ReactOS  0.4.13-dev-92-gf251225
sec.c
Go to the documentation of this file.
1 /*
2  * COPYRIGHT: See COPYING in the top level directory
3  * PROJECT: ReactOS system libraries
4  * FILE: lib/advapi32/sec/sec.c
5  * PURPOSE: Security descriptor functions
6  * PROGRAMMER: Ariadne ( ariadne@xs4all.nl)
7  * Steven Edwards ( Steven_Ed4153@yahoo.com )
8  * Andrew Greenwood ( silverblade_uk@hotmail.com )
9  * UPDATE HISTORY:
10  * Created 01/11/98
11  */
12 
13 #include <advapi32.h>
15 
16 /*
17  * @implemented
18  */
19 BOOL
20 WINAPI
23  LPDWORD lpdwRevision)
24 {
26 
27  Status = RtlGetControlSecurityDescriptor(pSecurityDescriptor,
28  pControl,
29  (PULONG)lpdwRevision);
30  if (!NT_SUCCESS(Status))
31  {
33  return FALSE;
34  }
35 
36  return TRUE;
37 }
38 
39 
40 /*
41  * @implemented
42  */
43 BOOL
44 WINAPI
46  LPBOOL lpbDaclPresent,
47  PACL *pDacl,
48  LPBOOL lpbDaclDefaulted)
49 {
53 
54  Status = RtlGetDaclSecurityDescriptor(pSecurityDescriptor,
55  &DaclPresent,
56  pDacl,
57  &DaclDefaulted);
58  *lpbDaclPresent = (BOOL)DaclPresent;
59  *lpbDaclDefaulted = (BOOL)DaclDefaulted;
60 
61  if (!NT_SUCCESS(Status))
62  {
64  return FALSE;
65  }
66 
67  return TRUE;
68 }
69 
70 
71 /*
72  * @implemented
73  */
74 BOOL
75 WINAPI
77  PSID *pGroup,
78  LPBOOL lpbGroupDefaulted)
79 {
82 
83  Status = RtlGetGroupSecurityDescriptor(pSecurityDescriptor,
84  pGroup,
86  *lpbGroupDefaulted = (BOOL)GroupDefaulted;
87 
88  if (!NT_SUCCESS(Status))
89  {
91  return FALSE;
92  }
93 
94  return TRUE;
95 }
96 
97 
98 /*
99  * @implemented
100  */
101 BOOL
102 WINAPI
104  PSID *pOwner,
105  LPBOOL lpbOwnerDefaulted)
106 {
109 
110  Status = RtlGetOwnerSecurityDescriptor(pSecurityDescriptor,
111  pOwner,
112  &OwnerDefaulted);
113  *lpbOwnerDefaulted = (BOOL)OwnerDefaulted;
114 
115  if (!NT_SUCCESS(Status))
116  {
118  return FALSE;
119  }
120 
121  return TRUE;
122 }
123 
124 
125 /*
126  * @implemented
127  */
128 DWORD
129 WINAPI
131  PUCHAR RMControl)
132 {
134  RMControl))
135  return ERROR_INVALID_DATA;
136 
137  return ERROR_SUCCESS;
138 }
139 
140 
141 /*
142  * @implemented
143  */
144 BOOL
145 WINAPI
147  LPBOOL lpbSaclPresent,
148  PACL *pSacl,
149  LPBOOL lpbSaclDefaulted)
150 {
154 
155  Status = RtlGetSaclSecurityDescriptor(pSecurityDescriptor,
156  &SaclPresent,
157  pSacl,
158  &SaclDefaulted);
159  *lpbSaclPresent = (BOOL)SaclPresent;
160  *lpbSaclDefaulted = (BOOL)SaclDefaulted;
161 
162  if (!NT_SUCCESS(Status))
163  {
165  return FALSE;
166  }
167 
168  return TRUE;
169 }
170 
171 /*
172  * @implemented
173  */
174 BOOL
175 WINAPI
177 {
178  BOOLEAN Result;
179 
180  Result = RtlValidSecurityDescriptor (pSecurityDescriptor);
181  if (Result == FALSE)
183 
184  return (BOOL)Result;
185 }
186 
187 /*
188  * @implemented
189  */
190 BOOL
191 WINAPI
192 MakeAbsoluteSD2(IN OUT PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
193  OUT LPDWORD lpdwBufferSize)
194 {
196 
197  Status = RtlSelfRelativeToAbsoluteSD2(pSelfRelativeSecurityDescriptor,
198  lpdwBufferSize);
199  if (!NT_SUCCESS(Status))
200  {
202  return FALSE;
203  }
204 
205  return TRUE;
206 }
207 
208 
209 /*
210  * @implemented
211  */
212 BOOL
213 WINAPI
214 MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
215  PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
217 {
219 
220  Status = RtlAbsoluteToSelfRelativeSD(pAbsoluteSecurityDescriptor,
221  pSelfRelativeSecurityDescriptor,
223  if (!NT_SUCCESS(Status))
224  {
226  return FALSE;
227  }
228 
229  return TRUE;
230 }
231 
232 
233 /*
234  * @implemented
235  */
236 BOOL
237 WINAPI
239  SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest,
240  SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet)
241 {
243 
244  Status = RtlSetControlSecurityDescriptor(pSecurityDescriptor,
245  ControlBitsOfInterest,
246  ControlBitsToSet);
247  if (!NT_SUCCESS(Status))
248  {
250  return FALSE;
251  }
252 
253  return TRUE;
254 }
255 
256 
257 /*
258  * @implemented
259  */
260 BOOL
261 WINAPI
263  BOOL bDaclPresent,
264  PACL pDacl,
265  BOOL bDaclDefaulted)
266 {
268 
269  Status = RtlSetDaclSecurityDescriptor(pSecurityDescriptor,
270  bDaclPresent,
271  pDacl,
272  bDaclDefaulted);
273  if (!NT_SUCCESS(Status))
274  {
276  return FALSE;
277  }
278 
279  return TRUE;
280 }
281 
282 
283 /*
284  * @implemented
285  */
286 BOOL
287 WINAPI
289  PSID pGroup,
290  BOOL bGroupDefaulted)
291 {
293 
294  Status = RtlSetGroupSecurityDescriptor(pSecurityDescriptor,
295  pGroup,
296  bGroupDefaulted);
297  if (!NT_SUCCESS(Status))
298  {
300  return FALSE;
301  }
302 
303  return TRUE;
304 }
305 
306 
307 /*
308  * @implemented
309  */
310 BOOL
311 WINAPI
313  PSID pOwner,
314  BOOL bOwnerDefaulted)
315 {
317 
318  Status = RtlSetOwnerSecurityDescriptor(pSecurityDescriptor,
319  pOwner,
320  bOwnerDefaulted);
321  if (!NT_SUCCESS(Status))
322  {
324  return FALSE;
325  }
326 
327  return TRUE;
328 }
329 
330 
331 /*
332  * @implemented
333  */
334 DWORD
335 WINAPI
337  PUCHAR RMControl)
338 {
340  RMControl);
341 
342  return ERROR_SUCCESS;
343 }
344 
345 
346 /*
347  * @implemented
348  */
349 BOOL
350 WINAPI
352  BOOL bSaclPresent,
353  PACL pSacl,
354  BOOL bSaclDefaulted)
355 {
357 
358  Status = RtlSetSaclSecurityDescriptor(pSecurityDescriptor,
359  bSaclPresent,
360  pSacl,
361  bSaclDefaulted);
362  if (!NT_SUCCESS(Status))
363  {
365  return FALSE;
366  }
367 
368  return TRUE;
369 }
370 
371 
372 /*
373  * @implemented
374  */
375 VOID
376 WINAPI
379 {
380  *DesiredAccess = 0;
381 
384  {
386  }
387 
390 }
391 
392 
393 /*
394  * @implemented
395  */
396 VOID
397 WINAPI
400 {
401  *DesiredAccess = 0;
402 
405 
408 
411 }
412 
413 
414 /*
415  * @unimplemented
416  */
417 BOOL
418 WINAPI
420  IN PSECURITY_DESCRIPTOR CurrentSecurityDescriptor,
421  OUT PSECURITY_DESCRIPTOR* NewSecurityDescriptor,
422  IN GUID* ObjectType,
425 {
427  return FALSE;
428 }
429 
430 
431 /*
432  * @unimplemented
433  */
434 DWORD
435 WINAPI
437  IN PTRUSTEE_W pGroup OPTIONAL,
438  IN ULONG cCountOfAccessEntries,
439  IN PEXPLICIT_ACCESS_W pListOfAccessEntries OPTIONAL,
440  IN ULONG cCountOfAuditEntries,
441  IN PEXPLICIT_ACCESS_W pListOfAuditEntries OPTIONAL,
443  OUT PULONG pSizeNewSD,
444  OUT PSECURITY_DESCRIPTOR* pNewSD)
445 {
447  return FALSE;
448 }
449 
450 
451 /*
452  * @unimplemented
453  */
454 DWORD
455 WINAPI
457  IN PTRUSTEE_A pGroup OPTIONAL,
458  IN ULONG cCountOfAccessEntries,
459  IN PEXPLICIT_ACCESS_A pListOfAccessEntries OPTIONAL,
460  IN ULONG cCountOfAuditEntries,
461  IN PEXPLICIT_ACCESS_A pListOfAuditEntries OPTIONAL,
463  OUT PULONG pSizeNewSD,
464  OUT PSECURITY_DESCRIPTOR* pNewSD)
465 {
467  return FALSE;
468 }
469 
470 /* EOF */
ObjectType
Definition: metafile.c:80
NTSYSAPI BOOLEAN NTAPI RtlValidSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor)
Definition: sd.c:1055
#define IN
Definition: typedefs.h:38
NTSYSAPI VOID NTAPI RtlSetSecurityDescriptorRMControl(_Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ PUCHAR RMControl)
_In_opt_ PSID _In_opt_ BOOLEAN OwnerDefaulted
Definition: rtlfuncs.h:1630
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_SECURITY_DESCR
Definition: ntstatus.h:343
NTSYSAPI NTSTATUS NTAPI RtlGetControlSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PSECURITY_DESCRIPTOR_CONTROL Control, _Out_ PULONG Revision)
WORD * PSECURITY_DESCRIPTOR_CONTROL
Definition: lsa.idl:37
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
Definition: sd.c:410
BOOL WINAPI IsValidSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor)
Definition: sec.c:176
#define ERROR_SUCCESS
Definition: deptool.c:10
_In_ BOOLEAN _In_opt_ PACL _In_opt_ BOOLEAN DaclDefaulted
Definition: rtlfuncs.h:1595
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
Definition: sec.c:45
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
VOID WINAPI QuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation, OUT LPDWORD DesiredAccess)
Definition: sec.c:377
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
_In_opt_ PSECURITY_DESCRIPTOR _Out_ PSECURITY_DESCRIPTOR _In_ BOOLEAN IsDirectoryObject
Definition: sefuncs.h:29
unsigned char * PUCHAR
Definition: retypes.h:3
LONG NTSTATUS
Definition: precomp.h:26
BOOL WINAPI MakeAbsoluteSD2(IN OUT PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, OUT LPDWORD lpdwBufferSize)
Definition: sec.c:192
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
#define WRITE_OWNER
Definition: nt_native.h:60
#define BOOL
Definition: nt_native.h:43
DWORD WINAPI GetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor, PUCHAR RMControl)
Definition: sec.c:130
BOOL WINAPI GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pGroup, LPBOOL lpbGroupDefaulted)
Definition: sec.c:76
_In_ BOOLEAN DaclPresent
Definition: rtlfuncs.h:1595
NTSYSAPI NTSTATUS NTAPI RtlGetDaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN DaclPresent, _Out_ PACL *Dacl, _Out_ PBOOLEAN DaclDefaulted)
NTSYSAPI NTSTATUS NTAPI RtlSetControlSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest, _In_ SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet)
BOOL WINAPI GetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pOwner, LPBOOL lpbOwnerDefaulted)
Definition: sec.c:103
NTSYSAPI NTSTATUS NTAPI RtlGetGroupSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, OUT PSID *Group, OUT PBOOLEAN GroupDefaulted)
Definition: sd.c:280
DWORD WINAPI BuildSecurityDescriptorW(IN PTRUSTEE_W pOwner OPTIONAL, IN PTRUSTEE_W pGroup OPTIONAL, IN ULONG cCountOfAccessEntries, IN PEXPLICIT_ACCESS_W pListOfAccessEntries OPTIONAL, IN ULONG cCountOfAuditEntries, IN PEXPLICIT_ACCESS_W pListOfAuditEntries OPTIONAL, IN PSECURITY_DESCRIPTOR pOldSD OPTIONAL, OUT PULONG pSizeNewSD, OUT PSECURITY_DESCRIPTOR *pNewSD)
Definition: sec.c:436
unsigned int BOOL
Definition: ntddk_ex.h:94
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
BOOL WINAPI GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
Definition: sec.c:21
WORD SECURITY_DESCRIPTOR_CONTROL
Definition: lsa.idl:37
NTSYSAPI NTSTATUS NTAPI RtlAbsoluteToSelfRelativeSD(IN PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, IN PULONG BufferLength)
Definition: sd.c:626
_Out_ PBOOLEAN SaclPresent
Definition: rtlfuncs.h:2415
unsigned char BOOLEAN
DWORD WINAPI SetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor, PUCHAR RMControl)
Definition: sec.c:336
DWORD WINAPI BuildSecurityDescriptorA(IN PTRUSTEE_A pOwner OPTIONAL, IN PTRUSTEE_A pGroup OPTIONAL, IN ULONG cCountOfAccessEntries, IN PEXPLICIT_ACCESS_A pListOfAccessEntries OPTIONAL, IN ULONG cCountOfAuditEntries, IN PEXPLICIT_ACCESS_A pListOfAuditEntries OPTIONAL, IN PSECURITY_DESCRIPTOR pOldSD OPTIONAL, OUT PULONG pSizeNewSD, OUT PSECURITY_DESCRIPTOR *pNewSD)
Definition: sec.c:456
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:426
BOOL WINAPI ConvertToAutoInheritPrivateObjectSecurity(IN PSECURITY_DESCRIPTOR ParentDescriptor, IN PSECURITY_DESCRIPTOR CurrentSecurityDescriptor, OUT PSECURITY_DESCRIPTOR *NewSecurityDescriptor, IN GUID *ObjectType, IN BOOLEAN IsDirectoryObject, IN PGENERIC_MAPPING GenericMapping)
Definition: sec.c:419
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1339
NTSYSAPI NTSTATUS NTAPI RtlSetSaclSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN SaclPresent, IN PACL Sacl, IN BOOLEAN SaclDefaulted)
Definition: sd.c:342
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define WINAPI
Definition: msvc.h:8
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126
unsigned long DWORD
Definition: ntddk_ex.h:95
#define WRITE_DAC
Definition: nt_native.h:59
#define SetLastError(x)
Definition: compat.h:409
#define READ_CONTROL
Definition: nt_native.h:58
NTSYSAPI BOOLEAN NTAPI RtlGetSecurityDescriptorRMControl(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PUCHAR RMControl)
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
WINE_DEFAULT_DEBUG_CHANNEL(advapi)
Status
Definition: gdiplustypes.h:24
#define ERROR_INVALID_DATA
Definition: winerror.h:116
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
static GENERIC_MAPPING GenericMapping
Definition: SeInheritance.c:11
BOOL * LPBOOL
Definition: windef.h:162
NTSYSAPI NTSTATUS NTAPI RtlGetSaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN SaclPresent, _Out_ PACL *Sacl, _Out_ PBOOLEAN SaclDefaulted)
NTSYSAPI NTSTATUS NTAPI RtlSelfRelativeToAbsoluteSD2(_Inout_ PSECURITY_DESCRIPTOR SelfRelativeSD, _Out_ PULONG BufferSize)
_In_ PIO_STACK_LOCATION _Inout_ PFILE_OBJECT _Inout_ PVCB _Outptr_result_maybenull_ PDCB _In_ PDCB _In_ PDIRENT _In_ ULONG _In_ ULONG _In_ PUNICODE_STRING _In_ PACCESS_MASK DesiredAccess
Definition: create.c:4157
BOOL WINAPI GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbSaclPresent, PACL *pSacl, LPBOOL lpbSaclDefaulted)
Definition: sec.c:146
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
unsigned int * PULONG
Definition: retypes.h:1
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
Definition: sec.c:262
NTSYSAPI NTSTATUS NTAPI RtlGetOwnerSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, OUT PSID *Owner, OUT PBOOLEAN OwnerDefaulted)
Definition: sd.c:257
BOOL WINAPI MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, LPDWORD lpdwBufferLength)
Definition: sec.c:214
#define OUT
Definition: typedefs.h:39
uint32_t * LPDWORD
Definition: typedefs.h:57
unsigned int ULONG
Definition: retypes.h:1
VOID WINAPI SetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation, OUT LPDWORD DesiredAccess)
Definition: sec.c:398
#define UNIMPLEMENTED
Definition: debug.h:114
_In_ _In_opt_ _Out_writes_bytes_to_opt_ lpdwBufferLength _Inout_ LPDWORD lpdwBufferLength
Definition: winhttp.h:675
BOOL WINAPI SetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID pGroup, BOOL bGroupDefaulted)
Definition: sec.c:288
_Out_ PBOOLEAN _Out_ PACL _Out_ PBOOLEAN SaclDefaulted
Definition: rtlfuncs.h:2415
_In_opt_ PSID _In_opt_ BOOLEAN GroupDefaulted
Definition: rtlfuncs.h:1606
BOOL WINAPI SetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID pOwner, BOOL bOwnerDefaulted)
Definition: sec.c:312
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
BOOL WINAPI SetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bSaclPresent, PACL pSacl, BOOL bSaclDefaulted)
Definition: sec.c:351
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68
BOOL WINAPI SetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest, SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet)
Definition: sec.c:238