26#define WIN32_NO_STATUS
41#ifndef wine_dbg_sprintf
61C_ASSERT(
sizeof(
struct debug_info) == 0x800 );
63static inline struct debug_info *get_info(
void)
72const char *
__cdecl __wine_dbg_strdup(
const char *
str )
74 struct debug_info *
info = get_info();
75 unsigned int pos =
info->str_pos;
88#ifndef PROCESS_QUERY_LIMITED_INFORMATION
89#define PROCESS_QUERY_LIMITED_INFORMATION 0x1000
93#define PROCESS_ALL_ACCESS_NT4 (PROCESS_ALL_ACCESS & ~0xf000)
94#define PROCESS_ALL_ACCESS_VISTA (PROCESS_ALL_ACCESS | 0xf000)
96#ifndef EVENT_QUERY_STATE
97#define EVENT_QUERY_STATE 0x0001
100#ifndef SEMAPHORE_QUERY_STATE
101#define SEMAPHORE_QUERY_STATE 0x0001
104#ifndef THREAD_SET_LIMITED_INFORMATION
105#define THREAD_SET_LIMITED_INFORMATION 0x0400
106#define THREAD_QUERY_LIMITED_INFORMATION 0x0800
109#define THREAD_ALL_ACCESS_NT4 (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x3ff)
110#define THREAD_ALL_ACCESS_VISTA (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0xffff)
112#define expect_eq(expr, value, type, format) { type ret_ = expr; ok((value) == ret_, #expr " expected " format " got " format "\n", (value), (ret_)); }
148 res = __wine_dbg_strdup(sidstr);
186 ok_(__FILE__,
line)(!
ret,
"GetKernelObjectSecurity should fail\n");
188 ok_(__FILE__,
line)(needed != 0xdeadbeef,
"GetKernelObjectSecurity should return required buffer length\n");
198 ok_(__FILE__,
line)(needed ==
length || needed == 0 ,
"GetKernelObjectSecurity should return %lu instead of %lu\n",
length, needed);
207 BOOL owner_defaulted;
220 ok_(__FILE__,
line)(!owner_defaulted,
"Defaulted is true\n");
230 BOOL group_defaulted;
243 ok_(__FILE__,
line)(!group_defaulted,
"Defaulted is true\n");
251 { { {0x00,0x00,0x33,0x44,0x55,0x66} },
"S-1-860116326-1" },
252 { { {0x00,0x00,0x01,0x02,0x03,0x04} },
"S-1-16909060-1" },
253 { { {0x00,0x00,0x00,0x01,0x02,0x03} },
"S-1-66051-1" },
254 { { {0x00,0x00,0x00,0x00,0x01,0x02} },
"S-1-258-1" },
255 { { {0x00,0x00,0x00,0x00,0x00,0x02} },
"S-1-2-1" },
256 { { {0x00,0x00,0x00,0x00,0x00,0x0c} },
"S-1-12-1" },
270 {
"OW",
"S-1-3-4", 1 },
276 {
"PS",
"S-1-5-10" },
277 {
"AU",
"S-1-5-11" },
278 {
"RC",
"S-1-5-12" },
279 {
"SY",
"S-1-5-18" },
280 {
"LS",
"S-1-5-19" },
281 {
"NS",
"S-1-5-20" },
282 {
"LA",
"S-1-5-21-*-*-*-500" },
283 {
"LG",
"S-1-5-21-*-*-*-501" },
284 {
"BO",
"S-1-5-32-551" },
285 {
"BA",
"S-1-5-32-544" },
286 {
"BU",
"S-1-5-32-545" },
287 {
"BG",
"S-1-5-32-546" },
288 {
"PU",
"S-1-5-32-547" },
289 {
"AO",
"S-1-5-32-548" },
290 {
"SO",
"S-1-5-32-549" },
291 {
"PO",
"S-1-5-32-550" },
292 {
"RE",
"S-1-5-32-552" },
293 {
"RU",
"S-1-5-32-554" },
294 {
"RD",
"S-1-5-32-555" },
295 {
"NO",
"S-1-5-32-556" },
296 {
"AC",
"S-1-15-2-1", 1 },
308 {
"s-1-12-1",
"S-1-12-1", 1 },
309 {
"S-0x1-0XC-0x1a",
"S-1-12-26", 1 },
311 {
"s-1-12-1",
"S-1-12-1" },
312 {
"S-0x1-0XC-0x1a",
"S-1-12-26" },
316 const char noSubAuthStr[] =
"S-1-5";
324 ok( !
r,
"expected failure with NULL parameters\n" );
328 "expected GetLastError() is ERROR_INVALID_PARAMETER, got %ld\n",
333 "expected GetLastError() is ERROR_INVALID_PARAMETER, got %ld\n",
338 "expected GetLastError() is ERROR_INVALID_PARAMETER, got %ld\n",
343 "expected failure with no sub authorities\n" );
345 "expected GetLastError() is ERROR_INVALID_SID, got %ld\n",
350 "expected failure with too many characters\n" );
352 "expected GetLastError() is ERROR_INVALID_SID, got %ld\n",
357 "expected failure with too many characters\n" );
359 "expected GetLastError() is ERROR_INVALID_SID, got %ld\n",
372 r =
AllocateAndInitializeSid( &refs[
i].
auth, 1,1,0,0,0,0,0,0,0,
374 ok(
r,
"failed to allocate sid\n" );
376 ok(
r,
"failed to convert sid\n" );
380 "incorrect sid, expected %s, got %s\n", refs[
i].
refStr,
str );
387 ok(
r,
"failed to parse sid string\n" );
391 sizeof(refs[
i].
auth) ),
392 "string sid %s didn't parse to expected value\n"
393 "(got 0x%04x%08lx, expected 0x%04x%08lx)\n",
415 skip(
"%u: failed to convert %s.\n",
i, str_to_sid_tests[
i].
name);
418 ok(
ret,
"%u: failed to convert string to sid.\n",
i);
428 ok(
ret,
"%u: failed to convert SID to string.\n",
i);
437 GUID ObjectType = {0x12345678, 0x1234, 0x5678, {0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88}};
438 GUID InheritedObjectType = {0x23456789, 0x2345, 0x6786, {0x2, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99}};
444 char szObjectTypeName[] =
"ObjectTypeName";
445 char szInheritedObjectTypeName[] =
"InheritedObjectTypeName";
446 char szTrusteeName[] =
"szTrusteeName";
449 memset( &ZeroGuid, 0x00,
sizeof (ZeroGuid) );
453 pBuildTrusteeWithObjectsAndNameA = (
void *)
GetProcAddress (
hmod,
"BuildTrusteeWithObjectsAndNameA" );
454 pBuildTrusteeWithObjectsAndSidA = (
void *)
GetProcAddress (
hmod,
"BuildTrusteeWithObjectsAndSidA" );
456 if( !pBuildTrusteeWithSidA || !pBuildTrusteeWithNameA ||
457 !pBuildTrusteeWithObjectsAndNameA || !pBuildTrusteeWithObjectsAndSidA ||
461 if ( !
AllocateAndInitializeSid( &
auth, 1, 42, 0,0,0,0,0,0,0,&psid ) )
463 trace(
"failed to init SID\n" );
468 memset( &trustee, 0xff,
sizeof trustee );
469 pBuildTrusteeWithSidA( &trustee, psid );
473 "MultipleTrusteeOperation wrong\n");
476 ok( trustee.
ptstrName == psid,
"ptstrName wrong\n" );
479 memset( &trustee, 0xff,
sizeof trustee );
480 memset( &oas, 0xff,
sizeof(oas) );
481 pBuildTrusteeWithObjectsAndSidA(&trustee, &oas, &
ObjectType,
482 &InheritedObjectType, psid);
493 ok(oas.
pSid == psid,
"pSid wrong\n");
496 ok(pGetTrusteeNameA(&trustee) == (
LPSTR)&oas,
"GetTrusteeName returned wrong value\n");
499 memset( &trustee, 0xff,
sizeof trustee );
500 memset( &oas, 0xff,
sizeof(oas) );
501 pBuildTrusteeWithObjectsAndSidA(&trustee, &oas,
NULL,
502 &InheritedObjectType, psid);
513 ok(oas.
pSid == psid,
"pSid wrong\n");
518 memset( &trustee, 0xff,
sizeof trustee );
519 pBuildTrusteeWithNameA( &trustee, szTrusteeName );
523 "MultipleTrusteeOperation wrong\n");
526 ok( trustee.
ptstrName == szTrusteeName,
"ptstrName wrong\n" );
529 memset( &trustee, 0xff,
sizeof trustee );
530 memset( &oan, 0xff,
sizeof(oan) );
531 pBuildTrusteeWithObjectsAndNameA(&trustee, &oan,
SE_KERNEL_OBJECT, szObjectTypeName,
532 szInheritedObjectTypeName, szTrusteeName);
543 ok(oan.
ptstrName == szTrusteeName,
"szTrusteeName wrong\n");
546 ok(pGetTrusteeNameA(&trustee) == (
LPSTR)&oan,
"GetTrusteeName returned wrong value\n");
549 memset( &trustee, 0xff,
sizeof trustee );
550 memset( &oan, 0xff,
sizeof(oan) );
552 szInheritedObjectTypeName, szTrusteeName);
563 ok(oan.
ptstrName == szTrusteeName,
"szTrusteeName wrong\n");
566 memset( &trustee, 0xff,
sizeof trustee );
567 memset( &oan, 0xff,
sizeof(oan) );
568 pBuildTrusteeWithObjectsAndNameA(&trustee, &oan,
SE_KERNEL_OBJECT, szObjectTypeName,
569 NULL, szTrusteeName);
580 ok(oan.
ptstrName == szTrusteeName,
"szTrusteeName wrong\n");
584#ifndef SE_MIN_WELL_KNOWN_PRIVILEGE
585#define SE_MIN_WELL_KNOWN_PRIVILEGE 2L
586#define SE_CREATE_TOKEN_PRIVILEGE 2L
587#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE 3L
588#define SE_LOCK_MEMORY_PRIVILEGE 4L
589#define SE_INCREASE_QUOTA_PRIVILEGE 5L
590#define SE_MACHINE_ACCOUNT_PRIVILEGE 6L
591#define SE_TCB_PRIVILEGE 7L
592#define SE_SECURITY_PRIVILEGE 8L
593#define SE_TAKE_OWNERSHIP_PRIVILEGE 9L
594#define SE_LOAD_DRIVER_PRIVILEGE 10L
595#define SE_SYSTEM_PROFILE_PRIVILEGE 11L
596#define SE_SYSTEMTIME_PRIVILEGE 12L
597#define SE_PROF_SINGLE_PROCESS_PRIVILEGE 13L
598#define SE_INC_BASE_PRIORITY_PRIVILEGE 14L
599#define SE_CREATE_PAGEFILE_PRIVILEGE 15L
600#define SE_CREATE_PERMANENT_PRIVILEGE 16L
601#define SE_BACKUP_PRIVILEGE 17L
602#define SE_RESTORE_PRIVILEGE 18L
603#define SE_SHUTDOWN_PRIVILEGE 19L
604#define SE_DEBUG_PRIVILEGE 20L
605#define SE_AUDIT_PRIVILEGE 21L
606#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE 22L
607#define SE_CHANGE_NOTIFY_PRIVILEGE 23L
608#define SE_REMOTE_SHUTDOWN_PRIVILEGE 24L
609#define SE_UNDOCK_PRIVILEGE 25L
610#define SE_SYNC_AGENT_PRIVILEGE 26L
611#define SE_ENABLE_DELEGATION_PRIVILEGE 27L
612#define SE_MANAGE_VOLUME_PRIVILEGE 28L
613#define SE_IMPERSONATE_PRIVILEGE 29L
614#define SE_CREATE_GLOBAL_PRIVILEGE 30L
615#define SE_MAX_WELL_KNOWN_PRIVILEGE SE_CREATE_GLOBAL_PRIVILEGE
625 if (!pAllocateLocallyUniqueId)
return;
627 ret = pAllocateLocallyUniqueId(&luid1);
632 "AllocateLocallyUniqueId failed: %ld\n",
GetLastError());
633 ret = pAllocateLocallyUniqueId(&luid2);
635 "AllocateLocallyUniqueId failed: %ld\n",
GetLastError());
637 "AllocateLocallyUniqueId returned a well-known LUID\n");
639 "AllocateLocallyUniqueId returned non-unique LUIDs\n");
640 ret = pAllocateLocallyUniqueId(
NULL);
642 "AllocateLocallyUniqueId(NULL) didn't return ERROR_NOACCESS: %ld\n",
651 LUID luid = { 0, 0 };
657 if (!pLookupPrivilegeNameA)
return;
668 "LookupPrivilegeNameA didn't fail with ERROR_INSUFFICIENT_BUFFER: %ld\n",
671 "LookupPrivilegeNameA returned an incorrect required length for\n"
672 "SeCreateTokenPrivilege (got %ld, expected %d)\n",
cchName,
673 lstrlenA(
"SeCreateTokenPrivilege") + 1);
678 "LookupPrivilegeNameA returned an incorrect output length for\n"
679 "SeCreateTokenPrivilege (got %ld, expected %d)\n",
cchName,
680 (
int)
strlen(
"SeCreateTokenPrivilege"));
688 "LookupPrivilegeNameA(0.%ld) failed: %ld\n",
i,
GetLastError());
695 "LookupPrivilegeNameA didn't fail with ERROR_NO_SUCH_PRIVILEGE: %ld\n",
700 ret = pLookupPrivilegeNameA(
"b0gu5.Nam3", &luid,
buf, &
cchName);
703 "LookupPrivilegeNameA didn't fail with RPC_S_SERVER_UNAVAILABLE or RPC_S_INVALID_NET_ADDR: %ld\n",
753 if (!pLookupPrivilegeValueA)
return;
754 ret = pLookupPrivilegeValueA(
NULL,
"SeCreateTokenPrivilege", &luid);
759 ret = pLookupPrivilegeValueA(
"b0gu5.Nam3",
"SeCreateTokenPrivilege", &luid);
762 "LookupPrivilegeValueA didn't fail with RPC_S_SERVER_UNAVAILABLE or RPC_S_INVALID_NET_ADDR: %ld\n",
765 ret = pLookupPrivilegeValueA(
NULL, 0, &luid);
767 "LookupPrivilegeValueA didn't fail with ERROR_NO_SUCH_PRIVILEGE: %ld\n",
770 ret = pLookupPrivilegeValueA(
NULL,
"SeBogusPrivilege", &luid);
772 "LookupPrivilegeValueA didn't fail with ERROR_NO_SUCH_PRIVILEGE: %ld\n",
775 ret = pLookupPrivilegeValueA(
NULL,
"sEcREATEtOKENpRIVILEGE", &luid);
777 "LookupPrivilegeValueA(NULL, sEcREATEtOKENpRIVILEGE, &luid) failed: %ld\n",
784 if (pLookupPrivilegeValueA(
NULL, privs[
i].
name, &luid))
787 "LookupPrivilegeValueA returned an invalid LUID for %s\n",
799 DWORD sdSize, retSize, rc, granted, priv_set_len;
834 win_skip(
"GetFileSecurityA is not implemented\n");
837 ok (!rc,
"GetFileSecurityA "
838 "was expected to fail for '%s'\n",
file);
840 "returned %ld; expected ERROR_INSUFFICIENT_BUFFER\n",
GetLastError());
850 ok (rc,
"GetFileSecurityA "
852 ok (retSize == sdSize,
853 "GetFileSecurityA returned size %ld; expected %ld\n", retSize, sdSize);
858 ok (rc,
"SetFileSecurityA "
869 ok (!rc,
"GetFileSecurityA "
870 "was expected to fail for '%s'\n",
path);
872 "returned %ld; expected ERROR_INSUFFICIENT_BUFFER\n",
GetLastError());
882 ok (rc,
"GetFileSecurityA "
884 ok (retSize == sdSize,
885 "GetFileSecurityA returned size %ld; expected %ld\n", retSize, sdSize);
890 ok (rc,
"SetFileSecurityA "
895 strcpy (wintmpdir,
"\\Should not exist");
898 ok (!rc,
"GetFileSecurityA should fail for not existing directories/files\n");
900 "last error ERROR_FILE_NOT_FOUND expected, got %ld\n",
GetLastError());
922 ok(!rc,
"GetFileSecurity should fail\n");
924 "expected ERROR_INSUFFICIENT_BUFFER got %ld\n",
GetLastError());
928 retSize = 0xdeadbeef;
931 sd, sdSize, &retSize);
933 ok(retSize == sdSize,
"expected %ld, got %ld\n", sdSize, retSize);
937 ok(!rc,
"OpenThreadToken should fail\n");
952 priv_set_len =
sizeof(priv_set);
953 granted = 0xdeadbeef;
959 ok(granted ==
FILE_READ_DATA,
"expected FILE_READ_DATA, got %#lx\n", granted);
961 granted = 0xdeadbeef;
969 granted = 0xdeadbeef;
975 ok(granted ==
FILE_EXECUTE,
"expected FILE_EXECUTE, got %#lx\n", granted);
977 granted = 0xdeadbeef;
983 ok(granted ==
DELETE,
"expected DELETE, got %#lx\n", granted);
985 granted = 0xdeadbeef;
993 granted = 0xdeadbeef;
999 ok(granted == 0x1ff,
"expected 0x1ff, got %#lx\n", granted);
1001 granted = 0xdeadbeef;
1007 ok(granted ==
FILE_ALL_ACCESS,
"expected FILE_ALL_ACCESS, got %#lx\n", granted);
1011 ok(!rc,
"AccessCheck should fail\n");
1018 retSize = 0xdeadbeef;
1021 ok(!rc,
"WriteFile should fail\n");
1023 ok(retSize == 0,
"expected 0, got %ld\n", retSize);
1030 "expected FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY got %#lx\n", rc);
1042 retSize = 0xdeadbeef;
1045 ok(!rc,
"WriteFile should fail\n");
1047 ok(retSize == 0,
"expected 0, got %ld\n", retSize);
1053 "expected FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY got %#lx\n", rc);
1055 retSize = 0xdeadbeef;
1058 sd, sdSize, &retSize);
1060 ok(retSize == sdSize,
"expected %ld, got %ld\n", sdSize, retSize);
1062 priv_set_len =
sizeof(priv_set);
1063 granted = 0xdeadbeef;
1069 ok(granted ==
FILE_READ_DATA,
"expected FILE_READ_DATA, got %#lx\n", granted);
1071 granted = 0xdeadbeef;
1078 ok(granted ==
FILE_WRITE_DATA,
"expected FILE_WRITE_DATA, got %#lx\n", granted);
1080 granted = 0xdeadbeef;
1086 ok(granted ==
FILE_EXECUTE,
"expected FILE_EXECUTE, got %#lx\n", granted);
1088 granted = 0xdeadbeef;
1094 ok(granted ==
DELETE,
"expected DELETE, got %#lx\n", granted);
1096 granted = 0xdeadbeef;
1102 ok(granted ==
WRITE_OWNER,
"expected WRITE_OWNER, got %#lx\n", granted);
1104 granted = 0xdeadbeef;
1110 ok(granted ==
SYNCHRONIZE,
"expected SYNCHRONIZE, got %#lx\n", granted);
1112 granted = 0xdeadbeef;
1121 granted = 0xdeadbeef;
1128 ok(granted == 0x1ff,
"expected 0x1ff, got %#lx\n", granted);
1130 granted = 0xdeadbeef;
1137 ok(granted ==
FILE_ALL_ACCESS,
"expected FILE_ALL_ACCESS, got %#lx\n", granted);
1141 ok(!rc,
"DeleteFile should fail\n");
1178 skip(
"not running on NT, skipping test\n");
1181 pRtlAdjustPrivilege = (
void *)
GetProcAddress(NtDllModule,
"RtlAdjustPrivilege");
1182 if (!pRtlAdjustPrivilege)
1184 win_skip(
"missing RtlAdjustPrivilege, skipping test\n");
1192 skip(
"ACLs not implemented - skipping tests\n");
1198 res =
AllocateAndInitializeSid( &SIDAuthWorld, 1,
SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &EveryoneSid);
1212 ok(
res,
"InitializeSecurityDescriptor failed with error %ld\n",
GetLastError());
1218 PrivSet =
calloc(1, PrivSetLen);
1236 "failed with ERROR_INVALID_SECURITY_DESCR, instead of %ld\n",
err);
1238 "Access and/or AccessStatus were changed!\n");
1253 "with ERROR_GENERIC_NOT_MAPPED, instead of %ld\n",
err);
1255 "Access and/or AccessStatus were changed!\n");
1264 "with ERROR_NOACCESS, instead of %ld\n",
err);
1266 "Access and/or AccessStatus were changed!\n");
1275 "with ERROR_NOACCESS, instead of %ld\n",
err);
1277 "Access and/or AccessStatus were changed!\n");
1286 "with ERROR_NOACCESS, instead of %ld\n",
err);
1288 "Access and/or AccessStatus were changed!\n");
1298 "AccessCheck failed to grant access with error %ld\n",
1308 "with ERROR_NOACCESS, instead of %ld\n",
err);
1310 "Access and/or AccessStatus were changed!\n");
1318 Access = ntAccessStatus = 0x1abe11ed;
1320 NULL, &ntPrivSetLen, &Access, &ntAccessStatus);
1323 "NtAccessCheck should have failed with STATUS_ACCESS_VIOLATION, got %lx\n", ntret);
1324 ok(
err == 0xdeadbeef,
1325 "NtAccessCheck shouldn't set last error, got %ld\n",
err);
1326 ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
1327 "Access and/or AccessStatus were changed!\n");
1328 ok(ntPrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %ld\n", ntPrivSetLen);
1332 Access = ntAccessStatus = 0x1abe11ed;
1334 PrivSet,
NULL, &Access, &ntAccessStatus);
1337 "NtAccessCheck should have failed with STATUS_ACCESS_VIOLATION, got %lx\n", ntret);
1338 ok(
err == 0xdeadbeef,
1339 "NtAccessCheck shouldn't set last error, got %ld\n",
err);
1340 ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
1341 "Access and/or AccessStatus were changed!\n");
1345 Access = ntAccessStatus = 0x1abe11ed;
1347 NULL,
NULL, &Access, &ntAccessStatus);
1350 "NtAccessCheck should have failed with STATUS_ACCESS_VIOLATION, got %lx\n", ntret);
1351 ok(
err == 0xdeadbeef,
1352 "NtAccessCheck shouldn't set last error, got %ld\n",
err);
1353 ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
1354 "Access and/or AccessStatus were changed!\n");
1358 Access = ntAccessStatus = 0x1abe11ed;
1361 PrivSet, &ntPrivSetLen, &Access, &ntAccessStatus);
1364 "NtAccessCheck should have failed with STATUS_GENERIC_NOT_MAPPED, got %lx\n", ntret);
1365 ok(
err == 0xdeadbeef,
1366 "NtAccessCheck shouldn't set last error, got %ld\n",
err);
1367 ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
1368 "Access and/or AccessStatus were changed!\n");
1369 ok(ntPrivSetLen == 0,
"PrivSetLen returns %ld\n", ntPrivSetLen);
1373 Access = ntAccessStatus = 0x1abe11ed;
1376 PrivSet, &ntPrivSetLen, &Access, &ntAccessStatus);
1379 "NtAccessCheck should have failed with STATUS_GENERIC_NOT_MAPPED, got %lx\n", ntret);
1380 ok(
err == 0xdeadbeef,
1381 "NtAccessCheck shouldn't set last error, got %ld\n",
err);
1382 ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
1383 "Access and/or AccessStatus were changed!\n");
1384 ok(ntPrivSetLen ==
sizeof(
PRIVILEGE_SET)-1,
"PrivSetLen returns %ld\n", ntPrivSetLen);
1388 Access = ntAccessStatus = 0x1abe11ed;
1391 PrivSet, &ntPrivSetLen, &Access, &ntAccessStatus);
1394 "NtAccessCheck should have failed with STATUS_BUFFER_TOO_SMALL, got %lx\n", ntret);
1395 ok(
err == 0xdeadbeef,
1396 "NtAccessCheck shouldn't set last error, got %ld\n",
err);
1397 ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
1398 "Access and/or AccessStatus were changed!\n");
1399 ok(ntPrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %ld\n", ntPrivSetLen);
1403 Access = ntAccessStatus = 0x1abe11ed;
1406 PrivSet, &ntPrivSetLen, &Access, &ntAccessStatus);
1409 "NtAccessCheck should have failed with STATUS_BUFFER_TOO_SMALL, got %lx\n", ntret);
1410 ok(
err == 0xdeadbeef,
1411 "NtAccessCheck shouldn't set last error, got %ld\n",
err);
1412 ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
1413 "Access and/or AccessStatus were changed!\n");
1414 ok(ntPrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %ld\n", ntPrivSetLen);
1417 win_skip(
"NtAccessCheck unavailable. Skipping.\n");
1427 "AccessCheck failed to grant access with error %ld\n",
1433 "AccessCheck failed to grant access with error %ld\n",
1444 "with ERROR_ACCESS_DENIED, instead of %ld\n",
err);
1445 ok(!Access,
"Should have failed to grant any access, got 0x%08lx\n", Access);
1459 "AccessCheck failed to grant access with error %ld\n",
1466 "AccessCheck failed to grant any access with error %ld\n",
1468 trace(
"AccessCheck with MAXIMUM_ALLOWED got Access 0x%08lx\n", Access);
1477 "failed with ERROR_NOACCESS, instead of %ld\n",
err);
1479 "Access and/or AccessStatus were changed!\n");
1490 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %ld\n",
err);
1492 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %ld\n", PrivSetLen);
1494 "Access and/or AccessStatus were changed!\n");
1504 "failed with ERROR_NOACCESS, instead of %ld\n",
err);
1505 ok(PrivSetLen == 1,
"PrivSetLen returns %ld\n", PrivSetLen);
1507 "Access and/or AccessStatus were changed!\n");
1517 "failed with ERROR_NOACCESS, instead of %ld\n",
err);
1518 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET) - 1,
"PrivSetLen returns %ld\n", PrivSetLen);
1520 "Access and/or AccessStatus were changed!\n");
1530 "failed with ERROR_NOACCESS, instead of %ld\n",
err);
1531 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %ld\n", PrivSetLen);
1533 "Access and/or AccessStatus were changed!\n");
1543 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %ld\n",
err);
1544 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %ld\n", PrivSetLen);
1546 "Access and/or AccessStatus were changed!\n");
1556 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %ld\n",
err);
1557 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %ld\n", PrivSetLen);
1559 "Access and/or AccessStatus were changed!\n");
1570 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %ld\n",
err);
1571 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %ld\n", PrivSetLen);
1573 "Access and/or AccessStatus were changed!\n");
1574 ok(PrivSet->
PrivilegeCount == 0xdeadbeef,
"buffer contents should not be changed\n");
1580 memset(PrivSet, 0xcc, PrivSetLen);
1585 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %ld\n", PrivSetLen);
1587 "AccessCheck failed to grant access with error %ld\n",
GetLastError());
1588 ok(PrivSet->
PrivilegeCount == 0,
"PrivilegeCount returns %ld, expects 0\n",
1595 memset(PrivSet, 0xcc, PrivSetLen);
1601 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET) + 1,
"PrivSetLen returns %ld\n", PrivSetLen);
1603 "AccessCheck failed to grant access with error %ld\n",
GetLastError());
1604 ok(PrivSet->
PrivilegeCount == 0,
"PrivilegeCount returns %ld, expects 0\n",
1616 "failed with ERROR_NOACCESS, instead of %ld\n",
err);
1618 "Access and/or AccessStatus were changed!\n");
1628 "with ERROR_ACCESS_DENIED, instead of %ld\n",
err);
1629 ok(!Access,
"Should have failed to grant any access, got 0x%08lx\n", Access);
1636 "AccessCheck should have failed with ERROR_PRIVILEGE_NOT_HELD, instead of %ld\n",
1652 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %ld\n",
err);
1653 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %ld\n", PrivSetLen);
1655 "Access and/or AccessStatus were changed!\n");
1665 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %ld\n",
err);
1666 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %ld\n", PrivSetLen);
1668 "Access and/or AccessStatus were changed!\n");
1674 memset(PrivSet, 0xcc, PrivSetLen);
1678 "AccessCheck should have succeeded, error %ld\n",
1681 "Access should be equal to ACCESS_SYSTEM_SECURITY instead of 0x%08lx\n",
1683 ok(PrivSet->
PrivilegeCount == 1,
"PrivilegeCount returns %ld, expects 1\n",
1690 memset(PrivSet, 0xcc, PrivSetLen);
1694 "AccessCheck should have succeeded, error %ld\n",
1697 "Access should be equal to ACCESS_SYSTEM_SECURITY instead of 0x%08lx\n",
1699 ok(PrivSet->
PrivilegeCount == 1,
"PrivilegeCount returns %ld, expects 1\n",
1703 trace(
"Couldn't get SE_SECURITY_PRIVILEGE (0x%08x), skipping ACCESS_SYSTEM_SECURITY test\n",
1720 "with ERROR_ACCESS_DENIED, instead of %ld\n",
err);
1721 ok(!Access,
"Should have failed to grant any access, got 0x%08lx\n", Access);
1733 "with ERROR_BAD_IMPERSONATION_LEVEL, instead of %ld\n",
err);
1742 "with ERROR_NO_IMPERSONATION_TOKEN, instead of %ld\n",
err);
1764 ok(!
ret,
"Expected failure, got %d\n",
ret);
1766 "Expected ERROR_INSUFFICIENT_BUFFER, got %ld\n",
GetLastError());
1782 ok(!
ret,
"Expected failure, got %d\n",
ret);
1784 "Expected ERROR_INSUFFICIENT_BUFFER, got %ld\n",
GetLastError());
1800 ok(!
ret,
"Expected failure, got %d\n",
ret);
1802 "Expected ERROR_INSUFFICIENT_BUFFER, got %ld\n",
GetLastError());
1808 return token_primary_group;
1832 win_skip(
"OpenProcessToken is not implemented\n");
1845 ok(!
ret && (
GLE ==
ERROR_INVALID_PARAMETER),
"GetTokenInformation(TokenImpersonationLevel) on primary token should have failed with ERROR_INVALID_PARAMETER instead of %ld\n",
GLE);
1858 ok(Size2 > 1,
"got %ld\n", Size2);
1863 memset(Groups, 0xcc, Size2);
1870 ok(*((
BYTE*)Groups) == 0xcc,
"buffer altered\n");
1877 "GetTokenInformation(TokenGroups) %s with error %ld\n",
1882 ok(
ret,
"GetTokenInformation(TokenGroups) failed with error %ld\n",
GetLastError());
1884 "GetTokenInformation shouldn't have set last error to %ld\n",
1886 trace(
"TokenGroups:\n");
1889 DWORD NameLength = 255;
1891 DWORD DomainLength = 255;
1910 "GetTokenInformation(TokenUser) failed with error %ld\n",
GetLastError());
1914 "GetTokenInformation(TokenUser) failed with error %ld\n",
GetLastError());
1917 trace(
"TokenUser: %s attr: 0x%08lx\n", SidString,
User->User.Attributes);
1924 "GetTokenInformation(TokenOwner) failed with error %ld\n",
GetLastError());
1928 "GetTokenInformation(TokenOwner) failed with error %ld\n",
GetLastError());
1931 trace(
"TokenOwner: %s\n", SidString);
1942 "GetTokenInformation(TokenLogonSid) failed with error %ld\n",
GetLastError());
1946 "GetTokenInformation(TokenLogonSid) failed with error %ld\n",
GetLastError());
1953 trace(
"TokenLogon: %s\n", SidString);
1958 ok(
ret,
"Unknown SID\n");
1971 "GetTokenInformation(TokenPrivileges) failed with error %ld\n",
GetLastError());
1975 "GetTokenInformation(TokenPrivileges) failed with error %ld\n",
GetLastError());
1976 trace(
"TokenPrivileges:\n");
1991 ok(
ret,
"GetTokenInformation(TokenImpersonationLevel) failed with error %ld\n",
GetLastError());
1999 "GetTokenInformation(TokenDefaultDacl) failed with error %lu\n",
GetLastError());
2003 ok(
ret,
"GetTokenInformation(TokenDefaultDacl) failed with error %lu\n",
GetLastError());
2008 ok(!
ret,
"SetTokenInformation(TokenDefaultDacl) succeeded\n");
2014 ok(!
ret,
"SetTokenInformation(TokenDefaultDacl) succeeded\n");
2017 acl =
Dacl->DefaultDacl;
2021 ok(
ret,
"SetTokenInformation(TokenDefaultDacl) succeeded\n");
2024 Dacl->DefaultDacl = (
ACL *)0xdeadbeef;
2026 ok(
ret,
"GetTokenInformation(TokenDefaultDacl) failed with error %lu\n",
GetLastError());
2027 ok(
Dacl->DefaultDacl ==
NULL,
"expected NULL, got %p\n",
Dacl->DefaultDacl);
2029 "got %lu expected sizeof(TOKEN_DEFAULT_DACL)\n", Size2);
2031 Dacl->DefaultDacl = acl;
2033 ok(
ret,
"SetTokenInformation(TokenDefaultDacl) failed with error %lu\n",
GetLastError());
2037 ok(
ret,
"GetTokenInformation(TokenDefaultDacl) failed with error %lu\n",
GetLastError());
2039 win_skip(
"TOKEN_DEFAULT_DACL size too small on WoW64\n");
2055 is_app_container = 0xdeadbeef;
2057 sizeof(is_app_container), &
size);
2062 ok(
size ==
sizeof(is_app_container),
"size = %lu\n",
size);
2063 ok(!is_app_container,
"is_app_container = %lx\n", is_app_container);
2088 "LookupAccountSid(%s) failed: %ld\n", str_sid,
GetLastError());
2092 trace(
" %s couldn't be mapped\n", str_sid);
2102 {
TRUE,
"S-1-0-0"}, {
TRUE,
"S-1-1-0"}, {
TRUE,
"S-1-2-0"}, {
TRUE,
"S-1-3-0"},
2105 {
TRUE,
"S-1-5-6"}, {
TRUE,
"S-1-5-7"}, {
TRUE,
"S-1-5-8"}, {
TRUE,
"S-1-5-9"},
2106 {
TRUE,
"S-1-5-10"}, {
TRUE,
"S-1-5-11"}, {
TRUE,
"S-1-5-12"}, {
TRUE,
"S-1-5-13"},
2108 {
TRUE,
"S-1-5-20"}, {
TRUE,
"S-1-5-32"},
2109 {
FALSE,
"S-1-5-32-544"}, {
TRUE,
"S-1-5-32-545"}, {
TRUE,
"S-1-5-32-546"},
2110 {
TRUE,
"S-1-5-32-547"}, {
TRUE,
"S-1-5-32-548"}, {
TRUE,
"S-1-5-32-549"},
2111 {
TRUE,
"S-1-5-32-550"}, {
TRUE,
"S-1-5-32-551"}, {
TRUE,
"S-1-5-32-552"},
2112 {
TRUE,
"S-1-5-32-554"}, {
TRUE,
"S-1-5-32-555"}, {
TRUE,
"S-1-5-32-556"},
2113 {
FALSE,
"S-1-5-21-12-23-34-45-56-500"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-501"},
2114 {
FALSE,
"S-1-5-21-12-23-34-45-56-502"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-512"},
2115 {
FALSE,
"S-1-5-21-12-23-34-45-56-513"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-514"},
2116 {
FALSE,
"S-1-5-21-12-23-34-45-56-515"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-516"},
2117 {
FALSE,
"S-1-5-21-12-23-34-45-56-517"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-518"},
2118 {
FALSE,
"S-1-5-21-12-23-34-45-56-519"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-520"},
2119 {
FALSE,
"S-1-5-21-12-23-34-45-56-553"},
2121 {
TRUE,
"S-1-5-64-10"}, {
TRUE,
"S-1-5-64-21"}, {
TRUE,
"S-1-5-64-14"},
2122 {
TRUE,
"S-1-5-15"}, {
TRUE,
"S-1-5-1000"}, {
FALSE,
"S-1-5-32-557"},
2123 {
TRUE,
"S-1-5-32-558"}, {
TRUE,
"S-1-5-32-559"}, {
TRUE,
"S-1-5-32-560"},
2124 {
TRUE,
"S-1-5-32-561"}, {
TRUE,
"S-1-5-32-562"},
2126 {
TRUE,
"S-1-5-32-568"},
2127 {
TRUE,
"S-1-5-17"}, {
FALSE,
"S-1-5-32-569"}, {
TRUE,
"S-1-16-0"},
2128 {
TRUE,
"S-1-16-4096"}, {
TRUE,
"S-1-16-8192"}, {
TRUE,
"S-1-16-12288"},
2129 {
TRUE,
"S-1-16-16384"}, {
TRUE,
"S-1-5-33"}, {
TRUE,
"S-1-3-4"},
2130 {
FALSE,
"S-1-5-21-12-23-34-45-56-571"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-572"},
2131 {
TRUE,
"S-1-5-22"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-521"}, {
TRUE,
"S-1-5-32-573"},
2132 {
FALSE,
"S-1-5-21-12-23-34-45-56-498"}, {
TRUE,
"S-1-5-32-574"}, {
TRUE,
"S-1-16-8448"},
2134 {
TRUE,
"S-1-15-2-1"},
2149 ok(!
ret,
"CreateWellKnownSid succeeded\n");
2151 ok(
size,
"expected size > 0\n");
2156 ok(!
ret,
"CreateWellKnownSid succeeded\n");
2165 AllocateAndInitializeSid(&
ident, 6,
SECURITY_NT_NON_UNIQUE, 12, 23, 34, 45, 56, 0, 0, &domainsid);
2178 cb =
sizeof(sid_buffer);
2181 skip(
"Well known SID %u not implemented\n",
i);
2185 cb =
sizeof(sid_buffer);
2190 ok(
strcmp(
str,
value->sid_string) == 0,
"%d: SID mismatch - expected %s, got %s\n",
i,
2194 if (
value->without_domain)
2200 ok(
memcmp(buf2, sid_buffer,
cb) == 0,
"SID create with domain is different than without (%u)\n",
i);
2211 DWORD acc_sizeA, dom_sizeA, user_sizeA;
2212 DWORD real_acc_sizeA, real_dom_sizeA;
2215 DWORD acc_sizeW, dom_sizeW;
2216 DWORD real_acc_sizeW, real_dom_sizeW;
2234 "AllocateAndInitializeSid failed with error %ld\n",
GetLastError());
2243 ok(
ret,
"LookupAccountSidA() Expected TRUE, got FALSE\n");
2249 ok(
ret,
"LookupAccountSidA() Expected TRUE, got FALSE\n");
2255 ok(
ret,
"LookupAccountSidA() Expected TRUE, got FALSE\n");
2262 ok(!
ret,
"LookupAccountSidA() Expected FALSE got TRUE\n");
2264 "LookupAccountSidA() Expected ERROR_NOT_ENOUGH_MEMORY, got %lu\n",
GetLastError());
2272 ok(acc_sizeA == real_acc_sizeA + 1,
2273 "LookupAccountSidA() Expected acc_size = %lu, got %lu\n",
2274 real_acc_sizeA + 1, acc_sizeA);
2281 ok(acc_sizeA == real_acc_sizeA + 1,
2282 "LookupAccountSid() Expected acc_size = %lu, got %lu\n",
2283 real_acc_sizeA + 1, acc_sizeA);
2290 ok(!
ret,
"LookupAccountSidA() Expected FALSE got TRUE\n");
2292 "LookupAccountSidA() Expected ERROR_NOT_ENOUGH_MEMORY, got %lu\n",
GetLastError());
2300 ok(dom_sizeA == real_dom_sizeA + 1,
2301 "LookupAccountSidA() Expected dom_size = %lu, got %lu\n",
2302 real_dom_sizeA + 1, dom_sizeA);
2309 ok(dom_sizeA == real_dom_sizeA + 1,
2310 "LookupAccountSidA() Expected dom_size = %lu, got %lu\n",
2311 real_dom_sizeA + 1, dom_sizeA);
2316 ok(
ret,
"LookupAccountSidW() Expected TRUE, got FALSE\n");
2321 ret =
LookupAccountSidA(
"deepthought", pUsersSid, accountA, &real_acc_sizeA, domainA, &real_dom_sizeA, &use);
2322 ok(!
ret,
"LookupAccountSidA() Expected FALSE got TRUE\n");
2324 "LookupAccountSidA() Expected RPC_S_SERVER_UNAVAILABLE or RPC_S_INVALID_NET_ADDR, got %lu\n",
GetLastError());
2333 ok(!
ret,
"LookupAccountSidW() Expected FALSE got TRUE\n");
2335 "LookupAccountSidW() Expected ERROR_NOT_ENOUGH_MEMORY, got %lu\n",
GetLastError());
2343 ok(acc_sizeW == real_acc_sizeW + 1,
2344 "LookupAccountSidW() Expected acc_size = %lu, got %lu\n",
2345 real_acc_sizeW + 1, acc_sizeW);
2352 ok(acc_sizeW == real_acc_sizeW + 1,
2353 "LookupAccountSidW() Expected acc_size = %lu, got %lu\n",
2354 real_acc_sizeW + 1, acc_sizeW);
2361 ok(!
ret,
"LookupAccountSidW() Expected FALSE got TRUE\n");
2363 "LookupAccountSidW() Expected ERROR_NOT_ENOUGH_MEMORY, got %lu\n",
GetLastError());
2371 ok(dom_sizeW == real_dom_sizeW + 1,
2372 "LookupAccountSidW() Expected dom_size = %lu, got %lu\n",
2373 real_dom_sizeW + 1, dom_sizeW);
2380 ok(dom_sizeW == real_dom_sizeW + 1,
2381 "LookupAccountSidW() Expected dom_size = %lu, got %lu\n",
2382 real_dom_sizeW + 1, dom_sizeW);
2384 acc_sizeW = dom_sizeW = use = 0;
2390 ok(acc_sizeW,
"expected non-zero account size\n");
2391 ok(dom_sizeW,
"expected non-zero domain size\n");
2392 ok(!use,
"expected zero use %u\n", use);
2407 ok(
ret,
"LookupAccountSidA() Expected TRUE, got FALSE\n");
2410 ok(
ret,
"GetUserNameA() Expected TRUE, got FALSE\n");
2411 ok(
lstrcmpA(usernameA, accountA) == 0,
"LookupAccountSidA() Expected account name: %s got: %s\n", usernameA, accountA );
2415 trace(
"Well Known SIDs:\n");
2416 for (
i = 0;
i <= 60;
i++)
2426 trace(
" %d: %s %s\\%s %d\n",
i, str_sidA, domainA, accountA, use);
2435 trace(
" %d: not supported\n",
i);
2439 ZeroMemory(&object_attributes,
sizeof(object_attributes));
2440 object_attributes.
Length =
sizeof(object_attributes);
2444 "LsaOpenPolicy(POLICY_ALL_ACCESS) returned 0x%08lx\n",
status);
2448 trace(
"LsaOpenPolicy(POLICY_ALL_ACCESS) failed, trying POLICY_VIEW_LOCAL_INFORMATION\n");
2460 ok(
info->DomainSid!=0,
"LsaQueryInformationPolicy(PolicyAccountDomainInformation) missing SID\n");
2461 if (
info->DomainSid)
2527 DWORD sid_size, domain_size;
2536 ok(!
ret,
" %s Should have failed to lookup account name\n",
name);
2543 ok(!
ret,
" %s Should have failed to lookup account name\n",
name);
2547 AllocateAndInitializeSid(&
ident, 6,
SECURITY_NT_NON_UNIQUE, 12, 23, 34, 45, 56, 0, 0, &domainsid);
2548 cb =
sizeof(wk_sid);
2558 win_skip(
"CreateWellKnownSid() succeeded but the account '%s' is not present (W2K)\n",
name);
2564 ok(
ret,
"Failed to lookup account name %s\n",
name);
2565 ok(sid_size != 0,
"sid_size was zero\n");
2568 ok(
EqualSid(psid,wk_sid),
"%s Sid %s fails to match well known sid %s!\n",
2584 DWORD sid_size, domain_size, user_size;
2585 DWORD sid_save, domain_save;
2600 user_size =
UNLEN + 1;
2608 sid_use = 0xcafebabe;
2613 win_skip(
"LookupAccountNameA is not implemented\n");
2616 ok(!
ret,
"Expected 0, got %d\n",
ret);
2618 "Expected ERROR_INSUFFICIENT_BUFFER, got %ld\n",
GetLastError());
2619 ok(sid_size != 0,
"Expected non-zero sid size\n");
2620 ok(domain_size != 0,
"Expected non-zero domain size\n");
2621 ok(sid_use == (
SID_NAME_USE)0xcafebabe,
"Expected 0xcafebabe, got %d\n", sid_use);
2623 sid_save = sid_size;
2624 domain_save = domain_size;
2632 ok(
ret,
"Failed to lookup account name\n");
2636 ok(domain_size == domain_save - 1,
"Expected %ld, got %ld\n", domain_save - 1, domain_size);
2639 domain_size = domain_save;
2640 sid_size = sid_save;
2644 skip(
"Non-English locale (test with hardcoded 'Everyone')\n");
2650 ok(
ret,
"Failed to lookup account name\n");
2651 ok(sid_size != 0,
"sid_size was zero\n");
2654 ok(domain_size == 0,
"Expected 0, got %ld\n", domain_size);
2657 domain_size = domain_save;
2664 ok(!
ret,
"Expected 0, got %d\n",
ret);
2666 "Expected ERROR_INSUFFICIENT_BUFFER, got %ld\n",
GetLastError());
2667 ok(sid_size == sid_save,
"Expected %ld, got %ld\n", sid_save, sid_size);
2668 ok(domain_size == domain_save,
"Expected %ld, got %ld\n", domain_save, domain_size);
2674 ok(!
ret,
"Expected 0, got %d\n",
ret);
2676 "Expected ERROR_INSUFFICIENT_BUFFER, got %ld\n",
GetLastError());
2677 ok(sid_size == sid_save,
"Expected %ld, got %ld\n", sid_save, sid_size);
2678 ok(domain_size == domain_save,
"Expected %ld, got %ld\n", domain_save, domain_size);
2684 ok(!
ret,
"Expected 0, got %d\n",
ret);
2686 "Expected ERROR_INSUFFICIENT_BUFFER, got %ld\n",
GetLastError());
2687 ok(sid_size == sid_save,
"Expected %ld, got %ld\n", sid_save, sid_size);
2688 ok(domain_size == domain_save,
"Expected %ld, got %ld\n", domain_save, domain_size);
2696 sid_use = 0xcafebabe;
2699 ok(!
ret,
"Expected 0, got %d\n",
ret);
2701 "Expected ERROR_INSUFFICIENT_BUFFER, got %ld\n",
GetLastError());
2702 ok(sid_size != 0,
"Expected non-zero sid size\n");
2703 ok(domain_size != 0,
"Expected non-zero domain size\n");
2704 ok(sid_use == (
SID_NAME_USE)0xcafebabe,
"Expected 0xcafebabe, got %d\n", sid_use);
2712 ok(
ret,
"Failed to lookup account name\n");
2715 "Got %s for account and %s for domain, these should be the same\n",
account,
domain);
2726 ok(!
ret,
"Expected 0, got %d\n",
ret);
2729 "Expected ERROR_NONE_MAPPED, got %ld\n",
GetLastError());
2730 ok(sid_size == 0,
"Expected 0, got %ld\n", sid_size);
2731 ok(domain_size == 0,
"Expected 0, got %ld\n", domain_size);
2738 ok(!
ret,
"Expected 0, got %d\n",
ret);
2740 "Expected RPC_S_SERVER_UNAVAILABLE or RPC_S_INVALID_NET_ADDR, got %ld\n",
GetLastError());
2741 ok(sid_size == 0,
"Expected 0, got %ld\n", sid_size);
2742 ok(domain_size == 0,
"Expected 0, got %ld\n", domain_size);
2770 skip(
"Non-English locale (skipping well known name creation tests)\n");
2807 DWORD size, size_dacl, size_sacl, size_owner, size_group;
2808 BOOL isDefault, isPresent,
ret;
2816 win_skip(
"InitializeSecurityDescriptor is not implemented\n");
2829 ok(
size > 5,
"Size not increased\n");
2850 "O:SYG:S-1-5-21-93476-23408-4576D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)"
2851 "(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)"
2860 size = size_dacl = size_sacl = size_owner = size_group = 0;
2861 ret =
MakeAbsoluteSD(sd_rel,
NULL, &
size,
NULL, &size_dacl,
NULL, &size_sacl,
NULL, &size_owner,
NULL,
2865 sd_abs =
malloc(
size + size_dacl + size_sacl + size_owner + size_group);
2867 sacl = (
PACL)((
char *)
dacl + size_dacl);
2868 owner = (
PSID)((
char *)sacl + size_sacl);
2869 group = (
PSID)((
char *)owner + size_owner);
2871 group, &size_group);
2890#define TEST_GRANTED_ACCESS(a,b) test_granted_access(a,b,0,__LINE__)
2891#define TEST_GRANTED_ACCESS2(a,b,c) test_granted_access(a,b,c,__LINE__)
2899 sizeof(obj_info),
NULL );
2903 obj_info.
GrantedAccess == alt,
"Granted access should be 0x%08lx "
2910#define CHECK_SET_SECURITY(o,i,e) \
2914 SetLastError( 0xdeadbeef ); \
2915 res_ = SetKernelObjectSecurity( o, i, SecurityDescriptor ); \
2916 err = GetLastError(); \
2917 if (e == ERROR_SUCCESS) \
2918 ok(res_, "SetKernelObjectSecurity failed with %ld\n", err); \
2920 ok(!res_ && err == e, "SetKernelObjectSecurity should have failed " \
2921 "with %s, instead of %ld\n", #e, err); \
2947 win_skip(
"ACLs not implemented - skipping tests\n");
2953 res =
AllocateAndInitializeSid( &SIDAuthWorld, 1,
SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &EveryoneSid);
2966 ok(!
res,
"Expected failure, got %d\n",
res);
2968 "Expected ERROR_INSUFFICIENT_BUFFER, got %ld\n",
GetLastError());
2977 ok(!
res,
"Expected failure, got %d\n",
res);
2979 "Expected ERROR_INSUFFICIENT_BUFFER, got %ld\n",
GetLastError());
2984 UsersSid =
group->PrimaryGroup;
2988 dom_size =
sizeof(
domain);
2990 ok(
ret,
"LookupAccountSid failed with %ld\n",
ret);
2993 skip(
"Non-English locale (test with hardcoded 'None')\n");
2998 ok(!
res,
"Expected failure, got %d\n",
res);
3000 "Expected ERROR_INSUFFICIENT_BUFFER, got %ld\n",
GetLastError());
3005 UserSid =
user->User.Sid;
3007 ok(
EqualPrefixSid(UsersSid, UserSid),
"TokenPrimaryGroup Sid and TokenUser Sid don't match.\n");
3026 ok(
res,
"InitializeSecurityDescriptor failed with error %ld\n",
GetLastError());
3086 psa.nLength =
sizeof(
psa);
3092 ok(
res,
"InitializeSecurityDescriptor failed with error %ld\n",
GetLastError());
3094 ThreadAcl =
malloc( 256 );
3132 free(ThreadSecurityDescriptor);
3161 "with STATUS_ACCESS_DENIED, instead of err:%ld\n",
err);
3168 ok(
handle ==
NULL,
"OpenProcess(PROCESS_VM_READ) should have failed\n");
3170 ok(
handle ==
NULL,
"OpenProcess(PROCESS_ALL_ACCESS) should have failed\n");
3203 ok(
handle ==
NULL,
"OpenThread(THREAD_SET_THREAD_TOKEN) should have failed\n");
3224 win_skip(
"ImpersonateSelf is not implemented\n");
3227 ok(
ret,
"ImpersonateSelf(SecurityAnonymous) failed with error %ld\n",
GetLastError());
3229 ok(!
ret,
"OpenThreadToken should have failed\n");
3236 "RegOpenKeyEx failed with %ld\n",
error);
3251 "Duplicating a token and increasing the impersonation level should have failed with ERROR_BAD_IMPERSONATION_LEVEL instead of %ld\n",
error);
3258 ok(
ret,
"GetTokenInformation(TokenUser) failed with error %ld\n",
GetLastError());
3267 ok(
ret,
"GetTokenInformation(TokenPrivileges) failed with error %ld\n",
GetLastError());
3282 ok(
ret,
"ImpersonateSelf(SecurityIdentification) failed with error %ld\n",
GetLastError());
3290 "RegOpenKeyEx should have failed with ERROR_INVALID_HANDLE, ERROR_BAD_IMPERSONATION_LEVEL or ERROR_ACCESS_DENIED instead of %ld\n",
error);
3293 ok(
ret,
"PrivilegeCheck for SecurityIdentification failed with error %ld\n",
GetLastError());
3298 ok(
ret,
"ImpersonateSelf(SecurityImpersonation) failed with error %ld\n",
GetLastError());
3305 ok(
ret,
"PrivilegeCheck for SecurityImpersonation failed with error %ld\n",
GetLastError());
3322 static const WCHAR wszEveryone[] = {
'E',
'v',
'e',
'r',
'y',
'o',
'n',
'e',0};
3323 static const WCHAR wszCurrentUser[] = {
'C',
'U',
'R',
'R',
'E',
'N',
'T',
'_',
'U',
'S',
'E',
'R',
'\0'};
3325 NewAcl = (
PACL)0xdeadbeef;
3328 ok(NewAcl ==
NULL,
"NewAcl=%p, expected NULL\n", NewAcl);
3335 win_skip(
"ACLs not implemented - skipping tests\n");
3341 res =
AllocateAndInitializeSid( &SIDAuthWorld, 1,
SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &EveryoneSid);
3361 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3369 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3374 skip(
"Non-English locale (test with hardcoded 'Everyone')\n");
3382 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3388 "SetEntriesInAclW failed: %lu\n",
res);
3390 "returned acl wasn't NULL: %p\n", NewAcl);
3396 "SetEntriesInAclW failed: %lu\n",
res);
3398 "returned acl wasn't NULL: %p\n", NewAcl);
3404 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3412 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3420 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3436 static const CHAR szEveryone[] = {
'E',
'v',
'e',
'r',
'y',
'o',
'n',
'e',0};
3437 static const CHAR szCurrentUser[] = {
'C',
'U',
'R',
'R',
'E',
'N',
'T',
'_',
'U',
'S',
'E',
'R',
'\0'};
3439 NewAcl = (
PACL)0xdeadbeef;
3443 win_skip(
"SetEntriesInAclA is not implemented\n");
3448 "NewAcl=%p, expected NULL\n", NewAcl);
3455 win_skip(
"ACLs not implemented - skipping tests\n");
3461 res =
AllocateAndInitializeSid( &SIDAuthWorld, 1,
SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &EveryoneSid);
3481 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3489 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3494 skip(
"Non-English locale (test with hardcoded 'Everyone')\n");
3502 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3508 "SetEntriesInAclA failed: %lu\n",
res);
3510 "returned acl wasn't NULL: %p\n", NewAcl);
3516 "SetEntriesInAclA failed: %lu\n",
res);
3518 "returned acl wasn't NULL: %p\n", NewAcl);
3524 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3532 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3540 ok(NewAcl !=
NULL,
"returned acl was NULL\n");
3559 ok(!
status,
"RtlAnsiStringToUnicodeString failed with %08lx\n",
status);
3562 ok(
ret,
"RtlDosPathNameToNtPathName_U failed\n");
3575 ok_(__FILE__,
line)(bret,
"GetAclInformation failed\n");
3579 "GetAclInformation returned unexpected entry count (%ld != 2)\n",
3585 ok_(__FILE__,
line)(bret,
"Failed to get Current User ACE\n");
3587 bret =
EqualSid(&ace->SidStart, user_sid);
3593 "Current User ACE has unexpected flags (0x%x != 0x%lx)\n",
3597 "Current User ACE has unexpected mask (0x%lx != 0x%lx)\n",
3603 ok_(__FILE__,
line)(bret,
"Failed to get Administators Group ACE\n");
3605 bret =
EqualSid(&ace->SidStart, admin_sid);
3611 "Administators Group ACE has unexpected flags (0x%x != 0x%lx)\n",
3615 "Administators Group ACE has unexpected mask (0x%lx != 0x%lx)\n",
3623 DWORD sid_size =
sizeof(admin_ptr), user_size;
3624 PSID admin_sid = (
PSID) admin_ptr, user_sid;
3648 win_skip(
"Failed to get current user token\n");
3653 "GetTokenInformation(TokenUser) failed with error %ld\n",
GetLastError());
3656 ok(bret,
"GetTokenInformation(TokenUser) failed with error %ld\n",
GetLastError());
3660 sa.nLength =
sizeof(
sa);
3661 sa.lpSecurityDescriptor = pSD;
3662 sa.bInheritHandle =
TRUE;
3667 ok(bret,
"Failed to initialize ACL.\n");
3670 ok(bret,
"Failed to add Current User to ACL.\n");
3673 ok(bret,
"Failed to add Administrator Group to ACL.\n");
3675 ok(bret,
"Failed to add ACL to security descriptor.\n");
3694 win_skip(
"GetNamedSecurityInfoA is not implemented\n");
3697 ok(!
error,
"GetNamedSecurityInfo failed with error %ld\n",
error);
3725 ok(bret,
"Failed to initialize ACL\n");
3727 ok(bret,
"Failed to add ACL to security descriptor\n");
3732 sa.nLength =
sizeof(
sa);
3733 sa.lpSecurityDescriptor = pSD;
3734 sa.bInheritHandle =
TRUE;
3744 ok(bret,
"GetAclInformation failed\n");
3746 ok(acl_size.
AceCount == 0,
"GetAclInformation returned unexpected entry count (%ld != 0).\n",
3758 ok(bret,
"GetAclInformation failed\n");
3760 ok(acl_size.
AceCount == 0,
"GetAclInformation returned unexpected entry count (%ld != 0).\n",
3772 attr.RootDirectory = 0;
3773 attr.ObjectName = &tmpfileW;
3776 attr.SecurityQualityOfService =
NULL;
3798 ok(bret,
"Failed to initialize ACL\n");
3800 ok(bret,
"Failed to add ACL to security descriptor\n");
3807 attr.RootDirectory = 0;
3808 attr.ObjectName = &tmpfileW;
3810 attr.SecurityDescriptor = pSD;
3811 attr.SecurityQualityOfService =
NULL;
3823 ok(bret,
"GetAclInformation failed\n");
3825 ok(acl_size.
AceCount == 0,
"GetAclInformation returned unexpected entry count (%ld != 0).\n",
3837 ok(bret,
"GetAclInformation failed\n");
3839 ok(acl_size.
AceCount == 0,
"GetAclInformation returned unexpected entry count (%ld != 0).\n",
3848 ok(bret ==
TRUE,
"RemoveDirectoryA should always succeed\n");
3857 PSID admin_sid = (
PSID) admin_ptr, users_sid = (
PSID) users_ptr;
3858 PSID system_sid = (
PSID) system_ptr, user_sid, localsys_sid;
3859 DWORD sid_size =
sizeof(admin_ptr), user_size;
3860 char invalid_path[] =
"/an invalid file path";
3861 int users_ace_id = -1, admins_ace_id = -1,
i;
3862 char software_key[] =
"MACHINE\\Software";
3872 BOOL owner_defaulted;
3873 BOOL group_defaulted;
3874 BOOL dacl_defaulted;
3889 win_skip(
"Failed to get current user token\n");
3894 "GetTokenInformation(TokenUser) failed with error %ld\n",
GetLastError());
3897 ok(bret,
"GetTokenInformation(TokenUser) failed with error %ld\n",
GetLastError());
3902 ok(bret,
"GetWindowsDirectory failed with error %ld\n",
GetLastError());
3917 win_skip(
"GetNamedSecurityInfoA is not implemented\n");
3921 ok(!
error,
"GetNamedSecurityInfo failed with error %ld\n",
error);
3924 ok(bret,
"GetSecurityDescriptorControl failed with error %ld\n",
GetLastError());
3926 "control (0x%x) doesn't have (SE_SELF_RELATIVE|SE_DACL_PRESENT) flags set\n",
control);
3930 ok(bret,
"GetSecurityDescriptorOwner failed with error %ld\n",
GetLastError());
3931 ok(owner !=
NULL,
"owner should not be NULL\n");
3934 ok(bret,
"GetSecurityDescriptorGroup failed with error %ld\n",
GetLastError());
3948 ok(!
error,
"GetNamedSecurityInfo failed with error %ld\n",
error);
3949 ok(pDacl !=
NULL,
"DACL should not be NULL\n");
3961 ok(
GetLastError() == 0xdeadbeef,
"Expected last error to remain unchanged.\n");
3969 ok(bret,
"Failed to initialize ACL.\n");
3971 ok(bret,
"Failed to add Current User to ACL.\n");
3973 ok(bret,
"Failed to add Administrator Group to ACL.\n");
3975 ok(bret,
"Failed to add ACL to security descriptor.\n");
3985 win_skip(
"SetNamedSecurityInfoA is not implemented\n");
3990 ok(!
error,
"SetNamedSecurityInfoA failed with error %ld\n",
error);
3996 win_skip(
"GetNamedSecurityInfoA is not implemented\n");
4001 ok(!
error,
"GetNamedSecurityInfo failed with error %ld\n",
error);
4004 ok(bret,
"GetAclInformation failed\n");
4008 ok(bret,
"Failed to get Current User ACE.\n");
4009 bret =
EqualSid(&ace->SidStart, user_sid);
4010 todo_wine ok(bret,
"Current User ACE (%s) != Current User SID (%s).\n",
4013 "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((
ACE_HEADER *)ace)->
AceFlags);
4014 ok(ace->Mask == 0x1f01ff,
"Current User ACE has unexpected mask (0x%lx != 0x1f01ff)\n",
4020 ok(bret,
"Failed to get Administators Group ACE.\n");
4021 bret =
EqualSid(&ace->SidStart, admin_sid);
4023 "Administators Group ACE (%s) != Administators Group SID (%s).\n",
4026 "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((
ACE_HEADER *)ace)->
AceFlags);
4028 "Administators Group ACE has unexpected mask (0x%lx != 0x1f01ff)\n", ace->Mask);
4035 ok(bret,
"Failed to initialize ACL.\n");
4038 ok(!
error,
"SetNamedSecurityInfoA failed with error %ld\n",
error);
4043 ok(!
error,
"GetNamedSecurityInfo failed with error %ld\n",
error);
4046 ok(bret,
"GetAclInformation failed\n");
4050 ok(bret,
"Failed to get ACE.\n");
4064 ok(!
error,
"SetNamedSecurityInfoA failed with error %ld\n",
error);
4068 ok(!
error,
"GetNamedSecurityInfo failed with error %ld\n",
error);
4082 ok(bret,
"Failed to initialize ACL.\n");
4084 ok(bret,
"Failed to add ACL to security descriptor.\n");
4114 ok(bret,
"Failed to initialize ACL.\n");
4116 ok(bret,
"Failed to add Current User to ACL.\n");
4118 ok(bret,
"Failed to add Current User to ACL.\n");
4120 ok(bret,
"Failed to add ACL to security descriptor.\n");
4130 ok(bret,
"Failed to initialize ACL.\n");
4132 ok(bret,
"Failed to add Current User to ACL.\n");
4134 ok(bret,
"Failed to add Current User to ACL.\n");
4136 ok(bret,
"Failed to add ACL to security descriptor.\n");
4148 sid_size =
sizeof(system_ptr);
4153 ok(!
error,
"GetNamedSecurityInfo failed with error %ld\n",
error);
4155 bret =
AllocateAndInitializeSid(&SIDAuthNT, 1,
SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, &localsys_sid);
4156 ok(bret,
"AllocateAndInitializeSid failed with error %ld\n",
GetLastError());
4159 ok(bret,
"GetSecurityDescriptorOwner failed with error %ld\n",
GetLastError());
4160 ok(owner !=
NULL,
"owner should not be NULL\n");
4162 "MACHINE\\Software owner SID (%s) != Administrators SID (%s) or Local System Sid (%s).\n",
4166 ok(bret,
"GetSecurityDescriptorGroup failed with error %ld\n",
GetLastError());
4170 "MACHINE\\Software group SID (%s) != Local System SID (%s or %s)\n",
4175 sid_size =
sizeof(users_ptr);
4179 ok(!
error,
"GetNamedSecurityInfo failed with error %ld\n",
error);
4182 ok(bret,
"GetSecurityDescriptorDacl failed with error %ld\n",
GetLastError());
4183 ok(dacl_present,
"DACL should be present\n");
4184 ok(pDacl &&
IsValidAcl(pDacl),
"GetSecurityDescriptorDacl returned invalid DACL.\n");
4186 ok(bret,
"GetAclInformation failed\n");
4187 ok(acl_size.
AceCount != 0,
"GetAclInformation returned no ACLs\n");
4191 ok(bret,
"Failed to get ACE %d.\n",
i);
4192 bret =
EqualSid(&ace->SidStart, users_sid);
4193 if (bret) users_ace_id =
i;
4194 bret =
EqualSid(&ace->SidStart, admin_sid);
4195 if (bret) admins_ace_id =
i;
4197 ok(users_ace_id != -1 ||
broken(users_ace_id == -1) ,
4198 "Builtin Users ACE not found.\n");
4199 if (users_ace_id != -1)
4201 bret =
GetAce(pDacl, users_ace_id, (
VOID **)&ace);
4202 ok(bret,
"Failed to get Builtin Users ACE.\n");
4208 "Builtin Users ACE has unexpected flags (0x%x != 0x%x)\n",
flags,
4212 "Builtin Users ACE has unexpected mask (0x%lx != 0x%x)\n",
4215 ok(admins_ace_id != -1,
"Builtin Admins ACE not found.\n");
4216 if (admins_ace_id != -1)
4218 bret =
GetAce(pDacl, admins_ace_id, (
VOID **)&ace);
4219 ok(bret,
"Failed to get Builtin Admins ACE.\n");
4227 "Builtin Admins ACE has unexpected flags (0x%x != 0x0)\n",
flags);
4229 "Builtin Admins ACE has unexpected mask (0x%lx != 0x%x)\n", ace->Mask,
KEY_ALL_ACCESS);
4240 static const WCHAR Blank[] = { 0 };
4246 const char *sidstring;
4305 ok(
ret == cssd[
i].
ret,
"(%02u) Expected %s (%ld)\n",
i, cssd[
i].
ret ?
"success" :
"failure",
GLE);
4308 (cssd[
i].altGLE &&
GLE == cssd[
i].altGLE),
4309 "(%02u) Unexpected last error %ld\n",
i,
GLE);
4312 if (cssd[
i].ace_Mask)
4320 ok(ace->
Mask == cssd[
i].ace_Mask,
"(%02u) Expected %08lx, got %08lx\n",
4321 i, cssd[
i].ace_Mask, ace->
Mask);
4333 "ConvertStringSecurityDescriptorToSecurityDescriptor should have failed with ERROR_INVALID_PARAMETER instead of %ld\n",
4340 "ConvertStringSecurityDescriptorToSecurityDescriptor should have failed with ERROR_INVALID_PARAMETER instead of %ld\n",
4345 "D:(A;;ROB;;;WD)", 0xdeadbeef,
NULL,
NULL);
4347 "ConvertStringSecurityDescriptorToSecurityDescriptor should have failed with ERROR_INVALID_PARAMETER instead of %ld\n",
4354 "ConvertStringSecurityDescriptorToSecurityDescriptor should have failed with ERROR_INVALID_PARAMETER instead of %ld\n",
4361 ok(
ret,
"ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %ld\n",
GetLastError());
4366 "D:P(A;;GRGW;;;BA)(A;;GRGW;;;S-1-5-21-0-0-0-1000)S:(ML;;NWNR;;;S-1-16-12288)",
SDDL_REVISION_1, &pSD,
NULL);
4368 "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %lu\n",
GetLastError());
4413#define CHECK_RESULT_AND_FREE(exp_str) \
4414 ok(strcmp(string, (exp_str)) == 0, "String mismatch (expected \"%s\", got \"%s\")\n", (exp_str), string); \
4415 ok(len >= (strlen(exp_str) + 1), "Length mismatch (expected %d, got %ld)\n", lstrlenA(exp_str) + 1, len); \
4418#define CHECK_ONE_OF_AND_FREE(exp_str1, exp_str2) \
4419 ok(strcmp(string, (exp_str1)) == 0 || strcmp(string, (exp_str2)) == 0, "String mismatch (expected\n\"%s\" or\n\"%s\", got\n\"%s\")\n", (exp_str1), (exp_str2), string); \
4420 ok(len >= (strlen(exp_str1) + 1) || len >= (strlen(exp_str2) + 1), "Length mismatch (expected %d or %d, got %ld)\n", lstrlenA(exp_str1) + 1, lstrlenA(exp_str2) + 1, len); \
4437 size =
sizeof(sid_buf);
4451 pacl = (
PACL)acl_buf;
4472 CHECK_RESULT_AND_FREE(
"O:SYG:S-1-5-21-93476-23408-4576D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)");
4475 pacl = (
PACL)acl_buf;
4486 "O:SYG:S-1-5-21-93476-23408-4576D:NO_ACCESS_CONTROLS:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)" );
4491 CHECK_ONE_OF_AND_FREE(
"O:SYG:S-1-5-21-93476-23408-4576D:S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)",
4492 "O:SYG:S-1-5-21-93476-23408-4576D:NO_ACCESS_CONTROLS:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)" );
4507 | 0x00000040 | 0x00000080
4518 LPCSTR fmt =
"Expected error %s, got %u\n";
4526 for (bit = 0; bit < 16; ++bit)
4533 DWORD dwExpect = (bitOfInterest & immutable)
4535 LPCSTR strExpect = (bitOfInterest & immutable)
4536 ?
"ERROR_INVALID_PARAMETER" :
"0xbebecaca";
4538 ctrl = (bitOfInterest &
mutable) ?
ref + bitOfInterest :
ref;
4539 setOrClear ^= bitOfInterest;
4546 setOrClear ^= bitOfInterest;
4556 for (bit = 0; bit < 16; ++bit)
4563 DWORD dwExpect = ((1 << bit) & immutable)
4565 LPCSTR strExpect = ((1 << bit) & immutable)
4566 ?
"ERROR_INVALID_PARAMETER" :
"0xbebecaca";
4568 ctrl = ((1 << bit) & immutable) ?
test :
ref |
mutable;
4569 setOrClear ^= bitsOfInterest;
4576 ctrl = ((1 << bit) & immutable) ?
test :
ref | (1 << bit);
4577 setOrClear ^= bitsOfInterest;
4601 "G:S-1-5-21-93476-23408-4576"
4602 "D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)"
4603 "(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)"
4604 "S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)",
4613 "G:S-1-5-21-93476-23408-4576",
4622 "G:S-1-5-21-93476-23408-4576"
4623 "D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)"
4624 "S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)",
SDDL_REVISION_1, &sec, &dwDescSize),
"Creating descriptor failed\n");
4632 ok(retSize <= dwDescSize,
"Buffer too small (%ld vs %ld)\n", retSize, dwDescSize);
4640 ok(retSize <= dwDescSize,
"Buffer too small (%ld vs %ld)\n", retSize, dwDescSize);
4643 CHECK_ONE_OF_AND_FREE(
"G:S-1-5-21-93476-23408-4576D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)",
4644 "G:S-1-5-21-93476-23408-4576D:P(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)");
4650 ok(retSize == dwDescSize,
"Buffer too small (%ld vs %ld)\n", retSize, dwDescSize);
4653 "G:S-1-5-21-93476-23408-4576"
4654 "D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)"
4655 "S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)",
4657 "G:S-1-5-21-93476-23408-4576"
4658 "D:P(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)"
4659 "S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)");
4670#undef CHECK_RESULT_AND_FREE
4671#undef CHECK_ONE_OF_AND_FREE
4683 win_skip(
"InitializeAcl is not implemented\n");
4698 ok(
ret,
"InitializeAcl(ACL_REVISION2) failed with error %ld\n",
GetLastError());
4704 ok(
ret,
"InitializeAcl(ACL_REVISION3) failed with error %ld\n",
GetLastError());
4711 ok(
ret,
"InitializeAcl(ACL_REVISION4) failed with error %ld\n",
GetLastError());
4726 PSID domain_users_sid = (
PSID) domain_users_ptr, domain_sid;
4728 int domain_users_ace_id = -1, admins_ace_id = -1,
i;
4729 DWORD sid_size =
sizeof(admin_ptr),
l =
sizeof(
b);
4731 PSID admin_sid = (
PSID) admin_ptr, user_sid;
4733 BOOL owner_defaulted, group_defaulted;
4734 BOOL dacl_defaulted, dacl_present;
4770 win_skip(
"Failed to get current user token\n");
4774 ok(bret,
"GetTokenInformation(TokenUser) failed with error %ld\n",
GetLastError());
4783 skip(
"Couldn't create an object for GetSecurityInfo test\n");
4792 win_skip(
"GetSecurityInfo is not implemented\n");
4797 ok(pSD !=
NULL,
"GetSecurityInfo\n");
4798 ok(owner !=
NULL,
"GetSecurityInfo\n");
4803 win_skip(
"No ACL information returned\n");
4813 ok(owner !=
NULL,
"GetSecurityInfo\n");
4818 win_skip(
"No ACL information returned\n");
4826 ok(bret,
"Failed to initialize ACL.\n");
4828 ok(bret,
"Failed to add Current User to ACL.\n");
4830 ok(bret,
"Failed to add Administrator Group to ACL.\n");
4832 ok(bret,
"Failed to add ACL to security descriptor.\n");
4839 ok(pDacl &&
IsValidAcl(pDacl),
"GetSecurityInfo returned invalid DACL.\n");
4841 ok(bret,
"GetAclInformation failed\n");
4845 ok(bret,
"Failed to get Current User ACE.\n");
4847 bret =
EqualSid(&ace->SidStart, user_sid);
4848 todo_wine ok(bret,
"Current User ACE (%s) != Current User SID (%s).\n",
4852 "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((
ACE_HEADER *)ace)->
AceFlags);
4853 ok(ace->Mask == 0x1f01ff,
"Current User ACE has unexpected mask (0x%lx != 0x1f01ff)\n",
4859 ok(bret,
"Failed to get Administators Group ACE.\n");
4861 bret =
EqualSid(&ace->SidStart, admin_sid);
4865 "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((
ACE_HEADER *)ace)->
AceFlags);
4866 ok(ace->Mask == 0x1f01ff,
"Administators Group ACE has unexpected mask (0x%lx != 0x1f01ff)\n",
4878 win_skip(
"Failed to get current domain SID\n");
4881 sid_size =
sizeof(domain_users_ptr);
4882 CreateWellKnownSid(WinAccountDomainUsersSid, domain_sid, domain_users_sid, &sid_size);
4889 ok(!
ret,
"GetNamedSecurityInfo failed with error %ld\n",
ret);
4892 ok(bret,
"GetSecurityDescriptorOwner failed with error %ld\n",
GetLastError());
4893 ok(owner !=
NULL,
"owner should not be NULL\n");
4895 "Process owner SID != Administrators SID.\n");
4898 ok(bret,
"GetSecurityDescriptorGroup failed with error %ld\n",
GetLastError());
4900 ok(
EqualSid(
group, domain_users_sid),
"Process group SID != Domain Users SID.\n");
4906 ok(!
ret,
"GetSecurityInfo failed with error %ld\n",
ret);
4909 ok(bret,
"GetSecurityDescriptorDacl failed with error %ld\n",
GetLastError());
4910 ok(dacl_present,
"DACL should be present\n");
4911 ok(pDacl &&
IsValidAcl(pDacl),
"GetSecurityDescriptorDacl returned invalid DACL.\n");
4913 ok(bret,
"GetAclInformation failed\n");
4914 ok(acl_size.
AceCount != 0,
"GetAclInformation returned no ACLs\n");
4918 ok(bret,
"Failed to get ACE %d.\n",
i);
4919 bret =
EqualSid(&ace->SidStart, domain_users_sid);
4920 if (bret) domain_users_ace_id =
i;
4921 bret =
EqualSid(&ace->SidStart, admin_sid);
4922 if (bret) admins_ace_id =
i;
4924 ok(domain_users_ace_id != -1 ||
broken(domain_users_ace_id == -1) ,
4925 "Domain Users ACE not found.\n");
4926 if (domain_users_ace_id != -1)
4928 bret =
GetAce(pDacl, domain_users_ace_id, (
VOID **)&ace);
4929 ok(bret,
"Failed to get Domain Users ACE.\n");
4932 "Domain Users ACE has unexpected flags (0x%x != 0x%x)\n",
flags,
4934 ok(ace->Mask ==
GENERIC_READ,
"Domain Users ACE has unexpected mask (0x%lx != 0x%x)\n",
4937 ok(admins_ace_id != -1 ||
broken(admins_ace_id == -1) ,
4938 "Builtin Admins ACE not found.\n");
4939 if (admins_ace_id != -1)
4941 bret =
GetAce(pDacl, admins_ace_id, (
VOID **)&ace);
4942 ok(bret,
"Failed to get Builtin Admins ACE.\n");
4944 ok(
flags == 0x0,
"Builtin Admins ACE has unexpected flags (0x%x != 0x0)\n",
flags);
4946 "Builtin Admins ACE has unexpected mask (0x%lx != 0x%x)\n", ace->Mask,
PROCESS_ALL_ACCESS);
4958 sa.lpSecurityDescriptor =
sd;
5066 "GetTokenInformation(TokenGroups) %s with error %ld\n",
5070 ok(
ret,
"GetTokenInformation(TokenGroups) failed with error %ld\n",
GetLastError());
5082 skip(
"user not a member of any group\n");
5089 ok(is_member,
"CheckTokenMembership should have detected sid as member\n");
5094 ok(is_member,
"CheckTokenMembership should have detected sid as member\n");
5100 "CheckTokenMembership with process token %s with error %ld\n",
5102 ok(!is_member,
"CheckTokenMembership should have cleared is_member\n");
5121 win_skip(
"AllocateAndInitializeSid is not implemented\n");
5126 "AllocateAndInitializeSid shouldn't have set last error to %ld\n",
5130 0, 0, 0, 0, 0, 0, 0, &sid2);
5135 ok(!
ret,
"World and domain admins sids shouldn't have been equal\n");
5137 "EqualSid should have set last error to ERROR_SUCCESS instead of %ld\n",
5142 ok(!sid2,
"FreeSid should have returned NULL instead of %p\n", sid2);
5144 "FreeSid shouldn't have set last error to %ld\n",
5154 ok(
ret,
"Same sids should have been equal %s != %s\n",
5157 "EqualSid should have set last error to ERROR_SUCCESS instead of %ld\n",
5161 ((
SID *)sid2)->Revision = 2;
5164 ok(!
ret,
"EqualSid with invalid sid should have returned FALSE\n");
5166 "EqualSid should have set last error to ERROR_SUCCESS instead of %ld\n",
5177 DWORD required_len, buffer_len;
5191 ok(required_len != 0,
"Outputted buffer length was %lu\n", required_len);
5198 ok(required_len != 0 && required_len != 1,
"Outputted buffer length was %lu\n", required_len);
5205 required_len =
UNLEN + 1;
5222 ok(required_len != 0,
"Outputted buffer length was %lu\n", required_len);
5227 buffer_len = required_len;
5231 ok(buffer_len == required_len ||
5232 broken(buffer_len == required_len /
sizeof(
WCHAR)),
5233 "Outputted buffer length was %lu\n", buffer_len);
5244 ok(buffer_len == required_len,
"Outputted buffer length was %lu\n", buffer_len);
5251 DWORD required_len, buffer_len;
5265 ok(required_len != 0,
"Outputted buffer length was %lu\n", required_len);
5272 ok(required_len != 0 && required_len != 1,
"Outputted buffer length was %lu\n", required_len);
5279 required_len =
UNLEN + 1;
5294 ok(required_len != 0,
"Outputted buffer length was %lu\n", required_len);
5299 buffer_len = required_len;
5303 ok(buffer_len == required_len,
"Outputted buffer length was %lu\n", buffer_len);
5314 "Output buffer was altered\n");
5315 ok(buffer_len == required_len,
"Outputted buffer length was %lu\n", buffer_len);
5327 char privs_buffer[1000];
5333 LUID luid = { 0, 0 };
5359 ok(!!removed_sid,
"user is not a member of any group\n");
5364 ok(is_member,
"not a member\n");
5366 sattr.
Sid = removed_sid;
5375 ok(!is_member,
"not a member\n");
5431 ok(i < privs->PrivilegeCount,
"user has no privileges\n");
5445 ok(!is_member,
"privilege should not be enabled\n");
5456 ok(!is_member,
"disabled privilege should not be present\n");
5479 ok(
ret,
"security descriptor is not valid\n");
5483 acl = (
void *)0xdeadbeef;
5488 ok(present == 1,
"acl is not present\n");
5490 ok(acl != (
void *)0xdeadbeef && acl !=
NULL,
"acl pointer is not set\n");
5491 ok(defaulted == 0,
"defaulted is set to TRUE\n");
5494 sid = (
void *)0xdeadbeef;
5499 ok(
sid != (
void *)0xdeadbeef &&
sid !=
NULL,
"sid pointer is not set\n");
5500 ok(defaulted == 0,
"defaulted is set to TRUE\n");
5503 sid = (
void *)0xdeadbeef;
5508 ok(
sid != (
void *)0xdeadbeef &&
sid !=
NULL,
"sid pointer is not set\n");
5509 ok(defaulted == 0,
"defaulted is set to TRUE\n");
5522 priv_set_len =
sizeof(priv_set);
5523 granted = 0xdeadbeef;
5530 ok(granted ==
mapping->GenericAll,
"expected all access %#lx, got %#lx\n",
mapping->GenericAll, granted);
5532 priv_set_len =
sizeof(priv_set);
5533 granted = 0xdeadbeef;
5540 ok(granted == 0,
"expected 0, got %#lx\n", granted);
5542 priv_set_len =
sizeof(priv_set);
5543 granted = 0xdeadbeef;
5550 ok(granted == 0,
"expected 0, got %#lx\n", granted);
5552 priv_set_len =
sizeof(priv_set);
5553 granted = 0xdeadbeef;
5560 ok(granted ==
mapping->GenericRead,
"expected read access %#lx, got %#lx\n",
mapping->GenericRead, granted);
5562 priv_set_len =
sizeof(priv_set);
5563 granted = 0xdeadbeef;
5570 ok(granted ==
mapping->GenericWrite,
"expected write access %#lx, got %#lx\n",
mapping->GenericWrite, granted);
5572 priv_set_len =
sizeof(priv_set);
5573 granted = 0xdeadbeef;
5580 ok(granted ==
mapping->GenericExecute,
"expected execute access %#lx, got %#lx\n",
mapping->GenericExecute, granted);
5593 return info.GrantedAccess;
5606 int generic, mapped;
5618 ok(!
mutex,
"mutex should not exist\n");
5643 ok(!
dup,
"OpenMutex should fail\n");
5663 int generic, mapped;
5675 ok(!
event,
"event should not exist\n");
5700 ok(!
dup,
"OpenEvent should fail\n");
5720 int generic, mapped;
5732 ok(!
sem,
"semaphore should not exist\n");
5760#define WINE_TEST_PIPE "\\\\.\\pipe\\WineTestPipe"
5771 int generic, mapped;
5784 } creation_access[] =
5805 "CreateNamedPipeA(0x%lx) pipe expected access 0x%lx (got 0x%lx)\n",
5806 creation_access[
i].open_mode, creation_access[
i].
access,
access);
5872 int generic, mapped;
5921 ok(!
ret,
"ReadFile should fail\n");
5937 ok(!
ret,
"ReadFile should fail\n");
5994 int generic, mapped;
6036 if (
map[
i].open_only)
continue;
6040 if (prot_map[
i].mapped)
6046 ok(!
mapping,
"CreateFileMapping(%04x) should fail\n", prot_map[
i].prot);
6052 ok(
access == prot_map[
i].mapped,
"%ld: expected %#x, got %#lx\n",
i, prot_map[
i].mapped,
access);
6063 "expected STANDARD_RIGHTS_REQUIRED | SECTION_QUERY | SECTION_MAP_READ | SECTION_MAP_WRITE | SECTION_MAP_EXECUTE, got %#lx\n",
access);
6067 if (
map[
i].open_only)
continue;
6085 "Wine Test Open Mapping");
6086 ok(created_mapping !=
NULL,
"CreateFileMapping failed with error %lu\n",
GetLastError());
6095 ok(
access ==
map[
i].mapped,
"%ld: unexpected access flags %#lx, expected %#x\n",
6109 int generic, mapped;
6141 "%ld: expected %#x, got %#lx\n",
i,
map[
i].mapped,
access);
6147 "%ld: expected %#x, got %#lx\n",
i,
map[
i].mapped,
access);
6151 "%ld: expected %#x, got %#lx\n",
i,
map[
i].mapped,
access);
6168 "expected THREAD_QUERY_INFORMATION|THREAD_QUERY_LIMITED_INFORMATION, got %#lx\n",
access);
6181 char cmdline[] =
"winver.exe";
6184 int generic, mapped;
6195 memset(&sti, 0,
sizeof(sti));
6196 sti.
cb =
sizeof(sti);
6219 "%ld: expected %#x, got %#lx\n",
i,
map[
i].mapped,
access);
6226 "%ld: expected %#x, got %#lx\n",
i,
map[
i].mapped,
access);
6230 "%ld: expected %#x, got %#lx\n",
i,
map[
i].mapped,
access);
6234 "%ld: expected %#x, got %#lx\n",
i,
map[
i].mapped,
access);
6251 "expected PROCESS_QUERY_INFORMATION|PROCESS_QUERY_LIMITED_INFORMATION, got %#lx\n",
access);
6277 "expected PROCESS_VM_OPERATION|PROCESS_VM_WRITE|PROCESS_QUERY_LIMITED_INFORMATION, got %#lx\n",
access);
6303 ok(needed ==
sizeof(
type),
"GetTokenInformation should return required buffer length\n");
6313 ok(needed ==
sizeof(sil),
"GetTokenInformation should return required buffer length\n");
6316 needed = 0xdeadbeef;
6319 ok(!
ret,
"GetTokenInformation should fail\n");
6321 ok(needed != 0xdeadbeef,
"GetTokenInformation should return required buffer length\n");
6324 needed = 0xdeadbeef;
6327 ok(!
ret,
"GetTokenInformation should fail\n");
6329 ok(needed != 0xdeadbeef,
"GetTokenInformation should return required buffer length\n");
6330 ok(needed >
sizeof(
TOKEN_OWNER),
"GetTokenInformation returned empty token owner\n");
6332 needed = 0xdeadbeef;
6335 ok(!
ret,
"GetTokenInformation should fail\n");
6337 ok(needed != 0xdeadbeef,
"GetTokenInformation should return required buffer length\n");
6338 ok(needed >
sizeof(
TOKEN_PRIMARY_GROUP),
"GetTokenInformation returned empty token primary group\n");
6352 ok(token_type ==
TokenPrimary,
"expected TokenPrimary, got %ld\n", token_type);
6353 ok(!
ret,
"access token should not be an impersonation token\n");
6359 ok(
ret,
"access token should be a valid impersonation token\n");
6398 win_skip(
"TokenIntegrityLevel not supported\n");
6430 BOOL ret, defaulted, present, found;
6452 sa.lpSecurityDescriptor =
sd;
6465 owner = (
void *)0xdeadbeef;
6469 ok( owner != (
void *)0xdeadbeef,
"owner not set\n" );
6470 ok( !defaulted,
"owner defaulted\n" );
6471 ok(
EqualSid( owner, token_owner->
Owner ),
"owner shall equal token owner\n" );
6473 group = (
void *)0xdeadbeef;
6477 ok(
group != (
void *)0xdeadbeef,
"group not set\n" );
6478 ok( !defaulted,
"group defaulted\n" );
6481 dacl = (
void *)0xdeadbeef;
6486 ok( present,
"dacl not present\n" );
6487 ok(
dacl != (
void *)0xdeadbeef,
"dacl not set\n" );
6488 ok( !defaulted,
"dacl defaulted\n" );
6495 "expected ACCESS_ALLOWED_ACE_TYPE, got %d\n", ace->
Header.
AceType );
6498 ok( found,
"owner sid not found in dacl\n" );
6507 "expected ACCESS_ALLOWED_ACE_TYPE, got %d\n", ace->Header.AceType );
6510 ok( !found,
"DACL shall not reference token user if it is different from token owner\n" );
6513 free(
sa.lpSecurityDescriptor );
6517 free( token_primary_group );
6518 free( token_owner );
6539 tp.PrivilegeCount = 1;
6540 tp.Privileges[0].Luid = luid;
6546 ok(
len == 0xdeadbeef,
"got length %ld\n",
len);
6549 tp.PrivilegeCount = 1;
6550 tp.Privileges[0].Luid = luid;
6551 tp.Privileges[0].Attributes = 0;
6562 char acl_buf[1024], ace_buf[256];
6567 memset(ace, 0,
sizeof(ace_buf));
6599 ok(!
ret,
"AddAce succeeded\n");
6615 char buffer_acl[256];
6616 ACL *acl = (
ACL *)&buffer_acl;
6623 if (!pAddMandatoryAce)
6625 win_skip(
"AddMandatoryAce not supported, skipping test\n");
6630 ok(
ret,
"InitializeSecurityDescriptor failed with error %lu\n",
GetLastError());
6632 sa.nLength =
sizeof(
sa);
6633 sa.lpSecurityDescriptor =
sd;
6641 "Unexpected GetKernelObjectSecurity return value %u, error %lu\n",
ret,
GetLastError());
6647 sacl = (
void *)0xdeadbeef;
6651 ok(!present,
"SACL is present\n");
6652 ok(sacl == (
void *)0xdeadbeef,
"SACL is set\n");
6657 memset(buffer_acl, 0,
sizeof(buffer_acl));
6663 ok(!
ret,
"AddMandatoryAce succeeded\n");
6665 "Expected ERROR_INVALID_PARAMETER got %lu\n",
GetLastError());
6679 ok(!
ret,
"expected failure\n");
6690 "Unexpected GetKernelObjectSecurity return value %u, error %lu\n",
ret,
GetLastError());
6696 sacl = (
void *)0xdeadbeef;
6701 ok(present,
"SACL not present\n");
6702 ok(sacl != (
void *)0xdeadbeef,
"SACL not set\n");
6703 ok(!defaulted,
"SACL defaulted\n");
6706 ok(acl_size_info.
AceCount == 1,
"SACL contains an unexpected ACE count %lu\n", acl_size_info.
AceCount);
6725 "Unexpected GetKernelObjectSecurity return value %u, error %lu\n",
ret,
GetLastError());
6731 sacl = (
void *)0xdeadbeef;
6736 ok(present,
"SACL not present\n");
6737 ok(sacl != (
void *)0xdeadbeef,
"SACL not set\n");
6739 ok(!defaulted,
"SACL defaulted\n");
6757 ok(!
ret,
"expected failure\n");
6770 "Unexpected GetKernelObjectSecurity return value %d, error %lu\n",
ret,
GetLastError());
6776 sacl = (
void *)0xdeadbeef;
6781 ok(present,
"SACL not present\n");
6782 ok(sacl && sacl != (
void *)0xdeadbeef,
"SACL not set\n");
6783 ok(!defaulted,
"SACL defaulted\n");
6802 "Unexpected GetKernelObjectSecurity return value %d, error %lu\n",
ret,
GetLastError());
6808 sacl = (
void *)0xdeadbeef;
6813 ok(present,
"SACL not present\n");
6814 ok(sacl != (
void *)0xdeadbeef,
"SACL not set\n");
6816 ok(!defaulted,
"SACL defaulted\n");
6823 ret =
AllocateAndInitializeSid(&sia_world, 1,
SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, (
void **)&everyone);
6837 "Unexpected GetKernelObjectSecurity return value %d, error %lu\n",
ret,
GetLastError());
6843 sacl = (
void *)0xdeadbeef;
6848 ok(present,
"SACL not present\n");
6849 ok(sacl && sacl != (
void *)0xdeadbeef,
"SACL not set\n");
6850 ok(!defaulted,
"SACL defaulted\n");
6860 static const WCHAR testkeyW[] =
6861 {
'S',
'O',
'F',
'T',
'W',
'A',
'R',
'E',
'\\',
'W',
'i',
'n',
'e',
'\\',
'S',
'A',
'C',
'L',
't',
'e',
's',
't',0};
6883 skip(
"unprivileged user\n" );
6900 win_skip(
"privilege not held\n" );
6963 PSID domain_sid = (
PSID *)&buffer1;
6967 PSID domain_sid = (
PSID *)&buffer1;
6968 PSID domain_sid2 = (
PSID *)&buffer2;
6985 win_skip(
"Failed to get current user token\n");
6991 "GetTokenInformation(TokenUser) failed with error %ld\n",
GetLastError());
6994 ok(bret,
"GetTokenInformation(TokenUser) failed with error %ld\n",
GetLastError());
7000 ok(!bret,
"GetWindowsAccountDomainSid succeeded\n");
7005 ok(!bret,
"GetWindowsAccountDomainSid succeeded\n");
7011 ok(!bret,
"GetWindowsAccountDomainSid succeeded\n");
7017 ok(!bret,
"GetWindowsAccountDomainSid succeeded\n");
7023 ok(!bret,
"GetWindowsAccountDomainSid succeeded\n");
7029 ok(bret,
"GetWindowsAccountDomainSid failed with error %ld\n",
GetLastError());
7033 for (
i = 0;
i < 4;
i++)
7035 ok(
EqualSid(domain_sid, domain_sid2),
"unexpected domain sid %s != %s\n",
7051 ok(!
ret,
"expected FALSE, got %u\n",
ret);
7055 ok(
id !=
NULL,
"got NULL pointer as identifier authority\n");
7060 ok(
id !=
NULL,
"got NULL pointer as identifier authority\n");
7073 memset(&statistics1, 0x11,
sizeof(statistics1));
7080 memset(&statistics2, 0x22,
sizeof(statistics2));
7082 &statistics2,
sizeof(statistics2), &retlen);
7084 "GetTokenInformation failed with %lu\n",
GetLastError());
7086 ok(!
memcmp(&statistics1, &statistics2,
sizeof(statistics1)),
"Token statistics do not match\n");
7088 win_skip(
"CurrentProcessToken not supported, skipping test\n");
7092 memset(&statistics2, 0x22,
sizeof(statistics2));
7094 &statistics2,
sizeof(statistics2), &retlen);
7096 "GetTokenInformation failed with %lu\n",
GetLastError());
7098 ok(!
memcmp(&statistics1, &statistics2,
sizeof(statistics1)),
"Token statistics do not match\n");
7100 win_skip(
"CurrentThreadEffectiveToken not supported, skipping test\n");
7104 ok(!
ret,
"OpenThreadToken should have failed\n");
7110 &statistics2,
sizeof(statistics2), &retlen);
7121 ACL *acl = (
ACL *)&buffer_acl;
7128 if (!pCreateEventExA)
7130 win_skip(
"CreateEventExA is not available\n");
7136 memset(buffer_acl, 0,
sizeof(buffer_acl));
7143 sa.lpSecurityDescriptor =
sd;
7170 "Unexpected GetKernelObjectSecurity return value %d, error %lu\n",
ret,
GetLastError());
7177 ok(
ret,
"GetSecurityDescriptorControl failed with error %lu\n",
GetLastError());
7180 "Unexpected security descriptor control %#x\n",
control);
7183 "Unexpected security descriptor control %#x\n",
control);
7186 sid = (
void *)0xdeadbeef;
7190 ok(!
sid,
"Owner present\n");
7191 ok(!defaulted,
"Owner defaulted\n");
7193 sid = (
void *)0xdeadbeef;
7197 ok(!
sid,
"Group present\n");
7198 ok(!defaulted,
"Group defaulted\n");
7202 ok(present,
"No SACL in the security descriptor\n");
7203 ok(!!sacl,
"NULL SACL in the security descriptor\n");
7204 ok(!defaulted,
"SACL defaulted\n");
7205 ok(sacl->
AceCount == 1,
"SACL contains an unexpected ACE count %u\n", sacl->
AceCount);
7233 char sacl_buffer[50];
7235 ACL *sacl = (
ACL *)sacl_buffer;
7242 if (!pAddMandatoryAce)
7244 win_skip(
"Mandatory integrity control is not supported.\n");
7257 ok(level2 ==
level,
"Expected level %#lx, got %#lx.\n",
level, level2);
7265 ok(level2 ==
level,
"Expected level %#lx, got %#lx.\n",
level, level2);
7272 ok(!
ret,
"expected failure\n");
7287 attr.lpSecurityDescriptor =
sd;
7292 ok(level2 ==
level,
"Expected level %#lx, got %#lx.\n",
level, level2);
7300 ok(level2 ==
level,
"Expected level %#lx, got %#lx.\n",
level, level2);
7309 skip(
"Linked token tests crash on Vista and Win7.\n");
7317 ok(level2 ==
level,
"Expected level %#lx, got %#lx.\n",
level, level2);
7334 ACL *acl = (
ACL *)&buffer_acl, *acl2, *acl_child;
7335 BOOL defaulted, present,
ret, found;
7350 ok(
ret,
"InitializeSecurityDescriptor failed with error %lu\n",
GetLastError());
7352 memset(buffer_acl, 0,
sizeof(buffer_acl));
7366 sa.lpSecurityDescriptor =
sd;
7374 "Unexpected GetKernelObjectSecurity return value %d, error %lu\n",
ret,
GetLastError());
7380 acl2 = (
void *)0xdeadbeef;
7385 ok(present,
"acl2 not present\n");
7386 ok(acl2 != (
void *)0xdeadbeef,
"acl2 not set\n");
7387 ok(acl2->AceCount == 1,
"Expected 1 ACE, got %d\n", acl2->AceCount);
7388 ok(!defaulted,
"acl2 defaulted\n");
7395 "Expected NO_PROPAGATE_INHERIT_ACE as flags, got %x\n", ace->
Header.
AceFlags);
7406 "Unexpected GetKernelObjectSecurity return value %d, error %lu\n",
ret,
GetLastError());
7412 acl2 = (
void *)0xdeadbeef;
7417 ok(present,
"DACL not present\n");
7419 ok(acl2 != (
void *)0xdeadbeef,
"DACL not set\n");
7420 ok(!defaulted,
"DACL defaulted\n");
7429 ok(!found,
"Access allowed ACE was inherited\n");
7437 "Unexpected GetKernelObjectSecurity return value %d, error %lu\n",
ret,
GetLastError());
7443 acl2 = (
void *)0xdeadbeef;
7448 ok(present,
"DACL not present\n");
7449 ok(acl2 != (
void *)0xdeadbeef,
"DACL not set\n");
7450 ok(!defaulted,
"DACL defaulted\n");
7466 ok(
ret,
"InitializeSecurityDescriptor failed with error %lu\n",
GetLastError());
7475 if (pAddMandatoryAce)
7485 ok(
ret,
"InitializeSecurityDescriptor failed with error %lu\n",
GetLastError());
7494 win_skip(
"SYSTEM_MANDATORY_LABEL not supported\n");
7539 "Unexpected GetKernelObjectSecurity return value %d, error %lu\n",
ret,
GetLastError());
7550 ok(present,
"DACL not present\n");
7551 ok(acl && acl != (
void *)0xdeadbeef,
"Got invalid DACL\n");
7552 ok(!defaulted,
"DACL defaulted\n");
7554 ok(acl->
AceCount,
"Expected at least one ACE\n");
7560 "ACE inherited from the parent\n");
7566 if (!pAddMandatoryAce)
7568 win_skip(
"SYSTEM_MANDATORY_LABEL not supported\n");
7574 "Unexpected GetKernelObjectSecurity return value %d, error %lu\n",
ret,
GetLastError());
7585 ok(present,
"SACL not present\n");
7586 ok(acl && acl != (
void *)0xdeadbeef,
"Got invalid SACL\n");
7587 ok(!defaulted,
"SACL defaulted\n");
7588 ok(acl->
AceCount == 1,
"Expected exactly one ACE\n");
7589 ret =
GetAce(acl, 0, (
void **)&ace_label);
7594 "Low integrity level should not have been inherited\n");
7601 static const WCHAR wszCurrentUser[] = {
'C',
'U',
'R',
'R',
'E',
'N',
'T',
'_',
'U',
'S',
'E',
'R',
'\0'};
7615 res =
AllocateAndInitializeSid(&SIDAuthWorld, 1,
SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &everyone_sid);
7628 ok(
count == 1,
"Expected count == 1, got %ld\n",
count);
7629 ok(access2[0].grfAccessMode ==
GRANT_ACCESS,
"Expected GRANT_ACCESS, got %d\n", access2[0].grfAccessMode);
7630 ok(access2[0].grfAccessPermissions ==
KEY_READ,
"Expected KEY_READ, got %ld\n", access2[0].grfAccessPermissions);
7632 ok(access2[0].grfInheritance ==
NO_INHERITANCE,
"Expected NO_INHERITANCE, got %lx\n", access2[0].grfInheritance);
7633 ok(
EqualSid(access2[0].Trustee.ptstrName, users_sid),
"Expected equal SIDs\n");
7644 access.Trustee.ptstrName = everyone_sid;
7647 ok(new_acl !=
NULL,
"returned acl was NULL\n");
7652 ok(
count == 2,
"Expected count == 2, got %ld\n",
count);
7653 ok(access2[0].grfAccessMode ==
GRANT_ACCESS,
"Expected GRANT_ACCESS, got %d\n", access2[0].grfAccessMode);
7654 ok(access2[0].grfAccessPermissions ==
KEY_WRITE,
"Expected KEY_WRITE, got %ld\n", access2[0].grfAccessPermissions);
7656 "Expected TRUSTEE_IS_UNKNOWN trustee type, got %d\n", access2[0].
Trustee.
TrusteeType);
7658 ok(access2[0].grfInheritance ==
NO_INHERITANCE,
"Expected NO_INHERITANCE, got %lx\n", access2[0].grfInheritance);
7659 ok(
EqualSid(access2[0].Trustee.ptstrName, everyone_sid),
"Expected equal SIDs\n");
7666 ok(new_acl !=
NULL,
"returned acl was NULL\n");
7671 ok(
count == 2,
"Expected count == 2, got %ld\n",
count);
7672 ok(access2[0].grfAccessMode ==
GRANT_ACCESS,
"Expected GRANT_ACCESS, got %d\n", access2[0].grfAccessMode);
7673 ok(access2[0].grfAccessPermissions ==
KEY_WRITE,
"Expected KEY_WRITE, got %ld\n", access2[0].grfAccessPermissions);
7675 "Expected TRUSTEE_IS_UNKNOWN trustee type, got %d\n", access2[0].
Trustee.
TrusteeType);
7677 ok(access2[0].grfInheritance ==
NO_INHERITANCE,
"Expected NO_INHERITANCE, got %lx\n", access2[0].grfInheritance);
7678 ok(
EqualSid(access2[0].Trustee.ptstrName, everyone_sid),
"Expected equal SIDs\n");
7686 ok(new_acl !=
NULL,
"returned acl was NULL\n");
7691 ok(
count == 2,
"Expected count == 2, got %ld\n",
count);
7692 ok(access2[0].grfAccessMode ==
GRANT_ACCESS,
"Expected GRANT_ACCESS, got %d\n", access2[0].grfAccessMode);
7693 ok(access2[0].grfAccessPermissions ==
KEY_WRITE,
"Expected KEY_WRITE, got %ld\n", access2[0].grfAccessPermissions);
7695 "Expected TRUSTEE_IS_UNKNOWN trustee type, got %d\n", access2[0].
Trustee.
TrusteeType);
7697 ok(access2[0].grfInheritance ==
NO_INHERITANCE,
"Expected NO_INHERITANCE, got %lx\n", access2[0].grfInheritance);
7703 access.Trustee.ptstrName = users_sid;
7706 ok(new_acl !=
NULL,
"returned acl was NULL\n");
7708 access2 = (
void *)0xdeadbeef;
7711 ok(
count == 0,
"Expected count == 0, got %ld\n",
count);
7712 ok(access2 ==
NULL,
"access2 was not NULL\n");
7721 access.Trustee.ptstrName = everyone_sid;
7723 access.grfAccessPermissions = 0;
7727 ok(new_acl !=
NULL,
"returned acl was NULL\n");
7732 ok(
count == 2,
"Expected count == 2, got %ld\n",
count);
7735 ok(
FALSE,
"FIXME: access2 should not be null!\n");
7738 ok(access2[0].grfAccessMode ==
GRANT_ACCESS,
"Expected GRANT_ACCESS, got %d\n", access2[0].grfAccessMode);
7739 ok(access2[0].grfAccessPermissions ==
KEY_READ ,
"Expected KEY_READ, got %ld\n", access2[0].grfAccessPermissions);
7740 ok(
EqualSid(access2[0].Trustee.ptstrName, users_sid),
"Expected equal SIDs\n");
7741 ok(access2[1].grfAccessMode ==
DENY_ACCESS,
"Expected DENY_ACCESS, got %d\n", access2[1].grfAccessMode);
7742 ok(access2[1].grfAccessPermissions ==
KEY_WRITE,
"Expected KEY_WRITE, got %ld\n", access2[1].grfAccessPermissions);
7743 ok(
EqualSid(access2[1].Trustee.ptstrName, everyone_sid),
"Expected equal SIDs\n");
7765 buf_size =
sizeof(
buf);
7774 ok(new_sd !=
NULL,
"expected new_sd != NULL\n");
7777 new_sd = (
void *)0xdeadbeef;
7780 ok(new_sd == (
void *)0xdeadbeef,
"expected new_sd == 0xdeadbeef, got %p\n", new_sd);
7786 ok(new_sd !=
NULL,
"expected new_sd != NULL\n");
7794 PSID domainsid,
sid = sid_buffer, sid2 = sid_buffer2;
7799 ret =
AllocateAndInitializeSid(&
ident, 6,
SECURITY_NT_NON_UNIQUE, 12, 23, 34, 45, 56, 0, 0, &domainsid);
7816 size =
sizeof(sid_buffer);
7819 trace(
"Well known SID %u not supported\n",
i);
7838 size =
sizeof(sid_buffer2);
7876 char acl_buffer[200], everyone_sid_buffer[100], local_sid_buffer[100],
cmdline[300];
7879 SID *everyone_sid = (
SID *)everyone_sid_buffer;
7880 SID *local_sid = (
SID *)local_sid_buffer;
7881 ACL *acl = (
ACL *)acl_buffer;
7897 size =
sizeof(everyone_sid_buffer);
7900 size =
sizeof(local_sid_buffer);
7913 sa.lpSecurityDescriptor = &
sd;
7915 sid_attr.
Sid = local_sid;
7949 ok(!
ret,
"wait failed\n");
7957 ok(!event2,
"expected failure\n");
7966 ok(!
ret,
"expected failure\n");
7974 ret =
CreateProcessAsUserA(restricted,
NULL,
cmdline,
NULL,
NULL,
FALSE, 0,
NULL,
NULL, &
si, &
pi);
7982 ok(!
ret,
"expected failure\n");
7986 ok(!
ret,
"wait failed\n");
8010 ok(!event2,
"expected failure\n");
8018 ok(!
ret,
"expected failure\n");
8029 ok(!
ret,
"expected failure\n");
8034 ok(!
ret,
"expected failure\n");
8043#define join_process(a) join_process_(__LINE__, a)
8054 char cmdline[300], acl_buffer[200], sid_buffer[100];
8056 ACL *acl = (
ACL *)acl_buffer;
8066 size =
sizeof(sid_buffer);
8076 sa.lpSecurityDescriptor = &
sd;
8086 ret =
CreateProcessAsUserA(
NULL,
NULL,
cmdline,
NULL,
NULL,
FALSE, 0,
NULL,
NULL, &
si, &
pi);
8093 ret =
CreateProcessAsUserA(GetCurrentProcessToken(),
NULL,
cmdline,
NULL,
NULL,
FALSE, 0,
NULL,
NULL, &
si, &
pi);
8100 ret =
CreateProcessAsUserA(
token,
NULL,
cmdline,
NULL,
NULL,
FALSE, 0,
NULL,
NULL, &
si, &
pi);
8107 ret =
CreateProcessAsUserA(
token,
NULL,
cmdline,
NULL,
NULL,
FALSE, 0,
NULL,
NULL, &
si, &
pi);
8108 ok(!
ret,
"expected failure\n");
8114 ret =
CreateProcessAsUserA(
token,
NULL,
cmdline,
NULL,
NULL,
FALSE, 0,
NULL,
NULL, &
si, &
pi);
8115 ok(!
ret,
"expected failure\n");
8125 ret =
CreateProcessAsUserA(token2,
NULL,
cmdline,
NULL,
NULL,
FALSE, 0,
NULL,
NULL, &
si, &
pi);
8135 ret =
CreateProcessAsUserA(token2,
NULL,
cmdline,
NULL,
NULL,
FALSE, 0,
NULL,
NULL, &
si, &
pi);
8158 ok(!
event,
"expected failure\n");
8204 ok(!
ret,
"key %p: expected failure\n",
keys[
i]);
8213 "key %p: got error %u\n",
keys[
i],
ret);
8240 char prev_privs_buffer[128], ret_privs_buffer[1024];
8273 ok(!!priv,
"Privilege should exist\n");
8281 ok(!
ret,
"expected failure\n");
8286 ok(!!priv,
"Privilege should exist\n");
8309 ok(!!priv,
"Privilege should exist\n");
8322 ok(!!priv,
"Privilege should exist\n");
8332 todo_wine ok(!priv,
"Privilege shouldn't exist\n");
8338 attr.SecurityQualityOfService = &qos;
8368 ok(!
ret,
"expected failure\n");
8370 ok(
size == 0xdeadbeef,
"got size %lu\n",
size);
8374 ok(!
ret,
"expected failure\n");
8380 ok(!
ret,
"expected failure\n");
8382 ok(
size > 0 &&
size != 0xdeadbeef,
"got size 0\n");
8388 ok(!
ret,
"expected failure\n");
8390 ok(ret_size ==
size,
"expected size %lu, got %lu\n",
size, ret_size);
8394 ok(
ret,
"expected success\n");
8396 ok(ret_size ==
size,
"expected size %lu, got %lu\n",
size, ret_size);
8405 ok(!
ret,
"expected failure\n");
8411 ok(
ret,
"expected success\n");
8413 ok(ret_size ==
size,
"expected size %lu, got %lu\n",
size, ret_size);
8422 ok(!
sid,
"expected no owner SID\n");
8423 ok(!defaulted,
"expected owner not defaulted\n");
8427 ok(!
sid,
"expected no group SID\n");
8428 ok(!defaulted,
"expected group not defaulted\n");
8432 todo_wine ok(!present,
"expected no DACL present\n");
8437 ok(!present,
"expected no SACL present\n");
8467 skip(
"test_elevation() is invalid for WS03\n");
8483 win_skip(
"Failed to get linked token.\n");
8547 ok(!
ret,
"expected failure\n");
8552 ok(!
ret,
"expected failure\n");
8608 ok(!
ret,
"expected failure\n");
8613 ok(!
ret,
"expected failure\n");
8621 ok(
type == orig_type,
"expected same type\n");
8646 ok(
type == orig_type,
"expected same type\n");
8661 char prev_privs_buffer[128], acl_buffer[256], prev_acl_buffer[256];
8685 ok(!is_member,
"not a member\n");
8692 ok(is_member,
"not a member\n");
8732 char sd_buffer[200], sid_buffer[100];
8735 SID *admin_sid = (
SID *)sid_buffer;
8746 size =
sizeof(sid_buffer);
8753 skip(
"user is not an administrator\n");
8805 ok(!
ret,
"Unexpected return value %d.\n",
ret);
8812 ok(!
ret,
"Unexpected return value %d.\n",
ret);
8820 ok(
ret,
"Unexpected return value %d.\n",
ret);
8829 BOOL present, defaulted;
8843 ok(defaulted ==
FALSE,
"got defaulted %d\n", defaulted);
NTSTATUS NtQueryObject(IN HANDLE Handle, IN OBJECT_INFO_CLASS ObjectInformationClass, OUT PVOID ObjectInformation, IN ULONG ObjectInformationLength, OUT PULONG ReturnLength)
DWORD WINAPI SetEntriesInAclA(ULONG cCountOfExplicitEntries, PEXPLICIT_ACCESS_A pListOfExplicitEntries, PACL OldAcl, PACL *NewAcl)
DWORD WINAPI SetEntriesInAclW(ULONG cCountOfExplicitEntries, PEXPLICIT_ACCESS_W pListOfExplicitEntries, PACL OldAcl, PACL *NewAcl)
DWORD WINAPI GetExplicitEntriesFromAclW(PACL pacl, PULONG pcCountOfExplicitEntries, PEXPLICIT_ACCESS_W *pListOfExplicitEntries)
@ SE_PROVIDER_DEFINED_OBJECT
@ SE_REGISTRY_WOW64_64KEY
@ SE_REGISTRY_WOW64_32KEY
enum _SE_OBJECT_TYPE SE_OBJECT_TYPE
@ TRUSTEE_IS_OBJECTS_AND_SID
@ TRUSTEE_IS_OBJECTS_AND_NAME
@ TRUSTEE_IS_WELL_KNOWN_GROUP
static void startup(void)
static unsigned char bytes[4]
static struct sockaddr_in sa
static const WCHAR nameW[]
#define FILE_DELETE_ON_CLOSE
void account(int argc, const char *argv[])
void user(int argc, const char *argv[])
#define RegCloseKey(hKey)
#define ERROR_INSUFFICIENT_BUFFER
#define ERROR_INVALID_FUNCTION
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserA(_In_opt_ HANDLE hToken, _In_opt_ LPCSTR lpApplicationName, _Inout_opt_ LPSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCSTR lpCurrentDirectory, _In_ LPSTARTUPINFOA lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
LONG WINAPI RegCreateKeyExW(_In_ HKEY hKey, _In_ LPCWSTR lpSubKey, _In_ DWORD Reserved, _In_opt_ LPWSTR lpClass, _In_ DWORD dwOptions, _In_ REGSAM samDesired, _In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes, _Out_ PHKEY phkResult, _Out_opt_ LPDWORD lpdwDisposition)
LONG WINAPI RegOpenKeyExA(_In_ HKEY hKey, _In_ LPCSTR lpSubKey, _In_ DWORD ulOptions, _In_ REGSAM samDesired, _Out_ PHKEY phkResult)
LONG WINAPI RegDeleteKeyW(_In_ HKEY hKey, _In_ LPCWSTR lpSubKey)
NTSTATUS WINAPI LsaOpenPolicy(IN PLSA_UNICODE_STRING SystemName OPTIONAL, IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes, IN ACCESS_MASK DesiredAccess, OUT PLSA_HANDLE PolicyHandle)
NTSTATUS WINAPI LsaQueryInformationPolicy(IN LSA_HANDLE PolicyHandle, IN POLICY_INFORMATION_CLASS InformationClass, OUT PVOID *Buffer)
NTSTATUS WINAPI LsaFreeMemory(IN PVOID Buffer)
NTSTATUS WINAPI LsaClose(IN LSA_HANDLE ObjectHandle)
BOOL WINAPI LookupPrivilegeValueA(LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid)
BOOL WINAPI LookupAccountSidA(LPCSTR lpSystemName, PSID lpSid, LPSTR lpName, LPDWORD cchName, LPSTR lpReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse)
DWORD WINAPI SetSecurityInfo(HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
BOOL WINAPI GetUserNameW(LPWSTR lpszName, LPDWORD lpSize)
DWORD WINAPI GetSecurityInfo(HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
BOOL WINAPI GetUserNameA(LPSTR lpszName, LPDWORD lpSize)
BOOL WINAPI LookupAccountSidW(LPCWSTR pSystemName, PSID pSid, LPWSTR pAccountName, LPDWORD pdwAccountName, LPWSTR pDomainName, LPDWORD pdwDomainName, PSID_NAME_USE peUse)
BOOL WINAPI AdjustTokenPrivileges(HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength)
BOOL WINAPI GetAclInformation(PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
BOOL WINAPI LookupAccountNameA(LPCSTR SystemName, LPCSTR AccountName, PSID Sid, LPDWORD SidLength, LPSTR ReferencedDomainName, LPDWORD hReferencedDomainNameLength, PSID_NAME_USE SidNameUse)
BOOL WINAPI PrivilegeCheck(HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
static const ACEFLAG AceFlags[]
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
BOOL WINAPI ConvertSecurityDescriptorToStringSecurityDescriptorA(PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD SDRevision, SECURITY_INFORMATION Information, LPSTR *OutputString, PULONG OutputLen)
BOOL WINAPI CreateRestrictedToken(_In_ HANDLE ExistingTokenHandle, _In_ DWORD Flags, _In_ DWORD DisableSidCount, _In_reads_opt_(DisableSidCount) PSID_AND_ATTRIBUTES SidsToDisable, _In_ DWORD DeletePrivilegeCount, _In_reads_opt_(DeletePrivilegeCount) PLUID_AND_ATTRIBUTES PrivilegesToDelete, _In_ DWORD RestrictedSidCount, _In_reads_opt_(RestrictedSidCount) PSID_AND_ATTRIBUTES SidsToRestrict, _Outptr_ PHANDLE NewTokenHandle)
Creates a filtered token that is a restricted one of the regular access token. A restricted token can...
BOOL WINAPI DuplicateToken(IN HANDLE ExistingTokenHandle, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, OUT PHANDLE DuplicateTokenHandle)
BOOL WINAPI SetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength)
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorA(LPCSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize)
BOOL WINAPI InitializeSid(PSID Sid, PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount)
BOOL WINAPI ConvertStringSidToSidA(LPCSTR StringSid, PSID *Sid)
BOOL WINAPI EqualPrefixSid(PSID pSid1, PSID pSid2)
BOOL WINAPI ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
BOOL WINAPI AddAccessDeniedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
BOOL WINAPI AddAce(PACL pAcl, DWORD dwAceRevision, DWORD dwStartingAceIndex, LPVOID pAceList, DWORD nAceListLength)
BOOL WINAPI MakeAbsoluteSD(PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, LPDWORD lpdwAbsoluteSecurityDescriptorSize, PACL pDacl, LPDWORD lpdwDaclSize, PACL pSacl, LPDWORD lpdwSaclSize, PSID pOwner, LPDWORD lpdwOwnerSize, PSID pPrimaryGroup, LPDWORD lpdwPrimaryGroupSize)
PDWORD WINAPI GetSidSubAuthority(PSID pSid, DWORD nSubAuthority)
BOOL WINAPI SetThreadToken(IN PHANDLE ThreadHandle OPTIONAL, IN HANDLE TokenHandle)
BOOL WINAPI AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
DWORD WINAPI GetSidLengthRequired(UCHAR nSubAuthorityCount)
BOOL WINAPI IsValidSid(PSID pSid)
BOOL WINAPI IsWellKnownSid(IN PSID pSid, IN WELL_KNOWN_SID_TYPE WellKnownSidType)
BOOL WINAPI CopySid(DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid)
PUCHAR WINAPI GetSidSubAuthorityCount(PSID pSid)
BOOL WINAPI GetKernelObjectSecurity(HANDLE Handle, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
BOOL WINAPI AddAccessAllowedAce(PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
static const SID sidWorld
BOOL WINAPI AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
DWORD WINAPI GetLengthSid(PSID pSid)
BOOL WINAPI OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, HANDLE *TokenHandle)
PVOID WINAPI FreeSid(PSID pSid)
BOOL WINAPI ConvertSidToStringSidA(PSID Sid, LPSTR *StringSid)
BOOL WINAPI SetFileSecurityA(LPCSTR lpFileName, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor)
BOOL WINAPI GetWindowsAccountDomainSid(PSID sid, PSID domain_sid, DWORD *size)
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
BOOL WINAPI AccessCheck(IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN HANDLE ClientToken, IN DWORD DesiredAccess, IN PGENERIC_MAPPING GenericMapping, OUT PPRIVILEGE_SET PrivilegeSet OPTIONAL, IN OUT LPDWORD PrivilegeSetLength, OUT LPDWORD GrantedAccess, OUT LPBOOL AccessStatus)
BOOL WINAPI DuplicateTokenEx(IN HANDLE ExistingTokenHandle, IN DWORD dwDesiredAccess, IN LPSECURITY_ATTRIBUTES lpTokenAttributes OPTIONAL, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, IN TOKEN_TYPE TokenType, OUT PHANDLE DuplicateTokenHandle)
static const char * debugstr_sid(PSID sid)
DWORD WINAPI GetNamedSecurityInfoA(LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner, PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl, PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
BOOL WINAPI GetFileSecurityA(LPCSTR lpFileName, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
DWORD WINAPI SetNamedSecurityInfoA(LPSTR pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
PSID_IDENTIFIER_AUTHORITY WINAPI GetSidIdentifierAuthority(PSID pSid)
BOOL WINAPI EqualDomainSid(IN PSID pSid1, IN PSID pSid2, OUT BOOL *pfEqual)
BOOL WINAPI GetAce(PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
BOOL WINAPI AddAccessDeniedAce(PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
BOOL WINAPI AddAuditAccessAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD dwAccessMask, PSID pSid, BOOL bAuditSuccess, BOOL bAuditFailure)
BOOL WINAPI SetKernelObjectSecurity(HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
BOOL WINAPI CreateWellKnownSid(IN WELL_KNOWN_SID_TYPE WellKnownSidType, IN PSID DomainSid OPTIONAL, OUT PSID pSid, IN OUT DWORD *cbSid)
BOOL WINAPI LookupPrivilegeNameA(LPCSTR lpSystemName, PLUID lpLuid, LPSTR lpName, LPDWORD cchName)
BOOL WINAPI IsValidAcl(PACL pAcl)
BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW(LPCWSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize)
const char * wine_dbg_sprintf(const char *format,...)
#define ERROR_CALL_NOT_IMPLEMENTED
#define ERROR_INVALID_PARAMETER
struct _SECURITY_ATTRIBUTES SECURITY_ATTRIBUTES
#define ReadFile(a, b, c, d, e)
#define GetProcAddress(x, y)
#define INVALID_HANDLE_VALUE
#define CreateFileMappingW(a, b, c, d, e, f)
#define CreateFileA(a, b, c, d, e, f, g)
#define GetCurrentProcess()
#define ERROR_INVALID_HANDLE
#define FILE_ATTRIBUTE_NORMAL
#define ERROR_ACCESS_DENIED
static void cleanup(void)
BOOL WINAPI DeleteFileA(IN LPCSTR lpFileName)
BOOL WINAPI RemoveDirectoryA(IN LPCSTR lpPathName)
BOOL WINAPI CreateDirectoryA(IN LPCSTR lpPathName, IN LPSECURITY_ATTRIBUTES lpSecurityAttributes)
BOOL WINAPI SetFileAttributesA(LPCSTR lpFileName, DWORD dwFileAttributes)
BOOL WINAPI SetEndOfFile(HANDLE hFile)
DWORD WINAPI GetFileAttributesA(LPCSTR lpFileName)
BOOL WINAPI WriteFile(IN HANDLE hFile, IN LPCVOID lpBuffer, IN DWORD nNumberOfBytesToWrite OPTIONAL, OUT LPDWORD lpNumberOfBytesWritten, IN LPOVERLAPPED lpOverlapped OPTIONAL)
BOOL WINAPI DuplicateHandle(IN HANDLE hSourceProcessHandle, IN HANDLE hSourceHandle, IN HANDLE hTargetProcessHandle, OUT LPHANDLE lpTargetHandle, IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwOptions)
HMODULE WINAPI DECLSPEC_HOTPATCH GetModuleHandleA(LPCSTR lpModuleName)
UINT WINAPI GetWindowsDirectoryA(OUT LPSTR lpBuffer, IN UINT uSize)
DWORD WINAPI GetTempPathA(IN DWORD nBufferLength, OUT LPSTR lpBuffer)
BOOL WINAPI TerminateProcess(IN HANDLE hProcess, IN UINT uExitCode)
HANDLE WINAPI OpenProcess(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwProcessId)
HANDLE WINAPI OpenThread(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwThreadId)
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
BOOL WINAPI TerminateThread(IN HANDLE hThread, IN DWORD dwExitCode)
LANGID WINAPI GetSystemDefaultLangID(void)
int WINAPI lstrcmpA(LPCSTR str1, LPCSTR str2)
int WINAPI lstrcmpiA(LPCSTR str1, LPCSTR str2)
const WCHAR windows_dir[]
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessA(const char *app_name, char *cmd_line, SECURITY_ATTRIBUTES *process_attr, SECURITY_ATTRIBUTES *thread_attr, BOOL inherit, DWORD flags, void *env, const char *cur_dir, STARTUPINFOA *startup_info, PROCESS_INFORMATION *info)
BOOL WINAPI SetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR descr, PSID group, BOOL defaulted)
BOOL WINAPI SetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR descr, PSID owner, BOOL defaulted)
BOOL WINAPI SetSecurityDescriptorControl(PSECURITY_DESCRIPTOR descr, SECURITY_DESCRIPTOR_CONTROL mask, SECURITY_DESCRIPTOR_CONTROL set)
BOOL WINAPI CheckTokenMembership(HANDLE token, PSID sid_to_check, PBOOL is_member)
BOOL WINAPI GetPrivateObjectSecurity(PSECURITY_DESCRIPTOR obj_descr, SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR ret_descr, DWORD len, PDWORD ret_len)
BOOL WINAPI ImpersonateLoggedOnUser(HANDLE token)
BOOL WINAPI IsValidSecurityDescriptor(PSECURITY_DESCRIPTOR descr)
BOOL WINAPI SetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR descr, BOOL present, PACL sacl, BOOL defaulted)
BOOL WINAPI RevertToSelf(void)
BOOL WINAPI AddMandatoryAce(PACL acl, DWORD rev, DWORD flags, DWORD policy, PSID sid)
FILE *CDECL tmpfile(void)
_ACRTIMP int __cdecl memcmp(const void *, const void *, size_t)
_ACRTIMP int __cdecl atoi(const char *)
_ACRTIMP __int64 __cdecl _atoi64(const char *)
_ACRTIMP size_t __cdecl strlen(const char *)
_ACRTIMP int __cdecl strcmp(const char *, const char *)
_In_ uint64_t _In_ uint64_t _In_ uint64_t _In_opt_ traverse_ptr * tp
static PVOID Mapping[EMS_PHYSICAL_PAGES]
HANDLE NTAPI CreateFileMappingA(IN HANDLE hFile, IN LPSECURITY_ATTRIBUTES lpFileMappingAttributes, IN DWORD flProtect, IN DWORD dwMaximumSizeHigh, IN DWORD dwMaximumSizeLow, IN LPCSTR lpName)
HANDLE NTAPI OpenFileMappingA(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN LPCSTR lpName)
UINT WINAPI GetTempFileNameA(IN LPCSTR lpPathName, IN LPCSTR lpPrefixString, IN UINT uUnique, OUT LPSTR lpTempFileName)
#define STATUS_ACCESS_VIOLATION
GLuint GLuint GLsizei count
GLuint GLuint GLsizei GLenum type
GLdouble GLdouble GLdouble r
GLsizei const GLchar *const * strings
GLboolean GLboolean GLboolean b
GLenum GLuint GLenum GLsizei const GLchar * buf
GLuint GLsizei GLsizei * length
GLuint GLint GLboolean GLint GLenum access
GLenum GLenum GLenum GLenum mapping
GLfloat GLfloat GLfloat GLfloat h
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat token
HLOCAL NTAPI LocalFree(HLOCAL hMem)
#define PROCESS_SUSPEND_RESUME
#define PROCESS_TERMINATE
#define PROCESS_QUERY_INFORMATION
#define THREAD_SET_THREAD_TOKEN
#define PROCESS_CREATE_THREAD
#define THREAD_QUERY_INFORMATION
#define PROCESS_VM_OPERATION
#define PROCESS_SET_INFORMATION
#define PROCESS_CREATE_PROCESS
#define PROCESS_SET_QUOTA
#define THREAD_SET_CONTEXT
#define PROCESS_DUP_HANDLE
#define THREAD_SUSPEND_RESUME
#define THREAD_GET_CONTEXT
enum _SID_NAME_USE SID_NAME_USE
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
WORD SECURITY_DESCRIPTOR_CONTROL
LPSTR WINAPI lstrcatA(LPSTR lpString1, LPCSTR lpString2)
int WINAPI lstrlenA(LPCSTR lpString)
void __cdecl void __cdecl void __cdecl void __cdecl void __cdecl winetest_push_context(const char *fmt,...) __WINE_PRINTF_ATTR(1
#define todo_wine_if(is_todo)
void __cdecl void __cdecl void __cdecl void __cdecl void __cdecl void winetest_pop_context(void)
#define memcpy(s1, s2, n)
#define ERROR_ALREADY_EXISTS
#define FILE_FLAG_BACKUP_SEMANTICS
#define FILE_FLAG_DELETE_ON_CLOSE
#define ERROR_FILE_NOT_FOUND
static void test_CreateWellKnownSid(void)
static void test_pseudo_handle_security(void)
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR ObjectTypeName
static void test_GetSidIdentifierAuthority(void)
static void test_EqualDomainSid(void)
static NTSTATUS *static PUNICODE_STRING
static void test_AddMandatoryAce(void)
#define TEST_GRANTED_ACCESS(a, b)
static void test_token_attr(void)
static void test_duplicate_handle_access_child(void)
#define SE_TAKE_OWNERSHIP_PRIVILEGE
static void test_duplicate_token(void)
#define PROCESS_ALL_ACCESS_VISTA
static void test_GetExplicitEntriesFromAclW(void)
#define THREAD_QUERY_LIMITED_INFORMATION
static POBJECTS_AND_SID pObjSid
#define SE_MIN_WELL_KNOWN_PRIVILEGE
#define EVENT_QUERY_STATE
static BOOL get_sid_info(PSID psid, LPSTR *user, LPSTR *dom)
#define SE_SYSTEM_PROFILE_PRIVILEGE
#define SE_SYNC_AGENT_PRIVILEGE
#define THREAD_SET_LIMITED_INFORMATION
static void test_elevation(void)
#define SE_REMOTE_SHUTDOWN_PRIVILEGE
#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE
static void test_window_security(void)
static void test_kernel_objects_security(void)
static void test_GetTokenInformation(void)
static void test_CheckTokenMembership(void)
static DWORD WINAPI duplicate_handle_access_thread(void *arg)
static void test_AdjustTokenPrivileges(void)
static void test_AccessCheck(void)
static void test_AddAce(void)
static void test_create_process_token_child(void)
static void test_system_security_access(void)
#define PROCESS_ALL_ACCESS_NT4
static void test_file_security(HANDLE token)
static void test_process_security_child(void)
static void test_lookupPrivilegeName(void)
static void test_owner_equal(HANDLE Handle, PSID expected, int line)
static POBJECTS_AND_NAME_A pObjName
static void test_duplicate_handle_access(void)
static void test_EqualSid(void)
#define SE_IMPERSONATE_PRIVILEGE
#define SE_DEBUG_PRIVILEGE
#define SE_CREATE_TOKEN_PRIVILEGE
static POBJECTS_AND_SID GUID * pObjectGuid
static void test_InitializeAcl(void)
#define CHECK_SET_SECURITY(o, i, e)
static void test_default_dacl_owner_group_sid(void)
static void test_LookupAccountName(void)
static void test_process_security(void)
#define SE_SYSTEMTIME_PRIVILEGE
static void test_group_as_file_owner(void)
#define SE_CREATE_PERMANENT_PRIVILEGE
#define SE_MACHINE_ACCOUNT_PRIVILEGE
static void test_SetSecurityDescriptorControl(PSECURITY_DESCRIPTOR sec)
#define THREAD_ALL_ACCESS_NT4
static void test_IsValidSecurityDescriptor(void)
#define SE_SECURITY_PRIVILEGE
static TOKEN_USER * get_alloc_token_user(HANDLE token)
static void test_LookupAccountSid(void)
static void test_GetWindowsAccountDomainSid(void)
static void test_child_token_sd(void)
#define expect_eq(expr, value, type, format)
static ACCESS_MASK get_obj_access(HANDLE obj)
static SECURITY_DESCRIPTOR * test_get_security_descriptor(HANDLE handle, int line)
static void test_semaphore_security(HANDLE token)
#define CHECK_ONE_OF_AND_FREE(exp_str1, exp_str2)
static void test_FileSecurity(void)
static void test_inherited_dacl(PACL dacl, PSID admin_sid, PSID user_sid, DWORD flags, DWORD mask, BOOL todo_count, BOOL todo_sid, BOOL todo_flags, int line)
#define SE_AUDIT_PRIVILEGE
static void test_ConvertStringSecurityDescriptor(void)
#define SEMAPHORE_QUERY_STATE
#define TEST_GRANTED_ACCESS2(a, b, c)
#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE
static void join_process_(int line, const PROCESS_INFORMATION *pi)
static void test_CreateDirectoryA(void)
static void test_maximum_allowed(void)
#define SE_MANAGE_VOLUME_PRIVILEGE
static TOKEN_OWNER * get_alloc_token_owner(HANDLE token)
#define SE_INC_BASE_PRIORITY_PRIVILEGE
static const struct well_known_sid_value well_known_sid_values[]
static void test_GetNamedSecurityInfoA(void)
static void test_GetUserNameW(void)
static void test_GetSecurityInfo(void)
static void test_lookupPrivilegeValue(void)
static void test_GetUserNameA(void)
static void test_impersonation_level(void)
static void test_event_security(HANDLE token)
static void check_token_label(HANDLE token, DWORD *level, BOOL sacl_inherited)
static void test_PrivateObjectSecurity(void)
static void test_GetSidSubAuthority(void)
static void test_create_process_token(void)
#define SE_UNDOCK_PRIVILEGE
static void test_TokenIntegrityLevel(void)
static void test_mutex_security(HANDLE token)
static TOKEN_PRIMARY_GROUP * get_alloc_token_primary_group(HANDLE token)
static void test_SetEntriesInAclW(void)
static void test_token_security_descriptor(void)
#define SE_SHUTDOWN_PRIVILEGE
#define SE_LOCK_MEMORY_PRIVILEGE
static void test_token_label(void)
#define SE_BACKUP_PRIVILEGE
#define SE_RESTORE_PRIVILEGE
static void test_pseudo_tokens(void)
#define PROCESS_QUERY_LIMITED_INFORMATION
static void test_default_handle_security(HANDLE token, HANDLE handle, GENERIC_MAPPING *mapping)
static void test_sid_str(PSID *sid)
static void get_nt_pathW(const char *name, UNICODE_STRING *nameW)
static POBJECTS_AND_SID GUID GUID * pInheritedObjectGuid
static void test_CreateRestrictedToken(void)
static void test_allocateLuid(void)
#define SE_PROF_SINGLE_PROCESS_PRIVILEGE
static void test_named_pipe_security(HANDLE token)
static void test_SetEntriesInAclA(void)
static void test_trustee(void)
static void test_ConvertSecurityDescriptorToString(void)
static void test_security_descriptor(void)
static void test_thread_security(void)
static void check_different_token(HANDLE token1, HANDLE token2)
static void test_filemap_security(void)
#define SE_CHANGE_NOTIFY_PRIVILEGE
#define SE_ENABLE_DELEGATION_PRIVILEGE
static void check_wellknown_name(const char *name, WELL_KNOWN_SID_TYPE result)
#define CHECK_RESULT_AND_FREE(exp_str)
static BOOL validate_impersonation_token(HANDLE token, DWORD *token_type)
#define SE_INCREASE_QUOTA_PRIVILEGE
static void test_BuildSecurityDescriptorW(void)
#define SE_LOAD_DRIVER_PRIVILEGE
static const LUID_AND_ATTRIBUTES * find_privilege(const TOKEN_PRIVILEGES *privs, const LUID *luid)
static void validate_default_security_descriptor(SECURITY_DESCRIPTOR *sd)
static void test_granted_access(HANDLE handle, ACCESS_MASK access, ACCESS_MASK alt, int line)
#define SE_MAX_WELL_KNOWN_PRIVILEGE
#define SE_CREATE_GLOBAL_PRIVILEGE
static void test_ConvertStringSidToSid(void)
static void test_GetKernelObjectSecurity(void)
static NTSTATUS *static PWSTR CURDIR *static HMODULE hmod
#define THREAD_ALL_ACCESS_VISTA
static POBJECTS_AND_NAME_A SE_OBJECT_TYPE LPSTR LPSTR InheritedObjectTypeName
static void test_process_access(void)
#define SE_CREATE_PAGEFILE_PRIVILEGE
static void test_group_equal(HANDLE Handle, PSID expected, int line)
D3D11_SHADER_VARIABLE_DESC desc
static PROCESS_INFORMATION pi
static const char filler[0x1000]
static HINSTANCE hkernel32
static WCHAR computer_name[MAX_COMPUTERNAME_LENGTH+1]
static WCHAR user_name[UNLEN+1]
static HANDLE PIO_APC_ROUTINE PVOID PIO_STATUS_BLOCK io
static SCRIPT_CACHE SCRIPT_ANALYSIS * psa
struct _SECURITY_DESCRIPTOR * PSECURITY_DESCRIPTOR
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
DWORD SECURITY_INFORMATION
#define MUTANT_ALL_ACCESS
#define MUTANT_QUERY_STATE
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ SaclSize PACL _Inout_ PULONG _Out_writes_bytes_to_opt_ OwnerSize PSID Owner
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
#define SE_GROUP_USE_FOR_DENY_ONLY
#define SE_GROUP_INTEGRITY_ENABLED
#define SE_GROUP_INTEGRITY
#define SE_GROUP_LOGON_ID
#define SE_GROUP_MANDATORY
#define SE_GROUP_ENABLED_BY_DEFAULT
HANDLE WINAPI CreateNamedPipeA(LPCSTR lpName, DWORD dwOpenMode, DWORD dwPipeMode, DWORD nMaxInstances, DWORD nOutBufferSize, DWORD nInBufferSize, DWORD nDefaultTimeOut, LPSECURITY_ATTRIBUTES lpSecurityAttributes)
#define SPECIFIC_RIGHTS_ALL
#define SECTION_MAP_EXECUTE
#define THREAD_ALL_ACCESS
#define SECTION_MAP_WRITE
#define FILE_ATTRIBUTE_READONLY
#define FILE_GENERIC_EXECUTE
#define FILE_ATTRIBUTE_COMPRESSED
#define ACCESS_SYSTEM_SECURITY
#define PAGE_EXECUTE_READ
#define SECTION_ALL_ACCESS
#define FILE_READ_ATTRIBUTES
#define PROCESS_ALL_ACCESS
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
#define FILE_DELETE_CHILD
#define FILE_SHARE_DELETE
#define STANDARD_RIGHTS_READ
#define STANDARD_RIGHTS_ALL
#define STANDARD_RIGHTS_WRITE
#define FILE_ATTRIBUTE_ARCHIVE
#define PAGE_EXECUTE_WRITECOPY
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define STANDARD_RIGHTS_EXECUTE
NTSTATUS NTAPI NtCreateFile(OUT PHANDLE FileHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PLARGE_INTEGER AllocationSize OPTIONAL, IN ULONG FileAttributes, IN ULONG ShareAccess, IN ULONG CreateDisposition, IN ULONG CreateOptions, IN PVOID EaBuffer OPTIONAL, IN ULONG EaLength)
#define THREAD_SET_INFORMATION
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
#define FILE_GENERIC_READ
#define PAGE_EXECUTE_READWRITE
#define FILE_GENERIC_WRITE
#define STANDARD_RIGHTS_REQUIRED
#define FILE_ATTRIBUTE_NOT_CONTENT_INDEXED
#define STATUS_GENERIC_NOT_MAPPED
#define FILE_FLAG_FIRST_PIPE_INSTANCE
@ PolicyAccountDomainInformation
#define POLICY_VIEW_LOCAL_INFORMATION
#define POLICY_ALL_ACCESS
#define OBJ_CASE_INSENSITIVE
int winetest_get_mainargs(char ***pargv)
#define wait_child_process
#define _WIN32_WINNT_WIN10
#define _WIN32_WINNT_WS03
#define _WIN32_WINNT_WIN7
#define _WIN32_WINNT_VISTA
DWORD WINAPI BuildSecurityDescriptorW(IN PTRUSTEE_W pOwner OPTIONAL, IN PTRUSTEE_W pGroup OPTIONAL, IN ULONG cCountOfAccessEntries, IN PEXPLICIT_ACCESS_W pListOfAccessEntries OPTIONAL, IN ULONG cCountOfAuditEntries, IN PEXPLICIT_ACCESS_W pListOfAuditEntries OPTIONAL, IN PSECURITY_DESCRIPTOR pOldSD OPTIONAL, OUT PULONG pSizeNewSD, OUT PSECURITY_DESCRIPTOR *pNewSD)
BOOL WINAPI GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
BOOL WINAPI GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pGroup, LPBOOL lpbGroupDefaulted)
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
BOOL WINAPI GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbSaclPresent, PACL *pSacl, LPBOOL lpbSaclDefaulted)
BOOL WINAPI MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, LPDWORD lpdwBufferLength)
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
BOOL WINAPI GetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pOwner, LPBOOL lpbOwnerDefaulted)
#define STATUS_BUFFER_TOO_SMALL
NTSTATUS WINAPI NtSetSecurityObject(HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
BOOL WINAPI SHIM_OBJ_NAME() GetComputerNameA(LPSTR lpBuffer, LPDWORD lpnSize)
static char tmpdir[MAX_PATH]
TCHAR str_pos[MAX_LOADSTRING]
DWORD grfAccessPermissions
ACCESS_MODE grfAccessMode
DWORD grfAccessPermissions
ACCESS_MODE grfAccessMode
char max[SECURITY_MAX_SID_SIZE]
LPSTR InheritedObjectTypeName
SE_OBJECT_TYPE ObjectType
GUID InheritedObjectTypeGuid
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
LPVOID lpSecurityDescriptor
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
struct _TRUSTEE_A * pMultipleTrustee
struct _TRUSTEE_W * pMultipleTrustee
MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation
SID_IDENTIFIER_AUTHORITY auth
DWORD WINAPI WaitForSingleObject(IN HANDLE hHandle, IN DWORD dwMilliseconds)
HANDLE WINAPI DECLSPEC_HOTPATCH CreateEventA(IN LPSECURITY_ATTRIBUTES lpEventAttributes OPTIONAL, IN BOOL bManualReset, IN BOOL bInitialState, IN LPCSTR lpName OPTIONAL)
HANDLE WINAPI DECLSPEC_HOTPATCH CreateMutexA(IN LPSECURITY_ATTRIBUTES lpMutexAttributes OPTIONAL, IN BOOL bInitialOwner, IN LPCSTR lpName OPTIONAL)
HANDLE WINAPI DECLSPEC_HOTPATCH OpenEventA(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN LPCSTR lpName)
HANDLE WINAPI DECLSPEC_HOTPATCH CreateSemaphoreA(IN LPSECURITY_ATTRIBUTES lpSemaphoreAttributes OPTIONAL, IN LONG lInitialCount, IN LONG lMaximumCount, IN LPCSTR lpName OPTIONAL)
HANDLE WINAPI DECLSPEC_HOTPATCH OpenMutexA(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN LPCSTR lpName)
HANDLE WINAPI DECLSPEC_HOTPATCH OpenSemaphoreA(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN LPCSTR lpName)
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
#define FIELD_OFFSET(t, f)
#define STATUS_ACCESS_DENIED
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
#define success(from, fromstr, to, tostr)
#define SEMAPHORE_MODIFY_STATE
#define PIPE_ACCESS_INBOUND
DWORD WINAPI GetLastError(void)
#define STARTF_USESHOWWINDOW
HANDLE WINAPI GetCurrentThread(void)
#define NMPWAIT_USE_DEFAULT_WAIT
#define PIPE_ACCESS_DUPLEX
DWORD WINAPI GetCurrentThreadId(void)
#define EVENT_MODIFY_STATE
DWORD WINAPI GetCurrentProcessId(void)
#define SEMAPHORE_ALL_ACCESS
#define PIPE_ACCESS_OUTBOUND
#define PIPE_UNLIMITED_INSTANCES
_In_ PSID _Out_writes_to_opt_ cchName LPSTR _Inout_ LPDWORD cchName
#define MUTEX_MODIFY_STATE
_In_ ULONG _In_ ULONG_PTR ident
#define ERROR_INVALID_SECURITY_DESCR
#define ERROR_INVALID_DATATYPE
#define ERROR_TRUSTED_DOMAIN_FAILURE
#define ERROR_BAD_TOKEN_TYPE
#define ERROR_NON_DOMAIN_SID
#define ERROR_UNKNOWN_REVISION
#define RPC_S_INVALID_STRING_UUID
#define ERROR_NO_SUCH_PRIVILEGE
#define ERROR_INVALID_ACL
#define ERROR_CANT_OPEN_ANONYMOUS
#define ERROR_BAD_DESCRIPTOR_FORMAT
#define ERROR_NO_SECURITY_ON_OBJECT
#define ERROR_NO_IMPERSONATION_TOKEN
#define ERROR_BAD_IMPERSONATION_LEVEL
#define ERROR_INVALID_SID
#define ERROR_GENERIC_NOT_MAPPED
#define ERROR_NO_SUCH_LOGON_SESSION
#define RPC_S_SERVER_UNAVAILABLE
#define ERROR_TRUSTED_RELATIONSHIP_FAILURE
#define RPC_S_INVALID_NET_ADDR
#define ERROR_PRIVILEGE_NOT_HELD
#define ERROR_NONE_MAPPED
#define PROCESS_SET_LIMITED_INFORMATION
@ TokenElevationTypeLimited
@ TokenElevationTypeDefault
#define HKEY_LOCAL_MACHINE
#define HKEY_CURRENT_CONFIG
#define HKEY_CURRENT_USER
#define HKEY_PERFORMANCE_DATA
#define HKEY_CLASSES_ROOT
HDESK WINAPI GetThreadDesktop(_In_ DWORD)
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
#define DUPLICATE_SAME_ACCESS
_Out_ PBOOLEAN _Out_ PBOOLEAN _Out_ PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
_In_opt_ PVOID _In_opt_ PUNICODE_STRING _In_ PSECURITY_DESCRIPTOR _In_ PACCESS_STATE _In_ BOOLEAN _In_ BOOLEAN AccessGranted
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET _In_ PGENERIC_MAPPING _In_ KPROCESSOR_MODE _Out_ PACCESS_MASK _Out_ PNTSTATUS AccessStatus
#define VALID_INHERIT_FLAGS
#define LABEL_SECURITY_INFORMATION
#define CONTAINER_INHERIT_ACE
#define DOMAIN_ALIAS_RID_USERS
#define TOKEN_QUERY_SOURCE
#define SE_OWNER_DEFAULTED
#define DOMAIN_GROUP_RID_SCHEMA_ADMINS
#define SECURITY_BUILTIN_DOMAIN_RID
#define DOMAIN_USER_RID_ADMIN
#define DACL_SECURITY_INFORMATION
#define SE_SACL_PROTECTED
#define SE_DACL_DEFAULTED
struct _TOKEN_USER TOKEN_USER
#define ACE_INHERITED_OBJECT_TYPE_PRESENT
#define SE_DACL_PROTECTED
#define SE_DACL_AUTO_INHERITED
#define SECURITY_WORLD_SID_AUTHORITY
#define TOKEN_ADJUST_PRIVILEGES
#define DOMAIN_GROUP_RID_CONTROLLERS
#define DOMAIN_GROUP_RID_COMPUTERS
#define SECURITY_WORLD_RID
#define DOMAIN_GROUP_RID_POLICY_ADMINS
#define SECURITY_STATIC_TRACKING
#define ACCESS_ALLOWED_ACE_TYPE
#define SECURITY_MANDATORY_LABEL_AUTHORITY
#define SECURITY_LOCAL_SYSTEM_RID
#define SE_DACL_AUTO_INHERIT_REQ
#define DOMAIN_GROUP_RID_GUESTS
#define OWNER_SECURITY_INFORMATION
#define DOMAIN_USER_RID_GUEST
#define SE_SACL_DEFAULTED
struct _SECURITY_DESCRIPTOR_RELATIVE SECURITY_DESCRIPTOR_RELATIVE
#define SE_SACL_AUTO_INHERITED
#define SECURITY_NT_AUTHORITY
#define DOMAIN_ALIAS_RID_RAS_SERVERS
#define DOMAIN_GROUP_RID_CERT_ADMINS
#define OBJECT_INHERIT_ACE
@ TokenImpersonationLevel
#define TOKEN_ASSIGN_PRIMARY
#define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP
#define NO_PROPAGATE_INHERIT_ACE
#define SECURITY_MANDATORY_HIGH_RID
#define TOKEN_ADJUST_DEFAULT
#define SYSTEM_MANDATORY_LABEL_ACE_TYPE
#define SECURITY_DESCRIPTOR_REVISION
* PSID_IDENTIFIER_AUTHORITY
#define TOKEN_ADJUST_GROUPS
#define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP
#define SE_SACL_AUTO_INHERIT_REQ
#define GROUP_SECURITY_INFORMATION
#define ACE_OBJECT_TYPE_PRESENT
#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS
#define TOKEN_IMPERSONATE
#define SE_PRIVILEGE_ENABLED
#define SECURITY_DESCRIPTOR_MIN_LENGTH
#define SE_GROUP_DEFAULTED
#define PRIVILEGE_SET_ALL_NECESSARY
#define SID_MAX_SUB_AUTHORITIES
#define SACL_SECURITY_INFORMATION
#define SE_RM_CONTROL_VALID
#define DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_GROUP_RID_ADMINS
#define SE_PRIVILEGE_REMOVED
#define SECURITY_DESCRIPTOR_REVISION1
#define SECURITY_MANDATORY_MEDIUM_RID
#define SECURITY_MANDATORY_LOW_RID
struct _PRIVILEGE_SET PRIVILEGE_SET
#define SECURITY_MAX_SID_SIZE
#define SECURITY_NT_NON_UNIQUE
#define DOMAIN_GROUP_RID_USERS
1.9.6