advapi32\token\token.c: DuplicateTokenEx: pass correct values to NtDuplicateToken
security.c: RtlImpersonateSelf: pass correct values to NtDuplicateToken
ntoskrnl\token.c:
-NtSetInformationToken: lie and say we succeded
-NtDuplicateToken: don't deref. nullpointer
svn path=/trunk/; revision=12103
-/* $Id: zw.h,v 1.37 2004/12/10 16:50:36 navaraf Exp $
+/* $Id: zw.h,v 1.38 2004/12/14 00:41:23 gdalsnes Exp $
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
NtDuplicateToken(
IN HANDLE ExistingToken,
IN ACCESS_MASK DesiredAccess,
- IN POBJECT_ATTRIBUTES ObjectAttributes,
+ IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
IN BOOLEAN EffectiveOnly,
IN TOKEN_TYPE TokenType,
OUT PHANDLE NewToken
ZwDuplicateToken(
IN HANDLE ExistingToken,
IN ACCESS_MASK DesiredAccess,
- IN POBJECT_ATTRIBUTES ObjectAttributes,
- IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
+ IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
+ IN BOOLEAN EffectiveOnly,
IN TOKEN_TYPE TokenType,
OUT PHANDLE NewToken
);
-/* $Id: token.c,v 1.16 2004/12/11 00:21:33 weiden Exp $
+/* $Id: token.c,v 1.17 2004/12/14 00:41:24 gdalsnes Exp $
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS system libraries
OBJECT_ATTRIBUTES ObjectAttributes;
HANDLE NewToken;
NTSTATUS Status;
-
- ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);
- ObjectAttributes.RootDirectory = NULL;
- ObjectAttributes.ObjectName = NULL;
- ObjectAttributes.Attributes = 0;
- if (lpTokenAttributes->bInheritHandle)
- {
- ObjectAttributes.Attributes |= OBJ_INHERIT;
- }
- ObjectAttributes.SecurityDescriptor = lpTokenAttributes->lpSecurityDescriptor;
- ObjectAttributes.SecurityQualityOfService = NULL;
+ SECURITY_QUALITY_OF_SERVICE Sqos;
+
+ Sqos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
+ Sqos.ImpersonationLevel = ImpersonationLevel;
+ Sqos.ContextTrackingMode = 0;
+ Sqos.EffectiveOnly = FALSE;
+
+ InitializeObjectAttributes(
+ &ObjectAttributes,
+ NULL,
+ lpTokenAttributes->bInheritHandle ? OBJ_INHERIT : 0,
+ NULL,
+ lpTokenAttributes->lpSecurityDescriptor
+ );
+
+ ObjectAttributes.SecurityQualityOfService = &Sqos;
Status = NtDuplicateToken (ExistingTokenHandle,
dwDesiredAccess,
&ObjectAttributes,
- ImpersonationLevel,
+ Sqos.EffectiveOnly, /* why both here _and_ in Sqos? */
TokenType,
&NewToken);
if (!NT_SUCCESS(Status))
-/* $Id: security.c,v 1.2 2004/07/13 11:52:09 ekohl Exp $
+/* $Id: security.c,v 1.3 2004/12/14 00:41:24 gdalsnes Exp $
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
HANDLE ProcessToken;
HANDLE ImpersonationToken;
NTSTATUS Status;
-
+ OBJECT_ATTRIBUTES ObjAttr;
+ SECURITY_QUALITY_OF_SERVICE Sqos;
+
Status = NtOpenProcessToken(NtCurrentProcess(),
TOKEN_DUPLICATE,
&ProcessToken);
DPRINT1("NtOpenProcessToken() failed (Status %lx)\n", Status);
return(Status);
}
-
+
+ Sqos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
+ Sqos.ImpersonationLevel = ImpersonationLevel;
+ Sqos.ContextTrackingMode = 0;
+ Sqos.EffectiveOnly = FALSE;
+
+ InitializeObjectAttributes(
+ &ObjAttr,
+ NULL,
+ 0,
+ NULL,
+ NULL
+ );
+
+ ObjAttr.SecurityQualityOfService = &Sqos;
+
Status = NtDuplicateToken(ProcessToken,
TOKEN_IMPERSONATE,
- NULL,
- ImpersonationLevel,
+ &ObjAttr,
+ Sqos.EffectiveOnly, /* why both here _and_ in Sqos? */
TokenImpersonation,
&ImpersonationToken);
if (!NT_SUCCESS(Status))
-/* $Id: token.c,v 1.43 2004/12/10 16:50:38 navaraf Exp $
+/* $Id: token.c,v 1.44 2004/12/14 00:41:24 gdalsnes Exp $
*
* COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel
break;
default:
- return STATUS_NOT_IMPLEMENTED;
+ DPRINT1("NtSetInformationToken: lying about success (stub)\n");
+ return STATUS_SUCCESS;
+
}
Status = ObReferenceObjectByHandle(TokenHandle,
/*
* @implemented
+ *
+ * NOTE: Some sources claim 4th param is ImpersonationLevel, but on W2K
+ * this is certainly NOT true, thou i can't say for sure that EffectiveOnly
+ * is correct either. -Gunnar
*/
NTSTATUS STDCALL
NtDuplicateToken(IN HANDLE ExistingTokenHandle,
IN ACCESS_MASK DesiredAccess,
- IN POBJECT_ATTRIBUTES ObjectAttributes,
- IN BOOLEAN EffectiveOnly,
+ IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL /*is it really optional?*/,
+ IN BOOLEAN EffectiveOnly,
IN TOKEN_TYPE TokenType,
OUT PHANDLE NewTokenHandle)
{
ObjectAttributes,
EffectiveOnly,
TokenType,
- ObjectAttributes->SecurityQualityOfService->ImpersonationLevel,
+ ObjectAttributes->SecurityQualityOfService ?
+ ObjectAttributes->SecurityQualityOfService->ImpersonationLevel :
+ 0 /*SecurityAnonymous*/,
PreviousMode,
&NewToken);