git.oblomov.eu Git - wine/blob - dlls/advapi32/security.c

   1 /*
   2  * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
   3  *
   4  * This library is free software; you can redistribute it and/or
   5  * modify it under the terms of the GNU Lesser General Public
   6  * License as published by the Free Software Foundation; either
   7  * version 2.1 of the License, or (at your option) any later version.
   8  *
   9  * This library is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12  * Lesser General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU Lesser General Public
  15  * License along with this library; if not, write to the Free Software
  16  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  17  *
  18  *  FIXME: for all functions thunking down to Rtl* functions:  implement SetLastError()
  19  */
  20
  21 #include <string.h>
  22
  23 #include "windef.h"
  24 #include "winerror.h"
  25 #include "rpcnterr.h"
  26 #include "heap.h"
  27 #include "winternl.h"
  28 #include "ntsecapi.h"
  29 #include "wine/debug.h"
  30
  31 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
  32
  33 #define CallWin32ToNt(func) \
  34         { NTSTATUS ret; \
  35           ret = (func); \
  36           if (ret !=STATUS_SUCCESS) \
  37           { SetLastError (RtlNtStatusToDosError(ret)); return FALSE; } \
  38           return TRUE; \
  39         }
  40
  41 static void dumpLsaAttributes( PLSA_OBJECT_ATTRIBUTES oa )
  42 {
  43         if (oa)
  44         {
  45           TRACE("\n\tlength=%lu, rootdir=0x%08x, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
  46                 oa->Length, oa->RootDirectory,
  47                 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
  48                 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
  49         }
  50 }
  51
  52 /************************************************************
  53  *                ADVAPI_IsLocalComputer
  54  *
  55  * Checks whether the server name indicates local machine.
  56  */
  57 BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
  58 {
  59     if (!ServerName)
  60     {
  61         return TRUE;
  62     }
  63     else
  64     {
  65         DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
  66         BOOL Result;
  67         LPWSTR buf;
  68
  69         buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
  70         Result = GetComputerNameW(buf,  &dwSize);
  71         if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
  72             ServerName += 2;
  73         Result = Result && !lstrcmpW(ServerName, buf);
  74         HeapFree(GetProcessHeap(), 0, buf);
  75
  76         return Result;
  77     }
  78 }
  79
  80 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
  81     if (!ADVAPI_IsLocalComputer(ServerName)) \
  82     { \
  83         FIXME("Action Implemented for local computer only. " \
  84               "Requested for server %s\n", debugstr_w(ServerName)); \
  85         return FailureCode; \
  86     }
  87
  88 /*      ##############################
  89         ######  TOKEN FUNCTIONS ######
  90         ##############################
  91 */
  92
  93 /******************************************************************************
  94  * OpenProcessToken                     [ADVAPI32.@]
  95  * Opens the access token associated with a process
  96  *
  97  * PARAMS
  98  *   ProcessHandle [I] Handle to process
  99  *   DesiredAccess [I] Desired access to process
 100  *   TokenHandle   [O] Pointer to handle of open access token
 101  *
 102  * RETURNS STD
 103  */
 104 BOOL WINAPI
 105 OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
 106                   HANDLE *TokenHandle )
 107 {
 108         CallWin32ToNt(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
 109 }
 110
 111 /******************************************************************************
 112  * OpenThreadToken [ADVAPI32.@]
 113  *
 114  * PARAMS
 115  *   thread        []
 116  *   desiredaccess []
 117  *   openasself    []
 118  *   thandle       []
 119  */
 120 BOOL WINAPI
 121 OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
 122                  BOOL OpenAsSelf, HANDLE *TokenHandle)
 123 {
 124         CallWin32ToNt (NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
 125 }
 126
 127 /******************************************************************************
 128  * AdjustTokenPrivileges [ADVAPI32.@]
 129  *
 130  * PARAMS
 131  *   TokenHandle          []
 132  *   DisableAllPrivileges []
 133  *   NewState             []
 134  *   BufferLength         []
 135  *   PreviousState        []
 136  *   ReturnLength         []
 137  */
 138 BOOL WINAPI
 139 AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
 140                        LPVOID NewState, DWORD BufferLength,
 141                        LPVOID PreviousState, LPDWORD ReturnLength )
 142 {
 143         CallWin32ToNt(NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges, NewState, BufferLength, PreviousState, ReturnLength));
 144 }
 145
 146 /******************************************************************************
 147  * CheckTokenMembership [ADVAPI32.@]
 148  *
 149  * PARAMS
 150  *   TokenHandle [I]
 151  *   SidToCheck  [I]
 152  *   IsMember    [O]
 153  */
 154 BOOL WINAPI
 155 CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
 156                       PBOOL IsMember )
 157 {
 158   FIXME("(0x%08x %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
 159
 160   *IsMember = TRUE;
 161   return(TRUE);
 162 }
 163
 164 /******************************************************************************
 165  * GetTokenInformation [ADVAPI32.@]
 166  *
 167  * PARAMS
 168  *   token           [I]
 169  *   tokeninfoclass  [I]
 170  *   tokeninfo       [O]
 171  *   tokeninfolength [I]
 172  *   retlen          [O]
 173  *
 174  */
 175 BOOL WINAPI
 176 GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
 177                      LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
 178 {
 179     TRACE("(%x, %s, %p, %ld, %p): \n",
 180           token,
 181           (tokeninfoclass == TokenUser) ? "TokenUser" :
 182           (tokeninfoclass == TokenGroups) ? "TokenGroups" :
 183           (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
 184           (tokeninfoclass == TokenOwner) ? "TokenOwner" :
 185           (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
 186           (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
 187           (tokeninfoclass == TokenSource) ? "TokenSource" :
 188           (tokeninfoclass == TokenType) ? "TokenType" :
 189           (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
 190           (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
 191           (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
 192           (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
 193           (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
 194           (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
 195           (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
 196           "Unknown",
 197           tokeninfo, tokeninfolength, retlen);
 198     CallWin32ToNt (NtQueryInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength, retlen));
 199 }
 200
 201 /******************************************************************************
 202  * SetTokenInformation [ADVAPI32.@]
 203  *
 204  * PARAMS
 205  *   token           [I]
 206  *   tokeninfoclass  [I]
 207  *   tokeninfo       [I]
 208  *   tokeninfolength [I]
 209  *
 210  */
 211 BOOL WINAPI
 212 SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
 213                      LPVOID tokeninfo, DWORD tokeninfolength )
 214 {
 215     FIXME("(%x, %s, %p, %ld): stub\n",
 216           token,
 217           (tokeninfoclass == TokenUser) ? "TokenUser" :
 218           (tokeninfoclass == TokenGroups) ? "TokenGroups" :
 219           (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
 220           (tokeninfoclass == TokenOwner) ? "TokenOwner" :
 221           (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
 222           (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
 223           (tokeninfoclass == TokenSource) ? "TokenSource" :
 224           (tokeninfoclass == TokenType) ? "TokenType" :
 225           (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
 226           (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
 227           (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
 228           (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
 229           (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
 230           (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
 231           (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
 232           "Unknown",
 233           tokeninfo, tokeninfolength);
 234
 235     SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
 236
 237     return FALSE;
 238 }
 239
 240 /*************************************************************************
 241  * SetThreadToken [ADVAPI32.@]
 242  *
 243  * Assigns an "impersonation token" to a thread so it can assume the
 244  * security privledges of another thread or process.  Can also remove
 245  * a previously assigned token.  Only supported on NT - it's a stub
 246  * exactly like this one on Win9X.
 247  *
 248  */
 249
 250 BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
 251 {
 252     FIXME("(%p, %x): stub (NT impl. only)\n", thread, token);
 253
 254     SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
 255
 256     return FALSE;
 257 }
 258
 259 /*      ##############################
 260         ######  SID FUNCTIONS   ######
 261         ##############################
 262 */
 263
 264 /******************************************************************************
 265  * AllocateAndInitializeSid [ADVAPI32.@]
 266  *
 267  * PARAMS
 268  *   pIdentifierAuthority []
 269  *   nSubAuthorityCount   []
 270  *   nSubAuthority0       []
 271  *   nSubAuthority1       []
 272  *   nSubAuthority2       []
 273  *   nSubAuthority3       []
 274  *   nSubAuthority4       []
 275  *   nSubAuthority5       []
 276  *   nSubAuthority6       []
 277  *   nSubAuthority7       []
 278  *   pSid                 []
 279  */
 280 BOOL WINAPI
 281 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
 282                           BYTE nSubAuthorityCount,
 283                           DWORD nSubAuthority0, DWORD nSubAuthority1,
 284                           DWORD nSubAuthority2, DWORD nSubAuthority3,
 285                           DWORD nSubAuthority4, DWORD nSubAuthority5,
 286                           DWORD nSubAuthority6, DWORD nSubAuthority7,
 287                           PSID *pSid )
 288 {
 289         CallWin32ToNt (RtlAllocateAndInitializeSid(
 290                 pIdentifierAuthority, nSubAuthorityCount,
 291                 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
 292                 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
 293                 pSid ));
 294 }
 295
 296 /******************************************************************************
 297  * FreeSid [ADVAPI32.@]
 298  *
 299  * PARAMS
 300  *   pSid []
 301  */
 302 PVOID WINAPI
 303 FreeSid( PSID pSid )
 304 {
 305         RtlFreeSid(pSid);
 306         return NULL; /* is documented like this */
 307 }
 308
 309 /******************************************************************************
 310  * CopySid [ADVAPI32.@]
 311  *
 312  * PARAMS
 313  *   nDestinationSidLength []
 314  *   pDestinationSid       []
 315  *   pSourceSid            []
 316  */
 317 BOOL WINAPI
 318 CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
 319 {
 320         return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
 321 }
 322
 323 /******************************************************************************
 324  * IsValidSid [ADVAPI32.@]
 325  *
 326  * PARAMS
 327  *   pSid []
 328  */
 329 BOOL WINAPI
 330 IsValidSid( PSID pSid )
 331 {
 332         return RtlValidSid( pSid );
 333 }
 334
 335 /******************************************************************************
 336  * EqualSid [ADVAPI32.@]
 337  *
 338  * PARAMS
 339  *   pSid1 []
 340  *   pSid2 []
 341  */
 342 BOOL WINAPI
 343 EqualSid( PSID pSid1, PSID pSid2 )
 344 {
 345         return RtlEqualSid( pSid1, pSid2 );
 346 }
 347
 348 /******************************************************************************
 349  * EqualPrefixSid [ADVAPI32.@]
 350  */
 351 BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
 352 {
 353         return RtlEqualPrefixSid(pSid1, pSid2);
 354 }
 355
 356 /******************************************************************************
 357  * GetSidLengthRequired [ADVAPI32.@]
 358  *
 359  * PARAMS
 360  *   nSubAuthorityCount []
 361  */
 362 DWORD WINAPI
 363 GetSidLengthRequired( BYTE nSubAuthorityCount )
 364 {
 365         return RtlLengthRequiredSid(nSubAuthorityCount);
 366 }
 367
 368 /******************************************************************************
 369  * InitializeSid [ADVAPI32.@]
 370  *
 371  * PARAMS
 372  *   pIdentifierAuthority []
 373  */
 374 BOOL WINAPI
 375 InitializeSid (
 376         PSID pSid,
 377         PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
 378         BYTE nSubAuthorityCount)
 379 {
 380         return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
 381 }
 382
 383 /******************************************************************************
 384  * GetSidIdentifierAuthority [ADVAPI32.@]
 385  *
 386  * PARAMS
 387  *   pSid []
 388  */
 389 PSID_IDENTIFIER_AUTHORITY WINAPI
 390 GetSidIdentifierAuthority( PSID pSid )
 391 {
 392         return RtlIdentifierAuthoritySid(pSid);
 393 }
 394
 395 /******************************************************************************
 396  * GetSidSubAuthority [ADVAPI32.@]
 397  *
 398  * PARAMS
 399  *   pSid          []
 400  *   nSubAuthority []
 401  */
 402 PDWORD WINAPI
 403 GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
 404 {
 405         return RtlSubAuthoritySid(pSid, nSubAuthority);
 406 }
 407
 408 /******************************************************************************
 409  * GetSidSubAuthorityCount [ADVAPI32.@]
 410  *
 411  * PARAMS
 412  *   pSid []
 413  */
 414 PUCHAR WINAPI
 415 GetSidSubAuthorityCount (PSID pSid)
 416 {
 417         return RtlSubAuthorityCountSid(pSid);
 418 }
 419
 420 /******************************************************************************
 421  * GetLengthSid [ADVAPI32.@]
 422  *
 423  * PARAMS
 424  *   pSid []
 425  */
 426 DWORD WINAPI
 427 GetLengthSid (PSID pSid)
 428 {
 429         return RtlLengthSid(pSid);
 430 }
 431
 432 /*      ##############################################
 433         ######  SECURITY DESCRIPTOR FUNCTIONS   ######
 434         ##############################################
 435 */
 436
 437 /******************************************************************************
 438  * InitializeSecurityDescriptor [ADVAPI32.@]
 439  *
 440  * PARAMS
 441  *   pDescr   []
 442  *   revision []
 443  */
 444 BOOL WINAPI
 445 InitializeSecurityDescriptor( SECURITY_DESCRIPTOR *pDescr, DWORD revision )
 446 {
 447         CallWin32ToNt (RtlCreateSecurityDescriptor(pDescr, revision ));
 448 }
 449
 450 /******************************************************************************
 451  * GetSecurityDescriptorLength [ADVAPI32.@]
 452  */
 453 DWORD WINAPI GetSecurityDescriptorLength( SECURITY_DESCRIPTOR *pDescr)
 454 {
 455         return (RtlLengthSecurityDescriptor(pDescr));
 456 }
 457
 458 /******************************************************************************
 459  * GetSecurityDescriptorOwner [ADVAPI32.@]
 460  *
 461  * PARAMS
 462  *   pOwner            []
 463  *   lpbOwnerDefaulted []
 464  */
 465 BOOL WINAPI
 466 GetSecurityDescriptorOwner( SECURITY_DESCRIPTOR *pDescr, PSID *pOwner,
 467                             LPBOOL lpbOwnerDefaulted )
 468 {
 469         CallWin32ToNt (RtlGetOwnerSecurityDescriptor( pDescr, pOwner, (PBOOLEAN)lpbOwnerDefaulted ));
 470 }
 471
 472 /******************************************************************************
 473  * SetSecurityDescriptorOwner [ADVAPI32.@]
 474  *
 475  * PARAMS
 476  */
 477 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
 478                                    PSID pOwner, BOOL bOwnerDefaulted)
 479 {
 480         CallWin32ToNt (RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
 481 }
 482 /******************************************************************************
 483  * GetSecurityDescriptorGroup                   [ADVAPI32.@]
 484  */
 485 BOOL WINAPI GetSecurityDescriptorGroup(
 486         PSECURITY_DESCRIPTOR SecurityDescriptor,
 487         PSID *Group,
 488         LPBOOL GroupDefaulted)
 489 {
 490         CallWin32ToNt (RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, (PBOOLEAN)GroupDefaulted));
 491 }
 492 /******************************************************************************
 493  * SetSecurityDescriptorGroup [ADVAPI32.@]
 494  */
 495 BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
 496                                            PSID Group, BOOL GroupDefaulted)
 497 {
 498         CallWin32ToNt (RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
 499 }
 500
 501 /******************************************************************************
 502  * IsValidSecurityDescriptor [ADVAPI32.@]
 503  *
 504  * PARAMS
 505  *   lpsecdesc []
 506  */
 507 BOOL WINAPI
 508 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
 509 {
 510         CallWin32ToNt (RtlValidSecurityDescriptor(SecurityDescriptor));
 511 }
 512
 513 /******************************************************************************
 514  *  GetSecurityDescriptorDacl                   [ADVAPI32.@]
 515  */
 516 BOOL WINAPI GetSecurityDescriptorDacl(
 517         IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
 518         OUT LPBOOL lpbDaclPresent,
 519         OUT PACL *pDacl,
 520         OUT LPBOOL lpbDaclDefaulted)
 521 {
 522         CallWin32ToNt (RtlGetDaclSecurityDescriptor(pSecurityDescriptor, (PBOOLEAN)lpbDaclPresent,
 523                                                pDacl, (PBOOLEAN)lpbDaclDefaulted));
 524 }
 525
 526 /******************************************************************************
 527  *  SetSecurityDescriptorDacl                   [ADVAPI32.@]
 528  */
 529 BOOL WINAPI
 530 SetSecurityDescriptorDacl (
 531         PSECURITY_DESCRIPTOR lpsd,
 532         BOOL daclpresent,
 533         PACL dacl,
 534         BOOL dacldefaulted )
 535 {
 536         CallWin32ToNt (RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ));
 537 }
 538 /******************************************************************************
 539  *  GetSecurityDescriptorSacl                   [ADVAPI32.@]
 540  */
 541 BOOL WINAPI GetSecurityDescriptorSacl(
 542         IN PSECURITY_DESCRIPTOR lpsd,
 543         OUT LPBOOL lpbSaclPresent,
 544         OUT PACL *pSacl,
 545         OUT LPBOOL lpbSaclDefaulted)
 546 {
 547         CallWin32ToNt (RtlGetSaclSecurityDescriptor(lpsd,
 548            (PBOOLEAN)lpbSaclPresent, pSacl, (PBOOLEAN)lpbSaclDefaulted));
 549 }
 550
 551 /**************************************************************************
 552  * SetSecurityDescriptorSacl                    [ADVAPI32.@]
 553  */
 554 BOOL WINAPI SetSecurityDescriptorSacl (
 555         PSECURITY_DESCRIPTOR lpsd,
 556         BOOL saclpresent,
 557         PACL lpsacl,
 558         BOOL sacldefaulted)
 559 {
 560         CallWin32ToNt (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
 561 }
 562 /******************************************************************************
 563  * MakeSelfRelativeSD [ADVAPI32.@]
 564  *
 565  * PARAMS
 566  *   lpabssecdesc  []
 567  *   lpselfsecdesc []
 568  *   lpbuflen      []
 569  */
 570 BOOL WINAPI
 571 MakeSelfRelativeSD(
 572         IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
 573         IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
 574         IN OUT LPDWORD lpdwBufferLength)
 575 {
 576         CallWin32ToNt (RtlMakeSelfRelativeSD(pAbsoluteSecurityDescriptor,pSelfRelativeSecurityDescriptor, lpdwBufferLength));
 577 }
 578
 579 /******************************************************************************
 580  * GetSecurityDescriptorControl                 [ADVAPI32.@]
 581  */
 582
 583 BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR  pSecurityDescriptor,
 584                  PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
 585 {
 586         CallWin32ToNt (RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
 587 }
 588
 589 /*      ##############################
 590         ######  ACL FUNCTIONS   ######
 591         ##############################
 592 */
 593
 594 /*************************************************************************
 595  * InitializeAcl [ADVAPI32.@]
 596  */
 597 DWORD WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
 598 {
 599         CallWin32ToNt (RtlCreateAcl(acl, size, rev));
 600 }
 601
 602 /*      ##############################
 603         ######  MISC FUNCTIONS  ######
 604         ##############################
 605 */
 606
 607 /******************************************************************************
 608  * LookupPrivilegeValueW                        [ADVAPI32.@]
 609  * Retrieves LUID used on a system to represent the privilege name.
 610  *
 611  * NOTES
 612  *   lpLuid should be PLUID
 613  *
 614  * PARAMS
 615  *   lpSystemName [I] Address of string specifying the system
 616  *   lpName       [I] Address of string specifying the privilege
 617  *   lpLuid       [I] Address of locally unique identifier
 618  *
 619  * RETURNS STD
 620  */
 621 BOOL WINAPI
 622 LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, LPVOID lpLuid )
 623 {
 624     FIXME("(%s,%s,%p): stub\n",debugstr_w(lpSystemName),
 625         debugstr_w(lpName), lpLuid);
 626     return TRUE;
 627 }
 628
 629 /******************************************************************************
 630  * LookupPrivilegeValueA                        [ADVAPI32.@]
 631  */
 632 BOOL WINAPI
 633 LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, LPVOID lpLuid )
 634 {
 635     LPWSTR lpSystemNameW = HEAP_strdupAtoW(GetProcessHeap(), 0, lpSystemName);
 636     LPWSTR lpNameW = HEAP_strdupAtoW(GetProcessHeap(), 0, lpName);
 637     BOOL ret;
 638
 639     ret = LookupPrivilegeValueW( lpSystemNameW, lpNameW, lpLuid);
 640     HeapFree(GetProcessHeap(), 0, lpNameW);
 641     HeapFree(GetProcessHeap(), 0, lpSystemNameW);
 642     return ret;
 643 }
 644
 645 /******************************************************************************
 646  * GetFileSecurityA [ADVAPI32.@]
 647  *
 648  * Obtains Specified information about the security of a file or directory
 649  * The information obtained is constrained by the callers access rights and
 650  * privileges
 651  */
 652 BOOL WINAPI
 653 GetFileSecurityA( LPCSTR lpFileName,
 654                     SECURITY_INFORMATION RequestedInformation,
 655                     PSECURITY_DESCRIPTOR pSecurityDescriptor,
 656                     DWORD nLength, LPDWORD lpnLengthNeeded )
 657 {
 658   FIXME("(%s) : stub\n", debugstr_a(lpFileName));
 659   return TRUE;
 660 }
 661
 662 /******************************************************************************
 663  * GetFileSecurityW [ADVAPI32.@]
 664  *
 665  * Obtains Specified information about the security of a file or directory
 666  * The information obtained is constrained by the callers access rights and
 667  * privileges
 668  *
 669  * PARAMS
 670  *   lpFileName           []
 671  *   RequestedInformation []
 672  *   pSecurityDescriptor  []
 673  *   nLength              []
 674  *   lpnLengthNeeded      []
 675  */
 676 BOOL WINAPI
 677 GetFileSecurityW( LPCWSTR lpFileName,
 678                     SECURITY_INFORMATION RequestedInformation,
 679                     PSECURITY_DESCRIPTOR pSecurityDescriptor,
 680                     DWORD nLength, LPDWORD lpnLengthNeeded )
 681 {
 682   FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
 683   return TRUE;
 684 }
 685
 686
 687 /******************************************************************************
 688  * LookupAccountSidA [ADVAPI32.@]
 689  */
 690 BOOL WINAPI
 691 LookupAccountSidA(
 692         IN LPCSTR system,
 693         IN PSID sid,
 694         OUT LPSTR account,
 695         IN OUT LPDWORD accountSize,
 696         OUT LPSTR domain,
 697         IN OUT LPDWORD domainSize,
 698         OUT PSID_NAME_USE name_use )
 699 {
 700         static const char ac[] = "Administrator";
 701         static const char dm[] = "DOMAIN";
 702         FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
 703               debugstr_a(system),sid,
 704               account,accountSize,accountSize?*accountSize:0,
 705               domain,domainSize,domainSize?*domainSize:0,
 706               name_use);
 707
 708         if (accountSize) *accountSize = strlen(ac)+1;
 709         if (account && (*accountSize > strlen(ac)))
 710           strcpy(account, ac);
 711
 712         if (domainSize) *domainSize = strlen(dm)+1;
 713         if (domain && (*domainSize > strlen(dm)))
 714           strcpy(domain,dm);
 715
 716         if (name_use) *name_use = SidTypeUser;
 717         return TRUE;
 718 }
 719
 720 /******************************************************************************
 721  * LookupAccountSidW [ADVAPI32.@]
 722  *
 723  * PARAMS
 724  *   system      []
 725  *   sid         []
 726  *   account     []
 727  *   accountSize []
 728  *   domain      []
 729  *   domainSize  []
 730  *   name_use    []
 731  */
 732 BOOL WINAPI
 733 LookupAccountSidW(
 734         IN LPCWSTR system,
 735         IN PSID sid,
 736         OUT LPWSTR account,
 737         IN OUT LPDWORD accountSize,
 738         OUT LPWSTR domain,
 739         IN OUT LPDWORD domainSize,
 740         OUT PSID_NAME_USE name_use )
 741 {
 742     static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
 743     static const WCHAR dm[] = {'D','O','M','A','I','N',0};
 744         FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
 745               debugstr_w(system),sid,
 746               account,accountSize,accountSize?*accountSize:0,
 747               domain,domainSize,domainSize?*domainSize:0,
 748               name_use);
 749
 750         if (accountSize) *accountSize = strlenW(ac)+1;
 751         if (account && (*accountSize > strlenW(ac)))
 752             strcpyW(account, ac);
 753
 754         if (domainSize) *domainSize = strlenW(dm)+1;
 755         if (domain && (*domainSize > strlenW(dm)))
 756             strcpyW(domain,dm);
 757
 758         if (name_use) *name_use = SidTypeUser;
 759         return TRUE;
 760 }
 761
 762 /******************************************************************************
 763  * SetFileSecurityA [ADVAPI32.@]
 764  * Sets the security of a file or directory
 765  */
 766 BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
 767                                 SECURITY_INFORMATION RequestedInformation,
 768                                 PSECURITY_DESCRIPTOR pSecurityDescriptor)
 769 {
 770   FIXME("(%s) : stub\n", debugstr_a(lpFileName));
 771   return TRUE;
 772 }
 773
 774 /******************************************************************************
 775  * SetFileSecurityW [ADVAPI32.@]
 776  * Sets the security of a file or directory
 777  *
 778  * PARAMS
 779  *   lpFileName           []
 780  *   RequestedInformation []
 781  *   pSecurityDescriptor  []
 782  */
 783 BOOL WINAPI
 784 SetFileSecurityW( LPCWSTR lpFileName,
 785                     SECURITY_INFORMATION RequestedInformation,
 786                     PSECURITY_DESCRIPTOR pSecurityDescriptor )
 787 {
 788   FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
 789   return TRUE;
 790 }
 791
 792 /******************************************************************************
 793  * QueryWindows31FilesMigration [ADVAPI32.@]
 794  *
 795  * PARAMS
 796  *   x1 []
 797  */
 798 BOOL WINAPI
 799 QueryWindows31FilesMigration( DWORD x1 )
 800 {
 801         FIXME("(%ld):stub\n",x1);
 802         return TRUE;
 803 }
 804
 805 /******************************************************************************
 806  * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
 807  *
 808  * PARAMS
 809  *   x1 []
 810  *   x2 []
 811  *   x3 []
 812  *   x4 []
 813  */
 814 BOOL WINAPI
 815 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
 816                                                DWORD x4 )
 817 {
 818         FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
 819         return TRUE;
 820 }
 821
 822 /******************************************************************************
 823  * LsaOpenPolicy [ADVAPI32.@]
 824  *
 825  * PARAMS
 826  *   x1 []
 827  *   x2 []
 828  *   x3 []
 829  *   x4 []
 830  */
 831 NTSTATUS WINAPI
 832 LsaOpenPolicy(
 833         IN PLSA_UNICODE_STRING SystemName,
 834         IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
 835         IN ACCESS_MASK DesiredAccess,
 836         IN OUT PLSA_HANDLE PolicyHandle)
 837 {
 838         FIXME("(%s,%p,0x%08lx,%p):stub\n",
 839               SystemName?debugstr_w(SystemName->Buffer):"null",
 840               ObjectAttributes, DesiredAccess, PolicyHandle);
 841         ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
 842                                   STATUS_ACCESS_VIOLATION);
 843         dumpLsaAttributes(ObjectAttributes);
 844         if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
 845         return STATUS_SUCCESS;
 846 }
 847
 848 /******************************************************************************
 849  * LsaQueryInformationPolicy [ADVAPI32.@]
 850  */
 851 NTSTATUS WINAPI
 852 LsaQueryInformationPolicy(
 853         IN LSA_HANDLE PolicyHandle,
 854         IN POLICY_INFORMATION_CLASS InformationClass,
 855         OUT PVOID *Buffer)
 856 {
 857         FIXME("(%p,0x%08x,%p):stub\n",
 858               PolicyHandle, InformationClass, Buffer);
 859
 860         if(!Buffer) return FALSE;
 861         switch (InformationClass)
 862         {
 863           case PolicyAuditEventsInformation: /* 2 */
 864             {
 865               PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(POLICY_AUDIT_EVENTS_INFO));
 866               p->AuditingMode = FALSE; /* no auditing */
 867               *Buffer = p;
 868             }
 869             break;
 870           case PolicyPrimaryDomainInformation: /* 3 */
 871           case PolicyAccountDomainInformation: /* 5 */
 872             {
 873               struct di
 874               { POLICY_PRIMARY_DOMAIN_INFO ppdi;
 875                 SID sid;
 876               };
 877               SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
 878
 879               struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(xdi));
 880               RtlInitUnicodeString(&(xdi->ppdi.Name), HEAP_strdupAtoW(GetProcessHeap(),0,"DOMAIN"));
 881               xdi->ppdi.Sid = &(xdi->sid);
 882               xdi->sid.Revision = SID_REVISION;
 883               xdi->sid.SubAuthorityCount = 1;
 884               xdi->sid.IdentifierAuthority = localSidAuthority;
 885               xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
 886               *Buffer = xdi;
 887             }
 888             break;
 889           case  PolicyAuditLogInformation:
 890           case  PolicyPdAccountInformation:
 891           case  PolicyLsaServerRoleInformation:
 892           case  PolicyReplicaSourceInformation:
 893           case  PolicyDefaultQuotaInformation:
 894           case  PolicyModificationInformation:
 895           case  PolicyAuditFullSetInformation:
 896           case  PolicyAuditFullQueryInformation:
 897           case  PolicyDnsDomainInformation:
 898             {
 899               FIXME("category not implemented\n");
 900               return FALSE;
 901             }
 902         }
 903         return TRUE;
 904 }
 905
 906 /******************************************************************************
 907  * LsaLookupSids [ADVAPI32.@]
 908  */
 909 typedef struct
 910 {
 911         SID_NAME_USE Use;
 912         LSA_UNICODE_STRING Name;
 913         LONG DomainIndex;
 914 } LSA_TRANSLATED_NAME, *PLSA_TRANSLATED_NAME;
 915
 916 typedef struct
 917 {
 918         LSA_UNICODE_STRING Name;
 919         PSID Sid;
 920 } LSA_TRUST_INFORMATION, *PLSA_TRUST_INFORMATION;
 921
 922 typedef struct
 923 {
 924         ULONG Entries;
 925         PLSA_TRUST_INFORMATION Domains;
 926 } LSA_REFERENCED_DOMAIN_LIST, *PLSA_REFERENCED_DOMAIN_LIST;
 927
 928 NTSTATUS WINAPI
 929 LsaLookupSids(
 930         IN LSA_HANDLE PolicyHandle,
 931         IN ULONG Count,
 932         IN PSID *Sids,
 933         OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
 934         OUT PLSA_TRANSLATED_NAME *Names )
 935 {
 936         FIXME("%p %lu %p %p %p\n",
 937           PolicyHandle, Count, Sids, ReferencedDomains, Names);
 938         return FALSE;
 939 }
 940
 941 /******************************************************************************
 942  * LsaFreeMemory [ADVAPI32.@]
 943  */
 944 NTSTATUS WINAPI
 945 LsaFreeMemory(IN PVOID Buffer)
 946 {
 947         TRACE("(%p)\n",Buffer);
 948         return HeapFree(GetProcessHeap(), 0, Buffer);
 949 }
 950 /******************************************************************************
 951  * LsaClose [ADVAPI32.@]
 952  */
 953 NTSTATUS WINAPI
 954 LsaClose(IN LSA_HANDLE ObjectHandle)
 955 {
 956         FIXME("(%p):stub\n",ObjectHandle);
 957         return 0xc0000000;
 958 }
 959
 960 /******************************************************************************
 961  * LsaNtStatusToWinError [ADVAPI32.@]
 962  *
 963  * PARAMS
 964  *   Status [I]
 965  */
 966 ULONG WINAPI
 967 LsaNtStatusToWinError(NTSTATUS Status)
 968 {
 969     return RtlNtStatusToDosError(Status);
 970 }
 971
 972 /******************************************************************************
 973  * NotifyBootConfigStatus [ADVAPI32.@]
 974  *
 975  * PARAMS
 976  *   x1 []
 977  */
 978 BOOL WINAPI
 979 NotifyBootConfigStatus( DWORD x1 )
 980 {
 981         FIXME("(0x%08lx):stub\n",x1);
 982         return 1;
 983 }
 984
 985 /******************************************************************************
 986  * RevertToSelf [ADVAPI32.@]
 987  *
 988  * PARAMS
 989  *   void []
 990  */
 991 BOOL WINAPI
 992 RevertToSelf( void )
 993 {
 994         FIXME("(), stub\n");
 995         return TRUE;
 996 }
 997
 998 /******************************************************************************
 999  * ImpersonateSelf [ADVAPI32.@]
1000  */
1001 BOOL WINAPI
1002 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1003 {
1004         return RtlImpersonateSelf(ImpersonationLevel);
1005 }
1006
1007 /******************************************************************************
1008  * ImpersonateLoggedOnUser [ADVAPI32.@]
1009  */
1010 BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
1011 {
1012     FIXME("(%08x):stub returning FALSE\n", hToken);
1013     return FALSE;
1014 }
1015
1016 /******************************************************************************
1017  * AccessCheck [ADVAPI32.@]
1018  *
1019  * FIXME check cast LPBOOL to PBOOLEAN
1020  */
1021 BOOL WINAPI
1022 AccessCheck(
1023         PSECURITY_DESCRIPTOR SecurityDescriptor,
1024         HANDLE ClientToken,
1025         DWORD DesiredAccess,
1026         PGENERIC_MAPPING GenericMapping,
1027         PPRIVILEGE_SET PrivilegeSet,
1028         LPDWORD PrivilegeSetLength,
1029         LPDWORD GrantedAccess,
1030         LPBOOL AccessStatus)
1031 {
1032         CallWin32ToNt (NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
1033           GenericMapping, PrivilegeSet, PrivilegeSetLength, GrantedAccess, (PBOOLEAN)AccessStatus));
1034 }
1035
1036 /*************************************************************************
1037  * SetKernelObjectSecurity [ADVAPI32.@]
1038  */
1039 BOOL WINAPI SetKernelObjectSecurity (
1040         IN HANDLE Handle,
1041         IN SECURITY_INFORMATION SecurityInformation,
1042         IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1043 {
1044         CallWin32ToNt (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1045 }
1046
1047 /******************************************************************************
1048  *  AddAccessAllowedAce [ADVAPI32.@]
1049  */
1050 BOOL WINAPI AddAccessAllowedAce(
1051         IN OUT PACL pAcl,
1052         IN DWORD dwAceRevision,
1053         IN DWORD AccessMask,
1054         IN PSID pSid)
1055 {
1056         return RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid);
1057 }
1058
1059 /******************************************************************************
1060  * LookupAccountNameA [ADVAPI32.@]
1061  */
1062 BOOL WINAPI
1063 LookupAccountNameA(
1064         IN LPCSTR system,
1065         IN LPCSTR account,
1066         OUT PSID sid,
1067         OUT LPDWORD cbSid,
1068         LPSTR ReferencedDomainName,
1069         IN OUT LPDWORD cbReferencedDomainName,
1070         OUT PSID_NAME_USE name_use )
1071 {
1072     FIXME("(%s,%s,%p,%p,%p,%p,%p), stub.\n",system,account,sid,cbSid,ReferencedDomainName,cbReferencedDomainName,name_use);
1073     return FALSE;
1074 }
1075
1076 /******************************************************************************
1077  * GetAce [ADVAPI32.@]
1078  */
1079 BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
1080 {
1081     CallWin32ToNt(RtlGetAce(pAcl, dwAceIndex, pAce));
1082 }
1083
1084 /******************************************************************************
1085  * PrivilegeCheck [ADVAPI32.@]
1086  */
1087 BOOL WINAPI PrivilegeCheck( HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
1088 {
1089         FIXME("stub %d %p %p\n", ClientToken, RequiredPrivileges, pfResult);
1090         if (pfResult)
1091                 *pfResult=TRUE;
1092         return TRUE;
1093 }