git.oblomov.eu Git - wine/blob - dlls/advapi32/security.c

   1 /*
   2  * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
   3  *
   4  * This library is free software; you can redistribute it and/or
   5  * modify it under the terms of the GNU Lesser General Public
   6  * License as published by the Free Software Foundation; either
   7  * version 2.1 of the License, or (at your option) any later version.
   8  *
   9  * This library is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12  * Lesser General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU Lesser General Public
  15  * License along with this library; if not, write to the Free Software
  16  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  17  *
  18  *  FIXME: for all functions thunking down to Rtl* functions:  implement SetLastError()
  19  */
  20
  21 #include <string.h>
  22
  23 #include "windef.h"
  24 #include "winerror.h"
  25 #include "rpcnterr.h"
  26 #include "heap.h"
  27 #include "winternl.h"
  28 #include "ntsecapi.h"
  29 #include "accctrl.h"
  30
  31 #include "wine/debug.h"
  32 #include "wine/unicode.h"
  33
  34 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
  35
  36 #define CallWin32ToNt(func) \
  37         { NTSTATUS ret; \
  38           ret = (func); \
  39           if (ret !=STATUS_SUCCESS) \
  40           { SetLastError (RtlNtStatusToDosError(ret)); return FALSE; } \
  41           return TRUE; \
  42         }
  43
  44 static void dumpLsaAttributes( PLSA_OBJECT_ATTRIBUTES oa )
  45 {
  46         if (oa)
  47         {
  48           TRACE("\n\tlength=%lu, rootdir=%p, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
  49                 oa->Length, oa->RootDirectory,
  50                 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
  51                 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
  52         }
  53 }
  54
  55 /************************************************************
  56  *                ADVAPI_IsLocalComputer
  57  *
  58  * Checks whether the server name indicates local machine.
  59  */
  60 BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
  61 {
  62     if (!ServerName)
  63     {
  64         return TRUE;
  65     }
  66     else
  67     {
  68         DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
  69         BOOL Result;
  70         LPWSTR buf;
  71
  72         buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
  73         Result = GetComputerNameW(buf,  &dwSize);
  74         if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
  75             ServerName += 2;
  76         Result = Result && !lstrcmpW(ServerName, buf);
  77         HeapFree(GetProcessHeap(), 0, buf);
  78
  79         return Result;
  80     }
  81 }
  82
  83 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
  84     if (!ADVAPI_IsLocalComputer(ServerName)) \
  85     { \
  86         FIXME("Action Implemented for local computer only. " \
  87               "Requested for server %s\n", debugstr_w(ServerName)); \
  88         return FailureCode; \
  89     }
  90
  91 /*      ##############################
  92         ######  TOKEN FUNCTIONS ######
  93         ##############################
  94 */
  95
  96 /******************************************************************************
  97  * OpenProcessToken                     [ADVAPI32.@]
  98  * Opens the access token associated with a process
  99  *
 100  * PARAMS
 101  *   ProcessHandle [I] Handle to process
 102  *   DesiredAccess [I] Desired access to process
 103  *   TokenHandle   [O] Pointer to handle of open access token
 104  *
 105  * RETURNS STD
 106  */
 107 BOOL WINAPI
 108 OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
 109                   HANDLE *TokenHandle )
 110 {
 111         CallWin32ToNt(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
 112 }
 113
 114 /******************************************************************************
 115  * OpenThreadToken [ADVAPI32.@]
 116  *
 117  * PARAMS
 118  *   thread        []
 119  *   desiredaccess []
 120  *   openasself    []
 121  *   thandle       []
 122  */
 123 BOOL WINAPI
 124 OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
 125                  BOOL OpenAsSelf, HANDLE *TokenHandle)
 126 {
 127         CallWin32ToNt (NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
 128 }
 129
 130 /******************************************************************************
 131  * AdjustTokenPrivileges [ADVAPI32.@]
 132  *
 133  * PARAMS
 134  *   TokenHandle          []
 135  *   DisableAllPrivileges []
 136  *   NewState             []
 137  *   BufferLength         []
 138  *   PreviousState        []
 139  *   ReturnLength         []
 140  */
 141 BOOL WINAPI
 142 AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
 143                        LPVOID NewState, DWORD BufferLength,
 144                        LPVOID PreviousState, LPDWORD ReturnLength )
 145 {
 146         CallWin32ToNt(NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges, NewState, BufferLength, PreviousState, ReturnLength));
 147 }
 148
 149 /******************************************************************************
 150  * CheckTokenMembership [ADVAPI32.@]
 151  *
 152  * PARAMS
 153  *   TokenHandle [I]
 154  *   SidToCheck  [I]
 155  *   IsMember    [O]
 156  */
 157 BOOL WINAPI
 158 CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
 159                       PBOOL IsMember )
 160 {
 161   FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
 162
 163   *IsMember = TRUE;
 164   return(TRUE);
 165 }
 166
 167 /******************************************************************************
 168  * GetTokenInformation [ADVAPI32.@]
 169  *
 170  * PARAMS
 171  *   token           [I]
 172  *   tokeninfoclass  [I]
 173  *   tokeninfo       [O]
 174  *   tokeninfolength [I]
 175  *   retlen          [O]
 176  *
 177  */
 178 BOOL WINAPI
 179 GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
 180                      LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
 181 {
 182     TRACE("(%p, %s, %p, %ld, %p): \n",
 183           token,
 184           (tokeninfoclass == TokenUser) ? "TokenUser" :
 185           (tokeninfoclass == TokenGroups) ? "TokenGroups" :
 186           (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
 187           (tokeninfoclass == TokenOwner) ? "TokenOwner" :
 188           (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
 189           (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
 190           (tokeninfoclass == TokenSource) ? "TokenSource" :
 191           (tokeninfoclass == TokenType) ? "TokenType" :
 192           (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
 193           (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
 194           (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
 195           (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
 196           (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
 197           (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
 198           (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
 199           "Unknown",
 200           tokeninfo, tokeninfolength, retlen);
 201     CallWin32ToNt (NtQueryInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength, retlen));
 202 }
 203
 204 /******************************************************************************
 205  * SetTokenInformation [ADVAPI32.@]
 206  *
 207  * PARAMS
 208  *   token           [I]
 209  *   tokeninfoclass  [I]
 210  *   tokeninfo       [I]
 211  *   tokeninfolength [I]
 212  *
 213  */
 214 BOOL WINAPI
 215 SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
 216                      LPVOID tokeninfo, DWORD tokeninfolength )
 217 {
 218     FIXME("(%p, %s, %p, %ld): stub\n",
 219           token,
 220           (tokeninfoclass == TokenUser) ? "TokenUser" :
 221           (tokeninfoclass == TokenGroups) ? "TokenGroups" :
 222           (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
 223           (tokeninfoclass == TokenOwner) ? "TokenOwner" :
 224           (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
 225           (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
 226           (tokeninfoclass == TokenSource) ? "TokenSource" :
 227           (tokeninfoclass == TokenType) ? "TokenType" :
 228           (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
 229           (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
 230           (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
 231           (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
 232           (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
 233           (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
 234           (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
 235           "Unknown",
 236           tokeninfo, tokeninfolength);
 237
 238     SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
 239
 240     return FALSE;
 241 }
 242
 243 /*************************************************************************
 244  * SetThreadToken [ADVAPI32.@]
 245  *
 246  * Assigns an "impersonation token" to a thread so it can assume the
 247  * security privledges of another thread or process.  Can also remove
 248  * a previously assigned token.  Only supported on NT - it's a stub
 249  * exactly like this one on Win9X.
 250  *
 251  */
 252
 253 BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
 254 {
 255     FIXME("(%p, %p): stub (NT impl. only)\n", thread, token);
 256
 257     SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
 258
 259     return FALSE;
 260 }
 261
 262 /*      ##############################
 263         ######  SID FUNCTIONS   ######
 264         ##############################
 265 */
 266
 267 /******************************************************************************
 268  * AllocateAndInitializeSid [ADVAPI32.@]
 269  *
 270  * PARAMS
 271  *   pIdentifierAuthority []
 272  *   nSubAuthorityCount   []
 273  *   nSubAuthority0       []
 274  *   nSubAuthority1       []
 275  *   nSubAuthority2       []
 276  *   nSubAuthority3       []
 277  *   nSubAuthority4       []
 278  *   nSubAuthority5       []
 279  *   nSubAuthority6       []
 280  *   nSubAuthority7       []
 281  *   pSid                 []
 282  */
 283 BOOL WINAPI
 284 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
 285                           BYTE nSubAuthorityCount,
 286                           DWORD nSubAuthority0, DWORD nSubAuthority1,
 287                           DWORD nSubAuthority2, DWORD nSubAuthority3,
 288                           DWORD nSubAuthority4, DWORD nSubAuthority5,
 289                           DWORD nSubAuthority6, DWORD nSubAuthority7,
 290                           PSID *pSid )
 291 {
 292         CallWin32ToNt (RtlAllocateAndInitializeSid(
 293                 pIdentifierAuthority, nSubAuthorityCount,
 294                 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
 295                 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
 296                 pSid ));
 297 }
 298
 299 /******************************************************************************
 300  * FreeSid [ADVAPI32.@]
 301  *
 302  * PARAMS
 303  *   pSid []
 304  */
 305 PVOID WINAPI
 306 FreeSid( PSID pSid )
 307 {
 308         RtlFreeSid(pSid);
 309         return NULL; /* is documented like this */
 310 }
 311
 312 /******************************************************************************
 313  * CopySid [ADVAPI32.@]
 314  *
 315  * PARAMS
 316  *   nDestinationSidLength []
 317  *   pDestinationSid       []
 318  *   pSourceSid            []
 319  */
 320 BOOL WINAPI
 321 CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
 322 {
 323         return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
 324 }
 325
 326 /******************************************************************************
 327  * IsValidSid [ADVAPI32.@]
 328  *
 329  * PARAMS
 330  *   pSid []
 331  */
 332 BOOL WINAPI
 333 IsValidSid( PSID pSid )
 334 {
 335         return RtlValidSid( pSid );
 336 }
 337
 338 /******************************************************************************
 339  * EqualSid [ADVAPI32.@]
 340  *
 341  * PARAMS
 342  *   pSid1 []
 343  *   pSid2 []
 344  */
 345 BOOL WINAPI
 346 EqualSid( PSID pSid1, PSID pSid2 )
 347 {
 348         return RtlEqualSid( pSid1, pSid2 );
 349 }
 350
 351 /******************************************************************************
 352  * EqualPrefixSid [ADVAPI32.@]
 353  */
 354 BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
 355 {
 356         return RtlEqualPrefixSid(pSid1, pSid2);
 357 }
 358
 359 /******************************************************************************
 360  * GetSidLengthRequired [ADVAPI32.@]
 361  *
 362  * PARAMS
 363  *   nSubAuthorityCount []
 364  */
 365 DWORD WINAPI
 366 GetSidLengthRequired( BYTE nSubAuthorityCount )
 367 {
 368         return RtlLengthRequiredSid(nSubAuthorityCount);
 369 }
 370
 371 /******************************************************************************
 372  * InitializeSid [ADVAPI32.@]
 373  *
 374  * PARAMS
 375  *   pIdentifierAuthority []
 376  */
 377 BOOL WINAPI
 378 InitializeSid (
 379         PSID pSid,
 380         PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
 381         BYTE nSubAuthorityCount)
 382 {
 383         return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
 384 }
 385
 386 /******************************************************************************
 387  * GetSidIdentifierAuthority [ADVAPI32.@]
 388  *
 389  * PARAMS
 390  *   pSid []
 391  */
 392 PSID_IDENTIFIER_AUTHORITY WINAPI
 393 GetSidIdentifierAuthority( PSID pSid )
 394 {
 395         return RtlIdentifierAuthoritySid(pSid);
 396 }
 397
 398 /******************************************************************************
 399  * GetSidSubAuthority [ADVAPI32.@]
 400  *
 401  * PARAMS
 402  *   pSid          []
 403  *   nSubAuthority []
 404  */
 405 PDWORD WINAPI
 406 GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
 407 {
 408         return RtlSubAuthoritySid(pSid, nSubAuthority);
 409 }
 410
 411 /******************************************************************************
 412  * GetSidSubAuthorityCount [ADVAPI32.@]
 413  *
 414  * PARAMS
 415  *   pSid []
 416  */
 417 PUCHAR WINAPI
 418 GetSidSubAuthorityCount (PSID pSid)
 419 {
 420         return RtlSubAuthorityCountSid(pSid);
 421 }
 422
 423 /******************************************************************************
 424  * GetLengthSid [ADVAPI32.@]
 425  *
 426  * PARAMS
 427  *   pSid []
 428  */
 429 DWORD WINAPI
 430 GetLengthSid (PSID pSid)
 431 {
 432         return RtlLengthSid(pSid);
 433 }
 434
 435 /*      ##############################################
 436         ######  SECURITY DESCRIPTOR FUNCTIONS   ######
 437         ##############################################
 438 */
 439
 440 /******************************************************************************
 441  * InitializeSecurityDescriptor [ADVAPI32.@]
 442  *
 443  * PARAMS
 444  *   pDescr   []
 445  *   revision []
 446  */
 447 BOOL WINAPI
 448 InitializeSecurityDescriptor( SECURITY_DESCRIPTOR *pDescr, DWORD revision )
 449 {
 450         CallWin32ToNt (RtlCreateSecurityDescriptor(pDescr, revision ));
 451 }
 452
 453 /******************************************************************************
 454  * GetSecurityDescriptorLength [ADVAPI32.@]
 455  */
 456 DWORD WINAPI GetSecurityDescriptorLength( SECURITY_DESCRIPTOR *pDescr)
 457 {
 458         return (RtlLengthSecurityDescriptor(pDescr));
 459 }
 460
 461 /******************************************************************************
 462  * GetSecurityDescriptorOwner [ADVAPI32.@]
 463  *
 464  * PARAMS
 465  *   pOwner            []
 466  *   lpbOwnerDefaulted []
 467  */
 468 BOOL WINAPI
 469 GetSecurityDescriptorOwner( SECURITY_DESCRIPTOR *pDescr, PSID *pOwner,
 470                             LPBOOL lpbOwnerDefaulted )
 471 {
 472         CallWin32ToNt (RtlGetOwnerSecurityDescriptor( pDescr, pOwner, (PBOOLEAN)lpbOwnerDefaulted ));
 473 }
 474
 475 /******************************************************************************
 476  * SetSecurityDescriptorOwner [ADVAPI32.@]
 477  *
 478  * PARAMS
 479  */
 480 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
 481                                    PSID pOwner, BOOL bOwnerDefaulted)
 482 {
 483         CallWin32ToNt (RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
 484 }
 485 /******************************************************************************
 486  * GetSecurityDescriptorGroup                   [ADVAPI32.@]
 487  */
 488 BOOL WINAPI GetSecurityDescriptorGroup(
 489         PSECURITY_DESCRIPTOR SecurityDescriptor,
 490         PSID *Group,
 491         LPBOOL GroupDefaulted)
 492 {
 493         CallWin32ToNt (RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, (PBOOLEAN)GroupDefaulted));
 494 }
 495 /******************************************************************************
 496  * SetSecurityDescriptorGroup [ADVAPI32.@]
 497  */
 498 BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
 499                                            PSID Group, BOOL GroupDefaulted)
 500 {
 501         CallWin32ToNt (RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
 502 }
 503
 504 /******************************************************************************
 505  * IsValidSecurityDescriptor [ADVAPI32.@]
 506  *
 507  * PARAMS
 508  *   lpsecdesc []
 509  */
 510 BOOL WINAPI
 511 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
 512 {
 513         CallWin32ToNt (RtlValidSecurityDescriptor(SecurityDescriptor));
 514 }
 515
 516 /******************************************************************************
 517  *  GetSecurityDescriptorDacl                   [ADVAPI32.@]
 518  */
 519 BOOL WINAPI GetSecurityDescriptorDacl(
 520         IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
 521         OUT LPBOOL lpbDaclPresent,
 522         OUT PACL *pDacl,
 523         OUT LPBOOL lpbDaclDefaulted)
 524 {
 525         CallWin32ToNt (RtlGetDaclSecurityDescriptor(pSecurityDescriptor, (PBOOLEAN)lpbDaclPresent,
 526                                                pDacl, (PBOOLEAN)lpbDaclDefaulted));
 527 }
 528
 529 /******************************************************************************
 530  *  SetSecurityDescriptorDacl                   [ADVAPI32.@]
 531  */
 532 BOOL WINAPI
 533 SetSecurityDescriptorDacl (
 534         PSECURITY_DESCRIPTOR lpsd,
 535         BOOL daclpresent,
 536         PACL dacl,
 537         BOOL dacldefaulted )
 538 {
 539         CallWin32ToNt (RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ));
 540 }
 541 /******************************************************************************
 542  *  GetSecurityDescriptorSacl                   [ADVAPI32.@]
 543  */
 544 BOOL WINAPI GetSecurityDescriptorSacl(
 545         IN PSECURITY_DESCRIPTOR lpsd,
 546         OUT LPBOOL lpbSaclPresent,
 547         OUT PACL *pSacl,
 548         OUT LPBOOL lpbSaclDefaulted)
 549 {
 550         CallWin32ToNt (RtlGetSaclSecurityDescriptor(lpsd,
 551            (PBOOLEAN)lpbSaclPresent, pSacl, (PBOOLEAN)lpbSaclDefaulted));
 552 }
 553
 554 /**************************************************************************
 555  * SetSecurityDescriptorSacl                    [ADVAPI32.@]
 556  */
 557 BOOL WINAPI SetSecurityDescriptorSacl (
 558         PSECURITY_DESCRIPTOR lpsd,
 559         BOOL saclpresent,
 560         PACL lpsacl,
 561         BOOL sacldefaulted)
 562 {
 563         CallWin32ToNt (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
 564 }
 565 /******************************************************************************
 566  * MakeSelfRelativeSD [ADVAPI32.@]
 567  *
 568  * PARAMS
 569  *   lpabssecdesc  []
 570  *   lpselfsecdesc []
 571  *   lpbuflen      []
 572  */
 573 BOOL WINAPI
 574 MakeSelfRelativeSD(
 575         IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
 576         IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
 577         IN OUT LPDWORD lpdwBufferLength)
 578 {
 579         CallWin32ToNt (RtlMakeSelfRelativeSD(pAbsoluteSecurityDescriptor,pSelfRelativeSecurityDescriptor, lpdwBufferLength));
 580 }
 581
 582 /******************************************************************************
 583  * GetSecurityDescriptorControl                 [ADVAPI32.@]
 584  */
 585
 586 BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR  pSecurityDescriptor,
 587                  PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
 588 {
 589         CallWin32ToNt (RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
 590 }
 591
 592 /*      ##############################
 593         ######  ACL FUNCTIONS   ######
 594         ##############################
 595 */
 596
 597 /*************************************************************************
 598  * InitializeAcl [ADVAPI32.@]
 599  */
 600 DWORD WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
 601 {
 602         CallWin32ToNt (RtlCreateAcl(acl, size, rev));
 603 }
 604
 605 /*      ##############################
 606         ######  MISC FUNCTIONS  ######
 607         ##############################
 608 */
 609
 610 /******************************************************************************
 611  * LookupPrivilegeValueW                        [ADVAPI32.@]
 612  * Retrieves LUID used on a system to represent the privilege name.
 613  *
 614  * PARAMS
 615  *   lpSystemName [I] Address of string specifying the system
 616  *   lpName       [I] Address of string specifying the privilege
 617  *   lpLuid       [I] Address of locally unique identifier
 618  *
 619  * RETURNS STD
 620  */
 621 BOOL WINAPI
 622 LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid )
 623 {
 624     FIXME("(%s,%s,%p): stub\n",debugstr_w(lpSystemName),
 625         debugstr_w(lpName), lpLuid);
 626     lpLuid->LowPart = 0x12345678;
 627     lpLuid->HighPart = 0x87654321;
 628     return TRUE;
 629 }
 630
 631 /******************************************************************************
 632  * LookupPrivilegeValueA                        [ADVAPI32.@]
 633  */
 634 BOOL WINAPI
 635 LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid )
 636 {
 637     LPWSTR lpSystemNameW = HEAP_strdupAtoW(GetProcessHeap(), 0, lpSystemName);
 638     LPWSTR lpNameW = HEAP_strdupAtoW(GetProcessHeap(), 0, lpName);
 639     BOOL ret;
 640
 641     ret = LookupPrivilegeValueW( lpSystemNameW, lpNameW, lpLuid);
 642     HeapFree(GetProcessHeap(), 0, lpNameW);
 643     HeapFree(GetProcessHeap(), 0, lpSystemNameW);
 644     return ret;
 645 }
 646
 647 /******************************************************************************
 648  * GetFileSecurityA [ADVAPI32.@]
 649  *
 650  * Obtains Specified information about the security of a file or directory
 651  * The information obtained is constrained by the callers access rights and
 652  * privileges
 653  */
 654 BOOL WINAPI
 655 GetFileSecurityA( LPCSTR lpFileName,
 656                     SECURITY_INFORMATION RequestedInformation,
 657                     PSECURITY_DESCRIPTOR pSecurityDescriptor,
 658                     DWORD nLength, LPDWORD lpnLengthNeeded )
 659 {
 660   FIXME("(%s) : stub\n", debugstr_a(lpFileName));
 661   return TRUE;
 662 }
 663
 664 /******************************************************************************
 665  * GetFileSecurityW [ADVAPI32.@]
 666  *
 667  * Obtains Specified information about the security of a file or directory
 668  * The information obtained is constrained by the callers access rights and
 669  * privileges
 670  *
 671  * PARAMS
 672  *   lpFileName           []
 673  *   RequestedInformation []
 674  *   pSecurityDescriptor  []
 675  *   nLength              []
 676  *   lpnLengthNeeded      []
 677  */
 678 BOOL WINAPI
 679 GetFileSecurityW( LPCWSTR lpFileName,
 680                     SECURITY_INFORMATION RequestedInformation,
 681                     PSECURITY_DESCRIPTOR pSecurityDescriptor,
 682                     DWORD nLength, LPDWORD lpnLengthNeeded )
 683 {
 684   FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
 685   return TRUE;
 686 }
 687
 688
 689 /******************************************************************************
 690  * LookupAccountSidA [ADVAPI32.@]
 691  */
 692 BOOL WINAPI
 693 LookupAccountSidA(
 694         IN LPCSTR system,
 695         IN PSID sid,
 696         OUT LPSTR account,
 697         IN OUT LPDWORD accountSize,
 698         OUT LPSTR domain,
 699         IN OUT LPDWORD domainSize,
 700         OUT PSID_NAME_USE name_use )
 701 {
 702         static const char ac[] = "Administrator";
 703         static const char dm[] = "DOMAIN";
 704         FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
 705               debugstr_a(system),sid,
 706               account,accountSize,accountSize?*accountSize:0,
 707               domain,domainSize,domainSize?*domainSize:0,
 708               name_use);
 709
 710         if (accountSize) *accountSize = strlen(ac)+1;
 711         if (account && (*accountSize > strlen(ac)))
 712           strcpy(account, ac);
 713
 714         if (domainSize) *domainSize = strlen(dm)+1;
 715         if (domain && (*domainSize > strlen(dm)))
 716           strcpy(domain,dm);
 717
 718         if (name_use) *name_use = SidTypeUser;
 719         return TRUE;
 720 }
 721
 722 /******************************************************************************
 723  * LookupAccountSidW [ADVAPI32.@]
 724  *
 725  * PARAMS
 726  *   system      []
 727  *   sid         []
 728  *   account     []
 729  *   accountSize []
 730  *   domain      []
 731  *   domainSize  []
 732  *   name_use    []
 733  */
 734 BOOL WINAPI
 735 LookupAccountSidW(
 736         IN LPCWSTR system,
 737         IN PSID sid,
 738         OUT LPWSTR account,
 739         IN OUT LPDWORD accountSize,
 740         OUT LPWSTR domain,
 741         IN OUT LPDWORD domainSize,
 742         OUT PSID_NAME_USE name_use )
 743 {
 744     static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
 745     static const WCHAR dm[] = {'D','O','M','A','I','N',0};
 746         FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
 747               debugstr_w(system),sid,
 748               account,accountSize,accountSize?*accountSize:0,
 749               domain,domainSize,domainSize?*domainSize:0,
 750               name_use);
 751
 752         if (accountSize) *accountSize = strlenW(ac)+1;
 753         if (account && (*accountSize > strlenW(ac)))
 754             strcpyW(account, ac);
 755
 756         if (domainSize) *domainSize = strlenW(dm)+1;
 757         if (domain && (*domainSize > strlenW(dm)))
 758             strcpyW(domain,dm);
 759
 760         if (name_use) *name_use = SidTypeUser;
 761         return TRUE;
 762 }
 763
 764 /******************************************************************************
 765  * SetFileSecurityA [ADVAPI32.@]
 766  * Sets the security of a file or directory
 767  */
 768 BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
 769                                 SECURITY_INFORMATION RequestedInformation,
 770                                 PSECURITY_DESCRIPTOR pSecurityDescriptor)
 771 {
 772   FIXME("(%s) : stub\n", debugstr_a(lpFileName));
 773   return TRUE;
 774 }
 775
 776 /******************************************************************************
 777  * SetFileSecurityW [ADVAPI32.@]
 778  * Sets the security of a file or directory
 779  *
 780  * PARAMS
 781  *   lpFileName           []
 782  *   RequestedInformation []
 783  *   pSecurityDescriptor  []
 784  */
 785 BOOL WINAPI
 786 SetFileSecurityW( LPCWSTR lpFileName,
 787                     SECURITY_INFORMATION RequestedInformation,
 788                     PSECURITY_DESCRIPTOR pSecurityDescriptor )
 789 {
 790   FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
 791   return TRUE;
 792 }
 793
 794 /******************************************************************************
 795  * QueryWindows31FilesMigration [ADVAPI32.@]
 796  *
 797  * PARAMS
 798  *   x1 []
 799  */
 800 BOOL WINAPI
 801 QueryWindows31FilesMigration( DWORD x1 )
 802 {
 803         FIXME("(%ld):stub\n",x1);
 804         return TRUE;
 805 }
 806
 807 /******************************************************************************
 808  * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
 809  *
 810  * PARAMS
 811  *   x1 []
 812  *   x2 []
 813  *   x3 []
 814  *   x4 []
 815  */
 816 BOOL WINAPI
 817 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
 818                                                DWORD x4 )
 819 {
 820         FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
 821         return TRUE;
 822 }
 823
 824 /******************************************************************************
 825  * LsaOpenPolicy [ADVAPI32.@]
 826  *
 827  * PARAMS
 828  *   x1 []
 829  *   x2 []
 830  *   x3 []
 831  *   x4 []
 832  */
 833 NTSTATUS WINAPI
 834 LsaOpenPolicy(
 835         IN PLSA_UNICODE_STRING SystemName,
 836         IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
 837         IN ACCESS_MASK DesiredAccess,
 838         IN OUT PLSA_HANDLE PolicyHandle)
 839 {
 840         FIXME("(%s,%p,0x%08lx,%p):stub\n",
 841               SystemName?debugstr_w(SystemName->Buffer):"null",
 842               ObjectAttributes, DesiredAccess, PolicyHandle);
 843         ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
 844                                   STATUS_ACCESS_VIOLATION);
 845         dumpLsaAttributes(ObjectAttributes);
 846         if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
 847         return STATUS_SUCCESS;
 848 }
 849
 850 /******************************************************************************
 851  * LsaQueryInformationPolicy [ADVAPI32.@]
 852  */
 853 NTSTATUS WINAPI
 854 LsaQueryInformationPolicy(
 855         IN LSA_HANDLE PolicyHandle,
 856         IN POLICY_INFORMATION_CLASS InformationClass,
 857         OUT PVOID *Buffer)
 858 {
 859         FIXME("(%p,0x%08x,%p):stub\n",
 860               PolicyHandle, InformationClass, Buffer);
 861
 862         if(!Buffer) return FALSE;
 863         switch (InformationClass)
 864         {
 865           case PolicyAuditEventsInformation: /* 2 */
 866             {
 867               PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(POLICY_AUDIT_EVENTS_INFO));
 868               p->AuditingMode = FALSE; /* no auditing */
 869               *Buffer = p;
 870             }
 871             break;
 872           case PolicyPrimaryDomainInformation: /* 3 */
 873           case PolicyAccountDomainInformation: /* 5 */
 874             {
 875               struct di
 876               { POLICY_PRIMARY_DOMAIN_INFO ppdi;
 877                 SID sid;
 878               };
 879               SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
 880
 881               struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(xdi));
 882               RtlInitUnicodeString(&(xdi->ppdi.Name), HEAP_strdupAtoW(GetProcessHeap(),0,"DOMAIN"));
 883               xdi->ppdi.Sid = &(xdi->sid);
 884               xdi->sid.Revision = SID_REVISION;
 885               xdi->sid.SubAuthorityCount = 1;
 886               xdi->sid.IdentifierAuthority = localSidAuthority;
 887               xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
 888               *Buffer = xdi;
 889             }
 890             break;
 891           case  PolicyAuditLogInformation:
 892           case  PolicyPdAccountInformation:
 893           case  PolicyLsaServerRoleInformation:
 894           case  PolicyReplicaSourceInformation:
 895           case  PolicyDefaultQuotaInformation:
 896           case  PolicyModificationInformation:
 897           case  PolicyAuditFullSetInformation:
 898           case  PolicyAuditFullQueryInformation:
 899           case  PolicyDnsDomainInformation:
 900             {
 901               FIXME("category not implemented\n");
 902               return FALSE;
 903             }
 904         }
 905         return TRUE;
 906 }
 907
 908 /******************************************************************************
 909  * LsaLookupSids [ADVAPI32.@]
 910  */
 911 typedef struct
 912 {
 913         SID_NAME_USE Use;
 914         LSA_UNICODE_STRING Name;
 915         LONG DomainIndex;
 916 } LSA_TRANSLATED_NAME, *PLSA_TRANSLATED_NAME;
 917
 918 typedef struct
 919 {
 920         LSA_UNICODE_STRING Name;
 921         PSID Sid;
 922 } LSA_TRUST_INFORMATION, *PLSA_TRUST_INFORMATION;
 923
 924 typedef struct
 925 {
 926         ULONG Entries;
 927         PLSA_TRUST_INFORMATION Domains;
 928 } LSA_REFERENCED_DOMAIN_LIST, *PLSA_REFERENCED_DOMAIN_LIST;
 929
 930 NTSTATUS WINAPI
 931 LsaLookupSids(
 932         IN LSA_HANDLE PolicyHandle,
 933         IN ULONG Count,
 934         IN PSID *Sids,
 935         OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
 936         OUT PLSA_TRANSLATED_NAME *Names )
 937 {
 938         FIXME("%p %lu %p %p %p\n",
 939           PolicyHandle, Count, Sids, ReferencedDomains, Names);
 940         return FALSE;
 941 }
 942
 943 /******************************************************************************
 944  * LsaFreeMemory [ADVAPI32.@]
 945  */
 946 NTSTATUS WINAPI
 947 LsaFreeMemory(IN PVOID Buffer)
 948 {
 949         TRACE("(%p)\n",Buffer);
 950         return HeapFree(GetProcessHeap(), 0, Buffer);
 951 }
 952 /******************************************************************************
 953  * LsaClose [ADVAPI32.@]
 954  */
 955 NTSTATUS WINAPI
 956 LsaClose(IN LSA_HANDLE ObjectHandle)
 957 {
 958         FIXME("(%p):stub\n",ObjectHandle);
 959         return 0xc0000000;
 960 }
 961
 962 /******************************************************************************
 963  * LsaNtStatusToWinError [ADVAPI32.@]
 964  *
 965  * PARAMS
 966  *   Status [I]
 967  */
 968 ULONG WINAPI
 969 LsaNtStatusToWinError(NTSTATUS Status)
 970 {
 971     return RtlNtStatusToDosError(Status);
 972 }
 973
 974 /******************************************************************************
 975  * NotifyBootConfigStatus [ADVAPI32.@]
 976  *
 977  * PARAMS
 978  *   x1 []
 979  */
 980 BOOL WINAPI
 981 NotifyBootConfigStatus( DWORD x1 )
 982 {
 983         FIXME("(0x%08lx):stub\n",x1);
 984         return 1;
 985 }
 986
 987 /******************************************************************************
 988  * RevertToSelf [ADVAPI32.@]
 989  *
 990  * PARAMS
 991  *   void []
 992  */
 993 BOOL WINAPI
 994 RevertToSelf( void )
 995 {
 996         FIXME("(), stub\n");
 997         return TRUE;
 998 }
 999
1000 /******************************************************************************
1001  * ImpersonateSelf [ADVAPI32.@]
1002  */
1003 BOOL WINAPI
1004 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1005 {
1006         return RtlImpersonateSelf(ImpersonationLevel);
1007 }
1008
1009 /******************************************************************************
1010  * ImpersonateLoggedOnUser [ADVAPI32.@]
1011  */
1012 BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
1013 {
1014     FIXME("(%p):stub returning FALSE\n", hToken);
1015     return FALSE;
1016 }
1017
1018 /******************************************************************************
1019  * AccessCheck [ADVAPI32.@]
1020  *
1021  * FIXME check cast LPBOOL to PBOOLEAN
1022  */
1023 BOOL WINAPI
1024 AccessCheck(
1025         PSECURITY_DESCRIPTOR SecurityDescriptor,
1026         HANDLE ClientToken,
1027         DWORD DesiredAccess,
1028         PGENERIC_MAPPING GenericMapping,
1029         PPRIVILEGE_SET PrivilegeSet,
1030         LPDWORD PrivilegeSetLength,
1031         LPDWORD GrantedAccess,
1032         LPBOOL AccessStatus)
1033 {
1034         CallWin32ToNt (NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
1035           GenericMapping, PrivilegeSet, PrivilegeSetLength, GrantedAccess, (PBOOLEAN)AccessStatus));
1036 }
1037
1038 /*************************************************************************
1039  * SetKernelObjectSecurity [ADVAPI32.@]
1040  */
1041 BOOL WINAPI SetKernelObjectSecurity (
1042         IN HANDLE Handle,
1043         IN SECURITY_INFORMATION SecurityInformation,
1044         IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1045 {
1046         CallWin32ToNt (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1047 }
1048
1049 /******************************************************************************
1050  *  AddAccessAllowedAce [ADVAPI32.@]
1051  */
1052 BOOL WINAPI AddAccessAllowedAce(
1053         IN OUT PACL pAcl,
1054         IN DWORD dwAceRevision,
1055         IN DWORD AccessMask,
1056         IN PSID pSid)
1057 {
1058         return RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid);
1059 }
1060
1061 /******************************************************************************
1062  * LookupAccountNameA [ADVAPI32.@]
1063  */
1064 BOOL WINAPI
1065 LookupAccountNameA(
1066         IN LPCSTR system,
1067         IN LPCSTR account,
1068         OUT PSID sid,
1069         OUT LPDWORD cbSid,
1070         LPSTR ReferencedDomainName,
1071         IN OUT LPDWORD cbReferencedDomainName,
1072         OUT PSID_NAME_USE name_use )
1073 {
1074     FIXME("(%s,%s,%p,%p,%p,%p,%p), stub.\n",system,account,sid,cbSid,ReferencedDomainName,cbReferencedDomainName,name_use);
1075     return FALSE;
1076 }
1077
1078 /******************************************************************************
1079  * GetAce [ADVAPI32.@]
1080  */
1081 BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
1082 {
1083     CallWin32ToNt(RtlGetAce(pAcl, dwAceIndex, pAce));
1084 }
1085
1086 /******************************************************************************
1087  * PrivilegeCheck [ADVAPI32.@]
1088  */
1089 BOOL WINAPI PrivilegeCheck( HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
1090 {
1091         FIXME("stub %p %p %p\n", ClientToken, RequiredPrivileges, pfResult);
1092         if (pfResult)
1093                 *pfResult=TRUE;
1094         return TRUE;
1095 }
1096
1097 /******************************************************************************
1098  * GetSecurityInfoExW [ADVAPI32.@]
1099  */
1100 DWORD WINAPI GetSecurityInfoExW(
1101         HANDLE hObject, SE_OBJECT_TYPE ObjectType,
1102         SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider,
1103         LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList,
1104         PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup
1105 )
1106 {
1107   FIXME("stub!\n");
1108   return ERROR_BAD_PROVIDER;
1109 }