mirror of
https://github.com/reactos/reactos.git
synced 2024-07-06 20:55:16 +00:00
[SAMSRV]
SamrQuerySecurityObject: Return security information according to the SecurityInformation parameter. svn path=/trunk/; revision=72547
This commit is contained in:
parent
0a7f15c9c6
commit
6c6813d7f7
|
@ -218,10 +218,12 @@ SamrQuerySecurityObject(IN SAMPR_HANDLE ObjectHandle,
|
||||||
OUT PSAMPR_SR_SECURITY_DESCRIPTOR *SecurityDescriptor)
|
OUT PSAMPR_SR_SECURITY_DESCRIPTOR *SecurityDescriptor)
|
||||||
{
|
{
|
||||||
PSAM_DB_OBJECT SamObject;
|
PSAM_DB_OBJECT SamObject;
|
||||||
PSAMPR_SR_SECURITY_DESCRIPTOR SamSD = NULL;
|
PSAMPR_SR_SECURITY_DESCRIPTOR SdData = NULL;
|
||||||
PSECURITY_DESCRIPTOR SdBuffer = NULL;
|
PSECURITY_DESCRIPTOR RelativeSd = NULL;
|
||||||
|
PSECURITY_DESCRIPTOR ResultSd = NULL;
|
||||||
ACCESS_MASK DesiredAccess = 0;
|
ACCESS_MASK DesiredAccess = 0;
|
||||||
ULONG Length = 0;
|
ULONG RelativeSdSize = 0;
|
||||||
|
ULONG ResultSdSize = 0;
|
||||||
NTSTATUS Status;
|
NTSTATUS Status;
|
||||||
|
|
||||||
TRACE("(%p %lx %p)\n",
|
TRACE("(%p %lx %p)\n",
|
||||||
|
@ -248,64 +250,98 @@ SamrQuerySecurityObject(IN SAMPR_HANDLE ObjectHandle,
|
||||||
if (!NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
goto done;
|
goto done;
|
||||||
|
|
||||||
SamSD = midl_user_allocate(sizeof(SAMPR_SR_SECURITY_DESCRIPTOR));
|
/* Get the size of the SD */
|
||||||
if (SamSD == NULL)
|
|
||||||
{
|
|
||||||
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
Status = SampGetObjectAttribute(SamObject,
|
Status = SampGetObjectAttribute(SamObject,
|
||||||
L"SecDesc",
|
L"SecDesc",
|
||||||
NULL,
|
NULL,
|
||||||
NULL,
|
NULL,
|
||||||
&Length);
|
&RelativeSdSize);
|
||||||
if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW)
|
if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW)
|
||||||
{
|
{
|
||||||
TRACE("Status 0x%08lx\n", Status);
|
TRACE("Status 0x%08lx\n", Status);
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
TRACE("SD Length: %lu\n", Length);
|
/* Allocate a buffer for the SD */
|
||||||
|
RelativeSd = midl_user_allocate(RelativeSdSize);
|
||||||
SdBuffer = midl_user_allocate(Length);
|
if (RelativeSd == NULL)
|
||||||
if (SdBuffer == NULL)
|
|
||||||
{
|
{
|
||||||
Status = STATUS_INSUFFICIENT_RESOURCES;
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Get the SD */
|
||||||
Status = SampGetObjectAttribute(SamObject,
|
Status = SampGetObjectAttribute(SamObject,
|
||||||
L"SecDesc",
|
L"SecDesc",
|
||||||
NULL,
|
NULL,
|
||||||
SdBuffer,
|
RelativeSd,
|
||||||
&Length);
|
&RelativeSdSize);
|
||||||
if (!NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
{
|
{
|
||||||
TRACE("Status 0x%08lx\n", Status);
|
TRACE("Status 0x%08lx\n", Status);
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* FIXME: Use SecurityInformation to return only the requested information */
|
/* Invalidate the SD information that was not requested */
|
||||||
|
if (!(SecurityInformation & OWNER_SECURITY_INFORMATION))
|
||||||
|
((PISECURITY_DESCRIPTOR)RelativeSd)->Owner = NULL;
|
||||||
|
|
||||||
SamSD->Length = Length;
|
if (!(SecurityInformation & GROUP_SECURITY_INFORMATION))
|
||||||
SamSD->SecurityDescriptor = SdBuffer;
|
((PISECURITY_DESCRIPTOR)RelativeSd)->Group = NULL;
|
||||||
|
|
||||||
|
if (!(SecurityInformation & DACL_SECURITY_INFORMATION))
|
||||||
|
((PISECURITY_DESCRIPTOR)RelativeSd)->Control &= ~SE_DACL_PRESENT;
|
||||||
|
|
||||||
|
if (!(SecurityInformation & SACL_SECURITY_INFORMATION))
|
||||||
|
((PISECURITY_DESCRIPTOR)RelativeSd)->Control &= ~SE_SACL_PRESENT;
|
||||||
|
|
||||||
|
/* Calculate the required SD size */
|
||||||
|
Status = RtlMakeSelfRelativeSD(RelativeSd,
|
||||||
|
NULL,
|
||||||
|
&ResultSdSize);
|
||||||
|
if (Status != STATUS_BUFFER_TOO_SMALL)
|
||||||
|
goto done;
|
||||||
|
|
||||||
|
/* Allocate a buffer for the new SD */
|
||||||
|
ResultSd = MIDL_user_allocate(ResultSdSize);
|
||||||
|
if (ResultSd == NULL)
|
||||||
|
{
|
||||||
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Build the new SD */
|
||||||
|
Status = RtlMakeSelfRelativeSD(RelativeSd,
|
||||||
|
ResultSd,
|
||||||
|
&ResultSdSize);
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
goto done;
|
||||||
|
|
||||||
|
/* Allocate the SD data buffer */
|
||||||
|
SdData = midl_user_allocate(sizeof(SAMPR_SR_SECURITY_DESCRIPTOR));
|
||||||
|
if (SdData == NULL)
|
||||||
|
{
|
||||||
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Fill the SD data buffer and return it to the caller */
|
||||||
|
SdData->Length = RelativeSdSize;
|
||||||
|
SdData->SecurityDescriptor = (PBYTE)ResultSd;
|
||||||
|
|
||||||
|
*SecurityDescriptor = SdData;
|
||||||
|
|
||||||
done:
|
done:
|
||||||
RtlReleaseResource(&SampResource);
|
RtlReleaseResource(&SampResource);
|
||||||
|
|
||||||
if (NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
{
|
{
|
||||||
*SecurityDescriptor = SamSD;
|
if (ResultSd != NULL)
|
||||||
|
MIDL_user_free(ResultSd);
|
||||||
}
|
}
|
||||||
else
|
|
||||||
{
|
|
||||||
if (SdBuffer != NULL)
|
|
||||||
midl_user_free(SdBuffer);
|
|
||||||
|
|
||||||
if (SamSD != NULL)
|
if (RelativeSd != NULL)
|
||||||
midl_user_free(SamSD);
|
MIDL_user_free(RelativeSd);
|
||||||
}
|
|
||||||
|
|
||||||
return Status;
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue