Implement RtlImpersonateSelf, RevertToSelf and MapGenericMask.

9cb94b27 · Robert Shearman · Alexandre Julliard · 433f72f8 · 9cb94b27 · 9cb94b27
Commit 9cb94b27 authored Jun 20, 2005 by Robert Shearman Committed by Alexandre Julliard Jun 20, 2005
Hide whitespace changes
Inline Side-by-side

Showing with 81 additions and 13 deletions

security.c dlls/advapi32/security.c +34 -9

sec.c dlls/ntdll/sec.c +46 -3

winternl.h include/winternl.h +1 -1

No files found.
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -1770,23 +1770,40 @@ NotifyBootConfigStatus( DWORD x1 )
 /******************************************************************************
 * RevertToSelf [ADVAPI32.@]
 *
+ * Ends the impersonation of a user.
+ *
 * PARAMS
 *   void []
+ *
+ * RETURNS
+ *  Success: TRUE.
+ *  Failure: FALSE.
 */
 BOOL WINAPI
 RevertToSelf( void )
 {
-	FIXME("(), stub\n");
+    HANDLE Token = NULL;
-	return TRUE;
+    return set_ntstatus( NtSetInformationThread( GetCurrentThread(),
+        ThreadImpersonationToken, &Token, sizeof(Token) ) );
 }
 /******************************************************************************
 * ImpersonateSelf [ADVAPI32.@]
+ *
+ * Makes an impersonation token that represents the process user and assigns
+ * to the current thread.
+ *
+ * PARAMS
+ *  ImpersonationLevel [I] Level at which to impersonate.
+ *
+ * RETURNS
+ *  Success: TRUE.
+ *  Failure: FALSE.
 */
 BOOL WINAPI
 ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
 {
-	return RtlImpersonateSelf(ImpersonationLevel);
+    return set_ntstatus( RtlImpersonateSelf( ImpersonationLevel ) );
 }
 /******************************************************************************
@@ -1844,14 +1861,22 @@ BOOL WINAPI AccessCheckByType(
 	return !*AccessStatus;
 }
+/******************************************************************************
+ * MapGenericMask [ADVAPI32.@]
+ *
+ * Maps generic access rights into specific access rights according to the
+ * supplied mapping.
+ *
+ * PARAMS
+ *  AccessMask     [I/O] Access rights.
+ *  GenericMapping [I] The mapping between generic and specific rights.
+ *
+ * RETURNS
+ *  Nothing.
+ */
 VOID WINAPI MapGenericMask( PDWORD AccessMask, PGENERIC_MAPPING GenericMapping )
 {
-	FIXME("%p %p - stub\n", AccessMask, GenericMapping);
+    RtlMapGenericMask( AccessMask, GenericMapping );
-    *AccessMask |= GenericMapping->GenericRead;
-    *AccessMask |= GenericMapping->GenericWrite;
-    *AccessMask |= GenericMapping->GenericExecute;
-    *AccessMask |= GenericMapping->GenericAll;
 }
 /*************************************************************************

--- a/dlls/ntdll/sec.c
+++ b/dlls/ntdll/sec.c
@@ -1365,12 +1365,55 @@ RtlAdjustPrivilege(ULONG Privilege,
 /******************************************************************************
 *  RtlImpersonateSelf		[NTDLL.@]
+ *
+ * Makes an impersonation token that represents the process user and assigns
+ * to the current thread.
+ *
+ * PARAMS
+ *  ImpersonationLevel [I] Level at which to impersonate.
+ *
+ * RETURNS
+ *  Success: STATUS_SUCCESS.
+ *  Failure: NTSTATUS code.
 */
-BOOL WINAPI
+NTSTATUS WINAPI
 RtlImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
 {
-	FIXME("(%08x), stub\n", ImpersonationLevel);
+    NTSTATUS Status;
-	return TRUE;
+    OBJECT_ATTRIBUTES ObjectAttributes;
+    HANDLE ProcessToken;
+    HANDLE ImpersonationToken;
+    TRACE("(%08x)\n", ImpersonationLevel);
+    Status = NtOpenProcessToken( NtCurrentProcess(), TOKEN_DUPLICATE,
+                                 &ProcessToken);
+    if (Status != STATUS_SUCCESS)
+        return Status;
+    InitializeObjectAttributes( &ObjectAttributes, NULL, 0, NULL, NULL );
+    Status = NtDuplicateToken( ProcessToken,
+                               TOKEN_IMPERSONATE,
+                               &ObjectAttributes,
+                               ImpersonationLevel,
+                               TokenImpersonation,
+                               &ImpersonationToken );
+    if (Status != STATUS_SUCCESS)
+    {
+        NtClose( ProcessToken );
+        return Status;
+    }
+    Status = NtSetInformationThread( GetCurrentThread(),
+                                     ThreadImpersonationToken,
+                                     &ImpersonationToken,
+                                     sizeof(ImpersonationToken) );
+    NtClose( ImpersonationToken );
+    NtClose( ProcessToken );
+    return Status;
 }
 /******************************************************************************

--- a/include/winternl.h
+++ b/include/winternl.h
@@ -1890,7 +1890,7 @@ PVOID     WINAPI RtlImageDirectoryEntryToData(HMODULE,BOOL,WORD,ULONG *);
 PIMAGE_NT_HEADERS WINAPI RtlImageNtHeader(HMODULE);
 PIMAGE_SECTION_HEADER WINAPI RtlImageRvaToSection(const IMAGE_NT_HEADERS *,HMODULE,DWORD);
 PVOID     WINAPI RtlImageRvaToVa(const IMAGE_NT_HEADERS *,HMODULE,DWORD,IMAGE_SECTION_HEADER **);
-BOOL      WINAPI RtlImpersonateSelf(SECURITY_IMPERSONATION_LEVEL);
+NTSTATUS  WINAPI RtlImpersonateSelf(SECURITY_IMPERSONATION_LEVEL);
 void      WINAPI RtlInitString(PSTRING,PCSZ);
 void      WINAPI RtlInitAnsiString(PANSI_STRING,PCSZ);
 void      WINAPI RtlInitUnicodeString(PUNICODE_STRING,PCWSTR);