+ NTSTATUS Status;
+ PTOKEN Token = (PTOKEN)AccessToken;
+ ULONG RequiredLength;
+ union
+ {
+ PSID PSid;
+ ULONG Ulong;
+ } Unused;
+
+ PAGED_CODE();
+
+ if (TokenInformationClass >= MaxTokenInfoClass)
+ {
+ DPRINT1("SeQueryInformationToken(%d) invalid information class\n", TokenInformationClass);
+ return STATUS_INVALID_INFO_CLASS;
+ }
+
+ switch (TokenInformationClass)
+ {
+ case TokenUser:
+ {
+ PTOKEN_USER tu;
+
+ DPRINT("SeQueryInformationToken(TokenUser)\n");
+ RequiredLength = sizeof(TOKEN_USER) +
+ RtlLengthSid(Token->UserAndGroups[0].Sid);
+
+ /* Allocate the output buffer */
+ tu = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (tu == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ Status = RtlCopySidAndAttributesArray(1,
+ &Token->UserAndGroups[0],
+ RequiredLength - sizeof(TOKEN_USER),
+ &tu->User,
+ (PSID)(tu + 1),
+ &Unused.PSid,
+ &Unused.Ulong);
+
+ /* Return the structure */
+ *TokenInformation = tu;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+ case TokenGroups:
+ {
+ PTOKEN_GROUPS tg;
+ ULONG SidLen;
+ PSID Sid;
+
+ DPRINT("SeQueryInformationToken(TokenGroups)\n");
+ RequiredLength = sizeof(tg->GroupCount) +
+ RtlLengthSidAndAttributes(Token->UserAndGroupCount - 1, &Token->UserAndGroups[1]);
+
+ SidLen = RequiredLength - sizeof(tg->GroupCount) -
+ ((Token->UserAndGroupCount - 1) * sizeof(SID_AND_ATTRIBUTES));
+
+ /* Allocate the output buffer */
+ tg = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (tg == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ Sid = (PSID)((ULONG_PTR)tg + sizeof(tg->GroupCount) +
+ ((Token->UserAndGroupCount - 1) * sizeof(SID_AND_ATTRIBUTES)));
+
+ tg->GroupCount = Token->UserAndGroupCount - 1;
+ Status = RtlCopySidAndAttributesArray(Token->UserAndGroupCount - 1,
+ &Token->UserAndGroups[1],
+ SidLen,
+ &tg->Groups[0],
+ Sid,
+ &Unused.PSid,
+ &Unused.Ulong);
+
+ /* Return the structure */
+ *TokenInformation = tg;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+ case TokenPrivileges:
+ {
+ PTOKEN_PRIVILEGES tp;
+
+ DPRINT("SeQueryInformationToken(TokenPrivileges)\n");
+ RequiredLength = sizeof(tp->PrivilegeCount) +
+ (Token->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
+
+ /* Allocate the output buffer */
+ tp = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (tp == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ tp->PrivilegeCount = Token->PrivilegeCount;
+ RtlCopyLuidAndAttributesArray(Token->PrivilegeCount,
+ Token->Privileges,
+ &tp->Privileges[0]);
+
+ /* Return the structure */
+ *TokenInformation = tp;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+ case TokenOwner:
+ {
+ PTOKEN_OWNER to;
+ ULONG SidLen;
+
+ DPRINT("SeQueryInformationToken(TokenOwner)\n");
+ SidLen = RtlLengthSid(Token->UserAndGroups[Token->DefaultOwnerIndex].Sid);
+ RequiredLength = sizeof(TOKEN_OWNER) + SidLen;
+
+ /* Allocate the output buffer */
+ to = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (to == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ to->Owner = (PSID)(to + 1);
+ Status = RtlCopySid(SidLen,
+ to->Owner,
+ Token->UserAndGroups[Token->DefaultOwnerIndex].Sid);
+
+ /* Return the structure */
+ *TokenInformation = to;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+ case TokenPrimaryGroup:
+ {
+ PTOKEN_PRIMARY_GROUP tpg;
+ ULONG SidLen;
+
+ DPRINT("SeQueryInformationToken(TokenPrimaryGroup)\n");
+ SidLen = RtlLengthSid(Token->PrimaryGroup);
+ RequiredLength = sizeof(TOKEN_PRIMARY_GROUP) + SidLen;
+
+ /* Allocate the output buffer */
+ tpg = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (tpg == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ tpg->PrimaryGroup = (PSID)(tpg + 1);
+ Status = RtlCopySid(SidLen,
+ tpg->PrimaryGroup,
+ Token->PrimaryGroup);
+
+ /* Return the structure */
+ *TokenInformation = tpg;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+ case TokenDefaultDacl:
+ {
+ PTOKEN_DEFAULT_DACL tdd;
+
+ DPRINT("SeQueryInformationToken(TokenDefaultDacl)\n");
+ RequiredLength = sizeof(TOKEN_DEFAULT_DACL);
+
+ if (Token->DefaultDacl != NULL)
+ RequiredLength += Token->DefaultDacl->AclSize;
+
+ /* Allocate the output buffer */
+ tdd = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (tdd == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ if (Token->DefaultDacl != NULL)
+ {
+ tdd->DefaultDacl = (PACL)(tdd + 1);
+ RtlCopyMemory(tdd->DefaultDacl,
+ Token->DefaultDacl,
+ Token->DefaultDacl->AclSize);
+ }
+ else
+ {
+ tdd->DefaultDacl = NULL;
+ }
+
+ /* Return the structure */
+ *TokenInformation = tdd;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+ case TokenSource:
+ {
+ PTOKEN_SOURCE ts;
+
+ DPRINT("SeQueryInformationToken(TokenSource)\n");
+ RequiredLength = sizeof(TOKEN_SOURCE);
+
+ /* Allocate the output buffer */
+ ts = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (ts == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ *ts = Token->TokenSource;
+
+ /* Return the structure */
+ *TokenInformation = ts;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+ case TokenType:
+ {
+ PTOKEN_TYPE tt;
+
+ DPRINT("SeQueryInformationToken(TokenType)\n");
+ RequiredLength = sizeof(TOKEN_TYPE);
+
+ /* Allocate the output buffer */
+ tt = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (tt == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ *tt = Token->TokenType;
+
+ /* Return the structure */
+ *TokenInformation = tt;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+ case TokenImpersonationLevel:
+ {
+ PSECURITY_IMPERSONATION_LEVEL sil;
+
+ DPRINT("SeQueryInformationToken(TokenImpersonationLevel)\n");
+ RequiredLength = sizeof(SECURITY_IMPERSONATION_LEVEL);
+
+ /* Fail if the token is not an impersonation token */
+ if (Token->TokenType != TokenImpersonation)
+ {
+ Status = STATUS_INVALID_INFO_CLASS;
+ break;
+ }
+
+ /* Allocate the output buffer */
+ sil = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (sil == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ *sil = Token->ImpersonationLevel;
+
+ /* Return the structure */
+ *TokenInformation = sil;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+ case TokenStatistics:
+ {
+ PTOKEN_STATISTICS ts;
+
+ DPRINT("SeQueryInformationToken(TokenStatistics)\n");
+ RequiredLength = sizeof(TOKEN_STATISTICS);
+
+ /* Allocate the output buffer */
+ ts = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (ts == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ ts->TokenId = Token->TokenId;
+ ts->AuthenticationId = Token->AuthenticationId;
+ ts->ExpirationTime = Token->ExpirationTime;
+ ts->TokenType = Token->TokenType;
+ ts->ImpersonationLevel = Token->ImpersonationLevel;
+ ts->DynamicCharged = Token->DynamicCharged;
+ ts->DynamicAvailable = Token->DynamicAvailable;
+ ts->GroupCount = Token->UserAndGroupCount - 1;
+ ts->PrivilegeCount = Token->PrivilegeCount;
+ ts->ModifiedId = Token->ModifiedId;
+
+ /* Return the structure */
+ *TokenInformation = ts;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+/*
+ * The following 4 cases are only implemented in NtQueryInformationToken
+ */
+#if 0
+
+ case TokenOrigin:
+ {
+ PTOKEN_ORIGIN to;
+
+ DPRINT("SeQueryInformationToken(TokenOrigin)\n");
+ RequiredLength = sizeof(TOKEN_ORIGIN);
+
+ /* Allocate the output buffer */
+ to = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (to == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ RtlCopyLuid(&to->OriginatingLogonSession,
+ &Token->AuthenticationId);
+
+ /* Return the structure */
+ *TokenInformation = to;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+ case TokenGroupsAndPrivileges:
+ DPRINT1("SeQueryInformationToken(TokenGroupsAndPrivileges) not implemented\n");
+ Status = STATUS_NOT_IMPLEMENTED;
+ break;
+
+ case TokenRestrictedSids:
+ {
+ PTOKEN_GROUPS tg = (PTOKEN_GROUPS)TokenInformation;
+ ULONG SidLen;
+ PSID Sid;
+
+ DPRINT("SeQueryInformationToken(TokenRestrictedSids)\n");
+ RequiredLength = sizeof(tg->GroupCount) +
+ RtlLengthSidAndAttributes(Token->RestrictedSidCount, Token->RestrictedSids);
+
+ SidLen = RequiredLength - sizeof(tg->GroupCount) -
+ (Token->RestrictedSidCount * sizeof(SID_AND_ATTRIBUTES));
+
+ /* Allocate the output buffer */
+ tg = ExAllocatePoolWithTag(PagedPool, RequiredLength, TAG_SE);
+ if (tg == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ break;
+ }
+
+ Sid = (PSID)((ULONG_PTR)tg + sizeof(tg->GroupCount) +
+ (Token->RestrictedSidCount * sizeof(SID_AND_ATTRIBUTES)));
+
+ tg->GroupCount = Token->RestrictedSidCount;
+ Status = RtlCopySidAndAttributesArray(Token->RestrictedSidCount,
+ Token->RestrictedSids,
+ SidLen,
+ &tg->Groups[0],
+ Sid,
+ &Unused.PSid,
+ &Unused.Ulong);
+
+ /* Return the structure */
+ *TokenInformation = tg;
+ Status = STATUS_SUCCESS;
+ break;
+ }
+
+ case TokenSandBoxInert:
+ DPRINT1("SeQueryInformationToken(TokenSandboxInert) not implemented\n");
+ Status = STATUS_NOT_IMPLEMENTED;
+ break;
+
+#endif
+
+ case TokenSessionId:
+ {
+ DPRINT("SeQueryInformationToken(TokenSessionId)\n");
+
+ Status = SeQuerySessionIdToken(Token, (PULONG)TokenInformation);
+
+ // Status = STATUS_SUCCESS;
+ break;
+ }
+
+ default:
+ DPRINT1("SeQueryInformationToken(%d) invalid information class\n", TokenInformationClass);
+ Status = STATUS_INVALID_INFO_CLASS;
+ break;
+ }
+
+ return Status;