ReactOS 0.4.15-dev-8231-g29a56f3
NtCompareTokens.c
Go to the documentation of this file.
1/*
2 * PROJECT: ReactOS API tests
3 * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4 * PURPOSE: Tests for the NtCompareTokens API
5 * COPYRIGHT: Copyright 2021 George Bișoc <george.bisoc@reactos.org>
6 */
7
8#include "precomp.h"
9
10static
13{
16
19 &Token);
20 if (!Success)
21 {
22 skip("OpenProcessToken() has failed to get the process' token (error code: %lu)!\n", GetLastError());
23 return NULL;
24 }
25
26 return Token;
27}
28
29static
32{
34 HANDLE ReturnedToken;
35
37 if (!Success)
38 {
39 skip("DuplicateToken() has failed to get the process' token (error code: %lu)!\n", GetLastError());
40 return NULL;
41 }
42
43 return ReturnedToken;
44}
45
46static
47VOID
49{
51
53 if (!Success)
54 {
55 skip("AdjustTokenPrivileges() has failed to disable the privileges (error code: %lu)!\n", GetLastError());
56 return;
57 }
58}
59
61{
63 HANDLE ProcessToken = NULL;
64 HANDLE DuplicatedToken = NULL;
66
67 /* Obtain some tokens from current process */
68 ProcessToken = GetTokenFromCurrentProcess();
69 DuplicatedToken = GetDuplicateToken(ProcessToken);
70
71 /*
72 * Give invalid token handles and don't output
73 * the returned value in the last parameter.
74 */
77
78 /*
79 * Token handles are valid but don't output
80 * the returned value.
81 */
82 Status = NtCompareTokens(ProcessToken, ProcessToken, NULL);
84
85 /* The tokens are the same */
86 Status = NtCompareTokens(ProcessToken, ProcessToken, &IsEqual);
88 ok(IsEqual == TRUE, "Equal tokens expected but they aren't (current value: %u)!\n", IsEqual);
89
90 /* A token is duplicated with equal SIDs and privileges */
91 Status = NtCompareTokens(ProcessToken, DuplicatedToken, &IsEqual);
93 ok(IsEqual == TRUE, "Equal tokens expected but they aren't (current value: %u)!\n", IsEqual);
94
95 /* Disable all the privileges for token. */
96 DisableTokenPrivileges(ProcessToken);
97
98 /*
99 * The main token has privileges disabled but the
100 * duplicated one has them enabled still.
101 */
102 Status = NtCompareTokens(ProcessToken, DuplicatedToken, &IsEqual);
104 ok(IsEqual == FALSE, "Tokens mustn't be equal (current value: %u)!\n", IsEqual);
105
106 /* We finished our tests, close the tokens */
107 CloseHandle(ProcessToken);
108 CloseHandle(DuplicatedToken);
109}
static VOID DisableTokenPrivileges(_In_ HANDLE Token)
static HANDLE GetDuplicateToken(_In_ HANDLE Token)
static HANDLE GetTokenFromCurrentProcess(VOID)
unsigned char BOOLEAN
#define ok_hex(expression, result)
Definition: atltest.h:94
#define ok(value,...)
Definition: atltest.h:57
#define skip(...)
Definition: atltest.h:64
#define START_TEST(x)
Definition: atltest.h:75
LONG NTSTATUS
Definition: precomp.h:26
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
BOOL WINAPI AdjustTokenPrivileges(HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength)
Definition: security.c:374
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:294
BOOL WINAPI DuplicateToken(IN HANDLE ExistingTokenHandle, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, OUT PHANDLE DuplicateTokenHandle)
Definition: security.c:3919
#define CloseHandle
Definition: compat.h:739
#define GetCurrentProcess()
Definition: compat.h:759
@ Success
Definition: eventcreate.c:712
@ IsEqual
Definition: fatprocs.h:1886
unsigned int BOOL
Definition: ntddk_ex.h:94
Status
Definition: gdiplustypes.h:25
@ SecurityIdentification
Definition: lsa.idl:56
#define _In_
Definition: ms_sal.h:308
NTSTATUS NTAPI NtCompareTokens(_In_ HANDLE FirstTokenHandle, _In_ HANDLE SecondTokenHandle, _Out_ PBOOLEAN Equal)
Compares tokens if they're equal or not.
Definition: token.c:2503
#define STATUS_ACCESS_VIOLATION
Definition: ntstatus.h:242
#define STATUS_SUCCESS
Definition: shellext.h:65
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
#define TOKEN_DUPLICATE
Definition: setypes.h:926
#define TOKEN_ADJUST_PRIVILEGES
Definition: setypes.h:930
#define TOKEN_READ
Definition: setypes.h:951