Context Navigation

source: trunk/src/NTDLL/sec.cpp@ 1767

Visit:

Last change on this file since 1767 was 278, checked in by phaller, 26 years ago
Add: HandleManager support for kernel objects, various fixes
File size: 18.9 KB

Line
1	/* $Id: sec.cpp,v 1.3 1999-07-06 15:48:45 phaller Exp $ */
2
3	/*
4	* Project Odin Software License can be found in LICENSE.TXT
5	* Win32 NT Runtime / NTDLL for OS/2
6	*
7	* Copyright 1998 original WINE Author
8	* Copyright 1998, 1999 Patrick Haller (phaller@gmx.net)
9	*
10	* Security functions
11	*
12	* Copyright 1996-1998 Marcus Meissner
13	*/
14
15	#include <stdlib.h>
16	#include <string.h>
17	#include <time.h>
18	#include <ctype.h>
19	#include <math.h>
20
21	#include <os2win.h>
22	#include "ntdll.h"
23
24	/*
25	#include "windef.h"
26	#include "winbase.h"
27	#include "winuser.h"
28	#include "wine/winestring.h"
29	#include "heap.h"
30	#include "winnls.h"
31	#include "winuser.h"
32	#include "winerror.h"
33	#include "stackframe.h"
34
35	#include "winreg.h"
36	*/
37
38	/*
39	* SID FUNCTIONS
40	*/
41
42	/******************************************************************************
43	* RtlAllocateAndInitializeSid [NTDLL.265]
44	*
45	*/
46	BOOLEAN WINAPI RtlAllocateAndInitializeSid (PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
47	DWORD nSubAuthorityCount,
48	DWORD x3,
49	DWORD x4,
50	DWORD x5,
51	DWORD x6,
52	DWORD x7,
53	DWORD x8,
54	DWORD x9,
55	DWORD x10,
56	PSID pSid)
57	{
58	dprintf(("NTDLL: RtlAllocateAndInitializeSid(%08xh,%08xh,%08xh,"
59	"%08xh,%08xh,%08xh,%08xh,%08xh,%08xh,%08xh,%08xh) not implemented.\n",
60	pIdentifierAuthority,
61	nSubAuthorityCount,
62	x3,
63	x4,
64	x5,
65	x6,
66	x7,
67	x8,
68	x9,
69	x10,
70	pSid));
71
72	return 0;
73	}
74
75
76	/******************************************************************************
77	* RtlEqualSid [NTDLL.352]
78	*
79	*/
80	DWORD WINAPI RtlEqualSid(DWORD x1,
81	DWORD x2)
82	{
83	dprintf(("NTDLL: RtlEqualSid(%08x, %08x) not implemented.\n",
84	x1,
85	x2));
86
87	return TRUE;
88	}
89
90
91	/******************************************************************************
92	* RtlFreeSid [NTDLL.376]
93	*/
94	DWORD WINAPI RtlFreeSid(DWORD x1)
95	{
96	dprintf(("NTDLL: RtlFreeSid(%08xh) not implemented.\n",
97	x1));
98
99	return TRUE;
100	}
101
102
103	/**************************************************************************
104	* RtlLengthRequiredSid [NTDLL.427]
105	*/
106	DWORD WINAPI RtlLengthRequiredSid(DWORD nrofsubauths)
107	{
108	dprintf (("NTDLL: RtlLengthRequiredSid(%08xh)\n",
109	nrofsubauths));
110
111	return sizeof(DWORD)*nrofsubauths+sizeof(SID);
112	}
113
114
115	/**************************************************************************
116	* RtlLengthSid [NTDLL.429]
117	*/
118	DWORD WINAPI RtlLengthSid(PSID sid)
119	{
120	dprintf(("NTDLL: RtlLengthSid(%08xh)\n",
121	sid));
122
123	if (!sid)
124	return FALSE;
125
126	return sizeof(DWORD)*sid->SubAuthorityCount+sizeof(SID);
127	}
128
129
130	/**************************************************************************
131	* RtlInitializeSid [NTDLL.410]
132	*/
133	DWORD WINAPI RtlInitializeSid(PSID psid,
134	PSID_IDENTIFIER_AUTHORITY psidauth,
135	DWORD c)
136	{
137	BYTE a = c & 0xff;
138
139	dprintf(("NTDLL: RtlInitializeSid(%08xh,%08xh,%08xh)\n",
140	psid,
141	psidauth,
142	c));
143
144	if (a>=SID_MAX_SUB_AUTHORITIES)
145	return a;
146
147	psid->SubAuthorityCount = a;
148	psid->Revision = SID_REVISION;
149	memcpy(&(psid->IdentifierAuthority),
150	psidauth,
151	sizeof(SID_IDENTIFIER_AUTHORITY));
152
153	return STATUS_SUCCESS;
154	}
155
156
157	/**************************************************************************
158	* RtlSubAuthoritySid [NTDLL.497]
159	*/
160	LPDWORD WINAPI RtlSubAuthoritySid(PSID psid,
161	DWORD nr)
162	{
163	dprintf(("NTDLL: RtlSubAuthoritySid(%08xh,%08xh)\n",
164	psid,
165	nr));
166
167	return &(psid->SubAuthority[nr]);
168	}
169
170
171	/**************************************************************************
172	* RtlSubAuthorityCountSid [NTDLL.496]
173	*/
174
175	LPBYTE WINAPI RtlSubAuthorityCountSid(PSID psid)
176	{
177	dprintf(("NTDLL: RtlSubAUthorityCountSid(%08xh)\n",
178	psid));
179
180	return ((LPBYTE)psid)+1;
181	}
182
183
184	/**************************************************************************
185	* RtlCopySid [NTDLL.302]
186	*/
187	DWORD WINAPI RtlCopySid(DWORD len,
188	PSID to,
189	PSID from)
190	{
191	dprintf(("NTDLL: RtlCopySid(%08xh,%08xh,%08xh)\n",
192	len,
193	to,
194	from));
195
196	if (!from)
197	return 0;
198
199	if (len<(from->SubAuthorityCount*4+8))
200	return STATUS_BUFFER_TOO_SMALL;
201
202	memmove(to,
203	from,
204	from->SubAuthorityCount*4+8);
205
206	return STATUS_SUCCESS;
207	}
208
209
210	/*
211	* security descriptor functions
212	*/
213
214	/**************************************************************************
215	* RtlCreateSecurityDescriptor [NTDLL.313]
216	*
217	* RETURNS:
218	* 0 success,
219	* STATUS_INVALID_OWNER, STATUS_PRIVILEGE_NOT_HELD, STATUS_NO_INHERITANCE,
220	* STATUS_NO_MEMORY
221	*/
222	NTSTATUS WINAPI RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR lpsd,
223	DWORD rev)
224	{
225	dprintf(("NTDLL: RtlCreateSecurityDescriptor(%08xh,%08xh)\n",
226	lpsd,
227	rev));
228
229	if (rev!=SECURITY_DESCRIPTOR_REVISION)
230	return STATUS_UNKNOWN_REVISION;
231
232	memset(lpsd,
233	'\0',
234	sizeof(*lpsd));
235
236	lpsd->Revision = SECURITY_DESCRIPTOR_REVISION;
237
238	return STATUS_SUCCESS;
239	}
240
241
242	/**************************************************************************
243	* RtlValidSecurityDescriptor [NTDLL.313]
244	*
245	*/
246	NTSTATUS WINAPI RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
247	{
248	dprintf(("NTDLL: RtlValidSecurityDescriptor(%08xh)\n",
249	SecurityDescriptor));
250
251	if ( ! SecurityDescriptor )
252	return STATUS_INVALID_SECURITY_DESCR;
253
254	if ( SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION )
255	return STATUS_UNKNOWN_REVISION;
256
257	return STATUS_SUCCESS;
258	}
259
260
261	/**************************************************************************
262	* RtlLengthSecurityDescriptor [NTDLL]
263	*/
264	ULONG WINAPI RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
265	{
266	ULONG Size;
267
268	dprintf(("NTDLL: RtlLengthSecurityDescriptor(%08xh)\n",
269	SecurityDescriptor));
270
271	Size = SECURITY_DESCRIPTOR_MIN_LENGTH;
272	if ( SecurityDescriptor == NULL )
273	return 0;
274
275	if ( SecurityDescriptor->Owner != NULL )
276	Size += SecurityDescriptor->Owner->SubAuthorityCount;
277	if ( SecurityDescriptor->Group != NULL )
278	Size += SecurityDescriptor->Group->SubAuthorityCount;
279
280
281	if ( SecurityDescriptor->Sacl != NULL )
282	Size += SecurityDescriptor->Sacl->AclSize;
283	if ( SecurityDescriptor->Dacl != NULL )
284	Size += SecurityDescriptor->Dacl->AclSize;
285
286	return Size;
287	}
288
289	/******************************************************************************
290	* RtlGetDaclSecurityDescriptor [NTDLL]
291	*
292	*/
293	NTSTATUS WINAPI RtlGetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor,
294	PBOOLEAN lpbDaclPresent,
295	PACL *pDacl,
296	PBOOLEAN lpbDaclDefaulted)
297	{
298	dprintf(("NTDLL: RtlGetDaclSecurityDescriptor(%08xh,%08xh,%08xh,%08xh)\n",
299	pSecurityDescriptor,
300	lpbDaclPresent,
301	pDacl,
302	lpbDaclDefaulted));
303
304	if (pSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
305	return STATUS_UNKNOWN_REVISION ;
306
307	*lpbDaclPresent = (SE_DACL_PRESENT & pSecurityDescriptor->Control);
308	if (*lpbDaclPresent ? 1 : 0)
309	{
310	if ( SE_SELF_RELATIVE & pSecurityDescriptor->Control)
311	{
312	*pDacl = (PACL) ((LPBYTE)pSecurityDescriptor + (DWORD)pSecurityDescriptor->Dacl);
313	}
314	else
315	{
316	*pDacl = pSecurityDescriptor->Dacl;
317	}
318	}
319
320	*lpbDaclDefaulted = (( SE_DACL_DEFAULTED & pSecurityDescriptor->Control ) ? 1 : 0);
321
322	return STATUS_SUCCESS;
323	}
324
325
326	/**************************************************************************
327	* RtlSetDaclSecurityDescriptor [NTDLL.483]
328	*/
329	NTSTATUS WINAPI RtlSetDaclSecurityDescriptor (PSECURITY_DESCRIPTOR lpsd,
330	BOOLEAN daclpresent,
331	PACL dacl,
332	BOOLEAN dacldefaulted)
333	{
334	dprintf(("NTDLL: RtlSetDaclSecurityDescriptor(%08xh,%08xh,%08xh,%08xh)\n",
335	lpsd,
336	daclpresent,
337	dacl,
338	dacldefaulted));
339
340	if (lpsd->Revision!=SECURITY_DESCRIPTOR_REVISION)
341	return STATUS_UNKNOWN_REVISION;
342	if (lpsd->Control & SE_SELF_RELATIVE)
343	return STATUS_INVALID_SECURITY_DESCR;
344
345	if (!daclpresent)
346	{
347	lpsd->Control &= ~SE_DACL_PRESENT;
348	return TRUE;
349	}
350
351	lpsd->Control \|= SE_DACL_PRESENT;
352	lpsd->Dacl = dacl;
353
354	if (dacldefaulted)
355	lpsd->Control \|= SE_DACL_DEFAULTED;
356	else
357	lpsd->Control &= ~SE_DACL_DEFAULTED;
358
359	return STATUS_SUCCESS;
360	}
361
362
363	/******************************************************************************
364	* RtlGetSaclSecurityDescriptor [NTDLL]
365	*
366	*/
367	NTSTATUS WINAPI RtlGetSaclSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor,
368	PBOOLEAN lpbSaclPresent,
369	PACL *pSacl,
370	PBOOLEAN lpbSaclDefaulted)
371	{
372	dprintf(("NTDLL: RtlGetSaclSecurityDescriptor(%08xh,%08xh,%08xh,%08xh)\n",
373	pSecurityDescriptor,
374	lpbSaclPresent,
375	pSacl,
376	lpbSaclDefaulted));
377
378	if (pSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
379	return STATUS_UNKNOWN_REVISION ;
380
381	*lpbSaclPresent = (SE_SACL_PRESENT & pSecurityDescriptor->Control);
382	if (*lpbSaclPresent ? 1 : 0)
383	{
384	if ( SE_SELF_RELATIVE & pSecurityDescriptor->Control)
385	{
386	*pSacl = (PACL) ((LPBYTE)pSecurityDescriptor + (DWORD)pSecurityDescriptor->Sacl);
387	}
388	else
389	{
390	*pSacl = pSecurityDescriptor->Sacl;
391	}
392	}
393
394	*lpbSaclDefaulted = (( SE_SACL_DEFAULTED & pSecurityDescriptor->Control ) ? 1 : 0);
395
396	return STATUS_SUCCESS;
397	}
398
399
400	/**************************************************************************
401	* RtlSetSaclSecurityDescriptor [NTDLL.488]
402	*/
403	NTSTATUS WINAPI RtlSetSaclSecurityDescriptor (PSECURITY_DESCRIPTOR lpsd,
404	BOOLEAN saclpresent,
405	PACL sacl,
406	BOOLEAN sacldefaulted)
407	{
408	dprintf(("NTDLL: RtlSetSaclSecurityDescriptor(%08xh,%08xh,%08xh,%08xh)\n",
409	lpsd,
410	saclpresent,
411	sacl,
412	sacldefaulted));
413
414	if (lpsd->Revision!=SECURITY_DESCRIPTOR_REVISION)
415	return STATUS_UNKNOWN_REVISION;
416
417	if (lpsd->Control & SE_SELF_RELATIVE)
418	return STATUS_INVALID_SECURITY_DESCR;
419
420	if (!saclpresent)
421	{
422	lpsd->Control &= ~SE_SACL_PRESENT;
423	return 0;
424	}
425
426	lpsd->Control \|= SE_SACL_PRESENT;
427	lpsd->Sacl = sacl;
428
429	if (sacldefaulted)
430	lpsd->Control \|= SE_SACL_DEFAULTED;
431	else
432	lpsd->Control &= ~SE_SACL_DEFAULTED;
433
434	return STATUS_SUCCESS;
435	}
436
437
438	/**************************************************************************
439	* RtlGetOwnerSecurityDescriptor [NTDLL.488]
440	*/
441	NTSTATUS WINAPI RtlGetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
442	PSID *Owner,
443	PBOOLEAN OwnerDefaulted)
444	{
445	dprintf(("NTDLL: RtlGetOwnerSecurityDescriptor(%08xh,%08xh,%08xh)\n",
446	SecurityDescriptor,
447	Owner,
448	OwnerDefaulted));
449
450	if ( !SecurityDescriptor \|\| !Owner \|\| !OwnerDefaulted )
451	return STATUS_INVALID_PARAMETER;
452
453	*Owner = SecurityDescriptor->Owner;
454	if ( *Owner != NULL )
455	{
456	if ( SecurityDescriptor->Control & SE_OWNER_DEFAULTED )
457	*OwnerDefaulted = TRUE;
458	else
459	*OwnerDefaulted = FALSE;
460	}
461
462	return STATUS_SUCCESS;
463	}
464
465
466	/**************************************************************************
467	* RtlSetOwnerSecurityDescriptor [NTDLL.487]
468	*/
469	NTSTATUS WINAPI RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR lpsd,
470	PSID owner,
471	BOOLEAN ownerdefaulted)
472	{
473	dprintf(("NTDLL: RtlSetOwnerSecurityDescriptor(%08x,%08xh,%08xh)\n",
474	lpsd,
475	owner,
476	ownerdefaulted));
477
478	if (lpsd->Revision!=SECURITY_DESCRIPTOR_REVISION)
479	return STATUS_UNKNOWN_REVISION;
480	if (lpsd->Control & SE_SELF_RELATIVE)
481	return STATUS_INVALID_SECURITY_DESCR;
482
483	lpsd->Owner = owner;
484	if (ownerdefaulted)
485	lpsd->Control \|= SE_OWNER_DEFAULTED;
486	else
487	lpsd->Control &= ~SE_OWNER_DEFAULTED;
488
489	return STATUS_SUCCESS;
490	}
491
492
493	/**************************************************************************
494	* RtlSetGroupSecurityDescriptor [NTDLL.485]
495	*/
496	NTSTATUS WINAPI RtlSetGroupSecurityDescriptor (PSECURITY_DESCRIPTOR lpsd,
497	PSID group,
498	BOOLEAN groupdefaulted)
499	{
500	dprintf(("NTDLL: RtlSetGroupSecurityDescriptor(%08xh,%08xh,%08xh)\n",
501	lpsd,
502	group,
503	groupdefaulted));
504
505	if (lpsd->Revision!=SECURITY_DESCRIPTOR_REVISION)
506	return STATUS_UNKNOWN_REVISION;
507	if (lpsd->Control & SE_SELF_RELATIVE)
508	return STATUS_INVALID_SECURITY_DESCR;
509
510	lpsd->Group = group;
511	if (groupdefaulted)
512	lpsd->Control \|= SE_GROUP_DEFAULTED;
513	else
514	lpsd->Control &= ~SE_GROUP_DEFAULTED;
515
516	return STATUS_SUCCESS;
517	}
518
519
520	/**************************************************************************
521	* RtlGetGroupSecurityDescriptor [NTDLL]
522	*/
523	NTSTATUS WINAPI RtlGetGroupSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
524	PSID *Group,
525	PBOOLEAN GroupDefaulted)
526	{
527	dprintf(("NTDLL: RtlGetGroupSecurityDescriptor(%08xh,%08xh,%08xh)\n",
528	SecurityDescriptor,
529	Group,
530	GroupDefaulted));
531
532	if ( !SecurityDescriptor \|\| !Group \|\| !GroupDefaulted )
533	return STATUS_INVALID_PARAMETER;
534
535	*Group = SecurityDescriptor->Group;
536	if ( *Group != NULL )
537	{
538	if ( SecurityDescriptor->Control & SE_GROUP_DEFAULTED )
539	*GroupDefaulted = TRUE;
540	else
541	*GroupDefaulted = FALSE;
542	}
543
544	return STATUS_SUCCESS;
545	}
546
547
548	/*
549	* access control list's
550	*/
551
552	/**************************************************************************
553	* RtlCreateAcl [NTDLL.306]
554	*
555	* NOTES
556	* This should return NTSTATUS
557	*/
558	DWORD WINAPI RtlCreateAcl(PACL acl,
559	DWORD size,
560	DWORD rev)
561	{
562	dprintf(("NTDLL: RtlCreateAcl(%08xh,%08xh,%08xh)\n",
563	acl,
564	size,
565	rev));
566
567	if (rev!=ACL_REVISION)
568	return STATUS_INVALID_PARAMETER;
569	if (size<sizeof(ACL))
570	return STATUS_BUFFER_TOO_SMALL;
571	if (size>0xFFFF)
572	return STATUS_INVALID_PARAMETER;
573
574	memset(acl,'\0',sizeof(ACL));
575	acl->AclRevision = rev;
576	acl->AclSize = size;
577	acl->AceCount = 0;
578
579	return 0;
580	}
581
582
583	/**************************************************************************
584	* RtlFirstFreeAce [NTDLL.370]
585	* looks for the AceCount+1 ACE, and if it is still within the alloced
586	* ACL, return a pointer to it
587	*/
588	BOOLEAN WINAPI RtlFirstFreeAce(PACL acl,
589	PACE_HEADER *x)
590	{
591	PACE_HEADER ace;
592	int i;
593
594	dprintf(("NTDLL: RtlFirstFreeAct(%08xh,%08xh)\n",
595	acl,
596	x));
597
598	*x = 0;
599	ace = (PACE_HEADER)(acl+1);
600	for (i=0;
601	i<acl->AceCount;
602	i++)
603	{
604	if ((DWORD)ace>=(((DWORD)acl)+acl->AclSize))
605	return 0;
606
607	ace = (PACE_HEADER)(((BYTE*)ace)+ace->AceSize);
608	}
609
610	if ((DWORD)ace>=(((DWORD)acl)+acl->AclSize))
611	return 0;
612
613	*x = ace;
614	return 1;
615	}
616
617
618	/**************************************************************************
619	* RtlAddAce [NTDLL.260]
620	*/
621	NTSTATUS WINAPI RtlAddAce(PACL acl,
622	DWORD rev,
623	DWORD xnrofaces,
624	PACE_HEADER acestart,
625	DWORD acelen)
626	{
627	PACE_HEADER ace,targetace;
628	int nrofaces;
629
630	dprintf(("NTDLL: RtlAddAce(%08xh,%08xh,%08xh,%08xh,%08xh)\n",
631	acl,
632	rev,
633	xnrofaces,
634	acestart,
635	acelen));
636
637	if (acl->AclRevision != ACL_REVISION)
638	return STATUS_INVALID_PARAMETER;
639
640	if (!RtlFirstFreeAce(acl,&targetace))
641	return STATUS_INVALID_PARAMETER;
642
643	nrofaces=0;
644	ace=acestart;
645
646	while (((DWORD)ace-(DWORD)acestart)<acelen)
647	{
648	nrofaces++;
649	ace = (PACE_HEADER)(((BYTE*)ace)+ace->AceSize);
650	}
651
652	if ((DWORD)targetace+acelen>(DWORD)acl+acl->AclSize) /* too much aces */
653	return STATUS_INVALID_PARAMETER;
654
655	memcpy((LPBYTE)targetace,acestart,acelen);
656	acl->AceCount+=nrofaces;
657
658	return STATUS_SUCCESS;
659	}
660
661
662	/******************************************************************************
663	* RtlAddAccessAllowedAce [NTDLL]
664	*/
665	DWORD WINAPI RtlAddAccessAllowedAce(DWORD x1,
666	DWORD x2,
667	DWORD x3,
668	DWORD x4)
669	{
670	dprintf(("NTDLL: RtlAddAccessAllowedAce(%08xh,%08xh,%08xh,%08xh) not implemented.\n",
671	x1,
672	x2,
673	x3,
674	x4));
675
676	return 0;
677	}
678
679
680	/******************************************************************************
681	* RtlGetAce [NTDLL]
682	*/
683	DWORD WINAPI RtlGetAce(PACL pAcl,
684	DWORD dwAceIndex,
685	LPVOID *pAce )
686	{
687	dprintf(("NTDLL: RtlGetAce(%08x,%08x,%08x) not implemented.\n",
688	pAcl,
689	dwAceIndex,
690	pAce));
691
692	return 0;
693	}
694
695
696	/*
697	* misc
698	*/
699
700	/******************************************************************************
701	* RtlAdjustPrivilege [NTDLL]
702	*/
703	DWORD WINAPI RtlAdjustPrivilege(DWORD x1,
704	DWORD x2,
705	DWORD x3,
706	DWORD x4)
707	{
708	dprintf(("NTDLL: RtlAdjustPrivilege(%08xh,%08xh,%08xh,%08xh) not implemented.\n",
709	x1,
710	x2,
711	x3,
712	x4));
713
714	return 0;
715	}
716

Note: See TracBrowser for help on using the repository browser.

Download in other formats: