libs/newlib-cygwin
libs
/
newlib-cygwin
mirror of git://sourceware.org/git/newlib-cygwin.git
4
0
Fork 0
Code Issues Projects Releases Wiki Activity

* Makefile.in (LIBS): Re-add advapi32.dll. Explain why. 

* make-64bit-version-with-mingw-w64.sh (LIBS): Ditto.
	* cyglsa.c: Drop NTDLL function declarations.  Use equivalent advapi32
	functions again, throughout.
	* cyglsa64.dll: Regenerate.
This commit is contained in:
Corinna Vinschen 2012-05-29 12:46:01 +00:00
parent d610936513
commit 00ef94f338
5 changed files with 36 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
winsup/lsaauth/ChangeLog
View File

@ -1,3 +1,11 @@
2012-05-29 Corinna Vinschen <corinna@vinschen.de>
* Makefile.in (LIBS): Re-add advapi32.dll. Explain why.
* make-64bit-version-with-mingw-w64.sh (LIBS): Ditto.
* cyglsa.c: Drop NTDLL function declarations. Use equivalent advapi32
functions again, throughout.
* cyglsa64.dll: Regenerate.
2011-05-10 Corinna Vinschen <corinna@vinschen.de> 2011-05-10 Corinna Vinschen <corinna@vinschen.de>
* Makefile.in: Don't override CC. * Makefile.in: Don't override CC.

6
winsup/lsaauth/Makefile.in
View File

@ -41,7 +41,11 @@ ifdef MINGW_CC
override CC:=${MINGW_CC} override CC:=${MINGW_CC}
endif endif
LIBS := -lkernel32 -lntdll # Never again try to remove advapi32. It does not matter if the DLL calls
# advapi32 functions or the equivalent ntdll functions.
# But if the LSA authentication DLL is not linked against advapi32, it's
# not recognized by LSA.
LIBS := -ladvapi32 -lkernel32 -lntdll
DLL := cyglsa.dll DLL := cyglsa.dll
DEF_FILE:= cyglsa.def DEF_FILE:= cyglsa.def

46
winsup/lsaauth/cyglsa.c
View File

@ -1,6 +1,6 @@
/* cyglsa.c: LSA authentication module for Cygwin /* cyglsa.c: LSA authentication module for Cygwin
Copyright 2006, 2008, 2010, 2011 Red Hat, Inc. Copyright 2006, 2008, 2010, 2011, 2012 Red Hat, Inc.
Written by Corinna Vinschen <corinna@vinschen.de> Written by Corinna Vinschen <corinna@vinschen.de>
@ -41,13 +41,6 @@ DllMain (HINSTANCE inst, DWORD reason, LPVOID res)
#ifndef NT_SUCCESS #ifndef NT_SUCCESS
#define NT_SUCCESS(s) ((s) >= 0) #define NT_SUCCESS(s) ((s) >= 0)
#endif #endif
NTSTATUS NTAPI NtAllocateLocallyUniqueId (PLUID);
NTSTATUS NTAPI RtlCopySid (ULONG, PSID, PSID);
NTSTATUS NTAPI RtlGetAce (PACL, ULONG, PVOID *);
ULONG NTAPI RtlLengthSid (PSID);
PULONG NTAPI RtlSubAuthoritySid (PSID, ULONG);
PUCHAR NTAPI RtlSubAuthorityCountSid (PSID);
BOOLEAN NTAPI RtlValidSid (PSID);
/* These standard POSIX functions are implemented in NTDLL and exported. /* These standard POSIX functions are implemented in NTDLL and exported.
There's just no header to define them and using wchar.h from mingw There's just no header to define them and using wchar.h from mingw
or Cygwin seems wrong somehow. */ or Cygwin seems wrong somehow. */
@ -123,7 +116,7 @@ print_sid (const char *prefix, int idx, PISID sid)
cyglsa_printf ("NULL\n"); cyglsa_printf ("NULL\n");
else if (IsBadReadPtr (sid, 8)) else if (IsBadReadPtr (sid, 8))
cyglsa_printf ("INVALID POINTER\n"); cyglsa_printf ("INVALID POINTER\n");
else if (!RtlValidSid ((PSID) sid)) else if (!IsValidSid ((PSID) sid))
cyglsa_printf ("INVALID SID\n"); cyglsa_printf ("INVALID SID\n");
else if (IsBadReadPtr (sid, 8 + sizeof (DWORD) * sid->SubAuthorityCount)) else if (IsBadReadPtr (sid, 8 + sizeof (DWORD) * sid->SubAuthorityCount))
cyglsa_printf ("INVALID POINTER SPACE\n"); cyglsa_printf ("INVALID POINTER SPACE\n");
@ -203,11 +196,9 @@ print_dacl (PACL dacl)
{ {
PVOID vace; PVOID vace;
PACCESS_ALLOWED_ACE ace; PACCESS_ALLOWED_ACE ace;
NTSTATUS stat;
stat = RtlGetAce (dacl, i, &vace); if (!GetAce (dacl, i, &vace))
if (!NT_SUCCESS (stat)) cyglsa_printf ("[%lu] GetAce error %lu\n", i, GetLastError ());
cyglsa_printf ("[%lu] RtlGetAce status 0x%08lx\n", i, stat);
else else
{ {
ace = (PACCESS_ALLOWED_ACE) vace; ace = (PACCESS_ALLOWED_ACE) vace;
@ -503,8 +494,8 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
tokinf->ExpirationTime = authinf->inf.ExpirationTime; tokinf->ExpirationTime = authinf->inf.ExpirationTime;
/* User SID */ /* User SID */
src_sid = (PSID) (base + authinf->inf.User.User.Sid); src_sid = (PSID) (base + authinf->inf.User.User.Sid);
size = RtlLengthSid (src_sid); size = GetLengthSid (src_sid);
RtlCopySid (size, (PSID) tptr, src_sid); CopySid (size, (PSID) tptr, src_sid);
tokinf->User.User.Sid = (PSID) tptr; tokinf->User.User.Sid = (PSID) tptr;
tptr += size; tptr += size;
tokinf->User.User.Attributes = authinf->inf.User.User.Attributes; tokinf->User.User.Attributes = authinf->inf.User.User.Attributes;
@ -518,16 +509,16 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
for (i = 0; i < src_grps->GroupCount; ++i) for (i = 0; i < src_grps->GroupCount; ++i)
{ {
src_sid = (PSID) (base + src_grps->Groups[i].Sid); src_sid = (PSID) (base + src_grps->Groups[i].Sid);
size = RtlLengthSid (src_sid); size = GetLengthSid (src_sid);
RtlCopySid (size, (PSID) tptr, src_sid); CopySid (size, (PSID) tptr, src_sid);
tokinf->Groups->Groups[i].Sid = (PSID) tptr; tokinf->Groups->Groups[i].Sid = (PSID) tptr;
tptr += size; tptr += size;
tokinf->Groups->Groups[i].Attributes = src_grps->Groups[i].Attributes; tokinf->Groups->Groups[i].Attributes = src_grps->Groups[i].Attributes;
} }
/* Primary Group SID */ /* Primary Group SID */
src_sid = (PSID) (base + authinf->inf.PrimaryGroup.PrimaryGroup); src_sid = (PSID) (base + authinf->inf.PrimaryGroup.PrimaryGroup);
size = RtlLengthSid (src_sid); size = GetLengthSid (src_sid);
RtlCopySid (size, (PSID) tptr, src_sid); CopySid (size, (PSID) tptr, src_sid);
tokinf->PrimaryGroup.PrimaryGroup = (PSID) tptr; tokinf->PrimaryGroup.PrimaryGroup = (PSID) tptr;
tptr += size; tptr += size;
/* Privileges */ /* Privileges */
@ -554,8 +545,7 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
not done in the 64 bit code above for hopefully obvious reasons... */ not done in the 64 bit code above for hopefully obvious reasons... */
LUID logon_sid_id; LUID logon_sid_id;
if (must_create_logon_sid if (must_create_logon_sid && !AllocateLocallyUniqueId (&logon_sid_id))
&& !NT_SUCCESS (NtAllocateLocallyUniqueId (&logon_sid_id)))
return STATUS_INSUFFICIENT_RESOURCES; return STATUS_INSUFFICIENT_RESOURCES;
if (!(tokinf = funcs->AllocateLsaHeap (authinf->inf_size))) if (!(tokinf = funcs->AllocateLsaHeap (authinf->inf_size)))
@ -575,13 +565,13 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
((PBYTE) tokinf + (LONG_PTR) tokinf->Groups->Groups[i].Sid); ((PBYTE) tokinf + (LONG_PTR) tokinf->Groups->Groups[i].Sid);
if (must_create_logon_sid if (must_create_logon_sid
&& tokinf->Groups->Groups[i].Attributes & SE_GROUP_LOGON_ID && tokinf->Groups->Groups[i].Attributes & SE_GROUP_LOGON_ID
&& *RtlSubAuthorityCountSid (tokinf->Groups->Groups[i].Sid) == 3 && *GetSidSubAuthorityCount (tokinf->Groups->Groups[i].Sid) == 3
&& *RtlSubAuthoritySid (tokinf->Groups->Groups[i].Sid, 0) && *GetSidSubAuthority (tokinf->Groups->Groups[i].Sid, 0)
== SECURITY_LOGON_IDS_RID) == SECURITY_LOGON_IDS_RID)
{ {
*RtlSubAuthoritySid (tokinf->Groups->Groups[i].Sid, 1) *GetSidSubAuthority (tokinf->Groups->Groups[i].Sid, 1)
= logon_sid_id.HighPart; = logon_sid_id.HighPart;
*RtlSubAuthoritySid (tokinf->Groups->Groups[i].Sid, 2) *GetSidSubAuthority (tokinf->Groups->Groups[i].Sid, 2)
= logon_sid_id.LowPart; = logon_sid_id.LowPart;
} }
} }
@ -608,12 +598,12 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
(PVOID)((LONG_PTR) &authinf->inf + authinf->inf_size)); (PVOID)((LONG_PTR) &authinf->inf + authinf->inf_size));
/* Create logon session. */ /* Create logon session. */
stat = NtAllocateLocallyUniqueId (logon_id); if (!AllocateLocallyUniqueId (logon_id))
if (!NT_SUCCESS (stat))
{ {
funcs->FreeLsaHeap (*tok); funcs->FreeLsaHeap (*tok);
*tok = NULL; *tok = NULL;
cyglsa_printf ("NtAllocateLocallyUniqueId status 0x%08lx\n", stat); cyglsa_printf ("AllocateLocallyUniqueId failed: Win32 error %lu\n",
GetLastError ());
return STATUS_INSUFFICIENT_RESOURCES; return STATUS_INSUFFICIENT_RESOURCES;
} }
stat = funcs->CreateLogonSession (logon_id); stat = funcs->CreateLogonSession (logon_id);

BIN
winsup/lsaauth/cyglsa64.dll
View File

Binary file not shown.

6
winsup/lsaauth/make-64bit-version-with-mingw-w64.sh
View File

@ -20,6 +20,10 @@ set -e
CC="x86_64-w64-mingw32-gcc" CC="x86_64-w64-mingw32-gcc"
CFLAGS="-fno-exceptions -O0 -Wall -Werror" CFLAGS="-fno-exceptions -O0 -Wall -Werror"
LDFLAGS="-s -nostdlib -Wl,--entry,DllMain,--major-os-version,5,--minor-os-version,2" LDFLAGS="-s -nostdlib -Wl,--entry,DllMain,--major-os-version,5,--minor-os-version,2"
LIBS="-lkernel32 -lntdll" # Never again try to remove advapi32. It does not matter if the DLL calls
# advapi32 functions or the equivalent ntdll functions.
# But if the LSA authentication DLL is not linked against advapi32, it's
# not recognized by LSA.
LIBS="-ladvapi32 -lkernel32 -lntdll"
$CC $CFLAGS $LDFLAGS -shared -o cyglsa64.dll cyglsa.c cyglsa64.def $LIBS $CC $CFLAGS $LDFLAGS -shared -o cyglsa64.dll cyglsa.c cyglsa64.def $LIBS