source: trunk/src/advapi32/security.c@ 21353

Last change on this file since 21353 was 21353, checked in by rlwalsh, 16 years ago

eliminate VACPP warning & info msgs - see Ticket #1
File size: 32.6 KB
Line 
1/*
2 * dlls/advapi32/security.c
3 * FIXME: for all functions thunking down to Rtl* functions: implement SetLastError()
4 */
5#include <string.h>
6
7#include "windef.h"
8#include "winerror.h"
9#include "heap.h"
10#include "ntddk.h"
11#include "ntstatus.h"
12#include "ntsecapi.h"
13#include "sddl.h"
14//#include "wine/debug.h"
15#include "debugtools.h"
16#include "wine/unicode.h"
17
18#ifdef __WIN32OS2__
19//#include <heapstring.h>
20LPWSTR WIN32API HEAP_strdupAtoW( HANDLE heap, DWORD flags, LPCSTR str );
21#endif
22
23WINE_DEFAULT_DEBUG_CHANNEL(advapi);
24
25
26/* set last error code from NT status and get the proper boolean return value */
27/* used for functions that are a simple wrapper around the corresponding ntdll API */
28static inline BOOL set_ntstatus( NTSTATUS status )
29{
30 if (status) SetLastError( RtlNtStatusToDosError( status ));
31 return !status;
32 }
33
34static void dumpLsaAttributes( PLSA_OBJECT_ATTRIBUTES oa )
35{
36 if (oa)
37 {
38 TRACE("\n\tlength=%lu, rootdir=%p, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
39 oa->Length, oa->RootDirectory,
40 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
41 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
42 }
43}
44
45/* ##############################
46 ###### TOKEN FUNCTIONS ######
47 ##############################
48*/
49
50/******************************************************************************
51 * OpenProcessToken [ADVAPI32.@]
52 * Opens the access token associated with a process handle.
53 *
54 * PARAMS
55 * ProcessHandle [I] Handle to process
56 * DesiredAccess [I] Desired access to process
57 * TokenHandle [O] Pointer to handle of open access token
58 *
59 * RETURNS
60 * Success: TRUE. TokenHandle contains the access token.
61 * Failure: FALSE.
62 *
63 * NOTES
64 * See NtOpenProcessToken.
65 */
66BOOL WINAPI
67OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
68 HANDLE *TokenHandle )
69{
70 return set_ntstatus(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
71}
72
73/******************************************************************************
74 * OpenThreadToken [ADVAPI32.@]
75 *
76 * Opens the access token associated with a thread handle.
77 *
78 * PARAMS
79 * ThreadHandle [I] Handle to process
80 * DesiredAccess [I] Desired access to the thread
81 * OpenAsSelf [I] ???
82 * TokenHandle [O] Destination for the token handle
83 *
84 * RETURNS
85 * Success: TRUE. TokenHandle contains the access token.
86 * Failure: FALSE.
87 *
88 * NOTES
89 * See NtOpenThreadToken.
90 */
91BOOL WINAPI
92OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
93 BOOL OpenAsSelf, HANDLE *TokenHandle)
94{
95 return set_ntstatus( NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
96}
97
98/******************************************************************************
99 * AdjustTokenPrivileges [ADVAPI32.@]
100 *
101 * Adjust the privileges of an open token handle.
102 *
103 * PARAMS
104 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
105 * DisableAllPrivileges [I] TRUE=Remove all privileges, FALSE=Use NewState
106 * NewState [I] Desired new privileges of the token
107 * BufferLength [I] Length of NewState
108 * PreviousState [O] Destination for the previous state
109 * ReturnLength [I/O] Size of PreviousState
110 *
111 *
112 * RETURNS
113 * Success: TRUE. Privileges are set to NewState and PreviousState is updated.
114 * Failure: FALSE.
115 *
116 * NOTES
117 * See NtAdjustPrivilegesToken.
118 */
119BOOL WINAPI
120AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
121 LPVOID NewState, DWORD BufferLength,
122 LPVOID PreviousState, LPDWORD ReturnLength )
123{
124 return set_ntstatus( NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges,
125 NewState, BufferLength, PreviousState,
126 ReturnLength));
127}
128
129/******************************************************************************
130 * CheckTokenMembership [ADVAPI32.@]
131 *
132 * Determine if an access token is a member of a SID.
133 *
134 * PARAMS
135 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
136 * SidToCheck [I] SID that possibly contains the token
137 * IsMember [O] Destination for result.
138 *
139 * RETURNS
140 * Success: TRUE. IsMember is TRUE if TokenHandle is a member, FALSE otherwise.
141 * Failure: FALSE.
142 */
143BOOL WINAPI
144CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
145 PBOOL IsMember )
146{
147 FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
148
149 *IsMember = TRUE;
150 return(TRUE);
151}
152
153/******************************************************************************
154 * GetTokenInformation [ADVAPI32.@]
155 *
156 * PARAMS
157 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
158 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
159 * tokeninfo [O] Destination for token information
160 * tokeninfolength [I] Length of tokeninfo
161 * retlen [O] Destination for returned token information length
162 *
163 * RETURNS
164 * Success: TRUE. tokeninfo contains retlen bytes of token information
165 * Failure: FALSE.
166 *
167 * NOTES
168 * See NtQueryInformationToken.
169 */
170BOOL WINAPI
171GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
172 LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
173{
174 return set_ntstatus (NtQueryInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength, retlen));
175}
176
177/*************************************************************************
178 * SetThreadToken [ADVAPI32.@]
179 *
180 * Assigns an 'impersonation token' to a thread so it can assume the
181 * security privileges of another thread or process. Can also remove
182 * a previously assigned token.
183 *
184 * PARAMS
185 * thread [O] Handle to thread to set the token for
186 * token [I] Token to set
187 *
188 * RETURNS
189 * Success: TRUE. The threads access token is set to token
190 * Failure: FALSE.
191 *
192 * NOTES
193 * Only supported on NT or higher. On Win9X this function does nothing.
194 * See SetTokenInformation.
195 */
196BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
197{
198#ifdef __WIN32OS2__
199
200 dprintf(("SetThreadToken %x %x NOT IMPLEMENTED (FAKED)", thread, token));
201 return TRUE; //pretend it succeeded
202#else
203 FIXME("(%p, %x): stub (NT impl. only)\n", thread, token);
204
205 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
206
207 return FALSE;
208#endif
209}
210
211/* ##############################
212 ###### SID FUNCTIONS ######
213 ##############################
214*/
215
216/******************************************************************************
217 * AllocateAndInitializeSid [ADVAPI32.@]
218 *
219 * PARAMS
220 * pIdentifierAuthority []
221 * nSubAuthorityCount []
222 * nSubAuthority0 []
223 * nSubAuthority1 []
224 * nSubAuthority2 []
225 * nSubAuthority3 []
226 * nSubAuthority4 []
227 * nSubAuthority5 []
228 * nSubAuthority6 []
229 * nSubAuthority7 []
230 * pSid []
231 */
232BOOL WINAPI
233AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
234 BYTE nSubAuthorityCount,
235 DWORD nSubAuthority0, DWORD nSubAuthority1,
236 DWORD nSubAuthority2, DWORD nSubAuthority3,
237 DWORD nSubAuthority4, DWORD nSubAuthority5,
238 DWORD nSubAuthority6, DWORD nSubAuthority7,
239 PSID *pSid )
240{
241 return RtlAllocateAndInitializeSid(
242 pIdentifierAuthority, nSubAuthorityCount,
243 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
244 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
245 pSid );
246}
247
248/******************************************************************************
249 * FreeSid [ADVAPI32.@]
250 *
251 * PARAMS
252 * pSid []
253 */
254PVOID WINAPI
255FreeSid( PSID pSid )
256{
257 RtlFreeSid(pSid);
258 return NULL; /* is documented like this */
259}
260
261/******************************************************************************
262 * CopySid [ADVAPI32.@]
263 *
264 * PARAMS
265 * nDestinationSidLength []
266 * pDestinationSid []
267 * pSourceSid []
268 */
269BOOL WINAPI
270CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
271{
272 return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
273}
274
275/******************************************************************************
276 * IsValidSid [ADVAPI32.@]
277 *
278 * PARAMS
279 * pSid []
280 */
281BOOL WINAPI
282IsValidSid( PSID pSid )
283{
284 return RtlValidSid( pSid );
285}
286
287/******************************************************************************
288 * EqualSid [ADVAPI32.@]
289 *
290 * PARAMS
291 * pSid1 []
292 * pSid2 []
293 */
294BOOL WINAPI
295EqualSid( PSID pSid1, PSID pSid2 )
296{
297 return RtlEqualSid( pSid1, pSid2 );
298}
299
300/******************************************************************************
301 * EqualPrefixSid [ADVAPI32.@]
302 */
303BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
304{
305 return RtlEqualPrefixSid(pSid1, pSid2);
306}
307
308/******************************************************************************
309 * GetSidLengthRequired [ADVAPI32.@]
310 *
311 * PARAMS
312 * nSubAuthorityCount []
313 */
314DWORD WINAPI
315GetSidLengthRequired( BYTE nSubAuthorityCount )
316{
317 return RtlLengthRequiredSid(nSubAuthorityCount);
318}
319
320/******************************************************************************
321 * InitializeSid [ADVAPI32.@]
322 *
323 * PARAMS
324 * pIdentifierAuthority []
325 */
326BOOL WINAPI
327InitializeSid (
328 PSID pSid,
329 PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
330 BYTE nSubAuthorityCount)
331{
332 return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
333}
334
335/******************************************************************************
336 * GetSidIdentifierAuthority [ADVAPI32.@]
337 *
338 * PARAMS
339 * pSid []
340 */
341PSID_IDENTIFIER_AUTHORITY WINAPI
342GetSidIdentifierAuthority( PSID pSid )
343{
344 return RtlIdentifierAuthoritySid(pSid);
345}
346
347/******************************************************************************
348 * GetSidSubAuthority [ADVAPI32.@]
349 *
350 * PARAMS
351 * pSid []
352 * nSubAuthority []
353 */
354PDWORD WINAPI
355GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
356{
357 return RtlSubAuthoritySid(pSid, nSubAuthority);
358}
359
360/******************************************************************************
361 * GetSidSubAuthorityCount [ADVAPI32.@]
362 *
363 * PARAMS
364 * pSid []
365 */
366PUCHAR WINAPI
367GetSidSubAuthorityCount (PSID pSid)
368{
369 return RtlSubAuthorityCountSid(pSid);
370}
371
372/******************************************************************************
373 * GetLengthSid [ADVAPI32.@]
374 *
375 * PARAMS
376 * pSid []
377 */
378DWORD WINAPI
379GetLengthSid (PSID pSid)
380{
381 if(!IsValidSid(pSid)) return 0;
382
383 return RtlLengthSid(pSid);
384}
385
386/* ##############################################
387 ###### SECURITY DESCRIPTOR FUNCTIONS ######
388 ##############################################
389*/
390
391/******************************************************************************
392 * InitializeSecurityDescriptor [ADVAPI32.@]
393 *
394 * PARAMS
395 * pDescr []
396 * revision []
397 */
398BOOL WINAPI
399InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR pDescr, DWORD revision )
400{
401 return set_ntstatus( RtlCreateSecurityDescriptor(pDescr, revision ));
402}
403
404
405/******************************************************************************
406 * GetSecurityDescriptorLength [ADVAPI32.@]
407 */
408DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR pDescr)
409{
410 return RtlLengthSecurityDescriptor(pDescr);
411}
412
413/******************************************************************************
414 * GetSecurityDescriptorOwner [ADVAPI32.@]
415 *
416 * PARAMS
417 * pOwner []
418 * lpbOwnerDefaulted []
419 */
420BOOL WINAPI
421GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pDescr, PSID *pOwner,
422 LPBOOL lpbOwnerDefaulted )
423{
424 BOOLEAN defaulted;
425 BOOL ret = set_ntstatus( RtlGetOwnerSecurityDescriptor( pDescr, pOwner, &defaulted ));
426 *lpbOwnerDefaulted = defaulted;
427 return ret;
428}
429
430/******************************************************************************
431 * SetSecurityDescriptorOwner [ADVAPI32.@]
432 *
433 * PARAMS
434 */
435BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
436 PSID pOwner, BOOL bOwnerDefaulted)
437{
438 return set_ntstatus( RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
439}
440/******************************************************************************
441 * GetSecurityDescriptorGroup [ADVAPI32.@]
442 */
443BOOL WINAPI GetSecurityDescriptorGroup(
444 PSECURITY_DESCRIPTOR SecurityDescriptor,
445 PSID *Group,
446 LPBOOL GroupDefaulted)
447{
448 BOOLEAN defaulted;
449 BOOL ret = set_ntstatus( RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, &defaulted ));
450 *GroupDefaulted = defaulted;
451 return ret;
452}
453/******************************************************************************
454 * SetSecurityDescriptorGroup [ADVAPI32.@]
455 */
456BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
457 PSID Group, BOOL GroupDefaulted)
458{
459 return set_ntstatus( RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
460}
461
462/******************************************************************************
463 * IsValidSecurityDescriptor [ADVAPI32.@]
464 *
465 * PARAMS
466 * lpsecdesc []
467 */
468BOOL WINAPI
469IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
470{
471 return set_ntstatus( RtlValidSecurityDescriptor(SecurityDescriptor));
472}
473
474/******************************************************************************
475 * GetSecurityDescriptorDacl [ADVAPI32.@]
476 */
477BOOL WINAPI GetSecurityDescriptorDacl(
478 IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
479 OUT LPBOOL lpbDaclPresent,
480 OUT PACL *pDacl,
481 OUT LPBOOL lpbDaclDefaulted)
482{
483 BOOLEAN present, defaulted;
484 BOOL ret = set_ntstatus( RtlGetDaclSecurityDescriptor(pSecurityDescriptor, &present, pDacl, &defaulted));
485 *lpbDaclPresent = present;
486 *lpbDaclDefaulted = defaulted;
487 return ret;
488}
489
490/******************************************************************************
491 * SetSecurityDescriptorDacl [ADVAPI32.@]
492 */
493BOOL WINAPI
494SetSecurityDescriptorDacl (
495 PSECURITY_DESCRIPTOR lpsd,
496 BOOL daclpresent,
497 PACL dacl,
498 BOOL dacldefaulted )
499{
500 return set_ntstatus( RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ) );
501}
502/******************************************************************************
503 * GetSecurityDescriptorSacl [ADVAPI32.@]
504 */
505BOOL WINAPI GetSecurityDescriptorSacl(
506 IN PSECURITY_DESCRIPTOR lpsd,
507 OUT LPBOOL lpbSaclPresent,
508 OUT PACL *pSacl,
509 OUT LPBOOL lpbSaclDefaulted)
510{
511 BOOLEAN present, defaulted;
512 BOOL ret = set_ntstatus( RtlGetSaclSecurityDescriptor(lpsd, &present, pSacl, &defaulted) );
513 *lpbSaclPresent = present;
514 *lpbSaclDefaulted = defaulted;
515 return ret;
516}
517
518/**************************************************************************
519 * SetSecurityDescriptorSacl [ADVAPI32.@]
520 */
521BOOL WINAPI SetSecurityDescriptorSacl (
522 PSECURITY_DESCRIPTOR lpsd,
523 BOOL saclpresent,
524 PACL lpsacl,
525 BOOL sacldefaulted)
526{
527 return set_ntstatus (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
528}
529/******************************************************************************
530 * MakeSelfRelativeSD [ADVAPI32.@]
531 *
532 * PARAMS
533 * lpabssecdesc []
534 * lpselfsecdesc []
535 * lpbuflen []
536 */
537BOOL WINAPI
538MakeSelfRelativeSD(
539 IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
540 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
541 IN OUT LPDWORD lpdwBufferLength)
542{
543 return set_ntstatus( RtlMakeSelfRelativeSD( pAbsoluteSecurityDescriptor,
544 pSelfRelativeSecurityDescriptor, lpdwBufferLength));
545}
546
547/******************************************************************************
548 * GetSecurityDescriptorControl [ADVAPI32.@]
549 */
550
551BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR pSecurityDescriptor,
552 PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
553{
554 return set_ntstatus (RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
555}
556
557/* ##############################
558 ###### ACL FUNCTIONS ######
559 ##############################
560*/
561
562/*************************************************************************
563 * InitializeAcl [ADVAPI32.@]
564 */
565BOOL WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
566{
567 return set_ntstatus( RtlCreateAcl(acl, size, rev));
568}
569
570/******************************************************************************
571 * AddAccessAllowedAceEx [ADVAPI32.@]
572 */
573BOOL WINAPI AddAccessAllowedAceEx(
574 IN OUT PACL pAcl,
575 IN DWORD dwAceRevision,
576 IN DWORD AceFlags,
577 IN DWORD AccessMask,
578 IN PSID pSid)
579{
580 FIXME("AddAccessAllowedAceEx (%x, %x, %x, %x, %x): stub\n", pAcl, dwAceRevision, AceFlags, AccessMask, pSid);
581 return FALSE;
582// return set_ntstatus(RtlAddAccessAllowedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
583}
584
585/******************************************************************************
586 * GetAce [ADVAPI32.@]
587 */
588BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
589{
590 return set_ntstatus(RtlGetAce(pAcl, dwAceIndex, pAce));
591}
592/* ##############################
593 ###### MISC FUNCTIONS ######
594 ##############################
595*/
596
597/******************************************************************************
598 * LookupPrivilegeValueW [ADVAPI32.@]
599 * Retrieves LUID used on a system to represent the privilege name.
600 *
601 * NOTES
602 * lpLuid should be PLUID
603 *
604 * PARAMS
605 * lpSystemName [I] Address of string specifying the system
606 * lpName [I] Address of string specifying the privilege
607 * lpLuid [I] Address of locally unique identifier
608 *
609 * RETURNS STD
610 */
611BOOL WINAPI
612LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, LPVOID lpLuid )
613{
614 FIXME("(%s,%s,%p): stub\n",debugstr_w(lpSystemName),
615 debugstr_w(lpName), lpLuid);
616 return TRUE;
617}
618
619/******************************************************************************
620 * LookupPrivilegeValueA [ADVAPI32.@]
621 */
622BOOL WINAPI
623LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, LPVOID lpLuid )
624{
625 LPWSTR lpSystemNameW = HEAP_strdupAtoW(GetProcessHeap(), 0, lpSystemName);
626 LPWSTR lpNameW = HEAP_strdupAtoW(GetProcessHeap(), 0, lpName);
627 BOOL ret;
628
629 ret = LookupPrivilegeValueW( lpSystemNameW, lpNameW, lpLuid);
630 HeapFree(GetProcessHeap(), 0, lpNameW);
631 HeapFree(GetProcessHeap(), 0, lpSystemNameW);
632 return ret;
633}
634
635/******************************************************************************
636 * GetFileSecurityA [ADVAPI32.@]
637 *
638 * Obtains Specified information about the security of a file or directory.
639 *
640 * PARAMS
641 * lpFileName [I] Name of the file to get info for
642 * RequestedInformation [I] SE_ flags from "winnt.h"
643 * pSecurityDescriptor [O] Destination for security information
644 * nLength [I] Length of pSecurityDescriptor
645 * lpnLengthNeeded [O] Destination for length of returned security information
646 *
647 * RETURNS
648 * Success: TRUE. pSecurityDescriptor contains the requested information.
649 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
650 *
651 * NOTES
652 * The information returned is constrained by the callers access rights and
653 * privileges.
654 */
655BOOL WINAPI
656GetFileSecurityA( LPCSTR lpFileName,
657 SECURITY_INFORMATION RequestedInformation,
658 PSECURITY_DESCRIPTOR pSecurityDescriptor,
659 DWORD nLength, LPDWORD lpnLengthNeeded )
660{
661 DWORD len;
662 BOOL r;
663 LPWSTR name = NULL;
664
665 if( lpFileName )
666 {
667 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
668 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
669 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
670 }
671
672 r = GetFileSecurityW( name, RequestedInformation, pSecurityDescriptor,
673 nLength, lpnLengthNeeded );
674 HeapFree( GetProcessHeap(), 0, name );
675
676 return r;
677}
678
679/******************************************************************************
680 * GetFileSecurityW [ADVAPI32.@]
681 *
682 * See GetFileSecurityA.
683 */
684BOOL WINAPI
685GetFileSecurityW( LPCWSTR lpFileName,
686 SECURITY_INFORMATION RequestedInformation,
687 PSECURITY_DESCRIPTOR pSecurityDescriptor,
688 DWORD nLength, LPDWORD lpnLengthNeeded )
689{
690 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
691 return TRUE;
692}
693
694
695/******************************************************************************
696 * LookupAccountSidA [ADVAPI32.@]
697 */
698BOOL WINAPI
699LookupAccountSidA(
700 IN LPCSTR system,
701 IN PSID sid,
702 OUT LPSTR account,
703 IN OUT LPDWORD accountSize,
704 OUT LPSTR domain,
705 IN OUT LPDWORD domainSize,
706 OUT PSID_NAME_USE name_use )
707{
708 static const char ac[] = "Administrator";
709 static const char dm[] = "DOMAIN";
710 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
711 debugstr_a(system),sid,
712 account,accountSize,accountSize?*accountSize:0,
713 domain,domainSize,domainSize?*domainSize:0,
714 name_use);
715
716 if (accountSize) *accountSize = strlen(ac)+1;
717 if (account && (*accountSize > strlen(ac)))
718 strcpy(account, ac);
719
720 if (domainSize) *domainSize = strlen(dm)+1;
721 if (domain && (*domainSize > strlen(dm)))
722 strcpy(domain,dm);
723
724 if (name_use) *name_use = SidTypeUser;
725 return TRUE;
726}
727
728/******************************************************************************
729 * LookupAccountSidW [ADVAPI32.@]
730 *
731 * PARAMS
732 * system []
733 * sid []
734 * account []
735 * accountSize []
736 * domain []
737 * domainSize []
738 * name_use []
739 */
740BOOL WINAPI
741LookupAccountSidW(
742 IN LPCWSTR system,
743 IN PSID sid,
744 OUT LPWSTR account,
745 IN OUT LPDWORD accountSize,
746 OUT LPWSTR domain,
747 IN OUT LPDWORD domainSize,
748 OUT PSID_NAME_USE name_use )
749{
750 static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
751 static const WCHAR dm[] = {'D','O','M','A','I','N',0};
752 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
753 debugstr_w(system),sid,
754 account,accountSize,accountSize?*accountSize:0,
755 domain,domainSize,domainSize?*domainSize:0,
756 name_use);
757
758 if (accountSize) *accountSize = strlenW(ac)+1;
759 if (account && (*accountSize > strlenW(ac)))
760 strcpyW(account, ac);
761
762 if (domainSize) *domainSize = strlenW(dm)+1;
763 if (domain && (*domainSize > strlenW(dm)))
764 strcpyW(domain,dm);
765
766 if (name_use) *name_use = SidTypeUser;
767 return TRUE;
768}
769
770/******************************************************************************
771 * SetFileSecurityA [ADVAPI32.@]
772 * Sets the security of a file or directory
773 */
774BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
775 SECURITY_INFORMATION RequestedInformation,
776 PSECURITY_DESCRIPTOR pSecurityDescriptor)
777{
778 FIXME("(%s) : stub\n", debugstr_a(lpFileName));
779 return TRUE;
780}
781
782/******************************************************************************
783 * SetFileSecurityW [ADVAPI32.@]
784 * Sets the security of a file or directory
785 *
786 * PARAMS
787 * lpFileName []
788 * RequestedInformation []
789 * pSecurityDescriptor []
790 */
791BOOL WINAPI
792SetFileSecurityW( LPCWSTR lpFileName,
793 SECURITY_INFORMATION RequestedInformation,
794 PSECURITY_DESCRIPTOR pSecurityDescriptor )
795{
796 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
797 return TRUE;
798}
799
800/******************************************************************************
801 * QueryWindows31FilesMigration [ADVAPI32.@]
802 *
803 * PARAMS
804 * x1 []
805 */
806BOOL WINAPI
807QueryWindows31FilesMigration( DWORD x1 )
808{
809 FIXME("(%ld):stub\n",x1);
810 return TRUE;
811}
812
813/******************************************************************************
814 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
815 *
816 * PARAMS
817 * x1 []
818 * x2 []
819 * x3 []
820 * x4 []
821 */
822BOOL WINAPI
823SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
824 DWORD x4 )
825{
826 FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
827 return TRUE;
828}
829
830/******************************************************************************
831 * LsaOpenPolicy [ADVAPI32.@]
832 *
833 * PARAMS
834 * SystemName [I]
835 * ObjectAttributes [I]
836 * DesiredAccess [I]
837 * PolicyHandle [I/O]
838 */
839NTSTATUS WINAPI
840LsaOpenPolicy(
841 IN PLSA_UNICODE_STRING SystemName,
842 IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
843 IN ACCESS_MASK DesiredAccess,
844 IN OUT PLSA_HANDLE PolicyHandle)
845{
846 FIXME("(%s,%p,0x%08lx,%p):stub\n",
847 SystemName?debugstr_w(SystemName->Buffer):"null",
848 ObjectAttributes, DesiredAccess, PolicyHandle);
849 dumpLsaAttributes(ObjectAttributes);
850 if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
851 return STATUS_SUCCESS;
852}
853
854/******************************************************************************
855 * LsaQueryInformationPolicy [ADVAPI32.@]
856 */
857NTSTATUS WINAPI
858LsaQueryInformationPolicy(
859 IN LSA_HANDLE PolicyHandle,
860 IN POLICY_INFORMATION_CLASS InformationClass,
861 OUT PVOID *Buffer)
862{
863 FIXME("(%p,0x%08x,%p):stub\n",
864 PolicyHandle, InformationClass, Buffer);
865
866 if(!Buffer) return FALSE;
867 switch (InformationClass)
868 {
869 case PolicyAuditEventsInformation: /* 2 */
870 {
871 PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(POLICY_AUDIT_EVENTS_INFO));
872 p->AuditingMode = FALSE; /* no auditing */
873 *Buffer = p;
874 }
875 break;
876 case PolicyPrimaryDomainInformation: /* 3 */
877 case PolicyAccountDomainInformation: /* 5 */
878 {
879 struct di
880 { POLICY_PRIMARY_DOMAIN_INFO ppdi;
881 SID sid;
882 };
883 SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
884
885 struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(xdi));
886 RtlInitUnicodeString(&(xdi->ppdi.Name), HEAP_strdupAtoW(GetProcessHeap(),0,"DOMAIN"));
887 xdi->ppdi.Sid = &(xdi->sid);
888 xdi->sid.Revision = SID_REVISION;
889 xdi->sid.SubAuthorityCount = 1;
890 xdi->sid.IdentifierAuthority = localSidAuthority;
891 xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
892 *Buffer = xdi;
893 }
894 break;
895 case PolicyAuditLogInformation:
896 case PolicyPdAccountInformation:
897 case PolicyLsaServerRoleInformation:
898 case PolicyReplicaSourceInformation:
899 case PolicyDefaultQuotaInformation:
900 case PolicyModificationInformation:
901 case PolicyAuditFullSetInformation:
902 case PolicyAuditFullQueryInformation:
903 case PolicyDnsDomainInformation:
904 {
905 FIXME("category not implemented\n");
906 return FALSE;
907 }
908 }
909 return TRUE;
910}
911
912/******************************************************************************
913 * LsaLookupSids [ADVAPI32.@]
914 */
915typedef struct
916{
917 SID_NAME_USE Use;
918 LSA_UNICODE_STRING Name;
919 LONG DomainIndex;
920} LSA_TRANSLATED_NAME, *PLSA_TRANSLATED_NAME;
921
922typedef struct
923{
924 LSA_UNICODE_STRING Name;
925 PSID Sid;
926} LSA_TRUST_INFORMATION, *PLSA_TRUST_INFORMATION;
927
928typedef struct
929{
930 ULONG Entries;
931 PLSA_TRUST_INFORMATION Domains;
932} LSA_REFERENCED_DOMAIN_LIST, *PLSA_REFERENCED_DOMAIN_LIST;
933
934NTSTATUS WINAPI
935LsaLookupSids(
936 IN LSA_HANDLE PolicyHandle,
937 IN ULONG Count,
938 IN PSID *Sids,
939 OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
940 OUT PLSA_TRANSLATED_NAME *Names )
941{
942 FIXME("%p %lu %p %p %p\n",
943 PolicyHandle, Count, Sids, ReferencedDomains, Names);
944 return FALSE;
945}
946
947/******************************************************************************
948 * LsaFreeMemory [ADVAPI32.@]
949 */
950NTSTATUS WINAPI
951LsaFreeMemory(IN PVOID Buffer)
952{
953 TRACE("(%p)\n",Buffer);
954 return HeapFree(GetProcessHeap(), 0, Buffer);
955}
956/******************************************************************************
957 * LsaClose [ADVAPI32.@]
958 */
959NTSTATUS WINAPI
960LsaClose(IN LSA_HANDLE ObjectHandle)
961{
962 FIXME("(%p):stub\n",ObjectHandle);
963 return 0xc0000000;
964}
965/******************************************************************************
966 * NotifyBootConfigStatus [ADVAPI32.@]
967 *
968 * PARAMS
969 * x1 []
970 */
971BOOL WINAPI
972NotifyBootConfigStatus( DWORD x1 )
973{
974 FIXME("(0x%08lx):stub\n",x1);
975 return 1;
976}
977
978/******************************************************************************
979 * RevertToSelf [ADVAPI32.@]
980 *
981 * PARAMS
982 * void []
983 */
984BOOL WINAPI
985RevertToSelf( void )
986{
987 FIXME("(), stub\n");
988 return TRUE;
989}
990
991/******************************************************************************
992 * ImpersonateSelf [ADVAPI32.@]
993 */
994BOOL WINAPI
995ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
996{
997 return RtlImpersonateSelf(ImpersonationLevel);
998}
999
1000/******************************************************************************
1001 * AccessCheck [ADVAPI32.@]
1002 *
1003 * FIXME check cast LPBOOL to PBOOLEAN
1004 */
1005BOOL WINAPI
1006AccessCheck(
1007 PSECURITY_DESCRIPTOR SecurityDescriptor,
1008 HANDLE ClientToken,
1009 DWORD DesiredAccess,
1010 PGENERIC_MAPPING GenericMapping,
1011 PPRIVILEGE_SET PrivilegeSet,
1012 LPDWORD PrivilegeSetLength,
1013 LPDWORD GrantedAccess,
1014 LPBOOL AccessStatus)
1015{
1016 return set_ntstatus (NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
1017 GenericMapping, PrivilegeSet, PrivilegeSetLength, GrantedAccess, (PBOOLEAN)AccessStatus));
1018}
1019
1020/*************************************************************************
1021 * SetKernelObjectSecurity [ADVAPI32.@]
1022 */
1023BOOL WINAPI SetKernelObjectSecurity (
1024 IN HANDLE Handle,
1025 IN SECURITY_INFORMATION SecurityInformation,
1026 IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1027{
1028 return set_ntstatus (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1029}
1030
1031
1032/******************************************************************************
1033 * AddAccessAllowedAce [ADVAPI32.@]
1034 */
1035BOOL WINAPI AddAccessAllowedAce(
1036 IN OUT PACL pAcl,
1037 IN DWORD dwAceRevision,
1038 IN DWORD AccessMask,
1039 IN PSID pSid)
1040{
1041 return RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid);
1042}
1043
1044/******************************************************************************
1045 * LookupAccountNameA [ADVAPI32.@]
1046 */
1047BOOL WINAPI
1048LookupAccountNameA(
1049 IN LPCSTR system,
1050 IN LPCSTR account,
1051 OUT PSID sid,
1052 OUT LPDWORD cbSid,
1053 LPSTR ReferencedDomainName,
1054 IN OUT LPDWORD cbReferencedDomainName,
1055 OUT PSID_NAME_USE name_use )
1056{
1057 FIXME("(%s,%s,%p,%p,%p,%p,%p), stub.\n",system,account,sid,cbSid,ReferencedDomainName,cbReferencedDomainName,name_use);
1058 return FALSE;
1059}
1060
1061/******************************************************************************
1062 * ConvertSidToStringSidW [ADVAPI32.@]
1063 *
1064 * format of SID string is:
1065 * S-<count>-<auth>-<subauth1>-<subauth2>-<subauth3>...
1066 * where
1067 * <rev> is the revision of the SID encoded as decimal
1068 * <auth> is the identifier authority encoded as hex
1069 * <subauthN> is the subauthority id encoded as decimal
1070 */
1071BOOL WINAPI ConvertSidToStringSidW( PSID pSid, LPWSTR *pstr )
1072{
1073 DWORD sz, i;
1074 LPWSTR str;
1075 WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 };
1076 WCHAR subauthfmt[] = { '-','%','u',0 };
1077 SID* pisid=pSid;
1078
1079 TRACE("%p %p\n", pSid, pstr );
1080
1081 if( !IsValidSid( pSid ) )
1082 return FALSE;
1083
1084 if (pisid->Revision != SDDL_REVISION)
1085 return FALSE;
1086 if (pisid->IdentifierAuthority.Value[0] ||
1087 pisid->IdentifierAuthority.Value[1])
1088 {
1089 FIXME("not matching MS' bugs\n");
1090 return FALSE;
1091 }
1092
1093 sz = 14 + pisid->SubAuthorityCount * 11;
1094 str = (LPWSTR)LocalAlloc( 0, sz*sizeof(WCHAR) );
1095 sprintfW( str, fmt, pisid->Revision, MAKELONG(
1096 MAKEWORD( pisid->IdentifierAuthority.Value[5],
1097 pisid->IdentifierAuthority.Value[4] ),
1098 MAKEWORD( pisid->IdentifierAuthority.Value[3],
1099 pisid->IdentifierAuthority.Value[2] ) ) );
1100 for( i=0; i<pisid->SubAuthorityCount; i++ )
1101 sprintfW( str + strlenW(str), subauthfmt, pisid->SubAuthority[i] );
1102 *pstr = str;
1103
1104 return TRUE;
1105}
1106
1107/******************************************************************************
1108 * ConvertSidToStringSidA [ADVAPI32.@]
1109 */
1110BOOL WINAPI ConvertSidToStringSidA(PSID pSid, LPSTR *pstr)
1111{
1112 LPWSTR wstr = NULL;
1113 LPSTR str;
1114 UINT len;
1115
1116 TRACE("%p %p\n", pSid, pstr );
1117
1118 if( !ConvertSidToStringSidW( pSid, &wstr ) )
1119 return FALSE;
1120
1121 len = WideCharToMultiByte( CP_ACP, 0, wstr, -1, NULL, 0, NULL, NULL );
1122 str = (LPSTR)LocalAlloc( 0, len );
1123 WideCharToMultiByte( CP_ACP, 0, wstr, -1, str, len, NULL, NULL );
1124 LocalFree( (HANDLE)wstr );
1125
1126 *pstr = str;
1127
1128 return TRUE;
1129}
Note: See TracBrowser for help on using the repository browser.