From 5519d54352e7bdc6d77186cef46dbafc86946bcf Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Mon, 29 Jul 2002 12:51:52 +0000
Subject: 	* security.cc: Change some formatting. 	*
 include/cygwin/version.h: Bump API minor version.

        * cygheap.h (class cygheap_user): Add member groups.
        * security.h (class cygsidlist): Add members type and maxcount,
        methods position, addfromgr, alloc_sids and free_sids and
        operator+= (const PSID psid). Modify contains () to call
        position () and optimize add () to use maxcount.
        (class user_groups): Create.
        Update declarations of verify_token and create_token.
        * security.cc (cygsidlist::alloc_sids): New.
        (cygsidlist::free_sids): New.
        (get_token_group_sidlist): Create from get_group_sidlist.
        (get_initgroups_sidlist): Create from get_group_sidlist.
        (get_group_sidlist): Suppress.
        (get_setgroups_sidlist): Create.
        (verify_token): Modify arguments. Add setgroups case.
        (create_token): Modify arguments. Call get_initgroups_sidlist and
        get_setgroups_sidlist as needed. Set SE_GROUP_LOGON_ID from auth_pos
        outside of the loop. Rename the various group sid lists consistently.
        * syscalls.cc (seteuid32): Modify to use cygheap->user.groups.
        (setegid32): Call cygheap->user.groups.update_pgrp.
        * grp.cc (setgroups): Create.
        (setgroups32): Create.
        * uinfo.cc (internal_getlogin): Initialize and update user.groups.pgsid.
        * cygwin.din: Add setgroups and setgroups32.
---
 winsup/cygwin/security.h | 75 +++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 59 insertions(+), 16 deletions(-)

(limited to 'winsup/cygwin/security.h')

diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h
index 1edcc57..580d7c1 100644
--- a/winsup/cygwin/security.h
+++ b/winsup/cygwin/security.h
@@ -86,40 +86,63 @@ public:
     }
 };
 
+typedef enum { cygsidlist_unknown, cygsidlist_alloc, cygsidlist_auto } cygsidlist_type;
 class cygsidlist {
+  int maxcount;
 public:
   int count;
   cygsid *sids;
+  cygsidlist_type type;
 
-  cygsidlist () : count (0), sids (NULL) {}
-  ~cygsidlist () { delete [] sids; }
+  cygsidlist (cygsidlist_type t, int m)
+    {
+      type = t;
+      count = 0;
+      maxcount = m;
+      if (t == cygsidlist_alloc)
+	sids = alloc_sids (m);
+      else
+	sids = new cygsid [m];
+    }
+  ~cygsidlist () { if (type == cygsidlist_auto) delete [] sids; }
 
-  BOOL add (cygsid &nsi)
+  BOOL add (const PSID nsi) /* Only with auto for now */
     {
-      cygsid *tmp = new cygsid [count + 1];
-      if (!tmp)
-	return FALSE;
-      for (int i = 0; i < count; ++i)
-	tmp[i] = sids[i];
-      delete [] sids;
-      sids = tmp;
+      if (count >= maxcount)
+        {
+	  cygsid *tmp = new cygsid [ 2 * maxcount];
+	  if (!tmp)
+	    return FALSE;
+	  maxcount *= 2;
+	  for (int i = 0; i < count; ++i)
+	    tmp[i] = sids[i];
+	  delete [] sids;
+	  sids = tmp;
+	}
       sids[count++] = nsi;
       return TRUE;
     }
-  BOOL add (const PSID nsid) { return add (nsid); }
+  BOOL add (cygsid &nsi) { return add ((PSID) nsi); }
   BOOL add (const char *sidstr)
     { cygsid nsi (sidstr); return add (nsi); }
+  BOOL addfromgr (struct __group32 *gr) /* Only with alloc */
+    { return sids[count++].getfromgr (gr); }
 
   BOOL operator+= (cygsid &si) { return add (si); }
   BOOL operator+= (const char *sidstr) { return add (sidstr); }
+  BOOL operator+= (const PSID psid) { return add (psid); }
 
-  BOOL contains (cygsid &sid) const
+  int position (const PSID sid) const
     {
       for (int i = 0; i < count; ++i)
 	if (sids[i] == sid)
-	  return TRUE;
-      return FALSE;
+	  return i;
+      return -1;
     }
+
+  BOOL contains (const PSID sid) const { return position (sid) >= 0; }
+  cygsid *alloc_sids (int n);
+  void free_sids ();
   void debug_print (const char *prefix = NULL) const
     {
       debug_printf ("-- begin sidlist ---");
@@ -131,6 +154,26 @@ public:
     }
 };
 
+class user_groups {
+public:
+  cygsid pgsid;
+  cygsidlist sgsids;
+  BOOL ischanged;
+
+  BOOL issetgroups () const { return (sgsids.type == cygsidlist_alloc); }
+  void update_supp (const cygsidlist &newsids)
+    {
+      sgsids.free_sids ();
+      sgsids = newsids;
+      ischanged = TRUE;
+    }
+  void update_pgrp (const PSID sid)
+    {
+      pgsid = sid;
+      ischanged = TRUE;
+    }
+};
+
 extern cygsid well_known_null_sid;
 extern cygsid well_known_world_sid;
 extern cygsid well_known_local_sid;
@@ -180,9 +223,9 @@ void set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa,
 /* Try a subauthentication. */
 HANDLE subauth (struct passwd *pw);
 /* Try creating a token directly. */
-HANDLE create_token (cygsid &usersid, cygsid &pgrpsid, struct passwd * pw);
+HANDLE create_token (cygsid &usersid, user_groups &groups, struct passwd * pw);
 /* Verify an existing token */
-BOOL verify_token (HANDLE token, cygsid &usersid, cygsid &pgrpsid, BOOL * pintern = NULL);
+BOOL verify_token (HANDLE token, cygsid &usersid, user_groups &groups, BOOL * pintern = NULL);
 
 /* Extract U-domain\user field from passwd entry. */
 void extract_nt_dom_user (const struct passwd *pw, char *domain, char *user);
-- 
cgit v1.1