diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2002-07-29 12:51:52 +0000 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2002-07-29 12:51:52 +0000 |
| commit | 5519d54352e7bdc6d77186cef46dbafc86946bcf (patch) | |
| tree | 7b69706b4f2ed5aa997ddff5a367d757bb7afb8e /winsup/cygwin/security.h | |
| parent | eb5720f25501cd7e9b8115bb0220bef058bb5afd (diff) | |
| download | newlib-5519d54352e7bdc6d77186cef46dbafc86946bcf.zip newlib-5519d54352e7bdc6d77186cef46dbafc86946bcf.tar.gz newlib-5519d54352e7bdc6d77186cef46dbafc86946bcf.tar.bz2 | |
* security.cc: Change some formatting.
* include/cygwin/version.h: Bump API minor version.
* cygheap.h (class cygheap_user): Add member groups.
* security.h (class cygsidlist): Add members type and maxcount,
methods position, addfromgr, alloc_sids and free_sids and
operator+= (const PSID psid). Modify contains () to call
position () and optimize add () to use maxcount.
(class user_groups): Create.
Update declarations of verify_token and create_token.
* security.cc (cygsidlist::alloc_sids): New.
(cygsidlist::free_sids): New.
(get_token_group_sidlist): Create from get_group_sidlist.
(get_initgroups_sidlist): Create from get_group_sidlist.
(get_group_sidlist): Suppress.
(get_setgroups_sidlist): Create.
(verify_token): Modify arguments. Add setgroups case.
(create_token): Modify arguments. Call get_initgroups_sidlist and
get_setgroups_sidlist as needed. Set SE_GROUP_LOGON_ID from auth_pos
outside of the loop. Rename the various group sid lists consistently.
* syscalls.cc (seteuid32): Modify to use cygheap->user.groups.
(setegid32): Call cygheap->user.groups.update_pgrp.
* grp.cc (setgroups): Create.
(setgroups32): Create.
* uinfo.cc (internal_getlogin): Initialize and update user.groups.pgsid.
* cygwin.din: Add setgroups and setgroups32.
Diffstat (limited to 'winsup/cygwin/security.h')
| -rw-r--r-- | winsup/cygwin/security.h | 75 |
1 files changed, 59 insertions, 16 deletions
diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h index 1edcc57..580d7c1 100644 --- a/winsup/cygwin/security.h +++ b/winsup/cygwin/security.h @@ -86,40 +86,63 @@ public: } }; +typedef enum { cygsidlist_unknown, cygsidlist_alloc, cygsidlist_auto } cygsidlist_type; class cygsidlist { + int maxcount; public: int count; cygsid *sids; + cygsidlist_type type; - cygsidlist () : count (0), sids (NULL) {} - ~cygsidlist () { delete [] sids; } + cygsidlist (cygsidlist_type t, int m) + { + type = t; + count = 0; + maxcount = m; + if (t == cygsidlist_alloc) + sids = alloc_sids (m); + else + sids = new cygsid [m]; + } + ~cygsidlist () { if (type == cygsidlist_auto) delete [] sids; } - BOOL add (cygsid &nsi) + BOOL add (const PSID nsi) /* Only with auto for now */ { - cygsid *tmp = new cygsid [count + 1]; - if (!tmp) - return FALSE; - for (int i = 0; i < count; ++i) - tmp[i] = sids[i]; - delete [] sids; - sids = tmp; + if (count >= maxcount) + { + cygsid *tmp = new cygsid [ 2 * maxcount]; + if (!tmp) + return FALSE; + maxcount *= 2; + for (int i = 0; i < count; ++i) + tmp[i] = sids[i]; + delete [] sids; + sids = tmp; + } sids[count++] = nsi; return TRUE; } - BOOL add (const PSID nsid) { return add (nsid); } + BOOL add (cygsid &nsi) { return add ((PSID) nsi); } BOOL add (const char *sidstr) { cygsid nsi (sidstr); return add (nsi); } + BOOL addfromgr (struct __group32 *gr) /* Only with alloc */ + { return sids[count++].getfromgr (gr); } BOOL operator+= (cygsid &si) { return add (si); } BOOL operator+= (const char *sidstr) { return add (sidstr); } + BOOL operator+= (const PSID psid) { return add (psid); } - BOOL contains (cygsid &sid) const + int position (const PSID sid) const { for (int i = 0; i < count; ++i) if (sids[i] == sid) - return TRUE; - return FALSE; + return i; + return -1; } + + BOOL contains (const PSID sid) const { return position (sid) >= 0; } + cygsid *alloc_sids (int n); + void free_sids (); void debug_print (const char *prefix = NULL) const { debug_printf ("-- begin sidlist ---"); @@ -131,6 +154,26 @@ public: } }; +class user_groups { +public: + cygsid pgsid; + cygsidlist sgsids; + BOOL ischanged; + + BOOL issetgroups () const { return (sgsids.type == cygsidlist_alloc); } + void update_supp (const cygsidlist &newsids) + { + sgsids.free_sids (); + sgsids = newsids; + ischanged = TRUE; + } + void update_pgrp (const PSID sid) + { + pgsid = sid; + ischanged = TRUE; + } +}; + extern cygsid well_known_null_sid; extern cygsid well_known_world_sid; extern cygsid well_known_local_sid; @@ -180,9 +223,9 @@ void set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa, /* Try a subauthentication. */ HANDLE subauth (struct passwd *pw); /* Try creating a token directly. */ -HANDLE create_token (cygsid &usersid, cygsid &pgrpsid, struct passwd * pw); +HANDLE create_token (cygsid &usersid, user_groups &groups, struct passwd * pw); /* Verify an existing token */ -BOOL verify_token (HANDLE token, cygsid &usersid, cygsid &pgrpsid, BOOL * pintern = NULL); +BOOL verify_token (HANDLE token, cygsid &usersid, user_groups &groups, BOOL * pintern = NULL); /* Extract U-domain\user field from passwd entry. */ void extract_nt_dom_user (const struct passwd *pw, char *domain, char *user); |