--- trunk/reactos/lib/advapi32/reg/reg.c 2005-08-16 00:27:39 UTC (rev 17409)
+++ trunk/reactos/lib/advapi32/reg/reg.c 2005-08-16 05:17:06 UTC (rev 17410)
@@ -15,7 +15,7 @@
#include <advapi32.h>
#define NDEBUG
-#include <debug.h>
+#include <wine/debug.h>
/* DEFINES ******************************************************************/
@@ -56,7 +56,7 @@
BOOL
RegInitialize (VOID)
{
- DPRINT("RegInitialize()\n");
+ TRACE("RegInitialize()\n");
ProcessHeap = RtlGetProcessHeap();
RtlZeroMemory (DefaultHandleTable,
@@ -73,7 +73,7 @@
BOOL
RegCleanup (VOID)
{
- DPRINT("RegCleanup()\n");
+ TRACE("RegCleanup()\n");
CloseDefaultKeys ();
RtlDeleteCriticalSection (&HandleTableCS);
@@ -90,7 +90,7 @@
ULONG Index;
NTSTATUS Status = STATUS_SUCCESS;
- DPRINT("MapDefaultKey (Key %x)\n", Key);
+ TRACE("MapDefaultKey (Key %x)\n", Key);
if (((ULONG)Key & 0xF0000000) != 0x80000000)
{
@@ -142,7 +142,7 @@
break;
default:
- DPRINT("MapDefaultHandle() no handle creator\n");
+ WARN("MapDefaultHandle() no handle creator\n");
Status = STATUS_INVALID_PARAMETER;
}
}
@@ -181,7 +181,7 @@
OBJECT_ATTRIBUTES Attributes;
UNICODE_STRING KeyName = RTL_CONSTANT_STRING(L"\\Registry\\Machine\\Software\\CLASSES");
- DPRINT("OpenClassesRootKey()\n");
+ TRACE("OpenClassesRootKey()\n");
InitializeObjectAttributes (&Attributes,
&KeyName,
@@ -201,7 +201,7 @@
UNICODE_STRING KeyName = RTL_CONSTANT_STRING(L"\\Registry\\Machine");
NTSTATUS Status;
- DPRINT("OpenLocalMachineKey()\n");
+ TRACE("OpenLocalMachineKey()\n");
InitializeObjectAttributes (&Attributes,
&KeyName,
@@ -212,7 +212,7 @@
MAXIMUM_ALLOWED,
&Attributes);
- DPRINT("NtOpenKey(%wZ) => %08x\n", &KeyName, Status);
+ TRACE("NtOpenKey(%wZ) => %08x\n", &KeyName, Status);
return Status;
}
@@ -223,7 +223,7 @@
OBJECT_ATTRIBUTES Attributes;
UNICODE_STRING KeyName = RTL_CONSTANT_STRING(L"\\Registry\\User");
- DPRINT("OpenUsersKey()\n");
+ TRACE("OpenUsersKey()\n");
InitializeObjectAttributes (&Attributes,
&KeyName,
@@ -243,7 +243,7 @@
UNICODE_STRING KeyName =
RTL_CONSTANT_STRING(L"\\Registry\\Machine\\System\\CurrentControlSet\\Hardware Profiles\\Current");
- DPRINT("OpenCurrentConfigKey()\n");
+ TRACE("OpenCurrentConfigKey()\n");
InitializeObjectAttributes (&Attributes,
&KeyName,
@@ -341,7 +341,7 @@
ClassString,
dwOptions,
(PULONG)lpdwDisposition);
- DPRINT("NtCreateKey(%wZ) called (Status %lx)\n", ObjectAttributes->ObjectName, Status);
+ TRACE("NtCreateKey(%wZ) called (Status %lx)\n", ObjectAttributes->ObjectName, Status);
if (Status != STATUS_OBJECT_NAME_NOT_FOUND)
return Status;
@@ -373,7 +373,7 @@
NULL,
0,
&Disposition);
- DPRINT("NtCreateKey(%wZ) called (Status %lx)\n", &LocalKeyName, Status);
+ TRACE("NtCreateKey(%wZ) called (Status %lx)\n", &LocalKeyName, Status);
}
if (!NT_SUCCESS(Status))
@@ -410,7 +410,7 @@
NULL,
0,
&Disposition);
- DPRINT("NtCreateKey(%wZ) called (Status %lx)\n", &LocalKeyName, Status);
+ TRACE("NtCreateKey(%wZ) called (Status %lx)\n", &LocalKeyName, Status);
if (!NT_SUCCESS(Status))
break;
}
@@ -443,7 +443,7 @@
HANDLE ParentKey;
NTSTATUS Status;
- DPRINT("RegCreateKeyExA() called\n");
+ TRACE("RegCreateKeyExA() called\n");
/* get the real parent key */
Status = MapDefaultKey (&ParentKey,
@@ -452,7 +452,7 @@
{
return RtlNtStatusToDosError (Status);
}
- DPRINT("ParentKey %x\n", (ULONG)ParentKey);
+ TRACE("ParentKey %x\n", (ULONG)ParentKey);
if (lpClass != NULL)
{
@@ -479,7 +479,7 @@
RtlFreeUnicodeString (&ClassString);
}
- DPRINT("Status %x\n", Status);
+ TRACE("Status %x\n", Status);
if (!NT_SUCCESS(Status))
{
return RtlNtStatusToDosError (Status);
@@ -511,7 +511,7 @@
HANDLE ParentKey;
NTSTATUS Status;
- DPRINT("RegCreateKeyExW() called\n");
+ TRACE("RegCreateKeyExW() called\n");
/* get the real parent key */
Status = MapDefaultKey (&ParentKey,
@@ -520,7 +520,7 @@
{
return RtlNtStatusToDosError(Status);
}
- DPRINT("ParentKey %x\n", (ULONG)ParentKey);
+ TRACE("ParentKey %x\n", (ULONG)ParentKey);
RtlInitUnicodeString (&ClassString,
lpClass);
@@ -537,7 +537,7 @@
dwOptions,
samDesired,
lpdwDisposition);
- DPRINT("Status %x\n", Status);
+ TRACE("Status %x\n", Status);
if (!NT_SUCCESS(Status))
{
return RtlNtStatusToDosError (Status);
@@ -838,7 +838,7 @@
HANDLE KeyHandle;
NTSTATUS Status;
- DPRINT("RegEnumKeyExA(hKey 0x%x, dwIndex %d, lpName 0x%x, *lpcbName %d, lpClass 0x%x, lpcbClass %d)\n",
+ TRACE("RegEnumKeyExA(hKey 0x%x, dwIndex %d, lpName 0x%x, *lpcbName %d, lpClass 0x%x, lpcbClass %d)\n",
hKey, dwIndex, lpName, *lpcbName, lpClass, lpcbClass ? *lpcbClass : 0);
if ((lpClass) && (!lpcbClass))
@@ -892,7 +892,7 @@
KeyInfo,
BufferSize,
&ResultSize);
- DPRINT("NtEnumerateKey() returned status 0x%X\n", Status);
+ TRACE("NtEnumerateKey() returned status 0x%X\n", Status);
if (!NT_SUCCESS(Status))
{
ErrorCode = RtlNtStatusToDosError (Status);
@@ -960,10 +960,10 @@
}
}
- DPRINT("Key Namea0 Length %d\n", StringU.Length);
- DPRINT("Key Namea1 Length %d\n", NameLength);
- DPRINT("Key Namea Length %d\n", *lpcbName);
- DPRINT("Key Namea %s\n", lpName);
+ TRACE("Key Namea0 Length %d\n", StringU.Length);
+ TRACE("Key Namea1 Length %d\n", NameLength);
+ TRACE("Key Namea Length %d\n", *lpcbName);
+ TRACE("Key Namea %s\n", lpName);
RtlFreeHeap (ProcessHeap,
0,
@@ -1050,7 +1050,7 @@
KeyInfo,
BufferSize,
&ResultSize);
- DPRINT("NtEnumerateKey() returned status 0x%X\n", Status);
+ TRACE("NtEnumerateKey() returned status 0x%X\n", Status);
if (!NT_SUCCESS(Status))
{
ErrorCode = RtlNtStatusToDosError (Status);
@@ -1386,7 +1386,7 @@
hKey);
if (!NT_SUCCESS(Status))
{
- DPRINT("MapDefaultKey() failed (Status %lx)\n", Status);
+ TRACE("MapDefaultKey() failed (Status %lx)\n", Status);
return RtlNtStatusToDosError (Status);
}
@@ -1397,7 +1397,7 @@
lpcbSecurityDescriptor);
if (!NT_SUCCESS(Status))
{
- DPRINT("NtQuerySecurityObject() failed (Status %lx)\n", Status);
+ WARN("NtQuerySecurityObject() failed (Status %lx)\n", Status);
return RtlNtStatusToDosError (Status);
}
@@ -1590,7 +1590,7 @@
LPCSTR lpSubKey,
PHKEY phkResult)
{
- DPRINT("RegOpenKeyA hKey 0x%x lpSubKey %s phkResult %p\n", hKey, lpSubKey, phkResult);
+ TRACE("RegOpenKeyA hKey 0x%x lpSubKey %s phkResult %p\n", hKey, lpSubKey, phkResult);
if (!lpSubKey || !*lpSubKey)
{
@@ -1616,7 +1616,7 @@
LPCWSTR lpSubKey,
PHKEY phkResult)
{
- DPRINT("RegOpenKeyW hKey 0x%x lpSubKey %S phkResult %p\n", hKey, lpSubKey, phkResult);
+ TRACE("RegOpenKeyW hKey 0x%x lpSubKey %S phkResult %p\n", hKey, lpSubKey, phkResult);
if (!lpSubKey || !*lpSubKey)
{
@@ -1644,7 +1644,7 @@
HANDLE KeyHandle;
NTSTATUS Status;
- DPRINT("RegOpenKeyExA hKey 0x%x lpSubKey %s ulOptions 0x%x samDesired 0x%x phkResult %p\n",
+ TRACE("RegOpenKeyExA hKey 0x%x lpSubKey %s ulOptions 0x%x samDesired 0x%x phkResult %p\n",
hKey, lpSubKey, ulOptions, samDesired, phkResult);
Status = MapDefaultKey (&KeyHandle, hKey);
@@ -1688,7 +1688,7 @@
HANDLE KeyHandle;
NTSTATUS Status;
- DPRINT("RegOpenKeyExW hKey 0x%x lpSubKey %S ulOptions 0x%x samDesired 0x%x phkResult %p\n",
+ TRACE("RegOpenKeyExW hKey 0x%x lpSubKey %S ulOptions 0x%x samDesired 0x%x phkResult %p\n",
hKey, lpSubKey, ulOptions, samDesired, phkResult);
Status = MapDefaultKey (&KeyHandle, hKey);
@@ -1837,7 +1837,7 @@
RtlAppendUnicodeToString(&UserClassesKeyRoot,
UserClassesKeySuffix);
- DPRINT("RegOpenUserClassesRoot: Absolute path: %wZ\n", &UserClassesKeyRoot);
+ TRACE("RegOpenUserClassesRoot: Absolute path: %wZ\n", &UserClassesKeyRoot);
/*
* Open the key
@@ -2001,7 +2001,7 @@
FullInfo,
FullInfoSize,
&Length);
- DPRINT("NtQueryKey() returned status 0x%X\n", Status);
+ TRACE("NtQueryKey() returned status 0x%X\n", Status);
if (!NT_SUCCESS(Status))
{
if (lpClass != NULL)
@@ -2014,37 +2014,37 @@
return RtlNtStatusToDosError (Status);
}
- DPRINT("SubKeys %d\n", FullInfo->SubKeys);
+ TRACE("SubKeys %d\n", FullInfo->SubKeys);
if (lpcSubKeys != NULL)
{
*lpcSubKeys = FullInfo->SubKeys;
}
- DPRINT("MaxNameLen %lu\n", FullInfo->MaxNameLen);
+ TRACE("MaxNameLen %lu\n", FullInfo->MaxNameLen);
if (lpcbMaxSubKeyLen != NULL)
{
*lpcbMaxSubKeyLen = FullInfo->MaxNameLen / sizeof(WCHAR) + 1;
}
- DPRINT("MaxClassLen %lu\n", FullInfo->MaxClassLen);
+ TRACE("MaxClassLen %lu\n", FullInfo->MaxClassLen);
if (lpcbMaxClassLen != NULL)
{
*lpcbMaxClassLen = FullInfo->MaxClassLen / sizeof(WCHAR) + 1;
}
- DPRINT("Values %lu\n", FullInfo->Values);
+ TRACE("Values %lu\n", FullInfo->Values);
if (lpcValues != NULL)
{
*lpcValues = FullInfo->Values;
}
- DPRINT("MaxValueNameLen %lu\n", FullInfo->MaxValueNameLen);
+ TRACE("MaxValueNameLen %lu\n", FullInfo->MaxValueNameLen);
if (lpcbMaxValueNameLen != NULL)
{
*lpcbMaxValueNameLen = FullInfo->MaxValueNameLen / sizeof(WCHAR) + 1;
}
- DPRINT("MaxValueDataLen %lu\n", FullInfo->MaxValueDataLen);
+ TRACE("MaxValueDataLen %lu\n", FullInfo->MaxValueDataLen);
if (lpcbMaxValueLen != NULL)
{
*lpcbMaxValueLen = FullInfo->MaxValueDataLen;
@@ -2124,7 +2124,7 @@
*ldwTotsize = 0;
- DPRINT ("RegQueryMultipleValuesA(%p,%p,%ld,%p,%p=%ld)\n",
+ TRACE("RegQueryMultipleValuesA(%p,%p,%ld,%p,%p=%ld)\n",
hKey, val_list, num_vals, lpValueBuf, ldwTotsize, *ldwTotsize);
for (i = 0; i < num_vals; i++)
@@ -2188,7 +2188,7 @@
*ldwTotsize = 0;
- DPRINT ("RegQueryMultipleValuesW(%p,%p,%ld,%p,%p=%ld)\n",
+ TRACE ("RegQueryMultipleValuesW(%p,%p,%ld,%p,%p=%ld)\n",
hKey, val_list, num_vals, lpValueBuf, ldwTotsize, *ldwTotsize);
for (i = 0; i < num_vals; i++)
@@ -2252,7 +2252,7 @@
LONG ErrorCode = ERROR_SUCCESS;
ULONG MaxCopy = lpcbData != NULL && lpData != NULL ? *lpcbData : 0;
- DPRINT("hKey 0x%X lpValueName %S lpData 0x%X lpcbData %d\n",
+ TRACE("hKey 0x%X lpValueName %S lpData 0x%X lpcbData %d\n",
hKey, lpValueName, lpData, lpcbData ? *lpcbData : 0);
Status = MapDefaultKey (&KeyHandle,
@@ -2284,7 +2284,7 @@
ValueInfo,
BufferSize,
&ResultSize);
- DPRINT("Status 0x%X\n", Status);
+ TRACE("Status 0x%X\n", Status);
if (Status == STATUS_BUFFER_OVERFLOW)
{
/* Return ERROR_SUCCESS and the buffer space needed for a successful call */
@@ -2325,7 +2325,7 @@
if (lpcbData != NULL)
{
*lpcbData = (ResultSize - FIELD_OFFSET(KEY_VALUE_PARTIAL_INFORMATION, Data[0]));
- DPRINT("(string) Returning Size: %lu\n", *lpcbData);
+ TRACE("(string) Returning Size: %lu\n", *lpcbData);
}
}
else
@@ -2333,11 +2333,11 @@
if (lpcbData != NULL)
{
*lpcbData = ResultSize - FIELD_OFFSET(KEY_VALUE_PARTIAL_INFORMATION, Data[0]);
- DPRINT("(other) Returning Size: %lu\n", *lpcbData);
+ TRACE("(other) Returning Size: %lu\n", *lpcbData);
}
}
- DPRINT("Type %d Size %d\n", ValueInfo->Type, ValueInfo->DataLength);
+ TRACE("Type %d Size %d\n", ValueInfo->Type, ValueInfo->DataLength);
RtlFreeHeap (ProcessHeap,
0,
@@ -2367,7 +2367,7 @@
DWORD Length;
DWORD Type;
- DPRINT("hKey 0x%X lpValueName %s lpData 0x%X lpcbData %d\n",
+ TRACE("hKey 0x%X lpValueName %s lpData 0x%X lpcbData %d\n",
hKey, lpValueName, lpData, lpcbData ? *lpcbData : 0);
if (lpData != NULL && lpcbData == NULL)
@@ -2404,7 +2404,7 @@
&Type,
(lpData == NULL) ? NULL : (LPBYTE)ValueData.Buffer,
&Length);
- DPRINT("ErrorCode %lu\n", ErrorCode);
+ TRACE("ErrorCode %lu\n", ErrorCode);
RtlFreeUnicodeString(&ValueName);
if (ErrorCode == ERROR_SUCCESS ||
@@ -2473,7 +2473,7 @@
LONG ValueSize;
LONG ErrorCode;
- DPRINT("hKey 0x%X lpSubKey %s lpValue %p lpcbValue %d\n",
+ TRACE("hKey 0x%X lpSubKey %s lpValue %p lpcbValue %d\n",
hKey, lpSubKey, lpValue, lpcbValue ? *lpcbValue : 0);
if (lpValue != NULL &&
@@ -2562,7 +2562,7 @@
BOOL CloseRealKey;
NTSTATUS Status;
- DPRINT("hKey 0x%X lpSubKey %S lpValue %p lpcbValue %d\n",
+ TRACE("hKey 0x%X lpSubKey %S lpValue %p lpcbValue %d\n",
hKey, lpSubKey, lpValue, lpcbValue ? *lpcbValue : 0);
Status = MapDefaultKey (&KeyHandle,
--- trunk/reactos/lib/advapi32/sec/sid.c 2005-08-16 00:27:39 UTC (rev 17409)
+++ trunk/reactos/lib/advapi32/sec/sid.c 2005-08-16 05:17:06 UTC (rev 17410)
@@ -1,16 +1,614 @@
/* $Id$
*
* COPYRIGHT: See COPYING in the top level directory
+ * WINE COPYRIGHT:
+ * Copyright 1999, 2000 Juergen Schmied <juergen.schmied@debitel.net>
+ * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla)
+ *
* PROJECT: ReactOS system libraries
* FILE: lib/advapi32/sec/sid.c
* PURPOSE: Security ID functions
*/
#include <advapi32.h>
-#include <debug.h>
+#include <wine/debug.h>
+#include <wine/unicode.h>
+WINE_DEFAULT_DEBUG_CHANNEL(advapi);
+
+static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes);
+static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
+ PACL pAcl, LPDWORD cBytes);
+static BYTE ParseAceStringFlags(LPCWSTR* StringAcl);
+static BYTE ParseAceStringType(LPCWSTR* StringAcl);
+static DWORD ParseAceStringRights(LPCWSTR* StringAcl);
+static DWORD ParseAclStringFlags(LPCWSTR* StringAcl);
+
+typedef struct _ACEFLAG
+{
+ LPCWSTR wstr;
+ DWORD value;
+} ACEFLAG, *LPACEFLAG;
+
+static SID const sidWorld = { SID_REVISION, 1, { SECURITY_WORLD_SID_AUTHORITY} , { SECURITY_WORLD_RID } };
+
/*
+ * ACE access rights
+ */
+static const WCHAR SDDL_READ_CONTROL[] = {'R','C',0};
+static const WCHAR SDDL_WRITE_DAC[] = {'W','D',0};
+static const WCHAR SDDL_WRITE_OWNER[] = {'W','O',0};
+static const WCHAR SDDL_STANDARD_DELETE[] = {'S','D',0};
+static const WCHAR SDDL_GENERIC_ALL[] = {'G','A',0};
+static const WCHAR SDDL_GENERIC_READ[] = {'G','R',0};
+static const WCHAR SDDL_GENERIC_WRITE[] = {'G','W',0};
+static const WCHAR SDDL_GENERIC_EXECUTE[] = {'G','X',0};
+
+/*
+ * ACE types
+ */
+static const WCHAR SDDL_ACCESS_ALLOWED[] = {'A',0};
+static const WCHAR SDDL_ACCESS_DENIED[] = {'D',0};
+static const WCHAR SDDL_OBJECT_ACCESS_ALLOWED[] = {'O','A',0};
+static const WCHAR SDDL_OBJECT_ACCESS_DENIED[] = {'O','D',0};
+static const WCHAR SDDL_AUDIT[] = {'A','U',0};
+static const WCHAR SDDL_ALARM[] = {'A','L',0};
+static const WCHAR SDDL_OBJECT_AUDIT[] = {'O','U',0};
+static const WCHAR SDDL_OBJECT_ALARMp[] = {'O','L',0};
+
+/*
+ * ACE flags
+ */
+static const WCHAR SDDL_CONTAINER_INHERIT[] = {'C','I',0};
+static const WCHAR SDDL_OBJECT_INHERIT[] = {'O','I',0};
+static const WCHAR SDDL_NO_PROPAGATE[] = {'N','P',0};
+static const WCHAR SDDL_INHERIT_ONLY[] = {'I','O',0};
+static const WCHAR SDDL_INHERITED[] = {'I','D',0};
+static const WCHAR SDDL_AUDIT_SUCCESS[] = {'S','A',0};
+static const WCHAR SDDL_AUDIT_FAILURE[] = {'F','A',0};
+
+/* set last error code from NT status and get the proper boolean return value */
+/* used for functions that are a simple wrapper around the corresponding ntdll API */
+static inline BOOL set_ntstatus( NTSTATUS status )
+{
+ if (status) SetLastError( RtlNtStatusToDosError( status ));
+ return !status;
+}
+
+#define WINE_SIZE_OF_WORLD_ACCESS_ACL (sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD))
+
+
+/* some helper functions - taken from winehq cvs 20050916 */
+/******************************************************************************
+ * ComputeStringSidSize
+ */
+static DWORD ComputeStringSidSize(LPCWSTR StringSid)
+{
+ int ctok = 0;
+ DWORD size = sizeof(SID);
+
+ while (*StringSid)
+ {
+ if (*StringSid == '-')
+ ctok++;
+ StringSid++;
+ }
+
+ if (ctok > 3)
+ size += (ctok - 3) * sizeof(DWORD);
+
+ return size;
+}
+
+/******************************************************************************
+ * ParseAceStringType
+ */
+ACEFLAG AceType[] =
+{
+ { SDDL_ACCESS_ALLOWED, ACCESS_ALLOWED_ACE_TYPE },
+ { SDDL_ALARM, SYSTEM_ALARM_ACE_TYPE },
+ { SDDL_AUDIT, SYSTEM_AUDIT_ACE_TYPE },
+ { SDDL_ACCESS_DENIED, ACCESS_DENIED_ACE_TYPE },
+ /*
+ { SDDL_OBJECT_ACCESS_ALLOWED, ACCESS_ALLOWED_OBJECT_ACE_TYPE },
+ { SDDL_OBJECT_ACCESS_DENIED, ACCESS_DENIED_OBJECT_ACE_TYPE },
+ { SDDL_OBJECT_ALARM, SYSTEM_ALARM_OBJECT_ACE_TYPE },
+ { SDDL_OBJECT_AUDIT, SYSTEM_AUDIT_OBJECT_ACE_TYPE },
+ */
+ { NULL, 0 },
+};
+
+static BYTE ParseAceStringType(LPCWSTR* StringAcl)
+{
+ UINT len = 0;
+ LPCWSTR szAcl = *StringAcl;
+ LPACEFLAG lpaf = AceType;
+
+ while (lpaf->wstr &&
+ (len = strlenW(lpaf->wstr)) &&
+ strncmpW(lpaf->wstr, szAcl, len))
+ lpaf++;
+
+ if (!lpaf->wstr)
+ return 0;
+
+ *StringAcl += len;
+ return lpaf->value;
+}
+
+
+/******************************************************************************
+ * ParseAceStringFlags
+ */
+ACEFLAG AceFlags[] =
+{
+ { SDDL_CONTAINER_INHERIT, CONTAINER_INHERIT_ACE },
+ { SDDL_AUDIT_FAILURE, FAILED_ACCESS_ACE_FLAG },
+ { SDDL_INHERITED, INHERITED_ACE },
+ { SDDL_INHERIT_ONLY, INHERIT_ONLY_ACE },
+ { SDDL_NO_PROPAGATE, NO_PROPAGATE_INHERIT_ACE },
+ { SDDL_OBJECT_INHERIT, OBJECT_INHERIT_ACE },
+ { SDDL_AUDIT_SUCCESS, SUCCESSFUL_ACCESS_ACE_FLAG },
+ { NULL, 0 },
+};
+
+static BYTE ParseAceStringFlags(LPCWSTR* StringAcl)
+{
+ UINT len = 0;
+ BYTE flags = 0;
+ LPCWSTR szAcl = *StringAcl;
+
+ while (*szAcl != ';')
+ {
+ LPACEFLAG lpaf = AceFlags;
+
+ while (lpaf->wstr &&
+ (len = strlenW(lpaf->wstr)) &&
+ strncmpW(lpaf->wstr, szAcl, len))
+ lpaf++;
+
+ if (!lpaf->wstr)
+ return 0;
+
+ flags |= lpaf->value;
+ szAcl += len;
+ }
+
+ *StringAcl = szAcl;
+ return flags;
+}
+
+
+/******************************************************************************
+ * ParseAceStringRights
+ */
+ACEFLAG AceRights[] =
+{
+ { SDDL_GENERIC_ALL, GENERIC_ALL },
+ { SDDL_GENERIC_READ, GENERIC_READ },
+ { SDDL_GENERIC_WRITE, GENERIC_WRITE },
+ { SDDL_GENERIC_EXECUTE, GENERIC_EXECUTE },
+ { SDDL_READ_CONTROL, READ_CONTROL },
+ { SDDL_STANDARD_DELETE, DELETE },
+ { SDDL_WRITE_DAC, WRITE_DAC },
+ { SDDL_WRITE_OWNER, WRITE_OWNER },
+ { NULL, 0 },
+};
+
+static DWORD ParseAceStringRights(LPCWSTR* StringAcl)
+{
+ UINT len = 0;
+ DWORD rights = 0;
+ LPCWSTR szAcl = *StringAcl;
+
+ if ((*szAcl == '0') && (*(szAcl + 1) == 'x'))
+ {
+ LPCWSTR p = szAcl;
+
+ while (*p && *p != ';')
+ p++;
+
+ if (p - szAcl <= 8)
+ {
+ rights = strtoulW(szAcl, NULL, 16);
+ *StringAcl = p;
+ }
+ else
+ WARN("Invalid rights string format: %s\n", debugstr_wn(szAcl, p - szAcl));
+ }
+ else
+ {
+ while (*szAcl != ';')
+ {
+ LPACEFLAG lpaf = AceRights;
+
+ while (lpaf->wstr &&
+ (len = strlenW(lpaf->wstr)) &&
+ strncmpW(lpaf->wstr, szAcl, len))
+ {
+ lpaf++;
+ }
+
+ if (!lpaf->wstr)
+ return 0;
+
+ rights |= lpaf->value;
+ szAcl += len;
+ }
+ }
+
+ *StringAcl = szAcl;
+ return rights;
+}
+
+/******************************************************************************
+ * ParseStringAclToAcl
+ *
+ * dacl_flags(string_ace1)(string_ace2)... (string_acen)
+ */
+static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
+ PACL pAcl, LPDWORD cBytes)
+{
+ DWORD val;
+ DWORD sidlen;
+ DWORD length = sizeof(ACL);
+ PACCESS_ALLOWED_ACE pAce = NULL; /* pointer to current ACE */
+
+ TRACE("%s\n", debugstr_w(StringAcl));
+
+ if (!StringAcl)
+ return FALSE;
+
+ if (pAcl) /* pAce is only useful if we're setting values */
+ pAce = (PACCESS_ALLOWED_ACE) ((LPBYTE)pAcl + sizeof(PACL));
+
+ /* Parse ACL flags */
+ *lpdwFlags = ParseAclStringFlags(&StringAcl);
+
+ /* Parse ACE */
+ while (*StringAcl == '(')
+ {
+ StringAcl++;
+
+ /* Parse ACE type */
+ val = ParseAceStringType(&StringAcl);
+ if (pAce)
+ pAce->Header.AceType = (BYTE) val;
+ if (*StringAcl != ';')
+ goto lerr;
+ StringAcl++;
+
+ /* Parse ACE flags */
+ val = ParseAceStringFlags(&StringAcl);
+ if (pAce)
+ pAce->Header.AceFlags = (BYTE) val;
+ if (*StringAcl != ';')
+ goto lerr;
+ StringAcl++;
+
+ /* Parse ACE rights */
+ val = ParseAceStringRights(&StringAcl);
+ if (pAce)
+ pAce->Mask = val;
+ if (*StringAcl != ';')
+ goto lerr;
+ StringAcl++;
+
+ /* Parse ACE object guid */
+ if (*StringAcl != ';')
+ {
+ FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
+ goto lerr;
+ }
+ StringAcl++;
+
+ /* Parse ACE inherit object guid */
+ if (*StringAcl != ';')
+ {
+ FIXME("Support for *_OBJECT_ACE_TYPE not implemented\n");
+ goto lerr;
+ }
+ StringAcl++;
+
+ /* Parse ACE account sid */
+ if (ParseStringSidToSid(StringAcl, pAce ? (PSID)&pAce->SidStart : NULL, &sidlen))
+ {
+ while (*StringAcl && *StringAcl != ')')
+ StringAcl++;
+ }
+
+ if (*StringAcl != ')')
+ goto lerr;
+ StringAcl++;
+
+ length += sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + sidlen;
+ }
+
+ *cBytes = length;
+ return TRUE;
+
+lerr:
+ WARN("Invalid ACE string format\n");
+ return FALSE;
+}
+
+/******************************************************************************
+ * ParseStringSecurityDescriptorToSecurityDescriptor
+ */
+static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
+ LPCWSTR StringSecurityDescriptor,
+ SECURITY_DESCRIPTOR* SecurityDescriptor,
+ LPDWORD cBytes)
+{
+ BOOL bret = FALSE;
+ WCHAR toktype;
+ WCHAR tok[MAX_PATH];
+ LPCWSTR lptoken;
+ LPBYTE lpNext = NULL;
+ DWORD len;
+
+ *cBytes = 0;
+
+ if (SecurityDescriptor)
+ lpNext = ((LPBYTE) SecurityDescriptor) + sizeof(SECURITY_DESCRIPTOR);
+
+ while (*StringSecurityDescriptor)
+ {
+ toktype = *StringSecurityDescriptor;
+
+ /* Expect char identifier followed by ':' */
+ StringSecurityDescriptor++;
+ if (*StringSecurityDescriptor != ':')
+ {
+ SetLastError(ERROR_INVALID_PARAMETER);
+ goto lend;
+ }
+ StringSecurityDescriptor++;
+
+ /* Extract token */
+ lptoken = StringSecurityDescriptor;
+ while (*lptoken && *lptoken != ':')
+ lptoken++;
+
+ if (*lptoken)
+ lptoken--;
+
+ len = lptoken - StringSecurityDescriptor;
+ memcpy( tok, StringSecurityDescriptor, len * sizeof(WCHAR) );
+ tok[len] = 0;
+
+ switch (toktype)
+ {
+ case 'O':
+ {
+ DWORD bytes;
+
+ if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
+ goto lend;
+
+ if (SecurityDescriptor)
+ {
+ SecurityDescriptor->Owner = (PSID) ((DWORD) lpNext -
+ (DWORD) SecurityDescriptor);
+ lpNext += bytes; /* Advance to next token */
+ }
+
+ *cBytes += bytes;
+
+ break;
+ }
+
+ case 'G':
+ {
+ DWORD bytes;
+
+ if (!ParseStringSidToSid(tok, (PSID)lpNext, &bytes))
+ goto lend;
+
+ if (SecurityDescriptor)
+ {
+ SecurityDescriptor->Group = (PSID) ((DWORD) lpNext -
+ (DWORD) SecurityDescriptor);
+ lpNext += bytes; /* Advance to next token */
+ }
+
+ *cBytes += bytes;
+
+ break;
+ }
+
+ case 'D':
+ {
+ DWORD flags;
+ DWORD bytes;
+
+ if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
+ goto lend;
+
+ if (SecurityDescriptor)
+ {
+ SecurityDescriptor->Control |= SE_DACL_PRESENT | flags;
+ SecurityDescriptor->Dacl = (PACL) ((DWORD) lpNext -
+ (DWORD) SecurityDescriptor);
+ lpNext += bytes; /* Advance to next token */
+ }
+
+ *cBytes += bytes;
+
+ break;
+ }
+
+ case 'S':
+ {
+ DWORD flags;
+ DWORD bytes;
+
+ if (!ParseStringAclToAcl(tok, &flags, (PACL)lpNext, &bytes))
+ goto lend;
+
+ if (SecurityDescriptor)
+ {
+ SecurityDescriptor->Control |= SE_SACL_PRESENT | flags;
+ SecurityDescriptor->Sacl = (PACL) ((DWORD) lpNext -
+ (DWORD) SecurityDescriptor);
+ lpNext += bytes; /* Advance to next token */
+ }
+
+ *cBytes += bytes;
+
+ break;
+ }
+
+ default:
+ FIXME("Unknown token\n");
+ SetLastError(ERROR_INVALID_PARAMETER);
+ goto lend;
+ }
+
+ StringSecurityDescriptor = lptoken;
+ }
+
+ bret = TRUE;
+
+lend:
+ return bret;
+}
+
+/******************************************************************************
+ * ParseAclStringFlags
+ */
+static DWORD ParseAclStringFlags(LPCWSTR* StringAcl)
+{
+ DWORD flags = 0;
+ LPCWSTR szAcl = *StringAcl;
+
+ while (*szAcl != '(')
[truncated at 1000 lines; 249 more skipped]