ReactOS  0.4.14-dev-342-gdc047f9
SecurityDescriptor.cpp
Go to the documentation of this file.
1 /*
2  * regexpl - Console Registry Explorer
3  *
4  * Copyright (C) 2000-2005 Nedko Arnaudov <nedko@users.sourceforge.net>
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 2 of the License, or
9  * (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program; see the file COPYING. If not, write to
18  * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
19  * Boston, MA 02111-1307, USA.
20  */
21 
22 // SecurityDescriptor.cpp: implementation of the CSecurityDescriptor class.
23 //
25 
26 #include "ph.h"
27 #include "SecurityDescriptor.h"
28 
30  PSID pSid, // binary Sid
31  LPTSTR TextualSid, // buffer for Textual representation of Sid
32  LPDWORD lpdwBufferLen // required/provided TextualSid buffersize
33  )
34 {
36  DWORD dwSubAuthorities;
37  DWORD dwSidRev=SID_REVISION;
39  DWORD dwSidSize;
40 
41  // Validate the binary SID.
42 
43  if(!IsValidSid(pSid)) return FALSE;
44 
45  // Get the identifier authority value from the SID.
46 
48 
49  // Get the number of subauthorities in the SID.
50 
51  dwSubAuthorities = *GetSidSubAuthorityCount(pSid);
52 
53  // Compute the buffer length.
54  // S-SID_REVISION- + IdentifierAuthority- + subauthorities- + NULL
55 
56  dwSidSize=(15 + 12 + (12 * dwSubAuthorities) + 1) * sizeof(TCHAR);
57 
58  // Check input buffer length.
59  // If too small, indicate the proper size and set last error.
60 
61  if (*lpdwBufferLen < dwSidSize)
62  {
63  *lpdwBufferLen = dwSidSize;
65  return FALSE;
66  }
67 
68  // Add 'S' prefix and revision number to the string.
69 
70  dwSidSize=wsprintf(TextualSid, TEXT("S-%lu-"), dwSidRev );
71 
72  // Add SID identifier authority to the string.
73 
74  if ( (psia->Value[0] != 0) || (psia->Value[1] != 0) )
75  {
76  dwSidSize+=wsprintf(TextualSid + lstrlen(TextualSid),
77  TEXT("0x%02hx%02hx%02hx%02hx%02hx%02hx"),
78  (USHORT)psia->Value[0],
79  (USHORT)psia->Value[1],
80  (USHORT)psia->Value[2],
81  (USHORT)psia->Value[3],
82  (USHORT)psia->Value[4],
83  (USHORT)psia->Value[5]);
84  }
85  else
86  {
87  dwSidSize+=wsprintf(TextualSid + lstrlen(TextualSid),
88  TEXT("%lu"),
89  (ULONG)(psia->Value[5] ) +
90  (ULONG)(psia->Value[4] << 8) +
91  (ULONG)(psia->Value[3] << 16) +
92  (ULONG)(psia->Value[2] << 24) );
93  }
94 
95  // Add SID subauthorities to the string.
96  //
97  for (dwCounter=0 ; dwCounter < dwSubAuthorities ; dwCounter++)
98  {
99  dwSidSize+=wsprintf(TextualSid + dwSidSize, TEXT("-%lu"),
101  }
102 
103  return TRUE;
104 }
105 
107 {
108  switch(Use)
109  {
110  case SidTypeUser:
111  return _T("User SID");
112  case SidTypeGroup:
113  return _T("Group SID");
114  case SidTypeDomain:
115  return _T("Domain SID");
116  case SidTypeAlias:
117  return _T("Alias SID");
119  return _T("SID for a well-known group");
121  return _T("SID for a deleted account");
122  case SidTypeInvalid:
123  return _T("Invalid SID");
124  case SidTypeUnknown:
125  return _T("Unknown SID type");
126  default:
127  return _T("Error. Cannot recognize SID type.");
128  }
129 }
130 
132 // Construction/Destruction
134 
136 {
139 }
140 
142 {
143 }
144 
146 {
147  m_pSecurityDescriptor = pSecurityDescriptor;
148 }
149 
151 {
153  {
154  throw GetLastError();
155  }
156  return ERROR_SUCCESS;
157 }
158 
160 {
161  return m_blnDACLPresent;
162 }
163 
165 {
167  throw GetLastError();
168  return ERROR_SUCCESS;
169 }
170 
172 {
173  return m_blnSACLPresent;
174 }
175 
177 {
179  return (m_pDACL == NULL);
180 }
181 
183 {
185  ASSERT(m_pDACL != NULL);
186  return IsValidAcl(m_pDACL);
187 }
188 
190 {
192  return (m_pSACL == NULL);
193 }
194 
196 {
198  ASSERT(m_pSACL != NULL);
199  return IsValidAcl(m_pSACL);
200 }
201 
203 {
204  ACL_SIZE_INFORMATION SizeInfo;
205  if (!GetAclInformation(m_pDACL,&SizeInfo,sizeof(SizeInfo),AclSizeInformation))
206  throw GetLastError();
207  return SizeInfo.AceCount;
208 }
209 
211 {
212  ACL_SIZE_INFORMATION SizeInfo;
213  if (!GetAclInformation(m_pSACL,&SizeInfo,sizeof(SizeInfo),AclSizeInformation))
214  throw GetLastError();
215  return SizeInfo.AceCount;
216 }
217 
219 {
220  void *pACE;
221  if (!GetAce(m_pDACL,nIndex,&pACE)) throw GetLastError();
224  {
225  return AccessAlowed;
226  }
228  {
229  return AccessDenied;
230  }
231  return Unknown;
232 }
233 
235 {
236  void *pACE;
237  if (!GetAce(m_pSACL,nIndex,&pACE)) throw GetLastError();
240  {
243  return SystemAudit;
244  }
245  return Unknown;
246 }
247 
249 {
252  {
254  return ((PSID)&(((ACCESS_ALLOWED_ACE *)m_pCurrentACEHeader)->SidStart));
256  return ((PSID)&(((ACCESS_DENIED_ACE *)m_pCurrentACEHeader)->SidStart));
258  return ((PSID)&(((SYSTEM_AUDIT_ACE *)m_pCurrentACEHeader)->SidStart));
259  default:
260  ASSERT(FALSE); // Do not call this function for unknown ACE types !!!
261  return NULL;
262  }
263 }
264 
266 {
269  {
271  dwMask = (((ACCESS_ALLOWED_ACE *)m_pCurrentACEHeader)->Mask);
272  return;
274  dwMask = (((ACCESS_DENIED_ACE *)m_pCurrentACEHeader)->Mask);
275  return;
277  dwMask = (((SYSTEM_AUDIT_ACE *)m_pCurrentACEHeader)->Mask);
278  return;
279  default:
280  ASSERT(FALSE); // Do not call this function for unknown ACE types !!!
281  return;
282  }
283 }
284 
286 {
288  bFlags = m_pCurrentACEHeader->AceFlags;
289 }
UCHAR AceFlags
Definition: ms-dtyp.idl:211
#define TRUE
Definition: types.h:120
struct _ACE_HEADER * PACE_HEADER
enum _SID_NAME_USE SID_NAME_USE
#define ERROR_SUCCESS
Definition: deptool.c:10
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
Definition: sec.c:45
* PSID_IDENTIFIER_AUTHORITY
Definition: setypes.h:436
#define SID_REVISION
Definition: setypes.h:453
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
BOOL WINAPI IsValidAcl(PACL pAcl)
Definition: security.c:1088
PDWORD WINAPI GetSidSubAuthority(PSID pSid, DWORD nSubAuthority)
Definition: security.c:775
CHAR * LPTSTR
Definition: xmlstorage.h:192
DWORD dwCounter
Definition: mutex.c:10
#define SUCCESSFUL_ACCESS_ACE_FLAG
Definition: setypes.h:721
#define FAILED_ACCESS_ACE_FLAG
Definition: setypes.h:722
unsigned int BOOL
Definition: ntddk_ex.h:94
ACEntryType GetSACLEntry(DWORD nIndex, BOOL &blnFailedAccess, BOOL &blnSeccessfulAccess)
smooth NULL
Definition: ftsmooth.c:416
ACEntryType GetDACLEntry(DWORD nIndex)
void AssociateDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor)
char TCHAR
Definition: xmlstorage.h:189
#define _T(x)
Definition: vfdio.h:22
ACE_HEADER * m_pCurrentACEHeader
unsigned long DWORD
Definition: ntddk_ex.h:95
#define ACCESS_ALLOWED_ACE_TYPE
Definition: setypes.h:685
#define SetLastError(x)
Definition: compat.h:417
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:686
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
UCHAR AceType
Definition: ms-dtyp.idl:210
PUCHAR WINAPI GetSidSubAuthorityCount(PSID pSid)
Definition: security.c:787
unsigned char BYTE
Definition: mem.h:68
BOOL GetTextualSid(PSID pSid, LPTSTR TextualSid, LPDWORD lpdwBufferLen)
#define lstrlen
Definition: winbase.h:3700
#define TEXT(s)
Definition: k32.h:26
unsigned short USHORT
Definition: pedump.c:61
BOOL WINAPI GetAce(PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
Definition: security.c:1065
BOOL WINAPI GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbSaclPresent, PACL *pSacl, LPBOOL lpbSaclDefaulted)
Definition: sec.c:146
void GetCurrentACE_AccessMask(DWORD &dwMask)
static PSID pSid
Definition: security.c:74
PSECURITY_DESCRIPTOR m_pSecurityDescriptor
void GetCurrentACE_Flags(BYTE &bFlags)
uint32_t * LPDWORD
Definition: typedefs.h:57
unsigned int ULONG
Definition: retypes.h:1
#define SYSTEM_AUDIT_ACE_TYPE
Definition: setypes.h:687
BOOL WINAPI IsValidSid(PSID pSid)
Definition: security.c:698
#define wsprintf
Definition: winuser.h:5766
BOOL WINAPI GetAclInformation(PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
Definition: security.c:1073
PSID_IDENTIFIER_AUTHORITY WINAPI GetSidIdentifierAuthority(PSID pSid)
Definition: security.c:764
const TCHAR * GetSidTypeName(SID_NAME_USE Use)
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10