server: Use attributes instead of inherit flag in token requests.

Also use the specified access rights in the open_token request.
This commit is contained in:
Alexandre Julliard 2005-12-09 12:17:19 +01:00
parent f2d7dd645e
commit 836d07c369
5 changed files with 31 additions and 18 deletions

View File

@ -65,7 +65,7 @@ NTSTATUS WINAPI NtDuplicateToken(
{ {
req->handle = ExistingToken; req->handle = ExistingToken;
req->access = DesiredAccess; req->access = DesiredAccess;
req->inherit = ObjectAttributes && (ObjectAttributes->Attributes & OBJ_INHERIT); req->attributes = ObjectAttributes ? ObjectAttributes->Attributes : 0;
req->primary = (TokenType == TokenPrimary); req->primary = (TokenType == TokenPrimary);
req->impersonation_level = ImpersonationLevel; req->impersonation_level = ImpersonationLevel;
status = wine_server_call( req ); status = wine_server_call( req );
@ -92,6 +92,8 @@ NTSTATUS WINAPI NtOpenProcessToken(
SERVER_START_REQ( open_token ) SERVER_START_REQ( open_token )
{ {
req->handle = ProcessHandle; req->handle = ProcessHandle;
req->access = DesiredAccess;
req->attributes = 0;
req->flags = 0; req->flags = 0;
ret = wine_server_call( req ); ret = wine_server_call( req );
if (!ret) *TokenHandle = reply->token; if (!ret) *TokenHandle = reply->token;
@ -119,6 +121,8 @@ NTSTATUS WINAPI NtOpenThreadToken(
SERVER_START_REQ( open_token ) SERVER_START_REQ( open_token )
{ {
req->handle = ThreadHandle; req->handle = ThreadHandle;
req->access = DesiredAccess;
req->attributes = 0;
req->flags = OPEN_TOKEN_THREAD; req->flags = OPEN_TOKEN_THREAD;
if (OpenAsSelf) req->flags |= OPEN_TOKEN_AS_SELF; if (OpenAsSelf) req->flags |= OPEN_TOKEN_AS_SELF;
ret = wine_server_call( req ); ret = wine_server_call( req );

View File

@ -3416,6 +3416,8 @@ struct open_token_request
{ {
struct request_header __header; struct request_header __header;
obj_handle_t handle; obj_handle_t handle;
unsigned int access;
unsigned int attributes;
unsigned int flags; unsigned int flags;
}; };
struct open_token_reply struct open_token_reply
@ -3498,7 +3500,7 @@ struct duplicate_token_request
struct request_header __header; struct request_header __header;
obj_handle_t handle; obj_handle_t handle;
unsigned int access; unsigned int access;
int inherit; unsigned int attributes;
int primary; int primary;
int impersonation_level; int impersonation_level;
}; };
@ -4319,6 +4321,6 @@ union generic_reply
struct query_symlink_reply query_symlink_reply; struct query_symlink_reply query_symlink_reply;
}; };
#define SERVER_PROTOCOL_VERSION 212 #define SERVER_PROTOCOL_VERSION 213
#endif /* __WINE_WINE_SERVER_PROTOCOL_H */ #endif /* __WINE_WINE_SERVER_PROTOCOL_H */

View File

@ -2399,6 +2399,8 @@ enum message_type
/* Open a security token */ /* Open a security token */
@REQ(open_token) @REQ(open_token)
obj_handle_t handle; /* handle to the thread or process */ obj_handle_t handle; /* handle to the thread or process */
unsigned int access; /* access rights to the new token */
unsigned int attributes;/* object attributes */
unsigned int flags; /* flags (see below) */ unsigned int flags; /* flags (see below) */
@REPLY @REPLY
obj_handle_t token; /* handle to the token */ obj_handle_t token; /* handle to the token */
@ -2456,7 +2458,7 @@ enum message_type
@REQ(duplicate_token) @REQ(duplicate_token)
obj_handle_t handle; /* handle to the token to duplicate */ obj_handle_t handle; /* handle to the token to duplicate */
unsigned int access; /* access rights to the new token */ unsigned int access; /* access rights to the new token */
int inherit; /* inherit flag */ unsigned int attributes; /* object attributes */
int primary; /* is the new token to be a primary one? */ int primary; /* is the new token to be a primary one? */
int impersonation_level; /* impersonation level of the new token */ int impersonation_level; /* impersonation level of the new token */
@REPLY @REPLY

View File

@ -883,7 +883,8 @@ DECL_HANDLER(open_token)
if (thread) if (thread)
{ {
if (thread->token) if (thread->token)
reply->token = alloc_handle( current->process, thread->token, TOKEN_ALL_ACCESS, 0); reply->token = alloc_handle( current->process, thread->token, req->access,
req->attributes & OBJ_INHERIT );
else else
set_error(STATUS_NO_TOKEN); set_error(STATUS_NO_TOKEN);
release_object( thread ); release_object( thread );
@ -895,7 +896,8 @@ DECL_HANDLER(open_token)
if (process) if (process)
{ {
if (process->token) if (process->token)
reply->token = alloc_handle( current->process, process->token, TOKEN_ALL_ACCESS, 0); reply->token = alloc_handle( current->process, process->token, req->access,
req->attributes & OBJ_INHERIT );
else else
set_error(STATUS_NO_TOKEN); set_error(STATUS_NO_TOKEN);
release_object( process ); release_object( process );
@ -1015,7 +1017,8 @@ DECL_HANDLER(duplicate_token)
access = req->access; access = req->access;
if (access & MAXIMUM_ALLOWED) access = TOKEN_ALL_ACCESS; /* FIXME: needs general solution */ if (access & MAXIMUM_ALLOWED) access = TOKEN_ALL_ACCESS; /* FIXME: needs general solution */
reply->new_handle = alloc_handle( current->process, token, access, req->inherit); reply->new_handle = alloc_handle( current->process, token, access,
req->attributes & OBJ_INHERIT);
release_object( token ); release_object( token );
} }
release_object( src_token ); release_object( src_token );

View File

@ -2949,6 +2949,8 @@ static void dump_set_clipboard_info_reply( const struct set_clipboard_info_reply
static void dump_open_token_request( const struct open_token_request *req ) static void dump_open_token_request( const struct open_token_request *req )
{ {
fprintf( stderr, " handle=%p,", req->handle ); fprintf( stderr, " handle=%p,", req->handle );
fprintf( stderr, " access=%08x,", req->access );
fprintf( stderr, " attributes=%08x,", req->attributes );
fprintf( stderr, " flags=%08x", req->flags ); fprintf( stderr, " flags=%08x", req->flags );
} }
@ -3021,7 +3023,7 @@ static void dump_duplicate_token_request( const struct duplicate_token_request *
{ {
fprintf( stderr, " handle=%p,", req->handle ); fprintf( stderr, " handle=%p,", req->handle );
fprintf( stderr, " access=%08x,", req->access ); fprintf( stderr, " access=%08x,", req->access );
fprintf( stderr, " inherit=%d,", req->inherit ); fprintf( stderr, " attributes=%08x,", req->attributes );
fprintf( stderr, " primary=%d,", req->primary ); fprintf( stderr, " primary=%d,", req->primary );
fprintf( stderr, " impersonation_level=%d", req->impersonation_level ); fprintf( stderr, " impersonation_level=%d", req->impersonation_level );
} }