* security.h (SID): New macro.

(well_known_*_sid): Change type to cygpsid.
	(cygsid::init): Delete declaration.
	* sec_helper.cc (well_known_*_sid): Define using above SID macro.
	(cygsid::init): Delete.
	* dcrt0.cc (dll_crt0_0): Do not call cygsid::init.
	* security.cc (get_user_local_groups): Change the second argument type
	to cygpsid.

winsup/cygwin/ChangeLog

@@ -1,3 +1,14 @@
+2004-02-05  Pierre Humblet <pierre.humblet@ieee.org>
+
+	* security.h (SID): New macro.
+	(well_known_*_sid): Change type to cygpsid.
+	(cygsid::init): Delete declaration.
+	* sec_helper.cc (well_known_*_sid): Define using above SID macro.
+	(cygsid::init): Delete.
+	* dcrt0.cc (dll_crt0_0): Do not call cygsid::init.
+	* security.cc (get_user_local_groups): Change the second argument type
+	to cygpsid.
+
 2004-02-03  Christopher Faylor  <cgf@redhat.com>
 
 	* cygtls.h (_local_storage::signamebuf): Increase size to prevent

winsup/cygwin/dcrt0.cc

@@ -723,8 +723,6 @@ dll_crt0_0 ()
   /* Initialize events */
   events_init ();
 
-  /* Init global well known SID objects */
-  cygsid::init ();
   cygheap->cwd.init ();
 }
 

winsup/cygwin/sec_helper.cc

@@ -47,19 +47,33 @@ SID_IDENTIFIER_AUTHORITY NO_COPY sid_auth[] = {
 	{SECURITY_NT_AUTHORITY}
 };
 
-cygsid well_known_null_sid;
-cygsid well_known_world_sid;
-cygsid well_known_local_sid;
-cygsid well_known_creator_owner_sid;
-cygsid well_known_creator_group_sid;
-cygsid well_known_dialup_sid;
-cygsid well_known_network_sid;
-cygsid well_known_batch_sid;
-cygsid well_known_interactive_sid;
-cygsid well_known_service_sid;
-cygsid well_known_authenticated_users_sid;
-cygsid well_known_system_sid;
-cygsid well_known_admins_sid;
+SID (well_known_null_sid, "S-1-0-0",
+     SECURITY_NULL_SID_AUTHORITY, 1, SECURITY_NULL_RID);
+SID (well_known_world_sid, "S-1-1-0",
+     SECURITY_WORLD_SID_AUTHORITY, 1, SECURITY_WORLD_RID);
+SID (well_known_local_sid, "S-1-2-0",
+     SECURITY_LOCAL_SID_AUTHORITY, 1, SECURITY_LOCAL_RID);
+SID (well_known_creator_owner_sid, "S-1-3-0",
+     SECURITY_CREATOR_SID_AUTHORITY, 1, SECURITY_CREATOR_OWNER_RID);
+SID (well_known_creator_group_sid, "S-1-3-1",
+     SECURITY_CREATOR_SID_AUTHORITY, 1, SECURITY_CREATOR_GROUP_RID);
+SID (well_known_dialup_sid, "S-1-5-1",
+     SECURITY_NT_AUTHORITY, 1, SECURITY_DIALUP_RID);
+SID (well_known_network_sid, "S-1-5-2",
+     SECURITY_NT_AUTHORITY, 1, SECURITY_NETWORK_RID);
+SID (well_known_batch_sid, "S-1-5-3",
+     SECURITY_NT_AUTHORITY, 1, SECURITY_BATCH_RID);
+SID (well_known_interactive_sid, "S-1-5-4",
+     SECURITY_NT_AUTHORITY, 1, SECURITY_INTERACTIVE_RID);
+SID (well_known_service_sid, "S-1-5-6",
+     SECURITY_NT_AUTHORITY, 1, SECURITY_SERVICE_RID);
+SID (well_known_authenticated_users_sid, "S-1-5-11",
+     SECURITY_NT_AUTHORITY, 1, SECURITY_AUTHENTICATED_USER_RID);
+SID (well_known_system_sid, "S-1-5-18",
+     SECURITY_NT_AUTHORITY, 1, SECURITY_LOCAL_SYSTEM_RID);
+SID (well_known_admins_sid, "S-1-5-32-544",
+     SECURITY_NT_AUTHORITY, 2, SECURITY_BUILTIN_DOMAIN_RID,
+			       DOMAIN_ALIAS_RID_ADMINS);
 
 bool
 cygpsid::operator== (const char *nsidstr) const
@@ -118,24 +132,6 @@ cygpsid::string (char *nsidstr) const
   return nsidstr;
 }
 
-void
-cygsid::init ()
-{
-  well_known_null_sid = "S-1-0-0";
-  well_known_world_sid = "S-1-1-0";
-  well_known_local_sid = "S-1-2-0";
-  well_known_creator_owner_sid = "S-1-3-0";
-  well_known_creator_group_sid = "S-1-3-1";
-  well_known_dialup_sid = "S-1-5-1";
-  well_known_network_sid = "S-1-5-2";
-  well_known_batch_sid = "S-1-5-3";
-  well_known_interactive_sid = "S-1-5-4";
-  well_known_service_sid = "S-1-5-6";
-  well_known_authenticated_users_sid = "S-1-5-11";
-  well_known_system_sid = "S-1-5-18";
-  well_known_admins_sid = "S-1-5-32-544";
-}
-
 PSID
 cygsid::get_sid (DWORD s, DWORD cnt, DWORD *r)
 {

winsup/cygwin/security.cc

@@ -425,7 +425,7 @@ get_user_local_groups (cygsidlist &grp_list, PSID pusersid)
 }
 
 static bool
-sid_in_token_groups (PTOKEN_GROUPS grps, cygsid &sid)
+sid_in_token_groups (PTOKEN_GROUPS grps, cygpsid sid)
 {
   if (!grps)
     return false;

winsup/cygwin/security.h

@@ -23,6 +23,16 @@ details. */
 #define ACL_DEFAULT_SIZE 3072
 #define NO_SID ((PSID)NULL)
 
+/* Macro to define variable length SID structures */
+#define SID(name, comment, authority, count, rid...) \
+static NO_COPY struct  { \
+  BYTE  Revision; \
+  BYTE  SubAuthorityCount; \
+  SID_IDENTIFIER_AUTHORITY IdentifierAuthority; \
+  DWORD SubAuthority[count]; \
+} name##_struct = { SID_REVISION, count, {authority}, {rid}}; \
+cygpsid NO_COPY name = (PSID) &name##_struct;
+
 #define FILE_READ_BITS   (FILE_READ_DATA | GENERIC_READ | GENERIC_ALL)
 #define FILE_WRITE_BITS  (FILE_WRITE_DATA | GENERIC_WRITE | GENERIC_ALL)
 #define FILE_EXEC_BITS   (FILE_EXECUTE | GENERIC_EXECUTE | GENERIC_ALL)
@@ -79,7 +89,6 @@ class cygsid : public cygpsid {
     }
 
 public:
-  static void init();
   inline operator const PSID () { return psid; }
 
   inline const PSID operator= (cygsid &nsid)
@@ -213,19 +222,19 @@ public:
     }
 };
 
-extern cygsid well_known_null_sid;
-extern cygsid well_known_world_sid;
-extern cygsid well_known_local_sid;
-extern cygsid well_known_creator_owner_sid;
-extern cygsid well_known_creator_group_sid;
-extern cygsid well_known_dialup_sid;
-extern cygsid well_known_network_sid;
-extern cygsid well_known_batch_sid;
-extern cygsid well_known_interactive_sid;
-extern cygsid well_known_service_sid;
-extern cygsid well_known_authenticated_users_sid;
-extern cygsid well_known_system_sid;
-extern cygsid well_known_admins_sid;
+extern cygpsid well_known_null_sid;
+extern cygpsid well_known_world_sid;
+extern cygpsid well_known_local_sid;
+extern cygpsid well_known_creator_owner_sid;
+extern cygpsid well_known_creator_group_sid;
+extern cygpsid well_known_dialup_sid;
+extern cygpsid well_known_network_sid;
+extern cygpsid well_known_batch_sid;
+extern cygpsid well_known_interactive_sid;
+extern cygpsid well_known_service_sid;
+extern cygpsid well_known_authenticated_users_sid;
+extern cygpsid well_known_system_sid;
+extern cygpsid well_known_admins_sid;
 
 inline BOOL
 legal_sid_type (SID_NAME_USE type)