Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-09-30 22:47:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

[SAMSRV]

Browse source 
Implement SamrSetSecurityObject.

svn path=/trunk/; revision=72553
This commit is contained in:
Eric Kohl 2016-09-03 19:45:09 +00:00
parent f77ed4dcd6
commit 7dc1fbc420
2 changed files with 128 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

129
reactos/dll/win32/samsrv/samrpc.c
View file

@ -205,8 +205,133 @@ SamrSetSecurityObject(IN SAMPR_HANDLE ObjectHandle,
IN SECURITY_INFORMATION SecurityInformation,
IN PSAMPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
PSAM_DB_OBJECT DbObject = NULL;
ACCESS_MASK DesiredAccess = 0;
PSECURITY_DESCRIPTOR RelativeSd = NULL;
ULONG RelativeSdSize = 0;
HANDLE TokenHandle = NULL;
PGENERIC_MAPPING Mapping;
NTSTATUS Status;
TRACE("SamrSetSecurityObject(%p %lx %p)\n",
ObjectHandle, SecurityInformation, SecurityDescriptor);
if ((SecurityDescriptor == NULL) ||
(SecurityDescriptor->SecurityDescriptor == NULL) ||
!RtlValidSecurityDescriptor((PSECURITY_DESCRIPTOR)SecurityDescriptor->SecurityDescriptor))
return ERROR_INVALID_PARAMETER;
if (SecurityInformation == 0 ||
SecurityInformation & ~(OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION
| DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION))
return ERROR_INVALID_PARAMETER;
if (SecurityInformation & SACL_SECURITY_INFORMATION)
DesiredAccess |= ACCESS_SYSTEM_SECURITY;
if (SecurityInformation & DACL_SECURITY_INFORMATION)
DesiredAccess |= WRITE_DAC;
if (SecurityInformation & (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION))
DesiredAccess |= WRITE_OWNER;
if ((SecurityInformation & OWNER_SECURITY_INFORMATION) &&
(((PISECURITY_DESCRIPTOR)SecurityDescriptor)->Owner == NULL))
return ERROR_INVALID_PARAMETER;
if ((SecurityInformation & GROUP_SECURITY_INFORMATION) &&
(((PISECURITY_DESCRIPTOR)SecurityDescriptor)->Group == NULL))
return ERROR_INVALID_PARAMETER;
/* Validate the server handle */
Status = SampValidateDbObject(ObjectHandle,
SamDbIgnoreObject,
DesiredAccess,
&DbObject);
if (!NT_SUCCESS(Status))
goto done;
/* Get the mapping for the object type */
switch (DbObject->ObjectType)
{
case SamDbServerObject:
Mapping = &ServerMapping;
break;
case SamDbDomainObject:
Mapping = &DomainMapping;
break;
case SamDbAliasObject:
Mapping = &AliasMapping;
break;
case SamDbGroupObject:
Mapping = &GroupMapping;
break;
case SamDbUserObject:
Mapping = &UserMapping;
break;
default:
return STATUS_INVALID_HANDLE;
}
/* Get the size of the SD */
Status = SampGetObjectAttribute(DbObject,
L"SecDesc",
NULL,
NULL,
&RelativeSdSize);
if (!NT_SUCCESS(Status))
return Status;
/* Allocate a buffer for the SD */
RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(), 0, RelativeSdSize);
if (RelativeSd == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
/* Get the SD */
Status = SampGetObjectAttribute(DbObject,
L"SecDesc",
NULL,
RelativeSd,
&RelativeSdSize);
if (!NT_SUCCESS(Status))
goto done;
/* Build the new security descriptor */
Status = RtlSetSecurityObject(SecurityInformation,
(PSECURITY_DESCRIPTOR)SecurityDescriptor->SecurityDescriptor,
&RelativeSd,
Mapping,
TokenHandle);
if (!NT_SUCCESS(Status))
{
ERR("RtlSetSecurityObject failed (Status 0x%08lx)\n", Status);
goto done;
}
/* Set the modified SD */
Status = SampSetObjectAttribute(DbObject,
L"SecDesc",
REG_BINARY,
RelativeSd,
RtlLengthSecurityDescriptor(RelativeSd));
if (!NT_SUCCESS(Status))
{
ERR("SampSetObjectAttribute failed (Status 0x%08lx)\n", Status);
}
done:
if (TokenHandle != NULL)
NtClose(TokenHandle);
if (RelativeSd != NULL)
RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
return Status;
}

1
reactos/dll/win32/samsrv/samsrv.h
View file

@ -22,6 +22,7 @@
#include <winreg.h>
#define NTOS_MODE_USER
#include <ndk/kefuncs.h>
#include <ndk/obfuncs.h>
#include <ndk/rtlfuncs.h>
#include <ddk/ntsam.h>
#include <sddl.h>