[ros-diffs] [weiden] 24528: Add a stub for NtCompareTokens
weiden at svn.reactos.org
weiden at svn.reactos.org
Sun Oct 15 21:12:42 CEST 2006
Author: weiden
Date: Sun Oct 15 23:12:41 2006
New Revision: 24528
URL: http://svn.reactos.org/svn/reactos?rev=24528&view=rev
Log:
Add a stub for NtCompareTokens
Modified:
trunk/reactos/dll/ntdll/def/ntdll.def
trunk/reactos/include/ndk/sefuncs.h
trunk/reactos/ntoskrnl/se/token.c
trunk/reactos/tools/nci/sysfuncs.lst
Modified: trunk/reactos/dll/ntdll/def/ntdll.def
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/ntdll/def/ntdll.def?rev=24528&r1=24527&r2=24528&view=diff
==============================================================================
--- trunk/reactos/dll/ntdll/def/ntdll.def (original)
+++ trunk/reactos/dll/ntdll/def/ntdll.def Sun Oct 15 23:12:41 2006
@@ -79,6 +79,7 @@
NtClearEvent at 4
NtClose at 4
NtCloseObjectAuditAlarm at 12
+NtCompareTokens at 12
NtCompleteConnectPort at 4
NtConnectPort at 32
NtContinue at 8
@@ -747,6 +748,7 @@
ZwClearEvent at 4
ZwClose at 4
ZwCloseObjectAuditAlarm at 12
+ZwCompareTokens at 12
ZwCompleteConnectPort at 4
ZwConnectPort at 32
ZwContinue at 8
Modified: trunk/reactos/include/ndk/sefuncs.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/ndk/sefuncs.h?rev=24528&r1=24527&r2=24528&view=diff
==============================================================================
--- trunk/reactos/include/ndk/sefuncs.h (original)
+++ trunk/reactos/include/ndk/sefuncs.h Sun Oct 15 23:12:41 2006
@@ -155,6 +155,14 @@
PULONG Sequence,
PUCHAR Seed
);
+
+NTSYSCALLAPI
+NTSTATUS
+NTAPI
+NtCompareTokens(
+ IN HANDLE FirstTokenHandle,
+ IN HANDLE SecondTokenHandle,
+ OUT PBOOLEAN Equal);
NTSYSCALLAPI
NTSTATUS
Modified: trunk/reactos/ntoskrnl/se/token.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/token.c?rev=24528&r1=24527&r2=24528&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/se/token.c (original)
+++ trunk/reactos/ntoskrnl/se/token.c Sun Oct 15 23:12:41 2006
@@ -2406,7 +2406,7 @@
/*
- * @unimplemented
+ * @implemented
*/
BOOLEAN
STDCALL
@@ -2414,12 +2414,12 @@
IN PACCESS_TOKEN Token
)
{
- UNIMPLEMENTED;
- return FALSE;
+ PAGED_CODE();
+ return (((PTOKEN)Token)->TokenFlags & TOKEN_HAS_ADMIN_GROUP) != 0;
}
/*
- * @unimplemented
+ * @implemented
*/
BOOLEAN
STDCALL
@@ -2427,12 +2427,12 @@
IN PACCESS_TOKEN Token
)
{
- UNIMPLEMENTED;
- return FALSE;
+ PAGED_CODE();
+ return (((PTOKEN)Token)->TokenFlags & TOKEN_IS_RESTRICTED) != 0;
}
/*
- * @unimplemented
+ * @implemented
*/
BOOLEAN
STDCALL
@@ -2440,8 +2440,8 @@
IN PACCESS_TOKEN Token
)
{
- UNIMPLEMENTED;
- return FALSE;
+ PAGED_CODE();
+ return (((PTOKEN)Token)->TokenFlags & TOKEN_HAS_RESTORE_PRIVILEGE) != 0;
}
@@ -2641,4 +2641,113 @@
TokenHandle);
}
+static NTSTATUS
+SepCompareTokens(IN PTOKEN FirstToken,
+ IN PTOKEN SecondToken,
+ OUT PBOOLEAN Equal)
+{
+ BOOLEAN Restricted, IsEqual = FALSE;
+
+ ASSERT(FirstToken != SecondToken);
+
+ /* FIXME: Check if every SID that is present in either token is also present in the other one */
+
+ Restricted = SeTokenIsRestricted(FirstToken);
+ if (Restricted == SeTokenIsRestricted(SecondToken))
+ {
+ if (Restricted)
+ {
+ /* FIXME: Check if every SID that is restricted in either token is also restricted in the other one */
+ }
+
+ /* FIXME: Check if every privilege that is present in either token is also present in the other one */
+ }
+
+ *Equal = IsEqual;
+ return STATUS_SUCCESS;
+}
+
+/*
+ * @unimplemented
+ */
+NTSTATUS
+NTAPI
+NtCompareTokens(IN HANDLE FirstTokenHandle,
+ IN HANDLE SecondTokenHandle,
+ OUT PBOOLEAN Equal)
+{
+ KPROCESSOR_MODE PreviousMode;
+ PTOKEN FirstToken, SecondToken;
+ BOOLEAN IsEqual;
+ NTSTATUS Status = STATUS_SUCCESS;
+
+ PAGED_CODE();
+
+ PreviousMode = ExGetPreviousMode();
+
+ if (PreviousMode != KernelMode)
+ {
+ _SEH_TRY
+ {
+ ProbeForWriteBoolean(Equal);
+ }
+ _SEH_HANDLE
+ {
+ Status = _SEH_GetExceptionCode();
+ }
+ _SEH_END;
+
+ if (!NT_SUCCESS(Status))
+ return Status;
+ }
+
+ Status = ObReferenceObjectByHandle(FirstTokenHandle,
+ TOKEN_QUERY,
+ SepTokenObjectType,
+ PreviousMode,
+ (PVOID*)&FirstToken,
+ NULL);
+ if (!NT_SUCCESS(Status))
+ return Status;
+
+ Status = ObReferenceObjectByHandle(SecondTokenHandle,
+ TOKEN_QUERY,
+ SepTokenObjectType,
+ PreviousMode,
+ (PVOID*)&SecondToken,
+ NULL);
+ if (!NT_SUCCESS(Status))
+ {
+ ObDereferenceObject(FirstToken);
+ return Status;
+ }
+
+ if (FirstToken != SecondToken)
+ {
+ Status = SepCompareTokens(FirstToken,
+ SecondToken,
+ &IsEqual);
+ }
+ else
+ IsEqual = TRUE;
+
+ ObDereferenceObject(FirstToken);
+ ObDereferenceObject(SecondToken);
+
+ if (NT_SUCCESS(Status))
+ {
+ _SEH_TRY
+ {
+ *Equal = IsEqual;
+ }
+ _SEH_EXCEPT(_SEH_ExSystemExceptionFilter)
+ {
+ Status = _SEH_GetExceptionCode();
+ }
+ _SEH_END;
+ }
+
+ return Status;
+}
+
/* EOF */
Modified: trunk/reactos/tools/nci/sysfuncs.lst
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/tools/nci/sysfuncs.lst?rev=24528&r1=24527&r2=24528&view=diff
==============================================================================
--- trunk/reactos/tools/nci/sysfuncs.lst (original)
+++ trunk/reactos/tools/nci/sysfuncs.lst Sun Oct 15 23:12:41 2006
@@ -17,6 +17,7 @@
NtClearEvent 1
NtClose 1
NtCloseObjectAuditAlarm 3
+NtCompareTokens 3
NtCompleteConnectPort 1
NtConnectPort 8
NtContinue 2
More information about the Ros-diffs
mailing list