diff --git a/winsup/lsaauth/ChangeLog b/winsup/lsaauth/ChangeLog index 671870602..3dbc2b873 100644 --- a/winsup/lsaauth/ChangeLog +++ b/winsup/lsaauth/ChangeLog @@ -1,4 +1,18 @@ -2011-03-30 Yaakov Selkowitz +2011-03-31 Corinna Vinschen + + * Makefile.in (LIBS): Remove advapi32.dll. + (clean): Remove cyglsa.def. + * cyglsa.c: Drop definitions required for VC++. Don't include ntddk.h. + Declare functions from NTDLL here. Explain why. Use NTDLL functions + in place of ADVAPI32 functions. + * cyglsa64.def: New file. + * cyglsa64.dll: Regenerate. + * make-64bit-version-with-mingw-w64.sh (LIBS): Remove advapi32.dll. + Reference cyglsa64.def instead of mslsa.def. + * make-64bit-version-with-visual-c.bat: Remove. + * mslsa.def: Remove. + +2011-03-31 Yaakov Selkowitz * cyglsa.c: Fix compilation with MinGW-w64 toolchains. * make-64bit-version-with-mingw-w64.sh: New file. diff --git a/winsup/lsaauth/Makefile.in b/winsup/lsaauth/Makefile.in index e84a06be1..82b58363c 100644 --- a/winsup/lsaauth/Makefile.in +++ b/winsup/lsaauth/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (c) 2006, Red Hat, Inc. +# Copyright (c) 2006, 2008, 2009, 2011 Red Hat, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -43,7 +43,7 @@ ifdef MINGW_CC override CC:=${MINGW_CC} endif -LIBS := -ladvapi32 -lkernel32 -lntdll +LIBS := -lkernel32 -lntdll DLL := cyglsa.dll DEF_FILE:= cyglsa.def @@ -67,7 +67,7 @@ realclean: clean rm -f Makefile config.cache clean: - rm -f *.o *.dll + rm -f *.o *.dll cyglsa.def install: all $(SHELL) $(updir1)/mkinstalldirs $(DESTDIR)$(bindir) diff --git a/winsup/lsaauth/cyglsa.c b/winsup/lsaauth/cyglsa.c index b5a7a841c..0e7a05797 100644 --- a/winsup/lsaauth/cyglsa.c +++ b/winsup/lsaauth/cyglsa.c @@ -10,18 +10,13 @@ This software is a copyrighted work licensed under the terms of the Cygwin license. Please consult the file "CYGWIN_LICENSE" for details. */ #define WINVER 0x0600 -#define _CRT_SECURE_NO_DEPRECATE #include -#define WIN32_NO_STATUS #include #include #include #include #include #include -#if defined(__MINGW32__) && !defined(_W64) -#include -#endif #include "../cygwin/cyglsa.h" #include "../cygwin/include/cygwin/version.h" @@ -42,6 +37,19 @@ DllMain (HINSTANCE inst, DWORD reason, LPVOID res) return TRUE; } +/* Declare NTDLL functions here to avoid problems with different + header file layout in different compiler environments. */ +#ifndef NT_SUCCESS +#define NT_SUCCESS(s) ((s) >= 0) +#endif +NTSTATUS NTAPI NtAllocateLocallyUniqueId (PLUID); +NTSTATUS NTAPI RtlCopySid (ULONG, PSID, PSID); +NTSTATUS NTAPI RtlGetAce (PACL, ULONG, PVOID *); +ULONG NTAPI RtlLengthSid (PSID); +PULONG NTAPI RtlSubAuthoritySid (PSID, ULONG); +PUCHAR NTAPI RtlSubAuthorityCountSid (PSID); +BOOLEAN NTAPI RtlValidSid (PSID); + #ifndef RtlInitEmptyUnicodeString __inline VOID NTAPI RtlInitEmptyUnicodeString(PUNICODE_STRING dest, PCWSTR buf, USHORT len) @@ -111,7 +119,7 @@ print_sid (const char *prefix, int idx, PISID sid) cyglsa_printf ("NULL\n"); else if (IsBadReadPtr (sid, 8)) cyglsa_printf ("INVALID POINTER\n"); - else if (!IsValidSid ((PSID) sid)) + else if (!RtlValidSid ((PSID) sid)) cyglsa_printf ("INVALID SID\n"); else if (IsBadReadPtr (sid, 8 + sizeof (DWORD) * sid->SubAuthorityCount)) cyglsa_printf ("INVALID POINTER SPACE\n"); @@ -191,9 +199,11 @@ print_dacl (PACL dacl) { PVOID vace; PACCESS_ALLOWED_ACE ace; + NTSTATUS stat; - if (!GetAce (dacl, i, &vace)) - cyglsa_printf ("[%lu] GetAce error %lu\n", i, GetLastError ()); + stat = RtlGetAce (dacl, i, &vace); + if (!NT_SUCCESS (stat)) + cyglsa_printf ("[%lu] RtlGetAce status 0x%08lx\n", i, stat); else { ace = (PACCESS_ALLOWED_ACE) vace; @@ -489,8 +499,8 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type, tokinf->ExpirationTime = authinf->inf.ExpirationTime; /* User SID */ src_sid = (PSID) (base + authinf->inf.User.User.Sid); - size = GetLengthSid (src_sid); - CopySid (size, (PSID) tptr, src_sid); + size = RtlLengthSid (src_sid); + RtlCopySid (size, (PSID) tptr, src_sid); tokinf->User.User.Sid = (PSID) tptr; tptr += size; tokinf->User.User.Attributes = authinf->inf.User.User.Attributes; @@ -504,16 +514,16 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type, for (i = 0; i < src_grps->GroupCount; ++i) { src_sid = (PSID) (base + src_grps->Groups[i].Sid); - size = GetLengthSid (src_sid); - CopySid (size, (PSID) tptr, src_sid); + size = RtlLengthSid (src_sid); + RtlCopySid (size, (PSID) tptr, src_sid); tokinf->Groups->Groups[i].Sid = (PSID) tptr; tptr += size; tokinf->Groups->Groups[i].Attributes = src_grps->Groups[i].Attributes; } /* Primary Group SID */ src_sid = (PSID) (base + authinf->inf.PrimaryGroup.PrimaryGroup); - size = GetLengthSid (src_sid); - CopySid (size, (PSID) tptr, src_sid); + size = RtlLengthSid (src_sid); + RtlCopySid (size, (PSID) tptr, src_sid); tokinf->PrimaryGroup.PrimaryGroup = (PSID) tptr; tptr += size; /* Privileges */ @@ -540,7 +550,8 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type, not done in the 64 bit code above for hopefully obvious reasons... */ LUID logon_sid_id; - if (must_create_logon_sid && !AllocateLocallyUniqueId (&logon_sid_id)) + if (must_create_logon_sid + && !NT_SUCCESS (NtAllocateLocallyUniqueId (&logon_sid_id))) return STATUS_INSUFFICIENT_RESOURCES; if (!(tokinf = funcs->AllocateLsaHeap (authinf->inf_size))) @@ -560,13 +571,13 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type, ((PBYTE) tokinf + (LONG_PTR) tokinf->Groups->Groups[i].Sid); if (must_create_logon_sid && tokinf->Groups->Groups[i].Attributes & SE_GROUP_LOGON_ID - && *GetSidSubAuthorityCount (tokinf->Groups->Groups[i].Sid) == 3 - && *GetSidSubAuthority (tokinf->Groups->Groups[i].Sid, 0) + && *RtlSubAuthorityCountSid (tokinf->Groups->Groups[i].Sid) == 3 + && *RtlSubAuthoritySid (tokinf->Groups->Groups[i].Sid, 0) == SECURITY_LOGON_IDS_RID) { - *GetSidSubAuthority (tokinf->Groups->Groups[i].Sid, 1) + *RtlSubAuthoritySid (tokinf->Groups->Groups[i].Sid, 1) = logon_sid_id.HighPart; - *GetSidSubAuthority (tokinf->Groups->Groups[i].Sid, 2) + *RtlSubAuthoritySid (tokinf->Groups->Groups[i].Sid, 2) = logon_sid_id.LowPart; } } @@ -593,12 +604,12 @@ LsaApLogonUserEx (PLSA_CLIENT_REQUEST request, SECURITY_LOGON_TYPE logon_type, (PVOID)((LONG_PTR) &authinf->inf + authinf->inf_size)); /* Create logon session. */ - if (!AllocateLocallyUniqueId (logon_id)) + stat = NtAllocateLocallyUniqueId (logon_id); + if (!NT_SUCCESS (stat)) { funcs->FreeLsaHeap (*tok); *tok = NULL; - cyglsa_printf ("AllocateLocallyUniqueId failed: Win32 error %lu\n", - GetLastError ()); + cyglsa_printf ("NtAllocateLocallyUniqueId status 0x%08lx\n", stat); return STATUS_INSUFFICIENT_RESOURCES; } stat = funcs->CreateLogonSession (logon_id); diff --git a/winsup/lsaauth/mslsa.def b/winsup/lsaauth/cyglsa64.def similarity index 100% rename from winsup/lsaauth/mslsa.def rename to winsup/lsaauth/cyglsa64.def diff --git a/winsup/lsaauth/cyglsa64.dll b/winsup/lsaauth/cyglsa64.dll index f18404727..18acaf8c7 100644 Binary files a/winsup/lsaauth/cyglsa64.dll and b/winsup/lsaauth/cyglsa64.dll differ diff --git a/winsup/lsaauth/make-64bit-version-with-mingw-w64.sh b/winsup/lsaauth/make-64bit-version-with-mingw-w64.sh index 2f93c2cb2..a93daf8f3 100644 --- a/winsup/lsaauth/make-64bit-version-with-mingw-w64.sh +++ b/winsup/lsaauth/make-64bit-version-with-mingw-w64.sh @@ -20,6 +20,6 @@ set -e CC="x86_64-w64-mingw32-gcc" CFLAGS="-fno-exceptions -O0 -Wall -Werror" LDFLAGS="-s -nostdlib -Wl,--entry,DllMain,--major-os-version,5,--minor-os-version,2" -LIBS="-ladvapi32 -lkernel32 -lntdll" +LIBS="-lkernel32 -lntdll" -$CC $CFLAGS $LDFLAGS -shared -o cyglsa64.dll cyglsa.c mslsa.def $LIBS +$CC $CFLAGS $LDFLAGS -shared -o cyglsa64.dll cyglsa.c cyglsa64.def $LIBS diff --git a/winsup/lsaauth/make-64bit-version-with-visual-c.bat b/winsup/lsaauth/make-64bit-version-with-visual-c.bat deleted file mode 100644 index 28ea642f7..000000000 --- a/winsup/lsaauth/make-64bit-version-with-visual-c.bat +++ /dev/null @@ -1,30 +0,0 @@ -@echo off -rem This batchfile shows how to generate a 64 bit version of cyglsa.dll. -rem The 32 bit version will not work on 64 bit systems. -rem -rem Note that you need not only the SDK headers and libs, but also the -rem 64 bit ntdll.lib file from a DDK supporting 64 bit builds. -rem -rem Make sure all necessary include paths are set in %Include% (inc\ddk, -rem inc\atl, inc\crt) and make sure that %Lib% points to the 64 bit libs, not -rem to the 32 bit libs. In the latter case the link stage will succeed, -rem but the resulting DLL is non-functional. -rem -rem This can be used as long as no x86_64-pe/coff capable gcc is available. -rem Note that this is for building inside the source dir as not to interfere -rem with the "official" 32 bit build in the build directory. -rem -rem Install the dll into /bin and use the cyglsa-config script to register it. -rem Don't forget to reboot afterwards. -rem -rem Use "/DDEBUGGING" in the cl line to create debugging output to -rem C:\cyglsa.dbgout at runtime. -rem -rem No idea when that changed, but in the latest SDKs you have to disable -rem the security checks and there's apparently no runtmchk.lib anymore. -rem I leave the old statements in for reference. -rem cl /Wp64 /c cyglsa.c -rem link /nodefaultlib /dll /machine:x64 /entry:DllMain /out:cyglsa64.dll /def:mslsa.def cyglsa.obj runtmchk.lib advapi32.lib kernel32.lib ntdll.lib -rem cl /Wp64 /EHs-c- /GS- /GR- /GL- /c cyglsa.c -cl /EHs-c- /GS- /GR- /GL- /c cyglsa.c -link /nodefaultlib /dll /machine:x64 /entry:DllMain /out:cyglsa64.dll /def:mslsa.def cyglsa.obj advapi32.lib kernel32.lib ntdll.lib