* cygserver_setpwd.h (setlsapwd): Add username parameter to declaration.

* external.cc (cygwin_internal): In the CW_SET_PRIV_KEY case, fetch additional username parameter. * setlsapwd.cc (setlsapwd): Add username parameter. Allow admin to set the hidden password for other users.
2011-04-04 09:04:00 +00:00 · 2011-04-04 09:04:00 +00:00 · 1db2e3fbfb
parent 225b37131a
commit 1db2e3fbfb
4 changed files with 32 additions and 9 deletions
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@ -1,3 +1,11 @@
+2011-04-04  Corinna Vinschen  <corinna@vinschen.de>
+
+	* cygserver_setpwd.h (setlsapwd): Add username parameter to declaration.
+	* external.cc (cygwin_internal): In the CW_SET_PRIV_KEY case, fetch
+	additional username parameter.
+	* setlsapwd.cc (setlsapwd): Add username parameter.  Allow admin to
+	set the hidden password for other users.
+
 2011-04-04  Corinna Vinschen  <corinna@vinschen.de>

 	* sec_auth.cc (get_user_groups): Mark well-known groups as well-known.
--- a/winsup/cygwin/cygserver_setpwd.h
+++ b/winsup/cygwin/cygserver_setpwd.h
@ -1,6 +1,6 @@
 /* cygserver_setpwd.h: Set LSA private data password for current user.

-   Copyright 2008 Red Hat, Inc.
+   Copyright 2008, 2011 Red Hat, Inc.

 This file is part of Cygwin.

@ -47,7 +47,7 @@ public:
 };

 #ifdef __INSIDE_CYGWIN__
-unsigned long setlsapwd (const char *passwd);
+unsigned long setlsapwd (const char *passwd, const char *username);
 #endif

 #endif /* __CYGSERVER_SETPWD_H__ */
--- a/winsup/cygwin/external.cc
+++ b/winsup/cygwin/external.cc
@ -1,7 +1,7 @@
 /* external.cc: Interface to Cygwin internals from external programs.

   Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
-   2006, 2007, 2008, 2009, 2010 Red Hat, Inc.
+   2006, 2007, 2008, 2009, 2010, 2011 Red Hat, Inc.

   Written by Christopher Faylor <cgf@cygnus.com>

@ -435,7 +435,8 @@ cygwin_internal (cygwin_getinfo_types t, ...)
      case CW_SET_PRIV_KEY:
 	{
 	  const char *passwd = va_arg (arg, const char *);
-	  res = setlsapwd (passwd);
+	  const char *username = va_arg (arg, const char *);
+	  res = setlsapwd (passwd, username);
 	}
 	break;
      case CW_SETERRNO:
--- a/winsup/cygwin/setlsapwd.cc
+++ b/winsup/cygwin/setlsapwd.cc
@ -1,6 +1,6 @@
 /* setlsapwd.cc: Set LSA private data password for current user.

-   Copyright 2008, 2009 Red Hat, Inc.
+   Copyright 2008, 2009, 2011 Red Hat, Inc.

 This file is part of Cygwin.

@ -17,6 +17,7 @@ details. */
 #include "cygheap.h"
 #include "security.h"
 #include "cygserver_setpwd.h"
+#include "pwdgrp.h"
 #include "ntdll.h"
 #include <ntsecapi.h>
 #include <stdlib.h>
@ -37,7 +38,7 @@ client_request_setpwd::client_request_setpwd (PUNICODE_STRING passwd)
 }

 unsigned long
-setlsapwd (const char *passwd)
+setlsapwd (const char *passwd, const char *username)
 {
  unsigned long ret = (unsigned long) -1;
  HANDLE lsa = INVALID_HANDLE_VALUE;
@ -47,8 +48,21 @@ setlsapwd (const char *passwd)
  UNICODE_STRING key;
  UNICODE_STRING data;

-  wcpcpy (wcpcpy (key_name, CYGWIN_LSA_KEY_PREFIX),
-	  cygheap->user.get_windows_id (sid));
+  if (username)
+    {
+      cygsid psid;
+      struct passwd *pw = internal_getpwnam (username, false);
+
+      if (!pw || !psid.getfrompw (pw))
+	{
+	  set_errno (ENOENT);
+	  return ret;
+	}
+      wcpcpy (wcpcpy (key_name, CYGWIN_LSA_KEY_PREFIX), psid.string (sid));
+    }
+  else
+    wcpcpy (wcpcpy (key_name, CYGWIN_LSA_KEY_PREFIX),
+	    cygheap->user.get_windows_id (sid));
  RtlInitUnicodeString (&key, key_name);
  if (!passwd || ! *passwd
      || sys_mbstowcs_alloc (&data_buf, HEAP_NOTHEAP, passwd))
@ -71,7 +85,7 @@ setlsapwd (const char *passwd)
 	    __seterrno_from_nt_status (status);
 	  LsaClose (lsa);
 	}
-      else if (ret)
+      else if (ret && !username)
 	{
 	  client_request_setpwd request (&data);
 	  if (request.make_request () == -1 || request.error_code ())