Release 2.2.

Also remove a broken link.

LICENSE.md

@@ -7,7 +7,7 @@ are part of **Wine Staging** and are licensed under the terms of the
 [LGPLv2.1](#gnu-lgpl-version-21), to stay compatible with Wine:
 
 ```
-Copyright (C) 2014-2016 the Wine Staging project authors.
+Copyright (C) 2014-2017 the Wine Staging project authors.
 
 Wine Staging is free software; you can redistribute it and/or
 modify it under the terms of the GNU Lesser General Public

patches/Compiler_Warnings/definition

@@ -1 +0,0 @@
-Category: stable

patches/Staging/0001-kernel32-Add-winediag-message-to-show-warning-that-t.patch

@@ -1,4 +1,4 @@
-From a41dac0b19ec2ba3807da4ac42d77717d79f1115 Mon Sep 17 00:00:00 2001
+From 41ee5d7699182ea01c61223ab9d0a10473e16ac2 Mon Sep 17 00:00:00 2001
 From: Sebastian Lackner <sebastian@fds-team.de>
 Date: Thu, 2 Oct 2014 19:44:31 +0200
 Subject: kernel32: Add winediag message to show warning, that this isn't
@@ -9,7 +9,7 @@ Subject: kernel32: Add winediag message to show warning, that this isn't
  1 file changed, 9 insertions(+)
 
 diff --git a/dlls/kernel32/process.c b/dlls/kernel32/process.c
-index b0c06e3..a2c1d4c 100644
+index 6d0fc74cdf4..ed1d967ffdf 100644
 --- a/dlls/kernel32/process.c
 +++ b/dlls/kernel32/process.c
 @@ -65,6 +65,7 @@
@@ -20,7 +20,7 @@ index b0c06e3..a2c1d4c 100644
  
  #ifdef __APPLE__
  extern char **__wine_get_main_environment(void);
-@@ -1099,6 +1100,14 @@ static DWORD WINAPI start_process( PEB *peb )
+@@ -1104,6 +1105,14 @@ static DWORD WINAPI start_process( PEB *peb )
          DPRINTF( "%04x:Starting process %s (entryproc=%p)\n", GetCurrentThreadId(),
                   debugstr_w(peb->ProcessParameters->ImagePathName.Buffer), entry );
  
@@ -32,9 +32,9 @@ index b0c06e3..a2c1d4c 100644
 +    else
 +        WARN_(winediag)("Wine Staging %s is a testing version containing experimental patches.\n", wine_get_version());
 +
-     SetLastError( 0 );  /* clear error code */
-     if (peb->BeingDebugged) DbgBreakPoint();
-     return call_process_entry( peb, entry );
+     if (!CheckRemoteDebuggerPresent( GetCurrentProcess(), &being_debugged ))
+         being_debugged = FALSE;
+ 
 -- 
-2.5.1
+2.11.0
 

patches/Staging/definition

@@ -1 +0,0 @@
-Category: stable

patches/advapi32-AddMandatoryAce/0001-advapi32-Implement-AddMandatoryAce.patch

@@ -1,185 +0,0 @@
-From 9904ee15d00d0809c12759446c09adc1981e3cf9 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
-Date: Mon, 29 Aug 2016 19:45:47 +0200
-Subject: advapi32: Implement AddMandatoryAce.
-
----
- dlls/advapi32/security.c       |  6 ++++--
- dlls/advapi32/tests/security.c | 45 ++++++++++++++++++++++++++++++++++++++++++
- dlls/ntdll/ntdll.spec          |  1 +
- dlls/ntdll/sec.c               | 25 +++++++++++++++++++++++
- include/winbase.h              |  1 +
- include/winternl.h             |  1 +
- 6 files changed, 77 insertions(+), 2 deletions(-)
-
-diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
-index 28331df..45c0f7e 100644
---- a/dlls/advapi32/security.c
-+++ b/dlls/advapi32/security.c
-@@ -1711,10 +1711,12 @@ BOOL WINAPI AddAce(
-     return set_ntstatus(RtlAddAce(pAcl, dwAceRevision, dwStartingAceIndex, pAceList, nAceListLength));
- }
- 
-+/******************************************************************************
-+ *  AddMandatoryAce [ADVAPI32.@]
-+ */
- BOOL WINAPI AddMandatoryAce(ACL *acl, DWORD ace_revision, DWORD ace_flags, DWORD mandatory_policy, PSID label_sid)
- {
--    FIXME("%p %x %x %x %p - stub\n", acl, ace_revision, ace_flags, mandatory_policy, label_sid);
--    return FALSE;
-+    return set_ntstatus(RtlAddMandatoryAce(acl, ace_revision, ace_flags, mandatory_policy, SYSTEM_MANDATORY_LABEL_ACE_TYPE, label_sid));
- }
- 
- /******************************************************************************
-diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
-index 18f4e04..cdbe4f8 100644
---- a/dlls/advapi32/tests/security.c
-+++ b/dlls/advapi32/tests/security.c
-@@ -65,6 +65,7 @@
- static BOOL (WINAPI *pAddAccessAllowedAceEx)(PACL, DWORD, DWORD, DWORD, PSID);
- static BOOL (WINAPI *pAddAccessDeniedAceEx)(PACL, DWORD, DWORD, DWORD, PSID);
- static BOOL (WINAPI *pAddAuditAccessAceEx)(PACL, DWORD, DWORD, DWORD, PSID, BOOL, BOOL);
-+static BOOL (WINAPI *pAddMandatoryAce)(PACL,DWORD,DWORD,DWORD,PSID);
- static VOID (WINAPI *pBuildTrusteeWithSidA)( PTRUSTEEA pTrustee, PSID pSid );
- static VOID (WINAPI *pBuildTrusteeWithNameA)( PTRUSTEEA pTrustee, LPSTR pName );
- static VOID (WINAPI *pBuildTrusteeWithObjectsAndNameA)( PTRUSTEEA pTrustee,
-@@ -199,6 +200,7 @@ static void init(void)
-     pAddAccessAllowedAceEx = (void *)GetProcAddress(hmod, "AddAccessAllowedAceEx");
-     pAddAccessDeniedAceEx = (void *)GetProcAddress(hmod, "AddAccessDeniedAceEx");
-     pAddAuditAccessAceEx = (void *)GetProcAddress(hmod, "AddAuditAccessAceEx");
-+    pAddMandatoryAce = (void *)GetProcAddress(hmod, "AddMandatoryAce");
-     pCheckTokenMembership = (void *)GetProcAddress(hmod, "CheckTokenMembership");
-     pConvertStringSecurityDescriptorToSecurityDescriptorA =
-         (void *)GetProcAddress(hmod, "ConvertStringSecurityDescriptorToSecurityDescriptorA" );
-@@ -6064,6 +6066,48 @@ static void test_default_dacl_owner_sid(void)
-     CloseHandle( handle );
- }
- 
-+static void test_integrity(void)
-+{
-+    static SID low_level = {SID_REVISION, 1, {SECURITY_MANDATORY_LABEL_AUTHORITY},
-+                                                    {SECURITY_MANDATORY_LOW_RID}};
-+    SYSTEM_MANDATORY_LABEL_ACE *ace;
-+    char buffer_acl[256];
-+    ACL *pAcl = (ACL*)&buffer_acl;
-+    BOOL ret, found;
-+    DWORD index;
-+
-+    if (!pAddMandatoryAce)
-+    {
-+        win_skip("Mandatory integrity labels not supported, skipping test\n");
-+        return;
-+    }
-+
-+    ret = InitializeAcl(pAcl, 256, ACL_REVISION);
-+    ok(ret, "InitializeAcl failed with %u\n", GetLastError());
-+
-+    ret = pAddMandatoryAce(pAcl, ACL_REVISION, 0, 0x1234, &low_level);
-+    ok(!ret, "AddMandatoryAce succeeded\n");
-+    ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER got %u\n", GetLastError());
-+
-+    ret = pAddMandatoryAce(pAcl, ACL_REVISION, 0, SYSTEM_MANDATORY_LABEL_NO_WRITE_UP, &low_level);
-+    ok(ret, "AddMandatoryAce failed with %u\n", GetLastError());
-+
-+    index = 0;
-+    found = FALSE;
-+    while (pGetAce( pAcl, index++, (void **)&ace ))
-+    {
-+        if (ace->Header.AceType == SYSTEM_MANDATORY_LABEL_ACE_TYPE)
-+        {
-+            found = TRUE;
-+            ok(ace->Header.AceFlags == 0, "Expected 0 as flags, got %x\n", ace->Header.AceFlags);
-+            ok(ace->Mask == SYSTEM_MANDATORY_LABEL_NO_WRITE_UP,
-+               "Expected SYSTEM_MANDATORY_LABEL_NO_WRITE_UP as flag, got %x\n", ace->Mask);
-+            ok(EqualSid(&ace->SidStart, &low_level), "Expected low integrity level\n");
-+        }
-+    }
-+    ok(found, "Could not find mandatory label\n");
-+}
-+
- static void test_AdjustTokenPrivileges(void)
- {
-     TOKEN_PRIVILEGES tp, prev;
-@@ -6444,6 +6488,7 @@ START_TEST(security)
-     test_CreateRestrictedToken();
-     test_TokenIntegrityLevel();
-     test_default_dacl_owner_sid();
-+    test_integrity();
-     test_AdjustTokenPrivileges();
-     test_AddAce();
-     test_system_security_access();
-diff --git a/dlls/ntdll/ntdll.spec b/dlls/ntdll/ntdll.spec
-index 28aa2df..f6f8eba 100644
---- a/dlls/ntdll/ntdll.spec
-+++ b/dlls/ntdll/ntdll.spec
-@@ -422,6 +422,7 @@
- @ stdcall RtlAddAuditAccessAceEx(ptr long long long ptr long long)
- @ stdcall RtlAddAuditAccessObjectAce(ptr long long long ptr ptr ptr long long)
- # @ stub RtlAddCompoundAce
-+@ stdcall RtlAddMandatoryAce(ptr long long long long ptr)
- # @ stub RtlAddRange
- @ cdecl -arch=arm,x86_64 RtlAddFunctionTable(ptr long long)
- @ stdcall RtlAddRefActivationContext(ptr)
-diff --git a/dlls/ntdll/sec.c b/dlls/ntdll/sec.c
-index 3bc52ac..daa2cae 100644
---- a/dlls/ntdll/sec.c
-+++ b/dlls/ntdll/sec.c
-@@ -1379,6 +1379,31 @@ NTSTATUS WINAPI RtlAddAuditAccessObjectAce(
-     return STATUS_NOT_IMPLEMENTED;
- }
- 
-+/**************************************************************************
-+ *  RtlAddMandatoryAce     [NTDLL.@]
-+ */
-+NTSTATUS WINAPI RtlAddMandatoryAce(
-+    IN OUT PACL pAcl,
-+    IN DWORD dwAceRevision,
-+    IN DWORD dwAceFlags,
-+    IN DWORD dwMandatoryFlags,
-+    IN DWORD dwAceType,
-+    IN PSID pSid)
-+{
-+    static DWORD valid_flags = SYSTEM_MANDATORY_LABEL_NO_WRITE_UP | SYSTEM_MANDATORY_LABEL_NO_READ_UP |
-+                               SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP;
-+
-+    TRACE("(%p,%d,0x%08x,0x%08x,%u,%p)\n",pAcl,dwAceRevision,dwAceFlags,dwMandatoryFlags, dwAceType, pSid);
-+
-+    if (dwAceType != SYSTEM_MANDATORY_LABEL_ACE_TYPE)
-+        return STATUS_INVALID_PARAMETER;
-+
-+    if (dwMandatoryFlags & ~valid_flags)
-+        return STATUS_INVALID_PARAMETER;
-+
-+    return add_access_ace(pAcl, dwAceRevision, dwAceFlags, dwMandatoryFlags, pSid, dwAceType);
-+}
-+
- /******************************************************************************
-  *  RtlValidAcl		[NTDLL.@]
-  */
-diff --git a/include/winbase.h b/include/winbase.h
-index eff5972..42c826d 100644
---- a/include/winbase.h
-+++ b/include/winbase.h
-@@ -1693,6 +1693,7 @@ WINBASEAPI ATOM        WINAPI AddAtomW(LPCWSTR);
- #define                       AddAtom WINELIB_NAME_AW(AddAtom)
- WINADVAPI  BOOL        WINAPI AddAuditAccessAce(PACL,DWORD,DWORD,PSID,BOOL,BOOL);
- WINADVAPI  BOOL        WINAPI AddAuditAccessAceEx(PACL,DWORD,DWORD,DWORD,PSID,BOOL,BOOL);
-+WINADVAPI  BOOL        WINAPI AddMandatoryAce(PACL,DWORD,DWORD,DWORD,PSID);
- WINBASEAPI VOID        WINAPI AddRefActCtx(HANDLE);
- WINBASEAPI PVOID       WINAPI AddVectoredExceptionHandler(ULONG,PVECTORED_EXCEPTION_HANDLER);
- WINADVAPI  BOOL        WINAPI AdjustTokenGroups(HANDLE,BOOL,PTOKEN_GROUPS,DWORD,PTOKEN_GROUPS,PDWORD);
-diff --git a/include/winternl.h b/include/winternl.h
-index f35091c..c104e6f 100644
---- a/include/winternl.h
-+++ b/include/winternl.h
-@@ -2405,6 +2405,7 @@ NTSYSAPI NTSTATUS  WINAPI RtlAddAtomToAtomTable(RTL_ATOM_TABLE,const WCHAR*,RTL_
- NTSYSAPI NTSTATUS  WINAPI RtlAddAuditAccessAce(PACL,DWORD,DWORD,PSID,BOOL,BOOL);
- NTSYSAPI NTSTATUS  WINAPI RtlAddAuditAccessAceEx(PACL,DWORD,DWORD,DWORD,PSID,BOOL,BOOL);
- NTSYSAPI NTSTATUS  WINAPI RtlAddAuditAccessObjectAce(PACL,DWORD,DWORD,DWORD,GUID*,GUID*,PSID,BOOL,BOOL);
-+NTSYSAPI NTSTATUS  WINAPI RtlAddMandatoryAce(PACL,DWORD,DWORD,DWORD,DWORD,PSID);
- NTSYSAPI void      WINAPI RtlAddRefActivationContext(HANDLE);
- NTSYSAPI PVOID     WINAPI RtlAddVectoredExceptionHandler(ULONG,PVECTORED_EXCEPTION_HANDLER);
- NTSYSAPI NTSTATUS  WINAPI RtlAdjustPrivilege(ULONG,BOOLEAN,BOOLEAN,PBOOLEAN);
--- 
-2.9.0
-

patches/advapi32-AddMandatoryAce/definition

@@ -1 +0,0 @@
-Fixes: Implement advapi32.AddMandatoryAce

patches/advapi32-GetExplicitEntriesFromAclW/0001-advapi32-Implement-GetExplicitEntriesFromAclW.patch

@@ -1,4 +1,4 @@
-From cb383abcb7d36d739092a93c1f276895622b6806 Mon Sep 17 00:00:00 2001
+From b4469d7a12637ef2b57df3f6aebbe65c9b52ef57 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sun, 28 Aug 2016 21:56:41 +0200
 Subject: advapi32: Implement GetExplicitEntriesFromAclW.
@@ -9,7 +9,7 @@ Subject: advapi32: Implement GetExplicitEntriesFromAclW.
  2 files changed, 221 insertions(+), 2 deletions(-)
 
 diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
-index 92a1789..c60aa4e 100644
+index 7e41c0a7361..ccd0bf64cab 100644
 --- a/dlls/advapi32/security.c
 +++ b/dlls/advapi32/security.c
 @@ -4202,8 +4202,85 @@ DWORD WINAPI GetExplicitEntriesFromAclA( PACL pacl, PULONG pcCountOfExplicitEntr
@@ -101,7 +101,7 @@ index 92a1789..c60aa4e 100644
  
  /******************************************************************************
 diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
-index cf104ab..2bcb108 100644
+index c31dfbeace3..23cbff58117 100644
 --- a/dlls/advapi32/tests/security.c
 +++ b/dlls/advapi32/tests/security.c
 @@ -133,6 +133,7 @@ static BOOL     (WINAPI *pGetWindowsAccountDomainSid)(PSID,PSID,DWORD*);
@@ -120,8 +120,8 @@ index cf104ab..2bcb108 100644
  
      myARGC = winetest_get_mainargs( &myARGV );
  }
-@@ -6378,6 +6380,145 @@ static void test_pseudo_tokens(void)
-                  "Expected ERROR_NO_TOKEN, got %u\n", GetLastError());
+@@ -6451,6 +6453,145 @@ static void test_maximum_allowed(void)
+     CloseHandle(handle);
  }
  
 +static void test_GetExplicitEntriesFromAclW(void)
@@ -266,12 +266,12 @@ index cf104ab..2bcb108 100644
  START_TEST(security)
  {
      init();
-@@ -6424,4 +6565,5 @@ START_TEST(security)
-     test_system_security_access();
+@@ -6499,4 +6640,5 @@ START_TEST(security)
      test_GetSidIdentifierAuthority();
      test_pseudo_tokens();
+     test_maximum_allowed();
 +    test_GetExplicitEntriesFromAclW();
  }
 -- 
-2.9.0
+2.11.0
 

patches/advapi32-LookupSecurityDescriptorParts/0001-advapi32-add-LookupSecurityDescriptorPartsA-W-stubs.patch

@@ -0,0 +1,61 @@
+From bb079b53bc79d44987d5f7ac93d0e1d2c5b00698 Mon Sep 17 00:00:00 2001
+From: Austin English <austinenglish@gmail.com>
+Date: Wed, 9 Nov 2016 21:46:10 -0600
+Subject: advapi32: add LookupSecurityDescriptorPartsA/W stubs
+
+Fixes https://bugs.winehq.org/show_bug.cgi?id=41682
+---
+ dlls/advapi32/advapi32.spec |  4 ++--
+ dlls/advapi32/security.c    | 24 ++++++++++++++++++++++++
+ 2 files changed, 26 insertions(+), 2 deletions(-)
+
+diff --git a/dlls/advapi32/advapi32.spec b/dlls/advapi32/advapi32.spec
+index 6c57c88adf7..88d8634ef64 100644
+--- a/dlls/advapi32/advapi32.spec
++++ b/dlls/advapi32/advapi32.spec
+@@ -415,8 +415,8 @@
+ @ stdcall LookupPrivilegeNameW(wstr ptr ptr ptr)
+ @ stdcall LookupPrivilegeValueA(ptr ptr ptr)
+ @ stdcall LookupPrivilegeValueW(ptr ptr ptr)
+-# @ stub LookupSecurityDescriptorPartsA
+-# @ stub LookupSecurityDescriptorPartsW
++@ stdcall LookupSecurityDescriptorPartsA(ptr ptr ptr ptr ptr ptr ptr)
++@ stdcall LookupSecurityDescriptorPartsW(ptr ptr ptr ptr ptr ptr ptr)
+ @ stdcall LsaAddAccountRights(ptr ptr ptr long)
+ @ stub LsaAddPrivilegesToAccount
+ # @ stub LsaClearAuditLog
+diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
+index 3b5d7a42b6f..01e8ea02706 100644
+--- a/dlls/advapi32/security.c
++++ b/dlls/advapi32/security.c
+@@ -6199,3 +6199,27 @@ BOOL WINAPI SaferSetLevelInformation(SAFER_LEVEL_HANDLE handle, SAFER_OBJECT_INF
+     FIXME("(%p %u %p %u) stub\n", handle, infotype, buffer, size);
+     return FALSE;
+ }
++
++/******************************************************************************
++ * LookupSecurityDescriptorPartsA   [ADVAPI32.@]
++ */
++DWORD WINAPI LookupSecurityDescriptorPartsA(TRUSTEEA *owner, TRUSTEEA *group, ULONG *access_count,
++                                            EXPLICIT_ACCESSA *access_list, ULONG *audit_count,
++                                            EXPLICIT_ACCESSA *audit_list, SECURITY_DESCRIPTOR *descriptor)
++{
++    FIXME("(%p %p %p %p %p %p %p) stub\n", owner, group, access_count,
++          access_list, audit_count, audit_list, descriptor);
++    return ERROR_CALL_NOT_IMPLEMENTED;
++}
++
++/******************************************************************************
++ * LookupSecurityDescriptorPartsW   [ADVAPI32.@]
++ */
++DWORD WINAPI LookupSecurityDescriptorPartsW(TRUSTEEW *owner, TRUSTEEW *group, ULONG *access_count,
++                                            EXPLICIT_ACCESSW *access_list, ULONG *audit_count,
++                                            EXPLICIT_ACCESSW *audit_list, SECURITY_DESCRIPTOR *descriptor)
++{
++    FIXME("(%p %p %p %p %p %p %p) stub\n", owner, group, access_count,
++          access_list, audit_count, audit_list, descriptor);
++    return ERROR_CALL_NOT_IMPLEMENTED;
++}
+-- 
+2.11.0
+

patches/advapi32-LookupSecurityDescriptorParts/definition

@@ -0,0 +1 @@
+Fixes: [41682] Add stub for advapi32.LookupSecurityDescriptorPartsA/W

patches/advapi32-LsaLookupSids/0004-advapi32-Fallback-to-Sid-string-when-LookupAccountSi.patch

@@ -1,4 +1,4 @@
-From 616c17cc58a4943d3a367704943e737d5713740d Mon Sep 17 00:00:00 2001
+From 77d43d721793edda9b419f7426442a35f0cb5918 Mon Sep 17 00:00:00 2001
 From: Qian Hong <qhong@codeweavers.com>
 Date: Tue, 7 Apr 2015 11:23:34 +0800
 Subject: advapi32: Fallback to Sid string when LookupAccountSid fails.
@@ -8,7 +8,7 @@ Subject: advapi32: Fallback to Sid string when LookupAccountSid fails.
  1 file changed, 31 insertions(+)
 
 diff --git a/dlls/advapi32/lsa.c b/dlls/advapi32/lsa.c
-index 258b8ca..93afa20 100644
+index 1b270a80829..b8dedbd6d58 100644
 --- a/dlls/advapi32/lsa.c
 +++ b/dlls/advapi32/lsa.c
 @@ -29,6 +29,7 @@
@@ -19,8 +19,8 @@ index 258b8ca..93afa20 100644
  #include "advapi32_misc.h"
  
  #include "wine/debug.h"
-@@ -554,6 +555,21 @@ NTSTATUS WINAPI LsaLookupSids(
-                 heap_free(name);
+@@ -562,6 +563,21 @@ NTSTATUS WINAPI LsaLookupSids(
+                 domain.MaximumLength = sizeof(WCHAR);
              }
          }
 +        else
@@ -41,9 +41,9 @@ index 258b8ca..93afa20 100644
      }
  
      /* now we have full length needed for both */
-@@ -593,6 +609,21 @@ NTSTATUS WINAPI LsaLookupSids(
-                 heap_free(domain.Buffer);
-             }
+@@ -605,6 +621,21 @@ NTSTATUS WINAPI LsaLookupSids(
+             (*Names)[i].DomainIndex = lsa_reflist_add_domain(*ReferencedDomains, &domain, &domain_data);
+             heap_free(domain.Buffer);
          }
 +        else
 +        {
@@ -64,5 +64,5 @@ index 258b8ca..93afa20 100644
          name_buffer += name_size;
      }
 -- 
-2.3.5
+2.11.0
 

patches/api-ms-win-Stub_DLLs/0001-kernelbase-Add-dll-and-add-stub-for-QuirkIsEnabled.patch

@@ -1,4 +1,4 @@
-From 51fb5229fdb33887fe25440defc8df09d1623abb Mon Sep 17 00:00:00 2001
+From 306414ced0169b9ee4de34706e9235acb1bd93d6 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Fri, 15 Jan 2016 13:01:15 +0100
 Subject: kernelbase: Add dll and add stub for QuirkIsEnabled.
@@ -13,7 +13,7 @@ Subject: kernelbase: Add dll and add stub for QuirkIsEnabled.
  create mode 100644 dlls/kernelbase/misc.c
 
 diff --git a/dlls/kernelbase/Makefile.in b/dlls/kernelbase/Makefile.in
-index b9caed0..2beb34b 100644
+index b9caed090b2..2beb34bafdb 100644
 --- a/dlls/kernelbase/Makefile.in
 +++ b/dlls/kernelbase/Makefile.in
 @@ -1 +1,4 @@
@@ -22,7 +22,7 @@ index b9caed0..2beb34b 100644
 +C_SRCS = \
 +	misc.c
 diff --git a/dlls/kernelbase/kernelbase.spec b/dlls/kernelbase/kernelbase.spec
-index f104030..e09112e 100644
+index f104030ab25..74ff728cbc8 100644
 --- a/dlls/kernelbase/kernelbase.spec
 +++ b/dlls/kernelbase/kernelbase.spec
 @@ -1,3 +1,6 @@
@@ -96,7 +96,7 @@ index f104030..e09112e 100644
 -@ stub BaseReleaseProcessDllPath
 -@ stub BaseReleaseProcessExePath
 +@ stub BaseDumpAppcompatCache
-+@ stub BaseFlushAppcompatCache
++@ stdcall BaseFlushAppcompatCache() kernel32.BaseFlushAppcompatCache
 +@ stub BaseFormatObjectAttributes
 +@ stub BaseFreeAppCompatDataForProcess
 +@ stub BaseGetNamedObjectDirectory
@@ -244,7 +244,7 @@ index f104030..e09112e 100644
 +@ stdcall CreateWaitableTimerW(ptr long wstr) kernel32.CreateWaitableTimerW
  @ stdcall CreateWellKnownSid(long ptr ptr ptr) advapi32.CreateWellKnownSid
 +@ stub CtrlRoutine
-+@ stdcall DeactivateActCtx(long ptr) kernel32.DeactivateActCtx
++@ stdcall DeactivateActCtx(long long) kernel32.DeactivateActCtx
 +@ stdcall DebugActiveProcess(long) kernel32.DebugActiveProcess
 +@ stdcall DebugActiveProcessStop(long) kernel32.DebugActiveProcessStop
  @ stdcall DebugBreak() kernel32.DebugBreak
@@ -433,7 +433,7 @@ index f104030..e09112e 100644
  @ stub GetCalendar
  @ stdcall GetCalendarInfoEx(wstr long ptr long ptr long ptr) kernel32.GetCalendarInfoEx
  @ stdcall GetCalendarInfoW(long long long ptr long ptr) kernel32.GetCalendarInfoW
-+@ stdcall GetCommConfig(long ptr long) kernel32.GetCommConfig
++@ stdcall GetCommConfig(long ptr ptr) kernel32.GetCommConfig
 +@ stdcall GetCommMask(long ptr) kernel32.GetCommMask
 +@ stdcall GetCommModemStatus(long ptr) kernel32.GetCommModemStatus
 +@ stdcall GetCommProperties(long ptr) kernel32.GetCommProperties
@@ -1354,7 +1354,7 @@ index f104030..e09112e 100644
 +@ stub SetClientTimeZoneInformation
 +@ stdcall SetCommBreak(long) kernel32.SetCommBreak
 +@ stdcall SetCommConfig(long ptr long) kernel32.SetCommConfig
-+@ stdcall SetCommMask(long ptr) kernel32.SetCommMask
++@ stdcall SetCommMask(long long) kernel32.SetCommMask
 +@ stdcall SetCommState(long ptr) kernel32.SetCommState
 +@ stdcall SetCommTimeouts(long ptr) kernel32.SetCommTimeouts
 +@ stdcall SetComputerNameA(str) kernel32.SetComputerNameA
@@ -1715,7 +1715,7 @@ index f104030..e09112e 100644
 +@ stub wprintf
 diff --git a/dlls/kernelbase/misc.c b/dlls/kernelbase/misc.c
 new file mode 100644
-index 0000000..be1591a
+index 00000000000..be1591aee7e
 --- /dev/null
 +++ b/dlls/kernelbase/misc.c
 @@ -0,0 +1,37 @@
@@ -1757,7 +1757,7 @@ index 0000000..be1591a
 +    return FALSE;
 +}
 diff --git a/dlls/shlwapi/shlwapi.spec b/dlls/shlwapi/shlwapi.spec
-index 6b6ead2..7c2a9d1 100644
+index 6b6ead26968..7c2a9d117e0 100644
 --- a/dlls/shlwapi/shlwapi.spec
 +++ b/dlls/shlwapi/shlwapi.spec
 @@ -417,7 +417,7 @@
@@ -1770,10 +1770,10 @@ index 6b6ead2..7c2a9d1 100644
  422 stdcall -noname SHGlobalCounterCreateNamedA(str long)
  423 stdcall -noname SHGlobalCounterCreateNamedW(wstr long)
 diff --git a/tools/make_specfiles b/tools/make_specfiles
-index 8e11529..eba8548 100755
+index 1e2400e4c7f..a245aefe406 100755
 --- a/tools/make_specfiles
 +++ b/tools/make_specfiles
-@@ -233,6 +233,7 @@ my @dll_groups =
+@@ -249,6 +249,7 @@ my @dll_groups =
   [
    "kernel32",
    "advapi32",
@@ -1782,5 +1782,5 @@ index 8e11529..eba8548 100755
    "kernelbase",
    "api-ms-win-core-bem-l1-1-0",
 -- 
-2.9.0
+2.11.0
 

patches/avifil32-AVIFileGetStream/0001-avifil32-AVIFileGetStream-should-set-stream-to-NULL-.patch

@@ -1,42 +0,0 @@
-From 64ce8c391c3706a2b3ce9b5f8f76710d5751a766 Mon Sep 17 00:00:00 2001
-From: Dmitry Timoshkov <dmitry@baikal.ru>
-Date: Thu, 20 Oct 2016 17:48:24 +0800
-Subject: avifil32: AVIFileGetStream should set stream to NULL in case of an
- error.
-
----
- dlls/avifil32/avifile.c   | 1 +
- dlls/avifil32/tests/api.c | 5 +++++
- 2 files changed, 6 insertions(+)
-
-diff --git a/dlls/avifil32/avifile.c b/dlls/avifil32/avifile.c
-index f649d05..7a4caaa 100644
---- a/dlls/avifil32/avifile.c
-+++ b/dlls/avifil32/avifile.c
-@@ -316,6 +316,7 @@ static HRESULT WINAPI IAVIFile_fnGetStream(IAVIFile *iface, IAVIStream **avis, D
-   }
- 
-   /* Sorry, but the specified stream doesn't exist */
-+  *avis = NULL;
-   return AVIERR_NODATA;
- }
- 
-diff --git a/dlls/avifil32/tests/api.c b/dlls/avifil32/tests/api.c
-index b3d822d..8a00865 100644
---- a/dlls/avifil32/tests/api.c
-+++ b/dlls/avifil32/tests/api.c
-@@ -373,6 +373,11 @@ static void test_default_data(void)
-     res = AVIFileOpenA(&pFile, filename, OF_SHARE_DENY_WRITE, 0L);
-     ok(res == 0, "Unable to open file: error=%u\n", res);
- 
-+    pStream0 = (void *)0xdeadbeef;
-+    res = AVIFileGetStream(pFile, &pStream0, ~0, 0);
-+    ok(res == AVIERR_NODATA, "expected AVIERR_NODATA, got %#x\n", res);
-+    ok(pStream0 == NULL, "AVIFileGetStream should set stream to NULL\n");
-+
-     res = AVIFileGetStream(pFile, &pStream0, 0, 0);
-     ok(res == 0, "Unable to open video stream: error=%u\n", res);
- 
--- 
-2.9.0
-

patches/avifil32-AVIFileGetStream/definition

@@ -1 +0,0 @@
-Fixes: [41579] AVIFileGetStream should set stream to NULL in case of an error

patches/bcrypt-Improvements/0001-bcrypt-Add-AES-provider.patch

@@ -1,4 +1,4 @@
-From b6efa0b8bb1bba73863ca985c13d46a5eaec4198 Mon Sep 17 00:00:00 2001
+From 489a67ec803b382248134be53f3449c206e208ff Mon Sep 17 00:00:00 2001
 From: Hans Leidekker <hans@codeweavers.com>
 Date: Mon, 19 Dec 2016 19:38:52 +0100
 Subject: bcrypt: Add AES provider.
@@ -7,11 +7,12 @@ Subject: bcrypt: Add AES provider.
  dlls/bcrypt/bcrypt.spec    |  10 +-
  dlls/bcrypt/bcrypt_main.c  | 347 ++++++++++++++++++++++++++++++++++++++++++++-
  dlls/bcrypt/tests/bcrypt.c |  18 +--
+ dlls/ncrypt/ncrypt.spec    |  10 +-
  include/bcrypt.h           |   3 +
- 4 files changed, 352 insertions(+), 26 deletions(-)
+ 5 files changed, 357 insertions(+), 31 deletions(-)
 
 diff --git a/dlls/bcrypt/bcrypt.spec b/dlls/bcrypt/bcrypt.spec
-index e299fe0..962953e 100644
+index e299fe0cce8..962953e509b 100644
 --- a/dlls/bcrypt/bcrypt.spec
 +++ b/dlls/bcrypt/bcrypt.spec
 @@ -5,15 +5,15 @@
@@ -52,7 +53,7 @@ index e299fe0..962953e 100644
  @ stub BCryptUnregisterConfigChangeNotify
  @ stub BCryptUnregisterProvider
 diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
-index 6023c94..937bdf7 100644
+index 6023c942e49..5867dbdc3fa 100644
 --- a/dlls/bcrypt/bcrypt_main.c
 +++ b/dlls/bcrypt/bcrypt_main.c
 @@ -49,6 +49,10 @@ WINE_DECLARE_DEBUG_CHANNEL(winediag);
@@ -207,7 +208,7 @@ index 6023c94..937bdf7 100644
      return BCryptDestroyHash( handle );
  }
  
-+#if defined(HAVE_GNUTLS_HASH)
++#if defined(HAVE_GNUTLS_HASH) && !defined(HAVE_COMMONCRYPTO_COMMONDIGEST_H)
 +struct key
 +{
 +    struct object      hdr;
@@ -469,7 +470,7 @@ index 6023c94..937bdf7 100644
 +    struct key *key = handle;
 +    NTSTATUS status;
 +
-+    FIXME( "%p, %p, %u, %p, %p, %u, %p, %u, %p, %08x\n", handle, input, input_len,
++    TRACE( "%p, %p, %u, %p, %p, %u, %p, %u, %p, %08x\n", handle, input, input_len,
 +           padding, iv, iv_len, output, output_len, ret_len, flags );
 +
 +    if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
@@ -498,7 +499,7 @@ index 6023c94..937bdf7 100644
  {
      switch (reason)
 diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
-index 3e41335..2668153 100644
+index 422f2cfd340..d2df74ed919 100644
 --- a/dlls/bcrypt/tests/bcrypt.c
 +++ b/dlls/bcrypt/tests/bcrypt.c
 @@ -780,7 +780,7 @@ static void test_aes(void)
@@ -510,7 +511,7 @@ index 3e41335..2668153 100644
      alg = NULL;
      ret = pBCryptOpenAlgorithmProvider(&alg, BCRYPT_AES_ALGORITHM, MS_PRIMITIVE_PROVIDER, 0);
      ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-@@ -828,7 +828,6 @@ todo_wine {
+@@ -814,7 +814,6 @@ todo_wine {
      ret = pBCryptCloseAlgorithmProvider(alg, 0);
      ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
  }
@@ -518,7 +519,7 @@ index 3e41335..2668153 100644
  
  static void test_BCryptGenerateSymmetricKey(void)
  {
-@@ -847,11 +846,6 @@ static void test_BCryptGenerateSymmetricKey(void)
+@@ -833,11 +832,6 @@ static void test_BCryptGenerateSymmetricKey(void)
      NTSTATUS ret;
  
      ret = pBCryptOpenAlgorithmProvider(&aes, BCRYPT_AES_ALGORITHM, NULL, 0);
@@ -530,7 +531,7 @@ index 3e41335..2668153 100644
      ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
  
      len = size = 0xdeadbeef;
-@@ -936,11 +930,6 @@ static void test_BCryptEncrypt(void)
+@@ -922,11 +916,6 @@ static void test_BCryptEncrypt(void)
      NTSTATUS ret;
  
      ret = pBCryptOpenAlgorithmProvider(&aes, BCRYPT_AES_ALGORITHM, NULL, 0);
@@ -542,7 +543,7 @@ index 3e41335..2668153 100644
      ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
  
      len = 0xdeadbeef;
-@@ -1027,11 +1016,6 @@ static void test_BCryptDecrypt(void)
+@@ -1013,11 +1002,6 @@ static void test_BCryptDecrypt(void)
      NTSTATUS ret;
  
      ret = pBCryptOpenAlgorithmProvider(&aes, BCRYPT_AES_ALGORITHM, NULL, 0);
@@ -554,8 +555,51 @@ index 3e41335..2668153 100644
      ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
  
      len = 0xdeadbeef;
+diff --git a/dlls/ncrypt/ncrypt.spec b/dlls/ncrypt/ncrypt.spec
+index 04127608d68..60b7eb37075 100644
+--- a/dlls/ncrypt/ncrypt.spec
++++ b/dlls/ncrypt/ncrypt.spec
+@@ -5,17 +5,17 @@
+ @ stub BCryptConfigureContextFunction
+ @ stub BCryptCreateContext
+ @ stdcall BCryptCreateHash(ptr ptr ptr long ptr long long) bcrypt.BCryptCreateHash
+-@ stub BCryptDecrypt
++@ stdcall BCryptDecrypt(ptr ptr long ptr ptr long ptr long ptr long) bcrypt.BCryptDecrypt
+ @ stub BCryptDeleteContext
+ @ stub BCryptDeriveKey
+ @ stub BCryptDeriveKeyCapi
+ @ stub BCryptDeriveKeyPBKDF2
+ @ stdcall BCryptDestroyHash(ptr) bcrypt.BCryptDestroyHash
+-@ stub BCryptDestroyKey
++@ stdcall BCryptDestroyKey(ptr) bcrypt.BCryptDestroyKey
+ @ stub BCryptDestroySecret
+ @ stub BCryptDuplicateHash
+ @ stub BCryptDuplicateKey
+-@ stub BCryptEncrypt
++@ stdcall BCryptEncrypt(ptr ptr long ptr ptr long ptr long ptr long) bcrypt.BCryptEncrypt
+ @ stdcall BCryptEnumAlgorithms(long ptr ptr long) bcrypt.BCryptEnumAlgorithms
+ @ stub BCryptEnumContextFunctionProviders
+ @ stub BCryptEnumContextFunctions
+@@ -28,7 +28,7 @@
+ @ stub BCryptFreeBuffer
+ @ stdcall BCryptGenRandom(ptr ptr long long) bcrypt.BCryptGenRandom
+ @ stub BCryptGenerateKeyPair
+-@ stub BCryptGenerateSymmetricKey
++@ stdcall BCryptGenerateSymmetricKey(ptr ptr ptr long ptr long long) bcrypt.BCryptGenerateSymmetricKey
+ @ stdcall BCryptGetFipsAlgorithmMode(ptr) bcrypt.BCryptGetFipsAlgorithmMode
+ @ stdcall BCryptGetProperty(ptr wstr ptr long ptr long) bcrypt.BCryptGetProperty
+ @ stdcall BCryptHash(ptr ptr long ptr long ptr long) bcrypt.BCryptHash
+@@ -49,7 +49,7 @@
+ @ stub BCryptSecretAgreement
+ @ stub BCryptSetAuditingInterface
+ @ stub BCryptSetContextFunctionProperty
+-@ stub BCryptSetProperty
++@ stdcall BCryptSetProperty(ptr wstr ptr long long) bcrypt.BCryptSetProperty
+ @ stub BCryptSignHash
+ @ stub BCryptUnregisterConfigChangeNotify
+ @ stub BCryptUnregisterProvider
 diff --git a/include/bcrypt.h b/include/bcrypt.h
-index 05d0691..6af85e3 100644
+index 05d0691f9c3..6af85e36143 100644
 --- a/include/bcrypt.h
 +++ b/include/bcrypt.h
 @@ -74,6 +74,9 @@ typedef LONG NTSTATUS;
@@ -569,5 +613,5 @@ index 05d0691..6af85e3 100644
  typedef struct _BCRYPT_ALGORITHM_IDENTIFIER
  {
 -- 
-2.9.0
+2.11.0
 

patches/bcrypt-Improvements/0003-bcrypt-Add-internal-fallback-implementation-for-hash.patch

@@ -1,4 +1,4 @@
-From ecff30df4deadc0df006a880a5528343a4ab788f Mon Sep 17 00:00:00 2001
+From 3439b4e5a1fd05c4fb68491c3814de2581e8a5aa Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Tue, 20 Dec 2016 02:36:57 +0100
 Subject: bcrypt: Add internal fallback implementation for hash calculations.
@@ -17,7 +17,7 @@ Subject: bcrypt: Add internal fallback implementation for hash calculations.
  create mode 100644 dlls/bcrypt/sha512.c
 
 diff --git a/dlls/bcrypt/Makefile.in b/dlls/bcrypt/Makefile.in
-index ef9d7ea..38753bd 100644
+index ef9d7ead6bc..f54fc5cd482 100644
 --- a/dlls/bcrypt/Makefile.in
 +++ b/dlls/bcrypt/Makefile.in
 @@ -4,6 +4,9 @@ IMPORTLIB = bcrypt
@@ -27,13 +27,13 @@ index ef9d7ea..38753bd 100644
 -	bcrypt_main.c
 +	bcrypt_main.c \
 +	sha256.c \
-+	sha512.c \
-+	sha384.c
++	sha384.c \
++	sha512.c
  
  RC_SRCS = version.rc
 diff --git a/dlls/bcrypt/bcrypt_internal.h b/dlls/bcrypt/bcrypt_internal.h
 new file mode 100644
-index 0000000..8a8f6d1
+index 00000000000..8a8f6d170c4
 --- /dev/null
 +++ b/dlls/bcrypt/bcrypt_internal.h
 @@ -0,0 +1,79 @@
@@ -117,7 +117,7 @@ index 0000000..8a8f6d1
 +
 +#endif /* __BCRYPT_INTERNAL_H */
 diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
-index af2314a..9441cf0 100644
+index 1f22063dbda..fbaece21f47 100644
 --- a/dlls/bcrypt/bcrypt_main.c
 +++ b/dlls/bcrypt/bcrypt_main.c
 @@ -36,6 +36,8 @@
@@ -251,7 +251,7 @@ index af2314a..9441cf0 100644
  
 diff --git a/dlls/bcrypt/sha256.c b/dlls/bcrypt/sha256.c
 new file mode 100644
-index 0000000..48c4a48
+index 00000000000..48c4a48d031
 --- /dev/null
 +++ b/dlls/bcrypt/sha256.c
 @@ -0,0 +1,169 @@
@@ -426,7 +426,7 @@ index 0000000..48c4a48
 +}
 diff --git a/dlls/bcrypt/sha384.c b/dlls/bcrypt/sha384.c
 new file mode 100644
-index 0000000..81e7e08
+index 00000000000..81e7e08fd07
 --- /dev/null
 +++ b/dlls/bcrypt/sha384.c
 @@ -0,0 +1,41 @@
@@ -473,7 +473,7 @@ index 0000000..81e7e08
 +}
 diff --git a/dlls/bcrypt/sha512.c b/dlls/bcrypt/sha512.c
 new file mode 100644
-index 0000000..fdd7867
+index 00000000000..fdd7867eab7
 --- /dev/null
 +++ b/dlls/bcrypt/sha512.c
 @@ -0,0 +1,191 @@
@@ -669,5 +669,5 @@ index 0000000..fdd7867
 +    }
 +}
 -- 
-2.9.0
+2.11.0
 

patches/bcrypt-Improvements/0005-bcrypt-Implement-BCryptDuplicateHash.patch

@@ -1,4 +1,4 @@
-From 9331e2a78e8ec0ba29ed1041a9f851ffd39cc249 Mon Sep 17 00:00:00 2001
+From 3dc21336baced97a110773ac9e72db210a56af82 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Tue, 20 Dec 2016 03:59:19 +0100
 Subject: bcrypt: Implement BCryptDuplicateHash.
@@ -7,10 +7,11 @@ FIXME: Should we check for NULL pointers?
 ---
  dlls/bcrypt/bcrypt.spec   |  2 +-
  dlls/bcrypt/bcrypt_main.c | 18 ++++++++++++++++++
- 2 files changed, 19 insertions(+), 1 deletion(-)
+ dlls/ncrypt/ncrypt.spec   |  2 +-
+ 3 files changed, 20 insertions(+), 2 deletions(-)
 
 diff --git a/dlls/bcrypt/bcrypt.spec b/dlls/bcrypt/bcrypt.spec
-index 962953e..9ecd21d 100644
+index 962953e509b..9ecd21d767c 100644
 --- a/dlls/bcrypt/bcrypt.spec
 +++ b/dlls/bcrypt/bcrypt.spec
 @@ -11,7 +11,7 @@
@@ -23,7 +24,7 @@ index 962953e..9ecd21d 100644
  @ stdcall BCryptEncrypt(ptr ptr long ptr ptr long ptr long ptr long)
  @ stdcall BCryptEnumAlgorithms(long ptr ptr long)
 diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
-index 3e2b22d..944a9ea 100644
+index 4f09948096c..3eb0135b37c 100644
 --- a/dlls/bcrypt/bcrypt_main.c
 +++ b/dlls/bcrypt/bcrypt_main.c
 @@ -672,6 +672,24 @@ end:
@@ -51,6 +52,19 @@ index 3e2b22d..944a9ea 100644
  NTSTATUS WINAPI BCryptDestroyHash( BCRYPT_HASH_HANDLE handle )
  {
      struct hash *hash = handle;
+diff --git a/dlls/ncrypt/ncrypt.spec b/dlls/ncrypt/ncrypt.spec
+index 60b7eb37075..1a78853bf49 100644
+--- a/dlls/ncrypt/ncrypt.spec
++++ b/dlls/ncrypt/ncrypt.spec
+@@ -13,7 +13,7 @@
+ @ stdcall BCryptDestroyHash(ptr) bcrypt.BCryptDestroyHash
+ @ stdcall BCryptDestroyKey(ptr) bcrypt.BCryptDestroyKey
+ @ stub BCryptDestroySecret
+-@ stub BCryptDuplicateHash
++@ stdcall BCryptDuplicateHash(ptr ptr ptr long long) bcrypt.BCryptDuplicateHash
+ @ stub BCryptDuplicateKey
+ @ stdcall BCryptEncrypt(ptr ptr long ptr ptr long ptr long ptr long) bcrypt.BCryptEncrypt
+ @ stdcall BCryptEnumAlgorithms(long ptr ptr long) bcrypt.BCryptEnumAlgorithms
 -- 
-2.9.0
+2.11.0
 

patches/bcrypt-Improvements/0006-bcrypt-Fix-handling-of-padding-when-input-size-equal.patch

@@ -1,16 +1,16 @@
-From 8554c6eea279baa21e10d3b742e1c62a732bbe69 Mon Sep 17 00:00:00 2001
+From 026aff5aa7c66fdc8e8c724dc73217585e8edf91 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Wed, 21 Dec 2016 04:09:03 +0100
 Subject: bcrypt: Fix handling of padding when input size equals block size for
  AES.
 
 ---
- dlls/bcrypt/bcrypt_main.c  | 13 +++++++------
+ dlls/bcrypt/bcrypt_main.c  | 14 ++++++++------
  dlls/bcrypt/tests/bcrypt.c | 33 ++++++++++++++++++++++++++++++++-
- 2 files changed, 39 insertions(+), 7 deletions(-)
+ 2 files changed, 40 insertions(+), 7 deletions(-)
 
 diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
-index 944a9ea..f97638f 100644
+index 944a9ea..f53ea1c 100644
 --- a/dlls/bcrypt/bcrypt_main.c
 +++ b/dlls/bcrypt/bcrypt_main.c
 @@ -997,11 +997,12 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
@@ -31,12 +31,13 @@ index 944a9ea..f97638f 100644
      if (!output) return STATUS_SUCCESS;
      if (output_len < *ret_len) return STATUS_BUFFER_TOO_SMALL;
  
-@@ -1014,7 +1015,7 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
+@@ -1014,7 +1015,8 @@ NTSTATUS WINAPI BCryptEncrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
          src += key->block_size;
          dst += key->block_size;
      }
 -    if (bytes_left)
-+    if (bytes_left || (flags & BCRYPT_BLOCK_PADDING))
++
++    if (flags & BCRYPT_BLOCK_PADDING)
      {
          if (!(buf = HeapAlloc( GetProcessHeap(), 0, key->block_size ))) return STATUS_NO_MEMORY;
          memcpy( buf, src, bytes_left );

patches/bcrypt-Improvements/0007-bcrypt-Properly-handle-padding-in-AES-decryption.patch

@@ -20,7 +20,7 @@ index f97638f..653301b 100644
 +    UCHAR *buf, *src, *dst;
      NTSTATUS status;
  
-     FIXME( "%p, %p, %u, %p, %p, %u, %p, %u, %p, %08x\n", handle, input, input_len,
+     TRACE( "%p, %p, %u, %p, %p, %u, %p, %u, %p, %08x\n", handle, input, input_len,
 @@ -1052,11 +1054,44 @@ NTSTATUS WINAPI BCryptDecrypt( BCRYPT_KEY_HANDLE handle, UCHAR *input, ULONG inp
      if ((status = key_set_params( key, iv, iv_len ))) return status;
  

patches/bcrypt-Improvements/0008-bcrypt-Fix-use-after-free-in-key_init.patch

@@ -0,0 +1,39 @@
+From f7dc69131cc016917b31c5deedf97da31b11c597 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
+Date: Mon, 26 Dec 2016 02:43:39 +0100
+Subject: bcrypt: Fix use-after-free in key_init.
+
+---
+ dlls/bcrypt/bcrypt_main.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
+index 09bf6c30..a9006a4 100644
+--- a/dlls/bcrypt/bcrypt_main.c
++++ b/dlls/bcrypt/bcrypt_main.c
+@@ -791,6 +791,8 @@ static ULONG get_block_size( enum alg_id alg )
+ 
+ static NTSTATUS key_init( struct key *key, enum alg_id id, UCHAR *secret, ULONG secret_len )
+ {
++    UCHAR *buffer;
++
+     if (!libgnutls_handle) return STATUS_INTERNAL_ERROR;
+ 
+     switch (id)
+@@ -804,10 +806,12 @@ static NTSTATUS key_init( struct key *key, enum alg_id id, UCHAR *secret, ULONG
+     }
+ 
+     if (!(key->block_size = get_block_size( id ))) return STATUS_INVALID_PARAMETER;
++    if (!(buffer = HeapAlloc( GetProcessHeap(), 0, secret_len ))) return STATUS_NO_MEMORY;
++    memcpy( buffer, secret, secret_len );
+ 
+     key->alg_id     = id;
+     key->handle     = 0;        /* initialized on first use */
+-    key->secret     = secret;
++    key->secret     = buffer;
+     key->secret_len = secret_len;
+ 
+     return STATUS_SUCCESS;
+-- 
+2.9.0
+

patches/bcrypt-Improvements/0009-bcrypt-Handle-NULL-pointers-in-BCryptDuplicateHash-a.patch

@@ -0,0 +1,83 @@
+From 873d431347aa25effc70e47566e562c122a5edc8 Mon Sep 17 00:00:00 2001
+From: Sebastian Lackner <sebastian@fds-team.de>
+Date: Mon, 26 Dec 2016 04:23:31 +0100
+Subject: bcrypt: Handle NULL pointers in BCryptDuplicateHash and add tests.
+
+---
+ dlls/bcrypt/bcrypt_main.c  |  1 +
+ dlls/bcrypt/tests/bcrypt.c | 26 +++++++++++++++++++++++++-
+ 2 files changed, 26 insertions(+), 1 deletion(-)
+
+diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
+index a9006a4..d1516cc 100644
+--- a/dlls/bcrypt/bcrypt_main.c
++++ b/dlls/bcrypt/bcrypt_main.c
+@@ -681,6 +681,7 @@ NTSTATUS WINAPI BCryptDuplicateHash( BCRYPT_HASH_HANDLE handle, BCRYPT_HASH_HAND
+     TRACE( "%p, %p, %p, %u, %u\n", handle, handle_copy, object, object_count, flags );
+ 
+     if (!hash_orig || hash_orig->hdr.magic != MAGIC_HASH) return STATUS_INVALID_HANDLE;
++    if (!handle_copy) return STATUS_INVALID_PARAMETER;
+     if (!(hash_copy = HeapAlloc( GetProcessHeap(), 0, sizeof(*hash_copy) )))
+         return STATUS_NO_MEMORY;
+ 
+diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
+index 997b298..bfe3a7e 100644
+--- a/dlls/bcrypt/tests/bcrypt.c
++++ b/dlls/bcrypt/tests/bcrypt.c
+@@ -33,6 +33,7 @@ static NTSTATUS (WINAPI *pBCryptCreateHash)(BCRYPT_ALG_HANDLE, BCRYPT_HASH_HANDL
+                                             ULONG, ULONG);
+ static NTSTATUS (WINAPI *pBCryptHash)(BCRYPT_ALG_HANDLE, UCHAR *, ULONG, UCHAR *, ULONG, UCHAR *, ULONG);
+ static NTSTATUS (WINAPI *pBCryptHashData)(BCRYPT_HASH_HANDLE, PUCHAR, ULONG, ULONG);
++static NTSTATUS (WINAPI *pBCryptDuplicateHash)(BCRYPT_HASH_HANDLE, BCRYPT_HASH_HANDLE *, UCHAR *, ULONG, ULONG);
+ static NTSTATUS (WINAPI *pBCryptFinishHash)(BCRYPT_HASH_HANDLE, PUCHAR, ULONG, ULONG);
+ static NTSTATUS (WINAPI *pBCryptDestroyHash)(BCRYPT_HASH_HANDLE);
+ static NTSTATUS (WINAPI *pBCryptGenRandom)(BCRYPT_ALG_HANDLE, PUCHAR, ULONG, ULONG);
+@@ -173,7 +174,7 @@ static void test_sha1(void)
+     static const char expected[] = "961fa64958818f767707072755d7018dcd278e94";
+     static const char expected_hmac[] = "2472cf65d0e090618d769d3e46f0d9446cf212da";
+     BCRYPT_ALG_HANDLE alg;
+-    BCRYPT_HASH_HANDLE hash;
++    BCRYPT_HASH_HANDLE hash, hash2;
+     UCHAR buf[512], buf_hmac[1024], sha1[20], sha1_hmac[20];
+     ULONG size, len;
+     char str[41];
+@@ -260,6 +261,28 @@ static void test_sha1(void)
+     test_hash_length(hash, 20);
+     test_alg_name(hash, "SHA1");
+ 
++    ret = pBCryptDuplicateHash(NULL, &hash2, NULL, 0, 0);
++    ok(ret == STATUS_INVALID_HANDLE, "got %08x\n", ret);
++
++    ret = pBCryptDuplicateHash(hash, NULL, NULL, 0, 0);
++    ok(ret == STATUS_INVALID_PARAMETER, "got %08x\n", ret);
++
++    hash2 = (void *)0xdeadbeef;
++    ret = pBCryptDuplicateHash(hash, &hash2, NULL, 0, 0);
++    ok(ret == STATUS_SUCCESS || broken(ret == STATUS_INVALID_PARAMETER) /* < Win 7 */, "got %08x\n", ret);
++
++    if (ret == STATUS_SUCCESS)
++    {
++        memset(sha1_hmac, 0, sizeof(sha1_hmac));
++        ret = pBCryptFinishHash(hash2, sha1_hmac, sizeof(sha1_hmac), 0);
++        ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
++        format_hash( sha1_hmac, sizeof(sha1_hmac), str );
++        ok(!strcmp(str, expected_hmac), "got %s\n", str);
++
++        ret = pBCryptDestroyHash(hash2);
++        ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
++    }
++
+     memset(sha1_hmac, 0, sizeof(sha1_hmac));
+     ret = pBCryptFinishHash(hash, sha1_hmac, sizeof(sha1_hmac), 0);
+     ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+@@ -1179,6 +1202,7 @@ START_TEST(bcrypt)
+     pBCryptCreateHash = (void *)GetProcAddress(module, "BCryptCreateHash");
+     pBCryptHash = (void *)GetProcAddress(module, "BCryptHash");
+     pBCryptHashData = (void *)GetProcAddress(module, "BCryptHashData");
++    pBCryptDuplicateHash = (void *)GetProcAddress(module, "BCryptDuplicateHash");
+     pBCryptFinishHash = (void *)GetProcAddress(module, "BCryptFinishHash");
+     pBCryptDestroyHash = (void *)GetProcAddress(module, "BCryptDestroyHash");
+     pBCryptGenRandom = (void *)GetProcAddress(module, "BCryptGenRandom");
+-- 
+2.9.0
+