27 Sep
2012
27 Sep
'12
9:57 a.m.
Author: ekohl
Date: Thu Sep 27 09:57:43 2012
New Revision: 57398
URL: http://svn.reactos.org/svn/reactos?rev=57398&view=rev
Log:
[ADVAPI32]
Implement LsaQuerySecurityObject and LsaSetSecurityObject.
Modified:
trunk/reactos/dll/win32/advapi32/advapi32.spec
trunk/reactos/dll/win32/advapi32/sec/lsa.c
trunk/reactos/include/psdk/ntsecapi.h
Modified: trunk/reactos/dll/win32/advapi32/advapi32.spec
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/advapi3…
==============================================================================
--- trunk/reactos/dll/win32/advapi32/advapi32.spec [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/advapi32/advapi32.spec [iso-8859-1] Thu Sep 27 09:57:43 2012
@@ -388,7 +388,7 @@
@ stdcall LsaQueryInfoTrustedDomain(long long long)
@ stdcall LsaQueryInformationPolicy(ptr long ptr)
@ stdcall LsaQuerySecret(ptr ptr ptr ptr ptr)
-@ stub LsaQuerySecurityObject
+@ stdcall LsaQuerySecurityObject(ptr long ptr)
@ stdcall LsaQueryTrustedDomainInfo(ptr ptr long ptr)
@ stdcall LsaQueryTrustedDomainInfoByName(ptr ptr long ptr)
@ stdcall LsaRegisterPolicyChangeNotification(long long)
@@ -401,7 +401,7 @@
@ stub LsaSetInformationTrustedDomain
@ stdcall LsaSetQuotasForAccount(ptr ptr)
@ stdcall LsaSetSecret(ptr ptr ptr)
-@ stub LsaSetSecurityObject
+@ stdcall LsaSetSecurityObject(ptr long ptr)
@ stdcall LsaSetSystemAccessAccount(ptr long)
@ stdcall LsaSetTrustedDomainInfoByName(ptr ptr long ptr)
@ stdcall LsaSetTrustedDomainInformation(ptr ptr long ptr)
Modified: trunk/reactos/dll/win32/advapi32/sec/lsa.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/sec/lsa…
==============================================================================
--- trunk/reactos/dll/win32/advapi32/sec/lsa.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/advapi32/sec/lsa.c [iso-8859-1] Thu Sep 27 09:57:43 2012
@@ -1381,6 +1381,51 @@
/*
+ * @implemented
+ */
+NTSTATUS
+WINAPI
+LsaQuerySecurityObject(IN LSA_HANDLE ObjectHandle,
+ IN SECURITY_INFORMATION SecurityInformation,
+ OUT PSECURITY_DESCRIPTOR *SecurityDescriptor)
+{
+ LSAPR_SR_SECURITY_DESCRIPTOR SdBuffer;
+ PLSAPR_SR_SECURITY_DESCRIPTOR SdPointer;
+ NTSTATUS Status;
+
+ TRACE("LsaQuerySecurityObject(%p %lx %p)\n",
+ ObjectHandle, SecurityInformation, SecurityDescriptor);
+
+ SdBuffer.Length = 0;
+ SdBuffer.SecurityDescriptor = NULL;
+
+ SdPointer = &SdBuffer;
+
+ RpcTryExcept
+ {
+ Status = LsarQuerySecurityObject((LSAPR_HANDLE)ObjectHandle,
+ SecurityInformation,
+ &SdPointer);
+ if (NT_SUCCESS(Status))
+ {
+ *SecurityDescriptor = SdBuffer.SecurityDescriptor;
+ }
+ else
+ {
+ *SecurityDescriptor = NULL;
+ }
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+ return Status;
+}
+
+
+/*
* @unimplemented
*/
NTSTATUS
@@ -1666,6 +1711,60 @@
*/
NTSTATUS
WINAPI
+LsaSetSecurityObject(IN LSA_HANDLE ObjectHandle,
+ IN SECURITY_INFORMATION SecurityInformation,
+ IN PSECURITY_DESCRIPTOR SecurityDescriptor)
+{
+ LSAPR_SR_SECURITY_DESCRIPTOR SdBuffer = {0, NULL};
+ ULONG SdLength = 0;
+ NTSTATUS Status;
+
+ TRACE("LsaSetSecurityObject(%p %lx %p)\n",
+ ObjectHandle, SecurityInformation, SecurityDescriptor);
+
+ Status = RtlMakeSelfRelativeSD(SecurityDescriptor,
+ NULL,
+ &SdLength);
+ if (Status != STATUS_BUFFER_TOO_SMALL)
+ return STATUS_INVALID_PARAMETER;
+
+ SdBuffer.SecurityDescriptor = MIDL_user_allocate(SdLength);
+ if (SdBuffer.SecurityDescriptor == NULL)
+ return STATUS_INSUFFICIENT_RESOURCES;
+
+ Status = RtlMakeSelfRelativeSD(SecurityDescriptor,
+ (PSECURITY_DESCRIPTOR)SdBuffer.SecurityDescriptor,
+ &SdLength);
+ if (!NT_SUCCESS(Status))
+ goto done;
+
+ SdBuffer.Length = SdLength;
+
+ RpcTryExcept
+ {
+ Status = LsarSetSecurityObject((LSAPR_HANDLE)ObjectHandle,
+ SecurityInformation,
+ &SdBuffer);
+ }
+ RpcExcept(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = I_RpcMapWin32Status(RpcExceptionCode());
+ }
+ RpcEndExcept;
+
+done:
+ if (SdBuffer.SecurityDescriptor != NULL)
+ MIDL_user_free(SdBuffer.SecurityDescriptor);
+
+ return Status;
+}
+
+
+/*
+ * @implemented
+ */
+NTSTATUS
+WINAPI
LsaSetSystemAccessAccount(IN LSA_HANDLE AccountHandle,
IN ULONG SystemAccess)
{
Modified: trunk/reactos/include/psdk/ntsecapi.h
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/include/psdk/ntsecapi.h?re…
==============================================================================
--- trunk/reactos/include/psdk/ntsecapi.h [iso-8859-1] (original)
+++ trunk/reactos/include/psdk/ntsecapi.h [iso-8859-1] Thu Sep 27 09:57:43 2012
@@ -709,6 +709,7 @@
NTSTATUS NTAPI LsaOpenPolicy(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,
ACCESS_MASK,PLSA_HANDLE);
NTSTATUS NTAPI LsaOpenSecret(LSA_HANDLE, PLSA_UNICODE_STRING, ACCESS_MASK, PLSA_HANDLE);
+NTSTATUS NTAPI
LsaQuerySecurityObject(LSA_HANDLE,SECURITY_INFORMATION,PSECURITY_DESCRIPTOR*);
NTSTATUS NTAPI LsaOpenTrustedDomain(LSA_HANDLE,PSID,ACCESS_MASK,PLSA_HANDLE);
NTSTATUS NTAPI LsaOpenTrustedDomainByName(LSA_HANDLE,PLSA_UNICODE_STRING,
ACCESS_MASK,PLSA_HANDLE);
@@ -728,9 +729,10 @@
PLSA_UNICODE_STRING*);
NTSTATUS NTAPI LsaSetDomainInformationPolicy(LSA_HANDLE,
POLICY_DOMAIN_INFORMATION_CLASS,PVOID);
-NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS, PVOID);
+NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID);
NTSTATUS NTAPI LsaSetQuotasForAccount(LSA_HANDLE,PQUOTA_LIMITS);
NTSTATUS NTAPI LsaSetSecret(LSA_HANDLE,PLSA_UNICODE_STRING,PLSA_UNICODE_STRING);
+NTSTATUS NTAPI
LsaSetSecurityObject(LSA_HANDLE,SECURITY_INFORMATION,PSECURITY_DESCRIPTOR);
NTSTATUS NTAPI LsaSetSystemAccessAccount(LSA_HANDLE,ULONG);
NTSTATUS NTAPI LsaSetTrustedDomainInformation(LSA_HANDLE,PSID,
TRUSTED_INFORMATION_CLASS,PVOID);
@@ -740,7 +742,7 @@
PLSA_UNICODE_STRING);
typedef NTSTATUS (NTAPI *PSAM_PASSWORD_NOTIFICATION_ROUTINE)(PUNICODE_STRING,
ULONG,PUNICODE_STRING);
-typedef BOOLEAN (NTAPI *PSAM_INIT_NOTIFICATION_ROUTINE)(void);
+typedef BOOLEAN (NTAPI *PSAM_INIT_NOTIFICATION_ROUTINE)(VOID);
typedef BOOLEAN (NTAPI *PSAM_PASSWORD_FILTER_ROUTINE)(PUNICODE_STRING,PUNICODE_STRING,
PUNICODE_STRING,BOOLEAN);
#ifdef __cplusplus