Release 2.21.

Breaks loading of all DOS executables.

patches/Compiler_Warnings/0001-ole32-Fix-compilation-with-recent-versions-of-gcc.patch

@@ -1,26 +0,0 @@
-From 43628d9b1905396ff6442e4f1e07c9dd48739b19 Mon Sep 17 00:00:00 2001
-From: Sebastian Lackner <sebastian@fds-team.de>
-Date: Fri, 14 Apr 2017 15:57:18 +0200
-Subject: ole32: Fix compilation with recent versions of gcc.
-
----
- dlls/ole32/storage32.h | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/dlls/ole32/storage32.h b/dlls/ole32/storage32.h
-index 4fcfd9c362..2b23ab8eb8 100644
---- a/dlls/ole32/storage32.h
-+++ b/dlls/ole32/storage32.h
-@@ -526,6 +526,9 @@ StgStreamImpl* StgStreamImpl_Construct(
- /******************************************************************************
-  * Endian conversion macros
-  */
-+#undef htole32
-+#undef htole16
-+
- #ifdef WORDS_BIGENDIAN
- 
- #define htole32(x) RtlUlongByteSwap(x)
--- 
-2.12.2
-

patches/advapi-LsaLookupPrivilegeName/0001-advapi32-Fix-error-code-when-calling-LsaOpenPolicy-f.patch

@@ -1,4 +1,4 @@
-From ce0ab0ccd6e4953a9673d15e00cf602668469c2c Mon Sep 17 00:00:00 2001
+From 971cfbe9ab8a7cb62c5b3e62fe4fe0bfc4518889 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sun, 5 Mar 2017 23:04:36 +0100
 Subject: advapi32: Fix error code when calling LsaOpenPolicy for non existing
@@ -10,10 +10,10 @@ Subject: advapi32: Fix error code when calling LsaOpenPolicy for non existing
  2 files changed, 11 insertions(+), 1 deletion(-)
 
 diff --git a/dlls/advapi32/lsa.c b/dlls/advapi32/lsa.c
-index b8dedbd6d58..e5e3b1649c0 100644
+index bfd879bbc73..2e021a1ec2d 100644
 --- a/dlls/advapi32/lsa.c
 +++ b/dlls/advapi32/lsa.c
-@@ -692,7 +692,7 @@ NTSTATUS WINAPI LsaOpenPolicy(
+@@ -659,7 +659,7 @@ NTSTATUS WINAPI LsaOpenPolicy(
            ObjectAttributes, DesiredAccess, PolicyHandle);
  
      ADVAPI_ForceLocalComputer(SystemName ? SystemName->Buffer : NULL,
@@ -23,10 +23,10 @@ index b8dedbd6d58..e5e3b1649c0 100644
  
      if(PolicyHandle) *PolicyHandle = (LSA_HANDLE)0xcafe;
 diff --git a/dlls/advapi32/tests/lsa.c b/dlls/advapi32/tests/lsa.c
-index 4daf75f58d1..7ddda731be2 100644
+index 861fea0525e..bb291e65a71 100644
 --- a/dlls/advapi32/tests/lsa.c
 +++ b/dlls/advapi32/tests/lsa.c
-@@ -70,6 +70,8 @@ static BOOL init(void)
+@@ -39,6 +39,8 @@ DEFINE_GUID(GUID_NULL,0,0,0,0,0,0,0,0,0,0,0);
  
  static void test_lsa(void)
  {
@@ -35,7 +35,7 @@ index 4daf75f58d1..7ddda731be2 100644
      NTSTATUS status;
      LSA_HANDLE handle;
      LSA_OBJECT_ATTRIBUTES object_attributes;
-@@ -77,6 +79,14 @@ static void test_lsa(void)
+@@ -46,6 +48,14 @@ static void test_lsa(void)
      ZeroMemory(&object_attributes, sizeof(object_attributes));
      object_attributes.Length = sizeof(object_attributes);
  
@@ -43,13 +43,13 @@ index 4daf75f58d1..7ddda731be2 100644
 +    machine.Length = sizeof(machineW) - 2;
 +    machine.MaximumLength = sizeof(machineW);
 +
-+    status = pLsaOpenPolicy( &machine, &object_attributes, POLICY_LOOKUP_NAMES, &handle);
++    status = LsaOpenPolicy( &machine, &object_attributes, POLICY_LOOKUP_NAMES, &handle);
 +    ok(status == RPC_NT_SERVER_UNAVAILABLE,
 +       "LsaOpenPolicy(POLICY_LOOKUP_NAMES) for invalid machine returned 0x%08x\n", status);
 +
-     status = pLsaOpenPolicy( NULL, &object_attributes, POLICY_ALL_ACCESS, &handle);
+     status = LsaOpenPolicy( NULL, &object_attributes, POLICY_ALL_ACCESS, &handle);
      ok(status == STATUS_SUCCESS || status == STATUS_ACCESS_DENIED,
         "LsaOpenPolicy(POLICY_ALL_ACCESS) returned 0x%08x\n", status);
 -- 
-2.11.0
+2.14.2
 

patches/advapi-LsaLookupPrivilegeName/0003-advapi32-Implement-LsaLookupPrivilegeName.patch

@@ -1,141 +0,0 @@
-From ca415799729a5330fc9def2df8fb9c4ffef80448 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
-Date: Sun, 5 Mar 2017 23:50:06 +0100
-Subject: advapi32: Implement LsaLookupPrivilegeName.
-
----
- dlls/advapi32/advapi32_misc.h |  2 ++
- dlls/advapi32/lsa.c           | 30 ++++++++++++++++++++++++++++--
- dlls/advapi32/security.c      | 27 ++++++++++++++++++---------
- include/ntsecapi.h            |  1 +
- 4 files changed, 49 insertions(+), 11 deletions(-)
-
-diff --git a/dlls/advapi32/advapi32_misc.h b/dlls/advapi32/advapi32_misc.h
-index d116ecb836e..ecb07f635a6 100644
---- a/dlls/advapi32/advapi32_misc.h
-+++ b/dlls/advapi32/advapi32_misc.h
-@@ -68,4 +68,6 @@ static inline WCHAR *strdupAW( const char *src )
-     return dst;
- }
- 
-+const WCHAR * const WellKnownPrivNames[SE_MAX_WELL_KNOWN_PRIVILEGE + 1];
-+
- #endif /* __WINE_ADVAPI32MISC_H */
-diff --git a/dlls/advapi32/lsa.c b/dlls/advapi32/lsa.c
-index 61c91f497eb..e6f88d2fa73 100644
---- a/dlls/advapi32/lsa.c
-+++ b/dlls/advapi32/lsa.c
-@@ -983,6 +983,32 @@ NTSTATUS WINAPI LsaLookupPrivilegeName(
-     LUID *luid,
-     UNICODE_STRING **name)
- {
--    FIXME("(%p,%p,%p) stub\n", handle, luid, name);
--    return STATUS_NO_SUCH_PRIVILEGE;
-+    UNICODE_STRING *priv_unicode;
-+    size_t priv_size;
-+    WCHAR *strW;
-+
-+    TRACE("(%p, %p, %p)\n", handle, luid, name);
-+
-+    if (!handle)
-+        return STATUS_INVALID_HANDLE;
-+
-+    if (!name)
-+        return STATUS_INVALID_PARAMETER;
-+
-+    if (luid->HighPart ||
-+        (luid->LowPart < SE_MIN_WELL_KNOWN_PRIVILEGE ||
-+         luid->LowPart > SE_MAX_WELL_KNOWN_PRIVILEGE ||
-+         !WellKnownPrivNames[luid->LowPart]))
-+        return STATUS_NO_SUCH_PRIVILEGE;
-+
-+    priv_size = (strlenW(WellKnownPrivNames[luid->LowPart]) + 1) * sizeof(WCHAR);
-+    priv_unicode = heap_alloc(sizeof(*priv_unicode) + priv_size);
-+    if (!priv_unicode) return STATUS_NO_MEMORY;
-+
-+    strW = (WCHAR *)(priv_unicode + 1);
-+    strcpyW(strW, WellKnownPrivNames[luid->LowPart]);
-+    RtlInitUnicodeString(priv_unicode, strW);
-+
-+    *name = priv_unicode;
-+    return STATUS_SUCCESS;
- }
-diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
-index e36792cff4b..3bc8f48b19c 100644
---- a/dlls/advapi32/security.c
-+++ b/dlls/advapi32/security.c
-@@ -1840,7 +1840,7 @@ static const WCHAR SE_IMPERSONATE_NAME_W[] =
- static const WCHAR SE_CREATE_GLOBAL_NAME_W[] =
-  { 'S','e','C','r','e','a','t','e','G','l','o','b','a','l','P','r','i','v','i','l','e','g','e',0 };
- 
--static const WCHAR * const WellKnownPrivNames[SE_MAX_WELL_KNOWN_PRIVILEGE + 1] =
-+const WCHAR * const WellKnownPrivNames[SE_MAX_WELL_KNOWN_PRIVILEGE + 1] =
- {
-     NULL,
-     NULL,
-@@ -2043,33 +2043,42 @@ BOOL WINAPI
- LookupPrivilegeNameW( LPCWSTR lpSystemName, PLUID lpLuid, LPWSTR lpName,
-  LPDWORD cchName)
- {
-+    UNICODE_STRING system_name, *priv;
-+    LSA_HANDLE lsa;
-+    NTSTATUS status;
-     size_t privNameLen;
- 
-     TRACE("%s,%p,%p,%p\n",debugstr_w(lpSystemName), lpLuid, lpName, cchName);
- 
--    if (!ADVAPI_IsLocalComputer(lpSystemName))
-+    RtlInitUnicodeString(&system_name, lpSystemName);
-+    status = LsaOpenPolicy(&system_name, NULL, POLICY_LOOKUP_NAMES, &lsa);
-+    if (status)
-     {
--        SetLastError(RPC_S_SERVER_UNAVAILABLE);
-+        SetLastError(LsaNtStatusToWinError(status));
-         return FALSE;
-     }
--    if (lpLuid->HighPart || (lpLuid->LowPart < SE_MIN_WELL_KNOWN_PRIVILEGE ||
--     lpLuid->LowPart > SE_MAX_WELL_KNOWN_PRIVILEGE))
-+
-+    status = LsaLookupPrivilegeName(&lsa, lpLuid, &priv);
-+    LsaClose(lsa);
-+    if (status)
-     {
--        SetLastError(ERROR_NO_SUCH_PRIVILEGE);
-+        SetLastError(LsaNtStatusToWinError(status));
-         return FALSE;
-     }
--    privNameLen = strlenW(WellKnownPrivNames[lpLuid->LowPart]);
--    /* Windows crashes if cchName is NULL, so will I */
-+
-+    privNameLen = priv->Length / sizeof(WCHAR);
-     if (*cchName <= privNameLen)
-     {
-         *cchName = privNameLen + 1;
-+        LsaFreeMemory(priv);
-         SetLastError(ERROR_INSUFFICIENT_BUFFER);
-         return FALSE;
-     }
-     else
-     {
--        strcpyW(lpName, WellKnownPrivNames[lpLuid->LowPart]);
-+        strcpyW(lpName, priv->Buffer);
-         *cchName = privNameLen;
-+        LsaFreeMemory(priv);
-         return TRUE;
-     }
- }
-diff --git a/include/ntsecapi.h b/include/ntsecapi.h
-index 2bb3d312e43..0bf0eca43ed 100644
---- a/include/ntsecapi.h
-+++ b/include/ntsecapi.h
-@@ -370,6 +370,7 @@ NTSTATUS WINAPI LsaLookupNames(LSA_HANDLE,ULONG,PLSA_UNICODE_STRING,PLSA_REFEREN
-                                PLSA_TRANSLATED_SID*);
- NTSTATUS WINAPI LsaLookupNames2(LSA_HANDLE,ULONG,ULONG,PLSA_UNICODE_STRING,PLSA_REFERENCED_DOMAIN_LIST*,
-                                 PLSA_TRANSLATED_SID2*);
-+NTSTATUS WINAPI LsaLookupPrivilegeName(LSA_HANDLE,PLUID,PUNICODE_STRING*);
- NTSTATUS WINAPI LsaLookupSids(LSA_HANDLE,ULONG,PSID *,PLSA_REFERENCED_DOMAIN_LIST *,PLSA_TRANSLATED_NAME *);
- ULONG WINAPI LsaNtStatusToWinError(NTSTATUS);
- NTSTATUS WINAPI LsaOpenPolicy(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,ACCESS_MASK,PLSA_HANDLE);
--- 
-2.14.1
-

patches/advapi-LsaLookupPrivilegeName/0004-advapi32-Add-stub-for-LsaLookupPrivilegeDisplayName.patch

@@ -1,62 +0,0 @@
-From 63d642a1af3ccc579123cb8fd13959ab5e9136dd Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
-Date: Mon, 6 Mar 2017 00:01:53 +0100
-Subject: advapi32: Add stub for LsaLookupPrivilegeDisplayName.
-
----
- dlls/advapi32/advapi32.spec |  2 +-
- dlls/advapi32/lsa.c         | 21 +++++++++++++++++++++
- 2 files changed, 22 insertions(+), 1 deletion(-)
-
-diff --git a/dlls/advapi32/advapi32.spec b/dlls/advapi32/advapi32.spec
-index 124f527282..0b03cec3f5 100644
---- a/dlls/advapi32/advapi32.spec
-+++ b/dlls/advapi32/advapi32.spec
-@@ -468,7 +468,7 @@
- # @ stub LsaICLookupSidsWithCreds
- @ stdcall LsaLookupNames(long long ptr ptr ptr)
- @ stdcall LsaLookupNames2(ptr long long ptr ptr ptr)
--@ stub LsaLookupPrivilegeDisplayName
-+@ stdcall LsaLookupPrivilegeDisplayName(long ptr ptr ptr)
- @ stdcall LsaLookupPrivilegeName(long ptr ptr)
- # @ stub LsaLookupPrivilegeValue
- @ stdcall LsaLookupSids(ptr long ptr ptr ptr)
-diff --git a/dlls/advapi32/lsa.c b/dlls/advapi32/lsa.c
-index ceb3b05c05..c2e02fb462 100644
---- a/dlls/advapi32/lsa.c
-+++ b/dlls/advapi32/lsa.c
-@@ -44,6 +44,12 @@ WINE_DEFAULT_DEBUG_CHANNEL(advapi);
-         return FailureCode; \
- }
- 
-+static LPCSTR debugstr_us( const UNICODE_STRING *us )
-+{
-+    if (!us) return "(null)";
-+    return debugstr_wn(us->Buffer, us->Length / sizeof(WCHAR));
-+}
-+
- static void dumpLsaAttributes(const LSA_OBJECT_ATTRIBUTES *oa)
- {
-     if (oa)
-@@ -1011,3 +1017,18 @@ NTSTATUS WINAPI LsaLookupPrivilegeName(
-     *name = priv_unicode;
-     return STATUS_SUCCESS;
- }
-+
-+/******************************************************************************
-+ * LsaLookupPrivilegeDisplayName [ADVAPI32.@]
-+ *
-+ */
-+NTSTATUS WINAPI LsaLookupPrivilegeDisplayName(
-+    LSA_HANDLE handle,
-+    PLSA_UNICODE_STRING name,
-+    PLSA_UNICODE_STRING *dispname,
-+    SHORT *language)
-+{
-+    FIXME("(%p, %s, %p, %p)\n", handle, debugstr_us(name), dispname, language);
-+
-+    return STATUS_NO_SUCH_PRIVILEGE;
-+}
--- 
-2.11.0
-

patches/advapi-LsaLookupPrivilegeName/definition

@@ -1 +0,0 @@
-Fixes: [43316] Add LsaLookupPrivilege[Display]Name stubs

patches/advapi32-Token_Integrity_Level/0006-ntdll-Add-function-to-create-new-tokens-for-elevatio.patch

@@ -1,4 +1,4 @@
-From 0d98f9a1ea69511f6bb2901e71c72ac715bffd27 Mon Sep 17 00:00:00 2001
+From 6444094c9ef4f30a253bcee9e873ed511bda222c Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sat, 5 Aug 2017 01:45:29 +0200
 Subject: ntdll: Add function to create new tokens for elevation purposes.
@@ -13,12 +13,12 @@ Subject: ntdll: Add function to create new tokens for elevation purposes.
  6 files changed, 117 insertions(+)
 
 diff --git a/dlls/ntdll/ntdll.spec b/dlls/ntdll/ntdll.spec
-index 30dfa60b1a0..69bfe923234 100644
+index c814f405017..eb84cc97bf8 100644
 --- a/dlls/ntdll/ntdll.spec
 +++ b/dlls/ntdll/ntdll.spec
-@@ -1480,6 +1480,9 @@
- @ cdecl wine_server_send_fd(long)
- @ cdecl __wine_make_process_system()
+@@ -1483,6 +1483,9 @@
+ # Virtual memory
+ @ cdecl __wine_locked_recvmsg(long ptr long)
  
 +# Token
 +@ cdecl __wine_create_default_token(long)
@@ -27,7 +27,7 @@ index 30dfa60b1a0..69bfe923234 100644
  @ cdecl wine_get_version() NTDLL_wine_get_version
  @ cdecl wine_get_patches() NTDLL_wine_get_patches
 diff --git a/dlls/ntdll/ntdll_misc.h b/dlls/ntdll/ntdll_misc.h
-index c97b1e1f73f..030704e1727 100644
+index 907bbdd2d95..a7810f716ad 100644
 --- a/dlls/ntdll/ntdll_misc.h
 +++ b/dlls/ntdll/ntdll_misc.h
 @@ -77,6 +77,9 @@ extern void virtual_init_threading(void) DECLSPEC_HIDDEN;
@@ -70,10 +70,10 @@ index f615ce2fea7..77048003ace 100644
  
  #define UNIMPLEMENTED_INFO_CLASS(c) \
 diff --git a/server/protocol.def b/server/protocol.def
-index b5b2650c8ed..9140feee717 100644
+index c8ab4bf8c36..59fe9aec7a8 100644
 --- a/server/protocol.def
 +++ b/server/protocol.def
-@@ -3615,6 +3615,14 @@ struct handle_info
+@@ -3628,6 +3628,14 @@ struct handle_info
  @END
  
  

patches/advapi32-Token_Integrity_Level/0010-server-Implement-support-for-creating-processes-usin.patch

@@ -1,4 +1,4 @@
-From 9709db4e722195a70c5950b78b445c71eac495af Mon Sep 17 00:00:00 2001
+From 2993a76ec1711bb3ea1e889289f8d129f17ae2a3 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sun, 6 Aug 2017 02:08:05 +0200
 Subject: server: Implement support for creating processes using a token.
@@ -14,10 +14,10 @@ Subject: server: Implement support for creating processes using a token.
  7 files changed, 59 insertions(+), 21 deletions(-)
 
 diff --git a/dlls/kernel32/process.c b/dlls/kernel32/process.c
-index cacdcb3b621..3ae9d175a79 100644
+index c3dcd1349b3..69a026d5441 100644
 --- a/dlls/kernel32/process.c
 +++ b/dlls/kernel32/process.c
-@@ -2064,7 +2064,7 @@ static NTSTATUS create_struct_sd(PSECURITY_DESCRIPTOR nt_sd, struct security_des
+@@ -2051,7 +2051,7 @@ static NTSTATUS create_struct_sd(PSECURITY_DESCRIPTOR nt_sd, struct security_des
   * Create a new process. If hFile is a valid handle we have an exe
   * file, otherwise it is a Winelib app.
   */
@@ -26,7 +26,7 @@ index cacdcb3b621..3ae9d175a79 100644
                              LPCWSTR cur_dir, LPSECURITY_ATTRIBUTES psa, LPSECURITY_ATTRIBUTES tsa,
                              BOOL inherit, DWORD flags, LPSTARTUPINFOW startup,
                              LPPROCESS_INFORMATION info, LPCSTR unixdir,
-@@ -2210,6 +2210,7 @@ static BOOL create_process( HANDLE hFile, LPCWSTR filename, LPWSTR cmd_line, LPW
+@@ -2197,6 +2197,7 @@ static BOOL create_process( HANDLE hFile, LPCWSTR filename, LPWSTR cmd_line, LPW
          req->info_size      = startup_info_size;
          req->env_size       = (env_end - env) * sizeof(WCHAR);
          req->process_sd_size = process_sd_size;
@@ -34,7 +34,7 @@ index cacdcb3b621..3ae9d175a79 100644
  
          wine_server_add_data( req, startup_info, startup_info_size );
          wine_server_add_data( req, env, (env_end - env) * sizeof(WCHAR) );
-@@ -2310,7 +2311,7 @@ error:
+@@ -2297,7 +2298,7 @@ error:
   *
   * Create a new VDM process for a 16-bit or DOS application.
   */
@@ -43,7 +43,7 @@ index cacdcb3b621..3ae9d175a79 100644
                                  LPSECURITY_ATTRIBUTES psa, LPSECURITY_ATTRIBUTES tsa,
                                  BOOL inherit, DWORD flags, LPSTARTUPINFOW startup,
                                  LPPROCESS_INFORMATION info, LPCSTR unixdir,
-@@ -2334,7 +2335,7 @@ static BOOL create_vdm_process( LPCWSTR filename, LPWSTR cmd_line, LPWSTR env, L
+@@ -2321,7 +2322,7 @@ static BOOL create_vdm_process( LPCWSTR filename, LPWSTR cmd_line, LPWSTR env, L
          return FALSE;
      }
      sprintfW(new_cmd_line, argsW, winevdmW, buffer, cmd_line);
@@ -52,7 +52,7 @@ index cacdcb3b621..3ae9d175a79 100644
                            flags, startup, info, unixdir, binary_info, exec_only );
      HeapFree( GetProcessHeap(), 0, new_cmd_line );
      return ret;
-@@ -2346,7 +2347,7 @@ static BOOL create_vdm_process( LPCWSTR filename, LPWSTR cmd_line, LPWSTR env, L
+@@ -2333,7 +2334,7 @@ static BOOL create_vdm_process( LPCWSTR filename, LPWSTR cmd_line, LPWSTR env, L
   *
   * Create a new cmd shell process for a .BAT file.
   */
@@ -61,7 +61,7 @@ index cacdcb3b621..3ae9d175a79 100644
                                  LPSECURITY_ATTRIBUTES psa, LPSECURITY_ATTRIBUTES tsa,
                                  BOOL inherit, DWORD flags, LPSTARTUPINFOW startup,
                                  LPPROCESS_INFORMATION info )
-@@ -2371,8 +2372,8 @@ static BOOL create_cmd_process( LPCWSTR filename, LPWSTR cmd_line, LPVOID env, L
+@@ -2358,8 +2359,8 @@ static BOOL create_cmd_process( LPCWSTR filename, LPWSTR cmd_line, LPVOID env, L
      strcpyW( newcmdline, comspec );
      strcatW( newcmdline, slashcW );
      strcatW( newcmdline, cmd_line );
@@ -72,7 +72,7 @@ index cacdcb3b621..3ae9d175a79 100644
      HeapFree( GetProcessHeap(), 0, newcmdline );
      return ret;
  }
-@@ -2482,7 +2483,9 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
+@@ -2469,7 +2470,9 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
  
      TRACE("app %s cmdline %s\n", debugstr_w(app_name), debugstr_w(cmd_line) );
  
@@ -83,10 +83,10 @@ index cacdcb3b621..3ae9d175a79 100644
      if (new_token) FIXME("No support for returning created process token\n");
  
      if (!(tidy_cmdline = get_file_name( app_name, cmd_line, name, sizeof(name)/sizeof(WCHAR),
-@@ -2540,20 +2543,20 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
+@@ -2527,20 +2530,20 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
                 debugstr_w(name), (binary_info.flags & BINARY_FLAG_64BIT) ? 64 : 32,
-                binary_info.res_start, binary_info.res_end, binary_info.arch,
-                (binary_info.flags & BINARY_FLAG_FAKEDLL) ? ", fakedll" : "" );
+                wine_dbgstr_longlong(binary_info.res_start), wine_dbgstr_longlong(binary_info.res_end),
+                binary_info.arch, (binary_info.flags & BINARY_FLAG_FAKEDLL) ? ", fakedll" : "" );
 -        retv = create_process( hFile, name, tidy_cmdline, envW, cur_dir, process_attr, thread_attr,
 +        retv = create_process( token, hFile, name, tidy_cmdline, envW, cur_dir, process_attr, thread_attr,
                                 inherit, flags, startup_info, info, unixdir, &binary_info, FALSE );
@@ -107,7 +107,7 @@ index cacdcb3b621..3ae9d175a79 100644
                                 inherit, flags, startup_info, info, unixdir, &binary_info, FALSE );
          break;
      case BINARY_UNKNOWN:
-@@ -2565,7 +2568,7 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
+@@ -2552,7 +2555,7 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
                  TRACE( "starting %s as DOS binary\n", debugstr_w(name) );
                  binary_info.type = BINARY_DOS;
                  binary_info.arch = IMAGE_FILE_MACHINE_I386;
@@ -116,7 +116,7 @@ index cacdcb3b621..3ae9d175a79 100644
                                             inherit, flags, startup_info, info, unixdir,
                                             &binary_info, FALSE );
                  break;
-@@ -2573,7 +2576,7 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
+@@ -2560,7 +2563,7 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
              if (!strcmpiW( p, batW ) || !strcmpiW( p, cmdW ) )
              {
                  TRACE( "starting %s as batch binary\n", debugstr_w(name) );
@@ -125,10 +125,10 @@ index cacdcb3b621..3ae9d175a79 100644
                                             inherit, flags, startup_info, info );
                  break;
              }
-@@ -2692,12 +2695,12 @@ static void exec_process( LPCWSTR name )
-         TRACE( "starting %s as Win%d binary (%p-%p, arch %04x)\n",
+@@ -2680,12 +2683,12 @@ static void exec_process( LPCWSTR name )
                 debugstr_w(name), (binary_info.flags & BINARY_FLAG_64BIT) ? 64 : 32,
-                binary_info.res_start, binary_info.res_end, binary_info.arch );
+                wine_dbgstr_longlong(binary_info.res_start), wine_dbgstr_longlong(binary_info.res_end),
+                binary_info.arch );
 -        create_process( hFile, name, GetCommandLineW(), NULL, NULL, NULL, NULL,
 +        create_process( NULL, hFile, name, GetCommandLineW(), NULL, NULL, NULL, NULL,
                          FALSE, 0, &startup_info, &info, NULL, &binary_info, TRUE );
@@ -140,7 +140,7 @@ index cacdcb3b621..3ae9d175a79 100644
                          FALSE, 0, &startup_info, &info, NULL, &binary_info, TRUE );
          break;
      case BINARY_UNKNOWN:
-@@ -2711,7 +2714,7 @@ static void exec_process( LPCWSTR name )
+@@ -2699,7 +2702,7 @@ static void exec_process( LPCWSTR name )
      case BINARY_WIN16:
      case BINARY_DOS:
          TRACE( "starting %s as Win16/DOS binary\n", debugstr_w(name) );
@@ -150,10 +150,10 @@ index cacdcb3b621..3ae9d175a79 100644
          break;
      default:
 diff --git a/server/process.c b/server/process.c
-index 74675d343b4..ef2452fb8fb 100644
+index 81cea2f1baa..7d2206f2744 100644
 --- a/server/process.c
 +++ b/server/process.c
-@@ -501,7 +501,7 @@ static void start_sigkill_timer( struct process *process )
+@@ -496,7 +496,7 @@ static void start_sigkill_timer( struct process *process )
  
  /* create a new process and its main thread */
  /* if the function fails the fd is closed */
@@ -162,7 +162,7 @@ index 74675d343b4..ef2452fb8fb 100644
  {
      struct process *process;
      struct thread *thread = NULL;
-@@ -571,7 +571,7 @@ struct thread *create_process( int fd, struct thread *parent_thread, int inherit
+@@ -567,7 +567,7 @@ struct thread *create_process( int fd, struct thread *parent_thread, int inherit
                                         : alloc_handle_table( process, 0 );
          /* Note: for security reasons, starting a new process does not attempt
           * to use the current impersonation token for the new process */
@@ -171,7 +171,7 @@ index 74675d343b4..ef2452fb8fb 100644
          process->affinity = parent->affinity;
      }
      if (!process->handles || !process->token) goto error;
-@@ -1160,6 +1160,7 @@ DECL_HANDLER(new_process)
+@@ -1147,6 +1147,7 @@ DECL_HANDLER(new_process)
      struct startup_info *info;
      struct thread *thread;
      struct process *process;
@@ -179,7 +179,7 @@ index 74675d343b4..ef2452fb8fb 100644
      struct process *parent = current->process;
      int socket_fd = thread_get_inflight_fd( current, req->socket_fd );
      const struct security_descriptor *process_sd = NULL, *thread_sd = NULL;
-@@ -1195,9 +1196,27 @@ DECL_HANDLER(new_process)
+@@ -1182,9 +1183,27 @@ DECL_HANDLER(new_process)
          return;
      }
  
@@ -208,7 +208,7 @@ index 74675d343b4..ef2452fb8fb 100644
          return;
      }
  
-@@ -1205,6 +1224,7 @@ DECL_HANDLER(new_process)
+@@ -1192,6 +1211,7 @@ DECL_HANDLER(new_process)
      if (!(info = alloc_object( &startup_info_ops )))
      {
          close( socket_fd );
@@ -216,7 +216,7 @@ index 74675d343b4..ef2452fb8fb 100644
          return;
      }
      info->exe_file = NULL;
-@@ -1287,7 +1307,7 @@ DECL_HANDLER(new_process)
+@@ -1274,7 +1294,7 @@ DECL_HANDLER(new_process)
          }
      }
  
@@ -225,7 +225,7 @@ index 74675d343b4..ef2452fb8fb 100644
      process = thread->process;
      process->startup_info = (struct startup_info *)grab_object( info );
  
-@@ -1369,6 +1389,7 @@ DECL_HANDLER(new_process)
+@@ -1356,6 +1376,7 @@ DECL_HANDLER(new_process)
      }
  
   done:
@@ -234,10 +234,10 @@ index 74675d343b4..ef2452fb8fb 100644
  }
  
 diff --git a/server/process.h b/server/process.h
-index 262eb59627b..fcb45d8d676 100644
+index 78e88ec350a..313c36ab241 100644
 --- a/server/process.h
 +++ b/server/process.h
-@@ -115,7 +115,7 @@ struct process_snapshot
+@@ -114,7 +114,7 @@ struct process_snapshot
  extern unsigned int alloc_ptid( void *ptr );
  extern void free_ptid( unsigned int id );
  extern void *get_ptid_entry( unsigned int id );
@@ -247,10 +247,10 @@ index 262eb59627b..fcb45d8d676 100644
  extern struct thread *get_process_first_thread( struct process *process );
  extern struct process *get_process_from_id( process_id_t id );
 diff --git a/server/protocol.def b/server/protocol.def
-index e5b598259f7..7106cdb6f04 100644
+index 1ea129fec08..95513fef6c3 100644
 --- a/server/protocol.def
 +++ b/server/protocol.def
-@@ -767,6 +767,7 @@ struct rawinput_device
+@@ -739,6 +739,7 @@ struct rawinput_device
      data_size_t  info_size;      /* size of startup info */
      data_size_t  env_size;       /* size of the environment */
      data_size_t  process_sd_size;/* size of the process security descriptor */
@@ -259,10 +259,10 @@ index e5b598259f7..7106cdb6f04 100644
      VARARG(env,unicode_str,env_size);                       /* environment for new process */
      VARARG(process_sd,security_descriptor,process_sd_size); /* security descriptor to set on the process */
 diff --git a/server/request.c b/server/request.c
-index 83e608917f8..23760cdeb98 100644
+index 6120bc550ff..a648c306496 100644
 --- a/server/request.c
 +++ b/server/request.c
-@@ -571,7 +571,7 @@ static void master_socket_poll_event( struct fd *fd, int event )
+@@ -570,7 +570,7 @@ static void master_socket_poll_event( struct fd *fd, int event )
          int client = accept( get_unix_fd( master_socket->fd ), (struct sockaddr *) &dummy, &len );
          if (client == -1) return;
          fcntl( client, F_SETFL, O_NONBLOCK );
@@ -285,10 +285,10 @@ index 21e90ccf23f..32dfe5f8db9 100644
  static inline const ACE_HEADER *ace_next( const ACE_HEADER *ace )
  {
 diff --git a/server/token.c b/server/token.c
-index 385ea3bbfda..c507294b49d 100644
+index 49e84362a83..f6b6165d7a9 100644
 --- a/server/token.c
 +++ b/server/token.c
-@@ -851,6 +851,12 @@ int token_assign_label( struct token *token, PSID label )
+@@ -843,6 +843,12 @@ int token_assign_label( struct token *token, PSID label )
      return ret;
  }
  
@@ -301,7 +301,7 @@ index 385ea3bbfda..c507294b49d 100644
  struct token *token_create_admin( void )
  {
      struct token *token = NULL;
-@@ -1278,6 +1284,11 @@ const SID *token_get_primary_group( struct token *token )
+@@ -1269,6 +1275,11 @@ const SID *token_get_primary_group( struct token *token )
      return token->primary_group;
  }
  
@@ -314,5 +314,5 @@ index 385ea3bbfda..c507294b49d 100644
  {
      GENERIC_MAPPING mapping;
 -- 
-2.13.1
+2.14.2
 

patches/api-ms-win-Stub_DLLs/0001-kernelbase-Add-dll-and-add-stub-for-QuirkIsEnabled.patch

@@ -1,4 +1,4 @@
-From 959bc50b0ad246420e4f697e28371a3bb99f69f2 Mon Sep 17 00:00:00 2001
+From 634abe5fdb4fcd20f1675324f0adbe9d302c1d56 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Fri, 15 Jan 2016 13:01:15 +0100
 Subject: kernelbase: Add dll and add stub for QuirkIsEnabled.
@@ -10,7 +10,7 @@ Subject: kernelbase: Add dll and add stub for QuirkIsEnabled.
  3 files changed, 12 insertions(+), 2 deletions(-)
 
 diff --git a/dlls/api-ms-win-core-quirks-l1-1-0/api-ms-win-core-quirks-l1-1-0.spec b/dlls/api-ms-win-core-quirks-l1-1-0/api-ms-win-core-quirks-l1-1-0.spec
-index e8f77c73f3..1485512d0e 100644
+index e8f77c73f36..1485512d0ef 100644
 --- a/dlls/api-ms-win-core-quirks-l1-1-0/api-ms-win-core-quirks-l1-1-0.spec
 +++ b/dlls/api-ms-win-core-quirks-l1-1-0/api-ms-win-core-quirks-l1-1-0.spec
 @@ -1,6 +1,6 @@
@@ -22,7 +22,7 @@ index e8f77c73f3..1485512d0e 100644
  @ stdcall QuirkIsEnabled3(ptr ptr) kernelbase.QuirkIsEnabled3
  @ stub QuirkIsEnabledForPackage
 diff --git a/dlls/kernelbase/kernelbase.spec b/dlls/kernelbase/kernelbase.spec
-index 67003da332..9fba5803b2 100644
+index 75916a4851c..2f04a0a46f9 100644
 --- a/dlls/kernelbase/kernelbase.spec
 +++ b/dlls/kernelbase/kernelbase.spec
 @@ -1223,7 +1223,7 @@
@@ -35,7 +35,7 @@ index 67003da332..9fba5803b2 100644
  @ stdcall QuirkIsEnabled3(ptr ptr)
  # @ stub QuirkIsEnabledForPackage
 diff --git a/dlls/kernelbase/main.c b/dlls/kernelbase/main.c
-index 30cba3f6ca..6673f9b63e 100644
+index ff1b2f67623..f4d7cde8b7d 100644
 --- a/dlls/kernelbase/main.c
 +++ b/dlls/kernelbase/main.c
 @@ -1,4 +1,5 @@
@@ -44,10 +44,11 @@ index 30cba3f6ca..6673f9b63e 100644
   * Copyright 2017 Andrey Gusev
   *
   * This library is free software; you can redistribute it and/or
-@@ -21,6 +22,15 @@
- WINE_DEFAULT_DEBUG_CHANNEL(kernelbase);
+@@ -49,6 +50,15 @@ LONG WINAPI AppPolicyGetThreadInitializationType(HANDLE token, AppPolicyThreadIn
+     return ERROR_SUCCESS;
+ }
  
- /***********************************************************************
++/***********************************************************************
 + *           QuirkIsEnabled   (KERNELBASE.@)
 + */
 +BOOL WINAPI QuirkIsEnabled(void *arg)
@@ -56,10 +57,9 @@ index 30cba3f6ca..6673f9b63e 100644
 +    return FALSE;
 +}
 +
-+/***********************************************************************
+ /***********************************************************************
   *          QuirkIsEnabled3 (KERNELBASE.@)
   */
- BOOL WINAPI QuirkIsEnabled3(void *unk1, void *unk2)
 -- 
-2.11.0
+2.14.1
 

patches/api-ms-win-Stub_DLLs/0008-api-ms-win-shcore-obsolete-l1-1-0-Add-dll.patch

@@ -1,4 +1,4 @@
-From 49eb261c42d89a4c755914a40af797eb0b04d816 Mon Sep 17 00:00:00 2001
+From 44c826229e00ebefac0bca596746c1037c5c370b Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sun, 17 Jan 2016 17:02:41 +0100
 Subject: api-ms-win-shcore-obsolete-l1-1-0: Add dll.
@@ -13,27 +13,27 @@ Subject: api-ms-win-shcore-obsolete-l1-1-0: Add dll.
  create mode 100644 dlls/api-ms-win-shcore-obsolete-l1-1-0/api-ms-win-shcore-obsolete-l1-1-0.spec
 
 diff --git a/configure.ac b/configure.ac
-index e8b9c2a..736c744 100644
+index cc1d5ba443c..78c163e5f35 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -2801,6 +2801,7 @@ WINE_CONFIG_DLL(api-ms-win-service-management-l2-1-0)
+@@ -2939,6 +2939,7 @@ WINE_CONFIG_DLL(api-ms-win-service-management-l2-1-0)
  WINE_CONFIG_DLL(api-ms-win-service-private-l1-1-1)
  WINE_CONFIG_DLL(api-ms-win-service-winsvc-l1-1-0)
  WINE_CONFIG_DLL(api-ms-win-service-winsvc-l1-2-0)
 +WINE_CONFIG_DLL(api-ms-win-shcore-obsolete-l1-1-0)
+ WINE_CONFIG_DLL(api-ms-win-shcore-scaling-l1-1-1)
  WINE_CONFIG_DLL(api-ms-win-shell-shellcom-l1-1-0)
  WINE_CONFIG_DLL(api-ms-win-shell-shellfolders-l1-1-0)
- WINE_CONFIG_DLL(apphelp)
 diff --git a/dlls/api-ms-win-shcore-obsolete-l1-1-0/Makefile.in b/dlls/api-ms-win-shcore-obsolete-l1-1-0/Makefile.in
 new file mode 100644
-index 0000000..6588d13
+index 00000000000..6588d13937e
 --- /dev/null
 +++ b/dlls/api-ms-win-shcore-obsolete-l1-1-0/Makefile.in
 @@ -0,0 +1 @@
 +MODULE    = api-ms-win-shcore-obsolete-l1-1-0.dll
 diff --git a/dlls/api-ms-win-shcore-obsolete-l1-1-0/api-ms-win-shcore-obsolete-l1-1-0.spec b/dlls/api-ms-win-shcore-obsolete-l1-1-0/api-ms-win-shcore-obsolete-l1-1-0.spec
 new file mode 100644
-index 0000000..edb8143
+index 00000000000..edb8143799d
 --- /dev/null
 +++ b/dlls/api-ms-win-shcore-obsolete-l1-1-0/api-ms-win-shcore-obsolete-l1-1-0.spec
 @@ -0,0 +1,3 @@
@@ -41,20 +41,20 @@ index 0000000..edb8143
 +@ stdcall SHStrDupA(str ptr) shcore.SHStrDupA
 +@ stdcall SHStrDupW(wstr ptr) shcore.SHStrDupW
 diff --git a/tools/make_specfiles b/tools/make_specfiles
-index 6fb6376..c19993d 100755
+index ec4b68c2cf1..00f70283d49 100755
 --- a/tools/make_specfiles
 +++ b/tools/make_specfiles
-@@ -270,6 +270,10 @@ my @dll_groups =
+@@ -330,6 +330,10 @@ my @dll_groups =
+   "shlwapi",
    "shcore",
   ],
-  [
++ [
 +  "shcore",
 +  "api-ms-win-shcore-obsolete-l1-1-0",
 + ],
-+ [
+  [
    "user32",
    "api-ms-win-core-stringansi-l1-1-0",
-   "api-ms-win-core-string-l2-1-0",
 -- 
-2.9.0
+2.14.2
 

patches/api-ms-win-Stub_DLLs/0011-api-ms-win-shcore-thread-l1-1-0-Add-dll.patch

@@ -1,4 +1,4 @@
-From c0c54145e9b77cabfe520050f1a383659abd679f Mon Sep 17 00:00:00 2001
+From 19a4e40be4d9ef69c06b79185631f462f613c906 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Tue, 19 Jan 2016 16:19:11 +0100
 Subject: api-ms-win-shcore-thread-l1-1-0: Add dll
@@ -13,27 +13,27 @@ Subject: api-ms-win-shcore-thread-l1-1-0: Add dll
  create mode 100644 dlls/api-ms-win-shcore-thread-l1-1-0/api-ms-win-shcore-thread-l1-1-0.spec
 
 diff --git a/configure.ac b/configure.ac
-index 3847ab8..876b232 100644
+index 4f88873c57c..9efeb2fb02f 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -2797,6 +2797,7 @@ WINE_CONFIG_DLL(api-ms-win-service-management-l2-1-0)
- WINE_CONFIG_DLL(api-ms-win-service-winsvc-l1-1-0)
+@@ -2941,6 +2941,7 @@ WINE_CONFIG_DLL(api-ms-win-service-winsvc-l1-1-0)
  WINE_CONFIG_DLL(api-ms-win-service-winsvc-l1-2-0)
  WINE_CONFIG_DLL(api-ms-win-shcore-obsolete-l1-1-0)
+ WINE_CONFIG_DLL(api-ms-win-shcore-scaling-l1-1-1)
 +WINE_CONFIG_DLL(api-ms-win-shcore-thread-l1-1-0)
  WINE_CONFIG_DLL(api-ms-win-shell-shellcom-l1-1-0)
  WINE_CONFIG_DLL(api-ms-win-shell-shellfolders-l1-1-0)
  WINE_CONFIG_DLL(apphelp)
 diff --git a/dlls/api-ms-win-shcore-thread-l1-1-0/Makefile.in b/dlls/api-ms-win-shcore-thread-l1-1-0/Makefile.in
 new file mode 100644
-index 0000000..0a20ccf
+index 00000000000..0a20ccf206f
 --- /dev/null
 +++ b/dlls/api-ms-win-shcore-thread-l1-1-0/Makefile.in
 @@ -0,0 +1 @@
 +MODULE    = api-ms-win-shcore-thread-l1-1-0.dll
 diff --git a/dlls/api-ms-win-shcore-thread-l1-1-0/api-ms-win-shcore-thread-l1-1-0.spec b/dlls/api-ms-win-shcore-thread-l1-1-0/api-ms-win-shcore-thread-l1-1-0.spec
 new file mode 100644
-index 0000000..1533005
+index 00000000000..15330050ded
 --- /dev/null
 +++ b/dlls/api-ms-win-shcore-thread-l1-1-0/api-ms-win-shcore-thread-l1-1-0.spec
 @@ -0,0 +1,8 @@
@@ -46,10 +46,10 @@ index 0000000..1533005
 +@ stdcall SHSetThreadRef(ptr) shcore.SHSetThreadRef
 +@ stub SetProcessReference
 diff --git a/tools/make_specfiles b/tools/make_specfiles
-index e16a378..3fd4f36 100755
+index 00f70283d49..7abb3be32e6 100755
 --- a/tools/make_specfiles
 +++ b/tools/make_specfiles
-@@ -268,6 +268,7 @@ my @dll_groups =
+@@ -333,6 +333,7 @@ my @dll_groups =
   [
    "shcore",
    "api-ms-win-shcore-obsolete-l1-1-0",
@@ -58,5 +58,5 @@ index e16a378..3fd4f36 100755
   [
    "user32",
 -- 
-2.9.0
+2.14.2
 

patches/api-ms-win-Stub_DLLs/0014-api-ms-win-shcore-stream-l1-1-0-Add-dll.patch

@@ -1,4 +1,4 @@
-From dece0c4c7519885d8e6da604de5735f1ebed7769 Mon Sep 17 00:00:00 2001
+From 56a35eb70c12ef297d1030e7a13f9a5f5746d057 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sat, 23 Jan 2016 20:56:53 +0100
 Subject: api-ms-win-shcore-stream-l1-1-0: Add dll
@@ -13,27 +13,27 @@ Subject: api-ms-win-shcore-stream-l1-1-0: Add dll
  create mode 100644 dlls/api-ms-win-shcore-stream-l1-1-0/api-ms-win-shcore-stream-l1-1-0.spec
 
 diff --git a/configure.ac b/configure.ac
-index d88aa46..f5d8f62 100644
+index 9efeb2fb02f..115becf5aaf 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -2798,6 +2798,7 @@ WINE_CONFIG_DLL(api-ms-win-service-management-l2-1-0)
- WINE_CONFIG_DLL(api-ms-win-service-winsvc-l1-1-0)
+@@ -2941,6 +2941,7 @@ WINE_CONFIG_DLL(api-ms-win-service-winsvc-l1-1-0)
  WINE_CONFIG_DLL(api-ms-win-service-winsvc-l1-2-0)
  WINE_CONFIG_DLL(api-ms-win-shcore-obsolete-l1-1-0)
+ WINE_CONFIG_DLL(api-ms-win-shcore-scaling-l1-1-1)
 +WINE_CONFIG_DLL(api-ms-win-shcore-stream-l1-1-0)
  WINE_CONFIG_DLL(api-ms-win-shcore-thread-l1-1-0)
  WINE_CONFIG_DLL(api-ms-win-shell-shellcom-l1-1-0)
  WINE_CONFIG_DLL(api-ms-win-shell-shellfolders-l1-1-0)
 diff --git a/dlls/api-ms-win-shcore-stream-l1-1-0/Makefile.in b/dlls/api-ms-win-shcore-stream-l1-1-0/Makefile.in
 new file mode 100644
-index 0000000..df2caad
+index 00000000000..df2caadd38b
 --- /dev/null
 +++ b/dlls/api-ms-win-shcore-stream-l1-1-0/Makefile.in
 @@ -0,0 +1 @@
 +MODULE    = api-ms-win-shcore-stream-l1-1-0.dll
 diff --git a/dlls/api-ms-win-shcore-stream-l1-1-0/api-ms-win-shcore-stream-l1-1-0.spec b/dlls/api-ms-win-shcore-stream-l1-1-0/api-ms-win-shcore-stream-l1-1-0.spec
 new file mode 100644
-index 0000000..1ee9dd3
+index 00000000000..1ee9dd335b6
 --- /dev/null
 +++ b/dlls/api-ms-win-shcore-stream-l1-1-0/api-ms-win-shcore-stream-l1-1-0.spec
 @@ -0,0 +1,15 @@
@@ -53,10 +53,10 @@ index 0000000..1ee9dd3
 +@ stdcall SHOpenRegStreamA(long str str long) shcore.SHOpenRegStreamA
 +@ stdcall SHOpenRegStreamW(long wstr wstr long) shcore.SHOpenRegStreamW
 diff --git a/tools/make_specfiles b/tools/make_specfiles
-index 6a08495..dc429d7 100755
+index 7abb3be32e6..86509aa7fb7 100755
 --- a/tools/make_specfiles
 +++ b/tools/make_specfiles
-@@ -270,6 +270,7 @@ my @dll_groups =
+@@ -334,6 +334,7 @@ my @dll_groups =
    "shcore",
    "api-ms-win-shcore-obsolete-l1-1-0",
    "api-ms-win-shcore-thread-l1-1-0",
@@ -65,5 +65,5 @@ index 6a08495..dc429d7 100755
   [
    "user32",
 -- 
-2.9.0
+2.14.2
 

patches/bcrypt-Improvements/0001-include-Add-missing-BCRYPT_CHAIN_MODE-definitions.patch

@@ -1,26 +0,0 @@
-From 1678dc51bead9b84a2670e122c87f70d1c023935 Mon Sep 17 00:00:00 2001
-From: Hans Leidekker <hans@codeweavers.com>
-Date: Thu, 17 Aug 2017 18:02:53 +0200
-Subject: include: Add missing BCRYPT_CHAIN_MODE definitions.
-
----
- include/bcrypt.h | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/include/bcrypt.h b/include/bcrypt.h
-index 9e193da5de5..34ffc100d6b 100644
---- a/include/bcrypt.h
-+++ b/include/bcrypt.h
-@@ -74,6 +74,9 @@ typedef LONG NTSTATUS;
- #define BCRYPT_CHAIN_MODE_NA        (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','N','/','A',0}
- #define BCRYPT_CHAIN_MODE_CBC       (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','C','B','C',0}
- #define BCRYPT_CHAIN_MODE_ECB       (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','E','C','B',0}
-+#define BCRYPT_CHAIN_MODE_CFB       (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','C','F','B',0}
-+#define BCRYPT_CHAIN_MODE_CCM       (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','C','C','M',0}
-+#define BCRYPT_CHAIN_MODE_GCM       (const WCHAR []){'C','h','a','i','n','i','n','g','M','o','d','e','G','C','M',0}
- 
- typedef struct _BCRYPT_ALGORITHM_IDENTIFIER
- {
--- 
-2.13.1
-

patches/bcrypt-Improvements/0035-bcrypt-Initial-implementation-for-RSA-key-import-and.patch

@@ -0,0 +1,296 @@
+From 72f7ded1f27e7d14b7efb7200b43e320f3e245d4 Mon Sep 17 00:00:00 2001
+From: Kimmo Myllyvirta <kimmo.myllyvirta@gmail.com>
+Date: Tue, 10 Oct 2017 16:40:41 +0300
+Subject: bcrypt: Initial implementation for RSA key import and signature
+ verification.
+
+---
+ dlls/bcrypt/bcrypt_main.c | 128 ++++++++++++++++++++++++++++++++++++++++++----
+ include/bcrypt.h          |  17 ++++++
+ 2 files changed, 135 insertions(+), 10 deletions(-)
+
+diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
+index 881f6f7eb0c..3356364a6dc 100644
+--- a/dlls/bcrypt/bcrypt_main.c
++++ b/dlls/bcrypt/bcrypt_main.c
+@@ -71,6 +71,9 @@ static int (*pgnutls_pubkey_verify_hash2)(gnutls_pubkey_t key, gnutls_sign_algor
+                                           unsigned int flags, const gnutls_datum_t *hash,
+                                           const gnutls_datum_t *signature);
+ 
++/* Not present in gnutls version < 2.11.0 */
++static int (*pgnutls_pubkey_import_rsa_raw)(gnutls_pubkey_t key, const gnutls_datum_t *m, const gnutls_datum_t *e);
++
+ static void *libgnutls_handle;
+ #define MAKE_FUNCPTR(f) static typeof(f) * p##f
+ MAKE_FUNCPTR(gnutls_cipher_decrypt2);
+@@ -121,6 +124,11 @@ static int compat_gnutls_pubkey_verify_hash2(gnutls_pubkey_t key, gnutls_sign_al
+     return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
+ }
+ 
++static int compat_gnutls_pubkey_import_rsa_raw(gnutls_pubkey_t key, const gnutls_datum_t *m, const gnutls_datum_t *e)
++{
++    return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
++}
++
+ static void gnutls_log( int level, const char *msg )
+ {
+     TRACE( "<%d> %s", level, msg );
+@@ -181,6 +189,11 @@ static BOOL gnutls_initialize(void)
+         WARN("gnutls_pubkey_verify_hash2 not found\n");
+         pgnutls_pubkey_verify_hash2 = compat_gnutls_pubkey_verify_hash2;
+     }
++    if (!(pgnutls_pubkey_import_rsa_raw = wine_dlsym( libgnutls_handle, "gnutls_pubkey_import_rsa_raw", NULL, 0 )))
++    {
++        WARN("gnutls_pubkey_import_rsa_raw not found\n");
++        pgnutls_pubkey_import_rsa_raw = compat_gnutls_pubkey_import_rsa_raw;
++    }
+ 
+     if ((ret = pgnutls_global_init()) != GNUTLS_E_SUCCESS)
+     {
+@@ -234,6 +247,7 @@ enum alg_id
+     ALG_ID_AES,
+     ALG_ID_MD5,
+     ALG_ID_RNG,
++    ALG_ID_RSA,
+     ALG_ID_SHA1,
+     ALG_ID_SHA256,
+     ALG_ID_SHA384,
+@@ -262,6 +276,7 @@ static const struct {
+     /* ALG_ID_AES    */     {  654,    0,    0, BCRYPT_AES_ALGORITHM,        TRUE  },
+     /* ALG_ID_MD5    */     {  274,   16,  512, BCRYPT_MD5_ALGORITHM,        FALSE },
+     /* ALG_ID_RNG    */     {    0,    0,    0, BCRYPT_RNG_ALGORITHM,        FALSE },
++    /* ALG_ID_RSA    */     {    0,    0,    0, BCRYPT_RSA_ALGORITHM,        FALSE },
+     /* ALG_ID_SHA1   */     {  278,   20,  512, BCRYPT_SHA1_ALGORITHM,       FALSE },
+     /* ALG_ID_SHA256 */     {  286,   32,  512, BCRYPT_SHA256_ALGORITHM,     FALSE },
+     /* ALG_ID_SHA384 */     {  382,   48, 1024, BCRYPT_SHA384_ALGORITHM,     FALSE },
+@@ -340,6 +355,7 @@ NTSTATUS WINAPI BCryptOpenAlgorithmProvider( BCRYPT_ALG_HANDLE *handle, LPCWSTR
+     if (!strcmpW( id, BCRYPT_AES_ALGORITHM )) alg_id = ALG_ID_AES;
+     else if (!strcmpW( id, BCRYPT_MD5_ALGORITHM )) alg_id = ALG_ID_MD5;
+     else if (!strcmpW( id, BCRYPT_RNG_ALGORITHM )) alg_id = ALG_ID_RNG;
++    else if (!strcmpW( id, BCRYPT_RSA_ALGORITHM )) alg_id = ALG_ID_RSA;
+     else if (!strcmpW( id, BCRYPT_SHA1_ALGORITHM )) alg_id = ALG_ID_SHA1;
+     else if (!strcmpW( id, BCRYPT_SHA256_ALGORITHM )) alg_id = ALG_ID_SHA256;
+     else if (!strcmpW( id, BCRYPT_SHA384_ALGORITHM )) alg_id = ALG_ID_SHA384;
+@@ -950,6 +966,7 @@ static NTSTATUS key_asymmetric_init( struct key *key, struct algorithm *alg, con
+     {
+     case ALG_ID_ECDSA_P256:
+     case ALG_ID_ECDSA_P384:
++    case ALG_ID_RSA:
+         break;
+ 
+     default:
+@@ -1326,6 +1343,34 @@ static NTSTATUS import_gnutls_pubkey_ecc( struct key *key, gnutls_pubkey_t *gnut
+     return STATUS_SUCCESS;
+ }
+ 
++static NTSTATUS import_gnutls_pubkey_rsa( struct key *key, gnutls_pubkey_t *gnutls_key )
++{
++    BCRYPT_RSAKEY_BLOB *rsa_blob;
++    gnutls_datum_t m, e;
++    int ret;
++
++    if ((ret = pgnutls_pubkey_init( gnutls_key )))
++    {
++        pgnutls_perror( ret );
++        return STATUS_INTERNAL_ERROR;
++    }
++
++    rsa_blob = (BCRYPT_RSAKEY_BLOB *)key->u.a.pubkey;
++    e.data = key->u.a.pubkey + sizeof(*rsa_blob);
++    e.size = rsa_blob->cbPublicExp;
++    m.data = key->u.a.pubkey + sizeof(*rsa_blob) + rsa_blob->cbPublicExp;
++    m.size = rsa_blob->cbModulus;
++
++    if ((ret = pgnutls_pubkey_import_rsa_raw( *gnutls_key, &m, &e )))
++    {
++        pgnutls_perror( ret );
++        pgnutls_pubkey_deinit( *gnutls_key );
++        return STATUS_INTERNAL_ERROR;
++    }
++
++    return STATUS_SUCCESS;
++}
++
+ static NTSTATUS import_gnutls_pubkey( struct key *key,  gnutls_pubkey_t *gnutls_key)
+ {
+     switch (key->alg_id)
+@@ -1333,6 +1378,8 @@ static NTSTATUS import_gnutls_pubkey( struct key *key,  gnutls_pubkey_t *gnutls_
+         case ALG_ID_ECDSA_P256:
+         case ALG_ID_ECDSA_P384:
+             return import_gnutls_pubkey_ecc( key, gnutls_key );
++        case ALG_ID_RSA:
++            return import_gnutls_pubkey_rsa( key, gnutls_key );
+ 
+         default:
+             FIXME("Algorithm %d not yet supported\n", key->alg_id);
+@@ -1362,6 +1409,14 @@ static NTSTATUS prepare_gnutls_signature_ecc( struct key *key, UCHAR *signature,
+     return STATUS_SUCCESS;
+ }
+ 
++static NTSTATUS prepare_gnutls_signature_rsa( struct key *key, UCHAR *signature, ULONG signature_len,
++                                              gnutls_datum_t *gnutls_signature )
++{
++    gnutls_signature->data = signature;
++    gnutls_signature->size = signature_len;
++    return STATUS_SUCCESS;
++}
++
+ static NTSTATUS prepare_gnutls_signature( struct key *key, UCHAR *signature, ULONG signature_len,
+                                           gnutls_datum_t *gnutls_signature )
+ {
+@@ -1370,6 +1425,8 @@ static NTSTATUS prepare_gnutls_signature( struct key *key, UCHAR *signature, ULO
+         case ALG_ID_ECDSA_P256:
+         case ALG_ID_ECDSA_P384:
+             return prepare_gnutls_signature_ecc( key, signature, signature_len, gnutls_signature );
++        case ALG_ID_RSA:
++            return prepare_gnutls_signature_rsa( key, signature, signature_len, gnutls_signature );
+ 
+         default:
+             FIXME( "Algorithm %d not yet supported\n", key->alg_id );
+@@ -1388,18 +1445,38 @@ static NTSTATUS key_asymmetric_verify( struct key *key, void *padding, UCHAR *ha
+     NTSTATUS status;
+     int ret;
+ 
+-    if (flags)
+-        FIXME( "Flags %08x not supported\n", flags );
++    if (key->alg_id == ALG_ID_RSA)
++    {
++        BCRYPT_PKCS1_PADDING_INFO *pinfo = (BCRYPT_PKCS1_PADDING_INFO *)padding;
+ 
+-    /* only the hash size must match, not the actual hash function */
+-    switch (hash_len)
++        if (!(flags & BCRYPT_PAD_PKCS1) || !pinfo) return STATUS_INVALID_PARAMETER;
++        if (!pinfo->pszAlgId) return STATUS_INVALID_SIGNATURE;
++
++        if (!strcmpW( pinfo->pszAlgId, BCRYPT_SHA1_ALGORITHM )) hash_algo = GNUTLS_DIG_SHA1;
++        else if (!strcmpW( pinfo->pszAlgId, BCRYPT_SHA256_ALGORITHM )) hash_algo = GNUTLS_DIG_SHA256;
++        else if (!strcmpW( pinfo->pszAlgId, BCRYPT_SHA384_ALGORITHM )) hash_algo = GNUTLS_DIG_SHA384;
++        else if (!strcmpW( pinfo->pszAlgId, BCRYPT_SHA512_ALGORITHM )) hash_algo = GNUTLS_DIG_SHA512;
++        else
++        {
++            FIXME( "Hash algorithm %s not supported\n", debugstr_w(pinfo->pszAlgId) );
++            return STATUS_NOT_SUPPORTED;
++        }
++    }
++    else
+     {
+-        case 32: hash_algo = GNUTLS_DIG_SHA256; break;
+-        case 48: hash_algo = GNUTLS_DIG_SHA384; break;
++        if (flags)
++            FIXME( "Flags %08x not supported\n", flags );
+ 
+-        default:
+-            FIXME( "Hash size %u not yet supported\n", hash_len );
+-            return STATUS_INVALID_SIGNATURE;
++        /* only the hash size must match, not the actual hash function */
++        switch (hash_len)
++        {
++            case 32: hash_algo = GNUTLS_DIG_SHA256; break;
++            case 48: hash_algo = GNUTLS_DIG_SHA384; break;
++
++            default:
++                FIXME( "Hash size %u not yet supported\n", hash_len );
++                return STATUS_INVALID_SIGNATURE;
++        }
+     }
+ 
+     switch (key->alg_id)
+@@ -1408,6 +1485,9 @@ static NTSTATUS key_asymmetric_verify( struct key *key, void *padding, UCHAR *ha
+         case ALG_ID_ECDSA_P384:
+             pk_algo = GNUTLS_PK_ECC;
+             break;
++        case ALG_ID_RSA:
++            pk_algo = GNUTLS_PK_RSA;
++            break;
+ 
+         default:
+             FIXME( "Algorithm %d not yet supported\n", key->alg_id );
+@@ -1433,7 +1513,8 @@ static NTSTATUS key_asymmetric_verify( struct key *key, void *padding, UCHAR *ha
+     gnutls_hash.size = hash_len;
+     ret = pgnutls_pubkey_verify_hash2( gnutls_key, sign_algo, 0, &gnutls_hash, &gnutls_signature );
+ 
+-    HeapFree( GetProcessHeap(), 0, gnutls_signature.data );
++    if (gnutls_signature.data != signature)
++        HeapFree( GetProcessHeap(), 0, gnutls_signature.data );
+     pgnutls_pubkey_deinit( gnutls_key );
+     return (ret < 0) ? STATUS_INVALID_SIGNATURE : STATUS_SUCCESS;
+ }
+@@ -1774,6 +1855,33 @@ NTSTATUS WINAPI BCryptImportKeyPair( BCRYPT_ALG_HANDLE algorithm, BCRYPT_KEY_HAN
+         *ret_key = key;
+         return STATUS_SUCCESS;
+     }
++    else if (!strcmpW( type, BCRYPT_RSAPUBLIC_BLOB ))
++    {
++        BCRYPT_RSAKEY_BLOB *rsa_blob = (BCRYPT_RSAKEY_BLOB *)input;
++
++        if (input_len < sizeof(*rsa_blob))
++            return STATUS_INVALID_PARAMETER;
++
++        if (alg->id != ALG_ID_RSA)
++            return STATUS_NOT_SUPPORTED;
++
++        if (rsa_blob->Magic != BCRYPT_RSAPUBLIC_MAGIC)
++            return STATUS_NOT_SUPPORTED;
++
++        if (!(key = HeapAlloc( GetProcessHeap(), 0, sizeof(*key) )))
++            return STATUS_NO_MEMORY;
++
++        key->hdr.magic = MAGIC_KEY;
++        if ((status = key_asymmetric_init( key, alg, (BYTE *)rsa_blob,
++                sizeof(*rsa_blob) + rsa_blob->cbPublicExp + rsa_blob->cbModulus )))
++        {
++            HeapFree( GetProcessHeap(), 0, key );
++            return status;
++        }
++
++        *ret_key = key;
++        return STATUS_SUCCESS;
++    }
+ 
+     FIXME( "unsupported key type %s\n", debugstr_w(type) );
+     return STATUS_NOT_SUPPORTED;
+diff --git a/include/bcrypt.h b/include/bcrypt.h
+index 3dcc953e9ed..944796024bf 100644
+--- a/include/bcrypt.h
++++ b/include/bcrypt.h
+@@ -63,6 +63,8 @@ typedef LONG NTSTATUS;
+ #define BCRYPT_AES_WRAP_KEY_BLOB (const WCHAR []){'R','f','c','3','5','6','5','K','e','y','W','r','a','p','B','l','o','b',0}
+ #define BCRYPT_ECCPUBLIC_BLOB    (const WCHAR []){'E','C','C','P','U','B','L','I','C','B','L','O','B',0}
+ #define BCRYPT_ECCPRIVATE_BLOB   (const WCHAR []){'E','C','C','P','R','I','V','A','T','E','B','L','O','B',0}
++#define BCRYPT_RSAPUBLIC_BLOB    (const WCHAR []){'R','S','A','P','U','B','L','I','C','B','L','O','B',0}
++#define BCRYPT_RSAPRIVATE_BLOB   (const WCHAR []){'R','S','A','P','R','I','V','A','T','E','B','L','O','B',0}
+ 
+ #define MS_PRIMITIVE_PROVIDER (const WCHAR [])\
+     {'M','i','c','r','o','s','o','f','t',' ','P','r','i','m','i','t','i','v','e',' ','P','r','o','v','i','d','e','r',0}
+@@ -72,6 +74,7 @@ typedef LONG NTSTATUS;
+ #define BCRYPT_AES_ALGORITHM        (const WCHAR []){'A','E','S',0}
+ #define BCRYPT_MD5_ALGORITHM        (const WCHAR []){'M','D','5',0}
+ #define BCRYPT_RNG_ALGORITHM        (const WCHAR []){'R','N','G',0}
++#define BCRYPT_RSA_ALGORITHM        (const WCHAR []){'R','S','A',0}
+ #define BCRYPT_SHA1_ALGORITHM       (const WCHAR []){'S','H','A','1',0}
+ #define BCRYPT_SHA256_ALGORITHM     (const WCHAR []){'S','H','A','2','5','6',0}
+ #define BCRYPT_SHA384_ALGORITHM     (const WCHAR []){'S','H','A','3','8','4',0}
+@@ -138,6 +141,20 @@ typedef struct _BCRYPT_ECCKEY_BLOB
+     ULONG cbKey;
+ } BCRYPT_ECCKEY_BLOB, *PBCRYPT_ECCKEY_BLOB;
+ 
++#define BCRYPT_RSAPUBLIC_MAGIC      0x31415352
++#define BCRYPT_RSAPRIVATE_MAGIC     0x32415352
++#define BCRYPT_RSAFULLPRIVATE_MAGIC 0x33415352
++
++typedef struct _BCRYPT_RSAKEY_BLOB
++{
++    ULONG Magic;
++    ULONG BitLength;
++    ULONG cbPublicExp;
++    ULONG cbModulus;
++    ULONG cbPrime1;
++    ULONG cbPrime2;
++} BCRYPT_RSAKEY_BLOB;
++
+ typedef struct _BCRYPT_PKCS1_PADDING_INFO
+ {
+     LPCWSTR pszAlgId;
+-- 
+2.14.1
+

patches/bcrypt-Improvements/0036-bcrypt-tests-Add-simple-test-for-RSA.patch

@@ -0,0 +1,129 @@
+From 1ac61b565db2204b247603ee7ad1124ad79bf50f Mon Sep 17 00:00:00 2001
+From: Kimmo Myllyvirta <kimmo.myllyvirta@gmail.com>
+Date: Tue, 10 Oct 2017 16:41:09 +0300
+Subject: bcrypt/tests: Add simple test for RSA.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Based on patch from Bernhard Übelacker.
+---
+ dlls/bcrypt/tests/bcrypt.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 95 insertions(+)
+
+diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
+index 73bd4d69a5b..56e3440b545 100644
+--- a/dlls/bcrypt/tests/bcrypt.c
++++ b/dlls/bcrypt/tests/bcrypt.c
+@@ -1697,6 +1697,100 @@ static void test_ECDSA(void)
+     pBCryptCloseAlgorithmProvider(alg, 0);
+ }
+ 
++static UCHAR rsaPublicBlob[] =
++{
++    0x52, 0x53, 0x41, 0x31, 0x00, 0x08, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,
++    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0xad, 0x41, 0x09, 0xa2, 0x56,
++    0x3a, 0x7b, 0x75, 0x4b, 0x72, 0x9b, 0x28, 0x72, 0x3b, 0xae, 0x9f, 0xd8, 0xa8, 0x25, 0x4a, 0x4c,
++    0x19, 0xf5, 0xa6, 0xd0, 0x05, 0x1c, 0x59, 0x8f, 0xe3, 0xf3, 0x2d, 0x29, 0x47, 0xf8, 0x80, 0x25,
++    0x25, 0x21, 0x58, 0xc2, 0xac, 0xa1, 0x9e, 0x93, 0x8e, 0x82, 0x6d, 0xd7, 0xf3, 0xe7, 0x8f, 0x0b,
++    0xc0, 0x41, 0x85, 0x29, 0x3c, 0xf1, 0x0b, 0x2c, 0x5d, 0x49, 0xed, 0xb4, 0x30, 0x6e, 0x02, 0x15,
++    0x4b, 0x9a, 0x08, 0x0d, 0xe1, 0x6f, 0xa8, 0xd3, 0x12, 0xab, 0x66, 0x48, 0x4d, 0xd9, 0x28, 0x03,
++    0x6c, 0x9d, 0x44, 0x7a, 0xed, 0xc9, 0x43, 0x4f, 0x9d, 0x4e, 0x3c, 0x7d, 0x0e, 0xff, 0x07, 0x87,
++    0xeb, 0xca, 0xca, 0x65, 0x6d, 0xbe, 0xc5, 0x31, 0x8b, 0xcc, 0x7e, 0x0a, 0x71, 0x4a, 0x4d, 0x9d,
++    0x3d, 0xfd, 0x7a, 0x56, 0x32, 0x8a, 0x6c, 0x6d, 0x9d, 0x2a, 0xd9, 0x8e, 0x68, 0x89, 0x63, 0xc6,
++    0x4f, 0x24, 0xd1, 0x2a, 0x72, 0x69, 0x08, 0x77, 0xa0, 0x7f, 0xfe, 0xc6, 0x33, 0x8d, 0xb4, 0x7d,
++    0x73, 0x91, 0x13, 0x9c, 0x47, 0x53, 0x6a, 0x13, 0xdf, 0x19, 0xc7, 0xed, 0x48, 0x81, 0xed, 0xd8,
++    0x1f, 0x11, 0x11, 0xbb, 0x41, 0x15, 0x5b, 0xa4, 0xf5, 0xc9, 0x2b, 0x48, 0x5e, 0xd8, 0x4b, 0x52,
++    0x1f, 0xf7, 0x87, 0xf2, 0x68, 0x25, 0x28, 0x79, 0xee, 0x39, 0x41, 0xc9, 0x0e, 0xc8, 0xf9, 0xf2,
++    0xd8, 0x24, 0x09, 0xb4, 0xd4, 0xb7, 0x90, 0xba, 0x26, 0xe8, 0x1d, 0xb4, 0xd7, 0x09, 0x00, 0xc4,
++    0xa0, 0xb6, 0x14, 0xe8, 0x4c, 0x29, 0x60, 0x54, 0x2e, 0x01, 0xde, 0x54, 0x66, 0x40, 0x22, 0x50,
++    0x27, 0xf1, 0xe7, 0x62, 0xa9, 0x00, 0x5a, 0x61, 0x2e, 0xfa, 0xfe, 0x16, 0xd8, 0xe0, 0xe7, 0x66,
++    0x17, 0xda, 0xb8, 0x0c, 0xa6, 0x04, 0x8d, 0xf8, 0x21, 0x68, 0x39
++};
++
++static UCHAR rsaHash[] =
++{
++    0x96, 0x1f, 0xa6, 0x49, 0x58, 0x81, 0x8f, 0x76, 0x77, 0x07, 0x07, 0x27, 0x55, 0xd7, 0x01, 0x8d,
++    0xcd, 0x27, 0x8e, 0x94
++};
++
++static UCHAR rsaSignature[] =
++{
++    0xa8, 0x3a, 0x9d, 0xaf, 0x92, 0x94, 0xa4, 0x4d, 0x34, 0xba, 0x41, 0x0c, 0xc1, 0x23, 0x91, 0xc7,
++    0x91, 0xa8, 0xf8, 0xfc, 0x94, 0x87, 0x4d, 0x05, 0x85, 0x63, 0xe8, 0x7d, 0xea, 0x7f, 0x6b, 0x8d,
++    0xbb, 0x9a, 0xd4, 0x46, 0xa6, 0xc0, 0xd6, 0xdc, 0x91, 0xba, 0xd3, 0x1a, 0xbf, 0xf4, 0x52, 0xa0,
++    0xc7, 0x15, 0x87, 0xe9, 0x1e, 0x60, 0x49, 0x9c, 0xee, 0x5a, 0x9c, 0x6c, 0xbd, 0x7a, 0x3e, 0xc3,
++    0x48, 0xb3, 0xee, 0xca, 0x68, 0x40, 0x9b, 0xa1, 0x4c, 0x6e, 0x20, 0xd6, 0xca, 0x6c, 0x72, 0xaf,
++    0x2b, 0x6b, 0x62, 0x7c, 0x78, 0x06, 0x94, 0x4c, 0x02, 0xf3, 0x8d, 0x49, 0xe0, 0x11, 0xc4, 0x9b,
++    0x62, 0x5b, 0xc2, 0xfd, 0x68, 0xf4, 0x07, 0x15, 0x71, 0x11, 0x4c, 0x35, 0x97, 0x5d, 0xc0, 0xe6,
++    0x22, 0xc9, 0x8a, 0x7b, 0x96, 0xc9, 0xc3, 0xe4, 0x2b, 0x1e, 0x88, 0x17, 0x4f, 0x98, 0x9b, 0xf3,
++    0x42, 0x23, 0x0c, 0xa0, 0xfa, 0x19, 0x03, 0x2a, 0xf7, 0x13, 0x2d, 0x27, 0xac, 0x9f, 0xaf, 0x2d,
++    0xa3, 0xce, 0xf7, 0x63, 0xbb, 0x39, 0x9f, 0x72, 0x80, 0xdd, 0x6c, 0x73, 0x00, 0x85, 0x70, 0xf2,
++    0xed, 0x50, 0xed, 0xa0, 0x74, 0x42, 0xd7, 0x22, 0x46, 0x24, 0xee, 0x67, 0xdf, 0xb5, 0x45, 0xe8,
++    0x49, 0xf4, 0x9c, 0xe4, 0x00, 0x83, 0xf2, 0x27, 0x8e, 0xa2, 0xb1, 0xc3, 0xc2, 0x01, 0xd7, 0x59,
++    0x2e, 0x4d, 0xac, 0x49, 0xa2, 0xc1, 0x8d, 0x88, 0x4b, 0xfe, 0x28, 0xe5, 0xac, 0xa6, 0x85, 0xc4,
++    0x1f, 0xf8, 0xc5, 0xc5, 0x14, 0x4e, 0xa3, 0xcb, 0x17, 0xb7, 0x64, 0xb3, 0xc2, 0x12, 0xf8, 0xf8,
++    0x36, 0x99, 0x1c, 0x91, 0x9b, 0xbd, 0xed, 0x55, 0x0f, 0xfd, 0x49, 0x85, 0xbb, 0x32, 0xad, 0x78,
++    0xc1, 0x74, 0xe6, 0x7c, 0x18, 0x0f, 0x2b, 0x3b, 0xaa, 0xd1, 0x9d, 0x40, 0x71, 0x1d, 0x19, 0x53
++};
++
++static void test_RSA(void)
++{
++    BCRYPT_PKCS1_PADDING_INFO pad;
++    BCRYPT_ALG_HANDLE alg = NULL;
++    BCRYPT_KEY_HANDLE key = NULL;
++    NTSTATUS ret;
++
++    ret = pBCryptOpenAlgorithmProvider(&alg, BCRYPT_RSA_ALGORITHM, NULL, 0);
++    if (ret)
++    {
++        win_skip("Failed to open RSA provider: %08x, skipping test\n", ret);
++        return;
++    }
++
++    ret = pBCryptImportKeyPair(alg, NULL, BCRYPT_RSAPUBLIC_BLOB, &key, rsaPublicBlob, sizeof(rsaPublicBlob), 0);
++    ok(!ret, "pBCryptImportKeyPair failed: %08x\n", ret);
++
++    pad.pszAlgId = BCRYPT_SHA1_ALGORITHM;
++    ret = pBCryptVerifySignature(key, &pad, rsaHash, sizeof(rsaHash), rsaSignature, sizeof(rsaSignature), BCRYPT_PAD_PKCS1);
++    ok(!ret, "pBCryptVerifySignature failed: %08x\n", ret);
++
++    ret = pBCryptVerifySignature(key, NULL, rsaHash, sizeof(rsaHash), rsaSignature, sizeof(rsaSignature), BCRYPT_PAD_PKCS1);
++    ok(ret == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", ret);
++
++    pad.pszAlgId = BCRYPT_SHA1_ALGORITHM;
++    ret = pBCryptVerifySignature(key, &pad, rsaHash, sizeof(rsaHash), rsaSignature, sizeof(rsaSignature), 0);
++    ok(ret == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", ret);
++
++    ret = pBCryptVerifySignature(key, NULL, rsaHash, sizeof(rsaHash), rsaSignature, sizeof(rsaSignature), 0);
++    ok(ret == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", ret);
++
++    pad.pszAlgId = BCRYPT_AES_ALGORITHM;
++    ret = pBCryptVerifySignature(key, &pad, rsaHash, sizeof(rsaHash), rsaSignature, sizeof(rsaSignature), BCRYPT_PAD_PKCS1);
++    ok(ret == STATUS_NOT_SUPPORTED, "Expected STATUS_NOT_SUPPORTED, got %08x\n", ret);
++
++    pad.pszAlgId = NULL;
++    ret = pBCryptVerifySignature(key, &pad, rsaHash, sizeof(rsaHash), rsaSignature, sizeof(rsaSignature), BCRYPT_PAD_PKCS1);
++    ok(ret == STATUS_INVALID_SIGNATURE, "Expected STATUS_INVALID_SIGNATURE, got %08x\n", ret);
++
++    ret = pBCryptDestroyKey(key);
++    ok(!ret, "pBCryptDestroyKey failed: %08x\n", ret);
++
++    ret = pBCryptCloseAlgorithmProvider(alg, 0);
++    ok(!ret, "pBCryptCloseAlgorithmProvider failed: %08x\n", ret);
++}
++
+ START_TEST(bcrypt)
+ {
+     HMODULE module;
+@@ -1744,6 +1838,7 @@ START_TEST(bcrypt)
+     test_BCryptDecrypt();
+     test_key_import_export();
+     test_ECDSA();
++    test_RSA();
+ 
+     if (pBCryptHash) /* >= Win 10 */
+         test_BcryptHash();
+-- 
+2.14.1
+

patches/bcrypt-Improvements/0037-bcrypt-Store-full-ECCKEY_BLOB-struct-in-BCryptImport.patch

@@ -0,0 +1,49 @@
+From 3714e6bcd413355a60a691d38f487f321be93b2a Mon Sep 17 00:00:00 2001
+From: Sebastian Lackner <sebastian@fds-team.de>
+Date: Sat, 14 Oct 2017 22:44:13 +0200
+Subject: bcrypt: Store full ECCKEY_BLOB struct in BCryptImportKeyPair.
+
+---
+ dlls/bcrypt/bcrypt_main.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
+index 3356364a6dc..2aecfb9a227 100644
+--- a/dlls/bcrypt/bcrypt_main.c
++++ b/dlls/bcrypt/bcrypt_main.c
+@@ -1308,6 +1308,7 @@ static void buffer_append_asn1_r_s( struct buffer *buffer, BYTE *r, DWORD r_len,
+ 
+ static NTSTATUS import_gnutls_pubkey_ecc( struct key *key, gnutls_pubkey_t *gnutls_key )
+ {
++    BCRYPT_ECCKEY_BLOB *ecc_blob;
+     gnutls_ecc_curve_t curve;
+     gnutls_datum_t x, y;
+     int ret;
+@@ -1328,10 +1329,11 @@ static NTSTATUS import_gnutls_pubkey_ecc( struct key *key, gnutls_pubkey_t *gnut
+         return STATUS_INTERNAL_ERROR;
+     }
+ 
+-    x.data = key->u.a.pubkey;
+-    x.size = key->u.a.pubkey_len / 2;
+-    y.data = key->u.a.pubkey + x.size;
+-    y.size = x.size;
++    ecc_blob = (BCRYPT_ECCKEY_BLOB *)key->u.a.pubkey;
++    x.data = key->u.a.pubkey + sizeof(*ecc_blob);
++    x.size = ecc_blob->cbKey;
++    y.data = key->u.a.pubkey + sizeof(*ecc_blob) + ecc_blob->cbKey;
++    y.size = ecc_blob->cbKey;
+ 
+     if ((ret = pgnutls_pubkey_import_ecc_raw( *gnutls_key, curve, &x, &y )))
+     {
+@@ -1846,7 +1848,7 @@ NTSTATUS WINAPI BCryptImportKeyPair( BCRYPT_ALG_HANDLE algorithm, BCRYPT_KEY_HAN
+             return STATUS_NO_MEMORY;
+ 
+         key->hdr.magic = MAGIC_KEY;
+-        if ((status = key_asymmetric_init( key, alg, (BYTE *)(ecc_blob + 1), ecc_blob->cbKey * 2 )))
++        if ((status = key_asymmetric_init( key, alg, (BYTE *)ecc_blob, sizeof(*ecc_blob) + ecc_blob->cbKey * 2 )))
+         {
+             HeapFree( GetProcessHeap(), 0, key );
+             return status;
+-- 
+2.14.1
+