reactos/lib/advapi32/token/token.c

   1 /* $Id$
   2  *
   3  * COPYRIGHT:       See COPYING in the top level directory
   4  * PROJECT:         ReactOS system libraries
   5  * FILE:            lib/advapi32/token/token.c
   6  * PURPOSE:         Token functions
   7  * PROGRAMMER:      Ariadne ( ariadne@xs4all.nl)
   8  * UPDATE HISTORY:
   9  *                  Created 01/11/98
  10  */
  11
  12 #include "advapi32.h"
  13
  14
  15 /*
  16  * @implemented
  17  */
  18 BOOL STDCALL
  19 AdjustTokenGroups (HANDLE TokenHandle,
  20                    BOOL ResetToDefault,
  21                    PTOKEN_GROUPS NewState,
  22                    DWORD BufferLength,
  23                    PTOKEN_GROUPS PreviousState,
  24                    PDWORD ReturnLength)
  25 {
  26   NTSTATUS Status;
  27
  28   Status = NtAdjustGroupsToken (TokenHandle,
  29                                 ResetToDefault,
  30                                 NewState,
  31                                 BufferLength,
  32                                 PreviousState,
  33                                 (PULONG)ReturnLength);
  34   if (!NT_SUCCESS (Status))
  35     {
  36       SetLastError (RtlNtStatusToDosError (Status));
  37       return FALSE;
  38     }
  39
  40   return TRUE;
  41 }
  42
  43
  44 /*
  45  * @implemented
  46  */
  47 BOOL STDCALL
  48 AdjustTokenPrivileges (HANDLE TokenHandle,
  49                        BOOL DisableAllPrivileges,
  50                        PTOKEN_PRIVILEGES NewState,
  51                        DWORD BufferLength,
  52                        PTOKEN_PRIVILEGES PreviousState,
  53                        PDWORD ReturnLength)
  54 {
  55   NTSTATUS Status;
  56
  57   Status = NtAdjustPrivilegesToken (TokenHandle,
  58                                     DisableAllPrivileges,
  59                                     NewState,
  60                                     BufferLength,
  61                                     PreviousState,
  62                                     (PULONG)ReturnLength);
  63   if (STATUS_NOT_ALL_ASSIGNED == Status)
  64     {
  65       SetLastError(ERROR_NOT_ALL_ASSIGNED);
  66       return TRUE;
  67     }
  68   if (! NT_SUCCESS(Status))
  69     {
  70       SetLastError(RtlNtStatusToDosError(Status));
  71       return FALSE;
  72     }
  73
  74   SetLastError(ERROR_SUCCESS); /* AdjustTokenPrivileges is documented to do this */
  75   return TRUE;
  76 }
  77
  78
  79 /*
  80  * @implemented
  81  */
  82 BOOL STDCALL
  83 GetTokenInformation (HANDLE TokenHandle,
  84                      TOKEN_INFORMATION_CLASS TokenInformationClass,
  85                      LPVOID TokenInformation,
  86                      DWORD TokenInformationLength,
  87                      PDWORD ReturnLength)
  88 {
  89   NTSTATUS Status;
  90
  91   Status = NtQueryInformationToken (TokenHandle,
  92                                     TokenInformationClass,
  93                                     TokenInformation,
  94                                     TokenInformationLength,
  95                                     (PULONG)ReturnLength);
  96   if (!NT_SUCCESS (Status))
  97     {
  98       SetLastError (RtlNtStatusToDosError (Status));
  99       return FALSE;
 100     }
 101
 102   return TRUE;
 103 }
 104
 105
 106 /*
 107  * @implemented
 108  */
 109 BOOL STDCALL
 110 SetTokenInformation (HANDLE TokenHandle,
 111                      TOKEN_INFORMATION_CLASS TokenInformationClass,
 112                      LPVOID TokenInformation,
 113                      DWORD TokenInformationLength)
 114 {
 115   NTSTATUS Status;
 116
 117   Status = NtSetInformationToken (TokenHandle,
 118                                   TokenInformationClass,
 119                                   TokenInformation,
 120                                   TokenInformationLength);
 121   if (!NT_SUCCESS (Status))
 122     {
 123       SetLastError (RtlNtStatusToDosError (Status));
 124       return FALSE;
 125     }
 126
 127   return TRUE;
 128 }
 129
 130
 131 /*
 132  * @implemented
 133  */
 134 BOOL STDCALL
 135 AccessCheck (PSECURITY_DESCRIPTOR pSecurityDescriptor,
 136              HANDLE ClientToken,
 137              DWORD DesiredAccess,
 138              PGENERIC_MAPPING GenericMapping,
 139              PPRIVILEGE_SET PrivilegeSet,
 140              LPDWORD PrivilegeSetLength,
 141              LPDWORD GrantedAccess,
 142              LPBOOL AccessStatus)
 143 {
 144   NTSTATUS Status;
 145   NTSTATUS AccessStat;
 146
 147   Status = NtAccessCheck (pSecurityDescriptor,
 148                           ClientToken,
 149                           DesiredAccess,
 150                           GenericMapping,
 151                           PrivilegeSet,
 152                           (PULONG)PrivilegeSetLength,
 153                           (PACCESS_MASK)GrantedAccess,
 154                           &AccessStat);
 155   if (!NT_SUCCESS (Status))
 156     {
 157       SetLastError (RtlNtStatusToDosError (Status));
 158       return FALSE;
 159     }
 160
 161   if (!NT_SUCCESS (AccessStat))
 162     {
 163       SetLastError (RtlNtStatusToDosError (Status));
 164       *AccessStatus = FALSE;
 165       return TRUE;
 166     }
 167
 168   *AccessStatus = TRUE;
 169
 170   return TRUE;
 171 }
 172
 173
 174 /*
 175  * @implemented
 176  */
 177 BOOL STDCALL
 178 OpenProcessToken (HANDLE ProcessHandle,
 179                   DWORD DesiredAccess,
 180                   PHANDLE TokenHandle)
 181 {
 182   NTSTATUS Status;
 183
 184   Status = NtOpenProcessToken (ProcessHandle,
 185                                DesiredAccess,
 186                                TokenHandle);
 187   if (!NT_SUCCESS (Status))
 188     {
 189       SetLastError (RtlNtStatusToDosError (Status));
 190       return FALSE;
 191     }
 192
 193   return TRUE;
 194 }
 195
 196
 197 /*
 198  * @implemented
 199  */
 200 BOOL STDCALL
 201 OpenThreadToken (HANDLE ThreadHandle,
 202                  DWORD DesiredAccess,
 203                  BOOL OpenAsSelf,
 204                  PHANDLE TokenHandle)
 205 {
 206   NTSTATUS Status;
 207
 208   Status = NtOpenThreadToken (ThreadHandle,
 209                               DesiredAccess,
 210                               OpenAsSelf,
 211                               TokenHandle);
 212   if (!NT_SUCCESS(Status))
 213     {
 214       SetLastError (RtlNtStatusToDosError (Status));
 215       return FALSE;
 216     }
 217
 218   return TRUE;
 219 }
 220
 221
 222 /*
 223  * @implemented
 224  */
 225 BOOL STDCALL
 226 SetThreadToken (PHANDLE ThreadHandle,
 227                 HANDLE TokenHandle)
 228 {
 229   NTSTATUS Status;
 230   HANDLE hThread;
 231
 232   hThread = NtCurrentThread();
 233   if (ThreadHandle != NULL)
 234     hThread = ThreadHandle;
 235
 236   Status = NtSetInformationThread (hThread,
 237                                    ThreadImpersonationToken,
 238                                    &TokenHandle,
 239                                    sizeof(HANDLE));
 240   if (!NT_SUCCESS(Status))
 241     {
 242       SetLastError (RtlNtStatusToDosError (Status));
 243       return FALSE;
 244     }
 245
 246   return TRUE;
 247 }
 248
 249
 250 /*
 251  * @implemented
 252  */
 253 BOOL STDCALL
 254 DuplicateTokenEx (HANDLE ExistingTokenHandle,
 255                   DWORD  dwDesiredAccess,
 256                   LPSECURITY_ATTRIBUTES lpTokenAttributes,
 257                   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
 258                   TOKEN_TYPE TokenType,
 259                   PHANDLE DuplicateTokenHandle)
 260 {
 261   OBJECT_ATTRIBUTES ObjectAttributes;
 262   HANDLE NewToken;
 263   NTSTATUS Status;
 264   SECURITY_QUALITY_OF_SERVICE Sqos;
 265
 266   Sqos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
 267   Sqos.ImpersonationLevel = ImpersonationLevel;
 268   Sqos.ContextTrackingMode = 0;
 269   Sqos.EffectiveOnly = FALSE;
 270
 271   InitializeObjectAttributes(
 272       &ObjectAttributes,
 273       NULL,
 274       lpTokenAttributes->bInheritHandle ? OBJ_INHERIT : 0,
 275       NULL,
 276       lpTokenAttributes->lpSecurityDescriptor
 277       );
 278
 279   ObjectAttributes.SecurityQualityOfService = &Sqos;
 280
 281   Status = NtDuplicateToken (ExistingTokenHandle,
 282                              dwDesiredAccess,
 283                              &ObjectAttributes,
 284               Sqos.EffectiveOnly, /* why both here _and_ in Sqos? */
 285                              TokenType,
 286                              &NewToken);
 287   if (!NT_SUCCESS(Status))
 288     {
 289       SetLastError(RtlNtStatusToDosError(Status));
 290       return FALSE;
 291     }
 292
 293   return TRUE;
 294 }
 295
 296
 297 /*
 298  * @implemented
 299  */
 300 BOOL STDCALL
 301 DuplicateToken (HANDLE ExistingTokenHandle,
 302                 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
 303                 PHANDLE DuplicateTokenHandle)
 304 {
 305   return DuplicateTokenEx (ExistingTokenHandle,
 306                            TOKEN_DUPLICATE | TOKEN_IMPERSONATE | TOKEN_QUERY,
 307                            NULL,
 308                            ImpersonationLevel,
 309                            TokenImpersonation,
 310                            DuplicateTokenHandle);
 311 }
 312
 313 /* EOF */