JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Cygwin: seteuid: use Kerberos/MsV1_0 S4U authentication by default

Browse Source 
- This simple and official method replaces cyglsa and "create token"
  methods.  No network share access, same as before.

- lsaauth and create_token are disabled now.  If problems crop up,
  they can be easily reactivated.  If no problems crop up, they
  can be removed in a while, together with the lsaauth subdir.

- Bump Cygwin version to 3.0.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This commit is contained in:
Corinna Vinschen
2019-01-26 18:33:41 +01:00
parent 84230b71c6
commit 0fb497165f
8 changed files with 352 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
winsup/cygwin/security.h
View File

@@ -479,6 +479,8 @@ HANDLE create_token (cygsid &usersid, user_groups &groups);
HANDLE lsaauth (cygsid &, user_groups &);
/* LSA private key storage authentication, same as when using service logons. */
HANDLE lsaprivkeyauth (struct passwd *pw);
/* Kerberos or MsV1 S4U logon. */
HANDLE s4uauth (struct passwd *pw);
/* Verify an existing token */
bool verify_token (HANDLE token, cygsid &usersid, user_groups &groups, bool *pintern = NULL);
/* Get groups of a user */