2 * COPYRIGHT: See COPYING in the top level directory
4 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
5 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
6 * Copyright 2006 Robert Reif
8 * PROJECT: ReactOS system libraries
9 * FILE: dll/win32/advapi32/sec/misc.c
10 * PURPOSE: Miscellaneous security functions (some ported from Wine)
14 #include "wine/unicode.h"
15 #include "wine/debug.h"
17 WINE_DEFAULT_DEBUG_CHANNEL(advapi
);
19 /* Needed for LookupAccountNameW implementation from Wine */
21 typedef struct _AccountSid
23 WELL_KNOWN_SID_TYPE type
;
26 SID_NAME_USE name_use
;
29 static const WCHAR Account_Operators
[] = { 'A','c','c','o','u','n','t',' ','O','p','e','r','a','t','o','r','s',0 };
30 static const WCHAR Administrator
[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0 };
31 static const WCHAR Administrators
[] = { 'A','d','m','i','n','i','s','t','r','a','t','o','r','s',0 };
32 static const WCHAR ANONYMOUS_LOGON
[] = { 'A','N','O','N','Y','M','O','U','S',' ','L','O','G','O','N',0 };
33 static const WCHAR Authenticated_Users
[] = { 'A','u','t','h','e','n','t','i','c','a','t','e','d',' ','U','s','e','r','s',0 };
34 static const WCHAR Backup_Operators
[] = { 'B','a','c','k','u','p',' ','O','p','e','r','a','t','o','r','s',0 };
35 static const WCHAR BATCH
[] = { 'B','A','T','C','H',0 };
36 static const WCHAR Blank
[] = { 0 };
37 static const WCHAR BUILTIN
[] = { 'B','U','I','L','T','I','N',0 };
38 static const WCHAR Cert_Publishers
[] = { 'C','e','r','t',' ','P','u','b','l','i','s','h','e','r','s',0 };
39 static const WCHAR CREATOR_GROUP
[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',0 };
40 static const WCHAR CREATOR_GROUP_SERVER
[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',' ','S','E','R','V','E','R',0 };
41 static const WCHAR CREATOR_OWNER
[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',0 };
42 static const WCHAR CREATOR_OWNER_SERVER
[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',' ','S','E','R','V','E','R',0 };
43 static const WCHAR DIALUP
[] = { 'D','I','A','L','U','P',0 };
44 static const WCHAR Digest_Authentication
[] = { 'D','i','g','e','s','t',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 };
45 static const WCHAR DOMAIN
[] = {'D','O','M','A','I','N',0};
46 static const WCHAR Domain_Admins
[] = { 'D','o','m','a','i','n',' ','A','d','m','i','n','s',0 };
47 static const WCHAR Domain_Computers
[] = { 'D','o','m','a','i','n',' ','C','o','m','p','u','t','e','r','s',0 };
48 static const WCHAR Domain_Controllers
[] = { 'D','o','m','a','i','n',' ','C','o','n','t','r','o','l','l','e','r','s',0 };
49 static const WCHAR Domain_Guests
[] = { 'D','o','m','a','i','n',' ','G','u','e','s','t','s',0 };
50 static const WCHAR Domain_Users
[] = { 'D','o','m','a','i','n',' ','U','s','e','r','s',0 };
51 static const WCHAR Enterprise_Admins
[] = { 'E','n','t','e','r','p','r','i','s','e',' ','A','d','m','i','n','s',0 };
52 static const WCHAR ENTERPRISE_DOMAIN_CONTROLLERS
[] = { 'E','N','T','E','R','P','R','I','S','E',' ','D','O','M','A','I','N',' ','C','O','N','T','R','O','L','L','E','R','S',0 };
53 static const WCHAR Everyone
[] = { 'E','v','e','r','y','o','n','e',0 };
54 static const WCHAR Group_Policy_Creator_Owners
[] = { 'G','r','o','u','p',' ','P','o','l','i','c','y',' ','C','r','e','a','t','o','r',' ','O','w','n','e','r','s',0 };
55 static const WCHAR Guest
[] = { 'G','u','e','s','t',0 };
56 static const WCHAR Guests
[] = { 'G','u','e','s','t','s',0 };
57 static const WCHAR INTERACTIVE
[] = { 'I','N','T','E','R','A','C','T','I','V','E',0 };
58 static const WCHAR LOCAL
[] = { 'L','O','C','A','L',0 };
59 static const WCHAR LOCAL_SERVICE
[] = { 'L','O','C','A','L',' ','S','E','R','V','I','C','E',0 };
60 static const WCHAR NETWORK
[] = { 'N','E','T','W','O','R','K',0 };
61 static const WCHAR Network_Configuration_Operators
[] = { 'N','e','t','w','o','r','k',' ','C','o','n','f','i','g','u','r','a','t','i','o','n',' ','O','p','e','r','a','t','o','r','s',0 };
62 static const WCHAR NETWORK_SERVICE
[] = { 'N','E','T','W','O','R','K',' ','S','E','R','V','I','C','E',0 };
63 static const WCHAR NT_AUTHORITY
[] = { 'N','T',' ','A','U','T','H','O','R','I','T','Y',0 };
64 static const WCHAR NT_Pseudo_Domain
[] = { 'N','T',' ','P','s','e','u','d','o',' ','D','o','m','a','i','n',0 };
65 static const WCHAR NTML_Authentication
[] = { 'N','T','M','L',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 };
66 static const WCHAR NULL_SID
[] = { 'N','U','L','L',' ','S','I','D',0 };
67 static const WCHAR Other_Organization
[] = { 'O','t','h','e','r',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 };
68 static const WCHAR Performance_Log_Users
[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','L','o','g',' ','U','s','e','r','s',0 };
69 static const WCHAR Performance_Monitor_Users
[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','M','o','n','i','t','o','r',' ','U','s','e','r','s',0 };
70 static const WCHAR Power_Users
[] = { 'P','o','w','e','r',' ','U','s','e','r','s',0 };
71 static const WCHAR Pre_Windows_2000_Compatible_Access
[] = { 'P','r','e','-','W','i','n','d','o','w','s',' ','2','0','0','0',' ','C','o','m','p','a','t','i','b','l','e',' ','A','c','c','e','s','s',0 };
72 static const WCHAR Print_Operators
[] = { 'P','r','i','n','t',' ','O','p','e','r','a','t','o','r','s',0 };
73 static const WCHAR PROXY
[] = { 'P','R','O','X','Y',0 };
74 static const WCHAR RAS_and_IAS_Servers
[] = { 'R','A','S',' ','a','n','d',' ','I','A','S',' ','S','e','r','v','e','r','s',0 };
75 static const WCHAR Remote_Desktop_Users
[] = { 'R','e','m','o','t','e',' ','D','e','s','k','t','o','p',' ','U','s','e','r','s',0 };
76 static const WCHAR REMOTE_INTERACTIVE_LOGON
[] = { 'R','E','M','O','T','E',' ','I','N','T','E','R','A','C','T','I','V','E',' ','L','O','G','O','N',0 };
77 static const WCHAR Replicators
[] = { 'R','e','p','l','i','c','a','t','o','r','s',0 };
78 static const WCHAR RESTRICTED
[] = { 'R','E','S','T','R','I','C','T','E','D',0 };
79 static const WCHAR SChannel_Authentication
[] = { 'S','C','h','a','n','n','e','l',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 };
80 static const WCHAR Schema_Admins
[] = { 'S','c','h','e','m','a',' ','A','d','m','i','n','s',0 };
81 static const WCHAR SELF
[] = { 'S','E','L','F',0 };
82 static const WCHAR Server_Operators
[] = { 'S','e','r','v','e','r',' ','O','p','e','r','a','t','o','r','s',0 };
83 static const WCHAR SERVICE
[] = { 'S','E','R','V','I','C','E',0 };
84 static const WCHAR SYSTEM
[] = { 'S','Y','S','T','E','M',0 };
85 static const WCHAR TERMINAL_SERVER_USER
[] = { 'T','E','R','M','I','N','A','L',' ','S','E','R','V','E','R',' ','U','S','E','R',0 };
86 static const WCHAR This_Organization
[] = { 'T','h','i','s',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 };
87 static const WCHAR Users
[] = { 'U','s','e','r','s',0 };
89 static const AccountSid ACCOUNT_SIDS
[] = {
90 { WinNullSid
, NULL_SID
, Blank
, SidTypeWellKnownGroup
},
91 { WinWorldSid
, Everyone
, Blank
, SidTypeWellKnownGroup
},
92 { WinLocalSid
, LOCAL
, Blank
, SidTypeWellKnownGroup
},
93 { WinCreatorOwnerSid
, CREATOR_OWNER
, Blank
, SidTypeWellKnownGroup
},
94 { WinCreatorGroupSid
, CREATOR_GROUP
, Blank
, SidTypeWellKnownGroup
},
95 { WinCreatorOwnerServerSid
, CREATOR_OWNER_SERVER
, Blank
, SidTypeWellKnownGroup
},
96 { WinCreatorGroupServerSid
, CREATOR_GROUP_SERVER
, Blank
, SidTypeWellKnownGroup
},
97 { WinNtAuthoritySid
, NT_Pseudo_Domain
, NT_Pseudo_Domain
, SidTypeDomain
},
98 { WinDialupSid
, DIALUP
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
99 { WinNetworkSid
, NETWORK
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
100 { WinBatchSid
, BATCH
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
101 { WinInteractiveSid
, INTERACTIVE
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
102 { WinServiceSid
, SERVICE
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
103 { WinAnonymousSid
, ANONYMOUS_LOGON
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
104 { WinProxySid
, PROXY
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
105 { WinEnterpriseControllersSid
, ENTERPRISE_DOMAIN_CONTROLLERS
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
106 { WinSelfSid
, SELF
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
107 { WinAuthenticatedUserSid
, Authenticated_Users
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
108 { WinRestrictedCodeSid
, RESTRICTED
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
109 { WinTerminalServerSid
, TERMINAL_SERVER_USER
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
110 { WinRemoteLogonIdSid
, REMOTE_INTERACTIVE_LOGON
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
111 { WinLocalSystemSid
, SYSTEM
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
112 { WinLocalServiceSid
, LOCAL_SERVICE
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
113 { WinNetworkServiceSid
, NETWORK_SERVICE
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
114 { WinBuiltinDomainSid
, BUILTIN
, BUILTIN
, SidTypeDomain
},
115 { WinBuiltinAdministratorsSid
, Administrators
, BUILTIN
, SidTypeAlias
},
116 { WinBuiltinUsersSid
, Users
, BUILTIN
, SidTypeAlias
},
117 { WinBuiltinGuestsSid
, Guests
, BUILTIN
, SidTypeAlias
},
118 { WinBuiltinPowerUsersSid
, Power_Users
, BUILTIN
, SidTypeAlias
},
119 { WinBuiltinAccountOperatorsSid
, Account_Operators
, BUILTIN
, SidTypeAlias
},
120 { WinBuiltinSystemOperatorsSid
, Server_Operators
, BUILTIN
, SidTypeAlias
},
121 { WinBuiltinPrintOperatorsSid
, Print_Operators
, BUILTIN
, SidTypeAlias
},
122 { WinBuiltinBackupOperatorsSid
, Backup_Operators
, BUILTIN
, SidTypeAlias
},
123 { WinBuiltinReplicatorSid
, Replicators
, BUILTIN
, SidTypeAlias
},
124 { WinBuiltinPreWindows2000CompatibleAccessSid
, Pre_Windows_2000_Compatible_Access
, BUILTIN
, SidTypeAlias
},
125 { WinBuiltinRemoteDesktopUsersSid
, Remote_Desktop_Users
, BUILTIN
, SidTypeAlias
},
126 { WinBuiltinNetworkConfigurationOperatorsSid
, Network_Configuration_Operators
, BUILTIN
, SidTypeAlias
},
127 { WinNTLMAuthenticationSid
, NTML_Authentication
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
128 { WinDigestAuthenticationSid
, Digest_Authentication
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
129 { WinSChannelAuthenticationSid
, SChannel_Authentication
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
130 { WinThisOrganizationSid
, This_Organization
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
131 { WinOtherOrganizationSid
, Other_Organization
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
132 { WinBuiltinPerfMonitoringUsersSid
, Performance_Monitor_Users
, BUILTIN
, SidTypeAlias
},
133 { WinBuiltinPerfLoggingUsersSid
, Performance_Log_Users
, BUILTIN
, SidTypeAlias
},
136 static const WCHAR SE_CREATE_TOKEN_NAME_W
[] =
137 { 'S','e','C','r','e','a','t','e','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
138 static const WCHAR SE_ASSIGNPRIMARYTOKEN_NAME_W
[] =
139 { 'S','e','A','s','s','i','g','n','P','r','i','m','a','r','y','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
140 static const WCHAR SE_LOCK_MEMORY_NAME_W
[] =
141 { 'S','e','L','o','c','k','M','e','m','o','r','y','P','r','i','v','i','l','e','g','e',0 };
142 static const WCHAR SE_INCREASE_QUOTA_NAME_W
[] =
143 { 'S','e','I','n','c','r','e','a','s','e','Q','u','o','t','a','P','r','i','v','i','l','e','g','e',0 };
144 static const WCHAR SE_MACHINE_ACCOUNT_NAME_W
[] =
145 { 'S','e','M','a','c','h','i','n','e','A','c','c','o','u','n','t','P','r','i','v','i','l','e','g','e',0 };
146 static const WCHAR SE_TCB_NAME_W
[] =
147 { 'S','e','T','c','b','P','r','i','v','i','l','e','g','e',0 };
148 static const WCHAR SE_SECURITY_NAME_W
[] =
149 { 'S','e','S','e','c','u','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
150 static const WCHAR SE_TAKE_OWNERSHIP_NAME_W
[] =
151 { 'S','e','T','a','k','e','O','w','n','e','r','s','h','i','p','P','r','i','v','i','l','e','g','e',0 };
152 static const WCHAR SE_LOAD_DRIVER_NAME_W
[] =
153 { 'S','e','L','o','a','d','D','r','i','v','e','r','P','r','i','v','i','l','e','g','e',0 };
154 static const WCHAR SE_SYSTEM_PROFILE_NAME_W
[] =
155 { 'S','e','S','y','s','t','e','m','P','r','o','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
156 static const WCHAR SE_SYSTEMTIME_NAME_W
[] =
157 { 'S','e','S','y','s','t','e','m','t','i','m','e','P','r','i','v','i','l','e','g','e',0 };
158 static const WCHAR SE_PROF_SINGLE_PROCESS_NAME_W
[] =
159 { 'S','e','P','r','o','f','i','l','e','S','i','n','g','l','e','P','r','o','c','e','s','s','P','r','i','v','i','l','e','g','e',0 };
160 static const WCHAR SE_INC_BASE_PRIORITY_NAME_W
[] =
161 { 'S','e','I','n','c','r','e','a','s','e','B','a','s','e','P','r','i','o','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
162 static const WCHAR SE_CREATE_PAGEFILE_NAME_W
[] =
163 { 'S','e','C','r','e','a','t','e','P','a','g','e','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
164 static const WCHAR SE_CREATE_PERMANENT_NAME_W
[] =
165 { 'S','e','C','r','e','a','t','e','P','e','r','m','a','n','e','n','t','P','r','i','v','i','l','e','g','e',0 };
166 static const WCHAR SE_BACKUP_NAME_W
[] =
167 { 'S','e','B','a','c','k','u','p','P','r','i','v','i','l','e','g','e',0 };
168 static const WCHAR SE_RESTORE_NAME_W
[] =
169 { 'S','e','R','e','s','t','o','r','e','P','r','i','v','i','l','e','g','e',0 };
170 static const WCHAR SE_SHUTDOWN_NAME_W
[] =
171 { 'S','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
172 static const WCHAR SE_DEBUG_NAME_W
[] =
173 { 'S','e','D','e','b','u','g','P','r','i','v','i','l','e','g','e',0 };
174 static const WCHAR SE_AUDIT_NAME_W
[] =
175 { 'S','e','A','u','d','i','t','P','r','i','v','i','l','e','g','e',0 };
176 static const WCHAR SE_SYSTEM_ENVIRONMENT_NAME_W
[] =
177 { 'S','e','S','y','s','t','e','m','E','n','v','i','r','o','n','m','e','n','t','P','r','i','v','i','l','e','g','e',0 };
178 static const WCHAR SE_CHANGE_NOTIFY_NAME_W
[] =
179 { 'S','e','C','h','a','n','g','e','N','o','t','i','f','y','P','r','i','v','i','l','e','g','e',0 };
180 static const WCHAR SE_REMOTE_SHUTDOWN_NAME_W
[] =
181 { 'S','e','R','e','m','o','t','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
182 static const WCHAR SE_UNDOCK_NAME_W
[] =
183 { 'S','e','U','n','d','o','c','k','P','r','i','v','i','l','e','g','e',0 };
184 static const WCHAR SE_SYNC_AGENT_NAME_W
[] =
185 { 'S','e','S','y','n','c','A','g','e','n','t','P','r','i','v','i','l','e','g','e',0 };
186 static const WCHAR SE_ENABLE_DELEGATION_NAME_W
[] =
187 { 'S','e','E','n','a','b','l','e','D','e','l','e','g','a','t','i','o','n','P','r','i','v','i','l','e','g','e',0 };
188 static const WCHAR SE_MANAGE_VOLUME_NAME_W
[] =
189 { 'S','e','M','a','n','a','g','e','V','o','l','u','m','e','P','r','i','v','i','l','e','g','e',0 };
190 static const WCHAR SE_IMPERSONATE_NAME_W
[] =
191 { 'S','e','I','m','p','e','r','s','o','n','a','t','e','P','r','i','v','i','l','e','g','e',0 };
192 static const WCHAR SE_CREATE_GLOBAL_NAME_W
[] =
193 { 'S','e','C','r','e','a','t','e','G','l','o','b','a','l','P','r','i','v','i','l','e','g','e',0 };
195 static const WCHAR
* const WellKnownPrivNames
[SE_MAX_WELL_KNOWN_PRIVILEGE
+ 1] =
199 SE_CREATE_TOKEN_NAME_W
,
200 SE_ASSIGNPRIMARYTOKEN_NAME_W
,
201 SE_LOCK_MEMORY_NAME_W
,
202 SE_INCREASE_QUOTA_NAME_W
,
203 SE_MACHINE_ACCOUNT_NAME_W
,
206 SE_TAKE_OWNERSHIP_NAME_W
,
207 SE_LOAD_DRIVER_NAME_W
,
208 SE_SYSTEM_PROFILE_NAME_W
,
209 SE_SYSTEMTIME_NAME_W
,
210 SE_PROF_SINGLE_PROCESS_NAME_W
,
211 SE_INC_BASE_PRIORITY_NAME_W
,
212 SE_CREATE_PAGEFILE_NAME_W
,
213 SE_CREATE_PERMANENT_NAME_W
,
219 SE_SYSTEM_ENVIRONMENT_NAME_W
,
220 SE_CHANGE_NOTIFY_NAME_W
,
221 SE_REMOTE_SHUTDOWN_NAME_W
,
223 SE_SYNC_AGENT_NAME_W
,
224 SE_ENABLE_DELEGATION_NAME_W
,
225 SE_MANAGE_VOLUME_NAME_W
,
226 SE_IMPERSONATE_NAME_W
,
227 SE_CREATE_GLOBAL_NAME_W
,
231 /* Interface to ntmarta.dll ***************************************************/
233 NTMARTA NtMartaStatic
= { 0 };
234 static PNTMARTA NtMarta
= NULL
;
236 #define FindNtMartaProc(Name) \
237 NtMartaStatic.Name = (PVOID)GetProcAddress(NtMartaStatic.hDllInstance, \
239 if (NtMartaStatic.Name == NULL) \
241 return GetLastError(); \
246 LoadAndInitializeNtMarta(VOID
)
248 /* this code may be executed simultaneously by multiple threads in case they're
249 trying to initialize the interface at the same time, but that's no problem
250 because the pointers returned by GetProcAddress will be the same. However,
251 only one of the threads will change the NtMarta pointer to the NtMartaStatic
252 structure, the others threads will detect that there were other threads
253 initializing the structure faster and will release the reference to the
256 NtMartaStatic
.hDllInstance
= LoadLibraryW(L
"ntmarta.dll");
257 if (NtMartaStatic
.hDllInstance
== NULL
)
259 return GetLastError();
263 FindNtMartaProc(LookupAccountTrustee
);
264 FindNtMartaProc(LookupAccountName
);
265 FindNtMartaProc(LookupAccountSid
);
266 FindNtMartaProc(SetEntriesInAList
);
267 FindNtMartaProc(ConvertAccessToSecurityDescriptor
);
268 FindNtMartaProc(ConvertSDToAccess
);
269 FindNtMartaProc(ConvertAclToAccess
);
270 FindNtMartaProc(GetAccessForTrustee
);
271 FindNtMartaProc(GetExplicitEntries
);
273 FindNtMartaProc(RewriteGetNamedRights
);
274 FindNtMartaProc(RewriteSetNamedRights
);
275 FindNtMartaProc(RewriteGetHandleRights
);
276 FindNtMartaProc(RewriteSetHandleRights
);
277 FindNtMartaProc(RewriteSetEntriesInAcl
);
278 FindNtMartaProc(RewriteGetExplicitEntriesFromAcl
);
279 FindNtMartaProc(TreeResetNamedSecurityInfo
);
280 FindNtMartaProc(GetInheritanceSource
);
281 FindNtMartaProc(FreeIndexArray
);
283 return ERROR_SUCCESS
;
288 CheckNtMartaPresent(VOID
)
292 if (InterlockedCompareExchangePointer(&NtMarta
,
296 /* we're the first one trying to use ntmarta, initialize it and change
297 the pointer after initialization */
298 ErrorCode
= LoadAndInitializeNtMarta();
300 if (ErrorCode
== ERROR_SUCCESS
)
302 /* try change the NtMarta pointer */
303 if (InterlockedCompareExchangePointer(&NtMarta
,
307 /* another thread initialized ntmarta in the meanwhile, release
308 the reference of the dll loaded. */
309 FreeLibrary(NtMartaStatic
.hDllInstance
);
315 ERR("Failed to initialize ntmarta.dll! Error: 0x%x", ErrorCode
);
321 /* ntmarta was already initialized */
322 ErrorCode
= ERROR_SUCCESS
;
332 if (InterlockedExchangePointer(&NtMarta
,
335 FreeLibrary(NtMartaStatic
.hDllInstance
);
340 /******************************************************************************/
347 AreAllAccessesGranted(DWORD GrantedAccess
,
350 return (BOOL
)RtlAreAllAccessesGranted(GrantedAccess
,
360 AreAnyAccessesGranted(DWORD GrantedAccess
,
363 return (BOOL
)RtlAreAnyAccessesGranted(GrantedAccess
,
368 /************************************************************
369 * ADVAPI_IsLocalComputer
371 * Checks whether the server name indicates local machine.
373 BOOL
ADVAPI_IsLocalComputer(LPCWSTR ServerName
)
375 DWORD dwSize
= MAX_COMPUTERNAME_LENGTH
+ 1;
379 if (!ServerName
|| !ServerName
[0])
382 buf
= HeapAlloc(GetProcessHeap(), 0, dwSize
* sizeof(WCHAR
));
383 Result
= GetComputerNameW(buf
, &dwSize
);
384 if (Result
&& (ServerName
[0] == '\\') && (ServerName
[1] == '\\'))
386 Result
= Result
&& !lstrcmpW(ServerName
, buf
);
387 HeapFree(GetProcessHeap(), 0, buf
);
393 /******************************************************************************
394 * GetFileSecurityA [ADVAPI32.@]
396 * Obtains Specified information about the security of a file or directory.
399 * lpFileName [I] Name of the file to get info for
400 * RequestedInformation [I] SE_ flags from "winnt.h"
401 * pSecurityDescriptor [O] Destination for security information
402 * nLength [I] Length of pSecurityDescriptor
403 * lpnLengthNeeded [O] Destination for length of returned security information
406 * Success: TRUE. pSecurityDescriptor contains the requested information.
407 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
410 * The information returned is constrained by the callers access rights and
417 GetFileSecurityA(LPCSTR lpFileName
,
418 SECURITY_INFORMATION RequestedInformation
,
419 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
421 LPDWORD lpnLengthNeeded
)
423 UNICODE_STRING FileName
;
427 Status
= RtlCreateUnicodeStringFromAsciiz(&FileName
,
429 if (!NT_SUCCESS(Status
))
431 SetLastError(RtlNtStatusToDosError(Status
));
435 bResult
= GetFileSecurityW(FileName
.Buffer
,
436 RequestedInformation
,
441 RtlFreeUnicodeString(&FileName
);
452 GetFileSecurityW(LPCWSTR lpFileName
,
453 SECURITY_INFORMATION RequestedInformation
,
454 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
456 LPDWORD lpnLengthNeeded
)
458 OBJECT_ATTRIBUTES ObjectAttributes
;
459 IO_STATUS_BLOCK StatusBlock
;
460 UNICODE_STRING FileName
;
461 ULONG AccessMask
= 0;
465 TRACE("GetFileSecurityW() called\n");
467 QuerySecurityAccessMask(RequestedInformation
, &AccessMask
);
469 if (!RtlDosPathNameToNtPathName_U(lpFileName
,
474 ERR("Invalid path\n");
475 SetLastError(ERROR_INVALID_NAME
);
479 InitializeObjectAttributes(&ObjectAttributes
,
481 OBJ_CASE_INSENSITIVE
,
485 Status
= NtOpenFile(&FileHandle
,
489 FILE_SHARE_READ
| FILE_SHARE_WRITE
| FILE_SHARE_DELETE
,
492 RtlFreeHeap(RtlGetProcessHeap(),
496 if (!NT_SUCCESS(Status
))
498 ERR("NtOpenFile() failed (Status %lx)\n", Status
);
499 SetLastError(RtlNtStatusToDosError(Status
));
503 Status
= NtQuerySecurityObject(FileHandle
,
504 RequestedInformation
,
509 if (!NT_SUCCESS(Status
))
511 ERR("NtQuerySecurityObject() failed (Status %lx)\n", Status
);
512 SetLastError(RtlNtStatusToDosError(Status
));
525 GetKernelObjectSecurity(HANDLE Handle
,
526 SECURITY_INFORMATION RequestedInformation
,
527 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
529 LPDWORD lpnLengthNeeded
)
533 Status
= NtQuerySecurityObject(Handle
,
534 RequestedInformation
,
538 if (!NT_SUCCESS(Status
))
540 SetLastError(RtlNtStatusToDosError(Status
));
548 /******************************************************************************
549 * SetFileSecurityA [ADVAPI32.@]
550 * Sets the security of a file or directory
556 SetFileSecurityA(LPCSTR lpFileName
,
557 SECURITY_INFORMATION SecurityInformation
,
558 PSECURITY_DESCRIPTOR pSecurityDescriptor
)
560 UNICODE_STRING FileName
;
564 Status
= RtlCreateUnicodeStringFromAsciiz(&FileName
,
566 if (!NT_SUCCESS(Status
))
568 SetLastError(RtlNtStatusToDosError(Status
));
572 bResult
= SetFileSecurityW(FileName
.Buffer
,
574 pSecurityDescriptor
);
576 RtlFreeUnicodeString(&FileName
);
582 /******************************************************************************
583 * SetFileSecurityW [ADVAPI32.@]
584 * Sets the security of a file or directory
590 SetFileSecurityW(LPCWSTR lpFileName
,
591 SECURITY_INFORMATION SecurityInformation
,
592 PSECURITY_DESCRIPTOR pSecurityDescriptor
)
594 OBJECT_ATTRIBUTES ObjectAttributes
;
595 IO_STATUS_BLOCK StatusBlock
;
596 UNICODE_STRING FileName
;
597 ULONG AccessMask
= 0;
601 TRACE("SetFileSecurityW() called\n");
603 SetSecurityAccessMask(SecurityInformation
, &AccessMask
);
605 if (!RtlDosPathNameToNtPathName_U(lpFileName
,
610 ERR("Invalid path\n");
611 SetLastError(ERROR_INVALID_NAME
);
615 InitializeObjectAttributes(&ObjectAttributes
,
617 OBJ_CASE_INSENSITIVE
,
621 Status
= NtOpenFile(&FileHandle
,
625 FILE_SHARE_READ
| FILE_SHARE_WRITE
| FILE_SHARE_DELETE
,
628 RtlFreeHeap(RtlGetProcessHeap(),
632 if (!NT_SUCCESS(Status
))
634 ERR("NtOpenFile() failed (Status %lx)\n", Status
);
635 SetLastError(RtlNtStatusToDosError(Status
));
639 Status
= NtSetSecurityObject(FileHandle
,
641 pSecurityDescriptor
);
644 if (!NT_SUCCESS(Status
))
646 ERR("NtSetSecurityObject() failed (Status %lx)\n", Status
);
647 SetLastError(RtlNtStatusToDosError(Status
));
660 SetKernelObjectSecurity(HANDLE Handle
,
661 SECURITY_INFORMATION SecurityInformation
,
662 PSECURITY_DESCRIPTOR SecurityDescriptor
)
666 Status
= NtSetSecurityObject(Handle
,
669 if (!NT_SUCCESS(Status
))
671 SetLastError(RtlNtStatusToDosError(Status
));
684 ImpersonateAnonymousToken(IN HANDLE ThreadHandle
)
688 Status
= NtImpersonateAnonymousToken(ThreadHandle
);
689 if (!NT_SUCCESS(Status
))
691 SetLastError(RtlNtStatusToDosError(Status
));
704 ImpersonateLoggedOnUser(HANDLE hToken
)
706 SECURITY_QUALITY_OF_SERVICE Qos
;
707 OBJECT_ATTRIBUTES ObjectAttributes
;
714 /* Get the token type */
715 Status
= NtQueryInformationToken(hToken
,
720 if (!NT_SUCCESS(Status
))
722 SetLastError(RtlNtStatusToDosError(Status
));
726 if (Type
== TokenPrimary
)
728 /* Create a duplicate impersonation token */
729 Qos
.Length
= sizeof(SECURITY_QUALITY_OF_SERVICE
);
730 Qos
.ImpersonationLevel
= SecurityImpersonation
;
731 Qos
.ContextTrackingMode
= SECURITY_DYNAMIC_TRACKING
;
732 Qos
.EffectiveOnly
= FALSE
;
734 ObjectAttributes
.Length
= sizeof(OBJECT_ATTRIBUTES
);
735 ObjectAttributes
.RootDirectory
= NULL
;
736 ObjectAttributes
.ObjectName
= NULL
;
737 ObjectAttributes
.Attributes
= 0;
738 ObjectAttributes
.SecurityDescriptor
= NULL
;
739 ObjectAttributes
.SecurityQualityOfService
= &Qos
;
741 Status
= NtDuplicateToken(hToken
,
742 TOKEN_IMPERSONATE
| TOKEN_QUERY
,
747 if (!NT_SUCCESS(Status
))
749 SetLastError(RtlNtStatusToDosError(Status
));
757 /* User the original impersonation token */
762 /* Impersonate the the current thread */
763 Status
= NtSetInformationThread(NtCurrentThread(),
764 ThreadImpersonationToken
,
768 if (Duplicated
== TRUE
)
773 if (!NT_SUCCESS(Status
))
775 SetLastError(RtlNtStatusToDosError(Status
));
788 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
)
792 Status
= RtlImpersonateSelf(ImpersonationLevel
);
793 if (!NT_SUCCESS(Status
))
795 SetLastError(RtlNtStatusToDosError(Status
));
813 Status
= NtSetInformationThread(NtCurrentThread(),
814 ThreadImpersonationToken
,
817 if (!NT_SUCCESS(Status
))
819 SetLastError(RtlNtStatusToDosError(Status
));
827 /******************************************************************************
828 * GetUserNameA [ADVAPI32.@]
830 * Get the current user name.
833 * lpszName [O] Destination for the user name.
834 * lpSize [I/O] Size of lpszName.
841 GetUserNameA(LPSTR lpszName
,
844 UNICODE_STRING NameW
;
848 /* apparently Win doesn't check whether lpSize is valid at all! */
850 NameW
.MaximumLength
= (*lpSize
) * sizeof(WCHAR
);
851 NameW
.Buffer
= LocalAlloc(LMEM_FIXED
, NameW
.MaximumLength
);
852 if(NameW
.Buffer
== NULL
)
854 SetLastError(ERROR_NOT_ENOUGH_MEMORY
);
859 NameA
.MaximumLength
= ((*lpSize
) < 0xFFFF ? (USHORT
)(*lpSize
) : 0xFFFF);
860 NameA
.Buffer
= lpszName
;
862 Ret
= GetUserNameW(NameW
.Buffer
,
866 NameW
.Length
= (*lpSize
- 1) * sizeof(WCHAR
);
867 RtlUnicodeStringToAnsiString(&NameA
, &NameW
, FALSE
);
869 *lpSize
= NameA
.Length
+ 1;
872 LocalFree(NameW
.Buffer
);
878 /******************************************************************************
879 * GetUserNameW [ADVAPI32.@]
887 GetUserNameW(LPWSTR lpszName
,
890 HANDLE hToken
= INVALID_HANDLE_VALUE
;
893 TOKEN_USER
* token_user
= NULL
;
895 SID_NAME_USE snu
= SidTypeUser
;
896 WCHAR
* domain_name
= NULL
;
899 if ( !OpenThreadToken ( GetCurrentThread(), TOKEN_QUERY
, FALSE
, &hToken
) )
901 DWORD dwLastError
= GetLastError();
902 if ( dwLastError
!= ERROR_NO_TOKEN
903 && dwLastError
!= ERROR_NO_IMPERSONATION_TOKEN
)
905 /* don't call SetLastError(),
906 as OpenThreadToken() ought to have set one */
909 if ( !OpenProcessToken ( GetCurrentProcess(), TOKEN_QUERY
, &hToken
) )
911 /* don't call SetLastError(),
912 as OpenProcessToken() ought to have set one */
916 tu_buf
= LocalAlloc ( LMEM_FIXED
, 36 );
919 SetLastError ( ERROR_NOT_ENOUGH_MEMORY
);
920 CloseHandle ( hToken
);
923 if ( !GetTokenInformation ( hToken
, TokenUser
, tu_buf
, 36, &tu_len
) || tu_len
> 36 )
925 LocalFree ( tu_buf
);
926 tu_buf
= LocalAlloc ( LMEM_FIXED
, tu_len
);
929 SetLastError ( ERROR_NOT_ENOUGH_MEMORY
);
930 CloseHandle ( hToken
);
933 if ( !GetTokenInformation ( hToken
, TokenUser
, tu_buf
, tu_len
, &tu_len
) )
935 /* don't call SetLastError(),
936 as GetTokenInformation() ought to have set one */
937 LocalFree ( tu_buf
);
938 CloseHandle ( hToken
);
942 CloseHandle ( hToken
);
943 token_user
= (TOKEN_USER
*)tu_buf
;
947 domain_name
= LocalAlloc ( LMEM_FIXED
, dn_len
* sizeof(WCHAR
) );
950 LocalFree ( tu_buf
);
951 SetLastError ( ERROR_NOT_ENOUGH_MEMORY
);
954 if ( !LookupAccountSidW ( NULL
, token_user
->User
.Sid
, lpszName
, &an_len
, domain_name
, &dn_len
, &snu
)
959 LocalFree ( domain_name
);
960 domain_name
= LocalAlloc ( LMEM_FIXED
, dn_len
* sizeof(WCHAR
) );
963 LocalFree ( tu_buf
);
964 SetLastError ( ERROR_NOT_ENOUGH_MEMORY
);
969 if ( !LookupAccountSidW ( NULL
, token_user
->User
.Sid
, lpszName
, &an_len
, domain_name
, &dn_len
, &snu
) )
971 /* don't call SetLastError(),
972 as LookupAccountSid() ought to have set one */
973 LocalFree ( domain_name
);
974 LocalFree ( tu_buf
);
980 LocalFree ( domain_name
);
981 LocalFree ( tu_buf
);
982 *lpSize
= an_len
+ 1;
987 /******************************************************************************
988 * LookupAccountSidA [ADVAPI32.@]
994 LookupAccountSidA(LPCSTR lpSystemName
,
998 LPSTR lpReferencedDomainName
,
999 LPDWORD cchReferencedDomainName
,
1000 PSID_NAME_USE peUse
)
1002 UNICODE_STRING NameW
, ReferencedDomainNameW
, SystemNameW
;
1003 DWORD szName
, szReferencedDomainName
;
1007 * save the buffer sizes the caller passed to us, as they may get modified and
1008 * we require the original values when converting back to ansi
1011 szReferencedDomainName
= *cchReferencedDomainName
;
1014 * allocate buffers for the unicode strings to receive
1020 NameW
.MaximumLength
= szName
* sizeof(WCHAR
);
1021 NameW
.Buffer
= (PWSTR
)LocalAlloc(LMEM_FIXED
, NameW
.MaximumLength
);
1022 if(NameW
.Buffer
== NULL
)
1024 SetLastError(ERROR_OUTOFMEMORY
);
1029 NameW
.Buffer
= NULL
;
1031 if(szReferencedDomainName
> 0)
1033 ReferencedDomainNameW
.Length
= 0;
1034 ReferencedDomainNameW
.MaximumLength
= szReferencedDomainName
* sizeof(WCHAR
);
1035 ReferencedDomainNameW
.Buffer
= (PWSTR
)LocalAlloc(LMEM_FIXED
, ReferencedDomainNameW
.MaximumLength
);
1036 if(ReferencedDomainNameW
.Buffer
== NULL
)
1040 LocalFree(NameW
.Buffer
);
1042 SetLastError(ERROR_OUTOFMEMORY
);
1047 ReferencedDomainNameW
.Buffer
= NULL
;
1050 * convert the system name to unicode - if present
1053 if(lpSystemName
!= NULL
)
1055 ANSI_STRING SystemNameA
;
1057 RtlInitAnsiString(&SystemNameA
, lpSystemName
);
1058 RtlAnsiStringToUnicodeString(&SystemNameW
, &SystemNameA
, TRUE
);
1061 SystemNameW
.Buffer
= NULL
;
1064 * it's time to call the unicode version
1067 Ret
= LookupAccountSidW(SystemNameW
.Buffer
,
1071 ReferencedDomainNameW
.Buffer
,
1072 cchReferencedDomainName
,
1077 * convert unicode strings back to ansi, don't forget that we can't convert
1078 * more than 0xFFFF (USHORT) characters! Also don't forget to explicitly
1079 * terminate the converted string, the Rtl functions don't do that!
1086 NameA
.MaximumLength
= ((szName
<= 0xFFFF) ? (USHORT
)szName
: 0xFFFF);
1087 NameA
.Buffer
= lpName
;
1089 RtlUnicodeStringToAnsiString(&NameA
, &NameW
, FALSE
);
1090 NameA
.Buffer
[NameA
.Length
] = '\0';
1093 if(lpReferencedDomainName
!= NULL
)
1095 ANSI_STRING ReferencedDomainNameA
;
1097 ReferencedDomainNameA
.Length
= 0;
1098 ReferencedDomainNameA
.MaximumLength
= ((szReferencedDomainName
<= 0xFFFF) ?
1099 (USHORT
)szReferencedDomainName
: 0xFFFF);
1100 ReferencedDomainNameA
.Buffer
= lpReferencedDomainName
;
1102 RtlUnicodeStringToAnsiString(&ReferencedDomainNameA
, &ReferencedDomainNameW
, FALSE
);
1103 ReferencedDomainNameA
.Buffer
[ReferencedDomainNameA
.Length
] = '\0';
1108 * free previously allocated buffers
1111 if(SystemNameW
.Buffer
!= NULL
)
1113 RtlFreeUnicodeString(&SystemNameW
);
1115 if(NameW
.Buffer
!= NULL
)
1117 LocalFree(NameW
.Buffer
);
1119 if(ReferencedDomainNameW
.Buffer
!= NULL
)
1121 LocalFree(ReferencedDomainNameW
.Buffer
);
1128 /******************************************************************************
1129 * LookupAccountSidW [ADVAPI32.@]
1134 LookupAccountSidW(LPCWSTR pSystemName
,
1136 LPWSTR pAccountName
,
1137 LPDWORD pdwAccountName
,
1139 LPDWORD pdwDomainName
,
1140 PSID_NAME_USE peUse
)
1142 LSA_UNICODE_STRING SystemName
;
1143 LSA_OBJECT_ATTRIBUTES ObjectAttributes
= {0};
1144 LSA_HANDLE PolicyHandle
= NULL
;
1146 PLSA_REFERENCED_DOMAIN_LIST ReferencedDomain
= NULL
;
1147 PLSA_TRANSLATED_NAME TranslatedName
= NULL
;
1150 RtlInitUnicodeString ( &SystemName
, pSystemName
);
1151 Status
= LsaOpenPolicy ( &SystemName
, &ObjectAttributes
, POLICY_LOOKUP_NAMES
, &PolicyHandle
);
1152 if ( !NT_SUCCESS(Status
) )
1154 SetLastError ( LsaNtStatusToWinError(Status
) );
1157 Status
= LsaLookupSids ( PolicyHandle
, 1, &pSid
, &ReferencedDomain
, &TranslatedName
);
1159 LsaClose ( PolicyHandle
);
1161 if ( !NT_SUCCESS(Status
) || Status
== STATUS_SOME_NOT_MAPPED
)
1163 SetLastError ( LsaNtStatusToWinError(Status
) );
1169 if ( TranslatedName
)
1171 DWORD dwSrcLen
= TranslatedName
->Name
.Length
/ sizeof(WCHAR
);
1172 if ( *pdwAccountName
<= dwSrcLen
)
1174 *pdwAccountName
= dwSrcLen
+ 1;
1179 *pdwAccountName
= dwSrcLen
;
1182 RtlCopyMemory ( pAccountName
, TranslatedName
->Name
.Buffer
, TranslatedName
->Name
.Length
);
1183 pAccountName
[TranslatedName
->Name
.Length
/ sizeof(WCHAR
)] = L
'\0';
1187 *peUse
= TranslatedName
->Use
;
1190 if ( ReferencedDomain
)
1192 if ( ReferencedDomain
->Entries
> 0 )
1194 DWORD dwSrcLen
= ReferencedDomain
->Domains
[0].Name
.Length
/ sizeof(WCHAR
);
1195 if ( *pdwDomainName
<= dwSrcLen
)
1197 *pdwDomainName
= dwSrcLen
+ 1;
1202 *pdwDomainName
= dwSrcLen
;
1203 RtlCopyMemory ( pDomainName
, ReferencedDomain
->Domains
[0].Name
.Buffer
, ReferencedDomain
->Domains
[0].Name
.Length
);
1204 pDomainName
[ReferencedDomain
->Domains
[0].Name
.Length
/ sizeof(WCHAR
)] = L
'\0';
1210 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1213 if ( ReferencedDomain
)
1214 LsaFreeMemory ( ReferencedDomain
);
1215 if ( TranslatedName
)
1216 LsaFreeMemory ( TranslatedName
);
1223 /******************************************************************************
1224 * LookupAccountNameA [ADVAPI32.@]
1230 LookupAccountNameA(LPCSTR SystemName
,
1234 LPSTR ReferencedDomainName
,
1235 LPDWORD hReferencedDomainNameLength
,
1236 PSID_NAME_USE SidNameUse
)
1239 UNICODE_STRING lpSystemW
;
1240 UNICODE_STRING lpAccountW
;
1241 LPWSTR lpReferencedDomainNameW
= NULL
;
1243 RtlCreateUnicodeStringFromAsciiz(&lpSystemW
, SystemName
);
1244 RtlCreateUnicodeStringFromAsciiz(&lpAccountW
, AccountName
);
1246 if (ReferencedDomainName
)
1247 lpReferencedDomainNameW
= HeapAlloc(GetProcessHeap(),
1249 *hReferencedDomainNameLength
* sizeof(WCHAR
));
1251 ret
= LookupAccountNameW(lpSystemW
.Buffer
,
1255 lpReferencedDomainNameW
,
1256 hReferencedDomainNameLength
,
1259 if (ret
&& lpReferencedDomainNameW
)
1261 WideCharToMultiByte(CP_ACP
,
1263 lpReferencedDomainNameW
,
1264 *hReferencedDomainNameLength
+ 1,
1265 ReferencedDomainName
,
1266 *hReferencedDomainNameLength
+ 1,
1271 RtlFreeUnicodeString(&lpSystemW
);
1272 RtlFreeUnicodeString(&lpAccountW
);
1273 HeapFree(GetProcessHeap(), 0, lpReferencedDomainNameW
);
1279 /******************************************************************************
1280 * LookupAccountNameW [ADVAPI32.@]
1286 LookupAccountNameW(LPCWSTR lpSystemName
,
1287 LPCWSTR lpAccountName
,
1290 LPWSTR ReferencedDomainName
,
1291 LPDWORD cchReferencedDomainName
,
1292 PSID_NAME_USE peUse
)
1294 /* Default implementation: Always return a default SID */
1295 SID_IDENTIFIER_AUTHORITY identifierAuthority
= {SECURITY_NT_AUTHORITY
};
1298 static const WCHAR dm
[] = {'D','O','M','A','I','N',0};
1301 TRACE("%s %s %p %p %p %p %p - stub\n", lpSystemName
, lpAccountName
,
1302 Sid
, cbSid
, ReferencedDomainName
, cchReferencedDomainName
, peUse
);
1304 if (!ADVAPI_IsLocalComputer(lpSystemName
))
1306 SetLastError(RPC_S_SERVER_UNAVAILABLE
);
1310 for (i
= 0; i
< (sizeof(ACCOUNT_SIDS
) / sizeof(ACCOUNT_SIDS
[0])); i
++)
1312 if (!wcscmp(lpAccountName
, ACCOUNT_SIDS
[i
].account
))
1314 if (*cchReferencedDomainName
)
1315 *ReferencedDomainName
= '\0';
1316 *cchReferencedDomainName
= 0;
1317 *peUse
= SidTypeWellKnownGroup
;
1318 return CreateWellKnownSid(ACCOUNT_SIDS
[i
].type
, NULL
, Sid
, cbSid
);
1322 ret
= AllocateAndInitializeSid(&identifierAuthority
,
1324 SECURITY_BUILTIN_DOMAIN_RID
,
1325 DOMAIN_ALIAS_RID_ADMINS
,
1332 if (!RtlValidSid(pSid
))
1338 if (Sid
!= NULL
&& (*cbSid
>= GetLengthSid(pSid
)))
1339 CopySid(*cbSid
, Sid
, pSid
);
1341 if (*cbSid
< GetLengthSid(pSid
))
1343 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1347 *cbSid
= GetLengthSid(pSid
);
1349 if (ReferencedDomainName
!= NULL
&& (*cchReferencedDomainName
> wcslen(dm
)))
1350 wcscpy(ReferencedDomainName
, dm
);
1352 if ((*cchReferencedDomainName
<= wcslen(dm
)) || (!ret
))
1354 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1356 *cchReferencedDomainName
= wcslen(dm
) + 1;
1360 *cchReferencedDomainName
= wcslen(dm
);
1369 /**********************************************************************
1370 * LookupPrivilegeValueA EXPORTED
1376 LookupPrivilegeValueA(LPCSTR lpSystemName
,
1380 UNICODE_STRING SystemName
;
1381 UNICODE_STRING Name
;
1384 /* Remote system? */
1385 if (lpSystemName
!= NULL
)
1387 RtlCreateUnicodeStringFromAsciiz(&SystemName
,
1388 (LPSTR
)lpSystemName
);
1391 SystemName
.Buffer
= NULL
;
1393 /* Check the privilege name is not NULL */
1396 SetLastError(ERROR_NO_SUCH_PRIVILEGE
);
1400 RtlCreateUnicodeStringFromAsciiz(&Name
,
1403 Result
= LookupPrivilegeValueW(SystemName
.Buffer
,
1407 RtlFreeUnicodeString(&Name
);
1409 /* Remote system? */
1410 if (SystemName
.Buffer
!= NULL
)
1412 RtlFreeUnicodeString(&SystemName
);
1419 /**********************************************************************
1420 * LookupPrivilegeValueW EXPORTED
1426 LookupPrivilegeValueW(LPCWSTR SystemName
,
1430 static const WCHAR
* const DefaultPrivNames
[] =
1432 L
"SeCreateTokenPrivilege",
1433 L
"SeAssignPrimaryTokenPrivilege",
1434 L
"SeLockMemoryPrivilege",
1435 L
"SeIncreaseQuotaPrivilege",
1436 L
"SeMachineAccountPrivilege",
1438 L
"SeSecurityPrivilege",
1439 L
"SeTakeOwnershipPrivilege",
1440 L
"SeLoadDriverPrivilege",
1441 L
"SeSystemProfilePrivilege",
1442 L
"SeSystemtimePrivilege",
1443 L
"SeProfileSingleProcessPrivilege",
1444 L
"SeIncreaseBasePriorityPrivilege",
1445 L
"SeCreatePagefilePrivilege",
1446 L
"SeCreatePermanentPrivilege",
1447 L
"SeBackupPrivilege",
1448 L
"SeRestorePrivilege",
1449 L
"SeShutdownPrivilege",
1450 L
"SeDebugPrivilege",
1451 L
"SeAuditPrivilege",
1452 L
"SeSystemEnvironmentPrivilege",
1453 L
"SeChangeNotifyPrivilege",
1454 L
"SeRemoteShutdownPrivilege",
1455 L
"SeUndockPrivilege",
1456 L
"SeSyncAgentPrivilege",
1457 L
"SeEnableDelegationPrivilege",
1458 L
"SeManageVolumePrivilege",
1459 L
"SeImpersonatePrivilege",
1460 L
"SeCreateGlobalPrivilege"
1464 if (!ADVAPI_IsLocalComputer(SystemName
))
1466 SetLastError(RPC_S_SERVER_UNAVAILABLE
);
1470 if (NULL
!= SystemName
&& L
'\0' != *SystemName
)
1472 FIXME("LookupPrivilegeValueW: not implemented for remote system\n");
1473 SetLastError(ERROR_CALL_NOT_IMPLEMENTED
);
1477 for (Priv
= 0; Priv
< sizeof(DefaultPrivNames
) / sizeof(DefaultPrivNames
[0]); Priv
++)
1479 if (0 == _wcsicmp(PrivName
, DefaultPrivNames
[Priv
]))
1481 Luid
->LowPart
= Priv
+ SE_MIN_WELL_KNOWN_PRIVILEGE
;
1487 WARN("LookupPrivilegeValueW: no such privilege %S\n", PrivName
);
1488 SetLastError(ERROR_NO_SUCH_PRIVILEGE
);
1493 /**********************************************************************
1494 * LookupPrivilegeDisplayNameA EXPORTED
1500 LookupPrivilegeDisplayNameA(LPCSTR lpSystemName
,
1502 LPSTR lpDisplayName
,
1503 LPDWORD cbDisplayName
,
1504 LPDWORD lpLanguageId
)
1506 FIXME("%s() not implemented!\n", __FUNCTION__
);
1507 SetLastError (ERROR_CALL_NOT_IMPLEMENTED
);
1512 /**********************************************************************
1513 * LookupPrivilegeDisplayNameW EXPORTED
1519 LookupPrivilegeDisplayNameW(LPCWSTR lpSystemName
,
1521 LPWSTR lpDisplayName
,
1522 LPDWORD cbDisplayName
,
1523 LPDWORD lpLanguageId
)
1525 FIXME("%s() not implemented!\n", __FUNCTION__
);
1526 SetLastError (ERROR_CALL_NOT_IMPLEMENTED
);
1531 /**********************************************************************
1532 * LookupPrivilegeNameA EXPORTED
1538 LookupPrivilegeNameA(LPCSTR lpSystemName
,
1543 UNICODE_STRING lpSystemNameW
;
1547 TRACE("%s %p %p %p\n", debugstr_a(lpSystemName
), lpLuid
, lpName
, cchName
);
1549 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW
, lpSystemName
);
1550 ret
= LookupPrivilegeNameW(lpSystemNameW
.Buffer
, lpLuid
, NULL
, &wLen
);
1551 if (!ret
&& GetLastError() == ERROR_INSUFFICIENT_BUFFER
)
1553 LPWSTR lpNameW
= HeapAlloc(GetProcessHeap(), 0, wLen
* sizeof(WCHAR
));
1555 ret
= LookupPrivilegeNameW(lpSystemNameW
.Buffer
, lpLuid
, lpNameW
,
1559 /* Windows crashes if cchName is NULL, so will I */
1560 unsigned int len
= WideCharToMultiByte(CP_ACP
, 0, lpNameW
, -1, lpName
,
1561 *cchName
, NULL
, NULL
);
1565 /* WideCharToMultiByte failed */
1568 else if (len
> *cchName
)
1571 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1576 /* WideCharToMultiByte succeeded, output length needs to be
1577 * length not including NULL terminator
1582 HeapFree(GetProcessHeap(), 0, lpNameW
);
1584 RtlFreeUnicodeString(&lpSystemNameW
);
1589 /**********************************************************************
1590 * LookupPrivilegeNameW EXPORTED
1596 LookupPrivilegeNameW(LPCWSTR lpSystemName
,
1603 TRACE("%s,%p,%p,%p\n",debugstr_w(lpSystemName
), lpLuid
, lpName
, cchName
);
1605 if (!ADVAPI_IsLocalComputer(lpSystemName
))
1607 SetLastError(RPC_S_SERVER_UNAVAILABLE
);
1611 if (lpLuid
->HighPart
|| (lpLuid
->LowPart
< SE_MIN_WELL_KNOWN_PRIVILEGE
||
1612 lpLuid
->LowPart
> SE_MAX_WELL_KNOWN_PRIVILEGE
))
1614 SetLastError(ERROR_NO_SUCH_PRIVILEGE
);
1617 privNameLen
= strlenW(WellKnownPrivNames
[lpLuid
->LowPart
]);
1618 /* Windows crashes if cchName is NULL, so will I */
1619 if (*cchName
<= privNameLen
)
1621 *cchName
= privNameLen
+ 1;
1622 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1627 strcpyW(lpName
, WellKnownPrivNames
[lpLuid
->LowPart
]);
1628 *cchName
= privNameLen
;
1635 pGetSecurityInfoCheck(SECURITY_INFORMATION SecurityInfo
,
1640 PSECURITY_DESCRIPTOR
* ppSecurityDescriptor
)
1642 if ((SecurityInfo
& (OWNER_SECURITY_INFORMATION
|
1643 GROUP_SECURITY_INFORMATION
|
1644 DACL_SECURITY_INFORMATION
|
1645 SACL_SECURITY_INFORMATION
)) &&
1646 ppSecurityDescriptor
== NULL
)
1648 /* if one of the SIDs or ACLs are present, the security descriptor
1650 return ERROR_INVALID_PARAMETER
;
1654 /* reset the pointers unless they're ignored */
1655 if ((SecurityInfo
& OWNER_SECURITY_INFORMATION
) &&
1660 if ((SecurityInfo
& GROUP_SECURITY_INFORMATION
) &&
1665 if ((SecurityInfo
& DACL_SECURITY_INFORMATION
) &&
1670 if ((SecurityInfo
& SACL_SECURITY_INFORMATION
) &&
1676 if (SecurityInfo
& (OWNER_SECURITY_INFORMATION
|
1677 GROUP_SECURITY_INFORMATION
|
1678 DACL_SECURITY_INFORMATION
|
1679 SACL_SECURITY_INFORMATION
))
1681 *ppSecurityDescriptor
= NULL
;
1684 return ERROR_SUCCESS
;
1690 pSetSecurityInfoCheck(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
1691 SECURITY_INFORMATION SecurityInfo
,
1697 /* initialize a security descriptor on the stack */
1698 if (!InitializeSecurityDescriptor(pSecurityDescriptor
,
1699 SECURITY_DESCRIPTOR_REVISION
))
1701 return GetLastError();
1704 if (SecurityInfo
& OWNER_SECURITY_INFORMATION
)
1706 if (RtlValidSid(psidOwner
))
1708 if (!SetSecurityDescriptorOwner(pSecurityDescriptor
,
1712 return GetLastError();
1717 return ERROR_INVALID_PARAMETER
;
1721 if (SecurityInfo
& GROUP_SECURITY_INFORMATION
)
1723 if (RtlValidSid(psidGroup
))
1725 if (!SetSecurityDescriptorGroup(pSecurityDescriptor
,
1729 return GetLastError();
1734 return ERROR_INVALID_PARAMETER
;
1738 if (SecurityInfo
& DACL_SECURITY_INFORMATION
)
1742 if (SetSecurityDescriptorDacl(pSecurityDescriptor
,
1747 /* check if the DACL needs to be protected from being
1748 modified by inheritable ACEs */
1749 if (SecurityInfo
& PROTECTED_DACL_SECURITY_INFORMATION
)
1756 return GetLastError();
1762 /* protect the DACL from being modified by inheritable ACEs */
1763 if (!SetSecurityDescriptorControl(pSecurityDescriptor
,
1767 return GetLastError();
1772 if (SecurityInfo
& SACL_SECURITY_INFORMATION
)
1776 if (SetSecurityDescriptorSacl(pSecurityDescriptor
,
1781 /* check if the SACL needs to be protected from being
1782 modified by inheritable ACEs */
1783 if (SecurityInfo
& PROTECTED_SACL_SECURITY_INFORMATION
)
1790 return GetLastError();
1796 /* protect the SACL from being modified by inheritable ACEs */
1797 if (!SetSecurityDescriptorControl(pSecurityDescriptor
,
1801 return GetLastError();
1806 return ERROR_SUCCESS
;
1810 /**********************************************************************
1811 * GetNamedSecurityInfoW EXPORTED
1817 GetNamedSecurityInfoW(LPWSTR pObjectName
,
1818 SE_OBJECT_TYPE ObjectType
,
1819 SECURITY_INFORMATION SecurityInfo
,
1824 PSECURITY_DESCRIPTOR
*ppSecurityDescriptor
)
1828 if (pObjectName
!= NULL
)
1830 ErrorCode
= CheckNtMartaPresent();
1831 if (ErrorCode
== ERROR_SUCCESS
)
1833 ErrorCode
= pGetSecurityInfoCheck(SecurityInfo
,
1838 ppSecurityDescriptor
);
1840 if (ErrorCode
== ERROR_SUCCESS
)
1842 /* call the MARTA provider */
1843 ErrorCode
= AccRewriteGetNamedRights(pObjectName
,
1850 ppSecurityDescriptor
);
1855 ErrorCode
= ERROR_INVALID_PARAMETER
;
1861 /**********************************************************************
1862 * GetNamedSecurityInfoA EXPORTED
1868 GetNamedSecurityInfoA(LPSTR pObjectName
,
1869 SE_OBJECT_TYPE ObjectType
,
1870 SECURITY_INFORMATION SecurityInfo
,
1875 PSECURITY_DESCRIPTOR
*ppSecurityDescriptor
)
1877 UNICODE_STRING ObjectName
;
1881 Status
= RtlCreateUnicodeStringFromAsciiz(&ObjectName
,
1883 if (!NT_SUCCESS(Status
))
1885 return RtlNtStatusToDosError(Status
);
1888 Ret
= GetNamedSecurityInfoW(ObjectName
.Buffer
,
1895 ppSecurityDescriptor
);
1897 RtlFreeUnicodeString(&ObjectName
);
1903 /**********************************************************************
1904 * SetNamedSecurityInfoW EXPORTED
1910 SetNamedSecurityInfoW(LPWSTR pObjectName
,
1911 SE_OBJECT_TYPE ObjectType
,
1912 SECURITY_INFORMATION SecurityInfo
,
1920 if (pObjectName
!= NULL
)
1922 ErrorCode
= CheckNtMartaPresent();
1923 if (ErrorCode
== ERROR_SUCCESS
)
1925 SECURITY_DESCRIPTOR SecurityDescriptor
;
1927 ErrorCode
= pSetSecurityInfoCheck(&SecurityDescriptor
,
1934 if (ErrorCode
== ERROR_SUCCESS
)
1936 /* call the MARTA provider */
1937 ErrorCode
= AccRewriteSetNamedRights(pObjectName
,
1940 &SecurityDescriptor
);
1945 ErrorCode
= ERROR_INVALID_PARAMETER
;
1951 /**********************************************************************
1952 * SetNamedSecurityInfoA EXPORTED
1958 SetNamedSecurityInfoA(LPSTR pObjectName
,
1959 SE_OBJECT_TYPE ObjectType
,
1960 SECURITY_INFORMATION SecurityInfo
,
1966 UNICODE_STRING ObjectName
;
1970 Status
= RtlCreateUnicodeStringFromAsciiz(&ObjectName
,
1972 if (!NT_SUCCESS(Status
))
1974 return RtlNtStatusToDosError(Status
);
1977 Ret
= SetNamedSecurityInfoW(ObjectName
.Buffer
,
1985 RtlFreeUnicodeString(&ObjectName
);
1991 /**********************************************************************
1992 * GetSecurityInfo EXPORTED
1998 GetSecurityInfo(HANDLE handle
,
1999 SE_OBJECT_TYPE ObjectType
,
2000 SECURITY_INFORMATION SecurityInfo
,
2005 PSECURITY_DESCRIPTOR
*ppSecurityDescriptor
)
2011 ErrorCode
= CheckNtMartaPresent();
2012 if (ErrorCode
== ERROR_SUCCESS
)
2014 ErrorCode
= pGetSecurityInfoCheck(SecurityInfo
,
2019 ppSecurityDescriptor
);
2021 if (ErrorCode
== ERROR_SUCCESS
)
2023 /* call the MARTA provider */
2024 ErrorCode
= AccRewriteGetHandleRights(handle
,
2031 ppSecurityDescriptor
);
2036 ErrorCode
= ERROR_INVALID_HANDLE
;
2042 /**********************************************************************
2043 * SetSecurityInfo EXPORTED
2049 SetSecurityInfo(HANDLE handle
,
2050 SE_OBJECT_TYPE ObjectType
,
2051 SECURITY_INFORMATION SecurityInfo
,
2061 ErrorCode
= CheckNtMartaPresent();
2062 if (ErrorCode
== ERROR_SUCCESS
)
2064 SECURITY_DESCRIPTOR SecurityDescriptor
;
2066 ErrorCode
= pSetSecurityInfoCheck(&SecurityDescriptor
,
2073 if (ErrorCode
== ERROR_SUCCESS
)
2075 /* call the MARTA provider */
2076 ErrorCode
= AccRewriteSetHandleRights(handle
,
2079 &SecurityDescriptor
);
2084 ErrorCode
= ERROR_INVALID_HANDLE
;
2090 /******************************************************************************
2091 * GetSecurityInfoExW EXPORTED
2095 GetSecurityInfoExA(HANDLE hObject
,
2096 SE_OBJECT_TYPE ObjectType
,
2097 SECURITY_INFORMATION SecurityInfo
,
2100 PACTRL_ACCESSA
*ppAccessList
,
2101 PACTRL_AUDITA
*ppAuditList
,
2105 FIXME("%s() not implemented!\n", __FUNCTION__
);
2106 return ERROR_BAD_PROVIDER
;
2110 /******************************************************************************
2111 * GetSecurityInfoExW EXPORTED
2115 GetSecurityInfoExW(HANDLE hObject
,
2116 SE_OBJECT_TYPE ObjectType
,
2117 SECURITY_INFORMATION SecurityInfo
,
2120 PACTRL_ACCESSW
*ppAccessList
,
2121 PACTRL_AUDITW
*ppAuditList
,
2125 FIXME("%s() not implemented!\n", __FUNCTION__
);
2126 return ERROR_BAD_PROVIDER
;
2130 /**********************************************************************
2131 * ImpersonateNamedPipeClient EXPORTED
2137 ImpersonateNamedPipeClient(HANDLE hNamedPipe
)
2139 IO_STATUS_BLOCK StatusBlock
;
2142 TRACE("ImpersonateNamedPipeClient() called\n");
2144 Status
= NtFsControlFile(hNamedPipe
,
2149 FSCTL_PIPE_IMPERSONATE
,
2154 if (!NT_SUCCESS(Status
))
2156 SetLastError(RtlNtStatusToDosError(Status
));
2169 CreatePrivateObjectSecurity(PSECURITY_DESCRIPTOR ParentDescriptor
,
2170 PSECURITY_DESCRIPTOR CreatorDescriptor
,
2171 PSECURITY_DESCRIPTOR
*NewDescriptor
,
2172 BOOL IsDirectoryObject
,
2174 PGENERIC_MAPPING GenericMapping
)
2178 Status
= RtlNewSecurityObject(ParentDescriptor
,
2184 if (!NT_SUCCESS(Status
))
2186 SetLastError(RtlNtStatusToDosError(Status
));
2199 CreatePrivateObjectSecurityEx(PSECURITY_DESCRIPTOR ParentDescriptor
,
2200 PSECURITY_DESCRIPTOR CreatorDescriptor
,
2201 PSECURITY_DESCRIPTOR
* NewDescriptor
,
2203 BOOL IsContainerObject
,
2204 ULONG AutoInheritFlags
,
2206 PGENERIC_MAPPING GenericMapping
)
2208 FIXME("%s() not implemented!\n", __FUNCTION__
);
2218 CreatePrivateObjectSecurityWithMultipleInheritance(PSECURITY_DESCRIPTOR ParentDescriptor
,
2219 PSECURITY_DESCRIPTOR CreatorDescriptor
,
2220 PSECURITY_DESCRIPTOR
* NewDescriptor
,
2223 BOOL IsContainerObject
,
2224 ULONG AutoInheritFlags
,
2226 PGENERIC_MAPPING GenericMapping
)
2228 FIXME("%s() not implemented!\n", __FUNCTION__
);
2238 DestroyPrivateObjectSecurity(PSECURITY_DESCRIPTOR
*ObjectDescriptor
)
2242 Status
= RtlDeleteSecurityObject(ObjectDescriptor
);
2243 if (!NT_SUCCESS(Status
))
2245 SetLastError(RtlNtStatusToDosError(Status
));
2255 // Use when RtlQuerySecurityObject is implemented
2263 GetPrivateObjectSecurity(IN PSECURITY_DESCRIPTOR ObjectDescriptor
,
2264 IN SECURITY_INFORMATION SecurityInformation
,
2265 OUT PSECURITY_DESCRIPTOR ResultantDescriptor OPTIONAL
,
2266 IN DWORD DescriptorLength
,
2267 OUT PDWORD ReturnLength
)
2272 Status
= RtlQuerySecurityObject(ObjectDescriptor
,
2273 SecurityInformation
,
2274 ResultantDescriptor
,
2277 if (!NT_SUCCESS(Status
))
2280 SetLastError(RtlNtStatusToDosError(Status
));
2289 // Wine's implementation (as of December 30th 2008)
2297 GetPrivateObjectSecurity(IN PSECURITY_DESCRIPTOR ObjectDescriptor
,
2298 IN SECURITY_INFORMATION SecurityInformation
,
2299 OUT PSECURITY_DESCRIPTOR ResultantDescriptor OPTIONAL
,
2300 IN DWORD DescriptorLength
,
2301 OUT PDWORD ReturnLength
)
2303 SECURITY_DESCRIPTOR desc
;
2304 BOOL defaulted
, present
;
2308 TRACE("(%p,0x%08x,%p,0x%08x,%p)\n", ObjectDescriptor
, SecurityInformation
,
2309 ResultantDescriptor
, DescriptorLength
, ReturnLength
);
2311 if (!InitializeSecurityDescriptor(&desc
, SECURITY_DESCRIPTOR_REVISION
))
2314 if (SecurityInformation
& OWNER_SECURITY_INFORMATION
)
2316 if (!GetSecurityDescriptorOwner(ObjectDescriptor
, &psid
, &defaulted
))
2318 SetSecurityDescriptorOwner(&desc
, psid
, defaulted
);
2321 if (SecurityInformation
& GROUP_SECURITY_INFORMATION
)
2323 if (!GetSecurityDescriptorGroup(ObjectDescriptor
, &psid
, &defaulted
))
2325 SetSecurityDescriptorGroup(&desc
, psid
, defaulted
);
2328 if (SecurityInformation
& DACL_SECURITY_INFORMATION
)
2330 if (!GetSecurityDescriptorDacl(ObjectDescriptor
, &present
, &pacl
, &defaulted
))
2332 SetSecurityDescriptorDacl(&desc
, present
, pacl
, defaulted
);
2335 if (SecurityInformation
& SACL_SECURITY_INFORMATION
)
2337 if (!GetSecurityDescriptorSacl(ObjectDescriptor
, &present
, &pacl
, &defaulted
))
2339 SetSecurityDescriptorSacl(&desc
, present
, pacl
, defaulted
);
2342 *ReturnLength
= DescriptorLength
;
2343 return MakeSelfRelativeSD(&desc
, ResultantDescriptor
, ReturnLength
);
2353 SetPrivateObjectSecurity(SECURITY_INFORMATION SecurityInformation
,
2354 PSECURITY_DESCRIPTOR ModificationDescriptor
,
2355 PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
2356 PGENERIC_MAPPING GenericMapping
,
2361 Status
= RtlSetSecurityObject(SecurityInformation
,
2362 ModificationDescriptor
,
2363 ObjectsSecurityDescriptor
,
2366 if (!NT_SUCCESS(Status
))
2368 SetLastError(RtlNtStatusToDosError(Status
));
2381 TreeResetNamedSecurityInfoW(LPWSTR pObjectName
,
2382 SE_OBJECT_TYPE ObjectType
,
2383 SECURITY_INFORMATION SecurityInfo
,
2389 FN_PROGRESSW fnProgress
,
2390 PROG_INVOKE_SETTING ProgressInvokeSetting
,
2395 if (pObjectName
!= NULL
)
2397 ErrorCode
= CheckNtMartaPresent();
2398 if (ErrorCode
== ERROR_SUCCESS
)
2402 case SE_FILE_OBJECT
:
2403 case SE_REGISTRY_KEY
:
2405 /* check the SecurityInfo flags for sanity (both, the protected
2406 and unprotected dacl/sacl flag must not be passed together) */
2407 if (((SecurityInfo
& DACL_SECURITY_INFORMATION
) &&
2408 (SecurityInfo
& (PROTECTED_DACL_SECURITY_INFORMATION
| UNPROTECTED_DACL_SECURITY_INFORMATION
)) ==
2409 (PROTECTED_DACL_SECURITY_INFORMATION
| UNPROTECTED_DACL_SECURITY_INFORMATION
))
2413 ((SecurityInfo
& SACL_SECURITY_INFORMATION
) &&
2414 (SecurityInfo
& (PROTECTED_SACL_SECURITY_INFORMATION
| UNPROTECTED_SACL_SECURITY_INFORMATION
)) ==
2415 (PROTECTED_SACL_SECURITY_INFORMATION
| UNPROTECTED_SACL_SECURITY_INFORMATION
)))
2417 ErrorCode
= ERROR_INVALID_PARAMETER
;
2421 /* call the MARTA provider */
2422 ErrorCode
= AccTreeResetNamedSecurityInfo(pObjectName
,
2431 ProgressInvokeSetting
,
2437 /* object type not supported */
2438 ErrorCode
= ERROR_INVALID_PARAMETER
;
2444 ErrorCode
= ERROR_INVALID_PARAMETER
;
2449 #ifdef HAS_FN_PROGRESSW
2451 typedef struct _INERNAL_FNPROGRESSW_DATA
2453 FN_PROGRESSA fnProgress
;
2455 } INERNAL_FNPROGRESSW_DATA
, *PINERNAL_FNPROGRESSW_DATA
;
2458 InternalfnProgressW(LPWSTR pObjectName
,
2460 PPROG_INVOKE_SETTING pInvokeSetting
,
2464 PINERNAL_FNPROGRESSW_DATA pifnProgressData
= (PINERNAL_FNPROGRESSW_DATA
)Args
;
2468 ObjectNameSize
= WideCharToMultiByte(CP_ACP
,
2477 if (ObjectNameSize
> 0)
2479 pObjectNameA
= RtlAllocateHeap(RtlGetProcessHeap(),
2482 if (pObjectNameA
!= NULL
)
2484 pObjectNameA
[0] = '\0';
2485 WideCharToMultiByte(CP_ACP
,
2494 pifnProgressData
->fnProgress((LPWSTR
)pObjectNameA
, /* FIXME: wrong cast!! */
2497 pifnProgressData
->Args
,
2500 RtlFreeHeap(RtlGetProcessHeap(),
2514 TreeResetNamedSecurityInfoA(LPSTR pObjectName
,
2515 SE_OBJECT_TYPE ObjectType
,
2516 SECURITY_INFORMATION SecurityInfo
,
2522 FN_PROGRESSA fnProgress
,
2523 PROG_INVOKE_SETTING ProgressInvokeSetting
,
2526 #ifndef HAS_FN_PROGRESSW
2527 /* That's all this function does, at least up to w2k3... Even MS was too
2528 lazy to implement it... */
2529 return ERROR_CALL_NOT_IMPLEMENTED
;
2531 INERNAL_FNPROGRESSW_DATA ifnProgressData
;
2532 UNICODE_STRING ObjectName
;
2536 Status
= RtlCreateUnicodeStringFromAsciiz(&ObjectName
,
2538 if (!NT_SUCCESS(Status
))
2540 return RtlNtStatusToDosError(Status
);
2543 ifnProgressData
.fnProgress
= fnProgress
;
2544 ifnProgressData
.Args
= Args
;
2546 Ret
= TreeResetNamedSecurityInfoW(ObjectName
.Buffer
,
2554 (fnProgress
!= NULL
? InternalfnProgressW
: NULL
),
2555 ProgressInvokeSetting
,
2558 RtlFreeUnicodeString(&ObjectName
);