Commit Graph

289 Commits

Author SHA1 Message Date
Christopher Faylor 3aca3cb636 Remove some more unneeded 'return;'s throughout. 2005-09-14 14:27:56 +00:00
Christopher Faylor 1cd065837c white space 2005-08-12 02:39:13 +00:00
Corinna Vinschen 2ab8ea6738 * security.cc (get_reg_security): New static function.
(get_nt_object_security): Call get_reg_security for registry keys
	to circumvent problems with predefined registry keys.
2005-08-08 16:30:15 +00:00
Corinna Vinschen 2a770b2a6f * security.cc (get_initgroups_sidlist): Drop special_pgrp parameter.
(get_setgroups_sidlist): Avoid duplicate groups in group list.
	(create_token): Remove special_pgrp local variable.  Accomodate
	change to get_initgroups_sidlist call.
2005-06-21 20:38:05 +00:00
Corinna Vinschen ce132d0ffd * security.cc (cygwin_logon_user): Run LogonUser in the primary
process token context.  Fix potential handle leak.
2005-06-08 10:06:17 +00:00
Corinna Vinschen 7311cc1f0c * pinfo.cc (pinfo::init): Define sa_buf as PSECURITY_ATTRIBUTES and
allocate dynamically.
	(pinfo::set_acl): Replace sa_buf by dynamically allocated acl_buf.
	* sec_acl.cc (setacl): Allocate acl dynamically.
	* sec_helper.cc (sec_acl): Add test for alignment of acl when
	DEBUGGING is defined.
	(__sec_user): Same for sa_buf.
	* security.cc (verify_token): Define sd_buf as PSECURITY_DESCRIPTOR
	and allocate dynamically.
	(alloc_sd): Allocate acl dynamically.
	security.h (sec_user_nih): Change first parameter to
	SECURITY_ATTRIBUTES *.
	(sec_user): Ditto.
	* sigproc.cc (wait_sig): Define sa_buf as PSECURITY_ATTRIBUTES and
	allocate dynamically.
	* syscalls.cc (seteuid32): Define dacl_buf as PACL and allocate
	dynamically.
	* uinfo.cc (cygheap_user::init): Define sa_buf as PSECURITY_ATTRIBUTES
	and allocate dynamically.
	* winbase.h (ilockincr): Mark first argument of inline assembly as
	earlyclobber.
	(ilockdecr): Ditto.
2005-06-07 19:31:42 +00:00
Corinna Vinschen 28f2a08860 * security.cc (alloc_sd): Remove DELETE bit from user's ACE if
allow_traverse is set.
2005-04-19 10:10:13 +00:00
Corinna Vinschen 68a3f0d34a * security.h (cygsidlist::addfromgr): Allow duplicate entries.
(get_server_groups): Declare new function.
	* security.cc (is_group_member): Simplify.
	(get_server_groups): New function.
	(get_initgroups_sidlist): Call get_server_groups.
	(verify_token): Allow token when supplementary sids are not in
	/etc/group but are in the token.
	Streamline the code.
	* grp.cc (initgroups32): New implementation.
	(getgroups32): Handle case where the supplementary groups are set.
2005-04-16 15:21:47 +00:00
Corinna Vinschen 7460bfd32b * cygerrno.h (__seterrno_from_nt_status): Define. Always set Win32
error code as well as errno. Use throughout where errno is set from
	NT status.
	(set_errno): Evaluate val only once.
	* fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Fix typo in
	debug output.
	* fhandler_mem.cc (fhandler_dev_mem::open): Rely on
	__seterrno_from_nt_status setting Win32 error code in debug output.
	* fhandler_proc.cc (format_proc_uptime): Ditto.
	(format_proc_stat): Ditto.
	* fhandler_process.cc (format_process_stat): Ditto.
	* sysconf.cc (sysconf): Ditto.
2005-04-13 16:41:33 +00:00
Corinna Vinschen f4a1f8a1db * cygheap.cc (cygheap_init): Accomodate set_process_privilege change.
* cygheap.h (cygheap_user::curr_primary_token): New member.
	(cygheap_user::primary_token): New method.
	(cygheap_user::deimpersonate): Always revert to processes'
	impersonation token.
	(cygheap_user::reimpersonate): Set processes' or setuid token as
	necessary.
	(cygheap_user::has_impersonation_tokens): Look for curr_primary_token
	value.
	(cygheap_user::close_impersonation_tokens): Close curr_primary_token
	here if necessary.  Don't reset token values to NO_IMPERSONATION since
	that's done in uinfo_init anyway.
	(init_cygheap::luid): New LUID array keeping privilege LUIDs.
	* cygtls.cc (_cygtls::init_thread): Call cygheap->user.reimpersonate.
	* dcrt0.cc (hProcToken): New global variable to keep process token.
	(hProcImpToken): Ditto for process impersonation token.
	(dll_crt0_0): Open process token here once.  Duplicate to create
	hProcImpToken.
	(dll_crt0_1): Call set_cygwin_privileges.
	* environ.cc (allow_ntea): Drop duplicate declaration.
	(allow_smbntsec): Ditto.
	(set_traverse): Only set allow_traverse here.
	(environ_init): Ditto.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Drop call to
	enable_restore_privilege.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::facl): Ditto.
	* fork.cc (fork_child): Move call to cygheap->user.reimpersonate after
	syn with parent. Call set_cygwin_privileges.
	* grp.cc (internal_getgroups): Use hProcImpToken instead of opening
	process token.
	* path.cc (fs_info::update): Bypass traverse checking when retrieving
	volume information using push/pop_thread_privileges.
	* registry.cc (load_registry_hive): Drop setting restore privilege
	since it's already set if available.
	* sec_helper.cc: Include cygtls.h.
	(cygpriv): Privilege string array.
	(privilege_luid): New function, evaluate LUID from cygpriv_idx.
	(privilege_luid_by_name): New function, evaluate LUID from privilege
	string.
	(privilege_name): New function, evaluate privilege string from
	cygpriv_idx.
	(set_privilege): New static function called by set_process_privilege
	and set_thread_privilege.  Call privilege_luid to get privilege LUID.
	Fix bug in return value evaluation. Improve debug output.
	(set_cygwin_privileges): New function.
	(set_process_privilege): Remove.
	(enable_restore_privilege): Remove.
	* security.cc (allow_traverse): New global variable.
	(sys_privs): Change type to cygpriv_idx and store privilege indices
	instead of strings.
	(SYSTEM_PRIVILEGES_COUNT): Renamed from SYSTEM_PERMISSION_COUNT.
	(get_system_priv_list): Don't use numerical constant in malloc call.
	Use privilege_luid to get privilege LUIDs.
	(get_priv_list): Call privilege_luid_by_name to get LUIDs. Improve
	inner privilege LUID comparison loop.
	(create_token): Enable create token privilege using
	push/pop_self_privileges. Use hProcToken instead of opening process
	token. Use default DACL when duplicating token.
	(subauth): Enable tcb privilege using push/pop_self_privileges.
	Use sec_none instead of homw made security attributes when duplicating
	token.
	(check_file_access): Don't duplicate access token, use active
	impersonation token as is.
	* security.h (enum cygpriv_idx): New enumeration type enumerating
	possible privileges.
	(privilege_luid): Declare new function.
	(privilege_luid_by_name): Ditto.
	(privilege_name): Ditto.
	(allow_traverse): Declare.
	(set_privilege): Declare function.
	(set_process_privilege): Define as macro.
	(enable_restore_privilege): Remove declaration.
	(_push_thread_privilege): Define macro.
	(push_thread_privilege): Ditto.
	(pop_thread_privilege): Ditto.
	(pop_self_privilege): Ditto.
	* spawn.cc (spawn_guts): Use cygheap->user.primary_token instead of
	cygheap->user.token.
	* syscalls.cc (statvfs): Bypass traverse checking when retrieving
	volume information using push/pop_thread_privileges. Rearrange code
	to simplify push/pop bracketing.
	(seteuid32): Use hProcToken instead of opening process token. Call
	cygheap->user.deimpersonate instead of RevertToSelf.  Create
	impersonation token from primary internal or external token.  Set
	cygheap->user.curr_primary_token and cygheap->user.current_token
	privileges once here.  Drop "failed" and "failed_ptok" labels.
	Drop setting DefaultDacl of process token.
	(setegid32): Use hProcToken and hProcImpToken instead of opening
	process token. Always reimpersonate afterwards.
	* uinfo.cc (cygheap_user::init): Use hProcToken instead of opening
	process token.
	(internal_getlogin): Ditto. Set hProcImpToken, too.
	(uinfo_init): Initialize cygheap->user.curr_primary_token.
	* winsup.h (hProcToken): Declare.
	(hProcImpToken): Declare.
2005-04-03 13:06:43 +00:00
Christopher Faylor ec98d19a08 * wininfo.h (wininfo::timer_active): Delete.
(wininfo::itv): Ditto.
(wininfo::start_time): Ditto.
(wininfo::window_started): Ditto.
(wininfo::getitimer): Ditto.
(wininfo::setitimer): Ditto.
(wininfo::wininfo): Ditto.
(wininfo::lock): New method.
(wininfo::release): Ditto.
* window.cc: Use new lock/acquire wininfo methods throughout.
(wininfo::wininfo): Delete
(wininfo::getitimer): Ditto.
(wininfo::setitimer): Ditto.
(getitimer): Ditto.
(setitimer): Ditto.
(ualarm): Ditto.
(alarm): Ditto.
(wininfo::lock): Define new function.
(wininfo::release): Ditto.
(wininfo::process): Delete WM_TIMER handling.
* timer.cc (struct timetracker): Delete it, flags.  Add it_interval,
interval_us, sleepto_us, running, init_muto(), syncthread, and gettime().
(ttstart): Make NO_COPY.
(lock_timer_tracker): New class.
(timer_tracker::timer_tracker): Distinguish ttstart case.
(timer_tracker::~timer_tracker): New destructor.  Clean out events, and reset
magic.
(timer_tracker::init_muto): New method.
(to_us): Round up as per POSIX.
(timer_thread): Reorganize to match timer_tracker::settime and
timer_tracker::gettime.  Call sig_send without wait.  Call auto_release.
(timer_tracker::settime): Reorganize logic to avoid race.  Call gettime to
recover old value.
(timer_tracker::gettime): New method.
(timer_create): Properly set errno on invalid timerid.  Use new
lock_timer_tracker method.
(timer_delete): Ditto.  Simplify code slightly.
(timer_gettime): New function.
(fixup_timers_after_fork): Reinit ttstart.
(getitimer): New implementation.
(setitimer): Ditto.
(ualarm): Ditto.
(alarm): Ditto.
* cygwin.din: Export timer_gettime.
* winsup.h: Remove has has_visible_window_station declaration.
* Makefile.in (DLL_OFILES): Add lsearch.o.
* cygthread.h (cygthread::notify_detached): New element.
(cygthread::cygthread): Take optional fourth argument signifying event to
signal on thread completion.
* cygthread.cc (cygthread::stub): Signal notify_detached event, if it exists.
(cygthread::cygthread): Initialize notify_detached from fourth argument.
(cygthread::detach): Wait for notify_detached field is present.
* lsearch.cc: New file.
* search.h: Ditto.
* include/cygwin/version.h: Bump API minor number to 126.
* cygwin.din: Export lsearch, lfind.
2005-03-27 01:57:38 +00:00
Christopher Faylor 29acee4020 * fhandler_tape.cc (get_ll): This is a generally useful function so move it
* winsup.h (get_ll): to here
* security.cc (get_token_group_sidlist): Use get_ll to figure out the long long
version of the luid since QuadPart is not part of the standard Windows API.
2005-03-16 21:52:06 +00:00
Pierre Humblet 531979231d 2004-10-28 Pierre Humblet <pierre.humblet@ieee.org>
* path.cc (mount_info::from_registry): Deimpersonate while
        accessing HKLM.
        (mount_info::read_cygdrive_info_from_registry): Ditto.
        * cygheap.h: Define NO_IMPERSONATION.
        (cygheap_user::issetuid): Replace INVALID_HANDLE_VALUE by
        NO_IMPERSONATION.
        (cygheap_user::has_impersonation_tokens): Ditto.
        (cygheap_user::close_impersonation_tokens): Ditto.
        * uinfo.cc (uinfo_init): Ditto.
        * syscalls.cc (seteuid32): Ditto.
        * security.cc (set_impersonation_token): Ditto.
2004-10-28 01:46:01 +00:00
Pierre Humblet b0637a5191 2004-10-05 Pierre Humblet <pierre.humblet@ieee.org>
* external.cc (check_ntsec): Do not call wincap.has_security.
	* path.cc (path_conv::check): Ditto.
	* security.cc (get_object_attribute): Ditto.
	(get_file_attribute): Ditto.
2004-10-06 01:33:39 +00:00
Christopher Faylor d584454c82 * exceptions.cc: (ctrl_c_handler): Do nothing while a Cygwin subprocess is
starting.
* child_info.h (init_child_info): Remove pid argument from declaration.
* cygheap.h (init_cygheap::pid): New element.
* dcrt0.cc (dll_crt0_0): Eliminate handling of now-noexistent cygpid parameter
in child_info struct.  Set forkee to 'true' rather than cygpid since the pid
value was never used.
(dll_crt0_1): Ditto.
(_dll_crt0): Ditto.
* fork.cc (fork_child): Don't wait for sigthread.  This is handled in the fork
call now.
(fork_parent): Remove obsolete pid argument from init_child_info call.  Don't
do anything special with cygpid when DEBUGGING.
(fork): Delay all signals during fork.
(fork_init): Don't do anything special when DEBUGGING.
* pinfo.cc (set_myself): Remove pid parameter.  Use new pid field in cygheap.
(pinfo_init): Don't pass pid argument to set_myself.
* sigproc.cc (sig_send): Wait for dwProcessId to be non-zero as well as
sendsig.
(init_child_info): Eliminate handling of pid.
(wait_sig): Implement method to temporarily hold off sending signals.
* sigproc.h (__SIGHOLD): New enum.
(__SIGNOHOLD): Ditto.
* spawn.cc (spawn_guts): Remove obsolete pid argument from init_child_info
call.
2004-09-12 03:47:57 +00:00
Corinna Vinschen eea5dd9707 * security.cc: Fix a few more strace_prints. 2004-09-03 08:18:41 +00:00
Christopher Faylor 0cd9f74fa5 Regularize most strace_prints throughout so that %E is always preceded by a
comma and elminate most uses of "foo = %s" to "foo %s".
2004-09-03 01:53:12 +00:00
Pierre Humblet bd0e9c7aa6 2004-06-17 Pierre Humblet <pierre.humblet@ieee.org>
* fhandler.cc (fhandler_base::open_9x): Do not check for null name.
        Move debug_printf to common code line.
        (fhandler_base::open): Ditto. Initialize upath. Remove second argument
        of pc.get_nt_native_path.
        * path.h (path_conv::get_nt_native_path): Remove second argument.
        * path.cc (path_conv::get_nt_native_path): Ditto. Call str2uni_cat.
        * security.h (str2buf2uni_cat): Delete declaration.
        (str2uni_cat): New declaration.
        * security.cc (str2buf2uni): Get length from sys_mbstowcs call.
        (str2buf2uni_cat): Delete function.
        (str2uni_cat): New function.
        * miscfuncs.cc (sys_mbstowcs): Add debug_printf.
2004-06-17 13:34:26 +00:00
Christopher Faylor e3778517d9 * path.cc (chdir): Always use the normalized_path as posix_cwd, except if it
starts with a drive.

Also perform whitespace cleanup.
2004-05-28 19:50:07 +00:00
Corinna Vinschen e859706578 * autoload.cc (NtCreateFile): Add.
* dir.cc (mkdir): Change set_file_attribute call to indicate that
	NT security isn't used.
	* fhandler.cc (fhandler_base::open_9x): New method, created from
	fhandler_base::open.
	(fhandler_base::open): Rearrange to use NtCreateFile instead of
	CreateFile.
	* fhandler.h (enum query_state): Redefine query_null_access to
	query_stat_control.  query_null_access isn't allowed in NtCreateFile.
	(fhandler_base::open_9x): Declare.
	* fhandler_disk_file.cc (fhandler_base::fstat_fs): Use
	query_stat_control first, query_read_control if that fails.
	(fhandler_disk_file::fchmod): Call enable_restore_privilege before
	trying to open for query_write_control.  Don't fall back to
	opening for query_read_control.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::facl):  Only request restore privilege and query
	access necessary for given cmd.
	* fhandler_raw.cc (fhandler_dev_raw::open): Call fhandler_base::open
	instead of opening device here.
	* ntdll.h (NtCreateFile): Declare.
	* path.cc (symlink_worker): Change set_file_attribute call to indicate
	that NT security isn't used.
	* sec_acl.cc (getacl): Fix bracketing.
	* sec_helper.cc (enable_restore_privilege): New function.
	* security.cc (str2buf2uni_cat): New function.
	(write_sd): Don't request restore permission here.
	* security.h (set_process_privileges): Drop stale declaration.
	(str2buf2uni): Declare.
	(str2buf2uni_cat): Declare.
	(enable_restore_privilege): Declare.
	* syscalls.cc (fchown32): Return immediate success on 9x.
2004-04-16 21:22:13 +00:00
Corinna Vinschen a653f600f5 * sec_acl.cc (getacl): Avoid compiler warning.
* security.cc (write_sd): Ditto.  Fix error handling.
2004-04-14 20:16:29 +00:00
Corinna Vinschen e3d1d51579 * fhandler.cc (fhandler_base::open): Simplify access evaluation
expression.
	(fhandler_base::facl): New method.
	* fhandler.h: Declare facl method in fhandler_base,
	fhandler_disk_file and fhandler_virtual.
	* fhandler_disk_file.cc (fhandler_disk_file::facl): New method.
	* fhandler_virtual.cc (fhandler_virtual::facl): New method.
	* sec_acl.cc: Remove forward declaration for aclsort32 and acl32.
	(setacl): Remove static.  Add and use handle parameter.
	(getacl): Ditto.
	(acl_worker): Reorganize to call fhandler's facl method eventually.
	(facl32): Ditto.
	* security.cc (get_nt_object_security): Remove static.
	* security.h: Add extern declarations for get_nt_object_security,
	aclsort32, acl32, getacl and setacl.


	Apply missing syscalls.cc patch and ChangeLog of previous check in.
	* syscalls.cc (chown_worker): Reorganize to call fhandler's fchown
	method eventually.
	(fchown): Ditto.
2004-04-14 16:36:26 +00:00
Corinna Vinschen ddf9c4a744 * fhandler.cc (fhandler_base::open): Accomodate query_write_control
query_state.
	(fhandler_base::fchown): New method.
	* fhandler.h: Declare fchown method in fhandler_base,
	fhandler_disk_file and fhandler_virtual.
	(enum query_state): Add query_write_control.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Set query_state
	to query_write_control.  Only remove FILE_ATTRIBUTE_READONLY if not
	setting security descriptor.
	(fhandler_disk_file::fchown): New method.
	* fhandler_virtual.cc (fhandler_virtual::fchown): New method.
	* sec_acl.cc (setacl): Call write_sd with additional handle attribute.
	* security.cc (write_sd): Take handle argument.  Only request owner
	if getting SE_RESTORE_NAME privilege failed.  Only open file if
	NtSetSecurityObject failed or handle is NULL.
	(set_nt_attribute): Call write_sd with additional handle attribute.
	* security.h (write_sd): Declare with additional handle argument.
2004-04-14 13:40:07 +00:00
Corinna Vinschen f4ae6dc62c * autoload.cc (NtSetSecurityObject): Add.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Only request
	READ_CONTROL rights when opening the file.
	* ntdll.h (NtSetSecurityObject): Add declaration.
	* security.cc (write_sd): Call NtSetSecurityObject instead of
	BackupWrite.
	(get_nt_object_security): Don't free security descriptor here.

	* syscalls.cc (ttyname): Use buffer of length TTY_NAME_MAX + 1.
	* sysconf.cc (sysconf): Handle _SC_TTY_NAME_MAX request.
	* include/limits.h: Define TTY_NAME_MAX and _POSIX_TTY_NAME_MAX.
2004-04-14 10:20:26 +00:00
Corinna Vinschen 29b6b8ca64 * security.cc (set_nt_attribute): Only call get_nt_object_security
if handle is NULL.
2004-04-13 20:45:14 +00:00
Corinna Vinschen 854c870051 * dir.cc (mkdir): Call set_file_attribute with additional handle
argument.
	* fhandler.cc (fhandler_base::fchmod): New method.
	* fhandler.h: Declare fchmod method in fhandler_base,
	fhandler_disk_file and fhandler_virtual.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): New method.
	(fhandler_base::open_fs): Call set_file_attribute with additional
	handle argument.
	* fhandler_virtual.cc (fhandler_virtual::fchmod): New method.
	* path.cc (symlink_worker): Call set_file_attribute with additional
	handle argument.
	* security.cc (get_nt_object_security): New function.
	(get_nt_object_attribute): Call get_nt_object_security.
	(set_nt_attribute): Add handle argument.  Call get_nt_object_security
	first, read_sd only if that fails.
	(set_file_attribute): Add handle argument.
	* security.h (set_file_attribute): Declare with additional handle
	argument.
	* syscalls.cc (stat_suffixes): Move to beginning of file.
	(chown_worker): Call set_file_attribute with additional handle argument.
	(chmod): Reorganize to call fhandler's fchmod method eventually.
	(fchmod): Ditto.
2004-04-13 20:36:58 +00:00
Corinna Vinschen 71ffba498c * autoload.cc (NtQuerySecurityObject): Add.
* ntdll.h (STATUS_BUFFER_TOO_SMALL): Add definition.
	(NtQuerySecurityObject): Add declaration.
	* security.cc (get_nt_object_attribute): Always use
	NtQuerySecurityObject to retrieve security descriptor.
2004-04-13 12:14:59 +00:00
Corinna Vinschen 00dd058f7e * security.cc (get_file_attribute): Fix conditional. 2004-04-09 07:55:56 +00:00
Corinna Vinschen a9a5b2eab0 * fhandler.cc (fhandler_base::open): Set query access mode according
to query_open setting.
	(fhandler_base::fhandler_base): Initialize query_open.
	* fhandler.h (FH_QUERYOPEN): Drop.
	(enum query_state): Add.
	(class fhandler_base): Add query_open member.
	(fhandler_base::get_query_open): Redefine to use query_open.
	(fhandler_base::set_query_open): Ditto.
	* fhandler_disk_file.cc (fhandler_base::fstat_fs): Remove O_DIROPEN
	from open_flags since it's added in open_fs anyway.  Remove
	query_open_already.  Use new query_open settings.  Rearrange slightly.
	(fhandler_base::fstat_helper): Add get_io_handle as parameter to
	get_file_attribute.
	* security.cc (get_nt_object_attribute): Make returning an int.
	Return -1 on error, 0 otherwise.
	(get_file_attribute): Take an object handle as argument. Move down
	to allow calling get_nt_object_attribute in case a non-NULL handle
	is given.
	* security.h (get_file_attribute): Add handle to argument list.
	* syscalls.cc (chown_worker): Accomodate new definition of
	get_file_attribute.
2004-04-08 07:57:28 +00:00
Corinna Vinschen 897c785600 * security.cc (get_nt_object_attribute): Fix error handling. 2004-02-11 17:54:34 +00:00
Christopher Faylor cec4879206 * debug.h (console_printf): Define for non-debugging condition.
* cygtls.h (_threadinfo::lock): Remove wait argument.
(_threadinfo::interrupt_setup): Remove retaddr argument.
* exceptions.cc (_threadinfo::interrupt_setup): Ditto.
(_threadinfo::interrupt_now): Accommodate change to interrupt_setup argument.
(setup_handler): Ditto.  Always lock sig stack prior to determining interrupt
method.
* gendef (_sigfe): Correct thinko regarding cmpxchg.
(_sigbe): Ditto.
(_threadinfo::lock): Ditto.
(_threadinfo::pop): Eliminate left-over stack unlock.
* sigproc.cc (proc_subproc): Chnage debugging output to printed warning.
2004-02-09 04:04:24 +00:00
Corinna Vinschen d82c6f474d * security.h (SID): New macro.
(well_known_*_sid): Change type to cygpsid.
	(cygsid::init): Delete declaration.
	* sec_helper.cc (well_known_*_sid): Define using above SID macro.
	(cygsid::init): Delete.
	* dcrt0.cc (dll_crt0_0): Do not call cygsid::init.
	* security.cc (get_user_local_groups): Change the second argument type
	to cygpsid.
2004-02-05 17:23:19 +00:00
Christopher Faylor 2e008fb91f Change use of BOOL, TRUE, FALSE to bool, true, false, as appropriate,
throughout.
* tty.cc (tty::common_init): Remove call to SetKernelObjectSecurity and edit
some comments.
* cygheap.h (init_cygheap::ctty): Add new element.
* devices.in (device::parse): Remove special handling for /dev/tty.
* devices.cc: Regenerate.
* dtable.cc (build_fh_pc): Don't reset /dev/tty device.  Let the device opener
do that.
* fhandler_termios.cc (tty_min::set_ctty): Redefine to _pinfo class.
* fhandler_tty.cc (fhandler_tty_common::set_close_on_exec): Avoid setting
noninherit flag for ctty.
* tty.h: Move BOOLs to bools.
(tty_min::set_ctty): Redeclare to _pinfo class.
* pinfo.cc (_pinfo::set_ctty): Define new function based on tty_min::set_ctty.
Change first argument from tty number to tty_min class.
* pinfo.h (_pinfo::set_ctty): Declare.
* fhandler_console.cc (fhandler_console::get_tty_stuff): Reflect move of
set_ctty to _pinfo class.
* fhandler_tty.cc (fhandler_tty_slave::open): Treat FH_TTY specially.  Use
saved cygheap value if it exists.  Otherwise convert to real device and save on
first time open.
(fhandler_tty_common::dup): Potentially set controlling tty if duping a slave
tty.
* syscalls.cc (setsid): Close controlling tty in cygheap.
* tty.cc: Change some BOOLs to bools.
2003-12-07 22:37:12 +00:00
Corinna Vinschen 145b4dc249 Substitute 0x7fffffff and 0xffffffff by INT32_MAX and UINT32_MAX
throughout, except in assembler code.
2003-12-03 16:35:52 +00:00
Corinna Vinschen 12069cf31b * dir.cc (mkdir): Use local security_descriptor. Call
set_security_attribute appropriately.
	* external.cc (cygwin_internal): Ditto.
	* fhandler.cc (fhandler_base::open): Ditto.
	* fhandler_socket.cc (fhandler_socket::bind): Ditto.
	* path.cc (symlink_worker): Ditto.
	* sec_acl.cc (setacl): Ditto. Call read_sd appropriately.
	(getace): Ditto.
	* sec_helper.cc (security_descriptor::malloc): New method.
	(security_descriptor::realloc): New method.
	(security_descriptor::free): New method.
	* security.cc (read_sd): Get security_descriptor as parameter instead
	of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
	Allocate the security_descriptor buffer according to size returned by
	a call to GetFileSecurity. Return buffer size on success.
	(write_sd): Get security_descriptor as parameter instead of
	PSECURITY_DESCRIPTOR and a size.
	(get_nt_attribute): Use local security_descriptor.
	(get_nt_object_attribute): Ditto in case of type == SE_REGISTRY_KEY.
	Allocate security_descriptor buffer according to size returned by
	a call to RegGetKeySecurity.
	(alloc_sd): Make static. Get security_descriptor as parameter instead
	of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
	(set_security_attribute): Get security_descriptor as parameter instead
	of PSECURITY_DESCRIPTOR and a size.
	(set_nt_attribute): Use local security_descriptor.
	(check_file_access): Ditto.
	* security.h: Add class security_descriptor.
	(read_sd): Change declaration to get security_descriptor as parameter
	instead of PSECURITY_DESCRIPTOR and a size.
	(write_sd): Ditto.
	(set_security_attribute): Ditto.
	(alloc_sd): Remove declaration.
	* thread.cc (semaphore::semaphore): Use local security_descriptor. Call
	set_security_attribute appropriately.
2003-11-26 13:23:27 +00:00
Corinna Vinschen 3db690789f * sec_acl.h (getace): Use FILE_*_BITS as permission mask.
* security.cc (get_attribute_from_acl): Ditto.
	* security.h (FILE_READ_BITS): Define to match also GENERIC bits.
	(FILE_WRITE_BITS): Ditto.
	(FILE_EXEC_BITS): Ditto.
2003-11-26 10:52:21 +00:00
Pierre Humblet 9808b5c420 2003-10-16 Pierre Humblet <pierre.humblet@ieee.org>
* syscalls.cc (seteuid32): Always construct a default DACL including
	the new sid, Admins and SYSTEM and copy it to the new thread token.
	* security.cc (create_token): Use a NULL default DACL in NtCreateToken.
2003-10-16 23:20:41 +00:00
Christopher Faylor cd2bce7142 * include/tzfile.h: Add some missing entries. 2003-09-25 03:51:51 +00:00
Christopher Faylor 7ac6173643 * devices.cc: New file.
* devices.gperf: New file.
* devices.shilka: New file.
* cygwin-gperf: New file.
* cygwin-shilka: New file.
* fhandler_fifo.cc: New file.
* fhandler_nodevice.cc : New file.  Reorganize headers so that path.h precedes
fhandler.h throughout.  Remove device argument and unit arguments from fhandler
constructors throughout.  Remove pc arguments to fhandler functions and use
internal pc element instead, throughout.  Use dev element in pc throughout.
Use major/minor elements rather than units and device numbers previously in
fhandler class.  Use correct methods for fhandler file names rather than
directly accessing file name variables, throughout.
* Makefile.in (DLL_OFILES): Add devices.o, fhandler_fifo.o
* dcrt0.cc (dll_crt0_1): Call device::init.
* devices.h: Renumber devices based on more Linux-like major/minor numbers.
Add more devices.  Declare standard device storage.
(device): Declare struct.
* dir.cc (opendir): Use new 'build_fh_name' to construct a fhandler_* type.
* dtable.cc (dtable::get_debugger_info): Ditto.
(cygwin_attach_handle_to_fd): Ditto.
(dtable::release): Remove special FH_SOCKET case in favor of generic
"need_fixup_before" test.
(dtable::init_std_file_from_handle): Use either build_fh_dev or build_fh_name
to build standard fhandler.
(dtable::build_fh_name): Renamed from dtable::build_fhandler_from_name.  Move
out of dtable class.  Don't accept a path_conv argument.  Just build it here
and pass it to:
(build_fh_pc): Renamed from dtable::build_fhandler.  Move out of dtable class.
Use intrinsic device type in path_conv to create new fhandler.
(build_fh_dev): Renamed from dtable::build_fhandler.  Move out of dtable class.
Simplify arguments to just take new 'device' type and a name.  Just return
pointer to fhandler rather than trying to insert into dtable.
(dtable::dup_worker): Accommodate above build_fh name changes.
(dtable::find_fifo): New (currently broken) function.
(handle_to_fn): Use strechr for efficiency.
* dtable.h: Reflect above build_fh name changes and argument differences.
(fhandler_base *&operator []): Return self rather than copy of self.
* fhandler.cc (fhandler_base::operator =): Use pc element to set normalized
path.
(fhandler_base::set_name): Ditto.
(fhandler_base::raw_read): Use method to access name.
(fhandler_base::write): Correctly use get_output_handle rather than get_handle.
(handler_base::device_access_denied): New function.
(fhandler_base::open): Eliminate pc argument and use pc element of
fhandler_base throughout.
(fhandler_base::fstat): Detect if device is based in filesystem and use
fstat_fs to calculate stat, if so.
(fhandler_base::fhandler_base): Eliminate handling of file names and, instead,
just free appropriate component from pc.
(fhandler_base::opendir): Remove path_conv parameter.
* fhandler.h: Remove all device flags.
(fhandler_base::pc): New element.
(fhandler_base::set_name): Change argument to path_conv.
(fhandler_base::error): New function.
(fhandler_base::exists): New function.
(fhandler_base::pc_binmode): New function.
(fhandler_base::dev): New function.
(fhandler_base::open_fs): New function.
(fhandler_base::fstat_fs): New function.
(fhandler_base::fstat_by_name): New function.
(fhandler_base::fstat_by_handle): New function.
(fhandler_base::isfifo): New function.
(fhandler_base::is_slow): New function.
(fhandler_base::is_auto_device): New function.
(fhandler_base::is_fs_special): New function.
(fhandler_base::device_access_denied): New function.
(fhandler_base::operator DWORD&): New operator.
(fhandler_base::get_name): Return normalized path from pc.
(fhandler_base::get_win32_name): Return windows path from pc.
(fhandler_base::isdevice): Renamed from is_device.
(fhandler_base::get_native_name): Return device format.
(fhandler_fifo): New class.
(fhandler_nodevice): New class.
(select_stuff::device_specific): Remove array.
(select_stuff::device_specific_pipe): New class element.
(select_stuff::device_specific_socket): New class element.
(select_stuff::device_specific_serial): New class element.
(select_stuff::select_stuff): Initialize new elements.
* fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Move to base class
from fhandler_disk_file.
(fhandler_base::fstat_by_name): Ditto.
(fhandler_base::fstat_by_name): Ditto.
(fhandler_disk_file::open): Move most functionality into
fhandler_base::open_fs.
(fhandler_base::open_fs): New function.
(fhandler_disk_file::close): Move most functionality into
fhandler_base::close_fs.
(fhandler_base::close_fs): New function.
* fhandler_mem.cc (fhandler_dev_mem::open): Use device name in debugging
output.
* fhandler_socket.cc (fhandler_socket::set_connect_secret): Copy standard
urandom device into appropriate place.
(fhandler_socket::accept): Reflect change in fdsock return value.
* fhandler_tty.cc: See "throughouts" above.
* net.cc: Accommodate fdsock change throughout.
(fdsock): Return success or failure, accept fd argument and device argument.
* path.cc (symlink_info::major): New element.
(symlink_info::minor): New element.
(symlink_info::parse_device): Declare new function.
(fs_info::update): Accommodate changes in path_conv class.
(path_conv::fillin): Ditto.
(path_conv::return_and_clear_normalized_path): Eliminate.
(path_conv::set_normalized_path): New function.
(path_conv::path_conv): Set info in dev element.  Use path_conv methods Check
for FH_FS rather than FH_BAD to indicate when to fill in filesystem stuff.
where appropriate rather than direct access.  Use set_normalized_path to set
normalized path.
(windows_device_names): Eliminate.
(get_dev): Ditto.
(get_raw_device_number): Ditto.
(get_device_number): Ditto.
(win32_device_name): Call new device name parser to do most of the heavy
lifting.
(mount_info::conv_to_win32_path): Fill in dev field as appropriate.
(symlink_worker): Handle new device files.
(symlink_info::check): Ditto.
(symlink_info::parse_device): Define new function.
* path.h (executable_states): Move here from fhandler.h.
(fs_info): Rename variables to *_storage and create methods for accessing same.
(path_conv): Add dev element, remove devn and unit and adjust inline methods to
accommodate.
(set_normalized_path): Declare new function.
* pinfo.cc (_pinfo::commune_recv): Add broken support for handling fifos.
(_pinfo::commune_send): Ditto.
* pipe.cc (fhandler_pipe::close): check for existence of handle before closing
it.
(handler_pipe::create): Rename from make_pipe.  Change arguments to accept
fhandler_pipe array.  Accommodate fifos.
(pipe): Rework to deal with fhandler_pipe::create changes.
(_pipe): Ditto.
* select.cc: Use individual device_specific types throughout rather than
indexing with obsolete device number.
(set_bits): Use is_socket call rather than checking device number.
* shared_info.h (CURR_MOUNT_MAGIC): Update.
(conv_to_win32_path): Reflect addition of device argument.
* syscalls.cc (mknod_worker): New function.
(open): Use build_fh_name to build fhandler.
(chown_worker): Detect if this is an 'auto' device rather than an on-filesystem
device and handle appropriately.
(chmod_device): New function.
(chmod): Detect if this is an 'auto' device rather than an on-filesystem device
and handle appropriately.  Use chmod_device to set mode of in-filesystem
devices.
(stat_worker): Eliminate path_conv argument.  Call build_fh_name to construct
fhandler.  Use fh->error() rather than pc->error to detect errors in fhandler
construction.
(access_worker): New function pulled from access.  Accommodate in-filesystem
devices.
(access): Use access_worker.
(fpathconf): Detect if this is an 'auto' device rather than an on-filesystem
device and handle appropriately.
(mknod_worker): New function.
(mknod32): New function.
(chroot): Free normalized path -- assuming it was actually cmalloced.
* tty.cc (create_tty_master): Tweak for new device class.
(tty::common_init): Ditto.
* winsup.h (stat_worker): Remove.
(symlink_worker): Declare.
* exceptions.cc (set_process_mask): Just call sig_dispatch_pending and don't
worry about pending_signals since sig_dispatch_pending should always do the
right thing now.
(sig_handle): Reorganize SIGCONT handling to more closely conform to SUSv3.
* pinfo.h: Move __SIG enum to sigproc.h.
(PICOM_FIFO): New enum element.
(_pinfo): Remove 'thread2signal' stuff throughout class.
(_pinfo::commune_send): Make varargs.
(_pinfo::sigtodo): Eliminate.
(_pinfo::thread2signal): Ditto.
* signal.cc (kill_worker): Eliminate call to setthread2signal.
* sigproc.cc (local_sigtodo): Eliminate.
(getlocal_sigtodo): Ditto.
(sigelem): New class.
(pending_signals): New class.
(sigqueue): New variable, start of sigqueue linked list.
(sigcatch_nonmain): Eliminate.
(sigcatch_main): Eliminate.
(sigcatch_nosync): Eliminate.
(sigcomplete_nonmain): Eliminate.
(pending_signals): Eliminate.
(sig_clear): Call signal thread to clear pending signals, unless already in
signal thread.
(sigpending): Call signal thread to get pending signals.
(sig_dispatch_pending): Eliminate use of pending_signals and just check
sigqueue.
(sigproc_terminate): Eliminate all of the obsolete semaphore stuff.  Close
signal pipe handle.
(sig_send): Eliminate all of the obsolete semaphore stuff and use pipe to send
signals.
(getevent): Eliminate.
(pending_signals::add): New function.
(pending_signals::del): New function.
(pending_signals::next): New function.
(wait_sig): Eliminate all of the obsolete semaphore stuff.  Use pipe to
communicate and maintain a linked list of signals.
* sigproc.h: Move __SIG defines here.  Add __SIGPENDING.
(sig_dispatch_pending): Remove "C" specifier.
(sig_handle): Accept a mask argument.
* thread.cc: Remove signal handling considerations throughout.
2003-09-25 00:37:18 +00:00
Pierre Humblet c61ada9bd3 2003-09-15 Pierre Humblet <pierre.humblet@ieee.org>
* security.h (__sec_user): Add "access2" argument.
	(sec_acl): Add "original" and "access2" arguments.
	(sec_user): Add "sid2" and "access2" argument. Remove dependence on
	allow_ntsec.
	(sec_user_nih): Ditto.
	* sec_helper.cc (__sec_user): Add "has_security" test.
	Call sec_acl with new arguments, letting it handle original_sid.
	(sec_acl): Add "original" and "access2" arguments. Handle original_sid
	depending on flag but avoiding duplicates. Use "access2" for sid2.
	* pinfo.cc (pinfo::init): Use security attributes created by sec_user
	when creating the mapping.
	* security.cc (create_token): Adjust arguments in call to sec_acl.
	Call sec_user instead of __sec_user.
	* syscall.cc (seteuid32):  Adjust arguments in call to sec_acl. Remove
	now unnecessary test. Remove useless conversions to psid.
	* dcrt0.cc (dll_crt0_1): Call cygsid::init before pinfo_init.
2003-09-16 00:45:50 +00:00
Christopher Faylor df04ae29b2 * exceptions.cc (ctrl_c_handler): Send SIGHUP when events occur only if there
is a tty associated with the process.  Send SIGHUP on CTRL_LOGOFF_EVENT.
* fhandler_tty.cc (fhandler_tty_slave::open): Adjust console open handle
counter regardless of whether this is a pty or tty.
(fhandler_tty_slave::open): Ditto.
(fhandler_tty_slave::dup): Ditto.
(fhandler_tty_common::set_close_on_exec): Ditto.
(fhandler_tty_master::init_console): Decrement console open handle counter
after init since it will now be handled by all tty open.
* syscalls.cc (setsid): Rework debugging output slightly.
2003-07-26 04:53:59 +00:00
Pierre Humblet b4ece40c0f 2003-07-18 Pierre Humblet <pierre.humblet@ieee.org>
* security.cc (verify_token): Fix white space and style.
        Use type bool instead of BOOL and char. Use alloca
        instead of malloc and free for my_grps.
2003-07-18 02:14:42 +00:00
Corinna Vinschen ea3ba11499 * cygheap.h (class cygheap_user): Use INVALID_HANDLE_VALUE as invalid
value for tokens.
	* syscalls.cc (seteuid32): Ditto.  Set new_token to process token if
	process token is suitable.
	* uinfo.cc (uinfo_init): Initialize tokens in cygheap user info
	to INVALID_HANDLE_VALUE.

	* cygheap.h (enum impersonation): Delete.
	(cygheap_user::impersonation_state): Delete.
	(cygheap_user::current_token): New.
	(cygheap_user::issetuid): Modify to use current_token.
	(cygheap_user::token): Ditto.
	(cygheap_user::deimpersonate): Ditto.
	(cygheap_user::reimpersonate): Ditto.
	(cygheap_user::has_impersonation_tokens): Ditto.
	(cygheap_user::close_impersonation_tokens): Ditto.
	* security.cc (cygwin_set_impersonation_token): Always set the token.
	(verify_token): Change type of gsid to cygpsid.
	(get_file_attribute): Use the effective ids.
	* syscalls.cc (seteuid32): Modify to use cygheap_user::current_token.
	* uinfo.cc (uinfo_init) Do not set cygheap->user.impersonation_state.
2003-07-14 17:04:21 +00:00
Christopher Faylor 3872e9a419 * Makefile.in: Remove cygserver stuff.
* acconfig.h: Add USE_CYGSERVER define.
* config.h.in: Regenerate.
* configure.in: Add --enable-server setting.
* configure: Regenerate.
* fhandler_tty.cc (fhandler_tty_slave::open): Conditionalize compilation of
cygserver stuff.
* fork.cc (fork_child): Ditto.
* shm.cc: Ditto.
* tty.cc (tty::common_init): Ditto.
* dcrt0.cc: Use bool rather than BOOL for CYGWIN environment variable
definitions.
* environ.cc: Ditto.
* ntea.cc: Ditto.
* security.cc: Ditto.
* security.h: Ditto.
* syscalls.cc (check_posix_perm): Remove externs that were already declared in
a header.
* winsup.h: Ditto.  Declare _MT_SAFE here.  Delete it someday since cygwin
should always be _MT_SAFE.
2003-07-02 03:16:00 +00:00
Corinna Vinschen 70249d5687 * cygheap.h (enum impersonation): New enum.
(cygheap_user::token): Delete.
	(cygheap_user::impersonated): Delete.
	(cygheap_user::external_token): New member.
	(cygheap_user::internal_token): New member.
	(cygheap_user::impersonation_state): New member.
	(cygheap_user::issetuid): Modify.
	(cygheap_user::token): New method.
	(cygheap_user::deimpersonate): New method.
	(cygheap_user::reimpersonate): New method.
	(cygheap_user::has_impersonation_tokens): New method.
	(cygheap_user::close_impersonation_tokens): New method.
	* dtable.cc (dtable::vfork_child_dup): Use new cygheap_user methods.
	* fhandler_socket.cc (fhandler_socket::dup): Ditto.
	* fork.cc (fork_child): Ditto.
	(fork_parent): Ditto.
	* grp.cc (internal_getgroups): Ditto.
	* security.cc (verify_token): Ditto.
	(check_file_access): Ditto.
	(cygwin_set_impersonation_token): Detect conflicts. Set
	user.external_token.
	* spawn.cc (spawn_guts): Use new cygheap_user methods.
	* syscalls.cc (seteuid32): Rearrange to use the two tokens
	in cygheap_user.
	(setegid32): Use new cygheap_user methods.
	* uinfo.cc: (internal_getlogin): Ditto.
2003-06-30 13:07:36 +00:00
Christopher Faylor c433f4617f Throughout, remove "include <errno.h>" from files which already include
cygerrno.h.
* include/cygwin/config.h (__DYNAMIC_REENT__): Define.
* include/cygwin/version.h: Bump API minor version.
* cygwin.din: Export __getreent
* cygerrno.h: Include errno.h.  Fix places where _impure_ptr is used directly
to store the errno value.
* debug.cc (__set_errno): Ditto.
* errno.cc: Remove _RRENT_ONLY define to get errno.cc compiled.
* signal.cc: Rename _reent_clib to _REENT throughout.
* thread.h (reent_clib): Remove prototype.
* thread.cc (reent_clib): Rename reent_clib to __getreent.  Return _impure_ptr
until MTinterface is initialized.
(reent_winsup): Fix a possible SEGV when _r == NULL.  Return NULL instead.
* MTinterface::fixup_after_fork: Switch reent back to _impure_ptr to keep
signal handling running when fork is called from a thread other than the
mainthread.
2003-06-16 03:24:13 +00:00
Corinna Vinschen 2e23862a8a * security.cc (get_info_from_sd): New function.
(get_nt_attribute): Only call read_sd and get_info_from_sd.
	Return void.
	(get_file_attribute): Move sd error handling to get_info_from_sd.
	and symlink handling to fhandler_disk_file::fstat_helper.
	(get_nt_object_attribute): Only call read_sd and get_info_from_sd.
	Return void.
	(get_object_attribute): Remove symlink handling and simply return -1
	when ntsec is off.
	* fhandler_disk_file.cc (fhandler_disk_file::fstat_helper): For
	symlinks set the attribute, call get_file_attribute to get the ids
	and return.  In the normal case call get_file_attribute with the
	addresses of the buffer ids and do not recheck if the file is a socket.
2003-04-11 09:38:07 +00:00
Corinna Vinschen 2d388e433f * fhandler.cc (fhandler_base::fstat): Set the uid and gid fields
from the current effective ids.
	* fhandler_socket.cc (fhandler_socket::fstat): Keep the uid and gid set
	by fhandler_base::fstat.
	* security.cc (get_nt_attribute): Do not test wincap.has_security ().
	(get_nt_object_attribute): Ditto.
	(get_file_attribute): Add test for wincap.has_security ().
	(get_object_attribute): Ditto.
2003-04-01 17:17:46 +00:00
Corinna Vinschen 98b36ec8ed * autoload.cc: added RegGetKeySecurity()
* security.cc (get_nt_object_attribute): use RegGetKeySecurity() for
	performance.
2003-03-27 09:40:25 +00:00
Corinna Vinschen b1897d27a8 * fhandler_disk_file.cc (fhandler_disk_file::fstat_helper): Fix
wrong usage of S_IFDIR.
	* security.cc (get_attribute_from_acl): Ditto.
	(get_file_attribute): Fix wrong usage of S_IFLNK.
	(get_object_attribute): Ditto.
	(alloc_sd): Fix wrong usage of S_IFDIR.
	* syscalls.cc (chmod): Allow chmod'ing of socket files.
2003-03-19 21:34:38 +00:00
Corinna Vinschen 556ceaeb58 * sec_acl.cc (setacl): Don't handle DELETE flag specially.
* security.cc (alloc_sd): Ditto.
2003-03-10 16:25:48 +00:00
Christopher Faylor a113a3c540 whitespace cleanup 2003-03-09 20:31:07 +00:00
Corinna Vinschen cf762b08cf * dtable.cc (dtable::build_fhandler_from_name): Set some fhandler
data on sockets to evaluate AF_LOCAL sockets correctly.
	(dtable::build_fhandler): Set unit number on sockets.
	* fhandler.h (fhandler_socket): Add unit number.
	(fhandler_socket::get_unit): New method.
	* fhandler_socket.cc (fhandler_socket::fhandler_socket): Set unit
	number.
	(fhandler_socket::fstat): Reorganize to return more Linux-like
	values.
	* net.cc: include ctype.h.
	(fdsock): Set unit number when building fhandler.
	* path.cc (path_conv::check): Set device type to FH_SOCKET if file
	is a AF_UNIX socket.
	(get_devn): Evaluate unit for virtual socket devices.
	(win32_device_name): Set windows path for sockets to unix_path with
	just backslashes to keep the different names.
	* syscalls.cc (fstat64): Don't override st_ino, st_dev and st_rdev
	for sockets.
	(stat_worker): Ditto.

From Pierre Humblet:

	* autoload.cc (AccessCheck): Add.
	(DuplicateToken): Add.
	* security.h (check_file_access): Declare.
	* syscalls.cc (access): Convert path to Windows, check existence
	and readonly attribute. Call check_file_access instead of acl_access.
	* security.cc (check_file_access): Create.
	* sec_acl (acl_access): Delete.
2003-02-21 14:29:18 +00:00
Christopher Faylor 407b8df695 * include/cygwin/in.h (in_attr_t): Define new type.
* include/arpa/inet.h (inet_addr): Change return type to in_addr_t.
(inet_lnaof): Ditto.
(inet_netof): Ditto.
(inet_network): Ditto.
* include/cygwin/types.h: Move many *_t typedefs here.  Protect them with
ifdefs.
* fhandler_disk_file.cc (fhandler_disk_file::fstat): Change ntsec_atts to
mode_t.
* security.cc (get_attribute_from_acl): Accept mode_t attribute.
(get_nt_attribute): Ditto.
(get_file_attribute): Ditto.
(get_nt_object_attribute): Ditto.
(get_object_attribute): Ditto.
* security.h: Reflect above changes.
* syscalls.cc (chown_worker): Change attrib to mode_t.
2003-02-10 22:43:29 +00:00
Corinna Vinschen 62cd433e98 * sec_acl.cc (setacl): Move all permission settings to beginning of
loop.  Set default rights to same values as in alloc_sd().  Set DELETE
	for owner and default owner only if S_IWOTH is given.

	* sec_acl.cc: Change all  __aclent16_t to  __aclent32_t except in
	wrapper function definitions. Replace call to the aclXYZ functions by
	calls aclXYZ32.
	(searchace): Change type of third argument to __uid32_t and use
	ILLEGAL_UID instead of -1;
	(setacl): Remove some initializations. Only give STANDARD_RIGHTS_WRITE
	for S_IWOTH. Replace -1 by ILLEGAL_UID.
	(getacl): Change type of owner_sid, group_sid and ace_sid to cygpsid.
	In last else clause, suppress second call to ace_sid.get_id and use
	TRUE in first call. Replace EqualSid by ==.
	(acl_access): Call internal_getgroups in USER and GROUP cases.
	(acecmp: Define static.
	(acl32): Create from 16 bit type.
	(facl32): Ditto.
	(lacl32): Ditto.
	(aclcheck32): Ditto.
	(aclsort32): Ditto.
	(acltomode32): Ditto.
	(aclfrommode32): Ditto.
	(acltopbits32): Ditto.
	(aclfrompbits32): Ditto.
	(acltotext32): Ditto.
	(aclfromtext32): Ditto, and use strechr.
	(acl16to32): Create.
	(acl): Make it a wrapper function.
	(facl): Ditto.
	(lacl): Ditto.
	(aclcheck): Ditto.
	(aclsort): Ditto.
	(acltomode): Ditto.
	(aclfrommode): Ditto.
	(acltopbits): Ditto.
	(aclfrompbits): Ditto.
	(acltotext): Ditto.
	(aclfromtext): Ditto.
	* security.cc (write_sd): Call set_process_privilege and check
	ownership.
	(alloc_sd): Remove call to set_process_privilege and the owner check.
2003-02-05 16:15:22 +00:00
Corinna Vinschen 0c8455c344 * sec_helper.cc (get_sids_info): New function.
* security.cc (extract_nt_dom_user): Simplify with strechr.
	(get_user_groups): Initialize glen to MAX_SID_LEN.
	(get_user_local_groups): Ditto.
	(get_attribute_from_acl): Define ace_sid as cygpsid.
	(get_nt_attribute): Define owner_sid and group_sid as cygpsid.
	Call get_sids_info instead of cygsid.get_{u,g}id and is_grp_member.
	(get_nt_object_attribute): Ditto.
	(alloc_sd): Define ace_sid as cygpsid.
2003-02-05 13:47:47 +00:00
Corinna Vinschen 3dbafd873e * path.cc (symlink): Create security attributes so that only the
user can modify the symlink.
	* security.cc (set_security_attribute): Remove symlink special
	handling.
2003-02-04 19:26:01 +00:00
Corinna Vinschen 153e83c605 * security.h: Add third argument to set_process_privilege.
* autoload.cc: Add OpenThreadToken.
	* sec_helper.cc (set_process_privilege): Add and use use_thread
	argument.
	* security.cc (alloc_sd): Modify call to set_process_privilege.
	Remember the result in each process. If failed and file owner is not
	the user, fail.
2003-02-03 15:55:20 +00:00
Christopher Faylor 9a75162166 * uinfo.cc (pwdgrp::load): Regularize strace output. Add warning for
CreateFile failure.
2003-01-26 06:42:40 +00:00
Corinna Vinschen ab2dbccc11 * sec_acl.cc (search_ace): Use id == -1, instead of < 0, as wildcard.
(setacl): Start the search for a matching default at the next entry.
	Invalidate the type of merged entries instead of clearing it.
	Use well_known_creator for default owner and owning group and do
	not try to merge non-default and default entries in these cases.
	(getacl): Recognize well_known_creator for default owner and group.
	(acl_worker): Improve errno settings and streamline the nontsec case.
	* security.cc (write_sd): Remove the call to set_process_privilege.
	(alloc_sd): If the owner changes, call set_process_privilege and return
	immediately on failure. Change inheritance rules: on new directories add
	inherit only allow ACEs for creator_owner, creator_group and everyone.
	Preserve all inheritances through chmod and chown calls. Introduce
	isownergroup to implement the uid == gid case, to keep the inheritance
	code simple. Do not initialize owner_sid and group_sid and stop using
	the variable psd.
2003-01-12 11:38:51 +00:00
Corinna Vinschen 3eb27a4e9e * security.cc (get_nt_attribute): Always return -1 when read_sd()
fails.
	(get_file_attribute): Set permissions to 0 and owner/group to -1
	if security descriptor is unreadable.
2003-01-09 11:44:17 +00:00
Corinna Vinschen 6e8a0232df * security.cc (get_user_local_groups): Use LookupAccountSid to find the
local equivalent of BUILTIN.
2002-12-14 16:57:25 +00:00
Corinna Vinschen d6ffc07588 2002-12-10 Pierre Humblet <pierre.humblet@ieee.org>
* pwdgrp.h (pwdgrp_check::pwdgrp_state): Replace by
	pwdgrp_check::isinitializing ().
	(pwdgrp_check::isinitializing): Create.
	* passwd.cc (grab_int): Change type to unsigned, use strtoul and
	set the pointer content to 0 if the field is invalid.
	(parse_pwd): Move validity test after getting pw_gid.
	(read_etc_passwd): Replace "passwd_state <= " by
	passwd_state::isinitializing ().
	(internal_getpwuid): Ditto.
	(internal_getpwnam): Ditto.
	(getpwent): Ditto.
	(getpass): Ditto.
	* grp.cc (parse_grp): Use strtoul for gr_gid and verify the validity.
	(read_etc_group): Replace "group_state <= " by
	group_state::isinitializing ().
	(internal_getgrgid): Ditto.
	(getgrent32): Ditto.
	(internal_getgrent): Ditto.

2002-12-10  Pierre Humblet <pierre.humblet@ieee.org>

	* security.h: Move declarations of internal_getgrent,
	internal_getpwsid and internal_getgrsid to pwdgrp.h.
	* pwdgrp.h: Declare internal_getpwsid, internal_getpwnam,
	internal_getpwuid, internal_getgrsid, internal_getgrgid,
	internal_getgrnam, internal_getgrent and internal_getgroups.
	Delete "emulated" from enum pwdgrp_state.
	(pwdgrp_check::isuninitialized): Create.
	(pwdgrp_check::pwdgrp_state): Change state to initializing
	rather than to uninitialized.
	(pwdgrp_read::gets): Remove trailing CRs.
	* passwd.cc (grab_string): Don't look for NLs.
	(grab_int): Ditto.
	(parse_pwd): Don't look for CRs. Return 0 if entry is too short.
	(search_for): Delete.
	(read_etc_passwd): Simplify tests to actually read the file.
	Set state to loaded before making internal_getpwXX calls.
	Replace search_for calls by equivalent internal_pwgetXX calls.
	(internal_getpwsid): Use passwd_state.isuninitialized to decide
	to call read_etc_passwd.
	(internal_getpwuid): Create.
	(internal_getpwnam): Create.
	(getpwuid32): Simply call internal_getpwuid.
	(getpwuid_r32): Call internal_getpwuid.
	(getpwnam): Simply call internal_getpwnam.
	(getpwnam_r): Call internal_getpwnam.
	* grp.cc (parse_grp): Don't look for CRs. Adjust blank space.
	(add_grp_line): Adjust blank space.
	(class group_lock): Ditto.
	(read_etc_group): Simplify tests to actually read the file.
	Set state to loaded before making internal_getgrXX calls.
	Replace getgrXX calls by equivalent internal calls.
	(internal_getgrsid): Use group_state.isuninitialized to decide
	to call read_etc_group.
	(internal_getgrgid): Create.
	(internal_getgrnam): Create.
	(getgroups32): Simply call internal_getgrgid.
	(getgrnam32): Simply call internal_getgrnam.
	(internal_getgrent): Call group_state.isuninitialized.
	(internal_getgroups): Create from the former getgroups32, using
	two of the four arguments. Set gid to myself->gid and username
	to cygheap->user.name ().
	(getgroups32): Simply call internal_getgroup.
	(getgroups): Call internal_getgroup instead of getgroups32.
	(setgroups32): Call internal versions of get{pw,gr}XX.
	* sec_helper.cc: Include pwdgrp.h.
	(is_grp_member): Call internal versions of get{pw,gr}XX.
	* security.cc: Include pwdgrp.h.
	(alloc_sd): Call internal versions of get{pw,gr}XX.
	* syscalls.cc: Include pwdgrp.h.
	(seteuid32): Call internal versions of get{pw,gr}XX.
	(setegid32): Ditto.
	* uinfo.cc: Include pwdgrp.h.
	(internal_getlogin): Call internal versions of get{pw,gr}XX.
	(cygheap_user::ontherange): Ditto.
	* sec_acl.cc: Include pwdgrp.h.
	(setacl): Call internal versions of get{pw,gr}XX.
	(acl_access): Ditto and simplify logic.
	(aclfromtext): Ditto.
2002-12-10 12:43:49 +00:00
Corinna Vinschen dbcb75780a * security.cc (get_attribute_from_acl): Always test "anti",
just in case an access_denied ACE follows an access_allowed.
	Handle the case owner_sid == group_sid, with a FIXME.
	Remove unnecessary tests for non-NULL PSIDs.
	(alloc_sd): Use existing owner and group sids if {ug}id == -1.
	Handle case where owner_sid == group_sid.
	Do not call is_grp_member. Try to preserve canonical ACE order.
	Remove unnecessary tests for non-NULL PSIDs. Reorganize
	debug_printf's.
	(get_initgroups_sidlist): Put well_known_system_sid on left
	side of ==.
	(add_access_denied_ace): Only call GetAce if inherit != 0.
	(add_access_allowed_ace): Ditto. Use appropriate sizeof.
	* syscalls.cc (chown_worker): Pass {ug}id equal to -1 to
	alloc_sd, which removes the need to obtain old_{ug}id.
	(chmod): Remove call to get_file_attribute (), simply pass
	{ug}id equal to -1 to alloc_sd.
2002-11-20 09:23:21 +00:00
Christopher Faylor 329b9ead3e * sec_helper.cc (cygsid::get_id): If the sid matches a sid stored in
cygheap->user, return the uid or gid from myself.
* security.cc (alloc_sd): If gid == myself->gid, return the group sid from
cygheap->user.  Remove the test for uid == original_uid, which is
counter-productive.
2002-10-22 16:22:10 +00:00
Christopher Faylor f70389b541 Remove \n from calls to strace class printfs throughout. 2002-09-30 04:35:18 +00:00
Christopher Faylor f789fbbf35 * security.cc (allow_ntsec): Default to zero.
* environ.cc (environ_init): Set allow_ntsec to TRUE by default, assuming OS
allows it.
2002-09-30 03:05:13 +00:00
Christopher Faylor c90e1cf179 * fhandler.cc (fhandler_base::dup): Don't set handle on failure. Caller has
already taken care of that.
* fhandler_console.cc (fhandler_console::open): Initialize handles to NULL.
(fhandler_console::close): Ditto.  GNUify non-GNU formatted functions calls
throughout.
2002-09-22 03:38:57 +00:00
Christopher Faylor 5bf785a017 * cygthread.cc (cygthread::initialized): Avoid copying on fork or some threads
may not end up in the pool.
(cygthread::new): Avoid race when checking for initialized.  Add debugging
code.
* fhandler.cc (fhandler_base::raw_read): Add case for ERROR_INVALID_HANDLE due
to Win95 directories.
(fhandler_base::open): Handle errors due to Win95 directories.
(fhandler_base::close): Add get_nohandle () test.
(fhandler_base::set_close_on_exec): Ditto.
(fhandler_base::fork_fixup): Ditto.
(fhandler_base::lock): Change error code to Posix EINVAL.
(fhandler_base::dup): If get_nohandle (), set new value to INVALID_HANDLE_VALUE
instead of NULL.
* fhandler_disk_file.cc (fhandler_disk_file::fstat): Call fstat_by_name if
get_nohandle ().  Remove extraneous element from strpbrk.
(fhandler_disk_file::open): Remove test for Win95 directory.
* fhandler_random.cc (fhandler_dev_random::open): Add set_nohandle ().
* fhandler_clipboard.cc (fhandler_dev_clipboard::open): Ditto.
* fhandler_zero.cc (fhandler_dev_zero::open): Ditto.
(fhandler_dev_zero::close): Delete.
* fhandler.h (class fhandler_dev_zero): Ditto.
2002-09-19 03:30:20 +00:00
Corinna Vinschen 5a8746b732 * grp.cc (initgroups): Call groups::clear_supp to free the
supplementary group sids that may have been set by setgroups.
	* security.cc (cygsidlist::free_sids): Also zero the class members.
	* security.h (groups::clear_supp): New.
	Rename cygsidlist_unknown to cygsidlist_empty.
2002-09-11 10:37:11 +00:00
Corinna Vinschen 38170b13ea * sec_acl.cc (getacl): Check ace_sid == well_known_world_sid
before owner_sid and group_sid so that well_known_world_sid
	means "other" even when owner_sid and/or group_sid are Everyone.
	* security.cc (get_attribute_from_acl): Created from code common
	to get_nt_attribute() and get_nt_object_attribute(), with same
	reordering as in getacl() above.
	(get_nt_attribute): Call get_attribute_from_acl().
	(get_nt_object_attribute): Ditto.
2002-08-26 09:56:06 +00:00
Corinna Vinschen 23d93d8db7 * security.cc (verify_token): Do not reject a token just because
the supplementary group list is missing Everyone or a groupsid
	equal to usersid, or because the primary group is not in the token,
	as long as it is equal to the usersid.
	* syscalls.cc (seteuid32): Use common code for all successful returns.
	* grp.cc (getgroups32): Never includes Everyone in the output.
2002-08-02 11:00:18 +00:00
Corinna Vinschen 5519d54352 * security.cc: Change some formatting.
* include/cygwin/version.h: Bump API minor version.

        * cygheap.h (class cygheap_user): Add member groups.
        * security.h (class cygsidlist): Add members type and maxcount,
        methods position, addfromgr, alloc_sids and free_sids and
        operator+= (const PSID psid). Modify contains () to call
        position () and optimize add () to use maxcount.
        (class user_groups): Create.
        Update declarations of verify_token and create_token.
        * security.cc (cygsidlist::alloc_sids): New.
        (cygsidlist::free_sids): New.
        (get_token_group_sidlist): Create from get_group_sidlist.
        (get_initgroups_sidlist): Create from get_group_sidlist.
        (get_group_sidlist): Suppress.
        (get_setgroups_sidlist): Create.
        (verify_token): Modify arguments. Add setgroups case.
        (create_token): Modify arguments. Call get_initgroups_sidlist and
        get_setgroups_sidlist as needed. Set SE_GROUP_LOGON_ID from auth_pos
        outside of the loop. Rename the various group sid lists consistently.
        * syscalls.cc (seteuid32): Modify to use cygheap->user.groups.
        (setegid32): Call cygheap->user.groups.update_pgrp.
        * grp.cc (setgroups): Create.
        (setgroups32): Create.
        * uinfo.cc (internal_getlogin): Initialize and update user.groups.pgsid.
        * cygwin.din: Add setgroups and setgroups32.
2002-07-29 12:51:52 +00:00
Christopher Faylor 68fb3cca64 * security.cc (allow_ntsec): Default to on.
(allow_smbntsec): Default to off.
2002-07-25 17:04:13 +00:00
Corinna Vinschen fdb93cd2e1 * security.cc (get_group_sidlist): Create group list from /etc files
even if DC is available but access fails.
2002-07-23 14:34:27 +00:00
Christopher Faylor 44480f46ea white space 2002-07-19 23:48:17 +00:00
Corinna Vinschen 095a1272e8 * security.cc (get_unix_group_sidlist): Create.
(get_supplementary_group_sidlist): Evolve into get_unix_group_sidlist.
	(get_user_local_groups): Add check for duplicates.
	(get_user_primary_group): Suppress.
	(get_group_sidlist): Silently ignore PDC unavailability.
	Call get_unix_group_sidlist() before get_user_local_groups().
	Remove call to get_supplementary_group_sidlist(). Never call
	get_user_primary_group() as the passwd group is always included.
	Add well_known_authenticated_users_sid in only one statement.
2002-07-19 15:04:18 +00:00
Corinna Vinschen 315fb3afb0 * security.cc (get_group_sidlist): Fix formatting. 2002-07-15 09:06:44 +00:00
Corinna Vinschen 891bb974f9 * security.cc (get_logon_server): Interpret a zero length
domain as the local domain.
	(get_group_sidlist): Add authenticated users SID to SYSTEM's group
	list instead of SYSTEM itself.
	(verify_token): Accept the primary group sid if it equals
	the token user sid.
2002-07-02 09:02:53 +00:00
Corinna Vinschen 654bad37a6 * security.h (DONT_INHERIT): Eliminate definition.
(INHERIT_ALL): Ditto.
	(INHERIT_ONLY): Ditto.
	* sec_acl.cc: Use appropriate defines from accctrl.h instead of the
	above throughout.
	* security.cc: Ditto.
2002-07-02 08:11:15 +00:00
Christopher Faylor 74fcdaec20 * autoload.cc (GetSecurityInfo): Define new autoload function.
(RegQueryInfoKeyA): Ditto.
* fhandler.h (fhandler_virtual::fill_filebuf): Change return type to bool.
(fhandler_proc::fill_filebuf): Ditto.
(fhandler_registry::fill_filebuf): Ditto.
(fhandler_process::fill_filebuf): Ditto.
(fhandler_registry::value_name): Add new member.
(fhandler_registry::close): Add new method.
(fhandler_process::p): Remove member.
* fhandler_proc.cc (fhandler_proc::open): Add set_nohandle after calling
superclass method.  Check return value of fill_filebuf.
(fhandler_proc::fill_filebuf): Change return type to bool.  Add return
statement.
* fhandler_process.cc (fhandler_process::open): Add set_nohandle after calling
superclass method.  Remove references to p.  Check return value of
fill_filebuf.
(fhandler_process::fill_filebuf): Change return type to bool.  Don't use
dereference operator on p.  Add return statement.
(fhandler_process::format_process_stat): Fix typo.
* fhandler_registry.cc: Add static open_key declaration.
(fhandler_registry::exists): Assume path is already normalised.  Try opening
the path as a key in its own right first, before reverting to enumerating
subkeys and values of the parent key.
(fhandler_registry::fstat): Add additional code to return more relevant
information about the registry key/value.
(fhandler_registry::readdir): Explicitly set desired access when opening
registry key.  Remove output of buf from debug_printf format string.
(fhandler_registry::open): Use set_io_handle to store registry key handle.  Set
value_name member.  Move code to read a value from the registry to
fill_filebuf.  Add call to fill_filebuf.
(fhandler_registry::close): New method.
(fhandler_registry::fill_filebuf): Change return type to bool.  Add code to
read a value from registry.
(fhandler_registry::open_key): Make function static.  Use KEY_READ as desired
access unless this is the last path component.  Check the return value of
RegOpenKeyEx for an error instead of hKey.
* fhandler_virtual.cc (fhandler_virtual::lseek): Check the return value of
fill_filebuf.
(fhandler_virtual::open): Remove call to set_nohandle.
(fhandler_virtual::fill_filebuf): Change return type to bool.  Add return
statement.
* security.cc (get_nt_object_attribute): New function.
(get_object_attribute): New function.
* security.h (get_object_attribute): New function declaration.
2002-07-02 01:36:15 +00:00
Christopher Faylor fad1c3a8e0 white space 2002-07-01 02:36:04 +00:00
Corinna Vinschen c6d90e842c * security.cc (extract_nt_dom_user): Check for all buffer overflows.
Call LookupAccountSid after trying to get domain & user from passwd.
	(get_group_sidlist): Obtain the domain and user by calling
	extract_nt_dom_user instead of LookupAccountSid.
2002-06-30 13:08:59 +00:00
Christopher Faylor de0557f7a3 * security.cc (get_group_sidlist): Add pw argument and use pw->pw_name in call
to get_supplementary_group_sidlist.
(create_token): Add pw argument and use it in call to get_group_sidlist.
* security.h: Add pw argument in declaration of create_token.
* syscalls.cc (seteuid32): Add pw argument in call to create_token.
2002-06-24 13:01:50 +00:00
Corinna Vinschen 49056987f1 * security.cc (alloc_sd): Carefully check owner_sid again after trying
SIDs from cygheap.
2002-06-21 12:57:19 +00:00
Corinna Vinschen dd0208eb34 * security.cc (alloc_sd): Remove unnecessary retrieval of owner name.
Check uid for current user first and use SIDs from cygheap if so.
	Set errno to EINVAL if user SID isn't retrievable.  Just print user SID
	as debug output.
	Don't bail out if group SID isn't retrievable.  Change debug output
	appropriately.
2002-06-21 12:37:51 +00:00
Christopher Faylor 7c02f861e3 * uinfo.cc (cygheap_user::ontherange): Use env_name for NetUserGetInfo.
(cygheap_user::env_logsrv): Verify env_domain is valid.
* environ.cc: Include child_info.h and keep spenvs[] sorted.
(environ_init): Check child_proc_info instead of myself->ppid_handle.
2002-06-21 05:01:17 +00:00
Christopher Faylor 03a2ce9a36 Use hMainProc where appropriate, throughout.
* environ.cc (spenv::retrieve): Add debugging statements.
* pinfo.cc (set_myself): Don't call strace.hello if already stracing.
* strace.cc (strace): Move NO_COPY keyword so that it will actually take
effect.
2002-06-19 15:27:27 +00:00
Christopher Faylor 5f74ae83e5 * security.cc (get_logon_server): Use strcasematch rather than strcasecmp. 2002-06-13 05:30:49 +00:00
Christopher Faylor 380aaf2d2c * Makefile.in: Ensure that -MD gets added to CFLAGS regardless of CFLAGS
command-line setting.
* cygwin.din: Export sexec* functions as function which returns ENOSYS
(i.e., sexec* is deprecated).
* dtable.cc (dtable::vfork_child_dup): Ensure that impersonation is restored
even on failure.
* exec.cc: Throughout, remove references to sexec* and _spawnve.
* pinfo.h: Remove _spawnve declaration.
* spawn.cc: Rename _spawnve to spawnve and use throughout.
(spawn_guts): Eliminate hToken argument and processing of same.  Just perform
special actions if impersonating.
(spawnve): Rename from _spawnve.
2002-06-11 02:08:00 +00:00
Corinna Vinschen 2e8abfc1c5 * sec_helper.cc (lookup_name): Suppress.
* security.cc (alloc_sd): Remove logsrv argument.
	Remove two calls to lookup_name.
	(set_security_attribute): Remove logsrv argument.
	Remove logsrv argument in call to alloc_sd.
	(set_nt_attribute): Remove logsrv argument.
	Remove logsrv argument in call to set_security_attribute.
	(set_file_attribute): Remove logsrv argument.
	Remove logsrv argument in call to set_nt_attribute.
	(set_file_attribute): Remove logsrv argument.
	Remove logsrv argument in call to set_file_attribute.
	* syscalls.cc (chown_worker): Remove logserver argument in
	call to set_file_attribute.
	(chmod): Ditto.
	* shm.cc (shmget): Remove logsrv argument in call to alloc_sd.
	* uinfo.cc (internal_getlogin): Replace calls to
	lookup_name by call to LookupAccountName.
	* security.h: Remove logsrv in declarations of set_file_attribute
	and alloc_sd. Remove declaration of lookup_name.
2002-06-06 11:17:51 +00:00
Corinna Vinschen 1eb934b7c5 * security.cc (lsa2wchar): Suppressed.
(get_lsa_srv_inf): Suppressed.
	(get_logon_server_and_user_domain): Suppressed.
	(get_logon_server): Essentially new.
	(get_user_groups): Add "domain" argument. Only lookup the
	designated server and use "domain" in LookupAccountName.
	(is_group_member): Simplify the arguments.
	(get_user_local_groups): Simplify the arguments. Do only a
	local lookup. Use "BUILTIN" and local domain in LookupAccountName.
	(get_user_primary_group). Only lookup the designated server.
	(get_group_sidlist): Remove logonserver argument. Do not lookup
	any server for the SYSTEM account.
	(create_token): Delete logonserver and call to get_logon_server.
	Adjust arguments of get_group_sidlist, see above.
	* security.h: Delete declaration of get_logon_server_and_user_domain
	and add declaration of get_logon_server.
	* uinfo.cc (internal_get_login): Call get_logon_server instead of
	get_logon_server_and_user_domain.
2002-06-03 17:04:03 +00:00
Christopher Faylor 6b7cd251c7 Remove unneeded sigproc.h includes throughout.
* fhandler.h (fhandler_proc::fill_filebuf): Take a pinfo argument.
* fhandler_proc.cc (fhandler_proc::get_proc_fhandler): Simplify search for
given pid.
(fhandler_proc::readdir): Assume that pid exists if it shows up in the winpid
list.
* fhandler_process.cc (fhandler_process::open): Simplify search for given pid.
Call fill_filebuf with pinfo argument.
(fhandler_process::fill_filebuf): Pass pinfo here and assume that it exists.
* pinfo.h (pinfo::remember): Define differently if sigproc.h is not included.
* dll_init.cc (dll_list::detach): Don't run destructor on exit.
2002-06-02 06:07:01 +00:00
Corinna Vinschen a8d7ae61e7 Change internal uid datatype from __uid16_t to __uid32_t
throughout.
	* cygwin.din: Export new symbols getpwuid32, getpwuid_r32, getuid32,
	geteuid32, setuid32, seteuid32.
	* passwd.cc (getpwuid32): New function.
	(getpwuid_r32): Ditto.
	* syscalls.cc (seteuid32): Ditto.
	(setuid32): Ditto.
	* uinfo.cc (getuid32): Ditto.
	(geteuid32): Ditto.
	* winsup.h (uid16touid32): New macro, correclt casting from __uid16_t
	to __uid32_t.
	(gid16togid32): Ditto fir gids.
	(getuid32): Declare.
	(geteuid32): Ditto.
	(getpwuid32): Ditto.
	* include/sys/cygwin.h (struct external_pinfo): Add members uid32 and
	gid32.
2002-05-29 15:04:29 +00:00
Corinna Vinschen 7ea70e9970 * security.cc (set_security_attribute): Call getegid32() instead of
getegid().
	* include/cygwin/grp.h: Declare getegid32().
2002-05-28 14:58:13 +00:00
Corinna Vinschen 5719640581 Change internal gid datatype from __gid16_t to __gid32_t
throughout.
	* cygwin.din: Export new symbols chown32, fchown32, getegid32,
	getgid32, getgrgid32, getgrnam32, getgroups32, initgroups32, lchown32,
	setgid32, setegid32, getgrent32.
	* grp.cc (grp32togrp16): New static function.
	(getgrgid32): New function.
	(getgrnam32): Ditto.
	(getgrent32): Ditto.
	(getgroups32): Change name of internal function from getgroups.
	(getgroups32): New function.
	(initgroups32): Ditto.
	* syscalls.cc (chown32): Ditto.
	(lchown32): Ditto.
	(fchown32): Ditto.
	(setegid32): Ditto.
	(setgid32): Ditto.
	* uinfo.cc (getgid32): Ditto.
	(getegid32): Ditto.
	* include/cygwin/grp.h: Remove declaration of getgrgid() and getgrnam().
	Declare getgrgid32() and getgrnam32() instead.  Declare getgid32().
2002-05-28 14:10:55 +00:00
Christopher Faylor 2402700d07 * autoload.cc (LoadFuncEx): Define via new LoadFuncEx2 macro.
(LoadFuncEx2): Adapted from LoadFuncEx.  Provides control of return value for
nonexistent function.
(NtQueryObject): Declare.
(IsDebuggerPresent): Declare via LoadFuncEx2 and always return true if not
available.
* debug.h (being_debugged): Just rely on IsDebuggerPresent return value.
* dtable.cc (handle_to_fn): New function.
(dtable::init_std_file_from_handle): Attempt to derive std handle's name via
handle_to_fn.
(dtable::build_fhandler_from_name): Fill in what we can in path_conv structure
when given a handle and path doesn't exist.
* fhandler.cc (fhandler_base::open): Don't set the file pointer here.  Use
pc->exists () to determine if file exists rather than calling GetFileAttributes
again.
* fhandler.h (fhandler_base::exec_state_isknown): New method.
(fhandler_base::fstat_helper): Add extra arguments to declaration.
(fhandler_base::fstat_by_handle): Declare new method.
(fhandler_base::fstat_by_name): Declare new method.
* fhandler_disk_file (num_entries): Make __stdcall.
(fhandler_base::fstat_by_handle): Define new method.
(fhandler_base::fstat_by_name): Define new method.
(fhandler_base:fstat): Call fstat_by_{handle,name} as appropriate.
(fhandler_disk_file::fstat_helper): Accept extra arguments for filling out stat
structure.  Move handle or name specific stuff to new methods above.
(fhandler_disk_file::open): Use real_path->exists rather than calling
GetFileAttributes again.
* ntdll.h (FILE_NAME_INFORMATION): Define new structure.
(OBJECT_INFORMATION_CLASS): Partially define new enum.
(OBJECT_NAME_INFORMATION): Define new structure.
(NtQueryInformationFile): New declaration.
(NtQueryObject): New declaration.
* path.cc (path_conv::fillin): Define new method.
* path.h (path_conv::fillin): Declare new method.
(path_conv::drive_thpe): Rename from 'get_drive_type'.
(path_conv::volser): Declare new method.
(path_conv::volname): Declare new method.
(path_conv::root_dir): Declare new method.
* syscalls.cc (fstat64): Send real path_conv to fstat as second argument.
2002-05-28 01:55:40 +00:00
Corinna Vinschen 74b2f73ea4 * security.cc (lsa2str): New function.
(get_priv_list): Call lsa2str instead of sys_wcstombs.
2002-05-27 11:58:49 +00:00
Christopher Faylor d7b4a30001 Remove unneeded sync.h, where appropriate, throughout. Remove unneeded heap.h,
where appropriate, throughout.  Remove unneeded exceptions.h, where
appropriate, throughout.  Remove unneeded perprocess.h, where appropriate,
throughout.
2002-05-25 02:22:50 +00:00
Corinna Vinschen 908f9b653b * security.cc (create_token): Call __sec_user() instead of
sec_user() to remove dependence on allow_ntsec. Verify that
	the returned sd is non-null.
2002-05-24 14:44:05 +00:00
Corinna Vinschen 2d6ce5c228 * security.cc (open_local_policy): Initialize lsa to
INVALID_HANDLE_VALUE instead of NULL.
	(get_logon_server_and_user_domain): Test for INVALID_HANDLE_VALUE
	instead of NULL.
	(create_token): Both of the above.
2002-05-21 14:50:26 +00:00
Corinna Vinschen d6dc98256c * fhandler_raw.cc (fhandler_dev_raw::open): Replace set_errno()
by __seterrno_from_win_error().
	* security.cc (open_local_policy): Ditto.
	(get_lsa_srv_inf): Ditto.
	(get_user_groups): Ditto.
	(get_user_primary_group): Ditto.
	(create_token): Ditto.
	(subauth): Ditto.
2002-05-17 09:32:45 +00:00
Corinna Vinschen ebbdc7034b * syscalls.cc (seteuid): Set default dacl in process token.
Replace in-line code by call to verify_token().
	(setegid): Reverse change from 2002-01-21. Add call to
	RevertToSelf and set primary group in impersonation token.
	* security.cc (create_token): Store pgrpsid in token security
	descriptor, except if it already appears in my_grps.
	Use sec_acl() in place of get_dacl().
	(verify_token): Create from code in seteuid(), with tighter checks.
	(get_dacl) Deleted.
	(get_group_sidlist): Add argument to indicate if pgrpsid is already
	in the groups.
	* security.h: Define verify_token().
	* autoload.cc: Load GetKernelObjectSecurity().
2002-05-16 09:30:48 +00:00
Corinna Vinschen 9b15f5fa95 * security.cc (get_lsa_srv_inf): Prevent extraneous backslashes for
the NT Domain case.
2002-04-18 09:11:54 +00:00
Corinna Vinschen c8c3824dc8 * autoload.cc (NetGetDCName): Add symbol.
(NetServerEnum): Remove symbol.
	* security.cc (get_lsa_srv_inf): Call NetGetDCName() instead of
	NetServerEnum() since it's faster.  Don't call it at all if machine
	is not a domain member.
2002-03-07 14:32:53 +00:00
Christopher Faylor cecb74ae47 * fork.cc (fork_parent): Use sec_user_nih to control process/thread
inheritance/permission.
* spawn.cc (spawn_guts): Ditto.
* security.cc (create_token): Initialize token so that it is not tested for
bogus value later.  Use sec_user to control process/thread creation.
* security.h (__sec_user): Rename declaration from sec_user.
(sec_user_nih): Declare here as inline function wrapper for __sec_user.
(sec_user): Ditto.
* sigproc.cc (czombies): Allocate a character array for zombies to avoid
constructor overhead
(extremely hackish, I know).
(cpchildren): Ditto.
(pchildren): New define.
(zombies): Ditto.
(getsem): Use sec_user_nih to control semaphore inheritance/permission.
2002-02-19 05:58:44 +00:00
Corinna Vinschen b31c68c447 * child_info.h, cygheap.h, fhandler_clipboard.cc, fhandler_dsp.cc,
fhandler_floppy.cc, fhandler_mem.cc, fhandler_random.cc,
	fhandler_tape.cc, fhandler_zero.cc, grp.cc, mmap.cc, passwd.cc,
	pinfo.cc, pinfo.h, pipe.cc, sec_acl.cc, sec_helper.cc, security.cc,
	security.h, thread.h, uinfo.cc, include/cygwin/acl.h: Fix copyright.
2002-02-10 13:50:13 +00:00
Corinna Vinschen de4e0d3001 * (child_info.h, cygheap.h, dcrt0.cc, dir.cc, fhandler.cc, fhandler.h,
fhandler_clipboard.cc, fhandler_disk_file.cc, fhandler_dsp.cc,
	fhandler_floppy.cc, fhandler_mem.cc, fhandler_random.cc,
	fhandler_tape.cc, fhandler_zero.cc, grp.cc, mmap.cc, passwd.cc,
	pinfo.cc, pinfo.h, pipe.cc, sec_acl.cc, sec_helper.cc, security.cc,
	security.h, spawn.cc, syscalls.cc, thread.h, uinfo.cc, winsup.h):
	Change usage of uid_t to __uid16_t, gid_t to __gid16_t and
	off_t to __off32_t throughout.  Use INVALID_UID, INVALID_GID and
	INVALID_SEEK instead casting -1 to the appropriate type.
	* winsup.h: Define INVALID_UID, INVALID_GID and INVALID_SEEK.
	* include/cygwin/acl.h: Define internal __aclent16_t and __aclent32_t
	types.  Don't declare acl functions when compiling Cygwin.
	* include/cygwin/grp.h: Declare getgrgid() and getgrnam() with
	correct types for internal usage.
2002-02-10 13:38:51 +00:00
Corinna Vinschen f6fc31e1a9 * security.cc (create_token): Use sec_user() to create
SECURITY_ATTRIBUTES structure for primary token.
2002-01-23 18:35:03 +00:00
Corinna Vinschen 2d3dab2ea5 * security.cc (create_token): Close processes token handle as soon
as it's not used anymore.
2002-01-19 16:06:11 +00:00
Corinna Vinschen 5d3949b064 * security.cc (open_local_policy): Use POLICY_EXECUTE instead of
enumerating user rights.
2001-12-30 17:38:24 +00:00
Corinna Vinschen e37f6c57cd * security.cc (open_local_policy): Initialize lsa handle to NULL.
Request only needed access rights in call to LsaOpenPolicy().
	(create_token): Check for NULL lsa pointer.
2001-12-29 22:03:32 +00:00
Christopher Faylor 9c510edc61 Eliminate excess whitespace. 2001-11-05 06:09:15 +00:00
Corinna Vinschen f41d24a14d * security.cc (get_supplementary_group_sidlist): New function.
(get_group_sidlist): Call get_supplementary_group_sidlist() to
	retrieve list of supplementary groups SIDs from /etc/group and
	add them to the user's group list.
2001-11-03 21:19:50 +00:00
Corinna Vinschen 3d4b75dec2 * security.cc (is_group_member): Call NetLocalGroupGetMembers() for
local machine only.
	(get_user_local_groups): Ditto for NetLocalGroupEnum().
2001-10-30 00:02:36 +00:00
Corinna Vinschen 990690655c * autoload.cc: Add load statement for `NtOpenFile'.
* fhandler.h (fhandler_dev_raw::get_unit): New method.
	(fhandler_dev_tape::norewind): Eliminate.
	(fhandler_dev_tape::is_rewind_device): New method.
	* fhandler_raw.cc (fhandler_dev_raw::open): Open new
	fixed device name devices using NT internal method.
	Keep calling fhandler_base::open() for old mount table
	device mapping compatibility devices.
	(fhandler_dev_raw::fstat): Eliminate.  Settings are done
	by fhandler_base::fstat() already.
	* fhandler_tape.cc: Remove `norewind' usage throughout.
	* ntdll.h: Define FILE_SYNCHRONOUS_IO_NONALERT.
	Define struct _IO_STATUS_BLOCK.
	Declare NtOpenFile().
	* path.cc (get_raw_device_number): Add new approach for
	using fixed device names.
	(win32_device_name): Ditto.
	(get_device_number): Ditto.  Require POSIX path to begin
	with "/dev/".
	(mount_info::conv_to_win32_path): Call win32_device_name()
	instead of get_device_number() after evaluating mount points
	to allow changing the win32 destination path again.
	* security.cc (str2buf2uni): Remove `static' to be able to
	call function from fhandler_dev_raw::open().
	* wincap.cc: Set flag has_raw_devices appropriately.
	* wincap.h: Add flag has_raw_devices.
2001-10-16 14:53:26 +00:00
Corinna Vinschen ba94682838 * Makefile.in: Build wincap.o.
* wincap.cc: New file.
        * wincap.h: Ditto.
        * autoload.cc: Add dynamic load statement for `CreateHardLinkA'.
        * dcrt0.cc (os_being_run): Eliminated.
        (osname): Ditto.
        (iswinnt): Ditto.
        (set_os_type): Ditto.
        (dll_crt0_1): Call wincap.init() instead of set_os_type().
        (_dll_crt0): Ditto.
        * environ.cc (set_chunksize): New function.
        (parse_thing): `forkchunk' setting now invokes function `set_chunksize'.
        * fork.cc (chunksize): Eliminated. Moved to be member of wincap.
        * host_dependent.h: Removed.
        * syscalls.cc (_link): Try using `CreateHardLinkA' first, if available.
        * cygheap.cc, dcrt0.cc, delqueue.cc, dir.cc,
        environ.cc, fhandler.cc, fhandler.h, fhandler_console.cc,
        fhandler_mem.cc, fork.cc, mmap.cc, net.cc, pinfo.cc, pinfo.h,
        security.cc, syscalls.cc, sysconf.cc, syslog.cc, thread.cc,
        times.cc, tty.cc, uinfo.cc, uname.cc, winsup.h: Use new wincap
        capability check throughout.
        * winsup.h: Include wincap.h. Eliminate extern declarations of
        `os_being_run' and `iswinnt'. Eliminate `os_type" definition.
        * include/cygwin/version.h: Bump version to 1.3.4.
2001-09-12 17:46:37 +00:00
Christopher Faylor e3c25c4a47 Update copyrights. 2001-09-11 20:01:02 +00:00
Christopher Faylor 1ff9f4b937 * cygheap.h (init_cygheap): Move heap pointers here.
* include/sys/cygwin.h (perprocess): Remove heap pointers.
* dcrt0.cc (__cygwin_user_data): Reflect obsolete perprocess stuff.
(_dll_crt0): Don't initialize heap pointers.
(cygwin_dll_init): Ditto.
(release_upto): Use heap pointers from cygheap.
* heap.h: Ditto.
* fork.cc (fork_parent): Ditto.  Don't set heap pointers in ch.
(fork_child): Remove obsolete sigproc_fixup_after_fork.
* shared.cc (memory_init): Reorganize so that cygheap initialization is called
prior to regular heap since regular heap uses cygheap now.
* sigproc.cc (proc_subproc): Eliminate zombies allocation.
(sigproc_init): Move zombies alloation here.  Don't free up array on fork, just
reuse it.
(sigproc_fixup_after_fork): Eliminate.
* sigproc.h: Ditto.
* include/cygwin/version.h: Reflect change to perprocess structure.
2001-09-07 21:32:07 +00:00
Christopher Faylor 4ce15a4980 * cygheap.h (init_cygheap): Move bucket array here from cygheap.cc.
* cygheap.cc: Throughout use bucket array from cygheap.
* sigproc.cc (proc_subproc): Dynamically allocate zombie buffer to save DLL
space.
(sigproc_fixup_after_fork): Free zombie array after a fork.
* sigproc.h (sigproc_fixup_after_fork): Declare.
* dir.cc (mkdir): Expand buffer for security descriptor to 4K to avoid stack
corruption.
* fhandler.cc (fhandler_base::open): Ditto.
* path.cc (symlink): Ditto.
2001-09-06 03:39:18 +00:00
Corinna Vinschen dc8c4c68b7 * security.cc (create_token): Change initialization of `exp' to comply
with new LARGE_INTEGER definition in winnt.h.
2001-08-31 19:48:34 +00:00
Corinna Vinschen 2a9366ff49 * security.cc (set_nt_attribute): Return always -1 in case of
a failure.
        * times.cc (utimes): On NTFS with ntsec ON, change the file's
        security descriptor temporarily to acquire write access if
        opening the file failed.
2001-08-15 10:21:39 +00:00
Corinna Vinschen 8c62297ac5 * security.cc (alloc_sd): Revert to setting inheritance attribute for
permissions given to directories. Never set inheritance on NULL ACE.
2001-08-08 10:00:35 +00:00
Corinna Vinschen c0ae23dc47 * security.cc (alloc_sd): Don't set FILE_DELETE_CHILD for group
if S_ISVTX attribute is given.
        * dir.cc (mkdir): Allow immediate setting of S_ISUID, S_ISGID and
        S_ISVTX attribute.
        * syscalls.cc (_open): Ditto.
2001-08-07 16:14:59 +00:00
Corinna Vinschen 86fb039324 * dir.cc (mkdir): Set security attributes correctly for
CreateDirectoryA () call if ntsec is on. Don't call
        set_file_attributes () then.
        * fhandler.cc (fhandler_base::open): Ditto for CreateFileA () call.
        * path.cc (symlink): Ditto.
        * security.cc (set_security_attribute): New function.
        * security.h: Add declaration for `allow_ntea' and
        `set_security_attribute'.
2001-08-07 15:09:54 +00:00
Christopher Faylor e5ba4c060e Throughout, change check for running under Windows NT to 'iswinnt'.
* dcrt0.cc (set_os_type): Set 'iswinnt' appropriately.
* cygheap.cc (init_cheap): Revert to using VirtualAlloc for allocating cygheap.
(cygheap_setup_for_child_cleanup): New function.  Standard function to call
after calling CreateProcess to cleanup cygheap info passed to child.
(cygheap_fixup_in_child): Copy cygheap from shared memory into allocated space
under Windows 9x or if can't relocate shared space under NT.
* cygheap.h: Declare new function.
* spawn.cc (spawn_guts): Use cygheap_fixup_in_child.
* fork.cc (fork_parent): Ditto.
* winsup.h: Declare iswinnt.
2001-08-04 21:10:52 +00:00
Corinna Vinschen 842c741f98 * security.cc (set_file_attribute): Clean up. Don't call
`set_nt_attribute' when ntsec isn't set.
2001-08-02 16:01:47 +00:00
Corinna Vinschen 8b43d2722b * security.cc (get_user_primary_group): Fix compiler warning.
(alloc_sd): Add DELETE permission for user when S_IWUSR is given.
2001-07-27 09:17:57 +00:00
Christopher Faylor 6b91b8d53b Throughout, reorganize header file inclusion to put security.h prior to
fhandler.h.
* fhandler.h (fhandler_base::get_inheritance): New method.
* fhandler_socket.cc (fhandler_socket::create_secret_event): Use proper
close-on-exec inheritance when creating.
(fhandler_socket::check_peer_secret_event): Create handle as non-inheritable.
2001-07-26 19:22:24 +00:00
Corinna Vinschen c9fbce2641 * security.cc (get_user_groups): Call Net function with NULL server
name under specific error conditions.
        (is_group_member): Ditto.
        (get_user_local_groups): Ditto.
        (get_user_primary_group): Ditto.
2001-07-18 12:56:26 +00:00
Corinna Vinschen 3a157c0d0d Change well_known_admin_sid to well_known_admins_sid throughout.
* sec_acl.cc (setacl): Never set DELETE permission. Set
        FILE_DELETE_CHILD only on readable and executable directories.
        * sec_helper.cc: Add constructor for `well_known_null_sid'.
        * security.cc (get_nt_attribute): Set S_ISVTX for directories if
        FILE_WRITE_DATA and FILE_EXECUTE but not FILE_DELETE_CHILD is set.
        Add evaluation of S_ISVTX, S_ISGID and S_ISUID from NULL ACE.
        (alloc_sd): Never set DELETE permission. Set FILE_DELETE_CHILD
        only on readable and executable directories.
        Add creation of NULL ACE for S_ISVTX, S_ISGID and S_ISUID permissions.
        * security.h: Add extern declaration for `well_known_null_sid'.
2001-07-15 22:40:07 +00:00
Corinna Vinschen 5d0cbc17db * security.cc (alloc_sd): Don't set inheritance attribute for
permissions given to directories.
2001-07-09 09:02:41 +00:00
Christopher Faylor 462f4effb1 * mmap.cc: Clean up *ResourceLock calls throughout.
* thread.cc (pthread_cond::TimedWait): Check for WAIT_TIMEOUT as well as
WAIT_ABANDONED.
(__pthread_cond_timedwait): Calculate a relative wait from the abstime
parameter.
2001-06-26 14:47:48 +00:00
Egor Duda 149da470f3 * security.h (NTWriteEA): Change prototype.
* ntea.cc (NTReadEA): Don't check for global ntea setting, now
it's caller responsibility.
(NTWriteEA): Ditto.
* security.cc (get_file_attribute): Read attribute from EA only
if 'ntea' is enabled.
(set_file_attribute): Ditto.
* path.h: (class path_conv): Add members to store file system
information.
(path_conv::get_drive_type): New function.
* syscalls.cc (stat_worker): Use it.
* path.cc (path_conv::update_fs_info): New functions.
(path_conv::check): Get file system information from device where
file resides. On NTFS, try to read symlink contents from EA.
(get_symlink_ea): New function.
(set_symlink_ea): Ditto.
(symlink): Store symlink in extended attribute, if possible.
2001-06-05 10:45:52 +00:00
Christopher Faylor fd047fb9d5 Maintain 80 col line length. 2001-05-31 17:35:32 +00:00
Christopher Faylor ecfb6f11bc * path.cc (chdir): Always send unsigned chars to isspace since newlib's isspace
doesn't deal well with "negative" chars.
* fhandler.cc (fhandler_disk_file::open): Propagate remote status of file
garnered from path_conv.  Move #! checking to fstat.
(fhandler_disk_file::fstat): Reorganize st_mode setting to eliminate
duplication.  Move check for #! here from fhandler::open.
* fhandler.h (fhandler_base::isremote): New method.
(fhandler_base::set_isremote): Ditto.
(fhandler_base::set_execable_p): Also record "don't care if executable state".
(fhandler_base::dont_care_if_execable): New method.
* path.cc (path_conv::check): Clear new flags.  Appropriately set vol_flags,
drive_type, and is_remote_drive.
* path.h: Add new flags and methods for manipulating them.
* syscalls.cc (_unlink): Use isremote() to determine if a path is remote rather
than calling GetDriveType.
(stat_worker): Ditto.
* security.cc (get_file_attribute): Or attribute with result of NTReadEA to be
consistent with get_nt_attribute.
2001-05-31 05:25:46 +00:00
Corinna Vinschen b2939a814c * sec_helper.cc (cygsid::getfrompw): Change parameter to `const'.
(cygsid::getfromgr): Ditto.
        * security.cc: Use `sys_mbstowcs' and `sys_wcstombs' throughout.
        (extract_nt_dom_user): Try to get user and domain from SID in
        pw->pw_gecos first.
        * security.h (class cygsid): Change parameter of getfrompw() and
        getfromgr() to `const'.
        * uinfo.cc (internal_getlogin): Change order for evaluating user
        information in winNT case. Drop usage of NetWkstaUserGetInfo().
2001-05-29 20:43:40 +00:00
Corinna Vinschen e7e956a7db * security.cc (get_file_attribute): Don't set errno. 2001-05-22 15:59:37 +00:00
Corinna Vinschen 1fcc912f13 * autoload.cc: Add load statements for `LookupAccountNameW',
`LsaClose', `LsaEnumerateAccountRights', `LsaFreeMemory',
        `LsaOpenPolicy', `LsaQueryInformationPolicy', `NetLocalGroupEnum',
        `NetLocalGroupGetMembers', `NetServerEnum', `NetUserGetGroups' and
        `NtCreateToken'.
        * ntdll.h: Add declaration for `NtCreateToken'.
        * sec_helper.cc: Add `well_known_local_sid', `well_known_dialup_sid',
        `well_known_network_sid', `well_known_batch_sid',
        `well_known_interactive_sid', `well_known_service_sid' and
        `well_known_authenticated_users_sid'.
        (cygsid::string): Define as const method.
        (cygsid::get_sid): Set psid to NO_SID on error.
        (cygsid::getfromstr): Ditto.
        (cygsid::getfrompw): Simplify.
        (cygsid::getfromgr): Check for gr == NULL.
        (legal_sid_type): Move to security.h.
        (set_process_privilege): Return -1 on error, otherwise 0 or 1 related
        to previous privilege setting.
        * security.cc (extract_nt_dom_user): Remove `static'.
        (lsa2wchar): New function.
        (open_local_policy): Ditto.
        (close_local_policy): Ditto.
        (get_lsa_srv_inf): Ditto.
        (get_logon_server): Ditto.
        (get_logon_server_and_user_domain): Ditto.
        (get_user_groups): Ditto.
        (is_group_member): Ditto.
        (get_user_local_groups): Ditto.
        (sid_in_token_groups): Ditto.
        (get_user_primary_group): Ditto.
        (get_group_sidlist): Ditto.
        (get_system_priv_list): Ditto.
        (get_priv_list): Ditto.
        (get_dacl): Ditto.
        (create_token): Ditto.
        (subauth): Return immediately if SE_TCB_NAME can't be assigned.
        Change all return statements in case of error to jumps to `out'
        label. Add `out' label to support cleanup.
        * security.h: Add extern declarations for `well_known_local_sid',
        `well_known_dialup_sid', `well_known_network_sid',
        `well_known_batch_sid', `well_known_interactive_sid',
        `well_known_service_sid' and `well_known_authenticated_users_sid'.
        Add extern declarations for functions `create_token',
        `extract_nt_dom_user' and `get_logon_server_and_user_domain'.
        (class cygsid): Add method `assign'. Change operator= to call new
        `assign' method. Add `debug_print' method.
        (class cygsidlist): New class.
        (legal_sid_type): Moved from sec_helper.cc to here.
        * spawn.cc (spawn_guts) Revert reversion of previous patch.
        Call `RevertToSelf' and `ImpersonateLoggedOnUser' instead of `seteuid'
        again.
        * syscalls.cc (seteuid): Rearranged. Call `create_token' now when
        needed. Call `subauth' if `create_token' fails. Try setting token
        owner and primary group only if token was not explicitely created
        by `create_token'.
        * uinfo.cc (internal_getlogin): Try harder to generate correct user
        information. Especially don't trust return value of `GetUserName'.
2001-05-20 08:10:47 +00:00
Corinna Vinschen 4293884185 * security.cc (cygwin_set_impersonation_token): Never destroy
previous token object.
        (subauth): Create token source with well defined identifier.
2001-05-17 13:31:45 +00:00
Corinna Vinschen 2b0a111fcf * fork.cc (fork): Eliminate superfluous call to getuid().
* security.h: New define `NO_SID'. Remove declarations of functions
        moved to methods into class cygsid.
        (class cygsid): Declare new methods `getfromstr', `get_sid',
        `getfrompw', `getfromgr', `get_rid', `get_uid', `get_gid', `string'
        and new constructors and operators =, == and !=.
        Declare new global cygsids `well_known_XXX_sid' substituting the
        corresponding `get_XXX_sid' functions. Remove declarations of
        these functions.
        * sec_helper.cc (well_known_admin_sid): New global variable.
        (well_known_system_sid): Ditto
        (well_known_creator_owner_sid): Ditto
        (well_known_world_sid): Ditto
        (cygsid::string): New method, substituting `convert_sid_to_string_sid'.
        (cygsid::get_sid): New method, substituting `get_sid'.
        (cygsid::getfromstr): New method, substituting
        `convert_string_sid_to_sid'.
        (cygsid::getfrompw): New method, substituting `get_pw_sid'.
        (cygsid::getfromgr): New method, substituting `get_gr_sid'.
        (cygsid::get_id): New method, substituting `get_id_from_sid'.
        (get_admin_sid): Eliminated.
        (get_system_sid): Ditto.
        (get_creator_owner_sid): Ditto.
        (get_world_sid): Ditto.
        * grp.cc: Use new cygsid methods and well known sids throughout.
        * registry.cc: Ditto.
        * sec_acl.cc: Ditto.
        * security.cc: Ditto.
        * shared.cc: Ditto.
        * syscalls.cc (seteuid): Ditto. Eliminate redundant conditional.
        * uinfo.cc (internal_getlogin): Ditto.
        * spawn.cc (spawn_guts) Revert previous patch.
2001-05-15 19:23:31 +00:00
Corinna Vinschen a2cdb048f6 * autoload.cc: Add autoload statements for ws2_32 functions
`WSACloseEvent', `WSACreateEvent', `WSAGetOverlappedResult',
        `WSARecv', `WSARecvFrom', `WSASend', `WSASendTo' and `WSASetEvent',
        `WSAWaitForMultipleEvents'.
        * net.cc: Define wsock_evt.
        (wsock_event): New class.
        (cygwin_sendto): Use overlapped socket io if available.
        (cygwin_recvfrom): Ditto.
        (cygwin_recv): Ditto.
        (cygwin_send): Ditto.
        * security.cc (subauth): Set Win32 error to 0 to safely ask for the
        error code of dynamically loaded function `LsaRegisterLogonProcess'.
2001-05-15 08:15:54 +00:00
Corinna Vinschen 5aac6665c7 * security.cc (subauth): Check if Secur32.dll could be loaded. 2001-05-14 14:14:19 +00:00
Corinna Vinschen 57ff940dd4 * autoload.cc: Add LoadDLLinitfunc for secur32.dll.
Add LoadDLLfuncEx statements for AllocateLocallyUniqueId@4,
        DuplicateTokenEx@24, LsaNtStatusToWinError@4,
        LsaDeregisterLogonProcess@4, LsaFreeReturnBuffer@4,
        LsaLogonUser@56, LsaLookupAuthenticationPackage@12,
        LsaRegisterLogonProcess@12,
        * environ.cc: Add extern declaration for `subauth_id'.
        (subauth_id_init): New function for setting `subauth_id'.
        (struct parse_thing): Add entry for `subauth_id'.
        * fork.cc (fork_parent): Call `RevertToSelf' and
        `ImpersonateLoggedOnUser' instead of `seteuid'.
        * security.cc: Define global variable `subauth_id'.
        (extract_nt_dom_user): New function.
        (cygwin_logon_user): Call `extract_nt_dom_user' now.
        (str2lsa): New static function.
        (str2buf2lsa): Ditto.
        (str2buf2uni): Ditto.
        (subauth): Ditto.
        * security.h: Add prototype for `subauth'.
        * spawn.cc (spawn_guts): Use cygheap->user.token only if impersonated.
        Use `cygsid' type. Remove impersonation before allowing access to
        workstation/desktop to everyone. Call `RevertToSelf' and
        `ImpersonateLoggedOnUser' instead of `seteuid'.
        * syscalls.cc (seteuid): Rearranged to allow using subauthentication
        to retrieve user tokens when needed.
2001-04-30 21:19:42 +00:00
Corinna Vinschen 17db110558 * grp.cc: Eliminate MAX_DOMAIN_NAME define.
(read_etc_group): Substitute MAX_DOMAIN_NAME by
        INTERNET_MAX_HOST_NAME_LENGTH.
        * passwd.cc (parse_pwd): Don't force pw_name to be lower case.
        * sec_helper.cc: Substitute MAX_USER_NAME by UNLEN,
        MAX_COMPUTERNAME_LENGTH by INTERNET_MAX_HOST_NAME_LENGTH throughout.
        (lookup_name): Slight cleanup.
        * security.cc (alloc_sd): Substitute MAX_USER_NAME by UNLEN.
        * security.h: Define DEFAULT_UID as DOMAIN_USER_RID_ADMIN and
        DEFAULT_GID as DOMAIN_ALIAS_RID_ADMINS.
        * shared.cc (memory_init): Substitute MAX_USER_NAME by UNLEN.
        * thread.h: Ditto.
        * uinfo.cc (internal_getlogin): Substitute MAX_USER_NAME by UNLEN.
        Substitute MAX_COMPUTERNAME_LENGTH and MAX_HOST_NAME by
        INTERNET_MAX_HOST_NAME_LENGTH.
        * winsup.h: Include lmcons.h. Eliminate MAX_USER_NAME and
        MAX_HOST_NAME. Move DEFAULT_UID and DEFAULT_GID to security.h.
2001-04-30 18:21:48 +00:00
Corinna Vinschen 22ae5a5be8 * security.cc (alloc_sd): Add unrelated ACCESS_ALLOWED_ACE behind
the `everyone' ACE.
2001-04-26 09:21:33 +00:00
Corinna Vinschen d551169a9f * autoload.cc: Add LoadDLLfunc statements for SetTokenInformation@16.
* cygheap.cc: Include security.h.
        * grp.cc (internal_getgrent): New function.
        (getgroups): Rearranged using `internal_getgrent' and the new
        `cygsid' class.
        * passwd.cc (internal_getpwent): New function.
        * sec_acl.cc: Use new `cygsid' class throughout.
        (acl_access): Use `internal_getgrent' instead of `getgrent'.
        * sec_helper.cc: Use new `cygsid' class throughout.
        (get_id_from_sid): Use `internal_getgrent' instead of `getgrent'.
        Use `internal_getpwent' instead of `getpwent'.
        * security.cc: Use new `cygsid' class throughout.
        * security.h: Move `MAX_SID_LEN' from winsup.h to here.
        Add extern declarations for `internal_getgrent' and `internal_getpwent'.
        (class cygsid): New class.
        * shared.cc (sec_user): Use new `cygsid' class.
        * syscalls.cc (seteuid): Try to set owner to user and primary group to
        current group in impersonation token before performing impersonation.
        (setegid): Try to set primary group in process token to the new group
        if ntsec is on.
        * uinfo.cc (internal_getlogin): Use new `cygsid' class.
        Try to set owner to user and primary group to current group in process
        token if the process has been started from a non cygwin process.
        (uinfo_init): Set primary group only if the process has been started
        from a non cygwin process.
        * winsup.h: Move define for `MAX_SID_LEN' to security.h.
2001-04-25 09:43:25 +00:00
Corinna Vinschen b265245256 * security.cc (alloc_sd): Reformat comment.
* shared.cc: Drop function declarations already in security.h.
2001-04-22 22:12:12 +00:00
Corinna Vinschen 3c8e92d9fc * security.cc (set_process_privileges): Swap out.
* sec_helper.cc (set_process_privilege): Rename from
        `set_process_privileges'. Takes the privilege to enable or disable
        as parameter now.
        * security.h: Add prototype for `set_process_privileges'.
2001-04-20 20:36:13 +00:00
Corinna Vinschen c0d1968a18 * Makefile.in: Add object files `sec_helper.cc' and `sec_acl.cc'.
* security.cc: Swap out several functions.
        * sec_acl.cc: New file. Move Sun compatibel ACL functions from
        `security.cc' to here.
        * sec_helper.cc: New file. Move security helper functions from
        `security.cc' to here.
        * security.h: Changed to accomodate the above changes.

        * grp.cc: Replace `group_in_memory_p' by `group_state'.
        Eliminate group_sem throughout.
        (enum grp_state): New enumeration type.
        (read_etc_group): Make race safe.
        * security.cc: Eliminate group_sem throughout.
2001-04-20 13:02:32 +00:00