2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/advapi32/sec/sec.c
5 * PURPOSE: Security descriptor functions
6 * PROGRAMMER: Ariadne ( ariadne@xs4all.nl)
7 * Steven Edwards ( Steven_Ed4153@yahoo.com )
8 * Andrew Greenwood ( silverblade_uk@hotmail.com )
14 WINE_DEFAULT_DEBUG_CHANNEL(advapi
);
21 GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
22 PSECURITY_DESCRIPTOR_CONTROL pControl
,
27 Status
= RtlGetControlSecurityDescriptor(pSecurityDescriptor
,
29 (PULONG
)lpdwRevision
);
30 if (!NT_SUCCESS(Status
))
32 SetLastError(RtlNtStatusToDosError(Status
));
45 GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
46 LPBOOL lpbDaclPresent
,
48 LPBOOL lpbDaclDefaulted
)
51 BOOLEAN DaclDefaulted
;
54 Status
= RtlGetDaclSecurityDescriptor(pSecurityDescriptor
,
58 *lpbDaclPresent
= (BOOL
)DaclPresent
;
59 *lpbDaclDefaulted
= (BOOL
)DaclDefaulted
;
61 if (!NT_SUCCESS(Status
))
63 SetLastError(RtlNtStatusToDosError(Status
));
76 GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
78 LPBOOL lpbGroupDefaulted
)
80 BOOLEAN GroupDefaulted
;
83 Status
= RtlGetGroupSecurityDescriptor(pSecurityDescriptor
,
86 *lpbGroupDefaulted
= (BOOL
)GroupDefaulted
;
88 if (!NT_SUCCESS(Status
))
90 SetLastError(RtlNtStatusToDosError(Status
));
103 GetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
105 LPBOOL lpbOwnerDefaulted
)
107 BOOLEAN OwnerDefaulted
;
110 Status
= RtlGetOwnerSecurityDescriptor(pSecurityDescriptor
,
113 *lpbOwnerDefaulted
= (BOOL
)OwnerDefaulted
;
115 if (!NT_SUCCESS(Status
))
117 SetLastError(RtlNtStatusToDosError(Status
));
130 GetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor
,
133 if (!RtlGetSecurityDescriptorRMControl(SecurityDescriptor
,
135 return ERROR_INVALID_DATA
;
137 return ERROR_SUCCESS
;
146 GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
147 LPBOOL lpbSaclPresent
,
149 LPBOOL lpbSaclDefaulted
)
152 BOOLEAN SaclDefaulted
;
155 Status
= RtlGetSaclSecurityDescriptor(pSecurityDescriptor
,
159 *lpbSaclPresent
= (BOOL
)SaclPresent
;
160 *lpbSaclDefaulted
= (BOOL
)SaclDefaulted
;
162 if (!NT_SUCCESS(Status
))
164 SetLastError(RtlNtStatusToDosError(Status
));
177 InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
182 Status
= RtlCreateSecurityDescriptor(pSecurityDescriptor
,
184 if (!NT_SUCCESS(Status
))
186 SetLastError(RtlNtStatusToDosError(Status
));
199 IsValidSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor
)
203 Result
= RtlValidSecurityDescriptor (pSecurityDescriptor
);
205 SetLastError(RtlNtStatusToDosError(STATUS_INVALID_SECURITY_DESCR
));
216 MakeAbsoluteSD(PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor
,
217 PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor
,
218 LPDWORD lpdwAbsoluteSecurityDescriptorSize
,
220 LPDWORD lpdwDaclSize
,
222 LPDWORD lpdwSaclSize
,
224 LPDWORD lpdwOwnerSize
,
226 LPDWORD lpdwPrimaryGroupSize
)
230 Status
= RtlSelfRelativeToAbsoluteSD(pSelfRelativeSecurityDescriptor
,
231 pAbsoluteSecurityDescriptor
,
232 lpdwAbsoluteSecurityDescriptorSize
,
240 lpdwPrimaryGroupSize
);
241 if (!NT_SUCCESS(Status
))
243 SetLastError(RtlNtStatusToDosError(Status
));
256 MakeAbsoluteSD2(IN OUT PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor
,
257 OUT LPDWORD lpdwBufferSize
)
261 Status
= RtlSelfRelativeToAbsoluteSD2(pSelfRelativeSecurityDescriptor
,
263 if (!NT_SUCCESS(Status
))
265 SetLastError(RtlNtStatusToDosError(Status
));
278 MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor
,
279 PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor
,
280 LPDWORD lpdwBufferLength
)
284 Status
= RtlAbsoluteToSelfRelativeSD(pAbsoluteSecurityDescriptor
,
285 pSelfRelativeSecurityDescriptor
,
286 (PULONG
)lpdwBufferLength
);
287 if (!NT_SUCCESS(Status
))
289 SetLastError(RtlNtStatusToDosError(Status
));
302 SetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
303 SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest
,
304 SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet
)
308 Status
= RtlSetControlSecurityDescriptor(pSecurityDescriptor
,
309 ControlBitsOfInterest
,
311 if (!NT_SUCCESS(Status
))
313 SetLastError(RtlNtStatusToDosError(Status
));
326 SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
333 Status
= RtlSetDaclSecurityDescriptor(pSecurityDescriptor
,
337 if (!NT_SUCCESS(Status
))
339 SetLastError(RtlNtStatusToDosError(Status
));
352 SetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
354 BOOL bGroupDefaulted
)
358 Status
= RtlSetGroupSecurityDescriptor(pSecurityDescriptor
,
361 if (!NT_SUCCESS(Status
))
363 SetLastError(RtlNtStatusToDosError(Status
));
376 SetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
378 BOOL bOwnerDefaulted
)
382 Status
= RtlSetOwnerSecurityDescriptor(pSecurityDescriptor
,
385 if (!NT_SUCCESS(Status
))
387 SetLastError(RtlNtStatusToDosError(Status
));
400 SetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor
,
403 RtlSetSecurityDescriptorRMControl(SecurityDescriptor
,
406 return ERROR_SUCCESS
;
415 SetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
422 Status
= RtlSetSaclSecurityDescriptor(pSecurityDescriptor
,
426 if (!NT_SUCCESS(Status
))
428 SetLastError(RtlNtStatusToDosError(Status
));
441 QuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation
,
442 OUT LPDWORD DesiredAccess
)
446 if (SecurityInformation
& (OWNER_SECURITY_INFORMATION
|
447 GROUP_SECURITY_INFORMATION
| DACL_SECURITY_INFORMATION
))
449 *DesiredAccess
|= READ_CONTROL
;
452 if (SecurityInformation
& SACL_SECURITY_INFORMATION
)
453 *DesiredAccess
|= ACCESS_SYSTEM_SECURITY
;
462 SetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation
,
463 OUT LPDWORD DesiredAccess
)
467 if (SecurityInformation
& (OWNER_SECURITY_INFORMATION
| GROUP_SECURITY_INFORMATION
))
468 *DesiredAccess
|= WRITE_OWNER
;
470 if (SecurityInformation
& DACL_SECURITY_INFORMATION
)
471 *DesiredAccess
|= WRITE_DAC
;
473 if (SecurityInformation
& SACL_SECURITY_INFORMATION
)
474 *DesiredAccess
|= ACCESS_SYSTEM_SECURITY
;
483 ConvertToAutoInheritPrivateObjectSecurity(IN PSECURITY_DESCRIPTOR ParentDescriptor
,
484 IN PSECURITY_DESCRIPTOR CurrentSecurityDescriptor
,
485 OUT PSECURITY_DESCRIPTOR
* NewSecurityDescriptor
,
487 IN BOOLEAN IsDirectoryObject
,
488 IN PGENERIC_MAPPING GenericMapping
)
500 BuildSecurityDescriptorW(IN PTRUSTEE_W pOwner OPTIONAL
,
501 IN PTRUSTEE_W pGroup OPTIONAL
,
502 IN ULONG cCountOfAccessEntries
,
503 IN PEXPLICIT_ACCESS_W pListOfAccessEntries OPTIONAL
,
504 IN ULONG cCountOfAuditEntries
,
505 IN PEXPLICIT_ACCESS_W pListOfAuditEntries OPTIONAL
,
506 IN PSECURITY_DESCRIPTOR pOldSD OPTIONAL
,
507 OUT PULONG pSizeNewSD
,
508 OUT PSECURITY_DESCRIPTOR
* pNewSD
)
520 BuildSecurityDescriptorA(IN PTRUSTEE_A pOwner OPTIONAL
,
521 IN PTRUSTEE_A pGroup OPTIONAL
,
522 IN ULONG cCountOfAccessEntries
,
523 IN PEXPLICIT_ACCESS_A pListOfAccessEntries OPTIONAL
,
524 IN ULONG cCountOfAuditEntries
,
525 IN PEXPLICIT_ACCESS_A pListOfAuditEntries OPTIONAL
,
526 IN PSECURITY_DESCRIPTOR pOldSD OPTIONAL
,
527 OUT PULONG pSizeNewSD
,
528 OUT PSECURITY_DESCRIPTOR
* pNewSD
)