From 1d91d469ee534fab47fdb710a037378c103fee23 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Wed, 18 Mar 2015 16:54:19 +0100
Subject: [PATCH] Drop unneeded passwd argument from security functions

	* sec_auth.cc (get_server_groups): Drop unused passwd argument.  Adjust
	calls throughout.
	(get_initgroups_sidlist): Ditto.
	(get_setgroups_sidlist): Ditto.
	(create_token): Ditto.
	(lsaauth): Ditto.
	* security.h (create_token): Adjust prototype to above change.
	(lsaauth): Ditto.
	(get_server_groups): Ditto.
	* grp.cc (get_groups): Adjust call to get_server_groups.
	* syscalls.cc (seteuid32): Adjust calls to lsaauth and create_token.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
---
 winsup/cygwin/ChangeLog   | 14 ++++++++++++++
 winsup/cygwin/grp.cc      |  2 +-
 winsup/cygwin/sec_auth.cc | 23 +++++++++++------------
 winsup/cygwin/security.h  |  6 +++---
 winsup/cygwin/syscalls.cc |  4 ++--
 5 files changed, 31 insertions(+), 18 deletions(-)

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index acc3205eb..d6e94f0c5 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,17 @@
+2015-03-18  Corinna Vinschen  <corinna@vinschen.de>
+
+	* sec_auth.cc (get_server_groups): Drop unused passwd argument.  Adjust
+	calls throughout.
+	(get_initgroups_sidlist): Ditto.
+	(get_setgroups_sidlist): Ditto.
+	(create_token): Ditto.
+	(lsaauth): Ditto.
+	* security.h (create_token): Adjust prototype to above change.
+	(lsaauth): Ditto.
+	(get_server_groups): Ditto.
+	* grp.cc (get_groups): Adjust call to get_server_groups.
+	* syscalls.cc (seteuid32): Adjust calls to lsaauth and create_token.
+
 2015-03-17  Corinna Vinschen  <corinna@vinschen.de>
 
 	* grp.cc (internal_getgroups): Drop unused timeout parameter.
diff --git a/winsup/cygwin/grp.cc b/winsup/cygwin/grp.cc
index e1f5e4b23..53551161a 100644
--- a/winsup/cygwin/grp.cc
+++ b/winsup/cygwin/grp.cc
@@ -720,7 +720,7 @@ get_groups (const char *user, gid_t gid, cygsidlist &gsids)
   struct group *grp = internal_getgrgid (gid, &cldap);
   cygsid usersid, grpsid;
   if (usersid.getfrompw (pw))
-    get_server_groups (gsids, usersid, pw);
+    get_server_groups (gsids, usersid);
   if (gid != ILLEGAL_GID && grpsid.getfromgr (grp))
     gsids += grpsid;
   cygheap->user.reimpersonate ();
diff --git a/winsup/cygwin/sec_auth.cc b/winsup/cygwin/sec_auth.cc
index 37b53c643..aeb571de6 100644
--- a/winsup/cygwin/sec_auth.cc
+++ b/winsup/cygwin/sec_auth.cc
@@ -544,7 +544,7 @@ get_token_group_sidlist (cygsidlist &grp_list, PTOKEN_GROUPS my_grps,
 }
 
 bool
-get_server_groups (cygsidlist &grp_list, PSID usersid, struct passwd *pw)
+get_server_groups (cygsidlist &grp_list, PSID usersid)
 {
   WCHAR user[UNLEN + 1];
   WCHAR domain[MAX_DOMAIN_NAME_LEN + 1];
@@ -581,8 +581,7 @@ get_server_groups (cygsidlist &grp_list, PSID usersid, struct passwd *pw)
 }
 
 static bool
-get_initgroups_sidlist (cygsidlist &grp_list,
-			PSID usersid, PSID pgrpsid, struct passwd *pw,
+get_initgroups_sidlist (cygsidlist &grp_list, PSID usersid, PSID pgrpsid,
 			PTOKEN_GROUPS my_grps, LUID auth_luid, int &auth_pos)
 {
   grp_list *= well_known_world_sid;
@@ -591,7 +590,7 @@ get_initgroups_sidlist (cygsidlist &grp_list,
     auth_pos = -1;
   else
     get_token_group_sidlist (grp_list, my_grps, auth_luid, auth_pos);
-  if (!get_server_groups (grp_list, usersid, pw))
+  if (!get_server_groups (grp_list, usersid))
     return false;
 
   /* special_pgrp true if pgrpsid is not in normal groups */
@@ -600,14 +599,14 @@ get_initgroups_sidlist (cygsidlist &grp_list,
 }
 
 static void
-get_setgroups_sidlist (cygsidlist &tmp_list, PSID usersid, struct passwd *pw,
+get_setgroups_sidlist (cygsidlist &tmp_list, PSID usersid,
 		       PTOKEN_GROUPS my_grps, user_groups &groups,
 		       LUID auth_luid, int &auth_pos)
 {
   tmp_list *= well_known_world_sid;
   tmp_list *= well_known_authenticated_users_sid;
   get_token_group_sidlist (tmp_list, my_grps, auth_luid, auth_pos);
-  get_server_groups (tmp_list, usersid, pw);
+  get_server_groups (tmp_list, usersid);
   for (int gidx = 0; gidx < groups.sgsids.count (); gidx++)
     tmp_list += groups.sgsids.sids[gidx];
   tmp_list += groups.pgsid;
@@ -875,7 +874,7 @@ verify_token (HANDLE token, cygsid &usersid, user_groups &groups, bool *pintern)
 }
 
 HANDLE
-create_token (cygsid &usersid, user_groups &new_groups, struct passwd *pw)
+create_token (cygsid &usersid, user_groups &new_groups)
 {
   NTSTATUS status;
   LSA_HANDLE lsa = NULL;
@@ -964,9 +963,9 @@ create_token (cygsid &usersid, user_groups &new_groups, struct passwd *pw)
   /* Create list of groups, the user is member in. */
   int auth_pos;
   if (new_groups.issetgroups ())
-    get_setgroups_sidlist (tmp_gsids, usersid, pw, my_tok_gsids, new_groups,
+    get_setgroups_sidlist (tmp_gsids, usersid, my_tok_gsids, new_groups,
 			   auth_luid, auth_pos);
-  else if (!get_initgroups_sidlist (tmp_gsids, usersid, new_groups.pgsid, pw,
+  else if (!get_initgroups_sidlist (tmp_gsids, usersid, new_groups.pgsid,
 				    my_tok_gsids, auth_luid, auth_pos))
     goto out;
 
@@ -1037,7 +1036,7 @@ out:
 }
 
 HANDLE
-lsaauth (cygsid &usersid, user_groups &new_groups, struct passwd *pw)
+lsaauth (cygsid &usersid, user_groups &new_groups)
 {
   cygsidlist tmp_gsids (cygsidlist_auto, 12);
   cygpsid pgrpsid;
@@ -1111,9 +1110,9 @@ lsaauth (cygsid &usersid, user_groups &new_groups, struct passwd *pw)
   /* Create list of groups, the user is member in. */
   int auth_pos;
   if (new_groups.issetgroups ())
-    get_setgroups_sidlist (tmp_gsids, usersid, pw, NULL, new_groups, auth_luid,
+    get_setgroups_sidlist (tmp_gsids, usersid, NULL, new_groups, auth_luid,
 			   auth_pos);
-  else if (!get_initgroups_sidlist (tmp_gsids, usersid, new_groups.pgsid, pw,
+  else if (!get_initgroups_sidlist (tmp_gsids, usersid, new_groups.pgsid,
 				    NULL, auth_luid, auth_pos))
     goto out;
 
diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h
index 0800387bb..6af87e0d4 100644
--- a/winsup/cygwin/security.h
+++ b/winsup/cygwin/security.h
@@ -457,15 +457,15 @@ int setacl (HANDLE, path_conv &, int, struct acl *, bool &);
 /* Set impersonation or restricted token.  */
 void set_imp_token (HANDLE token, int type);
 /* Function creating a token by calling NtCreateToken. */
-HANDLE create_token (cygsid &usersid, user_groups &groups, struct passwd * pw);
+HANDLE create_token (cygsid &usersid, user_groups &groups);
 /* LSA authentication function. */
-HANDLE lsaauth (cygsid &, user_groups &, struct passwd *);
+HANDLE lsaauth (cygsid &, user_groups &);
 /* LSA private key storage authentication, same as when using service logons. */
 HANDLE lsaprivkeyauth (struct passwd *pw);
 /* Verify an existing token */
 bool verify_token (HANDLE token, cygsid &usersid, user_groups &groups, bool *pintern = NULL);
 /* Get groups of a user */
-bool get_server_groups (cygsidlist &grp_list, PSID usersid, struct passwd *pw);
+bool get_server_groups (cygsidlist &grp_list, PSID usersid);
 
 /* Extract U-domain\user field from passwd entry. */
 void extract_nt_dom_user (const struct passwd *pw, PWCHAR domain, PWCHAR user);
diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc
index 210061605..d2fb3534b 100644
--- a/winsup/cygwin/syscalls.cc
+++ b/winsup/cygwin/syscalls.cc
@@ -3374,10 +3374,10 @@ seteuid32 (uid_t uid)
       if (!new_token)
 	{
 	  debug_printf ("lsaprivkeyauth failed, try lsaauth.");
-	  if (!(new_token = lsaauth (usersid, groups, pw_new)))
+	  if (!(new_token = lsaauth (usersid, groups)))
 	    {
 	      debug_printf ("lsaauth failed, try create_token.");
-	      new_token = create_token (usersid, groups, pw_new);
+	      new_token = create_token (usersid, groups);
 	      if (new_token == INVALID_HANDLE_VALUE)
 		{
 		  debug_printf ("create_token failed, bail out of here");