aboutsummaryrefslogtreecommitdiff
path: root/winsup/cygwin
diff options
context:
space:
mode:
authorCorinna Vinschen <corinna@vinschen.de>2011-04-28 09:53:11 +0000
committerCorinna Vinschen <corinna@vinschen.de>2011-04-28 09:53:11 +0000
commit1838d97b0a27fba6511ee718d527e93000231587 (patch)
treef4bb97e6b32970c5c8fb61bf6436c94b4a31dc80 /winsup/cygwin
parent1754539e56dcde666394354ec603d5524b0d3e90 (diff)
downloadnewlib-1838d97b0a27fba6511ee718d527e93000231587.zip
newlib-1838d97b0a27fba6511ee718d527e93000231587.tar.gz
newlib-1838d97b0a27fba6511ee718d527e93000231587.tar.bz2
* advapi32.cc (GetSecurityDescriptorDacl): Remove.
(GetSecurityDescriptorGroup): Remove. (GetSecurityDescriptorOwner): Remove. * sec_acl.cc: Replace above functions throughout with their ntdll.dll equivalent. Remove redundant debug output. * sec_auth.cc: Ditto. * security.cc: Ditto. * uinfo.cc: Ditto.
Diffstat (limited to 'winsup/cygwin')
-rw-r--r--winsup/cygwin/ChangeLog11
-rw-r--r--winsup/cygwin/advapi32.cc23
-rw-r--r--winsup/cygwin/sec_acl.cc36
-rw-r--r--winsup/cygwin/sec_auth.cc11
-rw-r--r--winsup/cygwin/security.cc41
-rw-r--r--winsup/cygwin/uinfo.cc10
6 files changed, 68 insertions, 64 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 1f0c1b5..bd1381c 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,5 +1,16 @@
2011-04-28 Corinna Vinschen <corinna@vinschen.de>
+ * advapi32.cc (GetSecurityDescriptorDacl): Remove.
+ (GetSecurityDescriptorGroup): Remove.
+ (GetSecurityDescriptorOwner): Remove.
+ * sec_acl.cc: Replace above functions throughout with their ntdll.dll
+ equivalent. Remove redundant debug output.
+ * sec_auth.cc: Ditto.
+ * security.cc: Ditto.
+ * uinfo.cc: Ditto.
+
+2011-04-28 Corinna Vinschen <corinna@vinschen.de>
+
* advapi32.cc (InitializeAcl): Remove.
(AddAce): Remove.
(FindFirstFreeAce): Remove.
diff --git a/winsup/cygwin/advapi32.cc b/winsup/cygwin/advapi32.cc
index 7ee92e6..7721ee8 100644
--- a/winsup/cygwin/advapi32.cc
+++ b/winsup/cygwin/advapi32.cc
@@ -76,15 +76,6 @@ MakeSelfRelativeSD (PSECURITY_DESCRIPTOR abs_sd, PSECURITY_DESCRIPTOR rel_sd,
}
BOOL WINAPI
-GetSecurityDescriptorDacl (PSECURITY_DESCRIPTOR sd, LPBOOL present, PACL *dacl,
- LPBOOL def)
-{
- NTSTATUS status = RtlGetDaclSecurityDescriptor (sd, (PBOOLEAN) present, dacl,
- (PBOOLEAN) def);
- DEFAULT_NTSTATUS_TO_BOOL_RETURN
-}
-
-BOOL WINAPI
SetSecurityDescriptorDacl (PSECURITY_DESCRIPTOR sd, BOOL present, PACL dacl,
BOOL def)
{
@@ -94,13 +85,6 @@ SetSecurityDescriptorDacl (PSECURITY_DESCRIPTOR sd, BOOL present, PACL dacl,
}
BOOL WINAPI
-GetSecurityDescriptorGroup (PSECURITY_DESCRIPTOR sd, PSID *sid, LPBOOL def)
-{
- NTSTATUS status = RtlGetGroupSecurityDescriptor (sd, sid, (PBOOLEAN) def);
- DEFAULT_NTSTATUS_TO_BOOL_RETURN
-}
-
-BOOL WINAPI
SetSecurityDescriptorGroup (PSECURITY_DESCRIPTOR sd, PSID sid, BOOL def)
{
NTSTATUS status = RtlSetGroupSecurityDescriptor (sd, sid, (BOOLEAN) !!def);
@@ -108,13 +92,6 @@ SetSecurityDescriptorGroup (PSECURITY_DESCRIPTOR sd, PSID sid, BOOL def)
}
BOOL WINAPI
-GetSecurityDescriptorOwner (PSECURITY_DESCRIPTOR sd, PSID *sid, LPBOOL def)
-{
- NTSTATUS status = RtlGetOwnerSecurityDescriptor (sd, sid, (PBOOLEAN) def);
- DEFAULT_NTSTATUS_TO_BOOL_RETURN
-}
-
-BOOL WINAPI
SetSecurityDescriptorOwner (PSECURITY_DESCRIPTOR sd, PSID sid, BOOL def)
{
NTSTATUS status = RtlSetOwnerSecurityDescriptor (sd, sid, (BOOLEAN) !!def);
diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc
index 48012e2..e7e79ad 100644
--- a/winsup/cygwin/sec_acl.cc
+++ b/winsup/cygwin/sec_acl.cc
@@ -47,22 +47,25 @@ setacl (HANDLE handle, path_conv &pc, int nentries, __aclent32_t *aclbufp,
if (get_file_sd (handle, pc, sd_ret, false))
return -1;
- BOOL dummy;
+ NTSTATUS status;
+ BOOLEAN dummy;
/* Get owner SID. */
PSID owner_sid;
- if (!GetSecurityDescriptorOwner (sd_ret, &owner_sid, &dummy))
+ status = RtlGetOwnerSecurityDescriptor (sd_ret, &owner_sid, &dummy);
+ if (!NT_SUCCESS (status))
{
- __seterrno ();
+ __seterrno_from_nt_status (status);
return -1;
}
cygsid owner (owner_sid);
/* Get group SID. */
PSID group_sid;
- if (!GetSecurityDescriptorGroup (sd_ret, &group_sid, &dummy))
+ status = RtlGetGroupSecurityDescriptor (sd_ret, &group_sid, &dummy);
+ if (!NT_SUCCESS (status))
{
- __seterrno ();
+ __seterrno_from_nt_status (status);
return -1;
}
cygsid group (group_sid);
@@ -272,22 +275,23 @@ getacl (HANDLE handle, path_conv &pc, int nentries, __aclent32_t *aclbufp)
cygpsid owner_sid;
cygpsid group_sid;
- BOOL dummy;
+ NTSTATUS status;
+ BOOLEAN dummy;
__uid32_t uid;
__gid32_t gid;
- if (!GetSecurityDescriptorOwner (sd, (PSID *) &owner_sid, &dummy))
+ status = RtlGetOwnerSecurityDescriptor (sd, (PSID *) &owner_sid, &dummy);
+ if (!NT_SUCCESS (status))
{
- debug_printf ("GetSecurityDescriptorOwner %E");
- __seterrno ();
+ __seterrno_from_nt_status (status);
return -1;
}
uid = owner_sid.get_uid ();
- if (!GetSecurityDescriptorGroup (sd, (PSID *) &group_sid, &dummy))
+ status = RtlGetGroupSecurityDescriptor (sd, (PSID *) &group_sid, &dummy);
+ if (!NT_SUCCESS (status))
{
- debug_printf ("GetSecurityDescriptorGroup %E");
- __seterrno ();
+ __seterrno_from_nt_status (status);
return -1;
}
gid = group_sid.get_gid ();
@@ -305,12 +309,12 @@ getacl (HANDLE handle, path_conv &pc, int nentries, __aclent32_t *aclbufp)
lacl[3].a_perm = S_IROTH | S_IWOTH | S_IXOTH;
PACL acl;
- BOOL acl_exists;
+ BOOLEAN acl_exists;
- if (!GetSecurityDescriptorDacl (sd, &acl_exists, &acl, &dummy))
+ status = RtlGetDaclSecurityDescriptor (sd, &acl_exists, &acl, &dummy);
+ if (!NT_SUCCESS (status))
{
- __seterrno ();
- debug_printf ("GetSecurityDescriptorDacl %E");
+ __seterrno_from_nt_status (status);
return -1;
}
diff --git a/winsup/cygwin/sec_auth.cc b/winsup/cygwin/sec_auth.cc
index c0c605e..23e805d 100644
--- a/winsup/cygwin/sec_auth.cc
+++ b/winsup/cygwin/sec_auth.cc
@@ -692,9 +692,14 @@ verify_token (HANDLE token, cygsid &usersid, user_groups &groups, bool *pintern)
sd_buf, sd_buf_siz, &size);
if (!NT_SUCCESS (status))
debug_printf ("NtQuerySecurityObject(), %p", status);
- else if (!GetSecurityDescriptorGroup (sd_buf, (PSID *) &gsid,
- (BOOL *) &size))
- debug_printf ("GetSecurityDescriptorGroup(), %E");
+ else
+ {
+ BOOLEAN dummy;
+ status = RtlGetGroupSecurityDescriptor (sd_buf, (PSID *) &gsid,
+ &dummy);
+ if (!NT_SUCCESS (status))
+ debug_printf ("RtlGetGroupSecurityDescriptor(), %p", status);
+ }
if (well_known_null_sid != gsid)
return gsid == groups.pgsid;
}
diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index a72fb52..9b808cc 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -347,12 +347,15 @@ get_info_from_sd (PSECURITY_DESCRIPTOR psd, mode_t *attribute,
cygpsid owner_sid;
cygpsid group_sid;
- BOOL dummy;
+ NTSTATUS status;
+ BOOLEAN dummy;
- if (!GetSecurityDescriptorOwner (psd, (PSID *) &owner_sid, &dummy))
- debug_printf ("GetSecurityDescriptorOwner %E");
- if (!GetSecurityDescriptorGroup (psd, (PSID *) &group_sid, &dummy))
- debug_printf ("GetSecurityDescriptorGroup %E");
+ status = RtlGetOwnerSecurityDescriptor (psd, (PSID *) &owner_sid, &dummy);
+ if (!NT_SUCCESS (status))
+ debug_printf ("RtlGetOwnerSecurityDescriptor: %p", status);
+ status = RtlGetGroupSecurityDescriptor (psd, (PSID *) &group_sid, &dummy);
+ if (!NT_SUCCESS (status))
+ debug_printf ("RtlGetGroupSecurityDescriptor: %p", status);
__uid32_t uid;
__gid32_t gid;
@@ -369,12 +372,12 @@ get_info_from_sd (PSECURITY_DESCRIPTOR psd, mode_t *attribute,
}
PACL acl;
- BOOL acl_exists;
+ BOOLEAN acl_exists;
- if (!GetSecurityDescriptorDacl (psd, &acl_exists, &acl, &dummy))
+ status = RtlGetDaclSecurityDescriptor (psd, &acl_exists, &acl, &dummy);
+ if (!NT_SUCCESS (status))
{
- __seterrno ();
- debug_printf ("GetSecurityDescriptorDacl %E");
+ __seterrno_from_nt_status (status);
*attribute &= ~(S_IRWXU | S_IRWXG | S_IRWXO);
}
else if (!acl_exists || !acl)
@@ -498,7 +501,8 @@ static PSECURITY_DESCRIPTOR
alloc_sd (path_conv &pc, __uid32_t uid, __gid32_t gid, int attribute,
security_descriptor &sd_ret)
{
- BOOL dummy;
+ NTSTATUS status;
+ BOOLEAN dummy;
tmp_pathbuf tp;
/* NOTE: If the high bit of attribute is set, we have just created
@@ -509,10 +513,12 @@ alloc_sd (path_conv &pc, __uid32_t uid, __gid32_t gid, int attribute,
/* Get owner and group from current security descriptor. */
PSID cur_owner_sid = NULL;
PSID cur_group_sid = NULL;
- if (!GetSecurityDescriptorOwner (sd_ret, &cur_owner_sid, &dummy))
- debug_printf ("GetSecurityDescriptorOwner %E");
- if (!GetSecurityDescriptorGroup (sd_ret, &cur_group_sid, &dummy))
- debug_printf ("GetSecurityDescriptorGroup %E");
+ status = RtlGetOwnerSecurityDescriptor (sd_ret, &cur_owner_sid, &dummy);
+ if (!NT_SUCCESS (status))
+ debug_printf ("RtlGetOwnerSecurityDescriptor: %p", status);
+ status = RtlGetGroupSecurityDescriptor (sd_ret, &cur_group_sid, &dummy);
+ if (!NT_SUCCESS (status))
+ debug_printf ("RtlGetGroupSecurityDescriptor: %p", status);
/* Get SID of owner. */
cygsid owner_sid;
@@ -703,12 +709,11 @@ alloc_sd (path_conv &pc, __uid32_t uid, __gid32_t gid, int attribute,
/* Fill ACL with unrelated ACEs from current security descriptor. */
PACL oacl;
- BOOL acl_exists = FALSE;
+ BOOLEAN acl_exists = FALSE;
ACCESS_ALLOWED_ACE *ace;
- NTSTATUS status;
- if (GetSecurityDescriptorDacl (sd_ret, &acl_exists, &oacl, &dummy)
- && acl_exists && oacl)
+ status = RtlGetDaclSecurityDescriptor (sd_ret, &acl_exists, &oacl, &dummy);
+ if (NT_SUCCESS (status) && acl_exists && oacl)
for (DWORD i = 0; i < oacl->AceCount; ++i)
if (NT_SUCCESS (RtlGetAce (oacl, i, (PVOID *) &ace)))
{
diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc
index 46d4b15..dd2d6ed 100644
--- a/winsup/cygwin/uinfo.cc
+++ b/winsup/cygwin/uinfo.cc
@@ -84,12 +84,14 @@ cygheap_user::init ()
psd = (PSECURITY_DESCRIPTOR)
(sec_user_nih (sa_buf, sid()))->lpSecurityDescriptor;
- BOOL acl_exists, dummy;
+ NTSTATUS status;
+ BOOLEAN acl_exists, dummy;
TOKEN_DEFAULT_DACL dacl;
- if (GetSecurityDescriptorDacl (psd, &acl_exists, &dacl.DefaultDacl, &dummy)
- && acl_exists && dacl.DefaultDacl)
+
+ status = RtlGetDaclSecurityDescriptor (psd, &acl_exists, &dacl.DefaultDacl,
+ &dummy);
+ if (NT_SUCCESS (status) && acl_exists && dacl.DefaultDacl)
{
- NTSTATUS status;
/* Set the default DACL and the process DACL */
if (!SetTokenInformation (hProcToken, TokenDefaultDacl, &dacl,