diff options
Diffstat (limited to 'src/libs/dutil/WixToolset.DUtil/inc/aclutil.h')
| -rw-r--r-- | src/libs/dutil/WixToolset.DUtil/inc/aclutil.h | 154 |
1 files changed, 154 insertions, 0 deletions
diff --git a/src/libs/dutil/WixToolset.DUtil/inc/aclutil.h b/src/libs/dutil/WixToolset.DUtil/inc/aclutil.h new file mode 100644 index 00000000..ac03f9a8 --- /dev/null +++ b/src/libs/dutil/WixToolset.DUtil/inc/aclutil.h | |||
| @@ -0,0 +1,154 @@ | |||
| 1 | #pragma once | ||
| 2 | // Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information. | ||
| 3 | |||
| 4 | |||
| 5 | #include <aclapi.h> | ||
| 6 | #include <sddl.h> | ||
| 7 | |||
| 8 | #define ReleaseSid(x) if (x) { AclFreeSid(x); } | ||
| 9 | #define ReleaseNullSid(x) if (x) { AclFreeSid(x); x = NULL; } | ||
| 10 | |||
| 11 | #ifdef __cplusplus | ||
| 12 | extern "C" { | ||
| 13 | #endif | ||
| 14 | |||
| 15 | // structs | ||
| 16 | struct ACL_ACCESS | ||
| 17 | { | ||
| 18 | BOOL fDenyAccess; | ||
| 19 | DWORD dwAccessMask; | ||
| 20 | |||
| 21 | // TODO: consider using a union | ||
| 22 | LPCWSTR pwzAccountName; // NOTE: the last three items in this structure are ignored if this is not NULL | ||
| 23 | |||
| 24 | SID_IDENTIFIER_AUTHORITY sia; // used if pwzAccountName is NULL | ||
| 25 | BYTE nSubAuthorityCount; | ||
| 26 | DWORD nSubAuthority[8]; | ||
| 27 | }; | ||
| 28 | |||
| 29 | struct ACL_ACE | ||
| 30 | { | ||
| 31 | DWORD dwFlags; | ||
| 32 | DWORD dwMask; | ||
| 33 | PSID psid; | ||
| 34 | }; | ||
| 35 | |||
| 36 | |||
| 37 | // functions | ||
| 38 | HRESULT DAPI AclCheckAccess( | ||
| 39 | __in HANDLE hToken, | ||
| 40 | __in ACL_ACCESS* paa | ||
| 41 | ); | ||
| 42 | HRESULT DAPI AclCheckAdministratorAccess( | ||
| 43 | __in HANDLE hToken | ||
| 44 | ); | ||
| 45 | HRESULT DAPI AclCheckLocalSystemAccess( | ||
| 46 | __in HANDLE hToken | ||
| 47 | ); | ||
| 48 | |||
| 49 | HRESULT DAPI AclGetWellKnownSid( | ||
| 50 | __in WELL_KNOWN_SID_TYPE wkst, | ||
| 51 | __deref_out PSID* ppsid | ||
| 52 | ); | ||
| 53 | HRESULT DAPI AclGetAccountSid( | ||
| 54 | __in_opt LPCWSTR wzSystem, | ||
| 55 | __in_z LPCWSTR wzAccount, | ||
| 56 | __deref_out PSID* ppsid | ||
| 57 | ); | ||
| 58 | HRESULT DAPI AclGetAccountSidString( | ||
| 59 | __in_z LPCWSTR wzSystem, | ||
| 60 | __in_z LPCWSTR wzAccount, | ||
| 61 | __deref_out_z LPWSTR* ppwzSid | ||
| 62 | ); | ||
| 63 | |||
| 64 | HRESULT DAPI AclCreateDacl( | ||
| 65 | __in_ecount(cDeny) ACL_ACE rgaaDeny[], | ||
| 66 | __in DWORD cDeny, | ||
| 67 | __in_ecount(cAllow) ACL_ACE rgaaAllow[], | ||
| 68 | __in DWORD cAllow, | ||
| 69 | __deref_out ACL** ppAcl | ||
| 70 | ); | ||
| 71 | HRESULT DAPI AclAddToDacl( | ||
| 72 | __in ACL* pAcl, | ||
| 73 | __in_ecount_opt(cDeny) const ACL_ACE rgaaDeny[], | ||
| 74 | __in DWORD cDeny, | ||
| 75 | __in_ecount_opt(cAllow) const ACL_ACE rgaaAllow[], | ||
| 76 | __in DWORD cAllow, | ||
| 77 | __deref_out ACL** ppAclNew | ||
| 78 | ); | ||
| 79 | HRESULT DAPI AclMergeDacls( | ||
| 80 | __in const ACL* pAcl1, | ||
| 81 | __in const ACL* pAcl2, | ||
| 82 | __deref_out ACL** ppAclNew | ||
| 83 | ); | ||
| 84 | HRESULT DAPI AclCreateDaclOld( | ||
| 85 | __in_ecount(cAclAccesses) ACL_ACCESS* paa, | ||
| 86 | __in DWORD cAclAccesses, | ||
| 87 | __deref_out ACL** ppAcl | ||
| 88 | ); | ||
| 89 | HRESULT DAPI AclCreateSecurityDescriptor( | ||
| 90 | __in_ecount(cAclAccesses) ACL_ACCESS* paa, | ||
| 91 | __in DWORD cAclAccesses, | ||
| 92 | __deref_out SECURITY_DESCRIPTOR** ppsd | ||
| 93 | ); | ||
| 94 | HRESULT DAPI AclCreateSecurityDescriptorFromDacl( | ||
| 95 | __in ACL* pACL, | ||
| 96 | __deref_out SECURITY_DESCRIPTOR** ppsd | ||
| 97 | ); | ||
| 98 | HRESULT __cdecl AclCreateSecurityDescriptorFromString( | ||
| 99 | __deref_out SECURITY_DESCRIPTOR** ppsd, | ||
| 100 | __in_z __format_string LPCWSTR wzSddlFormat, | ||
| 101 | ... | ||
| 102 | ); | ||
| 103 | HRESULT DAPI AclDuplicateSecurityDescriptor( | ||
| 104 | __in SECURITY_DESCRIPTOR* psd, | ||
| 105 | __deref_out SECURITY_DESCRIPTOR** ppsd | ||
| 106 | ); | ||
| 107 | HRESULT DAPI AclGetSecurityDescriptor( | ||
| 108 | __in_z LPCWSTR wzObject, | ||
| 109 | __in SE_OBJECT_TYPE sot, | ||
| 110 | __in SECURITY_INFORMATION securityInformation, | ||
| 111 | __deref_out SECURITY_DESCRIPTOR** ppsd | ||
| 112 | ); | ||
| 113 | HRESULT DAPI AclSetSecurityWithRetry( | ||
| 114 | __in_z LPCWSTR wzObject, | ||
| 115 | __in SE_OBJECT_TYPE sot, | ||
| 116 | __in SECURITY_INFORMATION securityInformation, | ||
| 117 | __in_opt PSID psidOwner, | ||
| 118 | __in_opt PSID psidGroup, | ||
| 119 | __in_opt PACL pDacl, | ||
| 120 | __in_opt PACL pSacl, | ||
| 121 | __in DWORD cRetry, | ||
| 122 | __in DWORD dwWaitMilliseconds | ||
| 123 | ); | ||
| 124 | |||
| 125 | HRESULT DAPI AclFreeSid( | ||
| 126 | __in PSID psid | ||
| 127 | ); | ||
| 128 | HRESULT DAPI AclFreeDacl( | ||
| 129 | __in ACL* pACL | ||
| 130 | ); | ||
| 131 | HRESULT DAPI AclFreeSecurityDescriptor( | ||
| 132 | __in SECURITY_DESCRIPTOR* psd | ||
| 133 | ); | ||
| 134 | |||
| 135 | HRESULT DAPI AclAddAdminToSecurityDescriptor( | ||
| 136 | __in SECURITY_DESCRIPTOR* pSecurity, | ||
| 137 | __deref_out SECURITY_DESCRIPTOR** ppSecurityNew | ||
| 138 | ); | ||
| 139 | |||
| 140 | // Following code in acl2util.cpp due to dependency on crypt32.dll. | ||
| 141 | HRESULT DAPI AclCalculateServiceSidString( | ||
| 142 | __in LPCWSTR wzServiceName, | ||
| 143 | __in SIZE_T cchServiceName, | ||
| 144 | __deref_out_z LPWSTR* psczSid | ||
| 145 | ); | ||
| 146 | HRESULT DAPI AclGetAccountSidStringEx( | ||
| 147 | __in_z LPCWSTR wzSystem, | ||
| 148 | __in_z LPCWSTR wzAccount, | ||
| 149 | __deref_out_z LPWSTR* psczSid | ||
| 150 | ); | ||
| 151 | |||
| 152 | #ifdef __cplusplus | ||
| 153 | } | ||
| 154 | #endif | ||