* security.h (cygsidlist::addfromgr): Allow duplicate entries.

(get_server_groups): Declare new function.
	* security.cc (is_group_member): Simplify.
	(get_server_groups): New function.
	(get_initgroups_sidlist): Call get_server_groups.
	(verify_token): Allow token when supplementary sids are not in
	/etc/group but are in the token.
	Streamline the code.
	* grp.cc (initgroups32): New implementation.
	(getgroups32): Handle case where the supplementary groups are set.
This commit is contained in:
Corinna Vinschen
2005-04-16 15:21:47 +00:00
parent 00c05edcf1
commit 68a3f0d34a
4 changed files with 131 additions and 66 deletions

View File

@@ -148,8 +148,7 @@ public:
BOOL add (const char *sidstr)
{ cygsid nsi (sidstr); return add (nsi); }
BOOL addfromgr (struct __group32 *gr) /* Only with alloc */
{ return sids[count].getfromgr (gr)
&& (contains (sids[count]) || ++count); }
{ return sids[count].getfromgr (gr) && ++count; }
BOOL operator+= (cygsid &si) { return add (si); }
BOOL operator+= (const char *sidstr) { return add (sidstr); }
@@ -326,6 +325,8 @@ HANDLE subauth (struct passwd *pw);
HANDLE create_token (cygsid &usersid, user_groups &groups, struct passwd * pw);
/* Verify an existing token */
bool verify_token (HANDLE token, cygsid &usersid, user_groups &groups, bool *pintern = NULL);
/* Get groups of a user */
bool get_server_groups (cygsidlist &grp_list, PSID usersid, struct passwd *pw);
/* Extract U-domain\user field from passwd entry. */
void extract_nt_dom_user (const struct passwd *pw, char *domain, char *user);