Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

126 lines
4.0 KiB

// --------------------------------------------------------------------------
// Module Name: TokenUtil.cpp
//
// Copyright (c) 1999-2000, Microsoft Corporation
//
// Functions that are useful for token manipulation.
//
// History: 1999-08-18 vtan created
// 1999-11-16 vtan separate file
// 2000-02-01 vtan moved from Neptune to Whistler
// 2000-03-31 vtan duplicated from ds to shell
// --------------------------------------------------------------------------
#include <nt.h>
#include <ntrtl.h>
#include <nturtl.h>
#include <windows.h>
#include "TokenUtil.h"
// --------------------------------------------------------------------------
// ::OpenEffectiveToken
//
// Arguments: dwDesiredAccess = Access to open the handle with.
//
// Returns: BOOL
//
// Purpose: Opens the effective token. If the thread is impersonating then
// this is opened. Otherwise the process token is opened.
//
// History: 2000-03-31 vtan created
// --------------------------------------------------------------------------
STDAPI_(BOOL) OpenEffectiveToken (IN DWORD dwDesiredAccess, OUT HANDLE *phToken)
{
BOOL fResult;
if (IsBadWritePtr(phToken, sizeof(*phToken)))
{
SetLastError(ERROR_INVALID_PARAMETER);
fResult = FALSE;
}
else
{
*phToken = NULL;
fResult = OpenThreadToken(GetCurrentThread(), dwDesiredAccess, FALSE, phToken);
if ((fResult == FALSE) && (GetLastError() == ERROR_NO_TOKEN))
{
fResult = OpenProcessToken(GetCurrentProcess(), dwDesiredAccess, phToken);
}
}
return(fResult);
}
// --------------------------------------------------------------------------
// CPrivilegeEnable::CPrivilegeEnable
//
// Arguments: pszName = Name of the privilege to enable.
//
// Returns: <none>
//
// Purpose: Gets the current state of the privilege and enables it. The
// privilege is specified by name and looked up.
//
// History: 1999-08-23 vtan created
// --------------------------------------------------------------------------
CPrivilegeEnable::CPrivilegeEnable (const TCHAR *pszName) :
_fSet(false),
_hToken(NULL)
{
if (OpenEffectiveToken(TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &_hToken) != FALSE)
{
TOKEN_PRIVILEGES newPrivilege;
if (LookupPrivilegeValue(NULL, pszName, &newPrivilege.Privileges[0].Luid) != FALSE)
{
DWORD dwReturnTokenPrivilegesSize;
newPrivilege.PrivilegeCount = 1;
newPrivilege.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
_fSet = (AdjustTokenPrivileges(_hToken,
FALSE,
&newPrivilege,
sizeof(newPrivilege),
&_tokenPrivilegePrevious,
&dwReturnTokenPrivilegesSize) != FALSE);
}
}
}
// --------------------------------------------------------------------------
// CPrivilegeEnable::~CPrivilegeEnable
//
// Arguments: <none>
//
// Returns: <none>
//
// Purpose: Restores the previous state of the privilege prior to
// instantiation of the object.
//
// History: 1999-08-23 vtan created
// --------------------------------------------------------------------------
CPrivilegeEnable::~CPrivilegeEnable (void)
{
if (_fSet)
{
(BOOL)AdjustTokenPrivileges(_hToken,
FALSE,
&_tokenPrivilegePrevious,
0,
NULL,
NULL);
}
if (_hToken != NULL)
{
(BOOL)CloseHandle(_hToken);
_hToken = NULL;
}
}