From ba0131e10b2c1d16ba05cd4eaf570f94ee545f4b Mon Sep 17 00:00:00 2001
From: Robert Collins <rbtcollins@hotmail.com>
Date: Thu, 28 Feb 2002 12:53:33 +0000
Subject: Merged changes from HEAD

---
 winsup/cygwin/security.cc | 30 ++++++++++++++----------------
 1 file changed, 14 insertions(+), 16 deletions(-)

(limited to 'winsup/cygwin/security.cc')

diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index 6bacfdef0..b33360d1a 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -1,6 +1,6 @@
 /* security.cc: NT security functions
 
-   Copyright 1997, 1998, 1999, 2000, 2001 Red Hat, Inc.
+   Copyright 1997, 1998, 1999, 2000, 2001, 2002 Red Hat, Inc.
 
    Originaly written by Gunther Ebert, gunther.ebert@ixos-leipzig.de
    Completely rewritten by Corinna Vinschen <corinna@vinschen.de>
@@ -42,7 +42,6 @@ details. */
 #include "ntdll.h"
 #include "lm.h"
 
-
 extern BOOL allow_ntea;
 BOOL allow_ntsec;
 /* allow_smbntsec is handled exclusively in path.cc (path_conv::check).
@@ -451,7 +450,7 @@ get_user_primary_group (WCHAR *wlogonserver, const char *user,
 static int
 get_supplementary_group_sidlist (const char *username, cygsidlist &grp_list)
 {
-  struct group *gr;
+  struct __group16 *gr;
   int cnt = 0;
 
   for (int gidx = 0; (gr = internal_getgrent (gidx)); ++gidx)
@@ -710,7 +709,7 @@ create_token (cygsid &usersid, cygsid &pgrpsid)
     { sizeof sqos, SecurityImpersonation, SECURITY_STATIC_TRACKING, FALSE };
   OBJECT_ATTRIBUTES oa =
     { sizeof oa, 0, 0, 0, 0, &sqos };
-  SECURITY_ATTRIBUTES sa = { sizeof sa, NULL, TRUE };
+  char sa_buf[1024];
   LUID auth_luid = SYSTEM_LUID;
   LARGE_INTEGER exp = { QuadPart:0x7fffffffffffffffLL  };
 
@@ -727,7 +726,7 @@ create_token (cygsid &usersid, cygsid &pgrpsid)
   source.SourceIdentifier.HighPart = 0;
   source.SourceIdentifier.LowPart = 0x0101;
 
-  HANDLE token;
+  HANDLE token = INVALID_HANDLE_VALUE;
   HANDLE primary_token = INVALID_HANDLE_VALUE;
 
   HANDLE my_token = INVALID_HANDLE_VALUE;
@@ -827,9 +826,8 @@ create_token (cygsid &usersid, cygsid &pgrpsid)
     }
 
   /* Convert to primary token. */
-  if (!DuplicateTokenEx (token, TOKEN_ALL_ACCESS, &sa,
-			 SecurityImpersonation, TokenPrimary,
-			 &primary_token))
+  if (!DuplicateTokenEx (token, MAXIMUM_ALLOWED, sec_user (sa_buf, usersid),
+			 SecurityImpersonation, TokenPrimary, &primary_token))
     __seterrno ();
 
 out:
@@ -1087,7 +1085,7 @@ write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_size)
 
 static int
 get_nt_attribute (const char *file, int *attribute,
-		  uid_t *uidret, gid_t *gidret)
+		  __uid16_t *uidret, __gid16_t *gidret)
 {
   if (!wincap.has_security ())
     return 0;
@@ -1125,8 +1123,8 @@ get_nt_attribute (const char *file, int *attribute,
       return -1;
     }
 
-  uid_t uid = cygsid(owner_sid).get_uid ();
-  gid_t gid = cygsid(group_sid).get_gid ();
+  __uid16_t uid = cygsid(owner_sid).get_uid ();
+  __gid16_t gid = cygsid(group_sid).get_gid ();
   if (uidret)
     *uidret = uid;
   if (gidret)
@@ -1236,7 +1234,7 @@ get_nt_attribute (const char *file, int *attribute,
 
 int
 get_file_attribute (int use_ntsec, const char *file,
-		    int *attribute, uid_t *uidret, gid_t *gidret)
+		    int *attribute, __uid16_t *uidret, __gid16_t *gidret)
 {
   int res;
 
@@ -1307,7 +1305,7 @@ add_access_denied_ace (PACL acl, int offset, DWORD attributes,
 }
 
 PSECURITY_DESCRIPTOR
-alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
+alloc_sd (__uid16_t uid, __gid16_t gid, const char *logsrv, int attribute,
 	  PSECURITY_DESCRIPTOR sd_ret, DWORD *sd_size_ret)
 {
   BOOL dummy;
@@ -1335,7 +1333,7 @@ alloc_sd (uid_t uid, gid_t gid, const char *logsrv, int attribute,
 
   /* Get SID and name of new group. */
   cygsid group_sid (NO_SID);
-  struct group *grp = getgrgid (gid);
+  struct __group16 *grp = getgrgid (gid);
   if (grp)
     {
       if ((!grp || !group_sid.getfromgr (grp))
@@ -1576,7 +1574,7 @@ set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa,
 }
 
 static int
-set_nt_attribute (const char *file, uid_t uid, gid_t gid,
+set_nt_attribute (const char *file, __uid16_t uid, __gid16_t gid,
 		  const char *logsrv, int attribute)
 {
   if (!wincap.has_security ())
@@ -1602,7 +1600,7 @@ set_nt_attribute (const char *file, uid_t uid, gid_t gid,
 
 int
 set_file_attribute (int use_ntsec, const char *file,
-		    uid_t uid, gid_t gid,
+		    __uid16_t uid, __gid16_t gid,
 		    int attribute, const char *logsrv)
 {
   int ret = 0;
-- 
cgit v1.2.3