diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2000-06-16 19:36:07 +0000 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2000-06-16 19:36:07 +0000 |
| commit | 64b3062937b791faafddc02e9d38102a75b37a7a (patch) | |
| tree | 48895becfe9d6a9816a99573c1dd716878d67fa4 /winsup/cygwin/security.cc | |
| parent | 3875d9e65223107ecc5ee8ce7f6510e092779da9 (diff) | |
| download | cygnal-64b3062937b791faafddc02e9d38102a75b37a7a.tar.gz cygnal-64b3062937b791faafddc02e9d38102a75b37a7a.tar.bz2 cygnal-64b3062937b791faafddc02e9d38102a75b37a7a.zip | |
* cygwin.din: Define symbols for `cygwin_logon_user' and
`cygwin_set_impersonation_token'.
* dcrt0.cc (dll_crt0_1): Eliminate superfluous conditional
statements.
Add load statements for `ImpersonateLoggedOnUser', `LogonUserA'
and `RevertToSelf'.
* fork.cc (fork): Care for correct impersonation of parent
and child process.
* security.cc (cygwin_set_impersonation_token): New function.
(cygwin_logon_user): Ditto.
shared.h (class pinfo): New members `orig_uid', `orig_gid',
`real_uid' nad `real_gid'.
spawn.cc (spawn_guts): Care for impersonation when starting
child process in a different user context.
* syscalls.cc (setgid): Call `setegid' now. Set real_gid.
(setuid): Call `seteuid' now. Set real_uid.
(seteuid): Functionality moved from setuid to here. Care for
correct impersonation.
(setegid): Functionality moved from setgid to here.
* uinfo.cc (uinfo_init): Initialization of additional pinfo
members.
(getuid): Return real uid.
(getgid): Return real gid.
(geteuid): Return effective uid.
(getegid): Return effective gid.
include/sys/cygwin.h: Add prototypes for `cygwin_logon_user' and
`cygwin_set_impersonation_token'.
include/cygwin/version.h: Bumb API minor version to 22.
Diffstat (limited to 'winsup/cygwin/security.cc')
| -rw-r--r-- | winsup/cygwin/security.cc | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 8537a6db6..c468235fc 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -374,6 +374,73 @@ got_it: return TRUE; } +extern "C" +void +cygwin_set_impersonation_token (const HANDLE hToken) +{ + debug_printf ("set_impersonation_token (%d)", hToken); + if (myself->token != hToken) + { + if (myself->token != INVALID_HANDLE_VALUE) + CloseHandle (myself->token); + myself->token = hToken; + myself->impersonated = FALSE; + } +} + +extern "C" +HANDLE +cygwin_logon_user (const struct passwd *pw, const char *password) +{ + if (os_being_run != winNT) + { + set_errno (ENOSYS); + return INVALID_HANDLE_VALUE; + } + if (!pw) + { + set_errno (EINVAL); + return INVALID_HANDLE_VALUE; + } + + char *c, *nt_user, *nt_domain = NULL; + char usernamebuf[256]; + HANDLE hToken; + + strcpy (usernamebuf, pw->pw_name); + if (pw->pw_gecos) + { + if ((c = strstr (pw->pw_gecos, "U-")) != NULL && + (c == pw->pw_gecos || c[-1] == ',')) + { + usernamebuf[0] = '\0'; + strncat (usernamebuf, c + 2, 255); + if ((c = strchr (usernamebuf, ',')) != NULL) + *c = '\0'; + } + } + nt_user = usernamebuf; + if ((c = strchr (nt_user, '\\')) != NULL) + { + nt_domain = nt_user; + *c = '\0'; + nt_user = c + 1; + } + if (! LogonUserA (nt_user, nt_domain, (char *) password, + LOGON32_LOGON_INTERACTIVE, + LOGON32_PROVIDER_DEFAULT, + &hToken) + || !SetHandleInformation (hToken, + HANDLE_FLAG_INHERIT, + HANDLE_FLAG_INHERIT)) + { + __seterrno (); + return INVALID_HANDLE_VALUE; + } + debug_printf ("%d = logon_user(%s,...)", hToken, pw->pw_name); + return hToken; +} + /* read_sd reads a security descriptor from a file. In case of error, -1 is returned and errno is set. If sd_buf is too small, 0 is returned and sd_size |