From 51e54d9529334e59026de0506c5e853d40e3524c Mon Sep 17 00:00:00 2001
From: Ralf Habacker <ralf.habacker@freenet.de>
Date: Thu, 21 Jun 2007 13:11:10 +0000
Subject: * dbus/dbus-sysdeps-win.c: deleted local DBusCredentials structure   
  (_dbus_getsid): new function     (_dbus_read_credentials_socket): fixed    
 (_dbus_append_user_from_current_process,
 _dbus_credentials_add_from_current_process): added real sid reading    
 (_dbus_credentials_parse_and_add_desired,_dbus_parse_uid): deleted

---
 dbus/dbus-sysdeps-win.c | 191 +++++++++++++++++++++++-------------------------
 1 file changed, 90 insertions(+), 101 deletions(-)

(limited to 'dbus/dbus-sysdeps-win.c')

diff --git a/dbus/dbus-sysdeps-win.c b/dbus/dbus-sysdeps-win.c
index 67725d83..2e95f9b1 100644
--- a/dbus/dbus-sysdeps-win.c
+++ b/dbus/dbus-sysdeps-win.c
@@ -28,12 +28,6 @@
 
 /* #define ENABLE_DBUSUSERINFO */
 
-struct DBusCredentials{
-    int uid;
-    int gid;
-    int pid;
-};
-
 #undef open
 
 #define STRSAFE_NO_DEPRECATE
@@ -1883,6 +1877,52 @@ _dbus_pid_for_log (void)
   return _dbus_getpid ();
 }
 
+/** Gets our SID
+ * @param points to sid buffer, need to be freed with LocalFree()
+ * @returns process sid
+ */
+dbus_bool_t
+_dbus_getsid(char **sid)
+{
+  HANDLE process_token = NULL;
+  TOKEN_USER *token_user = NULL;
+  DWORD n;
+  PSID psid;
+  int retval = FALSE;
+  
+  if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &process_token)) 
+    {
+      _dbus_win_warn_win_error ("OpenProcessToken failed", GetLastError ());
+      goto failed;
+    }
+  if ((!GetTokenInformation (process_token, TokenUser, NULL, 0, &n)
+            && GetLastError () != ERROR_INSUFFICIENT_BUFFER)
+           || (token_user = alloca (n)) == NULL
+           || !GetTokenInformation (process_token, TokenUser, token_user, n, &n))
+    {
+      _dbus_win_warn_win_error ("GetTokenInformation failed", GetLastError ());
+      goto failed;
+    }
+  psid = token_user->User.Sid;
+  if (!IsValidSid (psid))
+    {
+      _dbus_verbose("%s invalid sid\n",__FUNCTION__);
+      goto failed;
+    }
+  if (!ConvertSidToStringSidA (psid, sid))
+    {
+      _dbus_verbose("%s invalid sid\n",__FUNCTION__);
+      goto failed;
+    }
+okay:
+  retval = TRUE;
+failed:
+  if (process_token != NULL)
+    CloseHandle (process_token);
+
+  _dbus_verbose("_dbus_getsid() returns %d\n",retval);
+  return retval;
+}
 
 
 #ifdef DBUS_BUILD_TESTS
@@ -3988,19 +4028,6 @@ again:
   return TRUE;
 }
 
-/**
- * Gets the credentials of the current process.
- *
- * @param credentials credentials to fill in.
- */
-void
-_dbus_credentials_from_current_process (DBusCredentials *credentials)
-{
-  credentials->pid = _dbus_getpid ();
-  credentials->uid = _dbus_getuid ();
-  credentials->gid = _dbus_getgid ();
-}
-
 /**
  * Reads a single byte which must be nul (an error occurs otherwise),
  * and reads unix credentials if available. Fills in pid/uid/gid with
@@ -4035,7 +4062,7 @@ _dbus_read_credentials_socket  (int              handle,
     }
 
   _dbus_string_free(&buf);
-  _dbus_credentials_from_current_process (credentials);
+  _dbus_credentials_add_from_current_process (credentials);
   _dbus_verbose("FIXME: get faked credentials from current process");
 
   return TRUE;
@@ -4189,102 +4216,55 @@ _dbus_concat_dir_and_file (DBusString       *dir,
                             _dbus_string_get_length (dir));
 }
 
-/**
- * Adds the credentials of the current process to the
- * passed-in credentials object.
- *
- * @param credentials credentials to add to
- * @returns #FALSE if no memory; does not properly roll back on failure, so only some credentials may have been added
- */
-
-dbus_bool_t
-_dbus_credentials_add_from_current_process (DBusCredentials *credentials)
-{
-  credentials->pid = _dbus_getpid();
-  credentials->uid = _dbus_getuid();
-  return TRUE;
-}
-
+/*---------------- DBusCredentials ----------------------------------
 
 /**
- * Gets a UID from a UID string.
+ * Adds the credentials corresponding to the given username.
  *
- * @param uid_str the UID in string form
- * @param uid UID to fill in
- * @returns #TRUE if successfully filled in UID
+ * @param credentials credentials to fill in 
+ * @param username the username
+ * @returns #TRUE if the username existed and we got some credentials
  */
 dbus_bool_t
-_dbus_parse_uid (const DBusString      *uid_str,
-                 dbus_uid_t            *uid)
+_dbus_credentials_add_from_user (DBusCredentials  *credentials,
+                                     const DBusString *username)
 {
-  int end;
-  long val;
-  
-  if (_dbus_string_get_length (uid_str) == 0)
-    {
-      _dbus_verbose ("UID string was zero length\n");
-      return FALSE;
-    }
-
-  val = -1;
-  end = 0;
-  if (!_dbus_string_parse_int (uid_str, 0, &val,
-                               &end))
-    {
-      _dbus_verbose ("could not parse string as a UID\n");
-      return FALSE;
-    }
-  
-  if (end != _dbus_string_get_length (uid_str))
-    {
-      _dbus_verbose ("string contained trailing stuff after UID\n");
-      return FALSE;
-    }
-
-  *uid = val;
-
-  return TRUE;
+  return _dbus_credentials_add_windows_sid (credentials,
+                    _dbus_string_get_const_data(username));
 }
 
 /**
- * Parses a desired identity provided from a client in the auth protocol.
- * On UNIX this means parsing a UID.
+ * Adds the credentials of the current process to the
+ * passed-in credentials object.
  *
- * @todo this is broken because it treats OOM and parse error
- * the same way. Needs a #DBusError.
- * 
- * @param credentials the credentials to add what we parse to
- * @param desired_identity the string to parse
- * @returns #TRUE if we successfully parsed something
+ * @param credentials credentials to add to
+ * @returns #FALSE if no memory; does not properly roll back on failure, so only some credentials may have been added
  */
+
 dbus_bool_t
-_dbus_credentials_parse_and_add_desired (DBusCredentials  *credentials,
-                                         const DBusString *desired_identity)
+_dbus_credentials_add_from_current_process (DBusCredentials *credentials)
 {
-  dbus_uid_t uid;
+  dbus_bool_t retval = FALSE;
+  char *sid = NULL;
 
-  if (!_dbus_parse_uid (desired_identity, &uid))
-    return FALSE;
+  if (!_dbus_getsid(&sid))
+    goto failed;
 
-  if (!_dbus_credentials_add_unix_uid (credentials, uid))
-    return FALSE;
+  if (!_dbus_credentials_add_unix_pid(credentials, _dbus_getpid()))
+    goto failed;
 
-  return TRUE;
-}
+  if (!_dbus_credentials_add_windows_sid (credentials,sid))
+    goto failed;
 
-/**
- * Adds the credentials corresponding to the given username.
- *
- * @param credentials credentials to fill in 
- * @param username the username
- * @returns #TRUE if the username existed and we got some credentials
- */
-dbus_bool_t
-_dbus_credentials_add_from_user (DBusCredentials  *credentials,
-                                     const DBusString *username)
-{
-  _dbus_verbose("_dbus_credentials_add_from_user is not implemented");
-  return FALSE;
+  retval = TRUE;
+  goto end;
+failed:
+  retval = FALSE;
+end:
+  if (sid)
+    LocalFree(sid);
+
+  return retval;
 }
 
 /**
@@ -4297,12 +4277,21 @@ _dbus_credentials_add_from_user (DBusCredentials  *credentials,
  * 
  * @param str the string to append to
  * @returns #FALSE on no memory
+ * @todo to which class belongs this 
  */
 dbus_bool_t
 _dbus_append_user_from_current_process (DBusString *str)
 {
-  return _dbus_string_append_uint (str,
-                                   _dbus_getuid ());
+  dbus_bool_t retval = FALSE;
+  char *sid = NULL;
+
+  if (!_dbus_getsid(&sid))
+    return FALSE;
+
+  retval = _dbus_string_append (str,sid);
+
+  LocalFree(sid);
+  return retval;
 }
 
 /**
-- 
cgit