Modified: trunk/reactos/include/ntdll/rtl.h
Modified: trunk/reactos/include/ntos/obtypes.h
Modified: trunk/reactos/include/ntos/security.h
Modified: trunk/reactos/lib/rtl/sid.c
Modified: trunk/reactos/ntoskrnl/se/luid.c
Modified: trunk/reactos/ntoskrnl/se/sd.c
Modified: trunk/reactos/ntoskrnl/se/sid.c
Modified: trunk/reactos/ntoskrnl/se/token.c
--- trunk/reactos/include/ntdll/rtl.h 2005-01-04 22:40:08 UTC (rev 12805)
+++ trunk/reactos/include/ntdll/rtl.h 2005-01-04 22:44:50 UTC (rev 12806)
@@ -193,6 +193,18 @@
VOID
);
+VOID
+STDCALL
+RtlpFreeDebugInfo(
+ PRTL_CRITICAL_SECTION_DEBUG DebugInfo
+);
+
+PRTL_CRITICAL_SECTION_DEBUG
+STDCALL
+RtlpAllocateDebugInfo(
+ VOID
+);
+
NTSTATUS STDCALL
RtlAddAccessAllowedAceEx (IN OUT PACL Acl,
IN ULONG Revision,
--- trunk/reactos/include/ntos/obtypes.h 2005-01-04 22:40:08 UTC (rev 12805)
+++ trunk/reactos/include/ntos/obtypes.h 2005-01-04 22:44:50 UTC (rev 12806)
@@ -83,8 +83,8 @@
HANDLE RootDirectory;
PUNICODE_STRING ObjectName;
ULONG Attributes;
- SECURITY_DESCRIPTOR *SecurityDescriptor;
- SECURITY_QUALITY_OF_SERVICE *SecurityQualityOfService;
+ PVOID SecurityDescriptor;
+ PVOID SecurityQualityOfService;
} OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES;
#endif /* __USE_W32API */
--- trunk/reactos/include/ntos/security.h 2005-01-04 22:40:08 UTC (rev 12805)
+++ trunk/reactos/include/ntos/security.h 2005-01-04 22:44:50 UTC (rev 12806)
@@ -74,6 +74,18 @@
#ifndef __USE_W32API
+#ifndef _MSC_VER
+#define SYSTEM_LUID {{ 0x3E7, 0x0 }}
+#define ANONYMOUS_LOGON_LUID {{ 0x3e6, 0x0 }}
+#define LOCALSERVICE_LUID {{ 0x3e5, 0x0 }}
+#define NETWORKSERVICE_LUID {{ 0x3e4, 0x0 }}
+#else
+#define SYSTEM_LUID { 0x3E7, 0x0 }
+#define ANONYMOUS_LOGON_LUID { 0x3e6, 0x0 }
+#define LOCALSERVICE_LUID { 0x3e5, 0x0 }
+#define NETWORKSERVICE_LUID { 0x3e4, 0x0 }
+#endif
+
/* SID Auhority */
#define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
#define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
@@ -227,8 +239,10 @@
UCHAR SubAuthorityCount;
SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
ULONG SubAuthority[1];
-} SID, *PSID;
+} SID, *PISID;
+typedef PVOID PSID;
+
typedef struct _ACL
{
UCHAR AclRevision;
--- trunk/reactos/lib/rtl/sid.c 2005-01-04 22:40:08 UTC (rev 12805)
+++ trunk/reactos/lib/rtl/sid.c 2005-01-04 22:44:50 UTC (rev 12806)
@@ -1,4 +1,4 @@
-/* $Id: sid.c,v 1.4 2004/07/12 19:39:29 ekohl Exp $
+/* $Id$
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
@@ -22,8 +22,10 @@
/* FUNCTIONS ***************************************************************/
BOOLEAN STDCALL
-RtlValidSid(IN PSID Sid)
+RtlValidSid(IN PSID Sid_)
{
+ PISID Sid = Sid_;
+
if ((Sid->Revision != SID_REVISION) ||
(Sid->SubAuthorityCount > SID_MAX_SUB_AUTHORITIES))
{
@@ -48,10 +50,12 @@
* @implemented
*/
NTSTATUS STDCALL
-RtlInitializeSid(IN PSID Sid,
+RtlInitializeSid(IN PSID Sid_,
IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
IN UCHAR SubAuthorityCount)
{
+ PISID Sid = Sid_;
+
Sid->Revision = SID_REVISION;
Sid->SubAuthorityCount = SubAuthorityCount;
memcpy(&Sid->IdentifierAuthority,
@@ -66,9 +70,11 @@
* @implemented
*/
PULONG STDCALL
-RtlSubAuthoritySid(IN PSID Sid,
+RtlSubAuthoritySid(IN PSID Sid_,
IN ULONG SubAuthority)
{
+ PISID Sid = Sid_;
+
return &Sid->SubAuthority[SubAuthority];
}
@@ -77,8 +83,10 @@
* @implemented
*/
PUCHAR STDCALL
-RtlSubAuthorityCountSid(IN PSID Sid)
+RtlSubAuthorityCountSid(IN PSID Sid_)
{
+ PISID Sid = Sid_;
+
return &Sid->SubAuthorityCount;
}
@@ -87,9 +95,12 @@
* @implemented
*/
BOOLEAN STDCALL
-RtlEqualSid(IN PSID Sid1,
- IN PSID Sid2)
+RtlEqualSid(IN PSID Sid1_,
+ IN PSID Sid2_)
{
+ PISID Sid1 = Sid1_;
+ PISID Sid2 = Sid2_;
+
if (Sid1->Revision != Sid2->Revision)
{
return(FALSE);
@@ -110,8 +121,10 @@
* @implemented
*/
ULONG STDCALL
-RtlLengthSid(IN PSID Sid)
+RtlLengthSid(IN PSID Sid_)
{
+ PISID Sid = Sid_;
+
return (sizeof(SID) + (Sid->SubAuthorityCount-1) * sizeof(ULONG));
}
@@ -180,8 +193,10 @@
* @implemented
*/
PSID_IDENTIFIER_AUTHORITY STDCALL
-RtlIdentifierAuthoritySid(IN PSID Sid)
+RtlIdentifierAuthoritySid(IN PSID Sid_)
{
+ PISID Sid = Sid_;
+
return &Sid->IdentifierAuthority;
}
@@ -202,7 +217,7 @@
ULONG SubAuthority7,
PSID *Sid)
{
- PSID pSid;
+ PISID pSid;
if (SubAuthorityCount > 8)
return STATUS_INVALID_SID;
@@ -267,9 +282,12 @@
* @implemented
*/
BOOLEAN STDCALL
-RtlEqualPrefixSid(IN PSID Sid1,
- IN PSID Sid2)
+RtlEqualPrefixSid(IN PSID Sid1_,
+ IN PSID Sid2_)
{
+ PISID Sid1 = Sid1_;
+ PISID Sid2 = Sid2_;
+
return(Sid1->SubAuthorityCount == Sid2->SubAuthorityCount &&
!RtlCompareMemory(Sid1, Sid2,
(Sid1->SubAuthorityCount - 1) * sizeof(DWORD) + 8));
@@ -281,13 +299,14 @@
*/
NTSTATUS STDCALL
RtlConvertSidToUnicodeString(PUNICODE_STRING String,
- PSID Sid,
+ PSID Sid_,
BOOLEAN AllocateBuffer)
{
WCHAR Buffer[256];
PWSTR wcs;
ULONG Length;
ULONG i;
+ PISID Sid = Sid_;
if (RtlValidSid (Sid) == FALSE)
return STATUS_INVALID_SID;
--- trunk/reactos/ntoskrnl/se/luid.c 2005-01-04 22:40:08 UTC (rev 12805)
+++ trunk/reactos/ntoskrnl/se/luid.c 2005-01-04 22:44:50 UTC (rev 12806)
@@ -1,4 +1,4 @@
-/* $Id: luid.c,v 1.10 2004/08/15 16:39:11 chorns Exp $
+/* $Id$
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
@@ -20,15 +20,15 @@
static LARGE_INTEGER LuidIncrement;
static LARGE_INTEGER LuidValue;
-#define SYSTEM_LUID 0x3E7;
-
/* FUNCTIONS *****************************************************************/
VOID INIT_FUNCTION
SepInitLuid(VOID)
{
+ LARGE_INTEGER DummyLuidValue = SYSTEM_LUID;
+
KeInitializeSpinLock(&LuidLock);
- LuidValue.QuadPart = SYSTEM_LUID;
+ LuidValue = DummyLuidValue;
LuidIncrement.QuadPart = 1;
}
--- trunk/reactos/ntoskrnl/se/sd.c 2005-01-04 22:40:08 UTC (rev 12805)
+++ trunk/reactos/ntoskrnl/se/sd.c 2005-01-04 22:44:50 UTC (rev 12806)
@@ -1,4 +1,4 @@
-/* $Id: sd.c,v 1.20 2004/08/15 16:39:12 chorns Exp $
+/* $Id$
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
@@ -319,7 +319,7 @@
IN PSECURITY_DESCRIPTOR SecurityDescriptor)
{
ULONG SdLength;
- PSID Sid;
+ PISID Sid;
PACL Acl;
if (Length < SECURITY_DESCRIPTOR_MIN_LENGTH)
@@ -355,7 +355,7 @@
return FALSE;
}
- Sid = (PSID)((ULONG_PTR)SecurityDescriptor + (ULONG_PTR)SecurityDescriptor->Owner);
+ Sid = (PISID)((ULONG_PTR)SecurityDescriptor + (ULONG_PTR)SecurityDescriptor->Owner);
if (Sid->Revision != SID_REVISION)
{
DPRINT1("Invalid Owner SID revision\n");
--- trunk/reactos/ntoskrnl/se/sid.c 2005-01-04 22:40:08 UTC (rev 12805)
+++ trunk/reactos/ntoskrnl/se/sid.c 2005-01-04 22:44:50 UTC (rev 12806)
@@ -1,4 +1,4 @@
-/* $Id: sid.c,v 1.16 2003/12/30 18:52:06 fireball Exp $
+/* $Id$
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
@@ -11,9 +11,9 @@
/* INCLUDES *****************************************************************/
-#include <ddk/ntddk.h>
-#include <internal/se.h>
+#include <ntoskrnl.h>
+#define NDEBUG
#include <internal/debug.h>
#define TAG_SID TAG('S', 'I', 'D', 'T')
@@ -467,230 +467,4 @@
return(TRUE);
}
-
-/*
- * @implemented
- */
-BOOLEAN STDCALL
-RtlValidSid(PSID Sid)
-{
- if ((Sid->Revision & 0xf) != 1)
- {
- return(FALSE);
- }
- if (Sid->SubAuthorityCount > 15)
- {
- return(FALSE);
- }
- return(TRUE);
-}
-
-
-/*
- * @implemented
- */
-ULONG STDCALL
-RtlLengthRequiredSid(UCHAR SubAuthorityCount)
-{
- return(sizeof(SID) + (SubAuthorityCount - 1) * sizeof(ULONG));
-}
-
-
-/*
- * @implemented
- */
-NTSTATUS STDCALL
-RtlInitializeSid(PSID Sid,
- PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
- UCHAR SubAuthorityCount)
-{
- Sid->Revision = 1;
- Sid->SubAuthorityCount = SubAuthorityCount;
- RtlCopyMemory(&Sid->IdentifierAuthority,
- IdentifierAuthority,
- sizeof(SID_IDENTIFIER_AUTHORITY));
- return(STATUS_SUCCESS);
-}
-
-
-/*
- * @implemented
- */
-PULONG STDCALL
-RtlSubAuthoritySid(PSID Sid,
- ULONG SubAuthority)
-{
- return(&Sid->SubAuthority[SubAuthority]);
-}
-
-
-/*
- * @implemented
- */
-PUCHAR STDCALL
-RtlSubAuthorityCountSid(PSID Sid)
-{
- return(&Sid->SubAuthorityCount);
-}
-
-
-/*
- * @implemented
- */
-BOOLEAN STDCALL
-RtlEqualSid(PSID Sid1,
- PSID Sid2)
-{
- if (Sid1->Revision != Sid2->Revision)
- {
- return(FALSE);
- }
- if ((*RtlSubAuthorityCountSid(Sid1)) !=
- (*RtlSubAuthorityCountSid(Sid2)))
- {
- return(FALSE);
- }
- if (memcmp(Sid1, Sid2, RtlLengthSid(Sid1)) != 0)
- {
- return(FALSE);
- }
- return(TRUE);
-}
-
-
-/*
- * @implemented
- */
-ULONG STDCALL
-RtlLengthSid(PSID Sid)
-{
- return(sizeof(SID) + (Sid->SubAuthorityCount-1)*4);
-}
-
-
-/*
- * @implemented
- */
-NTSTATUS STDCALL
-RtlCopySid(ULONG BufferLength,
- PSID Dest,
- PSID Src)
-{
- if (BufferLength < RtlLengthSid(Src))
- {
- return(STATUS_UNSUCCESSFUL);
- }
- memmove(Dest, Src, RtlLengthSid(Src));
- return(STATUS_SUCCESS);
-}
-
-
-NTSTATUS STDCALL
-RtlCopySidAndAttributesArray(ULONG Count,
- PSID_AND_ATTRIBUTES Src,
- ULONG SidAreaSize,
- PSID_AND_ATTRIBUTES Dest,
- PVOID SidArea,
- PVOID* RemainingSidArea,
- PULONG RemainingSidAreaSize)
-{
- ULONG Length;
- ULONG i;
-
- Length = SidAreaSize;
-
- for (i=0; i<Count; i++)
- {
- if (RtlLengthSid(Src[i].Sid) > Length)
- {
- return(STATUS_BUFFER_TOO_SMALL);
- }
- Length = Length - RtlLengthSid(Src[i].Sid);
- Dest[i].Sid = SidArea;
- Dest[i].Attributes = Src[i].Attributes;
- RtlCopySid(RtlLengthSid(Src[i].Sid), SidArea, Src[i].Sid);
- SidArea = (char*)SidArea + RtlLengthSid(Src[i].Sid);
- }
- *RemainingSidArea = SidArea;
- *RemainingSidAreaSize = Length;
- return(STATUS_SUCCESS);
-}
-
-
-/*
- * @implemented
- */
-NTSTATUS STDCALL
-RtlConvertSidToUnicodeString(PUNICODE_STRING String,
- PSID Sid,
- BOOLEAN AllocateString)
-{
- WCHAR Buffer[256];
- PWSTR Ptr;
- ULONG Length;
- ULONG i;
-
- if (!RtlValidSid(Sid))
- return STATUS_INVALID_SID;
-
- Ptr = Buffer;
- Ptr += swprintf (Ptr,
- L"S-%u-",
- Sid->Revision);
-
- if(!Sid->IdentifierAuthority.Value[0] &&
- !Sid->IdentifierAuthority.Value[1])
- {
- Ptr += swprintf(Ptr,
- L"%u",
- (ULONG)Sid->IdentifierAuthority.Value[2] << 24 |
- (ULONG)Sid->IdentifierAuthority.Value[3] << 16 |
- (ULONG)Sid->IdentifierAuthority.Value[4] << 8 |
- (ULONG)Sid->IdentifierAuthority.Value[5]);
- }
- else
- {
- Ptr += swprintf(Ptr,
- L"0x%02hx%02hx%02hx%02hx%02hx%02hx",
- Sid->IdentifierAuthority.Value[0],
- Sid->IdentifierAuthority.Value[1],
- Sid->IdentifierAuthority.Value[2],
- Sid->IdentifierAuthority.Value[3],
- Sid->IdentifierAuthority.Value[4],
- Sid->IdentifierAuthority.Value[5]);
- }
-
- for (i = 0; i < Sid->SubAuthorityCount; i++)
- {
- Ptr += swprintf(Ptr,
- L"-%u",
- Sid->SubAuthority[i]);
- }
-
- Length = (Ptr - Buffer) * sizeof(WCHAR);
-
- if (AllocateString)
- {
- String->Buffer = ExAllocatePool(NonPagedPool,
- Length + sizeof(WCHAR));
- if (String->Buffer == NULL)
- return STATUS_NO_MEMORY;
-
- String->MaximumLength = Length + sizeof(WCHAR);
- }
- else
- {
- if (Length > String->MaximumLength)
- return STATUS_BUFFER_TOO_SMALL;
- }
- String->Length = Length;
- memmove(String->Buffer,
- Buffer,
- Length);
- if (Length < String->MaximumLength)
- String->Buffer[Length/sizeof(WCHAR)] = 0;
-
- return STATUS_SUCCESS;
-}
-
/* EOF */
--- trunk/reactos/ntoskrnl/se/token.c 2005-01-04 22:40:08 UTC (rev 12805)
+++ trunk/reactos/ntoskrnl/se/token.c 2005-01-04 22:44:50 UTC (rev 12806)
@@ -11,13 +11,7 @@
/* INCLUDES *****************************************************************/
-#include <limits.h>
-#define NTOS_MODE_KERNEL
-#include <ntos.h>
-#include <internal/ob.h>
-#include <internal/ps.h>
-#include <internal/se.h>
-#include <internal/safe.h>
+#include <ntoskrnl.h>
#define NDEBUG
#include <internal/debug.h>
@@ -31,8 +25,6 @@
TOKEN_EXECUTE,
TOKEN_ALL_ACCESS};
-//#define SYSTEM_LUID 0x3E7;
-
/* FUNCTIONS *****************************************************************/
VOID SepFreeProxyData(PVOID ProxyData)
@@ -1028,6 +1020,7 @@
* NOTE: Some sources claim 4th param is ImpersonationLevel, but on W2K
* this is certainly NOT true, thou i can't say for sure that EffectiveOnly
* is correct either. -Gunnar
+ * This is true. EffectiveOnly overrides SQOS.EffectiveOnly. - IAI
*/
NTSTATUS STDCALL
NtDuplicateToken(IN HANDLE ExistingTokenHandle,
@@ -1060,7 +1053,7 @@
EffectiveOnly,
TokenType,
ObjectAttributes->SecurityQualityOfService ?
- ObjectAttributes->SecurityQualityOfService->ImpersonationLevel :
+ ((PSECURITY_QUALITY_OF_SERVICE)(ObjectAttributes->SecurityQualityOfService))->ImpersonationLevel :
0 /*SecurityAnonymous*/,
PreviousMode,
&NewToken);
@@ -1645,7 +1638,8 @@
AccessToken->Privileges = 0;
AccessToken->TokenType = TokenType;
- AccessToken->ImpersonationLevel = ObjectAttributes->SecurityQualityOfService->ImpersonationLevel;
+ AccessToken->ImpersonationLevel = ((PSECURITY_QUALITY_OF_SERVICE)
+ (ObjectAttributes->SecurityQualityOfService))->ImpersonationLevel;
/*
* Normally we would just point these members into the variable information