diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2008-11-26 13:18:10 +0300 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2008-11-26 13:18:10 +0300 |
| commit | 51303cbd0c22d81d20d99934c71474809e72fa1a (patch) | |
| tree | 778b92b9b93a2137dd8b4dab3651185aae2b9129 /winsup/cygwin/security.h | |
| parent | 4163e9fbdb410867b4e5536ed02ac6fad938bb00 (diff) | |
* Makefile.in (DLL_OFILES): Add setlsapwd.o.
* cygserver.h (CYGWIN_SERVER_VERSION_API): Bump.
(request_code_t): Define CYGSERVER_REQUEST_SETPWD request type.
* cygserver_msg.h (client_request_msg::retval): Use default value of -1
for retval if msglen is 0.
* cygserver_sem.h (client_request_sem::retval): Ditto.
* cygserver_shm.h (client_request_shm::retval): Ditto.
* cygserver_setpwd.h: New file.
* external.cc (cygwin_internal): Implement new CW_SET_PRIV_KEY type.
* sec_auth.cc (open_local_policy): Make externally available.
Get ACCESS_MASK as argument.
(create_token): Accommodate change to open_local_policy.
(lsaauth): Ditto.
(lsaprivkeyauth): New function fetching token by retrieving
password stored in Cygwin or Interix LSA private data area and
calling LogonUser with it.
* security.h (lsaprivkeyauth): Declare.
(open_local_policy): Declare.
* setlsapwd.cc: New file implementing setting LSA private data password
using LsaStorePrivateData or by calling cygserver if available.
* syscalls.cc (seteuid32): Add workaround to get the original token
when switching back to the original privileged user, even if
setgroups group list is still active. Add long comment to explain why.
Call lsaprivkeyauth first, only if that fails call lsaauth or
create_token.
* include/cygwin/version.h: Bump API minor number.
* include/sys/cygwin.h (cygwin_getinfo_types): Add CW_SET_PRIV_KEY.
Diffstat (limited to 'winsup/cygwin/security.h')
| -rw-r--r-- | winsup/cygwin/security.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h index 27a2d0046..0f194bade 100644 --- a/winsup/cygwin/security.h +++ b/winsup/cygwin/security.h @@ -370,6 +370,8 @@ void __stdcall str2uni_cat (_UNICODE_STRING &, const char *) __attribute__ ((reg HANDLE create_token (cygsid &usersid, user_groups &groups, struct passwd * pw); /* LSA authentication function. */ HANDLE lsaauth (cygsid &, user_groups &, struct passwd *); +/* LSA private key storage authentication, same as when using service logons. */ +HANDLE lsaprivkeyauth (struct passwd *pw); /* Verify an existing token */ bool verify_token (HANDLE token, cygsid &usersid, user_groups &groups, bool *pintern = NULL); /* Get groups of a user */ @@ -380,6 +382,8 @@ void extract_nt_dom_user (const struct passwd *pw, PWCHAR domain, PWCHAR user); /* Get default logonserver for a domain. */ bool get_logon_server (PWCHAR domain, PWCHAR wserver, bool rediscovery); +HANDLE open_local_policy (ACCESS_MASK access); + /* sec_helper.cc: Security helper functions. */ int set_privilege (HANDLE token, DWORD privilege, bool enable); void set_cygwin_privileges (HANDLE token); |