/*
 * regexpl - Console Registry Explorer
 *
 * Copyright (C) 2000-2005 Nedko Arnaudov <nedko@users.sourceforge.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */

// SecurityDescriptor.cpp: implementation of the CSecurityDescriptor class.
//
//////////////////////////////////////////////////////////////////////

#include "ph.h"
#include "SecurityDescriptor.h"

BOOL GetTextualSid(
    PSID pSid,            // binary Sid
    LPTSTR TextualSid,    // buffer for Textual representation of Sid
    LPDWORD lpdwBufferLen // required/provided TextualSid buffersize
    )
{
    PSID_IDENTIFIER_AUTHORITY psia;
    DWORD dwSubAuthorities;
    DWORD dwSidRev=SID_REVISION;
    DWORD dwCounter;
    DWORD dwSidSize;

    // Validate the binary SID.

    if(!IsValidSid(pSid)) return FALSE;

    // Get the identifier authority value from the SID.

    psia = GetSidIdentifierAuthority(pSid);

    // Get the number of subauthorities in the SID.

    dwSubAuthorities = *GetSidSubAuthorityCount(pSid);

    // Compute the buffer length.
    // S-SID_REVISION- + IdentifierAuthority- + subauthorities- + NULL

    dwSidSize=(15 + 12 + (12 * dwSubAuthorities) + 1) * sizeof(TCHAR);

    // Check input buffer length.
    // If too small, indicate the proper size and set last error.

    if (*lpdwBufferLen < dwSidSize)
    {
        *lpdwBufferLen = dwSidSize;
        SetLastError(ERROR_INSUFFICIENT_BUFFER);
        return FALSE;
    }

    // Add 'S' prefix and revision number to the string.

    dwSidSize=wsprintf(TextualSid, TEXT("S-%lu-"), dwSidRev );

    // Add SID identifier authority to the string.

    if ( (psia->Value[0] != 0) || (psia->Value[1] != 0) )
    {
        dwSidSize+=wsprintf(TextualSid + lstrlen(TextualSid),
                    TEXT("0x%02hx%02hx%02hx%02hx%02hx%02hx"),
                    (USHORT)psia->Value[0],
                    (USHORT)psia->Value[1],
                    (USHORT)psia->Value[2],
                    (USHORT)psia->Value[3],
                    (USHORT)psia->Value[4],
                    (USHORT)psia->Value[5]);
    }
    else
    {
        dwSidSize+=wsprintf(TextualSid + lstrlen(TextualSid),
                    TEXT("%lu"),
                    (ULONG)(psia->Value[5]      )   +
                    (ULONG)(psia->Value[4] <<  8)   +
                    (ULONG)(psia->Value[3] << 16)   +
                    (ULONG)(psia->Value[2] << 24)   );
    }

    // Add SID subauthorities to the string.
    //
    for (dwCounter=0 ; dwCounter < dwSubAuthorities ; dwCounter++)
    {
        dwSidSize+=wsprintf(TextualSid + dwSidSize, TEXT("-%lu"),
                    *GetSidSubAuthority(pSid, dwCounter) );
    }

    return TRUE;
}

const TCHAR * GetSidTypeName(SID_NAME_USE Use)
{
	switch(Use)
	{
	case SidTypeUser:
		return _T("User SID");
	case SidTypeGroup:
		return _T("Group SID");
	case SidTypeDomain:
		return _T("Domain SID");
	case SidTypeAlias:
		return _T("Alias SID");
	case SidTypeWellKnownGroup:
		return _T("SID for a well-known group");
	case SidTypeDeletedAccount:
		return _T("SID for a deleted account");
	case SidTypeInvalid:
		return _T("Invalid SID");
	case SidTypeUnknown:
		return _T("Unknown SID type");
	default:
		return _T("Error. Cannot recognize SID type.");
	}
}

//////////////////////////////////////////////////////////////////////
// Construction/Destruction
//////////////////////////////////////////////////////////////////////

CSecurityDescriptor::CSecurityDescriptor()
{
	m_pSecurityDescriptor = NULL;
	m_pCurrentACEHeader = NULL;
}

CSecurityDescriptor::~CSecurityDescriptor()
{
}

void CSecurityDescriptor::AssociateDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor)
{
	m_pSecurityDescriptor = pSecurityDescriptor;
}

DWORD CSecurityDescriptor::BeginDACLInteration()
{
	if (!GetSecurityDescriptorDacl(m_pSecurityDescriptor,&m_blnDACLPresent,&m_pDACL,&m_blnDACLDefaulted))
	{
		throw GetLastError();
	}
	return ERROR_SUCCESS;
}

BOOL CSecurityDescriptor::DescriptorContainsDACL()
{
	return m_blnDACLPresent;
}

DWORD CSecurityDescriptor::BeginSACLInteration()
{
	if (!GetSecurityDescriptorSacl(m_pSecurityDescriptor,&m_blnSACLPresent,&m_pSACL,&m_blnSACLDefaulted))
		throw GetLastError();
	return ERROR_SUCCESS;
}

BOOL CSecurityDescriptor::DescriptorContainsSACL()
{
	return m_blnSACLPresent;
}

BOOL CSecurityDescriptor::HasNULLDACL()
{
	ASSERT(m_blnDACLPresent);
	return (m_pDACL == NULL);
}

BOOL CSecurityDescriptor::HasValidDACL()
{
	ASSERT(m_blnDACLPresent);
	ASSERT(m_pDACL != NULL);
	return IsValidAcl(m_pDACL);
}

BOOL CSecurityDescriptor::HasNULLSACL()
{
	ASSERT(m_blnSACLPresent);
	return (m_pSACL == NULL);
}

BOOL CSecurityDescriptor::HasValidSACL()
{
	ASSERT(m_blnSACLPresent);
	ASSERT(m_pSACL != NULL);
	return IsValidAcl(m_pSACL);
}

DWORD CSecurityDescriptor::GetDACLEntriesCount()
{
	ACL_SIZE_INFORMATION SizeInfo;
	if (!GetAclInformation(m_pDACL,&SizeInfo,sizeof(SizeInfo),AclSizeInformation))
		throw GetLastError();
	return SizeInfo.AceCount;
}

DWORD CSecurityDescriptor::GetSACLEntriesCount()
{
	ACL_SIZE_INFORMATION SizeInfo;
	if (!GetAclInformation(m_pSACL,&SizeInfo,sizeof(SizeInfo),AclSizeInformation))
		throw GetLastError();
	return SizeInfo.AceCount;
}

CSecurityDescriptor::ACEntryType CSecurityDescriptor::GetDACLEntry(DWORD nIndex)
{
	void *pACE;
	if (!GetAce(m_pDACL,nIndex,&pACE)) throw GetLastError();
	m_pCurrentACEHeader = (PACE_HEADER)pACE;
	if (m_pCurrentACEHeader->AceType == ACCESS_ALLOWED_ACE_TYPE)
	{
		return AccessAlowed;
	}
	if (m_pCurrentACEHeader->AceType == ACCESS_DENIED_ACE_TYPE)
	{
		return AccessDenied;
	}
	return Unknown;
}

CSecurityDescriptor::ACEntryType CSecurityDescriptor::GetSACLEntry(DWORD nIndex, BOOL& blnFailedAccess, BOOL& blnSeccessfulAccess)
{
	void *pACE;
	if (!GetAce(m_pSACL,nIndex,&pACE)) throw GetLastError();
	m_pCurrentACEHeader = (PACE_HEADER)pACE;
	if (m_pCurrentACEHeader->AceType == SYSTEM_AUDIT_ACE_TYPE)
	{
		blnFailedAccess = m_pCurrentACEHeader->AceFlags & FAILED_ACCESS_ACE_FLAG;
		blnSeccessfulAccess = m_pCurrentACEHeader->AceFlags & SUCCESSFUL_ACCESS_ACE_FLAG;
		return SystemAudit;
	}
	return Unknown;
}

PSID CSecurityDescriptor::GetCurrentACE_SID()
{
	ASSERT(m_pCurrentACEHeader != NULL);
	switch(m_pCurrentACEHeader->AceType)
	{
	case ACCESS_ALLOWED_ACE_TYPE:
		return ((PSID)&(((ACCESS_ALLOWED_ACE *)m_pCurrentACEHeader)->SidStart));
	case ACCESS_DENIED_ACE_TYPE:
		return ((PSID)&(((ACCESS_DENIED_ACE *)m_pCurrentACEHeader)->SidStart));
	case SYSTEM_AUDIT_ACE_TYPE:
		return ((PSID)&(((SYSTEM_AUDIT_ACE *)m_pCurrentACEHeader)->SidStart));
	default:
		ASSERT(FALSE);	// Do not call this function for unknown ACE types !!!
		return NULL;
	}
}

void CSecurityDescriptor::GetCurrentACE_AccessMask(DWORD& dwMask)
{
	ASSERT(m_pCurrentACEHeader != NULL);
	switch(m_pCurrentACEHeader->AceType)
	{
	case ACCESS_ALLOWED_ACE_TYPE:
		dwMask = (((ACCESS_ALLOWED_ACE *)m_pCurrentACEHeader)->Mask);
		return;
	case ACCESS_DENIED_ACE_TYPE:
		dwMask = (((ACCESS_DENIED_ACE *)m_pCurrentACEHeader)->Mask);
		return;
	case SYSTEM_AUDIT_ACE_TYPE:
		dwMask = (((SYSTEM_AUDIT_ACE *)m_pCurrentACEHeader)->Mask);
		return;
	default:
		ASSERT(FALSE);	// Do not call this function for unknown ACE types !!!
		return;
	}
}

void CSecurityDescriptor::GetCurrentACE_Flags(BYTE& bFlags)
{
	ASSERT(m_pCurrentACEHeader != NULL);
  bFlags = m_pCurrentACEHeader->AceFlags;
}