Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-06-29 01:12:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add some security function stubs.

Browse source 
svn path=/trunk/; revision=9446
This commit is contained in:
Eric Kohl 2004-05-20 12:42:51 +00:00
parent 4a1429bb28
commit f44bcb1cdb
5 changed files with 123 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
reactos/ntoskrnl/ntoskrnl.def
View file

@ -1,4 +1,4 @@
; $Id: ntoskrnl.def,v 1.180 2004/05/18 12:24:40 ekohl Exp $ ; $Id: ntoskrnl.def,v 1.181 2004/05/20 12:42:51 ekohl Exp $
; ;
; reactos/ntoskrnl/ntoskrnl.def ; reactos/ntoskrnl/ntoskrnl.def
; ;
@ -896,7 +896,7 @@ SeDeleteObjectAuditAlarm@8
SeExports DATA SeExports DATA
;SeFreePrivileges@4 ;SeFreePrivileges@4
SeImpersonateClient@8 SeImpersonateClient@8
;SeLockSubjectContext@4 SeLockSubjectContext@4
;SeMarkLogonSessionForTerminationNotification@4 ;SeMarkLogonSessionForTerminationNotification@4
SeOpenObjectAuditAlarm@36 SeOpenObjectAuditAlarm@36
SeOpenObjectForDeleteAuditAlarm@36 SeOpenObjectForDeleteAuditAlarm@36
@ -904,19 +904,19 @@ SePrivilegeCheck@12
;SePrivilegeObjectAuditAlarm@24 ;SePrivilegeObjectAuditAlarm@24
SePublicDefaultDacl DATA SePublicDefaultDacl DATA
SeQueryAuthenticationIdToken@8 SeQueryAuthenticationIdToken@8
;SeQuerySecurityDescriptorInfo@16 SeQuerySecurityDescriptorInfo@16
;SeRegisterLogonSessionTerminatedRoutine@4 ;SeRegisterLogonSessionTerminatedRoutine@4
;SeReleaseSecurityDescriptor@12 ;SeReleaseSecurityDescriptor@12
SeReleaseSubjectContext@4 SeReleaseSubjectContext@4
;SeSetAccessStateGenericMapping@8 ;SeSetAccessStateGenericMapping@8
;SeSetSecurityDescriptorInfo@24 SeSetSecurityDescriptorInfo@24
SeSinglePrivilegeCheck@12 SeSinglePrivilegeCheck@12
SeSystemDefaultDacl DATA SeSystemDefaultDacl DATA
SeTokenImpersonationLevel@4 SeTokenImpersonationLevel@4
SeTokenType@4 SeTokenType@4
;SeUnlockSubjectContext@4 SeUnlockSubjectContext@4
;SeUnregisterLogonSessionTerminatedRoutine@4 ;SeUnregisterLogonSessionTerminatedRoutine@4
;SeValidSecurityDescriptor@8 SeValidSecurityDescriptor@8
WRITE_REGISTER_UCHAR@8 WRITE_REGISTER_UCHAR@8
WRITE_REGISTER_ULONG@8 WRITE_REGISTER_ULONG@8
WRITE_REGISTER_USHORT@8 WRITE_REGISTER_USHORT@8

12
reactos/ntoskrnl/ntoskrnl.edf
View file

@ -1,4 +1,4 @@
; $Id: ntoskrnl.edf,v 1.166 2004/05/18 12:24:40 ekohl Exp $ ; $Id: ntoskrnl.edf,v 1.167 2004/05/20 12:42:51 ekohl Exp $
; ;
; reactos/ntoskrnl/ntoskrnl.def ; reactos/ntoskrnl/ntoskrnl.def
; ;
@ -896,7 +896,7 @@ SeDeleteObjectAuditAlarm=SeDeleteObjectAuditAlarm@8
SeExports DATA SeExports DATA
;SeFreePrivileges=SeFreePrivileges@4 ;SeFreePrivileges=SeFreePrivileges@4
SeImpersonateClient=SeImpersonateClient@8 SeImpersonateClient=SeImpersonateClient@8
;SeLockSubjectContext=SeLockSubjectContext@4 SeLockSubjectContext=SeLockSubjectContext@4
;SeMarkLogonSessionForTerminationNotification=SeMarkLogonSessionForTerminationNotification@4 ;SeMarkLogonSessionForTerminationNotification=SeMarkLogonSessionForTerminationNotification@4
SeOpenObjectAuditAlarm=SeOpenObjectAuditAlarm@36 SeOpenObjectAuditAlarm=SeOpenObjectAuditAlarm@36
SeOpenObjectForDeleteAuditAlarm=SeOpenObjectForDeleteAuditAlarm@36 SeOpenObjectForDeleteAuditAlarm=SeOpenObjectForDeleteAuditAlarm@36
@ -904,19 +904,19 @@ SePrivilegeCheck=SePrivilegeCheck@12
;SePrivilegeObjectAuditAlarm=SePrivilegeObjectAuditAlarm@24 ;SePrivilegeObjectAuditAlarm=SePrivilegeObjectAuditAlarm@24
SePublicDefaultDacl DATA SePublicDefaultDacl DATA
SeQueryAuthenticationIdToken=SeQueryAuthenticationIdToken@8 SeQueryAuthenticationIdToken=SeQueryAuthenticationIdToken@8
;SeQuerySecurityDescriptorInfo=SeQuerySecurityDescriptorInfo@16 SeQuerySecurityDescriptorInfo=SeQuerySecurityDescriptorInfo@16
;SeRegisterLogonSessionTerminatedRoutine=SeRegisterLogonSessionTerminatedRoutine@4 ;SeRegisterLogonSessionTerminatedRoutine=SeRegisterLogonSessionTerminatedRoutine@4
;SeReleaseSecurityDescriptor=SeReleaseSecurityDescriptor@12 ;SeReleaseSecurityDescriptor=SeReleaseSecurityDescriptor@12
SeReleaseSubjectContext=SeReleaseSubjectContext@4 SeReleaseSubjectContext=SeReleaseSubjectContext@4
;SeSetAccessStateGenericMapping=SeSetAccessStateGenericMapping@8 ;SeSetAccessStateGenericMapping=SeSetAccessStateGenericMapping@8
;SeSetSecurityDescriptorInfo=SeSetSecurityDescriptorInfo@24 SeSetSecurityDescriptorInfo=SeSetSecurityDescriptorInfo@24
SeSinglePrivilegeCheck=SeSinglePrivilegeCheck@12 SeSinglePrivilegeCheck=SeSinglePrivilegeCheck@12
SeSystemDefaultDacl DATA SeSystemDefaultDacl DATA
SeTokenImpersonationLevel=SeTokenImpersonationLevel@4 SeTokenImpersonationLevel=SeTokenImpersonationLevel@4
SeTokenType=SeTokenType@4 SeTokenType=SeTokenType@4
;SeUnlockSubjectContext=SeUnlockSubjectContext@4 SeUnlockSubjectContext=SeUnlockSubjectContext@4
;SeUnregisterLogonSessionTerminatedRoutine=SeUnregisterLogonSessionTerminatedRoutine@4 ;SeUnregisterLogonSessionTerminatedRoutine=SeUnregisterLogonSessionTerminatedRoutine@4
;SeValidSecurityDescriptor=SeValidSecurityDescriptor@8 SeValidSecurityDescriptor=SeValidSecurityDescriptor@8
WRITE_REGISTER_UCHAR=WRITE_REGISTER_UCHAR@8 WRITE_REGISTER_UCHAR=WRITE_REGISTER_UCHAR@8
WRITE_REGISTER_ULONG=WRITE_REGISTER_ULONG@8 WRITE_REGISTER_ULONG=WRITE_REGISTER_ULONG@8
WRITE_REGISTER_USHORT=WRITE_REGISTER_USHORT@8 WRITE_REGISTER_USHORT=WRITE_REGISTER_USHORT@8

11
reactos/ntoskrnl/se/audit.c
View file

@ -1,4 +1,4 @@
/* $Id: audit.c,v 1.3 2004/05/18 12:23:48 ekohl Exp $ /* $Id: audit.c,v 1.4 2004/05/20 12:42:11 ekohl Exp $
* *
* COPYRIGHT: See COPYING in the top level directory * COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel * PROJECT: ReactOS kernel
@ -101,6 +101,9 @@ NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
} }
/*
* @unimplemented
*/
VOID STDCALL VOID STDCALL
SeDeleteObjectAuditAlarm(IN PVOID Object, SeDeleteObjectAuditAlarm(IN PVOID Object,
IN HANDLE Handle) IN HANDLE Handle)
@ -109,6 +112,9 @@ SeDeleteObjectAuditAlarm(IN PVOID Object,
} }
/*
* @unimplemented
*/
VOID STDCALL VOID STDCALL
SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName, SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName,
IN PVOID Object OPTIONAL, IN PVOID Object OPTIONAL,
@ -124,6 +130,9 @@ SeOpenObjectAuditAlarm(IN PUNICODE_STRING ObjectTypeName,
} }
/*
* @unimplemented
*/
VOID STDCALL VOID STDCALL
SeOpenObjectForDeleteAuditAlarm(IN PUNICODE_STRING ObjectTypeName, SeOpenObjectForDeleteAuditAlarm(IN PUNICODE_STRING ObjectTypeName,
IN PVOID Object OPTIONAL, IN PVOID Object OPTIONAL,

44
reactos/ntoskrnl/se/sd.c
View file

@ -1,4 +1,4 @@
/* $Id: sd.c,v 1.13 2003/12/30 18:52:06 fireball Exp $ /* $Id: sd.c,v 1.14 2004/05/20 12:42:11 ekohl Exp $
* *
* COPYRIGHT: See COPYING in the top level directory * COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel * PROJECT: ReactOS kernel
@ -781,4 +781,46 @@ RtlAbsoluteToSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD,
return(STATUS_SUCCESS); return(STATUS_SUCCESS);
} }
/*
* @unimplemented
*/
NTSTATUS STDCALL
SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
IN OUT PULONG Length,
IN PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
}
/*
* @unimplemented
*/
NTSTATUS STDCALL
SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
IN PSECURITY_INFORMATION SecurityInformation,
IN PSECURITY_DESCRIPTOR SecurityDescriptor,
IN OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
IN POOL_TYPE PoolType,
IN PGENERIC_MAPPING GenericMapping)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
}
/*
* @unimplemented
*/
BOOLEAN STDCALL
SeValidSecurityDescriptor(IN ULONG Length,
IN PSECURITY_DESCRIPTOR SecurityDescriptor)
{
UNIMPLEMENTED;
return FALSE;
}
/* EOF */ /* EOF */

97
reactos/ntoskrnl/se/semgr.c
View file

@ -1,4 +1,4 @@
/* $Id: semgr.c,v 1.29 2004/03/14 18:13:19 ekohl Exp $ /* $Id: semgr.c,v 1.30 2004/05/20 12:42:11 ekohl Exp $
* *
* COPYRIGHT: See COPYING in the top level directory * COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel * PROJECT: ReactOS kernel
@ -38,20 +38,20 @@ SeInit1(VOID)
SepInitLuid(); SepInitLuid();
if (!SepInitSecurityIDs()) if (!SepInitSecurityIDs())
return(FALSE); return FALSE;
if (!SepInitDACLs()) if (!SepInitDACLs())
return(FALSE); return FALSE;
if (!SepInitSDs()) if (!SepInitSDs())
return(FALSE); return FALSE;
SepInitPrivileges(); SepInitPrivileges();
if (!SepInitExports()) if (!SepInitExports())
return(FALSE); return FALSE;
return(TRUE); return TRUE;
} }
@ -60,7 +60,7 @@ SeInit2(VOID)
{ {
SepInitializeTokenImplementation(); SepInitializeTokenImplementation();
return(TRUE); return TRUE;
} }
@ -87,7 +87,7 @@ SeInitSRM(VOID)
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DPRINT1("Failed to create 'Security' directory!\n"); DPRINT1("Failed to create 'Security' directory!\n");
return(FALSE); return FALSE;
} }
/* Create 'LSA_AUTHENTICATION_INITALIZED' event */ /* Create 'LSA_AUTHENTICATION_INITALIZED' event */
@ -105,9 +105,9 @@ SeInitSRM(VOID)
FALSE); FALSE);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DPRINT1("Failed to create 'Security' directory!\n"); DPRINT1("Failed to create 'LSA_AUTHENTICATION_INITALIZED' event!\n");
NtClose(DirectoryHandle); NtClose(DirectoryHandle);
return(FALSE); return FALSE;
} }
NtClose(EventHandle); NtClose(EventHandle);
@ -115,7 +115,7 @@ SeInitSRM(VOID)
/* FIXME: Create SRM port and listener thread */ /* FIXME: Create SRM port and listener thread */
return(TRUE); return TRUE;
} }
@ -126,7 +126,7 @@ SepInitExports(VOID)
sizeof(SE_EXPORTS), sizeof(SE_EXPORTS),
TAG_SXPT); TAG_SXPT);
if (SeExports == NULL) if (SeExports == NULL)
return(FALSE); return FALSE;
SeExports->SeCreateTokenPrivilege = SeCreateTokenPrivilege; SeExports->SeCreateTokenPrivilege = SeCreateTokenPrivilege;
SeExports->SeAssignPrimaryTokenPrivilege = SeAssignPrimaryTokenPrivilege; SeExports->SeAssignPrimaryTokenPrivilege = SeAssignPrimaryTokenPrivilege;
@ -172,7 +172,7 @@ SepInitExports(VOID)
SeExports->SeAliasPrintOpsSid = SeAliasPrintOpsSid; SeExports->SeAliasPrintOpsSid = SeAliasPrintOpsSid;
SeExports->SeAliasBackupOpsSid = SeAliasBackupOpsSid; SeExports->SeAliasBackupOpsSid = SeAliasBackupOpsSid;
return(TRUE); return TRUE;
} }
@ -220,21 +220,7 @@ NtAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
* @implemented * @implemented
*/ */
VOID STDCALL VOID STDCALL
SeReleaseSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext) SeCaptureSubjectContext(OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
{
ObDereferenceObject (SubjectContext->PrimaryToken);
if (SubjectContext->ClientToken != NULL)
{
ObDereferenceObject (SubjectContext->ClientToken);
}
}
/*
* @implemented
*/
VOID STDCALL
SeCaptureSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext)
{ {
PEPROCESS Process; PEPROCESS Process;
BOOLEAN CopyOnOpen; BOOLEAN CopyOnOpen;
@ -248,7 +234,41 @@ SeCaptureSubjectContext (PSECURITY_SUBJECT_CONTEXT SubjectContext)
&CopyOnOpen, &CopyOnOpen,
&EffectiveOnly, &EffectiveOnly,
&SubjectContext->ImpersonationLevel); &SubjectContext->ImpersonationLevel);
SubjectContext->PrimaryToken = PsReferencePrimaryToken (Process); SubjectContext->PrimaryToken = PsReferencePrimaryToken (Process);
}
/*
* @unimplemented
*/
VOID STDCALL
SeLockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
{
UNIMPLEMENTED;
}
/*
* @implemented
*/
VOID STDCALL
SeReleaseSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
{
ObDereferenceObject (SubjectContext->PrimaryToken);
if (SubjectContext->ClientToken != NULL)
{
ObDereferenceObject (SubjectContext->ClientToken);
}
}
/*
* @unimplemented
*/
VOID STDCALL
SeUnlockSubjectContext(IN PSECURITY_SUBJECT_CONTEXT SubjectContext)
{
UNIMPLEMENTED;
} }
@ -360,7 +380,7 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor,
if (Descriptor->Control & SE_SACL_PRESENT || if (Descriptor->Control & SE_SACL_PRESENT ||
Descriptor->Sacl == NULL ||) Descriptor->Sacl == NULL ||)
{ {
Sacl = NULL; Sacl = NULL;
} }
else else
{ {
@ -379,7 +399,7 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR ParentDescriptor,
GenericMapping); GenericMapping);
} }
#else #else
UNIMPLEMENTED; UNIMPLEMENTED;
return(STATUS_NOT_IMPLEMENTED); return(STATUS_NOT_IMPLEMENTED);
#endif #endif
} }
@ -449,13 +469,13 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
PACE CurrentAce; PACE CurrentAce;
PSID Sid; PSID Sid;
ACCESS_MASK CurrentAccess; ACCESS_MASK CurrentAccess;
CurrentAccess = PreviouslyGrantedAccess; CurrentAccess = PreviouslyGrantedAccess;
/* /*
* Ignore the SACL for now * Ignore the SACL for now
*/ */
/* /*
* Check the DACL * Check the DACL
*/ */
@ -467,7 +487,7 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
{ {
return(Status); return(Status);
} }
CurrentAce = (PACE)(Dacl + 1); CurrentAce = (PACE)(Dacl + 1);
for (i = 0; i < Dacl->AceCount; i++) for (i = 0; i < Dacl->AceCount; i++)
{ {
@ -493,16 +513,15 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
if (!(CurrentAccess & DesiredAccess) && if (!(CurrentAccess & DesiredAccess) &&
!((~CurrentAccess) & DesiredAccess)) !((~CurrentAccess) & DesiredAccess))
{ {
*AccessStatus = STATUS_ACCESS_DENIED; *AccessStatus = STATUS_ACCESS_DENIED;
} }
else else
{ {
*AccessStatus = STATUS_SUCCESS; *AccessStatus = STATUS_SUCCESS;
} }
*GrantedAccess = CurrentAccess; *GrantedAccess = CurrentAccess;
return(STATUS_SUCCESS); return(STATUS_SUCCESS);
} }
/* EOF */ /* EOF */