https://git.reactos.org/?p=reactos.git;a=commitdiff;h=1903b568b6d670856393c6...
commit 1903b568b6d670856393c6ad9f63337fcd0e124c Author: George Bișoc george.bisoc@reactos.org AuthorDate: Mon Feb 1 23:55:42 2021 +0100 Commit: GitHub noreply@github.com CommitDate: Tue Feb 2 01:55:42 2021 +0300
[NTOS:SE] Implement SECURITY_TOKEN_PROXY_DATA, SECURITY_TOKEN_AUDIT_D… (#3432)
ProxyData and AuditData are pointers to an arbitrary data, which instead, they should point to their respective data structures. This serves as preparation for SepFreeProxyData and SepCopyProxyData functions implementations in the future (regarding the proxy data stuff specifically).
For further details: https://www.vergiliusproject.com/kernels/x86/Windows%202003/SP2/_TOKEN https://www.nirsoft.net/kernel_struct/vista/SECURITY_TOKEN_AUDIT_DATA.html https://www.nirsoft.net/kernel_struct/vista/SECURITY_TOKEN_PROXY_DATA.html https://www.nirsoft.net/kernel_struct/vista/PROXY_CLASS.html --- ntoskrnl/include/internal/tag.h | 1 + sdk/include/ndk/setypes.h | 37 +++++++++++++++++++++++++++++++++++-- 2 files changed, 36 insertions(+), 2 deletions(-)
diff --git a/ntoskrnl/include/internal/tag.h b/ntoskrnl/include/internal/tag.h index 9f86c7cb623..3e838c81abe 100644 --- a/ntoskrnl/include/internal/tag.h +++ b/ntoskrnl/include/internal/tag.h @@ -180,6 +180,7 @@ #define TAG_TOKEN_DYNAMIC 'dTeS' #define TAG_SE_HANDLES_TAB 'aHeS' #define TAG_SE_DIR_BUFFER 'bDeS' +#define TAG_SE_PROXY_DATA 'dPoT'
/* LPC Tags */ #define TAG_LPC_MESSAGE 'McpL' diff --git a/sdk/include/ndk/setypes.h b/sdk/include/ndk/setypes.h index 10a500ce041..55e0d8fdab6 100644 --- a/sdk/include/ndk/setypes.h +++ b/sdk/include/ndk/setypes.h @@ -108,6 +108,17 @@ typedef struct _TOKEN_ACCESS_INFORMATION SE_GROUP_INTEGRITY | \ SE_GROUP_INTEGRITY_ENABLED)
+// +// Proxy Class enumeration +// +typedef enum _PROXY_CLASS +{ + ProxyFull = 0, + ProxyService, + ProxyTree, + ProxyDirectory +} PROXY_CLASS; + // // Audit and Policy Structures // @@ -145,6 +156,28 @@ typedef struct _SE_AUDIT_PROCESS_CREATION_INFO POBJECT_NAME_INFORMATION ImageFileName; } SE_AUDIT_PROCESS_CREATION_INFO, *PSE_AUDIT_PROCESS_CREATION_INFO;
+// +// Token Audit Data +// +typedef struct _SECURITY_TOKEN_AUDIT_DATA +{ + ULONG Length; + ULONG GrantMask; + ULONG DenyMask; +} SECURITY_TOKEN_AUDIT_DATA, *PSECURITY_TOKEN_AUDIT_DATA; + +// +// Token Proxy Data +// +typedef struct _SECURITY_TOKEN_PROXY_DATA +{ + ULONG Length; + PROXY_CLASS ProxyClass; + UNICODE_STRING PathInfo; + ULONG ContainerMask; + ULONG ObjectMask; +} SECURITY_TOKEN_PROXY_DATA, *PSECURITY_TOKEN_PROXY_DATA; + // // Token and auxiliary data // @@ -176,8 +209,8 @@ typedef struct _TOKEN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; /* 0x84 */ ULONG TokenFlags; /* 0x88 */ BOOLEAN TokenInUse; /* 0x8C */ - PVOID ProxyData; /* 0x90 */ - PVOID AuditData; /* 0x94 */ + PSECURITY_TOKEN_PROXY_DATA ProxyData; /* 0x90 */ + PSECURITY_TOKEN_AUDIT_DATA AuditData; /* 0x94 */ LUID OriginatingLogonSession; /* 0x98 */ ULONG VariablePart; /* 0xA0 */ } TOKEN, *PTOKEN;