Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-06-29 01:12:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added missing Acl and SD functions from ntdll.

Browse source 
svn path=/trunk/; revision=4156
This commit is contained in:
Eric Kohl 2003-02-15 21:07:49 +00:00
parent da676ec715
commit 0c2028b391
3 changed files with 709 additions and 277 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

97
reactos/ntoskrnl/se/acl.c
View file

@ -1,4 +1,4 @@
/* $Id: acl.c,v 1.10 2002/10/25 21:48:00 chorns Exp $
/* $Id: acl.c,v 1.11 2003/02/15 21:05:15 ekohl Exp $
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
@ -134,41 +134,45 @@ BOOLEAN STDCALL
RtlFirstFreeAce(PACL Acl,
PACE* Ace)
{
PACE Current;
PVOID AclEnd;
ULONG i;
PACE Current;
PVOID AclEnd;
ULONG i;
Current = (PACE)(Acl + 1);
*Ace = NULL;
i = 0;
if (Acl->AceCount == 0)
{
*Ace = Current;
return(TRUE);
}
AclEnd = Acl->AclSize + Acl;
do
{
if ((PVOID)Current >= AclEnd)
{
return(FALSE);
}
if (Current->Header.AceType == 4)
{
if (Acl->AclRevision < 3)
{
return(FALSE);
}
}
Current = (PACE)((PVOID)Current + (ULONG)Current->Header.AceSize);
i++;
} while (i < Acl->AceCount);
if ((PVOID)Current >= AclEnd)
{
return(FALSE);
}
*Ace = Current;
return(TRUE);
Current = (PACE)(Acl + 1);
*Ace = NULL;
i = 0;
if (Acl->AceCount == 0)
{
*Ace = Current;
return(TRUE);
}
AclEnd = Acl->AclSize + (PVOID)Acl;
do
{
if ((PVOID)Current >= AclEnd)
{
return(FALSE);
}
if (Current->Header.AceType == 4)
{
if (Acl->AclRevision < 3)
{
return(FALSE);
}
}
Current = (PACE)((PVOID)Current + (ULONG)Current->Header.AceSize);
i++;
}
while (i < Acl->AceCount);
if ((PVOID)Current < AclEnd)
{
*Ace = Current;
}
return(TRUE);
}
@ -322,4 +326,27 @@ RtlCreateAcl(PACL Acl,
return(STATUS_SUCCESS);
}
BOOLEAN STDCALL
RtlValidAcl(PACL Acl)
{
PACE Ace;
USHORT Size;
Size = (Acl->AclSize + 3) & ~3;
if (Acl->AclRevision != 2 &&
Acl->AclRevision != 3)
{
return(FALSE);
}
if (Size != Acl->AclSize)
{
return(FALSE);
}
return(RtlFirstFreeAce(Acl, &Ace));
}
/* EOF */

832
reactos/ntoskrnl/se/sd.c
View file

@ -1,4 +1,4 @@
/* $Id: sd.c,v 1.8 2002/09/08 10:23:43 chorns Exp $
/* $Id: sd.c,v 1.9 2003/02/15 21:07:49 ekohl Exp $
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
@ -16,12 +16,98 @@
#include <internal/debug.h>
/* GLOBALS ******************************************************************/
PSECURITY_DESCRIPTOR SePublicDefaultSd = NULL;
PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd = NULL;
PSECURITY_DESCRIPTOR SePublicOpenSd = NULL;
PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd = NULL;
PSECURITY_DESCRIPTOR SeSystemDefaultSd = NULL;
PSECURITY_DESCRIPTOR SeUnrestrictedSd = NULL;
/* FUNCTIONS ***************************************************************/
BOOLEAN
SepInitSDs(VOID)
{
/* Create PublicDefaultSd */
SePublicDefaultSd = ExAllocatePool(NonPagedPool,
sizeof(SECURITY_DESCRIPTOR));
if (SePublicDefaultSd == NULL)
return(FALSE);
RtlCreateSecurityDescriptor(SePublicDefaultSd,
SECURITY_DESCRIPTOR_REVISION);
RtlSetDaclSecurityDescriptor(SePublicDefaultSd,
TRUE,
SePublicDefaultDacl,
FALSE);
/* Create PublicDefaultUnrestrictedSd */
SePublicDefaultUnrestrictedSd = ExAllocatePool(NonPagedPool,
sizeof(SECURITY_DESCRIPTOR));
if (SePublicDefaultUnrestrictedSd == NULL)
return(FALSE);
RtlCreateSecurityDescriptor(SePublicDefaultUnrestrictedSd,
SECURITY_DESCRIPTOR_REVISION);
RtlSetDaclSecurityDescriptor(SePublicDefaultUnrestrictedSd,
TRUE,
SePublicDefaultUnrestrictedDacl,
FALSE);
/* Create PublicOpenSd */
SePublicOpenSd = ExAllocatePool(NonPagedPool,
sizeof(SECURITY_DESCRIPTOR));
if (SePublicOpenSd == NULL)
return(FALSE);
RtlCreateSecurityDescriptor(SePublicOpenSd,
SECURITY_DESCRIPTOR_REVISION);
RtlSetDaclSecurityDescriptor(SePublicOpenSd,
TRUE,
SePublicOpenDacl,
FALSE);
/* Create PublicOpenUnrestrictedSd */
SePublicOpenUnrestrictedSd = ExAllocatePool(NonPagedPool,
sizeof(SECURITY_DESCRIPTOR));
if (SePublicOpenUnrestrictedSd == NULL)
return(FALSE);
RtlCreateSecurityDescriptor(SePublicOpenUnrestrictedSd,
SECURITY_DESCRIPTOR_REVISION);
RtlSetDaclSecurityDescriptor(SePublicOpenUnrestrictedSd,
TRUE,
SePublicOpenUnrestrictedDacl,
FALSE);
/* Create SystemDefaultSd */
SeSystemDefaultSd = ExAllocatePool(NonPagedPool,
sizeof(SECURITY_DESCRIPTOR));
if (SeSystemDefaultSd == NULL)
return(FALSE);
RtlCreateSecurityDescriptor(SeSystemDefaultSd,
SECURITY_DESCRIPTOR_REVISION);
RtlSetDaclSecurityDescriptor(SeSystemDefaultSd,
TRUE,
SeSystemDefaultDacl,
FALSE);
/* Create UnrestrictedSd */
SeUnrestrictedSd = ExAllocatePool(NonPagedPool,
sizeof(SECURITY_DESCRIPTOR));
if (SeUnrestrictedSd == NULL)
return(FALSE);
RtlCreateSecurityDescriptor(SeUnrestrictedSd,
SECURITY_DESCRIPTOR_REVISION);
RtlSetDaclSecurityDescriptor(SeUnrestrictedSd,
TRUE,
SeUnrestrictedDacl,
FALSE);
return(TRUE);
}
@ -30,10 +116,10 @@ NTSTATUS STDCALL
RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
ULONG Revision)
{
if (Revision != 1)
if (Revision != SECURITY_DESCRIPTOR_REVISION)
return(STATUS_UNSUCCESSFUL);
SecurityDescriptor->Revision = 1;
SecurityDescriptor->Revision = SECURITY_DESCRIPTOR_REVISION;
SecurityDescriptor->Sbz1 = 0;
SecurityDescriptor->Control = 0;
SecurityDescriptor->Owner = NULL;
@ -44,59 +130,64 @@ RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
return(STATUS_SUCCESS);
}
ULONG STDCALL
RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
{
PSID Owner;
PSID Group;
ULONG Length;
PACL Dacl;
PACL Sacl;
Length = sizeof(SECURITY_DESCRIPTOR);
if (SecurityDescriptor->Owner != NULL)
{
Owner = SecurityDescriptor->Owner;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Owner = (PSID)((ULONG)Owner +
(ULONG)SecurityDescriptor);
}
Length = Length + ((sizeof(SID) + (Owner->SubAuthorityCount - 1) *
sizeof(ULONG) + 3) & 0xfc);
}
if (SecurityDescriptor->Group != NULL)
{
Group = SecurityDescriptor->Group;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Group = (PSID)((ULONG)Group + (ULONG)SecurityDescriptor);
}
Length = Length + ((sizeof(SID) + (Group->SubAuthorityCount - 1) *
sizeof(ULONG) + 3) & 0xfc);
}
if (SecurityDescriptor->Control & SE_DACL_PRESENT &&
SecurityDescriptor->Dacl != NULL)
{
Dacl = SecurityDescriptor->Dacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Dacl = (PACL)((ULONG)Dacl + (PVOID)SecurityDescriptor);
}
Length = Length + ((Dacl->AclSize + 3) & 0xfc);
}
if (SecurityDescriptor->Control & SE_SACL_PRESENT &&
SecurityDescriptor->Sacl != NULL)
{
Sacl = SecurityDescriptor->Sacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Sacl = (PACL)((ULONG)Sacl + (PVOID)SecurityDescriptor);
}
Length = Length + ((Sacl->AclSize + 3) & 0xfc);
}
return(Length);
PSID Owner;
PSID Group;
ULONG Length;
PACL Dacl;
PACL Sacl;
Length = sizeof(SECURITY_DESCRIPTOR);
if (SecurityDescriptor->Owner != NULL)
{
Owner = SecurityDescriptor->Owner;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Owner = (PSID)((ULONG)Owner +
(ULONG)SecurityDescriptor);
}
Length = Length + ((sizeof(SID) + (Owner->SubAuthorityCount - 1) *
sizeof(ULONG) + 3) & 0xfc);
}
if (SecurityDescriptor->Group != NULL)
{
Group = SecurityDescriptor->Group;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Group = (PSID)((ULONG)Group + (ULONG)SecurityDescriptor);
}
Length = Length + ((sizeof(SID) + (Group->SubAuthorityCount - 1) *
sizeof(ULONG) + 3) & 0xfc);
}
if (SecurityDescriptor->Control & SE_DACL_PRESENT &&
SecurityDescriptor->Dacl != NULL)
{
Dacl = SecurityDescriptor->Dacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Dacl = (PACL)((ULONG)Dacl + (PVOID)SecurityDescriptor);
}
Length = Length + ((Dacl->AclSize + 3) & 0xfc);
}
if (SecurityDescriptor->Control & SE_SACL_PRESENT &&
SecurityDescriptor->Sacl != NULL)
{
Sacl = SecurityDescriptor->Sacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Sacl = (PACL)((ULONG)Sacl + (PVOID)SecurityDescriptor);
}
Length = Length + ((Sacl->AclSize + 3) & 0xfc);
}
return(Length);
}
@ -106,41 +197,45 @@ RtlGetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
PACL* Dacl,
PBOOLEAN DaclDefaulted)
{
if (SecurityDescriptor->Revision != 1)
{
return(STATUS_UNSUCCESSFUL);
}
if (!(SecurityDescriptor->Control & SE_DACL_PRESENT))
{
*DaclPresent = 0;
return(STATUS_SUCCESS);
}
*DaclPresent = 1;
if (SecurityDescriptor->Dacl == NULL)
{
*Dacl = NULL;
}
else
{
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
*Dacl = (PACL)((ULONG)SecurityDescriptor->Dacl +
(PVOID)SecurityDescriptor);
}
else
{
*Dacl = SecurityDescriptor->Dacl;
}
}
if (SecurityDescriptor->Control & SE_DACL_DEFAULTED)
{
*DaclDefaulted = 1;
}
else
{
*DaclDefaulted = 0;
}
return(STATUS_SUCCESS);
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
{
return(STATUS_UNSUCCESSFUL);
}
if (!(SecurityDescriptor->Control & SE_DACL_PRESENT))
{
*DaclPresent = FALSE;
return(STATUS_SUCCESS);
}
*DaclPresent = TRUE;
if (SecurityDescriptor->Dacl == NULL)
{
*Dacl = NULL;
}
else
{
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
*Dacl = (PACL)((ULONG)SecurityDescriptor->Dacl +
(PVOID)SecurityDescriptor);
}
else
{
*Dacl = SecurityDescriptor->Dacl;
}
}
if (SecurityDescriptor->Control & SE_DACL_DEFAULTED)
{
*DaclDefaulted = TRUE;
}
else
{
*DaclDefaulted = FALSE;
}
return(STATUS_SUCCESS);
}
@ -150,34 +245,101 @@ RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
PACL Dacl,
BOOLEAN DaclDefaulted)
{
if (SecurityDescriptor->Revision != 1)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
return(STATUS_UNSUCCESSFUL);
}
if (!DaclPresent)
{
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_DACL_PRESENT);
return(STATUS_SUCCESS);
}
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_DACL_PRESENT;
SecurityDescriptor->Dacl = Dacl;
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_DACL_DEFAULTED);
if (DaclDefaulted)
{
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_DACL_DEFAULTED;
}
return(STATUS_SUCCESS);
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
return(STATUS_UNSUCCESSFUL);
}
if (!DaclPresent)
{
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_DACL_PRESENT);
return(STATUS_SUCCESS);
}
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_DACL_PRESENT;
SecurityDescriptor->Dacl = Dacl;
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_DACL_DEFAULTED);
if (DaclDefaulted)
{
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_DACL_DEFAULTED;
}
return(STATUS_SUCCESS);
}
BOOLEAN STDCALL
RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
{
UNIMPLEMENTED;
PSID Owner;
PSID Group;
PACL Sacl;
PACL Dacl;
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
{
return(FALSE);
}
Owner = SecurityDescriptor->Owner;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Owner = (PSID)((ULONG)Owner + (ULONG)SecurityDescriptor);
}
if (!RtlValidSid(Owner))
{
return(FALSE);
}
Group = SecurityDescriptor->Group;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Group = (PSID)((ULONG)Group + (ULONG)SecurityDescriptor);
}
if (!RtlValidSid(Group))
{
return(FALSE);
}
if (SecurityDescriptor->Control & SE_DACL_PRESENT &&
SecurityDescriptor->Dacl != NULL)
{
Dacl = SecurityDescriptor->Dacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Dacl = (PACL)((ULONG)Dacl + (ULONG)SecurityDescriptor);
}
if (!RtlValidAcl(Dacl))
{
return(FALSE);
}
}
if (SecurityDescriptor->Control & SE_SACL_PRESENT &&
SecurityDescriptor->Sacl != NULL)
{
Sacl = SecurityDescriptor->Sacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Sacl = (PACL)((ULONG)Sacl + (ULONG)SecurityDescriptor);
}
if (!RtlValidAcl(Sacl))
{
return(FALSE);
}
}
return(TRUE);
}
@ -186,21 +348,25 @@ RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
PSID Owner,
BOOLEAN OwnerDefaulted)
{
if (SecurityDescriptor->Revision != 1)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
return(STATUS_UNSUCCESSFUL);
}
SecurityDescriptor->Owner = Owner;
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_OWNER_DEFAULTED);
if (OwnerDefaulted)
{
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_OWNER_DEFAULTED;
}
return(STATUS_SUCCESS);
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
return(STATUS_UNSUCCESSFUL);
}
SecurityDescriptor->Owner = Owner;
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_OWNER_DEFAULTED);
if (OwnerDefaulted)
{
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_OWNER_DEFAULTED;
}
return(STATUS_SUCCESS);
}
@ -209,12 +375,13 @@ RtlGetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
PSID* Owner,
PBOOLEAN OwnerDefaulted)
{
if (SecurityDescriptor->Revision != 1)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Owner != NULL)
{
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Owner != NULL)
{
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
*Owner = (PSID)((ULONG)SecurityDescriptor->Owner +
@ -224,11 +391,11 @@ RtlGetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
{
*Owner = SecurityDescriptor->Owner;
}
}
else
{
}
else
{
*Owner = NULL;
}
}
if (SecurityDescriptor->Control & SE_OWNER_DEFAULTED)
{
*OwnerDefaulted = 1;
@ -246,21 +413,25 @@ RtlSetGroupSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
PSID Group,
BOOLEAN GroupDefaulted)
{
if (SecurityDescriptor->Revision != 1)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
return(STATUS_UNSUCCESSFUL);
}
SecurityDescriptor->Group = Group;
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_GROUP_DEFAULTED);
if (GroupDefaulted)
{
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_GROUP_DEFAULTED;
}
return(STATUS_SUCCESS);
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
return(STATUS_UNSUCCESSFUL);
}
SecurityDescriptor->Group = Group;
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_GROUP_DEFAULTED);
if (GroupDefaulted)
{
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_GROUP_DEFAULTED;
}
return(STATUS_SUCCESS);
}
@ -269,35 +440,38 @@ RtlGetGroupSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
PSID* Group,
PBOOLEAN GroupDefaulted)
{
if (SecurityDescriptor->Revision != 1)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Group != NULL)
{
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
*Group = (PSID)((ULONG)SecurityDescriptor->Group +
(PVOID)SecurityDescriptor);
}
else
{
*Group = SecurityDescriptor->Group;
}
}
else
{
*Group = NULL;
}
if (SecurityDescriptor->Control & SE_GROUP_DEFAULTED)
{
*GroupDefaulted = 1;
}
else
{
*GroupDefaulted = 0;
}
return(STATUS_SUCCESS);
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Group != NULL)
{
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
*Group = (PSID)((ULONG)SecurityDescriptor->Group +
(PVOID)SecurityDescriptor);
}
else
{
*Group = SecurityDescriptor->Group;
}
}
else
{
*Group = NULL;
}
if (SecurityDescriptor->Control & SE_GROUP_DEFAULTED)
{
*GroupDefaulted = TRUE;
}
else
{
*GroupDefaulted = FALSE;
}
return(STATUS_SUCCESS);
}
@ -307,41 +481,45 @@ RtlGetSaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
PACL *Sacl,
PBOOLEAN SaclDefaulted)
{
if (SecurityDescriptor->Revision != 1)
{
return(STATUS_UNSUCCESSFUL);
}
if (!(SecurityDescriptor->Control & SE_SACL_PRESENT))
{
*SaclPresent = 0;
return(STATUS_SUCCESS);
}
*SaclPresent = 1;
if (SecurityDescriptor->Sacl == NULL)
{
*Sacl = NULL;
}
else
{
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
*Sacl = (PACL)((ULONG)SecurityDescriptor->Sacl +
(PVOID)SecurityDescriptor);
}
else
{
*Sacl = SecurityDescriptor->Sacl;
}
}
if (SecurityDescriptor->Control & SE_SACL_DEFAULTED)
{
*SaclDefaulted = 1;
}
else
{
*SaclDefaulted = 0;
}
return(STATUS_SUCCESS);
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
{
return(STATUS_UNSUCCESSFUL);
}
if (!(SecurityDescriptor->Control & SE_SACL_PRESENT))
{
*SaclPresent = FALSE;
return(STATUS_SUCCESS);
}
*SaclPresent = TRUE;
if (SecurityDescriptor->Sacl == NULL)
{
*Sacl = NULL;
}
else
{
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
*Sacl = (PACL)((ULONG)SecurityDescriptor->Sacl +
(PVOID)SecurityDescriptor);
}
else
{
*Sacl = SecurityDescriptor->Sacl;
}
}
if (SecurityDescriptor->Control & SE_SACL_DEFAULTED)
{
*SaclDefaulted = TRUE;
}
else
{
*SaclDefaulted = FALSE;
}
return(STATUS_SUCCESS);
}
@ -351,27 +529,130 @@ RtlSetSaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
PACL Sacl,
BOOLEAN SaclDefaulted)
{
if (SecurityDescriptor->Revision != 1)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
return(STATUS_UNSUCCESSFUL);
}
if (!SaclPresent)
{
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_PRESENT);
return(STATUS_SUCCESS);
}
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_PRESENT;
SecurityDescriptor->Sacl = Sacl;
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_DEFAULTED);
if (SaclDefaulted)
{
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_DEFAULTED;
}
return(STATUS_SUCCESS);
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
{
return(STATUS_UNSUCCESSFUL);
}
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
return(STATUS_UNSUCCESSFUL);
}
if (!SaclPresent)
{
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_PRESENT);
return(STATUS_SUCCESS);
}
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_PRESENT;
SecurityDescriptor->Sacl = Sacl;
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_DEFAULTED);
if (SaclDefaulted)
{
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_DEFAULTED;
}
return(STATUS_SUCCESS);
}
static VOID
RtlpQuerySecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
PSID* Owner,
PULONG OwnerLength,
PSID* Group,
PULONG GroupLength,
PACL* Dacl,
PULONG DaclLength,
PACL* Sacl,
PULONG SaclLength)
{
if (SecurityDescriptor->Owner == NULL)
{
*Owner = NULL;
}
else
{
*Owner = SecurityDescriptor->Owner;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
*Owner = (PSID)((ULONG)*Owner + (ULONG)SecurityDescriptor);
}
}
if (*Owner != NULL)
{
*OwnerLength = (RtlLengthSid(*Owner) + 3) & ~3;
}
else
{
*OwnerLength = 0;
}
if ((SecurityDescriptor->Control & SE_DACL_PRESENT) &&
SecurityDescriptor->Dacl != NULL)
{
*Dacl = SecurityDescriptor->Dacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
*Dacl = (PACL)((ULONG)*Dacl + (ULONG)SecurityDescriptor);
}
}
else
{
*Dacl = NULL;
}
if (*Dacl != NULL)
{
*DaclLength = ((*Dacl)->AclSize + 3) & ~3;
}
else
{
*DaclLength = 0;
}
if (SecurityDescriptor->Group != NULL)
{
*Group = NULL;
}
else
{
*Group = SecurityDescriptor->Group;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
*Group = (PSID)((ULONG)*Group + (ULONG)SecurityDescriptor);
}
}
if (*Group != NULL)
{
*GroupLength = (RtlLengthSid(*Group) + 3) & ~3;
}
else
{
*GroupLength = 0;
}
if ((SecurityDescriptor->Control & SE_SACL_PRESENT) &&
SecurityDescriptor->Sacl != NULL)
{
*Sacl = SecurityDescriptor->Sacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
*Sacl = (PACL)((ULONG)*Sacl + (ULONG)SecurityDescriptor);
}
}
else
{
*Sacl = NULL;
}
if (*Sacl != NULL)
{
*SaclLength = ((*Sacl)->AclSize + 3) & ~3;
}
}
@ -380,15 +661,84 @@ RtlAbsoluteToSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD,
PSECURITY_DESCRIPTOR RelSD,
PULONG BufferLength)
{
PSID Owner;
PSID Group;
PACL Sacl;
PACL Dacl;
ULONG OwnerLength;
ULONG GroupLength;
ULONG SaclLength;
ULONG DaclLength;
ULONG TotalLength;
ULONG Current;
if (AbsSD->Control & SE_SELF_RELATIVE)
return(STATUS_BAD_DESCRIPTOR_FORMAT);
{
return(STATUS_BAD_DESCRIPTOR_FORMAT);
}
// return(RtlPMakeSelfRelativeSD (AbsSD, RelSD, BufferLength));
RtlpQuerySecurityDescriptor(AbsSD,
&Owner,
&OwnerLength,
&Group,
&GroupLength,
&Dacl,
&DaclLength,
&Sacl,
&SaclLength);
UNIMPLEMENTED;
return(STATUS_NOT_IMPLEMENTED);
TotalLength = OwnerLength + GroupLength + SaclLength +
DaclLength + sizeof(SECURITY_DESCRIPTOR);
if (*BufferLength < TotalLength)
{
return(STATUS_BUFFER_TOO_SMALL);
}
RtlZeroMemory(RelSD,
TotalLength);
memmove(RelSD,
AbsSD,
sizeof(SECURITY_DESCRIPTOR));
Current = (ULONG)RelSD + sizeof(SECURITY_DESCRIPTOR);
if (SaclLength != 0)
{
memmove((PVOID)Current,
Sacl,
SaclLength);
RelSD->Sacl = (PACL)((ULONG)Current - (ULONG)RelSD);
Current += SaclLength;
}
if (DaclLength != 0)
{
memmove((PVOID)Current,
Dacl,
DaclLength);
RelSD->Dacl = (PACL)((ULONG)Current - (ULONG)RelSD);
Current += DaclLength;
}
if (OwnerLength != 0)
{
memmove((PVOID)Current,
Owner,
OwnerLength);
RelSD->Owner = (PSID)((ULONG)Current - (ULONG)RelSD);
Current += OwnerLength;
}
if (GroupLength != 0)
{
memmove((PVOID)Current,
Group,
GroupLength);
RelSD->Group = (PSID)((ULONG)Current - (ULONG)RelSD);
}
RelSD->Control |= SE_SELF_RELATIVE;
return(STATUS_SUCCESS);
}
/* EOF */

57
reactos/ntoskrnl/se/semgr.c
View file

@ -1,4 +1,4 @@
/* $Id: semgr.c,v 1.23 2002/10/25 21:48:00 chorns Exp $
/* $Id: semgr.c,v 1.24 2003/02/15 21:05:15 ekohl Exp $
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
@ -64,6 +64,61 @@ SeInit2(VOID)
}
BOOLEAN
SeInitSRM(VOID)
{
OBJECT_ATTRIBUTES ObjectAttributes;
UNICODE_STRING Name;
HANDLE DirectoryHandle;
HANDLE EventHandle;
NTSTATUS Status;
/* Create '\Security' directory */
RtlInitUnicodeString(&Name,
L"\\Security");
InitializeObjectAttributes(&ObjectAttributes,
&Name,
OBJ_PERMANENT,
0,
NULL);
Status = NtCreateDirectoryObject(&DirectoryHandle,
DIRECTORY_ALL_ACCESS,
&ObjectAttributes);
if (!NT_SUCCESS(Status))
{
DPRINT1("Failed to create 'Security' directory!\n");
return(FALSE);
}
/* Create 'LSA_AUTHENTICATION_INITALIZED' event */
RtlInitUnicodeString(&Name,
L"\\LSA_AUTHENTICATION_INITALIZED");
InitializeObjectAttributes(&ObjectAttributes,
&Name,
OBJ_PERMANENT,
DirectoryHandle,
SePublicDefaultSd);
Status = NtCreateEvent(&EventHandle,
EVENT_ALL_ACCESS,
&ObjectAttributes,
FALSE,
FALSE);
if (!NT_SUCCESS(Status))
{
DPRINT1("Failed to create 'Security' directory!\n");
NtClose(DirectoryHandle);
return(FALSE);
}
NtClose(EventHandle);
NtClose(DirectoryHandle);
/* FIXME: Create SRM port and listener thread */
return(TRUE);
}
static BOOLEAN
SepInitExports(VOID)
{