* include/cygwin/version.h: Bump API minor version.
* cygheap.h (class cygheap_user): Add member groups.
* security.h (class cygsidlist): Add members type and maxcount,
methods position, addfromgr, alloc_sids and free_sids and
operator+= (const PSID psid). Modify contains () to call
position () and optimize add () to use maxcount.
(class user_groups): Create.
Update declarations of verify_token and create_token.
* security.cc (cygsidlist::alloc_sids): New.
(cygsidlist::free_sids): New.
(get_token_group_sidlist): Create from get_group_sidlist.
(get_initgroups_sidlist): Create from get_group_sidlist.
(get_group_sidlist): Suppress.
(get_setgroups_sidlist): Create.
(verify_token): Modify arguments. Add setgroups case.
(create_token): Modify arguments. Call get_initgroups_sidlist and
get_setgroups_sidlist as needed. Set SE_GROUP_LOGON_ID from auth_pos
outside of the loop. Rename the various group sid lists consistently.
* syscalls.cc (seteuid32): Modify to use cygheap->user.groups.
(setegid32): Call cygheap->user.groups.update_pgrp.
* grp.cc (setgroups): Create.
(setgroups32): Create.
* uinfo.cc (internal_getlogin): Initialize and update user.groups.pgsid.
* cygwin.din: Add setgroups and setgroups32.
(cygheap_user::logsrv): New method.
(cygheap_user::winname): Ditto.
(cygheap_user::domain): Ditto.
(cygheap_user::test_uid): Ditto.
* cygheap.cc (cygheap_user::set_name): Reflect name "pwinname" name change.
* environ.cc (getwinenveq): New function.
(spenv::from_cygheap): Change arguments.
(spenv::retrieve): Ditto for call. Use getwinenveq to retrieve info from
environment. Always return value from cygwin environment, if it exists.
* environ.h (getwinenveq): Declare.
* uinfo.cc (cygheap_user::ontherange): Use logsrv() rather than env_logsrv().
(cygheap_user::test_uid): Define new method.
(cygheap_user::env_logsrv): Accept environment arguments. Use test_uid to find
info.
(cygheap_user::env_domain): Ditto.
(cygheap_user::env_userprofile): Ditto.
(cygheap_user::env_homepath): Ditto.
(cygheap_user::env_homedrive): Ditto.
(cygheap_user::env_name): Ditto.
(cygheap_user::env_logsrv): Verify env_domain is valid.
* environ.cc: Include child_info.h and keep spenvs[] sorted.
(environ_init): Check child_proc_info instead of myself->ppid_handle.
* environ.cc (spenv::retrieve): Add debugging statements.
* pinfo.cc (set_myself): Don't call strace.hello if already stracing.
* strace.cc (strace): Move NO_COPY keyword so that it will actually take
effect.
* cygheap.cc (cygheap_user::set_name): Clear winname when name changes.
* uinfo.cc (cygheap_user::env_logsrv): Avoid calculating server when Windows
user == SYSTEM.
(cygheap_user::env_domain): Set winname here too.
(cygheap_user::env_userprofile): Eliminate superfluous tests.
(cygheap_user::env_name): Seed winname by calling env_domain().
* environ.cc (build_env): Add debugging statement.
(spenvs): Switch functions for USERDOMAIN and USERNAME.
* spawn.cc (spawn_guts): Move environment initialization prior to
cygheap_setup_for_child or environment info will never be copied to child.
(cygheap_user::set_domain): Ditto.
* cygheap.h (cygheap_user::set_logsrv): Remove declaration.
(cygheap_user::set_domain): Ditto.
(cygheap_user::env_domain): Declare new method.
(cygheap_user::env_name): Ditto.
* environ.cc (spenvs): Add two environment variables.
* spawn.cc (spawn_guts): Call build_env after RevertToSelf. Always set
ciresrv.mount_h.
(cygheap_user::ontherange): Recalculate homedrive/homepath if they are empty.
Use env_logsrv to get logon server.
(cygheap_user::env_logsrv): Calculate server name here rather than relying on
it having been previously calculated.
(cygheap_user::env_domain): Ditto for domain name.
(cygheap-user::env_name): New method.
* syscalls.cc (seteuid32): Do not get or set the environment. Do not call
LookupAccountSid nor internal_getlogin. Set cygheap->user name and sid from
the passwd entry.
* uinfo.cc (uinfo_init): Only call internal_getlogin when starting from a non
Cygwin process and use the values returned in user.
(internal_getlogin): Simplify to case where starting from a non Cygwin process.
Store return values in user and return void. Do not set the Windows default
environment.
* dcrt0.cc (dll_crt0_1): Call uinfo_init only when needed. Do not set
myself->uid nor reset user.sid.
* spawn.cc (spawn_guts): Get the sid from cygheap->user. Always
RevertToSelf(). Don't set uid in impersonated case.
* cygheap.cc (cygheap_user::set_sid): Do not set orig_sig.
(cygheap_user::set_orig_sid): New.
* cygheap.h: Declare cygheap_user::set_sid.
* winsup.h: Add argument to uinfo_init().
user name change.
(cygheap_user::set_logsrv): Allocate enough space for leading \\ so that we can
put this in the environment, if needed.
* cygheap.h (homebodies): New enum.
(cygheap_user::homedrive): New field.
(cygheap_user::homepath): Ditto.
(cygheap_user::env_logsrv): New method.
(cygheap_user::env_homepath): New method.
(cygheap_user::env_homedrive): New method.
(cygheap_user::env_userprofile): New method.
(cygheap_user::ontherange): New method.
* environ.cc (envsize): Eliminate debugging argument.
(environ_init): Assume that envc counts number of elments not total size.
(spenv): New class.
(spenvs): New array, renamed from forced_winenv_vars, using spenv.
(spenv::retrieve): New method.
(build_env): Rename from 'winenv' -- one stop shopping for building new
environment blocks for both windows and "unix".
* environ.h (build_env: Declare.
(winenv): Delete declaration.
(envsize): Ditto.
* spawn.cc (spawn_guts): Use build_env to build windows and cygwin environment
blocks.
* uinfo.cc (internal_getlogin): Eliminate environment manipulation. Default to
info from GetUserName if it exists. Move HOMEPATH and HOMEDRIVE stuff
elsewhere. Move HOME setting elsewhere. Only set HOME environment variable in
processes that are not parented by a cygwin process.
(cygheap_user::ontherange): Define new method.
(cygheap_user::env_logsrv): Ditto.
(cygheap_user::env_homepath): Ditto.
(cygheap_user::env_homedrive): Ditto.
(cygheap_user::env_userprofile): Ditto.
* security.cc (alloc_sd): Remove logsrv argument.
Remove two calls to lookup_name.
(set_security_attribute): Remove logsrv argument.
Remove logsrv argument in call to alloc_sd.
(set_nt_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_security_attribute.
(set_file_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_nt_attribute.
(set_file_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_file_attribute.
* syscalls.cc (chown_worker): Remove logserver argument in
call to set_file_attribute.
(chmod): Ditto.
* shm.cc (shmget): Remove logsrv argument in call to alloc_sd.
* uinfo.cc (internal_getlogin): Replace calls to
lookup_name by call to LookupAccountName.
* security.h: Remove logsrv in declarations of set_file_attribute
and alloc_sd. Remove declaration of lookup_name.
(get_lsa_srv_inf): Suppressed.
(get_logon_server_and_user_domain): Suppressed.
(get_logon_server): Essentially new.
(get_user_groups): Add "domain" argument. Only lookup the
designated server and use "domain" in LookupAccountName.
(is_group_member): Simplify the arguments.
(get_user_local_groups): Simplify the arguments. Do only a
local lookup. Use "BUILTIN" and local domain in LookupAccountName.
(get_user_primary_group). Only lookup the designated server.
(get_group_sidlist): Remove logonserver argument. Do not lookup
any server for the SYSTEM account.
(create_token): Delete logonserver and call to get_logon_server.
Adjust arguments of get_group_sidlist, see above.
* security.h: Delete declaration of get_logon_server_and_user_domain
and add declaration of get_logon_server.
* uinfo.cc (internal_get_login): Call get_logon_server instead of
get_logon_server_and_user_domain.
* fhandler.h (fhandler_proc::fill_filebuf): Take a pinfo argument.
* fhandler_proc.cc (fhandler_proc::get_proc_fhandler): Simplify search for
given pid.
(fhandler_proc::readdir): Assume that pid exists if it shows up in the winpid
list.
* fhandler_process.cc (fhandler_process::open): Simplify search for given pid.
Call fill_filebuf with pinfo argument.
(fhandler_process::fill_filebuf): Pass pinfo here and assume that it exists.
* pinfo.h (pinfo::remember): Define differently if sigproc.h is not included.
* dll_init.cc (dll_list::detach): Don't run destructor on exit.
where appropriate, throughout. Remove unneeded exceptions.h, where
appropriate, throughout. Remove unneeded perprocess.h, where appropriate,
throughout.
* uinfo.cc (uinfo_init): Use more robust method for determining if process was
invoked from a non-cygwin process.
* sync.h (muto::init): Eliminate "inheritance" parameter.
(new_muto): Reflect removal of parameter.
* sync.cc (muto::init): Ditto.
* cygheap.cc (cygheap_init): Ditto.
* debug.cc (threadname_init): Ditto.
* exceptions.cc (events_init): Ditto.
* malloc.cc (malloc_init): Ditto.
* path.cc (cwdstuff::init): Ditto.
* sigproc.cc (sigproc_init): Ditto.
* grp.cc (group_lock): Use different method for locking with static member.
(read_etc_group): REALLY ensure that read lock mutex is released.
* passwd.cc (passwd_lock): Use different method for locking with static member.
(read_etc_passwd): REALLY ensure that read lock mutex is released.
* shared.cc (sec_user): Correct reversed inheritance test.
* syscalls.cc (seteuid): Unset environment variables HOMEDRIVE and
HOMEPATH before calling internal_getlogin().
* uinfo.cc (internal_getlogin): Use default HOMEPATH and HOMEDRIVE
from environment if both are present, else query NetUserGetInfo().
operators to simplify testing for directory and attributes, throughout.
* path.h (path_conv::exists): New method.
(path_conv::has_attribute): Ditto.
(path_conv::isdir): Ditto.
(path_conv::DWORD &): New operator.
(path_conv::int &): Ditto.
* dir.cc (rmdir): Eliminate a goto.
* dtable.cc (dtable::build_fhandler): Accept opt and suffix info for
path_conv.check. Return fh == NULL on path_conv error. Pass unit to set_name
as appropriate.
(dtable::reset_unix_path_name): New method.
* dtable.h (dtable): Declare new method. Reflect arg changes to
build_fhandler.
* fhandler.cc (fhandler_disk_dummy_name): Eliminate.
(fhandler_base::set_name): Expect paths to be NULL. Build unix_path_name from
win32_path_name when it is a device.
(fhandler_base::reset_unix_path_name): New method.
(fhandler_base::raw_read): Report EISDIR when ERROR_INVALID_FUNCTION or
ERROR_INVALID_PARAMETER and reading a directory.
(fhandler_disk_file::fstat): Don't call stat_dev since we should now never be
calling fhandler_disk_file methods with devices.
(fhandler_base::fhandler_base): Clear {unix,win32}_path_name.
(fhandler_base::~fhandler_base): Always free {unix,win32}_path_name.
(fhandler_disk_file::fhandler_disk_file): Remove set_no_free_names kludge.
(fhandler_disk_file::open): Ditto.
* fhandler.h (fhandler_base::no_free_names): Eliminate.
(fhandler_base::set_no_free_names): Ditto.
* fhandler_tty.cc (fhandler_tty_slave::fhandler_tty_slave): Don't set
unix_path_name here.
* path.cc (fchdir): Lock fd table throughout. Use new
dtable::reset_unix_path_name method to reset path.
* syscalls.cc (stat_worker): Reorganize to always call fstat method. Pass
path_conv method to fhandler_*::open.
(chroot): Elminate a goto.
* dcrt0.cc (set_os_type): Set 'iswinnt' appropriately.
* cygheap.cc (init_cheap): Revert to using VirtualAlloc for allocating cygheap.
(cygheap_setup_for_child_cleanup): New function. Standard function to call
after calling CreateProcess to cleanup cygheap info passed to child.
(cygheap_fixup_in_child): Copy cygheap from shared memory into allocated space
under Windows 9x or if can't relocate shared space under NT.
* cygheap.h: Declare new function.
* spawn.cc (spawn_guts): Use cygheap_fixup_in_child.
* fork.cc (fork_parent): Ditto.
* winsup.h: Declare iswinnt.
fhandler.h.
* fhandler.h (fhandler_base::get_inheritance): New method.
* fhandler_socket.cc (fhandler_socket::create_secret_event): Use proper
close-on-exec inheritance when creating.
(fhandler_socket::check_peer_secret_event): Create handle as non-inheritable.
* path.cc (chdir): Guard against invalid parameter.
(fchdir): New function.
* include/cygwin/version.h: Bump API minor version to 40.
* uinfo.cc (internal_getlogin): Remove unused variable.
USERDOMAIN before impersonation to workaround a LookupAccountSid()
misbehaviour.
* uinfo.cc (internal_getlogin): Revert most of the previous change.
Don't set environment variables USERNAME and USERDOMAIN. That's
the job of seteuid() now. Try to get logon server from Lsa
only if logon server isn't already known.
(cygsid::getfromgr): Ditto.
* security.cc: Use `sys_mbstowcs' and `sys_wcstombs' throughout.
(extract_nt_dom_user): Try to get user and domain from SID in
pw->pw_gecos first.
* security.h (class cygsid): Change parameter of getfrompw() and
getfromgr() to `const'.
* uinfo.cc (internal_getlogin): Change order for evaluating user
information in winNT case. Drop usage of NetWkstaUserGetInfo().
`LsaClose', `LsaEnumerateAccountRights', `LsaFreeMemory',
`LsaOpenPolicy', `LsaQueryInformationPolicy', `NetLocalGroupEnum',
`NetLocalGroupGetMembers', `NetServerEnum', `NetUserGetGroups' and
`NtCreateToken'.
* ntdll.h: Add declaration for `NtCreateToken'.
* sec_helper.cc: Add `well_known_local_sid', `well_known_dialup_sid',
`well_known_network_sid', `well_known_batch_sid',
`well_known_interactive_sid', `well_known_service_sid' and
`well_known_authenticated_users_sid'.
(cygsid::string): Define as const method.
(cygsid::get_sid): Set psid to NO_SID on error.
(cygsid::getfromstr): Ditto.
(cygsid::getfrompw): Simplify.
(cygsid::getfromgr): Check for gr == NULL.
(legal_sid_type): Move to security.h.
(set_process_privilege): Return -1 on error, otherwise 0 or 1 related
to previous privilege setting.
* security.cc (extract_nt_dom_user): Remove `static'.
(lsa2wchar): New function.
(open_local_policy): Ditto.
(close_local_policy): Ditto.
(get_lsa_srv_inf): Ditto.
(get_logon_server): Ditto.
(get_logon_server_and_user_domain): Ditto.
(get_user_groups): Ditto.
(is_group_member): Ditto.
(get_user_local_groups): Ditto.
(sid_in_token_groups): Ditto.
(get_user_primary_group): Ditto.
(get_group_sidlist): Ditto.
(get_system_priv_list): Ditto.
(get_priv_list): Ditto.
(get_dacl): Ditto.
(create_token): Ditto.
(subauth): Return immediately if SE_TCB_NAME can't be assigned.
Change all return statements in case of error to jumps to `out'
label. Add `out' label to support cleanup.
* security.h: Add extern declarations for `well_known_local_sid',
`well_known_dialup_sid', `well_known_network_sid',
`well_known_batch_sid', `well_known_interactive_sid',
`well_known_service_sid' and `well_known_authenticated_users_sid'.
Add extern declarations for functions `create_token',
`extract_nt_dom_user' and `get_logon_server_and_user_domain'.
(class cygsid): Add method `assign'. Change operator= to call new
`assign' method. Add `debug_print' method.
(class cygsidlist): New class.
(legal_sid_type): Moved from sec_helper.cc to here.
* spawn.cc (spawn_guts) Revert reversion of previous patch.
Call `RevertToSelf' and `ImpersonateLoggedOnUser' instead of `seteuid'
again.
* syscalls.cc (seteuid): Rearranged. Call `create_token' now when
needed. Call `subauth' if `create_token' fails. Try setting token
owner and primary group only if token was not explicitely created
by `create_token'.
* uinfo.cc (internal_getlogin): Try harder to generate correct user
information. Especially don't trust return value of `GetUserName'.
Corinna Vinschen
Christopher Faylor