diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index e95f15f5d..ec55374af 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,15 @@ +2007-07-16 Corinna Vinschen + + * cygheap.h (cygheap_user::curr_imp_token): Rename from current_token. + Accommodate changge throughout Cygwin. + (cygheap_user::imp_token): Rename from token. Accommodate changge + throughout Cygwin. + (rcygheap_user::eimpersonate): Use primary token for impersonation. + * grp.cc (internal_getgroups): Use primary impersonation token when + impersonated. + * security.h (_push_thread_privilege): Use primary impersonation token + when impersonated. + 2007-07-14 Christopher Faylor * init.cc (in_dllentry): Delete. diff --git a/winsup/cygwin/cygheap.h b/winsup/cygwin/cygheap.h index 58ed3739e..937230554 100644 --- a/winsup/cygwin/cygheap.h +++ b/winsup/cygwin/cygheap.h @@ -128,7 +128,7 @@ public: HANDLE external_token; HANDLE internal_token; HANDLE curr_primary_token; - HANDLE current_token; + HANDLE curr_imp_token; /* CGF 2002-06-27. I removed the initializaton from this constructor since this class is always allocated statically. That means that everything @@ -176,9 +176,9 @@ public: PSID saved_sid () { return saved_cygsid; } const char *ontherange (homebodies what, struct passwd * = NULL); #define NO_IMPERSONATION NULL - bool issetuid () const { return current_token != NO_IMPERSONATION; } + bool issetuid () const { return curr_imp_token != NO_IMPERSONATION; } HANDLE primary_token () { return curr_primary_token; } - HANDLE token () { return current_token; } + HANDLE imp_token () { return curr_imp_token; } void deimpersonate () { RevertToSelf (); @@ -186,7 +186,7 @@ public: bool reimpersonate () { if (issetuid ()) - return ImpersonateLoggedOnUser (token ()); + return ImpersonateLoggedOnUser (primary_token ()); return true; } bool has_impersonation_tokens () @@ -195,8 +195,8 @@ public: || curr_primary_token != NO_IMPERSONATION; } void close_impersonation_tokens () { - if (current_token != NO_IMPERSONATION) - CloseHandle (current_token); + if (curr_imp_token != NO_IMPERSONATION) + CloseHandle (curr_imp_token); if (curr_primary_token != NO_IMPERSONATION && curr_primary_token != external_token && curr_primary_token != internal_token) diff --git a/winsup/cygwin/grp.cc b/winsup/cygwin/grp.cc index edec62439..2398ae463 100644 --- a/winsup/cygwin/grp.cc +++ b/winsup/cygwin/grp.cc @@ -360,7 +360,7 @@ internal_getgroups (int gidsetsize, __gid32_t *grouplist, cygpsid * srchsid) /* If impersonated, use impersonation token. */ if (cygheap->user.issetuid ()) - hToken = cygheap->user.token (); + hToken = cygheap->user.primary_token (); else hToken = hProcToken; diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 504be9c0b..130b92d25 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -1943,7 +1943,7 @@ check_access (security_descriptor &sd, GENERIC_MAPPING &mapping, DWORD granted; DWORD plen = sizeof (PRIVILEGE_SET) + 3 * sizeof (LUID_AND_ATTRIBUTES); PPRIVILEGE_SET pset = (PPRIVILEGE_SET) alloca (plen); - HANDLE tok = cygheap->user.issetuid () ? cygheap->user.token () + HANDLE tok = cygheap->user.issetuid () ? cygheap->user.imp_token () : hProcImpToken; if (!tok && !DuplicateTokenEx (hProcToken, MAXIMUM_ALLOWED, NULL, diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h index c5efe7f0e..861f53201 100644 --- a/winsup/cygwin/security.h +++ b/winsup/cygwin/security.h @@ -388,7 +388,7 @@ void set_cygwin_privileges (HANDLE token); #define _push_thread_privilege(_priv, _val, _check) { \ HANDLE _dup_token = NULL; \ HANDLE _token = (cygheap->user.issetuid () && (_check)) \ - ? cygheap->user.token () : hProcToken; \ + ? cygheap->user.primary_token () : hProcToken; \ if (!DuplicateTokenEx (_token, MAXIMUM_ALLOWED, NULL, \ SecurityImpersonation, TokenImpersonation, \ &_dup_token)) \ diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc index e564eddc5..3d9cba259 100644 --- a/winsup/cygwin/syscalls.cc +++ b/winsup/cygwin/syscalls.cc @@ -2228,22 +2228,22 @@ seteuid32 (__uid32_t uid) cygheap->user.set_sid (usersid); cygheap->user.curr_primary_token = new_token == hProcToken ? NO_IMPERSONATION : new_token; - if (cygheap->user.current_token != NO_IMPERSONATION) + if (cygheap->user.curr_imp_token != NO_IMPERSONATION) { - CloseHandle (cygheap->user.current_token); - cygheap->user.current_token = NO_IMPERSONATION; + CloseHandle (cygheap->user.curr_imp_token); + cygheap->user.curr_imp_token = NO_IMPERSONATION; } if (cygheap->user.curr_primary_token != NO_IMPERSONATION) { if (!DuplicateTokenEx (cygheap->user.curr_primary_token, MAXIMUM_ALLOWED, &sec_none, SecurityImpersonation, - TokenImpersonation, &cygheap->user.current_token)) + TokenImpersonation, &cygheap->user.curr_imp_token)) { __seterrno (); cygheap->user.curr_primary_token = NO_IMPERSONATION; return -1; } - set_cygwin_privileges (cygheap->user.current_token); + set_cygwin_privileges (cygheap->user.curr_imp_token); } if (!cygheap->user.reimpersonate ()) { @@ -2338,7 +2338,7 @@ setegid32 (__gid32_t gid) TokenPrimaryGroup, &gsid, sizeof gsid)) debug_printf ("SetTokenInformation(primary_token, " "TokenPrimaryGroup), %E"); - if (!SetTokenInformation (cygheap->user.token (), TokenPrimaryGroup, + if (!SetTokenInformation (cygheap->user.imp_token (), TokenPrimaryGroup, &gsid, sizeof gsid)) debug_printf ("SetTokenInformation(token, TokenPrimaryGroup), %E"); } diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc index 90ec989c4..c582b629e 100644 --- a/winsup/cygwin/uinfo.cc +++ b/winsup/cygwin/uinfo.cc @@ -146,7 +146,7 @@ uinfo_init () cygheap->user.external_token = NO_IMPERSONATION; cygheap->user.internal_token = NO_IMPERSONATION; cygheap->user.curr_primary_token = NO_IMPERSONATION; - cygheap->user.current_token = NO_IMPERSONATION; + cygheap->user.curr_imp_token = NO_IMPERSONATION; cygheap->user.set_saved_sid (); /* Update the original sid */ cygheap->user.reimpersonate (); }