[ros-diffs] [akhaldi] 64982: [ADVAPI32] * Update CreateRestrictedToken(). * More advapi32:security tests run now. CORE-8540

Sat, 25 Oct 2014 07:16:03 -0700 

Author: akhaldi
Date: Sat Oct 25 14:15:00 2014
New Revision: 64982

URL: http://svn.reactos.org/svn/reactos?rev=64982&view=rev
Log:
[ADVAPI32]
* Update CreateRestrictedToken().
* More advapi32:security tests run now.
CORE-8540

Modified:
    trunk/reactos/dll/win32/advapi32/wine/security.c

Modified: trunk/reactos/dll/win32/advapi32/wine/security.c
URL: 
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/wine/security.c?rev=64982&r1=64981&r2=64982&view=diff
==============================================================================
--- trunk/reactos/dll/win32/advapi32/wine/security.c    [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/advapi32/wine/security.c    [iso-8859-1] Sat Oct 25 
14:15:00 2014
@@ -528,19 +528,56 @@
     return TRUE;
 }
 
-BOOL WINAPI
-CreateRestrictedToken(HANDLE TokenHandle,
-                      DWORD Flags,
-                      DWORD DisableSidCount,
-                      PSID_AND_ATTRIBUTES pSidAndAttributes,
-                      DWORD DeletePrivilegeCount,
-                      PLUID_AND_ATTRIBUTES pLUIDAndAttributes,
-                      DWORD RestrictedSidCount,
-                      PSID_AND_ATTRIBUTES pSIDAndAttributes,
-                      PHANDLE NewTokenHandle)
-{
-    UNIMPLEMENTED;
-    return FALSE;
+/*************************************************************************
+ * CreateRestrictedToken [ADVAPI32.@]
+ *
+ * Create a new more restricted token from an existing token.
+ *
+ * PARAMS
+ *   baseToken       [I] Token to base the new restricted token on
+ *   flags           [I] Options
+ *   nDisableSids    [I] Length of disableSids array
+ *   disableSids     [I] Array of SIDs to disable in the new token
+ *   nDeletePrivs    [I] Length of deletePrivs array
+ *   deletePrivs     [I] Array of privileges to delete in the new token
+ *   nRestrictSids   [I] Length of restrictSids array
+ *   restrictSids    [I] Array of SIDs to restrict in the new token
+ *   newToken        [O] Address where the new token is stored
+ *
+ * RETURNS
+ *  Success: TRUE
+ *  Failure: FALSE
+ */
+BOOL WINAPI CreateRestrictedToken(
+    HANDLE baseToken,
+    DWORD flags,
+    DWORD nDisableSids,
+    PSID_AND_ATTRIBUTES disableSids,
+    DWORD nDeletePrivs,
+    PLUID_AND_ATTRIBUTES deletePrivs,
+    DWORD nRestrictSids,
+    PSID_AND_ATTRIBUTES restrictSids,
+    PHANDLE newToken)
+{
+    TOKEN_TYPE type;
+    SECURITY_IMPERSONATION_LEVEL level = TokenImpersonationLevel;
+    DWORD size;
+
+    FIXME("(%p, 0x%x, %u, %p, %u, %p, %u, %p, %p): stub\n",
+          baseToken, flags, nDisableSids, disableSids,
+          nDeletePrivs, deletePrivs,
+          nRestrictSids, restrictSids,
+          newToken);
+
+    size = sizeof(type);
+    if (!GetTokenInformation( baseToken, TokenType, &type, size, &size )) 
return FALSE;
+    if (type == TokenImpersonation)
+    {
+        size = sizeof(level);
+        if (!GetTokenInformation( baseToken, TokenImpersonationLevel, &level, 
size, &size ))
+            return FALSE;
+    }
+    return DuplicateTokenEx( baseToken, MAXIMUM_ALLOWED, NULL, level, type, 
newToken );
 }
 
 /*

Reply via email to