diff options
| author | midipix <writeonce@midipix.org> | 2015-07-27 04:01:18 -0400 |
|---|---|---|
| committer | midipix <writeonce@midipix.org> | 2015-07-27 04:01:18 -0400 |
| commit | dd89bb8ad4fe184a34b5dbdda237e640fc82121b (patch) | |
| tree | 5e80d2da35f5892f92be29f57982b2708e6bd99b /include/ntapi/nt_token.h | |
| parent | dcdadc2702712fa750ed255ed1dfa354522797a0 (diff) | |
| download | ntapi-dd89bb8ad4fe184a34b5dbdda237e640fc82121b.tar.bz2 ntapi-dd89bb8ad4fe184a34b5dbdda237e640fc82121b.tar.xz | |
entered advanced internal development stage.
Diffstat (limited to 'include/ntapi/nt_token.h')
| -rw-r--r-- | include/ntapi/nt_token.h | 161 |
1 files changed, 161 insertions, 0 deletions
diff --git a/include/ntapi/nt_token.h b/include/ntapi/nt_token.h new file mode 100644 index 0000000..aa2df2c --- /dev/null +++ b/include/ntapi/nt_token.h @@ -0,0 +1,161 @@ +#ifndef _NT_TOKEN_H_ +#define _NT_TOKEN_H_ + +#include <psxtypes/psxtypes.h> +#include "nt_object.h" + +typedef enum _nt_token_type { + NT_TOKEN_PRIMARY = 1, + NT_TOKEN_IMPERSONATION = 2, +} nt_token_type; + + +typedef enum _nt_token_info_class { + NT_TOKEN_USER = 1, + NT_TOKEN_GROUPS = 2, + NT_TOKEN_PRIVILEGES = 3, + NT_TOKEN_OWNER = 4, + NT_TOKEN_PRIMARY_GROUP = 5, + NT_TOKEN_DEFAULT_DACL = 6, + NT_TOKEN_SOURCE = 7, + NT_TOKEN_TYPE = 8, + NT_TOKEN_IMPERSONATION_LEVEL = 9, + NT_TOKEN_STATISTICS = 10, + NT_TOKEN_RESTRICTED_SIDS = 11, + NT_TOKEN_SESSION_ID = 12, +} nt_token_info_class; + + +/* token access bits */ +#define NT_TOKEN_ASSIGN_PRIMARY 0x00000001U +#define NT_TOKEN_DUPLICATE 0x00000002U +#define NT_TOKEN_IMPERSONATE 0x00000004U +#define NT_TOKEN_QUERY 0x00000008U +#define NT_TOKEN_QUERY_SOURCE 0x00000010U +#define NT_TOKEN_ADJUST_PRIVILEGES 0x00000020U +#define NT_TOKEN_ADJUST_GROUPS 0x00000040U +#define NT_TOKEN_ADJUST_DEFAULT 0x00000080U +#define NT_TOKEN_ADJUST_SESSIONID 0x00000100U + +#define NT_TOKEN_ALL_ACCESS NT_SEC_STANDARD_RIGHTS_REQUIRED \ + | NT_TOKEN_ASSIGN_PRIMARY \ + | NT_TOKEN_DUPLICATE \ + | NT_TOKEN_IMPERSONATE \ + | NT_TOKEN_QUERY \ + | NT_TOKEN_QUERY_SOURCE \ + | NT_TOKEN_ADJUST_PRIVILEGES \ + | NT_TOKEN_ADJUST_GROUPS \ + | NT_TOKEN_ADJUST_SESSIONID \ + | NT_TOKEN_ADJUST_DEFAULT + + +#define NT_TOKEN_READ NT_SEC_STANDARD_RIGHTS_READ \ + | NT_TOKEN_QUERY + + +#define NT_TOKEN_WRITE NT_SEC_STANDARD_RIGHTS_WRITE \ + | TOKEN_ADJUST_PRIVILEGES \ + | NT_OKEN_ADJUST_GROUPS \ + | NT_TOKEN_ADJUST_DEFAULT + +#define NT_TOKEN_EXECUTE NT_SEC_STANDARD_RIGHTS_EXECUTE + + +/* filtered token flags */ +#define NT_DISABLE_MAX_PRIVILEGE 0x01 + + +typedef struct _nt_token_statistics { + nt_luid token_id; + nt_luid authentication_id; + nt_large_integer expiration_time; + nt_token_type token_type; + nt_security_impersonation_level impersonation_level; + uint32_t dynamic_charged; + uint32_t dynamic_available; + uint32_t group_count; + uint32_t privilege_count; + nt_luid modified_id; +} nt_token_statistics; + + +typedef int32_t __stdcall ntapi_zw_create_token( + __out void ** htoken, + __in uint32_t desired_access, + __in nt_object_attributes * obj_attr, + __in nt_token_type type, + __in nt_luid * authentication_id, + __in nt_large_integer * expiration_time, + __in nt_token_user * user, + __in nt_token_groups * groups, + __in nt_token_privileges * privileges, + __in nt_token_owner * owner, + __in nt_token_primary_group * primary_group, + __in nt_token_default_dacl * default_dacl, + __in nt_token_source * source); + + +typedef int32_t __stdcall ntapi_zw_open_process_token( + __in void * hprocess, + __in uint32_t desired_access, + __out void ** htoken); + + +typedef int32_t __stdcall ntapi_zw_open_thread_token( + __in void * hthread, + __in uint32_t desired_access, + __in int32_t open_as_self, + __out void ** htoken); + + +typedef int32_t __stdcall ntapi_zw_duplicate_token( + __in void * htoken_existing, + __in uint32_t desired_access, + __in nt_object_attributes * obj_attr, + __in int32_t effective_only, + __in nt_token_type token_type, + __out void ** htoken_new); + + +typedef int32_t __stdcall ntapi_zw_filter_token( + __in void * htoken_existing, + __in uint32_t flags, + __in nt_token_groups * sids_to_disable, + __in nt_token_privileges * privileges_to_delete, + __in nt_token_groups * sids_to_restrict, + __out void ** htoken_new); + + +typedef int32_t __stdcall ntapi_zw_adjust_privileges_token( + __in void * htoken, + __in int32_t disable_all_privileges, + __in nt_token_privileges * new_state, + __in size_t buffer_length, + __in nt_token_privileges * prev_state __optional, + __out size_t * returned_length); + + +typedef int32_t __stdcall ntapi_zw_adjust_groups_token( + __in void * htoken, + __in int32_t reset_to_default, + __in nt_token_groups * new_state, + __in size_t buffer_length, + __in nt_token_groups * prev_state __optional, + __out size_t * returned_length); + + +typedef int32_t __stdcall ntapi_zw_query_information_token( + __in void * htoken, + __in nt_token_info_class token_info_class, + __out void * token_info, + __in size_t token_info_length, + __out size_t * returned_length); + + +typedef int32_t __stdcall ntapi_zw_set_information_token( + __in void * htoken, + __in nt_token_info_class token_info_class, + __in void * token_info, + __in size_t token_info_length); + +#endif |