git.oblomov.eu Git - wine/blob - dlls/advapi32/security.c

   1 /*
   2  * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
   3  *
   4  * This library is free software; you can redistribute it and/or
   5  * modify it under the terms of the GNU Lesser General Public
   6  * License as published by the Free Software Foundation; either
   7  * version 2.1 of the License, or (at your option) any later version.
   8  *
   9  * This library is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12  * Lesser General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU Lesser General Public
  15  * License along with this library; if not, write to the Free Software
  16  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  17  *
  18  *  FIXME: for all functions thunking down to Rtl* functions:  implement SetLastError()
  19  */
  20
  21 #include <string.h>
  22
  23 #include "windef.h"
  24 #include "winerror.h"
  25 #include "rpcnterr.h"
  26 #include "heap.h"
  27 #include "winternl.h"
  28 #include "ntsecapi.h"
  29 #include "accctrl.h"
  30
  31 #include "wine/debug.h"
  32 #include "wine/unicode.h"
  33
  34 WINE_DEFAULT_DEBUG_CHANNEL(advapi);
  35
  36 #define CallWin32ToNt(func) \
  37         { NTSTATUS ret; \
  38           ret = (func); \
  39           if (ret !=STATUS_SUCCESS) \
  40           { SetLastError (RtlNtStatusToDosError(ret)); return FALSE; } \
  41           return TRUE; \
  42         }
  43
  44 static void dumpLsaAttributes( PLSA_OBJECT_ATTRIBUTES oa )
  45 {
  46         if (oa)
  47         {
  48           TRACE("\n\tlength=%lu, rootdir=%p, objectname=%s\n\tattr=0x%08lx, sid=%p qos=%p\n",
  49                 oa->Length, oa->RootDirectory,
  50                 oa->ObjectName?debugstr_w(oa->ObjectName->Buffer):"null",
  51                 oa->Attributes, oa->SecurityDescriptor, oa->SecurityQualityOfService);
  52         }
  53 }
  54
  55 /************************************************************
  56  *                ADVAPI_IsLocalComputer
  57  *
  58  * Checks whether the server name indicates local machine.
  59  */
  60 BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName)
  61 {
  62     if (!ServerName)
  63     {
  64         return TRUE;
  65     }
  66     else
  67     {
  68         DWORD dwSize = MAX_COMPUTERNAME_LENGTH + 1;
  69         BOOL Result;
  70         LPWSTR buf;
  71
  72         buf = HeapAlloc(GetProcessHeap(), 0, dwSize * sizeof(WCHAR));
  73         Result = GetComputerNameW(buf,  &dwSize);
  74         if (Result && (ServerName[0] == '\\') && (ServerName[1] == '\\'))
  75             ServerName += 2;
  76         Result = Result && !lstrcmpW(ServerName, buf);
  77         HeapFree(GetProcessHeap(), 0, buf);
  78
  79         return Result;
  80     }
  81 }
  82
  83 #define ADVAPI_ForceLocalComputer(ServerName, FailureCode) \
  84     if (!ADVAPI_IsLocalComputer(ServerName)) \
  85     { \
  86         FIXME("Action Implemented for local computer only. " \
  87               "Requested for server %s\n", debugstr_w(ServerName)); \
  88         return FailureCode; \
  89     }
  90
  91 /*      ##############################
  92         ######  TOKEN FUNCTIONS ######
  93         ##############################
  94 */
  95
  96 /******************************************************************************
  97  * OpenProcessToken                     [ADVAPI32.@]
  98  * Opens the access token associated with a process
  99  *
 100  * PARAMS
 101  *   ProcessHandle [I] Handle to process
 102  *   DesiredAccess [I] Desired access to process
 103  *   TokenHandle   [O] Pointer to handle of open access token
 104  *
 105  * RETURNS STD
 106  */
 107 BOOL WINAPI
 108 OpenProcessToken( HANDLE ProcessHandle, DWORD DesiredAccess,
 109                   HANDLE *TokenHandle )
 110 {
 111         CallWin32ToNt(NtOpenProcessToken( ProcessHandle, DesiredAccess, TokenHandle ));
 112 }
 113
 114 /******************************************************************************
 115  * OpenThreadToken [ADVAPI32.@]
 116  *
 117  * PARAMS
 118  *   thread        []
 119  *   desiredaccess []
 120  *   openasself    []
 121  *   thandle       []
 122  */
 123 BOOL WINAPI
 124 OpenThreadToken( HANDLE ThreadHandle, DWORD DesiredAccess,
 125                  BOOL OpenAsSelf, HANDLE *TokenHandle)
 126 {
 127         CallWin32ToNt (NtOpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf, TokenHandle));
 128 }
 129
 130 /******************************************************************************
 131  * AdjustTokenPrivileges [ADVAPI32.@]
 132  *
 133  * PARAMS
 134  *   TokenHandle          []
 135  *   DisableAllPrivileges []
 136  *   NewState             []
 137  *   BufferLength         []
 138  *   PreviousState        []
 139  *   ReturnLength         []
 140  */
 141 BOOL WINAPI
 142 AdjustTokenPrivileges( HANDLE TokenHandle, BOOL DisableAllPrivileges,
 143                        LPVOID NewState, DWORD BufferLength,
 144                        LPVOID PreviousState, LPDWORD ReturnLength )
 145 {
 146         CallWin32ToNt(NtAdjustPrivilegesToken(TokenHandle, DisableAllPrivileges, NewState, BufferLength, PreviousState, ReturnLength));
 147 }
 148
 149 /******************************************************************************
 150  * CheckTokenMembership [ADVAPI32.@]
 151  *
 152  * PARAMS
 153  *   TokenHandle [I]
 154  *   SidToCheck  [I]
 155  *   IsMember    [O]
 156  */
 157 BOOL WINAPI
 158 CheckTokenMembership( HANDLE TokenHandle, PSID SidToCheck,
 159                       PBOOL IsMember )
 160 {
 161   FIXME("(%p %p %p) stub!\n", TokenHandle, SidToCheck, IsMember);
 162
 163   *IsMember = TRUE;
 164   return(TRUE);
 165 }
 166
 167 /******************************************************************************
 168  * GetTokenInformation [ADVAPI32.@]
 169  *
 170  * PARAMS
 171  *   token           [I]
 172  *   tokeninfoclass  [I]
 173  *   tokeninfo       [O]
 174  *   tokeninfolength [I]
 175  *   retlen          [O]
 176  *
 177  */
 178 BOOL WINAPI
 179 GetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
 180                      LPVOID tokeninfo, DWORD tokeninfolength, LPDWORD retlen )
 181 {
 182     TRACE("(%p, %s, %p, %ld, %p): \n",
 183           token,
 184           (tokeninfoclass == TokenUser) ? "TokenUser" :
 185           (tokeninfoclass == TokenGroups) ? "TokenGroups" :
 186           (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
 187           (tokeninfoclass == TokenOwner) ? "TokenOwner" :
 188           (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
 189           (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
 190           (tokeninfoclass == TokenSource) ? "TokenSource" :
 191           (tokeninfoclass == TokenType) ? "TokenType" :
 192           (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
 193           (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
 194           (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
 195           (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
 196           (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
 197           (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
 198           (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
 199           "Unknown",
 200           tokeninfo, tokeninfolength, retlen);
 201     CallWin32ToNt (NtQueryInformationToken( token, tokeninfoclass, tokeninfo, tokeninfolength, retlen));
 202 }
 203
 204 /******************************************************************************
 205  * SetTokenInformation [ADVAPI32.@]
 206  *
 207  * PARAMS
 208  *   token           [I]
 209  *   tokeninfoclass  [I]
 210  *   tokeninfo       [I]
 211  *   tokeninfolength [I]
 212  *
 213  */
 214 BOOL WINAPI
 215 SetTokenInformation( HANDLE token, TOKEN_INFORMATION_CLASS tokeninfoclass,
 216                      LPVOID tokeninfo, DWORD tokeninfolength )
 217 {
 218     FIXME("(%p, %s, %p, %ld): stub\n",
 219           token,
 220           (tokeninfoclass == TokenUser) ? "TokenUser" :
 221           (tokeninfoclass == TokenGroups) ? "TokenGroups" :
 222           (tokeninfoclass == TokenPrivileges) ? "TokenPrivileges" :
 223           (tokeninfoclass == TokenOwner) ? "TokenOwner" :
 224           (tokeninfoclass == TokenPrimaryGroup) ? "TokenPrimaryGroup" :
 225           (tokeninfoclass == TokenDefaultDacl) ? "TokenDefaultDacl" :
 226           (tokeninfoclass == TokenSource) ? "TokenSource" :
 227           (tokeninfoclass == TokenType) ? "TokenType" :
 228           (tokeninfoclass == TokenImpersonationLevel) ? "TokenImpersonationLevel" :
 229           (tokeninfoclass == TokenStatistics) ? "TokenStatistics" :
 230           (tokeninfoclass == TokenRestrictedSids) ? "TokenRestrictedSids" :
 231           (tokeninfoclass == TokenSessionId) ? "TokenSessionId" :
 232           (tokeninfoclass == TokenGroupsAndPrivileges) ? "TokenGroupsAndPrivileges" :
 233           (tokeninfoclass == TokenSessionReference) ? "TokenSessionReference" :
 234           (tokeninfoclass == TokenSandBoxInert) ? "TokenSandBoxInert" :
 235           "Unknown",
 236           tokeninfo, tokeninfolength);
 237
 238     SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
 239
 240     return FALSE;
 241 }
 242
 243 /*************************************************************************
 244  * SetThreadToken [ADVAPI32.@]
 245  *
 246  * Assigns an "impersonation token" to a thread so it can assume the
 247  * security privledges of another thread or process.  Can also remove
 248  * a previously assigned token.  Only supported on NT - it's a stub
 249  * exactly like this one on Win9X.
 250  *
 251  */
 252
 253 BOOL WINAPI SetThreadToken(PHANDLE thread, HANDLE token)
 254 {
 255     FIXME("(%p, %p): stub (NT impl. only)\n", thread, token);
 256
 257     SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
 258
 259     return FALSE;
 260 }
 261
 262 /*      ##############################
 263         ######  SID FUNCTIONS   ######
 264         ##############################
 265 */
 266
 267 /******************************************************************************
 268  * AllocateAndInitializeSid [ADVAPI32.@]
 269  *
 270  * PARAMS
 271  *   pIdentifierAuthority []
 272  *   nSubAuthorityCount   []
 273  *   nSubAuthority0       []
 274  *   nSubAuthority1       []
 275  *   nSubAuthority2       []
 276  *   nSubAuthority3       []
 277  *   nSubAuthority4       []
 278  *   nSubAuthority5       []
 279  *   nSubAuthority6       []
 280  *   nSubAuthority7       []
 281  *   pSid                 []
 282  */
 283 BOOL WINAPI
 284 AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
 285                           BYTE nSubAuthorityCount,
 286                           DWORD nSubAuthority0, DWORD nSubAuthority1,
 287                           DWORD nSubAuthority2, DWORD nSubAuthority3,
 288                           DWORD nSubAuthority4, DWORD nSubAuthority5,
 289                           DWORD nSubAuthority6, DWORD nSubAuthority7,
 290                           PSID *pSid )
 291 {
 292         CallWin32ToNt (RtlAllocateAndInitializeSid(
 293                 pIdentifierAuthority, nSubAuthorityCount,
 294                 nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3,
 295                 nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7,
 296                 pSid ));
 297 }
 298
 299 /******************************************************************************
 300  * FreeSid [ADVAPI32.@]
 301  *
 302  * PARAMS
 303  *   pSid []
 304  */
 305 PVOID WINAPI
 306 FreeSid( PSID pSid )
 307 {
 308         RtlFreeSid(pSid);
 309         return NULL; /* is documented like this */
 310 }
 311
 312 /******************************************************************************
 313  * CopySid [ADVAPI32.@]
 314  *
 315  * PARAMS
 316  *   nDestinationSidLength []
 317  *   pDestinationSid       []
 318  *   pSourceSid            []
 319  */
 320 BOOL WINAPI
 321 CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
 322 {
 323         return RtlCopySid(nDestinationSidLength, pDestinationSid, pSourceSid);
 324 }
 325
 326 /******************************************************************************
 327  * IsValidSid [ADVAPI32.@]
 328  *
 329  * PARAMS
 330  *   pSid []
 331  */
 332 BOOL WINAPI
 333 IsValidSid( PSID pSid )
 334 {
 335         return RtlValidSid( pSid );
 336 }
 337
 338 /******************************************************************************
 339  * EqualSid [ADVAPI32.@]
 340  *
 341  * PARAMS
 342  *   pSid1 []
 343  *   pSid2 []
 344  */
 345 BOOL WINAPI
 346 EqualSid( PSID pSid1, PSID pSid2 )
 347 {
 348         return RtlEqualSid( pSid1, pSid2 );
 349 }
 350
 351 /******************************************************************************
 352  * EqualPrefixSid [ADVAPI32.@]
 353  */
 354 BOOL WINAPI EqualPrefixSid (PSID pSid1, PSID pSid2)
 355 {
 356         return RtlEqualPrefixSid(pSid1, pSid2);
 357 }
 358
 359 /******************************************************************************
 360  * GetSidLengthRequired [ADVAPI32.@]
 361  *
 362  * PARAMS
 363  *   nSubAuthorityCount []
 364  */
 365 DWORD WINAPI
 366 GetSidLengthRequired( BYTE nSubAuthorityCount )
 367 {
 368         return RtlLengthRequiredSid(nSubAuthorityCount);
 369 }
 370
 371 /******************************************************************************
 372  * InitializeSid [ADVAPI32.@]
 373  *
 374  * PARAMS
 375  *   pIdentifierAuthority []
 376  */
 377 BOOL WINAPI
 378 InitializeSid (
 379         PSID pSid,
 380         PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
 381         BYTE nSubAuthorityCount)
 382 {
 383         return RtlInitializeSid(pSid, pIdentifierAuthority, nSubAuthorityCount);
 384 }
 385
 386 /******************************************************************************
 387  * GetSidIdentifierAuthority [ADVAPI32.@]
 388  *
 389  * PARAMS
 390  *   pSid []
 391  */
 392 PSID_IDENTIFIER_AUTHORITY WINAPI
 393 GetSidIdentifierAuthority( PSID pSid )
 394 {
 395         return RtlIdentifierAuthoritySid(pSid);
 396 }
 397
 398 /******************************************************************************
 399  * GetSidSubAuthority [ADVAPI32.@]
 400  *
 401  * PARAMS
 402  *   pSid          []
 403  *   nSubAuthority []
 404  */
 405 PDWORD WINAPI
 406 GetSidSubAuthority( PSID pSid, DWORD nSubAuthority )
 407 {
 408         return RtlSubAuthoritySid(pSid, nSubAuthority);
 409 }
 410
 411 /******************************************************************************
 412  * GetSidSubAuthorityCount [ADVAPI32.@]
 413  *
 414  * PARAMS
 415  *   pSid []
 416  */
 417 PUCHAR WINAPI
 418 GetSidSubAuthorityCount (PSID pSid)
 419 {
 420         return RtlSubAuthorityCountSid(pSid);
 421 }
 422
 423 /******************************************************************************
 424  * GetLengthSid [ADVAPI32.@]
 425  *
 426  * PARAMS
 427  *   pSid []
 428  */
 429 DWORD WINAPI
 430 GetLengthSid (PSID pSid)
 431 {
 432         return RtlLengthSid(pSid);
 433 }
 434
 435 /*      ##############################################
 436         ######  SECURITY DESCRIPTOR FUNCTIONS   ######
 437         ##############################################
 438 */
 439
 440 /******************************************************************************
 441  * InitializeSecurityDescriptor [ADVAPI32.@]
 442  *
 443  * PARAMS
 444  *   pDescr   []
 445  *   revision []
 446  */
 447 BOOL WINAPI
 448 InitializeSecurityDescriptor( SECURITY_DESCRIPTOR *pDescr, DWORD revision )
 449 {
 450         CallWin32ToNt (RtlCreateSecurityDescriptor(pDescr, revision ));
 451 }
 452
 453 /******************************************************************************
 454  * GetSecurityDescriptorLength [ADVAPI32.@]
 455  */
 456 DWORD WINAPI GetSecurityDescriptorLength( SECURITY_DESCRIPTOR *pDescr)
 457 {
 458         return (RtlLengthSecurityDescriptor(pDescr));
 459 }
 460
 461 /******************************************************************************
 462  * GetSecurityDescriptorOwner [ADVAPI32.@]
 463  *
 464  * PARAMS
 465  *   pOwner            []
 466  *   lpbOwnerDefaulted []
 467  */
 468 BOOL WINAPI
 469 GetSecurityDescriptorOwner( SECURITY_DESCRIPTOR *pDescr, PSID *pOwner,
 470                             LPBOOL lpbOwnerDefaulted )
 471 {
 472         CallWin32ToNt (RtlGetOwnerSecurityDescriptor( pDescr, pOwner, (PBOOLEAN)lpbOwnerDefaulted ));
 473 }
 474
 475 /******************************************************************************
 476  * SetSecurityDescriptorOwner [ADVAPI32.@]
 477  *
 478  * PARAMS
 479  */
 480 BOOL WINAPI SetSecurityDescriptorOwner( PSECURITY_DESCRIPTOR pSecurityDescriptor,
 481                                    PSID pOwner, BOOL bOwnerDefaulted)
 482 {
 483         CallWin32ToNt (RtlSetOwnerSecurityDescriptor(pSecurityDescriptor, pOwner, bOwnerDefaulted));
 484 }
 485 /******************************************************************************
 486  * GetSecurityDescriptorGroup                   [ADVAPI32.@]
 487  */
 488 BOOL WINAPI GetSecurityDescriptorGroup(
 489         PSECURITY_DESCRIPTOR SecurityDescriptor,
 490         PSID *Group,
 491         LPBOOL GroupDefaulted)
 492 {
 493         CallWin32ToNt (RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, (PBOOLEAN)GroupDefaulted));
 494 }
 495 /******************************************************************************
 496  * SetSecurityDescriptorGroup [ADVAPI32.@]
 497  */
 498 BOOL WINAPI SetSecurityDescriptorGroup ( PSECURITY_DESCRIPTOR SecurityDescriptor,
 499                                            PSID Group, BOOL GroupDefaulted)
 500 {
 501         CallWin32ToNt (RtlSetGroupSecurityDescriptor( SecurityDescriptor, Group, GroupDefaulted));
 502 }
 503
 504 /******************************************************************************
 505  * IsValidSecurityDescriptor [ADVAPI32.@]
 506  *
 507  * PARAMS
 508  *   lpsecdesc []
 509  */
 510 BOOL WINAPI
 511 IsValidSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor )
 512 {
 513         CallWin32ToNt (RtlValidSecurityDescriptor(SecurityDescriptor));
 514 }
 515
 516 /******************************************************************************
 517  *  GetSecurityDescriptorDacl                   [ADVAPI32.@]
 518  */
 519 BOOL WINAPI GetSecurityDescriptorDacl(
 520         IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
 521         OUT LPBOOL lpbDaclPresent,
 522         OUT PACL *pDacl,
 523         OUT LPBOOL lpbDaclDefaulted)
 524 {
 525         CallWin32ToNt (RtlGetDaclSecurityDescriptor(pSecurityDescriptor, (PBOOLEAN)lpbDaclPresent,
 526                                                pDacl, (PBOOLEAN)lpbDaclDefaulted));
 527 }
 528
 529 /******************************************************************************
 530  *  SetSecurityDescriptorDacl                   [ADVAPI32.@]
 531  */
 532 BOOL WINAPI
 533 SetSecurityDescriptorDacl (
 534         PSECURITY_DESCRIPTOR lpsd,
 535         BOOL daclpresent,
 536         PACL dacl,
 537         BOOL dacldefaulted )
 538 {
 539         CallWin32ToNt (RtlSetDaclSecurityDescriptor (lpsd, daclpresent, dacl, dacldefaulted ));
 540 }
 541 /******************************************************************************
 542  *  GetSecurityDescriptorSacl                   [ADVAPI32.@]
 543  */
 544 BOOL WINAPI GetSecurityDescriptorSacl(
 545         IN PSECURITY_DESCRIPTOR lpsd,
 546         OUT LPBOOL lpbSaclPresent,
 547         OUT PACL *pSacl,
 548         OUT LPBOOL lpbSaclDefaulted)
 549 {
 550         CallWin32ToNt (RtlGetSaclSecurityDescriptor(lpsd,
 551            (PBOOLEAN)lpbSaclPresent, pSacl, (PBOOLEAN)lpbSaclDefaulted));
 552 }
 553
 554 /**************************************************************************
 555  * SetSecurityDescriptorSacl                    [ADVAPI32.@]
 556  */
 557 BOOL WINAPI SetSecurityDescriptorSacl (
 558         PSECURITY_DESCRIPTOR lpsd,
 559         BOOL saclpresent,
 560         PACL lpsacl,
 561         BOOL sacldefaulted)
 562 {
 563         CallWin32ToNt (RtlSetSaclSecurityDescriptor(lpsd, saclpresent, lpsacl, sacldefaulted));
 564 }
 565 /******************************************************************************
 566  * MakeSelfRelativeSD [ADVAPI32.@]
 567  *
 568  * PARAMS
 569  *   lpabssecdesc  []
 570  *   lpselfsecdesc []
 571  *   lpbuflen      []
 572  */
 573 BOOL WINAPI
 574 MakeSelfRelativeSD(
 575         IN PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
 576         IN PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
 577         IN OUT LPDWORD lpdwBufferLength)
 578 {
 579         CallWin32ToNt (RtlMakeSelfRelativeSD(pAbsoluteSecurityDescriptor,pSelfRelativeSecurityDescriptor, lpdwBufferLength));
 580 }
 581
 582 /******************************************************************************
 583  * GetSecurityDescriptorControl                 [ADVAPI32.@]
 584  */
 585
 586 BOOL WINAPI GetSecurityDescriptorControl ( PSECURITY_DESCRIPTOR  pSecurityDescriptor,
 587                  PSECURITY_DESCRIPTOR_CONTROL pControl, LPDWORD lpdwRevision)
 588 {
 589         CallWin32ToNt (RtlGetControlSecurityDescriptor(pSecurityDescriptor,pControl,lpdwRevision));
 590 }
 591
 592 /*      ##############################
 593         ######  ACL FUNCTIONS   ######
 594         ##############################
 595 */
 596
 597 /*************************************************************************
 598  * InitializeAcl [ADVAPI32.@]
 599  */
 600 DWORD WINAPI InitializeAcl(PACL acl, DWORD size, DWORD rev)
 601 {
 602         CallWin32ToNt (RtlCreateAcl(acl, size, rev));
 603 }
 604
 605 /*      ##############################
 606         ######  MISC FUNCTIONS  ######
 607         ##############################
 608 */
 609
 610 /******************************************************************************
 611  * LookupPrivilegeValueW                        [ADVAPI32.@]
 612  * Retrieves LUID used on a system to represent the privilege name.
 613  *
 614  * PARAMS
 615  *   lpSystemName [I] Address of string specifying the system
 616  *   lpName       [I] Address of string specifying the privilege
 617  *   lpLuid       [I] Address of locally unique identifier
 618  *
 619  * RETURNS STD
 620  */
 621 BOOL WINAPI
 622 LookupPrivilegeValueW( LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid )
 623 {
 624     FIXME("(%s,%s,%p): stub\n",debugstr_w(lpSystemName),
 625         debugstr_w(lpName), lpLuid);
 626     lpLuid->LowPart = 0x12345678;
 627     lpLuid->HighPart = 0x87654321;
 628     return TRUE;
 629 }
 630
 631 /******************************************************************************
 632  * LookupPrivilegeValueA                        [ADVAPI32.@]
 633  */
 634 BOOL WINAPI
 635 LookupPrivilegeValueA( LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid )
 636 {
 637     UNICODE_STRING lpSystemNameW;
 638     UNICODE_STRING lpNameW;
 639     BOOL ret;
 640
 641     RtlCreateUnicodeStringFromAsciiz(&lpSystemNameW, lpSystemName);
 642     RtlCreateUnicodeStringFromAsciiz(&lpNameW,lpName);
 643     ret = LookupPrivilegeValueW(lpSystemNameW.Buffer, lpNameW.Buffer, lpLuid);
 644     RtlFreeUnicodeString(&lpNameW);
 645     RtlFreeUnicodeString(&lpSystemNameW);
 646     return ret;
 647 }
 648
 649 /******************************************************************************
 650  * GetFileSecurityA [ADVAPI32.@]
 651  *
 652  * Obtains Specified information about the security of a file or directory
 653  * The information obtained is constrained by the callers access rights and
 654  * privileges
 655  */
 656 BOOL WINAPI
 657 GetFileSecurityA( LPCSTR lpFileName,
 658                     SECURITY_INFORMATION RequestedInformation,
 659                     PSECURITY_DESCRIPTOR pSecurityDescriptor,
 660                     DWORD nLength, LPDWORD lpnLengthNeeded )
 661 {
 662   FIXME("(%s) : stub\n", debugstr_a(lpFileName));
 663   return TRUE;
 664 }
 665
 666 /******************************************************************************
 667  * GetFileSecurityW [ADVAPI32.@]
 668  *
 669  * Obtains Specified information about the security of a file or directory
 670  * The information obtained is constrained by the callers access rights and
 671  * privileges
 672  *
 673  * PARAMS
 674  *   lpFileName           []
 675  *   RequestedInformation []
 676  *   pSecurityDescriptor  []
 677  *   nLength              []
 678  *   lpnLengthNeeded      []
 679  */
 680 BOOL WINAPI
 681 GetFileSecurityW( LPCWSTR lpFileName,
 682                     SECURITY_INFORMATION RequestedInformation,
 683                     PSECURITY_DESCRIPTOR pSecurityDescriptor,
 684                     DWORD nLength, LPDWORD lpnLengthNeeded )
 685 {
 686   FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
 687   return TRUE;
 688 }
 689
 690
 691 /******************************************************************************
 692  * LookupAccountSidA [ADVAPI32.@]
 693  */
 694 BOOL WINAPI
 695 LookupAccountSidA(
 696         IN LPCSTR system,
 697         IN PSID sid,
 698         OUT LPSTR account,
 699         IN OUT LPDWORD accountSize,
 700         OUT LPSTR domain,
 701         IN OUT LPDWORD domainSize,
 702         OUT PSID_NAME_USE name_use )
 703 {
 704         static const char ac[] = "Administrator";
 705         static const char dm[] = "DOMAIN";
 706         FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
 707               debugstr_a(system),sid,
 708               account,accountSize,accountSize?*accountSize:0,
 709               domain,domainSize,domainSize?*domainSize:0,
 710               name_use);
 711
 712         if (accountSize) *accountSize = strlen(ac)+1;
 713         if (account && (*accountSize > strlen(ac)))
 714           strcpy(account, ac);
 715
 716         if (domainSize) *domainSize = strlen(dm)+1;
 717         if (domain && (*domainSize > strlen(dm)))
 718           strcpy(domain,dm);
 719
 720         if (name_use) *name_use = SidTypeUser;
 721         return TRUE;
 722 }
 723
 724 /******************************************************************************
 725  * LookupAccountSidW [ADVAPI32.@]
 726  *
 727  * PARAMS
 728  *   system      []
 729  *   sid         []
 730  *   account     []
 731  *   accountSize []
 732  *   domain      []
 733  *   domainSize  []
 734  *   name_use    []
 735  */
 736 BOOL WINAPI
 737 LookupAccountSidW(
 738         IN LPCWSTR system,
 739         IN PSID sid,
 740         OUT LPWSTR account,
 741         IN OUT LPDWORD accountSize,
 742         OUT LPWSTR domain,
 743         IN OUT LPDWORD domainSize,
 744         OUT PSID_NAME_USE name_use )
 745 {
 746     static const WCHAR ac[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0};
 747     static const WCHAR dm[] = {'D','O','M','A','I','N',0};
 748         FIXME("(%s,sid=%p,%p,%p(%lu),%p,%p(%lu),%p): semi-stub\n",
 749               debugstr_w(system),sid,
 750               account,accountSize,accountSize?*accountSize:0,
 751               domain,domainSize,domainSize?*domainSize:0,
 752               name_use);
 753
 754         if (accountSize) *accountSize = strlenW(ac)+1;
 755         if (account && (*accountSize > strlenW(ac)))
 756             strcpyW(account, ac);
 757
 758         if (domainSize) *domainSize = strlenW(dm)+1;
 759         if (domain && (*domainSize > strlenW(dm)))
 760             strcpyW(domain,dm);
 761
 762         if (name_use) *name_use = SidTypeUser;
 763         return TRUE;
 764 }
 765
 766 /******************************************************************************
 767  * SetFileSecurityA [ADVAPI32.@]
 768  * Sets the security of a file or directory
 769  */
 770 BOOL WINAPI SetFileSecurityA( LPCSTR lpFileName,
 771                                 SECURITY_INFORMATION RequestedInformation,
 772                                 PSECURITY_DESCRIPTOR pSecurityDescriptor)
 773 {
 774   FIXME("(%s) : stub\n", debugstr_a(lpFileName));
 775   return TRUE;
 776 }
 777
 778 /******************************************************************************
 779  * SetFileSecurityW [ADVAPI32.@]
 780  * Sets the security of a file or directory
 781  *
 782  * PARAMS
 783  *   lpFileName           []
 784  *   RequestedInformation []
 785  *   pSecurityDescriptor  []
 786  */
 787 BOOL WINAPI
 788 SetFileSecurityW( LPCWSTR lpFileName,
 789                     SECURITY_INFORMATION RequestedInformation,
 790                     PSECURITY_DESCRIPTOR pSecurityDescriptor )
 791 {
 792   FIXME("(%s) : stub\n", debugstr_w(lpFileName) );
 793   return TRUE;
 794 }
 795
 796 /******************************************************************************
 797  * QueryWindows31FilesMigration [ADVAPI32.@]
 798  *
 799  * PARAMS
 800  *   x1 []
 801  */
 802 BOOL WINAPI
 803 QueryWindows31FilesMigration( DWORD x1 )
 804 {
 805         FIXME("(%ld):stub\n",x1);
 806         return TRUE;
 807 }
 808
 809 /******************************************************************************
 810  * SynchronizeWindows31FilesAndWindowsNTRegistry [ADVAPI32.@]
 811  *
 812  * PARAMS
 813  *   x1 []
 814  *   x2 []
 815  *   x3 []
 816  *   x4 []
 817  */
 818 BOOL WINAPI
 819 SynchronizeWindows31FilesAndWindowsNTRegistry( DWORD x1, DWORD x2, DWORD x3,
 820                                                DWORD x4 )
 821 {
 822         FIXME("(0x%08lx,0x%08lx,0x%08lx,0x%08lx):stub\n",x1,x2,x3,x4);
 823         return TRUE;
 824 }
 825
 826 /******************************************************************************
 827  * LsaOpenPolicy [ADVAPI32.@]
 828  *
 829  * PARAMS
 830  *   x1 []
 831  *   x2 []
 832  *   x3 []
 833  *   x4 []
 834  */
 835 NTSTATUS WINAPI
 836 LsaOpenPolicy(
 837         IN PLSA_UNICODE_STRING SystemName,
 838         IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes,
 839         IN ACCESS_MASK DesiredAccess,
 840         IN OUT PLSA_HANDLE PolicyHandle)
 841 {
 842         FIXME("(%s,%p,0x%08lx,%p):stub\n",
 843               SystemName?debugstr_w(SystemName->Buffer):"null",
 844               ObjectAttributes, DesiredAccess, PolicyHandle);
 845         ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
 846                                   STATUS_ACCESS_VIOLATION);
 847         dumpLsaAttributes(ObjectAttributes);
 848         if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
 849         return STATUS_SUCCESS;
 850 }
 851
 852 /******************************************************************************
 853  * LsaQueryInformationPolicy [ADVAPI32.@]
 854  */
 855 NTSTATUS WINAPI
 856 LsaQueryInformationPolicy(
 857         IN LSA_HANDLE PolicyHandle,
 858         IN POLICY_INFORMATION_CLASS InformationClass,
 859         OUT PVOID *Buffer)
 860 {
 861         FIXME("(%p,0x%08x,%p):stub\n",
 862               PolicyHandle, InformationClass, Buffer);
 863
 864         if(!Buffer) return FALSE;
 865         switch (InformationClass)
 866         {
 867           case PolicyAuditEventsInformation: /* 2 */
 868             {
 869               PPOLICY_AUDIT_EVENTS_INFO p = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(POLICY_AUDIT_EVENTS_INFO));
 870               p->AuditingMode = FALSE; /* no auditing */
 871               *Buffer = p;
 872             }
 873             break;
 874           case PolicyPrimaryDomainInformation: /* 3 */
 875           case PolicyAccountDomainInformation: /* 5 */
 876             {
 877               struct di
 878               { POLICY_PRIMARY_DOMAIN_INFO ppdi;
 879                 SID sid;
 880               };
 881               SID_IDENTIFIER_AUTHORITY localSidAuthority = {SECURITY_NT_AUTHORITY};
 882
 883               struct di * xdi = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(xdi));
 884               RtlCreateUnicodeStringFromAsciiz(&(xdi->ppdi.Name), "DOMAIN");
 885               xdi->ppdi.Sid = &(xdi->sid);
 886               xdi->sid.Revision = SID_REVISION;
 887               xdi->sid.SubAuthorityCount = 1;
 888               xdi->sid.IdentifierAuthority = localSidAuthority;
 889               xdi->sid.SubAuthority[0] = SECURITY_LOCAL_SYSTEM_RID;
 890               *Buffer = xdi;
 891             }
 892             break;
 893           case  PolicyAuditLogInformation:
 894           case  PolicyPdAccountInformation:
 895           case  PolicyLsaServerRoleInformation:
 896           case  PolicyReplicaSourceInformation:
 897           case  PolicyDefaultQuotaInformation:
 898           case  PolicyModificationInformation:
 899           case  PolicyAuditFullSetInformation:
 900           case  PolicyAuditFullQueryInformation:
 901           case  PolicyDnsDomainInformation:
 902             {
 903               FIXME("category not implemented\n");
 904               return FALSE;
 905             }
 906         }
 907         return TRUE;
 908 }
 909
 910 /******************************************************************************
 911  * LsaLookupSids [ADVAPI32.@]
 912  */
 913 typedef struct
 914 {
 915         SID_NAME_USE Use;
 916         LSA_UNICODE_STRING Name;
 917         LONG DomainIndex;
 918 } LSA_TRANSLATED_NAME, *PLSA_TRANSLATED_NAME;
 919
 920 typedef struct
 921 {
 922         LSA_UNICODE_STRING Name;
 923         PSID Sid;
 924 } LSA_TRUST_INFORMATION, *PLSA_TRUST_INFORMATION;
 925
 926 typedef struct
 927 {
 928         ULONG Entries;
 929         PLSA_TRUST_INFORMATION Domains;
 930 } LSA_REFERENCED_DOMAIN_LIST, *PLSA_REFERENCED_DOMAIN_LIST;
 931
 932 NTSTATUS WINAPI
 933 LsaLookupSids(
 934         IN LSA_HANDLE PolicyHandle,
 935         IN ULONG Count,
 936         IN PSID *Sids,
 937         OUT PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
 938         OUT PLSA_TRANSLATED_NAME *Names )
 939 {
 940         FIXME("%p %lu %p %p %p\n",
 941           PolicyHandle, Count, Sids, ReferencedDomains, Names);
 942         return FALSE;
 943 }
 944
 945 /******************************************************************************
 946  * LsaFreeMemory [ADVAPI32.@]
 947  */
 948 NTSTATUS WINAPI
 949 LsaFreeMemory(IN PVOID Buffer)
 950 {
 951         TRACE("(%p)\n",Buffer);
 952         return HeapFree(GetProcessHeap(), 0, Buffer);
 953 }
 954 /******************************************************************************
 955  * LsaClose [ADVAPI32.@]
 956  */
 957 NTSTATUS WINAPI
 958 LsaClose(IN LSA_HANDLE ObjectHandle)
 959 {
 960         FIXME("(%p):stub\n",ObjectHandle);
 961         return 0xc0000000;
 962 }
 963
 964 /******************************************************************************
 965  * LsaNtStatusToWinError [ADVAPI32.@]
 966  *
 967  * PARAMS
 968  *   Status [I]
 969  */
 970 ULONG WINAPI
 971 LsaNtStatusToWinError(NTSTATUS Status)
 972 {
 973     return RtlNtStatusToDosError(Status);
 974 }
 975
 976 /******************************************************************************
 977  * NotifyBootConfigStatus [ADVAPI32.@]
 978  *
 979  * PARAMS
 980  *   x1 []
 981  */
 982 BOOL WINAPI
 983 NotifyBootConfigStatus( DWORD x1 )
 984 {
 985         FIXME("(0x%08lx):stub\n",x1);
 986         return 1;
 987 }
 988
 989 /******************************************************************************
 990  * RevertToSelf [ADVAPI32.@]
 991  *
 992  * PARAMS
 993  *   void []
 994  */
 995 BOOL WINAPI
 996 RevertToSelf( void )
 997 {
 998         FIXME("(), stub\n");
 999         return TRUE;
1000 }
1001
1002 /******************************************************************************
1003  * ImpersonateSelf [ADVAPI32.@]
1004  */
1005 BOOL WINAPI
1006 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
1007 {
1008         return RtlImpersonateSelf(ImpersonationLevel);
1009 }
1010
1011 /******************************************************************************
1012  * ImpersonateLoggedOnUser [ADVAPI32.@]
1013  */
1014 BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
1015 {
1016     FIXME("(%p):stub returning FALSE\n", hToken);
1017     return FALSE;
1018 }
1019
1020 /******************************************************************************
1021  * AccessCheck [ADVAPI32.@]
1022  *
1023  * FIXME check cast LPBOOL to PBOOLEAN
1024  */
1025 BOOL WINAPI
1026 AccessCheck(
1027         PSECURITY_DESCRIPTOR SecurityDescriptor,
1028         HANDLE ClientToken,
1029         DWORD DesiredAccess,
1030         PGENERIC_MAPPING GenericMapping,
1031         PPRIVILEGE_SET PrivilegeSet,
1032         LPDWORD PrivilegeSetLength,
1033         LPDWORD GrantedAccess,
1034         LPBOOL AccessStatus)
1035 {
1036         CallWin32ToNt (NtAccessCheck(SecurityDescriptor, ClientToken, DesiredAccess,
1037           GenericMapping, PrivilegeSet, PrivilegeSetLength, GrantedAccess, (PBOOLEAN)AccessStatus));
1038 }
1039
1040 /*************************************************************************
1041  * SetKernelObjectSecurity [ADVAPI32.@]
1042  */
1043 BOOL WINAPI SetKernelObjectSecurity (
1044         IN HANDLE Handle,
1045         IN SECURITY_INFORMATION SecurityInformation,
1046         IN PSECURITY_DESCRIPTOR SecurityDescriptor )
1047 {
1048         CallWin32ToNt (NtSetSecurityObject (Handle, SecurityInformation, SecurityDescriptor));
1049 }
1050
1051 /******************************************************************************
1052  *  AddAccessAllowedAce [ADVAPI32.@]
1053  */
1054 BOOL WINAPI AddAccessAllowedAce(
1055         IN OUT PACL pAcl,
1056         IN DWORD dwAceRevision,
1057         IN DWORD AccessMask,
1058         IN PSID pSid)
1059 {
1060         return RtlAddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid);
1061 }
1062
1063 /******************************************************************************
1064  * LookupAccountNameA [ADVAPI32.@]
1065  */
1066 BOOL WINAPI
1067 LookupAccountNameA(
1068         IN LPCSTR system,
1069         IN LPCSTR account,
1070         OUT PSID sid,
1071         OUT LPDWORD cbSid,
1072         LPSTR ReferencedDomainName,
1073         IN OUT LPDWORD cbReferencedDomainName,
1074         OUT PSID_NAME_USE name_use )
1075 {
1076     FIXME("(%s,%s,%p,%p,%p,%p,%p), stub.\n",system,account,sid,cbSid,ReferencedDomainName,cbReferencedDomainName,name_use);
1077     return FALSE;
1078 }
1079
1080 /******************************************************************************
1081  * GetAce [ADVAPI32.@]
1082  */
1083 BOOL WINAPI GetAce(PACL pAcl,DWORD dwAceIndex,LPVOID *pAce )
1084 {
1085     CallWin32ToNt(RtlGetAce(pAcl, dwAceIndex, pAce));
1086 }
1087
1088 /******************************************************************************
1089  * PrivilegeCheck [ADVAPI32.@]
1090  */
1091 BOOL WINAPI PrivilegeCheck( HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
1092 {
1093         FIXME("stub %p %p %p\n", ClientToken, RequiredPrivileges, pfResult);
1094         if (pfResult)
1095                 *pfResult=TRUE;
1096         return TRUE;
1097 }
1098
1099 /******************************************************************************
1100  * GetSecurityInfoExW [ADVAPI32.@]
1101  */
1102 DWORD WINAPI GetSecurityInfoExW(
1103         HANDLE hObject, SE_OBJECT_TYPE ObjectType,
1104         SECURITY_INFORMATION SecurityInfo, LPCWSTR lpProvider,
1105         LPCWSTR lpProperty, PACTRL_ACCESSW *ppAccessList,
1106         PACTRL_AUDITW *ppAuditList, LPWSTR *lppOwner, LPWSTR *lppGroup
1107 )
1108 {
1109   FIXME("stub!\n");
1110   return ERROR_BAD_PROVIDER;
1111 }