Author: akhaldi Date: Sat Oct 25 14:15:00 2014 New Revision: 64982 URL: http://svn.reactos.org/svn/reactos?rev=64982&view=rev Log: [ADVAPI32] * Update CreateRestrictedToken(). * More advapi32:security tests run now. CORE-8540 Modified: trunk/reactos/dll/win32/advapi32/wine/security.c Modified: trunk/reactos/dll/win32/advapi32/wine/security.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/wine/se… ============================================================================== --- trunk/reactos/dll/win32/advapi32/wine/security.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/advapi32/wine/security.c [iso-8859-1] Sat Oct 25 14:15:00 2014 @@ -528,19 +528,56 @@ return TRUE; } -BOOL WINAPI -CreateRestrictedToken(HANDLE TokenHandle, - DWORD Flags, - DWORD DisableSidCount, - PSID_AND_ATTRIBUTES pSidAndAttributes, - DWORD DeletePrivilegeCount, - PLUID_AND_ATTRIBUTES pLUIDAndAttributes, - DWORD RestrictedSidCount, - PSID_AND_ATTRIBUTES pSIDAndAttributes, - PHANDLE NewTokenHandle) -{ - UNIMPLEMENTED; - return FALSE; +/************************************************************************* + * CreateRestrictedToken [ADVAPI32.@] + * + * Create a new more restricted token from an existing token. + * + * PARAMS + * baseToken [I] Token to base the new restricted token on + * flags [I] Options + * nDisableSids [I] Length of disableSids array + * disableSids [I] Array of SIDs to disable in the new token + * nDeletePrivs [I] Length of deletePrivs array + * deletePrivs [I] Array of privileges to delete in the new token + * nRestrictSids [I] Length of restrictSids array + * restrictSids [I] Array of SIDs to restrict in the new token + * newToken [O] Address where the new token is stored + * + * RETURNS + * Success: TRUE + * Failure: FALSE + */ +BOOL WINAPI CreateRestrictedToken( + HANDLE baseToken, + DWORD flags, + DWORD nDisableSids, + PSID_AND_ATTRIBUTES disableSids, + DWORD nDeletePrivs, + PLUID_AND_ATTRIBUTES deletePrivs, + DWORD nRestrictSids, + PSID_AND_ATTRIBUTES restrictSids, + PHANDLE newToken) +{ + TOKEN_TYPE type; + SECURITY_IMPERSONATION_LEVEL level = TokenImpersonationLevel; + DWORD size; + + FIXME("(%p, 0x%x, %u, %p, %u, %p, %u, %p, %p): stub\n", + baseToken, flags, nDisableSids, disableSids, + nDeletePrivs, deletePrivs, + nRestrictSids, restrictSids, + newToken); + + size = sizeof(type); + if (!GetTokenInformation( baseToken, TokenType, &type, size, &size )) return FALSE; + if (type == TokenImpersonation) + { + size = sizeof(level); + if (!GetTokenInformation( baseToken, TokenImpersonationLevel, &level, size, &size )) + return FALSE; + } + return DuplicateTokenEx( baseToken, MAXIMUM_ALLOWED, NULL, level, type, newToken ); } /*