JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Cygwin: Accommodate logon sessions on Windows 10

Browse Source 
Starting with Windows 10, LookupAccountSid/Name return valid
info for the login session with new SID_NAME_USE value
SidTypeLogonSession.  To return the same info as on pre-Windows 10,
we have to handle this type.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This commit is contained in:
Corinna Vinschen
2018-08-28 11:26:52 +02:00
parent 3aba266aa9
commit 03cd2c4efa
2 changed files with 34 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
winsup/cygwin/release/2.11.0
View File

@@ -78,3 +78,6 @@ Bug Fixes
- Fix handling of unknown accounts in file ACLs. Add name->SID - Fix handling of unknown accounts in file ACLs. Add name->SID
conversion for (most) self-constructed account names. conversion for (most) self-constructed account names.
Addresses: https://cygwin.com/ml/cygwin/2018-08/msg00295.html Addresses: https://cygwin.com/ml/cygwin/2018-08/msg00295.html
- Correctly handle Logon Session accounts on Windows 10.
Addresses: Found during debugging

32
winsup/cygwin/uinfo.cc
View File

@@ -1821,6 +1821,14 @@ pwdgrp::construct_sid_from_name (cygsid &sid, wchar_t *name, wchar_t *sep)
} }
return false; return false;
} }
if (!sep && wcscmp (name, L"CurrentSession") == 0)
{
get_logon_sid ();
if (PSID (logon_sid) == NO_SID)
return false;
sid = logon_sid;
return true;
}
if (!sep && wcscmp (name, L"Authentication authority asserted identity") == 0) if (!sep && wcscmp (name, L"Authentication authority asserted identity") == 0)
{ {
sid.create (18, 1, 1); sid.create (18, 1, 1);
@@ -1903,6 +1911,8 @@ pwdgrp::construct_sid_from_name (cygsid &sid, wchar_t *name, wchar_t *sep)
return false; return false;
} }
/* CV 2018-08-28: SidTypeLogonSession is not yet defined in Mingw64. */
#define SidTypeLogonSession 11
char * char *
pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
@@ -2268,7 +2278,7 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
if (acc_type == SidTypeUser if (acc_type == SidTypeUser
&& (sid_sub_auth_count (sid) <= 3 || sid_id_auth (sid) == 11)) && (sid_sub_auth_count (sid) <= 3 || sid_id_auth (sid) == 11))
acc_type = SidTypeWellKnownGroup; acc_type = SidTypeWellKnownGroup;
switch (acc_type) switch ((int) acc_type)
{ {
case SidTypeUser: case SidTypeUser:
if (is_group ()) if (is_group ())
@@ -2598,6 +2608,26 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
if (uid == 0x10000 || uid == 0x10100) if (uid == 0x10000 || uid == 0x10100)
return NULL; return NULL;
break; break;
case SidTypeLogonSession:
/* Starting with Windows 10, LookupAccountSid/Name return valid
info for the login session with new SID_NAME_USE value
SidTypeLogonSession. To return the same info as on
pre-Windows 10, we have to handle this type explicitely here
now and convert the name to "CurrentSession". */
get_logon_sid ();
if (PSID (logon_sid) == NO_SID)
return NULL;
if (RtlEqualSid (sid, logon_sid))
{
uid = 0xfff;
wcpcpy (name = namebuf, L"CurrentSession");
}
else
{
uid = 0xffe;
wcpcpy (name = namebuf, L"OtherSession");
}
break;
case SidTypeLabel: case SidTypeLabel:
uid = 0x60000 + sid_sub_auth_rid (sid); uid = 0x60000 + sid_sub_auth_rid (sid);
fully_qualified_name = cygheap->pg.nss_prefix_always (); fully_qualified_name = cygheap->pg.nss_prefix_always ();