51f775
acl: __ntapi_acl_init_common_descriptor(): allow specification of ace flags.
@@ -164,7 +164,8 @@ typedef void __stdcall ntapi_acl_init_common_descriptor(
|
|
164
164
|
__in uint32_t group_access,
|
165
165
|
__in uint32_t other_access,
|
166
166
|
__in uint32_t admin_access,
|
167
|
-
__in uint32_t system_access
|
167
|
+
__in uint32_t system_access,
|
168
|
+
__in uint32_t ace_flags);
|
168
169
|
|
169
170
|
typedef int32_t __stdcall ntapi_acl_init_common_descriptor_meta(
|
170
171
|
__out nt_sd_common_meta * meta,
|
@@ -24,6 +24,7 @@ static nt_access_allowed_ace * __acl_ace_init(
|
|
24
24
|
nt_access_allowed_ace * ace,
|
25
25
|
uint32_t mask,
|
26
26
|
const nt_sid * sid,
|
27
|
+
uint32_t flags,
|
27
28
|
uint16_t * aces)
|
28
29
|
{
|
29
30
|
if (mask == 0)
|
@@ -31,7 +32,7 @@ static nt_access_allowed_ace * __acl_ace_init(
|
|
31
32
|
|
32
33
|
ace->mask = mask;
|
33
34
|
ace->header.ace_type = NT_ACE_TYPE_ACCESS_ALLOWED;
|
34
|
-
ace->header.ace_flags =
|
35
|
+
ace->header.ace_flags = flags;
|
35
36
|
ace->header.ace_size = sizeof(uint32_t) * sid->sub_authority_count
|
36
37
|
+ __offsetof(nt_access_allowed_ace,sid_start)
|
37
38
|
+ __offsetof(nt_sid,sub_authority);
|
@@ -55,7 +56,8 @@ void __stdcall __ntapi_acl_init_common_descriptor(
|
|
55
56
|
__in uint32_t group_access,
|
56
57
|
__in uint32_t other_access,
|
57
58
|
__in uint32_t admin_access,
|
58
|
-
__in uint32_t system_access
|
59
|
+
__in uint32_t system_access,
|
60
|
+
__in uint32_t ace_flags)
|
59
61
|
{
|
60
62
|
nt_access_allowed_ace * ace;
|
61
63
|
uint16_t ace_count = 0;
|
@@ -87,14 +89,14 @@ void __stdcall __ntapi_acl_init_common_descriptor(
|
|
87
89
|
|
88
90
|
/* ace's */
|
89
91
|
ace = (nt_access_allowed_ace *)&sd->buffer;
|
90
|
-
ace = __acl_ace_init(ace,system_access,&sid_system,&ace_count);
|
91
|
-
ace = __acl_ace_init(ace,owner_access,&sid_owner_rights,&ace_count);
|
92
|
-
ace = __acl_ace_init(ace,group_access,group,&ace_count);
|
93
|
-
ace = __acl_ace_init(ace,other_access,other,&ace_count);
|
92
|
+
ace = __acl_ace_init(ace,system_access,&sid_system,ace_flags,&ace_count);
|
93
|
+
ace = __acl_ace_init(ace,owner_access,&sid_owner_rights,ace_flags,&ace_count);
|
94
|
+
ace = __acl_ace_init(ace,group_access,group,ace_flags,&ace_count);
|
95
|
+
ace = __acl_ace_init(ace,other_access,other,ace_flags,&ace_count);
|
94
96
|
|
95
97
|
if (admin_access) {
|
96
98
|
admin = admin ? admin : (nt_sid *)&sid_admins;
|
97
|
-
ace = __acl_ace_init(ace,admin_access,admin,&ace_count);
|
99
|
+
ace = __acl_ace_init(ace,admin_access,admin,ace_flags,&ace_count);
|
98
100
|
}
|
99
101
|
|
100
102
|
/* dacl */
|