2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: lib/advapi32/token/token.c
5 * PURPOSE: Token functions
6 * PROGRAMMER: Ariadne ( ariadne@xs4all.nl)
12 #include <ddk/ntddk.h>
18 WINBOOL ResetToDefault,
19 PTOKEN_GROUPS NewState,
21 PTOKEN_GROUPS PreviousState,
26 errCode = NtAdjustGroupsToken(TokenHandle,ResetToDefault,NewState,
27 BufferLength, PreviousState, (PULONG)ReturnLength );
28 if ( !NT_SUCCESS(errCode) ) {
29 SetLastError(RtlNtStatusToDosError(errCode));
37 AdjustTokenPrivileges (
39 WINBOOL DisableAllPrivileges,
40 PTOKEN_PRIVILEGES NewState,
42 PTOKEN_PRIVILEGES PreviousState,
46 errCode = NtAdjustPrivilegesToken(TokenHandle,DisableAllPrivileges,NewState,
47 BufferLength, PreviousState, (PULONG)ReturnLength );
48 if ( !NT_SUCCESS(errCode) ) {
49 SetLastError(RtlNtStatusToDosError(errCode));
60 TOKEN_INFORMATION_CLASS TokenInformationClass,
61 LPVOID TokenInformation,
62 DWORD TokenInformationLength,
67 errCode = NtQueryInformationToken(TokenHandle,TokenInformationClass,TokenInformation,
68 TokenInformationLength, (PULONG)ReturnLength);
69 if ( !NT_SUCCESS(errCode) ) {
70 SetLastError(RtlNtStatusToDosError(errCode));
80 TOKEN_INFORMATION_CLASS TokenInformationClass,
81 LPVOID TokenInformation,
82 DWORD TokenInformationLength
86 errCode = NtSetInformationToken(TokenHandle,TokenInformationClass,TokenInformation,
87 TokenInformationLength);
88 if ( !NT_SUCCESS(errCode) ) {
89 SetLastError(RtlNtStatusToDosError(errCode));
98 PSECURITY_DESCRIPTOR pSecurityDescriptor,
101 PGENERIC_MAPPING GenericMapping,
102 PPRIVILEGE_SET PrivilegeSet,
103 LPDWORD PrivilegeSetLength,
104 LPDWORD GrantedAccess,
109 errCode = NtAccessCheck( pSecurityDescriptor,
114 (PULONG)PrivilegeSetLength,
115 (PULONG)GrantedAccess,
116 (PBOOLEAN)AccessStatus);
117 if ( !NT_SUCCESS(errCode) ) {
118 SetLastError(RtlNtStatusToDosError(errCode));
129 HANDLE ProcessHandle,
135 errCode = NtOpenProcessToken(ProcessHandle,DesiredAccess,TokenHandle);
136 if ( !NT_SUCCESS(errCode) ) {
137 SetLastError(RtlNtStatusToDosError(errCode));
155 errCode = NtOpenThreadToken(ThreadHandle,DesiredAccess,OpenAsSelf,TokenHandle);
156 if ( !NT_SUCCESS(errCode) ) {
157 SetLastError(RtlNtStatusToDosError(errCode));
167 PHANDLE ThreadHandle,
172 HANDLE hThread = NtCurrentThread();
173 if ( ThreadHandle != NULL )
174 hThread = ThreadHandle;
175 errCode = NtSetInformationThread(hThread,ThreadImpersonationToken,TokenHandle,sizeof(HANDLE));
176 if ( !NT_SUCCESS(errCode) ) {
177 SetLastError(RtlNtStatusToDosError(errCode));
187 HANDLE ExistingTokenHandle,
188 DWORD dwDesiredAccess,
189 LPSECURITY_ATTRIBUTES lpTokenAttributes,
190 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
191 TOKEN_TYPE TokenType,
192 PHANDLE DuplicateTokenHandle
198 OBJECT_ATTRIBUTES ObjectAttributes;
201 ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);
202 ObjectAttributes.RootDirectory = NULL;
203 ObjectAttributes.ObjectName = NULL;
204 ObjectAttributes.Attributes = 0;
205 if ( lpTokenAttributes->bInheritHandle )
206 ObjectAttributes.Attributes |= OBJ_INHERIT;
208 ObjectAttributes.SecurityDescriptor = lpTokenAttributes->lpSecurityDescriptor;
209 ObjectAttributes.SecurityQualityOfService = NULL;
211 errCode = NtDuplicateToken( ExistingTokenHandle, dwDesiredAccess,
212 &ObjectAttributes, ImpersonationLevel,
213 TokenType, &NewToken );
215 if ( !NT_SUCCESS(errCode) ) {
216 SetLastError(RtlNtStatusToDosError(errCode));
226 HANDLE ExistingTokenHandle,
227 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
228 PHANDLE DuplicateTokenHandle
231 return DuplicateTokenEx (
233 TOKEN_DUPLICATE|TOKEN_IMPERSONATE|TOKEN_QUERY,