server: Store the token owner separately.
Signed-off-by: Hans Leidekker <hans@codeweavers.com> Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
parent
14191f2dd0
commit
fc3057c4f3
|
@ -104,7 +104,8 @@ struct token
|
||||||
struct list privileges; /* privileges available to the token */
|
struct list privileges; /* privileges available to the token */
|
||||||
struct list groups; /* groups that the user of this token belongs to (sid_and_attributes) */
|
struct list groups; /* groups that the user of this token belongs to (sid_and_attributes) */
|
||||||
SID *user; /* SID of user this token represents */
|
SID *user; /* SID of user this token represents */
|
||||||
SID *primary_group; /* SID of user's primary group */
|
SID *owner; /* SID of owner (points to user or one of groups) */
|
||||||
|
SID *primary_group; /* SID of user's primary group (points to one of groups) */
|
||||||
unsigned primary; /* is this a primary or impersonation token? */
|
unsigned primary; /* is this a primary or impersonation token? */
|
||||||
ACL *default_dacl; /* the default DACL to assign to objects created by this user */
|
ACL *default_dacl; /* the default DACL to assign to objects created by this user */
|
||||||
TOKEN_SOURCE source; /* source of the token */
|
TOKEN_SOURCE source; /* source of the token */
|
||||||
|
@ -582,9 +583,12 @@ static struct token *create_token( unsigned primary, const SID *user,
|
||||||
group->resource = FALSE;
|
group->resource = FALSE;
|
||||||
group->deny_only = FALSE;
|
group->deny_only = FALSE;
|
||||||
list_add_tail( &token->groups, &group->entry );
|
list_add_tail( &token->groups, &group->entry );
|
||||||
/* Use first owner capable group as an owner */
|
/* Use first owner capable group as owner and primary group */
|
||||||
if (!token->primary_group && group->owner)
|
if (!token->primary_group && group->owner)
|
||||||
|
{
|
||||||
|
token->owner = &group->sid;
|
||||||
token->primary_group = &group->sid;
|
token->primary_group = &group->sid;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* copy privileges */
|
/* copy privileges */
|
||||||
|
@ -654,7 +658,10 @@ struct token *token_duplicate( struct token *src_token, unsigned primary,
|
||||||
memcpy( newgroup, group, size );
|
memcpy( newgroup, group, size );
|
||||||
list_add_tail( &token->groups, &newgroup->entry );
|
list_add_tail( &token->groups, &newgroup->entry );
|
||||||
if (src_token->primary_group == &group->sid)
|
if (src_token->primary_group == &group->sid)
|
||||||
|
{
|
||||||
|
token->owner = &newgroup->sid;
|
||||||
token->primary_group = &newgroup->sid;
|
token->primary_group = &newgroup->sid;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
assert( token->primary_group );
|
assert( token->primary_group );
|
||||||
|
|
||||||
|
@ -1393,16 +1400,14 @@ DECL_HANDLER(access_check)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* retrieves the SID of the user that the token represents */
|
/* retrieves an SID from the token */
|
||||||
DECL_HANDLER(get_token_sid)
|
DECL_HANDLER(get_token_sid)
|
||||||
{
|
{
|
||||||
struct token *token;
|
struct token *token;
|
||||||
|
|
||||||
reply->sid_len = 0;
|
reply->sid_len = 0;
|
||||||
|
|
||||||
if ((token = (struct token *)get_handle_obj( current->process, req->handle,
|
if ((token = (struct token *)get_handle_obj( current->process, req->handle, TOKEN_QUERY, &token_ops )))
|
||||||
TOKEN_QUERY,
|
|
||||||
&token_ops )))
|
|
||||||
{
|
{
|
||||||
const SID *sid = NULL;
|
const SID *sid = NULL;
|
||||||
|
|
||||||
|
@ -1416,18 +1421,8 @@ DECL_HANDLER(get_token_sid)
|
||||||
sid = token->primary_group;
|
sid = token->primary_group;
|
||||||
break;
|
break;
|
||||||
case TokenOwner:
|
case TokenOwner:
|
||||||
{
|
sid = token->owner;
|
||||||
struct group *group;
|
|
||||||
LIST_FOR_EACH_ENTRY( group, &token->groups, struct group, entry )
|
|
||||||
{
|
|
||||||
if (group->owner)
|
|
||||||
{
|
|
||||||
sid = &group->sid;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
}
|
|
||||||
case TokenLogonSid:
|
case TokenLogonSid:
|
||||||
sid = (const SID *)&builtin_logon_sid;
|
sid = (const SID *)&builtin_logon_sid;
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in New Issue