Amebis/WinStd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add DuplicateTokenEx()

Browse Source 
Signed-off-by: Simon Rozman <simon@rozman.si>
This commit is contained in:
Simon Rozman 2022-10-14 14:24:27 +02:00
parent 3cf2e96b07
commit bd5c1fdd9d
2 changed files with 36 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
UnitTests/Win.cpp
View File

@ -37,6 +37,27 @@ namespace UnitTests
Assert::IsTrue(::CreateWellKnownSid(WinBuiltinAdministratorsSid, NULL, sid)); Assert::IsTrue(::CreateWellKnownSid(WinBuiltinAdministratorsSid, NULL, sid));
} }
TEST_METHOD(DuplicateTokenEx)
{
winstd::win_handle<NULL> processToken;
Assert::IsTrue(::OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_DUPLICATE, processToken));
winstd::win_handle<NULL> token;
Assert::IsTrue(::DuplicateTokenEx(processToken, TOKEN_QUERY | TOKEN_IMPERSONATE, NULL, SecurityIdentification, TokenImpersonation, &token));
}
TEST_METHOD(CheckTokenMembership)
{
std::unique_ptr<SID> sid;
Assert::IsTrue(::CreateWellKnownSid(WinBuiltinAdministratorsSid, NULL, sid));
winstd::win_handle<NULL> processToken;
Assert::IsTrue(::OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_DUPLICATE, processToken));
winstd::win_handle<NULL> token;
Assert::IsTrue(::DuplicateTokenEx(processToken, TOKEN_QUERY | TOKEN_IMPERSONATE, NULL, SecurityIdentification, TokenImpersonation, &token));
BOOL bIsMember = 0xcdcdcdcd;
Assert::IsTrue(::CheckTokenMembership(token, sid.get(), &bIsMember));
Assert::IsTrue(bIsMember == TRUE || bIsMember == FALSE);
}
TEST_METHOD(library) TEST_METHOD(library)
{ {
winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)); winstd::library lib_shell32(LoadLibraryEx(_T("shell32.dll"), NULL, LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE));

15
include/WinStd/Win.h
View File

@ -2414,6 +2414,21 @@ static BOOL OpenProcessToken(_In_ HANDLE ProcessHandle, _In_ DWORD DesiredAccess
return FALSE; return FALSE;
} }
///
/// Creates a new access token that duplicates an existing token. This function can create either a primary token or an impersonation token.
///
/// \sa [DuplicateTokenEx function](https://learn.microsoft.com/en-us/windows/win32/api/securitybaseapi/nf-securitybaseapi-duplicatetokenex)
///
static BOOL DuplicateTokenEx(_In_ HANDLE hExistingToken, _In_ DWORD dwDesiredAccess, _In_opt_ LPSECURITY_ATTRIBUTES lpTokenAttributes, _In_ SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, _In_ TOKEN_TYPE TokenType, _Inout_ winstd::win_handle<NULL> &NewToken)
{
HANDLE h;
if (DuplicateTokenEx(hExistingToken, dwDesiredAccess, lpTokenAttributes, ImpersonationLevel, TokenType, &h)) {
NewToken.attach(h);
return TRUE;
}
return FALSE;
}
#pragma warning(pop) #pragma warning(pop)
/// @} /// @}