firehazard 0.0.0-2022-09-10

Unopinionated low level API bindings focused on soundness, safety, and stronger types over raw FFI.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

/// \[[docs.microsoft.com](https://docs.microsoft.com/en-us/windows/win32/api/securitybaseapi/nf-securitybaseapi-duplicatetokenex)\]
/// DuplicateTokenEx
///
/// Deep clones the token handle, giving it it's own unique permissions list etc.
/// that can be modified without changing the permissions of the original `token`.
///
/// ### Example
/// ```
/// # use firehazard::*;
/// let tok : token::OwnedHandle = open_process_token(get_current_process(), token::ALL_ACCESS).unwrap();
///
/// let dup : token::OwnedHandle = duplicate_token_ex(
///     &tok, token::ALL_ACCESS, None, security::Delegation, token::Primary
/// ).unwrap();
///
/// assert_ne!(tok.as_handle(), dup.as_handle());
/// ```
pub fn duplicate_token_ex(
    token:                  &crate::token::OwnedHandle,
    desired_access:         impl Into<crate::token::AccessRights>,
    token_attributes:       Option<&crate::security::Attributes>,
    impersonation_level:    crate::security::ImpersonationLevel,
    token_type:             crate::token::Type,
) -> Result<crate::token::OwnedHandle, crate::Error> {
    use crate::*;
    use core::ptr::{null, null_mut};

    let mut new = null_mut();
    Error::get_last_if(0 == unsafe { winapi::um::securitybaseapi::DuplicateTokenEx(
        token.as_handle(),
        desired_access.into().into(),
        token_attributes.map_or(null(), |a| a) as *mut _,
        impersonation_level.into(),
        token_type.into(),
        &mut new
    )})?;

    unsafe { token::OwnedHandle::from_raw(new) }
}