From ce132d0ffdcaac7a94e55c9fb9e84f8de134a97d Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Wed, 8 Jun 2005 10:06:17 +0000
Subject: 	* security.cc (cygwin_logon_user): Run LogonUser in the
 primary 	process token context.  Fix potential handle leak.

---
 winsup/cygwin/security.cc | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

(limited to 'winsup/cygwin/security.cc')

diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index aa961c90c..c589513ae 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -124,17 +124,26 @@ cygwin_logon_user (const struct passwd *pw, const char *password)
 
   extract_nt_dom_user (pw, nt_domain, nt_user);
   debug_printf ("LogonUserA (%s, %s, %s, ...)", nt_user, nt_domain, password);
+  /* CV 2005-06-08: LogonUser should run under the primary process token,
+     otherwise it returns with ERROR_ACCESS_DENIED on W2K. Don't ask me why. */
+  RevertToSelf ();
   if (!LogonUserA (nt_user, *nt_domain ? nt_domain : NULL, (char *) password,
 		   LOGON32_LOGON_INTERACTIVE,
 		   LOGON32_PROVIDER_DEFAULT,
-		   &hToken)
-      || !SetHandleInformation (hToken,
-				HANDLE_FLAG_INHERIT,
-				HANDLE_FLAG_INHERIT))
+		   &hToken))
     {
       __seterrno ();
-      return INVALID_HANDLE_VALUE;
+      hToken = INVALID_HANDLE_VALUE;
+    }
+  else if (!SetHandleInformation (hToken,
+				  HANDLE_FLAG_INHERIT,
+				  HANDLE_FLAG_INHERIT))
+    {
+      __seterrno ();
+      CloseHandle (hToken);
+      hToken = INVALID_HANDLE_VALUE;
     }
+  cygheap->user.reimpersonate ();
   debug_printf ("%d = logon_user(%s,...)", hToken, pw->pw_name);
   return hToken;
 }
-- 
cgit v1.2.3