2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/advapi32/sec/misc.c
5 * PURPOSE: Miscellaneous security functions (some ported from Wine)
9 #include "wine/unicode.h"
10 #include "wine/debug.h"
12 WINE_DEFAULT_DEBUG_CHANNEL(advapi
);
14 /* Needed for LookupAccountNameW implementation from Wine */
16 typedef struct _AccountSid
18 WELL_KNOWN_SID_TYPE type
;
21 SID_NAME_USE name_use
;
24 static const WCHAR Account_Operators
[] = { 'A','c','c','o','u','n','t',' ','O','p','e','r','a','t','o','r','s',0 };
25 static const WCHAR Administrator
[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0 };
26 static const WCHAR Administrators
[] = { 'A','d','m','i','n','i','s','t','r','a','t','o','r','s',0 };
27 static const WCHAR ANONYMOUS_LOGON
[] = { 'A','N','O','N','Y','M','O','U','S',' ','L','O','G','O','N',0 };
28 static const WCHAR Authenticated_Users
[] = { 'A','u','t','h','e','n','t','i','c','a','t','e','d',' ','U','s','e','r','s',0 };
29 static const WCHAR Backup_Operators
[] = { 'B','a','c','k','u','p',' ','O','p','e','r','a','t','o','r','s',0 };
30 static const WCHAR BATCH
[] = { 'B','A','T','C','H',0 };
31 static const WCHAR Blank
[] = { 0 };
32 static const WCHAR BUILTIN
[] = { 'B','U','I','L','T','I','N',0 };
33 static const WCHAR Cert_Publishers
[] = { 'C','e','r','t',' ','P','u','b','l','i','s','h','e','r','s',0 };
34 static const WCHAR CREATOR_GROUP
[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',0 };
35 static const WCHAR CREATOR_GROUP_SERVER
[] = { 'C','R','E','A','T','O','R',' ','G','R','O','U','P',' ','S','E','R','V','E','R',0 };
36 static const WCHAR CREATOR_OWNER
[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',0 };
37 static const WCHAR CREATOR_OWNER_SERVER
[] = { 'C','R','E','A','T','O','R',' ','O','W','N','E','R',' ','S','E','R','V','E','R',0 };
38 static const WCHAR DIALUP
[] = { 'D','I','A','L','U','P',0 };
39 static const WCHAR Digest_Authentication
[] = { 'D','i','g','e','s','t',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 };
40 static const WCHAR DOMAIN
[] = {'D','O','M','A','I','N',0};
41 static const WCHAR Domain_Admins
[] = { 'D','o','m','a','i','n',' ','A','d','m','i','n','s',0 };
42 static const WCHAR Domain_Computers
[] = { 'D','o','m','a','i','n',' ','C','o','m','p','u','t','e','r','s',0 };
43 static const WCHAR Domain_Controllers
[] = { 'D','o','m','a','i','n',' ','C','o','n','t','r','o','l','l','e','r','s',0 };
44 static const WCHAR Domain_Guests
[] = { 'D','o','m','a','i','n',' ','G','u','e','s','t','s',0 };
45 static const WCHAR Domain_Users
[] = { 'D','o','m','a','i','n',' ','U','s','e','r','s',0 };
46 static const WCHAR Enterprise_Admins
[] = { 'E','n','t','e','r','p','r','i','s','e',' ','A','d','m','i','n','s',0 };
47 static const WCHAR ENTERPRISE_DOMAIN_CONTROLLERS
[] = { 'E','N','T','E','R','P','R','I','S','E',' ','D','O','M','A','I','N',' ','C','O','N','T','R','O','L','L','E','R','S',0 };
48 static const WCHAR Everyone
[] = { 'E','v','e','r','y','o','n','e',0 };
49 static const WCHAR Group_Policy_Creator_Owners
[] = { 'G','r','o','u','p',' ','P','o','l','i','c','y',' ','C','r','e','a','t','o','r',' ','O','w','n','e','r','s',0 };
50 static const WCHAR Guest
[] = { 'G','u','e','s','t',0 };
51 static const WCHAR Guests
[] = { 'G','u','e','s','t','s',0 };
52 static const WCHAR INTERACTIVE
[] = { 'I','N','T','E','R','A','C','T','I','V','E',0 };
53 static const WCHAR LOCAL
[] = { 'L','O','C','A','L',0 };
54 static const WCHAR LOCAL_SERVICE
[] = { 'L','O','C','A','L',' ','S','E','R','V','I','C','E',0 };
55 static const WCHAR NETWORK
[] = { 'N','E','T','W','O','R','K',0 };
56 static const WCHAR Network_Configuration_Operators
[] = { 'N','e','t','w','o','r','k',' ','C','o','n','f','i','g','u','r','a','t','i','o','n',' ','O','p','e','r','a','t','o','r','s',0 };
57 static const WCHAR NETWORK_SERVICE
[] = { 'N','E','T','W','O','R','K',' ','S','E','R','V','I','C','E',0 };
58 static const WCHAR NT_AUTHORITY
[] = { 'N','T',' ','A','U','T','H','O','R','I','T','Y',0 };
59 static const WCHAR NT_Pseudo_Domain
[] = { 'N','T',' ','P','s','e','u','d','o',' ','D','o','m','a','i','n',0 };
60 static const WCHAR NTML_Authentication
[] = { 'N','T','M','L',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 };
61 static const WCHAR NULL_SID
[] = { 'N','U','L','L',' ','S','I','D',0 };
62 static const WCHAR Other_Organization
[] = { 'O','t','h','e','r',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 };
63 static const WCHAR Performance_Log_Users
[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','L','o','g',' ','U','s','e','r','s',0 };
64 static const WCHAR Performance_Monitor_Users
[] = { 'P','e','r','f','o','r','m','a','n','c','e',' ','M','o','n','i','t','o','r',' ','U','s','e','r','s',0 };
65 static const WCHAR Power_Users
[] = { 'P','o','w','e','r',' ','U','s','e','r','s',0 };
66 static const WCHAR Pre_Windows_2000_Compatible_Access
[] = { 'P','r','e','-','W','i','n','d','o','w','s',' ','2','0','0','0',' ','C','o','m','p','a','t','i','b','l','e',' ','A','c','c','e','s','s',0 };
67 static const WCHAR Print_Operators
[] = { 'P','r','i','n','t',' ','O','p','e','r','a','t','o','r','s',0 };
68 static const WCHAR PROXY
[] = { 'P','R','O','X','Y',0 };
69 static const WCHAR RAS_and_IAS_Servers
[] = { 'R','A','S',' ','a','n','d',' ','I','A','S',' ','S','e','r','v','e','r','s',0 };
70 static const WCHAR Remote_Desktop_Users
[] = { 'R','e','m','o','t','e',' ','D','e','s','k','t','o','p',' ','U','s','e','r','s',0 };
71 static const WCHAR REMOTE_INTERACTIVE_LOGON
[] = { 'R','E','M','O','T','E',' ','I','N','T','E','R','A','C','T','I','V','E',' ','L','O','G','O','N',0 };
72 static const WCHAR Replicators
[] = { 'R','e','p','l','i','c','a','t','o','r','s',0 };
73 static const WCHAR RESTRICTED
[] = { 'R','E','S','T','R','I','C','T','E','D',0 };
74 static const WCHAR SChannel_Authentication
[] = { 'S','C','h','a','n','n','e','l',' ','A','u','t','h','e','n','t','i','c','a','t','i','o','n',0 };
75 static const WCHAR Schema_Admins
[] = { 'S','c','h','e','m','a',' ','A','d','m','i','n','s',0 };
76 static const WCHAR SELF
[] = { 'S','E','L','F',0 };
77 static const WCHAR Server_Operators
[] = { 'S','e','r','v','e','r',' ','O','p','e','r','a','t','o','r','s',0 };
78 static const WCHAR SERVICE
[] = { 'S','E','R','V','I','C','E',0 };
79 static const WCHAR SYSTEM
[] = { 'S','Y','S','T','E','M',0 };
80 static const WCHAR TERMINAL_SERVER_USER
[] = { 'T','E','R','M','I','N','A','L',' ','S','E','R','V','E','R',' ','U','S','E','R',0 };
81 static const WCHAR This_Organization
[] = { 'T','h','i','s',' ','O','r','g','a','n','i','z','a','t','i','o','n',0 };
82 static const WCHAR Users
[] = { 'U','s','e','r','s',0 };
84 static const AccountSid ACCOUNT_SIDS
[] = {
85 { WinNullSid
, NULL_SID
, Blank
, SidTypeWellKnownGroup
},
86 { WinWorldSid
, Everyone
, Blank
, SidTypeWellKnownGroup
},
87 { WinLocalSid
, LOCAL
, Blank
, SidTypeWellKnownGroup
},
88 { WinCreatorOwnerSid
, CREATOR_OWNER
, Blank
, SidTypeWellKnownGroup
},
89 { WinCreatorGroupSid
, CREATOR_GROUP
, Blank
, SidTypeWellKnownGroup
},
90 { WinCreatorOwnerServerSid
, CREATOR_OWNER_SERVER
, Blank
, SidTypeWellKnownGroup
},
91 { WinCreatorGroupServerSid
, CREATOR_GROUP_SERVER
, Blank
, SidTypeWellKnownGroup
},
92 { WinNtAuthoritySid
, NT_Pseudo_Domain
, NT_Pseudo_Domain
, SidTypeDomain
},
93 { WinDialupSid
, DIALUP
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
94 { WinNetworkSid
, NETWORK
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
95 { WinBatchSid
, BATCH
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
96 { WinInteractiveSid
, INTERACTIVE
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
97 { WinServiceSid
, SERVICE
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
98 { WinAnonymousSid
, ANONYMOUS_LOGON
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
99 { WinProxySid
, PROXY
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
100 { WinEnterpriseControllersSid
, ENTERPRISE_DOMAIN_CONTROLLERS
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
101 { WinSelfSid
, SELF
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
102 { WinAuthenticatedUserSid
, Authenticated_Users
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
103 { WinRestrictedCodeSid
, RESTRICTED
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
104 { WinTerminalServerSid
, TERMINAL_SERVER_USER
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
105 { WinRemoteLogonIdSid
, REMOTE_INTERACTIVE_LOGON
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
106 { WinLocalSystemSid
, SYSTEM
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
107 { WinLocalServiceSid
, LOCAL_SERVICE
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
108 { WinNetworkServiceSid
, NETWORK_SERVICE
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
109 { WinBuiltinDomainSid
, BUILTIN
, BUILTIN
, SidTypeDomain
},
110 { WinBuiltinAdministratorsSid
, Administrators
, BUILTIN
, SidTypeAlias
},
111 { WinBuiltinUsersSid
, Users
, BUILTIN
, SidTypeAlias
},
112 { WinBuiltinGuestsSid
, Guests
, BUILTIN
, SidTypeAlias
},
113 { WinBuiltinPowerUsersSid
, Power_Users
, BUILTIN
, SidTypeAlias
},
114 { WinBuiltinAccountOperatorsSid
, Account_Operators
, BUILTIN
, SidTypeAlias
},
115 { WinBuiltinSystemOperatorsSid
, Server_Operators
, BUILTIN
, SidTypeAlias
},
116 { WinBuiltinPrintOperatorsSid
, Print_Operators
, BUILTIN
, SidTypeAlias
},
117 { WinBuiltinBackupOperatorsSid
, Backup_Operators
, BUILTIN
, SidTypeAlias
},
118 { WinBuiltinReplicatorSid
, Replicators
, BUILTIN
, SidTypeAlias
},
119 { WinBuiltinPreWindows2000CompatibleAccessSid
, Pre_Windows_2000_Compatible_Access
, BUILTIN
, SidTypeAlias
},
120 { WinBuiltinRemoteDesktopUsersSid
, Remote_Desktop_Users
, BUILTIN
, SidTypeAlias
},
121 { WinBuiltinNetworkConfigurationOperatorsSid
, Network_Configuration_Operators
, BUILTIN
, SidTypeAlias
},
122 { WinNTLMAuthenticationSid
, NTML_Authentication
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
123 { WinDigestAuthenticationSid
, Digest_Authentication
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
124 { WinSChannelAuthenticationSid
, SChannel_Authentication
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
125 { WinThisOrganizationSid
, This_Organization
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
126 { WinOtherOrganizationSid
, Other_Organization
, NT_AUTHORITY
, SidTypeWellKnownGroup
},
127 { WinBuiltinPerfMonitoringUsersSid
, Performance_Monitor_Users
, BUILTIN
, SidTypeAlias
},
128 { WinBuiltinPerfLoggingUsersSid
, Performance_Log_Users
, BUILTIN
, SidTypeAlias
},
131 static const WCHAR SE_CREATE_TOKEN_NAME_W
[] =
132 { 'S','e','C','r','e','a','t','e','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
133 static const WCHAR SE_ASSIGNPRIMARYTOKEN_NAME_W
[] =
134 { 'S','e','A','s','s','i','g','n','P','r','i','m','a','r','y','T','o','k','e','n','P','r','i','v','i','l','e','g','e',0 };
135 static const WCHAR SE_LOCK_MEMORY_NAME_W
[] =
136 { 'S','e','L','o','c','k','M','e','m','o','r','y','P','r','i','v','i','l','e','g','e',0 };
137 static const WCHAR SE_INCREASE_QUOTA_NAME_W
[] =
138 { 'S','e','I','n','c','r','e','a','s','e','Q','u','o','t','a','P','r','i','v','i','l','e','g','e',0 };
139 static const WCHAR SE_MACHINE_ACCOUNT_NAME_W
[] =
140 { 'S','e','M','a','c','h','i','n','e','A','c','c','o','u','n','t','P','r','i','v','i','l','e','g','e',0 };
141 static const WCHAR SE_TCB_NAME_W
[] =
142 { 'S','e','T','c','b','P','r','i','v','i','l','e','g','e',0 };
143 static const WCHAR SE_SECURITY_NAME_W
[] =
144 { 'S','e','S','e','c','u','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
145 static const WCHAR SE_TAKE_OWNERSHIP_NAME_W
[] =
146 { 'S','e','T','a','k','e','O','w','n','e','r','s','h','i','p','P','r','i','v','i','l','e','g','e',0 };
147 static const WCHAR SE_LOAD_DRIVER_NAME_W
[] =
148 { 'S','e','L','o','a','d','D','r','i','v','e','r','P','r','i','v','i','l','e','g','e',0 };
149 static const WCHAR SE_SYSTEM_PROFILE_NAME_W
[] =
150 { 'S','e','S','y','s','t','e','m','P','r','o','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
151 static const WCHAR SE_SYSTEMTIME_NAME_W
[] =
152 { 'S','e','S','y','s','t','e','m','t','i','m','e','P','r','i','v','i','l','e','g','e',0 };
153 static const WCHAR SE_PROF_SINGLE_PROCESS_NAME_W
[] =
154 { 'S','e','P','r','o','f','i','l','e','S','i','n','g','l','e','P','r','o','c','e','s','s','P','r','i','v','i','l','e','g','e',0 };
155 static const WCHAR SE_INC_BASE_PRIORITY_NAME_W
[] =
156 { 'S','e','I','n','c','r','e','a','s','e','B','a','s','e','P','r','i','o','r','i','t','y','P','r','i','v','i','l','e','g','e',0 };
157 static const WCHAR SE_CREATE_PAGEFILE_NAME_W
[] =
158 { 'S','e','C','r','e','a','t','e','P','a','g','e','f','i','l','e','P','r','i','v','i','l','e','g','e',0 };
159 static const WCHAR SE_CREATE_PERMANENT_NAME_W
[] =
160 { 'S','e','C','r','e','a','t','e','P','e','r','m','a','n','e','n','t','P','r','i','v','i','l','e','g','e',0 };
161 static const WCHAR SE_BACKUP_NAME_W
[] =
162 { 'S','e','B','a','c','k','u','p','P','r','i','v','i','l','e','g','e',0 };
163 static const WCHAR SE_RESTORE_NAME_W
[] =
164 { 'S','e','R','e','s','t','o','r','e','P','r','i','v','i','l','e','g','e',0 };
165 static const WCHAR SE_SHUTDOWN_NAME_W
[] =
166 { 'S','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
167 static const WCHAR SE_DEBUG_NAME_W
[] =
168 { 'S','e','D','e','b','u','g','P','r','i','v','i','l','e','g','e',0 };
169 static const WCHAR SE_AUDIT_NAME_W
[] =
170 { 'S','e','A','u','d','i','t','P','r','i','v','i','l','e','g','e',0 };
171 static const WCHAR SE_SYSTEM_ENVIRONMENT_NAME_W
[] =
172 { 'S','e','S','y','s','t','e','m','E','n','v','i','r','o','n','m','e','n','t','P','r','i','v','i','l','e','g','e',0 };
173 static const WCHAR SE_CHANGE_NOTIFY_NAME_W
[] =
174 { 'S','e','C','h','a','n','g','e','N','o','t','i','f','y','P','r','i','v','i','l','e','g','e',0 };
175 static const WCHAR SE_REMOTE_SHUTDOWN_NAME_W
[] =
176 { 'S','e','R','e','m','o','t','e','S','h','u','t','d','o','w','n','P','r','i','v','i','l','e','g','e',0 };
177 static const WCHAR SE_UNDOCK_NAME_W
[] =
178 { 'S','e','U','n','d','o','c','k','P','r','i','v','i','l','e','g','e',0 };
179 static const WCHAR SE_SYNC_AGENT_NAME_W
[] =
180 { 'S','e','S','y','n','c','A','g','e','n','t','P','r','i','v','i','l','e','g','e',0 };
181 static const WCHAR SE_ENABLE_DELEGATION_NAME_W
[] =
182 { 'S','e','E','n','a','b','l','e','D','e','l','e','g','a','t','i','o','n','P','r','i','v','i','l','e','g','e',0 };
183 static const WCHAR SE_MANAGE_VOLUME_NAME_W
[] =
184 { 'S','e','M','a','n','a','g','e','V','o','l','u','m','e','P','r','i','v','i','l','e','g','e',0 };
185 static const WCHAR SE_IMPERSONATE_NAME_W
[] =
186 { 'S','e','I','m','p','e','r','s','o','n','a','t','e','P','r','i','v','i','l','e','g','e',0 };
187 static const WCHAR SE_CREATE_GLOBAL_NAME_W
[] =
188 { 'S','e','C','r','e','a','t','e','G','l','o','b','a','l','P','r','i','v','i','l','e','g','e',0 };
190 static const WCHAR
* const WellKnownPrivNames
[SE_MAX_WELL_KNOWN_PRIVILEGE
+ 1] =
194 SE_CREATE_TOKEN_NAME_W
,
195 SE_ASSIGNPRIMARYTOKEN_NAME_W
,
196 SE_LOCK_MEMORY_NAME_W
,
197 SE_INCREASE_QUOTA_NAME_W
,
198 SE_MACHINE_ACCOUNT_NAME_W
,
201 SE_TAKE_OWNERSHIP_NAME_W
,
202 SE_LOAD_DRIVER_NAME_W
,
203 SE_SYSTEM_PROFILE_NAME_W
,
204 SE_SYSTEMTIME_NAME_W
,
205 SE_PROF_SINGLE_PROCESS_NAME_W
,
206 SE_INC_BASE_PRIORITY_NAME_W
,
207 SE_CREATE_PAGEFILE_NAME_W
,
208 SE_CREATE_PERMANENT_NAME_W
,
214 SE_SYSTEM_ENVIRONMENT_NAME_W
,
215 SE_CHANGE_NOTIFY_NAME_W
,
216 SE_REMOTE_SHUTDOWN_NAME_W
,
218 SE_SYNC_AGENT_NAME_W
,
219 SE_ENABLE_DELEGATION_NAME_W
,
220 SE_MANAGE_VOLUME_NAME_W
,
221 SE_IMPERSONATE_NAME_W
,
222 SE_CREATE_GLOBAL_NAME_W
,
226 /* Interface to ntmarta.dll ***************************************************/
228 NTMARTA NtMartaStatic
= { 0 };
229 static PNTMARTA NtMarta
= NULL
;
231 #define FindNtMartaProc(Name) \
232 NtMartaStatic.Name = (PVOID)GetProcAddress(NtMartaStatic.hDllInstance, \
234 if (NtMartaStatic.Name == NULL) \
236 return GetLastError(); \
241 LoadAndInitializeNtMarta(VOID
)
243 /* this code may be executed simultaneously by multiple threads in case they're
244 trying to initialize the interface at the same time, but that's no problem
245 because the pointers returned by GetProcAddress will be the same. However,
246 only one of the threads will change the NtMarta pointer to the NtMartaStatic
247 structure, the others threads will detect that there were other threads
248 initializing the structure faster and will release the reference to the
251 NtMartaStatic
.hDllInstance
= LoadLibraryW(L
"ntmarta.dll");
252 if (NtMartaStatic
.hDllInstance
== NULL
)
254 return GetLastError();
258 FindNtMartaProc(LookupAccountTrustee
);
259 FindNtMartaProc(LookupAccountName
);
260 FindNtMartaProc(LookupAccountSid
);
261 FindNtMartaProc(SetEntriesInAList
);
262 FindNtMartaProc(ConvertAccessToSecurityDescriptor
);
263 FindNtMartaProc(ConvertSDToAccess
);
264 FindNtMartaProc(ConvertAclToAccess
);
265 FindNtMartaProc(GetAccessForTrustee
);
266 FindNtMartaProc(GetExplicitEntries
);
268 FindNtMartaProc(RewriteGetNamedRights
);
269 FindNtMartaProc(RewriteSetNamedRights
);
270 FindNtMartaProc(RewriteGetHandleRights
);
271 FindNtMartaProc(RewriteSetHandleRights
);
272 FindNtMartaProc(RewriteSetEntriesInAcl
);
273 FindNtMartaProc(RewriteGetExplicitEntriesFromAcl
);
274 FindNtMartaProc(TreeResetNamedSecurityInfo
);
275 FindNtMartaProc(GetInheritanceSource
);
276 FindNtMartaProc(FreeIndexArray
);
278 return ERROR_SUCCESS
;
283 CheckNtMartaPresent(VOID
)
287 if (InterlockedCompareExchangePointer(&NtMarta
,
291 /* we're the first one trying to use ntmarta, initialize it and change
292 the pointer after initialization */
293 ErrorCode
= LoadAndInitializeNtMarta();
295 if (ErrorCode
== ERROR_SUCCESS
)
297 /* try change the NtMarta pointer */
298 if (InterlockedCompareExchangePointer(&NtMarta
,
302 /* another thread initialized ntmarta in the meanwhile, release
303 the reference of the dll loaded. */
304 FreeLibrary(NtMartaStatic
.hDllInstance
);
310 ERR("Failed to initialize ntmarta.dll! Error: 0x%x", ErrorCode
);
316 /* ntmarta was already initialized */
317 ErrorCode
= ERROR_SUCCESS
;
327 if (InterlockedExchangePointer(&NtMarta
,
330 FreeLibrary(NtMartaStatic
.hDllInstance
);
335 /******************************************************************************/
342 AreAllAccessesGranted(DWORD GrantedAccess
,
345 return (BOOL
)RtlAreAllAccessesGranted(GrantedAccess
,
355 AreAnyAccessesGranted(DWORD GrantedAccess
,
358 return (BOOL
)RtlAreAnyAccessesGranted(GrantedAccess
,
363 /************************************************************
364 * ADVAPI_IsLocalComputer
366 * Checks whether the server name indicates local machine.
368 BOOL
ADVAPI_IsLocalComputer(LPCWSTR ServerName
)
370 DWORD dwSize
= MAX_COMPUTERNAME_LENGTH
+ 1;
374 if (!ServerName
|| !ServerName
[0])
377 buf
= HeapAlloc(GetProcessHeap(), 0, dwSize
* sizeof(WCHAR
));
378 Result
= GetComputerNameW(buf
, &dwSize
);
379 if (Result
&& (ServerName
[0] == '\\') && (ServerName
[1] == '\\'))
381 Result
= Result
&& !lstrcmpW(ServerName
, buf
);
382 HeapFree(GetProcessHeap(), 0, buf
);
388 /******************************************************************************
389 * GetFileSecurityA [ADVAPI32.@]
391 * Obtains Specified information about the security of a file or directory.
394 * lpFileName [I] Name of the file to get info for
395 * RequestedInformation [I] SE_ flags from "winnt.h"
396 * pSecurityDescriptor [O] Destination for security information
397 * nLength [I] Length of pSecurityDescriptor
398 * lpnLengthNeeded [O] Destination for length of returned security information
401 * Success: TRUE. pSecurityDescriptor contains the requested information.
402 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
405 * The information returned is constrained by the callers access rights and
412 GetFileSecurityA(LPCSTR lpFileName
,
413 SECURITY_INFORMATION RequestedInformation
,
414 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
416 LPDWORD lpnLengthNeeded
)
418 UNICODE_STRING FileName
;
422 Status
= RtlCreateUnicodeStringFromAsciiz(&FileName
,
424 if (!NT_SUCCESS(Status
))
426 SetLastError(RtlNtStatusToDosError(Status
));
430 bResult
= GetFileSecurityW(FileName
.Buffer
,
431 RequestedInformation
,
436 RtlFreeUnicodeString(&FileName
);
447 GetFileSecurityW(LPCWSTR lpFileName
,
448 SECURITY_INFORMATION RequestedInformation
,
449 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
451 LPDWORD lpnLengthNeeded
)
453 OBJECT_ATTRIBUTES ObjectAttributes
;
454 IO_STATUS_BLOCK StatusBlock
;
455 UNICODE_STRING FileName
;
456 ULONG AccessMask
= 0;
460 TRACE("GetFileSecurityW() called\n");
462 QuerySecurityAccessMask(RequestedInformation
, &AccessMask
);
464 if (!RtlDosPathNameToNtPathName_U(lpFileName
,
469 ERR("Invalid path\n");
470 SetLastError(ERROR_INVALID_NAME
);
474 InitializeObjectAttributes(&ObjectAttributes
,
476 OBJ_CASE_INSENSITIVE
,
480 Status
= NtOpenFile(&FileHandle
,
484 FILE_SHARE_READ
| FILE_SHARE_WRITE
| FILE_SHARE_DELETE
,
487 RtlFreeHeap(RtlGetProcessHeap(),
491 if (!NT_SUCCESS(Status
))
493 ERR("NtOpenFile() failed (Status %lx)\n", Status
);
494 SetLastError(RtlNtStatusToDosError(Status
));
498 Status
= NtQuerySecurityObject(FileHandle
,
499 RequestedInformation
,
504 if (!NT_SUCCESS(Status
))
506 ERR("NtQuerySecurityObject() failed (Status %lx)\n", Status
);
507 SetLastError(RtlNtStatusToDosError(Status
));
520 GetKernelObjectSecurity(HANDLE Handle
,
521 SECURITY_INFORMATION RequestedInformation
,
522 PSECURITY_DESCRIPTOR pSecurityDescriptor
,
524 LPDWORD lpnLengthNeeded
)
528 Status
= NtQuerySecurityObject(Handle
,
529 RequestedInformation
,
533 if (!NT_SUCCESS(Status
))
535 SetLastError(RtlNtStatusToDosError(Status
));
543 /******************************************************************************
544 * SetFileSecurityA [ADVAPI32.@]
545 * Sets the security of a file or directory
551 SetFileSecurityA(LPCSTR lpFileName
,
552 SECURITY_INFORMATION SecurityInformation
,
553 PSECURITY_DESCRIPTOR pSecurityDescriptor
)
555 UNICODE_STRING FileName
;
559 Status
= RtlCreateUnicodeStringFromAsciiz(&FileName
,
561 if (!NT_SUCCESS(Status
))
563 SetLastError(RtlNtStatusToDosError(Status
));
567 bResult
= SetFileSecurityW(FileName
.Buffer
,
569 pSecurityDescriptor
);
571 RtlFreeUnicodeString(&FileName
);
577 /******************************************************************************
578 * SetFileSecurityW [ADVAPI32.@]
579 * Sets the security of a file or directory
585 SetFileSecurityW(LPCWSTR lpFileName
,
586 SECURITY_INFORMATION SecurityInformation
,
587 PSECURITY_DESCRIPTOR pSecurityDescriptor
)
589 OBJECT_ATTRIBUTES ObjectAttributes
;
590 IO_STATUS_BLOCK StatusBlock
;
591 UNICODE_STRING FileName
;
592 ULONG AccessMask
= 0;
596 TRACE("SetFileSecurityW() called\n");
598 SetSecurityAccessMask(SecurityInformation
, &AccessMask
);
600 if (!RtlDosPathNameToNtPathName_U(lpFileName
,
605 ERR("Invalid path\n");
606 SetLastError(ERROR_INVALID_NAME
);
610 InitializeObjectAttributes(&ObjectAttributes
,
612 OBJ_CASE_INSENSITIVE
,
616 Status
= NtOpenFile(&FileHandle
,
620 FILE_SHARE_READ
| FILE_SHARE_WRITE
| FILE_SHARE_DELETE
,
623 RtlFreeHeap(RtlGetProcessHeap(),
627 if (!NT_SUCCESS(Status
))
629 ERR("NtOpenFile() failed (Status %lx)\n", Status
);
630 SetLastError(RtlNtStatusToDosError(Status
));
634 Status
= NtSetSecurityObject(FileHandle
,
636 pSecurityDescriptor
);
639 if (!NT_SUCCESS(Status
))
641 ERR("NtSetSecurityObject() failed (Status %lx)\n", Status
);
642 SetLastError(RtlNtStatusToDosError(Status
));
655 SetKernelObjectSecurity(HANDLE Handle
,
656 SECURITY_INFORMATION SecurityInformation
,
657 PSECURITY_DESCRIPTOR SecurityDescriptor
)
661 Status
= NtSetSecurityObject(Handle
,
664 if (!NT_SUCCESS(Status
))
666 SetLastError(RtlNtStatusToDosError(Status
));
679 ImpersonateAnonymousToken(IN HANDLE ThreadHandle
)
683 Status
= NtImpersonateAnonymousToken(ThreadHandle
);
684 if (!NT_SUCCESS(Status
))
686 SetLastError(RtlNtStatusToDosError(Status
));
699 ImpersonateLoggedOnUser(HANDLE hToken
)
701 SECURITY_QUALITY_OF_SERVICE Qos
;
702 OBJECT_ATTRIBUTES ObjectAttributes
;
709 /* Get the token type */
710 Status
= NtQueryInformationToken(hToken
,
715 if (!NT_SUCCESS(Status
))
717 SetLastError(RtlNtStatusToDosError(Status
));
721 if (Type
== TokenPrimary
)
723 /* Create a duplicate impersonation token */
724 Qos
.Length
= sizeof(SECURITY_QUALITY_OF_SERVICE
);
725 Qos
.ImpersonationLevel
= SecurityImpersonation
;
726 Qos
.ContextTrackingMode
= SECURITY_DYNAMIC_TRACKING
;
727 Qos
.EffectiveOnly
= FALSE
;
729 ObjectAttributes
.Length
= sizeof(OBJECT_ATTRIBUTES
);
730 ObjectAttributes
.RootDirectory
= NULL
;
731 ObjectAttributes
.ObjectName
= NULL
;
732 ObjectAttributes
.Attributes
= 0;
733 ObjectAttributes
.SecurityDescriptor
= NULL
;
734 ObjectAttributes
.SecurityQualityOfService
= &Qos
;
736 Status
= NtDuplicateToken(hToken
,
737 TOKEN_IMPERSONATE
| TOKEN_QUERY
,
742 if (!NT_SUCCESS(Status
))
744 SetLastError(RtlNtStatusToDosError(Status
));
752 /* User the original impersonation token */
757 /* Impersonate the the current thread */
758 Status
= NtSetInformationThread(NtCurrentThread(),
759 ThreadImpersonationToken
,
763 if (Duplicated
== TRUE
)
768 if (!NT_SUCCESS(Status
))
770 SetLastError(RtlNtStatusToDosError(Status
));
783 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel
)
787 Status
= RtlImpersonateSelf(ImpersonationLevel
);
788 if (!NT_SUCCESS(Status
))
790 SetLastError(RtlNtStatusToDosError(Status
));
808 Status
= NtSetInformationThread(NtCurrentThread(),
809 ThreadImpersonationToken
,
812 if (!NT_SUCCESS(Status
))
814 SetLastError(RtlNtStatusToDosError(Status
));
822 /******************************************************************************
823 * GetUserNameA [ADVAPI32.@]
825 * Get the current user name.
828 * lpszName [O] Destination for the user name.
829 * lpSize [I/O] Size of lpszName.
836 GetUserNameA(LPSTR lpszName
,
839 UNICODE_STRING NameW
;
843 /* apparently Win doesn't check whether lpSize is valid at all! */
845 NameW
.MaximumLength
= (*lpSize
) * sizeof(WCHAR
);
846 NameW
.Buffer
= LocalAlloc(LMEM_FIXED
, NameW
.MaximumLength
);
847 if(NameW
.Buffer
== NULL
)
849 SetLastError(ERROR_NOT_ENOUGH_MEMORY
);
854 NameA
.MaximumLength
= ((*lpSize
) < 0xFFFF ? (USHORT
)(*lpSize
) : 0xFFFF);
855 NameA
.Buffer
= lpszName
;
857 Ret
= GetUserNameW(NameW
.Buffer
,
861 NameW
.Length
= (*lpSize
- 1) * sizeof(WCHAR
);
862 RtlUnicodeStringToAnsiString(&NameA
, &NameW
, FALSE
);
864 *lpSize
= NameA
.Length
+ 1;
867 LocalFree(NameW
.Buffer
);
873 /******************************************************************************
874 * GetUserNameW [ADVAPI32.@]
882 GetUserNameW(LPWSTR lpszName
,
885 HANDLE hToken
= INVALID_HANDLE_VALUE
;
888 TOKEN_USER
* token_user
= NULL
;
890 SID_NAME_USE snu
= SidTypeUser
;
891 WCHAR
* domain_name
= NULL
;
894 if ( !OpenThreadToken ( GetCurrentThread(), TOKEN_QUERY
, FALSE
, &hToken
) )
896 DWORD dwLastError
= GetLastError();
897 if ( dwLastError
!= ERROR_NO_TOKEN
898 && dwLastError
!= ERROR_NO_IMPERSONATION_TOKEN
)
900 /* don't call SetLastError(),
901 as OpenThreadToken() ought to have set one */
904 if ( !OpenProcessToken ( GetCurrentProcess(), TOKEN_QUERY
, &hToken
) )
906 /* don't call SetLastError(),
907 as OpenProcessToken() ought to have set one */
911 tu_buf
= LocalAlloc ( LMEM_FIXED
, 36 );
914 SetLastError ( ERROR_NOT_ENOUGH_MEMORY
);
915 CloseHandle ( hToken
);
918 if ( !GetTokenInformation ( hToken
, TokenUser
, tu_buf
, 36, &tu_len
) || tu_len
> 36 )
920 LocalFree ( tu_buf
);
921 tu_buf
= LocalAlloc ( LMEM_FIXED
, tu_len
);
924 SetLastError ( ERROR_NOT_ENOUGH_MEMORY
);
925 CloseHandle ( hToken
);
928 if ( !GetTokenInformation ( hToken
, TokenUser
, tu_buf
, tu_len
, &tu_len
) )
930 /* don't call SetLastError(),
931 as GetTokenInformation() ought to have set one */
932 LocalFree ( tu_buf
);
933 CloseHandle ( hToken
);
937 CloseHandle ( hToken
);
938 token_user
= (TOKEN_USER
*)tu_buf
;
942 domain_name
= LocalAlloc ( LMEM_FIXED
, dn_len
* sizeof(WCHAR
) );
945 LocalFree ( tu_buf
);
946 SetLastError ( ERROR_NOT_ENOUGH_MEMORY
);
949 if ( !LookupAccountSidW ( NULL
, token_user
->User
.Sid
, lpszName
, &an_len
, domain_name
, &dn_len
, &snu
)
954 LocalFree ( domain_name
);
955 domain_name
= LocalAlloc ( LMEM_FIXED
, dn_len
* sizeof(WCHAR
) );
958 LocalFree ( tu_buf
);
959 SetLastError ( ERROR_NOT_ENOUGH_MEMORY
);
964 if ( !LookupAccountSidW ( NULL
, token_user
->User
.Sid
, lpszName
, &an_len
, domain_name
, &dn_len
, &snu
) )
966 /* don't call SetLastError(),
967 as LookupAccountSid() ought to have set one */
968 LocalFree ( domain_name
);
969 LocalFree ( tu_buf
);
975 LocalFree ( domain_name
);
976 LocalFree ( tu_buf
);
977 *lpSize
= an_len
+ 1;
982 /******************************************************************************
983 * LookupAccountSidA [ADVAPI32.@]
989 LookupAccountSidA(LPCSTR lpSystemName
,
993 LPSTR lpReferencedDomainName
,
994 LPDWORD cchReferencedDomainName
,
997 UNICODE_STRING NameW
, ReferencedDomainNameW
, SystemNameW
;
998 DWORD szName
, szReferencedDomainName
;
1002 * save the buffer sizes the caller passed to us, as they may get modified and
1003 * we require the original values when converting back to ansi
1006 szReferencedDomainName
= *cchReferencedDomainName
;
1009 * allocate buffers for the unicode strings to receive
1015 NameW
.MaximumLength
= szName
* sizeof(WCHAR
);
1016 NameW
.Buffer
= (PWSTR
)LocalAlloc(LMEM_FIXED
, NameW
.MaximumLength
);
1017 if(NameW
.Buffer
== NULL
)
1019 SetLastError(ERROR_OUTOFMEMORY
);
1024 NameW
.Buffer
= NULL
;
1026 if(szReferencedDomainName
> 0)
1028 ReferencedDomainNameW
.Length
= 0;
1029 ReferencedDomainNameW
.MaximumLength
= szReferencedDomainName
* sizeof(WCHAR
);
1030 ReferencedDomainNameW
.Buffer
= (PWSTR
)LocalAlloc(LMEM_FIXED
, ReferencedDomainNameW
.MaximumLength
);
1031 if(ReferencedDomainNameW
.Buffer
== NULL
)
1035 LocalFree(NameW
.Buffer
);
1037 SetLastError(ERROR_OUTOFMEMORY
);
1042 ReferencedDomainNameW
.Buffer
= NULL
;
1045 * convert the system name to unicode - if present
1048 if(lpSystemName
!= NULL
)
1050 ANSI_STRING SystemNameA
;
1052 RtlInitAnsiString(&SystemNameA
, lpSystemName
);
1053 RtlAnsiStringToUnicodeString(&SystemNameW
, &SystemNameA
, TRUE
);
1056 SystemNameW
.Buffer
= NULL
;
1059 * it's time to call the unicode version
1062 Ret
= LookupAccountSidW(SystemNameW
.Buffer
,
1066 ReferencedDomainNameW
.Buffer
,
1067 cchReferencedDomainName
,
1072 * convert unicode strings back to ansi, don't forget that we can't convert
1073 * more than 0xFFFF (USHORT) characters! Also don't forget to explicitly
1074 * terminate the converted string, the Rtl functions don't do that!
1081 NameA
.MaximumLength
= ((szName
<= 0xFFFF) ? (USHORT
)szName
: 0xFFFF);
1082 NameA
.Buffer
= lpName
;
1084 RtlUnicodeStringToAnsiString(&NameA
, &NameW
, FALSE
);
1085 NameA
.Buffer
[NameA
.Length
] = '\0';
1088 if(lpReferencedDomainName
!= NULL
)
1090 ANSI_STRING ReferencedDomainNameA
;
1092 ReferencedDomainNameA
.Length
= 0;
1093 ReferencedDomainNameA
.MaximumLength
= ((szReferencedDomainName
<= 0xFFFF) ?
1094 (USHORT
)szReferencedDomainName
: 0xFFFF);
1095 ReferencedDomainNameA
.Buffer
= lpReferencedDomainName
;
1097 RtlUnicodeStringToAnsiString(&ReferencedDomainNameA
, &ReferencedDomainNameW
, FALSE
);
1098 ReferencedDomainNameA
.Buffer
[ReferencedDomainNameA
.Length
] = '\0';
1103 * free previously allocated buffers
1106 if(SystemNameW
.Buffer
!= NULL
)
1108 RtlFreeUnicodeString(&SystemNameW
);
1110 if(NameW
.Buffer
!= NULL
)
1112 LocalFree(NameW
.Buffer
);
1114 if(ReferencedDomainNameW
.Buffer
!= NULL
)
1116 LocalFree(ReferencedDomainNameW
.Buffer
);
1123 /******************************************************************************
1124 * LookupAccountSidW [ADVAPI32.@]
1129 LookupAccountSidW(LPCWSTR pSystemName
,
1131 LPWSTR pAccountName
,
1132 LPDWORD pdwAccountName
,
1134 LPDWORD pdwDomainName
,
1135 PSID_NAME_USE peUse
)
1137 LSA_UNICODE_STRING SystemName
;
1138 LSA_OBJECT_ATTRIBUTES ObjectAttributes
= {0};
1139 LSA_HANDLE PolicyHandle
= NULL
;
1141 PLSA_REFERENCED_DOMAIN_LIST ReferencedDomain
= NULL
;
1142 PLSA_TRANSLATED_NAME TranslatedName
= NULL
;
1145 RtlInitUnicodeString ( &SystemName
, pSystemName
);
1146 Status
= LsaOpenPolicy ( &SystemName
, &ObjectAttributes
, POLICY_LOOKUP_NAMES
, &PolicyHandle
);
1147 if ( !NT_SUCCESS(Status
) )
1149 SetLastError ( LsaNtStatusToWinError(Status
) );
1152 Status
= LsaLookupSids ( PolicyHandle
, 1, &pSid
, &ReferencedDomain
, &TranslatedName
);
1154 LsaClose ( PolicyHandle
);
1156 if ( !NT_SUCCESS(Status
) || Status
== STATUS_SOME_NOT_MAPPED
)
1158 SetLastError ( LsaNtStatusToWinError(Status
) );
1164 if ( TranslatedName
)
1166 DWORD dwSrcLen
= TranslatedName
->Name
.Length
/ sizeof(WCHAR
);
1167 if ( *pdwAccountName
<= dwSrcLen
)
1169 *pdwAccountName
= dwSrcLen
+ 1;
1174 *pdwAccountName
= dwSrcLen
;
1177 RtlCopyMemory ( pAccountName
, TranslatedName
->Name
.Buffer
, TranslatedName
->Name
.Length
);
1178 pAccountName
[TranslatedName
->Name
.Length
/ sizeof(WCHAR
)] = L
'\0';
1182 *peUse
= TranslatedName
->Use
;
1185 if ( ReferencedDomain
)
1187 if ( ReferencedDomain
->Entries
> 0 )
1189 DWORD dwSrcLen
= ReferencedDomain
->Domains
[0].Name
.Length
/ sizeof(WCHAR
);
1190 if ( *pdwDomainName
<= dwSrcLen
)
1192 *pdwDomainName
= dwSrcLen
+ 1;
1197 *pdwDomainName
= dwSrcLen
;
1198 RtlCopyMemory ( pDomainName
, ReferencedDomain
->Domains
[0].Name
.Buffer
, ReferencedDomain
->Domains
[0].Name
.Length
);
1199 pDomainName
[ReferencedDomain
->Domains
[0].Name
.Length
/ sizeof(WCHAR
)] = L
'\0';
1205 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1208 if ( ReferencedDomain
)
1209 LsaFreeMemory ( ReferencedDomain
);
1210 if ( TranslatedName
)
1211 LsaFreeMemory ( TranslatedName
);
1218 /******************************************************************************
1219 * LookupAccountNameA [ADVAPI32.@]
1225 LookupAccountNameA(LPCSTR SystemName
,
1229 LPSTR ReferencedDomainName
,
1230 LPDWORD hReferencedDomainNameLength
,
1231 PSID_NAME_USE SidNameUse
)
1234 UNICODE_STRING lpSystemW
;
1235 UNICODE_STRING lpAccountW
;
1236 LPWSTR lpReferencedDomainNameW
= NULL
;
1238 RtlCreateUnicodeStringFromAsciiz(&lpSystemW
, SystemName
);
1239 RtlCreateUnicodeStringFromAsciiz(&lpAccountW
, AccountName
);
1241 if (ReferencedDomainName
)
1242 lpReferencedDomainNameW
= HeapAlloc(GetProcessHeap(),
1244 *hReferencedDomainNameLength
* sizeof(WCHAR
));
1246 ret
= LookupAccountNameW(lpSystemW
.Buffer
,
1250 lpReferencedDomainNameW
,
1251 hReferencedDomainNameLength
,
1254 if (ret
&& lpReferencedDomainNameW
)
1256 WideCharToMultiByte(CP_ACP
,
1258 lpReferencedDomainNameW
,
1259 *hReferencedDomainNameLength
,
1260 ReferencedDomainName
,
1261 *hReferencedDomainNameLength
,
1266 RtlFreeUnicodeString(&lpSystemW
);
1267 RtlFreeUnicodeString(&lpAccountW
);
1268 HeapFree(GetProcessHeap(), 0, lpReferencedDomainNameW
);
1274 /******************************************************************************
1275 * LookupAccountNameW [ADVAPI32.@]
1281 LookupAccountNameW(LPCWSTR lpSystemName
,
1282 LPCWSTR lpAccountName
,
1285 LPWSTR ReferencedDomainName
,
1286 LPDWORD cchReferencedDomainName
,
1287 PSID_NAME_USE peUse
)
1289 /* Default implementation: Always return a default SID */
1290 SID_IDENTIFIER_AUTHORITY identifierAuthority
= {SECURITY_NT_AUTHORITY
};
1293 static const WCHAR dm
[] = {'D','O','M','A','I','N',0};
1296 TRACE("%s %s %p %p %p %p %p - stub\n", lpSystemName
, lpAccountName
,
1297 Sid
, cbSid
, ReferencedDomainName
, cchReferencedDomainName
, peUse
);
1299 for (i
= 0; i
< (sizeof(ACCOUNT_SIDS
) / sizeof(ACCOUNT_SIDS
[0])); i
++)
1301 if (!wcscmp(lpAccountName
, ACCOUNT_SIDS
[i
].account
))
1303 if (*cchReferencedDomainName
)
1304 *ReferencedDomainName
= '\0';
1305 *cchReferencedDomainName
= 0;
1306 *peUse
= SidTypeWellKnownGroup
;
1307 return CreateWellKnownSid(ACCOUNT_SIDS
[i
].type
, NULL
, Sid
, cbSid
);
1311 ret
= AllocateAndInitializeSid(&identifierAuthority
,
1313 SECURITY_BUILTIN_DOMAIN_RID
,
1314 DOMAIN_ALIAS_RID_ADMINS
,
1321 if (!RtlValidSid(pSid
))
1327 if (Sid
!= NULL
&& (*cbSid
>= GetLengthSid(pSid
)))
1328 CopySid(*cbSid
, Sid
, pSid
);
1330 if (*cbSid
< GetLengthSid(pSid
))
1332 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1336 *cbSid
= GetLengthSid(pSid
);
1338 if (ReferencedDomainName
!= NULL
&& (*cchReferencedDomainName
> wcslen(dm
)))
1339 wcscpy(ReferencedDomainName
, dm
);
1341 if (*cchReferencedDomainName
<= wcslen(dm
))
1343 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1347 *cchReferencedDomainName
= wcslen(dm
)+1;
1355 /**********************************************************************
1356 * LookupPrivilegeValueA EXPORTED
1362 LookupPrivilegeValueA(LPCSTR lpSystemName
,
1366 UNICODE_STRING SystemName
;
1367 UNICODE_STRING Name
;
1370 /* Remote system? */
1371 if (lpSystemName
!= NULL
)
1373 RtlCreateUnicodeStringFromAsciiz(&SystemName
,
1374 (LPSTR
)lpSystemName
);
1377 SystemName
.Buffer
= NULL
;
1379 /* Check the privilege name is not NULL */
1382 SetLastError(ERROR_NO_SUCH_PRIVILEGE
);
1386 RtlCreateUnicodeStringFromAsciiz(&Name
,
1389 Result
= LookupPrivilegeValueW(SystemName
.Buffer
,
1393 RtlFreeUnicodeString(&Name
);
1395 /* Remote system? */
1396 if (SystemName
.Buffer
!= NULL
)
1398 RtlFreeUnicodeString(&SystemName
);
1405 /**********************************************************************
1406 * LookupPrivilegeValueW EXPORTED
1412 LookupPrivilegeValueW(LPCWSTR SystemName
,
1416 static const WCHAR
* const DefaultPrivNames
[] =
1418 L
"SeCreateTokenPrivilege",
1419 L
"SeAssignPrimaryTokenPrivilege",
1420 L
"SeLockMemoryPrivilege",
1421 L
"SeIncreaseQuotaPrivilege",
1422 L
"SeUnsolicitedInputPrivilege",
1423 L
"SeMachineAccountPrivilege",
1425 L
"SeSecurityPrivilege",
1426 L
"SeTakeOwnershipPrivilege",
1427 L
"SeLoadDriverPrivilege",
1428 L
"SeSystemProfilePrivilege",
1429 L
"SeSystemtimePrivilege",
1430 L
"SeProfileSingleProcessPrivilege",
1431 L
"SeIncreaseBasePriorityPrivilege",
1432 L
"SeCreatePagefilePrivilege",
1433 L
"SeCreatePermanentPrivilege",
1434 L
"SeBackupPrivilege",
1435 L
"SeRestorePrivilege",
1436 L
"SeShutdownPrivilege",
1437 L
"SeDebugPrivilege",
1438 L
"SeAuditPrivilege",
1439 L
"SeSystemEnvironmentPrivilege",
1440 L
"SeChangeNotifyPrivilege",
1441 L
"SeRemoteShutdownPrivilege",
1442 L
"SeUndockPrivilege",
1443 L
"SeSyncAgentPrivilege",
1444 L
"SeEnableDelegationPrivilege",
1445 L
"SeManageVolumePrivilege",
1446 L
"SeImpersonatePrivilege",
1447 L
"SeCreateGlobalPrivilege"
1451 if (NULL
!= SystemName
&& L
'\0' != *SystemName
)
1453 FIXME("LookupPrivilegeValueW: not implemented for remote system\n");
1454 SetLastError(ERROR_CALL_NOT_IMPLEMENTED
);
1458 for (Priv
= 0; Priv
< sizeof(DefaultPrivNames
) / sizeof(DefaultPrivNames
[0]); Priv
++)
1460 if (0 == wcsicmp(PrivName
, DefaultPrivNames
[Priv
]))
1462 Luid
->LowPart
= Priv
+ 1;
1468 WARN("LookupPrivilegeValueW: no such privilege %S\n", PrivName
);
1469 SetLastError(ERROR_NO_SUCH_PRIVILEGE
);
1474 /**********************************************************************
1475 * LookupPrivilegeDisplayNameA EXPORTED
1481 LookupPrivilegeDisplayNameA(LPCSTR lpSystemName
,
1483 LPSTR lpDisplayName
,
1484 LPDWORD cbDisplayName
,
1485 LPDWORD lpLanguageId
)
1487 FIXME("%s() not implemented!\n", __FUNCTION__
);
1488 SetLastError (ERROR_CALL_NOT_IMPLEMENTED
);
1493 /**********************************************************************
1494 * LookupPrivilegeDisplayNameW EXPORTED
1500 LookupPrivilegeDisplayNameW(LPCWSTR lpSystemName
,
1502 LPWSTR lpDisplayName
,
1503 LPDWORD cbDisplayName
,
1504 LPDWORD lpLanguageId
)
1506 FIXME("%s() not implemented!\n", __FUNCTION__
);
1507 SetLastError (ERROR_CALL_NOT_IMPLEMENTED
);
1512 /**********************************************************************
1513 * LookupPrivilegeNameA EXPORTED
1519 LookupPrivilegeNameA(LPCSTR lpSystemName
,
1524 UNICODE_STRING lpSystemNameW
;
1528 TRACE("%s %p %p %p\n", debugstr_a(lpSystemName
), lpLuid
, lpName
, cchName
);
1530 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW
, lpSystemName
);
1531 ret
= LookupPrivilegeNameW(lpSystemNameW
.Buffer
, lpLuid
, NULL
, &wLen
);
1532 if (!ret
&& GetLastError() == ERROR_INSUFFICIENT_BUFFER
)
1534 LPWSTR lpNameW
= HeapAlloc(GetProcessHeap(), 0, wLen
* sizeof(WCHAR
));
1536 ret
= LookupPrivilegeNameW(lpSystemNameW
.Buffer
, lpLuid
, lpNameW
,
1540 /* Windows crashes if cchName is NULL, so will I */
1541 unsigned int len
= WideCharToMultiByte(CP_ACP
, 0, lpNameW
, -1, lpName
,
1542 *cchName
, NULL
, NULL
);
1546 /* WideCharToMultiByte failed */
1549 else if (len
> *cchName
)
1552 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1557 /* WideCharToMultiByte succeeded, output length needs to be
1558 * length not including NULL terminator
1563 HeapFree(GetProcessHeap(), 0, lpNameW
);
1565 RtlFreeUnicodeString(&lpSystemNameW
);
1570 /**********************************************************************
1571 * LookupPrivilegeNameW EXPORTED
1577 LookupPrivilegeNameW(LPCWSTR lpSystemName
,
1584 TRACE("%s,%p,%p,%p\n",debugstr_w(lpSystemName
), lpLuid
, lpName
, cchName
);
1586 if (!ADVAPI_IsLocalComputer(lpSystemName
))
1588 SetLastError(RPC_S_SERVER_UNAVAILABLE
);
1591 if (lpLuid
->HighPart
|| (lpLuid
->LowPart
< SE_MIN_WELL_KNOWN_PRIVILEGE
||
1592 lpLuid
->LowPart
> SE_MAX_WELL_KNOWN_PRIVILEGE
))
1594 SetLastError(ERROR_NO_SUCH_PRIVILEGE
);
1597 privNameLen
= strlenW(WellKnownPrivNames
[lpLuid
->LowPart
]);
1598 /* Windows crashes if cchName is NULL, so will I */
1599 if (*cchName
<= privNameLen
)
1601 *cchName
= privNameLen
+ 1;
1602 SetLastError(ERROR_INSUFFICIENT_BUFFER
);
1607 strcpyW(lpName
, WellKnownPrivNames
[lpLuid
->LowPart
]);
1608 *cchName
= privNameLen
;
1615 pGetSecurityInfoCheck(SECURITY_INFORMATION SecurityInfo
,
1620 PSECURITY_DESCRIPTOR
* ppSecurityDescriptor
)
1622 if ((SecurityInfo
& (OWNER_SECURITY_INFORMATION
|
1623 GROUP_SECURITY_INFORMATION
|
1624 DACL_SECURITY_INFORMATION
|
1625 SACL_SECURITY_INFORMATION
)) &&
1626 ppSecurityDescriptor
== NULL
)
1628 /* if one of the SIDs or ACLs are present, the security descriptor
1630 return ERROR_INVALID_PARAMETER
;
1634 /* reset the pointers unless they're ignored */
1635 if ((SecurityInfo
& OWNER_SECURITY_INFORMATION
) &&
1640 if ((SecurityInfo
& GROUP_SECURITY_INFORMATION
) &&
1645 if ((SecurityInfo
& DACL_SECURITY_INFORMATION
) &&
1650 if ((SecurityInfo
& SACL_SECURITY_INFORMATION
) &&
1656 if (SecurityInfo
& (OWNER_SECURITY_INFORMATION
|
1657 GROUP_SECURITY_INFORMATION
|
1658 DACL_SECURITY_INFORMATION
|
1659 SACL_SECURITY_INFORMATION
))
1661 *ppSecurityDescriptor
= NULL
;
1664 return ERROR_SUCCESS
;
1670 pSetSecurityInfoCheck(PSECURITY_DESCRIPTOR pSecurityDescriptor
,
1671 SECURITY_INFORMATION SecurityInfo
,
1677 /* initialize a security descriptor on the stack */
1678 if (!InitializeSecurityDescriptor(pSecurityDescriptor
,
1679 SECURITY_DESCRIPTOR_REVISION
))
1681 return GetLastError();
1684 if (SecurityInfo
& OWNER_SECURITY_INFORMATION
)
1686 if (RtlValidSid(psidOwner
))
1688 if (!SetSecurityDescriptorOwner(pSecurityDescriptor
,
1692 return GetLastError();
1697 return ERROR_INVALID_PARAMETER
;
1701 if (SecurityInfo
& GROUP_SECURITY_INFORMATION
)
1703 if (RtlValidSid(psidGroup
))
1705 if (!SetSecurityDescriptorGroup(pSecurityDescriptor
,
1709 return GetLastError();
1714 return ERROR_INVALID_PARAMETER
;
1718 if (SecurityInfo
& DACL_SECURITY_INFORMATION
)
1722 if (SetSecurityDescriptorDacl(pSecurityDescriptor
,
1727 /* check if the DACL needs to be protected from being
1728 modified by inheritable ACEs */
1729 if (SecurityInfo
& PROTECTED_DACL_SECURITY_INFORMATION
)
1736 return GetLastError();
1742 /* protect the DACL from being modified by inheritable ACEs */
1743 if (!SetSecurityDescriptorControl(pSecurityDescriptor
,
1747 return GetLastError();
1752 if (SecurityInfo
& SACL_SECURITY_INFORMATION
)
1756 if (SetSecurityDescriptorSacl(pSecurityDescriptor
,
1761 /* check if the SACL needs to be protected from being
1762 modified by inheritable ACEs */
1763 if (SecurityInfo
& PROTECTED_SACL_SECURITY_INFORMATION
)
1770 return GetLastError();
1776 /* protect the SACL from being modified by inheritable ACEs */
1777 if (!SetSecurityDescriptorControl(pSecurityDescriptor
,
1781 return GetLastError();
1786 return ERROR_SUCCESS
;
1790 /**********************************************************************
1791 * GetNamedSecurityInfoW EXPORTED
1797 GetNamedSecurityInfoW(LPWSTR pObjectName
,
1798 SE_OBJECT_TYPE ObjectType
,
1799 SECURITY_INFORMATION SecurityInfo
,
1804 PSECURITY_DESCRIPTOR
*ppSecurityDescriptor
)
1808 if (pObjectName
!= NULL
)
1810 ErrorCode
= CheckNtMartaPresent();
1811 if (ErrorCode
== ERROR_SUCCESS
)
1813 ErrorCode
= pGetSecurityInfoCheck(SecurityInfo
,
1818 ppSecurityDescriptor
);
1820 if (ErrorCode
== ERROR_SUCCESS
)
1822 /* call the MARTA provider */
1823 ErrorCode
= AccRewriteGetNamedRights(pObjectName
,
1830 ppSecurityDescriptor
);
1835 ErrorCode
= ERROR_INVALID_PARAMETER
;
1841 /**********************************************************************
1842 * GetNamedSecurityInfoA EXPORTED
1848 GetNamedSecurityInfoA(LPSTR pObjectName
,
1849 SE_OBJECT_TYPE ObjectType
,
1850 SECURITY_INFORMATION SecurityInfo
,
1855 PSECURITY_DESCRIPTOR
*ppSecurityDescriptor
)
1857 UNICODE_STRING ObjectName
;
1861 Status
= RtlCreateUnicodeStringFromAsciiz(&ObjectName
,
1863 if (!NT_SUCCESS(Status
))
1865 return RtlNtStatusToDosError(Status
);
1868 Ret
= GetNamedSecurityInfoW(ObjectName
.Buffer
,
1875 ppSecurityDescriptor
);
1877 RtlFreeUnicodeString(&ObjectName
);
1883 /**********************************************************************
1884 * SetNamedSecurityInfoW EXPORTED
1890 SetNamedSecurityInfoW(LPWSTR pObjectName
,
1891 SE_OBJECT_TYPE ObjectType
,
1892 SECURITY_INFORMATION SecurityInfo
,
1900 if (pObjectName
!= NULL
)
1902 ErrorCode
= CheckNtMartaPresent();
1903 if (ErrorCode
== ERROR_SUCCESS
)
1905 SECURITY_DESCRIPTOR SecurityDescriptor
;
1907 ErrorCode
= pSetSecurityInfoCheck(&SecurityDescriptor
,
1914 if (ErrorCode
== ERROR_SUCCESS
)
1916 /* call the MARTA provider */
1917 ErrorCode
= AccRewriteSetNamedRights(pObjectName
,
1920 &SecurityDescriptor
);
1925 ErrorCode
= ERROR_INVALID_PARAMETER
;
1931 /**********************************************************************
1932 * SetNamedSecurityInfoA EXPORTED
1938 SetNamedSecurityInfoA(LPSTR pObjectName
,
1939 SE_OBJECT_TYPE ObjectType
,
1940 SECURITY_INFORMATION SecurityInfo
,
1946 UNICODE_STRING ObjectName
;
1950 Status
= RtlCreateUnicodeStringFromAsciiz(&ObjectName
,
1952 if (!NT_SUCCESS(Status
))
1954 return RtlNtStatusToDosError(Status
);
1957 Ret
= SetNamedSecurityInfoW(ObjectName
.Buffer
,
1965 RtlFreeUnicodeString(&ObjectName
);
1971 /**********************************************************************
1972 * GetSecurityInfo EXPORTED
1978 GetSecurityInfo(HANDLE handle
,
1979 SE_OBJECT_TYPE ObjectType
,
1980 SECURITY_INFORMATION SecurityInfo
,
1985 PSECURITY_DESCRIPTOR
*ppSecurityDescriptor
)
1991 ErrorCode
= CheckNtMartaPresent();
1992 if (ErrorCode
== ERROR_SUCCESS
)
1994 ErrorCode
= pGetSecurityInfoCheck(SecurityInfo
,
1999 ppSecurityDescriptor
);
2001 if (ErrorCode
== ERROR_SUCCESS
)
2003 /* call the MARTA provider */
2004 ErrorCode
= AccRewriteGetHandleRights(handle
,
2011 ppSecurityDescriptor
);
2016 ErrorCode
= ERROR_INVALID_HANDLE
;
2022 /**********************************************************************
2023 * SetSecurityInfo EXPORTED
2029 SetSecurityInfo(HANDLE handle
,
2030 SE_OBJECT_TYPE ObjectType
,
2031 SECURITY_INFORMATION SecurityInfo
,
2041 ErrorCode
= CheckNtMartaPresent();
2042 if (ErrorCode
== ERROR_SUCCESS
)
2044 SECURITY_DESCRIPTOR SecurityDescriptor
;
2046 ErrorCode
= pSetSecurityInfoCheck(&SecurityDescriptor
,
2053 if (ErrorCode
== ERROR_SUCCESS
)
2055 /* call the MARTA provider */
2056 ErrorCode
= AccRewriteSetHandleRights(handle
,
2059 &SecurityDescriptor
);
2064 ErrorCode
= ERROR_INVALID_HANDLE
;
2070 /******************************************************************************
2071 * GetSecurityInfoExW EXPORTED
2075 GetSecurityInfoExA(HANDLE hObject
,
2076 SE_OBJECT_TYPE ObjectType
,
2077 SECURITY_INFORMATION SecurityInfo
,
2080 PACTRL_ACCESSA
*ppAccessList
,
2081 PACTRL_AUDITA
*ppAuditList
,
2085 FIXME("%s() not implemented!\n", __FUNCTION__
);
2086 return ERROR_BAD_PROVIDER
;
2090 /******************************************************************************
2091 * GetSecurityInfoExW EXPORTED
2095 GetSecurityInfoExW(HANDLE hObject
,
2096 SE_OBJECT_TYPE ObjectType
,
2097 SECURITY_INFORMATION SecurityInfo
,
2100 PACTRL_ACCESSW
*ppAccessList
,
2101 PACTRL_AUDITW
*ppAuditList
,
2105 FIXME("%s() not implemented!\n", __FUNCTION__
);
2106 return ERROR_BAD_PROVIDER
;
2110 /**********************************************************************
2111 * ImpersonateNamedPipeClient EXPORTED
2117 ImpersonateNamedPipeClient(HANDLE hNamedPipe
)
2119 IO_STATUS_BLOCK StatusBlock
;
2122 TRACE("ImpersonateNamedPipeClient() called\n");
2124 Status
= NtFsControlFile(hNamedPipe
,
2129 FSCTL_PIPE_IMPERSONATE
,
2134 if (!NT_SUCCESS(Status
))
2136 SetLastError(RtlNtStatusToDosError(Status
));
2149 CreatePrivateObjectSecurity(PSECURITY_DESCRIPTOR ParentDescriptor
,
2150 PSECURITY_DESCRIPTOR CreatorDescriptor
,
2151 PSECURITY_DESCRIPTOR
*NewDescriptor
,
2152 BOOL IsDirectoryObject
,
2154 PGENERIC_MAPPING GenericMapping
)
2158 Status
= RtlNewSecurityObject(ParentDescriptor
,
2164 if (!NT_SUCCESS(Status
))
2166 SetLastError(RtlNtStatusToDosError(Status
));
2179 CreatePrivateObjectSecurityEx(PSECURITY_DESCRIPTOR ParentDescriptor
,
2180 PSECURITY_DESCRIPTOR CreatorDescriptor
,
2181 PSECURITY_DESCRIPTOR
* NewDescriptor
,
2183 BOOL IsContainerObject
,
2184 ULONG AutoInheritFlags
,
2186 PGENERIC_MAPPING GenericMapping
)
2188 FIXME("%s() not implemented!\n", __FUNCTION__
);
2198 CreatePrivateObjectSecurityWithMultipleInheritance(PSECURITY_DESCRIPTOR ParentDescriptor
,
2199 PSECURITY_DESCRIPTOR CreatorDescriptor
,
2200 PSECURITY_DESCRIPTOR
* NewDescriptor
,
2203 BOOL IsContainerObject
,
2204 ULONG AutoInheritFlags
,
2206 PGENERIC_MAPPING GenericMapping
)
2208 FIXME("%s() not implemented!\n", __FUNCTION__
);
2218 DestroyPrivateObjectSecurity(PSECURITY_DESCRIPTOR
*ObjectDescriptor
)
2222 Status
= RtlDeleteSecurityObject(ObjectDescriptor
);
2223 if (!NT_SUCCESS(Status
))
2225 SetLastError(RtlNtStatusToDosError(Status
));
2238 GetPrivateObjectSecurity(PSECURITY_DESCRIPTOR ObjectDescriptor
,
2239 SECURITY_INFORMATION SecurityInformation
,
2240 PSECURITY_DESCRIPTOR ResultantDescriptor
,
2241 DWORD DescriptorLength
,
2242 PDWORD ReturnLength
)
2246 Status
= RtlQuerySecurityObject(ObjectDescriptor
,
2247 SecurityInformation
,
2248 ResultantDescriptor
,
2251 if (!NT_SUCCESS(Status
))
2253 SetLastError(RtlNtStatusToDosError(Status
));
2266 SetPrivateObjectSecurity(SECURITY_INFORMATION SecurityInformation
,
2267 PSECURITY_DESCRIPTOR ModificationDescriptor
,
2268 PSECURITY_DESCRIPTOR
*ObjectsSecurityDescriptor
,
2269 PGENERIC_MAPPING GenericMapping
,
2274 Status
= RtlSetSecurityObject(SecurityInformation
,
2275 ModificationDescriptor
,
2276 ObjectsSecurityDescriptor
,
2279 if (!NT_SUCCESS(Status
))
2281 SetLastError(RtlNtStatusToDosError(Status
));
2294 TreeResetNamedSecurityInfoW(LPWSTR pObjectName
,
2295 SE_OBJECT_TYPE ObjectType
,
2296 SECURITY_INFORMATION SecurityInfo
,
2302 FN_PROGRESSW fnProgress
,
2303 PROG_INVOKE_SETTING ProgressInvokeSetting
,
2308 if (pObjectName
!= NULL
)
2310 ErrorCode
= CheckNtMartaPresent();
2311 if (ErrorCode
== ERROR_SUCCESS
)
2315 case SE_FILE_OBJECT
:
2316 case SE_REGISTRY_KEY
:
2318 /* check the SecurityInfo flags for sanity (both, the protected
2319 and unprotected dacl/sacl flag must not be passed together) */
2320 if (((SecurityInfo
& DACL_SECURITY_INFORMATION
) &&
2321 (SecurityInfo
& (PROTECTED_DACL_SECURITY_INFORMATION
| UNPROTECTED_DACL_SECURITY_INFORMATION
)) ==
2322 (PROTECTED_DACL_SECURITY_INFORMATION
| UNPROTECTED_DACL_SECURITY_INFORMATION
))
2326 ((SecurityInfo
& SACL_SECURITY_INFORMATION
) &&
2327 (SecurityInfo
& (PROTECTED_SACL_SECURITY_INFORMATION
| UNPROTECTED_SACL_SECURITY_INFORMATION
)) ==
2328 (PROTECTED_SACL_SECURITY_INFORMATION
| UNPROTECTED_SACL_SECURITY_INFORMATION
)))
2330 ErrorCode
= ERROR_INVALID_PARAMETER
;
2334 /* call the MARTA provider */
2335 ErrorCode
= AccTreeResetNamedSecurityInfo(pObjectName
,
2344 ProgressInvokeSetting
,
2350 /* object type not supported */
2351 ErrorCode
= ERROR_INVALID_PARAMETER
;
2357 ErrorCode
= ERROR_INVALID_PARAMETER
;
2362 #ifdef HAS_FN_PROGRESSW
2364 typedef struct _INERNAL_FNPROGRESSW_DATA
2366 FN_PROGRESSA fnProgress
;
2368 } INERNAL_FNPROGRESSW_DATA
, *PINERNAL_FNPROGRESSW_DATA
;
2371 InternalfnProgressW(LPWSTR pObjectName
,
2373 PPROG_INVOKE_SETTING pInvokeSetting
,
2377 PINERNAL_FNPROGRESSW_DATA pifnProgressData
= (PINERNAL_FNPROGRESSW_DATA
)Args
;
2381 ObjectNameSize
= WideCharToMultiByte(CP_ACP
,
2390 if (ObjectNameSize
> 0)
2392 pObjectNameA
= RtlAllocateHeap(RtlGetProcessHeap(),
2395 if (pObjectNameA
!= NULL
)
2397 pObjectNameA
[0] = '\0';
2398 WideCharToMultiByte(CP_ACP
,
2407 pifnProgressData
->fnProgress((LPWSTR
)pObjectNameA
, /* FIXME: wrong cast!! */
2410 pifnProgressData
->Args
,
2413 RtlFreeHeap(RtlGetProcessHeap(),
2427 TreeResetNamedSecurityInfoA(LPSTR pObjectName
,
2428 SE_OBJECT_TYPE ObjectType
,
2429 SECURITY_INFORMATION SecurityInfo
,
2435 FN_PROGRESSA fnProgress
,
2436 PROG_INVOKE_SETTING ProgressInvokeSetting
,
2439 #ifndef HAS_FN_PROGRESSW
2440 /* That's all this function does, at least up to w2k3... Even MS was too
2441 lazy to implement it... */
2442 return ERROR_CALL_NOT_IMPLEMENTED
;
2444 INERNAL_FNPROGRESSW_DATA ifnProgressData
;
2445 UNICODE_STRING ObjectName
;
2449 Status
= RtlCreateUnicodeStringFromAsciiz(&ObjectName
,
2451 if (!NT_SUCCESS(Status
))
2453 return RtlNtStatusToDosError(Status
);
2456 ifnProgressData
.fnProgress
= fnProgress
;
2457 ifnProgressData
.Args
= Args
;
2459 Ret
= TreeResetNamedSecurityInfoW(ObjectName
.Buffer
,
2467 (fnProgress
!= NULL
? InternalfnProgressW
: NULL
),
2468 ProgressInvokeSetting
,
2471 RtlFreeUnicodeString(&ObjectName
);