* cygheap.h (enum impersonation): New enum.

(cygheap_user::token): Delete.
	(cygheap_user::impersonated): Delete.
	(cygheap_user::external_token): New member.
	(cygheap_user::internal_token): New member.
	(cygheap_user::impersonation_state): New member.
	(cygheap_user::issetuid): Modify.
	(cygheap_user::token): New method.
	(cygheap_user::deimpersonate): New method.
	(cygheap_user::reimpersonate): New method.
	(cygheap_user::has_impersonation_tokens): New method.
	(cygheap_user::close_impersonation_tokens): New method.
	* dtable.cc (dtable::vfork_child_dup): Use new cygheap_user methods.
	* fhandler_socket.cc (fhandler_socket::dup): Ditto.
	* fork.cc (fork_child): Ditto.
	(fork_parent): Ditto.
	* grp.cc (internal_getgroups): Ditto.
	* security.cc (verify_token): Ditto.
	(check_file_access): Ditto.
	(cygwin_set_impersonation_token): Detect conflicts. Set
	user.external_token.
	* spawn.cc (spawn_guts): Use new cygheap_user methods.
	* syscalls.cc (seteuid32): Rearrange to use the two tokens
	in cygheap_user.
	(setegid32): Use new cygheap_user methods.
	* uinfo.cc: (internal_getlogin): Ditto.
This commit is contained in:
Corinna Vinschen
2003-06-30 13:07:36 +00:00
parent 3fbdb70ec6
commit 70249d5687
10 changed files with 160 additions and 115 deletions

View File

@@ -92,7 +92,13 @@ enum homebodies
CH_HOME
};
struct passwd;
enum impersonation
{
IMP_BAD = -1,
IMP_NONE = 0,
IMP_EXTERNAL,
IMP_INTERNAL
};
class cygheap_user
{
@@ -117,8 +123,9 @@ public:
/* token is needed if set(e)uid should be called. It can be set by a call
to `set_impersonation_token()'. */
HANDLE token;
BOOL impersonated;
HANDLE external_token;
HANDLE internal_token;
enum impersonation impersonation_state;
/* CGF 2002-06-27. I removed the initializaton from this constructor
since this class is always allocated statically. That means that everything
@@ -165,7 +172,40 @@ public:
const char *ontherange (homebodies what, struct passwd * = NULL);
bool issetuid () const
{
return impersonated && token != INVALID_HANDLE_VALUE;
return impersonation_state > IMP_NONE;
}
HANDLE token ()
{
if (impersonation_state == IMP_EXTERNAL)
return external_token;
if (impersonation_state == IMP_INTERNAL)
return internal_token;
return INVALID_HANDLE_VALUE;
}
void deimpersonate ()
{
if (impersonation_state > IMP_NONE)
RevertToSelf ();
}
void reimpersonate ()
{
if (impersonation_state > IMP_NONE
&& !ImpersonateLoggedOnUser (token ()))
system_printf ("ImpersonateLoggedOnUser: %E");
}
bool has_impersonation_tokens () { return external_token || internal_token; }
void close_impersonation_tokens ()
{
if (external_token)
{
CloseHandle (external_token);
external_token = 0;
}
if (internal_token)
{
CloseHandle (internal_token);
internal_token = 0;
}
}
const char *cygheap_user::test_uid (char *&, const char *, size_t)
__attribute__ ((regparm (3)));