- Use SeQuerySecurityDescriptorInfo() to retrieve an objects security descriptor.
authorEric Kohl <eric.kohl@reactos.org>
Thu, 9 Sep 2004 12:20:48 +0000 (12:20 +0000)
committerEric Kohl <eric.kohl@reactos.org>
Thu, 9 Sep 2004 12:20:48 +0000 (12:20 +0000)
- Disable debug messages.

svn path=/trunk/; revision=10806

reactos/ntoskrnl/ob/security.c

index a77f0a1..f6eadd6 100644 (file)
@@ -11,6 +11,7 @@
 /* INCLUDES *****************************************************************/
 
 #include <ntoskrnl.h>
+#define NDEBUG
 #include <internal/debug.h>
 
 /* FUNCTIONS ***************************************************************/
@@ -154,19 +155,10 @@ NtQuerySecurityObject(IN HANDLE Handle,
 {
   POBJECT_HEADER Header;
   PVOID Object;
-  PSECURITY_DESCRIPTOR ObjectSd;
-  PSID Owner = 0;
-  PSID Group = 0;
-  PACL Dacl = 0;
-  PACL Sacl = 0;
-  ULONG OwnerLength = 0;
-  ULONG GroupLength = 0;
-  ULONG DaclLength = 0;
-  ULONG SaclLength = 0;
-  ULONG Control = 0;
-  ULONG_PTR Current;
   NTSTATUS Status;
 
+  DPRINT("NtQuerySecurityObject() called\n");
+
   Status = ObReferenceObjectByHandle(Handle,
                                     (SecurityInformation & SACL_SECURITY_INFORMATION) ? ACCESS_SYSTEM_SECURITY : 0,
                                     NULL,
@@ -175,128 +167,34 @@ NtQuerySecurityObject(IN HANDLE Handle,
                                     NULL);
   if (!NT_SUCCESS(Status))
     {
+      DPRINT1("ObReferenceObjectByHandle() failed (Status %lx)\n", Status);
       return Status;
     }
 
   Header = BODY_TO_HEADER(Object);
   if (Header->ObjectType == NULL)
     {
+      DPRINT1("Invalid object type\n");
       ObDereferenceObject(Object);
       return STATUS_UNSUCCESSFUL;
     }
 
   if (Header->ObjectType->Security != NULL)
     {
+      *ResultLength = Length;
       Status = Header->ObjectType->Security(Object,
                                            QuerySecurityDescriptor,
                                            SecurityInformation,
                                            SecurityDescriptor,
-                                           &Length);
-      *ResultLength = Length;
+                                           ResultLength);
     }
   else
     {
-      ObjectSd = Header->SecurityDescriptor;
-
-      if (ObjectSd != NULL)
-       {
-         Control = SE_SELF_RELATIVE;
-         if ((SecurityInformation & OWNER_SECURITY_INFORMATION) &&
-             (ObjectSd->Owner != NULL))
-           {
-             Owner = (PSID)((ULONG_PTR)ObjectSd->Owner + (ULONG_PTR)ObjectSd);
-             OwnerLength = ROUND_UP(RtlLengthSid(Owner), 4);
-             Control |= (ObjectSd->Control & SE_OWNER_DEFAULTED);
-           }
-
-         if ((SecurityInformation & GROUP_SECURITY_INFORMATION) &&
-             (ObjectSd->Group != NULL))
-           {
-             Group = (PSID)((ULONG_PTR)ObjectSd->Group + (ULONG_PTR)ObjectSd);
-             GroupLength = ROUND_UP(RtlLengthSid(Group), 4);
-             Control |= (ObjectSd->Control & SE_GROUP_DEFAULTED);
-           }
-
-         if ((SecurityInformation & DACL_SECURITY_INFORMATION) &&
-             (ObjectSd->Control & SE_DACL_PRESENT))
-           {
-             if (ObjectSd->Dacl != NULL)
-               {
-                 Dacl = (PACL)((ULONG_PTR)ObjectSd->Dacl + (ULONG_PTR)ObjectSd);
-                 DaclLength = ROUND_UP((ULONG)Dacl->AclSize, 4);
-               }
-             Control |= (ObjectSd->Control & (SE_DACL_DEFAULTED | SE_DACL_PRESENT));
-           }
-
-         if ((SecurityInformation & SACL_SECURITY_INFORMATION) &&
-             (ObjectSd->Control & SE_SACL_PRESENT))
-           {
-             if (ObjectSd->Sacl != NULL)
-               {
-                 Sacl = (PACL)((ULONG_PTR)ObjectSd->Sacl + (ULONG_PTR)ObjectSd);
-                 SaclLength = ROUND_UP(Sacl->AclSize, 4);
-               }
-             Control |= (ObjectSd->Control & (SE_SACL_DEFAULTED | SE_SACL_PRESENT));
-           }
-
-         *ResultLength = OwnerLength + GroupLength +
-                         DaclLength + SaclLength + sizeof(SECURITY_DESCRIPTOR);
-         if (Length >= *ResultLength)
-           {
-             RtlCreateSecurityDescriptor(SecurityDescriptor,
-                                         SECURITY_DESCRIPTOR_REVISION1);
-             SecurityDescriptor->Control = Control;
-
-             Current = (ULONG_PTR)SecurityDescriptor + sizeof(SECURITY_DESCRIPTOR);
-
-             if (OwnerLength != 0)
-               {
-                 RtlCopyMemory((PVOID)Current,
-                               Owner,
-                               OwnerLength);
-                 SecurityDescriptor->Owner = (PSID)(Current - (ULONG_PTR)SecurityDescriptor);
-                 Current += OwnerLength;
-               }
-
-             if (GroupLength != 0)
-               {
-                 RtlCopyMemory((PVOID)Current,
-                               Group,
-                               GroupLength);
-                 SecurityDescriptor->Group = (PSID)(Current - (ULONG_PTR)SecurityDescriptor);
-                 Current += GroupLength;
-               }
-
-             if (DaclLength != 0)
-               {
-                 RtlCopyMemory((PVOID)Current,
-                               Dacl,
-                               DaclLength);
-                 SecurityDescriptor->Dacl = (PACL)(Current - (ULONG_PTR)SecurityDescriptor);
-                 Current += DaclLength;
-               }
-
-             if (SaclLength != 0)
-               {
-                 RtlCopyMemory((PVOID)Current,
-                               Sacl,
-                               SaclLength);
-                 SecurityDescriptor->Sacl = (PACL)(Current - (ULONG_PTR)SecurityDescriptor);
-                 Current += SaclLength;
-               }
-
-             Status = STATUS_SUCCESS;
-           }
-         else
-           {
-             Status = STATUS_BUFFER_TOO_SMALL;
-           }
-       }
-      else
-       {
-         *ResultLength = 0;
-         Status = STATUS_UNSUCCESSFUL;
-       }
+      *ResultLength = Length;
+      Status = SeQuerySecurityDescriptorInfo(&SecurityInformation,
+                                            SecurityDescriptor,
+                                            ResultLength,
+                                            &Header->SecurityDescriptor);
     }
 
   ObDereferenceObject(Object);
@@ -329,6 +227,8 @@ NtSetSecurityObject(IN HANDLE Handle,
   ULONG_PTR Current;
   NTSTATUS Status;
 
+  DPRINT("NtSetSecurityObject() called\n");
+
   Status = ObReferenceObjectByHandle(Handle,
                                     (SecurityInformation & SACL_SECURITY_INFORMATION) ? ACCESS_SYSTEM_SECURITY : 0,
                                     NULL,
@@ -337,12 +237,14 @@ NtSetSecurityObject(IN HANDLE Handle,
                                     NULL);
   if (!NT_SUCCESS(Status))
     {
+      DPRINT1("ObReferenceObjectByHandle() failed (Status %lx)\n", Status);
       return Status;
     }
 
   Header = BODY_TO_HEADER(Object);
-  if (Header->ObjectType != NULL)
+  if (Header->ObjectType == NULL)
     {
+      DPRINT1("Invalid object type\n");
       ObDereferenceObject(Object);
       return STATUS_UNSUCCESSFUL;
     }