* path.cc (path_conv::set_nt_native_path): New function.
* path.h (path_conv::set_nt_native_path): Add prototype.
* syscall.cc (try_to_bin): Handle moving files to the recycler
accessed via a local virtual drive (subst). Fix a problem renaming
the file to the unique replacement name on Samba. Align comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_tty.cc (fhandler_pty_slave::fch_close_handles): Don't close
handles not opened via fhandler_pty_slave::fch_open_handles.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler.h (class fhandler_base): Add virtual function
get_io_handle_cyg() to get handle from which OPOST-processed output is
read on PTY master.
(class fhandler_pty_slave): Add variable output_handle_cyg to store a
handle to which OPOST-processed output is written. Add two functions,
i.e., set_output_handle_cyg() and get_output_handle_cyg(), regarding
variable output_handle_cyg. Now, output_handle is used only by native
windows program. The data before OPOST-processing is written to
output_handle and OPOST-processing is applied in the master-side. For a
cygwin process, OPOST-processing is applied in the slave-side, and the
data after OPOST-processing is written to output_handle_cyg.
(class fhandler_pty_master): Add two variables, i.e., io_handle_cyg and
to_master_cyg, to store handles of a pipe through which OPOST-processed
output passes. Add pty_master_fwd_thread and function
pty_master_fwd_thread() for a thread which applies OPOST-processing
and forwards data from io_handle to to_master_cyg. Add function
get_io_handle_cyg() regarding variable io_handle_cyg. Now, the pipe
between io_handle and to_master are used only by native windows program
for applying OPOST-processing in the master-side. For a cygwin process,
the pipe between io_handle_cyg and to_master_cyg is used for passing
through the data which is applied OPOST-processing in the slave-side.
* fhandler_tty.cc (struct pipe_reply): Add member to_master_cyg.
(fhandler_pty_master::process_slave_output): Read slave output from
io_handle_cyg rather than io_handle.
(fhandler_pty_slave::fhandler_pty_salve): Initialize output_handle_cyg.
(fhandler_pty_slave::open): Set output_handle_cyg by duplicating handle
to_master_cyg on PTY master.
(fhandler_pty_slave::close): Close handle output_handle_cyg.
(fhandler_pty_slave::write): Write data to output_handle_cyg rather
than output_handle.
(fhandler_pty_slave::fch_close_handles): Close handle output_handle_cyg.
(fhandler_pty_master::fhandler_pty_master): Initialize io_handle_cyg,
to_master_cyg and master_fwd_thread.
(fhandler_pty_master::cleanup): Clean up to_master_cyg as well.
(fhandler_pty_master::close): Print to_master_cyg as well in debug
message. Terminate master forwarding thread. Close handles
to_master_cyg and io_handle_cyg.
(fhandler_pty_master::ioctl): Use io_handle_cyg rather than to_master.
(fhandler_pty_master::pty_master_thread): Add code for duplicating
handle to_master_cyg.
(fhandler_pty_master::pty_master_fwd_thread): New function for a thread
to forward OPOST-processed data from io_handle to to_master_cyg. This
thread applies OPOST-processing to the output of native windows program.
(::pty_master_fwd_thread): Ditto.
(fhandler_pty_master::setup): Create a new pipe to pass thruegh OPOST-
processed output. Create new thread to forward data from io_handle to
to_master_cyg. Set handle to_master_cyg to tty. Print io_handle_cyg as
well in debug message. Close handles io_handle_cyg and to_master_cyg in
case of error.
(fhandler_pty_master::fixup_after_fork): Set handle to_master_cyg to
tty. Copy handle to_master_cyg from arch->to_master_cyg.
(fhandler_pty_master::fixup_after_exec): Clean up to_master_cyg.
* select.cc: Check handle returned by get_io_handle_cyg() rather than
get_handle().
* tty.h (class tty): Add variable _to_master_cyg to store a handle to
which OPOST-processed data is written. Add two functions,
to_master_cyg() and set_to_master_cyg(), regarding _to_master_cyg.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* path.cc (basename): Undefine basename before defining function to
avoid type collision with prototype in string.h.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This header was clearly copied from the common syscall.h and customized,
but the header comment is no longer accurate -- this isn't the general
file anymore.
* sec_acl.cc (set_posix_access): Apply mask only in terms of execute bit
for SYSTEM and Admins group.
* getfacl.c (main): Special-case SYSTEM and Admins group. Add comments.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The inline list of mount options seemed redundant, so the paragraph now points
to the list below it.
List of executable extensions updated according to fhandler_disk_file.cc. List
of executable magic numbers updated according to path.h (has_exec_chars).
* pathnames.xml: Fix inconsistencies in docs regarding fstab and
executable file detection
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (set_posix_access): Don't create DENY ACEs for USER and
GROUP entries if they are the same as USER_OBJ or GROUP_OBJ.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler.h (fhandler_pty_slave::facl): Add prototype.
* fhandler_tty.cc (fhandler_pty_slave::facl): New method.
(fhandler_pty_slave::fchown): Fix uid/gid handling.
* sec_acl.cc (set_posix_access): Drop superfluous class_idx variable.
Simplify and move around code in a few places. To improve ACL
readability, add r/w permissions to Admins ACE appended to pty ACL.
Add comment to explain Windows ACE Mask filtering being in the way of
creating a real CLASS_OBJ.
(get_posix_access): Fake CLASS_OBJ for ptys. Explain why.
* security.cc (get_object_attribute): Add S_IFCHR flag to attributes
when calling get_posix_access.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (set_posix_access): Move merging group perms into owner
perms in case of owner == group after mask has been computed. Take
mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Deliberatly
set GROUP_OBJ and CLASS_OBJ perms to new group perms. Add comment
to explain why.
* security.cc (set_created_file_access): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (set_posix_access): Replace previous patch. Return
EINVAL if uid and/or guid is invalid and not backed by an actual
Windows account.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* setfacl.c: Align more to Linux tool.
(delacl): New function to delete acl entries only.
(modacl): Drop delete functionality. Add handling of recomputing the
mask and default mask values.
(delallacl): Rename from delacl.
(setfacl): Call delacl in Delete case. Call delallacl in DeleteAll
and DeleteDef case.
(usage): Accommodate new options. Rearrange and rephrase slightly.
(longopts): Emit 'x' in --delete case. Add --no-mask and --mask
options.
(opts): Add -x and -n options.
(main): Handle -d and -x the same. Handle -n and --mask options.
Drop handling for -r option.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
CLASS_OBJ mask on old-style ACLs. Fix a comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (set_posix_access): Always make sure Admins have
WRITE_DAC and WRITE_OWNER permissions.
* security.h (create_object_sd_from_attribute): Drop handle parameter
from prototype.
* security.cc (create_object_sd_from_attribute): Drop handle parameter.
Just create the standard POSIXy security descriptor.
(set_object_attribute): Accommodate dropped paramter in call to
create_object_sd_from_attribute.
* fhandler_tty.cc: Ditto, throughout.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* shm.cc (shmget): Fetch segment size from server rather than using
size argument to accommodate existing segments. Add comment to explain
why.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* include/cygwin/version.h (CYGWIN_VERSION_DLL_MAJOR): Bump to 2000.
(CYGWIN_VERSION_DLL_MINOR): Set to 0.
* new-features.xml (ov-new2.0): Rename from ov-new1.7.36 and change
version number to 2.0.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* exceptions.cc (call_signal_handler): Only bother to construct
the ucontext for signal handlers with SA_SIGINFO set. Set
mcontext.oldmask.
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
* exceptions.cc (call_signal_handler): Zero initialize context and set
context flags, as RlCaptureContext doesn't.
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
* fhandler.cc (fhandler_base::open_with_arch): Call open with mode
not umasked.
(fhandler_base::open): Explicitely umask mode on NFS here. Call new
set_created_file_access rather than set_file_attribute.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Reimplement
setting permissions on filesystems supporting ACLs using the new
set_posix_access call.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::mkdir): Call new set_created_file_access rather
than set_file_attribute.
* fhandler_socket.cc (fhandler_socket::bind): Don't umask here. Add
WRITE_OWNER access to allow writing group in case of SGID bit set.
Call new set_created_file_access rather than set_file_attribute.
* path.cc (symlink_worker): Call new set_created_file_access rather
than set_file_attribute.
* sec_acl.cc (searchace): Un-staticize.
(set_posix_access): New, complementary functionality to
get_posix_access.
(setacl): Implement in terms of get_posix_access/set_posix_access.
(get_posix_access): Add handling for just created files requiring
their first Cygwin ACL. Fix new_style recognition. Handle SGID
bit. For old-style ACLs, ignore SYSTEM and Administrators when
computing the {DEF_}CLASS_OBJ perms.
* security.cc (get_file_sd): Revamp comment. Change and (hopefully)
speed up inheritance processing for just created files.
(alloc_sd): Remove.
(set_security_attribute): Call set_posix_access instead of alloc_sd.
(get_object_attribute): Fix return value.
(create_object_sd_from_attribute): Call set_posix_access instead of
alloc_sd.
(set_file_attribute): Remove.
(set_created_file_access): New function implemented in terms of
get_posix_access/set_posix_access.
* security.h (set_file_attribute): Remove prototype.
(set_created_file_access): Add prototype.
(searchace): Ditto.
(set_posix_access): Ditto.
* syscalls.cc (open): Call open_with_arch with mode not umasked.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc: Change preceeding comment explaining new-style ACLs.
Describe how to generate deny ACEs in more detail. Accommodate the
fact that a NULL deny ACE is used for {DEF_}CLASS_OBJ, rather than
a special Cygwin ACE. Improve further comments.
(CYG_ACE_NEW_STYLE): Define.
(get_posix_access): Change from Cygwin ACE to NULL deny ACE. Fix
CLASS_OBJ handling to generate CLASS_OBJ and DEF_CLASS_OBJ from a single
NULL deny ACE if the inheritance flags say so.
* sec_helper.cc (well_known_cygwin_sid): Remove.
* security.h (well_known_cygwin_sid): Drop declaration.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Selectively using -fomit-frame-pointer when -O is used doesn't make sense
anymore, apparently since gcc 4.6, -O implies -fomit-frame-pointer.
exceptions.cc must be compiled with -fno-omit-frame-pointer on x86, as it uses
RtlCaptureContext, which requires a frame pointer.
* Makefile.in : Remove setting -fomit-frame-pointer for compiling
various files, it is already the default. Set
-fno-omit-frame-pointer for exceptions.cc on x86.
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
* fhandler_tty.cc (fhandler_pty_slave::read): Change calculation of
"readlen" not to use "bytes_in_pipe" value directly.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* faq-setup.xml: Document how Cygwin secures installation and
update against man-in-the-middle (MITM) attacks. Note that
setup embeds a public key to check the signature of setup.ini,
and that setup.ini includes SHA-512 cryptographic hashes.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
On x86_64, RtlCaptureContext() uses fxsave to save FPU/MMX/SSE state.
fxsave requires that the destination address is 16-byte aligned, or it will
fault.
CONTEXT is already annotated __attribute__ ((aligned (16))), do the same with
struct _mcontext.
Rearrange ucontext_t so that it's struct _mcontext element is also correctly
aligned.
* include/cygwin/signal.h (struct __mcontext): 16-byte align.
* include/sys/ucontext.h (ucontext_t): Ditto.
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
* sec_acl.cc (CYG_ACE_ISBITS_TO_WIN): Fix typo.
(get_posix_access): Rename index variable from i to idx. Define only
once at top level.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>