Implement RtlGetSecurityDescriptorRMControl, RtlSetSecurityDescriptorRMControl, SetSecurityDescriptorControl, GetSecurityDescriptorRMControl and SetSecurityDescriptorRMControl. Modified: trunk/reactos/include/ddk/setypes.h Modified: trunk/reactos/include/ntos/rtl.h Modified: trunk/reactos/include/ntos/security.h Modified: trunk/reactos/lib/advapi32/advapi32.def Modified: trunk/reactos/lib/advapi32/sec/sec.c Modified: trunk/reactos/lib/ntdll/def/ntdll.def Modified: trunk/reactos/lib/rtl/sd.c Modified: trunk/reactos/w32api/include/winbase.h _____ Modified: trunk/reactos/include/ddk/setypes.h --- trunk/reactos/include/ddk/setypes.h 2005-02-11 12:06:29 UTC (rev 13492) +++ trunk/reactos/include/ddk/setypes.h 2005-02-11 15:52:38 UTC (rev 13493) @@ -50,22 +50,23 @@ #define FAILED_ACCESS_ACE_FLAG (0x80) /* SECURITY_DESCRIPTOR_CONTROL */ -#define SECURITY_DESCRIPTOR_REVISION (1) -#define SECURITY_DESCRIPTOR_REVISION1 (1) -#define SECURITY_DESCRIPTOR_MIN_LENGTH (20) -#define SE_OWNER_DEFAULTED (1) -#define SE_GROUP_DEFAULTED (2) -#define SE_DACL_PRESENT (4) -#define SE_DACL_DEFAULTED (8) -#define SE_SACL_PRESENT (16) -#define SE_SACL_DEFAULTED (32) -#define SE_SELF_RELATIVE (32768) +#define SECURITY_DESCRIPTOR_REVISION (1) +#define SECURITY_DESCRIPTOR_REVISION1 (1) +#define SECURITY_DESCRIPTOR_MIN_LENGTH (20) +#define SE_OWNER_DEFAULTED (0x0001) +#define SE_GROUP_DEFAULTED (0x0002) +#define SE_DACL_PRESENT (0x0004) +#define SE_DACL_DEFAULTED (0x0008) +#define SE_SACL_PRESENT (0x0010) +#define SE_SACL_DEFAULTED (0x0020) +#define SE_RM_CONTROL_VALID (0x4000) +#define SE_SELF_RELATIVE (0x8000) /* PRIVILEGE_SET */ -#define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x1L) -#define SE_PRIVILEGE_ENABLED (0x2L) -#define SE_PRIVILEGE_USED_FOR_ACCESS (0x80000000L) -#define PRIVILEGE_SET_ALL_NECESSARY (0x1) +#define SE_PRIVILEGE_ENABLED_BY_DEFAULT (0x1L) +#define SE_PRIVILEGE_ENABLED (0x2L) +#define SE_PRIVILEGE_USED_FOR_ACCESS (0x80000000L) +#define PRIVILEGE_SET_ALL_NECESSARY (0x1) /* SID */ #define SID_REVISION (1) _____ Modified: trunk/reactos/include/ntos/rtl.h --- trunk/reactos/include/ntos/rtl.h 2005-02-11 12:06:29 UTC (rev 13492) +++ trunk/reactos/include/ntos/rtl.h 2005-02-11 15:52:38 UTC (rev 13493) @@ -1337,6 +1337,10 @@ PACL* Sacl, PBOOLEAN SaclDefaulted); +BOOLEAN STDCALL +RtlGetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor, + PUCHAR RMControl); + NTSTATUS STDCALL RtlGetSetBootStatusData( @@ -2321,6 +2325,10 @@ PACL Sacl, BOOLEAN SaclDefaulted); +VOID STDCALL +RtlSetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor, + PUCHAR RMControl); + NTSTATUS STDCALL RtlSetInformationAcl (PACL Acl, PVOID Information, _____ Modified: trunk/reactos/include/ntos/security.h --- trunk/reactos/include/ntos/security.h 2005-02-11 12:06:29 UTC (rev 13492) +++ trunk/reactos/include/ntos/security.h 2005-02-11 15:52:38 UTC (rev 13493) @@ -36,13 +36,14 @@ /* Security descriptor control. */ #define SECURITY_DESCRIPTOR_REVISION (1) #define SECURITY_DESCRIPTOR_MIN_LENGTH (20) -#define SE_OWNER_DEFAULTED (1) -#define SE_GROUP_DEFAULTED (2) -#define SE_DACL_PRESENT (4) -#define SE_DACL_DEFAULTED (8) -#define SE_SACL_PRESENT (16) -#define SE_SACL_DEFAULTED (32) -#define SE_SELF_RELATIVE (32768) +#define SE_OWNER_DEFAULTED (0x0001) +#define SE_GROUP_DEFAULTED (0x0002) +#define SE_DACL_PRESENT (0x0004) +#define SE_DACL_DEFAULTED (0x0008) +#define SE_SACL_PRESENT (0x0010) +#define SE_SACL_DEFAULTED (0x0020) +#define SE_RM_CONTROL_VALID (0x4000) +#define SE_SELF_RELATIVE (0x8000) #endif /* This is defined in the Win 32 API headers as something else: */ _____ Modified: trunk/reactos/lib/advapi32/advapi32.def --- trunk/reactos/lib/advapi32/advapi32.def 2005-02-11 12:06:29 UTC (rev 13492) +++ trunk/reactos/lib/advapi32/advapi32.def 2005-02-11 15:52:38 UTC (rev 13493) @@ -54,7 +54,7 @@ ConvertSidToStringSidA@8 ConvertSidToStringSidW@8 CopySid@12 -;CreatePrivateObjectSecurity@24 +CreatePrivateObjectSecurity@24 CreateProcessAsUserA@44 CreateProcessAsUserW@44 CreateServiceA@52 @@ -93,7 +93,7 @@ ;DenyAccessRightsA ;DenyAccessRightsW DeregisterEventSource@4 -;DestroyPrivateObjectSecurity@4 +DestroyPrivateObjectSecurity@4 DuplicateToken@12 DuplicateTokenEx@24 ;ElfBackupEventLogFileA@8 @@ -157,7 +157,7 @@ GetNamedSecurityInfoW@32 GetNumberOfEventLogRecords@8 GetOldestEventLogRecord@8 -;GetPrivateObjectSecurity@20 +GetPrivateObjectSecurity@20 GetSecurityDescriptorControl@12 GetSecurityDescriptorDacl@16 GetSecurityDescriptorGroup@12 @@ -379,7 +379,8 @@ SetKernelObjectSecurity@12 SetNamedSecurityInfoA@28 SetNamedSecurityInfoW@28 -;SetPrivateObjectSecurity@20 +SetPrivateObjectSecurity@20 +SetSecurityDescriptorControl@12 SetSecurityDescriptorDacl@16 SetSecurityDescriptorGroup@12 SetSecurityDescriptorOwner@12 _____ Modified: trunk/reactos/lib/advapi32/sec/sec.c --- trunk/reactos/lib/advapi32/sec/sec.c 2005-02-11 12:06:29 UTC (rev 13492) +++ trunk/reactos/lib/advapi32/sec/sec.c 2005-02-11 15:52:38 UTC (rev 13493) @@ -124,7 +124,7 @@ PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pOwner, LPBOOL lpbOwnerDefaulted -) + ) { BOOLEAN OwnerDefaulted; NTSTATUS Status; @@ -147,6 +147,23 @@ /* * @implemented */ +DWORD +STDCALL +GetSecurityDescriptorRMControl ( + PSECURITY_DESCRIPTOR SecurityDescriptor, + PUCHAR RMControl) +{ + if (!RtlGetSecurityDescriptorRMControl(SecurityDescriptor, + RMControl)) + return ERROR_INVALID_DATA; + + return ERROR_SUCCESS; +} + + +/* + * @implemented + */ BOOL STDCALL GetSecurityDescriptorSacl ( @@ -293,6 +310,31 @@ */ BOOL STDCALL +SetSecurityDescriptorControl ( + PSECURITY_DESCRIPTOR pSecurityDescriptor, + SECURITY_DESCRIPTOR_CONTROL ControlBitsOfInterest, + SECURITY_DESCRIPTOR_CONTROL ControlBitsToSet) +{ + NTSTATUS Status; + + Status = RtlSetControlSecurityDescriptor(pSecurityDescriptor, + ControlBitsOfInterest, + ControlBitsToSet); + if (!NT_SUCCESS(Status)) + { + SetLastError (RtlNtStatusToDosError (Status)); + return FALSE; + } + + return TRUE; +} + + +/* + * @implemented + */ +BOOL +STDCALL SetSecurityDescriptorDacl ( PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, @@ -371,6 +413,22 @@ /* * @implemented */ +DWORD +STDCALL +SetSecurityDescriptorRMControl ( + PSECURITY_DESCRIPTOR SecurityDescriptor, + PUCHAR RMControl) +{ + RtlSetSecurityDescriptorRMControl(SecurityDescriptor, + RMControl); + + return ERROR_SUCCESS; +} + + +/* + * @implemented + */ BOOL STDCALL SetSecurityDescriptorSacl ( _____ Modified: trunk/reactos/lib/ntdll/def/ntdll.def --- trunk/reactos/lib/ntdll/def/ntdll.def 2005-02-11 12:06:29 UTC (rev 13492) +++ trunk/reactos/lib/ntdll/def/ntdll.def 2005-02-11 15:52:38 UTC (rev 13493) @@ -369,8 +369,6 @@ RtlDeleteAce@8 RtlDeleteAtomFromAtomTable@8 RtlDeleteCriticalSection@4 -RtlDuplicateUnicodeString@12 -RtlSetCriticalSectionSpinCount@8 ;RtlDeleteElementGenericTable ;RtlDeleteNoSplay RtlDeleteOwnersRanges@8 @@ -394,6 +392,7 @@ RtlDowncaseUnicodeChar@4 RtlDowncaseUnicodeString@12 RtlDumpResource@4 +RtlDuplicateUnicodeString@12 RtlEmptyAtomTable@8 RtlEnlargedIntegerMultiply@8 RtlEnlargedUnsignedDivide@16 @@ -462,6 +461,7 @@ RtlGetOwnerSecurityDescriptor@12 RtlGetProcessHeaps@8 RtlGetSaclSecurityDescriptor@16 +RtlGetSecurityDescriptorRMControl@8 ;RtlGetUserInfoHeap RtlGetVersion@4 RtlIdentifierAuthoritySid@4 @@ -586,6 +586,7 @@ ;RtlSetAttributesSecurityDescriptor RtlSetBits@12 RtlSetControlSecurityDescriptor@12 +RtlSetCriticalSectionSpinCount@8 RtlSetCurrentDirectory_U@4 RtlSetCurrentEnvironment@8 RtlSetDaclSecurityDescriptor@16 @@ -594,6 +595,7 @@ RtlSetInformationAcl@16 RtlSetOwnerSecurityDescriptor@12 RtlSetSaclSecurityDescriptor@16 +RtlSetSecurityDescriptorRMControl@8 ;RtlSetSecurityObject RtlSetTimeZoneInformation@4 ;RtlSetUnicodeCallouts _____ Modified: trunk/reactos/lib/rtl/sd.c --- trunk/reactos/lib/rtl/sd.c 2005-02-11 12:06:29 UTC (rev 13492) +++ trunk/reactos/lib/rtl/sd.c 2005-02-11 15:52:38 UTC (rev 13493) @@ -789,8 +789,8 @@ /* -* @unimplemented -*/ + * @unimplemented + */ NTSTATUS STDCALL RtlSelfRelativeToAbsoluteSD2(PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor, PULONG BufferSize) @@ -870,4 +870,43 @@ return TRUE; } + +/* + * @implemented + */ +BOOLEAN STDCALL +RtlGetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor, + PUCHAR RMControl) +{ + if (!(SecurityDescriptor->Control & SE_RM_CONTROL_VALID)) + { + *RMControl = 0; + return FALSE; + } + + *RMControl = SecurityDescriptor->Sbz1; + + return TRUE; +} + + +/* + * @implemented + */ +VOID STDCALL +RtlSetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR SecurityDescriptor, + PUCHAR RMControl) +{ + if (RMControl == NULL) + { + SecurityDescriptor->Control &= ~SE_RM_CONTROL_VALID; + SecurityDescriptor->Sbz1 = 0; + } + else + { + SecurityDescriptor->Control |= SE_RM_CONTROL_VALID; + SecurityDescriptor->Sbz1 = *RMControl; + } +} + /* EOF */ _____ Modified: trunk/reactos/w32api/include/winbase.h --- trunk/reactos/w32api/include/winbase.h 2005-02-11 12:06:29 UTC (rev 13492) +++ trunk/reactos/w32api/include/winbase.h 2005-02-11 15:52:38 UTC (rev 13493) @@ -1457,6 +1457,7 @@ BOOL WINAPI GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR,PSID*,LPBOOL); DWORD WINAPI GetSecurityDescriptorLength(PSECURITY_DESCRIPTOR); BOOL WINAPI GetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR,PSID*,LPBOOL); +DWORD WINAPI GetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR,PUCHAR); BOOL WINAPI GetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR,LPBOOL,PACL*,LPBOOL); DWORD WINAPI GetShortPathNameA(LPCSTR,LPSTR,DWORD); DWORD WINAPI GetShortPathNameW(LPCWSTR,LPWSTR,DWORD); @@ -1835,6 +1836,7 @@ BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR,BOOL,PACL,BOOL); BOOL WINAPI SetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR,PSID,BOOL); BOOL WINAPI SetSecurityDescriptorOwner(PSECURITY_DESCRIPTOR,PSID,BOOL); +DWORD WINAPI SetSecurityDescriptorRMControl(PSECURITY_DESCRIPTOR,PUCHAR); BOOL WINAPI SetSecurityDescriptorSacl(PSECURITY_DESCRIPTOR,BOOL,PACL,BOOL); BOOL WINAPI SetStdHandle(DWORD,HANDLE); #define SetSwapAreaSize(w) (w)