drew
/
acadia-newlib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* syscalls.cc (chmod): Simplify conditional. 

* sec_helper (cygsid::getfromstr): Reorganize to remove
	calls to strcpy and strtok_r.
	(cygsid::getfromgr): Change type to __uid32_t instead of int.
	Keep only the allow_ntsec branch. Never call LookupAccountSid
	which calls PDCs, simply return -1 in case of failure.
	Use cygsid == instead of calling EqualSid and remove test
	for NULL psid.
	* security.h: Declare cygsid::getfromgr as __uid32_t.
This commit is contained in:
Corinna Vinschen 2002-11-12 15:51:11 +00:00
parent bc612556a8
commit 7a11fe607e
4 changed files with 64 additions and 135 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,15 @@
2002-11-12 Pierre Humblet <pierre.humblet@ieee.org>
* syscalls.cc (chmod): Simplify conditional.
* sec_helper (cygsid::getfromstr): Reorganize to remove
calls to strcpy and strtok_r.
(cygsid::getfromgr): Change type to __uid32_t instead of int.
Keep only the allow_ntsec branch. Never call LookupAccountSid
which calls PDCs, simply return -1 in case of failure.
Use cygsid == instead of calling EqualSid and remove test
for NULL psid.
* security.h: Declare cygsid::getfromgr as __uid32_t.
2002-11-10 Corinna Vinschen <corinna@vinschen.de> 2002-11-10 Corinna Vinschen <corinna@vinschen.de>
* net.cc: Run indent. * net.cc: Run indent.

176
winsup/cygwin/sec_helper.cc
View File

@ -99,29 +99,19 @@ cygsid::get_sid (DWORD s, DWORD cnt, DWORD *r)
const PSID const PSID
cygsid::getfromstr (const char *nsidstr) cygsid::getfromstr (const char *nsidstr)
{ {
char sid_buf[256]; char *lasts;
char *t, *lasts; DWORD s, cnt = 0;
DWORD cnt = 0; DWORD r[8];
DWORD s = 0;
DWORD i, r[8];
if (!nsidstr || strncmp (nsidstr, "S-1-", 4)) if (nsidstr && !strncmp (nsidstr, "S-1-", 4))
{ {
psid = NO_SID; s = strtoul (nsidstr + 4, &lasts, 10);
return NULL; while ( cnt < 8 && *lasts == '-')
r[cnt++] = strtoul (lasts + 1, &lasts, 10);
if (!*lasts)
return get_sid (s, cnt, r);
} }
return psid = NO_SID;
strcpy (sid_buf, nsidstr);
for (t = sid_buf + 4, i = 0;
cnt < 8 && (t = strtok_r (t, "-", &lasts));
t = NULL, ++i)
if (i == 0)
s = strtoul (t, NULL, 10);
else
r[cnt++] = strtoul (t, NULL, 10);
return get_sid (s, cnt, r);
} }
BOOL BOOL
@ -138,124 +128,54 @@ cygsid::getfromgr (const struct __group32 *gr)
return (*this = sp ?: "") != NULL; return (*this = sp ?: "") != NULL;
} }
int __uid32_t
cygsid::get_id (BOOL search_grp, int *type) cygsid::get_id (BOOL search_grp, int *type)
{ {
if (!psid)
{
set_errno (EINVAL);
return -1;
}
if (!IsValidSid (psid))
{
__seterrno ();
system_printf ("IsValidSid failed with %E");
return -1;
}
/* First try to get SID from passwd or group entry */ /* First try to get SID from passwd or group entry */
if (allow_ntsec) cygsid sid;
__uid32_t id = ILLEGAL_UID;
if (!search_grp)
{ {
cygsid sid; struct passwd *pw;
int id = -1; if (*this == cygheap->user.sid ())
id = myself->uid;
if (!search_grp) else
for (int pidx = 0; (pw = internal_getpwent (pidx)); ++pidx)
{
if (sid.getfrompw (pw) && sid == psid)
{
id = pw->pw_uid;
break;
}
}
if (id != ILLEGAL_UID)
{ {
struct passwd *pw; if (type)
if (EqualSid(psid, cygheap->user.sid ())) *type = USER;
id = myself->uid; return id;
else }
for (int pidx = 0; (pw = internal_getpwent (pidx)); ++pidx)
{
if (sid.getfrompw (pw) && sid == psid)
{
id = pw->pw_uid;
break;
}
}
if (id >= 0)
{
if (type)
*type = USER;
return id;
}
}
if (search_grp || type)
{
struct __group32 *gr;
if (cygheap->user.groups.pgsid == psid)
id = myself->gid;
else
for (int gidx = 0; (gr = internal_getgrent (gidx)); ++gidx)
{
if (sid.getfromgr (gr) && sid == psid)
{
id = gr->gr_gid;
break;
}
}
if (id >= 0)
{
if (type)
*type = GROUP;
return id;
}
}
} }
if (search_grp || type)
/* We use the RID as default UID/GID */
int id = *GetSidSubAuthority (psid, *GetSidSubAuthorityCount (psid) - 1);
/*
* The RID maybe -1 if accountname == computername.
* In this case we search for the accountname in the passwd and group files.
* If type is needed, we search in each case.
*/
if (id == -1 || type)
{ {
char account[UNLEN + 1]; struct __group32 *gr;
char domain[INTERNET_MAX_HOST_NAME_LENGTH + 1]; if (cygheap->user.groups.pgsid == psid)
DWORD acc_len = UNLEN + 1; id = myself->gid;
DWORD dom_len = INTERNET_MAX_HOST_NAME_LENGTH + 1; else
SID_NAME_USE acc_type; for (int gidx = 0; (gr = internal_getgrent (gidx)); ++gidx)
{
if (!LookupAccountSid (NULL, psid, account, &acc_len, if (sid.getfromgr (gr) && sid == psid)
domain, &dom_len, &acc_type))
{
__seterrno ();
return -1;
}
switch (acc_type)
{
case SidTypeGroup:
case SidTypeAlias:
case SidTypeWellKnownGroup:
if (type)
*type = GROUP;
if (id == -1)
{ {
struct __group32 *gr = getgrnam32 (account); id = gr->gr_gid;
if (gr) break;
id = gr->gr_gid;
} }
break; }
case SidTypeUser: if (id != ILLEGAL_UID)
if (type) {
*type = USER; if (type)
if (id == -1) *type = GROUP;
{
struct passwd *pw = getpwnam (account);
if (pw)
id = pw->pw_uid;
}
break;
default:
break;
} }
} }
if (id == -1)
id = getuid32 ();
return id; return id;
} }

2
winsup/cygwin/security.h
View File

@ -57,7 +57,7 @@ public:
BOOL getfrompw (const struct passwd *pw); BOOL getfrompw (const struct passwd *pw);
BOOL getfromgr (const struct __group32 *gr); BOOL getfromgr (const struct __group32 *gr);
int get_id (BOOL search_grp, int *type = NULL); __uid32_t get_id (BOOL search_grp, int *type = NULL);
inline int get_uid () { return get_id (FALSE); } inline int get_uid () { return get_id (FALSE); }
inline int get_gid () { return get_id (TRUE); } inline int get_gid () { return get_id (TRUE); }

9
winsup/cygwin/syscalls.cc
View File

@ -964,12 +964,9 @@ chmod (const char *path, mode_t mode)
if (!SetFileAttributes (win32_path, win32_path)) if (!SetFileAttributes (win32_path, win32_path))
__seterrno (); __seterrno ();
else else if (!allow_ntsec)
{ /* Correct NTFS security attributes have higher priority */
/* Correct NTFS security attributes have higher priority */ res = 0;
if (res == 0 || !allow_ntsec)
res = 0;
}
} }
done: done: