diff --git a/reactos/include/ntdll/rtl.h b/reactos/include/ntdll/rtl.h index edc5b329b00..14ffb57a51c 100644 --- a/reactos/include/ntdll/rtl.h +++ b/reactos/include/ntdll/rtl.h @@ -193,6 +193,18 @@ RtlpInitDeferedCriticalSection( VOID ); +VOID +STDCALL +RtlpFreeDebugInfo( + PRTL_CRITICAL_SECTION_DEBUG DebugInfo +); + +PRTL_CRITICAL_SECTION_DEBUG +STDCALL +RtlpAllocateDebugInfo( + VOID +); + NTSTATUS STDCALL RtlAddAccessAllowedAceEx (IN OUT PACL Acl, IN ULONG Revision, diff --git a/reactos/include/ntos/obtypes.h b/reactos/include/ntos/obtypes.h index 0e11636a8b9..9094b0688e6 100755 --- a/reactos/include/ntos/obtypes.h +++ b/reactos/include/ntos/obtypes.h @@ -83,8 +83,8 @@ typedef struct _OBJECT_ATTRIBUTES HANDLE RootDirectory; PUNICODE_STRING ObjectName; ULONG Attributes; - SECURITY_DESCRIPTOR *SecurityDescriptor; - SECURITY_QUALITY_OF_SERVICE *SecurityQualityOfService; + PVOID SecurityDescriptor; + PVOID SecurityQualityOfService; } OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES; #endif /* __USE_W32API */ diff --git a/reactos/include/ntos/security.h b/reactos/include/ntos/security.h index 829a96ea308..4dabd7950a2 100644 --- a/reactos/include/ntos/security.h +++ b/reactos/include/ntos/security.h @@ -74,6 +74,18 @@ typedef struct _SECURITY_DESCRIPTOR_CONTEXT #ifndef __USE_W32API +#ifndef _MSC_VER +#define SYSTEM_LUID {{ 0x3E7, 0x0 }} +#define ANONYMOUS_LOGON_LUID {{ 0x3e6, 0x0 }} +#define LOCALSERVICE_LUID {{ 0x3e5, 0x0 }} +#define NETWORKSERVICE_LUID {{ 0x3e4, 0x0 }} +#else +#define SYSTEM_LUID { 0x3E7, 0x0 } +#define ANONYMOUS_LOGON_LUID { 0x3e6, 0x0 } +#define LOCALSERVICE_LUID { 0x3e5, 0x0 } +#define NETWORKSERVICE_LUID { 0x3e4, 0x0 } +#endif + /* SID Auhority */ #define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0} #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1} @@ -227,7 +239,9 @@ typedef struct _SID UCHAR SubAuthorityCount; SID_IDENTIFIER_AUTHORITY IdentifierAuthority; ULONG SubAuthority[1]; -} SID, *PSID; +} SID, *PISID; + +typedef PVOID PSID; typedef struct _ACL { diff --git a/reactos/lib/rtl/sid.c b/reactos/lib/rtl/sid.c index 77f01a21439..18e99ed6033 100644 --- a/reactos/lib/rtl/sid.c +++ b/reactos/lib/rtl/sid.c @@ -1,4 +1,4 @@ -/* $Id: sid.c,v 1.4 2004/07/12 19:39:29 ekohl Exp $ +/* $Id$ * * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS kernel @@ -22,8 +22,10 @@ /* FUNCTIONS ***************************************************************/ BOOLEAN STDCALL -RtlValidSid(IN PSID Sid) +RtlValidSid(IN PSID Sid_) { + PISID Sid = Sid_; + if ((Sid->Revision != SID_REVISION) || (Sid->SubAuthorityCount > SID_MAX_SUB_AUTHORITIES)) { @@ -48,10 +50,12 @@ RtlLengthRequiredSid(IN UCHAR SubAuthorityCount) * @implemented */ NTSTATUS STDCALL -RtlInitializeSid(IN PSID Sid, +RtlInitializeSid(IN PSID Sid_, IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount) { + PISID Sid = Sid_; + Sid->Revision = SID_REVISION; Sid->SubAuthorityCount = SubAuthorityCount; memcpy(&Sid->IdentifierAuthority, @@ -66,9 +70,11 @@ RtlInitializeSid(IN PSID Sid, * @implemented */ PULONG STDCALL -RtlSubAuthoritySid(IN PSID Sid, +RtlSubAuthoritySid(IN PSID Sid_, IN ULONG SubAuthority) { + PISID Sid = Sid_; + return &Sid->SubAuthority[SubAuthority]; } @@ -77,8 +83,10 @@ RtlSubAuthoritySid(IN PSID Sid, * @implemented */ PUCHAR STDCALL -RtlSubAuthorityCountSid(IN PSID Sid) +RtlSubAuthorityCountSid(IN PSID Sid_) { + PISID Sid = Sid_; + return &Sid->SubAuthorityCount; } @@ -87,9 +95,12 @@ RtlSubAuthorityCountSid(IN PSID Sid) * @implemented */ BOOLEAN STDCALL -RtlEqualSid(IN PSID Sid1, - IN PSID Sid2) +RtlEqualSid(IN PSID Sid1_, + IN PSID Sid2_) { + PISID Sid1 = Sid1_; + PISID Sid2 = Sid2_; + if (Sid1->Revision != Sid2->Revision) { return(FALSE); @@ -110,8 +121,10 @@ RtlEqualSid(IN PSID Sid1, * @implemented */ ULONG STDCALL -RtlLengthSid(IN PSID Sid) +RtlLengthSid(IN PSID Sid_) { + PISID Sid = Sid_; + return (sizeof(SID) + (Sid->SubAuthorityCount-1) * sizeof(ULONG)); } @@ -180,8 +193,10 @@ RtlCopySidAndAttributesArray(ULONG Count, * @implemented */ PSID_IDENTIFIER_AUTHORITY STDCALL -RtlIdentifierAuthoritySid(IN PSID Sid) +RtlIdentifierAuthoritySid(IN PSID Sid_) { + PISID Sid = Sid_; + return &Sid->IdentifierAuthority; } @@ -202,7 +217,7 @@ RtlAllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, ULONG SubAuthority7, PSID *Sid) { - PSID pSid; + PISID pSid; if (SubAuthorityCount > 8) return STATUS_INVALID_SID; @@ -267,9 +282,12 @@ RtlFreeSid(IN PSID Sid) * @implemented */ BOOLEAN STDCALL -RtlEqualPrefixSid(IN PSID Sid1, - IN PSID Sid2) +RtlEqualPrefixSid(IN PSID Sid1_, + IN PSID Sid2_) { + PISID Sid1 = Sid1_; + PISID Sid2 = Sid2_; + return(Sid1->SubAuthorityCount == Sid2->SubAuthorityCount && !RtlCompareMemory(Sid1, Sid2, (Sid1->SubAuthorityCount - 1) * sizeof(DWORD) + 8)); @@ -281,13 +299,14 @@ RtlEqualPrefixSid(IN PSID Sid1, */ NTSTATUS STDCALL RtlConvertSidToUnicodeString(PUNICODE_STRING String, - PSID Sid, + PSID Sid_, BOOLEAN AllocateBuffer) { WCHAR Buffer[256]; PWSTR wcs; ULONG Length; ULONG i; + PISID Sid = Sid_; if (RtlValidSid (Sid) == FALSE) return STATUS_INVALID_SID; diff --git a/reactos/ntoskrnl/se/luid.c b/reactos/ntoskrnl/se/luid.c index 8a4344672da..88940ddb453 100644 --- a/reactos/ntoskrnl/se/luid.c +++ b/reactos/ntoskrnl/se/luid.c @@ -1,4 +1,4 @@ -/* $Id: luid.c,v 1.10 2004/08/15 16:39:11 chorns Exp $ +/* $Id$ * * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS kernel @@ -20,15 +20,15 @@ static KSPIN_LOCK LuidLock; static LARGE_INTEGER LuidIncrement; static LARGE_INTEGER LuidValue; -#define SYSTEM_LUID 0x3E7; - /* FUNCTIONS *****************************************************************/ VOID INIT_FUNCTION SepInitLuid(VOID) { + LARGE_INTEGER DummyLuidValue = SYSTEM_LUID; + KeInitializeSpinLock(&LuidLock); - LuidValue.QuadPart = SYSTEM_LUID; + LuidValue = DummyLuidValue; LuidIncrement.QuadPart = 1; } diff --git a/reactos/ntoskrnl/se/sd.c b/reactos/ntoskrnl/se/sd.c index 5c54aa60634..9b90a00ee9b 100644 --- a/reactos/ntoskrnl/se/sd.c +++ b/reactos/ntoskrnl/se/sd.c @@ -1,4 +1,4 @@ -/* $Id: sd.c,v 1.20 2004/08/15 16:39:12 chorns Exp $ +/* $Id$ * * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS kernel @@ -319,7 +319,7 @@ SeValidSecurityDescriptor(IN ULONG Length, IN PSECURITY_DESCRIPTOR SecurityDescriptor) { ULONG SdLength; - PSID Sid; + PISID Sid; PACL Acl; if (Length < SECURITY_DESCRIPTOR_MIN_LENGTH) @@ -355,7 +355,7 @@ SeValidSecurityDescriptor(IN ULONG Length, return FALSE; } - Sid = (PSID)((ULONG_PTR)SecurityDescriptor + (ULONG_PTR)SecurityDescriptor->Owner); + Sid = (PISID)((ULONG_PTR)SecurityDescriptor + (ULONG_PTR)SecurityDescriptor->Owner); if (Sid->Revision != SID_REVISION) { DPRINT1("Invalid Owner SID revision\n"); diff --git a/reactos/ntoskrnl/se/sid.c b/reactos/ntoskrnl/se/sid.c index 91778050813..a067310e3b3 100644 --- a/reactos/ntoskrnl/se/sid.c +++ b/reactos/ntoskrnl/se/sid.c @@ -1,4 +1,4 @@ -/* $Id: sid.c,v 1.16 2003/12/30 18:52:06 fireball Exp $ +/* $Id$ * * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS kernel @@ -11,9 +11,9 @@ /* INCLUDES *****************************************************************/ -#include -#include +#include +#define NDEBUG #include #define TAG_SID TAG('S', 'I', 'D', 'T') @@ -467,230 +467,4 @@ SepInitSecurityIDs(VOID) return(TRUE); } - -/* - * @implemented - */ -BOOLEAN STDCALL -RtlValidSid(PSID Sid) -{ - if ((Sid->Revision & 0xf) != 1) - { - return(FALSE); - } - if (Sid->SubAuthorityCount > 15) - { - return(FALSE); - } - return(TRUE); -} - - -/* - * @implemented - */ -ULONG STDCALL -RtlLengthRequiredSid(UCHAR SubAuthorityCount) -{ - return(sizeof(SID) + (SubAuthorityCount - 1) * sizeof(ULONG)); -} - - -/* - * @implemented - */ -NTSTATUS STDCALL -RtlInitializeSid(PSID Sid, - PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, - UCHAR SubAuthorityCount) -{ - Sid->Revision = 1; - Sid->SubAuthorityCount = SubAuthorityCount; - RtlCopyMemory(&Sid->IdentifierAuthority, - IdentifierAuthority, - sizeof(SID_IDENTIFIER_AUTHORITY)); - return(STATUS_SUCCESS); -} - - -/* - * @implemented - */ -PULONG STDCALL -RtlSubAuthoritySid(PSID Sid, - ULONG SubAuthority) -{ - return(&Sid->SubAuthority[SubAuthority]); -} - - -/* - * @implemented - */ -PUCHAR STDCALL -RtlSubAuthorityCountSid(PSID Sid) -{ - return(&Sid->SubAuthorityCount); -} - - -/* - * @implemented - */ -BOOLEAN STDCALL -RtlEqualSid(PSID Sid1, - PSID Sid2) -{ - if (Sid1->Revision != Sid2->Revision) - { - return(FALSE); - } - if ((*RtlSubAuthorityCountSid(Sid1)) != - (*RtlSubAuthorityCountSid(Sid2))) - { - return(FALSE); - } - if (memcmp(Sid1, Sid2, RtlLengthSid(Sid1)) != 0) - { - return(FALSE); - } - return(TRUE); -} - - -/* - * @implemented - */ -ULONG STDCALL -RtlLengthSid(PSID Sid) -{ - return(sizeof(SID) + (Sid->SubAuthorityCount-1)*4); -} - - -/* - * @implemented - */ -NTSTATUS STDCALL -RtlCopySid(ULONG BufferLength, - PSID Dest, - PSID Src) -{ - if (BufferLength < RtlLengthSid(Src)) - { - return(STATUS_UNSUCCESSFUL); - } - memmove(Dest, Src, RtlLengthSid(Src)); - return(STATUS_SUCCESS); -} - - -NTSTATUS STDCALL -RtlCopySidAndAttributesArray(ULONG Count, - PSID_AND_ATTRIBUTES Src, - ULONG SidAreaSize, - PSID_AND_ATTRIBUTES Dest, - PVOID SidArea, - PVOID* RemainingSidArea, - PULONG RemainingSidAreaSize) -{ - ULONG Length; - ULONG i; - - Length = SidAreaSize; - - for (i=0; i Length) - { - return(STATUS_BUFFER_TOO_SMALL); - } - Length = Length - RtlLengthSid(Src[i].Sid); - Dest[i].Sid = SidArea; - Dest[i].Attributes = Src[i].Attributes; - RtlCopySid(RtlLengthSid(Src[i].Sid), SidArea, Src[i].Sid); - SidArea = (char*)SidArea + RtlLengthSid(Src[i].Sid); - } - *RemainingSidArea = SidArea; - *RemainingSidAreaSize = Length; - return(STATUS_SUCCESS); -} - - -/* - * @implemented - */ -NTSTATUS STDCALL -RtlConvertSidToUnicodeString(PUNICODE_STRING String, - PSID Sid, - BOOLEAN AllocateString) -{ - WCHAR Buffer[256]; - PWSTR Ptr; - ULONG Length; - ULONG i; - - if (!RtlValidSid(Sid)) - return STATUS_INVALID_SID; - - Ptr = Buffer; - Ptr += swprintf (Ptr, - L"S-%u-", - Sid->Revision); - - if(!Sid->IdentifierAuthority.Value[0] && - !Sid->IdentifierAuthority.Value[1]) - { - Ptr += swprintf(Ptr, - L"%u", - (ULONG)Sid->IdentifierAuthority.Value[2] << 24 | - (ULONG)Sid->IdentifierAuthority.Value[3] << 16 | - (ULONG)Sid->IdentifierAuthority.Value[4] << 8 | - (ULONG)Sid->IdentifierAuthority.Value[5]); - } - else - { - Ptr += swprintf(Ptr, - L"0x%02hx%02hx%02hx%02hx%02hx%02hx", - Sid->IdentifierAuthority.Value[0], - Sid->IdentifierAuthority.Value[1], - Sid->IdentifierAuthority.Value[2], - Sid->IdentifierAuthority.Value[3], - Sid->IdentifierAuthority.Value[4], - Sid->IdentifierAuthority.Value[5]); - } - - for (i = 0; i < Sid->SubAuthorityCount; i++) - { - Ptr += swprintf(Ptr, - L"-%u", - Sid->SubAuthority[i]); - } - - Length = (Ptr - Buffer) * sizeof(WCHAR); - - if (AllocateString) - { - String->Buffer = ExAllocatePool(NonPagedPool, - Length + sizeof(WCHAR)); - if (String->Buffer == NULL) - return STATUS_NO_MEMORY; - - String->MaximumLength = Length + sizeof(WCHAR); - } - else - { - if (Length > String->MaximumLength) - return STATUS_BUFFER_TOO_SMALL; - } - String->Length = Length; - memmove(String->Buffer, - Buffer, - Length); - if (Length < String->MaximumLength) - String->Buffer[Length/sizeof(WCHAR)] = 0; - - return STATUS_SUCCESS; -} - /* EOF */ diff --git a/reactos/ntoskrnl/se/token.c b/reactos/ntoskrnl/se/token.c index 91b80566bf3..e4c02aaca82 100644 --- a/reactos/ntoskrnl/se/token.c +++ b/reactos/ntoskrnl/se/token.c @@ -11,13 +11,7 @@ /* INCLUDES *****************************************************************/ -#include -#define NTOS_MODE_KERNEL -#include -#include -#include -#include -#include +#include #define NDEBUG #include @@ -31,8 +25,6 @@ static GENERIC_MAPPING SepTokenMapping = {TOKEN_READ, TOKEN_EXECUTE, TOKEN_ALL_ACCESS}; -//#define SYSTEM_LUID 0x3E7; - /* FUNCTIONS *****************************************************************/ VOID SepFreeProxyData(PVOID ProxyData) @@ -1028,6 +1020,7 @@ NtSetInformationToken(IN HANDLE TokenHandle, * NOTE: Some sources claim 4th param is ImpersonationLevel, but on W2K * this is certainly NOT true, thou i can't say for sure that EffectiveOnly * is correct either. -Gunnar + * This is true. EffectiveOnly overrides SQOS.EffectiveOnly. - IAI */ NTSTATUS STDCALL NtDuplicateToken(IN HANDLE ExistingTokenHandle, @@ -1060,7 +1053,7 @@ NtDuplicateToken(IN HANDLE ExistingTokenHandle, EffectiveOnly, TokenType, ObjectAttributes->SecurityQualityOfService ? - ObjectAttributes->SecurityQualityOfService->ImpersonationLevel : + ((PSECURITY_QUALITY_OF_SERVICE)(ObjectAttributes->SecurityQualityOfService))->ImpersonationLevel : 0 /*SecurityAnonymous*/, PreviousMode, &NewToken); @@ -1645,7 +1638,8 @@ NtCreateToken(OUT PHANDLE UnsafeTokenHandle, AccessToken->Privileges = 0; AccessToken->TokenType = TokenType; - AccessToken->ImpersonationLevel = ObjectAttributes->SecurityQualityOfService->ImpersonationLevel; + AccessToken->ImpersonationLevel = ((PSECURITY_QUALITY_OF_SERVICE) + (ObjectAttributes->SecurityQualityOfService))->ImpersonationLevel; /* * Normally we would just point these members into the variable information