ReactOS  0.4.15-dev-5615-gc3644fd
Classes | Macros | Typedefs | Functions | Variables
security.c File Reference
#include <advapi32.h>
#include <sddl.h>
Include dependency graph for security.c:

Go to the source code of this file.

Classes

struct  _ACEFLAG
 
union  _MAX_SID
 
struct  WELLKNOWNSID
 
struct  WELLKNOWNRID
 

Macros

#define ADS_RIGHT_DS_CREATE_CHILD   0x0001
 
#define ADS_RIGHT_DS_DELETE_CHILD   0x0002
 
#define ADS_RIGHT_ACTRL_DS_LIST   0x0004
 
#define ADS_RIGHT_DS_SELF   0x0008
 
#define ADS_RIGHT_DS_READ_PROP   0x0010
 
#define ADS_RIGHT_DS_WRITE_PROP   0x0020
 
#define ADS_RIGHT_DS_DELETE_TREE   0x0040
 
#define ADS_RIGHT_DS_LIST_OBJECT   0x0080
 
#define ADS_RIGHT_DS_CONTROL_ACCESS   0x0100
 

Typedefs

typedef struct _ACEFLAG ACEFLAG
 
typedef struct _ACEFLAGLPACEFLAG
 
typedef struct _MAX_SID MAX_SID
 
typedef struct WELLKNOWNSID WELLKNOWNSID
 
typedef struct WELLKNOWNRID WELLKNOWNRID
 

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (advapi)
 
static BOOL ParseStringSidToSid (LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
 
static const chardebugstr_sid (PSID sid)
 
static __inline BOOL set_ntstatus (NTSTATUS status)
 
static LPWSTR SERV_dup (LPCSTR str)
 
BOOL ADVAPI_IsLocalComputer (LPCWSTR ServerName)
 
BOOL ADVAPI_GetComputerSid (PSID sid)
 
BOOL WINAPI OpenProcessToken (HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
 
BOOL WINAPI OpenThreadToken (HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, HANDLE *TokenHandle)
 
BOOL WINAPI AdjustTokenGroups (HANDLE TokenHandle, BOOL ResetToDefault, PTOKEN_GROUPS NewState, DWORD BufferLength, PTOKEN_GROUPS PreviousState, PDWORD ReturnLength)
 
BOOL WINAPI AdjustTokenPrivileges (HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength)
 
BOOL WINAPI GetTokenInformation (HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
 
BOOL WINAPI SetTokenInformation (HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength)
 
BOOL WINAPI SetThreadToken (IN PHANDLE ThreadHandle OPTIONAL, IN HANDLE TokenHandle)
 
BOOL WINAPI CreateRestrictedToken (_In_ HANDLE ExistingTokenHandle, _In_ DWORD Flags, _In_ DWORD DisableSidCount, _In_reads_opt_(DisableSidCount) PSID_AND_ATTRIBUTES SidsToDisable, _In_ DWORD DeletePrivilegeCount, _In_reads_opt_(DeletePrivilegeCount) PLUID_AND_ATTRIBUTES PrivilegesToDelete, _In_ DWORD RestrictedSidCount, _In_reads_opt_(RestrictedSidCount) PSID_AND_ATTRIBUTES SidsToRestrict, _Outptr_ PHANDLE NewTokenHandle)
 Creates a filtered token that is a restricted one of the regular access token. A restricted token can have disabled SIDs, deleted privileges and/or restricted SIDs added. More...
 
BOOL WINAPI AllocateAndInitializeSid (PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
 
PVOID WINAPI FreeSid (PSID pSid)
 
BOOL WINAPI CopySid (DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid)
 
BOOL WINAPI CreateWellKnownSid (IN WELL_KNOWN_SID_TYPE WellKnownSidType, IN PSID DomainSid OPTIONAL, OUT PSID pSid, IN OUT DWORD *cbSid)
 
BOOL WINAPI IsWellKnownSid (IN PSID pSid, IN WELL_KNOWN_SID_TYPE WellKnownSidType)
 
BOOL WINAPI IsValidSid (PSID pSid)
 
BOOL WINAPI EqualSid (PSID pSid1, PSID pSid2)
 
BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
 
DWORD WINAPI GetSidLengthRequired (UCHAR nSubAuthorityCount)
 
BOOL WINAPI InitializeSid (PSID Sid, PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount)
 
PSID_IDENTIFIER_AUTHORITY WINAPI GetSidIdentifierAuthority (PSID pSid)
 
PDWORD WINAPI GetSidSubAuthority (PSID pSid, DWORD nSubAuthority)
 
PUCHAR WINAPI GetSidSubAuthorityCount (PSID pSid)
 
DWORD WINAPI GetLengthSid (PSID pSid)
 
BOOL WINAPI InitializeSecurityDescriptor (PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
 
BOOL WINAPI MakeAbsoluteSD (PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, LPDWORD lpdwAbsoluteSecurityDescriptorSize, PACL pDacl, LPDWORD lpdwDaclSize, PACL pSacl, LPDWORD lpdwSaclSize, PSID pOwner, LPDWORD lpdwOwnerSize, PSID pPrimaryGroup, LPDWORD lpdwPrimaryGroupSize)
 
BOOL WINAPI GetKernelObjectSecurity (HANDLE Handle, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
 
BOOL WINAPI InitializeAcl (PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
 
BOOL WINAPI ImpersonateNamedPipeClient (HANDLE hNamedPipe)
 
BOOL WINAPI AddAccessAllowedAce (PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
 
BOOL WINAPI AddAccessAllowedAceEx (PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
 
BOOL WINAPI AddAccessDeniedAce (PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
 
BOOL WINAPI AddAccessDeniedAceEx (PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
 
BOOL WINAPI AddAce (PACL pAcl, DWORD dwAceRevision, DWORD dwStartingAceIndex, LPVOID pAceList, DWORD nAceListLength)
 
BOOL WINAPI DeleteAce (PACL pAcl, DWORD dwAceIndex)
 
BOOL WINAPI FindFirstFreeAce (PACL pAcl, LPVOID *pAce)
 
BOOL WINAPI GetAce (PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
 
BOOL WINAPI GetAclInformation (PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
 
BOOL WINAPI IsValidAcl (PACL pAcl)
 
BOOL WINAPI AllocateLocallyUniqueId (PLUID Luid)
 
BOOL WINAPI LookupPrivilegeDisplayNameA (LPCSTR lpSystemName, LPCSTR lpName, LPSTR lpDisplayName, LPDWORD cchDisplayName, LPDWORD lpLanguageId)
 
BOOL WINAPI LookupPrivilegeNameA (LPCSTR lpSystemName, PLUID lpLuid, LPSTR lpName, LPDWORD cchName)
 
BOOL WINAPI GetFileSecurityA (LPCSTR lpFileName, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
 
BOOL WINAPI GetFileSecurityW (LPCWSTR lpFileName, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
 
BOOL WINAPI SetFileSecurityA (LPCSTR lpFileName, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor)
 
BOOL WINAPI SetFileSecurityW (LPCWSTR lpFileName, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor)
 
BOOL WINAPI QueryWindows31FilesMigration (DWORD x1)
 
BOOL WINAPI SynchronizeWindows31FilesAndWindowsNTRegistry (DWORD x1, DWORD x2, DWORD x3, DWORD x4)
 
BOOL WINAPI RevertToSelf (VOID)
 
BOOL WINAPI ImpersonateSelf (SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
 
BOOL WINAPI AccessCheck (IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN HANDLE ClientToken, IN DWORD DesiredAccess, IN PGENERIC_MAPPING GenericMapping, OUT PPRIVILEGE_SET PrivilegeSet OPTIONAL, IN OUT LPDWORD PrivilegeSetLength, OUT LPDWORD GrantedAccess, OUT LPBOOL AccessStatus)
 
BOOL WINAPI AccessCheckByType (PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID PrincipalSelfSid, HANDLE ClientToken, DWORD DesiredAccess, POBJECT_TYPE_LIST ObjectTypeList, DWORD ObjectTypeListLength, PGENERIC_MAPPING GenericMapping, PPRIVILEGE_SET PrivilegeSet, LPDWORD PrivilegeSetLength, LPDWORD GrantedAccess, LPBOOL AccessStatus)
 
BOOL WINAPI SetKernelObjectSecurity (HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
 
BOOL WINAPI AddAuditAccessAce (PACL pAcl, DWORD dwAceRevision, DWORD dwAccessMask, PSID pSid, BOOL bAuditSuccess, BOOL bAuditFailure)
 
BOOL WINAPI AddAuditAccessAceEx (PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD dwAccessMask, PSID pSid, BOOL bAuditSuccess, BOOL bAuditFailure)
 
BOOL WINAPI LookupAccountNameA (LPCSTR SystemName, LPCSTR AccountName, PSID Sid, LPDWORD SidLength, LPSTR ReferencedDomainName, LPDWORD hReferencedDomainNameLength, PSID_NAME_USE SidNameUse)
 
BOOL WINAPI PrivilegeCheck (HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
 
DWORD WINAPI GetSecurityInfoExA (HANDLE hObject, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, LPCSTR lpProvider, LPCSTR lpProperty, PACTRL_ACCESSA *ppAccessList, PACTRL_AUDITA *ppAuditList, LPSTR *lppOwner, LPSTR *lppGroup)
 
DWORD WINAPI GetSecurityInfoExW (HANDLE hObject, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider, LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList, PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup)
 
VOID WINAPI BuildExplicitAccessWithNameA (PEXPLICIT_ACCESSA pExplicitAccess, LPSTR pTrusteeName, DWORD AccessPermissions, ACCESS_MODE AccessMode, DWORD Inheritance)
 
VOID WINAPI BuildExplicitAccessWithNameW (PEXPLICIT_ACCESSW pExplicitAccess, LPWSTR pTrusteeName, DWORD AccessPermissions, ACCESS_MODE AccessMode, DWORD Inheritance)
 
VOID WINAPI BuildTrusteeWithObjectsAndNameA (PTRUSTEEA pTrustee, POBJECTS_AND_NAME_A pObjName, SE_OBJECT_TYPE ObjectType, LPSTR ObjectTypeName, LPSTR InheritedObjectTypeName, LPSTR Name)
 
VOID WINAPI BuildTrusteeWithObjectsAndNameW (PTRUSTEEW pTrustee, POBJECTS_AND_NAME_W pObjName, SE_OBJECT_TYPE ObjectType, LPWSTR ObjectTypeName, LPWSTR InheritedObjectTypeName, LPWSTR Name)
 
VOID WINAPI BuildTrusteeWithObjectsAndSidA (PTRUSTEEA pTrustee, POBJECTS_AND_SID pObjSid, GUID *pObjectGuid, GUID *pInheritedObjectGuid, PSID pSid)
 
VOID WINAPI BuildTrusteeWithObjectsAndSidW (PTRUSTEEW pTrustee, POBJECTS_AND_SID pObjSid, GUID *pObjectGuid, GUID *pInheritedObjectGuid, PSID pSid)
 
VOID WINAPI BuildTrusteeWithSidA (PTRUSTEE_A pTrustee, PSID pSid)
 
VOID WINAPI BuildTrusteeWithSidW (PTRUSTEE_W pTrustee, PSID pSid)
 
VOID WINAPI BuildTrusteeWithNameA (PTRUSTEE_A pTrustee, LPSTR name)
 
VOID WINAPI BuildTrusteeWithNameW (PTRUSTEE_W pTrustee, LPWSTR name)
 
TRUSTEE_FORM WINAPI GetTrusteeFormA (PTRUSTEEA pTrustee)
 
TRUSTEE_FORM WINAPI GetTrusteeFormW (PTRUSTEEW pTrustee)
 
LPSTR WINAPI GetTrusteeNameA (PTRUSTEE_A pTrustee)
 
LPWSTR WINAPI GetTrusteeNameW (PTRUSTEE_W pTrustee)
 
TRUSTEE_TYPE WINAPI GetTrusteeTypeA (PTRUSTEE_A pTrustee)
 
TRUSTEE_TYPE WINAPI GetTrusteeTypeW (PTRUSTEE_W pTrustee)
 
BOOL WINAPI SetAclInformation (PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
 
DWORD WINAPI SetNamedSecurityInfoA (LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
 
BOOL WINAPI AreAllAccessesGranted (DWORD GrantedAccess, DWORD DesiredAccess)
 
BOOL WINAPI AreAnyAccessesGranted (DWORD GrantedAccess, DWORD DesiredAccess)
 
static DWORD ParseAclStringFlags (LPCWSTR *StringAcl)
 
static BYTE ParseAceStringType (LPCWSTR *StringAcl)
 
static BYTE ParseAceStringFlags (LPCWSTR *StringAcl)
 
static DWORD ParseAceStringRights (LPCWSTR *StringAcl)
 
static BOOL ParseStringAclToAcl (LPCWSTR StringAcl, LPDWORD lpdwFlags, PACL pAcl, LPDWORD cBytes)
 
static BOOL ParseStringSecurityDescriptorToSecurityDescriptor (LPCWSTR StringSecurityDescriptor, SECURITY_DESCRIPTOR_RELATIVE *SecurityDescriptor, LPDWORD cBytes)
 
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA (LPCSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize)
 
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW (LPCWSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize)
 
static void DumpString (LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpSidNumeric (PSID psid, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpSid (PSID psid, WCHAR **pwptr, ULONG *plen)
 
static void DumpRights (DWORD mask, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpAce (LPVOID pace, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpAcl (PACL pacl, WCHAR **pwptr, ULONG *plen, BOOL protected, BOOL autoInheritReq, BOOL autoInherited)
 
static BOOL DumpOwner (PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpGroup (PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpDacl (PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
 
static BOOL DumpSacl (PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
 
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorW (PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION RequestedInformation, LPWSTR *OutputString, PULONG OutputLen)
 
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorA (PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION Information, LPSTR *OutputString, PULONG OutputLen)
 
BOOL WINAPI ConvertStringSidToSidW (LPCWSTR StringSid, PSID *Sid)
 
BOOL WINAPI ConvertStringSidToSidA (LPCSTR StringSid, PSID *Sid)
 
BOOL WINAPI ConvertSidToStringSidW (PSID Sid, LPWSTR *StringSid)
 
BOOL WINAPI ConvertSidToStringSidA (PSID Sid, LPSTR *StringSid)
 
BOOL WINAPI CreateProcessWithLogonW (_In_ LPCWSTR lpUsername, _In_opt_ LPCWSTR lpDomain, _In_ LPCWSTR lpPassword, _In_ DWORD dwLogonFlags, _In_opt_ LPCWSTR lpApplicationName, _Inout_opt_ LPWSTR lpCommandLine, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCWSTR lpCurrentDirectory, _In_ LPSTARTUPINFOW lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
 
BOOL WINAPI CreateProcessWithTokenW (HANDLE token, DWORD logon_flags, LPCWSTR application_name, LPWSTR command_line, DWORD creation_flags, void *environment, LPCWSTR current_directory, STARTUPINFOW *startup_info, PROCESS_INFORMATION *process_information)
 
BOOL WINAPI DuplicateTokenEx (IN HANDLE ExistingTokenHandle, IN DWORD dwDesiredAccess, IN LPSECURITY_ATTRIBUTES lpTokenAttributes OPTIONAL, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, IN TOKEN_TYPE TokenType, OUT PHANDLE DuplicateTokenHandle)
 
BOOL WINAPI DuplicateToken (IN HANDLE ExistingTokenHandle, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, OUT PHANDLE DuplicateTokenHandle)
 
static DWORD ComputeStringSidSize (LPCWSTR StringSid)
 
DWORD WINAPI GetNamedSecurityInfoA (LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
 
BOOL WINAPI GetWindowsAccountDomainSid (PSID sid, PSID domain_sid, DWORD *size)
 
BOOL WINAPI EqualDomainSid (IN PSID pSid1, IN PSID pSid2, OUT BOOL *pfEqual)
 

Variables

static const WELLKNOWNSID WellKnownSids []
 
static const WELLKNOWNRID WellKnownRids []
 
static const SID sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } }
 
static const WCHAR SDDL_NO_READ_UP [] = {'N','R',0}
 
static const WCHAR SDDL_NO_WRITE_UP [] = {'N','W',0}
 
static const WCHAR SDDL_NO_EXECUTE_UP [] = {'N','X',0}
 
static const WCHAR SDDL_ACCESS_ALLOWED [] = {'A',0}
 
static const WCHAR SDDL_ACCESS_DENIED [] = {'D',0}
 
static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED [] = {'O','A',0}
 
static const WCHAR SDDL_OBJECT_ACCESS_DENIED [] = {'O','D',0}
 
static const WCHAR SDDL_AUDIT [] = {'A','U',0}
 
static const WCHAR SDDL_ALARM [] = {'A','L',0}
 
static const WCHAR SDDL_MANDATORY_LABEL [] = {'M','L',0}
 
static const WCHAR SDDL_OBJECT_AUDIT [] = {'O','U',0}
 
static const WCHAR SDDL_OBJECT_ALARM [] = {'O','L',0}
 
static const WCHAR SDDL_CONTAINER_INHERIT [] = {'C','I',0}
 
static const WCHAR SDDL_OBJECT_INHERIT [] = {'O','I',0}
 
static const WCHAR SDDL_NO_PROPAGATE [] = {'N','P',0}
 
static const WCHAR SDDL_INHERIT_ONLY [] = {'I','O',0}
 
static const WCHAR SDDL_INHERITED [] = {'I','D',0}
 
static const WCHAR SDDL_AUDIT_SUCCESS [] = {'S','A',0}
 
static const WCHAR SDDL_AUDIT_FAILURE [] = {'F','A',0}
 
static const ACEFLAG AceType []
 
static const ACEFLAG AceFlags []
 
static const ACEFLAG AceRights []
 
static const LPCWSTR AceRightBitNames [32]
 

Macro Definition Documentation

◆ ADS_RIGHT_ACTRL_DS_LIST

#define ADS_RIGHT_ACTRL_DS_LIST   0x0004

Definition at line 157 of file security.c.

◆ ADS_RIGHT_DS_CONTROL_ACCESS

#define ADS_RIGHT_DS_CONTROL_ACCESS   0x0100

Definition at line 163 of file security.c.

◆ ADS_RIGHT_DS_CREATE_CHILD

#define ADS_RIGHT_DS_CREATE_CHILD   0x0001

Definition at line 155 of file security.c.

◆ ADS_RIGHT_DS_DELETE_CHILD

#define ADS_RIGHT_DS_DELETE_CHILD   0x0002

Definition at line 156 of file security.c.

◆ ADS_RIGHT_DS_DELETE_TREE

#define ADS_RIGHT_DS_DELETE_TREE   0x0040

Definition at line 161 of file security.c.

◆ ADS_RIGHT_DS_LIST_OBJECT

#define ADS_RIGHT_DS_LIST_OBJECT   0x0080

Definition at line 162 of file security.c.

◆ ADS_RIGHT_DS_READ_PROP

#define ADS_RIGHT_DS_READ_PROP   0x0010

Definition at line 159 of file security.c.

◆ ADS_RIGHT_DS_SELF

#define ADS_RIGHT_DS_SELF   0x0008

Definition at line 158 of file security.c.

◆ ADS_RIGHT_DS_WRITE_PROP

#define ADS_RIGHT_DS_WRITE_PROP   0x0020

Definition at line 160 of file security.c.

Typedef Documentation

◆ ACEFLAG

typedef struct _ACEFLAG ACEFLAG

◆ LPACEFLAG

typedef struct _ACEFLAG * LPACEFLAG

◆ MAX_SID

typedef struct _MAX_SID MAX_SID

◆ WELLKNOWNRID

typedef struct WELLKNOWNRID WELLKNOWNRID

◆ WELLKNOWNSID

typedef struct WELLKNOWNSID WELLKNOWNSID

Function Documentation

◆ AccessCheck()

BOOL WINAPI AccessCheck ( IN PSECURITY_DESCRIPTOR  pSecurityDescriptor,
IN HANDLE  ClientToken,
IN DWORD  DesiredAccess,
IN PGENERIC_MAPPING  GenericMapping,
OUT PPRIVILEGE_SET PrivilegeSet  OPTIONAL,
IN OUT LPDWORD  PrivilegeSetLength,
OUT LPDWORD  GrantedAccess,
OUT LPBOOL  AccessStatus 
)

Definition at line 1652 of file security.c.

1660 {
1661  NTSTATUS Status;
1662  NTSTATUS NtAccessStatus;
1663 
1664  /* Do the access check */
1665  Status = NtAccessCheck(pSecurityDescriptor,
1666  ClientToken,
1667  DesiredAccess,
1668  GenericMapping,
1669  PrivilegeSet,
1670  (PULONG)PrivilegeSetLength,
1671  (PACCESS_MASK)GrantedAccess,
1672  &NtAccessStatus);
1673 
1674  /* See if the access check operation succeeded */
1675  if (!NT_SUCCESS(Status))
1676  {
1677  /* Check failed */
1678  SetLastError(RtlNtStatusToDosError(Status));
1679  return FALSE;
1680  }
1681 
1682  /* Now check the access status */
1683  if (!NT_SUCCESS(NtAccessStatus))
1684  {
1685  /* Access denied */
1686  SetLastError(RtlNtStatusToDosError(NtAccessStatus));
1687  *AccessStatus = FALSE;
1688  }
1689  else
1690  {
1691  /* Access granted */
1692  *AccessStatus = TRUE;
1693  }
1694 
1695  /* Check succeeded */
1696  return TRUE;
1697 }
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
AccessStatus
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
Status
Status
Definition: gdiplustypes.h:24
NtAccessCheck
NTSTATUS NTAPI NtAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE TokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _Out_opt_ PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access rights can be given to an object depending on the security descrip...
Definition: accesschk.c:1164
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:752
GenericMapping
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
PULONG
unsigned int * PULONG
Definition: retypes.h:1
PACCESS_MASK
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
GrantedAccess
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13

Referenced by test_AccessCheck(), test_default_handle_security(), and test_FileSecurity().

◆ AccessCheckByType()

BOOL WINAPI AccessCheckByType ( PSECURITY_DESCRIPTOR  pSecurityDescriptor,
PSID  PrincipalSelfSid,
HANDLE  ClientToken,
DWORD  DesiredAccess,
POBJECT_TYPE_LIST  ObjectTypeList,
DWORD  ObjectTypeListLength,
PGENERIC_MAPPING  GenericMapping,
PPRIVILEGE_SET  PrivilegeSet,
LPDWORD  PrivilegeSetLength,
LPDWORD  GrantedAccess,
LPBOOL  AccessStatus 
)

Definition at line 1702 of file security.c.

1714 {
1715  FIXME("stub\n");
1716 
1717  *AccessStatus = TRUE;
1718 
1719  return !*AccessStatus;
1720 }
AccessStatus
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:13
TRUE
#define TRUE
Definition: types.h:120
FIXME
#define FIXME(fmt,...)
Definition: debug.h:111

◆ AddAccessAllowedAce()

BOOL WINAPI AddAccessAllowedAce ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  AccessMask,
PSID  pSid 
)

Definition at line 1041 of file security.c.

1045 {
1046  NTSTATUS Status;
1047 
1048  Status = RtlAddAccessAllowedAce(pAcl,
1049  dwAceRevision,
1050  AccessMask,
1051  pSid);
1052  if (!NT_SUCCESS(Status))
1053  {
1054  SetLastError(RtlNtStatusToDosError(Status));
1055  return FALSE;
1056  }
1057 
1058  return TRUE;
1059 }
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlAddAccessAllowedAce
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
SetLastError
#define SetLastError(x)
Definition: compat.h:752
dwAceRevision
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1141
pSid
static PSID pSid
Definition: security.c:74

Referenced by AccRewriteSetEntriesInAcl(), convert_nfs4acl_2_dacl(), CreateDefaultProcessSecurityCommon(), CreateDefaultSecurityDescriptor(), CreateDhcpPipeSecurity(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), GetShellSecurityDescriptor(), test_AccessCheck(), test_AddMandatoryAce(), test_GetExplicitEntriesFromAclW(), test_process_security(), test_SetEntriesInAclA(), and test_SetEntriesInAclW().

◆ AddAccessAllowedAceEx()

BOOL WINAPI AddAccessAllowedAceEx ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  AceFlags,
DWORD  AccessMask,
PSID  pSid 
)

Definition at line 1065 of file security.c.

1070 {
1071  NTSTATUS Status;
1072 
1073  Status = RtlAddAccessAllowedAceEx(pAcl,
1074  dwAceRevision,
1075  AceFlags,
1076  AccessMask,
1077  pSid);
1078  if (!NT_SUCCESS(Status))
1079  {
1080  SetLastError(RtlNtStatusToDosError(Status));
1081  return FALSE;
1082  }
1083 
1084  return TRUE;
1085 }
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
SetLastError
#define SetLastError(x)
Definition: compat.h:752
RtlAddAccessAllowedAceEx
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAceEx(PACL, DWORD, DWORD, DWORD, PSID)
dwAceRevision
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1141
pSid
static PSID pSid
Definition: security.c:74
AceFlags
static const ACEFLAG AceFlags[]
Definition: security.c:2423

Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), CreateApplicationDesktopSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), get_sd(), and GetShellSecurityDescriptor().

◆ AddAccessDeniedAce()

BOOL WINAPI AddAccessDeniedAce ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  AccessMask,
PSID  pSid 
)

Definition at line 1092 of file security.c.

1096 {
1097  NTSTATUS Status;
1098 
1099  Status = RtlAddAccessDeniedAce(pAcl,
1100  dwAceRevision,
1101  AccessMask,
1102  pSid);
1103  if (!NT_SUCCESS(Status))
1104  {
1105  SetLastError(RtlNtStatusToDosError(Status));
1106  return FALSE;
1107  }
1108 
1109  return TRUE;
1110 }
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
SetLastError
#define SetLastError(x)
Definition: compat.h:752
dwAceRevision
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1141
pSid
static PSID pSid
Definition: security.c:74
RtlAddAccessDeniedAce
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)

Referenced by AccRewriteSetEntriesInAcl(), convert_nfs4acl_2_dacl(), GetShellSecurityDescriptor(), test_AccessCheck(), and test_process_security().

◆ AddAccessDeniedAceEx()

BOOL WINAPI AddAccessDeniedAceEx ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  AceFlags,
DWORD  AccessMask,
PSID  pSid 
)

Definition at line 1116 of file security.c.

1121 {
1122  NTSTATUS Status;
1123 
1124  Status = RtlAddAccessDeniedAceEx(pAcl,
1125  dwAceRevision,
1126  AceFlags,
1127  AccessMask,
1128  pSid);
1129  if (!NT_SUCCESS(Status))
1130  {
1131  SetLastError(RtlNtStatusToDosError(Status));
1132  return FALSE;
1133  }
1134 
1135  return TRUE;
1136 }
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
SetLastError
#define SetLastError(x)
Definition: compat.h:752
dwAceRevision
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1141
pSid
static PSID pSid
Definition: security.c:74
RtlAddAccessDeniedAceEx
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAceEx(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)
AceFlags
static const ACEFLAG AceFlags[]
Definition: security.c:2423

Referenced by GetShellSecurityDescriptor().

◆ AddAce()

BOOL WINAPI AddAce ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  dwStartingAceIndex,
LPVOID  pAceList,
DWORD  nAceListLength 
)

Definition at line 1143 of file security.c.

1148 {
1149  NTSTATUS Status;
1150 
1151  Status = RtlAddAce(pAcl,
1152  dwAceRevision,
1153  dwStartingAceIndex,
1154  pAceList,
1155  nAceListLength);
1156  if (!NT_SUCCESS(Status))
1157  {
1158  SetLastError(RtlNtStatusToDosError(Status));
1159  return FALSE;
1160  }
1161 
1162  return TRUE;
1163 }
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:752
RtlAddAce
NTSYSAPI NTSTATUS NTAPI RtlAddAce(_Inout_ PACL Acl, _In_ ULONG AceRevision, _In_ ULONG StartingAceIndex, _In_reads_bytes_(AceListLength) PVOID AceList, _In_ ULONG AceListLength)
dwAceRevision
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1141

Referenced by test_AddAce().

◆ AddAuditAccessAce()

BOOL WINAPI AddAuditAccessAce ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  dwAccessMask,
PSID  pSid,
BOOL  bAuditSuccess,
BOOL  bAuditFailure 
)

Definition at line 1750 of file security.c.

1756 {
1757  NTSTATUS Status;
1758 
1759  Status = RtlAddAuditAccessAce(pAcl,
1760  dwAceRevision,
1761  dwAccessMask,
1762  pSid,
1763  bAuditSuccess,
1764  bAuditFailure);
1765  if (!NT_SUCCESS(Status))
1766  {
1767  SetLastError(RtlNtStatusToDosError(Status));
1768  return FALSE;
1769  }
1770 
1771  return TRUE;
1772 }
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:752
RtlAddAuditAccessAce
NTSYSAPI NTSTATUS NTAPI RtlAddAuditAccessAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid, _In_ BOOLEAN Success, _In_ BOOLEAN Failure)
dwAceRevision
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1141
pSid
static PSID pSid
Definition: security.c:74

◆ AddAuditAccessAceEx()

BOOL WINAPI AddAuditAccessAceEx ( PACL  pAcl,
DWORD  dwAceRevision,
DWORD  AceFlags,
DWORD  dwAccessMask,
PSID  pSid,
BOOL  bAuditSuccess,
BOOL  bAuditFailure 
)

Definition at line 1778 of file security.c.

1785 {
1786  NTSTATUS Status;
1787 
1788  Status = RtlAddAuditAccessAceEx(pAcl,
1789  dwAceRevision,
1790  AceFlags,
1791  dwAccessMask,
1792  pSid,
1793  bAuditSuccess,
1794  bAuditFailure);
1795  if (!NT_SUCCESS(Status))
1796  {
1797  SetLastError(RtlNtStatusToDosError(Status));
1798  return FALSE;
1799  }
1800 
1801  return TRUE;
1802 }
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:752
dwAceRevision
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1141
pSid
static PSID pSid
Definition: security.c:74
RtlAddAuditAccessAceEx
NTSYSAPI NTSTATUS NTAPI RtlAddAuditAccessAceEx(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid, _In_ BOOLEAN Success, _In_ BOOLEAN Failure)
AceFlags
static const ACEFLAG AceFlags[]
Definition: security.c:2423

◆ AdjustTokenGroups()

BOOL WINAPI AdjustTokenGroups ( HANDLE  TokenHandle,
BOOL  ResetToDefault,
PTOKEN_GROUPS  NewState,
DWORD  BufferLength,
PTOKEN_GROUPS  PreviousState,
PDWORD  ReturnLength 
)

Definition at line 348 of file security.c.

354 {
355  NTSTATUS Status;
356 
357  Status = NtAdjustGroupsToken(TokenHandle,
358  ResetToDefault,
359  NewState,
360  BufferLength,
361  PreviousState,
362  (PULONG)ReturnLength);
363  if (!NT_SUCCESS(Status))
364  {
365  SetLastError(RtlNtStatusToDosError(Status));
366  return FALSE;
367  }
368 
369  return TRUE;
370 }
ReturnLength
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3767
NtAdjustGroupsToken
NTSTATUS NTAPI NtAdjustGroupsToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN ResetToDefault, _In_ PTOKEN_GROUPS NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength)
Changes the list of groups by enabling or disabling them in an access token. Unlike NtAdjustPrivilege...
Definition: tokenadj.c:695
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
TokenHandle
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:752
PULONG
unsigned int * PULONG
Definition: retypes.h:1
PreviousState
_In_ WDF_POWER_DEVICE_STATE PreviousState
Definition: wdfdevice.h:829

◆ AdjustTokenPrivileges()

BOOL WINAPI AdjustTokenPrivileges ( HANDLE  TokenHandle,
BOOL  DisableAllPrivileges,
PTOKEN_PRIVILEGES  NewState,
DWORD  BufferLength,
PTOKEN_PRIVILEGES  PreviousState,
PDWORD  ReturnLength 
)

Definition at line 376 of file security.c.

382 {
383  NTSTATUS Status;
384 
385  Status = NtAdjustPrivilegesToken(TokenHandle,
386  DisableAllPrivileges,
387  NewState,
388  BufferLength,
389  PreviousState,
390  (PULONG)ReturnLength);
391  if (STATUS_NOT_ALL_ASSIGNED == Status)
392  {
393  SetLastError(ERROR_NOT_ALL_ASSIGNED);
394  return TRUE;
395  }
396 
397  if (!NT_SUCCESS(Status))
398  {
399  SetLastError(RtlNtStatusToDosError(Status));
400  return FALSE;
401  }
402 
403  /* AdjustTokenPrivileges is documented to do this */
404  SetLastError(ERROR_SUCCESS);
405 
406  return TRUE;
407 }
ReturnLength
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
STATUS_NOT_ALL_ASSIGNED
#define STATUS_NOT_ALL_ASSIGNED
Definition: ntstatus.h:85
BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3767
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
TokenHandle
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:715
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:752
NtAdjustPrivilegesToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState!=NULL, _Out_) PULONG ReturnLength)
Removes a certain amount of privileges of a token based upon the request by the caller.
Definition: tokenadj.c:451
PULONG
unsigned int * PULONG
Definition: retypes.h:1
ERROR_NOT_ALL_ASSIGNED
#define ERROR_NOT_ALL_ASSIGNED
Definition: winerror.h:782
PreviousState
_In_ WDF_POWER_DEVICE_STATE PreviousState
Definition: wdfdevice.h:829

Referenced by AcquireRemoveRestorePrivilege(), AddDeviceW(), DisablePrivilege(), DisableTokenPrivileges(), EnablePrivilege(), EnableProcessPrivileges(), CShellCommandSACL::Execute(), FormatEx2(), InstallReactOS(), named_pipe_client_func(), PauseBalanceW(), Privilege(), pSetupEnablePrivilege(), RecvSubvolGUIW(), RecvSubvolW(), RemoveDeviceW(), ResetStatsW(), ResizeDeviceW(), ScmEnableBackupRestorePrivileges(), SendSubvolGUIW(), SendSubvolW(), set_privileges(), SetDriverLoadPrivilege(), SetPrivilege(), ShowScrubW(), ShutdownSystem(), StartBalanceW(), StartScrubW(), StopBalanceW(), StopScrubW(), SystemSetLocalTime(), SystemSetTime(), test8(), test_AdjustTokenPrivileges(), test_SetFileValidData(), test_system_security_access(), UpdateDriver(), WinMain(), and wWinMain().

◆ ADVAPI_GetComputerSid()

BOOL ADVAPI_GetComputerSid ( PSID  sid)

Definition at line 275 of file security.c.

276 {
277  static const struct /* same fields as struct SID */
278  {
279  BYTE Revision;
280  BYTE SubAuthorityCount;
281  SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
282  DWORD SubAuthority[4];
283  } computer_sid =
284  { SID_REVISION, 4, { SECURITY_NT_AUTHORITY }, { SECURITY_NT_NON_UNIQUE, 0, 0, 0 } };
285 
286  memcpy( sid, &computer_sid, sizeof(computer_sid) );
287  return TRUE;
288 }
TRUE
#define TRUE
Definition: types.h:120
SID_REVISION
#define SID_REVISION
Definition: setypes.h:481
sid
FT_UInt sid
Definition: cffcmap.c:139
Revision
_In_ ULONG Revision
Definition: rtlfuncs.h:1130
SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
SubAuthorityCount
_In_ PSID_IDENTIFIER_AUTHORITY _In_ UCHAR SubAuthorityCount
Definition: rtlfuncs.h:1513
BYTE
unsigned char BYTE
Definition: xxhash.c:193
IdentifierAuthority
_In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: rtlfuncs.h:1513
SECURITY_NT_NON_UNIQUE
#define SECURITY_NT_NON_UNIQUE
Definition: setypes.h:577

Referenced by ComputeStringSidSize(), and ParseStringSidToSid().

◆ ADVAPI_IsLocalComputer()

BOOL ADVAPI_IsLocalComputer ( LPCWSTR  ServerName)

Definition at line 253 of file security.c.

254 {
255  DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
256  BOOL Result;
257  LPWSTR buf;
258 
259  if (!ServerName || !ServerName[0])
260  return TRUE;
261 
262  buf = heap_alloc(dwSize * sizeof(WCHAR));
263  Result = GetComputerNameW(buf, &dwSize);
264  if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
265  ServerName += 2;
266  Result = Result && !lstrcmpW(ServerName, buf);
267  heap_free(buf);
268 
269  return Result;
270 }
TRUE
#define TRUE
Definition: types.h:120
lstrcmpW
int WINAPI lstrcmpW(LPCWSTR lpString1, LPCWSTR lpString2)
Definition: lstring.c:170
GetComputerNameW
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:446
heap_alloc
static void * heap_alloc(size_t len)
Definition: appwiz.h:65
buf
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
MAX_COMPUTERNAME_LENGTH
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:243
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184
dwSize
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:56
heap_free
static BOOL heap_free(void *mem)
Definition: appwiz.h:75

◆ AllocateAndInitializeSid()

BOOL WINAPI AllocateAndInitializeSid ( PSID_IDENTIFIER_AUTHORITY  pIdentifierAuthority,
BYTE  nSubAuthorityCount,
DWORD  nSubAuthority0,
DWORD  nSubAuthority1,
DWORD  nSubAuthority2,
DWORD  nSubAuthority3,
DWORD  nSubAuthority4,
DWORD  nSubAuthority5,
DWORD  nSubAuthority6,
DWORD  nSubAuthority7,
PSID pSid 
)

Definition at line 676 of file security.c.

683 {
684  return set_ntstatus( RtlAllocateAndInitializeSid(
685  pIdentifierAuthority, nSubAuthorityCount,
686  nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
687  nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
688  pSid ));
689 }
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
set_ntstatus
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:229
pSid
static PSID pSid
Definition: security.c:74

Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), check_wellknown_name(), CheckForGuestsAndAdmins(), CreateApplicationDesktopSecurity(), CreateDefaultProcessSecurityCommon(), CreateDefaultSecurityDescriptor(), CreateDhcpPipeSecurity(), CreateLogoffSecurityAttributes(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), GetShellSecurityDescriptor(), is_process_limited(), is_token_admin(), IsNTAdmin(), IsUserAdmin(), PerfDataInitialize(), pSetupIsUserAdmin(), SHTestTokenMembership(), test_AccessCheck(), test_AddMandatoryAce(), test_CreateWellKnownSid(), test_EqualSid(), test_GetExplicitEntriesFromAclW(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_LookupAccountSid(), test_process_security(), test_reg_create_key(), test_reg_open_key(), test_SetEntriesInAclA(), test_SetEntriesInAclW(), test_sid(), and test_trustee().

◆ AllocateLocallyUniqueId()

BOOL WINAPI AllocateLocallyUniqueId ( PLUID  Luid)

Definition at line 1220 of file security.c.

1221 {
1222  NTSTATUS Status;
1223 
1224  Status = NtAllocateLocallyUniqueId (Luid);
1225  if (!NT_SUCCESS (Status))
1226  {
1227  SetLastError(RtlNtStatusToDosError(Status));
1228  return FALSE;
1229  }
1230 
1231  return TRUE;
1232 }
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NtAllocateLocallyUniqueId
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:348
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
Status
Status
Definition: gdiplustypes.h:24
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:752

Referenced by CookupNodeId(), LogonUserExW(), MyLogonUser(), and wined3d_adapter_init().

◆ AreAllAccessesGranted()

BOOL WINAPI AreAllAccessesGranted ( DWORD  GrantedAccess,
DWORD  DesiredAccess 
)

Definition at line 2331 of file security.c.

2333 {
2334  return (BOOL)RtlAreAllAccessesGranted(GrantedAccess,
2335  DesiredAccess);
2336 }
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
RtlAreAllAccessesGranted
NTSYSAPI BOOLEAN NTAPI RtlAreAllAccessesGranted(ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess)
GrantedAccess
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13

◆ AreAnyAccessesGranted()

BOOL WINAPI AreAnyAccessesGranted ( DWORD  GrantedAccess,
DWORD  DesiredAccess 
)

Definition at line 2343 of file security.c.

2345 {
2346  return (BOOL)RtlAreAnyAccessesGranted(GrantedAccess,
2347  DesiredAccess);
2348 }
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2654
RtlAreAnyAccessesGranted
NTSYSAPI BOOLEAN NTAPI RtlAreAnyAccessesGranted(ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess)
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
GrantedAccess
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:13

◆ BuildExplicitAccessWithNameA()

VOID WINAPI BuildExplicitAccessWithNameA ( PEXPLICIT_ACCESSA  pExplicitAccess,
LPSTR  pTrusteeName,
DWORD  AccessPermissions,
ACCESS_MODE  AccessMode,
DWORD  Inheritance 
)

Definition at line 1929 of file security.c.

1934 {
1935  pExplicitAccess->grfAccessPermissions = AccessPermissions;
1936  pExplicitAccess->grfAccessMode = AccessMode;
1937  pExplicitAccess->grfInheritance = Inheritance;
1938 
1939  pExplicitAccess->Trustee.pMultipleTrustee = NULL;
1940  pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
1941  pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
1942  pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
1943  pExplicitAccess->Trustee.ptstrName = pTrusteeName;
1944 }
_TRUSTEE_A::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:207
_EXPLICIT_ACCESS_A::grfAccessMode
ACCESS_MODE grfAccessMode
Definition: accctrl.h:333
_TRUSTEE_A::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:205
_TRUSTEE_A::pMultipleTrustee
struct _TRUSTEE_A * pMultipleTrustee
Definition: accctrl.h:204
_EXPLICIT_ACCESS_A::Trustee
TRUSTEE_A Trustee
Definition: accctrl.h:335
_TRUSTEE_A::ptstrName
LPSTR ptstrName
Definition: accctrl.h:208
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
_EXPLICIT_ACCESS_A::grfInheritance
DWORD grfInheritance
Definition: accctrl.h:334
NULL
#define NULL
Definition: types.h:112
_EXPLICIT_ACCESS_A::grfAccessPermissions
DWORD grfAccessPermissions
Definition: accctrl.h:332
_TRUSTEE_A::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:206

◆ BuildExplicitAccessWithNameW()

VOID WINAPI BuildExplicitAccessWithNameW ( PEXPLICIT_ACCESSW  pExplicitAccess,
LPWSTR  pTrusteeName,
DWORD  AccessPermissions,
ACCESS_MODE  AccessMode,
DWORD  Inheritance 
)

Definition at line 1951 of file security.c.

1956 {
1957  pExplicitAccess->grfAccessPermissions = AccessPermissions;
1958  pExplicitAccess->grfAccessMode = AccessMode;
1959  pExplicitAccess->grfInheritance = Inheritance;
1960 
1961  pExplicitAccess->Trustee.pMultipleTrustee = NULL;
1962  pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
1963  pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
1964  pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
1965  pExplicitAccess->Trustee.ptstrName = pTrusteeName;
1966 }
_TRUSTEE_W::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:215
_TRUSTEE_W::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:216
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:395
_EXPLICIT_ACCESS_W::grfInheritance
DWORD grfInheritance
Definition: accctrl.h:342
_EXPLICIT_ACCESS_W::grfAccessMode
ACCESS_MODE grfAccessMode
Definition: accctrl.h:341
_TRUSTEE_W::pMultipleTrustee
struct _TRUSTEE_W * pMultipleTrustee
Definition: accctrl.h:213
_EXPLICIT_ACCESS_W::Trustee
TRUSTEE_W Trustee
Definition: accctrl.h:343
_TRUSTEE_W::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:214
_TRUSTEE_W::ptstrName
LPWSTR ptstrName
Definition: accctrl.h:217
_EXPLICIT_ACCESS_W::grfAccessPermissions
DWORD grfAccessPermissions
Definition: accctrl.h:340
NULL
#define NULL
Definition: types.h:112

◆ BuildTrusteeWithNameA()

VOID WINAPI BuildTrusteeWithNameA ( PTRUSTEE_A  pTrustee,
LPSTR  name 
)

Definition at line 2174 of file security.c.

2176 {
2177  TRACE("%p %s\n", pTrustee, name);
2178 
2179  pTrustee->pMultipleTrustee = NULL;
2180  pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2181  pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2182  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2183  pTrustee->ptstrName = name;
2184 }
_TRUSTEE_A::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:207
_TRUSTEE_A::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:205
_TRUSTEE_A::pMultipleTrustee
struct _TRUSTEE_A * pMultipleTrustee
Definition: accctrl.h:204
_TRUSTEE_A::ptstrName
LPSTR ptstrName
Definition: accctrl.h:208
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
NULL
#define NULL
Definition: types.h:112
name
Definition: name.c:38
_TRUSTEE_A::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:206
name
GLuint const GLchar * name
Definition: glext.h:6031

◆ BuildTrusteeWithNameW()

VOID WINAPI BuildTrusteeWithNameW ( PTRUSTEE_W  pTrustee,
LPWSTR  name 
)

Definition at line 2190 of file security.c.

2192 {
2193  TRACE("%p %s\n", pTrustee, name);
2194 
2195  pTrustee->pMultipleTrustee = NULL;
2196  pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2197  pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2198  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2199  pTrustee->ptstrName = name;
2200 }
_TRUSTEE_W::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:215
_TRUSTEE_W::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:216
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_TRUSTEE_W::pMultipleTrustee
struct _TRUSTEE_W * pMultipleTrustee
Definition: accctrl.h:213
_TRUSTEE_W::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:214
_TRUSTEE_W::ptstrName
LPWSTR ptstrName
Definition: accctrl.h:217
NULL
#define NULL
Definition: types.h:112
name
Definition: name.c:38
name
GLuint const GLchar * name
Definition: glext.h:6031

◆ BuildTrusteeWithObjectsAndNameA()

VOID WINAPI BuildTrusteeWithObjectsAndNameA ( PTRUSTEEA  pTrustee,
POBJECTS_AND_NAME_A  pObjName,
SE_OBJECT_TYPE  ObjectType,
LPSTR  ObjectTypeName,
LPSTR  InheritedObjectTypeName,
LPSTR  Name 
)

Definition at line 1971 of file security.c.

1974 {
1975  DWORD ObjectsPresent = 0;
1976 
1977  TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
1978  ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_a(Name));
1979 
1980  /* Fill the OBJECTS_AND_NAME structure */
1981  pObjName->ObjectType = ObjectType;
1982  if (ObjectTypeName != NULL)
1983  {
1984  ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
1985  }
1986 
1987  pObjName->InheritedObjectTypeName = InheritedObjectTypeName;
1988  if (InheritedObjectTypeName != NULL)
1989  {
1990  ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
1991  }
1992 
1993  pObjName->ObjectsPresent = ObjectsPresent;
1994  pObjName->ptstrName = Name;
1995 
1996  /* Fill the TRUSTEE structure */
1997  pTrustee->pMultipleTrustee = NULL;
1998  pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
1999  pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2000  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2001  pTrustee->ptstrName = (LPSTR)pObjName;
2002 }
ObjectTypeName
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:77
ObjectType
ObjectType
Definition: metafile.c:80
_TRUSTEE_A::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:207
ACE_OBJECT_TYPE_PRESENT
#define ACE_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:106
InheritedObjectTypeName
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR InheritedObjectTypeName
Definition: security.c:77
_TRUSTEE_A::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:205
LPSTR
static LPSTR(WINAPI *pGetTrusteeNameA)(PTRUSTEEA pTrustee)
_OBJECTS_AND_NAME_A::ObjectsPresent
DWORD ObjectsPresent
Definition: accctrl.h:356
_TRUSTEE_A::pMultipleTrustee
struct _TRUSTEE_A * pMultipleTrustee
Definition: accctrl.h:204
Name
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR LPSTR Name
Definition: security.c:77
_TRUSTEE_A::ptstrName
LPSTR ptstrName
Definition: accctrl.h:208
ACE_INHERITED_OBJECT_TYPE_PRESENT
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:107
NameRec_
Definition: apinames.c:48
_OBJECTS_AND_NAME_A::ObjectType
SE_OBJECT_TYPE ObjectType
Definition: accctrl.h:357
pObjName
static POBJECTS_AND_NAME_A pObjName
Definition: security.c:77
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
debugstr_a
#define debugstr_a
Definition: kernel32.h:31
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
_OBJECTS_AND_NAME_A::ptstrName
LPSTR ptstrName
Definition: accctrl.h:360
ObjectType
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE ObjectType
Definition: security.c:77
NULL
#define NULL
Definition: types.h:112
_OBJECTS_AND_NAME_A::InheritedObjectTypeName
LPSTR InheritedObjectTypeName
Definition: accctrl.h:359
_TRUSTEE_A::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:206

◆ BuildTrusteeWithObjectsAndNameW()

VOID WINAPI BuildTrusteeWithObjectsAndNameW ( PTRUSTEEW  pTrustee,
POBJECTS_AND_NAME_W  pObjName,
SE_OBJECT_TYPE  ObjectType,
LPWSTR  ObjectTypeName,
LPWSTR  InheritedObjectTypeName,
LPWSTR  Name 
)

Definition at line 2007 of file security.c.

2010 {
2011  DWORD ObjectsPresent = 0;
2012 
2013  TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2014  ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_w(Name));
2015 
2016  /* Fill the OBJECTS_AND_NAME structure */
2017  pObjName->ObjectType = ObjectType;
2018  if (ObjectTypeName != NULL)
2019  {
2020  ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2021  }
2022 
2023  pObjName->InheritedObjectTypeName = InheritedObjectTypeName;
2024  if (InheritedObjectTypeName != NULL)
2025  {
2026  ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2027  }
2028 
2029  pObjName->ObjectsPresent = ObjectsPresent;
2030  pObjName->ptstrName = Name;
2031 
2032  /* Fill the TRUSTEE structure */
2033  pTrustee->pMultipleTrustee = NULL;
2034  pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2035  pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2036  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2037  pTrustee->ptstrName = (LPWSTR)pObjName;
2038 }
ObjectTypeName
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:77
ObjectType
ObjectType
Definition: metafile.c:80
ACE_OBJECT_TYPE_PRESENT
#define ACE_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:106
_TRUSTEE_W::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:215
InheritedObjectTypeName
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR InheritedObjectTypeName
Definition: security.c:77
_OBJECTS_AND_NAME_A::ObjectsPresent
DWORD ObjectsPresent
Definition: accctrl.h:356
_TRUSTEE_W::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:216
Name
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR LPSTR Name
Definition: security.c:77
debugstr_w
#define debugstr_w
Definition: kernel32.h:32
ACE_INHERITED_OBJECT_TYPE_PRESENT
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:107
NameRec_
Definition: apinames.c:48
_OBJECTS_AND_NAME_A::ObjectType
SE_OBJECT_TYPE ObjectType
Definition: accctrl.h:357
pObjName
static POBJECTS_AND_NAME_A pObjName
Definition: security.c:77
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_TRUSTEE_W::pMultipleTrustee
struct _TRUSTEE_W * pMultipleTrustee
Definition: accctrl.h:213
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
_OBJECTS_AND_NAME_A::ptstrName
LPSTR ptstrName
Definition: accctrl.h:360
ObjectType
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE ObjectType
Definition: security.c:77
_TRUSTEE_W::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:214
_TRUSTEE_W::ptstrName
LPWSTR ptstrName
Definition: accctrl.h:217
NULL
#define NULL
Definition: types.h:112
_OBJECTS_AND_NAME_A::InheritedObjectTypeName
LPSTR InheritedObjectTypeName
Definition: accctrl.h:359
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

◆ BuildTrusteeWithObjectsAndSidA()

VOID WINAPI BuildTrusteeWithObjectsAndSidA ( PTRUSTEEA  pTrustee,
POBJECTS_AND_SID  pObjSid,
GUID pObjectGuid,
GUID pInheritedObjectGuid,
PSID  pSid 
)

Definition at line 2044 of file security.c.

2049 {
2050  DWORD ObjectsPresent = 0;
2051 
2052  TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2053 
2054  /* Fill the OBJECTS_AND_SID structure */
2055  if (pObjectGuid != NULL)
2056  {
2057  pObjSid->ObjectTypeGuid = *pObjectGuid;
2058  ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2059  }
2060  else
2061  {
2062  ZeroMemory(&pObjSid->ObjectTypeGuid,
2063  sizeof(GUID));
2064  }
2065 
2066  if (pInheritedObjectGuid != NULL)
2067  {
2068  pObjSid->InheritedObjectTypeGuid = *pInheritedObjectGuid;
2069  ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2070  }
2071  else
2072  {
2073  ZeroMemory(&pObjSid->InheritedObjectTypeGuid,
2074  sizeof(GUID));
2075  }
2076 
2077  pObjSid->ObjectsPresent = ObjectsPresent;
2078  pObjSid->pSid = pSid;
2079 
2080  /* Fill the TRUSTEE structure */
2081  pTrustee->pMultipleTrustee = NULL;
2082  pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2083  pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2084  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2085  pTrustee->ptstrName = (LPSTR) pObjSid;
2086 }
_OBJECTS_AND_SID::ObjectTypeGuid
GUID ObjectTypeGuid
Definition: accctrl.h:349
_TRUSTEE_A::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:207
ACE_OBJECT_TYPE_PRESENT
#define ACE_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:106
_OBJECTS_AND_SID::pSid
SID * pSid
Definition: accctrl.h:351
_TRUSTEE_A::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:205
LPSTR
static LPSTR(WINAPI *pGetTrusteeNameA)(PTRUSTEEA pTrustee)
_TRUSTEE_A::pMultipleTrustee
struct _TRUSTEE_A * pMultipleTrustee
Definition: accctrl.h:204
ZeroMemory
#define ZeroMemory
Definition: winbase.h:1670
_TRUSTEE_A::ptstrName
LPSTR ptstrName
Definition: accctrl.h:208
ACE_INHERITED_OBJECT_TYPE_PRESENT
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:107
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
pObjSid
static POBJECTS_AND_SID pObjSid
Definition: security.c:83
pInheritedObjectGuid
static POBJECTS_AND_SID GUID GUID * pInheritedObjectGuid
Definition: security.c:83
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
pObjectGuid
static POBJECTS_AND_SID GUID * pObjectGuid
Definition: security.c:83
NULL
#define NULL
Definition: types.h:112
pSid
static PSID pSid
Definition: security.c:74
_OBJECTS_AND_SID::InheritedObjectTypeGuid
GUID InheritedObjectTypeGuid
Definition: accctrl.h:350
_OBJECTS_AND_SID::ObjectsPresent
DWORD ObjectsPresent
Definition: accctrl.h:348
_TRUSTEE_A::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:206

◆ BuildTrusteeWithObjectsAndSidW()

VOID WINAPI BuildTrusteeWithObjectsAndSidW ( PTRUSTEEW  pTrustee,
POBJECTS_AND_SID  pObjSid,
GUID pObjectGuid,
GUID pInheritedObjectGuid,
PSID  pSid 
)

Definition at line 2093 of file security.c.

2098 {
2099  DWORD ObjectsPresent = 0;
2100 
2101  TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2102 
2103  /* Fill the OBJECTS_AND_SID structure */
2104  if (pObjectGuid != NULL)
2105  {
2106  pObjSid->ObjectTypeGuid = *pObjectGuid;
2107  ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2108  }
2109  else
2110  {
2111  ZeroMemory(&pObjSid->ObjectTypeGuid,
2112  sizeof(GUID));
2113  }
2114 
2115  if (pInheritedObjectGuid != NULL)
2116  {
2117  pObjSid->InheritedObjectTypeGuid = *pInheritedObjectGuid;
2118  ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2119  }
2120  else
2121  {
2122  ZeroMemory(&pObjSid->InheritedObjectTypeGuid,
2123  sizeof(GUID));
2124  }
2125 
2126  pObjSid->ObjectsPresent = ObjectsPresent;
2127  pObjSid->pSid = pSid;
2128 
2129  /* Fill the TRUSTEE structure */
2130  pTrustee->pMultipleTrustee = NULL;
2131  pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2132  pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2133  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2134  pTrustee->ptstrName = (LPWSTR) pObjSid;
2135 }
_OBJECTS_AND_SID::ObjectTypeGuid
GUID ObjectTypeGuid
Definition: accctrl.h:349
ACE_OBJECT_TYPE_PRESENT
#define ACE_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:106
_TRUSTEE_W::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:215
_OBJECTS_AND_SID::pSid
SID * pSid
Definition: accctrl.h:351
ZeroMemory
#define ZeroMemory
Definition: winbase.h:1670
_TRUSTEE_W::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:216
ACE_INHERITED_OBJECT_TYPE_PRESENT
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
Definition: winnt_old.h:107
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
pObjSid
static POBJECTS_AND_SID pObjSid
Definition: security.c:83
pInheritedObjectGuid
static POBJECTS_AND_SID GUID GUID * pInheritedObjectGuid
Definition: security.c:83
_TRUSTEE_W::pMultipleTrustee
struct _TRUSTEE_W * pMultipleTrustee
Definition: accctrl.h:213
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
_TRUSTEE_W::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:214
_TRUSTEE_W::ptstrName
LPWSTR ptstrName
Definition: accctrl.h:217
pObjectGuid
static POBJECTS_AND_SID GUID * pObjectGuid
Definition: security.c:83
NULL
#define NULL
Definition: types.h:112
pSid
static PSID pSid
Definition: security.c:74
_OBJECTS_AND_SID::InheritedObjectTypeGuid
GUID InheritedObjectTypeGuid
Definition: accctrl.h:350
_OBJECTS_AND_SID::ObjectsPresent
DWORD ObjectsPresent
Definition: accctrl.h:348
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

◆ BuildTrusteeWithSidA()

VOID WINAPI BuildTrusteeWithSidA ( PTRUSTEE_A  pTrustee,
PSID  pSid 
)

Definition at line 2141 of file security.c.

2143 {
2144  TRACE("%p %p\n", pTrustee, pSid);
2145 
2146  pTrustee->pMultipleTrustee = NULL;
2147  pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2148  pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2149  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2150  pTrustee->ptstrName = (LPSTR) pSid;
2151 }
_TRUSTEE_A::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:207
_TRUSTEE_A::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:205
LPSTR
static LPSTR(WINAPI *pGetTrusteeNameA)(PTRUSTEEA pTrustee)
_TRUSTEE_A::pMultipleTrustee
struct _TRUSTEE_A * pMultipleTrustee
Definition: accctrl.h:204
_TRUSTEE_A::ptstrName
LPSTR ptstrName
Definition: accctrl.h:208
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
NULL
#define NULL
Definition: types.h:112
pSid
static PSID pSid
Definition: security.c:74
_TRUSTEE_A::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:206

◆ BuildTrusteeWithSidW()

VOID WINAPI BuildTrusteeWithSidW ( PTRUSTEE_W  pTrustee,
PSID  pSid 
)

Definition at line 2158 of file security.c.

2160 {
2161  TRACE("%p %p\n", pTrustee, pSid);
2162 
2163  pTrustee->pMultipleTrustee = NULL;
2164  pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2165  pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2166  pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2167  pTrustee->ptstrName = (LPWSTR) pSid;
2168 }
_TRUSTEE_W::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:215
_TRUSTEE_W::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:216
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_TRUSTEE_W::pMultipleTrustee
struct _TRUSTEE_W * pMultipleTrustee
Definition: accctrl.h:213
_TRUSTEE_W::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:214
_TRUSTEE_W::ptstrName
LPWSTR ptstrName
Definition: accctrl.h:217
NULL
#define NULL
Definition: types.h:112
pSid
static PSID pSid
Definition: security.c:74
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

◆ ComputeStringSidSize()

static DWORD ComputeStringSidSize ( LPCWSTR  StringSid)
static

Definition at line 3677 of file security.c.

3678 {
3679  if (StringSid[0] == 'S' && StringSid[1] == '-') /* S-R-I(-S)+ */
3680  {
3681  int ctok = 0;
3682  while (*StringSid)
3683  {
3684  if (*StringSid == '-')
3685  ctok++;
3686  StringSid++;
3687  }
3688 
3689  if (ctok >= 3)
3690  return GetSidLengthRequired(ctok - 2);
3691  }
3692  else /* String constant format - Only available in winxp and above */
3693  {
3694  unsigned int i;
3695 
3696  for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++)
3697  if (!strncmpW(WellKnownSids[i].wstr, StringSid, 2))
3698  return GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount);
3699 
3700  for (i = 0; i < sizeof(WellKnownRids)/sizeof(WellKnownRids[0]); i++)
3701  if (!strncmpW(WellKnownRids[i].wstr, StringSid, 2))
3702  {
3703  MAX_SID local;
3704  ADVAPI_GetComputerSid(&local);
3705  return GetSidLengthRequired(*GetSidSubAuthorityCount(&local) + 1);
3706  }
3707 
3708  }
3709 
3710  return GetSidLengthRequired(0);
3711 }
_MAX_SID
Definition: security.c:31
WellKnownSids
static const WELLKNOWNSID WellKnownSids[]
Definition: security.c:47
GetSidLengthRequired
DWORD WINAPI GetSidLengthRequired(UCHAR nSubAuthorityCount)
Definition: security.c:854
strncmpW
WINE_UNICODE_INLINE int strncmpW(const WCHAR *str1, const WCHAR *str2, int n)
Definition: unicode.h:235
ADVAPI_GetComputerSid
BOOL ADVAPI_GetComputerSid(PSID sid)
Definition: security.c:275
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1130
GetSidSubAuthorityCount
PUCHAR WINAPI GetSidSubAuthorityCount(PSID pSid)
Definition: security.c:910
local
#define local
Definition: zutil.h:30
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
WellKnownRids
static const WELLKNOWNRID WellKnownRids[]
Definition: security.c:111

Referenced by ParseStringSidToSid().

◆ ConvertSecurityDescriptorToStringSecurityDescriptorA()

BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorA ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
DWORD  SDRevision,
SECURITY_INFORMATION  Information,
LPSTR OutputString,
PULONG  OutputLen 
)

Definition at line 3298 of file security.c.

3299 {
3300  LPWSTR wstr;
3301  ULONG len;
3302  if (ConvertSecurityDescriptorToStringSecurityDescriptorW(SecurityDescriptor, SDRevision, Information, &wstr, &len))
3303  {
3304  int lenA;
3305 
3306  lenA = WideCharToMultiByte(CP_ACP, 0, wstr, len, NULL, 0, NULL, NULL);
3307  *OutputString = heap_alloc(lenA);
3308 #ifdef __REACTOS__
3309  if (*OutputString == NULL)
3310  {
3311  LocalFree(wstr);
3312  *OutputLen = 0;
3313  return FALSE;
3314  }
3315 #endif
3316  WideCharToMultiByte(CP_ACP, 0, wstr, len, *OutputString, lenA, NULL, NULL);
3317  LocalFree(wstr);
3318 
3319  if (OutputLen != NULL)
3320  *OutputLen = lenA;
3321  return TRUE;
3322  }
3323  else
3324  {
3325  *OutputString = NULL;
3326  if (OutputLen)
3327  *OutputLen = 0;
3328  return FALSE;
3329  }
3330 }
WideCharToMultiByte
#define WideCharToMultiByte
Definition: compat.h:111
TRUE
#define TRUE
Definition: types.h:120
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
CP_ACP
#define CP_ACP
Definition: compat.h:109
ConvertSecurityDescriptorToStringSecurityDescriptorW
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorW(PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION RequestedInformation, LPWSTR *OutputString, PULONG OutputLen)
Definition: security.c:3234
Information
_In_ WDFREQUEST _In_ NTSTATUS _In_ ULONG_PTR Information
Definition: wdfrequest.h:1044
heap_alloc
static void * heap_alloc(size_t len)
Definition: appwiz.h:65
FALSE
#define FALSE
Definition: types.h:117
len
GLenum GLsizei len
Definition: glext.h:6722
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
NULL
#define NULL
Definition: types.h:112
ULONG
unsigned int ULONG
Definition: retypes.h:1
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

◆ ConvertSecurityDescriptorToStringSecurityDescriptorW()

BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorW ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
DWORD  SDRevision,
SECURITY_INFORMATION  RequestedInformation,
LPWSTR OutputString,
PULONG  OutputLen 
)

Definition at line 3234 of file security.c.

3235 {
3236  ULONG len;
3237  WCHAR *wptr, *wstr;
3238 
3239  if (SDRevision != SDDL_REVISION_1)
3240  {
3241  ERR("Program requested unknown SDDL revision %d\n", SDRevision);
3242  SetLastError(ERROR_UNKNOWN_REVISION);
3243  return FALSE;
3244  }
3245 
3246  len = 0;
3247  if (RequestedInformation & OWNER_SECURITY_INFORMATION)
3248  if (!DumpOwner(SecurityDescriptor, NULL, &len))
3249  return FALSE;
3250  if (RequestedInformation & GROUP_SECURITY_INFORMATION)
3251  if (!DumpGroup(SecurityDescriptor, NULL, &len))
3252  return FALSE;
3253  if (RequestedInformation & DACL_SECURITY_INFORMATION)
3254  if (!DumpDacl(SecurityDescriptor, NULL, &len))
3255  return FALSE;
3256  if (RequestedInformation & SACL_SECURITY_INFORMATION)
3257  if (!DumpSacl(SecurityDescriptor, NULL, &len))
3258  return FALSE;
3259 
3260  wstr = wptr = LocalAlloc(0, (len + 1)*sizeof(WCHAR));
3261 #ifdef __REACTOS__
3262  if (wstr == NULL)
3263  return FALSE;
3264 #endif
3265 
3266  if (RequestedInformation & OWNER_SECURITY_INFORMATION)
3267  if (!DumpOwner(SecurityDescriptor, &wptr, NULL)) {
3268  LocalFree (wstr);
3269  return FALSE;
3270  }
3271  if (RequestedInformation & GROUP_SECURITY_INFORMATION)
3272  if (!DumpGroup(SecurityDescriptor, &wptr, NULL)) {
3273  LocalFree (wstr);
3274  return FALSE;
3275  }
3276  if (RequestedInformation & DACL_SECURITY_INFORMATION)
3277  if (!DumpDacl(SecurityDescriptor, &wptr, NULL)) {
3278  LocalFree (wstr);
3279  return FALSE;
3280  }
3281  if (RequestedInformation & SACL_SECURITY_INFORMATION)
3282  if (!DumpSacl(SecurityDescriptor, &wptr, NULL)) {
3283  LocalFree (wstr);
3284  return FALSE;
3285  }
3286  *wptr = 0;
3287 
3288  TRACE("ret: %s, %d\n", wine_dbgstr_w(wstr), len);
3289  *OutputString = wstr;
3290  if (OutputLen)
3291  *OutputLen = strlenW(*OutputString)+1;
3292  return TRUE;
3293 }
strlenW
WINE_UNICODE_INLINE unsigned int strlenW(const WCHAR *str)
Definition: unicode.h:212
DumpOwner
static BOOL DumpOwner(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3149
TRUE
#define TRUE
Definition: types.h:120
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
wine_dbgstr_w
char * wine_dbgstr_w(const wchar_t *wstr)
Definition: atltest.h:87
DumpSacl
static BOOL DumpSacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3208
GROUP_SECURITY_INFORMATION
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
FALSE
#define FALSE
Definition: types.h:117
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
SACL_SECURITY_INFORMATION
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126
SetLastError
#define SetLastError(x)
Definition: compat.h:752
DumpDacl
static BOOL DumpDacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3185
len
GLenum GLsizei len
Definition: glext.h:6722
ERR
#define ERR(fmt,...)
Definition: debug.h:110
ERROR_UNKNOWN_REVISION
#define ERROR_UNKNOWN_REVISION
Definition: winerror.h:787
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
OWNER_SECURITY_INFORMATION
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
NULL
#define NULL
Definition: types.h:112
ULONG
unsigned int ULONG
Definition: retypes.h:1
LocalAlloc
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373
DumpGroup
static BOOL DumpGroup(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3167
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
SDDL_REVISION_1
#define SDDL_REVISION_1
Definition: sddl.h:30

Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorA().

◆ ConvertSidToStringSidA()

BOOL WINAPI ConvertSidToStringSidA ( PSID  Sid,
LPSTR StringSid 
)

Definition at line 3436 of file security.c.

3438 {
3439  LPWSTR StringSidW;
3440  int Len;
3441 
3442  if (!ConvertSidToStringSidW(Sid, &StringSidW))
3443  {
3444  return FALSE;
3445  }
3446 
3447  Len = WideCharToMultiByte(CP_ACP, 0, StringSidW, -1, NULL, 0, NULL, NULL);
3448  if (Len <= 0)
3449  {
3450  LocalFree(StringSidW);
3451  SetLastError(ERROR_NOT_ENOUGH_MEMORY);
3452  return FALSE;
3453  }
3454 
3455  *StringSid = LocalAlloc(LMEM_FIXED, Len);
3456  if (NULL == *StringSid)
3457  {
3458  LocalFree(StringSidW);
3459  SetLastError(ERROR_NOT_ENOUGH_MEMORY);
3460  return FALSE;
3461  }
3462 
3463  if (!WideCharToMultiByte(CP_ACP, 0, StringSidW, -1, *StringSid, Len, NULL, NULL))
3464  {
3465  LocalFree(StringSid);
3466  LocalFree(StringSidW);
3467  return FALSE;
3468  }
3469 
3470  LocalFree(StringSidW);
3471 
3472  return TRUE;
3473 }
WideCharToMultiByte
#define WideCharToMultiByte
Definition: compat.h:111
TRUE
#define TRUE
Definition: types.h:120
CP_ACP
#define CP_ACP
Definition: compat.h:109
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
ConvertSidToStringSidW
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3382
FALSE
#define FALSE
Definition: types.h:117
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1130
LMEM_FIXED
#define LMEM_FIXED
Definition: winbase.h:368
Len
#define Len
Definition: deflate.h:82
SetLastError
#define SetLastError(x)
Definition: compat.h:752
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
NULL
#define NULL
Definition: types.h:112
LocalAlloc
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

Referenced by debugstr_sid(), get_user_sid(), map_name_2_sid(), test_CreateWellKnownSid(), test_LookupAccountSid(), test_lsa(), test_sid(), test_sid_str(), test_token_attr(), and test_token_label().

◆ ConvertSidToStringSidW()

BOOL WINAPI ConvertSidToStringSidW ( PSID  Sid,
LPWSTR StringSid 
)

Definition at line 3382 of file security.c.

3384 {
3385  NTSTATUS Status;
3386  UNICODE_STRING UnicodeString;
3387  WCHAR FixedBuffer[64];
3388 
3389  if (!RtlValidSid(Sid))
3390  {
3391  SetLastError(ERROR_INVALID_SID);
3392  return FALSE;
3393  }
3394 
3395  UnicodeString.Length = 0;
3396  UnicodeString.MaximumLength = sizeof(FixedBuffer);
3397  UnicodeString.Buffer = FixedBuffer;
3398  Status = RtlConvertSidToUnicodeString(&UnicodeString, Sid, FALSE);
3399  if (STATUS_BUFFER_TOO_SMALL == Status)
3400  {
3401  Status = RtlConvertSidToUnicodeString(&UnicodeString, Sid, TRUE);
3402  }
3403 
3404  if (!NT_SUCCESS(Status))
3405  {
3406  SetLastError(RtlNtStatusToDosError(Status));
3407  return FALSE;
3408  }
3409 
3410  *StringSid = LocalAlloc(LMEM_FIXED, UnicodeString.Length + sizeof(WCHAR));
3411  if (NULL == *StringSid)
3412  {
3413  if (UnicodeString.Buffer != FixedBuffer)
3414  {
3415  RtlFreeUnicodeString(&UnicodeString);
3416  }
3417  SetLastError(ERROR_NOT_ENOUGH_MEMORY);
3418  return FALSE;
3419  }
3420 
3421  MoveMemory(*StringSid, UnicodeString.Buffer, UnicodeString.Length);
3422  ZeroMemory((PCHAR) *StringSid + UnicodeString.Length, sizeof(WCHAR));
3423  if (UnicodeString.Buffer != FixedBuffer)
3424  {
3425  RtlFreeUnicodeString(&UnicodeString);
3426  }
3427 
3428  return TRUE;
3429 }
PCHAR
signed char * PCHAR
Definition: retypes.h:7
TRUE
#define TRUE
Definition: types.h:120
ERROR_INVALID_SID
#define ERROR_INVALID_SID
Definition: winerror.h:819
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
ZeroMemory
#define ZeroMemory
Definition: winbase.h:1670
UnicodeString
WDF_EXTERN_C_START typedef _Must_inspect_result_ _In_opt_ PCUNICODE_STRING UnicodeString
Definition: wdfstring.h:64
MoveMemory
#define MoveMemory
Definition: winbase.h:1667
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1130
RtlValidSid
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21
LMEM_FIXED
#define LMEM_FIXED
Definition: winbase.h:368
Status
Status
Definition: gdiplustypes.h:24
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
RtlFreeUnicodeString
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
SetLastError
#define SetLastError(x)
Definition: compat.h:752
RtlConvertSidToUnicodeString
NTSYSAPI NTSTATUS NTAPI RtlConvertSidToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PVOID Sid, IN BOOLEAN AllocateDestinationString)
_UNICODE_STRING
Definition: env_spec_w32.h:368
NULL
#define NULL
Definition: types.h:112
LocalAlloc
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373

Referenced by _GetUserSidStringFromToken(), AddUserProfiles(), ConvertSidToStringSidA(), CreateUserProfileExW(), get_user_sid(), GetEventUserName(), GetPrincipalDisplayString(), LsapGetDomainInfo(), LsapLookupAccountDomainSids(), LsapLookupBuiltinDomainSids(), LsapLookupWellKnownSids(), MsiSourceListAddSourceW(), RecycleBin5_Constructor(), SampAddMemberToAlias(), SampRemoveMemberFromAlias(), SampRemoveMemberFromAllAliases(), SampSetupAddMemberToAlias(), set_user_sid_prop(), START_TEST(), UpdatePrincipalInfo(), WhoamiGroups(), WhoamiLogonId(), and WhoamiUser().

◆ ConvertStringSecurityDescriptorToSecurityDescriptorA()

BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA ( LPCSTR  StringSecurityDescriptor,
DWORD  StringSDRevision,
PSECURITY_DESCRIPTOR SecurityDescriptor,
PULONG  SecurityDescriptorSize 
)

Definition at line 2831 of file security.c.

2835 {
2836  UINT len;
2837  BOOL ret = FALSE;
2838  LPWSTR StringSecurityDescriptorW;
2839 
2840  len = MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, NULL, 0);
2841  StringSecurityDescriptorW = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
2842 
2843  if (StringSecurityDescriptorW)
2844  {
2845  MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, StringSecurityDescriptorW, len);
2846 
2847  ret = ConvertStringSecurityDescriptorToSecurityDescriptorW(StringSecurityDescriptorW,
2848  StringSDRevision, SecurityDescriptor,
2849  SecurityDescriptorSize);
2850  HeapFree(GetProcessHeap(), 0, StringSecurityDescriptorW);
2851  }
2852 
2853  return ret;
2854 }
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
CP_ACP
#define CP_ACP
Definition: compat.h:109
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:736
HeapAlloc
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
ret
int ret
Definition: wcstombs-tests.c:31
len
GLenum GLsizei len
Definition: glext.h:6722
UINT
unsigned int UINT
Definition: ndis.h:50
NULL
#define NULL
Definition: types.h:112
MultiByteToWideChar
#define MultiByteToWideChar
Definition: compat.h:110
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:735
ConvertStringSecurityDescriptorToSecurityDescriptorW
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW(LPCWSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize)
Definition: security.c:2861

Referenced by test_profile_directory_readonly().

◆ ConvertStringSecurityDescriptorToSecurityDescriptorW()

BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW ( LPCWSTR  StringSecurityDescriptor,
DWORD  StringSDRevision,
PSECURITY_DESCRIPTOR SecurityDescriptor,
PULONG  SecurityDescriptorSize 
)

Definition at line 2861 of file security.c.

2865 {
2866  DWORD cBytes;
2867  SECURITY_DESCRIPTOR* psd;
2868  BOOL bret = FALSE;
2869 
2870  TRACE("%s\n", debugstr_w(StringSecurityDescriptor));
2871 
2872  if (GetVersion() & 0x80000000)
2873  {
2874  SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2875  goto lend;
2876  }
2877  else if (!StringSecurityDescriptor || !SecurityDescriptor)
2878  {
2879  SetLastError(ERROR_INVALID_PARAMETER);
2880  goto lend;
2881  }
2882  else if (StringSDRevision != SID_REVISION)
2883  {
2884  SetLastError(ERROR_UNKNOWN_REVISION);
2885  goto lend;
2886  }
2887 
2888  /* Compute security descriptor length */
2889  if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2890  NULL, &cBytes))
2891  goto lend;
2892 
2893  psd = *SecurityDescriptor = LocalAlloc(GMEM_ZEROINIT, cBytes);
2894  if (!psd) goto lend;
2895 
2896  psd->Revision = SID_REVISION;
2897  psd->Control |= SE_SELF_RELATIVE;
2898 
2899  if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2900  (SECURITY_DESCRIPTOR_RELATIVE *)psd, &cBytes))
2901  {
2902  LocalFree(psd);
2903  goto lend;
2904  }
2905 
2906  if (SecurityDescriptorSize)
2907  *SecurityDescriptorSize = cBytes;
2908 
2909  bret = TRUE;
2910 
2911 lend:
2912  TRACE(" ret=%d\n", bret);
2913  return bret;
2914 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
ParseStringSecurityDescriptorToSecurityDescriptor
static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(LPCWSTR StringSecurityDescriptor, SECURITY_DESCRIPTOR_RELATIVE *SecurityDescriptor, LPDWORD cBytes)
Definition: security.c:2683
SE_SELF_RELATIVE
#define SE_SELF_RELATIVE
Definition: setypes.h:830
_SECURITY_DESCRIPTOR_RELATIVE
Definition: setypes.h:832
TRUE
#define TRUE
Definition: types.h:120
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
SID_REVISION
#define SID_REVISION
Definition: setypes.h:481
GetVersion
DWORD WINAPI GetVersion(VOID)
Definition: version.c:22
_SECURITY_DESCRIPTOR::Control
USHORT Control
Definition: ms-dtyp.idl:304
_SECURITY_DESCRIPTOR::Revision
UCHAR Revision
Definition: ms-dtyp.idl:302
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
debugstr_w
#define debugstr_w
Definition: kernel32.h:32
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
SetLastError
#define SetLastError(x)
Definition: compat.h:752
ERROR_UNKNOWN_REVISION
#define ERROR_UNKNOWN_REVISION
Definition: winerror.h:787
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
NULL
#define NULL
Definition: types.h:112
ERROR_CALL_NOT_IMPLEMENTED
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:102
LocalAlloc
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373
GMEM_ZEROINIT
#define GMEM_ZEROINIT
Definition: winbase.h:306

Referenced by ConvertStringSecurityDescriptorToSecurityDescriptorA(), InstallOneService(), registry_callback(), and SetupQueueCopyIndirectW().

◆ ConvertStringSidToSidA()

BOOL WINAPI ConvertStringSidToSidA ( LPCSTR  StringSid,
PSID Sid 
)

Definition at line 3359 of file security.c.

3360 {
3361  BOOL bret = FALSE;
3362 
3363  TRACE("%s, %p\n", debugstr_a(StringSid), Sid);
3364  if (GetVersion() & 0x80000000)
3365  SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
3366  else if (!StringSid || !Sid)
3367  SetLastError(ERROR_INVALID_PARAMETER);
3368  else
3369  {
3370  WCHAR *wStringSid = SERV_dup(StringSid);
3371  bret = ConvertStringSidToSidW(wStringSid, Sid);
3372  heap_free(wStringSid);
3373  }
3374  return bret;
3375 }
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
ConvertStringSidToSidW
BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID *Sid)
Definition: security.c:3335
GetVersion
DWORD WINAPI GetVersion(VOID)
Definition: version.c:22
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1130
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
debugstr_a
#define debugstr_a
Definition: kernel32.h:31
SetLastError
#define SetLastError(x)
Definition: compat.h:752
SERV_dup
static LPWSTR SERV_dup(LPCSTR str)
Definition: security.c:235
ERROR_CALL_NOT_IMPLEMENTED
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:102
heap_free
static BOOL heap_free(void *mem)
Definition: appwiz.h:75

Referenced by test_LsaLookupSids().

◆ ConvertStringSidToSidW()

BOOL WINAPI ConvertStringSidToSidW ( LPCWSTR  StringSid,
PSID Sid 
)

Definition at line 3335 of file security.c.

3336 {
3337  BOOL bret = FALSE;
3338  DWORD cBytes;
3339 
3340  TRACE("%s, %p\n", debugstr_w(StringSid), Sid);
3341  if (GetVersion() & 0x80000000)
3342  SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
3343  else if (!StringSid || !Sid)
3344  SetLastError(ERROR_INVALID_PARAMETER);
3345  else if (ParseStringSidToSid(StringSid, NULL, &cBytes))
3346  {
3347  PSID pSid = *Sid = LocalAlloc(0, cBytes);
3348 
3349  bret = ParseStringSidToSid(StringSid, pSid, &cBytes);
3350  if (!bret)
3351  LocalFree(*Sid);
3352  }
3353  return bret;
3354 }
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
_SID
Definition: ms-dtyp.idl:198
GetVersion
DWORD WINAPI GetVersion(VOID)
Definition: version.c:22
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
debugstr_w
#define debugstr_w
Definition: kernel32.h:32
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1130
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
SetLastError
#define SetLastError(x)
Definition: compat.h:752
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
NULL
#define NULL
Definition: types.h:112
pSid
static PSID pSid
Definition: security.c:74
ERROR_CALL_NOT_IMPLEMENTED
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:102
ParseStringSidToSid
static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
Definition: security.c:3716
LocalAlloc
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373

Referenced by ConvertStringSidToSidA(), and fill_sid().

◆ CopySid()

BOOL WINAPI CopySid ( DWORD  nDestinationSidLength,
PSID  pDestinationSid,
PSID  pSourceSid 
)

Definition at line 714 of file security.c.

715 {
716  return set_ntstatus(RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid));
717 }
RtlCopySid
NTSYSAPI BOOLEAN WINAPI RtlCopySid(DWORD, PSID, PSID)
set_ntstatus
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:229

Referenced by AccpLookupSidByName(), AccRewriteGetExplicitEntriesFromAcl(), AddPrincipalToList(), AuthzGetInformationFromContext(), AuthzInitializeContextFromSid(), BuildDefaultPrincipalAce(), CachedGetUserFromSid(), CacheLookupResults(), GetUserSid(), LookupAccountNameW(), QueueSidLookup(), ReloadPrincipalsList(), and test_LookupAccountSid().

◆ CreateProcessWithLogonW()

BOOL WINAPI CreateProcessWithLogonW ( _In_ LPCWSTR  lpUsername,
_In_opt_ LPCWSTR  lpDomain,
_In_ LPCWSTR  lpPassword,
_In_ DWORD  dwLogonFlags,
_In_opt_ LPCWSTR  lpApplicationName,
_Inout_opt_ LPWSTR  lpCommandLine,
_In_ DWORD  dwCreationFlags,
_In_opt_ LPVOID  lpEnvironment,
_In_opt_ LPCWSTR  lpCurrentDirectory,
_In_ LPSTARTUPINFOW  lpStartupInfo,
_Out_ LPPROCESS_INFORMATION  lpProcessInformation 
)

Definition at line 3480 of file security.c.

3492 {
3493  LPWSTR pszStringBinding = NULL;
3494  handle_t hBinding = NULL;
3495  SECL_REQUEST Request;
3496  SECL_RESPONSE Response;
3497  RPC_STATUS Status;
3498 
3499  TRACE("CreateProcessWithLogonW(%s %s %s 0x%08x %s %s 0x%08x %p %s %p %p)\n", debugstr_w(lpUsername), debugstr_w(lpDomain),
3500  debugstr_w(lpPassword), dwLogonFlags, debugstr_w(lpApplicationName),
3501  debugstr_w(lpCommandLine), dwCreationFlags, lpEnvironment, debugstr_w(lpCurrentDirectory),
3502  lpStartupInfo, lpProcessInformation);
3503 
3504  Status = RpcStringBindingComposeW(NULL,
3505  L"ncacn_np",
3506  NULL,
3507  L"\\pipe\\seclogon",
3508  NULL,
3509  &pszStringBinding);
3510  if (Status != RPC_S_OK)
3511  {
3512  WARN("RpcStringBindingCompose returned 0x%x\n", Status);
3513  SetLastError(Status);
3514  return FALSE;
3515  }
3516 
3517  /* Set the binding handle that will be used to bind to the server. */
3518  Status = RpcBindingFromStringBindingW(pszStringBinding,
3519  &hBinding);
3520  if (Status != RPC_S_OK)
3521  {
3522  WARN("RpcBindingFromStringBinding returned 0x%x\n", Status);
3523  }
3524 
3525  Status = RpcStringFreeW(&pszStringBinding);
3526  if (Status != RPC_S_OK)
3527  {
3528  WARN("RpcStringFree returned 0x%x\n", Status);
3529  }
3530 
3531  Request.Username = (LPWSTR)lpUsername;
3532  Request.Domain = (LPWSTR)lpDomain;
3533  Request.Password = (LPWSTR)lpPassword;
3534  Request.ApplicationName = (LPWSTR)lpApplicationName;
3535  Request.CommandLine = (LPWSTR)lpCommandLine;
3536  Request.CurrentDirectory = (LPWSTR)lpCurrentDirectory;
3537 
3538  Request.dwLogonFlags = dwLogonFlags;
3539  Request.dwCreationFlags = dwCreationFlags;
3540 
3541  Request.dwProcessId = GetCurrentProcessId();
3542  TRACE("Request.dwProcessId %lu\n", Request.dwProcessId);
3543 
3544  Response.hProcess = 0;
3545  Response.hThread = 0;
3546  Response.dwProcessId = 0;
3547  Response.dwThreadId = 0;
3548  Response.dwError = ERROR_SUCCESS;
3549 
3550  RpcTryExcept
3551  {
3552  SeclCreateProcessWithLogonW(hBinding, &Request, &Response);
3553  }
3554  RpcExcept(EXCEPTION_EXECUTE_HANDLER)
3555  {
3556  WARN("Exception: %lx\n", RpcExceptionCode());
3557  }
3558  RpcEndExcept;
3559 
3560  if (hBinding)
3561  {
3562  Status = RpcBindingFree(&hBinding);
3563  if (Status != RPC_S_OK)
3564  {
3565  WARN("RpcBindingFree returned 0x%x\n", Status);
3566  }
3567 
3568  hBinding = NULL;
3569  }
3570 
3571  TRACE("Response.hProcess %p\n", Response.hProcess);
3572  TRACE("Response.hThread %p\n", Response.hThread);
3573  TRACE("Response.dwProcessId %lu\n", Response.dwProcessId);
3574  TRACE("Response.dwThreadId %lu\n", Response.dwThreadId);
3575  TRACE("Response.dwError %lu\n", Response.dwError);
3576  if (Response.dwError != ERROR_SUCCESS)
3577  SetLastError(Response.dwError);
3578 
3579  TRACE("CreateProcessWithLogonW() done\n");
3580 
3581  return (Response.dwError == ERROR_SUCCESS);
3582 }
RpcBindingFromStringBindingW
RPC_STATUS WINAPI RpcBindingFromStringBindingW(RPC_WSTR StringBinding, RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:880
RpcEndExcept
#define RpcEndExcept
Definition: rpc.h:128
RpcBindingFree
RPC_STATUS WINAPI RpcBindingFree(RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:787
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
hBinding
handle_t hBinding
Definition: ctx_c.c:54
RpcStringFreeW
RPC_STATUS WINAPI RpcStringFreeW(RPC_WSTR *String)
Definition: rpcrt4_main.c:175
WARN
#define WARN(fmt,...)
Definition: debug.h:112
Request
_In_ WDFREQUEST Request
Definition: wdfdevice.h:547
RpcStringBindingComposeW
RPC_STATUS WINAPI RpcStringBindingComposeW(RPC_WSTR ObjUuid, RPC_WSTR Protseq, RPC_WSTR NetworkAddr, RPC_WSTR Endpoint, RPC_WSTR Options, RPC_WSTR *StringBinding)
Definition: rpc_binding.c:510
RPC_STATUS
long RPC_STATUS
Definition: rpc.h:52
L
#define L(x)
Definition: ntvdm.h:50
_SECL_RESPONSE
Definition: seclogon.idl:20
FALSE
#define FALSE
Definition: types.h:117
debugstr_w
#define debugstr_w
Definition: kernel32.h:32
RpcTryExcept
#define RpcTryExcept
Definition: rpc.h:126
Status
Status
Definition: gdiplustypes.h:24
RpcExceptionCode
#define RpcExceptionCode()
Definition: rpc.h:132
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
_SECL_REQUEST
Definition: seclogon.idl:7
SetLastError
#define SetLastError(x)
Definition: compat.h:752
Response
Definition: ncftp.h:89
NULL
#define NULL
Definition: types.h:112
Response
struct Response Response
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184
SeclCreateProcessWithLogonW
VOID __stdcall SeclCreateProcessWithLogonW(_In_ handle_t hBinding, _In_ SECL_REQUEST *pRequest, _Out_ SECL_RESPONSE *pResponse)
Definition: rpcserver.c:57
GetCurrentProcessId
DWORD WINAPI GetCurrentProcessId(VOID)
Definition: proc.c:1158
RPC_S_OK
#define RPC_S_OK
Definition: rpcnterr.h:22
RpcExcept
#define RpcExcept(expr)
Definition: rpc.h:127

Referenced by wmain().

◆ CreateProcessWithTokenW()

BOOL WINAPI CreateProcessWithTokenW ( HANDLE  token,
DWORD  logon_flags,
LPCWSTR  application_name,
LPWSTR  command_line,
DWORD  creation_flags,
void environment,
LPCWSTR  current_directory,
STARTUPINFOW startup_info,
PROCESS_INFORMATION process_information 
)

Definition at line 3584 of file security.c.

3587 {
3588  FIXME("%p 0x%08x %s %s 0x%08x %p %s %p %p - semi-stub\n", token,
3589  logon_flags, debugstr_w(application_name), debugstr_w(command_line),
3590  creation_flags, environment, debugstr_w(current_directory),
3591  startup_info, process_information);
3592 
3593  /* FIXME: check if handles should be inherited */
3594  return CreateProcessW( application_name, command_line, NULL, NULL, FALSE, creation_flags, environment,
3595  current_directory, startup_info, process_information );
3596 }
FALSE
#define FALSE
Definition: types.h:117
token
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat token
Definition: glfuncs.h:210
debugstr_w
#define debugstr_w
Definition: kernel32.h:32
FIXME
#define FIXME(fmt,...)
Definition: debug.h:111
CreateProcessW
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW(LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
Definition: proc.c:4593
NULL
#define NULL
Definition: types.h:112

◆ CreateRestrictedToken()

BOOL WINAPI CreateRestrictedToken ( _In_ HANDLE  ExistingTokenHandle,
_In_ DWORD  Flags,
_In_ DWORD  DisableSidCount,
_In_reads_opt_(DisableSidCount) PSID_AND_ATTRIBUTES  SidsToDisable,
_In_ DWORD  DeletePrivilegeCount,
_In_reads_opt_(DeletePrivilegeCount) PLUID_AND_ATTRIBUTES  PrivilegesToDelete,
_In_ DWORD  RestrictedSidCount,
_In_reads_opt_(RestrictedSidCount) PSID_AND_ATTRIBUTES  SidsToRestrict,
_Outptr_ PHANDLE  NewTokenHandle 
)

Creates a filtered token that is a restricted one of the regular access token. A restricted token can have disabled SIDs, deleted privileges and/or restricted SIDs added.

Parameters
[in]ExistingTokenHandleAn existing handle to a token where it's to be filtered.
[in]FlagsPrivilege flag options. This parameter argument influences how the token is filtered. Such parameter can be 0.
[in]DisableSidCountThe count number of SIDs to disable.
[in]SidsToDisableAn array list with SIDs that have to be disabled in a token.
[in]DeletePrivilegeCountThe count number of privileges to be deleted.
[in]PrivilegesToDeleteAn array list with privileges that have to be deleted in a token.
[in]RestrictedSidCountThe count number of restricted SIDs.
[in]SidsToRestrictAn array list with restricted SIDs to be added into the token. If the token already has restricted SIDs then the array provided by the caller is redundant information alongside with the existing restricted SIDs in the token.
[out]NewTokenHandleThe newly received handle to a restricted (filtered) token. The caller can use such handle to duplicate a new token.
Returns
Returns TRUE if the function has successfully completed the operations, otherwise FALSE is returned to indicate failure. For further details the caller has to invoke GetLastError() API call for extended information about the failure.

Definition at line 535 of file security.c.

545 {
546  NTSTATUS Status;
547  BOOL Success;
548  ULONG Index;
549  PTOKEN_GROUPS DisableSids = NULL;
550  PTOKEN_GROUPS RestrictedSids = NULL;
551  PTOKEN_PRIVILEGES DeletePrivileges = NULL;
552 
553  /*
554  * Capture the elements we're being given from
555  * the caller and allocate the groups and/or
556  * privileges that have to be filtered in
557  * the token.
558  */
559  if (SidsToDisable != NULL)
560  {
561  DisableSids = (PTOKEN_GROUPS)LocalAlloc(LMEM_FIXED, DisableSidCount * sizeof(TOKEN_GROUPS));
562  if (DisableSids == NULL)
563  {
564  /* We failed, bail out */
565  SetLastError(RtlNtStatusToDosError(STATUS_INSUFFICIENT_RESOURCES));
566  return FALSE;
567  }
568 
569  /* Copy the counter and loop the elements to copy the rest */
570  DisableSids->GroupCount = DisableSidCount;
571  for (Index = 0; Index < DisableSidCount; Index++)
572  {
573  DisableSids->Groups[Index].Sid = SidsToDisable[Index].Sid;
574  DisableSids->Groups[Index].Attributes = SidsToDisable[Index].Attributes;
575  }
576  }
577 
578  if (PrivilegesToDelete != NULL)
579  {
580  DeletePrivileges = (PTOKEN_PRIVILEGES)LocalAlloc(LMEM_FIXED, DeletePrivilegeCount * sizeof(TOKEN_PRIVILEGES));
581  if (DeletePrivileges == NULL)
582  {
583  /* We failed, bail out */
584  SetLastError(RtlNtStatusToDosError(STATUS_INSUFFICIENT_RESOURCES));
585  Success = FALSE;
586  goto Cleanup;
587  }
588 
589  /* Copy the counter and loop the elements to copy the rest */
590  DeletePrivileges->PrivilegeCount = DeletePrivilegeCount;
591  for (Index = 0; Index < DeletePrivilegeCount; Index++)
592  {
593  DeletePrivileges->Privileges[Index].Luid = PrivilegesToDelete[Index].Luid;
594  DeletePrivileges->Privileges[Index].Attributes = PrivilegesToDelete[Index].Attributes;
595  }
596  }
597 
598  if (SidsToRestrict != NULL)
599  {
600  RestrictedSids = (PTOKEN_GROUPS)LocalAlloc(LMEM_FIXED, RestrictedSidCount * sizeof(TOKEN_GROUPS));
601  if (RestrictedSids == NULL)
602  {
603  /* We failed, bail out */
604  SetLastError(RtlNtStatusToDosError(STATUS_INSUFFICIENT_RESOURCES));
605  Success = FALSE;
606  goto Cleanup;
607  }
608 
609  /* Copy the counter and loop the elements to copy the rest */
610  RestrictedSids->GroupCount = RestrictedSidCount;
611  for (Index = 0; Index < RestrictedSidCount; Index++)
612  {
613  RestrictedSids->Groups[Index].Sid = SidsToRestrict[Index].Sid;
614  RestrictedSids->Groups[Index].Attributes = SidsToRestrict[Index].Attributes;
615  }
616  }
617 
618  /*
619  * Call the NT API to request a token filtering
620  * operation for us.
621  */
622  Status = NtFilterToken(ExistingTokenHandle,
623  Flags,
624  DisableSids,
625  DeletePrivileges,
626  RestrictedSids,
627  NewTokenHandle);
628  if (!NT_SUCCESS(Status))
629  {
630  /* We failed to do the job, bail out */
631  SetLastError(RtlNtStatusToDosError(Status));
632  Success = FALSE;
633  goto Cleanup;
634  }
635 
636  /* If we reach here then we've successfully filtered the token */
637  Success = TRUE;
638 
639 Cleanup:
640  /* Free whatever we allocated before */
641  if (DisableSids != NULL)
642  {
643  LocalFree(DisableSids);
644  }
645 
646  if (DeletePrivileges != NULL)
647  {
648  LocalFree(DeletePrivileges);
649  }
650 
651  if (RestrictedSids != NULL)
652  {
653  LocalFree(RestrictedSids);
654  }
655 
656  return Success;
657 }
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506
_TOKEN_GROUPS
Definition: setypes.h:1009
_TOKEN_PRIVILEGES
Definition: setypes.h:1018
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NtFilterToken
NTSTATUS NTAPI NtFilterToken(_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle)
Creates an access token in a restricted form from the original existing token, that is,...
Definition: tokenlif.c:2071
_TOKEN_PRIVILEGES::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:1019
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
NewTokenHandle
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE _Out_ PHANDLE NewTokenHandle
Definition: sefuncs.h:401
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
PTOKEN_GROUPS
struct _TOKEN_GROUPS * PTOKEN_GROUPS
LMEM_FIXED
#define LMEM_FIXED
Definition: winbase.h:368
Status
Status
Definition: gdiplustypes.h:24
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:179
SetLastError
#define SetLastError(x)
Definition: compat.h:752
PTOKEN_PRIVILEGES
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES
Cleanup
static const WCHAR Cleanup[]
Definition: register.c:80
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:508
_TOKEN_GROUPS::Groups
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:1014
NULL
#define NULL
Definition: types.h:112
_TOKEN_PRIVILEGES::Privileges
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:1020
_TOKEN_GROUPS::GroupCount
$ULONG GroupCount
Definition: setypes.h:1010
ULONG
unsigned int ULONG
Definition: retypes.h:1
LocalAlloc
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1373
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74

Referenced by test_token_security_descriptor().

◆ CreateWellKnownSid()

BOOL WINAPI CreateWellKnownSid ( IN WELL_KNOWN_SID_TYPE  WellKnownSidType,
IN PSID DomainSid  OPTIONAL,
OUT PSID  pSid,
IN OUT DWORD cbSid 
)

Definition at line 724 of file security.c.

728 {
729  unsigned int i;
730  TRACE("(%d, %s, %p, %p)\n", WellKnownSidType, debugstr_sid(DomainSid), pSid, cbSid);
731 
732  if (cbSid == NULL || (DomainSid && !IsValidSid(DomainSid)))
733  {
734  SetLastError(ERROR_INVALID_PARAMETER);
735  return FALSE;
736  }
737 
738  for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++) {
739  if (WellKnownSids[i].Type == WellKnownSidType) {
740  DWORD length = GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount);
741 
742  if (*cbSid < length)
743  {
744  *cbSid = length;
745  SetLastError(ERROR_INSUFFICIENT_BUFFER);
746  return FALSE;
747  }
748  if (!pSid)
749  {
750  SetLastError(ERROR_INVALID_PARAMETER);
751  return FALSE;
752  }
753  CopyMemory(pSid, &WellKnownSids[i].Sid.Revision, length);
754  *cbSid = length;
755  return TRUE;
756  }
757  }
758 
759  if (DomainSid == NULL || *GetSidSubAuthorityCount(DomainSid) == SID_MAX_SUB_AUTHORITIES)
760  {
761  SetLastError(ERROR_INVALID_PARAMETER);
762  return FALSE;
763  }
764 
765  for (i = 0; i < sizeof(WellKnownRids)/sizeof(WellKnownRids[0]); i++)
766  if (WellKnownRids[i].Type == WellKnownSidType) {
767  UCHAR domain_subauth = *GetSidSubAuthorityCount(DomainSid);
768  DWORD domain_sid_length = GetSidLengthRequired(domain_subauth);
769  DWORD output_sid_length = GetSidLengthRequired(domain_subauth + 1);
770 
771  if (*cbSid < output_sid_length)
772  {
773  *cbSid = output_sid_length;
774  SetLastError(ERROR_INSUFFICIENT_BUFFER);
775  return FALSE;
776  }
777  if (!pSid)
778  {
779  SetLastError(ERROR_INVALID_PARAMETER);
780  return FALSE;
781  }
782  CopyMemory(pSid, DomainSid, domain_sid_length);
783  (*GetSidSubAuthorityCount(pSid))++;
784  (*GetSidSubAuthority(pSid, domain_subauth)) = WellKnownRids[i].Rid;
785  *cbSid = output_sid_length;
786  return TRUE;
787  }
788 
789  SetLastError(ERROR_INVALID_PARAMETER);
790  return FALSE;
791 }
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
TRUE
#define TRUE
Definition: types.h:120
WellKnownSids
static const WELLKNOWNSID WellKnownSids[]
Definition: security.c:47
GetSidLengthRequired
DWORD WINAPI GetSidLengthRequired(UCHAR nSubAuthorityCount)
Definition: security.c:854
GetSidSubAuthority
PDWORD WINAPI GetSidSubAuthority(PSID pSid, DWORD nSubAuthority)
Definition: security.c:898
debugstr_sid
static const char * debugstr_sid(PSID sid)
Definition: security.c:176
FALSE
#define FALSE
Definition: types.h:117
length
GLenum GLuint GLenum GLsizei length
Definition: glext.h:5579
SID_MAX_SUB_AUTHORITIES
#define SID_MAX_SUB_AUTHORITIES
Definition: setypes.h:482
cbSid
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD cbSid
Definition: winbase.h:2729
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1130
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
CopyMemory
#define CopyMemory
Definition: winbase.h:1668
Type
Type
Definition: Type.h:6
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
SetLastError
#define SetLastError(x)
Definition: compat.h:752
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
GetSidSubAuthorityCount
PUCHAR WINAPI GetSidSubAuthorityCount(PSID pSid)
Definition: security.c:910
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
NULL
#define NULL
Definition: types.h:112
pSid
static PSID pSid
Definition: security.c:74
IsValidSid
BOOL WINAPI IsValidSid(PSID pSid)
Definition: security.c:821
_SID::Revision
BYTE Revision
Definition: ms-dtyp.idl:199
WellKnownRids
static const WELLKNOWNRID WellKnownRids[]
Definition: security.c:111
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10

Referenced by create_unknownsid(), get_sd(), test_SystemSecurity(), and well_known_sid().

◆ debugstr_sid()

static const char* debugstr_sid ( PSID  sid)
static

Definition at line 176 of file security.c.

177 {
178  int auth = 0;
179  SID * psid = (SID *)sid;
180 
181  if (psid == NULL)
182  return "(null)";
183 
184  auth = psid->IdentifierAuthority.Value[5] +
185  (psid->IdentifierAuthority.Value[4] << 8) +
186  (psid->IdentifierAuthority.Value[3] << 16) +
187  (psid->IdentifierAuthority.Value[2] << 24);
188 
189  switch (psid->SubAuthorityCount) {
190  case 0:
191  return wine_dbg_sprintf("S-%d-%d", psid->Revision, auth);
192  case 1:
193  return wine_dbg_sprintf("S-%d-%d-%lu", psid->Revision, auth,
194  psid->SubAuthority[0]);
195  case 2:
196  return wine_dbg_sprintf("S-%d-%d-%lu-%lu", psid->Revision, auth,
197  psid->SubAuthority[0], psid->SubAuthority[1]);
198  case 3:
199  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu", psid->Revision, auth,
200  psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2]);
201  case 4:
202  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu", psid->Revision, auth,
203  psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
204  psid->SubAuthority[3]);
205  case 5:
206  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
207  psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
208  psid->SubAuthority[3], psid->SubAuthority[4]);
209  case 6:
210  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
211  psid->SubAuthority[3], psid->SubAuthority[1], psid->SubAuthority[2],
212  psid->SubAuthority[0], psid->SubAuthority[4], psid->SubAuthority[5]);
213  case 7:
214  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
215  psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
216  psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
217  psid->SubAuthority[6]);
218  case 8:
219  return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
220  psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
221  psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
222  psid->SubAuthority[6], psid->SubAuthority[7]);
223  }
224  return "(too-big)";
225 }
_SID_IDENTIFIER_AUTHORITY::Value
BYTE Value[6]
Definition: ms-dtyp.idl:195
_SID
Definition: ms-dtyp.idl:198
sid
FT_UInt sid
Definition: cffcmap.c:139
wine_dbg_sprintf
const char * wine_dbg_sprintf(const char *format,...)
Definition: compat.c:296
_SID::SubAuthority
DWORD SubAuthority[*]
Definition: ms-dtyp.idl:202
_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
NULL
#define NULL
Definition: types.h:112
_SID::IdentifierAuthority
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: ms-dtyp.idl:201
_SID::Revision
BYTE Revision
Definition: ms-dtyp.idl:199

Referenced by CreateWellKnownSid(), and IsWellKnownSid().

◆ DeleteAce()

BOOL WINAPI DeleteAce ( PACL  pAcl,
DWORD  dwAceIndex 
)

Definition at line 1168 of file security.c.

1169 {
1170  return set_ntstatus(RtlDeleteAce(pAcl, dwAceIndex));
1171 }
set_ntstatus
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:229
RtlDeleteAce
NTSYSAPI NTSTATUS NTAPI RtlDeleteAce(PACL Acl, ULONG AceIndex)

◆ DumpAce()

static BOOL DumpAce ( LPVOID  pace,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3059 of file security.c.

3060 {
3061  ACCESS_ALLOWED_ACE *piace; /* all the supported ACEs have the same memory layout */
3062  static const WCHAR openbr = '(';
3063  static const WCHAR closebr = ')';
3064  static const WCHAR semicolon = ';';
3065 
3066  if (((PACE_HEADER)pace)->AceType > SYSTEM_ALARM_ACE_TYPE || ((PACE_HEADER)pace)->AceSize < sizeof(ACCESS_ALLOWED_ACE))
3067  {
3068  SetLastError(ERROR_INVALID_ACL);
3069  return FALSE;
3070  }
3071 
3072  piace = pace;
3073  DumpString(&openbr, 1, pwptr, plen);
3074  switch (piace->Header.AceType)
3075  {
3076  case ACCESS_ALLOWED_ACE_TYPE:
3077  DumpString(SDDL_ACCESS_ALLOWED, -1, pwptr, plen);
3078  break;
3079  case ACCESS_DENIED_ACE_TYPE:
3080  DumpString(SDDL_ACCESS_DENIED, -1, pwptr, plen);
3081  break;
3082  case SYSTEM_AUDIT_ACE_TYPE:
3083  DumpString(SDDL_AUDIT, -1, pwptr, plen);
3084  break;
3085  case SYSTEM_ALARM_ACE_TYPE:
3086  DumpString(SDDL_ALARM, -1, pwptr, plen);
3087  break;
3088  }
3089  DumpString(&semicolon, 1, pwptr, plen);
3090 
3091  if (piace->Header.AceFlags & OBJECT_INHERIT_ACE)
3092  DumpString(SDDL_OBJECT_INHERIT, -1, pwptr, plen);
3093  if (piace->Header.AceFlags & CONTAINER_INHERIT_ACE)
3094  DumpString(SDDL_CONTAINER_INHERIT, -1, pwptr, plen);
3095  if (piace->Header.AceFlags & NO_PROPAGATE_INHERIT_ACE)
3096  DumpString(SDDL_NO_PROPAGATE, -1, pwptr, plen);
3097  if (piace->Header.AceFlags & INHERIT_ONLY_ACE)
3098  DumpString(SDDL_INHERIT_ONLY, -1, pwptr, plen);
3099  if (piace->Header.AceFlags & INHERITED_ACE)
3100  DumpString(SDDL_INHERITED, -1, pwptr, plen);
3101  if (piace->Header.AceFlags & SUCCESSFUL_ACCESS_ACE_FLAG)
3102  DumpString(SDDL_AUDIT_SUCCESS, -1, pwptr, plen);
3103  if (piace->Header.AceFlags & FAILED_ACCESS_ACE_FLAG)
3104  DumpString(SDDL_AUDIT_FAILURE, -1, pwptr, plen);
3105  DumpString(&semicolon, 1, pwptr, plen);
3106  DumpRights(piace->Mask, pwptr, plen);
3107  DumpString(&semicolon, 1, pwptr, plen);
3108  /* objects not supported */
3109  DumpString(&semicolon, 1, pwptr, plen);
3110  /* objects not supported */
3111  DumpString(&semicolon, 1, pwptr, plen);
3112  if (!DumpSid((PSID)&piace->SidStart, pwptr, plen))
3113  return FALSE;
3114  DumpString(&closebr, 1, pwptr, plen);
3115  return TRUE;
3116 }
SDDL_OBJECT_INHERIT
static const WCHAR SDDL_OBJECT_INHERIT[]
Definition: security.c:169
_ACE_HEADER::AceFlags
UCHAR AceFlags
Definition: ms-dtyp.idl:211
_ACCESS_ALLOWED_ACE::SidStart
DWORD SidStart
Definition: ms-dtyp.idl:218
SDDL_INHERITED
static const WCHAR SDDL_INHERITED[]
Definition: security.c:172
_SID
Definition: ms-dtyp.idl:198
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
SDDL_CONTAINER_INHERIT
static const WCHAR SDDL_CONTAINER_INHERIT[]
Definition: security.c:168
TRUE
#define TRUE
Definition: types.h:120
DumpSid
static BOOL DumpSid(PSID psid, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2970
NO_PROPAGATE_INHERIT_ACE
#define NO_PROPAGATE_INHERIT_ACE
Definition: setypes.h:748
_ACCESS_ALLOWED_ACE::Header
ACE_HEADER Header
Definition: ms-dtyp.idl:216
SDDL_NO_PROPAGATE
static const WCHAR SDDL_NO_PROPAGATE[]
Definition: security.c:170
SDDL_ACCESS_ALLOWED
static const WCHAR SDDL_ACCESS_ALLOWED[]
Definition: security.c:138
SUCCESSFUL_ACCESS_ACE_FLAG
#define SUCCESSFUL_ACCESS_ACE_FLAG
Definition: setypes.h:753
FAILED_ACCESS_ACE_FLAG
#define FAILED_ACCESS_ACE_FLAG
Definition: setypes.h:754
SDDL_AUDIT_FAILURE
static const WCHAR SDDL_AUDIT_FAILURE[]
Definition: security.c:174
FALSE
#define FALSE
Definition: types.h:117
_ACE_HEADER
Definition: ms-dtyp.idl:209
CONTAINER_INHERIT_ACE
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:747
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
SDDL_AUDIT
static const WCHAR SDDL_AUDIT[]
Definition: security.c:144
ACCESS_ALLOWED_ACE_TYPE
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:717
DumpRights
static void DumpRights(DWORD mask, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3020
SetLastError
#define SetLastError(x)
Definition: compat.h:752
ACCESS_DENIED_ACE_TYPE
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:718
_ACE_HEADER::AceType
UCHAR AceType
Definition: ms-dtyp.idl:210
SDDL_INHERIT_ONLY
static const WCHAR SDDL_INHERIT_ONLY[]
Definition: security.c:171
SDDL_ALARM
static const WCHAR SDDL_ALARM[]
Definition: security.c:145
AceType
static const ACEFLAG AceType[]
Definition: security.c:2382
SYSTEM_ALARM_ACE_TYPE
#define SYSTEM_ALARM_ACE_TYPE
Definition: setypes.h:720
_ACCESS_ALLOWED_ACE::Mask
ACCESS_MASK Mask
Definition: ms-dtyp.idl:217
INHERITED_ACE
#define INHERITED_ACE
Definition: ph.h:47
DumpString
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
SYSTEM_AUDIT_ACE_TYPE
#define SYSTEM_AUDIT_ACE_TYPE
Definition: setypes.h:719
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:749
OBJECT_INHERIT_ACE
#define OBJECT_INHERIT_ACE
Definition: setypes.h:746
SDDL_ACCESS_DENIED
static const WCHAR SDDL_ACCESS_DENIED[]
Definition: security.c:139
SDDL_AUDIT_SUCCESS
static const WCHAR SDDL_AUDIT_SUCCESS[]
Definition: security.c:173
ERROR_INVALID_ACL
#define ERROR_INVALID_ACL
Definition: winerror.h:818

Referenced by DumpAcl().

◆ DumpAcl()

static BOOL DumpAcl ( PACL  pacl,
WCHAR **  pwptr,
ULONG plen,
BOOL  protected,
BOOL  autoInheritReq,
BOOL  autoInherited 
)
static

Definition at line 3118 of file security.c.

3119 {
3120  WORD count;
3121  int i;
3122 
3123  if (protected)
3124  DumpString(SDDL_PROTECTED, -1, pwptr, plen);
3125  if (autoInheritReq)
3126  DumpString(SDDL_AUTO_INHERIT_REQ, -1, pwptr, plen);
3127  if (autoInherited)
3128  DumpString(SDDL_AUTO_INHERITED, -1, pwptr, plen);
3129 
3130  if (pacl == NULL)
3131  return TRUE;
3132 
3133  if (!IsValidAcl(pacl))
3134  return FALSE;
3135 
3136  count = pacl->AceCount;
3137  for (i = 0; i < count; i++)
3138  {
3139  LPVOID ace;
3140  if (!GetAce(pacl, i, &ace))
3141  return FALSE;
3142  if (!DumpAce(ace, pwptr, plen))
3143  return FALSE;
3144  }
3145 
3146  return TRUE;
3147 }
TRUE
#define TRUE
Definition: types.h:120
SDDL_AUTO_INHERITED
#define SDDL_AUTO_INHERITED
Definition: sddl.h:46
count
GLuint GLuint GLsizei count
Definition: gl.h:1545
IsValidAcl
BOOL WINAPI IsValidAcl(PACL pAcl)
Definition: security.c:1211
_ACL::AceCount
USHORT AceCount
Definition: ms-dtyp.idl:297
FALSE
#define FALSE
Definition: types.h:117
WORD
unsigned short WORD
Definition: ntddk_ex.h:93
SDDL_AUTO_INHERIT_REQ
#define SDDL_AUTO_INHERIT_REQ
Definition: sddl.h:45
DumpAce
static BOOL DumpAce(LPVOID pace, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3059
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
GetAce
BOOL WINAPI GetAce(PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
Definition: security.c:1188
NULL
#define NULL
Definition: types.h:112
DumpString
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
SDDL_PROTECTED
#define SDDL_PROTECTED
Definition: sddl.h:44

Referenced by DumpDacl(), and DumpSacl().

◆ DumpDacl()

static BOOL DumpDacl ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3185 of file security.c.

3186 {
3187  static const WCHAR dacl[] = {'D',':',0};
3188  SECURITY_DESCRIPTOR_CONTROL control;
3189  BOOL present, defaulted;
3190  DWORD revision;
3191  PACL pacl;
3192 
3193  if (!GetSecurityDescriptorDacl(SecurityDescriptor, &present, &pacl, &defaulted))
3194  return FALSE;
3195 
3196  if (!GetSecurityDescriptorControl(SecurityDescriptor, &control, &revision))
3197  return FALSE;
3198 
3199  if (!present)
3200  return TRUE;
3201 
3202  DumpString(dacl, 2, pwptr, plen);
3203  if (!DumpAcl(pacl, pwptr, plen, control & SE_DACL_PROTECTED, control & SE_DACL_AUTO_INHERIT_REQ, control & SE_DACL_AUTO_INHERITED))
3204  return FALSE;
3205  return TRUE;
3206 }
GetSecurityDescriptorControl
BOOL WINAPI GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
Definition: sec.c:21
TRUE
#define TRUE
Definition: types.h:120
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
_ACL
Definition: ms-dtyp.idl:293
SE_DACL_AUTO_INHERITED
#define SE_DACL_AUTO_INHERITED
Definition: setypes.h:825
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
SECURITY_DESCRIPTOR_CONTROL
WORD SECURITY_DESCRIPTOR_CONTROL
Definition: lsa.idl:37
GetSecurityDescriptorDacl
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
Definition: sec.c:45
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
dacl
Definition: security.c:35
SE_DACL_PROTECTED
#define SE_DACL_PROTECTED
Definition: setypes.h:827
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
DumpString
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
SE_DACL_AUTO_INHERIT_REQ
#define SE_DACL_AUTO_INHERIT_REQ
Definition: setypes.h:823
DumpAcl
static BOOL DumpAcl(PACL pacl, WCHAR **pwptr, ULONG *plen, BOOL protected, BOOL autoInheritReq, BOOL autoInherited)
Definition: security.c:3118

Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().

◆ DumpGroup()

static BOOL DumpGroup ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3167 of file security.c.

3168 {
3169  static const WCHAR prefix[] = {'G',':',0};
3170  BOOL bDefaulted;
3171  PSID psid;
3172 
3173  if (!GetSecurityDescriptorGroup(SecurityDescriptor, &psid, &bDefaulted))
3174  return FALSE;
3175 
3176  if (psid == NULL)
3177  return TRUE;
3178 
3179  DumpString(prefix, -1, pwptr, plen);
3180  if (!DumpSid(psid, pwptr, plen))
3181  return FALSE;
3182  return TRUE;
3183 }
_SID
Definition: ms-dtyp.idl:198
TRUE
#define TRUE
Definition: types.h:120
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
DumpSid
static BOOL DumpSid(PSID psid, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2970
GetSecurityDescriptorGroup
BOOL WINAPI GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pGroup, LPBOOL lpbGroupDefaulted)
Definition: sec.c:76
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
NULL
#define NULL
Definition: types.h:112
DumpString
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916

Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().

◆ DumpOwner()

static BOOL DumpOwner ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3149 of file security.c.

3150 {
3151  static const WCHAR prefix[] = {'O',':',0};
3152  BOOL bDefaulted;
3153  PSID psid;
3154 
3155  if (!GetSecurityDescriptorOwner(SecurityDescriptor, &psid, &bDefaulted))
3156  return FALSE;
3157 
3158  if (psid == NULL)
3159  return TRUE;
3160 
3161  DumpString(prefix, -1, pwptr, plen);
3162  if (!DumpSid(psid, pwptr, plen))
3163  return FALSE;
3164  return TRUE;
3165 }
_SID
Definition: ms-dtyp.idl:198
TRUE
#define TRUE
Definition: types.h:120
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
DumpSid
static BOOL DumpSid(PSID psid, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2970
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
GetSecurityDescriptorOwner
BOOL WINAPI GetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pOwner, LPBOOL lpbOwnerDefaulted)
Definition: sec.c:103
NULL
#define NULL
Definition: types.h:112
DumpString
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916

Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().

◆ DumpRights()

static void DumpRights ( DWORD  mask,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3020 of file security.c.

3021 {
3022  static const WCHAR fmtW[] = {'0','x','%','x',0};
3023  WCHAR buf[15];
3024  size_t i;
3025 
3026  if (mask == 0)
3027  return;
3028 
3029  /* first check if the right have name */
3030  for (i = 0; i < sizeof(AceRights)/sizeof(AceRights[0]); i++)
3031  {
3032  if (AceRights[i].wstr == NULL)
3033  break;
3034  if (mask == AceRights[i].value)
3035  {
3036  DumpString(AceRights[i].wstr, -1, pwptr, plen);
3037  return;
3038  }
3039  }
3040 
3041  /* then check if it can be built from bit names */
3042  for (i = 0; i < 32; i++)
3043  {
3044  if ((mask & (1 << i)) && (AceRightBitNames[i] == NULL))
3045  {
3046  /* can't be built from bit names */
3047  sprintfW(buf, fmtW, mask);
3048  DumpString(buf, -1, pwptr, plen);
3049  return;
3050  }
3051  }
3052 
3053  /* build from bit names */
3054  for (i = 0; i < 32; i++)
3055  if (mask & (1 << i))
3056  DumpString(AceRightBitNames[i], -1, pwptr, plen);
3057 }
value
Definition: pdh_main.c:93
buf
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
mask
GLenum GLint GLuint mask
Definition: glext.h:6028
AceRights
static const ACEFLAG AceRights[]
Definition: security.c:2468
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
AceRightBitNames
static const LPCWSTR AceRightBitNames[32]
Definition: security.c:2985
sprintfW
#define sprintfW
Definition: unicode.h:58
NULL
#define NULL
Definition: types.h:112
DumpString
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916

Referenced by DumpAce().

◆ DumpSacl()

static BOOL DumpSacl ( PSECURITY_DESCRIPTOR  SecurityDescriptor,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 3208 of file security.c.

3209 {
3210  static const WCHAR sacl[] = {'S',':',0};
3211  SECURITY_DESCRIPTOR_CONTROL control;
3212  BOOL present, defaulted;
3213  DWORD revision;
3214  PACL pacl;
3215 
3216  if (!GetSecurityDescriptorSacl(SecurityDescriptor, &present, &pacl, &defaulted))
3217  return FALSE;
3218 
3219  if (!GetSecurityDescriptorControl(SecurityDescriptor, &control, &revision))
3220  return FALSE;
3221 
3222  if (!present)
3223  return TRUE;
3224 
3225  DumpString(sacl, 2, pwptr, plen);
3226  if (!DumpAcl(pacl, pwptr, plen, control & SE_SACL_PROTECTED, control & SE_SACL_AUTO_INHERIT_REQ, control & SE_SACL_AUTO_INHERITED))
3227  return FALSE;
3228  return TRUE;
3229 }
GetSecurityDescriptorControl
BOOL WINAPI GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
Definition: sec.c:21
GetSecurityDescriptorSacl
BOOL WINAPI GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbSaclPresent, PACL *pSacl, LPBOOL lpbSaclDefaulted)
Definition: sec.c:146
TRUE
#define TRUE
Definition: types.h:120
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
_ACL
Definition: ms-dtyp.idl:293
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
SECURITY_DESCRIPTOR_CONTROL
WORD SECURITY_DESCRIPTOR_CONTROL
Definition: lsa.idl:37
SE_SACL_AUTO_INHERIT_REQ
#define SE_SACL_AUTO_INHERIT_REQ
Definition: setypes.h:824
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
SE_SACL_PROTECTED
#define SE_SACL_PROTECTED
Definition: setypes.h:828
SE_SACL_AUTO_INHERITED
#define SE_SACL_AUTO_INHERITED
Definition: setypes.h:826
DumpString
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
DumpAcl
static BOOL DumpAcl(PACL pacl, WCHAR **pwptr, ULONG *plen, BOOL protected, BOOL autoInheritReq, BOOL autoInherited)
Definition: security.c:3118

Referenced by ConvertSecurityDescriptorToStringSecurityDescriptorW().

◆ DumpSid()

static BOOL DumpSid ( PSID  psid,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 2970 of file security.c.

2971 {
2972  size_t i;
2973  for (i = 0; i < sizeof(WellKnownSids) / sizeof(WellKnownSids[0]); i++)
2974  {
2975  if (WellKnownSids[i].wstr[0] && EqualSid(psid, (PSID)&(WellKnownSids[i].Sid.Revision)))
2976  {
2977  DumpString(WellKnownSids[i].wstr, 2, pwptr, plen);
2978  return TRUE;
2979  }
2980  }
2981 
2982  return DumpSidNumeric(psid, pwptr, plen);
2983 }
_SID
Definition: ms-dtyp.idl:198
TRUE
#define TRUE
Definition: types.h:120
WellKnownSids
static const WELLKNOWNSID WellKnownSids[]
Definition: security.c:47
EqualSid
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
Definition: security.c:831
DumpSidNumeric
static BOOL DumpSidNumeric(PSID psid, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2931
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1130
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
DumpString
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
_SID::Revision
BYTE Revision
Definition: ms-dtyp.idl:199

Referenced by DumpAce(), DumpGroup(), and DumpOwner().

◆ DumpSidNumeric()

static BOOL DumpSidNumeric ( PSID  psid,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 2931 of file security.c.

2932 {
2933  DWORD i;
2934  WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 };
2935  WCHAR subauthfmt[] = { '-','%','u',0 };
2936  WCHAR buf[26];
2937  SID *pisid = psid;
2938 
2939  if( !IsValidSid( psid ) || pisid->Revision != SDDL_REVISION)
2940  {
2941  SetLastError(ERROR_INVALID_SID);
2942  return FALSE;
2943  }
2944 
2945  if (pisid->IdentifierAuthority.Value[0] ||
2946  pisid->IdentifierAuthority.Value[1])
2947  {
2948  FIXME("not matching MS' bugs\n");
2949  SetLastError(ERROR_INVALID_SID);
2950  return FALSE;
2951  }
2952 
2953  sprintfW( buf, fmt, pisid->Revision,
2954  MAKELONG(
2955  MAKEWORD( pisid->IdentifierAuthority.Value[5],
2956  pisid->IdentifierAuthority.Value[4] ),
2957  MAKEWORD( pisid->IdentifierAuthority.Value[3],
2958  pisid->IdentifierAuthority.Value[2] )
2959  ) );
2960  DumpString(buf, -1, pwptr, plen);
2961 
2962  for( i=0; i<pisid->SubAuthorityCount; i++ )
2963  {
2964  sprintfW( buf, subauthfmt, pisid->SubAuthority[i] );
2965  DumpString(buf, -1, pwptr, plen);
2966  }
2967  return TRUE;
2968 }
_SID_IDENTIFIER_AUTHORITY::Value
BYTE Value[6]
Definition: ms-dtyp.idl:195
_SID
Definition: ms-dtyp.idl:198
MAKEWORD
#define MAKEWORD(a, b)
Definition: typedefs.h:248
TRUE
#define TRUE
Definition: types.h:120
ERROR_INVALID_SID
#define ERROR_INVALID_SID
Definition: winerror.h:819
buf
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
FALSE
#define FALSE
Definition: types.h:117
FIXME
#define FIXME(fmt,...)
Definition: debug.h:111
MAKELONG
#define MAKELONG(a, b)
Definition: typedefs.h:249
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
SetLastError
#define SetLastError(x)
Definition: compat.h:752
_SID::SubAuthority
DWORD SubAuthority[*]
Definition: ms-dtyp.idl:202
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
sprintfW
#define sprintfW
Definition: unicode.h:58
_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
DumpString
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:2916
SDDL_REVISION
#define SDDL_REVISION
Definition: sddl.h:31
IsValidSid
BOOL WINAPI IsValidSid(PSID pSid)
Definition: security.c:821
_SID::IdentifierAuthority
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: ms-dtyp.idl:201
_SID::Revision
BYTE Revision
Definition: ms-dtyp.idl:199
fmt
Definition: dsound.c:943

Referenced by DumpSid().

◆ DumpString()

static void DumpString ( LPCWSTR  string,
int  cch,
WCHAR **  pwptr,
ULONG plen 
)
static

Definition at line 2916 of file security.c.

2917 {
2918  if (cch == -1)
2919  cch = strlenW(string);
2920 
2921  if (plen)
2922  *plen += cch;
2923 
2924  if (pwptr)
2925  {
2926  memcpy(*pwptr, string, sizeof(WCHAR)*cch);
2927  *pwptr += cch;
2928  }
2929 }
strlenW
WINE_UNICODE_INLINE unsigned int strlenW(const WCHAR *str)
Definition: unicode.h:212
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
cch
IN PCTCH IN DWORD cch
Definition: pager.h:36

Referenced by DumpAce(), DumpAcl(), DumpDacl(), DumpGroup(), DumpOwner(), DumpRights(), DumpSacl(), DumpSid(), and DumpSidNumeric().

◆ DuplicateToken()

BOOL WINAPI DuplicateToken ( IN HANDLE  ExistingTokenHandle,
IN SECURITY_IMPERSONATION_LEVEL  ImpersonationLevel,
OUT PHANDLE  DuplicateTokenHandle 
)

Definition at line 3662 of file security.c.

3665 {
3666  return DuplicateTokenEx(ExistingTokenHandle,
3667  TOKEN_IMPERSONATE | TOKEN_QUERY,
3668  NULL,
3669  ImpersonationLevel,
3670  TokenImpersonation,
3671  DuplicateTokenHandle);
3672 }
TOKEN_IMPERSONATE
#define TOKEN_IMPERSONATE
Definition: setypes.h:923
TOKEN_QUERY
#define TOKEN_QUERY
Definition: setypes.h:924
ImpersonationLevel
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:154
DuplicateTokenEx
BOOL WINAPI DuplicateTokenEx(IN HANDLE ExistingTokenHandle, IN DWORD dwDesiredAccess, IN LPSECURITY_ATTRIBUTES lpTokenAttributes OPTIONAL, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, IN TOKEN_TYPE TokenType, OUT PHANDLE DuplicateTokenHandle)
Definition: security.c:3602
NULL
#define NULL
Definition: types.h:112

Referenced by GetDuplicateToken(), test_AccessCheck(), test_CheckTokenMembership(), test_impersonation_level(), test_kernel_objects_security(), and test_token_attr().

◆ DuplicateTokenEx()

BOOL WINAPI DuplicateTokenEx ( IN HANDLE  ExistingTokenHandle,
IN DWORD  dwDesiredAccess,
IN LPSECURITY_ATTRIBUTES lpTokenAttributes  OPTIONAL,
IN SECURITY_IMPERSONATION_LEVEL  ImpersonationLevel,
IN TOKEN_TYPE  TokenType,
OUT PHANDLE  DuplicateTokenHandle 
)

Definition at line 3602 of file security.c.

3608 {
3609  OBJECT_ATTRIBUTES ObjectAttributes;
3610  NTSTATUS Status;
3611  SECURITY_QUALITY_OF_SERVICE Sqos;
3612 
3613  TRACE("%p 0x%08x 0x%08x 0x%08x %p\n", ExistingTokenHandle, dwDesiredAccess,
3614  ImpersonationLevel, TokenType, DuplicateTokenHandle);
3615 
3616  Sqos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
3617  Sqos.ImpersonationLevel = ImpersonationLevel;
3618  Sqos.ContextTrackingMode = 0;
3619  Sqos.EffectiveOnly = FALSE;
3620 
3621  if (lpTokenAttributes != NULL)
3622  {
3623  InitializeObjectAttributes(&ObjectAttributes,
3624  NULL,
3625  lpTokenAttributes->bInheritHandle ? OBJ_INHERIT : 0,
3626  NULL,
3627  lpTokenAttributes->lpSecurityDescriptor);
3628  }
3629  else
3630  {
3631  InitializeObjectAttributes(&ObjectAttributes,
3632  NULL,
3633  0,
3634  NULL,
3635  NULL);
3636  }
3637 
3638  ObjectAttributes.SecurityQualityOfService = &Sqos;
3639 
3640  Status = NtDuplicateToken(ExistingTokenHandle,
3641  dwDesiredAccess,
3642  &ObjectAttributes,
3643  FALSE,
3644  TokenType,
3645  DuplicateTokenHandle);
3646  if (!NT_SUCCESS(Status))
3647  {
3648  ERR("NtDuplicateToken failed: Status %08x\n", Status);
3649  SetLastError(RtlNtStatusToDosError(Status));
3650  return FALSE;
3651  }
3652 
3653  TRACE("Returning token %p.\n", *DuplicateTokenHandle);
3654 
3655  return TRUE;
3656 }
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
TRUE
#define TRUE
Definition: types.h:120
_OBJECT_ATTRIBUTES
Definition: umtypes.h:181
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_SECURITY_QUALITY_OF_SERVICE::ContextTrackingMode
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
FALSE
#define FALSE
Definition: types.h:117
Status
Status
Definition: gdiplustypes.h:24
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
OBJ_INHERIT
#define OBJ_INHERIT
Definition: winternl.h:225
ImpersonationLevel
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:154
SetLastError
#define SetLastError(x)
Definition: compat.h:752
_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63
NtDuplicateToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
Definition: tokenlif.c:1865
_SECURITY_QUALITY_OF_SERVICE::Length
DWORD Length
Definition: lsa.idl:64
ERR
#define ERR(fmt,...)
Definition: debug.h:110
SECURITY_QUALITY_OF_SERVICE
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
_SECURITY_QUALITY_OF_SERVICE::ImpersonationLevel
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
NULL
#define NULL
Definition: types.h:112
_SECURITY_QUALITY_OF_SERVICE::EffectiveOnly
BOOLEAN EffectiveOnly
Definition: lsa.idl:67
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:401

Referenced by CheckTokenMembership(), DuplicateToken(), LaunchProcess(), START_TEST(), test_CreateRestrictedToken(), test_token_security_descriptor(), and WlxStartApplication().

◆ EqualDomainSid()

BOOL WINAPI EqualDomainSid ( IN PSID  pSid1,
IN PSID  pSid2,
OUT BOOL pfEqual 
)

Definition at line 3927 of file security.c.

3930 {
3931  UNIMPLEMENTED;
3932  return FALSE;
3933 }
FALSE
#define FALSE
Definition: types.h:117
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: debug.h:115

◆ EqualPrefixSid()

BOOL WINAPI EqualPrefixSid ( PSID  pSid1,
PSID  pSid2 
)

Definition at line 843 of file security.c.

845 {
846  return RtlEqualPrefixSid (pSid1, pSid2);
847 }
RtlEqualPrefixSid
NTSYSAPI BOOLEAN NTAPI RtlEqualPrefixSid(PSID Sid1, PSID Sid2)

Referenced by test_process_security().

◆ EqualSid()

BOOL WINAPI EqualSid ( PSID  pSid1,
PSID  pSid2 
)

Definition at line 831 of file security.c.

833 {
834  SetLastError(ERROR_SUCCESS);
835  return RtlEqualSid (pSid1, pSid2);
836 }
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
SetLastError
#define SetLastError(x)
Definition: compat.h:752
RtlEqualSid
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)

Referenced by _test_group(), CachedGetUserFromSid(), check_wellknown_name(), CheckForGuestsAndAdmins(), DequeueSidLookup(), DumpSid(), FindSidInCache(), FindSidInPrincipalsListAddAce(), GetEventUserName(), is_token_admin(), IsNTAdmin(), IsUserAdmin(), IsWellKnownSid(), LsapSetTokenOwner(), map_nfs4ace_who(), PrintSid(), QueueSidLookup(), RunningAsSYSTEM(), test_AddMandatoryAce(), test_child_token_sd(), test_child_token_sd_medium(), test_child_token_sd_restricted(), test_CreateRestrictedToken(), test_default_dacl_owner_sid(), test_EqualSid(), test_GetExplicitEntriesFromAclW(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_GetWindowsAccountDomainSid(), test_group_equal(), test_inherited_dacl(), test_owner_equal(), test_SystemSecurity(), test_token_label(), test_token_security_descriptor(), test_TokenIntegrityLevel(), and UpdatePrincipalInfo().

◆ FindFirstFreeAce()

BOOL WINAPI FindFirstFreeAce ( PACL  pAcl,
LPVOID pAce 
)

Definition at line 1178 of file security.c.

1180 {
1181  return RtlFirstFreeAce(pAcl,
1182  (PACE*)pAce);
1183 }
RtlFirstFreeAce
NTSYSAPI BOOLEAN NTAPI RtlFirstFreeAce(PACL Acl, PACE *Ace)
_ACE
Definition: rtltypes.h:992

◆ FreeSid()

PVOID WINAPI FreeSid ( PSID  pSid)

Definition at line 700 of file security.c.

701 {
702  return RtlFreeSid(pSid);
703 }
RtlFreeSid
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
pSid
static PSID pSid
Definition: security.c:74

Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), check_wellknown_name(), CheckForGuestsAndAdmins(), CreateApplicationDesktopSecurity(), CreateDefaultProcessSecurityCommon(), CreateDefaultSecurityDescriptor(), CreateDhcpPipeSecurity(), CreatePnpInstallEventSecurity(), CreatePowrProfSemaphoreSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), CreateWinstaSecurity(), GetShellSecurityDescriptor(), is_process_limited(), is_token_admin(), IsNTAdmin(), IsUserAdmin(), PerfDataUninitialize(), pSetupIsUserAdmin(), SHTestTokenMembership(), test_AccessCheck(), test_AddMandatoryAce(), test_CreateWellKnownSid(), test_EqualSid(), test_GetExplicitEntriesFromAclW(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_LookupAccountSid(), test_LsaLookupSids(), test_process_security(), test_reg_create_key(), test_reg_open_key(), test_SetEntriesInAclA(), test_SetEntriesInAclW(), test_sid(), and test_trustee().

◆ GetAce()

BOOL WINAPI GetAce ( PACL  pAcl,
DWORD  dwAceIndex,
LPVOID pAce 
)

Definition at line 1188 of file security.c.

1189 {
1190  return set_ntstatus(RtlGetAce(pAcl, dwAceIndex, pAce));
1191 }
RtlGetAce
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
set_ntstatus
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:229

Referenced by AccRewriteGetExplicitEntriesFromAcl(), AccRewriteSetEntriesInAcl(), DumpAcl(), CSecurityDescriptor::GetDACLEntry(), CSecurityDescriptor::GetSACLEntry(), map_dacl_2_nfs4acl(), PrintFileDacl(), ReloadPrincipalsList(), and test_GetShellSecurityDescriptor().

◆ GetAclInformation()

BOOL WINAPI GetAclInformation ( PACL  pAcl,
LPVOID  pAclInformation,
DWORD  nAclInformationLength,
ACL_INFORMATION_CLASS  dwAclInformationClass 
)

Definition at line 1196 of file security.c.

1201 {
1202  return set_ntstatus(RtlQueryInformationAcl(pAcl, pAclInformation,
1203  nAclInformationLength, dwAclInformationClass));
1204 }
RtlQueryInformationAcl
NTSYSAPI NTSTATUS WINAPI RtlQueryInformationAcl(PACL, LPVOID, DWORD, ACL_INFORMATION_CLASS)
set_ntstatus
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:229

Referenced by AccRewriteSetEntriesInAcl(), CSecurityDescriptor::GetDACLEntriesCount(), CSecurityDescriptor::GetSACLEntriesCount(), and test_GetShellSecurityDescriptor().

◆ GetFileSecurityA()

BOOL WINAPI GetFileSecurityA ( LPCSTR  lpFileName,
SECURITY_INFORMATION  RequestedInformation,
PSECURITY_DESCRIPTOR  pSecurityDescriptor,
DWORD  nLength,
LPDWORD  lpnLengthNeeded 
)

Definition at line 1375 of file security.c.

1380 {
1381  UNICODE_STRING FileName;
1382  BOOL bResult;
1383 
1384  if (!RtlCreateUnicodeStringFromAsciiz(&FileName, lpFileName))
1385  {
1386  SetLastError(ERROR_NOT_ENOUGH_MEMORY);
1387  return FALSE;
1388  }
1389 
1390  bResult = GetFileSecurityW(FileName.Buffer,
1391  RequestedInformation,
1392  pSecurityDescriptor,
1393  nLength,
1394  lpnLengthNeeded);
1395 
1396  RtlFreeUnicodeString(&FileName);
1397 
1398  return bResult;
1399 }
nLength
_In_ DWORD nLength
Definition: wincon.h:473
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h