wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2024-09-13 09:17:20 -07:00
Code Issues Packages Projects Releases Wiki Activity

Added patch to allow to open files/directories without any access rights in order to query attributes.

Browse Source
This commit is contained in:
Sebastian Lackner 2015-04-03 18:36:35 +02:00
parent 70ca8ccdee
commit da14f3201a
12 changed files with 414 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -39,11 +39,12 @@ Wine. All those differences are also documented on the
Included bug fixes and improvements
-----------------------------------
**Bug fixes and features included in the next upcoming release [17]:**
**Bug fixes and features included in the next upcoming release [18]:**
* Add stub fltmgr.sys (filter manager driver) ([Wine Bug #23583](https://bugs.winehq.org/show_bug.cgi?id=23583))
* Add stub for ntoskrnl.PsRemoveLoadImageNotifyRoutine
* Add stubs for Power[Set|Clear]Request
* Allow to open files/directories without any access rights in order to query attributes
* Avoid spam of FIXME messages for PsLookupProcessByProcessId stub ([Wine Bug #36821](https://bugs.winehq.org/show_bug.cgi?id=36821))
* Don't return an error in WS_select when EINTR happens during timeout
* Fix calculation of 3D sound source ([Wine Bug #38041](https://bugs.winehq.org/show_bug.cgi?id=38041))

1
debian/changelog vendored
View File

@ -19,6 +19,7 @@ wine-staging (1.7.40) UNRELEASED; urgency=low
* Added patch to implement proper handling of CLI .NET images in Wine library loader.
* Added patch to stub ntoskrnl.PsRemoveLoadImageNotifyRoutine
* Added patch to fix invalid memory access in get_registry_locale_info.
* Added patch to allow to open files/directories without any access rights in order to query attributes.
* Removed patch to fix regression causing black screen on startup (accepted upstream).
* Removed patch to fix edge cases in TOOLTIPS_GetTipText (fixed upstream).
* Removed patch for IConnectionPoint/INetworkListManagerEvents stub interface (accepted upstream).

22
patches/ntdll-FileDispositionInformation/0001-server-Keep-a-pointer-to-parent-s-fd-unix_name-in-th.patch
View File

@ -1,15 +1,15 @@
From 35cc6b5ed224e27ef833bb84cea092bb65b8ab12 Mon Sep 17 00:00:00 2001
From e2337e9756c38d06661d6dabd4a04d97528c4ab1 Mon Sep 17 00:00:00 2001
From: Dmitry Timoshkov <dmitry@baikal.ru>
Date: Thu, 7 Aug 2014 18:31:33 -0600
Subject: server: Keep a pointer to parent's fd unix_name in the closed_fd
structure.
---
server/fd.c | 38 +++++++++++++++++++++-----------------
server/fd.c | 38 +++++++++++++++++++++-----------------
1 file changed, 21 insertions(+), 17 deletions(-)
diff --git a/server/fd.c b/server/fd.c
index e3b722c..b022a3c 100644
index 9a4aac4..cd62cc8 100644
--- a/server/fd.c
+++ b/server/fd.c
@@ -164,7 +164,8 @@ struct closed_fd
@ -124,8 +124,8 @@ index e3b722c..b022a3c 100644
- const char *unlink_name = "";
int root_fd = -1;
int rw_mode;
@@ -1752,8 +1756,7 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode,
int do_chmod = 0;
@@ -1753,8 +1757,7 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode,
if (!(fd = alloc_fd_object())) return NULL;
fd->options = options;
@ -135,17 +135,17 @@ index e3b722c..b022a3c 100644
{
release_object( fd );
return NULL;
@@ -1810,7 +1813,8 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode,
@@ -1834,7 +1837,8 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode,
}
closed_fd->unix_fd = fd->unix_fd;
- closed_fd->unlink[0] = 0;
+ closed_fd->unlink = 0;
+ closed_fd->unix_name = fd->unix_name;
fstat( fd->unix_fd, &st );
*mode = st.st_mode;
@@ -1851,7 +1855,7 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode,
if (do_chmod) fchmod( fd->unix_fd, *mode );
fstat( fd->unix_fd, &st );
@@ -1877,7 +1881,7 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode,
set_error( err );
return NULL;
}
@ -154,7 +154,7 @@ index e3b722c..b022a3c 100644
if (flags & O_TRUNC)
{
if (S_ISDIR(st.st_mode))
@@ -1870,7 +1874,7 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode,
@@ -1896,7 +1900,7 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode,
set_error( STATUS_NOT_A_DIRECTORY );
goto error;
}
@ -164,5 +164,5 @@ index e3b722c..b022a3c 100644
set_error( STATUS_INVALID_PARAMETER );
goto error;
--
1.7.9.5
2.3.3

1
patches/ntdll-FileDispositionInformation/definition
View File

@ -1 +1,2 @@
Fixes: [30397] Support for NtSetInformationFile class FileDispositionInformation
Depends: server-File_Permissions

33
patches/patchinstall.sh
View File

@ -178,6 +178,7 @@ patch_enable_all ()
enable_server_Address_List_Change="$1"
enable_server_ClipCursor="$1"
enable_server_CreateProcess_ACLs="$1"
enable_server_File_Permissions="$1"
enable_server_Inherited_ACLs="$1"
enable_server_JobObjects="$1"
enable_server_Key_State="$1"
@ -601,6 +602,9 @@ patch_enable ()
server-CreateProcess_ACLs)
enable_server_CreateProcess_ACLs="$2"
;;
server-File_Permissions)
enable_server_File_Permissions="$2"
;;
server-Inherited_ACLs)
enable_server_Inherited_ACLs="$2"
;;
@ -1089,9 +1093,13 @@ if test "$enable_server_ACL_Compat" -eq 1; then
fi
if test "$enable_server_Inherited_ACLs" -eq 1; then
if test "$enable_server_File_Permissions" -gt 1; then
abort "Patchset server-File_Permissions disabled, but server-Inherited_ACLs depends on that."
fi
if test "$enable_server_Stored_ACLs" -gt 1; then
abort "Patchset server-Stored_ACLs disabled, but server-Inherited_ACLs depends on that."
fi
enable_server_File_Permissions=1
enable_server_Stored_ACLs=1
fi
@ -1177,6 +1185,13 @@ if test "$enable_kernel32_CopyFileEx" -eq 1; then
enable_ntdll_FileDispositionInformation=1
fi
if test "$enable_ntdll_FileDispositionInformation" -eq 1; then
if test "$enable_server_File_Permissions" -gt 1; then
abort "Patchset server-File_Permissions disabled, but ntdll-FileDispositionInformation depends on that."
fi
enable_server_File_Permissions=1
fi
if test "$enable_dxva2_Video_Decoder" -eq 1; then
if test "$enable_winecfg_Staging" -gt 1; then
abort "Patchset winecfg-Staging disabled, but dxva2-Video_Decoder depends on that."
@ -2611,6 +2626,24 @@ if test "$enable_kernel32_Console_Handles" -eq 1; then
) >> "$patchlist"
fi
# Patchset server-File_Permissions
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, server/fd.c
# |
if test "$enable_server_File_Permissions" -eq 1; then
patch_apply server-File_Permissions/0001-server-Allow-to-open-files-without-any-permission-bi.patch
patch_apply server-File_Permissions/0002-server-When-creating-new-directories-temporarily-giv.patch
patch_apply server-File_Permissions/0003-advapi32-tests-Add-tests-for-ACL-inheritance-in-Crea.patch
patch_apply server-File_Permissions/0004-advapi32-tests-Add-ACL-inheritance-tests-for-creatin.patch
(
echo '+ { "Sebastian Lackner", "server: Allow to open files without any permission bits.", 2 },';
echo '+ { "Sebastian Lackner", "server: When creating new directories temporarily give read-permissions until they are opened.", 1 },';
echo '+ { "Sebastian Lackner", "advapi32/tests: Add tests for ACL inheritance in CreateDirectoryA.", 1 },';
echo '+ { "Sebastian Lackner", "advapi32/tests: Add ACL inheritance tests for creating subdirectories with NtCreateFile.", 1 },';
) >> "$patchlist"
fi
# Patchset ntdll-FileDispositionInformation
# |
# | This patchset fixes the following Wine bugs:

117
patches/server-File_Permissions/0001-server-Allow-to-open-files-without-any-permission-bi.patch Normal file
View File

@ -0,0 +1,117 @@
From 79e9440272eed16300dc4aacc96765a24841a705 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 3 Apr 2015 03:58:47 +0200
Subject: server: Allow to open files without any permission bits. (try 2)
Changes in v2:
* As suggested by Piotr, fix the problem for both files and directories.
* Pay attention to requested access attributes - this fixes a couple more todo_wine's.
---
dlls/advapi32/tests/security.c | 32 ++++++++++++--------------------
server/fd.c | 21 +++++++++++++++++++++
2 files changed, 33 insertions(+), 20 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 466100d..329ae09 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -3319,17 +3319,13 @@ static void test_CreateDirectoryA(void)
error = pGetNamedSecurityInfoA(tmpfile, SE_FILE_OBJECT,
OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
(PSID *)&owner, NULL, &pDacl, NULL, &pSD);
- todo_wine
ok(error == ERROR_SUCCESS, "GetNamedSecurityInfo failed with error %d\n", error);
- if (error == ERROR_SUCCESS)
- {
- bret = pGetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation);
- ok(bret, "GetAclInformation failed\n");
- todo_wine
- ok(acl_size.AceCount == 0, "GetAclInformation returned unexpected entry count (%d != 0).\n",
- acl_size.AceCount);
- LocalFree(pSD);
- }
+ bret = pGetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation);
+ ok(bret, "GetAclInformation failed\n");
+ todo_wine
+ ok(acl_size.AceCount == 0, "GetAclInformation returned unexpected entry count (%d != 0).\n",
+ acl_size.AceCount);
+ LocalFree(pSD);
CloseHandle(hTemp);
/* Test inheritance of ACLs in NtCreateFile without security descriptor */
@@ -3399,17 +3395,13 @@ static void test_CreateDirectoryA(void)
error = pGetNamedSecurityInfoA(tmpfile, SE_FILE_OBJECT,
OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
(PSID *)&owner, NULL, &pDacl, NULL, &pSD);
- todo_wine
ok(error == ERROR_SUCCESS, "GetNamedSecurityInfo failed with error %d\n", error);
- if (error == ERROR_SUCCESS)
- {
- bret = pGetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation);
- ok(bret, "GetAclInformation failed\n");
- todo_wine
- ok(acl_size.AceCount == 0, "GetAclInformation returned unexpected entry count (%d != 0).\n",
- acl_size.AceCount);
- LocalFree(pSD);
- }
+ bret = pGetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation);
+ ok(bret, "GetAclInformation failed\n");
+ todo_wine
+ ok(acl_size.AceCount == 0, "GetAclInformation returned unexpected entry count (%d != 0).\n",
+ acl_size.AceCount);
+ LocalFree(pSD);
CloseHandle(hTemp);
done:
diff --git a/server/fd.c b/server/fd.c
index e3b722c..3afb89a 100644
--- a/server/fd.c
+++ b/server/fd.c
@@ -1741,6 +1741,7 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode,
const char *unlink_name = "";
int root_fd = -1;
int rw_mode;
+ int do_chmod = 0;
if (((options & FILE_DELETE_ON_CLOSE) && !(access & DELETE)) ||
((options & FILE_DIRECTORY_FILE) && (flags & O_TRUNC)))
@@ -1801,16 +1802,36 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode,
if ((access & FILE_UNIX_WRITE_ACCESS) || (flags & O_CREAT))
fd->unix_fd = open( name, O_RDONLY | (flags & ~(O_TRUNC | O_CREAT | O_EXCL)), *mode );
}
+ else if (errno == EACCES)
+ {
+ /* try to change permissions temporarily to open a file descriptor */
+ if (!(access & (FILE_UNIX_WRITE_ACCESS | FILE_UNIX_READ_ACCESS | DELETE)) &&
+ !stat( name, &st ) && st.st_uid == getuid() &&
+ !chmod( name, st.st_mode | S_IRUSR ))
+ {
+ fd->unix_fd = open( name, O_RDONLY | (flags & ~(O_TRUNC | O_CREAT | O_EXCL)), *mode );
+ *mode = st.st_mode;
+ do_chmod = 1;
+ }
+ else
+ {
+ set_error( STATUS_ACCESS_DENIED );
+ goto error;
+ }
+ }
if (fd->unix_fd == -1)
{
file_set_error();
+ if (do_chmod) chmod( name, *mode );
goto error;
}
}
closed_fd->unix_fd = fd->unix_fd;
closed_fd->unlink[0] = 0;
+
+ if (do_chmod) fchmod( fd->unix_fd, *mode );
fstat( fd->unix_fd, &st );
*mode = st.st_mode;
--
2.3.3

31
patches/server-File_Permissions/0002-server-When-creating-new-directories-temporarily-giv.patch Normal file
View File

@ -0,0 +1,31 @@
From 9443494239616a5a9f1e7d5711324c435d04e035 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 3 Apr 2015 03:58:53 +0200
Subject: server: When creating new directories temporarily give
read-permissions until they are opened.
---
server/fd.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/server/fd.c b/server/fd.c
index 3afb89a..9a4aac4 100644
--- a/server/fd.c
+++ b/server/fd.c
@@ -1774,7 +1774,12 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode,
/* create the directory if needed */
if ((options & FILE_DIRECTORY_FILE) && (flags & O_CREAT))
{
- if (mkdir( name, *mode ) == -1)
+ if (mkdir( name, *mode | S_IRUSR ) != -1)
+ {
+ /* remove S_IRUSR later, after we have opened the directory */
+ do_chmod = !(*mode & S_IRUSR);
+ }
+ else
{
if (errno != EEXIST || (flags & O_EXCL))
{
--
2.3.3

93
patches/server-File_Permissions/0003-advapi32-tests-Add-tests-for-ACL-inheritance-in-Crea.patch Normal file
View File

@ -0,0 +1,93 @@
From 0c188a73bf19cbdb18c61d0a8417e9557c3daf59 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 3 Apr 2015 03:58:59 +0200
Subject: advapi32/tests: Add tests for ACL inheritance in CreateDirectoryA.
---
dlls/advapi32/tests/security.c | 70 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 70 insertions(+)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 329ae09..36ef972 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -3404,6 +3404,76 @@ static void test_CreateDirectoryA(void)
LocalFree(pSD);
CloseHandle(hTemp);
+ /* Test inheritance of ACLs in CreateDirectory without security descriptor */
+ strcpy(tmpfile, tmpdir);
+ lstrcatA(tmpfile, "/tmpdir");
+ bret = CreateDirectoryA(tmpfile, NULL);
+ ok(bret == TRUE, "CreateDirectoryA failed with error %u\n", GetLastError());
+
+ error = pGetNamedSecurityInfoA(tmpfile, SE_FILE_OBJECT,
+ OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
+ (PSID *)&owner, NULL, &pDacl, NULL, &pSD);
+ ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n");
+ test_inherited_dacl(pDacl, admin_sid, user_sid,
+ OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE,
+ 0x1f01ff, TRUE, TRUE, TRUE, __LINE__);
+ LocalFree(pSD);
+ bret = RemoveDirectoryA(tmpfile);
+ ok(bret == TRUE, "RemoveDirectoryA failed with error %u\n", GetLastError());
+
+ /* Test inheritance of ACLs in CreateDirectory with security descriptor */
+ pSD = &sd;
+ InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION);
+ pDacl = HeapAlloc(GetProcessHeap(), 0, sizeof(ACL));
+ bret = InitializeAcl(pDacl, sizeof(ACL), ACL_REVISION);
+ ok(bret, "Failed to initialize ACL\n");
+ bret = SetSecurityDescriptorDacl(pSD, TRUE, pDacl, FALSE);
+ ok(bret, "Failed to add ACL to security desciptor\n");
+
+ strcpy(tmpfile, tmpdir);
+ lstrcatA(tmpfile, "/tmpdir1");
+
+ sa.nLength = sizeof(sa);
+ sa.lpSecurityDescriptor = pSD;
+ sa.bInheritHandle = TRUE;
+ bret = CreateDirectoryA(tmpfile, &sa);
+ ok(bret == TRUE, "CreateDirectoryA failed with error %u\n", GetLastError());
+ HeapFree(GetProcessHeap(), 0, pDacl);
+
+ error = pGetNamedSecurityInfoA(tmpfile, SE_FILE_OBJECT,
+ OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
+ (PSID *)&owner, NULL, &pDacl, NULL, &pSD);
+ ok(error == ERROR_SUCCESS, "GetNamedSecurityInfo failed with error %d\n", error);
+ bret = pGetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation);
+ ok(bret, "GetAclInformation failed\n");
+ todo_wine
+ ok(acl_size.AceCount == 0, "GetAclInformation returned unexpected entry count (%d != 0).\n",
+ acl_size.AceCount);
+ LocalFree(pSD);
+
+ SetLastError(0xdeadbeef);
+ bret = RemoveDirectoryA(tmpfile);
+ error = GetLastError();
+ ok(bret == FALSE, "RemoveDirectoryA unexpected succeeded\n");
+ ok(error == ERROR_ACCESS_DENIED, "expected ERROR_ACCESS_DENIED, got %u\n", error);
+
+ pSD = &sd;
+ InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION);
+ pDacl = HeapAlloc(GetProcessHeap(), 0, 100);
+ bret = InitializeAcl(pDacl, 100, ACL_REVISION);
+ ok(bret, "Failed to initialize ACL.\n");
+ bret = pAddAccessAllowedAceEx(pDacl, ACL_REVISION, 0, GENERIC_ALL, user_sid);
+ ok(bret, "Failed to add Current User to ACL.\n");
+ bret = SetSecurityDescriptorDacl(pSD, TRUE, pDacl, FALSE);
+ ok(bret, "Failed to add ACL to security desciptor.\n");
+ error = pSetNamedSecurityInfoA(tmpfile, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL,
+ NULL, pDacl, NULL);
+ ok(error == ERROR_SUCCESS, "SetNamedSecurityInfoA failed with error %u\n", error);
+ HeapFree(GetProcessHeap(), 0, pDacl);
+
+ bret = RemoveDirectoryA(tmpfile);
+ ok(bret == TRUE, "RemoveDirectoryA failed with error %u\n", GetLastError());
+
done:
HeapFree(GetProcessHeap(), 0, user);
bret = RemoveDirectoryA(tmpdir);
--
2.3.3

100
patches/server-File_Permissions/0004-advapi32-tests-Add-ACL-inheritance-tests-for-creatin.patch Normal file
View File

@ -0,0 +1,100 @@
From 39e8ae54cb3e8dcd4ef48e190f96b6dd48b40969 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 3 Apr 2015 03:59:05 +0200
Subject: advapi32/tests: Add ACL inheritance tests for creating subdirectories
with NtCreateFile.
---
dlls/advapi32/tests/security.c | 76 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 76 insertions(+)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 36ef972..a0532f6 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -3474,6 +3474,82 @@ static void test_CreateDirectoryA(void)
bret = RemoveDirectoryA(tmpfile);
ok(bret == TRUE, "RemoveDirectoryA failed with error %u\n", GetLastError());
+ /* Test inheritance of ACLs in NtCreateFile(..., FILE_DIRECTORY_FILE, ...) without security descriptor */
+ strcpy(tmpfile, tmpdir);
+ lstrcatA(tmpfile, "/tmpdir");
+ get_nt_pathW(tmpfile, &tmpfileW);
+
+ attr.Length = sizeof(attr);
+ attr.RootDirectory = 0;
+ attr.ObjectName = &tmpfileW;
+ attr.Attributes = OBJ_CASE_INSENSITIVE;
+ attr.SecurityDescriptor = NULL;
+ attr.SecurityQualityOfService = NULL;
+
+ status = pNtCreateFile(&hTemp, GENERIC_READ | DELETE, &attr, &io, NULL, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ, FILE_CREATE, FILE_DIRECTORY_FILE | FILE_DELETE_ON_CLOSE, NULL, 0);
+ ok(!status, "NtCreateFile failed with %08x\n", status);
+ RtlFreeUnicodeString(&tmpfileW);
+
+ error = pGetNamedSecurityInfoA(tmpfile, SE_FILE_OBJECT,
+ OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
+ (PSID *)&owner, NULL, &pDacl, NULL, &pSD);
+ ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n");
+ test_inherited_dacl(pDacl, admin_sid, user_sid,
+ OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE,
+ 0x1f01ff, TRUE, TRUE, TRUE, __LINE__);
+ LocalFree(pSD);
+ CloseHandle(hTemp);
+
+ /* Test inheritance of ACLs in NtCreateFile(..., FILE_DIRECTORY_FILE, ...) with security descriptor */
+ pSD = &sd;
+ InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION);
+ pDacl = HeapAlloc(GetProcessHeap(), 0, sizeof(ACL));
+ bret = InitializeAcl(pDacl, sizeof(ACL), ACL_REVISION);
+ ok(bret, "Failed to initialize ACL\n");
+ bret = SetSecurityDescriptorDacl(pSD, TRUE, pDacl, FALSE);
+ ok(bret, "Failed to add ACL to security desciptor\n");
+
+ strcpy(tmpfile, tmpdir);
+ lstrcatA(tmpfile, "/tmpdir2");
+ get_nt_pathW(tmpfile, &tmpfileW);
+
+ attr.Length = sizeof(attr);
+ attr.RootDirectory = 0;
+ attr.ObjectName = &tmpfileW;
+ attr.Attributes = OBJ_CASE_INSENSITIVE;
+ attr.SecurityDescriptor = pSD;
+ attr.SecurityQualityOfService = NULL;
+
+ status = pNtCreateFile(&hTemp, GENERIC_READ | DELETE, &attr, &io, NULL, FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ, FILE_CREATE, FILE_DIRECTORY_FILE | FILE_DELETE_ON_CLOSE, NULL, 0);
+ ok(!status, "NtCreateFile failed with %08x\n", status);
+ RtlFreeUnicodeString(&tmpfileW);
+ HeapFree(GetProcessHeap(), 0, pDacl);
+
+ error = pGetSecurityInfo(hTemp, SE_FILE_OBJECT,
+ OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
+ (PSID *)&owner, NULL, &pDacl, NULL, &pSD);
+ ok(error == ERROR_SUCCESS, "GetNamedSecurityInfo failed with error %d\n", error);
+ bret = pGetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation);
+ ok(bret, "GetAclInformation failed\n");
+ todo_wine
+ ok(acl_size.AceCount == 0, "GetAclInformation returned unexpected entry count (%d != 0).\n",
+ acl_size.AceCount);
+ LocalFree(pSD);
+
+ error = pGetNamedSecurityInfoA(tmpfile, SE_FILE_OBJECT,
+ OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
+ (PSID *)&owner, NULL, &pDacl, NULL, &pSD);
+ ok(error == ERROR_SUCCESS, "GetNamedSecurityInfo failed with error %d\n", error);
+ bret = pGetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation);
+ ok(bret, "GetAclInformation failed\n");
+ todo_wine
+ ok(acl_size.AceCount == 0, "GetAclInformation returned unexpected entry count (%d != 0).\n",
+ acl_size.AceCount);
+ LocalFree(pSD);
+ CloseHandle(hTemp);
+
done:
HeapFree(GetProcessHeap(), 0, user);
bret = RemoveDirectoryA(tmpdir);
--
2.3.3

1
patches/server-File_Permissions/definition Normal file
View File

@ -0,0 +1 @@
Fixes: Allow to open files/directories without any access rights in order to query attributes

28
patches/server-Inherited_ACLs/0001-server-Inherit-security-attributes-from-parent-direc.patch
View File

@ -1,16 +1,16 @@
From 2e6b68d04f4b74591fdbea0ef5fbea4879235c96 Mon Sep 17 00:00:00 2001
From 42b83b84ee0ff3b0a9d2439e1d0154287630f192 Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
Date: Fri, 18 Apr 2014 14:08:36 -0600
Subject: server: Inherit security attributes from parent directories on
creation. (try 7)
---
dlls/advapi32/tests/security.c | 4 +-
dlls/advapi32/tests/security.c | 8 +--
server/file.c | 137 +++++++++++++++++++++++++++++++++++++++++
2 files changed, 139 insertions(+), 2 deletions(-)
2 files changed, 141 insertions(+), 4 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index a530a3f..ae9ec99 100644
index 4db46f5..c509d3c 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -3278,7 +3278,7 @@ static void test_CreateDirectoryA(void)
@ -22,7 +22,7 @@ index a530a3f..ae9ec99 100644
LocalFree(pSD);
CloseHandle(hTemp);
@@ -3352,7 +3352,7 @@ static void test_CreateDirectoryA(void)
@@ -3348,7 +3348,7 @@ static void test_CreateDirectoryA(void)
(PSID *)&owner, NULL, &pDacl, NULL, &pSD);
ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n");
test_inherited_dacl(pDacl, admin_sid, user_sid, INHERITED_ACE,
@ -31,6 +31,24 @@ index a530a3f..ae9ec99 100644
LocalFree(pSD);
CloseHandle(hTemp);
@@ -3414,7 +3414,7 @@ static void test_CreateDirectoryA(void)
ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n");
test_inherited_dacl(pDacl, admin_sid, user_sid,
OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE,
- 0x1f01ff, TRUE, TRUE, TRUE, __LINE__);
+ 0x1f01ff, FALSE, FALSE, FALSE, __LINE__);
LocalFree(pSD);
bret = RemoveDirectoryA(tmpfile);
ok(bret == TRUE, "RemoveDirectoryA failed with error %u\n", GetLastError());
@@ -3495,7 +3495,7 @@ static void test_CreateDirectoryA(void)
ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n");
test_inherited_dacl(pDacl, admin_sid, user_sid,
OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE,
- 0x1f01ff, TRUE, TRUE, TRUE, __LINE__);
+ 0x1f01ff, FALSE, FALSE, FALSE, __LINE__);
LocalFree(pSD);
CloseHandle(hTemp);
diff --git a/server/file.c b/server/file.c
index b6435d1..43be63b 100644
--- a/server/file.c

1
patches/server-Inherited_ACLs/definition
View File

@ -1,2 +1,3 @@
Depends: server-Stored_ACLs
Depends: server-File_Permissions
Fixes: [34406] Support for inherited file ACLs