* security.h (cygsidlist::addfromgr): Allow duplicate entries.
(get_server_groups): Declare new function. * security.cc (is_group_member): Simplify. (get_server_groups): New function. (get_initgroups_sidlist): Call get_server_groups. (verify_token): Allow token when supplementary sids are not in /etc/group but are in the token. Streamline the code. * grp.cc (initgroups32): New implementation. (getgroups32): Handle case where the supplementary groups are set.
This commit is contained in:
@@ -148,8 +148,7 @@ public:
|
||||
BOOL add (const char *sidstr)
|
||||
{ cygsid nsi (sidstr); return add (nsi); }
|
||||
BOOL addfromgr (struct __group32 *gr) /* Only with alloc */
|
||||
{ return sids[count].getfromgr (gr)
|
||||
&& (contains (sids[count]) || ++count); }
|
||||
{ return sids[count].getfromgr (gr) && ++count; }
|
||||
|
||||
BOOL operator+= (cygsid &si) { return add (si); }
|
||||
BOOL operator+= (const char *sidstr) { return add (sidstr); }
|
||||
@@ -326,6 +325,8 @@ HANDLE subauth (struct passwd *pw);
|
||||
HANDLE create_token (cygsid &usersid, user_groups &groups, struct passwd * pw);
|
||||
/* Verify an existing token */
|
||||
bool verify_token (HANDLE token, cygsid &usersid, user_groups &groups, bool *pintern = NULL);
|
||||
/* Get groups of a user */
|
||||
bool get_server_groups (cygsidlist &grp_list, PSID usersid, struct passwd *pw);
|
||||
|
||||
/* Extract U-domain\user field from passwd entry. */
|
||||
void extract_nt_dom_user (const struct passwd *pw, char *domain, char *user);
|
||||
|
Reference in New Issue
Block a user