diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 80c17d494..806539cd9 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,9 @@ +2014-05-06 Corinna Vinschen + + * security.h (MAX_SUBAUTH_CNT): Drop. Use SID_MAX_SUB_AUTHORITIES + instead throughout. + (MAX_SID_LEN): Drop. Use SECURITY_MAX_SID_SIZE instead throughout. + 2014-05-06 Corinna Vinschen * grp.cc (internal_getgroups): Drop unused cygsid variable. diff --git a/winsup/cygwin/grp.cc b/winsup/cygwin/grp.cc index e1b28ae34..fadadff64 100644 --- a/winsup/cygwin/grp.cc +++ b/winsup/cygwin/grp.cc @@ -396,7 +396,7 @@ gr_ent::enumerate_local () while (cnt < max) { cygsid sid; - DWORD slen = MAX_SID_LEN; + DWORD slen = SECURITY_MAX_SID_SIZE; WCHAR dom[DNLEN + 1]; DWORD dlen = DNLEN + 1; SID_NAME_USE acc_type; diff --git a/winsup/cygwin/sec_auth.cc b/winsup/cygwin/sec_auth.cc index b175fbbeb..fb9e371fb 100644 --- a/winsup/cygwin/sec_auth.cc +++ b/winsup/cygwin/sec_auth.cc @@ -277,7 +277,7 @@ get_user_groups (WCHAR *logonserver, cygsidlist &grp_list, for (DWORD i = 0; i < cnt; ++i) { cygsid gsid; - DWORD glen = MAX_SID_LEN; + DWORD glen = SECURITY_MAX_SID_SIZE; WCHAR dom[MAX_DOMAIN_NAME_LEN + 1]; DWORD dlen = sizeof (dom); SID_NAME_USE use = SidTypeInvalid; @@ -325,7 +325,7 @@ get_user_local_groups (PWCHAR logonserver, PWCHAR domain, for (DWORD i = 0; i < cnt; ++i) { cygsid gsid; - DWORD glen = MAX_SID_LEN; + DWORD glen = SECURITY_MAX_SID_SIZE; WCHAR dom[MAX_DOMAIN_NAME_LEN + 1]; DWORD domlen = MAX_DOMAIN_NAME_LEN + 1; @@ -361,7 +361,7 @@ get_user_local_groups (PWCHAR logonserver, PWCHAR domain, if (bg_ptr) { wcscpy (bg_ptr, dg_ptr); - glen = MAX_SID_LEN; + glen = SECURITY_MAX_SID_SIZE; domlen = MAX_DOMAIN_NAME_LEN + 1; if (LookupAccountNameW (NULL, builtin_grp, gsid, &glen, dom, &domlen, &use)) @@ -687,7 +687,8 @@ verify_token (HANDLE token, cygsid &usersid, user_groups &groups, bool *pintern) is not well_known_null_sid, it must match pgrpsid */ if (intern && !groups.issetgroups ()) { - const DWORD sd_buf_siz = MAX_SID_LEN + sizeof (SECURITY_DESCRIPTOR); + const DWORD sd_buf_siz = SECURITY_MAX_SID_SIZE + + sizeof (SECURITY_DESCRIPTOR); PSECURITY_DESCRIPTOR sd_buf = (PSECURITY_DESCRIPTOR) alloca (sd_buf_siz); cygpsid gsid (NO_SID); NTSTATUS status; diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc index 6f7921aa5..00123935b 100644 --- a/winsup/cygwin/sec_helper.cc +++ b/winsup/cygwin/sec_helper.cc @@ -218,7 +218,7 @@ cygsid::get_sid (DWORD s, DWORD cnt, DWORD *r, bool well_known) SID_IDENTIFIER_AUTHORITY sid_auth = { SECURITY_NULL_SID_AUTHORITY }; # define SECURITY_NT_AUTH 5 - if (s > 255 || cnt < 1 || cnt > MAX_SUBAUTH_CNT) + if (s > 255 || cnt < 1 || cnt > SID_MAX_SUB_AUTHORITIES) { psid = NO_SID; return NULL; @@ -226,7 +226,7 @@ cygsid::get_sid (DWORD s, DWORD cnt, DWORD *r, bool well_known) sid_auth.Value[5] = s; set (); RtlInitializeSid (psid, &sid_auth, cnt); - PDBGSID dsid = (PDBGSID) psid; + PISID dsid = (PISID) psid; for (i = 0; i < cnt; ++i) dsid->SubAuthority[i] = r[i]; /* If the well_known flag isn't set explicitely, we check the SID @@ -248,12 +248,12 @@ cygsid::getfromstr (PCWSTR nsidstr, bool well_known) { PWCHAR lasts; DWORD s, cnt = 0; - DWORD r[MAX_SUBAUTH_CNT]; + DWORD r[SID_MAX_SUB_AUTHORITIES]; if (nsidstr && !wcsncmp (nsidstr, L"S-1-", 4)) { s = wcstoul (nsidstr + 4, &lasts, 10); - while (cnt < MAX_SUBAUTH_CNT && *lasts == '-') + while (cnt < SID_MAX_SUB_AUTHORITIES && *lasts == '-') r[cnt++] = wcstoul (lasts + 1, &lasts, 10); if (!*lasts) return get_sid (s, cnt, r, well_known); @@ -266,12 +266,12 @@ cygsid::getfromstr (const char *nsidstr, bool well_known) { char *lasts; DWORD s, cnt = 0; - DWORD r[MAX_SUBAUTH_CNT]; + DWORD r[SID_MAX_SUB_AUTHORITIES]; if (nsidstr && !strncmp (nsidstr, "S-1-", 4)) { s = strtoul (nsidstr + 4, &lasts, 10); - while (cnt < MAX_SUBAUTH_CNT && *lasts == '-') + while (cnt < SID_MAX_SUB_AUTHORITIES && *lasts == '-') r[cnt++] = strtoul (lasts + 1, &lasts, 10); if (!*lasts) return get_sid (s, cnt, r, well_known); diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h index 9b1edbc84..6b6c33955 100644 --- a/winsup/cygwin/security.h +++ b/winsup/cygwin/security.h @@ -44,12 +44,9 @@ void uinfo_init (); #define gid16togid32(g16) ((g16)==ILLEGAL_GID16?ILLEGAL_GID:(gid_t)(g16)) #endif -#define MAX_SUBAUTH_CNT 11 -#define MAX_SID_LEN (2 * sizeof (BYTE) \ - + sizeof (SID_IDENTIFIER_AUTHORITY) \ - + MAX_SUBAUTH_CNT * sizeof (DWORD)) #define MAX_DACL_LEN(n) (sizeof (ACL) \ - + (n) * (sizeof (ACCESS_ALLOWED_ACE) - sizeof (DWORD) + MAX_SID_LEN)) + + (n) * (sizeof (ACCESS_ALLOWED_ACE) - sizeof (DWORD) \ + + SECURITY_MAX_SID_SIZE)) #define SD_MIN_SIZE (sizeof (SECURITY_DESCRIPTOR) + MAX_DACL_LEN (1)) #define ACL_MAXIMUM_SIZE 65532 /* Yeah, right. 64K - sizeof (DWORD). */ #define SD_MAXIMUM_SIZE 65536 @@ -101,7 +98,7 @@ typedef struct { BYTE Revision; BYTE SubAuthorityCount; SID_IDENTIFIER_AUTHORITY IdentifierAuthority; - DWORD SubAuthority[MAX_SUBAUTH_CNT]; + DWORD SubAuthority[SID_MAX_SUB_AUTHORITIES]; } DBGSID, *PDBGSID; /* Macro to define variable length SID structures */ @@ -179,7 +176,7 @@ public: }; class cygsid : public cygpsid { - char sbuf[MAX_SID_LEN]; + char sbuf[SECURITY_MAX_SID_SIZE]; bool well_known_sid; const PSID getfromstr (PCWSTR nsidstr, bool well_known); @@ -193,7 +190,7 @@ class cygsid : public cygpsid { else { psid = (PSID) sbuf; - RtlCopySid (MAX_SID_LEN, psid, nsid); + RtlCopySid (SECURITY_MAX_SID_SIZE, psid, nsid); well_known_sid = well_known; } return psid; diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc index 48dd08ab1..1de113202 100644 --- a/winsup/cygwin/uinfo.cc +++ b/winsup/cygwin/uinfo.cc @@ -1171,7 +1171,7 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) cygsid csid; DWORD nlen = UNLEN + 1; DWORD dlen = DNLEN + 1; - DWORD slen = MAX_SID_LEN; + DWORD slen = SECURITY_MAX_SID_SIZE; cygpsid sid (NO_SID); SID_NAME_USE acc_type; BOOL ret = false;