[weiden] 24528: Add a stub for NtCompareTokens - Ros-diffs

15 Oct 2006

Author: weiden
Date: Sun Oct 15 23:12:41 2006
New Revision: 24528
URL: http://svn.reactos.org/svn/reactos?rev=24528&view=rev
Log:
Add a stub for NtCompareTokens
Modified:
    trunk/reactos/dll/ntdll/def/ntdll.def
    trunk/reactos/include/ndk/sefuncs.h
    trunk/reactos/ntoskrnl/se/token.c
    trunk/reactos/tools/nci/sysfuncs.lst
Modified: trunk/reactos/dll/ntdll/def/ntdll.def
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/ntdll/def/ntdll.def?rev...
==============================================================================

--- trunk/reactos/dll/ntdll/def/ntdll.def (original)
+++ trunk/reactos/dll/ntdll/def/ntdll.def Sun Oct 15 23:12:41 2006
@@ -79,6 +79,7 @@
 NtClearEvent@4
 NtClose@4
 NtCloseObjectAuditAlarm@12
+NtCompareTokens@12
 NtCompleteConnectPort@4
 NtConnectPort@32
 NtContinue@8
@@ -747,6 +748,7 @@
 ZwClearEvent@4
 ZwClose@4
 ZwCloseObjectAuditAlarm@12
+ZwCompareTokens@12
 ZwCompleteConnectPort@4
 ZwConnectPort@32
 ZwContinue@8
Modified: trunk/reactos/include/ndk/sefuncs.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/ndk/sefuncs.h?rev=2...
==============================================================================
--- trunk/reactos/include/ndk/sefuncs.h (original)
+++ trunk/reactos/include/ndk/sefuncs.h Sun Oct 15 23:12:41 2006
@@ -155,6 +155,14 @@
     PULONG Sequence,
     PUCHAR Seed
 );
+
+NTSYSCALLAPI
+NTSTATUS
+NTAPI
+NtCompareTokens(
+    IN HANDLE FirstTokenHandle,
+    IN HANDLE SecondTokenHandle,
+    OUT PBOOLEAN Equal);
NTSYSCALLAPI
 NTSTATUS
Modified: trunk/reactos/ntoskrnl/se/token.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/token.c?rev=245...
==============================================================================
--- trunk/reactos/ntoskrnl/se/token.c (original)
+++ trunk/reactos/ntoskrnl/se/token.c Sun Oct 15 23:12:41 2006
@@ -2406,7 +2406,7 @@
/*
- * @unimplemented
+ * @implemented
  */
 BOOLEAN
 STDCALL
@@ -2414,12 +2414,12 @@
    IN PACCESS_TOKEN Token
    )
 {
-	UNIMPLEMENTED;
-	return FALSE;
+    PAGED_CODE();
+    return (((PTOKEN)Token)->TokenFlags & TOKEN_HAS_ADMIN_GROUP) != 0;
 }
/*
- * @unimplemented
+ * @implemented
  */
 BOOLEAN
 STDCALL
@@ -2427,12 +2427,12 @@
    IN PACCESS_TOKEN Token
    )
 {
-	UNIMPLEMENTED;
-	return FALSE;
+    PAGED_CODE();
+    return (((PTOKEN)Token)->TokenFlags & TOKEN_IS_RESTRICTED) != 0;
 }
/*
- * @unimplemented
+ * @implemented
  */
 BOOLEAN
 STDCALL
@@ -2440,8 +2440,8 @@
    IN PACCESS_TOKEN Token
    )
 {
-	UNIMPLEMENTED;
-	return FALSE;
+    PAGED_CODE();
+    return (((PTOKEN)Token)->TokenFlags & TOKEN_HAS_RESTORE_PRIVILEGE) != 0;
 }
@@ -2641,4 +2641,113 @@
                              TokenHandle);
 }
+static NTSTATUS
+SepCompareTokens(IN PTOKEN FirstToken,
+                 IN PTOKEN SecondToken,
+                 OUT PBOOLEAN Equal)
+{
+    BOOLEAN Restricted, IsEqual = FALSE;
+
+    ASSERT(FirstToken != SecondToken);
+
+    /* FIXME: Check if every SID that is present in either token is also present in the other one */
+
+    Restricted = SeTokenIsRestricted(FirstToken);
+    if (Restricted == SeTokenIsRestricted(SecondToken))
+    {
+        if (Restricted)
+        {
+            /* FIXME: Check if every SID that is restricted in either token is also restricted in the other one */
+        }
+
+        /* FIXME: Check if every privilege that is present in either token is also present in the other one */
+    }
+
+    *Equal = IsEqual;
+    return STATUS_SUCCESS;
+}
+
+/*
+ * @unimplemented
+ */
+NTSTATUS
+NTAPI
+NtCompareTokens(IN HANDLE FirstTokenHandle,
+                IN HANDLE SecondTokenHandle,
+                OUT PBOOLEAN Equal)
+{
+    KPROCESSOR_MODE PreviousMode;
+    PTOKEN FirstToken, SecondToken;
+    BOOLEAN IsEqual;
+    NTSTATUS Status = STATUS_SUCCESS;
+
+    PAGED_CODE();
+
+    PreviousMode = ExGetPreviousMode();
+
+    if (PreviousMode != KernelMode)
+    {
+        _SEH_TRY
+        {
+            ProbeForWriteBoolean(Equal);
+        }
+        _SEH_HANDLE
+        {
+            Status = _SEH_GetExceptionCode();
+        }
+        _SEH_END;
+
+        if (!NT_SUCCESS(Status))
+            return Status;
+    }
+
+    Status = ObReferenceObjectByHandle(FirstTokenHandle,
+                                       TOKEN_QUERY,
+                                       SepTokenObjectType,
+                                       PreviousMode,
+                                       (PVOID*)&FirstToken,
+                                       NULL);
+    if (!NT_SUCCESS(Status))
+        return Status;
+
+    Status = ObReferenceObjectByHandle(SecondTokenHandle,
+                                       TOKEN_QUERY,
+                                       SepTokenObjectType,
+                                       PreviousMode,
+                                       (PVOID*)&SecondToken,
+                                       NULL);
+    if (!NT_SUCCESS(Status))
+    {
+        ObDereferenceObject(FirstToken);
+        return Status;
+    }
+
+    if (FirstToken != SecondToken)
+    {
+        Status = SepCompareTokens(FirstToken,
+                                  SecondToken,
+                                  &IsEqual);
+    }
+    else
+        IsEqual = TRUE;
+
+    ObDereferenceObject(FirstToken);
+    ObDereferenceObject(SecondToken);
+
+    if (NT_SUCCESS(Status))
+    {
+        _SEH_TRY
+        {
+            *Equal = IsEqual;
+        }
+        _SEH_EXCEPT(_SEH_ExSystemExceptionFilter)
+        {
+            Status = _SEH_GetExceptionCode();
+        }
+        _SEH_END;
+    }
+
+    return Status;
+}
+
 /* EOF */
Modified: trunk/reactos/tools/nci/sysfuncs.lst
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/tools/nci/sysfuncs.lst?rev=...
==============================================================================
--- trunk/reactos/tools/nci/sysfuncs.lst (original)
+++ trunk/reactos/tools/nci/sysfuncs.lst Sun Oct 15 23:12:41 2006
@@ -17,6 +17,7 @@
 NtClearEvent 1
 NtClose 1
 NtCloseObjectAuditAlarm 3
+NtCompareTokens 3
 NtCompleteConnectPort 1
 NtConnectPort 8
 NtContinue 2

    