2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/advapi32/sec/sec.c
5 * PURPOSE: Security descriptor functions
6 * PROGRAMMER: Ariadne ( ariadne@xs4all.nl)
7 * Steven Edwards ( Steven_Ed4153@yahoo.com )
8 * Andrew Greenwood ( silverblade_uk@hotmail.com )
14 WINE_DEFAULT_DEBUG_CHANNEL(advapi
);
21 GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
22 PSECURITY_DESCRIPTOR_CONTROL pControl
,
27 Status
= RtlGetControlSecurityDescriptor(pSecurityDescriptor
,
29 (PULONG
)lpdwRevision
);
30 if (!NT_SUCCESS(Status
))
32 SetLastError(RtlNtStatusToDosError(Status
));
45 GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
46 LPBOOL lpbDaclPresent
,
48 LPBOOL lpbDaclDefaulted
)
51 BOOLEAN DaclDefaulted
;
54 Status
= RtlGetDaclSecurityDescriptor(pSecurityDescriptor
,
58 *lpbDaclPresent
= (BOOL
)DaclPresent
;
59 *lpbDaclDefaulted
= (BOOL
)DaclDefaulted
;
61 if (!NT_SUCCESS(Status
))
63 SetLastError(RtlNtStatusToDosError(Status
));
76 GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
78 LPBOOL lpbGroupDefaulted
)
80 BOOLEAN GroupDefaulted
;
83 Status
= RtlGetGroupSecurityDescriptor(pSecurityDescriptor
,
86 *lpbGroupDefaulted
= (BOOL
)GroupDefaulted
;
88 if (!NT_SUCCESS(Status
))
90 SetLastError(RtlNtStatusToDosError(Status
));
103 GetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
105 LPBOOL lpbOwnerDefaulted
)
107 BOOLEAN OwnerDefaulted
;
110 Status
= RtlGetOwnerSecurityDescriptor(pSecurityDescriptor
,
113 *lpbOwnerDefaulted
= (BOOL
)OwnerDefaulted
;
115 if (!NT_SUCCESS(Status
))
117 SetLastError(RtlNtStatusToDosError(Status
));
130 GetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor
,
133 if (!RtlGetSecurityDescriptorRMControl(SecurityDescriptor
,
135 return ERROR_INVALID_DATA
;
137 return ERROR_SUCCESS
;
146 GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
147 LPBOOL lpbSaclPresent
,
149 LPBOOL lpbSaclDefaulted
)
152 BOOLEAN SaclDefaulted
;
155 Status
= RtlGetSaclSecurityDescriptor(pSecurityDescriptor
,
159 *lpbSaclPresent
= (BOOL
)SaclPresent
;
160 *lpbSaclDefaulted
= (BOOL
)SaclDefaulted
;
162 if (!NT_SUCCESS(Status
))
164 SetLastError(RtlNtStatusToDosError(Status
));
176 IsValidSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor
)
180 Result
= RtlValidSecurityDescriptor (pSecurityDescriptor
);
182 SetLastError(RtlNtStatusToDosError(STATUS_INVALID_SECURITY_DESCR
));
192 MakeAbsoluteSD2(IN OUT PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor
,
193 OUT LPDWORD lpdwBufferSize
)
197 Status
= RtlSelfRelativeToAbsoluteSD2(pSelfRelativeSecurityDescriptor
,
199 if (!NT_SUCCESS(Status
))
201 SetLastError(RtlNtStatusToDosError(Status
));
214 MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor
,
215 PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor
,
216 LPDWORD lpdwBufferLength
)
220 Status
= RtlAbsoluteToSelfRelativeSD(pAbsoluteSecurityDescriptor
,
221 pSelfRelativeSecurityDescriptor
,
222 (PULONG
)lpdwBufferLength
);
223 if (!NT_SUCCESS(Status
))
225 SetLastError(RtlNtStatusToDosError(Status
));
238 SetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
239 SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest
,
240 SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet
)
244 Status
= RtlSetControlSecurityDescriptor(pSecurityDescriptor
,
245 ControlBitsOfInterest
,
247 if (!NT_SUCCESS(Status
))
249 SetLastError(RtlNtStatusToDosError(Status
));
262 SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
269 Status
= RtlSetDaclSecurityDescriptor(pSecurityDescriptor
,
273 if (!NT_SUCCESS(Status
))
275 SetLastError(RtlNtStatusToDosError(Status
));
288 SetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
290 BOOL bGroupDefaulted
)
294 Status
= RtlSetGroupSecurityDescriptor(pSecurityDescriptor
,
297 if (!NT_SUCCESS(Status
))
299 SetLastError(RtlNtStatusToDosError(Status
));
312 SetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
314 BOOL bOwnerDefaulted
)
318 Status
= RtlSetOwnerSecurityDescriptor(pSecurityDescriptor
,
321 if (!NT_SUCCESS(Status
))
323 SetLastError(RtlNtStatusToDosError(Status
));
336 SetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor
,
339 RtlSetSecurityDescriptorRMControl(SecurityDescriptor
,
342 return ERROR_SUCCESS
;
351 SetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
358 Status
= RtlSetSaclSecurityDescriptor(pSecurityDescriptor
,
362 if (!NT_SUCCESS(Status
))
364 SetLastError(RtlNtStatusToDosError(Status
));
377 QuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation
,
378 OUT LPDWORD DesiredAccess
)
382 if (SecurityInformation
& (OWNER_SECURITY_INFORMATION
|
383 GROUP_SECURITY_INFORMATION
| DACL_SECURITY_INFORMATION
))
385 *DesiredAccess
|= READ_CONTROL
;
388 if (SecurityInformation
& SACL_SECURITY_INFORMATION
)
389 *DesiredAccess
|= ACCESS_SYSTEM_SECURITY
;
398 SetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation
,
399 OUT LPDWORD DesiredAccess
)
403 if (SecurityInformation
& (OWNER_SECURITY_INFORMATION
| GROUP_SECURITY_INFORMATION
))
404 *DesiredAccess
|= WRITE_OWNER
;
406 if (SecurityInformation
& DACL_SECURITY_INFORMATION
)
407 *DesiredAccess
|= WRITE_DAC
;
409 if (SecurityInformation
& SACL_SECURITY_INFORMATION
)
410 *DesiredAccess
|= ACCESS_SYSTEM_SECURITY
;
419 ConvertToAutoInheritPrivateObjectSecurity(IN PSECURITY_DESCRIPTOR ParentDescriptor
,
420 IN PSECURITY_DESCRIPTOR CurrentSecurityDescriptor
,
421 OUT PSECURITY_DESCRIPTOR
* NewSecurityDescriptor
,
423 IN BOOLEAN IsDirectoryObject
,
424 IN PGENERIC_MAPPING GenericMapping
)
436 BuildSecurityDescriptorW(IN PTRUSTEE_W pOwner OPTIONAL
,
437 IN PTRUSTEE_W pGroup OPTIONAL
,
438 IN ULONG cCountOfAccessEntries
,
439 IN PEXPLICIT_ACCESS_W pListOfAccessEntries OPTIONAL
,
440 IN ULONG cCountOfAuditEntries
,
441 IN PEXPLICIT_ACCESS_W pListOfAuditEntries OPTIONAL
,
442 IN PSECURITY_DESCRIPTOR pOldSD OPTIONAL
,
443 OUT PULONG pSizeNewSD
,
444 OUT PSECURITY_DESCRIPTOR
* pNewSD
)
456 BuildSecurityDescriptorA(IN PTRUSTEE_A pOwner OPTIONAL
,
457 IN PTRUSTEE_A pGroup OPTIONAL
,
458 IN ULONG cCountOfAccessEntries
,
459 IN PEXPLICIT_ACCESS_A pListOfAccessEntries OPTIONAL
,
460 IN ULONG cCountOfAuditEntries
,
461 IN PEXPLICIT_ACCESS_A pListOfAuditEntries OPTIONAL
,
462 IN PSECURITY_DESCRIPTOR pOldSD OPTIONAL
,
463 OUT PULONG pSizeNewSD
,
464 OUT PSECURITY_DESCRIPTOR
* pNewSD
)