[ion] 57481: [RTL]: Add all the missing Rtl*Security*Object APIs and put them all in security.c. Move privilege functions into a new file, priv.c. No functional/code changes, just more stubs/export...
4 Oct
2012
4 Oct
'12
6:48 p.m.
Author: ion
Date: Thu Oct 4 18:48:15 2012
New Revision: 57481
URL: http://svn.reactos.org/svn/reactos?rev=57481&view=rev
Log:
[RTL]: Add all the missing Rtl*Security*Object APIs and put them all in security.c. Move
privilege functions into a new file, priv.c. No functional/code changes, just more
stubs/exports and moving things around.
Added:
trunk/reactos/lib/rtl/priv.c (with props)
Modified:
trunk/reactos/dll/ntdll/def/ntdll.spec
trunk/reactos/lib/rtl/CMakeLists.txt
trunk/reactos/lib/rtl/security.c
Modified: trunk/reactos/dll/ntdll/def/ntdll.spec
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/ntdll/def/ntdll.spec?r…
==============================================================================
--- trunk/reactos/dll/ntdll/def/ntdll.spec [iso-8859-1] (original)
+++ trunk/reactos/dll/ntdll/def/ntdll.spec [iso-8859-1] Thu Oct 4 18:48:15 2012
@@ -491,7 +491,7 @@
;@ stdcall RtlConvertPropertyToVariant
@ stdcall RtlConvertSharedToExclusive(ptr)
@ stdcall RtlConvertSidToUnicodeString(ptr ptr long)
-;@ stdcall RtlConvertToAutoInheritSecurityObject
+@ stdcall RtlConvertToAutoInheritSecurityObject(ptr ptr ptr ptr long ptr)
;@ stdcall RtlConvertUiListToApiList
@ stdcall -arch=win32 -ret64 RtlConvertUlongToLargeInteger(long)
;@ stdcall RtlConvertVariantToProperty
@@ -525,7 +525,7 @@
@ stdcall RtlCreateUnicodeString(ptr wstr)
@ stdcall RtlCreateUnicodeStringFromAsciiz(ptr str)
@ stdcall RtlCreateUserProcess(ptr long ptr ptr ptr ptr long ptr ptr ptr)
-;@ stdcall RtlCreateUserSecurityObject
+@ stdcall RtlCreateUserSecurityObject(ptr long ptr ptr long ptr ptr)
@ stdcall RtlCreateUserThread(long ptr long ptr long long ptr ptr ptr ptr)
@ stdcall RtlCustomCPToUnicodeN(ptr wstr long ptr str long)
@ stdcall RtlCutoverTimeToSystemTime(ptr ptr ptr long)
@@ -788,11 +788,11 @@
;@ stdcall RtlMultiAppendUnicodeStringBuffer
@ stdcall RtlMultiByteToUnicodeN(ptr long ptr ptr long)
@ stdcall RtlMultiByteToUnicodeSize(ptr str long)
-;@ stdcall RtlNewInstanceSecurityObject
-;@ stdcall RtlNewSecurityGrantedAccess
+@ stdcall RtlNewInstanceSecurityObject(long long ptr ptr ptr ptr ptr long ptr ptr)
+@ stdcall RtlNewSecurityGrantedAccess(long ptr ptr ptr ptr ptr)
@ stdcall RtlNewSecurityObject(ptr ptr ptr long ptr ptr)
-;@ stdcall RtlNewSecurityObjectEx
-;@ stdcall RtlNewSecurityObjectWithMultipleInheritance
+@ stdcall RtlNewSecurityObjectEx(ptr ptr ptr ptr long long ptr ptr)
+@ stdcall RtlNewSecurityObjectWithMultipleInheritance(ptr ptr ptr ptr long long long ptr
ptr)
@ stdcall RtlNormalizeProcessParams(ptr)
@ stdcall RtlNtPathNameToDosPathName(ptr ptr ptr ptr) ; CHECKME
@ stdcall RtlNtStatusToDosError(long)
@@ -893,7 +893,7 @@
@ stdcall RtlSetSaclSecurityDescriptor(ptr long ptr long)
@ stdcall RtlSetSecurityDescriptorRMControl(ptr ptr)
@ stdcall RtlSetSecurityObject(long ptr ptr ptr ptr)
-;@ stdcall RtlSetSecurityObjectEx
+@ stdcall RtlSetSecurityObjectEx(long ptr ptr long ptr ptr)
@ stdcall RtlSetThreadErrorMode(long ptr)
@ stdcall RtlSetThreadIsCritical(long ptr long)
@ stdcall RtlSetThreadPoolStartFunc(ptr ptr)
Modified: trunk/reactos/lib/rtl/CMakeLists.txt
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/lib/rtl/CMakeLists.txt?rev…
==============================================================================
--- trunk/reactos/lib/rtl/CMakeLists.txt [iso-8859-1] (original)
+++ trunk/reactos/lib/rtl/CMakeLists.txt [iso-8859-1] Thu Oct 4 18:48:15 2012
@@ -39,6 +39,7 @@
nls.c
path.c
ppb.c
+ priv.c
process.c
propvar.c
random.c
Added: trunk/reactos/lib/rtl/priv.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/lib/rtl/priv.c?rev=57481&a…
==============================================================================
--- trunk/reactos/lib/rtl/priv.c (added)
+++ trunk/reactos/lib/rtl/priv.c [iso-8859-1] Thu Oct 4 18:48:15 2012
@@ -1,0 +1,185 @@
+/*
+ * COPYRIGHT: See COPYING in the top level directory
+ * PROJECT: ReactOS system libraries
+ * FILE: lib/rtl/priv.c
+ * PURPOSE: Security related functions and Security Objects
+ * PROGRAMMER: Eric Kohl
+ */
+
+/* INCLUDES *****************************************************************/
+
+#include <rtl.h>
+
+#define NDEBUG
+#include <debug.h>
+
+/* FUNCTIONS ***************************************************************/
+
+/*
+ * @implemented
+ */
+NTSTATUS
+NTAPI
+RtlImpersonateSelf(IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
+{
+ HANDLE ProcessToken;
+ HANDLE ImpersonationToken;
+ NTSTATUS Status;
+ OBJECT_ATTRIBUTES ObjAttr;
+ SECURITY_QUALITY_OF_SERVICE Sqos;
+
+ PAGED_CODE_RTL();
+
+ Status = ZwOpenProcessToken(NtCurrentProcess(),
+ TOKEN_DUPLICATE,
+ &ProcessToken);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("NtOpenProcessToken() failed (Status %lx)\n", Status);
+ return Status;
+ }
+
+ Sqos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
+ Sqos.ImpersonationLevel = ImpersonationLevel;
+ Sqos.ContextTrackingMode = 0;
+ Sqos.EffectiveOnly = FALSE;
+
+ InitializeObjectAttributes(&ObjAttr,
+ NULL,
+ 0,
+ NULL,
+ NULL);
+
+ ObjAttr.SecurityQualityOfService = &Sqos;
+
+ Status = ZwDuplicateToken(ProcessToken,
+ TOKEN_IMPERSONATE,
+ &ObjAttr,
+ Sqos.EffectiveOnly, /* why both here _and_ in Sqos? */
+ TokenImpersonation,
+ &ImpersonationToken);
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("NtDuplicateToken() failed (Status %lx)\n", Status);
+ NtClose(ProcessToken);
+ return Status;
+ }
+
+ Status = ZwSetInformationThread(NtCurrentThread(),
+ ThreadImpersonationToken,
+ &ImpersonationToken,
+ sizeof(HANDLE));
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("NtSetInformationThread() failed (Status %lx)\n", Status);
+ }
+
+ ZwClose(ImpersonationToken);
+ ZwClose(ProcessToken);
+
+ return Status;
+}
+
+/*
+ * @unimplemented
+ */
+NTSTATUS
+NTAPI
+RtlAcquirePrivilege(IN PULONG Privilege,
+ IN ULONG NumPriv,
+ IN ULONG Flags,
+ OUT PVOID *ReturnedState)
+{
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
+}
+
+/*
+ * @unimplemented
+ */
+VOID
+NTAPI
+RtlReleasePrivilege(IN PVOID ReturnedState)
+{
+ UNIMPLEMENTED;
+}
+
+/*
+ * @implemented
+ */
+NTSTATUS
+NTAPI
+RtlAdjustPrivilege(IN ULONG Privilege,
+ IN BOOLEAN Enable,
+ IN BOOLEAN CurrentThread,
+ OUT PBOOLEAN Enabled)
+{
+ TOKEN_PRIVILEGES NewState;
+ TOKEN_PRIVILEGES OldState;
+ ULONG ReturnLength;
+ HANDLE TokenHandle;
+ NTSTATUS Status;
+
+ PAGED_CODE_RTL();
+
+ DPRINT("RtlAdjustPrivilege() called\n");
+
+ if (CurrentThread)
+ {
+ Status = ZwOpenThreadToken(NtCurrentThread(),
+ TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
+ FALSE,
+ &TokenHandle);
+ }
+ else
+ {
+ Status = ZwOpenProcessToken(NtCurrentProcess(),
+ TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
+ &TokenHandle);
+ }
+
+ if (!NT_SUCCESS (Status))
+ {
+ DPRINT1("Retrieving token handle failed (Status %lx)\n", Status);
+ return Status;
+ }
+
+ OldState.PrivilegeCount = 1;
+
+ NewState.PrivilegeCount = 1;
+ NewState.Privileges[0].Luid.LowPart = Privilege;
+ NewState.Privileges[0].Luid.HighPart = 0;
+ NewState.Privileges[0].Attributes = (Enable) ? SE_PRIVILEGE_ENABLED : 0;
+
+ Status = ZwAdjustPrivilegesToken(TokenHandle,
+ FALSE,
+ &NewState,
+ sizeof(TOKEN_PRIVILEGES),
+ &OldState,
+ &ReturnLength);
+ ZwClose (TokenHandle);
+ if (Status == STATUS_NOT_ALL_ASSIGNED)
+ {
+ DPRINT1("Failed to assign all privileges\n");
+ return STATUS_PRIVILEGE_NOT_HELD;
+ }
+
+ if (!NT_SUCCESS(Status))
+ {
+ DPRINT1("NtAdjustPrivilegesToken() failed (Status %lx)\n", Status);
+ return Status;
+ }
+
+ if (OldState.PrivilegeCount == 0)
+ {
+ *Enabled = Enable;
+ }
+ else
+ {
+ *Enabled = (OldState.Privileges[0].Attributes & SE_PRIVILEGE_ENABLED);
+ }
+
+ DPRINT("RtlAdjustPrivilege() done\n");
+
+ return STATUS_SUCCESS;
+}
Propchange: trunk/reactos/lib/rtl/priv.c
------------------------------------------------------------------------------
svn:eol-style = native
Modified: trunk/reactos/lib/rtl/security.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/lib/rtl/security.c?rev=574…
==============================================================================
--- trunk/reactos/lib/rtl/security.c [iso-8859-1] (original)
+++ trunk/reactos/lib/rtl/security.c [iso-8859-1] Thu Oct 4 18:48:15 2012
@@ -14,175 +14,6 @@
#include <debug.h>
/* FUNCTIONS ***************************************************************/
-
-/*
- * @implemented
- */
-NTSTATUS
-NTAPI
-RtlImpersonateSelf(IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
-{
- HANDLE ProcessToken;
- HANDLE ImpersonationToken;
- NTSTATUS Status;
- OBJECT_ATTRIBUTES ObjAttr;
- SECURITY_QUALITY_OF_SERVICE Sqos;
-
- PAGED_CODE_RTL();
-
- Status = ZwOpenProcessToken(NtCurrentProcess(),
- TOKEN_DUPLICATE,
- &ProcessToken);
- if (!NT_SUCCESS(Status))
- {
- DPRINT1("NtOpenProcessToken() failed (Status %lx)\n", Status);
- return Status;
- }
-
- Sqos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
- Sqos.ImpersonationLevel = ImpersonationLevel;
- Sqos.ContextTrackingMode = 0;
- Sqos.EffectiveOnly = FALSE;
-
- InitializeObjectAttributes(&ObjAttr,
- NULL,
- 0,
- NULL,
- NULL);
-
- ObjAttr.SecurityQualityOfService = &Sqos;
-
- Status = ZwDuplicateToken(ProcessToken,
- TOKEN_IMPERSONATE,
- &ObjAttr,
- Sqos.EffectiveOnly, /* why both here _and_ in Sqos? */
- TokenImpersonation,
- &ImpersonationToken);
- if (!NT_SUCCESS(Status))
- {
- DPRINT1("NtDuplicateToken() failed (Status %lx)\n", Status);
- NtClose(ProcessToken);
- return Status;
- }
-
- Status = ZwSetInformationThread(NtCurrentThread(),
- ThreadImpersonationToken,
- &ImpersonationToken,
- sizeof(HANDLE));
- if (!NT_SUCCESS(Status))
- {
- DPRINT1("NtSetInformationThread() failed (Status %lx)\n", Status);
- }
-
- ZwClose(ImpersonationToken);
- ZwClose(ProcessToken);
-
- return Status;
-}
-
-/*
- * @unimplemented
- */
-NTSTATUS
-NTAPI
-RtlAcquirePrivilege(IN PULONG Privilege,
- IN ULONG NumPriv,
- IN ULONG Flags,
- OUT PVOID *ReturnedState)
-{
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
-}
-
-/*
- * @unimplemented
- */
-VOID
-NTAPI
-RtlReleasePrivilege(IN PVOID ReturnedState)
-{
- UNIMPLEMENTED;
-}
-
-/*
- * @implemented
- */
-NTSTATUS
-NTAPI
-RtlAdjustPrivilege(IN ULONG Privilege,
- IN BOOLEAN Enable,
- IN BOOLEAN CurrentThread,
- OUT PBOOLEAN Enabled)
-{
- TOKEN_PRIVILEGES NewState;
- TOKEN_PRIVILEGES OldState;
- ULONG ReturnLength;
- HANDLE TokenHandle;
- NTSTATUS Status;
-
- PAGED_CODE_RTL();
-
- DPRINT("RtlAdjustPrivilege() called\n");
-
- if (CurrentThread)
- {
- Status = ZwOpenThreadToken(NtCurrentThread(),
- TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
- FALSE,
- &TokenHandle);
- }
- else
- {
- Status = ZwOpenProcessToken(NtCurrentProcess(),
- TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
- &TokenHandle);
- }
-
- if (!NT_SUCCESS (Status))
- {
- DPRINT1("Retrieving token handle failed (Status %lx)\n", Status);
- return Status;
- }
-
- OldState.PrivilegeCount = 1;
-
- NewState.PrivilegeCount = 1;
- NewState.Privileges[0].Luid.LowPart = Privilege;
- NewState.Privileges[0].Luid.HighPart = 0;
- NewState.Privileges[0].Attributes = (Enable) ? SE_PRIVILEGE_ENABLED : 0;
-
- Status = ZwAdjustPrivilegesToken(TokenHandle,
- FALSE,
- &NewState,
- sizeof(TOKEN_PRIVILEGES),
- &OldState,
- &ReturnLength);
- ZwClose (TokenHandle);
- if (Status == STATUS_NOT_ALL_ASSIGNED)
- {
- DPRINT1("Failed to assign all privileges\n");
- return STATUS_PRIVILEGE_NOT_HELD;
- }
-
- if (!NT_SUCCESS(Status))
- {
- DPRINT1("NtAdjustPrivilegesToken() failed (Status %lx)\n", Status);
- return Status;
- }
-
- if (OldState.PrivilegeCount == 0)
- {
- *Enabled = Enable;
- }
- else
- {
- *Enabled = (OldState.Privileges[0].Attributes & SE_PRIVILEGE_ENABLED);
- }
-
- DPRINT("RtlAdjustPrivilege() done\n");
-
- return STATUS_SUCCESS;
-}
/*
* @implemented
@@ -217,6 +48,111 @@
return STATUS_NOT_IMPLEMENTED;
}
+/*
+ * @unimplemented
+ */
+NTSTATUS
+NTAPI
+RtlNewSecurityObjectEx(IN PSECURITY_DESCRIPTOR ParentDescriptor,
+ IN PSECURITY_DESCRIPTOR CreatorDescriptor,
+ OUT PSECURITY_DESCRIPTOR *NewDescriptor,
+ IN LPGUID ObjectType,
+ IN BOOLEAN IsDirectoryObject,
+ IN ULONG AutoInheritFlags,
+ IN HANDLE Token,
+ IN PGENERIC_MAPPING GenericMapping)
+{
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
+}
+
+/*
+ * @unimplemented
+ */
+NTSTATUS
+NTAPI
+RtlNewSecurityObjectWithMultipleInheritance(IN PSECURITY_DESCRIPTOR ParentDescriptor,
+ IN PSECURITY_DESCRIPTOR CreatorDescriptor,
+ OUT PSECURITY_DESCRIPTOR *NewDescriptor,
+ IN LPGUID *ObjectTypes,
+ IN ULONG GuidCount,
+ IN BOOLEAN IsDirectoryObject,
+ IN ULONG AutoInheritFlags,
+ IN HANDLE Token,
+ IN PGENERIC_MAPPING GenericMapping)
+{
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
+}
+
+/*
+ * @unimplemented
+ */
+NTSTATUS
+NTAPI
+RtlConvertToAutoInheritSecurityObject(IN PSECURITY_DESCRIPTOR ParentDescriptor,
+ IN PSECURITY_DESCRIPTOR CreatorDescriptor,
+ OUT PSECURITY_DESCRIPTOR *NewDescriptor,
+ IN LPGUID ObjectType,
+ IN BOOLEAN IsDirectoryObject,
+ IN PGENERIC_MAPPING GenericMapping)
+{
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
+}
+
+/*
+ * @unimplemented
+ */
+NTSTATUS
+NTAPI
+RtlCreateUserSecurityObject(IN PVOID AceData,
+ IN ULONG AceCount,
+ IN PSID OwnerSid,
+ IN PSID GroupSid,
+ IN BOOLEAN IsDirectoryObject,
+ IN PGENERIC_MAPPING GenericMapping,
+ OUT PSECURITY_DESCRIPTOR *NewDescriptor)
+{
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
+}
+
+/*
+ * @unimplemented
+ */
+NTSTATUS
+NTAPI
+RtlNewInstanceSecurityObject(IN BOOLEAN ParentDescriptorChanged,
+ IN BOOLEAN CreatorDescriptorChanged,
+ IN PLUID OldClientTokenModifiedI,
+ OUT PLUID NewClientTokenModifiedId,
+ IN PSECURITY_DESCRIPTOR ParentDescriptor,
+ IN PSECURITY_DESCRIPTOR CreatorDescriptor,
+ OUT PSECURITY_DESCRIPTOR *NewDescriptor,
+ IN BOOLEAN IsDirectoryObject,
+ IN HANDLE Token,
+ IN PGENERIC_MAPPING GenericMapping)
+{
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
+}
+
+/*
+ * @unimplemented
+ */
+NTSTATUS
+NTAPI
+RtlNewSecurityGrantedAccess(IN ACCESS_MASK DesiredAccess,
+ OUT PPRIVILEGE_SET Privileges,
+ IN OUT PULONG Length,
+ IN HANDLE Token,
+ IN PGENERIC_MAPPING GenericMapping,
+ OUT PACCESS_MASK RemainingDesiredAccess)
+{
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
+}
/*
* @unimplemented
@@ -295,6 +231,22 @@
*/
NTSTATUS
NTAPI
+RtlSetSecurityObjectEx(IN SECURITY_INFORMATION SecurityInformation,
+ IN PSECURITY_DESCRIPTOR ModificationDescriptor,
+ OUT PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor,
+ IN ULONG AutoInheritFlags,
+ IN PGENERIC_MAPPING GenericMapping,
+ IN HANDLE Token)
+{
+ UNIMPLEMENTED;
+ return STATUS_NOT_IMPLEMENTED;
+}
+
+/*
+ * @unimplemented
+ */
+NTSTATUS
+NTAPI
RtlRegisterSecureMemoryCacheCallback(IN PRTL_SECURE_MEMORY_CACHE_CALLBACK Callback)
{
UNIMPLEMENTED;
4466
days inactive
4466
days old
0 comments
1 participants
participants (1)
-
ion@svn.reactos.org