diff --git a/winsup/lsaauth/ChangeLog b/winsup/lsaauth/ChangeLog index b01e292ea..c73c956a4 100644 --- a/winsup/lsaauth/ChangeLog +++ b/winsup/lsaauth/ChangeLog @@ -1,3 +1,17 @@ +2008-07-13 Corinna Vinschen + + * cyglsa.c: Don't include ntddk.h. + (RtlInitEmptyUnicodeString): Use Visual-C compatible "__inline" instead + of "inline". + (uni_alloc): Change second argument to USHORT. + (printf): Move definition of ap to make Visual-C++ happy. + (LsaApLogonUserEx): Compute size of datastructure returned to + LSA on 64 bit systems correctly to avoid heap corruption. + * cyglsa64.dll: Regenerate. + * make-64bit-version-with-visual-c.bat: Accommodate newer Microsoft + toolchains. Add more comment. + * mslsa.def: Export LsaApLogonUserEx instead of LsaApLogonUser. + 2008-07-11 Corinna Vinschen * cyglsa.c (LsaApLogonUserEx): Accommodate the fact that authinf->domain diff --git a/winsup/lsaauth/cyglsa.c b/winsup/lsaauth/cyglsa.c index acd271f93..582e226e9 100644 --- a/winsup/lsaauth/cyglsa.c +++ b/winsup/lsaauth/cyglsa.c @@ -19,7 +19,6 @@ Cygwin license. Please consult the file "CYGWIN_LICENSE" for details. */ #include #include #include -#include #include "../cygwin/cyglsa.h" #include "../cygwin/include/cygwin/version.h" @@ -41,9 +40,8 @@ DllMain (HINSTANCE inst, DWORD reason, LPVOID res) } #ifndef RtlInitEmptyUnicodeString -inline -VOID NTAPI RtlInitEmptyUnicodeString(PUNICODE_STRING dest, PCWSTR buf, - USHORT len) +__inline VOID NTAPI +RtlInitEmptyUnicodeString(PUNICODE_STRING dest, PCWSTR buf, USHORT len) { dest->Length = 0; dest->MaximumLength = len; @@ -52,7 +50,7 @@ VOID NTAPI RtlInitEmptyUnicodeString(PUNICODE_STRING dest, PCWSTR buf, #endif static PUNICODE_STRING -uni_alloc (PWCHAR src, DWORD len) +uni_alloc (PWCHAR src, USHORT len) { PUNICODE_STRING tgt; @@ -80,10 +78,10 @@ printf (const char *format, ...) char buf[256]; DWORD wr; int ret; + va_list ap; if (fh == INVALID_HANDLE_VALUE) return 0; - va_list ap; va_start (ap, format); ret = _vsnprintf (buf, 256, format, ap); @@ -471,14 +469,17 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type, base = (LONG_PTR) &authinf->inf; newsize = authinf->inf_size; - newsize += sizeof (PSID) - sizeof (OFFSET); /* User SID */ + newsize += sizeof (TOKEN_USER) - sizeof (CYG_TOKEN_USER); /* User SID */ newsize += sizeof (PTOKEN_GROUPS) - sizeof (OFFSET); /* Groups */ src_grps = (PCYG_TOKEN_GROUPS) (base + authinf->inf.Groups); newsize += src_grps->GroupCount /* Group SIDs */ - * (sizeof (PSID) - sizeof (OFFSET)); + * (sizeof (SID_AND_ATTRIBUTES) + - sizeof (CYG_SID_AND_ATTRIBUTES)); newsize += sizeof (PSID) - sizeof (OFFSET); /* Primary Group SID */ - newsize += sizeof (PSID) - sizeof (OFFSET); /* Owner SID */ + newsize += sizeof (PTOKEN_PRIVILEGES) - sizeof (OFFSET); /* Privileges */ + newsize += 0; /* Owner SID */ newsize += sizeof (PACL) - sizeof (OFFSET); /* Default DACL */ + if (!(tokinf = funcs->AllocateLsaHeap (newsize))) return STATUS_NO_MEMORY; tptr = (PBYTE)(tokinf + 1); diff --git a/winsup/lsaauth/cyglsa64.dll b/winsup/lsaauth/cyglsa64.dll index 0be4147cf..2f7c9a8bb 100644 Binary files a/winsup/lsaauth/cyglsa64.dll and b/winsup/lsaauth/cyglsa64.dll differ diff --git a/winsup/lsaauth/make-64bit-version-with-visual-c.bat b/winsup/lsaauth/make-64bit-version-with-visual-c.bat index 9f2ac0830..95741dcce 100644 --- a/winsup/lsaauth/make-64bit-version-with-visual-c.bat +++ b/winsup/lsaauth/make-64bit-version-with-visual-c.bat @@ -5,6 +5,11 @@ rem rem Note that you need not only the SDK headers and libs, but also the rem 64 bit ntdll.lib file from a DDK supporting 64 bit builds. rem +rem Make sure all necessary include paths are set in %Include% (inc\ddk, +rem inc\atl, inc\crt) and rem that %Lib% points to the 64 bit libs, not +rem the 32 bit libs. In the latter case the link stage will succeed, +rem but the resulting DLL is non-functional. +rem rem This can be used as long as no x86_64-pe/coff capable gcc is available. rem Note that this is for building inside the source dir as not to interfere rem with the "official" 32 bit build in the build directory. @@ -12,5 +17,13 @@ rem rem Install the dll into /bin and use the cyglsa-config script to register it. rem Don't forget to reboot afterwards. rem -cl /Wp64 /c cyglsa.c -link /nodefaultlib /dll /machine:x64 /entry:DllMain /out:cyglsa64.dll /def:mslsa.def cyglsa.obj runtmchk.lib advapi32.lib kernel32.lib ntdll.lib +rem Use "/DDEBUGGING" in the cl line to create debugging output to +rem C:\cyglsa.dbgout at runtime. +rem +rem No idea when that changed, but in the latest SDKs you have to disable +rem the security checks and there's apparently no runtmchk.lib anymore. +rem I leave the old statements in for reference. +rem cl /Wp64 /c cyglsa.c +rem link /nodefaultlib /dll /machine:x64 /entry:DllMain /out:cyglsa64.dll /def:mslsa.def cyglsa.obj runtmchk.lib advapi32.lib kernel32.lib ntdll.lib +cl /Wp64 /EHs-c- /GS- /GR- /GL- /c cyglsa.c +link /nodefaultlib /dll /machine:x64 /entry:DllMain /out:cyglsa64.dll /def:mslsa.def cyglsa.obj advapi32.lib kernel32.lib ntdll.lib diff --git a/winsup/lsaauth/mslsa.def b/winsup/lsaauth/mslsa.def index ed5fb29bf..7b2d5921e 100644 --- a/winsup/lsaauth/mslsa.def +++ b/winsup/lsaauth/mslsa.def @@ -2,7 +2,7 @@ LIBRARY "cyglsa64" EXPORTS LsaApInitializePackage -LsaApLogonUser +LsaApLogonUserEx LsaApLogonTerminated LsaApCallPackage LsaApCallPackagePassthrough = LsaApCallPackage