source: trunk/src/NTDLL/sec.cpp@ 1735

Last change on this file since 1735 was 278, checked in by phaller, 26 years ago

Add: HandleManager support for kernel objects, various fixes

File size: 18.9 KB
Line 
1/* $Id: sec.cpp,v 1.3 1999-07-06 15:48:45 phaller Exp $ */
2
3/*
4 * Project Odin Software License can be found in LICENSE.TXT
5 * Win32 NT Runtime / NTDLL for OS/2
6 *
7 * Copyright 1998 original WINE Author
8 * Copyright 1998, 1999 Patrick Haller (phaller@gmx.net)
9 *
10 * Security functions
11 *
12 * Copyright 1996-1998 Marcus Meissner
13 */
14
15#include <stdlib.h>
16#include <string.h>
17#include <time.h>
18#include <ctype.h>
19#include <math.h>
20
21#include <os2win.h>
22#include "ntdll.h"
23
24/*
25#include "windef.h"
26#include "winbase.h"
27#include "winuser.h"
28#include "wine/winestring.h"
29#include "heap.h"
30#include "winnls.h"
31#include "winuser.h"
32#include "winerror.h"
33#include "stackframe.h"
34
35#include "winreg.h"
36*/
37
38/*
39 * SID FUNCTIONS
40 */
41
42/******************************************************************************
43 * RtlAllocateAndInitializeSid [NTDLL.265]
44 *
45 */
46BOOLEAN WINAPI RtlAllocateAndInitializeSid (PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
47 DWORD nSubAuthorityCount,
48 DWORD x3,
49 DWORD x4,
50 DWORD x5,
51 DWORD x6,
52 DWORD x7,
53 DWORD x8,
54 DWORD x9,
55 DWORD x10,
56 PSID pSid)
57{
58 dprintf(("NTDLL: RtlAllocateAndInitializeSid(%08xh,%08xh,%08xh,"
59 "%08xh,%08xh,%08xh,%08xh,%08xh,%08xh,%08xh,%08xh) not implemented.\n",
60 pIdentifierAuthority,
61 nSubAuthorityCount,
62 x3,
63 x4,
64 x5,
65 x6,
66 x7,
67 x8,
68 x9,
69 x10,
70 pSid));
71
72 return 0;
73}
74
75
76/******************************************************************************
77 * RtlEqualSid [NTDLL.352]
78 *
79 */
80DWORD WINAPI RtlEqualSid(DWORD x1,
81 DWORD x2)
82{
83 dprintf(("NTDLL: RtlEqualSid(%08x, %08x) not implemented.\n",
84 x1,
85 x2));
86
87 return TRUE;
88}
89
90
91/******************************************************************************
92 * RtlFreeSid [NTDLL.376]
93 */
94DWORD WINAPI RtlFreeSid(DWORD x1)
95{
96 dprintf(("NTDLL: RtlFreeSid(%08xh) not implemented.\n",
97 x1));
98
99 return TRUE;
100}
101
102
103/**************************************************************************
104 * RtlLengthRequiredSid [NTDLL.427]
105 */
106DWORD WINAPI RtlLengthRequiredSid(DWORD nrofsubauths)
107{
108 dprintf (("NTDLL: RtlLengthRequiredSid(%08xh)\n",
109 nrofsubauths));
110
111 return sizeof(DWORD)*nrofsubauths+sizeof(SID);
112}
113
114
115/**************************************************************************
116 * RtlLengthSid [NTDLL.429]
117 */
118DWORD WINAPI RtlLengthSid(PSID sid)
119{
120 dprintf(("NTDLL: RtlLengthSid(%08xh)\n",
121 sid));
122
123 if (!sid)
124 return FALSE;
125
126 return sizeof(DWORD)*sid->SubAuthorityCount+sizeof(SID);
127}
128
129
130/**************************************************************************
131 * RtlInitializeSid [NTDLL.410]
132 */
133DWORD WINAPI RtlInitializeSid(PSID psid,
134 PSID_IDENTIFIER_AUTHORITY psidauth,
135 DWORD c)
136{
137 BYTE a = c & 0xff;
138
139 dprintf(("NTDLL: RtlInitializeSid(%08xh,%08xh,%08xh)\n",
140 psid,
141 psidauth,
142 c));
143
144 if (a>=SID_MAX_SUB_AUTHORITIES)
145 return a;
146
147 psid->SubAuthorityCount = a;
148 psid->Revision = SID_REVISION;
149 memcpy(&(psid->IdentifierAuthority),
150 psidauth,
151 sizeof(SID_IDENTIFIER_AUTHORITY));
152
153 return STATUS_SUCCESS;
154}
155
156
157/**************************************************************************
158 * RtlSubAuthoritySid [NTDLL.497]
159 */
160LPDWORD WINAPI RtlSubAuthoritySid(PSID psid,
161 DWORD nr)
162{
163 dprintf(("NTDLL: RtlSubAuthoritySid(%08xh,%08xh)\n",
164 psid,
165 nr));
166
167 return &(psid->SubAuthority[nr]);
168}
169
170
171/**************************************************************************
172 * RtlSubAuthorityCountSid [NTDLL.496]
173 */
174
175LPBYTE WINAPI RtlSubAuthorityCountSid(PSID psid)
176{
177 dprintf(("NTDLL: RtlSubAUthorityCountSid(%08xh)\n",
178 psid));
179
180 return ((LPBYTE)psid)+1;
181}
182
183
184/**************************************************************************
185 * RtlCopySid [NTDLL.302]
186 */
187DWORD WINAPI RtlCopySid(DWORD len,
188 PSID to,
189 PSID from)
190{
191 dprintf(("NTDLL: RtlCopySid(%08xh,%08xh,%08xh)\n",
192 len,
193 to,
194 from));
195
196 if (!from)
197 return 0;
198
199 if (len<(from->SubAuthorityCount*4+8))
200 return STATUS_BUFFER_TOO_SMALL;
201
202 memmove(to,
203 from,
204 from->SubAuthorityCount*4+8);
205
206 return STATUS_SUCCESS;
207}
208
209
210/*
211 * security descriptor functions
212 */
213
214/**************************************************************************
215 * RtlCreateSecurityDescriptor [NTDLL.313]
216 *
217 * RETURNS:
218 * 0 success,
219 * STATUS_INVALID_OWNER, STATUS_PRIVILEGE_NOT_HELD, STATUS_NO_INHERITANCE,
220 * STATUS_NO_MEMORY
221 */
222NTSTATUS WINAPI RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR lpsd,
223 DWORD rev)
224{
225 dprintf(("NTDLL: RtlCreateSecurityDescriptor(%08xh,%08xh)\n",
226 lpsd,
227 rev));
228
229 if (rev!=SECURITY_DESCRIPTOR_REVISION)
230 return STATUS_UNKNOWN_REVISION;
231
232 memset(lpsd,
233 '\0',
234 sizeof(*lpsd));
235
236 lpsd->Revision = SECURITY_DESCRIPTOR_REVISION;
237
238 return STATUS_SUCCESS;
239}
240
241
242/**************************************************************************
243 * RtlValidSecurityDescriptor [NTDLL.313]
244 *
245 */
246NTSTATUS WINAPI RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
247{
248 dprintf(("NTDLL: RtlValidSecurityDescriptor(%08xh)\n",
249 SecurityDescriptor));
250
251 if ( ! SecurityDescriptor )
252 return STATUS_INVALID_SECURITY_DESCR;
253
254 if ( SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION )
255 return STATUS_UNKNOWN_REVISION;
256
257 return STATUS_SUCCESS;
258}
259
260
261/**************************************************************************
262 * RtlLengthSecurityDescriptor [NTDLL]
263 */
264ULONG WINAPI RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
265{
266 ULONG Size;
267
268 dprintf(("NTDLL: RtlLengthSecurityDescriptor(%08xh)\n",
269 SecurityDescriptor));
270
271 Size = SECURITY_DESCRIPTOR_MIN_LENGTH;
272 if ( SecurityDescriptor == NULL )
273 return 0;
274
275 if ( SecurityDescriptor->Owner != NULL )
276 Size += SecurityDescriptor->Owner->SubAuthorityCount;
277 if ( SecurityDescriptor->Group != NULL )
278 Size += SecurityDescriptor->Group->SubAuthorityCount;
279
280
281 if ( SecurityDescriptor->Sacl != NULL )
282 Size += SecurityDescriptor->Sacl->AclSize;
283 if ( SecurityDescriptor->Dacl != NULL )
284 Size += SecurityDescriptor->Dacl->AclSize;
285
286 return Size;
287}
288
289/******************************************************************************
290 * RtlGetDaclSecurityDescriptor [NTDLL]
291 *
292 */
293NTSTATUS WINAPI RtlGetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor,
294 PBOOLEAN lpbDaclPresent,
295 PACL *pDacl,
296 PBOOLEAN lpbDaclDefaulted)
297{
298 dprintf(("NTDLL: RtlGetDaclSecurityDescriptor(%08xh,%08xh,%08xh,%08xh)\n",
299 pSecurityDescriptor,
300 lpbDaclPresent,
301 pDacl,
302 lpbDaclDefaulted));
303
304 if (pSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
305 return STATUS_UNKNOWN_REVISION ;
306
307 *lpbDaclPresent = (SE_DACL_PRESENT & pSecurityDescriptor->Control);
308 if (*lpbDaclPresent ? 1 : 0)
309 {
310 if ( SE_SELF_RELATIVE & pSecurityDescriptor->Control)
311 {
312 *pDacl = (PACL) ((LPBYTE)pSecurityDescriptor + (DWORD)pSecurityDescriptor->Dacl);
313 }
314 else
315 {
316 *pDacl = pSecurityDescriptor->Dacl;
317 }
318 }
319
320 *lpbDaclDefaulted = (( SE_DACL_DEFAULTED & pSecurityDescriptor->Control ) ? 1 : 0);
321
322 return STATUS_SUCCESS;
323}
324
325
326/**************************************************************************
327 * RtlSetDaclSecurityDescriptor [NTDLL.483]
328 */
329NTSTATUS WINAPI RtlSetDaclSecurityDescriptor (PSECURITY_DESCRIPTOR lpsd,
330 BOOLEAN daclpresent,
331 PACL dacl,
332 BOOLEAN dacldefaulted)
333{
334 dprintf(("NTDLL: RtlSetDaclSecurityDescriptor(%08xh,%08xh,%08xh,%08xh)\n",
335 lpsd,
336 daclpresent,
337 dacl,
338 dacldefaulted));
339
340 if (lpsd->Revision!=SECURITY_DESCRIPTOR_REVISION)
341 return STATUS_UNKNOWN_REVISION;
342 if (lpsd->Control & SE_SELF_RELATIVE)
343 return STATUS_INVALID_SECURITY_DESCR;
344
345 if (!daclpresent)
346 {
347 lpsd->Control &= ~SE_DACL_PRESENT;
348 return TRUE;
349 }
350
351 lpsd->Control |= SE_DACL_PRESENT;
352 lpsd->Dacl = dacl;
353
354 if (dacldefaulted)
355 lpsd->Control |= SE_DACL_DEFAULTED;
356 else
357 lpsd->Control &= ~SE_DACL_DEFAULTED;
358
359 return STATUS_SUCCESS;
360}
361
362
363/******************************************************************************
364 * RtlGetSaclSecurityDescriptor [NTDLL]
365 *
366 */
367NTSTATUS WINAPI RtlGetSaclSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor,
368 PBOOLEAN lpbSaclPresent,
369 PACL *pSacl,
370 PBOOLEAN lpbSaclDefaulted)
371{
372 dprintf(("NTDLL: RtlGetSaclSecurityDescriptor(%08xh,%08xh,%08xh,%08xh)\n",
373 pSecurityDescriptor,
374 lpbSaclPresent,
375 pSacl,
376 lpbSaclDefaulted));
377
378 if (pSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
379 return STATUS_UNKNOWN_REVISION ;
380
381 *lpbSaclPresent = (SE_SACL_PRESENT & pSecurityDescriptor->Control);
382 if (*lpbSaclPresent ? 1 : 0)
383 {
384 if ( SE_SELF_RELATIVE & pSecurityDescriptor->Control)
385 {
386 *pSacl = (PACL) ((LPBYTE)pSecurityDescriptor + (DWORD)pSecurityDescriptor->Sacl);
387 }
388 else
389 {
390 *pSacl = pSecurityDescriptor->Sacl;
391 }
392 }
393
394 *lpbSaclDefaulted = (( SE_SACL_DEFAULTED & pSecurityDescriptor->Control ) ? 1 : 0);
395
396 return STATUS_SUCCESS;
397}
398
399
400/**************************************************************************
401 * RtlSetSaclSecurityDescriptor [NTDLL.488]
402 */
403NTSTATUS WINAPI RtlSetSaclSecurityDescriptor (PSECURITY_DESCRIPTOR lpsd,
404 BOOLEAN saclpresent,
405 PACL sacl,
406 BOOLEAN sacldefaulted)
407{
408 dprintf(("NTDLL: RtlSetSaclSecurityDescriptor(%08xh,%08xh,%08xh,%08xh)\n",
409 lpsd,
410 saclpresent,
411 sacl,
412 sacldefaulted));
413
414 if (lpsd->Revision!=SECURITY_DESCRIPTOR_REVISION)
415 return STATUS_UNKNOWN_REVISION;
416
417 if (lpsd->Control & SE_SELF_RELATIVE)
418 return STATUS_INVALID_SECURITY_DESCR;
419
420 if (!saclpresent)
421 {
422 lpsd->Control &= ~SE_SACL_PRESENT;
423 return 0;
424 }
425
426 lpsd->Control |= SE_SACL_PRESENT;
427 lpsd->Sacl = sacl;
428
429 if (sacldefaulted)
430 lpsd->Control |= SE_SACL_DEFAULTED;
431 else
432 lpsd->Control &= ~SE_SACL_DEFAULTED;
433
434 return STATUS_SUCCESS;
435}
436
437
438/**************************************************************************
439 * RtlGetOwnerSecurityDescriptor [NTDLL.488]
440 */
441NTSTATUS WINAPI RtlGetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
442 PSID *Owner,
443 PBOOLEAN OwnerDefaulted)
444{
445 dprintf(("NTDLL: RtlGetOwnerSecurityDescriptor(%08xh,%08xh,%08xh)\n",
446 SecurityDescriptor,
447 Owner,
448 OwnerDefaulted));
449
450 if ( !SecurityDescriptor || !Owner || !OwnerDefaulted )
451 return STATUS_INVALID_PARAMETER;
452
453 *Owner = SecurityDescriptor->Owner;
454 if ( *Owner != NULL )
455 {
456 if ( SecurityDescriptor->Control & SE_OWNER_DEFAULTED )
457 *OwnerDefaulted = TRUE;
458 else
459 *OwnerDefaulted = FALSE;
460 }
461
462 return STATUS_SUCCESS;
463}
464
465
466/**************************************************************************
467 * RtlSetOwnerSecurityDescriptor [NTDLL.487]
468 */
469NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR lpsd,
470 PSID owner,
471 BOOLEAN ownerdefaulted)
472{
473 dprintf(("NTDLL: RtlSetOwnerSecurityDescriptor(%08x,%08xh,%08xh)\n",
474 lpsd,
475 owner,
476 ownerdefaulted));
477
478 if (lpsd->Revision!=SECURITY_DESCRIPTOR_REVISION)
479 return STATUS_UNKNOWN_REVISION;
480 if (lpsd->Control & SE_SELF_RELATIVE)
481 return STATUS_INVALID_SECURITY_DESCR;
482
483 lpsd->Owner = owner;
484 if (ownerdefaulted)
485 lpsd->Control |= SE_OWNER_DEFAULTED;
486 else
487 lpsd->Control &= ~SE_OWNER_DEFAULTED;
488
489 return STATUS_SUCCESS;
490}
491
492
493/**************************************************************************
494 * RtlSetGroupSecurityDescriptor [NTDLL.485]
495 */
496NTSTATUS WINAPI RtlSetGroupSecurityDescriptor (PSECURITY_DESCRIPTOR lpsd,
497 PSID group,
498 BOOLEAN groupdefaulted)
499{
500 dprintf(("NTDLL: RtlSetGroupSecurityDescriptor(%08xh,%08xh,%08xh)\n",
501 lpsd,
502 group,
503 groupdefaulted));
504
505 if (lpsd->Revision!=SECURITY_DESCRIPTOR_REVISION)
506 return STATUS_UNKNOWN_REVISION;
507 if (lpsd->Control & SE_SELF_RELATIVE)
508 return STATUS_INVALID_SECURITY_DESCR;
509
510 lpsd->Group = group;
511 if (groupdefaulted)
512 lpsd->Control |= SE_GROUP_DEFAULTED;
513 else
514 lpsd->Control &= ~SE_GROUP_DEFAULTED;
515
516 return STATUS_SUCCESS;
517}
518
519
520/**************************************************************************
521 * RtlGetGroupSecurityDescriptor [NTDLL]
522 */
523NTSTATUS WINAPI RtlGetGroupSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
524 PSID *Group,
525 PBOOLEAN GroupDefaulted)
526{
527 dprintf(("NTDLL: RtlGetGroupSecurityDescriptor(%08xh,%08xh,%08xh)\n",
528 SecurityDescriptor,
529 Group,
530 GroupDefaulted));
531
532 if ( !SecurityDescriptor || !Group || !GroupDefaulted )
533 return STATUS_INVALID_PARAMETER;
534
535 *Group = SecurityDescriptor->Group;
536 if ( *Group != NULL )
537 {
538 if ( SecurityDescriptor->Control & SE_GROUP_DEFAULTED )
539 *GroupDefaulted = TRUE;
540 else
541 *GroupDefaulted = FALSE;
542 }
543
544 return STATUS_SUCCESS;
545}
546
547
548/*
549 * access control list's
550 */
551
552/**************************************************************************
553 * RtlCreateAcl [NTDLL.306]
554 *
555 * NOTES
556 * This should return NTSTATUS
557 */
558DWORD WINAPI RtlCreateAcl(PACL acl,
559 DWORD size,
560 DWORD rev)
561{
562 dprintf(("NTDLL: RtlCreateAcl(%08xh,%08xh,%08xh)\n",
563 acl,
564 size,
565 rev));
566
567 if (rev!=ACL_REVISION)
568 return STATUS_INVALID_PARAMETER;
569 if (size<sizeof(ACL))
570 return STATUS_BUFFER_TOO_SMALL;
571 if (size>0xFFFF)
572 return STATUS_INVALID_PARAMETER;
573
574 memset(acl,'\0',sizeof(ACL));
575 acl->AclRevision = rev;
576 acl->AclSize = size;
577 acl->AceCount = 0;
578
579 return 0;
580}
581
582
583/**************************************************************************
584 * RtlFirstFreeAce [NTDLL.370]
585 * looks for the AceCount+1 ACE, and if it is still within the alloced
586 * ACL, return a pointer to it
587 */
588BOOLEAN WINAPI RtlFirstFreeAce(PACL acl,
589 PACE_HEADER *x)
590{
591 PACE_HEADER ace;
592 int i;
593
594 dprintf(("NTDLL: RtlFirstFreeAct(%08xh,%08xh)\n",
595 acl,
596 x));
597
598 *x = 0;
599 ace = (PACE_HEADER)(acl+1);
600 for (i=0;
601 i<acl->AceCount;
602 i++)
603 {
604 if ((DWORD)ace>=(((DWORD)acl)+acl->AclSize))
605 return 0;
606
607 ace = (PACE_HEADER)(((BYTE*)ace)+ace->AceSize);
608 }
609
610 if ((DWORD)ace>=(((DWORD)acl)+acl->AclSize))
611 return 0;
612
613 *x = ace;
614 return 1;
615}
616
617
618/**************************************************************************
619 * RtlAddAce [NTDLL.260]
620 */
621NTSTATUS WINAPI RtlAddAce(PACL acl,
622 DWORD rev,
623 DWORD xnrofaces,
624 PACE_HEADER acestart,
625 DWORD acelen)
626{
627 PACE_HEADER ace,targetace;
628 int nrofaces;
629
630 dprintf(("NTDLL: RtlAddAce(%08xh,%08xh,%08xh,%08xh,%08xh)\n",
631 acl,
632 rev,
633 xnrofaces,
634 acestart,
635 acelen));
636
637 if (acl->AclRevision != ACL_REVISION)
638 return STATUS_INVALID_PARAMETER;
639
640 if (!RtlFirstFreeAce(acl,&targetace))
641 return STATUS_INVALID_PARAMETER;
642
643 nrofaces=0;
644 ace=acestart;
645
646 while (((DWORD)ace-(DWORD)acestart)<acelen)
647 {
648 nrofaces++;
649 ace = (PACE_HEADER)(((BYTE*)ace)+ace->AceSize);
650 }
651
652 if ((DWORD)targetace+acelen>(DWORD)acl+acl->AclSize) /* too much aces */
653 return STATUS_INVALID_PARAMETER;
654
655 memcpy((LPBYTE)targetace,acestart,acelen);
656 acl->AceCount+=nrofaces;
657
658 return STATUS_SUCCESS;
659}
660
661
662/******************************************************************************
663 * RtlAddAccessAllowedAce [NTDLL]
664 */
665DWORD WINAPI RtlAddAccessAllowedAce(DWORD x1,
666 DWORD x2,
667 DWORD x3,
668 DWORD x4)
669{
670 dprintf(("NTDLL: RtlAddAccessAllowedAce(%08xh,%08xh,%08xh,%08xh) not implemented.\n",
671 x1,
672 x2,
673 x3,
674 x4));
675
676 return 0;
677}
678
679
680/******************************************************************************
681 * RtlGetAce [NTDLL]
682 */
683DWORD WINAPI RtlGetAce(PACL pAcl,
684 DWORD dwAceIndex,
685 LPVOID *pAce )
686{
687 dprintf(("NTDLL: RtlGetAce(%08x,%08x,%08x) not implemented.\n",
688 pAcl,
689 dwAceIndex,
690 pAce));
691
692 return 0;
693}
694
695
696/*
697 * misc
698 */
699
700/******************************************************************************
701 * RtlAdjustPrivilege [NTDLL]
702 */
703DWORD WINAPI RtlAdjustPrivilege(DWORD x1,
704 DWORD x2,
705 DWORD x3,
706 DWORD x4)
707{
708 dprintf(("NTDLL: RtlAdjustPrivilege(%08xh,%08xh,%08xh,%08xh) not implemented.\n",
709 x1,
710 x2,
711 x3,
712 x4));
713
714 return 0;
715}
716
Note: See TracBrowser for help on using the repository browser.