ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add TokenType attribute to specify whether the token is a primary or 

impersonation token.
This commit is contained in:
Robert Shearman 2005-06-14 18:10:04 +00:00 committed by Alexandre Julliard
parent d4156b5657
commit f95ef09b8e
1 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
server/token.c
View File

@ -73,6 +73,7 @@ struct token
struct list privileges; /* privileges available to the token */ struct list privileges; /* privileges available to the token */
struct list groups; /* groups that the user of this token belongs to (sid_and_attributes) */ struct list groups; /* groups that the user of this token belongs to (sid_and_attributes) */
SID *user; /* SID of user this token represents */ SID *user; /* SID of user this token represents */
unsigned primary; /* is this a primary or impersonation token? */
}; };
struct privilege struct privilege
@ -353,7 +354,7 @@ static void token_destroy( struct object *obj )
} }
} }
static struct token *create_token( const SID *user, static struct token *create_token( unsigned primary, const SID *user,
const SID_AND_ATTRIBUTES *groups, unsigned int group_count, const SID_AND_ATTRIBUTES *groups, unsigned int group_count,
const LUID_AND_ATTRIBUTES *privs, unsigned int priv_count ) const LUID_AND_ATTRIBUTES *privs, unsigned int priv_count )
{ {
@ -361,8 +362,11 @@ static struct token *create_token( const SID *user,
if (token) if (token)
{ {
int i; int i;
list_init( &token->privileges ); list_init( &token->privileges );
list_init( &token->groups ); list_init( &token->groups );
token->primary = primary;
/* copy user */ /* copy user */
token->user = memdup( user, FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]) ); token->user = memdup( user, FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]) );
if (!token->user) if (!token->user)
@ -462,7 +466,7 @@ struct token *token_create_admin( void )
}; };
/* note: we just set the user sid to be the local system builtin sid - /* note: we just set the user sid to be the local system builtin sid -
* telling us what this should be is the job of a client-side program */ * telling us what this should be is the job of a client-side program */
token = create_token( &local_system_sid, token = create_token( TRUE, &local_system_sid,
admin_groups, sizeof(admin_groups)/sizeof(admin_groups[0]), admin_groups, sizeof(admin_groups)/sizeof(admin_groups[0]),
admin_privs, sizeof(admin_privs)/sizeof(admin_privs[0]) ); admin_privs, sizeof(admin_privs)/sizeof(admin_privs[0]) );
} }
@ -879,15 +883,24 @@ DECL_HANDLER(duplicate_token)
TOKEN_DUPLICATE, TOKEN_DUPLICATE,
&token_ops ))) &token_ops )))
{ {
/* FIXME: use req->primary and req->impersonation_level */ /* FIXME: use req->impersonation_level */
struct token *token = create_token( src_token->user, NULL, 0, NULL, 0 ); struct token *token = create_token( req->primary, src_token->user, NULL, 0, NULL, 0 );
if (token) if (token)
{ {
struct privilege *privilege; struct privilege *privilege;
struct sid_and_attributes *group;
unsigned int access; unsigned int access;
/* FIXME: copy groups */ /* copy groups */
LIST_FOR_EACH_ENTRY( group, &src_token->groups, struct sid_and_attributes, entry )
{
size_t size = FIELD_OFFSET( struct sid_and_attributes, sid.SubAuthority[group->sid.SubAuthorityCount] );
struct sid_and_attributes *newgroup = mem_alloc( size );
memcpy( newgroup, group, size );
list_add_tail( &token->groups, &newgroup->entry );
}
/* copy privileges */
LIST_FOR_EACH_ENTRY( privilege, &src_token->privileges, struct privilege, entry ) LIST_FOR_EACH_ENTRY( privilege, &src_token->privileges, struct privilege, entry )
privilege_add( token, &privilege->luid, privilege->enabled ); privilege_add( token, &privilege->luid, privilege->enabled );