* sec_auth.cc (lsaauth): Remove local definitions of struct

_TOKEN_LINKED_TOKEN and TokenLinkedToken in favor of definitions
	from winnt.h.
	(lsaprivkeyauth): As in lsaauth, fetch linked token if available and
	return that in favor of default token.

winsup/cygwin/ChangeLog

@@ -1,3 +1,11 @@
+2009-03-18  Corinna Vinschen  <corinna@vinschen.de>
+
+	* sec_auth.cc (lsaauth): Remove local definitions of struct
+	_TOKEN_LINKED_TOKEN and TokenLinkedToken in favor of definitions
+	from winnt.h.
+	(lsaprivkeyauth): As in lsaauth, fetch linked token if available and
+	return that in favor of default token.
+
 2009-03-15  Yaakov Selkowitz <yselkowitz@users.sourceforge.net>
 
 	* errno.cc (_sys_errlist): Add ESTRPIPE.

winsup/cygwin/sec_auth.cc

@@ -1108,12 +1108,6 @@ lsaauth (cygsid &usersid, user_groups &new_groups, struct passwd *pw)
 
   if (wincap.has_mandatory_integrity_control ())
     {
-      typedef struct _TOKEN_LINKED_TOKEN
-      {
-	HANDLE LinkedToken;
-      } TOKEN_LINKED_TOKEN, *PTOKEN_LINKED_TOKEN;
-#     define TokenLinkedToken ((TOKEN_INFORMATION_CLASS) 19)
-
       TOKEN_LINKED_TOKEN linked;
 
       if (GetTokenInformation (user_token, TokenLinkedToken,
@@ -1200,14 +1194,29 @@ lsaprivkeyauth (struct passwd *pw)
       __seterrno ();
       token = NULL;
     }
-  else if (!SetHandleInformation (token,
-				  HANDLE_FLAG_INHERIT,
+  else
+    {
+      if (wincap.has_mandatory_integrity_control ())
+	{
+	  TOKEN_LINKED_TOKEN linked;
+	  DWORD size;
+
+	  if (GetTokenInformation (token, TokenLinkedToken,
+				   (PVOID) &linked, sizeof linked, &size))
+	    {
+	      debug_printf ("Linked Token: %p", linked.LinkedToken);
+	      if (linked.LinkedToken)
+		token = linked.LinkedToken;
+	    }
+	}
+      if (!SetHandleInformation (token, HANDLE_FLAG_INHERIT,
 				 HANDLE_FLAG_INHERIT))
 	{
 	  __seterrno ();
 	  CloseHandle (token);
 	  token = NULL;
 	}
+    }
 
 out:
   close_local_policy (lsa);