diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2008-07-10 22:01:25 +0400 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2008-07-10 22:01:25 +0400 |
| commit | c68cb84e880db21841e85ae40533c904f7a95d23 (patch) | |
| tree | 6a1ab23a4bb9ad514300c822f1522623c988c505 /winsup/cygwin/sec_auth.cc | |
| parent | 9035519215c95286690c8e9c29bc9dc97583ab5c (diff) | |
* cyglsa.h (SECURITY_STRING): Define.
(enum _SECPKG_NAME_TYPE): Define.
(struct _SECPKG_CALL_INFO): Define.
(struct _LSA_SECPKG_FUNCS): Extend to full size. Define unused
functions lazily.
(cygprf_t): Define.
* sec_auth.cc (lsaauth): Use actual primary group if no admins group.
Add (disabled) code to fetch token from profil data.
Diffstat (limited to 'winsup/cygwin/sec_auth.cc')
| -rw-r--r-- | winsup/cygwin/sec_auth.cc | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/winsup/cygwin/sec_auth.cc b/winsup/cygwin/sec_auth.cc index db76fcd79..99fe7076c 100644 --- a/winsup/cygwin/sec_auth.cc +++ b/winsup/cygwin/sec_auth.cc @@ -1016,10 +1016,13 @@ lsaauth (cygsid &usersid, user_groups &new_groups, struct passwd *pw) authinf_size += gsize; /* Groups + Group SIDs */ /* When trying to define the admins group as primary group on Vista, LsaLogonUser fails with error STATUS_INVALID_OWNER. As workaround - we define "Local" as primary group here. First, this adds the otherwise - missing "Local" group to the group list and second, seteuid32 - sets the primary group to the group set in /etc/passwd anyway. */ - pgrpsid = well_known_local_sid; + we define "Local" as primary group here. Seteuid32 sets the primary + group to the group set in /etc/passwd anyway. */ + if (new_groups.pgsid == well_known_admins_sid) + pgrpsid = well_known_local_sid; + else + pgrpsid = new_groups.pgsid; + authinf_size += GetLengthSid (pgrpsid); /* Primary Group SID */ authinf_size += psize; /* Privileges */ @@ -1104,7 +1107,20 @@ lsaauth (cygsid &usersid, user_groups &new_groups, struct passwd *pw) goto out; } if (profile) - LsaFreeReturnBuffer (profile); + { +#ifdef JUST_ANOTHER_NONWORKING_SOLUTION + /* See ../lsaauth/cyglsa.c. */ + cygprf_t *prf = (cygprf_t *) profile; + if (prf->magic_pre == MAGIC_PRE && prf->magic_post == MAGIC_POST + && prf->token) + { + CloseHandle (user_token); + user_token = prf->token; + system_printf ("Got token through profile: %p", user_token); + } +#endif /* JUST_ANOTHER_NONWORKING_SOLUTION */ + LsaFreeReturnBuffer (profile); + } if (wincap.has_mandatory_integrity_control ()) { |