This is the mail archive of the
cygwin-apps-cvs
mailing list for the cygwin-apps project.
[login - The unix login(1), tweaked for Cygwin] branch master, updated. v1_12
- From: corinna at sourceware dot org
- To: cygwin-apps-cvs at sourceware dot org
- Date: 18 Jun 2018 12:12:58 -0000
- Subject: [login - The unix login(1), tweaked for Cygwin] branch master, updated. v1_12
https://sourceware.org/git/gitweb.cgi?p=cygwin-apps/login.git;h=9e8b7b73e99242ce7047a18bf8028fb10c2c03ac
commit 9e8b7b73e99242ce7047a18bf8028fb10c2c03ac
Author: Corinna Vinschen <vinschen@redhat.com>
Date: Mon Jun 18 13:55:37 2018 +0200
fix gcc warnings
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
https://sourceware.org/git/gitweb.cgi?p=cygwin-apps/login.git;h=d79c969df159bae1f4457c1096dc8174cf253953
commit d79c969df159bae1f4457c1096dc8174cf253953
Author: Takashi Yano <takashi.yano@nifty.ne.jp>
Date: Sat Jun 16 21:59:30 2018 +0900
Fix the issue that login command with -f flag fails to switch user account.
* login.c (main): Use getpwnam_r() instead of getpwnam() to prevent
the area pointed to by pwd from being overwritten by other calls of
getpw*() family functions.
* login.c (isROOT_UID): Remove checking SeIncreaseQuotaPrivilege
privilege because the account cyg_server created by csih does not
have this privilege.
* winsec.c (getUserInfoForUID): Fix the first argument of the second
NetUserGetInfo() call so that it can check user information locally
if the machine is on a domain.
Refer to the following post for detail.
https://cygwin.com/ml/cygwin/2018-06/msg00146.html
Diff:
---
login.c | 9 +++++----
test_winsec.c | 2 +-
winpriv.c | 6 ++----
winsec.c | 8 +-------
4 files changed, 9 insertions(+), 16 deletions(-)
diff --git a/login.c b/login.c
index 2ddfdcd..271d5e8 100644
--- a/login.c
+++ b/login.c
@@ -91,6 +91,8 @@ static void sleepexit (int eval);
*/
int timeout = 300;
+struct passwd userpwd;
+char pwbuf[16384];
struct passwd *pwd;
int failures;
char term[64], *hostname, *username, *tty;
@@ -213,7 +215,7 @@ main (int argc, char **argv)
}
(void) strcpy (tbuf, username);
#ifdef __CYGWIN__
- pwd = getpwnam (username);
+ getpwnam_r (username, &userpwd, pwbuf, sizeof(pwbuf), &pwd);
#else
if (pwd = getpwnam (username))
salt = pwd->pw_passwd;
@@ -551,10 +553,9 @@ isROOT_UID (uid_t uid)
{
static const char *REQUIRED_PRIVS[] = {
"SeAssignPrimaryTokenPrivilege",
- "SeTcbPrivilege",
- "SeIncreaseQuotaPrivilege"
+ "SeTcbPrivilege"
};
- static const ULONG NUM_REQUIRED_PRIV = 3;
+ static const ULONG NUM_REQUIRED_PRIV = 2;
OSVERSIONINFOEX osvi;
struct passwd *pw;
diff --git a/test_winsec.c b/test_winsec.c
index b6ace0a..f00487a 100644
--- a/test_winsec.c
+++ b/test_winsec.c
@@ -111,7 +111,7 @@ main (int argc, char **argv)
}
else if (var < 0)
{
- fprintf (stderr, "ignoring negative uid (%d): '%s'\n", var, val);
+ fprintf (stderr, "ignoring negative uid (%ld): '%s'\n", var, val);
continue;
}
uid = (uid_t) var;
diff --git a/winpriv.c b/winpriv.c
index 8d9237e..2f19c6e 100644
--- a/winpriv.c
+++ b/winpriv.c
@@ -127,7 +127,7 @@ openPolicy (const char *strMachine, ACCESS_MASK access)
NTSTATUS status;
LSA_UNICODE_STRING machine;
int c;
- int NTCHECKERROR_FAILED = 0;
+ int NTCHECKERROR_FAILED __attribute__ ((__unused__)) = 0;
c = strMachine ? strlen (strMachine) : 0;
machine.Buffer = (PWSTR) alloca ((c + 1) * 2); /* Keep within this function so we *
@@ -202,10 +202,8 @@ getSID (LSA_HANDLE hLSA, const char *strUser)
PLSA_TRANSLATED_SID sids;
int c;
ULONG cSubAuth, NewSidLength;
- PSID NewSid;
+ PSID NewSid = NULL;
NTSTATUS status;
- LPTSTR strSid;
- BOOL bStatus;
int NTCHECKERROR_FAILED = 0;
c = strUser ? strlen (strUser) : 0;
diff --git a/winsec.c b/winsec.c
index 307a66b..4575387 100644
--- a/winsec.c
+++ b/winsec.c
@@ -397,7 +397,6 @@ currentUserIsMemberOfGroupSID (BYTE nSubAuthorityCount,
DWORD dwLength = 0;
PTOKEN_GROUPS ptg = NULL;
int rv = -1;
- int i;
if (!AllocateAndInitializeSid (&nt_auth,
nSubAuthorityCount,
@@ -497,7 +496,6 @@ uidMatchesAccountSID (uid_t uid,
SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY;
PSID requestedSID = NULL;
PSID userSID = NULL;
- DWORD dwLength = 0;
int rv = -1;
if (!AllocateAndInitializeSid (&nt_auth,
@@ -552,7 +550,6 @@ uidIsMemberOfGroupSID (uid_t uid,
SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY;
PSID requestedSID = NULL;
PSID userSID = NULL;
- DWORD dwLength = 0;
int rv = -1;
if (!AllocateAndInitializeSid (&nt_auth,
@@ -874,13 +871,11 @@ getUserInfoForUID (uid_t uid,
DWORD level,
LPBYTE * bufptr, LPWSTR * uni_servername, int *matchedName)
{
- DWORD dwLength = 0;
int rv = -1;
struct passwd *pw;
char name[UNLEN + 1];
WCHAR uni_name[2 * (UNLEN + 1)];
char domain[INTERNET_MAX_HOST_NAME_LENGTH + 1];
- WCHAR uni_domain[2 * (INTERNET_MAX_HOST_NAME_LENGTH + 1)];
char servername[256];
if (!uni_servername)
@@ -978,8 +973,7 @@ getUserInfoForUID (uid_t uid,
/* if we had a domain, then try again locally. if we didn't have a
domain, then the initial call WAS local */
if (NetUserGetInfo
- (*uni_servername, (LPWSTR) & uni_name, level,
- bufptr) != NERR_Success)
+ (NULL, (LPWSTR) & uni_name, level, bufptr) != NERR_Success)
{
syslog (LOG_ERR,
"unable to obtain user info for %s [tried domain controller %s and localhost]\n",