archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 9769ad7c3d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9769ad7c3d'
${ noResults }
windows-xp/Source/XPSP1/NT/sdktools/cacls/t2.cxx

1390 lines
44 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+------------------------------------------------------------------
  2. //
  3. // Copyright (C) 1995, Microsoft Corporation.
  4. //
  5. // File: t2.cxx
  6. //
  7. // Contents:
  8. //
  9. // Classes:
  10. //
  11. // History: Nov-93 DaveMont Created.
  12. //
  13. //-------------------------------------------------------------------
  14. #include <t2.hxx>
  15. #include <filesec.hxx>
  16. #include <fileenum.hxx>
  17. #include <dumpsec.hxx>
  18. #include "caclsmsg.h"
  19. #include <locale.h>
  20. #include <string.h>
  21. #include <winnlsp.h>
  22. #include <tchar.h>
  23. #if DBG
  24. ULONG Debug;
  25. #endif
  26. //+----------------------------------------------------------------------------
  27. //
  28. // local prototypes
  29. //
  30. //+----------------------------------------------------------------------------
  31. BOOLEAN OpenToken(PHANDLE ph);
  32. void printfsid(SID *psid, ULONG *outputoffset);
  33. void printface(ACE_HEADER *paceh, BOOL fdir, ULONG outputoffset);
  34. void printfmask(ULONG mask, UCHAR acetype, BOOL fdir, ULONG outputoffset);
  35. WCHAR *mbstowcs(char *aname );
  36. BOOL GetUserAndAccess(TCHAR *arg, WCHAR **user, ULONG *access);
  37. #if DBG
  38. ULONG DebugEnumerate(TCHAR *filename, ULONG option);
  39. #endif
  40. ULONG DisplayAces(TCHAR *filename, ULONG option);
  41. ULONG ModifyAces(TCHAR *filename,
  42. MODE emode,
  43. ULONG option,
  44. TCHAR *argv[],
  45. LONG astart[], LONG aend[] );
  47. ULONG GetCmdLineArgs(INT argc, TCHAR *argv[],
  48. ULONG *option,
  49. LONG astart[], LONG aend[],
  50. MODE *emode
  51. #if DBG
  52. ,ULONG *debug
  53. #endif
  54. );
  55. ULONG
  56. __cdecl
  57. printmessage (FILE* fp, DWORD messageID, ...);
  61. //+----------------------------------------------------------------------------
  62. //
  63. // Function: vfcprintf
  64. //
  65. // Synopsis: prints formatted text to [pOut]. This function will call the
  66. // defulat c printf functions if it can not call WriteConsole().
  67. // We are calling WriteConsole() because it will display extended
  68. // characters, were as fprintf, printf ..., functions do not display
  69. // multi linguel strings.
  70. //
  71. // Arguments: [pOut] - Must be stdout, stderr, otherwise the function will just
  72. // call standard c functions.
  73. // [pszFormate] - Format string
  74. // [argList] - variable length argument list.
  75. //
  76. //----------------------------------------------------------------------------
  77. void vfcprintf(FILE *pOut, LPCTSTR pszFormat, va_list argList)
  78. {
  79. HANDLE handle;
  81. //
  82. // Get the standard handles for output. This assumes that the callers is calling with
  83. // either stdout or stderr, if it's anything else then just use normal sprintf.
  84. //
  85. TCHAR szText[2048];
  86. if(pOut == stdout){
  87. handle = GetStdHandle(STD_OUTPUT_HANDLE);
  88. } else if(pOut == stderr ){
  89. handle = GetStdHandle(STD_ERROR_HANDLE);
  90. } else {
  91. do_normal:
  92. #if defined(_UNICODE) || defined(UNICODE)
  93. vswprintf( szText, pszFormat, argList );
  94. fwprintf(pOut, szText );
  95. #else
  96. vsprintf( szText, pszFormat, argList );
  97. fprintf(pOut, szText );
  98. #endif
  99. return;
  100. }
  102. //
  103. // If we can't get the output handle then just send it to standard fprintf functions
  104. //
  105. if(INVALID_HANDLE_VALUE == handle){
  106. goto do_normal;
  107. }
  109. //
  110. // Format the text using standard C functions.
  111. //
  112. #if defined(_UNICODE) || defined(UNICODE)
  113. vswprintf( szText, pszFormat, argList );
  114. #else
  115. vsprintf( szText, pszFormat, argList );
  116. #endif
  118. DWORD cRead = 0;
  119. //
  120. // If we can't get the console mode from this handle, then it is being piped somewhere else
  121. // and we must use sprintf to write, because WriteConsole only works with a console
  122. // output handle.
  123. //
  124. if(!GetConsoleMode( handle, &cRead ))
  125. {
  126. DWORD cchBuffer = lstrlen(szText);
  127. LPSTR lpAnsiBuffer = (LPSTR) LocalAlloc(LMEM_FIXED, (cchBuffer+1)*sizeof(WCHAR));
  129. if (lpAnsiBuffer != NULL)
  130. {
  131. cchBuffer = WideCharToMultiByte(CP_OEMCP,
  132. 0,
  133. szText,
  134. cchBuffer + 1,
  135. lpAnsiBuffer,
  136. (cchBuffer +1) * sizeof(WCHAR),
  137. NULL,
  138. NULL);
  140. if (cchBuffer != 0)
  141. {
  142. fprintf(pOut,"%s",lpAnsiBuffer);
  143. }
  145. LocalFree(lpAnsiBuffer);
  146. }
  148. } else {
  149. WriteConsole( handle, szText, lstrlen(szText), &cRead, NULL);
  150. }
  152. }
  155. //+----------------------------------------------------------------------------
  156. //
  157. // Function: fcprintf
  158. //
  159. // synopsis: Same as fprintf, except this will call vfcprintf, which
  160. // prints to the console use WriteConsole.
  161. //
  162. // Arguments: [pOut] - FILE stream to output to.
  163. // [pszFormate] - Format string
  164. // [...] - variable length argument list.
  165. //
  166. //----------------------------------------------------------------------------
  167. void
  168. __cdecl
  169. fcprintf( FILE *pOut, LPCTSTR pszFormat, ...)
  170. {
  171. va_list marker;
  172. va_start(marker, pszFormat);
  173. vfcprintf( pOut, pszFormat, marker);
  174. va_end(marker);
  175. }
  178. //+----------------------------------------------------------------------------
  179. //
  180. // Function: fcprintf
  181. //
  182. // synopsis: Same as printf, except this will call vfcprintf, which
  183. // prints to the console use WriteConsole.
  184. //
  185. // Arguments: [pszFormate] - Format string
  186. // [...] - variable length argument list.
  187. //
  188. //----------------------------------------------------------------------------
  189. void
  190. __cdecl
  191. cprintf( LPCTSTR pszFormat, ...)
  192. {
  193. va_list marker;
  194. va_start(marker, pszFormat);
  195. vfcprintf( stdout, pszFormat, marker);
  196. va_end(marker);
  197. }
  199. //+----------------------------------------------------------------------------
  200. //
  201. // Function: Usage
  202. //
  203. // Synopsis: prints usage functionality
  204. //
  205. // Arguments: none
  206. //
  207. //----------------------------------------------------------------------------
  208. VOID usage()
  209. {
  210. printmessage(stdout, MSG_CACLS_USAGE, NULL);
  212. #if DBG
  213. if (Debug)
  214. {
  215. printf("\n /B deBug <[#]>\n");
  216. printf(" default is display error returned\n");
  217. printf(" in /B '#' is a mask: 1 display SIDS values\n");
  218. printf(" 2 display access masks\n");
  219. printf(" 4 display error returned\n");
  220. printf(" 8 display error location\n");
  221. printf(" 0x10 verbose\n");
  222. printf(" 0x20 verboser\n");
  223. printf(" 0x40 enumerate names\n");
  224. printf(" 0x80 enumerate failures\n");
  225. printf(" 0x100 enumerate starts and returns\n");
  226. printf(" 0x200 enumerate extra data\n");
  227. printf(" 0x400 size allocation data\n");
  228. printf(" 0x800 display enumeration of files\n");
  229. }
  230. #endif
  231. }
  233. BOOL
  234. IsAclSupported(LPCWSTR lpszFileName)
  235. {
  236. BOOL bReturn = TRUE;
  237. WCHAR szVolumePathName[MAX_PATH+1];
  238. if(GetVolumePathName(lpszFileName,
  239. szVolumePathName,
  240. MAX_PATH))
  241. {
  242. int nLen = wcslen(szVolumePathName);
  243. if((WCHAR)szVolumePathName[nLen -1] != L'\\')
  244. {
  245. szVolumePathName[nLen] = L'\\';
  246. szVolumePathName[nLen++] = L'\0';
  247. }
  248. DWORD dwFlags = 0;
  249. if(GetVolumeInformation(szVolumePathName,
  250. NULL,
  251. NULL,
  252. NULL,
  253. NULL,
  254. &dwFlags,
  255. NULL,
  256. 0))
  257. {
  258. if(!(FS_PERSISTENT_ACLS & dwFlags))
  259. {
  260. printmessage(stdout,MSG_CACLS_NOT_NTFS);
  261. return FALSE;
  262. }
  263. }
  265. }
  266. return bReturn;
  267. }
  268. //+----------------------------------------------------------------------------
  269. //
  270. // Function: Main, Public
  271. //
  272. // Synopsis: main!!
  273. //
  274. // Arguments: IN [argc] - cmdline arguement count
  275. // IN [argv] - input cmdline arguements
  276. //
  277. //----------------------------------------------------------------------------
  278. #if defined( __cplusplus )
  279. extern "C" {
  280. #endif
  281. VOID _cdecl wmain(int argc, wchar_t *argvw[])
  282. {
  283. char lBuf[6];
  285. //
  286. // Set the local to system OEM code page.
  287. //
  288. setlocale(LC_ALL, ".OCP" );
  289. SetThreadUILanguage(0);
  291. //
  292. // Convert the wide character set to string array.
  293. //
  294. LONG astart[MAX_OPTIONS], aend[MAX_OPTIONS];
  295. MODE emode;
  297. LONG ret = 0;
  298. ULONG option;
  300. if (ERROR_SUCCESS != (ret = GetCmdLineArgs(argc, argvw,
  301. &option,
  302. astart, aend,
  303. &emode
  304. #if DBG
  305. ,&Debug
  306. #endif
  307. )))
  308. {
  309. usage();
  310. exit(ret);
  311. }
  313. if(!IsAclSupported(argvw[1]))
  314. exit(1);
  315. switch (emode)
  316. {
  317. case MODE_DISPLAY:
  318. ret = DisplayAces(argvw[1], option);
  319. break;
  320. case MODE_REPLACE:
  321. case MODE_MODIFY:
  322. ret = ModifyAces(argvw[1], emode, option, argvw, astart, aend );
  323. break;
  324. #if DBG
  325. case MODE_DEBUG_ENUMERATE:
  326. ret = DebugEnumerate(argvw[1], option);
  327. break;
  328. #endif
  329. default:
  330. {
  331. usage();
  332. exit(1);
  333. }
  334. }
  335. if (ERROR_SUCCESS != ret)
  336. {
  337. LAST_ERROR((stderr, "Cacls failed, %ld\n",ret))
  338. if( ret == ERROR_BAD_ARGUMENTS )
  339. ret = MSG_CACLS_INVALID_ARGUMENT;
  340. printmessage(stderr, ret, NULL);
  342. if( ret == MSG_CACLS_INVALID_ARGUMENT )
  343. usage();
  344. }
  345. exit(ret);
  346. }
  347. #if defined( __cplusplus )
  348. }
  349. #endif
  351. //---------------------------------------------------------------------------
  352. //
  353. // Function: GetCmdLineArgs
  354. //
  355. // Synopsis: gets and parses command line arguments into commands
  356. // recognized by this program
  357. //
  358. // Arguments: IN [argc] - cmdline arguement count
  359. // IN [argv] - input cmdline arguements
  360. // OUT [option] - requested option
  361. // OUT [astart] - start of arguments for each option
  362. // OUT [aend] - end of arguments for each option
  363. // OUT [emode] - mode of operation
  364. // OUT [debug] - debug mask
  365. //
  366. //
  367. //----------------------------------------------------------------------------
  368. ULONG GetCmdLineArgs(INT argc, TCHAR *argv[],
  369. ULONG *option,
  370. LONG astart[], LONG aend[],
  371. MODE *emode
  372. #if DBG
  373. ,ULONG *debug
  374. #endif
  375. )
  376. {
  377. ARG_MODE_INDEX am = ARG_MODE_INDEX_NEED_OPTION;
  379. #if DBG
  380. *debug = 0;
  381. #endif
  382. *emode = MODE_DISPLAY;
  383. *option = 0;
  385. for (LONG j=0; j < MAX_OPTIONS ;j++ )
  386. {
  387. astart[j] = 0;
  388. aend[j] = 0;
  389. }
  391. if ( (argc < 2) || (argv[1][0] == '/') )
  392. {
  393. #if DBG
  394. // do this so debug args are printed out
  396. if (argc >= 2)
  397. {
  398. if ( (0 == lstrcmpi(&argv[1][1], TEXT("deBug"))) ||
  399. (0 == lstrcmpi(&argv[1][1], TEXT("b"))) )
  400. {
  401. *debug = DEBUG_LAST_ERROR;
  402. }
  403. }
  404. #endif
  405. return(ERROR_BAD_ARGUMENTS);
  406. }
  408. for (LONG k = 2; k < argc ; k++ )
  409. {
  410. if (argv[k][0] == '/')
  411. {
  412. switch (am)
  413. {
  414. case ARG_MODE_INDEX_NEED_OPTION:
  415. #if DBG
  416. case ARG_MODE_INDEX_DEBUG:
  417. #endif
  418. break;
  420. case ARG_MODE_INDEX_DENY:
  421. case ARG_MODE_INDEX_REVOKE:
  422. case ARG_MODE_INDEX_GRANT:
  423. case ARG_MODE_INDEX_REPLACE:
  424. if (astart[am] == k)
  425. return(ERROR_BAD_ARGUMENTS);
  426. break;
  428. default:
  429. return(ERROR_BAD_ARGUMENTS);
  430. }
  432. if ( (0 == lstrcmpi(&argv[k][1], TEXT("Tree"))) ||
  433. (0 == lstrcmpi(&argv[k][1], TEXT("t"))) )
  434. {
  435. if (*option & OPTION_TREE)
  436. return(ERROR_BAD_ARGUMENTS);
  437. *option |= OPTION_TREE;
  438. am = ARG_MODE_INDEX_NEED_OPTION;
  439. continue;
  440. }
  442. if ( (0 == lstrcmpi(&argv[k][1], TEXT("Continue"))) ||
  443. (0 == lstrcmpi(&argv[k][1], TEXT("c"))) )
  444. {
  445. if (*option & OPTION_CONTINUE_ON_ERROR)
  446. return(ERROR_BAD_ARGUMENTS);
  447. *option |= OPTION_CONTINUE_ON_ERROR;
  448. am = ARG_MODE_INDEX_NEED_OPTION;
  449. continue;
  450. }
  452. if ( (0 == lstrcmpi(&argv[k][1], TEXT("Edit"))) ||
  453. (0 == lstrcmpi(&argv[k][1], TEXT("E"))) )
  454. {
  455. if (*emode != MODE_DISPLAY)
  456. return(ERROR_BAD_ARGUMENTS);
  457. *emode = MODE_MODIFY;
  458. am = ARG_MODE_INDEX_NEED_OPTION;
  459. continue;
  460. }
  462. #if DBG
  463. if ( (0 == lstrcmpi(&argv[k][1], TEXT("deBug"))) ||
  464. (0 == lstrcmpi(&argv[k][1], TEXT("b"))) )
  465. {
  466. if (*debug)
  467. return(ERROR_BAD_ARGUMENTS);
  468. am = ARG_MODE_INDEX_DEBUG;
  469. *debug = DEBUG_LAST_ERROR;
  470. continue;
  471. }
  472. #endif
  473. if ( (0 == lstrcmpi(&argv[k][1], TEXT("Deny"))) ||
  474. (0 == lstrcmpi(&argv[k][1], TEXT("D"))) )
  475. {
  476. am = ARG_MODE_INDEX_DENY;
  477. *option |= OPTION_DENY;
  478. } else if ( (0 == lstrcmpi(&argv[k][1], TEXT("Revoke"))) ||
  479. (0 == lstrcmpi(&argv[k][1], TEXT("R"))) )
  480. {
  481. am = ARG_MODE_INDEX_REVOKE;
  482. *option |= OPTION_REVOKE;
  483. } else if ( (0 == lstrcmpi(&argv[k][1], TEXT("Grant"))) ||
  484. (0 == lstrcmpi(&argv[k][1], TEXT("G"))) )
  485. {
  486. am = ARG_MODE_INDEX_GRANT;
  487. *option |= OPTION_GRANT;
  488. } else if ( (0 == lstrcmpi(&argv[k][1], TEXT("rePlace"))) ||
  489. (0 == lstrcmpi(&argv[k][1], TEXT("P"))) )
  490. {
  491. *option |= OPTION_REPLACE;
  492. am = ARG_MODE_INDEX_REPLACE;
  493. } else
  494. return(ERROR_BAD_ARGUMENTS);
  496. if (astart[am] != 0)
  497. return(ERROR_BAD_ARGUMENTS);
  498. astart[am] = k+1;
  499. } else
  500. {
  501. switch (am)
  502. {
  503. case ARG_MODE_INDEX_NEED_OPTION:
  504. return(ERROR_BAD_ARGUMENTS);
  506. #if DBG
  507. case ARG_MODE_INDEX_DEBUG:
  508. *debug = _wtol(argv[k]);
  509. if (*debug & DEBUG_ENUMERATE)
  510. if (*emode == MODE_DISPLAY)
  511. *emode = MODE_DEBUG_ENUMERATE;
  512. else
  513. return(ERROR_BAD_ARGUMENTS);
  515. am = ARG_MODE_INDEX_NEED_OPTION;
  516. break;
  517. #endif
  518. case ARG_MODE_INDEX_DENY:
  519. case ARG_MODE_INDEX_REVOKE:
  520. case ARG_MODE_INDEX_GRANT:
  521. case ARG_MODE_INDEX_REPLACE:
  522. aend[am] = k+1;
  523. break;
  525. default:
  526. return(ERROR_BAD_ARGUMENTS);
  527. }
  528. }
  529. }
  531. if ( ( (*option & OPTION_DENY) && (aend[ARG_MODE_INDEX_DENY] == 0) ) ||
  532. ( (*option & OPTION_REVOKE) && (aend[ARG_MODE_INDEX_REVOKE] == 0) ) ||
  533. ( (*option & OPTION_GRANT) && (aend[ARG_MODE_INDEX_GRANT] == 0) ) ||
  534. ( (*option & OPTION_REPLACE) && (aend[ARG_MODE_INDEX_REPLACE] == 0) ) )
  535. {
  536. return(ERROR_BAD_ARGUMENTS);
  537. } else if ( (*option & OPTION_DENY) ||
  538. (*option & OPTION_REVOKE) ||
  539. (*option & OPTION_GRANT) ||
  540. (*option & OPTION_REPLACE) )
  541. {
  542. if (*emode == MODE_DISPLAY)
  543. {
  544. if (*option & OPTION_REVOKE)
  545. {
  546. return(ERROR_BAD_ARGUMENTS);
  547. }
  548. *emode = MODE_REPLACE;
  549. }
  550. }
  551. return(ERROR_SUCCESS);
  552. }
  554. //---------------------------------------------------------------------------
  555. //
  556. // Function: DisplayAces
  557. //
  558. // Synopsis: displays ACL from specified file
  559. //
  560. // Arguments: IN [filename] - file name
  561. // IN [option] - display option
  562. //
  563. //----------------------------------------------------------------------------
  564. ULONG DisplayAces(TCHAR *filename, ULONG option)
  565. {
  566. CFileEnumerate cfe(option & OPTION_TREE);
  567. WCHAR *pwfilename;
  568. BOOL fdir;
  569. ULONG ret;
  571. if (NO_ERROR == (ret = cfe.Init(filename, &pwfilename, &fdir)))
  572. {
  573. while ( (NO_ERROR == ret) ||
  574. ( ( (ERROR_ACCESS_DENIED == ret ) || (ERROR_SHARING_VIOLATION == ret) )&&
  575. (option & OPTION_CONTINUE_ON_ERROR) ) )
  576. {
  577. #if DBG
  578. if (fdir)
  579. DISPLAY((stderr, "processing file: "))
  580. else
  581. DISPLAY((stderr, "processing dir: "))
  582. #endif
  583. cprintf( TEXT("%s"), pwfilename);
  584. if (ERROR_ACCESS_DENIED == ret)
  585. {
  586. printmessage(stdout,MSG_CACLS_ACCESS_DENIED, NULL);
  587. } else if (ERROR_SHARING_VIOLATION == ret)
  588. {
  589. printmessage(stdout,MSG_CACLS_SHARING_VIOLATION, NULL);
  590. } else
  591. {
  592. DISPLAY((stderr, "\n"))
  593. VERBOSE((stderr, "\n"))
  594. CDumpSecurity cds(pwfilename);
  596. if (NO_ERROR == (ret = cds.Init()))
  597. {
  598. #if DBG
  599. if (Debug & DEBUG_VERBOSE)
  600. {
  601. SID *psid;
  602. ULONG oo;
  604. if (NO_ERROR == (ret = cds.GetSDOwner(&psid)))
  605. {
  606. printf(" Owner = ");
  607. printfsid(psid, &oo);
  608. if (NO_ERROR == (ret = cds.GetSDGroup(&psid)))
  609. {
  610. printf(" Group = ");
  611. printfsid(psid, &oo);
  612. }
  613. else
  614. ERRORS((stderr, "GetSDGroup failed, %d\n",ret))
  615. }
  616. else
  617. ERRORS((stderr, "GetSDOwner failed, %d\n",ret))
  618. }
  619. #endif
  620. ACE_HEADER *paceh;
  622. LONG retace;
  623. if (NO_ERROR == ret)
  624. for (retace = cds.GetNextAce(&paceh); retace >= 0; )
  625. {
  626. printface(paceh, fdir, wcslen(pwfilename));
  627. retace = cds.GetNextAce(&paceh);
  628. if (retace >= 0)
  629. printf("%*s",
  630. WideCharToMultiByte(CP_ACP, 0,
  631. pwfilename, -1,
  632. NULL, 0,
  633. NULL, NULL)-1," ");
  634. }
  635. }
  636. #if DBG
  637. else
  638. ERRORS((stderr, "cds.init failed, %d\n",ret))
  639. #endif
  640. }
  641. fprintf(stdout, "\n");
  643. if ( (NO_ERROR == ret) ||
  644. ( ( (ERROR_ACCESS_DENIED == ret ) || (ERROR_SHARING_VIOLATION == ret) )&&
  645. (option & OPTION_CONTINUE_ON_ERROR) ) )
  646. ret = cfe.Next(&pwfilename, &fdir);
  647. }
  649. switch (ret)
  650. {
  651. case ERROR_NO_MORE_FILES:
  652. ret = ERROR_SUCCESS;
  653. break;
  654. case ERROR_ACCESS_DENIED:
  655. case ERROR_SHARING_VIOLATION:
  656. break;
  657. case ERROR_SUCCESS:
  658. break;
  659. default:
  660. break;
  661. }
  663. } else
  664. {
  665. ERRORS((stderr, "cfe.init failed, %d\n",ret))
  666. }
  667. return(ret);
  668. }
  669. //---------------------------------------------------------------------------
  670. //
  671. // Function: ModifyAces
  672. //
  673. // Synopsis: modifies the aces for the specified file(s)
  674. //
  675. // Arguments: IN [filename] - name of file(s) to modify the aces on
  676. // IN [emode] - mode of operation
  677. // IN [option] - requested option
  678. // IN [astart] - start of arguments for each option
  679. // IN [aend] - end of arguments for each option
  680. //
  681. //----------------------------------------------------------------------------
  682. ULONG ModifyAces(TCHAR *filename,
  683. MODE emode,
  684. ULONG option,
  685. TCHAR *argv[],
  686. LONG astart[], LONG aend[])
  687. {
  688. CDaclWrap cdw;
  689. CFileEnumerate cfe(option & OPTION_TREE);
  690. WCHAR *user = NULL;
  691. ULONG access;
  692. ULONG ret = ERROR_SUCCESS;
  693. WCHAR *pwfilename;
  694. ULONG curoption;
  696. VERBOSERW((stderr, TEXT("user:permission pairs\n") ))
  698. // first proces the command line args to build up the new ace
  700. for (ULONG j = 0, k = 1;j < MAX_OPTIONS ; k <<= 1, j++ )
  701. {
  702. curoption = k;
  703. if (option & k)
  704. {
  705. for (LONG q = astart[j];
  706. q < aend[j] ; q++ )
  707. {
  708. VERBOSERW((stderr, TEXT(" %s\n"),argv[q] ))
  710. if ((k & OPTION_GRANT) || (k & OPTION_REPLACE))
  711. {
  712. if (!GetUserAndAccess(argv[q], &user, &access))
  713. {
  714. #if !defined(UNICODE) || !defined(_UNICODE)
  715. if (user)
  716. LocalFree(user);
  717. #endif
  718. return(ERROR_BAD_ARGUMENTS);
  719. }
  720. if (GENERIC_NONE == access)
  721. {
  722. if (!(k & OPTION_REPLACE))
  723. {
  724. #if !defined(UNICODE) || !defined(_UNICODE)
  725. if (user)
  726. LocalFree(user);
  727. #endif
  728. return(ERROR_BAD_ARGUMENTS);
  729. }
  730. }
  731. } else
  732. {
  733. #if !defined(UNICODE) || !defined(_UNICODE)
  734. user = mbstowcs(argv[q]);
  735. #else
  736. user = argv[q];
  737. #endif
  738. access = GENERIC_NONE;
  739. }
  741. VERBOSERW((stderr, TEXT("OPTION = %d, USER = %ws, ACCESS = %lx\n"),
  742. option,
  743. user,
  744. access))
  747. if (ERROR_SUCCESS != (ret = cdw.SetAccess(curoption,
  748. user,
  749. NULL,
  750. access)))
  751. {
  752. ERRORS((stderr, "SetAccess for %ws:%lx failed, %d\n",
  753. user,
  754. access,
  755. ret))
  756. #if !defined(UNICODE) || !defined(_UNICODE)
  757. LocalFree(user);
  758. #endif
  759. return(ret);
  760. }
  761. #if !defined(UNICODE) || !defined(_UNICODE)
  762. LocalFree(user);
  763. #endif
  764. user = NULL;
  765. }
  766. }
  767. }
  769. BOOL fdir;
  771. if (emode == MODE_REPLACE)
  772. {
  773. CHAR well[MAX_PATH];
  774. CHAR msgbuf[MAX_PATH];
  775. printmessage(stdout,MSG_CACLS_ARE_YOU_SURE, NULL);
  776. FormatMessageA(FORMAT_MESSAGE_FROM_HMODULE, NULL, MSG_CACLS_Y, 0,
  777. msgbuf, MAX_PATH, NULL);
  778. fgets(well,MAX_PATH,stdin);
  780. // remove the trailing return
  781. if ('\n' == well[strlen(well) - sizeof(CHAR)])
  782. well[strlen(well) - sizeof(CHAR)] = '\0';
  784. if (0 != _stricmp(well, msgbuf))
  785. {
  786. FormatMessageA(FORMAT_MESSAGE_FROM_HMODULE, NULL, MSG_CACLS_YES, 0,
  787. msgbuf, MAX_PATH, NULL);
  788. if (0 != _stricmp(well, msgbuf))
  789. return(ERROR_SUCCESS);
  790. }
  791. }
  793. if (NO_ERROR == (ret = cfe.Init(filename, &pwfilename, &fdir)))
  794. {
  795. while ( (NO_ERROR == ret) ||
  796. ( ( (ERROR_ACCESS_DENIED == ret ) || (ERROR_SHARING_VIOLATION == ret) )&&
  797. (option & OPTION_CONTINUE_ON_ERROR) ) )
  798. {
  799. CFileSecurity cfs(pwfilename);
  801. if (NO_ERROR == (ret = cfs.Init()))
  802. {
  803. if (NO_ERROR != (ret = cfs.SetFS(emode == MODE_REPLACE ? FALSE : TRUE, &cdw, fdir)))
  804. {
  805. if (!(((ERROR_ACCESS_DENIED == ret) || (ERROR_SHARING_VIOLATION == ret)) &&
  806. (option & OPTION_CONTINUE_ON_ERROR)))
  807. {
  808. ERRORS((stderr, "SetFS on %ws failed %ld\n",pwfilename, ret))
  809. return(ret);
  810. }
  811. }
  812. }
  813. else
  814. {
  815. //
  816. // If the error is access denied or sharing violation and we are to continue on error,
  817. // then keep going. Otherwise bail out here.
  818. //
  820. if (!(((ERROR_ACCESS_DENIED == ret) || (ERROR_SHARING_VIOLATION == ret)) &&
  821. (option & OPTION_CONTINUE_ON_ERROR))) {
  823. ERRORS((stderr, "init failed, %d\n",ret))
  824. return(ret);
  825. }
  826. }
  828. if (NO_ERROR == ret)
  829. {
  831. if (fdir)
  832. {
  833. printmessage(stdout, MSG_CACLS_PROCESSED_DIR, NULL);
  834. cprintf(L"%s\n", pwfilename);
  835. }
  836. else
  837. {
  838. printmessage(stdout, MSG_CACLS_PROCESSED_FILE, NULL);
  839. cprintf(L"%s\n", pwfilename);
  840. }
  841. }
  842. else if (ERROR_ACCESS_DENIED == ret)
  843. {
  844. printmessage(stdout, MSG_CACLS_ACCESS_DENIED, NULL);
  845. cprintf(L"%s\n", pwfilename);
  846. }
  847. else if (ret == ERROR_SHARING_VIOLATION)
  848. {
  849. printmessage(stdout, MSG_CACLS_SHARING_VIOLATION, NULL);
  850. cprintf(L"%s\n", pwfilename);
  851. }
  853. if ( (NO_ERROR == ret) ||
  854. ( ( (ERROR_ACCESS_DENIED == ret ) || (ERROR_SHARING_VIOLATION == ret) ) &&
  855. (option & OPTION_CONTINUE_ON_ERROR) ) )
  856. ret = cfe.Next(&pwfilename, &fdir);
  857. }
  859. switch (ret)
  860. {
  861. case ERROR_NO_MORE_FILES:
  862. ret = ERROR_SUCCESS;
  863. break;
  864. case ERROR_ACCESS_DENIED:
  865. case ERROR_SHARING_VIOLATION:
  866. break;
  867. case ERROR_SUCCESS:
  868. break;
  869. default:
  870. DISPLAY((stderr, "%ws failed: %d\n", pwfilename, ret))
  871. break;
  872. }
  873. } else
  874. ERRORS((stderr, "file enumeration failed to initialize %ws, %ld\n",pwfilename, ret))
  876. if (ret == ERROR_NO_MORE_FILES)
  877. {
  878. ret = ERROR_SUCCESS;
  879. }
  881. if (ret != ERROR_SUCCESS)
  882. {
  883. ERRORS((stderr, "Enumeration failed, %d\n",ret))
  884. }
  886. return(ret);
  887. }
  888. #if DBG
  889. //---------------------------------------------------------------------------
  890. //
  891. // Function: DebugEnumerate
  892. //
  893. // Synopsis: debug function
  894. //
  895. // Arguments: IN [filename] - file name
  896. // IN [option] - option
  897. //
  898. //----------------------------------------------------------------------------
  899. ULONG DebugEnumerate(TCHAR *filename, ULONG option)
  900. {
  901. CFileEnumerate cfe(option & OPTION_TREE);
  902. WCHAR *pwfilename;
  903. BOOL fdir;
  904. ULONG ret;
  906. ret = cfe.Init(filename, &pwfilename, &fdir);
  907. while ( (ERROR_SUCCESS == ret) ||
  908. ( (ERROR_ACCESS_DENIED == ret ) &&
  909. (option & OPTION_CONTINUE_ON_ERROR) ) )
  910. {
  911. if (fdir)
  912. printf("dir name = %ws%ws\n",pwfilename,
  913. ERROR_ACCESS_DENIED == ret ? L"ACCESS DENIED" : L"");
  914. else
  915. printf("file name = %ws%ws\n",pwfilename,
  916. ERROR_ACCESS_DENIED == ret ? L"ACCESS DENIED" : L"");
  917. ret = cfe.Next(&pwfilename, &fdir);
  918. }
  919. if (ret == ERROR_ACCESS_DENIED)
  920. {
  921. if (fdir)
  922. printf("dir name = %ws%ws\n",pwfilename,
  923. ERROR_ACCESS_DENIED == ret ? L"ACCESS DENIED" : L"");
  924. else
  925. printf("file name = %ws%ws\n",pwfilename,
  926. ERROR_ACCESS_DENIED == ret ? L"ACCESS DENIED" : L"");
  927. }
  928. if (ret != ERROR_NO_MORE_FILES)
  929. printf("Enumeration failed, %d\n",ret);
  931. return(ret);
  932. }
  933. #endif
  934. //---------------------------------------------------------------------------
  935. //
  936. // Function: GetUserAccess
  937. //
  938. // Synopsis: parses an input string for user:access
  939. //
  940. // Arguments: IN [arg] - input string to parse
  941. // OUT [user] - user if found
  942. // OUT [access] - access if found
  943. //
  944. //----------------------------------------------------------------------------
  945. BOOL GetUserAndAccess(TCHAR *arg, WCHAR **user, ULONG *access)
  946. {
  947. TCHAR *saccess = wcschr(arg,':');
  948. if (saccess)
  949. {
  950. *saccess = NULL;
  951. saccess++;
  953. if (wcschr(saccess,':'))
  954. return(FALSE);
  955. #if defined(UNICODE) || defined(_UNICODE)
  956. *user = arg;
  957. #else
  958. *user = mbstowcs(arg);
  959. #endif
  961. if (0 == lstrcmpi(saccess, TEXT("F") ))
  962. {
  963. *access = ( STANDARD_RIGHTS_ALL |
  964. FILE_READ_DATA |
  965. FILE_WRITE_DATA |
  966. FILE_APPEND_DATA |
  967. FILE_READ_EA |
  968. FILE_WRITE_EA |
  969. FILE_EXECUTE |
  970. FILE_DELETE_CHILD |
  971. FILE_READ_ATTRIBUTES |
  972. FILE_WRITE_ATTRIBUTES );
  973. }
  974. else if (0 == lstrcmpi(saccess,TEXT("R") ))
  975. {
  976. *access = FILE_GENERIC_READ | FILE_EXECUTE;
  977. }
  978. else if (0 == lstrcmpi(saccess, TEXT("C") ))
  979. {
  980. *access = FILE_GENERIC_WRITE | FILE_GENERIC_READ | FILE_EXECUTE | DELETE;
  981. }
  982. else if (0 == lstrcmpi(saccess, TEXT("N") ))
  983. {
  984. *access = GENERIC_NONE;
  985. }
  986. else if (0 == lstrcmpi(saccess, TEXT("W") ))
  987. {
  988. *access = FILE_GENERIC_WRITE | FILE_EXECUTE;
  989. }
  990. else
  991. return(FALSE);
  992. return(TRUE);
  993. }
  994. return(FALSE);
  995. }
  996. //---------------------------------------------------------------------------
  997. //
  998. // Function: mbstowcs
  999. //
  1000. // Synopsis: converts char to wchar, allocates space for wchar
  1001. //
  1002. // Arguments: IN [aname] - char string
  1003. //
  1004. //----------------------------------------------------------------------------
  1005. WCHAR *mbstowcs(char *aname )
  1006. {
  1007. if (aname)
  1008. {
  1009. WCHAR *pwname = NULL;
  1010. pwname = (WCHAR *)LocalAlloc(LMEM_FIXED, sizeof(WCHAR) * (strlen(aname)+1));
  1011. if (NULL == pwname)
  1012. return(NULL);
  1013. WCHAR *prwname = pwname;
  1014. if (MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED,
  1015. aname, -1,
  1016. prwname, sizeof(WCHAR)*(strlen(aname)+1)) == 0)
  1017. return(NULL);
  1018. return(pwname);
  1019. } else
  1020. return(NULL);
  1021. }
  1022. //----------------------------------------------------------------------------
  1023. //
  1024. // Function:
  1025. //
  1026. // Synopsis:
  1027. //
  1028. // Arguments:
  1029. //
  1030. //----------------------------------------------------------------------------
  1031. BOOLEAN OpenToken(PHANDLE ph)
  1032. {
  1033. HANDLE hprocess;
  1035. hprocess = OpenProcess( PROCESS_QUERY_INFORMATION, FALSE, GetCurrentProcessId());
  1036. if (hprocess == NULL)
  1037. return(FALSE);
  1039. if (OpenProcessToken(hprocess, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ph))
  1040. {
  1041. CloseHandle(hprocess);
  1042. return(TRUE);
  1043. }
  1045. CloseHandle(hprocess);
  1046. return(FALSE);
  1047. }
  1048. //----------------------------------------------------------------------------
  1049. //
  1050. // Function: printfsid
  1051. //
  1052. // Synopsis: prints a NT SID
  1053. //
  1054. // Arguments: IN [psid] - pointer to the sid to print
  1055. //
  1056. //----------------------------------------------------------------------------
  1057. void printfsid(SID *psid, ULONG *outputoffset)
  1058. {
  1059. #if DBG
  1060. if ((Debug & DEBUG_VERBOSE) || (Debug & DEBUG_DISPLAY_SIDS))
  1061. {
  1062. printf("S-%lx",psid->Revision);
  1064. if ( (psid->IdentifierAuthority.Value[0] != 0) ||
  1065. (psid->IdentifierAuthority.Value[1] != 0) )
  1066. {
  1067. printf("0x%02hx%02hx%02hx%02hx%02hx%02hx",
  1068. (USHORT)psid->IdentifierAuthority.Value[0],
  1069. (USHORT)psid->IdentifierAuthority.Value[1],
  1070. (USHORT)psid->IdentifierAuthority.Value[2],
  1071. (USHORT)psid->IdentifierAuthority.Value[3],
  1072. (USHORT)psid->IdentifierAuthority.Value[4],
  1073. (USHORT)psid->IdentifierAuthority.Value[5] );
  1074. } else
  1075. {
  1076. printf("-%lu",
  1077. (ULONG)psid->IdentifierAuthority.Value[5] +
  1078. (ULONG)(psid->IdentifierAuthority.Value[4] << 8) +
  1079. (ULONG)(psid->IdentifierAuthority.Value[3] << 16) +
  1080. (ULONG)(psid->IdentifierAuthority.Value[2] << 24) );
  1081. }
  1083. if ( 0 < psid->SubAuthorityCount )
  1084. {
  1085. for (int k = 0; k < psid->SubAuthorityCount; k++ )
  1086. {
  1087. printf("-%d",psid->SubAuthority[k]);
  1088. }
  1089. }
  1090. }
  1091. #endif
  1092. ULONG ret;
  1094. CAccount ca(psid, NULL);
  1096. WCHAR *domain = NULL;
  1097. WCHAR *user;
  1099. if (NO_ERROR == ( ret = ca.GetAccountDomain(&domain) ) )
  1100. {
  1101. if ( (NULL == domain) || (0 == wcslen(domain)) )
  1102. {
  1103. fprintf(stdout, " ");
  1104. *outputoffset +=1;
  1105. }
  1106. else
  1107. {
  1108. fprintf(stdout, " ");
  1109. wprintf(L"%s", domain);
  1110. fprintf(stdout, "\\");
  1111. *outputoffset += 2 + wcslen( domain );;
  1112. }
  1114. if (NO_ERROR == ( ret = ca.GetAccountName(&user) ) )
  1115. {
  1116. wprintf(L"%s", user);
  1117. fprintf(stdout, ":");
  1118. *outputoffset += 1 + wcslen(user);
  1119. } else
  1120. {
  1121. *outputoffset += printmessage(stdout, MSG_CACLS_NAME_NOT_FOUND, NULL);
  1123. ERRORS((stderr, "(%lx)",ret))
  1124. }
  1125. } else
  1126. {
  1127. *outputoffset+= printmessage(stdout, MSG_CACLS_DOMAIN_NOT_FOUND, NULL);
  1128. ERRORS((stderr, "(%lx)",ret))
  1129. }
  1130. VERBOSE((stderr, "\n"))
  1131. }
  1132. //----------------------------------------------------------------------------
  1133. //
  1134. // Function: printface
  1135. //
  1136. // Synopsis: prints the specifed ace
  1137. //
  1138. // Arguments: IN [paceh] - input ace (header)
  1139. // IN [fdir] - TRUE = directory (different display options)
  1140. //
  1141. //----------------------------------------------------------------------------
  1142. void printface(ACE_HEADER *paceh, BOOL fdir, ULONG outputoffset)
  1143. {
  1144. VERBOSE((stderr, " "))
  1145. VERBOSER((stderr, "\npaceh->AceType = %x\n",paceh->AceType ))
  1146. VERBOSER((stderr, "paceh->AceFlags = %x\n",paceh->AceFlags ))
  1147. VERBOSER((stderr, "paceh->AceSize = %x\n",paceh->AceSize ))
  1148. ACCESS_ALLOWED_ACE *paaa = (ACCESS_ALLOWED_ACE *)paceh;
  1149. printfsid((SID *)&(paaa->SidStart),&outputoffset);
  1150. if (paceh->AceFlags & OBJECT_INHERIT_ACE )
  1151. {
  1152. outputoffset+= printmessage(stdout, MSG_CACLS_OBJECT_INHERIT, NULL);
  1153. }
  1154. if (paceh->AceFlags & CONTAINER_INHERIT_ACE )
  1155. {
  1156. outputoffset+= printmessage(stdout, MSG_CACLS_CONTAINER_INHERIT, NULL);
  1157. }
  1158. if (paceh->AceFlags & NO_PROPAGATE_INHERIT_ACE)
  1159. {
  1160. outputoffset+= printmessage(stdout, MSG_CACLS_NO_PROPAGATE_INHERIT, NULL);
  1161. }
  1162. if (paceh->AceFlags & INHERIT_ONLY_ACE )
  1163. {
  1164. outputoffset+= printmessage(stdout, MSG_CACLS_INHERIT_ONLY, NULL);
  1165. }
  1167. if (paceh->AceType == ACCESS_DENIED_ACE_TYPE)
  1168. {
  1169. DISPLAY_MASK((stderr, "(DENIED)"))
  1170. VERBOSE((stderr, "(DENIED)"))
  1171. }
  1173. printfmask(paaa->Mask, paceh->AceType, fdir, outputoffset);
  1174. fprintf(stdout, "\n");
  1175. }
  1176. //----------------------------------------------------------------------------
  1177. //
  1178. // Function: printfmask
  1179. //
  1180. // Synopsis: prints the access mask
  1181. //
  1182. // Arguments: IN [mask] - the access mask
  1183. // IN [acetype] - allowed/denied
  1184. // IN [fdir] - TRUE = directory
  1185. //
  1186. //----------------------------------------------------------------------------
  1187. CHAR *aRightsStr[] = { "STANDARD_RIGHTS_ALL",
  1188. "DELETE",
  1189. "READ_CONTROL",
  1190. "WRITE_DAC",
  1191. "WRITE_OWNER",
  1192. "SYNCHRONIZE",
  1193. "STANDARD_RIGHTS_REQUIRED",
  1194. "SPECIFIC_RIGHTS_ALL",
  1195. "ACCESS_SYSTEM_SECURITY",
  1196. "MAXIMUM_ALLOWED",
  1197. "GENERIC_READ",
  1198. "GENERIC_WRITE",
  1199. "GENERIC_EXECUTE",
  1200. "GENERIC_ALL",
  1201. "FILE_GENERIC_READ",
  1202. "FILE_GENERIC_WRITE",
  1203. "FILE_GENERIC_EXECUTE",
  1204. "FILE_READ_DATA",
  1205. //FILE_LIST_DIRECTORY
  1206. "FILE_WRITE_DATA",
  1207. //FILE_ADD_FILE
  1208. "FILE_APPEND_DATA",
  1209. //FILE_ADD_SUBDIRECTORY
  1210. "FILE_READ_EA",
  1211. "FILE_WRITE_EA",
  1212. "FILE_EXECUTE",
  1213. //FILE_TRAVERSE
  1214. "FILE_DELETE_CHILD",
  1215. "FILE_READ_ATTRIBUTES",
  1216. "FILE_WRITE_ATTRIBUTES" };
  1218. #define NUMRIGHTS 26
  1219. ULONG aRights[NUMRIGHTS] = { STANDARD_RIGHTS_ALL ,
  1220. DELETE ,
  1221. READ_CONTROL ,
  1222. WRITE_DAC ,
  1223. WRITE_OWNER ,
  1224. SYNCHRONIZE ,
  1225. STANDARD_RIGHTS_REQUIRED ,
  1226. SPECIFIC_RIGHTS_ALL ,
  1227. ACCESS_SYSTEM_SECURITY ,
  1228. MAXIMUM_ALLOWED ,
  1229. GENERIC_READ ,
  1230. GENERIC_WRITE ,
  1231. GENERIC_EXECUTE ,
  1232. GENERIC_ALL ,
  1233. FILE_GENERIC_READ ,
  1234. FILE_GENERIC_WRITE ,
  1235. FILE_GENERIC_EXECUTE ,
  1236. FILE_READ_DATA ,
  1237. //FILE_LIST_DIRECTORY ,
  1238. FILE_WRITE_DATA ,
  1239. //FILE_ADD_FILE ,
  1240. FILE_APPEND_DATA ,
  1241. //FILE_ADD_SUBDIRECTORY ,
  1242. FILE_READ_EA ,
  1243. FILE_WRITE_EA ,
  1244. FILE_EXECUTE ,
  1245. //FILE_TRAVERSE ,
  1246. FILE_DELETE_CHILD ,
  1247. FILE_READ_ATTRIBUTES ,
  1248. FILE_WRITE_ATTRIBUTES };
  1250. void printfmask(ULONG mask, UCHAR acetype, BOOL fdir, ULONG outputoffset)
  1251. {
  1252. ULONG savmask = mask;
  1253. VERBOSER((stderr, "mask = %08lx ", mask))
  1254. DISPLAY_MASK((stderr, "mask = %08lx\n", mask))
  1256. VERBOSE((stderr, " "))
  1258. #if DBG
  1259. if (!(Debug & (DEBUG_VERBOSE | DEBUG_DISPLAY_MASK)))
  1260. {
  1261. #endif
  1262. if ((acetype == ACCESS_ALLOWED_ACE_TYPE) &&
  1263. (mask == (FILE_GENERIC_READ | FILE_EXECUTE)))
  1264. {
  1265. printmessage(stdout, MSG_CACLS_READ, NULL);
  1266. } else if ((acetype == ACCESS_ALLOWED_ACE_TYPE) &&
  1267. (mask == (FILE_GENERIC_WRITE | FILE_GENERIC_READ | FILE_EXECUTE | DELETE)))
  1268. {
  1269. printmessage(stdout, MSG_CACLS_CHANGE, NULL);
  1270. } else if ((acetype == ACCESS_ALLOWED_ACE_TYPE) &&
  1271. (mask == (GENERIC_WRITE | GENERIC_READ | GENERIC_EXECUTE | DELETE)))
  1272. {
  1273. printmessage(stdout, MSG_CACLS_CHANGE, NULL);
  1274. } else if ((acetype == ACCESS_ALLOWED_ACE_TYPE) &&
  1275. (mask == ( STANDARD_RIGHTS_ALL |
  1276. FILE_READ_DATA |
  1277. FILE_WRITE_DATA |
  1278. FILE_APPEND_DATA |
  1279. FILE_READ_EA |
  1280. FILE_WRITE_EA |
  1281. FILE_EXECUTE |
  1282. FILE_DELETE_CHILD |
  1283. FILE_READ_ATTRIBUTES |
  1284. FILE_WRITE_ATTRIBUTES )) )
  1285. {
  1286. printmessage(stdout, MSG_CACLS_FULL_CONTROL, NULL);
  1287. } else if ((acetype == ACCESS_ALLOWED_ACE_TYPE) &&
  1288. (mask == GENERIC_ALL))
  1289. {
  1290. printmessage(stdout, MSG_CACLS_FULL_CONTROL, NULL);
  1291. } else if ((acetype == ACCESS_DENIED_ACE_TYPE) &&
  1292. (mask == GENERIC_ALL))
  1293. {
  1294. printmessage(stdout, MSG_CACLS_NONE, NULL);
  1295. } else if ((acetype == ACCESS_DENIED_ACE_TYPE) &&
  1296. (mask == ( STANDARD_RIGHTS_ALL |
  1297. FILE_READ_DATA |
  1298. FILE_WRITE_DATA |
  1299. FILE_APPEND_DATA |
  1300. FILE_READ_EA |
  1301. FILE_WRITE_EA |
  1302. FILE_EXECUTE |
  1303. FILE_DELETE_CHILD |
  1304. FILE_READ_ATTRIBUTES |
  1305. FILE_WRITE_ATTRIBUTES )) )
  1306. {
  1307. printmessage(stdout, MSG_CACLS_NONE, NULL);
  1308. } else
  1309. {
  1310. if (acetype == ACCESS_DENIED_ACE_TYPE)
  1311. printmessage(stdout, MSG_CACLS_DENY, NULL);
  1313. printmessage(stdout, MSG_CACLS_SPECIAL_ACCESS, NULL);
  1315. for (int k = 0; k<NUMRIGHTS ; k++ )
  1316. {
  1317. if ((mask & aRights[k]) == aRights[k])
  1318. {
  1319. fprintf(stdout, "%*s%s\n",outputoffset, " ", aRightsStr[k]);
  1320. }
  1321. if (mask == 0)
  1322. break;
  1323. }
  1324. }
  1325. #if DBG
  1326. } else
  1327. {
  1328. if (Debug & (DEBUG_DISPLAY_MASK | DEBUG_VERBOSE))
  1329. {
  1330. printf("\n");
  1331. for (int k = 0; k<NUMRIGHTS ; k++ )
  1332. {
  1333. if ((mask & aRights[k]) == aRights[k])
  1334. {
  1335. if (mask != savmask) printf(" |\n");
  1336. printf(" %s",aRightsStr[k]);
  1337. mask &= ~aRights[k];
  1338. }
  1339. if (mask == 0)
  1340. break;
  1341. }
  1342. }
  1343. VERBOSE((stderr, "=%x",mask))
  1344. if (mask != 0)
  1345. DISPLAY((stderr, "=%x/%x",mask,savmask))
  1346. }
  1347. #endif
  1348. fprintf(stdout, " ");
  1349. }
  1350. //----------------------------------------------------------------------------
  1351. //
  1352. // Function: printmessage
  1353. //
  1354. // Synopsis: prints a message, either from the local message file, or from the system
  1355. //
  1356. // Arguments: IN [fp] - stderr, stdio, etc.
  1357. // IN [messageID] - variable argument list
  1358. //
  1359. // Returns: length of the output buffer
  1360. //
  1361. //----------------------------------------------------------------------------
  1362. ULONG
  1363. __cdecl
  1364. printmessage (FILE* fp, DWORD messageID, ...)
  1365. {
  1366. WCHAR messagebuffer[4096];
  1367. va_list ap;
  1369. va_start(ap, messageID);
  1371. if (!FormatMessage(FORMAT_MESSAGE_FROM_HMODULE, NULL, messageID, 0,
  1372. messagebuffer, 4095, &ap))
  1373. FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, messageID, 0,
  1374. messagebuffer, 4095, &ap);
  1376. CHAR achOem[2048];
  1377. WideCharToMultiByte(CP_OEMCP,
  1378. 0,
  1379. messagebuffer,
  1380. -1,
  1381. achOem,
  1382. sizeof(achOem),
  1383. NULL,
  1384. NULL);
  1386. fprintf(fp, achOem);
  1387. va_end(ap);
  1389. return(wcslen(messagebuffer));
  1390. }