From: "Erich E. Hoover" <ehoover@mymail.mines.edu>
Subject: [PATCH 2/6] advapi32: Support service objects in GetSecurityInfo.
Message-Id: <CAEU2+vrLo3Szy_=m1hMqdbEBJunGz=pw7hyWJBct70ub31gWaw@mail.gmail.com>
Date: Sun, 2 Dec 2012 16:04:18 -0700

This patch adds support for service objects (SE_SERVICE) in calls to
GetSecurityInfo by implementing those calls with
QueryServiceObjectSecurity.

From d96c4324796bd34ec82adece60b239349e018e96 Mon Sep 17 00:00:00 2001
From: Erich Hoover <ehoover@mines.edu>
Date: Sun, 2 Dec 2012 15:10:56 -0700
Subject: advapi32: Support service objects in GetSecurityInfo.

---
 dlls/advapi32/advapi32_misc.h |    4 +++-
 dlls/advapi32/security.c      |   10 ++++++++--
 dlls/advapi32/service.c       |   19 ++++++++++++++-----
 3 files changed, 25 insertions(+), 8 deletions(-)

diff --git a/dlls/advapi32/advapi32_misc.h b/dlls/advapi32/advapi32_misc.h
index e4ecfbb..7365d09 100644
--- a/dlls/advapi32/advapi32_misc.h
+++ b/dlls/advapi32/advapi32_misc.h
@@ -21,6 +21,7 @@
 #define __WINE_ADVAPI32MISC_H
 
 #include "ntsecapi.h"
+#include "winsvc.h"
 
 const char * debugstr_sid(PSID sid) DECLSPEC_HIDDEN;
 BOOL ADVAPI_IsLocalComputer(LPCWSTR ServerName) DECLSPEC_HIDDEN;
@@ -28,6 +29,7 @@ BOOL ADVAPI_GetComputerSid(PSID sid) DECLSPEC_HIDDEN;
 
 BOOL lookup_local_wellknown_name(const LSA_UNICODE_STRING*, PSID, LPDWORD, LPWSTR, LPDWORD, PSID_NAME_USE, BOOL*) DECLSPEC_HIDDEN;
 BOOL lookup_local_user_name(const LSA_UNICODE_STRING*, PSID, LPDWORD, LPWSTR, LPDWORD, PSID_NAME_USE, BOOL*) DECLSPEC_HIDDEN;
-WCHAR *SERV_dup(const char *str);
+WCHAR *SERV_dup(const char *str) DECLSPEC_HIDDEN;
+DWORD SERV_QueryServiceObjectSecurity(SC_HANDLE, SECURITY_INFORMATION, PSECURITY_DESCRIPTOR, DWORD, LPDWORD) DECLSPEC_HIDDEN;
 
 #endif /* __WINE_ADVAPI32MISC_H */
diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index e000854..6ccb6a0 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -3046,7 +3046,10 @@ DWORD WINAPI GetSecurityInfo(
     ULONG n1, n2;
     BOOL present, defaulted;
 
-    status = NtQuerySecurityObject(hObject, SecurityInfo, NULL, 0, &n1);
+    if (ObjectType == SE_SERVICE)
+        status = SERV_QueryServiceObjectSecurity(hObject, SecurityInfo, NULL, 0, &n1);
+    else
+        status = NtQuerySecurityObject(hObject, SecurityInfo, NULL, 0, &n1);
     if (status != STATUS_BUFFER_TOO_SMALL && status != STATUS_SUCCESS)
         return RtlNtStatusToDosError(status);
 
@@ -3054,7 +3057,10 @@ DWORD WINAPI GetSecurityInfo(
     if (!sd)
         return ERROR_NOT_ENOUGH_MEMORY;
 
-    status = NtQuerySecurityObject(hObject, SecurityInfo, sd, n1, &n2);
+    if (ObjectType == SE_SERVICE)
+        status = SERV_QueryServiceObjectSecurity(hObject, SecurityInfo, sd, n1, &n2);
+    else
+        status = NtQuerySecurityObject(hObject, SecurityInfo, sd, n1, &n2);
     if (status != STATUS_SUCCESS)
     {
         LocalFree(sd);
diff --git a/dlls/advapi32/service.c b/dlls/advapi32/service.c
index 07b9e4b..674d152 100644
--- a/dlls/advapi32/service.c
+++ b/dlls/advapi32/service.c
@@ -2150,14 +2150,13 @@ BOOL WINAPI ChangeServiceConfig2W( SC_HANDLE hService, DWORD dwInfoLevel,
 /******************************************************************************
  * QueryServiceObjectSecurity [ADVAPI32.@]
  */
-BOOL WINAPI QueryServiceObjectSecurity(SC_HANDLE hService,
+DWORD SERV_QueryServiceObjectSecurity(SC_HANDLE hService,
        SECURITY_INFORMATION dwSecurityInformation,
        PSECURITY_DESCRIPTOR lpSecurityDescriptor,
        DWORD cbBufSize, LPDWORD pcbBytesNeeded)
 {
     SECURITY_DESCRIPTOR descriptor;
-    DWORD size;
-    BOOL succ;
+    DWORD size, err;
     ACL acl;
 
     FIXME("%p %d %p %u %p - semi-stub\n", hService, dwSecurityInformation,
@@ -2172,9 +2171,19 @@ BOOL WINAPI QueryServiceObjectSecurity(SC_HANDLE hService,
     SetSecurityDescriptorDacl(&descriptor, TRUE, &acl, TRUE);
 
     size = cbBufSize;
-    succ = MakeSelfRelativeSD(&descriptor, lpSecurityDescriptor, &size);
+    err = RtlMakeSelfRelativeSD(&descriptor, lpSecurityDescriptor, &size);
     *pcbBytesNeeded = size;
-    return succ;
+    return err;
+}
+
+BOOL WINAPI QueryServiceObjectSecurity(SC_HANDLE hService,
+       SECURITY_INFORMATION dwSecurityInformation,
+       PSECURITY_DESCRIPTOR lpSecurityDescriptor,
+       DWORD cbBufSize, LPDWORD pcbBytesNeeded)
+{
+    DWORD err = SERV_QueryServiceObjectSecurity(hService, dwSecurityInformation, lpSecurityDescriptor,
+                                                cbBufSize, pcbBytesNeeded);
+    return (err == ERROR_SUCCESS);
 }
 
 /******************************************************************************
-- 
1.7.9.5