From ccdee96401d719c30d66e5543d5c885dc1a9d20d Mon Sep 17 00:00:00 2001 From: Eric Kohl Date: Thu, 27 Sep 2012 09:57:43 +0000 Subject: [PATCH] [ADVAPI32] Implement LsaQuerySecurityObject and LsaSetSecurityObject. svn path=/trunk/; revision=57398 --- reactos/dll/win32/advapi32/advapi32.spec | 4 +- reactos/dll/win32/advapi32/sec/lsa.c | 99 ++++++++++++++++++++++++ reactos/include/psdk/ntsecapi.h | 6 +- 3 files changed, 105 insertions(+), 4 deletions(-) diff --git a/reactos/dll/win32/advapi32/advapi32.spec b/reactos/dll/win32/advapi32/advapi32.spec index 3544680cffc..8191196335a 100644 --- a/reactos/dll/win32/advapi32/advapi32.spec +++ b/reactos/dll/win32/advapi32/advapi32.spec @@ -388,7 +388,7 @@ @ stdcall LsaQueryInfoTrustedDomain(long long long) @ stdcall LsaQueryInformationPolicy(ptr long ptr) @ stdcall LsaQuerySecret(ptr ptr ptr ptr ptr) -@ stub LsaQuerySecurityObject +@ stdcall LsaQuerySecurityObject(ptr long ptr) @ stdcall LsaQueryTrustedDomainInfo(ptr ptr long ptr) @ stdcall LsaQueryTrustedDomainInfoByName(ptr ptr long ptr) @ stdcall LsaRegisterPolicyChangeNotification(long long) @@ -401,7 +401,7 @@ @ stub LsaSetInformationTrustedDomain @ stdcall LsaSetQuotasForAccount(ptr ptr) @ stdcall LsaSetSecret(ptr ptr ptr) -@ stub LsaSetSecurityObject +@ stdcall LsaSetSecurityObject(ptr long ptr) @ stdcall LsaSetSystemAccessAccount(ptr long) @ stdcall LsaSetTrustedDomainInfoByName(ptr ptr long ptr) @ stdcall LsaSetTrustedDomainInformation(ptr ptr long ptr) diff --git a/reactos/dll/win32/advapi32/sec/lsa.c b/reactos/dll/win32/advapi32/sec/lsa.c index 7bf2a16eccf..04cee32314e 100644 --- a/reactos/dll/win32/advapi32/sec/lsa.c +++ b/reactos/dll/win32/advapi32/sec/lsa.c @@ -1380,6 +1380,51 @@ done: } +/* + * @implemented + */ +NTSTATUS +WINAPI +LsaQuerySecurityObject(IN LSA_HANDLE ObjectHandle, + IN SECURITY_INFORMATION SecurityInformation, + OUT PSECURITY_DESCRIPTOR *SecurityDescriptor) +{ + LSAPR_SR_SECURITY_DESCRIPTOR SdBuffer; + PLSAPR_SR_SECURITY_DESCRIPTOR SdPointer; + NTSTATUS Status; + + TRACE("LsaQuerySecurityObject(%p %lx %p)\n", + ObjectHandle, SecurityInformation, SecurityDescriptor); + + SdBuffer.Length = 0; + SdBuffer.SecurityDescriptor = NULL; + + SdPointer = &SdBuffer; + + RpcTryExcept + { + Status = LsarQuerySecurityObject((LSAPR_HANDLE)ObjectHandle, + SecurityInformation, + &SdPointer); + if (NT_SUCCESS(Status)) + { + *SecurityDescriptor = SdBuffer.SecurityDescriptor; + } + else + { + *SecurityDescriptor = NULL; + } + } + RpcExcept(EXCEPTION_EXECUTE_HANDLER) + { + Status = I_RpcMapWin32Status(RpcExceptionCode()); + } + RpcEndExcept; + + return Status; +} + + /* * @unimplemented */ @@ -1661,6 +1706,60 @@ done: } +/* + * @implemented + */ +NTSTATUS +WINAPI +LsaSetSecurityObject(IN LSA_HANDLE ObjectHandle, + IN SECURITY_INFORMATION SecurityInformation, + IN PSECURITY_DESCRIPTOR SecurityDescriptor) +{ + LSAPR_SR_SECURITY_DESCRIPTOR SdBuffer = {0, NULL}; + ULONG SdLength = 0; + NTSTATUS Status; + + TRACE("LsaSetSecurityObject(%p %lx %p)\n", + ObjectHandle, SecurityInformation, SecurityDescriptor); + + Status = RtlMakeSelfRelativeSD(SecurityDescriptor, + NULL, + &SdLength); + if (Status != STATUS_BUFFER_TOO_SMALL) + return STATUS_INVALID_PARAMETER; + + SdBuffer.SecurityDescriptor = MIDL_user_allocate(SdLength); + if (SdBuffer.SecurityDescriptor == NULL) + return STATUS_INSUFFICIENT_RESOURCES; + + Status = RtlMakeSelfRelativeSD(SecurityDescriptor, + (PSECURITY_DESCRIPTOR)SdBuffer.SecurityDescriptor, + &SdLength); + if (!NT_SUCCESS(Status)) + goto done; + + SdBuffer.Length = SdLength; + + RpcTryExcept + { + Status = LsarSetSecurityObject((LSAPR_HANDLE)ObjectHandle, + SecurityInformation, + &SdBuffer); + } + RpcExcept(EXCEPTION_EXECUTE_HANDLER) + { + Status = I_RpcMapWin32Status(RpcExceptionCode()); + } + RpcEndExcept; + +done: + if (SdBuffer.SecurityDescriptor != NULL) + MIDL_user_free(SdBuffer.SecurityDescriptor); + + return Status; +} + + /* * @implemented */ diff --git a/reactos/include/psdk/ntsecapi.h b/reactos/include/psdk/ntsecapi.h index def5cc7ce3b..a45dd46cd57 100644 --- a/reactos/include/psdk/ntsecapi.h +++ b/reactos/include/psdk/ntsecapi.h @@ -709,6 +709,7 @@ NTSTATUS NTAPI LsaOpenAccount(LSA_HANDLE,PSID,ACCESS_MASK,PLSA_HANDLE); NTSTATUS NTAPI LsaOpenPolicy(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES, ACCESS_MASK,PLSA_HANDLE); NTSTATUS NTAPI LsaOpenSecret(LSA_HANDLE, PLSA_UNICODE_STRING, ACCESS_MASK, PLSA_HANDLE); +NTSTATUS NTAPI LsaQuerySecurityObject(LSA_HANDLE,SECURITY_INFORMATION,PSECURITY_DESCRIPTOR*); NTSTATUS NTAPI LsaOpenTrustedDomain(LSA_HANDLE,PSID,ACCESS_MASK,PLSA_HANDLE); NTSTATUS NTAPI LsaOpenTrustedDomainByName(LSA_HANDLE,PLSA_UNICODE_STRING, ACCESS_MASK,PLSA_HANDLE); @@ -728,9 +729,10 @@ NTSTATUS NTAPI LsaRetrievePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING, PLSA_UNICODE_STRING*); NTSTATUS NTAPI LsaSetDomainInformationPolicy(LSA_HANDLE, POLICY_DOMAIN_INFORMATION_CLASS,PVOID); -NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS, PVOID); +NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID); NTSTATUS NTAPI LsaSetQuotasForAccount(LSA_HANDLE,PQUOTA_LIMITS); NTSTATUS NTAPI LsaSetSecret(LSA_HANDLE,PLSA_UNICODE_STRING,PLSA_UNICODE_STRING); +NTSTATUS NTAPI LsaSetSecurityObject(LSA_HANDLE,SECURITY_INFORMATION,PSECURITY_DESCRIPTOR); NTSTATUS NTAPI LsaSetSystemAccessAccount(LSA_HANDLE,ULONG); NTSTATUS NTAPI LsaSetTrustedDomainInformation(LSA_HANDLE,PSID, TRUSTED_INFORMATION_CLASS,PVOID); @@ -740,7 +742,7 @@ NTSTATUS NTAPI LsaStorePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING, PLSA_UNICODE_STRING); typedef NTSTATUS (NTAPI *PSAM_PASSWORD_NOTIFICATION_ROUTINE)(PUNICODE_STRING, ULONG,PUNICODE_STRING); -typedef BOOLEAN (NTAPI *PSAM_INIT_NOTIFICATION_ROUTINE)(void); +typedef BOOLEAN (NTAPI *PSAM_INIT_NOTIFICATION_ROUTINE)(VOID); typedef BOOLEAN (NTAPI *PSAM_PASSWORD_FILTER_ROUTINE)(PUNICODE_STRING,PUNICODE_STRING, PUNICODE_STRING,BOOLEAN); #ifdef __cplusplus -- 2.17.1