* security.cc: Change some formatting.

* include/cygwin/version.h: Bump API minor version.

        * cygheap.h (class cygheap_user): Add member groups.
        * security.h (class cygsidlist): Add members type and maxcount,
        methods position, addfromgr, alloc_sids and free_sids and
        operator+= (const PSID psid). Modify contains () to call
        position () and optimize add () to use maxcount.
        (class user_groups): Create.
        Update declarations of verify_token and create_token.
        * security.cc (cygsidlist::alloc_sids): New.
        (cygsidlist::free_sids): New.
        (get_token_group_sidlist): Create from get_group_sidlist.
        (get_initgroups_sidlist): Create from get_group_sidlist.
        (get_group_sidlist): Suppress.
        (get_setgroups_sidlist): Create.
        (verify_token): Modify arguments. Add setgroups case.
        (create_token): Modify arguments. Call get_initgroups_sidlist and
        get_setgroups_sidlist as needed. Set SE_GROUP_LOGON_ID from auth_pos
        outside of the loop. Rename the various group sid lists consistently.
        * syscalls.cc (seteuid32): Modify to use cygheap->user.groups.
        (setegid32): Call cygheap->user.groups.update_pgrp.
        * grp.cc (setgroups): Create.
        (setgroups32): Create.
        * uinfo.cc (internal_getlogin): Initialize and update user.groups.pgsid.
        * cygwin.din: Add setgroups and setgroups32.
This commit is contained in:
Corinna Vinschen
2002-07-29 12:51:52 +00:00
parent eb5720f255
commit 5519d54352
9 changed files with 458 additions and 227 deletions

View File

@@ -86,40 +86,63 @@ public:
}
};
typedef enum { cygsidlist_unknown, cygsidlist_alloc, cygsidlist_auto } cygsidlist_type;
class cygsidlist {
int maxcount;
public:
int count;
cygsid *sids;
cygsidlist_type type;
cygsidlist () : count (0), sids (NULL) {}
~cygsidlist () { delete [] sids; }
BOOL add (cygsid &nsi)
cygsidlist (cygsidlist_type t, int m)
{
cygsid *tmp = new cygsid [count + 1];
if (!tmp)
return FALSE;
for (int i = 0; i < count; ++i)
tmp[i] = sids[i];
delete [] sids;
sids = tmp;
type = t;
count = 0;
maxcount = m;
if (t == cygsidlist_alloc)
sids = alloc_sids (m);
else
sids = new cygsid [m];
}
~cygsidlist () { if (type == cygsidlist_auto) delete [] sids; }
BOOL add (const PSID nsi) /* Only with auto for now */
{
if (count >= maxcount)
{
cygsid *tmp = new cygsid [ 2 * maxcount];
if (!tmp)
return FALSE;
maxcount *= 2;
for (int i = 0; i < count; ++i)
tmp[i] = sids[i];
delete [] sids;
sids = tmp;
}
sids[count++] = nsi;
return TRUE;
}
BOOL add (const PSID nsid) { return add (nsid); }
BOOL add (cygsid &nsi) { return add ((PSID) nsi); }
BOOL add (const char *sidstr)
{ cygsid nsi (sidstr); return add (nsi); }
BOOL addfromgr (struct __group32 *gr) /* Only with alloc */
{ return sids[count++].getfromgr (gr); }
BOOL operator+= (cygsid &si) { return add (si); }
BOOL operator+= (const char *sidstr) { return add (sidstr); }
BOOL operator+= (const PSID psid) { return add (psid); }
BOOL contains (cygsid &sid) const
int position (const PSID sid) const
{
for (int i = 0; i < count; ++i)
if (sids[i] == sid)
return TRUE;
return FALSE;
return i;
return -1;
}
BOOL contains (const PSID sid) const { return position (sid) >= 0; }
cygsid *alloc_sids (int n);
void free_sids ();
void debug_print (const char *prefix = NULL) const
{
debug_printf ("-- begin sidlist ---");
@@ -131,6 +154,26 @@ public:
}
};
class user_groups {
public:
cygsid pgsid;
cygsidlist sgsids;
BOOL ischanged;
BOOL issetgroups () const { return (sgsids.type == cygsidlist_alloc); }
void update_supp (const cygsidlist &newsids)
{
sgsids.free_sids ();
sgsids = newsids;
ischanged = TRUE;
}
void update_pgrp (const PSID sid)
{
pgsid = sid;
ischanged = TRUE;
}
};
extern cygsid well_known_null_sid;
extern cygsid well_known_world_sid;
extern cygsid well_known_local_sid;
@@ -180,9 +223,9 @@ void set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa,
/* Try a subauthentication. */
HANDLE subauth (struct passwd *pw);
/* Try creating a token directly. */
HANDLE create_token (cygsid &usersid, cygsid &pgrpsid, struct passwd * pw);
HANDLE create_token (cygsid &usersid, user_groups &groups, struct passwd * pw);
/* Verify an existing token */
BOOL verify_token (HANDLE token, cygsid &usersid, cygsid &pgrpsid, BOOL * pintern = NULL);
BOOL verify_token (HANDLE token, cygsid &usersid, user_groups &groups, BOOL * pintern = NULL);
/* Extract U-domain\user field from passwd entry. */
void extract_nt_dom_user (const struct passwd *pw, char *domain, char *user);