Commit Graph

103 Commits

Author SHA1 Message Date
Corinna Vinschen
a22af4a956 * sec_auth.cc (str2uni_cat): Move from here...
* path.cc (str2uni_cat): ...to here.  Simplify.  Make static inline.
	(get_nt_native_path): Use RtlAppendUnicodeToString rather than
	str2uni_cat for constant strings for speed.
	* security.h (str2uni_cat): Drop declaration.
2009-05-09 15:08:16 +00:00
Corinna Vinschen
2d647173bb * fhandler_disk_file.cc (fhandler_disk_file::fchown): Catch an
error when changing the user account on a standalone Samba server.
	Explain why.
	* sec_acl.cc (setacl): Accommodate additional parameter to set_file_sd.
	* sec_helper.cc (SECURITY_SAMBA_UNIX_AUTHORITY): Define.
	(well_known_samba_unix_user_fake_sid): Define.
	* security.cc (set_file_sd): Take additional parameter if ownership
	should be changed.  Restrict requested permissions accordingly.
	(set_file_attribute): Accommodate additional parameter to set_file_sd.
	* security.h (well_known_samba_unix_user_fake_sid): Declare.
	(set_file_sd): Align declaration to above change.
2009-04-09 09:19:03 +00:00
Corinna Vinschen
6a32d500a9 * sec_auth.cc (str2buf2uni): Remove.
* security.h (str2buf2uni): Remove declaration.
2009-03-24 10:53:57 +00:00
Christopher Faylor
66a83f3eac Remove unneeded header files from source files throughout. Update copyrights
where appropriate.
* globals.cc: New file for generic global variables.
* mkglobals_h: New file to generate globals.h.
* mkstatic: New Script used to build a (currently non-working) static
libcygwin_s.a.
* Makefile.in: Add unused rule to build a non-working libcygwin_s.a.
(DLL_OFILES): Add globals.o.  Make all objects rely on globals.h.
(globals.h): New target.  Generate globals.h.
* cygtls.h: Honor new CYGTLS_HANDLE define to control when the HANDLE operator
is allowed in _cygtls.
* dcrt0.cc: Move most globals to globals.cc.
* init.cc: Ditto.
* environ.cc (strip_title_path): Remove now-unneeded extern.
* fhandler_serial.cc (fhandler_serial::open): Ditto.
* pinfo.cc: Ditto.
(commune_process): Ditto.
* shared.cc: Ditto.
* glob.cc: Ditto.
* strace.cc: Ditto.
* exceptions.cc: Define CYGTLS_HANDLE before including winsup.h.
* path.cc (stat_suffixes): Move here.
* security.h: Add forward class path_conv declaration.
* smallprint.cc (__small_vsprintf): Make a true c++ function.
(__small_sprintf): Ditto.
(small_printf): Ditto.
(console_printf): Ditto.
(__small_vswprintf): Ditto.
(__small_swprintf): Ditto.
* spawn.cc (spawn_guts): Remove _stdcall decoration in favor of regparm.
(hExeced): Move to globals.cc
* strfuncs.cc (current_codepage): Ditto.
(active_codepage): Ditto.
* sync.cc (lock_process::locker): Move here from dcrt0.cc.
* syscalls.cc (stat_suffixes): Move to path.cc.
* tty.cc (tty::create_master): Uncapitalize fatal warning for consistency.
* winsup.h: Include globals.h to declare most of the grab bag list of globals
which were previously defined here.
* mount.h: Move USER_* defines back to shared_info.h.
* speclib: Force temporary directory cleanup.
2009-01-03 05:12:22 +00:00
Corinna Vinschen
51303cbd0c * Makefile.in (DLL_OFILES): Add setlsapwd.o.
* cygserver.h (CYGWIN_SERVER_VERSION_API): Bump.
	(request_code_t): Define CYGSERVER_REQUEST_SETPWD request type.
	* cygserver_msg.h (client_request_msg::retval): Use default value of -1
	for retval if msglen is 0.
	* cygserver_sem.h (client_request_sem::retval): Ditto.
	* cygserver_shm.h (client_request_shm::retval): Ditto.
	* cygserver_setpwd.h: New file.
	* external.cc (cygwin_internal): Implement new CW_SET_PRIV_KEY type.
	* sec_auth.cc (open_local_policy): Make externally available.
	Get ACCESS_MASK as argument.
	(create_token): Accommodate change to open_local_policy.
	(lsaauth): Ditto.
	(lsaprivkeyauth): New function fetching token by retrieving
	password stored in Cygwin or Interix LSA private data area and
	calling LogonUser with it.
	* security.h (lsaprivkeyauth): Declare.
	(open_local_policy): Declare.
	* setlsapwd.cc: New file implementing setting LSA private data password
	using LsaStorePrivateData or by calling cygserver if available.
	* syscalls.cc (seteuid32): Add workaround to get the original token
	when switching back to the original privileged user, even if
	setgroups group list is still active.  Add long comment to explain why.
	Call lsaprivkeyauth first, only if that fails call lsaauth or
	create_token.
	* include/cygwin/version.h: Bump API minor number.
	* include/sys/cygwin.h (cygwin_getinfo_types): Add CW_SET_PRIV_KEY.
2008-11-26 10:18:10 +00:00
Corinna Vinschen
88797e5979 * external.cc (cygwin_internal): Call set_security_attribute with
additional path_conv argument.
	* fhandler.cc (fhandler_base::open): Ditto.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Never set DOS
	R/O attribute when using ACLs.
	(fhandler_disk_file::mkdir): Ditto.  Set
	security descriptor on remote dirs after creating the dir, same as in
	fhandler_base::open.
	* fhandler_socket.cc (fhandler_socket::bind): Ditto for remote AF_LOCAL
	socket files.
	* path.cc (symlink_worker): Ditto. for remote symlinks.
	* security.cc (alloc_sd): Take additional path_conv argument.
	Accommodate throughout.  Drop setting FILE_WRITE_EA/FILE_READ_EA
	flags unconditionally (was only necessary for "ntea"). Don't set
	FILE_READ_ATTRIBUTES and FILE_WRITE_ATTRIBUTES unconditionally on
	Samba.  Add comment to explain.  Drop useless setting of
	STANDARD_RIGHTS_WRITE, it's in FILE_GENERIC_WRITE anyway.
	Remove FILE_READ_ATTRIBUTES bit from FILE_GENERIC_EXECUTE so as not
	to enforce read permissions on Samba.
	(set_security_attribute): Take additional path_conv argument.
	* security.h (set_security_attribute): Change prototype accordingly.
2008-08-14 14:05:04 +00:00
Corinna Vinschen
b54881352d * sec_auth.cc (extract_nt_dom_user): Return domain and user name as
WCHAR.
	(cygwin_logon_user): Accommodate above change.  Convert password to
	WCHAR and call LogonUserW.
	* external.cc (cygwin_internal): Accommodate above change.
	* security.h (extract_nt_dom_user): Change prototype accordingly.
2008-07-30 12:10:20 +00:00
Corinna Vinschen
e2406d71aa Throughout drop allow_ntsec and allow_smbntsec handling.
* environ.cc (set_ntsec): Remove.
	(set_smbntsec): Remove.
	(known): Remove ntsec and smbntsec options.
	* external.cc (check_ntsec): Return true if no filename is given.
	* mount.cc (oopts): Add "acl" and "noacl" options.  Set MOUNT_NOACL
	flag accordingly.
	(fillout_mntent): Handle MOUNT_NOACL flag.
	* path.h (enum path_types): Add PATH_NOACL.
	* security.cc (allow_ntsec): Remove.
	(allow_smbntsec): Remove.
	* security.h (allow_ntsec): Drop declaration.
	(allow_smbntsec): Drop declaration.
	* include/sys/mount.h (MOUNT_NOACL): Define.
2008-07-14 20:22:03 +00:00
Corinna Vinschen
9a51257715 Change length for domain buffers from INTERNET_MAX_HOST_NAME_LENGTH to
MAX_DOMAIN_NAME_LEN throughout.
	* cyglsa.h (CYG_LSA_MAGIC): New value.
	(cyglsa_t): Define username and domain as WCHAR arrays.
	* errno.cc (errmap): Add mapping for ERROR_NONE_MAPPED.
	* sec_auth.cc: Drop 'w' prefix from WCHAR string variable names where
	appropriate.
	(extract_nt_dom_user): Prefer resolving by SID before resolving by
	domain\name pair.
	(cygwin_logon_user): Don't print cleartext password in debug output.
	Change comment.
	(get_user_groups): Revert calls to LookupAccountNameW to use NULL
	server instead of explicit server name, according to MSDN.
	(get_user_local_groups): Ditto.
	(get_server_groups): Fetch domain and user name from usersid per
	LookupAccountSidW instead of calling extract_nt_dom_user.
	(lsaauth): Fetch domain and user name from usersid per LookupAccountSidW
	instead of calling extract_nt_dom_user.
	* sec_helper.cc (cygpriv): Convert to wchar_t pointer array.
	(privilege_luid): Convert first parameter to  PWCHAR.
	(privilege_name): Return wchar_t pointer.
	(set_privileges): Accommodate debug output.
	* security.h (privilege_luid): Change prototype accordingly.
2008-07-11 10:00:36 +00:00
Corinna Vinschen
5558de95e5 * autoload.cc (DsGetDcNameW): Replace DsGetDcNameA.
* dcrt0.cc (child_info_spawn::handle_spawn): Drop artificial
	supplementary group list from calling setgroups in parent.
	* grp.cc (internal_getgroups): Drop 9x-only code.  Reformat.
	* sec_auth.cc (get_logon_server): Do everything in WCHAR only.
	(get_user_groups): Ditto.  Use wlogonserver in LookupAccountNameW
	calls, too.
	(is_group_member): Get logon server as first argument and use in call
	to NetLocalGroupGetMembers.
	(get_user_local_groups): Get logon server as first argument and use in
	calls to NetLocalGroupEnum and LookupAccountNameW.  Revamp to work
	more correctly in domain environments.
	(get_server_groups): Accommodate aforementioned changed function calls.
	* security.h (get_logon_server): Change prototype accordingly.
	* uinfo.cc (cygheap_user::env_logsrv): Accommodate changed
	get_logon_server call.
2008-07-09 11:58:38 +00:00
Corinna Vinschen
b1138f3d4b * sec_auth.cc (create_token): Add integrity level SID to token on
systems supporting that.  Remove useless check for dynamically loading
	NtCreateToken function.
	* sec_helper.cc (mandatory_medium_integrity_sid): Define.
	(mandatory_high_integrity_sid): Define.
	(mandatory_system_integrity_sid): Define.
	* sec_helper.h (mandatory_medium_integrity_sid): Declare.
	(mandatory_high_integrity_sid): Declare.
	(mandatory_system_integrity_sid): Declare.
2008-04-22 10:45:34 +00:00
Corinna Vinschen
db5ae61884 * fhandler.h (-struct wsa_event): Move to wsa_event.h. Include
wsa_event.h instead.
	* fhandler_socket.cc (NUM_SOCKS): Move to wsa_event.h.
	(wsa_events): Move from DLL shared area to cygwin_shared shared
	memory.  Accommodate throughout.
	(socket_serial_number): Ditto.
	* fhandler_tape.cc (mt): Ditto.
	(mtinfo_init): Remove.
	(mt): Define as cygwin_shared->mt.
	* flock.cc (FLOCK_PARENT_DIR_ACCESS): Remove.
	(FLOCK_INODE_DIR_ACCESS): Move up in file.
	(FLOCK_MUTANT_ACCESS): Ditto.
	(FLOCK_EVENT_ACCESS): Ditto.
	(get_lock_parent_dir): Remove.
	(inode_t::inode_t): Call get_shared_parent_dir to get parent dir handle.
	Add a "flock-" prefix to file's lock directory name for clarity.
	* mtinfo.h (mtinfo_init): Drop declaration.
	* net.cc (last_used_bindresvport): Move from DLL shared area to
	cygwin_shared shared memory.
	(cygwin_bindresvport_sa): Accommodate above change.
	* sec_helper.cc (_everyone_sd): Move here from flock.cc.
	* security.h (SD_MIN_SIZE): Ditto.
	(everyone_sd): Ditto.
	* shared.cc (cygwin_shared_area): Remove.
	(cygwin_shared_h): New handle.
	(get_shared_parent_dir): New static function.
	(shared_name): Drop session_local argument.  Call get_shared_parent_dir
	here.  Add cygwin-shared subdir to object name.
	(offsets): Reinstantiate SH_CYGWIN_SHARED member.
	(open_shared): Revert change from 2007-03-29 for systems supporting
	SeCreateGlobalPrivilege.
	(shared_info::initialize): Call mtinfo's initialize here.
	(memory_init): Drop call to mtinfo_init.
	* shared_info.h (SHARED_INFO_CB): Accommodate change to shared_info.
	(CURR_SHARED_MAGIC): Ditto.
	(class shared_info): Add members for global socket and tape info
	sharing.
	(enum shared_locations): Reinstantiate SH_CYGWIN_SHARED.
	(get_shared_parent_dir): Declare.
	(shared_name): Drop session_local argument from declaration.
	* wsa_event.h: New file.  Move definitions of NUM_SOCKS and
	struct wsa_event here.
2008-04-18 20:13:37 +00:00
Corinna Vinschen
a7d2cc16e2 * Fix copyright dates. 2008-04-01 13:22:47 +00:00
Christopher Faylor
70300fdb1c Perform whitespace cleanup throughout.
* dcrt0.cc (signal_shift_subtract): Eliminate ancient backwards compatibility.
(check_sanity_and_sync): Ditto.
* winsup.h (SIGTOMASK): Ditto.  Just use constant in signal calculation.
* include/cygwin/version: Remove backwards signal mask compatibility define.
* path.cc (symlink_info::check_sysfile): Cosmetic change.
* registry.cc (get_registry_hive_path): Remove unneeded variable.
* exceptions.cc (handle_sigsuspend): Eliminate thread signal mask and use
either main sigmask or current thread sigmask.
(set_process_mask): Ditto.
(sighold): Ditto.
(sigrelse): Ditto.
(sigset): Ditto.
(set_process_mask_delta): Ditto.
(_cygtls::call_signal_handler): Ditto.
* fhandler_process.cc (format_process_status): Ditto.
* fhandler_termios.cc (fhandler_termios::bg_check): Ditto.
* pinfo.h (class pinfo): Ditto.
* select.cc (pselect): Ditto.
* signal.cc (sigprocmask): Ditto.
(abort): Ditto.
(sigpause): Ditto.
(sigsend): Ditto.
(wait_sig): Ditto.
* thread.h (pthread::parent_tls): New member.
* thread.cc (pthread::pthread): Record parent_tls here.
(pthread::thread_init_wrapper): Initialize sigmask from parent thread.
2008-02-15 17:53:11 +00:00
Corinna Vinschen
7b4b41ab3e * cygheap.cc (cwcsdup): New function.
(cwcsdup1): New function.
	* cygheap.h (cygheap_user::get_windows_id): New method returning PWCHAR.
	(cwcsdup): Declare.
	(cwcsdup1): Declare.
	* registry.cc (get_registry_hive_path): Use WCHAR instead of char
	throughout.
	(load_registry_hive): Ditto.
	* registry.h (get_registry_hive_path): Change declaration accordingly.
	(load_registry_hive): Ditto.
	* sec_helper.cc (cygpsid::string): New method returning PWCHAR.
	* security.h (cygpsid::string): Declare.
	* syscalls.cc (seteuid32): Convert local name var to WCHAR.
	* uinfo.cc (cygheap_user::env_userprofile): Convert local name buffers
	to WCHAR.  Call sys_wcstombs_alloc to generate puserprof buffer.

	* winsup.h: Fix comment.
	(NT_MAX_PATH): New definition for maximum internal path length.
	Use throughout where appropriate.
	* include/limits.h (PATH_MAX): Set to 4096 as on Linux.
2008-02-14 16:47:11 +00:00
Corinna Vinschen
50450dcc5f * Makefile.in (DLL_OFILES): Add ntea.o.
* cygwin.din (getxattr, listxattr, removexattr, setxattr, lgetxattr,
	llistxattr, lremovexattr, lsetxattr, fgetxattr, flistxattr,
	fremovexattr, fsetxattr): Export Linux extended attribute functions.
	Sort.
	* errno.cc (errmap): Add mappings for ERROR_EAS_DIDNT_FIT,
	ERROR_EAS_NOT_SUPPORTED, ERROR_EA_LIST_INCONSISTENT,
	ERROR_EA_TABLE_FULL, ERROR_FILE_CORRUPT, ERROR_INVALID_EA_NAME.
	* fhandler.h (class fhandler_base): Declare new fgetxattr and
	fsetxattr methods.
	(class fhandler_disk_file): Ditto.
	* fhandler.cc (fhandler_base::fgetxattr): New method.
	(fhandler_base::fsetxattr): New method.
	* fhandler_disk_file.cc (fhandler_disk_file::fgetxattr): New method.
	(fhandler_disk_file::fsetxattr): New method.
	* ntdll.h (STATUS_EA_TOO_LARGE): Define.
	(STATUS_NONEXISTENT_EA_ENTRY): Define.
	(STATUS_NO_EAS_ON_FILE): Define.
	* ntea.cc (read_ea): Rewrite for long pathnames and for using with
	Linux extended attribute functions.
	(write_ea): Ditto.
	(getxattr_worker): New static function.
	(getxattr): New function.
	(lgetxattr): New function.
	(fgetxattr): New function.
	(listxattr): New function.
	(llistxattr): New function.
	(flistxattr): New function.
	(setxattr_worker): New static function.
	(setxattr): New function.
	(lsetxattr): New function.
	(fsetxattr): New function.
	(removexattr): New function.
	(lsetxattr): New function.
	(fsetxattr): New function.
	* security.h (read_ea): Change declaration according to above changes.
	(write_ea): Ditto.
	* include/cygwin/version.h: Bump API minor version.
2008-02-10 15:43:04 +00:00
Corinna Vinschen
eea4e48208 * fhandler.cc (fhandler_base::fhaccess): Accommodate interface changes
of access control functions throughout.
	* fhandler_disk_file.cc: Ditto.
	* fhandler_registry.cc: Ditto.
	* sec_acl.cc: Drop unnecessary includes.
	(setacl): Take path_conv instead of file name as parameter.
	Accommodate interface changes of access control functions.
	(getacl): Ditto.
	* sec_auth.cc: New file, taking over all authentication related
	functions from security.cc.
	* sec_helper.cc: Drop unnecessary includes.
	* security.cc: Ditto.  Move all authentication related functions to
	sec_auth.cc.
	(ALL_SECURITY_INFORMATION): New define.  Use throughout.
	(set_file_sd): New function, replacing read_sd and the file related
	part of get_nt_object_security.
	(get_reg_sd): Rename from get_reg_security.  Drop type parameter.
	(get_reg_attribute): New function, replacing the registry related part
	of get_nt_object_security.
	(get_file_attribute): Take path_conv instead of file name as parameter.
	Use new get_file_sd call.
	(set_file_attribute): Ditto plus new set_file_sd.  Drop unnecessary
	implementation without uid/gid parameters.
	(check_file_access): Take path_conv instead of file name as parameter.
	Use new get_file_sd call.
	(check_registry_access): Use new get_reg_sd call.
	* security.h: Accommodate above interface changes.
2007-07-20 14:29:43 +00:00
Corinna Vinschen
cce28460fe * cygheap.h (init_cygheap::luid): Remove.
* mmap.cc (mlock): Accommodate parameter change in call to
	push_thread_privilege.
	(munlock): Ditto.
	* ntdll.h (STATUS_NOT_ALL_ASSIGNED): Define.
	(NtAdjustPrivilegesToken): Declare.
	* sec_helper.cc (cygpriv): Reorder to match numerical privilege order.
	(privilege_luid): Take job of privilege_luid_by_name, using new
	cygpriv.
	(privilege_luid_by_name): Remove.
	(privilege_name): Accommodate new cygpriv array.
	(set_privilege): Call NtAdjustPrivilegesToken to avoid using advapi32.
	Accommodate changes to privilege_name.
	(set_cygwin_privileges): Simplify.  Don't try to set
	SE_CREATE_GLOBAL_PRIVILEGE on systems not supporting it.
	* security.cc (sys_privs): Reorder to match numerical privilege order.
	Use real privilege values as defined in security.h.
	(get_system_priv_list): Drop unused grp_list argument.  Create
	list of privileges according to new wincapc::max_sys_priv value.
	(get_priv_list): Call privilege_luid instead of privilege_luid_by_name.
	Make priv a local value instead of a pointer.
	(create_token): Accommodate parameter change in call to
	push_self_privilege.
	(lsaauth): Ditto.
	(check_access): Use privilege values directly instead of calling
	privilege_luid.
	* security.h: Define real privilege values.
	(cygpriv_idx): Remove.
	(privilege_luid): Change declaration.
	(privilege_luid_by_name): Drop declaration.
	(set_privilege): Change declaration.
	(set_process_privilege): Drop definition.
	(_push_thread_privilege): Accomodate new set_privilege parameters.
	* wincap.h (wincapc::max_sys_priv): New element.
	* wincap.cc: Implement above element throughout.
	(wincap_2000sp4): New wincaps structure.
	(wincap_xpsp1): Ditto.
	(wincap_xpsp2): Ditto.
	(wincapc::init): Use new wincaps.
	(wincapc::max_sys_priv): New element.
2007-07-19 08:33:22 +00:00
Corinna Vinschen
77ee880504 * cygheap.h (cygheap_user::curr_imp_token): Rename from current_token.
Accommodate changge throughout Cygwin.
	(cygheap_user::imp_token): Rename from token.  Accommodate changge
	throughout Cygwin.
	(rcygheap_user::eimpersonate): Use primary token for impersonation.
	* grp.cc (internal_getgroups): Use primary impersonation token when
	impersonated.
	* security.h (_push_thread_privilege): Use primary impersonation token
	when impersonated.
2007-07-16 20:01:15 +00:00
Corinna Vinschen
e6fbf13e48 * cygheap.cc (cygheap_init): Fix formatting. Remove comment. Set
shared_prefix depending only on terminal service capability.
	* dcrt0.cc (dll_crt0_1): Don't call set_cygwin_privileges here.
	* fhandler_fifo.cc (fhandler_fifo::open): Create the mutex as global
	object.
	* posix_ipc.cc (ipc_mutex_init): Use cygheap->shared_prefix.
	(ipc_cond_init): Ditto.
	* sec_helper.cc (privilege_name): Make static.  Use LookupPrivilegeName
	directly to be independent of the state of cygheap.
	(set_privilege): Take a LUID as parameter instead of an index value.
	Only print debug output in case of failure.
	(set_cygwin_privileges): Add comment.  Use LookupPrivilegeValue to
	get privilege LUIDs.
	(init_global_security): Call set_cygwin_privileges here.
	* security.h (privilege_name): Drop declaration.
	(set_privilege): Declare according to above change.
	(set_process_privilege): Call privilege_luid to get LUID.
	(_push_thread_privilege): Ditto.
	* shared.cc (open_shared): Add comment.  On systems supporting the
	SeCreateGlobalPrivilege, try to create/open global shared memory first.
	Fall back to local shared memory if that fails.
	* thread.cc (semaphore::semaphore): Use cygheap->shared_prefix.
	* wincap.h (wincapc::has_create_global_privilege): New element.
	* wincap.cc: Implement above element throughout.
2007-03-29 16:37:36 +00:00
Christopher Faylor
6e070c257c * Makefile (DLL_OFILES): Remove ntea.o
* environ.cc (set_ntea): Delete.
(parse_thing): Delete "ntea" setting.
* fhandler.cc (fhandler_base::open): Remove allow_ntea considerations.
(check_posix_perm): Ditto.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Ditto.
(fhandler_base::open_fs): Ditto.
(fhandler_disk_file::mkdir): Ditto.
* path.cc (symlink_worker): Ditto.
* security.cc (get_file_attribute): Ditto.
(set_file_attribute): Ditto.
* security.h: Remove allow_ntea declaration.
2007-03-01 15:13:47 +00:00
Corinna Vinschen
a76877e977 Throughout remove all usage of wincap.has_security.
* environ.cc (environ_init): Drop setting allow_ntsec here.
	* grp.cc (initgroups32): Drop usage of label "out".
	* security.cc (allow_ntsec): Set to true by default.
	* syscalls.cc (seteuid32): Remove label success_9x.
	* wincap.cc: Remove has_security throughout.
	* wincap.h: Ditto.
2007-02-23 15:15:50 +00:00
Corinna Vinschen
fd1bf882f5 * security.h (pop_thread_privilege): Revert to previous state, not
to token used for impersonation.
2007-01-24 12:14:54 +00:00
Corinna Vinschen
6bcc8fd7b1 * security.h (setacl): Add parameter for writability flag.
* sec_acl.cc (setacl): Ditto.  Set to true if any ACE with write
	permissions is created.
	* fhandler_disk_file.cc (fhandler_disk_file::facl): Reset
	FILE_ATTRIBUTE_READONLY if ACL contains an ACE with write permissions.
2007-01-07 12:44:10 +00:00
Corinna Vinschen
97b09fe1c5 Partially revert change from 2006-10-22. GetSecurityInfo messes up
user information on NT4.
	* sec_helper.cc (security_descriptor::malloc): Drop LocalAlloc
	considerations.
	(security_descriptor::realloc): Ditto.
	(security_descriptor::free): Ditto.
	* security.cc (get_reg_security): Reinstantiate.
	(get_nt_object_security): Revert to using NtQuerySecurityObject.
	* security.h (class security_descriptor): Drop type member.
	Accommodate throughout.
	(security_descriptor::size): Constify.
	(security_descriptor::copy): Ditto.
2006-12-20 17:14:23 +00:00
Corinna Vinschen
26684e48d2 * environ.cc (subauth_id_init): Remove.
(parse_thing): Drop "subauth_id" option.
	* security.cc (get_token_group_sidlist): Drop comments concerning
	subauthentication.
	(create_token): Back out subauthentication related changes.
	(subauth): Remove.
	* security.h (create_token): Remove declaration.
	(subauth): Ditto.
	* syscalls.cc (seteuid32): Drop subauthentication handling entirely.
2006-12-12 19:18:56 +00:00
Corinna Vinschen
a889232410 * environ.cc (set_traverse): Remove.
(parse_thing): Drop "traverse" option.
	* path.cc (fs_info::update): Don't request SE_CHANGE_NOTIFY_PRIV
	privilege.
	* sec_helper.cc (set_cygwin_privileges): Ditto.
	* security.cc (allow_traverse): Remove.
	(alloc_sd): Drop special allow_traverse code.
	* security.h (allow_traverse): Drop declaration.
	* syscalls.cc (statvfs): Don't request SE_CHANGE_NOTIFY_PRIV privilege.
2006-12-12 18:47:25 +00:00
Corinna Vinschen
5684cfebba Partially revert change from 2005-04-03, always running under an
impersonation token, which collides with Vista UAC.
	* cygheap.h (deimpersonate): revert to self instead of impersonating
	hProcImpToken.
	(reimpersonate): Only impersonate if setuid.
	* dcrt0.cc (dll_crt0_0): Don't initialize hProcImpToken here.
	(dll_crt0_1): Set privileges on hProcToken.
	* fork.cc (frok::child): Set privileges on hProcToken.  Close handle to
	hProcImpToken.
	* grp.cc (internal_getgroups): Use hProcToken instead of hProcImpToken.
	* security.cc (check_access): Create hProcImpToken on demand here.
	* security.h (set_process_privilege): Set privileges on hProcToken.
	(_push_thread_privilege): Use hProcToken instead of hProcImpToken.
	(pop_thread_privilege): If not setuid'ed, revert to self.
	* syscalls.cc (setegid32): Drop setting primary group on hProcImpToken.
	Close handle to hProcImpToken.
	* uinfo.cc (internal_getlogin): Ditto.
	* winsup.h (clear_procimptoken): New inline function.
2006-12-12 16:27:32 +00:00
Corinna Vinschen
b825c587ba * cyglsa.h: New header file.
* environ.cc: Disable subauth settings.
	* grp.cc: Accomodate cygsidlist's count now being a method.
	* sec_helper.cc (SECURITY_MANDATORY_INTEGRITY_AUTHORITY): Remove.
	(mandatory_medium_integrity_sid): Remove.
	(mandatory_high_integrity_sid): Remove.
	(mandatory_system_integrity_sid): Remove.
	(fake_logon_sid): Add.
	(cygsid::get_sid): Add well_known parameter.  Set well_known_sid
	accordingly.
	(cygsid::getfromstr): Ditto.
	(cygsidlist::alloc_sids): Move here from security.cc.
	(cygsidlist::free_sids): Ditto.
	(cygsidlist::add): Move here from security.h.  Add well_known parameter.
	Set well_known_sid accordingly.  Don't allow duplicate SIDs.
	* security.cc: Include cyglsa.h and cygwin/version.h.  Throughout
	accomodate cygsidlist's count now being a method.  Throughout drop
	redundant "contains" tests.
	(get_user_local_groups): Add local groups as well known SIDs.
	(get_token_group_sidlist): Add well known groups as well known SIDs.
	(get_server_groups): Ditto.  Only call get_unix_group_sidlist after
	get_user_local_groups to maintain "well_known_sid" attribute.
	(get_initgroups_sidlist): Add well known groups as well known SIDs.
	(get_setgroups_sidlist): Add usersid and struct passwd parameter to
	allow calling get_server_groups from here.
	(get_system_priv_list): Make static.  Return size of TOKEN_PRIVILEGES
	structure.
	(get_priv_list): Ditto.
	(create_token): Accomodate above changes.  Drop misguided attempt to
	add MIC SIDs to created user token.  Print returned token as hex value.
	(subauth): Disable.
	(lsaauth): New function implementing client side of LSA authentication.
	* security.h (class cygsid): Add well_known_sid attribute.  Accomodate
	throughout.  Add *= operator to create a well known SID.
	(class cygsidlist): Rename count to cnt.  Make count a method.
	(cygsidlist::add): Move to sec_helper.cc.
	(cygsidlist::operator *=): New method to add well known SID.
	(cygsidlist::non_well_known_count): New method returning number of
	non well known SIDs in list.
	(cygsidlist::next_non_well_known_sid): New method returning next non
	well known SID by index.
	(mandatory_medium_integrity_sid): Drop declaration.
	(mandatory_high_integrity_sid): Drop declaration.
	(mandatory_system_integrity_sid): Drop declaration.
	(fake_logon_sid): Add declaration.
	(subauth): Disable declaration.
	(lsaauth): Add declaration.
	* syscalls.cc (seteuid32): Disable subauthentication.  Add LSA
	authentication.
	* wincap.h: Define needs_logon_sid_in_sid_list throughout.
	* wincap.cc: Ditto.
2006-11-27 12:59:59 +00:00
Corinna Vinschen
124b187f16 * security.h (DBGSID): Define for debugging purposes.
(MKSID): Rename from SID so as to not hide SID definition from winnt.h.
	* sec_helper.cc: Change SID to MKSID throughout.
2006-11-23 16:44:55 +00:00
Corinna Vinschen
2fd2ddf3f5 * sec_helper.cc (sid_auth): Remove.
(well_known_this_org_sid): New well known sid.
	(SECURITY_MANDATORY_INTEGRITY_AUTHORITY): Define.
	(mandatory_medium_integrity_sid): New well known sid.
	(mandatory_high_integrity_sid): Ditto.
	(mandatory_system_integrity_sid): Ditto.
	(cygsid::get_sid): Use local SID_IDENTIFIER_AUTHORITY.  Allow all
	authorities fitting in a UCHAR.
	* security.cc (get_token_group_sidlist): Always add the local
	group to the token.  Add comment.  Add "This Organization" group
	if available in incoming group list.
	(get_server_groups): Only add world and authenticated users groups
	if not already in list.
	(create_token): Add matching mandatory integrity SID to group list
	on systems supporting Mandatory Integrity Control.
	* security.h (well_known_this_org_sid): Define.
	(mandatory_medium_integrity_sid): Define.
	(mandatory_high_integrity_sid): Define.
	(mandatory_system_integrity_sid): Define.
	* wincap.h: Define has_mandatory_integrity_control throughout.
	* wincap.cc: Ditto.
2006-11-08 11:38:05 +00:00
Corinna Vinschen
b904c35100 * security.h (cygpriv_idx): Add privileges new in Vista.
* security.cc (sys_privs): Ditto.
	* sec_helper.cc (cygpriv): Ditto.  Fix comment.
2006-11-01 09:00:14 +00:00
Corinna Vinschen
fc545fe933 * fhandler_disk_file.cc (fhandler_disk_file::facl): Fix whitespace.
* external.cc: Update copyright.
	* fhandler.cc: Ditto.
	* sec_helper.cc: Ditto.
	* security.h: Ditto.
	* security.cc: Ditto.
	(check_registry_access): Return -1 if W_OK is requested.
2006-10-22 19:31:33 +00:00
Corinna Vinschen
2be593d961 * external.cc (cygwin_internal): Use security_descriptor::copy method.
* sec_helper.cc (security_descriptor::malloc): Use own free method.
	Set type.
	(security_descriptor::realloc): Handle the case that psd has been
	allocated using LocalAlloc.  Set type.
	(security_descriptor::free): Ditto.
	* security.cc (get_nt_attribute): Remove.
	(get_reg_security): Remove.
	(get_nt_object_security): Use GetSecurityInfo which handles all
	securable objects.
	(get_nt_object_attribute): Remove.
	(get_object_attribute): Call get_nt_object_security instead of
	get_nt_object_attribute.
	(get_file_attribute): Ditto.
	(check_registry_access): Call get_nt_object_security instead of
	get_reg_security.
	* security.h (cygpsid::operator PSID): Make method const, not the
	result.
	(class security_descriptor): Add type member.  Accomodate throughout.
	(security_descriptor::copy): New method.
	(security_descriptor::operator PSECURITY_DESCRIPTOR *): New operator.
2006-10-22 14:57:43 +00:00
Corinna Vinschen
1b4153db74 * fhandler.cc (fhandler_base::fhaccess): Call check_registry_access
for registry keys/values if ntsec is on.
	* security.cc (check_access): New static function derived from
	check_file_access, but object type agnostic.
	(check_file_access): Only do file specific stuff.  Call check_access.
	(check_registry_access): New access check function for registry keys/
	values.
	* security.h (check_registry_access): Declare.
2006-10-21 11:05:32 +00:00
Corinna Vinschen
70e476d27b 2006-07-25 Corinna Vinschen <corinna@vinschen.de>
* include/cygwin/version.h: Bump DLL version to 1.7.0.

2006-07-25  Corinna Vinschen  <corinna@vinschen.de>

	* select.h: Remove.
	* fhandler_socket.cc: Don't include select.h.
	* select.cc: Ditto.

2006-07-25  Corinna Vinschen  <corinna@vinschen.de>

	* cygtls.h: Drop socket related includes.
	(struct _local_storage): Remove exitsock and exitsock_sin. Add
	select_sockevt.
	* cygtls.cc: Accomodate above change throughout.
	* fhandler.h (class fhandler_socket): Make wsock_evt public.
	* fhandler_socket.cc (fhandler_socket::fhandler_socket): Accomodate
	reordering members.
	(fhandler_socket::evaluate_events): Drop FD_CONNECT event as soon as
	it gets read once.  Never remove FD_WRITE event here.
	(fhandler_socket::wait_for_events): Wait 50 ms instead of INFINITE for
	socket events.
	(fhandler_socket::accept): Fix conditional.  Set wsock_events members
	of accepted socket to useful start values.
	(fhandler_socket::recv_internal): Always drop FD_READ/FD_OOB events from
	wsock_events after the call to WSARecvFrom.
	(fhandler_socket::send_internal): Drop FD_WRITE event from wsock_events
	if the call to WSASendTo fails with WSAEWOULDBLOCK.  Fix return value
	condition.
	* select.cc (struct socketinf): Change to accomodate using socket event
	handling.
	(peek_socket): Use event handling for peeking socket.
	(thread_socket): Ditto.
	(start_thread_socket): Ditto.
	(socket_cleanup): Same here.
	* tlsoffsets.h: Regenerate.

2006-07-20  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler.h (class fhandler_socket): Rearrange slightly to keep
	event handling methods and members together.  Drop owner status flag.
	Split wait method.  Rename event handling methods for readability.
	* fhandler_socket.cc (struct wsa_event): Add owner field.
	(LOCK_EVENTS): New macro.
	(UNLOCK_EVENTS): Ditto.
	(fhandler_socket::init_events): rename from prepare.
	(fhandler_socket::evaluate_events): First half of former wait method.
	Do everything but wait.  Allow specifiying whether or not events from
	event_mask should be erased from wsock_events->events.  Simplify
	OOB handling.  Allow sending SIGURG to any process (group).
	(fhandler_socket::wait_for_events): Second half of former wait method.
	Call evaluate_events and wait in a loop if socket is blocking.
	(fhandler_socket::release_events): Rename from release.
	(fhandler_socket::connect): Accomodate above name changes.
	(fhandler_socket::accept): Ditto.
	(fhandler_socket::recv_internal): Ditto.
	(fhandler_socket::send_internal): Ditto.
	(fhandler_socket::close): Ditto.
	(fhandler_socket::fcntl): Always set owner to given input value on
	F_SETOWN.  Handle F_GETOWN.
	* net.cc (fdsock): Accomodate above name changes.

2006-07-20  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler_socket.cc (fhandler_socket::wait): Set Winsock errno to
	WSAEWOULDBLOCK instead of WSAEINPROGRESS.

2006-07-18  Brian Ford  <Brian.Ford@FlightSafety.com>
	    Corinna Vinschen  <corinna@vinschen.de>

	* winsup.h (mmap_region_status): New enum.
	(mmap_is_attached_or_noreserve_page): Adjust prototype and rename
	as below.
	* mmap.cc (mmap_is_attached_or_noreserve_page):  Rename
	mmap_is_attached_or_noreserve.  Add region length parameter.
	Return enum above.
	* exceptions.cc (_cygtls::handle_exceptions): Accomodate above.
	* fhandler.cc (fhandler_base::raw_read): Call above for NOACCESS
	errors and retry on success to allow reads into untouched
	MAP_NORESERVE buffers.

2006-07-18  Corinna Vinschen  <corinna@vinschen.de>

	* cygwin.din (posix_openpt): Export.
	* tty.cc (posix_openpt): New function.
	* include/cygwin/stdlib.h (posix_openpt): Declare.
	* include/cygwin/version.h: Bump API minor number.

2006-07-14  Corinna Vinschen  <corinna@vinschen.de>

	* security.cc (get_token_group_sidlist): Always add the interactive
	group to the token.  Add comment.  Create logon_id group SID by
	copying it from incoming group list.
	(create_token): Add subauth_token parameter.  Use information in
	subauth_token if present.  Tweak SourceIdentifier if subauth_token
	is present for debugging purposes.
	* security.h (create_token): Add subauth_token parameter in declaration.
	* syscalls.cc (seteuid32): Call subauth first.  Call create_token
	regardless.  Use subauth token in call to create_token if subauth
	succeeded.

2006-07-13  Corinna Vinschen  <corinna@vinschen.de>

	* include/netinet/in.h: Update copyright.

2006-07-13  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler_socket.cc (fhandler_socket::wait): Rework function so that
	WaitForMultipleObjects is really only called when necessary.

2006-07-12  Corinna Vinschen  <corinna@vinschen.de>

	* include/netdb.h: Declare rcmd, rcmd_af, rexec, rresvport,
	rresvport_af, iruserok, iruserok_sa, ruserok.

2006-07-12  Corinna Vinschen  <corinna@vinschen.de>

	* Makefile.in (DLL_OFILES): Drop iruserok.o.  Add rcmd.o.
	* autoload.cc (rcmd): Drop definition.
	* cygwin.din: Export bindresvport, bindresvport_sa, iruserok_sa,
	rcmd_af, rresvport_af.
	* net.cc (cygwin_rcmd): Remove.
	(last_used_bindresvport): Rename from last_used_rrecvport.
	(cygwin_bindresvport_sa): New function implementing bindresvport_sa.
	(cygwin_bindresvport): New function implementing bindresvport.
	(cygwin_rresvport): Remove.
	* include/cygwin/version.h: Bump API minor number.
	* include/netinet/in.h: Declare bindresvport and bindresvport_sa.
	* libc/iruserok.c: Remove file.
	* libc/rcmd.cc: New file implementing rcmd, rcmd_af, rresvport,
	rresvport_af, iruserok_sa, iruserok and ruserok.

2006-07-12  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler_socket.cc (fhandler_socket::getsockname): Return valid
	result for unbound sockets.

2006-07-11  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler_socket.cc (fhandler_socket::fixup_after_fork): Handle
	wsock_mtx and wsock_evt on fork, thus handling close_on_exec correctly.
	(fhandler_socket::fixup_after_exec): Drop misguided attempt to handle
	close_on_exec here.
	(fhandler_socket::dup): Call fixup_after_fork with NULL parent.
	Add comment.
	(fhandler_socket::set_close_on_exec): Handle wsock_mtx and wsock_evt.

2006-07-10  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler.h (class fhandler_socket): Add wsock_mtx, wsock_evt
	and wsock_events members.  Remove closed status flag, add listener
	status flag.  Accomodate new implementation of socket event handling
	methods.  Declare recv* and send* functions ssize_t as the POSIX
	equivalents.
	(fhandler_socket::recv_internal): Declare.
	(fhandler_socket::send_internal): Ditto.
	* fhandler_socket.cc (EVENT_MASK): Define mask of selected events.
	(fhandler_socket::fhandler_socket): Initialize new members.
	(fhandler_socket::af_local_setblocking): Don't actually set the
	socket to blocking mode.  Keep sane event selection.
	(fhandler_socket::af_local_unsetblocking): Don't actually set the
	socket to previous blocking setting, just remember it.
	(struct wsa_event): New structure to keep event data per shared
	socket.
	(NUM_SOCKS): Define number of shared sockets concurrently handled by
	all active Cygwin processes.
	(wsa_events): New shared datastructure keeping all wsa_event records.
	(socket_serial_number): New shared variable to identify shared sockets.
	(wsa_slot_mtx): Global mutex to serialize wsa_events access.
	(search_wsa_event_slot): New static function to select a new wsa_event
	slot for a new socket.
	(fhandler_socket::prepare): Rewrite.  Prepare event selection
	per new socket.
	(fhandler_socket::wait): Rewrite.  Wait for socket events in thread
	safe and multiple process safe.
	(fhandler_socket::release): Rewrite.  Close per-socket descriptor
	mutex handle and event handle.
	(fhandler_socket::dup): Duplicate wsock_mtx and wsock_evt.  Fix
	copy-paste error in debug output.
	(fhandler_socket::connect): Accomodate new event handling.
	(fhandler_socket::listen): Set listener flag on successful listen.
	(fhandler_socket::accept): Accomodate new event handling.
	(fhandler_socket::recv_internal): New inline method centralizing
	common recv code.
	(fhandler_socket::recvfrom): Call recv_internal now.
	(fhandler_socket::recvmsg): Ditto.  Streamline copying from iovec
	to WSABUF.
	(fhandler_socket::send_internal): New inline method centralizing
	common send code.
	(fhandler_socket::sendto): Call send_internal now.
	(fhandler_socket::sendmsg): Ditto.  Streamline copying from iovec
	to WSABUF.
	(fhandler_socket::close): Call release now.
	(fhandler_socket::ioctl): Never actually switch to blocking mode.
	Just keep track of the setting.
	* net.cc (fdsock): Call prepare now.
	(cygwin_connect): Revert again to event driven technique.
	(cygwin_accept): Ditto.
	* poll.cc (poll): Don't call recvfrom on a listening socket.
	Remove special case for failing recvfrom.
	* include/sys/socket.h: Declare recv* and send* functions ssize_t as
	requested by POSIX.

2006-07-07  Corinna Vinschen  <corinna@vinschen.de>

	* net.cc (cygwin_inet_ntop): Fix data type of forth parameter.

2006-07-06  Corinna Vinschen  <corinna@vinschen.de>

	* include/cygwin/in6.h (struct in6_addr): Fix typo.

2006-07-06  Corinna Vinschen  <corinna@vinschen.de>

	* cygwin.din: Export in6addr_any, in6addr_loopback, freeaddrinfo,
	gai_strerror, getaddrinfo, getnameinfo.
	* fhandler_socket.cc: Include cygwin/in6.h.
	(get_inet_addr): Accomodate AF_INET6 usage.
	(fhandler_socket::connect): Ditto.
	(fhandler_socket::listen): Ditto.
	(fhandler_socket::sendto): Ditto.
	* net.cc: Include cygwin/in6.h.
	(in6addr_any): Define.
	(in6addr_loopback): Define.
	(cygwin_socket): Accomodate AF_INET6 usage.
	(socketpair): Bind socketpairs only to loopback for security.
	(inet_pton4): New static function.
	(inet_pton6): Ditto.
	(cygwin_inet_pton): New AF_INET6 aware inet_pton implementation.
	(inet_ntop4): New static function.
	(inet_ntop6): Ditto.
	(cygwin_inet_ntop): New AF_INET6 aware inet_ntop implementation.
	(ga_aistruct): New static function.
	(ga_clone): Ditto.
	(ga_echeck): Ditto.
	(ga_nsearch): Ditto.
	(ga_port): Ditto.
	(ga_serv): Ditto.
	(ga_unix): Ditto.
	(gn_ipv46): Ditto.
	(ipv4_freeaddrinfo): Ditto.
	(ipv4_getaddrinfo): Ditto.
	(ipv4_getnameinfo): Ditto.
	(gai_errmap_t): New structure holding error code - error string mapping.
	(cygwin_gai_strerror): New function implementing gai_strerror.
	(w32_to_gai_err): New static function.
	(get_ipv6_funcs): Ditto.
	(load_ipv6_funcs): Ditto.
	(cygwin_freeaddrinfo): New function implementing freeaddrinfo.
	(cygwin_getaddrinfo): New function implementing getaddrinfo.
	(cygwin_getnameinfo): New function implementing getnameinfo.
	* include/netdb.h: Include stdint.h and cygwin/socket.h.  Define
	data types and macros used by getaddrinfo and friends.  Declare
	freeaddrinfo, gai_strerror, getaddrinfo and getnameinfo.
	* include/cygwin/in.h: Add IPv6 related IPPROTOs. Remove definition
	of struct sockaddr_in6.  Include cygwin/in6.h instead.
	* include/cygwin/in6.h: New header file defining IPv6 releated
	data types and macros.
	* include/cygwin/socket.h: Enable AF_INET6 and PF_INET6.  Add
	IPv6 related socket options.
	* include/cygwin/version.h: Bump API minor number.

2006-07-06  Corinna Vinschen  <corinna@vinschen.de>

	* autoload.cc (DsGetDcNameA): Define.
	(NetGetAnyDCName): Define.
	* security.cc: Include dsgetdc.h.
	(DsGetDcNameA): Declare.
	(DS_FORCE_REDISCOVERY): Define.
	(get_logon_server): Add bool parameter to control rediscovery of DC.
	Use DsGetDcNameA function if supported, NetGetDCName/NetGetAnyDCName
	otherwise.
	(get_server_groups): Rediscover DC if get_user_groups fails and
	try again.
	(get_reg_security): Use correct error code macro when testing
	RegGetKeySecurity return value.
	* security.h (get_logon_server): Remove default vaue from wserver
	parameter.  Add rediscovery parameter.
	* uinfo.cc (cygheap_user::env_logsrv): Accomodate rediscovery parameter
	in call to get_logon_server.
2006-07-25 19:23:23 +00:00
Corinna Vinschen
4635b6ebd8 * autoload.cc (NtQueryEaFile): Define.
(NtSetEaFile): Define.
	* fhandler.cc (fhandler_base::open): Use appropriate open flags
	in query case when allow_ntea is set.
	* ntdll.h (struct _FILE_GET_EA_INFORMATION): Define.
	(struct _FILE_FULL_EA_INFORMATION): Define.
	(NtQueryEaFile): Declare.
	(NtSetEaFile): Declare.
	* ntea.cc (read_ea): Rename from NTReadEA and rewrite using
	NtQueryEaFile.
	(write_ea): Rename from NTWriteEA and rewrite using NtSetEaFile.
	* path.cc (get_symlink_ea): Make static.  Add handle parameter to
	accomodate new read_ea call.
	(set_symlink_ea): Make static.  Add handle parameter to accomodate new
	write_ea call.
	(symlink_worker): Call set_symlink_ea while file is still open.
	(symlink_info::check): Call get_symlink_ea after file has been opened.
	* security.cc (get_file_attribute): Accomodate new read_ea call.
	(set_file_attribute): Accomodate new write_ea call.
	* security.h (read_ea): Change declaration accordingly.
	(write_ea): Ditto.
2006-07-03 18:30:08 +00:00
Corinna Vinschen
bb09410538 * security.h (sec_user_nih): Make sid1 argument mandatory.
(sec_user): Ditto.
2006-03-30 16:08:50 +00:00
Christopher Faylor
2f9ae2ed94 Change foo (void) to foo () for all c++ functions throughout. Remove all
fhandler_*::dump functions throughout.
* fhandler.h (fhandler_dev_mem::close): Remove pass-through function in favor
of virtual method.
(handler_dev_raw::close): Ditto.
(fhandler_dev_clipboard::fixup_after_exec): New method.
* fhandler_dev_mem.cc (fhandler_dev_mem::close): Eliminate pass through
* fhandler_dev_raw.cc (fhandler_dev_raw::close): Ditto.
* fhandler_clipboard.cc (fhandler_dev_clipboard::close): Don't go to extra
effort when execing.
(fhandler_dev_clipboard::fixup_after_exec): New function.
* fhandler_console.cc (fhandler_console::close): Don't do "extra stuff" when we
know we're execing.
* fhandler_disk_file.cc (fhandler_disk_file::close): Ditto.
* fhandler_dsp.cc (fhandler_dev_dsp::close): Ditto.
* fhandler_fifo.cc (fhandler_fifo.cc::close): Ditto.  function in favor of base
function.
* fhandler_random.cc (fhandler_dev_random::close): Ditto.
* fhandler_registry.cc (fhandler_registry::close): Ditto.
* fhandler_tty.cc (fhandler_tty_slave::close): Ditto.
* fhandler_virtual.cc (fhandler_virtual::close): Ditto.
* pinfo.cc (proc_waiter): Remove unneeded hExeced declaration.
* sigproc.cc: Ditto.
* winsup.h (hExeced): Define here.
* fhandler_virtual.cc (fhandler_virtual::fixup_after_exec): Just call close()
to reinitialize things to known state.
2005-07-05 03:16:46 +00:00
Corinna Vinschen
7311cc1f0c * pinfo.cc (pinfo::init): Define sa_buf as PSECURITY_ATTRIBUTES and
allocate dynamically.
	(pinfo::set_acl): Replace sa_buf by dynamically allocated acl_buf.
	* sec_acl.cc (setacl): Allocate acl dynamically.
	* sec_helper.cc (sec_acl): Add test for alignment of acl when
	DEBUGGING is defined.
	(__sec_user): Same for sa_buf.
	* security.cc (verify_token): Define sd_buf as PSECURITY_DESCRIPTOR
	and allocate dynamically.
	(alloc_sd): Allocate acl dynamically.
	security.h (sec_user_nih): Change first parameter to
	SECURITY_ATTRIBUTES *.
	(sec_user): Ditto.
	* sigproc.cc (wait_sig): Define sa_buf as PSECURITY_ATTRIBUTES and
	allocate dynamically.
	* syscalls.cc (seteuid32): Define dacl_buf as PACL and allocate
	dynamically.
	* uinfo.cc (cygheap_user::init): Define sa_buf as PSECURITY_ATTRIBUTES
	and allocate dynamically.
	* winbase.h (ilockincr): Mark first argument of inline assembly as
	earlyclobber.
	(ilockdecr): Ditto.
2005-06-07 19:31:42 +00:00
Christopher Faylor
05726ddd86 white space and minor comment cleanup. 2005-05-02 03:50:11 +00:00
Corinna Vinschen
68a3f0d34a * security.h (cygsidlist::addfromgr): Allow duplicate entries.
(get_server_groups): Declare new function.
	* security.cc (is_group_member): Simplify.
	(get_server_groups): New function.
	(get_initgroups_sidlist): Call get_server_groups.
	(verify_token): Allow token when supplementary sids are not in
	/etc/group but are in the token.
	Streamline the code.
	* grp.cc (initgroups32): New implementation.
	(getgroups32): Handle case where the supplementary groups are set.
2005-04-16 15:21:47 +00:00
Corinna Vinschen
b62b8d7c80 * security.h (cygsidlist::addfromgr): Avoid duplicate entries.
* grp.cc (initgrousp): Add syscall_printf.
	(setgroups): Add syscall_printf and make sure sids are added only once.
2005-04-06 12:35:52 +00:00
Corinna Vinschen
f4a1f8a1db * cygheap.cc (cygheap_init): Accomodate set_process_privilege change.
* cygheap.h (cygheap_user::curr_primary_token): New member.
	(cygheap_user::primary_token): New method.
	(cygheap_user::deimpersonate): Always revert to processes'
	impersonation token.
	(cygheap_user::reimpersonate): Set processes' or setuid token as
	necessary.
	(cygheap_user::has_impersonation_tokens): Look for curr_primary_token
	value.
	(cygheap_user::close_impersonation_tokens): Close curr_primary_token
	here if necessary.  Don't reset token values to NO_IMPERSONATION since
	that's done in uinfo_init anyway.
	(init_cygheap::luid): New LUID array keeping privilege LUIDs.
	* cygtls.cc (_cygtls::init_thread): Call cygheap->user.reimpersonate.
	* dcrt0.cc (hProcToken): New global variable to keep process token.
	(hProcImpToken): Ditto for process impersonation token.
	(dll_crt0_0): Open process token here once.  Duplicate to create
	hProcImpToken.
	(dll_crt0_1): Call set_cygwin_privileges.
	* environ.cc (allow_ntea): Drop duplicate declaration.
	(allow_smbntsec): Ditto.
	(set_traverse): Only set allow_traverse here.
	(environ_init): Ditto.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Drop call to
	enable_restore_privilege.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::facl): Ditto.
	* fork.cc (fork_child): Move call to cygheap->user.reimpersonate after
	syn with parent. Call set_cygwin_privileges.
	* grp.cc (internal_getgroups): Use hProcImpToken instead of opening
	process token.
	* path.cc (fs_info::update): Bypass traverse checking when retrieving
	volume information using push/pop_thread_privileges.
	* registry.cc (load_registry_hive): Drop setting restore privilege
	since it's already set if available.
	* sec_helper.cc: Include cygtls.h.
	(cygpriv): Privilege string array.
	(privilege_luid): New function, evaluate LUID from cygpriv_idx.
	(privilege_luid_by_name): New function, evaluate LUID from privilege
	string.
	(privilege_name): New function, evaluate privilege string from
	cygpriv_idx.
	(set_privilege): New static function called by set_process_privilege
	and set_thread_privilege.  Call privilege_luid to get privilege LUID.
	Fix bug in return value evaluation. Improve debug output.
	(set_cygwin_privileges): New function.
	(set_process_privilege): Remove.
	(enable_restore_privilege): Remove.
	* security.cc (allow_traverse): New global variable.
	(sys_privs): Change type to cygpriv_idx and store privilege indices
	instead of strings.
	(SYSTEM_PRIVILEGES_COUNT): Renamed from SYSTEM_PERMISSION_COUNT.
	(get_system_priv_list): Don't use numerical constant in malloc call.
	Use privilege_luid to get privilege LUIDs.
	(get_priv_list): Call privilege_luid_by_name to get LUIDs. Improve
	inner privilege LUID comparison loop.
	(create_token): Enable create token privilege using
	push/pop_self_privileges. Use hProcToken instead of opening process
	token. Use default DACL when duplicating token.
	(subauth): Enable tcb privilege using push/pop_self_privileges.
	Use sec_none instead of homw made security attributes when duplicating
	token.
	(check_file_access): Don't duplicate access token, use active
	impersonation token as is.
	* security.h (enum cygpriv_idx): New enumeration type enumerating
	possible privileges.
	(privilege_luid): Declare new function.
	(privilege_luid_by_name): Ditto.
	(privilege_name): Ditto.
	(allow_traverse): Declare.
	(set_privilege): Declare function.
	(set_process_privilege): Define as macro.
	(enable_restore_privilege): Remove declaration.
	(_push_thread_privilege): Define macro.
	(push_thread_privilege): Ditto.
	(pop_thread_privilege): Ditto.
	(pop_self_privilege): Ditto.
	* spawn.cc (spawn_guts): Use cygheap->user.primary_token instead of
	cygheap->user.token.
	* syscalls.cc (statvfs): Bypass traverse checking when retrieving
	volume information using push/pop_thread_privileges. Rearrange code
	to simplify push/pop bracketing.
	(seteuid32): Use hProcToken instead of opening process token. Call
	cygheap->user.deimpersonate instead of RevertToSelf.  Create
	impersonation token from primary internal or external token.  Set
	cygheap->user.curr_primary_token and cygheap->user.current_token
	privileges once here.  Drop "failed" and "failed_ptok" labels.
	Drop setting DefaultDacl of process token.
	(setegid32): Use hProcToken and hProcImpToken instead of opening
	process token. Always reimpersonate afterwards.
	* uinfo.cc (cygheap_user::init): Use hProcToken instead of opening
	process token.
	(internal_getlogin): Ditto. Set hProcImpToken, too.
	(uinfo_init): Initialize cygheap->user.curr_primary_token.
	* winsup.h (hProcToken): Declare.
	(hProcImpToken): Declare.
2005-04-03 13:06:43 +00:00
Christopher Faylor
731028b326 copyright 2005-02-20 04:25:33 +00:00
Christopher Faylor
264f41f081 white space 2005-02-13 18:17:29 +00:00
Pierre Humblet
bd0e9c7aa6 2004-06-17 Pierre Humblet <pierre.humblet@ieee.org>
* fhandler.cc (fhandler_base::open_9x): Do not check for null name.
        Move debug_printf to common code line.
        (fhandler_base::open): Ditto. Initialize upath. Remove second argument
        of pc.get_nt_native_path.
        * path.h (path_conv::get_nt_native_path): Remove second argument.
        * path.cc (path_conv::get_nt_native_path): Ditto. Call str2uni_cat.
        * security.h (str2buf2uni_cat): Delete declaration.
        (str2uni_cat): New declaration.
        * security.cc (str2buf2uni): Get length from sys_mbstowcs call.
        (str2buf2uni_cat): Delete function.
        (str2uni_cat): New function.
        * miscfuncs.cc (sys_mbstowcs): Add debug_printf.
2004-06-17 13:34:26 +00:00
Corinna Vinschen
e859706578 * autoload.cc (NtCreateFile): Add.
* dir.cc (mkdir): Change set_file_attribute call to indicate that
	NT security isn't used.
	* fhandler.cc (fhandler_base::open_9x): New method, created from
	fhandler_base::open.
	(fhandler_base::open): Rearrange to use NtCreateFile instead of
	CreateFile.
	* fhandler.h (enum query_state): Redefine query_null_access to
	query_stat_control.  query_null_access isn't allowed in NtCreateFile.
	(fhandler_base::open_9x): Declare.
	* fhandler_disk_file.cc (fhandler_base::fstat_fs): Use
	query_stat_control first, query_read_control if that fails.
	(fhandler_disk_file::fchmod): Call enable_restore_privilege before
	trying to open for query_write_control.  Don't fall back to
	opening for query_read_control.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::facl):  Only request restore privilege and query
	access necessary for given cmd.
	* fhandler_raw.cc (fhandler_dev_raw::open): Call fhandler_base::open
	instead of opening device here.
	* ntdll.h (NtCreateFile): Declare.
	* path.cc (symlink_worker): Change set_file_attribute call to indicate
	that NT security isn't used.
	* sec_acl.cc (getacl): Fix bracketing.
	* sec_helper.cc (enable_restore_privilege): New function.
	* security.cc (str2buf2uni_cat): New function.
	(write_sd): Don't request restore permission here.
	* security.h (set_process_privileges): Drop stale declaration.
	(str2buf2uni): Declare.
	(str2buf2uni_cat): Declare.
	(enable_restore_privilege): Declare.
	* syscalls.cc (fchown32): Return immediate success on 9x.
2004-04-16 21:22:13 +00:00
Corinna Vinschen
e3d1d51579 * fhandler.cc (fhandler_base::open): Simplify access evaluation
expression.
	(fhandler_base::facl): New method.
	* fhandler.h: Declare facl method in fhandler_base,
	fhandler_disk_file and fhandler_virtual.
	* fhandler_disk_file.cc (fhandler_disk_file::facl): New method.
	* fhandler_virtual.cc (fhandler_virtual::facl): New method.
	* sec_acl.cc: Remove forward declaration for aclsort32 and acl32.
	(setacl): Remove static.  Add and use handle parameter.
	(getacl): Ditto.
	(acl_worker): Reorganize to call fhandler's facl method eventually.
	(facl32): Ditto.
	* security.cc (get_nt_object_security): Remove static.
	* security.h: Add extern declarations for get_nt_object_security,
	aclsort32, acl32, getacl and setacl.


	Apply missing syscalls.cc patch and ChangeLog of previous check in.
	* syscalls.cc (chown_worker): Reorganize to call fhandler's fchown
	method eventually.
	(fchown): Ditto.
2004-04-14 16:36:26 +00:00
Corinna Vinschen
ddf9c4a744 * fhandler.cc (fhandler_base::open): Accomodate query_write_control
query_state.
	(fhandler_base::fchown): New method.
	* fhandler.h: Declare fchown method in fhandler_base,
	fhandler_disk_file and fhandler_virtual.
	(enum query_state): Add query_write_control.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Set query_state
	to query_write_control.  Only remove FILE_ATTRIBUTE_READONLY if not
	setting security descriptor.
	(fhandler_disk_file::fchown): New method.
	* fhandler_virtual.cc (fhandler_virtual::fchown): New method.
	* sec_acl.cc (setacl): Call write_sd with additional handle attribute.
	* security.cc (write_sd): Take handle argument.  Only request owner
	if getting SE_RESTORE_NAME privilege failed.  Only open file if
	NtSetSecurityObject failed or handle is NULL.
	(set_nt_attribute): Call write_sd with additional handle attribute.
	* security.h (write_sd): Declare with additional handle argument.
2004-04-14 13:40:07 +00:00