* winsup.h: Define MAX_SID_LEN and new MAX_HOST_NAME.

* fork.cc (fork): Use above defines instead of numerical constants. * shared.cc (sec_user): Ditto. * shared.h (class pinfo): Ditto. * syscall.cc (seteuid): Ditto. * spawn.cc (_spawnve): Ditto. Eliminate conditional. (spawn_guts): Set child->uid = USHRT_MAX when user context will be changed in child process. * uinfo.cc (uinfo_init): Check for myself->uid instead of myself->psid to avoid reloading of /etc/passwd on process startup if ntsec is off. Use above defines instead of numerical constants. * security.cc: Move define for MAX_SID_LEN to winsup.h.
2000-07-02 10:17:44 +00:00 · 2000-07-02 10:17:44 +00:00 · 0c4d2abd99
parent c570d680fb
commit 0c4d2abd99
9 changed files with 33 additions and 27 deletions
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@ -1,3 +1,12 @@
+Sun Jul  2 10:39:00 2000  Corinna Vinschen  <corinna@vinschen.de>
+
+	* uinfo.cc (uinfo_init): Check for myself->uid instead of myself->psid
+	to avoid reloading of /etc/passwd on process startup if ntsec is off.
+	* spawn.cc (_spawnve): Adjust conditional asking for switching
+	user context.
+	(spawn_guts): Ditto.  Set child->uid = USHRT_MAX when user context will
+	change in child process.
+
 Sun Jul  2  1:57:00 2000  Corinna Vinschen  <corinna@vinschen.de>

 	* uinfo.cc (uinfo_init): Eliminate calls to read_etc_group()
--- a/winsup/cygwin/fork.cc
+++ b/winsup/cygwin/fork.cc
@ -419,10 +419,10 @@ fork ()
      child->process_state |= PID_INITIALIZING |
 			      (myself->process_state & PID_USETTY);
      memcpy (child->username, myself->username, MAX_USER_NAME);
-      memcpy (child->sidbuf, myself->sidbuf, 40);
+      memcpy (child->sidbuf, myself->sidbuf, MAX_SID_LEN);
      if (myself->psid)
        child->psid = child->sidbuf;
-      memcpy (child->logsrv, myself->logsrv, 256);
+      memcpy (child->logsrv, myself->logsrv, MAX_HOST_NAME);
      memcpy (child->domain, myself->domain, MAX_COMPUTERNAME_LENGTH+1);
      child->token = myself->token;
      child->impersonated = myself->impersonated;
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@ -23,8 +23,6 @@ details. */
 #include "winsup.h"
 #include <ctype.h>

-#define MAX_SID_LEN     40
-
 extern BOOL allow_ntea;
 BOOL allow_ntsec = FALSE;

--- a/winsup/cygwin/shared.cc
+++ b/winsup/cygwin/shared.cc
@ -212,11 +212,11 @@ sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
                             ((char *) sa_buf + sizeof (*psa));
  PACL acl = (PACL) ((char *) sa_buf + sizeof (*psa) + sizeof (*psd));

-  char sid_buf[40];
+  char sid_buf[MAX_SID_LEN];
  PSID sid = (PSID) sid_buf;

  if (myself->psid)
-    CopySid (40, sid, myself->psid);
+    CopySid (MAX_SID_LEN, sid, myself->psid);
  else if (! lookup_name (getlogin (), myself->logsrv, sid))
    return inherit ? &sec_none_nih : &sec_none;

--- a/winsup/cygwin/shared.h
+++ b/winsup/cygwin/shared.h
@ -89,8 +89,8 @@ class pinfo
     The information is derived from the internal_getlogin call
     when on a NT system. */
  PSID psid;        /* user's SID */
-  char sidbuf[40];  /* buffer for user's SID */
-  char logsrv[256]; /* Logon server, may be fully qualified DNS name */
+  char sidbuf[MAX_SID_LEN];  /* buffer for user's SID */
+  char logsrv[MAX_HOST_NAME]; /* Logon server, may be FQDN */
  char domain[MAX_COMPUTERNAME_LENGTH+1]; /* Logon domain of the user */

  /* token is needed if sexec should be called. It can be set by a call
--- a/winsup/cygwin/spawn.cc
+++ b/winsup/cygwin/spawn.cc
@ -543,8 +543,9 @@ skip_arg_parsing:
      if (myself->impersonated && myself->token != INVALID_HANDLE_VALUE)
        seteuid (myself->orig_uid);

-      /* Set child->psid to NULL to force calling internal_getlogin()
-         from child process. */
+      /* Set child->uid to USHRT_MAX to force calling internal_getlogin()
+         from child process. Set psid to NULL to play it safe. */
+      child->uid = USHRT_MAX;
      child->psid = NULL;

      /* Load users registry hive. */
@ -844,15 +845,12 @@ _spawnve (HANDLE hToken, int mode, const char *path, const char *const *argv,
 	child->ctty = myself->ctty;
 	child->umask = myself->umask;
 	child->process_state |= PID_INITIALIZING;
-        if (!hToken && !myself->token)
-          {
-            memcpy (child->username, myself->username, MAX_USER_NAME);
-            memcpy (child->sidbuf, myself->sidbuf, 40);
-            if (myself->psid)
-              child->psid = child->sidbuf;
-            memcpy (child->logsrv, myself->logsrv, 256);
-            memcpy (child->domain, myself->domain, MAX_COMPUTERNAME_LENGTH+1);
-          }
+        memcpy (child->username, myself->username, MAX_USER_NAME);
+        memcpy (child->sidbuf, myself->sidbuf, MAX_SID_LEN);
+        if (myself->psid)
+          child->psid = child->sidbuf;
+        memcpy (child->logsrv, myself->logsrv, MAX_HOST_NAME);
+        memcpy (child->domain, myself->domain, MAX_COMPUTERNAME_LENGTH+1);
 	subproc_init ();
 	ret = spawn_guts (hToken, path, argv, envp, child, mode);
 	if (ret == -1)
--- a/winsup/cygwin/syscalls.cc
+++ b/winsup/cygwin/syscalls.cc
@ -1872,7 +1872,7 @@ seteuid (uid_t uid)
            }
          myself->uid = uid;
          strcpy (myself->username, pi.username);
-          CopySid (40, myself->psid, pi.psid);
+          CopySid (MAX_SID_LEN, myself->psid, pi.psid);
          strcpy (myself->logsrv, pi.logsrv);
          strcpy (myself->domain, pi.domain);
        }
--- a/winsup/cygwin/uinfo.cc
+++ b/winsup/cygwin/uinfo.cc
@ -106,7 +106,7 @@ internal_getlogin (struct pinfo *pi)
          else if (!GetTokenInformation (ptok, TokenUser, (LPVOID) &tu,
                                         sizeof tu, &siz))
            debug_printf ("GetTokenInformation(): %E");
-          else if (!(ret = CopySid (40, (PSID) pi->sidbuf,
+          else if (!(ret = CopySid (MAX_SID_LEN, (PSID) pi->sidbuf,
                                    ((TOKEN_USER *) &tu)->User.Sid)))
            debug_printf ("Couldn't retrieve SID from access token!");
          /* Close token only if it's a result from OpenProcessToken(). */
@ -135,7 +135,7 @@ internal_getlogin (struct pinfo *pi)
          if (ret)
            {
              struct passwd *pw;
-              char psidbuf[40];
+              char psidbuf[MAX_SID_LEN];
              PSID psid = (PSID) psidbuf;

              pi->psid = (PSID) pi->sidbuf;
@ -172,11 +172,9 @@ uinfo_init ()
  myself->token = INVALID_HANDLE_VALUE;
  myself->impersonated = TRUE;

-  /* If psid is non null, the process is forked or spawned from
-     another cygwin process without changing the user context.
-     So all user infos in myself as well as the environment are
-     (perhaps) valid. */
-  if (!myself->psid)
+  /* If uid is USHRT_MAX, the process is started from a non cygwin
+     process or the user context was changed in spawn.cc */
+  if (myself->uid == USHRT_MAX)
    if ((p = getpwnam (username = internal_getlogin (myself))) != NULL)
      {
        myself->uid = p->pw_uid;
--- a/winsup/cygwin/winsup.h
+++ b/winsup/cygwin/winsup.h
@ -67,6 +67,9 @@ extern int dynamically_loaded;
 #define DEFAULT_UID 500
 #define DEFAULT_GID 544

+#define MAX_SID_LEN 40
+#define MAX_HOST_NAME 256
+
 /* status bit manipulation */
 #define __ISSETF(what, x, prefix) \
  ((what)->status & prefix##_##x)