JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Use hMainProc where appropriate, throughout.

Browse Source 
* environ.cc (spenv::retrieve): Add debugging statements.
* pinfo.cc (set_myself): Don't call strace.hello if already stracing.
* strace.cc (strace): Move NO_COPY keyword so that it will actually take
effect.
This commit is contained in:
Christopher Faylor 2002-06-19 15:27:27 +00:00
parent 834224ab85
commit 03a2ce9a36
9 changed files with 112 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,12 @@
2002-06-19 Christopher Faylor <cgf@redhat.com>
Use hMainProc where appropriate, throughout.
* environ.cc (spenv::retrieve): Add debugging statements.
* pinfo.cc (set_myself): Don't call strace.hello if already stracing.
* strace.cc (strace): Move NO_COPY keyword so that it will actually
take effect.
2002-06-19 Corinna Vinschen <corinna@vinschen.de> 2002-06-19 Corinna Vinschen <corinna@vinschen.de>
* uinfo.cc (cygheap_user::ontherange): Call NetUserGetInfo() only with * uinfo.cc (cygheap_user::ontherange): Call NetUserGetInfo() only with

41
winsup/cygwin/environ.cc
View File

@ -58,16 +58,16 @@ static NO_COPY win_env conv_envvars[] =
cygwin_posix_to_win32_path_list, cygwin_posix_to_win32_path_list,
cygwin_win32_to_posix_path_list_buf_size, cygwin_win32_to_posix_path_list_buf_size,
cygwin_posix_to_win32_path_list_buf_size}, cygwin_posix_to_win32_path_list_buf_size},
{NL ("HOME="), NULL, NULL, cygwin_conv_to_full_posix_path, cygwin_conv_to_full_win32_path, {NL ("HOME="), NULL, NULL, cygwin_conv_to_full_posix_path,
return_MAX_PATH, return_MAX_PATH}, cygwin_conv_to_full_win32_path, return_MAX_PATH, return_MAX_PATH},
{NL ("LD_LIBRARY_PATH="), NULL, NULL, cygwin_conv_to_full_posix_path, {NL ("LD_LIBRARY_PATH="), NULL, NULL, cygwin_conv_to_full_posix_path,
cygwin_conv_to_full_win32_path, return_MAX_PATH, return_MAX_PATH}, cygwin_conv_to_full_win32_path, return_MAX_PATH, return_MAX_PATH},
{NL ("TMPDIR="), NULL, NULL, cygwin_conv_to_full_posix_path, cygwin_conv_to_full_win32_path, {NL ("TMPDIR="), NULL, NULL, cygwin_conv_to_full_posix_path,
return_MAX_PATH, return_MAX_PATH}, cygwin_conv_to_full_win32_path, return_MAX_PATH, return_MAX_PATH},
{NL ("TMP="), NULL, NULL, cygwin_conv_to_full_posix_path, cygwin_conv_to_full_win32_path, {NL ("TMP="), NULL, NULL, cygwin_conv_to_full_posix_path,
return_MAX_PATH, return_MAX_PATH}, cygwin_conv_to_full_win32_path, return_MAX_PATH, return_MAX_PATH},
{NL ("TEMP="), NULL, NULL, cygwin_conv_to_full_posix_path, cygwin_conv_to_full_win32_path, {NL ("TEMP="), NULL, NULL, cygwin_conv_to_full_posix_path,
return_MAX_PATH, return_MAX_PATH}, cygwin_conv_to_full_win32_path, return_MAX_PATH, return_MAX_PATH},
{NULL, 0, NULL, NULL, NULL, NULL, 0, 0} {NULL, 0, NULL, NULL, NULL, NULL, 0, 0}
}; };
@ -780,18 +780,30 @@ spenv::retrieve (bool no_envblock, const char *const envname)
{ {
if (envname && !strncasematch (envname, name, namelen)) if (envname && !strncasematch (envname, name, namelen))
return NULL; return NULL;
debug_printf ("no_envblock %d", no_envblock);
if (from_cygheap) if (from_cygheap)
{ {
const char *p; const char *p;
if (!cygheap->user.issetuid ()) if (cygheap->user.issetuid ())
debug_printf ("calculating for setuid");
else
{ {
debug_printf ("calculating for non-setuid");
if (!envname) if (!envname)
return NULL; /* No need to force these into the {
debug_printf ("not adding %s to windows environment", name);
return NULL; /* No need to force these into the
environment */ environment */
}
if (no_envblock) if (no_envblock)
return cstrdup1 (envname); /* Don't really care what it's set to {
debug_printf ("duping existing value for '%s'", name);
return cstrdup1 (envname);/* Don't really care what it's set to
if we're calling a cygwin program */ if we're calling a cygwin program */
}
} }
/* Calculate (potentially) value for given environment variable. */ /* Calculate (potentially) value for given environment variable. */
@ -801,6 +813,7 @@ spenv::retrieve (bool no_envblock, const char *const envname)
char *s = (char *) cmalloc (HEAP_1_STR, namelen + strlen (p) + 1); char *s = (char *) cmalloc (HEAP_1_STR, namelen + strlen (p) + 1);
strcpy (s, name); strcpy (s, name);
(void) strcpy (s + namelen, p); (void) strcpy (s + namelen, p);
debug_printf ("using computed value for '%s'", name);
return s; return s;
} }
@ -814,7 +827,11 @@ spenv::retrieve (bool no_envblock, const char *const envname)
char *p = (char *) cmalloc (HEAP_1_STR, namelen + ++vallen); char *p = (char *) cmalloc (HEAP_1_STR, namelen + ++vallen);
strcpy (p, name); strcpy (p, name);
if (GetEnvironmentVariable (name, p + namelen, vallen)) if (GetEnvironmentVariable (name, p + namelen, vallen))
return p; {
debug_printf ("using value from GetEnvironmentVariable for '%s'",
envname);
return p;
}
else else
cfree (p); cfree (p);
} }

2
winsup/cygwin/grp.cc
View File

@ -177,7 +177,7 @@ read_etc_group ()
cygsid tg; cygsid tg;
DWORD siz; DWORD siz;
if (OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &ptok)) if (OpenProcessToken (hMainProc, TOKEN_QUERY, &ptok))
{ {
if (GetTokenInformation (ptok, TokenPrimaryGroup, &tg, if (GetTokenInformation (ptok, TokenPrimaryGroup, &tg,
sizeof tg, &siz) sizeof tg, &siz)

2
winsup/cygwin/passwd.cc
View File

@ -168,7 +168,7 @@ read_etc_passwd ()
cygsid tu, tg; cygsid tu, tg;
DWORD siz; DWORD siz;
if (OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &ptok)) if (OpenProcessToken (hMainProc, TOKEN_QUERY, &ptok))
{ {
if (GetTokenInformation (ptok, TokenUser, &tu, sizeof tu, if (GetTokenInformation (ptok, TokenUser, &tu, sizeof tu,
&siz) &siz)

3
winsup/cygwin/pinfo.cc
View File

@ -63,7 +63,8 @@ set_myself (pid_t pid, HANDLE h)
(void) GetModuleFileName (NULL, myself->progname, (void) GetModuleFileName (NULL, myself->progname,
sizeof(myself->progname)); sizeof(myself->progname));
strace.hello (); if (!strace.active)
strace.hello ();
return; return;
} }

114
winsup/cygwin/security.cc
View File

@ -148,14 +148,14 @@ str2buf2lsa (LSA_STRING &tgt, char *buf, const char *srcstr)
tgt.Length = strlen (srcstr); tgt.Length = strlen (srcstr);
tgt.MaximumLength = tgt.Length + 1; tgt.MaximumLength = tgt.Length + 1;
tgt.Buffer = (PCHAR) buf; tgt.Buffer = (PCHAR) buf;
memcpy(buf, srcstr, tgt.MaximumLength); memcpy (buf, srcstr, tgt.MaximumLength);
} }
void void
str2buf2uni (UNICODE_STRING &tgt, WCHAR *buf, const char *srcstr) str2buf2uni (UNICODE_STRING &tgt, WCHAR *buf, const char *srcstr)
{ {
tgt.Length = strlen (srcstr) * sizeof (WCHAR); tgt.Length = strlen (srcstr) * sizeof (WCHAR);
tgt.MaximumLength = tgt.Length + sizeof(WCHAR); tgt.MaximumLength = tgt.Length + sizeof (WCHAR);
tgt.Buffer = (PWCHAR) buf; tgt.Buffer = (PWCHAR) buf;
sys_mbstowcs (buf, srcstr, tgt.MaximumLength); sys_mbstowcs (buf, srcstr, tgt.MaximumLength);
} }
@ -188,7 +188,7 @@ open_local_policy ()
LSA_OBJECT_ATTRIBUTES oa = { 0, 0, 0, 0, 0, 0 }; LSA_OBJECT_ATTRIBUTES oa = { 0, 0, 0, 0, 0, 0 };
LSA_HANDLE lsa = INVALID_HANDLE_VALUE; LSA_HANDLE lsa = INVALID_HANDLE_VALUE;
NTSTATUS ret = LsaOpenPolicy(NULL, &oa, POLICY_EXECUTE, &lsa); NTSTATUS ret = LsaOpenPolicy (NULL, &oa, POLICY_EXECUTE, &lsa);
if (ret != STATUS_SUCCESS) if (ret != STATUS_SUCCESS)
__seterrno_from_win_error (LsaNtStatusToWinError (ret)); __seterrno_from_win_error (LsaNtStatusToWinError (ret));
return lsa; return lsa;
@ -217,7 +217,7 @@ get_lsa_srv_inf (LSA_HANDLE lsa, char *logonserver, char *domain)
if ((ret = LsaQueryInformationPolicy (lsa, PolicyAccountDomainInformation, if ((ret = LsaQueryInformationPolicy (lsa, PolicyAccountDomainInformation,
(PVOID *) &adi)) != STATUS_SUCCESS) (PVOID *) &adi)) != STATUS_SUCCESS)
{ {
__seterrno_from_win_error (LsaNtStatusToWinError(ret)); __seterrno_from_win_error (LsaNtStatusToWinError (ret));
return FALSE; return FALSE;
} }
lsa2wchar (account, adi->DomainName, INTERNET_MAX_HOST_NAME_LENGTH + 1); lsa2wchar (account, adi->DomainName, INTERNET_MAX_HOST_NAME_LENGTH + 1);
@ -225,7 +225,7 @@ get_lsa_srv_inf (LSA_HANDLE lsa, char *logonserver, char *domain)
if ((ret = LsaQueryInformationPolicy (lsa, PolicyPrimaryDomainInformation, if ((ret = LsaQueryInformationPolicy (lsa, PolicyPrimaryDomainInformation,
(PVOID *) &pdi)) != STATUS_SUCCESS) (PVOID *) &pdi)) != STATUS_SUCCESS)
{ {
__seterrno_from_win_error (LsaNtStatusToWinError(ret)); __seterrno_from_win_error (LsaNtStatusToWinError (ret));
return FALSE; return FALSE;
} }
lsa2wchar (primary, pdi->Name, INTERNET_MAX_HOST_NAME_LENGTH + 1); lsa2wchar (primary, pdi->Name, INTERNET_MAX_HOST_NAME_LENGTH + 1);
@ -234,7 +234,7 @@ get_lsa_srv_inf (LSA_HANDLE lsa, char *logonserver, char *domain)
not member of a domain. The name in the primary domain info is the not member of a domain. The name in the primary domain info is the
name of the workgroup then. */ name of the workgroup then. */
if (pdi->Sid && if (pdi->Sid &&
(ret = NetGetDCName(NULL, primary, (LPBYTE *) &buf)) == STATUS_SUCCESS) (ret = NetGetDCName (NULL, primary, (LPBYTE *) &buf)) == STATUS_SUCCESS)
{ {
sys_wcstombs (name, buf, INTERNET_MAX_HOST_NAME_LENGTH + 1); sys_wcstombs (name, buf, INTERNET_MAX_HOST_NAME_LENGTH + 1);
strcpy (logonserver, name); strcpy (logonserver, name);
@ -306,8 +306,8 @@ get_user_groups (WCHAR *wlogonserver, cygsidlist &grp_list, char *user, char * d
return ret == NERR_UserNotFound; return ret == NERR_UserNotFound;
} }
len = strlen(domain); len = strlen (domain);
strcpy(dgroup, domain); strcpy (dgroup, domain);
dgroup[len++] = '\\'; dgroup[len++] = '\\';
for (DWORD i = 0; i < cnt; ++i) for (DWORD i = 0; i < cnt; ++i)
@ -323,7 +323,7 @@ get_user_groups (WCHAR *wlogonserver, cygsidlist &grp_list, char *user, char * d
debug_printf ("LookupAccountName(%s): %E", dgroup); debug_printf ("LookupAccountName(%s): %E", dgroup);
else if (legal_sid_type (use)) else if (legal_sid_type (use))
grp_list += gsid; grp_list += gsid;
else debug_printf("Global group %s invalid. Domain: %s Use: %d", else debug_printf ("Global group %s invalid. Domain: %s Use: %d",
dgroup, domain, use); dgroup, domain, use);
} }
@ -378,7 +378,7 @@ get_user_local_groups (cygsidlist &grp_list, PSID pusersid)
DWORD llen = INTERNET_MAX_HOST_NAME_LENGTH + 1; DWORD llen = INTERNET_MAX_HOST_NAME_LENGTH + 1;
if (!GetComputerNameA(lgroup, & llen)) if (!GetComputerNameA(lgroup, & llen))
{ {
__seterrno(); __seterrno ();
return FALSE; return FALSE;
} }
lgroup[llen++] = '\\'; lgroup[llen++] = '\\';
@ -397,14 +397,14 @@ get_user_local_groups (cygsidlist &grp_list, PSID pusersid)
{ {
if (GetLastError () != ERROR_NONE_MAPPED) if (GetLastError () != ERROR_NONE_MAPPED)
debug_printf ("LookupAccountName(%s): %E", bgroup); debug_printf ("LookupAccountName(%s): %E", bgroup);
strcpy(lgroup + llen, bgroup + blen); strcpy (lgroup + llen, bgroup + blen);
if (!LookupAccountName (NULL, lgroup, gsid, &glen, if (!LookupAccountName (NULL, lgroup, gsid, &glen,
domain, &dlen, &use)) domain, &dlen, &use))
debug_printf ("LookupAccountName(%s): %E", lgroup); debug_printf ("LookupAccountName(%s): %E", lgroup);
} }
if (legal_sid_type (use)) if (legal_sid_type (use))
grp_list += gsid; grp_list += gsid;
else debug_printf("Rejecting local %s. use: %d", bgroup + blen, use); else debug_printf ("Rejecting local %s. use: %d", bgroup + blen, use);
} }
NetApiBufferFree (buf); NetApiBufferFree (buf);
@ -644,7 +644,7 @@ get_priv_list (LSA_HANDLE lsa, cygsid &usersid, cygsidlist &grp_list)
PTOKEN_PRIVILEGES tmp; PTOKEN_PRIVILEGES tmp;
DWORD tmp_count; DWORD tmp_count;
lsa2str (buf, privstrs[i], sizeof(buf) - 1); lsa2str (buf, privstrs[i], sizeof (buf) - 1);
if (!LookupPrivilegeValue (NULL, buf, &priv)) if (!LookupPrivilegeValue (NULL, buf, &priv))
continue; continue;
@ -706,11 +706,11 @@ verify_token (HANDLE token, cygsid &usersid, cygsid &pgrpsid, BOOL * pintern)
{ {
char sd_buf[MAX_SID_LEN + sizeof (SECURITY_DESCRIPTOR)]; char sd_buf[MAX_SID_LEN + sizeof (SECURITY_DESCRIPTOR)];
PSID gsid = NO_SID; PSID gsid = NO_SID;
if (!GetKernelObjectSecurity(token, GROUP_SECURITY_INFORMATION, if (!GetKernelObjectSecurity (token, GROUP_SECURITY_INFORMATION,
(PSECURITY_DESCRIPTOR) sd_buf, (PSECURITY_DESCRIPTOR) sd_buf,
sizeof sd_buf, &size)) sizeof sd_buf, &size))
debug_printf ("GetKernelObjectSecurity(): %E"); debug_printf ("GetKernelObjectSecurity(): %E");
else if (!GetSecurityDescriptorGroup((PSECURITY_DESCRIPTOR) sd_buf, else if (!GetSecurityDescriptorGroup ((PSECURITY_DESCRIPTOR) sd_buf,
&gsid, (BOOL *) &size)) &gsid, (BOOL *) &size))
debug_printf ("GetSecurityDescriptorGroup(): %E"); debug_printf ("GetSecurityDescriptorGroup(): %E");
if (well_known_null_sid != gsid) return pgrpsid == gsid; if (well_known_null_sid != gsid) return pgrpsid == gsid;
@ -720,14 +720,16 @@ verify_token (HANDLE token, cygsid &usersid, cygsid &pgrpsid, BOOL * pintern)
BOOL ret = FALSE; BOOL ret = FALSE;
if (!GetTokenInformation (token, TokenGroups, NULL, 0, &size) && if (!GetTokenInformation (token, TokenGroups, NULL, 0, &size) &&
GetLastError () != ERROR_INSUFFICIENT_BUFFER) GetLastError () != ERROR_INSUFFICIENT_BUFFER)
debug_printf ("GetTokenInformation(token, TokenGroups): %E\n"); debug_printf ("GetTokenInformation(token, TokenGroups): %E\n");
else if (!(my_grps = (PTOKEN_GROUPS) malloc (size))) else if (!(my_grps = (PTOKEN_GROUPS) malloc (size)))
debug_printf ("malloc (my_grps) failed."); debug_printf ("malloc (my_grps) failed.");
else if (!GetTokenInformation (token, TokenGroups, my_grps, size, &size)) else if (!GetTokenInformation (token, TokenGroups, my_grps, size, &size))
debug_printf ("GetTokenInformation(my_token, TokenGroups): %E\n"); debug_printf ("GetTokenInformation(my_token, TokenGroups): %E\n");
else ret = sid_in_token_groups (my_grps, pgrpsid); else
if (my_grps) free (my_grps); ret = sid_in_token_groups (my_grps, pgrpsid);
if (my_grps)
free (my_grps);
return ret; return ret;
} }
@ -759,7 +761,7 @@ create_token (cygsid &usersid, cygsid &pgrpsid)
TOKEN_DEFAULT_DACL dacl; TOKEN_DEFAULT_DACL dacl;
TOKEN_SOURCE source; TOKEN_SOURCE source;
TOKEN_STATISTICS stats; TOKEN_STATISTICS stats;
memcpy(source.SourceName, "Cygwin.1", 8); memcpy (source.SourceName, "Cygwin.1", 8);
source.SourceIdentifier.HighPart = 0; source.SourceIdentifier.HighPart = 0;
source.SourceIdentifier.LowPart = 0x0101; source.SourceIdentifier.LowPart = 0x0101;
@ -784,7 +786,7 @@ create_token (cygsid &usersid, cygsid &pgrpsid)
owner.Owner = usersid; owner.Owner = usersid;
/* Retrieve authentication id and group list from own process. */ /* Retrieve authentication id and group list from own process. */
if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &my_token)) if (!OpenProcessToken (hMainProc, TOKEN_QUERY, &my_token))
debug_printf ("OpenProcessToken(my_token): %E\n"); debug_printf ("OpenProcessToken(my_token): %E\n");
else else
{ {
@ -842,7 +844,7 @@ create_token (cygsid &usersid, cygsid &pgrpsid)
goto out; goto out;
/* Create default dacl. */ /* Create default dacl. */
if (!sec_acl((PACL) acl_buf, FALSE, if (!sec_acl ((PACL) acl_buf, FALSE,
grpsids.contains (well_known_admins_sid)?well_known_admins_sid:usersid)) grpsids.contains (well_known_admins_sid)?well_known_admins_sid:usersid))
goto out; goto out;
dacl.DefaultDacl = (PACL) acl_buf; dacl.DefaultDacl = (PACL) acl_buf;
@ -924,17 +926,17 @@ subauth (struct passwd *pw)
HANDLE primary_token = INVALID_HANDLE_VALUE; HANDLE primary_token = INVALID_HANDLE_VALUE;
int old_tcb_state; int old_tcb_state;
if ((old_tcb_state = set_process_privilege(SE_TCB_NAME)) < 0) if ((old_tcb_state = set_process_privilege (SE_TCB_NAME)) < 0)
return INVALID_HANDLE_VALUE; return INVALID_HANDLE_VALUE;
/* Register as logon process. */ /* Register as logon process. */
str2lsa (name, "Cygwin"); str2lsa (name, "Cygwin");
SetLastError (0); SetLastError (0);
ret = LsaRegisterLogonProcess(&name, &lsa_hdl, &sec_mode); ret = LsaRegisterLogonProcess (&name, &lsa_hdl, &sec_mode);
if (ret != STATUS_SUCCESS) if (ret != STATUS_SUCCESS)
{ {
debug_printf ("LsaRegisterLogonProcess: %d", ret); debug_printf ("LsaRegisterLogonProcess: %d", ret);
__seterrno_from_win_error (LsaNtStatusToWinError(ret)); __seterrno_from_win_error (LsaNtStatusToWinError (ret));
goto out; goto out;
} }
else if (GetLastError () == ERROR_PROC_NOT_FOUND) else if (GetLastError () == ERROR_PROC_NOT_FOUND)
@ -944,44 +946,44 @@ subauth (struct passwd *pw)
} }
/* Get handle to MSV1_0 package. */ /* Get handle to MSV1_0 package. */
str2lsa (name, MSV1_0_PACKAGE_NAME); str2lsa (name, MSV1_0_PACKAGE_NAME);
ret = LsaLookupAuthenticationPackage(lsa_hdl, &name, &package_id); ret = LsaLookupAuthenticationPackage (lsa_hdl, &name, &package_id);
if (ret != STATUS_SUCCESS) if (ret != STATUS_SUCCESS)
{ {
debug_printf ("LsaLookupAuthenticationPackage: %d", ret); debug_printf ("LsaLookupAuthenticationPackage: %d", ret);
__seterrno_from_win_error (LsaNtStatusToWinError(ret)); __seterrno_from_win_error (LsaNtStatusToWinError (ret));
LsaDeregisterLogonProcess(lsa_hdl); LsaDeregisterLogonProcess (lsa_hdl);
goto out; goto out;
} }
/* Create origin. */ /* Create origin. */
str2buf2lsa (origin.str, origin.buf, "Cygwin"); str2buf2lsa (origin.str, origin.buf, "Cygwin");
/* Create token source. */ /* Create token source. */
memcpy(ts.SourceName, "Cygwin.1", 8); memcpy (ts.SourceName, "Cygwin.1", 8);
ts.SourceIdentifier.HighPart = 0; ts.SourceIdentifier.HighPart = 0;
ts.SourceIdentifier.LowPart = 0x0100; ts.SourceIdentifier.LowPart = 0x0100;
/* Get user information. */ /* Get user information. */
extract_nt_dom_user (pw, nt_domain, nt_user); extract_nt_dom_user (pw, nt_domain, nt_user);
/* Fill subauth with values. */ /* Fill subauth with values. */
subbuf.auth.MessageType = MsV1_0NetworkLogon; subbuf.auth.MessageType = MsV1_0NetworkLogon;
str2buf2uni(subbuf.auth.LogonDomainName, subbuf.dombuf, nt_domain); str2buf2uni (subbuf.auth.LogonDomainName, subbuf.dombuf, nt_domain);
str2buf2uni(subbuf.auth.UserName, subbuf.usrbuf, nt_user); str2buf2uni (subbuf.auth.UserName, subbuf.usrbuf, nt_user);
str2buf2uni(subbuf.auth.Workstation, subbuf.wkstbuf, ""); str2buf2uni (subbuf.auth.Workstation, subbuf.wkstbuf, "");
memcpy(subbuf.auth.ChallengeToClient, "12345678", MSV1_0_CHALLENGE_LENGTH); memcpy (subbuf.auth.ChallengeToClient, "12345678", MSV1_0_CHALLENGE_LENGTH);
str2buf2lsa(subbuf.auth.CaseSensitiveChallengeResponse, subbuf.authinf1, ""); str2buf2lsa (subbuf.auth.CaseSensitiveChallengeResponse, subbuf.authinf1, "");
str2buf2lsa(subbuf.auth.CaseInsensitiveChallengeResponse, subbuf.authinf2,""); str2buf2lsa (subbuf.auth.CaseInsensitiveChallengeResponse, subbuf.authinf2,"");
subbuf.auth.ParameterControl = 0 | (subauth_id << 24); subbuf.auth.ParameterControl = 0 | (subauth_id << 24);
/* Try to logon... */ /* Try to logon... */
ret = LsaLogonUser(lsa_hdl, (PLSA_STRING) &origin, Network, ret = LsaLogonUser (lsa_hdl, (PLSA_STRING) &origin, Network,
package_id, &subbuf, sizeof subbuf, package_id, &subbuf, sizeof subbuf,
NULL, &ts, (PVOID *)&profile, &size, NULL, &ts, (PVOID *)&profile, &size,
&luid, &user_token, &quota, &ret2); &luid, &user_token, &quota, &ret2);
if (ret != STATUS_SUCCESS) if (ret != STATUS_SUCCESS)
{ {
debug_printf ("LsaLogonUser: %d", ret); debug_printf ("LsaLogonUser: %d", ret);
__seterrno_from_win_error (LsaNtStatusToWinError(ret)); __seterrno_from_win_error (LsaNtStatusToWinError (ret));
LsaDeregisterLogonProcess(lsa_hdl); LsaDeregisterLogonProcess (lsa_hdl);
goto out; goto out;
} }
LsaFreeReturnBuffer(profile); LsaFreeReturnBuffer (profile);
/* Convert to primary token. */ /* Convert to primary token. */
if (!DuplicateTokenEx (user_token, TOKEN_ALL_ACCESS, &sa, if (!DuplicateTokenEx (user_token, TOKEN_ALL_ACCESS, &sa,
SecurityImpersonation, TokenPrimary, SecurityImpersonation, TokenPrimary,
@ -989,7 +991,7 @@ subauth (struct passwd *pw)
__seterrno (); __seterrno ();
out: out:
set_process_privilege(SE_TCB_NAME, old_tcb_state); set_process_privilege (SE_TCB_NAME, old_tcb_state);
if (user_token != INVALID_HANDLE_VALUE) if (user_token != INVALID_HANDLE_VALUE)
CloseHandle (user_token); CloseHandle (user_token);
return primary_token; return primary_token;
@ -1012,7 +1014,7 @@ out:
*/ */
LONG LONG
read_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, LPDWORD sd_size) read_sd (const char *file, PSECURITY_DESCRIPTOR sd_buf, LPDWORD sd_size)
{ {
/* Check parameters */ /* Check parameters */
if (!sd_size) if (!sd_size)
@ -1021,7 +1023,7 @@ read_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, LPDWORD sd_size)
return -1; return -1;
} }
debug_printf("file = %s", file); debug_printf ("file = %s", file);
DWORD len = 0; DWORD len = 0;
const char *pfile = file; const char *pfile = file;
@ -1030,7 +1032,7 @@ read_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, LPDWORD sd_size)
{ {
DWORD fname_len = min (sizeof (fbuf) - 1, strlen (file)); DWORD fname_len = min (sizeof (fbuf) - 1, strlen (file));
bzero (fbuf, sizeof (fbuf)); bzero (fbuf, sizeof (fbuf));
OemToCharBuff(file, fbuf, fname_len); OemToCharBuff (file, fbuf, fname_len);
pfile = fbuf; pfile = fbuf;
} }
@ -1043,7 +1045,7 @@ read_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, LPDWORD sd_size)
__seterrno (); __seterrno ();
return -1; return -1;
} }
debug_printf("file = %s: len=%d", file, len); debug_printf ("file = %s: len=%d", file, len);
if (len > *sd_size) if (len > *sd_size)
{ {
*sd_size = len; *sd_size = len;
@ -1053,7 +1055,7 @@ read_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, LPDWORD sd_size)
} }
LONG LONG
write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_size) write_sd (const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_size)
{ {
/* Check parameters */ /* Check parameters */
if (!sd_buf || !sd_size) if (!sd_buf || !sd_size)
@ -1169,8 +1171,8 @@ get_nt_attribute (const char *file, int *attribute,
return -1; return -1;
} }
__uid32_t uid = cygsid(owner_sid).get_uid (); __uid32_t uid = cygsid (owner_sid).get_uid ();
__gid32_t gid = cygsid(group_sid).get_gid (); __gid32_t gid = cygsid (group_sid).get_gid ();
if (uidret) if (uidret)
*uidret = uid; *uidret = uid;
if (gidret) if (gidret)
@ -1326,7 +1328,7 @@ add_access_allowed_ace (PACL acl, int offset, DWORD attributes,
return FALSE; return FALSE;
} }
ACCESS_ALLOWED_ACE *ace; ACCESS_ALLOWED_ACE *ace;
if (GetAce(acl, offset, (PVOID *) &ace)) if (GetAce (acl, offset, (PVOID *) &ace))
ace->Header.AceFlags |= inherit; ace->Header.AceFlags |= inherit;
len_add += sizeof (ACCESS_DENIED_ACE) - sizeof (DWORD) len_add += sizeof (ACCESS_DENIED_ACE) - sizeof (DWORD)
+ GetLengthSid (sid); + GetLengthSid (sid);
@ -1343,7 +1345,7 @@ add_access_denied_ace (PACL acl, int offset, DWORD attributes,
return FALSE; return FALSE;
} }
ACCESS_DENIED_ACE *ace; ACCESS_DENIED_ACE *ace;
if (GetAce(acl, offset, (PVOID *) &ace)) if (GetAce (acl, offset, (PVOID *) &ace))
ace->Header.AceFlags |= inherit; ace->Header.AceFlags |= inherit;
len_add += sizeof (ACCESS_DENIED_ACE) - sizeof (DWORD) len_add += sizeof (ACCESS_DENIED_ACE) - sizeof (DWORD)
+ GetLengthSid (sid); + GetLengthSid (sid);
@ -1373,8 +1375,8 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
if (!pw || !owner_sid.getfrompw (pw)) if (!pw || !owner_sid.getfrompw (pw))
return NULL; return NULL;
debug_printf ("owner: %s [%d]", owner, debug_printf ("owner: %s [%d]", owner,
*GetSidSubAuthority(owner_sid, *GetSidSubAuthority (owner_sid,
*GetSidSubAuthorityCount(owner_sid) - 1)); *GetSidSubAuthorityCount (owner_sid) - 1));
/* Get SID and name of new group. */ /* Get SID and name of new group. */
cygsid group_sid (NO_SID); cygsid group_sid (NO_SID);
@ -1406,14 +1408,14 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
SetSecurityDescriptorControl (&sd, SE_DACL_PROTECTED, SE_DACL_PROTECTED); SetSecurityDescriptorControl (&sd, SE_DACL_PROTECTED, SE_DACL_PROTECTED);
/* Create owner for local security descriptor. */ /* Create owner for local security descriptor. */
if (!SetSecurityDescriptorOwner(&sd, owner_sid, FALSE)) if (!SetSecurityDescriptorOwner (&sd, owner_sid, FALSE))
{ {
__seterrno (); __seterrno ();
return NULL; return NULL;
} }
/* Create group for local security descriptor. */ /* Create group for local security descriptor. */
if (group_sid && !SetSecurityDescriptorGroup(&sd, group_sid, FALSE)) if (group_sid && !SetSecurityDescriptorGroup (&sd, group_sid, FALSE))
{ {
__seterrno (); __seterrno ();
return NULL; return NULL;
@ -1559,7 +1561,7 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute,
* Add unrelated ACCESS_DENIED_ACE to the beginning but * Add unrelated ACCESS_DENIED_ACE to the beginning but
* behind the owner_deny, ACCESS_ALLOWED_ACE to the end. * behind the owner_deny, ACCESS_ALLOWED_ACE to the end.
*/ */
if (!AddAce(acl, ACL_REVISION, if (!AddAce (acl, ACL_REVISION,
ace->Header.AceType == ACCESS_DENIED_ACE_TYPE ? ace->Header.AceType == ACCESS_DENIED_ACE_TYPE ?
(owner_deny ? 1 : 0) : MAXDWORD, (owner_deny ? 1 : 0) : MAXDWORD,
(LPVOID) ace, ace->Header.AceSize)) (LPVOID) ace, ace->Header.AceSize))

2
winsup/cygwin/strace.cc
View File

@ -22,7 +22,7 @@ details. */
#define PROTECT(x) x[sizeof(x)-1] = 0 #define PROTECT(x) x[sizeof(x)-1] = 0
#define CHECK(x) if (x[sizeof(x)-1] != 0) { small_printf("array bound exceeded %d\n", __LINE__); ExitProcess(1); } #define CHECK(x) if (x[sizeof(x)-1] != 0) { small_printf("array bound exceeded %d\n", __LINE__); ExitProcess(1); }
class NO_COPY strace strace; class strace NO_COPY strace;
#ifndef NOSTRACE #ifndef NOSTRACE

22
winsup/cygwin/syscalls.cc
View File

@ -1978,8 +1978,7 @@ seteuid32 (__uid32_t uid)
sav_impersonated = cygheap->user.impersonated; sav_impersonated = cygheap->user.impersonated;
RevertToSelf(); RevertToSelf();
if (!OpenProcessToken (GetCurrentProcess (), if (!OpenProcessToken (hMainProc, TOKEN_QUERY | TOKEN_ADJUST_DEFAULT, &ptok))
TOKEN_QUERY | TOKEN_ADJUST_DEFAULT, &ptok))
{ {
__seterrno (); __seterrno ();
goto failed; goto failed;
@ -1987,17 +1986,17 @@ seteuid32 (__uid32_t uid)
/* Verify if the process token is suitable. /* Verify if the process token is suitable.
Currently we do not try to differentiate between Currently we do not try to differentiate between
internal tokens and others */ internal tokens and others */
process_ok = verify_token(ptok, usersid, pgrpsid); process_ok = verify_token (ptok, usersid, pgrpsid);
debug_printf("Process token %sverified", process_ok?"":"not "); debug_printf("Process token %sverified", process_ok ? "" : "not ");
if (process_ok) if (process_ok)
{ {
if (cygheap->user.token == INVALID_HANDLE_VALUE || if (cygheap->user.issetuid ())
!cygheap->user.impersonated) cygheap->user.impersonated = FALSE;
else
{ {
CloseHandle (ptok); CloseHandle (ptok);
return 0; /* No change */ return 0; /* No change */
} }
else cygheap->user.impersonated = FALSE;
} }
if (!process_ok && cygheap->user.token != INVALID_HANDLE_VALUE) if (!process_ok && cygheap->user.token != INVALID_HANDLE_VALUE)
@ -2007,7 +2006,9 @@ seteuid32 (__uid32_t uid)
& sav_token_is_internal_token); & sav_token_is_internal_token);
debug_printf("Thread token %d %sverified", debug_printf("Thread token %d %sverified",
cygheap->user.token, token_ok?"":"not "); cygheap->user.token, token_ok?"":"not ");
if (token_ok) if (!token_ok)
cygheap->user.token = INVALID_HANDLE_VALUE;
else
{ {
/* Return if current token is valid */ /* Return if current token is valid */
if (cygheap->user.impersonated) if (cygheap->user.impersonated)
@ -2018,7 +2019,6 @@ seteuid32 (__uid32_t uid)
return 0; /* No change */ return 0; /* No change */
} }
} }
else cygheap->user.token = INVALID_HANDLE_VALUE;
} }
/* Set process def dacl to allow access to impersonated token */ /* Set process def dacl to allow access to impersonated token */
@ -2152,9 +2152,7 @@ setegid32 (__gid32_t gid)
"TokenPrimaryGroup): %E"); "TokenPrimaryGroup): %E");
RevertToSelf (); RevertToSelf ();
} }
if (!OpenProcessToken (GetCurrentProcess (), if (!OpenProcessToken (hMainProc, TOKEN_ADJUST_DEFAULT, &ptok))
TOKEN_ADJUST_DEFAULT,
&ptok))
debug_printf ("OpenProcessToken(): %E\n"); debug_printf ("OpenProcessToken(): %E\n");
else else
{ {

3
winsup/cygwin/uinfo.cc
View File

@ -43,8 +43,7 @@ internal_getlogin (cygheap_user &user)
/* Try to get the SID either from current process and /* Try to get the SID either from current process and
store it in user.psid */ store it in user.psid */
if (!OpenProcessToken (GetCurrentProcess (), if (!OpenProcessToken (hMainProc, TOKEN_ADJUST_DEFAULT | TOKEN_QUERY,
TOKEN_ADJUST_DEFAULT | TOKEN_QUERY,
&ptok)) &ptok))
system_printf ("OpenProcessToken(): %E\n"); system_printf ("OpenProcessToken(): %E\n");
else if (!GetTokenInformation (ptok, TokenUser, &tu, sizeof tu, &siz)) else if (!GetTokenInformation (ptok, TokenUser, &tu, sizeof tu, &siz))