* shared.cc (sec_none): Move to sec_helper.cc.

	(sec_none_nih): Ditto.
	(sec_all): Ditto.
	(sec_all_nih): Ditto.
	(get_null_sd): Ditto.
	(sec_acl): Ditto.
	(__sec_user): Ditto.
	* sec_helper.cc (sec_none): Move from shared.cc to here.
	(sec_none_nih): Ditto.
	(sec_all): Ditto.
	(sec_all_nih): Ditto.
	(get_null_sd): Ditto.
	(sec_acl): Ditto.
	(__sec_user): Ditto.

3 files changed, 113 insertions, 96 deletions

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 5ccdb610d..e5b232c1f 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,20 @@
+2002-07-01  Corinna Vinschen  <corinna@vinschen.de>
+
+	* shared.cc (sec_none): Move to sec_helper.cc.
+	(sec_none_nih): Ditto.
+	(sec_all): Ditto.
+	(sec_all_nih): Ditto.
+	(get_null_sd): Ditto.
+	(sec_acl): Ditto.
+	(__sec_user): Ditto.
+	* sec_helper.cc (sec_none): Move from shared.cc to here.
+	(sec_none_nih): Ditto.
+	(sec_all): Ditto.
+	(sec_all_nih): Ditto.
+	(get_null_sd): Ditto.
+	(sec_acl): Ditto.
+	(__sec_user): Ditto.
+
 2002-06-30  Christopher Faylor  <cgf@redhat.com>
 
 	* uinfo.cc (cygheap_user::ontherange): Potentially set HOME from
diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc
index cfa0fafce..6aaf7f607 100644
--- a/winsup/cygwin/sec_helper.cc
+++ b/winsup/cygwin/sec_helper.cc
@@ -32,6 +32,12 @@ details. */
 #include "pinfo.h"
 #include "cygheap.h"
 
+/* General purpose security attribute objects for global use. */
+SECURITY_ATTRIBUTES NO_COPY sec_none;
+SECURITY_ATTRIBUTES NO_COPY sec_none_nih;
+SECURITY_ATTRIBUTES NO_COPY sec_all;
+SECURITY_ATTRIBUTES NO_COPY sec_all_nih;
+
 SID_IDENTIFIER_AUTHORITY sid_auth[] = {
 	{SECURITY_NULL_SID_AUTHORITY},
 	{SECURITY_WORLD_SID_AUTHORITY},
@@ -387,3 +393,93 @@ out:
   syscall_printf ("%d = set_process_privilege (%s, %d)",ret, privilege, enable);
   return ret;
 }
+
+/*
+ * Function to return a common SECURITY_DESCRIPTOR * that
+ * allows all access.
+ */
+
+static NO_COPY SECURITY_DESCRIPTOR *null_sdp = 0;
+
+SECURITY_DESCRIPTOR *__stdcall
+get_null_sd ()
+{
+  static NO_COPY SECURITY_DESCRIPTOR sd;
+
+  if (null_sdp == 0)
+    {
+      InitializeSecurityDescriptor (&sd, SECURITY_DESCRIPTOR_REVISION);
+      SetSecurityDescriptorDacl (&sd, TRUE, 0, FALSE);
+      null_sdp = &sd;
+    }
+  return null_sdp;
+}
+
+BOOL
+sec_acl (PACL acl, BOOL admins, PSID sid1, PSID sid2)
+{
+  size_t acl_len = MAX_DACL_LEN(5);
+
+  if (!InitializeAcl (acl, acl_len, ACL_REVISION))
+    {
+      debug_printf ("InitializeAcl %E");
+      return FALSE;
+    }
+  if (sid2)
+    if (!AddAccessAllowedAce (acl, ACL_REVISION,
+			      GENERIC_ALL, sid2))
+      debug_printf ("AddAccessAllowedAce(sid2) %E");
+  if (sid1)
+    if (!AddAccessAllowedAce (acl, ACL_REVISION,
+			      GENERIC_ALL, sid1))
+      debug_printf ("AddAccessAllowedAce(sid1) %E", sid1);
+  if (admins)
+    if (!AddAccessAllowedAce (acl, ACL_REVISION,
+			      GENERIC_ALL, well_known_admins_sid))
+      debug_printf ("AddAccessAllowedAce(admin) %E");
+  if (!AddAccessAllowedAce (acl, ACL_REVISION,
+			    GENERIC_ALL, well_known_system_sid))
+    debug_printf ("AddAccessAllowedAce(system) %E");
+#if 0 /* Does not seem to help */
+  if (!AddAccessAllowedAce (acl, ACL_REVISION,
+			    GENERIC_ALL, well_known_creator_owner_sid))
+    debug_printf ("AddAccessAllowedAce(creator_owner) %E");
+#endif
+  return TRUE;
+}
+
+PSECURITY_ATTRIBUTES __stdcall
+__sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
+{
+  PSECURITY_ATTRIBUTES psa = (PSECURITY_ATTRIBUTES) sa_buf;
+  PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR)
+			     ((char *) sa_buf + sizeof (*psa));
+  PACL acl = (PACL) ((char *) sa_buf + sizeof (*psa) + sizeof (*psd));
+
+  cygsid sid;
+
+  if (!(sid = cygheap->user.orig_sid ()) ||
+	  (!sec_acl (acl, TRUE, sid, sid2)))
+    return inherit ? &sec_none : &sec_none_nih;
+
+  if (!InitializeSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION))
+    debug_printf ("InitializeSecurityDescriptor %E");
+
+/*
+ * Setting the owner lets the created security attribute not work
+ * on NT4 SP3 Server. Don't know why, but the function still does
+ * what it should do also if the owner isn't set.
+*/
+#if 0
+  if (!SetSecurityDescriptorOwner (psd, sid, FALSE))
+    debug_printf ("SetSecurityDescriptorOwner %E");
+#endif
+
+  if (!SetSecurityDescriptorDacl (psd, TRUE, acl, FALSE))
+    debug_printf ("SetSecurityDescriptorDacl %E");
+
+  psa->nLength = sizeof (SECURITY_ATTRIBUTES);
+  psa->lpSecurityDescriptor = psd;
+  psa->bInheritHandle = inherit;
+  return psa;
+}
diff --git a/winsup/cygwin/shared.cc b/winsup/cygwin/shared.cc
index 2a536824d..99218e91c 100644
--- a/winsup/cygwin/shared.cc
+++ b/winsup/cygwin/shared.cc
@@ -31,12 +31,6 @@ shared_info NO_COPY *cygwin_shared = NULL;
 mount_info NO_COPY *mount_table = NULL;
 HANDLE cygwin_mount_h;
 
-/* General purpose security attribute objects for global use. */
-SECURITY_ATTRIBUTES NO_COPY sec_none;
-SECURITY_ATTRIBUTES NO_COPY sec_none_nih;
-SECURITY_ATTRIBUTES NO_COPY sec_all;
-SECURITY_ATTRIBUTES NO_COPY sec_all_nih;
-
 char * __stdcall
 shared_name (const char *str, int num)
 {
@@ -212,93 +206,3 @@ shared_info::heap_chunk_size ()
 
   return heap_chunk_in_mb << 20;
 }
-
-/*
- * Function to return a common SECURITY_DESCRIPTOR * that
- * allows all access.
- */
-
-static NO_COPY SECURITY_DESCRIPTOR *null_sdp = 0;
-
-SECURITY_DESCRIPTOR *__stdcall
-get_null_sd ()
-{
-  static NO_COPY SECURITY_DESCRIPTOR sd;
-
-  if (null_sdp == 0)
-    {
-      InitializeSecurityDescriptor (&sd, SECURITY_DESCRIPTOR_REVISION);
-      SetSecurityDescriptorDacl (&sd, TRUE, 0, FALSE);
-      null_sdp = &sd;
-    }
-  return null_sdp;
-}
-
-BOOL
-sec_acl (PACL acl, BOOL admins, PSID sid1, PSID sid2)
-{
-  size_t acl_len = MAX_DACL_LEN(5);
-
-  if (!InitializeAcl (acl, acl_len, ACL_REVISION))
-    {
-      debug_printf ("InitializeAcl %E");
-      return FALSE;
-    }
-  if (sid2)
-    if (!AddAccessAllowedAce (acl, ACL_REVISION,
-			      GENERIC_ALL, sid2))
-      debug_printf ("AddAccessAllowedAce(sid2) %E");
-  if (sid1)
-    if (!AddAccessAllowedAce (acl, ACL_REVISION,
-			      GENERIC_ALL, sid1))
-      debug_printf ("AddAccessAllowedAce(sid1) %E", sid1);
-  if (admins)
-    if (!AddAccessAllowedAce (acl, ACL_REVISION,
-			      GENERIC_ALL, well_known_admins_sid))
-      debug_printf ("AddAccessAllowedAce(admin) %E");
-  if (!AddAccessAllowedAce (acl, ACL_REVISION,
-			    GENERIC_ALL, well_known_system_sid))
-    debug_printf ("AddAccessAllowedAce(system) %E");
-#if 0 /* Does not seem to help */
-  if (!AddAccessAllowedAce (acl, ACL_REVISION,
-			    GENERIC_ALL, well_known_creator_owner_sid))
-    debug_printf ("AddAccessAllowedAce(creator_owner) %E");
-#endif
-  return TRUE;
-}
-
-PSECURITY_ATTRIBUTES __stdcall
-__sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
-{
-  PSECURITY_ATTRIBUTES psa = (PSECURITY_ATTRIBUTES) sa_buf;
-  PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR)
-			     ((char *) sa_buf + sizeof (*psa));
-  PACL acl = (PACL) ((char *) sa_buf + sizeof (*psa) + sizeof (*psd));
-
-  cygsid sid;
-
-  if (!(sid = cygheap->user.orig_sid ()) ||
-	  (!sec_acl (acl, TRUE, sid, sid2)))
-    return inherit ? &sec_none : &sec_none_nih;
-
-  if (!InitializeSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION))
-    debug_printf ("InitializeSecurityDescriptor %E");
-
-/*
- * Setting the owner lets the created security attribute not work
- * on NT4 SP3 Server. Don't know why, but the function still does
- * what it should do also if the owner isn't set.
-*/
-#if 0
-  if (!SetSecurityDescriptorOwner (psd, sid, FALSE))
-    debug_printf ("SetSecurityDescriptorOwner %E");
-#endif
-
-  if (!SetSecurityDescriptorDacl (psd, TRUE, acl, FALSE))
-    debug_printf ("SetSecurityDescriptorDacl %E");
-
-  psa->nLength = sizeof (SECURITY_ATTRIBUTES);
-  psa->lpSecurityDescriptor = psd;
-  psa->bInheritHandle = inherit;
-  return psa;
-}