From 9cb94b276fed91e2e7ef11822cf87d690d06567c Mon Sep 17 00:00:00 2001 From: Robert Shearman Date: Mon, 20 Jun 2005 11:44:45 +0000 Subject: [PATCH] Implement RtlImpersonateSelf, RevertToSelf and MapGenericMask. --- dlls/advapi32/security.c | 43 +++++++++++++++++++++++++++++++++--------- dlls/ntdll/sec.c | 49 +++++++++++++++++++++++++++++++++++++++++++++--- include/winternl.h | 2 +- 3 files changed, 81 insertions(+), 13 deletions(-) diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c index 52041c96390..c6238cfdc04 100644 --- a/dlls/advapi32/security.c +++ b/dlls/advapi32/security.c @@ -1770,23 +1770,40 @@ NotifyBootConfigStatus( DWORD x1 ) /****************************************************************************** * RevertToSelf [ADVAPI32.@] * + * Ends the impersonation of a user. + * * PARAMS * void [] + * + * RETURNS + * Success: TRUE. + * Failure: FALSE. */ BOOL WINAPI RevertToSelf( void ) { - FIXME("(), stub\n"); - return TRUE; + HANDLE Token = NULL; + return set_ntstatus( NtSetInformationThread( GetCurrentThread(), + ThreadImpersonationToken, &Token, sizeof(Token) ) ); } /****************************************************************************** * ImpersonateSelf [ADVAPI32.@] + * + * Makes an impersonation token that represents the process user and assigns + * to the current thread. + * + * PARAMS + * ImpersonationLevel [I] Level at which to impersonate. + * + * RETURNS + * Success: TRUE. + * Failure: FALSE. */ BOOL WINAPI ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel) { - return RtlImpersonateSelf(ImpersonationLevel); + return set_ntstatus( RtlImpersonateSelf( ImpersonationLevel ) ); } /****************************************************************************** @@ -1844,14 +1861,22 @@ BOOL WINAPI AccessCheckByType( return !*AccessStatus; } +/****************************************************************************** + * MapGenericMask [ADVAPI32.@] + * + * Maps generic access rights into specific access rights according to the + * supplied mapping. + * + * PARAMS + * AccessMask [I/O] Access rights. + * GenericMapping [I] The mapping between generic and specific rights. + * + * RETURNS + * Nothing. + */ VOID WINAPI MapGenericMask( PDWORD AccessMask, PGENERIC_MAPPING GenericMapping ) { - FIXME("%p %p - stub\n", AccessMask, GenericMapping); - - *AccessMask |= GenericMapping->GenericRead; - *AccessMask |= GenericMapping->GenericWrite; - *AccessMask |= GenericMapping->GenericExecute; - *AccessMask |= GenericMapping->GenericAll; + RtlMapGenericMask( AccessMask, GenericMapping ); } /************************************************************************* diff --git a/dlls/ntdll/sec.c b/dlls/ntdll/sec.c index 3ba67bf0269..a2d4bad58bf 100644 --- a/dlls/ntdll/sec.c +++ b/dlls/ntdll/sec.c @@ -1365,12 +1365,55 @@ RtlAdjustPrivilege(ULONG Privilege, /****************************************************************************** * RtlImpersonateSelf [NTDLL.@] + * + * Makes an impersonation token that represents the process user and assigns + * to the current thread. + * + * PARAMS + * ImpersonationLevel [I] Level at which to impersonate. + * + * RETURNS + * Success: STATUS_SUCCESS. + * Failure: NTSTATUS code. */ -BOOL WINAPI +NTSTATUS WINAPI RtlImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel) { - FIXME("(%08x), stub\n", ImpersonationLevel); - return TRUE; + NTSTATUS Status; + OBJECT_ATTRIBUTES ObjectAttributes; + HANDLE ProcessToken; + HANDLE ImpersonationToken; + + TRACE("(%08x)\n", ImpersonationLevel); + + Status = NtOpenProcessToken( NtCurrentProcess(), TOKEN_DUPLICATE, + &ProcessToken); + if (Status != STATUS_SUCCESS) + return Status; + + InitializeObjectAttributes( &ObjectAttributes, NULL, 0, NULL, NULL ); + + Status = NtDuplicateToken( ProcessToken, + TOKEN_IMPERSONATE, + &ObjectAttributes, + ImpersonationLevel, + TokenImpersonation, + &ImpersonationToken ); + if (Status != STATUS_SUCCESS) + { + NtClose( ProcessToken ); + return Status; + } + + Status = NtSetInformationThread( GetCurrentThread(), + ThreadImpersonationToken, + &ImpersonationToken, + sizeof(ImpersonationToken) ); + + NtClose( ImpersonationToken ); + NtClose( ProcessToken ); + + return Status; } /****************************************************************************** diff --git a/include/winternl.h b/include/winternl.h index b5e0505033a..345b7aa4cc4 100644 --- a/include/winternl.h +++ b/include/winternl.h @@ -1890,7 +1890,7 @@ PVOID WINAPI RtlImageDirectoryEntryToData(HMODULE,BOOL,WORD,ULONG *); PIMAGE_NT_HEADERS WINAPI RtlImageNtHeader(HMODULE); PIMAGE_SECTION_HEADER WINAPI RtlImageRvaToSection(const IMAGE_NT_HEADERS *,HMODULE,DWORD); PVOID WINAPI RtlImageRvaToVa(const IMAGE_NT_HEADERS *,HMODULE,DWORD,IMAGE_SECTION_HEADER **); -BOOL WINAPI RtlImpersonateSelf(SECURITY_IMPERSONATION_LEVEL); +NTSTATUS WINAPI RtlImpersonateSelf(SECURITY_IMPERSONATION_LEVEL); void WINAPI RtlInitString(PSTRING,PCSZ); void WINAPI RtlInitAnsiString(PANSI_STRING,PCSZ); void WINAPI RtlInitUnicodeString(PUNICODE_STRING,PCWSTR); -- 2.11.4.GIT