source: trunk/src/advapi32/security.c

Last change on this file was 21362, checked in by vladest, 15 years ago

ADVAPI32:

  • added cred.c, recuired for security interface
  • added some externals, required for security interface
File size: 32.2 KB
Line 
1/*
2 * dlls/advapi32/security.c
3 * FIXME: for all functions thunking down to Rtl* functions: implement SetLastError()
4 */
5#include <string.h>
6
7#include "windef.h"
8#include "winerror.h"
9#include "heap.h"
10#include "ntddk.h"
11#include "ntstatus.h"
12#include "ntsecapi.h"
13#include "sddl.h"
14//#include "wine/debug.h"
15#include "debugtools.h"
16#include "wine/unicode.h"
17
18#ifdef __WIN32OS2__
19//#include <heapstring.h>
20LPWSTR WIN32API HEAP_strdupAtoW( HANDLE heap, DWORD flags, LPCSTR str );
21#endif
22
23WINE_DEFAULT_DEBUG_CHANNEL(advapi);
24
25
26/* set last error code from NT status and get the proper boolean return value */
27/* used for functions that are a simple wrapper around the corresponding ntdll API */
28static inline BOOL set_ntstatus( NTSTATUS status )
29{
30 if (status) SetLastError( RtlNtStatusToDosError( status ));
31 return !status;
32 }
33
34static void dumpLsaAttributes( PLSA_OBJECT_ATTRIBUTES oa )
35{
36 if (oa)
37 {
38 TRACE("\n\tlength=%lu, rootdir=%p, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
39 oa->Length, oa->RootDirectory,
40 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
41 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
42 }
43}
44
45/* ##############################
46 ###### TOKEN FUNCTIONS ######
47 ##############################
48*/
49
50/******************************************************************************
51 * OpenProcessToken [ADVAPI32.@]
52 * Opens the access token associated with a process handle.
53 *
54 * PARAMS
55 * ProcessHandle [I] Handle to process
56 * DesiredAccess [I] Desired access to process
57 * TokenHandle [O] Pointer to handle of open access token
58 *
59 * RETURNS
60 * Success: TRUE. TokenHandle contains the access token.
61 * Failure: FALSE.
62 *
63 * NOTES
64 * See NtOpenProcessToken.
65 */
66BOOL WINAPI
67OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
68 HANDLE *TokenHandle )
69{
70 return set_ntstatus(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
71}
72
73/******************************************************************************
74 * OpenThreadToken [ADVAPI32.@]
75 *
76 * Opens the access token associated with a thread handle.
77 *
78 * PARAMS
79 * ThreadHandle [I] Handle to process
80 * DesiredAccess [I] Desired access to the thread
81 * OpenAsSelf [I] ???
82 * TokenHandle [O] Destination for the token handle
83 *
84 * RETURNS
85 * Success: TRUE. TokenHandle contains the access token.
86 * Failure: FALSE.
87 *
88 * NOTES
89 * See NtOpenThreadToken.
90 */
91BOOL WINAPI
92OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
93 BOOL OpenAsSelf, HANDLE *TokenHandle)
94{
95 return set_ntstatus( NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
96}
97
98/******************************************************************************
99 * AdjustTokenPrivileges [ADVAPI32.@]
100 *
101 * Adjust the privileges of an open token handle.
102 *
103 * PARAMS
104 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
105 * DisableAllPrivileges [I] TRUE=Remove all privileges, FALSE=Use NewState
106 * NewState [I] Desired new privileges of the token
107 * BufferLength [I] Length of NewState
108 * PreviousState [O] Destination for the previous state
109 * ReturnLength [I/O] Size of PreviousState
110 *
111 *
112 * RETURNS
113 * Success: TRUE. Privileges are set to NewState and PreviousState is updated.
114 * Failure: FALSE.
115 *
116 * NOTES
117 * See NtAdjustPrivilegesToken.
118 */
119BOOL WINAPI
120AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
121 LPVOID NewState, DWORD BufferLength,
122 LPVOID PreviousState, LPDWORD ReturnLength )
123{
124 return set_ntstatus( NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges,
125 NewState, BufferLength, PreviousState,
126 ReturnLength));
127}
128
129/******************************************************************************
130 * CheckTokenMembership [ADVAPI32.@]
131 *
132 * Determine if an access token is a member of a SID.
133 *
134 * PARAMS
135 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
136 * SidToCheck [I] SID that possibly contains the token
137 * IsMember [O] Destination for result.
138 *
139 * RETURNS
140 * Success: TRUE. IsMember is TRUE if TokenHandle is a member, FALSE otherwise.
141 * Failure: FALSE.
142 */
143BOOL WINAPI
144CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
145 PBOOL IsMember )
146{
147 FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
148
149 *IsMember = TRUE;
150 return(TRUE);
151}
152
153/******************************************************************************
154 * GetTokenInformation [ADVAPI32.@]
155 *
156 * PARAMS
157 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
158 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
159 * tokeninfo [O] Destination for token information
160 * tokeninfolength [I] Length of tokeninfo
161 * retlen [O] Destination for returned token information length
162 *
163 * RETURNS
164 * Success: TRUE. tokeninfo contains retlen bytes of token information
165 * Failure: FALSE.
166 *
167 * NOTES
168 * See NtQueryInformationToken.
169 */
170BOOL WINAPI
171GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
172 LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
173{
174 return set_ntstatus (NtQueryInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength, retlen));
175}
176
177/*************************************************************************
178 * SetThreadToken [ADVAPI32.@]
179 *
180 * Assigns an 'impersonation token' to a thread so it can assume the
181 * security privileges of another thread or process. Can also remove
182 * a previously assigned token.
183 *
184 * PARAMS
185 * thread [O] Handle to thread to set the token for
186 * token [I] Token to set
187 *
188 * RETURNS
189 * Success: TRUE. The threads access token is set to token
190 * Failure: FALSE.
191 *
192 * NOTES
193 * Only supported on NT or higher. On Win9X this function does nothing.
194 * See SetTokenInformation.
195 */
196BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
197{
198#ifdef __WIN32OS2__
199
200 dprintf(("SetThreadToken %x %x NOT IMPLEMENTED (FAKED)", thread, token));
201 return TRUE; //pretend it succeeded
202#else
203 FIXME("(%p, %x): stub (NT impl. only)\n", thread, token);
204
205 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
206
207 return FALSE;
208#endif
209}
210
211/* ##############################
212 ###### SID FUNCTIONS ######
213 ##############################
214*/
215
216/******************************************************************************
217 * AllocateAndInitializeSid [ADVAPI32.@]
218 *
219 * PARAMS
220 * pIdentifierAuthority []
221 * nSubAuthorityCount []
222 * nSubAuthority0 []
223 * nSubAuthority1 []
224 * nSubAuthority2 []
225 * nSubAuthority3 []
226 * nSubAuthority4 []
227 * nSubAuthority5 []
228 * nSubAuthority6 []
229 * nSubAuthority7 []
230 * pSid []
231 */
232BOOL WINAPI
233AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
234 BYTE nSubAuthorityCount,
235 DWORD nSubAuthority0, DWORD nSubAuthority1,
236 DWORD nSubAuthority2, DWORD nSubAuthority3,
237 DWORD nSubAuthority4, DWORD nSubAuthority5,
238 DWORD nSubAuthority6, DWORD nSubAuthority7,
239 PSID *pSid )
240{
241 return RtlAllocateAndInitializeSid(
242 pIdentifierAuthority, nSubAuthorityCount,
243 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
244 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
245 pSid );
246}
247
248/******************************************************************************
249 * FreeSid [ADVAPI32.@]
250 *
251 * PARAMS
252 * pSid []
253 */
254PVOID WINAPI
255FreeSid( PSID pSid )
256{
257 RtlFreeSid(pSid);
258 return NULL; /* is documented like this */
259}
260
261/******************************************************************************
262 * CopySid [ADVAPI32.@]
263 *
264 * PARAMS
265 * nDestinationSidLength []
266 * pDestinationSid []
267 * pSourceSid []
268 */
269BOOL WINAPI
270CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
271{
272 return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
273}
274
275/******************************************************************************
276 * IsValidSid [ADVAPI32.@]
277 *
278 * PARAMS
279 * pSid []
280 */
281BOOL WINAPI
282IsValidSid( PSID pSid )
283{
284 return RtlValidSid( pSid );
285}
286
287/******************************************************************************
288 * EqualSid [ADVAPI32.@]
289 *
290 * PARAMS
291 * pSid1 []
292 * pSid2 []
293 */
294BOOL WINAPI
295EqualSid( PSID pSid1, PSID pSid2 )
296{
297 return RtlEqualSid( pSid1, pSid2 );
298}
299
300/******************************************************************************
301 * EqualPrefixSid [ADVAPI32.@]
302 */
303BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
304{
305 return RtlEqualPrefixSid(pSid1, pSid2);
306}
307
308/******************************************************************************
309 * GetSidLengthRequired [ADVAPI32.@]
310 *
311 * PARAMS
312 * nSubAuthorityCount []
313 */
314DWORD WINAPI
315GetSidLengthRequired( BYTE nSubAuthorityCount )
316{
317 return RtlLengthRequiredSid(nSubAuthorityCount);
318}
319
320/******************************************************************************
321 * InitializeSid [ADVAPI32.@]
322 *
323 * PARAMS
324 * pIdentifierAuthority []
325 */
326BOOL WINAPI
327InitializeSid (
328 PSID pSid,
329 PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
330 BYTE nSubAuthorityCount)
331{
332 return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
333}
334
335/******************************************************************************
336 * GetSidIdentifierAuthority [ADVAPI32.@]
337 *
338 * PARAMS
339 * pSid []
340 */
341PSID_IDENTIFIER_AUTHORITY WINAPI
342GetSidIdentifierAuthority( PSID pSid )
343{
344 return RtlIdentifierAuthoritySid(pSid);
345}
346
347/******************************************************************************
348 * GetSidSubAuthority [ADVAPI32.@]
349 *
350 * PARAMS
351 * pSid []
352 * nSubAuthority []
353 */
354PDWORD WINAPI
355GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
356{
357 return RtlSubAuthoritySid(pSid, nSubAuthority);
358}
359
360/******************************************************************************
361 * GetSidSubAuthorityCount [ADVAPI32.@]
362 *
363 * PARAMS
364 * pSid []
365 */
366PUCHAR WINAPI
367GetSidSubAuthorityCount (PSID pSid)
368{
369 return RtlSubAuthorityCountSid(pSid);
370}
371
372/******************************************************************************
373 * GetLengthSid [ADVAPI32.@]
374 *
375 * PARAMS
376 * pSid []
377 */
378DWORD WINAPI
379GetLengthSid (PSID pSid)
380{
381 if(!IsValidSid(pSid)) return 0;
382
383 return RtlLengthSid(pSid);
384}
385
386/* ##############################################
387 ###### SECURITY DESCRIPTOR FUNCTIONS ######
388 ##############################################
389*/
390
391/******************************************************************************
392 * InitializeSecurityDescriptor [ADVAPI32.@]
393 *
394 * PARAMS
395 * pDescr []
396 * revision []
397 */
398BOOL WINAPI
399InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR pDescr, DWORD revision )
400{
401 return set_ntstatus( RtlCreateSecurityDescriptor(pDescr, revision ));
402}
403
404
405/******************************************************************************
406 * GetSecurityDescriptorLength [ADVAPI32.@]
407 */
408DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR pDescr)
409{
410 return RtlLengthSecurityDescriptor(pDescr);
411}
412
413/******************************************************************************
414 * GetSecurityDescriptorOwner [ADVAPI32.@]
415 *
416 * PARAMS
417 * pOwner []
418 * lpbOwnerDefaulted []
419 */
420BOOL WINAPI
421GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pDescr, PSID *pOwner,
422 LPBOOL lpbOwnerDefaulted )
423{
424 BOOLEAN defaulted;
425 BOOL ret = set_ntstatus( RtlGetOwnerSecurityDescriptor( pDescr, pOwner, &defaulted ));
426 *lpbOwnerDefaulted = defaulted;
427 return ret;
428}
429
430/******************************************************************************
431 * SetSecurityDescriptorOwner [ADVAPI32.@]
432 *
433 * PARAMS
434 */
435BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
436 PSID pOwner, BOOL bOwnerDefaulted)
437{
438 return set_ntstatus( RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
439}
440/******************************************************************************
441 * GetSecurityDescriptorGroup [ADVAPI32.@]
442 */
443BOOL WINAPI GetSecurityDescriptorGroup(
444 PSECURITY_DESCRIPTOR SecurityDescriptor,
445 PSID *Group,
446 LPBOOL GroupDefaulted)
447{
448 BOOLEAN defaulted;
449 BOOL ret = set_ntstatus( RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, &defaulted ));
450 *GroupDefaulted = defaulted;
451 return ret;
452}
453/******************************************************************************
454 * SetSecurityDescriptorGroup [ADVAPI32.@]
455 */
456BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
457 PSID Group, BOOL GroupDefaulted)
458{
459 return set_ntstatus( RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
460}
461
462/******************************************************************************
463 * IsValidSecurityDescriptor [ADVAPI32.@]
464 *
465 * PARAMS
466 * lpsecdesc []
467 */
468BOOL WINAPI
469IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
470{
471 return set_ntstatus( RtlValidSecurityDescriptor(SecurityDescriptor));
472}
473
474/******************************************************************************
475 * GetSecurityDescriptorDacl [ADVAPI32.@]
476 */
477BOOL WINAPI GetSecurityDescriptorDacl(
478 IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
479 OUT LPBOOL lpbDaclPresent,
480 OUT PACL *pDacl,
481 OUT LPBOOL lpbDaclDefaulted)
482{
483 BOOLEAN present, defaulted;
484 BOOL ret = set_ntstatus( RtlGetDaclSecurityDescriptor(pSecurityDescriptor, &present, pDacl, &defaulted));
485 *lpbDaclPresent = present;
486 *lpbDaclDefaulted = defaulted;
487 return ret;
488}
489
490/******************************************************************************
491 * SetSecurityDescriptorDacl [ADVAPI32.@]
492 */
493BOOL WINAPI
494SetSecurityDescriptorDacl (
495 PSECURITY_DESCRIPTOR lpsd,
496 BOOL daclpresent,
497 PACL dacl,
498 BOOL dacldefaulted )
499{
500 return set_ntstatus( RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ) );
501}
502/******************************************************************************
503 * GetSecurityDescriptorSacl [ADVAPI32.@]
504 */
505BOOL WINAPI GetSecurityDescriptorSacl(
506 IN PSECURITY_DESCRIPTOR lpsd,
507 OUT LPBOOL lpbSaclPresent,
508 OUT PACL *pSacl,
509 OUT LPBOOL lpbSaclDefaulted)
510{
511 BOOLEAN present, defaulted;
512 BOOL ret = set_ntstatus( RtlGetSaclSecurityDescriptor(lpsd, &present, pSacl, &defaulted) );
513 *lpbSaclPresent = present;
514 *lpbSaclDefaulted = defaulted;
515 return ret;
516}
517
518/**************************************************************************
519 * SetSecurityDescriptorSacl [ADVAPI32.@]
520 */
521BOOL WINAPI SetSecurityDescriptorSacl (
522 PSECURITY_DESCRIPTOR lpsd,
523 BOOL saclpresent,
524 PACL lpsacl,
525 BOOL sacldefaulted)
526{
527 return set_ntstatus (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
528}
529/******************************************************************************
530 * MakeSelfRelativeSD [ADVAPI32.@]
531 *
532 * PARAMS
533 * lpabssecdesc []
534 * lpselfsecdesc []
535 * lpbuflen []
536 */
537BOOL WINAPI
538MakeSelfRelativeSD(
539 IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
540 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
541 IN OUT LPDWORD lpdwBufferLength)
542{
543 return set_ntstatus( RtlMakeSelfRelativeSD( pAbsoluteSecurityDescriptor,
544 pSelfRelativeSecurityDescriptor, lpdwBufferLength));
545}
546
547/******************************************************************************
548 * GetSecurityDescriptorControl [ADVAPI32.@]
549 */
550
551BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR pSecurityDescriptor,
552 PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
553{
554 return set_ntstatus (RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
555}
556
557/* ##############################
558 ###### ACL FUNCTIONS ######
559 ##############################
560*/
561
562/*************************************************************************
563 * InitializeAcl [ADVAPI32.@]
564 */
565BOOL WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
566{
567 return set_ntstatus( RtlCreateAcl(acl, size, rev));
568}
569
570/******************************************************************************
571 * AddAccessAllowedAceEx [ADVAPI32.@]
572 */
573BOOL WINAPI AddAccessAllowedAceEx(
574 IN OUT PACL pAcl,
575 IN DWORD dwAceRevision,
576 IN DWORD AceFlags,
577 IN DWORD AccessMask,
578 IN PSID pSid)
579{
580 FIXME("AddAccessAllowedAceEx (%x, %x, %x, %x, %x): stub\n", pAcl, dwAceRevision, AceFlags, AccessMask, pSid);
581 return FALSE;
582// return set_ntstatus(RtlAddAccessAllowedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
583}
584
585/******************************************************************************
586 * GetAce [ADVAPI32.@]
587 */
588BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
589{
590 return set_ntstatus(RtlGetAce(pAcl, dwAceIndex, pAce));
591}
592/* ##############################
593 ###### MISC FUNCTIONS ######
594 ##############################
595*/
596
597/******************************************************************************
598 * LookupPrivilegeValueW [ADVAPI32.@]
599 * Retrieves LUID used on a system to represent the privilege name.
600 *
601 * NOTES
602 * lpLuid should be PLUID
603 *
604 * PARAMS
605 * lpSystemName [I] Address of string specifying the system
606 * lpName [I] Address of string specifying the privilege
607 * lpLuid [I] Address of locally unique identifier
608 *
609 * RETURNS STD
610 */
611BOOL WINAPI
612LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, LPVOID lpLuid )
613{
614 FIXME("(%s,%s,%p): stub\n",debugstr_w(lpSystemName),
615 debugstr_w(lpName), lpLuid);
616 return TRUE;
617}
618
619/******************************************************************************
620 * LookupPrivilegeValueA [ADVAPI32.@]
621 */
622BOOL WINAPI
623LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, LPVOID lpLuid )
624{
625 LPWSTR lpSystemNameW = HEAP_strdupAtoW(GetProcessHeap(), 0, lpSystemName);
626 LPWSTR lpNameW = HEAP_strdupAtoW(GetProcessHeap(), 0, lpName);
627 BOOL ret;
628
629 ret = LookupPrivilegeValueW( lpSystemNameW, lpNameW, lpLuid);
630 HeapFree(GetProcessHeap(), 0, lpNameW);
631 HeapFree(GetProcessHeap(), 0, lpSystemNameW);
632 return ret;
633}
634
635/******************************************************************************
636 * GetFileSecurityA [ADVAPI32.@]
637 *
638 * Obtains Specified information about the security of a file or directory.
639 *
640 * PARAMS
641 * lpFileName [I] Name of the file to get info for
642 * RequestedInformation [I] SE_ flags from "winnt.h"
643 * pSecurityDescriptor [O] Destination for security information
644 * nLength [I] Length of pSecurityDescriptor
645 * lpnLengthNeeded [O] Destination for length of returned security information
646 *
647 * RETURNS
648 * Success: TRUE. pSecurityDescriptor contains the requested information.
649 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
650 *
651 * NOTES
652 * The information returned is constrained by the callers access rights and
653 * privileges.
654 */
655BOOL WINAPI
656GetFileSecurityA( LPCSTR lpFileName,
657 SECURITY_INFORMATION RequestedInformation,
658 PSECURITY_DESCRIPTOR pSecurityDescriptor,
659 DWORD nLength, LPDWORD lpnLengthNeeded )
660{
661 DWORD len;
662 BOOL r;
663 LPWSTR name = NULL;
664
665 if( lpFileName )
666 {
667 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
668 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
669 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
670 }
671
672 r = GetFileSecurityW( name, RequestedInformation, pSecurityDescriptor,
673 nLength, lpnLengthNeeded );
674 HeapFree( GetProcessHeap(), 0, name );
675
676 return r;
677}
678
679/******************************************************************************
680 * GetFileSecurityW [ADVAPI32.@]
681 *
682 * See GetFileSecurityA.
683 */
684BOOL WINAPI
685GetFileSecurityW( LPCWSTR lpFileName,
686 SECURITY_INFORMATION RequestedInformation,
687 PSECURITY_DESCRIPTOR pSecurityDescriptor,
688 DWORD nLength, LPDWORD lpnLengthNeeded )
689{
690 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
691 return TRUE;
692}
693
694
695/******************************************************************************
696 * LookupAccountSidA [ADVAPI32.@]
697 */
698BOOL WINAPI
699LookupAccountSidA(
700 IN LPCSTR system,
701 IN PSID sid,
702 OUT LPSTR account,
703 IN OUT LPDWORD accountSize,
704 OUT LPSTR domain,
705 IN OUT LPDWORD domainSize,
706 OUT PSID_NAME_USE name_use )
707{
708 static const char ac[] = "Administrator";
709 static const char dm[] = "DOMAIN";
710 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
711 debugstr_a(system),sid,
712 account,accountSize,accountSize?*accountSize:0,
713 domain,domainSize,domainSize?*domainSize:0,
714 name_use);
715
716 if (accountSize) *accountSize = strlen(ac)+1;
717 if (account && (*accountSize > strlen(ac)))
718 strcpy(account, ac);
719
720 if (domainSize) *domainSize = strlen(dm)+1;
721 if (domain && (*domainSize > strlen(dm)))
722 strcpy(domain,dm);
723
724 if (name_use) *name_use = SidTypeUser;
725 return TRUE;
726}
727
728/******************************************************************************
729 * LookupAccountSidW [ADVAPI32.@]
730 *
731 * PARAMS
732 * system []
733 * sid []
734 * account []
735 * accountSize []
736 * domain []
737 * domainSize []
738 * name_use []
739 */
740BOOL WINAPI
741LookupAccountSidW(
742 IN LPCWSTR system,
743 IN PSID sid,
744 OUT LPWSTR account,
745 IN OUT LPDWORD accountSize,
746 OUT LPWSTR domain,
747 IN OUT LPDWORD domainSize,
748 OUT PSID_NAME_USE name_use )
749{
750 static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
751 static const WCHAR dm[] = {'D','O','M','A','I','N',0};
752 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
753 debugstr_w(system),sid,
754 account,accountSize,accountSize?*accountSize:0,
755 domain,domainSize,domainSize?*domainSize:0,
756 name_use);
757
758 if (accountSize) *accountSize = strlenW(ac)+1;
759 if (account && (*accountSize > strlenW(ac)))
760 strcpyW(account, ac);
761
762 if (domainSize) *domainSize = strlenW(dm)+1;
763 if (domain && (*domainSize > strlenW(dm)))
764 strcpyW(domain,dm);
765
766 if (name_use) *name_use = SidTypeUser;
767 return TRUE;
768}
769
770/******************************************************************************
771 * SetFileSecurityA [ADVAPI32.@]
772 * Sets the security of a file or directory
773 */
774BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
775 SECURITY_INFORMATION RequestedInformation,
776 PSECURITY_DESCRIPTOR pSecurityDescriptor)
777{
778 FIXME("(%s) : stub\n", debugstr_a(lpFileName));
779 return TRUE;
780}
781
782/******************************************************************************
783 * SetFileSecurityW [ADVAPI32.@]
784 * Sets the security of a file or directory
785 *
786 * PARAMS
787 * lpFileName []
788 * RequestedInformation []
789 * pSecurityDescriptor []
790 */
791BOOL WINAPI
792SetFileSecurityW( LPCWSTR lpFileName,
793 SECURITY_INFORMATION RequestedInformation,
794 PSECURITY_DESCRIPTOR pSecurityDescriptor )
795{
796 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
797 return TRUE;
798}
799
800/******************************************************************************
801 * QueryWindows31FilesMigration [ADVAPI32.@]
802 *
803 * PARAMS
804 * x1 []
805 */
806BOOL WINAPI
807QueryWindows31FilesMigration( DWORD x1 )
808{
809 FIXME("(%ld):stub\n",x1);
810 return TRUE;
811}
812
813/******************************************************************************
814 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
815 *
816 * PARAMS
817 * x1 []
818 * x2 []
819 * x3 []
820 * x4 []
821 */
822BOOL WINAPI
823SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
824 DWORD x4 )
825{
826 FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
827 return TRUE;
828}
829
830/******************************************************************************
831 * LsaOpenPolicy [ADVAPI32.@]
832 *
833 * PARAMS
834 * SystemName [I]
835 * ObjectAttributes [I]
836 * DesiredAccess [I]
837 * PolicyHandle [I/O]
838 */
839NTSTATUS WINAPI
840LsaOpenPolicy(
841 IN PLSA_UNICODE_STRING SystemName,
842 IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
843 IN ACCESS_MASK DesiredAccess,
844 IN OUT PLSA_HANDLE PolicyHandle)
845{
846 FIXME("(%s,%p,0x%08lx,%p):stub\n",
847 SystemName?debugstr_w(SystemName->Buffer):"null",
848 ObjectAttributes, DesiredAccess, PolicyHandle);
849 dumpLsaAttributes(ObjectAttributes);
850 if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
851 return STATUS_SUCCESS;
852}
853
854/******************************************************************************
855 * LsaQueryInformationPolicy [ADVAPI32.@]
856 */
857NTSTATUS WINAPI
858LsaQueryInformationPolicy(
859 IN LSA_HANDLE PolicyHandle,
860 IN POLICY_INFORMATION_CLASS InformationClass,
861 OUT PVOID *Buffer)
862{
863 FIXME("(%p,0x%08x,%p):stub\n",
864 PolicyHandle, InformationClass, Buffer);
865
866 if(!Buffer) return FALSE;
867 switch (InformationClass)
868 {
869 case PolicyAuditEventsInformation: /* 2 */
870 {
871 PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(POLICY_AUDIT_EVENTS_INFO));
872 p->AuditingMode = FALSE; /* no auditing */
873 *Buffer = p;
874 }
875 break;
876 case PolicyPrimaryDomainInformation: /* 3 */
877 case PolicyAccountDomainInformation: /* 5 */
878 {
879 struct di
880 { POLICY_PRIMARY_DOMAIN_INFO ppdi;
881 SID sid;
882 };
883 SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
884
885 struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(xdi));
886 RtlInitUnicodeString(&(xdi->ppdi.Name), HEAP_strdupAtoW(GetProcessHeap(),0,"DOMAIN"));
887 xdi->ppdi.Sid = &(xdi->sid);
888 xdi->sid.Revision = SID_REVISION;
889 xdi->sid.SubAuthorityCount = 1;
890 xdi->sid.IdentifierAuthority = localSidAuthority;
891 xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
892 *Buffer = xdi;
893 }
894 break;
895 case PolicyAuditLogInformation:
896 case PolicyPdAccountInformation:
897 case PolicyLsaServerRoleInformation:
898 case PolicyReplicaSourceInformation:
899 case PolicyDefaultQuotaInformation:
900 case PolicyModificationInformation:
901 case PolicyAuditFullSetInformation:
902 case PolicyAuditFullQueryInformation:
903 case PolicyDnsDomainInformation:
904 {
905 FIXME("category not implemented\n");
906 return FALSE;
907 }
908 }
909 return TRUE;
910}
911
912/******************************************************************************
913 * LsaLookupSids [ADVAPI32.@]
914 */
915
916NTSTATUS WINAPI
917LsaLookupSids(
918 IN LSA_HANDLE PolicyHandle,
919 IN ULONG Count,
920 IN PSID *Sids,
921 OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
922 OUT PLSA_TRANSLATED_NAME *Names )
923{
924 FIXME("%p %lu %p %p %p\n",
925 PolicyHandle, Count, Sids, ReferencedDomains, Names);
926 return FALSE;
927}
928
929/******************************************************************************
930 * LsaFreeMemory [ADVAPI32.@]
931 */
932NTSTATUS WINAPI
933LsaFreeMemory(IN PVOID Buffer)
934{
935 TRACE("(%p)\n",Buffer);
936 return HeapFree(GetProcessHeap(), 0, Buffer);
937}
938/******************************************************************************
939 * LsaClose [ADVAPI32.@]
940 */
941NTSTATUS WINAPI
942LsaClose(IN LSA_HANDLE ObjectHandle)
943{
944 FIXME("(%p):stub\n",ObjectHandle);
945 return 0xc0000000;
946}
947/******************************************************************************
948 * NotifyBootConfigStatus [ADVAPI32.@]
949 *
950 * PARAMS
951 * x1 []
952 */
953BOOL WINAPI
954NotifyBootConfigStatus( DWORD x1 )
955{
956 FIXME("(0x%08lx):stub\n",x1);
957 return 1;
958}
959
960/******************************************************************************
961 * RevertToSelf [ADVAPI32.@]
962 *
963 * PARAMS
964 * void []
965 */
966BOOL WINAPI
967RevertToSelf( void )
968{
969 FIXME("(), stub\n");
970 return TRUE;
971}
972
973/******************************************************************************
974 * ImpersonateSelf [ADVAPI32.@]
975 */
976BOOL WINAPI
977ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
978{
979 return RtlImpersonateSelf(ImpersonationLevel);
980}
981
982/******************************************************************************
983 * AccessCheck [ADVAPI32.@]
984 *
985 * FIXME check cast LPBOOL to PBOOLEAN
986 */
987BOOL WINAPI
988AccessCheck(
989 PSECURITY_DESCRIPTOR SecurityDescriptor,
990 HANDLE ClientToken,
991 DWORD DesiredAccess,
992 PGENERIC_MAPPING GenericMapping,
993 PPRIVILEGE_SET PrivilegeSet,
994 LPDWORD PrivilegeSetLength,
995 LPDWORD GrantedAccess,
996 LPBOOL AccessStatus)
997{
998 return set_ntstatus (NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
999 GenericMapping, PrivilegeSet, PrivilegeSetLength, GrantedAccess, (PBOOLEAN)AccessStatus));
1000}
1001
1002/*************************************************************************
1003 * SetKernelObjectSecurity [ADVAPI32.@]
1004 */
1005BOOL WINAPI SetKernelObjectSecurity (
1006 IN HANDLE Handle,
1007 IN SECURITY_INFORMATION SecurityInformation,
1008 IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1009{
1010 return set_ntstatus (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1011}
1012
1013
1014/******************************************************************************
1015 * AddAccessAllowedAce [ADVAPI32.@]
1016 */
1017BOOL WINAPI AddAccessAllowedAce(
1018 IN OUT PACL pAcl,
1019 IN DWORD dwAceRevision,
1020 IN DWORD AccessMask,
1021 IN PSID pSid)
1022{
1023 return RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid);
1024}
1025
1026/******************************************************************************
1027 * LookupAccountNameA [ADVAPI32.@]
1028 */
1029BOOL WINAPI
1030LookupAccountNameA(
1031 IN LPCSTR system,
1032 IN LPCSTR account,
1033 OUT PSID sid,
1034 OUT LPDWORD cbSid,
1035 LPSTR ReferencedDomainName,
1036 IN OUT LPDWORD cbReferencedDomainName,
1037 OUT PSID_NAME_USE name_use )
1038{
1039 FIXME("(%s,%s,%p,%p,%p,%p,%p), stub.\n",system,account,sid,cbSid,ReferencedDomainName,cbReferencedDomainName,name_use);
1040 return FALSE;
1041}
1042
1043/******************************************************************************
1044 * ConvertSidToStringSidW [ADVAPI32.@]
1045 *
1046 * format of SID string is:
1047 * S-<count>-<auth>-<subauth1>-<subauth2>-<subauth3>...
1048 * where
1049 * <rev> is the revision of the SID encoded as decimal
1050 * <auth> is the identifier authority encoded as hex
1051 * <subauthN> is the subauthority id encoded as decimal
1052 */
1053BOOL WINAPI ConvertSidToStringSidW( PSID pSid, LPWSTR *pstr )
1054{
1055 DWORD sz, i;
1056 LPWSTR str;
1057 WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 };
1058 WCHAR subauthfmt[] = { '-','%','u',0 };
1059 SID* pisid=pSid;
1060
1061 TRACE("%p %p\n", pSid, pstr );
1062
1063 if( !IsValidSid( pSid ) )
1064 return FALSE;
1065
1066 if (pisid->Revision != SDDL_REVISION)
1067 return FALSE;
1068 if (pisid->IdentifierAuthority.Value[0] ||
1069 pisid->IdentifierAuthority.Value[1])
1070 {
1071 FIXME("not matching MS' bugs\n");
1072 return FALSE;
1073 }
1074
1075 sz = 14 + pisid->SubAuthorityCount * 11;
1076 str = (LPWSTR)LocalAlloc( 0, sz*sizeof(WCHAR) );
1077 sprintfW( str, fmt, pisid->Revision, MAKELONG(
1078 MAKEWORD( pisid->IdentifierAuthority.Value[5],
1079 pisid->IdentifierAuthority.Value[4] ),
1080 MAKEWORD( pisid->IdentifierAuthority.Value[3],
1081 pisid->IdentifierAuthority.Value[2] ) ) );
1082 for( i=0; i<pisid->SubAuthorityCount; i++ )
1083 sprintfW( str + strlenW(str), subauthfmt, pisid->SubAuthority[i] );
1084 *pstr = str;
1085
1086 return TRUE;
1087}
1088
1089/******************************************************************************
1090 * ConvertSidToStringSidA [ADVAPI32.@]
1091 */
1092BOOL WINAPI ConvertSidToStringSidA(PSID pSid, LPSTR *pstr)
1093{
1094 LPWSTR wstr = NULL;
1095 LPSTR str;
1096 UINT len;
1097
1098 TRACE("%p %p\n", pSid, pstr );
1099
1100 if( !ConvertSidToStringSidW( pSid, &wstr ) )
1101 return FALSE;
1102
1103 len = WideCharToMultiByte( CP_ACP, 0, wstr, -1, NULL, 0, NULL, NULL );
1104 str = (LPSTR)LocalAlloc( 0, len );
1105 WideCharToMultiByte( CP_ACP, 0, wstr, -1, str, len, NULL, NULL );
1106 LocalFree( (HANDLE)wstr );
1107
1108 *pstr = str;
1109
1110 return TRUE;
1111}
Note: See TracBrowser for help on using the repository browser.