26#define WIN32_NO_STATUS
40#define GetCurrentProcessToken() ((HANDLE)~(ULONG_PTR)3)
41#define GetCurrentThreadToken() ((HANDLE)~(ULONG_PTR)4)
42#define GetCurrentThreadEffectiveToken() ((HANDLE)~(ULONG_PTR)5)
44#ifndef PROCESS_QUERY_LIMITED_INFORMATION
45#define PROCESS_QUERY_LIMITED_INFORMATION 0x1000
49#define PROCESS_ALL_ACCESS_NT4 (PROCESS_ALL_ACCESS & ~0xf000)
50#define PROCESS_ALL_ACCESS_VISTA (PROCESS_ALL_ACCESS | 0xf000)
52#ifndef EVENT_QUERY_STATE
53#define EVENT_QUERY_STATE 0x0001
56#ifndef SEMAPHORE_QUERY_STATE
57#define SEMAPHORE_QUERY_STATE 0x0001
60#ifndef THREAD_SET_LIMITED_INFORMATION
61#define THREAD_SET_LIMITED_INFORMATION 0x0400
62#define THREAD_QUERY_LIMITED_INFORMATION 0x0800
65#define THREAD_ALL_ACCESS_NT4 (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x3ff)
66#define THREAD_ALL_ACCESS_VISTA (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0xffff)
68#define expect_eq(expr, value, type, format) { type ret_ = expr; ok((value) == ret_, #expr " expected " format " got " format "\n", (value), (ret_)); }
134static NTSTATUS (
WINAPI *pNtCreateFile)(
PHANDLE,
ACCESS_MASK,
POBJECT_ATTRIBUTES,
PIO_STATUS_BLOCK,
PLARGE_INTEGER,
ULONG,
ULONG,
ULONG,
ULONG,
PVOID,
ULONG);
159 else if (
strlen(sidstr) >
sizeof(*debugsid_str) - 1)
195 pConvertStringSecurityDescriptorToSecurityDescriptorA =
196 (
void *)
GetProcAddress(
hmod,
"ConvertStringSecurityDescriptorToSecurityDescriptorA" );
197 pConvertStringSecurityDescriptorToSecurityDescriptorW =
198 (
void *)
GetProcAddress(
hmod,
"ConvertStringSecurityDescriptorToSecurityDescriptorW" );
199 pConvertSecurityDescriptorToStringSecurityDescriptorA =
200 (
void *)
GetProcAddress(
hmod,
"ConvertSecurityDescriptorToStringSecurityDescriptorA" );
212 pSetSecurityDescriptorControl = (
void *)
GetProcAddress(
hmod,
"SetSecurityDescriptorControl");
219 pGetWindowsAccountDomainSid = (
void *)
GetProcAddress(
hmod,
"GetWindowsAccountDomainSid");
220 pGetSidIdentifierAuthority = (
void *)
GetProcAddress(
hmod,
"GetSidIdentifierAuthority");
222 pGetExplicitEntriesFromAclW = (
void *)
GetProcAddress(
hmod,
"GetExplicitEntriesFromAclW");
237 ok_(__FILE__,
line)(!
ret,
"GetKernelObjectSecurity should fail\n");
239 ok_(__FILE__,
line)(needed != 0xdeadbeef,
"GetKernelObjectSecurity should return required buffer length\n");
249 ok_(__FILE__,
line)(needed ==
length || needed == 0 ,
"GetKernelObjectSecurity should return %u instead of %u\n",
length, needed);
258 BOOL owner_defaulted;
267 ok_(__FILE__,
line)(!owner_defaulted,
"Defaulted is true\n");
277 BOOL group_defaulted;
286 ok_(__FILE__,
line)(!group_defaulted,
"Defaulted is true\n");
298 { { {0x00,0x00,0x33,0x44,0x55,0x66} },
"S-1-860116326-1" },
299 { { {0x00,0x00,0x01,0x02,0x03,0x04} },
"S-1-16909060-1" },
300 { { {0x00,0x00,0x00,0x01,0x02,0x03} },
"S-1-66051-1" },
301 { { {0x00,0x00,0x00,0x00,0x01,0x02} },
"S-1-258-1" },
302 { { {0x00,0x00,0x00,0x00,0x00,0x02} },
"S-1-2-1" },
303 { { {0x00,0x00,0x00,0x00,0x00,0x0c} },
"S-1-12-1" },
312 {
"AC", WinBuiltinAnyPackageSid,
TRUE },
313 {
"AN", WinAnonymousSid },
314 {
"AO", WinBuiltinAccountOperatorsSid },
315 {
"AU", WinAuthenticatedUserSid },
316 {
"BA", WinBuiltinAdministratorsSid },
317 {
"BG", WinBuiltinGuestsSid },
318 {
"BO", WinBuiltinBackupOperatorsSid },
319 {
"BU", WinBuiltinUsersSid },
320 {
"CA", WinAccountCertAdminsSid,
TRUE},
321 {
"CG", WinCreatorGroupSid },
322 {
"CO", WinCreatorOwnerSid },
323 {
"DA", WinAccountDomainAdminsSid,
TRUE},
324 {
"DC", WinAccountComputersSid,
TRUE},
325 {
"DD", WinAccountControllersSid,
TRUE},
326 {
"DG", WinAccountDomainGuestsSid,
TRUE},
327 {
"DU", WinAccountDomainUsersSid,
TRUE},
328 {
"EA", WinAccountEnterpriseAdminsSid,
TRUE},
329 {
"ED", WinEnterpriseControllersSid },
330 {
"IU", WinInteractiveSid },
331 {
"LA", WinAccountAdministratorSid },
332 {
"LG", WinAccountGuestSid },
333 {
"LS", WinLocalServiceSid },
334 {
"NO", WinBuiltinNetworkConfigurationOperatorsSid },
335 {
"NS", WinNetworkServiceSid },
336 {
"NU", WinNetworkSid },
337 {
"PA", WinAccountPolicyAdminsSid,
TRUE},
338 {
"PO", WinBuiltinPrintOperatorsSid },
339 {
"PS", WinSelfSid },
340 {
"PU", WinBuiltinPowerUsersSid },
341 {
"RC", WinRestrictedCodeSid },
342 {
"RD", WinBuiltinRemoteDesktopUsersSid },
343 {
"RE", WinBuiltinReplicatorSid },
344 {
"RS", WinAccountRasAndIasServersSid,
TRUE },
345 {
"RU", WinBuiltinPreWindows2000CompatibleAccessSid },
346 {
"SA", WinAccountSchemaAdminsSid,
TRUE },
347 {
"SO", WinBuiltinSystemOperatorsSid },
348 {
"SU", WinServiceSid },
349 {
"SY", WinLocalSystemSid },
350 {
"WD", WinWorldSid },
353 const char noSubAuthStr[] =
"S-1-5";
355 PSID psid, domain_sid;
360 if( !pConvertStringSidToSidA )
362 win_skip(
"ConvertSidToStringSidA or ConvertStringSidToSidA not available\n");
366 r = pConvertStringSidToSidA(
NULL,
NULL );
367 ok( !
r,
"expected failure with NULL parameters\n" );
371 "expected GetLastError() is ERROR_INVALID_PARAMETER, got %d\n",
374 r = pConvertStringSidToSidA( refs[0].refStr,
NULL );
376 "expected GetLastError() is ERROR_INVALID_PARAMETER, got %d\n",
379 r = pConvertStringSidToSidA(
NULL, &
str );
381 "expected GetLastError() is ERROR_INVALID_PARAMETER, got %d\n",
384 r = pConvertStringSidToSidA( noSubAuthStr, &psid );
386 "expected failure with no sub authorities\n" );
388 "expected GetLastError() is ERROR_INVALID_SID, got %d\n",
391 ok(pConvertStringSidToSidA(
"S-1-5-21-93476-23408-4576", &psid),
"ConvertStringSidToSidA failed\n");
399 for(
i = 0;
i <
sizeof(refs) /
sizeof(refs[0]);
i++ )
401 r =
AllocateAndInitializeSid( &refs[
i].auth, 1,1,0,0,0,0,0,0,0,
403 ok(
r,
"failed to allocate sid\n" );
405 ok(
r,
"failed to convert sid\n" );
409 "incorrect sid, expected %s, got %s\n", refs[
i].refStr,
str );
415 r = pConvertStringSidToSidA( refs[
i].refStr, &psid );
416 ok(
r,
"failed to parse sid string\n" );
420 sizeof(refs[
i].auth) ),
421 "string sid %s didn't parse to expected value\n"
422 "(got 0x%04x%08x, expected 0x%04x%08x)\n",
430 MAKEWORD( refs[
i].auth.Value[1], refs[
i].auth.Value[0] ),
432 MAKEWORD( refs[
i].auth.Value[3], refs[
i].auth.Value[2] ) ) );
438 r = pConvertStringSidToSidA(
"AN", &psid);
441 win_skip(
"String constant format not supported\n");
446 AllocateAndInitializeSid(&domain_ident, 4,
SECURITY_NT_NON_UNIQUE, 0, 0, 0, 0, 0, 0, 0, &domain_sid);
448 for(
i = 0;
i <
sizeof(strsid_table) /
sizeof(strsid_table[0]);
i++)
451 r = pConvertStringSidToSidA(strsid_table[
i].
str, &psid);
461 char *sid_string, *well_known_sid_string;
465 if (strsid_table[
i].sid_type == WinAccountAdministratorSid ||
466 strsid_table[
i].sid_type == WinAccountGuestSid)
468 for (
n = 1;
n <= 3;
n++)
475 trace(
"%s => %s\n", strsid_table[
i].
str, sid_string);
478 r = pCreateWellKnownSid(strsid_table[
i].sid_type, domain_sid,
buf, &
size);
479 ok(
r,
"%u: CreateWellKnownSid(%u) error %u\n",
i, strsid_table[
i].sid_type,
GetLastError());
482 ok(
r,
"%u: ConvertSidToStringSi(%u) error %u\n",
i, strsid_table[
i].sid_type,
GetLastError());
484 trace(
"%u => %s\n", strsid_table[
i].sid_type, well_known_sid_string);
486 ok(
strcmp(sid_string, well_known_sid_string) == 0,
487 "%u: (%u) expected %s, got %s\n",
i, strsid_table[
i].sid_type, well_known_sid_string, sid_string);
498 trace(
" %s: couldn't be converted\n", strsid_table[
i].
str);
507 GUID ObjectType = {0x12345678, 0x1234, 0x5678, {0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88}};
508 GUID InheritedObjectType = {0x23456789, 0x2345, 0x6786, {0x2, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99}};
514 char szObjectTypeName[] =
"ObjectTypeName";
515 char szInheritedObjectTypeName[] =
"InheritedObjectTypeName";
516 char szTrusteeName[] =
"szTrusteeName";
519 memset( &ZeroGuid, 0x00,
sizeof (ZeroGuid) );
523 pBuildTrusteeWithObjectsAndNameA = (
void *)
GetProcAddress (
hmod,
"BuildTrusteeWithObjectsAndNameA" );
524 pBuildTrusteeWithObjectsAndSidA = (
void *)
GetProcAddress (
hmod,
"BuildTrusteeWithObjectsAndSidA" );
526 if( !pBuildTrusteeWithSidA || !pBuildTrusteeWithNameA ||
527 !pBuildTrusteeWithObjectsAndNameA || !pBuildTrusteeWithObjectsAndSidA ||
531 if ( !
AllocateAndInitializeSid( &auth, 1, 42, 0,0,0,0,0,0,0,&psid ) )
533 trace(
"failed to init SID\n" );
538 memset( &trustee, 0xff,
sizeof trustee );
539 pBuildTrusteeWithSidA( &trustee, psid );
543 "MultipleTrusteeOperation wrong\n");
546 ok( trustee.
ptstrName == psid,
"ptstrName wrong\n" );
549 memset( &trustee, 0xff,
sizeof trustee );
550 memset( &oas, 0xff,
sizeof(oas) );
551 pBuildTrusteeWithObjectsAndSidA(&trustee, &oas, &
ObjectType,
552 &InheritedObjectType, psid);
563 ok(oas.
pSid == psid,
"pSid wrong\n");
566 ok(pGetTrusteeNameA(&trustee) == (
LPSTR)&oas,
"GetTrusteeName returned wrong value\n");
569 memset( &trustee, 0xff,
sizeof trustee );
570 memset( &oas, 0xff,
sizeof(oas) );
571 pBuildTrusteeWithObjectsAndSidA(&trustee, &oas,
NULL,
572 &InheritedObjectType, psid);
583 ok(oas.
pSid == psid,
"pSid wrong\n");
588 memset( &trustee, 0xff,
sizeof trustee );
589 pBuildTrusteeWithNameA( &trustee, szTrusteeName );
593 "MultipleTrusteeOperation wrong\n");
596 ok( trustee.
ptstrName == szTrusteeName,
"ptstrName wrong\n" );
599 memset( &trustee, 0xff,
sizeof trustee );
600 memset( &oan, 0xff,
sizeof(oan) );
601 pBuildTrusteeWithObjectsAndNameA(&trustee, &oan,
SE_KERNEL_OBJECT, szObjectTypeName,
602 szInheritedObjectTypeName, szTrusteeName);
613 ok(oan.
ptstrName == szTrusteeName,
"szTrusteeName wrong\n");
616 ok(pGetTrusteeNameA(&trustee) == (
LPSTR)&oan,
"GetTrusteeName returned wrong value\n");
619 memset( &trustee, 0xff,
sizeof trustee );
620 memset( &oan, 0xff,
sizeof(oan) );
622 szInheritedObjectTypeName, szTrusteeName);
633 ok(oan.
ptstrName == szTrusteeName,
"szTrusteeName wrong\n");
636 memset( &trustee, 0xff,
sizeof trustee );
637 memset( &oan, 0xff,
sizeof(oan) );
638 pBuildTrusteeWithObjectsAndNameA(&trustee, &oan,
SE_KERNEL_OBJECT, szObjectTypeName,
639 NULL, szTrusteeName);
650 ok(oan.
ptstrName == szTrusteeName,
"szTrusteeName wrong\n");
654#ifndef SE_MIN_WELL_KNOWN_PRIVILEGE
655#define SE_MIN_WELL_KNOWN_PRIVILEGE 2L
656#define SE_CREATE_TOKEN_PRIVILEGE 2L
657#define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE 3L
658#define SE_LOCK_MEMORY_PRIVILEGE 4L
659#define SE_INCREASE_QUOTA_PRIVILEGE 5L
660#define SE_MACHINE_ACCOUNT_PRIVILEGE 6L
661#define SE_TCB_PRIVILEGE 7L
662#define SE_SECURITY_PRIVILEGE 8L
663#define SE_TAKE_OWNERSHIP_PRIVILEGE 9L
664#define SE_LOAD_DRIVER_PRIVILEGE 10L
665#define SE_SYSTEM_PROFILE_PRIVILEGE 11L
666#define SE_SYSTEMTIME_PRIVILEGE 12L
667#define SE_PROF_SINGLE_PROCESS_PRIVILEGE 13L
668#define SE_INC_BASE_PRIORITY_PRIVILEGE 14L
669#define SE_CREATE_PAGEFILE_PRIVILEGE 15L
670#define SE_CREATE_PERMANENT_PRIVILEGE 16L
671#define SE_BACKUP_PRIVILEGE 17L
672#define SE_RESTORE_PRIVILEGE 18L
673#define SE_SHUTDOWN_PRIVILEGE 19L
674#define SE_DEBUG_PRIVILEGE 20L
675#define SE_AUDIT_PRIVILEGE 21L
676#define SE_SYSTEM_ENVIRONMENT_PRIVILEGE 22L
677#define SE_CHANGE_NOTIFY_PRIVILEGE 23L
678#define SE_REMOTE_SHUTDOWN_PRIVILEGE 24L
679#define SE_UNDOCK_PRIVILEGE 25L
680#define SE_SYNC_AGENT_PRIVILEGE 26L
681#define SE_ENABLE_DELEGATION_PRIVILEGE 27L
682#define SE_MANAGE_VOLUME_PRIVILEGE 28L
683#define SE_IMPERSONATE_PRIVILEGE 29L
684#define SE_CREATE_GLOBAL_PRIVILEGE 30L
685#define SE_MAX_WELL_KNOWN_PRIVILEGE SE_CREATE_GLOBAL_PRIVILEGE
695 if (!pAllocateLocallyUniqueId)
return;
697 ret = pAllocateLocallyUniqueId(&luid1);
702 "AllocateLocallyUniqueId failed: %d\n",
GetLastError());
703 ret = pAllocateLocallyUniqueId(&luid2);
705 "AllocateLocallyUniqueId failed: %d\n",
GetLastError());
707 "AllocateLocallyUniqueId returned a well-known LUID\n");
709 "AllocateLocallyUniqueId returned non-unique LUIDs\n");
710 ret = pAllocateLocallyUniqueId(
NULL);
712 "AllocateLocallyUniqueId(NULL) didn't return ERROR_NOACCESS: %d\n",
721 LUID luid = { 0, 0 };
727 if (!pLookupPrivilegeNameA)
return;
738 "LookupPrivilegeNameA didn't fail with ERROR_INSUFFICIENT_BUFFER: %d\n",
741 "LookupPrivilegeNameA returned an incorrect required length for\n"
742 "SeCreateTokenPrivilege (got %d, expected %d)\n",
cchName,
743 lstrlenA(
"SeCreateTokenPrivilege") + 1);
748 "LookupPrivilegeNameA returned an incorrect output length for\n"
749 "SeCreateTokenPrivilege (got %d, expected %d)\n",
cchName,
750 (
int)
strlen(
"SeCreateTokenPrivilege"));
758 "LookupPrivilegeNameA(0.%d) failed: %d\n",
i,
GetLastError());
765 "LookupPrivilegeNameA didn't fail with ERROR_NO_SUCH_PRIVILEGE: %d\n",
770 ret = pLookupPrivilegeNameA(
"b0gu5.Nam3", &luid,
buf, &
cchName);
773 "LookupPrivilegeNameA didn't fail with RPC_S_SERVER_UNAVAILABLE or RPC_S_INVALID_NET_ADDR: %d\n",
823 if (!pLookupPrivilegeValueA)
return;
824 ret = pLookupPrivilegeValueA(
NULL,
"SeCreateTokenPrivilege", &luid);
829 ret = pLookupPrivilegeValueA(
"b0gu5.Nam3",
"SeCreateTokenPrivilege", &luid);
832 "LookupPrivilegeValueA didn't fail with RPC_S_SERVER_UNAVAILABLE or RPC_S_INVALID_NET_ADDR: %d\n",
835 ret = pLookupPrivilegeValueA(
NULL, 0, &luid);
837 "LookupPrivilegeValueA didn't fail with ERROR_NO_SUCH_PRIVILEGE: %d\n",
840 ret = pLookupPrivilegeValueA(
NULL,
"SeBogusPrivilege", &luid);
842 "LookupPrivilegeValueA didn't fail with ERROR_NO_SUCH_PRIVILEGE: %d\n",
845 ret = pLookupPrivilegeValueA(
NULL,
"sEcREATEtOKENpRIVILEGE", &luid);
847 "LookupPrivilegeValueA(NULL, sEcREATEtOKENpRIVILEGE, &luid) failed: %d\n",
849 for (
i = 0;
i <
sizeof(privs) /
sizeof(privs[0]);
i++)
854 if (pLookupPrivilegeValueA(
NULL, privs[
i].
name, &luid))
857 "LookupPrivilegeValueA returned an invalid LUID for %s\n",
876 DWORD sdSize, retSize, rc, granted, priv_set_len;
885 if (!pGetFileSecurityA) {
886 win_skip (
"GetFileSecurity is not available\n");
890 if (!pSetFileSecurityA) {
891 win_skip (
"SetFileSecurity is not available\n");
921 win_skip(
"GetFileSecurityA is not implemented\n");
924 ok (!rc,
"GetFileSecurityA "
925 "was expected to fail for '%s'\n",
file);
927 "returned %d; expected ERROR_INSUFFICIENT_BUFFER\n",
GetLastError());
936 rc = pGetFileSecurityA (
file,
request,
sd, sdSize, &retSize);
937 ok (rc,
"GetFileSecurityA "
939 ok (retSize == sdSize ||
941 "GetFileSecurityA returned size %d; expected %d\n", retSize, sdSize);
946 ok (rc,
"SetFileSecurityA "
957 ok (!rc,
"GetFileSecurityA "
958 "was expected to fail for '%s'\n",
path);
960 "returned %d; expected ERROR_INSUFFICIENT_BUFFER\n",
GetLastError());
969 rc = pGetFileSecurityA (
path,
request,
sd, sdSize, &retSize);
970 ok (rc,
"GetFileSecurityA "
972 ok (retSize == sdSize ||
974 "GetFileSecurityA returned size %d; expected %d\n", retSize, sdSize);
979 ok (rc,
"SetFileSecurityA "
984 strcpy (wintmpdir,
"\\Should not exist");
987 ok (!rc,
"GetFileSecurityA should fail for not existing directories/files\n");
989 "last error ERROR_FILE_NOT_FOUND expected, got %d\n",
GetLastError());
1011 ok(!rc,
"GetFileSecurity should fail\n");
1013 "expected ERROR_INSUFFICIENT_BUFFER got %d\n",
GetLastError());
1017 retSize = 0xdeadbeef;
1020 sd, sdSize, &retSize);
1022 ok(retSize == sdSize ||
broken(retSize == 0) ,
"expected %d, got %d\n", sdSize, retSize);
1026 ok(!rc,
"OpenThreadToken should fail\n");
1041 priv_set_len =
sizeof(priv_set);
1042 granted = 0xdeadbeef;
1048 ok(granted ==
FILE_READ_DATA,
"expected FILE_READ_DATA, got %#x\n", granted);
1050 granted = 0xdeadbeef;
1058 granted = 0xdeadbeef;
1064 ok(granted ==
FILE_EXECUTE,
"expected FILE_EXECUTE, got %#x\n", granted);
1066 granted = 0xdeadbeef;
1072 ok(granted ==
DELETE,
"expected DELETE, got %#x\n", granted);
1074 granted = 0xdeadbeef;
1082 granted = 0xdeadbeef;
1088 ok(granted == 0x1ff,
"expected 0x1ff, got %#x\n", granted);
1090 granted = 0xdeadbeef;
1100 ok(!rc,
"AccessCheck should fail\n");
1107 retSize = 0xdeadbeef;
1110 ok(!rc,
"WriteFile should fail\n");
1112 ok(retSize == 0,
"expected 0, got %d\n", retSize);
1119 "expected FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY got %#x\n", rc);
1131 retSize = 0xdeadbeef;
1134 ok(!rc,
"WriteFile should fail\n");
1136 ok(retSize == 0,
"expected 0, got %d\n", retSize);
1142 "expected FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY got %#x\n", rc);
1144 retSize = 0xdeadbeef;
1147 sd, sdSize, &retSize);
1149 ok(retSize == sdSize ||
broken(retSize == 0) ,
"expected %d, got %d\n", sdSize, retSize);
1151 priv_set_len =
sizeof(priv_set);
1152 granted = 0xdeadbeef;
1158 ok(granted ==
FILE_READ_DATA,
"expected FILE_READ_DATA, got %#x\n", granted);
1160 granted = 0xdeadbeef;
1169 granted = 0xdeadbeef;
1175 ok(granted ==
FILE_EXECUTE,
"expected FILE_EXECUTE, got %#x\n", granted);
1177 granted = 0xdeadbeef;
1184 ok(granted ==
DELETE,
"expected DELETE, got %#x\n", granted);
1186 granted = 0xdeadbeef;
1195 granted = 0xdeadbeef;
1202 ok(granted == 0x1ff,
"expected 0x1ff, got %#x\n", granted);
1204 granted = 0xdeadbeef;
1215 ok(!rc,
"DeleteFile should fail\n");
1252 skip(
"not running on NT, skipping test\n");
1255 pRtlAdjustPrivilege = (
void *)
GetProcAddress(NtDllModule,
"RtlAdjustPrivilege");
1256 if (!pRtlAdjustPrivilege)
1258 win_skip(
"missing RtlAdjustPrivilege, skipping test\n");
1266 skip(
"ACLs not implemented - skipping tests\n");
1272 res =
AllocateAndInitializeSid( &SIDAuthWorld, 1,
SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &EveryoneSid);
1310 "failed with ERROR_INVALID_SECURITY_DESCR, instead of %d\n",
err);
1312 "Access and/or AccessStatus were changed!\n");
1327 "with ERROR_GENERIC_NOT_MAPPED, instead of %d\n",
err);
1329 "Access and/or AccessStatus were changed!\n");
1338 "with ERROR_NOACCESS, instead of %d\n",
err);
1340 "Access and/or AccessStatus were changed!\n");
1349 "with ERROR_NOACCESS, instead of %d\n",
err);
1351 "Access and/or AccessStatus were changed!\n");
1360 "with ERROR_NOACCESS, instead of %d\n",
err);
1362 "Access and/or AccessStatus were changed!\n");
1372 "AccessCheck failed to grant access with error %d\n",
1382 "with ERROR_NOACCESS, instead of %d\n",
err);
1384 "Access and/or AccessStatus were changed!\n");
1390 Access = ntAccessStatus = 0x1abe11ed;
1392 NULL, &PrivSetLen, &Access, &ntAccessStatus);
1395 "NtAccessCheck should have failed with STATUS_ACCESS_VIOLATION, got %x\n", ntret);
1396 ok(
err == 0xdeadbeef,
1397 "NtAccessCheck shouldn't set last error, got %d\n",
err);
1398 ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
1399 "Access and/or AccessStatus were changed!\n");
1403 Access = ntAccessStatus = 0x1abe11ed;
1405 PrivSet,
NULL, &Access, &ntAccessStatus);
1408 "NtAccessCheck should have failed with STATUS_ACCESS_VIOLATION, got %x\n", ntret);
1409 ok(
err == 0xdeadbeef,
1410 "NtAccessCheck shouldn't set last error, got %d\n",
err);
1411 ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
1412 "Access and/or AccessStatus were changed!\n");
1416 Access = ntAccessStatus = 0x1abe11ed;
1418 NULL,
NULL, &Access, &ntAccessStatus);
1421 "NtAccessCheck should have failed with STATUS_ACCESS_VIOLATION, got %x\n", ntret);
1422 ok(
err == 0xdeadbeef,
1423 "NtAccessCheck shouldn't set last error, got %d\n",
err);
1424 ok(Access == 0x1abe11ed && ntAccessStatus == 0x1abe11ed,
1425 "Access and/or AccessStatus were changed!\n");
1428 win_skip(
"NtAccessCheck unavailable. Skipping.\n");
1438 "AccessCheck failed to grant access with error %d\n",
1444 "AccessCheck failed to grant access with error %d\n",
1455 "with ERROR_ACCESS_DENIED, instead of %d\n",
err);
1456 ok(!Access,
"Should have failed to grant any access, got 0x%08x\n", Access);
1470 "AccessCheck failed to grant access with error %d\n",
1477 "AccessCheck failed to grant any access with error %d\n",
1479 trace(
"AccessCheck with MAXIMUM_ALLOWED got Access 0x%08x\n", Access);
1488 "failed with ERROR_NOACCESS, instead of %d\n",
err);
1490 "Access and/or AccessStatus were changed!\n");
1500 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n",
err);
1501 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %d\n", PrivSetLen);
1503 "Access and/or AccessStatus were changed!\n");
1513 "failed with ERROR_NOACCESS, instead of %d\n",
err);
1514 ok(PrivSetLen == 1,
"PrivSetLen returns %d\n", PrivSetLen);
1516 "Access and/or AccessStatus were changed!\n");
1526 "failed with ERROR_NOACCESS, instead of %d\n",
err);
1527 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET) - 1,
"PrivSetLen returns %d\n", PrivSetLen);
1529 "Access and/or AccessStatus were changed!\n");
1539 "failed with ERROR_NOACCESS, instead of %d\n",
err);
1540 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %d\n", PrivSetLen);
1542 "Access and/or AccessStatus were changed!\n");
1552 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n",
err);
1553 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %d\n", PrivSetLen);
1555 "Access and/or AccessStatus were changed!\n");
1566 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n",
err);
1568 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %d\n", PrivSetLen);
1570 "Access and/or AccessStatus were changed!\n");
1581 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n",
err);
1583 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %d\n", PrivSetLen);
1586 "Access and/or AccessStatus were changed!\n");
1592 memset(PrivSet, 0xcc, PrivSetLen);
1598 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %d\n", PrivSetLen);
1600 "AccessCheck failed to grant access with error %d\n",
GetLastError());
1608 memset(PrivSet, 0xcc, PrivSetLen);
1614 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET) + 1,
"PrivSetLen returns %d\n", PrivSetLen);
1616 "AccessCheck failed to grant access with error %d\n",
GetLastError());
1629 "failed with ERROR_NOACCESS, instead of %d\n",
err);
1631 "Access and/or AccessStatus were changed!\n");
1641 "with ERROR_ACCESS_DENIED, instead of %d\n",
err);
1642 ok(!Access,
"Should have failed to grant any access, got 0x%08x\n", Access);
1649 "AccessCheck should have failed with ERROR_PRIVILEGE_NOT_HELD, instead of %d\n",
1665 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n",
err);
1666 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %d\n", PrivSetLen);
1668 "Access and/or AccessStatus were changed!\n");
1679 "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n",
err);
1681 ok(PrivSetLen ==
sizeof(
PRIVILEGE_SET),
"PrivSetLen returns %d\n", PrivSetLen);
1684 "Access and/or AccessStatus were changed!\n");
1690 memset(PrivSet, 0xcc, PrivSetLen);
1694 "AccessCheck should have succeeded, error %d\n",
1697 "Access should be equal to ACCESS_SYSTEM_SECURITY instead of 0x%08x\n",
1706 memset(PrivSet, 0xcc, PrivSetLen);
1710 "AccessCheck should have succeeded, error %d\n",
1713 "Access should be equal to ACCESS_SYSTEM_SECURITY instead of 0x%08x\n",
1719 trace(
"Couldn't get SE_SECURITY_PRIVILEGE (0x%08x), skipping ACCESS_SYSTEM_SECURITY test\n",
1731 if (pAddAccessAllowedAceEx)
1737 win_skip(
"AddAccessAllowedAceEx is not available\n");
1744 "with ERROR_ACCESS_DENIED, instead of %d\n",
err);
1745 ok(!Access,
"Should have failed to grant any access, got 0x%08x\n", Access);
1757 "with ERROR_BAD_IMPERSONATION_LEVEL, instead of %d\n",
err);
1766 "with ERROR_NO_IMPERSONATION_TOKEN, instead of %d\n",
err);
1801 win_skip(
"OpenProcessToken is not implemented\n");
1814 ok(!
ret && (
GLE ==
ERROR_INVALID_PARAMETER),
"GetTokenInformation(TokenImpersonationLevel) on primary token should have failed with ERROR_INVALID_PARAMETER instead of %d\n",
GLE);
1827 ok(Size2 > 1,
"got %d\n", Size2);
1832 memset(Groups, 0xcc, Size2);
1839 ok(*((
BYTE*)Groups) == 0xcc,
"buffer altered\n");
1846 "GetTokenInformation(TokenGroups) %s with error %d\n",
1851 ok(
ret,
"GetTokenInformation(TokenGroups) failed with error %d\n",
GetLastError());
1853 "GetTokenInformation shouldn't have set last error to %d\n",
1855 trace(
"TokenGroups:\n");
1858 DWORD NameLength = 255;
1860 DWORD DomainLength = 255;
1879 "GetTokenInformation(TokenUser) failed with error %d\n",
GetLastError());
1883 "GetTokenInformation(TokenUser) failed with error %d\n",
GetLastError());
1897 "GetTokenInformation(TokenLogonSid) failed with error %d\n",
GetLastError());
1901 "GetTokenInformation(TokenLogonSid) failed with error %d\n",
GetLastError());
1908 trace(
"TokenLogon: %s\n", SidString);
1913 ok(
ret,
"Unknown SID\n");
1923 "GetTokenInformation(TokenPrivileges) failed with error %d\n",
GetLastError());
1927 "GetTokenInformation(TokenPrivileges) failed with error %d\n",
GetLastError());
1928 trace(
"TokenPrivileges:\n");
1943 ok(
ret,
"GetTokenInformation(TokenImpersonationLevel) failed with error %d\n",
GetLastError());
1951 "GetTokenInformation(TokenDefaultDacl) failed with error %u\n",
GetLastError());
1955 ok(
ret,
"GetTokenInformation(TokenDefaultDacl) failed with error %u\n",
GetLastError());
1960 ok(!
ret,
"SetTokenInformation(TokenDefaultDacl) succeeded\n");
1966 ok(!
ret,
"SetTokenInformation(TokenDefaultDacl) succeeded\n");
1969 acl =
Dacl->DefaultDacl;
1973 ok(
ret,
"SetTokenInformation(TokenDefaultDacl) succeeded\n");
1976 Dacl->DefaultDacl = (
ACL *)0xdeadbeef;
1978 ok(
ret,
"GetTokenInformation(TokenDefaultDacl) failed with error %u\n",
GetLastError());
1979 ok(
Dacl->DefaultDacl ==
NULL,
"expected NULL, got %p\n",
Dacl->DefaultDacl);
1981 "got %u expected sizeof(TOKEN_DEFAULT_DACL)\n", Size2);
1983 Dacl->DefaultDacl = acl;
1985 ok(
ret,
"SetTokenInformation(TokenDefaultDacl) failed with error %u\n",
GetLastError());
1989 ok(
ret,
"GetTokenInformation(TokenDefaultDacl) failed with error %u\n",
GetLastError());
1991 win_skip(
"TOKEN_DEFAULT_DACL size too small on WoW64\n");
2007 is_app_container = 0xdeadbeef;
2009 sizeof(is_app_container), &
size);
2014 ok(
size ==
sizeof(is_app_container),
"size = %u\n",
size);
2015 ok(!is_app_container,
"is_app_container = %x\n", is_app_container);
2040 "LookupAccountSid(%s) failed: %d\n", str_sid,
GetLastError());
2044 trace(
" %s couldn't be mapped\n", str_sid);
2054 {
TRUE,
"S-1-0-0"}, {
TRUE,
"S-1-1-0"}, {
TRUE,
"S-1-2-0"}, {
TRUE,
"S-1-3-0"},
2057 {
TRUE,
"S-1-5-6"}, {
TRUE,
"S-1-5-7"}, {
TRUE,
"S-1-5-8"}, {
TRUE,
"S-1-5-9"},
2058 {
TRUE,
"S-1-5-10"}, {
TRUE,
"S-1-5-11"}, {
TRUE,
"S-1-5-12"}, {
TRUE,
"S-1-5-13"},
2060 {
TRUE,
"S-1-5-20"}, {
TRUE,
"S-1-5-32"},
2061 {
FALSE,
"S-1-5-32-544"}, {
TRUE,
"S-1-5-32-545"}, {
TRUE,
"S-1-5-32-546"},
2062 {
TRUE,
"S-1-5-32-547"}, {
TRUE,
"S-1-5-32-548"}, {
TRUE,
"S-1-5-32-549"},
2063 {
TRUE,
"S-1-5-32-550"}, {
TRUE,
"S-1-5-32-551"}, {
TRUE,
"S-1-5-32-552"},
2064 {
TRUE,
"S-1-5-32-554"}, {
TRUE,
"S-1-5-32-555"}, {
TRUE,
"S-1-5-32-556"},
2065 {
FALSE,
"S-1-5-21-12-23-34-45-56-500"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-501"},
2066 {
FALSE,
"S-1-5-21-12-23-34-45-56-502"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-512"},
2067 {
FALSE,
"S-1-5-21-12-23-34-45-56-513"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-514"},
2068 {
FALSE,
"S-1-5-21-12-23-34-45-56-515"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-516"},
2069 {
FALSE,
"S-1-5-21-12-23-34-45-56-517"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-518"},
2070 {
FALSE,
"S-1-5-21-12-23-34-45-56-519"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-520"},
2071 {
FALSE,
"S-1-5-21-12-23-34-45-56-553"},
2073 {
TRUE,
"S-1-5-64-10"}, {
TRUE,
"S-1-5-64-21"}, {
TRUE,
"S-1-5-64-14"},
2074 {
TRUE,
"S-1-5-15"}, {
TRUE,
"S-1-5-1000"}, {
FALSE,
"S-1-5-32-557"},
2075 {
TRUE,
"S-1-5-32-558"}, {
TRUE,
"S-1-5-32-559"}, {
TRUE,
"S-1-5-32-560"},
2076 {
TRUE,
"S-1-5-32-561"}, {
TRUE,
"S-1-5-32-562"},
2078 {
TRUE,
"S-1-5-32-568"},
2079 {
TRUE,
"S-1-5-17"}, {
FALSE,
"S-1-5-32-569"}, {
TRUE,
"S-1-16-0"},
2080 {
TRUE,
"S-1-16-4096"}, {
TRUE,
"S-1-16-8192"}, {
TRUE,
"S-1-16-12288"},
2081 {
TRUE,
"S-1-16-16384"}, {
TRUE,
"S-1-5-33"}, {
TRUE,
"S-1-3-4"},
2082 {
FALSE,
"S-1-5-21-12-23-34-45-56-571"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-572"},
2083 {
TRUE,
"S-1-5-22"}, {
FALSE,
"S-1-5-21-12-23-34-45-56-521"}, {
TRUE,
"S-1-5-32-573"},
2084 {
FALSE,
"S-1-5-21-12-23-34-45-56-498"}, {
TRUE,
"S-1-5-32-574"}, {
TRUE,
"S-1-16-8448"},
2086 {
TRUE,
"S-1-15-2-1"},
2097 if (!pCreateWellKnownSid)
2099 win_skip(
"CreateWellKnownSid not available\n");
2107 ok(!
ret,
"CreateWellKnownSid succeeded\n");
2109 ok(
size,
"expected size > 0\n");
2114 ok(!
ret,
"CreateWellKnownSid succeeded\n");
2123 AllocateAndInitializeSid(&
ident, 6,
SECURITY_NT_NON_UNIQUE, 12, 23, 34, 45, 56, 0, 0, &domainsid);
2136 cb =
sizeof(sid_buffer);
2137 if (!pCreateWellKnownSid(
i,
NULL, sid_buffer, &
cb))
2139 skip(
"Well known SID %u not implemented\n",
i);
2143 cb =
sizeof(sid_buffer);
2144 ok(pCreateWellKnownSid(
i,
value->without_domain ?
NULL : domainsid, sid_buffer, &
cb),
"Couldn't create well known sid %u\n",
i);
2148 ok(
strcmp(
str,
value->sid_string) == 0,
"%d: SID mismatch - expected %s, got %s\n",
i,
2152 if (
value->without_domain)
2156 ok(pCreateWellKnownSid(
i, domainsid, buf2, &
cb),
"Couldn't create well known sid %u with optional domain\n",
i);
2158 ok(
memcmp(buf2, sid_buffer,
cb) == 0,
"SID create with domain is different than without (%u)\n",
i);
2169 DWORD acc_sizeA, dom_sizeA, user_sizeA;
2170 DWORD real_acc_sizeA, real_dom_sizeA;
2172 DWORD acc_sizeW, dom_sizeW;
2173 DWORD real_acc_sizeW, real_dom_sizeW;
2189 "AllocateAndInitializeSid failed with error %d\n",
GetLastError());
2198 ok(
ret,
"LookupAccountSidA() Expected TRUE, got FALSE\n");
2204 ok(
ret,
"LookupAccountSidA() Expected TRUE, got FALSE\n");
2210 ok(
ret,
"LookupAccountSidA() Expected TRUE, got FALSE\n");
2217 ok(!
ret,
"LookupAccountSidA() Expected FALSE got TRUE\n");
2219 "LookupAccountSidA() Expected ERROR_NOT_ENOUGH_MEMORY, got %u\n",
GetLastError());
2227 ok(acc_sizeA == real_acc_sizeA + 1,
2228 "LookupAccountSidA() Expected acc_size = %u, got %u\n",
2229 real_acc_sizeA + 1, acc_sizeA);
2236 ok(acc_sizeA == real_acc_sizeA + 1,
2237 "LookupAccountSid() Expected acc_size = %u, got %u\n",
2238 real_acc_sizeA + 1, acc_sizeA);
2245 ok(!
ret,
"LookupAccountSidA() Expected FALSE got TRUE\n");
2247 "LookupAccountSidA() Expected ERROR_NOT_ENOUGH_MEMORY, got %u\n",
GetLastError());
2255 ok(dom_sizeA == real_dom_sizeA + 1,
2256 "LookupAccountSidA() Expected dom_size = %u, got %u\n",
2257 real_dom_sizeA + 1, dom_sizeA);
2264 ok(dom_sizeA == real_dom_sizeA + 1,
2265 "LookupAccountSidA() Expected dom_size = %u, got %u\n",
2266 real_dom_sizeA + 1, dom_sizeA);
2271 ok(
ret,
"LookupAccountSidW() Expected TRUE, got FALSE\n");
2276 ret =
LookupAccountSidA(
"deepthought", pUsersSid, accountA, &real_acc_sizeA, domainA, &real_dom_sizeA, &use);
2277 ok(!
ret,
"LookupAccountSidA() Expected FALSE got TRUE\n");
2279 "LookupAccountSidA() Expected RPC_S_SERVER_UNAVAILABLE or RPC_S_INVALID_NET_ADDR, got %u\n",
GetLastError());
2288 ok(!
ret,
"LookupAccountSidW() Expected FALSE got TRUE\n");
2290 "LookupAccountSidW() Expected ERROR_NOT_ENOUGH_MEMORY, got %u\n",
GetLastError());
2298 ok(acc_sizeW == real_acc_sizeW + 1,
2299 "LookupAccountSidW() Expected acc_size = %u, got %u\n",
2300 real_acc_sizeW + 1, acc_sizeW);
2307 ok(acc_sizeW == real_acc_sizeW + 1,
2308 "LookupAccountSidW() Expected acc_size = %u, got %u\n",
2309 real_acc_sizeW + 1, acc_sizeW);
2316 ok(!
ret,
"LookupAccountSidW() Expected FALSE got TRUE\n");
2318 "LookupAccountSidW() Expected ERROR_NOT_ENOUGH_MEMORY, got %u\n",
GetLastError());
2326 ok(dom_sizeW == real_dom_sizeW + 1,
2327 "LookupAccountSidW() Expected dom_size = %u, got %u\n",
2328 real_dom_sizeW + 1, dom_sizeW);
2335 ok(dom_sizeW == real_dom_sizeW + 1,
2336 "LookupAccountSidW() Expected dom_size = %u, got %u\n",
2337 real_dom_sizeW + 1, dom_sizeW);
2339 acc_sizeW = dom_sizeW = use = 0;
2345 ok(acc_sizeW,
"expected non-zero account size\n");
2346 ok(dom_sizeW,
"expected non-zero domain size\n");
2347 ok(!use,
"expected zero use %u\n", use);
2362 ok(
ret,
"LookupAccountSidA() Expected TRUE, got FALSE\n");
2365 ok(
ret,
"GetUserNameA() Expected TRUE, got FALSE\n");
2366 ok(
lstrcmpA(usernameA, accountA) == 0,
"LookupAccountSidA() Expected account name: %s got: %s\n", usernameA, accountA );
2370 if (pCreateWellKnownSid)
2372 trace(
"Well Known SIDs:\n");
2373 for (
i = 0;
i <= 84;
i++)
2383 trace(
" %d: %s %s\\%s %d\n",
i, str_sidA, domainA, accountA, use);
2392 trace(
" %d: not supported\n",
i);
2396 pLsaQueryInformationPolicy = (
void *)
GetProcAddress(
hmod,
"LsaQueryInformationPolicy");
2401 if (pLsaQueryInformationPolicy && pLsaOpenPolicy && pLsaFreeMemory && pLsaClose)
2407 ZeroMemory(&object_attributes,
sizeof(object_attributes));
2408 object_attributes.
Length =
sizeof(object_attributes);
2412 "LsaOpenPolicy(POLICY_ALL_ACCESS) returned 0x%08x\n",
status);
2416 trace(
"LsaOpenPolicy(POLICY_ALL_ACCESS) failed, trying POLICY_VIEW_LOCAL_INFORMATION\n");
2428 ok(
info->DomainSid!=0,
"LsaQueryInformationPolicy(PolicyAccountDomainInformation) missing SID\n");
2429 if (
info->DomainSid)
2497 DWORD sid_size, domain_size;
2506 ok(!
ret,
" %s Should have failed to lookup account name\n",
name);
2513 ok(!
ret,
" %s Should have failed to lookup account name\n",
name);
2517 AllocateAndInitializeSid(&
ident, 6,
SECURITY_NT_NON_UNIQUE, 12, 23, 34, 45, 56, 0, 0, &domainsid);
2518 cb =
sizeof(wk_sid);
2519 if (!pCreateWellKnownSid(
result, domainsid, wk_sid, &
cb))
2528 win_skip(
"CreateWellKnownSid() succeeded but the account '%s' is not present (W2K)\n",
name);
2534 ok(
ret,
"Failed to lookup account name %s\n",
name);
2535 ok(sid_size != 0,
"sid_size was zero\n");
2537 ok(
EqualSid(psid,wk_sid),
"%s Sid %s fails to match well known sid %s!\n",
2552 DWORD sid_size, domain_size, user_size;
2553 DWORD sid_save, domain_save;
2568 user_size =
UNLEN + 1;
2576 sid_use = 0xcafebabe;
2581 win_skip(
"LookupAccountNameA is not implemented\n");
2584 ok(!
ret,
"Expected 0, got %d\n",
ret);
2586 "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n",
GetLastError());
2587 ok(sid_size != 0,
"Expected non-zero sid size\n");
2588 ok(domain_size != 0,
"Expected non-zero domain size\n");
2589 ok(sid_use == (
SID_NAME_USE)0xcafebabe,
"Expected 0xcafebabe, got %d\n", sid_use);
2591 sid_save = sid_size;
2592 domain_save = domain_size;
2600 ok(
ret,
"Failed to lookup account name\n");
2604 ok(domain_size == domain_save - 1,
"Expected %d, got %d\n", domain_save - 1, domain_size);
2607 domain_size = domain_save;
2608 sid_size = sid_save;
2612 skip(
"Non-English locale (test with hardcoded 'Everyone')\n");
2618 ok(
ret,
"Failed to lookup account name\n");
2619 ok(sid_size != 0,
"sid_size was zero\n");
2622 ok(domain_size == 0,
"Expected 0, got %d\n", domain_size);
2625 domain_size = domain_save;
2632 ok(!
ret,
"Expected 0, got %d\n",
ret);
2634 "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n",
GetLastError());
2635 ok(sid_size == sid_save,
"Expected %d, got %d\n", sid_save, sid_size);
2636 ok(domain_size == domain_save,
"Expected %d, got %d\n", domain_save, domain_size);
2642 ok(!
ret,
"Expected 0, got %d\n",
ret);
2644 "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n",
GetLastError());
2645 ok(sid_size == sid_save,
"Expected %d, got %d\n", sid_save, sid_size);
2646 ok(domain_size == domain_save,
"Expected %d, got %d\n", domain_save, domain_size);
2652 ok(!
ret,
"Expected 0, got %d\n",
ret);
2654 "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n",
GetLastError());
2655 ok(sid_size == sid_save,
"Expected %d, got %d\n", sid_save, sid_size);
2656 ok(domain_size == domain_save,
"Expected %d, got %d\n", domain_save, domain_size);
2664 sid_use = 0xcafebabe;
2668 win_skip(
"NULL account name doesn't work on NT4\n");
2671 ok(!
ret,
"Expected 0, got %d\n",
ret);
2673 "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n",
GetLastError());
2674 ok(sid_size != 0,
"Expected non-zero sid size\n");
2675 ok(domain_size != 0,
"Expected non-zero domain size\n");
2676 ok(sid_use == (
SID_NAME_USE)0xcafebabe,
"Expected 0xcafebabe, got %d\n", sid_use);
2684 ok(
ret,
"Failed to lookup account name\n");
2687 "Got %s for account and %s for domain, these should be the same\n",
account,
domain);
2699 ok(!
ret,
"Expected 0, got %d\n",
ret);
2702 "Expected ERROR_NONE_MAPPED, got %d\n",
GetLastError());
2703 ok(sid_size == 0,
"Expected 0, got %d\n", sid_size);
2704 ok(domain_size == 0,
"Expected 0, got %d\n", domain_size);
2711 ok(!
ret,
"Expected 0, got %d\n",
ret);
2713 "Expected RPC_S_SERVER_UNAVAILABLE or RPC_S_INVALID_NET_ADDR, got %d\n",
GetLastError());
2714 ok(sid_size == 0,
"Expected 0, got %d\n", sid_size);
2715 ok(domain_size == 0,
"Expected 0, got %d\n", domain_size);
2741 if (!pCreateWellKnownSid)
2743 win_skip(
"CreateWellKnownSid not available\n");
2749 skip(
"Non-English locale (skipping well known name creation tests)\n");
2786 DWORD size, size_dacl, size_sacl, size_owner, size_group;
2787 BOOL isDefault, isPresent,
ret;
2795 win_skip(
"InitializeSecurityDescriptor is not implemented\n");
2808 ok(
size > 5,
"Size not increased\n");
2828 ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
2829 "O:SYG:S-1-5-21-93476-23408-4576D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)"
2830 "(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)"
2839 size = size_dacl = size_sacl = size_owner = size_group = 0;
2840 ret =
MakeAbsoluteSD(sd_rel,
NULL, &
size,
NULL, &size_dacl,
NULL, &size_sacl,
NULL, &size_owner,
NULL,
2846 sacl = (
PACL)((
char *)
dacl + size_dacl);
2847 owner = (
PSID)((
char *)sacl + size_sacl);
2848 group = (
PSID)((
char *)owner + size_owner);
2850 group, &size_group);
2869#define TEST_GRANTED_ACCESS(a,b) test_granted_access(a,b,0,__LINE__)
2870#define TEST_GRANTED_ACCESS2(a,b,c) test_granted_access(a,b,c,__LINE__)
2877 if (!pNtQueryObject)
2879 skip_(__FILE__,
line)(
"Not NT platform - skipping tests\n");
2884 sizeof(obj_info),
NULL );
2888 obj_info.
GrantedAccess == alt,
"Granted access should be 0x%08x "
2895#define CHECK_SET_SECURITY(o,i,e) \
2899 SetLastError( 0xdeadbeef ); \
2900 res_ = SetKernelObjectSecurity( o, i, SecurityDescriptor ); \
2901 err = GetLastError(); \
2902 if (e == ERROR_SUCCESS) \
2903 ok(res_, "SetKernelObjectSecurity failed with %d\n", err); \
2905 ok(!res_ && err == e, "SetKernelObjectSecurity should have failed " \
2906 "with %s, instead of %d\n", #e, err); \
2932 win_skip(
"ACLs not implemented - skipping tests\n");
2938 res =
AllocateAndInitializeSid( &SIDAuthWorld, 1,
SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &EveryoneSid);
2951 ok(!
res,
"Expected failure, got %d\n",
res);
2953 "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n",
GetLastError());
2962 ok(!
res,
"Expected failure, got %d\n",
res);
2964 "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n",
GetLastError());
2969 UsersSid =
group->PrimaryGroup;
2973 dom_size =
sizeof(
domain);
2975 ok(
ret,
"LookupAccountSid failed with %d\n",
ret);
2980 ok(!
res,
"Expected failure, got %d\n",
res);
2982 "Expected ERROR_INSUFFICIENT_BUFFER, got %d\n",
GetLastError());
2987 UserSid =
user->User.Sid;
2989 ok(
EqualPrefixSid(UsersSid, UserSid),
"TokenPrimaryGroup Sid and TokenUser Sid don't match.\n");
3061 psa.nLength =
sizeof(
psa);