListLength, PGENERIC_MAPPING GenericMapping, PPRIVILEGE_SET PrivilegeSet, LPDWORD PrivilegeSetLength, LPDWORD GrantedAccess, LPBOOL AccessStatus)
 
BOOL WINAPI SetKernelObjectSecurity (HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
 
BOOL WINAPI AddAuditAccessAce (PACL pAcl, DWORD dwAceRevision, DWORD dwAccessMask, PSID pSid, BOOL bAuditSuccess, BOOL bAuditFailure)
 
BOOL WINAPI AddAuditAccessAceEx (PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD dwAccessMask, PSID pSid, BOOL bAuditSuccess, BOOL bAuditFailure)
 
BOOL WINAPI LookupAccountNameA (LPCSTR SystemName, LPCSTR AccountName, PSID Sid, LPDWORD SidLength, LPSTR ReferencedDomainName, LPDWORD hReferencedDomainNameLength, PSID_NAME_USE SidNameUse)
 
BOOL WINAPI PrivilegeCheck (HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
 
DWORD WINAPI GetSecurityInfoExA (HANDLE hObject, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, LPCSTR lpProvider, LPCSTR lpProperty, PACTRL_ACCESSA *ppAccessList, PACTRL_AUDITA *ppAuditList, LPSTR *lppOwner, LPSTR *lppGroup)
 
DWORD WINAPI GetSecurityInfoExW (HANDLE hObject, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider, LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList, PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup)
 
VOID WINAPI BuildExplicitAccessWithNameA (PEXPLICIT_ACCESSA pExplicitAccess, LPSTR pTrusteeName, DWORD AccessPermissions, ACCESS_MODE AccessMode, DWORD Inheritance)
 
VOID WINAPI BuildExplicitAccessWithNameW (PEXPLICIT_ACCESSW pExplicitAccess, LPWSTR pTrusteeName, DWORD AccessPermissions, ACCESS_MODE AccessMode, DWORD Inheritance)
 
VOID WINAPI BuildTrusteeWithObjectsAndNameA (PTRUSTEEA pTrustee, POBJECTS_AND_NAME_A pObjName, SE_OBJECT_TYPE ObjectType, LPSTR ObjectTypeName, LPSTR InheritedObjectTypeName, LPSTR Name)
 
VOID WINAPI BuildTrusteeWithObjectsAndNameW (PTRUSTEEW pTrustee, POBJECTS_AND_NAME_W pObjName, SE_OBJECT_TYPE ObjectType, LPWSTR ObjectTypeName, LPWSTR InheritedObjectTypeName, LPWSTR Name)
 
VOID WINAPI BuildTrusteeWithObjectsAndSidA (PTRUSTEEA pTrustee, POBJECTS_AND_SID pObjSid, GUID *pObjectGuid, GUID *pInheritedObjectGuid, PSID pSid)
 
VOID WINAPI BuildTrusteeWithObjectsAndSidW (PTRUSTEEW pTrustee, POBJECTS_AND_SID pObjSid, GUID *pObjectGuid, GUID *pInheritedObjectGuid, PSID pSid)
 
VOID WINAPI BuildTrusteeWithSidA (PTRUSTEE_A pTrustee, PSID pSid)
 
VOID WINAPI BuildTrusteeWithSidW (PTRUSTEE_W pTrustee, PSID pSid)
 
VOID WINAPI BuildTrusteeWithNameA (PTRUSTEE_A pTrustee, LPSTR name)
 
VOID WINAPI BuildTrusteeWithNameW (PTRUSTEE_W pTrustee, LPWSTR name)
 
TRUSTEE_FORM WINAPI GetTrusteeFormA (PTRUSTEEA pTrustee)
 
TRUSTEE_FORM WINAPI GetTrusteeFormW (PTRUSTEEW pTrustee)
 
LPSTR WINAPI GetTrusteeNameA (PTRUSTEE_A pTrustee)
 
LPWSTR WINAPI GetTrusteeNameW (PTRUSTEE_W pTrustee)
 
TRUSTEE_TYPE WINAPI GetTrusteeTypeA (PTRUSTEE_A pTrustee)
 
TRUSTEE_TYPE WINAPI GetTrusteeTypeW (PTRUSTEE_W pTrustee)
 
BOOL WINAPI SetAclInformation (PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
 
DWORD WINAPI SetNamedSecurityInfoA (LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
 
BOOL WINAPI AreAllAccessesGranted (DWORD GrantedAccess, DWORD DesiredAccess)
 
BOOL WINAPI AreAnyAccessesGranted (DWORD GrantedAccess, DWORD DesiredAccess)
 
static DWORD ParseAclStringFlags (LPCWSTR *StringAcl)
 
static BYTE ParseAceStringType (LPCWSTR *StringAcl)
 
static BYTE ParseAceStringFlags (LPCWSTR *StringAcl)
 
static DWORD ParseAceStringRights (LPCWSTR *StringAcl)
 
static BOOL ParseStringAclToAcl (LPCWSTR StringAcl, LPDWORD lpdwFlags, PACL pAcl, LPDWORD cBytes)
 
static BOOL ParseStringSecurityDescriptorToSecurityDescriptor (LPCWSTR StringSecurityDescriptor, SECURITY_DESCRIPTOR_RELATIVE *SecurityDescriptor, LPDWORD cBytes)
 
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA (LPCSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize)
 
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW (LPCWSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize)
 
static void DumpString (LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpSidNumeric (PSID psid, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpSid (PSID psid, WCHAR **pwptr, ULONG *plen)
 
static void DumpRights (DWORD mask, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpAce (LPVOID pace, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpAcl (PACL pacl, WCHAR **pwptr, ULONG *plen, BOOL protected, BOOL autoInheritReq, BOOL autoInherited)
 
static BOOL DumpOwner (PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpGroup (PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpDacl (PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpSacl (PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
 
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorW (PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION RequestedInformation, LPWSTR *OutputString, PULONG OutputLen)
 
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorA (PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION Information, LPSTR *OutputString, PULONG OutputLen)
 
BOOL WINAPI ConvertStringSidToSidW (LPCWSTR StringSid, PSID *Sid)
 
BOOL WINAPI ConvertStringSidToSidA (LPCSTR StringSid, PSID *Sid)
 
BOOL WINAPI ConvertSidToStringSidW (PSID Sid, LPWSTR *StringSid)
 
BOOL WINAPI ConvertSidToStringSidA (PSID Sid, LPSTR *StringSid)
 
BOOL WINAPI CreateProcessWithLogonW (_In_ LPCWSTR lpUsername, _In_opt_ LPCWSTR lpDomain, _In_ LPCWSTR lpPassword, _In_ DWORD dwLogonFlags, _In_opt_ LPCWSTR lpApplicationName, _Inout_opt_ LPWSTR lpCommandLine, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCWSTR lpCurrentDirectory, _In_ LPSTARTUPINFOW lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
 
BOOL WINAPI CreateProcessWithTokenW (HANDLE token, DWORD logon_flags, LPCWSTR application_name, LPWSTR command_line, DWORD creation_flags, void *environment, LPCWSTR current_directory, STARTUPINFOW *startup_info, PROCESS_INFORMATION *process_information)
 
BOOL WINAPI DuplicateTokenEx (IN HANDLE ExistingTokenHandle, IN DWORD dwDesiredAccess, IN LPSECURITY_ATTRIBUTES lpTokenAttributes OPTIONAL, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, IN TOKEN_TYPE TokenType, OUT PHANDLE DuplicateTokenHandle)
 
BOOL WINAPI DuplicateToken (IN HANDLE ExistingTokenHandle, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, OUT PHANDLE DuplicateTokenHandle)
 
static DWORD ComputeStringSidSize (LPCWSTR StringSid)
 
DWORD WINAPI GetNamedSecurityInfoA (LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
 
BOOL WINAPI GetWindowsAccountDomainSid (PSID sid, PSID domain_sid, DWORD *size)
 
BOOL WINAPI EqualDomainSid (IN PSID pSid1, IN PSID pSid2, OUT BOOL *pfEqual)
 

Variables

static const WELLKNOWNSID WellKnownSids []
 
static const WELLKNOWNRID WellKnownRids []
 
static const SID sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } }
 
static const WCHAR SDDL_NO_READ_UP [] = {'N','R',0}
 
static const WCHAR SDDL_NO_WRITE_UP [] = {'N','W',0}
 
static const WCHAR SDDL_NO_EXECUTE_UP [] = {'N','X',0}
 
static const WCHAR SDDL_ACCESS_ALLOWED [] = {'A',0}
 
static const WCHAR SDDL_ACCESS_DENIED [] = {'D',0}
 
static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED [] = {'O','A',0}
 
static const WCHAR SDDL_OBJECT_ACCESS_DENIED [] = {'O','D',0}
 
static const WCHAR SDDL_AUDIT [] = {'A','U',0}
 
static const WCHAR SDDL_ALARM [] = {'A','L',0}
 
static const WCHAR SDDL_MANDATORY_LABEL [] = {'M','L',0}
 
static const WCHAR SDDL_OBJECT_AUDIT [] = {'O','U',0}
 
static const WCHAR SDDL_OBJECT_ALARM [] = {'O','L',0}
 
static const WCHAR SDDL_CONTAINER_INHERIT [] = {'C','I',0}
 
static const WCHAR SDDL_OBJECT_INHERIT [] = {'O','I',0}
 
static const WCHAR SDDL_NO_PROPAGATE [] = {'N','P',0}
 
static const WCHAR SDDL_INHERIT_ONLY [] = {'I','O',0}
 
static const WCHAR SDDL_INHERITED [] = {'I','D',0}
 
static const WCHAR SDDL_AUDIT_SUCCESS [] = {'S','A',0}
 
static const WCHAR SDDL_AUDIT_FAILURE [] = {'F','A',0}
 
static const ACEFLAG AceType []
 
static const ACEFLAG AceFlags []
 
static const ACEFLAG AceRights []
 
static const LPCWSTR AceRightBitNames [32]
 

Macro Definition Documentation

◆ ADS_RIGHT_ACTRL_DS_LIST

#define ADS_RIGHT_ACTRL_DS_LIST   0x0004

Definition at line 157 of file security.c.

◆ ADS_RIGHT_DS_CONTROL_ACCESS

#define ADS_RIGHT_DS_CONTROL_ACCESS   0x0100

Definition at line 163 of file security.c.

◆ ADS_RIGHT_DS_CREATE_CHILD

#define ADS_RIGHT_DS_CREATE_CHILD   0x0001

Definition at line 155 of file security.c.

◆ ADS_RIGHT_DS_DELETE_CHILD

#define ADS_RIGHT_DS_DELETE_CHILD   0x0002

Definition at line 156 of file security.c.

◆ ADS_RIGHT_DS_DELETE_TREE

#define ADS_RIGHT_DS_DELETE_TREE   0x0040

Definition at line 161 of file security.c.

◆ ADS_RIGHT_DS_LIST_OBJECT

#define ADS_RIGHT_DS_LIST_OBJECT   0x0080

Definition at line 162 of file security.c.

◆ ADS_RIGHT_DS_READ_PROP

#define ADS_RIGHT_DS_READ_PROP   0x0010

Definition at line 159 of file security.c.

◆ ADS_RIGHT_DS_SELF

#define ADS_RIGHT_DS_SELF   0x0008

Definition at line 158 of file security.c.

◆ ADS_RIGHT_DS_WRITE_PROP

#define ADS_RIGHT_DS_WRITE_PROP   0x0020

Definition at line 160 of file security.c.

Typedef Documentation

◆ ACEFLAG

◆ LPACEFLAG

◆ MAX_SID

◆ WELLKNOWNRID

◆ WELLKNOWNSID

Function Documentation

◆ AccessCheck()

BOOL WINAPI AccessCheck ( IN PSECURITY_DESCRIPTOR  pSecurityDescriptor,
IN HANDLE  ClientToken,
IN DWORD  DesiredAccess,
IN PGENERIC_MAPPING  GenericMapping,
OUT PPRIVILEGE_SET PrivilegeSet  OPTIONAL,
IN OUT LPDWORD  PrivilegeSetLength,
OUT LPDWORD  GrantedAccess,
OUT LPBOOL  AccessStatus 
)

Definition at line 1652 of file security.c.

1660 {
1661  NTSTATUS Status;
1662  NTSTATUS NtAccessStatus;
1663 
1664  /* Do the access check */
1665  Status = NtAccessCheck(pSecurityDescriptor,
1666  ClientToken,
1667  DesiredAccess,
1669  PrivilegeSet,
1670  (PULONG)PrivilegeSetLength,
1672  &NtAccessStatus);
1673 
1674  /* See if the access check operation succeeded */
1675  if (!NT_SUCCESS(Status))
1676  {
1677  /* Check failed */
1679  return FALSE;
1680  }
1681 
1682  /* Now check the access status */
1683  if (!NT_SUCCESS(NtAccessStatus))
1684  {
1685  /* Access denied */
1686  SetLastError(RtlNtStatusToDosError(NtAccessStatus));
1687  *AccessStatus = FALSE;
1688  }
1689  else
1690  {
1691  /* Access granted */
1692  *AccessStatus = TRUE;
1693  }
1694 
1695  /* Check succeeded */
1696  return TRUE;
1697 }
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
NTSTATUS NTAPI NtAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _Out_opt_ PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:1157
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SetLastError(x)
Definition: compat.h:611
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
unsigned int * PULONG
Definition: retypes.h:1
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13

Referenced by test_AccessCheck(), test_default_handle_security(), and test_FileSecurity().

◆ AccessCheckByType()

BOOL WINAPI AccessCheckByType ( PSECURITY_DESCRIPTOR  pSecurityDescriptor,
PSID  PrincipalSelfSid,
HANDLE  ClientToken,
DWORD  DesiredAccess,
POBJECT_TYPE_LIST  ObjectTypeList,
DWORD  ObjectTypeListLength,
PGENERIC_MAPPING  GenericMapping,
PPRIVILEGE_SET  PrivilegeSet,
LPDWORD  PrivilegeSetLength,
LPDWORD  GrantedAccess,
LPBOOL  AccessStatus 
)

Definition at line 1702 of file security.c.

1714 {
1715  FIXME("stub\n");
1716 
1717  *AccessStatus = TRUE;
1718 
1719  return !*AccessStatus;
1720 }
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
#define TRUE
Definition: types.h:120
#define FIXME(fmt,...)
Definition: debug.h:111

◆ AddAccessAllowedAce()

BOOL WINAPI AddAccessAllowedAce ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  AccessMask,
PSID  pSid 
)

Definition at line 1041 of file security.c.

1045 {
1046  NTSTATUS Status;
1047 
1049  dwAceRevision,
1050  AccessMask,
1051  pSid);
1052  if (!NT_SUCCESS(Status))
1053  {
1055  return FALSE;
1056  }
1057 
1058  return TRUE;
1059 }
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
#define SetLastError(x)
Definition: compat.h:611
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1114
static PSID pSid
Definition: security.c:74

Referenced by AccRewriteSetEntriesInAcl(), convert_nfs4acl_2_dacl(), CreateDefaultProcessSecurityCommon(), CreateDefaultSecurityDescriptor(), CreateDhcpPipeSecurity(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), GetShellSecurityDescriptor(), test_AccessCheck(), test_AddMandatoryAce(), test_GetExplicitEntriesFromAclW(), test_process_security(), test_SetEntriesInAclA(), and test_SetEntriesInAclW().

◆ AddAccessAllowedAceEx()

BOOL WINAPI AddAccessAllowedAceEx ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  AceFlags,
DWORD  AccessMask,
PSID  pSid 
)

Definition at line 1065 of file security.c.

1070 {
1071  NTSTATUS Status;
1072 
1074  dwAceRevision,
1075  AceFlags,
1076  AccessMask,
1077  pSid);
1078  if (!NT_SUCCESS(Status))
1079  {
1081  return FALSE;
1082  }
1083 
1084  return TRUE;
1085 }
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
#define SetLastError(x)
Definition: compat.h:611
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAceEx(PACL, DWORD, DWORD, DWORD, PSID)
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1114
static PSID pSid
Definition: security.c:74
static const ACEFLAG AceFlags[]
Definition: security.c:2423

Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), CreateApplicationDesktopSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), get_sd(), and GetShellSecurityDescriptor().

◆ AddAccessDeniedAce()

BOOL WINAPI AddAccessDeniedAce ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  AccessMask,
PSID  pSid 
)

Definition at line 1092 of file security.c.

1096 {
1097  NTSTATUS Status;
1098 
1100  dwAceRevision,
1101  AccessMask,
1102  pSid);
1103  if (!NT_SUCCESS(Status))
1104  {
1106  return FALSE;
1107  }
1108 
1109  return TRUE;
1110 }
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
#define SetLastError(x)
Definition: compat.h:611
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1114
static PSID pSid
Definition: security.c:74
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)

Referenced by AccRewriteSetEntriesInAcl(), convert_nfs4acl_2_dacl(), GetShellSecurityDescriptor(), test_AccessCheck(), and test_process_security().

◆ AddAccessDeniedAceEx()

BOOL WINAPI AddAccessDeniedAceEx ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  AceFlags,
DWORD  AccessMask,
PSID  pSid 
)

Definition at line 1116 of file security.c.

1121 {
1122  NTSTATUS Status;
1123 
1125  dwAceRevision,
1126  AceFlags,
1127  AccessMask,
1128  pSid);
1129  if (!NT_SUCCESS(Status))
1130  {
1132  return FALSE;
1133  }
1134 
1135  return TRUE;
1136 }
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
#define SetLastError(x)
Definition: compat.h:611
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1114
static PSID pSid
Definition: security.c:74
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAceEx(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)
static const ACEFLAG AceFlags[]
Definition: security.c:2423

Referenced by GetShellSecurityDescriptor().

◆ AddAce()

BOOL WINAPI AddAce ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  dwStartingAceIndex,
LPVOID  pAceList,
DWORD  nAceListLength 
)

Definition at line 1143 of file security.c.

1148 {
1149  NTSTATUS Status;
1150 
1151  Status = RtlAddAce(pAcl,
1152  dwAceRevision,
1153  dwStartingAceIndex,
1154  pAceList,
1155  nAceListLength);
1156  if (!NT_SUCCESS(Status))
1157  {
1159  return FALSE;
1160  }
1161 
1162  return TRUE;
1163 }
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SetLastError(x)
Definition: compat.h:611
NTSYSAPI NTSTATUS NTAPI RtlAddAce(_Inout_ PACL Acl, _In_ ULONG AceRevision, _In_ ULONG StartingAceIndex, _In_reads_bytes_(AceListLength) PVOID AceList, _In_ ULONG AceListLength)
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1114

Referenced by test_AddAce().

◆ AddAuditAccessAce()

BOOL WINAPI AddAuditAccessAce ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  dwAccessMask,
PSID  pSid,
BOOL  bAuditSuccess,
BOOL  bAuditFailure 
)

Definition at line 1750 of file security.c.

1756 {
1757  NTSTATUS Status;
1758 
1760  dwAceRevision,
1761  dwAccessMask,
1762  pSid,
1763  bAuditSuccess,
1764  bAuditFailure);
1765  if (!NT_SUCCESS(Status))
1766  {
1768  return FALSE;
1769  }
1770 
1771  return TRUE;
1772 }
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SetLastError(x)
Definition: compat.h:611
NTSYSAPI NTSTATUS NTAPI RtlAddAuditAccessAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid, _In_ BOOLEAN Success, _In_ BOOLEAN Failure)
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1114
static PSID pSid
Definition: security.c:74

◆ AddAuditAccessAceEx()

BOOL WINAPI AddAuditAccessAceEx ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  AceFlags,
DWORD  dwAccessMask,
PSID  pSid,
BOOL  bAuditSuccess,
BOOL  bAuditFailure 
)

Definition at line 1778 of file security.c.

1785 {
1786  NTSTATUS Status;
1787 
1789  dwAceRevision,
1790  AceFlags,
1791  dwAccessMask,
1792  pSid,
1793  bAuditSuccess,
1794  bAuditFailure);
1795  if (!NT_SUCCESS(Status))
1796  {
1798  return FALSE;
1799  }
1800 
1801  return TRUE;
1802 }
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SetLastError(x)
Definition: compat.h:611
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1114
static PSID pSid
Definition: security.c:74
NTSYSAPI NTSTATUS NTAPI RtlAddAuditAccessAceEx(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid, _In_ BOOLEAN Success, _In_ BOOLEAN Failure)
static const ACEFLAG AceFlags[]
Definition: security.c:2423

◆ AdjustTokenGroups()

BOOL WINAPI AdjustTokenGroups ( HANDLE  TokenHandle,
BOOL  ResetToDefault,
PTOKEN_GROUPS  NewState,
DWORD  BufferLength,
PTOKEN_GROUPS  PreviousState,
PDWORD  ReturnLength 
)

Definition at line 348 of file security.c.

354 {
356 
358  ResetToDefault,
359  NewState,
360  BufferLength,
363  if (!NT_SUCCESS(Status))
364  {
366  return FALSE;
367  }
368 
369  return TRUE;
370 }
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3767
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SetLastError(x)
Definition: compat.h:611
unsigned int * PULONG
Definition: retypes.h:1
NTSTATUS NTAPI NtAdjustGroupsToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN ResetToDefault, _In_ PTOKEN_GROUPS NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength)
Changes the list of groups by enabling or disabling them in an access token. Unlike NtAdjustPrivilege...
Definition: token.c:5324
_In_ WDF_POWER_DEVICE_STATE PreviousState
Definition: wdfdevice.h:829

◆ AdjustTokenPrivileges()

BOOL WINAPI AdjustTokenPrivileges ( HANDLE  TokenHandle,
BOOL  DisableAllPrivileges,
PTOKEN_PRIVILEGES  NewState,
DWORD  BufferLength,
PTOKEN_PRIVILEGES  PreviousState,
PDWORD  ReturnLength 
)

Definition at line 376 of file security.c.

382 {
384 
386  DisableAllPrivileges,
387  NewState,
388  BufferLength,
392  {
394  return TRUE;
395  }
396 
397  if (!NT_SUCCESS(Status))
398  {
400  return FALSE;
401  }
402 
403  /* AdjustTokenPrivileges is documented to do this */
405 
406  return TRUE;
407 }
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
#define STATUS_NOT_ALL_ASSIGNED
Definition: ntstatus.h:85
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3767
#define ERROR_SUCCESS
Definition: deptool.c:10
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SetLastError(x)
Definition: compat.h:611
unsigned int * PULONG
Definition: retypes.h:1
#define ERROR_NOT_ALL_ASSIGNED
Definition: winerror.h:782
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState!=NULL, _Out_) PULONG ReturnLength)
Removes a certain amount of privileges of a token based upon the request by the caller.
Definition: token.c:5743
_In_ WDF_POWER_DEVICE_STATE PreviousState
Definition: wdfdevice.h:829

Referenced by AcquireRemoveRestorePrivilege(), AddDeviceW(), DisablePrivilege(), DisableTokenPrivileges(), EnablePrivilege(), EnableProcessPrivileges(), CShellCommandSACL::Execute(), FormatEx2(), InstallReactOS(), named_pipe_client_func(), PauseBalanceW(), Privilege(), pSetupEnablePrivilege(), RecvSubvolGUIW(), RecvSubvolW(), RemoveDeviceW(), ResetStatsW(), ResizeDeviceW(), ScmEnableBackupRestorePrivileges(), SendSubvolGUIW(), SendSubvolW(), set_privileges(), SetDriverLoadPrivilege(), SetPrivilege(), ShowScrubW(), ShutdownSystem(), StartBalanceW(), StartScrubW(), StopBalanceW(), StopScrubW(), SystemSetLocalTime(), SystemSetTime(), test8(), test_AdjustTokenPrivileges(), test_SetFileValidData(), test_system_security_access(), UpdateDriver(), WinMain(), and wWinMain().

◆ ADVAPI_GetComputerSid()

BOOL ADVAPI_GetComputerSid ( PSID  sid)

Definition at line 275 of file security.c.

276 {
277  static const struct /* same fields as struct SID */
278  {
279  BYTE Revision;
282  DWORD SubAuthority[4];
283  } computer_sid =
285 
286  memcpy( sid, &computer_sid, sizeof(computer_sid) );
287  return TRUE;
288 }
#define TRUE
Definition: types.h:120
#define SID_REVISION
Definition: setypes.h:481
FT_UInt sid
Definition: cffcmap.c:139
_In_ ULONG Revision
Definition: rtlfuncs.h:1103
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
unsigned long DWORD
Definition: ntddk_ex.h:95
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
_In_ PSID_IDENTIFIER_AUTHORITY _In_ UCHAR SubAuthorityCount
Definition: rtlfuncs.h:1486
unsigned char BYTE
Definition: xxhash.c:193
_In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: rtlfuncs.h:1486
#define SECURITY_NT_NON_UNIQUE
Definition: setypes.h:577

Referenced by ComputeStringSidSize(), and ParseStringSidToSid().

◆ ADVAPI_IsLocalComputer()

BOOL ADVAPI_IsLocalComputer ( LPCWSTR  ServerName)

Definition at line 253 of file security.c.

254 {
256  BOOL Result;
257  LPWSTR buf;
258 
259  if (!ServerName || !ServerName[0])
260  return TRUE;
261 
262  buf = heap_alloc(dwSize * sizeof(WCHAR));
264  if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
265  ServerName += 2;
266  Result = Result && !lstrcmpW(ServerName, buf);
267  heap_free(buf);
268 
269  return Result;
270 }
#define TRUE
Definition: types.h:120
int WINAPI lstrcmpW(LPCWSTR lpString1, LPCWSTR lpString2)
Definition: lstring.c:170
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:446
static void * heap_alloc(size_t len)
Definition: appwiz.h:65
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
unsigned int BOOL
Definition: ntddk_ex.h:94
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
__wchar_t WCHAR
Definition: xmlstorage.h:180
unsigned long DWORD
Definition: ntddk_ex.h:95
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:240
WCHAR * LPWSTR
Definition: xmlstorage.h:184
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:56
static BOOL heap_free(void *mem)
Definition: appwiz.h:75

◆ AllocateAndInitializeSid()

BOOL WINAPI AllocateAndInitializeSid ( PSID_IDENTIFIER_AUTHORITY  pIdentifierAuthority,
BYTE  nSubAuthorityCount,
DWORD  nSubAuthority0,
DWORD  nSubAuthority1,
DWORD  nSubAuthority2,
DWORD  nSubAuthority3,
DWORD  nSubAuthority4,
DWORD  nSubAuthority5,
DWORD  nSubAuthority6,
DWORD  nSubAuthority7,
PSID pSid 
)

Definition at line 676 of file security.c.

683 {
685  pIdentifierAuthority, nSubAuthorityCount,
686  nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
687  nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
688  pSid ));
689 }
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:229
static PSID pSid
Definition: security.c:74

Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), check_wellknown_name(), CheckForGuestsAndAdmins(), CreateApplicationDesktopSecurity(), CreateDefaultProcessSecurityCommon(), CreateDefaultSecurityDescriptor(), CreateDhcpPipeSecurity(), CreateLogoffSecurityAttributes(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), GetShellSecurityDescriptor(), is_process_limited(), is_token_admin(), IsNTAdmin(), IsUserAdmin(), PerfDataInitialize(), pSetupIsUserAdmin(), SHTestTokenMembership(), test_AccessCheck(), test_AddMandatoryAce(), test_CreateWellKnownSid(), test_EqualSid(), test_GetExplicitEntriesFromAclW(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_LookupAccountSid(), test_process_security(), test_reg_create_key(), test_reg_open_key(), test_SetEntriesInAclA(), test_SetEntriesInAclW(), test_sid(), and test_trustee().

◆ AllocateLocallyUniqueId()

BOOL WINAPI AllocateLocallyUniqueId ( PLUID  Luid)

Definition at line 1220 of file security.c.

1221 {
1222  NTSTATUS Status;
1223 
1225  if (!NT_SUCCESS (Status))
1226  {
1228  return FALSE;
1229  }
1230 
1231  return TRUE;
1232 }
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:348
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define SetLastError(x)
Definition: compat.h:611

Referenced by CookupNodeId(), LogonUserExW(), MyLogonUser(), and wined3d_adapter_init().

◆ AreAllAccessesGranted()

BOOL WINAPI AreAllAccessesGranted ( DWORD  GrantedAccess,
DWORD  DesiredAccess 
)

Definition at line 2331 of file security.c.

2333 {
2335  DesiredAccess);
2336 }
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
unsigned int BOOL
Definition: ntddk_ex.h:94
NTSYSAPI BOOLEAN NTAPI RtlAreAllAccessesGranted(ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess)
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13

◆ AreAnyAccessesGranted()

BOOL WINAPI AreAnyAccessesGranted ( DWORD  GrantedAccess,
DWORD  DesiredAccess 
)

Definition at line 2343 of file security.c.

2345 {
2347  DesiredAccess);
2348 }
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
NTSYSAPI BOOLEAN NTAPI RtlAreAnyAccessesGranted(ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess)
unsigned int BOOL
Definition: ntddk_ex.h:94
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13

◆ BuildExplicitAccessWithNameA()

VOID WINAPI BuildExplicitAccessWithNameA ( PEXPLICIT_ACCESSA  pExplicitAccess,
LPSTR  pTrusteeName,
DWORD  AccessPermissions,
ACCESS_MODE  AccessMode,
DWORD  Inheritance 
)

Definition at line 1929 of file security.c.

1934 {
1935  pExplicitAccess->grfAccessPermissions = AccessPermissions;
1936  pExplicitAccess->grfAccessMode = AccessMode;
1937  pExplicitAccess->grfInheritance = Inheritance;
1938 
1939  pExplicitAccess->Trustee.pMultipleTrustee = NULL;
1941  pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
1942  pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
1943  pExplicitAccess->Trustee.ptstrName = pTrusteeName;
1944 }
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:207
ACCESS_MODE grfAccessMode
Definition: accctrl.h:333
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:205
struct _TRUSTEE_A * pMultipleTrustee
Definition: accctrl.h:204
TRUSTEE_A Trustee
Definition: accctrl.h:335
LPSTR ptstrName
Definition: accctrl.h:208
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
DWORD grfInheritance
Definition: accctrl.h:334
#define NULL
Definition: types.h:112
DWORD grfAccessPermissions
Definition: accctrl.h:332
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:206

◆ BuildExplicitAccessWithNameW()

VOID WINAPI BuildExplicitAccessWithNameW ( PEXPLICIT_ACCESSW  pExplicitAccess,
LPWSTR  pTrusteeName,
DWORD  AccessPermissions,
ACCESS_MODE  AccessMode,
DWORD  Inheritance 
)

Definition at line 1951 of file security.c.

1956 {
1957  pExplicitAccess->grfAccessPermissions = AccessPermissions;
1958  pExplicitAccess->grfAccessMode = AccessMode;
1959  pExplicitAccess->grfInheritance = Inheritance;
1960 
1961  pExplicitAccess->Trustee.pMultipleTrustee = NULL;
1963  pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
1964  pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
1965  pExplicitAccess->Trustee.ptstrName = pTrusteeName;
1966 }
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:215
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:216
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
DWORD grfInheritance
Definition: accctrl.h:342
ACCESS_MODE grfAccessMode
Definition: accctrl.h:341
struct _TRUSTEE_W * pMultipleTrustee
Definition: accctrl.h:213
TRUSTEE_W Trustee
Definition: accctrl.h:343
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:214
LPWSTR ptstrName
Definition: accctrl.h:217
DWORD grfAccessPermissions
Definition: accctrl.h:340
#define NULL
Definition: types.h:112

◆ BuildTrusteeWithNameA()

VOID WINAPI BuildTrusteeWithNameA ( PTRUSTEE_A  pTrustee,
LPSTR  name 
)

Definition at line 2174 of file security.c.

2176 {
2177  TRACE("%p %s\n", pTrustee, name);
2178 
2179  pTrustee->pMultipleTrustee = NULL;
2181  pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2182  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2183  pTrustee->ptstrName = name;
2184 }
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:207
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:205
struct _TRUSTEE_A * pMultipleTrustee
Definition: accctrl.h:204
LPSTR ptstrName
Definition: accctrl.h:208
#define TRACE(s)
Definition: solgame.cpp:4
#define NULL
Definition: types.h:112
Definition: name.c:38
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:206
GLuint const GLchar * name
Definition: glext.h:6031

◆ BuildTrusteeWithNameW()

VOID WINAPI BuildTrusteeWithNameW ( PTRUSTEE_W  pTrustee,
LPWSTR  name 
)

Definition at line 2190 of file security.c.

2192 {
2193  TRACE("%p %s\n", pTrustee, name);
2194 
2195  pTrustee->pMultipleTrustee = NULL;
2197  pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2198  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2199  pTrustee->ptstrName = name;
2200 }
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:215
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:216
#define TRACE(s)
Definition: solgame.cpp:4
struct _TRUSTEE_W * pMultipleTrustee
Definition: accctrl.h:213
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:214
LPWSTR ptstrName
Definition: accctrl.h:217
#define NULL
Definition: types.h:112
Definition: name.c:38
GLuint const GLchar * name
Definition: glext.h:6031

◆ BuildTrusteeWithObjectsAndNameA()

VOID WINAPI BuildTrusteeWithObjectsAndNameA ( PTRUSTEEA  pTrustee,
POBJECTS_AND_NAME_A  pObjName,
SE_OBJECT_TYPE  ObjectType,
LPSTR  ObjectTypeName,
LPSTR  InheritedObjectTypeName,
LPSTR  Name 
)

Definition at line 1971 of file security.c.

1974 {
1975  DWORD ObjectsPresent = 0;
1976 
1977  TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
1979 
1980  /* Fill the OBJECTS_AND_NAME structure */
1982  if (ObjectTypeName != NULL)
1983  {
1984  ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
1985  }
1986 
1989  {
1990  ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
1991  }
1992 
1993  pObjName->ObjectsPresent = ObjectsPresent;
1994  pObjName->ptstrName = Name;
1995 
1996  /* Fill the TRUSTEE structure */
1997  pTrustee->pMultipleTrustee = NULL;
2000  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2001  pTrustee->ptstrName = (LPSTR)pObjName;
2002 }
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:77
ObjectType
Definition: metafile.c:80
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:207
#define ACE_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:106
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR InheritedObjectTypeName
Definition: security.c:77
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:205
static LPSTR(WINAPI *pGetTrusteeNameA)(PTRUSTEEA pTrustee)
DWORD ObjectsPresent
Definition: accctrl.h:356
struct _TRUSTEE_A * pMultipleTrustee
Definition: accctrl.h:204
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR LPSTR Name
Definition: security.c:77
LPSTR ptstrName
Definition: accctrl.h:208
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:107
SE_OBJECT_TYPE ObjectType
Definition: accctrl.h:357
static POBJECTS_AND_NAME_A pObjName
Definition: security.c:77
#define TRACE(s)
Definition: solgame.cpp:4
#define debugstr_a
Definition: kernel32.h:31
unsigned long DWORD
Definition: ntddk_ex.h:95
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE ObjectType
Definition: security.c:77
#define NULL
Definition: types.h:112
LPSTR InheritedObjectTypeName
Definition: accctrl.h:359
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:206

◆ BuildTrusteeWithObjectsAndNameW()

VOID WINAPI BuildTrusteeWithObjectsAndNameW ( PTRUSTEEW  pTrustee,
POBJECTS_AND_NAME_W  pObjName,
SE_OBJECT_TYPE  ObjectType,
LPWSTR  ObjectTypeName,
LPWSTR  InheritedObjectTypeName,
LPWSTR  Name 
)

Definition at line 2007 of file security.c.

2010 {
2011  DWORD ObjectsPresent = 0;
2012 
2013  TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2015 
2016  /* Fill the OBJECTS_AND_NAME structure */
2018  if (ObjectTypeName != NULL)
2019  {
2020  ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2021  }
2022 
2025  {
2026  ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2027  }
2028 
2029  pObjName->ObjectsPresent = ObjectsPresent;
2030  pObjName->ptstrName = Name;
2031 
2032  /* Fill the TRUSTEE structure */
2033  pTrustee->pMultipleTrustee = NULL;
2036  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2037  pTrustee->ptstrName = (LPWSTR)pObjName;
2038 }
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:77
ObjectType
Definition: metafile.c:80
#define ACE_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:106
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:215
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR InheritedObjectTypeName
Definition: security.c:77
DWORD ObjectsPresent
Definition: accctrl.h:356
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:216
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR LPSTR Name
Definition: security.c:77
#define debugstr_w
Definition: kernel32.h:32
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:107
SE_OBJECT_TYPE ObjectType
Definition: accctrl.h:357
static POBJECTS_AND_NAME_A pObjName
Definition: security.c:77
#define TRACE(s)
Definition: solgame.cpp:4
struct _TRUSTEE_W * pMultipleTrustee
Definition: accctrl.h:213
unsigned long DWORD
Definition: ntddk_ex.h:95
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE ObjectType
Definition: security.c:77
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:214
LPWSTR ptstrName
Definition: accctrl.h:217
#define NULL
Definition: types.h:112
LPSTR InheritedObjectTypeName
Definition: accctrl.h:359
WCHAR * LPWSTR
Definition: xmlstorage.h:184

◆ BuildTrusteeWithObjectsAndSidA()

VOID WINAPI BuildTrusteeWithObjectsAndSidA ( PTRUSTEEA  pTrustee,
POBJECTS_AND_SID  pObjSid,
GUID pObjectGuid,
GUID pInheritedObjectGuid,
PSID  pSid 
)

Definition at line 2044 of file security.c.

2049 {
2050  DWORD ObjectsPresent = 0;
2051 
2052  TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2053 
2054  /* Fill the OBJECTS_AND_SID structure */
2055  if (pObjectGuid != NULL)
2056  {
2058  ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2059  }
2060  else
2061  {
2063  sizeof(GUID));
2064  }
2065 
2066  if (pInheritedObjectGuid != NULL)
2067  {
2069  ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2070  }
2071  else
2072  {
2074  sizeof(GUID));
2075  }
2076 
2077  pObjSid->ObjectsPresent = ObjectsPresent;
2078  pObjSid->pSid = pSid;
2079 
2080  /* Fill the TRUSTEE structure */
2081  pTrustee->pMultipleTrustee = NULL;
2084  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2085  pTrustee->ptstrName = (LPSTR) pObjSid;
2086 }
GUID ObjectTypeGuid
Definition: accctrl.h:349
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:207
#define ACE_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:106
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:205
static LPSTR(WINAPI *pGetTrusteeNameA)(PTRUSTEEA pTrustee)
struct _TRUSTEE_A * pMultipleTrustee
Definition: accctrl.h:204
#define ZeroMemory
Definition: winbase.h:1667
LPSTR ptstrName
Definition: accctrl.h:208
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:107
#define TRACE(s)
Definition: solgame.cpp:4
static POBJECTS_AND_SID pObjSid
Definition: security.c:83
static POBJECTS_AND_SID GUID GUID * pInheritedObjectGuid
Definition: security.c:83
unsigned long DWORD
Definition: ntddk_ex.h:95
static POBJECTS_AND_SID GUID * pObjectGuid
Definition: security.c:83
#define NULL
Definition: types.h:112
static PSID pSid
Definition: security.c:74
GUID InheritedObjectTypeGuid
Definition: accctrl.h:350
DWORD ObjectsPresent
Definition: accctrl.h:348
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:206

◆ BuildTrusteeWithObjectsAndSidW()

VOID WINAPI BuildTrusteeWithObjectsAndSidW ( PTRUSTEEW  pTrustee,
POBJECTS_AND_SID  pObjSid,
GUID pObjectGuid,
GUID pInheritedObjectGuid,
PSID  pSid 
)

Definition at line 2093 of file security.c.

2098 {
2099  DWORD ObjectsPresent = 0;
2100 
2101  TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2102 
2103  /* Fill the OBJECTS_AND_SID structure */
2104  if (pObjectGuid != NULL)
2105  {
2107  ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2108  }
2109  else
2110  {
2112  sizeof(GUID));
2113  }
2114 
2115  if (pInheritedObjectGuid != NULL)
2116  {
2118  ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2119  }
2120  else
2121  {
2123  sizeof(GUID));
2124  }
2125 
2126  pObjSid->ObjectsPresent = ObjectsPresent;
2127  pObjSid->pSid = pSid;
2128 
2129  /* Fill the TRUSTEE structure */
2130  pTrustee->pMultipleTrustee = NULL;
2133  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2134  pTrustee->ptstrName = (LPWSTR) pObjSid;
2135 }
GUID ObjectTypeGuid
Definition: accctrl.h:349
#define ACE_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:106
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:215
#define ZeroMemory
Definition: winbase.h:1667
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:216
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:107
#define TRACE(s)
Definition: solgame.cpp:4
static POBJECTS_AND_SID pObjSid
Definition: security.c:83
static POBJECTS_AND_SID GUID GUID * pInheritedObjectGuid
Definition: security.c:83
struct _TRUSTEE_W * pMultipleTrustee
Definition: accctrl.h:213
unsigned long DWORD
Definition: ntddk_ex.h:95
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:214
LPWSTR ptstrName
Definition: accctrl.h:217
static POBJECTS_AND_SID GUID * pObjectGuid
Definition: security.c:83
#define NULL
Definition: types.h:112
static PSID pSid
Definition: security.c:74
GUID InheritedObjectTypeGuid
Definition: accctrl.h:350
DWORD ObjectsPresent
Definition: accctrl.h:348
WCHAR * LPWSTR
Definition: xmlstorage.h:184

◆ BuildTrusteeWithSidA()

VOID WINAPI BuildTrusteeWithSidA ( PTRUSTEE_A  pTrustee,
PSID  pSid 
)

Definition at line 2141 of file security.c.

2143 {
2144  TRACE("%p %p\n", pTrustee, pSid);
2145 
2146  pTrustee->pMultipleTrustee = NULL;
2148  pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2149  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2150  pTrustee->ptstrName = (LPSTR) pSid;
2151 }
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:207
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:205
static LPSTR(WINAPI *pGetTrusteeNameA)(PTRUSTEEA pTrustee)
struct _TRUSTEE_A * pMultipleTrustee
Definition: accctrl.h:204
LPSTR ptstrName
Definition: accctrl.h:208
#define TRACE(s)
Definition: solgame.cpp:4
#define NULL
Definition: types.h:112
static PSID pSid
Definition: security.c:74
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:206

◆ BuildTrusteeWithSidW()

VOID WINAPI BuildTrusteeWithSidW ( PTRUSTEE_W  pTrustee,
PSID  pSid 
)

Definition at line 2158 of file security.c.

2160 {
2161  TRACE("%p %p\n", pTrustee, pSid);
2162 
2163  pTrustee->pMultipleTrustee = NULL;
2165  pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2166  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2167  pTrustee->ptstrName = (LPWSTR) pSid;
2168 }
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:215
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:216
#define TRACE(s)
Definition: solgame.cpp:4
struct _TRUSTEE_W * pMultipleTrustee
Definition: accctrl.h:213
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:214
LPWSTR ptstrName
Definition: accctrl.h:217
#define NULL
Definition: types.h:112
static PSID pSid
Definition: security.c:74
WCHAR * LPWSTR
Definition: xmlstorage.h:184

◆ ComputeStringSidSize()

static DWORD ComputeStringSidSize ( LPCWSTR  StringSid)
static

Definition at line 3666 of file security.c.

3667 {
3668  if (StringSid[0] == 'S' && StringSid[1] == '-') /* S-R-I(-S)+ */
3669  {
3670  int ctok = 0;
3671  while (*StringSid)
3672  {
3673  if (*StringSid == '-')
3674  ctok++;
3675  StringSid++;
3676  }
3677 
3678  if (ctok >= 3)
3679  return GetSidLengthRequired(ctok - 2);
3680  }
3681  else /* String constant format - Only available in winxp and above */
3682  {
3683  unsigned int i;
3684 
3685  for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++)
3686  if (!strncmpW(WellKnownSids[i].wstr, StringSid, 2))
3688 
3689  for (i = 0; i < sizeof(WellKnownRids)/sizeof(WellKnownRids[0]); i++)
3690  if (!strncmpW(WellKnownRids[i].wstr, StringSid, 2))
3691  {
3692  MAX_SID local;
3695  }
3696 
3697  }
3698 
3699  return GetSidLengthRequired(0);
3700 }
static const WELLKNOWNSID WellKnownSids[]
Definition: security.c:47
DWORD WINAPI GetSidLengthRequired(UCHAR nSubAuthorityCount)
Definition: security.c:854
WINE_UNICODE_INLINE int strncmpW(const WCHAR *str1, const WCHAR *str2, int n)
Definition: unicode.h:235
BOOL ADVAPI_GetComputerSid(PSID sid)
Definition: security.c:275
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
PUCHAR WINAPI GetSidSubAuthorityCount(PSID pSid)
Definition: security.c:910
#define local
Definition: zutil.h:30
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
static const WELLKNOWNRID WellKnownRids[]
Definition: security.c:111

Referenced by ParseStringSidToSid().

◆ ConvertSecurityDescriptorToStringSecurityDescriptorA()

BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorA ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
DWORD  SDRevision,
SECURITY_INFORMATION  Information,
LPSTR OutputString,
PULONG  OutputLen 
)

Definition at line 3298 of file security.c.

3299 {
3300  LPWSTR wstr;
3301  ULONG len;
3303  {
3304  int lenA;
3305 
3306  lenA = WideCharToMultiByte(CP_ACP, 0, wstr, len, NULL, 0, NULL, NULL);
3307  *OutputString = heap_alloc(lenA);
3308 #ifdef __REACTOS__
3309  if (*OutputString == NULL)
3310  {
3311  LocalFree(wstr);
3312  *OutputLen = 0;
3313  return FALSE;
3314  }
3315 #endif
3316  WideCharToMultiByte(CP_ACP, 0, wstr, len, *OutputString, lenA, NULL, NULL);
3317  LocalFree(wstr);
3318 
3319  if (OutputLen != NULL)
3320  *OutputLen = lenA;
3321  return TRUE;
3322  }
3323  else
3324  {
3325  *OutputString = NULL;
3326  if (OutputLen)
3327  *OutputLen = 0;
3328  return FALSE;
3329  }
3330 }
#define WideCharToMultiByte
Definition: compat.h:111
#define TRUE
Definition: types.h:120
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
#define CP_ACP
Definition: compat.h:109
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorW(PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION RequestedInformation, LPWSTR *OutputString, PULONG OutputLen)
Definition: security.c:3234
_In_ WDFREQUEST _In_ NTSTATUS _In_ ULONG_PTR Information
Definition: wdfrequest.h:1044
static void * heap_alloc(size_t len)
Definition: appwiz.h:65
#define FALSE
Definition: types.h:117
GLenum GLsizei len
Definition: glext.h:6722
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
#define NULL
Definition: types.h:112
unsigned int ULONG
Definition: retypes.h:1
WCHAR * LPWSTR
Definition: xmlstorage.h:184

◆ ConvertSecurityDescriptorToStringSecurityDescriptorW()

BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorW ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
DWORD  SDRevision,
SECURITY_INFORMATION  RequestedInformation,
LPWSTR OutputString,
PULONG  OutputLen 
)

Definition at line 3234 of file security.c.

3235 {
3236  ULONG len;
3237  WCHAR *wptr, *wstr;
3238 
3239  if (SDRevision != SDDL_REVISION_1)
3240  {
3241  ERR("Program requested unknown SDDL revision %d\n", SDRevision);
3243  return FALSE;
3244  }
3245 
3246  len = 0;
3247  if (RequestedInformation & OWNER_SECURITY_INFORMATION)
3249  return FALSE;
3250  if (RequestedInformation & GROUP_SECURITY_INFORMATION)
3252  return FALSE;
3253  if (RequestedInformation & DACL_SECURITY_INFORMATION)
3255  return FALSE;
3256  if (RequestedInformation & SACL_SECURITY_INFORMATION)
3258  return FALSE;
3259 
3260  wstr = wptr = LocalAlloc(0, (len + 1)*sizeof(WCHAR));
3261 #ifdef __REACTOS__
3262  if (wstr == NULL)
3263  return FALSE;
3264 #endif
3265 
3266  if (RequestedInformation & OWNER_SECURITY_INFORMATION)
3267  if (!DumpOwner(SecurityDescriptor, &wptr, NULL)) {
3268  LocalFree (wstr);
3269  return FALSE;
3270  }
3271  if (RequestedInformation & GROUP_SECURITY_INFORMATION)
3272  if (!DumpGroup(SecurityDescriptor, &wptr, NULL)) {
3273  LocalFree (wstr);
3274  return FALSE;
3275  }
3276  if (RequestedInformation & DACL_SECURITY_INFORMATION)
3277  if (!DumpDacl(SecurityDescriptor, &wptr, NULL)) {
3278  LocalFree (wstr);
3279  return FALSE;
3280  }
3281  if (RequestedInformation & SACL_SECURITY_INFORMATION)
3282  if (!DumpSacl(SecurityDescriptor, &wptr, NULL)) {
3283  LocalFree (wstr);
3284  return FALSE;
3285  }
3286  *wptr = 0;
3287 
3288  TRACE("ret: %s, %d\n", wine_dbgstr_w(wstr), len);
3289  *OutputString = wstr;
3290  if (OutputLen)
3291  *OutputLen = strlenW(*OutputString)+1;
3292  return TRUE;
3293 }
WINE_UNICODE_INLINE unsigned int strlenW(const WCHAR *str)
Definition: unicode.h:212
static BOOL DumpOwner(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3149
#define TRUE
Definition: types.h:120
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
char * wine_dbgstr_w(const wchar_t *wstr)
Definition: atltest.h:87
static BOOL DumpSacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3208
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
#define FALSE
Definition: types.h:117
#define TRACE(s)
Definition: solgame.cpp:4
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126
#define SetLastError(x)
Definition: compat.h:611
static BOOL DumpDacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3185
GLenum GLsizei len
Definition: glext.h:6722
#define ERR(fmt,...)
Definition: debug.h:110
#define ERROR_UNKNOWN_REVISION
Definition: winerror.h:787
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
#define NULL
Definition: types.h:112
unsigned int ULONG
Definition: retypes.h:1
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373
static BOOL DumpGroup(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3167
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
#define SDDL_REVISION_1
Definition: sddl.h:30

Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorA().

◆ ConvertSidToStringSidA()

BOOL WINAPI ConvertSidToStringSidA ( PSID  Sid,
LPSTR StringSid 
)

Definition at line 3436 of file security.c.

3438 {
3439  LPWSTR StringSidW;
3440  int Len;
3441 
3442  if (!ConvertSidToStringSidW(Sid, &StringSidW))
3443  {
3444  return FALSE;
3445  }
3446 
3447  Len = WideCharToMultiByte(CP_ACP, 0, StringSidW, -1, NULL, 0, NULL, NULL);
3448  if (Len <= 0)
3449  {
3450  LocalFree(StringSidW);
3452  return FALSE;
3453  }
3454 
3455  *StringSid = LocalAlloc(LMEM_FIXED, Len);
3456  if (NULL == *StringSid)
3457  {
3458  LocalFree(StringSidW);
3460  return FALSE;
3461  }
3462 
3463  if (!WideCharToMultiByte(CP_ACP, 0, StringSidW, -1, *StringSid, Len, NULL, NULL))
3464  {
3465  LocalFree(StringSid);
3466  LocalFree(StringSidW);
3467  return FALSE;
3468  }
3469 
3470  LocalFree(StringSidW);
3471 
3472  return TRUE;
3473 }
#define WideCharToMultiByte
Definition: compat.h:111
#define TRUE
Definition: types.h:120
#define CP_ACP
Definition: compat.h:109
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3382
#define FALSE
Definition: types.h:117
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
#define LMEM_FIXED
Definition: winbase.h:365
#define Len
Definition: deflate.h:82
#define SetLastError(x)
Definition: compat.h:611
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
#define NULL
Definition: types.h:112
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373
WCHAR * LPWSTR
Definition: xmlstorage.h:184

Referenced by debugstr_sid(), get_user_sid(), map_name_2_sid(), test_CreateWellKnownSid(), test_LookupAccountSid(), test_lsa(), test_sid(), test_sid_str(), test_token_attr(), and test_token_label().

◆ ConvertSidToStringSidW()

BOOL WINAPI ConvertSidToStringSidW ( PSID  Sid,
LPWSTR StringSid 
)

Definition at line 3382 of file security.c.

3384 {
3385  NTSTATUS Status;
3387  WCHAR FixedBuffer[64];
3388 
3389  if (!RtlValidSid(Sid))
3390  {
3392  return FALSE;
3393  }
3394 
3395  UnicodeString.Length = 0;
3396  UnicodeString.MaximumLength = sizeof(FixedBuffer);
3397  UnicodeString.Buffer = FixedBuffer;
3400  {
3402  }
3403 
3404  if (!NT_SUCCESS(Status))
3405  {
3407  return FALSE;
3408  }
3409 
3410  *StringSid = LocalAlloc(LMEM_FIXED, UnicodeString.Length + sizeof(WCHAR));
3411  if (NULL == *StringSid)
3412  {
3413  if (UnicodeString.Buffer != FixedBuffer)
3414  {
3416  }
3418  return FALSE;
3419  }
3420 
3421  MoveMemory(*StringSid, UnicodeString.Buffer, UnicodeString.Length);
3422  ZeroMemory((PCHAR) *StringSid + UnicodeString.Length, sizeof(WCHAR));
3423  if (UnicodeString.Buffer != FixedBuffer)
3424  {
3426  }
3427 
3428  return TRUE;
3429 }
signed char * PCHAR
Definition: retypes.h:7
#define TRUE
Definition: types.h:120
#define ERROR_INVALID_SID
Definition: winerror.h:819
LONG NTSTATUS
Definition: precomp.h:26
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
#define ZeroMemory
Definition: winbase.h:1667
WDF_EXTERN_C_START typedef _Must_inspect_result_ _In_opt_ PCUNICODE_STRING UnicodeString
Definition: wdfstring.h:64
#define MoveMemory
Definition: winbase.h:1664
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21
#define LMEM_FIXED
Definition: winbase.h:365
Status
Definition: gdiplustypes.h:24
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:611
NTSYSAPI NTSTATUS NTAPI RtlConvertSidToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PVOID Sid, IN BOOLEAN AllocateDestinationString)
#define NULL
Definition: types.h:112
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373

Referenced by _GetUserSidStringFromToken(), AddUserProfiles(), ConvertSidToStringSidA(), CreateUserProfileExW(), get_user_sid(), GetEventUserName(), GetPrincipalDisplayString(), LsapGetDomainInfo(), LsapLookupAccountDomainSids(), LsapLookupBuiltinDomainSids(), LsapLookupWellKnownSids(), MsiSourceListAddSourceW(), RecycleBin5_Constructor(), SampAddMemberToAlias(), SampRemoveMemberFromAlias(), SampRemoveMemberFromAllAliases(), SampSetupAddMemberToAlias(), set_user_sid_prop(), START_TEST(), UpdatePrincipalInfo(), WhoamiGroups(), WhoamiLogonId(), and WhoamiUser().

◆ ConvertStringSecurityDescriptorToSecurityDescriptorA()

BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA ( LPCSTR  StringSecurityDescriptor,
DWORD  StringSDRevision,
PSECURITY_DESCRIPTOR SecurityDescriptor,
PULONG  SecurityDescriptorSize 
)

Definition at line 2831 of file security.c.

2835 {
2836  UINT len;
2837  BOOL ret = FALSE;
2838  LPWSTR StringSecurityDescriptorW;
2839 
2840  len = MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, NULL, 0);
2841  StringSecurityDescriptorW = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
2842 
2843  if (StringSecurityDescriptorW)
2844  {
2845  MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, StringSecurityDescriptorW, len);
2846 
2847  ret = ConvertStringSecurityDescriptorToSecurityDescriptorW(StringSecurityDescriptorW,
2848  StringSDRevision, SecurityDescriptor,
2849  SecurityDescriptorSize);
2850  HeapFree(GetProcessHeap(), 0, StringSecurityDescriptorW);
2851  }
2852 
2853  return ret;
2854 }
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
#define CP_ACP
Definition: compat.h:109
#define FALSE
Definition: types.h:117
unsigned int BOOL
Definition: ntddk_ex.h:94
#define GetProcessHeap()
Definition: compat.h:595
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
__wchar_t WCHAR
Definition: xmlstorage.h:180
int ret
GLenum GLsizei len
Definition: glext.h:6722
unsigned int UINT
Definition: ndis.h:50
#define NULL
Definition: types.h:112
#define MultiByteToWideChar
Definition: compat.h:110
WCHAR * LPWSTR
Definition: xmlstorage.h:184
#define HeapFree(x, y, z)
Definition: compat.h:594
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW(LPCWSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize)
Definition: security.c:2861

Referenced by test_profile_directory_readonly().

◆ ConvertStringSecurityDescriptorToSecurityDescriptorW()

BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW ( LPCWSTR  StringSecurityDescriptor,
DWORD  StringSDRevision,
PSECURITY_DESCRIPTOR SecurityDescriptor,
PULONG  SecurityDescriptorSize 
)

Definition at line 2861 of file security.c.

2865 {
2866  DWORD cBytes;
2867  SECURITY_DESCRIPTOR* psd;
2868  BOOL bret = FALSE;
2869 
2870  TRACE("%s\n", debugstr_w(StringSecurityDescriptor));
2871 
2872  if (GetVersion() & 0x80000000)
2873  {
2875  goto lend;
2876  }
2877  else if (!StringSecurityDescriptor || !SecurityDescriptor)
2878  {
2880  goto lend;
2881  }
2882  else if (StringSDRevision != SID_REVISION)
2883  {
2885  goto lend;
2886  }
2887 
2888  /* Compute security descriptor length */
2889  if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2890  NULL, &cBytes))
2891  goto lend;
2892 
2893  psd = *SecurityDescriptor = LocalAlloc(GMEM_ZEROINIT, cBytes);
2894  if (!psd) goto lend;
2895 
2896  psd->Revision = SID_REVISION;
2897  psd->Control |= SE_SELF_RELATIVE;
2898 
2899  if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2900  (SECURITY_DESCRIPTOR_RELATIVE *)psd, &cBytes))
2901  {
2902  LocalFree(psd);
2903  goto lend;
2904  }
2905 
2906  if (SecurityDescriptorSize)
2907  *SecurityDescriptorSize = cBytes;
2908 
2909  bret = TRUE;
2910 
2911 lend:
2912  TRACE(" ret=%d\n", bret);
2913  return bret;
2914 }
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(LPCWSTR StringSecurityDescriptor, SECURITY_DESCRIPTOR_RELATIVE *SecurityDescriptor, LPDWORD cBytes)
Definition: security.c:2683
#define SE_SELF_RELATIVE
Definition: setypes.h:830
#define TRUE
Definition: types.h:120
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
#define SID_REVISION
Definition: setypes.h:481
DWORD WINAPI GetVersion(VOID)
Definition: version.c:22
#define FALSE
Definition: types.h:117
unsigned int BOOL
Definition: ntddk_ex.h:94
#define debugstr_w
Definition: kernel32.h:32
#define TRACE(s)
Definition: solgame.cpp:4
unsigned long DWORD
Definition: ntddk_ex.h:95
#define SetLastError(x)
Definition: compat.h:611
#define ERROR_UNKNOWN_REVISION
Definition: winerror.h:787
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
#define NULL
Definition: types.h:112
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:102
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373
#define GMEM_ZEROINIT
Definition: winbase.h:303

Referenced by ConvertStringSecurityDescriptorToSecurityDescriptorA(), InstallOneService(), registry_callback(), and SetupQueueCopyIndirectW().

◆ ConvertStringSidToSidA()

BOOL WINAPI ConvertStringSidToSidA ( LPCSTR  StringSid,
PSID Sid 
)

Definition at line 3359 of file security.c.

3360 {
3361  BOOL bret = FALSE;
3362 
3363  TRACE("%s, %p\n", debugstr_a(StringSid), Sid);
3364  if (GetVersion() & 0x80000000)
3366  else if (!StringSid || !Sid)
3368  else
3369  {
3370  WCHAR *wStringSid = SERV_dup(StringSid);
3371  bret = ConvertStringSidToSidW(wStringSid, Sid);
3372  heap_free(wStringSid);
3373  }
3374  return bret;
3375 }
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID *Sid)
Definition: security.c:3335
DWORD WINAPI GetVersion(VOID)
Definition: version.c:22
#define FALSE
Definition: types.h:117
unsigned int BOOL
Definition: ntddk_ex.h:94
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
#define TRACE(s)
Definition: solgame.cpp:4
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define debugstr_a
Definition: kernel32.h:31
#define SetLastError(x)
Definition: compat.h:611
static LPWSTR SERV_dup(LPCSTR str)
Definition: security.c:235
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:102
static BOOL heap_free(void *mem)
Definition: appwiz.h:75

Referenced by test_LsaLookupSids().

◆ ConvertStringSidToSidW()

BOOL WINAPI ConvertStringSidToSidW ( LPCWSTR  StringSid,
PSID Sid 
)

Definition at line 3335 of file security.c.

3336 {
3337  BOOL bret = FALSE;
3338  DWORD cBytes;
3339 
3340  TRACE("%s, %p\n", debugstr_w(StringSid), Sid);
3341  if (GetVersion() & 0x80000000)
3343  else if (!StringSid || !Sid)
3345  else if (ParseStringSidToSid(StringSid, NULL, &cBytes))
3346  {
3347  PSID pSid = *Sid = LocalAlloc(0, cBytes);
3348 
3349  bret = ParseStringSidToSid(StringSid, pSid, &cBytes);
3350  if (!bret)
3351  LocalFree(*Sid);
3352  }
3353  return bret;
3354 }
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
DWORD WINAPI GetVersion(VOID)
Definition: version.c:22
#define FALSE
Definition: types.h:117
unsigned int BOOL
Definition: ntddk_ex.h:94
#define debugstr_w
Definition: kernel32.h:32
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
#define TRACE(s)
Definition: solgame.cpp:4
unsigned long DWORD
Definition: ntddk_ex.h:95
#define SetLastError(x)
Definition: compat.h:611
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
#define NULL
Definition: types.h:112
static PSID pSid
Definition: security.c:74
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:102
static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
Definition: security.c:3705
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373

Referenced by ConvertStringSidToSidA(), and fill_sid().

◆ CopySid()

BOOL WINAPI CopySid ( DWORD  nDestinationSidLength,
PSID  pDestinationSid,
PSID  pSourceSid 
)

Definition at line 714 of file security.c.

715 {
716  return set_ntstatus(RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid));
717 }
NTSYSAPI BOOLEAN WINAPI RtlCopySid(DWORD, PSID, PSID)
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:229

Referenced by AccpLookupSidByName(), AccRewriteGetExplicitEntriesFromAcl(), AddPrincipalToList(), AuthzGetInformationFromContext(), AuthzInitializeContextFromSid(), BuildDefaultPrincipalAce(), CachedGetUserFromSid(), CacheLookupResults(), GetUserSid(), LookupAccountNameW(), QueueSidLookup(), ReloadPrincipalsList(), and test_LookupAccountSid().

◆ CreateProcessWithLogonW()

BOOL WINAPI CreateProcessWithLogonW ( _In_ LPCWSTR  lpUsername,
_In_opt_ LPCWSTR  lpDomain,
_In_ LPCWSTR  lpPassword,
_In_ DWORD  dwLogonFlags,
_In_opt_ LPCWSTR  lpApplicationName,
_Inout_opt_ LPWSTR  lpCommandLine,
_In_ DWORD  dwCreationFlags,
_In_opt_ LPVOID  lpEnvironment,
_In_opt_ LPCWSTR  lpCurrentDirectory,
_In_ LPSTARTUPINFOW  lpStartupInfo,
_Out_ LPPROCESS_INFORMATION  lpProcessInformation 
)

Definition at line 3480 of file security.c.

3492 {
3493  LPWSTR pszStringBinding = NULL;
3498 
3499  TRACE("CreateProcessWithLogonW(%s %s %s 0x%08x %s %s 0x%08x %p %s %p %p)\n", debugstr_w(lpUsername), debugstr_w(lpDomain),
3500  debugstr_w(lpPassword), dwLogonFlags, debugstr_w(lpApplicationName),
3501  debugstr_w(lpCommandLine), dwCreationFlags, lpEnvironment, debugstr_w(lpCurrentDirectory),
3502  lpStartupInfo, lpProcessInformation);
3503 
3505  L"ncacn_np",
3506  NULL,
3507  L"\\pipe\\seclogon",
3508  NULL,
3509  &pszStringBinding);
3510  if (Status != RPC_S_OK)
3511  {
3512  WARN("RpcStringBindingCompose returned 0x%x\n", Status);
3514  return FALSE;
3515  }
3516 
3517  /* Set the binding handle that will be used to bind to the server. */
3518  Status = RpcBindingFromStringBindingW(pszStringBinding,
3519  &hBinding);
3520  if (Status != RPC_S_OK)
3521  {
3522  WARN("RpcBindingFromStringBinding returned 0x%x\n", Status);
3523  }
3524 
3525  Status = RpcStringFreeW(&pszStringBinding);
3526  if (Status != RPC_S_OK)
3527  {
3528  WARN("RpcStringFree returned 0x%x\n", Status);
3529  }
3530 
3531  Request.Username = (LPWSTR)lpUsername;
3532  Request.Domain = (LPWSTR)lpDomain;
3533  Request.Password = (LPWSTR)lpPassword;
3534  Request.ApplicationName = (LPWSTR)lpApplicationName;
3535  Request.CommandLine = (LPWSTR)lpCommandLine;
3536  Request.CurrentDirectory = (LPWSTR)lpCurrentDirectory;
3537 
3538  Request.dwLogonFlags = dwLogonFlags;
3539  Request.dwCreationFlags = dwCreationFlags;
3540 
3541  Response.ulError = ERROR_SUCCESS;
3542 
3543  RpcTryExcept
3544  {
3546  }
3548  {
3549  WARN("Exception: %lx\n", RpcExceptionCode());
3550  }
3551  RpcEndExcept;
3552 
3553  if (hBinding)
3554  {
3556  if (Status != RPC_S_OK)
3557  {
3558  WARN("RpcBindingFree returned 0x%x\n", Status);
3559  }
3560 
3561  hBinding = NULL;
3562  }
3563 
3564  TRACE("Response.ulError %lu\n", Response.ulError);
3565  if (Response.ulError != ERROR_SUCCESS)
3566  SetLastError(Response.ulError);
3567 
3568  TRACE("CreateProcessWithLogonW() done\n");
3569 
3570  return (Response.ulError == ERROR_SUCCESS);
3571 }
RPC_STATUS WINAPI RpcBindingFromStringBindingW(RPC_WSTR StringBinding, RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:876
#define RpcEndExcept
Definition: rpc.h:128
RPC_STATUS WINAPI RpcBindingFree(RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:783
#define ERROR_SUCCESS
Definition: deptool.c:10
handle_t hBinding
Definition: ctx_c.c:54
RPC_STATUS WINAPI RpcStringFreeW(RPC_WSTR *String)
Definition: rpcrt4_main.c:174
#define WARN(fmt,...)
Definition: debug.h:112
_In_ WDFREQUEST Request
Definition: wdfdevice.h:547
RPC_STATUS WINAPI RpcStringBindingComposeW(RPC_WSTR ObjUuid, RPC_WSTR Protseq, RPC_WSTR NetworkAddr, RPC_WSTR Endpoint, RPC_WSTR Options, RPC_WSTR *StringBinding)
Definition: rpc_binding.c:510
long RPC_STATUS
Definition: rpc.h:52
#define L(x)
Definition: ntvdm.h:50
#define FALSE
Definition: types.h:117
#define debugstr_w
Definition: kernel32.h:32
#define RpcTryExcept
Definition: rpc.h:126
Status
Definition: gdiplustypes.h:24
#define RpcExceptionCode()
Definition: rpc.h:132
#define TRACE(s)
Definition: solgame.cpp:4
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
#define SetLastError(x)
Definition: compat.h:611
Definition: ncftp.h:89
#define NULL
Definition: types.h:112
struct Response Response
WCHAR * LPWSTR
Definition: xmlstorage.h:184
VOID __stdcall SeclCreateProcessWithLogonW(_In_ handle_t hBinding, _In_ SECL_REQUEST *pRequest, _Out_ SECL_RESPONSE *pResponse)
Definition: rpcserver.c:57
#define RPC_S_OK
Definition: rpcnterr.h:22
#define RpcExcept(expr)
Definition: rpc.h:127

Referenced by wmain().

◆ CreateProcessWithTokenW()

BOOL WINAPI CreateProcessWithTokenW ( HANDLE  token,
DWORD  logon_flags,
LPCWSTR  application_name,
LPWSTR  command_line,
DWORD  creation_flags,
void environment,
LPCWSTR  current_directory,
STARTUPINFOW startup_info,
PROCESS_INFORMATION process_information 
)

Definition at line 3573 of file security.c.

3576 {
3577  FIXME("%p 0x%08x %s %s 0x%08x %p %s %p %p - semi-stub\n", token,
3578  logon_flags, debugstr_w(application_name), debugstr_w(command_line),
3579  creation_flags, environment, debugstr_w(current_directory),
3580  startup_info, process_information);
3581 
3582  /* FIXME: check if handles should be inherited */
3583  return CreateProcessW( application_name, command_line, NULL, NULL, FALSE, creation_flags, environment,
3584  current_directory, startup_info, process_information );
3585 }
#define FALSE
Definition: types.h:117
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat token
Definition: glfuncs.h:210
#define debugstr_w
Definition: kernel32.h:32
#define FIXME(fmt,...)
Definition: debug.h:111
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW(LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
Definition: proc.c:4594
#define NULL
Definition: types.h:112

◆ CreateRestrictedToken()

BOOL WINAPI CreateRestrictedToken ( _In_ HANDLE  ExistingTokenHandle,
_In_ DWORD  Flags,
_In_ DWORD  DisableSidCount,
_In_reads_opt_(DisableSidCount) PSID_AND_ATTRIBUTES  SidsToDisable,
_In_ DWORD  DeletePrivilegeCount,
_In_reads_opt_(DeletePrivilegeCount) PLUID_AND_ATTRIBUTES  PrivilegesToDelete,
_In_ DWORD  RestrictedSidCount,
_In_reads_opt_(RestrictedSidCount) PSID_AND_ATTRIBUTES  SidsToRestrict,
_Outptr_ PHANDLE  NewTokenHandle 
)

Creates a filtered token that is a restricted one of the regular access token. A restricted token can have disabled SIDs, deleted privileges and/or restricted SIDs added.

Parameters
[in]ExistingTokenHandleAn existing handle to a token where it's to be filtered.
[in]FlagsPrivilege flag options. This parameter argument influences how the token is filtered. Such parameter can be 0.
[in]DisableSidCountThe count number of SIDs to disable.
[in]SidsToDisableAn array list with SIDs that have to be disabled in a token.
[in]DeletePrivilegeCountThe count number of privileges to be deleted.
[in]PrivilegesToDeleteAn array list with privileges that have to be deleted in a token.
[in]RestrictedSidCountThe count number of restricted SIDs.
[in]SidsToRestrictAn array list with restricted SIDs to be added into the token. If the token already has restricted SIDs then the array provided by the caller is redundant information alongside with the existing restricted SIDs in the token.
[out]NewTokenHandleThe newly received handle to a restricted (filtered) token. The caller can use such handle to duplicate a new token.
Returns
Returns TRUE if the function has successfully completed the operations, otherwise FALSE is returned to indicate failure. For further details the caller has to invoke GetLastError() API call for extended information about the failure.

Definition at line 535 of file security.c.

545 {
547  BOOL Success;
548  ULONG Index;
549  PTOKEN_GROUPS DisableSids = NULL;
550  PTOKEN_GROUPS RestrictedSids = NULL;
551  PTOKEN_PRIVILEGES DeletePrivileges = NULL;
552 
553  /*
554  * Capture the elements we're being given from
555  * the caller and allocate the groups and/or
556  * privileges that have to be filtered in
557  * the token.
558  */
559  if (SidsToDisable != NULL)
560  {
561  DisableSids = (PTOKEN_GROUPS)LocalAlloc(LMEM_FIXED, DisableSidCount * sizeof(TOKEN_GROUPS));
562  if (DisableSids == NULL)
563  {
564  /* We failed, bail out */
566  return FALSE;
567  }
568 
569  /* Copy the counter and loop the elements to copy the rest */
570  DisableSids->GroupCount = DisableSidCount;
571  for (Index = 0; Index < DisableSidCount; Index++)
572  {
573  DisableSids->Groups[Index].Sid = SidsToDisable[Index].Sid;
574  DisableSids->Groups[Index].Attributes = SidsToDisable[Index].Attributes;
575  }
576  }
577 
578  if (PrivilegesToDelete != NULL)
579  {
580  DeletePrivileges = (PTOKEN_PRIVILEGES)LocalAlloc(LMEM_FIXED, DeletePrivilegeCount * sizeof(TOKEN_PRIVILEGES));
581  if (DeletePrivileges == NULL)
582  {
583  /* We failed, bail out */
585  Success = FALSE;
586  goto Cleanup;
587  }
588 
589  /* Copy the counter and loop the elements to copy the rest */
590  DeletePrivileges->PrivilegeCount = DeletePrivilegeCount;
591  for (Index = 0; Index < DeletePrivilegeCount; Index++)
592  {
593  DeletePrivileges->Privileges[Index].Luid = PrivilegesToDelete[Index].Luid;
594  DeletePrivileges->Privileges[Index].Attributes = PrivilegesToDelete[Index].Attributes;
595  }
596  }
597 
598  if (SidsToRestrict != NULL)
599  {
600  RestrictedSids = (PTOKEN_GROUPS)LocalAlloc(LMEM_FIXED, RestrictedSidCount * sizeof(TOKEN_GROUPS));
601  if (RestrictedSids == NULL)
602  {
603  /* We failed, bail out */
605  Success = FALSE;
606  goto Cleanup;
607  }
608 
609  /* Copy the counter and loop the elements to copy the rest */
610  RestrictedSids->GroupCount = RestrictedSidCount;
611  for (Index = 0; Index < RestrictedSidCount; Index++)
612  {
613  RestrictedSids->Groups[Index].Sid = SidsToRestrict[Index].Sid;
614  RestrictedSids->Groups[Index].Attributes = SidsToRestrict[Index].Attributes;
615  }
616  }
617 
618  /*
619  * Call the NT API to request a token filtering
620  * operation for us.
621  */
622  Status = NtFilterToken(ExistingTokenHandle,
623  Flags,
624  DisableSids,
625  DeletePrivileges,
626  RestrictedSids,
628  if (!NT_SUCCESS(Status))
629  {
630  /* We failed to do the job, bail out */
632  Success = FALSE;
633  goto Cleanup;
634  }
635 
636  /* If we reach here then we've successfully filtered the token */
637  Success = TRUE;
638 
639 Cleanup:
640  /* Free whatever we allocated before */
641  if (DisableSids != NULL)
642  {
643  LocalFree(DisableSids);
644  }
645 
646  if (DeletePrivileges != NULL)
647  {
648  LocalFree(DeletePrivileges);
649  }
650 
651  if (RestrictedSids != NULL)
652  {
653  LocalFree(RestrictedSids);
654  }
655 
656  return Success;
657 }
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
$ULONG PrivilegeCount
Definition: setypes.h:1019
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE _Out_ PHANDLE NewTokenHandle
Definition: sefuncs.h:401
#define FALSE
Definition: types.h:117
unsigned int BOOL
Definition: ntddk_ex.h:94
NTSTATUS NTAPI NtFilterToken(_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle)
Creates an access token in a restricted form from the original existing token, that is,...
Definition: token.c:6670
struct _TOKEN_GROUPS * PTOKEN_GROUPS
#define LMEM_FIXED
Definition: winbase.h:365
Status
Definition: gdiplustypes.h:24
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ WDFCOLLECTION _In_ ULONG Index
#define SetLastError(x)
Definition: compat.h:611
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES
static const WCHAR Cleanup[]
Definition: register.c:80
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:1014
#define NULL
Definition: types.h:112
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:1020
$ULONG GroupCount
Definition: setypes.h:1010
unsigned int ULONG
Definition: retypes.h:1
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373

Referenced by test_token_security_descriptor().

◆ CreateWellKnownSid()

BOOL WINAPI CreateWellKnownSid ( IN WELL_KNOWN_SID_TYPE  WellKnownSidType,
IN PSID DomainSid  OPTIONAL,
OUT PSID  pSid,
IN OUT DWORD cbSid 
)

Definition at line 724 of file security.c.

728 {
729  unsigned int i;
730  TRACE("(%d, %s, %p, %p)\n", WellKnownSidType, debugstr_sid(DomainSid), pSid, cbSid);
731 
732  if (cbSid == NULL || (DomainSid && !IsValidSid(DomainSid)))
733  {
735  return FALSE;
736  }
737 
738  for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++) {
739  if (WellKnownSids[i].Type == WellKnownSidType) {
741 
742  if (*cbSid < length)
743  {
744  *cbSid = length;
746  return FALSE;
747  }
748  if (!pSid)
749  {
751  return FALSE;
752  }
754  *cbSid = length;
755  return TRUE;
756  }
757  }
758 
759  if (DomainSid == NULL || *GetSidSubAuthorityCount(DomainSid) == SID_MAX_SUB_AUTHORITIES)
760  {
762  return FALSE;
763  }
764 
765  for (i = 0; i < sizeof(WellKnownRids)/sizeof(WellKnownRids[0]); i++)
766  if (WellKnownRids[i].Type == WellKnownSidType) {
767  UCHAR domain_subauth = *GetSidSubAuthorityCount(DomainSid);
768  DWORD domain_sid_length = GetSidLengthRequired(domain_subauth);
769  DWORD output_sid_length = GetSidLengthRequired(domain_subauth + 1);
770 
771  if (*cbSid < output_sid_length)
772  {
773  *cbSid = output_sid_length;
775  return FALSE;
776  }
777  if (!pSid)
778  {
780  return FALSE;
781  }
782  CopyMemory(pSid, DomainSid, domain_sid_length);
784  (*GetSidSubAuthority(pSid, domain_subauth)) = WellKnownRids[i].Rid;
785  *cbSid = output_sid_length;
786  return TRUE;
787  }
788 
790  return FALSE;
791 }
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
#define TRUE
Definition: types.h:120
static const WELLKNOWNSID WellKnownSids[]
Definition: security.c:47
DWORD WINAPI GetSidLengthRequired(UCHAR nSubAuthorityCount)
Definition: security.c:854
PDWORD WINAPI GetSidSubAuthority(PSID pSid, DWORD nSubAuthority)
Definition: security.c:898
static const char * debugstr_sid(PSID sid)
Definition: security.c:176
#define FALSE
Definition: types.h:117
GLenum GLuint GLenum GLsizei length
Definition: glext.h:5579
#define SID_MAX_SUB_AUTHORITIES
Definition: setypes.h:482
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD cbSid
Definition: winbase.h:2726
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
#define TRACE(s)
Definition: solgame.cpp:4
#define CopyMemory
Definition: winbase.h:1665
Type
Definition: Type.h:6
unsigned long DWORD
Definition: ntddk_ex.h:95
#define SetLastError(x)
Definition: compat.h:611
unsigned char UCHAR
Definition: xmlstorage.h:181
PUCHAR WINAPI GetSidSubAuthorityCount(PSID pSid)
Definition: security.c:910
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
#define NULL
Definition: types.h:112
static PSID pSid
Definition: security.c:74
BOOL WINAPI IsValidSid(PSID pSid)
Definition: security.c:821
BYTE Revision
Definition: ms-dtyp.idl:199
static const WELLKNOWNRID WellKnownRids[]
Definition: security.c:111
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10

Referenced by create_unknownsid(), get_sd(), test_SystemSecurity(), and well_known_sid().

◆ debugstr_sid()

static const char* debugstr_sid ( PSID  sid)
static

Definition at line 176 of file security.c.

177 {
178  int auth = 0;
179  SID * psid = (SID *)sid;
180 
181  if (psid == NULL)
182  return "(null)";
183 
184  auth = psid->IdentifierAuthority.Value[5] +
185  (psid->IdentifierAuthority.Value[4] << 8) +
186  (psid->IdentifierAuthority.Value[3] << 16) +
187  (psid->IdentifierAuthority.Value[2] << 24);
188 
189  switch (psid->SubAuthorityCount) {
190  case 0:
191  return wine_dbg_sprintf("S-%d-%d", psid->Revision, auth);
192  case 1:
193  return wine_dbg_sprintf("S-%d-%d-%lu", psid->Revision, auth,
194  psid->SubAuthority[0]);
195  case 2:
196  return wine_dbg_sprintf("S-%d-%d-%lu-%lu", psid->Revision, auth,
197  psid->SubAuthority[0], psid->SubAuthority[1]);
198  case 3:
199  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu", psid->Revision, auth,
200  psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2]);
201  case 4:
202  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu", psid->Revision, auth,
203  psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
204  psid->SubAuthority[3]);
205  case 5:
206  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
207  psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
208  psid->SubAuthority[3], psid->SubAuthority[4]);
209  case 6:
210  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
211  psid->SubAuthority[3], psid->SubAuthority[1], psid->SubAuthority[2],
212  psid->SubAuthority[0], psid->SubAuthority[4], psid->SubAuthority[5]);
213  case 7:
214  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
215  psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
216  psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
217  psid->SubAuthority[6]);
218  case 8:
219  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
220  psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
221  psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
222  psid->SubAuthority[6], psid->SubAuthority[7]);
223  }
224  return "(too-big)";
225 }
FT_UInt sid
Definition: cffcmap.c:139
const char * wine_dbg_sprintf(const char *format,...)
Definition: compat.c:296
DWORD SubAuthority[*]
Definition: ms-dtyp.idl:202
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
#define NULL
Definition: types.h:112
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: ms-dtyp.idl:201
BYTE Revision
Definition: ms-dtyp.idl:199

Referenced by CreateWellKnownSid(), and IsWellKnownSid().

◆ DeleteAce()

BOOL WINAPI DeleteAce ( PACL  pAcl,
DWORD  dwAceIndex 
)

Definition at line 1168 of file security.c.

1169 {
1170  return set_ntstatus(RtlDeleteAce(pAcl, dwAceIndex));
1171 }
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:229
NTSYSAPI NTSTATUS NTAPI RtlDeleteAce(PACL Acl, ULONG AceIndex)

◆ DumpAce()

static BOOL DumpAce ( LPVOID  pace,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3059 of file security.c.

3060 {
3061  ACCESS_ALLOWED_ACE *piace; /* all the supported ACEs have the same memory layout */
3062  static const WCHAR openbr = '(';
3063  static const WCHAR closebr = ')';
3064  static const WCHAR semicolon = ';';
3065 
3066  if (((PACE_HEADER)pace)->AceType > SYSTEM_ALARM_ACE_TYPE || ((PACE_HEADER)pace)->AceSize < sizeof(ACCESS_ALLOWED_ACE))
3067  {
3069  return FALSE;
3070  }
3071 
3072  piace = pace;
3073  DumpString(&openbr, 1, pwptr, plen);
3074  switch (piace->Header.AceType)
3075  {
3077  DumpString(SDDL_ACCESS_ALLOWED, -1, pwptr, plen);
3078  break;
3080  DumpString(SDDL_ACCESS_DENIED, -1, pwptr, plen);
3081  break;
3082  case SYSTEM_AUDIT_ACE_TYPE:
3083  DumpString(SDDL_AUDIT, -1, pwptr, plen);
3084  break;
3085  case SYSTEM_ALARM_ACE_TYPE:
3086  DumpString(SDDL_ALARM, -1, pwptr, plen);
3087  break;
3088  }
3089  DumpString(&semicolon, 1, pwptr, plen);
3090 
3091  if (piace->Header.AceFlags & OBJECT_INHERIT_ACE)
3092  DumpString(SDDL_OBJECT_INHERIT, -1, pwptr, plen);
3093  if (piace->Header.AceFlags & CONTAINER_INHERIT_ACE)
3094  DumpString(SDDL_CONTAINER_INHERIT, -1, pwptr, plen);
3096  DumpString(SDDL_NO_PROPAGATE, -1, pwptr, plen);
3097  if (piace->Header.AceFlags & INHERIT_ONLY_ACE)
3098  DumpString(SDDL_INHERIT_ONLY, -1, pwptr, plen);
3099  if (piace->Header.AceFlags & INHERITED_ACE)
3100  DumpString(SDDL_INHERITED, -1, pwptr, plen);
3102  DumpString(SDDL_AUDIT_SUCCESS, -1, pwptr, plen);
3103  if (piace->Header.AceFlags & FAILED_ACCESS_ACE_FLAG)
3104  DumpString(SDDL_AUDIT_FAILURE, -1, pwptr, plen);
3105  DumpString(&semicolon, 1, pwptr, plen);
3106  DumpRights(piace->Mask, pwptr, plen);
3107  DumpString(&semicolon, 1, pwptr, plen);
3108  /* objects not supported */
3109  DumpString(&semicolon, 1, pwptr, plen);
3110  /* objects not supported */
3111  DumpString(&semicolon, 1, pwptr, plen);
3112  if (!DumpSid((PSID)&piace->SidStart, pwptr, plen))
3113  return FALSE;
3114  DumpString(&closebr, 1, pwptr, plen);
3115  return TRUE;
3116 }
static const WCHAR SDDL_OBJECT_INHERIT[]
Definition: security.c:169
UCHAR AceFlags
Definition: ms-dtyp.idl:211
static const WCHAR SDDL_INHERITED[]
Definition: security.c:172
static const WCHAR SDDL_CONTAINER_INHERIT[]
Definition: security.c:168
#define TRUE
Definition: types.h:120
static BOOL DumpSid(PSID psid, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2970
#define NO_PROPAGATE_INHERIT_ACE
Definition: setypes.h:748
ACE_HEADER Header
Definition: ms-dtyp.idl:216
static const WCHAR SDDL_NO_PROPAGATE[]
Definition: security.c:170
static const WCHAR SDDL_ACCESS_ALLOWED[]
Definition: security.c:138
#define SUCCESSFUL_ACCESS_ACE_FLAG
Definition: setypes.h:753
#define FAILED_ACCESS_ACE_FLAG
Definition: setypes.h:754
static const WCHAR SDDL_AUDIT_FAILURE[]
Definition: security.c:174
#define FALSE
Definition: types.h:117
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:747
__wchar_t WCHAR
Definition: xmlstorage.h:180
static const WCHAR SDDL_AUDIT[]
Definition: security.c:144
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:717
static void DumpRights(DWORD mask, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3020
#define SetLastError(x)
Definition: compat.h:611
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:718
UCHAR AceType
Definition: ms-dtyp.idl:210
static const WCHAR SDDL_INHERIT_ONLY[]
Definition: security.c:171
static const WCHAR SDDL_ALARM[]
Definition: security.c:145
static const ACEFLAG AceType[]
Definition: security.c:2382
#define SYSTEM_ALARM_ACE_TYPE
Definition: setypes.h:720
ACCESS_MASK Mask
Definition: ms-dtyp.idl:217
#define INHERITED_ACE
Definition: ph.h:47
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
#define SYSTEM_AUDIT_ACE_TYPE
Definition: setypes.h:719
#define INHERIT_ONLY_ACE
Definition: setypes.h:749
#define OBJECT_INHERIT_ACE
Definition: setypes.h:746
static const WCHAR SDDL_ACCESS_DENIED[]
Definition: security.c:139
static const WCHAR SDDL_AUDIT_SUCCESS[]
Definition: security.c:173
#define ERROR_INVALID_ACL
Definition: winerror.h:818

Referenced by DumpAcl().

◆ DumpAcl()

static BOOL DumpAcl ( PACL  pacl,
WCHAR **  pwptr,
ULONG plen,
BOOL  protected,
BOOL  autoInheritReq,
BOOL  autoInherited 
)
static

Definition at line 3118 of file security.c.

3119 {
3120  WORD count;
3121  int i;
3122 
3123  if (protected)
3124  DumpString(SDDL_PROTECTED, -1, pwptr, plen);
3125  if (autoInheritReq)
3126  DumpString(SDDL_AUTO_INHERIT_REQ, -1, pwptr, plen);
3127  if (autoInherited)
3128  DumpString(SDDL_AUTO_INHERITED, -1, pwptr, plen);
3129 
3130  if (pacl == NULL)
3131  return TRUE;
3132 
3133  if (!IsValidAcl(pacl))
3134  return FALSE;
3135 
3136  count = pacl->AceCount;
3137  for (i = 0; i < count; i++)
3138  {
3139  LPVOID ace;
3140  if (!GetAce(pacl, i, &ace))
3141  return FALSE;
3142  if (!DumpAce(ace, pwptr, plen))
3143  return FALSE;
3144  }
3145 
3146  return TRUE;
3147 }
#define TRUE
Definition: types.h:120
#define SDDL_AUTO_INHERITED
Definition: sddl.h:46
GLuint GLuint GLsizei count
Definition: gl.h:1545
BOOL WINAPI IsValidAcl(PACL pAcl)
Definition: security.c:1211
USHORT AceCount
Definition: ms-dtyp.idl:297
#define FALSE
Definition: types.h:117
unsigned short WORD
Definition: ntddk_ex.h:93
#define SDDL_AUTO_INHERIT_REQ
Definition: sddl.h:45
static BOOL DumpAce(LPVOID pace, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3059
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
BOOL WINAPI GetAce(PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
Definition: security.c:1188
#define NULL
Definition: types.h:112
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
#define SDDL_PROTECTED
Definition: sddl.h:44

Referenced by DumpDacl(), and DumpSacl().

◆ DumpDacl()

static BOOL DumpDacl ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3185 of file security.c.

3186 {
3187  static const WCHAR dacl[] = {'D',':',0};
3189  BOOL present, defaulted;
3190  DWORD revision;
3191  PACL pacl;
3192 
3193  if (!GetSecurityDescriptorDacl(SecurityDescriptor, &present, &pacl, &defaulted))
3194  return FALSE;
3195 
3196  if (!GetSecurityDescriptorControl(SecurityDescriptor, &control, &revision))
3197  return FALSE;
3198 
3199  if (!present)
3200  return TRUE;
3201 
3202  DumpString(dacl, 2, pwptr, plen);
3203  if (!DumpAcl(pacl, pwptr, plen, control & SE_DACL_PROTECTED, control & SE_DACL_AUTO_INHERIT_REQ, control & SE_DACL_AUTO_INHERITED))
3204  return FALSE;
3205  return TRUE;
3206 }
BOOL WINAPI GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
Definition: sec.c:21
#define TRUE
Definition: types.h:120
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
#define SE_DACL_AUTO_INHERITED
Definition: setypes.h:825
#define FALSE
Definition: types.h:117
unsigned int BOOL
Definition: ntddk_ex.h:94
WORD SECURITY_DESCRIPTOR_CONTROL
Definition: lsa.idl:37
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
Definition: sec.c:45
__wchar_t WCHAR
Definition: xmlstorage.h:180
Definition: security.c:35
#define SE_DACL_PROTECTED
Definition: setypes.h:827
unsigned long DWORD
Definition: ntddk_ex.h:95
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
#define SE_DACL_AUTO_INHERIT_REQ
Definition: setypes.h:823
static BOOL DumpAcl(PACL pacl, WCHAR **pwptr, ULONG *plen, BOOL protected, BOOL autoInheritReq, BOOL autoInherited)
Definition: security.c:3118

Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().

◆ DumpGroup()

static BOOL DumpGroup ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3167 of file security.c.

3168 {
3169  static const WCHAR prefix[] = {'G',':',0};
3170  BOOL bDefaulted;
3171  PSID psid;
3172 
3173  if (!GetSecurityDescriptorGroup(SecurityDescriptor, &psid, &bDefaulted))
3174  return FALSE;
3175 
3176  if (psid == NULL)
3177  return TRUE;
3178 
3179  DumpString(prefix, -1, pwptr, plen);
3180  if (!DumpSid(psid, pwptr, plen))
3181  return FALSE;
3182  return TRUE;
3183 }
#define TRUE
Definition: types.h:120
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
static BOOL DumpSid(PSID psid, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2970
BOOL WINAPI GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pGroup, LPBOOL lpbGroupDefaulted)
Definition: sec.c:76
#define FALSE
Definition: types.h:117
unsigned int BOOL
Definition: ntddk_ex.h:94
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NULL
Definition: types.h:112
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916

Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().

◆ DumpOwner()

static BOOL DumpOwner ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3149 of file security.c.

3150 {
3151  static const WCHAR prefix[] = {'O',':',0};
3152  BOOL bDefaulted;
3153  PSID psid;
3154 
3155  if (!GetSecurityDescriptorOwner(SecurityDescriptor, &psid, &bDefaulted))
3156  return FALSE;
3157 
3158  if (psid == NULL)
3159  return TRUE;
3160 
3161  DumpString(prefix, -1, pwptr, plen);
3162  if (!DumpSid(psid, pwptr, plen))
3163  return FALSE;
3164  return TRUE;
3165 }
#define TRUE
Definition: types.h:120
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
static BOOL DumpSid(PSID psid, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2970
#define FALSE
Definition: types.h:117
unsigned int BOOL
Definition: ntddk_ex.h:94
__wchar_t WCHAR
Definition: xmlstorage.h:180
BOOL WINAPI GetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pOwner, LPBOOL lpbOwnerDefaulted)
Definition: sec.c:103
#define NULL
Definition: types.h:112
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916

Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().

◆ DumpRights()

static void DumpRights ( DWORD  mask,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3020 of file security.c.

3021 {
3022  static const WCHAR fmtW[] = {'0','x','%','x',0};
3023  WCHAR buf[15];
3024  size_t i;
3025 
3026  if (mask == 0)
3027  return;
3028 
3029  /* first check if the right have name */
3030  for (i = 0; i < sizeof(AceRights)/sizeof(AceRights[0]); i++)
3031  {
3032  if (AceRights[i].wstr == NULL)
3033  break;
3034  if (mask == AceRights[i].value)
3035  {
3036  DumpString(AceRights[i].wstr, -1, pwptr, plen);
3037  return;
3038  }
3039  }
3040 
3041  /* then check if it can be built from bit names */
3042  for (i = 0; i < 32; i++)
3043  {
3044  if ((mask & (1 << i)) && (AceRightBitNames[i] == NULL))
3045  {
3046  /* can't be built from bit names */
3047  sprintfW(buf, fmtW, mask);
3048  DumpString(buf, -1, pwptr, plen);
3049  return;
3050  }
3051  }
3052 
3053  /* build from bit names */
3054  for (i = 0; i < 32; i++)
3055  if (mask & (1 << i))
3056  DumpString(AceRightBitNames[i], -1, pwptr, plen);
3057 }
Definition: pdh_main.c:93
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
GLenum GLint GLuint mask
Definition: glext.h:6028
static const ACEFLAG AceRights[]
Definition: security.c:2468
__wchar_t WCHAR
Definition: xmlstorage.h:180
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
static const LPCWSTR AceRightBitNames[32]
Definition: security.c:2985
#define sprintfW
Definition: unicode.h:58
#define NULL
Definition: types.h:112
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916

Referenced by DumpAce().

◆ DumpSacl()

static BOOL DumpSacl ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3208 of file security.c.

3209 {
3210  static const WCHAR sacl[] = {'S',':',0};
3212  BOOL present, defaulted;
3213  DWORD revision;
3214  PACL pacl;
3215 
3216  if (!GetSecurityDescriptorSacl(SecurityDescriptor, &present, &pacl, &defaulted))
3217  return FALSE;
3218 
3219  if (!GetSecurityDescriptorControl(SecurityDescriptor, &control, &revision))
3220  return FALSE;
3221 
3222  if (!present)
3223  return TRUE;
3224 
3225  DumpString(sacl, 2, pwptr, plen);
3226  if (!DumpAcl(pacl, pwptr, plen, control & SE_SACL_PROTECTED, control & SE_SACL_AUTO_INHERIT_REQ, control & SE_SACL_AUTO_INHERITED))
3227  return FALSE;
3228  return TRUE;
3229 }
BOOL WINAPI GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
Definition: sec.c:21
BOOL WINAPI GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbSaclPresent, PACL *pSacl, LPBOOL lpbSaclDefaulted)
Definition: sec.c:146
#define TRUE
Definition: types.h:120
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
#define FALSE
Definition: types.h:117
unsigned int BOOL
Definition: ntddk_ex.h:94
WORD SECURITY_DESCRIPTOR_CONTROL
Definition: lsa.idl:37
#define SE_SACL_AUTO_INHERIT_REQ
Definition: setypes.h:824
__wchar_t WCHAR
Definition: xmlstorage.h:180
unsigned long DWORD
Definition: ntddk_ex.h:95
#define SE_SACL_PROTECTED
Definition: setypes.h:828
#define SE_SACL_AUTO_INHERITED
Definition: setypes.h:826
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
static BOOL DumpAcl(PACL pacl, WCHAR **pwptr, ULONG *plen, BOOL protected, BOOL autoInheritReq, BOOL autoInherited)
Definition: security.c:3118

Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().

◆ DumpSid()

static BOOL DumpSid ( PSID  psid,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 2970 of file security.c.

2971 {
2972  size_t i;
2973  for (i = 0; i < sizeof(WellKnownSids) / sizeof(WellKnownSids[0]); i++)
2974  {
2975  if (WellKnownSids[i].wstr[0] && EqualSid(psid, (PSID)&(WellKnownSids[i].Sid.Revision)))
2976  {
2977  DumpString(WellKnownSids[i].wstr, 2, pwptr, plen);
2978  return TRUE;
2979  }
2980  }
2981 
2982  return DumpSidNumeric(psid, pwptr, plen);
2983 }
#define TRUE
Definition: types.h:120
static const WELLKNOWNSID WellKnownSids[]
Definition: security.c:47
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
Definition: security.c:831
static BOOL DumpSidNumeric(PSID psid, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2931
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
BYTE Revision
Definition: ms-dtyp.idl:199

Referenced by DumpAce(), DumpGroup(), and DumpOwner().

◆ DumpSidNumeric()

static BOOL DumpSidNumeric ( PSID  psid,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 2931 of file security.c.

2932 {
2933  DWORD i;
2934  WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 };
2935  WCHAR subauthfmt[] = { '-','%','u',0 };
2936  WCHAR buf[26];
2937  SID *pisid = psid;
2938 
2939  if( !IsValidSid( psid ) || pisid->Revision != SDDL_REVISION)
2940  {
2942  return FALSE;
2943  }
2944 
2945  if (pisid->IdentifierAuthority.Value[0] ||
2946  pisid->IdentifierAuthority.Value[1])
2947  {
2948  FIXME("not matching MS' bugs\n");
2950  return FALSE;
2951  }
2952 
2953  sprintfW( buf, fmt, pisid->Revision,
2954  MAKELONG(
2955  MAKEWORD( pisid->IdentifierAuthority.Value[5],
2956  pisid->IdentifierAuthority.Value[4] ),
2957  MAKEWORD( pisid->IdentifierAuthority.Value[3],
2958  pisid->IdentifierAuthority.Value[2] )
2959  ) );
2960  DumpString(buf, -1, pwptr, plen);
2961 
2962  for( i=0; i<pisid->SubAuthorityCount; i++ )
2963  {
2964  sprintfW( buf, subauthfmt, pisid->SubAuthority[i] );
2965  DumpString(buf, -1, pwptr, plen);
2966  }
2967  return TRUE;
2968 }
#define MAKEWORD(a, b)
Definition: typedefs.h:248
#define TRUE
Definition: types.h:120
#define ERROR_INVALID_SID
Definition: winerror.h:819
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
#define FALSE
Definition: types.h:117
#define FIXME(fmt,...)
Definition: debug.h:111
#define MAKELONG(a, b)
Definition: typedefs.h:249
__wchar_t WCHAR
Definition: xmlstorage.h:180
unsigned long DWORD
Definition: ntddk_ex.h:95
#define SetLastError(x)
Definition: compat.h:611
DWORD SubAuthority[*]
Definition: ms-dtyp.idl:202
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define sprintfW
Definition: unicode.h:58
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
#define SDDL_REVISION
Definition: sddl.h:31
BOOL WINAPI IsValidSid(PSID pSid)
Definition: security.c:821
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: ms-dtyp.idl:201
BYTE Revision
Definition: ms-dtyp.idl:199
Definition: dsound.c:943

Referenced by DumpSid().

◆ DumpString()

static void DumpString ( LPCWSTR  string,
int  cch,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 2916 of file security.c.

2917 {
2918  if (cch == -1)
2919  cch = strlenW(string);
2920 
2921  if (plen)
2922  *plen += cch;
2923 
2924  if (pwptr)
2925  {
2926  memcpy(*pwptr, string, sizeof(WCHAR)*cch);
2927  *pwptr += cch;
2928  }
2929 }
WINE_UNICODE_INLINE unsigned int strlenW(const WCHAR *str)
Definition: unicode.h:212
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
IN PCTCH IN DWORD cch
Definition: pager.h:36

Referenced by DumpAce(), DumpAcl(), DumpDacl(), DumpGroup(), DumpOwner(), DumpRights(), DumpSacl(), DumpSid(), and DumpSidNumeric().

◆ DuplicateToken()

BOOL WINAPI DuplicateToken ( IN HANDLE  ExistingTokenHandle,
IN SECURITY_IMPERSONATION_LEVEL  ImpersonationLevel,
OUT PHANDLE  DuplicateTokenHandle 
)

Definition at line 3651 of file security.c.

3654 {
3655  return DuplicateTokenEx(ExistingTokenHandle,
3657  NULL,
3660  DuplicateTokenHandle);
3661 }
#define TOKEN_IMPERSONATE
Definition: setypes.h:923
#define TOKEN_QUERY
Definition: setypes.h:924
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:154
BOOL WINAPI DuplicateTokenEx(IN HANDLE ExistingTokenHandle, IN DWORD dwDesiredAccess, IN LPSECURITY_ATTRIBUTES lpTokenAttributes OPTIONAL, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, IN TOKEN_TYPE TokenType, OUT PHANDLE DuplicateTokenHandle)
Definition: security.c:3591
#define NULL
Definition: types.h:112

Referenced by GetDuplicateToken(), test_AccessCheck(), test_CheckTokenMembership(), test_impersonation_level(), test_kernel_objects_security(), and test_token_attr().

◆ DuplicateTokenEx()

BOOL WINAPI DuplicateTokenEx ( IN HANDLE  ExistingTokenHandle,
IN DWORD  dwDesiredAccess,
IN LPSECURITY_ATTRIBUTES lpTokenAttributes  OPTIONAL,
IN SECURITY_IMPERSONATION_LEVEL  ImpersonationLevel,
IN TOKEN_TYPE  TokenType,
OUT PHANDLE  DuplicateTokenHandle 
)

Definition at line 3591 of file security.c.

3597 {
3599  NTSTATUS Status;
3601 
3602  TRACE("%p 0x%08x 0x%08x 0x%08x %p\n", ExistingTokenHandle, dwDesiredAccess,
3603  ImpersonationLevel, TokenType, DuplicateTokenHandle);
3604 
3605  Sqos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
3607  Sqos.ContextTrackingMode = 0;
3608  Sqos.EffectiveOnly = FALSE;
3609 
3610  if (lpTokenAttributes != NULL)
3611  {
3613  NULL,
3614  lpTokenAttributes->bInheritHandle ? OBJ_INHERIT : 0,
3615  NULL,
3616  lpTokenAttributes->lpSecurityDescriptor);
3617  }
3618  else
3619  {
3621  NULL,
3622  0,
3623  NULL,
3624  NULL);
3625  }
3626 
3627  ObjectAttributes.SecurityQualityOfService = &Sqos;
3628 
3629  Status = NtDuplicateToken(ExistingTokenHandle,
3630  dwDesiredAccess,
3632  FALSE,
3633  TokenType,
3634  DuplicateTokenHandle);
3635  if (!NT_SUCCESS(Status))
3636  {
3637  ERR("NtDuplicateToken failed: Status %08x\n", Status);
3639  return FALSE;
3640  }
3641 
3642  TRACE("Returning token %p.\n", *DuplicateTokenHandle);
3643 
3644  return TRUE;
3645 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define FALSE
Definition: types.h:117
Status
Definition: gdiplustypes.h:24
#define TRACE(s)
Definition: solgame.cpp:4
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define OBJ_INHERIT
Definition: winternl.h:225
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:154
#define SetLastError(x)
Definition: compat.h:611
#define ERR(fmt,...)
Definition: debug.h:110
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
#define NULL
Definition: types.h:112
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
Definition: token.c:4901
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:401

Referenced by CheckTokenMembership(), DuplicateToken(), LaunchProcess(), START_TEST(), test_CreateRestrictedToken(), test_token_security_descriptor(), and WlxStartApplication().

◆ EqualDomainSid()

BOOL WINAPI EqualDomainSid ( IN PSID  pSid1,
IN PSID  pSid2,
OUT BOOL pfEqual 
)

Definition at line 3916 of file security.c.

3919 {
3920  UNIMPLEMENTED;
3921  return FALSE;
3922 }
#define FALSE
Definition: types.h:117
#define UNIMPLEMENTED
Definition: debug.h:115

◆ EqualPrefixSid()

BOOL WINAPI EqualPrefixSid ( PSID  pSid1,
PSID  pSid2 
)

Definition at line 843 of file security.c.

845 {
846  return RtlEqualPrefixSid (pSid1, pSid2);
847 }
NTSYSAPI BOOLEAN NTAPI RtlEqualPrefixSid(PSID Sid1, PSID Sid2)

Referenced by test_process_security().

◆ EqualSid()

◆ FindFirstFreeAce()

BOOL WINAPI FindFirstFreeAce ( PACL  pAcl,
LPVOID pAce 
)

Definition at line 1178 of file security.c.

1180 {
1181  return RtlFirstFreeAce(pAcl,
1182  (PACE*)pAce);
1183 }
NTSYSAPI BOOLEAN NTAPI RtlFirstFreeAce(PACL Acl, PACE *Ace)
Definition: rtltypes.h:992

◆ FreeSid()

◆ GetAce()

BOOL WINAPI GetAce ( PACL  pAcl,
DWORD  dwAceIndex,
LPVOID pAce 
)

Definition at line 1188 of file security.c.

1189 {
1190  return set_ntstatus(RtlGetAce(pAcl, dwAceIndex, pAce));
1191 }
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:229

Referenced by AccRewriteGetExplicitEntriesFromAcl(), AccRewriteSetEntriesInAcl(), DumpAcl(), CSecurityDescriptor::GetDACLEntry(), CSecurityDescriptor::GetSACLEntry(), map_dacl_2_nfs4acl(), PrintFileDacl(), ReloadPrincipalsList(), and test_GetShellSecurityDescriptor().

◆ GetAclInformation()

BOOL WINAPI GetAclInformation ( PACL  pAcl,
LPVOID  pAclInformation,
DWORD  nAclInformationLength,
ACL_INFORMATION_CLASS  dwAclInformationClass 
)

Definition at line 1196 of file security.c.

1201 {
1202  return set_ntstatus(RtlQueryInformationAcl(pAcl, pAclInformation,
1203  nAclInformationLength, dwAclInformationClass));
1204 }
NTSYSAPI NTSTATUS WINAPI RtlQueryInformationAcl(PACL, LPVOID, DWORD, ACL_INFORMATION_CLASS)
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:229

Referenced by AccRewriteSetEntriesInAcl(), CSecurityDescriptor::GetDACLEntriesCount(), CSecurityDescriptor::GetSACLEntriesCount(), and test_GetShellSecurityDescriptor().

◆ GetFileSecurityA()

BOOL WINAPI GetFileSecurityA ( LPCSTR  lpFileName,
SECURITY_INFORMATION  RequestedInformation,
PSECURITY_DESCRIPTOR  pSecurityDescriptor,
DWORD  nLength,
LPDWORD  lpnLengthNeeded 
)

Definition at line 1375 of file security.c.

1380 {
1382  BOOL bResult;
1383 
1385  {
1387  return FALSE;
1388  }
1389 
1390  bResult = GetFileSecurityW(FileName.Buffer,
1391  RequestedInformation,
1392  pSecurityDescriptor,
1393  nLength,
1394  lpnLengthNeeded);
1395 
1397 
1398  return bResult;
1399 }
_In_ DWORD nLength
Definition: wincon.h:473
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
#define FALSE
Definition: types.h:117
unsigned int BOOL
Definition: ntddk_ex.h:94
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:611
BOOL WINAPI GetFileSecurityW(LPCWSTR lpFileName, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
Definition: security.c:1406
struct _FileName FileName
Definition: fatprocs.h:893
_In_ LPCSTR lpFileName
Definition: winbase.h:3055

Referenced by test_FileSecurity().

◆ GetFileSecurityW()