2 * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
3 * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 * FIXME: for all functions thunking down to Rtl* functions: implement SetLastError()
38 #include "wine/debug.h"
39 #include "wine/unicode.h"
41 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
43 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes);
44 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
45 PACL pAcl, LPDWORD cBytes);
46 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl);
47 static BYTE ParseAceStringType(LPCWSTR* StringAcl);
48 static DWORD ParseAceStringRights(LPCWSTR* StringAcl);
49 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
50 LPCWSTR StringSecurityDescriptor,
51 SECURITY_DESCRIPTOR* SecurityDescriptor,
53 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl);
55 typedef struct _ACEFLAG
59 } ACEFLAG, *LPACEFLAG;
64 static const WCHAR SDDL_READ_CONTROL[] = {'R','C',0};
65 static const WCHAR SDDL_WRITE_DAC[] = {'W','D',0};
66 static const WCHAR SDDL_WRITE_OWNER[] = {'W','O',0};
67 static const WCHAR SDDL_STANDARD_DELETE[] = {'S','D',0};
68 static const WCHAR SDDL_GENERIC_ALL[] = {'G','A',0};
69 static const WCHAR SDDL_GENERIC_READ[] = {'G','R',0};
70 static const WCHAR SDDL_GENERIC_WRITE[] = {'G','W',0};
71 static const WCHAR SDDL_GENERIC_EXECUTE[] = {'G','X',0};
76 static const WCHAR SDDL_ACCESS_ALLOWED[] = {'A',0};
77 static const WCHAR SDDL_ACCESS_DENIED[] = {'D',0};
78 static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[] = {'O','A',0};
79 static const WCHAR SDDL_OBJECT_ACCESS_DENIED[] = {'O','D',0};
80 static const WCHAR SDDL_AUDIT[] = {'A','U',0};
81 static const WCHAR SDDL_ALARM[] = {'A','L',0};
82 static const WCHAR SDDL_OBJECT_AUDIT[] = {'O','U',0};
83 static const WCHAR SDDL_OBJECT_ALARMp[] = {'O','L',0};
88 static const WCHAR SDDL_CONTAINER_INHERIT[] = {'C','I',0};
89 static const WCHAR SDDL_OBJECT_INHERIT[] = {'O','I',0};
90 static const WCHAR SDDL_NO_PROPAGATE[] = {'N','P',0};
91 static const WCHAR SDDL_INHERIT_ONLY[] = {'I','O',0};
92 static const WCHAR SDDL_INHERITED[] = {'I','D',0};
93 static const WCHAR SDDL_AUDIT_SUCCESS[] = {'S','A',0};
94 static const WCHAR SDDL_AUDIT_FAILURE[] = {'F','A',0};
96 #define CallWin32ToNt(func) \
99 if (ret !=STATUS_SUCCESS) \
100 { SetLastError (RtlNtStatusToDosError(ret)); return FALSE; } \
104 static void dumpLsaAttributes( PLSA_OBJECT_ATTRIBUTES oa )
108 TRACE("\n\tlength=%lu, rootdir=%p, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
109 oa->Length, oa->RootDirectory,
110 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
111 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
115 /************************************************************
116 * ADVAPI_IsLocalComputer
118 * Checks whether the server name indicates local machine.
120 BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
128 DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
132 buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
133 Result = GetComputerNameW(buf, &dwSize);
134 if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
136 Result = Result && !lstrcmpW(ServerName, buf);
137 HeapFree(GetProcessHeap(), 0, buf);
143 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
144 if (!ADVAPI_IsLocalComputer(ServerName)) \
146 FIXME("Action Implemented for local computer only. " \
147 "Requested for server %s\n", debugstr_w(ServerName)); \
148 return FailureCode; \
151 /* ##############################
152 ###### TOKEN FUNCTIONS ######
153 ##############################
156 /******************************************************************************
157 * OpenProcessToken [ADVAPI32.@]
158 * Opens the access token associated with a process handle.
161 * ProcessHandle [I] Handle to process
162 * DesiredAccess [I] Desired access to process
163 * TokenHandle [O] Pointer to handle of open access token
166 * Success: TRUE. TokenHandle contains the access token.
170 * See NtOpenProcessToken.
173 OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
174 HANDLE *TokenHandle )
176 CallWin32ToNt(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
179 /******************************************************************************
180 * OpenThreadToken [ADVAPI32.@]
182 * Opens the access token associated with a thread handle.
185 * ThreadHandle [I] Handle to process
186 * DesiredAccess [I] Desired access to the thread
188 * TokenHandle [O] Destination for the token handle
191 * Success: TRUE. TokenHandle contains the access token.
195 * See NtOpenThreadToken.
198 OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
199 BOOL OpenAsSelf, HANDLE *TokenHandle)
201 CallWin32ToNt (NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
204 /******************************************************************************
205 * AdjustTokenPrivileges [ADVAPI32.@]
207 * Adjust the privileges of an open token handle.
210 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
211 * DisableAllPrivileges [I] TRUE=Remove all privileges, FALSE=Use NewState
212 * NewState [I] Desired new privileges of the token
213 * BufferLength [I] Length of NewState
214 * PreviousState [O] Destination for the previous state
215 * ReturnLength [I/O] Size of PreviousState
219 * Success: TRUE. Privileges are set to NewState and PreviousState is updated.
223 * See NtAdjustPrivilegesToken.
226 AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
227 LPVOID NewState, DWORD BufferLength,
228 LPVOID PreviousState, LPDWORD ReturnLength )
230 CallWin32ToNt(NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges, NewState, BufferLength, PreviousState, ReturnLength));
233 /******************************************************************************
234 * CheckTokenMembership [ADVAPI32.@]
236 * Determine if an access token is a member of a SID.
239 * TokenHandle [I] Handle from OpenProcessToken() or OpenThreadToken()
240 * SidToCheck [I] SID that possibly contains the token
241 * IsMember [O] Destination for result.
244 * Success: TRUE. IsMember is TRUE if TokenHandle is a member, FALSE otherwise.
248 CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
251 FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
257 /******************************************************************************
258 * GetTokenInformation [ADVAPI32.@]
261 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
262 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
263 * tokeninfo [O] Destination for token information
264 * tokeninfolength [I] Length of tokeninfo
265 * retlen [O] Destination for returned token information length
268 * Success: TRUE. tokeninfo contains retlen bytes of token information
272 * See NtQueryInformationToken.
275 GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
276 LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
278 TRACE("(%p, %s, %p, %ld, %p): \n",
280 (tokeninfoclass == TokenUser) ? "TokenUser" :
281 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
282 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
283 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
284 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
285 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
286 (tokeninfoclass == TokenSource) ? "TokenSource" :
287 (tokeninfoclass == TokenType) ? "TokenType" :
288 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
289 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
290 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
291 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
292 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
293 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
294 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
296 tokeninfo, tokeninfolength, retlen);
297 CallWin32ToNt (NtQueryInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength, retlen));
300 /******************************************************************************
301 * SetTokenInformation [ADVAPI32.@]
303 * Set information for an access token.
306 * token [I] Handle from OpenProcessToken() or OpenThreadToken()
307 * tokeninfoclass [I] A TOKEN_INFORMATION_CLASS from "winnt.h"
308 * tokeninfo [I] Token information to set
309 * tokeninfolength [I] Length of tokeninfo
312 * Success: TRUE. The information for the token is set to tokeninfo.
316 SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
317 LPVOID tokeninfo, DWORD tokeninfolength )
319 TRACE("(%p, %s, %p, %ld): stub\n",
321 (tokeninfoclass == TokenUser) ? "TokenUser" :
322 (tokeninfoclass == TokenGroups) ? "TokenGroups" :
323 (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
324 (tokeninfoclass == TokenOwner) ? "TokenOwner" :
325 (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
326 (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
327 (tokeninfoclass == TokenSource) ? "TokenSource" :
328 (tokeninfoclass == TokenType) ? "TokenType" :
329 (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
330 (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
331 (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
332 (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
333 (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
334 (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
335 (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
337 tokeninfo, tokeninfolength);
339 CallWin32ToNt (NtSetInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength ));
342 /*************************************************************************
343 * SetThreadToken [ADVAPI32.@]
345 * Assigns an 'impersonation token' to a thread so it can assume the
346 * security privileges of another thread or process. Can also remove
347 * a previously assigned token.
350 * thread [O] Handle to thread to set the token for
351 * token [I] Token to set
354 * Success: TRUE. The threads access token is set to token
358 * Only supported on NT or higher. On Win9X this function does nothing.
359 * See SetTokenInformation.
361 BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
363 CallWin32ToNt (NtSetInformationThread( thread ? *thread : GetCurrentThread(),
364 ThreadImpersonationToken, &token, sizeof token ));
367 /* ##############################
368 ###### SID FUNCTIONS ######
369 ##############################
372 /******************************************************************************
373 * AllocateAndInitializeSid [ADVAPI32.@]
376 * pIdentifierAuthority []
377 * nSubAuthorityCount []
389 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
390 BYTE nSubAuthorityCount,
391 DWORD nSubAuthority0, DWORD nSubAuthority1,
392 DWORD nSubAuthority2, DWORD nSubAuthority3,
393 DWORD nSubAuthority4, DWORD nSubAuthority5,
394 DWORD nSubAuthority6, DWORD nSubAuthority7,
397 CallWin32ToNt (RtlAllocateAndInitializeSid(
398 pIdentifierAuthority, nSubAuthorityCount,
399 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
400 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
404 /******************************************************************************
405 * FreeSid [ADVAPI32.@]
414 return NULL; /* is documented like this */
417 /******************************************************************************
418 * CopySid [ADVAPI32.@]
421 * nDestinationSidLength []
426 CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
428 return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
431 /******************************************************************************
432 * IsValidSid [ADVAPI32.@]
438 IsValidSid( PSID pSid )
440 return RtlValidSid( pSid );
443 /******************************************************************************
444 * EqualSid [ADVAPI32.@]
451 EqualSid( PSID pSid1, PSID pSid2 )
453 return RtlEqualSid( pSid1, pSid2 );
456 /******************************************************************************
457 * EqualPrefixSid [ADVAPI32.@]
459 BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
461 return RtlEqualPrefixSid(pSid1, pSid2);
464 /******************************************************************************
465 * GetSidLengthRequired [ADVAPI32.@]
468 * nSubAuthorityCount []
471 GetSidLengthRequired( BYTE nSubAuthorityCount )
473 return RtlLengthRequiredSid(nSubAuthorityCount);
476 /******************************************************************************
477 * InitializeSid [ADVAPI32.@]
480 * pIdentifierAuthority []
485 PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
486 BYTE nSubAuthorityCount)
488 return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
491 /******************************************************************************
492 * GetSidIdentifierAuthority [ADVAPI32.@]
497 PSID_IDENTIFIER_AUTHORITY WINAPI
498 GetSidIdentifierAuthority( PSID pSid )
500 return RtlIdentifierAuthoritySid(pSid);
503 /******************************************************************************
504 * GetSidSubAuthority [ADVAPI32.@]
511 GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
513 return RtlSubAuthoritySid(pSid, nSubAuthority);
516 /******************************************************************************
517 * GetSidSubAuthorityCount [ADVAPI32.@]
523 GetSidSubAuthorityCount (PSID pSid)
525 return RtlSubAuthorityCountSid(pSid);
528 /******************************************************************************
529 * GetLengthSid [ADVAPI32.@]
535 GetLengthSid (PSID pSid)
537 return RtlLengthSid(pSid);
540 /* ##############################################
541 ###### SECURITY DESCRIPTOR FUNCTIONS ######
542 ##############################################
545 /******************************************************************************
546 * InitializeSecurityDescriptor [ADVAPI32.@]
553 InitializeSecurityDescriptor( PSECURITY_DESCRIPTOR pDescr, DWORD revision )
555 CallWin32ToNt (RtlCreateSecurityDescriptor(pDescr, revision ));
559 /******************************************************************************
560 * MakeAbsoluteSD [ADVAPI32.@]
562 BOOL WINAPI MakeAbsoluteSD (
563 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
564 OUT PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
565 OUT LPDWORD lpdwAbsoluteSecurityDescriptorSize,
567 OUT LPDWORD lpdwDaclSize,
569 OUT LPDWORD lpdwSaclSize,
571 OUT LPDWORD lpdwOwnerSize,
572 OUT PSID pPrimaryGroup,
573 OUT LPDWORD lpdwPrimaryGroupSize)
575 CallWin32ToNt (RtlSelfRelativeToAbsoluteSD(pSelfRelativeSecurityDescriptor,
576 pAbsoluteSecurityDescriptor, lpdwAbsoluteSecurityDescriptorSize,
577 pDacl, lpdwDaclSize, pSacl, lpdwSaclSize, pOwner, lpdwOwnerSize,
578 pPrimaryGroup, lpdwPrimaryGroupSize));
582 /******************************************************************************
583 * GetSecurityDescriptorLength [ADVAPI32.@]
585 DWORD WINAPI GetSecurityDescriptorLength( PSECURITY_DESCRIPTOR pDescr)
587 return (RtlLengthSecurityDescriptor(pDescr));
590 /******************************************************************************
591 * GetSecurityDescriptorOwner [ADVAPI32.@]
595 * lpbOwnerDefaulted []
598 GetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pDescr, PSID *pOwner,
599 LPBOOL lpbOwnerDefaulted )
601 CallWin32ToNt (RtlGetOwnerSecurityDescriptor( pDescr, pOwner, (PBOOLEAN)lpbOwnerDefaulted ));
604 /******************************************************************************
605 * SetSecurityDescriptorOwner [ADVAPI32.@]
609 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
610 PSID pOwner, BOOL bOwnerDefaulted)
612 CallWin32ToNt (RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
614 /******************************************************************************
615 * GetSecurityDescriptorGroup [ADVAPI32.@]
617 BOOL WINAPI GetSecurityDescriptorGroup(
618 PSECURITY_DESCRIPTOR SecurityDescriptor,
620 LPBOOL GroupDefaulted)
622 CallWin32ToNt (RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, (PBOOLEAN)GroupDefaulted));
624 /******************************************************************************
625 * SetSecurityDescriptorGroup [ADVAPI32.@]
627 BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
628 PSID Group, BOOL GroupDefaulted)
630 CallWin32ToNt (RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
633 /******************************************************************************
634 * IsValidSecurityDescriptor [ADVAPI32.@]
640 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
642 CallWin32ToNt (RtlValidSecurityDescriptor(SecurityDescriptor));
645 /******************************************************************************
646 * GetSecurityDescriptorDacl [ADVAPI32.@]
648 BOOL WINAPI GetSecurityDescriptorDacl(
649 IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
650 OUT LPBOOL lpbDaclPresent,
652 OUT LPBOOL lpbDaclDefaulted)
654 CallWin32ToNt (RtlGetDaclSecurityDescriptor(pSecurityDescriptor, (PBOOLEAN)lpbDaclPresent,
655 pDacl, (PBOOLEAN)lpbDaclDefaulted));
658 /******************************************************************************
659 * SetSecurityDescriptorDacl [ADVAPI32.@]
662 SetSecurityDescriptorDacl (
663 PSECURITY_DESCRIPTOR lpsd,
668 CallWin32ToNt (RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ));
670 /******************************************************************************
671 * GetSecurityDescriptorSacl [ADVAPI32.@]
673 BOOL WINAPI GetSecurityDescriptorSacl(
674 IN PSECURITY_DESCRIPTOR lpsd,
675 OUT LPBOOL lpbSaclPresent,
677 OUT LPBOOL lpbSaclDefaulted)
679 CallWin32ToNt (RtlGetSaclSecurityDescriptor(lpsd,
680 (PBOOLEAN)lpbSaclPresent, pSacl, (PBOOLEAN)lpbSaclDefaulted));
683 /**************************************************************************
684 * SetSecurityDescriptorSacl [ADVAPI32.@]
686 BOOL WINAPI SetSecurityDescriptorSacl (
687 PSECURITY_DESCRIPTOR lpsd,
692 CallWin32ToNt (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
694 /******************************************************************************
695 * MakeSelfRelativeSD [ADVAPI32.@]
704 IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
705 IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
706 IN OUT LPDWORD lpdwBufferLength)
708 CallWin32ToNt (RtlMakeSelfRelativeSD(pAbsoluteSecurityDescriptor,pSelfRelativeSecurityDescriptor, lpdwBufferLength));
711 /******************************************************************************
712 * GetSecurityDescriptorControl [ADVAPI32.@]
715 BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR pSecurityDescriptor,
716 PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
718 CallWin32ToNt (RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
721 /* ##############################
722 ###### ACL FUNCTIONS ######
723 ##############################
726 /*************************************************************************
727 * InitializeAcl [ADVAPI32.@]
729 DWORD WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
731 CallWin32ToNt (RtlCreateAcl(acl, size, rev));
734 /******************************************************************************
735 * AddAccessAllowedAce [ADVAPI32.@]
737 BOOL WINAPI AddAccessAllowedAce(
739 IN DWORD dwAceRevision,
743 CallWin32ToNt(RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid));
746 /******************************************************************************
747 * AddAccessAllowedAceEx [ADVAPI32.@]
749 BOOL WINAPI AddAccessAllowedAceEx(
751 IN DWORD dwAceRevision,
756 CallWin32ToNt(RtlAddAccessAllowedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
759 /******************************************************************************
760 * AddAccessDeniedAce [ADVAPI32.@]
762 BOOL WINAPI AddAccessDeniedAce(
764 IN DWORD dwAceRevision,
768 CallWin32ToNt(RtlAddAccessDeniedAce(pAcl, dwAceRevision, AccessMask, pSid));
771 /******************************************************************************
772 * AddAccessDeniedAceEx [ADVAPI32.@]
774 BOOL WINAPI AddAccessDeniedAceEx(
776 IN DWORD dwAceRevision,
781 CallWin32ToNt(RtlAddAccessDeniedAceEx(pAcl, dwAceRevision, AceFlags, AccessMask, pSid));
784 /******************************************************************************
785 * AddAce [ADVAPI32.@]
789 IN DWORD dwAceRevision,
790 IN DWORD dwStartingAceIndex,
792 DWORD nAceListLength)
794 CallWin32ToNt(RtlAddAce(pAcl, dwAceRevision, dwStartingAceIndex, pAceList, nAceListLength));
797 /******************************************************************************
798 * DeleteAce [ADVAPI32.@]
800 BOOL WINAPI DeleteAce(PACL pAcl, DWORD dwAceIndex)
802 CallWin32ToNt(RtlDeleteAce(pAcl, dwAceIndex));
805 /******************************************************************************
806 * FindFirstFreeAce [ADVAPI32.@]
808 BOOL WINAPI FindFirstFreeAce(IN PACL pAcl, LPVOID * pAce)
810 return RtlFirstFreeAce(pAcl, (PACE_HEADER *)pAce);
813 /******************************************************************************
814 * GetAce [ADVAPI32.@]
816 BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
818 CallWin32ToNt(RtlGetAce(pAcl, dwAceIndex, pAce));
821 /******************************************************************************
822 * GetAclInformation [ADVAPI32.@]
824 BOOL WINAPI GetAclInformation(
826 LPVOID pAclInformation,
827 DWORD nAclInformationLength,
828 ACL_INFORMATION_CLASS dwAclInformationClass)
830 CallWin32ToNt(RtlQueryInformationAcl(pAcl, pAclInformation,
831 nAclInformationLength, dwAclInformationClass));
834 /******************************************************************************
835 * IsValidAcl [ADVAPI32.@]
837 BOOL WINAPI IsValidAcl(IN PACL pAcl)
839 return RtlValidAcl(pAcl);
842 /* ##############################
843 ###### MISC FUNCTIONS ######
844 ##############################
847 static const char * const DefaultPrivNames[] =
850 "SeCreateTokenPrivilege", "SeAssignPrimaryTokenPrivilege",
851 "SeLockMemoryPrivilege", "SeIncreaseQuotaPrivilege",
852 "SeUnsolicitedInputPrivilege", "SeMachineAccountPrivilege",
853 "SeTcbPrivilege", "SeSecurityPrivilege",
854 "SeTakeOwnershipPrivilege", "SeLoadDriverPrivilege",
855 "SeSystemProfilePrivilege", "SeSystemtimePrivilege",
856 "SeProfileSingleProcessPrivilege", "SeIncreaseBasePriorityPrivilege",
857 "SeCreatePagefilePrivilege", "SeCreatePermanentPrivilege",
858 "SeBackupPrivilege", "SeRestorePrivilege",
859 "SeShutdownPrivilege", "SeDebugPrivilege",
860 "SeAuditPrivilege", "SeSystemEnvironmentPrivilege",
861 "SeChangeNotifyPrivilege", "SeRemoteShutdownPrivilege",
862 "SeUndockPrivilege", "SeSyncAgentPrivilege",
863 "SeEnableDelegationPrivilege", "SeManageVolumePrivilege",
864 "SeImpersonatePrivilege", "SeCreateGlobalPrivilege",
866 #define NUMPRIVS (sizeof DefaultPrivNames/sizeof DefaultPrivNames[0])
868 /******************************************************************************
869 * LookupPrivilegeValueW [ADVAPI32.@]
871 * See LookupPrivilegeValueA.
874 LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid )
879 TRACE("%s,%s,%p\n",debugstr_w(lpSystemName), debugstr_w(lpName), lpLuid);
881 for( i=0; i<NUMPRIVS; i++ )
883 if( !DefaultPrivNames[i] )
885 MultiByteToWideChar( CP_ACP, 0, DefaultPrivNames[i], -1,
887 if( strcmpW( priv, lpName) )
890 lpLuid->HighPart = 0;
891 TRACE( "%s -> %08lx-%08lx\n",debugstr_w( lpSystemName ),
892 lpLuid->HighPart, lpLuid->LowPart );
898 /******************************************************************************
899 * LookupPrivilegeValueA [ADVAPI32.@]
901 * Retrieves LUID used on a system to represent the privilege name.
904 * lpSystemName [I] Name of the system
905 * lpName [I] Name of the privilege
906 * lpLuid [O] Destination for the resulting LUID
909 * Success: TRUE. lpLuid contains the requested LUID.
913 LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid )
915 UNICODE_STRING lpSystemNameW;
916 UNICODE_STRING lpNameW;
919 RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
920 RtlCreateUnicodeStringFromAsciiz(&lpNameW,lpName);
921 ret = LookupPrivilegeValueW(lpSystemNameW.Buffer, lpNameW.Buffer, lpLuid);
922 RtlFreeUnicodeString(&lpNameW);
923 RtlFreeUnicodeString(&lpSystemNameW);
928 /******************************************************************************
929 * LookupPrivilegeNameA [ADVAPI32.@]
932 LookupPrivilegeNameA( LPCSTR lpSystemName, PLUID lpLuid, LPSTR lpName, LPDWORD cchName)
934 FIXME("%s %p %p %p\n", debugstr_a(lpSystemName), lpLuid, lpName, cchName);
938 /******************************************************************************
939 * LookupPrivilegeNameW [ADVAPI32.@]
942 LookupPrivilegeNameW( LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName, LPDWORD cchName)
944 FIXME("%s %p %p %p\n", debugstr_w(lpSystemName), lpLuid, lpName, cchName);
948 /******************************************************************************
949 * GetFileSecurityA [ADVAPI32.@]
951 * Obtains Specified information about the security of a file or directory.
954 * lpFileName [I] Name of the file to get info for
955 * RequestedInformation [I] SE_ flags from "winnt.h"
956 * pSecurityDescriptor [O] Destination for security information
957 * nLength [I] Length of pSecurityDescriptor
958 * lpnLengthNeeded [O] Destination for length of returned security information
961 * Success: TRUE. pSecurityDescriptor contains the requested information.
962 * Failure: FALSE. lpnLengthNeeded contains the required space to return the info.
965 * The information returned is constrained by the callers access rights and
969 GetFileSecurityA( LPCSTR lpFileName,
970 SECURITY_INFORMATION RequestedInformation,
971 PSECURITY_DESCRIPTOR pSecurityDescriptor,
972 DWORD nLength, LPDWORD lpnLengthNeeded )
980 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
981 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
982 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
985 r = GetFileSecurityW( name, RequestedInformation, pSecurityDescriptor,
986 nLength, lpnLengthNeeded );
988 HeapFree( GetProcessHeap(), 0, name );
993 /******************************************************************************
994 * GetFileSecurityW [ADVAPI32.@]
996 * See GetFileSecurityA.
999 GetFileSecurityW( LPCWSTR lpFileName,
1000 SECURITY_INFORMATION RequestedInformation,
1001 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1002 DWORD nLength, LPDWORD lpnLengthNeeded )
1004 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
1009 /******************************************************************************
1010 * LookupAccountSidA [ADVAPI32.@]
1017 IN OUT LPDWORD accountSize,
1019 IN OUT LPDWORD domainSize,
1020 OUT PSID_NAME_USE name_use )
1022 static const char ac[] = "Administrator";
1023 static const char dm[] = "DOMAIN";
1024 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1025 debugstr_a(system),sid,
1026 account,accountSize,accountSize?*accountSize:0,
1027 domain,domainSize,domainSize?*domainSize:0,
1030 if (accountSize) *accountSize = strlen(ac)+1;
1031 if (account && (*accountSize > strlen(ac)))
1032 strcpy(account, ac);
1034 if (domainSize) *domainSize = strlen(dm)+1;
1035 if (domain && (*domainSize > strlen(dm)))
1038 if (name_use) *name_use = SidTypeUser;
1042 /******************************************************************************
1043 * LookupAccountSidW [ADVAPI32.@]
1059 IN OUT LPDWORD accountSize,
1061 IN OUT LPDWORD domainSize,
1062 OUT PSID_NAME_USE name_use )
1064 static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
1065 static const WCHAR dm[] = {'D','O','M','A','I','N',0};
1066 FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
1067 debugstr_w(system),sid,
1068 account,accountSize,accountSize?*accountSize:0,
1069 domain,domainSize,domainSize?*domainSize:0,
1072 if (accountSize) *accountSize = strlenW(ac)+1;
1073 if (account && (*accountSize > strlenW(ac)))
1074 strcpyW(account, ac);
1076 if (domainSize) *domainSize = strlenW(dm)+1;
1077 if (domain && (*domainSize > strlenW(dm)))
1080 if (name_use) *name_use = SidTypeUser;
1084 /******************************************************************************
1085 * SetFileSecurityA [ADVAPI32.@]
1086 * Sets the security of a file or directory
1088 BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
1089 SECURITY_INFORMATION RequestedInformation,
1090 PSECURITY_DESCRIPTOR pSecurityDescriptor)
1098 len = MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, NULL, 0 );
1099 name = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1100 MultiByteToWideChar( CP_ACP, 0, lpFileName, -1, name, len );
1103 r = SetFileSecurityW( name, RequestedInformation, pSecurityDescriptor );
1105 HeapFree( GetProcessHeap(), 0, name );
1110 /******************************************************************************
1111 * SetFileSecurityW [ADVAPI32.@]
1112 * Sets the security of a file or directory
1116 * RequestedInformation []
1117 * pSecurityDescriptor []
1120 SetFileSecurityW( LPCWSTR lpFileName,
1121 SECURITY_INFORMATION RequestedInformation,
1122 PSECURITY_DESCRIPTOR pSecurityDescriptor )
1124 FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
1128 /******************************************************************************
1129 * QueryWindows31FilesMigration [ADVAPI32.@]
1135 QueryWindows31FilesMigration( DWORD x1 )
1137 FIXME("(%ld):stub\n",x1);
1141 /******************************************************************************
1142 * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
1151 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
1154 FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
1158 /******************************************************************************
1159 * LsaOpenPolicy [ADVAPI32.@]
1163 * ObjectAttributes [I]
1165 * PolicyHandle [I/O]
1169 IN PLSA_UNICODE_STRING SystemName,
1170 IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
1171 IN ACCESS_MASK DesiredAccess,
1172 IN OUT PLSA_HANDLE PolicyHandle)
1174 FIXME("(%s,%p,0x%08lx,%p):stub\n",
1175 SystemName?debugstr_w(SystemName->Buffer):"null",
1176 ObjectAttributes, DesiredAccess, PolicyHandle);
1177 ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
1178 STATUS_ACCESS_VIOLATION);
1179 dumpLsaAttributes(ObjectAttributes);
1180 if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
1181 return STATUS_SUCCESS;
1184 /******************************************************************************
1185 * LsaQueryInformationPolicy [ADVAPI32.@]
1188 LsaQueryInformationPolicy(
1189 IN LSA_HANDLE PolicyHandle,
1190 IN POLICY_INFORMATION_CLASS InformationClass,
1193 FIXME("(%p,0x%08x,%p):stub\n",
1194 PolicyHandle, InformationClass, Buffer);
1196 if(!Buffer) return FALSE;
1197 switch (InformationClass)
1199 case PolicyAuditEventsInformation: /* 2 */
1201 PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(POLICY_AUDIT_EVENTS_INFO));
1202 p->AuditingMode = FALSE; /* no auditing */
1206 case PolicyPrimaryDomainInformation: /* 3 */
1207 case PolicyAccountDomainInformation: /* 5 */
1210 { POLICY_PRIMARY_DOMAIN_INFO ppdi;
1213 SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
1215 struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(xdi));
1217 BOOL useDefault = TRUE;
1220 if ((ret = RegOpenKeyExA(HKEY_LOCAL_MACHINE,
1221 "System\\CurrentControlSet\\Services\\VxD\\VNETSUP", 0,
1222 KEY_READ, &key)) == ERROR_SUCCESS)
1225 static const WCHAR wg[] = { 'W','o','r','k','g','r','o','u','p',0 };
1227 ret = RegQueryValueExW(key, wg, NULL, NULL, NULL, &size);
1228 if (ret == ERROR_MORE_DATA || ret == ERROR_SUCCESS)
1230 xdi->ppdi.Name.Buffer = HeapAlloc(GetProcessHeap(),
1231 HEAP_ZERO_MEMORY, size);
1232 if ((ret = RegQueryValueExW(key, wg, NULL, NULL,
1233 (LPBYTE)xdi->ppdi.Name.Buffer, &size)) == ERROR_SUCCESS)
1235 xdi->ppdi.Name.Length = (USHORT)size;
1240 HeapFree(GetProcessHeap(), 0, xdi->ppdi.Name.Buffer);
1241 xdi->ppdi.Name.Buffer = NULL;
1247 RtlCreateUnicodeStringFromAsciiz(&(xdi->ppdi.Name), "DOMAIN");
1248 TRACE("setting domain to %s\n", debugstr_w(xdi->ppdi.Name.Buffer));
1250 xdi->ppdi.Sid = &(xdi->sid);
1251 xdi->sid.Revision = SID_REVISION;
1252 xdi->sid.SubAuthorityCount = 1;
1253 xdi->sid.IdentifierAuthority = localSidAuthority;
1254 xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
1258 case PolicyAuditLogInformation:
1259 case PolicyPdAccountInformation:
1260 case PolicyLsaServerRoleInformation:
1261 case PolicyReplicaSourceInformation:
1262 case PolicyDefaultQuotaInformation:
1263 case PolicyModificationInformation:
1264 case PolicyAuditFullSetInformation:
1265 case PolicyAuditFullQueryInformation:
1266 case PolicyDnsDomainInformation:
1268 FIXME("category not implemented\n");
1275 /******************************************************************************
1276 * LsaLookupSids [ADVAPI32.@]
1280 IN LSA_HANDLE PolicyHandle,
1283 OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
1284 OUT PLSA_TRANSLATED_NAME *Names )
1286 FIXME("%p %lu %p %p %p\n",
1287 PolicyHandle, Count, Sids, ReferencedDomains, Names);
1291 /******************************************************************************
1292 * LsaFreeMemory [ADVAPI32.@]
1295 LsaFreeMemory(IN PVOID Buffer)
1297 TRACE("(%p)\n",Buffer);
1298 return HeapFree(GetProcessHeap(), 0, Buffer);
1300 /******************************************************************************
1301 * LsaClose [ADVAPI32.@]
1304 LsaClose(IN LSA_HANDLE ObjectHandle)
1306 FIXME("(%p):stub\n",ObjectHandle);
1310 /******************************************************************************
1311 * LsaNtStatusToWinError [ADVAPI32.@]
1317 LsaNtStatusToWinError(NTSTATUS Status)
1319 return RtlNtStatusToDosError(Status);
1322 /******************************************************************************
1323 * NotifyBootConfigStatus [ADVAPI32.@]
1329 NotifyBootConfigStatus( DWORD x1 )
1331 FIXME("(0x%08lx):stub\n",x1);
1335 /******************************************************************************
1336 * RevertToSelf [ADVAPI32.@]
1342 RevertToSelf( void )
1344 FIXME("(), stub\n");
1348 /******************************************************************************
1349 * ImpersonateSelf [ADVAPI32.@]
1352 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1354 return RtlImpersonateSelf(ImpersonationLevel);
1357 /******************************************************************************
1358 * ImpersonateLoggedOnUser [ADVAPI32.@]
1360 BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
1362 FIXME("(%p):stub returning FALSE\n", hToken);
1366 /******************************************************************************
1367 * AccessCheck [ADVAPI32.@]
1369 * FIXME check cast LPBOOL to PBOOLEAN
1373 PSECURITY_DESCRIPTOR SecurityDescriptor,
1375 DWORD DesiredAccess,
1376 PGENERIC_MAPPING GenericMapping,
1377 PPRIVILEGE_SET PrivilegeSet,
1378 LPDWORD PrivilegeSetLength,
1379 LPDWORD GrantedAccess,
1380 LPBOOL AccessStatus)
1382 CallWin32ToNt (NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
1383 GenericMapping, PrivilegeSet, PrivilegeSetLength, GrantedAccess, (PBOOLEAN)AccessStatus));
1387 /******************************************************************************
1388 * AccessCheckByType [ADVAPI32.@]
1390 BOOL WINAPI AccessCheckByType(
1391 PSECURITY_DESCRIPTOR pSecurityDescriptor,
1392 PSID PrincipalSelfSid,
1394 DWORD DesiredAccess,
1395 POBJECT_TYPE_LIST ObjectTypeList,
1396 DWORD ObjectTypeListLength,
1397 PGENERIC_MAPPING GenericMapping,
1398 PPRIVILEGE_SET PrivilegeSet,
1399 LPDWORD PrivilegeSetLength,
1400 LPDWORD GrantedAccess,
1401 LPBOOL AccessStatus)
1405 *AccessStatus = TRUE;
1407 return !*AccessStatus;
1411 /*************************************************************************
1412 * SetKernelObjectSecurity [ADVAPI32.@]
1414 BOOL WINAPI SetKernelObjectSecurity (
1416 IN SECURITY_INFORMATION SecurityInformation,
1417 IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1419 CallWin32ToNt (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1423 /******************************************************************************
1424 * AddAuditAccessAce [ADVAPI32.@]
1426 BOOL WINAPI AddAuditAccessAce(
1428 IN DWORD dwAceRevision,
1429 IN DWORD dwAccessMask,
1431 IN BOOL bAuditSuccess,
1432 IN BOOL bAuditFailure)
1438 /******************************************************************************
1439 * LookupAccountNameA [ADVAPI32.@]
1447 LPSTR ReferencedDomainName,
1448 IN OUT LPDWORD cbReferencedDomainName,
1449 OUT PSID_NAME_USE name_use )
1451 /* Default implementation: Always return a default SID */
1452 SID_IDENTIFIER_AUTHORITY identifierAuthority = {SECURITY_NT_AUTHORITY};
1455 static const char dm[] = "DOMAIN";
1457 FIXME("(%s,%s,%p,%p,%p,%p,%p), stub.\n",system,account,sid,cbSid,ReferencedDomainName,cbReferencedDomainName,name_use);
1459 ret = AllocateAndInitializeSid(&identifierAuthority,
1461 SECURITY_BUILTIN_DOMAIN_RID,
1462 DOMAIN_ALIAS_RID_ADMINS,
1468 if(!RtlValidSid(pSid))
1474 if (sid != NULL && (*cbSid >= GetLengthSid(pSid)))
1475 CopySid(*cbSid, sid, pSid);
1476 if (*cbSid < GetLengthSid(pSid))
1478 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1481 *cbSid = GetLengthSid(pSid);
1483 if (ReferencedDomainName != NULL && (*cbReferencedDomainName > strlen(dm)))
1484 strcpy(ReferencedDomainName, dm);
1485 if (*cbReferencedDomainName <= strlen(dm))
1487 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1490 *cbReferencedDomainName = strlen(dm)+1;
1497 /******************************************************************************
1498 * PrivilegeCheck [ADVAPI32.@]
1500 BOOL WINAPI PrivilegeCheck( HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
1502 FIXME("stub %p %p %p\n", ClientToken, RequiredPrivileges, pfResult);
1508 /******************************************************************************
1509 * AccessCheckAndAuditAlarmA [ADVAPI32.@]
1511 BOOL WINAPI AccessCheckAndAuditAlarmA(LPCSTR Subsystem, LPVOID HandleId, LPSTR ObjectTypeName,
1512 LPSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
1513 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
1514 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
1516 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_a(Subsystem),
1517 HandleId, debugstr_a(ObjectTypeName), debugstr_a(ObjectName),
1518 SecurityDescriptor, DesiredAccess, GenericMapping,
1519 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
1523 /******************************************************************************
1524 * AccessCheckAndAuditAlarmW [ADVAPI32.@]
1526 BOOL WINAPI AccessCheckAndAuditAlarmW(LPCWSTR Subsystem, LPVOID HandleId, LPWSTR ObjectTypeName,
1527 LPWSTR ObjectName, PSECURITY_DESCRIPTOR SecurityDescriptor, DWORD DesiredAccess,
1528 PGENERIC_MAPPING GenericMapping, BOOL ObjectCreation, LPDWORD GrantedAccess,
1529 LPBOOL AccessStatus, LPBOOL pfGenerateOnClose)
1531 FIXME("stub (%s,%p,%s,%s,%p,%08lx,%p,%x,%p,%p,%p)\n", debugstr_w(Subsystem),
1532 HandleId, debugstr_w(ObjectTypeName), debugstr_w(ObjectName),
1533 SecurityDescriptor, DesiredAccess, GenericMapping,
1534 ObjectCreation, GrantedAccess, AccessStatus, pfGenerateOnClose);
1539 /******************************************************************************
1540 * GetSecurityInfo [ADVAPI32.@]
1542 DWORD WINAPI GetSecurityInfo(
1543 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
1544 SECURITY_INFORMATION SecurityInfo, PSID *ppsidOwner,
1545 PSID *ppsidGroup, PACL *ppDacl, PACL *ppSacl,
1546 PSECURITY_DESCRIPTOR *ppSecurityDescriptor
1550 return ERROR_BAD_PROVIDER;
1553 /******************************************************************************
1554 * GetSecurityInfoExW [ADVAPI32.@]
1556 DWORD WINAPI GetSecurityInfoExW(
1557 HANDLE hObject, SE_OBJECT_TYPE ObjectType,
1558 SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider,
1559 LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList,
1560 PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup
1564 return ERROR_BAD_PROVIDER;
1567 /******************************************************************************
1568 * BuildTrusteeWithSidA [ADVAPI32.@]
1570 VOID WINAPI BuildTrusteeWithSidA(PTRUSTEEA pTrustee, PSID pSid)
1572 TRACE("%p %p\n", pTrustee, pSid);
1574 pTrustee->pMultipleTrustee = NULL;
1575 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
1576 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
1577 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
1578 pTrustee->ptstrName = (LPSTR) pSid;
1581 /******************************************************************************
1582 * BuildTrusteeWithSidW [ADVAPI32.@]
1584 VOID WINAPI BuildTrusteeWithSidW(PTRUSTEEW pTrustee, PSID pSid)
1586 TRACE("%p %p\n", pTrustee, pSid);
1588 pTrustee->pMultipleTrustee = NULL;
1589 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
1590 pTrustee->TrusteeForm = TRUSTEE_IS_SID;
1591 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
1592 pTrustee->ptstrName = (LPWSTR) pSid;
1595 /******************************************************************************
1596 * BuildTrusteeWithNameA [ADVAPI32.@]
1598 VOID WINAPI BuildTrusteeWithNameA(PTRUSTEEA pTrustee, LPSTR name)
1600 TRACE("%p %s\n", pTrustee, debugstr_a(name) );
1602 pTrustee->pMultipleTrustee = NULL;
1603 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
1604 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
1605 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
1606 pTrustee->ptstrName = name;
1609 /******************************************************************************
1610 * BuildTrusteeWithNameW [ADVAPI32.@]
1612 VOID WINAPI BuildTrusteeWithNameW(PTRUSTEEW pTrustee, LPWSTR name)
1614 TRACE("%p %s\n", pTrustee, debugstr_w(name) );
1616 pTrustee->pMultipleTrustee = NULL;
1617 pTrustee->MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
1618 pTrustee->TrusteeForm = TRUSTEE_IS_NAME;
1619 pTrustee->TrusteeType = TRUSTEE_IS_UNKNOWN;
1620 pTrustee->ptstrName = name;
1623 /******************************************************************************
1624 * SetEntriesInAclA [ADVAPI32.@]
1626 DWORD WINAPI SetEntriesInAclA( ULONG count, PEXPLICIT_ACCESSA pEntries,
1627 PACL OldAcl, PACL* NewAcl )
1629 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
1630 return ERROR_CALL_NOT_IMPLEMENTED;
1633 /******************************************************************************
1634 * SetEntriesInAclW [ADVAPI32.@]
1636 DWORD WINAPI SetEntriesInAclW( ULONG count, PEXPLICIT_ACCESSW pEntries,
1637 PACL OldAcl, PACL* NewAcl )
1639 FIXME("%ld %p %p %p\n",count,pEntries,OldAcl,NewAcl);
1640 return ERROR_CALL_NOT_IMPLEMENTED;
1643 /******************************************************************************
1644 * SetNamedSecurityInfoA [ADVAPI32.@]
1646 DWORD WINAPI SetNamedSecurityInfoA(LPSTR pObjectName,
1647 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
1648 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
1654 TRACE("%s %d %ld %p %p %p %p\n", debugstr_a(pObjectName), ObjectType,
1655 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
1659 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
1660 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
1661 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
1664 r = SetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, psidOwner,
1665 psidGroup, pDacl, pSacl );
1668 HeapFree( GetProcessHeap(), 0, wstr );
1673 /******************************************************************************
1674 * AreAnyAccessesGranted [ADVAPI32.@]
1676 * Determines whether or not any of a set of specified access permissions have
1677 * been granted or not.
1680 * GrantedAccess [I] The permissions that have been granted.
1681 * DesiredAccess [I] The permissions that you want to have.
1684 * Nonzero if any of the permissions have been granted, zero if none of the
1685 * permissions have been granted.
1688 BOOL WINAPI AreAnyAccessesGranted( DWORD GrantedAccess, DWORD DesiredAccess )
1690 return (GrantedAccess & DesiredAccess) != 0;
1693 /******************************************************************************
1694 * SetNamedSecurityInfoW [ADVAPI32.@]
1696 DWORD WINAPI SetNamedSecurityInfoW(LPWSTR pObjectName,
1697 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
1698 PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl)
1700 FIXME("%s %d %ld %p %p %p %p\n", debugstr_w(pObjectName), ObjectType,
1701 SecurityInfo, psidOwner, psidGroup, pDacl, pSacl);
1702 return ERROR_CALL_NOT_IMPLEMENTED;
1705 /******************************************************************************
1706 * GetExplicitEntriesFromAclA [ADVAPI32.@]
1708 DWORD WINAPI GetExplicitEntriesFromAclA( PACL pacl, PULONG pcCountOfExplicitEntries,
1709 PEXPLICIT_ACCESSA* pListOfExplicitEntries)
1711 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
1712 return ERROR_CALL_NOT_IMPLEMENTED;
1715 /******************************************************************************
1716 * GetExplicitEntriesFromAclW [ADVAPI32.@]
1718 DWORD WINAPI GetExplicitEntriesFromAclW( PACL pacl, PULONG pcCountOfExplicitEntries,
1719 PEXPLICIT_ACCESSW* pListOfExplicitEntries)
1721 FIXME("%p %p %p\n",pacl, pcCountOfExplicitEntries, pListOfExplicitEntries);
1722 return ERROR_CALL_NOT_IMPLEMENTED;
1726 /******************************************************************************
1727 * ParseAclStringFlags
1729 static DWORD ParseAclStringFlags(LPCWSTR* StringAcl)
1732 LPCWSTR szAcl = *StringAcl;
1734 while (*szAcl != '(')
1738 flags |= SE_DACL_PROTECTED;
1740 else if (*szAcl == 'A')
1744 flags |= SE_DACL_AUTO_INHERIT_REQ;
1745 else if (*szAcl == 'I')
1746 flags |= SE_DACL_AUTO_INHERITED;
1755 /******************************************************************************
1756 * ParseAceStringType
1760 { SDDL_ACCESS_ALLOWED, ACCESS_ALLOWED_ACE_TYPE },
1761 { SDDL_ALARM, SYSTEM_ALARM_ACE_TYPE },
1762 { SDDL_AUDIT, SYSTEM_AUDIT_ACE_TYPE },
1763 { SDDL_ACCESS_DENIED, ACCESS_DENIED_ACE_TYPE },
1765 { SDDL_OBJECT_ACCESS_ALLOWED, ACCESS_ALLOWED_OBJECT_ACE_TYPE },
1766 { SDDL_OBJECT_ACCESS_DENIED, ACCESS_DENIED_OBJECT_ACE_TYPE },
1767 { SDDL_OBJECT_ALARM, SYSTEM_ALARM_OBJECT_ACE_TYPE },
1768 { SDDL_OBJECT_AUDIT, SYSTEM_AUDIT_OBJECT_ACE_TYPE },
1773 static BYTE ParseAceStringType(LPCWSTR* StringAcl)
1776 LPCWSTR szAcl = *StringAcl;
1777 LPACEFLAG lpaf = AceType;
1779 while (lpaf->wstr &&
1780 (len = strlenW(lpaf->wstr)) &&
1781 strncmpW(lpaf->wstr, szAcl, len))
1792 /******************************************************************************
1793 * ParseAceStringFlags
1795 ACEFLAG AceFlags[] =
1797 { SDDL_CONTAINER_INHERIT, CONTAINER_INHERIT_ACE },
1798 { SDDL_AUDIT_FAILURE, FAILED_ACCESS_ACE_FLAG },
1799 { SDDL_INHERITED, INHERITED_ACE },
1800 { SDDL_INHERIT_ONLY, INHERIT_ONLY_ACE },
1801 { SDDL_NO_PROPAGATE, NO_PROPAGATE_INHERIT_ACE },
1802 { SDDL_OBJECT_INHERIT, OBJECT_INHERIT_ACE },
1803 { SDDL_AUDIT_SUCCESS, SUCCESSFUL_ACCESS_ACE_FLAG },
1807 static BYTE ParseAceStringFlags(LPCWSTR* StringAcl)
1811 LPCWSTR szAcl = *StringAcl;
1813 while (*szAcl != ';')
1815 LPACEFLAG lpaf = AceFlags;
1817 while (lpaf->wstr &&
1818 (len = strlenW(lpaf->wstr)) &&
1819 strncmpW(lpaf->wstr, szAcl, len))
1825 flags |= lpaf->value;
1834 /******************************************************************************
1835 * ParseAceStringRights
1837 ACEFLAG AceRights[] =
1839 { SDDL_GENERIC_ALL, GENERIC_ALL },
1840 { SDDL_GENERIC_READ, GENERIC_READ },
1841 { SDDL_GENERIC_WRITE, GENERIC_WRITE },
1842 { SDDL_GENERIC_EXECUTE, GENERIC_EXECUTE },
1843 { SDDL_READ_CONTROL, READ_CONTROL },
1844 { SDDL_STANDARD_DELETE, DELETE },
1845 { SDDL_WRITE_DAC, WRITE_DAC },
1846 { SDDL_WRITE_OWNER, WRITE_OWNER },
1850 static DWORD ParseAceStringRights(LPCWSTR* StringAcl)
1854 LPCWSTR szAcl = *StringAcl;
1856 if ((*szAcl == '0') && (*(szAcl + 1) == 'x'))
1860 while (*p && *p != ';')
1865 rights = strtoulW(szAcl, NULL, 16);
1869 WARN("Invalid rights string format: %s\n", debugstr_wn(szAcl, p - szAcl));
1873 while (*szAcl != ';')
1875 LPACEFLAG lpaf = AceRights;
1877 while (lpaf->wstr &&
1878 (len = strlenW(lpaf->wstr)) &&
1879 strncmpW(lpaf->wstr, szAcl, len))
1887 rights |= lpaf->value;
1897 /******************************************************************************
1898 * ParseStringAclToAcl
1900 * dacl_flags(string_ace1)(string_ace2)... (string_acen)
1902 static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
1903 PACL pAcl, LPDWORD cBytes)
1907 DWORD length = sizeof(ACL);
1908 PACCESS_ALLOWED_ACE pAce = NULL; /* pointer to current ACE */
1910 TRACE("%s\n", debugstr_w(StringAcl));
1915 if (pAcl) /* pAce is only useful if we're setting values */
1916 pAce = (PACCESS_ALLOWED_ACE) ((LPBYTE)pAcl + sizeof(PACL));
1918 /* Parse ACL flags */
1919 *lpdwFlags = ParseAclStringFlags(&StringAcl);
1922 while (*StringAcl == '(')
1926 /* Parse ACE type */
1927 val = ParseAceStringType(&StringAcl);
1929 pAce->Header.AceType = (BYTE) val;
1930 if (*StringAcl != ';')
1934 /* Parse ACE flags */
1935 val = ParseAceStringFlags(&StringAcl);
1937 pAce->Header.AceFlags = (BYTE) val;
1938 if (*StringAcl != ';')
1942 /* Parse ACE rights */
1943 val = ParseAceStringRights(&StringAcl);
1946 if (*StringAcl != ';')
1950 /* Parse ACE object guid */
1951 if (*StringAcl != ';')
1953 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
1958 /* Parse ACE inherit object guid */
1959 if (*StringAcl != ';')
1961 FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
1966 /* Parse ACE account sid */
1967 if (ParseStringSidToSid(StringAcl, pAce ? (PSID)&pAce->SidStart : NULL, &sidlen))
1969 while (*StringAcl && *StringAcl != ')')
1973 if (*StringAcl != ')')
1977 length += sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + sidlen;
1984 WARN("Invalid ACE string format\n");
1989 /******************************************************************************
1990 * ParseStringSecurityDescriptorToSecurityDescriptor
1992 static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
1993 LPCWSTR StringSecurityDescriptor,
1994 SECURITY_DESCRIPTOR* SecurityDescriptor,
1999 WCHAR tok[MAX_PATH];
2001 LPBYTE lpNext = NULL;
2005 if (SecurityDescriptor)
2006 lpNext = ((LPBYTE) SecurityDescriptor) + sizeof(SECURITY_DESCRIPTOR);
2008 while (*StringSecurityDescriptor)
2010 toktype = *StringSecurityDescriptor;
2012 /* Expect char identifier followed by ':' */
2013 StringSecurityDescriptor++;
2014 if (*StringSecurityDescriptor != ':')
2016 SetLastError(ERROR_INVALID_PARAMETER);
2019 StringSecurityDescriptor++;
2022 lptoken = StringSecurityDescriptor;
2023 while (*lptoken && *lptoken != ':')
2029 strncpyW(tok, StringSecurityDescriptor, lptoken - StringSecurityDescriptor);
2037 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
2040 if (SecurityDescriptor)
2042 SecurityDescriptor->Owner = (PSID) ((DWORD) lpNext -
2043 (DWORD) SecurityDescriptor);
2044 lpNext += bytes; /* Advance to next token */
2056 if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
2059 if (SecurityDescriptor)
2061 SecurityDescriptor->Group = (PSID) ((DWORD) lpNext -
2062 (DWORD) SecurityDescriptor);
2063 lpNext += bytes; /* Advance to next token */
2076 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2079 if (SecurityDescriptor)
2081 SecurityDescriptor->Control |= SE_DACL_PRESENT | flags;
2082 SecurityDescriptor->Dacl = (PACL) ((DWORD) lpNext -
2083 (DWORD) SecurityDescriptor);
2084 lpNext += bytes; /* Advance to next token */
2097 if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
2100 if (SecurityDescriptor)
2102 SecurityDescriptor->Control |= SE_SACL_PRESENT | flags;
2103 SecurityDescriptor->Sacl = (PACL) ((DWORD) lpNext -
2104 (DWORD) SecurityDescriptor);
2105 lpNext += bytes; /* Advance to next token */
2114 FIXME("Unknown token\n");
2115 SetLastError(ERROR_INVALID_PARAMETER);
2119 StringSecurityDescriptor = lptoken;
2128 /******************************************************************************
2129 * ConvertStringSecurityDescriptorToSecurityDescriptorW [ADVAPI32.@]
2131 BOOL WINAPI ConvertStringSecurityDescriptorToSecurityDescriptorW(
2132 LPCWSTR StringSecurityDescriptor,
2133 DWORD StringSDRevision,
2134 PSECURITY_DESCRIPTOR* SecurityDescriptor,
2135 PULONG SecurityDescriptorSize)
2138 SECURITY_DESCRIPTOR* psd;
2141 TRACE("%s\n", debugstr_w(StringSecurityDescriptor));
2143 if (GetVersion() & 0x80000000)
2145 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2148 else if (StringSDRevision != SID_REVISION)
2150 SetLastError(ERROR_UNKNOWN_REVISION);
2154 /* Compute security descriptor length */
2155 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2159 psd = *SecurityDescriptor = (SECURITY_DESCRIPTOR*) LocalAlloc(
2160 GMEM_ZEROINIT, cBytes);
2162 psd->Revision = SID_REVISION;
2163 psd->Control |= SE_SELF_RELATIVE;
2165 if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor,
2172 if (SecurityDescriptorSize)
2173 *SecurityDescriptorSize = cBytes;
2178 TRACE(" ret=%d\n", bret);
2182 /******************************************************************************
2183 * ConvertStringSidToSidW [ADVAPI32.@]
2185 BOOL WINAPI ConvertStringSidToSidW(LPCWSTR StringSid, PSID* Sid)
2190 TRACE("%s, %p\n", debugstr_w(StringSid), Sid);
2191 if (GetVersion() & 0x80000000)
2192 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2193 else if (!StringSid || !Sid)
2194 SetLastError(ERROR_INVALID_PARAMETER);
2195 else if (ParseStringSidToSid(StringSid, NULL, &cBytes))
2197 PSID pSid = *Sid = (PSID) LocalAlloc(0, cBytes);
2199 bret = ParseStringSidToSid(StringSid, pSid, &cBytes);
2203 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
2207 /******************************************************************************
2208 * ConvertStringSidToSidA [ADVAPI32.@]
2210 BOOL WINAPI ConvertStringSidToSidA(LPCSTR StringSid, PSID* Sid)
2214 TRACE("%s, %p\n", debugstr_a(StringSid), Sid);
2215 if (GetVersion() & 0x80000000)
2216 SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
2217 else if (!StringSid || !Sid)
2218 SetLastError(ERROR_INVALID_PARAMETER);
2221 UINT len = MultiByteToWideChar(CP_ACP, 0, StringSid, -1, NULL, 0);
2222 LPWSTR wStringSid = (LPWSTR)HeapAlloc(GetProcessHeap(), 0,
2223 len * sizeof(WCHAR));
2225 MultiByteToWideChar(CP_ACP, 0, StringSid, -1, wStringSid, len);
2226 bret = ConvertStringSidToSidW(wStringSid, Sid);
2227 HeapFree(GetProcessHeap(), 0, wStringSid);
2229 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
2233 /******************************************************************************
2234 * ConvertSidToStringSidW [ADVAPI32.@]
2236 * format of SID string is:
2237 * S-<count>-<auth>-<subauth1>-<subauth2>-<subauth3>...
2239 * <rev> is the revision of the SID encoded as decimal
2240 * <auth> is the identifier authority encoded as hex
2241 * <subauthN> is the subauthority id encoded as decimal
2243 BOOL WINAPI ConvertSidToStringSidW( PSID pSid, LPWSTR *pstr )
2247 WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 };
2248 WCHAR subauthfmt[] = { '-','%','u',0 };
2251 TRACE("%p %p\n", pSid, pstr );
2253 if( !IsValidSid( pSid ) )
2256 if (pisid->Revision != SDDL_REVISION)
2258 if (pisid->IdentifierAuthority.Value[0] ||
2259 pisid->IdentifierAuthority.Value[1])
2261 FIXME("not matching MS' bugs\n");
2265 sz = 14 + pisid->SubAuthorityCount * 11;
2266 str = LocalAlloc( 0, sz*sizeof(WCHAR) );
2267 sprintfW( str, fmt, pisid->Revision, MAKELONG(
2268 MAKEWORD( pisid->IdentifierAuthority.Value[5],
2269 pisid->IdentifierAuthority.Value[4] ),
2270 MAKEWORD( pisid->IdentifierAuthority.Value[3],
2271 pisid->IdentifierAuthority.Value[2] ) ) );
2272 for( i=0; i<pisid->SubAuthorityCount; i++ )
2273 sprintfW( str + strlenW(str), subauthfmt, pisid->SubAuthority[i] );
2279 /******************************************************************************
2280 * ConvertSidToStringSidA [ADVAPI32.@]
2282 BOOL WINAPI ConvertSidToStringSidA(PSID pSid, LPSTR *pstr)
2288 TRACE("%p %p\n", pSid, pstr );
2290 if( !ConvertSidToStringSidW( pSid, &wstr ) )
2293 len = WideCharToMultiByte( CP_ACP, 0, wstr, -1, NULL, 0, NULL, NULL );
2294 str = LocalAlloc( 0, len );
2295 WideCharToMultiByte( CP_ACP, 0, wstr, -1, str, len, NULL, NULL );
2303 /******************************************************************************
2304 * ComputeStringSidSize
2306 static DWORD ComputeStringSidSize(LPCWSTR StringSid)
2309 DWORD size = sizeof(SID);
2313 if (*StringSid == '-')
2319 size += (ctok - 3) * sizeof(DWORD);
2324 /******************************************************************************
2325 * ParseStringSidToSid
2327 static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes)
2332 TRACE("%s, %p, %p\n", debugstr_w(StringSid), pSid, cBytes);
2335 SetLastError(ERROR_INVALID_PARAMETER);
2336 TRACE("StringSid is NULL, returning FALSE\n");
2340 *cBytes = ComputeStringSidSize(StringSid);
2341 if (!pisid) /* Simply compute the size */
2343 TRACE("only size requested, returning TRUE\n");
2347 if (*StringSid != 'S' || *StringSid != '-') /* S-R-I-S-S */
2349 DWORD i = 0, identAuth;
2350 DWORD csubauth = ((*cBytes - sizeof(SID)) / sizeof(DWORD)) + 1;
2352 StringSid += 2; /* Advance to Revision */
2353 pisid->Revision = atoiW(StringSid);
2355 if (pisid->Revision != SDDL_REVISION)
2357 TRACE("Revision %d is unknown\n", pisid->Revision);
2358 goto lend; /* ERROR_INVALID_SID */
2362 TRACE("SubAuthorityCount is 0\n");
2363 goto lend; /* ERROR_INVALID_SID */
2366 pisid->SubAuthorityCount = csubauth;
2368 /* Advance to identifier authority */
2369 while (*StringSid && *StringSid != '-')
2371 if (*StringSid == '-')
2374 /* MS' implementation can't handle values greater than 2^32 - 1, so
2375 * we don't either; assume most significant bytes are always 0
2377 pisid->IdentifierAuthority.Value[0] = 0;
2378 pisid->IdentifierAuthority.Value[1] = 0;
2379 identAuth = atoiW(StringSid);
2380 pisid->IdentifierAuthority.Value[5] = identAuth & 0xff;
2381 pisid->IdentifierAuthority.Value[4] = (identAuth & 0xff00) >> 8;
2382 pisid->IdentifierAuthority.Value[3] = (identAuth & 0xff0000) >> 16;
2383 pisid->IdentifierAuthority.Value[2] = (identAuth & 0xff000000) >> 24;
2385 /* Advance to first sub authority */
2386 while (*StringSid && *StringSid != '-')
2388 if (*StringSid == '-')
2393 while (*StringSid && *StringSid != '-')
2396 pisid->SubAuthority[i++] = atoiW(StringSid);
2399 if (i != pisid->SubAuthorityCount)
2400 goto lend; /* ERROR_INVALID_SID */
2404 else /* String constant format - Only available in winxp and above */
2406 pisid->Revision = SDDL_REVISION;
2407 pisid->SubAuthorityCount = 1;
2409 FIXME("String constant not supported: %s\n", debugstr_wn(StringSid, 2));
2411 /* TODO: Lookup string of well-known SIDs in table */
2412 pisid->IdentifierAuthority.Value[5] = 0;
2413 pisid->SubAuthority[0] = 0;
2420 SetLastError(ERROR_INVALID_SID);
2422 TRACE("returning %s\n", bret ? "TRUE" : "FALSE");
2426 /******************************************************************************
2427 * GetNamedSecurityInfoA [ADVAPI32.@]
2429 DWORD WINAPI GetNamedSecurityInfoA(LPSTR pObjectName,
2430 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2431 PSID* ppsidOwner, PSID* ppsidGroup, PACL* ppDacl, PACL* ppSacl,
2432 PSECURITY_DESCRIPTOR* ppSecurityDescriptor)
2438 TRACE("%s %d %ld %p %p %p %p %p\n", pObjectName, ObjectType, SecurityInfo,
2439 ppsidOwner, ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor);
2443 len = MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, NULL, 0 );
2444 wstr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR));
2445 MultiByteToWideChar( CP_ACP, 0, pObjectName, -1, wstr, len );
2448 r = GetNamedSecurityInfoW( wstr, ObjectType, SecurityInfo, ppsidOwner,
2449 ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor );
2452 HeapFree( GetProcessHeap(), 0, wstr );
2457 /******************************************************************************
2458 * GetNamedSecurityInfoW [ADVAPI32.@]
2460 DWORD WINAPI GetNamedSecurityInfoW(LPWSTR pObjectName,
2461 SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
2462 PSID* ppsidOwner, PSID* ppsidGroup, PACL* ppDacl, PACL* ppSacl,
2463 PSECURITY_DESCRIPTOR* ppSecurityDescriptor)
2465 FIXME("%s %d %ld %p %p %p %p %p\n", debugstr_w(pObjectName), ObjectType, SecurityInfo,
2466 ppsidOwner, ppsidGroup, ppDacl, ppSacl, ppSecurityDescriptor);
2467 return ERROR_CALL_NOT_IMPLEMENTED;
projects / wine / blob