Author: akhaldi
Date: Sat Oct 25 14:15:00 2014
New Revision: 64982
URL:
http://svn.reactos.org/svn/reactos?rev=64982&view=rev
Log:
[ADVAPI32]
* Update CreateRestrictedToken().
* More advapi32:security tests run now.
CORE-8540
Modified:
trunk/reactos/dll/win32/advapi32/wine/security.c
Modified: trunk/reactos/dll/win32/advapi32/wine/security.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/wine/se…
==============================================================================
--- trunk/reactos/dll/win32/advapi32/wine/security.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/advapi32/wine/security.c [iso-8859-1] Sat Oct 25 14:15:00
2014
@@ -528,19 +528,56 @@
return TRUE;
}
-BOOL WINAPI
-CreateRestrictedToken(HANDLE TokenHandle,
- DWORD Flags,
- DWORD DisableSidCount,
- PSID_AND_ATTRIBUTES pSidAndAttributes,
- DWORD DeletePrivilegeCount,
- PLUID_AND_ATTRIBUTES pLUIDAndAttributes,
- DWORD RestrictedSidCount,
- PSID_AND_ATTRIBUTES pSIDAndAttributes,
- PHANDLE NewTokenHandle)
-{
- UNIMPLEMENTED;
- return FALSE;
+/*************************************************************************
+ * CreateRestrictedToken [ADVAPI32.@]
+ *
+ * Create a new more restricted token from an existing token.
+ *
+ * PARAMS
+ * baseToken [I] Token to base the new restricted token on
+ * flags [I] Options
+ * nDisableSids [I] Length of disableSids array
+ * disableSids [I] Array of SIDs to disable in the new token
+ * nDeletePrivs [I] Length of deletePrivs array
+ * deletePrivs [I] Array of privileges to delete in the new token
+ * nRestrictSids [I] Length of restrictSids array
+ * restrictSids [I] Array of SIDs to restrict in the new token
+ * newToken [O] Address where the new token is stored
+ *
+ * RETURNS
+ * Success: TRUE
+ * Failure: FALSE
+ */
+BOOL WINAPI CreateRestrictedToken(
+ HANDLE baseToken,
+ DWORD flags,
+ DWORD nDisableSids,
+ PSID_AND_ATTRIBUTES disableSids,
+ DWORD nDeletePrivs,
+ PLUID_AND_ATTRIBUTES deletePrivs,
+ DWORD nRestrictSids,
+ PSID_AND_ATTRIBUTES restrictSids,
+ PHANDLE newToken)
+{
+ TOKEN_TYPE type;
+ SECURITY_IMPERSONATION_LEVEL level = TokenImpersonationLevel;
+ DWORD size;
+
+ FIXME("(%p, 0x%x, %u, %p, %u, %p, %u, %p, %p): stub\n",
+ baseToken, flags, nDisableSids, disableSids,
+ nDeletePrivs, deletePrivs,
+ nRestrictSids, restrictSids,
+ newToken);
+
+ size = sizeof(type);
+ if (!GetTokenInformation( baseToken, TokenType, &type, size, &size )) return
FALSE;
+ if (type == TokenImpersonation)
+ {
+ size = sizeof(level);
+ if (!GetTokenInformation( baseToken, TokenImpersonationLevel, &level, size,
&size ))
+ return FALSE;
+ }
+ return DuplicateTokenEx( baseToken, MAXIMUM_ALLOWED, NULL, level, type, newToken );
}
/*