libs/newlib-cygwin
libs/newlib-cygwin
4
0
Fork 0
mirror of git://sourceware.org/git/newlib-cygwin.git synced 2025-02-01 03:50:28 +08:00
Code Issues Projects Releases Wiki Activity

Cygwin: Remove lsaauth

Browse Source 
Remove lsaauth, not built since 2741dd05.
This commit is contained in:
Jon Turney 2020-10-12 14:47:22 +01:00
parent 3662877f31
commit 161cd505e5
No known key found for this signature in database
GPG Key ID: C7C86F0370285C81
8 changed files with 0 additions and 5001 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
winsup/Makefile.in
View File

@ -122,5 +122,3 @@ install_utils: cygwin
install_cygwin:
install_cygserver: cygwin
lsaauth:

94
winsup/lsaauth/Makefile.in
View File

@ -1,94 +0,0 @@
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# A copy of the GNU General Public License can be found at
# http://www.gnu.org/
#
# Written by Corinna Vinschen <vinschen@redhat.de>
#
# Makefile for Cygwin subauthentication DLL.
SHELL := @SHELL@
srcdir := @srcdir@
VPATH := @srcdir@
prefix := @prefix@
exec_prefix := @exec_prefix@
bindir := @bindir@
etcdir := $(exec_prefix)/etc
INSTALL := @INSTALL@
INSTALL_PROGRAM := @INSTALL_PROGRAM@
INSTALL_DATA := @INSTALL_DATA@
CC := @CC@
CC_FOR_TARGET := $(CC)
MINGW32_CC := @MINGW32_CC@
MINGW64_CC := @MINGW64_CC@
CFLAGS := @CFLAGS@
include $(srcdir)/../Makefile.common
target_cpu:=@target_cpu@
WIN32_INCLUDES := -I. -I$(srcdir)
WIN32_CFLAGS := $(CFLAGS) $(WIN32_INCLUDES)
WIN32_LDFLAGS := $(CFLAGS) -nostdlib -Wl,-shared
# Never again try to remove advapi32. It does not matter if the DLL calls
# advapi32 functions or the equivalent ntdll functions.
# But if the LSA authentication DLL is not linked against advapi32, it's
# not recognized by LSA.
LIBS := -ladvapi32 -lkernel32 -lntdll
ifneq ($(target_cpu),x86_64)
DLL32 := cyglsa.dll
DEF32 := cyglsa.def
OBJ32 := cyglsa.o
endif
DLL64 := cyglsa64.dll
DEF64 := cyglsa64.def
OBJ64 := cyglsa64.o
.SUFFIXES:
.NOEXPORT:
all: Makefile $(DLL32) $(DLL64)
$(DEF32): cyglsa.din config.status
$(SHELL) config.status
$(DLL32): $(OBJ32) $(DEF32)
$(MINGW32_CC) -s $(WIN32_LDFLAGS) -e _DllMain@12 -o $@ $^ $(LIBS)
$(OBJ32): cyglsa.c
$(MINGW32_CC) $(WIN32_CFLAGS) -c -o $@ $<
$(DLL64): $(OBJ64) $(DEF64)
$(MINGW64_CC) -s $(WIN32_LDFLAGS) -e DllMain -o $@ $^ $(LIBS)
$(OBJ64): cyglsa.c
$(MINGW64_CC) $(WIN32_CFLAGS) -c -o $@ $<
.PHONY: all install clean realclean
realclean: clean
rm -f Makefile config.cache
clean:
rm -f *.o *.dll cyglsa.def
install: all
/bin/mkdir -p $(DESTDIR)$(bindir)
ifneq ($(target_cpu),x86_64)
$(INSTALL_PROGRAM) $(DLL32) $(DESTDIR)$(bindir)/$(DLL32)
endif
$(INSTALL_PROGRAM) $(DLL64) $(DESTDIR)$(bindir)/$(DLL64)
$(INSTALL_PROGRAM) $(srcdir)/cyglsa-config $(DESTDIR)$(bindir)/cyglsa-config

4130
winsup/lsaauth/configure vendored
View File

File diff suppressed because it is too large Load Diff

38
winsup/lsaauth/configure.ac
View File

@ -1,38 +0,0 @@
dnl Autoconf configure script for Cygwin utilities.
dnl
dnl This file is part of Cygwin.
dnl
dnl This software is a copyrighted work licensed under the terms of the
dnl Cygwin license. Please consult the file "CYGWIN_LICENSE" for
dnl details.
dnl
dnl Written by Christopher Faylor <cgf@redhat.com>
dnl Changed for lsa subdir by Corinna Vinschen <corinna@vinschen.de>
dnl Process this file with autoconf to produce a configure script.
AC_PREREQ([2.59])
AC_INIT([Cygwin Lsaauth],[0],[cygwin@cygwin.com],[cygwin],[https://cygwin.com])
AC_CONFIG_SRCDIR(Makefile.in)
AC_CONFIG_AUX_DIR(../..)
AC_NO_EXECUTABLES
AC_CANONICAL_TARGET
AC_PROG_CC
case "$target_cpu" in
i?86)
AC_CHECK_PROGS(MINGW32_CC, i686-w64-mingw32-gcc)
test -z "$MINGW32_CC" && AC_MSG_ERROR([no acceptable mingw32 cc found in \$PATH])
;;
esac
AC_CHECK_PROGS(MINGW64_CC, x86_64-w64-mingw32-gcc)
test -z "$MINGW64_CC" && AC_MSG_ERROR([no acceptable mingw64 cc found in \$PATH])
AC_PROG_INSTALL
AC_CONFIG_FILES([Makefile cyglsa.def:cyglsa.din])
AC_OUTPUT

121
winsup/lsaauth/cyglsa-config
View File

@ -1,121 +0,0 @@
#!/bin/bash
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# A copy of the GNU General Public License can be found at
# http://www.gnu.org/
#
# This file is part of the Cygwin LSA authentication package.
request()
{
if [ "${auto_answer}" = "yes" ]
then
echo "$1 (yes/no) yes"
return 0
elif [ "${auto_answer}" = "no" ]
then
echo "$1 (yes/no) no"
return 1
fi
answer=""
while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ]
do
echo -n "$1 (yes/no) "
read -e answer
done
if [ "X${answer}" = "Xyes" ]
then
return 0
else
return 1
fi
}
# Check if running under at least Windows 2000
_nt_too_old=`uname | awk -F- '{print ( $2 < 5.0 ) ? 1 : 0;}'`
if [ ${_nt_too_old} -eq 1 ]
then
echo "Cygwin LSA authentication not supported on Windows NT4 or older. Exiting."
exit 1
fi
# Directory in which cyglsa DLL is installed as DOS path.
bindir=`cygpath -w /`\\bin
# Check if we're running on 64 bit Windows. If so, we need the 64 bit
# cyglsa DLL.
dll=cyglsa.dll
test -d `cygpath -p ${SYSTEMROOT}`/SysWOW64 && dll=cyglsa64.dll
# Check if the DLL is actually installed. If not, bail out.
if [ ! -f /bin/${dll} ]
then
echo "Required Cygwin authentication DLL /bin/${dll} doesn't exist. Exiting."
exit 1
fi
echo
echo "Warning: Registering the Cygwin LSA authentication package requires"
echo "administrator privileges! You also have to reboot the machine to"
echo "activate the change."
echo
request "Are you sure you want to continue?" || exit 0
# The registry value which keeps the authentication packages.
value='/HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Lsa/Authentication Packages'
[ -f /bin/cyglsa -a ! -d /bin/cyglsa ] && rm -rf /bin/cyglsa
if [ ! -d /bin/cyglsa ]
then
if ! mkdir -m 755 /bin/cyglsa
then
echo "Creating the /bin/cyglsa directory failed. Exiting."
exit 1
fi
fi
if ! cp -b "/bin/${dll}" "/bin/cyglsa/${dll}"
then
echo "Copying the new LSA authentication package /bin/${dll} to"
echo "/bin/cyglsa/${dll} failed. Exiting."
exit 1
fi
# Get old content, remove every trace of "cyglsa" from it and write the
# content back to the registry with the new, correct path to the cyglsa DLL.
old=`regtool get "${value}"`
new=`for i in ${old}
do
echo $i | GREP_OPTIONS="" grep -v cyglsa
done`
if ! regtool set "${value}" ${new} "${bindir}\\cyglsa\\${dll}"
then
echo "Setting the new registry value failed. Exiting."
exit 1
fi
echo
echo "Cygwin LSA authentication package registered."
echo
echo "Activating Cygwin's LSA authentication package requires to reboot."
if [ -x /bin/shutdown ]
then
if request "Do you want to do this immediately?"
then
echo
echo "Other users might still be working on this machine."
echo
if request "Are you sure?"
then
echo
echo "Ok, will reboot in 30 seconds."
echo
echo "If you change your mind, call 'shutdown -a' within 30 seconds"
shutdown -r 30
fi
fi
fi

598
winsup/lsaauth/cyglsa.c
View File

@ -1,598 +0,0 @@
/* cyglsa.c: LSA authentication module for Cygwin
Written by Corinna Vinschen <corinna@vinschen.de>
This file is part of Cygwin.
This software is a copyrighted work licensed under the terms of the
Cygwin license. Please consult the file "CYGWIN_LICENSE" for details. */
#define WINVER 0x0600
#include <ntstatus.h>
#include <windows.h>
#include <wininet.h>
#include <lmcons.h>
#include <iptypes.h>
#include <ntsecapi.h>
#include "../cygwin/cyglsa.h"
#include "../cygwin/include/cygwin/version.h"
static PLSA_SECPKG_FUNCS funcs;
BOOL APIENTRY
DllMain (HINSTANCE inst, DWORD reason, LPVOID res)
{
switch (reason)
{
case DLL_PROCESS_ATTACH:
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
/* Declare NTDLL functions here to avoid problems with different
header file layout in different compiler environments. */
#ifndef NT_SUCCESS
#define NT_SUCCESS(s) ((s) >= 0)
#endif
/* These standard POSIX functions are implemented in NTDLL and exported.
There's just no header to define them and using wchar.h from mingw
or Cygwin seems wrong somehow. */
wchar_t *__cdecl wcscpy (wchar_t *, const wchar_t *);
size_t __cdecl wcslen (const wchar_t *);
#ifndef RtlInitEmptyUnicodeString
__inline VOID NTAPI
RtlInitEmptyUnicodeString(PUNICODE_STRING dest, PCWSTR buf, USHORT len)
{
dest->Length = 0;
dest->MaximumLength = len;
dest->Buffer = (PWSTR) buf;
}
#endif
static PUNICODE_STRING
uni_alloc (PWCHAR src, USHORT len)
{
PUNICODE_STRING tgt;
if (!(tgt = funcs->AllocateLsaHeap (sizeof (UNICODE_STRING))))
return NULL;
tgt->Length = len * sizeof (WCHAR);
tgt->MaximumLength = tgt->Length + sizeof (WCHAR);
if (!(tgt->Buffer = funcs->AllocateLsaHeap (tgt->MaximumLength)))
{
funcs->FreeLsaHeap (tgt);
return NULL;
}
wcscpy (tgt->Buffer, src);
return tgt;
}
/* No, I don't want to include stdio.h so I take what ntdll offers. */
extern int _vsnprintf (char *, size_t, const char *, va_list);
static HANDLE fh = INVALID_HANDLE_VALUE;
static int
cyglsa_printf (const char *format, ...)
{
char buf[256];
DWORD wr;
int ret;
va_list ap;
if (fh == INVALID_HANDLE_VALUE)
return 0;
va_start (ap, format);
ret = _vsnprintf (buf, 256, format, ap);
va_end (ap);
if (ret <= 0)
return ret;
if (ret > 256)
ret = 255;
buf[255] = '\0';
WriteFile (fh, buf, ret, &wr, NULL);
return wr;
}
static void
print_sid (const char *prefix, int idx, PISID sid)
{
DWORD i;
cyglsa_printf ("%s", prefix);
if (idx >= 0)
cyglsa_printf ("[%d] ", idx);
cyglsa_printf ("(0x%08x) ", (INT_PTR) sid);
if (!sid)
cyglsa_printf ("NULL\n");
else if (IsBadReadPtr (sid, 8))
cyglsa_printf ("INVALID POINTER\n");
else if (!IsValidSid ((PSID) sid))
cyglsa_printf ("INVALID SID\n");
else if (IsBadReadPtr (sid, 8 + sizeof (DWORD) * sid->SubAuthorityCount))
cyglsa_printf ("INVALID POINTER SPACE\n");
else
{
cyglsa_printf ("S-%d-%d", sid->Revision, sid->IdentifierAuthority.Value[5]);
for (i = 0; i < sid->SubAuthorityCount; ++i)
cyglsa_printf ("-%lu", sid->SubAuthority[i]);
cyglsa_printf ("\n");
}
}
static void
print_groups (PTOKEN_GROUPS grps)
{
DWORD i;
cyglsa_printf ("Groups: (0x%08x) ", (INT_PTR) grps);
if (!grps)
cyglsa_printf ("NULL\n");
else if (IsBadReadPtr (grps, sizeof (DWORD)))
cyglsa_printf ("INVALID POINTER\n");
else if (IsBadReadPtr (grps, sizeof (DWORD) + sizeof (SID_AND_ATTRIBUTES)
* grps->GroupCount))
cyglsa_printf ("INVALID POINTER SPACE\n");
else
{
cyglsa_printf ("Count: %lu\n", grps->GroupCount);
for (i = 0; i < grps->GroupCount; ++i)
{
cyglsa_printf ("(attr: 0x%lx)", grps->Groups[i].Attributes);
print_sid (" ", i, (PISID) grps->Groups[i].Sid);
}
}
}
static void
print_privs (PTOKEN_PRIVILEGES privs)
{
DWORD i;
cyglsa_printf ("Privileges: (0x%08x) ", (INT_PTR) privs);
if (!privs)
cyglsa_printf ("NULL\n");
else if (IsBadReadPtr (privs, sizeof (DWORD)))
cyglsa_printf ("INVALID POINTER\n");
else if (IsBadReadPtr (privs, sizeof (DWORD) + sizeof (LUID_AND_ATTRIBUTES)
* privs->PrivilegeCount))
cyglsa_printf ("INVALID POINTER SPACE\n");
else
{
cyglsa_printf ("Count: %lu\n", privs->PrivilegeCount);
for (i = 0; i < privs->PrivilegeCount; ++i)
cyglsa_printf ("Luid: {%ld, %lu} Attributes: 0x%lx\n",
privs->Privileges[i].Luid.HighPart,
privs->Privileges[i].Luid.LowPart,
privs->Privileges[i].Attributes);
}
}
static void
print_dacl (PACL dacl)
{
DWORD i;
cyglsa_printf ("DefaultDacl: (0x%08x) ", (INT_PTR) dacl);
if (!dacl)
cyglsa_printf ("NULL\n");
else if (IsBadReadPtr (dacl, sizeof (ACL)))
cyglsa_printf ("INVALID POINTER\n");
else if (IsBadReadPtr (dacl, dacl->AclSize))
cyglsa_printf ("INVALID POINTER SPACE\n");
else
{
cyglsa_printf ("Rev: %d, Count: %d\n", dacl->AclRevision, dacl->AceCount);
for (i = 0; i < dacl->AceCount; ++i)
{
PVOID vace;
PACCESS_ALLOWED_ACE ace;
if (!GetAce (dacl, i, &vace))
cyglsa_printf ("[%lu] GetAce error %lu\n", i, GetLastError ());
else
{
ace = (PACCESS_ALLOWED_ACE) vace;
cyglsa_printf ("Type: %x, Flags: %x, Access: %lx,",
ace->Header.AceType, ace->Header.AceFlags, (DWORD) ace->Mask);
print_sid (" ", i, (PISID) &ace->SidStart);
}
}
}
}
static void
print_tokinf (PLSA_TOKEN_INFORMATION_V2 ptok, size_t size,
PVOID got_start, PVOID gotinf_start, PVOID gotinf_end)
{
if (fh == INVALID_HANDLE_VALUE)
return;
cyglsa_printf ("INCOMING: start: 0x%08x infstart: 0x%08x infend: 0x%08x\n",
(INT_PTR) got_start, (INT_PTR) gotinf_start,
(INT_PTR) gotinf_end);
cyglsa_printf ("LSA_TOKEN_INFORMATION_V2: 0x%08x - 0x%08x\n",
(INT_PTR) ptok, (INT_PTR) ptok + size);
/* User SID */
cyglsa_printf ("User: (attr: 0x%lx)", ptok->User.User.Attributes);
print_sid (" ", -1, (PISID) ptok->User.User.Sid);
/* Groups */
print_groups (ptok->Groups);
/* Primary Group SID */
print_sid ("Primary Group: ", -1, (PISID)ptok->PrimaryGroup.PrimaryGroup);
/* Privileges */
print_privs (ptok->Privileges);
/* Owner */
print_sid ("Owner: ", -1, (PISID) ptok->Owner.Owner);
/* Default DACL */
print_dacl (ptok->DefaultDacl.DefaultDacl);
// CloseHandle (fh);
}
NTSTATUS NTAPI
LsaApInitializePackage (ULONG authp_id, PLSA_SECPKG_FUNCS dpt,
PLSA_STRING dummy1, PLSA_STRING dummy2,
PLSA_STRING *authp_name)
{
PLSA_STRING name = NULL;
/* Set global pointer to lsa helper function table. */
funcs = dpt;
/* Allocate and set the name of the authentication package. This is the
name which has to be used in LsaLookupAuthenticationPackage. */
if (!(name = funcs->AllocateLsaHeap (sizeof *name)))
return STATUS_NO_MEMORY;
if (!(name->Buffer = funcs->AllocateLsaHeap (sizeof (CYG_LSA_PKGNAME))))
{
funcs->FreeLsaHeap (name);
return STATUS_NO_MEMORY;
}
name->Length = sizeof (CYG_LSA_PKGNAME) - 1;
name->MaximumLength = sizeof (CYG_LSA_PKGNAME);
strcpy (name->Buffer, CYG_LSA_PKGNAME);
(*authp_name) = name;
#ifdef DEBUGGING
fh = CreateFile ("C:\\cyglsa.dbgout", GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
cyglsa_printf ("Initialized\n");
#endif /* DEBUGGING */
return STATUS_SUCCESS;
}
NTSTATUS NTAPI
LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type,
PVOID auth, PVOID client_auth_base, ULONG auth_len,
PVOID *pbuf, PULONG pbuf_len, PLUID logon_id,
PNTSTATUS sub_stat, PLSA_TOKEN_INFORMATION_TYPE tok_type,
PVOID *tok, PUNICODE_STRING *account,
PUNICODE_STRING *authority, PUNICODE_STRING *machine)
{
DWORD checksum, i;
PDWORD csp, csp_end;
NTSTATUS stat;
SECPKG_CLIENT_INFO clinf;
PLSA_TOKEN_INFORMATION_V2 tokinf;
cyglsa_t *authinf = (cyglsa_t *) auth;
/* Check if the caller has the SeTcbPrivilege, otherwise refuse service. */
stat = funcs->GetClientInfo (&clinf);
if (stat != STATUS_SUCCESS)
{
cyglsa_printf ("GetClientInfo failed: 0x%08lx\n", stat);
return stat;
}
if (!clinf.HasTcbPrivilege)
{
cyglsa_printf ("Client has no TCB privilege. Access denied.\n");
return STATUS_ACCESS_DENIED;
}
/* Make a couple of validity checks. */
if (auth_len < sizeof *authinf
|| authinf->magic != CYG_LSA_MAGIC
|| !authinf->username[0]
|| !authinf->domain[0])
{
cyglsa_printf ("Invalid authentication parameter.\n");
return STATUS_INVALID_PARAMETER;
}
checksum = CYG_LSA_MAGIC;
csp = (PDWORD) &authinf->username;
csp_end = (PDWORD) ((PBYTE) authinf + auth_len);
while (csp < csp_end)
checksum += *csp++;
if (authinf->checksum != checksum)
{
cyglsa_printf ("Invalid checksum.\n");
return STATUS_INVALID_PARAMETER_3;
}
/* Set account to username and authority to domain resp. machine name.
The name of the logon account name as returned by LookupAccountSid
is created from here as "authority\account". */
authinf->username[UNLEN] = '\0';
authinf->domain[MAX_DOMAIN_NAME_LEN] = '\0';
if (account && !(*account = uni_alloc (authinf->username,
wcslen (authinf->username))))
{
cyglsa_printf ("No memory trying to create account.\n");
return STATUS_NO_MEMORY;
}
if (authority && !(*authority = uni_alloc (authinf->domain,
wcslen (authinf->domain))))
{
cyglsa_printf ("No memory trying to create authority.\n");
return STATUS_NO_MEMORY;
}
if (machine)
{
WCHAR mach[MAX_COMPUTERNAME_LENGTH + 1];
DWORD msize = MAX_COMPUTERNAME_LENGTH + 1;
if (!GetComputerNameW (mach, &msize))
wcscpy (mach, L"UNKNOWN");
if (!(*machine = uni_alloc (mach, wcslen (mach))))
{
cyglsa_printf ("No memory trying to create machine.\n");
return STATUS_NO_MEMORY;
}
}
/* Create a fake buffer in pbuf which is free'd again in the client.
Windows 2000 tends to crash when setting this pointer to NULL. */
if (pbuf)
{
#ifdef JUST_ANOTHER_NONWORKING_SOLUTION
cygprf_t prf;
WCHAR sam_username[MAX_DOMAIN_NAME_LEN + UNLEN + 2];
SECURITY_STRING sam_user, prefix;
PUCHAR user_auth;
ULONG user_auth_size;
WCHAR flatname[UNLEN + 1];
UNICODE_STRING flatnm;
TOKEN_SOURCE ts;
HANDLE token;
#endif /* JUST_ANOTHER_NONWORKING_SOLUTION */
stat = funcs->AllocateClientBuffer (request, 64UL, pbuf);
if (!LSA_SUCCESS (stat))
{
cyglsa_printf ("AllocateClientBuffer failed: 0x%08lx\n", stat);
return stat;
}
#ifdef JUST_ANOTHER_NONWORKING_SOLUTION
prf.magic_pre = MAGIC_PRE;
prf.token = NULL;
prf.magic_post = MAGIC_POST;
#if 0
/* That's how it was supposed to work according to MSDN... */
wcscpy (sam_username, authinf->domain);
wcscat (sam_username, L"\\");
wcscat (sam_username, authinf->username);
#else
/* That's the only solution which worked, and then it only worked
for machine local accounts. No domain authentication possible.
STATUS_NO_SUCH_USER galore! */
wcscpy (sam_username, authinf->username);
#endif
RtlInitUnicodeString (&sam_user, sam_username);
RtlInitUnicodeString (&prefix, L"");
RtlInitEmptyUnicodeString (&flatnm, flatname,
(UNLEN + 1) * sizeof (WCHAR));
stat = funcs->GetAuthDataForUser (&sam_user, SecNameSamCompatible,
NULL, &user_auth,
&user_auth_size, &flatnm);
if (!NT_SUCCESS (stat))
{
char sam_u[MAX_DOMAIN_NAME_LEN + UNLEN + 2];
wcstombs (sam_u, sam_user.Buffer, sizeof (sam_u));
cyglsa_printf ("GetAuthDataForUser (%u,%u,%s) failed: 0x%08lx\n",
sam_user.Length, sam_user.MaximumLength, sam_u, stat);
return stat;
}
memcpy (ts.SourceName, "Cygwin.1", 8);
ts.SourceIdentifier.HighPart = 0;
ts.SourceIdentifier.LowPart = 0x0104;
RtlInitEmptyUnicodeString (&flatnm, flatname,
(UNLEN + 1) * sizeof (WCHAR));
stat = funcs->ConvertAuthDataToToken (user_auth, user_auth_size,
SecurityDelegation, &ts,
Interactive, *authority,
&token, logon_id, &flatnm,
sub_stat);
if (!NT_SUCCESS (stat))
{
cyglsa_printf ("ConvertAuthDataToToken failed: 0x%08lx\n", stat);
return stat;
}
stat = funcs->DuplicateHandle (token, &prf.token);
if (!NT_SUCCESS (stat))
{
cyglsa_printf ("DuplicateHandle failed: 0x%08lx\n", stat);
return stat;
}
stat = funcs->CopyToClientBuffer (request, sizeof prf, *pbuf, &prf);
if (!NT_SUCCESS (stat))
{
cyglsa_printf ("CopyToClientBuffer failed: 0x%08lx\n", stat);
return stat;
}
funcs->FreeLsaHeap (user_auth);
#endif /* JUST_ANOTHER_NONWORKING_SOLUTION */
}
if (pbuf_len)
*pbuf_len = 64UL;
/* A PLSA_TOKEN_INFORMATION_V2 is allocated in one piece, so... */
#if defined (__x86_64__) || defined (_M_AMD64)
{
/* ...on 64 bit systems we have to convert the incoming 32 bit offsets
into 64 bit pointers. That requires to re-evaluate the size of the
outgoing tokinf structure and a somewhat awkward procedure to copy
the information over. */
LONG_PTR base;
PBYTE tptr;
DWORD size, newsize;
PSID src_sid;
PCYG_TOKEN_GROUPS src_grps;
PTOKEN_GROUPS grps;
PTOKEN_PRIVILEGES src_privs;
PACL src_acl;
base = (LONG_PTR) &authinf->inf;
newsize = authinf->inf_size;
newsize += sizeof (TOKEN_USER) - sizeof (CYG_TOKEN_USER); /* User SID */
newsize += sizeof (PTOKEN_GROUPS) - sizeof (OFFSET); /* Groups */
src_grps = (PCYG_TOKEN_GROUPS) (base + authinf->inf.Groups);
newsize += src_grps->GroupCount /* Group SIDs */
* (sizeof (SID_AND_ATTRIBUTES)
- sizeof (CYG_SID_AND_ATTRIBUTES));
newsize += sizeof (PSID) - sizeof (OFFSET); /* Primary Group SID */
newsize += sizeof (PTOKEN_PRIVILEGES) - sizeof (OFFSET); /* Privileges */
newsize += 0; /* Owner SID */
newsize += sizeof (PACL) - sizeof (OFFSET); /* Default DACL */
if (!(tokinf = funcs->AllocateLsaHeap (newsize)))
return STATUS_NO_MEMORY;
tptr = (PBYTE)(tokinf + 1);
tokinf->ExpirationTime = authinf->inf.ExpirationTime;
/* User SID */
src_sid = (PSID) (base + authinf->inf.User.User.Sid);
size = GetLengthSid (src_sid);
CopySid (size, (PSID) tptr, src_sid);
tokinf->User.User.Sid = (PSID) tptr;
tptr += size;
tokinf->User.User.Attributes = authinf->inf.User.User.Attributes;
/* Groups */
grps = (PTOKEN_GROUPS) tptr;
tokinf->Groups = grps;
grps->GroupCount = src_grps->GroupCount;
tptr += sizeof grps->GroupCount
+ grps->GroupCount * sizeof (SID_AND_ATTRIBUTES);
/* Group SIDs */
for (i = 0; i < src_grps->GroupCount; ++i)
{
src_sid = (PSID) (base + src_grps->Groups[i].Sid);
size = GetLengthSid (src_sid);
CopySid (size, (PSID) tptr, src_sid);
tokinf->Groups->Groups[i].Sid = (PSID) tptr;
tptr += size;
tokinf->Groups->Groups[i].Attributes = src_grps->Groups[i].Attributes;
}
/* Primary Group SID */
src_sid = (PSID) (base + authinf->inf.PrimaryGroup.PrimaryGroup);
size = GetLengthSid (src_sid);
CopySid (size, (PSID) tptr, src_sid);
tokinf->PrimaryGroup.PrimaryGroup = (PSID) tptr;
tptr += size;
/* Privileges */
src_privs = (PTOKEN_PRIVILEGES) (base + authinf->inf.Privileges);
size = sizeof src_privs->PrivilegeCount
+ src_privs->PrivilegeCount * sizeof (LUID_AND_ATTRIBUTES);
memcpy (tptr, src_privs, size);
tokinf->Privileges = (PTOKEN_PRIVILEGES) tptr;
tptr += size;
/* Owner */
tokinf->Owner.Owner = NULL;
/* Default DACL */
src_acl = (PACL) (base + authinf->inf.DefaultDacl.DefaultDacl);
size = src_acl->AclSize;
memcpy (tptr, src_acl, size);
tokinf->DefaultDacl.DefaultDacl = (PACL) tptr;
}
#else
{
/* ...on 32 bit systems we just allocate tokinf with the same size as
we get, copy the whole structure and convert offsets into pointers. */
if (!(tokinf = funcs->AllocateLsaHeap (authinf->inf_size)))
return STATUS_NO_MEMORY;
memcpy (tokinf, &authinf->inf, authinf->inf_size);
/* User SID */
tokinf->User.User.Sid = (PSID)
((PBYTE) tokinf + (LONG_PTR) tokinf->User.User.Sid);
/* Groups */
tokinf->Groups = (PTOKEN_GROUPS)
((PBYTE) tokinf + (LONG_PTR) tokinf->Groups);
/* Group SIDs */
for (i = 0; i < tokinf->Groups->GroupCount; ++i)
tokinf->Groups->Groups[i].Sid = (PSID)
((PBYTE) tokinf + (LONG_PTR) tokinf->Groups->Groups[i].Sid);
/* Primary Group SID */
tokinf->PrimaryGroup.PrimaryGroup = (PSID)
((PBYTE) tokinf + (LONG_PTR) tokinf->PrimaryGroup.PrimaryGroup);
/* Privileges */
tokinf->Privileges = (PTOKEN_PRIVILEGES)
((PBYTE) tokinf + (LONG_PTR) tokinf->Privileges);
/* Owner SID */
tokinf->Owner.Owner = NULL;
/* Default DACL */
tokinf->DefaultDacl.DefaultDacl = (PACL)
((PBYTE) tokinf + (LONG_PTR) tokinf->DefaultDacl.DefaultDacl);
}
#endif
*tok = (PVOID) tokinf;
*tok_type = LsaTokenInformationV2;
print_tokinf (tokinf, authinf->inf_size, authinf, &authinf->inf,
(PVOID)((LONG_PTR) &authinf->inf + authinf->inf_size));
/* Create logon session. */
if (!AllocateLocallyUniqueId (logon_id))
{
funcs->FreeLsaHeap (*tok);
*tok = NULL;
cyglsa_printf ("AllocateLocallyUniqueId failed: Win32 error %lu\n",
GetLastError ());
return STATUS_INSUFFICIENT_RESOURCES;
}
stat = funcs->CreateLogonSession (logon_id);
if (stat != STATUS_SUCCESS)
{
funcs->FreeLsaHeap (*tok);
*tok = NULL;
cyglsa_printf ("CreateLogonSession failed: 0x%08lx\n", stat);
return stat;
}
cyglsa_printf ("BINGO!!!\n", stat);
return STATUS_SUCCESS;
}
VOID NTAPI
LsaApLogonTerminated(PLUID LogonId)
{
}
NTSTATUS NTAPI
LsaApCallPackage (PLSA_CLIENT_REQUEST request, PVOID authinf,
PVOID client_auth_base, ULONG auth_len, PVOID *ret_buf,
PULONG ret_buf_len, PNTSTATUS ret_stat)
{
return STATUS_NOT_IMPLEMENTED;
}

9
winsup/lsaauth/cyglsa.din
View File

@ -1,9 +0,0 @@
LIBRARY "cyglsa"
EXPORTS
LsaApInitializePackage = LsaApInitializePackage@20
LsaApLogonUserEx = LsaApLogonUserEx@56
LsaApLogonTerminated = LsaApLogonTerminated@4
LsaApCallPackage = LsaApCallPackage@28
LsaApCallPackagePassthrough = LsaApCallPackage@28
LsaApCallPackageUntrusted = LsaApCallPackage@28

9
winsup/lsaauth/cyglsa64.def
View File

@ -1,9 +0,0 @@
LIBRARY "cyglsa64"
EXPORTS
LsaApInitializePackage
LsaApLogonUserEx
LsaApLogonTerminated
LsaApCallPackage
LsaApCallPackagePassthrough = LsaApCallPackage
LsaApCallPackageUntrusted = LsaApCallPackage