* security.h (class cygpsid): New class.

	(class cygsid): Use cygpsid as base. Remove members psid, get_id,
	get_uid, get_gid, string, debug_printf and the == and != operators.
	(cygsidlist::clear_supp): Only do work if setgroups has been called.
	* sec_helper.cc: Define sid_auth NO_COPY.
	(cygpsid::operator==): New operator.
	(cygpsid::get_id): New function.
	(cygpsid::string): New function.
	(cygsid::string): Delete.
	(cygsid::get_id): Delete.
	* pwdgrp.h: Change arguments of internal_getpwsid,
	internal_getgrsid and internal_getgroups to cygpsid.
	* passwd.cc (internal_getpwsid): Change argument from cygsid to cygpsid.
	* grp.cc (internal_getgrsid): Ditto.
	(internal_getgroups): Ditto.

1 files changed, 58 insertions, 53 deletions

diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc
index 9c49c0a59..59eba0887 100644
--- a/winsup/cygwin/sec_helper.cc
+++ b/winsup/cygwin/sec_helper.cc
@@ -39,7 +39,7 @@ SECURITY_ATTRIBUTES NO_COPY sec_none_nih;
 SECURITY_ATTRIBUTES NO_COPY sec_all;
 SECURITY_ATTRIBUTES NO_COPY sec_all_nih;
 
-SID_IDENTIFIER_AUTHORITY sid_auth[] = {
+SID_IDENTIFIER_AUTHORITY NO_COPY sid_auth[] = {
 	{SECURITY_NULL_SID_AUTHORITY},
 	{SECURITY_WORLD_SID_AUTHORITY},
 	{SECURITY_LOCAL_SID_AUTHORITY},
@@ -62,6 +62,63 @@ cygsid well_known_authenticated_users_sid;
 cygsid well_known_system_sid;
 cygsid well_known_admins_sid;
 
+bool
+cygpsid::operator== (const char *nsidstr) const
+{
+  cygsid nsid (nsidstr);
+  return psid == nsid;
+}
+
+__uid32_t
+cygpsid::get_id (BOOL search_grp, int *type)
+{
+    /* First try to get SID from group, then passwd */
+  __uid32_t id = ILLEGAL_UID;
+
+  if (search_grp)
+    {
+      struct __group32 *gr;
+      if (cygheap->user.groups.pgsid == psid)
+	id = myself->gid;
+      else if ((gr = internal_getgrsid (*this)))
+	id = gr->gr_gid;
+      if (id != ILLEGAL_UID)
+        {
+	  if (type)
+	    *type = GROUP;
+	  return id;
+	}
+    }
+  if (!search_grp || type)
+    {
+      struct passwd *pw;
+      if (*this == cygheap->user.sid ())
+	id = myself->uid;
+      else if ((pw = internal_getpwsid (*this)))
+	id = pw->pw_uid;
+      if (id != ILLEGAL_UID && type)
+        *type = USER;
+    }
+  return id;
+}
+
+
+char *
+cygpsid::string (char *nsidstr) const
+{
+  char *t;
+  DWORD i;
+
+  if (!psid || !nsidstr)
+    return NULL;
+  strcpy (nsidstr, "S-1-");
+  t = nsidstr + sizeof ("S-1-") - 1;
+  t += __small_sprintf (t, "%u", GetSidIdentifierAuthority (psid)->Value[5]);
+  for (i = 0; i < *GetSidSubAuthorityCount (psid); ++i)
+    t += __small_sprintf (t, "-%lu", *GetSidSubAuthority (psid, i));
+  return nsidstr;
+}
+
 void
 cygsid::init ()
 {
@@ -80,25 +137,6 @@ cygsid::init ()
   well_known_admins_sid = "S-1-5-32-544";
 }
 
-char *
-cygsid::string (char *nsidstr) const
-{
-  char t[32];
-  DWORD i;
-
-  if (!psid || !nsidstr)
-    return NULL;
-  strcpy (nsidstr, "S-1-");
-  __small_sprintf (t, "%u", GetSidIdentifierAuthority (psid)->Value[5]);
-  strcat (nsidstr, t);
-  for (i = 0; i < *GetSidSubAuthorityCount (psid); ++i)
-    {
-      __small_sprintf (t, "-%lu", *GetSidSubAuthority (psid, i));
-      strcat (nsidstr, t);
-    }
-  return nsidstr;
-}
-
 PSID
 cygsid::get_sid (DWORD s, DWORD cnt, DWORD *r)
 {
@@ -148,39 +186,6 @@ cygsid::getfromgr (const struct __group32 *gr)
   return (*this = sp) != NULL;
 }
 
-__uid32_t
-cygsid::get_id (BOOL search_grp, int *type)
-{
-  /* First try to get SID from passwd or group entry */
-  __uid32_t id = ILLEGAL_UID;
-
-  if (!search_grp)
-    {
-      struct passwd *pw;
-      if (*this == cygheap->user.sid ())
-	id = myself->uid;
-      else if ((pw = internal_getpwsid (*this)))
-	id = pw->pw_uid;
-      if (id != ILLEGAL_UID)
-	{
-	  if (type)
-	    *type = USER;
-	   return id;
-	}
-    }
-  if (search_grp || type)
-    {
-      struct __group32 *gr;
-      if (cygheap->user.groups.pgsid == psid)
-	id = myself->gid;
-      else if ((gr = internal_getgrsid (*this)))
-	id = gr->gr_gid;
-      if (id != ILLEGAL_UID && type)
-	*type = GROUP;
-    }
-  return id;
-}
-
 BOOL
 is_grp_member (__uid32_t uid, __gid32_t gid)
 {