archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 75c48ba87f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75c48ba87f'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/authz/test/adl/adlconvert.h

136 lines
3.7 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 2000 Microsoft Corporation
  5. Module Name:
  7. adlconvert.h
  9. Abstract:
  11. The private header file for the ADL conversion routines
  13. Author:
  15. t-eugenz - August 2000
  17. Environment:
  19. User mode only.
  21. Revision History:
  23. Created - August 2000
  25. --*/
  28. #pragma once
  31. //
  32. // Weights for the weight function to determine the optimal pops
  33. // These weights can be modified to change the behavior of the conversion.
  34. // The algorithm selects an action by trying to maximize the weight of the
  35. // action. For more flexibility (such as squaring some quentities, etc),
  36. // the algorithm itself should be changed in FindOptimalPop()
  37. //
  38. // RESTRICTION: The weight of popping a block of any height off a single stack
  39. // MUST be positive
  40. //
  42. //
  43. // This quantity is added to the weight of the action for every additional
  44. // permission bit expressed by the ADL statement created by this action.
  45. //
  47. #define WEIGHT_PERM_BIT (4)
  49. //
  50. // This quantity is added to the weight of the action for every additional
  51. // Principal expressed by the ADL statement created by this action.
  52. //
  54. #define WEIGHT_STACK_HEIGHT (7)
  56. //
  57. // This quantity is added to the weight of the action for every item which
  58. // will have to be popped off in order to take this action. See the algorithm
  59. // description in adlconvert.cpp for more details.
  60. //
  62. #define WEIGHT_ITEM_ABOVE_POP (-5)
  65. //
  66. // This quantity is added for every permission name beyond the first needed
  67. // to express a given access mask. This should be a penalty, however for
  68. // better results this should NOT negate the bonus from WEIGHT_PERM_BIT.
  69. // Therefore, if this is negative, it should be greater than (- WEIGHT_PERM_BIT)
  70. //
  72. #define WEIGHT_PERMISSION_NAME (-1)
  74. //
  75. // The stacks in the DACL->ADL conversion consist of these elements
  76. //
  78. typedef struct
  79. {
  80. PSID pSid;
  81. DWORD dwFlags;
  82. BOOL bAllow;
  83. } BIT_STACK_ELEM, *PBIT_STACK_ELEM;
  86. //
  87. // Forward declarations for DACL->ADL conversion
  88. //
  90. DWORD GetStackBlockSize(
  91. IN const PBIT_STACK_ELEM pStack,
  92. IN DWORD dwStartOffset,
  93. IN DWORD dwStackSize
  94. );
  98. void ConvertDaclToStacks(
  99. IN const PACL pDacl,
  100. IN const PADL_PARSER_CONTROL pControl,
  101. OUT DWORD pdwStackSize[32],
  102. OUT PBIT_STACK_ELEM pStacks[32]
  103. );
  105. BOOL FindBlockInStack(
  106. IN const PBIT_STACK_ELEM pBlock,
  107. IN const DWORD dwBlockSize,
  108. IN const PBIT_STACK_ELEM pStack,
  109. IN const DWORD dwStackSize,
  110. IN const DWORD dwStackTop,
  111. OUT PDWORD pdwBlockStart
  112. );
  114. BOOL FindOptimalPop(
  115. IN const PADL_PARSER_CONTROL pControl,
  116. IN const PBIT_STACK_ELEM pStacks[32],
  117. IN const DWORD pdwStackSize[32],
  118. IN const DWORD pdwStackTop[32],
  119. OUT PDWORD pdwStacksPopped,
  120. OUT PDWORD pdwBlockSize,
  121. OUT DWORD pdwPopOffsets[32]
  122. );
  124. void ConvertStacksToPops(
  125. IN const PADL_PARSER_CONTROL pControl,
  126. IN const PBIT_STACK_ELEM pStacks[32],
  127. IN const DWORD pdwStackSize[32],
  128. IN const DWORD pdwStackTop[32],
  129. OUT list< pair<DWORD, DWORD> > * pListPops
  130. );
  132. DWORD NumStringsForMask(
  133. IN const PADL_PARSER_CONTROL pControl,
  134. IN ACCESS_MASK amMask
  135. );