/* #define ENABLE_DBUSUSERINFO */
-struct DBusCredentials{
- int uid;
- int gid;
- int pid;
-};
-
#undef open
#define STRSAFE_NO_DEPRECATE
return _dbus_getpid ();
}
+/** Gets our SID
+ * @param points to sid buffer, need to be freed with LocalFree()
+ * @returns process sid
+ */
+dbus_bool_t
+_dbus_getsid(char **sid)
+{
+ HANDLE process_token = NULL;
+ TOKEN_USER *token_user = NULL;
+ DWORD n;
+ PSID psid;
+ int retval = FALSE;
+
+ if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &process_token))
+ {
+ _dbus_win_warn_win_error ("OpenProcessToken failed", GetLastError ());
+ goto failed;
+ }
+ if ((!GetTokenInformation (process_token, TokenUser, NULL, 0, &n)
+ && GetLastError () != ERROR_INSUFFICIENT_BUFFER)
+ || (token_user = alloca (n)) == NULL
+ || !GetTokenInformation (process_token, TokenUser, token_user, n, &n))
+ {
+ _dbus_win_warn_win_error ("GetTokenInformation failed", GetLastError ());
+ goto failed;
+ }
+ psid = token_user->User.Sid;
+ if (!IsValidSid (psid))
+ {
+ _dbus_verbose("%s invalid sid\n",__FUNCTION__);
+ goto failed;
+ }
+ if (!ConvertSidToStringSidA (psid, sid))
+ {
+ _dbus_verbose("%s invalid sid\n",__FUNCTION__);
+ goto failed;
+ }
+okay:
+ retval = TRUE;
+failed:
+ if (process_token != NULL)
+ CloseHandle (process_token);
+
+ _dbus_verbose("_dbus_getsid() returns %d\n",retval);
+ return retval;
+}
#ifdef DBUS_BUILD_TESTS
return TRUE;
}
-/**
- * Gets the credentials of the current process.
- *
- * @param credentials credentials to fill in.
- */
-void
-_dbus_credentials_from_current_process (DBusCredentials *credentials)
-{
- credentials->pid = _dbus_getpid ();
- credentials->uid = _dbus_getuid ();
- credentials->gid = _dbus_getgid ();
-}
-
/**
* Reads a single byte which must be nul (an error occurs otherwise),
* and reads unix credentials if available. Fills in pid/uid/gid with
}
_dbus_string_free(&buf);
- _dbus_credentials_from_current_process (credentials);
+ _dbus_credentials_add_from_current_process (credentials);
_dbus_verbose("FIXME: get faked credentials from current process");
return TRUE;
_dbus_string_get_length (dir));
}
-/**
- * Adds the credentials of the current process to the
- * passed-in credentials object.
- *
- * @param credentials credentials to add to
- * @returns #FALSE if no memory; does not properly roll back on failure, so only some credentials may have been added
- */
-
-dbus_bool_t
-_dbus_credentials_add_from_current_process (DBusCredentials *credentials)
-{
- credentials->pid = _dbus_getpid();
- credentials->uid = _dbus_getuid();
- return TRUE;
-}
-
+/*---------------- DBusCredentials ----------------------------------
/**
- * Gets a UID from a UID string.
+ * Adds the credentials corresponding to the given username.
*
- * @param uid_str the UID in string form
- * @param uid UID to fill in
- * @returns #TRUE if successfully filled in UID
+ * @param credentials credentials to fill in
+ * @param username the username
+ * @returns #TRUE if the username existed and we got some credentials
*/
dbus_bool_t
-_dbus_parse_uid (const DBusString *uid_str,
- dbus_uid_t *uid)
+_dbus_credentials_add_from_user (DBusCredentials *credentials,
+ const DBusString *username)
{
- int end;
- long val;
-
- if (_dbus_string_get_length (uid_str) == 0)
- {
- _dbus_verbose ("UID string was zero length\n");
- return FALSE;
- }
-
- val = -1;
- end = 0;
- if (!_dbus_string_parse_int (uid_str, 0, &val,
- &end))
- {
- _dbus_verbose ("could not parse string as a UID\n");
- return FALSE;
- }
-
- if (end != _dbus_string_get_length (uid_str))
- {
- _dbus_verbose ("string contained trailing stuff after UID\n");
- return FALSE;
- }
-
- *uid = val;
-
- return TRUE;
+ return _dbus_credentials_add_windows_sid (credentials,
+ _dbus_string_get_const_data(username));
}
/**
- * Parses a desired identity provided from a client in the auth protocol.
- * On UNIX this means parsing a UID.
+ * Adds the credentials of the current process to the
+ * passed-in credentials object.
*
- * @todo this is broken because it treats OOM and parse error
- * the same way. Needs a #DBusError.
- *
- * @param credentials the credentials to add what we parse to
- * @param desired_identity the string to parse
- * @returns #TRUE if we successfully parsed something
+ * @param credentials credentials to add to
+ * @returns #FALSE if no memory; does not properly roll back on failure, so only some credentials may have been added
*/
+
dbus_bool_t
-_dbus_credentials_parse_and_add_desired (DBusCredentials *credentials,
- const DBusString *desired_identity)
+_dbus_credentials_add_from_current_process (DBusCredentials *credentials)
{
- dbus_uid_t uid;
+ dbus_bool_t retval = FALSE;
+ char *sid = NULL;
- if (!_dbus_parse_uid (desired_identity, &uid))
- return FALSE;
+ if (!_dbus_getsid(&sid))
+ goto failed;
- if (!_dbus_credentials_add_unix_uid (credentials, uid))
- return FALSE;
+ if (!_dbus_credentials_add_unix_pid(credentials, _dbus_getpid()))
+ goto failed;
- return TRUE;
-}
+ if (!_dbus_credentials_add_windows_sid (credentials,sid))
+ goto failed;
-/**
- * Adds the credentials corresponding to the given username.
- *
- * @param credentials credentials to fill in
- * @param username the username
- * @returns #TRUE if the username existed and we got some credentials
- */
-dbus_bool_t
-_dbus_credentials_add_from_user (DBusCredentials *credentials,
- const DBusString *username)
-{
- _dbus_verbose("_dbus_credentials_add_from_user is not implemented");
- return FALSE;
+ retval = TRUE;
+ goto end;
+failed:
+ retval = FALSE;
+end:
+ if (sid)
+ LocalFree(sid);
+
+ return retval;
}
/**
*
* @param str the string to append to
* @returns #FALSE on no memory
+ * @todo to which class belongs this
*/
dbus_bool_t
_dbus_append_user_from_current_process (DBusString *str)
{
- return _dbus_string_append_uint (str,
- _dbus_getuid ());
+ dbus_bool_t retval = FALSE;
+ char *sid = NULL;
+
+ if (!_dbus_getsid(&sid))
+ return FALSE;
+
+ retval = _dbus_string_append (str,sid);
+
+ LocalFree(sid);
+ return retval;
}
/**
projects / thirdparty / dbus.git / commitdiff
