ReactOS 0.4.16-dev-1019-g2c2cdfd
Functions
NtAdjustPrivilegesToken.c File Reference
#include "precomp.h"
Include dependency graph for NtAdjustPrivilegesToken.c:

Go to the source code of this file.

Functions

static BOOL IsPrivilegeEnabled (_In_ HANDLE TokenHandle, _In_ ULONG Privilege)
 
static VOID AdjustEnableDefaultPriv (VOID)
 
 START_TEST (NtAdjustPrivilegesToken)
 

Function Documentation

◆ AdjustEnableDefaultPriv()

static VOID AdjustEnableDefaultPriv ( VOID  )
static

Definition at line 36 of file NtAdjustPrivilegesToken.c.

37{
38 NTSTATUS Status;
39 HANDLE Token;
40 TOKEN_PRIVILEGES Priv;
41 BOOL Success, IsEnabled;
42 LUID PrivLuid;
43
44 Success = OpenProcessToken(GetCurrentProcess(),
45 TOKEN_READ | TOKEN_ADJUST_PRIVILEGES,
46 &Token);
47 if (!Success)
48 {
49 skip("OpenProcessToken() has failed to get the process' token (error code: %lu)!\n", GetLastError());
50 return;
51 }
52
53 Success = LookupPrivilegeValueW(NULL, L"SeImpersonatePrivilege", &PrivLuid);
54 if (!Success)
55 {
56 skip("LookupPrivilegeValueW() has failed to locate the privilege value (error code: %lu)!\n", GetLastError());
57 return;
58 }
59
60 Priv.PrivilegeCount = 1;
61 Priv.Privileges[0].Luid = PrivLuid;
62 Priv.Privileges[0].Attributes = 0;
63
64 IsEnabled = IsPrivilegeEnabled(Token, SE_IMPERSONATE_PRIVILEGE);
65 trace("The privilege is %s!\n", IsEnabled ? "enabled" : "disabled");
66
67 Status = NtAdjustPrivilegesToken(Token,
68 FALSE,
69 &Priv,
70 0,
71 NULL,
72 NULL);
73 ok_hex(Status, STATUS_SUCCESS);
74
75 IsEnabled = IsPrivilegeEnabled(Token, SE_IMPERSONATE_PRIVILEGE);
76 trace("The privilege is %s!\n", IsEnabled ? "enabled" : "disabled");
77
78 CloseHandle(Token);
79}
IsPrivilegeEnabled
static BOOL IsPrivilegeEnabled(_In_ HANDLE TokenHandle, _In_ ULONG Privilege)
Definition: NtAdjustPrivilegesToken.c:12
ok_hex
#define ok_hex(expression, result)
Definition: atltest.h:94
trace
#define trace
Definition: atltest.h:70
skip
#define skip(...)
Definition: atltest.h:64
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NULL
#define NULL
Definition: types.h:112
FALSE
#define FALSE
Definition: types.h:117
LookupPrivilegeValueW
BOOL WINAPI LookupPrivilegeValueW(LPCWSTR lpSystemName, LPCWSTR lpPrivilegeName, PLUID lpLuid)
Definition: misc.c:782
OpenProcessToken
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
Definition: security.c:294
CloseHandle
#define CloseHandle
Definition: compat.h:739
GetCurrentProcess
#define GetCurrentProcess()
Definition: compat.h:759
Success
@ Success
Definition: eventcreate.c:712
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
IsEnabled
return pProvider IsEnabled(ProviderControl)
Status
Status
Definition: gdiplustypes.h:25
SE_IMPERSONATE_PRIVILEGE
#define SE_IMPERSONATE_PRIVILEGE
Definition: security.c:683
L
#define L(x)
Definition: ntvdm.h:50
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_LUID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:75
_LUID_AND_ATTRIBUTES::Luid
LUID Luid
Definition: setypes.h:74
_LUID
Definition: devicetopology.idl:137
_TOKEN_PRIVILEGES
Definition: setypes.h:1022
_TOKEN_PRIVILEGES::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:1023
_TOKEN_PRIVILEGES::Privileges
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
Definition: setypes.h:1024
NtAdjustPrivilegesToken
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtAdjustPrivilegesToken(_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState, _When_(PreviousState!=NULL, _Out_) PULONG ReturnLength)
Removes a certain amount of privileges of a token based upon the request by the caller.
Definition: tokenadj.c:451
GetLastError
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
TOKEN_ADJUST_PRIVILEGES
#define TOKEN_ADJUST_PRIVILEGES
Definition: setypes.h:930
TOKEN_READ
#define TOKEN_READ
Definition: setypes.h:951

Referenced by START_TEST().

◆ IsPrivilegeEnabled()

static BOOL IsPrivilegeEnabled ( _In_ HANDLE  TokenHandle,
_In_ ULONG  Privilege 
)
static

Definition at line 12 of file NtAdjustPrivilegesToken.c.

15{
16 PRIVILEGE_SET PrivSet;
17 BOOL Result, Success;
18
19 PrivSet.PrivilegeCount = 1;
20 PrivSet.Control = PRIVILEGE_SET_ALL_NECESSARY;
21 PrivSet.Privilege[0].Luid = RtlConvertUlongToLuid(Privilege);
22 PrivSet.Privilege[0].Attributes = 0;
23
24 Success = PrivilegeCheck(TokenHandle, &PrivSet, &Result);
25 if (!Success)
26 {
27 skip("Failed to check the privilege (error code: %lu)\n", GetLastError());
28 return FALSE;
29 }
30
31 return Result;
32}
PrivilegeCheck
BOOL WINAPI PrivilegeCheck(HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
Definition: security.c:2066
TokenHandle
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:726
_PRIVILEGE_SET
Definition: setypes.h:85
_PRIVILEGE_SET::Privilege
LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY]
Definition: setypes.h:88
_PRIVILEGE_SET::Control
$ULONG Control
Definition: setypes.h:87
_PRIVILEGE_SET::PrivilegeCount
$ULONG PrivilegeCount
Definition: setypes.h:86
Privilege
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
RtlConvertUlongToLuid
FORCEINLINE LUID NTAPI_INLINE RtlConvertUlongToLuid(_In_ ULONG Val)
Definition: rtlfuncs.h:3558
PRIVILEGE_SET_ALL_NECESSARY
#define PRIVILEGE_SET_ALL_NECESSARY
Definition: setypes.h:83

Referenced by AdjustEnableDefaultPriv().

◆ START_TEST()

START_TEST ( NtAdjustPrivilegesToken  )

Definition at line 81 of file NtAdjustPrivilegesToken.c.

82{
83 AdjustEnableDefaultPriv();
84}
AdjustEnableDefaultPriv
static VOID AdjustEnableDefaultPriv(VOID)
Definition: NtAdjustPrivilegesToken.c:36