archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/base/ntos/ps/psimpers.c

164 lines
4.3 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1989 Microsoft Corporation
  5. Module Name:
  7. psimpers.c
  9. Abstract:
  11. This module implements the NtImpersonateThread() service.
  14. Author:
  16. Jim Kelly (JimK) 20-Apr-1991
  18. Revision History:
  20. --*/
  22. #include "psp.h"
  24. #ifdef ALLOC_PRAGMA
  25. #pragma alloc_text(PAGE, NtImpersonateThread)
  26. #endif //ALLOC_PRAGMA
  29. NTSTATUS
  30. NtImpersonateThread(
  31. IN HANDLE ServerThreadHandle,
  32. IN HANDLE ClientThreadHandle,
  33. IN PSECURITY_QUALITY_OF_SERVICE SecurityQos
  34. )
  36. /*++
  38. Routine Description:
  40. This routine is used to cause the server thread to impersonate the client
  41. thread. The impersonation is done according to the specified quality
  42. of service parameters.
  46. Arguments:
  48. ServerThreadHandle - Is a handle to the server thread (the impersonator, or
  49. doing the impersonation). This handle must be open for
  50. THREAD_IMPERSONATE access.
  52. ClientThreadHandle - Is a handle to the Client thread (the impersonatee, or
  53. one being impersonated). This handle must be open for
  54. THREAD_DIRECT_IMPERSONATION access.
  57. SecurityQos - A pointer to security quality of service information
  58. indicating what form of impersonation is to be performed.
  62. Return Value:
  64. STATUS_SUCCESS - Indicates the call completed successfully.
  67. --*/
  69. {
  72. KPROCESSOR_MODE PreviousMode;
  73. NTSTATUS Status;
  74. PETHREAD ClientThread, ServerThread;
  75. SECURITY_QUALITY_OF_SERVICE CapturedQos;
  76. SECURITY_CLIENT_CONTEXT ClientSecurityContext;
  78. //
  79. // Get previous processor mode and probe and capture arguments if necessary
  80. //
  82. PreviousMode = KeGetPreviousMode();
  84. try {
  86. if (PreviousMode != KernelMode) {
  87. ProbeForReadSmallStructure (SecurityQos,
  88. sizeof (SECURITY_QUALITY_OF_SERVICE),
  89. sizeof (ULONG));
  90. }
  91. CapturedQos = *SecurityQos;
  93. } except (ExSystemExceptionFilter ()) {
  94. return GetExceptionCode ();
  95. }
  99. //
  100. // Reference the client thread, checking for appropriate access.
  101. //
  103. Status = ObReferenceObjectByHandle (ClientThreadHandle, // Handle
  104. THREAD_DIRECT_IMPERSONATION, // DesiredAccess
  105. PsThreadType, // ObjectType
  106. PreviousMode, // AccessMode
  107. &ClientThread, // Object
  108. NULL); // GrantedAccess
  110. if (!NT_SUCCESS (Status)) {
  111. return Status;
  112. }
  114. //
  115. // Reference the client thread, checking for appropriate access.
  116. //
  118. Status = ObReferenceObjectByHandle (ServerThreadHandle, // Handle
  119. THREAD_IMPERSONATE, // DesiredAccess
  120. PsThreadType, // ObjectType
  121. PreviousMode, // AccessMode
  122. &ServerThread, // Object
  123. NULL); // GrantedAccess
  125. if (!NT_SUCCESS (Status)) {
  126. ObDereferenceObject (ClientThread);
  127. return Status;
  128. }
  131. //
  132. // Get the client's security context
  133. //
  135. Status = SeCreateClientSecurity (ClientThread, // ClientThread
  136. &CapturedQos, // SecurityQos
  137. FALSE, // ServerIsRemote
  138. &ClientSecurityContext); // ClientContext
  140. if (!NT_SUCCESS (Status)) {
  141. ObDereferenceObject (ServerThread);
  142. ObDereferenceObject (ClientThread);
  143. return Status;
  144. }
  147. //
  148. // Impersonate the client
  149. //
  151. Status = SeImpersonateClientEx (&ClientSecurityContext, ServerThread);
  153. SeDeleteClientSecurity (&ClientSecurityContext);
  155. //
  156. // Done.
  157. //
  160. ObDereferenceObject (ServerThread);
  161. ObDereferenceObject (ClientThread);
  163. return Status ;
  164. }