From 9d90e8c107823a56aa2c8f0d40aea701496fb00f Mon Sep 17 00:00:00 2001 From: Eric Kohl Date: Thu, 6 Apr 2000 02:29:57 +0000 Subject: [PATCH] Added some more security functions svn path=/trunk/; revision=1106 --- reactos/include/ddk/sefuncs.h | 21 ++++- reactos/include/security.h | 16 ++-- reactos/lib/advapi32/advapi32.edf | 10 +-- reactos/lib/advapi32/sec/sec.c | 125 +++++++++++++++++++++++++++--- reactos/lib/ntdll/def/ntdll.def | 16 ++-- reactos/lib/ntdll/def/ntdll.edf | 9 ++- reactos/lib/ntdll/makefile | 5 +- reactos/lib/ntdll/rtl/access.c | 64 +++++++++++++++ reactos/lib/ntdll/rtl/sd.c | 109 +++++++++++++++++++++++--- 9 files changed, 331 insertions(+), 44 deletions(-) create mode 100644 reactos/lib/ntdll/rtl/access.c diff --git a/reactos/include/ddk/sefuncs.h b/reactos/include/ddk/sefuncs.h index 5368ff6116c..b3f4e00970f 100644 --- a/reactos/include/ddk/sefuncs.h +++ b/reactos/include/ddk/sefuncs.h @@ -1,6 +1,6 @@ #ifndef _INCLUDE_DDK_SEFUNCS_H #define _INCLUDE_DDK_SEFUNCS_H -/* $Id: sefuncs.h,v 1.8 2000/04/05 15:47:40 ekohl Exp $ */ +/* $Id: sefuncs.h,v 1.9 2000/04/06 02:27:17 ekohl Exp $ */ NTSTATUS STDCALL RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision); NTSTATUS STDCALL RtlQueryInformationAcl (PACL Acl, PVOID Information, ULONG InformationLength, ACL_INFORMATION_CLASS InformationClass); NTSTATUS STDCALL RtlSetInformationAcl (PACL Acl, PVOID Information, ULONG InformationLength, ACL_INFORMATION_CLASS InformationClass); @@ -15,6 +15,7 @@ BOOLEAN STDCALL RtlFirstFreeAce(PACL Acl, PACE* Ace); NTSTATUS STDCALL RtlGetAce(PACL Acl, ULONG AceIndex, PACE *Ace); NTSTATUS STDCALL RtlAbsoluteToSelfRelativeSD (PSECURITY_DESCRIPTOR AbsSD, PSECURITY_DESCRIPTOR RelSD, PULONG BufferLength); +NTSTATUS STDCALL RtlMakeSelfRelativeSD (PSECURITY_DESCRIPTOR AbsSD, PSECURITY_DESCRIPTOR RelSD, PULONG BufferLength); NTSTATUS STDCALL RtlCreateSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, ULONG Revision); BOOLEAN STDCALL RtlValidSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor); ULONG STDCALL RtlLengthSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor); @@ -24,6 +25,20 @@ NTSTATUS STDCALL RtlSetOwnerSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDes NTSTATUS STDCALL RtlGetOwnerSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSID* Owner, PBOOLEAN OwnerDefaulted); NTSTATUS STDCALL RtlSetGroupSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSID Group, BOOLEAN GroupDefaulted); NTSTATUS STDCALL RtlGetGroupSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSID* Group, PBOOLEAN GroupDefaulted); +NTSTATUS STDCALL RtlGetControlSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL Control, PULONG Revision); +NTSTATUS STDCALL RtlSetSaclSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, BOOLEAN SaclPresent, PACL Sacl, BOOLEAN SaclDefaulted); +NTSTATUS STDCALL RtlGetSaclSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PBOOLEAN SaclPresent, PACL* Sacl, PBOOLEAN SaclDefauted); +NTSTATUS STDCALL RtlSelfRelativeToAbsoluteSD (PSECURITY_DESCRIPTOR RelSD, + PSECURITY_DESCRIPTOR AbsSD, + LPDWORD AbsSDSize, + PACL Dacl, + LPDWORD DaclSize, + PACL Sacl, + LPDWORD SaclSize, + PSID Owner, + LPDWORD OwnerSize, + PSID Group, + LPDWORD GroupSize); NTSTATUS STDCALL RtlAllocateAndInitializeSid (PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, UCHAR SubAuthorityCount, @@ -49,6 +64,10 @@ PULONG STDCALL RtlSubAuthoritySid (PSID Sid, ULONG SubAuthority); PUCHAR STDCALL RtlSubAuthorityCountSid (PSID Sid); BOOLEAN STDCALL RtlValidSid (PSID Sid); +BOOLEAN STDCALL RtlAreAllAccessesGranted (ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess); +BOOLEAN STDCALL RtlAreAnyAccessesGranted (ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess); +VOID STDCALL RtlMapGenericMask (PACCESS_MASK AccessMask, PGENERIC_MAPPING GenericMapping); + BOOLEAN STDCALL SeAccessCheck (IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext, IN BOOLEAN SubjectContextLocked, diff --git a/reactos/include/security.h b/reactos/include/security.h index e42b8a97d50..3601c9ea7f5 100644 --- a/reactos/include/security.h +++ b/reactos/include/security.h @@ -28,16 +28,16 @@ typedef ULONG TOKEN_TYPE, *PTOKEN_TYPE; #define TokenPrimary ((TOKEN_TYPE)1) #define TokenImpersonation ((TOKEN_TYPE)2) -typedef ULONG ACCESS_MASK; +typedef ULONG ACCESS_MASK, *PACCESS_MASK; typedef ULONG ACCESS_MODE, *PACCESS_MODE; -typedef struct _SECURITY_QUALITY_OF_SERVICE { - DWORD Length; - SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; +typedef struct _SECURITY_QUALITY_OF_SERVICE { + DWORD Length; + SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; /* SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode; */ - WINBOOL ContextTrackingMode; - BOOLEAN EffectiveOnly; -} SECURITY_QUALITY_OF_SERVICE; + WINBOOL ContextTrackingMode; + BOOLEAN EffectiveOnly; +} SECURITY_QUALITY_OF_SERVICE; typedef SECURITY_QUALITY_OF_SERVICE* PSECURITY_QUALITY_OF_SERVICE; @@ -61,7 +61,7 @@ typedef struct _SID_IDENTIFIER_AUTHORITY #define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1} -typedef struct _SID +typedef struct _SID { UCHAR Revision; UCHAR SubAuthorityCount; diff --git a/reactos/lib/advapi32/advapi32.edf b/reactos/lib/advapi32/advapi32.edf index 71533a2a3e5..65ae9fe7436 100644 --- a/reactos/lib/advapi32/advapi32.edf +++ b/reactos/lib/advapi32/advapi32.edf @@ -1,4 +1,4 @@ -; $Id: advapi32.edf,v 1.7 2000/04/05 01:40:35 ekohl Exp $ +; $Id: advapi32.edf,v 1.8 2000/04/06 02:29:43 ekohl Exp $ ; ; advapi32.def ; @@ -151,7 +151,7 @@ GetSecurityDescriptorDacl=GetSecurityDescriptorDacl@16 GetSecurityDescriptorGroup=GetSecurityDescriptorGroup@12 GetSecurityDescriptorLength=GetSecurityDescriptorLength@4 GetSecurityDescriptorOwner=GetSecurityDescriptorOwner@12 -;GetSecurityDescriptorSacl=GetSecurityDescriptorSacl@16 +GetSecurityDescriptorSacl=GetSecurityDescriptorSacl@16 ;GetSecurityInfo=GetSecurityInfo@32 GetServiceDisplayNameA=GetServiceDisplayNameA@16 GetServiceDisplayNameW=GetServiceDisplayNameW@16 @@ -250,8 +250,8 @@ LockServiceDatabase=LockServiceDatabase@4 ;LsaSetSystemAccessAccount=LsaSetSystemAccessAccount@8 ;LsaSetTrustedDomainInformation=LsaSetTrustedDomainInformation@16 ;LsaStorePrivateData=LsaStorePrivateData@12 -;MakeAbsoluteSD=MakeAbsoluteSD@44 -;MakeSelfRelativeSD=MakeSelfRelativeSD@12 +MakeAbsoluteSD=MakeAbsoluteSD@44 +MakeSelfRelativeSD=MakeSelfRelativeSD@12 ;MapGenericMask=MapGenericMask@8 ;NTAccessMaskToProvAccessRights=NTAccessMaskToProvAccessRights@12 ;NotifyBootConfigStatus=NotifyBootConfigStatus@4 @@ -359,7 +359,7 @@ SetAclInformation=SetAclInformation@16 SetSecurityDescriptorDacl=SetSecurityDescriptorDacl@16 SetSecurityDescriptorGroup=SetSecurityDescriptorGroup@12 SetSecurityDescriptorOwner=SetSecurityDescriptorOwner@12 -;SetSecurityDescriptorSacl=SetSecurityDescriptorSacl@16 +SetSecurityDescriptorSacl=SetSecurityDescriptorSacl@16 ;SetSecurityInfo=SetSecurityInfo@28 ;SetServiceBits=SetServiceBits@16 SetServiceObjectSecurity=SetServiceObjectSecurity@12 diff --git a/reactos/lib/advapi32/sec/sec.c b/reactos/lib/advapi32/sec/sec.c index b68062e79f3..43212a1aafb 100644 --- a/reactos/lib/advapi32/sec/sec.c +++ b/reactos/lib/advapi32/sec/sec.c @@ -21,12 +21,11 @@ GetSecurityDescriptorControl ( LPDWORD lpdwRevision ) { -#if 0 NTSTATUS Status; Status = RtlGetControlSecurityDescriptor (pSecurityDescriptor, pControl, - lpdwRevision); + (PULONG)lpdwRevision); if (!NT_SUCCESS(Status)) { SetLastError (RtlNtStatusToDosError (Status)); @@ -34,10 +33,6 @@ GetSecurityDescriptorControl ( } return TRUE; -#endif - - SetLastError(ERROR_CALL_NOT_IMPLEMENTED); - return FALSE; } @@ -133,7 +128,34 @@ GetSecurityDescriptorOwner ( } -/* GetSecurityDescriptorSacl */ +BOOL +STDCALL +GetSecurityDescriptorSacl ( + PSECURITY_DESCRIPTOR pSecurityDescriptor, + LPBOOL lpbSaclPresent, + PACL *pSacl, + LPBOOL lpbSaclDefaulted + ) +{ + BOOLEAN SaclPresent; + BOOLEAN SaclDefaulted; + NTSTATUS Status; + + Status = RtlGetSaclSecurityDescriptor (pSecurityDescriptor, + &SaclPresent, + pSacl, + &SaclDefaulted); + *lpbSaclPresent = (BOOL)SaclPresent; + *lpbSaclDefaulted = (BOOL)SaclDefaulted; + + if (!NT_SUCCESS(Status)) + { + SetLastError (RtlNtStatusToDosError (Status)); + return FALSE; + } + + return TRUE; +} BOOL @@ -162,13 +184,75 @@ IsValidSecurityDescriptor ( PSECURITY_DESCRIPTOR pSecurityDescriptor ) { - BOOL Result; + BOOLEAN Result; Result = RtlValidSecurityDescriptor (pSecurityDescriptor); if (Result == FALSE) SetLastError (RtlNtStatusToDosError (STATUS_INVALID_SECURITY_DESCR)); - return Result; + return (BOOL)Result; +} + + +WINBOOL +STDCALL +MakeAbsoluteSD ( + PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, + PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, + LPDWORD lpdwAbsoluteSecurityDescriptorSize, + PACL pDacl, + LPDWORD lpdwDaclSize, + PACL pSacl, + LPDWORD lpdwSaclSize, + PSID pOwner, + LPDWORD lpdwOwnerSize, + PSID pPrimaryGroup, + LPDWORD lpdwPrimaryGroupSize + ) +{ + NTSTATUS Status; + + Status = RtlSelfRelativeToAbsoluteSD (pSelfRelativeSecurityDescriptor, + pAbsoluteSecurityDescriptor, + lpdwAbsoluteSecurityDescriptorSize, + pDacl, + lpdwDaclSize, + pSacl, + lpdwSaclSize, + pOwner, + lpdwOwnerSize, + pPrimaryGroup, + lpdwPrimaryGroupSize); + if (!NT_SUCCESS(Status)) + { + SetLastError (RtlNtStatusToDosError (Status)); + return FALSE; + } + + return TRUE; +} + + +WINBOOL +STDCALL +MakeSelfRelativeSD ( + PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, + PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, + LPDWORD lpdwBufferLength + ) +{ + NTSTATUS Status; + + Status = RtlAbsoluteToSelfRelativeSD (pAbsoluteSecurityDescriptor, + pSelfRelativeSecurityDescriptor, + (PULONG)lpdwBufferLength); + if (!NT_SUCCESS(Status)) + { + SetLastError (RtlNtStatusToDosError (Status)); + return FALSE; + } + + return TRUE; } @@ -243,7 +327,28 @@ SetSecurityDescriptorOwner ( } -/* SetSecurityDescriptorSacl */ +BOOL +STDCALL +SetSecurityDescriptorSacl ( + PSECURITY_DESCRIPTOR pSecurityDescriptor, + BOOL bSaclPresent, + PACL pSacl, + BOOL bSaclDefaulted + ) +{ + NTSTATUS Status; + Status = RtlSetSaclSecurityDescriptor (pSecurityDescriptor, + bSaclPresent, + pSacl, + bSaclDefaulted); + if (!NT_SUCCESS(Status)) + { + SetLastError (RtlNtStatusToDosError (Status)); + return FALSE; + } + + return TRUE; +} /* EOF */ diff --git a/reactos/lib/ntdll/def/ntdll.def b/reactos/lib/ntdll/def/ntdll.def index 30cf53f94e7..7dbf4b1b237 100644 --- a/reactos/lib/ntdll/def/ntdll.def +++ b/reactos/lib/ntdll/def/ntdll.def @@ -1,4 +1,4 @@ -; $Id: ntdll.def,v 1.49 2000/04/05 01:38:50 ekohl Exp $ +; $Id: ntdll.def,v 1.50 2000/04/06 02:28:45 ekohl Exp $ ; ; ReactOS Operating System ; @@ -253,8 +253,8 @@ RtlAppendUnicodeStringToString@12 RtlAppendUnicodeToString@12 ;RtlApplyRXact ;RtlApplyRXactNoFlush -;RtlAreAllAccessesGranted -;RtlAreAnyAccessesGranted +RtlAreAllAccessesGranted@8 +RtlAreAnyAccessesGranted@8 RtlAreBitsClear@12 RtlAreBitsSet@12 ;RtlAssert @@ -384,7 +384,7 @@ RtlGetLongestNtPathLength@0 RtlGetOwnerSecurityDescriptor@12 ;RtlGetProcessHeaps RtlGetProcessHeap@0 -;RtlGetSaclSecurityDescriptor +RtlGetSaclSecurityDescriptor@16 ;RtlGetUserInfoHeap ;RtlGuidToPropertySetName RtlIdentifierAuthoritySid@4 @@ -432,8 +432,8 @@ RtlLengthSid@4 RtlLockHeap@4 ;RtlLookupAtomInAtomTable ;RtlLookupElementGenericTable -;RtlMakeSelfRelativeSD -;RtlMapGenericMask +RtlMakeSelfRelativeSD@12 +RtlMapGenericMask@8 RtlMoveMemory@12 RtlMultiByteToUnicodeN@20 RtlMultiByteToUnicodeSize@12 @@ -484,7 +484,7 @@ RtlReleasePebLock@0 ;RtlRunEncodeUnicodeString RtlSecondsSince1970ToTime@8 RtlSecondsSince1980ToTime@8 -;RtlSelfRelatedToAbsoluteSD +RtlSelfRelativeToAbsoluteSD@44 RtlSetAllBits@4 ;RtlSetAttributesSecurityDescriptor RtlSetBits@12 @@ -498,7 +498,7 @@ RtlSetOwnerSecurityDescriptor@12 ;RtlSetProperties ;RtlSetPropertyNames ;RtlSetPropertySetClassId -;RtlSetSaclSecurityDescriptor +RtlSetSaclSecurityDescriptor@16 ;RtlSetSecurityObject ;RtlSetTimeZoneInformation ;RtlSetUnicodeCallouts diff --git a/reactos/lib/ntdll/def/ntdll.edf b/reactos/lib/ntdll/def/ntdll.edf index 3be10f0a7a5..3de8619e1f5 100644 --- a/reactos/lib/ntdll/def/ntdll.edf +++ b/reactos/lib/ntdll/def/ntdll.edf @@ -1,4 +1,4 @@ -; $Id: ntdll.edf,v 1.38 2000/04/05 01:38:50 ekohl Exp $ +; $Id: ntdll.edf,v 1.39 2000/04/06 02:28:45 ekohl Exp $ ; ; ReactOS Operating System ; @@ -236,6 +236,8 @@ RtlAnsiStringToUnicodeSize=RtlAnsiStringToUnicodeSize@4 RtlAnsiStringToUnicodeString=RtlAnsiStringToUnicodeString@12 RtlAppendUnicodeStringToString=RtlAppendUnicodeStringToString@8 RtlAppendUnicodeToString=RtlAppendUnicodeToString@8 +RtlAreAllAccessesGranted=RtlAreAllAccessesGranted@8 +RtlAreAnyAccessesGranted=RtlAreAnyAccessesGranted@8 RtlAreBitsClear=RtlAreBitsClear@12 RtlAreBitsSet=RtlAreBitsSet@12 RtlCharToInteger=RtlCharToInteger@12 @@ -306,6 +308,7 @@ RtlGetGroupSecurityDescriptor=RtlGetGroupSecurityDescriptor@12 RtlGetLongestNtPathLength=RtlGetLongestNtPathLength@0 RtlGetOwnerSecurityDescriptor=RtlGetOwnerSecurityDescriptor@12 RtlGetProcessHeap=RtlGetProcessHeap@0 +RtlGetSaclSecurityDescriptor=RtlGetSaclSecurityDescriptor@16 RtlIdentifierAuthoritySid=RtlIdentifierAuthoritySid@4 RtlImageDirectoryEntryToData=RtlImageDirectoryEntryToData@16 RtlImageNtHeader=RtlImageNtHeader@4 @@ -334,6 +337,8 @@ RtlLengthRequiredSid=RtlLengthRequiredSid@4 RtlLengthSecurityDescriptor=RtlLengthSecurityDescriptor@4 RtlLengthSid=RtlLengthSid@4 RtlLockHeap=RtlLockHeap@4 +RtlMakeSelfRelativeSD=RtlMakeSelfRelativeSD@12 +RtlMapGenericMask=RtlMapGenericMask@8 RtlMoveMemory=RtlMoveMemory@12 RtlMultiByteToUnicodeN=RtlMultiByteToUnicodeN@20 RtlMultiByteToUnicodeSize=RtlMultiByteToUnicodeSize@12 @@ -351,6 +356,7 @@ RtlReAllocateHeap=RtlReAllocateHeap@16 RtlReleasePebLock=RtlReleasePebLock@0 RtlSecondsSince1970ToTime=RtlSecondsSince1970ToTime@8 RtlSecondsSince1980ToTime=RtlSecondsSince1980ToTime@8 +RtlSelfRelativeToAbsoluteSD=RtlSelfRelativeToAbsoluteSD@44 RtlSetAllBits=RtlSetAllBits@4 RtlSetBits=RtlSetBits@12 RtlSetCurrentDirectory_U=RtlSetCurrentDirectory_U@4 @@ -360,6 +366,7 @@ RtlSetEnvironmentVariable=RtlSetEnvironmentVariable@12 RtlSetGroupSecurityDescriptor=RtlSetGroupSecurityDescriptor@12 RtlSetInformationAcl=RtlSetInformationAcl@16 RtlSetOwnerSecurityDescriptor=RtlSetOwnerSecurityDescriptor@12 +RtlSetSaclSecurityDescriptor=RtlSetSaclSecurityDescriptor@16 RtlSizeHeap=RtlSizeHeap@12 RtlSubAuthorityCountSid=RtlSubAuthorityCountSid@4 RtlSubAuthoritySid=RtlSubAuthoritySid@8 diff --git a/reactos/lib/ntdll/makefile b/reactos/lib/ntdll/makefile index 9356c118ae4..2130da7ae83 100644 --- a/reactos/lib/ntdll/makefile +++ b/reactos/lib/ntdll/makefile @@ -1,4 +1,4 @@ -# $Id: makefile,v 1.42 2000/03/18 13:57:43 ekohl Exp $ +# $Id: makefile,v 1.43 2000/04/06 02:28:27 ekohl Exp $ # # ReactOS Operating System # @@ -30,7 +30,8 @@ DBG_OBJECTS = dbg/brkpoint.o dbg/print.o RTL_OBJECTS = rtl/critical.o rtl/error.o rtl/heap.o rtl/largeint.o \ rtl/math.o rtl/mem.o rtl/nls.o rtl/process.o rtl/sd.o \ rtl/thread.o rtl/unicode.o rtl/env.o rtl/path.o rtl/ppb.o \ - rtl/bitmap.o rtl/time.o rtl/acl.o rtl/sid.o rtl/image.o + rtl/bitmap.o rtl/time.o rtl/acl.o rtl/sid.o rtl/image.o \ + rtl/access.o STDIO_OBJECTS = stdio/sprintf.o stdio/swprintf.o diff --git a/reactos/lib/ntdll/rtl/access.c b/reactos/lib/ntdll/rtl/access.c new file mode 100644 index 00000000000..419adbef108 --- /dev/null +++ b/reactos/lib/ntdll/rtl/access.c @@ -0,0 +1,64 @@ +/* $Id: access.c,v 1.1 2000/04/06 02:29:16 ekohl Exp $ + * + * COPYRIGHT: See COPYING in the top level directory + * PROJECT: ReactOS kernel + * PURPOSE: Access rights handling functions + * FILE: lib/ntdll/rtl/access.c + * PROGRAMER: Eric Kohl + * REVISION HISTORY: + * 06/04/2000: Created + */ + +/* INCLUDES *****************************************************************/ + +#include + +#include + +/* FUNCTIONS ***************************************************************/ + +BOOLEAN +STDCALL +RtlAreAllAccessesGranted ( + ACCESS_MASK GrantedAccess, + ACCESS_MASK DesiredAccess + ) +{ + return ((GrantedAccess & DesiredAccess) == DesiredAccess); +} + + +BOOLEAN +STDCALL +RtlAreAnyAccessesGranted ( + ACCESS_MASK GrantedAccess, + ACCESS_MASK DesiredAccess + ) +{ + return ((GrantedAccess & DesiredAccess) != 0); +} + + +VOID +STDCALL +RtlMapGenericMask ( + PACCESS_MASK AccessMask, + PGENERIC_MAPPING GenericMapping + ) +{ + if (*AccessMask & GENERIC_READ) + *AccessMask |= GenericMapping->GenericRead; + + if (*AccessMask & GENERIC_WRITE) + *AccessMask |= GenericMapping->GenericWrite; + + if (*AccessMask & GENERIC_EXECUTE) + *AccessMask |= GenericMapping->GenericExecute; + + if (*AccessMask & GENERIC_ALL) + *AccessMask |= GenericMapping->GenericAll; + + *AccessMask &= 0x0FFFFFFF; +} + +/* EOF */ diff --git a/reactos/lib/ntdll/rtl/sd.c b/reactos/lib/ntdll/rtl/sd.c index a6916060053..638e0545c17 100644 --- a/reactos/lib/ntdll/rtl/sd.c +++ b/reactos/lib/ntdll/rtl/sd.c @@ -1,4 +1,4 @@ -/* $Id: sd.c,v 1.2 2000/03/12 01:17:59 ekohl Exp $ +/* $Id: sd.c,v 1.3 2000/04/06 02:29:16 ekohl Exp $ * * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS kernel @@ -41,9 +41,9 @@ ULONG STDCALL RtlLengthSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescript ULONG Length; PACL Dacl; PACL Sacl; - + Length = sizeof(SECURITY_DESCRIPTOR); - + if (SecurityDescriptor->Owner != NULL) { Owner = SecurityDescriptor->Owner; @@ -153,7 +153,7 @@ NTSTATUS STDCALL RtlSetDaclSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDesc SecurityDescriptor->Control = SecurityDescriptor->Control & ~(0x8); if (DaclDefaulted) { - SecurityDescriptor->Control = SecurityDescriptor->Control | 0x80; + SecurityDescriptor->Control = SecurityDescriptor->Control | 0x8; } return(STATUS_SUCCESS); } @@ -275,7 +275,6 @@ NTSTATUS STDCALL RtlGetGroupSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDes return(STATUS_SUCCESS); } - NTSTATUS STDCALL RtlMakeSelfRelativeSD ( @@ -284,12 +283,9 @@ RtlMakeSelfRelativeSD ( PULONG BufferLength ) { - UNIMPLEMENTED; - } - NTSTATUS STDCALL RtlAbsoluteToSelfRelativeSD ( @@ -306,7 +302,6 @@ RtlAbsoluteToSelfRelativeSD ( return (RtlMakeSelfRelativeSD (AbsSD, RelSD, BufferLength)); } - NTSTATUS STDCALL RtlGetControlSecurityDescriptor ( @@ -325,4 +320,100 @@ RtlGetControlSecurityDescriptor ( return STATUS_SUCCESS; } +NTSTATUS +STDCALL +RtlGetSaclSecurityDescriptor ( + PSECURITY_DESCRIPTOR SecurityDescriptor, + PBOOLEAN SaclPresent, + PACL *Sacl, + PBOOLEAN SaclDefaulted) +{ + if (SecurityDescriptor->Revision != 1) + { + return(STATUS_UNSUCCESSFUL); + } + if (!(SecurityDescriptor->Control & SE_SACL_PRESENT)) + { + *SaclPresent = 0; + return(STATUS_SUCCESS); + } + *SaclPresent = 1; + if (SecurityDescriptor->Sacl == NULL) + { + *Sacl = NULL; + } + else + { + if (SecurityDescriptor->Control & SE_SELF_RELATIVE) + { + *Sacl = (PACL)((ULONG)SecurityDescriptor->Sacl + + (PVOID)SecurityDescriptor); + } + else + { + *Sacl = SecurityDescriptor->Sacl; + } + } + if (SecurityDescriptor->Control & SE_SACL_DEFAULTED) + { + *SaclDefaulted = 1; + } + else + { + *SaclDefaulted = 0; + } + return(STATUS_SUCCESS); +} + +NTSTATUS +STDCALL +RtlSetSaclSecurityDescriptor ( + PSECURITY_DESCRIPTOR SecurityDescriptor, + BOOLEAN SaclPresent, + PACL Sacl, + BOOLEAN SaclDefaulted + ) +{ + if (SecurityDescriptor->Revision != 1) + { + return(STATUS_UNSUCCESSFUL); + } + if (SecurityDescriptor->Control & SE_SELF_RELATIVE) + { + return(STATUS_UNSUCCESSFUL); + } + if (!SaclPresent) + { + SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_PRESENT); + return(STATUS_SUCCESS); + } + SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_PRESENT; + SecurityDescriptor->Sacl = Sacl; + SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_DEFAULTED); + if (SaclDefaulted) + { + SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_DEFAULTED; + } + return(STATUS_SUCCESS); +} + +NTSTATUS +STDCALL +RtlSelfRelativeToAbsoluteSD ( + PSECURITY_DESCRIPTOR RelSD, + PSECURITY_DESCRIPTOR AbsSD, + LPDWORD AbsSDSize, + PACL Dacl, + LPDWORD DaclSize, + PACL Sacl, + LPDWORD SaclSize, + PSID Owner, + LPDWORD OwnerSize, + PSID Group, + LPDWORD GroupSize + ) +{ + UNIMPLEMENTED; +} + /* EOF */