mirror of
git://source.winehq.org/git/wine.git
synced 2024-10-06 16:28:18 +00:00
Add TokenType attribute to specify whether the token is a primary or
impersonation token.
This commit is contained in:
parent
d4156b5657
commit
f95ef09b8e
|
@ -73,6 +73,7 @@ struct token
|
||||||
struct list privileges; /* privileges available to the token */
|
struct list privileges; /* privileges available to the token */
|
||||||
struct list groups; /* groups that the user of this token belongs to (sid_and_attributes) */
|
struct list groups; /* groups that the user of this token belongs to (sid_and_attributes) */
|
||||||
SID *user; /* SID of user this token represents */
|
SID *user; /* SID of user this token represents */
|
||||||
|
unsigned primary; /* is this a primary or impersonation token? */
|
||||||
};
|
};
|
||||||
|
|
||||||
struct privilege
|
struct privilege
|
||||||
|
@ -353,7 +354,7 @@ static void token_destroy( struct object *obj )
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static struct token *create_token( const SID *user,
|
static struct token *create_token( unsigned primary, const SID *user,
|
||||||
const SID_AND_ATTRIBUTES *groups, unsigned int group_count,
|
const SID_AND_ATTRIBUTES *groups, unsigned int group_count,
|
||||||
const LUID_AND_ATTRIBUTES *privs, unsigned int priv_count )
|
const LUID_AND_ATTRIBUTES *privs, unsigned int priv_count )
|
||||||
{
|
{
|
||||||
|
@ -361,8 +362,11 @@ static struct token *create_token( const SID *user,
|
||||||
if (token)
|
if (token)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
list_init( &token->privileges );
|
list_init( &token->privileges );
|
||||||
list_init( &token->groups );
|
list_init( &token->groups );
|
||||||
|
token->primary = primary;
|
||||||
|
|
||||||
/* copy user */
|
/* copy user */
|
||||||
token->user = memdup( user, FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]) );
|
token->user = memdup( user, FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]) );
|
||||||
if (!token->user)
|
if (!token->user)
|
||||||
|
@ -462,7 +466,7 @@ struct token *token_create_admin( void )
|
||||||
};
|
};
|
||||||
/* note: we just set the user sid to be the local system builtin sid -
|
/* note: we just set the user sid to be the local system builtin sid -
|
||||||
* telling us what this should be is the job of a client-side program */
|
* telling us what this should be is the job of a client-side program */
|
||||||
token = create_token( &local_system_sid,
|
token = create_token( TRUE, &local_system_sid,
|
||||||
admin_groups, sizeof(admin_groups)/sizeof(admin_groups[0]),
|
admin_groups, sizeof(admin_groups)/sizeof(admin_groups[0]),
|
||||||
admin_privs, sizeof(admin_privs)/sizeof(admin_privs[0]) );
|
admin_privs, sizeof(admin_privs)/sizeof(admin_privs[0]) );
|
||||||
}
|
}
|
||||||
|
@ -879,15 +883,24 @@ DECL_HANDLER(duplicate_token)
|
||||||
TOKEN_DUPLICATE,
|
TOKEN_DUPLICATE,
|
||||||
&token_ops )))
|
&token_ops )))
|
||||||
{
|
{
|
||||||
/* FIXME: use req->primary and req->impersonation_level */
|
/* FIXME: use req->impersonation_level */
|
||||||
struct token *token = create_token( src_token->user, NULL, 0, NULL, 0 );
|
struct token *token = create_token( req->primary, src_token->user, NULL, 0, NULL, 0 );
|
||||||
if (token)
|
if (token)
|
||||||
{
|
{
|
||||||
struct privilege *privilege;
|
struct privilege *privilege;
|
||||||
|
struct sid_and_attributes *group;
|
||||||
unsigned int access;
|
unsigned int access;
|
||||||
|
|
||||||
/* FIXME: copy groups */
|
/* copy groups */
|
||||||
|
LIST_FOR_EACH_ENTRY( group, &src_token->groups, struct sid_and_attributes, entry )
|
||||||
|
{
|
||||||
|
size_t size = FIELD_OFFSET( struct sid_and_attributes, sid.SubAuthority[group->sid.SubAuthorityCount] );
|
||||||
|
struct sid_and_attributes *newgroup = mem_alloc( size );
|
||||||
|
memcpy( newgroup, group, size );
|
||||||
|
list_add_tail( &token->groups, &newgroup->entry );
|
||||||
|
}
|
||||||
|
|
||||||
|
/* copy privileges */
|
||||||
LIST_FOR_EACH_ENTRY( privilege, &src_token->privileges, struct privilege, entry )
|
LIST_FOR_EACH_ENTRY( privilege, &src_token->privileges, struct privilege, entry )
|
||||||
privilege_add( token, &privilege->luid, privilege->enabled );
|
privilege_add( token, &privilege->luid, privilege->enabled );
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue