`LsaClose', `LsaEnumerateAccountRights', `LsaFreeMemory',
`LsaOpenPolicy', `LsaQueryInformationPolicy', `NetLocalGroupEnum',
`NetLocalGroupGetMembers', `NetServerEnum', `NetUserGetGroups' and
`NtCreateToken'.
* ntdll.h: Add declaration for `NtCreateToken'.
* sec_helper.cc: Add `well_known_local_sid', `well_known_dialup_sid',
`well_known_network_sid', `well_known_batch_sid',
`well_known_interactive_sid', `well_known_service_sid' and
`well_known_authenticated_users_sid'.
(cygsid::string): Define as const method.
(cygsid::get_sid): Set psid to NO_SID on error.
(cygsid::getfromstr): Ditto.
(cygsid::getfrompw): Simplify.
(cygsid::getfromgr): Check for gr == NULL.
(legal_sid_type): Move to security.h.
(set_process_privilege): Return -1 on error, otherwise 0 or 1 related
to previous privilege setting.
* security.cc (extract_nt_dom_user): Remove `static'.
(lsa2wchar): New function.
(open_local_policy): Ditto.
(close_local_policy): Ditto.
(get_lsa_srv_inf): Ditto.
(get_logon_server): Ditto.
(get_logon_server_and_user_domain): Ditto.
(get_user_groups): Ditto.
(is_group_member): Ditto.
(get_user_local_groups): Ditto.
(sid_in_token_groups): Ditto.
(get_user_primary_group): Ditto.
(get_group_sidlist): Ditto.
(get_system_priv_list): Ditto.
(get_priv_list): Ditto.
(get_dacl): Ditto.
(create_token): Ditto.
(subauth): Return immediately if SE_TCB_NAME can't be assigned.
Change all return statements in case of error to jumps to `out'
label. Add `out' label to support cleanup.
* security.h: Add extern declarations for `well_known_local_sid',
`well_known_dialup_sid', `well_known_network_sid',
`well_known_batch_sid', `well_known_interactive_sid',
`well_known_service_sid' and `well_known_authenticated_users_sid'.
Add extern declarations for functions `create_token',
`extract_nt_dom_user' and `get_logon_server_and_user_domain'.
(class cygsid): Add method `assign'. Change operator= to call new
`assign' method. Add `debug_print' method.
(class cygsidlist): New class.
(legal_sid_type): Moved from sec_helper.cc to here.
* spawn.cc (spawn_guts) Revert reversion of previous patch.
Call `RevertToSelf' and `ImpersonateLoggedOnUser' instead of `seteuid'
again.
* syscalls.cc (seteuid): Rearranged. Call `create_token' now when
needed. Call `subauth' if `create_token' fails. Try setting token
owner and primary group only if token was not explicitely created
by `create_token'.
* uinfo.cc (internal_getlogin): Try harder to generate correct user
information. Especially don't trust return value of `GetUserName'.
* autoload.cc: Pull in autoload.h. Eliminate many macros. Rewrite to avoid
necessity of initialization routines. Just use a standard one.
(wsock_init): New function. Moved from net.cc.
* net.cc (wsock_init): Move to autoload.cc.
(wsadata): Make global.
* dtable.cc (dtable::build_fhandler): Use more reliable method for checking if
net stuff has been loaded.
* security.h: New define `NO_SID'. Remove declarations of functions
moved to methods into class cygsid.
(class cygsid): Declare new methods `getfromstr', `get_sid',
`getfrompw', `getfromgr', `get_rid', `get_uid', `get_gid', `string'
and new constructors and operators =, == and !=.
Declare new global cygsids `well_known_XXX_sid' substituting the
corresponding `get_XXX_sid' functions. Remove declarations of
these functions.
* sec_helper.cc (well_known_admin_sid): New global variable.
(well_known_system_sid): Ditto
(well_known_creator_owner_sid): Ditto
(well_known_world_sid): Ditto
(cygsid::string): New method, substituting `convert_sid_to_string_sid'.
(cygsid::get_sid): New method, substituting `get_sid'.
(cygsid::getfromstr): New method, substituting
`convert_string_sid_to_sid'.
(cygsid::getfrompw): New method, substituting `get_pw_sid'.
(cygsid::getfromgr): New method, substituting `get_gr_sid'.
(cygsid::get_id): New method, substituting `get_id_from_sid'.
(get_admin_sid): Eliminated.
(get_system_sid): Ditto.
(get_creator_owner_sid): Ditto.
(get_world_sid): Ditto.
* grp.cc: Use new cygsid methods and well known sids throughout.
* registry.cc: Ditto.
* sec_acl.cc: Ditto.
* security.cc: Ditto.
* shared.cc: Ditto.
* syscalls.cc (seteuid): Ditto. Eliminate redundant conditional.
* uinfo.cc (internal_getlogin): Ditto.
* spawn.cc (spawn_guts) Revert previous patch.
`WSACloseEvent', `WSACreateEvent', `WSAGetOverlappedResult',
`WSARecv', `WSARecvFrom', `WSASend', `WSASendTo' and `WSASetEvent',
`WSAWaitForMultipleEvents'.
* net.cc: Define wsock_evt.
(wsock_event): New class.
(cygwin_sendto): Use overlapped socket io if available.
(cygwin_recvfrom): Ditto.
(cygwin_recv): Ditto.
(cygwin_send): Ditto.
* security.cc (subauth): Set Win32 error to 0 to safely ask for the
error code of dynamically loaded function `LsaRegisterLogonProcess'.
* fhandler_termios.cc (fhandler_termios::echo_erase): New method for echoing
erase characters.
(fhandler_termios::line_edit): Check the echo flag before echoing control
characters (from Kazuhiro Fujieda <fujieda@jaist.ac.jp>).
(_crealloc): Ditto.
* dcrt0.cc (dll_crt0_1): Default to always checking for executable for now.
* dtable.cc (dtable::not_open): Move method.
* dtable.h (dtable): Here.
* exceptions.cc (ctrl_c_handler): Don't expect process group leader to handle a
signal if it doesn't exist.
* fhandler.h (fhandler_base): Make openflags protected.
* localtime.c (tzsetwall): Check for __CYGWIN__ as well as __WIN32__.
* path.cc (path_conv::check): Add some comments. Change strcat to assignment.
* lib/_cygwin_S_IEXEC.cc (_cygwin_bob__): Eliminate.
* fhandler_tty.cc (fhandler_console::dup): Set controlling terminal if
necessary.
* fhandler_tty.cc (fhandler_tty_slave::dup): Ditto.
* thread.h (pthread_cond): New element cond_access to allow atomic broadcasts.
* thread.cc (pthread_cond::pthread_cond): Initialise cond_access.
(pthread_cond::~pthread_cond): Destroy cond_access.
(pthread_cond::Broadcast): Use cond_access.
(pthread_cond::Signal): Use cond_access.
(pthread_cond_wait): Use cond_access.
(pthread_cond_timedwait): Use cond_access.
(stack_info::init): Add extra arguments to control method of initialization..
If we have a known good frame, set things up so that this frame is not skipped
the first time through. Record whether caller cares about arguments or not.
(stack_info::walk): Don't store arguments if they're unwanted.
(stackdump): Add isexception parameter for use when called by exception
handler.
(cygwin_stackdump): Accomodate extra argument to stackdump.
(handle_exceptions): Ditto.
(sig_handle): Ditto.
(interrupt_on_return): Accomodate extra arguments to stack walk initialization.
* pinfo.h: Correctly set __SIGOFFSET.
* path.cc (hash_path_name): Avoid calling library functions for simple copying
of characters.
* shortcut.c: Use WIN32_LEAN_AND_MEAN.
* smallprint.c: Ditto.
* environ.cc (getwinenv): Minor clarity fix.
* localtime.c: No need to include windows.h
* string.h: New file.
Redefine wrapper for wsock32.dll and ws2_32.dll.
(std_dll_init): New function.
* autoload.h: Rename LoadDLLinitfunc to LoadDLLinitfuncdef.
Add new defines LoadDLLinitfunc and LoadDLLstdfunc.
* net.cc (wsock_init): Add guard variable handling. Take care
to call WSAStartup only once. Load WSAStartup without using
autoload wrapper to eliminate recursion. Eliminate FIONBIO
and srandom stuff.
(mount_info::conv_to_win32_path): Eliminate now-unneeded relative path name arg
and processing.
(path_conv::check): Accomodate relative path names again. Accomodate one extra
argument in mount_info::conv_to_win32_path. Tack trailing slash on end of
relative path as a side effect, like before.
* shared_info.h (mount_info::conv_to_win32_path): Reflect new argument
ordering.
Add LoadDLLfuncEx statements for AllocateLocallyUniqueId@4,
DuplicateTokenEx@24, LsaNtStatusToWinError@4,
LsaDeregisterLogonProcess@4, LsaFreeReturnBuffer@4,
LsaLogonUser@56, LsaLookupAuthenticationPackage@12,
LsaRegisterLogonProcess@12,
* environ.cc: Add extern declaration for `subauth_id'.
(subauth_id_init): New function for setting `subauth_id'.
(struct parse_thing): Add entry for `subauth_id'.
* fork.cc (fork_parent): Call `RevertToSelf' and
`ImpersonateLoggedOnUser' instead of `seteuid'.
* security.cc: Define global variable `subauth_id'.
(extract_nt_dom_user): New function.
(cygwin_logon_user): Call `extract_nt_dom_user' now.
(str2lsa): New static function.
(str2buf2lsa): Ditto.
(str2buf2uni): Ditto.
(subauth): Ditto.
* security.h: Add prototype for `subauth'.
* spawn.cc (spawn_guts): Use cygheap->user.token only if impersonated.
Use `cygsid' type. Remove impersonation before allowing access to
workstation/desktop to everyone. Call `RevertToSelf' and
`ImpersonateLoggedOnUser' instead of `seteuid'.
* syscalls.cc (seteuid): Rearranged to allow using subauthentication
to retrieve user tokens when needed.
(read_etc_group): Substitute MAX_DOMAIN_NAME by
INTERNET_MAX_HOST_NAME_LENGTH.
* passwd.cc (parse_pwd): Don't force pw_name to be lower case.
* sec_helper.cc: Substitute MAX_USER_NAME by UNLEN,
MAX_COMPUTERNAME_LENGTH by INTERNET_MAX_HOST_NAME_LENGTH throughout.
(lookup_name): Slight cleanup.
* security.cc (alloc_sd): Substitute MAX_USER_NAME by UNLEN.
* security.h: Define DEFAULT_UID as DOMAIN_USER_RID_ADMIN and
DEFAULT_GID as DOMAIN_ALIAS_RID_ADMINS.
* shared.cc (memory_init): Substitute MAX_USER_NAME by UNLEN.
* thread.h: Ditto.
* uinfo.cc (internal_getlogin): Substitute MAX_USER_NAME by UNLEN.
Substitute MAX_COMPUTERNAME_LENGTH and MAX_HOST_NAME by
INTERNET_MAX_HOST_NAME_LENGTH.
* winsup.h: Include lmcons.h. Eliminate MAX_USER_NAME and
MAX_HOST_NAME. Move DEFAULT_UID and DEFAULT_GID to security.h.
(init_exceptions): Just use init_exception_handler.
(open_stackdumpfile): New function.
(stack_info::first_time): Eliminate.
(stack_info::init): Set up fields to avoid "first_time" consideration.
(stack_info::walk): Remove "first_time" consideration.
(stackdump): Change arguments to accept initial frame pointer and open stack
file flag.
(stack): Eliminate.
(cygwin_stackdump): Use stackdump() rather than stack().
(try_to_debug): Remove all synchronization logic. Just keep looping in
exception handler until debugger notices us. Return 1 if successfully started
debugger.
(handle_exceptions): Just return if we know that we're debugging. Reorganize
to avoid creating a stackdump file if we are starting a debugger. Return from
exception handler if debugger started successfully.
(sig_handle): Create a stackdump only if debugger wasn't started.
* winsup.h (try_to_debug): Add an argument.
back to path_conv::check. Clear symlink bit from pflags argument before
detecting if this is a symlink.
(path_conv::check): Convert posix path here instead of symlink_info::check.
Only grab volflags when using ntsec.
(symlink_info::check_case): Just replace appropriate part of input path.
Throughout, change 'OutputStopped' to 'output_stopped', for consistency.
* dtable.cc (stdio_init): Set controlling tty if not set by stdio opens.
* exceptions.cc (ctrl_c_handler): Avoid special pgid checking if no tty is
associated with the process.
(Suggested by Tim Baker <dbaker@direct.ca>)
* external.cc (fillout_pinfo): Return actual tty number for ctty.
* fhandler_console.cc (get_tty_stuff): Set ctty when shared memory is
allocated. Accept flags input from open().
(set_console_ctty): New function.
(fhandler_console::open): Pass flags to get_tty_stuff and rely on this function
to set the ctty, if appropriate.
* fhandler_termios.cc (fhandler_termios::set_ctty): Move to tty_min class.
* fhandler_tty.cc (fhandler_tty_slave::open): Use tc field to access
set_ctty().
* tty.h (TTY_CONSOLE): Move to include/sys/cygwin.h.
(tty_min): Add set_ctty class here.
* include/sys/cygwin.h (TTY_CONSOLE): New home here.
* path.cc (symlink_info): Make contents an actual buffer. Pass more flags to
case_check.
(path_conv::check): Reorganize to do parsing based on posix path rather than
native path.
(symlink_info::check): Expect posix path as input. Translate to native path
here. Accept path_conv flags. Stop parsing if not a symlink regardless of
whether previous path was a symlink.
structure of newlib.
* sigproc.h (sig_send): Add exception parameter to sig_send.
* sigproc.cc (sig_send): Ditto. Use it when setting frame info.
* exceptions.cc (handle_exceptions): Use exception flag when calling sig_send.
[sigframe::~sigframe]: Clear exception field.
[sigframe::set]: Set exception field from caller.
* sigproc.cc (sig_send): Set exception field when frame pointer is passed in.
* exceptions.cc (interrupt_on_return): Always treat exception as interruptible.
* cygheap.cc: Include security.h.
* grp.cc (internal_getgrent): New function.
(getgroups): Rearranged using `internal_getgrent' and the new
`cygsid' class.
* passwd.cc (internal_getpwent): New function.
* sec_acl.cc: Use new `cygsid' class throughout.
(acl_access): Use `internal_getgrent' instead of `getgrent'.
* sec_helper.cc: Use new `cygsid' class throughout.
(get_id_from_sid): Use `internal_getgrent' instead of `getgrent'.
Use `internal_getpwent' instead of `getpwent'.
* security.cc: Use new `cygsid' class throughout.
* security.h: Move `MAX_SID_LEN' from winsup.h to here.
Add extern declarations for `internal_getgrent' and `internal_getpwent'.
(class cygsid): New class.
* shared.cc (sec_user): Use new `cygsid' class.
* syscalls.cc (seteuid): Try to set owner to user and primary group to
current group in impersonation token before performing impersonation.
(setegid): Try to set primary group in process token to the new group
if ntsec is on.
* uinfo.cc (internal_getlogin): Use new `cygsid' class.
Try to set owner to user and primary group to current group in process
token if the process has been started from a non cygwin process.
(uinfo_init): Set primary group only if the process has been started
from a non cygwin process.
* winsup.h: Move define for `MAX_SID_LEN' to security.h.
* fhandler.h (fhandler_base::set_open_status): New method. Stores original
open status.
(fhandler_base::get_open_status): New method. Retrieves original open status.
(fhandler_base::reset_to_open_binmode): New method.
* fhandler.cc (fhandler_base::open): Save open status.
(fhandler_base::init): Ditto.
* fhandler_clipboard.cc (fhandler_clipboard::open): Ditto.
* fhandler_console.cc (fhandler_console::open): Ditto.
* fhandler_dsp.cc (fhandler_dsp::open): Ditto.
* fhandler_dev_mem.cc (fhandler_dev_mem::open): Ditto.
* fhandler_dev_random.cc (fhandler_dev_random::open): Ditto.
* fhandler_serial.cc (fhandler_serial::open): Ditto.
* fhandler_tty_slave.cc (fhandler_tty_slave::open): Ditto.
* fhandler_tty_master.cc (fhandler_tty_master::open): Ditto.
* fhandler_dev_zero.cc (fhandler_dev_zero::open): Ditto.
* syscalls.cc (setmode): Rework so that 0 mode value causes reversion to open
state.
* fhandler_tty_slave.cc (fhandler_tty_slave::read): Use correct multiplier when
converting from deciseconds to milliseconds.
* path.cc (check_sysfile): Ditto.
(symlink_info::check): Rely on opened file handle being closed by symlink
checking routines. Set ext_tacked_on when .lnk is detected.
* sec_helper.cc (set_process_privilege): Rename from
`set_process_privileges'. Takes the privilege to enable or disable
as parameter now.
* security.h: Add prototype for `set_process_privileges'.
* security.cc: Swap out several functions.
* sec_acl.cc: New file. Move Sun compatibel ACL functions from
`security.cc' to here.
* sec_helper.cc: New file. Move security helper functions from
`security.cc' to here.
* security.h: Changed to accomodate the above changes.
* grp.cc: Replace `group_in_memory_p' by `group_state'.
Eliminate group_sem throughout.
(enum grp_state): New enumeration type.
(read_etc_group): Make race safe.
* security.cc: Eliminate group_sem throughout.
is set to PCHECK_ADJUST when a case clash is given for the last
component in path.
(symlink_info::case_check): Ditto.
* syscalls.cc (_rename): Avoid overwriting an already existing file
if a case clash is given even if pcheck_case is set to PCHECK_ADJUST.
a global static variable.
(class mmap_record): Add `devtype_' member to remember
the device type of the file. Add declaration for methods
`get_device', `alloc_fh' and `free_fh'.
(mmap_record::mmap_record): Initialize `devtype_' correctly.
(mmap_record::alloc_fh): New method.
(mmap_record::free_fh): Ditto.
(munmap): Use new mmap_record::alloc_fh and mmap_record::free_fh
methods to create a correct fhandler.
(msync): Ditto.
(fixup_mmaps_after_fork): Ditto.
Christopher Faylor
Corinna Vinschen
Robert Collins
Egor Duda