Commit Graph

83 Commits

Author SHA1 Message Date
Christopher Faylor 6e070c257c * Makefile (DLL_OFILES): Remove ntea.o
* environ.cc (set_ntea): Delete.
(parse_thing): Delete "ntea" setting.
* fhandler.cc (fhandler_base::open): Remove allow_ntea considerations.
(check_posix_perm): Ditto.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Ditto.
(fhandler_base::open_fs): Ditto.
(fhandler_disk_file::mkdir): Ditto.
* path.cc (symlink_worker): Ditto.
* security.cc (get_file_attribute): Ditto.
(set_file_attribute): Ditto.
* security.h: Remove allow_ntea declaration.
2007-03-01 15:13:47 +00:00
Corinna Vinschen a76877e977 Throughout remove all usage of wincap.has_security.
* environ.cc (environ_init): Drop setting allow_ntsec here.
	* grp.cc (initgroups32): Drop usage of label "out".
	* security.cc (allow_ntsec): Set to true by default.
	* syscalls.cc (seteuid32): Remove label success_9x.
	* wincap.cc: Remove has_security throughout.
	* wincap.h: Ditto.
2007-02-23 15:15:50 +00:00
Corinna Vinschen fd1bf882f5 * security.h (pop_thread_privilege): Revert to previous state, not
to token used for impersonation.
2007-01-24 12:14:54 +00:00
Corinna Vinschen 6bcc8fd7b1 * security.h (setacl): Add parameter for writability flag.
* sec_acl.cc (setacl): Ditto.  Set to true if any ACE with write
	permissions is created.
	* fhandler_disk_file.cc (fhandler_disk_file::facl): Reset
	FILE_ATTRIBUTE_READONLY if ACL contains an ACE with write permissions.
2007-01-07 12:44:10 +00:00
Corinna Vinschen 97b09fe1c5 Partially revert change from 2006-10-22. GetSecurityInfo messes up
user information on NT4.
	* sec_helper.cc (security_descriptor::malloc): Drop LocalAlloc
	considerations.
	(security_descriptor::realloc): Ditto.
	(security_descriptor::free): Ditto.
	* security.cc (get_reg_security): Reinstantiate.
	(get_nt_object_security): Revert to using NtQuerySecurityObject.
	* security.h (class security_descriptor): Drop type member.
	Accommodate throughout.
	(security_descriptor::size): Constify.
	(security_descriptor::copy): Ditto.
2006-12-20 17:14:23 +00:00
Corinna Vinschen 26684e48d2 * environ.cc (subauth_id_init): Remove.
(parse_thing): Drop "subauth_id" option.
	* security.cc (get_token_group_sidlist): Drop comments concerning
	subauthentication.
	(create_token): Back out subauthentication related changes.
	(subauth): Remove.
	* security.h (create_token): Remove declaration.
	(subauth): Ditto.
	* syscalls.cc (seteuid32): Drop subauthentication handling entirely.
2006-12-12 19:18:56 +00:00
Corinna Vinschen a889232410 * environ.cc (set_traverse): Remove.
(parse_thing): Drop "traverse" option.
	* path.cc (fs_info::update): Don't request SE_CHANGE_NOTIFY_PRIV
	privilege.
	* sec_helper.cc (set_cygwin_privileges): Ditto.
	* security.cc (allow_traverse): Remove.
	(alloc_sd): Drop special allow_traverse code.
	* security.h (allow_traverse): Drop declaration.
	* syscalls.cc (statvfs): Don't request SE_CHANGE_NOTIFY_PRIV privilege.
2006-12-12 18:47:25 +00:00
Corinna Vinschen 5684cfebba Partially revert change from 2005-04-03, always running under an
impersonation token, which collides with Vista UAC.
	* cygheap.h (deimpersonate): revert to self instead of impersonating
	hProcImpToken.
	(reimpersonate): Only impersonate if setuid.
	* dcrt0.cc (dll_crt0_0): Don't initialize hProcImpToken here.
	(dll_crt0_1): Set privileges on hProcToken.
	* fork.cc (frok::child): Set privileges on hProcToken.  Close handle to
	hProcImpToken.
	* grp.cc (internal_getgroups): Use hProcToken instead of hProcImpToken.
	* security.cc (check_access): Create hProcImpToken on demand here.
	* security.h (set_process_privilege): Set privileges on hProcToken.
	(_push_thread_privilege): Use hProcToken instead of hProcImpToken.
	(pop_thread_privilege): If not setuid'ed, revert to self.
	* syscalls.cc (setegid32): Drop setting primary group on hProcImpToken.
	Close handle to hProcImpToken.
	* uinfo.cc (internal_getlogin): Ditto.
	* winsup.h (clear_procimptoken): New inline function.
2006-12-12 16:27:32 +00:00
Corinna Vinschen b825c587ba * cyglsa.h: New header file.
* environ.cc: Disable subauth settings.
	* grp.cc: Accomodate cygsidlist's count now being a method.
	* sec_helper.cc (SECURITY_MANDATORY_INTEGRITY_AUTHORITY): Remove.
	(mandatory_medium_integrity_sid): Remove.
	(mandatory_high_integrity_sid): Remove.
	(mandatory_system_integrity_sid): Remove.
	(fake_logon_sid): Add.
	(cygsid::get_sid): Add well_known parameter.  Set well_known_sid
	accordingly.
	(cygsid::getfromstr): Ditto.
	(cygsidlist::alloc_sids): Move here from security.cc.
	(cygsidlist::free_sids): Ditto.
	(cygsidlist::add): Move here from security.h.  Add well_known parameter.
	Set well_known_sid accordingly.  Don't allow duplicate SIDs.
	* security.cc: Include cyglsa.h and cygwin/version.h.  Throughout
	accomodate cygsidlist's count now being a method.  Throughout drop
	redundant "contains" tests.
	(get_user_local_groups): Add local groups as well known SIDs.
	(get_token_group_sidlist): Add well known groups as well known SIDs.
	(get_server_groups): Ditto.  Only call get_unix_group_sidlist after
	get_user_local_groups to maintain "well_known_sid" attribute.
	(get_initgroups_sidlist): Add well known groups as well known SIDs.
	(get_setgroups_sidlist): Add usersid and struct passwd parameter to
	allow calling get_server_groups from here.
	(get_system_priv_list): Make static.  Return size of TOKEN_PRIVILEGES
	structure.
	(get_priv_list): Ditto.
	(create_token): Accomodate above changes.  Drop misguided attempt to
	add MIC SIDs to created user token.  Print returned token as hex value.
	(subauth): Disable.
	(lsaauth): New function implementing client side of LSA authentication.
	* security.h (class cygsid): Add well_known_sid attribute.  Accomodate
	throughout.  Add *= operator to create a well known SID.
	(class cygsidlist): Rename count to cnt.  Make count a method.
	(cygsidlist::add): Move to sec_helper.cc.
	(cygsidlist::operator *=): New method to add well known SID.
	(cygsidlist::non_well_known_count): New method returning number of
	non well known SIDs in list.
	(cygsidlist::next_non_well_known_sid): New method returning next non
	well known SID by index.
	(mandatory_medium_integrity_sid): Drop declaration.
	(mandatory_high_integrity_sid): Drop declaration.
	(mandatory_system_integrity_sid): Drop declaration.
	(fake_logon_sid): Add declaration.
	(subauth): Disable declaration.
	(lsaauth): Add declaration.
	* syscalls.cc (seteuid32): Disable subauthentication.  Add LSA
	authentication.
	* wincap.h: Define needs_logon_sid_in_sid_list throughout.
	* wincap.cc: Ditto.
2006-11-27 12:59:59 +00:00
Corinna Vinschen 124b187f16 * security.h (DBGSID): Define for debugging purposes.
(MKSID): Rename from SID so as to not hide SID definition from winnt.h.
	* sec_helper.cc: Change SID to MKSID throughout.
2006-11-23 16:44:55 +00:00
Corinna Vinschen 2fd2ddf3f5 * sec_helper.cc (sid_auth): Remove.
(well_known_this_org_sid): New well known sid.
	(SECURITY_MANDATORY_INTEGRITY_AUTHORITY): Define.
	(mandatory_medium_integrity_sid): New well known sid.
	(mandatory_high_integrity_sid): Ditto.
	(mandatory_system_integrity_sid): Ditto.
	(cygsid::get_sid): Use local SID_IDENTIFIER_AUTHORITY.  Allow all
	authorities fitting in a UCHAR.
	* security.cc (get_token_group_sidlist): Always add the local
	group to the token.  Add comment.  Add "This Organization" group
	if available in incoming group list.
	(get_server_groups): Only add world and authenticated users groups
	if not already in list.
	(create_token): Add matching mandatory integrity SID to group list
	on systems supporting Mandatory Integrity Control.
	* security.h (well_known_this_org_sid): Define.
	(mandatory_medium_integrity_sid): Define.
	(mandatory_high_integrity_sid): Define.
	(mandatory_system_integrity_sid): Define.
	* wincap.h: Define has_mandatory_integrity_control throughout.
	* wincap.cc: Ditto.
2006-11-08 11:38:05 +00:00
Corinna Vinschen b904c35100 * security.h (cygpriv_idx): Add privileges new in Vista.
* security.cc (sys_privs): Ditto.
	* sec_helper.cc (cygpriv): Ditto.  Fix comment.
2006-11-01 09:00:14 +00:00
Corinna Vinschen fc545fe933 * fhandler_disk_file.cc (fhandler_disk_file::facl): Fix whitespace.
* external.cc: Update copyright.
	* fhandler.cc: Ditto.
	* sec_helper.cc: Ditto.
	* security.h: Ditto.
	* security.cc: Ditto.
	(check_registry_access): Return -1 if W_OK is requested.
2006-10-22 19:31:33 +00:00
Corinna Vinschen 2be593d961 * external.cc (cygwin_internal): Use security_descriptor::copy method.
* sec_helper.cc (security_descriptor::malloc): Use own free method.
	Set type.
	(security_descriptor::realloc): Handle the case that psd has been
	allocated using LocalAlloc.  Set type.
	(security_descriptor::free): Ditto.
	* security.cc (get_nt_attribute): Remove.
	(get_reg_security): Remove.
	(get_nt_object_security): Use GetSecurityInfo which handles all
	securable objects.
	(get_nt_object_attribute): Remove.
	(get_object_attribute): Call get_nt_object_security instead of
	get_nt_object_attribute.
	(get_file_attribute): Ditto.
	(check_registry_access): Call get_nt_object_security instead of
	get_reg_security.
	* security.h (cygpsid::operator PSID): Make method const, not the
	result.
	(class security_descriptor): Add type member.  Accomodate throughout.
	(security_descriptor::copy): New method.
	(security_descriptor::operator PSECURITY_DESCRIPTOR *): New operator.
2006-10-22 14:57:43 +00:00
Corinna Vinschen 1b4153db74 * fhandler.cc (fhandler_base::fhaccess): Call check_registry_access
for registry keys/values if ntsec is on.
	* security.cc (check_access): New static function derived from
	check_file_access, but object type agnostic.
	(check_file_access): Only do file specific stuff.  Call check_access.
	(check_registry_access): New access check function for registry keys/
	values.
	* security.h (check_registry_access): Declare.
2006-10-21 11:05:32 +00:00
Corinna Vinschen 70e476d27b 2006-07-25 Corinna Vinschen <corinna@vinschen.de>
* include/cygwin/version.h: Bump DLL version to 1.7.0.

2006-07-25  Corinna Vinschen  <corinna@vinschen.de>

	* select.h: Remove.
	* fhandler_socket.cc: Don't include select.h.
	* select.cc: Ditto.

2006-07-25  Corinna Vinschen  <corinna@vinschen.de>

	* cygtls.h: Drop socket related includes.
	(struct _local_storage): Remove exitsock and exitsock_sin. Add
	select_sockevt.
	* cygtls.cc: Accomodate above change throughout.
	* fhandler.h (class fhandler_socket): Make wsock_evt public.
	* fhandler_socket.cc (fhandler_socket::fhandler_socket): Accomodate
	reordering members.
	(fhandler_socket::evaluate_events): Drop FD_CONNECT event as soon as
	it gets read once.  Never remove FD_WRITE event here.
	(fhandler_socket::wait_for_events): Wait 50 ms instead of INFINITE for
	socket events.
	(fhandler_socket::accept): Fix conditional.  Set wsock_events members
	of accepted socket to useful start values.
	(fhandler_socket::recv_internal): Always drop FD_READ/FD_OOB events from
	wsock_events after the call to WSARecvFrom.
	(fhandler_socket::send_internal): Drop FD_WRITE event from wsock_events
	if the call to WSASendTo fails with WSAEWOULDBLOCK.  Fix return value
	condition.
	* select.cc (struct socketinf): Change to accomodate using socket event
	handling.
	(peek_socket): Use event handling for peeking socket.
	(thread_socket): Ditto.
	(start_thread_socket): Ditto.
	(socket_cleanup): Same here.
	* tlsoffsets.h: Regenerate.

2006-07-20  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler.h (class fhandler_socket): Rearrange slightly to keep
	event handling methods and members together.  Drop owner status flag.
	Split wait method.  Rename event handling methods for readability.
	* fhandler_socket.cc (struct wsa_event): Add owner field.
	(LOCK_EVENTS): New macro.
	(UNLOCK_EVENTS): Ditto.
	(fhandler_socket::init_events): rename from prepare.
	(fhandler_socket::evaluate_events): First half of former wait method.
	Do everything but wait.  Allow specifiying whether or not events from
	event_mask should be erased from wsock_events->events.  Simplify
	OOB handling.  Allow sending SIGURG to any process (group).
	(fhandler_socket::wait_for_events): Second half of former wait method.
	Call evaluate_events and wait in a loop if socket is blocking.
	(fhandler_socket::release_events): Rename from release.
	(fhandler_socket::connect): Accomodate above name changes.
	(fhandler_socket::accept): Ditto.
	(fhandler_socket::recv_internal): Ditto.
	(fhandler_socket::send_internal): Ditto.
	(fhandler_socket::close): Ditto.
	(fhandler_socket::fcntl): Always set owner to given input value on
	F_SETOWN.  Handle F_GETOWN.
	* net.cc (fdsock): Accomodate above name changes.

2006-07-20  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler_socket.cc (fhandler_socket::wait): Set Winsock errno to
	WSAEWOULDBLOCK instead of WSAEINPROGRESS.

2006-07-18  Brian Ford  <Brian.Ford@FlightSafety.com>
	    Corinna Vinschen  <corinna@vinschen.de>

	* winsup.h (mmap_region_status): New enum.
	(mmap_is_attached_or_noreserve_page): Adjust prototype and rename
	as below.
	* mmap.cc (mmap_is_attached_or_noreserve_page):  Rename
	mmap_is_attached_or_noreserve.  Add region length parameter.
	Return enum above.
	* exceptions.cc (_cygtls::handle_exceptions): Accomodate above.
	* fhandler.cc (fhandler_base::raw_read): Call above for NOACCESS
	errors and retry on success to allow reads into untouched
	MAP_NORESERVE buffers.

2006-07-18  Corinna Vinschen  <corinna@vinschen.de>

	* cygwin.din (posix_openpt): Export.
	* tty.cc (posix_openpt): New function.
	* include/cygwin/stdlib.h (posix_openpt): Declare.
	* include/cygwin/version.h: Bump API minor number.

2006-07-14  Corinna Vinschen  <corinna@vinschen.de>

	* security.cc (get_token_group_sidlist): Always add the interactive
	group to the token.  Add comment.  Create logon_id group SID by
	copying it from incoming group list.
	(create_token): Add subauth_token parameter.  Use information in
	subauth_token if present.  Tweak SourceIdentifier if subauth_token
	is present for debugging purposes.
	* security.h (create_token): Add subauth_token parameter in declaration.
	* syscalls.cc (seteuid32): Call subauth first.  Call create_token
	regardless.  Use subauth token in call to create_token if subauth
	succeeded.

2006-07-13  Corinna Vinschen  <corinna@vinschen.de>

	* include/netinet/in.h: Update copyright.

2006-07-13  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler_socket.cc (fhandler_socket::wait): Rework function so that
	WaitForMultipleObjects is really only called when necessary.

2006-07-12  Corinna Vinschen  <corinna@vinschen.de>

	* include/netdb.h: Declare rcmd, rcmd_af, rexec, rresvport,
	rresvport_af, iruserok, iruserok_sa, ruserok.

2006-07-12  Corinna Vinschen  <corinna@vinschen.de>

	* Makefile.in (DLL_OFILES): Drop iruserok.o.  Add rcmd.o.
	* autoload.cc (rcmd): Drop definition.
	* cygwin.din: Export bindresvport, bindresvport_sa, iruserok_sa,
	rcmd_af, rresvport_af.
	* net.cc (cygwin_rcmd): Remove.
	(last_used_bindresvport): Rename from last_used_rrecvport.
	(cygwin_bindresvport_sa): New function implementing bindresvport_sa.
	(cygwin_bindresvport): New function implementing bindresvport.
	(cygwin_rresvport): Remove.
	* include/cygwin/version.h: Bump API minor number.
	* include/netinet/in.h: Declare bindresvport and bindresvport_sa.
	* libc/iruserok.c: Remove file.
	* libc/rcmd.cc: New file implementing rcmd, rcmd_af, rresvport,
	rresvport_af, iruserok_sa, iruserok and ruserok.

2006-07-12  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler_socket.cc (fhandler_socket::getsockname): Return valid
	result for unbound sockets.

2006-07-11  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler_socket.cc (fhandler_socket::fixup_after_fork): Handle
	wsock_mtx and wsock_evt on fork, thus handling close_on_exec correctly.
	(fhandler_socket::fixup_after_exec): Drop misguided attempt to handle
	close_on_exec here.
	(fhandler_socket::dup): Call fixup_after_fork with NULL parent.
	Add comment.
	(fhandler_socket::set_close_on_exec): Handle wsock_mtx and wsock_evt.

2006-07-10  Corinna Vinschen  <corinna@vinschen.de>

	* fhandler.h (class fhandler_socket): Add wsock_mtx, wsock_evt
	and wsock_events members.  Remove closed status flag, add listener
	status flag.  Accomodate new implementation of socket event handling
	methods.  Declare recv* and send* functions ssize_t as the POSIX
	equivalents.
	(fhandler_socket::recv_internal): Declare.
	(fhandler_socket::send_internal): Ditto.
	* fhandler_socket.cc (EVENT_MASK): Define mask of selected events.
	(fhandler_socket::fhandler_socket): Initialize new members.
	(fhandler_socket::af_local_setblocking): Don't actually set the
	socket to blocking mode.  Keep sane event selection.
	(fhandler_socket::af_local_unsetblocking): Don't actually set the
	socket to previous blocking setting, just remember it.
	(struct wsa_event): New structure to keep event data per shared
	socket.
	(NUM_SOCKS): Define number of shared sockets concurrently handled by
	all active Cygwin processes.
	(wsa_events): New shared datastructure keeping all wsa_event records.
	(socket_serial_number): New shared variable to identify shared sockets.
	(wsa_slot_mtx): Global mutex to serialize wsa_events access.
	(search_wsa_event_slot): New static function to select a new wsa_event
	slot for a new socket.
	(fhandler_socket::prepare): Rewrite.  Prepare event selection
	per new socket.
	(fhandler_socket::wait): Rewrite.  Wait for socket events in thread
	safe and multiple process safe.
	(fhandler_socket::release): Rewrite.  Close per-socket descriptor
	mutex handle and event handle.
	(fhandler_socket::dup): Duplicate wsock_mtx and wsock_evt.  Fix
	copy-paste error in debug output.
	(fhandler_socket::connect): Accomodate new event handling.
	(fhandler_socket::listen): Set listener flag on successful listen.
	(fhandler_socket::accept): Accomodate new event handling.
	(fhandler_socket::recv_internal): New inline method centralizing
	common recv code.
	(fhandler_socket::recvfrom): Call recv_internal now.
	(fhandler_socket::recvmsg): Ditto.  Streamline copying from iovec
	to WSABUF.
	(fhandler_socket::send_internal): New inline method centralizing
	common send code.
	(fhandler_socket::sendto): Call send_internal now.
	(fhandler_socket::sendmsg): Ditto.  Streamline copying from iovec
	to WSABUF.
	(fhandler_socket::close): Call release now.
	(fhandler_socket::ioctl): Never actually switch to blocking mode.
	Just keep track of the setting.
	* net.cc (fdsock): Call prepare now.
	(cygwin_connect): Revert again to event driven technique.
	(cygwin_accept): Ditto.
	* poll.cc (poll): Don't call recvfrom on a listening socket.
	Remove special case for failing recvfrom.
	* include/sys/socket.h: Declare recv* and send* functions ssize_t as
	requested by POSIX.

2006-07-07  Corinna Vinschen  <corinna@vinschen.de>

	* net.cc (cygwin_inet_ntop): Fix data type of forth parameter.

2006-07-06  Corinna Vinschen  <corinna@vinschen.de>

	* include/cygwin/in6.h (struct in6_addr): Fix typo.

2006-07-06  Corinna Vinschen  <corinna@vinschen.de>

	* cygwin.din: Export in6addr_any, in6addr_loopback, freeaddrinfo,
	gai_strerror, getaddrinfo, getnameinfo.
	* fhandler_socket.cc: Include cygwin/in6.h.
	(get_inet_addr): Accomodate AF_INET6 usage.
	(fhandler_socket::connect): Ditto.
	(fhandler_socket::listen): Ditto.
	(fhandler_socket::sendto): Ditto.
	* net.cc: Include cygwin/in6.h.
	(in6addr_any): Define.
	(in6addr_loopback): Define.
	(cygwin_socket): Accomodate AF_INET6 usage.
	(socketpair): Bind socketpairs only to loopback for security.
	(inet_pton4): New static function.
	(inet_pton6): Ditto.
	(cygwin_inet_pton): New AF_INET6 aware inet_pton implementation.
	(inet_ntop4): New static function.
	(inet_ntop6): Ditto.
	(cygwin_inet_ntop): New AF_INET6 aware inet_ntop implementation.
	(ga_aistruct): New static function.
	(ga_clone): Ditto.
	(ga_echeck): Ditto.
	(ga_nsearch): Ditto.
	(ga_port): Ditto.
	(ga_serv): Ditto.
	(ga_unix): Ditto.
	(gn_ipv46): Ditto.
	(ipv4_freeaddrinfo): Ditto.
	(ipv4_getaddrinfo): Ditto.
	(ipv4_getnameinfo): Ditto.
	(gai_errmap_t): New structure holding error code - error string mapping.
	(cygwin_gai_strerror): New function implementing gai_strerror.
	(w32_to_gai_err): New static function.
	(get_ipv6_funcs): Ditto.
	(load_ipv6_funcs): Ditto.
	(cygwin_freeaddrinfo): New function implementing freeaddrinfo.
	(cygwin_getaddrinfo): New function implementing getaddrinfo.
	(cygwin_getnameinfo): New function implementing getnameinfo.
	* include/netdb.h: Include stdint.h and cygwin/socket.h.  Define
	data types and macros used by getaddrinfo and friends.  Declare
	freeaddrinfo, gai_strerror, getaddrinfo and getnameinfo.
	* include/cygwin/in.h: Add IPv6 related IPPROTOs. Remove definition
	of struct sockaddr_in6.  Include cygwin/in6.h instead.
	* include/cygwin/in6.h: New header file defining IPv6 releated
	data types and macros.
	* include/cygwin/socket.h: Enable AF_INET6 and PF_INET6.  Add
	IPv6 related socket options.
	* include/cygwin/version.h: Bump API minor number.

2006-07-06  Corinna Vinschen  <corinna@vinschen.de>

	* autoload.cc (DsGetDcNameA): Define.
	(NetGetAnyDCName): Define.
	* security.cc: Include dsgetdc.h.
	(DsGetDcNameA): Declare.
	(DS_FORCE_REDISCOVERY): Define.
	(get_logon_server): Add bool parameter to control rediscovery of DC.
	Use DsGetDcNameA function if supported, NetGetDCName/NetGetAnyDCName
	otherwise.
	(get_server_groups): Rediscover DC if get_user_groups fails and
	try again.
	(get_reg_security): Use correct error code macro when testing
	RegGetKeySecurity return value.
	* security.h (get_logon_server): Remove default vaue from wserver
	parameter.  Add rediscovery parameter.
	* uinfo.cc (cygheap_user::env_logsrv): Accomodate rediscovery parameter
	in call to get_logon_server.
2006-07-25 19:23:23 +00:00
Corinna Vinschen 4635b6ebd8 * autoload.cc (NtQueryEaFile): Define.
(NtSetEaFile): Define.
	* fhandler.cc (fhandler_base::open): Use appropriate open flags
	in query case when allow_ntea is set.
	* ntdll.h (struct _FILE_GET_EA_INFORMATION): Define.
	(struct _FILE_FULL_EA_INFORMATION): Define.
	(NtQueryEaFile): Declare.
	(NtSetEaFile): Declare.
	* ntea.cc (read_ea): Rename from NTReadEA and rewrite using
	NtQueryEaFile.
	(write_ea): Rename from NTWriteEA and rewrite using NtSetEaFile.
	* path.cc (get_symlink_ea): Make static.  Add handle parameter to
	accomodate new read_ea call.
	(set_symlink_ea): Make static.  Add handle parameter to accomodate new
	write_ea call.
	(symlink_worker): Call set_symlink_ea while file is still open.
	(symlink_info::check): Call get_symlink_ea after file has been opened.
	* security.cc (get_file_attribute): Accomodate new read_ea call.
	(set_file_attribute): Accomodate new write_ea call.
	* security.h (read_ea): Change declaration accordingly.
	(write_ea): Ditto.
2006-07-03 18:30:08 +00:00
Corinna Vinschen bb09410538 * security.h (sec_user_nih): Make sid1 argument mandatory.
(sec_user): Ditto.
2006-03-30 16:08:50 +00:00
Christopher Faylor 2f9ae2ed94 Change foo (void) to foo () for all c++ functions throughout. Remove all
fhandler_*::dump functions throughout.
* fhandler.h (fhandler_dev_mem::close): Remove pass-through function in favor
of virtual method.
(handler_dev_raw::close): Ditto.
(fhandler_dev_clipboard::fixup_after_exec): New method.
* fhandler_dev_mem.cc (fhandler_dev_mem::close): Eliminate pass through
* fhandler_dev_raw.cc (fhandler_dev_raw::close): Ditto.
* fhandler_clipboard.cc (fhandler_dev_clipboard::close): Don't go to extra
effort when execing.
(fhandler_dev_clipboard::fixup_after_exec): New function.
* fhandler_console.cc (fhandler_console::close): Don't do "extra stuff" when we
know we're execing.
* fhandler_disk_file.cc (fhandler_disk_file::close): Ditto.
* fhandler_dsp.cc (fhandler_dev_dsp::close): Ditto.
* fhandler_fifo.cc (fhandler_fifo.cc::close): Ditto.  function in favor of base
function.
* fhandler_random.cc (fhandler_dev_random::close): Ditto.
* fhandler_registry.cc (fhandler_registry::close): Ditto.
* fhandler_tty.cc (fhandler_tty_slave::close): Ditto.
* fhandler_virtual.cc (fhandler_virtual::close): Ditto.
* pinfo.cc (proc_waiter): Remove unneeded hExeced declaration.
* sigproc.cc: Ditto.
* winsup.h (hExeced): Define here.
* fhandler_virtual.cc (fhandler_virtual::fixup_after_exec): Just call close()
to reinitialize things to known state.
2005-07-05 03:16:46 +00:00
Corinna Vinschen 7311cc1f0c * pinfo.cc (pinfo::init): Define sa_buf as PSECURITY_ATTRIBUTES and
allocate dynamically.
	(pinfo::set_acl): Replace sa_buf by dynamically allocated acl_buf.
	* sec_acl.cc (setacl): Allocate acl dynamically.
	* sec_helper.cc (sec_acl): Add test for alignment of acl when
	DEBUGGING is defined.
	(__sec_user): Same for sa_buf.
	* security.cc (verify_token): Define sd_buf as PSECURITY_DESCRIPTOR
	and allocate dynamically.
	(alloc_sd): Allocate acl dynamically.
	security.h (sec_user_nih): Change first parameter to
	SECURITY_ATTRIBUTES *.
	(sec_user): Ditto.
	* sigproc.cc (wait_sig): Define sa_buf as PSECURITY_ATTRIBUTES and
	allocate dynamically.
	* syscalls.cc (seteuid32): Define dacl_buf as PACL and allocate
	dynamically.
	* uinfo.cc (cygheap_user::init): Define sa_buf as PSECURITY_ATTRIBUTES
	and allocate dynamically.
	* winbase.h (ilockincr): Mark first argument of inline assembly as
	earlyclobber.
	(ilockdecr): Ditto.
2005-06-07 19:31:42 +00:00
Christopher Faylor 05726ddd86 white space and minor comment cleanup. 2005-05-02 03:50:11 +00:00
Corinna Vinschen 68a3f0d34a * security.h (cygsidlist::addfromgr): Allow duplicate entries.
(get_server_groups): Declare new function.
	* security.cc (is_group_member): Simplify.
	(get_server_groups): New function.
	(get_initgroups_sidlist): Call get_server_groups.
	(verify_token): Allow token when supplementary sids are not in
	/etc/group but are in the token.
	Streamline the code.
	* grp.cc (initgroups32): New implementation.
	(getgroups32): Handle case where the supplementary groups are set.
2005-04-16 15:21:47 +00:00
Corinna Vinschen b62b8d7c80 * security.h (cygsidlist::addfromgr): Avoid duplicate entries.
* grp.cc (initgrousp): Add syscall_printf.
	(setgroups): Add syscall_printf and make sure sids are added only once.
2005-04-06 12:35:52 +00:00
Corinna Vinschen f4a1f8a1db * cygheap.cc (cygheap_init): Accomodate set_process_privilege change.
* cygheap.h (cygheap_user::curr_primary_token): New member.
	(cygheap_user::primary_token): New method.
	(cygheap_user::deimpersonate): Always revert to processes'
	impersonation token.
	(cygheap_user::reimpersonate): Set processes' or setuid token as
	necessary.
	(cygheap_user::has_impersonation_tokens): Look for curr_primary_token
	value.
	(cygheap_user::close_impersonation_tokens): Close curr_primary_token
	here if necessary.  Don't reset token values to NO_IMPERSONATION since
	that's done in uinfo_init anyway.
	(init_cygheap::luid): New LUID array keeping privilege LUIDs.
	* cygtls.cc (_cygtls::init_thread): Call cygheap->user.reimpersonate.
	* dcrt0.cc (hProcToken): New global variable to keep process token.
	(hProcImpToken): Ditto for process impersonation token.
	(dll_crt0_0): Open process token here once.  Duplicate to create
	hProcImpToken.
	(dll_crt0_1): Call set_cygwin_privileges.
	* environ.cc (allow_ntea): Drop duplicate declaration.
	(allow_smbntsec): Ditto.
	(set_traverse): Only set allow_traverse here.
	(environ_init): Ditto.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Drop call to
	enable_restore_privilege.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::facl): Ditto.
	* fork.cc (fork_child): Move call to cygheap->user.reimpersonate after
	syn with parent. Call set_cygwin_privileges.
	* grp.cc (internal_getgroups): Use hProcImpToken instead of opening
	process token.
	* path.cc (fs_info::update): Bypass traverse checking when retrieving
	volume information using push/pop_thread_privileges.
	* registry.cc (load_registry_hive): Drop setting restore privilege
	since it's already set if available.
	* sec_helper.cc: Include cygtls.h.
	(cygpriv): Privilege string array.
	(privilege_luid): New function, evaluate LUID from cygpriv_idx.
	(privilege_luid_by_name): New function, evaluate LUID from privilege
	string.
	(privilege_name): New function, evaluate privilege string from
	cygpriv_idx.
	(set_privilege): New static function called by set_process_privilege
	and set_thread_privilege.  Call privilege_luid to get privilege LUID.
	Fix bug in return value evaluation. Improve debug output.
	(set_cygwin_privileges): New function.
	(set_process_privilege): Remove.
	(enable_restore_privilege): Remove.
	* security.cc (allow_traverse): New global variable.
	(sys_privs): Change type to cygpriv_idx and store privilege indices
	instead of strings.
	(SYSTEM_PRIVILEGES_COUNT): Renamed from SYSTEM_PERMISSION_COUNT.
	(get_system_priv_list): Don't use numerical constant in malloc call.
	Use privilege_luid to get privilege LUIDs.
	(get_priv_list): Call privilege_luid_by_name to get LUIDs. Improve
	inner privilege LUID comparison loop.
	(create_token): Enable create token privilege using
	push/pop_self_privileges. Use hProcToken instead of opening process
	token. Use default DACL when duplicating token.
	(subauth): Enable tcb privilege using push/pop_self_privileges.
	Use sec_none instead of homw made security attributes when duplicating
	token.
	(check_file_access): Don't duplicate access token, use active
	impersonation token as is.
	* security.h (enum cygpriv_idx): New enumeration type enumerating
	possible privileges.
	(privilege_luid): Declare new function.
	(privilege_luid_by_name): Ditto.
	(privilege_name): Ditto.
	(allow_traverse): Declare.
	(set_privilege): Declare function.
	(set_process_privilege): Define as macro.
	(enable_restore_privilege): Remove declaration.
	(_push_thread_privilege): Define macro.
	(push_thread_privilege): Ditto.
	(pop_thread_privilege): Ditto.
	(pop_self_privilege): Ditto.
	* spawn.cc (spawn_guts): Use cygheap->user.primary_token instead of
	cygheap->user.token.
	* syscalls.cc (statvfs): Bypass traverse checking when retrieving
	volume information using push/pop_thread_privileges. Rearrange code
	to simplify push/pop bracketing.
	(seteuid32): Use hProcToken instead of opening process token. Call
	cygheap->user.deimpersonate instead of RevertToSelf.  Create
	impersonation token from primary internal or external token.  Set
	cygheap->user.curr_primary_token and cygheap->user.current_token
	privileges once here.  Drop "failed" and "failed_ptok" labels.
	Drop setting DefaultDacl of process token.
	(setegid32): Use hProcToken and hProcImpToken instead of opening
	process token. Always reimpersonate afterwards.
	* uinfo.cc (cygheap_user::init): Use hProcToken instead of opening
	process token.
	(internal_getlogin): Ditto. Set hProcImpToken, too.
	(uinfo_init): Initialize cygheap->user.curr_primary_token.
	* winsup.h (hProcToken): Declare.
	(hProcImpToken): Declare.
2005-04-03 13:06:43 +00:00
Christopher Faylor 731028b326 copyright 2005-02-20 04:25:33 +00:00
Christopher Faylor 264f41f081 white space 2005-02-13 18:17:29 +00:00
Pierre Humblet bd0e9c7aa6 2004-06-17 Pierre Humblet <pierre.humblet@ieee.org>
* fhandler.cc (fhandler_base::open_9x): Do not check for null name.
        Move debug_printf to common code line.
        (fhandler_base::open): Ditto. Initialize upath. Remove second argument
        of pc.get_nt_native_path.
        * path.h (path_conv::get_nt_native_path): Remove second argument.
        * path.cc (path_conv::get_nt_native_path): Ditto. Call str2uni_cat.
        * security.h (str2buf2uni_cat): Delete declaration.
        (str2uni_cat): New declaration.
        * security.cc (str2buf2uni): Get length from sys_mbstowcs call.
        (str2buf2uni_cat): Delete function.
        (str2uni_cat): New function.
        * miscfuncs.cc (sys_mbstowcs): Add debug_printf.
2004-06-17 13:34:26 +00:00
Corinna Vinschen e859706578 * autoload.cc (NtCreateFile): Add.
* dir.cc (mkdir): Change set_file_attribute call to indicate that
	NT security isn't used.
	* fhandler.cc (fhandler_base::open_9x): New method, created from
	fhandler_base::open.
	(fhandler_base::open): Rearrange to use NtCreateFile instead of
	CreateFile.
	* fhandler.h (enum query_state): Redefine query_null_access to
	query_stat_control.  query_null_access isn't allowed in NtCreateFile.
	(fhandler_base::open_9x): Declare.
	* fhandler_disk_file.cc (fhandler_base::fstat_fs): Use
	query_stat_control first, query_read_control if that fails.
	(fhandler_disk_file::fchmod): Call enable_restore_privilege before
	trying to open for query_write_control.  Don't fall back to
	opening for query_read_control.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::facl):  Only request restore privilege and query
	access necessary for given cmd.
	* fhandler_raw.cc (fhandler_dev_raw::open): Call fhandler_base::open
	instead of opening device here.
	* ntdll.h (NtCreateFile): Declare.
	* path.cc (symlink_worker): Change set_file_attribute call to indicate
	that NT security isn't used.
	* sec_acl.cc (getacl): Fix bracketing.
	* sec_helper.cc (enable_restore_privilege): New function.
	* security.cc (str2buf2uni_cat): New function.
	(write_sd): Don't request restore permission here.
	* security.h (set_process_privileges): Drop stale declaration.
	(str2buf2uni): Declare.
	(str2buf2uni_cat): Declare.
	(enable_restore_privilege): Declare.
	* syscalls.cc (fchown32): Return immediate success on 9x.
2004-04-16 21:22:13 +00:00
Corinna Vinschen e3d1d51579 * fhandler.cc (fhandler_base::open): Simplify access evaluation
expression.
	(fhandler_base::facl): New method.
	* fhandler.h: Declare facl method in fhandler_base,
	fhandler_disk_file and fhandler_virtual.
	* fhandler_disk_file.cc (fhandler_disk_file::facl): New method.
	* fhandler_virtual.cc (fhandler_virtual::facl): New method.
	* sec_acl.cc: Remove forward declaration for aclsort32 and acl32.
	(setacl): Remove static.  Add and use handle parameter.
	(getacl): Ditto.
	(acl_worker): Reorganize to call fhandler's facl method eventually.
	(facl32): Ditto.
	* security.cc (get_nt_object_security): Remove static.
	* security.h: Add extern declarations for get_nt_object_security,
	aclsort32, acl32, getacl and setacl.


	Apply missing syscalls.cc patch and ChangeLog of previous check in.
	* syscalls.cc (chown_worker): Reorganize to call fhandler's fchown
	method eventually.
	(fchown): Ditto.
2004-04-14 16:36:26 +00:00
Corinna Vinschen ddf9c4a744 * fhandler.cc (fhandler_base::open): Accomodate query_write_control
query_state.
	(fhandler_base::fchown): New method.
	* fhandler.h: Declare fchown method in fhandler_base,
	fhandler_disk_file and fhandler_virtual.
	(enum query_state): Add query_write_control.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Set query_state
	to query_write_control.  Only remove FILE_ATTRIBUTE_READONLY if not
	setting security descriptor.
	(fhandler_disk_file::fchown): New method.
	* fhandler_virtual.cc (fhandler_virtual::fchown): New method.
	* sec_acl.cc (setacl): Call write_sd with additional handle attribute.
	* security.cc (write_sd): Take handle argument.  Only request owner
	if getting SE_RESTORE_NAME privilege failed.  Only open file if
	NtSetSecurityObject failed or handle is NULL.
	(set_nt_attribute): Call write_sd with additional handle attribute.
	* security.h (write_sd): Declare with additional handle argument.
2004-04-14 13:40:07 +00:00
Corinna Vinschen 854c870051 * dir.cc (mkdir): Call set_file_attribute with additional handle
argument.
	* fhandler.cc (fhandler_base::fchmod): New method.
	* fhandler.h: Declare fchmod method in fhandler_base,
	fhandler_disk_file and fhandler_virtual.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): New method.
	(fhandler_base::open_fs): Call set_file_attribute with additional
	handle argument.
	* fhandler_virtual.cc (fhandler_virtual::fchmod): New method.
	* path.cc (symlink_worker): Call set_file_attribute with additional
	handle argument.
	* security.cc (get_nt_object_security): New function.
	(get_nt_object_attribute): Call get_nt_object_security.
	(set_nt_attribute): Add handle argument.  Call get_nt_object_security
	first, read_sd only if that fails.
	(set_file_attribute): Add handle argument.
	* security.h (set_file_attribute): Declare with additional handle
	argument.
	* syscalls.cc (stat_suffixes): Move to beginning of file.
	(chown_worker): Call set_file_attribute with additional handle argument.
	(chmod): Reorganize to call fhandler's fchmod method eventually.
	(fchmod): Ditto.
2004-04-13 20:36:58 +00:00
Corinna Vinschen a9a5b2eab0 * fhandler.cc (fhandler_base::open): Set query access mode according
to query_open setting.
	(fhandler_base::fhandler_base): Initialize query_open.
	* fhandler.h (FH_QUERYOPEN): Drop.
	(enum query_state): Add.
	(class fhandler_base): Add query_open member.
	(fhandler_base::get_query_open): Redefine to use query_open.
	(fhandler_base::set_query_open): Ditto.
	* fhandler_disk_file.cc (fhandler_base::fstat_fs): Remove O_DIROPEN
	from open_flags since it's added in open_fs anyway.  Remove
	query_open_already.  Use new query_open settings.  Rearrange slightly.
	(fhandler_base::fstat_helper): Add get_io_handle as parameter to
	get_file_attribute.
	* security.cc (get_nt_object_attribute): Make returning an int.
	Return -1 on error, 0 otherwise.
	(get_file_attribute): Take an object handle as argument. Move down
	to allow calling get_nt_object_attribute in case a non-NULL handle
	is given.
	* security.h (get_file_attribute): Add handle to argument list.
	* syscalls.cc (chown_worker): Accomodate new definition of
	get_file_attribute.
2004-04-08 07:57:28 +00:00
Christopher Faylor cec4879206 * debug.h (console_printf): Define for non-debugging condition.
* cygtls.h (_threadinfo::lock): Remove wait argument.
(_threadinfo::interrupt_setup): Remove retaddr argument.
* exceptions.cc (_threadinfo::interrupt_setup): Ditto.
(_threadinfo::interrupt_now): Accommodate change to interrupt_setup argument.
(setup_handler): Ditto.  Always lock sig stack prior to determining interrupt
method.
* gendef (_sigfe): Correct thinko regarding cmpxchg.
(_sigbe): Ditto.
(_threadinfo::lock): Ditto.
(_threadinfo::pop): Eliminate left-over stack unlock.
* sigproc.cc (proc_subproc): Chnage debugging output to printed warning.
2004-02-09 04:04:24 +00:00
Corinna Vinschen d82c6f474d * security.h (SID): New macro.
(well_known_*_sid): Change type to cygpsid.
	(cygsid::init): Delete declaration.
	* sec_helper.cc (well_known_*_sid): Define using above SID macro.
	(cygsid::init): Delete.
	* dcrt0.cc (dll_crt0_0): Do not call cygsid::init.
	* security.cc (get_user_local_groups): Change the second argument type
	to cygpsid.
2004-02-05 17:23:19 +00:00
Christopher Faylor 2e008fb91f Change use of BOOL, TRUE, FALSE to bool, true, false, as appropriate,
throughout.
* tty.cc (tty::common_init): Remove call to SetKernelObjectSecurity and edit
some comments.
* cygheap.h (init_cygheap::ctty): Add new element.
* devices.in (device::parse): Remove special handling for /dev/tty.
* devices.cc: Regenerate.
* dtable.cc (build_fh_pc): Don't reset /dev/tty device.  Let the device opener
do that.
* fhandler_termios.cc (tty_min::set_ctty): Redefine to _pinfo class.
* fhandler_tty.cc (fhandler_tty_common::set_close_on_exec): Avoid setting
noninherit flag for ctty.
* tty.h: Move BOOLs to bools.
(tty_min::set_ctty): Redeclare to _pinfo class.
* pinfo.cc (_pinfo::set_ctty): Define new function based on tty_min::set_ctty.
Change first argument from tty number to tty_min class.
* pinfo.h (_pinfo::set_ctty): Declare.
* fhandler_console.cc (fhandler_console::get_tty_stuff): Reflect move of
set_ctty to _pinfo class.
* fhandler_tty.cc (fhandler_tty_slave::open): Treat FH_TTY specially.  Use
saved cygheap value if it exists.  Otherwise convert to real device and save on
first time open.
(fhandler_tty_common::dup): Potentially set controlling tty if duping a slave
tty.
* syscalls.cc (setsid): Close controlling tty in cygheap.
* tty.cc: Change some BOOLs to bools.
2003-12-07 22:37:12 +00:00
Corinna Vinschen 12069cf31b * dir.cc (mkdir): Use local security_descriptor. Call
set_security_attribute appropriately.
	* external.cc (cygwin_internal): Ditto.
	* fhandler.cc (fhandler_base::open): Ditto.
	* fhandler_socket.cc (fhandler_socket::bind): Ditto.
	* path.cc (symlink_worker): Ditto.
	* sec_acl.cc (setacl): Ditto. Call read_sd appropriately.
	(getace): Ditto.
	* sec_helper.cc (security_descriptor::malloc): New method.
	(security_descriptor::realloc): New method.
	(security_descriptor::free): New method.
	* security.cc (read_sd): Get security_descriptor as parameter instead
	of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
	Allocate the security_descriptor buffer according to size returned by
	a call to GetFileSecurity. Return buffer size on success.
	(write_sd): Get security_descriptor as parameter instead of
	PSECURITY_DESCRIPTOR and a size.
	(get_nt_attribute): Use local security_descriptor.
	(get_nt_object_attribute): Ditto in case of type == SE_REGISTRY_KEY.
	Allocate security_descriptor buffer according to size returned by
	a call to RegGetKeySecurity.
	(alloc_sd): Make static. Get security_descriptor as parameter instead
	of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
	(set_security_attribute): Get security_descriptor as parameter instead
	of PSECURITY_DESCRIPTOR and a size.
	(set_nt_attribute): Use local security_descriptor.
	(check_file_access): Ditto.
	* security.h: Add class security_descriptor.
	(read_sd): Change declaration to get security_descriptor as parameter
	instead of PSECURITY_DESCRIPTOR and a size.
	(write_sd): Ditto.
	(set_security_attribute): Ditto.
	(alloc_sd): Remove declaration.
	* thread.cc (semaphore::semaphore): Use local security_descriptor. Call
	set_security_attribute appropriately.
2003-11-26 13:23:27 +00:00
Corinna Vinschen 3db690789f * sec_acl.h (getace): Use FILE_*_BITS as permission mask.
* security.cc (get_attribute_from_acl): Ditto.
	* security.h (FILE_READ_BITS): Define to match also GENERIC bits.
	(FILE_WRITE_BITS): Ditto.
	(FILE_EXEC_BITS): Ditto.
2003-11-26 10:52:21 +00:00
Corinna Vinschen db30fe125f * security.h (cygpsid::debug_print): Avoid compiler warnings. 2003-10-26 10:58:11 +00:00
Pierre Humblet 6806a8b51f 2003-09-26 Pierre Humblet <pierre.humblet@ieee.org>
* uinfo.cc (cygheap_user::init): Make sure the current user appears
	in the default DACL. Rearrange to decrease the indentation levels.
	Initialize the effec_cygsid directly.
	(internal_getlogin): Do not reinitialize myself->gid. Open the process
	token with the required access.
	* cygheap.h (class cygheap_user): Delete members pid and saved_psid.
	Create members effec_cygsid and saved_cygsid.
	(cygheap_user::set_sid): Define inline.
	(cygheap_user::set_saved_sid): Ditto.
	(cygheap_user::sid): Modify.
	(cygheap_user::saved_sid): Modify.
	* cygheap.cc (cygheap_user::set_sid): Delete.
	(cygheap_user::set_saved_sid): Ditto.
	* sec_helper.cc (sec_acl): Set the correct acl size.
	* autoload.cc (FindFirstFreeAce): Add.
	* security.h: Define ACL_DEFAULT_SIZE.
2003-09-27 01:56:36 +00:00
Pierre Humblet c61ada9bd3 2003-09-15 Pierre Humblet <pierre.humblet@ieee.org>
* security.h (__sec_user): Add "access2" argument.
	(sec_acl): Add "original" and "access2" arguments.
	(sec_user): Add "sid2" and "access2" argument. Remove dependence on
	allow_ntsec.
	(sec_user_nih): Ditto.
	* sec_helper.cc (__sec_user): Add "has_security" test.
	Call sec_acl with new arguments, letting it handle original_sid.
	(sec_acl): Add "original" and "access2" arguments. Handle original_sid
	depending on flag but avoiding duplicates. Use "access2" for sid2.
	* pinfo.cc (pinfo::init): Use security attributes created by sec_user
	when creating the mapping.
	* security.cc (create_token): Adjust arguments in call to sec_acl.
	Call sec_user instead of __sec_user.
	* syscall.cc (seteuid32):  Adjust arguments in call to sec_acl. Remove
	now unnecessary test. Remove useless conversions to psid.
	* dcrt0.cc (dll_crt0_1): Call cygsid::init before pinfo_init.
2003-09-16 00:45:50 +00:00
Pierre Humblet 7119fc0d0b 2003-09-09 Pierre Humblet <pierre.humblet@ieee.org>
* shared_info.h: Include security.h.
	(open_shared): Add psa argument.
	(user_shared_initialize): New declaration.
	* security.h: Add _SECURITY_H guard.
	(sec_user): Use sec_none in the no ntsec case.
	* spawn.cc (spawn_guts): Remove call to load_registry_hive.
	* syscalls (seteuid32): If warranted, call load_registry_hive,
	user_shared_initialize and RegCloseKey(HKEY_CURRENT_USER).
	* shared.cc (user_shared_initialize): New.
	(open_shared): Add and use psa argument.
	(memory_init): Move mount table initialization to
	user_shared_initialize. Call it.
2003-09-10 02:12:26 +00:00
Christopher Faylor 3872e9a419 * Makefile.in: Remove cygserver stuff.
* acconfig.h: Add USE_CYGSERVER define.
* config.h.in: Regenerate.
* configure.in: Add --enable-server setting.
* configure: Regenerate.
* fhandler_tty.cc (fhandler_tty_slave::open): Conditionalize compilation of
cygserver stuff.
* fork.cc (fork_child): Ditto.
* shm.cc: Ditto.
* tty.cc (tty::common_init): Ditto.
* dcrt0.cc: Use bool rather than BOOL for CYGWIN environment variable
definitions.
* environ.cc: Ditto.
* ntea.cc: Ditto.
* security.cc: Ditto.
* security.h: Ditto.
* syscalls.cc (check_posix_perm): Remove externs that were already declared in
a header.
* winsup.h: Ditto.  Declare _MT_SAFE here.  Delete it someday since cygwin
should always be _MT_SAFE.
2003-07-02 03:16:00 +00:00
Christopher Faylor a113a3c540 whitespace cleanup 2003-03-09 20:31:07 +00:00
Corinna Vinschen cf762b08cf * dtable.cc (dtable::build_fhandler_from_name): Set some fhandler
data on sockets to evaluate AF_LOCAL sockets correctly.
	(dtable::build_fhandler): Set unit number on sockets.
	* fhandler.h (fhandler_socket): Add unit number.
	(fhandler_socket::get_unit): New method.
	* fhandler_socket.cc (fhandler_socket::fhandler_socket): Set unit
	number.
	(fhandler_socket::fstat): Reorganize to return more Linux-like
	values.
	* net.cc: include ctype.h.
	(fdsock): Set unit number when building fhandler.
	* path.cc (path_conv::check): Set device type to FH_SOCKET if file
	is a AF_UNIX socket.
	(get_devn): Evaluate unit for virtual socket devices.
	(win32_device_name): Set windows path for sockets to unix_path with
	just backslashes to keep the different names.
	* syscalls.cc (fstat64): Don't override st_ino, st_dev and st_rdev
	for sockets.
	(stat_worker): Ditto.

From Pierre Humblet:

	* autoload.cc (AccessCheck): Add.
	(DuplicateToken): Add.
	* security.h (check_file_access): Declare.
	* syscalls.cc (access): Convert path to Windows, check existence
	and readonly attribute. Call check_file_access instead of acl_access.
	* security.cc (check_file_access): Create.
	* sec_acl (acl_access): Delete.
2003-02-21 14:29:18 +00:00
Christopher Faylor 407b8df695 * include/cygwin/in.h (in_attr_t): Define new type.
* include/arpa/inet.h (inet_addr): Change return type to in_addr_t.
(inet_lnaof): Ditto.
(inet_netof): Ditto.
(inet_network): Ditto.
* include/cygwin/types.h: Move many *_t typedefs here.  Protect them with
ifdefs.
* fhandler_disk_file.cc (fhandler_disk_file::fstat): Change ntsec_atts to
mode_t.
* security.cc (get_attribute_from_acl): Accept mode_t attribute.
(get_nt_attribute): Ditto.
(get_file_attribute): Ditto.
(get_nt_object_attribute): Ditto.
(get_object_attribute): Ditto.
* security.h: Reflect above changes.
* syscalls.cc (chown_worker): Change attrib to mode_t.
2003-02-10 22:43:29 +00:00
Corinna Vinschen 565e80155b * security.h: Introduce names UNKNOWN_UID and UNKNOWN_GID and delete
declaration of is_grp_member.
	* uinfo.cc (internal_getlogin): Use UNKNOWN_GID.
	* passwd.cc (pwdgrp::read_passwd): Use UNKNOWN_UID.
	* grp.cc (pwdgrp::read_group): Change group name to provide better
	feedback.
	(getgrgid): Use gid16togid32.
	* sec_helper.cc (is_grp_member): Delete.
2003-02-06 14:01:54 +00:00
Corinna Vinschen 4a21c2d5c8 * security.h (class cygpsid): New class.
(class cygsid): Use cygpsid as base. Remove members psid, get_id,
	get_uid, get_gid, string, debug_printf and the == and != operators.
	(cygsidlist::clear_supp): Only do work if setgroups has been called.
	* sec_helper.cc: Define sid_auth NO_COPY.
	(cygpsid::operator==): New operator.
	(cygpsid::get_id): New function.
	(cygpsid::string): New function.
	(cygsid::string): Delete.
	(cygsid::get_id): Delete.
	* pwdgrp.h: Change arguments of internal_getpwsid,
	internal_getgrsid and internal_getgroups to cygpsid.
	* passwd.cc (internal_getpwsid): Change argument from cygsid to cygpsid.
	* grp.cc (internal_getgrsid): Ditto.
	(internal_getgroups): Ditto.
2003-02-04 14:58:04 +00:00
Corinna Vinschen 153e83c605 * security.h: Add third argument to set_process_privilege.
* autoload.cc: Add OpenThreadToken.
	* sec_helper.cc (set_process_privilege): Add and use use_thread
	argument.
	* security.cc (alloc_sd): Modify call to set_process_privilege.
	Remember the result in each process. If failed and file owner is not
	the user, fail.
2003-02-03 15:55:20 +00:00
Corinna Vinschen 85ecb9be00 2002-12-14 Corinna Vinschen <corinna@vinschen.de>
* dcrt0.cc (dll_crt0_1): Call well known SID initializer function.
	* security.h (cygsid::init): Declare new static method.
	* sec_helper.cc (cygsid::init): New method for initializing well
	known SIDs.

2002-12-14  Pierre Humblet  <pierre.humblet@ieee.org>

	* security.h: Declare well_known_creator_group_sid.
	* sec_helper.cc: Define and initialize well_known_creator_group_sid.
2002-12-14 17:23:42 +00:00
Corinna Vinschen d6ffc07588 2002-12-10 Pierre Humblet <pierre.humblet@ieee.org>
* pwdgrp.h (pwdgrp_check::pwdgrp_state): Replace by
	pwdgrp_check::isinitializing ().
	(pwdgrp_check::isinitializing): Create.
	* passwd.cc (grab_int): Change type to unsigned, use strtoul and
	set the pointer content to 0 if the field is invalid.
	(parse_pwd): Move validity test after getting pw_gid.
	(read_etc_passwd): Replace "passwd_state <= " by
	passwd_state::isinitializing ().
	(internal_getpwuid): Ditto.
	(internal_getpwnam): Ditto.
	(getpwent): Ditto.
	(getpass): Ditto.
	* grp.cc (parse_grp): Use strtoul for gr_gid and verify the validity.
	(read_etc_group): Replace "group_state <= " by
	group_state::isinitializing ().
	(internal_getgrgid): Ditto.
	(getgrent32): Ditto.
	(internal_getgrent): Ditto.

2002-12-10  Pierre Humblet <pierre.humblet@ieee.org>

	* security.h: Move declarations of internal_getgrent,
	internal_getpwsid and internal_getgrsid to pwdgrp.h.
	* pwdgrp.h: Declare internal_getpwsid, internal_getpwnam,
	internal_getpwuid, internal_getgrsid, internal_getgrgid,
	internal_getgrnam, internal_getgrent and internal_getgroups.
	Delete "emulated" from enum pwdgrp_state.
	(pwdgrp_check::isuninitialized): Create.
	(pwdgrp_check::pwdgrp_state): Change state to initializing
	rather than to uninitialized.
	(pwdgrp_read::gets): Remove trailing CRs.
	* passwd.cc (grab_string): Don't look for NLs.
	(grab_int): Ditto.
	(parse_pwd): Don't look for CRs. Return 0 if entry is too short.
	(search_for): Delete.
	(read_etc_passwd): Simplify tests to actually read the file.
	Set state to loaded before making internal_getpwXX calls.
	Replace search_for calls by equivalent internal_pwgetXX calls.
	(internal_getpwsid): Use passwd_state.isuninitialized to decide
	to call read_etc_passwd.
	(internal_getpwuid): Create.
	(internal_getpwnam): Create.
	(getpwuid32): Simply call internal_getpwuid.
	(getpwuid_r32): Call internal_getpwuid.
	(getpwnam): Simply call internal_getpwnam.
	(getpwnam_r): Call internal_getpwnam.
	* grp.cc (parse_grp): Don't look for CRs. Adjust blank space.
	(add_grp_line): Adjust blank space.
	(class group_lock): Ditto.
	(read_etc_group): Simplify tests to actually read the file.
	Set state to loaded before making internal_getgrXX calls.
	Replace getgrXX calls by equivalent internal calls.
	(internal_getgrsid): Use group_state.isuninitialized to decide
	to call read_etc_group.
	(internal_getgrgid): Create.
	(internal_getgrnam): Create.
	(getgroups32): Simply call internal_getgrgid.
	(getgrnam32): Simply call internal_getgrnam.
	(internal_getgrent): Call group_state.isuninitialized.
	(internal_getgroups): Create from the former getgroups32, using
	two of the four arguments. Set gid to myself->gid and username
	to cygheap->user.name ().
	(getgroups32): Simply call internal_getgroup.
	(getgroups): Call internal_getgroup instead of getgroups32.
	(setgroups32): Call internal versions of get{pw,gr}XX.
	* sec_helper.cc: Include pwdgrp.h.
	(is_grp_member): Call internal versions of get{pw,gr}XX.
	* security.cc: Include pwdgrp.h.
	(alloc_sd): Call internal versions of get{pw,gr}XX.
	* syscalls.cc: Include pwdgrp.h.
	(seteuid32): Call internal versions of get{pw,gr}XX.
	(setegid32): Ditto.
	* uinfo.cc: Include pwdgrp.h.
	(internal_getlogin): Call internal versions of get{pw,gr}XX.
	(cygheap_user::ontherange): Ditto.
	* sec_acl.cc: Include pwdgrp.h.
	(setacl): Call internal versions of get{pw,gr}XX.
	(acl_access): Ditto and simplify logic.
	(aclfromtext): Ditto.
2002-12-10 12:43:49 +00:00