From 64b9c0f3cc7d3773b517e792e627930371ecdded Mon Sep 17 00:00:00 2001 From: Eric Kohl Date: Thu, 15 Jul 2004 08:15:49 +0000 Subject: [PATCH] Implement RtlAddAuditAccessAceEx(). svn path=/trunk/; revision=10125 --- reactos/include/ntdll/rtl.h | 11 +++++- reactos/lib/ntdll/def/ntdll.def | 3 +- reactos/lib/ntdll/def/ntdll.edf | 3 +- reactos/lib/rtl/acl.c | 69 +++++++++++++++++++++++++++++++++ 4 files changed, 83 insertions(+), 3 deletions(-) diff --git a/reactos/include/ntdll/rtl.h b/reactos/include/ntdll/rtl.h index 7d9895e9a63..7a516483450 100644 --- a/reactos/include/ntdll/rtl.h +++ b/reactos/include/ntdll/rtl.h @@ -1,4 +1,4 @@ -/* $Id: rtl.h,v 1.45 2004/07/08 22:05:48 gvg Exp $ +/* $Id: rtl.h,v 1.46 2004/07/15 08:15:49 ekohl Exp $ * */ @@ -131,6 +131,15 @@ RtlAddAccessDeniedAceEx (IN OUT PACL Acl, IN ACCESS_MASK AccessMask, IN PSID Sid); +NTSTATUS STDCALL +RtlAddAuditAccessAceEx(IN OUT PACL Acl, + IN ULONG Revision, + IN ULONG Flags, + IN ACCESS_MASK AccessMask, + IN PSID Sid, + IN BOOLEAN Success, + IN BOOLEAN Failure); + VOID STDCALL RtlDeleteCriticalSection (PCRITICAL_SECTION CriticalSection); diff --git a/reactos/lib/ntdll/def/ntdll.def b/reactos/lib/ntdll/def/ntdll.def index eabbc65de8a..1b64289a368 100644 --- a/reactos/lib/ntdll/def/ntdll.def +++ b/reactos/lib/ntdll/def/ntdll.def @@ -1,4 +1,4 @@ -; $Id: ntdll.def,v 1.124 2004/07/08 00:40:30 weiden Exp $ +; $Id: ntdll.def,v 1.125 2004/07/15 08:15:20 ekohl Exp $ ; ; ReactOS Operating System ; @@ -294,6 +294,7 @@ RtlAddAce@20 RtlAddAtomToAtomTable@12 ;RtlAddAttributeActionToRXact RtlAddAuditAccessAce@24 +RtlAddAuditAccessAceEx@28 ;RtlAddCompoundAce RtlAddRange@36 RtlAdjustPrivilege@16 diff --git a/reactos/lib/ntdll/def/ntdll.edf b/reactos/lib/ntdll/def/ntdll.edf index ebfbc5a1778..356d63b8006 100644 --- a/reactos/lib/ntdll/def/ntdll.edf +++ b/reactos/lib/ntdll/def/ntdll.edf @@ -1,4 +1,4 @@ -; $Id: ntdll.edf,v 1.114 2004/07/08 00:40:30 weiden Exp $ +; $Id: ntdll.edf,v 1.115 2004/07/15 08:15:21 ekohl Exp $ ; ; ReactOS Operating System ; @@ -294,6 +294,7 @@ RtlAddAce=RtlAddAce@20 RtlAddAtomToAtomTable=RtlAddAtomToAtomTable@12 ;RtlAddAttributeActionToRXact RtlAddAuditAccessAce=RtlAddAuditAccessAce@24 +RtlAddAuditAccessAceEx=RtlAddAuditAccessAceEx@28 ;RtlAddCompoundAce RtlAddRange=RtlAddRange@36 RtlAdjustPrivilege=RtlAdjustPrivilege@16 diff --git a/reactos/lib/rtl/acl.c b/reactos/lib/rtl/acl.c index 1e27a2ed000..c401def39b7 100644 --- a/reactos/lib/rtl/acl.c +++ b/reactos/lib/rtl/acl.c @@ -395,6 +395,75 @@ RtlAddAuditAccessAce(PACL Acl, } +/* + * @implemented + */ +NTSTATUS STDCALL +RtlAddAuditAccessAceEx(PACL Acl, + ULONG Revision, + ULONG Flags, + ACCESS_MASK AccessMask, + PSID Sid, + BOOLEAN Success, + BOOLEAN Failure) +{ + PACE Ace; + + if (Success != FALSE) + { + Flags |= SUCCESSFUL_ACCESS_ACE_FLAG; + } + + if (Failure != FALSE) + { + Flags |= FAILED_ACCESS_ACE_FLAG; + } + + if (!RtlValidSid(Sid)) + { + return STATUS_INVALID_SID; + } + + if (Acl->AclRevision > MAX_ACL_REVISION || + Revision > MAX_ACL_REVISION) + { + return STATUS_REVISION_MISMATCH; + } + + if (Revision < Acl->AclRevision) + { + Revision = Acl->AclRevision; + } + + if (!RtlFirstFreeAce(Acl, &Ace)) + { + return STATUS_INVALID_ACL; + } + + if (Ace == NULL) + { + return STATUS_ALLOTTED_SPACE_EXCEEDED; + } + + if (((PVOID)Ace + RtlLengthSid(Sid) + sizeof(ACE)) >= ((PVOID)Acl + Acl->AclSize)) + { + return STATUS_ALLOTTED_SPACE_EXCEEDED; + } + + Ace->Header.AceFlags = Flags; + Ace->Header.AceType = SYSTEM_AUDIT_ACE_TYPE; + Ace->Header.AceSize = RtlLengthSid(Sid) + sizeof(ACE); + Ace->AccessMask = AccessMask; + RtlCopySid(RtlLengthSid(Sid), + (PSID)(Ace + 1), + Sid); + Acl->AceCount++; + Acl->AclRevision = Revision; + + return STATUS_SUCCESS; +} + + static VOID RtlpDeleteData(PVOID Ace, ULONG AceSize,