(cwcsdup1): New function.
* cygheap.h (cygheap_user::get_windows_id): New method returning PWCHAR.
(cwcsdup): Declare.
(cwcsdup1): Declare.
* registry.cc (get_registry_hive_path): Use WCHAR instead of char
throughout.
(load_registry_hive): Ditto.
* registry.h (get_registry_hive_path): Change declaration accordingly.
(load_registry_hive): Ditto.
* sec_helper.cc (cygpsid::string): New method returning PWCHAR.
* security.h (cygpsid::string): Declare.
* syscalls.cc (seteuid32): Convert local name var to WCHAR.
* uinfo.cc (cygheap_user::env_userprofile): Convert local name buffers
to WCHAR. Call sys_wcstombs_alloc to generate puserprof buffer.
* winsup.h: Fix comment.
(NT_MAX_PATH): New definition for maximum internal path length.
Use throughout where appropriate.
* include/limits.h (PATH_MAX): Set to 4096 as on Linux.
* cygwin.din (getxattr, listxattr, removexattr, setxattr, lgetxattr,
llistxattr, lremovexattr, lsetxattr, fgetxattr, flistxattr,
fremovexattr, fsetxattr): Export Linux extended attribute functions.
Sort.
* errno.cc (errmap): Add mappings for ERROR_EAS_DIDNT_FIT,
ERROR_EAS_NOT_SUPPORTED, ERROR_EA_LIST_INCONSISTENT,
ERROR_EA_TABLE_FULL, ERROR_FILE_CORRUPT, ERROR_INVALID_EA_NAME.
* fhandler.h (class fhandler_base): Declare new fgetxattr and
fsetxattr methods.
(class fhandler_disk_file): Ditto.
* fhandler.cc (fhandler_base::fgetxattr): New method.
(fhandler_base::fsetxattr): New method.
* fhandler_disk_file.cc (fhandler_disk_file::fgetxattr): New method.
(fhandler_disk_file::fsetxattr): New method.
* ntdll.h (STATUS_EA_TOO_LARGE): Define.
(STATUS_NONEXISTENT_EA_ENTRY): Define.
(STATUS_NO_EAS_ON_FILE): Define.
* ntea.cc (read_ea): Rewrite for long pathnames and for using with
Linux extended attribute functions.
(write_ea): Ditto.
(getxattr_worker): New static function.
(getxattr): New function.
(lgetxattr): New function.
(fgetxattr): New function.
(listxattr): New function.
(llistxattr): New function.
(flistxattr): New function.
(setxattr_worker): New static function.
(setxattr): New function.
(lsetxattr): New function.
(fsetxattr): New function.
(removexattr): New function.
(lsetxattr): New function.
(fsetxattr): New function.
* security.h (read_ea): Change declaration according to above changes.
(write_ea): Ditto.
* include/cygwin/version.h: Bump API minor version.
of access control functions throughout.
* fhandler_disk_file.cc: Ditto.
* fhandler_registry.cc: Ditto.
* sec_acl.cc: Drop unnecessary includes.
(setacl): Take path_conv instead of file name as parameter.
Accommodate interface changes of access control functions.
(getacl): Ditto.
* sec_auth.cc: New file, taking over all authentication related
functions from security.cc.
* sec_helper.cc: Drop unnecessary includes.
* security.cc: Ditto. Move all authentication related functions to
sec_auth.cc.
(ALL_SECURITY_INFORMATION): New define. Use throughout.
(set_file_sd): New function, replacing read_sd and the file related
part of get_nt_object_security.
(get_reg_sd): Rename from get_reg_security. Drop type parameter.
(get_reg_attribute): New function, replacing the registry related part
of get_nt_object_security.
(get_file_attribute): Take path_conv instead of file name as parameter.
Use new get_file_sd call.
(set_file_attribute): Ditto plus new set_file_sd. Drop unnecessary
implementation without uid/gid parameters.
(check_file_access): Take path_conv instead of file name as parameter.
Use new get_file_sd call.
(check_registry_access): Use new get_reg_sd call.
* security.h: Accommodate above interface changes.
* mmap.cc (mlock): Accommodate parameter change in call to
push_thread_privilege.
(munlock): Ditto.
* ntdll.h (STATUS_NOT_ALL_ASSIGNED): Define.
(NtAdjustPrivilegesToken): Declare.
* sec_helper.cc (cygpriv): Reorder to match numerical privilege order.
(privilege_luid): Take job of privilege_luid_by_name, using new
cygpriv.
(privilege_luid_by_name): Remove.
(privilege_name): Accommodate new cygpriv array.
(set_privilege): Call NtAdjustPrivilegesToken to avoid using advapi32.
Accommodate changes to privilege_name.
(set_cygwin_privileges): Simplify. Don't try to set
SE_CREATE_GLOBAL_PRIVILEGE on systems not supporting it.
* security.cc (sys_privs): Reorder to match numerical privilege order.
Use real privilege values as defined in security.h.
(get_system_priv_list): Drop unused grp_list argument. Create
list of privileges according to new wincapc::max_sys_priv value.
(get_priv_list): Call privilege_luid instead of privilege_luid_by_name.
Make priv a local value instead of a pointer.
(create_token): Accommodate parameter change in call to
push_self_privilege.
(lsaauth): Ditto.
(check_access): Use privilege values directly instead of calling
privilege_luid.
* security.h: Define real privilege values.
(cygpriv_idx): Remove.
(privilege_luid): Change declaration.
(privilege_luid_by_name): Drop declaration.
(set_privilege): Change declaration.
(set_process_privilege): Drop definition.
(_push_thread_privilege): Accomodate new set_privilege parameters.
* wincap.h (wincapc::max_sys_priv): New element.
* wincap.cc: Implement above element throughout.
(wincap_2000sp4): New wincaps structure.
(wincap_xpsp1): Ditto.
(wincap_xpsp2): Ditto.
(wincapc::init): Use new wincaps.
(wincapc::max_sys_priv): New element.
Accommodate changge throughout Cygwin.
(cygheap_user::imp_token): Rename from token. Accommodate changge
throughout Cygwin.
(rcygheap_user::eimpersonate): Use primary token for impersonation.
* grp.cc (internal_getgroups): Use primary impersonation token when
impersonated.
* security.h (_push_thread_privilege): Use primary impersonation token
when impersonated.
shared_prefix depending only on terminal service capability.
* dcrt0.cc (dll_crt0_1): Don't call set_cygwin_privileges here.
* fhandler_fifo.cc (fhandler_fifo::open): Create the mutex as global
object.
* posix_ipc.cc (ipc_mutex_init): Use cygheap->shared_prefix.
(ipc_cond_init): Ditto.
* sec_helper.cc (privilege_name): Make static. Use LookupPrivilegeName
directly to be independent of the state of cygheap.
(set_privilege): Take a LUID as parameter instead of an index value.
Only print debug output in case of failure.
(set_cygwin_privileges): Add comment. Use LookupPrivilegeValue to
get privilege LUIDs.
(init_global_security): Call set_cygwin_privileges here.
* security.h (privilege_name): Drop declaration.
(set_privilege): Declare according to above change.
(set_process_privilege): Call privilege_luid to get LUID.
(_push_thread_privilege): Ditto.
* shared.cc (open_shared): Add comment. On systems supporting the
SeCreateGlobalPrivilege, try to create/open global shared memory first.
Fall back to local shared memory if that fails.
* thread.cc (semaphore::semaphore): Use cygheap->shared_prefix.
* wincap.h (wincapc::has_create_global_privilege): New element.
* wincap.cc: Implement above element throughout.
* sec_acl.cc (setacl): Ditto. Set to true if any ACE with write
permissions is created.
* fhandler_disk_file.cc (fhandler_disk_file::facl): Reset
FILE_ATTRIBUTE_READONLY if ACL contains an ACE with write permissions.
user information on NT4.
* sec_helper.cc (security_descriptor::malloc): Drop LocalAlloc
considerations.
(security_descriptor::realloc): Ditto.
(security_descriptor::free): Ditto.
* security.cc (get_reg_security): Reinstantiate.
(get_nt_object_security): Revert to using NtQuerySecurityObject.
* security.h (class security_descriptor): Drop type member.
Accommodate throughout.
(security_descriptor::size): Constify.
(security_descriptor::copy): Ditto.
impersonation token, which collides with Vista UAC.
* cygheap.h (deimpersonate): revert to self instead of impersonating
hProcImpToken.
(reimpersonate): Only impersonate if setuid.
* dcrt0.cc (dll_crt0_0): Don't initialize hProcImpToken here.
(dll_crt0_1): Set privileges on hProcToken.
* fork.cc (frok::child): Set privileges on hProcToken. Close handle to
hProcImpToken.
* grp.cc (internal_getgroups): Use hProcToken instead of hProcImpToken.
* security.cc (check_access): Create hProcImpToken on demand here.
* security.h (set_process_privilege): Set privileges on hProcToken.
(_push_thread_privilege): Use hProcToken instead of hProcImpToken.
(pop_thread_privilege): If not setuid'ed, revert to self.
* syscalls.cc (setegid32): Drop setting primary group on hProcImpToken.
Close handle to hProcImpToken.
* uinfo.cc (internal_getlogin): Ditto.
* winsup.h (clear_procimptoken): New inline function.
* environ.cc: Disable subauth settings.
* grp.cc: Accomodate cygsidlist's count now being a method.
* sec_helper.cc (SECURITY_MANDATORY_INTEGRITY_AUTHORITY): Remove.
(mandatory_medium_integrity_sid): Remove.
(mandatory_high_integrity_sid): Remove.
(mandatory_system_integrity_sid): Remove.
(fake_logon_sid): Add.
(cygsid::get_sid): Add well_known parameter. Set well_known_sid
accordingly.
(cygsid::getfromstr): Ditto.
(cygsidlist::alloc_sids): Move here from security.cc.
(cygsidlist::free_sids): Ditto.
(cygsidlist::add): Move here from security.h. Add well_known parameter.
Set well_known_sid accordingly. Don't allow duplicate SIDs.
* security.cc: Include cyglsa.h and cygwin/version.h. Throughout
accomodate cygsidlist's count now being a method. Throughout drop
redundant "contains" tests.
(get_user_local_groups): Add local groups as well known SIDs.
(get_token_group_sidlist): Add well known groups as well known SIDs.
(get_server_groups): Ditto. Only call get_unix_group_sidlist after
get_user_local_groups to maintain "well_known_sid" attribute.
(get_initgroups_sidlist): Add well known groups as well known SIDs.
(get_setgroups_sidlist): Add usersid and struct passwd parameter to
allow calling get_server_groups from here.
(get_system_priv_list): Make static. Return size of TOKEN_PRIVILEGES
structure.
(get_priv_list): Ditto.
(create_token): Accomodate above changes. Drop misguided attempt to
add MIC SIDs to created user token. Print returned token as hex value.
(subauth): Disable.
(lsaauth): New function implementing client side of LSA authentication.
* security.h (class cygsid): Add well_known_sid attribute. Accomodate
throughout. Add *= operator to create a well known SID.
(class cygsidlist): Rename count to cnt. Make count a method.
(cygsidlist::add): Move to sec_helper.cc.
(cygsidlist::operator *=): New method to add well known SID.
(cygsidlist::non_well_known_count): New method returning number of
non well known SIDs in list.
(cygsidlist::next_non_well_known_sid): New method returning next non
well known SID by index.
(mandatory_medium_integrity_sid): Drop declaration.
(mandatory_high_integrity_sid): Drop declaration.
(mandatory_system_integrity_sid): Drop declaration.
(fake_logon_sid): Add declaration.
(subauth): Disable declaration.
(lsaauth): Add declaration.
* syscalls.cc (seteuid32): Disable subauthentication. Add LSA
authentication.
* wincap.h: Define needs_logon_sid_in_sid_list throughout.
* wincap.cc: Ditto.
(well_known_this_org_sid): New well known sid.
(SECURITY_MANDATORY_INTEGRITY_AUTHORITY): Define.
(mandatory_medium_integrity_sid): New well known sid.
(mandatory_high_integrity_sid): Ditto.
(mandatory_system_integrity_sid): Ditto.
(cygsid::get_sid): Use local SID_IDENTIFIER_AUTHORITY. Allow all
authorities fitting in a UCHAR.
* security.cc (get_token_group_sidlist): Always add the local
group to the token. Add comment. Add "This Organization" group
if available in incoming group list.
(get_server_groups): Only add world and authenticated users groups
if not already in list.
(create_token): Add matching mandatory integrity SID to group list
on systems supporting Mandatory Integrity Control.
* security.h (well_known_this_org_sid): Define.
(mandatory_medium_integrity_sid): Define.
(mandatory_high_integrity_sid): Define.
(mandatory_system_integrity_sid): Define.
* wincap.h: Define has_mandatory_integrity_control throughout.
* wincap.cc: Ditto.
* sec_helper.cc (security_descriptor::malloc): Use own free method.
Set type.
(security_descriptor::realloc): Handle the case that psd has been
allocated using LocalAlloc. Set type.
(security_descriptor::free): Ditto.
* security.cc (get_nt_attribute): Remove.
(get_reg_security): Remove.
(get_nt_object_security): Use GetSecurityInfo which handles all
securable objects.
(get_nt_object_attribute): Remove.
(get_object_attribute): Call get_nt_object_security instead of
get_nt_object_attribute.
(get_file_attribute): Ditto.
(check_registry_access): Call get_nt_object_security instead of
get_reg_security.
* security.h (cygpsid::operator PSID): Make method const, not the
result.
(class security_descriptor): Add type member. Accomodate throughout.
(security_descriptor::copy): New method.
(security_descriptor::operator PSECURITY_DESCRIPTOR *): New operator.
for registry keys/values if ntsec is on.
* security.cc (check_access): New static function derived from
check_file_access, but object type agnostic.
(check_file_access): Only do file specific stuff. Call check_access.
(check_registry_access): New access check function for registry keys/
values.
* security.h (check_registry_access): Declare.
* include/cygwin/version.h: Bump DLL version to 1.7.0.
2006-07-25 Corinna Vinschen <corinna@vinschen.de>
* select.h: Remove.
* fhandler_socket.cc: Don't include select.h.
* select.cc: Ditto.
2006-07-25 Corinna Vinschen <corinna@vinschen.de>
* cygtls.h: Drop socket related includes.
(struct _local_storage): Remove exitsock and exitsock_sin. Add
select_sockevt.
* cygtls.cc: Accomodate above change throughout.
* fhandler.h (class fhandler_socket): Make wsock_evt public.
* fhandler_socket.cc (fhandler_socket::fhandler_socket): Accomodate
reordering members.
(fhandler_socket::evaluate_events): Drop FD_CONNECT event as soon as
it gets read once. Never remove FD_WRITE event here.
(fhandler_socket::wait_for_events): Wait 50 ms instead of INFINITE for
socket events.
(fhandler_socket::accept): Fix conditional. Set wsock_events members
of accepted socket to useful start values.
(fhandler_socket::recv_internal): Always drop FD_READ/FD_OOB events from
wsock_events after the call to WSARecvFrom.
(fhandler_socket::send_internal): Drop FD_WRITE event from wsock_events
if the call to WSASendTo fails with WSAEWOULDBLOCK. Fix return value
condition.
* select.cc (struct socketinf): Change to accomodate using socket event
handling.
(peek_socket): Use event handling for peeking socket.
(thread_socket): Ditto.
(start_thread_socket): Ditto.
(socket_cleanup): Same here.
* tlsoffsets.h: Regenerate.
2006-07-20 Corinna Vinschen <corinna@vinschen.de>
* fhandler.h (class fhandler_socket): Rearrange slightly to keep
event handling methods and members together. Drop owner status flag.
Split wait method. Rename event handling methods for readability.
* fhandler_socket.cc (struct wsa_event): Add owner field.
(LOCK_EVENTS): New macro.
(UNLOCK_EVENTS): Ditto.
(fhandler_socket::init_events): rename from prepare.
(fhandler_socket::evaluate_events): First half of former wait method.
Do everything but wait. Allow specifiying whether or not events from
event_mask should be erased from wsock_events->events. Simplify
OOB handling. Allow sending SIGURG to any process (group).
(fhandler_socket::wait_for_events): Second half of former wait method.
Call evaluate_events and wait in a loop if socket is blocking.
(fhandler_socket::release_events): Rename from release.
(fhandler_socket::connect): Accomodate above name changes.
(fhandler_socket::accept): Ditto.
(fhandler_socket::recv_internal): Ditto.
(fhandler_socket::send_internal): Ditto.
(fhandler_socket::close): Ditto.
(fhandler_socket::fcntl): Always set owner to given input value on
F_SETOWN. Handle F_GETOWN.
* net.cc (fdsock): Accomodate above name changes.
2006-07-20 Corinna Vinschen <corinna@vinschen.de>
* fhandler_socket.cc (fhandler_socket::wait): Set Winsock errno to
WSAEWOULDBLOCK instead of WSAEINPROGRESS.
2006-07-18 Brian Ford <Brian.Ford@FlightSafety.com>
Corinna Vinschen <corinna@vinschen.de>
* winsup.h (mmap_region_status): New enum.
(mmap_is_attached_or_noreserve_page): Adjust prototype and rename
as below.
* mmap.cc (mmap_is_attached_or_noreserve_page): Rename
mmap_is_attached_or_noreserve. Add region length parameter.
Return enum above.
* exceptions.cc (_cygtls::handle_exceptions): Accomodate above.
* fhandler.cc (fhandler_base::raw_read): Call above for NOACCESS
errors and retry on success to allow reads into untouched
MAP_NORESERVE buffers.
2006-07-18 Corinna Vinschen <corinna@vinschen.de>
* cygwin.din (posix_openpt): Export.
* tty.cc (posix_openpt): New function.
* include/cygwin/stdlib.h (posix_openpt): Declare.
* include/cygwin/version.h: Bump API minor number.
2006-07-14 Corinna Vinschen <corinna@vinschen.de>
* security.cc (get_token_group_sidlist): Always add the interactive
group to the token. Add comment. Create logon_id group SID by
copying it from incoming group list.
(create_token): Add subauth_token parameter. Use information in
subauth_token if present. Tweak SourceIdentifier if subauth_token
is present for debugging purposes.
* security.h (create_token): Add subauth_token parameter in declaration.
* syscalls.cc (seteuid32): Call subauth first. Call create_token
regardless. Use subauth token in call to create_token if subauth
succeeded.
2006-07-13 Corinna Vinschen <corinna@vinschen.de>
* include/netinet/in.h: Update copyright.
2006-07-13 Corinna Vinschen <corinna@vinschen.de>
* fhandler_socket.cc (fhandler_socket::wait): Rework function so that
WaitForMultipleObjects is really only called when necessary.
2006-07-12 Corinna Vinschen <corinna@vinschen.de>
* include/netdb.h: Declare rcmd, rcmd_af, rexec, rresvport,
rresvport_af, iruserok, iruserok_sa, ruserok.
2006-07-12 Corinna Vinschen <corinna@vinschen.de>
* Makefile.in (DLL_OFILES): Drop iruserok.o. Add rcmd.o.
* autoload.cc (rcmd): Drop definition.
* cygwin.din: Export bindresvport, bindresvport_sa, iruserok_sa,
rcmd_af, rresvport_af.
* net.cc (cygwin_rcmd): Remove.
(last_used_bindresvport): Rename from last_used_rrecvport.
(cygwin_bindresvport_sa): New function implementing bindresvport_sa.
(cygwin_bindresvport): New function implementing bindresvport.
(cygwin_rresvport): Remove.
* include/cygwin/version.h: Bump API minor number.
* include/netinet/in.h: Declare bindresvport and bindresvport_sa.
* libc/iruserok.c: Remove file.
* libc/rcmd.cc: New file implementing rcmd, rcmd_af, rresvport,
rresvport_af, iruserok_sa, iruserok and ruserok.
2006-07-12 Corinna Vinschen <corinna@vinschen.de>
* fhandler_socket.cc (fhandler_socket::getsockname): Return valid
result for unbound sockets.
2006-07-11 Corinna Vinschen <corinna@vinschen.de>
* fhandler_socket.cc (fhandler_socket::fixup_after_fork): Handle
wsock_mtx and wsock_evt on fork, thus handling close_on_exec correctly.
(fhandler_socket::fixup_after_exec): Drop misguided attempt to handle
close_on_exec here.
(fhandler_socket::dup): Call fixup_after_fork with NULL parent.
Add comment.
(fhandler_socket::set_close_on_exec): Handle wsock_mtx and wsock_evt.
2006-07-10 Corinna Vinschen <corinna@vinschen.de>
* fhandler.h (class fhandler_socket): Add wsock_mtx, wsock_evt
and wsock_events members. Remove closed status flag, add listener
status flag. Accomodate new implementation of socket event handling
methods. Declare recv* and send* functions ssize_t as the POSIX
equivalents.
(fhandler_socket::recv_internal): Declare.
(fhandler_socket::send_internal): Ditto.
* fhandler_socket.cc (EVENT_MASK): Define mask of selected events.
(fhandler_socket::fhandler_socket): Initialize new members.
(fhandler_socket::af_local_setblocking): Don't actually set the
socket to blocking mode. Keep sane event selection.
(fhandler_socket::af_local_unsetblocking): Don't actually set the
socket to previous blocking setting, just remember it.
(struct wsa_event): New structure to keep event data per shared
socket.
(NUM_SOCKS): Define number of shared sockets concurrently handled by
all active Cygwin processes.
(wsa_events): New shared datastructure keeping all wsa_event records.
(socket_serial_number): New shared variable to identify shared sockets.
(wsa_slot_mtx): Global mutex to serialize wsa_events access.
(search_wsa_event_slot): New static function to select a new wsa_event
slot for a new socket.
(fhandler_socket::prepare): Rewrite. Prepare event selection
per new socket.
(fhandler_socket::wait): Rewrite. Wait for socket events in thread
safe and multiple process safe.
(fhandler_socket::release): Rewrite. Close per-socket descriptor
mutex handle and event handle.
(fhandler_socket::dup): Duplicate wsock_mtx and wsock_evt. Fix
copy-paste error in debug output.
(fhandler_socket::connect): Accomodate new event handling.
(fhandler_socket::listen): Set listener flag on successful listen.
(fhandler_socket::accept): Accomodate new event handling.
(fhandler_socket::recv_internal): New inline method centralizing
common recv code.
(fhandler_socket::recvfrom): Call recv_internal now.
(fhandler_socket::recvmsg): Ditto. Streamline copying from iovec
to WSABUF.
(fhandler_socket::send_internal): New inline method centralizing
common send code.
(fhandler_socket::sendto): Call send_internal now.
(fhandler_socket::sendmsg): Ditto. Streamline copying from iovec
to WSABUF.
(fhandler_socket::close): Call release now.
(fhandler_socket::ioctl): Never actually switch to blocking mode.
Just keep track of the setting.
* net.cc (fdsock): Call prepare now.
(cygwin_connect): Revert again to event driven technique.
(cygwin_accept): Ditto.
* poll.cc (poll): Don't call recvfrom on a listening socket.
Remove special case for failing recvfrom.
* include/sys/socket.h: Declare recv* and send* functions ssize_t as
requested by POSIX.
2006-07-07 Corinna Vinschen <corinna@vinschen.de>
* net.cc (cygwin_inet_ntop): Fix data type of forth parameter.
2006-07-06 Corinna Vinschen <corinna@vinschen.de>
* include/cygwin/in6.h (struct in6_addr): Fix typo.
2006-07-06 Corinna Vinschen <corinna@vinschen.de>
* cygwin.din: Export in6addr_any, in6addr_loopback, freeaddrinfo,
gai_strerror, getaddrinfo, getnameinfo.
* fhandler_socket.cc: Include cygwin/in6.h.
(get_inet_addr): Accomodate AF_INET6 usage.
(fhandler_socket::connect): Ditto.
(fhandler_socket::listen): Ditto.
(fhandler_socket::sendto): Ditto.
* net.cc: Include cygwin/in6.h.
(in6addr_any): Define.
(in6addr_loopback): Define.
(cygwin_socket): Accomodate AF_INET6 usage.
(socketpair): Bind socketpairs only to loopback for security.
(inet_pton4): New static function.
(inet_pton6): Ditto.
(cygwin_inet_pton): New AF_INET6 aware inet_pton implementation.
(inet_ntop4): New static function.
(inet_ntop6): Ditto.
(cygwin_inet_ntop): New AF_INET6 aware inet_ntop implementation.
(ga_aistruct): New static function.
(ga_clone): Ditto.
(ga_echeck): Ditto.
(ga_nsearch): Ditto.
(ga_port): Ditto.
(ga_serv): Ditto.
(ga_unix): Ditto.
(gn_ipv46): Ditto.
(ipv4_freeaddrinfo): Ditto.
(ipv4_getaddrinfo): Ditto.
(ipv4_getnameinfo): Ditto.
(gai_errmap_t): New structure holding error code - error string mapping.
(cygwin_gai_strerror): New function implementing gai_strerror.
(w32_to_gai_err): New static function.
(get_ipv6_funcs): Ditto.
(load_ipv6_funcs): Ditto.
(cygwin_freeaddrinfo): New function implementing freeaddrinfo.
(cygwin_getaddrinfo): New function implementing getaddrinfo.
(cygwin_getnameinfo): New function implementing getnameinfo.
* include/netdb.h: Include stdint.h and cygwin/socket.h. Define
data types and macros used by getaddrinfo and friends. Declare
freeaddrinfo, gai_strerror, getaddrinfo and getnameinfo.
* include/cygwin/in.h: Add IPv6 related IPPROTOs. Remove definition
of struct sockaddr_in6. Include cygwin/in6.h instead.
* include/cygwin/in6.h: New header file defining IPv6 releated
data types and macros.
* include/cygwin/socket.h: Enable AF_INET6 and PF_INET6. Add
IPv6 related socket options.
* include/cygwin/version.h: Bump API minor number.
2006-07-06 Corinna Vinschen <corinna@vinschen.de>
* autoload.cc (DsGetDcNameA): Define.
(NetGetAnyDCName): Define.
* security.cc: Include dsgetdc.h.
(DsGetDcNameA): Declare.
(DS_FORCE_REDISCOVERY): Define.
(get_logon_server): Add bool parameter to control rediscovery of DC.
Use DsGetDcNameA function if supported, NetGetDCName/NetGetAnyDCName
otherwise.
(get_server_groups): Rediscover DC if get_user_groups fails and
try again.
(get_reg_security): Use correct error code macro when testing
RegGetKeySecurity return value.
* security.h (get_logon_server): Remove default vaue from wserver
parameter. Add rediscovery parameter.
* uinfo.cc (cygheap_user::env_logsrv): Accomodate rediscovery parameter
in call to get_logon_server.
(NtSetEaFile): Define.
* fhandler.cc (fhandler_base::open): Use appropriate open flags
in query case when allow_ntea is set.
* ntdll.h (struct _FILE_GET_EA_INFORMATION): Define.
(struct _FILE_FULL_EA_INFORMATION): Define.
(NtQueryEaFile): Declare.
(NtSetEaFile): Declare.
* ntea.cc (read_ea): Rename from NTReadEA and rewrite using
NtQueryEaFile.
(write_ea): Rename from NTWriteEA and rewrite using NtSetEaFile.
* path.cc (get_symlink_ea): Make static. Add handle parameter to
accomodate new read_ea call.
(set_symlink_ea): Make static. Add handle parameter to accomodate new
write_ea call.
(symlink_worker): Call set_symlink_ea while file is still open.
(symlink_info::check): Call get_symlink_ea after file has been opened.
* security.cc (get_file_attribute): Accomodate new read_ea call.
(set_file_attribute): Accomodate new write_ea call.
* security.h (read_ea): Change declaration accordingly.
(write_ea): Ditto.
allocate dynamically.
(pinfo::set_acl): Replace sa_buf by dynamically allocated acl_buf.
* sec_acl.cc (setacl): Allocate acl dynamically.
* sec_helper.cc (sec_acl): Add test for alignment of acl when
DEBUGGING is defined.
(__sec_user): Same for sa_buf.
* security.cc (verify_token): Define sd_buf as PSECURITY_DESCRIPTOR
and allocate dynamically.
(alloc_sd): Allocate acl dynamically.
security.h (sec_user_nih): Change first parameter to
SECURITY_ATTRIBUTES *.
(sec_user): Ditto.
* sigproc.cc (wait_sig): Define sa_buf as PSECURITY_ATTRIBUTES and
allocate dynamically.
* syscalls.cc (seteuid32): Define dacl_buf as PACL and allocate
dynamically.
* uinfo.cc (cygheap_user::init): Define sa_buf as PSECURITY_ATTRIBUTES
and allocate dynamically.
* winbase.h (ilockincr): Mark first argument of inline assembly as
earlyclobber.
(ilockdecr): Ditto.
(get_server_groups): Declare new function.
* security.cc (is_group_member): Simplify.
(get_server_groups): New function.
(get_initgroups_sidlist): Call get_server_groups.
(verify_token): Allow token when supplementary sids are not in
/etc/group but are in the token.
Streamline the code.
* grp.cc (initgroups32): New implementation.
(getgroups32): Handle case where the supplementary groups are set.
* cygheap.h (cygheap_user::curr_primary_token): New member.
(cygheap_user::primary_token): New method.
(cygheap_user::deimpersonate): Always revert to processes'
impersonation token.
(cygheap_user::reimpersonate): Set processes' or setuid token as
necessary.
(cygheap_user::has_impersonation_tokens): Look for curr_primary_token
value.
(cygheap_user::close_impersonation_tokens): Close curr_primary_token
here if necessary. Don't reset token values to NO_IMPERSONATION since
that's done in uinfo_init anyway.
(init_cygheap::luid): New LUID array keeping privilege LUIDs.
* cygtls.cc (_cygtls::init_thread): Call cygheap->user.reimpersonate.
* dcrt0.cc (hProcToken): New global variable to keep process token.
(hProcImpToken): Ditto for process impersonation token.
(dll_crt0_0): Open process token here once. Duplicate to create
hProcImpToken.
(dll_crt0_1): Call set_cygwin_privileges.
* environ.cc (allow_ntea): Drop duplicate declaration.
(allow_smbntsec): Ditto.
(set_traverse): Only set allow_traverse here.
(environ_init): Ditto.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Drop call to
enable_restore_privilege.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::facl): Ditto.
* fork.cc (fork_child): Move call to cygheap->user.reimpersonate after
syn with parent. Call set_cygwin_privileges.
* grp.cc (internal_getgroups): Use hProcImpToken instead of opening
process token.
* path.cc (fs_info::update): Bypass traverse checking when retrieving
volume information using push/pop_thread_privileges.
* registry.cc (load_registry_hive): Drop setting restore privilege
since it's already set if available.
* sec_helper.cc: Include cygtls.h.
(cygpriv): Privilege string array.
(privilege_luid): New function, evaluate LUID from cygpriv_idx.
(privilege_luid_by_name): New function, evaluate LUID from privilege
string.
(privilege_name): New function, evaluate privilege string from
cygpriv_idx.
(set_privilege): New static function called by set_process_privilege
and set_thread_privilege. Call privilege_luid to get privilege LUID.
Fix bug in return value evaluation. Improve debug output.
(set_cygwin_privileges): New function.
(set_process_privilege): Remove.
(enable_restore_privilege): Remove.
* security.cc (allow_traverse): New global variable.
(sys_privs): Change type to cygpriv_idx and store privilege indices
instead of strings.
(SYSTEM_PRIVILEGES_COUNT): Renamed from SYSTEM_PERMISSION_COUNT.
(get_system_priv_list): Don't use numerical constant in malloc call.
Use privilege_luid to get privilege LUIDs.
(get_priv_list): Call privilege_luid_by_name to get LUIDs. Improve
inner privilege LUID comparison loop.
(create_token): Enable create token privilege using
push/pop_self_privileges. Use hProcToken instead of opening process
token. Use default DACL when duplicating token.
(subauth): Enable tcb privilege using push/pop_self_privileges.
Use sec_none instead of homw made security attributes when duplicating
token.
(check_file_access): Don't duplicate access token, use active
impersonation token as is.
* security.h (enum cygpriv_idx): New enumeration type enumerating
possible privileges.
(privilege_luid): Declare new function.
(privilege_luid_by_name): Ditto.
(privilege_name): Ditto.
(allow_traverse): Declare.
(set_privilege): Declare function.
(set_process_privilege): Define as macro.
(enable_restore_privilege): Remove declaration.
(_push_thread_privilege): Define macro.
(push_thread_privilege): Ditto.
(pop_thread_privilege): Ditto.
(pop_self_privilege): Ditto.
* spawn.cc (spawn_guts): Use cygheap->user.primary_token instead of
cygheap->user.token.
* syscalls.cc (statvfs): Bypass traverse checking when retrieving
volume information using push/pop_thread_privileges. Rearrange code
to simplify push/pop bracketing.
(seteuid32): Use hProcToken instead of opening process token. Call
cygheap->user.deimpersonate instead of RevertToSelf. Create
impersonation token from primary internal or external token. Set
cygheap->user.curr_primary_token and cygheap->user.current_token
privileges once here. Drop "failed" and "failed_ptok" labels.
Drop setting DefaultDacl of process token.
(setegid32): Use hProcToken and hProcImpToken instead of opening
process token. Always reimpersonate afterwards.
* uinfo.cc (cygheap_user::init): Use hProcToken instead of opening
process token.
(internal_getlogin): Ditto. Set hProcImpToken, too.
(uinfo_init): Initialize cygheap->user.curr_primary_token.
* winsup.h (hProcToken): Declare.
(hProcImpToken): Declare.
* dir.cc (mkdir): Change set_file_attribute call to indicate that
NT security isn't used.
* fhandler.cc (fhandler_base::open_9x): New method, created from
fhandler_base::open.
(fhandler_base::open): Rearrange to use NtCreateFile instead of
CreateFile.
* fhandler.h (enum query_state): Redefine query_null_access to
query_stat_control. query_null_access isn't allowed in NtCreateFile.
(fhandler_base::open_9x): Declare.
* fhandler_disk_file.cc (fhandler_base::fstat_fs): Use
query_stat_control first, query_read_control if that fails.
(fhandler_disk_file::fchmod): Call enable_restore_privilege before
trying to open for query_write_control. Don't fall back to
opening for query_read_control.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::facl): Only request restore privilege and query
access necessary for given cmd.
* fhandler_raw.cc (fhandler_dev_raw::open): Call fhandler_base::open
instead of opening device here.
* ntdll.h (NtCreateFile): Declare.
* path.cc (symlink_worker): Change set_file_attribute call to indicate
that NT security isn't used.
* sec_acl.cc (getacl): Fix bracketing.
* sec_helper.cc (enable_restore_privilege): New function.
* security.cc (str2buf2uni_cat): New function.
(write_sd): Don't request restore permission here.
* security.h (set_process_privileges): Drop stale declaration.
(str2buf2uni): Declare.
(str2buf2uni_cat): Declare.
(enable_restore_privilege): Declare.
* syscalls.cc (fchown32): Return immediate success on 9x.
query_state.
(fhandler_base::fchown): New method.
* fhandler.h: Declare fchown method in fhandler_base,
fhandler_disk_file and fhandler_virtual.
(enum query_state): Add query_write_control.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Set query_state
to query_write_control. Only remove FILE_ATTRIBUTE_READONLY if not
setting security descriptor.
(fhandler_disk_file::fchown): New method.
* fhandler_virtual.cc (fhandler_virtual::fchown): New method.
* sec_acl.cc (setacl): Call write_sd with additional handle attribute.
* security.cc (write_sd): Take handle argument. Only request owner
if getting SE_RESTORE_NAME privilege failed. Only open file if
NtSetSecurityObject failed or handle is NULL.
(set_nt_attribute): Call write_sd with additional handle attribute.
* security.h (write_sd): Declare with additional handle argument.
to query_open setting.
(fhandler_base::fhandler_base): Initialize query_open.
* fhandler.h (FH_QUERYOPEN): Drop.
(enum query_state): Add.
(class fhandler_base): Add query_open member.
(fhandler_base::get_query_open): Redefine to use query_open.
(fhandler_base::set_query_open): Ditto.
* fhandler_disk_file.cc (fhandler_base::fstat_fs): Remove O_DIROPEN
from open_flags since it's added in open_fs anyway. Remove
query_open_already. Use new query_open settings. Rearrange slightly.
(fhandler_base::fstat_helper): Add get_io_handle as parameter to
get_file_attribute.
* security.cc (get_nt_object_attribute): Make returning an int.
Return -1 on error, 0 otherwise.
(get_file_attribute): Take an object handle as argument. Move down
to allow calling get_nt_object_attribute in case a non-NULL handle
is given.
* security.h (get_file_attribute): Add handle to argument list.
* syscalls.cc (chown_worker): Accomodate new definition of
get_file_attribute.
(well_known_*_sid): Change type to cygpsid.
(cygsid::init): Delete declaration.
* sec_helper.cc (well_known_*_sid): Define using above SID macro.
(cygsid::init): Delete.
* dcrt0.cc (dll_crt0_0): Do not call cygsid::init.
* security.cc (get_user_local_groups): Change the second argument type
to cygpsid.
throughout.
* tty.cc (tty::common_init): Remove call to SetKernelObjectSecurity and edit
some comments.
* cygheap.h (init_cygheap::ctty): Add new element.
* devices.in (device::parse): Remove special handling for /dev/tty.
* devices.cc: Regenerate.
* dtable.cc (build_fh_pc): Don't reset /dev/tty device. Let the device opener
do that.
* fhandler_termios.cc (tty_min::set_ctty): Redefine to _pinfo class.
* fhandler_tty.cc (fhandler_tty_common::set_close_on_exec): Avoid setting
noninherit flag for ctty.
* tty.h: Move BOOLs to bools.
(tty_min::set_ctty): Redeclare to _pinfo class.
* pinfo.cc (_pinfo::set_ctty): Define new function based on tty_min::set_ctty.
Change first argument from tty number to tty_min class.
* pinfo.h (_pinfo::set_ctty): Declare.
* fhandler_console.cc (fhandler_console::get_tty_stuff): Reflect move of
set_ctty to _pinfo class.
* fhandler_tty.cc (fhandler_tty_slave::open): Treat FH_TTY specially. Use
saved cygheap value if it exists. Otherwise convert to real device and save on
first time open.
(fhandler_tty_common::dup): Potentially set controlling tty if duping a slave
tty.
* syscalls.cc (setsid): Close controlling tty in cygheap.
* tty.cc: Change some BOOLs to bools.
set_security_attribute appropriately.
* external.cc (cygwin_internal): Ditto.
* fhandler.cc (fhandler_base::open): Ditto.
* fhandler_socket.cc (fhandler_socket::bind): Ditto.
* path.cc (symlink_worker): Ditto.
* sec_acl.cc (setacl): Ditto. Call read_sd appropriately.
(getace): Ditto.
* sec_helper.cc (security_descriptor::malloc): New method.
(security_descriptor::realloc): New method.
(security_descriptor::free): New method.
* security.cc (read_sd): Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
Allocate the security_descriptor buffer according to size returned by
a call to GetFileSecurity. Return buffer size on success.
(write_sd): Get security_descriptor as parameter instead of
PSECURITY_DESCRIPTOR and a size.
(get_nt_attribute): Use local security_descriptor.
(get_nt_object_attribute): Ditto in case of type == SE_REGISTRY_KEY.
Allocate security_descriptor buffer according to size returned by
a call to RegGetKeySecurity.
(alloc_sd): Make static. Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
(set_security_attribute): Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size.
(set_nt_attribute): Use local security_descriptor.
(check_file_access): Ditto.
* security.h: Add class security_descriptor.
(read_sd): Change declaration to get security_descriptor as parameter
instead of PSECURITY_DESCRIPTOR and a size.
(write_sd): Ditto.
(set_security_attribute): Ditto.
(alloc_sd): Remove declaration.
* thread.cc (semaphore::semaphore): Use local security_descriptor. Call
set_security_attribute appropriately.
* uinfo.cc (cygheap_user::init): Make sure the current user appears
in the default DACL. Rearrange to decrease the indentation levels.
Initialize the effec_cygsid directly.
(internal_getlogin): Do not reinitialize myself->gid. Open the process
token with the required access.
* cygheap.h (class cygheap_user): Delete members pid and saved_psid.
Create members effec_cygsid and saved_cygsid.
(cygheap_user::set_sid): Define inline.
(cygheap_user::set_saved_sid): Ditto.
(cygheap_user::sid): Modify.
(cygheap_user::saved_sid): Modify.
* cygheap.cc (cygheap_user::set_sid): Delete.
(cygheap_user::set_saved_sid): Ditto.
* sec_helper.cc (sec_acl): Set the correct acl size.
* autoload.cc (FindFirstFreeAce): Add.
* security.h: Define ACL_DEFAULT_SIZE.
* security.h (__sec_user): Add "access2" argument.
(sec_acl): Add "original" and "access2" arguments.
(sec_user): Add "sid2" and "access2" argument. Remove dependence on
allow_ntsec.
(sec_user_nih): Ditto.
* sec_helper.cc (__sec_user): Add "has_security" test.
Call sec_acl with new arguments, letting it handle original_sid.
(sec_acl): Add "original" and "access2" arguments. Handle original_sid
depending on flag but avoiding duplicates. Use "access2" for sid2.
* pinfo.cc (pinfo::init): Use security attributes created by sec_user
when creating the mapping.
* security.cc (create_token): Adjust arguments in call to sec_acl.
Call sec_user instead of __sec_user.
* syscall.cc (seteuid32): Adjust arguments in call to sec_acl. Remove
now unnecessary test. Remove useless conversions to psid.
* dcrt0.cc (dll_crt0_1): Call cygsid::init before pinfo_init.
* shared_info.h: Include security.h.
(open_shared): Add psa argument.
(user_shared_initialize): New declaration.
* security.h: Add _SECURITY_H guard.
(sec_user): Use sec_none in the no ntsec case.
* spawn.cc (spawn_guts): Remove call to load_registry_hive.
* syscalls (seteuid32): If warranted, call load_registry_hive,
user_shared_initialize and RegCloseKey(HKEY_CURRENT_USER).
* shared.cc (user_shared_initialize): New.
(open_shared): Add and use psa argument.
(memory_init): Move mount table initialization to
user_shared_initialize. Call it.
data on sockets to evaluate AF_LOCAL sockets correctly.
(dtable::build_fhandler): Set unit number on sockets.
* fhandler.h (fhandler_socket): Add unit number.
(fhandler_socket::get_unit): New method.
* fhandler_socket.cc (fhandler_socket::fhandler_socket): Set unit
number.
(fhandler_socket::fstat): Reorganize to return more Linux-like
values.
* net.cc: include ctype.h.
(fdsock): Set unit number when building fhandler.
* path.cc (path_conv::check): Set device type to FH_SOCKET if file
is a AF_UNIX socket.
(get_devn): Evaluate unit for virtual socket devices.
(win32_device_name): Set windows path for sockets to unix_path with
just backslashes to keep the different names.
* syscalls.cc (fstat64): Don't override st_ino, st_dev and st_rdev
for sockets.
(stat_worker): Ditto.
From Pierre Humblet:
* autoload.cc (AccessCheck): Add.
(DuplicateToken): Add.
* security.h (check_file_access): Declare.
* syscalls.cc (access): Convert path to Windows, check existence
and readonly attribute. Call check_file_access instead of acl_access.
* security.cc (check_file_access): Create.
* sec_acl (acl_access): Delete.
declaration of is_grp_member.
* uinfo.cc (internal_getlogin): Use UNKNOWN_GID.
* passwd.cc (pwdgrp::read_passwd): Use UNKNOWN_UID.
* grp.cc (pwdgrp::read_group): Change group name to provide better
feedback.
(getgrgid): Use gid16togid32.
* sec_helper.cc (is_grp_member): Delete.
(class cygsid): Use cygpsid as base. Remove members psid, get_id,
get_uid, get_gid, string, debug_printf and the == and != operators.
(cygsidlist::clear_supp): Only do work if setgroups has been called.
* sec_helper.cc: Define sid_auth NO_COPY.
(cygpsid::operator==): New operator.
(cygpsid::get_id): New function.
(cygpsid::string): New function.
(cygsid::string): Delete.
(cygsid::get_id): Delete.
* pwdgrp.h: Change arguments of internal_getpwsid,
internal_getgrsid and internal_getgroups to cygpsid.
* passwd.cc (internal_getpwsid): Change argument from cygsid to cygpsid.
* grp.cc (internal_getgrsid): Ditto.
(internal_getgroups): Ditto.
* autoload.cc: Add OpenThreadToken.
* sec_helper.cc (set_process_privilege): Add and use use_thread
argument.
* security.cc (alloc_sd): Modify call to set_process_privilege.
Remember the result in each process. If failed and file owner is not
the user, fail.
* dcrt0.cc (dll_crt0_1): Call well known SID initializer function.
* security.h (cygsid::init): Declare new static method.
* sec_helper.cc (cygsid::init): New method for initializing well
known SIDs.
2002-12-14 Pierre Humblet <pierre.humblet@ieee.org>
* security.h: Declare well_known_creator_group_sid.
* sec_helper.cc: Define and initialize well_known_creator_group_sid.
* pwdgrp.h (pwdgrp_check::pwdgrp_state): Replace by
pwdgrp_check::isinitializing ().
(pwdgrp_check::isinitializing): Create.
* passwd.cc (grab_int): Change type to unsigned, use strtoul and
set the pointer content to 0 if the field is invalid.
(parse_pwd): Move validity test after getting pw_gid.
(read_etc_passwd): Replace "passwd_state <= " by
passwd_state::isinitializing ().
(internal_getpwuid): Ditto.
(internal_getpwnam): Ditto.
(getpwent): Ditto.
(getpass): Ditto.
* grp.cc (parse_grp): Use strtoul for gr_gid and verify the validity.
(read_etc_group): Replace "group_state <= " by
group_state::isinitializing ().
(internal_getgrgid): Ditto.
(getgrent32): Ditto.
(internal_getgrent): Ditto.
2002-12-10 Pierre Humblet <pierre.humblet@ieee.org>
* security.h: Move declarations of internal_getgrent,
internal_getpwsid and internal_getgrsid to pwdgrp.h.
* pwdgrp.h: Declare internal_getpwsid, internal_getpwnam,
internal_getpwuid, internal_getgrsid, internal_getgrgid,
internal_getgrnam, internal_getgrent and internal_getgroups.
Delete "emulated" from enum pwdgrp_state.
(pwdgrp_check::isuninitialized): Create.
(pwdgrp_check::pwdgrp_state): Change state to initializing
rather than to uninitialized.
(pwdgrp_read::gets): Remove trailing CRs.
* passwd.cc (grab_string): Don't look for NLs.
(grab_int): Ditto.
(parse_pwd): Don't look for CRs. Return 0 if entry is too short.
(search_for): Delete.
(read_etc_passwd): Simplify tests to actually read the file.
Set state to loaded before making internal_getpwXX calls.
Replace search_for calls by equivalent internal_pwgetXX calls.
(internal_getpwsid): Use passwd_state.isuninitialized to decide
to call read_etc_passwd.
(internal_getpwuid): Create.
(internal_getpwnam): Create.
(getpwuid32): Simply call internal_getpwuid.
(getpwuid_r32): Call internal_getpwuid.
(getpwnam): Simply call internal_getpwnam.
(getpwnam_r): Call internal_getpwnam.
* grp.cc (parse_grp): Don't look for CRs. Adjust blank space.
(add_grp_line): Adjust blank space.
(class group_lock): Ditto.
(read_etc_group): Simplify tests to actually read the file.
Set state to loaded before making internal_getgrXX calls.
Replace getgrXX calls by equivalent internal calls.
(internal_getgrsid): Use group_state.isuninitialized to decide
to call read_etc_group.
(internal_getgrgid): Create.
(internal_getgrnam): Create.
(getgroups32): Simply call internal_getgrgid.
(getgrnam32): Simply call internal_getgrnam.
(internal_getgrent): Call group_state.isuninitialized.
(internal_getgroups): Create from the former getgroups32, using
two of the four arguments. Set gid to myself->gid and username
to cygheap->user.name ().
(getgroups32): Simply call internal_getgroup.
(getgroups): Call internal_getgroup instead of getgroups32.
(setgroups32): Call internal versions of get{pw,gr}XX.
* sec_helper.cc: Include pwdgrp.h.
(is_grp_member): Call internal versions of get{pw,gr}XX.
* security.cc: Include pwdgrp.h.
(alloc_sd): Call internal versions of get{pw,gr}XX.
* syscalls.cc: Include pwdgrp.h.
(seteuid32): Call internal versions of get{pw,gr}XX.
(setegid32): Ditto.
* uinfo.cc: Include pwdgrp.h.
(internal_getlogin): Call internal versions of get{pw,gr}XX.
(cygheap_user::ontherange): Ditto.
* sec_acl.cc: Include pwdgrp.h.
(setacl): Call internal versions of get{pw,gr}XX.
(acl_access): Ditto and simplify logic.
(aclfromtext): Ditto.
Undeclare internal_getpwent. Define DEFAULT_UID_NT. Change
DEFAULT_GID.
* passwd.cc (internal_getpwsid): New function.
(internal_getpwent): Suppress.
(read_etc_passwd): Make static. Rewrite the code for the completion
line. Set curr_lines to 0.
(parse_pwd): Change type to static int. Return 0 for short lines.
(add_pwd_line): Pay attention to the value of parse_pwd.
(search_for): Do not look for nor return the DEFAULT_UID.
* grp.cc (read_etc_group): Make static. Free gr_mem and set
curr_lines to 0. Always call add_pwd_line. Rewrite the code for the
completion line.
(internal_getgrsid): New function.
(parse_grp): If grp.gr_mem is empty, set it to &null_ptr.
Never NULL gr_passwd.
(getgrgid32): Only return the default if ntsec is off and the gid is
ILLEGAL_GID.
* sec_helper.cc (cygsid::get_id): Use getpwsid and getgrsid.
(cygsid_getfrompw): Clean up last line.
(cygsid_getfromgr): Ditto.
(is_grp_member): Use getpwuid32 and getgrgid32.
* uinfo.cc (internal_getlogin): Set DEFAULT_GID at start.
Use getpwsid. Move the read of /etc/group after the second access
to /etc/passwd. Change some debug_printf.
* sec_helper (cygsid::getfromstr): Reorganize to remove
calls to strcpy and strtok_r.
(cygsid::getfromgr): Change type to __uid32_t instead of int.
Keep only the allow_ntsec branch. Never call LookupAccountSid
which calls PDCs, simply return -1 in case of failure.
Use cygsid == instead of calling EqualSid and remove test
for NULL psid.
* security.h: Declare cygsid::getfromgr as __uid32_t.
supplementary group sids that may have been set by setgroups.
* security.cc (cygsidlist::free_sids): Also zero the class members.
* security.h (groups::clear_supp): New.
Rename cygsidlist_unknown to cygsidlist_empty.
* include/cygwin/version.h: Bump API minor version.
* cygheap.h (class cygheap_user): Add member groups.
* security.h (class cygsidlist): Add members type and maxcount,
methods position, addfromgr, alloc_sids and free_sids and
operator+= (const PSID psid). Modify contains () to call
position () and optimize add () to use maxcount.
(class user_groups): Create.
Update declarations of verify_token and create_token.
* security.cc (cygsidlist::alloc_sids): New.
(cygsidlist::free_sids): New.
(get_token_group_sidlist): Create from get_group_sidlist.
(get_initgroups_sidlist): Create from get_group_sidlist.
(get_group_sidlist): Suppress.
(get_setgroups_sidlist): Create.
(verify_token): Modify arguments. Add setgroups case.
(create_token): Modify arguments. Call get_initgroups_sidlist and
get_setgroups_sidlist as needed. Set SE_GROUP_LOGON_ID from auth_pos
outside of the loop. Rename the various group sid lists consistently.
* syscalls.cc (seteuid32): Modify to use cygheap->user.groups.
(setegid32): Call cygheap->user.groups.update_pgrp.
* grp.cc (setgroups): Create.
(setgroups32): Create.
* uinfo.cc (internal_getlogin): Initialize and update user.groups.pgsid.
* cygwin.din: Add setgroups and setgroups32.
(INHERIT_ALL): Ditto.
(INHERIT_ONLY): Ditto.
* sec_acl.cc: Use appropriate defines from accctrl.h instead of the
above throughout.
* security.cc: Ditto.
(RegQueryInfoKeyA): Ditto.
* fhandler.h (fhandler_virtual::fill_filebuf): Change return type to bool.
(fhandler_proc::fill_filebuf): Ditto.
(fhandler_registry::fill_filebuf): Ditto.
(fhandler_process::fill_filebuf): Ditto.
(fhandler_registry::value_name): Add new member.
(fhandler_registry::close): Add new method.
(fhandler_process::p): Remove member.
* fhandler_proc.cc (fhandler_proc::open): Add set_nohandle after calling
superclass method. Check return value of fill_filebuf.
(fhandler_proc::fill_filebuf): Change return type to bool. Add return
statement.
* fhandler_process.cc (fhandler_process::open): Add set_nohandle after calling
superclass method. Remove references to p. Check return value of
fill_filebuf.
(fhandler_process::fill_filebuf): Change return type to bool. Don't use
dereference operator on p. Add return statement.
(fhandler_process::format_process_stat): Fix typo.
* fhandler_registry.cc: Add static open_key declaration.
(fhandler_registry::exists): Assume path is already normalised. Try opening
the path as a key in its own right first, before reverting to enumerating
subkeys and values of the parent key.
(fhandler_registry::fstat): Add additional code to return more relevant
information about the registry key/value.
(fhandler_registry::readdir): Explicitly set desired access when opening
registry key. Remove output of buf from debug_printf format string.
(fhandler_registry::open): Use set_io_handle to store registry key handle. Set
value_name member. Move code to read a value from the registry to
fill_filebuf. Add call to fill_filebuf.
(fhandler_registry::close): New method.
(fhandler_registry::fill_filebuf): Change return type to bool. Add code to
read a value from registry.
(fhandler_registry::open_key): Make function static. Use KEY_READ as desired
access unless this is the last path component. Check the return value of
RegOpenKeyEx for an error instead of hKey.
* fhandler_virtual.cc (fhandler_virtual::lseek): Check the return value of
fill_filebuf.
(fhandler_virtual::open): Remove call to set_nohandle.
(fhandler_virtual::fill_filebuf): Change return type to bool. Add return
statement.
* security.cc (get_nt_object_attribute): New function.
(get_object_attribute): New function.
* security.h (get_object_attribute): New function declaration.
to get_supplementary_group_sidlist.
(create_token): Add pw argument and use it in call to get_group_sidlist.
* security.h: Add pw argument in declaration of create_token.
* syscalls.cc (seteuid32): Add pw argument in call to create_token.
* security.cc (alloc_sd): Remove logsrv argument.
Remove two calls to lookup_name.
(set_security_attribute): Remove logsrv argument.
Remove logsrv argument in call to alloc_sd.
(set_nt_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_security_attribute.
(set_file_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_nt_attribute.
(set_file_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_file_attribute.
* syscalls.cc (chown_worker): Remove logserver argument in
call to set_file_attribute.
(chmod): Ditto.
* shm.cc (shmget): Remove logsrv argument in call to alloc_sd.
* uinfo.cc (internal_getlogin): Replace calls to
lookup_name by call to LookupAccountName.
* security.h: Remove logsrv in declarations of set_file_attribute
and alloc_sd. Remove declaration of lookup_name.
(get_lsa_srv_inf): Suppressed.
(get_logon_server_and_user_domain): Suppressed.
(get_logon_server): Essentially new.
(get_user_groups): Add "domain" argument. Only lookup the
designated server and use "domain" in LookupAccountName.
(is_group_member): Simplify the arguments.
(get_user_local_groups): Simplify the arguments. Do only a
local lookup. Use "BUILTIN" and local domain in LookupAccountName.
(get_user_primary_group). Only lookup the designated server.
(get_group_sidlist): Remove logonserver argument. Do not lookup
any server for the SYSTEM account.
(create_token): Delete logonserver and call to get_logon_server.
Adjust arguments of get_group_sidlist, see above.
* security.h: Delete declaration of get_logon_server_and_user_domain
and add declaration of get_logon_server.
* uinfo.cc (internal_get_login): Call get_logon_server instead of
get_logon_server_and_user_domain.
Replace in-line code by call to verify_token().
(setegid): Reverse change from 2002-01-21. Add call to
RevertToSelf and set primary group in impersonation token.
* security.cc (create_token): Store pgrpsid in token security
descriptor, except if it already appears in my_grps.
Use sec_acl() in place of get_dacl().
(verify_token): Create from code in seteuid(), with tighter checks.
(get_dacl) Deleted.
(get_group_sidlist): Add argument to indicate if pgrpsid is already
in the groups.
* security.h: Define verify_token().
* autoload.cc: Load GetKernelObjectSecurity().
* Merged cygwin_daemon into head minus the new shm and ipc exports.
2002-02-28 Robert Collins <rbtcollins@hotmail.com>
* fhandler_tty.cc (fhandler_tty_slave::open): More debugging.
(fhandler_tty_slave::read): Fix printf type for the handle.
* tty.cc (tty::common_init): Add a FIXME for security.
2002-01-29 Robert Collins <rbtcollins@hotmail.com>
* Makefile.in (OBJS): Remove duplicate localtime.o.
2002-01-17 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (check_and_dup_handle): Consolidate the two variants for
simplicity.
Add Some basic debug output.
(client_request_attach_tty::serve): Use the new debug_printf for clarity.
Mark the duplicated handles as inheritable - fixup_after_fork() doesn't reopen
tty's.
2002-01-16 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (transport): Correct scope.
(client_request_attach_tty::serve): Add more debug information.
Fix erroneous use of transport instead of conn.
* cygserver_transport_pipes.cc (transport_layer_pipes::close): More debug.
(transport_layer_pipes::read): Ditto.
(transport_layer_pipes::write): Ditto.
(transport_layer_pipes::impersonate_client): Ditto.
Mon Oct 8 7:41:00 2001 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (server_request::process): Rename client_request_shm_get to
client_request_shm.
* cygserver_process.cc (process_cache::add): Rename to add_task.
Use process_cleanup instead of process_request.
(process_cache::remove_process): New method.
(process::process): Initialize new members.
(process::~process): New member.
(process::cleanup): New method.
(process::add_cleanup_routine): New method.
(process_request::process): Rename to process_cleanup.
Call the process object's cleanup method and then delete it.
(process_process_param::request_loop): Remove the signalling process.
* cygserver_shm.cc: Globally rename client_request_shm_get to client_request_shm.
(client_request_shm_get::serve): Handle attach request counting.
* cygserver_shm.h: Globally rename client_request_shm_get to client_request_shm.
(class shm_cleanup): New class.
* shm.cc: Globally rename client_request_shm_get to client_request_shm.
(client_request_shm::client_request_shm): New constructor for attach requests.
(shmat): Use it.
* include/cygwin/cygserver_process.h (class process_request): Rename to
process_cleanup.
(class cleanup_routine): New class.
(class process): New members and methods to allow calling back when the process
terminates.
Thu Oct 4 14:12:00 2001 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (request_loop): Make static.
(main): Use new cache constructor syntax.
Start cache worker threads.
Cleanup the cache at shutdown.
* cygserver_process.cc: Run indent.
(process_cache::process_cache): Add a trigger to use when adding a process.
(process_cache::process): Move process_entry to process.
Insert at the end of the list.
Trigger the request loop when new process's inserted.
(process_cache::process_requests): Do it.
(process_cache::add): New method.
(process_cache::handle_snapshot): New method.
(process::process): Merge in the process_entry fields.
(process::handle): Make a stub function.
(process::exit_code): New method.
(process_request::process): New method.
(process_process_param::request_loop): New method.
* cygserver_shm.cc: New header dependency - threaded_queue.h.
* threaded_queue.cc (threaded_queue::cleanup): Clearer messages.
(queue_process_param::stop): Short spinlock on interruptible threads.
* threaded_queue.h (class threaded_queue): New constructor.
* include/cygwin/cygserver_process.h (process_request): New class.
(process_entry): Remove.
(process): Merge in process_entry.
(process_cache): Inherit from threaded_queue.
Tue Oct 2 23:24:00 2001 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (class server_process_param): Use new constructor syntax.
* cygserver_process.cc (process_cache::~process_cache): New function.
* threaded_queue.cc: Define condition debug_printf.
Run indent.
(threaded_queue::cleanup): Move queue_process_param guts to a method.
(threaded_queue::process_requests): Ditto.
(queue_process_param::queue_process_param): New method.
(queue_process_param::~queue_process_param): Ditto.
(queue_process_param::start): Ditto.
(queue_process_param::stop): Ditto.
* threaded_queue.h (class queue_process_param): Add support for
interruptible request loops.
* cygwin/include/cygwin/cygserver_process.h (class process_cache): Add
destructor.
Tue Oct 2 23:24:00 2001 Robert Collins <rbtcollins@hotmail.com>
* cygserver_client.cc: New flag allow_daemon to disable the daemon completely.
(cygserver_request): Check it.
(cygserver_init): Ditto.
* environ.cc (parse_thing): Add (no)daemon option.
Tue Oct 2 23:00:00 2001 Robert Collins <rbtcollins@hotmail.com>
* shm.cc: Update to handle include changes from HEAD.
Tue Oct 2 16:06:00 2001 Robert Collins <rbtcollins@hotmail.com>
* Makefile.in: Remove cygserver_shm.o from cygwin1.dll.
Rename cygserver_shm_outside.o to cygserver_shm.o.
* cygserver.cc (server_request::process): Use the new client_request
constructor.
* cygserver_client.cc: Remove the #ifdef's stubs for the server method
within cygwin.
(client_request_attach_tty::client_request_attach_tty): Use the new
client_request constructor.
(client_request_shutdown::client_request_shutdown): Ditto.
(client_request::client_request): Ditto.
* cygserver_shm.cc (client_request_shm_get::serve): Remove the
#ifdef'd stub for in-cygwin builds.
(client_request_shm_get::client_request_shm_get): Use the new
client_request constructor, and remove the in-cygwin variants.
* cygserver_shm.h (class client_request_shm_get): #ifndef test the
serve method - it's only used in cygserver.
* shm.cc (client_request_shm_get::client_request_shm_get): New function.
* include/cygwin/cygserver.h (request_header): New constructor.
(class client_request): Use it.
New constructor accepting the header size.
#ifndef test the server method - it's only used within cygserver.
(client_request_get_version): #ifdef test the server method.
(client_request_shutdown): Ditto.
(client_request_attach_tty): Ditto.
Tue Oct 2 9:57:00 2001 Robert Collins <rbtcollins@hotmail.com>
* Makefile.in: add threaded_queue.o to cygserver.exe.
* cygserver.cc: Include threaded_queue.h
(class server_request): Inherit from queue_request.
(class server_process_param): Inherit from queue_process_param.
(class server_request_queue): Inherit from threaded_queue.
(request_loop): Adjust for new types.
(server_request_queue::process_requests): Remove guts to
threaded_queue::process_requests.
(server_request::server_request): Adjust for new types.
(worker_function): Delete.
(server_request_queue::create_workers): Delete.
(server_request_queue::cleanup): Delete.
(server_request_queue::add): Move guts to threaded_queue::add.
* threaded_queue.cc: New file.
* threaded_queue.h: New file.
Mon Oct 1 12:38:00 2001 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (client_request::serve): New function.
* cygserver_process.cc: Inlude <pthread.h> for pthread_once.
(process_cache::process_cache): Initialise a crtiical section for write access.
(process_cache::process): Use the critical section. Also add missing entries to
the cache.
(do_process_init): New function to initalise class process static variables.
(process::process): Ensure that the process access critical section is
initialised.
(process::handle): Close the handle of old process's when they have terminated
and we are returning the handle for a process with the same pid.
* cygserver_shm.cc: Run indent.
Include cygserver_process.h to allow process cache functionality.
(client_request_shm_get::serve): New parameter for process cache support.
Use the process cache, not OpenProcess to get a handle to the originating process.
Fix a handle leak with token_handle.
* cygserver_shm.h (class client_request_shm_get): Update ::serve for process
cache support.
* cygserver_transport_pipes.cc: Redefine debug_printf to be conditional on DEBUG.
* include/cygwin/cygserver.h: Do not implement client_request::serve in the
header.
* include/cygwin/cygserver_process.h (class process_cache): Add a write access
critical section to prevent races when requests from a multithreaded
application arrive.
Sun Sep 30 23:41:00 2001 Robert Collins <rbtcollins@hotmail.com>
* Makefile.in: Add cygserver_process.o to cygserver.exe.
* cygserver.cc: Include signal.h and cygwin_version.h.
Define debug_printf as a macro.
Define DEBUG to a value.
(client_request_attach_tty::serve): Add beginning of process cache support.
Change from #ifdef DEBUG to work with new DEBUG style.
(client_request_get_version::serve): Add beginning of process cache support.
(class server_request): New prototype for support of process cache.
(class queue_process_param): New class to allow request loop threading.
(class server_request_queue): Add beginning of process cache support.
Allow request loop threading.
(request_loop): Thread function for request loops.
(server_request_queue::process_requests): Initiator for threaded request loops.
(client_request_shutdown::serve): Add beginning of process cache support.
(server_request::server_request): Ditto.
(server_request::process): Use debug_printf. Add beginning of process cache
support.
(server_request_queue::cleanup): Kill off any request loop threads.
(server_request_queue::add): Add beginning of process cache support.
(handle_signal): Trigger a shutdown.
(main): Print out some useful info at startup - version, date time.
Add process cache support.
Spawn a separate thread for the transport request loop, thus allowing concurrent
support for multiple transports.
* cygserver_client.cc (client_request_get_version::serve): Add process cache
support.
(client_request_attach_tty::serve): Add process cache support.
(client_request_shutdown::serve): Add process cache support.
* cygsserver_process.cc: New file with the process cache support.
* cygserver_shm.cc: Redefine debug_printf to allow conditional output.
* cygwin.din: Export shmdt().
* shm.cc: Run indent.
Update FIXME's.
(shmdt): New function.
* include/cygwin/cygserver.h (class client_request): Add process cache support.
(class client_request_get_version): Ditto.
(class client_request_shutdown): Ditto.
(class client_request_attach_tty): Ditto.
* include/cygwin/cygserver_process.h: New header for process cache support.
Sun Sep 30 8:52:00 2001 Robert Collins <rbtcollins@hotmail.com>
* include/cygwin/cygserver_transport.h: Add copyright header.
* include/cygwin/cygserver_transport_pipes.h: Ditto.
* include/cygwin/cygserver_transport_sockets.h: Ditto.
Sat Sep 29 20:40:00 2001 Robert Collins <rbtcollins@hotmail.com>
* Makefile.in: Add cygserver_transport_sockets.o to DLL_OFILES.
Add cygserver_transport_sockets_outside.o to cygserver.exe.
* cygserver.cc: Include new include files.
* cygserver_client.cc: Ditto.
* cygserver_shm.h: No need to include <sys/socket.h> now.
* cygerver_transport.cc: Include new include files.
(transport_layer_base::transport_layer_base): Strip back to a stub.
(transport_layer_base::listen): Ditto.
(transport_layer_base::accept): Ditto.
(transport_layer_base::close): Ditto.
(transport_layer_base::read): Ditto.
(transport_layer_base::write): Ditto.
(transport_layer_base::connect): Ditto.
* cygserver_transport_pipes.cc: Include new header
"cygwin/cygserver_transport_pipes.h".
* cygserver_transport_sockets.cc: New file.
* dcrt0.cc: No need to include <sys/socket.h> now.
* fhandler_tty.cc: Ditto.
* tty.cc: Ditto.
* include/cygwin/cygserver_transport.h: Strip the base class to a stub.
Remove the cygserver_transport_pipes class.
* include/cygwin/cygserver_transport_pipes.h: New file.
* include/cygwin/cygserver_transport_sockets.h: New file.
Tue Sep 25 16:22:00 2001 Robert Collins <rbtcollins@hotmail.com>
* autoload.cc: Add dynamic load statement for 'ImpersonateNamedPipeClient'.
* Makefile.in: Add new object files, and build instructions for cygserver.exe.
* cygwin.din: Export ftok, shmat, shmctl and shmget.
* dcrt0.cc: Additional includes for cygserver support.
(dll_crt0_1): Initialise the cygserver client.
* fhandler.h (fhandler_tty): New method cygserver_attach_tty.
* fhandler_tty.cc: Additional includes for cygserver support.
(fhandler_tty_slave::open): Attempt to use the cygserver when obtaining
handles from the parent process. On failure or 9x use the current method.
(fhandler_tty_slave::cygserver_attach_tty): New function.
* fork.cc (fork_child): Fixup shm memory mapped areas.
* pinfo.h: Declare fixup_shms_after_fork().
* security.h: Declare alloc_sd().
* tty.cc: Additonal includes to support cygserver.
(tty::common_init): Don't allow others to open us if the cygserver is running.
* winsup.h: Declare cygserver_running.
* cygserver.cc: New file.
* cygserver_client.cc: New file.
* cygserver_shm.cc: New file.
* cygserver_shm.h: New file.
* cygserver_transport.cc: New file.
* cygserver_transport_pipes.cc: New file.
* ipc.cc: New file.
* shm.cc: New file.
* include/cygwin/cygserver.h: New file.
* include/cygwin/cygserver_transport.h: New file.
* include/sys/ipc.h: New file.
* include/sys/shm.h: New file.
2002-02-28 Robert Collins <rbtcollins@hotmail.com>
* thread.cc (semaphore::TryWait): Set errno as required by posix 1003.1.
(__sem_wait): Ditto.
(__sem_trywait): Ditto.
inheritance/permission.
* spawn.cc (spawn_guts): Ditto.
* security.cc (create_token): Initialize token so that it is not tested for
bogus value later. Use sec_user to control process/thread creation.
* security.h (__sec_user): Rename declaration from sec_user.
(sec_user_nih): Declare here as inline function wrapper for __sec_user.
(sec_user): Ditto.
* sigproc.cc (czombies): Allocate a character array for zombies to avoid
constructor overhead
(extremely hackish, I know).
(cpchildren): Ditto.
(pchildren): New define.
(zombies): Ditto.
(getsem): Use sec_user_nih to control semaphore inheritance/permission.
inline" warnings.
* security.h (class cygsid): Ditto.
* sigproc.cc (get_proc_lock): Ditto.
* sigproc.h (class sigframe): Ditto.
* sync.h (class muto): Ditto.
* fhandler.h (fhandler_base::get_guard): Actually MAKE virtual as previously
indicated.
* pipe.cc (make_pipe): Remove extraneous set_errno.
* syscalls.cc (_open): Ditto.
* select.cc (peek_pipe): Need to check that there is still something to read
from the pipe after acquiring the mutex since another process/thread could have
eaten the input before we got to acquiring the lock. (Thanks to Nick Duffek
for this inspiration.)
* sec_acl.cc (setacl): Never set DELETE permission. Set
FILE_DELETE_CHILD only on readable and executable directories.
* sec_helper.cc: Add constructor for `well_known_null_sid'.
* security.cc (get_nt_attribute): Set S_ISVTX for directories if
FILE_WRITE_DATA and FILE_EXECUTE but not FILE_DELETE_CHILD is set.
Add evaluation of S_ISVTX, S_ISGID and S_ISUID from NULL ACE.
(alloc_sd): Never set DELETE permission. Set FILE_DELETE_CHILD
only on readable and executable directories.
Add creation of NULL ACE for S_ISVTX, S_ISGID and S_ISUID permissions.
* security.h: Add extern declaration for `well_known_null_sid'.
* thread.cc (pthread_cond::TimedWait): Check for WAIT_TIMEOUT as well as
WAIT_ABANDONED.
(__pthread_cond_timedwait): Calculate a relative wait from the abstime
parameter.
* ntea.cc (NTReadEA): Don't check for global ntea setting, now
it's caller responsibility.
(NTWriteEA): Ditto.
* security.cc (get_file_attribute): Read attribute from EA only
if 'ntea' is enabled.
(set_file_attribute): Ditto.
* path.h: (class path_conv): Add members to store file system
information.
(path_conv::get_drive_type): New function.
* syscalls.cc (stat_worker): Use it.
* path.cc (path_conv::update_fs_info): New functions.
(path_conv::check): Get file system information from device where
file resides. On NTFS, try to read symlink contents from EA.
(get_symlink_ea): New function.
(set_symlink_ea): Ditto.
(symlink): Store symlink in extended attribute, if possible.
(cygsid::getfromgr): Ditto.
* security.cc: Use `sys_mbstowcs' and `sys_wcstombs' throughout.
(extract_nt_dom_user): Try to get user and domain from SID in
pw->pw_gecos first.
* security.h (class cygsid): Change parameter of getfrompw() and
getfromgr() to `const'.
* uinfo.cc (internal_getlogin): Change order for evaluating user
information in winNT case. Drop usage of NetWkstaUserGetInfo().
`LsaClose', `LsaEnumerateAccountRights', `LsaFreeMemory',
`LsaOpenPolicy', `LsaQueryInformationPolicy', `NetLocalGroupEnum',
`NetLocalGroupGetMembers', `NetServerEnum', `NetUserGetGroups' and
`NtCreateToken'.
* ntdll.h: Add declaration for `NtCreateToken'.
* sec_helper.cc: Add `well_known_local_sid', `well_known_dialup_sid',
`well_known_network_sid', `well_known_batch_sid',
`well_known_interactive_sid', `well_known_service_sid' and
`well_known_authenticated_users_sid'.
(cygsid::string): Define as const method.
(cygsid::get_sid): Set psid to NO_SID on error.
(cygsid::getfromstr): Ditto.
(cygsid::getfrompw): Simplify.
(cygsid::getfromgr): Check for gr == NULL.
(legal_sid_type): Move to security.h.
(set_process_privilege): Return -1 on error, otherwise 0 or 1 related
to previous privilege setting.
* security.cc (extract_nt_dom_user): Remove `static'.
(lsa2wchar): New function.
(open_local_policy): Ditto.
(close_local_policy): Ditto.
(get_lsa_srv_inf): Ditto.
(get_logon_server): Ditto.
(get_logon_server_and_user_domain): Ditto.
(get_user_groups): Ditto.
(is_group_member): Ditto.
(get_user_local_groups): Ditto.
(sid_in_token_groups): Ditto.
(get_user_primary_group): Ditto.
(get_group_sidlist): Ditto.
(get_system_priv_list): Ditto.
(get_priv_list): Ditto.
(get_dacl): Ditto.
(create_token): Ditto.
(subauth): Return immediately if SE_TCB_NAME can't be assigned.
Change all return statements in case of error to jumps to `out'
label. Add `out' label to support cleanup.
* security.h: Add extern declarations for `well_known_local_sid',
`well_known_dialup_sid', `well_known_network_sid',
`well_known_batch_sid', `well_known_interactive_sid',
`well_known_service_sid' and `well_known_authenticated_users_sid'.
Add extern declarations for functions `create_token',
`extract_nt_dom_user' and `get_logon_server_and_user_domain'.
(class cygsid): Add method `assign'. Change operator= to call new
`assign' method. Add `debug_print' method.
(class cygsidlist): New class.
(legal_sid_type): Moved from sec_helper.cc to here.
* spawn.cc (spawn_guts) Revert reversion of previous patch.
Call `RevertToSelf' and `ImpersonateLoggedOnUser' instead of `seteuid'
again.
* syscalls.cc (seteuid): Rearranged. Call `create_token' now when
needed. Call `subauth' if `create_token' fails. Try setting token
owner and primary group only if token was not explicitely created
by `create_token'.
* uinfo.cc (internal_getlogin): Try harder to generate correct user
information. Especially don't trust return value of `GetUserName'.
* security.h: New define `NO_SID'. Remove declarations of functions
moved to methods into class cygsid.
(class cygsid): Declare new methods `getfromstr', `get_sid',
`getfrompw', `getfromgr', `get_rid', `get_uid', `get_gid', `string'
and new constructors and operators =, == and !=.
Declare new global cygsids `well_known_XXX_sid' substituting the
corresponding `get_XXX_sid' functions. Remove declarations of
these functions.
* sec_helper.cc (well_known_admin_sid): New global variable.
(well_known_system_sid): Ditto
(well_known_creator_owner_sid): Ditto
(well_known_world_sid): Ditto
(cygsid::string): New method, substituting `convert_sid_to_string_sid'.
(cygsid::get_sid): New method, substituting `get_sid'.
(cygsid::getfromstr): New method, substituting
`convert_string_sid_to_sid'.
(cygsid::getfrompw): New method, substituting `get_pw_sid'.
(cygsid::getfromgr): New method, substituting `get_gr_sid'.
(cygsid::get_id): New method, substituting `get_id_from_sid'.
(get_admin_sid): Eliminated.
(get_system_sid): Ditto.
(get_creator_owner_sid): Ditto.
(get_world_sid): Ditto.
* grp.cc: Use new cygsid methods and well known sids throughout.
* registry.cc: Ditto.
* sec_acl.cc: Ditto.
* security.cc: Ditto.
* shared.cc: Ditto.
* syscalls.cc (seteuid): Ditto. Eliminate redundant conditional.
* uinfo.cc (internal_getlogin): Ditto.
* spawn.cc (spawn_guts) Revert previous patch.
Add LoadDLLfuncEx statements for AllocateLocallyUniqueId@4,
DuplicateTokenEx@24, LsaNtStatusToWinError@4,
LsaDeregisterLogonProcess@4, LsaFreeReturnBuffer@4,
LsaLogonUser@56, LsaLookupAuthenticationPackage@12,
LsaRegisterLogonProcess@12,
* environ.cc: Add extern declaration for `subauth_id'.
(subauth_id_init): New function for setting `subauth_id'.
(struct parse_thing): Add entry for `subauth_id'.
* fork.cc (fork_parent): Call `RevertToSelf' and
`ImpersonateLoggedOnUser' instead of `seteuid'.
* security.cc: Define global variable `subauth_id'.
(extract_nt_dom_user): New function.
(cygwin_logon_user): Call `extract_nt_dom_user' now.
(str2lsa): New static function.
(str2buf2lsa): Ditto.
(str2buf2uni): Ditto.
(subauth): Ditto.
* security.h: Add prototype for `subauth'.
* spawn.cc (spawn_guts): Use cygheap->user.token only if impersonated.
Use `cygsid' type. Remove impersonation before allowing access to
workstation/desktop to everyone. Call `RevertToSelf' and
`ImpersonateLoggedOnUser' instead of `seteuid'.
* syscalls.cc (seteuid): Rearranged to allow using subauthentication
to retrieve user tokens when needed.
(read_etc_group): Substitute MAX_DOMAIN_NAME by
INTERNET_MAX_HOST_NAME_LENGTH.
* passwd.cc (parse_pwd): Don't force pw_name to be lower case.
* sec_helper.cc: Substitute MAX_USER_NAME by UNLEN,
MAX_COMPUTERNAME_LENGTH by INTERNET_MAX_HOST_NAME_LENGTH throughout.
(lookup_name): Slight cleanup.
* security.cc (alloc_sd): Substitute MAX_USER_NAME by UNLEN.
* security.h: Define DEFAULT_UID as DOMAIN_USER_RID_ADMIN and
DEFAULT_GID as DOMAIN_ALIAS_RID_ADMINS.
* shared.cc (memory_init): Substitute MAX_USER_NAME by UNLEN.
* thread.h: Ditto.
* uinfo.cc (internal_getlogin): Substitute MAX_USER_NAME by UNLEN.
Substitute MAX_COMPUTERNAME_LENGTH and MAX_HOST_NAME by
INTERNET_MAX_HOST_NAME_LENGTH.
* winsup.h: Include lmcons.h. Eliminate MAX_USER_NAME and
MAX_HOST_NAME. Move DEFAULT_UID and DEFAULT_GID to security.h.
* cygheap.cc: Include security.h.
* grp.cc (internal_getgrent): New function.
(getgroups): Rearranged using `internal_getgrent' and the new
`cygsid' class.
* passwd.cc (internal_getpwent): New function.
* sec_acl.cc: Use new `cygsid' class throughout.
(acl_access): Use `internal_getgrent' instead of `getgrent'.
* sec_helper.cc: Use new `cygsid' class throughout.
(get_id_from_sid): Use `internal_getgrent' instead of `getgrent'.
Use `internal_getpwent' instead of `getpwent'.
* security.cc: Use new `cygsid' class throughout.
* security.h: Move `MAX_SID_LEN' from winsup.h to here.
Add extern declarations for `internal_getgrent' and `internal_getpwent'.
(class cygsid): New class.
* shared.cc (sec_user): Use new `cygsid' class.
* syscalls.cc (seteuid): Try to set owner to user and primary group to
current group in impersonation token before performing impersonation.
(setegid): Try to set primary group in process token to the new group
if ntsec is on.
* uinfo.cc (internal_getlogin): Use new `cygsid' class.
Try to set owner to user and primary group to current group in process
token if the process has been started from a non cygwin process.
(uinfo_init): Set primary group only if the process has been started
from a non cygwin process.
* winsup.h: Move define for `MAX_SID_LEN' to security.h.
* sec_helper.cc (set_process_privilege): Rename from
`set_process_privileges'. Takes the privilege to enable or disable
as parameter now.
* security.h: Add prototype for `set_process_privileges'.
* security.cc: Swap out several functions.
* sec_acl.cc: New file. Move Sun compatibel ACL functions from
`security.cc' to here.
* sec_helper.cc: New file. Move security helper functions from
`security.cc' to here.
* security.h: Changed to accomodate the above changes.
* grp.cc: Replace `group_in_memory_p' by `group_state'.
Eliminate group_sem throughout.
(enum grp_state): New enumeration type.
(read_etc_group): Make race safe.
* security.cc: Eliminate group_sem throughout.
`smbntsec'.
* path.cc (path_conv::check): Check path for being a remote path.
If so and `allow_smbntsec' is set to FALSE, set has_acls to FALSE.
* security.cc: Add global definition for `allow_smbntsec'.
* security.h: Add extern declaration for `allow_smbntsec'.
* fhandler.cc (fhandler_disk_file::open): Eliminate extern declaration
of `allow_ntsec'.
* syscalls.cc: Ditto.
throughout.
* shared.h: Remove.
* cygwin_version.h: New file.
* delqueue.h: New file.
* environ.h: New file.
* host_dependent.h: New file.
* perprocess.h: New file.
* registry.h: New file.
* security.h: New file.
Christopher Faylor
Corinna Vinschen
Pierre Humblet
Robert Collins
Egor Duda