projects / wine / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
TREEVIEW_UpdateScrollBars() now copes with an empty tree.
[wine] / dlls / advapi32 / security.c
1 /*
2  * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
3  *
4  * This library is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU Lesser General Public
6  * License as published by the Free Software Foundation; either
7  * version 2.1 of the License, or (at your option) any later version.
8  *
9  * This library is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
12  * Lesser General Public License for more details.
13  *
14  * You should have received a copy of the GNU Lesser General Public
15  * License along with this library; if not, write to the Free Software
16  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
17  *
18  *  FIXME: for all functions thunking down to Rtl* functions:  implement SetLastError()
19  */
20
21 #include <string.h>
22
23 #include "windef.h"
24 #include "winerror.h"
25 #include "rpcnterr.h"
26 #include "winternl.h"
27 #include "ntsecapi.h"
28 #include "accctrl.h"
29
30 #include "wine/debug.h"
31 #include "wine/unicode.h"
32
33 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
34
35 #define CallWin32ToNt(func) \
36         { NTSTATUS ret; \
37           ret = (func); \
38           if (ret !=STATUS_SUCCESS) \
39           { SetLastError (RtlNtStatusToDosError(ret)); return FALSE; } \
40           return TRUE; \
41         }
42
43 static void dumpLsaAttributes( PLSA_OBJECT_ATTRIBUTES oa )
44 {
45         if (oa)
46         {
47           TRACE("\n\tlength=%lu, rootdir=%p, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
48                 oa->Length, oa->RootDirectory,
49                 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
50                 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
51         }
52 }
53
54 /************************************************************
55  *                ADVAPI_IsLocalComputer
56  *
57  * Checks whether the server name indicates local machine.
58  */
59 BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
60 {
61     if (!ServerName)
62     {
63         return TRUE;
64     }
65     else
66     {
67         DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
68         BOOL Result;
69         LPWSTR buf;
70
71         buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
72         Result = GetComputerNameW(buf,  &dwSize);
73         if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
74             ServerName += 2;
75         Result = Result && !lstrcmpW(ServerName, buf);
76         HeapFree(GetProcessHeap(), 0, buf);
77
78         return Result;
79     }
80 }
81
82 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
83     if (!ADVAPI_IsLocalComputer(ServerName)) \
84     { \
85         FIXME("Action Implemented for local computer only. " \
86               "Requested for server %s\n", debugstr_w(ServerName)); \
87         return FailureCode; \
88     }
89
90 /*      ##############################
91         ######  TOKEN FUNCTIONS ######
92         ##############################
93 */
94
95 /******************************************************************************
96  * OpenProcessToken                     [ADVAPI32.@]
97  * Opens the access token associated with a process
98  *
99  * PARAMS
100  *   ProcessHandle [I] Handle to process
101  *   DesiredAccess [I] Desired access to process
102  *   TokenHandle   [O] Pointer to handle of open access token
103  *
104  * RETURNS STD
105  */
106 BOOL WINAPI
107 OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
108                   HANDLE *TokenHandle )
109 {
110         CallWin32ToNt(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
111 }
112
113 /******************************************************************************
114  * OpenThreadToken [ADVAPI32.@]
115  *
116  * PARAMS
117  *   thread        []
118  *   desiredaccess []
119  *   openasself    []
120  *   thandle       []
121  */
122 BOOL WINAPI
123 OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
124                  BOOL OpenAsSelf, HANDLE *TokenHandle)
125 {
126         CallWin32ToNt (NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
127 }
128
129 /******************************************************************************
130  * AdjustTokenPrivileges [ADVAPI32.@]
131  *
132  * PARAMS
133  *   TokenHandle          []
134  *   DisableAllPrivileges []
135  *   NewState             []
136  *   BufferLength         []
137  *   PreviousState        []
138  *   ReturnLength         []
139  */
140 BOOL WINAPI
141 AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
142                        LPVOID NewState, DWORD BufferLength,
143                        LPVOID PreviousState, LPDWORD ReturnLength )
144 {
145         CallWin32ToNt(NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges, NewState, BufferLength, PreviousState, ReturnLength));
146 }
147
148 /******************************************************************************
149  * CheckTokenMembership [ADVAPI32.@]
150  *
151  * PARAMS
152  *   TokenHandle [I]
153  *   SidToCheck  [I]
154  *   IsMember    [O]
155  */
156 BOOL WINAPI
157 CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
158                       PBOOL IsMember )
159 {
160   FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
161
162   *IsMember = TRUE;
163   return(TRUE);
164 }
165
166 /******************************************************************************
167  * GetTokenInformation [ADVAPI32.@]
168  *
169  * PARAMS
170  *   token           [I]
171  *   tokeninfoclass  [I]
172  *   tokeninfo       [O]
173  *   tokeninfolength [I]
174  *   retlen          [O]
175  *
176  */
177 BOOL WINAPI
178 GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
179                      LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
180 {
181     TRACE("(%p, %s, %p, %ld, %p): \n",
182           token,
183           (tokeninfoclass == TokenUser) ? "TokenUser" :
184           (tokeninfoclass == TokenGroups) ? "TokenGroups" :
185           (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
186           (tokeninfoclass == TokenOwner) ? "TokenOwner" :
187           (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
188           (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
189           (tokeninfoclass == TokenSource) ? "TokenSource" :
190           (tokeninfoclass == TokenType) ? "TokenType" :
191           (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
192           (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
193           (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
194           (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
195           (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
196           (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
197           (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
198           "Unknown",
199           tokeninfo, tokeninfolength, retlen);
200     CallWin32ToNt (NtQueryInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength, retlen));
201 }
202
203 /******************************************************************************
204  * SetTokenInformation [ADVAPI32.@]
205  *
206  * PARAMS
207  *   token           [I]
208  *   tokeninfoclass  [I]
209  *   tokeninfo       [I]
210  *   tokeninfolength [I]
211  *
212  */
213 BOOL WINAPI
214 SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
215                      LPVOID tokeninfo, DWORD tokeninfolength )
216 {
217     FIXME("(%p, %s, %p, %ld): stub\n",
218           token,
219           (tokeninfoclass == TokenUser) ? "TokenUser" :
220           (tokeninfoclass == TokenGroups) ? "TokenGroups" :
221           (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
222           (tokeninfoclass == TokenOwner) ? "TokenOwner" :
223           (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
224           (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
225           (tokeninfoclass == TokenSource) ? "TokenSource" :
226           (tokeninfoclass == TokenType) ? "TokenType" :
227           (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
228           (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
229           (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
230           (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
231           (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
232           (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
233           (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
234           "Unknown",
235           tokeninfo, tokeninfolength);
236
237     SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
238
239     return FALSE;
240 }
241
242 /*************************************************************************
243  * SetThreadToken [ADVAPI32.@]
244  *
245  * Assigns an "impersonation token" to a thread so it can assume the
246  * security privledges of another thread or process.  Can also remove
247  * a previously assigned token.  Only supported on NT - it's a stub
248  * exactly like this one on Win9X.
249  *
250  */
251
252 BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
253 {
254     FIXME("(%p, %p): stub (NT impl. only)\n", thread, token);
255
256     SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
257
258     return FALSE;
259 }
260
261 /*      ##############################
262         ######  SID FUNCTIONS   ######
263         ##############################
264 */
265
266 /******************************************************************************
267  * AllocateAndInitializeSid [ADVAPI32.@]
268  *
269  * PARAMS
270  *   pIdentifierAuthority []
271  *   nSubAuthorityCount   []
272  *   nSubAuthority0       []
273  *   nSubAuthority1       []
274  *   nSubAuthority2       []
275  *   nSubAuthority3       []
276  *   nSubAuthority4       []
277  *   nSubAuthority5       []
278  *   nSubAuthority6       []
279  *   nSubAuthority7       []
280  *   pSid                 []
281  */
282 BOOL WINAPI
283 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
284                           BYTE nSubAuthorityCount,
285                           DWORD nSubAuthority0, DWORD nSubAuthority1,
286                           DWORD nSubAuthority2, DWORD nSubAuthority3,
287                           DWORD nSubAuthority4, DWORD nSubAuthority5,
288                           DWORD nSubAuthority6, DWORD nSubAuthority7,
289                           PSID *pSid )
290 {
291         CallWin32ToNt (RtlAllocateAndInitializeSid(
292                 pIdentifierAuthority, nSubAuthorityCount,
293                 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
294                 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
295                 pSid ));
296 }
297
298 /******************************************************************************
299  * FreeSid [ADVAPI32.@]
300  *
301  * PARAMS
302  *   pSid []
303  */
304 PVOID WINAPI
305 FreeSid( PSID pSid )
306 {
307         RtlFreeSid(pSid);
308         return NULL; /* is documented like this */
309 }
310
311 /******************************************************************************
312  * CopySid [ADVAPI32.@]
313  *
314  * PARAMS
315  *   nDestinationSidLength []
316  *   pDestinationSid       []
317  *   pSourceSid            []
318  */
319 BOOL WINAPI
320 CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
321 {
322         return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
323 }
324
325 /******************************************************************************
326  * IsValidSid [ADVAPI32.@]
327  *
328  * PARAMS
329  *   pSid []
330  */
331 BOOL WINAPI
332 IsValidSid( PSID pSid )
333 {
334         return RtlValidSid( pSid );
335 }
336
337 /******************************************************************************
338  * EqualSid [ADVAPI32.@]
339  *
340  * PARAMS
341  *   pSid1 []
342  *   pSid2 []
343  */
344 BOOL WINAPI
345 EqualSid( PSID pSid1, PSID pSid2 )
346 {
347         return RtlEqualSid( pSid1, pSid2 );
348 }
349
350 /******************************************************************************
351  * EqualPrefixSid [ADVAPI32.@]
352  */
353 BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
354 {
355         return RtlEqualPrefixSid(pSid1, pSid2);
356 }
357
358 /******************************************************************************
359  * GetSidLengthRequired [ADVAPI32.@]
360  *
361  * PARAMS
362  *   nSubAuthorityCount []
363  */
364 DWORD WINAPI
365 GetSidLengthRequired( BYTE nSubAuthorityCount )
366 {
367         return RtlLengthRequiredSid(nSubAuthorityCount);
368 }
369
370 /******************************************************************************
371  * InitializeSid [ADVAPI32.@]
372  *
373  * PARAMS
374  *   pIdentifierAuthority []
375  */
376 BOOL WINAPI
377 InitializeSid (
378         PSID pSid,
379         PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
380         BYTE nSubAuthorityCount)
381 {
382         return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
383 }
384
385 /******************************************************************************
386  * GetSidIdentifierAuthority [ADVAPI32.@]
387  *
388  * PARAMS
389  *   pSid []
390  */
391 PSID_IDENTIFIER_AUTHORITY WINAPI
392 GetSidIdentifierAuthority( PSID pSid )
393 {
394         return RtlIdentifierAuthoritySid(pSid);
395 }
396
397 /******************************************************************************
398  * GetSidSubAuthority [ADVAPI32.@]
399  *
400  * PARAMS
401  *   pSid          []
402  *   nSubAuthority []
403  */
404 PDWORD WINAPI
405 GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
406 {
407         return RtlSubAuthoritySid(pSid, nSubAuthority);
408 }
409
410 /******************************************************************************
411  * GetSidSubAuthorityCount [ADVAPI32.@]
412  *
413  * PARAMS
414  *   pSid []
415  */
416 PUCHAR WINAPI
417 GetSidSubAuthorityCount (PSID pSid)
418 {
419         return RtlSubAuthorityCountSid(pSid);
420 }
421
422 /******************************************************************************
423  * GetLengthSid [ADVAPI32.@]
424  *
425  * PARAMS
426  *   pSid []
427  */
428 DWORD WINAPI
429 GetLengthSid (PSID pSid)
430 {
431         return RtlLengthSid(pSid);
432 }
433
434 /*      ##############################################
435         ######  SECURITY DESCRIPTOR FUNCTIONS   ######
436         ##############################################
437 */
438
439 /******************************************************************************
440  * InitializeSecurityDescriptor [ADVAPI32.@]
441  *
442  * PARAMS
443  *   pDescr   []
444  *   revision []
445  */
446 BOOL WINAPI
447 InitializeSecurityDescriptor( SECURITY_DESCRIPTOR *pDescr, DWORD revision )
448 {
449         CallWin32ToNt (RtlCreateSecurityDescriptor(pDescr, revision ));
450 }
451
452 /******************************************************************************
453  * GetSecurityDescriptorLength [ADVAPI32.@]
454  */
455 DWORD WINAPI GetSecurityDescriptorLength( SECURITY_DESCRIPTOR *pDescr)
456 {
457         return (RtlLengthSecurityDescriptor(pDescr));
458 }
459
460 /******************************************************************************
461  * GetSecurityDescriptorOwner [ADVAPI32.@]
462  *
463  * PARAMS
464  *   pOwner            []
465  *   lpbOwnerDefaulted []
466  */
467 BOOL WINAPI
468 GetSecurityDescriptorOwner( SECURITY_DESCRIPTOR *pDescr, PSID *pOwner,
469                             LPBOOL lpbOwnerDefaulted )
470 {
471         CallWin32ToNt (RtlGetOwnerSecurityDescriptor( pDescr, pOwner, (PBOOLEAN)lpbOwnerDefaulted ));
472 }
473
474 /******************************************************************************
475  * SetSecurityDescriptorOwner [ADVAPI32.@]
476  *
477  * PARAMS
478  */
479 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
480                                    PSID pOwner, BOOL bOwnerDefaulted)
481 {
482         CallWin32ToNt (RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
483 }
484 /******************************************************************************
485  * GetSecurityDescriptorGroup                   [ADVAPI32.@]
486  */
487 BOOL WINAPI GetSecurityDescriptorGroup(
488         PSECURITY_DESCRIPTOR SecurityDescriptor,
489         PSID *Group,
490         LPBOOL GroupDefaulted)
491 {
492         CallWin32ToNt (RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, (PBOOLEAN)GroupDefaulted));
493 }
494 /******************************************************************************
495  * SetSecurityDescriptorGroup [ADVAPI32.@]
496  */
497 BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
498                                            PSID Group, BOOL GroupDefaulted)
499 {
500         CallWin32ToNt (RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
501 }
502
503 /******************************************************************************
504  * IsValidSecurityDescriptor [ADVAPI32.@]
505  *
506  * PARAMS
507  *   lpsecdesc []
508  */
509 BOOL WINAPI
510 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
511 {
512         CallWin32ToNt (RtlValidSecurityDescriptor(SecurityDescriptor));
513 }
514
515 /******************************************************************************
516  *  GetSecurityDescriptorDacl                   [ADVAPI32.@]
517  */
518 BOOL WINAPI GetSecurityDescriptorDacl(
519         IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
520         OUT LPBOOL lpbDaclPresent,
521         OUT PACL *pDacl,
522         OUT LPBOOL lpbDaclDefaulted)
523 {
524         CallWin32ToNt (RtlGetDaclSecurityDescriptor(pSecurityDescriptor, (PBOOLEAN)lpbDaclPresent,
525                                                pDacl, (PBOOLEAN)lpbDaclDefaulted));
526 }
527
528 /******************************************************************************
529  *  SetSecurityDescriptorDacl                   [ADVAPI32.@]
530  */
531 BOOL WINAPI
532 SetSecurityDescriptorDacl (
533         PSECURITY_DESCRIPTOR lpsd,
534         BOOL daclpresent,
535         PACL dacl,
536         BOOL dacldefaulted )
537 {
538         CallWin32ToNt (RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ));
539 }
540 /******************************************************************************
541  *  GetSecurityDescriptorSacl                   [ADVAPI32.@]
542  */
543 BOOL WINAPI GetSecurityDescriptorSacl(
544         IN PSECURITY_DESCRIPTOR lpsd,
545         OUT LPBOOL lpbSaclPresent,
546         OUT PACL *pSacl,
547         OUT LPBOOL lpbSaclDefaulted)
548 {
549         CallWin32ToNt (RtlGetSaclSecurityDescriptor(lpsd,
550            (PBOOLEAN)lpbSaclPresent, pSacl, (PBOOLEAN)lpbSaclDefaulted));
551 }
552
553 /**************************************************************************
554  * SetSecurityDescriptorSacl                    [ADVAPI32.@]
555  */
556 BOOL WINAPI SetSecurityDescriptorSacl (
557         PSECURITY_DESCRIPTOR lpsd,
558         BOOL saclpresent,
559         PACL lpsacl,
560         BOOL sacldefaulted)
561 {
562         CallWin32ToNt (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
563 }
564 /******************************************************************************
565  * MakeSelfRelativeSD [ADVAPI32.@]
566  *
567  * PARAMS
568  *   lpabssecdesc  []
569  *   lpselfsecdesc []
570  *   lpbuflen      []
571  */
572 BOOL WINAPI
573 MakeSelfRelativeSD(
574         IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
575         IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
576         IN OUT LPDWORD lpdwBufferLength)
577 {
578         CallWin32ToNt (RtlMakeSelfRelativeSD(pAbsoluteSecurityDescriptor,pSelfRelativeSecurityDescriptor, lpdwBufferLength));
579 }
580
581 /******************************************************************************
582  * GetSecurityDescriptorControl                 [ADVAPI32.@]
583  */
584
585 BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR  pSecurityDescriptor,
586                  PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
587 {
588         CallWin32ToNt (RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
589 }
590
591 /*      ##############################
592         ######  ACL FUNCTIONS   ######
593         ##############################
594 */
595
596 /*************************************************************************
597  * InitializeAcl [ADVAPI32.@]
598  */
599 DWORD WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
600 {
601         CallWin32ToNt (RtlCreateAcl(acl, size, rev));
602 }
603
604 /*      ##############################
605         ######  MISC FUNCTIONS  ######
606         ##############################
607 */
608
609 /******************************************************************************
610  * LookupPrivilegeValueW                        [ADVAPI32.@]
611  * Retrieves LUID used on a system to represent the privilege name.
612  *
613  * PARAMS
614  *   lpSystemName [I] Address of string specifying the system
615  *   lpName       [I] Address of string specifying the privilege
616  *   lpLuid       [I] Address of locally unique identifier
617  *
618  * RETURNS STD
619  */
620 BOOL WINAPI
621 LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid )
622 {
623     FIXME("(%s,%s,%p): stub\n",debugstr_w(lpSystemName),
624         debugstr_w(lpName), lpLuid);
625     lpLuid->LowPart = 0x12345678;
626     lpLuid->HighPart = 0x87654321;
627     return TRUE;
628 }
629
630 /******************************************************************************
631  * LookupPrivilegeValueA                        [ADVAPI32.@]
632  */
633 BOOL WINAPI
634 LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid )
635 {
636     UNICODE_STRING lpSystemNameW;
637     UNICODE_STRING lpNameW;
638     BOOL ret;
639
640     RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
641     RtlCreateUnicodeStringFromAsciiz(&lpNameW,lpName);
642     ret = LookupPrivilegeValueW(lpSystemNameW.Buffer, lpNameW.Buffer, lpLuid);
643     RtlFreeUnicodeString(&lpNameW);
644     RtlFreeUnicodeString(&lpSystemNameW);
645     return ret;
646 }
647
648 /******************************************************************************
649  * GetFileSecurityA [ADVAPI32.@]
650  *
651  * Obtains Specified information about the security of a file or directory
652  * The information obtained is constrained by the callers access rights and
653  * privileges
654  */
655 BOOL WINAPI
656 GetFileSecurityA( LPCSTR lpFileName,
657                     SECURITY_INFORMATION RequestedInformation,
658                     PSECURITY_DESCRIPTOR pSecurityDescriptor,
659                     DWORD nLength, LPDWORD lpnLengthNeeded )
660 {
661   FIXME("(%s) : stub\n", debugstr_a(lpFileName));
662   return TRUE;
663 }
664
665 /******************************************************************************
666  * GetFileSecurityW [ADVAPI32.@]
667  *
668  * Obtains Specified information about the security of a file or directory
669  * The information obtained is constrained by the callers access rights and
670  * privileges
671  *
672  * PARAMS
673  *   lpFileName           []
674  *   RequestedInformation []
675  *   pSecurityDescriptor  []
676  *   nLength              []
677  *   lpnLengthNeeded      []
678  */
679 BOOL WINAPI
680 GetFileSecurityW( LPCWSTR lpFileName,
681                     SECURITY_INFORMATION RequestedInformation,
682                     PSECURITY_DESCRIPTOR pSecurityDescriptor,
683                     DWORD nLength, LPDWORD lpnLengthNeeded )
684 {
685   FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
686   return TRUE;
687 }
688
689
690 /******************************************************************************
691  * LookupAccountSidA [ADVAPI32.@]
692  */
693 BOOL WINAPI
694 LookupAccountSidA(
695         IN LPCSTR system,
696         IN PSID sid,
697         OUT LPSTR account,
698         IN OUT LPDWORD accountSize,
699         OUT LPSTR domain,
700         IN OUT LPDWORD domainSize,
701         OUT PSID_NAME_USE name_use )
702 {
703         static const char ac[] = "Administrator";
704         static const char dm[] = "DOMAIN";
705         FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
706               debugstr_a(system),sid,
707               account,accountSize,accountSize?*accountSize:0,
708               domain,domainSize,domainSize?*domainSize:0,
709               name_use);
710
711         if (accountSize) *accountSize = strlen(ac)+1;
712         if (account && (*accountSize > strlen(ac)))
713           strcpy(account, ac);
714
715         if (domainSize) *domainSize = strlen(dm)+1;
716         if (domain && (*domainSize > strlen(dm)))
717           strcpy(domain,dm);
718
719         if (name_use) *name_use = SidTypeUser;
720         return TRUE;
721 }
722
723 /******************************************************************************
724  * LookupAccountSidW [ADVAPI32.@]
725  *
726  * PARAMS
727  *   system      []
728  *   sid         []
729  *   account     []
730  *   accountSize []
731  *   domain      []
732  *   domainSize  []
733  *   name_use    []
734  */
735 BOOL WINAPI
736 LookupAccountSidW(
737         IN LPCWSTR system,
738         IN PSID sid,
739         OUT LPWSTR account,
740         IN OUT LPDWORD accountSize,
741         OUT LPWSTR domain,
742         IN OUT LPDWORD domainSize,
743         OUT PSID_NAME_USE name_use )
744 {
745     static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
746     static const WCHAR dm[] = {'D','O','M','A','I','N',0};
747         FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
748               debugstr_w(system),sid,
749               account,accountSize,accountSize?*accountSize:0,
750               domain,domainSize,domainSize?*domainSize:0,
751               name_use);
752
753         if (accountSize) *accountSize = strlenW(ac)+1;
754         if (account && (*accountSize > strlenW(ac)))
755             strcpyW(account, ac);
756
757         if (domainSize) *domainSize = strlenW(dm)+1;
758         if (domain && (*domainSize > strlenW(dm)))
759             strcpyW(domain,dm);
760
761         if (name_use) *name_use = SidTypeUser;
762         return TRUE;
763 }
764
765 /******************************************************************************
766  * SetFileSecurityA [ADVAPI32.@]
767  * Sets the security of a file or directory
768  */
769 BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
770                                 SECURITY_INFORMATION RequestedInformation,
771                                 PSECURITY_DESCRIPTOR pSecurityDescriptor)
772 {
773   FIXME("(%s) : stub\n", debugstr_a(lpFileName));
774   return TRUE;
775 }
776
777 /******************************************************************************
778  * SetFileSecurityW [ADVAPI32.@]
779  * Sets the security of a file or directory
780  *
781  * PARAMS
782  *   lpFileName           []
783  *   RequestedInformation []
784  *   pSecurityDescriptor  []
785  */
786 BOOL WINAPI
787 SetFileSecurityW( LPCWSTR lpFileName,
788                     SECURITY_INFORMATION RequestedInformation,
789                     PSECURITY_DESCRIPTOR pSecurityDescriptor )
790 {
791   FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
792   return TRUE;
793 }
794
795 /******************************************************************************
796  * QueryWindows31FilesMigration [ADVAPI32.@]
797  *
798  * PARAMS
799  *   x1 []
800  */
801 BOOL WINAPI
802 QueryWindows31FilesMigration( DWORD x1 )
803 {
804         FIXME("(%ld):stub\n",x1);
805         return TRUE;
806 }
807
808 /******************************************************************************
809  * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
810  *
811  * PARAMS
812  *   x1 []
813  *   x2 []
814  *   x3 []
815  *   x4 []
816  */
817 BOOL WINAPI
818 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
819                                                DWORD x4 )
820 {
821         FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
822         return TRUE;
823 }
824
825 /******************************************************************************
826  * LsaOpenPolicy [ADVAPI32.@]
827  *
828  * PARAMS
829  *   x1 []
830  *   x2 []
831  *   x3 []
832  *   x4 []
833  */
834 NTSTATUS WINAPI
835 LsaOpenPolicy(
836         IN PLSA_UNICODE_STRING SystemName,
837         IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
838         IN ACCESS_MASK DesiredAccess,
839         IN OUT PLSA_HANDLE PolicyHandle)
840 {
841         FIXME("(%s,%p,0x%08lx,%p):stub\n",
842               SystemName?debugstr_w(SystemName->Buffer):"null",
843               ObjectAttributes, DesiredAccess, PolicyHandle);
844         ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
845                                   STATUS_ACCESS_VIOLATION);
846         dumpLsaAttributes(ObjectAttributes);
847         if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
848         return STATUS_SUCCESS;
849 }
850
851 /******************************************************************************
852  * LsaQueryInformationPolicy [ADVAPI32.@]
853  */
854 NTSTATUS WINAPI
855 LsaQueryInformationPolicy(
856         IN LSA_HANDLE PolicyHandle,
857         IN POLICY_INFORMATION_CLASS InformationClass,
858         OUT PVOID *Buffer)
859 {
860         FIXME("(%p,0x%08x,%p):stub\n",
861               PolicyHandle, InformationClass, Buffer);
862
863         if(!Buffer) return FALSE;
864         switch (InformationClass)
865         {
866           case PolicyAuditEventsInformation: /* 2 */
867             {
868               PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(POLICY_AUDIT_EVENTS_INFO));
869               p->AuditingMode = FALSE; /* no auditing */
870               *Buffer = p;
871             }
872             break;
873           case PolicyPrimaryDomainInformation: /* 3 */
874           case PolicyAccountDomainInformation: /* 5 */
875             {
876               struct di
877               { POLICY_PRIMARY_DOMAIN_INFO ppdi;
878                 SID sid;
879               };
880               SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
881
882               struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(xdi));
883               RtlCreateUnicodeStringFromAsciiz(&(xdi->ppdi.Name), "DOMAIN");
884               xdi->ppdi.Sid = &(xdi->sid);
885               xdi->sid.Revision = SID_REVISION;
886               xdi->sid.SubAuthorityCount = 1;
887               xdi->sid.IdentifierAuthority = localSidAuthority;
888               xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
889               *Buffer = xdi;
890             }
891             break;
892           case  PolicyAuditLogInformation:
893           case  PolicyPdAccountInformation:
894           case  PolicyLsaServerRoleInformation:
895           case  PolicyReplicaSourceInformation:
896           case  PolicyDefaultQuotaInformation:
897           case  PolicyModificationInformation:
898           case  PolicyAuditFullSetInformation:
899           case  PolicyAuditFullQueryInformation:
900           case  PolicyDnsDomainInformation:
901             {
902               FIXME("category not implemented\n");
903               return FALSE;
904             }
905         }
906         return TRUE;
907 }
908
909 /******************************************************************************
910  * LsaLookupSids [ADVAPI32.@]
911  */
912 typedef struct
913 {
914         SID_NAME_USE Use;
915         LSA_UNICODE_STRING Name;
916         LONG DomainIndex;
917 } LSA_TRANSLATED_NAME, *PLSA_TRANSLATED_NAME;
918
919 typedef struct
920 {
921         LSA_UNICODE_STRING Name;
922         PSID Sid;
923 } LSA_TRUST_INFORMATION, *PLSA_TRUST_INFORMATION;
924
925 typedef struct
926 {
927         ULONG Entries;
928         PLSA_TRUST_INFORMATION Domains;
929 } LSA_REFERENCED_DOMAIN_LIST, *PLSA_REFERENCED_DOMAIN_LIST;
930
931 NTSTATUS WINAPI
932 LsaLookupSids(
933         IN LSA_HANDLE PolicyHandle,
934         IN ULONG Count,
935         IN PSID *Sids,
936         OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
937         OUT PLSA_TRANSLATED_NAME *Names )
938 {
939         FIXME("%p %lu %p %p %p\n",
940           PolicyHandle, Count, Sids, ReferencedDomains, Names);
941         return FALSE;
942 }
943
944 /******************************************************************************
945  * LsaFreeMemory [ADVAPI32.@]
946  */
947 NTSTATUS WINAPI
948 LsaFreeMemory(IN PVOID Buffer)
949 {
950         TRACE("(%p)\n",Buffer);
951         return HeapFree(GetProcessHeap(), 0, Buffer);
952 }
953 /******************************************************************************
954  * LsaClose [ADVAPI32.@]
955  */
956 NTSTATUS WINAPI
957 LsaClose(IN LSA_HANDLE ObjectHandle)
958 {
959         FIXME("(%p):stub\n",ObjectHandle);
960         return 0xc0000000;
961 }
962
963 /******************************************************************************
964  * LsaNtStatusToWinError [ADVAPI32.@]
965  *
966  * PARAMS
967  *   Status [I]
968  */
969 ULONG WINAPI
970 LsaNtStatusToWinError(NTSTATUS Status)
971 {
972     return RtlNtStatusToDosError(Status);
973 }
974
975 /******************************************************************************
976  * NotifyBootConfigStatus [ADVAPI32.@]
977  *
978  * PARAMS
979  *   x1 []
980  */
981 BOOL WINAPI
982 NotifyBootConfigStatus( DWORD x1 )
983 {
984         FIXME("(0x%08lx):stub\n",x1);
985         return 1;
986 }
987
988 /******************************************************************************
989  * RevertToSelf [ADVAPI32.@]
990  *
991  * PARAMS
992  *   void []
993  */
994 BOOL WINAPI
995 RevertToSelf( void )
996 {
997         FIXME("(), stub\n");
998         return TRUE;
999 }
1000
1001 /******************************************************************************
1002  * ImpersonateSelf [ADVAPI32.@]
1003  */
1004 BOOL WINAPI
1005 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1006 {
1007         return RtlImpersonateSelf(ImpersonationLevel);
1008 }
1009
1010 /******************************************************************************
1011  * ImpersonateLoggedOnUser [ADVAPI32.@]
1012  */
1013 BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
1014 {
1015     FIXME("(%p):stub returning FALSE\n", hToken);
1016     return FALSE;
1017 }
1018
1019 /******************************************************************************
1020  * AccessCheck [ADVAPI32.@]
1021  *
1022  * FIXME check cast LPBOOL to PBOOLEAN
1023  */
1024 BOOL WINAPI
1025 AccessCheck(
1026         PSECURITY_DESCRIPTOR SecurityDescriptor,
1027         HANDLE ClientToken,
1028         DWORD DesiredAccess,
1029         PGENERIC_MAPPING GenericMapping,
1030         PPRIVILEGE_SET PrivilegeSet,
1031         LPDWORD PrivilegeSetLength,
1032         LPDWORD GrantedAccess,
1033         LPBOOL AccessStatus)
1034 {
1035         CallWin32ToNt (NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
1036           GenericMapping, PrivilegeSet, PrivilegeSetLength, GrantedAccess, (PBOOLEAN)AccessStatus));
1037 }
1038
1039 /*************************************************************************
1040  * SetKernelObjectSecurity [ADVAPI32.@]
1041  */
1042 BOOL WINAPI SetKernelObjectSecurity (
1043         IN HANDLE Handle,
1044         IN SECURITY_INFORMATION SecurityInformation,
1045         IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1046 {
1047         CallWin32ToNt (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1048 }
1049
1050 /******************************************************************************
1051  *  AddAccessAllowedAce [ADVAPI32.@]
1052  */
1053 BOOL WINAPI AddAccessAllowedAce(
1054         IN OUT PACL pAcl,
1055         IN DWORD dwAceRevision,
1056         IN DWORD AccessMask,
1057         IN PSID pSid)
1058 {
1059         return RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid);
1060 }
1061
1062 /******************************************************************************
1063  * LookupAccountNameA [ADVAPI32.@]
1064  */
1065 BOOL WINAPI
1066 LookupAccountNameA(
1067         IN LPCSTR system,
1068         IN LPCSTR account,
1069         OUT PSID sid,
1070         OUT LPDWORD cbSid,
1071         LPSTR ReferencedDomainName,
1072         IN OUT LPDWORD cbReferencedDomainName,
1073         OUT PSID_NAME_USE name_use )
1074 {
1075     FIXME("(%s,%s,%p,%p,%p,%p,%p), stub.\n",system,account,sid,cbSid,ReferencedDomainName,cbReferencedDomainName,name_use);
1076     return FALSE;
1077 }
1078
1079 /******************************************************************************
1080  * GetAce [ADVAPI32.@]
1081  */
1082 BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
1083 {
1084     CallWin32ToNt(RtlGetAce(pAcl, dwAceIndex, pAce));
1085 }
1086
1087 /******************************************************************************
1088  * PrivilegeCheck [ADVAPI32.@]
1089  */
1090 BOOL WINAPI PrivilegeCheck( HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
1091 {
1092         FIXME("stub %p %p %p\n", ClientToken, RequiredPrivileges, pfResult);
1093         if (pfResult)
1094                 *pfResult=TRUE;
1095         return TRUE;
1096 }
1097
1098 /******************************************************************************
1099  * GetSecurityInfoExW [ADVAPI32.@]
1100  */
1101 DWORD WINAPI GetSecurityInfoExW(
1102         HANDLE hObject, SE_OBJECT_TYPE ObjectType, 
1103         SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider,
1104         LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList, 
1105         PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup
1106 )
1107 {
1108   FIXME("stub!\n");
1109   return ERROR_BAD_PROVIDER; 
1110 }
WINE + custom patches