mysys: remove windac my_security_attr_create (#1391)

No longer used.

mysys: remove windac my_security_attr_create (#1391)
No longer used.
8eb03845 · Daniel Black · GitHub · c400a73d · 8eb03845 · 8eb03845
Commit 8eb03845 authored Feb 14, 2020 by Daniel Black Committed by GitHub Feb 14, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 0 additions and 210 deletions

include/my_sys.h include/my_sys.h +0 -7

mysys/CMakeLists.txt mysys/CMakeLists.txt +0 -1

mysys/my_windac.c mysys/my_windac.c +0 -202

No files found.
--- a/include/my_sys.h
+++ b/include/my_sys.h
@@ -1070,13 +1070,6 @@ extern void thd_increment_net_big_packet_count(void *thd, size_t length);
 #ifdef __WIN__
 extern my_bool have_tcpip;		/* Is set if tcpip is used */

-/* implemented in my_windac.c */
-
-int my_security_attr_create(SECURITY_ATTRIBUTES **psa, const char **perror,
-                            DWORD owner_rights, DWORD everybody_rights);
-
-void my_security_attr_free(SECURITY_ATTRIBUTES *sa);
-
 /* implemented in my_conio.c */
 char* my_cgets(char *string, size_t clen, size_t* plen);


--- a/mysys/CMakeLists.txt
+++ b/mysys/CMakeLists.txt
@@ -53,7 +53,6 @@ IF (WIN32)
    my_wincond.c
    my_winerr.c
    my_winfile.c
-    my_windac.c
    my_conio.c
    my_win_popen.cc)
 ENDIF()

--- a/mysys/my_windac.c
+++ b/mysys/my_windac.c
-/* Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335  USA */
-
-#include "mysys_priv.h"
-#include "m_string.h"
-#ifdef __WIN__
-
-/*
-  Auxiliary structure to store pointers to the data which we need to keep
-  around while SECURITY_ATTRIBUTES is in use.
-*/
-
-typedef struct st_my_security_attr
-{
-  PSID everyone_sid;
-  PACL dacl;
-} My_security_attr;
-
-
-/*
-  Allocate and initialize SECURITY_ATTRIBUTES setting up access
-  rights for the owner and group `Everybody'.
-
-  SYNOPSIS
-    my_security_attr_create()
-    psa                [OUT] pointer to store the pointer to SA in
-    perror             [OUT] pointer to store error message if there was an
-                             error
-    owner_rights       [IN]  access rights for the owner
-    everyone_rights    [IN]  access rights for group Everybody
-
-  DESCRIPTION
-    Set up the security attributes to provide clients with sufficient
-    access rights to a kernel object. We need this function
-    because if we simply grant all access to everybody (by installing
-    a NULL DACL) a mailicious user can attempt a denial of service
-    attack by taking ownership over the kernel object. Upon successful
-    return `psa' contains a pointer to SECUIRITY_ATTRIBUTES that can be used
-    to create kernel objects with proper access rights.
-
-  RETURN
-    0  success, psa is 0 or points to a valid SA structure,
-       perror is left intact
-   !0  error, SA is set to 0, error message is stored in perror
-*/
-
-int my_security_attr_create(SECURITY_ATTRIBUTES **psa, const char **perror,
-                            DWORD owner_rights, DWORD everyone_rights)
-{
-  /* Top-level SID authority */
-  SID_IDENTIFIER_AUTHORITY world_auth= SECURITY_WORLD_SID_AUTHORITY;
-  PSID everyone_sid= 0;
-  HANDLE htoken= 0;
-  SECURITY_ATTRIBUTES *sa= 0;
-  PACL dacl= 0;
-  DWORD owner_token_length, dacl_length;
-  SECURITY_DESCRIPTOR *sd;
-  PTOKEN_USER owner_token;
-  PSID owner_sid;
-  My_security_attr *attr;
-
-  /*
-    Get SID of Everyone group. Easier to retrieve all SIDs each time
-    this function is called than worry about thread safety.
-  */
-  if (! AllocateAndInitializeSid(&world_auth, 1, SECURITY_WORLD_RID,
-                                 0, 0, 0, 0, 0, 0, 0, &everyone_sid))
-  {
-    *perror= "Failed to retrieve the SID of Everyone group";
-    goto error;
-  }
-
-  /*
-    Get SID of the owner. Using GetSecurityInfo this task can be done
-    in just one call instead of five, but GetSecurityInfo declared in
-    aclapi.h, so I hesitate to use it.
-    SIC: OpenThreadToken works only if there is an active impersonation
-    token, hence OpenProcessToken is used.
-  */
-  if (! OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &htoken))
-  {
-    *perror= "Failed to retrieve thread access token";
-    goto error;
-  }
-  GetTokenInformation(htoken, TokenUser, 0, 0, &owner_token_length);
-
-  if (! my_multi_malloc(MYF(MY_WME),
-                        &sa, ALIGN_SIZE(sizeof(SECURITY_ATTRIBUTES)) +
-                             sizeof(My_security_attr),
-                        &sd, sizeof(SECURITY_DESCRIPTOR),
-                        &owner_token, owner_token_length,
-                        0))
-  {
-    *perror= "Failed to allocate memory for SECURITY_ATTRIBUTES";
-    goto error;
-  }
-  bzero(owner_token, owner_token_length);
-  if (! GetTokenInformation(htoken, TokenUser, owner_token,
-                            owner_token_length, &owner_token_length))
-  {
-    *perror= "GetTokenInformation failed";
-    goto error;
-  }
-  owner_sid= owner_token->User.Sid;
-
-  if (! IsValidSid(owner_sid))
-  {
-    *perror= "IsValidSid failed";
-    goto error;
-  }
-
-  /* Calculate the amount of memory that must be allocated for the DACL */
-  dacl_length= sizeof(ACL) + (sizeof(ACCESS_ALLOWED_ACE)-sizeof(DWORD)) * 2 +
-               GetLengthSid(everyone_sid) + GetLengthSid(owner_sid);
-
-  /* Create an ACL */
-  if (! (dacl= (PACL) my_malloc(dacl_length, MYF(MY_ZEROFILL|MY_WME))))
-  {
-    *perror= "Failed to allocate memory for DACL";
-    goto error;
-  }
-  if (! InitializeAcl(dacl, dacl_length, ACL_REVISION))
-  {
-    *perror= "Failed to initialize DACL";
-    goto error;
-  }
-  if (! AddAccessAllowedAce(dacl, ACL_REVISION, everyone_rights, everyone_sid))
-  {
-    *perror= "Failed to set up DACL";
-    goto error;
-  }
-  if (! AddAccessAllowedAce(dacl, ACL_REVISION, owner_rights, owner_sid))
-  {
-    *perror= "Failed to set up DACL";
-    goto error;
-  }
-  if (! InitializeSecurityDescriptor(sd, SECURITY_DESCRIPTOR_REVISION))
-  {
-    *perror= "Could not initialize security descriptor";
-    goto error;
-  }
-  if (! SetSecurityDescriptorDacl(sd, TRUE, dacl, FALSE))
-  {
-    *perror= "Failed to install DACL";
-    goto error;
-  }
-
-  sa->nLength= sizeof(*sa);
-  sa->bInheritHandle= TRUE;
-  sa->lpSecurityDescriptor= sd;
-  /* Save pointers to everyone_sid and dacl to be able to clean them up */
-  attr= (My_security_attr*) (((char*) sa) + ALIGN_SIZE(sizeof(*sa)));
-  attr->everyone_sid= everyone_sid;
-  attr->dacl= dacl;
-  *psa= sa;
-
-  CloseHandle(htoken);
-  return 0;
-error:
-  if (everyone_sid)
-    FreeSid(everyone_sid);
-  if (htoken)
-    CloseHandle(htoken);
-  my_free(sa);
-  my_free(dacl);
-  *psa= 0;
-  return 1;
-}
-
-/*
-  Cleanup security attributes freeing used memory.
-
-  SYNOPSIS
-    my_security_attr_free()
-    sa   security attributes
-*/
-
-void my_security_attr_free(SECURITY_ATTRIBUTES *sa)
-{
-  if (sa)
-  {
-    My_security_attr *attr= (My_security_attr*)
-                            (((char*)sa) + ALIGN_SIZE(sizeof(*sa)));
-    FreeSid(attr->everyone_sid);
-    my_free(attr->dacl);
-    my_free(sa);
-  }
-}
-
-#endif /* __WIN__ */