mirror of
https://github.com/reactos/reactos.git
synced 2024-06-29 01:12:06 +00:00
Added missing Acl and SD functions from ntdll.
svn path=/trunk/; revision=4156
This commit is contained in:
parent
da676ec715
commit
0c2028b391
|
@ -1,4 +1,4 @@
|
|||
/* $Id: acl.c,v 1.10 2002/10/25 21:48:00 chorns Exp $
|
||||
/* $Id: acl.c,v 1.11 2003/02/15 21:05:15 ekohl Exp $
|
||||
*
|
||||
* COPYRIGHT: See COPYING in the top level directory
|
||||
* PROJECT: ReactOS kernel
|
||||
|
@ -134,41 +134,45 @@ BOOLEAN STDCALL
|
|||
RtlFirstFreeAce(PACL Acl,
|
||||
PACE* Ace)
|
||||
{
|
||||
PACE Current;
|
||||
PVOID AclEnd;
|
||||
ULONG i;
|
||||
PACE Current;
|
||||
PVOID AclEnd;
|
||||
ULONG i;
|
||||
|
||||
Current = (PACE)(Acl + 1);
|
||||
*Ace = NULL;
|
||||
i = 0;
|
||||
if (Acl->AceCount == 0)
|
||||
{
|
||||
*Ace = Current;
|
||||
return(TRUE);
|
||||
}
|
||||
AclEnd = Acl->AclSize + Acl;
|
||||
do
|
||||
{
|
||||
if ((PVOID)Current >= AclEnd)
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
if (Current->Header.AceType == 4)
|
||||
{
|
||||
if (Acl->AclRevision < 3)
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
}
|
||||
Current = (PACE)((PVOID)Current + (ULONG)Current->Header.AceSize);
|
||||
i++;
|
||||
} while (i < Acl->AceCount);
|
||||
if ((PVOID)Current >= AclEnd)
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
*Ace = Current;
|
||||
return(TRUE);
|
||||
Current = (PACE)(Acl + 1);
|
||||
*Ace = NULL;
|
||||
i = 0;
|
||||
if (Acl->AceCount == 0)
|
||||
{
|
||||
*Ace = Current;
|
||||
return(TRUE);
|
||||
}
|
||||
|
||||
AclEnd = Acl->AclSize + (PVOID)Acl;
|
||||
do
|
||||
{
|
||||
if ((PVOID)Current >= AclEnd)
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
|
||||
if (Current->Header.AceType == 4)
|
||||
{
|
||||
if (Acl->AclRevision < 3)
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
}
|
||||
Current = (PACE)((PVOID)Current + (ULONG)Current->Header.AceSize);
|
||||
i++;
|
||||
}
|
||||
while (i < Acl->AceCount);
|
||||
|
||||
if ((PVOID)Current < AclEnd)
|
||||
{
|
||||
*Ace = Current;
|
||||
}
|
||||
|
||||
return(TRUE);
|
||||
}
|
||||
|
||||
|
||||
|
@ -322,4 +326,27 @@ RtlCreateAcl(PACL Acl,
|
|||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
BOOLEAN STDCALL
|
||||
RtlValidAcl(PACL Acl)
|
||||
{
|
||||
PACE Ace;
|
||||
USHORT Size;
|
||||
|
||||
Size = (Acl->AclSize + 3) & ~3;
|
||||
|
||||
if (Acl->AclRevision != 2 &&
|
||||
Acl->AclRevision != 3)
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
|
||||
if (Size != Acl->AclSize)
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
|
||||
return(RtlFirstFreeAce(Acl, &Ace));
|
||||
}
|
||||
|
||||
/* EOF */
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: sd.c,v 1.8 2002/09/08 10:23:43 chorns Exp $
|
||||
/* $Id: sd.c,v 1.9 2003/02/15 21:07:49 ekohl Exp $
|
||||
*
|
||||
* COPYRIGHT: See COPYING in the top level directory
|
||||
* PROJECT: ReactOS kernel
|
||||
|
@ -16,12 +16,98 @@
|
|||
|
||||
#include <internal/debug.h>
|
||||
|
||||
/* GLOBALS ******************************************************************/
|
||||
|
||||
PSECURITY_DESCRIPTOR SePublicDefaultSd = NULL;
|
||||
PSECURITY_DESCRIPTOR SePublicDefaultUnrestrictedSd = NULL;
|
||||
PSECURITY_DESCRIPTOR SePublicOpenSd = NULL;
|
||||
PSECURITY_DESCRIPTOR SePublicOpenUnrestrictedSd = NULL;
|
||||
PSECURITY_DESCRIPTOR SeSystemDefaultSd = NULL;
|
||||
PSECURITY_DESCRIPTOR SeUnrestrictedSd = NULL;
|
||||
|
||||
/* FUNCTIONS ***************************************************************/
|
||||
|
||||
BOOLEAN
|
||||
SepInitSDs(VOID)
|
||||
{
|
||||
/* Create PublicDefaultSd */
|
||||
SePublicDefaultSd = ExAllocatePool(NonPagedPool,
|
||||
sizeof(SECURITY_DESCRIPTOR));
|
||||
if (SePublicDefaultSd == NULL)
|
||||
return(FALSE);
|
||||
|
||||
RtlCreateSecurityDescriptor(SePublicDefaultSd,
|
||||
SECURITY_DESCRIPTOR_REVISION);
|
||||
RtlSetDaclSecurityDescriptor(SePublicDefaultSd,
|
||||
TRUE,
|
||||
SePublicDefaultDacl,
|
||||
FALSE);
|
||||
|
||||
/* Create PublicDefaultUnrestrictedSd */
|
||||
SePublicDefaultUnrestrictedSd = ExAllocatePool(NonPagedPool,
|
||||
sizeof(SECURITY_DESCRIPTOR));
|
||||
if (SePublicDefaultUnrestrictedSd == NULL)
|
||||
return(FALSE);
|
||||
|
||||
RtlCreateSecurityDescriptor(SePublicDefaultUnrestrictedSd,
|
||||
SECURITY_DESCRIPTOR_REVISION);
|
||||
RtlSetDaclSecurityDescriptor(SePublicDefaultUnrestrictedSd,
|
||||
TRUE,
|
||||
SePublicDefaultUnrestrictedDacl,
|
||||
FALSE);
|
||||
|
||||
/* Create PublicOpenSd */
|
||||
SePublicOpenSd = ExAllocatePool(NonPagedPool,
|
||||
sizeof(SECURITY_DESCRIPTOR));
|
||||
if (SePublicOpenSd == NULL)
|
||||
return(FALSE);
|
||||
|
||||
RtlCreateSecurityDescriptor(SePublicOpenSd,
|
||||
SECURITY_DESCRIPTOR_REVISION);
|
||||
RtlSetDaclSecurityDescriptor(SePublicOpenSd,
|
||||
TRUE,
|
||||
SePublicOpenDacl,
|
||||
FALSE);
|
||||
|
||||
/* Create PublicOpenUnrestrictedSd */
|
||||
SePublicOpenUnrestrictedSd = ExAllocatePool(NonPagedPool,
|
||||
sizeof(SECURITY_DESCRIPTOR));
|
||||
if (SePublicOpenUnrestrictedSd == NULL)
|
||||
return(FALSE);
|
||||
|
||||
RtlCreateSecurityDescriptor(SePublicOpenUnrestrictedSd,
|
||||
SECURITY_DESCRIPTOR_REVISION);
|
||||
RtlSetDaclSecurityDescriptor(SePublicOpenUnrestrictedSd,
|
||||
TRUE,
|
||||
SePublicOpenUnrestrictedDacl,
|
||||
FALSE);
|
||||
|
||||
/* Create SystemDefaultSd */
|
||||
SeSystemDefaultSd = ExAllocatePool(NonPagedPool,
|
||||
sizeof(SECURITY_DESCRIPTOR));
|
||||
if (SeSystemDefaultSd == NULL)
|
||||
return(FALSE);
|
||||
|
||||
RtlCreateSecurityDescriptor(SeSystemDefaultSd,
|
||||
SECURITY_DESCRIPTOR_REVISION);
|
||||
RtlSetDaclSecurityDescriptor(SeSystemDefaultSd,
|
||||
TRUE,
|
||||
SeSystemDefaultDacl,
|
||||
FALSE);
|
||||
|
||||
/* Create UnrestrictedSd */
|
||||
SeUnrestrictedSd = ExAllocatePool(NonPagedPool,
|
||||
sizeof(SECURITY_DESCRIPTOR));
|
||||
if (SeUnrestrictedSd == NULL)
|
||||
return(FALSE);
|
||||
|
||||
RtlCreateSecurityDescriptor(SeUnrestrictedSd,
|
||||
SECURITY_DESCRIPTOR_REVISION);
|
||||
RtlSetDaclSecurityDescriptor(SeUnrestrictedSd,
|
||||
TRUE,
|
||||
SeUnrestrictedDacl,
|
||||
FALSE);
|
||||
|
||||
return(TRUE);
|
||||
}
|
||||
|
||||
|
@ -30,10 +116,10 @@ NTSTATUS STDCALL
|
|||
RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
||||
ULONG Revision)
|
||||
{
|
||||
if (Revision != 1)
|
||||
if (Revision != SECURITY_DESCRIPTOR_REVISION)
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
|
||||
SecurityDescriptor->Revision = 1;
|
||||
SecurityDescriptor->Revision = SECURITY_DESCRIPTOR_REVISION;
|
||||
SecurityDescriptor->Sbz1 = 0;
|
||||
SecurityDescriptor->Control = 0;
|
||||
SecurityDescriptor->Owner = NULL;
|
||||
|
@ -44,59 +130,64 @@ RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
ULONG STDCALL
|
||||
RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
|
||||
{
|
||||
PSID Owner;
|
||||
PSID Group;
|
||||
ULONG Length;
|
||||
PACL Dacl;
|
||||
PACL Sacl;
|
||||
|
||||
Length = sizeof(SECURITY_DESCRIPTOR);
|
||||
|
||||
if (SecurityDescriptor->Owner != NULL)
|
||||
{
|
||||
Owner = SecurityDescriptor->Owner;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Owner = (PSID)((ULONG)Owner +
|
||||
(ULONG)SecurityDescriptor);
|
||||
}
|
||||
Length = Length + ((sizeof(SID) + (Owner->SubAuthorityCount - 1) *
|
||||
sizeof(ULONG) + 3) & 0xfc);
|
||||
}
|
||||
if (SecurityDescriptor->Group != NULL)
|
||||
{
|
||||
Group = SecurityDescriptor->Group;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Group = (PSID)((ULONG)Group + (ULONG)SecurityDescriptor);
|
||||
}
|
||||
Length = Length + ((sizeof(SID) + (Group->SubAuthorityCount - 1) *
|
||||
sizeof(ULONG) + 3) & 0xfc);
|
||||
}
|
||||
if (SecurityDescriptor->Control & SE_DACL_PRESENT &&
|
||||
SecurityDescriptor->Dacl != NULL)
|
||||
{
|
||||
Dacl = SecurityDescriptor->Dacl;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Dacl = (PACL)((ULONG)Dacl + (PVOID)SecurityDescriptor);
|
||||
}
|
||||
Length = Length + ((Dacl->AclSize + 3) & 0xfc);
|
||||
}
|
||||
if (SecurityDescriptor->Control & SE_SACL_PRESENT &&
|
||||
SecurityDescriptor->Sacl != NULL)
|
||||
{
|
||||
Sacl = SecurityDescriptor->Sacl;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Sacl = (PACL)((ULONG)Sacl + (PVOID)SecurityDescriptor);
|
||||
}
|
||||
Length = Length + ((Sacl->AclSize + 3) & 0xfc);
|
||||
}
|
||||
return(Length);
|
||||
PSID Owner;
|
||||
PSID Group;
|
||||
ULONG Length;
|
||||
PACL Dacl;
|
||||
PACL Sacl;
|
||||
|
||||
Length = sizeof(SECURITY_DESCRIPTOR);
|
||||
|
||||
if (SecurityDescriptor->Owner != NULL)
|
||||
{
|
||||
Owner = SecurityDescriptor->Owner;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Owner = (PSID)((ULONG)Owner +
|
||||
(ULONG)SecurityDescriptor);
|
||||
}
|
||||
Length = Length + ((sizeof(SID) + (Owner->SubAuthorityCount - 1) *
|
||||
sizeof(ULONG) + 3) & 0xfc);
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Group != NULL)
|
||||
{
|
||||
Group = SecurityDescriptor->Group;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Group = (PSID)((ULONG)Group + (ULONG)SecurityDescriptor);
|
||||
}
|
||||
Length = Length + ((sizeof(SID) + (Group->SubAuthorityCount - 1) *
|
||||
sizeof(ULONG) + 3) & 0xfc);
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Control & SE_DACL_PRESENT &&
|
||||
SecurityDescriptor->Dacl != NULL)
|
||||
{
|
||||
Dacl = SecurityDescriptor->Dacl;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Dacl = (PACL)((ULONG)Dacl + (PVOID)SecurityDescriptor);
|
||||
}
|
||||
Length = Length + ((Dacl->AclSize + 3) & 0xfc);
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Control & SE_SACL_PRESENT &&
|
||||
SecurityDescriptor->Sacl != NULL)
|
||||
{
|
||||
Sacl = SecurityDescriptor->Sacl;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Sacl = (PACL)((ULONG)Sacl + (PVOID)SecurityDescriptor);
|
||||
}
|
||||
Length = Length + ((Sacl->AclSize + 3) & 0xfc);
|
||||
}
|
||||
|
||||
return(Length);
|
||||
}
|
||||
|
||||
|
||||
|
@ -106,41 +197,45 @@ RtlGetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
PACL* Dacl,
|
||||
PBOOLEAN DaclDefaulted)
|
||||
{
|
||||
if (SecurityDescriptor->Revision != 1)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
if (!(SecurityDescriptor->Control & SE_DACL_PRESENT))
|
||||
{
|
||||
*DaclPresent = 0;
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
*DaclPresent = 1;
|
||||
if (SecurityDescriptor->Dacl == NULL)
|
||||
{
|
||||
*Dacl = NULL;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
*Dacl = (PACL)((ULONG)SecurityDescriptor->Dacl +
|
||||
(PVOID)SecurityDescriptor);
|
||||
}
|
||||
else
|
||||
{
|
||||
*Dacl = SecurityDescriptor->Dacl;
|
||||
}
|
||||
}
|
||||
if (SecurityDescriptor->Control & SE_DACL_DEFAULTED)
|
||||
{
|
||||
*DaclDefaulted = 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
*DaclDefaulted = 0;
|
||||
}
|
||||
return(STATUS_SUCCESS);
|
||||
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
if (!(SecurityDescriptor->Control & SE_DACL_PRESENT))
|
||||
{
|
||||
*DaclPresent = FALSE;
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
*DaclPresent = TRUE;
|
||||
|
||||
if (SecurityDescriptor->Dacl == NULL)
|
||||
{
|
||||
*Dacl = NULL;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
*Dacl = (PACL)((ULONG)SecurityDescriptor->Dacl +
|
||||
(PVOID)SecurityDescriptor);
|
||||
}
|
||||
else
|
||||
{
|
||||
*Dacl = SecurityDescriptor->Dacl;
|
||||
}
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Control & SE_DACL_DEFAULTED)
|
||||
{
|
||||
*DaclDefaulted = TRUE;
|
||||
}
|
||||
else
|
||||
{
|
||||
*DaclDefaulted = FALSE;
|
||||
}
|
||||
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
|
@ -150,34 +245,101 @@ RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
PACL Dacl,
|
||||
BOOLEAN DaclDefaulted)
|
||||
{
|
||||
if (SecurityDescriptor->Revision != 1)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
if (!DaclPresent)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_DACL_PRESENT);
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_DACL_PRESENT;
|
||||
SecurityDescriptor->Dacl = Dacl;
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_DACL_DEFAULTED);
|
||||
if (DaclDefaulted)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_DACL_DEFAULTED;
|
||||
}
|
||||
return(STATUS_SUCCESS);
|
||||
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
if (!DaclPresent)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_DACL_PRESENT);
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_DACL_PRESENT;
|
||||
SecurityDescriptor->Dacl = Dacl;
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_DACL_DEFAULTED);
|
||||
|
||||
if (DaclDefaulted)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_DACL_DEFAULTED;
|
||||
}
|
||||
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
BOOLEAN STDCALL
|
||||
RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
PSID Owner;
|
||||
PSID Group;
|
||||
PACL Sacl;
|
||||
PACL Dacl;
|
||||
|
||||
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
|
||||
Owner = SecurityDescriptor->Owner;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Owner = (PSID)((ULONG)Owner + (ULONG)SecurityDescriptor);
|
||||
}
|
||||
|
||||
if (!RtlValidSid(Owner))
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
|
||||
Group = SecurityDescriptor->Group;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Group = (PSID)((ULONG)Group + (ULONG)SecurityDescriptor);
|
||||
}
|
||||
|
||||
if (!RtlValidSid(Group))
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Control & SE_DACL_PRESENT &&
|
||||
SecurityDescriptor->Dacl != NULL)
|
||||
{
|
||||
Dacl = SecurityDescriptor->Dacl;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Dacl = (PACL)((ULONG)Dacl + (ULONG)SecurityDescriptor);
|
||||
}
|
||||
|
||||
if (!RtlValidAcl(Dacl))
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Control & SE_SACL_PRESENT &&
|
||||
SecurityDescriptor->Sacl != NULL)
|
||||
{
|
||||
Sacl = SecurityDescriptor->Sacl;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Sacl = (PACL)((ULONG)Sacl + (ULONG)SecurityDescriptor);
|
||||
}
|
||||
|
||||
if (!RtlValidAcl(Sacl))
|
||||
{
|
||||
return(FALSE);
|
||||
}
|
||||
}
|
||||
|
||||
return(TRUE);
|
||||
}
|
||||
|
||||
|
||||
|
@ -186,21 +348,25 @@ RtlSetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
PSID Owner,
|
||||
BOOLEAN OwnerDefaulted)
|
||||
{
|
||||
if (SecurityDescriptor->Revision != 1)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
SecurityDescriptor->Owner = Owner;
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_OWNER_DEFAULTED);
|
||||
if (OwnerDefaulted)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_OWNER_DEFAULTED;
|
||||
}
|
||||
return(STATUS_SUCCESS);
|
||||
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
SecurityDescriptor->Owner = Owner;
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_OWNER_DEFAULTED);
|
||||
|
||||
if (OwnerDefaulted)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_OWNER_DEFAULTED;
|
||||
}
|
||||
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
|
@ -209,12 +375,13 @@ RtlGetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
PSID* Owner,
|
||||
PBOOLEAN OwnerDefaulted)
|
||||
{
|
||||
if (SecurityDescriptor->Revision != 1)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
if (SecurityDescriptor->Owner != NULL)
|
||||
{
|
||||
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Owner != NULL)
|
||||
{
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
*Owner = (PSID)((ULONG)SecurityDescriptor->Owner +
|
||||
|
@ -224,11 +391,11 @@ RtlGetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
{
|
||||
*Owner = SecurityDescriptor->Owner;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
}
|
||||
else
|
||||
{
|
||||
*Owner = NULL;
|
||||
}
|
||||
}
|
||||
if (SecurityDescriptor->Control & SE_OWNER_DEFAULTED)
|
||||
{
|
||||
*OwnerDefaulted = 1;
|
||||
|
@ -246,21 +413,25 @@ RtlSetGroupSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
PSID Group,
|
||||
BOOLEAN GroupDefaulted)
|
||||
{
|
||||
if (SecurityDescriptor->Revision != 1)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
SecurityDescriptor->Group = Group;
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_GROUP_DEFAULTED);
|
||||
if (GroupDefaulted)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_GROUP_DEFAULTED;
|
||||
}
|
||||
return(STATUS_SUCCESS);
|
||||
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
SecurityDescriptor->Group = Group;
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_GROUP_DEFAULTED);
|
||||
|
||||
if (GroupDefaulted)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_GROUP_DEFAULTED;
|
||||
}
|
||||
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
|
@ -269,35 +440,38 @@ RtlGetGroupSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
PSID* Group,
|
||||
PBOOLEAN GroupDefaulted)
|
||||
{
|
||||
if (SecurityDescriptor->Revision != 1)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
if (SecurityDescriptor->Group != NULL)
|
||||
{
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
*Group = (PSID)((ULONG)SecurityDescriptor->Group +
|
||||
(PVOID)SecurityDescriptor);
|
||||
}
|
||||
else
|
||||
{
|
||||
*Group = SecurityDescriptor->Group;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
*Group = NULL;
|
||||
}
|
||||
if (SecurityDescriptor->Control & SE_GROUP_DEFAULTED)
|
||||
{
|
||||
*GroupDefaulted = 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
*GroupDefaulted = 0;
|
||||
}
|
||||
return(STATUS_SUCCESS);
|
||||
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Group != NULL)
|
||||
{
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
*Group = (PSID)((ULONG)SecurityDescriptor->Group +
|
||||
(PVOID)SecurityDescriptor);
|
||||
}
|
||||
else
|
||||
{
|
||||
*Group = SecurityDescriptor->Group;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
*Group = NULL;
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Control & SE_GROUP_DEFAULTED)
|
||||
{
|
||||
*GroupDefaulted = TRUE;
|
||||
}
|
||||
else
|
||||
{
|
||||
*GroupDefaulted = FALSE;
|
||||
}
|
||||
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
|
@ -307,41 +481,45 @@ RtlGetSaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
PACL *Sacl,
|
||||
PBOOLEAN SaclDefaulted)
|
||||
{
|
||||
if (SecurityDescriptor->Revision != 1)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
if (!(SecurityDescriptor->Control & SE_SACL_PRESENT))
|
||||
{
|
||||
*SaclPresent = 0;
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
*SaclPresent = 1;
|
||||
if (SecurityDescriptor->Sacl == NULL)
|
||||
{
|
||||
*Sacl = NULL;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
*Sacl = (PACL)((ULONG)SecurityDescriptor->Sacl +
|
||||
(PVOID)SecurityDescriptor);
|
||||
}
|
||||
else
|
||||
{
|
||||
*Sacl = SecurityDescriptor->Sacl;
|
||||
}
|
||||
}
|
||||
if (SecurityDescriptor->Control & SE_SACL_DEFAULTED)
|
||||
{
|
||||
*SaclDefaulted = 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
*SaclDefaulted = 0;
|
||||
}
|
||||
return(STATUS_SUCCESS);
|
||||
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
if (!(SecurityDescriptor->Control & SE_SACL_PRESENT))
|
||||
{
|
||||
*SaclPresent = FALSE;
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
*SaclPresent = TRUE;
|
||||
|
||||
if (SecurityDescriptor->Sacl == NULL)
|
||||
{
|
||||
*Sacl = NULL;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
*Sacl = (PACL)((ULONG)SecurityDescriptor->Sacl +
|
||||
(PVOID)SecurityDescriptor);
|
||||
}
|
||||
else
|
||||
{
|
||||
*Sacl = SecurityDescriptor->Sacl;
|
||||
}
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Control & SE_SACL_DEFAULTED)
|
||||
{
|
||||
*SaclDefaulted = TRUE;
|
||||
}
|
||||
else
|
||||
{
|
||||
*SaclDefaulted = FALSE;
|
||||
}
|
||||
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
|
@ -351,27 +529,130 @@ RtlSetSaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
PACL Sacl,
|
||||
BOOLEAN SaclDefaulted)
|
||||
{
|
||||
if (SecurityDescriptor->Revision != 1)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
if (!SaclPresent)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_PRESENT);
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_PRESENT;
|
||||
SecurityDescriptor->Sacl = Sacl;
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_DEFAULTED);
|
||||
if (SaclDefaulted)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_DEFAULTED;
|
||||
}
|
||||
return(STATUS_SUCCESS);
|
||||
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
return(STATUS_UNSUCCESSFUL);
|
||||
}
|
||||
|
||||
if (!SaclPresent)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_PRESENT);
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_PRESENT;
|
||||
SecurityDescriptor->Sacl = Sacl;
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_DEFAULTED);
|
||||
|
||||
if (SaclDefaulted)
|
||||
{
|
||||
SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_DEFAULTED;
|
||||
}
|
||||
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
static VOID
|
||||
RtlpQuerySecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
|
||||
PSID* Owner,
|
||||
PULONG OwnerLength,
|
||||
PSID* Group,
|
||||
PULONG GroupLength,
|
||||
PACL* Dacl,
|
||||
PULONG DaclLength,
|
||||
PACL* Sacl,
|
||||
PULONG SaclLength)
|
||||
{
|
||||
if (SecurityDescriptor->Owner == NULL)
|
||||
{
|
||||
*Owner = NULL;
|
||||
}
|
||||
else
|
||||
{
|
||||
*Owner = SecurityDescriptor->Owner;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
*Owner = (PSID)((ULONG)*Owner + (ULONG)SecurityDescriptor);
|
||||
}
|
||||
}
|
||||
|
||||
if (*Owner != NULL)
|
||||
{
|
||||
*OwnerLength = (RtlLengthSid(*Owner) + 3) & ~3;
|
||||
}
|
||||
else
|
||||
{
|
||||
*OwnerLength = 0;
|
||||
}
|
||||
|
||||
if ((SecurityDescriptor->Control & SE_DACL_PRESENT) &&
|
||||
SecurityDescriptor->Dacl != NULL)
|
||||
{
|
||||
*Dacl = SecurityDescriptor->Dacl;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
*Dacl = (PACL)((ULONG)*Dacl + (ULONG)SecurityDescriptor);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
*Dacl = NULL;
|
||||
}
|
||||
|
||||
if (*Dacl != NULL)
|
||||
{
|
||||
*DaclLength = ((*Dacl)->AclSize + 3) & ~3;
|
||||
}
|
||||
else
|
||||
{
|
||||
*DaclLength = 0;
|
||||
}
|
||||
|
||||
if (SecurityDescriptor->Group != NULL)
|
||||
{
|
||||
*Group = NULL;
|
||||
}
|
||||
else
|
||||
{
|
||||
*Group = SecurityDescriptor->Group;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
*Group = (PSID)((ULONG)*Group + (ULONG)SecurityDescriptor);
|
||||
}
|
||||
}
|
||||
|
||||
if (*Group != NULL)
|
||||
{
|
||||
*GroupLength = (RtlLengthSid(*Group) + 3) & ~3;
|
||||
}
|
||||
else
|
||||
{
|
||||
*GroupLength = 0;
|
||||
}
|
||||
|
||||
if ((SecurityDescriptor->Control & SE_SACL_PRESENT) &&
|
||||
SecurityDescriptor->Sacl != NULL)
|
||||
{
|
||||
*Sacl = SecurityDescriptor->Sacl;
|
||||
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
*Sacl = (PACL)((ULONG)*Sacl + (ULONG)SecurityDescriptor);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
*Sacl = NULL;
|
||||
}
|
||||
|
||||
if (*Sacl != NULL)
|
||||
{
|
||||
*SaclLength = ((*Sacl)->AclSize + 3) & ~3;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
@ -380,15 +661,84 @@ RtlAbsoluteToSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD,
|
|||
PSECURITY_DESCRIPTOR RelSD,
|
||||
PULONG BufferLength)
|
||||
{
|
||||
PSID Owner;
|
||||
PSID Group;
|
||||
PACL Sacl;
|
||||
PACL Dacl;
|
||||
ULONG OwnerLength;
|
||||
ULONG GroupLength;
|
||||
ULONG SaclLength;
|
||||
ULONG DaclLength;
|
||||
ULONG TotalLength;
|
||||
ULONG Current;
|
||||
|
||||
if (AbsSD->Control & SE_SELF_RELATIVE)
|
||||
return(STATUS_BAD_DESCRIPTOR_FORMAT);
|
||||
{
|
||||
return(STATUS_BAD_DESCRIPTOR_FORMAT);
|
||||
}
|
||||
|
||||
// return(RtlPMakeSelfRelativeSD (AbsSD, RelSD, BufferLength));
|
||||
RtlpQuerySecurityDescriptor(AbsSD,
|
||||
&Owner,
|
||||
&OwnerLength,
|
||||
&Group,
|
||||
&GroupLength,
|
||||
&Dacl,
|
||||
&DaclLength,
|
||||
&Sacl,
|
||||
&SaclLength);
|
||||
|
||||
UNIMPLEMENTED;
|
||||
return(STATUS_NOT_IMPLEMENTED);
|
||||
TotalLength = OwnerLength + GroupLength + SaclLength +
|
||||
DaclLength + sizeof(SECURITY_DESCRIPTOR);
|
||||
if (*BufferLength < TotalLength)
|
||||
{
|
||||
return(STATUS_BUFFER_TOO_SMALL);
|
||||
}
|
||||
|
||||
RtlZeroMemory(RelSD,
|
||||
TotalLength);
|
||||
memmove(RelSD,
|
||||
AbsSD,
|
||||
sizeof(SECURITY_DESCRIPTOR));
|
||||
Current = (ULONG)RelSD + sizeof(SECURITY_DESCRIPTOR);
|
||||
|
||||
if (SaclLength != 0)
|
||||
{
|
||||
memmove((PVOID)Current,
|
||||
Sacl,
|
||||
SaclLength);
|
||||
RelSD->Sacl = (PACL)((ULONG)Current - (ULONG)RelSD);
|
||||
Current += SaclLength;
|
||||
}
|
||||
|
||||
if (DaclLength != 0)
|
||||
{
|
||||
memmove((PVOID)Current,
|
||||
Dacl,
|
||||
DaclLength);
|
||||
RelSD->Dacl = (PACL)((ULONG)Current - (ULONG)RelSD);
|
||||
Current += DaclLength;
|
||||
}
|
||||
|
||||
if (OwnerLength != 0)
|
||||
{
|
||||
memmove((PVOID)Current,
|
||||
Owner,
|
||||
OwnerLength);
|
||||
RelSD->Owner = (PSID)((ULONG)Current - (ULONG)RelSD);
|
||||
Current += OwnerLength;
|
||||
}
|
||||
|
||||
if (GroupLength != 0)
|
||||
{
|
||||
memmove((PVOID)Current,
|
||||
Group,
|
||||
GroupLength);
|
||||
RelSD->Group = (PSID)((ULONG)Current - (ULONG)RelSD);
|
||||
}
|
||||
|
||||
RelSD->Control |= SE_SELF_RELATIVE;
|
||||
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
|
||||
/* EOF */
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: semgr.c,v 1.23 2002/10/25 21:48:00 chorns Exp $
|
||||
/* $Id: semgr.c,v 1.24 2003/02/15 21:05:15 ekohl Exp $
|
||||
*
|
||||
* COPYRIGHT: See COPYING in the top level directory
|
||||
* PROJECT: ReactOS kernel
|
||||
|
@ -64,6 +64,61 @@ SeInit2(VOID)
|
|||
}
|
||||
|
||||
|
||||
BOOLEAN
|
||||
SeInitSRM(VOID)
|
||||
{
|
||||
OBJECT_ATTRIBUTES ObjectAttributes;
|
||||
UNICODE_STRING Name;
|
||||
HANDLE DirectoryHandle;
|
||||
HANDLE EventHandle;
|
||||
NTSTATUS Status;
|
||||
|
||||
/* Create '\Security' directory */
|
||||
RtlInitUnicodeString(&Name,
|
||||
L"\\Security");
|
||||
InitializeObjectAttributes(&ObjectAttributes,
|
||||
&Name,
|
||||
OBJ_PERMANENT,
|
||||
0,
|
||||
NULL);
|
||||
Status = NtCreateDirectoryObject(&DirectoryHandle,
|
||||
DIRECTORY_ALL_ACCESS,
|
||||
&ObjectAttributes);
|
||||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
DPRINT1("Failed to create 'Security' directory!\n");
|
||||
return(FALSE);
|
||||
}
|
||||
|
||||
/* Create 'LSA_AUTHENTICATION_INITALIZED' event */
|
||||
RtlInitUnicodeString(&Name,
|
||||
L"\\LSA_AUTHENTICATION_INITALIZED");
|
||||
InitializeObjectAttributes(&ObjectAttributes,
|
||||
&Name,
|
||||
OBJ_PERMANENT,
|
||||
DirectoryHandle,
|
||||
SePublicDefaultSd);
|
||||
Status = NtCreateEvent(&EventHandle,
|
||||
EVENT_ALL_ACCESS,
|
||||
&ObjectAttributes,
|
||||
FALSE,
|
||||
FALSE);
|
||||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
DPRINT1("Failed to create 'Security' directory!\n");
|
||||
NtClose(DirectoryHandle);
|
||||
return(FALSE);
|
||||
}
|
||||
|
||||
NtClose(EventHandle);
|
||||
NtClose(DirectoryHandle);
|
||||
|
||||
/* FIXME: Create SRM port and listener thread */
|
||||
|
||||
return(TRUE);
|
||||
}
|
||||
|
||||
|
||||
static BOOLEAN
|
||||
SepInitExports(VOID)
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue