ReactOS 0.4.16-dev-1515-g853b446
security.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS system libraries
3 * LICENSE: See COPYING in the top level directory
4 * WINE COPYRIGHT:
5 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
6 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
7 * Copyright 2006 Robert Reif
8 * Copyright 2006 Hervé Poussineau
9 */
10
11#include <advapi32.h>
12
13#include <sddl.h>
14
15WINE_DEFAULT_DEBUG_CHANNEL(advapi);
16
17static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes);
18#ifdef __REACTOS__
19VOID WINAPI QuerySecurityAccessMask(SECURITY_INFORMATION,LPDWORD);
20VOID WINAPI SetSecurityAccessMask(SECURITY_INFORMATION,LPDWORD);
21#endif
22
23typedef struct _ACEFLAG
24{
25 LPCWSTR wstr;
26 DWORD value;
27} ACEFLAG, *LPACEFLAG;
28
29typedef struct _MAX_SID
30{
31 /* same fields as struct _SID */
32 BYTE Revision;
33 BYTE SubAuthorityCount;
34 SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
35 DWORD SubAuthority[SID_MAX_SUB_AUTHORITIES];
36} MAX_SID;
37
38typedef struct WELLKNOWNSID
39{
40 WCHAR wstr[2];
41 WELL_KNOWN_SID_TYPE Type;
42 MAX_SID Sid;
43} WELLKNOWNSID;
44
45static const WELLKNOWNSID WellKnownSids[] =
46{
47 { {0,0}, WinNullSid, { SID_REVISION, 1, { SECURITY_NULL_SID_AUTHORITY }, { SECURITY_NULL_RID } } },
48 { {'W','D'}, WinWorldSid, { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY }, { SECURITY_WORLD_RID } } },
49 { {0,0}, WinLocalSid, { SID_REVISION, 1, { SECURITY_LOCAL_SID_AUTHORITY }, { SECURITY_LOCAL_RID } } },
50 { {'C','O'}, WinCreatorOwnerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_RID } } },
51 { {'C','G'}, WinCreatorGroupSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_RID } } },
52 { {0,0}, WinCreatorOwnerServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_SERVER_RID } } },
53 { {0,0}, WinCreatorGroupServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_SERVER_RID } } },
54 { {0,0}, WinNtAuthoritySid, { SID_REVISION, 0, { SECURITY_NT_AUTHORITY }, { SECURITY_NULL_RID } } },
55 { {0,0}, WinDialupSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_DIALUP_RID } } },
56 { {'N','U'}, WinNetworkSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_RID } } },
57 { {0,0}, WinBatchSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BATCH_RID } } },
58 { {'I','U'}, WinInteractiveSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_INTERACTIVE_RID } } },
59 { {'S','U'}, WinServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_SERVICE_RID } } },
60 { {'A','N'}, WinAnonymousSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ANONYMOUS_LOGON_RID } } },
61 { {0,0}, WinProxySid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PROXY_RID } } },
62 { {'E','D'}, WinEnterpriseControllersSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ENTERPRISE_CONTROLLERS_RID } } },
63 { {'P','S'}, WinSelfSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PRINCIPAL_SELF_RID } } },
64 { {'A','U'}, WinAuthenticatedUserSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_AUTHENTICATED_USER_RID } } },
65 { {'R','C'}, WinRestrictedCodeSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_RESTRICTED_CODE_RID } } },
66 { {0,0}, WinTerminalServerSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_TERMINAL_SERVER_RID } } },
67 { {0,0}, WinRemoteLogonIdSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_REMOTE_LOGON_RID } } },
68 { {'S','Y'}, WinLocalSystemSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SYSTEM_RID } } },
69 { {'L','S'}, WinLocalServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SERVICE_RID } } },
70 { {'N','S'}, WinNetworkServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_SERVICE_RID } } },
71 { {0,0}, WinBuiltinDomainSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID } } },
72 { {'B','A'}, WinBuiltinAdministratorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS } } },
73 { {'B','U'}, WinBuiltinUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_USERS } } },
74 { {'B','G'}, WinBuiltinGuestsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_GUESTS } } },
75 { {'P','U'}, WinBuiltinPowerUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_POWER_USERS } } },
76 { {'A','O'}, WinBuiltinAccountOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ACCOUNT_OPS } } },
77 { {'S','O'}, WinBuiltinSystemOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_SYSTEM_OPS } } },
78 { {'P','O'}, WinBuiltinPrintOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PRINT_OPS } } },
79 { {'B','O'}, WinBuiltinBackupOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_BACKUP_OPS } } },
80 { {'R','E'}, WinBuiltinReplicatorSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REPLICATOR } } },
81 { {'R','U'}, WinBuiltinPreWindows2000CompatibleAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PREW2KCOMPACCESS } } },
82 { {'R','D'}, WinBuiltinRemoteDesktopUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS } } },
83 { {'N','O'}, WinBuiltinNetworkConfigurationOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS } } },
84 { {0,0}, WinNTLMAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_NTLM_RID } } },
85 { {0,0}, WinDigestAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_DIGEST_RID } } },
86 { {0,0}, WinSChannelAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_SCHANNEL_RID } } },
87 { {0,0}, WinThisOrganizationSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_THIS_ORGANIZATION_RID } } },
88 { {0,0}, WinOtherOrganizationSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_OTHER_ORGANIZATION_RID } } },
89 { {0,0}, WinBuiltinIncomingForestTrustBuildersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS } } },
90 { {0,0}, WinBuiltinPerfMonitoringUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_MONITORING_USERS } } },
91 { {0,0}, WinBuiltinPerfLoggingUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_LOGGING_USERS } } },
92 { {0,0}, WinBuiltinAuthorizationAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS } } },
93 { {0,0}, WinBuiltinTerminalServerLicenseServersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS } } },
94 { {0,0}, WinBuiltinDCOMUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_DCOM_USERS } } },
95 { {'L','W'}, WinLowLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_LOW_RID} } },
96 { {'M','E'}, WinMediumLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_MEDIUM_RID } } },
97 { {'H','I'}, WinHighLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_HIGH_RID } } },
98 { {'S','I'}, WinSystemLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_SYSTEM_RID } } },
99};
100
101/* these SIDs must be constructed as relative to some domain - only the RID is well-known */
102typedef struct WELLKNOWNRID
103{
104 WCHAR wstr[2];
105 WELL_KNOWN_SID_TYPE Type;
106 DWORD Rid;
107} WELLKNOWNRID;
108
109static const WELLKNOWNRID WellKnownRids[] = {
110 { {'L','A'}, WinAccountAdministratorSid, DOMAIN_USER_RID_ADMIN },
111 { {'L','G'}, WinAccountGuestSid, DOMAIN_USER_RID_GUEST },
112 { {0,0}, WinAccountKrbtgtSid, DOMAIN_USER_RID_KRBTGT },
113 { {'D','A'}, WinAccountDomainAdminsSid, DOMAIN_GROUP_RID_ADMINS },
114 { {'D','U'}, WinAccountDomainUsersSid, DOMAIN_GROUP_RID_USERS },
115 { {'D','G'}, WinAccountDomainGuestsSid, DOMAIN_GROUP_RID_GUESTS },
116 { {'D','C'}, WinAccountComputersSid, DOMAIN_GROUP_RID_COMPUTERS },
117 { {'D','D'}, WinAccountControllersSid, DOMAIN_GROUP_RID_CONTROLLERS },
118 { {'C','A'}, WinAccountCertAdminsSid, DOMAIN_GROUP_RID_CERT_ADMINS },
119 { {'S','A'}, WinAccountSchemaAdminsSid, DOMAIN_GROUP_RID_SCHEMA_ADMINS },
120 { {'E','A'}, WinAccountEnterpriseAdminsSid, DOMAIN_GROUP_RID_ENTERPRISE_ADMINS },
121 { {'P','A'}, WinAccountPolicyAdminsSid, DOMAIN_GROUP_RID_POLICY_ADMINS },
122 { {'R','S'}, WinAccountRasAndIasServersSid, DOMAIN_ALIAS_RID_RAS_SERVERS },
123};
124
125#ifndef __REACTOS__
126static const SID sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } };
127#endif
128
129static const WCHAR SDDL_NO_READ_UP[] = {'N','R',0};
130static const WCHAR SDDL_NO_WRITE_UP[] = {'N','W',0};
131static const WCHAR SDDL_NO_EXECUTE_UP[] = {'N','X',0};
132
133/*
134 * ACE types
135 */
136static const WCHAR SDDL_ACCESS_ALLOWED[] = {'A',0};
137static const WCHAR SDDL_ACCESS_DENIED[] = {'D',0};
138#ifndef __REACTOS__
139static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[] = {'O','A',0};
140static const WCHAR SDDL_OBJECT_ACCESS_DENIED[] = {'O','D',0};
141#endif
142static const WCHAR SDDL_AUDIT[] = {'A','U',0};
143static const WCHAR SDDL_ALARM[] = {'A','L',0};
144static const WCHAR SDDL_MANDATORY_LABEL[] = {'M','L',0};
145#ifndef __REACTOS__
146static const WCHAR SDDL_OBJECT_AUDIT[] = {'O','U',0};
147static const WCHAR SDDL_OBJECT_ALARM[] = {'O','L',0};
148#endif
149
150/*
151 * SDDL ADS Rights
152 */
153#define ADS_RIGHT_DS_CREATE_CHILD 0x0001
154#define ADS_RIGHT_DS_DELETE_CHILD 0x0002
155#define ADS_RIGHT_ACTRL_DS_LIST 0x0004
156#define ADS_RIGHT_DS_SELF 0x0008
157#define ADS_RIGHT_DS_READ_PROP 0x0010
158#define ADS_RIGHT_DS_WRITE_PROP 0x0020
159#define ADS_RIGHT_DS_DELETE_TREE 0x0040
160#define ADS_RIGHT_DS_LIST_OBJECT 0x0080
161#define ADS_RIGHT_DS_CONTROL_ACCESS 0x0100
162
163/*
164 * ACE flags
165 */
166static const WCHAR SDDL_CONTAINER_INHERIT[] = {'C','I',0};
167static const WCHAR SDDL_OBJECT_INHERIT[] = {'O','I',0};
168static const WCHAR SDDL_NO_PROPAGATE[] = {'N','P',0};
169static const WCHAR SDDL_INHERIT_ONLY[] = {'I','O',0};
170static const WCHAR SDDL_INHERITED[] = {'I','D',0};
171static const WCHAR SDDL_AUDIT_SUCCESS[] = {'S','A',0};
172static const WCHAR SDDL_AUDIT_FAILURE[] = {'F','A',0};
173
174static const char * debugstr_sid(PSID sid)
175{
176 int auth = 0;
177 SID * psid = (SID *)sid;
178
179 if (psid == NULL)
180 return "(null)";
181
182 auth = psid->IdentifierAuthority.Value[5] +
183 (psid->IdentifierAuthority.Value[4] << 8) +
184 (psid->IdentifierAuthority.Value[3] << 16) +
185 (psid->IdentifierAuthority.Value[2] << 24);
186
187 switch (psid->SubAuthorityCount) {
188 case 0:
189 return wine_dbg_sprintf("S-%d-%d", psid->Revision, auth);
190 case 1:
191 return wine_dbg_sprintf("S-%d-%d-%lu", psid->Revision, auth,
192 psid->SubAuthority[0]);
193 case 2:
194 return wine_dbg_sprintf("S-%d-%d-%lu-%lu", psid->Revision, auth,
195 psid->SubAuthority[0], psid->SubAuthority[1]);
196 case 3:
197 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu", psid->Revision, auth,
198 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2]);
199 case 4:
200 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu", psid->Revision, auth,
201 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
202 psid->SubAuthority[3]);
203 case 5:
204 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
205 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
206 psid->SubAuthority[3], psid->SubAuthority[4]);
207 case 6:
208 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
209 psid->SubAuthority[3], psid->SubAuthority[1], psid->SubAuthority[2],
210 psid->SubAuthority[0], psid->SubAuthority[4], psid->SubAuthority[5]);
211 case 7:
212 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
213 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
214 psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
215 psid->SubAuthority[6]);
216 case 8:
217 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
218 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
219 psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
220 psid->SubAuthority[6], psid->SubAuthority[7]);
221 }
222 return "(too-big)";
223}
224
225/* set last error code from NT status and get the proper boolean return value */
226/* used for functions that are a simple wrapper around the corresponding ntdll API */
227static __inline BOOL set_ntstatus( NTSTATUS status )
228{
229 if (!NT_SUCCESS(status)) SetLastError( RtlNtStatusToDosError( status ));
230 return NT_SUCCESS(status);
231}
232
233static LPWSTR SERV_dup( LPCSTR str )
234{
235 UINT len;
236 LPWSTR wstr;
237
238 if( !str )
239 return NULL;
240 len = MultiByteToWideChar( CP_ACP, 0, str, -1, NULL, 0 );
241 wstr = heap_alloc( len*sizeof (WCHAR) );
242 MultiByteToWideChar( CP_ACP, 0, str, -1, wstr, len );
243 return wstr;
244}
245
246/************************************************************
247 * ADVAPI_IsLocalComputer
248 *
249 * Checks whether the server name indicates local machine.
250 */
251BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
252{
253 DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
254 BOOL Result;
255 LPWSTR buf;
256
257 if (!ServerName || !ServerName[0])
258 return TRUE;
259
260 buf = heap_alloc(dwSize * sizeof(WCHAR));
261 Result = GetComputerNameW(buf, &dwSize);
262 if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
263 ServerName += 2;
264 Result = Result && !lstrcmpW(ServerName, buf);
265 heap_free(buf);
266
267 return Result;
268}
269
270/************************************************************
271 * ADVAPI_GetComputerSid
272 */
273BOOL ADVAPI_GetComputerSid(PSID sid)
274{
275 static const struct /* same fields as struct SID */
276 {
277 BYTE Revision;
278 BYTE SubAuthorityCount;
279 SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
280 DWORD SubAuthority[4];
281 } computer_sid =
282 { SID_REVISION, 4, { SECURITY_NT_AUTHORITY }, { SECURITY_NT_NON_UNIQUE, 0, 0, 0 } };
283
284 memcpy( sid, &computer_sid, sizeof(computer_sid) );
285 return TRUE;
286}
287
288/* Exported functions */
289
290/*
291 * @implemented
292 */
293BOOL WINAPI
294OpenProcessToken(HANDLE ProcessHandle,
295 DWORD DesiredAccess,
296 PHANDLE TokenHandle)
297{
298 NTSTATUS Status;
299
300 TRACE("%p, %x, %p.\n", ProcessHandle, DesiredAccess, TokenHandle);
301
302 Status = NtOpenProcessToken(ProcessHandle,
303 DesiredAccess,
304 TokenHandle);
305 if (!NT_SUCCESS(Status))
306 {
307 WARN("NtOpenProcessToken failed! Status %08x\n", Status);
308 SetLastError(RtlNtStatusToDosError(Status));
309 return FALSE;
310 }
311
312 TRACE("Returning token %p.\n", *TokenHandle);
313
314 return TRUE;
315}
316
317/******************************************************************************
318 * OpenThreadToken [ADVAPI32.@]
319 *
320 * Opens the access token associated with a thread handle.
321 *
322 * PARAMS
323 * ThreadHandle [I] Handle to process
324 * DesiredAccess [I] Desired access to the thread
325 * OpenAsSelf [I] ???
326 * TokenHandle [O] Destination for the token handle
327 *
328 * RETURNS
329 * Success: TRUE. TokenHandle contains the access token.
330 * Failure: FALSE.
331 *
332 * NOTES
333 * See NtOpenThreadToken.
334 */
335BOOL WINAPI
336OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
337 BOOL OpenAsSelf, HANDLE *TokenHandle)
338{
339 return set_ntstatus( NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
340}
341
342/*
343 * @implemented
344 */
345BOOL WINAPI
346AdjustTokenGroups(HANDLE TokenHandle,
347 BOOL ResetToDefault,
348 PTOKEN_GROUPS NewState,
349 DWORD BufferLength,
350 PTOKEN_GROUPS PreviousState,
351 PDWORD ReturnLength)
352{
353 NTSTATUS Status;
354
355 Status = NtAdjustGroupsToken(TokenHandle,
356 ResetToDefault,
357 NewState,
358 BufferLength,
359 PreviousState,
360 (PULONG)ReturnLength);
361 if (!NT_SUCCESS(Status))
362 {
363 SetLastError(RtlNtStatusToDosError(Status));
364 return FALSE;
365 }
366
367 return TRUE;
368}
369
370/*
371 * @implemented
372 */
373BOOL WINAPI
374AdjustTokenPrivileges(HANDLE TokenHandle,
375 BOOL DisableAllPrivileges,
376 PTOKEN_PRIVILEGES NewState,
377 DWORD BufferLength,
378 PTOKEN_PRIVILEGES PreviousState,
379 PDWORD ReturnLength)
380{
381 NTSTATUS Status;
382
383 Status = NtAdjustPrivilegesToken(TokenHandle,
384 DisableAllPrivileges,
385 NewState,
386 BufferLength,
387 PreviousState,
388 (PULONG)ReturnLength);
389 if (STATUS_NOT_ALL_ASSIGNED == Status)
390 {
391 SetLastError(ERROR_NOT_ALL_ASSIGNED);
392 return TRUE;
393 }
394
395 if (!NT_SUCCESS(Status))
396 {
397 SetLastError(RtlNtStatusToDosError(Status));
398 return FALSE;
399 }
400
401 /* AdjustTokenPrivileges is documented to do this */
402 SetLastError(ERROR_SUCCESS);
403
404 return TRUE;
405}
406
407/*
408 * @implemented
409 */
410BOOL WINAPI
411GetTokenInformation(HANDLE TokenHandle,
412 TOKEN_INFORMATION_CLASS TokenInformationClass,
413 LPVOID TokenInformation,
414 DWORD TokenInformationLength,
415 PDWORD ReturnLength)
416{
417 NTSTATUS Status;
418
419 Status = NtQueryInformationToken(TokenHandle,
420 TokenInformationClass,
421 TokenInformation,
422 TokenInformationLength,
423 (PULONG)ReturnLength);
424 if (!NT_SUCCESS(Status))
425 {
426 SetLastError(RtlNtStatusToDosError(Status));
427 return FALSE;
428 }
429
430 return TRUE;
431}
432
433/*
434 * @implemented
435 */
436BOOL WINAPI
437SetTokenInformation(HANDLE TokenHandle,
438 TOKEN_INFORMATION_CLASS TokenInformationClass,
439 LPVOID TokenInformation,
440 DWORD TokenInformationLength)
441{
442 NTSTATUS Status;
443
444 Status = NtSetInformationToken(TokenHandle,
445 TokenInformationClass,
446 TokenInformation,
447 TokenInformationLength);
448 if (!NT_SUCCESS(Status))
449 {
450 SetLastError(RtlNtStatusToDosError(Status));
451 return FALSE;
452 }
453
454 return TRUE;
455}
456
457/*
458 * @implemented
459 */
460BOOL WINAPI
461SetThreadToken(IN PHANDLE ThreadHandle OPTIONAL,
462 IN HANDLE TokenHandle)
463{
464 NTSTATUS Status;
465 HANDLE hThread;
466
467 hThread = (ThreadHandle != NULL) ? *ThreadHandle : NtCurrentThread();
468
469 Status = NtSetInformationThread(hThread,
470 ThreadImpersonationToken,
471 &TokenHandle,
472 sizeof(HANDLE));
473 if (!NT_SUCCESS(Status))
474 {
475 SetLastError(RtlNtStatusToDosError(Status));
476 return FALSE;
477 }
478
479 return TRUE;
480}
481
533BOOL WINAPI CreateRestrictedToken(
534 _In_ HANDLE ExistingTokenHandle,
535 _In_ DWORD Flags,
536 _In_ DWORD DisableSidCount,
537 _In_reads_opt_(DisableSidCount) PSID_AND_ATTRIBUTES SidsToDisable,
538 _In_ DWORD DeletePrivilegeCount,
539 _In_reads_opt_(DeletePrivilegeCount) PLUID_AND_ATTRIBUTES PrivilegesToDelete,
540 _In_ DWORD RestrictedSidCount,
541 _In_reads_opt_(RestrictedSidCount) PSID_AND_ATTRIBUTES SidsToRestrict,
542 _Outptr_ PHANDLE NewTokenHandle)
543{
544 NTSTATUS Status;
545 BOOL Success;
546 ULONG Index;
547 PTOKEN_GROUPS DisableSids = NULL;
548 PTOKEN_GROUPS RestrictedSids = NULL;
549 PTOKEN_PRIVILEGES DeletePrivileges = NULL;
550
551 /*
552 * Capture the elements we're being given from
553 * the caller and allocate the groups and/or
554 * privileges that have to be filtered in
555 * the token.
556 */
557 if (SidsToDisable != NULL)
558 {
559 DisableSids = (PTOKEN_GROUPS)LocalAlloc(LMEM_FIXED, DisableSidCount * sizeof(TOKEN_GROUPS));
560 if (DisableSids == NULL)
561 {
562 /* We failed, bail out */
563 SetLastError(RtlNtStatusToDosError(STATUS_INSUFFICIENT_RESOURCES));
564 return FALSE;
565 }
566
567 /* Copy the counter and loop the elements to copy the rest */
568 DisableSids->GroupCount = DisableSidCount;
569 for (Index = 0; Index < DisableSidCount; Index++)
570 {
571 DisableSids->Groups[Index].Sid = SidsToDisable[Index].Sid;
572 DisableSids->Groups[Index].Attributes = SidsToDisable[Index].Attributes;
573 }
574 }
575
576 if (PrivilegesToDelete != NULL)
577 {
578 DeletePrivileges = (PTOKEN_PRIVILEGES)LocalAlloc(LMEM_FIXED, DeletePrivilegeCount * sizeof(TOKEN_PRIVILEGES));
579 if (DeletePrivileges == NULL)
580 {
581 /* We failed, bail out */
582 SetLastError(RtlNtStatusToDosError(STATUS_INSUFFICIENT_RESOURCES));
583 Success = FALSE;
584 goto Cleanup;
585 }
586
587 /* Copy the counter and loop the elements to copy the rest */
588 DeletePrivileges->PrivilegeCount = DeletePrivilegeCount;
589 for (Index = 0; Index < DeletePrivilegeCount; Index++)
590 {
591 DeletePrivileges->Privileges[Index].Luid = PrivilegesToDelete[Index].Luid;
592 DeletePrivileges->Privileges[Index].Attributes = PrivilegesToDelete[Index].Attributes;
593 }
594 }
595
596 if (SidsToRestrict != NULL)
597 {
598 RestrictedSids = (PTOKEN_GROUPS)LocalAlloc(LMEM_FIXED, RestrictedSidCount * sizeof(TOKEN_GROUPS));
599 if (RestrictedSids == NULL)
600 {
601 /* We failed, bail out */
602 SetLastError(RtlNtStatusToDosError(STATUS_INSUFFICIENT_RESOURCES));
603 Success = FALSE;
604 goto Cleanup;
605 }
606
607 /* Copy the counter and loop the elements to copy the rest */
608 RestrictedSids->GroupCount = RestrictedSidCount;
609 for (Index = 0; Index < RestrictedSidCount; Index++)
610 {
611 RestrictedSids->Groups[Index].Sid = SidsToRestrict[Index].Sid;
612 RestrictedSids->Groups[Index].Attributes = SidsToRestrict[Index].Attributes;
613 }
614 }
615
616 /*
617 * Call the NT API to request a token filtering
618 * operation for us.
619 */
620 Status = NtFilterToken(ExistingTokenHandle,
621 Flags,
622 DisableSids,
623 DeletePrivileges,
624 RestrictedSids,
625 NewTokenHandle);
626 if (!NT_SUCCESS(Status))
627 {
628 /* We failed to do the job, bail out */
629 SetLastError(RtlNtStatusToDosError(Status));
630 Success = FALSE;
631 goto Cleanup;
632 }
633
634 /* If we reach here then we've successfully filtered the token */
635 Success = TRUE;
636
637Cleanup:
638 /* Free whatever we allocated before */
639 if (DisableSids != NULL)
640 {
641 LocalFree(DisableSids);
642 }
643
644 if (DeletePrivileges != NULL)
645 {
646 LocalFree(DeletePrivileges);
647 }
648
649 if (RestrictedSids != NULL)
650 {
651 LocalFree(RestrictedSids);
652 }
653
654 return Success;
655}
656
657/******************************************************************************
658 * AllocateAndInitializeSid [ADVAPI32.@]
659 *
660 * PARAMS
661 * pIdentifierAuthority []
662 * nSubAuthorityCount []
663 * nSubAuthority0 []
664 * nSubAuthority1 []
665 * nSubAuthority2 []
666 * nSubAuthority3 []
667 * nSubAuthority4 []
668 * nSubAuthority5 []
669 * nSubAuthority6 []
670 * nSubAuthority7 []
671 * pSid []
672 */
673BOOL WINAPI
674AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
675 BYTE nSubAuthorityCount,
676 DWORD nSubAuthority0, DWORD nSubAuthority1,
677 DWORD nSubAuthority2, DWORD nSubAuthority3,
678 DWORD nSubAuthority4, DWORD nSubAuthority5,
679 DWORD nSubAuthority6, DWORD nSubAuthority7,
680 PSID *pSid )
681{
682 return set_ntstatus( RtlAllocateAndInitializeSid(
683 pIdentifierAuthority, nSubAuthorityCount,
684 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
685 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
686 pSid ));
687}
688
689/*
690 * @implemented
691 *
692 * RETURNS
693 * Docs says this function does NOT return a value
694 * even thou it's defined to return a PVOID...
695 */
696PVOID
697WINAPI
698FreeSid(PSID pSid)
699{
700 return RtlFreeSid(pSid);
701}
702
703/******************************************************************************
704 * CopySid [ADVAPI32.@]
705 *
706 * PARAMS
707 * nDestinationSidLength []
708 * pDestinationSid []
709 * pSourceSid []
710 */
711BOOL WINAPI
712CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
713{
714 return set_ntstatus(RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid));
715}
716
717/*
718 * @unimplemented
719 */
720BOOL
721WINAPI
722CreateWellKnownSid(IN WELL_KNOWN_SID_TYPE WellKnownSidType,
723 IN PSID DomainSid OPTIONAL,
724 OUT PSID pSid,
725 IN OUT DWORD* cbSid)
726{
727 unsigned int i;
728 TRACE("(%d, %s, %p, %p)\n", WellKnownSidType, debugstr_sid(DomainSid), pSid, cbSid);
729
730 if (cbSid == NULL || (DomainSid && !IsValidSid(DomainSid)))
731 {
732 SetLastError(ERROR_INVALID_PARAMETER);
733 return FALSE;
734 }
735
736 for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++) {
737 if (WellKnownSids[i].Type == WellKnownSidType) {
738 DWORD length = GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount);
739
740 if (*cbSid < length)
741 {
742 *cbSid = length;
743 SetLastError(ERROR_INSUFFICIENT_BUFFER);
744 return FALSE;
745 }
746 if (!pSid)
747 {
748 SetLastError(ERROR_INVALID_PARAMETER);
749 return FALSE;
750 }
751 CopyMemory(pSid, &WellKnownSids[i].Sid.Revision, length);
752 *cbSid = length;
753 return TRUE;
754 }
755 }
756
757 if (DomainSid == NULL || *GetSidSubAuthorityCount(DomainSid) == SID_MAX_SUB_AUTHORITIES)
758 {
759 SetLastError(ERROR_INVALID_PARAMETER);
760 return FALSE;
761 }
762
763 for (i = 0; i < sizeof(WellKnownRids)/sizeof(WellKnownRids[0]); i++)
764 if (WellKnownRids[i].Type == WellKnownSidType) {
765 UCHAR domain_subauth = *GetSidSubAuthorityCount(DomainSid);
766 DWORD domain_sid_length = GetSidLengthRequired(domain_subauth);
767 DWORD output_sid_length = GetSidLengthRequired(domain_subauth + 1);
768
769 if (*cbSid < output_sid_length)
770 {
771 *cbSid = output_sid_length;
772 SetLastError(ERROR_INSUFFICIENT_BUFFER);
773 return FALSE;
774 }
775 if (!pSid)
776 {
777 SetLastError(ERROR_INVALID_PARAMETER);
778 return FALSE;
779 }
780 CopyMemory(pSid, DomainSid, domain_sid_length);
781 (*GetSidSubAuthorityCount(pSid))++;
782 (*GetSidSubAuthority(pSid, domain_subauth)) = WellKnownRids[i].Rid;
783 *cbSid = output_sid_length;
784 return TRUE;
785 }
786
787 SetLastError(ERROR_INVALID_PARAMETER);
788 return FALSE;
789}
790
791/*
792 * @unimplemented
793 */
794BOOL
795WINAPI
796IsWellKnownSid(IN PSID pSid,
797 IN WELL_KNOWN_SID_TYPE WellKnownSidType)
798{
799 unsigned int i;
800 TRACE("(%s, %d)\n", debugstr_sid(pSid), WellKnownSidType);
801
802 for (i = 0; i < sizeof(WellKnownSids) / sizeof(WellKnownSids[0]); i++)
803 {
804 if (WellKnownSids[i].Type == WellKnownSidType)
805 {
806 if (EqualSid(pSid, (PSID)(&WellKnownSids[i].Sid.Revision)))
807 return TRUE;
808 }
809 }
810
811 return FALSE;
812}
813
814/*
815 * @implemented
816 */
817BOOL
818WINAPI
819IsValidSid(PSID pSid)
820{
821 return (BOOL)RtlValidSid(pSid);
822}
823
824/*
825 * @implemented
826 */
827BOOL
828WINAPI
829EqualSid(PSID pSid1,
830 PSID pSid2)
831{
832 SetLastError(ERROR_SUCCESS);
833 return RtlEqualSid (pSid1, pSid2);
834}
835
836/*
837 * @implemented
838 */
839BOOL
840WINAPI
841EqualPrefixSid(PSID pSid1,
842 PSID pSid2)
843{
844 return RtlEqualPrefixSid (pSid1, pSid2);
845}
846
847/*
848 * @implemented
849 */
850DWORD
851WINAPI
852GetSidLengthRequired(UCHAR nSubAuthorityCount)
853{
854 return (DWORD)RtlLengthRequiredSid(nSubAuthorityCount);
855}
856
857/*
858 * @implemented
859 */
860BOOL
861WINAPI
862InitializeSid(PSID Sid,
863 PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
864 BYTE nSubAuthorityCount)
865{
866 NTSTATUS Status;
867
868 Status = RtlInitializeSid(Sid,
869 pIdentifierAuthority,
870 nSubAuthorityCount);
871 if (!NT_SUCCESS(Status))
872 {
873 SetLastError(RtlNtStatusToDosError(Status));
874 return FALSE;
875 }
876
877 return TRUE;
878}
879
880/*
881 * @implemented
882 */
883PSID_IDENTIFIER_AUTHORITY
884WINAPI
885GetSidIdentifierAuthority(PSID pSid)
886{
887 SetLastError(ERROR_SUCCESS);
888 return RtlIdentifierAuthoritySid(pSid);
889}
890
891/*
892 * @implemented
893 */
894PDWORD
895WINAPI
896GetSidSubAuthority(PSID pSid,
897 DWORD nSubAuthority)
898{
899 SetLastError(ERROR_SUCCESS);
900 return (PDWORD)RtlSubAuthoritySid(pSid, nSubAuthority);
901}
902
903/*
904 * @implemented
905 */
906PUCHAR
907WINAPI
908GetSidSubAuthorityCount(PSID pSid)
909{
910 SetLastError(ERROR_SUCCESS);
911 return RtlSubAuthorityCountSid(pSid);
912}
913
914/*
915 * @implemented
916 */
917DWORD
918WINAPI
919GetLengthSid(PSID pSid)
920{
921 return (DWORD)RtlLengthSid(pSid);
922}
923
924/*
925 * @implemented
926 */
927BOOL
928WINAPI
929InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor,
930 DWORD dwRevision)
931{
932 NTSTATUS Status;
933
934 Status = RtlCreateSecurityDescriptor(pSecurityDescriptor,
935 dwRevision);
936 if (!NT_SUCCESS(Status))
937 {
938 SetLastError(RtlNtStatusToDosError(Status));
939 return FALSE;
940 }
941
942 return TRUE;
943}
944
945/*
946 * @implemented
947 */
948BOOL
949WINAPI
950MakeAbsoluteSD(PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
951 PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
952 LPDWORD lpdwAbsoluteSecurityDescriptorSize,
953 PACL pDacl,
954 LPDWORD lpdwDaclSize,
955 PACL pSacl,
956 LPDWORD lpdwSaclSize,
957 PSID pOwner,
958 LPDWORD lpdwOwnerSize,
959 PSID pPrimaryGroup,
960 LPDWORD lpdwPrimaryGroupSize)
961{
962 NTSTATUS Status;
963
964 Status = RtlSelfRelativeToAbsoluteSD(pSelfRelativeSecurityDescriptor,
965 pAbsoluteSecurityDescriptor,
966 lpdwAbsoluteSecurityDescriptorSize,
967 pDacl,
968 lpdwDaclSize,
969 pSacl,
970 lpdwSaclSize,
971 pOwner,
972 lpdwOwnerSize,
973 pPrimaryGroup,
974 lpdwPrimaryGroupSize);
975 if (!NT_SUCCESS(Status))
976 {
977 SetLastError(RtlNtStatusToDosError(Status));
978 return FALSE;
979 }
980
981 return TRUE;
982}
983
984/******************************************************************************
985 * GetKernelObjectSecurity [ADVAPI32.@]
986 */
987BOOL WINAPI GetKernelObjectSecurity(
988 HANDLE Handle,
989 SECURITY_INFORMATION RequestedInformation,
990 PSECURITY_DESCRIPTOR pSecurityDescriptor,
991 DWORD nLength,
992 LPDWORD lpnLengthNeeded )
993{
994 TRACE("(%p,0x%08x,%p,0x%08x,%p)\n", Handle, RequestedInformation,
995 pSecurityDescriptor, nLength, lpnLengthNeeded);
996
997 return set_ntstatus( NtQuerySecurityObject(Handle, RequestedInformation, pSecurityDescriptor,
998 nLength, lpnLengthNeeded ));
999}
1000
1001/*
1002 * @implemented
1003 */
1004BOOL
1005WINAPI
1006InitializeAcl(PACL pAcl,
1007 DWORD nAclLength,
1008 DWORD dwAclRevision)
1009{
1010 NTSTATUS Status;
1011
1012 Status = RtlCreateAcl(pAcl,
1013 nAclLength,
1014 dwAclRevision);
1015 if (!NT_SUCCESS(Status))
1016 {
1017 SetLastError(RtlNtStatusToDosError(Status));
1018 return FALSE;
1019 }
1020
1021 return TRUE;
1022}
1023
1024BOOL WINAPI ImpersonateNamedPipeClient( HANDLE hNamedPipe )
1025{
1026 IO_STATUS_BLOCK io_block;
1027
1028 TRACE("(%p)\n", hNamedPipe);
1029
1030 return set_ntstatus( NtFsControlFile(hNamedPipe, NULL, NULL, NULL,
1031 &io_block, FSCTL_PIPE_IMPERSONATE, NULL, 0, NULL, 0) );
1032}
1033
1034/*
1035 * @implemented
1036 */
1037BOOL
1038WINAPI
1039AddAccessAllowedAce(PACL pAcl,
1040 DWORD dwAceRevision,
1041 DWORD AccessMask,
1042 PSID pSid)
1043{
1044 NTSTATUS Status;
1045
1046 Status = RtlAddAccessAllowedAce(pAcl,
1047 dwAceRevision,
1048 AccessMask,
1049 pSid);
1050 if (!NT_SUCCESS(Status))
1051 {
1052 SetLastError(RtlNtStatusToDosError(Status));
1053 return FALSE;
1054 }
1055
1056 return TRUE;
1057}
1058
1059/*
1060 * @implemented
1061 */
1062BOOL WINAPI
1063AddAccessAllowedAceEx(PACL pAcl,
1064 DWORD dwAceRevision,
1065 DWORD AceFlags,
1066 DWORD AccessMask,
1067 PSID pSid)
1068{
1069 NTSTATUS Status;
1070
1071 Status = RtlAddAccessAllowedAceEx(pAcl,
1072 dwAceRevision,
1073 AceFlags,
1074 AccessMask,
1075 pSid);
1076 if (!NT_SUCCESS(Status))
1077 {
1078 SetLastError(RtlNtStatusToDosError(Status));
1079 return FALSE;
1080 }
1081
1082 return TRUE;
1083}
1084
1085/*
1086 * @implemented
1087 */
1088BOOL
1089WINAPI
1090AddAccessDeniedAce(PACL pAcl,
1091 DWORD dwAceRevision,
1092 DWORD AccessMask,
1093 PSID pSid)
1094{
1095 NTSTATUS Status;
1096
1097 Status = RtlAddAccessDeniedAce(pAcl,
1098 dwAceRevision,
1099 AccessMask,
1100 pSid);
1101 if (!NT_SUCCESS(Status))
1102 {
1103 SetLastError(RtlNtStatusToDosError(Status));
1104 return FALSE;
1105 }
1106
1107 return TRUE;
1108}
1109
1110/*
1111 * @implemented
1112 */
1113BOOL WINAPI
1114AddAccessDeniedAceEx(PACL pAcl,
1115 DWORD dwAceRevision,
1116 DWORD AceFlags,
1117 DWORD AccessMask,
1118 PSID pSid)
1119{
1120 NTSTATUS Status;
1121
1122 Status = RtlAddAccessDeniedAceEx(pAcl,
1123 dwAceRevision,
1124 AceFlags,
1125 AccessMask,
1126 pSid);
1127 if (!NT_SUCCESS(Status))
1128 {
1129 SetLastError(RtlNtStatusToDosError(Status));
1130 return FALSE;
1131 }
1132
1133 return TRUE;
1134}
1135
1136/*
1137 * @implemented
1138 */
1139BOOL
1140WINAPI
1141AddAce(PACL pAcl,
1142 DWORD dwAceRevision,
1143 DWORD dwStartingAceIndex,
1144 LPVOID pAceList,
1145 DWORD nAceListLength)
1146{
1147 NTSTATUS Status;
1148
1149 Status = RtlAddAce(pAcl,
1150 dwAceRevision,
1151 dwStartingAceIndex,
1152 pAceList,
1153 nAceListLength);
1154 if (!NT_SUCCESS(Status))
1155 {
1156 SetLastError(RtlNtStatusToDosError(Status));
1157 return FALSE;
1158 }
1159
1160 return TRUE;
1161}
1162
1163/******************************************************************************
1164 * DeleteAce [ADVAPI32.@]
1165 */
1166BOOL WINAPI DeleteAce(PACL pAcl, DWORD dwAceIndex)
1167{
1168 return set_ntstatus(RtlDeleteAce(pAcl, dwAceIndex));
1169}
1170
1171/*
1172 * @implemented
1173 */
1174BOOL
1175WINAPI
1176FindFirstFreeAce(PACL pAcl,
1177 LPVOID *pAce)
1178{
1179 return RtlFirstFreeAce(pAcl,
1180 (PACE*)pAce);
1181}
1182
1183/******************************************************************************
1184 * GetAce [ADVAPI32.@]
1185 */
1186BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
1187{
1188 return set_ntstatus(RtlGetAce(pAcl, dwAceIndex, pAce));
1189}
1190
1191/******************************************************************************
1192 * GetAclInformation [ADVAPI32.@]
1193 */
1194BOOL WINAPI GetAclInformation(
1195 PACL pAcl,
1196 LPVOID pAclInformation,
1197 DWORD nAclInformationLength,
1198 ACL_INFORMATION_CLASS dwAclInformationClass)
1199{
1200 return set_ntstatus(RtlQueryInformationAcl(pAcl, pAclInformation,
1201 nAclInformationLength, dwAclInformationClass));
1202}
1203
1204/*
1205 * @implemented
1206 */
1207BOOL
1208WINAPI
1209IsValidAcl(PACL pAcl)
1210{
1211 return RtlValidAcl (pAcl);
1212}
1213
1214/*
1215 * @implemented
1216 */
1217BOOL WINAPI
1218AllocateLocallyUniqueId(PLUID Luid)
1219{
1220 NTSTATUS Status;
1221
1222 Status = NtAllocateLocallyUniqueId (Luid);
1223 if (!NT_SUCCESS (Status))
1224 {
1225 SetLastError(RtlNtStatusToDosError(Status));
1226 return FALSE;
1227 }
1228
1229 return TRUE;
1230}
1231
1232/**********************************************************************
1233 * LookupPrivilegeDisplayNameA EXPORTED
1234 *
1235 * @unimplemented
1236 */
1237BOOL
1238WINAPI
1239LookupPrivilegeDisplayNameA(LPCSTR lpSystemName,
1240 LPCSTR lpName,
1241 LPSTR lpDisplayName,
1242 LPDWORD cchDisplayName,
1243 LPDWORD lpLanguageId)
1244{
1245 UNICODE_STRING lpSystemNameW;
1246 UNICODE_STRING lpNameW;
1247 BOOL ret;
1248 DWORD wLen = 0;
1249
1250 TRACE("%s %s %p %p %p\n", debugstr_a(lpSystemName), debugstr_a(lpName), lpName, cchDisplayName, lpLanguageId);
1251
1252 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1253 RtlCreateUnicodeStringFromAsciiz(&lpNameW, lpName);
1254 ret = LookupPrivilegeDisplayNameW(lpSystemNameW.Buffer, lpNameW.Buffer, NULL, &wLen, lpLanguageId);
1255 if (!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
1256 {
1257 LPWSTR lpDisplayNameW = HeapAlloc(GetProcessHeap(), 0, wLen * sizeof(WCHAR));
1258
1259 ret = LookupPrivilegeDisplayNameW(lpSystemNameW.Buffer, lpNameW.Buffer, lpDisplayNameW,
1260 &wLen, lpLanguageId);
1261 if (ret)
1262 {
1263 unsigned int len = WideCharToMultiByte(CP_ACP, 0, lpDisplayNameW, -1, lpDisplayName,
1264 *cchDisplayName, NULL, NULL);
1265
1266 if (len == 0)
1267 {
1268 /* WideCharToMultiByte failed */
1269 ret = FALSE;
1270 }
1271 else if (len > *cchDisplayName)
1272 {
1273 *cchDisplayName = len;
1274 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1275 ret = FALSE;
1276 }
1277 else
1278 {
1279 /* WideCharToMultiByte succeeded, output length needs to be
1280 * length not including NULL terminator
1281 */
1282 *cchDisplayName = len - 1;
1283 }
1284 }
1285 HeapFree(GetProcessHeap(), 0, lpDisplayNameW);
1286 }
1287 RtlFreeUnicodeString(&lpSystemNameW);
1288 RtlFreeUnicodeString(&lpNameW);
1289 return ret;
1290}
1291
1292/**********************************************************************
1293 * LookupPrivilegeNameA EXPORTED
1294 *
1295 * @implemented
1296 */
1297BOOL
1298WINAPI
1299LookupPrivilegeNameA(LPCSTR lpSystemName,
1300 PLUID lpLuid,
1301 LPSTR lpName,
1302 LPDWORD cchName)
1303{
1304 UNICODE_STRING lpSystemNameW;
1305 BOOL ret;
1306 DWORD wLen = 0;
1307
1308 TRACE("%s %p %p %p\n", debugstr_a(lpSystemName), lpLuid, lpName, cchName);
1309
1310 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
1311 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, NULL, &wLen);
1312 if (!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
1313 {
1314 LPWSTR lpNameW = HeapAlloc(GetProcessHeap(), 0, wLen * sizeof(WCHAR));
1315
1316 ret = LookupPrivilegeNameW(lpSystemNameW.Buffer, lpLuid, lpNameW,
1317 &wLen);
1318 if (ret)
1319 {
1320 /* Windows crashes if cchName is NULL, so will I */
1321 unsigned int len = WideCharToMultiByte(CP_ACP, 0, lpNameW, -1, lpName,
1322 *cchName, NULL, NULL);
1323
1324 if (len == 0)
1325 {
1326 /* WideCharToMultiByte failed */
1327 ret = FALSE;
1328 }
1329 else if (len > *cchName)
1330 {
1331 *cchName = len;
1332 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1333 ret = FALSE;
1334 }
1335 else
1336 {
1337 /* WideCharToMultiByte succeeded, output length needs to be
1338 * length not including NULL terminator
1339 */
1340 *cchName = len - 1;
1341 }
1342 }
1343 HeapFree(GetProcessHeap(), 0, lpNameW);
1344 }
1345 RtlFreeUnicodeString(&lpSystemNameW);
1346 return ret;
1347}
1348
1349/******************************************************************************
1350 * GetFileSecurityA [ADVAPI32.@]
1351 *
1352 * Obtains Specified information about the security of a file or directory.
1353 *
1354 * PARAMS
1355 * lpFileName [I] Name of the file to get info for
1356 * RequestedInformation [I] SE_ flags from "winnt.h"
1357 * pSecurityDescriptor [O] Destination for security information
1358 * nLength [I] Length of pSecurityDescriptor
1359 * lpnLengthNeeded [O] Destination for length of returned security information
1360 *
1361 * RETURNS
1362 * Success: TRUE. pSecurityDescriptor contains the requested information.
1363 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
1364 *
1365 * NOTES
1366 * The information returned is constrained by the callers access rights and
1367 * privileges.
1368 *
1369 * @implemented
1370 */
1371BOOL
1372WINAPI
1373GetFileSecurityA(LPCSTR lpFileName,
1374 SECURITY_INFORMATION RequestedInformation,
1375 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1376 DWORD nLength,
1377 LPDWORD lpnLengthNeeded)
1378{
1379 UNICODE_STRING FileName;
1380 BOOL bResult;
1381
1382 if (!RtlCreateUnicodeStringFromAsciiz(&FileName, lpFileName))
1383 {
1384 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
1385 return FALSE;
1386 }
1387
1388 bResult = GetFileSecurityW(FileName.Buffer,
1389 RequestedInformation,
1390 pSecurityDescriptor,
1391 nLength,
1392 lpnLengthNeeded);
1393
1394 RtlFreeUnicodeString(&FileName);
1395
1396 return bResult;
1397}
1398
1399/*
1400 * @implemented
1401 */
1402BOOL
1403WINAPI
1404GetFileSecurityW(LPCWSTR lpFileName,
1405 SECURITY_INFORMATION RequestedInformation,
1406 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1407 DWORD nLength,
1408 LPDWORD lpnLengthNeeded)
1409{
1410 OBJECT_ATTRIBUTES ObjectAttributes;
1411 IO_STATUS_BLOCK StatusBlock;
1412 UNICODE_STRING FileName;
1413 ULONG AccessMask = 0;
1414 HANDLE FileHandle;
1415 NTSTATUS Status;
1416
1417 TRACE("GetFileSecurityW() called\n");
1418
1419 QuerySecurityAccessMask(RequestedInformation, &AccessMask);
1420
1421 if (!RtlDosPathNameToNtPathName_U(lpFileName,
1422 &FileName,
1423 NULL,
1424 NULL))
1425 {
1426 ERR("Invalid path\n");
1427 SetLastError(ERROR_INVALID_NAME);
1428 return FALSE;
1429 }
1430
1431 InitializeObjectAttributes(&ObjectAttributes,
1432 &FileName,
1433 OBJ_CASE_INSENSITIVE,
1434 NULL,
1435 NULL);
1436
1437 Status = NtOpenFile(&FileHandle,
1438 AccessMask,
1439 &ObjectAttributes,
1440 &StatusBlock,
1441 FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
1442 0);
1443
1444 RtlFreeHeap(RtlGetProcessHeap(),
1445 0,
1446 FileName.Buffer);
1447
1448 if (!NT_SUCCESS(Status))
1449 {
1450 ERR("NtOpenFile() failed (Status %lx)\n", Status);
1451 SetLastError(RtlNtStatusToDosError(Status));
1452 return FALSE;
1453 }
1454
1455 Status = NtQuerySecurityObject(FileHandle,
1456 RequestedInformation,
1457 pSecurityDescriptor,
1458 nLength,
1459 lpnLengthNeeded);
1460 NtClose(FileHandle);
1461 if (!NT_SUCCESS(Status))
1462 {
1463 ERR("NtQuerySecurityObject() failed (Status %lx)\n", Status);
1464 SetLastError(RtlNtStatusToDosError(Status));
1465 return FALSE;
1466 }
1467
1468 return TRUE;
1469}
1470
1471/******************************************************************************
1472 * SetFileSecurityA [ADVAPI32.@]
1473 * Sets the security of a file or directory
1474 *
1475 * @implemented
1476 */
1477BOOL
1478WINAPI
1479SetFileSecurityA(LPCSTR lpFileName,
1480 SECURITY_INFORMATION SecurityInformation,
1481 PSECURITY_DESCRIPTOR pSecurityDescriptor)
1482{
1483 UNICODE_STRING FileName;
1484 BOOL bResult;
1485
1486 if (!RtlCreateUnicodeStringFromAsciiz(&FileName, lpFileName))
1487 {
1488 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
1489 return FALSE;
1490 }
1491
1492 bResult = SetFileSecurityW(FileName.Buffer,
1493 SecurityInformation,
1494 pSecurityDescriptor);
1495
1496 RtlFreeUnicodeString(&FileName);
1497
1498 return bResult;
1499}
1500
1501/******************************************************************************
1502 * SetFileSecurityW [ADVAPI32.@]
1503 * Sets the security of a file or directory
1504 *
1505 * @implemented
1506 */
1507BOOL
1508WINAPI
1509SetFileSecurityW(LPCWSTR lpFileName,
1510 SECURITY_INFORMATION SecurityInformation,
1511 PSECURITY_DESCRIPTOR pSecurityDescriptor)
1512{
1513 OBJECT_ATTRIBUTES ObjectAttributes;
1514 IO_STATUS_BLOCK StatusBlock;
1515 UNICODE_STRING FileName;
1516 ULONG AccessMask = 0;
1517 HANDLE FileHandle;
1518 NTSTATUS Status;
1519
1520 TRACE("SetFileSecurityW() called\n");
1521
1522 SetSecurityAccessMask(SecurityInformation, &AccessMask);
1523
1524 if (!RtlDosPathNameToNtPathName_U(lpFileName,
1525 &FileName,
1526 NULL,
1527 NULL))
1528 {
1529 ERR("Invalid path\n");
1530 SetLastError(ERROR_INVALID_NAME);
1531 return FALSE;
1532 }
1533
1534 InitializeObjectAttributes(&ObjectAttributes,
1535 &FileName,
1536 OBJ_CASE_INSENSITIVE,
1537 NULL,
1538 NULL);
1539
1540 Status = NtOpenFile(&FileHandle,
1541 AccessMask,
1542 &ObjectAttributes,
1543 &StatusBlock,
1544 FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
1545 0);
1546
1547 RtlFreeHeap(RtlGetProcessHeap(),
1548 0,
1549 FileName.Buffer);
1550
1551 if (!NT_SUCCESS(Status))
1552 {
1553 ERR("NtOpenFile() failed (Status %lx)\n", Status);
1554 SetLastError(RtlNtStatusToDosError(Status));
1555 return FALSE;
1556 }
1557
1558 Status = NtSetSecurityObject(FileHandle,
1559 SecurityInformation,
1560 pSecurityDescriptor);
1561 NtClose(FileHandle);
1562
1563 if (!NT_SUCCESS(Status))
1564 {
1565 ERR("NtSetSecurityObject() failed (Status %lx)\n", Status);
1566 SetLastError(RtlNtStatusToDosError(Status));
1567 return FALSE;
1568 }
1569
1570 return TRUE;
1571}
1572
1573/******************************************************************************
1574 * QueryWindows31FilesMigration [ADVAPI32.@]
1575 *
1576 * PARAMS
1577 * x1 []
1578 */
1579BOOL WINAPI
1580QueryWindows31FilesMigration( DWORD x1 )
1581{
1582 FIXME("(%d):stub\n",x1);
1583 return TRUE;
1584}
1585
1586/******************************************************************************
1587 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
1588 *
1589 * PARAMS
1590 * x1 []
1591 * x2 []
1592 * x3 []
1593 * x4 []
1594 */
1595BOOL WINAPI
1596SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
1597 DWORD x4 )
1598{
1599 FIXME("(0x%08x,0x%08x,0x%08x,0x%08x):stub\n",x1,x2,x3,x4);
1600 return TRUE;
1601}
1602
1603/*
1604 * @implemented
1605 */
1606BOOL
1607WINAPI
1608RevertToSelf(VOID)
1609{
1610 NTSTATUS Status;
1611 HANDLE Token = NULL;
1612
1613 Status = NtSetInformationThread(NtCurrentThread(),
1614 ThreadImpersonationToken,
1615 &Token,
1616 sizeof(HANDLE));
1617 if (!NT_SUCCESS(Status))
1618 {
1619 SetLastError(RtlNtStatusToDosError(Status));
1620 return FALSE;
1621 }
1622
1623 return TRUE;
1624}
1625
1626/*
1627 * @implemented
1628 */
1629BOOL
1630WINAPI
1631ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1632{
1633 NTSTATUS Status;
1634
1635 Status = RtlImpersonateSelf(ImpersonationLevel);
1636 if (!NT_SUCCESS(Status))
1637 {
1638 SetLastError(RtlNtStatusToDosError(Status));
1639 return FALSE;
1640 }
1641
1642 return TRUE;
1643}
1644
1645/*
1646 * @implemented
1647 */
1648BOOL
1649WINAPI
1650AccessCheck(IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
1651 IN HANDLE ClientToken,
1652 IN DWORD DesiredAccess,
1653 IN PGENERIC_MAPPING GenericMapping,
1654 OUT PPRIVILEGE_SET PrivilegeSet OPTIONAL,
1655 IN OUT LPDWORD PrivilegeSetLength,
1656 OUT LPDWORD GrantedAccess,
1657 OUT LPBOOL AccessStatus)
1658{
1659 NTSTATUS Status;
1660 NTSTATUS NtAccessStatus;
1661
1662 /* Do the access check */
1663 Status = NtAccessCheck(pSecurityDescriptor,
1664 ClientToken,
1665 DesiredAccess,
1666 GenericMapping,
1667 PrivilegeSet,
1668 (PULONG)PrivilegeSetLength,
1669 (PACCESS_MASK)GrantedAccess,
1670 &NtAccessStatus);
1671
1672 /* See if the access check operation succeeded */
1673 if (!NT_SUCCESS(Status))
1674 {
1675 /* Check failed */
1676 SetLastError(RtlNtStatusToDosError(Status));
1677 return FALSE;
1678 }
1679
1680 /* Now check the access status */
1681 if (!NT_SUCCESS(NtAccessStatus))
1682 {
1683 /* Access denied */
1684 SetLastError(RtlNtStatusToDosError(NtAccessStatus));
1685 *AccessStatus = FALSE;
1686 }
1687 else
1688 {
1689 /* Access granted */
1690 *AccessStatus = TRUE;
1691 }
1692
1693 /* Check succeeded */
1694 return TRUE;
1695}
1696
1765BOOL
1766WINAPI
1767AccessCheckByType(
1768 _In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
1769 _In_opt_ PSID PrincipalSelfSid,
1770 _In_ HANDLE ClientToken,
1771 _In_ DWORD DesiredAccess,
1772 _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
1773 _In_ DWORD ObjectTypeListLength,
1774 _In_ PGENERIC_MAPPING GenericMapping,
1775 _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet,
1776 _Inout_ LPDWORD PrivilegeSetLength,
1777 _Out_ LPDWORD GrantedAccess,
1778 _Out_ LPBOOL AccessStatus)
1779{
1780 NTSTATUS Status;
1781 NTSTATUS NtAccessStatus;
1782
1783 Status = NtAccessCheckByType(pSecurityDescriptor,
1784 PrincipalSelfSid,
1785 ClientToken,
1786 DesiredAccess,
1787 ObjectTypeList,
1788 ObjectTypeListLength,
1789 GenericMapping,
1790 PrivilegeSet,
1791 PrivilegeSetLength,
1792 (PACCESS_MASK)GrantedAccess,
1793 &NtAccessStatus);
1794 if (!NT_SUCCESS(Status))
1795 {
1796 SetLastError(RtlNtStatusToDosError(Status));
1797 return FALSE;
1798 }
1799
1800 if (!NT_SUCCESS(NtAccessStatus))
1801 {
1802 SetLastError(RtlNtStatusToDosError(NtAccessStatus));
1803 *AccessStatus = FALSE;
1804 }
1805 else
1806 {
1807 *AccessStatus = TRUE;
1808 }
1809
1810 return TRUE;
1811}
1812
1879BOOL
1880WINAPI
1881AccessCheckByTypeResultList(
1882 _In_ PSECURITY_DESCRIPTOR pSecurityDescriptor,
1883 _In_opt_ PSID PrincipalSelfSid,
1884 _In_ HANDLE ClientToken,
1885 _In_ DWORD DesiredAccess,
1886 _In_reads_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList,
1887 _In_ DWORD ObjectTypeListLength,
1888 _In_ PGENERIC_MAPPING GenericMapping,
1889 _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet,
1890 _Inout_ LPDWORD PrivilegeSetLength,
1891 _Out_writes_(ObjectTypeListLength) LPDWORD GrantedAccess,
1892 _Out_writes_(ObjectTypeListLength) LPBOOL AccessStatus)
1893{
1894 NTSTATUS Status;
1895 DWORD ResultListIndex;
1896 PNTSTATUS NtAccessStatus = NULL;
1897
1898 Status = NtAccessCheckByTypeResultList(pSecurityDescriptor,
1899 PrincipalSelfSid,
1900 ClientToken,
1901 DesiredAccess,
1902 ObjectTypeList,
1903 ObjectTypeListLength,
1904 GenericMapping,
1905 PrivilegeSet,
1906 PrivilegeSetLength,
1907 (PACCESS_MASK)GrantedAccess,
1908 NtAccessStatus);
1909 if (!NT_SUCCESS(Status))
1910 {
1911 SetLastError(RtlNtStatusToDosError(Status));
1912 return FALSE;
1913 }
1914
1915 for (ResultListIndex = 0; ResultListIndex < ObjectTypeListLength; ResultListIndex++)
1916 {
1917 AccessStatus[ResultListIndex] = RtlNtStatusToDosError(NtAccessStatus[ResultListIndex]);
1918 }
1919
1920 return TRUE;
1921}
1922
1923/*
1924 * @implemented
1925 */
1926BOOL
1927WINAPI
1928SetKernelObjectSecurity(HANDLE Handle,
1929 SECURITY_INFORMATION SecurityInformation,
1930 PSECURITY_DESCRIPTOR SecurityDescriptor)
1931{
1932 NTSTATUS Status;
1933
1934 Status = NtSetSecurityObject(Handle,
1935 SecurityInformation,
1936 SecurityDescriptor);
1937 if (!NT_SUCCESS(Status))
1938 {
1939 SetLastError(RtlNtStatusToDosError(Status));
1940 return FALSE;
1941 }
1942
1943 return TRUE;
1944}
1945
1946/*
1947 * @implemented
1948 */
1949BOOL
1950WINAPI
1951AddAuditAccessAce(PACL pAcl,
1952 DWORD dwAceRevision,
1953 DWORD dwAccessMask,
1954 PSID pSid,
1955 BOOL bAuditSuccess,
1956 BOOL bAuditFailure)
1957{
1958 NTSTATUS Status;
1959
1960 Status = RtlAddAuditAccessAce(pAcl,
1961 dwAceRevision,
1962 dwAccessMask,
1963 pSid,
1964 bAuditSuccess,
1965 bAuditFailure);
1966 if (!NT_SUCCESS(Status))
1967 {
1968 SetLastError(RtlNtStatusToDosError(Status));
1969 return FALSE;
1970 }
1971
1972 return TRUE;
1973}
1974
1975/*
1976 * @implemented
1977 */
1978BOOL WINAPI
1979AddAuditAccessAceEx(PACL pAcl,
1980 DWORD dwAceRevision,
1981 DWORD AceFlags,
1982 DWORD dwAccessMask,
1983 PSID pSid,
1984 BOOL bAuditSuccess,
1985 BOOL bAuditFailure)
1986{
1987 NTSTATUS Status;
1988
1989 Status = RtlAddAuditAccessAceEx(pAcl,
1990 dwAceRevision,
1991 AceFlags,
1992 dwAccessMask,
1993 pSid,
1994 bAuditSuccess,
1995 bAuditFailure);
1996 if (!NT_SUCCESS(Status))
1997 {
1998 SetLastError(RtlNtStatusToDosError(Status));
1999 return FALSE;
2000 }
2001
2002 return TRUE;
2003}
2004
2005/******************************************************************************
2006 * LookupAccountNameA [ADVAPI32.@]
2007 *
2008 * @implemented
2009 */
2010BOOL
2011WINAPI
2012LookupAccountNameA(LPCSTR SystemName,
2013 LPCSTR AccountName,
2014 PSID Sid,
2015 LPDWORD SidLength,
2016 LPSTR ReferencedDomainName,
2017 LPDWORD hReferencedDomainNameLength,
2018 PSID_NAME_USE SidNameUse)
2019{
2020 BOOL ret;
2021 UNICODE_STRING lpSystemW;
2022 UNICODE_STRING lpAccountW;
2023 LPWSTR lpReferencedDomainNameW = NULL;
2024
2025 RtlCreateUnicodeStringFromAsciiz(&lpSystemW, SystemName);
2026 RtlCreateUnicodeStringFromAsciiz(&lpAccountW, AccountName);
2027
2028 if (ReferencedDomainName)
2029 lpReferencedDomainNameW = HeapAlloc(GetProcessHeap(),
2030 0,
2031 *hReferencedDomainNameLength * sizeof(WCHAR));
2032
2033 ret = LookupAccountNameW(lpSystemW.Buffer,
2034 lpAccountW.Buffer,
2035 Sid,
2036 SidLength,
2037 lpReferencedDomainNameW,
2038 hReferencedDomainNameLength,
2039 SidNameUse);
2040
2041 if (ret && lpReferencedDomainNameW)
2042 {
2043 WideCharToMultiByte(CP_ACP,
2044 0,
2045 lpReferencedDomainNameW,
2046 *hReferencedDomainNameLength + 1,
2047 ReferencedDomainName,
2048 *hReferencedDomainNameLength + 1,
2049 NULL,
2050 NULL);
2051 }
2052
2053 RtlFreeUnicodeString(&lpSystemW);
2054 RtlFreeUnicodeString(&lpAccountW);
2055 HeapFree(GetProcessHeap(), 0, lpReferencedDomainNameW);
2056
2057 return ret;
2058}
2059
2060/**********************************************************************
2061 * PrivilegeCheck EXPORTED
2062 *
2063 * @implemented
2064 */
2065BOOL WINAPI
2066PrivilegeCheck(HANDLE ClientToken,
2067 PPRIVILEGE_SET RequiredPrivileges,
2068 LPBOOL pfResult)
2069{
2070 BOOLEAN Result;
2071 NTSTATUS Status;
2072
2073 Status = NtPrivilegeCheck(ClientToken,
2074 RequiredPrivileges,
2075 &Result);
2076 if (!NT_SUCCESS(Status))
2077 {
2078 SetLastError(RtlNtStatusToDosError(Status));
2079 return FALSE;
2080 }
2081
2082 *pfResult = (BOOL)Result;
2083
2084 return TRUE;
2085}
2086
2087/******************************************************************************
2088 * GetSecurityInfoExW EXPORTED
2089 */
2090DWORD
2091WINAPI
2092GetSecurityInfoExA(HANDLE hObject,
2093 SE_OBJECT_TYPE ObjectType,
2094 SECURITY_INFORMATION SecurityInfo,
2095 LPCSTR lpProvider,
2096 LPCSTR lpProperty,
2097 PACTRL_ACCESSA *ppAccessList,
2098 PACTRL_AUDITA *ppAuditList,
2099 LPSTR *lppOwner,
2100 LPSTR *lppGroup)
2101{
2102 FIXME("%s() not implemented!\n", __FUNCTION__);
2103 return ERROR_BAD_PROVIDER;
2104}
2105
2106
2107/******************************************************************************
2108 * GetSecurityInfoExW EXPORTED
2109 */
2110DWORD
2111WINAPI
2112GetSecurityInfoExW(HANDLE hObject,
2113 SE_OBJECT_TYPE ObjectType,
2114 SECURITY_INFORMATION SecurityInfo,
2115 LPCWSTR lpProvider,
2116 LPCWSTR lpProperty,
2117 PACTRL_ACCESSW *ppAccessList,
2118 PACTRL_AUDITW *ppAuditList,
2119 LPWSTR *lppOwner,
2120 LPWSTR *lppGroup)
2121{
2122 FIXME("%s() not implemented!\n", __FUNCTION__);
2123 return ERROR_BAD_PROVIDER;
2124}
2125
2126/******************************************************************************
2127 * BuildExplicitAccessWithNameA [ADVAPI32.@]
2128 */
2129VOID WINAPI
2130BuildExplicitAccessWithNameA(PEXPLICIT_ACCESSA pExplicitAccess,
2131 LPSTR pTrusteeName,
2132 DWORD AccessPermissions,
2133 ACCESS_MODE AccessMode,
2134 DWORD Inheritance)
2135{
2136 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2137 pExplicitAccess->grfAccessMode = AccessMode;
2138 pExplicitAccess->grfInheritance = Inheritance;
2139
2140 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2141 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2142 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2143 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2144 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2145}
2146
2147
2148/******************************************************************************
2149 * BuildExplicitAccessWithNameW [ADVAPI32.@]
2150 */
2151VOID WINAPI
2152BuildExplicitAccessWithNameW(PEXPLICIT_ACCESSW pExplicitAccess,
2153 LPWSTR pTrusteeName,
2154 DWORD AccessPermissions,
2155 ACCESS_MODE AccessMode,
2156 DWORD Inheritance)
2157{
2158 pExplicitAccess->grfAccessPermissions = AccessPermissions;
2159 pExplicitAccess->grfAccessMode = AccessMode;
2160 pExplicitAccess->grfInheritance = Inheritance;
2161
2162 pExplicitAccess->Trustee.pMultipleTrustee = NULL;
2163 pExplicitAccess->Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2164 pExplicitAccess->Trustee.TrusteeForm = TRUSTEE_IS_NAME;
2165 pExplicitAccess->Trustee.TrusteeType = TRUSTEE_IS_UNKNOWN;
2166 pExplicitAccess->Trustee.ptstrName = pTrusteeName;
2167}
2168
2169/******************************************************************************
2170 * BuildTrusteeWithObjectsAndNameA [ADVAPI32.@]
2171 */
2172VOID WINAPI BuildTrusteeWithObjectsAndNameA( PTRUSTEEA pTrustee, POBJECTS_AND_NAME_A pObjName,
2173 SE_OBJECT_TYPE ObjectType, LPSTR ObjectTypeName,
2174 LPSTR InheritedObjectTypeName, LPSTR Name )
2175{
2176 DWORD ObjectsPresent = 0;
2177
2178 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2179 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_a(Name));
2180
2181 /* Fill the OBJECTS_AND_NAME structure */
2182 pObjName->ObjectType = ObjectType;
2183 if (ObjectTypeName != NULL)
2184 {
2185 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2186 }
2187
2188 pObjName->InheritedObjectTypeName = InheritedObjectTypeName;
2189 if (InheritedObjectTypeName != NULL)
2190 {
2191 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2192 }
2193
2194 pObjName->ObjectsPresent = ObjectsPresent;
2195 pObjName->ptstrName = Name;
2196
2197 /* Fill the TRUSTEE structure */
2198 pTrustee->pMultipleTrustee = NULL;
2199 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2200 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2201 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2202 pTrustee->ptstrName = (LPSTR)pObjName;
2203}
2204
2205/******************************************************************************
2206 * BuildTrusteeWithObjectsAndNameW [ADVAPI32.@]
2207 */
2208VOID WINAPI BuildTrusteeWithObjectsAndNameW( PTRUSTEEW pTrustee, POBJECTS_AND_NAME_W pObjName,
2209 SE_OBJECT_TYPE ObjectType, LPWSTR ObjectTypeName,
2210 LPWSTR InheritedObjectTypeName, LPWSTR Name )
2211{
2212 DWORD ObjectsPresent = 0;
2213
2214 TRACE("%p %p 0x%08x %p %p %s\n", pTrustee, pObjName,
2215 ObjectType, ObjectTypeName, InheritedObjectTypeName, debugstr_w(Name));
2216
2217 /* Fill the OBJECTS_AND_NAME structure */
2218 pObjName->ObjectType = ObjectType;
2219 if (ObjectTypeName != NULL)
2220 {
2221 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2222 }
2223
2224 pObjName->InheritedObjectTypeName = InheritedObjectTypeName;
2225 if (InheritedObjectTypeName != NULL)
2226 {
2227 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2228 }
2229
2230 pObjName->ObjectsPresent = ObjectsPresent;
2231 pObjName->ptstrName = Name;
2232
2233 /* Fill the TRUSTEE structure */
2234 pTrustee->pMultipleTrustee = NULL;
2235 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2236 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_NAME;
2237 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2238 pTrustee->ptstrName = (LPWSTR)pObjName;
2239}
2240
2241/******************************************************************************
2242 * BuildTrusteeWithObjectsAndSidA [ADVAPI32.@]
2243 */
2244VOID WINAPI
2245BuildTrusteeWithObjectsAndSidA(PTRUSTEEA pTrustee,
2246 POBJECTS_AND_SID pObjSid,
2247 GUID *pObjectGuid,
2248 GUID *pInheritedObjectGuid,
2249 PSID pSid)
2250{
2251 DWORD ObjectsPresent = 0;
2252
2253 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2254
2255 /* Fill the OBJECTS_AND_SID structure */
2256 if (pObjectGuid != NULL)
2257 {
2258 pObjSid->ObjectTypeGuid = *pObjectGuid;
2259 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2260 }
2261 else
2262 {
2263 ZeroMemory(&pObjSid->ObjectTypeGuid,
2264 sizeof(GUID));
2265 }
2266
2267 if (pInheritedObjectGuid != NULL)
2268 {
2269 pObjSid->InheritedObjectTypeGuid = *pInheritedObjectGuid;
2270 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2271 }
2272 else
2273 {
2274 ZeroMemory(&pObjSid->InheritedObjectTypeGuid,
2275 sizeof(GUID));
2276 }
2277
2278 pObjSid->ObjectsPresent = ObjectsPresent;
2279 pObjSid->pSid = pSid;
2280
2281 /* Fill the TRUSTEE structure */
2282 pTrustee->pMultipleTrustee = NULL;
2283 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2284 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2285 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2286 pTrustee->ptstrName = (LPSTR) pObjSid;
2287}
2288
2289
2290/******************************************************************************
2291 * BuildTrusteeWithObjectsAndSidW [ADVAPI32.@]
2292 */
2293VOID WINAPI
2294BuildTrusteeWithObjectsAndSidW(PTRUSTEEW pTrustee,
2295 POBJECTS_AND_SID pObjSid,
2296 GUID *pObjectGuid,
2297 GUID *pInheritedObjectGuid,
2298 PSID pSid)
2299{
2300 DWORD ObjectsPresent = 0;
2301
2302 TRACE("%p %p %p %p %p\n", pTrustee, pObjSid, pObjectGuid, pInheritedObjectGuid, pSid);
2303
2304 /* Fill the OBJECTS_AND_SID structure */
2305 if (pObjectGuid != NULL)
2306 {
2307 pObjSid->ObjectTypeGuid = *pObjectGuid;
2308 ObjectsPresent |= ACE_OBJECT_TYPE_PRESENT;
2309 }
2310 else
2311 {
2312 ZeroMemory(&pObjSid->ObjectTypeGuid,
2313 sizeof(GUID));
2314 }
2315
2316 if (pInheritedObjectGuid != NULL)
2317 {
2318 pObjSid->InheritedObjectTypeGuid = *pInheritedObjectGuid;
2319 ObjectsPresent |= ACE_INHERITED_OBJECT_TYPE_PRESENT;
2320 }
2321 else
2322 {
2323 ZeroMemory(&pObjSid->InheritedObjectTypeGuid,
2324 sizeof(GUID));
2325 }
2326
2327 pObjSid->ObjectsPresent = ObjectsPresent;
2328 pObjSid->pSid = pSid;
2329
2330 /* Fill the TRUSTEE structure */
2331 pTrustee->pMultipleTrustee = NULL;
2332 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2333 pTrustee->TrusteeForm = TRUSTEE_IS_OBJECTS_AND_SID;
2334 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2335 pTrustee->ptstrName = (LPWSTR) pObjSid;
2336}
2337
2338/******************************************************************************
2339 * BuildTrusteeWithSidA [ADVAPI32.@]
2340 */
2341VOID WINAPI
2342BuildTrusteeWithSidA(PTRUSTEE_A pTrustee,
2343 PSID pSid)
2344{
2345 TRACE("%p %p\n", pTrustee, pSid);
2346
2347 pTrustee->pMultipleTrustee = NULL;
2348 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2349 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2350 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2351 pTrustee->ptstrName = (LPSTR) pSid;
2352}
2353
2354
2355/******************************************************************************
2356 * BuildTrusteeWithSidW [ADVAPI32.@]
2357 */
2358VOID WINAPI
2359BuildTrusteeWithSidW(PTRUSTEE_W pTrustee,
2360 PSID pSid)
2361{
2362 TRACE("%p %p\n", pTrustee, pSid);
2363
2364 pTrustee->pMultipleTrustee = NULL;
2365 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2366 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
2367 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2368 pTrustee->ptstrName = (LPWSTR) pSid;
2369}
2370
2371/******************************************************************************
2372 * BuildTrusteeWithNameA [ADVAPI32.@]
2373 */
2374VOID WINAPI
2375BuildTrusteeWithNameA(PTRUSTEE_A pTrustee,
2376 LPSTR name)
2377{
2378 TRACE("%p %s\n", pTrustee, name);
2379
2380 pTrustee->pMultipleTrustee = NULL;
2381 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2382 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2383 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2384 pTrustee->ptstrName = name;
2385}
2386
2387/******************************************************************************
2388 * BuildTrusteeWithNameW [ADVAPI32.@]
2389 */
2390VOID WINAPI
2391BuildTrusteeWithNameW(PTRUSTEE_W pTrustee,
2392 LPWSTR name)
2393{
2394 TRACE("%p %s\n", pTrustee, name);
2395
2396 pTrustee->pMultipleTrustee = NULL;
2397 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
2398 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
2399 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
2400 pTrustee->ptstrName = name;
2401}
2402
2403/******************************************************************************
2404 * GetTrusteeFormA [ADVAPI32.@]
2405 */
2406TRUSTEE_FORM WINAPI GetTrusteeFormA(PTRUSTEEA pTrustee)
2407{
2408 TRACE("(%p)\n", pTrustee);
2409
2410 if (!pTrustee)
2411 return TRUSTEE_BAD_FORM;
2412
2413 return pTrustee->TrusteeForm;
2414}
2415
2416/******************************************************************************
2417 * GetTrusteeFormW [ADVAPI32.@]
2418 */
2419TRUSTEE_FORM WINAPI GetTrusteeFormW(PTRUSTEEW pTrustee)
2420{
2421 TRACE("(%p)\n", pTrustee);
2422
2423 if (!pTrustee)
2424 return TRUSTEE_BAD_FORM;
2425
2426 return pTrustee->TrusteeForm;
2427}
2428
2429/******************************************************************************
2430 * GetTrusteeNameA [ADVAPI32.@]
2431 */
2432LPSTR WINAPI
2433GetTrusteeNameA(PTRUSTEE_A pTrustee)
2434{
2435 return pTrustee->ptstrName;
2436}
2437
2438
2439/******************************************************************************
2440 * GetTrusteeNameW [ADVAPI32.@]
2441 */
2442LPWSTR WINAPI
2443GetTrusteeNameW(PTRUSTEE_W pTrustee)
2444{
2445 return pTrustee->ptstrName;
2446}
2447
2448/******************************************************************************
2449 * GetTrusteeTypeA [ADVAPI32.@]
2450 */
2451TRUSTEE_TYPE WINAPI
2452GetTrusteeTypeA(PTRUSTEE_A pTrustee)
2453{
2454 return pTrustee->TrusteeType;
2455}
2456
2457/******************************************************************************
2458 * GetTrusteeTypeW [ADVAPI32.@]
2459 */
2460TRUSTEE_TYPE WINAPI
2461GetTrusteeTypeW(PTRUSTEE_W pTrustee)
2462{
2463 return pTrustee->TrusteeType;
2464}
2465
2466/*
2467 * @implemented
2468 */
2469BOOL
2470WINAPI
2471SetAclInformation(PACL pAcl,
2472 LPVOID pAclInformation,
2473 DWORD nAclInformationLength,
2474 ACL_INFORMATION_CLASS dwAclInformationClass)
2475{
2476 NTSTATUS Status;
2477
2478 Status = RtlSetInformationAcl(pAcl,
2479 pAclInformation,
2480 nAclInformationLength,
2481 dwAclInformationClass);
2482 if (!NT_SUCCESS(Status))
2483 {
2484 SetLastError(RtlNtStatusToDosError(Status));
2485 return FALSE;
2486 }
2487
2488 return TRUE;
2489}
2490
2491/**********************************************************************
2492 * SetNamedSecurityInfoA EXPORTED
2493 *
2494 * @implemented
2495 */
2496DWORD
2497WINAPI
2498SetNamedSecurityInfoA(LPSTR pObjectName,
2499 SE_OBJECT_TYPE ObjectType,
2500 SECURITY_INFORMATION SecurityInfo,
2501 PSID psidOwner,
2502 PSID psidGroup,
2503 PACL pDacl,
2504 PACL pSacl)
2505{
2506 UNICODE_STRING ObjectName;
2507 DWORD Ret;
2508
2509 if (!RtlCreateUnicodeStringFromAsciiz(&ObjectName, pObjectName))
2510 {
2511 return ERROR_NOT_ENOUGH_MEMORY;
2512 }
2513
2514 Ret = SetNamedSecurityInfoW(ObjectName.Buffer,
2515 ObjectType,
2516 SecurityInfo,
2517 psidOwner,
2518 psidGroup,
2519 pDacl,
2520 pSacl);
2521
2522 RtlFreeUnicodeString(&ObjectName);
2523
2524 return Ret;
2525}
2526
2527/*
2528 * @implemented
2529 */
2530BOOL
2531WINAPI
2532AreAllAccessesGranted(DWORD GrantedAccess,
2533 DWORD DesiredAccess)
2534{
2535 return (BOOL)RtlAreAllAccessesGranted(GrantedAccess,
2536 DesiredAccess);
2537}
2538
2539/*
2540 * @implemented
2541 */
2542BOOL
2543WINAPI
2544AreAnyAccessesGranted(DWORD GrantedAccess,
2545 DWORD DesiredAccess)
2546{
2547 return (BOOL)RtlAreAnyAccessesGranted(GrantedAccess,
2548 DesiredAccess);
2549}
2550
2551/******************************************************************************
2552 * ParseAclStringFlags
2553 */
2554static DWORD ParseAclStringFlags(LPCWSTR* StringAcl)
2555{
2556 DWORD flags = 0;
2557 LPCWSTR szAcl = *StringAcl;
2558
2559 while (*szAcl && *szAcl != '(')
2560 {
2561 if (*szAcl == 'P')
2562 {
2563 flags |= SE_DACL_PROTECTED;
2564 }
2565 else if (*szAcl == 'A')
2566 {
2567 szAcl++;
2568 if (*szAcl == 'R')
2569 flags |= SE_DACL_AUTO_INHERIT_REQ;
2570 else if (*szAcl == 'I')
2571 flags |= SE_DACL_AUTO_INHERITED;
2572 }
2573 szAcl++;
2574 }
2575
2576 *StringAcl = szAcl;
2577 return flags;
2578}
2579
2580/******************************************************************************
2581 * ParseAceStringType
2582 */
2583static const ACEFLAG AceType[] =
2584{
2585 { SDDL_ALARM, SYSTEM_ALARM_ACE_TYPE },
2586 { SDDL_AUDIT, SYSTEM_AUDIT_ACE_TYPE },
2587 { SDDL_ACCESS_ALLOWED, ACCESS_ALLOWED_ACE_TYPE },
2588 { SDDL_ACCESS_DENIED, ACCESS_DENIED_ACE_TYPE },
2589 { SDDL_MANDATORY_LABEL,SYSTEM_MANDATORY_LABEL_ACE_TYPE },
2590 /*
2591 { SDDL_OBJECT_ACCESS_ALLOWED, ACCESS_ALLOWED_OBJECT_ACE_TYPE },
2592 { SDDL_OBJECT_ACCESS_DENIED, ACCESS_DENIED_OBJECT_ACE_TYPE },
2593 { SDDL_OBJECT_ALARM, SYSTEM_ALARM_OBJECT_ACE_TYPE },
2594 { SDDL_OBJECT_AUDIT, SYSTEM_AUDIT_OBJECT_ACE_TYPE },
2595 */
2596 { NULL, 0 },
2597};
2598
2599static BYTE ParseAceStringType(LPCWSTR* StringAcl)
2600{
2601 UINT len = 0;
2602 LPCWSTR szAcl = *StringAcl;
2603 const ACEFLAG *lpaf = AceType;
2604
2605 while (*szAcl == ' ')
2606 szAcl++;
2607
2608 while (lpaf->wstr &&
2609 (len = strlenW(lpaf->wstr)) &&
2610 strncmpW(lpaf->wstr, szAcl, len))
2611 lpaf++;
2612
2613 if (!lpaf->wstr)
2614 return 0;
2615
2616 *StringAcl = szAcl + len;
2617 return lpaf->value;
2618}
2619
2620
2621/******************************************************************************
2622 * ParseAceStringFlags
2623 */
2624static const ACEFLAG AceFlags[] =
2625{
2626 { SDDL_CONTAINER_INHERIT, CONTAINER_INHERIT_ACE },
2627 { SDDL_AUDIT_FAILURE, FAILED_ACCESS_ACE_FLAG },
2628 { SDDL_INHERITED, INHERITED_ACE },
2629 { SDDL_INHERIT_ONLY, INHERIT_ONLY_ACE },
2630 { SDDL_NO_PROPAGATE, NO_PROPAGATE_INHERIT_ACE },
2631 { SDDL_OBJECT_INHERIT, OBJECT_INHERIT_ACE },
2632 { SDDL_AUDIT_SUCCESS, SUCCESSFUL_ACCESS_ACE_FLAG },
2633 { NULL, 0 },
2634};
2635
2636static BYTE ParseAceStringFlags(LPCWSTR* StringAcl)
2637{
2638 UINT len = 0;
2639 BYTE flags = 0;
2640 LPCWSTR szAcl = *StringAcl;
2641
2642 while (*szAcl == ' ')
2643 szAcl++;
2644
2645 while (*szAcl != ';')
2646 {
2647 const ACEFLAG *lpaf = AceFlags;
2648
2649 while (lpaf->wstr &&
2650 (len = strlenW(lpaf->wstr)) &&
2651 strncmpW(lpaf->wstr, szAcl, len))
2652 lpaf++;
2653
2654 if (!lpaf->wstr)
2655 return 0;
2656
2657 flags |= lpaf->value;
2658 szAcl += len;
2659 }
2660
2661 *StringAcl = szAcl;
2662 return flags;
2663}
2664
2665
2666/******************************************************************************
2667 * ParseAceStringRights
2668 */
2669static const ACEFLAG AceRights[] =
2670{
2671 { SDDL_GENERIC_ALL, GENERIC_ALL },
2672 { SDDL_GENERIC_READ, GENERIC_READ },
2673 { SDDL_GENERIC_WRITE, GENERIC_WRITE },
2674 { SDDL_GENERIC_EXECUTE, GENERIC_EXECUTE },
2675
2676 { SDDL_READ_CONTROL, READ_CONTROL },
2677 { SDDL_STANDARD_DELETE, DELETE },
2678 { SDDL_WRITE_DAC, WRITE_DAC },
2679 { SDDL_WRITE_OWNER, WRITE_OWNER },
2680
2681 { SDDL_READ_PROPERTY, ADS_RIGHT_DS_READ_PROP},
2682 { SDDL_WRITE_PROPERTY, ADS_RIGHT_DS_WRITE_PROP},
2683 { SDDL_CREATE_CHILD, ADS_RIGHT_DS_CREATE_CHILD},
2684 { SDDL_DELETE_CHILD, ADS_RIGHT_DS_DELETE_CHILD},
2685 { SDDL_LIST_CHILDREN, ADS_RIGHT_ACTRL_DS_LIST},
2686 { SDDL_SELF_WRITE, ADS_RIGHT_DS_SELF},
2687 { SDDL_LIST_OBJECT, ADS_RIGHT_DS_LIST_OBJECT},
2688 { SDDL_DELETE_TREE, ADS_RIGHT_DS_DELETE_TREE},
2689 { SDDL_CONTROL_ACCESS, ADS_RIGHT_DS_CONTROL_ACCESS},
2690
2691 { SDDL_FILE_ALL, FILE_ALL_ACCESS },
2692 { SDDL_FILE_READ, FILE_GENERIC_READ },
2693 { SDDL_FILE_WRITE, FILE_GENERIC_WRITE },
2694 { SDDL_FILE_EXECUTE, FILE_GENERIC_EXECUTE },
2695
2696 { SDDL_KEY_ALL, KEY_ALL_ACCESS },
2697 { SDDL_KEY_READ, KEY_READ },
2698 { SDDL_KEY_WRITE, KEY_WRITE },
2699 { SDDL_KEY_EXECUTE, KEY_EXECUTE },
2700
2701 { SDDL_NO_READ_UP, SYSTEM_MANDATORY_LABEL_NO_READ_UP },
2702 { SDDL_NO_WRITE_UP, SYSTEM_MANDATORY_LABEL_NO_WRITE_UP },
2703 { SDDL_NO_EXECUTE_UP, SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP },
2704 { NULL, 0 },
2705};
2706
2707static DWORD ParseAceStringRights(LPCWSTR* StringAcl)
2708{
2709 UINT len = 0;
2710 DWORD rights = 0;
2711 LPCWSTR szAcl = *StringAcl;
2712
2713 while (*szAcl == ' ')
2714 szAcl++;
2715
2716 if ((*szAcl == '0') && (*(szAcl + 1) == 'x'))
2717 {
2718 LPCWSTR p = szAcl;
2719
2720 while (*p && *p != ';')
2721 p++;
2722
2723 if (p - szAcl <= 10 /* 8 hex digits + "0x" */ )
2724 {
2725 rights = strtoulW(szAcl, NULL, 16);
2726 szAcl = p;
2727 }
2728 else
2729 WARN("Invalid rights string format: %s\n", debugstr_wn(szAcl, p - szAcl));
2730 }
2731 else
2732 {
2733 while (*szAcl != ';')
2734 {
2735 const ACEFLAG *lpaf = AceRights;
2736
2737 while (lpaf->wstr &&
2738 (len = strlenW(lpaf->wstr)) &&
2739 strncmpW(lpaf->wstr, szAcl, len))
2740 {
2741 lpaf++;
2742 }
2743
2744 if (!lpaf->wstr)
2745 return 0;
2746
2747 rights |= lpaf->value;
2748 szAcl += len;
2749 }
2750 }
2751
2752 *StringAcl = szAcl;
2753 return rights;
2754}
2755
2756
2757/******************************************************************************
2758 * ParseStringAclToAcl
2759 *
2760 * dacl_flags(string_ace1)(string_ace2)... (string_acen)
2761 */
2762static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
2763 PACL pAcl, LPDWORD cBytes)
2764{
2765 DWORD val;
2766 DWORD sidlen;
2767 DWORD length = sizeof(ACL);
2768 DWORD acesize = 0;
2769 DWORD acecount = 0;
2770 PACCESS_ALLOWED_ACE pAce = NULL; /* pointer to current ACE */
2771 DWORD error = ERROR_INVALID_ACL;
2772
2773 TRACE("%s\n", debugstr_w(StringAcl));
2774
2775 if (!StringAcl)
2776 return FALSE;
2777
2778 if (pAcl) /* pAce is only useful if we're setting values */
2779 pAce = (PACCESS_ALLOWED_ACE) (pAcl + 1);
2780
2781 /* Parse ACL flags */
2782 *lpdwFlags = ParseAclStringFlags(&StringAcl);
2783
2784 /* Parse ACE */
2785 while (*StringAcl == '(')
2786 {
2787 StringAcl++;
2788
2789 /* Parse ACE type */
2790 val = ParseAceStringType(&StringAcl);
2791 if (pAce)
2792 pAce->Header.AceType = (BYTE) val;
2793 if (*StringAcl != ';')
2794 {
2795 error = RPC_S_INVALID_STRING_UUID;
2796 goto lerr;
2797 }
2798 StringAcl++;
2799
2800 /* Parse ACE flags */
2801 val = ParseAceStringFlags(&StringAcl);
2802 if (pAce)
2803 pAce->Header.AceFlags = (BYTE) val;
2804 if (*StringAcl != ';')
2805 goto lerr;
2806 StringAcl++;
2807
2808 /* Parse ACE rights */
2809 val = ParseAceStringRights(&StringAcl);
2810 if (pAce)
2811 pAce->Mask = val;
2812 if (*StringAcl != ';')
2813 goto lerr;
2814 StringAcl++;
2815
2816 /* Parse ACE object guid */
2817 while (*StringAcl == ' ')
2818 StringAcl++;
2819 if (*StringAcl != ';')
2820 {
2821 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2822 goto lerr;
2823 }
2824 StringAcl++;
2825
2826 /* Parse ACE inherit object guid */
2827 while (*StringAcl == ' ')
2828 StringAcl++;
2829 if (*StringAcl != ';')
2830 {
2831 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
2832 goto lerr;
2833 }
2834 StringAcl++;
2835
2836 /* Parse ACE account sid */
2837 if (ParseStringSidToSid(StringAcl, pAce ? &pAce->SidStart : NULL, &sidlen))
2838 {
2839 while (*StringAcl && *StringAcl != ')')
2840 StringAcl++;
2841 }
2842
2843 if (*StringAcl != ')')
2844 goto lerr;
2845 StringAcl++;
2846
2847 acesize = sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + sidlen;
2848 length += acesize;
2849 if (pAce)
2850 {
2851 pAce->Header.AceSize = acesize;
2852 pAce = (PACCESS_ALLOWED_ACE)((LPBYTE)pAce + acesize);
2853 }
2854 acecount++;
2855 }
2856
2857 *cBytes = length;
2858
2859 if (length > 0xffff)
2860 {
2861 ERR("ACL too large\n");
2862 goto lerr;
2863 }
2864
2865 if (pAcl)
2866 {
2867 pAcl->AclRevision = ACL_REVISION;
2868 pAcl->Sbz1 = 0;
2869 pAcl->AclSize = length;
2870 pAcl->AceCount = acecount;
2871 pAcl->Sbz2 = 0;
2872 }
2873 return TRUE;
2874
2875lerr:
2876 SetLastError(error);
2877 WARN("Invalid ACE string format\n");
2878 return FALSE;
2879}
2880
2881/******************************************************************************
2882 * ParseStringSecurityDescriptorToSecurityDescriptor
2883 */
2884static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
2885 LPCWSTR StringSecurityDescriptor,
2886 SECURITY_DESCRIPTOR_RELATIVE* SecurityDescriptor,
2887 LPDWORD cBytes)
2888{
2889 BOOL bret = FALSE;
2890 WCHAR toktype;
2891 WCHAR *tok;
2892 LPCWSTR lptoken;
2893 LPBYTE lpNext = NULL;
2894 DWORD len;
2895
2896 *cBytes = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
2897
2898 tok = heap_alloc( (lstrlenW(StringSecurityDescriptor) + 1) * sizeof(WCHAR));
2899
2900 if (SecurityDescriptor)
2901 lpNext = (LPBYTE)(SecurityDescriptor + 1);
2902
2903 while (*StringSecurityDescriptor == ' ')
2904 StringSecurityDescriptor++;
2905
2906 while (*StringSecurityDescriptor)
2907 {
2908 toktype = *StringSecurityDescriptor;
2909
2910 /* Expect char identifier followed by ':' */
2911 StringSecurityDescriptor++;
2912 if (*StringSecurityDescriptor != ':')
2913 {
2914 SetLastError(ERROR_INVALID_PARAMETER);
2915 goto lend;
2916 }
2917 StringSecurityDescriptor++;
2918
2919 /* Extract token */
2920 lptoken = StringSecurityDescriptor;
2921 while (*lptoken && *lptoken != ':')
2922 lptoken++;
2923
2924 if (*lptoken)
2925 lptoken--;
2926
2927 len = lptoken - StringSecurityDescriptor;
2928 memcpy( tok, StringSecurityDescriptor, len * sizeof(WCHAR) );
2929 tok[len] = 0;
2930
2931 switch (toktype)
2932 {
2933 case 'O':
2934 {
2935 DWORD bytes;
2936
2937 if (!ParseStringSidToSid(tok, lpNext, &bytes))
2938 goto lend;
2939
2940 if (SecurityDescriptor)
2941 {
2942 SecurityDescriptor->Owner = lpNext - (LPBYTE)SecurityDescriptor;
2943 lpNext += bytes; /* Advance to next token */
2944 }
2945
2946 *cBytes += bytes;
2947
2948 break;
2949 }
2950
2951 case 'G':
2952 {
2953 DWORD bytes;
2954
2955 if (!ParseStringSidToSid(tok, lpNext, &bytes))
2956 goto lend;
2957
2958 if (SecurityDescriptor)
2959 {
2960 SecurityDescriptor->Group = lpNext - (LPBYTE)SecurityDescriptor;
2961 lpNext += bytes; /* Advance to next token */
2962 }
2963
2964 *cBytes += bytes;
2965
2966 break;
2967 }
2968
2969 case 'D':
2970 {
2971 DWORD flags;
2972 DWORD bytes;
2973
2974 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2975 goto lend;
2976
2977 if (SecurityDescriptor)
2978 {
2979 SecurityDescriptor->Control |= SE_DACL_PRESENT | flags;
2980 SecurityDescriptor->Dacl = lpNext - (LPBYTE)SecurityDescriptor;
2981 lpNext += bytes; /* Advance to next token */
2982 }
2983
2984 *cBytes += bytes;
2985
2986 break;
2987 }
2988
2989 case 'S':
2990 {
2991 DWORD flags;
2992 DWORD bytes;
2993
2994 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2995 goto lend;
2996
2997 if (SecurityDescriptor)
2998 {
2999 SecurityDescriptor->Control |= SE_SACL_PRESENT | flags;
3000 SecurityDescriptor->Sacl = lpNext - (LPBYTE)SecurityDescriptor;
3001 lpNext += bytes; /* Advance to next token */
3002 }
3003
3004 *cBytes += bytes;
3005
3006 break;
3007 }
3008
3009 default:
3010 FIXME("Unknown token\n");
3011 SetLastError(ERROR_INVALID_PARAMETER);
3012 goto lend;
3013 }
3014
3015 StringSecurityDescriptor = lptoken;
3016 }
3017
3018 bret = TRUE;
3019
3020lend:
3021 heap_free(tok);
3022 return bret;
3023}
3024
3025/* Winehq cvs 20050916 */
3026/******************************************************************************
3027 * ConvertStringSecurityDescriptorToSecurityDescriptorA [ADVAPI32.@]
3028 * @implemented
3029 */
3030BOOL
3031WINAPI
3032ConvertStringSecurityDescriptorToSecurityDescriptorA(LPCSTR StringSecurityDescriptor,
3033 DWORD StringSDRevision,
3034 PSECURITY_DESCRIPTOR* SecurityDescriptor,
3035 PULONG SecurityDescriptorSize)
3036{
3037 UINT len;
3038 BOOL ret = FALSE;
3039 LPWSTR StringSecurityDescriptorW;
3040
3041 len = MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, NULL, 0);
3042 StringSecurityDescriptorW = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
3043
3044 if (StringSecurityDescriptorW)
3045 {
3046 MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, StringSecurityDescriptorW, len);
3047
3048 ret = ConvertStringSecurityDescriptorToSecurityDescriptorW(StringSecurityDescriptorW,
3049 StringSDRevision, SecurityDescriptor,
3050 SecurityDescriptorSize);
3051 HeapFree(GetProcessHeap(), 0, StringSecurityDescriptorW);
3052 }
3053
3054 return ret;
3055}
3056
3057/******************************************************************************
3058 * ConvertStringSecurityDescriptorToSecurityDescriptorW [ADVAPI32.@]
3059 * @implemented
3060 */
3061BOOL WINAPI
3062ConvertStringSecurityDescriptorToSecurityDescriptorW(LPCWSTR StringSecurityDescriptor,
3063 DWORD StringSDRevision,
3064 PSECURITY_DESCRIPTOR* SecurityDescriptor,
3065 PULONG SecurityDescriptorSize)
3066{
3067 DWORD cBytes;
3068 SECURITY_DESCRIPTOR* psd;
3069 BOOL bret = FALSE;
3070
3071 TRACE("%s\n", debugstr_w(StringSecurityDescriptor));
3072
3073 if (GetVersion() & 0x80000000)
3074 {
3075 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
3076 goto lend;
3077 }
3078 else if (!StringSecurityDescriptor || !SecurityDescriptor)
3079 {
3080 SetLastError(ERROR_INVALID_PARAMETER);
3081 goto lend;
3082 }
3083 else if (StringSDRevision != SID_REVISION)
3084 {
3085 SetLastError(ERROR_UNKNOWN_REVISION);
3086 goto lend;
3087 }
3088
3089 /* Compute security descriptor length */
3090 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
3091 NULL, &cBytes))
3092 goto lend;
3093
3094 psd = *SecurityDescriptor = LocalAlloc(GMEM_ZEROINIT, cBytes);
3095 if (!psd) goto lend;
3096
3097 psd->Revision = SID_REVISION;
3098 psd->Control |= SE_SELF_RELATIVE;
3099
3100 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
3101 (SECURITY_DESCRIPTOR_RELATIVE *)psd, &cBytes))
3102 {
3103 LocalFree(psd);
3104 goto lend;
3105 }
3106
3107 if (SecurityDescriptorSize)
3108 *SecurityDescriptorSize = cBytes;
3109
3110 bret = TRUE;
3111
3112lend:
3113 TRACE(" ret=%d\n", bret);
3114 return bret;
3115}
3116
3117static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
3118{
3119 if (cch == -1)
3120 cch = strlenW(string);
3121
3122 if (plen)
3123 *plen += cch;
3124
3125 if (pwptr)
3126 {
3127 memcpy(*pwptr, string, sizeof(WCHAR)*cch);
3128 *pwptr += cch;
3129 }
3130}
3131
3132static BOOL DumpSidNumeric(PSID psid, WCHAR **pwptr, ULONG *plen)
3133{
3134 DWORD i;
3135 WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 };
3136 WCHAR subauthfmt[] = { '-','%','u',0 };
3137 WCHAR buf[26];
3138 SID *pisid = psid;
3139
3140 if( !IsValidSid( psid ) || pisid->Revision != SDDL_REVISION)
3141 {
3142 SetLastError(ERROR_INVALID_SID);
3143 return FALSE;
3144 }
3145
3146 if (pisid->IdentifierAuthority.Value[0] ||
3147 pisid->IdentifierAuthority.Value[1])
3148 {
3149 FIXME("not matching MS' bugs\n");
3150 SetLastError(ERROR_INVALID_SID);
3151 return FALSE;
3152 }
3153
3154 sprintfW( buf, fmt, pisid->Revision,
3155 MAKELONG(
3156 MAKEWORD( pisid->IdentifierAuthority.Value[5],
3157 pisid->IdentifierAuthority.Value[4] ),
3158 MAKEWORD( pisid->IdentifierAuthority.Value[3],
3159 pisid->IdentifierAuthority.Value[2] )
3160 ) );
3161 DumpString(buf, -1, pwptr, plen);
3162
3163 for( i=0; i<pisid->SubAuthorityCount; i++ )
3164 {
3165 sprintfW( buf, subauthfmt, pisid->SubAuthority[i] );
3166 DumpString(buf, -1, pwptr, plen);
3167 }
3168 return TRUE;
3169}
3170
3171static BOOL DumpSid(PSID psid, WCHAR **pwptr, ULONG *plen)
3172{
3173 size_t i;
3174 for (i = 0; i < sizeof(WellKnownSids) / sizeof(WellKnownSids[0]); i++)
3175 {
3176 if (WellKnownSids[i].wstr[0] && EqualSid(psid, (PSID)&(WellKnownSids[i].Sid.Revision)))
3177 {
3178 DumpString(WellKnownSids[i].wstr, 2, pwptr, plen);
3179 return TRUE;
3180 }
3181 }
3182
3183 return DumpSidNumeric(psid, pwptr, plen);
3184}
3185
3186static const LPCWSTR AceRightBitNames[32] = {
3187 SDDL_CREATE_CHILD, /* 0 */
3188 SDDL_DELETE_CHILD,
3189 SDDL_LIST_CHILDREN,
3190 SDDL_SELF_WRITE,
3191 SDDL_READ_PROPERTY, /* 4 */
3192 SDDL_WRITE_PROPERTY,
3193 SDDL_DELETE_TREE,
3194 SDDL_LIST_OBJECT,
3195 SDDL_CONTROL_ACCESS, /* 8 */
3196 NULL,
3197 NULL,
3198 NULL,
3199 NULL, /* 12 */
3200 NULL,
3201 NULL,
3202 NULL,
3203 SDDL_STANDARD_DELETE, /* 16 */
3204 SDDL_READ_CONTROL,
3205 SDDL_WRITE_DAC,
3206 SDDL_WRITE_OWNER,
3207 NULL, /* 20 */
3208 NULL,
3209 NULL,
3210 NULL,
3211 NULL, /* 24 */
3212 NULL,
3213 NULL,
3214 NULL,
3215 SDDL_GENERIC_ALL, /* 28 */
3216 SDDL_GENERIC_EXECUTE,
3217 SDDL_GENERIC_WRITE,
3218 SDDL_GENERIC_READ
3219};
3220
3221static void DumpRights(DWORD mask, WCHAR **pwptr, ULONG *plen)
3222{
3223 static const WCHAR fmtW[] = {'0','x','%','x',0};
3224 WCHAR buf[15];
3225 size_t i;
3226
3227 if (mask == 0)
3228 return;
3229
3230 /* first check if the right have name */
3231 for (i = 0; i < sizeof(AceRights)/sizeof(AceRights[0]); i++)
3232 {
3233 if (AceRights[i].wstr == NULL)
3234 break;
3235 if (mask == AceRights[i].value)
3236 {
3237 DumpString(AceRights[i].wstr, -1, pwptr, plen);
3238 return;
3239 }
3240 }
3241
3242 /* then check if it can be built from bit names */
3243 for (i = 0; i < 32; i++)
3244 {
3245 if ((mask & (1 << i)) && (AceRightBitNames[i] == NULL))
3246 {
3247 /* can't be built from bit names */
3248 sprintfW(buf, fmtW, mask);
3249 DumpString(buf, -1, pwptr, plen);
3250 return;
3251 }
3252 }
3253
3254 /* build from bit names */
3255 for (i = 0; i < 32; i++)
3256 if (mask & (1 << i))
3257 DumpString(AceRightBitNames[i], -1, pwptr, plen);
3258}
3259
3260static BOOL DumpAce(LPVOID pace, WCHAR **pwptr, ULONG *plen)
3261{
3262 ACCESS_ALLOWED_ACE *piace; /* all the supported ACEs have the same memory layout */
3263 static const WCHAR openbr = '(';
3264 static const WCHAR closebr = ')';
3265 static const WCHAR semicolon = ';';
3266
3267 if (((PACE_HEADER)pace)->AceType > SYSTEM_ALARM_ACE_TYPE || ((PACE_HEADER)pace)->AceSize < sizeof(ACCESS_ALLOWED_ACE))
3268 {
3269 SetLastError(ERROR_INVALID_ACL);
3270 return FALSE;
3271 }
3272
3273 piace = pace;
3274 DumpString(&openbr, 1, pwptr, plen);
3275 switch (piace->Header.AceType)
3276 {
3277 case ACCESS_ALLOWED_ACE_TYPE:
3278 DumpString(SDDL_ACCESS_ALLOWED, -1, pwptr, plen);
3279 break;
3280 case ACCESS_DENIED_ACE_TYPE:
3281 DumpString(SDDL_ACCESS_DENIED, -1, pwptr, plen);
3282 break;
3283 case SYSTEM_AUDIT_ACE_TYPE:
3284 DumpString(SDDL_AUDIT, -1, pwptr, plen);
3285 break;
3286 case SYSTEM_ALARM_ACE_TYPE:
3287 DumpString(SDDL_ALARM, -1, pwptr, plen);
3288 break;
3289 }
3290 DumpString(&semicolon, 1, pwptr, plen);
3291
3292 if (piace->Header.AceFlags & OBJECT_INHERIT_ACE)
3293 DumpString(SDDL_OBJECT_INHERIT, -1, pwptr, plen);
3294 if (piace->Header.AceFlags & CONTAINER_INHERIT_ACE)
3295 DumpString(SDDL_CONTAINER_INHERIT, -1, pwptr, plen);
3296 if (piace->Header.AceFlags & NO_PROPAGATE_INHERIT_ACE)
3297 DumpString(SDDL_NO_PROPAGATE, -1, pwptr, plen);
3298 if (piace->Header.AceFlags & INHERIT_ONLY_ACE)
3299 DumpString(SDDL_INHERIT_ONLY, -1, pwptr, plen);
3300 if (piace->Header.AceFlags & INHERITED_ACE)
3301 DumpString(SDDL_INHERITED, -1, pwptr, plen);
3302 if (piace->Header.AceFlags & SUCCESSFUL_ACCESS_ACE_FLAG)
3303 DumpString(SDDL_AUDIT_SUCCESS, -1, pwptr, plen);
3304 if (piace->Header.AceFlags & FAILED_ACCESS_ACE_FLAG)
3305 DumpString(SDDL_AUDIT_FAILURE, -1, pwptr, plen);
3306 DumpString(&semicolon, 1, pwptr, plen);
3307 DumpRights(piace->Mask, pwptr, plen);
3308 DumpString(&semicolon, 1, pwptr, plen);
3309 /* objects not supported */
3310 DumpString(&semicolon, 1, pwptr, plen);
3311 /* objects not supported */
3312 DumpString(&semicolon, 1, pwptr, plen);
3313 if (!DumpSid((PSID)&piace->SidStart, pwptr, plen))
3314 return FALSE;
3315 DumpString(&closebr, 1, pwptr, plen);
3316 return TRUE;
3317}
3318
3319static BOOL DumpAcl(PACL pacl, WCHAR **pwptr, ULONG *plen, BOOL protected, BOOL autoInheritReq, BOOL autoInherited)
3320{
3321 WORD count;
3322 int i;
3323
3324 if (protected)
3325 DumpString(SDDL_PROTECTED, -1, pwptr, plen);
3326 if (autoInheritReq)
3327 DumpString(SDDL_AUTO_INHERIT_REQ, -1, pwptr, plen);
3328 if (autoInherited)
3329 DumpString(SDDL_AUTO_INHERITED, -1, pwptr, plen);
3330
3331 if (pacl == NULL)
3332 return TRUE;
3333
3334 if (!IsValidAcl(pacl))
3335 return FALSE;
3336
3337 count = pacl->AceCount;
3338 for (i = 0; i < count; i++)
3339 {
3340 LPVOID ace;
3341 if (!GetAce(pacl, i, &ace))
3342 return FALSE;
3343 if (!DumpAce(ace, pwptr, plen))
3344 return FALSE;
3345 }
3346
3347 return TRUE;
3348}
3349
3350static BOOL DumpOwner(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
3351{
3352 static const WCHAR prefix[] = {'O',':',0};
3353 BOOL bDefaulted;
3354 PSID psid;
3355
3356 if (!GetSecurityDescriptorOwner(SecurityDescriptor, &psid, &bDefaulted))
3357 return FALSE;
3358
3359 if (psid == NULL)
3360 return TRUE;
3361
3362 DumpString(prefix, -1, pwptr, plen);
3363 if (!DumpSid(psid, pwptr, plen))
3364 return FALSE;
3365 return TRUE;
3366}
3367
3368static BOOL DumpGroup(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
3369{
3370 static const WCHAR prefix[] = {'G',':',0};
3371 BOOL bDefaulted;
3372 PSID psid;
3373
3374 if (!GetSecurityDescriptorGroup(SecurityDescriptor, &psid, &bDefaulted))
3375 return FALSE;
3376
3377 if (psid == NULL)
3378 return TRUE;
3379
3380 DumpString(prefix, -1, pwptr, plen);
3381 if (!DumpSid(psid, pwptr, plen))
3382 return FALSE;
3383 return TRUE;
3384}
3385
3386static BOOL DumpDacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
3387{
3388 static const WCHAR dacl[] = {'D',':',0};
3389 SECURITY_DESCRIPTOR_CONTROL control;
3390 BOOL present, defaulted;
3391 DWORD revision;
3392 PACL pacl;
3393
3394 if (!GetSecurityDescriptorDacl(SecurityDescriptor, &present, &pacl, &defaulted))
3395 return FALSE;
3396
3397 if (!GetSecurityDescriptorControl(SecurityDescriptor, &control, &revision))
3398 return FALSE;
3399
3400 if (!present)
3401 return TRUE;
3402
3403 DumpString(dacl, 2, pwptr, plen);
3404 if (!DumpAcl(pacl, pwptr, plen, control & SE_DACL_PROTECTED, control & SE_DACL_AUTO_INHERIT_REQ, control & SE_DACL_AUTO_INHERITED))
3405 return FALSE;
3406 return TRUE;
3407}
3408
3409static BOOL DumpSacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
3410{
3411 static const WCHAR sacl[] = {'S',':',0};
3412 SECURITY_DESCRIPTOR_CONTROL control;
3413 BOOL present, defaulted;
3414 DWORD revision;
3415 PACL pacl;
3416
3417 if (!GetSecurityDescriptorSacl(SecurityDescriptor, &present, &pacl, &defaulted))
3418 return FALSE;
3419
3420 if (!GetSecurityDescriptorControl(SecurityDescriptor, &control, &revision))
3421 return FALSE;
3422
3423 if (!present)
3424 return TRUE;
3425
3426 DumpString(sacl, 2, pwptr, plen);
3427 if (!DumpAcl(pacl, pwptr, plen, control & SE_SACL_PROTECTED, control & SE_SACL_AUTO_INHERIT_REQ, control & SE_SACL_AUTO_INHERITED))
3428 return FALSE;
3429 return TRUE;
3430}
3431
3432/******************************************************************************
3433 * ConvertSecurityDescriptorToStringSecurityDescriptorW [ADVAPI32.@]
3434 */
3435BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorW(PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION RequestedInformation, LPWSTR *OutputString, PULONG OutputLen)
3436{
3437 ULONG len;
3438 WCHAR *wptr, *wstr;
3439
3440 if (SDRevision != SDDL_REVISION_1)
3441 {
3442 ERR("Program requested unknown SDDL revision %d\n", SDRevision);
3443 SetLastError(ERROR_UNKNOWN_REVISION);
3444 return FALSE;
3445 }
3446
3447 len = 0;
3448 if (RequestedInformation & OWNER_SECURITY_INFORMATION)
3449 if (!DumpOwner(SecurityDescriptor, NULL, &len))
3450 return FALSE;
3451 if (RequestedInformation & GROUP_SECURITY_INFORMATION)
3452 if (!DumpGroup(SecurityDescriptor, NULL, &len))
3453 return FALSE;
3454 if (RequestedInformation & DACL_SECURITY_INFORMATION)
3455 if (!DumpDacl(SecurityDescriptor, NULL, &len))
3456 return FALSE;
3457 if (RequestedInformation & SACL_SECURITY_INFORMATION)
3458 if (!DumpSacl(SecurityDescriptor, NULL, &len))
3459 return FALSE;
3460
3461 wstr = wptr = LocalAlloc(0, (len + 1)*sizeof(WCHAR));
3462#ifdef __REACTOS__
3463 if (wstr == NULL)
3464 return FALSE;
3465#endif
3466
3467 if (RequestedInformation & OWNER_SECURITY_INFORMATION)
3468 if (!DumpOwner(SecurityDescriptor, &wptr, NULL)) {
3469 LocalFree (wstr);
3470 return FALSE;
3471 }
3472 if (RequestedInformation & GROUP_SECURITY_INFORMATION)
3473 if (!DumpGroup(SecurityDescriptor, &wptr, NULL)) {
3474 LocalFree (wstr);
3475 return FALSE;
3476 }
3477 if (RequestedInformation & DACL_SECURITY_INFORMATION)
3478 if (!DumpDacl(SecurityDescriptor, &wptr, NULL)) {
3479 LocalFree (wstr);
3480 return FALSE;
3481 }
3482 if (RequestedInformation & SACL_SECURITY_INFORMATION)
3483 if (!DumpSacl(SecurityDescriptor, &wptr, NULL)) {
3484 LocalFree (wstr);
3485 return FALSE;
3486 }
3487 *wptr = 0;
3488
3489 TRACE("ret: %s, %d\n", wine_dbgstr_w(wstr), len);
3490 *OutputString = wstr;
3491 if (OutputLen)
3492 *OutputLen = strlenW(*OutputString)+1;
3493 return TRUE;
3494}
3495
3496/******************************************************************************
3497 * ConvertSecurityDescriptorToStringSecurityDescriptorA [ADVAPI32.@]
3498 */
3499BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorA(PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION Information, LPSTR *OutputString, PULONG OutputLen)
3500{
3501 LPWSTR wstr;
3502 ULONG len;
3503 if (ConvertSecurityDescriptorToStringSecurityDescriptorW(SecurityDescriptor, SDRevision, Information, &wstr, &len))
3504 {
3505 int lenA;
3506
3507 lenA = WideCharToMultiByte(CP_ACP, 0, wstr, len, NULL, 0, NULL, NULL);
3508 *OutputString = heap_alloc(lenA);
3509#ifdef __REACTOS__
3510 if (*OutputString == NULL)
3511 {
3512 LocalFree(wstr);
3513 *OutputLen = 0;
3514 return FALSE;
3515 }
3516#endif
3517 WideCharToMultiByte(CP_ACP, 0, wstr, len, *OutputString, lenA, NULL, NULL);
3518 LocalFree(wstr);
3519
3520 if (OutputLen != NULL)
3521 *OutputLen = lenA;
3522 return TRUE;
3523 }
3524 else
3525 {
3526 *OutputString = NULL;
3527 if (OutputLen)
3528 *OutputLen = 0;
3529 return FALSE;
3530 }
3531}
3532
3533/******************************************************************************
3534 * ConvertStringSidToSidW [ADVAPI32.@]
3535 */
3536BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID* Sid)
3537{
3538 BOOL bret = FALSE;
3539 DWORD cBytes;
3540
3541 TRACE("%s, %p\n", debugstr_w(StringSid), Sid);
3542 if (GetVersion() & 0x80000000)
3543 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
3544 else if (!StringSid || !Sid)
3545 SetLastError(ERROR_INVALID_PARAMETER);
3546 else if (ParseStringSidToSid(StringSid, NULL, &cBytes))
3547 {
3548 PSID pSid = *Sid = LocalAlloc(0, cBytes);
3549
3550 bret = ParseStringSidToSid(StringSid, pSid, &cBytes);
3551 if (!bret)
3552 LocalFree(*Sid);
3553 }
3554 return bret;
3555}
3556
3557/******************************************************************************
3558 * ConvertStringSidToSidA [ADVAPI32.@]
3559 */
3560BOOL WINAPI ConvertStringSidToSidA(LPCSTR StringSid, PSID* Sid)
3561{
3562 BOOL bret = FALSE;
3563
3564 TRACE("%s, %p\n", debugstr_a(StringSid), Sid);
3565 if (GetVersion() & 0x80000000)
3566 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
3567 else if (!StringSid || !Sid)
3568 SetLastError(ERROR_INVALID_PARAMETER);
3569 else
3570 {
3571 WCHAR *wStringSid = SERV_dup(StringSid);
3572 bret = ConvertStringSidToSidW(wStringSid, Sid);
3573 heap_free(wStringSid);
3574 }
3575 return bret;
3576}
3577
3578/*
3579 * @implemented
3580 */
3581BOOL
3582WINAPI
3583ConvertSidToStringSidW(PSID Sid,
3584 LPWSTR *StringSid)
3585{
3586 NTSTATUS Status;
3587 UNICODE_STRING UnicodeString;
3588 WCHAR FixedBuffer[64];
3589
3590 if (!RtlValidSid(Sid))
3591 {
3592 SetLastError(ERROR_INVALID_SID);
3593 return FALSE;
3594 }
3595
3596 UnicodeString.Length = 0;
3597 UnicodeString.MaximumLength = sizeof(FixedBuffer);
3598 UnicodeString.Buffer = FixedBuffer;
3599 Status = RtlConvertSidToUnicodeString(&UnicodeString, Sid, FALSE);
3600 if (STATUS_BUFFER_TOO_SMALL == Status)
3601 {
3602 Status = RtlConvertSidToUnicodeString(&UnicodeString, Sid, TRUE);
3603 }
3604
3605 if (!NT_SUCCESS(Status))
3606 {
3607 SetLastError(RtlNtStatusToDosError(Status));
3608 return FALSE;
3609 }
3610
3611 *StringSid = LocalAlloc(LMEM_FIXED, UnicodeString.Length + sizeof(WCHAR));
3612 if (NULL == *StringSid)
3613 {
3614 if (UnicodeString.Buffer != FixedBuffer)
3615 {
3616 RtlFreeUnicodeString(&UnicodeString);
3617 }
3618 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
3619 return FALSE;
3620 }
3621
3622 MoveMemory(*StringSid, UnicodeString.Buffer, UnicodeString.Length);
3623 ZeroMemory((PCHAR) *StringSid + UnicodeString.Length, sizeof(WCHAR));
3624 if (UnicodeString.Buffer != FixedBuffer)
3625 {
3626 RtlFreeUnicodeString(&UnicodeString);
3627 }
3628
3629 return TRUE;
3630}
3631
3632/*
3633 * @implemented
3634 */
3635BOOL
3636WINAPI
3637ConvertSidToStringSidA(PSID Sid,
3638 LPSTR *StringSid)
3639{
3640 LPWSTR StringSidW;
3641 int Len;
3642
3643 if (!ConvertSidToStringSidW(Sid, &StringSidW))
3644 {
3645 return FALSE;
3646 }
3647
3648 Len = WideCharToMultiByte(CP_ACP, 0, StringSidW, -1, NULL, 0, NULL, NULL);
3649 if (Len <= 0)
3650 {
3651 LocalFree(StringSidW);
3652 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
3653 return FALSE;
3654 }
3655
3656 *StringSid = LocalAlloc(LMEM_FIXED, Len);
3657 if (NULL == *StringSid)
3658 {
3659 LocalFree(StringSidW);
3660 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
3661 return FALSE;
3662 }
3663
3664 if (!WideCharToMultiByte(CP_ACP, 0, StringSidW, -1, *StringSid, Len, NULL, NULL))
3665 {
3666 LocalFree(StringSid);
3667 LocalFree(StringSidW);
3668 return FALSE;
3669 }
3670
3671 LocalFree(StringSidW);
3672
3673 return TRUE;
3674}
3675
3676
3677static
3678DWORD
3679GetUnicodeEnvironmentSize(
3680 PVOID pEnvironment)
3681{
3682 INT Length, TotalLength = 0;
3683 PWCHAR Ptr;
3684
3685 if (pEnvironment == NULL)
3686 return 0;
3687
3688 Ptr = (PWCHAR)pEnvironment;
3689 while (*Ptr != UNICODE_NULL)
3690 {
3691 Length = wcslen(Ptr) + 1;
3692 TotalLength += Length;
3693 Ptr = Ptr + Length;
3694 }
3695
3696 return (TotalLength + 1) * sizeof(WCHAR);
3697}
3698
3699
3700static
3701DWORD
3702GetAnsiEnvironmentSize(
3703 PVOID pEnvironment)
3704{
3705 INT Length, TotalLength = 0;
3706 PCHAR Ptr;
3707
3708 if (pEnvironment == NULL)
3709 return 0;
3710
3711 Ptr = (PCHAR)pEnvironment;
3712 while (*Ptr != ANSI_NULL)
3713 {
3714 Length = strlen(Ptr) + 1;
3715 TotalLength += Length;
3716 Ptr = Ptr + Length;
3717 }
3718
3719 return TotalLength + 1;
3720}
3721
3722
3723/*
3724 * @unimplemented
3725 */
3726BOOL
3727WINAPI
3728CreateProcessWithLogonW(
3729 _In_ LPCWSTR lpUsername,
3730 _In_opt_ LPCWSTR lpDomain,
3731 _In_ LPCWSTR lpPassword,
3732 _In_ DWORD dwLogonFlags,
3733 _In_opt_ LPCWSTR lpApplicationName,
3734 _Inout_opt_ LPWSTR lpCommandLine,
3735 _In_ DWORD dwCreationFlags,
3736 _In_opt_ LPVOID lpEnvironment,
3737 _In_opt_ LPCWSTR lpCurrentDirectory,
3738 _In_ LPSTARTUPINFOW lpStartupInfo,
3739 _Out_ LPPROCESS_INFORMATION lpProcessInformation)
3740{
3741 LPWSTR pszStringBinding = NULL;
3742 handle_t hBinding = NULL;
3743 SECL_REQUEST Request;
3744 SECL_RESPONSE Response;
3745 RPC_STATUS Status;
3746
3747 TRACE("CreateProcessWithLogonW(%s %s %s 0x%08x %s %s 0x%08x %p %s %p %p)\n", debugstr_w(lpUsername), debugstr_w(lpDomain),
3748 debugstr_w(lpPassword), dwLogonFlags, debugstr_w(lpApplicationName),
3749 debugstr_w(lpCommandLine), dwCreationFlags, lpEnvironment, debugstr_w(lpCurrentDirectory),
3750 lpStartupInfo, lpProcessInformation);
3751
3752 Status = RpcStringBindingComposeW(NULL,
3753 L"ncacn_np",
3754 NULL,
3755 L"\\pipe\\seclogon",
3756 NULL,
3757 &pszStringBinding);
3758 if (Status != RPC_S_OK)
3759 {
3760 WARN("RpcStringBindingCompose returned 0x%x\n", Status);
3761 SetLastError(Status);
3762 return FALSE;
3763 }
3764
3765 /* Set the binding handle that will be used to bind to the server. */
3766 Status = RpcBindingFromStringBindingW(pszStringBinding,
3767 &hBinding);
3768 if (Status != RPC_S_OK)
3769 {
3770 WARN("RpcBindingFromStringBinding returned 0x%x\n", Status);
3771 }
3772
3773 Status = RpcStringFreeW(&pszStringBinding);
3774 if (Status != RPC_S_OK)
3775 {
3776 WARN("RpcStringFree returned 0x%x\n", Status);
3777 }
3778
3779 Request.Username = (LPWSTR)lpUsername;
3780 Request.Domain = (LPWSTR)lpDomain;
3781 Request.Password = (LPWSTR)lpPassword;
3782 Request.ApplicationName = (LPWSTR)lpApplicationName;
3783 Request.CommandLine = (LPWSTR)lpCommandLine;
3784 Request.CurrentDirectory = (LPWSTR)lpCurrentDirectory;
3785
3786 if (dwCreationFlags & CREATE_UNICODE_ENVIRONMENT)
3787 Request.dwEnvironmentSize = GetUnicodeEnvironmentSize(lpEnvironment);
3788 else
3789 Request.dwEnvironmentSize = GetAnsiEnvironmentSize(lpEnvironment);
3790 Request.Environment = lpEnvironment;
3791
3792 TRACE("Request.dwEnvironmentSize %lu\n", Request.dwEnvironmentSize);
3793 TRACE("Request.Environment %p\n", Request.Environment);
3794
3795 Request.dwLogonFlags = dwLogonFlags;
3796 Request.dwCreationFlags = dwCreationFlags;
3797
3798 Request.dwProcessId = GetCurrentProcessId();
3799 TRACE("Request.dwProcessId %lu\n", Request.dwProcessId);
3800
3801 Response.hProcess = 0;
3802 Response.hThread = 0;
3803 Response.dwProcessId = 0;
3804 Response.dwThreadId = 0;
3805 Response.dwError = ERROR_SUCCESS;
3806
3807 RpcTryExcept
3808 {
3809 SeclCreateProcessWithLogonW(hBinding, &Request, &Response);
3810 }
3811 RpcExcept(EXCEPTION_EXECUTE_HANDLER)
3812 {
3813 WARN("Exception: %lx\n", RpcExceptionCode());
3814 }
3815 RpcEndExcept;
3816
3817 if (hBinding)
3818 {
3819 Status = RpcBindingFree(&hBinding);
3820 if (Status != RPC_S_OK)
3821 {
3822 WARN("RpcBindingFree returned 0x%x\n", Status);
3823 }
3824
3825 hBinding = NULL;
3826 }
3827
3828 TRACE("Response.hProcess %p\n", Response.hProcess);
3829 TRACE("Response.hThread %p\n", Response.hThread);
3830 TRACE("Response.dwProcessId %lu\n", Response.dwProcessId);
3831 TRACE("Response.dwThreadId %lu\n", Response.dwThreadId);
3832 TRACE("Response.dwError %lu\n", Response.dwError);
3833 if (Response.dwError != ERROR_SUCCESS)
3834 SetLastError(Response.dwError);
3835
3836 TRACE("CreateProcessWithLogonW() done\n");
3837
3838 return (Response.dwError == ERROR_SUCCESS);
3839}
3840
3841BOOL WINAPI CreateProcessWithTokenW(HANDLE token, DWORD logon_flags, LPCWSTR application_name, LPWSTR command_line,
3842 DWORD creation_flags, void *environment, LPCWSTR current_directory, STARTUPINFOW *startup_info,
3843 PROCESS_INFORMATION *process_information )
3844{
3845 FIXME("%p 0x%08x %s %s 0x%08x %p %s %p %p - semi-stub\n", token,
3846 logon_flags, debugstr_w(application_name), debugstr_w(command_line),
3847 creation_flags, environment, debugstr_w(current_directory),
3848 startup_info, process_information);
3849
3850 /* FIXME: check if handles should be inherited */
3851 return CreateProcessW( application_name, command_line, NULL, NULL, FALSE, creation_flags, environment,
3852 current_directory, startup_info, process_information );
3853}
3854
3855/*
3856 * @implemented
3857 */
3858BOOL WINAPI
3859DuplicateTokenEx(IN HANDLE ExistingTokenHandle,
3860 IN DWORD dwDesiredAccess,
3861 IN LPSECURITY_ATTRIBUTES lpTokenAttributes OPTIONAL,
3862 IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3863 IN TOKEN_TYPE TokenType,
3864 OUT PHANDLE DuplicateTokenHandle)
3865{
3866 OBJECT_ATTRIBUTES ObjectAttributes;
3867 NTSTATUS Status;
3868 SECURITY_QUALITY_OF_SERVICE Sqos;
3869
3870 TRACE("%p 0x%08x 0x%08x 0x%08x %p\n", ExistingTokenHandle, dwDesiredAccess,
3871 ImpersonationLevel, TokenType, DuplicateTokenHandle);
3872
3873 Sqos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
3874 Sqos.ImpersonationLevel = ImpersonationLevel;
3875 Sqos.ContextTrackingMode = 0;
3876 Sqos.EffectiveOnly = FALSE;
3877
3878 if (lpTokenAttributes != NULL)
3879 {
3880 InitializeObjectAttributes(&ObjectAttributes,
3881 NULL,
3882 lpTokenAttributes->bInheritHandle ? OBJ_INHERIT : 0,
3883 NULL,
3884 lpTokenAttributes->lpSecurityDescriptor);
3885 }
3886 else
3887 {
3888 InitializeObjectAttributes(&ObjectAttributes,
3889 NULL,
3890 0,
3891 NULL,
3892 NULL);
3893 }
3894
3895 ObjectAttributes.SecurityQualityOfService = &Sqos;
3896
3897 Status = NtDuplicateToken(ExistingTokenHandle,
3898 dwDesiredAccess,
3899 &ObjectAttributes,
3900 FALSE,
3901 TokenType,
3902 DuplicateTokenHandle);
3903 if (!NT_SUCCESS(Status))
3904 {
3905 ERR("NtDuplicateToken failed: Status %08x\n", Status);
3906 SetLastError(RtlNtStatusToDosError(Status));
3907 return FALSE;
3908 }
3909
3910 TRACE("Returning token %p.\n", *DuplicateTokenHandle);
3911
3912 return TRUE;
3913}
3914
3915/*
3916 * @implemented
3917 */
3918BOOL WINAPI
3919DuplicateToken(IN HANDLE ExistingTokenHandle,
3920 IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
3921 OUT PHANDLE DuplicateTokenHandle)
3922{
3923 return DuplicateTokenEx(ExistingTokenHandle,
3924 TOKEN_IMPERSONATE | TOKEN_QUERY,
3925 NULL,
3926 ImpersonationLevel,
3927 TokenImpersonation,
3928 DuplicateTokenHandle);
3929}
3930
3931/******************************************************************************
3932 * ComputeStringSidSize
3933 */
3934static DWORD ComputeStringSidSize(LPCWSTR StringSid)
3935{
3936 if (StringSid[0] == 'S' && StringSid[1] == '-') /* S-R-I(-S)+ */
3937 {
3938 int ctok = 0;
3939 while (*StringSid)
3940 {
3941 if (*StringSid == '-')
3942 ctok++;
3943 StringSid++;
3944 }
3945
3946 if (ctok >= 3)
3947 return GetSidLengthRequired(ctok - 2);
3948 }
3949 else /* String constant format - Only available in winxp and above */
3950 {
3951 unsigned int i;
3952
3953 for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++)
3954 if (!strncmpW(WellKnownSids[i].wstr, StringSid, 2))
3955 return GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount);
3956
3957 for (i = 0; i < sizeof(WellKnownRids)/sizeof(WellKnownRids[0]); i++)
3958 if (!strncmpW(WellKnownRids[i].wstr, StringSid, 2))
3959 {
3960 MAX_SID local;
3961 ADVAPI_GetComputerSid(&local);
3962 return GetSidLengthRequired(*GetSidSubAuthorityCount(&local) + 1);
3963 }
3964
3965 }
3966
3967 return GetSidLengthRequired(0);
3968}
3969
3970/******************************************************************************
3971 * ParseStringSidToSid
3972 */
3973static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
3974{
3975 BOOL bret = FALSE;
3976 SID* pisid=pSid;
3977
3978 TRACE("%s, %p, %p\n", debugstr_w(StringSid), pSid, cBytes);
3979 if (!StringSid)
3980 {
3981 SetLastError(ERROR_INVALID_PARAMETER);
3982 TRACE("StringSid is NULL, returning FALSE\n");
3983 return FALSE;
3984 }
3985
3986 while (*StringSid == ' ')
3987 StringSid++;
3988
3989 if (!*StringSid)
3990 goto lend; /* ERROR_INVALID_SID */
3991
3992 *cBytes = ComputeStringSidSize(StringSid);
3993 if (!pisid) /* Simply compute the size */
3994 {
3995 TRACE("only size requested, returning TRUE with %d\n", *cBytes);
3996 return TRUE;
3997 }
3998
3999 if (StringSid[0] == 'S' && StringSid[1] == '-') /* S-R-I-S-S */
4000 {
4001 DWORD i = 0, identAuth;
4002 DWORD csubauth = ((*cBytes - GetSidLengthRequired(0)) / sizeof(DWORD));
4003
4004 StringSid += 2; /* Advance to Revision */
4005 pisid->Revision = atoiW(StringSid);
4006
4007 if (pisid->Revision != SDDL_REVISION)
4008 {
4009 TRACE("Revision %d is unknown\n", pisid->Revision);
4010 goto lend; /* ERROR_INVALID_SID */
4011 }
4012 if (csubauth == 0)
4013 {
4014 TRACE("SubAuthorityCount is 0\n");
4015 goto lend; /* ERROR_INVALID_SID */
4016 }
4017
4018 pisid->SubAuthorityCount = csubauth;
4019
4020 /* Advance to identifier authority */
4021 while (*StringSid && *StringSid != '-')
4022 StringSid++;
4023 if (*StringSid == '-')
4024 StringSid++;
4025
4026 /* MS' implementation can't handle values greater than 2^32 - 1, so
4027 * we don't either; assume most significant bytes are always 0
4028 */
4029 pisid->IdentifierAuthority.Value[0] = 0;
4030 pisid->IdentifierAuthority.Value[1] = 0;
4031 identAuth = atoiW(StringSid);
4032 pisid->IdentifierAuthority.Value[5] = identAuth & 0xff;
4033 pisid->IdentifierAuthority.Value[4] = (identAuth & 0xff00) >> 8;
4034 pisid->IdentifierAuthority.Value[3] = (identAuth & 0xff0000) >> 16;
4035 pisid->IdentifierAuthority.Value[2] = (identAuth & 0xff000000) >> 24;
4036
4037 /* Advance to first sub authority */
4038 while (*StringSid && *StringSid != '-')
4039 StringSid++;
4040 if (*StringSid == '-')
4041 StringSid++;
4042
4043 while (*StringSid)
4044 {
4045 pisid->SubAuthority[i++] = atoiW(StringSid);
4046
4047 while (*StringSid && *StringSid != '-')
4048 StringSid++;
4049 if (*StringSid == '-')
4050 StringSid++;
4051 }
4052
4053 if (i != pisid->SubAuthorityCount)
4054 goto lend; /* ERROR_INVALID_SID */
4055
4056 bret = TRUE;
4057 }
4058 else /* String constant format - Only available in winxp and above */
4059 {
4060 unsigned int i;
4061 pisid->Revision = SDDL_REVISION;
4062
4063 for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++)
4064 if (!strncmpW(WellKnownSids[i].wstr, StringSid, 2))
4065 {
4066 DWORD j;
4067 pisid->SubAuthorityCount = WellKnownSids[i].Sid.SubAuthorityCount;
4068 pisid->IdentifierAuthority = WellKnownSids[i].Sid.IdentifierAuthority;
4069 for (j = 0; j < WellKnownSids[i].Sid.SubAuthorityCount; j++)
4070 pisid->SubAuthority[j] = WellKnownSids[i].Sid.SubAuthority[j];
4071 bret = TRUE;
4072 }
4073
4074 for (i = 0; i < sizeof(WellKnownRids)/sizeof(WellKnownRids[0]); i++)
4075 if (!strncmpW(WellKnownRids[i].wstr, StringSid, 2))
4076 {
4077 ADVAPI_GetComputerSid(pisid);
4078 pisid->SubAuthority[pisid->SubAuthorityCount] = WellKnownRids[i].Rid;
4079 pisid->SubAuthorityCount++;
4080 bret = TRUE;
4081 }
4082
4083 if (!bret)
4084 FIXME("String constant not supported: %s\n", debugstr_wn(StringSid, 2));
4085 }
4086
4087lend:
4088 if (!bret)
4089 SetLastError(ERROR_INVALID_SID);
4090
4091 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
4092 return bret;
4093}
4094
4095/**********************************************************************
4096 * GetNamedSecurityInfoA EXPORTED
4097 *
4098 * @implemented
4099 */
4100DWORD
4101WINAPI
4102GetNamedSecurityInfoA(LPSTR pObjectName,
4103 SE_OBJECT_TYPE ObjectType,
4104 SECURITY_INFORMATION SecurityInfo,
4105 PSID *ppsidOwner,
4106 PSID *ppsidGroup,
4107 PACL *ppDacl,
4108 PACL *ppSacl,
4109 PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
4110{
4111 DWORD len;
4112 LPWSTR wstr = NULL;
4113 DWORD r;
4114
4115 TRACE("%s %d %d %p %p %p %p %p\n", pObjectName, ObjectType, SecurityInfo,
4116 ppsidOwner, ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor);
4117
4118 if( pObjectName )
4119 {
4120 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
4121 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
4122 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
4123 }
4124
4125 r = GetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, ppsidOwner,
4126 ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor );
4127
4128 HeapFree( GetProcessHeap(), 0, wstr );
4129
4130 return r;
4131}
4132
4133/******************************************************************************
4134 * GetWindowsAccountDomainSid [ADVAPI32.@]
4135 */
4136BOOL WINAPI GetWindowsAccountDomainSid( PSID sid, PSID domain_sid, DWORD *size )
4137{
4138 SID_IDENTIFIER_AUTHORITY domain_ident = { SECURITY_NT_AUTHORITY };
4139 DWORD required_size;
4140 int i;
4141
4142 FIXME( "(%p %p %p): semi-stub\n", sid, domain_sid, size );
4143
4144 if (!sid || !IsValidSid( sid ))
4145 {
4146 SetLastError( ERROR_INVALID_SID );
4147 return FALSE;
4148 }
4149
4150 if (!size)
4151 {
4152 SetLastError( ERROR_INVALID_PARAMETER );
4153 return FALSE;
4154 }
4155
4156 if (*GetSidSubAuthorityCount( sid ) < 4)
4157 {
4158 SetLastError( ERROR_INVALID_SID );
4159 return FALSE;
4160 }
4161
4162 required_size = GetSidLengthRequired( 4 );
4163 if (*size < required_size || !domain_sid)
4164 {
4165 *size = required_size;
4166 SetLastError( domain_sid ? ERROR_INSUFFICIENT_BUFFER :
4167 ERROR_INVALID_PARAMETER );
4168 return FALSE;
4169 }
4170
4171 InitializeSid( domain_sid, &domain_ident, 4 );
4172 for (i = 0; i < 4; i++)
4173 *GetSidSubAuthority( domain_sid, i ) = *GetSidSubAuthority( sid, i );
4174
4175 *size = required_size;
4176 return TRUE;
4177}
4178
4179/*
4180 * @unimplemented
4181 */
4182BOOL
4183WINAPI
4184EqualDomainSid(IN PSID pSid1,
4185 IN PSID pSid2,
4186 OUT BOOL* pfEqual)
4187{
4188 UNIMPLEMENTED;
4189 return FALSE;
4190}
4191
4192/* EOF */
ReturnLength
_In_ PVOID _In_ ULONG _Out_ PVOID _In_ ULONG _Inout_ PULONG ReturnLength
Definition: KdSystemDebugControl.c:34
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
GenericMapping
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
Type
Type
Definition: Type.h:7
__inline
#define __inline
Definition: _wctype.cpp:15
ACCESS_MODE
enum _ACCESS_MODE ACCESS_MODE
TRUSTEE_FORM
enum _TRUSTEE_FORM TRUSTEE_FORM
TRUSTEE_TYPE
enum _TRUSTEE_TYPE TRUSTEE_TYPE
TRUSTEE_IS_SID
@ TRUSTEE_IS_SID
Definition: accctrl.h:189
TRUSTEE_IS_OBJECTS_AND_SID
@ TRUSTEE_IS_OBJECTS_AND_SID
Definition: accctrl.h:192
TRUSTEE_BAD_FORM
@ TRUSTEE_BAD_FORM
Definition: accctrl.h:191
TRUSTEE_IS_NAME
@ TRUSTEE_IS_NAME
Definition: accctrl.h:190
TRUSTEE_IS_OBJECTS_AND_NAME
@ TRUSTEE_IS_OBJECTS_AND_NAME
Definition: accctrl.h:193
TRUSTEE_IS_UNKNOWN
@ TRUSTEE_IS_UNKNOWN
Definition: accctrl.h:176
SE_OBJECT_TYPE
enum _SE_OBJECT_TYPE SE_OBJECT_TYPE
Definition: security.c:104
NO_MULTIPLE_TRUSTEE
@ NO_MULTIPLE_TRUSTEE
Definition: accctrl.h:198
NtAccessCheck
NTSTATUS NTAPI NtAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access can be granted to a client that requests such access on an object.
Definition: accesschk.c:2214
NtAccessCheckByType
NTSTATUS NTAPI NtAccessCheckByType(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access can be granted to a client that requests such access on the object...
Definition: accesschk.c:2254
NtAccessCheckByTypeResultList
NTSTATUS NTAPI NtAccessCheckByTypeResultList(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_reads_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess, _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus)
Determines whether security access can be granted to a client that requests such access on the object...
Definition: accesschk.c:2297
strlen
ACPI_SIZE strlen(const char *String)
Definition: utclib.c:269
bytes
static unsigned char bytes[4]
Definition: adnsresfilter.c:74
heap_alloc
static void * heap_alloc(size_t len)
Definition: appwiz.h:66
heap_free
static BOOL heap_free(void *mem)
Definition: appwiz.h:76
TOKEN_TYPE
TOKEN_TYPE
Definition: asmpp.cpp:29
WINE_DEFAULT_DEBUG_CHANNEL
#define WINE_DEFAULT_DEBUG_CHANNEL(t)
Definition: precomp.h:23
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
SeclCreateProcessWithLogonW
VOID __stdcall SeclCreateProcessWithLogonW(_In_ handle_t hBinding, _In_ SECL_REQUEST *pRequest, _Out_ SECL_RESPONSE *pResponse)
Definition: rpcserver.c:57
FIXME
#define FIXME(fmt,...)
Definition: precomp.h:53
WARN
#define WARN(fmt,...)
Definition: precomp.h:61
ERR
#define ERR(fmt,...)
Definition: precomp.h:57
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: ntoskrnl.c:15
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:634
sid
FT_UInt sid
Definition: cffcmap.c:139
GetComputerNameW
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:446
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
LPSTARTUPINFOW
SIZE_T LPSTARTUPINFOW
Definition: cordebug.idl:85
LPPROCESS_INFORMATION
SIZE_T LPPROCESS_INFORMATION
Definition: cordebug.idl:86
hBinding
handle_t hBinding
Definition: ctx_c.c:54
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10
Len
#define Len
Definition: deflate.h:82
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
Name
LPWSTR Name
Definition: desk.c:124
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
LookupAccountNameW
BOOL WINAPI LookupAccountNameW(LPCWSTR lpSystemName, LPCWSTR lpAccountName, PSID Sid, LPDWORD cbSid, LPWSTR ReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse)
Definition: misc.c:626
GetNamedSecurityInfoW
DWORD WINAPI GetNamedSecurityInfoW(LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
Definition: misc.c:1147
LookupPrivilegeDisplayNameW
BOOL WINAPI LookupPrivilegeDisplayNameW(LPCWSTR lpSystemName, LPCWSTR lpName, LPWSTR lpDisplayName, LPDWORD cchDisplayName, LPDWORD lpLanguageId)
Definition: misc.c:901
LookupPrivilegeNameW
BOOL WINAPI LookupPrivilegeNameW(LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName, LPDWORD cchName)
Definition: misc.c:832
SetNamedSecurityInfoW
DWORD WINAPI SetNamedSecurityInfoW(LPWSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
Definition: misc.c:1197
AdjustTokenPrivileges
BOOL WINAPI AdjustTokenPrivileges(HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength)
Definition: security.c:374
GetAclInformation
BOOL WINAPI GetAclInformation(PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
Definition: security.c:1194
GetTokenInformation
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
Definition: security.c:411
GetAnsiEnvironmentSize
static DWORD GetAnsiEnvironmentSize(PVOID pEnvironment)
Definition: security.c:3702
ADS_RIGHT_DS_LIST_OBJECT
#define ADS_RIGHT_DS_LIST_OBJECT
Definition: security.c:160
LookupAccountNameA
BOOL WINAPI LookupAccountNameA(LPCSTR SystemName, LPCSTR AccountName, PSID Sid, LPDWORD SidLength, LPSTR ReferencedDomainName, LPDWORD hReferencedDomainNameLength, PSID_NAME_USE SidNameUse)
Definition: security.c:2012
DumpSacl
static BOOL DumpSacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3409
SDDL_AUDIT_FAILURE
static const WCHAR SDDL_AUDIT_FAILURE[]
Definition: security.c:172
PrivilegeCheck
BOOL WINAPI PrivilegeCheck(HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
Definition: security.c:2066
AceFlags
static const ACEFLAG AceFlags[]
Definition: security.c:2624
OpenProcessToken
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:294
ConvertSecurityDescriptorToStringSecurityDescriptorA
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorA(PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION Information, LPSTR *OutputString, PULONG OutputLen)
Definition: security.c:3499
WellKnownRids
static const WELLKNOWNRID WellKnownRids[]
Definition: security.c:109
CreateRestrictedToken
BOOL WINAPI CreateRestrictedToken(_In_ HANDLE ExistingTokenHandle, _In_ DWORD Flags, _In_ DWORD DisableSidCount, _In_reads_opt_(DisableSidCount) PSID_AND_ATTRIBUTES SidsToDisable, _In_ DWORD DeletePrivilegeCount, _In_reads_opt_(DeletePrivilegeCount) PLUID_AND_ATTRIBUTES PrivilegesToDelete, _In_ DWORD RestrictedSidCount, _In_reads_opt_(RestrictedSidCount) PSID_AND_ATTRIBUTES SidsToRestrict, _Outptr_ PHANDLE NewTokenHandle)
Creates a filtered token that is a restricted one of the regular access token. A restricted token can...
Definition: security.c:533
SetAclInformation
BOOL WINAPI SetAclInformation(PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
Definition: security.c:2471
DuplicateToken
BOOL WINAPI DuplicateToken(IN HANDLE ExistingTokenHandle, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, OUT PHANDLE DuplicateTokenHandle)
Definition: security.c:3919
ConvertStringSidToSidW
BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID *Sid)
Definition: security.c:3536
ConvertSidToStringSidW
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3583
SetTokenInformation
BOOL WINAPI SetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength)
Definition: security.c:437
ParseAclStringFlags
static DWORD ParseAclStringFlags(LPCWSTR *StringAcl)
Definition: security.c:2554
ConvertStringSecurityDescriptorToSecurityDescriptorA
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA(LPCSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize)
Definition: security.c:3032
LookupPrivilegeDisplayNameA
BOOL WINAPI LookupPrivilegeDisplayNameA(LPCSTR lpSystemName, LPCSTR lpName, LPSTR lpDisplayName, LPDWORD cchDisplayName, LPDWORD lpLanguageId)
Definition: security.c:1239
GetTrusteeTypeW
TRUSTEE_TYPE WINAPI GetTrusteeTypeW(PTRUSTEE_W pTrustee)
Definition: security.c:2461
AceRights
static const ACEFLAG AceRights[]
Definition: security.c:2669
ParseAceStringFlags
static BYTE ParseAceStringFlags(LPCWSTR *StringAcl)
Definition: security.c:2636
SDDL_CONTAINER_INHERIT
static const WCHAR SDDL_CONTAINER_INHERIT[]
Definition: security.c:166
ParseStringSidToSid
static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
Definition: security.c:3973
InitializeSid
BOOL WINAPI InitializeSid(PSID Sid, PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount)
Definition: security.c:862
LPACEFLAG
struct _ACEFLAG * LPACEFLAG
ConvertSecurityDescriptorToStringSecurityDescriptorW
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorW(PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION RequestedInformation, LPWSTR *OutputString, PULONG OutputLen)
Definition: security.c:3435
SDDL_AUDIT
static const WCHAR SDDL_AUDIT[]
Definition: security.c:142
SERV_dup
static LPWSTR SERV_dup(LPCSTR str)
Definition: security.c:233
DumpGroup
static BOOL DumpGroup(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3368
DumpAce
static BOOL DumpAce(LPVOID pace, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3260
GetSecurityInfoExA
DWORD WINAPI GetSecurityInfoExA(HANDLE hObject, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, LPCSTR lpProvider, LPCSTR lpProperty, PACTRL_ACCESSA *ppAccessList, PACTRL_AUDITA *ppAuditList, LPSTR *lppOwner, LPSTR *lppGroup)
Definition: security.c:2092
ParseStringSecurityDescriptorToSecurityDescriptor
static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(LPCWSTR StringSecurityDescriptor, SECURITY_DESCRIPTOR_RELATIVE *SecurityDescriptor, LPDWORD cBytes)
Definition: security.c:2884
ConvertStringSidToSidA
BOOL WINAPI ConvertStringSidToSidA(LPCSTR StringSid, PSID *Sid)
Definition: security.c:3560
EqualPrefixSid
BOOL WINAPI EqualPrefixSid(PSID pSid1, PSID pSid2)
Definition: security.c:841
ADS_RIGHT_DS_DELETE_TREE
#define ADS_RIGHT_DS_DELETE_TREE
Definition: security.c:159
ADS_RIGHT_ACTRL_DS_LIST
#define ADS_RIGHT_ACTRL_DS_LIST
Definition: security.c:155
BuildTrusteeWithSidA
VOID WINAPI BuildTrusteeWithSidA(PTRUSTEE_A pTrustee, PSID pSid)
Definition: security.c:2342
GetSecurityInfoExW
DWORD WINAPI GetSecurityInfoExW(HANDLE hObject, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider, LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList, PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup)
Definition: security.c:2112
GetTrusteeNameW
LPWSTR WINAPI GetTrusteeNameW(PTRUSTEE_W pTrustee)
Definition: security.c:2443
SDDL_NO_WRITE_UP
static const WCHAR SDDL_NO_WRITE_UP[]
Definition: security.c:130
ImpersonateSelf
BOOL WINAPI ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:1631
AddAccessDeniedAceEx
BOOL WINAPI AddAccessDeniedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
Definition: security.c:1114
SDDL_OBJECT_AUDIT
static const WCHAR SDDL_OBJECT_AUDIT[]
Definition: security.c:146
AddAce
BOOL WINAPI AddAce(PACL pAcl, DWORD dwAceRevision, DWORD dwStartingAceIndex, LPVOID pAceList, DWORD nAceListLength)
Definition: security.c:1141
AccessCheckByType
BOOL WINAPI AccessCheckByType(_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ DWORD DesiredAccess, _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ DWORD ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, _Inout_ LPDWORD PrivilegeSetLength, _Out_ LPDWORD GrantedAccess, _Out_ LPBOOL AccessStatus)
Determines whether security access can be granted to a client that requests such access on the object...
Definition: security.c:1767
DumpOwner
static BOOL DumpOwner(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3350
SDDL_OBJECT_INHERIT
static const WCHAR SDDL_OBJECT_INHERIT[]
Definition: security.c:167
DumpString
static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3117
DeleteAce
BOOL WINAPI DeleteAce(PACL pAcl, DWORD dwAceIndex)
Definition: security.c:1166
GetTrusteeTypeA
TRUSTEE_TYPE WINAPI GetTrusteeTypeA(PTRUSTEE_A pTrustee)
Definition: security.c:2452
AccessCheckByTypeResultList
BOOL WINAPI AccessCheckByTypeResultList(_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ DWORD DesiredAccess, _In_reads_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ DWORD ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, _Inout_ LPDWORD PrivilegeSetLength, _Out_writes_(ObjectTypeListLength) LPDWORD GrantedAccess, _Out_writes_(ObjectTypeListLength) LPBOOL AccessStatus)
Determines whether security access can be granted to a client that requests such access on the object...
Definition: security.c:1881
DumpSid
static BOOL DumpSid(PSID psid, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3171
MakeAbsoluteSD
BOOL WINAPI MakeAbsoluteSD(PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, LPDWORD lpdwAbsoluteSecurityDescriptorSize, PACL pDacl, LPDWORD lpdwDaclSize, PACL pSacl, LPDWORD lpdwSaclSize, PSID pOwner, LPDWORD lpdwOwnerSize, PSID pPrimaryGroup, LPDWORD lpdwPrimaryGroupSize)
Definition: security.c:950
ADS_RIGHT_DS_CREATE_CHILD
#define ADS_RIGHT_DS_CREATE_CHILD
Definition: security.c:153
GetSidSubAuthority
PDWORD WINAPI GetSidSubAuthority(PSID pSid, DWORD nSubAuthority)
Definition: security.c:896
SDDL_ACCESS_ALLOWED
static const WCHAR SDDL_ACCESS_ALLOWED[]
Definition: security.c:136
SDDL_OBJECT_ACCESS_DENIED
static const WCHAR SDDL_OBJECT_ACCESS_DENIED[]
Definition: security.c:140
GetTrusteeNameA
LPSTR WINAPI GetTrusteeNameA(PTRUSTEE_A pTrustee)
Definition: security.c:2433
DumpSidNumeric
static BOOL DumpSidNumeric(PSID psid, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3132
SetFileSecurityW
BOOL WINAPI SetFileSecurityW(LPCWSTR lpFileName, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor)
Definition: security.c:1509
BuildExplicitAccessWithNameA
VOID WINAPI BuildExplicitAccessWithNameA(PEXPLICIT_ACCESSA pExplicitAccess, LPSTR pTrusteeName, DWORD AccessPermissions, ACCESS_MODE AccessMode, DWORD Inheritance)
Definition: security.c:2130
ADS_RIGHT_DS_READ_PROP
#define ADS_RIGHT_DS_READ_PROP
Definition: security.c:157
SetThreadToken
BOOL WINAPI SetThreadToken(IN PHANDLE ThreadHandle OPTIONAL, IN HANDLE TokenHandle)
Definition: security.c:461
AllocateAndInitializeSid
BOOL WINAPI AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
Definition: security.c:674
WELLKNOWNRID
struct WELLKNOWNRID WELLKNOWNRID
GetSidLengthRequired
DWORD WINAPI GetSidLengthRequired(UCHAR nSubAuthorityCount)
Definition: security.c:852
IsValidSid
BOOL WINAPI IsValidSid(PSID pSid)
Definition: security.c:819
SDDL_INHERIT_ONLY
static const WCHAR SDDL_INHERIT_ONLY[]
Definition: security.c:169
ADS_RIGHT_DS_DELETE_CHILD
#define ADS_RIGHT_DS_DELETE_CHILD
Definition: security.c:154
SynchronizeWindows31FilesAndWindowsNTRegistry
BOOL WINAPI SynchronizeWindows31FilesAndWindowsNTRegistry(DWORD x1, DWORD x2, DWORD x3, DWORD x4)
Definition: security.c:1596
AreAnyAccessesGranted
BOOL WINAPI AreAnyAccessesGranted(DWORD GrantedAccess, DWORD DesiredAccess)
Definition: security.c:2544
IsWellKnownSid
BOOL WINAPI IsWellKnownSid(IN PSID pSid, IN WELL_KNOWN_SID_TYPE WellKnownSidType)
Definition: security.c:796
BuildTrusteeWithObjectsAndNameW
VOID WINAPI BuildTrusteeWithObjectsAndNameW(PTRUSTEEW pTrustee, POBJECTS_AND_NAME_W pObjName, SE_OBJECT_TYPE ObjectType, LPWSTR ObjectTypeName, LPWSTR InheritedObjectTypeName, LPWSTR Name)
Definition: security.c:2208
CopySid
BOOL WINAPI CopySid(DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid)
Definition: security.c:712
SDDL_INHERITED
static const WCHAR SDDL_INHERITED[]
Definition: security.c:170
SDDL_ACCESS_DENIED
static const WCHAR SDDL_ACCESS_DENIED[]
Definition: security.c:137
AddAuditAccessAce
BOOL WINAPI AddAuditAccessAce(PACL pAcl, DWORD dwAceRevision, DWORD dwAccessMask, PSID pSid, BOOL bAuditSuccess, BOOL bAuditFailure)
Definition: security.c:1951
AllocateLocallyUniqueId
BOOL WINAPI AllocateLocallyUniqueId(PLUID Luid)
Definition: security.c:1218
GetSidSubAuthorityCount
PUCHAR WINAPI GetSidSubAuthorityCount(PSID pSid)
Definition: security.c:908
GetKernelObjectSecurity
BOOL WINAPI GetKernelObjectSecurity(HANDLE Handle, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
Definition: security.c:987
GetUnicodeEnvironmentSize
static DWORD GetUnicodeEnvironmentSize(PVOID pEnvironment)
Definition: security.c:3679
InitializeAcl
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
Definition: security.c:1006
ACEFLAG
struct _ACEFLAG ACEFLAG
ADS_RIGHT_DS_CONTROL_ACCESS
#define ADS_RIGHT_DS_CONTROL_ACCESS
Definition: security.c:161
ImpersonateNamedPipeClient
BOOL WINAPI ImpersonateNamedPipeClient(HANDLE hNamedPipe)
Definition: security.c:1024
InitializeSecurityDescriptor
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
Definition: security.c:929
BuildExplicitAccessWithNameW
VOID WINAPI BuildExplicitAccessWithNameW(PEXPLICIT_ACCESSW pExplicitAccess, LPWSTR pTrusteeName, DWORD AccessPermissions, ACCESS_MODE AccessMode, DWORD Inheritance)
Definition: security.c:2152
ComputeStringSidSize
static DWORD ComputeStringSidSize(LPCWSTR StringSid)
Definition: security.c:3934
SDDL_OBJECT_ALARM
static const WCHAR SDDL_OBJECT_ALARM[]
Definition: security.c:147
BuildTrusteeWithObjectsAndSidW
VOID WINAPI BuildTrusteeWithObjectsAndSidW(PTRUSTEEW pTrustee, POBJECTS_AND_SID pObjSid, GUID *pObjectGuid, GUID *pInheritedObjectGuid, PSID pSid)
Definition: security.c:2294
SDDL_MANDATORY_LABEL
static const WCHAR SDDL_MANDATORY_LABEL[]
Definition: security.c:144
SDDL_ALARM
static const WCHAR SDDL_ALARM[]
Definition: security.c:143
SDDL_OBJECT_ACCESS_ALLOWED
static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[]
Definition: security.c:139
AddAccessAllowedAce
BOOL WINAPI AddAccessAllowedAce(PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
Definition: security.c:1039
sidWorld
static const SID sidWorld
Definition: security.c:126
AddAccessAllowedAceEx
BOOL WINAPI AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
Definition: security.c:1063
ADVAPI_IsLocalComputer
BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
Definition: security.c:251
BuildTrusteeWithObjectsAndNameA
VOID WINAPI BuildTrusteeWithObjectsAndNameA(PTRUSTEEA pTrustee, POBJECTS_AND_NAME_A pObjName, SE_OBJECT_TYPE ObjectType, LPSTR ObjectTypeName, LPSTR InheritedObjectTypeName, LPSTR Name)
Definition: security.c:2172
GetLengthSid
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:919
QueryWindows31FilesMigration
BOOL WINAPI QueryWindows31FilesMigration(DWORD x1)
Definition: security.c:1580
SDDL_NO_PROPAGATE
static const WCHAR SDDL_NO_PROPAGATE[]
Definition: security.c:168
BuildTrusteeWithNameA
VOID WINAPI BuildTrusteeWithNameA(PTRUSTEE_A pTrustee, LPSTR name)
Definition: security.c:2375
WellKnownSids
static const WELLKNOWNSID WellKnownSids[]
Definition: security.c:45
OpenThreadToken
BOOL WINAPI OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, HANDLE *TokenHandle)
Definition: security.c:336
FreeSid
PVOID WINAPI FreeSid(PSID pSid)
Definition: security.c:698
WELLKNOWNSID
struct WELLKNOWNSID WELLKNOWNSID
ConvertSidToStringSidA
BOOL WINAPI ConvertSidToStringSidA(PSID Sid, LPSTR *StringSid)
Definition: security.c:3637
SetFileSecurityA
BOOL WINAPI SetFileSecurityA(LPCSTR lpFileName, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor)
Definition: security.c:1479
GetWindowsAccountDomainSid
BOOL WINAPI GetWindowsAccountDomainSid(PSID sid, PSID domain_sid, DWORD *size)
Definition: security.c:4136
SDDL_NO_EXECUTE_UP
static const WCHAR SDDL_NO_EXECUTE_UP[]
Definition: security.c:131
ADS_RIGHT_DS_WRITE_PROP
#define ADS_RIGHT_DS_WRITE_PROP
Definition: security.c:158
CreateProcessWithTokenW
BOOL WINAPI CreateProcessWithTokenW(HANDLE token, DWORD logon_flags, LPCWSTR application_name, LPWSTR command_line, DWORD creation_flags, void *environment, LPCWSTR current_directory, STARTUPINFOW *startup_info, PROCESS_INFORMATION *process_information)
Definition: security.c:3841
EqualSid
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
Definition: security.c:829
AccessCheck
BOOL WINAPI AccessCheck(IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN HANDLE ClientToken, IN DWORD DesiredAccess, IN PGENERIC_MAPPING GenericMapping, OUT PPRIVILEGE_SET PrivilegeSet OPTIONAL, IN OUT LPDWORD PrivilegeSetLength, OUT LPDWORD GrantedAccess, OUT LPBOOL AccessStatus)
Definition: security.c:1650
DumpRights
static void DumpRights(DWORD mask, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3221
set_ntstatus
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:227
DuplicateTokenEx
BOOL WINAPI DuplicateTokenEx(IN HANDLE ExistingTokenHandle, IN DWORD dwDesiredAccess, IN LPSECURITY_ATTRIBUTES lpTokenAttributes OPTIONAL, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, IN TOKEN_TYPE TokenType, OUT PHANDLE DuplicateTokenHandle)
Definition: security.c:3859
debugstr_sid
static const char * debugstr_sid(PSID sid)
Definition: security.c:174
AdjustTokenGroups
BOOL WINAPI AdjustTokenGroups(HANDLE TokenHandle, BOOL ResetToDefault, PTOKEN_GROUPS NewState, DWORD BufferLength, PTOKEN_GROUPS PreviousState, PDWORD ReturnLength)
Definition: security.c:346
GetFileSecurityW
BOOL WINAPI GetFileSecurityW(LPCWSTR lpFileName, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
Definition: security.c:1404
AceType
static const ACEFLAG AceType[]
Definition: security.c:2583
GetNamedSecurityInfoA
DWORD WINAPI GetNamedSecurityInfoA(LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
Definition: security.c:4102
DumpAcl
static BOOL DumpAcl(PACL pacl, WCHAR **pwptr, ULONG *plen, BOOL protected, BOOL autoInheritReq, BOOL autoInherited)
Definition: security.c:3319
ParseAceStringType
static BYTE ParseAceStringType(LPCWSTR *StringAcl)
Definition: security.c:2599
GetFileSecurityA
BOOL WINAPI GetFileSecurityA(LPCSTR lpFileName, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
Definition: security.c:1373
SetNamedSecurityInfoA
DWORD WINAPI SetNamedSecurityInfoA(LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
Definition: security.c:2498
GetSidIdentifierAuthority
PSID_IDENTIFIER_AUTHORITY WINAPI GetSidIdentifierAuthority(PSID pSid)
Definition: security.c:885
AreAllAccessesGranted
BOOL WINAPI AreAllAccessesGranted(DWORD GrantedAccess, DWORD DesiredAccess)
Definition: security.c:2532
GetTrusteeFormA
TRUSTEE_FORM WINAPI GetTrusteeFormA(PTRUSTEEA pTrustee)
Definition: security.c:2406
BuildTrusteeWithSidW
VOID WINAPI BuildTrusteeWithSidW(PTRUSTEE_W pTrustee, PSID pSid)
Definition: security.c:2359
BuildTrusteeWithObjectsAndSidA
VOID WINAPI BuildTrusteeWithObjectsAndSidA(PTRUSTEEA pTrustee, POBJECTS_AND_SID pObjSid, GUID *pObjectGuid, GUID *pInheritedObjectGuid, PSID pSid)
Definition: security.c:2245
ADVAPI_GetComputerSid
BOOL ADVAPI_GetComputerSid(PSID sid)
Definition: security.c:273
EqualDomainSid
BOOL WINAPI EqualDomainSid(IN PSID pSid1, IN PSID pSid2, OUT BOOL *pfEqual)
Definition: security.c:4184
FindFirstFreeAce
BOOL WINAPI FindFirstFreeAce(PACL pAcl, LPVOID *pAce)
Definition: security.c:1176
GetAce
BOOL WINAPI GetAce(PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
Definition: security.c:1186
CreateProcessWithLogonW
BOOL WINAPI CreateProcessWithLogonW(_In_ LPCWSTR lpUsername, _In_opt_ LPCWSTR lpDomain, _In_ LPCWSTR lpPassword, _In_ DWORD dwLogonFlags, _In_opt_ LPCWSTR lpApplicationName, _Inout_opt_ LPWSTR lpCommandLine, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCWSTR lpCurrentDirectory, _In_ LPSTARTUPINFOW lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
Definition: security.c:3728
AddAccessDeniedAce
BOOL WINAPI AddAccessDeniedAce(PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
Definition: security.c:1090
AddAuditAccessAceEx
BOOL WINAPI AddAuditAccessAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD dwAccessMask, PSID pSid, BOOL bAuditSuccess, BOOL bAuditFailure)
Definition: security.c:1979
SDDL_AUDIT_SUCCESS
static const WCHAR SDDL_AUDIT_SUCCESS[]
Definition: security.c:171
SetKernelObjectSecurity
BOOL WINAPI SetKernelObjectSecurity(HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
Definition: security.c:1928
BuildTrusteeWithNameW
VOID WINAPI BuildTrusteeWithNameW(PTRUSTEE_W pTrustee, LPWSTR name)
Definition: security.c:2391
CreateWellKnownSid
BOOL WINAPI CreateWellKnownSid(IN WELL_KNOWN_SID_TYPE WellKnownSidType, IN PSID DomainSid OPTIONAL, OUT PSID pSid, IN OUT DWORD *cbSid)
Definition: security.c:722
LookupPrivilegeNameA
BOOL WINAPI LookupPrivilegeNameA(LPCSTR lpSystemName, PLUID lpLuid, LPSTR lpName, LPDWORD cchName)
Definition: security.c:1299
SDDL_NO_READ_UP
static const WCHAR SDDL_NO_READ_UP[]
Definition: security.c:129
MAX_SID
struct _MAX_SID MAX_SID
ADS_RIGHT_DS_SELF
#define ADS_RIGHT_DS_SELF
Definition: security.c:156
DumpDacl
static BOOL DumpDacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen)
Definition: security.c:3386
IsValidAcl
BOOL WINAPI IsValidAcl(PACL pAcl)
Definition: security.c:1209
ParseAceStringRights
static DWORD ParseAceStringRights(LPCWSTR *StringAcl)
Definition: security.c:2707
ParseStringAclToAcl
static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags, PACL pAcl, LPDWORD cBytes)
Definition: security.c:2762
ConvertStringSecurityDescriptorToSecurityDescriptorW
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW(LPCWSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize)
Definition: security.c:3062
GetTrusteeFormW
TRUSTEE_FORM WINAPI GetTrusteeFormW(PTRUSTEEW pTrustee)
Definition: security.c:2419
AceRightBitNames
static const LPCWSTR AceRightBitNames[32]
Definition: security.c:3186
wine_dbg_sprintf
const char * wine_dbg_sprintf(const char *format,...)
Definition: compat.c:296
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:736
ERROR_CALL_NOT_IMPLEMENTED
#define ERROR_CALL_NOT_IMPLEMENTED
Definition: compat.h:102
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
CP_ACP
#define CP_ACP
Definition: compat.h:109
SetLastError
#define SetLastError(x)
Definition: compat.h:752
HeapAlloc
#define HeapAlloc
Definition: compat.h:733
ThreadImpersonationToken
@ ThreadImpersonationToken
Definition: compat.h:940
GENERIC_READ
#define GENERIC_READ
Definition: compat.h:135
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:735
WideCharToMultiByte
#define WideCharToMultiByte
Definition: compat.h:111
MultiByteToWideChar
#define MultiByteToWideChar
Definition: compat.h:110
FILE_SHARE_READ
#define FILE_SHARE_READ
Definition: compat.h:136
ERROR_INVALID_NAME
#define ERROR_INVALID_NAME
Definition: compat.h:103
lstrlenW
#define lstrlenW
Definition: compat.h:750
CreateProcessW
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW(LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
Definition: proc.c:4598
lstrcmpW
int WINAPI lstrcmpW(LPCWSTR str1, LPCWSTR str2)
Definition: locale.c:4246
RevertToSelf
BOOL WINAPI RevertToSelf(void)
Definition: security.c:855
GetVersion
DWORD WINAPI GetVersion(void)
Definition: version.c:1458
Cleanup
static const WCHAR Cleanup[]
Definition: register.c:80
ret
return ret
Definition: mutex.c:146
L
#define L(x)
Definition: resources.c:13
__FUNCTION__
#define __FUNCTION__
Definition: types.h:116
Success
@ Success
Definition: eventcreate.c:712
FileName
struct _FileName FileName
Definition: fatprocs.h:897
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
WORD
unsigned short WORD
Definition: ntddk_ex.h:93
FileHandle
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE FileHandle
Definition: fltkernel.h:1231
SecurityInformation
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1340
local
#define local
Definition: zutil.h:30
Ptr
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
Handle
ULONG Handle
Definition: gdb_input.c:15
Status
Status
Definition: gdiplustypes.h:25
count
GLuint GLuint GLsizei count
Definition: gl.h:1545
r
GLdouble GLdouble GLdouble r
Definition: gl.h:2055
size
GLsizeiptr size
Definition: glext.h:5919
mask
GLenum GLint GLuint mask
Definition: glext.h:6028
buf
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
flags
GLbitfield flags
Definition: glext.h:7161
length
GLuint GLsizei GLsizei * length
Definition: glext.h:6040
val
GLuint GLfloat * val
Definition: glext.h:7180
p
GLfloat GLfloat p
Definition: glext.h:8902
len
GLenum GLsizei len
Definition: glext.h:6722
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
token
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat token
Definition: glfuncs.h:210
j
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
LocalAlloc
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
Definition: heapmem.c:1390
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
wcslen
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
OBJ_INHERIT
#define OBJ_INHERIT
Definition: winternl.h:225
RtlQueryInformationAcl
NTSYSAPI NTSTATUS WINAPI RtlQueryInformationAcl(PACL, LPVOID, DWORD, ACL_INFORMATION_CLASS)
RtlAddAccessAllowedAceEx
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAceEx(PACL, DWORD, DWORD, DWORD, PSID)
RtlAddAccessAllowedAce
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NtCurrentThread
#define NtCurrentThread()
Definition: winternl.h:5362
RtlSelfRelativeToAbsoluteSD
NTSYSAPI NTSTATUS WINAPI RtlSelfRelativeToAbsoluteSD(PSECURITY_DESCRIPTOR, PSECURITY_DESCRIPTOR, PDWORD, PACL, PDWORD, PACL, PDWORD, PSID, PDWORD, PSID, PDWORD)
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
RtlCopySid
NTSYSAPI BOOLEAN WINAPI RtlCopySid(DWORD, PSID, PSID)
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:90
debugstr_a
#define debugstr_a
Definition: kernel32.h:31
debugstr_wn
#define debugstr_wn
Definition: kernel32.h:33
debugstr_w
#define debugstr_w
Definition: kernel32.h:32
wine_dbgstr_w
#define wine_dbgstr_w
Definition: kernel32.h:34
SECURITY_IMPERSONATION_LEVEL
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
SECURITY_DESCRIPTOR_CONTROL
WORD SECURITY_DESCRIPTOR_CONTROL
Definition: lsa.idl:37
PSID_NAME_USE
enum _SID_NAME_USE * PSID_NAME_USE
SECURITY_QUALITY_OF_SERVICE
struct _SECURITY_QUALITY_OF_SERVICE SECURITY_QUALITY_OF_SERVICE
error
#define error(str)
Definition: mkdosfs.c:1605
PCHAR
#define PCHAR
Definition: match.c:90
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
TokenImpersonation
@ TokenImpersonation
Definition: imports.h:274
dwSize
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:56
PNTSTATUS
* PNTSTATUS
Definition: strlen.c:14
ObjectTypeName
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
Definition: security.c:79
pObjSid
static POBJECTS_AND_SID pObjSid
Definition: security.c:83
pSid
static PSID pSid
Definition: security.c:74
pObjName
static POBJECTS_AND_NAME_A pObjName
Definition: security.c:77
pObjectGuid
static POBJECTS_AND_SID GUID * pObjectGuid
Definition: security.c:84
pInheritedObjectGuid
static POBJECTS_AND_SID GUID GUID * pInheritedObjectGuid
Definition: security.c:85
InheritedObjectTypeName
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR InheritedObjectTypeName
Definition: security.c:80
cch
static DWORD DWORD void LPSTR DWORD cch
Definition: str.c:202
ObjectType
ObjectType
Definition: metafile.c:81
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
SECURITY_INFORMATION
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
ACL
struct _ACL ACL
ACCESS_ALLOWED_ACE
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
PACCESS_ALLOWED_ACE
struct _ACCESS_ALLOWED_ACE * PACCESS_ALLOWED_ACE
UINT
unsigned int UINT
Definition: ndis.h:50
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
ProcessHandle
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
TokenHandle
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:726
RtlAddAce
NTSYSAPI NTSTATUS NTAPI RtlAddAce(_Inout_ PACL Acl, _In_ ULONG AceRevision, _In_ ULONG StartingAceIndex, _In_reads_bytes_(AceListLength) PVOID AceList, _In_ ULONG AceListLength)
RtlSubAuthoritySid
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
RtlValidAcl
NTSYSAPI BOOLEAN NTAPI RtlValidAcl(PACL Acl)
RtlImpersonateSelf
NTSYSAPI NTSTATUS NTAPI RtlImpersonateSelf(IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: priv.c:45
RtlLengthRequiredSid
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
SubAuthorityCount
_In_ PSID_IDENTIFIER_AUTHORITY _In_ UCHAR SubAuthorityCount
Definition: rtlfuncs.h:1539
RtlCreateAcl
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
RtlAddAuditAccessAce
NTSYSAPI NTSTATUS NTAPI RtlAddAuditAccessAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid, _In_ BOOLEAN Success, _In_ BOOLEAN Failure)
RtlGetAce
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
RtlValidSid
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21
RtlEqualPrefixSid
NTSYSAPI BOOLEAN NTAPI RtlEqualPrefixSid(PSID Sid1, PSID Sid2)
RtlCreateSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
RtlAddAuditAccessAceEx
NTSYSAPI NTSTATUS NTAPI RtlAddAuditAccessAceEx(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid, _In_ BOOLEAN Success, _In_ BOOLEAN Failure)
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1157
RtlFreeSid
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
RtlCreateUnicodeStringFromAsciiz
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz(_Out_ PUNICODE_STRING Destination, _In_ PCSZ Source)
dwAceRevision
_In_ ULONG dwAceRevision
Definition: rtlfuncs.h:1165
RtlIdentifierAuthoritySid
NTSYSAPI PSID_IDENTIFIER_AUTHORITY NTAPI RtlIdentifierAuthoritySid(PSID Sid)
RtlAddAccessDeniedAce
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)
RtlAddAccessDeniedAceEx
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAceEx(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)
RtlDeleteAce
NTSYSAPI NTSTATUS NTAPI RtlDeleteAce(PACL Acl, ULONG AceIndex)
Revision
_In_ ULONG Revision
Definition: rtlfuncs.h:1154
RtlEqualSid
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)
RtlFirstFreeAce
NTSYSAPI BOOLEAN NTAPI RtlFirstFreeAce(PACL Acl, PACE *Ace)
IdentifierAuthority
_In_ PSID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: rtlfuncs.h:1537
RtlDosPathNameToNtPathName_U
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToNtPathName_U(_In_opt_z_ PCWSTR DosPathName, _Out_ PUNICODE_STRING NtPathName, _Out_opt_ PCWSTR *NtFileNamePart, _Out_opt_ PRTL_RELATIVE_NAME_U DirectoryInfo)
RtlAreAllAccessesGranted
NTSYSAPI BOOLEAN NTAPI RtlAreAllAccessesGranted(ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess)
RtlAreAnyAccessesGranted
NTSYSAPI BOOLEAN NTAPI RtlAreAnyAccessesGranted(ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess)
TokenInformationClass
_In_ TOKEN_INFORMATION_CLASS TokenInformationClass
Definition: sefuncs.h:317
NewTokenHandle
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE _Out_ PHANDLE NewTokenHandle
Definition: sefuncs.h:412
TokenInformationLength
_In_ TOKEN_INFORMATION_CLASS _In_ ULONG TokenInformationLength
Definition: sefuncs.h:319
TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:411
hThread
HANDLE hThread
Definition: wizard.c:28
_In_reads_
#define _In_reads_(s)
Definition: no_sal2.h:168
_Inout_
#define _Inout_
Definition: no_sal2.h:162
_Outptr_
#define _Outptr_
Definition: no_sal2.h:262
_Inout_opt_
#define _Inout_opt_
Definition: no_sal2.h:216
_Out_writes_
#define _Out_writes_(s)
Definition: no_sal2.h:176
_Out_
#define _Out_
Definition: no_sal2.h:160
_In_reads_opt_
#define _In_reads_opt_(s)
Definition: no_sal2.h:222
_In_
#define _In_
Definition: no_sal2.h:158
_In_opt_
#define _In_opt_
Definition: no_sal2.h:212
_Out_writes_bytes_
#define _Out_writes_bytes_(s)
Definition: no_sal2.h:178
NtOpenFile
NTSYSAPI NTSTATUS NTAPI NtOpenFile(OUT PHANDLE phFile, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG ShareMode, IN ULONG OpenMode)
Definition: file.c:3953
BOOL
#define BOOL
Definition: nt_native.h:43
FILE_SHARE_WRITE
#define FILE_SHARE_WRITE
Definition: nt_native.h:681
WRITE_DAC
#define WRITE_DAC
Definition: nt_native.h:59
FILE_GENERIC_EXECUTE
#define FILE_GENERIC_EXECUTE
Definition: nt_native.h:668
KEY_ALL_ACCESS
#define KEY_ALL_ACCESS
Definition: nt_native.h:1041
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
PACCESS_MASK
ACCESS_MASK * PACCESS_MASK
Definition: nt_native.h:41
FILE_SHARE_DELETE
#define FILE_SHARE_DELETE
Definition: nt_native.h:682
KEY_EXECUTE
#define KEY_EXECUTE
Definition: nt_native.h:1037
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
DELETE
#define DELETE
Definition: nt_native.h:57
RtlFreeUnicodeString
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
KEY_WRITE
#define KEY_WRITE
Definition: nt_native.h:1031
READ_CONTROL
#define READ_CONTROL
Definition: nt_native.h:58
FILE_ALL_ACCESS
#define FILE_ALL_ACCESS
Definition: nt_native.h:651
WRITE_OWNER
#define WRITE_OWNER
Definition: nt_native.h:60
GENERIC_WRITE
#define GENERIC_WRITE
Definition: nt_native.h:90
NtFsControlFile
NTSYSAPI NTSTATUS NTAPI NtFsControlFile(IN HANDLE hFile, IN HANDLE hEvent OPTIONAL, IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL, IN PVOID IoApcContext OPTIONAL, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG DeviceIoControlCode, IN PVOID InBuffer OPTIONAL, IN ULONG InBufferLength, OUT PVOID OutBuffer OPTIONAL, IN ULONG OutBufferLength)
FILE_GENERIC_READ
#define FILE_GENERIC_READ
Definition: nt_native.h:653
GENERIC_EXECUTE
#define GENERIC_EXECUTE
Definition: nt_native.h:91
FILE_GENERIC_WRITE
#define FILE_GENERIC_WRITE
Definition: nt_native.h:660
UNICODE_NULL
#define UNICODE_NULL
ANSI_NULL
#define ANSI_NULL
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
RtlConvertSidToUnicodeString
NTSYSAPI NTSTATUS NTAPI RtlConvertSidToUnicodeString(OUT PUNICODE_STRING DestinationString, IN PVOID Sid, IN BOOLEAN AllocateDestinationString)
RtlSubAuthorityCountSid
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
Definition: sid.c:104
RtlInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
NtAllocateLocallyUniqueId
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:348
NtSetInformationThread
NTSTATUS NTAPI NtSetInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength)
Definition: query.c:2074
NtOpenProcessToken
NTSTATUS NTAPI NtOpenProcessToken(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
Definition: security.c:350
NtPrivilegeCheck
NTSTATUS NTAPI NtPrivilegeCheck(_In_ HANDLE ClientToken, _In_ PPRIVILEGE_SET RequiredPrivileges, _Out_ PBOOLEAN Result)
Checks a client access token if it has the required set of privileges.
Definition: priv.c:868
NtOpenThreadToken
NTSTATUS NTAPI NtOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:2474
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
STATUS_NOT_ALL_ASSIGNED
#define STATUS_NOT_ALL_ASSIGNED
Definition: ntstatus.h:85
NtQuerySecurityObject
NTSTATUS NTAPI NtQuerySecurityObject(IN HANDLE Handle, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Length, OUT PULONG ResultLength)
Definition: obsecure.c:803
PDWORD
DWORD * PDWORD
Definition: pedump.c:68
FSCTL_PIPE_IMPERSONATE
#define FSCTL_PIPE_IMPERSONATE
Definition: winioctl.h:734
atoiW
#define atoiW(s)
Definition: unicode.h:60
strlenW
#define strlenW(s)
Definition: unicode.h:34
strtoulW
#define strtoulW(s1, s2, b)
Definition: unicode.h:47
strncmpW
#define strncmpW(s1, s2, n)
Definition: unicode.h:42
sprintfW
#define sprintfW
Definition: unicode.h:64
RpcBindingFromStringBindingW
RPC_STATUS WINAPI RpcBindingFromStringBindingW(RPC_WSTR StringBinding, RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:880
RpcStringBindingComposeW
RPC_STATUS WINAPI RpcStringBindingComposeW(RPC_WSTR ObjUuid, RPC_WSTR Protseq, RPC_WSTR NetworkAddr, RPC_WSTR Endpoint, RPC_WSTR Options, RPC_WSTR *StringBinding)
Definition: rpc_binding.c:510
RpcBindingFree
RPC_STATUS WINAPI RpcBindingFree(RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:787
str
const WCHAR * str
Definition: rpc_transport.c:2724
RPC_S_OK
#define RPC_S_OK
Definition: rpcnterr.h:22
RpcStringFreeW
RPC_STATUS WINAPI RpcStringFreeW(RPC_WSTR *String)
Definition: rpcrt4_main.c:175
SDDL_WRITE_DAC
#define SDDL_WRITE_DAC
Definition: sddl.h:61
SDDL_FILE_WRITE
#define SDDL_FILE_WRITE
Definition: sddl.h:70
SDDL_GENERIC_EXECUTE
#define SDDL_GENERIC_EXECUTE
Definition: sddl.h:67
SDDL_FILE_ALL
#define SDDL_FILE_ALL
Definition: sddl.h:68
SDDL_WRITE_OWNER
#define SDDL_WRITE_OWNER
Definition: sddl.h:62
SDDL_LIST_OBJECT
#define SDDL_LIST_OBJECT
Definition: sddl.h:57
SDDL_KEY_WRITE
#define SDDL_KEY_WRITE
Definition: sddl.h:74
SDDL_KEY_READ
#define SDDL_KEY_READ
Definition: sddl.h:73
SDDL_GENERIC_ALL
#define SDDL_GENERIC_ALL
Definition: sddl.h:64
SDDL_WRITE_PROPERTY
#define SDDL_WRITE_PROPERTY
Definition: sddl.h:52
SDDL_AUTO_INHERITED
#define SDDL_AUTO_INHERITED
Definition: sddl.h:46
SDDL_FILE_READ
#define SDDL_FILE_READ
Definition: sddl.h:69
SDDL_DELETE_TREE
#define SDDL_DELETE_TREE
Definition: sddl.h:58
SDDL_CREATE_CHILD
#define SDDL_CREATE_CHILD
Definition: sddl.h:53
SDDL_SELF_WRITE
#define SDDL_SELF_WRITE
Definition: sddl.h:56
SDDL_LIST_CHILDREN
#define SDDL_LIST_CHILDREN
Definition: sddl.h:55
SDDL_REVISION_1
#define SDDL_REVISION_1
Definition: sddl.h:30
SDDL_GENERIC_READ
#define SDDL_GENERIC_READ
Definition: sddl.h:65
SDDL_FILE_EXECUTE
#define SDDL_FILE_EXECUTE
Definition: sddl.h:71
SDDL_READ_CONTROL
#define SDDL_READ_CONTROL
Definition: sddl.h:60
SDDL_REVISION
#define SDDL_REVISION
Definition: sddl.h:31
SDDL_STANDARD_DELETE
#define SDDL_STANDARD_DELETE
Definition: sddl.h:63
SDDL_KEY_ALL
#define SDDL_KEY_ALL
Definition: sddl.h:72
SDDL_AUTO_INHERIT_REQ
#define SDDL_AUTO_INHERIT_REQ
Definition: sddl.h:45
SDDL_PROTECTED
#define SDDL_PROTECTED
Definition: sddl.h:44
SDDL_GENERIC_WRITE
#define SDDL_GENERIC_WRITE
Definition: sddl.h:66
SDDL_KEY_EXECUTE
#define SDDL_KEY_EXECUTE
Definition: sddl.h:75
SDDL_DELETE_CHILD
#define SDDL_DELETE_CHILD
Definition: sddl.h:54
SDDL_READ_PROPERTY
#define SDDL_READ_PROPERTY
Definition: sddl.h:51
SDDL_CONTROL_ACCESS
#define SDDL_CONTROL_ACCESS
Definition: sddl.h:59
RpcEndExcept
#define RpcEndExcept
Definition: rpc.h:123
RpcTryExcept
#define RpcTryExcept
Definition: rpc.h:121
RpcExcept
#define RpcExcept(expr)
Definition: rpc.h:122
RPC_STATUS
long RPC_STATUS
Definition: rpc.h:48
RpcExceptionCode
#define RpcExceptionCode()
Definition: rpc.h:127
RtlSetInformationAcl
NTSTATUS NTAPI RtlSetInformationAcl(IN PACL Acl, IN PVOID Information, IN ULONG InformationLength, IN ACL_INFORMATION_CLASS InformationClass)
Definition: acl.c:785
SetSecurityAccessMask
VOID WINAPI SetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation, OUT LPDWORD DesiredAccess)
Definition: sec.c:398
QuerySecurityAccessMask
VOID WINAPI QuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation, OUT LPDWORD DesiredAccess)
Definition: sec.c:377
GetSecurityDescriptorControl
BOOL WINAPI GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
Definition: sec.c:21
GetSecurityDescriptorGroup
BOOL WINAPI GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pGroup, LPBOOL lpbGroupDefaulted)
Definition: sec.c:76
GetSecurityDescriptorSacl
BOOL WINAPI GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbSaclPresent, PACL *pSacl, LPBOOL lpbSaclDefaulted)
Definition: sec.c:146
GetSecurityDescriptorDacl
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
Definition: sec.c:45
GetSecurityDescriptorOwner
BOOL WINAPI GetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pOwner, LPBOOL lpbOwnerDefaulted)
Definition: sec.c:103
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
NtSetSecurityObject
NTSTATUS WINAPI NtSetSecurityObject(HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
OPTIONAL
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68
Response
Definition: ncftp.h:89
WELLKNOWNRID::Rid
DWORD Rid
Definition: security.c:106
WELLKNOWNRID::wstr
WCHAR wstr[2]
Definition: security.c:104
WELLKNOWNRID::Type
WELL_KNOWN_SID_TYPE Type
Definition: security.c:105
WELLKNOWNSID::Sid
MAX_SID Sid
Definition: security.c:42
WELLKNOWNSID::wstr
WCHAR wstr[2]
Definition: security.c:40
WELLKNOWNSID::Type
WELL_KNOWN_SID_TYPE Type
Definition: security.c:41
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
_ACCESS_ALLOWED_ACE::Header
ACE_HEADER Header
Definition: ms-dtyp.idl:216
_ACCESS_ALLOWED_ACE::SidStart
DWORD SidStart
Definition: ms-dtyp.idl:218
_ACCESS_ALLOWED_ACE::Mask
ACCESS_MASK Mask
Definition: ms-dtyp.idl:217
_ACEFLAG
Definition: security.c:24
_ACEFLAG::value
DWORD value
Definition: security.c:26
_ACEFLAG::wstr
LPCWSTR wstr
Definition: security.c:25
_ACE_HEADER
Definition: ms-dtyp.idl:209
_ACE_HEADER::AceSize
USHORT AceSize
Definition: ms-dtyp.idl:212
_ACE_HEADER::AceFlags
UCHAR AceFlags
Definition: ms-dtyp.idl:211
_ACE_HEADER::AceType
UCHAR AceType
Definition: ms-dtyp.idl:210
_ACE
Definition: rtltypes.h:987
_ACL
Definition: ms-dtyp.idl:293
_ACL::Sbz2
USHORT Sbz2
Definition: ms-dtyp.idl:298
_ACL::Sbz1
UCHAR Sbz1
Definition: ms-dtyp.idl:295
_ACL::AceCount
USHORT AceCount
Definition: ms-dtyp.idl:297
_ACL::AclSize
USHORT AclSize
Definition: ms-dtyp.idl:296
_ACL::AclRevision
UCHAR AclRevision
Definition: ms-dtyp.idl:294
_ACTRL_ALISTA
Definition: accctrl.h:267
_ACTRL_ALISTW
Definition: accctrl.h:273
_EXPLICIT_ACCESS_A
Definition: accctrl.h:331
_EXPLICIT_ACCESS_A::grfAccessPermissions
DWORD grfAccessPermissions
Definition: accctrl.h:332
_EXPLICIT_ACCESS_A::Trustee
TRUSTEE_A Trustee
Definition: accctrl.h:335
_EXPLICIT_ACCESS_A::grfInheritance
DWORD grfInheritance
Definition: accctrl.h:334
_EXPLICIT_ACCESS_A::grfAccessMode
ACCESS_MODE grfAccessMode
Definition: accctrl.h:333
_EXPLICIT_ACCESS_W
Definition: accctrl.h:339
_EXPLICIT_ACCESS_W::grfAccessPermissions
DWORD grfAccessPermissions
Definition: accctrl.h:340
_EXPLICIT_ACCESS_W::grfInheritance
DWORD grfInheritance
Definition: accctrl.h:342
_EXPLICIT_ACCESS_W::Trustee
TRUSTEE_W Trustee
Definition: accctrl.h:343
_EXPLICIT_ACCESS_W::grfAccessMode
ACCESS_MODE grfAccessMode
Definition: accctrl.h:341
_FileName
Definition: filecomp.c:348
_GENERIC_MAPPING
Definition: nt_native.h:564
_IO_STATUS_BLOCK
Definition: env_spec_w32.h:870
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
_LUID
Definition: devicetopology.idl:137
_MAX_SID
Definition: security.c:30
_MAX_SID::IdentifierAuthority
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: security.c:34
_MAX_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: security.c:33
_MAX_SID::Revision
BYTE Revision
Definition: security.c:32
_MAX_SID::SubAuthority
DWORD SubAuthority[SID_MAX_SUB_AUTHORITIES]
Definition: security.c:35
_OBJECTS_AND_NAME_A
Definition: accctrl.h:355
_OBJECTS_AND_NAME_A::ptstrName
LPSTR ptstrName
Definition: accctrl.h:360
_OBJECTS_AND_NAME_A::ObjectsPresent
DWORD ObjectsPresent
Definition: accctrl.h:356
_OBJECTS_AND_NAME_A::InheritedObjectTypeName
LPSTR InheritedObjectTypeName
Definition: accctrl.h:359
_OBJECTS_AND_NAME_A::ObjectType
SE_OBJECT_TYPE ObjectType
Definition: accctrl.h:357
_OBJECTS_AND_NAME_W
Definition: accctrl.h:364
_OBJECTS_AND_SID
Definition: accctrl.h:347
_OBJECTS_AND_SID::InheritedObjectTypeGuid
GUID InheritedObjectTypeGuid
Definition: accctrl.h:350
_OBJECTS_AND_SID::pSid
SID * pSid
Definition: accctrl.h:351
_OBJECTS_AND_SID::ObjectTypeGuid
GUID ObjectTypeGuid
Definition: accctrl.h:349
_OBJECTS_AND_SID::ObjectsPresent
DWORD ObjectsPresent
Definition: accctrl.h:348
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_OBJECT_TYPE_LIST
Definition: setypes.h:868
_PRIVILEGE_SET
Definition: setypes.h:85
_PROCESS_INFORMATION
Definition: winbase.h:907
_SECL_REQUEST
Definition: seclogon.idl:8
_SECL_RESPONSE
Definition: seclogon.idl:23
_SECURITY_ATTRIBUTES
Definition: compat.h:191
_SECURITY_DESCRIPTOR_RELATIVE
Definition: setypes.h:848
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
_SECURITY_DESCRIPTOR::Revision
UCHAR Revision
Definition: ms-dtyp.idl:302
_SECURITY_DESCRIPTOR::Control
USHORT Control
Definition: ms-dtyp.idl:304
_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63
_SECURITY_QUALITY_OF_SERVICE::ContextTrackingMode
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
_SECURITY_QUALITY_OF_SERVICE::EffectiveOnly
BOOLEAN EffectiveOnly
Definition: lsa.idl:67
_SECURITY_QUALITY_OF_SERVICE::Length
DWORD Length
Definition: lsa.idl:64
_SECURITY_QUALITY_OF_SERVICE::ImpersonationLevel
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
_SID_AND_ATTRIBUTES
Definition: setypes.h:502
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:508
_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194
_SID_IDENTIFIER_AUTHORITY::Value
BYTE Value[6]
Definition: ms-dtyp.idl:195
_SID
Definition: ms-dtyp.idl:198
_SID::Revision
BYTE Revision
Definition: ms-dtyp.idl:199
_SID::SubAuthority
DWORD SubAuthority[*]
Definition: ms-dtyp.idl:202
_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
_SID::IdentifierAuthority
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: ms-dtyp.idl:201
_STARTUPINFOW
Definition: winbase.h:886
_TOKEN_GROUPS
Definition: setypes.h:1025
_TOKEN_GROUPS::Groups
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:1030
_TOKEN_GROUPS::GroupCount
$ULONG GroupCount
Definition: setypes.h:1026
_TOKEN_PRIVILEGES
Definition: setypes.h:1034
_TOKEN_PRIVILEGES::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:1035
_TOKEN_PRIVILEGES::Privileges
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:1036
_TRUSTEE_A
Definition: accctrl.h:203
_TRUSTEE_A::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:205
_TRUSTEE_A::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:207
_TRUSTEE_A::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:206
_TRUSTEE_A::pMultipleTrustee
struct _TRUSTEE_A * pMultipleTrustee
Definition: accctrl.h:204
_TRUSTEE_A::ptstrName
LPSTR ptstrName
Definition: accctrl.h:208
_TRUSTEE_W
Definition: accctrl.h:212
_TRUSTEE_W::ptstrName
LPWSTR ptstrName
Definition: accctrl.h:217
_TRUSTEE_W::pMultipleTrustee
struct _TRUSTEE_W * pMultipleTrustee
Definition: accctrl.h:213
_TRUSTEE_W::TrusteeType
TRUSTEE_TYPE TrusteeType
Definition: accctrl.h:216
_TRUSTEE_W::TrusteeForm
TRUSTEE_FORM TrusteeForm
Definition: accctrl.h:215
_TRUSTEE_W::MultipleTrusteeOperation
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
Definition: accctrl.h:214
_UNICODE_STRING
Definition: env_spec_w32.h:368
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
control
Definition: dialog.c:52
dacl
Definition: security.c:35
fmt
Definition: dsound.c:943
name
Definition: name.c:39
status
Definition: ps.c:97
INHERITED_ACE
#define INHERITED_ACE
Definition: ph.h:47
prefix
Character const *const prefix
Definition: tempnam.cpp:195
NtAdjustPrivilegesToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState!=NULL, _Out_) PULONG ReturnLength)
Removes a certain amount of privileges of a token based upon the request by the caller.
Definition: tokenadj.c:451
NtAdjustGroupsToken
NTSTATUS NTAPI NtAdjustGroupsToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN ResetToDefault, _In_ PTOKEN_GROUPS NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength)
Changes the list of groups by enabling or disabling them in an access token. Unlike NtAdjustPrivilege...
Definition: tokenadj.c:695
NtQueryInformationToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
Definition: tokencls.c:473
NtSetInformationToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtSetInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength)
Sets (modifies) some specific information in regard of an access token. The calling thread must have ...
Definition: tokencls.c:1125
NtFilterToken
NTSTATUS NTAPI NtFilterToken(_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle)
Creates an access token in a restricted form from the original existing token, that is,...
Definition: tokenlif.c:2075
NtDuplicateToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
Definition: tokenlif.c:1869
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
MAKEWORD
#define MAKEWORD(a, b)
Definition: typedefs.h:248
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:53
LPDWORD
uint32_t * LPDWORD
Definition: typedefs.h:59
INT
int32_t INT
Definition: typedefs.h:58
IN
#define IN
Definition: typedefs.h:39
MAKELONG
#define MAKELONG(a, b)
Definition: typedefs.h:249
PWCHAR
uint16_t * PWCHAR
Definition: typedefs.h:56
PUCHAR
unsigned char * PUCHAR
Definition: typedefs.h:53
ULONG
uint32_t ULONG
Definition: typedefs.h:59
OUT
#define OUT
Definition: typedefs.h:40
PCHAR
char * PCHAR
Definition: typedefs.h:51
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
value
Definition: pdh_main.c:96
TotalLength
_In_ ULONG TotalLength
Definition: usbdlib.h:158
Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:182
PreviousState
_In_ WDF_POWER_DEVICE_STATE PreviousState
Definition: wdfdevice.h:829
DesiredAccess
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK DesiredAccess
Definition: wdfdevice.h:2658
BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771
Request
_In_ WDFREQUEST Request
Definition: wdfdevice.h:547
Information
_In_ WDFREQUEST _In_ NTSTATUS _In_ ULONG_PTR Information
Definition: wdfrequest.h:1049
lpLuid
_In_ PLUID lpLuid
Definition: winbase.h:2850
ZeroMemory
#define ZeroMemory
Definition: winbase.h:1753
lpDisplayName
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR lpDisplayName
Definition: winbase.h:2831
GetLastError
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
lpFileName
_In_ LPCSTR lpFileName
Definition: winbase.h:3112
lpLanguageId
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR _Inout_ LPDWORD _Out_ LPDWORD lpLanguageId
Definition: winbase.h:2833
cbSid
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD cbSid
Definition: winbase.h:2784
lpName
_In_ LPCSTR lpName
Definition: winbase.h:2830
CREATE_UNICODE_ENVIRONMENT
#define CREATE_UNICODE_ENVIRONMENT
Definition: winbase.h:196
GetCurrentProcessId
DWORD WINAPI GetCurrentProcessId(void)
Definition: proc.c:1158
GMEM_ZEROINIT
#define GMEM_ZEROINIT
Definition: winbase.h:339
CopyMemory
#define CopyMemory
Definition: winbase.h:1751
MoveMemory
#define MoveMemory
Definition: winbase.h:1750
LMEM_FIXED
#define LMEM_FIXED
Definition: winbase.h:401
cchDisplayName
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR _Inout_ LPDWORD cchDisplayName
Definition: winbase.h:2832
ReferencedDomainName
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD _Out_writes_to_opt_ cchReferencedDomainName LPSTR ReferencedDomainName
Definition: winbase.h:2785
cchName
_In_ PSID _Out_writes_to_opt_ cchName LPSTR _Inout_ LPDWORD cchName
Definition: winbase.h:2808
MAX_COMPUTERNAME_LENGTH
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:276
nLength
WINBASEAPI _In_ DWORD nLength
Definition: wincon.h:682
x2
_In_ CLIPOBJ _In_ BRUSHOBJ _In_ LONG _In_ LONG _In_ LONG x2
Definition: winddi.h:3710
x1
_In_ CLIPOBJ _In_ BRUSHOBJ _In_ LONG x1
Definition: winddi.h:3708
LPBOOL
BOOL * LPBOOL
Definition: windef.h:162
WINAPI
#define WINAPI
Definition: msvc.h:6
ERROR_BAD_PROVIDER
#define ERROR_BAD_PROVIDER
Definition: winerror.h:1037
ERROR_UNKNOWN_REVISION
#define ERROR_UNKNOWN_REVISION
Definition: winerror.h:1133
ERROR_NOT_ALL_ASSIGNED
#define ERROR_NOT_ALL_ASSIGNED
Definition: winerror.h:1128
RPC_S_INVALID_STRING_UUID
#define RPC_S_INVALID_STRING_UUID
Definition: winerror.h:1373
ERROR_INVALID_ACL
#define ERROR_INVALID_ACL
Definition: winerror.h:1164
ERROR_INVALID_SID
#define ERROR_INVALID_SID
Definition: winerror.h:1165
ACL_INFORMATION_CLASS
enum _ACL_INFORMATION_CLASS ACL_INFORMATION_CLASS
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
ObjectName
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
Definition: cmfuncs.h:64
AccessMode
_In_ PEPROCESS _In_ KPROCESSOR_MODE AccessMode
Definition: mmfuncs.h:396
ImpersonationLevel
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: psfuncs.h:156
AccessStatus
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
Definition: sefuncs.h:21
GrantedAccess
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK GrantedAccess
Definition: sefuncs.h:20
SECURITY_ANONYMOUS_LOGON_RID
#define SECURITY_ANONYMOUS_LOGON_RID
Definition: setypes.h:563
CONTAINER_INHERIT_ACE
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:747
DOMAIN_ALIAS_RID_USERS
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:653
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:749
DOMAIN_ALIAS_RID_GUESTS
#define DOMAIN_ALIAS_RID_GUESTS
Definition: setypes.h:654
DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS
#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS
Definition: setypes.h:666
PTOKEN_GROUPS
struct _TOKEN_GROUPS * PTOKEN_GROUPS
DOMAIN_GROUP_RID_SCHEMA_ADMINS
#define DOMAIN_GROUP_RID_SCHEMA_ADMINS
Definition: setypes.h:645
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
DOMAIN_USER_RID_ADMIN
#define DOMAIN_USER_RID_ADMIN
Definition: setypes.h:631
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
SE_SACL_PROTECTED
#define SE_SACL_PROTECTED
Definition: setypes.h:844
SECURITY_LOCAL_SID_AUTHORITY
#define SECURITY_LOCAL_SID_AUTHORITY
Definition: setypes.h:530
SECURITY_LOCAL_RID
#define SECURITY_LOCAL_RID
Definition: setypes.h:542
SECURITY_DIALUP_RID
#define SECURITY_DIALUP_RID
Definition: setypes.h:556
SECURITY_SERVICE_RID
#define SECURITY_SERVICE_RID
Definition: setypes.h:562
DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS
#define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS
Definition: setypes.h:672
SECURITY_PROXY_RID
#define SECURITY_PROXY_RID
Definition: setypes.h:564
ACE_INHERITED_OBJECT_TYPE_PRESENT
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
Definition: setypes.h:818
SECURITY_INTERACTIVE_RID
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:559
SECURITY_MANDATORY_SYSTEM_RID
#define SECURITY_MANDATORY_SYSTEM_RID
Definition: setypes.h:687
SE_DACL_PROTECTED
#define SE_DACL_PROTECTED
Definition: setypes.h:843
SE_DACL_AUTO_INHERITED
#define SE_DACL_AUTO_INHERITED
Definition: setypes.h:841
SECURITY_WORLD_SID_AUTHORITY
#define SECURITY_WORLD_SID_AUTHORITY
Definition: setypes.h:527
DOMAIN_GROUP_RID_CONTROLLERS
#define DOMAIN_GROUP_RID_CONTROLLERS
Definition: setypes.h:643
DOMAIN_GROUP_RID_COMPUTERS
#define DOMAIN_GROUP_RID_COMPUTERS
Definition: setypes.h:642
SECURITY_WORLD_RID
#define SECURITY_WORLD_RID
Definition: setypes.h:541
SECURITY_CREATOR_GROUP_SERVER_RID
#define SECURITY_CREATOR_GROUP_SERVER_RID
Definition: setypes.h:548
DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS
#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS
Definition: setypes.h:665
DOMAIN_ALIAS_RID_SYSTEM_OPS
#define DOMAIN_ALIAS_RID_SYSTEM_OPS
Definition: setypes.h:658
DOMAIN_ALIAS_RID_MONITORING_USERS
#define DOMAIN_ALIAS_RID_MONITORING_USERS
Definition: setypes.h:669
DOMAIN_GROUP_RID_POLICY_ADMINS
#define DOMAIN_GROUP_RID_POLICY_ADMINS
Definition: setypes.h:647
SYSTEM_AUDIT_ACE_TYPE
#define SYSTEM_AUDIT_ACE_TYPE
Definition: setypes.h:719
ACCESS_ALLOWED_ACE_TYPE
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:717
SECURITY_MANDATORY_LABEL_AUTHORITY
#define SECURITY_MANDATORY_LABEL_AUTHORITY
Definition: setypes.h:682
TOKEN_QUERY
#define TOKEN_QUERY
Definition: setypes.h:940
SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
SECURITY_AUTHENTICATED_USER_RID
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:568
SE_DACL_AUTO_INHERIT_REQ
#define SE_DACL_AUTO_INHERIT_REQ
Definition: setypes.h:839
DOMAIN_GROUP_RID_GUESTS
#define DOMAIN_GROUP_RID_GUESTS
Definition: setypes.h:641
SYSTEM_MANDATORY_LABEL_NO_READ_UP
#define SYSTEM_MANDATORY_LABEL_NO_READ_UP
Definition: setypes.h:821
DOMAIN_ALIAS_RID_LOGGING_USERS
#define DOMAIN_ALIAS_RID_LOGGING_USERS
Definition: setypes.h:670
OWNER_SECURITY_INFORMATION
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
SECURITY_PACKAGE_NTLM_RID
#define SECURITY_PACKAGE_NTLM_RID
Definition: setypes.h:587
SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:540
SE_SELF_RELATIVE
#define SE_SELF_RELATIVE
Definition: setypes.h:846
SECURITY_PACKAGE_BASE_RID
#define SECURITY_PACKAGE_BASE_RID
Definition: setypes.h:585
DOMAIN_ALIAS_RID_ACCOUNT_OPS
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS
Definition: setypes.h:657
SECURITY_RESTRICTED_CODE_RID
#define SECURITY_RESTRICTED_CODE_RID
Definition: setypes.h:569
DOMAIN_USER_RID_GUEST
#define DOMAIN_USER_RID_GUEST
Definition: setypes.h:632
SECURITY_DESCRIPTOR_RELATIVE
struct _SECURITY_DESCRIPTOR_RELATIVE SECURITY_DESCRIPTOR_RELATIVE
SE_SACL_AUTO_INHERITED
#define SE_SACL_AUTO_INHERITED
Definition: setypes.h:842
SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
DOMAIN_ALIAS_RID_RAS_SERVERS
#define DOMAIN_ALIAS_RID_RAS_SERVERS
Definition: setypes.h:663
SYSTEM_ALARM_ACE_TYPE
#define SYSTEM_ALARM_ACE_TYPE
Definition: setypes.h:720
SECURITY_PACKAGE_DIGEST_RID
#define SECURITY_PACKAGE_DIGEST_RID
Definition: setypes.h:589
DOMAIN_GROUP_RID_CERT_ADMINS
#define DOMAIN_GROUP_RID_CERT_ADMINS
Definition: setypes.h:644
OBJECT_INHERIT_ACE
#define OBJECT_INHERIT_ACE
Definition: setypes.h:746
SECURITY_TERMINAL_SERVER_RID
#define SECURITY_TERMINAL_SERVER_RID
Definition: setypes.h:570
DOMAIN_ALIAS_RID_BACKUP_OPS
#define DOMAIN_ALIAS_RID_BACKUP_OPS
Definition: setypes.h:660
SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP
#define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP
Definition: setypes.h:822
NO_PROPAGATE_INHERIT_ACE
#define NO_PROPAGATE_INHERIT_ACE
Definition: setypes.h:748
SECURITY_BATCH_RID
#define SECURITY_BATCH_RID
Definition: setypes.h:558
ACCESS_DENIED_ACE_TYPE
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:718
SECURITY_MANDATORY_HIGH_RID
#define SECURITY_MANDATORY_HIGH_RID
Definition: setypes.h:686
DOMAIN_ALIAS_RID_PRINT_OPS
#define DOMAIN_ALIAS_RID_PRINT_OPS
Definition: setypes.h:659
SE_SACL_PRESENT
#define SE_SACL_PRESENT
Definition: setypes.h:835
SECURITY_CREATOR_OWNER_SERVER_RID
#define SECURITY_CREATOR_OWNER_SERVER_RID
Definition: setypes.h:547
DOMAIN_ALIAS_RID_REPLICATOR
#define DOMAIN_ALIAS_RID_REPLICATOR
Definition: setypes.h:662
PTOKEN_PRIVILEGES
struct _TOKEN_PRIVILEGES * PTOKEN_PRIVILEGES
SECURITY_LOCAL_SERVICE_RID
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:575
DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS
#define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS
Definition: setypes.h:671
SECURITY_OTHER_ORGANIZATION_RID
#define SECURITY_OTHER_ORGANIZATION_RID
Definition: setypes.h:619
SECURITY_THIS_ORGANIZATION_RID
#define SECURITY_THIS_ORGANIZATION_RID
Definition: setypes.h:572
SYSTEM_MANDATORY_LABEL_ACE_TYPE
#define SYSTEM_MANDATORY_LABEL_ACE_TYPE
Definition: setypes.h:741
SECURITY_PRINCIPAL_SELF_RID
#define SECURITY_PRINCIPAL_SELF_RID
Definition: setypes.h:567
TOKEN_INFORMATION_CLASS
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
PSID_IDENTIFIER_AUTHORITY
* PSID_IDENTIFIER_AUTHORITY
Definition: setypes.h:464
SECURITY_CREATOR_OWNER_RID
#define SECURITY_CREATOR_OWNER_RID
Definition: setypes.h:545
SYSTEM_MANDATORY_LABEL_NO_WRITE_UP
#define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP
Definition: setypes.h:820
DOMAIN_ALIAS_RID_POWER_USERS
#define DOMAIN_ALIAS_RID_POWER_USERS
Definition: setypes.h:655
SE_SACL_AUTO_INHERIT_REQ
#define SE_SACL_AUTO_INHERIT_REQ
Definition: setypes.h:840
GROUP_SECURITY_INFORMATION
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
ACE_OBJECT_TYPE_PRESENT
#define ACE_OBJECT_TYPE_PRESENT
Definition: setypes.h:817
DOMAIN_GROUP_RID_ENTERPRISE_ADMINS
#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS
Definition: setypes.h:646
TOKEN_IMPERSONATE
#define TOKEN_IMPERSONATE
Definition: setypes.h:939
SECURITY_NULL_SID_AUTHORITY
#define SECURITY_NULL_SID_AUTHORITY
Definition: setypes.h:524
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
DOMAIN_ALIAS_RID_PREW2KCOMPACCESS
#define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS
Definition: setypes.h:664
SECURITY_PACKAGE_SCHANNEL_RID
#define SECURITY_PACKAGE_SCHANNEL_RID
Definition: setypes.h:588
SECURITY_ENTERPRISE_CONTROLLERS_RID
#define SECURITY_ENTERPRISE_CONTROLLERS_RID
Definition: setypes.h:565
SID_MAX_SUB_AUTHORITIES
#define SID_MAX_SUB_AUTHORITIES
Definition: setypes.h:482
SECURITY_NETWORK_RID
#define SECURITY_NETWORK_RID
Definition: setypes.h:557
SECURITY_NETWORK_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:576
WELL_KNOWN_SID_TYPE
WELL_KNOWN_SID_TYPE
Definition: setypes.h:455
SACL_SECURITY_INFORMATION
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126
DOMAIN_USER_RID_KRBTGT
#define DOMAIN_USER_RID_KRBTGT
Definition: setypes.h:633
DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652
DOMAIN_GROUP_RID_ADMINS
#define DOMAIN_GROUP_RID_ADMINS
Definition: setypes.h:639
SID_REVISION
#define SID_REVISION
Definition: setypes.h:481
SECURITY_CREATOR_SID_AUTHORITY
#define SECURITY_CREATOR_SID_AUTHORITY
Definition: setypes.h:533
SECURITY_MANDATORY_MEDIUM_RID
#define SECURITY_MANDATORY_MEDIUM_RID
Definition: setypes.h:685
SECURITY_MANDATORY_LOW_RID
#define SECURITY_MANDATORY_LOW_RID
Definition: setypes.h:684
SECURITY_REMOTE_LOGON_RID
#define SECURITY_REMOTE_LOGON_RID
Definition: setypes.h:571
FAILED_ACCESS_ACE_FLAG
#define FAILED_ACCESS_ACE_FLAG
Definition: setypes.h:754
SECURITY_CREATOR_GROUP_RID
#define SECURITY_CREATOR_GROUP_RID
Definition: setypes.h:546
SUCCESSFUL_ACCESS_ACE_FLAG
#define SUCCESSFUL_ACCESS_ACE_FLAG
Definition: setypes.h:753
SE_DACL_PRESENT
#define SE_DACL_PRESENT
Definition: setypes.h:833
SECURITY_NT_NON_UNIQUE
#define SECURITY_NT_NON_UNIQUE
Definition: setypes.h:577
DOMAIN_ALIAS_RID_DCOM_USERS
#define DOMAIN_ALIAS_RID_DCOM_USERS
Definition: setypes.h:673
DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS
#define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS
Definition: setypes.h:667
DOMAIN_GROUP_RID_USERS
#define DOMAIN_GROUP_RID_USERS
Definition: setypes.h:640
LPCSTR
const char * LPCSTR
Definition: xmlstorage.h:183
LPSTR
char * LPSTR
Definition: xmlstorage.h:182
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184
LPCWSTR
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185
BYTE
unsigned char BYTE
Definition: xxhash.c:193
OpenAsSelf
_In_ ACCESS_MASK _In_ BOOLEAN OpenAsSelf
Definition: zwfuncs.h:700