* path.cc (str2uni_cat): ...to here. Simplify. Make static inline.
(get_nt_native_path): Use RtlAppendUnicodeToString rather than
str2uni_cat for constant strings for speed.
* security.h (str2uni_cat): Drop declaration.
error when changing the user account on a standalone Samba server.
Explain why.
* sec_acl.cc (setacl): Accommodate additional parameter to set_file_sd.
* sec_helper.cc (SECURITY_SAMBA_UNIX_AUTHORITY): Define.
(well_known_samba_unix_user_fake_sid): Define.
* security.cc (set_file_sd): Take additional parameter if ownership
should be changed. Restrict requested permissions accordingly.
(set_file_attribute): Accommodate additional parameter to set_file_sd.
* security.h (well_known_samba_unix_user_fake_sid): Declare.
(set_file_sd): Align declaration to above change.
where appropriate.
* globals.cc: New file for generic global variables.
* mkglobals_h: New file to generate globals.h.
* mkstatic: New Script used to build a (currently non-working) static
libcygwin_s.a.
* Makefile.in: Add unused rule to build a non-working libcygwin_s.a.
(DLL_OFILES): Add globals.o. Make all objects rely on globals.h.
(globals.h): New target. Generate globals.h.
* cygtls.h: Honor new CYGTLS_HANDLE define to control when the HANDLE operator
is allowed in _cygtls.
* dcrt0.cc: Move most globals to globals.cc.
* init.cc: Ditto.
* environ.cc (strip_title_path): Remove now-unneeded extern.
* fhandler_serial.cc (fhandler_serial::open): Ditto.
* pinfo.cc: Ditto.
(commune_process): Ditto.
* shared.cc: Ditto.
* glob.cc: Ditto.
* strace.cc: Ditto.
* exceptions.cc: Define CYGTLS_HANDLE before including winsup.h.
* path.cc (stat_suffixes): Move here.
* security.h: Add forward class path_conv declaration.
* smallprint.cc (__small_vsprintf): Make a true c++ function.
(__small_sprintf): Ditto.
(small_printf): Ditto.
(console_printf): Ditto.
(__small_vswprintf): Ditto.
(__small_swprintf): Ditto.
* spawn.cc (spawn_guts): Remove _stdcall decoration in favor of regparm.
(hExeced): Move to globals.cc
* strfuncs.cc (current_codepage): Ditto.
(active_codepage): Ditto.
* sync.cc (lock_process::locker): Move here from dcrt0.cc.
* syscalls.cc (stat_suffixes): Move to path.cc.
* tty.cc (tty::create_master): Uncapitalize fatal warning for consistency.
* winsup.h: Include globals.h to declare most of the grab bag list of globals
which were previously defined here.
* mount.h: Move USER_* defines back to shared_info.h.
* speclib: Force temporary directory cleanup.
* cygserver.h (CYGWIN_SERVER_VERSION_API): Bump.
(request_code_t): Define CYGSERVER_REQUEST_SETPWD request type.
* cygserver_msg.h (client_request_msg::retval): Use default value of -1
for retval if msglen is 0.
* cygserver_sem.h (client_request_sem::retval): Ditto.
* cygserver_shm.h (client_request_shm::retval): Ditto.
* cygserver_setpwd.h: New file.
* external.cc (cygwin_internal): Implement new CW_SET_PRIV_KEY type.
* sec_auth.cc (open_local_policy): Make externally available.
Get ACCESS_MASK as argument.
(create_token): Accommodate change to open_local_policy.
(lsaauth): Ditto.
(lsaprivkeyauth): New function fetching token by retrieving
password stored in Cygwin or Interix LSA private data area and
calling LogonUser with it.
* security.h (lsaprivkeyauth): Declare.
(open_local_policy): Declare.
* setlsapwd.cc: New file implementing setting LSA private data password
using LsaStorePrivateData or by calling cygserver if available.
* syscalls.cc (seteuid32): Add workaround to get the original token
when switching back to the original privileged user, even if
setgroups group list is still active. Add long comment to explain why.
Call lsaprivkeyauth first, only if that fails call lsaauth or
create_token.
* include/cygwin/version.h: Bump API minor number.
* include/sys/cygwin.h (cygwin_getinfo_types): Add CW_SET_PRIV_KEY.
additional path_conv argument.
* fhandler.cc (fhandler_base::open): Ditto.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Never set DOS
R/O attribute when using ACLs.
(fhandler_disk_file::mkdir): Ditto. Set
security descriptor on remote dirs after creating the dir, same as in
fhandler_base::open.
* fhandler_socket.cc (fhandler_socket::bind): Ditto for remote AF_LOCAL
socket files.
* path.cc (symlink_worker): Ditto. for remote symlinks.
* security.cc (alloc_sd): Take additional path_conv argument.
Accommodate throughout. Drop setting FILE_WRITE_EA/FILE_READ_EA
flags unconditionally (was only necessary for "ntea"). Don't set
FILE_READ_ATTRIBUTES and FILE_WRITE_ATTRIBUTES unconditionally on
Samba. Add comment to explain. Drop useless setting of
STANDARD_RIGHTS_WRITE, it's in FILE_GENERIC_WRITE anyway.
Remove FILE_READ_ATTRIBUTES bit from FILE_GENERIC_EXECUTE so as not
to enforce read permissions on Samba.
(set_security_attribute): Take additional path_conv argument.
* security.h (set_security_attribute): Change prototype accordingly.
MAX_DOMAIN_NAME_LEN throughout.
* cyglsa.h (CYG_LSA_MAGIC): New value.
(cyglsa_t): Define username and domain as WCHAR arrays.
* errno.cc (errmap): Add mapping for ERROR_NONE_MAPPED.
* sec_auth.cc: Drop 'w' prefix from WCHAR string variable names where
appropriate.
(extract_nt_dom_user): Prefer resolving by SID before resolving by
domain\name pair.
(cygwin_logon_user): Don't print cleartext password in debug output.
Change comment.
(get_user_groups): Revert calls to LookupAccountNameW to use NULL
server instead of explicit server name, according to MSDN.
(get_user_local_groups): Ditto.
(get_server_groups): Fetch domain and user name from usersid per
LookupAccountSidW instead of calling extract_nt_dom_user.
(lsaauth): Fetch domain and user name from usersid per LookupAccountSidW
instead of calling extract_nt_dom_user.
* sec_helper.cc (cygpriv): Convert to wchar_t pointer array.
(privilege_luid): Convert first parameter to PWCHAR.
(privilege_name): Return wchar_t pointer.
(set_privileges): Accommodate debug output.
* security.h (privilege_luid): Change prototype accordingly.
* dcrt0.cc (child_info_spawn::handle_spawn): Drop artificial
supplementary group list from calling setgroups in parent.
* grp.cc (internal_getgroups): Drop 9x-only code. Reformat.
* sec_auth.cc (get_logon_server): Do everything in WCHAR only.
(get_user_groups): Ditto. Use wlogonserver in LookupAccountNameW
calls, too.
(is_group_member): Get logon server as first argument and use in call
to NetLocalGroupGetMembers.
(get_user_local_groups): Get logon server as first argument and use in
calls to NetLocalGroupEnum and LookupAccountNameW. Revamp to work
more correctly in domain environments.
(get_server_groups): Accommodate aforementioned changed function calls.
* security.h (get_logon_server): Change prototype accordingly.
* uinfo.cc (cygheap_user::env_logsrv): Accommodate changed
get_logon_server call.
wsa_event.h instead.
* fhandler_socket.cc (NUM_SOCKS): Move to wsa_event.h.
(wsa_events): Move from DLL shared area to cygwin_shared shared
memory. Accommodate throughout.
(socket_serial_number): Ditto.
* fhandler_tape.cc (mt): Ditto.
(mtinfo_init): Remove.
(mt): Define as cygwin_shared->mt.
* flock.cc (FLOCK_PARENT_DIR_ACCESS): Remove.
(FLOCK_INODE_DIR_ACCESS): Move up in file.
(FLOCK_MUTANT_ACCESS): Ditto.
(FLOCK_EVENT_ACCESS): Ditto.
(get_lock_parent_dir): Remove.
(inode_t::inode_t): Call get_shared_parent_dir to get parent dir handle.
Add a "flock-" prefix to file's lock directory name for clarity.
* mtinfo.h (mtinfo_init): Drop declaration.
* net.cc (last_used_bindresvport): Move from DLL shared area to
cygwin_shared shared memory.
(cygwin_bindresvport_sa): Accommodate above change.
* sec_helper.cc (_everyone_sd): Move here from flock.cc.
* security.h (SD_MIN_SIZE): Ditto.
(everyone_sd): Ditto.
* shared.cc (cygwin_shared_area): Remove.
(cygwin_shared_h): New handle.
(get_shared_parent_dir): New static function.
(shared_name): Drop session_local argument. Call get_shared_parent_dir
here. Add cygwin-shared subdir to object name.
(offsets): Reinstantiate SH_CYGWIN_SHARED member.
(open_shared): Revert change from 2007-03-29 for systems supporting
SeCreateGlobalPrivilege.
(shared_info::initialize): Call mtinfo's initialize here.
(memory_init): Drop call to mtinfo_init.
* shared_info.h (SHARED_INFO_CB): Accommodate change to shared_info.
(CURR_SHARED_MAGIC): Ditto.
(class shared_info): Add members for global socket and tape info
sharing.
(enum shared_locations): Reinstantiate SH_CYGWIN_SHARED.
(get_shared_parent_dir): Declare.
(shared_name): Drop session_local argument from declaration.
* wsa_event.h: New file. Move definitions of NUM_SOCKS and
struct wsa_event here.
(cwcsdup1): New function.
* cygheap.h (cygheap_user::get_windows_id): New method returning PWCHAR.
(cwcsdup): Declare.
(cwcsdup1): Declare.
* registry.cc (get_registry_hive_path): Use WCHAR instead of char
throughout.
(load_registry_hive): Ditto.
* registry.h (get_registry_hive_path): Change declaration accordingly.
(load_registry_hive): Ditto.
* sec_helper.cc (cygpsid::string): New method returning PWCHAR.
* security.h (cygpsid::string): Declare.
* syscalls.cc (seteuid32): Convert local name var to WCHAR.
* uinfo.cc (cygheap_user::env_userprofile): Convert local name buffers
to WCHAR. Call sys_wcstombs_alloc to generate puserprof buffer.
* winsup.h: Fix comment.
(NT_MAX_PATH): New definition for maximum internal path length.
Use throughout where appropriate.
* include/limits.h (PATH_MAX): Set to 4096 as on Linux.
* cygwin.din (getxattr, listxattr, removexattr, setxattr, lgetxattr,
llistxattr, lremovexattr, lsetxattr, fgetxattr, flistxattr,
fremovexattr, fsetxattr): Export Linux extended attribute functions.
Sort.
* errno.cc (errmap): Add mappings for ERROR_EAS_DIDNT_FIT,
ERROR_EAS_NOT_SUPPORTED, ERROR_EA_LIST_INCONSISTENT,
ERROR_EA_TABLE_FULL, ERROR_FILE_CORRUPT, ERROR_INVALID_EA_NAME.
* fhandler.h (class fhandler_base): Declare new fgetxattr and
fsetxattr methods.
(class fhandler_disk_file): Ditto.
* fhandler.cc (fhandler_base::fgetxattr): New method.
(fhandler_base::fsetxattr): New method.
* fhandler_disk_file.cc (fhandler_disk_file::fgetxattr): New method.
(fhandler_disk_file::fsetxattr): New method.
* ntdll.h (STATUS_EA_TOO_LARGE): Define.
(STATUS_NONEXISTENT_EA_ENTRY): Define.
(STATUS_NO_EAS_ON_FILE): Define.
* ntea.cc (read_ea): Rewrite for long pathnames and for using with
Linux extended attribute functions.
(write_ea): Ditto.
(getxattr_worker): New static function.
(getxattr): New function.
(lgetxattr): New function.
(fgetxattr): New function.
(listxattr): New function.
(llistxattr): New function.
(flistxattr): New function.
(setxattr_worker): New static function.
(setxattr): New function.
(lsetxattr): New function.
(fsetxattr): New function.
(removexattr): New function.
(lsetxattr): New function.
(fsetxattr): New function.
* security.h (read_ea): Change declaration according to above changes.
(write_ea): Ditto.
* include/cygwin/version.h: Bump API minor version.
of access control functions throughout.
* fhandler_disk_file.cc: Ditto.
* fhandler_registry.cc: Ditto.
* sec_acl.cc: Drop unnecessary includes.
(setacl): Take path_conv instead of file name as parameter.
Accommodate interface changes of access control functions.
(getacl): Ditto.
* sec_auth.cc: New file, taking over all authentication related
functions from security.cc.
* sec_helper.cc: Drop unnecessary includes.
* security.cc: Ditto. Move all authentication related functions to
sec_auth.cc.
(ALL_SECURITY_INFORMATION): New define. Use throughout.
(set_file_sd): New function, replacing read_sd and the file related
part of get_nt_object_security.
(get_reg_sd): Rename from get_reg_security. Drop type parameter.
(get_reg_attribute): New function, replacing the registry related part
of get_nt_object_security.
(get_file_attribute): Take path_conv instead of file name as parameter.
Use new get_file_sd call.
(set_file_attribute): Ditto plus new set_file_sd. Drop unnecessary
implementation without uid/gid parameters.
(check_file_access): Take path_conv instead of file name as parameter.
Use new get_file_sd call.
(check_registry_access): Use new get_reg_sd call.
* security.h: Accommodate above interface changes.
* mmap.cc (mlock): Accommodate parameter change in call to
push_thread_privilege.
(munlock): Ditto.
* ntdll.h (STATUS_NOT_ALL_ASSIGNED): Define.
(NtAdjustPrivilegesToken): Declare.
* sec_helper.cc (cygpriv): Reorder to match numerical privilege order.
(privilege_luid): Take job of privilege_luid_by_name, using new
cygpriv.
(privilege_luid_by_name): Remove.
(privilege_name): Accommodate new cygpriv array.
(set_privilege): Call NtAdjustPrivilegesToken to avoid using advapi32.
Accommodate changes to privilege_name.
(set_cygwin_privileges): Simplify. Don't try to set
SE_CREATE_GLOBAL_PRIVILEGE on systems not supporting it.
* security.cc (sys_privs): Reorder to match numerical privilege order.
Use real privilege values as defined in security.h.
(get_system_priv_list): Drop unused grp_list argument. Create
list of privileges according to new wincapc::max_sys_priv value.
(get_priv_list): Call privilege_luid instead of privilege_luid_by_name.
Make priv a local value instead of a pointer.
(create_token): Accommodate parameter change in call to
push_self_privilege.
(lsaauth): Ditto.
(check_access): Use privilege values directly instead of calling
privilege_luid.
* security.h: Define real privilege values.
(cygpriv_idx): Remove.
(privilege_luid): Change declaration.
(privilege_luid_by_name): Drop declaration.
(set_privilege): Change declaration.
(set_process_privilege): Drop definition.
(_push_thread_privilege): Accomodate new set_privilege parameters.
* wincap.h (wincapc::max_sys_priv): New element.
* wincap.cc: Implement above element throughout.
(wincap_2000sp4): New wincaps structure.
(wincap_xpsp1): Ditto.
(wincap_xpsp2): Ditto.
(wincapc::init): Use new wincaps.
(wincapc::max_sys_priv): New element.
Accommodate changge throughout Cygwin.
(cygheap_user::imp_token): Rename from token. Accommodate changge
throughout Cygwin.
(rcygheap_user::eimpersonate): Use primary token for impersonation.
* grp.cc (internal_getgroups): Use primary impersonation token when
impersonated.
* security.h (_push_thread_privilege): Use primary impersonation token
when impersonated.
shared_prefix depending only on terminal service capability.
* dcrt0.cc (dll_crt0_1): Don't call set_cygwin_privileges here.
* fhandler_fifo.cc (fhandler_fifo::open): Create the mutex as global
object.
* posix_ipc.cc (ipc_mutex_init): Use cygheap->shared_prefix.
(ipc_cond_init): Ditto.
* sec_helper.cc (privilege_name): Make static. Use LookupPrivilegeName
directly to be independent of the state of cygheap.
(set_privilege): Take a LUID as parameter instead of an index value.
Only print debug output in case of failure.
(set_cygwin_privileges): Add comment. Use LookupPrivilegeValue to
get privilege LUIDs.
(init_global_security): Call set_cygwin_privileges here.
* security.h (privilege_name): Drop declaration.
(set_privilege): Declare according to above change.
(set_process_privilege): Call privilege_luid to get LUID.
(_push_thread_privilege): Ditto.
* shared.cc (open_shared): Add comment. On systems supporting the
SeCreateGlobalPrivilege, try to create/open global shared memory first.
Fall back to local shared memory if that fails.
* thread.cc (semaphore::semaphore): Use cygheap->shared_prefix.
* wincap.h (wincapc::has_create_global_privilege): New element.
* wincap.cc: Implement above element throughout.
* sec_acl.cc (setacl): Ditto. Set to true if any ACE with write
permissions is created.
* fhandler_disk_file.cc (fhandler_disk_file::facl): Reset
FILE_ATTRIBUTE_READONLY if ACL contains an ACE with write permissions.
user information on NT4.
* sec_helper.cc (security_descriptor::malloc): Drop LocalAlloc
considerations.
(security_descriptor::realloc): Ditto.
(security_descriptor::free): Ditto.
* security.cc (get_reg_security): Reinstantiate.
(get_nt_object_security): Revert to using NtQuerySecurityObject.
* security.h (class security_descriptor): Drop type member.
Accommodate throughout.
(security_descriptor::size): Constify.
(security_descriptor::copy): Ditto.
impersonation token, which collides with Vista UAC.
* cygheap.h (deimpersonate): revert to self instead of impersonating
hProcImpToken.
(reimpersonate): Only impersonate if setuid.
* dcrt0.cc (dll_crt0_0): Don't initialize hProcImpToken here.
(dll_crt0_1): Set privileges on hProcToken.
* fork.cc (frok::child): Set privileges on hProcToken. Close handle to
hProcImpToken.
* grp.cc (internal_getgroups): Use hProcToken instead of hProcImpToken.
* security.cc (check_access): Create hProcImpToken on demand here.
* security.h (set_process_privilege): Set privileges on hProcToken.
(_push_thread_privilege): Use hProcToken instead of hProcImpToken.
(pop_thread_privilege): If not setuid'ed, revert to self.
* syscalls.cc (setegid32): Drop setting primary group on hProcImpToken.
Close handle to hProcImpToken.
* uinfo.cc (internal_getlogin): Ditto.
* winsup.h (clear_procimptoken): New inline function.
* environ.cc: Disable subauth settings.
* grp.cc: Accomodate cygsidlist's count now being a method.
* sec_helper.cc (SECURITY_MANDATORY_INTEGRITY_AUTHORITY): Remove.
(mandatory_medium_integrity_sid): Remove.
(mandatory_high_integrity_sid): Remove.
(mandatory_system_integrity_sid): Remove.
(fake_logon_sid): Add.
(cygsid::get_sid): Add well_known parameter. Set well_known_sid
accordingly.
(cygsid::getfromstr): Ditto.
(cygsidlist::alloc_sids): Move here from security.cc.
(cygsidlist::free_sids): Ditto.
(cygsidlist::add): Move here from security.h. Add well_known parameter.
Set well_known_sid accordingly. Don't allow duplicate SIDs.
* security.cc: Include cyglsa.h and cygwin/version.h. Throughout
accomodate cygsidlist's count now being a method. Throughout drop
redundant "contains" tests.
(get_user_local_groups): Add local groups as well known SIDs.
(get_token_group_sidlist): Add well known groups as well known SIDs.
(get_server_groups): Ditto. Only call get_unix_group_sidlist after
get_user_local_groups to maintain "well_known_sid" attribute.
(get_initgroups_sidlist): Add well known groups as well known SIDs.
(get_setgroups_sidlist): Add usersid and struct passwd parameter to
allow calling get_server_groups from here.
(get_system_priv_list): Make static. Return size of TOKEN_PRIVILEGES
structure.
(get_priv_list): Ditto.
(create_token): Accomodate above changes. Drop misguided attempt to
add MIC SIDs to created user token. Print returned token as hex value.
(subauth): Disable.
(lsaauth): New function implementing client side of LSA authentication.
* security.h (class cygsid): Add well_known_sid attribute. Accomodate
throughout. Add *= operator to create a well known SID.
(class cygsidlist): Rename count to cnt. Make count a method.
(cygsidlist::add): Move to sec_helper.cc.
(cygsidlist::operator *=): New method to add well known SID.
(cygsidlist::non_well_known_count): New method returning number of
non well known SIDs in list.
(cygsidlist::next_non_well_known_sid): New method returning next non
well known SID by index.
(mandatory_medium_integrity_sid): Drop declaration.
(mandatory_high_integrity_sid): Drop declaration.
(mandatory_system_integrity_sid): Drop declaration.
(fake_logon_sid): Add declaration.
(subauth): Disable declaration.
(lsaauth): Add declaration.
* syscalls.cc (seteuid32): Disable subauthentication. Add LSA
authentication.
* wincap.h: Define needs_logon_sid_in_sid_list throughout.
* wincap.cc: Ditto.
(well_known_this_org_sid): New well known sid.
(SECURITY_MANDATORY_INTEGRITY_AUTHORITY): Define.
(mandatory_medium_integrity_sid): New well known sid.
(mandatory_high_integrity_sid): Ditto.
(mandatory_system_integrity_sid): Ditto.
(cygsid::get_sid): Use local SID_IDENTIFIER_AUTHORITY. Allow all
authorities fitting in a UCHAR.
* security.cc (get_token_group_sidlist): Always add the local
group to the token. Add comment. Add "This Organization" group
if available in incoming group list.
(get_server_groups): Only add world and authenticated users groups
if not already in list.
(create_token): Add matching mandatory integrity SID to group list
on systems supporting Mandatory Integrity Control.
* security.h (well_known_this_org_sid): Define.
(mandatory_medium_integrity_sid): Define.
(mandatory_high_integrity_sid): Define.
(mandatory_system_integrity_sid): Define.
* wincap.h: Define has_mandatory_integrity_control throughout.
* wincap.cc: Ditto.
* sec_helper.cc (security_descriptor::malloc): Use own free method.
Set type.
(security_descriptor::realloc): Handle the case that psd has been
allocated using LocalAlloc. Set type.
(security_descriptor::free): Ditto.
* security.cc (get_nt_attribute): Remove.
(get_reg_security): Remove.
(get_nt_object_security): Use GetSecurityInfo which handles all
securable objects.
(get_nt_object_attribute): Remove.
(get_object_attribute): Call get_nt_object_security instead of
get_nt_object_attribute.
(get_file_attribute): Ditto.
(check_registry_access): Call get_nt_object_security instead of
get_reg_security.
* security.h (cygpsid::operator PSID): Make method const, not the
result.
(class security_descriptor): Add type member. Accomodate throughout.
(security_descriptor::copy): New method.
(security_descriptor::operator PSECURITY_DESCRIPTOR *): New operator.
for registry keys/values if ntsec is on.
* security.cc (check_access): New static function derived from
check_file_access, but object type agnostic.
(check_file_access): Only do file specific stuff. Call check_access.
(check_registry_access): New access check function for registry keys/
values.
* security.h (check_registry_access): Declare.
* include/cygwin/version.h: Bump DLL version to 1.7.0.
2006-07-25 Corinna Vinschen <corinna@vinschen.de>
* select.h: Remove.
* fhandler_socket.cc: Don't include select.h.
* select.cc: Ditto.
2006-07-25 Corinna Vinschen <corinna@vinschen.de>
* cygtls.h: Drop socket related includes.
(struct _local_storage): Remove exitsock and exitsock_sin. Add
select_sockevt.
* cygtls.cc: Accomodate above change throughout.
* fhandler.h (class fhandler_socket): Make wsock_evt public.
* fhandler_socket.cc (fhandler_socket::fhandler_socket): Accomodate
reordering members.
(fhandler_socket::evaluate_events): Drop FD_CONNECT event as soon as
it gets read once. Never remove FD_WRITE event here.
(fhandler_socket::wait_for_events): Wait 50 ms instead of INFINITE for
socket events.
(fhandler_socket::accept): Fix conditional. Set wsock_events members
of accepted socket to useful start values.
(fhandler_socket::recv_internal): Always drop FD_READ/FD_OOB events from
wsock_events after the call to WSARecvFrom.
(fhandler_socket::send_internal): Drop FD_WRITE event from wsock_events
if the call to WSASendTo fails with WSAEWOULDBLOCK. Fix return value
condition.
* select.cc (struct socketinf): Change to accomodate using socket event
handling.
(peek_socket): Use event handling for peeking socket.
(thread_socket): Ditto.
(start_thread_socket): Ditto.
(socket_cleanup): Same here.
* tlsoffsets.h: Regenerate.
2006-07-20 Corinna Vinschen <corinna@vinschen.de>
* fhandler.h (class fhandler_socket): Rearrange slightly to keep
event handling methods and members together. Drop owner status flag.
Split wait method. Rename event handling methods for readability.
* fhandler_socket.cc (struct wsa_event): Add owner field.
(LOCK_EVENTS): New macro.
(UNLOCK_EVENTS): Ditto.
(fhandler_socket::init_events): rename from prepare.
(fhandler_socket::evaluate_events): First half of former wait method.
Do everything but wait. Allow specifiying whether or not events from
event_mask should be erased from wsock_events->events. Simplify
OOB handling. Allow sending SIGURG to any process (group).
(fhandler_socket::wait_for_events): Second half of former wait method.
Call evaluate_events and wait in a loop if socket is blocking.
(fhandler_socket::release_events): Rename from release.
(fhandler_socket::connect): Accomodate above name changes.
(fhandler_socket::accept): Ditto.
(fhandler_socket::recv_internal): Ditto.
(fhandler_socket::send_internal): Ditto.
(fhandler_socket::close): Ditto.
(fhandler_socket::fcntl): Always set owner to given input value on
F_SETOWN. Handle F_GETOWN.
* net.cc (fdsock): Accomodate above name changes.
2006-07-20 Corinna Vinschen <corinna@vinschen.de>
* fhandler_socket.cc (fhandler_socket::wait): Set Winsock errno to
WSAEWOULDBLOCK instead of WSAEINPROGRESS.
2006-07-18 Brian Ford <Brian.Ford@FlightSafety.com>
Corinna Vinschen <corinna@vinschen.de>
* winsup.h (mmap_region_status): New enum.
(mmap_is_attached_or_noreserve_page): Adjust prototype and rename
as below.
* mmap.cc (mmap_is_attached_or_noreserve_page): Rename
mmap_is_attached_or_noreserve. Add region length parameter.
Return enum above.
* exceptions.cc (_cygtls::handle_exceptions): Accomodate above.
* fhandler.cc (fhandler_base::raw_read): Call above for NOACCESS
errors and retry on success to allow reads into untouched
MAP_NORESERVE buffers.
2006-07-18 Corinna Vinschen <corinna@vinschen.de>
* cygwin.din (posix_openpt): Export.
* tty.cc (posix_openpt): New function.
* include/cygwin/stdlib.h (posix_openpt): Declare.
* include/cygwin/version.h: Bump API minor number.
2006-07-14 Corinna Vinschen <corinna@vinschen.de>
* security.cc (get_token_group_sidlist): Always add the interactive
group to the token. Add comment. Create logon_id group SID by
copying it from incoming group list.
(create_token): Add subauth_token parameter. Use information in
subauth_token if present. Tweak SourceIdentifier if subauth_token
is present for debugging purposes.
* security.h (create_token): Add subauth_token parameter in declaration.
* syscalls.cc (seteuid32): Call subauth first. Call create_token
regardless. Use subauth token in call to create_token if subauth
succeeded.
2006-07-13 Corinna Vinschen <corinna@vinschen.de>
* include/netinet/in.h: Update copyright.
2006-07-13 Corinna Vinschen <corinna@vinschen.de>
* fhandler_socket.cc (fhandler_socket::wait): Rework function so that
WaitForMultipleObjects is really only called when necessary.
2006-07-12 Corinna Vinschen <corinna@vinschen.de>
* include/netdb.h: Declare rcmd, rcmd_af, rexec, rresvport,
rresvport_af, iruserok, iruserok_sa, ruserok.
2006-07-12 Corinna Vinschen <corinna@vinschen.de>
* Makefile.in (DLL_OFILES): Drop iruserok.o. Add rcmd.o.
* autoload.cc (rcmd): Drop definition.
* cygwin.din: Export bindresvport, bindresvport_sa, iruserok_sa,
rcmd_af, rresvport_af.
* net.cc (cygwin_rcmd): Remove.
(last_used_bindresvport): Rename from last_used_rrecvport.
(cygwin_bindresvport_sa): New function implementing bindresvport_sa.
(cygwin_bindresvport): New function implementing bindresvport.
(cygwin_rresvport): Remove.
* include/cygwin/version.h: Bump API minor number.
* include/netinet/in.h: Declare bindresvport and bindresvport_sa.
* libc/iruserok.c: Remove file.
* libc/rcmd.cc: New file implementing rcmd, rcmd_af, rresvport,
rresvport_af, iruserok_sa, iruserok and ruserok.
2006-07-12 Corinna Vinschen <corinna@vinschen.de>
* fhandler_socket.cc (fhandler_socket::getsockname): Return valid
result for unbound sockets.
2006-07-11 Corinna Vinschen <corinna@vinschen.de>
* fhandler_socket.cc (fhandler_socket::fixup_after_fork): Handle
wsock_mtx and wsock_evt on fork, thus handling close_on_exec correctly.
(fhandler_socket::fixup_after_exec): Drop misguided attempt to handle
close_on_exec here.
(fhandler_socket::dup): Call fixup_after_fork with NULL parent.
Add comment.
(fhandler_socket::set_close_on_exec): Handle wsock_mtx and wsock_evt.
2006-07-10 Corinna Vinschen <corinna@vinschen.de>
* fhandler.h (class fhandler_socket): Add wsock_mtx, wsock_evt
and wsock_events members. Remove closed status flag, add listener
status flag. Accomodate new implementation of socket event handling
methods. Declare recv* and send* functions ssize_t as the POSIX
equivalents.
(fhandler_socket::recv_internal): Declare.
(fhandler_socket::send_internal): Ditto.
* fhandler_socket.cc (EVENT_MASK): Define mask of selected events.
(fhandler_socket::fhandler_socket): Initialize new members.
(fhandler_socket::af_local_setblocking): Don't actually set the
socket to blocking mode. Keep sane event selection.
(fhandler_socket::af_local_unsetblocking): Don't actually set the
socket to previous blocking setting, just remember it.
(struct wsa_event): New structure to keep event data per shared
socket.
(NUM_SOCKS): Define number of shared sockets concurrently handled by
all active Cygwin processes.
(wsa_events): New shared datastructure keeping all wsa_event records.
(socket_serial_number): New shared variable to identify shared sockets.
(wsa_slot_mtx): Global mutex to serialize wsa_events access.
(search_wsa_event_slot): New static function to select a new wsa_event
slot for a new socket.
(fhandler_socket::prepare): Rewrite. Prepare event selection
per new socket.
(fhandler_socket::wait): Rewrite. Wait for socket events in thread
safe and multiple process safe.
(fhandler_socket::release): Rewrite. Close per-socket descriptor
mutex handle and event handle.
(fhandler_socket::dup): Duplicate wsock_mtx and wsock_evt. Fix
copy-paste error in debug output.
(fhandler_socket::connect): Accomodate new event handling.
(fhandler_socket::listen): Set listener flag on successful listen.
(fhandler_socket::accept): Accomodate new event handling.
(fhandler_socket::recv_internal): New inline method centralizing
common recv code.
(fhandler_socket::recvfrom): Call recv_internal now.
(fhandler_socket::recvmsg): Ditto. Streamline copying from iovec
to WSABUF.
(fhandler_socket::send_internal): New inline method centralizing
common send code.
(fhandler_socket::sendto): Call send_internal now.
(fhandler_socket::sendmsg): Ditto. Streamline copying from iovec
to WSABUF.
(fhandler_socket::close): Call release now.
(fhandler_socket::ioctl): Never actually switch to blocking mode.
Just keep track of the setting.
* net.cc (fdsock): Call prepare now.
(cygwin_connect): Revert again to event driven technique.
(cygwin_accept): Ditto.
* poll.cc (poll): Don't call recvfrom on a listening socket.
Remove special case for failing recvfrom.
* include/sys/socket.h: Declare recv* and send* functions ssize_t as
requested by POSIX.
2006-07-07 Corinna Vinschen <corinna@vinschen.de>
* net.cc (cygwin_inet_ntop): Fix data type of forth parameter.
2006-07-06 Corinna Vinschen <corinna@vinschen.de>
* include/cygwin/in6.h (struct in6_addr): Fix typo.
2006-07-06 Corinna Vinschen <corinna@vinschen.de>
* cygwin.din: Export in6addr_any, in6addr_loopback, freeaddrinfo,
gai_strerror, getaddrinfo, getnameinfo.
* fhandler_socket.cc: Include cygwin/in6.h.
(get_inet_addr): Accomodate AF_INET6 usage.
(fhandler_socket::connect): Ditto.
(fhandler_socket::listen): Ditto.
(fhandler_socket::sendto): Ditto.
* net.cc: Include cygwin/in6.h.
(in6addr_any): Define.
(in6addr_loopback): Define.
(cygwin_socket): Accomodate AF_INET6 usage.
(socketpair): Bind socketpairs only to loopback for security.
(inet_pton4): New static function.
(inet_pton6): Ditto.
(cygwin_inet_pton): New AF_INET6 aware inet_pton implementation.
(inet_ntop4): New static function.
(inet_ntop6): Ditto.
(cygwin_inet_ntop): New AF_INET6 aware inet_ntop implementation.
(ga_aistruct): New static function.
(ga_clone): Ditto.
(ga_echeck): Ditto.
(ga_nsearch): Ditto.
(ga_port): Ditto.
(ga_serv): Ditto.
(ga_unix): Ditto.
(gn_ipv46): Ditto.
(ipv4_freeaddrinfo): Ditto.
(ipv4_getaddrinfo): Ditto.
(ipv4_getnameinfo): Ditto.
(gai_errmap_t): New structure holding error code - error string mapping.
(cygwin_gai_strerror): New function implementing gai_strerror.
(w32_to_gai_err): New static function.
(get_ipv6_funcs): Ditto.
(load_ipv6_funcs): Ditto.
(cygwin_freeaddrinfo): New function implementing freeaddrinfo.
(cygwin_getaddrinfo): New function implementing getaddrinfo.
(cygwin_getnameinfo): New function implementing getnameinfo.
* include/netdb.h: Include stdint.h and cygwin/socket.h. Define
data types and macros used by getaddrinfo and friends. Declare
freeaddrinfo, gai_strerror, getaddrinfo and getnameinfo.
* include/cygwin/in.h: Add IPv6 related IPPROTOs. Remove definition
of struct sockaddr_in6. Include cygwin/in6.h instead.
* include/cygwin/in6.h: New header file defining IPv6 releated
data types and macros.
* include/cygwin/socket.h: Enable AF_INET6 and PF_INET6. Add
IPv6 related socket options.
* include/cygwin/version.h: Bump API minor number.
2006-07-06 Corinna Vinschen <corinna@vinschen.de>
* autoload.cc (DsGetDcNameA): Define.
(NetGetAnyDCName): Define.
* security.cc: Include dsgetdc.h.
(DsGetDcNameA): Declare.
(DS_FORCE_REDISCOVERY): Define.
(get_logon_server): Add bool parameter to control rediscovery of DC.
Use DsGetDcNameA function if supported, NetGetDCName/NetGetAnyDCName
otherwise.
(get_server_groups): Rediscover DC if get_user_groups fails and
try again.
(get_reg_security): Use correct error code macro when testing
RegGetKeySecurity return value.
* security.h (get_logon_server): Remove default vaue from wserver
parameter. Add rediscovery parameter.
* uinfo.cc (cygheap_user::env_logsrv): Accomodate rediscovery parameter
in call to get_logon_server.
(NtSetEaFile): Define.
* fhandler.cc (fhandler_base::open): Use appropriate open flags
in query case when allow_ntea is set.
* ntdll.h (struct _FILE_GET_EA_INFORMATION): Define.
(struct _FILE_FULL_EA_INFORMATION): Define.
(NtQueryEaFile): Declare.
(NtSetEaFile): Declare.
* ntea.cc (read_ea): Rename from NTReadEA and rewrite using
NtQueryEaFile.
(write_ea): Rename from NTWriteEA and rewrite using NtSetEaFile.
* path.cc (get_symlink_ea): Make static. Add handle parameter to
accomodate new read_ea call.
(set_symlink_ea): Make static. Add handle parameter to accomodate new
write_ea call.
(symlink_worker): Call set_symlink_ea while file is still open.
(symlink_info::check): Call get_symlink_ea after file has been opened.
* security.cc (get_file_attribute): Accomodate new read_ea call.
(set_file_attribute): Accomodate new write_ea call.
* security.h (read_ea): Change declaration accordingly.
(write_ea): Ditto.
allocate dynamically.
(pinfo::set_acl): Replace sa_buf by dynamically allocated acl_buf.
* sec_acl.cc (setacl): Allocate acl dynamically.
* sec_helper.cc (sec_acl): Add test for alignment of acl when
DEBUGGING is defined.
(__sec_user): Same for sa_buf.
* security.cc (verify_token): Define sd_buf as PSECURITY_DESCRIPTOR
and allocate dynamically.
(alloc_sd): Allocate acl dynamically.
security.h (sec_user_nih): Change first parameter to
SECURITY_ATTRIBUTES *.
(sec_user): Ditto.
* sigproc.cc (wait_sig): Define sa_buf as PSECURITY_ATTRIBUTES and
allocate dynamically.
* syscalls.cc (seteuid32): Define dacl_buf as PACL and allocate
dynamically.
* uinfo.cc (cygheap_user::init): Define sa_buf as PSECURITY_ATTRIBUTES
and allocate dynamically.
* winbase.h (ilockincr): Mark first argument of inline assembly as
earlyclobber.
(ilockdecr): Ditto.
(get_server_groups): Declare new function.
* security.cc (is_group_member): Simplify.
(get_server_groups): New function.
(get_initgroups_sidlist): Call get_server_groups.
(verify_token): Allow token when supplementary sids are not in
/etc/group but are in the token.
Streamline the code.
* grp.cc (initgroups32): New implementation.
(getgroups32): Handle case where the supplementary groups are set.
* cygheap.h (cygheap_user::curr_primary_token): New member.
(cygheap_user::primary_token): New method.
(cygheap_user::deimpersonate): Always revert to processes'
impersonation token.
(cygheap_user::reimpersonate): Set processes' or setuid token as
necessary.
(cygheap_user::has_impersonation_tokens): Look for curr_primary_token
value.
(cygheap_user::close_impersonation_tokens): Close curr_primary_token
here if necessary. Don't reset token values to NO_IMPERSONATION since
that's done in uinfo_init anyway.
(init_cygheap::luid): New LUID array keeping privilege LUIDs.
* cygtls.cc (_cygtls::init_thread): Call cygheap->user.reimpersonate.
* dcrt0.cc (hProcToken): New global variable to keep process token.
(hProcImpToken): Ditto for process impersonation token.
(dll_crt0_0): Open process token here once. Duplicate to create
hProcImpToken.
(dll_crt0_1): Call set_cygwin_privileges.
* environ.cc (allow_ntea): Drop duplicate declaration.
(allow_smbntsec): Ditto.
(set_traverse): Only set allow_traverse here.
(environ_init): Ditto.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Drop call to
enable_restore_privilege.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::facl): Ditto.
* fork.cc (fork_child): Move call to cygheap->user.reimpersonate after
syn with parent. Call set_cygwin_privileges.
* grp.cc (internal_getgroups): Use hProcImpToken instead of opening
process token.
* path.cc (fs_info::update): Bypass traverse checking when retrieving
volume information using push/pop_thread_privileges.
* registry.cc (load_registry_hive): Drop setting restore privilege
since it's already set if available.
* sec_helper.cc: Include cygtls.h.
(cygpriv): Privilege string array.
(privilege_luid): New function, evaluate LUID from cygpriv_idx.
(privilege_luid_by_name): New function, evaluate LUID from privilege
string.
(privilege_name): New function, evaluate privilege string from
cygpriv_idx.
(set_privilege): New static function called by set_process_privilege
and set_thread_privilege. Call privilege_luid to get privilege LUID.
Fix bug in return value evaluation. Improve debug output.
(set_cygwin_privileges): New function.
(set_process_privilege): Remove.
(enable_restore_privilege): Remove.
* security.cc (allow_traverse): New global variable.
(sys_privs): Change type to cygpriv_idx and store privilege indices
instead of strings.
(SYSTEM_PRIVILEGES_COUNT): Renamed from SYSTEM_PERMISSION_COUNT.
(get_system_priv_list): Don't use numerical constant in malloc call.
Use privilege_luid to get privilege LUIDs.
(get_priv_list): Call privilege_luid_by_name to get LUIDs. Improve
inner privilege LUID comparison loop.
(create_token): Enable create token privilege using
push/pop_self_privileges. Use hProcToken instead of opening process
token. Use default DACL when duplicating token.
(subauth): Enable tcb privilege using push/pop_self_privileges.
Use sec_none instead of homw made security attributes when duplicating
token.
(check_file_access): Don't duplicate access token, use active
impersonation token as is.
* security.h (enum cygpriv_idx): New enumeration type enumerating
possible privileges.
(privilege_luid): Declare new function.
(privilege_luid_by_name): Ditto.
(privilege_name): Ditto.
(allow_traverse): Declare.
(set_privilege): Declare function.
(set_process_privilege): Define as macro.
(enable_restore_privilege): Remove declaration.
(_push_thread_privilege): Define macro.
(push_thread_privilege): Ditto.
(pop_thread_privilege): Ditto.
(pop_self_privilege): Ditto.
* spawn.cc (spawn_guts): Use cygheap->user.primary_token instead of
cygheap->user.token.
* syscalls.cc (statvfs): Bypass traverse checking when retrieving
volume information using push/pop_thread_privileges. Rearrange code
to simplify push/pop bracketing.
(seteuid32): Use hProcToken instead of opening process token. Call
cygheap->user.deimpersonate instead of RevertToSelf. Create
impersonation token from primary internal or external token. Set
cygheap->user.curr_primary_token and cygheap->user.current_token
privileges once here. Drop "failed" and "failed_ptok" labels.
Drop setting DefaultDacl of process token.
(setegid32): Use hProcToken and hProcImpToken instead of opening
process token. Always reimpersonate afterwards.
* uinfo.cc (cygheap_user::init): Use hProcToken instead of opening
process token.
(internal_getlogin): Ditto. Set hProcImpToken, too.
(uinfo_init): Initialize cygheap->user.curr_primary_token.
* winsup.h (hProcToken): Declare.
(hProcImpToken): Declare.
* dir.cc (mkdir): Change set_file_attribute call to indicate that
NT security isn't used.
* fhandler.cc (fhandler_base::open_9x): New method, created from
fhandler_base::open.
(fhandler_base::open): Rearrange to use NtCreateFile instead of
CreateFile.
* fhandler.h (enum query_state): Redefine query_null_access to
query_stat_control. query_null_access isn't allowed in NtCreateFile.
(fhandler_base::open_9x): Declare.
* fhandler_disk_file.cc (fhandler_base::fstat_fs): Use
query_stat_control first, query_read_control if that fails.
(fhandler_disk_file::fchmod): Call enable_restore_privilege before
trying to open for query_write_control. Don't fall back to
opening for query_read_control.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::facl): Only request restore privilege and query
access necessary for given cmd.
* fhandler_raw.cc (fhandler_dev_raw::open): Call fhandler_base::open
instead of opening device here.
* ntdll.h (NtCreateFile): Declare.
* path.cc (symlink_worker): Change set_file_attribute call to indicate
that NT security isn't used.
* sec_acl.cc (getacl): Fix bracketing.
* sec_helper.cc (enable_restore_privilege): New function.
* security.cc (str2buf2uni_cat): New function.
(write_sd): Don't request restore permission here.
* security.h (set_process_privileges): Drop stale declaration.
(str2buf2uni): Declare.
(str2buf2uni_cat): Declare.
(enable_restore_privilege): Declare.
* syscalls.cc (fchown32): Return immediate success on 9x.
query_state.
(fhandler_base::fchown): New method.
* fhandler.h: Declare fchown method in fhandler_base,
fhandler_disk_file and fhandler_virtual.
(enum query_state): Add query_write_control.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Set query_state
to query_write_control. Only remove FILE_ATTRIBUTE_READONLY if not
setting security descriptor.
(fhandler_disk_file::fchown): New method.
* fhandler_virtual.cc (fhandler_virtual::fchown): New method.
* sec_acl.cc (setacl): Call write_sd with additional handle attribute.
* security.cc (write_sd): Take handle argument. Only request owner
if getting SE_RESTORE_NAME privilege failed. Only open file if
NtSetSecurityObject failed or handle is NULL.
(set_nt_attribute): Call write_sd with additional handle attribute.
* security.h (write_sd): Declare with additional handle argument.
to query_open setting.
(fhandler_base::fhandler_base): Initialize query_open.
* fhandler.h (FH_QUERYOPEN): Drop.
(enum query_state): Add.
(class fhandler_base): Add query_open member.
(fhandler_base::get_query_open): Redefine to use query_open.
(fhandler_base::set_query_open): Ditto.
* fhandler_disk_file.cc (fhandler_base::fstat_fs): Remove O_DIROPEN
from open_flags since it's added in open_fs anyway. Remove
query_open_already. Use new query_open settings. Rearrange slightly.
(fhandler_base::fstat_helper): Add get_io_handle as parameter to
get_file_attribute.
* security.cc (get_nt_object_attribute): Make returning an int.
Return -1 on error, 0 otherwise.
(get_file_attribute): Take an object handle as argument. Move down
to allow calling get_nt_object_attribute in case a non-NULL handle
is given.
* security.h (get_file_attribute): Add handle to argument list.
* syscalls.cc (chown_worker): Accomodate new definition of
get_file_attribute.
(well_known_*_sid): Change type to cygpsid.
(cygsid::init): Delete declaration.
* sec_helper.cc (well_known_*_sid): Define using above SID macro.
(cygsid::init): Delete.
* dcrt0.cc (dll_crt0_0): Do not call cygsid::init.
* security.cc (get_user_local_groups): Change the second argument type
to cygpsid.
throughout.
* tty.cc (tty::common_init): Remove call to SetKernelObjectSecurity and edit
some comments.
* cygheap.h (init_cygheap::ctty): Add new element.
* devices.in (device::parse): Remove special handling for /dev/tty.
* devices.cc: Regenerate.
* dtable.cc (build_fh_pc): Don't reset /dev/tty device. Let the device opener
do that.
* fhandler_termios.cc (tty_min::set_ctty): Redefine to _pinfo class.
* fhandler_tty.cc (fhandler_tty_common::set_close_on_exec): Avoid setting
noninherit flag for ctty.
* tty.h: Move BOOLs to bools.
(tty_min::set_ctty): Redeclare to _pinfo class.
* pinfo.cc (_pinfo::set_ctty): Define new function based on tty_min::set_ctty.
Change first argument from tty number to tty_min class.
* pinfo.h (_pinfo::set_ctty): Declare.
* fhandler_console.cc (fhandler_console::get_tty_stuff): Reflect move of
set_ctty to _pinfo class.
* fhandler_tty.cc (fhandler_tty_slave::open): Treat FH_TTY specially. Use
saved cygheap value if it exists. Otherwise convert to real device and save on
first time open.
(fhandler_tty_common::dup): Potentially set controlling tty if duping a slave
tty.
* syscalls.cc (setsid): Close controlling tty in cygheap.
* tty.cc: Change some BOOLs to bools.
set_security_attribute appropriately.
* external.cc (cygwin_internal): Ditto.
* fhandler.cc (fhandler_base::open): Ditto.
* fhandler_socket.cc (fhandler_socket::bind): Ditto.
* path.cc (symlink_worker): Ditto.
* sec_acl.cc (setacl): Ditto. Call read_sd appropriately.
(getace): Ditto.
* sec_helper.cc (security_descriptor::malloc): New method.
(security_descriptor::realloc): New method.
(security_descriptor::free): New method.
* security.cc (read_sd): Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
Allocate the security_descriptor buffer according to size returned by
a call to GetFileSecurity. Return buffer size on success.
(write_sd): Get security_descriptor as parameter instead of
PSECURITY_DESCRIPTOR and a size.
(get_nt_attribute): Use local security_descriptor.
(get_nt_object_attribute): Ditto in case of type == SE_REGISTRY_KEY.
Allocate security_descriptor buffer according to size returned by
a call to RegGetKeySecurity.
(alloc_sd): Make static. Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
(set_security_attribute): Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size.
(set_nt_attribute): Use local security_descriptor.
(check_file_access): Ditto.
* security.h: Add class security_descriptor.
(read_sd): Change declaration to get security_descriptor as parameter
instead of PSECURITY_DESCRIPTOR and a size.
(write_sd): Ditto.
(set_security_attribute): Ditto.
(alloc_sd): Remove declaration.
* thread.cc (semaphore::semaphore): Use local security_descriptor. Call
set_security_attribute appropriately.
* uinfo.cc (cygheap_user::init): Make sure the current user appears
in the default DACL. Rearrange to decrease the indentation levels.
Initialize the effec_cygsid directly.
(internal_getlogin): Do not reinitialize myself->gid. Open the process
token with the required access.
* cygheap.h (class cygheap_user): Delete members pid and saved_psid.
Create members effec_cygsid and saved_cygsid.
(cygheap_user::set_sid): Define inline.
(cygheap_user::set_saved_sid): Ditto.
(cygheap_user::sid): Modify.
(cygheap_user::saved_sid): Modify.
* cygheap.cc (cygheap_user::set_sid): Delete.
(cygheap_user::set_saved_sid): Ditto.
* sec_helper.cc (sec_acl): Set the correct acl size.
* autoload.cc (FindFirstFreeAce): Add.
* security.h: Define ACL_DEFAULT_SIZE.
* security.h (__sec_user): Add "access2" argument.
(sec_acl): Add "original" and "access2" arguments.
(sec_user): Add "sid2" and "access2" argument. Remove dependence on
allow_ntsec.
(sec_user_nih): Ditto.
* sec_helper.cc (__sec_user): Add "has_security" test.
Call sec_acl with new arguments, letting it handle original_sid.
(sec_acl): Add "original" and "access2" arguments. Handle original_sid
depending on flag but avoiding duplicates. Use "access2" for sid2.
* pinfo.cc (pinfo::init): Use security attributes created by sec_user
when creating the mapping.
* security.cc (create_token): Adjust arguments in call to sec_acl.
Call sec_user instead of __sec_user.
* syscall.cc (seteuid32): Adjust arguments in call to sec_acl. Remove
now unnecessary test. Remove useless conversions to psid.
* dcrt0.cc (dll_crt0_1): Call cygsid::init before pinfo_init.
* shared_info.h: Include security.h.
(open_shared): Add psa argument.
(user_shared_initialize): New declaration.
* security.h: Add _SECURITY_H guard.
(sec_user): Use sec_none in the no ntsec case.
* spawn.cc (spawn_guts): Remove call to load_registry_hive.
* syscalls (seteuid32): If warranted, call load_registry_hive,
user_shared_initialize and RegCloseKey(HKEY_CURRENT_USER).
* shared.cc (user_shared_initialize): New.
(open_shared): Add and use psa argument.
(memory_init): Move mount table initialization to
user_shared_initialize. Call it.
data on sockets to evaluate AF_LOCAL sockets correctly.
(dtable::build_fhandler): Set unit number on sockets.
* fhandler.h (fhandler_socket): Add unit number.
(fhandler_socket::get_unit): New method.
* fhandler_socket.cc (fhandler_socket::fhandler_socket): Set unit
number.
(fhandler_socket::fstat): Reorganize to return more Linux-like
values.
* net.cc: include ctype.h.
(fdsock): Set unit number when building fhandler.
* path.cc (path_conv::check): Set device type to FH_SOCKET if file
is a AF_UNIX socket.
(get_devn): Evaluate unit for virtual socket devices.
(win32_device_name): Set windows path for sockets to unix_path with
just backslashes to keep the different names.
* syscalls.cc (fstat64): Don't override st_ino, st_dev and st_rdev
for sockets.
(stat_worker): Ditto.
From Pierre Humblet:
* autoload.cc (AccessCheck): Add.
(DuplicateToken): Add.
* security.h (check_file_access): Declare.
* syscalls.cc (access): Convert path to Windows, check existence
and readonly attribute. Call check_file_access instead of acl_access.
* security.cc (check_file_access): Create.
* sec_acl (acl_access): Delete.
declaration of is_grp_member.
* uinfo.cc (internal_getlogin): Use UNKNOWN_GID.
* passwd.cc (pwdgrp::read_passwd): Use UNKNOWN_UID.
* grp.cc (pwdgrp::read_group): Change group name to provide better
feedback.
(getgrgid): Use gid16togid32.
* sec_helper.cc (is_grp_member): Delete.
(class cygsid): Use cygpsid as base. Remove members psid, get_id,
get_uid, get_gid, string, debug_printf and the == and != operators.
(cygsidlist::clear_supp): Only do work if setgroups has been called.
* sec_helper.cc: Define sid_auth NO_COPY.
(cygpsid::operator==): New operator.
(cygpsid::get_id): New function.
(cygpsid::string): New function.
(cygsid::string): Delete.
(cygsid::get_id): Delete.
* pwdgrp.h: Change arguments of internal_getpwsid,
internal_getgrsid and internal_getgroups to cygpsid.
* passwd.cc (internal_getpwsid): Change argument from cygsid to cygpsid.
* grp.cc (internal_getgrsid): Ditto.
(internal_getgroups): Ditto.
* autoload.cc: Add OpenThreadToken.
* sec_helper.cc (set_process_privilege): Add and use use_thread
argument.
* security.cc (alloc_sd): Modify call to set_process_privilege.
Remember the result in each process. If failed and file owner is not
the user, fail.
* dcrt0.cc (dll_crt0_1): Call well known SID initializer function.
* security.h (cygsid::init): Declare new static method.
* sec_helper.cc (cygsid::init): New method for initializing well
known SIDs.
2002-12-14 Pierre Humblet <pierre.humblet@ieee.org>
* security.h: Declare well_known_creator_group_sid.
* sec_helper.cc: Define and initialize well_known_creator_group_sid.
* pwdgrp.h (pwdgrp_check::pwdgrp_state): Replace by
pwdgrp_check::isinitializing ().
(pwdgrp_check::isinitializing): Create.
* passwd.cc (grab_int): Change type to unsigned, use strtoul and
set the pointer content to 0 if the field is invalid.
(parse_pwd): Move validity test after getting pw_gid.
(read_etc_passwd): Replace "passwd_state <= " by
passwd_state::isinitializing ().
(internal_getpwuid): Ditto.
(internal_getpwnam): Ditto.
(getpwent): Ditto.
(getpass): Ditto.
* grp.cc (parse_grp): Use strtoul for gr_gid and verify the validity.
(read_etc_group): Replace "group_state <= " by
group_state::isinitializing ().
(internal_getgrgid): Ditto.
(getgrent32): Ditto.
(internal_getgrent): Ditto.
2002-12-10 Pierre Humblet <pierre.humblet@ieee.org>
* security.h: Move declarations of internal_getgrent,
internal_getpwsid and internal_getgrsid to pwdgrp.h.
* pwdgrp.h: Declare internal_getpwsid, internal_getpwnam,
internal_getpwuid, internal_getgrsid, internal_getgrgid,
internal_getgrnam, internal_getgrent and internal_getgroups.
Delete "emulated" from enum pwdgrp_state.
(pwdgrp_check::isuninitialized): Create.
(pwdgrp_check::pwdgrp_state): Change state to initializing
rather than to uninitialized.
(pwdgrp_read::gets): Remove trailing CRs.
* passwd.cc (grab_string): Don't look for NLs.
(grab_int): Ditto.
(parse_pwd): Don't look for CRs. Return 0 if entry is too short.
(search_for): Delete.
(read_etc_passwd): Simplify tests to actually read the file.
Set state to loaded before making internal_getpwXX calls.
Replace search_for calls by equivalent internal_pwgetXX calls.
(internal_getpwsid): Use passwd_state.isuninitialized to decide
to call read_etc_passwd.
(internal_getpwuid): Create.
(internal_getpwnam): Create.
(getpwuid32): Simply call internal_getpwuid.
(getpwuid_r32): Call internal_getpwuid.
(getpwnam): Simply call internal_getpwnam.
(getpwnam_r): Call internal_getpwnam.
* grp.cc (parse_grp): Don't look for CRs. Adjust blank space.
(add_grp_line): Adjust blank space.
(class group_lock): Ditto.
(read_etc_group): Simplify tests to actually read the file.
Set state to loaded before making internal_getgrXX calls.
Replace getgrXX calls by equivalent internal calls.
(internal_getgrsid): Use group_state.isuninitialized to decide
to call read_etc_group.
(internal_getgrgid): Create.
(internal_getgrnam): Create.
(getgroups32): Simply call internal_getgrgid.
(getgrnam32): Simply call internal_getgrnam.
(internal_getgrent): Call group_state.isuninitialized.
(internal_getgroups): Create from the former getgroups32, using
two of the four arguments. Set gid to myself->gid and username
to cygheap->user.name ().
(getgroups32): Simply call internal_getgroup.
(getgroups): Call internal_getgroup instead of getgroups32.
(setgroups32): Call internal versions of get{pw,gr}XX.
* sec_helper.cc: Include pwdgrp.h.
(is_grp_member): Call internal versions of get{pw,gr}XX.
* security.cc: Include pwdgrp.h.
(alloc_sd): Call internal versions of get{pw,gr}XX.
* syscalls.cc: Include pwdgrp.h.
(seteuid32): Call internal versions of get{pw,gr}XX.
(setegid32): Ditto.
* uinfo.cc: Include pwdgrp.h.
(internal_getlogin): Call internal versions of get{pw,gr}XX.
(cygheap_user::ontherange): Ditto.
* sec_acl.cc: Include pwdgrp.h.
(setacl): Call internal versions of get{pw,gr}XX.
(acl_access): Ditto and simplify logic.
(aclfromtext): Ditto.
Undeclare internal_getpwent. Define DEFAULT_UID_NT. Change
DEFAULT_GID.
* passwd.cc (internal_getpwsid): New function.
(internal_getpwent): Suppress.
(read_etc_passwd): Make static. Rewrite the code for the completion
line. Set curr_lines to 0.
(parse_pwd): Change type to static int. Return 0 for short lines.
(add_pwd_line): Pay attention to the value of parse_pwd.
(search_for): Do not look for nor return the DEFAULT_UID.
* grp.cc (read_etc_group): Make static. Free gr_mem and set
curr_lines to 0. Always call add_pwd_line. Rewrite the code for the
completion line.
(internal_getgrsid): New function.
(parse_grp): If grp.gr_mem is empty, set it to &null_ptr.
Never NULL gr_passwd.
(getgrgid32): Only return the default if ntsec is off and the gid is
ILLEGAL_GID.
* sec_helper.cc (cygsid::get_id): Use getpwsid and getgrsid.
(cygsid_getfrompw): Clean up last line.
(cygsid_getfromgr): Ditto.
(is_grp_member): Use getpwuid32 and getgrgid32.
* uinfo.cc (internal_getlogin): Set DEFAULT_GID at start.
Use getpwsid. Move the read of /etc/group after the second access
to /etc/passwd. Change some debug_printf.
* sec_helper (cygsid::getfromstr): Reorganize to remove
calls to strcpy and strtok_r.
(cygsid::getfromgr): Change type to __uid32_t instead of int.
Keep only the allow_ntsec branch. Never call LookupAccountSid
which calls PDCs, simply return -1 in case of failure.
Use cygsid == instead of calling EqualSid and remove test
for NULL psid.
* security.h: Declare cygsid::getfromgr as __uid32_t.
supplementary group sids that may have been set by setgroups.
* security.cc (cygsidlist::free_sids): Also zero the class members.
* security.h (groups::clear_supp): New.
Rename cygsidlist_unknown to cygsidlist_empty.
* include/cygwin/version.h: Bump API minor version.
* cygheap.h (class cygheap_user): Add member groups.
* security.h (class cygsidlist): Add members type and maxcount,
methods position, addfromgr, alloc_sids and free_sids and
operator+= (const PSID psid). Modify contains () to call
position () and optimize add () to use maxcount.
(class user_groups): Create.
Update declarations of verify_token and create_token.
* security.cc (cygsidlist::alloc_sids): New.
(cygsidlist::free_sids): New.
(get_token_group_sidlist): Create from get_group_sidlist.
(get_initgroups_sidlist): Create from get_group_sidlist.
(get_group_sidlist): Suppress.
(get_setgroups_sidlist): Create.
(verify_token): Modify arguments. Add setgroups case.
(create_token): Modify arguments. Call get_initgroups_sidlist and
get_setgroups_sidlist as needed. Set SE_GROUP_LOGON_ID from auth_pos
outside of the loop. Rename the various group sid lists consistently.
* syscalls.cc (seteuid32): Modify to use cygheap->user.groups.
(setegid32): Call cygheap->user.groups.update_pgrp.
* grp.cc (setgroups): Create.
(setgroups32): Create.
* uinfo.cc (internal_getlogin): Initialize and update user.groups.pgsid.
* cygwin.din: Add setgroups and setgroups32.
(INHERIT_ALL): Ditto.
(INHERIT_ONLY): Ditto.
* sec_acl.cc: Use appropriate defines from accctrl.h instead of the
above throughout.
* security.cc: Ditto.
(RegQueryInfoKeyA): Ditto.
* fhandler.h (fhandler_virtual::fill_filebuf): Change return type to bool.
(fhandler_proc::fill_filebuf): Ditto.
(fhandler_registry::fill_filebuf): Ditto.
(fhandler_process::fill_filebuf): Ditto.
(fhandler_registry::value_name): Add new member.
(fhandler_registry::close): Add new method.
(fhandler_process::p): Remove member.
* fhandler_proc.cc (fhandler_proc::open): Add set_nohandle after calling
superclass method. Check return value of fill_filebuf.
(fhandler_proc::fill_filebuf): Change return type to bool. Add return
statement.
* fhandler_process.cc (fhandler_process::open): Add set_nohandle after calling
superclass method. Remove references to p. Check return value of
fill_filebuf.
(fhandler_process::fill_filebuf): Change return type to bool. Don't use
dereference operator on p. Add return statement.
(fhandler_process::format_process_stat): Fix typo.
* fhandler_registry.cc: Add static open_key declaration.
(fhandler_registry::exists): Assume path is already normalised. Try opening
the path as a key in its own right first, before reverting to enumerating
subkeys and values of the parent key.
(fhandler_registry::fstat): Add additional code to return more relevant
information about the registry key/value.
(fhandler_registry::readdir): Explicitly set desired access when opening
registry key. Remove output of buf from debug_printf format string.
(fhandler_registry::open): Use set_io_handle to store registry key handle. Set
value_name member. Move code to read a value from the registry to
fill_filebuf. Add call to fill_filebuf.
(fhandler_registry::close): New method.
(fhandler_registry::fill_filebuf): Change return type to bool. Add code to
read a value from registry.
(fhandler_registry::open_key): Make function static. Use KEY_READ as desired
access unless this is the last path component. Check the return value of
RegOpenKeyEx for an error instead of hKey.
* fhandler_virtual.cc (fhandler_virtual::lseek): Check the return value of
fill_filebuf.
(fhandler_virtual::open): Remove call to set_nohandle.
(fhandler_virtual::fill_filebuf): Change return type to bool. Add return
statement.
* security.cc (get_nt_object_attribute): New function.
(get_object_attribute): New function.
* security.h (get_object_attribute): New function declaration.
to get_supplementary_group_sidlist.
(create_token): Add pw argument and use it in call to get_group_sidlist.
* security.h: Add pw argument in declaration of create_token.
* syscalls.cc (seteuid32): Add pw argument in call to create_token.
* security.cc (alloc_sd): Remove logsrv argument.
Remove two calls to lookup_name.
(set_security_attribute): Remove logsrv argument.
Remove logsrv argument in call to alloc_sd.
(set_nt_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_security_attribute.
(set_file_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_nt_attribute.
(set_file_attribute): Remove logsrv argument.
Remove logsrv argument in call to set_file_attribute.
* syscalls.cc (chown_worker): Remove logserver argument in
call to set_file_attribute.
(chmod): Ditto.
* shm.cc (shmget): Remove logsrv argument in call to alloc_sd.
* uinfo.cc (internal_getlogin): Replace calls to
lookup_name by call to LookupAccountName.
* security.h: Remove logsrv in declarations of set_file_attribute
and alloc_sd. Remove declaration of lookup_name.
(get_lsa_srv_inf): Suppressed.
(get_logon_server_and_user_domain): Suppressed.
(get_logon_server): Essentially new.
(get_user_groups): Add "domain" argument. Only lookup the
designated server and use "domain" in LookupAccountName.
(is_group_member): Simplify the arguments.
(get_user_local_groups): Simplify the arguments. Do only a
local lookup. Use "BUILTIN" and local domain in LookupAccountName.
(get_user_primary_group). Only lookup the designated server.
(get_group_sidlist): Remove logonserver argument. Do not lookup
any server for the SYSTEM account.
(create_token): Delete logonserver and call to get_logon_server.
Adjust arguments of get_group_sidlist, see above.
* security.h: Delete declaration of get_logon_server_and_user_domain
and add declaration of get_logon_server.
* uinfo.cc (internal_get_login): Call get_logon_server instead of
get_logon_server_and_user_domain.
Replace in-line code by call to verify_token().
(setegid): Reverse change from 2002-01-21. Add call to
RevertToSelf and set primary group in impersonation token.
* security.cc (create_token): Store pgrpsid in token security
descriptor, except if it already appears in my_grps.
Use sec_acl() in place of get_dacl().
(verify_token): Create from code in seteuid(), with tighter checks.
(get_dacl) Deleted.
(get_group_sidlist): Add argument to indicate if pgrpsid is already
in the groups.
* security.h: Define verify_token().
* autoload.cc: Load GetKernelObjectSecurity().
* Merged cygwin_daemon into head minus the new shm and ipc exports.
2002-02-28 Robert Collins <rbtcollins@hotmail.com>
* fhandler_tty.cc (fhandler_tty_slave::open): More debugging.
(fhandler_tty_slave::read): Fix printf type for the handle.
* tty.cc (tty::common_init): Add a FIXME for security.
2002-01-29 Robert Collins <rbtcollins@hotmail.com>
* Makefile.in (OBJS): Remove duplicate localtime.o.
2002-01-17 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (check_and_dup_handle): Consolidate the two variants for
simplicity.
Add Some basic debug output.
(client_request_attach_tty::serve): Use the new debug_printf for clarity.
Mark the duplicated handles as inheritable - fixup_after_fork() doesn't reopen
tty's.
2002-01-16 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (transport): Correct scope.
(client_request_attach_tty::serve): Add more debug information.
Fix erroneous use of transport instead of conn.
* cygserver_transport_pipes.cc (transport_layer_pipes::close): More debug.
(transport_layer_pipes::read): Ditto.
(transport_layer_pipes::write): Ditto.
(transport_layer_pipes::impersonate_client): Ditto.
Mon Oct 8 7:41:00 2001 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (server_request::process): Rename client_request_shm_get to
client_request_shm.
* cygserver_process.cc (process_cache::add): Rename to add_task.
Use process_cleanup instead of process_request.
(process_cache::remove_process): New method.
(process::process): Initialize new members.
(process::~process): New member.
(process::cleanup): New method.
(process::add_cleanup_routine): New method.
(process_request::process): Rename to process_cleanup.
Call the process object's cleanup method and then delete it.
(process_process_param::request_loop): Remove the signalling process.
* cygserver_shm.cc: Globally rename client_request_shm_get to client_request_shm.
(client_request_shm_get::serve): Handle attach request counting.
* cygserver_shm.h: Globally rename client_request_shm_get to client_request_shm.
(class shm_cleanup): New class.
* shm.cc: Globally rename client_request_shm_get to client_request_shm.
(client_request_shm::client_request_shm): New constructor for attach requests.
(shmat): Use it.
* include/cygwin/cygserver_process.h (class process_request): Rename to
process_cleanup.
(class cleanup_routine): New class.
(class process): New members and methods to allow calling back when the process
terminates.
Thu Oct 4 14:12:00 2001 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (request_loop): Make static.
(main): Use new cache constructor syntax.
Start cache worker threads.
Cleanup the cache at shutdown.
* cygserver_process.cc: Run indent.
(process_cache::process_cache): Add a trigger to use when adding a process.
(process_cache::process): Move process_entry to process.
Insert at the end of the list.
Trigger the request loop when new process's inserted.
(process_cache::process_requests): Do it.
(process_cache::add): New method.
(process_cache::handle_snapshot): New method.
(process::process): Merge in the process_entry fields.
(process::handle): Make a stub function.
(process::exit_code): New method.
(process_request::process): New method.
(process_process_param::request_loop): New method.
* cygserver_shm.cc: New header dependency - threaded_queue.h.
* threaded_queue.cc (threaded_queue::cleanup): Clearer messages.
(queue_process_param::stop): Short spinlock on interruptible threads.
* threaded_queue.h (class threaded_queue): New constructor.
* include/cygwin/cygserver_process.h (process_request): New class.
(process_entry): Remove.
(process): Merge in process_entry.
(process_cache): Inherit from threaded_queue.
Tue Oct 2 23:24:00 2001 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (class server_process_param): Use new constructor syntax.
* cygserver_process.cc (process_cache::~process_cache): New function.
* threaded_queue.cc: Define condition debug_printf.
Run indent.
(threaded_queue::cleanup): Move queue_process_param guts to a method.
(threaded_queue::process_requests): Ditto.
(queue_process_param::queue_process_param): New method.
(queue_process_param::~queue_process_param): Ditto.
(queue_process_param::start): Ditto.
(queue_process_param::stop): Ditto.
* threaded_queue.h (class queue_process_param): Add support for
interruptible request loops.
* cygwin/include/cygwin/cygserver_process.h (class process_cache): Add
destructor.
Tue Oct 2 23:24:00 2001 Robert Collins <rbtcollins@hotmail.com>
* cygserver_client.cc: New flag allow_daemon to disable the daemon completely.
(cygserver_request): Check it.
(cygserver_init): Ditto.
* environ.cc (parse_thing): Add (no)daemon option.
Tue Oct 2 23:00:00 2001 Robert Collins <rbtcollins@hotmail.com>
* shm.cc: Update to handle include changes from HEAD.
Tue Oct 2 16:06:00 2001 Robert Collins <rbtcollins@hotmail.com>
* Makefile.in: Remove cygserver_shm.o from cygwin1.dll.
Rename cygserver_shm_outside.o to cygserver_shm.o.
* cygserver.cc (server_request::process): Use the new client_request
constructor.
* cygserver_client.cc: Remove the #ifdef's stubs for the server method
within cygwin.
(client_request_attach_tty::client_request_attach_tty): Use the new
client_request constructor.
(client_request_shutdown::client_request_shutdown): Ditto.
(client_request::client_request): Ditto.
* cygserver_shm.cc (client_request_shm_get::serve): Remove the
#ifdef'd stub for in-cygwin builds.
(client_request_shm_get::client_request_shm_get): Use the new
client_request constructor, and remove the in-cygwin variants.
* cygserver_shm.h (class client_request_shm_get): #ifndef test the
serve method - it's only used in cygserver.
* shm.cc (client_request_shm_get::client_request_shm_get): New function.
* include/cygwin/cygserver.h (request_header): New constructor.
(class client_request): Use it.
New constructor accepting the header size.
#ifndef test the server method - it's only used within cygserver.
(client_request_get_version): #ifdef test the server method.
(client_request_shutdown): Ditto.
(client_request_attach_tty): Ditto.
Tue Oct 2 9:57:00 2001 Robert Collins <rbtcollins@hotmail.com>
* Makefile.in: add threaded_queue.o to cygserver.exe.
* cygserver.cc: Include threaded_queue.h
(class server_request): Inherit from queue_request.
(class server_process_param): Inherit from queue_process_param.
(class server_request_queue): Inherit from threaded_queue.
(request_loop): Adjust for new types.
(server_request_queue::process_requests): Remove guts to
threaded_queue::process_requests.
(server_request::server_request): Adjust for new types.
(worker_function): Delete.
(server_request_queue::create_workers): Delete.
(server_request_queue::cleanup): Delete.
(server_request_queue::add): Move guts to threaded_queue::add.
* threaded_queue.cc: New file.
* threaded_queue.h: New file.
Mon Oct 1 12:38:00 2001 Robert Collins <rbtcollins@hotmail.com>
* cygserver.cc (client_request::serve): New function.
* cygserver_process.cc: Inlude <pthread.h> for pthread_once.
(process_cache::process_cache): Initialise a crtiical section for write access.
(process_cache::process): Use the critical section. Also add missing entries to
the cache.
(do_process_init): New function to initalise class process static variables.
(process::process): Ensure that the process access critical section is
initialised.
(process::handle): Close the handle of old process's when they have terminated
and we are returning the handle for a process with the same pid.
* cygserver_shm.cc: Run indent.
Include cygserver_process.h to allow process cache functionality.
(client_request_shm_get::serve): New parameter for process cache support.
Use the process cache, not OpenProcess to get a handle to the originating process.
Fix a handle leak with token_handle.
* cygserver_shm.h (class client_request_shm_get): Update ::serve for process
cache support.
* cygserver_transport_pipes.cc: Redefine debug_printf to be conditional on DEBUG.
* include/cygwin/cygserver.h: Do not implement client_request::serve in the
header.
* include/cygwin/cygserver_process.h (class process_cache): Add a write access
critical section to prevent races when requests from a multithreaded
application arrive.
Sun Sep 30 23:41:00 2001 Robert Collins <rbtcollins@hotmail.com>
* Makefile.in: Add cygserver_process.o to cygserver.exe.
* cygserver.cc: Include signal.h and cygwin_version.h.
Define debug_printf as a macro.
Define DEBUG to a value.
(client_request_attach_tty::serve): Add beginning of process cache support.
Change from #ifdef DEBUG to work with new DEBUG style.
(client_request_get_version::serve): Add beginning of process cache support.
(class server_request): New prototype for support of process cache.
(class queue_process_param): New class to allow request loop threading.
(class server_request_queue): Add beginning of process cache support.
Allow request loop threading.
(request_loop): Thread function for request loops.
(server_request_queue::process_requests): Initiator for threaded request loops.
(client_request_shutdown::serve): Add beginning of process cache support.
(server_request::server_request): Ditto.
(server_request::process): Use debug_printf. Add beginning of process cache
support.
(server_request_queue::cleanup): Kill off any request loop threads.
(server_request_queue::add): Add beginning of process cache support.
(handle_signal): Trigger a shutdown.
(main): Print out some useful info at startup - version, date time.
Add process cache support.
Spawn a separate thread for the transport request loop, thus allowing concurrent
support for multiple transports.
* cygserver_client.cc (client_request_get_version::serve): Add process cache
support.
(client_request_attach_tty::serve): Add process cache support.
(client_request_shutdown::serve): Add process cache support.
* cygsserver_process.cc: New file with the process cache support.
* cygserver_shm.cc: Redefine debug_printf to allow conditional output.
* cygwin.din: Export shmdt().
* shm.cc: Run indent.
Update FIXME's.
(shmdt): New function.
* include/cygwin/cygserver.h (class client_request): Add process cache support.
(class client_request_get_version): Ditto.
(class client_request_shutdown): Ditto.
(class client_request_attach_tty): Ditto.
* include/cygwin/cygserver_process.h: New header for process cache support.
Sun Sep 30 8:52:00 2001 Robert Collins <rbtcollins@hotmail.com>
* include/cygwin/cygserver_transport.h: Add copyright header.
* include/cygwin/cygserver_transport_pipes.h: Ditto.
* include/cygwin/cygserver_transport_sockets.h: Ditto.
Sat Sep 29 20:40:00 2001 Robert Collins <rbtcollins@hotmail.com>
* Makefile.in: Add cygserver_transport_sockets.o to DLL_OFILES.
Add cygserver_transport_sockets_outside.o to cygserver.exe.
* cygserver.cc: Include new include files.
* cygserver_client.cc: Ditto.
* cygserver_shm.h: No need to include <sys/socket.h> now.
* cygerver_transport.cc: Include new include files.
(transport_layer_base::transport_layer_base): Strip back to a stub.
(transport_layer_base::listen): Ditto.
(transport_layer_base::accept): Ditto.
(transport_layer_base::close): Ditto.
(transport_layer_base::read): Ditto.
(transport_layer_base::write): Ditto.
(transport_layer_base::connect): Ditto.
* cygserver_transport_pipes.cc: Include new header
"cygwin/cygserver_transport_pipes.h".
* cygserver_transport_sockets.cc: New file.
* dcrt0.cc: No need to include <sys/socket.h> now.
* fhandler_tty.cc: Ditto.
* tty.cc: Ditto.
* include/cygwin/cygserver_transport.h: Strip the base class to a stub.
Remove the cygserver_transport_pipes class.
* include/cygwin/cygserver_transport_pipes.h: New file.
* include/cygwin/cygserver_transport_sockets.h: New file.
Tue Sep 25 16:22:00 2001 Robert Collins <rbtcollins@hotmail.com>
* autoload.cc: Add dynamic load statement for 'ImpersonateNamedPipeClient'.
* Makefile.in: Add new object files, and build instructions for cygserver.exe.
* cygwin.din: Export ftok, shmat, shmctl and shmget.
* dcrt0.cc: Additional includes for cygserver support.
(dll_crt0_1): Initialise the cygserver client.
* fhandler.h (fhandler_tty): New method cygserver_attach_tty.
* fhandler_tty.cc: Additional includes for cygserver support.
(fhandler_tty_slave::open): Attempt to use the cygserver when obtaining
handles from the parent process. On failure or 9x use the current method.
(fhandler_tty_slave::cygserver_attach_tty): New function.
* fork.cc (fork_child): Fixup shm memory mapped areas.
* pinfo.h: Declare fixup_shms_after_fork().
* security.h: Declare alloc_sd().
* tty.cc: Additonal includes to support cygserver.
(tty::common_init): Don't allow others to open us if the cygserver is running.
* winsup.h: Declare cygserver_running.
* cygserver.cc: New file.
* cygserver_client.cc: New file.
* cygserver_shm.cc: New file.
* cygserver_shm.h: New file.
* cygserver_transport.cc: New file.
* cygserver_transport_pipes.cc: New file.
* ipc.cc: New file.
* shm.cc: New file.
* include/cygwin/cygserver.h: New file.
* include/cygwin/cygserver_transport.h: New file.
* include/sys/ipc.h: New file.
* include/sys/shm.h: New file.
2002-02-28 Robert Collins <rbtcollins@hotmail.com>
* thread.cc (semaphore::TryWait): Set errno as required by posix 1003.1.
(__sem_wait): Ditto.
(__sem_trywait): Ditto.
inheritance/permission.
* spawn.cc (spawn_guts): Ditto.
* security.cc (create_token): Initialize token so that it is not tested for
bogus value later. Use sec_user to control process/thread creation.
* security.h (__sec_user): Rename declaration from sec_user.
(sec_user_nih): Declare here as inline function wrapper for __sec_user.
(sec_user): Ditto.
* sigproc.cc (czombies): Allocate a character array for zombies to avoid
constructor overhead
(extremely hackish, I know).
(cpchildren): Ditto.
(pchildren): New define.
(zombies): Ditto.
(getsem): Use sec_user_nih to control semaphore inheritance/permission.
inline" warnings.
* security.h (class cygsid): Ditto.
* sigproc.cc (get_proc_lock): Ditto.
* sigproc.h (class sigframe): Ditto.
* sync.h (class muto): Ditto.
* fhandler.h (fhandler_base::get_guard): Actually MAKE virtual as previously
indicated.
* pipe.cc (make_pipe): Remove extraneous set_errno.
* syscalls.cc (_open): Ditto.
* select.cc (peek_pipe): Need to check that there is still something to read
from the pipe after acquiring the mutex since another process/thread could have
eaten the input before we got to acquiring the lock. (Thanks to Nick Duffek
for this inspiration.)
* sec_acl.cc (setacl): Never set DELETE permission. Set
FILE_DELETE_CHILD only on readable and executable directories.
* sec_helper.cc: Add constructor for `well_known_null_sid'.
* security.cc (get_nt_attribute): Set S_ISVTX for directories if
FILE_WRITE_DATA and FILE_EXECUTE but not FILE_DELETE_CHILD is set.
Add evaluation of S_ISVTX, S_ISGID and S_ISUID from NULL ACE.
(alloc_sd): Never set DELETE permission. Set FILE_DELETE_CHILD
only on readable and executable directories.
Add creation of NULL ACE for S_ISVTX, S_ISGID and S_ISUID permissions.
* security.h: Add extern declaration for `well_known_null_sid'.
* thread.cc (pthread_cond::TimedWait): Check for WAIT_TIMEOUT as well as
WAIT_ABANDONED.
(__pthread_cond_timedwait): Calculate a relative wait from the abstime
parameter.
* ntea.cc (NTReadEA): Don't check for global ntea setting, now
it's caller responsibility.
(NTWriteEA): Ditto.
* security.cc (get_file_attribute): Read attribute from EA only
if 'ntea' is enabled.
(set_file_attribute): Ditto.
* path.h: (class path_conv): Add members to store file system
information.
(path_conv::get_drive_type): New function.
* syscalls.cc (stat_worker): Use it.
* path.cc (path_conv::update_fs_info): New functions.
(path_conv::check): Get file system information from device where
file resides. On NTFS, try to read symlink contents from EA.
(get_symlink_ea): New function.
(set_symlink_ea): Ditto.
(symlink): Store symlink in extended attribute, if possible.
(cygsid::getfromgr): Ditto.
* security.cc: Use `sys_mbstowcs' and `sys_wcstombs' throughout.
(extract_nt_dom_user): Try to get user and domain from SID in
pw->pw_gecos first.
* security.h (class cygsid): Change parameter of getfrompw() and
getfromgr() to `const'.
* uinfo.cc (internal_getlogin): Change order for evaluating user
information in winNT case. Drop usage of NetWkstaUserGetInfo().
`LsaClose', `LsaEnumerateAccountRights', `LsaFreeMemory',
`LsaOpenPolicy', `LsaQueryInformationPolicy', `NetLocalGroupEnum',
`NetLocalGroupGetMembers', `NetServerEnum', `NetUserGetGroups' and
`NtCreateToken'.
* ntdll.h: Add declaration for `NtCreateToken'.
* sec_helper.cc: Add `well_known_local_sid', `well_known_dialup_sid',
`well_known_network_sid', `well_known_batch_sid',
`well_known_interactive_sid', `well_known_service_sid' and
`well_known_authenticated_users_sid'.
(cygsid::string): Define as const method.
(cygsid::get_sid): Set psid to NO_SID on error.
(cygsid::getfromstr): Ditto.
(cygsid::getfrompw): Simplify.
(cygsid::getfromgr): Check for gr == NULL.
(legal_sid_type): Move to security.h.
(set_process_privilege): Return -1 on error, otherwise 0 or 1 related
to previous privilege setting.
* security.cc (extract_nt_dom_user): Remove `static'.
(lsa2wchar): New function.
(open_local_policy): Ditto.
(close_local_policy): Ditto.
(get_lsa_srv_inf): Ditto.
(get_logon_server): Ditto.
(get_logon_server_and_user_domain): Ditto.
(get_user_groups): Ditto.
(is_group_member): Ditto.
(get_user_local_groups): Ditto.
(sid_in_token_groups): Ditto.
(get_user_primary_group): Ditto.
(get_group_sidlist): Ditto.
(get_system_priv_list): Ditto.
(get_priv_list): Ditto.
(get_dacl): Ditto.
(create_token): Ditto.
(subauth): Return immediately if SE_TCB_NAME can't be assigned.
Change all return statements in case of error to jumps to `out'
label. Add `out' label to support cleanup.
* security.h: Add extern declarations for `well_known_local_sid',
`well_known_dialup_sid', `well_known_network_sid',
`well_known_batch_sid', `well_known_interactive_sid',
`well_known_service_sid' and `well_known_authenticated_users_sid'.
Add extern declarations for functions `create_token',
`extract_nt_dom_user' and `get_logon_server_and_user_domain'.
(class cygsid): Add method `assign'. Change operator= to call new
`assign' method. Add `debug_print' method.
(class cygsidlist): New class.
(legal_sid_type): Moved from sec_helper.cc to here.
* spawn.cc (spawn_guts) Revert reversion of previous patch.
Call `RevertToSelf' and `ImpersonateLoggedOnUser' instead of `seteuid'
again.
* syscalls.cc (seteuid): Rearranged. Call `create_token' now when
needed. Call `subauth' if `create_token' fails. Try setting token
owner and primary group only if token was not explicitely created
by `create_token'.
* uinfo.cc (internal_getlogin): Try harder to generate correct user
information. Especially don't trust return value of `GetUserName'.
* security.h: New define `NO_SID'. Remove declarations of functions
moved to methods into class cygsid.
(class cygsid): Declare new methods `getfromstr', `get_sid',
`getfrompw', `getfromgr', `get_rid', `get_uid', `get_gid', `string'
and new constructors and operators =, == and !=.
Declare new global cygsids `well_known_XXX_sid' substituting the
corresponding `get_XXX_sid' functions. Remove declarations of
these functions.
* sec_helper.cc (well_known_admin_sid): New global variable.
(well_known_system_sid): Ditto
(well_known_creator_owner_sid): Ditto
(well_known_world_sid): Ditto
(cygsid::string): New method, substituting `convert_sid_to_string_sid'.
(cygsid::get_sid): New method, substituting `get_sid'.
(cygsid::getfromstr): New method, substituting
`convert_string_sid_to_sid'.
(cygsid::getfrompw): New method, substituting `get_pw_sid'.
(cygsid::getfromgr): New method, substituting `get_gr_sid'.
(cygsid::get_id): New method, substituting `get_id_from_sid'.
(get_admin_sid): Eliminated.
(get_system_sid): Ditto.
(get_creator_owner_sid): Ditto.
(get_world_sid): Ditto.
* grp.cc: Use new cygsid methods and well known sids throughout.
* registry.cc: Ditto.
* sec_acl.cc: Ditto.
* security.cc: Ditto.
* shared.cc: Ditto.
* syscalls.cc (seteuid): Ditto. Eliminate redundant conditional.
* uinfo.cc (internal_getlogin): Ditto.
* spawn.cc (spawn_guts) Revert previous patch.
Add LoadDLLfuncEx statements for AllocateLocallyUniqueId@4,
DuplicateTokenEx@24, LsaNtStatusToWinError@4,
LsaDeregisterLogonProcess@4, LsaFreeReturnBuffer@4,
LsaLogonUser@56, LsaLookupAuthenticationPackage@12,
LsaRegisterLogonProcess@12,
* environ.cc: Add extern declaration for `subauth_id'.
(subauth_id_init): New function for setting `subauth_id'.
(struct parse_thing): Add entry for `subauth_id'.
* fork.cc (fork_parent): Call `RevertToSelf' and
`ImpersonateLoggedOnUser' instead of `seteuid'.
* security.cc: Define global variable `subauth_id'.
(extract_nt_dom_user): New function.
(cygwin_logon_user): Call `extract_nt_dom_user' now.
(str2lsa): New static function.
(str2buf2lsa): Ditto.
(str2buf2uni): Ditto.
(subauth): Ditto.
* security.h: Add prototype for `subauth'.
* spawn.cc (spawn_guts): Use cygheap->user.token only if impersonated.
Use `cygsid' type. Remove impersonation before allowing access to
workstation/desktop to everyone. Call `RevertToSelf' and
`ImpersonateLoggedOnUser' instead of `seteuid'.
* syscalls.cc (seteuid): Rearranged to allow using subauthentication
to retrieve user tokens when needed.
(read_etc_group): Substitute MAX_DOMAIN_NAME by
INTERNET_MAX_HOST_NAME_LENGTH.
* passwd.cc (parse_pwd): Don't force pw_name to be lower case.
* sec_helper.cc: Substitute MAX_USER_NAME by UNLEN,
MAX_COMPUTERNAME_LENGTH by INTERNET_MAX_HOST_NAME_LENGTH throughout.
(lookup_name): Slight cleanup.
* security.cc (alloc_sd): Substitute MAX_USER_NAME by UNLEN.
* security.h: Define DEFAULT_UID as DOMAIN_USER_RID_ADMIN and
DEFAULT_GID as DOMAIN_ALIAS_RID_ADMINS.
* shared.cc (memory_init): Substitute MAX_USER_NAME by UNLEN.
* thread.h: Ditto.
* uinfo.cc (internal_getlogin): Substitute MAX_USER_NAME by UNLEN.
Substitute MAX_COMPUTERNAME_LENGTH and MAX_HOST_NAME by
INTERNET_MAX_HOST_NAME_LENGTH.
* winsup.h: Include lmcons.h. Eliminate MAX_USER_NAME and
MAX_HOST_NAME. Move DEFAULT_UID and DEFAULT_GID to security.h.
* cygheap.cc: Include security.h.
* grp.cc (internal_getgrent): New function.
(getgroups): Rearranged using `internal_getgrent' and the new
`cygsid' class.
* passwd.cc (internal_getpwent): New function.
* sec_acl.cc: Use new `cygsid' class throughout.
(acl_access): Use `internal_getgrent' instead of `getgrent'.
* sec_helper.cc: Use new `cygsid' class throughout.
(get_id_from_sid): Use `internal_getgrent' instead of `getgrent'.
Use `internal_getpwent' instead of `getpwent'.
* security.cc: Use new `cygsid' class throughout.
* security.h: Move `MAX_SID_LEN' from winsup.h to here.
Add extern declarations for `internal_getgrent' and `internal_getpwent'.
(class cygsid): New class.
* shared.cc (sec_user): Use new `cygsid' class.
* syscalls.cc (seteuid): Try to set owner to user and primary group to
current group in impersonation token before performing impersonation.
(setegid): Try to set primary group in process token to the new group
if ntsec is on.
* uinfo.cc (internal_getlogin): Use new `cygsid' class.
Try to set owner to user and primary group to current group in process
token if the process has been started from a non cygwin process.
(uinfo_init): Set primary group only if the process has been started
from a non cygwin process.
* winsup.h: Move define for `MAX_SID_LEN' to security.h.
Eric Blake
Corinna Vinschen
Christopher Faylor
Pierre Humblet
Robert Collins
Egor Duda