2 * COPYRIGHT: See COPYING in the top level directory
4 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
5 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
6 * Copyright 2006 Robert Reif
8 * PROJECT: ReactOS system libraries
9 * FILE: dll/win32/advapi32/sec/misc.c
10 * PURPOSE: Miscellaneous security functions (some ported from Wine)
14 #include "wine/unicode.h"
15 #include "wine/debug.h"
17 WINE_DEFAULT_DEBUG_CHANNEL(advapi
);
20 /* Interface to ntmarta.dll ***************************************************/
22 NTMARTA NtMartaStatic
= { 0 };
23 static PNTMARTA NtMarta
= NULL
;
25 #define FindNtMartaProc(Name) \
26 NtMartaStatic.Name = (PVOID)GetProcAddress(NtMartaStatic.hDllInstance, \
28 if (NtMartaStatic.Name == NULL) \
30 return GetLastError(); \
35 LoadAndInitializeNtMarta(VOID
)
37 /* this code may be executed simultaneously by multiple threads in case they're
38 trying to initialize the interface at the same time, but that's no problem
39 because the pointers returned by GetProcAddress will be the same. However,
40 only one of the threads will change the NtMarta pointer to the NtMartaStatic
41 structure, the others threads will detect that there were other threads
42 initializing the structure faster and will release the reference to the
45 NtMartaStatic
.hDllInstance
= LoadLibraryW(L
"ntmarta.dll");
46 if (NtMartaStatic
.hDllInstance
== NULL
)
48 return GetLastError();
52 FindNtMartaProc(LookupAccountTrustee
);
53 FindNtMartaProc(LookupAccountName
);
54 FindNtMartaProc(LookupAccountSid
);
55 FindNtMartaProc(SetEntriesInAList
);
56 FindNtMartaProc(ConvertAccessToSecurityDescriptor
);
57 FindNtMartaProc(ConvertSDToAccess
);
58 FindNtMartaProc(ConvertAclToAccess
);
59 FindNtMartaProc(GetAccessForTrustee
);
60 FindNtMartaProc(GetExplicitEntries
);
62 FindNtMartaProc(RewriteGetNamedRights
);
63 FindNtMartaProc(RewriteSetNamedRights
);
64 FindNtMartaProc(RewriteGetHandleRights
);
65 FindNtMartaProc(RewriteSetHandleRights
);
66 FindNtMartaProc(RewriteSetEntriesInAcl
);
67 FindNtMartaProc(RewriteGetExplicitEntriesFromAcl
);
68 FindNtMartaProc(TreeResetNamedSecurityInfo
);
69 FindNtMartaProc(GetInheritanceSource
);
70 FindNtMartaProc(FreeIndexArray
);
77 CheckNtMartaPresent(VOID
)
81 if (InterlockedCompareExchangePointer((PVOID
)&NtMarta
,
85 /* we're the first one trying to use ntmarta, initialize it and change
86 the pointer after initialization */
87 ErrorCode
= LoadAndInitializeNtMarta();
89 if (ErrorCode
== ERROR_SUCCESS
)
91 /* try change the NtMarta pointer */
92 if (InterlockedCompareExchangePointer((PVOID
)&NtMarta
,
96 /* another thread initialized ntmarta in the meanwhile, release
97 the reference of the dll loaded. */
98 FreeLibrary(NtMartaStatic
.hDllInstance
);
104 ERR("Failed to initialize ntmarta.dll! Error: 0x%x", ErrorCode
);
110 /* ntmarta was already initialized */
111 ErrorCode
= ERROR_SUCCESS
;
121 if (InterlockedExchangePointer((PVOID
)&NtMarta
,
124 FreeLibrary(NtMartaStatic
.hDllInstance
);
129 /******************************************************************************/
136 AreAllAccessesGranted(DWORD GrantedAccess
,
139 return (BOOL
)RtlAreAllAccessesGranted(GrantedAccess
,
149 AreAnyAccessesGranted(DWORD GrantedAccess
,
152 return (BOOL
)RtlAreAnyAccessesGranted(GrantedAccess
,
157 /************************************************************
158 * ADVAPI_IsLocalComputer
160 * Checks whether the server name indicates local machine.
162 BOOL
ADVAPI_IsLocalComputer(LPCWSTR ServerName
)
164 DWORD dwSize
= MAX_COMPUTERNAME_LENGTH
+ 1;
168 if (!ServerName
|| !ServerName
[0])
171 buf
= HeapAlloc(GetProcessHeap(), 0, dwSize
* sizeof(WCHAR
));
172 Result
= GetComputerNameW(buf
, &dwSize
);
173 if (Result
&& (ServerName
[0] == '\\') && (ServerName
[1] == '\\'))
175 Result
= Result
&& !lstrcmpW(ServerName
, buf
);
176 HeapFree(GetProcessHeap(), 0, buf
);
182 /******************************************************************************
183 * GetFileSecurityA [ADVAPI32.@]
185 * Obtains Specified information about the security of a file or directory.
188 * lpFileName [I] Name of the file to get info for
189 * RequestedInformation [I] SE_ flags from "winnt.h"
190 * pSecurityDescriptor [O] Destination for security information
191 * nLength [I] Length of pSecurityDescriptor
192 * lpnLengthNeeded [O] Destination for length of returned security information
195 * Success: TRUE. pSecurityDescriptor contains the requested information.
196 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
199 * The information returned is constrained by the callers access rights and
206 GetFileSecurityA(LPCSTR lpFileName
,
207 SECURITY_INFORMATION RequestedInformation
,
208 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
210 LPDWORD lpnLengthNeeded
)
212 UNICODE_STRING FileName
;
216 Status
= RtlCreateUnicodeStringFromAsciiz(&FileName
,
218 if (!NT_SUCCESS(Status
))
220 SetLastError(RtlNtStatusToDosError(Status
));
224 bResult
= GetFileSecurityW(FileName
.Buffer
,
225 RequestedInformation
,
230 RtlFreeUnicodeString(&FileName
);
241 GetFileSecurityW(LPCWSTR lpFileName
,
242 SECURITY_INFORMATION RequestedInformation
,
243 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
245 LPDWORD lpnLengthNeeded
)
247 OBJECT_ATTRIBUTES ObjectAttributes
;
248 IO_STATUS_BLOCK StatusBlock
;
249 UNICODE_STRING FileName
;
250 ULONG AccessMask
= 0;
254 TRACE("GetFileSecurityW() called\n");
256 QuerySecurityAccessMask(RequestedInformation
, &AccessMask
);
258 if (!RtlDosPathNameToNtPathName_U(lpFileName
,
263 ERR("Invalid path\n");
264 SetLastError(ERROR_INVALID_NAME
);
268 InitializeObjectAttributes(&ObjectAttributes
,
270 OBJ_CASE_INSENSITIVE
,
274 Status
= NtOpenFile(&FileHandle
,
278 FILE_SHARE_READ
| FILE_SHARE_WRITE
| FILE_SHARE_DELETE
,
281 RtlFreeHeap(RtlGetProcessHeap(),
285 if (!NT_SUCCESS(Status
))
287 ERR("NtOpenFile() failed (Status %lx)\n", Status
);
288 SetLastError(RtlNtStatusToDosError(Status
));
292 Status
= NtQuerySecurityObject(FileHandle
,
293 RequestedInformation
,
298 if (!NT_SUCCESS(Status
))
300 ERR("NtQuerySecurityObject() failed (Status %lx)\n", Status
);
301 SetLastError(RtlNtStatusToDosError(Status
));
314 GetKernelObjectSecurity(HANDLE Handle
,
315 SECURITY_INFORMATION RequestedInformation
,
316 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
318 LPDWORD lpnLengthNeeded
)
322 Status
= NtQuerySecurityObject(Handle
,
323 RequestedInformation
,
327 if (!NT_SUCCESS(Status
))
329 SetLastError(RtlNtStatusToDosError(Status
));
337 /******************************************************************************
338 * SetFileSecurityA [ADVAPI32.@]
339 * Sets the security of a file or directory
345 SetFileSecurityA(LPCSTR lpFileName
,
346 SECURITY_INFORMATION SecurityInformation
,
347 PSECURITY_DESCRIPTOR pSecurityDescriptor
)
349 UNICODE_STRING FileName
;
353 Status
= RtlCreateUnicodeStringFromAsciiz(&FileName
,
355 if (!NT_SUCCESS(Status
))
357 SetLastError(RtlNtStatusToDosError(Status
));
361 bResult
= SetFileSecurityW(FileName
.Buffer
,
363 pSecurityDescriptor
);
365 RtlFreeUnicodeString(&FileName
);
371 /******************************************************************************
372 * SetFileSecurityW [ADVAPI32.@]
373 * Sets the security of a file or directory
379 SetFileSecurityW(LPCWSTR lpFileName
,
380 SECURITY_INFORMATION SecurityInformation
,
381 PSECURITY_DESCRIPTOR pSecurityDescriptor
)
383 OBJECT_ATTRIBUTES ObjectAttributes
;
384 IO_STATUS_BLOCK StatusBlock
;
385 UNICODE_STRING FileName
;
386 ULONG AccessMask
= 0;
390 TRACE("SetFileSecurityW() called\n");
392 SetSecurityAccessMask(SecurityInformation
, &AccessMask
);
394 if (!RtlDosPathNameToNtPathName_U(lpFileName
,
399 ERR("Invalid path\n");
400 SetLastError(ERROR_INVALID_NAME
);
404 InitializeObjectAttributes(&ObjectAttributes
,
406 OBJ_CASE_INSENSITIVE
,
410 Status
= NtOpenFile(&FileHandle
,
414 FILE_SHARE_READ
| FILE_SHARE_WRITE
| FILE_SHARE_DELETE
,
417 RtlFreeHeap(RtlGetProcessHeap(),
421 if (!NT_SUCCESS(Status
))
423 ERR("NtOpenFile() failed (Status %lx)\n", Status
);
424 SetLastError(RtlNtStatusToDosError(Status
));
428 Status
= NtSetSecurityObject(FileHandle
,
430 pSecurityDescriptor
);
433 if (!NT_SUCCESS(Status
))
435 ERR("NtSetSecurityObject() failed (Status %lx)\n", Status
);
436 SetLastError(RtlNtStatusToDosError(Status
));
449 SetKernelObjectSecurity(HANDLE Handle
,
450 SECURITY_INFORMATION SecurityInformation
,
451 PSECURITY_DESCRIPTOR SecurityDescriptor
)
455 Status
= NtSetSecurityObject(Handle
,
458 if (!NT_SUCCESS(Status
))
460 SetLastError(RtlNtStatusToDosError(Status
));
473 ImpersonateAnonymousToken(IN HANDLE ThreadHandle
)
477 Status
= NtImpersonateAnonymousToken(ThreadHandle
);
478 if (!NT_SUCCESS(Status
))
480 SetLastError(RtlNtStatusToDosError(Status
));
493 ImpersonateLoggedOnUser(HANDLE hToken
)
495 SECURITY_QUALITY_OF_SERVICE Qos
;
496 OBJECT_ATTRIBUTES ObjectAttributes
;
503 /* Get the token type */
504 Status
= NtQueryInformationToken(hToken
,
509 if (!NT_SUCCESS(Status
))
511 SetLastError(RtlNtStatusToDosError(Status
));
515 if (Type
== TokenPrimary
)
517 /* Create a duplicate impersonation token */
518 Qos
.Length
= sizeof(SECURITY_QUALITY_OF_SERVICE
);
519 Qos
.ImpersonationLevel
= SecurityImpersonation
;
520 Qos
.ContextTrackingMode
= SECURITY_DYNAMIC_TRACKING
;
521 Qos
.EffectiveOnly
= FALSE
;
523 ObjectAttributes
.Length
= sizeof(OBJECT_ATTRIBUTES
);
524 ObjectAttributes
.RootDirectory
= NULL
;
525 ObjectAttributes
.ObjectName
= NULL
;
526 ObjectAttributes
.Attributes
= 0;
527 ObjectAttributes
.SecurityDescriptor
= NULL
;
528 ObjectAttributes
.SecurityQualityOfService
= &Qos
;
530 Status
= NtDuplicateToken(hToken
,
531 TOKEN_IMPERSONATE
| TOKEN_QUERY
,
536 if (!NT_SUCCESS(Status
))
538 SetLastError(RtlNtStatusToDosError(Status
));
546 /* User the original impersonation token */
551 /* Impersonate the the current thread */
552 Status
= NtSetInformationThread(NtCurrentThread(),
553 ThreadImpersonationToken
,
557 if (Duplicated
== TRUE
)
562 if (!NT_SUCCESS(Status
))
564 SetLastError(RtlNtStatusToDosError(Status
));
577 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
)
581 Status
= RtlImpersonateSelf(ImpersonationLevel
);
582 if (!NT_SUCCESS(Status
))
584 SetLastError(RtlNtStatusToDosError(Status
));
602 Status
= NtSetInformationThread(NtCurrentThread(),
603 ThreadImpersonationToken
,
606 if (!NT_SUCCESS(Status
))
608 SetLastError(RtlNtStatusToDosError(Status
));
616 /******************************************************************************
617 * GetUserNameA [ADVAPI32.@]
619 * Get the current user name.
622 * lpszName [O] Destination for the user name.
623 * lpSize [I/O] Size of lpszName.
630 GetUserNameA(LPSTR lpszName
,
633 UNICODE_STRING NameW
;
637 /* apparently Win doesn't check whether lpSize is valid at all! */
639 NameW
.MaximumLength
= (*lpSize
) * sizeof(WCHAR
);
640 NameW
.Buffer
= LocalAlloc(LMEM_FIXED
, NameW
.MaximumLength
);
641 if(NameW
.Buffer
== NULL
)
643 SetLastError(ERROR_NOT_ENOUGH_MEMORY
);
648 NameA
.MaximumLength
= ((*lpSize
) < 0xFFFF ? (USHORT
)(*lpSize
) : 0xFFFF);
649 NameA
.Buffer
= lpszName
;
651 Ret
= GetUserNameW(NameW
.Buffer
,
655 NameW
.Length
= (*lpSize
- 1) * sizeof(WCHAR
);
656 RtlUnicodeStringToAnsiString(&NameA
, &NameW
, FALSE
);
658 *lpSize
= NameA
.Length
+ 1;
661 LocalFree(NameW
.Buffer
);
667 /******************************************************************************
668 * GetUserNameW [ADVAPI32.@]
676 GetUserNameW(LPWSTR lpszName
,
679 HANDLE hToken
= INVALID_HANDLE_VALUE
;
682 TOKEN_USER
* token_user
= NULL
;
684 SID_NAME_USE snu
= SidTypeUser
;
685 WCHAR
* domain_name
= NULL
;
688 if (!OpenThreadToken (GetCurrentThread(), TOKEN_QUERY
, FALSE
, &hToken
))
690 DWORD dwLastError
= GetLastError();
691 if (dwLastError
!= ERROR_NO_TOKEN
692 && dwLastError
!= ERROR_NO_IMPERSONATION_TOKEN
)
694 /* don't call SetLastError(),
695 as OpenThreadToken() ought to have set one */
699 if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY
, &hToken
))
701 /* don't call SetLastError(),
702 as OpenProcessToken() ought to have set one */
707 tu_buf
= LocalAlloc(LMEM_FIXED
, 36);
710 SetLastError(ERROR_NOT_ENOUGH_MEMORY
);
715 if (!GetTokenInformation(hToken
, TokenUser
, tu_buf
, 36, &tu_len
) || tu_len
> 36)
718 tu_buf
= LocalAlloc(LMEM_FIXED
, tu_len
);
721 SetLastError(ERROR_NOT_ENOUGH_MEMORY
);
726 if (!GetTokenInformation(hToken
, TokenUser
, tu_buf
, tu_len
, &tu_len
))
728 /* don't call SetLastError(),
729 as GetTokenInformation() ought to have set one */
737 token_user
= (TOKEN_USER
*)tu_buf
;
741 domain_name
= LocalAlloc(LMEM_FIXED
, dn_len
* sizeof(WCHAR
));
745 SetLastError(ERROR_NOT_ENOUGH_MEMORY
);
749 if (!LookupAccountSidW(NULL
, token_user
->User
.Sid
, lpszName
, &an_len
, domain_name
, &dn_len
, &snu
)
754 LocalFree(domain_name
);
755 domain_name
= LocalAlloc(LMEM_FIXED
, dn_len
* sizeof(WCHAR
));
759 SetLastError(ERROR_NOT_ENOUGH_MEMORY
);
765 if (!LookupAccountSidW(NULL
, token_user
->User
.Sid
, lpszName
, &an_len
, domain_name
, &dn_len
, &snu
))
767 /* don't call SetLastError(),
768 as LookupAccountSid() ought to have set one */
769 LocalFree(domain_name
);
776 LocalFree(domain_name
);
778 *lpSize
= an_len
+ 1;
783 /******************************************************************************
784 * LookupAccountSidA [ADVAPI32.@]
790 LookupAccountSidA(LPCSTR lpSystemName
,
794 LPSTR lpReferencedDomainName
,
795 LPDWORD cchReferencedDomainName
,
798 UNICODE_STRING NameW
, ReferencedDomainNameW
, SystemNameW
;
799 LPWSTR NameBuffer
= NULL
;
800 LPWSTR ReferencedDomainNameBuffer
= NULL
;
801 DWORD dwName
, dwReferencedDomainName
;
805 * save the buffer sizes the caller passed to us, as they may get modified and
806 * we require the original values when converting back to ansi
809 dwReferencedDomainName
= *cchReferencedDomainName
;
811 /* allocate buffers for the unicode strings to receive */
814 NameBuffer
= (PWSTR
)LocalAlloc(LMEM_FIXED
, dwName
);
815 if (NameBuffer
== NULL
)
817 SetLastError(ERROR_OUTOFMEMORY
);
824 if (dwReferencedDomainName
> 0)
826 ReferencedDomainNameBuffer
= (PWSTR
)LocalAlloc(LMEM_FIXED
, dwReferencedDomainName
);
827 if (ReferencedDomainNameBuffer
== NULL
)
831 LocalFree(NameBuffer
);
834 SetLastError(ERROR_OUTOFMEMORY
);
839 ReferencedDomainNameBuffer
= NULL
;
842 /* convert the system name to unicode - if present */
843 if (lpSystemName
!= NULL
)
845 ANSI_STRING SystemNameA
;
847 RtlInitAnsiString(&SystemNameA
, lpSystemName
);
848 RtlAnsiStringToUnicodeString(&SystemNameW
, &SystemNameA
, TRUE
);
851 SystemNameW
.Buffer
= NULL
;
853 /* it's time to call the unicode version */
854 Ret
= LookupAccountSidW(SystemNameW
.Buffer
,
858 ReferencedDomainNameBuffer
,
859 cchReferencedDomainName
,
864 * convert unicode strings back to ansi, don't forget that we can't convert
865 * more than 0xFFFF (USHORT) characters! Also don't forget to explicitly
866 * terminate the converted string, the Rtl functions don't do that!
873 NameA
.MaximumLength
= ((dwName
<= 0xFFFF) ? (USHORT
)dwName
: 0xFFFF);
874 NameA
.Buffer
= lpName
;
876 RtlInitUnicodeString(&NameW
, NameBuffer
);
877 RtlUnicodeStringToAnsiString(&NameA
, &NameW
, FALSE
);
878 NameA
.Buffer
[NameA
.Length
] = '\0';
881 if (lpReferencedDomainName
!= NULL
)
883 ANSI_STRING ReferencedDomainNameA
;
885 ReferencedDomainNameA
.Length
= 0;
886 ReferencedDomainNameA
.MaximumLength
= ((dwReferencedDomainName
<= 0xFFFF) ?
887 (USHORT
)dwReferencedDomainName
: 0xFFFF);
888 ReferencedDomainNameA
.Buffer
= lpReferencedDomainName
;
890 RtlInitUnicodeString(&ReferencedDomainNameW
, ReferencedDomainNameBuffer
);
891 RtlUnicodeStringToAnsiString(&ReferencedDomainNameA
, &ReferencedDomainNameW
, FALSE
);
892 ReferencedDomainNameA
.Buffer
[ReferencedDomainNameA
.Length
] = '\0';
896 /* free previously allocated buffers */
897 if (SystemNameW
.Buffer
!= NULL
)
899 RtlFreeUnicodeString(&SystemNameW
);
902 if (NameBuffer
!= NULL
)
904 LocalFree(NameBuffer
);
907 if (ReferencedDomainNameBuffer
!= NULL
)
909 LocalFree(ReferencedDomainNameBuffer
);
916 /******************************************************************************
917 * LookupAccountSidW [ADVAPI32.@]
922 LookupAccountSidW(LPCWSTR pSystemName
,
925 LPDWORD pdwAccountName
,
927 LPDWORD pdwDomainName
,
930 LSA_UNICODE_STRING SystemName
;
931 LSA_OBJECT_ATTRIBUTES ObjectAttributes
= {0};
932 LSA_HANDLE PolicyHandle
= NULL
;
934 PLSA_REFERENCED_DOMAIN_LIST ReferencedDomain
= NULL
;
935 PLSA_TRANSLATED_NAME TranslatedName
= NULL
;
937 DWORD dwAccountName
, dwDomainName
;
939 RtlInitUnicodeString(&SystemName
, pSystemName
);
940 Status
= LsaOpenPolicy(&SystemName
, &ObjectAttributes
, POLICY_LOOKUP_NAMES
, &PolicyHandle
);
941 if (!NT_SUCCESS(Status
))
943 SetLastError(LsaNtStatusToWinError(Status
));
947 Status
= LsaLookupSids(PolicyHandle
, 1, &pSid
, &ReferencedDomain
, &TranslatedName
);
949 LsaClose(PolicyHandle
);
951 if (!NT_SUCCESS(Status
) || Status
== STATUS_SOME_NOT_MAPPED
)
953 SetLastError(LsaNtStatusToWinError(Status
));
960 dwAccountName
= TranslatedName
->Name
.Length
/ sizeof(WCHAR
);
961 if (ReferencedDomain
&& ReferencedDomain
->Entries
> 0)
962 dwDomainName
= ReferencedDomain
->Domains
[0].Name
.Length
/ sizeof(WCHAR
);
966 if (*pdwAccountName
<= dwAccountName
|| *pdwDomainName
<= dwDomainName
)
968 /* One or two buffers are insufficient, add up a char for NULL termination */
969 *pdwAccountName
= dwAccountName
+ 1;
970 *pdwDomainName
= dwDomainName
+ 1;
975 /* Lengths are sufficient, copy the data */
977 RtlCopyMemory(pAccountName
, TranslatedName
->Name
.Buffer
, dwAccountName
* sizeof(WCHAR
));
978 pAccountName
[dwAccountName
] = L
'\0';
981 RtlCopyMemory(pDomainName
, ReferencedDomain
->Domains
[0].Name
.Buffer
, dwDomainName
* sizeof(WCHAR
));
982 pDomainName
[dwDomainName
] = L
'\0';
984 *pdwAccountName
= dwAccountName
;
985 *pdwDomainName
= dwDomainName
;
988 *peUse
= TranslatedName
->Use
;
992 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
995 if (ReferencedDomain
)
996 LsaFreeMemory(ReferencedDomain
);
999 LsaFreeMemory(TranslatedName
);
1005 /******************************************************************************
1006 * LookupAccountNameA [ADVAPI32.@]
1012 LookupAccountNameA(LPCSTR SystemName
,
1016 LPSTR ReferencedDomainName
,
1017 LPDWORD hReferencedDomainNameLength
,
1018 PSID_NAME_USE SidNameUse
)
1021 UNICODE_STRING lpSystemW
;
1022 UNICODE_STRING lpAccountW
;
1023 LPWSTR lpReferencedDomainNameW
= NULL
;
1025 RtlCreateUnicodeStringFromAsciiz(&lpSystemW
, SystemName
);
1026 RtlCreateUnicodeStringFromAsciiz(&lpAccountW
, AccountName
);
1028 if (ReferencedDomainName
)
1029 lpReferencedDomainNameW
= HeapAlloc(GetProcessHeap(),
1031 *hReferencedDomainNameLength
* sizeof(WCHAR
));
1033 ret
= LookupAccountNameW(lpSystemW
.Buffer
,
1037 lpReferencedDomainNameW
,
1038 hReferencedDomainNameLength
,
1041 if (ret
&& lpReferencedDomainNameW
)
1043 WideCharToMultiByte(CP_ACP
,
1045 lpReferencedDomainNameW
,
1046 *hReferencedDomainNameLength
+ 1,
1047 ReferencedDomainName
,
1048 *hReferencedDomainNameLength
+ 1,
1053 RtlFreeUnicodeString(&lpSystemW
);
1054 RtlFreeUnicodeString(&lpAccountW
);
1055 HeapFree(GetProcessHeap(), 0, lpReferencedDomainNameW
);
1061 /******************************************************************************
1062 * LookupAccountNameW [ADVAPI32.@]
1068 LookupAccountNameW(LPCWSTR lpSystemName
,
1069 LPCWSTR lpAccountName
,
1072 LPWSTR ReferencedDomainName
,
1073 LPDWORD cchReferencedDomainName
,
1074 PSID_NAME_USE peUse
)
1076 OBJECT_ATTRIBUTES ObjectAttributes
= {0};
1077 UNICODE_STRING SystemName
;
1078 UNICODE_STRING AccountName
;
1079 LSA_HANDLE PolicyHandle
= NULL
;
1080 PLSA_REFERENCED_DOMAIN_LIST ReferencedDomains
= NULL
;
1081 PLSA_TRANSLATED_SID TranslatedSid
= NULL
;
1083 DWORD dwDomainNameLength
;
1085 UCHAR nSubAuthorities
;
1089 TRACE("%s %s %p %p %p %p %p\n", lpSystemName
, lpAccountName
,
1090 Sid
, cbSid
, ReferencedDomainName
, cchReferencedDomainName
, peUse
);
1092 RtlInitUnicodeString(&SystemName
,
1095 Status
= LsaOpenPolicy(lpSystemName
? &SystemName
: NULL
,
1097 POLICY_LOOKUP_NAMES
,
1099 if (!NT_SUCCESS(Status
))
1101 SetLastError(LsaNtStatusToWinError(Status
));
1105 RtlInitUnicodeString(&AccountName
,
1108 Status
= LsaLookupNames(PolicyHandle
,
1114 LsaClose(PolicyHandle
);
1116 if (!NT_SUCCESS(Status
) || Status
== STATUS_SOME_NOT_MAPPED
)
1118 SetLastError(LsaNtStatusToWinError(Status
));
1123 pDomainSid
= ReferencedDomains
->Domains
[TranslatedSid
->DomainIndex
].Sid
;
1124 nSubAuthorities
= *GetSidSubAuthorityCount(pDomainSid
);
1125 dwSidLength
= GetSidLengthRequired(nSubAuthorities
+ 1);
1127 dwDomainNameLength
= ReferencedDomains
->Domains
->Name
.Length
/ sizeof(WCHAR
);
1129 if (*cbSid
< dwSidLength
||
1130 *cchReferencedDomainName
< dwDomainNameLength
+ 1)
1132 *cbSid
= dwSidLength
;
1133 *cchReferencedDomainName
= dwDomainNameLength
+ 1;
1139 CopySid(*cbSid
, Sid
, pDomainSid
);
1140 *GetSidSubAuthorityCount(Sid
) = nSubAuthorities
+ 1;
1141 *GetSidSubAuthority(Sid
, (DWORD
)nSubAuthorities
) = TranslatedSid
->RelativeId
;
1143 RtlCopyMemory(ReferencedDomainName
, ReferencedDomains
->Domains
->Name
.Buffer
, dwDomainNameLength
* sizeof(WCHAR
));
1144 ReferencedDomainName
[dwDomainNameLength
] = L
'\0';
1146 *cchReferencedDomainName
= dwDomainNameLength
;
1148 *peUse
= TranslatedSid
->Use
;
1153 if (bResult
== FALSE
)
1154 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1157 if (ReferencedDomains
!= NULL
)
1158 LsaFreeMemory(ReferencedDomains
);
1160 if (TranslatedSid
!= NULL
)
1161 LsaFreeMemory(TranslatedSid
);
1167 /**********************************************************************
1168 * LookupPrivilegeValueA EXPORTED
1174 LookupPrivilegeValueA(LPCSTR lpSystemName
,
1178 UNICODE_STRING SystemName
;
1179 UNICODE_STRING Name
;
1182 /* Remote system? */
1183 if (lpSystemName
!= NULL
)
1185 RtlCreateUnicodeStringFromAsciiz(&SystemName
,
1186 (LPSTR
)lpSystemName
);
1189 SystemName
.Buffer
= NULL
;
1191 /* Check the privilege name is not NULL */
1194 SetLastError(ERROR_NO_SUCH_PRIVILEGE
);
1198 RtlCreateUnicodeStringFromAsciiz(&Name
,
1201 Result
= LookupPrivilegeValueW(SystemName
.Buffer
,
1205 RtlFreeUnicodeString(&Name
);
1207 /* Remote system? */
1208 if (SystemName
.Buffer
!= NULL
)
1210 RtlFreeUnicodeString(&SystemName
);
1217 /**********************************************************************
1218 * LookupPrivilegeValueW
1224 LookupPrivilegeValueW(LPCWSTR lpSystemName
,
1225 LPCWSTR lpPrivilegeName
,
1228 OBJECT_ATTRIBUTES ObjectAttributes
= {0};
1229 UNICODE_STRING SystemName
;
1230 UNICODE_STRING PrivilegeName
;
1231 LSA_HANDLE PolicyHandle
= NULL
;
1234 TRACE("%S,%S,%p\n", lpSystemName
, lpPrivilegeName
, lpLuid
);
1236 RtlInitUnicodeString(&SystemName
,
1239 Status
= LsaOpenPolicy(lpSystemName
? &SystemName
: NULL
,
1241 POLICY_LOOKUP_NAMES
,
1243 if (!NT_SUCCESS(Status
))
1245 SetLastError(LsaNtStatusToWinError(Status
));
1249 RtlInitUnicodeString(&PrivilegeName
,
1252 Status
= LsaLookupPrivilegeValue(PolicyHandle
,
1256 LsaClose(PolicyHandle
);
1258 if (!NT_SUCCESS(Status
))
1260 SetLastError(LsaNtStatusToWinError(Status
));
1268 /**********************************************************************
1269 * LookupPrivilegeDisplayNameA EXPORTED
1275 LookupPrivilegeDisplayNameA(LPCSTR lpSystemName
,
1277 LPSTR lpDisplayName
,
1278 LPDWORD cbDisplayName
,
1279 LPDWORD lpLanguageId
)
1281 FIXME("%s() not implemented!\n", __FUNCTION__
);
1282 SetLastError (ERROR_CALL_NOT_IMPLEMENTED
);
1287 /**********************************************************************
1288 * LookupPrivilegeDisplayNameW EXPORTED
1294 LookupPrivilegeDisplayNameW(LPCWSTR lpSystemName
,
1296 LPWSTR lpDisplayName
,
1297 LPDWORD cbDisplayName
,
1298 LPDWORD lpLanguageId
)
1300 FIXME("%s() not implemented!\n", __FUNCTION__
);
1301 SetLastError (ERROR_CALL_NOT_IMPLEMENTED
);
1306 /**********************************************************************
1307 * LookupPrivilegeNameA EXPORTED
1313 LookupPrivilegeNameA(LPCSTR lpSystemName
,
1318 UNICODE_STRING lpSystemNameW
;
1322 TRACE("%s %p %p %p\n", debugstr_a(lpSystemName
), lpLuid
, lpName
, cchName
);
1324 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW
, lpSystemName
);
1325 ret
= LookupPrivilegeNameW(lpSystemNameW
.Buffer
, lpLuid
, NULL
, &wLen
);
1326 if (!ret
&& GetLastError() == ERROR_INSUFFICIENT_BUFFER
)
1328 LPWSTR lpNameW
= HeapAlloc(GetProcessHeap(), 0, wLen
* sizeof(WCHAR
));
1330 ret
= LookupPrivilegeNameW(lpSystemNameW
.Buffer
, lpLuid
, lpNameW
,
1334 /* Windows crashes if cchName is NULL, so will I */
1335 unsigned int len
= WideCharToMultiByte(CP_ACP
, 0, lpNameW
, -1, lpName
,
1336 *cchName
, NULL
, NULL
);
1340 /* WideCharToMultiByte failed */
1343 else if (len
> *cchName
)
1346 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1351 /* WideCharToMultiByte succeeded, output length needs to be
1352 * length not including NULL terminator
1357 HeapFree(GetProcessHeap(), 0, lpNameW
);
1359 RtlFreeUnicodeString(&lpSystemNameW
);
1364 /**********************************************************************
1365 * LookupPrivilegeNameW EXPORTED
1371 LookupPrivilegeNameW(LPCWSTR lpSystemName
,
1376 OBJECT_ATTRIBUTES ObjectAttributes
= {0};
1377 UNICODE_STRING SystemName
;
1378 PUNICODE_STRING PrivilegeName
= NULL
;
1379 LSA_HANDLE PolicyHandle
= NULL
;
1382 TRACE("%S,%p,%p,%p\n", lpSystemName
, lpLuid
, lpName
, cchName
);
1384 RtlInitUnicodeString(&SystemName
,
1387 Status
= LsaOpenPolicy(lpSystemName
? &SystemName
: NULL
,
1389 POLICY_LOOKUP_NAMES
,
1391 if (!NT_SUCCESS(Status
))
1393 SetLastError(LsaNtStatusToWinError(Status
));
1397 Status
= LsaLookupPrivilegeName(PolicyHandle
,
1400 if (NT_SUCCESS(Status
))
1402 if (PrivilegeName
->Length
+ sizeof(WCHAR
) > *cchName
* sizeof(WCHAR
))
1404 Status
= STATUS_BUFFER_TOO_SMALL
;
1406 *cchName
= (PrivilegeName
->Length
+ sizeof(WCHAR
)) / sizeof(WCHAR
);
1410 RtlMoveMemory(lpName
,
1411 PrivilegeName
->Buffer
,
1412 PrivilegeName
->Length
);
1413 lpName
[PrivilegeName
->Length
/ sizeof(WCHAR
)] = 0;
1415 *cchName
= PrivilegeName
->Length
/ sizeof(WCHAR
);
1418 LsaFreeMemory(PrivilegeName
->Buffer
);
1419 LsaFreeMemory(PrivilegeName
);
1422 LsaClose(PolicyHandle
);
1424 if (!NT_SUCCESS(Status
))
1426 SetLastError(LsaNtStatusToWinError(Status
));
1435 pGetSecurityInfoCheck(SECURITY_INFORMATION SecurityInfo
,
1440 PSECURITY_DESCRIPTOR
* ppSecurityDescriptor
)
1442 if ((SecurityInfo
& (OWNER_SECURITY_INFORMATION
|
1443 GROUP_SECURITY_INFORMATION
|
1444 DACL_SECURITY_INFORMATION
|
1445 SACL_SECURITY_INFORMATION
)) &&
1446 ppSecurityDescriptor
== NULL
)
1448 /* if one of the SIDs or ACLs are present, the security descriptor
1450 return ERROR_INVALID_PARAMETER
;
1454 /* reset the pointers unless they're ignored */
1455 if ((SecurityInfo
& OWNER_SECURITY_INFORMATION
) &&
1460 if ((SecurityInfo
& GROUP_SECURITY_INFORMATION
) &&
1465 if ((SecurityInfo
& DACL_SECURITY_INFORMATION
) &&
1470 if ((SecurityInfo
& SACL_SECURITY_INFORMATION
) &&
1476 if (SecurityInfo
& (OWNER_SECURITY_INFORMATION
|
1477 GROUP_SECURITY_INFORMATION
|
1478 DACL_SECURITY_INFORMATION
|
1479 SACL_SECURITY_INFORMATION
))
1481 *ppSecurityDescriptor
= NULL
;
1484 return ERROR_SUCCESS
;
1490 pSetSecurityInfoCheck(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
1491 SECURITY_INFORMATION SecurityInfo
,
1497 /* initialize a security descriptor on the stack */
1498 if (!InitializeSecurityDescriptor(pSecurityDescriptor
,
1499 SECURITY_DESCRIPTOR_REVISION
))
1501 return GetLastError();
1504 if (SecurityInfo
& OWNER_SECURITY_INFORMATION
)
1506 if (RtlValidSid(psidOwner
))
1508 if (!SetSecurityDescriptorOwner(pSecurityDescriptor
,
1512 return GetLastError();
1517 return ERROR_INVALID_PARAMETER
;
1521 if (SecurityInfo
& GROUP_SECURITY_INFORMATION
)
1523 if (RtlValidSid(psidGroup
))
1525 if (!SetSecurityDescriptorGroup(pSecurityDescriptor
,
1529 return GetLastError();
1534 return ERROR_INVALID_PARAMETER
;
1538 if (SecurityInfo
& DACL_SECURITY_INFORMATION
)
1542 if (SetSecurityDescriptorDacl(pSecurityDescriptor
,
1547 /* check if the DACL needs to be protected from being
1548 modified by inheritable ACEs */
1549 if (SecurityInfo
& PROTECTED_DACL_SECURITY_INFORMATION
)
1556 return GetLastError();
1562 /* protect the DACL from being modified by inheritable ACEs */
1563 if (!SetSecurityDescriptorControl(pSecurityDescriptor
,
1567 return GetLastError();
1572 if (SecurityInfo
& SACL_SECURITY_INFORMATION
)
1576 if (SetSecurityDescriptorSacl(pSecurityDescriptor
,
1581 /* check if the SACL needs to be protected from being
1582 modified by inheritable ACEs */
1583 if (SecurityInfo
& PROTECTED_SACL_SECURITY_INFORMATION
)
1590 return GetLastError();
1596 /* protect the SACL from being modified by inheritable ACEs */
1597 if (!SetSecurityDescriptorControl(pSecurityDescriptor
,
1601 return GetLastError();
1606 return ERROR_SUCCESS
;
1610 /**********************************************************************
1611 * GetNamedSecurityInfoW EXPORTED
1617 GetNamedSecurityInfoW(LPWSTR pObjectName
,
1618 SE_OBJECT_TYPE ObjectType
,
1619 SECURITY_INFORMATION SecurityInfo
,
1624 PSECURITY_DESCRIPTOR
*ppSecurityDescriptor
)
1628 if (pObjectName
!= NULL
)
1630 ErrorCode
= CheckNtMartaPresent();
1631 if (ErrorCode
== ERROR_SUCCESS
)
1633 ErrorCode
= pGetSecurityInfoCheck(SecurityInfo
,
1638 ppSecurityDescriptor
);
1640 if (ErrorCode
== ERROR_SUCCESS
)
1642 /* call the MARTA provider */
1643 ErrorCode
= AccRewriteGetNamedRights(pObjectName
,
1650 ppSecurityDescriptor
);
1655 ErrorCode
= ERROR_INVALID_PARAMETER
;
1661 /**********************************************************************
1662 * GetNamedSecurityInfoA EXPORTED
1668 GetNamedSecurityInfoA(LPSTR pObjectName
,
1669 SE_OBJECT_TYPE ObjectType
,
1670 SECURITY_INFORMATION SecurityInfo
,
1675 PSECURITY_DESCRIPTOR
*ppSecurityDescriptor
)
1681 TRACE("%s %d %d %p %p %p %p %p\n", pObjectName
, ObjectType
, SecurityInfo
,
1682 ppsidOwner
, ppsidGroup
, ppDacl
, ppSacl
, ppSecurityDescriptor
);
1686 len
= MultiByteToWideChar( CP_ACP
, 0, pObjectName
, -1, NULL
, 0 );
1687 wstr
= HeapAlloc( GetProcessHeap(), 0, len
*sizeof(WCHAR
));
1688 MultiByteToWideChar( CP_ACP
, 0, pObjectName
, -1, wstr
, len
);
1691 r
= GetNamedSecurityInfoW( wstr
, ObjectType
, SecurityInfo
, ppsidOwner
,
1692 ppsidGroup
, ppDacl
, ppSacl
, ppSecurityDescriptor
);
1694 HeapFree( GetProcessHeap(), 0, wstr
);
1700 /**********************************************************************
1701 * SetNamedSecurityInfoW EXPORTED
1707 SetNamedSecurityInfoW(LPWSTR pObjectName
,
1708 SE_OBJECT_TYPE ObjectType
,
1709 SECURITY_INFORMATION SecurityInfo
,
1717 if (pObjectName
!= NULL
)
1719 ErrorCode
= CheckNtMartaPresent();
1720 if (ErrorCode
== ERROR_SUCCESS
)
1722 SECURITY_DESCRIPTOR SecurityDescriptor
;
1724 ErrorCode
= pSetSecurityInfoCheck(&SecurityDescriptor
,
1731 if (ErrorCode
== ERROR_SUCCESS
)
1733 /* call the MARTA provider */
1734 ErrorCode
= AccRewriteSetNamedRights(pObjectName
,
1737 &SecurityDescriptor
);
1742 ErrorCode
= ERROR_INVALID_PARAMETER
;
1748 /**********************************************************************
1749 * SetNamedSecurityInfoA EXPORTED
1755 SetNamedSecurityInfoA(LPSTR pObjectName
,
1756 SE_OBJECT_TYPE ObjectType
,
1757 SECURITY_INFORMATION SecurityInfo
,
1763 UNICODE_STRING ObjectName
;
1767 Status
= RtlCreateUnicodeStringFromAsciiz(&ObjectName
,
1769 if (!NT_SUCCESS(Status
))
1771 return RtlNtStatusToDosError(Status
);
1774 Ret
= SetNamedSecurityInfoW(ObjectName
.Buffer
,
1782 RtlFreeUnicodeString(&ObjectName
);
1788 /**********************************************************************
1789 * GetSecurityInfo EXPORTED
1795 GetSecurityInfo(HANDLE handle
,
1796 SE_OBJECT_TYPE ObjectType
,
1797 SECURITY_INFORMATION SecurityInfo
,
1802 PSECURITY_DESCRIPTOR
*ppSecurityDescriptor
)
1808 ErrorCode
= CheckNtMartaPresent();
1809 if (ErrorCode
== ERROR_SUCCESS
)
1811 ErrorCode
= pGetSecurityInfoCheck(SecurityInfo
,
1816 ppSecurityDescriptor
);
1818 if (ErrorCode
== ERROR_SUCCESS
)
1820 /* call the MARTA provider */
1821 ErrorCode
= AccRewriteGetHandleRights(handle
,
1828 ppSecurityDescriptor
);
1833 ErrorCode
= ERROR_INVALID_HANDLE
;
1839 /**********************************************************************
1840 * SetSecurityInfo EXPORTED
1846 SetSecurityInfo(HANDLE handle
,
1847 SE_OBJECT_TYPE ObjectType
,
1848 SECURITY_INFORMATION SecurityInfo
,
1858 ErrorCode
= CheckNtMartaPresent();
1859 if (ErrorCode
== ERROR_SUCCESS
)
1861 SECURITY_DESCRIPTOR SecurityDescriptor
;
1863 ErrorCode
= pSetSecurityInfoCheck(&SecurityDescriptor
,
1870 if (ErrorCode
== ERROR_SUCCESS
)
1872 /* call the MARTA provider */
1873 ErrorCode
= AccRewriteSetHandleRights(handle
,
1876 &SecurityDescriptor
);
1881 ErrorCode
= ERROR_INVALID_HANDLE
;
1887 /******************************************************************************
1888 * GetSecurityInfoExW EXPORTED
1892 GetSecurityInfoExA(HANDLE hObject
,
1893 SE_OBJECT_TYPE ObjectType
,
1894 SECURITY_INFORMATION SecurityInfo
,
1897 PACTRL_ACCESSA
*ppAccessList
,
1898 PACTRL_AUDITA
*ppAuditList
,
1902 FIXME("%s() not implemented!\n", __FUNCTION__
);
1903 return ERROR_BAD_PROVIDER
;
1907 /******************************************************************************
1908 * GetSecurityInfoExW EXPORTED
1912 GetSecurityInfoExW(HANDLE hObject
,
1913 SE_OBJECT_TYPE ObjectType
,
1914 SECURITY_INFORMATION SecurityInfo
,
1917 PACTRL_ACCESSW
*ppAccessList
,
1918 PACTRL_AUDITW
*ppAuditList
,
1922 FIXME("%s() not implemented!\n", __FUNCTION__
);
1923 return ERROR_BAD_PROVIDER
;
1927 /**********************************************************************
1928 * ImpersonateNamedPipeClient EXPORTED
1934 ImpersonateNamedPipeClient(HANDLE hNamedPipe
)
1936 IO_STATUS_BLOCK StatusBlock
;
1939 TRACE("ImpersonateNamedPipeClient() called\n");
1941 Status
= NtFsControlFile(hNamedPipe
,
1946 FSCTL_PIPE_IMPERSONATE
,
1951 if (!NT_SUCCESS(Status
))
1953 SetLastError(RtlNtStatusToDosError(Status
));
1966 CreatePrivateObjectSecurity(PSECURITY_DESCRIPTOR ParentDescriptor
,
1967 PSECURITY_DESCRIPTOR CreatorDescriptor
,
1968 PSECURITY_DESCRIPTOR
*NewDescriptor
,
1969 BOOL IsDirectoryObject
,
1971 PGENERIC_MAPPING GenericMapping
)
1975 Status
= RtlNewSecurityObject(ParentDescriptor
,
1981 if (!NT_SUCCESS(Status
))
1983 SetLastError(RtlNtStatusToDosError(Status
));
1996 CreatePrivateObjectSecurityEx(PSECURITY_DESCRIPTOR ParentDescriptor
,
1997 PSECURITY_DESCRIPTOR CreatorDescriptor
,
1998 PSECURITY_DESCRIPTOR
* NewDescriptor
,
2000 BOOL IsContainerObject
,
2001 ULONG AutoInheritFlags
,
2003 PGENERIC_MAPPING GenericMapping
)
2005 FIXME("%s() not implemented!\n", __FUNCTION__
);
2015 CreatePrivateObjectSecurityWithMultipleInheritance(PSECURITY_DESCRIPTOR ParentDescriptor
,
2016 PSECURITY_DESCRIPTOR CreatorDescriptor
,
2017 PSECURITY_DESCRIPTOR
* NewDescriptor
,
2020 BOOL IsContainerObject
,
2021 ULONG AutoInheritFlags
,
2023 PGENERIC_MAPPING GenericMapping
)
2025 FIXME("%s() not implemented!\n", __FUNCTION__
);
2035 DestroyPrivateObjectSecurity(PSECURITY_DESCRIPTOR
*ObjectDescriptor
)
2039 Status
= RtlDeleteSecurityObject(ObjectDescriptor
);
2040 if (!NT_SUCCESS(Status
))
2042 SetLastError(RtlNtStatusToDosError(Status
));
2055 GetPrivateObjectSecurity(IN PSECURITY_DESCRIPTOR ObjectDescriptor
,
2056 IN SECURITY_INFORMATION SecurityInformation
,
2057 OUT PSECURITY_DESCRIPTOR ResultantDescriptor OPTIONAL
,
2058 IN DWORD DescriptorLength
,
2059 OUT PDWORD ReturnLength
)
2064 Status
= RtlQuerySecurityObject(ObjectDescriptor
,
2065 SecurityInformation
,
2066 ResultantDescriptor
,
2069 if (!NT_SUCCESS(Status
))
2072 SetLastError(RtlNtStatusToDosError(Status
));
2086 SetPrivateObjectSecurity(SECURITY_INFORMATION SecurityInformation
,
2087 PSECURITY_DESCRIPTOR ModificationDescriptor
,
2088 PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
2089 PGENERIC_MAPPING GenericMapping
,
2094 Status
= RtlSetSecurityObject(SecurityInformation
,
2095 ModificationDescriptor
,
2096 ObjectsSecurityDescriptor
,
2099 if (!NT_SUCCESS(Status
))
2101 SetLastError(RtlNtStatusToDosError(Status
));
2114 TreeResetNamedSecurityInfoW(LPWSTR pObjectName
,
2115 SE_OBJECT_TYPE ObjectType
,
2116 SECURITY_INFORMATION SecurityInfo
,
2122 FN_PROGRESSW fnProgress
,
2123 PROG_INVOKE_SETTING ProgressInvokeSetting
,
2128 if (pObjectName
!= NULL
)
2130 ErrorCode
= CheckNtMartaPresent();
2131 if (ErrorCode
== ERROR_SUCCESS
)
2135 case SE_FILE_OBJECT
:
2136 case SE_REGISTRY_KEY
:
2138 /* check the SecurityInfo flags for sanity (both, the protected
2139 and unprotected dacl/sacl flag must not be passed together) */
2140 if (((SecurityInfo
& DACL_SECURITY_INFORMATION
) &&
2141 (SecurityInfo
& (PROTECTED_DACL_SECURITY_INFORMATION
| UNPROTECTED_DACL_SECURITY_INFORMATION
)) ==
2142 (PROTECTED_DACL_SECURITY_INFORMATION
| UNPROTECTED_DACL_SECURITY_INFORMATION
))
2146 ((SecurityInfo
& SACL_SECURITY_INFORMATION
) &&
2147 (SecurityInfo
& (PROTECTED_SACL_SECURITY_INFORMATION
| UNPROTECTED_SACL_SECURITY_INFORMATION
)) ==
2148 (PROTECTED_SACL_SECURITY_INFORMATION
| UNPROTECTED_SACL_SECURITY_INFORMATION
)))
2150 ErrorCode
= ERROR_INVALID_PARAMETER
;
2154 /* call the MARTA provider */
2155 ErrorCode
= AccTreeResetNamedSecurityInfo(pObjectName
,
2164 ProgressInvokeSetting
,
2170 /* object type not supported */
2171 ErrorCode
= ERROR_INVALID_PARAMETER
;
2177 ErrorCode
= ERROR_INVALID_PARAMETER
;
2182 #ifdef HAS_FN_PROGRESSW
2184 typedef struct _INERNAL_FNPROGRESSW_DATA
2186 FN_PROGRESSA fnProgress
;
2188 } INERNAL_FNPROGRESSW_DATA
, *PINERNAL_FNPROGRESSW_DATA
;
2191 InternalfnProgressW(LPWSTR pObjectName
,
2193 PPROG_INVOKE_SETTING pInvokeSetting
,
2197 PINERNAL_FNPROGRESSW_DATA pifnProgressData
= (PINERNAL_FNPROGRESSW_DATA
)Args
;
2201 ObjectNameSize
= WideCharToMultiByte(CP_ACP
,
2210 if (ObjectNameSize
> 0)
2212 pObjectNameA
= RtlAllocateHeap(RtlGetProcessHeap(),
2215 if (pObjectNameA
!= NULL
)
2217 pObjectNameA
[0] = '\0';
2218 WideCharToMultiByte(CP_ACP
,
2227 pifnProgressData
->fnProgress((LPWSTR
)pObjectNameA
, /* FIXME: wrong cast!! */
2230 pifnProgressData
->Args
,
2233 RtlFreeHeap(RtlGetProcessHeap(),
2247 TreeResetNamedSecurityInfoA(LPSTR pObjectName
,
2248 SE_OBJECT_TYPE ObjectType
,
2249 SECURITY_INFORMATION SecurityInfo
,
2255 FN_PROGRESSA fnProgress
,
2256 PROG_INVOKE_SETTING ProgressInvokeSetting
,
2259 #ifndef HAS_FN_PROGRESSW
2260 /* That's all this function does, at least up to w2k3... Even MS was too
2261 lazy to implement it... */
2262 return ERROR_CALL_NOT_IMPLEMENTED
;
2264 INERNAL_FNPROGRESSW_DATA ifnProgressData
;
2265 UNICODE_STRING ObjectName
;
2269 Status
= RtlCreateUnicodeStringFromAsciiz(&ObjectName
,
2271 if (!NT_SUCCESS(Status
))
2273 return RtlNtStatusToDosError(Status
);
2276 ifnProgressData
.fnProgress
= fnProgress
;
2277 ifnProgressData
.Args
= Args
;
2279 Ret
= TreeResetNamedSecurityInfoW(ObjectName
.Buffer
,
2287 (fnProgress
!= NULL
? InternalfnProgressW
: NULL
),
2288 ProgressInvokeSetting
,
2291 RtlFreeUnicodeString(&ObjectName
);
2297 /******************************************************************************
2298 * SaferCreateLevel [ADVAPI32.@]
2300 BOOL WINAPI
SaferCreateLevel(DWORD ScopeId
, DWORD LevelId
, DWORD OpenFlags
,
2301 SAFER_LEVEL_HANDLE
* LevelHandle
, LPVOID lpReserved
)
2303 FIXME("(%u, %x, %u, %p, %p) stub\n", ScopeId
, LevelId
, OpenFlags
, LevelHandle
, lpReserved
);
2307 /******************************************************************************
2308 * SaferGetPolicyInformation [ADVAPI32.@]
2310 BOOL WINAPI
SaferGetPolicyInformation(DWORD scope
, SAFER_POLICY_INFO_CLASS
class, DWORD size
,
2311 PVOID buffer
, PDWORD required
, LPVOID lpReserved
)
2313 FIXME("(%u %u %u %p %p %p) stub\n", scope
, class, size
, buffer
, required
, lpReserved
);
2317 /******************************************************************************
2318 * QueryWindows31FilesMigration [ADVAPI32.@]
2324 QueryWindows31FilesMigration( DWORD x1
)
2326 FIXME("(%d):stub\n",x1
);
2330 /******************************************************************************
2331 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
2340 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1
, DWORD x2
, DWORD x3
,
2343 FIXME("(0x%08x,0x%08x,0x%08x,0x%08x):stub\n",x1
,x2
,x3
,x4
);