Commit 08238b83 authored by Erich Hoover's avatar Erich Hoover Committed by Alexandre Julliard

advapi32: Support service objects in GetNamedSecurityInfo.

parent c14bdaf1
...@@ -30,6 +30,8 @@ BOOL ADVAPI_GetComputerSid(PSID sid) DECLSPEC_HIDDEN; ...@@ -30,6 +30,8 @@ BOOL ADVAPI_GetComputerSid(PSID sid) DECLSPEC_HIDDEN;
BOOL lookup_local_wellknown_name(const LSA_UNICODE_STRING*, PSID, LPDWORD, LPWSTR, LPDWORD, PSID_NAME_USE, BOOL*) DECLSPEC_HIDDEN; BOOL lookup_local_wellknown_name(const LSA_UNICODE_STRING*, PSID, LPDWORD, LPWSTR, LPDWORD, PSID_NAME_USE, BOOL*) DECLSPEC_HIDDEN;
BOOL lookup_local_user_name(const LSA_UNICODE_STRING*, PSID, LPDWORD, LPWSTR, LPDWORD, PSID_NAME_USE, BOOL*) DECLSPEC_HIDDEN; BOOL lookup_local_user_name(const LSA_UNICODE_STRING*, PSID, LPDWORD, LPWSTR, LPDWORD, PSID_NAME_USE, BOOL*) DECLSPEC_HIDDEN;
WCHAR *SERV_dup(const char *str) DECLSPEC_HIDDEN; WCHAR *SERV_dup(const char *str) DECLSPEC_HIDDEN;
DWORD SERV_OpenSCManagerW(LPCWSTR, LPCWSTR, DWORD, SC_HANDLE*) DECLSPEC_HIDDEN;
DWORD SERV_OpenServiceW(SC_HANDLE, LPCWSTR, DWORD, SC_HANDLE*) DECLSPEC_HIDDEN;
NTSTATUS SERV_QueryServiceObjectSecurity(SC_HANDLE, SECURITY_INFORMATION, PSECURITY_DESCRIPTOR, DWORD, LPDWORD) DECLSPEC_HIDDEN; NTSTATUS SERV_QueryServiceObjectSecurity(SC_HANDLE, SECURITY_INFORMATION, PSECURITY_DESCRIPTOR, DWORD, LPDWORD) DECLSPEC_HIDDEN;
/* heap allocation helpers */ /* heap allocation helpers */
......
...@@ -423,6 +423,19 @@ static inline DWORD get_security_file( LPWSTR full_file_name, DWORD access, HAND ...@@ -423,6 +423,19 @@ static inline DWORD get_security_file( LPWSTR full_file_name, DWORD access, HAND
return RtlNtStatusToDosError( status ); return RtlNtStatusToDosError( status );
} }
/* helper function for SE_SERVICE objects in [Get|Set]NamedSecurityInfo */
static inline DWORD get_security_service( LPWSTR full_service_name, DWORD access, HANDLE *service )
{
SC_HANDLE manager = 0;
DWORD err;
err = SERV_OpenSCManagerW( NULL, NULL, access, (SC_HANDLE *)&manager );
if (err == ERROR_SUCCESS)
err = SERV_OpenServiceW( manager, full_service_name, access, (SC_HANDLE *)service );
CloseServiceHandle( manager );
return err;
}
#define WINE_SIZE_OF_WORLD_ACCESS_ACL (sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD)) #define WINE_SIZE_OF_WORLD_ACCESS_ACL (sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + sizeof(sidWorld) - sizeof(DWORD))
static void GetWorldAccessACL(PACL pACL) static void GetWorldAccessACL(PACL pACL)
...@@ -5535,16 +5548,6 @@ DWORD WINAPI GetNamedSecurityInfoW( LPWSTR name, SE_OBJECT_TYPE type, ...@@ -5535,16 +5548,6 @@ DWORD WINAPI GetNamedSecurityInfoW( LPWSTR name, SE_OBJECT_TYPE type,
TRACE( "%s %d %d %p %p %p %p %p\n", debugstr_w(name), type, info, owner, TRACE( "%s %d %d %p %p %p %p %p\n", debugstr_w(name), type, info, owner,
group, dacl, sacl, descriptor ); group, dacl, sacl, descriptor );
if (type != SE_FILE_OBJECT)
{
FIXME( "Object type %d is not currently supported.\n", type );
if (owner) *owner = NULL;
if (group) *group = NULL;
if (dacl) *dacl = NULL;
if (sacl) *sacl = NULL;
if (descriptor) *descriptor = NULL;
return ERROR_SUCCESS;
}
/* A NULL descriptor is allowed if any one of the other pointers is not NULL */ /* A NULL descriptor is allowed if any one of the other pointers is not NULL */
if (!name || !(owner||group||dacl||sacl||descriptor) ) return ERROR_INVALID_PARAMETER; if (!name || !(owner||group||dacl||sacl||descriptor) ) return ERROR_INVALID_PARAMETER;
...@@ -5562,11 +5565,31 @@ DWORD WINAPI GetNamedSecurityInfoW( LPWSTR name, SE_OBJECT_TYPE type, ...@@ -5562,11 +5565,31 @@ DWORD WINAPI GetNamedSecurityInfoW( LPWSTR name, SE_OBJECT_TYPE type,
if (info & SACL_SECURITY_INFORMATION) if (info & SACL_SECURITY_INFORMATION)
access |= ACCESS_SYSTEM_SECURITY; access |= ACCESS_SYSTEM_SECURITY;
err = get_security_file( name, access, &handle); switch (type)
if (err != ERROR_SUCCESS) {
return err; case SE_SERVICE:
err = GetSecurityInfo( handle, type, info, owner, group, dacl, sacl, descriptor ); if (!(err = get_security_service( name, access, &handle)))
CloseHandle( handle ); {
err = GetSecurityInfo( handle, type, info, owner, group, dacl, sacl, descriptor );
CloseServiceHandle( handle );
}
break;
case SE_FILE_OBJECT:
if (!(err = get_security_file( name, access, &handle)))
{
err = GetSecurityInfo( handle, type, info, owner, group, dacl, sacl, descriptor );
CloseHandle( handle );
}
break;
default:
FIXME( "Object type %d is not currently supported.\n", type );
if (owner) *owner = NULL;
if (group) *group = NULL;
if (dacl) *dacl = NULL;
if (sacl) *sacl = NULL;
if (descriptor) *descriptor = NULL;
return ERROR_SUCCESS;
}
return err; return err;
} }
......
...@@ -777,18 +777,17 @@ SC_HANDLE WINAPI OpenSCManagerA( LPCSTR lpMachineName, LPCSTR lpDatabaseName, ...@@ -777,18 +777,17 @@ SC_HANDLE WINAPI OpenSCManagerA( LPCSTR lpMachineName, LPCSTR lpDatabaseName,
* *
* See OpenSCManagerA. * See OpenSCManagerA.
*/ */
SC_HANDLE WINAPI OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName, DWORD SERV_OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName,
DWORD dwDesiredAccess ) DWORD dwDesiredAccess, SC_HANDLE *handle )
{ {
SC_HANDLE handle = 0; DWORD r;
LONG r;
TRACE("(%s,%s,0x%08x)\n", debugstr_w(lpMachineName), TRACE("(%s,%s,0x%08x)\n", debugstr_w(lpMachineName),
debugstr_w(lpDatabaseName), dwDesiredAccess); debugstr_w(lpDatabaseName), dwDesiredAccess);
__TRY __TRY
{ {
r = svcctl_OpenSCManagerW(lpMachineName, lpDatabaseName, dwDesiredAccess, (SC_RPC_HANDLE *)&handle); r = svcctl_OpenSCManagerW(lpMachineName, lpDatabaseName, dwDesiredAccess, (SC_RPC_HANDLE *)handle);
} }
__EXCEPT(rpc_filter) __EXCEPT(rpc_filter)
{ {
...@@ -797,12 +796,21 @@ SC_HANDLE WINAPI OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName, ...@@ -797,12 +796,21 @@ SC_HANDLE WINAPI OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName,
__ENDTRY __ENDTRY
if (r!=ERROR_SUCCESS) if (r!=ERROR_SUCCESS)
{ *handle = 0;
SetLastError( r );
handle = 0; TRACE("returning %p\n", *handle);
} return r;
}
TRACE("returning %p\n", handle); SC_HANDLE WINAPI OpenSCManagerW( LPCWSTR lpMachineName, LPCWSTR lpDatabaseName,
DWORD dwDesiredAccess )
{
SC_HANDLE handle = 0;
DWORD r;
r = SERV_OpenSCManagerW(lpMachineName, lpDatabaseName, dwDesiredAccess, &handle);
if (r!=ERROR_SUCCESS)
SetLastError(r);
return handle; return handle;
} }
...@@ -921,23 +929,19 @@ SC_HANDLE WINAPI OpenServiceA( SC_HANDLE hSCManager, LPCSTR lpServiceName, ...@@ -921,23 +929,19 @@ SC_HANDLE WINAPI OpenServiceA( SC_HANDLE hSCManager, LPCSTR lpServiceName,
* *
* See OpenServiceA. * See OpenServiceA.
*/ */
SC_HANDLE WINAPI OpenServiceW( SC_HANDLE hSCManager, LPCWSTR lpServiceName, DWORD SERV_OpenServiceW( SC_HANDLE hSCManager, LPCWSTR lpServiceName,
DWORD dwDesiredAccess) DWORD dwDesiredAccess, SC_HANDLE *handle )
{ {
SC_HANDLE handle = 0;
DWORD err; DWORD err;
TRACE("%p %s %d\n", hSCManager, debugstr_w(lpServiceName), dwDesiredAccess); TRACE("%p %s %d\n", hSCManager, debugstr_w(lpServiceName), dwDesiredAccess);
if (!hSCManager) if (!hSCManager)
{ return ERROR_INVALID_HANDLE;
SetLastError( ERROR_INVALID_HANDLE );
return 0;
}
__TRY __TRY
{ {
err = svcctl_OpenServiceW(hSCManager, lpServiceName, dwDesiredAccess, (SC_RPC_HANDLE *)&handle); err = svcctl_OpenServiceW(hSCManager, lpServiceName, dwDesiredAccess, (SC_RPC_HANDLE *)handle);
} }
__EXCEPT(rpc_filter) __EXCEPT(rpc_filter)
{ {
...@@ -946,12 +950,21 @@ SC_HANDLE WINAPI OpenServiceW( SC_HANDLE hSCManager, LPCWSTR lpServiceName, ...@@ -946,12 +950,21 @@ SC_HANDLE WINAPI OpenServiceW( SC_HANDLE hSCManager, LPCWSTR lpServiceName,
__ENDTRY __ENDTRY
if (err != ERROR_SUCCESS) if (err != ERROR_SUCCESS)
{
SetLastError(err);
handle = 0; handle = 0;
}
TRACE("returning %p\n",handle); TRACE("returning %p\n", *handle);
return err;
}
SC_HANDLE WINAPI OpenServiceW( SC_HANDLE hSCManager, LPCWSTR lpServiceName,
DWORD dwDesiredAccess)
{
SC_HANDLE handle = 0;
DWORD err;
err = SERV_OpenServiceW(hSCManager, lpServiceName, dwDesiredAccess, &handle);
if (err != ERROR_SUCCESS)
SetLastError(err);
return handle; return handle;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment