* advapi32.cc (InitializeAcl): Remove.

(AddAce): Remove.
	(FindFirstFreeAce): Remove.
	(GetAce): Remove.
	(InitializeSecurityDescriptor): Remove.
	(OpenProcessToken): Remove.
	* dcrt0.cc: Replace above functions throughout with their ntdll.dll
	equivalent.
	* fhandler_tty.cc: Ditto.
	* flock.cc: Ditto.
	* pinfo.cc: Ditto.  Drop unnecessary error handling.
	* sec_acl.cc: Ditto.
	* sec_auth.cc: Ditto.
	* sec_helper.cc: Ditto.
	* security.cc: Ditto.
This commit is contained in:
Corinna Vinschen
2011-04-28 09:30:36 +00:00
parent 158e516b9d
commit 1754539e56
10 changed files with 65 additions and 98 deletions

View File

@ -463,7 +463,7 @@ get_null_sd ()
if (!null_sdp)
{
InitializeSecurityDescriptor (&sd, SECURITY_DESCRIPTOR_REVISION);
RtlCreateSecurityDescriptor (&sd, SECURITY_DESCRIPTOR_REVISION);
SetSecurityDescriptorDacl (&sd, TRUE, NULL, FALSE);
null_sdp = &sd;
}
@ -488,6 +488,7 @@ init_global_security ()
bool
sec_acl (PACL acl, bool original, bool admins, PSID sid1, PSID sid2, DWORD access2)
{
NTSTATUS status;
size_t acl_len = MAX_DACL_LEN (5);
LPVOID pAce;
cygpsid psid;
@ -496,9 +497,10 @@ sec_acl (PACL acl, bool original, bool admins, PSID sid1, PSID sid2, DWORD acces
if ((unsigned long) acl % 4)
api_fatal ("Incorrectly aligned incoming ACL buffer!");
#endif
if (!InitializeAcl (acl, acl_len, ACL_REVISION))
status = RtlCreateAcl (acl, acl_len, ACL_REVISION);
if (!NT_SUCCESS (status))
{
debug_printf ("InitializeAcl %E");
debug_printf ("RtlCreateAcl: %p", status);
return false;
}
if (sid1)
@ -521,11 +523,11 @@ sec_acl (PACL acl, bool original, bool admins, PSID sid1, PSID sid2, DWORD acces
if (!AddAccessAllowedAce (acl, ACL_REVISION,
GENERIC_ALL, well_known_system_sid))
debug_printf ("AddAccessAllowedAce(system) %E");
FindFirstFreeAce (acl, &pAce);
if (pAce)
status = RtlFirstFreeAce (acl, &pAce);
if (NT_SUCCESS (status) && pAce)
acl->AclSize = (char *) pAce - (char *) acl;
else
debug_printf ("FindFirstFreeAce %E");
debug_printf ("RtlFirstFreeAce: %p", status);
return true;
}
@ -545,8 +547,7 @@ __sec_user (PVOID sa_buf, PSID sid1, PSID sid2, DWORD access2, BOOL inherit)
if (!sec_acl (acl, true, true, sid1, sid2, access2))
return inherit ? &sec_none : &sec_none_nih;
if (!InitializeSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION))
debug_printf ("InitializeSecurityDescriptor %E");
RtlCreateSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION);
/*
* Setting the owner lets the created security attribute not work
@ -574,13 +575,14 @@ __sec_user (PVOID sa_buf, PSID sid1, PSID sid2, DWORD access2, BOOL inherit)
PSECURITY_DESCRIPTOR
_everyone_sd (void *buf, ACCESS_MASK access)
{
NTSTATUS status;
PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR) buf;
if (psd)
{
InitializeSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION);
RtlCreateSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION);
PACL dacl = (PACL) (psd + 1);
InitializeAcl (dacl, MAX_DACL_LEN (1), ACL_REVISION);
RtlCreateAcl (dacl, MAX_DACL_LEN (1), ACL_REVISION);
if (!AddAccessAllowedAce (dacl, ACL_REVISION, access,
well_known_world_sid))
{
@ -588,9 +590,10 @@ _everyone_sd (void *buf, ACCESS_MASK access)
return NULL;
}
LPVOID ace;
if (!FindFirstFreeAce (dacl, &ace))
status = RtlFirstFreeAce (dacl, &ace);
if (!NT_SUCCESS (status))
{
debug_printf ("FindFirstFreeAce: %lu", GetLastError ());
debug_printf ("RtlFirstFreeAce: %p", status);
return NULL;
}
dacl->AclSize = (char *) ace - (char *) dacl;