lib/advapi32/token/token.c

   1 /*
   2  * COPYRIGHT:       See COPYING in the top level directory
   3  * PROJECT:         ReactOS system libraries
   4  * FILE:            lib/advapi32/token/token.c
   5  * PURPOSE:         Token functions
   6  * PROGRAMMER:      Ariadne ( ariadne@xs4all.nl)
   7  * UPDATE HISTORY:
   8  *                  Created 01/11/98
   9  */
  10
  11 #define NTOS_MODE_USER
  12 #include <ntos.h>
  13 #include <windows.h>
  14
  15 WINBOOL
  16 STDCALL
  17 AdjustTokenGroups (
  18                    HANDLE TokenHandle,
  19                    WINBOOL ResetToDefault,
  20                    PTOKEN_GROUPS NewState,
  21                    DWORD BufferLength,
  22                    PTOKEN_GROUPS PreviousState,
  23                    PDWORD ReturnLength
  24                     )
  25 {
  26         NTSTATUS errCode;
  27         errCode = NtAdjustGroupsToken(TokenHandle,ResetToDefault,NewState,
  28                         BufferLength, PreviousState, (PULONG)ReturnLength );
  29         if ( !NT_SUCCESS(errCode) ) {
  30                 SetLastError(RtlNtStatusToDosError(errCode));
  31                 return FALSE;
  32         }
  33         return TRUE;
  34 }
  35
  36 WINBOOL
  37 STDCALL
  38 AdjustTokenPrivileges (
  39                        HANDLE TokenHandle,
  40                        WINBOOL DisableAllPrivileges,
  41                        PTOKEN_PRIVILEGES NewState,
  42                        DWORD BufferLength,
  43                        PTOKEN_PRIVILEGES PreviousState,
  44                        PDWORD ReturnLength
  45                         )
  46 {       NTSTATUS errCode;
  47         errCode = NtAdjustPrivilegesToken(TokenHandle,DisableAllPrivileges,NewState,
  48                         BufferLength, PreviousState, (PULONG)ReturnLength );
  49         if ( !NT_SUCCESS(errCode) ) {
  50                 SetLastError(RtlNtStatusToDosError(errCode));
  51                 return FALSE;
  52         }
  53         return TRUE;
  54 }
  55
  56
  57 WINBOOL
  58 STDCALL
  59 GetTokenInformation (
  60                      HANDLE TokenHandle,
  61                      TOKEN_INFORMATION_CLASS TokenInformationClass,
  62                      LPVOID TokenInformation,
  63                      DWORD TokenInformationLength,
  64                      PDWORD ReturnLength
  65                       )
  66 {
  67         NTSTATUS errCode;
  68         errCode = NtQueryInformationToken(TokenHandle,TokenInformationClass,TokenInformation,
  69                         TokenInformationLength, (PULONG)ReturnLength);
  70         if ( !NT_SUCCESS(errCode) ) {
  71                 SetLastError(RtlNtStatusToDosError(errCode));
  72                 return FALSE;
  73         }
  74         return TRUE;
  75 }
  76
  77 WINBOOL
  78 STDCALL
  79 SetTokenInformation (
  80                      HANDLE TokenHandle,
  81                      TOKEN_INFORMATION_CLASS TokenInformationClass,
  82                      LPVOID TokenInformation,
  83                      DWORD TokenInformationLength
  84                       )
  85 {
  86         NTSTATUS errCode;
  87         errCode = NtSetInformationToken(TokenHandle,TokenInformationClass,TokenInformation,
  88                         TokenInformationLength);
  89         if ( !NT_SUCCESS(errCode) ) {
  90                 SetLastError(RtlNtStatusToDosError(errCode));
  91                 return FALSE;
  92         }
  93         return TRUE;
  94 }
  95
  96 WINBOOL
  97 STDCALL
  98 AccessCheck (
  99              PSECURITY_DESCRIPTOR pSecurityDescriptor,
 100              HANDLE ClientToken,
 101              DWORD DesiredAccess,
 102              PGENERIC_MAPPING GenericMapping,
 103              PPRIVILEGE_SET PrivilegeSet,
 104              LPDWORD PrivilegeSetLength,
 105              LPDWORD GrantedAccess,
 106              LPBOOL AccessStatus
 107               )
 108 {
 109         NTSTATUS errCode;
 110         errCode = NtAccessCheck( pSecurityDescriptor,
 111              ClientToken,
 112              DesiredAccess,
 113              GenericMapping,
 114              PrivilegeSet,
 115              (PULONG)PrivilegeSetLength,
 116              (PULONG)GrantedAccess,
 117              (PBOOLEAN)AccessStatus);
 118         if ( !NT_SUCCESS(errCode) ) {
 119                 SetLastError(RtlNtStatusToDosError(errCode));
 120                 return FALSE;
 121         }
 122         return TRUE;
 123 }
 124
 125
 126
 127 WINBOOL
 128 STDCALL
 129 OpenProcessToken (
 130                   HANDLE ProcessHandle,
 131                   DWORD DesiredAccess,
 132                   PHANDLE TokenHandle
 133                    )
 134 {
 135         NTSTATUS errCode;
 136         errCode = NtOpenProcessToken(ProcessHandle,DesiredAccess,TokenHandle);
 137         if ( !NT_SUCCESS(errCode) ) {
 138                 SetLastError(RtlNtStatusToDosError(errCode));
 139                 return FALSE;
 140         }
 141         return TRUE;
 142 }
 143
 144
 145
 146 WINBOOL
 147 STDCALL
 148 OpenThreadToken (
 149                  HANDLE ThreadHandle,
 150                  DWORD DesiredAccess,
 151                  WINBOOL OpenAsSelf,
 152                  PHANDLE TokenHandle
 153                   )
 154 {
 155         NTSTATUS errCode;
 156         errCode = NtOpenThreadToken(ThreadHandle,DesiredAccess,OpenAsSelf,TokenHandle);
 157         if ( !NT_SUCCESS(errCode) ) {
 158                 SetLastError(RtlNtStatusToDosError(errCode));
 159                 return FALSE;
 160         }
 161         return TRUE;
 162 }
 163
 164
 165 WINBOOL
 166 STDCALL
 167 SetThreadToken (
 168                 PHANDLE ThreadHandle,
 169                 HANDLE TokenHandle
 170                  )
 171 {
 172         NTSTATUS errCode;
 173         HANDLE hThread  = NtCurrentThread();
 174         if ( ThreadHandle != NULL )
 175                 hThread = ThreadHandle;
 176         errCode = NtSetInformationThread(hThread,ThreadImpersonationToken,TokenHandle,sizeof(HANDLE));
 177         if ( !NT_SUCCESS(errCode) ) {
 178                 SetLastError(RtlNtStatusToDosError(errCode));
 179                 return FALSE;
 180         }
 181         return TRUE;
 182 }
 183
 184
 185 WINBOOL
 186 STDCALL
 187 DuplicateTokenEx (
 188                   HANDLE ExistingTokenHandle,
 189                   DWORD  dwDesiredAccess,
 190                   LPSECURITY_ATTRIBUTES lpTokenAttributes,
 191                   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
 192                   TOKEN_TYPE TokenType,
 193                   PHANDLE DuplicateTokenHandle
 194                    )
 195 {
 196         NTSTATUS errCode;
 197         HANDLE NewToken;
 198
 199         OBJECT_ATTRIBUTES ObjectAttributes;
 200
 201
 202         ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);
 203         ObjectAttributes.RootDirectory = NULL;
 204         ObjectAttributes.ObjectName = NULL;
 205         ObjectAttributes.Attributes = 0;
 206         if ( lpTokenAttributes->bInheritHandle )
 207                 ObjectAttributes.Attributes |= OBJ_INHERIT;
 208
 209         ObjectAttributes.SecurityDescriptor = lpTokenAttributes->lpSecurityDescriptor;
 210         ObjectAttributes.SecurityQualityOfService = NULL;
 211
 212         errCode = NtDuplicateToken(  ExistingTokenHandle, dwDesiredAccess,
 213                 &ObjectAttributes, ImpersonationLevel,
 214                 TokenType,  &NewToken     );
 215
 216         if ( !NT_SUCCESS(errCode) ) {
 217                 SetLastError(RtlNtStatusToDosError(errCode));
 218                 return FALSE;
 219         }
 220         return TRUE;
 221 }
 222
 223
 224 WINBOOL
 225 STDCALL
 226 DuplicateToken (
 227                 HANDLE ExistingTokenHandle,
 228                 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
 229                 PHANDLE DuplicateTokenHandle
 230                  )
 231 {
 232         return DuplicateTokenEx (
 233                   ExistingTokenHandle,
 234                   TOKEN_DUPLICATE|TOKEN_IMPERSONATE|TOKEN_QUERY,
 235                   NULL,
 236                   ImpersonationLevel,
 237                   TokenImpersonation,
 238                   DuplicateTokenHandle
 239                    );
 240 }
 241
 242
 243
 244
 245
 246 /* EOF */