* cygheap.h (cygheap_user::curr_primary_token): New member.
(cygheap_user::primary_token): New method.
(cygheap_user::deimpersonate): Always revert to processes'
impersonation token.
(cygheap_user::reimpersonate): Set processes' or setuid token as
necessary.
(cygheap_user::has_impersonation_tokens): Look for curr_primary_token
value.
(cygheap_user::close_impersonation_tokens): Close curr_primary_token
here if necessary. Don't reset token values to NO_IMPERSONATION since
that's done in uinfo_init anyway.
(init_cygheap::luid): New LUID array keeping privilege LUIDs.
* cygtls.cc (_cygtls::init_thread): Call cygheap->user.reimpersonate.
* dcrt0.cc (hProcToken): New global variable to keep process token.
(hProcImpToken): Ditto for process impersonation token.
(dll_crt0_0): Open process token here once. Duplicate to create
hProcImpToken.
(dll_crt0_1): Call set_cygwin_privileges.
* environ.cc (allow_ntea): Drop duplicate declaration.
(allow_smbntsec): Ditto.
(set_traverse): Only set allow_traverse here.
(environ_init): Ditto.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Drop call to
enable_restore_privilege.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::facl): Ditto.
* fork.cc (fork_child): Move call to cygheap->user.reimpersonate after
syn with parent. Call set_cygwin_privileges.
* grp.cc (internal_getgroups): Use hProcImpToken instead of opening
process token.
* path.cc (fs_info::update): Bypass traverse checking when retrieving
volume information using push/pop_thread_privileges.
* registry.cc (load_registry_hive): Drop setting restore privilege
since it's already set if available.
* sec_helper.cc: Include cygtls.h.
(cygpriv): Privilege string array.
(privilege_luid): New function, evaluate LUID from cygpriv_idx.
(privilege_luid_by_name): New function, evaluate LUID from privilege
string.
(privilege_name): New function, evaluate privilege string from
cygpriv_idx.
(set_privilege): New static function called by set_process_privilege
and set_thread_privilege. Call privilege_luid to get privilege LUID.
Fix bug in return value evaluation. Improve debug output.
(set_cygwin_privileges): New function.
(set_process_privilege): Remove.
(enable_restore_privilege): Remove.
* security.cc (allow_traverse): New global variable.
(sys_privs): Change type to cygpriv_idx and store privilege indices
instead of strings.
(SYSTEM_PRIVILEGES_COUNT): Renamed from SYSTEM_PERMISSION_COUNT.
(get_system_priv_list): Don't use numerical constant in malloc call.
Use privilege_luid to get privilege LUIDs.
(get_priv_list): Call privilege_luid_by_name to get LUIDs. Improve
inner privilege LUID comparison loop.
(create_token): Enable create token privilege using
push/pop_self_privileges. Use hProcToken instead of opening process
token. Use default DACL when duplicating token.
(subauth): Enable tcb privilege using push/pop_self_privileges.
Use sec_none instead of homw made security attributes when duplicating
token.
(check_file_access): Don't duplicate access token, use active
impersonation token as is.
* security.h (enum cygpriv_idx): New enumeration type enumerating
possible privileges.
(privilege_luid): Declare new function.
(privilege_luid_by_name): Ditto.
(privilege_name): Ditto.
(allow_traverse): Declare.
(set_privilege): Declare function.
(set_process_privilege): Define as macro.
(enable_restore_privilege): Remove declaration.
(_push_thread_privilege): Define macro.
(push_thread_privilege): Ditto.
(pop_thread_privilege): Ditto.
(pop_self_privilege): Ditto.
* spawn.cc (spawn_guts): Use cygheap->user.primary_token instead of
cygheap->user.token.
* syscalls.cc (statvfs): Bypass traverse checking when retrieving
volume information using push/pop_thread_privileges. Rearrange code
to simplify push/pop bracketing.
(seteuid32): Use hProcToken instead of opening process token. Call
cygheap->user.deimpersonate instead of RevertToSelf. Create
impersonation token from primary internal or external token. Set
cygheap->user.curr_primary_token and cygheap->user.current_token
privileges once here. Drop "failed" and "failed_ptok" labels.
Drop setting DefaultDacl of process token.
(setegid32): Use hProcToken and hProcImpToken instead of opening
process token. Always reimpersonate afterwards.
* uinfo.cc (cygheap_user::init): Use hProcToken instead of opening
process token.
(internal_getlogin): Ditto. Set hProcImpToken, too.
(uinfo_init): Initialize cygheap->user.curr_primary_token.
* winsup.h (hProcToken): Declare.
(hProcImpToken): Declare.
(win_env::operator = ): Declare new operator.
(win_env::reset): Declare new function.
(win_env::~win_env): Declare new destructor.
(getwinenv): Add optional third argument to declaration.
* environ.cc (conv_envvars): Accommodate immediate field.
(win_env::operator =): Define new operator.
(win_env::~win_env): Define new destructor.
(win_env::add_cache): Add value to environment immediately if "immediate" is
set.
(getwinenv): Accept optional third argument which will be used to store
"cached" values to avoid overwriting real cache.
(spenv::force): Declare new field.
(spenvs): Accommodate force field. Add "PATH=" with force set to true.
(spenv::retrieve): Avoid duping anything if we're not building an envblock.
(build_env): Ditto. Use size of potentially constructed new environment block
to determine if we need to create an environment block. Pass getwinenv
temporary storage to avoid inappropriately overwriting the environment cache.
* path.h (is_floppy): Declare.
* syscalls.cc (sync): Check for floppies on A: and B: in guid case.
Don't call setmntent in non-guid case but evaluate drive bit mask
locally.
since waiting for anything else is racy.
* timer.cc (timer_tracker::hcancel): Rename from cancel.
(timer_tracker::cancel): New method.
(timer_tracker::th): Remove.
(timer_tracker::~timer_tracker): Call cancel method.
(timer_tracker::timer_tracker): Ditto.
(timer_tracker::timer_tracker): Always, clear cancel, even though it is
probably not strictly necessary for ttstart.
(timer_thread): Accommodate cancel -> hcancel rename.
(timer_tracker::settime): Ditto.
(timer_tracker::gettime): Ditto.
(timer_delete): Ditto.
* cygwin.din: Export _ctype_.
* include/ctype.h: Mark that _ctype_ is imported.
(wininfo::itv): Ditto.
(wininfo::start_time): Ditto.
(wininfo::window_started): Ditto.
(wininfo::getitimer): Ditto.
(wininfo::setitimer): Ditto.
(wininfo::wininfo): Ditto.
(wininfo::lock): New method.
(wininfo::release): Ditto.
* window.cc: Use new lock/acquire wininfo methods throughout.
(wininfo::wininfo): Delete
(wininfo::getitimer): Ditto.
(wininfo::setitimer): Ditto.
(getitimer): Ditto.
(setitimer): Ditto.
(ualarm): Ditto.
(alarm): Ditto.
(wininfo::lock): Define new function.
(wininfo::release): Ditto.
(wininfo::process): Delete WM_TIMER handling.
* timer.cc (struct timetracker): Delete it, flags. Add it_interval,
interval_us, sleepto_us, running, init_muto(), syncthread, and gettime().
(ttstart): Make NO_COPY.
(lock_timer_tracker): New class.
(timer_tracker::timer_tracker): Distinguish ttstart case.
(timer_tracker::~timer_tracker): New destructor. Clean out events, and reset
magic.
(timer_tracker::init_muto): New method.
(to_us): Round up as per POSIX.
(timer_thread): Reorganize to match timer_tracker::settime and
timer_tracker::gettime. Call sig_send without wait. Call auto_release.
(timer_tracker::settime): Reorganize logic to avoid race. Call gettime to
recover old value.
(timer_tracker::gettime): New method.
(timer_create): Properly set errno on invalid timerid. Use new
lock_timer_tracker method.
(timer_delete): Ditto. Simplify code slightly.
(timer_gettime): New function.
(fixup_timers_after_fork): Reinit ttstart.
(getitimer): New implementation.
(setitimer): Ditto.
(ualarm): Ditto.
(alarm): Ditto.
* cygwin.din: Export timer_gettime.
* winsup.h: Remove has has_visible_window_station declaration.
* Makefile.in (DLL_OFILES): Add lsearch.o.
* cygthread.h (cygthread::notify_detached): New element.
(cygthread::cygthread): Take optional fourth argument signifying event to
signal on thread completion.
* cygthread.cc (cygthread::stub): Signal notify_detached event, if it exists.
(cygthread::cygthread): Initialize notify_detached from fourth argument.
(cygthread::detach): Wait for notify_detached field is present.
* lsearch.cc: New file.
* search.h: Ditto.
* include/cygwin/version.h: Bump API minor number to 126.
* cygwin.din: Export lsearch, lfind.
(fhandler_socket::af_local_set_secret): New function combining former
set_connect_secret and get_connect_secret into one function.
(fhandler_socket::af_local_setblocking): Rename from eid_setblocking.
(fhandler_socket::af_local_unsetblocking): Rename from
eid_unsetblocking.
(fhandler_socket::af_local_set_cred): New method.
(fhandler_socket::af_local_copy): New method.
(fhandler_socket::af_local_recv_secret): New method.
(fhandler_socket::af_local_send_secret): New method.
(fhandler_socket::af_local_recv_cred): Rename from eid_recv.
(fhandler_socket::af_local_send_cred): Rename from eid_send.
(fhandler_socket::af_local_accept): New method.
(fhandler_socket::af_local_set_sockpair_cred): Rename from
set_socketpair_eids.
(fhandler_socket::eid_accept): Remove.
(fhandler_socket::eid_connect): Remove.
(fhandler_socket::set_connect_secret): Remove.
(fhandler_socket::get_connect_secret): Remove.
(fhandler_socket::create_secret_event): Remove.
(fhandler_socket::check_peer_secret_event): Remove.
(fhandler_socket::signal_secret_event): Remove.
(fhandler_socket::close_secret_event): Remove.
(fhandler_socket::sec_event_accept): Remove.
(fhandler_socket::sec_event_connect): Remove.
* fhandler_socket.cc (secret_event_name): Remove.
(fhandler_socket::af_local_set_sockpair_cred): Rename from
set_socketpair_eids.
(fhandler_socket::af_local_setblocking): Rename from eid_setblocking.
(fhandler_socket::af_local_unsetblocking): Rename from
eid_unsetblocking.
(fhandler_socket::af_local_recv_secret): New function to receive
AF_LOCAL connect secret over socket itself.
(fhandler_socket::af_local_send_secret): New function to send AF_LOCAL
connect secret over socket itself.
(fhandler_socket::af_local_recv_cred): Rename from eid_recv.
(fhandler_socket::af_local_send_cred): Rename from eid_send.
(fhandler_socket::eid_connect): Remove.
(fhandler_socket::af_local_connect): Take over connect side handling
of AF_LOCAL secret and credential handshake.
(fhandler_socket::eid_accept): Remove.
(fhandler_socket::af_local_accept): New method, take over accept side
handling of AF_LOCAL secret and credential handshake.
(fhandler_socket::af_local_set_cred): New method, set eid credentials
to start values.
(fhandler_socket::af_local_copy): New method, copy secret and
credentials to another socket.
(fhandler_socket::af_local_set_secret): New function combining former
set_connect_secret and get_connect_secret into one function.
(fhandler_socket::create_secret_event): Remove.
(fhandler_socket::signal_secret_event): Remove.
(fhandler_socket::close_secret_event): Remove.
(fhandler_socket::check_peer_secret_event): Remove.
(fhandler_socket::sec_event_connect): Remove.
(fhandler_socket::sec_event_accept): Remove.
(fhandler_socket::fixup_after_fork): Drop secret_event handling.
(fhandler_socket::bind): Call af_local_set_secret.
(fhandler_socket::connect): Call af_local_set_cred and af_local_connect.
(fhandler_socket::listen): Call af_local_set_cred.
(fhandler_socket::accept): Call af_local_copy and af_local_accept on
accepted socket.
(fhandler_socket::close): Don't call close_secret_event.
(fhandler_socket::set_close_on_exec): Don't set secret_event
inheritance.
* net.cc (cygwin_getsockopt): Add debug output.
(socketpair): Call af_local_set_sockpair_cred instead of
set_socketpair_eids.
* select.cc (set_bits): Drop AF_LOCAL special handling in case
of except bit set.
(fhandler_socket::set_connect_secret): Ditto.
(fhandler_socket::get_connect_secret): Ditto.
(fhandler_socket::create_secret_event): Ditto. Remove secret argument.
(fhandler_socket::check_peer_secret_event): Ditto.
(fhandler_socket::signal_secret_event): Make private.
(fhandler_socket::close_secret_event): Ditto.
(fhandler_socket::sec_event_accept): New private method.
(fhandler_socket::sec_event_connect): Ditto.
(fhandler_socket::af_local_connect): New public method.
* fhandler_socket.cc: Use 'struct sockaddr' and 'struct sockaddr_in'
rather than just 'sockaddr' and 'sockaddr_in' throughout.
(fhandler_socket::eid_connect): Drop AF_LOCAL/SOCK_STREAM test.
(fhandler_socket::create_secret_event): Remove secret argument.
Always use connect_secret instead.
(fhandler_socket::check_peer_secret_event): Ditto.
(fhandler_socket::sec_event_connect): New method, combining entire
secret event handshake on connect side.
(fhandler_socket::af_local_connect): New method, combining secret
event handshake and eid credential transaction on connect side, to
be called from select.
(fhandler_socket::sec_event_accept): New method, combining entire
secret event handshake on accept side.
(fhandler_socket::connect): Drop secret, use connect_secret instead.
Move entire secret event handshake to sec_event_connect.
(fhandler_socket::accept): Move entire secret event handshake to
sec_event_accept.
* select.cc (set_bits): Just call af_local_connect here.
(fhandler_socket::sec_pipe): Remove.
(fhandler_socket::eid_pipe_name): Remove.
(fhandler_socket::eid_setblocking): New private method.
(fhandler_socket::eid_unsetblocking): Ditto
(fhandler_socket::eid_recv): Ditto
(fhandler_socket::eid_send): Ditto
(fhandler_socket::eid_accept): Ditto
(fhandler_socket::eid_connect): New public method.
* fhandler_socket.cc (ASYNC_MASK): Move to beginning of file.
(fhandler_socket::eid_pipe_name): Remove.
(fhandler_socket::set_socketpair_eids): Move down to fhandler_socket
methods.
(fhandler_socket::fhandler_socket): Drop initializing sec_pipe.
(fhandler_socket::~fhandler_socket): Drop closing sec_pipe.
(fhandler_socket::eid_setblocking): New method.
(fhandler_socket::eid_unsetblocking): New method.
(fhandler_socket::eid_recv): New method.
(fhandler_socket::eid_send): New method.
(fhandler_socket::eid_connect): New method.
(fhandler_socket::eid_accept): New method.
(fhandler_socket::dup): Drop sec_pipe handling.
(fhandler_socket::connect): Fix WinSock error handling. Prepare
eid credential transaction. Call eid_connect on successful connect.
(fhandler_socket::listen): Drop creating sec_pipe.
(fhandler_socket::accept): Slightly simplify code. Call eid_accept
on accepted socket.
(fhandler_socket::getpeereid): Reshuffle code for readability. Fix
test for invalid pid.
* select.cc (set_bits): Call eid_connect on successfully connected
socket.
(spawn_info): Ditto.
* cxx.cc (__cxa_guard_acquire): New function (needed for gcc 4.x).
(__cxa_guard_release): Ditto.
* devices.in: Make sure stuff is correctly bracketed (for gcc 4.x).
* devices.cc: Regenerate.
* fhandler.h (fhandler_disk_file::fchmod): Avoid left coercion (for gcc 4.x).
* smallprint.c (__rn): Declare as __fastcall since gcc 4.x complains about use
of regparm, for some reason.
* sync.h (sync::init_lock): Remove.
* sync.cc (sync::init_lock): Ditto.
in case of a successful or pending connect.
(fhandler_socket::accept): Don't run secret event and eid credential
transactions if OS accept returned WSAEWOULDBLOCK.