sean-m
/
Vanara
mirror of https://github.com/dahall/Vanara.git
1
0
Fork 0
Code Issues Releases Wiki Activity

BREAKING CHANGE: Renamed SafeSECURITY_DESCRIPTOR to SafePrivateObjectSecurity and SafeSecurityDescriptor to SafePSECURITY_DESCRIPTOR due to inconsistency in framework leading to numerous misuse instances. Sorry!

pull/83/head
David Hall 2019-07-12 09:47:46 -06:00
parent 5fed9eda66
commit 3df4a4af97
12 changed files with 95 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
PInvoke/NetApi32/Lm.Ext.cs
View File

@ -900,10 +900,10 @@ namespace Vanara.PInvoke
/// the domain specified in the DomainName parameter.
/// </remarks>
[PInvokeData("lmdfs.h", MSDNShortId = "88e988db-1418-49d5-8cac-1ea6144474a5")]
public static AdvApi32.SafeSecurityDescriptor NetDfsGetFtContainerSecurity(string DomainName, SECURITY_INFORMATION SecurityInformation)
public static AdvApi32.SafePSECURITY_DESCRIPTOR NetDfsGetFtContainerSecurity(string DomainName, SECURITY_INFORMATION SecurityInformation)
{
NetDfsGetFtContainerSecurity(DomainName, SecurityInformation, out var buf, out var len).ThrowIfFailed();
return new AdvApi32.SafeSecurityDescriptor(buf.ToIEnum<byte>((int)len).ToArray());
return new AdvApi32.SafePSECURITY_DESCRIPTOR(buf.ToIEnum<byte>((int)len).ToArray());
}
/// <summary>Retrieves information about a specified Distributed File System (DFS) root or link in a DFS namespace.</summary>
@ -1033,10 +1033,10 @@ namespace Vanara.PInvoke
/// </para>
/// </remarks>
[PInvokeData("lmdfs.h", MSDNShortId = "a6db7c82-c2ec-464a-8c05-2360622880b4")]
public static AdvApi32.SafeSecurityDescriptor NetDfsGetSecurity(string DfsEntryPath, SECURITY_INFORMATION SecurityInformation)
public static AdvApi32.SafePSECURITY_DESCRIPTOR NetDfsGetSecurity(string DfsEntryPath, SECURITY_INFORMATION SecurityInformation)
{
NetDfsGetSecurity(DfsEntryPath, SecurityInformation, out var buf, out var len).ThrowIfFailed();
return new AdvApi32.SafeSecurityDescriptor(buf.ToIEnum<byte>((int)len).ToArray());
return new AdvApi32.SafePSECURITY_DESCRIPTOR(buf.ToIEnum<byte>((int)len).ToArray());
}
/// <summary>Retrieves the security descriptor for the container object of the specified stand-alone DFS namespace.</summary>
@ -1052,10 +1052,10 @@ namespace Vanara.PInvoke
/// MachineName parameter.
/// </remarks>
[PInvokeData("lmdfs.h", MSDNShortId = "63ad610e-c66f-4fad-b3b6-2ee15e90a723")]
public static AdvApi32.SafeSecurityDescriptor NetDfsGetStdContainerSecurity<T>(string MachineName, SECURITY_INFORMATION SecurityInformation)
public static AdvApi32.SafePSECURITY_DESCRIPTOR NetDfsGetStdContainerSecurity<T>(string MachineName, SECURITY_INFORMATION SecurityInformation)
{
NetDfsGetStdContainerSecurity(MachineName, SecurityInformation, out var buf, out var len).ThrowIfFailed();
return new AdvApi32.SafeSecurityDescriptor(buf.ToIEnum<byte>((int)len).ToArray());
return new AdvApi32.SafePSECURITY_DESCRIPTOR(buf.ToIEnum<byte>((int)len).ToArray());
}
/// <summary>Modifies information about a Distributed File System (DFS) root or link in the cache maintained by the DFS client.</summary>

6
PInvoke/Security/AdvApi32/AclApi.cs
View File

@ -234,7 +234,7 @@ namespace Vanara.PInvoke
[DllImport(Lib.AdvApi32, SetLastError = false, CharSet = CharSet.Auto)]
[PInvokeData("aclapi.h", MSDNShortId = "becc1218-5bc3-4ab2-86f8-3ebd10e16966")]
public static extern uint BuildSecurityDescriptor(in TRUSTEE pOwner, in TRUSTEE pGroup, uint cCountOfAccessEntries, [In, MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 2)] EXPLICIT_ACCESS[] pListOfAccessEntries,
uint cCountOfAuditEntries, [In, MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 4)] EXPLICIT_ACCESS[] pListOfAuditEntries, [In] PSECURITY_DESCRIPTOR pOldSD, out uint pSizeNewSD, out SafeSecurityDescriptor pNewSD);
uint cCountOfAuditEntries, [In, MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 4)] EXPLICIT_ACCESS[] pListOfAuditEntries, [In] PSECURITY_DESCRIPTOR pOldSD, out uint pSizeNewSD, out SafePSECURITY_DESCRIPTOR pNewSD);
/// <summary>
/// <para>
@ -646,7 +646,7 @@ namespace Vanara.PInvoke
[DllImport(Lib.AdvApi32, CharSet = CharSet.Auto, SetLastError = true)]
[PInvokeData("Aclapi.h", MSDNShortId = "aa446645")]
public static extern Win32Error GetNamedSecurityInfo(string pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, out PSID ppsidOwner,
out PSID ppsidGroup, out PACL ppDacl, out PACL ppSacl, out SafeSecurityDescriptor ppSecurityDescriptor);
out PSID ppsidGroup, out PACL ppDacl, out PACL ppSacl, out SafePSECURITY_DESCRIPTOR ppSecurityDescriptor);
/// <summary>
/// <para>The <c>GetSecurityInfo</c> function retrieves a copy of the security descriptor for an object specified by a handle.</para>
@ -763,7 +763,7 @@ namespace Vanara.PInvoke
[DllImport(Lib.AdvApi32, SetLastError = false, ExactSpelling = true)]
[PInvokeData("aclapi.h", MSDNShortId = "64767a6b-cd79-4e02-881a-706a078ff446")]
public static extern Win32Error GetSecurityInfo(IntPtr handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, out PSID ppsidOwner, out PSID ppsidGroup,
out PACL ppDacl, out PACL ppSacl, out SafeSecurityDescriptor ppSecurityDescriptor);
out PACL ppDacl, out PACL ppSacl, out SafePSECURITY_DESCRIPTOR ppSecurityDescriptor);
/// <summary>
/// <para>

4
PInvoke/Security/AdvApi32/Sddl.cs
View File

@ -248,11 +248,11 @@ namespace Vanara.PInvoke
// PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize );
[PInvokeData("sddl.h", MSDNShortId = "c5654148-fb4c-436d-9378-a1168fc82607")]
[return: MarshalAs(UnmanagedType.Bool)]
public static SafeSecurityDescriptor ConvertStringSecurityDescriptorToSecurityDescriptor(string StringSecurityDescriptor)
public static SafePSECURITY_DESCRIPTOR ConvertStringSecurityDescriptorToSecurityDescriptor(string StringSecurityDescriptor)
{
if (!ConvertStringSecurityDescriptorToSecurityDescriptor(StringSecurityDescriptor, SDDL_REVISION.SDDL_REVISION_1, out var sd, out var sz))
throw new Win32Exception();
return new SafeSecurityDescriptor(sd.ToArray<byte>((int)sz));
return new SafePSECURITY_DESCRIPTOR(sd.ToArray<byte>((int)sz));
}
/// <summary>

40
PInvoke/Security/AdvApi32/SecurityBaseApi.cs
View File

@ -2817,7 +2817,7 @@ namespace Vanara.PInvoke
[PInvokeData("securitybaseapi.h", MSDNShortId = "eaaa5509-eff5-461d-843b-7ebbbe0dd58f")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool ConvertToAutoInheritPrivateObjectSecurity([In, Optional] PSECURITY_DESCRIPTOR ParentDescriptor, [In] PSECURITY_DESCRIPTOR CurrentSecurityDescriptor,
out SafeSECURITY_DESCRIPTOR NewSecurityDescriptor, in Guid ObjectType, [MarshalAs(UnmanagedType.U1)] bool IsDirectoryObject, in GENERIC_MAPPING GenericMapping);
out SafePrivateObjectSecurity NewSecurityDescriptor, in Guid ObjectType, [MarshalAs(UnmanagedType.U1)] bool IsDirectoryObject, in GENERIC_MAPPING GenericMapping);
/// <summary>
/// The <c>ConvertToAutoInheritPrivateObjectSecurity</c> function converts a security descriptor and its access control lists (ACLs)
@ -2891,7 +2891,7 @@ namespace Vanara.PInvoke
[PInvokeData("securitybaseapi.h", MSDNShortId = "eaaa5509-eff5-461d-843b-7ebbbe0dd58f")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool ConvertToAutoInheritPrivateObjectSecurity([In, Optional] PSECURITY_DESCRIPTOR ParentDescriptor, [In] PSECURITY_DESCRIPTOR CurrentSecurityDescriptor,
out SafeSECURITY_DESCRIPTOR NewSecurityDescriptor, [In, Optional] IntPtr ObjectType, [MarshalAs(UnmanagedType.U1)] bool IsDirectoryObject, in GENERIC_MAPPING GenericMapping);
out SafePrivateObjectSecurity NewSecurityDescriptor, [In, Optional] IntPtr ObjectType, [MarshalAs(UnmanagedType.U1)] bool IsDirectoryObject, in GENERIC_MAPPING GenericMapping);
/// <summary>
/// <para>
@ -2965,7 +2965,7 @@ namespace Vanara.PInvoke
[DllImport(Lib.AdvApi32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("securitybaseapi.h", MSDNShortId = "5f4832b6-5cf5-4050-9e20-56674f2e2cb1")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CreatePrivateObjectSecurity([In, Optional] PSECURITY_DESCRIPTOR ParentDescriptor, [In, Optional] PSECURITY_DESCRIPTOR CreatorDescriptor, out SafeSECURITY_DESCRIPTOR NewDescriptor,
public static extern bool CreatePrivateObjectSecurity([In, Optional] PSECURITY_DESCRIPTOR ParentDescriptor, [In, Optional] PSECURITY_DESCRIPTOR CreatorDescriptor, out SafePrivateObjectSecurity NewDescriptor,
[MarshalAs(UnmanagedType.Bool)] bool IsDirectoryObject, [In, Optional] HTOKEN Token, in GENERIC_MAPPING GenericMapping);
/// <summary>
@ -3149,7 +3149,7 @@ namespace Vanara.PInvoke
[DllImport(Lib.AdvApi32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("Winbase.h", MSDNShortId = "aa446581")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CreatePrivateObjectSecurityEx([In, Optional] PSECURITY_DESCRIPTOR ParentDescriptor, [In, Optional] PSECURITY_DESCRIPTOR CreatorDescriptor, out SafeSECURITY_DESCRIPTOR NewDescriptor,
public static extern bool CreatePrivateObjectSecurityEx([In, Optional] PSECURITY_DESCRIPTOR ParentDescriptor, [In, Optional] PSECURITY_DESCRIPTOR CreatorDescriptor, out SafePrivateObjectSecurity NewDescriptor,
in Guid ObjectType, [MarshalAs(UnmanagedType.Bool)] bool IsContainerObject, uint AutoInheritFlags, [In, Optional] HTOKEN Token, in GENERIC_MAPPING GenericMapping);
/// <summary>
@ -3333,7 +3333,7 @@ namespace Vanara.PInvoke
[DllImport(Lib.AdvApi32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("Winbase.h", MSDNShortId = "aa446581")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CreatePrivateObjectSecurityEx([In, Optional] PSECURITY_DESCRIPTOR ParentDescriptor, [In, Optional] PSECURITY_DESCRIPTOR CreatorDescriptor, out SafeSECURITY_DESCRIPTOR NewDescriptor,
public static extern bool CreatePrivateObjectSecurityEx([In, Optional] PSECURITY_DESCRIPTOR ParentDescriptor, [In, Optional] PSECURITY_DESCRIPTOR CreatorDescriptor, out SafePrivateObjectSecurity NewDescriptor,
[In, Optional] IntPtr ObjectType, [MarshalAs(UnmanagedType.Bool)] bool IsContainerObject, uint AutoInheritFlags, [In, Optional] HTOKEN Token, in GENERIC_MAPPING GenericMapping);
/// <summary>
@ -3606,7 +3606,7 @@ namespace Vanara.PInvoke
[DllImport(Lib.AdvApi32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("securitybaseapi.h", MSDNShortId = "8c5a2ac2-612c-4625-8c68-27d99d4ba9d5")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CreatePrivateObjectSecurityWithMultipleInheritance([In, Optional] PSECURITY_DESCRIPTOR ParentDescriptor, [In, Optional] PSECURITY_DESCRIPTOR CreatorDescriptor, out SafeSECURITY_DESCRIPTOR NewDescriptor,
public static extern bool CreatePrivateObjectSecurityWithMultipleInheritance([In, Optional] PSECURITY_DESCRIPTOR ParentDescriptor, [In, Optional] PSECURITY_DESCRIPTOR CreatorDescriptor, out SafePrivateObjectSecurity NewDescriptor,
[In, MarshalAs(UnmanagedType.LPArray), Optional] Guid[] ObjectTypes, uint GuidCount, [MarshalAs(UnmanagedType.Bool)] bool IsContainerObject, SEF AutoInheritFlags, HTOKEN Token, in GENERIC_MAPPING GenericMapping);
/// <summary>
@ -4161,7 +4161,7 @@ namespace Vanara.PInvoke
[return: MarshalAs(UnmanagedType.Bool)]
[PInvokeData("securitybaseapi.h", MSDNShortId = "aa446646")]
public static extern bool GetPrivateObjectSecurity(PSECURITY_DESCRIPTOR ObjectDescriptor, SECURITY_INFORMATION SecurityInformation,
SafeSecurityDescriptor ResultantDescriptor, uint DescriptorLength, out uint ReturnLength);
SafePSECURITY_DESCRIPTOR ResultantDescriptor, uint DescriptorLength, out uint ReturnLength);
/// <summary>The GetPrivateObjectSecurity function retrieves information from a private object's security descriptor.</summary>
/// <param name="ObjectDescriptor">A pointer to a SECURITY_DESCRIPTOR structure. This is the security descriptor to be queried.</param>
@ -4172,13 +4172,13 @@ namespace Vanara.PInvoke
/// <returns>
/// The requested information from the specified security descriptor. The SECURITY_DESCRIPTOR structure is returned in self-relative format.
/// </returns>
public static SafeSecurityDescriptor GetPrivateObjectSecurity(this PSECURITY_DESCRIPTOR ObjectDescriptor, SECURITY_INFORMATION SecurityInformation)
public static SafePSECURITY_DESCRIPTOR GetPrivateObjectSecurity(this PSECURITY_DESCRIPTOR ObjectDescriptor, SECURITY_INFORMATION SecurityInformation)
{
var pResSD = SafeSecurityDescriptor.Null;
var pResSD = SafePSECURITY_DESCRIPTOR.Null;
GetPrivateObjectSecurity(ObjectDescriptor, SecurityInformation, pResSD, 0, out var ret);
if (ret > 0)
{
pResSD = new SafeSecurityDescriptor((int)ret);
pResSD = new SafePSECURITY_DESCRIPTOR((int)ret);
if (!pResSD.IsInvalid && !GetPrivateObjectSecurity(ObjectDescriptor, SecurityInformation, pResSD, ret, out _))
Win32Error.GetLastError().ThrowIfFailed();
}
@ -4194,7 +4194,7 @@ namespace Vanara.PInvoke
/// <returns>
/// The requested information from the specified security descriptor. The SECURITY_DESCRIPTOR structure is returned in self-relative format.
/// </returns>
public static SafeSecurityDescriptor GetPrivateObjectSecurity(this SafeSecurityDescriptor ObjectDescriptor, SECURITY_INFORMATION SecurityInformation) =>
public static SafePSECURITY_DESCRIPTOR GetPrivateObjectSecurity(this SafePSECURITY_DESCRIPTOR ObjectDescriptor, SECURITY_INFORMATION SecurityInformation) =>
GetPrivateObjectSecurity((PSECURITY_DESCRIPTOR)ObjectDescriptor, SecurityInformation);
/// <summary>
@ -4805,7 +4805,7 @@ namespace Vanara.PInvoke
[DllImport(Lib.AdvApi32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("securitybaseapi.h", MSDNShortId = "47c75071-f10d-43cf-a841-2dd49fc39afa")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool MakeAbsoluteSD([In] PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, [In, Out] SafeSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, ref uint lpdwAbsoluteSecurityDescriptorSize,
public static extern bool MakeAbsoluteSD([In] PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, [In, Out] SafePSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, ref uint lpdwAbsoluteSecurityDescriptorSize,
SafeAllocatedMemoryHandle pDacl, ref uint lpdwDaclSize, SafeAllocatedMemoryHandle pSacl, ref uint lpdwSaclSize, SafePSID pOwner, ref uint lpdwOwnerSize, SafePSID pPrimaryGroup, ref uint lpdwPrimaryGroupSize);
/// <summary>
@ -4861,7 +4861,7 @@ namespace Vanara.PInvoke
[DllImport(Lib.AdvApi32, SetLastError = true, ExactSpelling = true)]
[PInvokeData("securitybaseapi.h", MSDNShortId = "497c7e2f-75b7-41b9-9693-37e041b7af58")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, SafeSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, ref uint lpdwBufferLength);
public static extern bool MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, SafePSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, ref uint lpdwBufferLength);
/// <summary>
/// The MapGenericMask function maps the generic access rights in an access mask to specific and standard access rights. The function
@ -5927,22 +5927,22 @@ namespace Vanara.PInvoke
}
/// <summary>Provides a <see cref="SafeHandle"/> for <see cref="SECURITY_DESCRIPTOR"/> that is disposed using <see cref="DestroyPrivateObjectSecurity"/>.</summary>
public class SafeSECURITY_DESCRIPTOR : SafeHANDLE
public class SafePrivateObjectSecurity : SafeHANDLE
{
/// <summary>Initializes a new instance of the <see cref="SafeSECURITY_DESCRIPTOR"/> class and assigns an existing handle.</summary>
/// <summary>Initializes a new instance of the <see cref="SafePrivateObjectSecurity"/> class and assigns an existing handle.</summary>
/// <param name="preexistingHandle">An <see cref="IntPtr"/> object that represents the pre-existing handle to use.</param>
/// <param name="ownsHandle">
/// <see langword="true"/> to reliably release the handle during the finalization phase; otherwise, <see langword="false"/> (not recommended).
/// </param>
public SafeSECURITY_DESCRIPTOR(IntPtr preexistingHandle, bool ownsHandle = true) : base(preexistingHandle, ownsHandle) { }
public SafePrivateObjectSecurity(IntPtr preexistingHandle, bool ownsHandle = true) : base(preexistingHandle, ownsHandle) { }
/// <summary>Initializes a new instance of the <see cref="SafeSECURITY_DESCRIPTOR"/> class.</summary>
private SafeSECURITY_DESCRIPTOR() : base() { }
/// <summary>Initializes a new instance of the <see cref="SafePrivateObjectSecurity"/> class.</summary>
private SafePrivateObjectSecurity() : base() { }
/// <summary>Performs an implicit conversion from <see cref="SafeSECURITY_DESCRIPTOR"/> to <see cref="SECURITY_DESCRIPTOR"/>.</summary>
/// <summary>Performs an implicit conversion from <see cref="SafePrivateObjectSecurity"/> to <see cref="SECURITY_DESCRIPTOR"/>.</summary>
/// <param name="h">The safe handle instance.</param>
/// <returns>The result of the conversion.</returns>
public static implicit operator PSECURITY_DESCRIPTOR(SafeSECURITY_DESCRIPTOR h) => h.handle;
public static implicit operator PSECURITY_DESCRIPTOR(SafePrivateObjectSecurity h) => h.handle;
/// <inheritdoc/>
protected override bool InternalReleaseHandle() => DestroyPrivateObjectSecurity(this);

31
PInvoke/Security/AdvApi32/WinBase.cs
View File

@ -1566,7 +1566,36 @@ namespace Vanara.PInvoke
[DllImport(Lib.AdvApi32, SetLastError = true, CharSet = CharSet.Auto)]
[PInvokeData("winbase.h", MSDNShortId = "4043b76b-76b9-4111-8a29-a808b2412be0")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool GetFileSecurity(string lpFileName, SECURITY_INFORMATION RequestedInformation, SafeSECURITY_DESCRIPTOR pSecurityDescriptor, uint nLength, out uint lpnLengthNeeded);
public static extern bool GetFileSecurity(string lpFileName, SECURITY_INFORMATION RequestedInformation, SafePSECURITY_DESCRIPTOR pSecurityDescriptor, uint nLength, out uint lpnLengthNeeded);
/// <summary>
/// <para>
/// The <c>GetFileSecurity</c> function obtains specified information about the security of a file or directory. The information
/// obtained is constrained by the caller's access rights and privileges.
/// </para>
/// <para>
/// The GetNamedSecurityInfo function provides functionality similar to <c>GetFileSecurity</c> for files as well as other types of objects.
/// </para>
/// </summary>
/// <param name="lpFileName">
/// A pointer to a null-terminated string that specifies the file or directory for which security information is retrieved.
/// </param>
/// <param name="RequestedInformation">A SECURITY_INFORMATION value that identifies the security information being requested.</param>
/// <returns>
/// The security descriptor of the object specified by the lpFileName parameter. The calling process must have permission to view the
/// specified aspects of the object's security status. The SECURITY_DESCRIPTOR structure is returned in self-relative security
/// descriptor format.
/// </returns>
[PInvokeData("winbase.h", MSDNShortId = "4043b76b-76b9-4111-8a29-a808b2412be0")]
public static SafePSECURITY_DESCRIPTOR GetFileSecurity(string lpFileName, SECURITY_INFORMATION RequestedInformation = SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION | SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION | SECURITY_INFORMATION.DACL_SECURITY_INFORMATION)
{
if (!GetFileSecurity(lpFileName, RequestedInformation, SafePSECURITY_DESCRIPTOR.Null, 0, out var sz) && sz == 0)
Win32Error.ThrowLastError();
var sd = new SafePSECURITY_DESCRIPTOR((int)sz);
if (!GetFileSecurity(lpFileName, RequestedInformation, sd, (uint)sd.Size, out sz))
Win32Error.ThrowLastError();
return sd;
}
/// <summary>
/// <para>Retrieves the name of the user associated with the current thread.</para>

48
PInvoke/Security/AdvApi32/WinNT.cs
View File

@ -527,7 +527,7 @@ namespace Vanara.PInvoke
TokenGroupsAndPrivileges,
/// <summary>Reserved.</summary>
[CorrespondingType(CorrepsondingAction.Exception)]
[CorrespondingType(CorrespondingAction.Exception)]
TokenSessionReference,
/// <summary>The buffer receives a DWORD value that is nonzero if the token includes the SANDBOX_INERT flag.</summary>
@ -535,7 +535,7 @@ namespace Vanara.PInvoke
TokenSandBoxInert,
/// <summary>Reserved.</summary>
[CorrespondingType(CorrepsondingAction.Exception)]
[CorrespondingType(CorrespondingAction.Exception)]
TokenAuditPolicy,
/// <summary>
@ -640,11 +640,11 @@ namespace Vanara.PInvoke
TokenDeviceClaimAttributes,
/// <summary>This value is reserved.</summary>
[CorrespondingType(CorrepsondingAction.Exception)]
[CorrespondingType(CorrespondingAction.Exception)]
TokenRestrictedUserClaimAttributes,
/// <summary>This value is reserved.</summary>
[CorrespondingType(CorrepsondingAction.Exception)]
[CorrespondingType(CorrespondingAction.Exception)]
TokenRestrictedDeviceClaimAttributes,
/// <summary>The buffer receives a TOKEN_GROUPS structure that contains the device groups that are associated with the token.</summary>
@ -658,11 +658,11 @@ namespace Vanara.PInvoke
TokenRestrictedDeviceGroups,
/// <summary>This value is reserved.</summary>
[CorrespondingType(CorrepsondingAction.Exception)]
[CorrespondingType(CorrespondingAction.Exception)]
TokenSecurityAttributes,
/// <summary>This value is reserved.</summary>
[CorrespondingType(CorrepsondingAction.Exception)]
[CorrespondingType(CorrespondingAction.Exception)]
TokenIsRestricted
}
@ -2777,38 +2777,38 @@ namespace Vanara.PInvoke
}
/// <summary>A SafeHandle for security descriptors. If owned, will call LocalFree on the pointer when disposed.</summary>
public class SafeSecurityDescriptor : SafeMemoryHandle<LocalMemoryMethods>, IEquatable<SafeSecurityDescriptor>, IEquatable<PSECURITY_DESCRIPTOR>, IEquatable<IntPtr>, ISecurityObject
public class SafePSECURITY_DESCRIPTOR : SafeMemoryHandle<LocalMemoryMethods>, IEquatable<SafePSECURITY_DESCRIPTOR>, IEquatable<PSECURITY_DESCRIPTOR>, IEquatable<IntPtr>, ISecurityObject
{
/// <summary>The null value for a SafeSecurityDescriptor.</summary>
public static readonly SafeSecurityDescriptor Null = new SafeSecurityDescriptor();
public static readonly SafePSECURITY_DESCRIPTOR Null = new SafePSECURITY_DESCRIPTOR();
private const SECURITY_INFORMATION defSecInfo = SECURITY_INFORMATION.DACL_SECURITY_INFORMATION | SECURITY_INFORMATION.SACL_SECURITY_INFORMATION | SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION | SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION;
/// <summary>Initializes a new instance of the <see cref="SafeSecurityDescriptor"/> class.</summary>
public SafeSecurityDescriptor() : base(IntPtr.Zero, 0, false) { }
/// <summary>Initializes a new instance of the <see cref="SafePSECURITY_DESCRIPTOR"/> class.</summary>
public SafePSECURITY_DESCRIPTOR() : base(IntPtr.Zero, 0, false) { }
/// <summary>Initializes a new instance of the <see cref="SafeSecurityDescriptor"/> class from an existing pointer.</summary>
/// <summary>Initializes a new instance of the <see cref="SafePSECURITY_DESCRIPTOR"/> class from an existing pointer.</summary>
/// <param name="pSecurityDescriptor">The security descriptor pointer.</param>
/// <param name="own">if set to <c>true</c> indicates that this pointer should be freed when disposed.</param>
public SafeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, bool own = true) :
public SafePSECURITY_DESCRIPTOR(PSECURITY_DESCRIPTOR pSecurityDescriptor, bool own = true) :
base((IntPtr)pSecurityDescriptor, (int)GetSecurityDescriptorLength(pSecurityDescriptor), own)
{ }
/// <summary>Initializes a new instance of the <see cref="SafeSecurityDescriptor"/> class to an empty memory buffer.</summary>
/// <summary>Initializes a new instance of the <see cref="SafePSECURITY_DESCRIPTOR"/> class to an empty memory buffer.</summary>
/// <param name="size">The size of the uninitialized security descriptor.</param>
public SafeSecurityDescriptor(int size) : base(size) { }
public SafePSECURITY_DESCRIPTOR(int size) : base(size) { }
/// <summary>Initializes a new instance of the <see cref="SafeSecurityDescriptor"/> class.</summary>
/// <summary>Initializes a new instance of the <see cref="SafePSECURITY_DESCRIPTOR"/> class.</summary>
/// <param name="bytes">An array of bytes that contain an existing security descriptor.</param>
public SafeSecurityDescriptor(byte[] bytes) : this(bytes?.Length ?? 0)
public SafePSECURITY_DESCRIPTOR(byte[] bytes) : this(bytes?.Length ?? 0)
{
if (bytes is null) return;
Marshal.Copy(bytes, 0, handle, bytes.Length);
}
/// <summary>Initializes a new instance of the <see cref="SafeSecurityDescriptor"/> class with an SDDL string.</summary>
/// <summary>Initializes a new instance of the <see cref="SafePSECURITY_DESCRIPTOR"/> class with an SDDL string.</summary>
/// <param name="sddl">An SDDL value representing the security descriptor.</param>
public SafeSecurityDescriptor(string sddl)
public SafePSECURITY_DESCRIPTOR(string sddl)
{
if (!ConvertStringSecurityDescriptorToSecurityDescriptor(sddl, SDDL_REVISION.SDDL_REVISION_1, out var sd, out var sdsz))
Win32Error.ThrowLastError();
@ -2825,22 +2825,22 @@ namespace Vanara.PInvoke
/// </summary>
public uint Length => GetSecurityDescriptorLength(handle);
/// <summary>Performs an explicit conversion from <see cref="SafeSecurityDescriptor"/> to <see cref="PSECURITY_DESCRIPTOR"/>.</summary>
/// <summary>Performs an explicit conversion from <see cref="SafePSECURITY_DESCRIPTOR"/> to <see cref="PSECURITY_DESCRIPTOR"/>.</summary>
/// <param name="sd">The safe security descriptor.</param>
/// <returns>The result of the conversion.</returns>
public static implicit operator PSECURITY_DESCRIPTOR(SafeSecurityDescriptor sd) => sd.DangerousGetHandle();
public static implicit operator PSECURITY_DESCRIPTOR(SafePSECURITY_DESCRIPTOR sd) => sd.DangerousGetHandle();
/// <summary>Implements the operator !=.</summary>
/// <param name="psd1">The first value.</param>
/// <param name="psd2">The second value.</param>
/// <returns>The result of the operator.</returns>
public static bool operator !=(SafeSecurityDescriptor psd1, SafeSecurityDescriptor psd2) => !(psd1 == psd2);
public static bool operator !=(SafePSECURITY_DESCRIPTOR psd1, SafePSECURITY_DESCRIPTOR psd2) => !(psd1 == psd2);
/// <summary>Implements the operator ==.</summary>
/// <param name="psd1">The first value.</param>
/// <param name="psd2">The second value.</param>
/// <returns>The result of the operator.</returns>
public static bool operator ==(SafeSecurityDescriptor psd1, SafeSecurityDescriptor psd2)
public static bool operator ==(SafePSECURITY_DESCRIPTOR psd1, SafePSECURITY_DESCRIPTOR psd2)
{
if (ReferenceEquals(psd1, psd2)) return true;
if (Equals(null, psd1) || Equals(null, psd2)) return false;
@ -2850,7 +2850,7 @@ namespace Vanara.PInvoke
/// <summary>Indicates whether the current object is equal to another object of the same type.</summary>
/// <param name="other">An object to compare with this object.</param>
/// <returns>true if the current object is equal to the <paramref name="other"/> parameter; otherwise, false.</returns>
public bool Equals(SafeSecurityDescriptor other) => Equals(other.DangerousGetHandle());
public bool Equals(SafePSECURITY_DESCRIPTOR other) => Equals(other.DangerousGetHandle());
/// <summary>Indicates whether the current object is equal to another object of the same type.</summary>
/// <param name="other">An object to compare with this object.</param>
@ -2875,7 +2875,7 @@ namespace Vanara.PInvoke
/// </returns>
public override bool Equals(object obj)
{
if (obj is SafeSecurityDescriptor psid2)
if (obj is SafePSECURITY_DESCRIPTOR psid2)
return Equals(psid2);
if (obj is PSECURITY_DESCRIPTOR psidh)
return Equals(psidh);

2
Security/AccessControl/AccCtrlHelper.cs
View File

@ -92,6 +92,6 @@ namespace Vanara.Security.AccessControl
public static string ToSddl(this PSECURITY_DESCRIPTOR pSD, SECURITY_INFORMATION si) => ConvertSecurityDescriptorToStringSecurityDescriptor(pSD, si);
public static string ToSddl(this SafeSecurityDescriptor pSD, SECURITY_INFORMATION si) => ConvertSecurityDescriptorToStringSecurityDescriptor(pSD, si);
public static string ToSddl(this SafePSECURITY_DESCRIPTOR pSD, SECURITY_INFORMATION si) => ConvertSecurityDescriptorToStringSecurityDescriptor(pSD, si);
}
}

2
Security/AccessExtension.cs
View File

@ -28,7 +28,7 @@ namespace Vanara.Extensions
/// <summary>Converts a RawSecurityDescriptor to a native safe handle.</summary>
/// <param name="rawSD">The RawSecurityDescriptor.</param>
/// <returns>A native safe handle for PSECURITY_DESCRIPTOR.</returns>
public static SafeSecurityDescriptor ToNative(this RawSecurityDescriptor rawSD) => new SafeSecurityDescriptor(rawSD.ToByteArray());
public static SafePSECURITY_DESCRIPTOR ToNative(this RawSecurityDescriptor rawSD) => new SafePSECURITY_DESCRIPTOR(rawSD.ToByteArray());
/// <summary>Converts a RawSecurityDescriptor to a byte array.</summary>
/// <param name="rawSD">The RawSecurityDescriptor.</param>

4
System/VirtualDisk.cs
View File

@ -739,10 +739,10 @@ namespace Vanara.IO
void ReportProgress(int percent) { progress.Report(new Tuple<int, string>(percent, $"Compacting VHD volume \"{loc}\"")); }
}*/
private static SafeSecurityDescriptor FileSecToSd(FileSecurity sec)
private static SafePSECURITY_DESCRIPTOR FileSecToSd(FileSecurity sec)
{
return sec == null
? SafeSecurityDescriptor.Null
? SafePSECURITY_DESCRIPTOR.Null
: ConvertStringSecurityDescriptorToSecurityDescriptor(sec.GetSecurityDescriptorSddlForm(AccessControlSections.All));
}

2
UnitTests/PInvoke/Security/AdvApi32/AdvApi32Tests.cs
View File

@ -498,7 +498,7 @@ namespace Vanara.PInvoke.Tests
}
}
internal static SafeSecurityDescriptor GetSD(string filename, SECURITY_INFORMATION si = SECURITY_INFORMATION.DACL_SECURITY_INFORMATION | SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION)
internal static SafePSECURITY_DESCRIPTOR GetSD(string filename, SECURITY_INFORMATION si = SECURITY_INFORMATION.DACL_SECURITY_INFORMATION | SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION)
{
var err = GetNamedSecurityInfo(filename, SE_OBJECT_TYPE.SE_FILE_OBJECT, si, out _, out _, out _, out _, out var pSD);
Assert.That(err, Is.EqualTo(0));

2
WIndows.Forms/Dialogs/AccessControlEditor/Providers.cs
View File

@ -222,7 +222,7 @@ namespace Vanara.Security.AccessControl
{
private const string defaultSecuritySddl = "O:WDG:BAD:AI(A;CIIO;FA;;;WD)(A;;FA;;;BA)S:AI(AU;SAFACIIO;FA;;;WD)";
public static readonly SafeSecurityDescriptor defaultSd = ConvertStringSecurityDescriptorToSecurityDescriptor(defaultSecuritySddl);
public static readonly SafePSECURITY_DESCRIPTOR defaultSd = ConvertStringSecurityDescriptorToSecurityDescriptor(defaultSecuritySddl);
public override ResourceType ResourceType => ResourceType.FileObject;

8
WIndows.Forms/Dialogs/AccessControlEditor/SecurityInfoImpl.cs
View File

@ -14,7 +14,7 @@ namespace Vanara.Security.AccessControl
{
internal class SecurityEventArg : EventArgs
{
public SecurityEventArg(SafeSecurityDescriptor sd, SECURITY_INFORMATION parts)
public SecurityEventArg(SafePSECURITY_DESCRIPTOR sd, SECURITY_INFORMATION parts)
{
Parts = parts;
SecurityDesciptor = sd;
@ -22,7 +22,7 @@ namespace Vanara.Security.AccessControl
public SECURITY_INFORMATION Parts { get; }
public SafeSecurityDescriptor SecurityDesciptor { get; }
public SafePSECURITY_DESCRIPTOR SecurityDesciptor { get; }
}
internal class SecurityInfoImpl : ISecurityInformation, ISecurityInformation3, ISecurityObjectTypeInfo, IEffectivePermission, ISecurityInformation4, IEffectivePermission2
@ -125,7 +125,7 @@ namespace Vanara.Security.AccessControl
HRESULT ISecurityInformation.SetSecurity(SECURITY_INFORMATION requestInformation, PSECURITY_DESCRIPTOR sd)
{
OnSetSecurity?.Invoke(this, new SecurityEventArg(new SafeSecurityDescriptor((IntPtr)sd, false), requestInformation));
OnSetSecurity?.Invoke(this, new SecurityEventArg(new SafePSECURITY_DESCRIPTOR((IntPtr)sd, false), requestInformation));
return HRESULT.S_OK;
}
@ -274,7 +274,7 @@ namespace Vanara.Security.AccessControl
return HRESULT.S_OK;
var request = new AUTHZ_ACCESS_REQUEST((uint)ACCESS_MASK.MAXIMUM_ALLOWED);
var sd = new SafeSecurityDescriptor(pSecurityObjects[0].pData, false);
var sd = new SafePSECURITY_DESCRIPTOR(pSecurityObjects[0].pData, false);
var reply = new AUTHZ_ACCESS_REPLY(1);
if (!AuthzAccessCheck(AuthzAccessCheckFlags.NONE, hAuthzCompoundContext, request, default, sd, null, 0, reply, out _))
return HRESULT.S_OK;