|
|
dd89bb |
#ifndef _NT_TOKEN_H_
|
|
|
dd89bb |
#define _NT_TOKEN_H_
|
|
|
dd89bb |
|
|
|
dd89bb |
#include <psxtypes/psxtypes.h>
|
|
|
dd89bb |
#include "nt_object.h"
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef enum _nt_token_type {
|
|
|
dd89bb |
NT_TOKEN_PRIMARY = 1,
|
|
|
dd89bb |
NT_TOKEN_IMPERSONATION = 2,
|
|
|
dd89bb |
} nt_token_type;
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef enum _nt_token_info_class {
|
|
|
dd89bb |
NT_TOKEN_USER = 1,
|
|
|
dd89bb |
NT_TOKEN_GROUPS = 2,
|
|
|
dd89bb |
NT_TOKEN_PRIVILEGES = 3,
|
|
|
dd89bb |
NT_TOKEN_OWNER = 4,
|
|
|
dd89bb |
NT_TOKEN_PRIMARY_GROUP = 5,
|
|
|
dd89bb |
NT_TOKEN_DEFAULT_DACL = 6,
|
|
|
dd89bb |
NT_TOKEN_SOURCE = 7,
|
|
|
dd89bb |
NT_TOKEN_TYPE = 8,
|
|
|
dd89bb |
NT_TOKEN_IMPERSONATION_LEVEL = 9,
|
|
|
dd89bb |
NT_TOKEN_STATISTICS = 10,
|
|
|
dd89bb |
NT_TOKEN_RESTRICTED_SIDS = 11,
|
|
|
dd89bb |
NT_TOKEN_SESSION_ID = 12,
|
|
|
dd89bb |
} nt_token_info_class;
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
/* token access bits */
|
|
|
dd89bb |
#define NT_TOKEN_ASSIGN_PRIMARY 0x00000001U
|
|
|
dd89bb |
#define NT_TOKEN_DUPLICATE 0x00000002U
|
|
|
dd89bb |
#define NT_TOKEN_IMPERSONATE 0x00000004U
|
|
|
dd89bb |
#define NT_TOKEN_QUERY 0x00000008U
|
|
|
dd89bb |
#define NT_TOKEN_QUERY_SOURCE 0x00000010U
|
|
|
dd89bb |
#define NT_TOKEN_ADJUST_PRIVILEGES 0x00000020U
|
|
|
dd89bb |
#define NT_TOKEN_ADJUST_GROUPS 0x00000040U
|
|
|
dd89bb |
#define NT_TOKEN_ADJUST_DEFAULT 0x00000080U
|
|
|
dd89bb |
#define NT_TOKEN_ADJUST_SESSIONID 0x00000100U
|
|
|
dd89bb |
|
|
|
dd89bb |
#define NT_TOKEN_ALL_ACCESS NT_SEC_STANDARD_RIGHTS_REQUIRED \
|
|
|
dd89bb |
| NT_TOKEN_ASSIGN_PRIMARY \
|
|
|
dd89bb |
| NT_TOKEN_DUPLICATE \
|
|
|
dd89bb |
| NT_TOKEN_IMPERSONATE \
|
|
|
dd89bb |
| NT_TOKEN_QUERY \
|
|
|
dd89bb |
| NT_TOKEN_QUERY_SOURCE \
|
|
|
dd89bb |
| NT_TOKEN_ADJUST_PRIVILEGES \
|
|
|
dd89bb |
| NT_TOKEN_ADJUST_GROUPS \
|
|
|
dd89bb |
| NT_TOKEN_ADJUST_SESSIONID \
|
|
|
dd89bb |
| NT_TOKEN_ADJUST_DEFAULT
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
#define NT_TOKEN_READ NT_SEC_STANDARD_RIGHTS_READ \
|
|
|
dd89bb |
| NT_TOKEN_QUERY
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
#define NT_TOKEN_WRITE NT_SEC_STANDARD_RIGHTS_WRITE \
|
|
|
dd89bb |
| TOKEN_ADJUST_PRIVILEGES \
|
|
|
dd89bb |
| NT_OKEN_ADJUST_GROUPS \
|
|
|
dd89bb |
| NT_TOKEN_ADJUST_DEFAULT
|
|
|
dd89bb |
|
|
|
dd89bb |
#define NT_TOKEN_EXECUTE NT_SEC_STANDARD_RIGHTS_EXECUTE
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
/* filtered token flags */
|
|
|
dd89bb |
#define NT_DISABLE_MAX_PRIVILEGE 0x01
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef struct _nt_token_statistics {
|
|
|
dd89bb |
nt_luid token_id;
|
|
|
dd89bb |
nt_luid authentication_id;
|
|
|
dd89bb |
nt_large_integer expiration_time;
|
|
|
dd89bb |
nt_token_type token_type;
|
|
|
dd89bb |
nt_security_impersonation_level impersonation_level;
|
|
|
dd89bb |
uint32_t dynamic_charged;
|
|
|
dd89bb |
uint32_t dynamic_available;
|
|
|
dd89bb |
uint32_t group_count;
|
|
|
dd89bb |
uint32_t privilege_count;
|
|
|
dd89bb |
nt_luid modified_id;
|
|
|
dd89bb |
} nt_token_statistics;
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef int32_t __stdcall ntapi_zw_create_token(
|
|
|
dd89bb |
__out void ** htoken,
|
|
|
dd89bb |
__in uint32_t desired_access,
|
|
|
dd89bb |
__in nt_object_attributes * obj_attr,
|
|
|
dd89bb |
__in nt_token_type type,
|
|
|
dd89bb |
__in nt_luid * authentication_id,
|
|
|
dd89bb |
__in nt_large_integer * expiration_time,
|
|
|
dd89bb |
__in nt_token_user * user,
|
|
|
dd89bb |
__in nt_token_groups * groups,
|
|
|
dd89bb |
__in nt_token_privileges * privileges,
|
|
|
dd89bb |
__in nt_token_owner * owner,
|
|
|
dd89bb |
__in nt_token_primary_group * primary_group,
|
|
|
dd89bb |
__in nt_token_default_dacl * default_dacl,
|
|
|
dd89bb |
__in nt_token_source * source);
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef int32_t __stdcall ntapi_zw_open_process_token(
|
|
|
dd89bb |
__in void * hprocess,
|
|
|
dd89bb |
__in uint32_t desired_access,
|
|
|
dd89bb |
__out void ** htoken);
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef int32_t __stdcall ntapi_zw_open_thread_token(
|
|
|
dd89bb |
__in void * hthread,
|
|
|
dd89bb |
__in uint32_t desired_access,
|
|
|
dd89bb |
__in int32_t open_as_self,
|
|
|
dd89bb |
__out void ** htoken);
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef int32_t __stdcall ntapi_zw_duplicate_token(
|
|
|
dd89bb |
__in void * htoken_existing,
|
|
|
dd89bb |
__in uint32_t desired_access,
|
|
|
dd89bb |
__in nt_object_attributes * obj_attr,
|
|
|
dd89bb |
__in int32_t effective_only,
|
|
|
dd89bb |
__in nt_token_type token_type,
|
|
|
dd89bb |
__out void ** htoken_new);
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef int32_t __stdcall ntapi_zw_filter_token(
|
|
|
dd89bb |
__in void * htoken_existing,
|
|
|
dd89bb |
__in uint32_t flags,
|
|
|
dd89bb |
__in nt_token_groups * sids_to_disable,
|
|
|
dd89bb |
__in nt_token_privileges * privileges_to_delete,
|
|
|
dd89bb |
__in nt_token_groups * sids_to_restrict,
|
|
|
dd89bb |
__out void ** htoken_new);
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef int32_t __stdcall ntapi_zw_adjust_privileges_token(
|
|
|
dd89bb |
__in void * htoken,
|
|
|
dd89bb |
__in int32_t disable_all_privileges,
|
|
|
dd89bb |
__in nt_token_privileges * new_state,
|
|
|
dd89bb |
__in size_t buffer_length,
|
|
|
dd89bb |
__in nt_token_privileges * prev_state __optional,
|
|
|
dd89bb |
__out size_t * returned_length);
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef int32_t __stdcall ntapi_zw_adjust_groups_token(
|
|
|
dd89bb |
__in void * htoken,
|
|
|
dd89bb |
__in int32_t reset_to_default,
|
|
|
dd89bb |
__in nt_token_groups * new_state,
|
|
|
dd89bb |
__in size_t buffer_length,
|
|
|
dd89bb |
__in nt_token_groups * prev_state __optional,
|
|
|
dd89bb |
__out size_t * returned_length);
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef int32_t __stdcall ntapi_zw_query_information_token(
|
|
|
dd89bb |
__in void * htoken,
|
|
|
dd89bb |
__in nt_token_info_class token_info_class,
|
|
|
dd89bb |
__out void * token_info,
|
|
|
dd89bb |
__in size_t token_info_length,
|
|
|
dd89bb |
__out size_t * returned_length);
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
typedef int32_t __stdcall ntapi_zw_set_information_token(
|
|
|
dd89bb |
__in void * htoken,
|
|
|
dd89bb |
__in nt_token_info_class token_info_class,
|
|
|
dd89bb |
__in void * token_info,
|
|
|
dd89bb |
__in size_t token_info_length);
|
|
|
dd89bb |
|
|
|
dd89bb |
#endif
|