Release 3.8

- Resource only DLLs need to be excluded from the Architecture test.

patches/Pipelight/0003-wined3d-allow-changing-strict-drawing-through-an-exp.patch

@@ -1,42 +0,0 @@
-From b0a0388503a1576fb9b1b91ca764251b30f7dd3e Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
-Date: Sun, 20 Jul 2014 22:22:14 +0200
-Subject: wined3d: allow changing strict drawing through an exported function
-
----
- dlls/wined3d/wined3d.spec   | 2 ++
- dlls/wined3d/wined3d_main.c | 5 +++++
- 2 files changed, 7 insertions(+)
-
-diff --git a/dlls/wined3d/wined3d.spec b/dlls/wined3d/wined3d.spec
-index bbd2fb5..2fd0c0e 100644
---- a/dlls/wined3d/wined3d.spec
-+++ b/dlls/wined3d/wined3d.spec
-@@ -220,6 +220,8 @@
- @ cdecl wined3d_stateblock_decref(ptr)
- @ cdecl wined3d_stateblock_incref(ptr)
- 
-+@ cdecl wined3d_strictdrawing_set(long)
-+
- @ cdecl wined3d_swapchain_create(ptr ptr ptr ptr ptr)
- @ cdecl wined3d_swapchain_decref(ptr)
- @ cdecl wined3d_swapchain_get_back_buffer(ptr long)
-diff --git a/dlls/wined3d/wined3d_main.c b/dlls/wined3d/wined3d_main.c
-index 0543d97..6a62697 100644
---- a/dlls/wined3d/wined3d_main.c
-+++ b/dlls/wined3d/wined3d_main.c
-@@ -515,6 +515,11 @@ void wined3d_unregister_window(HWND window)
-     wined3d_wndproc_mutex_unlock();
- }
- 
-+void CDECL wined3d_strictdrawing_set(int value)
-+{
-+    wined3d_settings.strict_draw_ordering = value;
-+}
-+
- /* At process attach */
- BOOL WINAPI DllMain(HINSTANCE inst, DWORD reason, void *reserved)
- {
--- 
-2.7.1
-

patches/advapi32-BuildSecurityDescriptor/0001-advapi32-Implement-BuildSecurityDescriptorW.patch

@@ -1,268 +0,0 @@
-From 95fd708dbdd9f8d61fdd8f1571c44e98c54b8988 Mon Sep 17 00:00:00 2001
-From: Andrew Wesie <awesie@gmail.com>
-Date: Tue, 2 May 2017 00:59:49 -0500
-Subject: [PATCH] advapi32: Implement BuildSecurityDescriptorW.
-
----
- dlls/advapi32/security.c | 218 +++++++++++++++++++++++++++++++++++------------
- 1 file changed, 164 insertions(+), 54 deletions(-)
-
-diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
-index 6f4fb44..3737827 100644
---- a/dlls/advapi32/security.c
-+++ b/dlls/advapi32/security.c
-@@ -48,6 +48,7 @@
- WINE_DEFAULT_DEBUG_CHANNEL(advapi);
- 
- static BOOL ParseStringSidToSid(LPCWSTR StringSid, PSID pSid, LPDWORD cBytes);
-+static DWORD trustee_to_sid(DWORD nDestinationSidLength, PSID pDestinationSid, PTRUSTEEW pTrustee);
- 
- typedef struct _ACEFLAG
- {
-@@ -1255,16 +1256,122 @@ DWORD WINAPI BuildSecurityDescriptorW(
-     IN ULONG cCountOfAccessEntries,
-     IN PEXPLICIT_ACCESSW pListOfAccessEntries,
-     IN ULONG cCountOfAuditEntries,
--    IN PEXPLICIT_ACCESSW pListofAuditEntries,
-+    IN PEXPLICIT_ACCESSW pListOfAuditEntries,
-     IN PSECURITY_DESCRIPTOR pOldSD,
-     IN OUT PULONG lpdwBufferLength,
-     OUT PSECURITY_DESCRIPTOR* pNewSD)
- { 
--    FIXME("(%p,%p,%d,%p,%d,%p,%p,%p,%p) stub!\n",pOwner,pGroup,
--          cCountOfAccessEntries,pListOfAccessEntries,cCountOfAuditEntries,
--          pListofAuditEntries,pOldSD,lpdwBufferLength,pNewSD);
-+    SECURITY_DESCRIPTOR desc;
-+    NTSTATUS status;
-+    DWORD ret = ERROR_SUCCESS;
-+
-+    TRACE("(%p,%p,%d,%p,%d,%p,%p,%p,%p)\n", pOwner, pGroup,
-+          cCountOfAccessEntries, pListOfAccessEntries, cCountOfAuditEntries,
-+          pListOfAuditEntries, pOldSD, lpdwBufferLength, pNewSD);
-  
--    return ERROR_CALL_NOT_IMPLEMENTED;
-+    if (pOldSD)
-+    {
-+        SECURITY_DESCRIPTOR_CONTROL control;
-+        DWORD desc_size, dacl_size = 0, sacl_size = 0, owner_size = 0, group_size = 0;
-+        PACL dacl = NULL, sacl = NULL;
-+        PSID owner = NULL, group = NULL;
-+        DWORD revision;
-+
-+        if ((status = RtlGetControlSecurityDescriptor( pOldSD, &control, &revision )) != STATUS_SUCCESS)
-+            return RtlNtStatusToDosError( status );
-+        if (!(control & SE_SELF_RELATIVE))
-+            return ERROR_INVALID_SECURITY_DESCR;
-+
-+        desc_size = sizeof(desc);
-+        status = RtlSelfRelativeToAbsoluteSD( pOldSD, &desc, &desc_size, dacl, &dacl_size, sacl, &sacl_size,
-+                                              owner, &owner_size, group, &group_size );
-+        if (status == STATUS_BUFFER_TOO_SMALL)
-+        {
-+            if (dacl_size)
-+                dacl = LocalAlloc( LMEM_FIXED, dacl_size );
-+            if (sacl_size)
-+                sacl = LocalAlloc( LMEM_FIXED, sacl_size );
-+            if (owner_size)
-+                owner = LocalAlloc( LMEM_FIXED, owner_size );
-+            if (group_size)
-+                group = LocalAlloc( LMEM_FIXED, group_size );
-+
-+            desc_size = sizeof(desc);
-+            status = RtlSelfRelativeToAbsoluteSD( pOldSD, &desc, &desc_size, dacl, &dacl_size, sacl, &sacl_size,
-+                                                  owner, &owner_size, group, &group_size );
-+        }
-+        if (status != STATUS_SUCCESS)
-+        {
-+            LocalFree( dacl );
-+            LocalFree( sacl );
-+            LocalFree( owner );
-+            LocalFree( group );
-+            return RtlNtStatusToDosError( status );
-+        }
-+    }
-+    else
-+    {
-+        if ((status = RtlCreateSecurityDescriptor( &desc, SECURITY_DESCRIPTOR_REVISION )) != STATUS_SUCCESS)
-+            return RtlNtStatusToDosError( status );
-+    }
-+
-+    if (pOwner)
-+    {
-+        LocalFree( desc.Owner );
-+        desc.Owner = LocalAlloc( LMEM_FIXED, sizeof(MAX_SID) );
-+        if ((ret = trustee_to_sid( sizeof(MAX_SID), desc.Owner, pOwner )))
-+            goto done;
-+    }
-+
-+    if (pGroup)
-+    {
-+        LocalFree( desc.Group );
-+        desc.Group = LocalAlloc( LMEM_FIXED, sizeof(MAX_SID) );
-+        if ((ret = trustee_to_sid( sizeof(MAX_SID), desc.Group, pGroup )))
-+            goto done;
-+    }
-+
-+    if (pListOfAccessEntries)
-+    {
-+        PACL new_dacl;
-+
-+        if ((ret = SetEntriesInAclW( cCountOfAccessEntries, pListOfAccessEntries, desc.Dacl, &new_dacl )))
-+            goto done;
-+
-+        LocalFree( desc.Dacl );
-+        desc.Dacl = new_dacl;
-+        desc.Control |= SE_DACL_PRESENT;
-+    }
-+
-+    if (pListOfAuditEntries)
-+    {
-+        PACL new_sacl;
-+
-+        if ((ret = SetEntriesInAclW( cCountOfAuditEntries, pListOfAuditEntries, desc.Sacl, &new_sacl )))
-+            goto done;
-+
-+        LocalFree( desc.Sacl );
-+        desc.Sacl = new_sacl;
-+        desc.Control |= SE_SACL_PRESENT;
-+    }
-+
-+    *lpdwBufferLength = RtlLengthSecurityDescriptor( &desc );
-+    *pNewSD = LocalAlloc( LMEM_FIXED, *lpdwBufferLength );
-+
-+    if ((status = RtlMakeSelfRelativeSD( &desc, *pNewSD, lpdwBufferLength )) != STATUS_SUCCESS)
-+    {
-+        ret = RtlNtStatusToDosError( status );
-+        LocalFree( *pNewSD );
-+        *pNewSD = NULL;
-+    }
-+
-+done:
-+    /* free absolute descriptor */
-+    LocalFree( desc.Owner );
-+    LocalFree( desc.Group );
-+    LocalFree( desc.Sacl );
-+    LocalFree( desc.Dacl );
-+    return ret;
- } 
- 
- /******************************************************************************
-@@ -3754,6 +3861,56 @@ static void free_trustee_name(TRUSTEE_FORM form, WCHAR *trustee_nameW)
-     }
- }
- 
-+static DWORD trustee_to_sid( DWORD nDestinationSidLength, PSID pDestinationSid, PTRUSTEEW pTrustee )
-+{
-+    if (pTrustee->MultipleTrusteeOperation == TRUSTEE_IS_IMPERSONATE)
-+    {
-+        WARN("bad multiple trustee operation %d\n", pTrustee->MultipleTrusteeOperation);
-+        return ERROR_INVALID_PARAMETER;
-+    }
-+
-+    switch (pTrustee->TrusteeForm)
-+    {
-+    case TRUSTEE_IS_SID:
-+        if (!CopySid(nDestinationSidLength, pDestinationSid, pTrustee->ptstrName))
-+        {
-+            WARN("bad sid %p\n", pTrustee->ptstrName);
-+            return ERROR_INVALID_PARAMETER;
-+        }
-+        break;
-+    case TRUSTEE_IS_NAME:
-+    {
-+        DWORD sid_size = nDestinationSidLength;
-+        DWORD domain_size = MAX_COMPUTERNAME_LENGTH + 1;
-+        SID_NAME_USE use;
-+        if (!strcmpW( pTrustee->ptstrName, CURRENT_USER ))
-+        {
-+            if (!lookup_user_account_name( pDestinationSid, &sid_size, NULL, &domain_size, &use ))
-+            {
-+                return GetLastError();
-+            }
-+        }
-+        else if (!LookupAccountNameW(NULL, pTrustee->ptstrName, pDestinationSid, &sid_size, NULL, &domain_size, &use))
-+        {
-+            WARN("bad user name %s\n", debugstr_w(pTrustee->ptstrName));
-+            return ERROR_INVALID_PARAMETER;
-+        }
-+        break;
-+    }
-+    case TRUSTEE_IS_OBJECTS_AND_SID:
-+        FIXME("TRUSTEE_IS_OBJECTS_AND_SID unimplemented\n");
-+        break;
-+    case TRUSTEE_IS_OBJECTS_AND_NAME:
-+        FIXME("TRUSTEE_IS_OBJECTS_AND_NAME unimplemented\n");
-+        break;
-+    default:
-+        WARN("bad trustee form %d\n", pTrustee->TrusteeForm);
-+        return ERROR_INVALID_PARAMETER;
-+    }
-+
-+    return ERROR_SUCCESS;
-+}
-+
- /******************************************************************************
-  * SetEntriesInAclA [ADVAPI32.@]
-  */
-@@ -3849,56 +4006,9 @@ DWORD WINAPI SetEntriesInAclW( ULONG count, PEXPLICIT_ACCESSW pEntries,
-               pEntries[i].Trustee.TrusteeForm, pEntries[i].Trustee.TrusteeType,
-               pEntries[i].Trustee.ptstrName);
- 
--        if (pEntries[i].Trustee.MultipleTrusteeOperation == TRUSTEE_IS_IMPERSONATE)
--        {
--            WARN("bad multiple trustee operation %d for trustee %d\n", pEntries[i].Trustee.MultipleTrusteeOperation, i);
--            ret = ERROR_INVALID_PARAMETER;
--            goto exit;
--        }
--
--        switch (pEntries[i].Trustee.TrusteeForm)
--        {
--        case TRUSTEE_IS_SID:
--            if (!CopySid(FIELD_OFFSET(SID, SubAuthority[SID_MAX_SUB_AUTHORITIES]),
--                         ppsid[i], pEntries[i].Trustee.ptstrName))
--            {
--                WARN("bad sid %p for trustee %d\n", pEntries[i].Trustee.ptstrName, i);
--                ret = ERROR_INVALID_PARAMETER;
--                goto exit;
--            }
--            break;
--        case TRUSTEE_IS_NAME:
--        {
--            DWORD sid_size = FIELD_OFFSET(SID, SubAuthority[SID_MAX_SUB_AUTHORITIES]);
--            DWORD domain_size = MAX_COMPUTERNAME_LENGTH + 1;
--            SID_NAME_USE use;
--            if (!strcmpW( pEntries[i].Trustee.ptstrName, CURRENT_USER ))
--            {
--                if (!lookup_user_account_name( ppsid[i], &sid_size, NULL, &domain_size, &use ))
--                {
--                    ret = GetLastError();
--                    goto exit;
--                }
--            }
--            else if (!LookupAccountNameW(NULL, pEntries[i].Trustee.ptstrName, ppsid[i], &sid_size, NULL, &domain_size, &use))
--            {
--                WARN("bad user name %s for trustee %d\n", debugstr_w(pEntries[i].Trustee.ptstrName), i);
--                ret = ERROR_INVALID_PARAMETER;
--                goto exit;
--            }
--            break;
--        }
--        case TRUSTEE_IS_OBJECTS_AND_SID:
--            FIXME("TRUSTEE_IS_OBJECTS_AND_SID unimplemented\n");
--            break;
--        case TRUSTEE_IS_OBJECTS_AND_NAME:
--            FIXME("TRUSTEE_IS_OBJECTS_AND_NAME unimplemented\n");
--            break;
--        default:
--            WARN("bad trustee form %d for trustee %d\n", pEntries[i].Trustee.TrusteeForm, i);
--            ret = ERROR_INVALID_PARAMETER;
-+        ret = trustee_to_sid( FIELD_OFFSET(SID, SubAuthority[SID_MAX_SUB_AUTHORITIES]), ppsid[i], &pEntries[i].Trustee);
-+        if (ret)
-             goto exit;
--        }
- 
-         /* Note: we overestimate the ACL size here as a tradeoff between
-          * instructions (simplicity) and memory */
--- 
-1.9.1
-

patches/advapi32-BuildSecurityDescriptor/0002-advapi32-tests-Add-basic-tests-for-BuildSecurityDesc.patch

@@ -1,69 +0,0 @@
-From 09d62cfc4fa999eacc89af2ad414810e22c910a9 Mon Sep 17 00:00:00 2001
-From: Sebastian Lackner <sebastian@fds-team.de>
-Date: Fri, 5 May 2017 00:18:50 +0200
-Subject: advapi32/tests: Add basic tests for BuildSecurityDescriptor.
-
----
- dlls/advapi32/tests/security.c | 39 +++++++++++++++++++++++++++++++++++++++
- 1 file changed, 39 insertions(+)
-
-diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
-index ca5edffae5..db5a0f934c 100644
---- a/dlls/advapi32/tests/security.c
-+++ b/dlls/advapi32/tests/security.c
-@@ -7217,6 +7217,44 @@ static void test_GetExplicitEntriesFromAclW(void)
-     HeapFree(GetProcessHeap(), 0, old_acl);
- }
- 
-+static void test_BuildSecurityDescriptorW(void)
-+{
-+    SECURITY_DESCRIPTOR old_sd, *new_sd, *rel_sd;
-+    ULONG new_sd_size;
-+    DWORD buf_size;
-+    char buf[1024];
-+    BOOL success;
-+    DWORD ret;
-+
-+    InitializeSecurityDescriptor(&old_sd, SECURITY_DESCRIPTOR_REVISION);
-+
-+    buf_size = sizeof(buf);
-+    rel_sd = (SECURITY_DESCRIPTOR *)buf;
-+    success = MakeSelfRelativeSD(&old_sd, rel_sd, &buf_size);
-+    ok(success, "MakeSelfRelativeSD failed with %u\n", GetLastError());
-+
-+    new_sd = NULL;
-+    new_sd_size = 0;
-+    ret = BuildSecurityDescriptorW(NULL, NULL, 0, NULL, 0, NULL, NULL, &new_sd_size, (void **)&new_sd);
-+    ok(ret == ERROR_SUCCESS, "BuildSecurityDescriptor failed with %u\n", ret);
-+    ok(new_sd != NULL, "expected new_sd != NULL\n");
-+    ok(new_sd_size == sizeof(old_sd), "expected new_sd_size == sizeof(old_sd), got %u\n", new_sd_size);
-+    LocalFree(new_sd);
-+
-+    new_sd = (void *)0xdeadbeef;
-+    ret = BuildSecurityDescriptorW(NULL, NULL, 0, NULL, 0, NULL, &old_sd, &new_sd_size, (void **)&new_sd);
-+    ok(ret == ERROR_INVALID_SECURITY_DESCR, "expected ERROR_INVALID_SECURITY_DESCR, got %u\n", ret);
-+    ok(new_sd == (void *)0xdeadbeef, "expected new_sd == 0xdeadbeef, got %p\n", new_sd);
-+
-+    new_sd = NULL;
-+    new_sd_size = 0;
-+    ret = BuildSecurityDescriptorW(NULL, NULL, 0, NULL, 0, NULL, rel_sd, &new_sd_size, (void **)&new_sd);
-+    ok(ret == ERROR_SUCCESS, "BuildSecurityDescriptor failed with %u\n", ret);
-+    ok(new_sd != NULL, "expected new_sd != NULL\n");
-+    ok(new_sd_size == sizeof(old_sd), "expected new_sd_size == sizeof(old_sd), got %u\n", new_sd_size);
-+    LocalFree(new_sd);
-+}
-+
- START_TEST(security)
- {
-     init();
-@@ -7271,6 +7309,7 @@ START_TEST(security)
-     test_maximum_allowed();
-     test_token_label();
-     test_GetExplicitEntriesFromAclW();
-+    test_BuildSecurityDescriptorW();
- 
-     /* Must be the last test, modifies process token */
-     test_token_security_descriptor();
--- 
-2.13.1
-

patches/advapi32-BuildSecurityDescriptor/definition

@@ -1 +0,0 @@
-Fixes: [37594] Initial implementation of advapi32.BuildSecurityDescriptorW

patches/advapi32-CreateRestrictedToken/0001-ntdll-Implement-NtFilterToken.patch

@@ -1,4 +1,4 @@
-From 3f314cc8251f62f592013abe7b1c3b977de0699a Mon Sep 17 00:00:00 2001
+From 1eb8acd819f9eee8fdf154d0ef43881008265916 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Fri, 4 Aug 2017 02:33:14 +0200
 Subject: ntdll: Implement NtFilterToken.
@@ -15,10 +15,10 @@ Subject: ntdll: Implement NtFilterToken.
  8 files changed, 162 insertions(+), 5 deletions(-)
 
 diff --git a/dlls/ntdll/nt.c b/dlls/ntdll/nt.c
-index 93554e929be..5822dec9b15 100644
+index c3f5df3..59a08de 100644
 --- a/dlls/ntdll/nt.c
 +++ b/dlls/ntdll/nt.c
-@@ -136,6 +136,65 @@ NTSTATUS WINAPI NtDuplicateToken(
+@@ -119,6 +119,65 @@ NTSTATUS WINAPI NtDuplicateToken(
  }
  
  /******************************************************************************
@@ -85,10 +85,10 @@ index 93554e929be..5822dec9b15 100644
   *  ZwOpenProcessToken		[NTDLL.@]
   */
 diff --git a/dlls/ntdll/ntdll.spec b/dlls/ntdll/ntdll.spec
-index 4f7ee496437..275fda57970 100644
+index c260b0d..3c5e69c 100644
 --- a/dlls/ntdll/ntdll.spec
 +++ b/dlls/ntdll/ntdll.spec
-@@ -179,7 +179,7 @@
+@@ -176,7 +176,7 @@
  # @ stub NtEnumerateSystemEnvironmentValuesEx
  @ stdcall NtEnumerateValueKey(long long long ptr long ptr)
  @ stub NtExtendSection
@@ -98,10 +98,10 @@ index 4f7ee496437..275fda57970 100644
  @ stdcall NtFlushBuffersFile(long ptr)
  @ stdcall NtFlushInstructionCache(long ptr long)
 diff --git a/include/winnt.h b/include/winnt.h
-index f91f81eb559..891c9b6d4bb 100644
+index 16d96d8..4e238f9 100644
 --- a/include/winnt.h
 +++ b/include/winnt.h
-@@ -3844,6 +3844,11 @@ typedef enum _TOKEN_INFORMATION_CLASS {
+@@ -3904,6 +3904,11 @@ typedef enum _TOKEN_INFORMATION_CLASS {
  					TOKEN_ADJUST_SESSIONID | \
  					TOKEN_ADJUST_DEFAULT )
  
@@ -114,10 +114,10 @@ index f91f81eb559..891c9b6d4bb 100644
  #define _SECURITY_DEFINED
  
 diff --git a/include/winternl.h b/include/winternl.h
-index 140669b0105..899e8324d67 100644
+index c84e6d7..288f93e 100644
 --- a/include/winternl.h
 +++ b/include/winternl.h
-@@ -2348,6 +2348,7 @@ NTSYSAPI NTSTATUS  WINAPI NtDuplicateToken(HANDLE,ACCESS_MASK,POBJECT_ATTRIBUTES
+@@ -2303,6 +2303,7 @@ NTSYSAPI NTSTATUS  WINAPI NtDuplicateToken(HANDLE,ACCESS_MASK,POBJECT_ATTRIBUTES
  NTSYSAPI NTSTATUS  WINAPI NtEnumerateKey(HANDLE,ULONG,KEY_INFORMATION_CLASS,void *,DWORD,DWORD *);
  NTSYSAPI NTSTATUS  WINAPI NtEnumerateValueKey(HANDLE,ULONG,KEY_VALUE_INFORMATION_CLASS,PVOID,ULONG,PULONG);
  NTSYSAPI NTSTATUS  WINAPI NtExtendSection(HANDLE,PLARGE_INTEGER);
@@ -126,10 +126,10 @@ index 140669b0105..899e8324d67 100644
  NTSYSAPI NTSTATUS  WINAPI NtFlushBuffersFile(HANDLE,IO_STATUS_BLOCK*);
  NTSYSAPI NTSTATUS  WINAPI NtFlushInstructionCache(HANDLE,LPCVOID,SIZE_T);
 diff --git a/server/process.c b/server/process.c
-index cbe726afe81..f0f60edcd3f 100644
+index f8739d0..71d9d6d 100644
 --- a/server/process.c
 +++ b/server/process.c
-@@ -571,7 +571,7 @@ struct thread *create_process( int fd, struct thread *parent_thread, int inherit
+@@ -566,7 +566,7 @@ struct thread *create_process( int fd, struct thread *parent_thread, int inherit
                                         : alloc_handle_table( process, 0 );
          /* Note: for security reasons, starting a new process does not attempt
           * to use the current impersonation token for the new process */
@@ -139,10 +139,10 @@ index cbe726afe81..f0f60edcd3f 100644
      }
      if (!process->handles || !process->token) goto error;
 diff --git a/server/protocol.def b/server/protocol.def
-index fc6e343af52..b3dce66eb9c 100644
+index 35824ae..6ee6d28 100644
 --- a/server/protocol.def
 +++ b/server/protocol.def
-@@ -3391,6 +3391,16 @@ enum caret_state
+@@ -3356,6 +3356,16 @@ enum caret_state
      obj_handle_t  new_handle; /* duplicated handle */
  @END
  
@@ -160,10 +160,10 @@ index fc6e343af52..b3dce66eb9c 100644
      obj_handle_t    handle; /* handle to the token */
      unsigned int    desired_access; /* desired access to the object */
 diff --git a/server/security.h b/server/security.h
-index 606dbb2ab2c..6c337143c3d 100644
+index 873bbc6..bc4a8f6 100644
 --- a/server/security.h
 +++ b/server/security.h
-@@ -56,7 +56,9 @@ extern const PSID security_high_label_sid;
+@@ -55,7 +55,9 @@ extern const PSID security_high_label_sid;
  extern struct token *token_create_admin(void);
  extern int token_assign_label( struct token *token, PSID label );
  extern struct token *token_duplicate( struct token *src_token, unsigned primary,
@@ -175,10 +175,10 @@ index 606dbb2ab2c..6c337143c3d 100644
                                     const LUID_AND_ATTRIBUTES *reqprivs,
                                     unsigned int count, LUID_AND_ATTRIBUTES *usedprivs);
 diff --git a/server/token.c b/server/token.c
-index 74db66e1e24..acd7a4dedb5 100644
+index 0810a61..2f6a467 100644
 --- a/server/token.c
 +++ b/server/token.c
-@@ -299,6 +299,19 @@ static int acl_is_valid( const ACL *acl, data_size_t size )
+@@ -276,6 +276,19 @@ static int acl_is_valid( const ACL *acl, data_size_t size )
      return TRUE;
  }
  
@@ -198,7 +198,7 @@ index 74db66e1e24..acd7a4dedb5 100644
  /* checks whether all members of a security descriptor fit inside the size
   * of memory specified */
  int sd_is_valid( const struct security_descriptor *sd, data_size_t size )
-@@ -639,8 +652,36 @@ static struct token *create_token( unsigned primary, const SID *user,
+@@ -619,8 +632,36 @@ static struct token *create_token( unsigned primary, const SID *user,
      return token;
  }
  
@@ -236,7 +236,7 @@ index 74db66e1e24..acd7a4dedb5 100644
  {
      const luid_t *modified_id =
          primary || (impersonation_level == src_token->impersonation_level) ?
-@@ -676,6 +717,12 @@ struct token *token_duplicate( struct token *src_token, unsigned primary,
+@@ -656,6 +697,12 @@ struct token *token_duplicate( struct token *src_token, unsigned primary,
              return NULL;
          }
          memcpy( newgroup, group, size );
@@ -248,8 +248,8 @@ index 74db66e1e24..acd7a4dedb5 100644
 +        }
          list_add_tail( &token->groups, &newgroup->entry );
          if (src_token->primary_group == &group->sid)
-             token->primary_group = &newgroup->sid;
-@@ -684,11 +731,14 @@ struct token *token_duplicate( struct token *src_token, unsigned primary,
+         {
+@@ -667,11 +714,14 @@ struct token *token_duplicate( struct token *src_token, unsigned primary,
  
      /* copy privileges */
      LIST_FOR_EACH_ENTRY( privilege, &src_token->privileges, struct privilege, entry )
@@ -264,7 +264,7 @@ index 74db66e1e24..acd7a4dedb5 100644
  
      if (sd) default_set_sd( &token->obj, sd, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
                              DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION );
-@@ -1322,7 +1372,7 @@ DECL_HANDLER(duplicate_token)
+@@ -1304,7 +1354,7 @@ DECL_HANDLER(duplicate_token)
                                                       TOKEN_DUPLICATE,
                                                       &token_ops )))
      {
@@ -273,7 +273,7 @@ index 74db66e1e24..acd7a4dedb5 100644
          if (token)
          {
              reply->new_handle = alloc_handle_no_access_check( current->process, token, req->access, objattr->attributes );
-@@ -1332,6 +1382,36 @@ DECL_HANDLER(duplicate_token)
+@@ -1314,6 +1364,36 @@ DECL_HANDLER(duplicate_token)
      }
  }
  
@@ -311,5 +311,5 @@ index 74db66e1e24..acd7a4dedb5 100644
  DECL_HANDLER(check_token_privileges)
  {
 -- 
-2.13.1
+2.7.4
 

patches/advapi32-Token_Integrity_Level/0005-server-Use-all-group-attributes-in-create_token.patch

@@ -1,4 +1,4 @@
-From 77c9e6c6f408a2b59a79f3773a379a43b6994f2c Mon Sep 17 00:00:00 2001
+From 48f4c131f9e8ffc091dde12437ad0772ed1c5ca6 Mon Sep 17 00:00:00 2001
 From: Sebastian Lackner <sebastian@fds-team.de>
 Date: Sun, 6 Aug 2017 15:16:33 +0200
 Subject: server: Use all group attributes in create_token.
@@ -8,10 +8,10 @@ Subject: server: Use all group attributes in create_token.
  1 file changed, 7 insertions(+), 7 deletions(-)
 
 diff --git a/server/token.c b/server/token.c
-index 8d2de6ab58e..e61fe97bfa0 100644
+index 0019b3a..2a56664 100644
 --- a/server/token.c
 +++ b/server/token.c
-@@ -613,13 +613,13 @@ static struct token *create_token( unsigned primary, const SID *user,
+@@ -592,13 +592,13 @@ static struct token *create_token( unsigned primary, const SID *user,
                  return NULL;
              }
              memcpy( &group->sid, groups[i].Sid, security_sid_len( groups[i].Sid ));
@@ -29,9 +29,9 @@ index 8d2de6ab58e..e61fe97bfa0 100644
 +            group->logon     = (groups[i].Attributes & SE_GROUP_LOGON_ID) != 0;
 +            group->resource  = (groups[i].Attributes & SE_GROUP_RESOURCE) != 0;
              list_add_tail( &token->groups, &group->entry );
-             /* Use first owner capable group as an owner */
+             /* Use first owner capable group as owner and primary group */
              if (!token->primary_group && group->owner)
-@@ -1628,8 +1628,8 @@ DECL_HANDLER(get_token_groups)
+@@ -1603,8 +1603,8 @@ DECL_HANDLER(get_token_groups)
                      if (group->enabled) *attr_ptr |= SE_GROUP_ENABLED;
                      if (group->owner) *attr_ptr |= SE_GROUP_OWNER;
                      if (group->deny_only) *attr_ptr |= SE_GROUP_USE_FOR_DENY_ONLY;
@@ -42,5 +42,5 @@ index 8d2de6ab58e..e61fe97bfa0 100644
                      memcpy(sid_ptr, &group->sid, security_sid_len( &group->sid ));
  
 -- 
-2.13.1
+2.7.4
 

patches/advapi32-Token_Integrity_Level/0009-kernel32-Implement-CreateProcessInternalW.patch

@@ -1,4 +1,4 @@
-From 796879e9a1840f7b893933d37821751cf1d35048 Mon Sep 17 00:00:00 2001
+From a7af0ee96959aab299e543e9d6938e2533780c47 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sat, 5 Aug 2017 04:02:16 +0200
 Subject: [PATCH] kernel32: Implement CreateProcessInternalW.
@@ -11,7 +11,7 @@ Subject: [PATCH] kernel32: Implement CreateProcessInternalW.
  4 files changed, 17 insertions(+), 12 deletions(-)
 
 diff --git a/dlls/kernel32/kernel32.spec b/dlls/kernel32/kernel32.spec
-index 60809f4..59915f9 100644
+index e78c1ca..fde5f18 100644
 --- a/dlls/kernel32/kernel32.spec
 +++ b/dlls/kernel32/kernel32.spec
 @@ -315,7 +315,7 @@
@@ -24,10 +24,10 @@ index 60809f4..59915f9 100644
  @ stdcall CreateProcessW(wstr wstr ptr ptr long long ptr wstr ptr ptr)
  @ stdcall CreateRemoteThread(long ptr long ptr long long ptr)
 diff --git a/dlls/kernel32/process.c b/dlls/kernel32/process.c
-index e7f9fd9..d37003c 100644
+index 2075dfd..f9606be 100644
 --- a/dlls/kernel32/process.c
 +++ b/dlls/kernel32/process.c
-@@ -2432,12 +2432,13 @@ static LPWSTR get_file_name( LPCWSTR appname, LPWSTR cmdline, LPWSTR buffer,
+@@ -2436,12 +2436,13 @@ static LPWSTR get_file_name( LPCWSTR appname, LPWSTR cmdline, LPWSTR buffer,
      return ret;
  }
  
@@ -47,7 +47,7 @@ index e7f9fd9..d37003c 100644
  {
      BOOL retv = FALSE;
      HANDLE hFile = 0;
-@@ -2450,6 +2451,9 @@ static BOOL create_process_impl( LPCWSTR app_name, LPWSTR cmd_line, LPSECURITY_A
+@@ -2454,6 +2455,9 @@ static BOOL create_process_impl( LPCWSTR app_name, LPWSTR cmd_line, LPSECURITY_A
  
      TRACE("app %s cmdline %s\n", debugstr_w(app_name), debugstr_w(cmd_line) );
  
@@ -57,7 +57,7 @@ index e7f9fd9..d37003c 100644
      if (!(tidy_cmdline = get_file_name( app_name, cmd_line, name, sizeof(name)/sizeof(WCHAR),
                                          &hFile, &binary_info )))
          return FALSE;
-@@ -2601,8 +2605,8 @@ BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessA( LPCSTR app_name, LPSTR cmd_line, L
+@@ -2605,8 +2609,8 @@ BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessA( LPCSTR app_name, LPSTR cmd_line, L
        FIXME("StartupInfo.lpReserved is used, please report (%s)\n",
              debugstr_a(startup_info->lpReserved));
  
@@ -68,7 +68,7 @@ index e7f9fd9..d37003c 100644
  done:
      HeapFree( GetProcessHeap(), 0, app_nameW );
      HeapFree( GetProcessHeap(), 0, cmd_lineW );
-@@ -2621,8 +2625,8 @@ BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW( LPCWSTR app_name, LPWSTR cmd_line,
+@@ -2625,8 +2629,8 @@ BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW( LPCWSTR app_name, LPWSTR cmd_line,
                                                LPVOID env, LPCWSTR cur_dir, LPSTARTUPINFOW startup_info,
                                                LPPROCESS_INFORMATION info )
  {
@@ -80,7 +80,7 @@ index e7f9fd9..d37003c 100644
  
  
 diff --git a/dlls/kernelbase/kernelbase.spec b/dlls/kernelbase/kernelbase.spec
-index 1a6f1ff..8d2b722 100644
+index 8cac67f..e8fd7aa 100644
 --- a/dlls/kernelbase/kernelbase.spec
 +++ b/dlls/kernelbase/kernelbase.spec
 @@ -209,7 +209,7 @@
@@ -93,7 +93,7 @@ index 1a6f1ff..8d2b722 100644
  @ stdcall CreateRemoteThread(long ptr long ptr long long ptr) kernel32.CreateRemoteThread
  @ stdcall CreateRemoteThreadEx(long ptr long ptr ptr long ptr ptr) kernel32.CreateRemoteThreadEx
 diff --git a/include/winbase.h b/include/winbase.h
-index 8d65d78..35a2213 100644
+index 4ddc1d3..e21cf6e 100644
 --- a/include/winbase.h
 +++ b/include/winbase.h
 @@ -1856,6 +1856,7 @@ WINBASEAPI BOOL        WINAPI CreateProcessW(LPCWSTR,LPWSTR,LPSECURITY_ATTRIBUTE

patches/advapi32-Token_Integrity_Level/0010-server-Implement-support-for-creating-processes-usin.patch

@@ -1,7 +1,8 @@
-From 2993a76ec1711bb3ea1e889289f8d129f17ae2a3 Mon Sep 17 00:00:00 2001
+From 23181e8cbe07ac0fd3b6effd04624122a6b0024f Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sun, 6 Aug 2017 02:08:05 +0200
-Subject: server: Implement support for creating processes using a token.
+Subject: [PATCH] server: Implement support for creating processes using a
+ token.
 
 ---
  dlls/kernel32/process.c | 33 ++++++++++++++++++---------------
@@ -14,10 +15,10 @@ Subject: server: Implement support for creating processes using a token.
  7 files changed, 59 insertions(+), 21 deletions(-)
 
 diff --git a/dlls/kernel32/process.c b/dlls/kernel32/process.c
-index c3dcd1349b3..69a026d5441 100644
+index f9606be..c0b89f9 100644
 --- a/dlls/kernel32/process.c
 +++ b/dlls/kernel32/process.c
-@@ -2051,7 +2051,7 @@ static NTSTATUS create_struct_sd(PSECURITY_DESCRIPTOR nt_sd, struct security_des
+@@ -2034,7 +2034,7 @@ static NTSTATUS create_struct_sd(PSECURITY_DESCRIPTOR nt_sd, struct security_des
   * Create a new process. If hFile is a valid handle we have an exe
   * file, otherwise it is a Winelib app.
   */
@@ -26,7 +27,7 @@ index c3dcd1349b3..69a026d5441 100644
                              LPCWSTR cur_dir, LPSECURITY_ATTRIBUTES psa, LPSECURITY_ATTRIBUTES tsa,
                              BOOL inherit, DWORD flags, LPSTARTUPINFOW startup,
                              LPPROCESS_INFORMATION info, LPCSTR unixdir,
-@@ -2197,6 +2197,7 @@ static BOOL create_process( HANDLE hFile, LPCWSTR filename, LPWSTR cmd_line, LPW
+@@ -2180,6 +2180,7 @@ static BOOL create_process( HANDLE hFile, LPCWSTR filename, LPWSTR cmd_line, LPW
          req->info_size      = startup_info_size;
          req->env_size       = (env_end - env) * sizeof(WCHAR);
          req->process_sd_size = process_sd_size;
@@ -34,7 +35,7 @@ index c3dcd1349b3..69a026d5441 100644
  
          wine_server_add_data( req, startup_info, startup_info_size );
          wine_server_add_data( req, env, (env_end - env) * sizeof(WCHAR) );
-@@ -2297,7 +2298,7 @@ error:
+@@ -2280,7 +2281,7 @@ error:
   *
   * Create a new VDM process for a 16-bit or DOS application.
   */
@@ -43,7 +44,7 @@ index c3dcd1349b3..69a026d5441 100644
                                  LPSECURITY_ATTRIBUTES psa, LPSECURITY_ATTRIBUTES tsa,
                                  BOOL inherit, DWORD flags, LPSTARTUPINFOW startup,
                                  LPPROCESS_INFORMATION info, LPCSTR unixdir,
-@@ -2321,7 +2322,7 @@ static BOOL create_vdm_process( LPCWSTR filename, LPWSTR cmd_line, LPWSTR env, L
+@@ -2304,7 +2305,7 @@ static BOOL create_vdm_process( LPCWSTR filename, LPWSTR cmd_line, LPWSTR env, L
          return FALSE;
      }
      sprintfW(new_cmd_line, argsW, winevdmW, buffer, cmd_line);
@@ -52,7 +53,7 @@ index c3dcd1349b3..69a026d5441 100644
                            flags, startup, info, unixdir, binary_info, exec_only );
      HeapFree( GetProcessHeap(), 0, new_cmd_line );
      return ret;
-@@ -2333,7 +2334,7 @@ static BOOL create_vdm_process( LPCWSTR filename, LPWSTR cmd_line, LPWSTR env, L
+@@ -2316,7 +2317,7 @@ static BOOL create_vdm_process( LPCWSTR filename, LPWSTR cmd_line, LPWSTR env, L
   *
   * Create a new cmd shell process for a .BAT file.
   */
@@ -61,10 +62,10 @@ index c3dcd1349b3..69a026d5441 100644
                                  LPSECURITY_ATTRIBUTES psa, LPSECURITY_ATTRIBUTES tsa,
                                  BOOL inherit, DWORD flags, LPSTARTUPINFOW startup,
                                  LPPROCESS_INFORMATION info )
-@@ -2358,8 +2359,8 @@ static BOOL create_cmd_process( LPCWSTR filename, LPWSTR cmd_line, LPVOID env, L
-     strcpyW( newcmdline, comspec );
-     strcatW( newcmdline, slashcW );
+@@ -2344,8 +2345,8 @@ static BOOL create_cmd_process( LPCWSTR filename, LPWSTR cmd_line, LPVOID env, L
+     strcatW( newcmdline, quotW );
      strcatW( newcmdline, cmd_line );
+     strcatW( newcmdline, quotW );
 -    ret = CreateProcessW( comspec, newcmdline, psa, tsa, inherit,
 -                          flags, env, cur_dir, startup, info );
 +    ret = CreateProcessInternalW( token, comspec, newcmdline, psa, tsa, inherit,
@@ -72,7 +73,7 @@ index c3dcd1349b3..69a026d5441 100644
      HeapFree( GetProcessHeap(), 0, newcmdline );
      return ret;
  }
-@@ -2469,7 +2470,9 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
+@@ -2455,7 +2456,9 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
  
      TRACE("app %s cmdline %s\n", debugstr_w(app_name), debugstr_w(cmd_line) );
  
@@ -83,7 +84,7 @@ index c3dcd1349b3..69a026d5441 100644
      if (new_token) FIXME("No support for returning created process token\n");
  
      if (!(tidy_cmdline = get_file_name( app_name, cmd_line, name, sizeof(name)/sizeof(WCHAR),
-@@ -2527,20 +2530,20 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
+@@ -2513,20 +2516,20 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
                 debugstr_w(name), (binary_info.flags & BINARY_FLAG_64BIT) ? 64 : 32,
                 wine_dbgstr_longlong(binary_info.res_start), wine_dbgstr_longlong(binary_info.res_end),
                 binary_info.arch, (binary_info.flags & BINARY_FLAG_FAKEDLL) ? ", fakedll" : "" );
@@ -107,7 +108,7 @@ index c3dcd1349b3..69a026d5441 100644
                                 inherit, flags, startup_info, info, unixdir, &binary_info, FALSE );
          break;
      case BINARY_UNKNOWN:
-@@ -2552,7 +2555,7 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
+@@ -2538,7 +2541,7 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
                  TRACE( "starting %s as DOS binary\n", debugstr_w(name) );
                  binary_info.type = BINARY_DOS;
                  binary_info.arch = IMAGE_FILE_MACHINE_I386;
@@ -116,7 +117,7 @@ index c3dcd1349b3..69a026d5441 100644
                                             inherit, flags, startup_info, info, unixdir,
                                             &binary_info, FALSE );
                  break;
-@@ -2560,7 +2563,7 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
+@@ -2546,7 +2549,7 @@ BOOL WINAPI CreateProcessInternalW( HANDLE token, LPCWSTR app_name, LPWSTR cmd_l
              if (!strcmpiW( p, batW ) || !strcmpiW( p, cmdW ) )
              {
                  TRACE( "starting %s as batch binary\n", debugstr_w(name) );
@@ -125,7 +126,7 @@ index c3dcd1349b3..69a026d5441 100644
                                             inherit, flags, startup_info, info );
                  break;
              }
-@@ -2680,12 +2683,12 @@ static void exec_process( LPCWSTR name )
+@@ -2666,12 +2669,12 @@ static void exec_process( LPCWSTR name )
                 debugstr_w(name), (binary_info.flags & BINARY_FLAG_64BIT) ? 64 : 32,
                 wine_dbgstr_longlong(binary_info.res_start), wine_dbgstr_longlong(binary_info.res_end),
                 binary_info.arch );
@@ -140,7 +141,7 @@ index c3dcd1349b3..69a026d5441 100644
                          FALSE, 0, &startup_info, &info, NULL, &binary_info, TRUE );
          break;
      case BINARY_UNKNOWN:
-@@ -2699,7 +2702,7 @@ static void exec_process( LPCWSTR name )
+@@ -2685,7 +2688,7 @@ static void exec_process( LPCWSTR name )
      case BINARY_WIN16:
      case BINARY_DOS:
          TRACE( "starting %s as Win16/DOS binary\n", debugstr_w(name) );
@@ -150,7 +151,7 @@ index c3dcd1349b3..69a026d5441 100644
          break;
      default:
 diff --git a/server/process.c b/server/process.c
-index 81cea2f1baa..7d2206f2744 100644
+index 81cea2f..7d2206f 100644
 --- a/server/process.c
 +++ b/server/process.c
 @@ -496,7 +496,7 @@ static void start_sigkill_timer( struct process *process )
@@ -234,7 +235,7 @@ index 81cea2f1baa..7d2206f2744 100644
  }
  
 diff --git a/server/process.h b/server/process.h
-index 78e88ec350a..313c36ab241 100644
+index 78e88ec..313c36a 100644
 --- a/server/process.h
 +++ b/server/process.h
 @@ -114,7 +114,7 @@ struct process_snapshot
@@ -247,10 +248,10 @@ index 78e88ec350a..313c36ab241 100644
  extern struct thread *get_process_first_thread( struct process *process );
  extern struct process *get_process_from_id( process_id_t id );
 diff --git a/server/protocol.def b/server/protocol.def
-index 1ea129fec08..95513fef6c3 100644
+index 5fb6e38..f0bc83b 100644
 --- a/server/protocol.def
 +++ b/server/protocol.def
-@@ -739,6 +739,7 @@ struct rawinput_device
+@@ -748,6 +748,7 @@ struct rawinput_device
      data_size_t  info_size;      /* size of startup info */
      data_size_t  env_size;       /* size of the environment */
      data_size_t  process_sd_size;/* size of the process security descriptor */
@@ -259,7 +260,7 @@ index 1ea129fec08..95513fef6c3 100644
      VARARG(env,unicode_str,env_size);                       /* environment for new process */
      VARARG(process_sd,security_descriptor,process_sd_size); /* security descriptor to set on the process */
 diff --git a/server/request.c b/server/request.c
-index 6120bc550ff..a648c306496 100644
+index 6120bc5..a648c30 100644
 --- a/server/request.c
 +++ b/server/request.c
 @@ -570,7 +570,7 @@ static void master_socket_poll_event( struct fd *fd, int event )
@@ -272,7 +273,7 @@ index 6120bc550ff..a648c306496 100644
  }
  
 diff --git a/server/security.h b/server/security.h
-index 21e90ccf23f..32dfe5f8db9 100644
+index 21e90cc..32dfe5f 100644
 --- a/server/security.h
 +++ b/server/security.h
 @@ -67,6 +67,8 @@ extern const ACL *token_get_default_dacl( struct token *token );
@@ -285,10 +286,10 @@ index 21e90ccf23f..32dfe5f8db9 100644
  static inline const ACE_HEADER *ace_next( const ACE_HEADER *ace )
  {
 diff --git a/server/token.c b/server/token.c
-index 49e84362a83..f6b6165d7a9 100644
+index de1d624..2804247 100644
 --- a/server/token.c
 +++ b/server/token.c
-@@ -843,6 +843,12 @@ int token_assign_label( struct token *token, PSID label )
+@@ -836,6 +836,12 @@ int token_assign_label( struct token *token, PSID label )
      return ret;
  }
  
@@ -301,7 +302,7 @@ index 49e84362a83..f6b6165d7a9 100644
  struct token *token_create_admin( void )
  {
      struct token *token = NULL;
-@@ -1269,6 +1275,11 @@ const SID *token_get_primary_group( struct token *token )
+@@ -1263,6 +1269,11 @@ const SID *token_get_primary_group( struct token *token )
      return token->primary_group;
  }
  
@@ -314,5 +315,5 @@ index 49e84362a83..f6b6165d7a9 100644
  {
      GENERIC_MAPPING mapping;
 -- 
-2.14.2
+1.9.1
 

patches/advapi32-Token_Integrity_Level/0014-programs-runas-Basic-implementation-for-starting-pro.patch

@@ -1,4 +1,4 @@
-From 05b8bc95cff5742cf02b67afa3d6fc875d26e041 Mon Sep 17 00:00:00 2001
+From 0616176a3276be4ae49dc86c7d96b11240afca78 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sun, 6 Aug 2017 03:15:34 +0200
 Subject: [PATCH] programs/runas: Basic implementation for starting processes
@@ -17,10 +17,10 @@ Subject: [PATCH] programs/runas: Basic implementation for starting processes
  create mode 100644 programs/runas/runas.rc
 
 diff --git a/configure.ac b/configure.ac
-index cfc2080..5c97c1c 100644
+index b9ef668..404ab7a 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -3847,6 +3847,7 @@ WINE_CONFIG_MAKEFILE(programs/regedit/tests)
+@@ -3879,6 +3879,7 @@ WINE_CONFIG_MAKEFILE(programs/regedit/tests)
  WINE_CONFIG_MAKEFILE(programs/regsvcs)
  WINE_CONFIG_MAKEFILE(programs/regsvr32)
  WINE_CONFIG_MAKEFILE(programs/rpcss)
@@ -44,7 +44,7 @@ index 0000000..be9434b
 +RC_SRCS = runas.rc
 diff --git a/programs/runas/runas.c b/programs/runas/runas.c
 new file mode 100644
-index 0000000..cfd1c73
+index 0000000..8e96aff
 --- /dev/null
 +++ b/programs/runas/runas.c
 @@ -0,0 +1,214 @@
@@ -125,7 +125,7 @@ index 0000000..cfd1c73
 +    LocalFree(str);
 +}
 +
-+static void __cdecl output_message(unsigned int id, ...)
++static void WINAPIV output_message(unsigned int id, ...)
 +{
 +    WCHAR fmt[1024];
 +    __ms_va_list va_args;
@@ -340,5 +340,5 @@ index 0000000..f9297a4
 +    %2!u!: %3\n"
 +}
 -- 
-1.9.1
+2.7.4
 

patches/advapi32-WinBuiltinAnyPackageSid/0002-advapi32-tests-Add-a-test-that-compares-a-well-known.patch

@@ -152,7 +152,7 @@ index dfe2f871d42..808547ddbc0 100644
  
 +    AllocateAndInitializeSid(&domain_ident, 4, SECURITY_NT_NON_UNIQUE, 0, 0, 0, 0, 0, 0, 0, &domain_sid);
 +
-     for(i = 0; i < sizeof(strsid_table) / sizeof(strsid_table[0]); i++)
+     for(i = 0; i < ARRAY_SIZE(strsid_table); i++)
      {
 -        char *temp;
 -

patches/api-ms-win-Stub_DLLs/0009-ext-ms-win-xaml-pal-l1-1-0-Add-dll-and-add-stub-for-.patch

@@ -1,34 +1,34 @@
-From 78679414663a0d7d5e90227ab58bc6b9f4db9634 Mon Sep 17 00:00:00 2001
+From 7f05362e86a285551a5694e98fa9abecb99018a0 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sun, 17 Jan 2016 17:07:35 +0100
 Subject: [PATCH] ext-ms-win-xaml-pal-l1-1-0: Add dll and add stub for
  XamlBehaviorEnabled.
 
 ---
- configure.ac                                       |  1 +
- dlls/ext-ms-win-xaml-pal-l1-1-0/Makefile.in        |  4 +++
- .../ext-ms-win-xaml-pal-l1-1-0.spec                |  6 ++++
- dlls/ext-ms-win-xaml-pal-l1-1-0/main.c             | 35 ++++++++++++++++++++++
+ configure.ac                                  |  1 +
+ dlls/ext-ms-win-xaml-pal-l1-1-0/Makefile.in   |  4 +++
+ .../ext-ms-win-xaml-pal-l1-1-0.spec           |  6 ++++
+ dlls/ext-ms-win-xaml-pal-l1-1-0/main.c        | 35 +++++++++++++++++++
  4 files changed, 46 insertions(+)
  create mode 100644 dlls/ext-ms-win-xaml-pal-l1-1-0/Makefile.in
  create mode 100644 dlls/ext-ms-win-xaml-pal-l1-1-0/ext-ms-win-xaml-pal-l1-1-0.spec
  create mode 100644 dlls/ext-ms-win-xaml-pal-l1-1-0/main.c
 
 diff --git a/configure.ac b/configure.ac
-index 7215237..4d7111a 100644
+index 420f6311db3..30718491bb8 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -3252,6 +3252,7 @@ WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-rtcore-ntuser-dpi-l1-1-0)
- WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-rtcore-ntuser-sysparams-l1-1-0)
+@@ -3289,6 +3289,7 @@ WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-rtcore-ntuser-sysparams-l1-1-0)
  WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-security-credui-l1-1-0)
  WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-security-cryptui-l1-1-0)
+ WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-uxtheme-themes-l1-1-0)
 +WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-xaml-pal-l1-1-0)
  WINE_CONFIG_MAKEFILE(dlls/faultrep)
  WINE_CONFIG_MAKEFILE(dlls/faultrep/tests)
- WINE_CONFIG_MAKEFILE(dlls/fltlib)
+ WINE_CONFIG_MAKEFILE(dlls/feclient)
 diff --git a/dlls/ext-ms-win-xaml-pal-l1-1-0/Makefile.in b/dlls/ext-ms-win-xaml-pal-l1-1-0/Makefile.in
 new file mode 100644
-index 0000000..6382d85
+index 00000000000..6382d85272b
 --- /dev/null
 +++ b/dlls/ext-ms-win-xaml-pal-l1-1-0/Makefile.in
 @@ -0,0 +1,4 @@
@@ -38,7 +38,7 @@ index 0000000..6382d85
 +	main.c
 diff --git a/dlls/ext-ms-win-xaml-pal-l1-1-0/ext-ms-win-xaml-pal-l1-1-0.spec b/dlls/ext-ms-win-xaml-pal-l1-1-0/ext-ms-win-xaml-pal-l1-1-0.spec
 new file mode 100644
-index 0000000..c167f5e
+index 00000000000..c167f5e753e
 --- /dev/null
 +++ b/dlls/ext-ms-win-xaml-pal-l1-1-0/ext-ms-win-xaml-pal-l1-1-0.spec
 @@ -0,0 +1,6 @@
@@ -50,7 +50,7 @@ index 0000000..c167f5e
 +@ stub XamlPalUninitialize
 diff --git a/dlls/ext-ms-win-xaml-pal-l1-1-0/main.c b/dlls/ext-ms-win-xaml-pal-l1-1-0/main.c
 new file mode 100644
-index 0000000..3e28275
+index 00000000000..3e282758f41
 --- /dev/null
 +++ b/dlls/ext-ms-win-xaml-pal-l1-1-0/main.c
 @@ -0,0 +1,35 @@
@@ -90,5 +90,5 @@ index 0000000..3e28275
 +    return TRUE;
 +}
 -- 
-1.9.1
+2.17.0
 

patches/api-ms-win-Stub_DLLs/0016-ext-ms-win-uxtheme-themes-l1-1-0-Add-dll.patch

@@ -1,81 +0,0 @@
-From 3ac2d7e513ec9872239ff0113a047f9b0dae5b79 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
-Date: Sat, 23 Jan 2016 21:02:52 +0100
-Subject: [PATCH] ext-ms-win-uxtheme-themes-l1-1-0: Add dll.
-
----
- configure.ac                                       |  1 +
- dlls/ext-ms-win-uxtheme-themes-l1-1-0/Makefile.in  |  1 +
- .../ext-ms-win-uxtheme-themes-l1-1-0.spec          | 24 ++++++++++++++++++++++
- tools/make_specfiles                               |  4 ++++
- 4 files changed, 30 insertions(+)
- create mode 100644 dlls/ext-ms-win-uxtheme-themes-l1-1-0/Makefile.in
- create mode 100644 dlls/ext-ms-win-uxtheme-themes-l1-1-0/ext-ms-win-uxtheme-themes-l1-1-0.spec
-
-diff --git a/configure.ac b/configure.ac
-index 17b6070..10a1804 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -3256,6 +3256,7 @@ WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-rtcore-ntuser-dpi-l1-1-0)
- WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-rtcore-ntuser-sysparams-l1-1-0)
- WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-security-credui-l1-1-0)
- WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-security-cryptui-l1-1-0)
-+WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-uxtheme-themes-l1-1-0)
- WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-xaml-pal-l1-1-0)
- WINE_CONFIG_MAKEFILE(dlls/faultrep)
- WINE_CONFIG_MAKEFILE(dlls/faultrep/tests)
-diff --git a/dlls/ext-ms-win-uxtheme-themes-l1-1-0/Makefile.in b/dlls/ext-ms-win-uxtheme-themes-l1-1-0/Makefile.in
-new file mode 100644
-index 0000000..576b6f6
---- /dev/null
-+++ b/dlls/ext-ms-win-uxtheme-themes-l1-1-0/Makefile.in
-@@ -0,0 +1 @@
-+MODULE    = ext-ms-win-uxtheme-themes-l1-1-0.dll
-diff --git a/dlls/ext-ms-win-uxtheme-themes-l1-1-0/ext-ms-win-uxtheme-themes-l1-1-0.spec b/dlls/ext-ms-win-uxtheme-themes-l1-1-0/ext-ms-win-uxtheme-themes-l1-1-0.spec
-new file mode 100644
-index 0000000..0a96983
---- /dev/null
-+++ b/dlls/ext-ms-win-uxtheme-themes-l1-1-0/ext-ms-win-uxtheme-themes-l1-1-0.spec
-@@ -0,0 +1,24 @@
-+@ stdcall CloseThemeData(ptr) uxtheme.CloseThemeData
-+@ stdcall DrawThemeBackground(ptr ptr long long ptr ptr) uxtheme.DrawThemeBackground
-+@ stub GetColorFromPreference
-+@ stub GetImmersiveColorFromColorSetEx
-+@ stub GetImmersiveUserColorSetPreference
-+@ stub GetThemeAnimationProperty
-+@ stub GetThemeAnimationTransform
-+@ stdcall GetThemeBackgroundExtent(ptr ptr long long ptr ptr) uxtheme.GetThemeBackgroundExtent
-+@ stub GetThemeBitmap
-+@ stdcall GetThemeColor(ptr long long long ptr) uxtheme.GetThemeColor
-+@ stdcall GetThemeEnumValue(ptr long long long ptr) uxtheme.GetThemeEnumValue
-+@ stdcall GetThemeFont(ptr ptr long long long ptr) uxtheme.GetThemeFont
-+@ stdcall GetThemeInt(ptr long long long ptr) uxtheme.GetThemeInt
-+@ stdcall GetThemeMargins(ptr ptr long long long ptr ptr) uxtheme.GetThemeMargins
-+@ stdcall GetThemePartSize(ptr ptr long long ptr long ptr) uxtheme.GetThemePartSize
-+@ stdcall GetThemePosition(ptr long long long ptr) uxtheme.GetThemePosition
-+@ stub GetThemeTimingFunction
-+@ stub GetUserColorPreference
-+@ stdcall IsAppThemed() uxtheme.IsAppThemed
-+@ stdcall IsThemeActive() uxtheme.IsThemeActive
-+@ stdcall IsThemePartDefined(ptr long long) uxtheme.IsThemePartDefined
-+@ stdcall OpenThemeData(ptr wstr) uxtheme.OpenThemeData
-+@ stdcall OpenThemeDataEx(ptr wstr long) uxtheme.OpenThemeDataEx
-+@ stdcall SetWindowTheme(ptr wstr wstr) uxtheme.SetWindowTheme
-diff --git a/tools/make_specfiles b/tools/make_specfiles
-index 680ade4..2e092f2 100755
---- a/tools/make_specfiles
-+++ b/tools/make_specfiles
-@@ -408,6 +408,10 @@ my @dll_groups =
-   "api-ms-win-core-winrt-string-l1-1-0",
-  ],
-  [
-+  "uxtheme",
-+  "ext-ms-win-uxtheme-themes-l1-1-0",
-+ ],
-+ [
-   "bthprops.cpl",
-   "irprops.cpl",
-  ],
--- 
-1.9.1
-

patches/api-ms-win-Stub_DLLs/0026-feclient-Add-stub-dll.patch

@@ -1,133 +0,0 @@
-From b03da4a4b66c303a58037d6a241c8326bb6057e0 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
-Date: Tue, 12 Apr 2016 01:00:02 +0200
-Subject: [PATCH] feclient: Add stub dll.
-
----
- configure.ac                |  1 +
- dlls/feclient/Makefile.in   |  4 ++++
- dlls/feclient/feclient.spec | 36 ++++++++++++++++++++++++++++++++++++
- dlls/feclient/main.c        | 45 +++++++++++++++++++++++++++++++++++++++++++++
- 4 files changed, 86 insertions(+)
- create mode 100644 dlls/feclient/Makefile.in
- create mode 100644 dlls/feclient/feclient.spec
- create mode 100644 dlls/feclient/main.c
-
-diff --git a/configure.ac b/configure.ac
-index 18fc8a8..fa783a6 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -3263,6 +3263,7 @@ WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-uxtheme-themes-l1-1-0)
- WINE_CONFIG_MAKEFILE(dlls/ext-ms-win-xaml-pal-l1-1-0)
- WINE_CONFIG_MAKEFILE(dlls/faultrep)
- WINE_CONFIG_MAKEFILE(dlls/faultrep/tests)
-+WINE_CONFIG_MAKEFILE(dlls/feclient)
- WINE_CONFIG_MAKEFILE(dlls/fltlib)
- WINE_CONFIG_MAKEFILE(dlls/fltmgr.sys)
- WINE_CONFIG_MAKEFILE(dlls/fntcache)
-diff --git a/dlls/feclient/Makefile.in b/dlls/feclient/Makefile.in
-new file mode 100644
-index 0000000..d3eeefb
---- /dev/null
-+++ b/dlls/feclient/Makefile.in
-@@ -0,0 +1,4 @@
-+MODULE    = feclient.dll
-+
-+C_SRCS = \
-+	main.c
-diff --git a/dlls/feclient/feclient.spec b/dlls/feclient/feclient.spec
-new file mode 100644
-index 0000000..3620b85
---- /dev/null
-+++ b/dlls/feclient/feclient.spec
-@@ -0,0 +1,36 @@
-+@ stub EdpContainerizeFile
-+@ stub EdpCredentialCreate
-+@ stub EdpCredentialDelete
-+@ stub EdpCredentialExists
-+@ stub EdpCredentialQuery
-+@ stub EdpDecontainerizeFile
-+@ stub EdpDplPolicyEnabledForUser
-+@ stub EdpDplUpgradePinInfo
-+@ stub EdpDplUpgradeVerifyUser
-+@ stub EdpDplUserCredentialsSet
-+@ stub EdpDplUserUnlockComplete
-+@ stub EdpDplUserUnlockStart
-+@ stub EdpFree
-+@ stub EdpGetContainerIdentity
-+@ stub EdpGetCredServiceState
-+@ stub EdpQueryCredServiceInfo
-+@ stub EdpQueryDplEnforcedPolicyOwnerIds
-+@ stub EdpQueryRevokedPolicyOwnerIds
-+@ stub EdpRmsClearKeys
-+@ stub EdpSetCredServiceInfo
-+@ stub EfsClientCloseFileRaw
-+@ stub EfsClientDecryptFile
-+@ stub EfsClientDuplicateEncryptionInfo
-+@ stub EfsClientEncryptFileEx
-+@ stub EfsClientFileEncryptionStatus
-+@ stub EfsClientFreeProtectorList
-+@ stub EfsClientGetEncryptedFileVersion
-+@ stub EfsClientOpenFileRaw
-+@ stub EfsClientQueryProtectors
-+@ stub EfsClientReadFileRaw
-+@ stub EfsClientWriteFileRaw
-+@ stub EfsClientWriteFileWithHeaderRaw
-+@ stub EfsUtilGetCurrentKey
-+@ stub FeClientInitialize
-+@ stub GetLockSessionUnwrappedKey
-+@ stub GetLockSessionWrappedKey
-diff --git a/dlls/feclient/main.c b/dlls/feclient/main.c
-new file mode 100644
-index 0000000..91aed70
---- /dev/null
-+++ b/dlls/feclient/main.c
-@@ -0,0 +1,45 @@
-+/*
-+ * feclient API
-+ *
-+ * Copyright 2016 Michael Müller
-+ *
-+ * This library is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU Lesser General Public
-+ * License as published by the Free Software Foundation; either
-+ * version 2.1 of the License, or (at your option) any later version.
-+ *
-+ * This library is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-+ * Lesser General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public
-+ * License along with this library; if not, write to the Free Software
-+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
-+ */
-+
-+#include "config.h"
-+
-+#include <stdarg.h>
-+
-+#include "windef.h"
-+#include "winbase.h"
-+#include "wine/debug.h"
-+
-+WINE_DEFAULT_DEBUG_CHANNEL(feclient);
-+
-+BOOL WINAPI DllMain(HINSTANCE instance, DWORD reason, void *reserved)
-+{
-+    TRACE("(%p, %u, %p)\n", instance, reason, reserved);
-+
-+    switch (reason)
-+    {
-+        case DLL_WINE_PREATTACH:
-+            return FALSE;    /* prefer native version */
-+        case DLL_PROCESS_ATTACH:
-+            DisableThreadLibraryCalls(instance);
-+            break;
-+    }
-+
-+    return TRUE;
-+}
--- 
-1.9.1
-

patches/api-ms-win-Stub_DLLs/definition

@@ -19,4 +19,3 @@ Fixes: Add ext-ms-win-kernel32-package-current-l1-1-0 dll
 Fixes: Add iertutil dll
 Fixes: Add shcore dll
 Fixes: [40451] Add feclient dll
-Depends: combase-RoApi

patches/avifil32-AVIFile_Proxies/0001-avifil32-Add-support-for-AVIFile-interface-proxies.-.patch

@@ -1,239 +0,0 @@
-From a33160eef805e950e8b3c36c74f0688ca9e2328e Mon Sep 17 00:00:00 2001
-From: Dmitry Timoshkov <dmitry@baikal.ru>
-Date: Sun, 7 Feb 2016 12:52:26 +0800
-Subject: avifil32: Add support for AVIFile interface proxies. [v2]
-
----
- dlls/avifil32/Makefile.in        |   4 +-
- dlls/avifil32/avifil32.idl       |  25 ++++++----
- dlls/avifil32/avifile_ifaces.idl | 105 +++++++++++++++++++++++++++++++++++++++
- dlls/avifil32/avifile_private.h  |   1 +
- dlls/avifil32/factory.c          |   8 ++-
- 5 files changed, 130 insertions(+), 13 deletions(-)
- create mode 100644 dlls/avifil32/avifile_ifaces.idl
-
-diff --git a/dlls/avifil32/Makefile.in b/dlls/avifil32/Makefile.in
-index 81d2ff8..4030514 100644
---- a/dlls/avifil32/Makefile.in
-+++ b/dlls/avifil32/Makefile.in
-@@ -1,6 +1,6 @@
- MODULE    = avifil32.dll
- IMPORTLIB = avifil32
--IMPORTS   = uuid msacm32 msvfw32 winmm ole32 user32 advapi32
-+IMPORTS   = uuid msacm32 msvfw32 winmm ole32 user32 advapi32 rpcrt4
- 
- C_SRCS = \
- 	acmstream.c \
-@@ -17,3 +17,5 @@ C_SRCS = \
- IDL_SRCS = avifil32.idl
- 
- RC_SRCS = avifil32.rc
-+
-+dlldata_EXTRADEFS = -DENTRY_PREFIX=avifil32_
-diff --git a/dlls/avifil32/avifil32.idl b/dlls/avifil32/avifil32.idl
-index 1f50f15..e23c176 100644
---- a/dlls/avifil32/avifil32.idl
-+++ b/dlls/avifil32/avifil32.idl
-@@ -18,39 +18,42 @@
-  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
-  */
- 
-+#pragma makedep proxy
- #pragma makedep register
- 
-+#include "avifile_ifaces.idl"
-+
-+[
-+    helpstring("IAVIStream & IAVIFile Proxy"),
-+    threading(both),
-+    uuid(0002000d-0000-0000-c000-000000000046)
-+]
-+coclass PSFactoryBuffer { interface IFactoryBuffer; }
-+
- [
-     helpstring("Microsoft AVI Files"),
--    threading(apartment),
-+    threading(both),
-     uuid(00020000-0000-0000-C000-000000000046)
- ]
- coclass AVIFile { interface IAVIFile; }
- 
- [
-     helpstring("AVI Compressed Stream"),
--    threading(apartment),
-+    threading(both),
-     uuid(00020001-0000-0000-c000-000000000046)
- ]
- coclass ICMStream { interface IAVIStream; }
- 
- [
-     helpstring("Microsoft Wave File"),
--    threading(apartment),
-+    threading(both),
-     uuid(00020003-0000-0000-c000-000000000046)
- ]
- coclass WAVFile { interface IAVIFile; }
- 
- [
--    helpstring("IAVIStream & IAVIFile Proxy"),
--    threading(apartment),
--    uuid(0002000d-0000-0000-c000-000000000046)
--]
--coclass AVIProxy { }
--
--[
-     helpstring("ACM Compressed Audio Stream"),
--    threading(apartment),
-+    threading(both),
-     uuid(0002000f-0000-0000-c000-000000000046)
- ]
- coclass ACMStream { interface IAVIStream; }
-diff --git a/dlls/avifil32/avifile_ifaces.idl b/dlls/avifil32/avifile_ifaces.idl
-new file mode 100644
-index 0000000..f9280e5
---- /dev/null
-+++ b/dlls/avifil32/avifile_ifaces.idl
-@@ -0,0 +1,105 @@
-+/*
-+ * Proxy support for avifil32
-+ *
-+ * Copyright 2016 Dmitry Timoshkov
-+ *
-+ * This library is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU Lesser General Public
-+ * License as published by the Free Software Foundation; either
-+ * version 2.1 of the License, or (at your option) any later version.
-+ *
-+ * This library is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-+ * Lesser General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public
-+ * License along with this library; if not, write to the Free Software
-+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
-+ */
-+
-+/*
-+ * These interface descriptions are supposed to be used for automatic proxy
-+ * generation by an IDL compiler.
-+ *
-+ * While it's possible to convert include/vfw.h to an .idl, that's proved to
-+ * be a major waste of an effort because the resulting interface descriptions
-+ * can't be used for automatic proxy generation since they are not compatible
-+ * with IDL compiler restrictions for proxies, and fixing them up would make
-+ * generated vfw.h source incompatible with PSDK's equivalent.
-+ */
-+
-+import "wtypes.idl";
-+import "unknwn.idl";
-+
-+typedef struct _AVISTREAMINFOW
-+{
-+    DWORD fccType;
-+    DWORD fccHandler;
-+    DWORD dwFlags;
-+    DWORD dwCaps;
-+    WORD  wPriority;
-+    WORD  wLanguage;
-+    DWORD dwScale;
-+    DWORD dwRate;
-+    DWORD dwStart;
-+    DWORD dwLength;
-+    DWORD dwInitialFrames;
-+    DWORD dwSuggestedBufferSize;
-+    DWORD dwQuality;
-+    DWORD dwSampleSize;
-+    RECT  rcFrame;
-+    DWORD dwEditCount;
-+    DWORD dwFormatChangeCount;
-+    WCHAR szName[64];
-+} AVISTREAMINFOW;
-+
-+[
-+    object,
-+    uuid(00020021-0000-0000-c000-000000000046)
-+]
-+interface IAVIStream : IUnknown
-+{
-+    HRESULT Create(LPARAM lParam1, LPARAM lParam2);
-+    HRESULT Info(AVISTREAMINFOW *psi, LONG lSize);
-+    LONG FindSample(LONG lPos, LONG lFlags);
-+    HRESULT ReadFormat(LONG lPos, [out,size_is(*lpcbFormat)] char *lpFormat, [in,out] LONG *lpcbFormat);
-+    HRESULT SetFormat(LONG lPos, [in,size_is(cbFormat)] char *lpFormat, LONG cbFormat);
-+    HRESULT Read(LONG lStart, LONG lSamples, [out,size_is(cbBuffer)] char *lpBuffer, LONG cbBuffer, LONG *plBytes, LONG *plSamples);
-+    HRESULT Write(LONG lStart, LONG lSamples, [in,size_is(cbBuffer)] char *lpBuffer, LONG cbBuffer, DWORD dwFlags, LONG *plSampWritten, LONG *plBytesWritten);
-+    HRESULT Delete(LONG lStart, LONG lSamples);
-+    HRESULT ReadData(DWORD fcc, [out,size_is(*lpcbBuffer)] char *lpBuffer, [in,out] LONG *lpcbBuffer);
-+    HRESULT WriteData(DWORD fcc, [in,size_is(cbBuffer)] char *lpBuffer, LONG cbBuffer);
-+    HRESULT SetInfo(AVISTREAMINFOW *plInfo, LONG cbInfo);
-+};
-+
-+typedef struct _AVIFILEINFOW
-+{
-+    DWORD dwMaxBytesPerSec;
-+    DWORD dwFlags;
-+    DWORD dwCaps;
-+    DWORD dwStreams;
-+    DWORD dwSuggestedBufferSize;
-+    DWORD dwWidth;
-+    DWORD dwHeight;
-+    DWORD dwScale;
-+    DWORD dwRate;
-+    DWORD dwLength;
-+    DWORD dwEditCount;
-+    WCHAR szFileType[64];
-+} AVIFILEINFOW;
-+
-+[
-+    object,
-+    uuid(00020020-0000-0000-c000-000000000046)
-+]
-+interface IAVIFile : IUnknown
-+{
-+    HRESULT Info(AVIFILEINFOW *pfi, LONG lSize);
-+    HRESULT GetStream(IAVIStream **ppStream, DWORD fccType, LONG lParam);
-+    HRESULT CreateStream(IAVIStream **ppStream, AVISTREAMINFOW *psi);
-+    HRESULT WriteData(DWORD fcc, [in,size_is(cbBuffer)] char *lpBuffer, LONG cbBuffer);
-+    HRESULT ReadData(DWORD fcc, [out,size_is(*lpcbBuffer)] char *lpBuffer, [in,out] LONG *lpcbBuffer);
-+    HRESULT EndRecord(void);
-+    HRESULT DeleteStream(DWORD fccType, LONG lParam);
-+};
-diff --git a/dlls/avifil32/avifile_private.h b/dlls/avifil32/avifile_private.h
-index 0fd74c4..9cce2d3 100644
---- a/dlls/avifil32/avifile_private.h
-+++ b/dlls/avifil32/avifile_private.h
-@@ -67,5 +67,6 @@ extern PGETFRAME AVIFILE_CreateGetFrame(PAVISTREAM pstream) DECLSPEC_HIDDEN;
- extern PAVIFILE  AVIFILE_CreateAVITempFile(int nStreams, const PAVISTREAM *ppStreams) DECLSPEC_HIDDEN;
- 
- extern LPCWSTR  AVIFILE_BasenameW(LPCWSTR szFileName) DECLSPEC_HIDDEN;
-+extern HRESULT WINAPI avifil32_DllGetClassObject(REFCLSID pclsid, REFIID piid, LPVOID *ppv) DECLSPEC_HIDDEN;
- 
- #endif
-diff --git a/dlls/avifil32/factory.c b/dlls/avifil32/factory.c
-index c74a716..1b8988d 100644
---- a/dlls/avifil32/factory.c
-+++ b/dlls/avifil32/factory.c
-@@ -195,12 +195,18 @@ LPCWSTR AVIFILE_BasenameW(LPCWSTR szPath)
-  */
- HRESULT WINAPI DllGetClassObject(REFCLSID pclsid, REFIID piid, LPVOID *ppv)
- {
-+  HRESULT hr;
-+
-   TRACE("(%s,%s,%p)\n", debugstr_guid(pclsid), debugstr_guid(piid), ppv);
- 
-   if (pclsid == NULL || piid == NULL || ppv == NULL)
-     return E_FAIL;
- 
--  return AVIFILE_CreateClassFactory(pclsid,piid,ppv);
-+  hr = AVIFILE_CreateClassFactory(pclsid,piid,ppv);
-+  if (SUCCEEDED(hr))
-+    return hr;
-+
-+  return avifil32_DllGetClassObject(pclsid,piid,ppv);
- }
- 
- /*****************************************************************************
--- 
-2.7.0
-

patches/avifil32-AVIFile_Proxies/definition

@@ -1 +0,0 @@
-Fixes: [38564] Add support for AVIFile interface proxies

patches/bcrypt-BCryptDeriveKeyPBKDF2/0001-bcrypt-Implement-BCryptDeriveKeyPBKDF2-and-add-test-.patch

@@ -0,0 +1,346 @@
+From d850bbb2836fa4d77c7842009901382b54f29a69 Mon Sep 17 00:00:00 2001
+From: Jack Grigg <me@jackgrigg.com>
+Date: Sat, 17 Mar 2018 21:14:05 +1100
+Subject: [PATCH] bcrypt: Implement BCryptDeriveKeyPBKDF2 and add test vectors.
+
+Fixes https://bugs.winehq.org/show_bug.cgi?id=42704
+
+Tested on Ubuntu 16.04.2 LTS.
+
+v2 - Removed C++ comment
+   - Removed all warnings.
+   - Use heap_* functions
+   - Formatting changes.
+
+Signed-off-by: Jack Grigg <me@jackgrigg.com>
+---
+ dlls/bcrypt/bcrypt.spec    |   1 +
+ dlls/bcrypt/bcrypt_main.c  | 163 +++++++++++++++++++++++++++++++++++++++++++++
+ dlls/bcrypt/tests/bcrypt.c |  85 +++++++++++++++++++++++
+ include/bcrypt.h           |   1 +
+ 4 files changed, 250 insertions(+)
+
+diff --git a/dlls/bcrypt/bcrypt.spec b/dlls/bcrypt/bcrypt.spec
+index 78824d73b39..f4d9a57bb08 100644
+--- a/dlls/bcrypt/bcrypt.spec
++++ b/dlls/bcrypt/bcrypt.spec
+@@ -8,6 +8,7 @@
+ @ stdcall BCryptDecrypt(ptr ptr long ptr ptr long ptr long ptr long)
+ @ stub BCryptDeleteContext
+ @ stub BCryptDeriveKey
++@ stdcall BCryptDeriveKeyPBKDF2(ptr ptr long ptr long int64 ptr long long)
+ @ stdcall BCryptDestroyHash(ptr)
+ @ stdcall BCryptDestroyKey(ptr)
+ @ stub BCryptDestroySecret
+diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
+index 1490089cf72..4ffab1a9cf9 100644
+--- a/dlls/bcrypt/bcrypt_main.c
++++ b/dlls/bcrypt/bcrypt_main.c
+@@ -2282,6 +2282,169 @@ NTSTATUS WINAPI BCryptSetProperty( BCRYPT_HANDLE handle, const WCHAR *prop, UCHA
+     }
+ }
+ 
++NTSTATUS PBKDF2_F( BCRYPT_ALG_HANDLE algorithm,
++                   UCHAR *password, ULONG password_length,
++                   UCHAR *salt, ULONG salt_length,
++                   ULONGLONG iterations, int i,
++                   UCHAR *res, int hash_length )
++{
++    BCRYPT_HASH_HANDLE handle;
++    NTSTATUS status = STATUS_NOT_SUPPORTED;
++    UCHAR bytes[4];
++    UCHAR *tmp;
++    int j;
++    int k;
++
++    if (!(tmp = heap_alloc( hash_length )))
++    {
++        return STATUS_NO_MEMORY;
++    }
++
++    for (j = 0; j < iterations; j++)
++    {
++        status = BCryptCreateHash( algorithm, &handle, NULL, 0,
++                                   password, password_length, 0 );
++        if (status != STATUS_SUCCESS)
++            goto done;
++
++        if (j == 0)
++        {
++            /* Use salt || INT(i) */
++            status = BCryptHashData( handle, salt, salt_length, 0 );
++            if (status != STATUS_SUCCESS)
++                goto done;
++            bytes[0] = (i >> 24) & 0xFF;
++            bytes[1] = (i >> 16) & 0xFF;
++            bytes[2] = (i >> 8) & 0xFF;
++            bytes[3] = i & 0xFF;
++            status = BCryptHashData( handle, bytes, 4, 0 );
++        }
++        else
++        {
++            /* Use U_j */
++            status = BCryptHashData( handle, tmp, hash_length, 0 );
++        }
++        if (status != STATUS_SUCCESS)
++            goto done;
++
++        status = BCryptFinishHash( handle, tmp, hash_length, 0 );
++        if (status != STATUS_SUCCESS)
++            goto done;
++
++        status = BCryptDestroyHash( handle );
++        if (status != STATUS_SUCCESS)
++            goto done;
++
++        handle = NULL;
++
++        if (j == 0)
++        {
++            /* Copy into res */
++            memcpy( res, tmp, hash_length );
++        }
++        else
++        {
++            /* XOR into res */
++            for (k = 0; k < hash_length; k++)
++                res[k] ^= tmp[k];
++        }
++    }
++
++done:
++    TRACE("<- status 0x%08x\n", status);
++    if(handle)
++        BCryptDestroyHash( handle );
++    heap_free( tmp );
++    return status;
++}
++
++/************************************************************
++ *            BCryptDeriveKeyPBKDF2   (BCRYPT.@)
++ *
++ * Derive a key from a password using the PBKDF2 function
++ * (RFC 2898).
++ *
++ * PARAMS
++ *   handle          [I] Pointer to the PRF provider
++ *   password        [I] Optional pointer to the beginning of the password
++ *   password_length [I] Length of the password
++ *   salt            [I] Optional pointer to the beginning of the salt
++ *   salt_length     [I] Length of the salt
++ *   iterations      [I] Iteration count
++ *   dk              [O] Pointer to the beginning of the buffer to store the
++ *                       derived key in, at least dklen in size
++ *   dklen           [I] Intended length of the derived key, at most
++ *                       (2^32 - 1) * (output length of PRF)
++ *   flags           [I] Reserved, must be zero
++ *
++ * RETURNS
++ *   Success: STATUS_SUCCESS.
++ *   Failure: - STATUS_INVALID_HANDLE
++ *            - STATUS_INVALID_PARAMETER
++ *            - STATUS_NO_MEMORY
++ */
++NTSTATUS WINAPI BCryptDeriveKeyPBKDF2( BCRYPT_ALG_HANDLE handle,
++                                       PUCHAR password, ULONG password_length,
++                                       PUCHAR salt, ULONG salt_length,
++                                       ULONGLONG iterations,
++                                       PUCHAR dk, ULONG dklen,
++                                       ULONG flags )
++{
++    struct algorithm *alg = handle;
++    int hlen = alg_props[alg->id].hash_length;
++    UCHAR *partial;
++    NTSTATUS status;
++    int l;
++    int r;
++    int i;
++
++    TRACE( "%p, %p, %u, %p, %u, %s, %p, %u, %08x - stub\n",
++           handle, password, password_length, salt, salt_length,
++           wine_dbgstr_longlong(iterations), dk, dklen, flags );
++
++    if (dklen <= 0 || dklen > ((((ULONGLONG) 1) << 32) - 1) * hlen)
++    {
++        return STATUS_INVALID_PARAMETER;
++    }
++
++    l = 1 + ((dklen - 1) / hlen); /* ceil(dklen/hlen) */
++    r = dklen - (l - 1) * hlen;
++
++    /* Full blocks */
++    for (i = 1; i < l; i++)
++    {
++        status = PBKDF2_F( handle,
++                           password, password_length,
++                           salt, salt_length,
++                           iterations, i,
++                           dk + ((i - 1) * hlen), hlen );
++        if (status != STATUS_SUCCESS)
++        {
++            return status;
++        }
++    }
++
++    /* Final partial block */
++    if (!(partial = heap_alloc( hlen )))
++    {
++        return STATUS_NO_MEMORY;
++    }
++    status = PBKDF2_F( handle,
++                       password, password_length,
++                       salt, salt_length,
++                       iterations, l,
++                       partial, hlen );
++    if (status != STATUS_SUCCESS)
++    {
++        heap_free( partial );
++        return status;
++    }
++    memcpy( dk + ((l - 1) * hlen), partial, r );
++    heap_free( partial );
++
++    return STATUS_SUCCESS;
++}
++
+ BOOL WINAPI DllMain( HINSTANCE hinst, DWORD reason, LPVOID reserved )
+ {
+     switch (reason)
+diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
+index 7d59f6d4c1d..5b1b6c7e189 100644
+--- a/dlls/bcrypt/tests/bcrypt.c
++++ b/dlls/bcrypt/tests/bcrypt.c
+@@ -26,6 +26,8 @@
+ 
+ #include "wine/test.h"
+ 
++#define ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0]))
++
+ static NTSTATUS (WINAPI *pBCryptOpenAlgorithmProvider)(BCRYPT_ALG_HANDLE *, LPCWSTR, LPCWSTR, ULONG);
+ static NTSTATUS (WINAPI *pBCryptCloseAlgorithmProvider)(BCRYPT_ALG_HANDLE, ULONG);
+ static NTSTATUS (WINAPI *pBCryptGetFipsAlgorithmMode)(BOOLEAN *);
+@@ -36,6 +38,8 @@ static NTSTATUS (WINAPI *pBCryptHashData)(BCRYPT_HASH_HANDLE, PUCHAR, ULONG, ULO
+ static NTSTATUS (WINAPI *pBCryptDuplicateHash)(BCRYPT_HASH_HANDLE, BCRYPT_HASH_HANDLE *, UCHAR *, ULONG, ULONG);
+ static NTSTATUS (WINAPI *pBCryptFinishHash)(BCRYPT_HASH_HANDLE, PUCHAR, ULONG, ULONG);
+ static NTSTATUS (WINAPI *pBCryptDestroyHash)(BCRYPT_HASH_HANDLE);
++static NTSTATUS (WINAPI *pBCryptDeriveKeyPBKDF2)(BCRYPT_ALG_HANDLE, PUCHAR, ULONG, PUCHAR, ULONG,
++                                                 ULONGLONG, PUCHAR, ULONG, ULONG);
+ static NTSTATUS (WINAPI *pBCryptGenRandom)(BCRYPT_ALG_HANDLE, PUCHAR, ULONG, ULONG);
+ static NTSTATUS (WINAPI *pBCryptGetProperty)(BCRYPT_HANDLE, LPCWSTR, PUCHAR, ULONG, ULONG *, ULONG);
+ static NTSTATUS (WINAPI *pBCryptSetProperty)(BCRYPT_HANDLE, LPCWSTR, PUCHAR, ULONG, ULONG);
+@@ -396,6 +400,81 @@ static void test_BcryptHash(void)
+     ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+ }
+ 
++/* Test vectors from RFC 6070 */
++static UCHAR password[] = "password";
++static UCHAR salt[] = "salt";
++static UCHAR long_password[] =
++    "passwordPASSWORDpassword";
++static UCHAR long_salt[] =
++    "saltSALTsaltSALTsaltSALTsaltSALTsalt";
++static UCHAR password_NUL[] = "pass\0word";
++static UCHAR salt_NUL[] = "sa\0lt";
++
++static UCHAR dk1[] =
++    "0c60c80f961f0e71f3a9b524af6012062fe037a6";
++static UCHAR dk2[] =
++    "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957";
++static UCHAR dk3[] =
++    "4b007901b765489abead49d926f721d065a429c1";
++static UCHAR dk4[] =
++    "eefe3d61cd4da4e4e9945b3d6ba2158c2634e984";
++static UCHAR dk5[] =
++    "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038";
++static UCHAR dk6[] =
++    "56fa6aa75548099dcc37d7f03425e0c3";
++
++static const struct {
++    ULONG password_length;
++    ULONG salt_length;
++    ULONGLONG iterations;
++    ULONG dklen;
++    UCHAR *password;
++    UCHAR *salt;
++    const UCHAR *dk;
++} rfc6070[] = {
++    {  8,  4,        1, 20, password,      salt,      dk1 },
++    {  8,  4,        2, 20, password,      salt,      dk2 },
++    {  8,  4,     4096, 20, password,      salt,      dk3 },
++    {  8,  4, 16777216, 20, password,      salt,      dk4 },
++    { 24, 36,     4096, 25, long_password, long_salt, dk5 },
++    {  9,  5,     4096, 16, password_NUL,  salt_NUL,  dk6 }
++};
++
++static void test_BcryptDeriveKeyPBKDF2(void)
++{
++    BCRYPT_ALG_HANDLE alg;
++    UCHAR dk[25];
++    char str[51];
++    NTSTATUS ret;
++    int i;
++
++    alg = NULL;
++    ret = pBCryptOpenAlgorithmProvider(&alg, BCRYPT_SHA1_ALGORITHM, MS_PRIMITIVE_PROVIDER,
++                                       BCRYPT_ALG_HANDLE_HMAC_FLAG);
++    ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
++    ok(alg != NULL, "alg not set\n");
++
++    test_hash_length(alg, 20);
++    test_alg_name(alg, "SHA1");
++
++    for (i = 0; i < ARRAY_SIZE(rfc6070); i++)
++    {
++        memset(dk, 0, sizeof(dk));
++        ret = pBCryptDeriveKeyPBKDF2(alg,
++                                     rfc6070[i].password, rfc6070[i].password_length,
++                                     rfc6070[i].salt, rfc6070[i].salt_length,
++                                     rfc6070[i].iterations,
++                                     dk, rfc6070[i].dklen,
++                                     0);
++        ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
++        format_hash( dk, rfc6070[i].dklen, str );
++        ok(!memcmp(str, rfc6070[i].dk, rfc6070[i].dklen), "got %s\n", str);
++    }
++
++    ret = pBCryptCloseAlgorithmProvider(alg, 0);
++    ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
++}
++
+ static void test_rng(void)
+ {
+     BCRYPT_ALG_HANDLE alg;
+@@ -1609,6 +1688,7 @@ START_TEST(bcrypt)
+     pBCryptDuplicateHash = (void *)GetProcAddress(module, "BCryptDuplicateHash");
+     pBCryptFinishHash = (void *)GetProcAddress(module, "BCryptFinishHash");
+     pBCryptDestroyHash = (void *)GetProcAddress(module, "BCryptDestroyHash");
++    pBCryptDeriveKeyPBKDF2 = (void *)GetProcAddress(module, "BCryptDeriveKeyPBKDF2");
+     pBCryptGenRandom = (void *)GetProcAddress(module, "BCryptGenRandom");
+     pBCryptGetProperty = (void *)GetProcAddress(module, "BCryptGetProperty");
+     pBCryptSetProperty = (void *)GetProcAddress(module, "BCryptSetProperty");
+@@ -1639,5 +1719,10 @@ START_TEST(bcrypt)
+     else
+         win_skip("BCryptHash is not available\n");
+ 
++    if (pBCryptDeriveKeyPBKDF2) /* >= Win 7 */
++        test_BcryptDeriveKeyPBKDF2();
++    else
++        win_skip("BCryptDeriveKeyPBKDF2 is not available\n");
++
+     FreeLibrary(module);
+ }
+diff --git a/include/bcrypt.h b/include/bcrypt.h
+index df54f621fa7..d3e4b9959dc 100644
+--- a/include/bcrypt.h
++++ b/include/bcrypt.h
+@@ -217,6 +217,7 @@ typedef PVOID BCRYPT_HASH_HANDLE;
+ NTSTATUS WINAPI BCryptCloseAlgorithmProvider(BCRYPT_ALG_HANDLE, ULONG);
+ NTSTATUS WINAPI BCryptCreateHash(BCRYPT_ALG_HANDLE, BCRYPT_HASH_HANDLE *, PUCHAR, ULONG, PUCHAR, ULONG, ULONG);
+ NTSTATUS WINAPI BCryptDecrypt(BCRYPT_KEY_HANDLE, PUCHAR, ULONG, VOID *, PUCHAR, ULONG, PUCHAR, ULONG, ULONG *, ULONG);
++NTSTATUS WINAPI BCryptDeriveKeyPBKDF2(BCRYPT_ALG_HANDLE, PUCHAR, ULONG, PUCHAR, ULONG, ULONGLONG, PUCHAR, ULONG, ULONG);
+ NTSTATUS WINAPI BCryptDestroyHash(BCRYPT_HASH_HANDLE);
+ NTSTATUS WINAPI BCryptDestroyKey(BCRYPT_KEY_HANDLE);
+ NTSTATUS WINAPI BCryptEncrypt(BCRYPT_KEY_HANDLE, PUCHAR, ULONG, VOID *, PUCHAR, ULONG, PUCHAR, ULONG, ULONG *, ULONG);
+-- 
+2.16.2
+

patches/bcrypt-BCryptDeriveKeyPBKDF2/definition

@@ -0,0 +1,2 @@
+Fixes: [42704] Implement BCryptDeriveKeyPBKDF2
+Depends: crypt32-ECDSA_Cert_Chains

patches/bcrypt-Improvements/0011-bcrypt-tests-Add-tests-for-AES-GCM-mode.patch

@@ -1,263 +0,0 @@
-From 82785fee09e7d5cfce76ca4cc08291ecba19d393 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
-Date: Mon, 26 Dec 2016 05:37:02 +0100
-Subject: [PATCH] bcrypt/tests: Add tests for AES GCM mode.
-
----
- dlls/bcrypt/tests/bcrypt.c | 155 ++++++++++++++++++++++++++++++++++++++++++++-
- include/bcrypt.h           |  24 ++++++-
- 2 files changed, 177 insertions(+), 2 deletions(-)
-
-diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
-index 6e28348..6cefe13 100644
---- a/dlls/bcrypt/tests/bcrypt.c
-+++ b/dlls/bcrypt/tests/bcrypt.c
-@@ -564,6 +564,8 @@ static void test_BCryptGenerateSymmetricKey(void)
- 
- static void test_BCryptEncrypt(void)
- {
-+    static UCHAR nonce[] =
-+        {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x10, 0x20, 0x30, 0x40, 0x50, 0x60};
-     static UCHAR secret[] =
-         {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
-     static UCHAR iv[] =
-@@ -582,15 +584,28 @@ static void test_BCryptEncrypt(void)
-         {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
-          0xb1,0xa2,0x92,0x73,0xbe,0x2c,0x42,0x07,0xa5,0xac,0xe3,0x93,0x39,0x8c,0xb6,0xfb,
-          0x87,0x5d,0xea,0xa3,0x7e,0x0f,0xde,0xfa,0xd9,0xec,0x6c,0x4e,0x3c,0x76,0x86,0xe4};
-+    static UCHAR expected4[] =
-+        {0xe1,0x82,0xc3,0xc0,0x24,0xfb,0x86,0x85,0xf3,0xf1,0x2b,0x7d,0x09,0xb4,0x73,0x67,
-+         0x86,0x64,0xc3,0xfe,0xa3,0x07,0x61,0xf8,0x16,0xc9,0x78,0x7f,0xe7,0xb1,0xc4,0x94};
-+    static UCHAR expected_tag[] =
-+        {0x89,0xb3,0x92,0x00,0x39,0x20,0x09,0xb4,0x6a,0xd6,0xaf,0xca,0x4b,0x5b,0xfd,0xd0};
-+    static UCHAR expected_tag2[] =
-+        {0x9a,0x92,0x32,0x2c,0x61,0x2a,0xae,0xef,0x66,0x2a,0xfb,0x55,0xe9,0x48,0xdf,0xbd};
-+    BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO auth_info;
-+    UCHAR *buf, ciphertext[48], ivbuf[16], tag[16];
-+    BCRYPT_AUTH_TAG_LENGTHS_STRUCT tag_length;
-     BCRYPT_ALG_HANDLE aes;
-     BCRYPT_KEY_HANDLE key;
--    UCHAR *buf, ciphertext[48], ivbuf[16];
-     ULONG size, len, i;
-     NTSTATUS ret;
- 
-     ret = pBCryptOpenAlgorithmProvider(&aes, BCRYPT_AES_ALGORITHM, NULL, 0);
-     ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
- 
-+    /******************
-+     * AES - CBC mode *
-+     ******************/
-+
-     len = 0xdeadbeef;
-     size = sizeof(len);
-     ret = pBCryptGetProperty(aes, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
-@@ -677,12 +692,101 @@ static void test_BCryptEncrypt(void)
-     ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-     HeapFree(GetProcessHeap(), 0, buf);
- 
-+    /******************
-+     * AES - GCM mode *
-+     ******************/
-+
-+    size = 0;
-+    ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, NULL, 0, &size, 0);
-+    todo_wine ok(ret == STATUS_NOT_SUPPORTED, "got %08x\n", ret);
-+
-+    ret = BCryptSetProperty(aes, BCRYPT_CHAINING_MODE, (UCHAR*)BCRYPT_CHAIN_MODE_GCM, sizeof(BCRYPT_CHAIN_MODE_GCM), 0);
-+    todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+
-+    size = 0;
-+    ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, NULL, 0, &size, 0);
-+    todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+    todo_wine ok(size == sizeof(tag_length), "got %u\n", size);
-+
-+    size = 0;
-+    memset(&tag_length, 0, sizeof(tag_length));
-+    ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, (UCHAR*)&tag_length, sizeof(tag_length), &size, 0);
-+    todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+    todo_wine ok(size == sizeof(tag_length), "got %u\n", size);
-+    todo_wine ok(tag_length.dwMinLength == 12, "Expected 12, got %d\n", tag_length.dwMinLength);
-+    todo_wine ok(tag_length.dwMaxLength == 16, "Expected 16, got %d\n", tag_length.dwMaxLength);
-+    todo_wine ok(tag_length.dwIncrement == 1, "Expected 1, got %d\n", tag_length.dwIncrement);
-+
-+    len = 0xdeadbeef;
-+    size = sizeof(len);
-+    ret = pBCryptGetProperty(aes, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
-+    ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+
-+    buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
-+    ret = pBCryptGenerateSymmetricKey(aes, &key, buf, len, secret, sizeof(secret), 0);
-+    ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+
-+    memset(&auth_info, 0, sizeof(auth_info));
-+    auth_info.cbSize = sizeof(auth_info);
-+    auth_info.dwInfoVersion = 1;
-+    auth_info.pbNonce = nonce;
-+    auth_info.cbNonce = sizeof(nonce);
-+    auth_info.pbTag = tag;
-+    auth_info.cbTag = sizeof(tag);
-+
-+    /* input size is a multiple of block size */
-+    size = 0;
-+    memcpy(ivbuf, iv, sizeof(iv));
-+    memset(ciphertext, 0xff, sizeof(ciphertext));
-+    memset(tag, 0xff, sizeof(tag));
-+    ret = pBCryptEncrypt(key, data2, 32, &auth_info, ivbuf, 16, ciphertext, 32, &size, 0);
-+    todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+    todo_wine ok(size == 32, "got %u\n", size);
-+    todo_wine ok(!memcmp(ciphertext, expected4, sizeof(expected4)), "wrong data\n");
-+    todo_wine ok(!memcmp(tag, expected_tag, sizeof(expected_tag)), "wrong tag\n");
-+    for (i = 0; i < 32; i++)
-+        todo_wine ok(ciphertext[i] == expected4[i], "%u: %02x != %02x\n", i, ciphertext[i], expected4[i]);
-+    for (i = 0; i < 16; i++)
-+        todo_wine ok(tag[i] == expected_tag[i], "%u: %02x != %02x\n", i, tag[i], expected_tag[i]);
-+
-+    /* input size is not multiple of block size */
-+    size = 0;
-+    memcpy(ivbuf, iv, sizeof(iv));
-+    memset(ciphertext, 0xff, sizeof(ciphertext));
-+    memset(tag, 0xff, sizeof(tag));
-+    ret = pBCryptEncrypt(key, data2, 24, &auth_info, ivbuf, 16, ciphertext, 24, &size, 0);
-+    todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+    todo_wine ok(size == 24, "got %u\n", size);
-+    todo_wine ok(!memcmp(ciphertext, expected4, 24), "wrong data\n");
-+    todo_wine ok(!memcmp(tag, expected_tag2, sizeof(expected_tag2)), "wrong tag\n");
-+    for (i = 0; i < 24; i++)
-+        todo_wine ok(ciphertext[i] == expected4[i], "%u: %02x != %02x\n", i, ciphertext[i], expected4[i]);
-+    for (i = 0; i < 16; i++)
-+        todo_wine ok(tag[i] == expected_tag2[i], "%u: %02x != %02x\n", i, tag[i], expected_tag2[i]);
-+
-+    /* test with padding */
-+    memcpy(ivbuf, iv, sizeof(iv));
-+    memset(ciphertext, 0, sizeof(ciphertext));
-+    ret = pBCryptEncrypt(key, data2, 32, &auth_info, ivbuf, 16, ciphertext, 32, &size, BCRYPT_BLOCK_PADDING);
-+    todo_wine ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
-+
-+    memcpy(ivbuf, iv, sizeof(iv));
-+    memset(ciphertext, 0, sizeof(ciphertext));
-+    ret = pBCryptEncrypt(key, data2, 32, &auth_info, ivbuf, 16, ciphertext, 48, &size, BCRYPT_BLOCK_PADDING);
-+    todo_wine ok(ret == STATUS_INVALID_PARAMETER, "got %08x\n", ret);
-+
-+    ret = pBCryptDestroyKey(key);
-+    ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+    HeapFree(GetProcessHeap(), 0, buf);
-+
-     ret = pBCryptCloseAlgorithmProvider(aes, 0);
-     ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
- }
- 
- static void test_BCryptDecrypt(void)
- {
-+    static UCHAR nonce[] =
-+        {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x10, 0x20, 0x30, 0x40, 0x50, 0x60};
-     static UCHAR secret[] =
-         {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
-     static UCHAR iv[] =
-@@ -704,6 +808,12 @@ static void test_BCryptDecrypt(void)
-         {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
-          0xb1,0xa2,0x92,0x73,0xbe,0x2c,0x42,0x07,0xa5,0xac,0xe3,0x93,0x39,0x8c,0xb6,0xfb,
-          0x87,0x5d,0xea,0xa3,0x7e,0x0f,0xde,0xfa,0xd9,0xec,0x6c,0x4e,0x3c,0x76,0x86,0xe4};
-+    static UCHAR ciphertext4[] =
-+        {0xe1,0x82,0xc3,0xc0,0x24,0xfb,0x86,0x85,0xf3,0xf1,0x2b,0x7d,0x09,0xb4,0x73,0x67,
-+         0x86,0x64,0xc3,0xfe,0xa3,0x07,0x61,0xf8,0x16,0xc9,0x78,0x7f,0xe7,0xb1,0xc4,0x94};
-+    static UCHAR tag[] =
-+        {0x89,0xb3,0x92,0x00,0x39,0x20,0x09,0xb4,0x6a,0xd6,0xaf,0xca,0x4b,0x5b,0xfd,0xd0};
-+    BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO auth_info;
-     BCRYPT_KEY_LENGTHS_STRUCT key_lengths;
-     BCRYPT_ALG_HANDLE aes;
-     BCRYPT_KEY_HANDLE key;
-@@ -723,6 +833,10 @@ static void test_BCryptDecrypt(void)
-     ok(key_lengths.dwMaxLength == 256, "Expected 256, got %d\n", key_lengths.dwMaxLength);
-     ok(key_lengths.dwIncrement == 64, "Expected 64, got %d\n", key_lengths.dwIncrement);
- 
-+    /******************
-+     * AES - CBC mode *
-+     ******************/
-+
-     len = 0xdeadbeef;
-     size = sizeof(len);
-     ret = pBCryptGetProperty(aes, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
-@@ -820,6 +934,45 @@ static void test_BCryptDecrypt(void)
-     ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-     HeapFree(GetProcessHeap(), 0, buf);
- 
-+    /******************
-+     * AES - GCM mode *
-+     ******************/
-+
-+    ret = BCryptSetProperty(aes, BCRYPT_CHAINING_MODE, (UCHAR*)BCRYPT_CHAIN_MODE_GCM, sizeof(BCRYPT_CHAIN_MODE_GCM), 0);
-+    todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+
-+    buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
-+    ret = pBCryptGenerateSymmetricKey(aes, &key, buf, len, secret, sizeof(secret), 0);
-+    ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+
-+    memset(&auth_info, 0, sizeof(auth_info));
-+    auth_info.cbSize = sizeof(auth_info);
-+    auth_info.dwInfoVersion = 1;
-+    auth_info.pbNonce = nonce;
-+    auth_info.cbNonce = sizeof(nonce);
-+    auth_info.pbTag = tag;
-+    auth_info.cbTag = sizeof(tag);
-+
-+    /* input size is a multiple of block size */
-+    size = 0;
-+    memcpy(ivbuf, iv, sizeof(iv));
-+    memset(plaintext, 0, sizeof(plaintext));
-+    ret = pBCryptDecrypt(key, ciphertext4, 32, &auth_info, ivbuf, 16, plaintext, 32, &size, 0);
-+    todo_wine ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+    todo_wine ok(size == 32, "got %u\n", size);
-+    todo_wine ok(!memcmp(plaintext, expected3, sizeof(expected3)), "wrong data\n");
-+
-+    /* test with wrong tag */
-+    memcpy(ivbuf, iv, sizeof(iv));
-+    auth_info.pbTag = iv; /* wrong tag */
-+    ret = pBCryptDecrypt(key, ciphertext4, 32, &auth_info, ivbuf, 16, plaintext, 32, &size, 0);
-+    todo_wine ok(ret == STATUS_AUTH_TAG_MISMATCH, "got %08x\n", ret);
-+    todo_wine ok(size == 32, "got %u\n", size);
-+
-+    ret = pBCryptDestroyKey(key);
-+    ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
-+    HeapFree(GetProcessHeap(), 0, buf);
-+
-     ret = pBCryptCloseAlgorithmProvider(aes, 0);
-     ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
- }
-diff --git a/include/bcrypt.h b/include/bcrypt.h
-index 1be9b85..d0b29c7 100644
---- a/include/bcrypt.h
-+++ b/include/bcrypt.h
-@@ -96,7 +96,29 @@ typedef struct __BCRYPT_KEY_LENGTHS_STRUCT
-     ULONG dwMinLength;
-     ULONG dwMaxLength;
-     ULONG dwIncrement;
--} BCRYPT_KEY_LENGTHS_STRUCT;
-+} BCRYPT_KEY_LENGTHS_STRUCT, BCRYPT_AUTH_TAG_LENGTHS_STRUCT;
-+
-+typedef struct _BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO
-+{
-+    ULONG cbSize;
-+    ULONG dwInfoVersion;
-+    UCHAR *pbNonce;
-+    ULONG cbNonce;
-+    UCHAR *pbAuthData;
-+    ULONG cbAuthData;
-+    UCHAR *pbTag;
-+    ULONG cbTag;
-+    UCHAR *pbMacContext;
-+    ULONG cbMacContext;
-+    ULONG cbAAD;
-+    ULONGLONG cbData;
-+    ULONG dwFlags;
-+} BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO, *PBCRYPT_AUTHENTICATED_CIPHER_MODE_INFO;
-+
-+#define BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO_VERSION 1
-+
-+#define BCRYPT_AUTH_MODE_CHAIN_CALLS_FLAG 0x00000001
-+#define BCRYPT_AUTH_MODE_IN_PROGRESS_FLAG 0x00000002
- 
- typedef struct _CRYPT_INTERFACE_REG
- {
--- 
-1.9.1
-

patches/bcrypt-Improvements/0012-bcrypt-Pass-object-to-get_-alg-hash-_property-instea.patch

@@ -1,156 +0,0 @@
-From 2d4fc0dc7d0c64fb45683af54d659832493e2a7e Mon Sep 17 00:00:00 2001
-From: Sebastian Lackner <sebastian@fds-team.de>
-Date: Mon, 26 Dec 2016 06:18:01 +0100
-Subject: [PATCH 12/36] bcrypt: Pass object to get_{alg,hash}_property instead
- of alg_id.
-
----
- dlls/bcrypt/bcrypt_main.c | 40 ++++++++++++++++++++--------------------
- 1 file changed, 20 insertions(+), 20 deletions(-)
-
-diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
-index 6e47349..8af43c8 100644
---- a/dlls/bcrypt/bcrypt_main.c
-+++ b/dlls/bcrypt/bcrypt_main.c
-@@ -510,15 +510,15 @@ static NTSTATUS generic_alg_property( enum alg_id id, const WCHAR *prop, UCHAR *
-     return STATUS_NOT_IMPLEMENTED;
- }
- 
--static NTSTATUS get_alg_property( enum alg_id id, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
-+static NTSTATUS get_alg_property( const struct algorithm *alg, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
- {
-     NTSTATUS status;
- 
--    status = generic_alg_property( id, prop, buf, size, ret_size );
-+    status = generic_alg_property( alg->id, prop, buf, size, ret_size );
-     if (status != STATUS_NOT_IMPLEMENTED)
-         return status;
- 
--    switch (id)
-+    switch (alg->id)
-     {
-     case ALG_ID_AES:
-         if (!strcmpW( prop, BCRYPT_BLOCK_LENGTH ))
-@@ -567,11 +567,11 @@ static NTSTATUS get_alg_property( enum alg_id id, const WCHAR *prop, UCHAR *buf,
-     return STATUS_NOT_IMPLEMENTED;
- }
- 
--static NTSTATUS get_hash_property( enum alg_id id, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
-+static NTSTATUS get_hash_property( const struct hash *hash, const WCHAR *prop, UCHAR *buf, ULONG size, ULONG *ret_size )
- {
-     NTSTATUS status;
- 
--    status = generic_alg_property( id, prop, buf, size, ret_size );
-+    status = generic_alg_property( hash->alg_id, prop, buf, size, ret_size );
-     if (status == STATUS_NOT_IMPLEMENTED)
-         FIXME( "unsupported property %s\n", debugstr_w(prop) );
-     return status;
-@@ -591,12 +591,12 @@ NTSTATUS WINAPI BCryptGetProperty( BCRYPT_HANDLE handle, LPCWSTR prop, UCHAR *bu
-     case MAGIC_ALG:
-     {
-         const struct algorithm *alg = (const struct algorithm *)object;
--        return get_alg_property( alg->id, prop, buffer, count, res );
-+        return get_alg_property( alg, prop, buffer, count, res );
-     }
-     case MAGIC_HASH:
-     {
-         const struct hash *hash = (const struct hash *)object;
--        return get_hash_property( hash->alg_id, prop, buffer, count, res );
-+        return get_hash_property( hash, prop, buffer, count, res );
-     }
-     default:
-         WARN( "unknown magic %08x\n", object->magic );
-@@ -798,7 +798,7 @@ struct key
- #endif
- 
- #if defined(HAVE_GNUTLS_CIPHER_INIT) || defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
--static ULONG get_block_size( enum alg_id alg )
-+static ULONG get_block_size( struct algorithm *alg )
- {
-     ULONG ret = 0, size = sizeof(ret);
-     get_alg_property( alg, BCRYPT_BLOCK_LENGTH, (UCHAR *)&ret, sizeof(ret), &size );
-@@ -827,27 +827,27 @@ static NTSTATUS key_export( struct key *key, const WCHAR *type, UCHAR *output, U
- #endif
- 
- #if defined(HAVE_GNUTLS_CIPHER_INIT) && !defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H)
--static NTSTATUS key_init( struct key *key, enum alg_id id, const UCHAR *secret, ULONG secret_len )
-+static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
- {
-     UCHAR *buffer;
- 
-     if (!libgnutls_handle) return STATUS_INTERNAL_ERROR;
- 
--    switch (id)
-+    switch (alg->id)
-     {
-     case ALG_ID_AES:
-         break;
- 
-     default:
--        FIXME( "algorithm %u not supported\n", id );
-+        FIXME( "algorithm %u not supported\n", alg->id );
-         return STATUS_NOT_SUPPORTED;
-     }
- 
--    if (!(key->block_size = get_block_size( id ))) return STATUS_INVALID_PARAMETER;
-+    if (!(key->block_size = get_block_size( alg ))) return STATUS_INVALID_PARAMETER;
-     if (!(buffer = heap_alloc( secret_len ))) return STATUS_NO_MEMORY;
-     memcpy( buffer, secret, secret_len );
- 
--    key->alg_id     = id;
-+    key->alg_id     = alg->id;
-     key->handle     = 0;        /* initialized on first use */
-     key->secret     = buffer;
-     key->secret_len = secret_len;
-@@ -937,25 +937,25 @@ static NTSTATUS key_destroy( struct key *key )
-     return STATUS_SUCCESS;
- }
- #elif defined(HAVE_COMMONCRYPTO_COMMONCRYPTOR_H) && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
--static NTSTATUS key_init( struct key *key, enum alg_id id, const UCHAR *secret, ULONG secret_len )
-+static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
- {
-     UCHAR *buffer;
- 
--    switch (id)
-+    switch (alg->id)
-     {
-     case ALG_ID_AES:
-         break;
- 
-     default:
--        FIXME( "algorithm %u not supported\n", id );
-+        FIXME( "algorithm %u not supported\n", alg->id );
-         return STATUS_NOT_SUPPORTED;
-     }
- 
--    if (!(key->block_size = get_block_size( id ))) return STATUS_INVALID_PARAMETER;
-+    if (!(key->block_size = get_block_size( alg ))) return STATUS_INVALID_PARAMETER;
-     if (!(buffer = heap_alloc( secret_len ))) return STATUS_NO_MEMORY;
-     memcpy( buffer, secret, secret_len );
- 
--    key->alg_id      = id;
-+    key->alg_id      = alg->id;
-     key->ref_encrypt = NULL;        /* initialized on first use */
-     key->ref_decrypt = NULL;
-     key->secret      = buffer;
-@@ -1034,7 +1034,7 @@ static NTSTATUS key_destroy( struct key *key )
-     return STATUS_SUCCESS;
- }
- #else
--static NTSTATUS key_init( struct key *key, enum alg_id id, const UCHAR *secret, ULONG secret_len )
-+static NTSTATUS key_init( struct key *key, struct algorithm *alg, const UCHAR *secret, ULONG secret_len )
- {
-     ERR( "support for keys not available at build time\n" );
-     return STATUS_NOT_IMPLEMENTED;
-@@ -1089,7 +1089,7 @@ NTSTATUS WINAPI BCryptGenerateSymmetricKey( BCRYPT_ALG_HANDLE algorithm, BCRYPT_
-     if (!(key = heap_alloc( sizeof(*key) ))) return STATUS_NO_MEMORY;
-     key->hdr.magic = MAGIC_KEY;
- 
--    if ((status = key_init( key, alg->id, secret, secret_len )))
-+    if ((status = key_init( key, alg, secret, secret_len )))
-     {
-         heap_free( key );
-         return status;
--- 
-2.7.4
-