From 5309fe6cb02f451b85dc5d423344c2838ecbcb07 Mon Sep 17 00:00:00 2001 From: Sebastian Lackner Date: Mon, 30 Mar 2015 03:51:23 +0200 Subject: [PATCH] Move advapi-Revert_DACL patchset after server-Stored_ACLs. --- ...Add-DACL-inheritance-support-in-SetS.patch | 32 ++++- ...ke-directory-DACL-entries-inheritabl.patch | 47 ++----- ...n-t-use-CreateFile-when-opening-file.patch | 2 +- patches/patchinstall.sh | 133 +++++++++--------- patches/server-Inherited_ACLs/definition | 2 +- ...file-security-attributes-with-extend.patch | 80 ++++------- ...eturn-of-file-security-masks-with-ge.patch | 58 +++----- patches/server-Stored_ACLs/definition | 24 +++- 8 files changed, 172 insertions(+), 206 deletions(-) diff --git a/patches/advapi32-Revert_DACL/0001-Revert-advapi32-Add-DACL-inheritance-support-in-SetS.patch b/patches/advapi32-Revert_DACL/0001-Revert-advapi32-Add-DACL-inheritance-support-in-SetS.patch index 964363b5..9f66b656 100644 --- a/patches/advapi32-Revert_DACL/0001-Revert-advapi32-Add-DACL-inheritance-support-in-SetS.patch +++ b/patches/advapi32-Revert_DACL/0001-Revert-advapi32-Add-DACL-inheritance-support-in-SetS.patch @@ -1,4 +1,4 @@ -From 8ce7a8b0f7ea6a94ae8327b4a3d07a10c12a2c9e Mon Sep 17 00:00:00 2001 +From 4cf7d2d6cdb9836ef549bcb5fcb1764e587ff01f Mon Sep 17 00:00:00 2001 From: Sebastian Lackner Date: Fri, 27 Mar 2015 15:32:04 +0100 Subject: Revert "advapi32: Add DACL inheritance support in SetSecurityInfo." @@ -6,8 +6,8 @@ Subject: Revert "advapi32: Add DACL inheritance support in SetSecurityInfo." This reverts commit f974d726720eff4fcd7371bca95e6cdcc4b4a848. --- dlls/advapi32/security.c | 130 +---------------------------------------- - dlls/advapi32/tests/security.c | 23 ++++---- - 2 files changed, 14 insertions(+), 139 deletions(-) + dlls/advapi32/tests/security.c | 27 +++++---- + 2 files changed, 16 insertions(+), 141 deletions(-) diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c index 71a8c92..e8cdcc5 100644 @@ -172,10 +172,10 @@ index 71a8c92..e8cdcc5 100644 } diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c -index 15c3b1d..6d3f9ac 100644 +index c256753..c0d518f 100644 --- a/dlls/advapi32/tests/security.c +++ b/dlls/advapi32/tests/security.c -@@ -3417,22 +3417,25 @@ static void test_GetNamedSecurityInfoA(void) +@@ -3416,22 +3416,25 @@ static void test_GetNamedSecurityInfoA(void) error = pGetNamedSecurityInfoA(tmpfile, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &pDacl, NULL, &pSD); @@ -189,8 +189,8 @@ index 15c3b1d..6d3f9ac 100644 { - bret = pGetAce(pDacl, 0, (VOID **)&ace); - ok(bret, "Failed to get ACE.\n"); -- todo_wine ok(((ACE_HEADER *)ace)->AceFlags & INHERITED_ACE, -- "ACE has unexpected flags: 0x%x\n", ((ACE_HEADER *)ace)->AceFlags); +- ok(((ACE_HEADER *)ace)->AceFlags & INHERITED_ACE, +- "ACE has unexpected flags: 0x%x\n", ((ACE_HEADER *)ace)->AceFlags); + bret = pGetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation); + ok(bret, "GetAclInformation failed\n"); + if (acl_size.AceCount > 0) @@ -211,6 +211,24 @@ index 15c3b1d..6d3f9ac 100644 CloseHandle(h); /* NtSetSecurityObject doesn't inherit DACL entries */ +@@ -4147,7 +4150,7 @@ static void test_GetSecurityInfo(void) + bret = pGetAce(pDacl, 0, (VOID **)&ace); + ok(bret, "Failed to get Current User ACE.\n"); + bret = EqualSid(&ace->SidStart, user_sid); +- todo_wine ok(bret, "Current User ACE != Current User SID.\n"); ++ ok(bret, "Current User ACE != Current User SID.\n"); + ok(((ACE_HEADER *)ace)->AceFlags == 0, + "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); + ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", +@@ -4158,7 +4161,7 @@ static void test_GetSecurityInfo(void) + bret = pGetAce(pDacl, 1, (VOID **)&ace); + ok(bret, "Failed to get Administators Group ACE.\n"); + bret = EqualSid(&ace->SidStart, admin_sid); +- todo_wine ok(bret, "Administators Group ACE != Administators Group SID.\n"); ++ ok(bret, "Administators Group ACE != Administators Group SID.\n"); + ok(((ACE_HEADER *)ace)->AceFlags == 0, + "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); + ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", -- 2.3.3 diff --git a/patches/advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch b/patches/advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch index 34f3acad..3ec44204 100644 --- a/patches/advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch +++ b/patches/advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch @@ -1,49 +1,18 @@ -From e2eaeb0bfc7411c74f1387e59c121f5cee6c013a Mon Sep 17 00:00:00 2001 +From 6b421f438ddf208d025318671e81f123e6ca59a3 Mon Sep 17 00:00:00 2001 From: Sebastian Lackner Date: Fri, 27 Mar 2015 15:32:44 +0100 Subject: Revert "server: Make directory DACL entries inheritable." This reverts commit 3eb448cf33b6b6635bac4e06ea7fddd190e26450. --- - dlls/advapi32/tests/security.c | 12 ++++++------ - server/file.c | 8 ++++---- - 2 files changed, 10 insertions(+), 10 deletions(-) + server/file.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) -diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c -index e3c1659..04a88ae 100644 ---- a/dlls/advapi32/tests/security.c -+++ b/dlls/advapi32/tests/security.c -@@ -3192,9 +3192,9 @@ static void test_CreateDirectoryA(void) - ok(bret, "Failed to get Current User ACE.\n"); - bret = EqualSid(&ace->SidStart, user_sid); - todo_wine ok(bret, "Current User ACE != Current User SID.\n"); -- ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), -- "Current User ACE has unexpected flags (0x%x != 0x03)\n", -- ((ACE_HEADER *)ace)->AceFlags); -+ todo_wine ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), -+ "Current User ACE has unexpected flags (0x%x != 0x03)\n", -+ ((ACE_HEADER *)ace)->AceFlags); - ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", - ace->Mask); - } -@@ -3204,9 +3204,9 @@ static void test_CreateDirectoryA(void) - ok(bret, "Failed to get Administators Group ACE.\n"); - bret = EqualSid(&ace->SidStart, admin_sid); - todo_wine ok(bret, "Administators Group ACE != Administators Group SID.\n"); -- ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), -- "Administators Group ACE has unexpected flags (0x%x != 0x03)\n", -- ((ACE_HEADER *)ace)->AceFlags); -+ todo_wine ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), -+ "Administators Group ACE has unexpected flags (0x%x != 0x03)\n", -+ ((ACE_HEADER *)ace)->AceFlags); - ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", - ace->Mask); - } diff --git a/server/file.c b/server/file.c -index f565f5a..abda2c3 100644 +index a50276e..09b7811 100644 --- a/server/file.c +++ b/server/file.c -@@ -367,7 +367,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID +@@ -442,7 +442,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID aaa = (ACCESS_ALLOWED_ACE *)(dacl + 1); current_ace = &aaa->Header; aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE; @@ -52,7 +21,7 @@ index f565f5a..abda2c3 100644 aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( local_system_sid ); aaa->Mask = FILE_ALL_ACCESS; sid = (SID *)&aaa->SidStart; -@@ -379,7 +379,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID +@@ -454,7 +454,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace ); current_ace = &aaa->Header; aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE; @@ -61,7 +30,7 @@ index f565f5a..abda2c3 100644 aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( user ); aaa->Mask = WRITE_DAC | WRITE_OWNER; if (mode & S_IRUSR) -@@ -397,7 +397,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID +@@ -472,7 +472,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID ACCESS_DENIED_ACE *ada = (ACCESS_DENIED_ACE *)ace_next( current_ace ); current_ace = &ada->Header; ada->Header.AceType = ACCESS_DENIED_ACE_TYPE; @@ -70,7 +39,7 @@ index f565f5a..abda2c3 100644 ada->Header.AceSize = FIELD_OFFSET(ACCESS_DENIED_ACE, SidStart) + security_sid_len( user ); ada->Mask = 0; if (!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH))) -@@ -414,7 +414,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID +@@ -489,7 +489,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace ); current_ace = &aaa->Header; aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE; diff --git a/patches/advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch b/patches/advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch index 9df79b54..040d3018 100644 --- a/patches/advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch +++ b/patches/advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch @@ -1,4 +1,4 @@ -From 59067deb0ad4afb77deca29300133bff9d49f9f7 Mon Sep 17 00:00:00 2001 +From 394aefa9d53684678f645bac131735630d910e8b Mon Sep 17 00:00:00 2001 From: Sebastian Lackner Date: Fri, 27 Mar 2015 15:32:56 +0100 Subject: Revert "advapi: Don't use CreateFile when opening file with possibly diff --git a/patches/patchinstall.sh b/patches/patchinstall.sh index 3be50bb5..275fac4b 100755 --- a/patches/patchinstall.sh +++ b/patches/patchinstall.sh @@ -1069,21 +1069,10 @@ if test "$enable_server_ACL_Compat" -eq 1; then fi if test "$enable_server_Inherited_ACLs" -eq 1; then - if test "$enable_server_Stored_ACLs" -gt 1; then - abort "Patchset server-Stored_ACLs disabled, but server-Inherited_ACLs depends on that." - fi - enable_server_Stored_ACLs=1 -fi - -if test "$enable_server_Stored_ACLs" -eq 1; then if test "$enable_advapi32_Revert_DACL" -gt 1; then - abort "Patchset advapi32-Revert_DACL disabled, but server-Stored_ACLs depends on that." - fi - if test "$enable_ntdll_DOS_Attributes" -gt 1; then - abort "Patchset ntdll-DOS_Attributes disabled, but server-Stored_ACLs depends on that." + abort "Patchset advapi32-Revert_DACL disabled, but server-Inherited_ACLs depends on that." fi enable_advapi32_Revert_DACL=1 - enable_ntdll_DOS_Attributes=1 fi if test "$enable_nvencodeapi_Video_Encoder" -eq 1; then @@ -1214,6 +1203,20 @@ if test "$enable_d3dx9_24_ID3DXEffect" -eq 1; then enable_d3dx9_25_ID3DXEffect=1 fi +if test "$enable_advapi32_Revert_DACL" -eq 1; then + if test "$enable_server_Stored_ACLs" -gt 1; then + abort "Patchset server-Stored_ACLs disabled, but advapi32-Revert_DACL depends on that." + fi + enable_server_Stored_ACLs=1 +fi + +if test "$enable_server_Stored_ACLs" -eq 1; then + if test "$enable_ntdll_DOS_Attributes" -gt 1; then + abort "Patchset ntdll-DOS_Attributes disabled, but server-Stored_ACLs depends on that." + fi + enable_ntdll_DOS_Attributes=1 +fi + if test "$enable_Exagear" -eq 1; then if test "$enable_ntdll_WRITECOPY" -gt 1; then abort "Patchset ntdll-WRITECOPY disabled, but Exagear depends on that." @@ -1364,6 +1367,59 @@ if test "$enable_Staging" -eq 1; then ) >> "$patchlist" fi +# Patchset ntdll-DOS_Attributes +# | +# | This patchset fixes the following Wine bugs: +# | * [#9158] Support for DOS hidden/system file attributes +# | +# | Modified files: +# | * configure.ac, dlls/ntdll/directory.c, dlls/ntdll/file.c, dlls/ntdll/ntdll_misc.h, dlls/ntdll/tests/directory.c, +# | dlls/ntdll/tests/file.c, include/wine/port.h, libs/port/Makefile.in, libs/port/xattr.c +# | +if test "$enable_ntdll_DOS_Attributes" -eq 1; then + patch_apply ntdll-DOS_Attributes/0001-ntdll-Implement-retrieving-DOS-attributes-in-NtQuery.patch + patch_apply ntdll-DOS_Attributes/0002-ntdll-Implement-retrieving-DOS-attributes-in-NtQuery.patch + patch_apply ntdll-DOS_Attributes/0003-ntdll-Implement-storing-DOS-attributes-in-NtSetInfor.patch + patch_apply ntdll-DOS_Attributes/0004-ntdll-Implement-storing-DOS-attributes-in-NtCreateFi.patch + patch_apply ntdll-DOS_Attributes/0005-libport-Add-support-for-Mac-OS-X-style-extended-attr.patch + patch_apply ntdll-DOS_Attributes/0006-libport-Add-support-for-FreeBSD-style-extended-attri.patch + patch_apply ntdll-DOS_Attributes/0007-ntdll-Perform-the-Unix-style-hidden-file-check-withi.patch + ( + echo '+ { "Erich E. Hoover", "ntdll: Implement retrieving DOS attributes in NtQueryInformationFile.", 1 },'; + echo '+ { "Erich E. Hoover", "ntdll: Implement retrieving DOS attributes in NtQuery[Full]AttributesFile and NtQueryDirectoryFile.", 1 },'; + echo '+ { "Erich E. Hoover", "ntdll: Implement storing DOS attributes in NtSetInformationFile.", 1 },'; + echo '+ { "Erich E. Hoover", "ntdll: Implement storing DOS attributes in NtCreateFile.", 1 },'; + echo '+ { "Erich E. Hoover", "libport: Add support for Mac OS X style extended attributes.", 1 },'; + echo '+ { "Erich E. Hoover", "libport: Add support for FreeBSD style extended attributes.", 1 },'; + echo '+ { "Erich E. Hoover", "ntdll: Perform the Unix-style hidden file check within the unified file info grabbing routine.", 1 },'; + ) >> "$patchlist" +fi + +# Patchset server-Stored_ACLs +# | +# | This patchset fixes the following Wine bugs: +# | * [#33576] Support for stored file ACLs +# | +# | Modified files: +# | * dlls/advapi32/tests/security.c, include/wine/port.h, server/change.c, server/file.c, server/file.h +# | +if test "$enable_server_Stored_ACLs" -eq 1; then + patch_apply server-Stored_ACLs/0001-server-Unify-the-storage-of-security-attributes-for-.patch + patch_apply server-Stored_ACLs/0002-server-Unify-the-retrieval-of-security-attributes-fo.patch + patch_apply server-Stored_ACLs/0003-server-Store-file-security-attributes-with-extended-.patch + patch_apply server-Stored_ACLs/0004-server-Store-user-and-group-inside-stored-extended-f.patch + patch_apply server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch + patch_apply server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch + ( + echo '+ { "Erich E. Hoover", "server: Unify the storage of security attributes for files and directories.", 7 },'; + echo '+ { "Erich E. Hoover", "server: Unify the retrieval of security attributes for files and directories.", 7 },'; + echo '+ { "Erich E. Hoover", "server: Store file security attributes with extended file attributes.", 7 },'; + echo '+ { "Erich E. Hoover", "server: Store user and group inside stored extended file attribute information.", 7 },'; + echo '+ { "Erich E. Hoover", "server: Retrieve file security attributes with extended file attributes.", 7 },'; + echo '+ { "Erich E. Hoover", "server: Convert return of file security masks with generic access mappings.", 7 },'; + ) >> "$patchlist" +fi + # Patchset advapi32-Revert_DACL # | # | Modified files: @@ -2973,34 +3029,6 @@ if test "$enable_ntdll_Activation_Context" -eq 1; then ) >> "$patchlist" fi -# Patchset ntdll-DOS_Attributes -# | -# | This patchset fixes the following Wine bugs: -# | * [#9158] Support for DOS hidden/system file attributes -# | -# | Modified files: -# | * configure.ac, dlls/ntdll/directory.c, dlls/ntdll/file.c, dlls/ntdll/ntdll_misc.h, dlls/ntdll/tests/directory.c, -# | dlls/ntdll/tests/file.c, include/wine/port.h, libs/port/Makefile.in, libs/port/xattr.c -# | -if test "$enable_ntdll_DOS_Attributes" -eq 1; then - patch_apply ntdll-DOS_Attributes/0001-ntdll-Implement-retrieving-DOS-attributes-in-NtQuery.patch - patch_apply ntdll-DOS_Attributes/0002-ntdll-Implement-retrieving-DOS-attributes-in-NtQuery.patch - patch_apply ntdll-DOS_Attributes/0003-ntdll-Implement-storing-DOS-attributes-in-NtSetInfor.patch - patch_apply ntdll-DOS_Attributes/0004-ntdll-Implement-storing-DOS-attributes-in-NtCreateFi.patch - patch_apply ntdll-DOS_Attributes/0005-libport-Add-support-for-Mac-OS-X-style-extended-attr.patch - patch_apply ntdll-DOS_Attributes/0006-libport-Add-support-for-FreeBSD-style-extended-attri.patch - patch_apply ntdll-DOS_Attributes/0007-ntdll-Perform-the-Unix-style-hidden-file-check-withi.patch - ( - echo '+ { "Erich E. Hoover", "ntdll: Implement retrieving DOS attributes in NtQueryInformationFile.", 1 },'; - echo '+ { "Erich E. Hoover", "ntdll: Implement retrieving DOS attributes in NtQuery[Full]AttributesFile and NtQueryDirectoryFile.", 1 },'; - echo '+ { "Erich E. Hoover", "ntdll: Implement storing DOS attributes in NtSetInformationFile.", 1 },'; - echo '+ { "Erich E. Hoover", "ntdll: Implement storing DOS attributes in NtCreateFile.", 1 },'; - echo '+ { "Erich E. Hoover", "libport: Add support for Mac OS X style extended attributes.", 1 },'; - echo '+ { "Erich E. Hoover", "libport: Add support for FreeBSD style extended attributes.", 1 },'; - echo '+ { "Erich E. Hoover", "ntdll: Perform the Unix-style hidden file check within the unified file info grabbing routine.", 1 },'; - ) >> "$patchlist" -fi - # Patchset ntdll-DVD_Read_Size # | # | This patchset fixes the following Wine bugs: @@ -3686,31 +3714,6 @@ if test "$enable_secur32_Schannel_ContextAttr" -eq 1; then ) >> "$patchlist" fi -# Patchset server-Stored_ACLs -# | -# | This patchset fixes the following Wine bugs: -# | * [#33576] Support for stored file ACLs -# | -# | Modified files: -# | * dlls/advapi32/tests/security.c, include/wine/port.h, server/change.c, server/file.c, server/file.h -# | -if test "$enable_server_Stored_ACLs" -eq 1; then - patch_apply server-Stored_ACLs/0001-server-Unify-the-storage-of-security-attributes-for-.patch - patch_apply server-Stored_ACLs/0002-server-Unify-the-retrieval-of-security-attributes-fo.patch - patch_apply server-Stored_ACLs/0003-server-Store-file-security-attributes-with-extended-.patch - patch_apply server-Stored_ACLs/0004-server-Store-user-and-group-inside-stored-extended-f.patch - patch_apply server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch - patch_apply server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch - ( - echo '+ { "Erich E. Hoover", "server: Unify the storage of security attributes for files and directories.", 7 },'; - echo '+ { "Erich E. Hoover", "server: Unify the retrieval of security attributes for files and directories.", 7 },'; - echo '+ { "Erich E. Hoover", "server: Store file security attributes with extended file attributes.", 7 },'; - echo '+ { "Erich E. Hoover", "server: Store user and group inside stored extended file attribute information.", 7 },'; - echo '+ { "Erich E. Hoover", "server: Retrieve file security attributes with extended file attributes.", 7 },'; - echo '+ { "Erich E. Hoover", "server: Convert return of file security masks with generic access mappings.", 7 },'; - ) >> "$patchlist" -fi - # Patchset server-Inherited_ACLs # | # | This patchset fixes the following Wine bugs: diff --git a/patches/server-Inherited_ACLs/definition b/patches/server-Inherited_ACLs/definition index 548d7437..a1a50805 100644 --- a/patches/server-Inherited_ACLs/definition +++ b/patches/server-Inherited_ACLs/definition @@ -1,2 +1,2 @@ -Depends: server-Stored_ACLs +Depends: advapi32-Revert_DACL Fixes: [34406] Support for inherited file ACLs diff --git a/patches/server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch b/patches/server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch index 2b8fbf6a..4e7060a2 100644 --- a/patches/server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch +++ b/patches/server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch @@ -1,32 +1,29 @@ -From bea49452dfb1e768b03fc75fced9b733d1edd73f Mon Sep 17 00:00:00 2001 +From 74b5cfba80dbe32641406c63c74d9e82b599e138 Mon Sep 17 00:00:00 2001 From: "Erich E. Hoover" Date: Fri, 18 Apr 2014 14:01:35 -0600 Subject: server: Retrieve file security attributes with extended file attributes. (try 7) --- - dlls/advapi32/tests/security.c | 49 ++++++++++++++++++++-------------------- - server/file.c | 26 ++++++++++++++++++--- - 2 files changed, 47 insertions(+), 28 deletions(-) + dlls/advapi32/tests/security.c | 29 ++++++++++++++--------------- + server/file.c | 26 +++++++++++++++++++++++--- + 2 files changed, 37 insertions(+), 18 deletions(-) diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c -index b44496a..02094a4 100644 +index 15c3b1d..3457fbc 100644 --- a/dlls/advapi32/tests/security.c +++ b/dlls/advapi32/tests/security.c -@@ -3192,24 +3192,24 @@ static void test_CreateDirectoryA(void) +@@ -3193,24 +3193,24 @@ static void test_CreateDirectoryA(void) bret = pGetAce(pDacl, 0, (VOID **)&ace); ok(bret, "Failed to get Current User ACE.\n"); bret = EqualSid(&ace->SidStart, user_sid); - todo_wine ok(bret, "Current User ACE != Current User SID.\n"); -- todo_wine ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), -- "Current User ACE has unexpected flags (0x%x != 0x03)\n", -- ((ACE_HEADER *)ace)->AceFlags); ++ ok(bret, "Current User ACE != Current User SID.\n"); + ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), + "Current User ACE has unexpected flags (0x%x != 0x03)\n", + ((ACE_HEADER *)ace)->AceFlags); - ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", - ace->Mask); -+ ok(bret, "Current User ACE != Current User SID.\n"); -+ ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), -+ "Current User ACE has unexpected flags (0x%x != 0x03)\n", -+ ((ACE_HEADER *)ace)->AceFlags); + todo_wine ok(ace->Mask == 0x1f01ff, + "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); } @@ -36,21 +33,18 @@ index b44496a..02094a4 100644 ok(bret, "Failed to get Administators Group ACE.\n"); bret = EqualSid(&ace->SidStart, admin_sid); - todo_wine ok(bret, "Administators Group ACE != Administators Group SID.\n"); -- todo_wine ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), -- "Administators Group ACE has unexpected flags (0x%x != 0x03)\n", -- ((ACE_HEADER *)ace)->AceFlags); ++ ok(bret, "Administators Group ACE != Administators Group SID.\n"); + ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), + "Administators Group ACE has unexpected flags (0x%x != 0x03)\n", + ((ACE_HEADER *)ace)->AceFlags); - ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", - ace->Mask); -+ ok(bret, "Administators Group ACE != Administators Group SID.\n"); -+ ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), -+ "Administators Group ACE has unexpected flags (0x%x != 0x03)\n", -+ ((ACE_HEADER *)ace)->AceFlags); + todo_wine ok(ace->Mask == 0x1f01ff, + "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); } LocalFree(pSD); -@@ -3384,23 +3384,22 @@ static void test_GetNamedSecurityInfoA(void) +@@ -3386,23 +3386,22 @@ static void test_GetNamedSecurityInfoA(void) bret = pGetAce(pDacl, 0, (VOID **)&ace); ok(bret, "Failed to get Current User ACE.\n"); bret = EqualSid(&ace->SidStart, user_sid); @@ -79,41 +73,23 @@ index b44496a..02094a4 100644 + "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); } LocalFree(pSD); - HeapFree(GetProcessHeap(), 0, user); -@@ -4050,22 +4049,22 @@ static void test_GetSecurityInfo(void) - bret = pGetAce(pDacl, 0, (VOID **)&ace); - ok(bret, "Failed to get Current User ACE.\n"); - bret = EqualSid(&ace->SidStart, user_sid); -- todo_wine ok(bret, "Current User ACE != Current User SID.\n"); -+ ok(bret, "Current User ACE != Current User SID.\n"); - ok(((ACE_HEADER *)ace)->AceFlags == 0, - "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); -- ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", -- ace->Mask); -+ todo_wine ok(ace->Mask == 0x1f01ff, -+ "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); - } - if (acl_size.AceCount > 1) + +@@ -3425,8 +3424,8 @@ static void test_GetNamedSecurityInfoA(void) { - bret = pGetAce(pDacl, 1, (VOID **)&ace); - ok(bret, "Failed to get Administators Group ACE.\n"); - bret = EqualSid(&ace->SidStart, admin_sid); -- todo_wine ok(bret, "Administators Group ACE != Administators Group SID.\n"); -+ ok(bret, "Administators Group ACE != Administators Group SID.\n"); - ok(((ACE_HEADER *)ace)->AceFlags == 0, - "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); -- ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", -- ace->Mask); -+ todo_wine ok(ace->Mask == 0x1f01ff, -+ "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); + bret = pGetAce(pDacl, 0, (VOID **)&ace); + ok(bret, "Failed to get ACE.\n"); +- todo_wine ok(((ACE_HEADER *)ace)->AceFlags & INHERITED_ACE, +- "ACE has unexpected flags: 0x%x\n", ((ACE_HEADER *)ace)->AceFlags); ++ ok(((ACE_HEADER *)ace)->AceFlags & INHERITED_ACE, ++ "ACE has unexpected flags: 0x%x\n", ((ACE_HEADER *)ace)->AceFlags); } LocalFree(pSD); - CloseHandle(obj); + diff --git a/server/file.c b/server/file.c -index 72d6d95..ff51b73 100644 +index 5671e5a..33f9483 100644 --- a/server/file.c +++ b/server/file.c -@@ -499,6 +499,25 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID +@@ -503,6 +503,25 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID return sd; } @@ -139,7 +115,7 @@ index 72d6d95..ff51b73 100644 struct security_descriptor *get_file_sd( struct object *obj, struct fd *fd, mode_t *mode, uid_t *uid ) { -@@ -514,9 +533,10 @@ struct security_descriptor *get_file_sd( struct object *obj, struct fd *fd, mode +@@ -518,9 +537,10 @@ struct security_descriptor *get_file_sd( struct object *obj, struct fd *fd, mode (st.st_uid == *uid)) return obj->sd; @@ -154,5 +130,5 @@ index 72d6d95..ff51b73 100644 *mode = st.st_mode; -- -1.7.9.5 +2.3.3 diff --git a/patches/server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch b/patches/server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch index 77263606..a492cf04 100644 --- a/patches/server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch +++ b/patches/server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch @@ -1,22 +1,22 @@ -From 9364028096235e2f64b9fe070170b5e4bb2311ca Mon Sep 17 00:00:00 2001 +From 20110e2294539cba86a259a6b5fc6749f2e5cdd4 Mon Sep 17 00:00:00 2001 From: "Erich E. Hoover" Date: Fri, 18 Apr 2014 14:05:32 -0600 Subject: server: Convert return of file security masks with generic access mappings. (try 7) --- - dlls/advapi32/tests/security.c | 24 ++++++++++++------------ - server/file.c | 22 ++++++++++++++++++++++ - 2 files changed, 34 insertions(+), 12 deletions(-) + dlls/advapi32/tests/security.c | 16 ++++++++-------- + server/file.c | 22 ++++++++++++++++++++++ + 2 files changed, 30 insertions(+), 8 deletions(-) diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c -index 02094a4..82c0639 100644 +index 3457fbc..c256753 100644 --- a/dlls/advapi32/tests/security.c +++ b/dlls/advapi32/tests/security.c -@@ -3196,8 +3196,8 @@ static void test_CreateDirectoryA(void) +@@ -3197,8 +3197,8 @@ static void test_CreateDirectoryA(void) ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), - "Current User ACE has unexpected flags (0x%x != 0x03)\n", - ((ACE_HEADER *)ace)->AceFlags); + "Current User ACE has unexpected flags (0x%x != 0x03)\n", + ((ACE_HEADER *)ace)->AceFlags); - todo_wine ok(ace->Mask == 0x1f01ff, - "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); + ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", @@ -24,10 +24,10 @@ index 02094a4..82c0639 100644 } if (acl_size.AceCount > 1) { -@@ -3208,8 +3208,8 @@ static void test_CreateDirectoryA(void) +@@ -3209,8 +3209,8 @@ static void test_CreateDirectoryA(void) ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), - "Administators Group ACE has unexpected flags (0x%x != 0x03)\n", - ((ACE_HEADER *)ace)->AceFlags); + "Administators Group ACE has unexpected flags (0x%x != 0x03)\n", + ((ACE_HEADER *)ace)->AceFlags); - todo_wine ok(ace->Mask == 0x1f01ff, - "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); + ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", @@ -35,7 +35,7 @@ index 02094a4..82c0639 100644 } LocalFree(pSD); -@@ -3387,8 +3387,8 @@ static void test_GetNamedSecurityInfoA(void) +@@ -3389,8 +3389,8 @@ static void test_GetNamedSecurityInfoA(void) ok(bret, "Current User ACE != Current User SID.\n"); ok(((ACE_HEADER *)ace)->AceFlags == 0, "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); @@ -46,7 +46,7 @@ index 02094a4..82c0639 100644 } if (acl_size.AceCount > 1) { -@@ -3398,8 +3398,8 @@ static void test_GetNamedSecurityInfoA(void) +@@ -3400,8 +3400,8 @@ static void test_GetNamedSecurityInfoA(void) ok(bret || broken(!bret) /* win2k */, "Administators Group ACE != Administators Group SID.\n"); ok(((ACE_HEADER *)ace)->AceFlags == 0, "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); @@ -56,34 +56,12 @@ index 02094a4..82c0639 100644 + "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); } LocalFree(pSD); - HeapFree(GetProcessHeap(), 0, user); -@@ -4052,8 +4052,8 @@ static void test_GetSecurityInfo(void) - ok(bret, "Current User ACE != Current User SID.\n"); - ok(((ACE_HEADER *)ace)->AceFlags == 0, - "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); -- todo_wine ok(ace->Mask == 0x1f01ff, -- "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); -+ ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", -+ ace->Mask); - } - if (acl_size.AceCount > 1) - { -@@ -4063,8 +4063,8 @@ static void test_GetSecurityInfo(void) - ok(bret, "Administators Group ACE != Administators Group SID.\n"); - ok(((ACE_HEADER *)ace)->AceFlags == 0, - "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); -- todo_wine ok(ace->Mask == 0x1f01ff, -- "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); -+ ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", -+ ace->Mask); - } - LocalFree(pSD); - CloseHandle(obj); + diff --git a/server/file.c b/server/file.c -index ff72273..38eda5c 100644 +index 33f9483..a50276e 100644 --- a/server/file.c +++ b/server/file.c -@@ -521,6 +521,27 @@ struct security_descriptor *get_xattr_sd( int fd ) +@@ -522,6 +522,27 @@ struct security_descriptor *get_xattr_sd( int fd ) return sd; } @@ -111,7 +89,7 @@ index ff72273..38eda5c 100644 struct security_descriptor *get_file_sd( struct object *obj, struct fd *fd, mode_t *mode, uid_t *uid ) { -@@ -537,6 +558,7 @@ struct security_descriptor *get_file_sd( struct object *obj, struct fd *fd, mode +@@ -538,6 +559,7 @@ struct security_descriptor *get_file_sd( struct object *obj, struct fd *fd, mode return obj->sd; sd = get_xattr_sd( unix_fd ); @@ -120,5 +98,5 @@ index ff72273..38eda5c 100644 security_unix_uid_to_sid( st.st_uid ), token_get_primary_group( current->process->token )); -- -1.7.9.5 +2.3.3 diff --git a/patches/server-Stored_ACLs/definition b/patches/server-Stored_ACLs/definition index be80f6b9..5fbddecb 100644 --- a/patches/server-Stored_ACLs/definition +++ b/patches/server-Stored_ACLs/definition @@ -1,3 +1,25 @@ -Depends: advapi32-Revert_DACL Depends: ntdll-DOS_Attributes Fixes: [33576] Support for stored file ACLs + +# Swapping order with advapi32-Revert_DACL added the following test failures. +# If the Revert_DACL patchset is removed those have to be fixed manually. +# +#@@ -4148,7 +4047,7 @@ static void test_GetSecurityInfo(void) +# bret = pGetAce(pDacl, 0, (VOID **)&ace); +# ok(bret, "Failed to get Current User ACE.\n"); +# bret = EqualSid(&ace->SidStart, user_sid); +#- ok(bret, "Current User ACE != Current User SID.\n"); +#+ todo_wine ok(bret, "Current User ACE != Current User SID.\n"); +# ok(((ACE_HEADER *)ace)->AceFlags == 0, +# "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); +# ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", +#@@ -4159,7 +4058,7 @@ static void test_GetSecurityInfo(void) +# bret = pGetAce(pDacl, 1, (VOID **)&ace); +# ok(bret, "Failed to get Administators Group ACE.\n"); +# bret = EqualSid(&ace->SidStart, admin_sid); +#- ok(bret, "Administators Group ACE != Administators Group SID.\n"); +#+ todo_wine ok(bret, "Administators Group ACE != Administators Group SID.\n"); +# ok(((ACE_HEADER *)ace)->AceFlags == 0, +# "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); +# ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", +#