From 64b3062937b791faafddc02e9d38102a75b37a7a Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Fri, 16 Jun 2000 19:36:07 +0000
Subject:         * cygwin.din: Define symbols for `cygwin_logon_user' and     
    `cygwin_set_impersonation_token'.         * dcrt0.cc (dll_crt0_1):
 Eliminate superfluous conditional         statements.         Add load
 statements for `ImpersonateLoggedOnUser', `LogonUserA'         and
 `RevertToSelf'.         * fork.cc (fork): Care for correct impersonation of
 parent         and child process.         * security.cc
 (cygwin_set_impersonation_token): New function.         (cygwin_logon_user):
 Ditto.         shared.h (class pinfo): New members `orig_uid', `orig_gid',   
      `real_uid' nad `real_gid'.         spawn.cc (spawn_guts): Care for
 impersonation when starting         child process in a different user
 context.         * syscalls.cc (setgid): Call `setegid' now. Set real_gid.   
      (setuid): Call `seteuid' now. Set real_uid.         (seteuid):
 Functionality moved from setuid to here. Care for         correct
 impersonation.         (setegid): Functionality moved from setgid to here.   
      * uinfo.cc (uinfo_init): Initialization of additional pinfo        
 members.         (getuid): Return real uid.         (getgid): Return real
 gid.         (geteuid): Return effective uid.         (getegid): Return
 effective gid.         include/sys/cygwin.h: Add prototypes for
 `cygwin_logon_user' and         `cygwin_set_impersonation_token'.        
 include/cygwin/version.h: Bumb API minor version to 22.

---
 winsup/cygwin/security.cc | 67 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)

(limited to 'winsup/cygwin/security.cc')

diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index 8537a6db6..c468235fc 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -374,6 +374,73 @@ got_it:
   return TRUE;
 }
 
+extern "C"
+void
+cygwin_set_impersonation_token (const HANDLE hToken)
+{
+  debug_printf ("set_impersonation_token (%d)", hToken);
+  if (myself->token != hToken)
+    {
+      if (myself->token != INVALID_HANDLE_VALUE)
+        CloseHandle (myself->token);
+      myself->token = hToken;
+      myself->impersonated = FALSE;
+    }
+}
+
+extern "C"
+HANDLE
+cygwin_logon_user (const struct passwd *pw, const char *password)
+{
+  if (os_being_run != winNT)
+    {
+      set_errno (ENOSYS);
+      return INVALID_HANDLE_VALUE;
+    }
+  if (!pw)
+    {
+      set_errno (EINVAL);
+      return INVALID_HANDLE_VALUE;
+    }
+
+  char *c, *nt_user, *nt_domain = NULL;
+  char usernamebuf[256];
+  HANDLE hToken;
+
+  strcpy (usernamebuf, pw->pw_name);
+  if (pw->pw_gecos)
+    {
+      if ((c = strstr (pw->pw_gecos, "U-")) != NULL &&
+          (c == pw->pw_gecos || c[-1] == ','))
+        {
+          usernamebuf[0] = '\0';
+          strncat (usernamebuf, c + 2, 255);
+          if ((c = strchr (usernamebuf, ',')) != NULL)
+            *c = '\0';
+        }
+    }
+  nt_user = usernamebuf;
+  if ((c = strchr (nt_user, '\\')) != NULL)
+    {
+      nt_domain = nt_user;
+      *c = '\0';
+      nt_user = c + 1;
+    }
+  if (! LogonUserA (nt_user, nt_domain, (char *) password,
+                    LOGON32_LOGON_INTERACTIVE,
+                    LOGON32_PROVIDER_DEFAULT,
+                    &hToken)
+      || !SetHandleInformation (hToken,
+                                HANDLE_FLAG_INHERIT,
+                                HANDLE_FLAG_INHERIT))
+    {
+      __seterrno ();
+      return INVALID_HANDLE_VALUE;
+    }
+  debug_printf ("%d = logon_user(%s,...)", hToken, pw->pw_name);
+  return hToken;
+}
+
 /* read_sd reads a security descriptor from a file.
    In case of error, -1 is returned and errno is set.
    If sd_buf is too small, 0 is returned and sd_size
-- 
cgit v1.2.3