lib/advapi32/token/token.c

   1 /*
   2  * COPYRIGHT:       See COPYING in the top level directory
   3  * PROJECT:         ReactOS system libraries
   4  * FILE:            lib/advapi32/token/token.c
   5  * PURPOSE:         Token functions
   6  * PROGRAMMER:      Ariadne ( ariadne@xs4all.nl)
   7  * UPDATE HISTORY:
   8  *                  Created 01/11/98
   9  */
  10
  11 #define NTOS_MODE_USER
  12 #include <ntos.h>
  13 #include <windows.h>
  14
  15 /*
  16  * @implemented
  17  */
  18 WINBOOL
  19 STDCALL
  20 AdjustTokenGroups (
  21                    HANDLE TokenHandle,
  22                    WINBOOL ResetToDefault,
  23                    PTOKEN_GROUPS NewState,
  24                    DWORD BufferLength,
  25                    PTOKEN_GROUPS PreviousState,
  26                    PDWORD ReturnLength
  27                     )
  28 {
  29         NTSTATUS errCode;
  30         errCode = NtAdjustGroupsToken(TokenHandle,ResetToDefault,NewState,
  31                         BufferLength, PreviousState, (PULONG)ReturnLength );
  32         if ( !NT_SUCCESS(errCode) ) {
  33                 SetLastError(RtlNtStatusToDosError(errCode));
  34                 return FALSE;
  35         }
  36         return TRUE;
  37 }
  38
  39
  40 /*
  41  * @implemented
  42  */
  43 WINBOOL
  44 STDCALL
  45 AdjustTokenPrivileges (
  46                        HANDLE TokenHandle,
  47                        WINBOOL DisableAllPrivileges,
  48                        PTOKEN_PRIVILEGES NewState,
  49                        DWORD BufferLength,
  50                        PTOKEN_PRIVILEGES PreviousState,
  51                        PDWORD ReturnLength
  52                         )
  53 {       NTSTATUS errCode;
  54         errCode = NtAdjustPrivilegesToken(TokenHandle,DisableAllPrivileges,NewState,
  55                         BufferLength, PreviousState, (PULONG)ReturnLength );
  56         if ( !NT_SUCCESS(errCode) ) {
  57                 SetLastError(RtlNtStatusToDosError(errCode));
  58                 return FALSE;
  59         }
  60         return TRUE;
  61 }
  62
  63
  64 /*
  65  * @implemented
  66  */
  67 WINBOOL
  68 STDCALL
  69 GetTokenInformation (
  70                      HANDLE TokenHandle,
  71                      TOKEN_INFORMATION_CLASS TokenInformationClass,
  72                      LPVOID TokenInformation,
  73                      DWORD TokenInformationLength,
  74                      PDWORD ReturnLength
  75                       )
  76 {
  77         NTSTATUS errCode;
  78         errCode = NtQueryInformationToken(TokenHandle,TokenInformationClass,TokenInformation,
  79                         TokenInformationLength, (PULONG)ReturnLength);
  80         if ( !NT_SUCCESS(errCode) ) {
  81                 SetLastError(RtlNtStatusToDosError(errCode));
  82                 return FALSE;
  83         }
  84         return TRUE;
  85 }
  86
  87
  88 /*
  89  * @implemented
  90  */
  91 WINBOOL
  92 STDCALL
  93 SetTokenInformation (
  94                      HANDLE TokenHandle,
  95                      TOKEN_INFORMATION_CLASS TokenInformationClass,
  96                      LPVOID TokenInformation,
  97                      DWORD TokenInformationLength
  98                       )
  99 {
 100         NTSTATUS errCode;
 101         errCode = NtSetInformationToken(TokenHandle,TokenInformationClass,TokenInformation,
 102                         TokenInformationLength);
 103         if ( !NT_SUCCESS(errCode) ) {
 104                 SetLastError(RtlNtStatusToDosError(errCode));
 105                 return FALSE;
 106         }
 107         return TRUE;
 108 }
 109
 110
 111 /*
 112  * @implemented
 113  */
 114 WINBOOL
 115 STDCALL
 116 AccessCheck (
 117              PSECURITY_DESCRIPTOR pSecurityDescriptor,
 118              HANDLE ClientToken,
 119              DWORD DesiredAccess,
 120              PGENERIC_MAPPING GenericMapping,
 121              PPRIVILEGE_SET PrivilegeSet,
 122              LPDWORD PrivilegeSetLength,
 123              LPDWORD GrantedAccess,
 124              LPBOOL AccessStatus
 125               )
 126 {
 127         NTSTATUS errCode;
 128         errCode = NtAccessCheck( pSecurityDescriptor,
 129              ClientToken,
 130              DesiredAccess,
 131              GenericMapping,
 132              PrivilegeSet,
 133              (PULONG)PrivilegeSetLength,
 134              (PULONG)GrantedAccess,
 135              (PBOOLEAN)AccessStatus);
 136         if ( !NT_SUCCESS(errCode) ) {
 137                 SetLastError(RtlNtStatusToDosError(errCode));
 138                 return FALSE;
 139         }
 140         return TRUE;
 141 }
 142
 143
 144 /*
 145  * @implemented
 146  */
 147 WINBOOL
 148 STDCALL
 149 OpenProcessToken (
 150                   HANDLE ProcessHandle,
 151                   DWORD DesiredAccess,
 152                   PHANDLE TokenHandle
 153                    )
 154 {
 155         NTSTATUS errCode;
 156         errCode = NtOpenProcessToken(ProcessHandle,DesiredAccess,TokenHandle);
 157         if ( !NT_SUCCESS(errCode) ) {
 158                 SetLastError(RtlNtStatusToDosError(errCode));
 159                 return FALSE;
 160         }
 161         return TRUE;
 162 }
 163
 164
 165 /*
 166  * @implemented
 167  */
 168 WINBOOL
 169 STDCALL
 170 OpenThreadToken (
 171                  HANDLE ThreadHandle,
 172                  DWORD DesiredAccess,
 173                  WINBOOL OpenAsSelf,
 174                  PHANDLE TokenHandle
 175                   )
 176 {
 177         NTSTATUS errCode;
 178         errCode = NtOpenThreadToken(ThreadHandle,DesiredAccess,OpenAsSelf,TokenHandle);
 179         if ( !NT_SUCCESS(errCode) ) {
 180                 SetLastError(RtlNtStatusToDosError(errCode));
 181                 return FALSE;
 182         }
 183         return TRUE;
 184 }
 185
 186
 187 /*
 188  * @implemented
 189  */
 190 WINBOOL
 191 STDCALL
 192 SetThreadToken (
 193                 PHANDLE ThreadHandle,
 194                 HANDLE TokenHandle
 195                  )
 196 {
 197         NTSTATUS errCode;
 198         HANDLE hThread  = NtCurrentThread();
 199         if ( ThreadHandle != NULL )
 200                 hThread = ThreadHandle;
 201         errCode = NtSetInformationThread(hThread,ThreadImpersonationToken,TokenHandle,sizeof(HANDLE));
 202         if ( !NT_SUCCESS(errCode) ) {
 203                 SetLastError(RtlNtStatusToDosError(errCode));
 204                 return FALSE;
 205         }
 206         return TRUE;
 207 }
 208
 209
 210 /*
 211  * @implemented
 212  */
 213 WINBOOL
 214 STDCALL
 215 DuplicateTokenEx (
 216                   HANDLE ExistingTokenHandle,
 217                   DWORD  dwDesiredAccess,
 218                   LPSECURITY_ATTRIBUTES lpTokenAttributes,
 219                   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
 220                   TOKEN_TYPE TokenType,
 221                   PHANDLE DuplicateTokenHandle
 222                    )
 223 {
 224         NTSTATUS errCode;
 225         HANDLE NewToken;
 226
 227         OBJECT_ATTRIBUTES ObjectAttributes;
 228
 229
 230         ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);
 231         ObjectAttributes.RootDirectory = NULL;
 232         ObjectAttributes.ObjectName = NULL;
 233         ObjectAttributes.Attributes = 0;
 234         if ( lpTokenAttributes->bInheritHandle )
 235                 ObjectAttributes.Attributes |= OBJ_INHERIT;
 236
 237         ObjectAttributes.SecurityDescriptor = lpTokenAttributes->lpSecurityDescriptor;
 238         ObjectAttributes.SecurityQualityOfService = NULL;
 239
 240         errCode = NtDuplicateToken(  ExistingTokenHandle, dwDesiredAccess,
 241                 &ObjectAttributes, ImpersonationLevel,
 242                 TokenType,  &NewToken     );
 243
 244         if ( !NT_SUCCESS(errCode) ) {
 245                 SetLastError(RtlNtStatusToDosError(errCode));
 246                 return FALSE;
 247         }
 248         return TRUE;
 249 }
 250
 251
 252 /*
 253  * @implemented
 254  */
 255 WINBOOL
 256 STDCALL
 257 DuplicateToken (
 258                 HANDLE ExistingTokenHandle,
 259                 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
 260                 PHANDLE DuplicateTokenHandle
 261                  )
 262 {
 263         return DuplicateTokenEx (
 264                   ExistingTokenHandle,
 265                   TOKEN_DUPLICATE|TOKEN_IMPERSONATE|TOKEN_QUERY,
 266                   NULL,
 267                   ImpersonationLevel,
 268                   TokenImpersonation,
 269                   DuplicateTokenHandle
 270                    );
 271 }
 272
 273 /* EOF */