diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 51346fc34..8ff1eeafa 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,13 @@ +2007-02-23 Corinna Vinschen + + Throughout remove all usage of wincap.has_security. + * environ.cc (environ_init): Drop setting allow_ntsec here. + * grp.cc (initgroups32): Drop usage of label "out". + * security.cc (allow_ntsec): Set to true by default. + * syscalls.cc (seteuid32): Remove label success_9x. + * wincap.cc: Remove has_security throughout. + * wincap.h: Ditto. + 2007-02-23 Corinna Vinschen * fhandler.h (class fhandler_pipe): Remove members writepipe_exists, diff --git a/winsup/cygwin/cygtls.cc b/winsup/cygwin/cygtls.cc index ce794cd38..dbf9a0183 100644 --- a/winsup/cygwin/cygtls.cc +++ b/winsup/cygwin/cygtls.cc @@ -1,6 +1,6 @@ /* cygtls.cc - Copyright 2003, 2004, 2005, 2006 Red Hat, Inc. + Copyright 2003, 2004, 2005, 2006, 2007 Red Hat, Inc. This software is a copyrighted work licensed under the terms of the Cygwin license. Please consult the file "CYGWIN_LICENSE" for @@ -113,8 +113,7 @@ _cygtls::init_thread (void *x, DWORD (*func) (void *, void *)) || (void *) func == (void *) cygthread::simplestub) return; - if (wincap.has_security ()) - cygheap->user.reimpersonate (); + cygheap->user.reimpersonate (); sentry here (INFINITE); if (nthreads >= cygheap->sthreads) diff --git a/winsup/cygwin/dcrt0.cc b/winsup/cygwin/dcrt0.cc index 57c93017c..694fe0b63 100644 --- a/winsup/cygwin/dcrt0.cc +++ b/winsup/cygwin/dcrt0.cc @@ -734,8 +734,7 @@ dll_crt0_0 () DuplicateHandle (hMainProc, GetCurrentThread (), hMainProc, &hMainThread, 0, false, DUPLICATE_SAME_ACCESS); - if (wincap.has_security ()) - OpenProcessToken (hMainProc, MAXIMUM_ALLOWED, &hProcToken); + OpenProcessToken (hMainProc, MAXIMUM_ALLOWED, &hProcToken); device::init (); do_global_ctors (&__CTOR_LIST__, 1); @@ -841,8 +840,7 @@ dll_crt0_1 (void *) pinfo_init (envp, envc); /* Can be set only after environment has been initialized. */ - if (wincap.has_security ()) - set_cygwin_privileges (hProcToken); + set_cygwin_privileges (hProcToken); if (!old_title && GetConsoleTitle (title_buf, TITLESIZE)) old_title = title_buf; diff --git a/winsup/cygwin/environ.cc b/winsup/cygwin/environ.cc index d5e0ae074..a031a7bda 100644 --- a/winsup/cygwin/environ.cc +++ b/winsup/cygwin/environ.cc @@ -2,7 +2,7 @@ process's environment. Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, - 2006 Red Hat, Inc. + 2006, 2007 Red Hat, Inc. This software is a copyrighted work licensed under the terms of the Cygwin license. Please consult the file "CYGWIN_LICENSE" for @@ -544,19 +544,19 @@ set_proc_retry (const char *buf) static void set_ntea (const char *buf) { - allow_ntea = (buf && strcasematch (buf, "yes") && wincap.has_security ()); + allow_ntea = (buf && strcasematch (buf, "yes")); } static void set_ntsec (const char *buf) { - allow_ntsec = (buf && strcasematch (buf, "yes") && wincap.has_security ()); + allow_ntsec = (buf && strcasematch (buf, "yes")); } static void set_smbntsec (const char *buf) { - allow_smbntsec = (buf && strcasematch (buf, "yes") && wincap.has_security ()); + allow_smbntsec = (buf && strcasematch (buf, "yes")); } /* The structure below is used to set up an array which is used to @@ -749,10 +749,6 @@ environ_init (char **envp, int envc) if (myself->progname[0]) got_something_from_registry = regopt (myself->progname) || got_something_from_registry; - /* Set ntsec explicit as default, if NT is running */ - if (wincap.has_security ()) - allow_ntsec = true; - if (!envp) envp_passed_in = 0; else diff --git a/winsup/cygwin/fhandler.cc b/winsup/cygwin/fhandler.cc index 8cdcacafd..2a92d63dd 100644 --- a/winsup/cygwin/fhandler.cc +++ b/winsup/cygwin/fhandler.cc @@ -1575,10 +1575,6 @@ fhandler_base::fsync () static int check_posix_perm (const char *fname, int v) { - /* Windows 95/98/ME don't support file system security at all. */ - if (!wincap.has_security ()) - return 0; - /* ntea is ok for supporting permission bits but it doesn't support full POSIX security settings. */ if (v == _PC_POSIX_PERMISSIONS && allow_ntea) diff --git a/winsup/cygwin/fhandler_tty.cc b/winsup/cygwin/fhandler_tty.cc index 0121d62b4..6a58ab0af 100644 --- a/winsup/cygwin/fhandler_tty.cc +++ b/winsup/cygwin/fhandler_tty.cc @@ -1,7 +1,7 @@ /* fhandler_tty.cc Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, - 2006 Red Hat, Inc. + 2006, 2007 Red Hat, Inc. This file is part of Cygwin. @@ -535,8 +535,7 @@ fhandler_tty_slave::open (int flags, mode_t) from_master_local = to_master_local = NULL; #ifdef USE_SERVER - if (!wincap.has_security () - || cygserver_running == CYGSERVER_UNAVAIL + if (cygserver_running == CYGSERVER_UNAVAIL || !cygserver_attach_tty (&from_master_local, &to_master_local)) #endif { @@ -1384,11 +1383,8 @@ fhandler_pty_master::setup (bool ispty) In the future the cygserver may allow access by others. */ #ifdef USE_SERVER - if (wincap.has_security ()) - { - if (cygserver_running == CYGSERVER_UNKNOWN) - cygserver_init (); - } + if (cygserver_running == CYGSERVER_UNKNOWN) + cygserver_init (); #endif /* Create synchronisation events */ diff --git a/winsup/cygwin/fork.cc b/winsup/cygwin/fork.cc index f7949d36d..dc59e4f70 100644 --- a/winsup/cygwin/fork.cc +++ b/winsup/cygwin/fork.cc @@ -191,12 +191,9 @@ frok::child (volatile char * volatile here) _impure_ptr = &_main_tls->local_clib; } - if (wincap.has_security ()) - { - set_cygwin_privileges (hProcToken); - clear_procimptoken (); - cygheap->user.reimpersonate (); - } + set_cygwin_privileges (hProcToken); + clear_procimptoken (); + cygheap->user.reimpersonate (); #ifdef DEBUGGING char c; diff --git a/winsup/cygwin/grp.cc b/winsup/cygwin/grp.cc index fafef7587..edec62439 100644 --- a/winsup/cygwin/grp.cc +++ b/winsup/cygwin/grp.cc @@ -1,7 +1,7 @@ /* grp.cc - Copyright 1996, 1997, 1998, 2000, 2001, 2002, 2003, 2004, 2005 - Red Hat, Inc. + Copyright 1996, 1997, 1998, 2000, 2001, 2002, 2003, 2004, 2005, 2006, + 2007 Red Hat, Inc. Original stubs by Jason Molenda of Cygnus Support, crash@cygnus.com First implementation by Gunther Ebert, gunther.ebert@ixos-leipzig.de @@ -84,15 +84,11 @@ pwdgrp::read_group () static char linebuf [200]; char group_name [UNLEN + 1] = "mkgroup"; char strbuf[128] = ""; + struct __group32 *gr; - if (wincap.has_security ()) - { - struct __group32 *gr; - - cygheap->user.groups.pgsid.string (strbuf); - if ((gr = internal_getgrsid (cygheap->user.groups.pgsid))) - strlcpy (group_name, gr->gr_name, sizeof (group_name)); - } + cygheap->user.groups.pgsid.string (strbuf); + if ((gr = internal_getgrsid (cygheap->user.groups.pgsid))) + strlcpy (group_name, gr->gr_name, sizeof (group_name)); if (myself->uid == UNKNOWN_UID) strcpy (group_name, "mkpasswd"); /* Feedback... */ snprintf (linebuf, sizeof (linebuf), "%s:%s:%lu:%s", @@ -101,8 +97,7 @@ pwdgrp::read_group () add_line (linebuf); } static char NO_COPY pretty_ls[] = "????????::-1:"; - if (wincap.has_security ()) - add_line (pretty_ls); + add_line (pretty_ls); } muto NO_COPY pwdgrp::pglock; @@ -467,34 +462,29 @@ getgroups (int gidsetsize, __gid16_t *grouplist) extern "C" int initgroups32 (const char *name, __gid32_t gid) { - int ret; - if (wincap.has_security ()) - { - ret = -1; - cygheap->user.deimpersonate (); - struct passwd *pw = internal_getpwnam (name); - struct __group32 *gr = internal_getgrgid (gid); - cygsid usersid, grpsid; - if (!usersid.getfrompw (pw) || !grpsid.getfromgr (gr)) - { - set_errno (EINVAL); - goto out; - } - cygsidlist tmp_gsids (cygsidlist_auto, 12); - if (!get_server_groups (tmp_gsids, usersid, pw)) - goto out; - tmp_gsids += grpsid; - cygsidlist new_gsids (cygsidlist_alloc, tmp_gsids.count ()); - for (int i = 0; i < tmp_gsids.count (); i++) - new_gsids.sids[i] = tmp_gsids.sids[i]; - new_gsids.count (tmp_gsids.count ()); - cygheap->user.groups.update_supp (new_gsids); - } - ret = 0; + int ret = -1; - out: - if (wincap.has_security ()) - cygheap->user.reimpersonate (); + cygheap->user.deimpersonate (); + struct passwd *pw = internal_getpwnam (name); + struct __group32 *gr = internal_getgrgid (gid); + cygsid usersid, grpsid; + if (!usersid.getfrompw (pw) || !grpsid.getfromgr (gr)) + set_errno (EINVAL); + else + { + cygsidlist tmp_gsids (cygsidlist_auto, 12); + if (get_server_groups (tmp_gsids, usersid, pw)) + { + tmp_gsids += grpsid; + cygsidlist new_gsids (cygsidlist_alloc, tmp_gsids.count ()); + for (int i = 0; i < tmp_gsids.count (); i++) + new_gsids.sids[i] = tmp_gsids.sids[i]; + new_gsids.count (tmp_gsids.count ()); + cygheap->user.groups.update_supp (new_gsids); + ret = 0; + } + } + cygheap->user.reimpersonate (); syscall_printf ( "%d = initgroups (%s, %u)", ret, name, gid); return ret; } @@ -516,9 +506,6 @@ setgroups32 (int ngroups, const __gid32_t *grouplist) return -1; } - if (!wincap.has_security ()) - return 0; - cygsidlist gsids (cygsidlist_alloc, ngroups); struct __group32 *gr; diff --git a/winsup/cygwin/passwd.cc b/winsup/cygwin/passwd.cc index 127d32380..0d30385ec 100644 --- a/winsup/cygwin/passwd.cc +++ b/winsup/cygwin/passwd.cc @@ -1,6 +1,6 @@ /* passwd.cc: getpwnam () and friends - Copyright 1996, 1997, 1998, 2001, 2002, 2003 Red Hat, Inc. + Copyright 1996, 1997, 1998, 2001, 2002, 2003, 2007 Red Hat, Inc. This file is part of Cygwin. @@ -58,19 +58,14 @@ pwdgrp::read_passwd () char strbuf[128] = ""; bool searchentry = true; struct passwd *pw; + /* must be static */ + static char NO_COPY pretty_ls[] = "????????:*:-1:-1:"; - if (wincap.has_security ()) - { - /* must be static */ - static char NO_COPY pretty_ls[] = "????????:*:-1:-1:"; - add_line (pretty_ls); - cygsid tu = cygheap->user.sid (); - tu.string (strbuf); - if (myself->uid == ILLEGAL_UID) - searchentry = !internal_getpwsid (tu); - } - else if (myself->uid == ILLEGAL_UID) - searchentry = !internal_getpwuid (DEFAULT_UID); + add_line (pretty_ls); + cygsid tu = cygheap->user.sid (); + tu.string (strbuf); + if (myself->uid == ILLEGAL_UID) + searchentry = !internal_getpwsid (tu); if (searchentry && (!(pw = internal_getpwnam (cygheap->user.name ())) || (myself->uid != ILLEGAL_UID && diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc index c12ff9dc5..a9f11cb6d 100644 --- a/winsup/cygwin/sec_helper.cc +++ b/winsup/cygwin/sec_helper.cc @@ -1,6 +1,6 @@ /* sec_helper.cc: NT security helper functions - Copyright 2000, 2001, 2002, 2003, 2004, 2006 Red Hat, Inc. + Copyright 2000, 2001, 2002, 2003, 2004, 2006, 2007 Red Hat, Inc. Written by Corinna Vinschen @@ -577,8 +577,7 @@ __sec_user (PVOID sa_buf, PSID sid1, PSID sid2, DWORD access2, BOOL inherit) if ((unsigned long) sa_buf % 4) api_fatal ("Incorrectly aligned incoming SA buffer!"); #endif - if (!wincap.has_security () - || !sec_acl (acl, true, true, sid1, sid2, access2)) + if (!sec_acl (acl, true, true, sid1, sid2, access2)) return inherit ? &sec_none : &sec_none_nih; if (!InitializeSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION)) diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 894cbbea0..cc93ae61a 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -1,7 +1,7 @@ /* security.cc: NT security functions Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, - 2006 Red Hat, Inc. + 2006, 2007 Red Hat, Inc. Originaly written by Gunther Ebert, gunther.ebert@ixos-leipzig.de Completely rewritten by Corinna Vinschen @@ -43,7 +43,8 @@ details. */ #include "cyglsa.h" #include -bool allow_ntsec; +/* Set ntsec explicit as default. */ +bool allow_ntsec = true; /* allow_smbntsec is handled exclusively in path.cc (path_conv::check). It's defined here because of it's strong relationship to allow_ntsec. */ bool allow_smbntsec; @@ -89,11 +90,6 @@ extract_nt_dom_user (const struct passwd *pw, char *domain, char *user) extern "C" HANDLE cygwin_logon_user (const struct passwd *pw, const char *password) { - if (!wincap.has_security ()) - { - set_errno (ENOSYS); - return INVALID_HANDLE_VALUE; - } if (!pw) { set_errno (EINVAL); @@ -1915,9 +1911,6 @@ static int set_nt_attribute (HANDLE handle, const char *file, __uid32_t uid, __gid32_t gid, int attribute) { - if (!wincap.has_security ()) - return 0; - security_descriptor sd; if ((!handle || get_nt_object_security (handle, SE_FILE_OBJECT, sd)) diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h index 6d77716e5..a5c9c69ce 100644 --- a/winsup/cygwin/security.h +++ b/winsup/cygwin/security.h @@ -388,20 +388,18 @@ void set_cygwin_privileges (HANDLE token); #define set_process_privilege(p,v) set_privilege (hProcToken, (p), (v)) #define _push_thread_privilege(_priv, _val, _check) { \ - HANDLE _token = NULL, _dup_token = NULL; \ - if (wincap.has_security ()) \ - { \ - _token = (cygheap->user.issetuid () && (_check)) \ - ? cygheap->user.token () : hProcToken; \ - if (!DuplicateTokenEx (_token, MAXIMUM_ALLOWED, NULL, \ - SecurityImpersonation, TokenImpersonation, \ - &_dup_token)) \ - debug_printf ("DuplicateTokenEx: %E"); \ - else if (!ImpersonateLoggedOnUser (_dup_token)) \ - debug_printf ("ImpersonateLoggedOnUser: %E"); \ - else \ - set_privilege (_dup_token, (_priv), (_val)); \ - } + HANDLE _dup_token = NULL; \ + HANDLE _token = (cygheap->user.issetuid () && (_check)) \ + ? cygheap->user.token () : hProcToken; \ + if (!DuplicateTokenEx (_token, MAXIMUM_ALLOWED, NULL, \ + SecurityImpersonation, TokenImpersonation, \ + &_dup_token)) \ + debug_printf ("DuplicateTokenEx: %E"); \ + else if (!ImpersonateLoggedOnUser (_dup_token)) \ + debug_printf ("ImpersonateLoggedOnUser: %E"); \ + else \ + set_privilege (_dup_token, (_priv), (_val)); + #define push_thread_privilege(_priv, _val) _push_thread_privilege(_priv,_val,1) #define push_self_privilege(_priv, _val) _push_thread_privilege(_priv,_val,0) @@ -415,6 +413,7 @@ void set_cygwin_privileges (HANDLE token); CloseHandle (_dup_token); \ } \ } + #define pop_self_privilege() pop_thread_privilege() /* shared.cc: */ diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc index 1295a89c9..eb7066c01 100644 --- a/winsup/cygwin/syscalls.cc +++ b/winsup/cygwin/syscalls.cc @@ -889,9 +889,6 @@ link (const char *oldpath, const char *newpath) static int chown_worker (const char *name, unsigned fmode, __uid32_t uid, __gid32_t gid) { - if (!wincap.has_security ()) // real chown only works on NT - return 0; // return zero (and do nothing) under Windows 9x - int res = -1; fhandler_base *fh; @@ -942,9 +939,6 @@ lchown (const char * name, __uid16_t uid, __gid16_t gid) extern "C" int fchown32 (int fd, __uid32_t uid, __gid32_t gid) { - if (!wincap.has_security ()) // real chown only works on NT - return 0; // return zero (and do nothing) under Windows 9x - cygheap_fdget cfd (fd); if (cfd < 0) { @@ -2162,11 +2156,6 @@ seteuid32 (__uid32_t uid) bool token_is_internal, issamesid = false; pw_new = internal_getpwuid (uid); - if (!wincap.has_security () && pw_new) - { - load_registry_hive (pw_new->pw_name); - goto success_9x; - } if (!usersid.getfrompw (pw_new)) { set_errno (EINVAL); @@ -2271,7 +2260,6 @@ seteuid32 (__uid32_t uid) return -1; } -success_9x: cygheap->user.set_name (pw_new->pw_name); myself->uid = uid; groups.ischanged = FALSE; @@ -2334,7 +2322,7 @@ setegid32 (__gid32_t gid) { debug_printf ("new egid: %u current: %u", gid, myself->gid); - if (gid == myself->gid || !wincap.has_security ()) + if (gid == myself->gid) { myself->gid = gid; return 0; diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc index 4064bc07c..90ec989c4 100644 --- a/winsup/cygwin/uinfo.cc +++ b/winsup/cygwin/uinfo.cc @@ -42,9 +42,6 @@ cygheap_user::init () set_name (GetUserName (user_name, &user_name_len) ? user_name : "unknown"); - if (!wincap.has_security ()) - return; - DWORD siz; PSECURITY_DESCRIPTOR psd; @@ -91,39 +88,34 @@ internal_getlogin (cygheap_user &user) { struct passwd *pw = NULL; - if (wincap.has_security ()) - { - cygpsid psid = user.sid (); - pw = internal_getpwsid (psid); - } + cygpsid psid = user.sid (); + pw = internal_getpwsid (psid); if (!pw && !(pw = internal_getpwnam (user.name ())) && !(pw = internal_getpwuid (DEFAULT_UID))) debug_printf ("user not found in augmented /etc/passwd"); else { + cygsid gsid; + myself->uid = pw->pw_uid; myself->gid = pw->pw_gid; user.set_name (pw->pw_name); - if (wincap.has_security ()) + if (gsid.getfromgr (internal_getgrgid (pw->pw_gid))) { - cygsid gsid; - if (gsid.getfromgr (internal_getgrgid (pw->pw_gid))) + if (gsid != user.groups.pgsid) { - if (gsid != user.groups.pgsid) - { - /* Set primary group to the group in /etc/passwd. */ - if (!SetTokenInformation (hProcToken, TokenPrimaryGroup, - &gsid, sizeof gsid)) - debug_printf ("SetTokenInformation(TokenPrimaryGroup), %E"); - else - user.groups.pgsid = gsid; - clear_procimptoken (); - } + /* Set primary group to the group in /etc/passwd. */ + if (!SetTokenInformation (hProcToken, TokenPrimaryGroup, + &gsid, sizeof gsid)) + debug_printf ("SetTokenInformation(TokenPrimaryGroup), %E"); + else + user.groups.pgsid = gsid; + clear_procimptoken (); } - else - debug_printf ("gsid not found in augmented /etc/group"); } + else + debug_printf ("gsid not found in augmented /etc/group"); } cygheap->user.ontherange (CH_HOME, pw); } diff --git a/winsup/cygwin/wincap.cc b/winsup/cygwin/wincap.cc index e02f9c3e3..a72484f39 100644 --- a/winsup/cygwin/wincap.cc +++ b/winsup/cygwin/wincap.cc @@ -16,7 +16,6 @@ static NO_COPY wincaps wincap_unknown = { chunksize:0, heapslop:0x0, is_server:false, - has_security:true, has_security_descriptor_control:false, has_ip_helper_lib:false, has_physical_mem_access:true, @@ -43,7 +42,6 @@ static NO_COPY wincaps wincap_nt4 = { chunksize:0, heapslop:0x0, is_server:false, - has_security:true, has_security_descriptor_control:false, has_ip_helper_lib:false, has_physical_mem_access:true, @@ -70,7 +68,6 @@ static NO_COPY wincaps wincap_nt4sp4 = { chunksize:0, heapslop:0x0, is_server:false, - has_security:true, has_security_descriptor_control:false, has_ip_helper_lib:true, has_physical_mem_access:true, @@ -97,7 +94,6 @@ static NO_COPY wincaps wincap_2000 = { chunksize:0, heapslop:0x0, is_server:false, - has_security:true, has_security_descriptor_control:true, has_ip_helper_lib:true, has_physical_mem_access:true, @@ -124,7 +120,6 @@ static NO_COPY wincaps wincap_xp = { chunksize:0, heapslop:0x0, is_server:false, - has_security:true, has_security_descriptor_control:true, has_ip_helper_lib:true, has_physical_mem_access:true, @@ -151,7 +146,6 @@ static NO_COPY wincaps wincap_2003 = { chunksize:0, heapslop:0x4, is_server:true, - has_security:true, has_security_descriptor_control:true, has_ip_helper_lib:true, has_physical_mem_access:false, @@ -178,7 +172,6 @@ static NO_COPY wincaps wincap_vista = { chunksize:0, heapslop:0x4, is_server:false, - has_security:true, has_security_descriptor_control:true, has_ip_helper_lib:true, has_physical_mem_access:false, @@ -265,7 +258,8 @@ wincapc::init () } break; case VER_PLATFORM_WIN32_WINDOWS: - /* This is just preliminary. */ + /* I'd be very surprised if this code is ever hit, but it doesn't + hurt to keep it. */ api_fatal ("Windows 95/98/Me are not supported."); break; default: diff --git a/winsup/cygwin/wincap.h b/winsup/cygwin/wincap.h index d47e371b2..40a050e49 100644 --- a/winsup/cygwin/wincap.h +++ b/winsup/cygwin/wincap.h @@ -16,7 +16,6 @@ struct wincaps DWORD chunksize; DWORD heapslop; unsigned is_server : 1; - unsigned has_security : 1; unsigned has_security_descriptor_control : 1; unsigned has_ip_helper_lib : 1; unsigned has_physical_mem_access : 1; @@ -59,7 +58,6 @@ public: DWORD IMPLEMENT (chunksize) DWORD IMPLEMENT (heapslop) bool IMPLEMENT (is_server) - bool IMPLEMENT (has_security) bool IMPLEMENT (has_security_descriptor_control) bool IMPLEMENT (has_ip_helper_lib) bool IMPLEMENT (has_physical_mem_access)