You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
146 lines
2.8 KiB
146 lines
2.8 KiB
/*++
|
|
|
|
Copyright (c) Microsoft Corporation. All rights reserved.
|
|
|
|
Module Name:
|
|
|
|
SepSddl.h
|
|
|
|
Abstract:
|
|
|
|
This header contains private information for processing SDDL strings
|
|
in kernel mode. This file is meant to be included only by sesddl.c.
|
|
|
|
Author:
|
|
|
|
Adrian J. Oney - April 21, 2002
|
|
|
|
Revision History:
|
|
|
|
--*/
|
|
|
|
//
|
|
// Define the location of our various SIDs
|
|
//
|
|
#ifndef _KERNELIMPLEMENTATION_
|
|
|
|
#define DEFINE_SDDL_ENTRY(Sid, Ver, Sddl, SddlLen) \
|
|
{ FIELD_OFFSET(SE_EXPORTS, Sid), Ver, Sddl, SddlLen }
|
|
|
|
#else
|
|
|
|
extern PSID SeServiceSid;
|
|
extern PSID SeLocalServiceSid;
|
|
extern PSID SeNetworkServiceSid;
|
|
|
|
#define DEFINE_SDDL_ENTRY(Sid, Ver, Sddl, SddlLen) \
|
|
{ &##Sid, Sddl, SddlLen }
|
|
|
|
#endif
|
|
|
|
//
|
|
// Local macros
|
|
//
|
|
#define SDDL_LEN_TAG( tagdef ) ( sizeof( tagdef ) / sizeof( WCHAR ) - 1 )
|
|
|
|
// 64K-1
|
|
#define SDDL_MAX_ACL_SIZE 0xFFFF
|
|
|
|
//
|
|
// This structure is used to do some lookups for mapping ACES
|
|
//
|
|
typedef enum {
|
|
|
|
WIN2K_OR_LATER,
|
|
WINXP_OR_LATER
|
|
|
|
} OS_SID_VER;
|
|
|
|
typedef struct _STRSD_KEY_LOOKUP {
|
|
|
|
PWSTR Key;
|
|
ULONG KeyLen;
|
|
ULONG Value;
|
|
|
|
} STRSD_KEY_LOOKUP, *PSTRSD_KEY_LOOKUP;
|
|
|
|
//
|
|
// This structure is used to map account monikers to sids
|
|
//
|
|
typedef struct _STRSD_SID_LOOKUP {
|
|
|
|
#ifndef _KERNELIMPLEMENTATION_
|
|
ULONG_PTR ExportSidFieldOffset;
|
|
OS_SID_VER OsVer;
|
|
#else
|
|
PSID *Sid;
|
|
#endif
|
|
|
|
WCHAR Key[SDDL_ALIAS_SIZE+2];
|
|
ULONG KeyLen;
|
|
|
|
} STRSD_SID_LOOKUP, *PSTRSD_SID_LOOKUP;
|
|
|
|
|
|
//
|
|
// Functions private to sddl.c
|
|
//
|
|
NTSTATUS
|
|
SepSddlSecurityDescriptorFromSDDLString(
|
|
IN LPCWSTR SecurityDescriptorString,
|
|
IN LOGICAL SuppliedByDefaultMechanism,
|
|
OUT PSECURITY_DESCRIPTOR *SecurityDescriptor
|
|
);
|
|
|
|
NTSTATUS
|
|
SepSddlDaclFromSDDLString(
|
|
IN LPCWSTR StringSecurityDescriptor,
|
|
IN LOGICAL SuppliedByDefaultMechanism,
|
|
OUT ULONG *SecurityDescriptorControlFlags,
|
|
OUT PACL *DiscretionaryAcl
|
|
);
|
|
|
|
NTSTATUS
|
|
SepSddlGetSidForString(
|
|
IN PWSTR String,
|
|
OUT PSID *SID,
|
|
OUT PWSTR *End
|
|
);
|
|
|
|
LOGICAL
|
|
SepSddlLookupAccessMaskInTable(
|
|
IN PWSTR String,
|
|
OUT ULONG *AccessMask,
|
|
OUT PWSTR *End
|
|
);
|
|
|
|
NTSTATUS
|
|
SepSddlGetAclForString(
|
|
IN PWSTR AclString,
|
|
OUT PACL *Acl,
|
|
OUT PWSTR *End
|
|
);
|
|
|
|
NTSTATUS
|
|
SepSddlAddAceToAcl(
|
|
IN OUT PACL *Acl,
|
|
IN OUT ULONG *TrueAclSize,
|
|
IN ULONG AceType,
|
|
IN ULONG AceFlags,
|
|
IN ULONG AccessMask,
|
|
IN ULONG RemainingAces,
|
|
IN PSID SidPtr
|
|
);
|
|
|
|
#ifndef _KERNELIMPLEMENTATION_
|
|
|
|
LOGICAL
|
|
SepSddlParseWideStringUlong(
|
|
IN LPCWSTR Buffer,
|
|
OUT LPCWSTR *FinalPosition,
|
|
OUT ULONG *Value
|
|
);
|
|
|
|
#endif // _KERNELIMPLEMENTATION_
|
|
|
|
|