Throughout remove using wincap.
* Makefile.in (OBJS): Remove wincap.o. * README: Don't mention 9x. * bsd_mutex.cc (_mtx_unlock): Drop checking for 9x error codes. * cygserver.cc (server_submission_loop::request_loop): Add FIXME comment. * wincap.cc: Remove. * wincap.h: Remove. * woutsup.h: Don't include wincap.h.
This commit is contained in:
parent
aaee2ffaed
commit
7131554a69
@ -1,3 +1,15 @@
|
||||
2007-02-23 Corinna Vinschen <corinna@vinschen.de>
|
||||
|
||||
Throughout remove using wincap.
|
||||
* Makefile.in (OBJS): Remove wincap.o.
|
||||
* README: Don't mention 9x.
|
||||
* bsd_mutex.cc (_mtx_unlock): Drop checking for 9x error codes.
|
||||
* cygserver.cc (server_submission_loop::request_loop): Add FIXME
|
||||
comment.
|
||||
* wincap.cc: Remove.
|
||||
* wincap.h: Remove.
|
||||
* woutsup.h: Don't include wincap.h.
|
||||
|
||||
2007-02-22 Corinna Vinschen <corinna@vinschen.de>
|
||||
|
||||
* Makefile.in (OBJS): Drop transport_sockets.o.
|
||||
|
@ -40,7 +40,7 @@ override CXXFLAGS+=-MMD -DHAVE_DECL_GETOPT=0 -D__OUTSIDE_CYGWIN__ -DSYSCONFDIR="
|
||||
OBJS:= cygserver.o client.o process.o msg.o sem.o shm.o threaded_queue.o \
|
||||
transport.o transport_pipes.o \
|
||||
bsd_helper.o bsd_log.o bsd_mutex.o \
|
||||
sysv_msg.o sysv_sem.o sysv_shm.o wincap.o
|
||||
sysv_msg.o sysv_sem.o sysv_shm.o
|
||||
LIBOBJS:=${patsubst %.o,lib%.o,$(OBJS)}
|
||||
|
||||
CYGWIN_OBJS:=$(cygwin_build)/smallprint.o $(cygwin_build)/version.o
|
||||
|
@ -93,9 +93,7 @@ Cygserver command line options:
|
||||
-y, --syslog
|
||||
|
||||
Force logging to the system log. This is the default, if stderr is not
|
||||
connected to a tty, e. g. redirected to a file. Note, that on 9x/Me
|
||||
systems the syslog is faked by a file C:\CYGWIN_SYSLOG.TXT.
|
||||
Configuration file option: kern.log.syslog
|
||||
connected to a tty, e. g. redirected to a file.
|
||||
|
||||
-Y, --no-syslog
|
||||
|
||||
@ -150,14 +148,9 @@ How to start Cygserver:
|
||||
Due to the wide configurability by changing the configuration file,
|
||||
that's typically not necessary.
|
||||
|
||||
On Windows 9x/Me, just start Cygserver in any console window. It's
|
||||
advisable to redirect stderr to a file of choice (e. g.
|
||||
/var/log/cygserver.log) and to use the -e and -Y options or the
|
||||
set the appropriate settings in the configuration file (see below).
|
||||
|
||||
On Windows NT/2000/XP or 2003, you should always run Cygserver as a
|
||||
service under LocalSystem account. This is the way it is installed
|
||||
for you by the /usr/bin/cygserver-config script.
|
||||
It's best practice to run Cygserver as a service under LocalSystem
|
||||
account. This is the way it is installed for you by the
|
||||
/usr/bin/cygserver-config script.
|
||||
|
||||
|
||||
How to use the Cygserver services:
|
||||
|
@ -1,6 +1,6 @@
|
||||
/* bsd_helper.cc
|
||||
|
||||
Copyright 2003, 2004, 2005 Red Hat Inc.
|
||||
Copyright 2003, 2004, 2005, 2007 Red Hat Inc.
|
||||
|
||||
This file is part of Cygwin.
|
||||
|
||||
@ -233,14 +233,11 @@ PSID admininstrator_group_sid;
|
||||
static void
|
||||
init_admin_sid (void)
|
||||
{
|
||||
if (wincap.has_security ())
|
||||
{
|
||||
SID_IDENTIFIER_AUTHORITY nt_auth = {SECURITY_NT_AUTHORITY};
|
||||
if (! AllocateAndInitializeSid (&nt_auth, 2, 32, 544, 0, 0, 0, 0, 0, 0,
|
||||
&admininstrator_group_sid))
|
||||
panic ("failed to create well known sids, error = %lu",
|
||||
GetLastError ());
|
||||
}
|
||||
SID_IDENTIFIER_AUTHORITY nt_auth = {SECURITY_NT_AUTHORITY};
|
||||
if (! AllocateAndInitializeSid (&nt_auth, 2, 32, 544, 0, 0, 0, 0, 0, 0,
|
||||
&admininstrator_group_sid))
|
||||
panic ("failed to create well known sids, error = %lu",
|
||||
GetLastError ());
|
||||
}
|
||||
|
||||
SECURITY_DESCRIPTOR sec_all_nih_sd;
|
||||
@ -367,10 +364,6 @@ ipcperm (struct thread *td, ipc_perm *perm, unsigned int mode)
|
||||
int
|
||||
suser (struct thread *td)
|
||||
{
|
||||
/* Always superuser on 9x. */
|
||||
if (!wincap.has_security ())
|
||||
return 0;
|
||||
|
||||
/* This value has been set at ImpersonateNamedPipeClient() time
|
||||
using the token information. See adjust_identity_info() below. */
|
||||
return td->ipcblk->is_admin ? 0 : EACCES;
|
||||
@ -385,10 +378,6 @@ adjust_identity_info (struct proc *p)
|
||||
{
|
||||
HANDLE tok;
|
||||
|
||||
/* No access tokens on 9x. */
|
||||
if (!wincap.has_security ())
|
||||
return true;
|
||||
|
||||
if (!OpenThreadToken (GetCurrentThread (), TOKEN_READ, TRUE, &tok))
|
||||
{
|
||||
debug ("Failed to open worker thread access token for pid %d, winpid %d",
|
||||
|
@ -1,6 +1,6 @@
|
||||
/* bsd_mutex.cc
|
||||
|
||||
Copyright 2003, 2004, 2005 Red Hat Inc.
|
||||
Copyright 2003, 2004, 2005, 2007 Red Hat Inc.
|
||||
|
||||
This file is part of Cygwin.
|
||||
|
||||
@ -83,11 +83,8 @@ _mtx_unlock (mtx *m, const char *file, int line)
|
||||
In that case, m->h is NULL. */
|
||||
if (m->h && !ReleaseSemaphore (m->h, 1, NULL))
|
||||
{
|
||||
/* Check if the semaphore was already on it's max value. In this case,
|
||||
ReleaseSemaphore returns FALSE with an error code which *sic* depends
|
||||
on the OS. */
|
||||
if ( (!wincap.is_winnt () && GetLastError () != ERROR_INVALID_PARAMETER)
|
||||
|| (wincap.is_winnt () && GetLastError () != ERROR_TOO_MANY_POSTS))
|
||||
/* Check if the semaphore was already on it's max value. */
|
||||
if (GetLastError () != ERROR_TOO_MANY_POSTS)
|
||||
_panic (file, line, "release of mutex %s failed, %E", m->name);
|
||||
}
|
||||
_log (file, line, LOG_DEBUG, "Unlocked mutex %s/%u (owner: %u)",
|
||||
@ -112,7 +109,7 @@ win_priority (int priority)
|
||||
{
|
||||
int p = (int)((priority) & PRIO_MASK) - PZERO;
|
||||
/* Generating a valid priority value is a bit tricky. The only valid
|
||||
values on 9x and NT4 are -15, -2, -1, 0, 1, 2, 15. */
|
||||
values on NT4 are -15, -2, -1, 0, 1, 2, 15. */
|
||||
switch (p)
|
||||
{
|
||||
case -15: case -14: case -13: case -12: case -11:
|
||||
|
@ -1,6 +1,6 @@
|
||||
/* cygserver.cc
|
||||
|
||||
Copyright 2001, 2002, 2003, 2004, 2005 Red Hat Inc.
|
||||
Copyright 2001, 2002, 2003, 2004, 2005, 2007 Red Hat Inc.
|
||||
|
||||
Written by Egor Duda <deo@logos-m.ru>
|
||||
|
||||
@ -92,6 +92,12 @@ check_and_dup_handle (HANDLE from_process, HANDLE to_process,
|
||||
{
|
||||
HANDLE local_handle = NULL;
|
||||
int ret_val = EACCES;
|
||||
char sd_buf [1024];
|
||||
PSECURITY_DESCRIPTOR sd = (PSECURITY_DESCRIPTOR) &sd_buf;
|
||||
DWORD bytes_needed;
|
||||
PRIVILEGE_SET ps;
|
||||
DWORD ps_len = sizeof (ps);
|
||||
BOOL status;
|
||||
|
||||
if (from_process != GetCurrentProcess ())
|
||||
{
|
||||
@ -107,42 +113,30 @@ check_and_dup_handle (HANDLE from_process, HANDLE to_process,
|
||||
} else
|
||||
local_handle = from_handle;
|
||||
|
||||
if (!wincap.has_security ())
|
||||
assert (!from_process_token);
|
||||
else
|
||||
if (!GetKernelObjectSecurity (local_handle,
|
||||
(OWNER_SECURITY_INFORMATION
|
||||
| GROUP_SECURITY_INFORMATION
|
||||
| DACL_SECURITY_INFORMATION),
|
||||
sd, sizeof (sd_buf), &bytes_needed))
|
||||
{
|
||||
char sd_buf [1024];
|
||||
PSECURITY_DESCRIPTOR sd = (PSECURITY_DESCRIPTOR) &sd_buf;
|
||||
DWORD bytes_needed;
|
||||
PRIVILEGE_SET ps;
|
||||
DWORD ps_len = sizeof (ps);
|
||||
BOOL status;
|
||||
log (LOG_ERR, "error getting handle SD (%lu)", GetLastError ());
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!GetKernelObjectSecurity (local_handle,
|
||||
(OWNER_SECURITY_INFORMATION
|
||||
| GROUP_SECURITY_INFORMATION
|
||||
| DACL_SECURITY_INFORMATION),
|
||||
sd, sizeof (sd_buf), &bytes_needed))
|
||||
{
|
||||
log (LOG_ERR, "error getting handle SD (%lu)", GetLastError ());
|
||||
goto out;
|
||||
}
|
||||
MapGenericMask (&access, &access_mapping);
|
||||
|
||||
MapGenericMask (&access, &access_mapping);
|
||||
if (!AccessCheck (sd, from_process_token, access, &access_mapping,
|
||||
&ps, &ps_len, &access, &status))
|
||||
{
|
||||
log (LOG_ERR, "error checking access rights (%lu)",
|
||||
GetLastError ());
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!AccessCheck (sd, from_process_token, access, &access_mapping,
|
||||
&ps, &ps_len, &access, &status))
|
||||
{
|
||||
log (LOG_ERR, "error checking access rights (%lu)",
|
||||
GetLastError ());
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!status)
|
||||
{
|
||||
log (LOG_ERR, "access to object denied");
|
||||
goto out;
|
||||
}
|
||||
if (!status)
|
||||
{
|
||||
log (LOG_ERR, "access to object denied");
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!DuplicateHandle (from_process, from_handle,
|
||||
@ -176,14 +170,6 @@ client_request_attach_tty::serve (transport_layer_base *const conn,
|
||||
|
||||
assert (!error_code ());
|
||||
|
||||
if (!wincap.has_security ())
|
||||
{
|
||||
log (LOG_NOTICE, "operation only supported on systems with security");
|
||||
error_code (EINVAL);
|
||||
msglen (0);
|
||||
return;
|
||||
}
|
||||
|
||||
if (msglen () != sizeof (req))
|
||||
{
|
||||
log (LOG_ERR, "bad request body length: expecting %lu bytes, got %lu",
|
||||
@ -382,6 +368,9 @@ server_submission_loop::request_loop ()
|
||||
* thread's priority to a level one above that. This fails on
|
||||
* win9x/ME so assume any failure in that call is due to that and
|
||||
* simply call again at one priority level lower.
|
||||
* FIXME: This looks weird and is an issue on NT, too. Per MSDN,
|
||||
* THREAD_PRIORITY_HIGHEST + 1 is only a valid priority level if
|
||||
* the priority class is set to REALTIME_PRIORITY_CLASS.
|
||||
*/
|
||||
if (!SetThreadPriority (GetCurrentThread (), THREAD_PRIORITY_HIGHEST + 1))
|
||||
if (!SetThreadPriority (GetCurrentThread (), THREAD_PRIORITY_HIGHEST))
|
||||
@ -570,7 +559,6 @@ main (const int argc, char *argv[])
|
||||
|
||||
int opt;
|
||||
|
||||
wincap.init ();
|
||||
securityinit ();
|
||||
|
||||
opterr = 0;
|
||||
@ -719,7 +707,7 @@ main (const int argc, char *argv[])
|
||||
if (support_semaphores == TUN_UNDEF)
|
||||
support_semaphores = TUN_TRUE;
|
||||
|
||||
if (wincap.has_security () && !setup_privileges ())
|
||||
if (!setup_privileges ())
|
||||
panic ("Setting process privileges failed.");
|
||||
|
||||
ipcinit ();
|
||||
|
@ -1,23 +0,0 @@
|
||||
/* wincap.cc -- figure out on which OS we're running.
|
||||
Lightweight version for Cygserver
|
||||
|
||||
Copyright 2006 Red Hat, Inc.
|
||||
|
||||
This file is part of Cygwin.
|
||||
|
||||
This software is a copyrighted work licensed under the terms of the
|
||||
Cygwin license. Please consult the file "CYGWIN_LICENSE" for
|
||||
details. */
|
||||
|
||||
#include "woutsup.h"
|
||||
|
||||
wincapc wincap;
|
||||
|
||||
void
|
||||
wincapc::init ()
|
||||
{
|
||||
memset (&version, 0, sizeof version);
|
||||
/* Request simple version info. */
|
||||
version.dwOSVersionInfoSize = sizeof (OSVERSIONINFO);
|
||||
GetVersionEx (&version);
|
||||
}
|
@ -1,30 +0,0 @@
|
||||
/* wincap.h: Header for OS capability class.
|
||||
Lightweight version for Cygserver.
|
||||
|
||||
Copyright 2006 Red Hat, Inc.
|
||||
|
||||
This file is part of Cygwin.
|
||||
|
||||
This software is a copyrighted work licensed under the terms of the
|
||||
Cygwin license. Please consult the file "CYGWIN_LICENSE" for
|
||||
details. */
|
||||
|
||||
#ifndef _CYGSERVER_WINCAP_H
|
||||
#define _CYGSERVER_WINCAP_H
|
||||
|
||||
class wincapc
|
||||
{
|
||||
OSVERSIONINFO version;
|
||||
|
||||
public:
|
||||
void init ();
|
||||
|
||||
bool is_winnt () const
|
||||
{ return version.dwPlatformId == VER_PLATFORM_WIN32_NT; }
|
||||
bool has_security () const
|
||||
{ return version.dwPlatformId == VER_PLATFORM_WIN32_NT; }
|
||||
};
|
||||
|
||||
extern wincapc wincap;
|
||||
|
||||
#endif /* _CYGSERVER_WINCAP_H */
|
@ -1,6 +1,6 @@
|
||||
/* woutsup.h: for Cygwin code compiled outside the DLL (i.e. cygserver).
|
||||
|
||||
Copyright 2002, 2003 Red Hat, Inc.
|
||||
Copyright 2002, 2003, 2007 Red Hat, Inc.
|
||||
|
||||
This file is part of Cygwin.
|
||||
|
||||
@ -40,8 +40,6 @@ details. */
|
||||
#undef _WINNETWK_H
|
||||
#undef _WINSVC_H
|
||||
|
||||
#include "wincap.h"
|
||||
|
||||
#include "bsd_helper.h"
|
||||
#include "bsd_log.h"
|
||||
#include "bsd_mutex.h"
|
||||
|
Loading…
Reference in New Issue
Block a user