Add cygsid methods to create SIDs from scratch

So far creating cygsids requires to generate an "S-1-..." string
which is then converted to a SID by cygsid::getfromstr.

Add two new methods:

- cygsid::create (DWORD auth, DWORD subauth_count, ...)

    ... is a variable length list of subauth_count DWORD values being
    the actual subauths.

- cygsid::append (DWORD rid)

    allows to append a single RID to an alreaday constituted SID.

	* security.h (cygsid::create): Declare public.
	(cygsid::append): Ditto.
	* sec_helper.cc (cygsid::create): Implement.
	(cygsid::append): Implement.
	* uinfo.cc (pwdgrp::fetch_account_from_windows): Use both new
	methods as appropriate.  Drop setting csid from string.  Create
	SID strings for printing SIDs only.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This commit is contained in:
Corinna Vinschen
2016-03-12 16:39:19 +01:00
parent 5b972d5b29
commit 018fa93e2b
3 changed files with 54 additions and 23 deletions

View File

@@ -13,6 +13,7 @@ details. */
#include "winsup.h"
#include <stdlib.h>
#include <stdarg.h>
#include <cygwin/acl.h>
#include <sys/queue.h>
#include <authz.h>
@@ -284,6 +285,37 @@ cygsid::getfromstr (const char *nsidstr, bool well_known)
return psid = NO_SID;
}
const PSID
cygsid::create (DWORD auth, DWORD subauth_cnt, ...)
{
va_list ap;
PSID sid;
if (subauth_cnt > SID_MAX_SUB_AUTHORITIES)
return NULL;
DWORD subauth[subauth_cnt];
va_start (ap, subauth_cnt);
for (DWORD i = 0; i < subauth_cnt; ++i)
subauth[i] = va_arg (ap, DWORD);
sid = get_sid (auth, subauth_cnt, subauth, false);
va_end (ap);
return sid;
}
bool
cygsid::append (DWORD rid)
{
if (psid == NO_SID)
return false;
PISID dsid = (PISID) psid;
if (dsid->SubAuthorityCount >= SID_MAX_SUB_AUTHORITIES)
return false;
dsid->SubAuthority[dsid->SubAuthorityCount++] = rid;
return true;
}
cygsid *
cygsidlist::alloc_sids (int n)
{