Author: ekohl
Date: Tue Aug 23 21:14:17 2016
New Revision: 72449
URL: http://svn.reactos.org/svn/reactos?rev=72449&view=rev
Log:
[LSASRV]
LsarSetSecurityObject: Impersonate the client and retrieve the client token
when the owner sid will be set.
Modified:
trunk/reactos/dll/win32/lsasrv/lsarpc.c
Modified: trunk/reactos/dll/win32/lsasrv/lsarpc.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsarpc.c?rev=72449&r1=72448&r2=72449&view=diff
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] Tue Aug 23
21:14:17 2016
@@ -372,18 +372,27 @@
if (!NT_SUCCESS(Status))
goto done;
-#if 0
- RpcImpersonateClient(NULL);
-
- Status = NtOpenThreadToken(NtCurrentThread(),
- 8,
- TRUE,
- &hToken);
- if (!NT_SUCCESS(Status))
- goto done;
-
- RpcRevertToSelf();
-#endif
+ /* Get the clients token if we try to set the owner */
+ if (SecurityInformation & OWNER_SECURITY_INFORMATION)
+ {
+ Status = I_RpcMapWin32Status(RpcImpersonateClient(NULL));
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("RpcImpersonateClient returns 0x%08lx\n", Status);
+ goto done;
+ }
+
+ Status = NtOpenThreadToken(NtCurrentThread(),
+ TOKEN_QUERY,
+ TRUE,
+ &TokenHandle);
+ RpcRevertToSelf();
+ if (!NT_SUCCESS(Status))
+ {
+ ERR("NtOpenThreadToken returns 0x%08lx\n", Status);
+ goto done;
+ }
+ }
/* Build the new security descriptor */
Status = RtlSetSecurityObject(SecurityInformation,
