Author: weiden Date: Sun Oct 15 23:12:41 2006 New Revision: 24528 URL: http://svn.reactos.org/svn/reactos?rev=24528&view=rev Log: Add a stub for NtCompareTokens Modified: trunk/reactos/dll/ntdll/def/ntdll.def trunk/reactos/include/ndk/sefuncs.h trunk/reactos/ntoskrnl/se/token.c trunk/reactos/tools/nci/sysfuncs.lst Modified: trunk/reactos/dll/ntdll/def/ntdll.def URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/ntdll/def/ntdll.def?re… ============================================================================== --- trunk/reactos/dll/ntdll/def/ntdll.def (original) +++ trunk/reactos/dll/ntdll/def/ntdll.def Sun Oct 15 23:12:41 2006 @@ -79,6 +79,7 @@ NtClearEvent@4 NtClose@4 NtCloseObjectAuditAlarm@12 +NtCompareTokens@12 NtCompleteConnectPort@4 NtConnectPort@32 NtContinue@8 @@ -747,6 +748,7 @@ ZwClearEvent@4 ZwClose@4 ZwCloseObjectAuditAlarm@12 +ZwCompareTokens@12 ZwCompleteConnectPort@4 ZwConnectPort@32 ZwContinue@8 Modified: trunk/reactos/include/ndk/sefuncs.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/ndk/sefuncs.h?rev=… ============================================================================== --- trunk/reactos/include/ndk/sefuncs.h (original) +++ trunk/reactos/include/ndk/sefuncs.h Sun Oct 15 23:12:41 2006 @@ -155,6 +155,14 @@ PULONG Sequence, PUCHAR Seed ); + +NTSYSCALLAPI +NTSTATUS +NTAPI +NtCompareTokens( + IN HANDLE FirstTokenHandle, + IN HANDLE SecondTokenHandle, + OUT PBOOLEAN Equal); NTSYSCALLAPI NTSTATUS Modified: trunk/reactos/ntoskrnl/se/token.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/token.c?rev=24… ============================================================================== --- trunk/reactos/ntoskrnl/se/token.c (original) +++ trunk/reactos/ntoskrnl/se/token.c Sun Oct 15 23:12:41 2006 @@ -2406,7 +2406,7 @@ /* - * @unimplemented + * @implemented */ BOOLEAN STDCALL @@ -2414,12 +2414,12 @@ IN PACCESS_TOKEN Token ) { - UNIMPLEMENTED; - return FALSE; + PAGED_CODE(); + return (((PTOKEN)Token)->TokenFlags & TOKEN_HAS_ADMIN_GROUP) != 0; } /* - * @unimplemented + * @implemented */ BOOLEAN STDCALL @@ -2427,12 +2427,12 @@ IN PACCESS_TOKEN Token ) { - UNIMPLEMENTED; - return FALSE; + PAGED_CODE(); + return (((PTOKEN)Token)->TokenFlags & TOKEN_IS_RESTRICTED) != 0; } /* - * @unimplemented + * @implemented */ BOOLEAN STDCALL @@ -2440,8 +2440,8 @@ IN PACCESS_TOKEN Token ) { - UNIMPLEMENTED; - return FALSE; + PAGED_CODE(); + return (((PTOKEN)Token)->TokenFlags & TOKEN_HAS_RESTORE_PRIVILEGE) != 0; } @@ -2641,4 +2641,113 @@ TokenHandle); } +static NTSTATUS +SepCompareTokens(IN PTOKEN FirstToken, + IN PTOKEN SecondToken, + OUT PBOOLEAN Equal) +{ + BOOLEAN Restricted, IsEqual = FALSE; + + ASSERT(FirstToken != SecondToken); + + /* FIXME: Check if every SID that is present in either token is also present in the other one */ + + Restricted = SeTokenIsRestricted(FirstToken); + if (Restricted == SeTokenIsRestricted(SecondToken)) + { + if (Restricted) + { + /* FIXME: Check if every SID that is restricted in either token is also restricted in the other one */ + } + + /* FIXME: Check if every privilege that is present in either token is also present in the other one */ + } + + *Equal = IsEqual; + return STATUS_SUCCESS; +} + +/* + * @unimplemented + */ +NTSTATUS +NTAPI +NtCompareTokens(IN HANDLE FirstTokenHandle, + IN HANDLE SecondTokenHandle, + OUT PBOOLEAN Equal) +{ + KPROCESSOR_MODE PreviousMode; + PTOKEN FirstToken, SecondToken; + BOOLEAN IsEqual; + NTSTATUS Status = STATUS_SUCCESS; + + PAGED_CODE(); + + PreviousMode = ExGetPreviousMode(); + + if (PreviousMode != KernelMode) + { + _SEH_TRY + { + ProbeForWriteBoolean(Equal); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if (!NT_SUCCESS(Status)) + return Status; + } + + Status = ObReferenceObjectByHandle(FirstTokenHandle, + TOKEN_QUERY, + SepTokenObjectType, + PreviousMode, + (PVOID*)&FirstToken, + NULL); + if (!NT_SUCCESS(Status)) + return Status; + + Status = ObReferenceObjectByHandle(SecondTokenHandle, + TOKEN_QUERY, + SepTokenObjectType, + PreviousMode, + (PVOID*)&SecondToken, + NULL); + if (!NT_SUCCESS(Status)) + { + ObDereferenceObject(FirstToken); + return Status; + } + + if (FirstToken != SecondToken) + { + Status = SepCompareTokens(FirstToken, + SecondToken, + &IsEqual); + } + else + IsEqual = TRUE; + + ObDereferenceObject(FirstToken); + ObDereferenceObject(SecondToken); + + if (NT_SUCCESS(Status)) + { + _SEH_TRY + { + *Equal = IsEqual; + } + _SEH_EXCEPT(_SEH_ExSystemExceptionFilter) + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + + return Status; +} + /* EOF */ Modified: trunk/reactos/tools/nci/sysfuncs.lst URL: http://svn.reactos.org/svn/reactos/trunk/reactos/tools/nci/sysfuncs.lst?rev… ============================================================================== --- trunk/reactos/tools/nci/sysfuncs.lst (original) +++ trunk/reactos/tools/nci/sysfuncs.lst Sun Oct 15 23:12:41 2006 @@ -17,6 +17,7 @@ NtClearEvent 1 NtClose 1 NtCloseObjectAuditAlarm 3 +NtCompareTokens 3 NtCompleteConnectPort 1 NtConnectPort 8 NtContinue 2