[ros-diffs] [akhaldi] 64957: [ADVAPI32] * Move sid.c to the wine folder as a starting point for security.c. CORE-8540

Author: akhaldi Date: Fri Oct 24 14:01:16 2014 New Revision: 64957 URL: http://svn.reactos.org/svn/reactos?rev=64957&view=rev Log: [ADVAPI32] * Move sid.c to the wine folder as a starting point for security.c. CORE-8540 Added: trunk/reactos/dll/win32/advapi32/wine/security.c - copied unchanged from r64935, trunk/reactos/dll/win32/advapi32/sec/sid.c Removed: trunk/reactos/dll/win32/advapi32/sec/sid.c Modified: trunk/reactos/dll/win32/advapi32/CMakeLists.txt trunk/reactos/media/doc/README.WINE Modified: trunk/reactos/dll/win32/advapi32/CMakeLists.txt URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/CMakeLi… ============================================================================== --- trunk/reactos/dll/win32/advapi32/CMakeLists.txt [iso-8859-1] (original) +++ trunk/reactos/dll/win32/advapi32/CMakeLists.txt [iso-8859-1] Fri Oct 24 14:01:16 2014 @@ -32,7 +32,6 @@ sec/misc.c sec/safer.c sec/sec.c - sec/sid.c sec/trustee.c service/eventlog.c service/rpc.c @@ -44,6 +43,7 @@ wine/crypt.c wine/crypt_des.c wine/crypt_lmhash.c + wine/security.c advapi32.h) add_library(advapi32 SHARED Removed: trunk/reactos/dll/win32/advapi32/sec/sid.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/sec/sid… ============================================================================== --- trunk/reactos/dll/win32/advapi32/sec/sid.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/advapi32/sec/sid.c (removed) @@ -1,1987 +0,0 @@ -/* - * COPYRIGHT: See COPYING in the top level directory - * WINE COPYRIGHT: - * Copyright 1999, 2000 Juergen Schmied &lt;juergen.schmied(a)debitel.net&gt; - * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla) - * Copyright 2006 Robert Reif - * Copyright 2006 Hervé Poussineau - * - * PROJECT: ReactOS system libraries - * FILE: dll/win32/advapi32/sec/sid.c - * PURPOSE: Security ID functions - */ - -#include <advapi32.h> - -#include <sddl.h> - -WINE_DEFAULT_DEBUG_CHANNEL(advapi); - -#define MAX_GUID_STRING_LEN 39 - -BOOL WINAPI -AddAuditAccessAceEx(PACL pAcl, - DWORD dwAceRevision, - DWORD AceFlags, - DWORD dwAccessMask, - PSID pSid, - BOOL bAuditSuccess, - BOOL bAuditFailure); - -typedef struct RECORD -{ - LPCWSTR key; - DWORD value; -} RECORD; - - -typedef struct _MAX_SID -{ - /* same fields as struct _SID */ - BYTE Revision; - BYTE SubAuthorityCount; - SID_IDENTIFIER_AUTHORITY IdentifierAuthority; - DWORD SubAuthority[SID_MAX_SUB_AUTHORITIES]; -} MAX_SID; - -typedef struct WELLKNOWNSID -{ - WCHAR wstr[2]; - WELL_KNOWN_SID_TYPE Type; - MAX_SID Sid; -} WELLKNOWNSID; - -typedef struct _ACEFLAG -{ - LPCWSTR wstr; - DWORD value; -} ACEFLAG, *LPACEFLAG; - -static const WELLKNOWNSID WellKnownSids[] = -{ - { {0,0}, WinNullSid, { SID_REVISION, 1, { SECURITY_NULL_SID_AUTHORITY }, { SECURITY_NULL_RID } } }, - { {'W','D'}, WinWorldSid, { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY }, { SECURITY_WORLD_RID } } }, - { {0,0}, WinLocalSid, { SID_REVISION, 1, { SECURITY_LOCAL_SID_AUTHORITY }, { SECURITY_LOCAL_RID } } }, - { {'C','O'}, WinCreatorOwnerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_RID } } }, - { {'C','G'}, WinCreatorGroupSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_RID } } }, - { {0,0}, WinCreatorOwnerServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_OWNER_SERVER_RID } } }, - { {0,0}, WinCreatorGroupServerSid, { SID_REVISION, 1, { SECURITY_CREATOR_SID_AUTHORITY }, { SECURITY_CREATOR_GROUP_SERVER_RID } } }, - { {0,0}, WinNtAuthoritySid, { SID_REVISION, 0, { SECURITY_NT_AUTHORITY }, { SECURITY_NULL_RID } } }, - { {0,0}, WinDialupSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_DIALUP_RID } } }, - { {'N','U'}, WinNetworkSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_RID } } }, - { {0,0}, WinBatchSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BATCH_RID } } }, - { {'I','U'}, WinInteractiveSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_INTERACTIVE_RID } } }, - { {'S','U'}, WinServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_SERVICE_RID } } }, - { {'A','N'}, WinAnonymousSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ANONYMOUS_LOGON_RID } } }, - { {0,0}, WinProxySid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PROXY_RID } } }, - { {'E','D'}, WinEnterpriseControllersSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ENTERPRISE_CONTROLLERS_RID } } }, - { {'P','S'}, WinSelfSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_PRINCIPAL_SELF_RID } } }, - { {'A','U'}, WinAuthenticatedUserSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_AUTHENTICATED_USER_RID } } }, - { {'R','C'}, WinRestrictedCodeSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_RESTRICTED_CODE_RID } } }, - { {0,0}, WinTerminalServerSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_TERMINAL_SERVER_RID } } }, - { {0,0}, WinRemoteLogonIdSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_REMOTE_LOGON_RID } } }, - { {'S','Y'}, WinLocalSystemSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SYSTEM_RID } } }, - { {'L','S'}, WinLocalServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SERVICE_RID } } }, - { {'N','S'}, WinNetworkServiceSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_NETWORK_SERVICE_RID } } }, - { {0,0}, WinBuiltinDomainSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID } } }, - { {'B','A'}, WinBuiltinAdministratorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS } } }, - { {'B','U'}, WinBuiltinUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_USERS } } }, - { {'B','G'}, WinBuiltinGuestsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_GUESTS } } }, - { {'P','U'}, WinBuiltinPowerUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_POWER_USERS } } }, - { {'A','O'}, WinBuiltinAccountOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ACCOUNT_OPS } } }, - { {'S','O'}, WinBuiltinSystemOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_SYSTEM_OPS } } }, - { {'P','O'}, WinBuiltinPrintOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PRINT_OPS } } }, - { {'B','O'}, WinBuiltinBackupOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_BACKUP_OPS } } }, - { {'R','E'}, WinBuiltinReplicatorSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REPLICATOR } } }, - { {'R','U'}, WinBuiltinPreWindows2000CompatibleAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_PREW2KCOMPACCESS } } }, - { {'R','D'}, WinBuiltinRemoteDesktopUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS } } }, - { {'N','O'}, WinBuiltinNetworkConfigurationOperatorsSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS } } }, - { {0,0}, WinNTLMAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_NTLM_RID } } }, - { {0,0}, WinDigestAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_DIGEST_RID } } }, - { {0,0}, WinSChannelAuthenticationSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_PACKAGE_BASE_RID, SECURITY_PACKAGE_SCHANNEL_RID } } }, - { {0,0}, WinThisOrganizationSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_THIS_ORGANIZATION_RID } } }, - { {0,0}, WinOtherOrganizationSid, { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_OTHER_ORGANIZATION_RID } } }, - { {0,0}, WinBuiltinIncomingForestTrustBuildersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS } } }, - { {0,0}, WinBuiltinPerfMonitoringUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_MONITORING_USERS } } }, - { {0,0}, WinBuiltinPerfLoggingUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_LOGGING_USERS } } }, - { {0,0}, WinBuiltinAuthorizationAccessSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS } } }, - { {0,0}, WinBuiltinTerminalServerLicenseServersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS } } }, - { {0,0}, WinBuiltinDCOMUsersSid, { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_DCOM_USERS } } }, - { {'L','W'}, WinLowLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_LOW_RID} } }, - { {'M','E'}, WinMediumLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_MEDIUM_RID } } }, - { {'H','I'}, WinHighLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_HIGH_RID } } }, - { {'S','I'}, WinSystemLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_SYSTEM_RID } } }, -}; - -typedef struct WELLKNOWNRID -{ - WELL_KNOWN_SID_TYPE Type; - DWORD Rid; -} WELLKNOWNRID; - -static const WELLKNOWNRID WellKnownRids[] = { - { WinAccountAdministratorSid, DOMAIN_USER_RID_ADMIN }, - { WinAccountGuestSid, DOMAIN_USER_RID_GUEST }, - { WinAccountKrbtgtSid, DOMAIN_USER_RID_KRBTGT }, - { WinAccountDomainAdminsSid, DOMAIN_GROUP_RID_ADMINS }, - { WinAccountDomainUsersSid, DOMAIN_GROUP_RID_USERS }, - { WinAccountDomainGuestsSid, DOMAIN_GROUP_RID_GUESTS }, - { WinAccountComputersSid, DOMAIN_GROUP_RID_COMPUTERS }, - { WinAccountControllersSid, DOMAIN_GROUP_RID_CONTROLLERS }, - { WinAccountCertAdminsSid, DOMAIN_GROUP_RID_CERT_ADMINS }, - { WinAccountSchemaAdminsSid, DOMAIN_GROUP_RID_SCHEMA_ADMINS }, - { WinAccountEnterpriseAdminsSid, DOMAIN_GROUP_RID_ENTERPRISE_ADMINS }, - { WinAccountPolicyAdminsSid, DOMAIN_GROUP_RID_POLICY_ADMINS }, - { WinAccountRasAndIasServersSid, DOMAIN_ALIAS_RID_RAS_SERVERS }, -}; - -static const SID sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } }; - -/* - * ACE types - */ -static const WCHAR SDDL_ACCESS_ALLOWED[] = {'A',0}; -static const WCHAR SDDL_ACCESS_DENIED[] = {'D',0}; -static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[] = {'O','A',0}; -static const WCHAR SDDL_OBJECT_ACCESS_DENIED[] = {'O','D',0}; -static const WCHAR SDDL_AUDIT[] = {'A','U',0}; -static const WCHAR SDDL_ALARM[] = {'A','L',0}; -static const WCHAR SDDL_OBJECT_AUDIT[] = {'O','U',0}; -static const WCHAR SDDL_OBJECT_ALARM[] = {'O','L',0}; - -/* - * SDDL ADS Rights - */ -#define ADS_RIGHT_DS_CREATE_CHILD 0x0001 -#define ADS_RIGHT_DS_DELETE_CHILD 0x0002 -#define ADS_RIGHT_ACTRL_DS_LIST 0x0004 -#define ADS_RIGHT_DS_SELF 0x0008 -#define ADS_RIGHT_DS_READ_PROP 0x0010 -#define ADS_RIGHT_DS_WRITE_PROP 0x0020 -#define ADS_RIGHT_DS_DELETE_TREE 0x0040 -#define ADS_RIGHT_DS_LIST_OBJECT 0x0080 -#define ADS_RIGHT_DS_CONTROL_ACCESS 0x0100 - -/* - * ACE flags - */ -static const WCHAR SDDL_CONTAINER_INHERIT[] = {'C','I',0}; -static const WCHAR SDDL_OBJECT_INHERIT[] = {'O','I',0}; -static const WCHAR SDDL_NO_PROPAGATE[] = {'N','P',0}; -static const WCHAR SDDL_INHERIT_ONLY[] = {'I','O',0}; -static const WCHAR SDDL_INHERITED[] = {'I','D',0}; -static const WCHAR SDDL_AUDIT_SUCCESS[] = {'S','A',0}; -static const WCHAR SDDL_AUDIT_FAILURE[] = {'F','A',0}; - -static const char * debugstr_sid(PSID sid) -{ - int auth = 0; - SID * psid = (SID *)sid; - - if (psid == NULL) - return "(null)"; - - auth = psid->IdentifierAuthority.Value[5] + - (psid->IdentifierAuthority.Value[4] << 8) + - (psid->IdentifierAuthority.Value[3] << 16) + - (psid->IdentifierAuthority.Value[2] << 24); - - switch (psid->SubAuthorityCount) { - case 0: - return wine_dbg_sprintf("S-%d-%d", psid->Revision, auth); - case 1: - return wine_dbg_sprintf("S-%d-%d-%lu", psid->Revision, auth, - psid->SubAuthority[0]); - case 2: - return wine_dbg_sprintf("S-%d-%d-%lu-%lu", psid->Revision, auth, - psid->SubAuthority[0], psid->SubAuthority[1]); - case 3: - return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu", psid->Revision, auth, - psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2]); - case 4: - return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu", psid->Revision, auth, - psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2], - psid->SubAuthority[3]); - case 5: - return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth, - psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2], - psid->SubAuthority[3], psid->SubAuthority[4]); - case 6: - return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth, - psid->SubAuthority[3], psid->SubAuthority[1], psid->SubAuthority[2], - psid->SubAuthority[0], psid->SubAuthority[4], psid->SubAuthority[5]); - case 7: - return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth, - psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2], - psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5], - psid->SubAuthority[6]); - case 8: - return wine_dbg_sprintf("S-%d-%d-%lu-%lu-%lu-%lu-%lu-%lu-%lu-%lu", psid->Revision, auth, - psid->SubAuthority[0], psid->SubAuthority[1], psid->SubAuthority[2], - psid->SubAuthority[3], psid->SubAuthority[4], psid->SubAuthority[5], - psid->SubAuthority[6], psid->SubAuthority[7]); - } - return "(too-big)"; -} - -static const ACEFLAG AceRights[] = -{ - { SDDL_GENERIC_ALL, GENERIC_ALL }, - { SDDL_GENERIC_READ, GENERIC_READ }, - { SDDL_GENERIC_WRITE, GENERIC_WRITE }, - { SDDL_GENERIC_EXECUTE, GENERIC_EXECUTE }, - - { SDDL_READ_CONTROL, READ_CONTROL }, - { SDDL_STANDARD_DELETE, DELETE }, - { SDDL_WRITE_DAC, WRITE_DAC }, - { SDDL_WRITE_OWNER, WRITE_OWNER }, - - { SDDL_READ_PROPERTY, ADS_RIGHT_DS_READ_PROP}, - { SDDL_WRITE_PROPERTY, ADS_RIGHT_DS_WRITE_PROP}, - { SDDL_CREATE_CHILD, ADS_RIGHT_DS_CREATE_CHILD}, - { SDDL_DELETE_CHILD, ADS_RIGHT_DS_DELETE_CHILD}, - { SDDL_LIST_CHILDREN, ADS_RIGHT_ACTRL_DS_LIST}, - { SDDL_SELF_WRITE, ADS_RIGHT_DS_SELF}, - { SDDL_LIST_OBJECT, ADS_RIGHT_DS_LIST_OBJECT}, - { SDDL_DELETE_TREE, ADS_RIGHT_DS_DELETE_TREE}, - { SDDL_CONTROL_ACCESS, ADS_RIGHT_DS_CONTROL_ACCESS}, - - { SDDL_FILE_ALL, FILE_ALL_ACCESS }, - { SDDL_FILE_READ, FILE_GENERIC_READ }, - { SDDL_FILE_WRITE, FILE_GENERIC_WRITE }, - { SDDL_FILE_EXECUTE, FILE_GENERIC_EXECUTE }, - - { SDDL_KEY_ALL, KEY_ALL_ACCESS }, - { SDDL_KEY_READ, KEY_READ }, - { SDDL_KEY_WRITE, KEY_WRITE }, - { SDDL_KEY_EXECUTE, KEY_EXECUTE }, - { NULL, 0 }, -}; - -static const LPCWSTR AceRightBitNames[32] = { - SDDL_CREATE_CHILD, /* 0 */ - SDDL_DELETE_CHILD, - SDDL_LIST_CHILDREN, - SDDL_SELF_WRITE, - SDDL_READ_PROPERTY, /* 4 */ - SDDL_WRITE_PROPERTY, - SDDL_DELETE_TREE, - SDDL_LIST_OBJECT, - SDDL_CONTROL_ACCESS, /* 8 */ - NULL, - NULL, - NULL, - NULL, /* 12 */ - NULL, - NULL, - NULL, - SDDL_STANDARD_DELETE, /* 16 */ - SDDL_READ_CONTROL, - SDDL_WRITE_DAC, - SDDL_WRITE_OWNER, - NULL, /* 20 */ - NULL, - NULL, - NULL, - NULL, /* 24 */ - NULL, - NULL, - NULL, - SDDL_GENERIC_ALL, /* 28 */ - SDDL_GENERIC_EXECUTE, - SDDL_GENERIC_WRITE, - SDDL_GENERIC_READ -}; - - -/* set last error code from NT status and get the proper boolean return value */ -/* used for functions that are a simple wrapper around the corresponding ntdll API */ -static __inline BOOL set_ntstatus( NTSTATUS status ) -{ - if (status) SetLastError( RtlNtStatusToDosError( status )); - return !status; -} - - -/* Exported functions */ - -/* - * @implemented - */ -BOOL WINAPI -AllocateLocallyUniqueId(PLUID Luid) -{ - NTSTATUS Status; - - Status = NtAllocateLocallyUniqueId (Luid); - if (!NT_SUCCESS (Status)) - { - SetLastError(RtlNtStatusToDosError(Status)); - return FALSE; - } - - return TRUE; -} - - -/* - * @implemented - */ -BOOL WINAPI -AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, - BYTE nSubAuthorityCount, - DWORD dwSubAuthority0, - DWORD dwSubAuthority1, - DWORD dwSubAuthority2, - DWORD dwSubAuthority3, - DWORD dwSubAuthority4, - DWORD dwSubAuthority5, - DWORD dwSubAuthority6, - DWORD dwSubAuthority7, - PSID *pSid) -{ - NTSTATUS Status; - - Status = RtlAllocateAndInitializeSid(pIdentifierAuthority, - nSubAuthorityCount, - dwSubAuthority0, - dwSubAuthority1, - dwSubAuthority2, - dwSubAuthority3, - dwSubAuthority4, - dwSubAuthority5, - dwSubAuthority6, - dwSubAuthority7, - pSid); - if (!NT_SUCCESS(Status)) - { - SetLastError(RtlNtStatusToDosError(Status)); - return FALSE; - } - - return TRUE; -} - - -/* - * @implemented - */ -BOOL WINAPI -CopySid(DWORD nDestinationSidLength, - PSID pDestinationSid, - PSID pSourceSid) -{ - NTSTATUS Status; - - Status = RtlCopySid(nDestinationSidLength, - pDestinationSid, - pSourceSid); - if (!NT_SUCCESS (Status)) - { - SetLastError(RtlNtStatusToDosError(Status)); - return FALSE; - } - - return TRUE; -} - -static void DumpString(LPCWSTR string, int cch, WCHAR **pwptr, ULONG *plen) -{ - if (cch == -1) - cch = strlenW(string); - - if (plen) - *plen += cch; - - if (pwptr) - { - memcpy(*pwptr, string, sizeof(WCHAR)*cch); - *pwptr += cch; - } -} - -static BOOL DumpSidNumeric(PSID psid, WCHAR **pwptr, ULONG *plen) -{ - DWORD i; - WCHAR fmt[] = { 'S','-','%','u','-','%','d',0 }; - WCHAR subauthfmt[] = { '-','%','u',0 }; - WCHAR buf[26]; - SID *pisid = psid; - - if( !IsValidSid( psid ) || pisid->Revision != SDDL_REVISION) - { - SetLastError(ERROR_INVALID_SID); - return FALSE; - } - - if (pisid->IdentifierAuthority.Value[0] || - pisid->IdentifierAuthority.Value[1]) - { - FIXME("not matching MS' bugs\n"); - SetLastError(ERROR_INVALID_SID); - return FALSE; - } - - sprintfW( buf, fmt, pisid->Revision, - MAKELONG( - MAKEWORD( pisid->IdentifierAuthority.Value[5], - pisid->IdentifierAuthority.Value[4] ), - MAKEWORD( pisid->IdentifierAuthority.Value[3], - pisid->IdentifierAuthority.Value[2] ) - ) ); - DumpString(buf, -1, pwptr, plen); - - for( i=0; i<pisid->SubAuthorityCount; i++ ) - { - sprintfW( buf, subauthfmt, pisid->SubAuthority[i] ); - DumpString(buf, -1, pwptr, plen); - } - return TRUE; -} - -static BOOL DumpSid(PSID psid, WCHAR **pwptr, ULONG *plen) -{ - size_t i; - for (i = 0; i < sizeof(WellKnownSids) / sizeof(WellKnownSids[0]); i++) - { - if (WellKnownSids[i].wstr[0] && EqualSid(psid, (PSID)&(WellKnownSids[i].Sid.Revision))) - { - DumpString(WellKnownSids[i].wstr, 2, pwptr, plen); - return TRUE; - } - } - - return DumpSidNumeric(psid, pwptr, plen); -} - -static void DumpRights(DWORD mask, WCHAR **pwptr, ULONG *plen) -{ - static const WCHAR fmtW[] = {'0','x','%','x',0}; - WCHAR buf[15]; - size_t i; - - if (mask == 0) - return; - - /* first check if the right have name */ - for (i = 0; i < sizeof(AceRights)/sizeof(AceRights[0]); i++) - { - if (AceRights[i].wstr == NULL) - break; - if (mask == AceRights[i].value) - { - DumpString(AceRights[i].wstr, -1, pwptr, plen); - return; - } - } - - /* then check if it can be built from bit names */ - for (i = 0; i < 32; i++) - { - if ((mask & (1 << i)) && (AceRightBitNames[i] == NULL)) - { - /* can't be built from bit names */ - sprintfW(buf, fmtW, mask); - DumpString(buf, -1, pwptr, plen); - return; - } - } - - /* build from bit names */ - for (i = 0; i < 32; i++) - if (mask & (1 << i)) - DumpString(AceRightBitNames[i], -1, pwptr, plen); -} - -static BOOL DumpAce(LPVOID pace, WCHAR **pwptr, ULONG *plen) -{ - ACCESS_ALLOWED_ACE *piace; /* all the supported ACEs have the same memory layout */ - static const WCHAR openbr = '('; - static const WCHAR closebr = ')'; - static const WCHAR semicolon = ';'; - - if (((PACE_HEADER)pace)->AceType > SYSTEM_ALARM_ACE_TYPE || ((PACE_HEADER)pace)->AceSize < sizeof(ACCESS_ALLOWED_ACE)) - { - SetLastError(ERROR_INVALID_ACL); - return FALSE; - } - - piace = pace; - DumpString(&openbr, 1, pwptr, plen); - switch (piace->Header.AceType) - { - case ACCESS_ALLOWED_ACE_TYPE: - DumpString(SDDL_ACCESS_ALLOWED, -1, pwptr, plen); - break; - case ACCESS_DENIED_ACE_TYPE: - DumpString(SDDL_ACCESS_DENIED, -1, pwptr, plen); - break; - case SYSTEM_AUDIT_ACE_TYPE: - DumpString(SDDL_AUDIT, -1, pwptr, plen); - break; - case SYSTEM_ALARM_ACE_TYPE: - DumpString(SDDL_ALARM, -1, pwptr, plen); - break; - } - DumpString(&semicolon, 1, pwptr, plen); - - if (piace->Header.AceFlags & OBJECT_INHERIT_ACE) - DumpString(SDDL_OBJECT_INHERIT, -1, pwptr, plen); - if (piace->Header.AceFlags & CONTAINER_INHERIT_ACE) - DumpString(SDDL_CONTAINER_INHERIT, -1, pwptr, plen); - if (piace->Header.AceFlags & NO_PROPAGATE_INHERIT_ACE) - DumpString(SDDL_NO_PROPAGATE, -1, pwptr, plen); - if (piace->Header.AceFlags & INHERIT_ONLY_ACE) - DumpString(SDDL_INHERIT_ONLY, -1, pwptr, plen); - if (piace->Header.AceFlags & INHERITED_ACE) - DumpString(SDDL_INHERITED, -1, pwptr, plen); - if (piace->Header.AceFlags & SUCCESSFUL_ACCESS_ACE_FLAG) - DumpString(SDDL_AUDIT_SUCCESS, -1, pwptr, plen); - if (piace->Header.AceFlags & FAILED_ACCESS_ACE_FLAG) - DumpString(SDDL_AUDIT_FAILURE, -1, pwptr, plen); - DumpString(&semicolon, 1, pwptr, plen); - DumpRights(piace->Mask, pwptr, plen); - DumpString(&semicolon, 1, pwptr, plen); - /* objects not supported */ - DumpString(&semicolon, 1, pwptr, plen); - /* objects not supported */ - DumpString(&semicolon, 1, pwptr, plen); - if (!DumpSid((PSID)&piace->SidStart, pwptr, plen)) - return FALSE; - DumpString(&closebr, 1, pwptr, plen); - return TRUE; -} - -static BOOL DumpAcl(PACL pacl, WCHAR **pwptr, ULONG *plen, BOOL protected, BOOL autoInheritReq, BOOL autoInherited) -{ - WORD count; - int i; - - if (protected) - DumpString(SDDL_PROTECTED, -1, pwptr, plen); - if (autoInheritReq) - DumpString(SDDL_AUTO_INHERIT_REQ, -1, pwptr, plen); - if (autoInherited) - DumpString(SDDL_AUTO_INHERITED, -1, pwptr, plen); - - if (pacl == NULL) - return TRUE; - - if (!IsValidAcl(pacl)) - return FALSE; - - count = pacl->AceCount; - for (i = 0; i < count; i++) - { - LPVOID ace; - if (!GetAce(pacl, i, &ace)) - return FALSE; - if (!DumpAce(ace, pwptr, plen)) - return FALSE; - } - - return TRUE; -} - -static BOOL DumpOwner(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen) -{ - static const WCHAR prefix[] = {'O',':',0}; - BOOL bDefaulted; - PSID psid; - - if (!GetSecurityDescriptorOwner(SecurityDescriptor, &psid, &bDefaulted)) - return FALSE; - - if (psid == NULL) - return TRUE; - - DumpString(prefix, -1, pwptr, plen); - if (!DumpSid(psid, pwptr, plen)) - return FALSE; - return TRUE; -} - -static BOOL DumpGroup(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen) -{ - static const WCHAR prefix[] = {'G',':',0}; - BOOL bDefaulted; - PSID psid; - - if (!GetSecurityDescriptorGroup(SecurityDescriptor, &psid, &bDefaulted)) - return FALSE; - - if (psid == NULL) - return TRUE; - - DumpString(prefix, -1, pwptr, plen); - if (!DumpSid(psid, pwptr, plen)) - return FALSE; - return TRUE; -} - -static BOOL DumpDacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen) -{ - static const WCHAR dacl[] = {'D',':',0}; - SECURITY_DESCRIPTOR_CONTROL control; - BOOL present, defaulted; - DWORD revision; - PACL pacl; - - if (!GetSecurityDescriptorDacl(SecurityDescriptor, &present, &pacl, &defaulted)) - return FALSE; - - if (!GetSecurityDescriptorControl(SecurityDescriptor, &control, &revision)) - return FALSE; - - if (!present) - return TRUE; - - DumpString(dacl, 2, pwptr, plen); - if (!DumpAcl(pacl, pwptr, plen, control & SE_DACL_PROTECTED, control & SE_DACL_AUTO_INHERIT_REQ, control & SE_DACL_AUTO_INHERITED)) - return FALSE; - return TRUE; -} - -static BOOL DumpSacl(PSECURITY_DESCRIPTOR SecurityDescriptor, WCHAR **pwptr, ULONG *plen) -{ - static const WCHAR sacl[] = {'S',':',0}; - SECURITY_DESCRIPTOR_CONTROL control; - BOOL present, defaulted; - DWORD revision; - PACL pacl; - - if (!GetSecurityDescriptorSacl(SecurityDescriptor, &present, &pacl, &defaulted)) - return FALSE; - - if (!GetSecurityDescriptorControl(SecurityDescriptor, &control, &revision)) - return FALSE; - - if (!present) - return TRUE; - - DumpString(sacl, 2, pwptr, plen); - if (!DumpAcl(pacl, pwptr, plen, control & SE_SACL_PROTECTED, control & SE_SACL_AUTO_INHERIT_REQ, control & SE_SACL_AUTO_INHERITED)) - return FALSE; - return TRUE; -} - -/****************************************************************************** - * ConvertSecurityDescriptorToStringSecurityDescriptorW [ADVAPI32.@] - * @implemented - */ -BOOL WINAPI -ConvertSecurityDescriptorToStringSecurityDescriptorW(PSECURITY_DESCRIPTOR SecurityDescriptor, - DWORD SDRevision, - SECURITY_INFORMATION SecurityInformation, - LPWSTR *OutputString, - PULONG OutputLen) -{ - ULONG len; - WCHAR *wptr, *wstr; - - if (SDRevision != SDDL_REVISION_1) - { - ERR("Program requested unknown SDDL revision %d\n", SDRevision); - SetLastError(ERROR_UNKNOWN_REVISION); - return FALSE; - } - - len = 0; - if (SecurityInformation & OWNER_SECURITY_INFORMATION) - if (!DumpOwner(SecurityDescriptor, NULL, &len)) - return FALSE; - if (SecurityInformation & GROUP_SECURITY_INFORMATION) - if (!DumpGroup(SecurityDescriptor, NULL, &len)) - return FALSE; - if (SecurityInformation & DACL_SECURITY_INFORMATION) - if (!DumpDacl(SecurityDescriptor, NULL, &len)) - return FALSE; - if (SecurityInformation & SACL_SECURITY_INFORMATION) - if (!DumpSacl(SecurityDescriptor, NULL, &len)) - return FALSE; - - wstr = wptr = LocalAlloc(0, (len + 1)*sizeof(WCHAR)); - if (wstr == NULL) - return FALSE; - - if (SecurityInformation & OWNER_SECURITY_INFORMATION) - if (!DumpOwner(SecurityDescriptor, &wptr, NULL)) - return FALSE; - if (SecurityInformation & GROUP_SECURITY_INFORMATION) - if (!DumpGroup(SecurityDescriptor, &wptr, NULL)) - return FALSE; - if (SecurityInformation & DACL_SECURITY_INFORMATION) - if (!DumpDacl(SecurityDescriptor, &wptr, NULL)) - return FALSE; - if (SecurityInformation & SACL_SECURITY_INFORMATION) - if (!DumpSacl(SecurityDescriptor, &wptr, NULL)) - return FALSE; - *wptr = 0; - - TRACE("ret: %s, %d\n", wine_dbgstr_w(wstr), len); - *OutputString = wstr; - if (OutputLen) - *OutputLen = strlenW(*OutputString)+1; - return TRUE; -} - - -/****************************************************************************** - * ConvertSecurityDescriptorToStringSecurityDescriptorA [ADVAPI32.@] - * @implemented - */ -BOOL WINAPI -ConvertSecurityDescriptorToStringSecurityDescriptorA(PSECURITY_DESCRIPTOR SecurityDescriptor, - DWORD SDRevision, - SECURITY_INFORMATION Information, - LPSTR *OutputString, - PULONG OutputLen) -{ - LPWSTR wstr; - ULONG len; - - if (ConvertSecurityDescriptorToStringSecurityDescriptorW(SecurityDescriptor, SDRevision, Information, &wstr, &len)) - { - int lenA; - - lenA = WideCharToMultiByte(CP_ACP, 0, wstr, len, NULL, 0, NULL, NULL); - *OutputString = HeapAlloc(GetProcessHeap(), 0, lenA); - if (*OutputString == NULL) - { - LocalFree(wstr); - *OutputLen = 0; - return FALSE; - } - WideCharToMultiByte(CP_ACP, 0, wstr, len, *OutputString, lenA, NULL, NULL); - LocalFree(wstr); - - if (OutputLen != NULL) - *OutputLen = lenA; - return TRUE; - } - else - { - *OutputString = NULL; - if (OutputLen) - *OutputLen = 0; - return FALSE; - } -} - - -/****************************************************************************** - * ComputeStringSidSize - */ -static DWORD ComputeStringSidSize(LPCWSTR StringSid) -{ - if (StringSid[0] == 'S' && StringSid[1] == '-') /* S-R-I(-S)+ */ - { - int ctok = 0; - while (*StringSid) - { - if (*StringSid == '-') - ctok++; - StringSid++; - } - - if (ctok >= 3) - return GetSidLengthRequired(ctok - 2); - } - else /* String constant format - Only available in winxp and above */ - { - unsigned int i; - - for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++) - if (!strncmpW(WellKnownSids[i].wstr, StringSid, 2)) - return GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount); - } - - return GetSidLengthRequired(0); -} - -/****************************************************************************** - * ParseStringSidToSid - */ -static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes) -{ - BOOL bret = FALSE; - SID* pisid=pSid; - - TRACE("%s, %p, %p\n", debugstr_w(StringSid), pSid, cBytes); - if (!StringSid) - { - SetLastError(ERROR_INVALID_PARAMETER); - TRACE("StringSid is NULL, returning FALSE\n"); - return FALSE; - } - - while (*StringSid == ' ') - StringSid++; - - *cBytes = ComputeStringSidSize(StringSid); - if (!pisid) /* Simply compute the size */ - { - TRACE("only size requested, returning TRUE\n"); - return TRUE; - } - - if (StringSid[0] == 'S' && StringSid[1] == '-') /* S-R-I-S-S */ - { - DWORD i = 0, identAuth; - DWORD csubauth = ((*cBytes - GetSidLengthRequired(0)) / sizeof(DWORD)); - - StringSid += 2; /* Advance to Revision */ - pisid->Revision = atoiW(StringSid); - - if (pisid->Revision != SDDL_REVISION) - { - TRACE("Revision %d is unknown\n", pisid->Revision); - goto lend; /* ERROR_INVALID_SID */ - } - if (csubauth == 0) - { - TRACE("SubAuthorityCount is 0\n"); - goto lend; /* ERROR_INVALID_SID */ - } - - pisid->SubAuthorityCount = csubauth; - - /* Advance to identifier authority */ - while (*StringSid && *StringSid != '-') - StringSid++; - if (*StringSid == '-') - StringSid++; - - /* MS' implementation can't handle values greater than 2^32 - 1, so - * we don't either; assume most significant bytes are always 0 - */ - pisid->IdentifierAuthority.Value[0] = 0; - pisid->IdentifierAuthority.Value[1] = 0; - identAuth = atoiW(StringSid); - pisid->IdentifierAuthority.Value[5] = identAuth & 0xff; - pisid->IdentifierAuthority.Value[4] = (identAuth & 0xff00) >> 8; - pisid->IdentifierAuthority.Value[3] = (identAuth & 0xff0000) >> 16; - pisid->IdentifierAuthority.Value[2] = (identAuth & 0xff000000) >> 24; - - /* Advance to first sub authority */ - while (*StringSid && *StringSid != '-') - StringSid++; - if (*StringSid == '-') - StringSid++; - - while (*StringSid) - { - pisid->SubAuthority[i++] = atoiW(StringSid); - - while (*StringSid && *StringSid != '-') - StringSid++; - if (*StringSid == '-') - StringSid++; - } - - if (i != pisid->SubAuthorityCount) - goto lend; /* ERROR_INVALID_SID */ - - bret = TRUE; - } - else /* String constant format - Only available in winxp and above */ - { - unsigned int i; - pisid->Revision = SDDL_REVISION; - - for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++) - if (!strncmpW(WellKnownSids[i].wstr, StringSid, 2)) - { - DWORD j; - pisid->SubAuthorityCount = WellKnownSids[i].Sid.SubAuthorityCount; - pisid->IdentifierAuthority = WellKnownSids[i].Sid.IdentifierAuthority; - for (j = 0; j < WellKnownSids[i].Sid.SubAuthorityCount; j++) - pisid->SubAuthority[j] = WellKnownSids[i].Sid.SubAuthority[j]; - bret = TRUE; - } - - if (!bret) - FIXME("String constant not supported: %s\n", debugstr_wn(StringSid, 2)); - } - -lend: - if (!bret) - SetLastError(ERROR_INVALID_SID); - - TRACE("returning %s\n", bret ? "TRUE" : "FALSE"); - return bret; -} - -/****************************************************************************** - * ParseAclStringFlags - */ -static DWORD ParseAclStringFlags(LPCWSTR* StringAcl) -{ - DWORD flags = 0; - LPCWSTR szAcl = *StringAcl; - - while (*szAcl != '(') - { - if (*szAcl == 'P') - { - flags |= SE_DACL_PROTECTED; - } - else if (*szAcl == 'A') - { - szAcl++; - if (*szAcl == 'R') - flags |= SE_DACL_AUTO_INHERIT_REQ; - else if (*szAcl == 'I') - flags |= SE_DACL_AUTO_INHERITED; - } - szAcl++; - } - - *StringAcl = szAcl; - return flags; -} - -/****************************************************************************** - * ParseAceStringType - */ -static const ACEFLAG AceType[] = -{ - { SDDL_ALARM, SYSTEM_ALARM_ACE_TYPE }, - { SDDL_AUDIT, SYSTEM_AUDIT_ACE_TYPE }, - { SDDL_ACCESS_ALLOWED, ACCESS_ALLOWED_ACE_TYPE }, - { SDDL_ACCESS_DENIED, ACCESS_DENIED_ACE_TYPE }, - /* - { SDDL_OBJECT_ACCESS_ALLOWED, ACCESS_ALLOWED_OBJECT_ACE_TYPE }, - { SDDL_OBJECT_ACCESS_DENIED, ACCESS_DENIED_OBJECT_ACE_TYPE }, - { SDDL_OBJECT_ALARM, SYSTEM_ALARM_OBJECT_ACE_TYPE }, - { SDDL_OBJECT_AUDIT, SYSTEM_AUDIT_OBJECT_ACE_TYPE }, - */ - { NULL, 0 }, -}; - -static BYTE ParseAceStringType(LPCWSTR* StringAcl) -{ - UINT len = 0; - LPCWSTR szAcl = *StringAcl; - const ACEFLAG *lpaf = AceType; - - while (lpaf->wstr && - (len = strlenW(lpaf->wstr)) && - strncmpW(lpaf->wstr, szAcl, len)) - lpaf++; - - if (!lpaf->wstr) - return 0; - - *StringAcl += len; - return lpaf->value; -} - - -/****************************************************************************** - * ParseAceStringFlags - */ -static const ACEFLAG AceFlags[] = -{ - { SDDL_CONTAINER_INHERIT, CONTAINER_INHERIT_ACE }, - { SDDL_AUDIT_FAILURE, FAILED_ACCESS_ACE_FLAG }, - { SDDL_INHERITED, INHERITED_ACE }, - { SDDL_INHERIT_ONLY, INHERIT_ONLY_ACE }, - { SDDL_NO_PROPAGATE, NO_PROPAGATE_INHERIT_ACE }, - { SDDL_OBJECT_INHERIT, OBJECT_INHERIT_ACE }, - { SDDL_AUDIT_SUCCESS, SUCCESSFUL_ACCESS_ACE_FLAG }, - { NULL, 0 }, -}; - -static BYTE ParseAceStringFlags(LPCWSTR* StringAcl) -{ - UINT len = 0; - BYTE flags = 0; - LPCWSTR szAcl = *StringAcl; - - while (*szAcl != ';') - { - const ACEFLAG *lpaf = AceFlags; - - while (lpaf->wstr && - (len = strlenW(lpaf->wstr)) && - strncmpW(lpaf->wstr, szAcl, len)) - lpaf++; - - if (!lpaf->wstr) - return 0; - - flags |= lpaf->value; - szAcl += len; - } - - *StringAcl = szAcl; - return flags; -} - - -/****************************************************************************** - * ParseAceStringRights - */ -static DWORD ParseAceStringRights(LPCWSTR* StringAcl) -{ - UINT len = 0; - DWORD rights = 0; - LPCWSTR szAcl = *StringAcl; - - if ((*szAcl == '0') && (*(szAcl + 1) == 'x')) - { - LPCWSTR p = szAcl; - - while (*p && *p != ';') - p++; - - if (p - szAcl <= 10 /* 8 hex digits + "0x" */ ) - { - rights = strtoulW(szAcl, NULL, 16); - szAcl = p; - } - else - WARN("Invalid rights string format: %s\n", debugstr_wn(szAcl, p - szAcl)); - } - else - { - while (*szAcl != ';') - { - const ACEFLAG *lpaf = AceRights; - - while (lpaf->wstr && - (len = strlenW(lpaf->wstr)) && - strncmpW(lpaf->wstr, szAcl, len)) - { - lpaf++; - } - - if (!lpaf->wstr) - return 0; - - rights |= lpaf->value; - szAcl += len; - } - } - - *StringAcl = szAcl; - return rights; -} - - -/****************************************************************************** - * ParseStringAclToAcl - * - * dacl_flags(string_ace1)(string_ace2)... (string_acen) - */ -static BOOL -ParseStringAclToAcl(LPCWSTR StringAcl, - LPDWORD lpdwFlags, - PACL pAcl, - LPDWORD cBytes) -{ - DWORD val; - DWORD sidlen; - DWORD length = sizeof(ACL); - DWORD acesize = 0; - DWORD acecount = 0; - PACCESS_ALLOWED_ACE pAce = NULL; /* pointer to current ACE */ - - TRACE("%s\n", debugstr_w(StringAcl)); - - if (!StringAcl) - return FALSE; - - if (pAcl) /* pAce is only useful if we're setting values */ - pAce = (PACCESS_ALLOWED_ACE) (pAcl + 1); - - /* Parse ACL flags */ - *lpdwFlags = ParseAclStringFlags(&StringAcl); - - /* Parse ACE */ - while (*StringAcl == '(') - { - StringAcl++; - - /* Parse ACE type */ - val = ParseAceStringType(&StringAcl); - if (pAce) - pAce->Header.AceType = (BYTE) val; - if (*StringAcl != ';') - goto lerr; - StringAcl++; - - /* Parse ACE flags */ - val = ParseAceStringFlags(&StringAcl); - if (pAce) - pAce->Header.AceFlags = (BYTE) val; - if (*StringAcl != ';') - goto lerr; - StringAcl++; - - /* Parse ACE rights */ - val = ParseAceStringRights(&StringAcl); - if (pAce) - pAce->Mask = val; - if (*StringAcl != ';') - goto lerr; - StringAcl++; - - /* Parse ACE object guid */ - if (*StringAcl != ';') - { - FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n"); - goto lerr; - } - StringAcl++; - - /* Parse ACE inherit object guid */ - if (*StringAcl != ';') - { - FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n"); - goto lerr; - } - StringAcl++; - - /* Parse ACE account sid */ - if (ParseStringSidToSid(StringAcl, pAce ? &pAce->SidStart : NULL, &sidlen)) - { - while (*StringAcl && *StringAcl != ')') - StringAcl++; - } - - if (*StringAcl != ')') - goto lerr; - StringAcl++; - - acesize = sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + sidlen; - length += acesize; - if (pAce) - { - pAce->Header.AceSize = acesize; - pAce = (PACCESS_ALLOWED_ACE)((LPBYTE)pAce + acesize); - } - acecount++; - } - - *cBytes = length; - - if (length > 0xffff) - { - ERR("ACL too large\n"); - goto lerr; - } - - if (pAcl) - { - pAcl->AclRevision = ACL_REVISION; - pAcl->Sbz1 = 0; - pAcl->AclSize = length; - pAcl->AceCount = acecount++; - pAcl->Sbz2 = 0; - } - return TRUE; - -lerr: - SetLastError(ERROR_INVALID_ACL); - WARN("Invalid ACE string format\n"); - return FALSE; -} - - -/****************************************************************************** - * ParseStringSecurityDescriptorToSecurityDescriptor - */ -static BOOL -ParseStringSecurityDescriptorToSecurityDescriptor(LPCWSTR StringSecurityDescriptor, - SECURITY_DESCRIPTOR_RELATIVE* SecurityDescriptor, - LPDWORD cBytes) -{ - BOOL bret = FALSE; - WCHAR toktype; - WCHAR tok[MAX_PATH]; - LPCWSTR lptoken; - LPBYTE lpNext = NULL; - DWORD len; - - *cBytes = sizeof(SECURITY_DESCRIPTOR); - - if (SecurityDescriptor) - lpNext = (LPBYTE)(SecurityDescriptor + 1); - - while (*StringSecurityDescriptor) - { - toktype = *StringSecurityDescriptor; - - /* Expect char identifier followed by ':' */ - StringSecurityDescriptor++; - if (*StringSecurityDescriptor != ':') - { - SetLastError(ERROR_INVALID_PARAMETER); - goto lend; - } - StringSecurityDescriptor++; - - /* Extract token */ - lptoken = StringSecurityDescriptor; - while (*lptoken && *lptoken != ':') - lptoken++; - - if (*lptoken) - lptoken--; - - len = lptoken - StringSecurityDescriptor; - memcpy( tok, StringSecurityDescriptor, len * sizeof(WCHAR) ); - tok[len] = 0; - - switch (toktype) - { - case 'O': - { - DWORD bytes; - - if (!ParseStringSidToSid(tok, lpNext, &bytes)) - goto lend; - - if (SecurityDescriptor) - { - SecurityDescriptor->Owner = lpNext - (LPBYTE)SecurityDescriptor; - lpNext += bytes; /* Advance to next token */ - } - - *cBytes += bytes; - - break; - } - - case 'G': - { - DWORD bytes; - - if (!ParseStringSidToSid(tok, lpNext, &bytes)) - goto lend; - - if (SecurityDescriptor) - { - SecurityDescriptor->Group = lpNext - (LPBYTE)SecurityDescriptor; - lpNext += bytes; /* Advance to next token */ - } - - *cBytes += bytes; - - break; - } - - case 'D': - { - DWORD flags; - DWORD bytes; - - if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes)) - goto lend; - - if (SecurityDescriptor) - { - SecurityDescriptor->Control |= SE_DACL_PRESENT | flags; - SecurityDescriptor->Dacl = lpNext - (LPBYTE)SecurityDescriptor; - lpNext += bytes; /* Advance to next token */ - } - - *cBytes += bytes; - - break; - } - - case 'S': - { - DWORD flags; - DWORD bytes; - - if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes)) - goto lend; - - if (SecurityDescriptor) - { - SecurityDescriptor->Control |= SE_SACL_PRESENT | flags; - SecurityDescriptor->Sacl = lpNext - (LPBYTE)SecurityDescriptor; - lpNext += bytes; /* Advance to next token */ - } - - *cBytes += bytes; - - break; - } - - default: - FIXME("Unknown token\n"); - SetLastError(ERROR_INVALID_PARAMETER); - goto lend; - } - - StringSecurityDescriptor = lptoken; - } - - bret = TRUE; - -lend: - return bret; -} - - -/****************************************************************************** - * ConvertStringSecurityDescriptorToSecurityDescriptorW [ADVAPI32.@] - * @implemented - */ -BOOL WINAPI -ConvertStringSecurityDescriptorToSecurityDescriptorW(LPCWSTR StringSecurityDescriptor, - DWORD StringSDRevision, - PSECURITY_DESCRIPTOR* SecurityDescriptor, - PULONG SecurityDescriptorSize) -{ - DWORD cBytes; - SECURITY_DESCRIPTOR* psd; - BOOL bret = FALSE; - - TRACE("%s\n", debugstr_w(StringSecurityDescriptor)); - - if (GetVersion() & 0x80000000) - { - SetLastError(ERROR_CALL_NOT_IMPLEMENTED); - goto lend; - } - else if (!StringSecurityDescriptor || !SecurityDescriptor) - { - SetLastError(ERROR_INVALID_PARAMETER); - goto lend; - } - else if (StringSDRevision != SID_REVISION) - { - SetLastError(ERROR_UNKNOWN_REVISION); - goto lend; - } - - /* Compute security descriptor length */ - if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor, - NULL, &cBytes)) - goto lend; - - psd = *SecurityDescriptor = LocalAlloc(GMEM_ZEROINIT, cBytes); - if (!psd) goto lend; - - psd->Revision = SID_REVISION; - psd->Control |= SE_SELF_RELATIVE; - - if (!ParseStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor, - (SECURITY_DESCRIPTOR_RELATIVE *)psd, &cBytes)) - { - LocalFree(psd); - goto lend; - } - - if (SecurityDescriptorSize) - *SecurityDescriptorSize = cBytes; - - bret = TRUE; - -lend: - TRACE(" ret=%d\n", bret); - return bret; -} - - -/* Winehq cvs 20050916 */ -/****************************************************************************** - * ConvertStringSecurityDescriptorToSecurityDescriptorA [ADVAPI32.@] - * @implemented - */ -BOOL -WINAPI -ConvertStringSecurityDescriptorToSecurityDescriptorA(LPCSTR StringSecurityDescriptor, - DWORD StringSDRevision, - PSECURITY_DESCRIPTOR* SecurityDescriptor, - PULONG SecurityDescriptorSize) -{ - UINT len; - BOOL ret = FALSE; - LPWSTR StringSecurityDescriptorW; - - len = MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, NULL, 0); - StringSecurityDescriptorW = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR)); - - if (StringSecurityDescriptorW) - { - MultiByteToWideChar(CP_ACP, 0, StringSecurityDescriptor, -1, StringSecurityDescriptorW, len); - - ret = ConvertStringSecurityDescriptorToSecurityDescriptorW(StringSecurityDescriptorW, - StringSDRevision, SecurityDescriptor, - SecurityDescriptorSize); - HeapFree(GetProcessHeap(), 0, StringSecurityDescriptorW); - } - - return ret; -} - -/* - * @implemented - */ -BOOL -WINAPI -EqualPrefixSid(PSID pSid1, - PSID pSid2) -{ - return RtlEqualPrefixSid (pSid1, pSid2); -} - - -/* - * @implemented - */ -BOOL -WINAPI -EqualSid(PSID pSid1, - PSID pSid2) -{ - SetLastError(ERROR_SUCCESS); - return RtlEqualSid (pSid1, pSid2); -} - - -/* - * @implemented - * - * RETURNS - * Docs says this function does NOT return a value - * even thou it's defined to return a PVOID... - */ -PVOID -WINAPI -FreeSid(PSID pSid) -{ - return RtlFreeSid(pSid); -} - - -/* - * @implemented - */ -DWORD -WINAPI -GetLengthSid(PSID pSid) -{ - return (DWORD)RtlLengthSid(pSid); -} - - -/* - * @implemented - */ -PSID_IDENTIFIER_AUTHORITY -WINAPI -GetSidIdentifierAuthority(PSID pSid) -{ - return RtlIdentifierAuthoritySid(pSid); -} - - -/* - * @implemented - */ -DWORD -WINAPI -GetSidLengthRequired(UCHAR nSubAuthorityCount) -{ - return (DWORD)RtlLengthRequiredSid(nSubAuthorityCount); -} - - -/* - * @implemented - */ -PDWORD -WINAPI -GetSidSubAuthority(PSID pSid, - DWORD nSubAuthority) -{ - SetLastError(ERROR_SUCCESS); - return (PDWORD)RtlSubAuthoritySid(pSid, nSubAuthority); -} - - -/* - * @implemented - */ -PUCHAR -WINAPI -GetSidSubAuthorityCount(PSID pSid) -{ - SetLastError(ERROR_SUCCESS); - return RtlSubAuthorityCountSid(pSid); -} - - -/* - * @implemented - */ -BOOL -WINAPI -InitializeSid(PSID Sid, - PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, - BYTE nSubAuthorityCount) -{ - NTSTATUS Status; - - Status = RtlInitializeSid(Sid, - pIdentifierAuthority, - nSubAuthorityCount); - if (!NT_SUCCESS(Status)) - { - SetLastError(RtlNtStatusToDosError(Status)); - return FALSE; - } - - return TRUE; -} - - -/* - * @implemented - */ -BOOL -WINAPI -IsValidSid(PSID pSid) -{ - return (BOOL)RtlValidSid(pSid); -} - - -/* - * @implemented - */ -BOOL -WINAPI -ConvertSidToStringSidW(PSID Sid, - LPWSTR *StringSid) -{ - NTSTATUS Status; - UNICODE_STRING UnicodeString; - WCHAR FixedBuffer[64]; - - if (!RtlValidSid(Sid)) - { - SetLastError(ERROR_INVALID_SID); - return FALSE; - } - - UnicodeString.Length = 0; - UnicodeString.MaximumLength = sizeof(FixedBuffer); - UnicodeString.Buffer = FixedBuffer; - Status = RtlConvertSidToUnicodeString(&UnicodeString, Sid, FALSE); - if (STATUS_BUFFER_TOO_SMALL == Status) - { - Status = RtlConvertSidToUnicodeString(&UnicodeString, Sid, TRUE); - } - - if (!NT_SUCCESS(Status)) - { - SetLastError(RtlNtStatusToDosError(Status)); - return FALSE; - } - - *StringSid = LocalAlloc(LMEM_FIXED, UnicodeString.Length + sizeof(WCHAR)); - if (NULL == *StringSid) - { - if (UnicodeString.Buffer != FixedBuffer) - { - RtlFreeUnicodeString(&UnicodeString); - } - SetLastError(ERROR_NOT_ENOUGH_MEMORY); - return FALSE; - } - - MoveMemory(*StringSid, UnicodeString.Buffer, UnicodeString.Length); - ZeroMemory((PCHAR) *StringSid + UnicodeString.Length, sizeof(WCHAR)); - if (UnicodeString.Buffer != FixedBuffer) - { - RtlFreeUnicodeString(&UnicodeString); - } - - return TRUE; -} - - -/* - * @implemented - */ -BOOL -WINAPI -ConvertSidToStringSidA(PSID Sid, - LPSTR *StringSid) -{ - LPWSTR StringSidW; - int Len; - - if (!ConvertSidToStringSidW(Sid, &StringSidW)) - { - return FALSE; - } - - Len = WideCharToMultiByte(CP_ACP, 0, StringSidW, -1, NULL, 0, NULL, NULL); - if (Len <= 0) - { - LocalFree(StringSidW); - SetLastError(ERROR_NOT_ENOUGH_MEMORY); - return FALSE; - } - - *StringSid = LocalAlloc(LMEM_FIXED, Len); - if (NULL == *StringSid) - { - LocalFree(StringSidW); - SetLastError(ERROR_NOT_ENOUGH_MEMORY); - return FALSE; - } - - if (!WideCharToMultiByte(CP_ACP, 0, StringSidW, -1, *StringSid, Len, NULL, NULL)) - { - LocalFree(StringSid); - LocalFree(StringSidW); - return FALSE; - } - - LocalFree(StringSidW); - - return TRUE; -} - - -/* - * @unimplemented - */ -BOOL -WINAPI -EqualDomainSid(IN PSID pSid1, - IN PSID pSid2, - OUT BOOL* pfEqual) -{ - UNIMPLEMENTED; - return FALSE; -} - - -/* - * @unimplemented - */ -BOOL -WINAPI -GetWindowsAccountDomainSid(IN PSID pSid, - OUT PSID ppDomainSid, - IN OUT DWORD* cbSid) -{ - UNIMPLEMENTED; - return FALSE; -} - - -/* - * @unimplemented - */ -BOOL -WINAPI -CreateWellKnownSid(IN WELL_KNOWN_SID_TYPE WellKnownSidType, - IN PSID DomainSid OPTIONAL, - OUT PSID pSid, - IN OUT DWORD* cbSid) -{ - unsigned int i; - TRACE("(%d, %s, %p, %p)\n", WellKnownSidType, debugstr_sid(DomainSid), pSid, cbSid); - - if (cbSid == NULL || (DomainSid && !IsValidSid(DomainSid))) - { - SetLastError(ERROR_INVALID_PARAMETER); - return FALSE; - } - - for (i = 0; i < sizeof(WellKnownSids)/sizeof(WellKnownSids[0]); i++) { - if (WellKnownSids[i].Type == WellKnownSidType) { - DWORD length = GetSidLengthRequired(WellKnownSids[i].Sid.SubAuthorityCount); - - if (*cbSid < length) - { - *cbSid = length; - SetLastError(ERROR_INSUFFICIENT_BUFFER); - return FALSE; - } - if (!pSid) - { - SetLastError(ERROR_INVALID_PARAMETER); - return FALSE; - } - CopyMemory(pSid, &WellKnownSids[i].Sid.Revision, length); - *cbSid = length; - return TRUE; - } - } - - if (DomainSid == NULL || *GetSidSubAuthorityCount(DomainSid) == SID_MAX_SUB_AUTHORITIES) - { - SetLastError(ERROR_INVALID_PARAMETER); - return FALSE; - } - - for (i = 0; i < sizeof(WellKnownRids)/sizeof(WellKnownRids[0]); i++) - if (WellKnownRids[i].Type == WellKnownSidType) { - UCHAR domain_subauth = *GetSidSubAuthorityCount(DomainSid); - DWORD domain_sid_length = GetSidLengthRequired(domain_subauth); - DWORD output_sid_length = GetSidLengthRequired(domain_subauth + 1); - - if (*cbSid < output_sid_length) - { - *cbSid = output_sid_length; - SetLastError(ERROR_INSUFFICIENT_BUFFER); - return FALSE; - } - if (!pSid) - { - SetLastError(ERROR_INVALID_PARAMETER); - return FALSE; - } - CopyMemory(pSid, DomainSid, domain_sid_length); - (*GetSidSubAuthorityCount(pSid))++; - (*GetSidSubAuthority(pSid, domain_subauth)) = WellKnownRids[i].Rid; - *cbSid = output_sid_length; - return TRUE; - } - - SetLastError(ERROR_INVALID_PARAMETER); - return FALSE; -} - - -/* - * @unimplemented - */ -BOOL -WINAPI -IsWellKnownSid(IN PSID pSid, - IN WELL_KNOWN_SID_TYPE WellKnownSidType) -{ - unsigned int i; - TRACE("(%s, %d)\n", debugstr_sid(pSid), WellKnownSidType); - - for (i = 0; i < sizeof(WellKnownSids) / sizeof(WellKnownSids[0]); i++) - { - if (WellKnownSids[i].Type == WellKnownSidType) - { - if (EqualSid(pSid, (PSID)(&WellKnownSids[i].Sid.Revision))) - return TRUE; - } - } - - return FALSE; -} - - -/* - * @implemented - */ -BOOL -WINAPI -ConvertStringSidToSidA(IN LPCSTR StringSid, - OUT PSID* sid) -{ - BOOL bRetVal = FALSE; - - TRACE("%s, %p\n", debugstr_a(StringSid), sid); - if (GetVersion() & 0x80000000) - SetLastError(ERROR_CALL_NOT_IMPLEMENTED); - else if (!StringSid || !sid) - SetLastError(ERROR_INVALID_PARAMETER); - else - { - UINT len = MultiByteToWideChar(CP_ACP, 0, StringSid, -1, NULL, 0); - LPWSTR wStringSid = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR)); - if (wStringSid == NULL) - return FALSE; - MultiByteToWideChar(CP_ACP, 0, StringSid, - 1, wStringSid, len); - bRetVal = ConvertStringSidToSidW(wStringSid, sid); - HeapFree(GetProcessHeap(), 0, wStringSid); - } - return bRetVal; -} - - -static const RECORD SidTable[] = -{ - { SDDL_ACCOUNT_OPERATORS, WinBuiltinAccountOperatorsSid }, - { SDDL_ALIAS_PREW2KCOMPACC, WinBuiltinPreWindows2000CompatibleAccessSid }, - { SDDL_ANONYMOUS, WinAnonymousSid }, - { SDDL_AUTHENTICATED_USERS, WinAuthenticatedUserSid }, - { SDDL_BUILTIN_ADMINISTRATORS, WinBuiltinAdministratorsSid }, - { SDDL_BUILTIN_GUESTS, WinBuiltinGuestsSid }, - { SDDL_BACKUP_OPERATORS, WinBuiltinBackupOperatorsSid }, - { SDDL_BUILTIN_USERS, WinBuiltinUsersSid }, - { SDDL_CERT_SERV_ADMINISTRATORS, WinAccountCertAdminsSid /* FIXME: DOMAIN_GROUP_RID_CERT_ADMINS */ }, - { SDDL_CREATOR_GROUP, WinCreatorGroupSid }, - { SDDL_CREATOR_OWNER, WinCreatorOwnerSid }, - { SDDL_DOMAIN_ADMINISTRATORS, WinAccountDomainAdminsSid /* FIXME: DOMAIN_GROUP_RID_ADMINS */ }, - { SDDL_DOMAIN_COMPUTERS, WinAccountComputersSid /* FIXME: DOMAIN_GROUP_RID_COMPUTERS */ }, - { SDDL_DOMAIN_DOMAIN_CONTROLLERS, WinAccountControllersSid /* FIXME: DOMAIN_GROUP_RID_CONTROLLERS */ }, - { SDDL_DOMAIN_GUESTS, WinAccountDomainGuestsSid /* FIXME: DOMAIN_GROUP_RID_GUESTS */ }, - { SDDL_DOMAIN_USERS, WinAccountDomainUsersSid /* FIXME: DOMAIN_GROUP_RID_USERS */ }, - { SDDL_ENTERPRISE_ADMINS, WinAccountEnterpriseAdminsSid /* FIXME: DOMAIN_GROUP_RID_ENTERPRISE_ADMINS */ }, - { SDDL_ENTERPRISE_DOMAIN_CONTROLLERS, WinEnterpriseControllersSid }, - { SDDL_EVERYONE, WinWorldSid }, - { SDDL_GROUP_POLICY_ADMINS, WinAccountPolicyAdminsSid /* FIXME: DOMAIN_GROUP_RID_POLICY_ADMINS */ }, - { SDDL_INTERACTIVE, WinInteractiveSid }, - { SDDL_LOCAL_ADMIN, WinAccountAdministratorSid /* FIXME: DOMAIN_USER_RID_ADMIN */ }, - { SDDL_LOCAL_GUEST, WinAccountGuestSid /* FIXME: DOMAIN_USER_RID_GUEST */ }, - { SDDL_LOCAL_SERVICE, WinLocalServiceSid }, - { SDDL_LOCAL_SYSTEM, WinLocalSystemSid }, - { SDDL_NETWORK, WinNetworkSid }, - { SDDL_NETWORK_CONFIGURATION_OPS, WinBuiltinNetworkConfigurationOperatorsSid }, - { SDDL_NETWORK_SERVICE, WinNetworkServiceSid }, - { SDDL_PRINTER_OPERATORS, WinBuiltinPrintOperatorsSid }, - { SDDL_PERSONAL_SELF, WinSelfSid }, - { SDDL_POWER_USERS, WinBuiltinPowerUsersSid }, - { SDDL_RAS_SERVERS, WinAccountRasAndIasServersSid /* FIXME: DOMAIN_ALIAS_RID_RAS_SERVERS */ }, - { SDDL_REMOTE_DESKTOP, WinBuiltinRemoteDesktopUsersSid }, - { SDDL_REPLICATOR, WinBuiltinReplicatorSid }, - { SDDL_RESTRICTED_CODE, WinRestrictedCodeSid }, - { SDDL_SCHEMA_ADMINISTRATORS, WinAccountSchemaAdminsSid /* FIXME: DOMAIN_GROUP_RID_SCHEMA_ADMINS */ }, - { SDDL_SERVER_OPERATORS, WinBuiltinSystemOperatorsSid }, - { SDDL_SERVICE, WinServiceSid }, - { NULL, 0 }, -}; - -/* - * @implemented - */ -BOOL -WINAPI -ConvertStringSidToSidW(IN LPCWSTR StringSid, - OUT PSID* sid) -{ - DWORD size; - DWORD i, cBytes, identAuth, csubauth; - BOOL ret; - SID* pisid; - - TRACE("%s %p\n", debugstr_w(StringSid), sid); - - if (!StringSid) - { - SetLastError(ERROR_INVALID_SID); - return FALSE; - } - - for (i = 0; i < sizeof(SidTable) / sizeof(SidTable[0]) - 1; i++) - { - if (wcscmp(StringSid, SidTable[i].key) == 0) - { - WELL_KNOWN_SID_TYPE knownSid = (WELL_KNOWN_SID_TYPE)SidTable[i].value; - size = SECURITY_MAX_SID_SIZE; - *sid = LocalAlloc(0, size); - if (!*sid) - { - SetLastError(ERROR_NOT_ENOUGH_MEMORY); - return FALSE; - } - ret = CreateWellKnownSid(knownSid, - NULL, - *sid, - &size); - if (!ret) - { - SetLastError(ERROR_INVALID_SID); - LocalFree(*sid); - } - return ret; - } - } - - /* That's probably a string S-R-I-S-S... */ - if (StringSid[0] != 'S' || StringSid[1] != '-') - { - SetLastError(ERROR_INVALID_SID); - return FALSE; - } - - cBytes = ComputeStringSidSize(StringSid); - pisid = (SID*)LocalAlloc( 0, cBytes ); - if (!pisid) - { - SetLastError(ERROR_NOT_ENOUGH_MEMORY); - return FALSE; - } - i = 0; - ret = FALSE; - csubauth = ((cBytes - GetSidLengthRequired(0)) / sizeof(DWORD)); - - StringSid += 2; /* Advance to Revision */ - pisid->Revision = atoiW(StringSid); - - if (pisid->Revision != SDDL_REVISION) - { - TRACE("Revision %d is unknown\n", pisid->Revision); - goto lend; /* ERROR_INVALID_SID */ - } - if (csubauth == 0) - { - TRACE("SubAuthorityCount is 0\n"); - goto lend; /* ERROR_INVALID_SID */ - } - - pisid->SubAuthorityCount = csubauth; - - /* Advance to identifier authority */ - while (*StringSid && *StringSid != '-') - StringSid++; - if (*StringSid == '-') - StringSid++; - - /* MS' implementation can't handle values greater than 2^32 - 1, so - * we don't either; assume most significant bytes are always 0 - */ - pisid->IdentifierAuthority.Value[0] = 0; - pisid->IdentifierAuthority.Value[1] = 0; - identAuth = atoiW(StringSid); - pisid->IdentifierAuthority.Value[5] = identAuth & 0xff; - pisid->IdentifierAuthority.Value[4] = (identAuth & 0xff00) >> 8; - pisid->IdentifierAuthority.Value[3] = (identAuth & 0xff0000) >> 16; - pisid->IdentifierAuthority.Value[2] = (identAuth & 0xff000000) >> 24; - - /* Advance to first sub authority */ - while (*StringSid && *StringSid != '-') - StringSid++; - if (*StringSid == '-') - StringSid++; - - while (*StringSid) - { - pisid->SubAuthority[i++] = atoiW(StringSid); - - while (*StringSid && *StringSid != '-') - StringSid++; - if (*StringSid == '-') - StringSid++; - } - - if (i != pisid->SubAuthorityCount) - goto lend; /* ERROR_INVALID_SID */ - - *sid = pisid; - ret = TRUE; - -lend: - if (!ret) - { - LocalFree(pisid); - SetLastError(ERROR_INVALID_SID); - } - - TRACE("returning %s\n", ret ? "TRUE" : "FALSE"); - return ret; -} - -/* EOF */ Modified: trunk/reactos/media/doc/README.WINE URL: http://svn.reactos.org/svn/reactos/trunk/reactos/media/doc/README.WINE?rev=… ============================================================================== --- trunk/reactos/media/doc/README.WINE [iso-8859-1] (original) +++ trunk/reactos/media/doc/README.WINE [iso-8859-1] Fri Oct 24 14:01:16 2014 @@ -256,11 +256,11 @@ reactos/lib/3rdparty/strmbase # Synced to Wine-1.7.27 advapi32 - - reactos/dll/win32/advapi32/sec/sid.c # Out of Sync reactos/dll/win32/advapi32/wine/cred.c # Synced to Wine-1.7.27 reactos/dll/win32/advapi32/wine/crypt.c # Synced to Wine-1.7.27 reactos/dll/win32/advapi32/wine/crypt_des.c # Synced to Wine-1.7.27 reactos/dll/win32/advapi32/wine/crypt_lmhash.c # Synced to Wine-1.7.27 + reactos/dll/win32/advapi32/wine/security.c # Out of Sync gdi32 - reactos/dll/win32/gdi32/objects/linedda.c # Synced at 20090410