Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=51347 Signed-off-by: Zebediah Figura z.figura12@gmail.com --- dlls/advapi32/tests/security.c | 4 ++-- server/process.c | 2 +- server/security.h | 2 +- server/token.c | 8 ++++---- 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c index d39aaba7323..d32bf27bd83 100644 --- a/dlls/advapi32/tests/security.c +++ b/dlls/advapi32/tests/security.c @@ -8202,9 +8202,9 @@ static void test_elevation(void) ok(elevation.TokenIsElevated == FALSE, "got elevation %#x\n", elevation.TokenIsElevated); ret = GetTokenInformation(linked.LinkedToken, TokenType, &type, sizeof(type), &size); ok(ret, "got error %u\n", GetLastError()); - todo_wine ok(type == TokenImpersonation, "got type %#x\n", type); + ok(type == TokenImpersonation, "got type %#x\n", type); ret = GetTokenInformation(linked.LinkedToken, TokenImpersonationLevel, &type, sizeof(type), &size); - todo_wine ok(ret, "got error %u\n", GetLastError()); + ok(ret, "got error %u\n", GetLastError()); ok(type == SecurityIdentification, "got impersonation level %#x\n", type);

/* Asking for the linked token again gives us a different token. */ diff --git a/server/process.c b/server/process.c index 24b7abb49d5..9288bcc27d5 100644 --- a/server/process.c +++ b/server/process.c @@ -664,7 +664,7 @@ struct process *create_process( int fd, struct process *parent, unsigned int fla if (!parent) { process->handles = alloc_handle_table( process, 0 ); - process->token = token_create_admin( TokenElevationTypeFull ); + process->token = token_create_admin( TRUE, -1, TokenElevationTypeFull ); process->affinity = ~0; } else diff --git a/server/security.h b/server/security.h index 416e1b6902d..f7e644aa1b7 100644 --- a/server/security.h +++ b/server/security.h @@ -54,7 +54,7 @@ extern const PSID security_high_label_sid; /* token functions */

extern struct token *get_token_obj( struct process *process, obj_handle_t handle, unsigned int access ); -extern struct token *token_create_admin( int elevation ); +extern struct token *token_create_admin( unsigned primary, int impersonation_level, int elevation ); extern int token_assign_label( struct token *token, PSID label ); extern struct token *token_duplicate( struct token *src_token, unsigned primary, int impersonation_level, const struct security_descriptor *sd, diff --git a/server/token.c b/server/token.c index ad5d7cda323..fed7d93753e 100644 --- a/server/token.c +++ b/server/token.c @@ -830,7 +830,7 @@ struct token *get_token_obj( struct process *process, obj_handle_t handle, unsig return (struct token *)get_handle_obj( process, handle, access, &token_ops ); }

-struct token *token_create_admin( int elevation ) +struct token *token_create_admin( unsigned primary, int impersonation_level, int elevation ) { struct token *token = NULL; static const SID_IDENTIFIER_AUTHORITY nt_authority = { SECURITY_NT_AUTHORITY }; @@ -890,9 +890,9 @@ struct token *token_create_admin( int elevation ) { logon_sid, SE_GROUP_ENABLED|SE_GROUP_ENABLED_BY_DEFAULT|SE_GROUP_MANDATORY|SE_GROUP_LOGON_ID }, }; static const TOKEN_SOURCE admin_source = {"SeMgr", {0, 0}}; - token = create_token( TRUE, user_sid, admin_groups, ARRAY_SIZE( admin_groups ), + token = create_token( primary, user_sid, admin_groups, ARRAY_SIZE( admin_groups ), admin_privs, ARRAY_SIZE( admin_privs ), default_dacl, - admin_source, NULL, -1, elevation ); + admin_source, NULL, impersonation_level, elevation ); /* we really need a primary group */ assert( token->primary_group ); } @@ -1669,7 +1669,7 @@ DECL_HANDLER(create_linked_token) release_object( token ); return; } - if ((linked = token_create_admin( elevation ))) + if ((linked = token_create_admin( FALSE, SecurityIdentification, elevation ))) { reply->linked = alloc_handle( current->process, linked, TOKEN_ALL_ACCESS, 0 ); release_object( linked );