server: Use attributes instead of inherit flag in token requests.
Also use the specified access rights in the open_token request.
This commit is contained in:
parent
f2d7dd645e
commit
836d07c369
|
@ -65,7 +65,7 @@ NTSTATUS WINAPI NtDuplicateToken(
|
|||
{
|
||||
req->handle = ExistingToken;
|
||||
req->access = DesiredAccess;
|
||||
req->inherit = ObjectAttributes && (ObjectAttributes->Attributes & OBJ_INHERIT);
|
||||
req->attributes = ObjectAttributes ? ObjectAttributes->Attributes : 0;
|
||||
req->primary = (TokenType == TokenPrimary);
|
||||
req->impersonation_level = ImpersonationLevel;
|
||||
status = wine_server_call( req );
|
||||
|
@ -92,6 +92,8 @@ NTSTATUS WINAPI NtOpenProcessToken(
|
|||
SERVER_START_REQ( open_token )
|
||||
{
|
||||
req->handle = ProcessHandle;
|
||||
req->access = DesiredAccess;
|
||||
req->attributes = 0;
|
||||
req->flags = 0;
|
||||
ret = wine_server_call( req );
|
||||
if (!ret) *TokenHandle = reply->token;
|
||||
|
@ -119,6 +121,8 @@ NTSTATUS WINAPI NtOpenThreadToken(
|
|||
SERVER_START_REQ( open_token )
|
||||
{
|
||||
req->handle = ThreadHandle;
|
||||
req->access = DesiredAccess;
|
||||
req->attributes = 0;
|
||||
req->flags = OPEN_TOKEN_THREAD;
|
||||
if (OpenAsSelf) req->flags |= OPEN_TOKEN_AS_SELF;
|
||||
ret = wine_server_call( req );
|
||||
|
|
|
@ -3416,6 +3416,8 @@ struct open_token_request
|
|||
{
|
||||
struct request_header __header;
|
||||
obj_handle_t handle;
|
||||
unsigned int access;
|
||||
unsigned int attributes;
|
||||
unsigned int flags;
|
||||
};
|
||||
struct open_token_reply
|
||||
|
@ -3498,7 +3500,7 @@ struct duplicate_token_request
|
|||
struct request_header __header;
|
||||
obj_handle_t handle;
|
||||
unsigned int access;
|
||||
int inherit;
|
||||
unsigned int attributes;
|
||||
int primary;
|
||||
int impersonation_level;
|
||||
};
|
||||
|
@ -4319,6 +4321,6 @@ union generic_reply
|
|||
struct query_symlink_reply query_symlink_reply;
|
||||
};
|
||||
|
||||
#define SERVER_PROTOCOL_VERSION 212
|
||||
#define SERVER_PROTOCOL_VERSION 213
|
||||
|
||||
#endif /* __WINE_WINE_SERVER_PROTOCOL_H */
|
||||
|
|
|
@ -2399,6 +2399,8 @@ enum message_type
|
|||
/* Open a security token */
|
||||
@REQ(open_token)
|
||||
obj_handle_t handle; /* handle to the thread or process */
|
||||
unsigned int access; /* access rights to the new token */
|
||||
unsigned int attributes;/* object attributes */
|
||||
unsigned int flags; /* flags (see below) */
|
||||
@REPLY
|
||||
obj_handle_t token; /* handle to the token */
|
||||
|
@ -2456,7 +2458,7 @@ enum message_type
|
|||
@REQ(duplicate_token)
|
||||
obj_handle_t handle; /* handle to the token to duplicate */
|
||||
unsigned int access; /* access rights to the new token */
|
||||
int inherit; /* inherit flag */
|
||||
unsigned int attributes; /* object attributes */
|
||||
int primary; /* is the new token to be a primary one? */
|
||||
int impersonation_level; /* impersonation level of the new token */
|
||||
@REPLY
|
||||
|
|
|
@ -883,7 +883,8 @@ DECL_HANDLER(open_token)
|
|||
if (thread)
|
||||
{
|
||||
if (thread->token)
|
||||
reply->token = alloc_handle( current->process, thread->token, TOKEN_ALL_ACCESS, 0);
|
||||
reply->token = alloc_handle( current->process, thread->token, req->access,
|
||||
req->attributes & OBJ_INHERIT );
|
||||
else
|
||||
set_error(STATUS_NO_TOKEN);
|
||||
release_object( thread );
|
||||
|
@ -895,7 +896,8 @@ DECL_HANDLER(open_token)
|
|||
if (process)
|
||||
{
|
||||
if (process->token)
|
||||
reply->token = alloc_handle( current->process, process->token, TOKEN_ALL_ACCESS, 0);
|
||||
reply->token = alloc_handle( current->process, process->token, req->access,
|
||||
req->attributes & OBJ_INHERIT );
|
||||
else
|
||||
set_error(STATUS_NO_TOKEN);
|
||||
release_object( process );
|
||||
|
@ -1015,7 +1017,8 @@ DECL_HANDLER(duplicate_token)
|
|||
|
||||
access = req->access;
|
||||
if (access & MAXIMUM_ALLOWED) access = TOKEN_ALL_ACCESS; /* FIXME: needs general solution */
|
||||
reply->new_handle = alloc_handle( current->process, token, access, req->inherit);
|
||||
reply->new_handle = alloc_handle( current->process, token, access,
|
||||
req->attributes & OBJ_INHERIT);
|
||||
release_object( token );
|
||||
}
|
||||
release_object( src_token );
|
||||
|
|
|
@ -2949,6 +2949,8 @@ static void dump_set_clipboard_info_reply( const struct set_clipboard_info_reply
|
|||
static void dump_open_token_request( const struct open_token_request *req )
|
||||
{
|
||||
fprintf( stderr, " handle=%p,", req->handle );
|
||||
fprintf( stderr, " access=%08x,", req->access );
|
||||
fprintf( stderr, " attributes=%08x,", req->attributes );
|
||||
fprintf( stderr, " flags=%08x", req->flags );
|
||||
}
|
||||
|
||||
|
@ -3021,7 +3023,7 @@ static void dump_duplicate_token_request( const struct duplicate_token_request *
|
|||
{
|
||||
fprintf( stderr, " handle=%p,", req->handle );
|
||||
fprintf( stderr, " access=%08x,", req->access );
|
||||
fprintf( stderr, " inherit=%d,", req->inherit );
|
||||
fprintf( stderr, " attributes=%08x,", req->attributes );
|
||||
fprintf( stderr, " primary=%d,", req->primary );
|
||||
fprintf( stderr, " impersonation_level=%d", req->impersonation_level );
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue