1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/advapi32/sec/sec.c
5 * PURPOSE: Security descriptor functions
6 * PROGRAMMER: Ariadne ( ariadne@xs4all.nl)
7 * Steven Edwards ( Steven_Ed4153@yahoo.com )
8 * Andrew Greenwood ( silverblade_uk@hotmail.com )
9 * UPDATE HISTORY:
10 * Created 01/11/98
11 */
12
13 #include <advapi32.h>
14 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
15
16 /*
17 * @implemented
18 */
19 BOOL
20 WINAPI
GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor,PSECURITY_DESCRIPTOR_CONTROL pControl,LPDWORD lpdwRevision)21 GetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor,
22 PSECURITY_DESCRIPTOR_CONTROL pControl,
23 LPDWORD lpdwRevision)
24 {
25 NTSTATUS Status;
26
27 Status = RtlGetControlSecurityDescriptor(pSecurityDescriptor,
28 pControl,
29 (PULONG)lpdwRevision);
30 if (!NT_SUCCESS(Status))
31 {
32 SetLastError(RtlNtStatusToDosError(Status));
33 return FALSE;
34 }
35
36 return TRUE;
37 }
38
39
40 /*
41 * @implemented
42 */
43 BOOL
44 WINAPI
GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor,LPBOOL lpbDaclPresent,PACL * pDacl,LPBOOL lpbDaclDefaulted)45 GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor,
46 LPBOOL lpbDaclPresent,
47 PACL *pDacl,
48 LPBOOL lpbDaclDefaulted)
49 {
50 BOOLEAN DaclPresent;
51 BOOLEAN DaclDefaulted;
52 NTSTATUS Status;
53
54 Status = RtlGetDaclSecurityDescriptor(pSecurityDescriptor,
55 &DaclPresent,
56 pDacl,
57 &DaclDefaulted);
58 *lpbDaclPresent = (BOOL)DaclPresent;
59 *lpbDaclDefaulted = (BOOL)DaclDefaulted;
60
61 if (!NT_SUCCESS(Status))
62 {
63 SetLastError(RtlNtStatusToDosError(Status));
64 return FALSE;
65 }
66
67 return TRUE;
68 }
69
70
71 /*
72 * @implemented
73 */
74 BOOL
75 WINAPI
GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor,PSID * pGroup,LPBOOL lpbGroupDefaulted)76 GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor,
77 PSID *pGroup,
78 LPBOOL lpbGroupDefaulted)
79 {
80 BOOLEAN GroupDefaulted;
81 NTSTATUS Status;
82
83 Status = RtlGetGroupSecurityDescriptor(pSecurityDescriptor,
84 pGroup,
85 &GroupDefaulted);
86 *lpbGroupDefaulted = (BOOL)GroupDefaulted;
87
88 if (!NT_SUCCESS(Status))
89 {
90 SetLastError(RtlNtStatusToDosError(Status));
91 return FALSE;
92 }
93
94 return TRUE;
95 }
96
97
98 /*
99 * @implemented
100 */
101 BOOL
102 WINAPI
GetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor,PSID * pOwner,LPBOOL lpbOwnerDefaulted)103 GetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor,
104 PSID *pOwner,
105 LPBOOL lpbOwnerDefaulted)
106 {
107 BOOLEAN OwnerDefaulted;
108 NTSTATUS Status;
109
110 Status = RtlGetOwnerSecurityDescriptor(pSecurityDescriptor,
111 pOwner,
112 &OwnerDefaulted);
113 *lpbOwnerDefaulted = (BOOL)OwnerDefaulted;
114
115 if (!NT_SUCCESS(Status))
116 {
117 SetLastError(RtlNtStatusToDosError(Status));
118 return FALSE;
119 }
120
121 return TRUE;
122 }
123
124
125 /*
126 * @implemented
127 */
128 DWORD
129 WINAPI
GetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor,PUCHAR RMControl)130 GetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor,
131 PUCHAR RMControl)
132 {
133 if (!RtlGetSecurityDescriptorRMControl(SecurityDescriptor,
134 RMControl))
135 return ERROR_INVALID_DATA;
136
137 return ERROR_SUCCESS;
138 }
139
140
141 /*
142 * @implemented
143 */
144 BOOL
145 WINAPI
GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor,LPBOOL lpbSaclPresent,PACL * pSacl,LPBOOL lpbSaclDefaulted)146 GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor,
147 LPBOOL lpbSaclPresent,
148 PACL *pSacl,
149 LPBOOL lpbSaclDefaulted)
150 {
151 BOOLEAN SaclPresent;
152 BOOLEAN SaclDefaulted;
153 NTSTATUS Status;
154
155 Status = RtlGetSaclSecurityDescriptor(pSecurityDescriptor,
156 &SaclPresent,
157 pSacl,
158 &SaclDefaulted);
159 *lpbSaclPresent = (BOOL)SaclPresent;
160 *lpbSaclDefaulted = (BOOL)SaclDefaulted;
161
162 if (!NT_SUCCESS(Status))
163 {
164 SetLastError(RtlNtStatusToDosError(Status));
165 return FALSE;
166 }
167
168 return TRUE;
169 }
170
171 /*
172 * @implemented
173 */
174 BOOL
175 WINAPI
IsValidSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor)176 IsValidSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor)
177 {
178 BOOLEAN Result;
179
180 Result = RtlValidSecurityDescriptor (pSecurityDescriptor);
181 if (Result == FALSE)
182 SetLastError(RtlNtStatusToDosError(STATUS_INVALID_SECURITY_DESCR));
183
184 return (BOOL)Result;
185 }
186
187 /*
188 * @implemented
189 */
190 BOOL
191 WINAPI
MakeAbsoluteSD2(IN OUT PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,OUT LPDWORD lpdwBufferSize)192 MakeAbsoluteSD2(IN OUT PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
193 OUT LPDWORD lpdwBufferSize)
194 {
195 NTSTATUS Status;
196
197 Status = RtlSelfRelativeToAbsoluteSD2(pSelfRelativeSecurityDescriptor,
198 lpdwBufferSize);
199 if (!NT_SUCCESS(Status))
200 {
201 SetLastError(RtlNtStatusToDosError(Status));
202 return FALSE;
203 }
204
205 return TRUE;
206 }
207
208
209 /*
210 * @implemented
211 */
212 BOOL
213 WINAPI
MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,LPDWORD lpdwBufferLength)214 MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
215 PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
216 LPDWORD lpdwBufferLength)
217 {
218 NTSTATUS Status;
219
220 Status = RtlAbsoluteToSelfRelativeSD(pAbsoluteSecurityDescriptor,
221 pSelfRelativeSecurityDescriptor,
222 (PULONG)lpdwBufferLength);
223 if (!NT_SUCCESS(Status))
224 {
225 SetLastError(RtlNtStatusToDosError(Status));
226 return FALSE;
227 }
228
229 return TRUE;
230 }
231
232
233 /*
234 * @implemented
235 */
236 BOOL
237 WINAPI
SetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor,SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest,SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet)238 SetSecurityDescriptorControl(PSECURITY_DESCRIPTOR pSecurityDescriptor,
239 SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest,
240 SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet)
241 {
242 NTSTATUS Status;
243
244 Status = RtlSetControlSecurityDescriptor(pSecurityDescriptor,
245 ControlBitsOfInterest,
246 ControlBitsToSet);
247 if (!NT_SUCCESS(Status))
248 {
249 SetLastError(RtlNtStatusToDosError(Status));
250 return FALSE;
251 }
252
253 return TRUE;
254 }
255
256
257 /*
258 * @implemented
259 */
260 BOOL
261 WINAPI
SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor,BOOL bDaclPresent,PACL pDacl,BOOL bDaclDefaulted)262 SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor,
263 BOOL bDaclPresent,
264 PACL pDacl,
265 BOOL bDaclDefaulted)
266 {
267 NTSTATUS Status;
268
269 Status = RtlSetDaclSecurityDescriptor(pSecurityDescriptor,
270 bDaclPresent,
271 pDacl,
272 bDaclDefaulted);
273 if (!NT_SUCCESS(Status))
274 {
275 SetLastError(RtlNtStatusToDosError(Status));
276 return FALSE;
277 }
278
279 return TRUE;
280 }
281
282
283 /*
284 * @implemented
285 */
286 BOOL
287 WINAPI
SetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor,PSID pGroup,BOOL bGroupDefaulted)288 SetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor,
289 PSID pGroup,
290 BOOL bGroupDefaulted)
291 {
292 NTSTATUS Status;
293
294 Status = RtlSetGroupSecurityDescriptor(pSecurityDescriptor,
295 pGroup,
296 bGroupDefaulted);
297 if (!NT_SUCCESS(Status))
298 {
299 SetLastError(RtlNtStatusToDosError(Status));
300 return FALSE;
301 }
302
303 return TRUE;
304 }
305
306
307 /*
308 * @implemented
309 */
310 BOOL
311 WINAPI
SetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor,PSID pOwner,BOOL bOwnerDefaulted)312 SetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR pSecurityDescriptor,
313 PSID pOwner,
314 BOOL bOwnerDefaulted)
315 {
316 NTSTATUS Status;
317
318 Status = RtlSetOwnerSecurityDescriptor(pSecurityDescriptor,
319 pOwner,
320 bOwnerDefaulted);
321 if (!NT_SUCCESS(Status))
322 {
323 SetLastError(RtlNtStatusToDosError(Status));
324 return FALSE;
325 }
326
327 return TRUE;
328 }
329
330
331 /*
332 * @implemented
333 */
334 DWORD
335 WINAPI
SetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor,PUCHAR RMControl)336 SetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor,
337 PUCHAR RMControl)
338 {
339 RtlSetSecurityDescriptorRMControl(SecurityDescriptor,
340 RMControl);
341
342 return ERROR_SUCCESS;
343 }
344
345
346 /*
347 * @implemented
348 */
349 BOOL
350 WINAPI
SetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor,BOOL bSaclPresent,PACL pSacl,BOOL bSaclDefaulted)351 SetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR pSecurityDescriptor,
352 BOOL bSaclPresent,
353 PACL pSacl,
354 BOOL bSaclDefaulted)
355 {
356 NTSTATUS Status;
357
358 Status = RtlSetSaclSecurityDescriptor(pSecurityDescriptor,
359 bSaclPresent,
360 pSacl,
361 bSaclDefaulted);
362 if (!NT_SUCCESS(Status))
363 {
364 SetLastError(RtlNtStatusToDosError(Status));
365 return FALSE;
366 }
367
368 return TRUE;
369 }
370
371
372 /*
373 * @implemented
374 */
375 VOID
376 WINAPI
QuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,OUT LPDWORD DesiredAccess)377 QuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
378 OUT LPDWORD DesiredAccess)
379 {
380 *DesiredAccess = 0;
381
382 if (SecurityInformation & (OWNER_SECURITY_INFORMATION |
383 GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION))
384 {
385 *DesiredAccess |= READ_CONTROL;
386 }
387
388 if (SecurityInformation & SACL_SECURITY_INFORMATION)
389 *DesiredAccess |= ACCESS_SYSTEM_SECURITY;
390 }
391
392
393 /*
394 * @implemented
395 */
396 VOID
397 WINAPI
SetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,OUT LPDWORD DesiredAccess)398 SetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
399 OUT LPDWORD DesiredAccess)
400 {
401 *DesiredAccess = 0;
402
403 if (SecurityInformation & (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION))
404 *DesiredAccess |= WRITE_OWNER;
405
406 if (SecurityInformation & DACL_SECURITY_INFORMATION)
407 *DesiredAccess |= WRITE_DAC;
408
409 if (SecurityInformation & SACL_SECURITY_INFORMATION)
410 *DesiredAccess |= ACCESS_SYSTEM_SECURITY;
411 }
412
413
414 /*
415 * @unimplemented
416 */
417 BOOL
418 WINAPI
ConvertToAutoInheritPrivateObjectSecurity(IN PSECURITY_DESCRIPTOR ParentDescriptor,IN PSECURITY_DESCRIPTOR CurrentSecurityDescriptor,OUT PSECURITY_DESCRIPTOR * NewSecurityDescriptor,IN GUID * ObjectType,IN BOOLEAN IsDirectoryObject,IN PGENERIC_MAPPING GenericMapping)419 ConvertToAutoInheritPrivateObjectSecurity(IN PSECURITY_DESCRIPTOR ParentDescriptor,
420 IN PSECURITY_DESCRIPTOR CurrentSecurityDescriptor,
421 OUT PSECURITY_DESCRIPTOR* NewSecurityDescriptor,
422 IN GUID* ObjectType,
423 IN BOOLEAN IsDirectoryObject,
424 IN PGENERIC_MAPPING GenericMapping)
425 {
426 UNIMPLEMENTED;
427 return FALSE;
428 }
429
430
431 /*
432 * @unimplemented
433 */
434 DWORD
435 WINAPI
BuildSecurityDescriptorW(IN PTRUSTEE_W pOwner OPTIONAL,IN PTRUSTEE_W pGroup OPTIONAL,IN ULONG cCountOfAccessEntries,IN PEXPLICIT_ACCESS_W pListOfAccessEntries OPTIONAL,IN ULONG cCountOfAuditEntries,IN PEXPLICIT_ACCESS_W pListOfAuditEntries OPTIONAL,IN PSECURITY_DESCRIPTOR pOldSD OPTIONAL,OUT PULONG pSizeNewSD,OUT PSECURITY_DESCRIPTOR * pNewSD)436 BuildSecurityDescriptorW(IN PTRUSTEE_W pOwner OPTIONAL,
437 IN PTRUSTEE_W pGroup OPTIONAL,
438 IN ULONG cCountOfAccessEntries,
439 IN PEXPLICIT_ACCESS_W pListOfAccessEntries OPTIONAL,
440 IN ULONG cCountOfAuditEntries,
441 IN PEXPLICIT_ACCESS_W pListOfAuditEntries OPTIONAL,
442 IN PSECURITY_DESCRIPTOR pOldSD OPTIONAL,
443 OUT PULONG pSizeNewSD,
444 OUT PSECURITY_DESCRIPTOR* pNewSD)
445 {
446 UNIMPLEMENTED;
447 return FALSE;
448 }
449
450
451 /*
452 * @unimplemented
453 */
454 DWORD
455 WINAPI
BuildSecurityDescriptorA(IN PTRUSTEE_A pOwner OPTIONAL,IN PTRUSTEE_A pGroup OPTIONAL,IN ULONG cCountOfAccessEntries,IN PEXPLICIT_ACCESS_A pListOfAccessEntries OPTIONAL,IN ULONG cCountOfAuditEntries,IN PEXPLICIT_ACCESS_A pListOfAuditEntries OPTIONAL,IN PSECURITY_DESCRIPTOR pOldSD OPTIONAL,OUT PULONG pSizeNewSD,OUT PSECURITY_DESCRIPTOR * pNewSD)456 BuildSecurityDescriptorA(IN PTRUSTEE_A pOwner OPTIONAL,
457 IN PTRUSTEE_A pGroup OPTIONAL,
458 IN ULONG cCountOfAccessEntries,
459 IN PEXPLICIT_ACCESS_A pListOfAccessEntries OPTIONAL,
460 IN ULONG cCountOfAuditEntries,
461 IN PEXPLICIT_ACCESS_A pListOfAuditEntries OPTIONAL,
462 IN PSECURITY_DESCRIPTOR pOldSD OPTIONAL,
463 OUT PULONG pSizeNewSD,
464 OUT PSECURITY_DESCRIPTOR* pNewSD)
465 {
466 UNIMPLEMENTED;
467 return FALSE;
468 }
469
470 /* EOF */
471