2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/advapi32/token/token.c
5 * PURPOSE: Token functions
6 * PROGRAMMER: Ariadne ( ariadne@xs4all.nl)
11 #define NTOS_MODE_USER
22 WINBOOL ResetToDefault,
23 PTOKEN_GROUPS NewState,
25 PTOKEN_GROUPS PreviousState,
30 errCode = NtAdjustGroupsToken(TokenHandle,ResetToDefault,NewState,
31 BufferLength, PreviousState, (PULONG)ReturnLength );
32 if ( !NT_SUCCESS(errCode) ) {
33 SetLastError(RtlNtStatusToDosError(errCode));
45 AdjustTokenPrivileges (
47 WINBOOL DisableAllPrivileges,
48 PTOKEN_PRIVILEGES NewState,
50 PTOKEN_PRIVILEGES PreviousState,
54 errCode = NtAdjustPrivilegesToken(TokenHandle,DisableAllPrivileges,NewState,
55 BufferLength, PreviousState, (PULONG)ReturnLength );
56 if ( !NT_SUCCESS(errCode) ) {
57 SetLastError(RtlNtStatusToDosError(errCode));
71 TOKEN_INFORMATION_CLASS TokenInformationClass,
72 LPVOID TokenInformation,
73 DWORD TokenInformationLength,
78 errCode = NtQueryInformationToken(TokenHandle,TokenInformationClass,TokenInformation,
79 TokenInformationLength, (PULONG)ReturnLength);
80 if ( !NT_SUCCESS(errCode) ) {
81 SetLastError(RtlNtStatusToDosError(errCode));
95 TOKEN_INFORMATION_CLASS TokenInformationClass,
96 LPVOID TokenInformation,
97 DWORD TokenInformationLength
101 errCode = NtSetInformationToken(TokenHandle,TokenInformationClass,TokenInformation,
102 TokenInformationLength);
103 if ( !NT_SUCCESS(errCode) ) {
104 SetLastError(RtlNtStatusToDosError(errCode));
117 PSECURITY_DESCRIPTOR pSecurityDescriptor,
120 PGENERIC_MAPPING GenericMapping,
121 PPRIVILEGE_SET PrivilegeSet,
122 LPDWORD PrivilegeSetLength,
123 LPDWORD GrantedAccess,
128 errCode = NtAccessCheck( pSecurityDescriptor,
133 (PULONG)PrivilegeSetLength,
134 (PULONG)GrantedAccess,
135 (PBOOLEAN)AccessStatus);
136 if ( !NT_SUCCESS(errCode) ) {
137 SetLastError(RtlNtStatusToDosError(errCode));
150 HANDLE ProcessHandle,
156 errCode = NtOpenProcessToken(ProcessHandle,DesiredAccess,TokenHandle);
157 if ( !NT_SUCCESS(errCode) ) {
158 SetLastError(RtlNtStatusToDosError(errCode));
178 errCode = NtOpenThreadToken(ThreadHandle,DesiredAccess,OpenAsSelf,TokenHandle);
179 if ( !NT_SUCCESS(errCode) ) {
180 SetLastError(RtlNtStatusToDosError(errCode));
193 PHANDLE ThreadHandle,
198 HANDLE hThread = NtCurrentThread();
199 if ( ThreadHandle != NULL )
200 hThread = ThreadHandle;
201 errCode = NtSetInformationThread(hThread,ThreadImpersonationToken,TokenHandle,sizeof(HANDLE));
202 if ( !NT_SUCCESS(errCode) ) {
203 SetLastError(RtlNtStatusToDosError(errCode));
216 HANDLE ExistingTokenHandle,
217 DWORD dwDesiredAccess,
218 LPSECURITY_ATTRIBUTES lpTokenAttributes,
219 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
220 TOKEN_TYPE TokenType,
221 PHANDLE DuplicateTokenHandle
227 OBJECT_ATTRIBUTES ObjectAttributes;
230 ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);
231 ObjectAttributes.RootDirectory = NULL;
232 ObjectAttributes.ObjectName = NULL;
233 ObjectAttributes.Attributes = 0;
234 if ( lpTokenAttributes->bInheritHandle )
235 ObjectAttributes.Attributes |= OBJ_INHERIT;
237 ObjectAttributes.SecurityDescriptor = lpTokenAttributes->lpSecurityDescriptor;
238 ObjectAttributes.SecurityQualityOfService = NULL;
240 errCode = NtDuplicateToken( ExistingTokenHandle, dwDesiredAccess,
241 &ObjectAttributes, ImpersonationLevel,
242 TokenType, &NewToken );
244 if ( !NT_SUCCESS(errCode) ) {
245 SetLastError(RtlNtStatusToDosError(errCode));
258 HANDLE ExistingTokenHandle,
259 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
260 PHANDLE DuplicateTokenHandle
263 return DuplicateTokenEx (
265 TOKEN_DUPLICATE|TOKEN_IMPERSONATE|TOKEN_QUERY,