server: Use attributes instead of inherit flag in token requests.

Also use the specified access rights in the open_token request.
This commit is contained in:
Alexandre Julliard 2005-12-09 12:17:19 +01:00
parent f2d7dd645e
commit 836d07c369
5 changed files with 31 additions and 18 deletions

View File

@ -65,7 +65,7 @@ NTSTATUS WINAPI NtDuplicateToken(
{
req->handle = ExistingToken;
req->access = DesiredAccess;
req->inherit = ObjectAttributes && (ObjectAttributes->Attributes & OBJ_INHERIT);
req->attributes = ObjectAttributes ? ObjectAttributes->Attributes : 0;
req->primary = (TokenType == TokenPrimary);
req->impersonation_level = ImpersonationLevel;
status = wine_server_call( req );
@ -92,6 +92,8 @@ NTSTATUS WINAPI NtOpenProcessToken(
SERVER_START_REQ( open_token )
{
req->handle = ProcessHandle;
req->access = DesiredAccess;
req->attributes = 0;
req->flags = 0;
ret = wine_server_call( req );
if (!ret) *TokenHandle = reply->token;
@ -119,6 +121,8 @@ NTSTATUS WINAPI NtOpenThreadToken(
SERVER_START_REQ( open_token )
{
req->handle = ThreadHandle;
req->access = DesiredAccess;
req->attributes = 0;
req->flags = OPEN_TOKEN_THREAD;
if (OpenAsSelf) req->flags |= OPEN_TOKEN_AS_SELF;
ret = wine_server_call( req );

View File

@ -3416,6 +3416,8 @@ struct open_token_request
{
struct request_header __header;
obj_handle_t handle;
unsigned int access;
unsigned int attributes;
unsigned int flags;
};
struct open_token_reply
@ -3498,7 +3500,7 @@ struct duplicate_token_request
struct request_header __header;
obj_handle_t handle;
unsigned int access;
int inherit;
unsigned int attributes;
int primary;
int impersonation_level;
};
@ -4319,6 +4321,6 @@ union generic_reply
struct query_symlink_reply query_symlink_reply;
};
#define SERVER_PROTOCOL_VERSION 212
#define SERVER_PROTOCOL_VERSION 213
#endif /* __WINE_WINE_SERVER_PROTOCOL_H */

View File

@ -2399,6 +2399,8 @@ enum message_type
/* Open a security token */
@REQ(open_token)
obj_handle_t handle; /* handle to the thread or process */
unsigned int access; /* access rights to the new token */
unsigned int attributes;/* object attributes */
unsigned int flags; /* flags (see below) */
@REPLY
obj_handle_t token; /* handle to the token */
@ -2456,7 +2458,7 @@ enum message_type
@REQ(duplicate_token)
obj_handle_t handle; /* handle to the token to duplicate */
unsigned int access; /* access rights to the new token */
int inherit; /* inherit flag */
unsigned int attributes; /* object attributes */
int primary; /* is the new token to be a primary one? */
int impersonation_level; /* impersonation level of the new token */
@REPLY

View File

@ -883,7 +883,8 @@ DECL_HANDLER(open_token)
if (thread)
{
if (thread->token)
reply->token = alloc_handle( current->process, thread->token, TOKEN_ALL_ACCESS, 0);
reply->token = alloc_handle( current->process, thread->token, req->access,
req->attributes & OBJ_INHERIT );
else
set_error(STATUS_NO_TOKEN);
release_object( thread );
@ -895,7 +896,8 @@ DECL_HANDLER(open_token)
if (process)
{
if (process->token)
reply->token = alloc_handle( current->process, process->token, TOKEN_ALL_ACCESS, 0);
reply->token = alloc_handle( current->process, process->token, req->access,
req->attributes & OBJ_INHERIT );
else
set_error(STATUS_NO_TOKEN);
release_object( process );
@ -1015,7 +1017,8 @@ DECL_HANDLER(duplicate_token)
access = req->access;
if (access & MAXIMUM_ALLOWED) access = TOKEN_ALL_ACCESS; /* FIXME: needs general solution */
reply->new_handle = alloc_handle( current->process, token, access, req->inherit);
reply->new_handle = alloc_handle( current->process, token, access,
req->attributes & OBJ_INHERIT);
release_object( token );
}
release_object( src_token );

View File

@ -2949,6 +2949,8 @@ static void dump_set_clipboard_info_reply( const struct set_clipboard_info_reply
static void dump_open_token_request( const struct open_token_request *req )
{
fprintf( stderr, " handle=%p,", req->handle );
fprintf( stderr, " access=%08x,", req->access );
fprintf( stderr, " attributes=%08x,", req->attributes );
fprintf( stderr, " flags=%08x", req->flags );
}
@ -3021,7 +3023,7 @@ static void dump_duplicate_token_request( const struct duplicate_token_request *
{
fprintf( stderr, " handle=%p,", req->handle );
fprintf( stderr, " access=%08x,", req->access );
fprintf( stderr, " inherit=%d,", req->inherit );
fprintf( stderr, " attributes=%08x,", req->attributes );
fprintf( stderr, " primary=%d,", req->primary );
fprintf( stderr, " impersonation_level=%d", req->impersonation_level );
}