1 /*
2  * PROJECT:         ReactOS API tests
3  * LICENSE:         GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
4  * PURPOSE:         Tests for the NtAdjustPrivilegesToken API
5  * COPYRIGHT:       Copyright 2021 George Bișoc <george.bisoc@reactos.org>
6  */
7 
8 #include "precomp.h"
9 
10 static
11 BOOL
12 IsPrivilegeEnabled(
13     _In_ HANDLE TokenHandle,
14     _In_ ULONG Privilege)
15 {
16     PRIVILEGE_SET PrivSet;
17     BOOL Result, Success;
18 
19     PrivSet.PrivilegeCount = 1;
20     PrivSet.Control = PRIVILEGE_SET_ALL_NECESSARY;
21     PrivSet.Privilege[0].Luid = RtlConvertUlongToLuid(Privilege);
22     PrivSet.Privilege[0].Attributes = 0;
23 
24     Success = PrivilegeCheck(TokenHandle, &PrivSet, &Result);
25     if (!Success)
26     {
27         skip("Failed to check the privilege (error code: %lu)\n", GetLastError());
28         return FALSE;
29     }
30 
31     return Result;
32 }
33 
34 static
35 VOID
36 AdjustEnableDefaultPriv(VOID)
37 {
38     NTSTATUS Status;
39     HANDLE Token;
40     TOKEN_PRIVILEGES Priv;
41     BOOL Success, IsEnabled;
42     LUID PrivLuid;
43 
44     Success = OpenProcessToken(GetCurrentProcess(),
45                                TOKEN_READ | TOKEN_ADJUST_PRIVILEGES,
46                                &Token);
47     if (!Success)
48     {
49         skip("OpenProcessToken() has failed to get the process' token (error code: %lu)!\n", GetLastError());
50         return;
51     }
52 
53     Success = LookupPrivilegeValueW(NULL, L"SeImpersonatePrivilege", &PrivLuid);
54     if (!Success)
55     {
56         skip("LookupPrivilegeValueW() has failed to locate the privilege value (error code: %lu)!\n", GetLastError());
57         return;
58     }
59 
60     Priv.PrivilegeCount = 1;
61     Priv.Privileges[0].Luid = PrivLuid;
62     Priv.Privileges[0].Attributes = 0;
63 
64     IsEnabled = IsPrivilegeEnabled(Token, SE_IMPERSONATE_PRIVILEGE);
65     trace("The privilege is %s!\n", IsEnabled ? "enabled" : "disabled");
66 
67     Status = NtAdjustPrivilegesToken(Token,
68                                      FALSE,
69                                      &Priv,
70                                      0,
71                                      NULL,
72                                      NULL);
73     ok_hex(Status, STATUS_SUCCESS);
74 
75     IsEnabled = IsPrivilegeEnabled(Token, SE_IMPERSONATE_PRIVILEGE);
76     trace("The privilege is %s!\n", IsEnabled ? "enabled" : "disabled");
77 
78     CloseHandle(Token);
79 }
80 
81 START_TEST(NtAdjustPrivilegesToken)
82 {
83     AdjustEnableDefaultPriv();
84 }
85