diff options
author | Corinna Vinschen <corinna@vinschen.de> | 2011-04-28 09:53:11 +0000 |
---|---|---|
committer | Corinna Vinschen <corinna@vinschen.de> | 2011-04-28 09:53:11 +0000 |
commit | 1838d97b0a27fba6511ee718d527e93000231587 (patch) | |
tree | f4bb97e6b32970c5c8fb61bf6436c94b4a31dc80 /winsup/cygwin | |
parent | 1754539e56dcde666394354ec603d5524b0d3e90 (diff) | |
download | newlib-1838d97b0a27fba6511ee718d527e93000231587.zip newlib-1838d97b0a27fba6511ee718d527e93000231587.tar.gz newlib-1838d97b0a27fba6511ee718d527e93000231587.tar.bz2 |
* advapi32.cc (GetSecurityDescriptorDacl): Remove.
(GetSecurityDescriptorGroup): Remove.
(GetSecurityDescriptorOwner): Remove.
* sec_acl.cc: Replace above functions throughout with their ntdll.dll
equivalent. Remove redundant debug output.
* sec_auth.cc: Ditto.
* security.cc: Ditto.
* uinfo.cc: Ditto.
Diffstat (limited to 'winsup/cygwin')
-rw-r--r-- | winsup/cygwin/ChangeLog | 11 | ||||
-rw-r--r-- | winsup/cygwin/advapi32.cc | 23 | ||||
-rw-r--r-- | winsup/cygwin/sec_acl.cc | 36 | ||||
-rw-r--r-- | winsup/cygwin/sec_auth.cc | 11 | ||||
-rw-r--r-- | winsup/cygwin/security.cc | 41 | ||||
-rw-r--r-- | winsup/cygwin/uinfo.cc | 10 |
6 files changed, 68 insertions, 64 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 1f0c1b5..bd1381c 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,5 +1,16 @@ 2011-04-28 Corinna Vinschen <corinna@vinschen.de> + * advapi32.cc (GetSecurityDescriptorDacl): Remove. + (GetSecurityDescriptorGroup): Remove. + (GetSecurityDescriptorOwner): Remove. + * sec_acl.cc: Replace above functions throughout with their ntdll.dll + equivalent. Remove redundant debug output. + * sec_auth.cc: Ditto. + * security.cc: Ditto. + * uinfo.cc: Ditto. + +2011-04-28 Corinna Vinschen <corinna@vinschen.de> + * advapi32.cc (InitializeAcl): Remove. (AddAce): Remove. (FindFirstFreeAce): Remove. diff --git a/winsup/cygwin/advapi32.cc b/winsup/cygwin/advapi32.cc index 7ee92e6..7721ee8 100644 --- a/winsup/cygwin/advapi32.cc +++ b/winsup/cygwin/advapi32.cc @@ -76,15 +76,6 @@ MakeSelfRelativeSD (PSECURITY_DESCRIPTOR abs_sd, PSECURITY_DESCRIPTOR rel_sd, } BOOL WINAPI -GetSecurityDescriptorDacl (PSECURITY_DESCRIPTOR sd, LPBOOL present, PACL *dacl, - LPBOOL def) -{ - NTSTATUS status = RtlGetDaclSecurityDescriptor (sd, (PBOOLEAN) present, dacl, - (PBOOLEAN) def); - DEFAULT_NTSTATUS_TO_BOOL_RETURN -} - -BOOL WINAPI SetSecurityDescriptorDacl (PSECURITY_DESCRIPTOR sd, BOOL present, PACL dacl, BOOL def) { @@ -94,13 +85,6 @@ SetSecurityDescriptorDacl (PSECURITY_DESCRIPTOR sd, BOOL present, PACL dacl, } BOOL WINAPI -GetSecurityDescriptorGroup (PSECURITY_DESCRIPTOR sd, PSID *sid, LPBOOL def) -{ - NTSTATUS status = RtlGetGroupSecurityDescriptor (sd, sid, (PBOOLEAN) def); - DEFAULT_NTSTATUS_TO_BOOL_RETURN -} - -BOOL WINAPI SetSecurityDescriptorGroup (PSECURITY_DESCRIPTOR sd, PSID sid, BOOL def) { NTSTATUS status = RtlSetGroupSecurityDescriptor (sd, sid, (BOOLEAN) !!def); @@ -108,13 +92,6 @@ SetSecurityDescriptorGroup (PSECURITY_DESCRIPTOR sd, PSID sid, BOOL def) } BOOL WINAPI -GetSecurityDescriptorOwner (PSECURITY_DESCRIPTOR sd, PSID *sid, LPBOOL def) -{ - NTSTATUS status = RtlGetOwnerSecurityDescriptor (sd, sid, (PBOOLEAN) def); - DEFAULT_NTSTATUS_TO_BOOL_RETURN -} - -BOOL WINAPI SetSecurityDescriptorOwner (PSECURITY_DESCRIPTOR sd, PSID sid, BOOL def) { NTSTATUS status = RtlSetOwnerSecurityDescriptor (sd, sid, (BOOLEAN) !!def); diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc index 48012e2..e7e79ad 100644 --- a/winsup/cygwin/sec_acl.cc +++ b/winsup/cygwin/sec_acl.cc @@ -47,22 +47,25 @@ setacl (HANDLE handle, path_conv &pc, int nentries, __aclent32_t *aclbufp, if (get_file_sd (handle, pc, sd_ret, false)) return -1; - BOOL dummy; + NTSTATUS status; + BOOLEAN dummy; /* Get owner SID. */ PSID owner_sid; - if (!GetSecurityDescriptorOwner (sd_ret, &owner_sid, &dummy)) + status = RtlGetOwnerSecurityDescriptor (sd_ret, &owner_sid, &dummy); + if (!NT_SUCCESS (status)) { - __seterrno (); + __seterrno_from_nt_status (status); return -1; } cygsid owner (owner_sid); /* Get group SID. */ PSID group_sid; - if (!GetSecurityDescriptorGroup (sd_ret, &group_sid, &dummy)) + status = RtlGetGroupSecurityDescriptor (sd_ret, &group_sid, &dummy); + if (!NT_SUCCESS (status)) { - __seterrno (); + __seterrno_from_nt_status (status); return -1; } cygsid group (group_sid); @@ -272,22 +275,23 @@ getacl (HANDLE handle, path_conv &pc, int nentries, __aclent32_t *aclbufp) cygpsid owner_sid; cygpsid group_sid; - BOOL dummy; + NTSTATUS status; + BOOLEAN dummy; __uid32_t uid; __gid32_t gid; - if (!GetSecurityDescriptorOwner (sd, (PSID *) &owner_sid, &dummy)) + status = RtlGetOwnerSecurityDescriptor (sd, (PSID *) &owner_sid, &dummy); + if (!NT_SUCCESS (status)) { - debug_printf ("GetSecurityDescriptorOwner %E"); - __seterrno (); + __seterrno_from_nt_status (status); return -1; } uid = owner_sid.get_uid (); - if (!GetSecurityDescriptorGroup (sd, (PSID *) &group_sid, &dummy)) + status = RtlGetGroupSecurityDescriptor (sd, (PSID *) &group_sid, &dummy); + if (!NT_SUCCESS (status)) { - debug_printf ("GetSecurityDescriptorGroup %E"); - __seterrno (); + __seterrno_from_nt_status (status); return -1; } gid = group_sid.get_gid (); @@ -305,12 +309,12 @@ getacl (HANDLE handle, path_conv &pc, int nentries, __aclent32_t *aclbufp) lacl[3].a_perm = S_IROTH | S_IWOTH | S_IXOTH; PACL acl; - BOOL acl_exists; + BOOLEAN acl_exists; - if (!GetSecurityDescriptorDacl (sd, &acl_exists, &acl, &dummy)) + status = RtlGetDaclSecurityDescriptor (sd, &acl_exists, &acl, &dummy); + if (!NT_SUCCESS (status)) { - __seterrno (); - debug_printf ("GetSecurityDescriptorDacl %E"); + __seterrno_from_nt_status (status); return -1; } diff --git a/winsup/cygwin/sec_auth.cc b/winsup/cygwin/sec_auth.cc index c0c605e..23e805d 100644 --- a/winsup/cygwin/sec_auth.cc +++ b/winsup/cygwin/sec_auth.cc @@ -692,9 +692,14 @@ verify_token (HANDLE token, cygsid &usersid, user_groups &groups, bool *pintern) sd_buf, sd_buf_siz, &size); if (!NT_SUCCESS (status)) debug_printf ("NtQuerySecurityObject(), %p", status); - else if (!GetSecurityDescriptorGroup (sd_buf, (PSID *) &gsid, - (BOOL *) &size)) - debug_printf ("GetSecurityDescriptorGroup(), %E"); + else + { + BOOLEAN dummy; + status = RtlGetGroupSecurityDescriptor (sd_buf, (PSID *) &gsid, + &dummy); + if (!NT_SUCCESS (status)) + debug_printf ("RtlGetGroupSecurityDescriptor(), %p", status); + } if (well_known_null_sid != gsid) return gsid == groups.pgsid; } diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index a72fb52..9b808cc 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -347,12 +347,15 @@ get_info_from_sd (PSECURITY_DESCRIPTOR psd, mode_t *attribute, cygpsid owner_sid; cygpsid group_sid; - BOOL dummy; + NTSTATUS status; + BOOLEAN dummy; - if (!GetSecurityDescriptorOwner (psd, (PSID *) &owner_sid, &dummy)) - debug_printf ("GetSecurityDescriptorOwner %E"); - if (!GetSecurityDescriptorGroup (psd, (PSID *) &group_sid, &dummy)) - debug_printf ("GetSecurityDescriptorGroup %E"); + status = RtlGetOwnerSecurityDescriptor (psd, (PSID *) &owner_sid, &dummy); + if (!NT_SUCCESS (status)) + debug_printf ("RtlGetOwnerSecurityDescriptor: %p", status); + status = RtlGetGroupSecurityDescriptor (psd, (PSID *) &group_sid, &dummy); + if (!NT_SUCCESS (status)) + debug_printf ("RtlGetGroupSecurityDescriptor: %p", status); __uid32_t uid; __gid32_t gid; @@ -369,12 +372,12 @@ get_info_from_sd (PSECURITY_DESCRIPTOR psd, mode_t *attribute, } PACL acl; - BOOL acl_exists; + BOOLEAN acl_exists; - if (!GetSecurityDescriptorDacl (psd, &acl_exists, &acl, &dummy)) + status = RtlGetDaclSecurityDescriptor (psd, &acl_exists, &acl, &dummy); + if (!NT_SUCCESS (status)) { - __seterrno (); - debug_printf ("GetSecurityDescriptorDacl %E"); + __seterrno_from_nt_status (status); *attribute &= ~(S_IRWXU | S_IRWXG | S_IRWXO); } else if (!acl_exists || !acl) @@ -498,7 +501,8 @@ static PSECURITY_DESCRIPTOR alloc_sd (path_conv &pc, __uid32_t uid, __gid32_t gid, int attribute, security_descriptor &sd_ret) { - BOOL dummy; + NTSTATUS status; + BOOLEAN dummy; tmp_pathbuf tp; /* NOTE: If the high bit of attribute is set, we have just created @@ -509,10 +513,12 @@ alloc_sd (path_conv &pc, __uid32_t uid, __gid32_t gid, int attribute, /* Get owner and group from current security descriptor. */ PSID cur_owner_sid = NULL; PSID cur_group_sid = NULL; - if (!GetSecurityDescriptorOwner (sd_ret, &cur_owner_sid, &dummy)) - debug_printf ("GetSecurityDescriptorOwner %E"); - if (!GetSecurityDescriptorGroup (sd_ret, &cur_group_sid, &dummy)) - debug_printf ("GetSecurityDescriptorGroup %E"); + status = RtlGetOwnerSecurityDescriptor (sd_ret, &cur_owner_sid, &dummy); + if (!NT_SUCCESS (status)) + debug_printf ("RtlGetOwnerSecurityDescriptor: %p", status); + status = RtlGetGroupSecurityDescriptor (sd_ret, &cur_group_sid, &dummy); + if (!NT_SUCCESS (status)) + debug_printf ("RtlGetGroupSecurityDescriptor: %p", status); /* Get SID of owner. */ cygsid owner_sid; @@ -703,12 +709,11 @@ alloc_sd (path_conv &pc, __uid32_t uid, __gid32_t gid, int attribute, /* Fill ACL with unrelated ACEs from current security descriptor. */ PACL oacl; - BOOL acl_exists = FALSE; + BOOLEAN acl_exists = FALSE; ACCESS_ALLOWED_ACE *ace; - NTSTATUS status; - if (GetSecurityDescriptorDacl (sd_ret, &acl_exists, &oacl, &dummy) - && acl_exists && oacl) + status = RtlGetDaclSecurityDescriptor (sd_ret, &acl_exists, &oacl, &dummy); + if (NT_SUCCESS (status) && acl_exists && oacl) for (DWORD i = 0; i < oacl->AceCount; ++i) if (NT_SUCCESS (RtlGetAce (oacl, i, (PVOID *) &ace))) { diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc index 46d4b15..dd2d6ed 100644 --- a/winsup/cygwin/uinfo.cc +++ b/winsup/cygwin/uinfo.cc @@ -84,12 +84,14 @@ cygheap_user::init () psd = (PSECURITY_DESCRIPTOR) (sec_user_nih (sa_buf, sid()))->lpSecurityDescriptor; - BOOL acl_exists, dummy; + NTSTATUS status; + BOOLEAN acl_exists, dummy; TOKEN_DEFAULT_DACL dacl; - if (GetSecurityDescriptorDacl (psd, &acl_exists, &dacl.DefaultDacl, &dummy) - && acl_exists && dacl.DefaultDacl) + + status = RtlGetDaclSecurityDescriptor (psd, &acl_exists, &dacl.DefaultDacl, + &dummy); + if (NT_SUCCESS (status) && acl_exists && dacl.DefaultDacl) { - NTSTATUS status; /* Set the default DACL and the process DACL */ if (!SetTokenInformation (hProcToken, TokenDefaultDacl, &dacl, |