mirror of
https://github.com/reactos/reactos.git
synced 2025-04-05 13:11:22 +00:00
Add some security function stubs.
svn path=/trunk/; revision=9446
This commit is contained in:
Eric Kohl
parent
4a1429bb28
commit
f44bcb1cdb
5 changed files with 123 additions and 53 deletions
|
|
@ -1,4 +1,4 @@
|
|||
; $Id: ntoskrnl.def,v 1.180 2004/05/18 12:24:40 ekohl Exp $
|
||||
; $Id: ntoskrnl.def,v 1.181 2004/05/20 12:42:51 ekohl Exp $
|
||||
;
|
||||
; reactos/ntoskrnl/ntoskrnl.def
|
||||
;
|
||||
|
|
@ -896,7 +896,7 @@ SeDeleteObjectAuditAlarm@8
|
|||
SeExports DATA
|
||||
;SeFreePrivileges@4
|
||||
SeImpersonateClient@8
|
||||
;SeLockSubjectContext@4
|
||||
SeLockSubjectContext@4
|
||||
;SeMarkLogonSessionForTerminationNotification@4
|
||||
SeOpenObjectAuditAlarm@36
|
||||
SeOpenObjectForDeleteAuditAlarm@36
|
||||
|
|
@ -904,19 +904,19 @@ SePrivilegeCheck@12
|
|||
;SePrivilegeObjectAuditAlarm@24
|
||||
SePublicDefaultDacl DATA
|
||||
SeQueryAuthenticationIdToken@8
|
||||
;SeQuerySecurityDescriptorInfo@16
|
||||
SeQuerySecurityDescriptorInfo@16
|
||||
;SeRegisterLogonSessionTerminatedRoutine@4
|
||||
;SeReleaseSecurityDescriptor@12
|
||||
SeReleaseSubjectContext@4
|
||||
;SeSetAccessStateGenericMapping@8
|
||||
;SeSetSecurityDescriptorInfo@24
|
||||
SeSetSecurityDescriptorInfo@24
|
||||
SeSinglePrivilegeCheck@12
|
||||
SeSystemDefaultDacl DATA
|
||||
SeTokenImpersonationLevel@4
|
||||
SeTokenType@4
|
||||
;SeUnlockSubjectContext@4
|
||||
SeUnlockSubjectContext@4
|
||||
;SeUnregisterLogonSessionTerminatedRoutine@4
|
||||
;SeValidSecurityDescriptor@8
|
||||
SeValidSecurityDescriptor@8
|
||||
WRITE_REGISTER_UCHAR@8
|
||||
WRITE_REGISTER_ULONG@8
|
||||
WRITE_REGISTER_USHORT@8
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
; $Id: ntoskrnl.edf,v 1.166 2004/05/18 12:24:40 ekohl Exp $
|
||||
; $Id: ntoskrnl.edf,v 1.167 2004/05/20 12:42:51 ekohl Exp $
|
||||
;
|
||||
; reactos/ntoskrnl/ntoskrnl.def
|
||||
;
|
||||
|
|
@ -896,7 +896,7 @@ SeDeleteObjectAuditAlarm=SeDeleteObjectAuditAlarm@8
|
|||
SeExports DATA
|
||||
;SeFreePrivileges=SeFreePrivileges@4
|
||||
SeImpersonateClient=SeImpersonateClient@8
|
||||
;SeLockSubjectContext=SeLockSubjectContext@4
|
||||
SeLockSubjectContext=SeLockSubjectContext@4
|
||||
;SeMarkLogonSessionForTerminationNotification=SeMarkLogonSessionForTerminationNotification@4
|
||||
SeOpenObjectAuditAlarm=SeOpenObjectAuditAlarm@36
|
||||
SeOpenObjectForDeleteAuditAlarm=SeOpenObjectForDeleteAuditAlarm@36
|
||||
|
|
@ -904,19 +904,19 @@ SePrivilegeCheck=SePrivilegeCheck@12
|
|||
;SePrivilegeObjectAuditAlarm=SePrivilegeObjectAuditAlarm@24
|
||||
SePublicDefaultDacl DATA
|
||||
SeQueryAuthenticationIdToken=SeQueryAuthenticationIdToken@8
|
||||
;SeQuerySecurityDescriptorInfo=SeQuerySecurityDescriptorInfo@16
|
||||
SeQuerySecurityDescriptorInfo=SeQuerySecurityDescriptorInfo@16
|
||||
;SeRegisterLogonSessionTerminatedRoutine=SeRegisterLogonSessionTerminatedRoutine@4
|
||||
;SeReleaseSecurityDescriptor=SeReleaseSecurityDescriptor@12
|
||||
SeReleaseSubjectContext=SeReleaseSubjectContext@4
|
||||
;SeSetAccessStateGenericMapping=SeSetAccessStateGenericMapping@8
|
||||
;SeSetSecurityDescriptorInfo=SeSetSecurityDescriptorInfo@24
|
||||
SeSetSecurityDescriptorInfo=SeSetSecurityDescriptorInfo@24
|
||||
SeSinglePrivilegeCheck=SeSinglePrivilegeCheck@12
|
||||
SeSystemDefaultDacl DATA
|
||||
SeTokenImpersonationLevel=SeTokenImpersonationLevel@4
|
||||
SeTokenType=SeTokenType@4
|
||||
;SeUnlockSubjectContext=SeUnlockSubjectContext@4
|
||||
SeUnlockSubjectContext=SeUnlockSubjectContext@4
|
||||
;SeUnregisterLogonSessionTerminatedRoutine=SeUnregisterLogonSessionTerminatedRoutine@4
|
||||
;SeValidSecurityDescriptor=SeValidSecurityDescriptor@8
|
||||
SeValidSecurityDescriptor=SeValidSecurityDescriptor@8
|
||||
WRITE_REGISTER_UCHAR=WRITE_REGISTER_UCHAR@8
|
||||
WRITE_REGISTER_ULONG=WRITE_REGISTER_ULONG@8
|
||||
WRITE_REGISTER_USHORT=WRITE_REGISTER_USHORT@8
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: audit.c,v 1.3 2004/05/18 12:23:48 ekohl Exp $
|
||||
/* $Id: audit.c,v 1.4 2004/05/20 12:42:11 ekohl Exp $
|
||||
*
|
||||
* COPYRIGHT: See COPYING in the top level directory
|
||||
* PROJECT: ReactOS kernel
|
||||
|
|
@ -101,6 +101,9 @@ NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
|
|||
}
|
||||
|
||||
|
||||
/*
|
||||
* @unimplemented
|
||||
*/
|
||||
VOID STDCALL
|
||||
SeDeleteObjectAuditAlarm(IN PVOID Object,
|
||||
IN HANDLE Handle)
|
||||
|
|
@ -109,6 +112,9 @@ SeDeleteObjectAuditAlarm(IN PVOID Object,
|
|||
}
|
||||
|
||||
|
||||
/*
|
||||
* @unimplemented
|
||||
*/
|
||||
VOID STDCALL
|
||||
SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName,
|
||||
IN PVOID Object OPTIONAL,
|
||||
|
|
@ -124,6 +130,9 @@ SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName,
|
|||
}
|
||||
|
||||
|
||||
/*
|
||||
* @unimplemented
|
||||
*/
|
||||
VOID STDCALL
|
||||
SeOpenObjectForDeleteAuditAlarm(IN PUNICODE_STRING ObjectTypeName,
|
||||
IN PVOID Object OPTIONAL,
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: sd.c,v 1.13 2003/12/30 18:52:06 fireball Exp $
|
||||
/* $Id: sd.c,v 1.14 2004/05/20 12:42:11 ekohl Exp $
|
||||
*
|
||||
* COPYRIGHT: See COPYING in the top level directory
|
||||
* PROJECT: ReactOS kernel
|
||||
|
|
@ -781,4 +781,46 @@ RtlAbsoluteToSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD,
|
|||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @unimplemented
|
||||
*/
|
||||
NTSTATUS STDCALL
|
||||
SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
|
||||
OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
|
||||
IN OUT PULONG Length,
|
||||
IN PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
return STATUS_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @unimplemented
|
||||
*/
|
||||
NTSTATUS STDCALL
|
||||
SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
|
||||
IN PSECURITY_INFORMATION SecurityInformation,
|
||||
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
||||
IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
|
||||
IN POOL_TYPE PoolType,
|
||||
IN PGENERIC_MAPPING GenericMapping)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
return STATUS_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @unimplemented
|
||||
*/
|
||||
BOOLEAN STDCALL
|
||||
SeValidSecurityDescriptor(IN ULONG Length,
|
||||
IN PSECURITY_DESCRIPTOR SecurityDescriptor)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
/* EOF */
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: semgr.c,v 1.29 2004/03/14 18:13:19 ekohl Exp $
|
||||
/* $Id: semgr.c,v 1.30 2004/05/20 12:42:11 ekohl Exp $
|
||||
*
|
||||
* COPYRIGHT: See COPYING in the top level directory
|
||||
* PROJECT: ReactOS kernel
|
||||
|
|
@ -38,20 +38,20 @@ SeInit1(VOID)
|
|||
SepInitLuid();
|
||||
|
||||
if (!SepInitSecurityIDs())
|
||||
return(FALSE);
|
||||
return FALSE;
|
||||
|
||||
if (!SepInitDACLs())
|
||||
return(FALSE);
|
||||
return FALSE;
|
||||
|
||||
if (!SepInitSDs())
|
||||
return(FALSE);
|
||||
return FALSE;
|
||||
|
||||
SepInitPrivileges();
|
||||
|
||||
if (!SepInitExports())
|
||||
return(FALSE);
|
||||
return FALSE;
|
||||
|
||||
return(TRUE);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -60,7 +60,7 @@ SeInit2(VOID)
|
|||
{
|
||||
SepInitializeTokenImplementation();
|
||||
|
||||
return(TRUE);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -87,7 +87,7 @@ SeInitSRM(VOID)
|
|||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
DPRINT1("Failed to create 'Security' directory!\n");
|
||||
return(FALSE);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
/* Create 'LSA_AUTHENTICATION_INITALIZED' event */
|
||||
|
|
@ -105,9 +105,9 @@ SeInitSRM(VOID)
|
|||
FALSE);
|
||||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
DPRINT1("Failed to create 'Security' directory!\n");
|
||||
DPRINT1("Failed to create 'LSA_AUTHENTICATION_INITALIZED' event!\n");
|
||||
NtClose(DirectoryHandle);
|
||||
return(FALSE);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
NtClose(EventHandle);
|
||||
|
|
@ -115,7 +115,7 @@ SeInitSRM(VOID)
|
|||
|
||||
/* FIXME: Create SRM port and listener thread */
|
||||
|
||||
return(TRUE);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -126,7 +126,7 @@ SepInitExports(VOID)
|
|||
sizeof(SE_EXPORTS),
|
||||
TAG_SXPT);
|
||||
if (SeExports == NULL)
|
||||
return(FALSE);
|
||||
return FALSE;
|
||||
|
||||
SeExports->SeCreateTokenPrivilege = SeCreateTokenPrivilege;
|
||||
SeExports->SeAssignPrimaryTokenPrivilege = SeAssignPrimaryTokenPrivilege;
|
||||
|
|
@ -172,7 +172,7 @@ SepInitExports(VOID)
|
|||
SeExports->SeAliasPrintOpsSid = SeAliasPrintOpsSid;
|
||||
SeExports->SeAliasBackupOpsSid = SeAliasBackupOpsSid;
|
||||
|
||||
return(TRUE);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -220,21 +220,7 @@ NtAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
* @implemented
|
||||
*/
|
||||
VOID STDCALL
|
||||
SeReleaseSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext)
|
||||
{
|
||||
ObDereferenceObject (SubjectContext->PrimaryToken);
|
||||
if (SubjectContext->ClientToken != NULL)
|
||||
{
|
||||
ObDereferenceObject (SubjectContext->ClientToken);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
VOID STDCALL
|
||||
SeCaptureSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext)
|
||||
SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
|
||||
{
|
||||
PEPROCESS Process;
|
||||
BOOLEAN CopyOnOpen;
|
||||
|
|
@ -248,7 +234,41 @@ SeCaptureSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext)
|
|||
&CopyOnOpen,
|
||||
&EffectiveOnly,
|
||||
&SubjectContext->ImpersonationLevel);
|
||||
SubjectContext->PrimaryToken = PsReferencePrimaryToken (Process);
|
||||
SubjectContext->PrimaryToken = PsReferencePrimaryToken (Process);
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @unimplemented
|
||||
*/
|
||||
VOID STDCALL
|
||||
SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @implemented
|
||||
*/
|
||||
VOID STDCALL
|
||||
SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
|
||||
{
|
||||
ObDereferenceObject (SubjectContext->PrimaryToken);
|
||||
if (SubjectContext->ClientToken != NULL)
|
||||
{
|
||||
ObDereferenceObject (SubjectContext->ClientToken);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* @unimplemented
|
||||
*/
|
||||
VOID STDCALL
|
||||
SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -360,7 +380,7 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor,
|
|||
if (Descriptor->Control & SE_SACL_PRESENT ||
|
||||
Descriptor->Sacl == NULL ||)
|
||||
{
|
||||
Sacl = NULL;
|
||||
Sacl = NULL;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -379,7 +399,7 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor,
|
|||
GenericMapping);
|
||||
}
|
||||
#else
|
||||
UNIMPLEMENTED;
|
||||
UNIMPLEMENTED;
|
||||
return(STATUS_NOT_IMPLEMENTED);
|
||||
#endif
|
||||
}
|
||||
|
|
@ -449,13 +469,13 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
PACE CurrentAce;
|
||||
PSID Sid;
|
||||
ACCESS_MASK CurrentAccess;
|
||||
|
||||
|
||||
CurrentAccess = PreviouslyGrantedAccess;
|
||||
|
||||
/*
|
||||
|
||||
/*
|
||||
* Ignore the SACL for now
|
||||
*/
|
||||
|
||||
|
||||
/*
|
||||
* Check the DACL
|
||||
*/
|
||||
|
|
@ -467,7 +487,7 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
{
|
||||
return(Status);
|
||||
}
|
||||
|
||||
|
||||
CurrentAce = (PACE)(Dacl + 1);
|
||||
for (i = 0; i < Dacl->AceCount; i++)
|
||||
{
|
||||
|
|
@ -493,16 +513,15 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
if (!(CurrentAccess & DesiredAccess) &&
|
||||
!((~CurrentAccess) & DesiredAccess))
|
||||
{
|
||||
*AccessStatus = STATUS_ACCESS_DENIED;
|
||||
*AccessStatus = STATUS_ACCESS_DENIED;
|
||||
}
|
||||
else
|
||||
{
|
||||
*AccessStatus = STATUS_SUCCESS;
|
||||
}
|
||||
*GrantedAccess = CurrentAccess;
|
||||
|
||||
|
||||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
/* EOF */
|
||||
|
|
|
|||
Loading…
Reference in a new issue