2005-09-08 00:09:32 +00:00
|
|
|
/*
|
2004-05-31 19:33:59 +00:00
|
|
|
* COPYRIGHT: See COPYING in the top level directory
|
2005-09-08 00:09:32 +00:00
|
|
|
* PROJECT: ReactOS system libraries
|
2004-05-31 19:33:59 +00:00
|
|
|
* PURPOSE: Security descriptor functions
|
|
|
|
|
* FILE: lib/rtl/sd.c
|
|
|
|
|
* PROGRAMER: David Welch <welch@cwcom.net>
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* INCLUDES *****************************************************************/
|
|
|
|
|
|
2005-07-26 08:39:07 +00:00
|
|
|
#include <rtl.h>
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2005-05-08 05:14:46 +00:00
|
|
|
#define NDEBUG
|
|
|
|
|
#include <debug.h>
|
2004-05-31 19:33:59 +00:00
|
|
|
|
|
|
|
|
/* FUNCTIONS ***************************************************************/
|
|
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
|
|
|
|
|
static VOID
|
2005-10-19 17:03:38 +00:00
|
|
|
RtlpQuerySecurityDescriptorPointers(IN PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2005-02-12 11:47:03 +00:00
|
|
|
OUT PSID *Owner OPTIONAL,
|
|
|
|
|
OUT PSID *Group OPTIONAL,
|
|
|
|
|
OUT PACL *Sacl OPTIONAL,
|
|
|
|
|
OUT PACL *Dacl OPTIONAL)
|
|
|
|
|
{
|
|
|
|
|
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
|
|
|
|
{
|
2005-07-26 14:00:45 +00:00
|
|
|
PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)SecurityDescriptor;
|
2005-02-12 11:47:03 +00:00
|
|
|
if(Owner != NULL)
|
|
|
|
|
{
|
|
|
|
|
*Owner = ((RelSD->Owner != 0) ? (PSID)((ULONG_PTR)RelSD + RelSD->Owner) : NULL);
|
|
|
|
|
}
|
|
|
|
|
if(Group != NULL)
|
|
|
|
|
{
|
|
|
|
|
*Group = ((RelSD->Group != 0) ? (PSID)((ULONG_PTR)RelSD + RelSD->Group) : NULL);
|
|
|
|
|
}
|
|
|
|
|
if(Sacl != NULL)
|
|
|
|
|
{
|
|
|
|
|
*Sacl = (((RelSD->Control & SE_SACL_PRESENT) && (RelSD->Sacl != 0)) ?
|
|
|
|
|
(PSID)((ULONG_PTR)RelSD + RelSD->Sacl) : NULL);
|
|
|
|
|
}
|
|
|
|
|
if(Dacl != NULL)
|
|
|
|
|
{
|
|
|
|
|
*Dacl = (((RelSD->Control & SE_DACL_PRESENT) && (RelSD->Dacl != 0)) ?
|
|
|
|
|
(PSID)((ULONG_PTR)RelSD + RelSD->Dacl) : NULL);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
if(Owner != NULL)
|
|
|
|
|
{
|
|
|
|
|
*Owner = SecurityDescriptor->Owner;
|
|
|
|
|
}
|
|
|
|
|
if(Group != NULL)
|
|
|
|
|
{
|
|
|
|
|
*Group = SecurityDescriptor->Group;
|
|
|
|
|
}
|
|
|
|
|
if(Sacl != NULL)
|
|
|
|
|
{
|
|
|
|
|
*Sacl = ((SecurityDescriptor->Control & SE_SACL_PRESENT) ? SecurityDescriptor->Sacl : NULL);
|
|
|
|
|
}
|
|
|
|
|
if(Dacl != NULL)
|
|
|
|
|
{
|
|
|
|
|
*Dacl = ((SecurityDescriptor->Control & SE_DACL_PRESENT) ? SecurityDescriptor->Dacl : NULL);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static VOID
|
|
|
|
|
RtlpQuerySecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|
|
|
|
PSID* Owner,
|
|
|
|
|
PULONG OwnerLength,
|
|
|
|
|
PSID* Group,
|
|
|
|
|
PULONG GroupLength,
|
|
|
|
|
PACL* Dacl,
|
|
|
|
|
PULONG DaclLength,
|
|
|
|
|
PACL* Sacl,
|
|
|
|
|
PULONG SaclLength)
|
|
|
|
|
{
|
|
|
|
|
RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
|
|
|
|
|
Owner,
|
|
|
|
|
Group,
|
|
|
|
|
Sacl,
|
|
|
|
|
Dacl);
|
|
|
|
|
|
|
|
|
|
if (Owner != NULL)
|
|
|
|
|
{
|
|
|
|
|
*OwnerLength = ((*Owner != NULL) ? ROUND_UP(RtlLengthSid(*Owner), 4) : 0);
|
|
|
|
|
}
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (Group != NULL)
|
|
|
|
|
{
|
|
|
|
|
*GroupLength = ((*Group != NULL) ? ROUND_UP(RtlLengthSid(*Group), 4) : 0);
|
|
|
|
|
}
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (Dacl != NULL)
|
|
|
|
|
{
|
|
|
|
|
*DaclLength = ((*Dacl != NULL) ? ROUND_UP((*Dacl)->AclSize, 4) : 0);
|
|
|
|
|
}
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (Sacl != NULL)
|
|
|
|
|
{
|
|
|
|
|
*SaclLength = ((*Sacl != NULL) ? ROUND_UP((*Sacl)->AclSize, 4) : 0);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-07 19:13:27 +00:00
|
|
|
/*
|
2005-02-14 14:36:03 +00:00
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlCreateSecurityDescriptor(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2004-05-31 19:33:59 +00:00
|
|
|
ULONG Revision)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
|
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
if (Revision != SECURITY_DESCRIPTOR_REVISION1)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_UNKNOWN_REVISION;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
SecurityDescriptor->Revision = Revision;
|
2004-05-31 19:33:59 +00:00
|
|
|
SecurityDescriptor->Sbz1 = 0;
|
|
|
|
|
SecurityDescriptor->Control = 0;
|
|
|
|
|
SecurityDescriptor->Owner = NULL;
|
|
|
|
|
SecurityDescriptor->Group = NULL;
|
|
|
|
|
SecurityDescriptor->Sacl = NULL;
|
|
|
|
|
SecurityDescriptor->Dacl = NULL;
|
|
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-11 12:06:29 +00:00
|
|
|
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
2005-07-26 14:00:45 +00:00
|
|
|
RtlCreateSecurityDescriptorRelative (PISECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor,
|
2005-02-12 11:47:03 +00:00
|
|
|
ULONG Revision)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (Revision != SECURITY_DESCRIPTOR_REVISION1)
|
|
|
|
|
{
|
|
|
|
|
return STATUS_UNKNOWN_REVISION;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SecurityDescriptor->Revision = Revision;
|
|
|
|
|
SecurityDescriptor->Sbz1 = 0;
|
|
|
|
|
SecurityDescriptor->Control = SE_SELF_RELATIVE;
|
|
|
|
|
SecurityDescriptor->Owner = 0;
|
|
|
|
|
SecurityDescriptor->Group = 0;
|
|
|
|
|
SecurityDescriptor->Sacl = 0;
|
|
|
|
|
SecurityDescriptor->Dacl = 0;
|
|
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
ULONG NTAPI
|
2004-05-31 19:33:59 +00:00
|
|
|
RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
|
|
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
PSID Owner, Group;
|
|
|
|
|
PACL Sacl, Dacl;
|
2004-09-22 20:16:02 +00:00
|
|
|
ULONG Length = sizeof(SECURITY_DESCRIPTOR);
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
|
|
|
|
|
&Owner,
|
|
|
|
|
&Group,
|
|
|
|
|
&Sacl,
|
|
|
|
|
&Dacl);
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (Owner != NULL)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
Length += ROUND_UP(RtlLengthSid(Owner), 4);
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (Group != NULL)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
Length += ROUND_UP(RtlLengthSid(Group), 4);
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (Dacl != NULL)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
Length += ROUND_UP(Dacl->AclSize, 4);
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (Sacl != NULL)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
Length += ROUND_UP(Sacl->AclSize, 4);
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
return Length;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlGetDaclSecurityDescriptor(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2004-05-31 19:33:59 +00:00
|
|
|
PBOOLEAN DaclPresent,
|
|
|
|
|
PACL* Dacl,
|
|
|
|
|
PBOOLEAN DaclDefaulted)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_UNKNOWN_REVISION;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (!(SecurityDescriptor->Control & SE_DACL_PRESENT))
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
*DaclPresent = FALSE;
|
|
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
*DaclPresent = TRUE;
|
|
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
Dacl);
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
*DaclDefaulted = ((SecurityDescriptor->Control & SE_DACL_DEFAULTED) ? TRUE : FALSE);
|
2004-09-25 12:11:13 +00:00
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlSetDaclSecurityDescriptor(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2004-05-31 19:33:59 +00:00
|
|
|
BOOLEAN DaclPresent,
|
|
|
|
|
PACL Dacl,
|
|
|
|
|
BOOLEAN DaclDefaulted)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_UNKNOWN_REVISION;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_BAD_DESCRIPTOR_FORMAT;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (!DaclPresent)
|
|
|
|
|
{
|
|
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_DACL_PRESENT);
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_DACL_PRESENT;
|
|
|
|
|
SecurityDescriptor->Dacl = Dacl;
|
|
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_DACL_DEFAULTED);
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (DaclDefaulted)
|
|
|
|
|
{
|
|
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_DACL_DEFAULTED;
|
|
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
BOOLEAN NTAPI
|
|
|
|
|
RtlValidSecurityDescriptor(PISECURITY_DESCRIPTOR SecurityDescriptor)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
PSID Owner, Group;
|
|
|
|
|
PACL Sacl, Dacl;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-02-12 11:47:03 +00:00
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return FALSE;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
|
|
|
|
|
&Owner,
|
|
|
|
|
&Group,
|
|
|
|
|
&Sacl,
|
|
|
|
|
&Dacl);
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if ((Owner != NULL && !RtlValidSid(Owner)) ||
|
|
|
|
|
(Group != NULL && !RtlValidSid(Group)) ||
|
|
|
|
|
(Sacl != NULL && !RtlValidAcl(Sacl)) ||
|
|
|
|
|
(Dacl != NULL && !RtlValidAcl(Dacl)))
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
return FALSE;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
return TRUE;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlSetOwnerSecurityDescriptor(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2004-05-31 19:33:59 +00:00
|
|
|
PSID Owner,
|
|
|
|
|
BOOLEAN OwnerDefaulted)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_UNKNOWN_REVISION;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_BAD_DESCRIPTOR_FORMAT;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
SecurityDescriptor->Owner = Owner;
|
|
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_OWNER_DEFAULTED);
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (OwnerDefaulted)
|
|
|
|
|
{
|
|
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_OWNER_DEFAULTED;
|
|
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2005-02-11 12:06:29 +00:00
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-11 12:06:29 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlGetOwnerSecurityDescriptor(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2004-05-31 19:33:59 +00:00
|
|
|
PSID* Owner,
|
|
|
|
|
PBOOLEAN OwnerDefaulted)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_UNKNOWN_REVISION;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
|
|
|
|
|
Owner,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL);
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
*OwnerDefaulted = ((SecurityDescriptor->Control & SE_OWNER_DEFAULTED) ? TRUE : FALSE);
|
2004-09-25 12:11:13 +00:00
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-11 12:06:29 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlSetGroupSecurityDescriptor(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2004-05-31 19:33:59 +00:00
|
|
|
PSID Group,
|
|
|
|
|
BOOLEAN GroupDefaulted)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_UNKNOWN_REVISION;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_BAD_DESCRIPTOR_FORMAT;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
SecurityDescriptor->Group = Group;
|
|
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_GROUP_DEFAULTED);
|
|
|
|
|
if (GroupDefaulted)
|
|
|
|
|
{
|
|
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_GROUP_DEFAULTED;
|
|
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-11 12:06:29 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlGetGroupSecurityDescriptor(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2004-05-31 19:33:59 +00:00
|
|
|
PSID* Group,
|
|
|
|
|
PBOOLEAN GroupDefaulted)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_UNKNOWN_REVISION;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
|
|
|
|
|
NULL,
|
|
|
|
|
Group,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL);
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
*GroupDefaulted = ((SecurityDescriptor->Control & SE_GROUP_DEFAULTED) ? TRUE : FALSE);
|
2004-09-25 12:11:13 +00:00
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlMakeSelfRelativeSD(PISECURITY_DESCRIPTOR AbsSD,
|
2005-07-26 14:00:45 +00:00
|
|
|
PISECURITY_DESCRIPTOR_RELATIVE RelSD,
|
2005-02-12 11:47:03 +00:00
|
|
|
PULONG BufferLength)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
|
|
|
|
PSID Owner;
|
|
|
|
|
PSID Group;
|
|
|
|
|
PACL Sacl;
|
|
|
|
|
PACL Dacl;
|
|
|
|
|
ULONG OwnerLength;
|
|
|
|
|
ULONG GroupLength;
|
|
|
|
|
ULONG SaclLength;
|
|
|
|
|
ULONG DaclLength;
|
|
|
|
|
ULONG TotalLength;
|
2004-08-28 22:22:39 +00:00
|
|
|
ULONG_PTR Current;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2004-05-31 19:33:59 +00:00
|
|
|
|
|
|
|
|
RtlpQuerySecurityDescriptor(AbsSD,
|
|
|
|
|
&Owner,
|
|
|
|
|
&OwnerLength,
|
|
|
|
|
&Group,
|
|
|
|
|
&GroupLength,
|
|
|
|
|
&Dacl,
|
|
|
|
|
&DaclLength,
|
|
|
|
|
&Sacl,
|
|
|
|
|
&SaclLength);
|
|
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
TotalLength = sizeof(SECURITY_DESCRIPTOR_RELATIVE) + OwnerLength + GroupLength + SaclLength + DaclLength;
|
2004-05-31 19:33:59 +00:00
|
|
|
if (*BufferLength < TotalLength)
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_BUFFER_TOO_SMALL;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
RtlZeroMemory(RelSD,
|
|
|
|
|
TotalLength);
|
2005-02-12 11:47:03 +00:00
|
|
|
|
|
|
|
|
RelSD->Revision = AbsSD->Revision;
|
|
|
|
|
RelSD->Sbz1 = AbsSD->Sbz1;
|
|
|
|
|
RelSD->Control = AbsSD->Control | SE_SELF_RELATIVE;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
Current = (ULONG_PTR)(RelSD + 1);
|
2004-05-31 19:33:59 +00:00
|
|
|
|
|
|
|
|
if (SaclLength != 0)
|
|
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
RtlCopyMemory((PVOID)Current,
|
|
|
|
|
Sacl,
|
|
|
|
|
SaclLength);
|
|
|
|
|
RelSD->Sacl = (ULONG)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
|
2004-05-31 19:33:59 +00:00
|
|
|
Current += SaclLength;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (DaclLength != 0)
|
|
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
RtlCopyMemory((PVOID)Current,
|
|
|
|
|
Dacl,
|
|
|
|
|
DaclLength);
|
|
|
|
|
RelSD->Dacl = (ULONG)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
|
2004-05-31 19:33:59 +00:00
|
|
|
Current += DaclLength;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (OwnerLength != 0)
|
|
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
RtlCopyMemory((PVOID)Current,
|
|
|
|
|
Owner,
|
|
|
|
|
OwnerLength);
|
|
|
|
|
RelSD->Owner = (ULONG)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
|
2004-05-31 19:33:59 +00:00
|
|
|
Current += OwnerLength;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (GroupLength != 0)
|
|
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
RtlCopyMemory((PVOID)Current,
|
|
|
|
|
Group,
|
|
|
|
|
GroupLength);
|
|
|
|
|
RelSD->Group = (ULONG)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlAbsoluteToSelfRelativeSD(PISECURITY_DESCRIPTOR AbsSD,
|
|
|
|
|
PISECURITY_DESCRIPTOR RelSD,
|
2005-02-11 12:06:29 +00:00
|
|
|
PULONG BufferLength)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (AbsSD->Control & SE_SELF_RELATIVE)
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_BAD_DESCRIPTOR_FORMAT;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2005-09-05 18:06:20 +00:00
|
|
|
return RtlMakeSelfRelativeSD(AbsSD, (PISECURITY_DESCRIPTOR_RELATIVE)RelSD, BufferLength);
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlGetControlSecurityDescriptor(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2004-05-31 19:33:59 +00:00
|
|
|
PSECURITY_DESCRIPTOR_CONTROL Control,
|
|
|
|
|
PULONG Revision)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
*Revision = SecurityDescriptor->Revision;
|
|
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_UNKNOWN_REVISION;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*Control = SecurityDescriptor->Control;
|
|
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2005-02-11 12:06:29 +00:00
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlSetControlSecurityDescriptor(IN PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2005-02-11 12:06:29 +00:00
|
|
|
IN SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest,
|
|
|
|
|
IN SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-11 12:06:29 +00:00
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
|
|
|
|
{
|
|
|
|
|
return STATUS_UNKNOWN_REVISION;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Zero the 'bits of interest' */
|
|
|
|
|
SecurityDescriptor->Control &= ~ControlBitsOfInterest;
|
|
|
|
|
|
|
|
|
|
/* Set the 'bits to set' */
|
|
|
|
|
SecurityDescriptor->Control |= (ControlBitsToSet & ControlBitsOfInterest);
|
|
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlGetSaclSecurityDescriptor(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2004-05-31 19:33:59 +00:00
|
|
|
PBOOLEAN SaclPresent,
|
|
|
|
|
PACL *Sacl,
|
|
|
|
|
PBOOLEAN SaclDefaulted)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_UNKNOWN_REVISION;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (!(SecurityDescriptor->Control & SE_SACL_PRESENT))
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
*SaclPresent = FALSE;
|
|
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
*SaclPresent = TRUE;
|
|
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
Sacl,
|
|
|
|
|
NULL);
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
*SaclDefaulted = ((SecurityDescriptor->Control & SE_SACL_DEFAULTED) ? TRUE : FALSE);
|
2004-09-25 12:11:13 +00:00
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-11 12:06:29 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlSetSaclSecurityDescriptor(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2004-05-31 19:33:59 +00:00
|
|
|
BOOLEAN SaclPresent,
|
|
|
|
|
PACL Sacl,
|
|
|
|
|
BOOLEAN SaclDefaulted)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_UNKNOWN_REVISION;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_BAD_DESCRIPTOR_FORMAT;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (!SaclPresent)
|
|
|
|
|
{
|
|
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_PRESENT);
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_PRESENT;
|
|
|
|
|
SecurityDescriptor->Sacl = Sacl;
|
|
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_DEFAULTED);
|
2004-09-25 12:11:13 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (SaclDefaulted)
|
|
|
|
|
{
|
|
|
|
|
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_DEFAULTED;
|
|
|
|
|
}
|
|
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
return STATUS_SUCCESS;
|
|
|
|
|
}
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2005-02-11 12:06:29 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlSelfRelativeToAbsoluteSD(PISECURITY_DESCRIPTOR RelSD,
|
|
|
|
|
PISECURITY_DESCRIPTOR AbsSD,
|
2004-05-31 19:33:59 +00:00
|
|
|
PDWORD AbsSDSize,
|
|
|
|
|
PACL Dacl,
|
|
|
|
|
PDWORD DaclSize,
|
|
|
|
|
PACL Sacl,
|
|
|
|
|
PDWORD SaclSize,
|
|
|
|
|
PSID Owner,
|
|
|
|
|
PDWORD OwnerSize,
|
|
|
|
|
PSID Group,
|
|
|
|
|
PDWORD GroupSize)
|
|
|
|
|
{
|
|
|
|
|
ULONG OwnerLength;
|
|
|
|
|
ULONG GroupLength;
|
|
|
|
|
ULONG DaclLength;
|
|
|
|
|
ULONG SaclLength;
|
|
|
|
|
PSID pOwner;
|
|
|
|
|
PSID pGroup;
|
|
|
|
|
PACL pDacl;
|
|
|
|
|
PACL pSacl;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (RelSD->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
|
|
|
|
{
|
|
|
|
|
return STATUS_UNKNOWN_REVISION;
|
|
|
|
|
}
|
|
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (!(RelSD->Control & SE_SELF_RELATIVE))
|
2005-02-12 11:47:03 +00:00
|
|
|
{
|
2004-05-31 19:33:59 +00:00
|
|
|
return STATUS_BAD_DESCRIPTOR_FORMAT;
|
2005-02-12 11:47:03 +00:00
|
|
|
}
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2005-09-05 18:06:20 +00:00
|
|
|
RtlpQuerySecurityDescriptor (RelSD,
|
2004-05-31 19:33:59 +00:00
|
|
|
&pOwner,
|
|
|
|
|
&OwnerLength,
|
|
|
|
|
&pGroup,
|
|
|
|
|
&GroupLength,
|
|
|
|
|
&pDacl,
|
|
|
|
|
&DaclLength,
|
|
|
|
|
&pSacl,
|
|
|
|
|
&SaclLength);
|
|
|
|
|
|
|
|
|
|
if (OwnerLength > *OwnerSize ||
|
2004-09-25 12:11:13 +00:00
|
|
|
GroupLength > *GroupSize ||
|
|
|
|
|
DaclLength > *DaclSize ||
|
|
|
|
|
SaclLength > *SaclSize)
|
2005-02-12 11:47:03 +00:00
|
|
|
{
|
2004-05-31 19:33:59 +00:00
|
|
|
return STATUS_BUFFER_TOO_SMALL;
|
2005-02-12 11:47:03 +00:00
|
|
|
}
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
RtlCopyMemory (Owner, pOwner, OwnerLength);
|
|
|
|
|
RtlCopyMemory (Group, pGroup, GroupLength);
|
|
|
|
|
RtlCopyMemory (Dacl, pDacl, DaclLength);
|
|
|
|
|
RtlCopyMemory (Sacl, pSacl, SaclLength);
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
AbsSD->Revision = RelSD->Revision;
|
|
|
|
|
AbsSD->Sbz1 = RelSD->Sbz1;
|
|
|
|
|
AbsSD->Control = RelSD->Control & ~SE_SELF_RELATIVE;
|
2004-05-31 19:33:59 +00:00
|
|
|
AbsSD->Owner = Owner;
|
|
|
|
|
AbsSD->Group = Group;
|
|
|
|
|
AbsSD->Dacl = Dacl;
|
|
|
|
|
AbsSD->Sacl = Sacl;
|
|
|
|
|
|
|
|
|
|
*OwnerSize = OwnerLength;
|
|
|
|
|
*GroupSize = GroupLength;
|
|
|
|
|
*DaclSize = DaclLength;
|
|
|
|
|
*SaclSize = SaclLength;
|
|
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
2005-02-11 12:06:29 +00:00
|
|
|
|
2004-08-05 18:17:37 +00:00
|
|
|
/*
|
2005-11-01 21:53:36 +00:00
|
|
|
* @implemented
|
2005-02-11 15:52:38 +00:00
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
2005-10-23 18:23:57 +00:00
|
|
|
RtlSelfRelativeToAbsoluteSD2(PISECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
|
2004-09-25 12:11:13 +00:00
|
|
|
PULONG BufferSize)
|
2004-08-05 18:17:37 +00:00
|
|
|
{
|
2005-11-01 21:53:36 +00:00
|
|
|
PISECURITY_DESCRIPTOR AbsSD = SelfRelativeSecurityDescriptor;
|
|
|
|
|
PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)SelfRelativeSecurityDescriptor;
|
|
|
|
|
#ifdef _WIN64
|
2005-11-01 22:36:00 +00:00
|
|
|
PVOID DataStart, DataEnd;
|
2005-11-01 21:53:36 +00:00
|
|
|
ULONG DataSize;
|
2005-11-01 22:36:00 +00:00
|
|
|
LONG MoveDelta;
|
2005-11-01 21:53:36 +00:00
|
|
|
ULONG OwnerLength;
|
|
|
|
|
ULONG GroupLength;
|
|
|
|
|
ULONG DaclLength;
|
|
|
|
|
ULONG SaclLength;
|
|
|
|
|
#endif
|
|
|
|
|
PSID pOwner;
|
|
|
|
|
PSID pGroup;
|
|
|
|
|
PACL pDacl;
|
|
|
|
|
PACL pSacl;
|
|
|
|
|
|
|
|
|
|
PAGED_CODE_RTL();
|
|
|
|
|
|
|
|
|
|
if (SelfRelativeSecurityDescriptor == NULL)
|
|
|
|
|
{
|
|
|
|
|
return STATUS_INVALID_PARAMETER_1;
|
|
|
|
|
}
|
|
|
|
|
if (BufferSize == NULL)
|
|
|
|
|
{
|
|
|
|
|
return STATUS_INVALID_PARAMETER_2;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (RelSD->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
|
|
|
|
{
|
|
|
|
|
return STATUS_UNKNOWN_REVISION;
|
|
|
|
|
}
|
|
|
|
|
if (!(RelSD->Control & SE_SELF_RELATIVE))
|
|
|
|
|
{
|
|
|
|
|
return STATUS_BAD_DESCRIPTOR_FORMAT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ASSERT(FIELD_OFFSET(SECURITY_DESCRIPTOR, Owner) ==
|
|
|
|
|
FIELD_OFFSET(SECURITY_DESCRIPTOR_RELATIVE, Owner));
|
|
|
|
|
|
|
|
|
|
#ifdef _WIN64
|
|
|
|
|
|
|
|
|
|
RtlpQuerySecurityDescriptor(SelfRelativeSecurityDescriptor,
|
|
|
|
|
&pOwner,
|
|
|
|
|
&OwnerLength,
|
|
|
|
|
&pGroup,
|
|
|
|
|
&GroupLength,
|
|
|
|
|
&pDacl,
|
|
|
|
|
&DaclLength,
|
|
|
|
|
&pSacl,
|
|
|
|
|
&SaclLength);
|
|
|
|
|
|
|
|
|
|
ASSERT(sizeof(SECURITY_DESCRIPTOR) > sizeof(SECURITY_DESCRIPTOR_RELATIVE));
|
|
|
|
|
|
2005-11-01 22:36:00 +00:00
|
|
|
/* calculate the start and end of the data area, we simply just move the
|
|
|
|
|
data by the difference between the size of the relative and absolute
|
|
|
|
|
security descriptor structure */
|
|
|
|
|
DataStart = pOwner;
|
|
|
|
|
DataEnd = (PVOID)((ULONG_PTR)pOwner + OwnerLength);
|
|
|
|
|
if (pGroup != NULL)
|
|
|
|
|
{
|
|
|
|
|
if (((ULONG_PTR)pGroup < (ULONG_PTR)DataStart) || DataStart == NULL)
|
|
|
|
|
DataStart = pGroup;
|
|
|
|
|
if (((ULONG_PTR)pGroup + GroupLength > (ULONG_PTR)DataEnd) || DataEnd == NULL)
|
|
|
|
|
DataEnd = (PVOID)((ULONG_PTR)pGroup + GroupLength);
|
|
|
|
|
}
|
|
|
|
|
if (pDacl != NULL)
|
|
|
|
|
{
|
|
|
|
|
if (((ULONG_PTR)pDacl < (ULONG_PTR)DataStart) || DataStart == NULL)
|
|
|
|
|
DataStart = pDacl;
|
|
|
|
|
if (((ULONG_PTR)pDacl + DaclLength > (ULONG_PTR)DataEnd) || DataEnd == NULL)
|
|
|
|
|
DataEnd = (PVOID)((ULONG_PTR)pDacl + DaclLength);
|
|
|
|
|
}
|
|
|
|
|
if (pSacl != NULL)
|
|
|
|
|
{
|
|
|
|
|
if (((ULONG_PTR)pSacl < (ULONG_PTR)DataStart) || DataStart == NULL)
|
|
|
|
|
DataStart = pSacl;
|
|
|
|
|
if (((ULONG_PTR)pSacl + DaclLength > (ULONG_PTR)DataEnd) || DataEnd == NULL)
|
|
|
|
|
DataEnd = (PVOID)((ULONG_PTR)pSacl + SaclLength);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ASSERT((ULONG_PTR)DataEnd >= (ULONG_PTR)DataStart);
|
|
|
|
|
|
|
|
|
|
DataSize = (ULONG)((ULONG_PTR)DataEnd >= (ULONG_PTR)DataStart);
|
|
|
|
|
|
2005-11-01 21:53:36 +00:00
|
|
|
if (*BufferSize < sizeof(SECURITY_DESCRIPTOR) + DataSize)
|
|
|
|
|
{
|
|
|
|
|
*BufferSize = sizeof(SECURITY_DESCRIPTOR) + DataSize;
|
|
|
|
|
return STATUS_BUFFER_TOO_SMALL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (DataSize != 0)
|
|
|
|
|
{
|
|
|
|
|
/* if DataSize != 0 ther must be at least one SID or ACL in the security
|
|
|
|
|
descriptor! Also the data area must be located somewhere after the
|
|
|
|
|
end of the SECURITY_DESCRIPTOR_RELATIVE structure */
|
|
|
|
|
ASSERT(DataStart != NULL);
|
|
|
|
|
ASSERT((ULONG_PTR)DataStart >= (ULONG_PTR)(RelSD + 1));
|
|
|
|
|
|
|
|
|
|
/* it's time to move the data */
|
|
|
|
|
RtlMoveMemory((PVOID)(AbsSD + 1),
|
|
|
|
|
DataStart,
|
|
|
|
|
DataSize);
|
|
|
|
|
|
2005-11-01 22:36:00 +00:00
|
|
|
MoveDelta = (LONG)((LONG_PTR)(AbsSD + 1) - (LONG_PTR)DataStart);
|
|
|
|
|
|
2005-11-01 21:53:36 +00:00
|
|
|
/* adjust the pointers if neccessary */
|
|
|
|
|
if (pOwner != NULL)
|
2005-11-01 22:36:00 +00:00
|
|
|
AbsSD->Owner = (PSID)((LONG_PTR)pOwner + MoveDelta);
|
2005-11-01 21:53:36 +00:00
|
|
|
else
|
|
|
|
|
AbsSD->Owner = NULL;
|
|
|
|
|
|
|
|
|
|
if (pGroup != NULL)
|
2005-11-01 22:36:00 +00:00
|
|
|
AbsSD->Group = (PSID)((LONG_PTR)pGroup + MoveDelta);
|
2005-11-01 21:53:36 +00:00
|
|
|
else
|
|
|
|
|
AbsSD->Group = NULL;
|
|
|
|
|
|
|
|
|
|
if (pSacl != NULL)
|
2005-11-01 22:36:00 +00:00
|
|
|
AbsSD->Sacl = (PACL)((LONG_PTR)pSacl + MoveDelta);
|
2005-11-01 21:53:36 +00:00
|
|
|
else
|
|
|
|
|
AbsSD->Sacl = NULL;
|
|
|
|
|
|
|
|
|
|
if (pDacl != NULL)
|
2005-11-01 22:36:00 +00:00
|
|
|
AbsSD->Dacl = (PACL)((LONG_PTR)pDacl + MoveDelta);
|
2005-11-01 21:53:36 +00:00
|
|
|
else
|
|
|
|
|
AbsSD->Dacl = NULL;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* all pointers must be NULL! */
|
|
|
|
|
ASSERT(pOwner == NULL);
|
|
|
|
|
ASSERT(pGroup == NULL);
|
|
|
|
|
ASSERT(pSacl == NULL);
|
|
|
|
|
ASSERT(pDacl == NULL);
|
|
|
|
|
|
|
|
|
|
AbsSD->Owner = NULL;
|
|
|
|
|
AbsSD->Group = NULL;
|
|
|
|
|
AbsSD->Sacl = NULL;
|
2005-11-01 22:39:14 +00:00
|
|
|
AbsSD->Dacl = NULL;
|
2005-11-01 21:53:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* clear the self-relative flag */
|
|
|
|
|
AbsSD->Control &= ~SE_SELF_RELATIVE;
|
|
|
|
|
|
|
|
|
|
#else
|
|
|
|
|
|
|
|
|
|
RtlpQuerySecurityDescriptorPointers(SelfRelativeSecurityDescriptor,
|
|
|
|
|
&pOwner,
|
|
|
|
|
&pGroup,
|
|
|
|
|
&pSacl,
|
|
|
|
|
&pDacl);
|
|
|
|
|
|
|
|
|
|
ASSERT(sizeof(SECURITY_DESCRIPTOR) == sizeof(SECURITY_DESCRIPTOR_RELATIVE));
|
|
|
|
|
|
|
|
|
|
/* clear the self-relative flag and simply convert the offsets to pointers */
|
|
|
|
|
AbsSD->Control &= ~SE_SELF_RELATIVE;
|
|
|
|
|
AbsSD->Owner = pOwner;
|
|
|
|
|
AbsSD->Group = pGroup;
|
2005-11-01 22:39:14 +00:00
|
|
|
AbsSD->Sacl = pSacl;
|
|
|
|
|
AbsSD->Dacl = pDacl;
|
2005-11-01 21:53:36 +00:00
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
2004-08-05 18:17:37 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-11 12:06:29 +00:00
|
|
|
|
2004-08-05 18:17:37 +00:00
|
|
|
/*
|
2005-02-11 12:06:29 +00:00
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
BOOLEAN NTAPI
|
|
|
|
|
RtlValidRelativeSecurityDescriptor(IN PISECURITY_DESCRIPTOR SecurityDescriptorInput,
|
2004-09-25 12:11:13 +00:00
|
|
|
IN ULONG SecurityDescriptorLength,
|
|
|
|
|
IN SECURITY_INFORMATION RequiredInformation)
|
2004-08-05 18:17:37 +00:00
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (SecurityDescriptorLength < sizeof(SECURITY_DESCRIPTOR_RELATIVE) ||
|
2004-09-25 12:11:13 +00:00
|
|
|
SecurityDescriptorInput->Revision != SECURITY_DESCRIPTOR_REVISION1 ||
|
2004-09-22 20:16:02 +00:00
|
|
|
!(SecurityDescriptorInput->Control & SE_SELF_RELATIVE))
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return FALSE;
|
2004-09-22 20:16:02 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (SecurityDescriptorInput->Owner != 0)
|
2004-09-22 20:16:02 +00:00
|
|
|
{
|
|
|
|
|
PSID Owner = (PSID)((ULONG_PTR)SecurityDescriptorInput->Owner + (ULONG_PTR)SecurityDescriptorInput);
|
|
|
|
|
if (!RtlValidSid(Owner))
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return FALSE;
|
2004-09-22 20:16:02 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (RequiredInformation & OWNER_SECURITY_INFORMATION)
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return FALSE;
|
2004-09-22 20:16:02 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-12 11:47:03 +00:00
|
|
|
if (SecurityDescriptorInput->Group != 0)
|
2004-09-22 20:16:02 +00:00
|
|
|
{
|
|
|
|
|
PSID Group = (PSID)((ULONG_PTR)SecurityDescriptorInput->Group + (ULONG_PTR)SecurityDescriptorInput);
|
|
|
|
|
if (!RtlValidSid(Group))
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return FALSE;
|
2004-09-22 20:16:02 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (RequiredInformation & GROUP_SECURITY_INFORMATION)
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return FALSE;
|
2004-09-22 20:16:02 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (SecurityDescriptorInput->Control & SE_DACL_PRESENT)
|
|
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
if (SecurityDescriptorInput->Dacl != 0 &&
|
2004-09-22 20:16:02 +00:00
|
|
|
!RtlValidAcl((PACL)((ULONG_PTR)SecurityDescriptorInput->Dacl + (ULONG_PTR)SecurityDescriptorInput)))
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return FALSE;
|
2004-09-22 20:16:02 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (RequiredInformation & DACL_SECURITY_INFORMATION)
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return FALSE;
|
2004-09-22 20:16:02 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (SecurityDescriptorInput->Control & SE_SACL_PRESENT)
|
|
|
|
|
{
|
2005-02-12 11:47:03 +00:00
|
|
|
if (SecurityDescriptorInput->Sacl != 0 &&
|
2004-09-22 20:16:02 +00:00
|
|
|
!RtlValidAcl((PACL)((ULONG_PTR)SecurityDescriptorInput->Sacl + (ULONG_PTR)SecurityDescriptorInput)))
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return FALSE;
|
2004-09-22 20:16:02 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (RequiredInformation & SACL_SECURITY_INFORMATION)
|
|
|
|
|
{
|
2004-09-25 12:11:13 +00:00
|
|
|
return FALSE;
|
2004-09-22 20:16:02 +00:00
|
|
|
}
|
|
|
|
|
|
2004-09-25 12:11:13 +00:00
|
|
|
return TRUE;
|
2004-08-05 18:17:37 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-11 15:52:38 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
BOOLEAN NTAPI
|
|
|
|
|
RtlGetSecurityDescriptorRMControl(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2005-02-11 15:52:38 +00:00
|
|
|
PUCHAR RMControl)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-11 15:52:38 +00:00
|
|
|
if (!(SecurityDescriptor->Control & SE_RM_CONTROL_VALID))
|
|
|
|
|
{
|
|
|
|
|
*RMControl = 0;
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*RMControl = SecurityDescriptor->Sbz1;
|
|
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
VOID NTAPI
|
|
|
|
|
RtlSetSecurityDescriptorRMControl(PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2005-02-11 15:52:38 +00:00
|
|
|
PUCHAR RMControl)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-11 15:52:38 +00:00
|
|
|
if (RMControl == NULL)
|
|
|
|
|
{
|
|
|
|
|
SecurityDescriptor->Control &= ~SE_RM_CONTROL_VALID;
|
|
|
|
|
SecurityDescriptor->Sbz1 = 0;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
SecurityDescriptor->Control |= SE_RM_CONTROL_VALID;
|
|
|
|
|
SecurityDescriptor->Sbz1 = *RMControl;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2005-02-14 14:36:03 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @implemented
|
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
|
|
|
|
RtlSetAttributesSecurityDescriptor(IN PISECURITY_DESCRIPTOR SecurityDescriptor,
|
2005-02-14 14:36:03 +00:00
|
|
|
IN SECURITY_DESCRIPTOR_CONTROL Control,
|
|
|
|
|
OUT PULONG Revision)
|
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-14 14:36:03 +00:00
|
|
|
*Revision = SecurityDescriptor->Revision;
|
|
|
|
|
|
|
|
|
|
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
|
|
|
|
|
return STATUS_UNKNOWN_REVISION;
|
|
|
|
|
|
|
|
|
|
Control &=
|
|
|
|
|
~(SE_OWNER_DEFAULTED | SE_GROUP_DEFAULTED | SE_DACL_PRESENT |
|
|
|
|
|
SE_DACL_DEFAULTED | SE_SACL_PRESENT | SE_SACL_DEFAULTED |
|
|
|
|
|
SE_RM_CONTROL_VALID | SE_SELF_RELATIVE);
|
|
|
|
|
|
|
|
|
|
return RtlSetControlSecurityDescriptor(SecurityDescriptor,
|
|
|
|
|
Control,
|
|
|
|
|
Control);
|
|
|
|
|
}
|
|
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
/* EOF */
|
