[LSASRV]

LsarSetSecurityObject: Impersonate the client and retrieve the client token when the owner sid will be set. svn path=/trunk/; revision=72449
2024-09-27 21:16:34 +00:00 · 2016-08-23 21:14:17 +00:00 · 2016-08-23 21:14:17 +00:00 · 1161db9756
parent 15d8c32ada
commit 1161db9756
1 changed files with 20 additions and 11 deletions
--- a/reactos/dll/win32/lsasrv/lsarpc.c
+++ b/reactos/dll/win32/lsasrv/lsarpc.c
@ -372,18 +372,27 @@ NTSTATUS WINAPI LsarSetSecurityObject(
    if (!NT_SUCCESS(Status))
        goto done;

-#if 0
-    RpcImpersonateClient(NULL);
+    /* Get the clients token if we try to set the owner */
+    if (SecurityInformation & OWNER_SECURITY_INFORMATION)
+    {
+        Status = I_RpcMapWin32Status(RpcImpersonateClient(NULL));
+        if (!NT_SUCCESS(Status))
+        {
+            ERR("RpcImpersonateClient returns 0x%08lx\n", Status);
+            goto done;
+        }

-    Status = NtOpenThreadToken(NtCurrentThread(),
-                               8,
-                               TRUE,
-                               &hToken);
-    if (!NT_SUCCESS(Status))
-        goto done;
-
-    RpcRevertToSelf();
-#endif
+        Status = NtOpenThreadToken(NtCurrentThread(),
+                                   TOKEN_QUERY,
+                                   TRUE,
+                                   &TokenHandle);
+        RpcRevertToSelf();
+        if (!NT_SUCCESS(Status))
+        {
+            ERR("NtOpenThreadToken returns 0x%08lx\n", Status);
+            goto done;
+        }
+    }

    /* Build the new security descriptor */
    Status = RtlSetSecurityObject(SecurityInformation,