From f6d871eecf772ef5fb0a6f4e521cf15bfcb0555b Mon Sep 17 00:00:00 2001 From: Alexandre Julliard Date: Wed, 26 Mar 2008 14:38:49 +0100 Subject: [PATCH] server: impersonation_level should be an int since we store -1 in it. Make sure we don't check the impersonation level for primary tokens. --- server/security.h | 2 +- server/token.c | 25 ++++++++++++------------- 2 files changed, 13 insertions(+), 14 deletions(-) diff --git a/server/security.h b/server/security.h index ebdf95f99c0..39b1d2f72ff 100644 --- a/server/security.h +++ b/server/security.h @@ -48,7 +48,7 @@ extern const PSID security_local_system_sid; extern struct token *token_create_admin(void); extern struct token *token_duplicate( struct token *src_token, unsigned primary, - SECURITY_IMPERSONATION_LEVEL impersonation_level ); + int impersonation_level ); extern int token_check_privileges( struct token *token, int all_required, const LUID_AND_ATTRIBUTES *reqprivs, unsigned int count, LUID_AND_ATTRIBUTES *usedprivs); diff --git a/server/token.c b/server/token.c index 72b3e293f28..7352ec20508 100644 --- a/server/token.c +++ b/server/token.c @@ -90,7 +90,7 @@ struct token unsigned primary; /* is this a primary or impersonation token? */ ACL *default_dacl; /* the default DACL to assign to objects created by this user */ TOKEN_SOURCE source; /* source of the token */ - SECURITY_IMPERSONATION_LEVEL impersonation_level; /* impersonation level this token is capable of if non-primary token */ + int impersonation_level; /* impersonation level this token is capable of if non-primary token */ }; struct privilege @@ -421,7 +421,7 @@ static struct token *create_token( unsigned primary, const SID *user, const LUID_AND_ATTRIBUTES *privs, unsigned int priv_count, const ACL *default_dacl, TOKEN_SOURCE source, const luid_t *modified_id, - SECURITY_IMPERSONATION_LEVEL impersonation_level ) + int impersonation_level ) { struct token *token = alloc_object( &token_ops ); if (token) @@ -506,7 +506,7 @@ static struct token *create_token( unsigned primary, const SID *user, } struct token *token_duplicate( struct token *src_token, unsigned primary, - SECURITY_IMPERSONATION_LEVEL impersonation_level ) + int impersonation_level ) { const luid_t *modified_id = primary || (impersonation_level == src_token->impersonation_level) ? @@ -515,20 +515,19 @@ struct token *token_duplicate( struct token *src_token, unsigned primary, struct privilege *privilege; struct group *group; - if ((impersonation_level < SecurityAnonymous) || - (impersonation_level > SecurityDelegation)) + if (!primary && + (impersonation_level < SecurityAnonymous || + impersonation_level > SecurityDelegation || + (!src_token->primary && (impersonation_level > src_token->impersonation_level)))) { set_error( STATUS_BAD_IMPERSONATION_LEVEL ); return NULL; } - if (primary || (impersonation_level <= src_token->impersonation_level)) - token = create_token( primary, src_token->user, NULL, 0, - NULL, 0, src_token->default_dacl, - src_token->source, modified_id, - impersonation_level ); - else set_error( STATUS_BAD_IMPERSONATION_LEVEL ); - + token = create_token( primary, src_token->user, NULL, 0, + NULL, 0, src_token->default_dacl, + src_token->source, modified_id, + impersonation_level ); if (!token) return token; /* copy groups */ @@ -1013,7 +1012,7 @@ DECL_HANDLER(open_token) { if (thread->token) { - if (thread->token->impersonation_level <= SecurityAnonymous) + if (!thread->token->primary && thread->token->impersonation_level <= SecurityAnonymous) set_error( STATUS_CANT_OPEN_ANONYMOUS ); else reply->token = alloc_handle( current->process, thread->token,