{ {'L','A'}, WinAccountAdministratorSid, DOMAIN_USER_RID_ADMIN },
{ {'L','G'}, WinAccountGuestSid, DOMAIN_USER_RID_GUEST },
{ {0,0}, WinAccountKrbtgtSid, DOMAIN_USER_RID_KRBTGT },
- { {0,0}, WinAccountDomainAdminsSid, DOMAIN_GROUP_RID_ADMINS },
- { {0,0}, WinAccountDomainUsersSid, DOMAIN_GROUP_RID_USERS },
- { {0,0}, WinAccountDomainGuestsSid, DOMAIN_GROUP_RID_GUESTS },
- { {0,0}, WinAccountComputersSid, DOMAIN_GROUP_RID_COMPUTERS },
- { {0,0}, WinAccountControllersSid, DOMAIN_GROUP_RID_CONTROLLERS },
- { {0,0}, WinAccountCertAdminsSid, DOMAIN_GROUP_RID_CERT_ADMINS },
- { {0,0}, WinAccountSchemaAdminsSid, DOMAIN_GROUP_RID_SCHEMA_ADMINS },
- { {0,0}, WinAccountEnterpriseAdminsSid, DOMAIN_GROUP_RID_ENTERPRISE_ADMINS },
- { {0,0}, WinAccountPolicyAdminsSid, DOMAIN_GROUP_RID_POLICY_ADMINS },
- { {0,0}, WinAccountRasAndIasServersSid, DOMAIN_ALIAS_RID_RAS_SERVERS },
+ { {'D','A'}, WinAccountDomainAdminsSid, DOMAIN_GROUP_RID_ADMINS },
+ { {'D','U'}, WinAccountDomainUsersSid, DOMAIN_GROUP_RID_USERS },
+ { {'D','G'}, WinAccountDomainGuestsSid, DOMAIN_GROUP_RID_GUESTS },
+ { {'D','C'}, WinAccountComputersSid, DOMAIN_GROUP_RID_COMPUTERS },
+ { {'D','D'}, WinAccountControllersSid, DOMAIN_GROUP_RID_CONTROLLERS },
+ { {'C','A'}, WinAccountCertAdminsSid, DOMAIN_GROUP_RID_CERT_ADMINS },
+ { {'S','A'}, WinAccountSchemaAdminsSid, DOMAIN_GROUP_RID_SCHEMA_ADMINS },
+ { {'E','A'}, WinAccountEnterpriseAdminsSid, DOMAIN_GROUP_RID_ENTERPRISE_ADMINS },
+ { {'P','A'}, WinAccountPolicyAdminsSid, DOMAIN_GROUP_RID_POLICY_ADMINS },
+ { {'R','S'}, WinAccountRasAndIasServersSid, DOMAIN_ALIAS_RID_RAS_SERVERS },
};
+#ifndef __REACTOS__
static const SID sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } };
+#endif
+
+static const WCHAR SDDL_NO_READ_UP[] = {'N','R',0};
+static const WCHAR SDDL_NO_WRITE_UP[] = {'N','W',0};
+static const WCHAR SDDL_NO_EXECUTE_UP[] = {'N','X',0};
/*
* ACE types
*/
static const WCHAR SDDL_ACCESS_ALLOWED[] = {'A',0};
static const WCHAR SDDL_ACCESS_DENIED[] = {'D',0};
+#ifndef __REACTOS__
static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[] = {'O','A',0};
static const WCHAR SDDL_OBJECT_ACCESS_DENIED[] = {'O','D',0};
+#endif
static const WCHAR SDDL_AUDIT[] = {'A','U',0};
static const WCHAR SDDL_ALARM[] = {'A','L',0};
+static const WCHAR SDDL_MANDATORY_LABEL[] = {'M','L',0};
+#ifndef __REACTOS__
static const WCHAR SDDL_OBJECT_AUDIT[] = {'O','U',0};
static const WCHAR SDDL_OBJECT_ALARM[] = {'O','L',0};
+#endif
/*
* SDDL ADS Rights
PHANDLE newToken)
{
TOKEN_TYPE type;
- SECURITY_IMPERSONATION_LEVEL level = TokenImpersonationLevel;
+ SECURITY_IMPERSONATION_LEVEL level = SecurityAnonymous;
DWORD size;
FIXME("(%p, 0x%x, %u, %p, %u, %p, %u, %p, %p): stub\n",
LookupPrivilegeDisplayNameA(LPCSTR lpSystemName,
LPCSTR lpName,
LPSTR lpDisplayName,
- LPDWORD cbDisplayName,
+ LPDWORD cchDisplayName,
LPDWORD lpLanguageId)
{
- FIXME("%s() not implemented!\n", __FUNCTION__);
- SetLastError (ERROR_CALL_NOT_IMPLEMENTED);
- return FALSE;
-}
+ UNICODE_STRING lpSystemNameW;
+ UNICODE_STRING lpNameW;
+ BOOL ret;
+ DWORD wLen = 0;
+ TRACE("%s %s %p %p %p\n", debugstr_a(lpSystemName), debugstr_a(lpName), lpName, cchDisplayName, lpLanguageId);
-/**********************************************************************
- * LookupPrivilegeDisplayNameW EXPORTED
- *
- * @unimplemented
- */
-BOOL
-WINAPI
-LookupPrivilegeDisplayNameW(LPCWSTR lpSystemName,
- LPCWSTR lpName,
- LPWSTR lpDisplayName,
- LPDWORD cbDisplayName,
- LPDWORD lpLanguageId)
-{
- FIXME("%s() not implemented!\n", __FUNCTION__);
- SetLastError (ERROR_CALL_NOT_IMPLEMENTED);
- return FALSE;
+ RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
+ RtlCreateUnicodeStringFromAsciiz(&lpNameW, lpName);
+ ret = LookupPrivilegeDisplayNameW(lpSystemNameW.Buffer, lpNameW.Buffer, NULL, &wLen, lpLanguageId);
+ if (!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
+ {
+ LPWSTR lpDisplayNameW = HeapAlloc(GetProcessHeap(), 0, wLen * sizeof(WCHAR));
+
+ ret = LookupPrivilegeDisplayNameW(lpSystemNameW.Buffer, lpNameW.Buffer, lpDisplayNameW,
+ &wLen, lpLanguageId);
+ if (ret)
+ {
+ unsigned int len = WideCharToMultiByte(CP_ACP, 0, lpDisplayNameW, -1, lpDisplayName,
+ *cchDisplayName, NULL, NULL);
+
+ if (len == 0)
+ {
+ /* WideCharToMultiByte failed */
+ ret = FALSE;
+ }
+ else if (len > *cchDisplayName)
+ {
+ *cchDisplayName = len;
+ SetLastError(ERROR_INSUFFICIENT_BUFFER);
+ ret = FALSE;
+ }
+ else
+ {
+ /* WideCharToMultiByte succeeded, output length needs to be
+ * length not including NULL terminator
+ */
+ *cchDisplayName = len - 1;
+ }
+ }
+ HeapFree(GetProcessHeap(), 0, lpDisplayNameW);
+ }
+ RtlFreeUnicodeString(&lpSystemNameW);
+ RtlFreeUnicodeString(&lpNameW);
+ return ret;
}
/**********************************************************************
{ SDDL_AUDIT, SYSTEM_AUDIT_ACE_TYPE },
{ SDDL_ACCESS_ALLOWED, ACCESS_ALLOWED_ACE_TYPE },
{ SDDL_ACCESS_DENIED, ACCESS_DENIED_ACE_TYPE },
+ { SDDL_MANDATORY_LABEL,SYSTEM_MANDATORY_LABEL_ACE_TYPE },
/*
{ SDDL_OBJECT_ACCESS_ALLOWED, ACCESS_ALLOWED_OBJECT_ACE_TYPE },
{ SDDL_OBJECT_ACCESS_DENIED, ACCESS_DENIED_OBJECT_ACE_TYPE },
{ SDDL_KEY_READ, KEY_READ },
{ SDDL_KEY_WRITE, KEY_WRITE },
{ SDDL_KEY_EXECUTE, KEY_EXECUTE },
+
+ { SDDL_NO_READ_UP, SYSTEM_MANDATORY_LABEL_NO_READ_UP },
+ { SDDL_NO_WRITE_UP, SYSTEM_MANDATORY_LABEL_NO_WRITE_UP },
+ { SDDL_NO_EXECUTE_UP, SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP },
{ NULL, 0 },
};
{
BOOL bret = FALSE;
WCHAR toktype;
- WCHAR tok[MAX_PATH];
+ WCHAR *tok;
LPCWSTR lptoken;
LPBYTE lpNext = NULL;
DWORD len;
*cBytes = sizeof(SECURITY_DESCRIPTOR);
+ tok = heap_alloc( (lstrlenW(StringSecurityDescriptor) + 1) * sizeof(WCHAR));
+
if (SecurityDescriptor)
lpNext = (LPBYTE)(SecurityDescriptor + 1);
bret = TRUE;
lend:
+ heap_free(tok);
return bret;
}
return r;
}
-/*
- * @unimplemented
+/******************************************************************************
+ * GetWindowsAccountDomainSid [ADVAPI32.@]
*/
-BOOL
-WINAPI
-GetWindowsAccountDomainSid(IN PSID pSid,
- OUT PSID ppDomainSid,
- IN OUT DWORD* cbSid)
+BOOL WINAPI GetWindowsAccountDomainSid( PSID sid, PSID domain_sid, DWORD *size )
{
- UNIMPLEMENTED;
- return FALSE;
+ SID_IDENTIFIER_AUTHORITY domain_ident = { SECURITY_NT_AUTHORITY };
+ DWORD required_size;
+ int i;
+
+ FIXME( "(%p %p %p): semi-stub\n", sid, domain_sid, size );
+
+ if (!sid || !IsValidSid( sid ))
+ {
+ SetLastError( ERROR_INVALID_SID );
+ return FALSE;
+ }
+
+ if (!size)
+ {
+ SetLastError( ERROR_INVALID_PARAMETER );
+ return FALSE;
+ }
+
+ if (*GetSidSubAuthorityCount( sid ) < 4)
+ {
+ SetLastError( ERROR_INVALID_SID );
+ return FALSE;
+ }
+
+ required_size = GetSidLengthRequired( 4 );
+ if (*size < required_size || !domain_sid)
+ {
+ *size = required_size;
+ SetLastError( domain_sid ? ERROR_INSUFFICIENT_BUFFER :
+ ERROR_INVALID_PARAMETER );
+ return FALSE;
+ }
+
+ InitializeSid( domain_sid, &domain_ident, 4 );
+ for (i = 0; i < 4; i++)
+ *GetSidSubAuthority( domain_sid, i ) = *GetSidSubAuthority( sid, i );
+
+ *size = required_size;
+ return TRUE;
}
/*