2005-09-08 00:09:32 +00:00
|
|
|
/*
|
2004-05-31 19:33:59 +00:00
|
|
|
* COPYRIGHT: See COPYING in the top level directory
|
2005-09-08 00:09:32 +00:00
|
|
|
* PROJECT: ReactOS system libraries
|
2004-05-31 19:33:59 +00:00
|
|
|
* PURPOSE: Security manager
|
|
|
|
* FILE: lib/rtl/sid.c
|
|
|
|
* PROGRAMER: David Welch <welch@cwcom.net>
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* INCLUDES *****************************************************************/
|
2005-09-08 00:09:32 +00:00
|
|
|
|
2005-07-26 08:39:07 +00:00
|
|
|
#include <rtl.h>
|
2004-05-31 19:33:59 +00:00
|
|
|
|
|
|
|
#define NDEBUG
|
|
|
|
#include <debug.h>
|
|
|
|
|
2009-08-24 17:12:25 +00:00
|
|
|
#define TAG_SID 'diSp'
|
2005-07-20 23:35:59 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
/* FUNCTIONS ***************************************************************/
|
|
|
|
|
2005-10-19 17:03:38 +00:00
|
|
|
BOOLEAN NTAPI
|
2005-01-04 22:44:50 +00:00
|
|
|
RtlValidSid(IN PSID Sid_)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-01-04 22:44:50 +00:00
|
|
|
PISID Sid = Sid_;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-07-12 19:39:29 +00:00
|
|
|
if ((Sid->Revision != SID_REVISION) ||
|
|
|
|
(Sid->SubAuthorityCount > SID_MAX_SUB_AUTHORITIES))
|
2004-07-10 13:11:18 +00:00
|
|
|
{
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
return TRUE;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
ULONG NTAPI
|
2005-09-05 18:06:20 +00:00
|
|
|
RtlLengthRequiredSid(IN ULONG SubAuthorityCount)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2006-10-09 15:09:50 +00:00
|
|
|
return (ULONG)FIELD_OFFSET(SID,
|
|
|
|
SubAuthority[SubAuthorityCount]);
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
2005-01-04 22:44:50 +00:00
|
|
|
RtlInitializeSid(IN PSID Sid_,
|
2004-05-31 19:33:59 +00:00
|
|
|
IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
|
|
|
|
IN UCHAR SubAuthorityCount)
|
|
|
|
{
|
2005-01-04 22:44:50 +00:00
|
|
|
PISID Sid = Sid_;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-07-12 19:39:29 +00:00
|
|
|
Sid->Revision = SID_REVISION;
|
2004-07-10 13:11:18 +00:00
|
|
|
Sid->SubAuthorityCount = SubAuthorityCount;
|
|
|
|
memcpy(&Sid->IdentifierAuthority,
|
|
|
|
IdentifierAuthority,
|
|
|
|
sizeof(SID_IDENTIFIER_AUTHORITY));
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
PULONG NTAPI
|
2005-01-04 22:44:50 +00:00
|
|
|
RtlSubAuthoritySid(IN PSID Sid_,
|
2004-05-31 19:33:59 +00:00
|
|
|
IN ULONG SubAuthority)
|
|
|
|
{
|
2005-01-04 22:44:50 +00:00
|
|
|
PISID Sid = Sid_;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2007-07-28 21:30:16 +00:00
|
|
|
return (PULONG)&Sid->SubAuthority[SubAuthority];
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
PUCHAR NTAPI
|
2005-01-04 22:44:50 +00:00
|
|
|
RtlSubAuthorityCountSid(IN PSID Sid_)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-01-04 22:44:50 +00:00
|
|
|
PISID Sid = Sid_;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-07-10 13:11:18 +00:00
|
|
|
return &Sid->SubAuthorityCount;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
BOOLEAN NTAPI
|
2005-01-04 22:44:50 +00:00
|
|
|
RtlEqualSid(IN PSID Sid1_,
|
|
|
|
IN PSID Sid2_)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-01-04 22:44:50 +00:00
|
|
|
PISID Sid1 = Sid1_;
|
|
|
|
PISID Sid2 = Sid2_;
|
2005-09-23 14:15:30 +00:00
|
|
|
SIZE_T SidLen;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-09-23 14:15:30 +00:00
|
|
|
if (Sid1->Revision != Sid2->Revision ||
|
|
|
|
(*RtlSubAuthorityCountSid(Sid1)) != (*RtlSubAuthorityCountSid(Sid2)))
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
|
|
|
return(FALSE);
|
|
|
|
}
|
2007-10-19 23:21:45 +00:00
|
|
|
|
2005-09-23 14:15:30 +00:00
|
|
|
SidLen = RtlLengthSid(Sid1);
|
|
|
|
return RtlCompareMemory(Sid1, Sid2, SidLen) == SidLen;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
ULONG NTAPI
|
2005-01-04 22:44:50 +00:00
|
|
|
RtlLengthSid(IN PSID Sid_)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-01-04 22:44:50 +00:00
|
|
|
PISID Sid = Sid_;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2006-10-09 15:09:50 +00:00
|
|
|
return (ULONG)FIELD_OFFSET(SID,
|
|
|
|
SubAuthority[Sid->SubAuthorityCount]);
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
2004-05-31 19:33:59 +00:00
|
|
|
RtlCopySid(ULONG BufferLength,
|
|
|
|
PSID Dest,
|
|
|
|
PSID Src)
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-07-10 13:11:18 +00:00
|
|
|
if (BufferLength < RtlLengthSid(Src))
|
|
|
|
{
|
|
|
|
return STATUS_UNSUCCESSFUL;
|
|
|
|
}
|
|
|
|
|
|
|
|
memmove(Dest,
|
|
|
|
Src,
|
|
|
|
RtlLengthSid(Src));
|
|
|
|
|
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
2004-05-31 19:33:59 +00:00
|
|
|
RtlCopySidAndAttributesArray(ULONG Count,
|
|
|
|
PSID_AND_ATTRIBUTES Src,
|
|
|
|
ULONG SidAreaSize,
|
|
|
|
PSID_AND_ATTRIBUTES Dest,
|
|
|
|
PVOID SidArea,
|
|
|
|
PVOID* RemainingSidArea,
|
|
|
|
PULONG RemainingSidAreaSize)
|
|
|
|
{
|
|
|
|
ULONG SidLength;
|
|
|
|
ULONG Length;
|
|
|
|
ULONG i;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2004-05-31 19:33:59 +00:00
|
|
|
|
|
|
|
Length = SidAreaSize;
|
|
|
|
|
|
|
|
for (i=0; i<Count; i++)
|
|
|
|
{
|
|
|
|
if (RtlLengthSid(Src[i].Sid) > Length)
|
|
|
|
{
|
|
|
|
return(STATUS_BUFFER_TOO_SMALL);
|
|
|
|
}
|
|
|
|
SidLength = RtlLengthSid(Src[i].Sid);
|
|
|
|
Length = Length - SidLength;
|
|
|
|
Dest[i].Sid = SidArea;
|
|
|
|
Dest[i].Attributes = Src[i].Attributes;
|
|
|
|
RtlCopySid(SidLength,
|
|
|
|
SidArea,
|
|
|
|
Src[i].Sid);
|
2005-03-12 22:16:02 +00:00
|
|
|
SidArea = (PVOID)((ULONG_PTR)SidArea + SidLength);
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
*RemainingSidArea = SidArea;
|
|
|
|
*RemainingSidAreaSize = Length;
|
|
|
|
return(STATUS_SUCCESS);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
PSID_IDENTIFIER_AUTHORITY NTAPI
|
2005-01-04 22:44:50 +00:00
|
|
|
RtlIdentifierAuthoritySid(IN PSID Sid_)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-01-04 22:44:50 +00:00
|
|
|
PISID Sid = Sid_;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2004-07-10 13:11:18 +00:00
|
|
|
return &Sid->IdentifierAuthority;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
2004-07-10 13:11:18 +00:00
|
|
|
RtlAllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
|
|
|
|
UCHAR SubAuthorityCount,
|
|
|
|
ULONG SubAuthority0,
|
|
|
|
ULONG SubAuthority1,
|
|
|
|
ULONG SubAuthority2,
|
|
|
|
ULONG SubAuthority3,
|
|
|
|
ULONG SubAuthority4,
|
|
|
|
ULONG SubAuthority5,
|
|
|
|
ULONG SubAuthority6,
|
|
|
|
ULONG SubAuthority7,
|
|
|
|
PSID *Sid)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2005-01-04 22:44:50 +00:00
|
|
|
PISID pSid;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2004-07-10 13:11:18 +00:00
|
|
|
if (SubAuthorityCount > 8)
|
|
|
|
return STATUS_INVALID_SID;
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2004-07-10 13:11:18 +00:00
|
|
|
if (Sid == NULL)
|
|
|
|
return STATUS_INVALID_PARAMETER;
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2005-09-23 14:15:30 +00:00
|
|
|
pSid = RtlpAllocateMemory(RtlLengthRequiredSid(SubAuthorityCount),
|
2005-07-20 23:35:59 +00:00
|
|
|
TAG_SID);
|
2004-07-10 13:11:18 +00:00
|
|
|
if (pSid == NULL)
|
|
|
|
return STATUS_NO_MEMORY;
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2004-07-12 19:39:29 +00:00
|
|
|
pSid->Revision = SID_REVISION;
|
2004-07-10 13:11:18 +00:00
|
|
|
pSid->SubAuthorityCount = SubAuthorityCount;
|
|
|
|
memcpy(&pSid->IdentifierAuthority,
|
|
|
|
IdentifierAuthority,
|
|
|
|
sizeof(SID_IDENTIFIER_AUTHORITY));
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2004-07-10 13:11:18 +00:00
|
|
|
switch (SubAuthorityCount)
|
|
|
|
{
|
2004-05-31 19:33:59 +00:00
|
|
|
case 8:
|
|
|
|
pSid->SubAuthority[7] = SubAuthority7;
|
|
|
|
case 7:
|
|
|
|
pSid->SubAuthority[6] = SubAuthority6;
|
|
|
|
case 6:
|
|
|
|
pSid->SubAuthority[5] = SubAuthority5;
|
|
|
|
case 5:
|
|
|
|
pSid->SubAuthority[4] = SubAuthority4;
|
|
|
|
case 4:
|
|
|
|
pSid->SubAuthority[3] = SubAuthority3;
|
|
|
|
case 3:
|
|
|
|
pSid->SubAuthority[2] = SubAuthority2;
|
|
|
|
case 2:
|
|
|
|
pSid->SubAuthority[1] = SubAuthority1;
|
|
|
|
case 1:
|
|
|
|
pSid->SubAuthority[0] = SubAuthority0;
|
|
|
|
break;
|
2004-07-10 13:11:18 +00:00
|
|
|
}
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2004-07-10 13:11:18 +00:00
|
|
|
*Sid = pSid;
|
2004-05-31 19:33:59 +00:00
|
|
|
|
2004-07-10 13:11:18 +00:00
|
|
|
return STATUS_SUCCESS;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
2004-06-20 23:30:47 +00:00
|
|
|
*
|
|
|
|
* RETURNS
|
|
|
|
* Docs says FreeSid does NOT return a value
|
|
|
|
* even thou it's defined to return a PVOID...
|
2004-05-31 19:33:59 +00:00
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
PVOID NTAPI
|
2004-05-31 19:33:59 +00:00
|
|
|
RtlFreeSid(IN PSID Sid)
|
|
|
|
{
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-07-20 23:35:59 +00:00
|
|
|
RtlpFreeMemory(Sid, TAG_SID);
|
2004-06-20 23:30:47 +00:00
|
|
|
return NULL;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
BOOLEAN NTAPI
|
2005-01-04 22:44:50 +00:00
|
|
|
RtlEqualPrefixSid(IN PSID Sid1_,
|
|
|
|
IN PSID Sid2_)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
2007-01-27 14:06:01 +00:00
|
|
|
PISID Sid1 = Sid1_;
|
|
|
|
PISID Sid2 = Sid2_;
|
|
|
|
SIZE_T SidLen;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2007-01-27 14:06:01 +00:00
|
|
|
PAGED_CODE_RTL();
|
|
|
|
|
|
|
|
if (Sid1->SubAuthorityCount == Sid2->SubAuthorityCount)
|
|
|
|
{
|
|
|
|
SidLen = FIELD_OFFSET(SID,
|
|
|
|
SubAuthority[Sid1->SubAuthorityCount]);
|
|
|
|
return RtlCompareMemory(Sid1,
|
|
|
|
Sid2,
|
|
|
|
SidLen) == SidLen;
|
|
|
|
}
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2007-01-27 14:06:01 +00:00
|
|
|
return FALSE;
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @implemented
|
|
|
|
*/
|
2005-10-19 17:03:38 +00:00
|
|
|
NTSTATUS NTAPI
|
2004-05-31 19:33:59 +00:00
|
|
|
RtlConvertSidToUnicodeString(PUNICODE_STRING String,
|
2005-01-04 22:44:50 +00:00
|
|
|
PSID Sid_,
|
2004-05-31 19:33:59 +00:00
|
|
|
BOOLEAN AllocateBuffer)
|
|
|
|
{
|
|
|
|
WCHAR Buffer[256];
|
|
|
|
PWSTR wcs;
|
|
|
|
ULONG Length;
|
|
|
|
ULONG i;
|
2005-01-04 22:44:50 +00:00
|
|
|
PISID Sid = Sid_;
|
2005-05-09 01:41:02 +00:00
|
|
|
|
2005-02-22 17:58:19 +00:00
|
|
|
PAGED_CODE_RTL();
|
2004-05-31 19:33:59 +00:00
|
|
|
|
|
|
|
if (RtlValidSid (Sid) == FALSE)
|
|
|
|
return STATUS_INVALID_SID;
|
|
|
|
|
|
|
|
wcs = Buffer;
|
|
|
|
wcs += swprintf (wcs, L"S-%u-", Sid->Revision);
|
|
|
|
if (Sid->IdentifierAuthority.Value[0] == 0 &&
|
2005-09-23 14:15:30 +00:00
|
|
|
Sid->IdentifierAuthority.Value[1] == 0)
|
2004-05-31 19:33:59 +00:00
|
|
|
{
|
|
|
|
wcs += swprintf (wcs,
|
|
|
|
L"%lu",
|
|
|
|
(ULONG)Sid->IdentifierAuthority.Value[2] << 24 |
|
|
|
|
(ULONG)Sid->IdentifierAuthority.Value[3] << 16 |
|
|
|
|
(ULONG)Sid->IdentifierAuthority.Value[4] << 8 |
|
|
|
|
(ULONG)Sid->IdentifierAuthority.Value[5]);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
wcs += swprintf (wcs,
|
|
|
|
L"0x%02hx%02hx%02hx%02hx%02hx%02hx",
|
|
|
|
Sid->IdentifierAuthority.Value[0],
|
|
|
|
Sid->IdentifierAuthority.Value[1],
|
|
|
|
Sid->IdentifierAuthority.Value[2],
|
|
|
|
Sid->IdentifierAuthority.Value[3],
|
|
|
|
Sid->IdentifierAuthority.Value[4],
|
|
|
|
Sid->IdentifierAuthority.Value[5]);
|
|
|
|
}
|
|
|
|
|
|
|
|
for (i = 0; i < Sid->SubAuthorityCount; i++)
|
|
|
|
{
|
|
|
|
wcs += swprintf (wcs,
|
|
|
|
L"-%u",
|
|
|
|
Sid->SubAuthority[i]);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (AllocateBuffer)
|
|
|
|
{
|
2005-09-23 14:15:30 +00:00
|
|
|
if (!RtlCreateUnicodeString(String,
|
|
|
|
Buffer))
|
|
|
|
{
|
2004-05-31 19:33:59 +00:00
|
|
|
return STATUS_NO_MEMORY;
|
2005-09-23 14:15:30 +00:00
|
|
|
}
|
2004-05-31 19:33:59 +00:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2005-09-23 14:15:30 +00:00
|
|
|
Length = (wcs - Buffer) * sizeof(WCHAR);
|
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
if (Length > String->MaximumLength)
|
|
|
|
return STATUS_BUFFER_TOO_SMALL;
|
|
|
|
|
2005-09-23 14:15:30 +00:00
|
|
|
String->Length = Length;
|
|
|
|
RtlCopyMemory (String->Buffer,
|
|
|
|
Buffer,
|
|
|
|
Length);
|
|
|
|
if (Length < String->MaximumLength)
|
|
|
|
String->Buffer[Length / sizeof(WCHAR)] = 0;
|
|
|
|
}
|
2007-10-19 23:21:45 +00:00
|
|
|
|
2004-05-31 19:33:59 +00:00
|
|
|
return STATUS_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* EOF */
|