windows-nt/Source/XPSP1/NT/base/wdmlib/wdmsec/se/sepsddl.h

/*++

Copyright (c) Microsoft Corporation. All rights reserved.

Module Name:

    SepSddl.h

Abstract:

    This header contains private information for processing SDDL strings
    in kernel mode. This file is meant to be included only by sesddl.c.

Author:

    Adrian J. Oney  - April 21, 2002

Revision History:

--*/

//
// Define the location of our various SIDs
//
#ifndef _KERNELIMPLEMENTATION_

#define DEFINE_SDDL_ENTRY(Sid, Ver, Sddl, SddlLen) \
    { FIELD_OFFSET(SE_EXPORTS, Sid), Ver, Sddl, SddlLen }

#else

extern PSID SeServiceSid;
extern PSID SeLocalServiceSid;
extern PSID SeNetworkServiceSid;

#define DEFINE_SDDL_ENTRY(Sid, Ver, Sddl, SddlLen) \
    { &##Sid, Sddl, SddlLen }

#endif

//
// Local macros
//
#define SDDL_LEN_TAG( tagdef )  ( sizeof( tagdef ) / sizeof( WCHAR ) - 1 )

// 64K-1
#define SDDL_MAX_ACL_SIZE      0xFFFF

//
// This structure is used to do some lookups for mapping ACES
//
typedef enum {

    WIN2K_OR_LATER,
    WINXP_OR_LATER

} OS_SID_VER;

typedef struct _STRSD_KEY_LOOKUP {

    PWSTR Key;
    ULONG KeyLen;
    ULONG Value;

} STRSD_KEY_LOOKUP, *PSTRSD_KEY_LOOKUP;

//
// This structure is used to map account monikers to sids
//
typedef struct _STRSD_SID_LOOKUP {

#ifndef _KERNELIMPLEMENTATION_
    ULONG_PTR   ExportSidFieldOffset;
    OS_SID_VER  OsVer;
#else
    PSID        *Sid;
#endif

    WCHAR       Key[SDDL_ALIAS_SIZE+2];
    ULONG       KeyLen;

} STRSD_SID_LOOKUP, *PSTRSD_SID_LOOKUP;


//
// Functions private to sddl.c
//
NTSTATUS
SepSddlSecurityDescriptorFromSDDLString(
    IN  LPCWSTR                 SecurityDescriptorString,
    IN  LOGICAL                 SuppliedByDefaultMechanism,
    OUT PSECURITY_DESCRIPTOR   *SecurityDescriptor
    );

NTSTATUS
SepSddlDaclFromSDDLString(
    IN  LPCWSTR StringSecurityDescriptor,
    IN  LOGICAL SuppliedByDefaultMechanism,
    OUT ULONG  *SecurityDescriptorControlFlags,
    OUT PACL   *DiscretionaryAcl
    );

NTSTATUS
SepSddlGetSidForString(
    IN  PWSTR String,
    OUT PSID *SID,
    OUT PWSTR *End
    );

LOGICAL
SepSddlLookupAccessMaskInTable(
    IN PWSTR String,
    OUT ULONG *AccessMask,
    OUT PWSTR *End
    );

NTSTATUS
SepSddlGetAclForString(
    IN  PWSTR AclString,
    OUT PACL *Acl,
    OUT PWSTR *End
    );

NTSTATUS
SepSddlAddAceToAcl(
    IN OUT  PACL   *Acl,
    IN OUT  ULONG  *TrueAclSize,
    IN      ULONG   AceType,
    IN      ULONG   AceFlags,
    IN      ULONG   AccessMask,
    IN      ULONG   RemainingAces,
    IN      PSID    SidPtr
    );

#ifndef _KERNELIMPLEMENTATION_

LOGICAL
SepSddlParseWideStringUlong(
    IN  LPCWSTR     Buffer,
    OUT LPCWSTR    *FinalPosition,
    OUT ULONG      *Value
    );

#endif // _KERNELIMPLEMENTATION_
Add source files 2020-09-26 03:20:57 -05:00			`/*++`

			`Copyright (c) Microsoft Corporation. All rights reserved.`

			`Module Name:`

			`SepSddl.h`

			`Abstract:`

			`This header contains private information for processing SDDL strings`
			`in kernel mode. This file is meant to be included only by sesddl.c.`

			`Author:`

			`Adrian J. Oney - April 21, 2002`

			`Revision History:`

			`--*/`

			`//`
			`// Define the location of our various SIDs`
			`//`
			`#ifndef _KERNELIMPLEMENTATION_`

			`#define DEFINE_SDDL_ENTRY(Sid, Ver, Sddl, SddlLen) \`
			`{ FIELD_OFFSET(SE_EXPORTS, Sid), Ver, Sddl, SddlLen }`

			`#else`

			`extern PSID SeServiceSid;`
			`extern PSID SeLocalServiceSid;`
			`extern PSID SeNetworkServiceSid;`

			`#define DEFINE_SDDL_ENTRY(Sid, Ver, Sddl, SddlLen) \`
			`{ &##Sid, Sddl, SddlLen }`

			`#endif`

			`//`
			`// Local macros`
			`//`
			`#define SDDL_LEN_TAG( tagdef ) ( sizeof( tagdef ) / sizeof( WCHAR ) - 1 )`

			`// 64K-1`
			`#define SDDL_MAX_ACL_SIZE 0xFFFF`

			`//`
			`// This structure is used to do some lookups for mapping ACES`
			`//`
			`typedef enum {`

			`WIN2K_OR_LATER,`
			`WINXP_OR_LATER`

			`} OS_SID_VER;`

			`typedef struct _STRSD_KEY_LOOKUP {`

			`PWSTR Key;`
			`ULONG KeyLen;`
			`ULONG Value;`

			`} STRSD_KEY_LOOKUP, *PSTRSD_KEY_LOOKUP;`

			`//`
			`// This structure is used to map account monikers to sids`
			`//`
			`typedef struct _STRSD_SID_LOOKUP {`

			`#ifndef _KERNELIMPLEMENTATION_`
			`ULONG_PTR ExportSidFieldOffset;`
			`OS_SID_VER OsVer;`
			`#else`
			`PSID *Sid;`
			`#endif`

			`WCHAR Key[SDDL_ALIAS_SIZE+2];`
			`ULONG KeyLen;`

			`} STRSD_SID_LOOKUP, *PSTRSD_SID_LOOKUP;`


			`//`
			`// Functions private to sddl.c`
			`//`
			`NTSTATUS`
			`SepSddlSecurityDescriptorFromSDDLString(`
			`IN LPCWSTR SecurityDescriptorString,`
			`IN LOGICAL SuppliedByDefaultMechanism,`
			`OUT PSECURITY_DESCRIPTOR *SecurityDescriptor`
			`);`

			`NTSTATUS`
			`SepSddlDaclFromSDDLString(`
			`IN LPCWSTR StringSecurityDescriptor,`
			`IN LOGICAL SuppliedByDefaultMechanism,`
			`OUT ULONG *SecurityDescriptorControlFlags,`
			`OUT PACL *DiscretionaryAcl`
			`);`

			`NTSTATUS`
			`SepSddlGetSidForString(`
			`IN PWSTR String,`
			`OUT PSID *SID,`
			`OUT PWSTR *End`
			`);`

			`LOGICAL`
			`SepSddlLookupAccessMaskInTable(`
			`IN PWSTR String,`
			`OUT ULONG *AccessMask,`
			`OUT PWSTR *End`
			`);`

			`NTSTATUS`
			`SepSddlGetAclForString(`
			`IN PWSTR AclString,`
			`OUT PACL *Acl,`
			`OUT PWSTR *End`
			`);`

			`NTSTATUS`
			`SepSddlAddAceToAcl(`
			`IN OUT PACL *Acl,`
			`IN OUT ULONG *TrueAclSize,`
			`IN ULONG AceType,`
			`IN ULONG AceFlags,`
			`IN ULONG AccessMask,`
			`IN ULONG RemainingAces,`
			`IN PSID SidPtr`
			`);`

			`#ifndef _KERNELIMPLEMENTATION_`

			`LOGICAL`
			`SepSddlParseWideStringUlong(`
			`IN LPCWSTR Buffer,`
			`OUT LPCWSTR *FinalPosition,`
			`OUT ULONG *Value`
			`);`

			`#endif // _KERNELIMPLEMENTATION_`