From 00ef94f3389db4568c3c9825d34febc520807c59 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Tue, 29 May 2012 12:46:01 +0000
Subject: * Makefile.in (LIBS): Re-add advapi32.dll. Explain why.
* make-64bit-version-with-mingw-w64.sh (LIBS): Ditto. * cyglsa.c: Drop NTDLL
function declarations. Use equivalent advapi32 functions again,
throughout. * cyglsa64.dll: Regenerate.
---
winsup/lsaauth/ChangeLog | 8 ++++
winsup/lsaauth/Makefile.in | 6 ++-
winsup/lsaauth/cyglsa.c | 46 ++++++++-------------
winsup/lsaauth/cyglsa64.dll | Bin 8704 -> 8704 bytes
.../lsaauth/make-64bit-version-with-mingw-w64.sh | 6 ++-
5 files changed, 36 insertions(+), 30 deletions(-)
(limited to 'winsup/lsaauth')
diff --git a/winsup/lsaauth/ChangeLog b/winsup/lsaauth/ChangeLog
index bbb763a..b78696a 100644
--- a/winsup/lsaauth/ChangeLog
+++ b/winsup/lsaauth/ChangeLog
@@ -1,3 +1,11 @@
+2012-05-29 Corinna Vinschen <corinna@vinschen.de>
+
+ * Makefile.in (LIBS): Re-add advapi32.dll. Explain why.
+ * make-64bit-version-with-mingw-w64.sh (LIBS): Ditto.
+ * cyglsa.c: Drop NTDLL function declarations. Use equivalent advapi32
+ functions again, throughout.
+ * cyglsa64.dll: Regenerate.
+
2011-05-10 Corinna Vinschen <corinna@vinschen.de>
* Makefile.in: Don't override CC.
diff --git a/winsup/lsaauth/Makefile.in b/winsup/lsaauth/Makefile.in
index 948c08b..bb585df 100644
--- a/winsup/lsaauth/Makefile.in
+++ b/winsup/lsaauth/Makefile.in
@@ -41,7 +41,11 @@ ifdef MINGW_CC
override CC:=${MINGW_CC}
endif
-LIBS := -lkernel32 -lntdll
+# Never again try to remove advapi32. It does not matter if the DLL calls
+# advapi32 functions or the equivalent ntdll functions.
+# But if the LSA authentication DLL is not linked against advapi32, it's
+# not recognized by LSA.
+LIBS := -ladvapi32 -lkernel32 -lntdll
DLL := cyglsa.dll
DEF_FILE:= cyglsa.def
diff --git a/winsup/lsaauth/cyglsa.c b/winsup/lsaauth/cyglsa.c
index e64d0e1..341fdd1 100644
--- a/winsup/lsaauth/cyglsa.c
+++ b/winsup/lsaauth/cyglsa.c
@@ -1,6 +1,6 @@
/* cyglsa.c: LSA authentication module for Cygwin
- Copyright 2006, 2008, 2010, 2011 Red Hat, Inc.
+ Copyright 2006, 2008, 2010, 2011, 2012 Red Hat, Inc.
Written by Corinna Vinschen <corinna@vinschen.de>
@@ -41,13 +41,6 @@ DllMain (HINSTANCE inst, DWORD reason, LPVOID res)
#ifndef NT_SUCCESS
#define NT_SUCCESS(s) ((s) >= 0)
#endif
-NTSTATUS NTAPI NtAllocateLocallyUniqueId (PLUID);
-NTSTATUS NTAPI RtlCopySid (ULONG, PSID, PSID);
-NTSTATUS NTAPI RtlGetAce (PACL, ULONG, PVOID *);
-ULONG NTAPI RtlLengthSid (PSID);
-PULONG NTAPI RtlSubAuthoritySid (PSID, ULONG);
-PUCHAR NTAPI RtlSubAuthorityCountSid (PSID);
-BOOLEAN NTAPI RtlValidSid (PSID);
/* These standard POSIX functions are implemented in NTDLL and exported.
There's just no header to define them and using wchar.h from mingw
or Cygwin seems wrong somehow. */
@@ -123,7 +116,7 @@ print_sid (const char *prefix, int idx, PISID sid)
cyglsa_printf ("NULL\n");
else if (IsBadReadPtr (sid, 8))
cyglsa_printf ("INVALID POINTER\n");
- else if (!RtlValidSid ((PSID) sid))
+ else if (!IsValidSid ((PSID) sid))
cyglsa_printf ("INVALID SID\n");
else if (IsBadReadPtr (sid, 8 + sizeof (DWORD) * sid->SubAuthorityCount))
cyglsa_printf ("INVALID POINTER SPACE\n");
@@ -203,11 +196,9 @@ print_dacl (PACL dacl)
{
PVOID vace;
PACCESS_ALLOWED_ACE ace;
- NTSTATUS stat;
- stat = RtlGetAce (dacl, i, &vace);
- if (!NT_SUCCESS (stat))
- cyglsa_printf ("[%lu] RtlGetAce status 0x%08lx\n", i, stat);
+ if (!GetAce (dacl, i, &vace))
+ cyglsa_printf ("[%lu] GetAce error %lu\n", i, GetLastError ());
else
{
ace = (PACCESS_ALLOWED_ACE) vace;
@@ -503,8 +494,8 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
tokinf->ExpirationTime = authinf->inf.ExpirationTime;
/* User SID */
src_sid = (PSID) (base + authinf->inf.User.User.Sid);
- size = RtlLengthSid (src_sid);
- RtlCopySid (size, (PSID) tptr, src_sid);
+ size = GetLengthSid (src_sid);
+ CopySid (size, (PSID) tptr, src_sid);
tokinf->User.User.Sid = (PSID) tptr;
tptr += size;
tokinf->User.User.Attributes = authinf->inf.User.User.Attributes;
@@ -518,16 +509,16 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
for (i = 0; i < src_grps->GroupCount; ++i)
{
src_sid = (PSID) (base + src_grps->Groups[i].Sid);
- size = RtlLengthSid (src_sid);
- RtlCopySid (size, (PSID) tptr, src_sid);
+ size = GetLengthSid (src_sid);
+ CopySid (size, (PSID) tptr, src_sid);
tokinf->Groups->Groups[i].Sid = (PSID) tptr;
tptr += size;
tokinf->Groups->Groups[i].Attributes = src_grps->Groups[i].Attributes;
}
/* Primary Group SID */
src_sid = (PSID) (base + authinf->inf.PrimaryGroup.PrimaryGroup);
- size = RtlLengthSid (src_sid);
- RtlCopySid (size, (PSID) tptr, src_sid);
+ size = GetLengthSid (src_sid);
+ CopySid (size, (PSID) tptr, src_sid);
tokinf->PrimaryGroup.PrimaryGroup = (PSID) tptr;
tptr += size;
/* Privileges */
@@ -554,8 +545,7 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
not done in the 64 bit code above for hopefully obvious reasons... */
LUID logon_sid_id;
- if (must_create_logon_sid
- && !NT_SUCCESS (NtAllocateLocallyUniqueId (&logon_sid_id)))
+ if (must_create_logon_sid && !AllocateLocallyUniqueId (&logon_sid_id))
return STATUS_INSUFFICIENT_RESOURCES;
if (!(tokinf = funcs->AllocateLsaHeap (authinf->inf_size)))
@@ -575,13 +565,13 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
((PBYTE) tokinf + (LONG_PTR) tokinf->Groups->Groups[i].Sid);
if (must_create_logon_sid
&& tokinf->Groups->Groups[i].Attributes & SE_GROUP_LOGON_ID
- && *RtlSubAuthorityCountSid (tokinf->Groups->Groups[i].Sid) == 3
- && *RtlSubAuthoritySid (tokinf->Groups->Groups[i].Sid, 0)
+ && *GetSidSubAuthorityCount (tokinf->Groups->Groups[i].Sid) == 3
+ && *GetSidSubAuthority (tokinf->Groups->Groups[i].Sid, 0)
== SECURITY_LOGON_IDS_RID)
{
- *RtlSubAuthoritySid (tokinf->Groups->Groups[i].Sid, 1)
+ *GetSidSubAuthority (tokinf->Groups->Groups[i].Sid, 1)
= logon_sid_id.HighPart;
- *RtlSubAuthoritySid (tokinf->Groups->Groups[i].Sid, 2)
+ *GetSidSubAuthority (tokinf->Groups->Groups[i].Sid, 2)
= logon_sid_id.LowPart;
}
}
@@ -608,12 +598,12 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
(PVOID)((LONG_PTR) &authinf->inf + authinf->inf_size));
/* Create logon session. */
- stat = NtAllocateLocallyUniqueId (logon_id);
- if (!NT_SUCCESS (stat))
+ if (!AllocateLocallyUniqueId (logon_id))
{
funcs->FreeLsaHeap (*tok);
*tok = NULL;
- cyglsa_printf ("NtAllocateLocallyUniqueId status 0x%08lx\n", stat);
+ cyglsa_printf ("AllocateLocallyUniqueId failed: Win32 error %lu\n",
+ GetLastError ());
return STATUS_INSUFFICIENT_RESOURCES;
}
stat = funcs->CreateLogonSession (logon_id);
diff --git a/winsup/lsaauth/cyglsa64.dll b/winsup/lsaauth/cyglsa64.dll
index 14f1f6c..f3324d2 100644
Binary files a/winsup/lsaauth/cyglsa64.dll and b/winsup/lsaauth/cyglsa64.dll differ
diff --git a/winsup/lsaauth/make-64bit-version-with-mingw-w64.sh b/winsup/lsaauth/make-64bit-version-with-mingw-w64.sh
index a93daf8..4a8c37c 100644
--- a/winsup/lsaauth/make-64bit-version-with-mingw-w64.sh
+++ b/winsup/lsaauth/make-64bit-version-with-mingw-w64.sh
@@ -20,6 +20,10 @@ set -e
CC="x86_64-w64-mingw32-gcc"
CFLAGS="-fno-exceptions -O0 -Wall -Werror"
LDFLAGS="-s -nostdlib -Wl,--entry,DllMain,--major-os-version,5,--minor-os-version,2"
-LIBS="-lkernel32 -lntdll"
+# Never again try to remove advapi32. It does not matter if the DLL calls
+# advapi32 functions or the equivalent ntdll functions.
+# But if the LSA authentication DLL is not linked against advapi32, it's
+# not recognized by LSA.
+LIBS="-ladvapi32 -lkernel32 -lntdll"
$CC $CFLAGS $LDFLAGS -shared -o cyglsa64.dll cyglsa.c cyglsa64.def $LIBS
--
cgit v1.1