From ea3ba114990eb77ddf74d054bd01418ca580cb0b Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Mon, 14 Jul 2003 17:04:21 +0000
Subject: 	* cygheap.h (class cygheap_user): Use INVALID_HANDLE_VALUE as
 invalid 	value for tokens. 	* syscalls.cc (seteuid32): Ditto.  Set
 new_token to process token if 	process token is suitable. 	* uinfo.cc
 (uinfo_init): Initialize tokens in cygheap user info 	to
 INVALID_HANDLE_VALUE.

	* cygheap.h (enum impersonation): Delete.
	(cygheap_user::impersonation_state): Delete.
	(cygheap_user::current_token): New.
	(cygheap_user::issetuid): Modify to use current_token.
	(cygheap_user::token): Ditto.
	(cygheap_user::deimpersonate): Ditto.
	(cygheap_user::reimpersonate): Ditto.
	(cygheap_user::has_impersonation_tokens): Ditto.
	(cygheap_user::close_impersonation_tokens): Ditto.
	* security.cc (cygwin_set_impersonation_token): Always set the token.
	(verify_token): Change type of gsid to cygpsid.
	(get_file_attribute): Use the effective ids.
	* syscalls.cc (seteuid32): Modify to use cygheap_user::current_token.
	* uinfo.cc (uinfo_init) Do not set cygheap->user.impersonation_state.
---
 winsup/cygwin/security.cc | 21 ++++++---------------
 1 file changed, 6 insertions(+), 15 deletions(-)

(limited to 'winsup/cygwin/security.cc')

diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index c08e1abe3..7f7d9d1bd 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -69,17 +69,8 @@ extern "C" void
 cygwin_set_impersonation_token (const HANDLE hToken)
 {
   debug_printf ("set_impersonation_token (%d)", hToken);
-  if (cygheap->user.impersonation_state == IMP_EXTERNAL
-      && cygheap->user.external_token != hToken)
-    {
-      set_errno (EPERM);
-      return;
-    }
-  else
-    {
-      cygheap->user.external_token = hToken;
-      return;
-    }
+  cygheap->user.external_token = hToken;
+  return;
 }
 
 void
@@ -741,13 +732,13 @@ verify_token (HANDLE token, cygsid &usersid, user_groups &groups, BOOL *pintern)
   if (intern && !groups.issetgroups ())
     {
       char sd_buf[MAX_SID_LEN + sizeof (SECURITY_DESCRIPTOR)];
-      PSID gsid = NO_SID;
+      cygpsid gsid (NO_SID);
       if (!GetKernelObjectSecurity (token, GROUP_SECURITY_INFORMATION,
 				    (PSECURITY_DESCRIPTOR) sd_buf,
 				    sizeof sd_buf, &size))
 	debug_printf ("GetKernelObjectSecurity(): %E");
       else if (!GetSecurityDescriptorGroup ((PSECURITY_DESCRIPTOR) sd_buf,
-					    &gsid, (BOOL *) &size))
+					    (PSID *) &gsid, (BOOL *) &size))
 	debug_printf ("GetSecurityDescriptorGroup(): %E");
       if (well_known_null_sid != gsid)
 	return gsid == groups.pgsid;
@@ -1414,9 +1405,9 @@ get_file_attribute (int use_ntsec, const char *file,
     }
 
   if (uidret)
-    *uidret = getuid32 ();
+    *uidret = myself->uid;
   if (gidret)
-    *gidret = getgid32 ();
+    *gidret = myself->gid;
 
   if (!attribute)
     return 0;
-- 
cgit v1.2.3