ReactOS 0.4.16-dev-1506-g117cd33
security.c
Go to the documentation of this file.
1/*
2 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
3 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
4 * Copyright 2006 Robert Reif
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 *
20 */
21
22#include <stdarg.h>
23#include <string.h>
24
25#include "ntstatus.h"
26#define WIN32_NO_STATUS
27#include "windef.h"
28#include "winbase.h"
29#include "winerror.h"
30#include "winternl.h"
31#include "winioctl.h"
32#include "ddk/ntddk.h"
33
34#include "kernelbase.h"
35#include "wine/debug.h"
36#include "wine/heap.h"
37
38WINE_DEFAULT_DEBUG_CHANNEL(security);
39
40
41/******************************************************************************
42 * SID functions
43 ******************************************************************************/
44
45typedef struct _MAX_SID
46{
47 /* same fields as struct _SID */
48 BYTE Revision;
49 BYTE SubAuthorityCount;
50 SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
51 DWORD SubAuthority[SID_MAX_SUB_AUTHORITIES];
52} MAX_SID;
53
54typedef struct WELLKNOWNSID
55{
56 WELL_KNOWN_SID_TYPE Type;
57 MAX_SID Sid;
58} WELLKNOWNSID;
59
60static const WELLKNOWNSID WellKnownSids[] =
61{
62 { WinNullSid, { SID_REVISION, 1, { SECURITY_NULL_SID_AUTHORITY }, { SECURITY_NULL_RID } } },
63 { WinWorldSid, { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY }, { SECURITY_WORLD_RID } } },
64 { WinLocalSid, { SID_REVISION, 1, { SECURITY_LOCAL_SID_AUTHORITY }, { SECURITY_LOCAL_RID } } },
65 { WinCreatorOwnerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_RID } } },
66 { WinCreatorGroupSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_RID } } },
67 { WinCreatorOwnerRightsSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_RIGHTS_RID } } },
68 { WinCreatorOwnerServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_SERVER_RID } } },
69 { WinCreatorGroupServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_SERVER_RID } } },
70 { WinNtAuthoritySid, { SID_REVISION, 0, { SECURITY_NT_AUTHORITY }, { SECURITY_NULL_RID } } },
71 { WinDialupSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_DIALUP_RID } } },
72 { WinNetworkSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_RID } } },
73 { WinBatchSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BATCH_RID } } },
74 { WinInteractiveSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_INTERACTIVE_RID } } },
75 { WinServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_SERVICE_RID } } },
76 { WinAnonymousSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ANONYMOUS_LOGON_RID } } },
77 { WinProxySid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PROXY_RID } } },
78 { WinEnterpriseControllersSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ENTERPRISE_CONTROLLERS_RID } } },
79 { WinSelfSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PRINCIPAL_SELF_RID } } },
80 { WinAuthenticatedUserSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_AUTHENTICATED_USER_RID } } },
81 { WinRestrictedCodeSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_RESTRICTED_CODE_RID } } },
82 { WinTerminalServerSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_TERMINAL_SERVER_RID } } },
83 { WinRemoteLogonIdSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_REMOTE_LOGON_RID } } },
84 { WinLogonIdsSid, { SID_REVISION, SECURITY_LOGON_IDS_RID_COUNT, { SECURITY_NT_AUTHORITY }, { SECURITY_LOGON_IDS_RID } } },
85 { WinLocalSystemSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SYSTEM_RID } } },
86 { WinLocalServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SERVICE_RID } } },
87 { WinNetworkServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_SERVICE_RID } } },
88 { WinBuiltinDomainSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID } } },
89 { WinBuiltinAdministratorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS } } },
90 { WinBuiltinUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_USERS } } },
91 { WinBuiltinGuestsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_GUESTS } } },
92 { WinBuiltinPowerUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_POWER_USERS } } },
93 { WinBuiltinAccountOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ACCOUNT_OPS } } },
94 { WinBuiltinSystemOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_SYSTEM_OPS } } },
95 { WinBuiltinPrintOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PRINT_OPS } } },
96 { WinBuiltinBackupOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_BACKUP_OPS } } },
97 { WinBuiltinReplicatorSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REPLICATOR } } },
98 { WinBuiltinPreWindows2000CompatibleAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PREW2KCOMPACCESS } } },
99 { WinBuiltinRemoteDesktopUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS } } },
100 { WinBuiltinNetworkConfigurationOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS } } },
101 { WinNTLMAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_NTLM_RID } } },
102 { WinDigestAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_DIGEST_RID } } },
103 { WinSChannelAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_SCHANNEL_RID } } },
104 { WinThisOrganizationSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_THIS_ORGANIZATION_RID } } },
105 { WinOtherOrganizationSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_OTHER_ORGANIZATION_RID } } },
106 { WinBuiltinIncomingForestTrustBuildersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS } } },
107 { WinBuiltinPerfMonitoringUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_MONITORING_USERS } } },
108 { WinBuiltinPerfLoggingUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_LOGGING_USERS } } },
109 { WinBuiltinAuthorizationAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS } } },
110 { WinBuiltinTerminalServerLicenseServersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS } } },
111 { WinBuiltinDCOMUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_DCOM_USERS } } },
112 { WinLowLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_LOW_RID} } },
113 { WinMediumLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_MEDIUM_RID } } },
114 { WinHighLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_HIGH_RID } } },
115 { WinSystemLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_SYSTEM_RID } } },
116 { WinBuiltinAnyPackageSid, { SID_REVISION, 2, { SECURITY_APP_PACKAGE_AUTHORITY }, { SECURITY_APP_PACKAGE_BASE_RID, SECURITY_BUILTIN_PACKAGE_ANY_PACKAGE } } },
117};
118
119/* these SIDs must be constructed as relative to some domain - only the RID is well-known */
120typedef struct WELLKNOWNRID
121{
122 WELL_KNOWN_SID_TYPE Type;
123 DWORD Rid;
124} WELLKNOWNRID;
125
126static const WELLKNOWNRID WellKnownRids[] =
127{
128 { WinAccountAdministratorSid, DOMAIN_USER_RID_ADMIN },
129 { WinAccountGuestSid, DOMAIN_USER_RID_GUEST },
130 { WinAccountKrbtgtSid, DOMAIN_USER_RID_KRBTGT },
131 { WinAccountDomainAdminsSid, DOMAIN_GROUP_RID_ADMINS },
132 { WinAccountDomainUsersSid, DOMAIN_GROUP_RID_USERS },
133 { WinAccountDomainGuestsSid, DOMAIN_GROUP_RID_GUESTS },
134 { WinAccountComputersSid, DOMAIN_GROUP_RID_COMPUTERS },
135 { WinAccountControllersSid, DOMAIN_GROUP_RID_CONTROLLERS },
136 { WinAccountCertAdminsSid, DOMAIN_GROUP_RID_CERT_ADMINS },
137 { WinAccountSchemaAdminsSid, DOMAIN_GROUP_RID_SCHEMA_ADMINS },
138 { WinAccountEnterpriseAdminsSid, DOMAIN_GROUP_RID_ENTERPRISE_ADMINS },
139 { WinAccountPolicyAdminsSid, DOMAIN_GROUP_RID_POLICY_ADMINS },
140 { WinAccountRasAndIasServersSid, DOMAIN_ALIAS_RID_RAS_SERVERS },
141};
142
143static NTSTATUS open_file( LPCWSTR name, DWORD access, HANDLE *file )
144{
145 UNICODE_STRING file_nameW;
146 OBJECT_ATTRIBUTES attr;
147 IO_STATUS_BLOCK io;
148 NTSTATUS status;
149
150 if ((status = RtlDosPathNameToNtPathName_U_WithStatus( name, &file_nameW, NULL, NULL ))) return status;
151 attr.Length = sizeof(attr);
152 attr.RootDirectory = 0;
153 attr.Attributes = OBJ_CASE_INSENSITIVE;
154 attr.ObjectName = &file_nameW;
155 attr.SecurityDescriptor = NULL;
156 status = NtCreateFile( file, access|SYNCHRONIZE, &attr, &io, NULL, FILE_FLAG_BACKUP_SEMANTICS,
157 FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN,
158 FILE_OPEN_FOR_BACKUP_INTENT, NULL, 0 );
159 RtlFreeUnicodeString( &file_nameW );
160 return status;
161}
162
163static const char *debugstr_sid( PSID sid )
164{
165 int auth;
166 SID * psid = sid;
167
168 if (psid == NULL) return "(null)";
169
170 auth = psid->IdentifierAuthority.Value[5] +
171 (psid->IdentifierAuthority.Value[4] << 8) +
172 (psid->IdentifierAuthority.Value[3] << 16) +
173 (psid->IdentifierAuthority.Value[2] << 24);
174
175 switch (psid->SubAuthorityCount) {
176 case 0:
177 return wine_dbg_sprintf("S-%d-%d", psid->Revision, auth);
178 case 1:
179 return wine_dbg_sprintf("S-%d-%d-%lu", psid->Revision, auth,
180 psid->SubAuthority[0]);
181 case 2:
182 return wine_dbg_sprintf("S-%d-%d-%lu-%lu", psid->Revision, auth,
183 psid->SubAuthority[0], psid->SubAuthority[1]);
184 case 3:
185 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu", psid->Revision, auth,
186 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2]);
187 case 4:
188 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu", psid->Revision, auth,
189 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
190 psid->SubAuthority[3]);
191 case 5:
192 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
193 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
194 psid->SubAuthority[3], psid->SubAuthority[4]);
195 case 6:
196 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
197 psid->SubAuthority[3], psid->SubAuthority[1], psid->SubAuthority[2],
198 psid->SubAuthority[0], psid->SubAuthority[4], psid->SubAuthority[5]);
199 case 7:
200 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
201 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
202 psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
203 psid->SubAuthority[6]);
204 case 8:
205 return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth,
206 psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2],
207 psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5],
208 psid->SubAuthority[6], psid->SubAuthority[7]);
209 }
210 return "(too-big)";
211}
212
213/******************************************************************************
214 * AllocateAndInitializeSid (kernelbase.@)
215 */
216BOOL WINAPI AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY auth, BYTE count,
217 DWORD auth0, DWORD auth1, DWORD auth2, DWORD auth3,
218 DWORD auth4, DWORD auth5, DWORD auth6, DWORD auth7, PSID *sid )
219{
220 return set_ntstatus( RtlAllocateAndInitializeSid( auth, count, auth0, auth1, auth2, auth3,
221 auth4, auth5, auth6, auth7, sid ));
222}
223
224/***********************************************************************
225 * AllocateLocallyUniqueId (kernelbase.@)
226 */
227BOOL WINAPI AllocateLocallyUniqueId( PLUID luid )
228{
229 return set_ntstatus( NtAllocateLocallyUniqueId( luid ));
230}
231
232/******************************************************************************
233 * CopySid (kernelbase.@)
234 */
235BOOL WINAPI CopySid( DWORD len, PSID dest, PSID source )
236{
237 return RtlCopySid( len, dest, source );
238}
239
240/******************************************************************************
241 * EqualPrefixSid (kernelbase.@)
242 */
243BOOL WINAPI EqualPrefixSid( PSID sid1, PSID sid2 )
244{
245 return RtlEqualPrefixSid( sid1, sid2 );
246}
247
248/******************************************************************************
249 * EqualSid (kernelbase.@)
250 */
251BOOL WINAPI EqualSid( PSID sid1, PSID sid2 )
252{
253 BOOL ret = RtlEqualSid( sid1, sid2 );
254 SetLastError(ERROR_SUCCESS);
255 return ret;
256}
257
258/******************************************************************************
259 * EqualDomainSid (kernelbase.@)
260 */
261BOOL WINAPI EqualDomainSid( PSID sid1, PSID sid2, BOOL *equal )
262{
263 MAX_SID builtin_sid, domain_sid1, domain_sid2;
264 DWORD size;
265
266 TRACE( "(%p,%p,%p)\n", sid1, sid2, equal );
267
268 if (!IsValidSid( sid1 ) || !IsValidSid( sid2 ))
269 {
270 SetLastError( ERROR_INVALID_SID );
271 return FALSE;
272 }
273
274 if (!equal)
275 {
276 SetLastError( ERROR_INVALID_PARAMETER );
277 return FALSE;
278 }
279
280 size = sizeof(domain_sid1);
281 if (GetWindowsAccountDomainSid( sid1, &domain_sid1, &size ))
282 {
283 size = sizeof(domain_sid2);
284 if (GetWindowsAccountDomainSid( sid2, &domain_sid2, &size ))
285 {
286 *equal = EqualSid( &domain_sid1, &domain_sid2 );
287 SetLastError( 0 );
288 return TRUE;
289 }
290 }
291
292 size = sizeof(builtin_sid);
293 if (!CreateWellKnownSid( WinBuiltinDomainSid, NULL, &builtin_sid, &size ))
294 return FALSE;
295
296 if (!memcmp(GetSidIdentifierAuthority( sid1 )->Value, builtin_sid.IdentifierAuthority.Value, sizeof(builtin_sid.IdentifierAuthority.Value)) &&
297 !memcmp(GetSidIdentifierAuthority( sid2 )->Value, builtin_sid.IdentifierAuthority.Value, sizeof(builtin_sid.IdentifierAuthority.Value)))
298 {
299 if (*GetSidSubAuthorityCount( sid1 ) != 0 && *GetSidSubAuthorityCount( sid2 ) != 0 &&
300 (*GetSidSubAuthority( sid1, 0 ) == SECURITY_BUILTIN_DOMAIN_RID ||
301 *GetSidSubAuthority( sid2, 0 ) == SECURITY_BUILTIN_DOMAIN_RID))
302 {
303 *equal = EqualSid( sid1, sid2 );
304 SetLastError( 0 );
305 return TRUE;
306 }
307 }
308
309 SetLastError( ERROR_NON_DOMAIN_SID );
310 return FALSE;
311}
312
313/******************************************************************************
314 * FreeSid (kernelbase.@)
315 */
316void * WINAPI FreeSid( PSID pSid )
317{
318 RtlFreeSid(pSid);
319 return NULL; /* is documented like this */
320}
321
322/******************************************************************************
323 * GetLengthSid (kernelbase.@)
324 */
325DWORD WINAPI GetLengthSid( PSID sid )
326{
327 return RtlLengthSid( sid );
328}
329
330/******************************************************************************
331 * GetSidIdentifierAuthority (kernelbase.@)
332 */
333PSID_IDENTIFIER_AUTHORITY WINAPI GetSidIdentifierAuthority( PSID sid )
334{
335 SetLastError(ERROR_SUCCESS);
336 return RtlIdentifierAuthoritySid( sid );
337}
338
339/******************************************************************************
340 * GetSidLengthRequired (kernelbase.@)
341 */
342DWORD WINAPI GetSidLengthRequired( BYTE count )
343{
344 return RtlLengthRequiredSid( count );
345}
346
347/******************************************************************************
348 * GetSidSubAuthority (kernelbase.@)
349 */
350PDWORD WINAPI GetSidSubAuthority( PSID sid, DWORD auth )
351{
352 SetLastError(ERROR_SUCCESS);
353 return RtlSubAuthoritySid( sid, auth );
354}
355
356/******************************************************************************
357 * GetSidSubAuthorityCount (kernelbase.@)
358 */
359PUCHAR WINAPI GetSidSubAuthorityCount( PSID sid )
360{
361 SetLastError(ERROR_SUCCESS);
362 return RtlSubAuthorityCountSid( sid );
363}
364
365/******************************************************************************
366 * GetWindowsAccountDomainSid (kernelbase.@)
367 */
368BOOL WINAPI GetWindowsAccountDomainSid( PSID sid, PSID domain_sid, DWORD *size )
369{
370 SID_IDENTIFIER_AUTHORITY domain_ident = { SECURITY_NT_AUTHORITY };
371 DWORD required_size;
372 int i;
373
374 FIXME( "(%p %p %p): semi-stub\n", sid, domain_sid, size );
375
376 if (!sid || !IsValidSid( sid ))
377 {
378 SetLastError( ERROR_INVALID_SID );
379 return FALSE;
380 }
381
382 if (!size)
383 {
384 SetLastError( ERROR_INVALID_PARAMETER );
385 return FALSE;
386 }
387
388 if (*GetSidSubAuthorityCount( sid ) < 4)
389 {
390 SetLastError( ERROR_INVALID_SID );
391 return FALSE;
392 }
393
394 required_size = GetSidLengthRequired( 4 );
395 if (*size < required_size || !domain_sid)
396 {
397 *size = required_size;
398 SetLastError( domain_sid ? ERROR_INSUFFICIENT_BUFFER : ERROR_INVALID_PARAMETER );
399 return FALSE;
400 }
401
402 InitializeSid( domain_sid, &domain_ident, 4 );
403 for (i = 0; i < 4; i++)
404 *GetSidSubAuthority( domain_sid, i ) = *GetSidSubAuthority( sid, i );
405
406 *size = required_size;
407 return TRUE;
408}
409
410/******************************************************************************
411 * InitializeSid (kernelbase.@)
412 */
413BOOL WINAPI InitializeSid ( PSID sid, PSID_IDENTIFIER_AUTHORITY auth, BYTE count )
414{
415 return set_ntstatus(RtlInitializeSid( sid, auth, count ));
416}
417
418/******************************************************************************
419 * IsValidSid (kernelbase.@)
420 */
421BOOL WINAPI IsValidSid( PSID sid )
422{
423 return RtlValidSid( sid );
424}
425
426/******************************************************************************
427 * CreateWellKnownSid (kernelbase.@)
428 */
429BOOL WINAPI CreateWellKnownSid( WELL_KNOWN_SID_TYPE type, PSID domain, PSID sid, DWORD *size )
430{
431 unsigned int i;
432
433 TRACE("(%d, %s, %p, %p)\n", type, debugstr_sid(domain), sid, size);
434
435 if (size == NULL || (domain && !IsValidSid(domain)))
436 {
437 SetLastError(ERROR_INVALID_PARAMETER);
438 return FALSE;
439 }
440
441 for (i = 0; i < ARRAY_SIZE(WellKnownSids); i++)
442 {
443 if (WellKnownSids[i].Type == type)
444 {
445 DWORD length = GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount);
446
447 if (*size < length)
448 {
449 *size = length;
450 SetLastError(ERROR_INSUFFICIENT_BUFFER);
451 return FALSE;
452 }
453 if (!sid)
454 {
455 SetLastError(ERROR_INVALID_PARAMETER);
456 return FALSE;
457 }
458 CopyMemory(sid, &WellKnownSids[i].Sid.Revision, length);
459 *size = length;
460 return TRUE;
461 }
462 }
463
464 if (domain == NULL || *GetSidSubAuthorityCount(domain) == SID_MAX_SUB_AUTHORITIES)
465 {
466 SetLastError(ERROR_INVALID_PARAMETER);
467 return FALSE;
468 }
469
470 for (i = 0; i < ARRAY_SIZE(WellKnownRids); i++)
471 {
472 if (WellKnownRids[i].Type == type)
473 {
474 UCHAR domain_subauth = *GetSidSubAuthorityCount(domain);
475 DWORD domain_sid_length = GetSidLengthRequired(domain_subauth);
476 DWORD output_sid_length = GetSidLengthRequired(domain_subauth + 1);
477
478 if (*size < output_sid_length)
479 {
480 *size = output_sid_length;
481 SetLastError(ERROR_INSUFFICIENT_BUFFER);
482 return FALSE;
483 }
484 if (!sid)
485 {
486 SetLastError(ERROR_INVALID_PARAMETER);
487 return FALSE;
488 }
489 CopyMemory(sid, domain, domain_sid_length);
490 (*GetSidSubAuthorityCount(sid))++;
491 (*GetSidSubAuthority(sid, domain_subauth)) = WellKnownRids[i].Rid;
492 *size = output_sid_length;
493 return TRUE;
494 }
495 }
496 SetLastError(ERROR_INVALID_PARAMETER);
497 return FALSE;
498}
499
500/******************************************************************************
501 * IsWellKnownSid (kernelbase.@)
502 */
503BOOL WINAPI IsWellKnownSid( PSID sid, WELL_KNOWN_SID_TYPE type )
504{
505 unsigned int i;
506
507 TRACE("(%s, %d)\n", debugstr_sid(sid), type);
508
509 for (i = 0; i < ARRAY_SIZE(WellKnownSids); i++)
510 if (WellKnownSids[i].Type == type)
511 if (EqualSid(sid, (PSID)&WellKnownSids[i].Sid.Revision))
512 return TRUE;
513
514 return FALSE;
515}
516
517
518/******************************************************************************
519 * Token functions
520 ******************************************************************************/
521
522
523/******************************************************************************
524 * AdjustTokenGroups (kernelbase.@)
525 */
526BOOL WINAPI AdjustTokenGroups( HANDLE token, BOOL reset, PTOKEN_GROUPS new,
527 DWORD len, PTOKEN_GROUPS prev, PDWORD ret_len )
528{
529 return set_ntstatus( NtAdjustGroupsToken( token, reset, new, len, prev, ret_len ));
530}
531
532/******************************************************************************
533 * AdjustTokenPrivileges (kernelbase.@)
534 */
535BOOL WINAPI AdjustTokenPrivileges( HANDLE token, BOOL disable, PTOKEN_PRIVILEGES new, DWORD len,
536 PTOKEN_PRIVILEGES prev, PDWORD ret_len )
537{
538 NTSTATUS status;
539
540 TRACE("(%p %d %p %ld %p %p)\n", token, disable, new, len, prev, ret_len );
541
542 status = NtAdjustPrivilegesToken( token, disable, new, len, prev, ret_len );
543 SetLastError( RtlNtStatusToDosError( status ));
544 return (status == STATUS_SUCCESS) || (status == STATUS_NOT_ALL_ASSIGNED);
545}
546
547/******************************************************************************
548 * CheckTokenMembership (kernelbase.@)
549 */
550BOOL WINAPI CheckTokenMembership( HANDLE token, PSID sid_to_check, PBOOL is_member )
551{
552 PTOKEN_GROUPS token_groups = NULL;
553 HANDLE thread_token = NULL;
554 DWORD size, i;
555 BOOL ret;
556
557 TRACE("(%p %s %p)\n", token, debugstr_sid(sid_to_check), is_member);
558
559 *is_member = FALSE;
560
561 if (!token)
562 {
563 if (!OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, TRUE, &thread_token))
564 {
565 HANDLE process_token;
566 ret = OpenProcessToken(GetCurrentProcess(), TOKEN_DUPLICATE, &process_token);
567 if (!ret)
568 goto exit;
569 ret = DuplicateTokenEx(process_token, TOKEN_QUERY, NULL, SecurityImpersonation,
570 TokenImpersonation, &thread_token);
571 CloseHandle(process_token);
572 if (!ret)
573 goto exit;
574 }
575 token = thread_token;
576 }
577 else
578 {
579 TOKEN_TYPE type;
580
581 ret = GetTokenInformation(token, TokenType, &type, sizeof(TOKEN_TYPE), &size);
582 if (!ret) goto exit;
583
584 if (type == TokenPrimary)
585 {
586 SetLastError(ERROR_NO_IMPERSONATION_TOKEN);
587 return FALSE;
588 }
589 }
590
591 ret = GetTokenInformation(token, TokenGroups, NULL, 0, &size);
592 if (!ret && GetLastError() != ERROR_INSUFFICIENT_BUFFER)
593 goto exit;
594
595 token_groups = heap_alloc(size);
596 if (!token_groups)
597 {
598 ret = FALSE;
599 goto exit;
600 }
601
602 ret = GetTokenInformation(token, TokenGroups, token_groups, size, &size);
603 if (!ret)
604 goto exit;
605
606 for (i = 0; i < token_groups->GroupCount; i++)
607 {
608 TRACE("Groups[%ld]: {0x%lx, %s}\n", i,
609 token_groups->Groups[i].Attributes,
610 debugstr_sid(token_groups->Groups[i].Sid));
611 if ((token_groups->Groups[i].Attributes & SE_GROUP_ENABLED) &&
612 EqualSid(sid_to_check, token_groups->Groups[i].Sid))
613 {
614 *is_member = TRUE;
615 TRACE("sid enabled and found in token\n");
616 break;
617 }
618 }
619
620exit:
621 heap_free(token_groups);
622 if (thread_token != NULL) CloseHandle(thread_token);
623 return ret;
624}
625
626/*************************************************************************
627 * CreateRestrictedToken (kernelbase.@)
628 */
629BOOL WINAPI CreateRestrictedToken( HANDLE token, DWORD flags,
630 DWORD disable_sid_count, SID_AND_ATTRIBUTES *disable_sids,
631 DWORD delete_priv_count, LUID_AND_ATTRIBUTES *delete_privs,
632 DWORD restrict_sid_count, SID_AND_ATTRIBUTES *restrict_sids, HANDLE *ret )
633{
634 TOKEN_PRIVILEGES *nt_privs = NULL;
635 TOKEN_GROUPS *nt_disable_sids = NULL, *nt_restrict_sids = NULL;
636 NTSTATUS status = STATUS_NO_MEMORY;
637
638 TRACE("token %p, flags %#lx, disable_sids %lu %p, delete_privs %lu %p, restrict_sids %lu %p, ret %p\n",
639 token, flags, disable_sid_count, disable_sids, delete_priv_count, delete_privs,
640 restrict_sid_count, restrict_sids, ret);
641
642 if (disable_sid_count)
643 {
644 if (!(nt_disable_sids = heap_alloc( offsetof( TOKEN_GROUPS, Groups[disable_sid_count] ) ))) goto out;
645 nt_disable_sids->GroupCount = disable_sid_count;
646 memcpy( nt_disable_sids->Groups, disable_sids, disable_sid_count * sizeof(*disable_sids) );
647 }
648
649 if (delete_priv_count)
650 {
651 if (!(nt_privs = heap_alloc( offsetof( TOKEN_PRIVILEGES, Privileges[delete_priv_count] ) ))) goto out;
652 nt_privs->PrivilegeCount = delete_priv_count;
653 memcpy( nt_privs->Privileges, delete_privs, delete_priv_count * sizeof(*delete_privs) );
654 }
655
656 if (restrict_sid_count)
657 {
658 if (!(nt_restrict_sids = heap_alloc( offsetof( TOKEN_GROUPS, Groups[restrict_sid_count] ) ))) goto out;
659 nt_restrict_sids->GroupCount = restrict_sid_count;
660 memcpy( nt_restrict_sids->Groups, restrict_sids, restrict_sid_count * sizeof(*restrict_sids) );
661 }
662
663 status = NtFilterToken(token, flags, nt_disable_sids, nt_privs, nt_restrict_sids, ret);
664
665out:
666 heap_free(nt_disable_sids);
667 heap_free(nt_privs);
668 heap_free(nt_restrict_sids);
669 return set_ntstatus( status );
670}
671
672/******************************************************************************
673 * DuplicateToken (kernelbase.@)
674 */
675BOOL WINAPI DuplicateToken( HANDLE token, SECURITY_IMPERSONATION_LEVEL level, PHANDLE ret )
676{
677 return DuplicateTokenEx( token, TOKEN_IMPERSONATE|TOKEN_QUERY, NULL, level, TokenImpersonation, ret );
678}
679
680/******************************************************************************
681 * DuplicateTokenEx (kernelbase.@)
682 */
683BOOL WINAPI DuplicateTokenEx( HANDLE token, DWORD access, LPSECURITY_ATTRIBUTES sa,
684 SECURITY_IMPERSONATION_LEVEL level, TOKEN_TYPE type, PHANDLE ret )
685{
686 SECURITY_QUALITY_OF_SERVICE qos;
687 OBJECT_ATTRIBUTES attr;
688
689 TRACE("%p 0x%08lx 0x%08x 0x%08x %p\n", token, access, level, type, ret );
690
691 qos.Length = sizeof(qos);
692 qos.ImpersonationLevel = level;
693 qos.ContextTrackingMode = SECURITY_STATIC_TRACKING;
694 qos.EffectiveOnly = FALSE;
695 InitializeObjectAttributes( &attr, NULL, (sa && sa->bInheritHandle) ? OBJ_INHERIT : 0,
696 NULL, sa ? sa->lpSecurityDescriptor : NULL );
697 attr.SecurityQualityOfService = &qos;
698 return set_ntstatus( NtDuplicateToken( token, access, &attr, FALSE, type, ret ));
699}
700
701/******************************************************************************
702 * GetTokenInformation (kernelbase.@)
703 */
704BOOL WINAPI GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS class,
705 LPVOID info, DWORD len, LPDWORD retlen )
706{
707 TRACE("(%p, %d [%s], %p, %ld, %p):\n",
708 token, class,
709 (class == TokenUser) ? "TokenUser" :
710 (class == TokenGroups) ? "TokenGroups" :
711 (class == TokenPrivileges) ? "TokenPrivileges" :
712 (class == TokenOwner) ? "TokenOwner" :
713 (class == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
714 (class == TokenDefaultDacl) ? "TokenDefaultDacl" :
715 (class == TokenSource) ? "TokenSource" :
716 (class == TokenType) ? "TokenType" :
717 (class == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
718 (class == TokenStatistics) ? "TokenStatistics" :
719 (class == TokenRestrictedSids) ? "TokenRestrictedSids" :
720 (class == TokenSessionId) ? "TokenSessionId" :
721 (class == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
722 (class == TokenSessionReference) ? "TokenSessionReference" :
723 (class == TokenSandBoxInert) ? "TokenSandBoxInert" :
724 (class == TokenElevation) ? "TokenElevation" :
725 (class == TokenElevationType) ? "TokenElevationType" :
726 (class == TokenLinkedToken) ? "TokenLinkedToken" :
727 "Unknown",
728 info, len, retlen);
729
730 return set_ntstatus( NtQueryInformationToken( token, class, info, len, retlen ));
731}
732
733/******************************************************************************
734 * ImpersonateAnonymousToken (kernelbase.@)
735 */
736BOOL WINAPI ImpersonateAnonymousToken( HANDLE thread )
737{
738 TRACE("(%p)\n", thread);
739 return set_ntstatus( NtImpersonateAnonymousToken( thread ) );
740}
741
742/******************************************************************************
743 * ImpersonateLoggedOnUser (kernelbase.@)
744 */
745BOOL WINAPI ImpersonateLoggedOnUser( HANDLE token )
746{
747 DWORD size;
748 BOOL ret;
749 HANDLE dup;
750 TOKEN_TYPE type;
751 static BOOL warn = TRUE;
752
753 if (warn)
754 {
755 FIXME( "(%p)\n", token );
756 warn = FALSE;
757 }
758 if (!GetTokenInformation( token, TokenType, &type, sizeof(type), &size )) return FALSE;
759
760 if (type == TokenPrimary)
761 {
762 if (!DuplicateToken( token, SecurityImpersonation, &dup )) return FALSE;
763 ret = SetThreadToken( NULL, dup );
764 NtClose( dup );
765 }
766 else ret = SetThreadToken( NULL, token );
767
768 return ret;
769}
770
771/******************************************************************************
772 * ImpersonateNamedPipeClient (kernelbase.@)
773 */
774BOOL WINAPI ImpersonateNamedPipeClient( HANDLE pipe )
775{
776 IO_STATUS_BLOCK io_block;
777
778 return set_ntstatus( NtFsControlFile( pipe, NULL, NULL, NULL, &io_block,
779 FSCTL_PIPE_IMPERSONATE, NULL, 0, NULL, 0 ));
780}
781
782/******************************************************************************
783 * ImpersonateSelf (kernelbase.@)
784 */
785BOOL WINAPI ImpersonateSelf( SECURITY_IMPERSONATION_LEVEL level )
786{
787 return set_ntstatus( RtlImpersonateSelf( level ) );
788}
789
790/******************************************************************************
791 * IsTokenRestricted (kernelbase.@)
792 */
793BOOL WINAPI IsTokenRestricted( HANDLE token )
794{
795 TOKEN_GROUPS *groups;
796 DWORD size;
797 NTSTATUS status;
798 BOOL restricted;
799
800 TRACE("(%p)\n", token);
801
802 status = NtQueryInformationToken(token, TokenRestrictedSids, NULL, 0, &size);
803 if (status != STATUS_BUFFER_TOO_SMALL) return set_ntstatus(status);
804
805 groups = heap_alloc(size);
806 if (!groups)
807 {
808 SetLastError(ERROR_OUTOFMEMORY);
809 return FALSE;
810 }
811
812 status = NtQueryInformationToken(token, TokenRestrictedSids, groups, size, &size);
813 if (status != STATUS_SUCCESS)
814 {
815 heap_free(groups);
816 return set_ntstatus(status);
817 }
818
819 restricted = groups->GroupCount > 0;
820 heap_free(groups);
821
822 return restricted;
823}
824
825/******************************************************************************
826 * OpenProcessToken (kernelbase.@)
827 */
828BOOL WINAPI OpenProcessToken( HANDLE process, DWORD access, HANDLE *handle )
829{
830 return set_ntstatus( NtOpenProcessToken( process, access, handle ));
831}
832
833/******************************************************************************
834 * OpenThreadToken (kernelbase.@)
835 */
836BOOL WINAPI OpenThreadToken( HANDLE thread, DWORD access, BOOL self, HANDLE *handle )
837{
838 return set_ntstatus( NtOpenThreadToken( thread, access, self, handle ));
839}
840
841/******************************************************************************
842 * PrivilegeCheck (kernelbase.@)
843 */
844BOOL WINAPI PrivilegeCheck( HANDLE token, PPRIVILEGE_SET privs, LPBOOL result )
845{
846 BOOLEAN res;
847 BOOL ret = set_ntstatus( NtPrivilegeCheck( token, privs, &res ));
848 if (ret) *result = res;
849 return ret;
850}
851
852/******************************************************************************
853 * RevertToSelf (kernelbase.@)
854 */
855BOOL WINAPI RevertToSelf(void)
856{
857 return SetThreadToken( NULL, 0 );
858}
859
860/*************************************************************************
861 * SetThreadToken (kernelbase.@)
862 */
863BOOL WINAPI SetThreadToken( PHANDLE thread, HANDLE token )
864{
865 return set_ntstatus( NtSetInformationThread( thread ? *thread : GetCurrentThread(),
866 ThreadImpersonationToken, &token, sizeof(token) ));
867}
868
869/******************************************************************************
870 * SetTokenInformation (kernelbase.@)
871 */
872BOOL WINAPI SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS class, LPVOID info, DWORD len )
873{
874 TRACE("(%p, %s, %p, %ld)\n",
875 token,
876 (class == TokenUser) ? "TokenUser" :
877 (class == TokenGroups) ? "TokenGroups" :
878 (class == TokenPrivileges) ? "TokenPrivileges" :
879 (class == TokenOwner) ? "TokenOwner" :
880 (class == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
881 (class == TokenDefaultDacl) ? "TokenDefaultDacl" :
882 (class == TokenSource) ? "TokenSource" :
883 (class == TokenType) ? "TokenType" :
884 (class == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
885 (class == TokenStatistics) ? "TokenStatistics" :
886 (class == TokenRestrictedSids) ? "TokenRestrictedSids" :
887 (class == TokenSessionId) ? "TokenSessionId" :
888 (class == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
889 (class == TokenSessionReference) ? "TokenSessionReference" :
890 (class == TokenSandBoxInert) ? "TokenSandBoxInert" :
891 "Unknown",
892 info, len);
893
894 return set_ntstatus( NtSetInformationToken( token, class, info, len ));
895}
896
897
898/******************************************************************************
899 * Security descriptor functions
900 ******************************************************************************/
901
902
903/******************************************************************************
904 * ConvertToAutoInheritPrivateObjectSecurity (kernelbase.@)
905 */
906BOOL WINAPI ConvertToAutoInheritPrivateObjectSecurity( PSECURITY_DESCRIPTOR parent,
907 PSECURITY_DESCRIPTOR current,
908 PSECURITY_DESCRIPTOR *descr,
909 GUID *type, BOOL is_dir,
910 PGENERIC_MAPPING mapping )
911{
912 return set_ntstatus( RtlConvertToAutoInheritSecurityObject( parent, current, descr, type, is_dir, mapping ));
913}
914
915/******************************************************************************
916 * CreateBoundaryDescriptorW (kernelbase.@)
917 */
918HANDLE WINAPI CreateBoundaryDescriptorW( LPCWSTR name, ULONG flags )
919{
920 FIXME("%s %lu - stub\n", debugstr_w(name), flags);
921 return NULL;
922}
923
924/******************************************************************************
925 * CreatePrivateObjectSecurity (kernelbase.@)
926 */
927BOOL WINAPI CreatePrivateObjectSecurity( PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator,
928 PSECURITY_DESCRIPTOR *descr, BOOL is_container, HANDLE token,
929 PGENERIC_MAPPING mapping )
930{
931 return set_ntstatus( RtlNewSecurityObject( parent, creator, descr, is_container, token, mapping ));
932}
933
934/******************************************************************************
935 * CreatePrivateObjectSecurityEx (kernelbase.@)
936 */
937BOOL WINAPI CreatePrivateObjectSecurityEx( PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator,
938 PSECURITY_DESCRIPTOR *descr, GUID *type, BOOL is_container,
939 ULONG flags, HANDLE token, PGENERIC_MAPPING mapping )
940{
941 return set_ntstatus( RtlNewSecurityObjectEx( parent, creator, descr, type, is_container, flags, token, mapping ));
942}
943
944/******************************************************************************
945 * CreatePrivateObjectSecurityWithMultipleInheritance (kernelbase.@)
946 */
947BOOL WINAPI CreatePrivateObjectSecurityWithMultipleInheritance( PSECURITY_DESCRIPTOR parent,
948 PSECURITY_DESCRIPTOR creator,
949 PSECURITY_DESCRIPTOR *descr,
950 GUID **types, ULONG count,
951 BOOL is_container, ULONG flags,
952 HANDLE token, PGENERIC_MAPPING mapping )
953{
954 return set_ntstatus( RtlNewSecurityObjectWithMultipleInheritance( parent, creator, descr, types, count,
955 is_container, flags, token, mapping ));
956}
957
958/******************************************************************************
959 * DestroyPrivateObjectSecurity (kernelbase.@)
960 */
961BOOL WINAPI DestroyPrivateObjectSecurity( PSECURITY_DESCRIPTOR *descr )
962{
963 return set_ntstatus( RtlDeleteSecurityObject( descr ));
964}
965
966/******************************************************************************
967 * GetFileSecurityW (kernelbase.@)
968 */
969BOOL WINAPI GetFileSecurityW( LPCWSTR name, SECURITY_INFORMATION info,
970 PSECURITY_DESCRIPTOR descr, DWORD len, LPDWORD ret_len )
971{
972 HANDLE file;
973 NTSTATUS status;
974 DWORD access = 0;
975
976 TRACE( "(%s,%ld,%p,%ld,%p)\n", debugstr_w(name), info, descr, len, ret_len );
977
978 if (info & (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION))
979 access |= READ_CONTROL;
980 if (info & SACL_SECURITY_INFORMATION)
981 access |= ACCESS_SYSTEM_SECURITY;
982
983 if (!(status = open_file( name, access, &file )))
984 {
985 status = NtQuerySecurityObject( file, info, descr, len, ret_len );
986 NtClose( file );
987 }
988 return set_ntstatus( status );
989}
990
991/******************************************************************************
992 * GetKernelObjectSecurity (kernelbase.@)
993 */
994BOOL WINAPI GetKernelObjectSecurity( HANDLE handle, SECURITY_INFORMATION info,
995 PSECURITY_DESCRIPTOR descr, DWORD len, LPDWORD ret_len )
996{
997 return set_ntstatus( NtQuerySecurityObject( handle, info, descr, len, ret_len ));
998}
999
1000/******************************************************************************
1001 * GetPrivateObjectSecurity (kernelbase.@)
1002 */
1003BOOL WINAPI GetPrivateObjectSecurity( PSECURITY_DESCRIPTOR obj_descr, SECURITY_INFORMATION info,
1004 PSECURITY_DESCRIPTOR ret_descr, DWORD len, PDWORD ret_len )
1005{
1006 SECURITY_DESCRIPTOR desc;
1007 BOOL defaulted, present;
1008 PACL pacl;
1009 PSID psid;
1010
1011 TRACE("(%p,0x%08lx,%p,0x%08lx,%p)\n", obj_descr, info, ret_descr, len, ret_len );
1012
1013 if (!InitializeSecurityDescriptor(&desc, SECURITY_DESCRIPTOR_REVISION)) return FALSE;
1014
1015 if (info & OWNER_SECURITY_INFORMATION)
1016 {
1017 if (!GetSecurityDescriptorOwner(obj_descr, &psid, &defaulted)) return FALSE;
1018 SetSecurityDescriptorOwner(&desc, psid, defaulted);
1019 }
1020 if (info & GROUP_SECURITY_INFORMATION)
1021 {
1022 if (!GetSecurityDescriptorGroup(obj_descr, &psid, &defaulted)) return FALSE;
1023 SetSecurityDescriptorGroup(&desc, psid, defaulted);
1024 }
1025 if (info & DACL_SECURITY_INFORMATION)
1026 {
1027 if (!GetSecurityDescriptorDacl(obj_descr, &present, &pacl, &defaulted)) return FALSE;
1028 SetSecurityDescriptorDacl(&desc, present, pacl, defaulted);
1029 }
1030 if (info & SACL_SECURITY_INFORMATION)
1031 {
1032 if (!GetSecurityDescriptorSacl(obj_descr, &present, &pacl, &defaulted)) return FALSE;
1033 SetSecurityDescriptorSacl(&desc, present, pacl, defaulted);
1034 }
1035
1036 *ret_len = len;
1037 return MakeSelfRelativeSD(&desc, ret_descr, ret_len);
1038}
1039
1040/******************************************************************************
1041 * GetSecurityDescriptorControl (kernelbase.@)
1042 */
1043BOOL WINAPI GetSecurityDescriptorControl( PSECURITY_DESCRIPTOR descr, PSECURITY_DESCRIPTOR_CONTROL control,
1044 LPDWORD revision)
1045{
1046 return set_ntstatus( RtlGetControlSecurityDescriptor( descr, control, revision ));
1047}
1048
1049/******************************************************************************
1050 * GetSecurityDescriptorDacl (kernelbase.@)
1051 */
1052BOOL WINAPI GetSecurityDescriptorDacl( PSECURITY_DESCRIPTOR descr, LPBOOL dacl_present, PACL *dacl,
1053 LPBOOL dacl_defaulted )
1054{
1055 BOOLEAN present, defaulted;
1056 BOOL ret = set_ntstatus( RtlGetDaclSecurityDescriptor( descr, &present, dacl, &defaulted ));
1057 *dacl_present = present;
1058 *dacl_defaulted = defaulted;
1059 return ret;
1060}
1061
1062/******************************************************************************
1063 * GetSecurityDescriptorGroup (kernelbase.@)
1064 */
1065BOOL WINAPI GetSecurityDescriptorGroup( PSECURITY_DESCRIPTOR descr, PSID *group, LPBOOL group_defaulted )
1066{
1067 BOOLEAN defaulted;
1068 BOOL ret = set_ntstatus( RtlGetGroupSecurityDescriptor( descr, group, &defaulted ));
1069 *group_defaulted = defaulted;
1070 return ret;
1071}
1072
1073/******************************************************************************
1074 * GetSecurityDescriptorLength (kernelbase.@)
1075 */
1076DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR descr )
1077{
1078 return RtlLengthSecurityDescriptor( descr );
1079}
1080
1081/******************************************************************************
1082 * GetSecurityDescriptorOwner (kernelbase.@)
1083 */
1084BOOL WINAPI GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR descr, PSID *owner, LPBOOL owner_defaulted )
1085{
1086 BOOLEAN defaulted;
1087 BOOL ret = set_ntstatus( RtlGetOwnerSecurityDescriptor( descr, owner, &defaulted ));
1088 *owner_defaulted = defaulted;
1089 return ret;
1090}
1091
1092/******************************************************************************
1093 * GetSecurityDescriptorSacl (kernelbase.@)
1094 */
1095BOOL WINAPI GetSecurityDescriptorSacl( PSECURITY_DESCRIPTOR descr, LPBOOL sacl_present, PACL *sacl,
1096 LPBOOL sacl_defaulted )
1097{
1098 BOOLEAN present, defaulted;
1099 BOOL ret = set_ntstatus( RtlGetSaclSecurityDescriptor( descr, &present, sacl, &defaulted ));
1100 *sacl_present = present;
1101 *sacl_defaulted = defaulted;
1102 return ret;
1103}
1104
1105/******************************************************************************
1106 * InitializeSecurityDescriptor (kernelbase.@)
1107 */
1108BOOL WINAPI InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR descr, DWORD revision )
1109{
1110 return set_ntstatus( RtlCreateSecurityDescriptor( descr, revision ));
1111}
1112
1113/******************************************************************************
1114 * IsValidSecurityDescriptor (kernelbase.@)
1115 */
1116BOOL WINAPI IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR descr )
1117{
1118 if (!RtlValidSecurityDescriptor( descr ))
1119 return set_ntstatus(STATUS_INVALID_SECURITY_DESCR);
1120
1121 return TRUE;
1122}
1123
1124/******************************************************************************
1125 * MakeAbsoluteSD (kernelbase.@)
1126 */
1127BOOL WINAPI MakeAbsoluteSD ( PSECURITY_DESCRIPTOR rel_descr, PSECURITY_DESCRIPTOR abs_descr,
1128 LPDWORD abs_size, PACL dacl, LPDWORD dacl_size, PACL sacl, LPDWORD sacl_size,
1129 PSID owner, LPDWORD owner_size, PSID group, LPDWORD group_size )
1130{
1131 return set_ntstatus( RtlSelfRelativeToAbsoluteSD( rel_descr, abs_descr, abs_size,
1132 dacl, dacl_size, sacl, sacl_size,
1133 owner, owner_size, group, group_size ));
1134}
1135
1136/******************************************************************************
1137 * MakeSelfRelativeSD (kernelbase.@)
1138 */
1139BOOL WINAPI MakeSelfRelativeSD( PSECURITY_DESCRIPTOR abs_descr, PSECURITY_DESCRIPTOR rel_descr,
1140 LPDWORD len )
1141{
1142 return set_ntstatus( RtlMakeSelfRelativeSD( abs_descr, rel_descr, len ));
1143}
1144
1145/******************************************************************************
1146 * SetFileSecurityW (kernelbase.@)
1147 */
1148BOOL WINAPI SetFileSecurityW( LPCWSTR name, SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr )
1149{
1150 HANDLE file;
1151 DWORD access = 0;
1152 NTSTATUS status;
1153
1154 TRACE( "(%s, 0x%lx, %p)\n", debugstr_w(name), info, descr );
1155
1156 if (info & (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION)) access |= WRITE_OWNER;
1157 if (info & SACL_SECURITY_INFORMATION) access |= ACCESS_SYSTEM_SECURITY;
1158 if (info & DACL_SECURITY_INFORMATION) access |= WRITE_DAC;
1159
1160 if (!(status = open_file( name, access, &file )))
1161 {
1162 status = NtSetSecurityObject( file, info, descr );
1163 NtClose( file );
1164 }
1165 return set_ntstatus( status );
1166}
1167
1168/*************************************************************************
1169 * SetKernelObjectSecurity (kernelbase.@)
1170 */
1171BOOL WINAPI SetKernelObjectSecurity( HANDLE handle, SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr )
1172{
1173 return set_ntstatus( NtSetSecurityObject( handle, info, descr ));
1174}
1175
1176/*************************************************************************
1177 * SetPrivateObjectSecurity (kernelbase.@)
1178 */
1179BOOL WINAPI SetPrivateObjectSecurity( SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr,
1180 PSECURITY_DESCRIPTOR *obj_descr, PGENERIC_MAPPING mapping,
1181 HANDLE token )
1182{
1183 FIXME( "0x%08lx %p %p %p %p - stub\n", info, descr, obj_descr, mapping, token );
1184 return TRUE;
1185}
1186
1187/*************************************************************************
1188 * SetPrivateObjectSecurityEx (kernelbase.@)
1189 */
1190BOOL WINAPI SetPrivateObjectSecurityEx( SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr,
1191 PSECURITY_DESCRIPTOR *obj_descr, ULONG flags,
1192 PGENERIC_MAPPING mapping, HANDLE token )
1193{
1194 FIXME( "0x%08lx %p %p %lu %p %p - stub\n", info, descr, obj_descr, flags, mapping, token );
1195 return TRUE;
1196}
1197
1198/******************************************************************************
1199 * SetSecurityDescriptorControl (kernelbase.@)
1200 */
1201BOOL WINAPI SetSecurityDescriptorControl( PSECURITY_DESCRIPTOR descr, SECURITY_DESCRIPTOR_CONTROL mask,
1202 SECURITY_DESCRIPTOR_CONTROL set )
1203{
1204 return set_ntstatus( RtlSetControlSecurityDescriptor( descr, mask, set ));
1205}
1206
1207/******************************************************************************
1208 * SetSecurityDescriptorDacl (kernelbase.@)
1209 */
1210BOOL WINAPI SetSecurityDescriptorDacl( PSECURITY_DESCRIPTOR descr, BOOL present, PACL dacl, BOOL defaulted )
1211{
1212 return set_ntstatus( RtlSetDaclSecurityDescriptor( descr, present, dacl, defaulted ));
1213}
1214
1215/******************************************************************************
1216 * SetSecurityDescriptorGroup (kernelbase.@)
1217 */
1218BOOL WINAPI SetSecurityDescriptorGroup( PSECURITY_DESCRIPTOR descr, PSID group, BOOL defaulted )
1219{
1220 return set_ntstatus( RtlSetGroupSecurityDescriptor( descr, group, defaulted ));
1221}
1222
1223/******************************************************************************
1224 * SetSecurityDescriptorOwner (kernelbase.@)
1225 */
1226BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR descr, PSID owner, BOOL defaulted )
1227{
1228 return set_ntstatus( RtlSetOwnerSecurityDescriptor( descr, owner, defaulted ));
1229}
1230
1231/**************************************************************************
1232 * SetSecurityDescriptorSacl (kernelbase.@)
1233 */
1234BOOL WINAPI SetSecurityDescriptorSacl ( PSECURITY_DESCRIPTOR descr, BOOL present, PACL sacl, BOOL defaulted )
1235{
1236 return set_ntstatus( RtlSetSaclSecurityDescriptor( descr, present, sacl, defaulted ));
1237}
1238
1239
1240/******************************************************************************
1241 * Access control functions
1242 ******************************************************************************/
1243
1244
1245/******************************************************************************
1246 * AccessCheck (kernelbase.@)
1247 */
1248BOOL WINAPI AccessCheck( PSECURITY_DESCRIPTOR descr, HANDLE token, DWORD access, PGENERIC_MAPPING mapping,
1249 PPRIVILEGE_SET priv, LPDWORD priv_len, LPDWORD granted, LPBOOL status )
1250{
1251 NTSTATUS access_status;
1252 BOOL ret = set_ntstatus( NtAccessCheck( descr, token, access, mapping, priv, priv_len,
1253 granted, &access_status ));
1254 if (ret) *status = set_ntstatus( access_status );
1255 return ret;
1256}
1257
1258/******************************************************************************
1259 * AccessCheckAndAuditAlarmW (kernelbase.@)
1260 */
1261BOOL WINAPI AccessCheckAndAuditAlarmW( LPCWSTR subsystem, LPVOID id, LPWSTR type_name,
1262 LPWSTR name, PSECURITY_DESCRIPTOR descr, DWORD access,
1263 PGENERIC_MAPPING mapping, BOOL creation,
1264 LPDWORD granted, LPBOOL status, LPBOOL on_close )
1265{
1266 FIXME( "stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_w(subsystem),
1267 id, debugstr_w(type_name), debugstr_w(name), descr, access, mapping,
1268 creation, granted, status, on_close );
1269 return TRUE;
1270}
1271
1272/******************************************************************************
1273 * AccessCheckByType (kernelbase.@)
1274 */
1275BOOL WINAPI AccessCheckByType( PSECURITY_DESCRIPTOR descr, PSID sid, HANDLE token, DWORD access,
1276 POBJECT_TYPE_LIST types, DWORD types_len, PGENERIC_MAPPING mapping,
1277 PPRIVILEGE_SET priv, LPDWORD priv_len, LPDWORD granted, LPBOOL status )
1278{
1279 FIXME("stub\n");
1280 *status = TRUE;
1281 return !*status;
1282}
1283
1284/******************************************************************************
1285 * AddAccessAllowedAce (kernelbase.@)
1286 */
1287BOOL WINAPI AddAccessAllowedAce( PACL acl, DWORD rev, DWORD access, PSID sid )
1288{
1289 return set_ntstatus( RtlAddAccessAllowedAce( acl, rev, access, sid ));
1290}
1291
1292/******************************************************************************
1293 * AddAccessAllowedAceEx (kernelbase.@)
1294 */
1295BOOL WINAPI AddAccessAllowedAceEx( PACL acl, DWORD rev, DWORD flags, DWORD access, PSID sid )
1296{
1297 return set_ntstatus( RtlAddAccessAllowedAceEx( acl, rev, flags, access, sid ));
1298}
1299
1300/******************************************************************************
1301 * AddAccessAllowedObjectAce (kernelbase.@)
1302 */
1303BOOL WINAPI AddAccessAllowedObjectAce( PACL acl, DWORD rev, DWORD flags, DWORD access,
1304 GUID *type, GUID *inherit, PSID sid )
1305{
1306 return set_ntstatus( RtlAddAccessAllowedObjectAce( acl, rev, flags, access, type, inherit, sid ));
1307}
1308
1309/******************************************************************************
1310 * AddAccessDeniedAce (kernelbase.@)
1311 */
1312BOOL WINAPI AddAccessDeniedAce( PACL acl, DWORD rev, DWORD access, PSID sid )
1313{
1314 return set_ntstatus( RtlAddAccessDeniedAce( acl, rev, access, sid ));
1315}
1316
1317/******************************************************************************
1318 * AddAccessDeniedAceEx (kernelbase.@)
1319 */
1320BOOL WINAPI AddAccessDeniedAceEx( PACL acl, DWORD rev, DWORD flags, DWORD access, PSID sid )
1321{
1322 return set_ntstatus( RtlAddAccessDeniedAceEx( acl, rev, flags, access, sid ));
1323}
1324
1325/******************************************************************************
1326 * AddAccessDeniedObjectAce (kernelbase.@)
1327 */
1328BOOL WINAPI AddAccessDeniedObjectAce( PACL acl, DWORD rev, DWORD flags, DWORD access,
1329 GUID *type, GUID *inherit, PSID sid )
1330{
1331 return set_ntstatus( RtlAddAccessDeniedObjectAce( acl, rev, flags, access, type, inherit, sid ));
1332}
1333
1334/******************************************************************************
1335 * AddAce (kernelbase.@)
1336 */
1337BOOL WINAPI AddAce( PACL acl, DWORD rev, DWORD index, LPVOID list, DWORD len )
1338{
1339 return set_ntstatus( RtlAddAce( acl, rev, index, list, len ));
1340}
1341
1342/******************************************************************************
1343 * AddAuditAccessAce (kernelbase.@)
1344 */
1345BOOL WINAPI AddAuditAccessAce( PACL acl, DWORD rev, DWORD access, PSID sid, BOOL success, BOOL failure )
1346{
1347 return set_ntstatus( RtlAddAuditAccessAce( acl, rev, access, sid, success, failure ));
1348}
1349
1350/******************************************************************************
1351 * AddAuditAccessAceEx (kernelbase.@)
1352 */
1353BOOL WINAPI AddAuditAccessAceEx( PACL acl, DWORD rev, DWORD flags, DWORD access,
1354 PSID sid, BOOL success, BOOL failure )
1355{
1356 return set_ntstatus( RtlAddAuditAccessAceEx( acl, rev, flags, access, sid, success, failure ));
1357}
1358
1359/******************************************************************************
1360 * AddAuditAccessObjectAce (kernelbase.@)
1361 */
1362BOOL WINAPI AddAuditAccessObjectAce( PACL acl, DWORD rev, DWORD flags, DWORD access,
1363 GUID *type, GUID *inherit, PSID sid, BOOL success, BOOL failure )
1364{
1365 return set_ntstatus( RtlAddAuditAccessObjectAce( acl, rev, flags, access,
1366 type, inherit, sid, success, failure ));
1367}
1368
1369/******************************************************************************
1370 * AddMandatoryAce (kernelbase.@)
1371 */
1372BOOL WINAPI AddMandatoryAce( PACL acl, DWORD rev, DWORD flags, DWORD policy, PSID sid )
1373{
1374 return set_ntstatus( RtlAddMandatoryAce( acl, rev, flags, policy,
1375 SYSTEM_MANDATORY_LABEL_ACE_TYPE, sid ));
1376}
1377
1378/******************************************************************************
1379 * AreAllAccessesGranted (kernelbase.@)
1380 */
1381BOOL WINAPI AreAllAccessesGranted( DWORD granted, DWORD desired )
1382{
1383 return RtlAreAllAccessesGranted( granted, desired );
1384}
1385
1386/******************************************************************************
1387 * AreAnyAccessesGranted (kernelbase.@)
1388 */
1389BOOL WINAPI AreAnyAccessesGranted( DWORD granted, DWORD desired )
1390{
1391 return RtlAreAnyAccessesGranted( granted, desired );
1392}
1393
1394/******************************************************************************
1395 * DeleteAce (kernelbase.@)
1396 */
1397BOOL WINAPI DeleteAce( PACL acl, DWORD index )
1398{
1399 return set_ntstatus( RtlDeleteAce( acl, index ));
1400}
1401
1402/******************************************************************************
1403 * FindFirstFreeAce (kernelbase.@)
1404 */
1405BOOL WINAPI FindFirstFreeAce( PACL acl, LPVOID *ace)
1406{
1407 return RtlFirstFreeAce( acl, (PACE_HEADER *)ace );
1408}
1409
1410/******************************************************************************
1411 * GetAce (kernelbase.@)
1412 */
1413BOOL WINAPI GetAce( PACL acl, DWORD index, LPVOID *ace )
1414{
1415 return set_ntstatus( RtlGetAce( acl, index, ace ));
1416}
1417
1418/******************************************************************************
1419 * GetAclInformation (kernelbase.@)
1420 */
1421BOOL WINAPI GetAclInformation( PACL acl, LPVOID info, DWORD len, ACL_INFORMATION_CLASS class )
1422{
1423 return set_ntstatus( RtlQueryInformationAcl( acl, info, len, class ));
1424}
1425
1426/*************************************************************************
1427 * InitializeAcl (kernelbase.@)
1428 */
1429BOOL WINAPI InitializeAcl( PACL acl, DWORD size, DWORD rev )
1430{
1431 return set_ntstatus( RtlCreateAcl( acl, size, rev ));
1432}
1433
1434/******************************************************************************
1435 * IsValidAcl (kernelbase.@)
1436 */
1437BOOL WINAPI IsValidAcl( PACL acl )
1438{
1439 return RtlValidAcl( acl );
1440}
1441
1442/******************************************************************************
1443 * MapGenericMask (kernelbase.@)
1444 */
1445void WINAPI MapGenericMask( PDWORD access, PGENERIC_MAPPING mapping )
1446{
1447 RtlMapGenericMask( access, mapping );
1448}
1449
1450/******************************************************************************
1451 * ObjectCloseAuditAlarmW (kernelbase.@)
1452 */
1453BOOL WINAPI ObjectCloseAuditAlarmW( LPCWSTR subsystem, LPVOID id, BOOL on_close )
1454{
1455 FIXME( "stub (%s,%p,%x)\n", debugstr_w(subsystem), id, on_close );
1456 return TRUE;
1457}
1458
1459/******************************************************************************
1460 * ObjectDeleteAuditAlarmW (kernelbase.@)
1461 */
1462BOOL WINAPI ObjectDeleteAuditAlarmW( LPCWSTR subsystem, LPVOID id, BOOL on_close )
1463{
1464 FIXME( "stub (%s,%p,%x)\n", debugstr_w(subsystem), id, on_close );
1465 return TRUE;
1466}
1467
1468/******************************************************************************
1469 * ObjectOpenAuditAlarmW (kernelbase.@)
1470 */
1471BOOL WINAPI ObjectOpenAuditAlarmW( LPCWSTR subsystem, LPVOID id, LPWSTR type, LPWSTR name,
1472 PSECURITY_DESCRIPTOR descr, HANDLE token, DWORD desired,
1473 DWORD granted, PPRIVILEGE_SET privs, BOOL creation,
1474 BOOL access, LPBOOL on_close )
1475{
1476 FIXME( "stub (%s,%p,%s,%s,%p,%p,0x%08lx,0x%08lx,%p,%x,%x,%p)\n", debugstr_w(subsystem),
1477 id, debugstr_w(type), debugstr_w(name), descr, token, desired, granted,
1478 privs, creation, access, on_close );
1479 return TRUE;
1480}
1481
1482/******************************************************************************
1483 * ObjectPrivilegeAuditAlarmW (kernelbase.@)
1484 */
1485BOOL WINAPI ObjectPrivilegeAuditAlarmW( LPCWSTR subsystem, LPVOID id, HANDLE token,
1486 DWORD desired, PPRIVILEGE_SET privs, BOOL granted )
1487{
1488 FIXME( "stub (%s,%p,%p,0x%08lx,%p,%x)\n", debugstr_w(subsystem), id, token, desired, privs, granted );
1489 return TRUE;
1490}
1491
1492/******************************************************************************
1493 * PrivilegedServiceAuditAlarmW (kernelbase.@)
1494 */
1495BOOL WINAPI PrivilegedServiceAuditAlarmW( LPCWSTR subsystem, LPCWSTR service, HANDLE token,
1496 PPRIVILEGE_SET privs, BOOL granted )
1497{
1498 FIXME( "stub %s,%s,%p,%p,%x)\n", debugstr_w(subsystem), debugstr_w(service), token, privs, granted );
1499 return TRUE;
1500}
1501
1502/******************************************************************************
1503 * SetAclInformation (kernelbase.@)
1504 */
1505BOOL WINAPI SetAclInformation( PACL acl, LPVOID info, DWORD len, ACL_INFORMATION_CLASS class )
1506{
1507 FIXME( "%p %p 0x%08lx 0x%08x - stub\n", acl, info, len, class );
1508 return TRUE;
1509}
1510
1511/******************************************************************************
1512 * SetCachedSigningLevel (kernelbase.@)
1513 */
1514BOOL WINAPI SetCachedSigningLevel( PHANDLE source, ULONG count, ULONG flags, HANDLE file )
1515{
1516 FIXME( "%p %lu %lu %p - stub\n", source, count, flags, file );
1517 return TRUE;
1518}
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
Type
Type
Definition: Type.h:7
NtAccessCheck
NTSTATUS NTAPI NtAccessCheck(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus)
Determines whether security access can be granted to a client that requests such access on an object.
Definition: accesschk.c:2214
memcmp
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
Definition: utclib.c:112
sa
static struct sockaddr_in sa
Definition: adnsresfilter.c:69
policy
WINBASEAPI _Check_return_ _Out_ AppPolicyProcessTerminationMethod * policy
Definition: appmodel.h:47
heap_alloc
static void * heap_alloc(size_t len)
Definition: appwiz.h:66
heap_free
static BOOL heap_free(void *mem)
Definition: appwiz.h:76
TOKEN_TYPE
TOKEN_TYPE
Definition: asmpp.cpp:29
WINE_DEFAULT_DEBUG_CHANNEL
#define WINE_DEFAULT_DEBUG_CHANNEL(t)
Definition: precomp.h:23
rev
int rev
Definition: sort.c:17
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ARRAY_SIZE
#define ARRAY_SIZE(A)
Definition: main.h:20
FIXME
#define FIXME(fmt,...)
Definition: precomp.h:53
thread
static HANDLE thread
Definition: service.c:33
sid
FT_UInt sid
Definition: cffcmap.c:139
list
Definition: list.h:37
set
Definition: _set.h:50
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: d3dkmdt.h:51
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10
ERROR_OUTOFMEMORY
#define ERROR_OUTOFMEMORY
Definition: deptool.c:13
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
AdjustTokenPrivileges
BOOL WINAPI AdjustTokenPrivileges(HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength)
Definition: security.c:374
GetAclInformation
BOOL WINAPI GetAclInformation(PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
Definition: security.c:1194
GetTokenInformation
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
Definition: security.c:411
PrivilegeCheck
BOOL WINAPI PrivilegeCheck(HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
Definition: security.c:2066
OpenProcessToken
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:294
WellKnownRids
static const WELLKNOWNRID WellKnownRids[]
Definition: security.c:109
CreateRestrictedToken
BOOL WINAPI CreateRestrictedToken(_In_ HANDLE ExistingTokenHandle, _In_ DWORD Flags, _In_ DWORD DisableSidCount, _In_reads_opt_(DisableSidCount) PSID_AND_ATTRIBUTES SidsToDisable, _In_ DWORD DeletePrivilegeCount, _In_reads_opt_(DeletePrivilegeCount) PLUID_AND_ATTRIBUTES PrivilegesToDelete, _In_ DWORD RestrictedSidCount, _In_reads_opt_(RestrictedSidCount) PSID_AND_ATTRIBUTES SidsToRestrict, _Outptr_ PHANDLE NewTokenHandle)
Creates a filtered token that is a restricted one of the regular access token. A restricted token can...
Definition: security.c:533
SetAclInformation
BOOL WINAPI SetAclInformation(PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass)
Definition: security.c:2471
DuplicateToken
BOOL WINAPI DuplicateToken(IN HANDLE ExistingTokenHandle, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, OUT PHANDLE DuplicateTokenHandle)
Definition: security.c:3919
SetTokenInformation
BOOL WINAPI SetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength)
Definition: security.c:437
InitializeSid
BOOL WINAPI InitializeSid(PSID Sid, PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount)
Definition: security.c:862
EqualPrefixSid
BOOL WINAPI EqualPrefixSid(PSID pSid1, PSID pSid2)
Definition: security.c:841
ImpersonateSelf
BOOL WINAPI ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: security.c:1631
AddAccessDeniedAceEx
BOOL WINAPI AddAccessDeniedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
Definition: security.c:1114
AddAce
BOOL WINAPI AddAce(PACL pAcl, DWORD dwAceRevision, DWORD dwStartingAceIndex, LPVOID pAceList, DWORD nAceListLength)
Definition: security.c:1141
AccessCheckByType
BOOL WINAPI AccessCheckByType(_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ DWORD DesiredAccess, _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ DWORD ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, _Inout_ LPDWORD PrivilegeSetLength, _Out_ LPDWORD GrantedAccess, _Out_ LPBOOL AccessStatus)
Determines whether security access can be granted to a client that requests such access on the object...
Definition: security.c:1767
DeleteAce
BOOL WINAPI DeleteAce(PACL pAcl, DWORD dwAceIndex)
Definition: security.c:1166
MakeAbsoluteSD
BOOL WINAPI MakeAbsoluteSD(PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, LPDWORD lpdwAbsoluteSecurityDescriptorSize, PACL pDacl, LPDWORD lpdwDaclSize, PACL pSacl, LPDWORD lpdwSaclSize, PSID pOwner, LPDWORD lpdwOwnerSize, PSID pPrimaryGroup, LPDWORD lpdwPrimaryGroupSize)
Definition: security.c:950
GetSidSubAuthority
PDWORD WINAPI GetSidSubAuthority(PSID pSid, DWORD nSubAuthority)
Definition: security.c:896
SetFileSecurityW
BOOL WINAPI SetFileSecurityW(LPCWSTR lpFileName, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor)
Definition: security.c:1509
SetThreadToken
BOOL WINAPI SetThreadToken(IN PHANDLE ThreadHandle OPTIONAL, IN HANDLE TokenHandle)
Definition: security.c:461
AllocateAndInitializeSid
BOOL WINAPI AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
Definition: security.c:674
WELLKNOWNRID
struct WELLKNOWNRID WELLKNOWNRID
GetSidLengthRequired
DWORD WINAPI GetSidLengthRequired(UCHAR nSubAuthorityCount)
Definition: security.c:852
IsValidSid
BOOL WINAPI IsValidSid(PSID pSid)
Definition: security.c:819
AreAnyAccessesGranted
BOOL WINAPI AreAnyAccessesGranted(DWORD GrantedAccess, DWORD DesiredAccess)
Definition: security.c:2544
IsWellKnownSid
BOOL WINAPI IsWellKnownSid(IN PSID pSid, IN WELL_KNOWN_SID_TYPE WellKnownSidType)
Definition: security.c:796
CopySid
BOOL WINAPI CopySid(DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid)
Definition: security.c:712
AddAuditAccessAce
BOOL WINAPI AddAuditAccessAce(PACL pAcl, DWORD dwAceRevision, DWORD dwAccessMask, PSID pSid, BOOL bAuditSuccess, BOOL bAuditFailure)
Definition: security.c:1951
AllocateLocallyUniqueId
BOOL WINAPI AllocateLocallyUniqueId(PLUID Luid)
Definition: security.c:1218
GetSidSubAuthorityCount
PUCHAR WINAPI GetSidSubAuthorityCount(PSID pSid)
Definition: security.c:908
GetKernelObjectSecurity
BOOL WINAPI GetKernelObjectSecurity(HANDLE Handle, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
Definition: security.c:987
InitializeAcl
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
Definition: security.c:1006
ImpersonateNamedPipeClient
BOOL WINAPI ImpersonateNamedPipeClient(HANDLE hNamedPipe)
Definition: security.c:1024
InitializeSecurityDescriptor
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
Definition: security.c:929
AddAccessAllowedAce
BOOL WINAPI AddAccessAllowedAce(PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
Definition: security.c:1039
AddAccessAllowedAceEx
BOOL WINAPI AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
Definition: security.c:1063
GetLengthSid
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:919
WellKnownSids
static const WELLKNOWNSID WellKnownSids[]
Definition: security.c:45
OpenThreadToken
BOOL WINAPI OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, HANDLE *TokenHandle)
Definition: security.c:336
FreeSid
PVOID WINAPI FreeSid(PSID pSid)
Definition: security.c:698
WELLKNOWNSID
struct WELLKNOWNSID WELLKNOWNSID
GetWindowsAccountDomainSid
BOOL WINAPI GetWindowsAccountDomainSid(PSID sid, PSID domain_sid, DWORD *size)
Definition: security.c:4136
EqualSid
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
Definition: security.c:829
AccessCheck
BOOL WINAPI AccessCheck(IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN HANDLE ClientToken, IN DWORD DesiredAccess, IN PGENERIC_MAPPING GenericMapping, OUT PPRIVILEGE_SET PrivilegeSet OPTIONAL, IN OUT LPDWORD PrivilegeSetLength, OUT LPDWORD GrantedAccess, OUT LPBOOL AccessStatus)
Definition: security.c:1650
set_ntstatus
static __inline BOOL set_ntstatus(NTSTATUS status)
Definition: security.c:227
DuplicateTokenEx
BOOL WINAPI DuplicateTokenEx(IN HANDLE ExistingTokenHandle, IN DWORD dwDesiredAccess, IN LPSECURITY_ATTRIBUTES lpTokenAttributes OPTIONAL, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, IN TOKEN_TYPE TokenType, OUT PHANDLE DuplicateTokenHandle)
Definition: security.c:3859
debugstr_sid
static const char * debugstr_sid(PSID sid)
Definition: security.c:174
AdjustTokenGroups
BOOL WINAPI AdjustTokenGroups(HANDLE TokenHandle, BOOL ResetToDefault, PTOKEN_GROUPS NewState, DWORD BufferLength, PTOKEN_GROUPS PreviousState, PDWORD ReturnLength)
Definition: security.c:346
GetFileSecurityW
BOOL WINAPI GetFileSecurityW(LPCWSTR lpFileName, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded)
Definition: security.c:1404
GetSidIdentifierAuthority
PSID_IDENTIFIER_AUTHORITY WINAPI GetSidIdentifierAuthority(PSID pSid)
Definition: security.c:885
AreAllAccessesGranted
BOOL WINAPI AreAllAccessesGranted(DWORD GrantedAccess, DWORD DesiredAccess)
Definition: security.c:2532
EqualDomainSid
BOOL WINAPI EqualDomainSid(IN PSID pSid1, IN PSID pSid2, OUT BOOL *pfEqual)
Definition: security.c:4184
FindFirstFreeAce
BOOL WINAPI FindFirstFreeAce(PACL pAcl, LPVOID *pAce)
Definition: security.c:1176
GetAce
BOOL WINAPI GetAce(PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
Definition: security.c:1186
AddAccessDeniedAce
BOOL WINAPI AddAccessDeniedAce(PACL pAcl, DWORD dwAceRevision, DWORD AccessMask, PSID pSid)
Definition: security.c:1090
AddAuditAccessAceEx
BOOL WINAPI AddAuditAccessAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD dwAccessMask, PSID pSid, BOOL bAuditSuccess, BOOL bAuditFailure)
Definition: security.c:1979
SetKernelObjectSecurity
BOOL WINAPI SetKernelObjectSecurity(HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
Definition: security.c:1928
CreateWellKnownSid
BOOL WINAPI CreateWellKnownSid(IN WELL_KNOWN_SID_TYPE WellKnownSidType, IN PSID DomainSid OPTIONAL, OUT PSID pSid, IN OUT DWORD *cbSid)
Definition: security.c:722
MAX_SID
struct _MAX_SID MAX_SID
IsValidAcl
BOOL WINAPI IsValidAcl(PACL pAcl)
Definition: security.c:1209
wine_dbg_sprintf
const char * wine_dbg_sprintf(const char *format,...)
Definition: compat.c:296
CloseHandle
#define CloseHandle
Definition: compat.h:739
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
SetLastError
#define SetLastError(x)
Definition: compat.h:752
ThreadImpersonationToken
@ ThreadImpersonationToken
Definition: compat.h:940
GetCurrentProcess
#define GetCurrentProcess()
Definition: compat.h:759
FILE_SHARE_READ
#define FILE_SHARE_READ
Definition: compat.h:136
open_file
static NTSTATUS open_file(LPCWSTR name, DWORD access, HANDLE *file)
Definition: security.c:143
AccessCheckAndAuditAlarmW
BOOL WINAPI AccessCheckAndAuditAlarmW(LPCWSTR subsystem, LPVOID id, LPWSTR type_name, LPWSTR name, PSECURITY_DESCRIPTOR descr, DWORD access, PGENERIC_MAPPING mapping, BOOL creation, LPDWORD granted, LPBOOL status, LPBOOL on_close)
Definition: security.c:1261
SetSecurityDescriptorGroup
BOOL WINAPI SetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR descr, PSID group, BOOL defaulted)
Definition: security.c:1218
SetSecurityDescriptorOwner
BOOL WINAPI SetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR descr, PSID owner, BOOL defaulted)
Definition: security.c:1226
SetSecurityDescriptorControl
BOOL WINAPI SetSecurityDescriptorControl(PSECURITY_DESCRIPTOR descr, SECURITY_DESCRIPTOR_CONTROL mask, SECURITY_DESCRIPTOR_CONTROL set)
Definition: security.c:1201
CreateBoundaryDescriptorW
HANDLE WINAPI CreateBoundaryDescriptorW(LPCWSTR name, ULONG flags)
Definition: security.c:918
CheckTokenMembership
BOOL WINAPI CheckTokenMembership(HANDLE token, PSID sid_to_check, PBOOL is_member)
Definition: security.c:550
SetCachedSigningLevel
BOOL WINAPI SetCachedSigningLevel(PHANDLE source, ULONG count, ULONG flags, HANDLE file)
Definition: security.c:1514
CreatePrivateObjectSecurity
BOOL WINAPI CreatePrivateObjectSecurity(PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator, PSECURITY_DESCRIPTOR *descr, BOOL is_container, HANDLE token, PGENERIC_MAPPING mapping)
Definition: security.c:927
ImpersonateAnonymousToken
BOOL WINAPI ImpersonateAnonymousToken(HANDLE thread)
Definition: security.c:736
GetPrivateObjectSecurity
BOOL WINAPI GetPrivateObjectSecurity(PSECURITY_DESCRIPTOR obj_descr, SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR ret_descr, DWORD len, PDWORD ret_len)
Definition: security.c:1003
PrivilegedServiceAuditAlarmW
BOOL WINAPI PrivilegedServiceAuditAlarmW(LPCWSTR subsystem, LPCWSTR service, HANDLE token, PPRIVILEGE_SET privs, BOOL granted)
Definition: security.c:1495
ConvertToAutoInheritPrivateObjectSecurity
BOOL WINAPI ConvertToAutoInheritPrivateObjectSecurity(PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR current, PSECURITY_DESCRIPTOR *descr, GUID *type, BOOL is_dir, PGENERIC_MAPPING mapping)
Definition: security.c:906
SetPrivateObjectSecurity
BOOL WINAPI SetPrivateObjectSecurity(SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr, PSECURITY_DESCRIPTOR *obj_descr, PGENERIC_MAPPING mapping, HANDLE token)
Definition: security.c:1179
AddAccessDeniedObjectAce
BOOL WINAPI AddAccessDeniedObjectAce(PACL acl, DWORD rev, DWORD flags, DWORD access, GUID *type, GUID *inherit, PSID sid)
Definition: security.c:1328
CreatePrivateObjectSecurityWithMultipleInheritance
BOOL WINAPI CreatePrivateObjectSecurityWithMultipleInheritance(PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator, PSECURITY_DESCRIPTOR *descr, GUID **types, ULONG count, BOOL is_container, ULONG flags, HANDLE token, PGENERIC_MAPPING mapping)
Definition: security.c:947
ImpersonateLoggedOnUser
BOOL WINAPI ImpersonateLoggedOnUser(HANDLE token)
Definition: security.c:745
AddAuditAccessObjectAce
BOOL WINAPI AddAuditAccessObjectAce(PACL acl, DWORD rev, DWORD flags, DWORD access, GUID *type, GUID *inherit, PSID sid, BOOL success, BOOL failure)
Definition: security.c:1362
IsValidSecurityDescriptor
BOOL WINAPI IsValidSecurityDescriptor(PSECURITY_DESCRIPTOR descr)
Definition: security.c:1116
ObjectDeleteAuditAlarmW
BOOL WINAPI ObjectDeleteAuditAlarmW(LPCWSTR subsystem, LPVOID id, BOOL on_close)
Definition: security.c:1462
MapGenericMask
void WINAPI MapGenericMask(PDWORD access, PGENERIC_MAPPING mapping)
Definition: security.c:1445
ObjectCloseAuditAlarmW
BOOL WINAPI ObjectCloseAuditAlarmW(LPCWSTR subsystem, LPVOID id, BOOL on_close)
Definition: security.c:1453
SetPrivateObjectSecurityEx
BOOL WINAPI SetPrivateObjectSecurityEx(SECURITY_INFORMATION info, PSECURITY_DESCRIPTOR descr, PSECURITY_DESCRIPTOR *obj_descr, ULONG flags, PGENERIC_MAPPING mapping, HANDLE token)
Definition: security.c:1190
IsTokenRestricted
BOOL WINAPI IsTokenRestricted(HANDLE token)
Definition: security.c:793
ObjectOpenAuditAlarmW
BOOL WINAPI ObjectOpenAuditAlarmW(LPCWSTR subsystem, LPVOID id, LPWSTR type, LPWSTR name, PSECURITY_DESCRIPTOR descr, HANDLE token, DWORD desired, DWORD granted, PPRIVILEGE_SET privs, BOOL creation, BOOL access, LPBOOL on_close)
Definition: security.c:1471
SetSecurityDescriptorSacl
BOOL WINAPI SetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR descr, BOOL present, PACL sacl, BOOL defaulted)
Definition: security.c:1234
RevertToSelf
BOOL WINAPI RevertToSelf(void)
Definition: security.c:855
DestroyPrivateObjectSecurity
BOOL WINAPI DestroyPrivateObjectSecurity(PSECURITY_DESCRIPTOR *descr)
Definition: security.c:961
AddAccessAllowedObjectAce
BOOL WINAPI AddAccessAllowedObjectAce(PACL acl, DWORD rev, DWORD flags, DWORD access, GUID *type, GUID *inherit, PSID sid)
Definition: security.c:1303
ObjectPrivilegeAuditAlarmW
BOOL WINAPI ObjectPrivilegeAuditAlarmW(LPCWSTR subsystem, LPVOID id, HANDLE token, DWORD desired, PPRIVILEGE_SET privs, BOOL granted)
Definition: security.c:1485
GetSecurityDescriptorLength
DWORD WINAPI GetSecurityDescriptorLength(PSECURITY_DESCRIPTOR descr)
Definition: security.c:1076
CreatePrivateObjectSecurityEx
BOOL WINAPI CreatePrivateObjectSecurityEx(PSECURITY_DESCRIPTOR parent, PSECURITY_DESCRIPTOR creator, PSECURITY_DESCRIPTOR *descr, GUID *type, BOOL is_container, ULONG flags, HANDLE token, PGENERIC_MAPPING mapping)
Definition: security.c:937
AddMandatoryAce
BOOL WINAPI AddMandatoryAce(PACL acl, DWORD rev, DWORD flags, DWORD policy, PSID sid)
Definition: security.c:1372
ret
return ret
Definition: mutex.c:146
parent
r parent
Definition: btrfs.c:3010
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
FILE_OPEN
#define FILE_OPEN
Definition: from_kernel.h:54
FILE_OPEN_FOR_BACKUP_INTENT
#define FILE_OPEN_FOR_BACKUP_INTENT
Definition: from_kernel.h:42
level
GLint level
Definition: gl.h:1546
count
GLuint GLuint GLsizei count
Definition: gl.h:1545
type
GLuint GLuint GLsizei GLenum type
Definition: gl.h:1545
reset
GLboolean reset
Definition: glext.h:5666
res
GLuint res
Definition: glext.h:9613
groups
GLsizei GLuint * groups
Definition: glext.h:11113
size
GLsizeiptr size
Definition: glext.h:5919
index
GLuint index
Definition: glext.h:6031
mask
GLenum GLint GLuint mask
Definition: glext.h:6028
flags
GLbitfield flags
Definition: glext.h:7161
length
GLuint GLsizei GLsizei * length
Definition: glext.h:6040
group
GLboolean GLuint group
Definition: glext.h:11120
access
GLuint GLint GLboolean GLint GLenum access
Definition: glext.h:7866
result
GLuint64EXT * result
Definition: glext.h:11304
mapping
GLenum GLenum GLenum GLenum mapping
Definition: glext.h:9031
len
GLenum GLsizei len
Definition: glext.h:6722
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
token
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat token
Definition: glfuncs.h:210
OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
OBJ_INHERIT
#define OBJ_INHERIT
Definition: winternl.h:225
RtlLengthSecurityDescriptor
NTSYSAPI ULONG WINAPI RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR)
RtlNewSecurityObjectWithMultipleInheritance
NTSYSAPI NTSTATUS WINAPI RtlNewSecurityObjectWithMultipleInheritance(PSECURITY_DESCRIPTOR, PSECURITY_DESCRIPTOR, PSECURITY_DESCRIPTOR *, GUID **, ULONG, BOOLEAN, ULONG, HANDLE, PGENERIC_MAPPING)
RtlQueryInformationAcl
NTSYSAPI NTSTATUS WINAPI RtlQueryInformationAcl(PACL, LPVOID, DWORD, ACL_INFORMATION_CLASS)
RtlConvertToAutoInheritSecurityObject
NTSYSAPI NTSTATUS WINAPI RtlConvertToAutoInheritSecurityObject(PSECURITY_DESCRIPTOR, PSECURITY_DESCRIPTOR, PSECURITY_DESCRIPTOR *, GUID *, BOOL, PGENERIC_MAPPING)
RtlAddAccessAllowedAceEx
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAceEx(PACL, DWORD, DWORD, DWORD, PSID)
RtlAddAccessAllowedAce
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
RtlSetOwnerSecurityDescriptor
NTSYSAPI NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR, PSID, BOOLEAN)
RtlNewSecurityObjectEx
NTSYSAPI NTSTATUS WINAPI RtlNewSecurityObjectEx(PSECURITY_DESCRIPTOR, PSECURITY_DESCRIPTOR, PSECURITY_DESCRIPTOR *, GUID *, BOOLEAN, ULONG, HANDLE, PGENERIC_MAPPING)
RtlSelfRelativeToAbsoluteSD
NTSYSAPI NTSTATUS WINAPI RtlSelfRelativeToAbsoluteSD(PSECURITY_DESCRIPTOR, PSECURITY_DESCRIPTOR, PDWORD, PACL, PDWORD, PACL, PDWORD, PSID, PDWORD, PSID, PDWORD)
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
RtlDosPathNameToNtPathName_U_WithStatus
NTSYSAPI NTSTATUS WINAPI RtlDosPathNameToNtPathName_U_WithStatus(PCWSTR, PUNICODE_STRING, PWSTR *, CURDIR *)
RtlSetDaclSecurityDescriptor
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
RtlCopySid
NTSYSAPI BOOLEAN WINAPI RtlCopySid(DWORD, PSID, PSID)
desired
int desired
Definition: jpeglib.h:1119
debugstr_w
#define debugstr_w
Definition: kernel32.h:32
dup
#define dup
Definition: syshdrs.h:51
SECURITY_IMPERSONATION_LEVEL
enum _SECURITY_IMPERSONATION_LEVEL SECURITY_IMPERSONATION_LEVEL
SECURITY_DESCRIPTOR_CONTROL
WORD SECURITY_DESCRIPTOR_CONTROL
Definition: lsa.idl:37
SecurityImpersonation
@ SecurityImpersonation
Definition: lsa.idl:57
PSECURITY_DESCRIPTOR_CONTROL
WORD * PSECURITY_DESCRIPTOR_CONTROL
Definition: lsa.idl:37
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
current
struct task_struct * current
Definition: linux.c:32
FILE_FLAG_BACKUP_SEMANTICS
#define FILE_FLAG_BACKUP_SEMANTICS
Definition: disk.h:41
TokenImpersonation
@ TokenImpersonation
Definition: imports.h:274
TokenPrimary
@ TokenPrimary
Definition: imports.h:273
pSid
static PSID pSid
Definition: security.c:74
desc
static const WCHAR desc[]
Definition: protectdata.c:36
ret_len
static JOBOBJECTINFOCLASS LPVOID DWORD LPDWORD ret_len
Definition: process.c:79
io
static HANDLE PIO_APC_ROUTINE PVOID PIO_STATUS_BLOCK io
Definition: file.c:100
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
dest
static char * dest
Definition: rtl.c:135
SECURITY_INFORMATION
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
disable
int disable
Definition: msacm.c:1365
RtlAddAce
NTSYSAPI NTSTATUS NTAPI RtlAddAce(_Inout_ PACL Acl, _In_ ULONG AceRevision, _In_ ULONG StartingAceIndex, _In_reads_bytes_(AceListLength) PVOID AceList, _In_ ULONG AceListLength)
RtlSubAuthoritySid
NTSYSAPI PULONG NTAPI RtlSubAuthoritySid(_In_ PSID Sid, _In_ ULONG SubAuthority)
RtlGetControlSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetControlSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PSECURITY_DESCRIPTOR_CONTROL Control, _Out_ PULONG Revision)
RtlValidAcl
NTSYSAPI BOOLEAN NTAPI RtlValidAcl(PACL Acl)
RtlImpersonateSelf
NTSYSAPI NTSTATUS NTAPI RtlImpersonateSelf(IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
Definition: priv.c:45
RtlLengthRequiredSid
NTSYSAPI ULONG NTAPI RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
Definition: sid.c:54
RtlNewSecurityObject
NTSYSAPI NTSTATUS NTAPI RtlNewSecurityObject(_In_ PSECURITY_DESCRIPTOR ParentDescriptor, _In_ PSECURITY_DESCRIPTOR CreatorDescriptor, _Out_ PSECURITY_DESCRIPTOR *NewDescriptor, _In_ BOOLEAN IsDirectoryObject, _In_ HANDLE Token, _In_ PGENERIC_MAPPING GenericMapping)
RtlSetControlSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlSetControlSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest, _In_ SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet)
RtlCreateAcl
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
RtlAddMandatoryAce
NTSYSAPI NTSTATUS NTAPI RtlAddMandatoryAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ULONG MandatoryFlags, _In_ UCHAR AceType, _In_ PSID LabelSid)
RtlDeleteSecurityObject
NTSYSAPI NTSTATUS NTAPI RtlDeleteSecurityObject(_In_ PSECURITY_DESCRIPTOR *ObjectDescriptor)
RtlAddAuditAccessAce
NTSYSAPI NTSTATUS NTAPI RtlAddAuditAccessAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid, _In_ BOOLEAN Success, _In_ BOOLEAN Failure)
RtlGetAce
NTSYSAPI NTSTATUS NTAPI RtlGetAce(PACL Acl, ULONG AceIndex, PVOID *Ace)
RtlLengthSid
NTSYSAPI ULONG NTAPI RtlLengthSid(IN PSID Sid)
Definition: sid.c:150
RtlAddAccessAllowedObjectAce
NTSYSAPI NTSTATUS NTAPI RtlAddAccessAllowedObjectAce(_Inout_ PACL pAcl, _In_ ULONG dwAceRevision, _In_ ULONG AceFlags, _In_ ACCESS_MASK AccessMask, _In_opt_ GUID *ObjectTypeGuid, _In_opt_ GUID *InheritedObjectTypeGuid, _In_ PSID pSid)
RtlGetSaclSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetSaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN SaclPresent, _Out_ PACL *Sacl, _Out_ PBOOLEAN SaclDefaulted)
RtlValidSid
NTSYSAPI BOOLEAN NTAPI RtlValidSid(IN PSID Sid)
Definition: sid.c:21
RtlEqualPrefixSid
NTSYSAPI BOOLEAN NTAPI RtlEqualPrefixSid(PSID Sid1, PSID Sid2)
RtlCreateSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
RtlAddAuditAccessAceEx
NTSYSAPI NTSTATUS NTAPI RtlAddAuditAccessAceEx(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid, _In_ BOOLEAN Success, _In_ BOOLEAN Failure)
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1157
RtlFreeSid
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
RtlAddAuditAccessObjectAce
NTSYSAPI NTSTATUS NTAPI RtlAddAuditAccessObjectAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ACCESS_MASK AccessMask, _In_opt_ GUID *ObjectTypeGuid, _In_opt_ GUID *InheritedObjectTypeGuid, _In_ PSID Sid, _In_ BOOLEAN Success, _In_ BOOLEAN Failure)
RtlIdentifierAuthoritySid
NTSYSAPI PSID_IDENTIFIER_AUTHORITY NTAPI RtlIdentifierAuthoritySid(PSID Sid)
RtlAddAccessDeniedAce
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAce(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)
RtlMakeSelfRelativeSD
NTSYSAPI NTSTATUS NTAPI RtlMakeSelfRelativeSD(_In_ PSECURITY_DESCRIPTOR AbsoluteSD, _Out_ PSECURITY_DESCRIPTOR SelfRelativeSD, _Inout_ PULONG BufferLength)
RtlAddAccessDeniedAceEx
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedAceEx(_Inout_ PACL Acl, _In_ ULONG Revision, _In_ ULONG Flags, _In_ ACCESS_MASK AccessMask, _In_ PSID Sid)
RtlDeleteAce
NTSYSAPI NTSTATUS NTAPI RtlDeleteAce(PACL Acl, ULONG AceIndex)
RtlMapGenericMask
NTSYSAPI VOID NTAPI RtlMapGenericMask(PACCESS_MASK AccessMask, PGENERIC_MAPPING GenericMapping)
RtlGetDaclSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetDaclSecurityDescriptor(_In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _Out_ PBOOLEAN DaclPresent, _Out_ PACL *Dacl, _Out_ PBOOLEAN DaclDefaulted)
RtlEqualSid
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)
RtlValidSecurityDescriptor
NTSYSAPI BOOLEAN NTAPI RtlValidSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor)
Definition: sd.c:1054
RtlFirstFreeAce
NTSYSAPI BOOLEAN NTAPI RtlFirstFreeAce(PACL Acl, PACE *Ace)
RtlAddAccessDeniedObjectAce
NTSYSAPI NTSTATUS NTAPI RtlAddAccessDeniedObjectAce(_Inout_ PACL pAcl, _In_ ULONG dwAceRevision, _In_ ULONG AceFlags, _In_ ACCESS_MASK AccessMask, _In_opt_ GUID *ObjectTypeGuid, _In_opt_ GUID *InheritedObjectTypeGuid, _In_ PSID pSid)
RtlAreAllAccessesGranted
NTSYSAPI BOOLEAN NTAPI RtlAreAllAccessesGranted(ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess)
RtlAreAnyAccessesGranted
NTSYSAPI BOOLEAN NTAPI RtlAreAnyAccessesGranted(ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess)
TokenType
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ BOOLEAN _In_ TOKEN_TYPE TokenType
Definition: sefuncs.h:411
SE_GROUP_ENABLED
#define SE_GROUP_ENABLED
Definition: setypes.h:92
FILE_SHARE_WRITE
#define FILE_SHARE_WRITE
Definition: nt_native.h:681
SYNCHRONIZE
#define SYNCHRONIZE
Definition: nt_native.h:61
WRITE_DAC
#define WRITE_DAC
Definition: nt_native.h:59
ACCESS_SYSTEM_SECURITY
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
FILE_SHARE_DELETE
#define FILE_SHARE_DELETE
Definition: nt_native.h:682
NtClose
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
RtlFreeUnicodeString
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
READ_CONTROL
#define READ_CONTROL
Definition: nt_native.h:58
WRITE_OWNER
#define WRITE_OWNER
Definition: nt_native.h:60
NtCreateFile
NTSTATUS NTAPI NtCreateFile(OUT PHANDLE FileHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PLARGE_INTEGER AllocationSize OPTIONAL, IN ULONG FileAttributes, IN ULONG ShareAccess, IN ULONG CreateDisposition, IN ULONG CreateOptions, IN PVOID EaBuffer OPTIONAL, IN ULONG EaLength)
NtFsControlFile
NTSYSAPI NTSTATUS NTAPI NtFsControlFile(IN HANDLE hFile, IN HANDLE hEvent OPTIONAL, IN PIO_APC_ROUTINE IoApcRoutine OPTIONAL, IN PVOID IoApcContext OPTIONAL, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG DeviceIoControlCode, IN PVOID InBuffer OPTIONAL, IN ULONG InBufferLength, OUT PVOID OutBuffer OPTIONAL, IN ULONG OutBufferLength)
RtlGetGroupSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetGroupSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, OUT PSID *Group, OUT PBOOLEAN GroupDefaulted)
Definition: sd.c:280
RtlAllocateAndInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
Definition: sid.c:290
RtlSetGroupSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlSetGroupSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Group, IN BOOLEAN GroupDefaulted)
Definition: sd.c:410
RtlGetOwnerSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlGetOwnerSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor, OUT PSID *Owner, OUT PBOOLEAN OwnerDefaulted)
Definition: sd.c:257
RtlSetSaclSecurityDescriptor
NTSYSAPI NTSTATUS NTAPI RtlSetSaclSecurityDescriptor(IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN SaclPresent, IN PACL Sacl, IN BOOLEAN SaclDefaulted)
Definition: sd.c:342
RtlSubAuthorityCountSid
NTSYSAPI PUCHAR NTAPI RtlSubAuthorityCountSid(IN PSID Sid)
Definition: sid.c:104
RtlInitializeSid
NTSYSAPI NTSTATUS NTAPI RtlInitializeSid(IN OUT PSID Sid, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount)
NtAllocateLocallyUniqueId
NTSTATUS NTAPI NtAllocateLocallyUniqueId(OUT LUID *LocallyUniqueId)
Definition: uuid.c:348
NtSetInformationThread
NTSTATUS NTAPI NtSetInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength)
Definition: query.c:2074
NtOpenProcessToken
NTSTATUS NTAPI NtOpenProcessToken(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
Definition: security.c:350
NtPrivilegeCheck
NTSTATUS NTAPI NtPrivilegeCheck(_In_ HANDLE ClientToken, _In_ PPRIVILEGE_SET RequiredPrivileges, _Out_ PBOOLEAN Result)
Checks a client access token if it has the required set of privileges.
Definition: priv.c:868
NtOpenThreadToken
NTSTATUS NTAPI NtOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
Definition: token.c:2474
NtImpersonateAnonymousToken
NTSTATUS NTAPI NtImpersonateAnonymousToken(_In_ HANDLE ThreadHandle)
Allows the calling thread to impersonate the system's anonymous logon token.
Definition: token.c:2612
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
STATUS_NOT_ALL_ASSIGNED
#define STATUS_NOT_ALL_ASSIGNED
Definition: ntstatus.h:85
STATUS_INVALID_SECURITY_DESCR
#define STATUS_INVALID_SECURITY_DESCR
Definition: ntstatus.h:357
NtQuerySecurityObject
NTSTATUS NTAPI NtQuerySecurityObject(IN HANDLE Handle, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Length, OUT PULONG ResultLength)
Definition: obsecure.c:803
PDWORD
DWORD * PDWORD
Definition: pedump.c:68
FSCTL_PIPE_IMPERSONATE
#define FSCTL_PIPE_IMPERSONATE
Definition: winioctl.h:734
warn
#define warn(...)
Definition: reactos_support_code.h:32
equal
#define equal(x, y)
Definition: reader.cc:56
offsetof
#define offsetof(TYPE, MEMBER)
Definition: sdbstringtable.c:26
exit
#define exit(n)
Definition: config.h:202
descr
const char * descr
Definition: boot.c:45
GetSecurityDescriptorControl
BOOL WINAPI GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
Definition: sec.c:21
GetSecurityDescriptorGroup
BOOL WINAPI GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pGroup, LPBOOL lpbGroupDefaulted)
Definition: sec.c:76
SetSecurityDescriptorDacl
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
Definition: sec.c:262
GetSecurityDescriptorSacl
BOOL WINAPI GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbSaclPresent, PACL *pSacl, LPBOOL lpbSaclDefaulted)
Definition: sec.c:146
MakeSelfRelativeSD
BOOL WINAPI MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, LPDWORD lpdwBufferLength)
Definition: sec.c:214
GetSecurityDescriptorDacl
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
Definition: sec.c:45
GetSecurityDescriptorOwner
BOOL WINAPI GetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pOwner, LPBOOL lpbOwnerDefaulted)
Definition: sec.c:103
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
NtSetSecurityObject
NTSTATUS WINAPI NtSetSecurityObject(HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor)
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
WELLKNOWNRID::Rid
DWORD Rid
Definition: security.c:106
WELLKNOWNRID::Type
WELL_KNOWN_SID_TYPE Type
Definition: security.c:105
WELLKNOWNSID::Sid
MAX_SID Sid
Definition: security.c:42
WELLKNOWNSID::Type
WELL_KNOWN_SID_TYPE Type
Definition: security.c:41
_ACE_HEADER
Definition: ms-dtyp.idl:209
_ACL
Definition: ms-dtyp.idl:293
_GENERIC_MAPPING
Definition: nt_native.h:564
_IO_STATUS_BLOCK
Definition: env_spec_w32.h:870
_LUID_AND_ATTRIBUTES
Definition: setypes.h:73
_LUID
Definition: devicetopology.idl:137
_MAX_SID
Definition: security.c:30
_MAX_SID::IdentifierAuthority
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: security.c:34
_MAX_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: security.c:33
_MAX_SID::Revision
BYTE Revision
Definition: security.c:32
_MAX_SID::SubAuthority
DWORD SubAuthority[SID_MAX_SUB_AUTHORITIES]
Definition: security.c:35
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_OBJECT_TYPE_LIST
Definition: setypes.h:868
_PRIVILEGE_SET
Definition: setypes.h:85
_SECURITY_ATTRIBUTES
Definition: compat.h:191
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
_SECURITY_QUALITY_OF_SERVICE
Definition: lsa.idl:63
_SECURITY_QUALITY_OF_SERVICE::ContextTrackingMode
SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode
Definition: lsa.idl:66
_SECURITY_QUALITY_OF_SERVICE::EffectiveOnly
BOOLEAN EffectiveOnly
Definition: lsa.idl:67
_SECURITY_QUALITY_OF_SERVICE::Length
DWORD Length
Definition: lsa.idl:64
_SECURITY_QUALITY_OF_SERVICE::ImpersonationLevel
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
Definition: lsa.idl:65
_SID_AND_ATTRIBUTES
Definition: setypes.h:502
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:508
_SID_IDENTIFIER_AUTHORITY
Definition: ms-dtyp.idl:194
_SID_IDENTIFIER_AUTHORITY::Value
BYTE Value[6]
Definition: ms-dtyp.idl:195
_SID
Definition: ms-dtyp.idl:198
_SID::Revision
BYTE Revision
Definition: ms-dtyp.idl:199
_SID::SubAuthority
DWORD SubAuthority[*]
Definition: ms-dtyp.idl:202
_SID::SubAuthorityCount
BYTE SubAuthorityCount
Definition: ms-dtyp.idl:200
_SID::IdentifierAuthority
SID_IDENTIFIER_AUTHORITY IdentifierAuthority
Definition: ms-dtyp.idl:201
_TOKEN_GROUPS
Definition: setypes.h:1025
_TOKEN_GROUPS::Groups
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:1030
_TOKEN_GROUPS::GroupCount
$ULONG GroupCount
Definition: setypes.h:1026
_TOKEN_PRIVILEGES
Definition: setypes.h:1034
_TOKEN_PRIVILEGES::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:1035
_TOKEN_PRIVILEGES::Privileges
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:1036
_UNICODE_STRING
Definition: env_spec_w32.h:368
attr
Definition: cookie.c:202
control
Definition: dialog.c:52
dacl
Definition: security.c:35
domain
Definition: cookie.c:42
file
Definition: fci.c:127
name
Definition: name.c:39
status
Definition: ps.c:97
types
Definition: cmds.c:130
NtAdjustPrivilegesToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState!=NULL, _Out_) PULONG ReturnLength)
Removes a certain amount of privileges of a token based upon the request by the caller.
Definition: tokenadj.c:451
NtAdjustGroupsToken
NTSTATUS NTAPI NtAdjustGroupsToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN ResetToDefault, _In_ PTOKEN_GROUPS NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_GROUPS PreviousState, _When_(PreviousState !=NULL, _Out_) PULONG ReturnLength)
Changes the list of groups by enabling or disabling them in an access token. Unlike NtAdjustPrivilege...
Definition: tokenadj.c:695
NtQueryInformationToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
Definition: tokencls.c:473
NtSetInformationToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtSetInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength)
Sets (modifies) some specific information in regard of an access token. The calling thread must have ...
Definition: tokencls.c:1125
NtFilterToken
NTSTATUS NTAPI NtFilterToken(_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle)
Creates an access token in a restricted form from the original existing token, that is,...
Definition: tokenlif.c:2075
NtDuplicateToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtDuplicateToken(_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle)
Duplicates a token.
Definition: tokenlif.c:1869
LPDWORD
uint32_t * LPDWORD
Definition: typedefs.h:59
PUCHAR
unsigned char * PUCHAR
Definition: typedefs.h:53
ULONG
uint32_t ULONG
Definition: typedefs.h:59
out
wchar_t tm const _CrtWcstime_Writes_and_advances_ptr_ count wchar_t ** out
Definition: wcsftime.cpp:383
Value
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING _Out_opt_ PUSHORT _Inout_opt_ PUNICODE_STRING Value
Definition: wdfregistry.h:413
success
#define success(from, fromstr, to, tostr)
Definition: win_iconv_test.c:158
GetLastError
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
GetCurrentThread
HANDLE WINAPI GetCurrentThread(void)
Definition: proc.c:1148
CopyMemory
#define CopyMemory
Definition: winbase.h:1751
LPBOOL
BOOL * LPBOOL
Definition: windef.h:162
PBOOL
BOOL * PBOOL
Definition: windef.h:161
WINAPI
#define WINAPI
Definition: msvc.h:6
ERROR_NON_DOMAIN_SID
#define ERROR_NON_DOMAIN_SID
Definition: winerror.h:1091
ERROR_NO_IMPERSONATION_TOKEN
#define ERROR_NO_IMPERSONATION_TOKEN
Definition: winerror.h:1137
ERROR_INVALID_SID
#define ERROR_INVALID_SID
Definition: winerror.h:1165
ACL_INFORMATION_CLASS
enum _ACL_INFORMATION_CLASS ACL_INFORMATION_CLASS
Privileges
_In_ PSECURITY_SUBJECT_CONTEXT _In_ BOOLEAN _In_ ACCESS_MASK _In_ ACCESS_MASK _Outptr_opt_ PPRIVILEGE_SET * Privileges
Definition: sefuncs.h:17
SECURITY_ANONYMOUS_LOGON_RID
#define SECURITY_ANONYMOUS_LOGON_RID
Definition: setypes.h:563
DOMAIN_ALIAS_RID_USERS
#define DOMAIN_ALIAS_RID_USERS
Definition: setypes.h:653
DOMAIN_ALIAS_RID_GUESTS
#define DOMAIN_ALIAS_RID_GUESTS
Definition: setypes.h:654
DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS
#define DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS
Definition: setypes.h:666
DOMAIN_GROUP_RID_SCHEMA_ADMINS
#define DOMAIN_GROUP_RID_SCHEMA_ADMINS
Definition: setypes.h:645
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
DOMAIN_USER_RID_ADMIN
#define DOMAIN_USER_RID_ADMIN
Definition: setypes.h:631
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
SECURITY_LOGON_IDS_RID
#define SECURITY_LOGON_IDS_RID
Definition: setypes.h:560
SECURITY_LOCAL_SID_AUTHORITY
#define SECURITY_LOCAL_SID_AUTHORITY
Definition: setypes.h:530
SECURITY_LOCAL_RID
#define SECURITY_LOCAL_RID
Definition: setypes.h:542
SECURITY_DIALUP_RID
#define SECURITY_DIALUP_RID
Definition: setypes.h:556
SECURITY_SERVICE_RID
#define SECURITY_SERVICE_RID
Definition: setypes.h:562
DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS
#define DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS
Definition: setypes.h:672
TOKEN_DUPLICATE
#define TOKEN_DUPLICATE
Definition: setypes.h:938
SECURITY_PROXY_RID
#define SECURITY_PROXY_RID
Definition: setypes.h:564
SECURITY_INTERACTIVE_RID
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:559
SECURITY_MANDATORY_SYSTEM_RID
#define SECURITY_MANDATORY_SYSTEM_RID
Definition: setypes.h:687
SECURITY_WORLD_SID_AUTHORITY
#define SECURITY_WORLD_SID_AUTHORITY
Definition: setypes.h:527
DOMAIN_GROUP_RID_CONTROLLERS
#define DOMAIN_GROUP_RID_CONTROLLERS
Definition: setypes.h:643
DOMAIN_GROUP_RID_COMPUTERS
#define DOMAIN_GROUP_RID_COMPUTERS
Definition: setypes.h:642
SECURITY_WORLD_RID
#define SECURITY_WORLD_RID
Definition: setypes.h:541
SECURITY_CREATOR_GROUP_SERVER_RID
#define SECURITY_CREATOR_GROUP_SERVER_RID
Definition: setypes.h:548
DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS
#define DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS
Definition: setypes.h:665
DOMAIN_ALIAS_RID_SYSTEM_OPS
#define DOMAIN_ALIAS_RID_SYSTEM_OPS
Definition: setypes.h:658
DOMAIN_ALIAS_RID_MONITORING_USERS
#define DOMAIN_ALIAS_RID_MONITORING_USERS
Definition: setypes.h:669
DOMAIN_GROUP_RID_POLICY_ADMINS
#define DOMAIN_GROUP_RID_POLICY_ADMINS
Definition: setypes.h:647
SECURITY_STATIC_TRACKING
#define SECURITY_STATIC_TRACKING
Definition: setypes.h:104
SECURITY_MANDATORY_LABEL_AUTHORITY
#define SECURITY_MANDATORY_LABEL_AUTHORITY
Definition: setypes.h:682
TOKEN_QUERY
#define TOKEN_QUERY
Definition: setypes.h:940
SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
SECURITY_APP_PACKAGE_AUTHORITY
#define SECURITY_APP_PACKAGE_AUTHORITY
Definition: setypes.h:756
SECURITY_AUTHENTICATED_USER_RID
#define SECURITY_AUTHENTICATED_USER_RID
Definition: setypes.h:568
DOMAIN_GROUP_RID_GUESTS
#define DOMAIN_GROUP_RID_GUESTS
Definition: setypes.h:641
DOMAIN_ALIAS_RID_LOGGING_USERS
#define DOMAIN_ALIAS_RID_LOGGING_USERS
Definition: setypes.h:670
OWNER_SECURITY_INFORMATION
#define OWNER_SECURITY_INFORMATION
Definition: setypes.h:123
SECURITY_PACKAGE_NTLM_RID
#define SECURITY_PACKAGE_NTLM_RID
Definition: setypes.h:587
SECURITY_NULL_RID
#define SECURITY_NULL_RID
Definition: setypes.h:540
SECURITY_CREATOR_OWNER_RIGHTS_RID
#define SECURITY_CREATOR_OWNER_RIGHTS_RID
Definition: setypes.h:549
SECURITY_PACKAGE_BASE_RID
#define SECURITY_PACKAGE_BASE_RID
Definition: setypes.h:585
DOMAIN_ALIAS_RID_ACCOUNT_OPS
#define DOMAIN_ALIAS_RID_ACCOUNT_OPS
Definition: setypes.h:657
SECURITY_RESTRICTED_CODE_RID
#define SECURITY_RESTRICTED_CODE_RID
Definition: setypes.h:569
DOMAIN_USER_RID_GUEST
#define DOMAIN_USER_RID_GUEST
Definition: setypes.h:632
SECURITY_NT_AUTHORITY
#define SECURITY_NT_AUTHORITY
Definition: setypes.h:554
DOMAIN_ALIAS_RID_RAS_SERVERS
#define DOMAIN_ALIAS_RID_RAS_SERVERS
Definition: setypes.h:663
SECURITY_PACKAGE_DIGEST_RID
#define SECURITY_PACKAGE_DIGEST_RID
Definition: setypes.h:589
DOMAIN_GROUP_RID_CERT_ADMINS
#define DOMAIN_GROUP_RID_CERT_ADMINS
Definition: setypes.h:644
SECURITY_TERMINAL_SERVER_RID
#define SECURITY_TERMINAL_SERVER_RID
Definition: setypes.h:570
DOMAIN_ALIAS_RID_BACKUP_OPS
#define DOMAIN_ALIAS_RID_BACKUP_OPS
Definition: setypes.h:660
TokenDefaultDacl
@ TokenDefaultDacl
Definition: setypes.h:983
TokenGroupsAndPrivileges
@ TokenGroupsAndPrivileges
Definition: setypes.h:990
TokenSource
@ TokenSource
Definition: setypes.h:984
TokenStatistics
@ TokenStatistics
Definition: setypes.h:987
TokenImpersonationLevel
@ TokenImpersonationLevel
Definition: setypes.h:986
TokenSandBoxInert
@ TokenSandBoxInert
Definition: setypes.h:992
TokenRestrictedSids
@ TokenRestrictedSids
Definition: setypes.h:988
TokenGroups
@ TokenGroups
Definition: setypes.h:979
TokenPrivileges
@ TokenPrivileges
Definition: setypes.h:980
TokenUser
@ TokenUser
Definition: setypes.h:978
TokenPrimaryGroup
@ TokenPrimaryGroup
Definition: setypes.h:982
TokenSessionId
@ TokenSessionId
Definition: setypes.h:989
TokenSessionReference
@ TokenSessionReference
Definition: setypes.h:991
TokenElevation
@ TokenElevation
Definition: setypes.h:997
TokenElevationType
@ TokenElevationType
Definition: setypes.h:995
TokenOwner
@ TokenOwner
Definition: setypes.h:981
TokenLinkedToken
@ TokenLinkedToken
Definition: setypes.h:996
SECURITY_BATCH_RID
#define SECURITY_BATCH_RID
Definition: setypes.h:558
SECURITY_MANDATORY_HIGH_RID
#define SECURITY_MANDATORY_HIGH_RID
Definition: setypes.h:686
DOMAIN_ALIAS_RID_PRINT_OPS
#define DOMAIN_ALIAS_RID_PRINT_OPS
Definition: setypes.h:659
SECURITY_CREATOR_OWNER_SERVER_RID
#define SECURITY_CREATOR_OWNER_SERVER_RID
Definition: setypes.h:547
DOMAIN_ALIAS_RID_REPLICATOR
#define DOMAIN_ALIAS_RID_REPLICATOR
Definition: setypes.h:662
SECURITY_LOCAL_SERVICE_RID
#define SECURITY_LOCAL_SERVICE_RID
Definition: setypes.h:575
DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS
#define DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS
Definition: setypes.h:671
SECURITY_OTHER_ORGANIZATION_RID
#define SECURITY_OTHER_ORGANIZATION_RID
Definition: setypes.h:619
SECURITY_THIS_ORGANIZATION_RID
#define SECURITY_THIS_ORGANIZATION_RID
Definition: setypes.h:572
SYSTEM_MANDATORY_LABEL_ACE_TYPE
#define SYSTEM_MANDATORY_LABEL_ACE_TYPE
Definition: setypes.h:741
SECURITY_PRINCIPAL_SELF_RID
#define SECURITY_PRINCIPAL_SELF_RID
Definition: setypes.h:567
SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
TOKEN_INFORMATION_CLASS
enum _TOKEN_INFORMATION_CLASS TOKEN_INFORMATION_CLASS
PSID_IDENTIFIER_AUTHORITY
* PSID_IDENTIFIER_AUTHORITY
Definition: setypes.h:464
SECURITY_CREATOR_OWNER_RID
#define SECURITY_CREATOR_OWNER_RID
Definition: setypes.h:545
DOMAIN_ALIAS_RID_POWER_USERS
#define DOMAIN_ALIAS_RID_POWER_USERS
Definition: setypes.h:655
GROUP_SECURITY_INFORMATION
#define GROUP_SECURITY_INFORMATION
Definition: setypes.h:124
DOMAIN_GROUP_RID_ENTERPRISE_ADMINS
#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS
Definition: setypes.h:646
TOKEN_IMPERSONATE
#define TOKEN_IMPERSONATE
Definition: setypes.h:939
SECURITY_NULL_SID_AUTHORITY
#define SECURITY_NULL_SID_AUTHORITY
Definition: setypes.h:524
DOMAIN_ALIAS_RID_PREW2KCOMPACCESS
#define DOMAIN_ALIAS_RID_PREW2KCOMPACCESS
Definition: setypes.h:664
SECURITY_PACKAGE_SCHANNEL_RID
#define SECURITY_PACKAGE_SCHANNEL_RID
Definition: setypes.h:588
SECURITY_APP_PACKAGE_BASE_RID
#define SECURITY_APP_PACKAGE_BASE_RID
Definition: setypes.h:757
SECURITY_ENTERPRISE_CONTROLLERS_RID
#define SECURITY_ENTERPRISE_CONTROLLERS_RID
Definition: setypes.h:565
SID_MAX_SUB_AUTHORITIES
#define SID_MAX_SUB_AUTHORITIES
Definition: setypes.h:482
SECURITY_BUILTIN_PACKAGE_ANY_PACKAGE
#define SECURITY_BUILTIN_PACKAGE_ANY_PACKAGE
Definition: setypes.h:766
SECURITY_NETWORK_RID
#define SECURITY_NETWORK_RID
Definition: setypes.h:557
SECURITY_LOGON_IDS_RID_COUNT
#define SECURITY_LOGON_IDS_RID_COUNT
Definition: setypes.h:561
SECURITY_NETWORK_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:576
WELL_KNOWN_SID_TYPE
WELL_KNOWN_SID_TYPE
Definition: setypes.h:455
SACL_SECURITY_INFORMATION
#define SACL_SECURITY_INFORMATION
Definition: setypes.h:126
DOMAIN_USER_RID_KRBTGT
#define DOMAIN_USER_RID_KRBTGT
Definition: setypes.h:633
DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652
DOMAIN_GROUP_RID_ADMINS
#define DOMAIN_GROUP_RID_ADMINS
Definition: setypes.h:639
SID_REVISION
#define SID_REVISION
Definition: setypes.h:481
SECURITY_CREATOR_SID_AUTHORITY
#define SECURITY_CREATOR_SID_AUTHORITY
Definition: setypes.h:533
SECURITY_MANDATORY_MEDIUM_RID
#define SECURITY_MANDATORY_MEDIUM_RID
Definition: setypes.h:685
SECURITY_MANDATORY_LOW_RID
#define SECURITY_MANDATORY_LOW_RID
Definition: setypes.h:684
SECURITY_REMOTE_LOGON_RID
#define SECURITY_REMOTE_LOGON_RID
Definition: setypes.h:571
SECURITY_CREATOR_GROUP_RID
#define SECURITY_CREATOR_GROUP_RID
Definition: setypes.h:546
DOMAIN_ALIAS_RID_DCOM_USERS
#define DOMAIN_ALIAS_RID_DCOM_USERS
Definition: setypes.h:673
DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS
#define DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS
Definition: setypes.h:667
DOMAIN_GROUP_RID_USERS
#define DOMAIN_GROUP_RID_USERS
Definition: setypes.h:640
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184
LPCWSTR
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185
BYTE
unsigned char BYTE
Definition: xxhash.c:193