mirror of
https://github.com/reactos/reactos.git
synced 2024-06-29 01:12:06 +00:00
[FORMATTING]
No code changes. svn path=/trunk/; revision=47383
This commit is contained in:
parent
4e25539b71
commit
f0910f33d3
|
@ -30,6 +30,7 @@ SeCaptureSubjectContextEx(IN PETHREAD Thread,
|
|||
OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
|
||||
{
|
||||
BOOLEAN CopyOnOpen, EffectiveOnly;
|
||||
|
||||
PAGED_CODE();
|
||||
|
||||
/* Save the unique ID */
|
||||
|
@ -127,6 +128,7 @@ SeCreateAccessStateEx(IN PETHREAD Thread,
|
|||
{
|
||||
ACCESS_MASK AccessMask = Access;
|
||||
PTOKEN Token;
|
||||
|
||||
PAGED_CODE();
|
||||
|
||||
/* Map the Generic Acess to Specific Access if we have a Mapping */
|
||||
|
@ -200,6 +202,7 @@ NTAPI
|
|||
SeDeleteAccessState(IN PACCESS_STATE AccessState)
|
||||
{
|
||||
PAUX_ACCESS_DATA AuxData;
|
||||
|
||||
PAGED_CODE();
|
||||
|
||||
/* Get the Auxiliary Data */
|
||||
|
@ -213,6 +216,7 @@ SeDeleteAccessState(IN PACCESS_STATE AccessState)
|
|||
{
|
||||
ExFreePool(AccessState->ObjectName.Buffer);
|
||||
}
|
||||
|
||||
if (AccessState->ObjectTypeName.Buffer)
|
||||
{
|
||||
ExFreePool(AccessState->ObjectTypeName.Buffer);
|
||||
|
@ -252,6 +256,7 @@ SeCreateClientSecurity(IN PETHREAD Thread,
|
|||
PACCESS_TOKEN Token;
|
||||
NTSTATUS Status;
|
||||
PACCESS_TOKEN NewToken;
|
||||
|
||||
PAGED_CODE();
|
||||
|
||||
Token = PsReferenceEffectiveToken(Thread,
|
||||
|
@ -279,8 +284,7 @@ SeCreateClientSecurity(IN PETHREAD Thread,
|
|||
}
|
||||
|
||||
ClientContext->DirectAccessEffectiveOnly = ((ThreadEffectiveOnly) ||
|
||||
(Qos->EffectiveOnly)) ?
|
||||
TRUE : FALSE;
|
||||
(Qos->EffectiveOnly)) ? TRUE : FALSE;
|
||||
}
|
||||
|
||||
if (Qos->ContextTrackingMode == SECURITY_STATIC_TRACKING)
|
||||
|
@ -358,10 +362,12 @@ SeImpersonateClient(IN PSECURITY_CLIENT_CONTEXT ClientContext,
|
|||
{
|
||||
b = ClientContext->DirectAccessEffectiveOnly;
|
||||
}
|
||||
|
||||
if (ServerThread == NULL)
|
||||
{
|
||||
ServerThread = PsGetCurrentThread();
|
||||
}
|
||||
|
||||
PsImpersonateClient(ServerThread,
|
||||
ClientContext->ClientToken,
|
||||
1,
|
||||
|
|
|
@ -60,7 +60,6 @@ SepInitDACLs(VOID)
|
|||
GENERIC_ALL,
|
||||
SeLocalSystemSid);
|
||||
|
||||
|
||||
/* create PublicDefaultUnrestrictedDacl */
|
||||
AclLength = sizeof(ACL) +
|
||||
(sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
|
||||
|
@ -216,7 +215,7 @@ SepInitDACLs(VOID)
|
|||
GENERIC_READ | GENERIC_EXECUTE,
|
||||
SeRestrictedCodeSid);
|
||||
|
||||
return(TRUE);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
NTSTATUS NTAPI
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
* FILE: ntoskrnl/se/audit.c
|
||||
* PURPOSE: Audit functions
|
||||
*
|
||||
* PROGRAMMERS: Eric Kohl <eric.kohl@t-online.de>
|
||||
* PROGRAMMERS: Eric Kohl
|
||||
*/
|
||||
|
||||
/* INCLUDES *******************************************************************/
|
||||
|
@ -47,6 +47,7 @@ SeInitializeProcessAuditName(IN PFILE_OBJECT FileObject,
|
|||
POBJECT_NAME_INFORMATION ObjectNameInfo = NULL;
|
||||
ULONG ReturnLength = 8;
|
||||
NTSTATUS Status;
|
||||
|
||||
PAGED_CODE();
|
||||
ASSERT(AuditInfo);
|
||||
|
||||
|
@ -120,6 +121,7 @@ SeLocateProcessImageName(IN PEPROCESS Process,
|
|||
PUNICODE_STRING ImageName;
|
||||
PFILE_OBJECT FileObject;
|
||||
NTSTATUS Status = STATUS_SUCCESS;
|
||||
|
||||
PAGED_CODE();
|
||||
|
||||
/* Assume failure */
|
||||
|
@ -260,11 +262,9 @@ SeAuditingFileOrGlobalEvents(IN BOOLEAN AccessGranted,
|
|||
*/
|
||||
VOID
|
||||
NTAPI
|
||||
SeCloseObjectAuditAlarm(
|
||||
IN PVOID Object,
|
||||
SeCloseObjectAuditAlarm(IN PVOID Object,
|
||||
IN HANDLE Handle,
|
||||
IN BOOLEAN PerformAction
|
||||
)
|
||||
IN BOOLEAN PerformAction)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
}
|
||||
|
@ -363,7 +363,7 @@ NtCloseObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
|
|||
IN BOOLEAN GenerateOnClose)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
return(STATUS_NOT_IMPLEMENTED);
|
||||
return STATUS_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
|
||||
|
@ -373,7 +373,7 @@ NtDeleteObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
|
|||
IN BOOLEAN GenerateOnClose)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
return(STATUS_NOT_IMPLEMENTED);
|
||||
return STATUS_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
|
||||
|
@ -392,7 +392,7 @@ NtOpenObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
|
|||
OUT PBOOLEAN GenerateOnClose)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
return(STATUS_NOT_IMPLEMENTED);
|
||||
return STATUS_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
|
||||
|
@ -404,7 +404,7 @@ NtPrivilegedServiceAuditAlarm(IN PUNICODE_STRING SubsystemName,
|
|||
IN BOOLEAN AccessGranted)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
return(STATUS_NOT_IMPLEMENTED);
|
||||
return STATUS_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
|
||||
|
@ -417,7 +417,7 @@ NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
|
|||
IN BOOLEAN AccessGranted)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
return(STATUS_NOT_IMPLEMENTED);
|
||||
return STATUS_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
/* EOF */
|
||||
|
|
|
@ -236,7 +236,6 @@ SeCaptureLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Src,
|
|||
{
|
||||
*Dest = ExAllocatePool(PoolType,
|
||||
BufferSize);
|
||||
|
||||
if (*Dest == NULL)
|
||||
{
|
||||
return STATUS_INSUFFICIENT_RESOURCES;
|
||||
|
@ -307,7 +306,8 @@ SeFreePrivileges(IN PPRIVILEGE_SET Privileges)
|
|||
/*
|
||||
* @implemented
|
||||
*/
|
||||
BOOLEAN NTAPI
|
||||
BOOLEAN
|
||||
NTAPI
|
||||
SePrivilegeCheck(PPRIVILEGE_SET Privileges,
|
||||
PSECURITY_SUBJECT_CONTEXT SubjectContext,
|
||||
KPROCESSOR_MODE PreviousMode)
|
||||
|
@ -339,7 +339,8 @@ SePrivilegeCheck (PPRIVILEGE_SET Privileges,
|
|||
/*
|
||||
* @implemented
|
||||
*/
|
||||
BOOLEAN NTAPI
|
||||
BOOLEAN
|
||||
NTAPI
|
||||
SeSinglePrivilegeCheck(IN LUID PrivilegeValue,
|
||||
IN KPROCESSOR_MODE PreviousMode)
|
||||
{
|
||||
|
@ -376,7 +377,8 @@ SeSinglePrivilegeCheck (IN LUID PrivilegeValue,
|
|||
|
||||
/* SYSTEM CALLS ***************************************************************/
|
||||
|
||||
NTSTATUS NTAPI
|
||||
NTSTATUS
|
||||
NTAPI
|
||||
NtPrivilegeCheck(IN HANDLE ClientToken,
|
||||
IN PPRIVILEGE_SET RequiredPrivileges,
|
||||
OUT PBOOLEAN Result)
|
||||
|
@ -502,5 +504,4 @@ NtPrivilegeCheck (IN HANDLE ClientToken,
|
|||
return Status;
|
||||
}
|
||||
|
||||
|
||||
/* EOF */
|
||||
|
|
|
@ -683,7 +683,6 @@ Offset += ROUND_UP(Type##Size, sizeof(ULONG)); \
|
|||
to the caller */
|
||||
*CapturedSecurityDescriptor = NewDescriptor;
|
||||
return STATUS_SUCCESS;
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -906,6 +905,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
|
|||
Owner = (PSID)SecurityDescriptor->Owner;
|
||||
OwnerLength = ROUND_UP(RtlLengthSid(Owner), 4);
|
||||
}
|
||||
|
||||
Control |= (SecurityDescriptor->Control & SE_OWNER_DEFAULTED);
|
||||
}
|
||||
else
|
||||
|
@ -915,6 +915,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
|
|||
Owner = (PSID)((ULONG_PTR)ObjectSd->Owner + (ULONG_PTR)ObjectSd);
|
||||
OwnerLength = ROUND_UP(RtlLengthSid(Owner), 4);
|
||||
}
|
||||
|
||||
Control |= (ObjectSd->Control & SE_OWNER_DEFAULTED);
|
||||
}
|
||||
|
||||
|
@ -930,6 +931,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
|
|||
Group = (PSID)SecurityDescriptor->Group;
|
||||
GroupLength = ROUND_UP(RtlLengthSid(Group), 4);
|
||||
}
|
||||
|
||||
Control |= (SecurityDescriptor->Control & SE_GROUP_DEFAULTED);
|
||||
}
|
||||
else
|
||||
|
@ -939,6 +941,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
|
|||
Group = (PSID)((ULONG_PTR)ObjectSd->Group + (ULONG_PTR)ObjectSd);
|
||||
GroupLength = ROUND_UP(RtlLengthSid(Group), 4);
|
||||
}
|
||||
|
||||
Control |= (ObjectSd->Control & SE_GROUP_DEFAULTED);
|
||||
}
|
||||
|
||||
|
@ -956,6 +959,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
|
|||
|
||||
DaclLength = ROUND_UP((ULONG)Dacl->AclSize, 4);
|
||||
}
|
||||
|
||||
Control |= (SecurityDescriptor->Control & (SE_DACL_DEFAULTED | SE_DACL_PRESENT));
|
||||
}
|
||||
else
|
||||
|
@ -966,6 +970,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
|
|||
Dacl = (PACL)((ULONG_PTR)ObjectSd->Dacl + (ULONG_PTR)ObjectSd);
|
||||
DaclLength = ROUND_UP((ULONG)Dacl->AclSize, 4);
|
||||
}
|
||||
|
||||
Control |= (ObjectSd->Control & (SE_DACL_DEFAULTED | SE_DACL_PRESENT));
|
||||
}
|
||||
|
||||
|
@ -982,6 +987,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
|
|||
Sacl = (PACL)SecurityDescriptor->Sacl;
|
||||
SaclLength = ROUND_UP((ULONG)Sacl->AclSize, 4);
|
||||
}
|
||||
|
||||
Control |= (SecurityDescriptor->Control & (SE_SACL_DEFAULTED | SE_SACL_PRESENT));
|
||||
}
|
||||
else
|
||||
|
@ -992,6 +998,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
|
|||
Sacl = (PACL)((ULONG_PTR)ObjectSd->Sacl + (ULONG_PTR)ObjectSd);
|
||||
SaclLength = ROUND_UP((ULONG)Sacl->AclSize, 4);
|
||||
}
|
||||
|
||||
Control |= (ObjectSd->Control & (SE_SACL_DEFAULTED | SE_SACL_PRESENT));
|
||||
}
|
||||
|
||||
|
@ -1006,6 +1013,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
|
|||
|
||||
RtlCreateSecurityDescriptor(NewSd,
|
||||
SECURITY_DESCRIPTOR_REVISION1);
|
||||
|
||||
/* We always build a self-relative descriptor */
|
||||
NewSd->Control = (USHORT)Control | SE_SELF_RELATIVE;
|
||||
|
||||
|
@ -1288,7 +1296,6 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
|
|||
Token = SubjectContext->PrimaryToken;
|
||||
}
|
||||
|
||||
|
||||
/* Inherit the Owner SID */
|
||||
if (ExplicitDescriptor != NULL && ExplicitDescriptor->Owner != NULL)
|
||||
{
|
||||
|
@ -1298,7 +1305,6 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
|
|||
if (ExplicitDescriptor->Control & SE_SELF_RELATIVE)
|
||||
{
|
||||
Owner = (PSID)(((ULONG_PTR)Owner) + (ULONG_PTR)ExplicitDescriptor);
|
||||
|
||||
}
|
||||
}
|
||||
else
|
||||
|
@ -1319,7 +1325,6 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
|
|||
|
||||
OwnerLength = ROUND_UP(RtlLengthSid(Owner), 4);
|
||||
|
||||
|
||||
/* Inherit the Group SID */
|
||||
if (ExplicitDescriptor != NULL && ExplicitDescriptor->Group != NULL)
|
||||
{
|
||||
|
@ -1348,7 +1353,6 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
|
|||
|
||||
GroupLength = ROUND_UP(RtlLengthSid(Group), 4);
|
||||
|
||||
|
||||
/* Inherit the DACL */
|
||||
if (ExplicitDescriptor != NULL &&
|
||||
(ExplicitDescriptor->Control & SE_DACL_PRESENT) &&
|
||||
|
@ -1373,6 +1377,7 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
|
|||
{
|
||||
Dacl = (PACL)(((ULONG_PTR)Dacl) + (ULONG_PTR)ParentDescriptor);
|
||||
}
|
||||
|
||||
Control |= (SE_DACL_PRESENT | SE_DACL_DEFAULTED);
|
||||
}
|
||||
else if (Token != NULL && Token->DefaultDacl != NULL)
|
||||
|
@ -1391,7 +1396,6 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
|
|||
|
||||
DaclLength = (Dacl != NULL) ? ROUND_UP(Dacl->AclSize, 4) : 0;
|
||||
|
||||
|
||||
/* Inherit the SACL */
|
||||
if (ExplicitDescriptor != NULL &&
|
||||
(ExplicitDescriptor->Control & SE_SACL_PRESENT) &&
|
||||
|
@ -1416,12 +1420,12 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
|
|||
{
|
||||
Sacl = (PACL)(((ULONG_PTR)Sacl) + (ULONG_PTR)ParentDescriptor);
|
||||
}
|
||||
|
||||
Control |= (SE_SACL_PRESENT | SE_SACL_DEFAULTED);
|
||||
}
|
||||
|
||||
SaclLength = (Sacl != NULL) ? ROUND_UP(Sacl->AclSize, 4) : 0;
|
||||
|
||||
|
||||
/* Allocate and initialize the new security descriptor */
|
||||
Length = sizeof(SECURITY_DESCRIPTOR) +
|
||||
OwnerLength + GroupLength + DaclLength + SaclLength;
|
||||
|
@ -1479,7 +1483,9 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
|
|||
DPRINT("Owner of %x at %x\n", Descriptor, Descriptor->Owner);
|
||||
}
|
||||
else
|
||||
{
|
||||
DPRINT("Owner of %x is zero length\n", Descriptor);
|
||||
}
|
||||
|
||||
if (GroupLength != 0)
|
||||
{
|
||||
|
|
|
@ -17,13 +17,15 @@
|
|||
|
||||
PSE_EXPORTS SeExports = NULL;
|
||||
SE_EXPORTS SepExports;
|
||||
ULONG SidInTokenCalls = 0;
|
||||
|
||||
extern ULONG ExpInitializationPhase;
|
||||
extern ERESOURCE SepSubjectContextLock;
|
||||
|
||||
/* PRIVATE FUNCTIONS **********************************************************/
|
||||
|
||||
static BOOLEAN INIT_FUNCTION
|
||||
static BOOLEAN
|
||||
INIT_FUNCTION
|
||||
SepInitExports(VOID)
|
||||
{
|
||||
SepExports.SeCreateTokenPrivilege = SeCreateTokenPrivilege;
|
||||
|
@ -118,6 +120,7 @@ NTAPI
|
|||
SepInitializationPhase1(VOID)
|
||||
{
|
||||
NTSTATUS Status;
|
||||
|
||||
PAGED_CODE();
|
||||
|
||||
/* Insert the system token into the tree */
|
||||
|
@ -279,8 +282,6 @@ SeDefaultObjectMethod(IN PVOID Object,
|
|||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
ULONG SidInTokenCalls = 0;
|
||||
|
||||
static BOOLEAN
|
||||
SepSidInToken(PACCESS_TOKEN _Token,
|
||||
PSID Sid)
|
||||
|
@ -340,7 +341,8 @@ SepTokenIsOwner(PACCESS_TOKEN Token,
|
|||
return SepSidInToken(Token, Sid);
|
||||
}
|
||||
|
||||
VOID NTAPI
|
||||
VOID
|
||||
NTAPI
|
||||
SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
|
||||
OUT PACCESS_MASK DesiredAccess)
|
||||
{
|
||||
|
@ -351,13 +353,15 @@ SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
|
|||
{
|
||||
*DesiredAccess |= READ_CONTROL;
|
||||
}
|
||||
|
||||
if (SecurityInformation & SACL_SECURITY_INFORMATION)
|
||||
{
|
||||
*DesiredAccess |= ACCESS_SYSTEM_SECURITY;
|
||||
}
|
||||
}
|
||||
|
||||
VOID NTAPI
|
||||
VOID
|
||||
NTAPI
|
||||
SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
|
||||
OUT PACCESS_MASK DesiredAccess)
|
||||
{
|
||||
|
@ -367,10 +371,12 @@ SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
|
|||
{
|
||||
*DesiredAccess |= WRITE_OWNER;
|
||||
}
|
||||
|
||||
if (SecurityInformation & DACL_SECURITY_INFORMATION)
|
||||
{
|
||||
*DesiredAccess |= WRITE_DAC;
|
||||
}
|
||||
|
||||
if (SecurityInformation & SACL_SECURITY_INFORMATION)
|
||||
{
|
||||
*DesiredAccess |= ACCESS_SYSTEM_SECURITY;
|
||||
|
@ -763,7 +769,8 @@ SepGetSDGroup(IN PSECURITY_DESCRIPTOR _SecurityDescriptor)
|
|||
/*
|
||||
* @implemented
|
||||
*/
|
||||
BOOLEAN NTAPI
|
||||
BOOLEAN
|
||||
NTAPI
|
||||
SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
||||
IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
|
||||
IN BOOLEAN SubjectContextLocked,
|
||||
|
|
|
@ -150,7 +150,7 @@ SepInitSecurityIDs(VOID)
|
|||
SeAnonymousLogonSid == NULL)
|
||||
{
|
||||
FreeInitializedSids();
|
||||
return(FALSE);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
RtlInitializeSid(SeNullSid, &SeNullSidAuthority, 1);
|
||||
|
@ -253,7 +253,7 @@ SepInitSecurityIDs(VOID)
|
|||
SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid, 0);
|
||||
*SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;
|
||||
|
||||
return(TRUE);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
NTSTATUS
|
||||
|
|
|
@ -25,10 +25,12 @@ ERESOURCE SepTokenLock;
|
|||
TOKEN_SOURCE SeSystemTokenSource = {"*SYSTEM*", {0}};
|
||||
LUID SeSystemAuthenticationId = SYSTEM_LUID;
|
||||
|
||||
static GENERIC_MAPPING SepTokenMapping = {TOKEN_READ,
|
||||
static GENERIC_MAPPING SepTokenMapping = {
|
||||
TOKEN_READ,
|
||||
TOKEN_WRITE,
|
||||
TOKEN_EXECUTE,
|
||||
TOKEN_ALL_ACCESS};
|
||||
TOKEN_ALL_ACCESS
|
||||
};
|
||||
|
||||
static const INFORMATION_CLASS_INFO SeTokenInformationClass[] = {
|
||||
|
||||
|
@ -108,10 +110,11 @@ SepFreeProxyData(PVOID ProxyData)
|
|||
|
||||
NTSTATUS
|
||||
NTAPI
|
||||
SepCopyProxyData(PVOID* Dest, PVOID Src)
|
||||
SepCopyProxyData(PVOID* Dest,
|
||||
PVOID Src)
|
||||
{
|
||||
UNIMPLEMENTED;
|
||||
return(STATUS_NOT_IMPLEMENTED);
|
||||
return STATUS_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
NTSTATUS
|
||||
|
@ -170,7 +173,7 @@ RtlLengthSidAndAttributes(ULONG Count,
|
|||
for (i = 0; i < Count; i++)
|
||||
uLength += RtlLengthSid(Src[i].Sid);
|
||||
|
||||
return(uLength);
|
||||
return uLength;
|
||||
}
|
||||
|
||||
|
||||
|
@ -214,7 +217,7 @@ SepFindPrimaryGroupAndDefaultOwner(PTOKEN Token,
|
|||
return(STATUS_INVALID_PRIMARY_GROUP);
|
||||
}
|
||||
|
||||
return(STATUS_SUCCESS);
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
|
@ -248,7 +251,7 @@ SepDuplicateToken(PTOKEN Token,
|
|||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
DPRINT1("ObCreateObject() failed (Status %lx)\n", Status);
|
||||
return(Status);
|
||||
return Status;
|
||||
}
|
||||
|
||||
/* Zero out the buffer */
|
||||
|
@ -258,14 +261,14 @@ SepDuplicateToken(PTOKEN Token,
|
|||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
ObDereferenceObject(AccessToken);
|
||||
return(Status);
|
||||
return Status;
|
||||
}
|
||||
|
||||
Status = ZwAllocateLocallyUniqueId(&AccessToken->ModifiedId);
|
||||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
ObDereferenceObject(AccessToken);
|
||||
return(Status);
|
||||
return Status;
|
||||
}
|
||||
|
||||
AccessToken->TokenLock = &SepTokenLock;
|
||||
|
@ -345,7 +348,7 @@ SepDuplicateToken(PTOKEN Token,
|
|||
return(STATUS_SUCCESS);
|
||||
}
|
||||
|
||||
return(Status);
|
||||
return Status;
|
||||
}
|
||||
|
||||
NTSTATUS
|
||||
|
@ -447,10 +450,11 @@ SeCopyClientToken(IN PACCESS_TOKEN Token,
|
|||
PreviousMode,
|
||||
(PTOKEN*)NewToken);
|
||||
|
||||
return(Status);
|
||||
return Status;
|
||||
}
|
||||
|
||||
VOID NTAPI
|
||||
VOID
|
||||
NTAPI
|
||||
SepDeleteToken(PVOID ObjectBody)
|
||||
{
|
||||
PTOKEN AccessToken = (PTOKEN)ObjectBody;
|
||||
|
@ -577,11 +581,11 @@ SepCreateToken(OUT PHANDLE TokenHandle,
|
|||
|
||||
Status = ZwAllocateLocallyUniqueId(&TokenId);
|
||||
if (!NT_SUCCESS(Status))
|
||||
return(Status);
|
||||
return Status;
|
||||
|
||||
Status = ZwAllocateLocallyUniqueId(&ModifiedId);
|
||||
if (!NT_SUCCESS(Status))
|
||||
return(Status);
|
||||
return Status;
|
||||
|
||||
Status = ObCreateObject(PreviousMode,
|
||||
SepTokenObjectType,
|
||||
|
@ -595,7 +599,7 @@ SepCreateToken(OUT PHANDLE TokenHandle,
|
|||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
DPRINT1("ObCreateObject() failed (Status %lx)\n");
|
||||
return(Status);
|
||||
return Status;
|
||||
}
|
||||
|
||||
/* Zero out the buffer */
|
||||
|
@ -708,7 +712,6 @@ SepCreateToken(OUT PHANDLE TokenHandle,
|
|||
|
||||
if (!SystemToken)
|
||||
{
|
||||
|
||||
Status = ObInsertObject((PVOID)AccessToken,
|
||||
NULL,
|
||||
DesiredAccess,
|
||||
|
@ -915,7 +918,8 @@ SeQuerySessionIdToken(IN PACCESS_TOKEN Token,
|
|||
/*
|
||||
* @implemented
|
||||
*/
|
||||
NTSTATUS NTAPI
|
||||
NTSTATUS
|
||||
NTAPI
|
||||
SeQueryAuthenticationIdToken(IN PACCESS_TOKEN Token,
|
||||
OUT PLUID LogonId)
|
||||
{
|
||||
|
@ -960,6 +964,7 @@ NTAPI
|
|||
SeTokenIsAdmin(IN PACCESS_TOKEN Token)
|
||||
{
|
||||
PAGED_CODE();
|
||||
|
||||
return (((PTOKEN)Token)->TokenFlags & TOKEN_WRITE_RESTRICTED) != 0;
|
||||
}
|
||||
|
||||
|
@ -971,6 +976,7 @@ NTAPI
|
|||
SeTokenIsRestricted(IN PACCESS_TOKEN Token)
|
||||
{
|
||||
PAGED_CODE();
|
||||
|
||||
return (((PTOKEN)Token)->TokenFlags & TOKEN_IS_RESTRICTED) != 0;
|
||||
}
|
||||
|
||||
|
@ -982,6 +988,7 @@ NTAPI
|
|||
SeTokenIsWriteRestricted(IN PACCESS_TOKEN Token)
|
||||
{
|
||||
PAGED_CODE();
|
||||
|
||||
return (((PTOKEN)Token)->TokenFlags & TOKEN_HAS_RESTORE_PRIVILEGE) != 0;
|
||||
}
|
||||
|
||||
|
@ -1020,7 +1027,6 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
|
|||
ReturnLength,
|
||||
NULL,
|
||||
PreviousMode);
|
||||
|
||||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
DPRINT("NtQueryInformationToken() failed, Status: 0x%x\n", Status);
|
||||
|
@ -1551,7 +1557,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
|
|||
ObDereferenceObject(Token);
|
||||
}
|
||||
|
||||
return(Status);
|
||||
return Status;
|
||||
}
|
||||
|
||||
|
||||
|
@ -1582,7 +1588,6 @@ NtSetInformationToken(IN HANDLE TokenHandle,
|
|||
TokenInformation,
|
||||
TokenInformationLength,
|
||||
PreviousMode);
|
||||
|
||||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
/* Invalid buffers */
|
||||
|
@ -1775,7 +1780,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
|
|||
ObDereferenceObject(Token);
|
||||
}
|
||||
|
||||
return(Status);
|
||||
return Status;
|
||||
}
|
||||
|
||||
|
||||
|
@ -1997,6 +2002,7 @@ NtAdjustPrivilegesToken (IN HANDLE TokenHandle,
|
|||
* accordingly and fail.
|
||||
*/
|
||||
}
|
||||
|
||||
k++;
|
||||
}
|
||||
|
||||
|
@ -2004,6 +2010,7 @@ NtAdjustPrivilegesToken (IN HANDLE TokenHandle,
|
|||
Token->Privileges[i].Attributes &= ~SE_PRIVILEGE_ENABLED;
|
||||
}
|
||||
}
|
||||
|
||||
Status = STATUS_SUCCESS;
|
||||
}
|
||||
else
|
||||
|
@ -2042,6 +2049,7 @@ NtAdjustPrivilegesToken (IN HANDLE TokenHandle,
|
|||
* accordingly and fail.
|
||||
*/
|
||||
}
|
||||
|
||||
k++;
|
||||
}
|
||||
|
||||
|
@ -2052,10 +2060,12 @@ NtAdjustPrivilegesToken (IN HANDLE TokenHandle,
|
|||
DPRINT ("New attributes %lx\n",
|
||||
Token->Privileges[i].Attributes);
|
||||
}
|
||||
|
||||
Count++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Status = Count < NewState->PrivilegeCount ? STATUS_NOT_ALL_ASSIGNED : STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue