diff options
| author | Conrad Scott <conrad.scott@dsl.pipex.com> | 2002-07-02 14:58:25 +0400 |
|---|---|---|
| committer | Conrad Scott <conrad.scott@dsl.pipex.com> | 2002-07-02 14:58:25 +0400 |
| commit | 7607be6221151ab471444db3a898c813c208a761 (patch) | |
| tree | 03fac7b3c59a46432abe7f5611e6f174fbcecb82 /winsup/cygwin | |
| parent | 7365f71d651705dcd560b2be95e4195580a1554f (diff) | |
Merged changes from HEAD
Diffstat (limited to 'winsup/cygwin')
27 files changed, 755 insertions, 289 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 982aa2ab0..2eaf74b4a 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,146 @@ +2002-07-02 Egor Duda <deo@logos-m.ru> + + * include/cygwin/version.h: Bump API minor version. + +2002-07-01 Pierre Humblet <pierre.humblet@ieee.org> + + * security.cc (get_logon_server): Interpret a zero length + domain as the local domain. + (get_group_sidlist): Add authenticated users SID to SYSTEM's group + list instead of SYSTEM itself. + (verify_token): Accept the primary group sid if it equals + the token user sid. + +2002-07-02 Corinna Vinschen <corinna@vinschen.de> + + * cygwin.din (__fpclassifyd): Add symbol. + (__fpclassifyf): Ditto. + (__signbitd): Ditto. + (__signbitf): Ditto. + +2002-07-02 Corinna Vinschen <corinna@vinschen.de> + + * security.h (DONT_INHERIT): Eliminate definition. + (INHERIT_ALL): Ditto. + (INHERIT_ONLY): Ditto. + * sec_acl.cc: Use appropriate defines from accctrl.h instead of the + above throughout. + * security.cc: Ditto. + +2002-07-01 Pierre Humblet <pierre.humblet@ieee.org> + + * syscalls.c (seteuid32): Return immediately if the program is not + impersonated and both uid and gid are original. + (setegid32): Return immediately if the new gid is the current egid. + +2002-07-01 Christopher Faylor <cgf@redhat.com> + + * syscalls.cc (seteuid32): Fix incorrect placement of Pierre's patch + below. + +2002-07-01 Christopher Faylor <cgf@redhat.com> + + * syscalls.cc (seteuid32): Fix incorrect use of system_printf. + +2002-07-02 Christopher January <chris@atomice.net> + + * autoload.cc (GetSecurityInfo): Define new autoload function. + (RegQueryInfoKeyA): Ditto. + * fhandler.h (fhandler_virtual::fill_filebuf): Change return type to + bool. + (fhandler_proc::fill_filebuf): Ditto. + (fhandler_registry::fill_filebuf): Ditto. + (fhandler_process::fill_filebuf): Ditto. + (fhandler_registry::value_name): Add new member. + (fhandler_registry::close): Add new method. + (fhandler_process::p): Remove member. + * fhandler_proc.cc (fhandler_proc::open): Add set_nohandle after + calling superclass method. Check return value of fill_filebuf. + (fhandler_proc::fill_filebuf): Change return type to bool. Add return + statement. + * fhandler_process.cc (fhandler_process::open): Add set_nohandle after + calling superclass method. Remove references to p. Check return value + of fill_filebuf. + (fhandler_process::fill_filebuf): Change return type to bool. Don't + use dereference operator on p. Add return statement. + (fhandler_process::format_process_stat): Fix typo. + * fhandler_registry.cc: Add static open_key declaration. + (fhandler_registry::exists): Assume path is already normalised. Try + opening the path as a key in its own right first, before reverting to + enumerating subkeys and values of the parent key. + (fhandler_registry::fstat): Add additional code to return more relevant + information about the registry key/value. + (fhandler_registry::readdir): Explicitly set desired access when + opening registry key. Remove output of buf from debug_printf format + string. + (fhandler_registry::open): Use set_io_handle to store registry key + handle. Set value_name member. Move code to read a value from the + registry to fill_filebuf. Add call to fill_filebuf. + (fhandler_registry::close): New method. + (fhandler_registry::fill_filebuf): Change return type to bool. Add + code to read a value from registry. + (fhandler_registry::open_key): Make function static. Use KEY_READ as + desired access unless this is the last path component. Check the + return value of RegOpenKeyEx for an error instead of hKey. + * fhandler_virtual.cc (fhandler_virtual::lseek): Check the return value + of fill_filebuf. + (fhandler_virtual::open): Remove call to set_nohandle. + (fhandler_virtual::fill_filebuf): Change return type to bool. Add + return statement. + * security.cc (get_nt_object_attribute): New function. + (get_object_attribute): New function. + * security.h (get_object_attribute): New function declaration. + +2002-07-01 Pierre Humblet <pierre.humblet@ieee.org> + + * syscalls.c (seteuid32): Do not return an error when the token cannot + be created only because of a problem with the gid. + +2002-07-01 Christopher Faylor <cgf@redhat.com> + + * fhandler_clipboard.c (fhandler_dev_clipboard::open): Force text mode. + * fhandler_console.cc (fhandler_console::open): *Really* force binary + mode rather than make it optional. + * fhandler_proc.cc (fhandler_proc::open): Ditto. + * fhandler_process.cc (fhandler_process::open): Ditto. + * fhandler_random.cc (fhandler_dev_random::fhandler_dev_random): Ditto. + * fhandler_raw.cc (fhandler_dev_raw::open): Ditto. + * fhandler_registry.cc (fhandler_registry::open): Ditto. + * fhandler_tty.cc (fhandler_tty_slave::open): Ditto. + * fhandler_virtual.cc (fhandler_virtual::open): Ditto. + * fhandler_windows.cc (fhandler_windows::open): Ditto. + * fhandler_zero.cc (fhandler_dev_zero::open): Ditto. + * net.cc (fdsock): Ditto. + * path.cc (set_flags): Add more debugging. + +2002-07-01 Christopher Faylor <cgf@redhat.com> + + * debug.cc (threads): Avoid initialization. + * uinfo.cc (cygheap_user::ontherange): (from Corinna Vinschen) Actually + make below changes work. + +2002-07-01 Christopher Faylor <cgf@redhat.com> + + * uinfo.cc (cygheap_user::ontherange): Make cygwin root the last resort + for HOMEPATH/HOMEDRIVE for consistency with HOME. + +2002-07-01 Corinna Vinschen <corinna@vinschen.de> + + * shared.cc (sec_none): Move to sec_helper.cc. + (sec_none_nih): Ditto. + (sec_all): Ditto. + (sec_all_nih): Ditto. + (get_null_sd): Ditto. + (sec_acl): Ditto. + (__sec_user): Ditto. + * sec_helper.cc (sec_none): Move from shared.cc to here. + (sec_none_nih): Ditto. + (sec_all): Ditto. + (sec_all_nih): Ditto. + (get_null_sd): Ditto. + (sec_acl): Ditto. + (__sec_user): Ditto. + 2002-07-01 Conrad Scott <conrad.scott@dsl.pipex.com> * cygserver_transport.cc (create_server_transport): Fix diff --git a/winsup/cygwin/autoload.cc b/winsup/cygwin/autoload.cc index d37b19975..5c14ff115 100644 --- a/winsup/cygwin/autoload.cc +++ b/winsup/cygwin/autoload.cc @@ -326,6 +326,7 @@ LoadDLLfunc (GetLengthSid, 4, advapi32) LoadDLLfunc (GetSecurityDescriptorDacl, 16, advapi32) LoadDLLfunc (GetSecurityDescriptorGroup, 12, advapi32) LoadDLLfunc (GetSecurityDescriptorOwner, 12, advapi32) +LoadDLLfunc (GetSecurityInfo, 32, advapi32) LoadDLLfunc (GetSidIdentifierAuthority, 4, advapi32) LoadDLLfunc (GetSidSubAuthority, 8, advapi32) LoadDLLfunc (GetSidSubAuthorityCount, 4, advapi32) @@ -358,6 +359,7 @@ LoadDLLfunc (RegLoadKeyA, 12, advapi32) LoadDLLfunc (RegEnumKeyExA, 32, advapi32) LoadDLLfunc (RegEnumValueA, 32, advapi32) LoadDLLfunc (RegOpenKeyExA, 20, advapi32) +LoadDLLfunc (RegQueryInfoKeyA, 48, advapi32) LoadDLLfunc (RegQueryValueExA, 24, advapi32) LoadDLLfunc (RegSetValueExA, 24, advapi32) LoadDLLfunc (RegisterEventSourceA, 8, advapi32) diff --git a/winsup/cygwin/cygwin.din b/winsup/cygwin/cygwin.din index d9a488bc9..e29b031d4 100644 --- a/winsup/cygwin/cygwin.din +++ b/winsup/cygwin/cygwin.din @@ -4,8 +4,12 @@ EXPORTS __assert __eprintf __errno +__fpclassifyd +__fpclassifyf __infinity __main +__signbitd +__signbitf __signgam __srget __swbuf diff --git a/winsup/cygwin/debug.cc b/winsup/cygwin/debug.cc index 5d3d63bbc..a530c5c34 100644 --- a/winsup/cygwin/debug.cc +++ b/winsup/cygwin/debug.cc @@ -31,7 +31,7 @@ typedef struct const char *name; } thread_info; -static NO_COPY thread_info threads[32] = {{0, NULL}}; // increase as necessary +static NO_COPY thread_info threads[32]; // increase as necessary #define NTHREADS (sizeof (threads) / sizeof (threads[0])) void diff --git a/winsup/cygwin/errno.cc b/winsup/cygwin/errno.cc index 17ac6a61b..088f1a18d 100644 --- a/winsup/cygwin/errno.cc +++ b/winsup/cygwin/errno.cc @@ -135,7 +135,7 @@ geterrno_from_win_error (DWORD code, int deferrno) void __stdcall seterrno_from_win_error (const char *file, int line, DWORD code) { - syscall_printf ("%s:%d errno %d", file, line, code); + syscall_printf ("%s:%d windows error %d", file, line, code); set_errno (geterrno_from_win_error (code, EACCES)); return; } diff --git a/winsup/cygwin/fhandler.h b/winsup/cygwin/fhandler.h index ebb07a8df..5727d24ab 100644 --- a/winsup/cygwin/fhandler.h +++ b/winsup/cygwin/fhandler.h @@ -1090,7 +1090,7 @@ class fhandler_virtual : public fhandler_base int open (path_conv *, int flags, mode_t mode = 0); int close (void); int __stdcall fstat (struct stat *buf, path_conv *pc) __attribute__ ((regparm (3))); - virtual void fill_filebuf (); + virtual bool fill_filebuf (); }; class fhandler_proc: public fhandler_virtual @@ -1104,11 +1104,13 @@ class fhandler_proc: public fhandler_virtual int open (path_conv *real_path, int flags, mode_t mode = 0); int __stdcall fstat (struct __stat64 *buf, path_conv *) __attribute__ ((regparm (3))); - void fill_filebuf (); + bool fill_filebuf (); }; class fhandler_registry: public fhandler_proc { + private: + char *value_name; public: fhandler_registry (); int exists(); @@ -1120,22 +1122,21 @@ class fhandler_registry: public fhandler_proc int open (path_conv *real_path, int flags, mode_t mode = 0); int __stdcall fstat (struct __stat64 *buf, path_conv *) __attribute__ ((regparm (3))); - HKEY open_key(const char *name, REGSAM access = KEY_READ, bool isValue = false); - void fill_filebuf (); + bool fill_filebuf (); + int close (void); }; class pinfo; class fhandler_process: public fhandler_proc { pid_t pid; - pinfo *p; public: fhandler_process (); int exists(); struct dirent *readdir (DIR *); int open (path_conv *real_path, int flags, mode_t mode = 0); int __stdcall fstat (struct __stat64 *buf, path_conv *) __attribute__ ((regparm (3))); - void fill_filebuf (); + bool fill_filebuf (); }; typedef union diff --git a/winsup/cygwin/fhandler_clipboard.cc b/winsup/cygwin/fhandler_clipboard.cc index e3b26c9fa..b1c61b9d3 100644 --- a/winsup/cygwin/fhandler_clipboard.cc +++ b/winsup/cygwin/fhandler_clipboard.cc @@ -65,7 +65,7 @@ fhandler_dev_clipboard::dup (fhandler_base * child) int fhandler_dev_clipboard::open (path_conv *, int flags, mode_t) { - set_flags (flags, O_TEXT); + set_flags (flags | O_TEXT); eof = false; pos = 0; if (membuffer) diff --git a/winsup/cygwin/fhandler_console.cc b/winsup/cygwin/fhandler_console.cc index 458c5a337..76c8065d3 100644 --- a/winsup/cygwin/fhandler_console.cc +++ b/winsup/cygwin/fhandler_console.cc @@ -538,7 +538,7 @@ fhandler_console::open (path_conv *, int flags, mode_t) set_io_handle (INVALID_HANDLE_VALUE); set_output_handle (INVALID_HANDLE_VALUE); - set_flags (flags & ~O_TEXT, O_BINARY); + set_flags ((flags & ~O_TEXT) | O_BINARY); /* Open the input handle as handle_ */ h = CreateFileA ("CONIN$", GENERIC_READ|GENERIC_WRITE, diff --git a/winsup/cygwin/fhandler_proc.cc b/winsup/cygwin/fhandler_proc.cc index 65accd2e1..97b8a1751 100644 --- a/winsup/cygwin/fhandler_proc.cc +++ b/winsup/cygwin/fhandler_proc.cc @@ -216,6 +216,8 @@ fhandler_proc::open (path_conv *pc, int flags, mode_t mode) if (!res) goto out; + set_nohandle (true); + const char *path; path = get_name () + proc_len; @@ -291,7 +293,11 @@ fhandler_proc::open (path_conv *pc, int flags, mode_t mode) } fileid = proc_file_no; - fill_filebuf (); + if (!fill_filebuf ()) + { + res = 0; + goto out; + } if (flags & O_APPEND) position = filesize; @@ -300,14 +306,14 @@ fhandler_proc::open (path_conv *pc, int flags, mode_t mode) success: res = 1; - set_flags (flags & ~O_TEXT, O_BINARY); + set_flags ((flags & ~O_TEXT) | O_BINARY); set_open_status (); out: syscall_printf ("%d = fhandler_proc::open (%p, %d)", res, flags, mode); return res; } -void +bool fhandler_proc::fill_filebuf () { switch (fileid) @@ -361,6 +367,7 @@ fhandler_proc::fill_filebuf () break; } } + return true; } static diff --git a/winsup/cygwin/fhandler_process.cc b/winsup/cygwin/fhandler_process.cc index a0ba4af90..dc885820a 100644 --- a/winsup/cygwin/fhandler_process.cc +++ b/winsup/cygwin/fhandler_process.cc @@ -41,7 +41,8 @@ static const int PROCESS_CTTY = 11; static const int PROCESS_STAT = 12; static const int PROCESS_STATM = 13; -static const char *process_listing[] = { +static const char * const process_listing[] = +{ ".", "..", "ppid", @@ -59,14 +60,17 @@ static const char *process_listing[] = { NULL }; -static const int PROCESS_LINK_COUNT = (sizeof(process_listing) / sizeof(const char *)) - 1; +static const int PROCESS_LINK_COUNT = + (sizeof(process_listing) / sizeof(const char *)) - 1; static off_t format_process_stat (_pinfo *p, char *destbuf, size_t maxsize); static off_t format_process_status (_pinfo *p, char *destbuf, size_t maxsize); static off_t format_process_statm (_pinfo *p, char *destbuf, size_t maxsize); static int get_process_state (DWORD dwProcessId); -static bool get_mem_values(DWORD dwProcessId, unsigned long *vmsize, unsigned long *vmrss, unsigned long *vmtext, - unsigned long *vmdata, unsigned long *vmlib, unsigned long *vmshare); +static bool get_mem_values(DWORD dwProcessId, unsigned long *vmsize, + unsigned long *vmrss, unsigned long *vmtext, + unsigned long *vmdata, unsigned long *vmlib, + unsigned long *vmshare); /* Returns 0 if path doesn't exist, >0 if path is a directory, * <0 if path is a file. @@ -159,6 +163,8 @@ fhandler_process::open (path_conv *pc, int flags, mode_t mode) if (!res) goto out; + set_nohandle (true); + const char *path; path = get_name () + proc_len + 1; pid = atoi (path); @@ -215,49 +221,38 @@ fhandler_process::open (path_conv *pc, int flags, mode_t mode) goto out; } - { - pinfo p (pid); - if (!p) - { - set_errno (ENOENT); - res = 0; - goto out; - } - fileid = process_file_no; - this->p = &p; - fill_filebuf (); + if (!fill_filebuf ()) + { + res = 0; + goto out; + } if (flags & O_APPEND) position = filesize; else position = 0; - this->p = NULL; - } success: res = 1; - set_flags (flags & ~O_TEXT, O_BINARY); + set_flags ((flags & ~O_TEXT) | O_BINARY); set_open_status (); out: syscall_printf ("%d = fhandler_proc::open (%p, %d)", res, flags, mode); return res; } -void +bool fhandler_process::fill_filebuf () { - pinfo pmaybe; + pinfo p (pid); if (!p) { - pmaybe.init (pid); - p = &pmaybe; + set_errno (ENOENT); + return false; } - if (!p) - return; - switch (fileid) { case PROCESS_UID: @@ -268,27 +263,27 @@ fhandler_process::fill_filebuf () case PROCESS_PPID: { if (!filebuf) - filebuf = (char *) cmalloc (HEAP_BUF, bufalloc = 40); + filebuf = (char *) cmalloc (HEAP_BUF, bufalloc = 40); int num; switch (fileid) { case PROCESS_PPID: - num = (*p)->ppid; + num = p->ppid; break; case PROCESS_UID: - num = (*p)->uid; + num = p->uid; break; case PROCESS_PGID: - num = (*p)->pgid; + num = p->pgid; break; case PROCESS_SID: - num = (*p)->sid; + num = p->sid; break; case PROCESS_GID: - num = (*p)->gid; + num = p->gid; break; case PROCESS_CTTY: - num = (*p)->ctty; + num = p->ctty; break; default: // what's this here for? num = 0; @@ -301,12 +296,12 @@ fhandler_process::fill_filebuf () case PROCESS_EXENAME: { if (!filebuf) - filebuf = (char *) cmalloc (HEAP_BUF, bufalloc = MAX_PATH); - if ((*p)->process_state & (PID_ZOMBIE | PID_EXITED)) + filebuf = (char *) cmalloc (HEAP_BUF, bufalloc = MAX_PATH); + if (p->process_state & (PID_ZOMBIE | PID_EXITED)) strcpy (filebuf, "<defunct>"); else { - mount_table->conv_to_posix_path ((*p)->progname, filebuf, 1); + mount_table->conv_to_posix_path (p->progname, filebuf, 1); int len = strlen (filebuf); if (len > 4) { @@ -321,17 +316,17 @@ fhandler_process::fill_filebuf () case PROCESS_WINPID: { if (!filebuf) - filebuf = (char *) cmalloc (HEAP_BUF, bufalloc = 40); - __small_sprintf (filebuf, "%d\n", (*p)->dwProcessId); + filebuf = (char *) cmalloc (HEAP_BUF, bufalloc = 40); + __small_sprintf (filebuf, "%d\n", p->dwProcessId); filesize = strlen (filebuf); break; } case PROCESS_WINEXENAME: { - int len = strlen ((*p)->progname); + int len = strlen (p->progname); if (!filebuf) - filebuf = (char *) cmalloc (HEAP_BUF, bufalloc = (len + 2)); - strcpy (filebuf, (*p)->progname); + filebuf = (char *) cmalloc (HEAP_BUF, bufalloc = (len + 2)); + strcpy (filebuf, p->progname); filebuf[len] = '\n'; filesize = len + 1; break; @@ -340,27 +335,26 @@ fhandler_process::fill_filebuf () { if (!filebuf) filebuf = (char *) cmalloc (HEAP_BUF, bufalloc = 2048); - filesize = format_process_status ((*p), filebuf, bufalloc); + filesize = format_process_status (*p, filebuf, bufalloc); break; } case PROCESS_STAT: { if (!filebuf) filebuf = (char *) cmalloc (HEAP_BUF, bufalloc = 2048); - filesize = format_process_stat ((*p), filebuf, bufalloc); + filesize = format_process_stat (*p, filebuf, bufalloc); break; } case PROCESS_STATM: { if (!filebuf) filebuf = (char *) cmalloc (HEAP_BUF, bufalloc = 2048); - filesize = format_process_statm ((*p), filebuf, bufalloc); + filesize = format_process_statm (*p, filebuf, bufalloc); break; } } - if (p == &pmaybe) - p = NULL; + return true; } static @@ -375,7 +369,7 @@ format_process_stat (_pinfo *p, char *destbuf, size_t maxsize) vmsize = 0UL, vmrss = 0UL, vmmaxrss = 0UL; int priority = 0; if (p->process_state & (PID_ZOMBIE | PID_EXITED)) - strcpy (cmd, "<defunct"); + strcpy (cmd, "<defunct>"); else { strcpy(cmd, p->progname); @@ -598,11 +592,12 @@ static off_t format_process_statm (_pinfo *p, char *destbuf, size_t maxsize) { - unsigned long vmsize = 0UL, vmrss = 0UL, vmtext = 0UL, vmdata = 0UL, vmlib = 0UL, - vmshare = 0UL; + unsigned long vmsize = 0UL, vmrss = 0UL, vmtext = 0UL, vmdata = 0UL, + vmlib = 0UL, vmshare = 0UL; if (wincap.is_winnt ()) { - if (!get_mem_values (p->dwProcessId, &vmsize, &vmrss, &vmtext, &vmdata, &vmlib, &vmshare)) + if (!get_mem_values (p->dwProcessId, &vmsize, &vmrss, &vmtext, &vmdata, + &vmlib, &vmshare)) return 0; } return __small_sprintf (destbuf, "%ld %ld %ld %ld %ld %ld %ld", diff --git a/winsup/cygwin/fhandler_random.cc b/winsup/cygwin/fhandler_random.cc index 42481d6eb..f6edeb193 100644 --- a/winsup/cygwin/fhandler_random.cc +++ b/winsup/cygwin/fhandler_random.cc @@ -31,7 +31,7 @@ fhandler_dev_random::fhandler_dev_random (int nunit) int fhandler_dev_random::open (path_conv *, int flags, mode_t) { - set_flags (flags & ~O_TEXT, O_BINARY); + set_flags ((flags & ~O_TEXT) | O_BINARY); set_open_status (); return 1; } diff --git a/winsup/cygwin/fhandler_raw.cc b/winsup/cygwin/fhandler_raw.cc index c692214ae..2ce43c363 100644 --- a/winsup/cygwin/fhandler_raw.cc +++ b/winsup/cygwin/fhandler_raw.cc @@ -175,7 +175,7 @@ fhandler_dev_raw::open (path_conv *real_path, int flags, mode_t) } set_io_handle (h); - set_flags (flags & ~O_TEXT, O_BINARY); + set_flags ((flags & ~O_TEXT) | O_BINARY); if (devbufsiz > 1L) devbuf = new char [devbufsiz]; diff --git a/winsup/cygwin/fhandler_registry.cc b/winsup/cygwin/fhandler_registry.cc index 94220c62a..45b8a858b 100644 --- a/winsup/cygwin/fhandler_registry.cc +++ b/winsup/cygwin/fhandler_registry.cc @@ -33,7 +33,7 @@ static const int registry_len = sizeof ("registry") - 1; * make up the value index if we are enuerating values. */ static const __off32_t REG_ENUM_VALUES_MASK = 0x8000000; -static const __off32_t REG_POSITION_MASK = 0xffff; +static const __off32_t REG_POSITION_MASK = 0xffff; /* List of root keys in /proc/registry. * Possibly we should filter out those not relevant to the flavour of Windows @@ -49,7 +49,7 @@ static const char *registry_listing[] = "HKEY_LOCAL_MACHINE", "HKEY_USERS", "HKEY_DYN_DATA", // 95/98/Me - "HKEY_PERFOMANCE_DATA", // NT/2000/XP + "HKEY_PERFOMANCE_DATA", // NT/2000/XP NULL }; @@ -66,7 +66,7 @@ static const HKEY registry_keys[] = HKEY_PERFORMANCE_DATA }; -static const int ROOT_KEY_COUNT = sizeof(registry_keys) / sizeof(HKEY); +static const int ROOT_KEY_COUNT = sizeof (registry_keys) / sizeof (HKEY); /* These get added to each subdirectory in /proc/registry. * If we wanted to implement writing, we could maybe add a '.writable' entry or @@ -79,11 +79,14 @@ static const char *special_dot_files[] = NULL }; -static const int SPECIAL_DOT_FILE_COUNT = (sizeof(special_dot_files) / sizeof(const char *)) - 1; +static const int SPECIAL_DOT_FILE_COUNT = + (sizeof (special_dot_files) / sizeof (const char *)) - 1; /* Name given to default values */ static const char *DEFAULT_VALUE_NAME = "@"; +static HKEY open_key (const char *name, REGSAM access, bool isValue); + /* Returns 0 if path doesn't exist, >0 if path is a directory, * <0 if path is a file. * @@ -103,10 +106,7 @@ fhandler_registry::exists () const char *path = get_name (); debug_printf ("exists (%s)", path); - path += proc_len + 1 + registry_len; - - while (SLASH_P (*path)) - path++; + path += proc_len + registry_len + 2; if (*path == 0) { file_type = 2; @@ -132,44 +132,52 @@ fhandler_registry::exists () goto out; } - hKey = open_key (path, KEY_READ, true); - if (hKey == (HKEY) INVALID_HANDLE_VALUE) - return 0; - - while (ERROR_SUCCESS == - (error = RegEnumKeyEx (hKey, index++, buf, &buf_size, NULL, NULL, - NULL, NULL)) || (error == ERROR_MORE_DATA)) + hKey = open_key (path, KEY_READ, false); + if (hKey != (HKEY) INVALID_HANDLE_VALUE) + file_type = 1; + else { - if (pathmatch (buf, file)) + hKey = open_key (path, KEY_READ, true); + if (hKey == (HKEY) INVALID_HANDLE_VALUE) + return 0; + + while (ERROR_SUCCESS == + (error = RegEnumKeyEx (hKey, index++, buf, &buf_size, NULL, NULL, + NULL, NULL)) + || (error == ERROR_MORE_DATA)) + { + if (pathmatch (buf, file)) + { + file_type = 1; + goto out; + } + buf_size = MAX_PATH; + } + if (error != ERROR_NO_MORE_ITEMS) { - file_type = 1; + seterrno_from_win_error (__FILE__, __LINE__, error); goto out; } + index = 0; buf_size = MAX_PATH; - } - if (error != ERROR_NO_MORE_ITEMS) - { - seterrno_from_win_error (__FILE__, __LINE__, error); - goto out; - } - index = 0; - buf_size = MAX_PATH; - while (ERROR_SUCCESS == - (error = RegEnumValue (hKey, index++, buf, &buf_size, NULL, NULL, - NULL, NULL)) || (error == ERROR_MORE_DATA)) - { - if (pathmatch (buf, file) || (buf[0] == '\0' && - pathmatch (file, DEFAULT_VALUE_NAME))) + while (ERROR_SUCCESS == + (error = RegEnumValue (hKey, index++, buf, &buf_size, NULL, NULL, + NULL, NULL)) + || (error == ERROR_MORE_DATA)) { - file_type = -1; + if (pathmatch (buf, file) || (buf[0] == '\0' && + pathmatch (file, DEFAULT_VALUE_NAME))) + { + file_type = -1; + goto out; + } + buf_size = MAX_PATH; + } + if (error != ERROR_NO_MORE_ITEMS) + { + seterrno_from_win_error (__FILE__, __LINE__, error); goto out; } - buf_size = MAX_PATH; - } - if (error != ERROR_NO_MORE_ITEMS) - { - seterrno_from_win_error (__FILE__, __LINE__, error); - goto out; } out: if (hKey != (HKEY) INVALID_HANDLE_VALUE) @@ -178,12 +186,12 @@ out: } fhandler_registry::fhandler_registry (): - fhandler_proc (FH_REGISTRY) +fhandler_proc (FH_REGISTRY) { } int -fhandler_registry::fstat (struct __stat64 *buf, path_conv *pc) +fhandler_registry::fstat (struct __stat64 *buf, path_conv * pc) { this->fhandler_base::fstat (buf, pc); buf->st_mode &= ~_IFMT & NO_W; @@ -206,6 +214,61 @@ fhandler_registry::fstat (struct __stat64 *buf, path_conv *pc) buf->st_mode &= NO_X; break; } + if (file_type != 0 && file_type != 2) + { + HKEY hKey; + const char *path = get_name () + proc_len + registry_len + 2; + hKey = + open_key (path, STANDARD_RIGHTS_READ | KEY_QUERY_VALUE, + (file_type < 0) ? true : false); + + if (hKey != (HKEY) INVALID_HANDLE_VALUE) + { + FILETIME ftLastWriteTime; + DWORD subkey_count; + if (ERROR_SUCCESS == + RegQueryInfoKey (hKey, NULL, NULL, NULL, &subkey_count, NULL, + NULL, NULL, NULL, NULL, NULL, + &ftLastWriteTime)) + { + to_timestruc_t (&ftLastWriteTime, &buf->st_mtim); + buf->st_ctim = buf->st_mtim; + time_as_timestruc_t (&buf->st_atim); + if (file_type > 0) + buf->st_nlink = subkey_count; + else + { + int pathlen = strlen (path); + const char *value_name = path + pathlen - 1; + if (SLASH_P (*value_name) && pathlen > 1) + value_name--; + while (!SLASH_P (*value_name)) + value_name--; + value_name++; + DWORD dwSize; + if (ERROR_SUCCESS == + RegQueryValueEx (hKey, value_name, NULL, NULL, NULL, + &dwSize)) + buf->st_size = dwSize; + } + __uid32_t uid; + __gid32_t gid; + if (get_object_attribute + ((HANDLE) hKey, SE_REGISTRY_KEY, &buf->st_mode, &uid, + &gid) == 0) + { + buf->st_uid = uid; + buf->st_gid = gid; + buf->st_mode &= ~(S_IWUSR | S_IWGRP | S_IWOTH); + if (file_type > 0) + buf->st_mode |= S_IFDIR; + else + buf->st_mode &= NO_X; + } + } + RegCloseKey (hKey); + } + } return 0; } @@ -230,14 +293,15 @@ fhandler_registry::readdir (DIR * dir) if (dir->__d_u.__d_data.__handle == INVALID_HANDLE_VALUE && dir->__d_position == 0) { - handle = open_key (path + 1); - dir->__d_u.__d_data.__handle = handle;; + handle = open_key (path + 1, KEY_READ, false); + dir->__d_u.__d_data.__handle = handle; } if (dir->__d_u.__d_data.__handle == INVALID_HANDLE_VALUE) goto out; if (dir->__d_position < SPECIAL_DOT_FILE_COUNT) { - strcpy (dir->__d_dirent->d_name, special_dot_files[dir->__d_position++]); + strcpy (dir->__d_dirent->d_name, + special_dot_files[dir->__d_position++]); res = dir->__d_dirent; goto out; } @@ -252,7 +316,8 @@ retry: else error = RegEnumKeyEx ((HKEY) dir->__d_u.__d_data.__handle, dir->__d_position - - SPECIAL_DOT_FILE_COUNT, buf, &buf_size, NULL, NULL, NULL, NULL); + SPECIAL_DOT_FILE_COUNT, buf, &buf_size, NULL, NULL, NULL, + NULL); if (error == ERROR_NO_MORE_ITEMS && (dir->__d_position & REG_ENUM_VALUES_MASK) == 0) { @@ -280,7 +345,7 @@ retry: dir->__d_position += 0x10000; res = dir->__d_dirent; out: - syscall_printf ("%p = readdir (%p) (%s)", &dir->__d_dirent, dir, buf); + syscall_printf ("%p = readdir (%p)", &dir->__d_dirent, dir); return res; } @@ -329,13 +394,11 @@ fhandler_registry::closedir (DIR * dir) } int -fhandler_registry::open (path_conv *pc, int flags, mode_t mode) +fhandler_registry::open (path_conv * pc, int flags, mode_t mode) { - DWORD type, size; - LONG error; - HKEY hKey = (HKEY) INVALID_HANDLE_VALUE; int pathlen; const char *file; + HKEY handle; int res = fhandler_virtual::open (pc, flags, mode); if (!res) @@ -418,33 +481,88 @@ fhandler_registry::open (path_conv *pc, int flags, mode_t mode) goto out; } - hKey = open_key (path, KEY_READ, true); - if (hKey == (HKEY) INVALID_HANDLE_VALUE) + handle = open_key (path, KEY_READ, true); + if (handle == (HKEY) INVALID_HANDLE_VALUE) { res = 0; goto out; } + + set_io_handle (handle); + if (pathmatch (file, DEFAULT_VALUE_NAME)) - file = ""; + value_name = cstrdup (""); + else + value_name = cstrdup (file); - if (hKey != HKEY_PERFORMANCE_DATA) + if (!fill_filebuf ()) { - error = RegQueryValueEx (hKey, file, NULL, &type, NULL, &size); - if (error != ERROR_SUCCESS) + RegCloseKey (handle); + res = 0; + goto out; + } + + if (flags & O_APPEND) + position = filesize; + else + position = 0; + +success: + res = 1; + set_flags ((flags & ~O_TEXT) | O_BINARY); + set_open_status (); +out: + syscall_printf ("%d = fhandler_registry::open (%p, %d)", res, flags, mode); + return res; +} + +int +fhandler_registry::close () +{ + int res = fhandler_virtual::close (); + if (res != 0) + return res; + HKEY handle = (HKEY) get_handle (); + if (handle != (HKEY) INVALID_HANDLE_VALUE) + { + if (RegCloseKey (handle) != ERROR_SUCCESS) { - seterrno_from_win_error (__FILE__, __LINE__, error); + __seterrno (); res = -1; - goto out; + } + } + if (value_name) + cfree (value_name); + return 0; +} + +bool +fhandler_registry::fill_filebuf () +{ + DWORD type, size; + LONG error; + HKEY handle = (HKEY) get_handle (); + if (handle != HKEY_PERFORMANCE_DATA) + { + error = RegQueryValueEx (handle, value_name, NULL, &type, NULL, &size); + if (error != ERROR_SUCCESS) + { + if (error != ERROR_FILE_NOT_FOUND) + { + seterrno_from_win_error (__FILE__, __LINE__, error); + return false; + } + goto value_not_found; } bufalloc = size; filebuf = (char *) cmalloc (HEAP_BUF, bufalloc); error = - RegQueryValueEx (hKey, file, NULL, NULL, (BYTE *) filebuf, &size); + RegQueryValueEx (handle, value_name, NULL, NULL, (BYTE *) filebuf, + &size); if (error != ERROR_SUCCESS) { seterrno_from_win_error (__FILE__, __LINE__, error); - res = 0; - goto out; + return true; } filesize = size; } @@ -460,43 +578,49 @@ fhandler_registry::open (path_conv *pc, int flags, mode_t mode) filebuf = (char *) cmalloc (HEAP_BUF, bufalloc); } error = - RegQueryValueEx (hKey, file, NULL, &type, (BYTE *) filebuf, - &size); - if (error != ERROR_SUCCESS && res != ERROR_MORE_DATA) + RegQueryValueEx (handle, value_name, NULL, &type, + (BYTE *) filebuf, &size); + if (error != ERROR_SUCCESS && error != ERROR_MORE_DATA) { - seterrno_from_win_error (__FILE__, __LINE__, error); - res = 0; - goto out; + if (error != ERROR_FILE_NOT_FOUND) + { + seterrno_from_win_error (__FILE__, __LINE__, error); + return true; + } + goto value_not_found; } } while (error == ERROR_MORE_DATA); filesize = size; } - - if (flags & O_APPEND) - position = filesize; - else - position = 0; - -success: - res = 1; - set_flags (flags & ~O_TEXT, O_BINARY); - set_open_status (); -out: - if (hKey != (HKEY) INVALID_HANDLE_VALUE) - RegCloseKey (hKey); - syscall_printf ("%d = fhandler_registry::open (%p, %d)", res, flags, mode); - return res; -} - -void -fhandler_registry::fill_filebuf () -{ + return true; +value_not_found: + DWORD buf_size = MAX_PATH; + char buf[buf_size]; + int index = 0; + while (ERROR_SUCCESS == + (error = RegEnumKeyEx (handle, index++, buf, &buf_size, NULL, NULL, + NULL, NULL)) || (error == ERROR_MORE_DATA)) + { + if (pathmatch (buf, value_name)) + { + set_errno (EISDIR); + return false; + } + buf_size = MAX_PATH; + } + if (error != ERROR_NO_MORE_ITEMS) + { + seterrno_from_win_error (__FILE__, __LINE__, error); + return false; + } + set_errno (ENOENT); + return false; } /* Auxillary member function to open registry keys. */ -HKEY -fhandler_registry::open_key (const char *name, REGSAM access, bool isValue) +static HKEY +open_key (const char *name, REGSAM access, bool isValue) { HKEY hKey = (HKEY) INVALID_HANDLE_VALUE; HKEY hParentKey = (HKEY) INVALID_HANDLE_VALUE; @@ -517,10 +641,15 @@ fhandler_registry::open_key (const char *name, REGSAM access, bool isValue) if (hParentKey != (HKEY) INVALID_HANDLE_VALUE) { - hKey = (HKEY) INVALID_HANDLE_VALUE; - LONG error = RegOpenKeyEx (hParentKey, component, 0, access, &hKey); - if (hKey == (HKEY) INVALID_HANDLE_VALUE) + REGSAM effective_access = KEY_READ; + if ((strchr (name, '/') == NULL && isValue == true) || *name == 0) + effective_access = access; + LONG + error = + RegOpenKeyEx (hParentKey, component, 0, effective_access, &hKey); + if (error != ERROR_SUCCESS) { + hKey = (HKEY) INVALID_HANDLE_VALUE; seterrno_from_win_error (__FILE__, __LINE__, error); return hKey; } diff --git a/winsup/cygwin/fhandler_tty.cc b/winsup/cygwin/fhandler_tty.cc index 725585d31..4192f52ce 100644 --- a/winsup/cygwin/fhandler_tty.cc +++ b/winsup/cygwin/fhandler_tty.cc @@ -453,7 +453,7 @@ fhandler_tty_slave::open (path_conv *, int flags, mode_t) attach_tty (ttynum); tc->set_ctty (ttynum, flags); - set_flags (flags & ~O_TEXT, O_BINARY); + set_flags ((flags & ~O_TEXT) | O_BINARY); /* Create synchronisation events */ char buf[40]; @@ -991,7 +991,7 @@ fhandler_pty_master::open (path_conv *, int flags, mode_t) cygwin_shared->tty[ttynum]->common_init (this); inuse = get_ttyp ()->create_inuse (TTY_MASTER_ALIVE); - set_flags (flags & ~O_TEXT, O_BINARY); + set_flags ((flags & ~O_TEXT) | O_BINARY); set_open_status (); termios_printf ("opened pty master tty%d<%p>", ttynum, this); diff --git a/winsup/cygwin/fhandler_virtual.cc b/winsup/cygwin/fhandler_virtual.cc index a05543426..7f1f02f12 100644 --- a/winsup/cygwin/fhandler_virtual.cc +++ b/winsup/cygwin/fhandler_virtual.cc @@ -115,7 +115,8 @@ fhandler_virtual::lseek (__off64_t offset, int whence) * On Linux, when you lseek within a /proc file, * the contents of the file are updated. */ - fill_filebuf (); + if (!fill_filebuf ()) + return (__off64_t) -1; switch (whence) { case SEEK_SET: @@ -207,9 +208,7 @@ fhandler_virtual::open (path_conv *, int flags, mode_t mode) set_execable_p (not_executable); set_socket_p (false); - set_flags (flags & ~O_TEXT, O_BINARY); - - set_nohandle (true); + set_flags ((flags & ~O_TEXT) | O_BINARY); return 1; } @@ -220,7 +219,8 @@ fhandler_virtual::exists () return 0; } -void +bool fhandler_virtual::fill_filebuf () { + return true; } diff --git a/winsup/cygwin/fhandler_windows.cc b/winsup/cygwin/fhandler_windows.cc index 591f2c704..ac1fe044d 100644 --- a/winsup/cygwin/fhandler_windows.cc +++ b/winsup/cygwin/fhandler_windows.cc @@ -54,7 +54,7 @@ fhandler_windows::fhandler_windows () int fhandler_windows::open (path_conv *, int flags, mode_t) { - set_flags (flags & ~O_TEXT, O_BINARY); + set_flags ((flags & ~O_TEXT) | O_BINARY); set_close_on_exec_flag (1); set_open_status (); return 1; diff --git a/winsup/cygwin/fhandler_zero.cc b/winsup/cygwin/fhandler_zero.cc index ff8271344..58b82be22 100644 --- a/winsup/cygwin/fhandler_zero.cc +++ b/winsup/cygwin/fhandler_zero.cc @@ -23,7 +23,7 @@ fhandler_dev_zero::fhandler_dev_zero () int fhandler_dev_zero::open (path_conv *, int flags, mode_t) { - set_flags (flags & ~O_TEXT, O_BINARY); + set_flags ((flags & ~O_TEXT) | O_BINARY); set_open_status (); return 1; } diff --git a/winsup/cygwin/include/cygwin/version.h b/winsup/cygwin/include/cygwin/version.h index 4c1437bc2..5b9cf44d6 100644 --- a/winsup/cygwin/include/cygwin/version.h +++ b/winsup/cygwin/include/cygwin/version.h @@ -151,12 +151,13 @@ details. */ 51: Export recvmsg, sendmsg. 52: Export strptime 53: Export strlcat, strlcpy. + 54: Export __fpclassifyd, __fpclassifyf, __signbitd, __signbitf. */ /* Note that we forgot to bump the api for ualarm, strtoll, strtoull */ #define CYGWIN_VERSION_API_MAJOR 0 -#define CYGWIN_VERSION_API_MINOR 53 +#define CYGWIN_VERSION_API_MINOR 54 /* There is also a compatibity version number associated with the shared memory regions. It is incremented when incompatible diff --git a/winsup/cygwin/net.cc b/winsup/cygwin/net.cc index d3eba725c..c54dc7eed 100644 --- a/winsup/cygwin/net.cc +++ b/winsup/cygwin/net.cc @@ -510,7 +510,7 @@ fdsock (int& fd, const char *name, SOCKET soc) debug_printf ("not setting socket inheritance since winsock2_active %d", winsock2_active); fhandler_socket *fh = (fhandler_socket *) cygheap->fdtab.build_fhandler (fd, FH_SOCKET, name); fh->set_io_handle ((HANDLE) soc); - fh->set_flags (O_RDWR, O_BINARY); + fh->set_flags (O_RDWR | O_BINARY); debug_printf ("fd %d, name '%s', soc %p", fd, name, soc); return fh; } diff --git a/winsup/cygwin/path.cc b/winsup/cygwin/path.cc index cfa3ef241..2e8626b2d 100644 --- a/winsup/cygwin/path.cc +++ b/winsup/cygwin/path.cc @@ -1338,7 +1338,15 @@ set_flags (unsigned *flags, unsigned val) { *flags = val; if (!(*flags & PATH_BINARY)) - *flags = PATH_TEXT; + { + *flags |= PATH_TEXT; + debug_printf ("flags: text (%p)", *flags & (PATH_TEXT | PATH_BINARY)); + } + else + { + *flags |= PATH_BINARY; + debug_printf ("flags: binary (%p)", *flags & (PATH_TEXT | PATH_BINARY)); + } } /* conv_to_win32_path: Ensure src_path is a pure Win32 path and store diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc index e93073794..26ab878c1 100644 --- a/winsup/cygwin/sec_acl.cc +++ b/winsup/cygwin/sec_acl.cc @@ -128,7 +128,8 @@ setacl (const char *file, int nentries, __aclent16_t *aclbufp) allow |= FILE_DELETE_CHILD; /* Set inherit property. */ DWORD inheritance = (aclbufp[i].a_type & ACL_DEFAULT) - ? INHERIT_ONLY : DONT_INHERIT; + ? (SUB_CONTAINERS_AND_OBJECTS_INHERIT | INHERIT_ONLY) + : NO_INHERITANCE; /* * If a specific acl contains a corresponding default entry with * identical permissions, only one Windows ACE with proper @@ -142,7 +143,7 @@ setacl (const char *file, int nentries, __aclent16_t *aclbufp) && pos < nentries && aclbufp[i].a_perm == aclbufp[pos].a_perm) { - inheritance = INHERIT_ALL; + inheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT; /* This eliminates the corresponding default entry. */ aclbufp[pos].a_type = 0; } @@ -344,12 +345,12 @@ getacl (const char *file, DWORD attr, int nentries, __aclent16_t *aclbufp) } if (!type) continue; - if (!(ace->Header.AceFlags & INHERIT_ONLY_ACE)) + if (!(ace->Header.AceFlags & INHERIT_ONLY)) { if ((pos = searchace (lacl, MAX_ACL_ENTRIES, type, id)) >= 0) getace (lacl[pos], type, id, ace->Mask, ace->Header.AceType); } - if ((ace->Header.AceFlags & INHERIT_ALL) + if ((ace->Header.AceFlags & SUB_CONTAINERS_AND_OBJECTS_INHERIT) && (attr & FILE_ATTRIBUTE_DIRECTORY)) { type |= ACL_DEFAULT; diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc index cfa0fafce..5c7eb26d2 100644 --- a/winsup/cygwin/sec_helper.cc +++ b/winsup/cygwin/sec_helper.cc @@ -32,6 +32,12 @@ details. */ #include "pinfo.h" #include "cygheap.h" +/* General purpose security attribute objects for global use. */ +SECURITY_ATTRIBUTES NO_COPY sec_none; +SECURITY_ATTRIBUTES NO_COPY sec_none_nih; +SECURITY_ATTRIBUTES NO_COPY sec_all; +SECURITY_ATTRIBUTES NO_COPY sec_all_nih; + SID_IDENTIFIER_AUTHORITY sid_auth[] = { {SECURITY_NULL_SID_AUTHORITY}, {SECURITY_WORLD_SID_AUTHORITY}, @@ -384,6 +390,96 @@ out: if (hToken) CloseHandle (hToken); - syscall_printf ("%d = set_process_privilege (%s, %d)",ret, privilege, enable); + syscall_printf ("%d = set_process_privilege (%s, %d)", ret, privilege, enable); return ret; } + +/* + * Function to return a common SECURITY_DESCRIPTOR * that + * allows all access. + */ + +static NO_COPY SECURITY_DESCRIPTOR *null_sdp = 0; + +SECURITY_DESCRIPTOR *__stdcall +get_null_sd () +{ + static NO_COPY SECURITY_DESCRIPTOR sd; + + if (null_sdp == 0) + { + InitializeSecurityDescriptor (&sd, SECURITY_DESCRIPTOR_REVISION); + SetSecurityDescriptorDacl (&sd, TRUE, 0, FALSE); + null_sdp = &sd; + } + return null_sdp; +} + +BOOL +sec_acl (PACL acl, BOOL admins, PSID sid1, PSID sid2) +{ + size_t acl_len = MAX_DACL_LEN(5); + + if (!InitializeAcl (acl, acl_len, ACL_REVISION)) + { + debug_printf ("InitializeAcl %E"); + return FALSE; + } + if (sid2) + if (!AddAccessAllowedAce (acl, ACL_REVISION, + GENERIC_ALL, sid2)) + debug_printf ("AddAccessAllowedAce(sid2) %E"); + if (sid1) + if (!AddAccessAllowedAce (acl, ACL_REVISION, + GENERIC_ALL, sid1)) + debug_printf ("AddAccessAllowedAce(sid1) %E", sid1); + if (admins) + if (!AddAccessAllowedAce (acl, ACL_REVISION, + GENERIC_ALL, well_known_admins_sid)) + debug_printf ("AddAccessAllowedAce(admin) %E"); + if (!AddAccessAllowedAce (acl, ACL_REVISION, + GENERIC_ALL, well_known_system_sid)) + debug_printf ("AddAccessAllowedAce(system) %E"); +#if 0 /* Does not seem to help */ + if (!AddAccessAllowedAce (acl, ACL_REVISION, + GENERIC_ALL, well_known_creator_owner_sid)) + debug_printf ("AddAccessAllowedAce(creator_owner) %E"); +#endif + return TRUE; +} + +PSECURITY_ATTRIBUTES __stdcall +__sec_user (PVOID sa_buf, PSID sid2, BOOL inherit) +{ + PSECURITY_ATTRIBUTES psa = (PSECURITY_ATTRIBUTES) sa_buf; + PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR) + ((char *) sa_buf + sizeof (*psa)); + PACL acl = (PACL) ((char *) sa_buf + sizeof (*psa) + sizeof (*psd)); + + cygsid sid; + + if (!(sid = cygheap->user.orig_sid ()) || + (!sec_acl (acl, TRUE, sid, sid2))) + return inherit ? &sec_none : &sec_none_nih; + + if (!InitializeSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION)) + debug_printf ("InitializeSecurityDescriptor %E"); + +/* + * Setting the owner lets the created security attribute not work + * on NT4 SP3 Server. Don't know why, but the function still does + * what it should do also if the owner isn't set. +*/ +#if 0 + if (!SetSecurityDescriptorOwner (psd, sid, FALSE)) + debug_printf ("SetSecurityDescriptorOwner %E"); +#endif + + if (!SetSecurityDescriptorDacl (psd, TRUE, acl, FALSE)) + debug_printf ("SetSecurityDescriptorDacl %E"); + + psa->nLength = sizeof (SECURITY_ATTRIBUTES); + psa->lpSecurityDescriptor = psd; + psa->bInheritHandle = inherit; + return psa; +} diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index f5516aa60..0bf37a4d2 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -28,6 +28,7 @@ details. */ #include <wininet.h> #include <ntsecapi.h> #include <subauth.h> +#include <aclapi.h> #include "cygerrno.h" #include "security.h" #include "fhandler.h" @@ -254,8 +255,9 @@ get_logon_server (const char *domain, char *server, WCHAR *wserver) WCHAR * buf; DWORD size = INTERNET_MAX_HOST_NAME_LENGTH + 1; + /* Empty domain is interpreted as local system */ if ((GetComputerName (server + 2, &size)) && - strcasematch (domain, server + 2)) + (strcasematch (domain, server + 2) || !domain[0])) { server[0] = server[1] = '\\'; if (wserver) @@ -488,7 +490,7 @@ get_group_sidlist (cygsidlist &grp_list, grp_list += well_known_world_sid; if (usersid == well_known_system_sid) { - grp_list += well_known_system_sid; + grp_list += well_known_authenticated_users_sid; grp_list += well_known_admins_sid; } else @@ -698,10 +700,12 @@ verify_token (HANDLE token, cygsid &usersid, cygsid &pgrpsid, BOOL * pintern) debug_printf ("GetSecurityDescriptorGroup(): %E"); if (well_known_null_sid != gsid) return pgrpsid == gsid; } - /* See if the pgrpsid is in the token groups */ + /* See if the pgrpsid is the tok_usersid in the token groups */ PTOKEN_GROUPS my_grps = NULL; BOOL ret = FALSE; + if ( pgrpsid == tok_usersid) + return TRUE; if (!GetTokenInformation (token, TokenGroups, NULL, 0, &size) && GetLastError () != ERROR_INSUFFICIENT_BUFFER) debug_printf ("GetTokenInformation(token, TokenGroups): %E\n"); @@ -1186,7 +1190,7 @@ get_nt_attribute (const char *file, int *attribute, { if (!GetAce (acl, i, (PVOID *) &ace)) continue; - if (ace->Header.AceFlags & INHERIT_ONLY_ACE) + if (ace->Header.AceFlags & INHERIT_ONLY) continue; switch (ace->Header.AceType) { @@ -1301,6 +1305,174 @@ get_file_attribute (int use_ntsec, const char *file, return res > 0 ? 0 : -1; } +static int +get_nt_object_attribute (HANDLE handle, SE_OBJECT_TYPE object_type, int *attribute, + __uid32_t *uidret, __gid32_t *gidret) +{ + if (!wincap.has_security ()) + return 0; + + PSECURITY_DESCRIPTOR psd = NULL; + PSID owner_sid; + PSID group_sid; + PACL acl; + + if (ERROR_SUCCESS != GetSecurityInfo (handle, object_type, + DACL_SECURITY_INFORMATION | + GROUP_SECURITY_INFORMATION | + OWNER_SECURITY_INFORMATION, + &owner_sid, + &group_sid, + &acl, + NULL, + &psd)) + { + __seterrno (); + debug_printf ("GetSecurityInfo %E"); + return -1; + } + + __uid32_t uid = cygsid (owner_sid).get_uid (); + __gid32_t gid = cygsid (group_sid).get_gid (); + if (uidret) + *uidret = uid; + if (gidret) + *gidret = gid; + + if (!attribute) + { + syscall_printf ("uid %d, gid %d", uid, gid); + LocalFree (psd); + return 0; + } + + BOOL grp_member = is_grp_member (uid, gid); + + if (!acl) + { + *attribute |= S_IRWXU | S_IRWXG | S_IRWXO; + syscall_printf ("No ACL = %x, uid %d, gid %d", + *attribute, uid, gid); + LocalFree (psd); + return 0; + } + + ACCESS_ALLOWED_ACE *ace; + int allow = 0; + int deny = 0; + int *flags, *anti; + + for (DWORD i = 0; i < acl->AceCount; ++i) + { + if (!GetAce (acl, i, (PVOID *) &ace)) + continue; + if (ace->Header.AceFlags & INHERIT_ONLY) + continue; + switch (ace->Header.AceType) + { + case ACCESS_ALLOWED_ACE_TYPE: + flags = &allow; + anti = &deny; + break; + case ACCESS_DENIED_ACE_TYPE: + flags = &deny; + anti = &allow; + break; + default: + continue; + } + + cygsid ace_sid ((PSID) &ace->SidStart); + if (owner_sid && ace_sid == owner_sid) + { + if (ace->Mask & FILE_READ_DATA) + *flags |= S_IRUSR; + if (ace->Mask & FILE_WRITE_DATA) + *flags |= S_IWUSR; + if (ace->Mask & FILE_EXECUTE) + *flags |= S_IXUSR; + } + else if (group_sid && ace_sid == group_sid) + { + if (ace->Mask & FILE_READ_DATA) + *flags |= S_IRGRP + | ((grp_member && !(*anti & S_IRUSR)) ? S_IRUSR : 0); + if (ace->Mask & FILE_WRITE_DATA) + *flags |= S_IWGRP + | ((grp_member && !(*anti & S_IWUSR)) ? S_IWUSR : 0); + if (ace->Mask & FILE_EXECUTE) + *flags |= S_IXGRP + | ((grp_member && !(*anti & S_IXUSR)) ? S_IXUSR : 0); + } + else if (ace_sid == well_known_world_sid) + { + if (ace->Mask & FILE_READ_DATA) + *flags |= S_IROTH + | ((!(*anti & S_IRGRP)) ? S_IRGRP : 0) + | ((!(*anti & S_IRUSR)) ? S_IRUSR : 0); + if (ace->Mask & FILE_WRITE_DATA) + *flags |= S_IWOTH + | ((!(*anti & S_IWGRP)) ? S_IWGRP : 0) + | ((!(*anti & S_IWUSR)) ? S_IWUSR : 0); + if (ace->Mask & FILE_EXECUTE) + { + *flags |= S_IXOTH + | ((!(*anti & S_IXGRP)) ? S_IXGRP : 0) + | ((!(*anti & S_IXUSR)) ? S_IXUSR : 0); + } + if ((*attribute & S_IFDIR) && + (ace->Mask & (FILE_WRITE_DATA | FILE_EXECUTE | FILE_DELETE_CHILD)) + == (FILE_WRITE_DATA | FILE_EXECUTE)) + *flags |= S_ISVTX; + } + else if (ace_sid == well_known_null_sid) + { + /* Read SUID, SGID and VTX bits from NULL ACE. */ + if (ace->Mask & FILE_READ_DATA) + *flags |= S_ISVTX; + if (ace->Mask & FILE_WRITE_DATA) + *flags |= S_ISGID; + if (ace->Mask & FILE_APPEND_DATA) + *flags |= S_ISUID; + } + } + *attribute &= ~(S_IRWXU | S_IRWXG | S_IRWXO | S_ISVTX | S_ISGID | S_ISUID); + *attribute |= allow; + *attribute &= ~deny; + + LocalFree (psd); + + syscall_printf ("%x, uid %d, gid %d", *attribute, uid, gid); + return 0; +} + +int +get_object_attribute (HANDLE handle, SE_OBJECT_TYPE object_type, + int *attribute, __uid32_t *uidret, __gid32_t *gidret) +{ + if (allow_ntsec) + { + int res = get_nt_object_attribute (handle, object_type, attribute, uidret, gidret); + if (attribute && (*attribute & S_IFLNK) == S_IFLNK) + *attribute |= S_IRWXU | S_IRWXG | S_IRWXO; + return res; + } + + if (uidret) + *uidret = getuid32 (); + if (gidret) + *gidret = getgid32 (); + + if (!attribute) + return 0; + + /* symlinks are everything for everyone!*/ + if ((*attribute & S_IFLNK) == S_IFLNK) + *attribute |= S_IRWXU | S_IRWXG | S_IRWXO; + + return 0; +} + BOOL add_access_allowed_ace (PACL acl, int offset, DWORD attributes, PSID sid, size_t &len_add, DWORD inherit) @@ -1495,7 +1667,8 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute, group_deny &= ~(STANDARD_RIGHTS_READ | FILE_READ_ATTRIBUTES | FILE_READ_EA); /* Construct appropriate inherit attribute. */ - DWORD inherit = (attribute & S_IFDIR) ? INHERIT_ALL : DONT_INHERIT; + DWORD inherit = (attribute & S_IFDIR) ? SUB_CONTAINERS_AND_OBJECTS_INHERIT + : NO_INHERITANCE; /* Set deny ACE for owner. */ if (owner_deny @@ -1523,7 +1696,7 @@ alloc_sd (__uid32_t uid, __gid32_t gid, int attribute, /* Set null ACE for special bits. */ if (null_allow && !add_access_allowed_ace (acl, ace_off++, null_allow, - well_known_null_sid, acl_len, DONT_INHERIT)) + well_known_null_sid, acl_len, NO_INHERITANCE)) return NULL; /* Get owner and group from current security descriptor. */ diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h index 88aa5fdac..1edcc57fd 100644 --- a/winsup/cygwin/security.h +++ b/winsup/cygwin/security.h @@ -8,9 +8,7 @@ This software is a copyrighted work licensed under the terms of the Cygwin license. Please consult the file "CYGWIN_LICENSE" for details. */ -#define DONT_INHERIT (0) -#define INHERIT_ALL (CONTAINER_INHERIT_ACE|OBJECT_INHERIT_ACE) -#define INHERIT_ONLY (INHERIT_ONLY_ACE|CONTAINER_INHERIT_ACE|OBJECT_INHERIT_ACE) +#include <accctrl.h> #define DEFAULT_UID DOMAIN_USER_RID_ADMIN #define DEFAULT_GID DOMAIN_ALIAS_RID_ADMINS @@ -169,6 +167,8 @@ int __stdcall get_file_attribute (int, const char *, int *, __uid32_t * = NULL, __gid32_t * = NULL); int __stdcall set_file_attribute (int, const char *, int); int __stdcall set_file_attribute (int, const char *, __uid32_t, __gid32_t, int); +int __stdcall get_object_attribute (HANDLE handle, SE_OBJECT_TYPE object_type, int *, + __uid32_t * = NULL, __gid32_t * = NULL); LONG __stdcall read_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, LPDWORD sd_size); LONG __stdcall write_sd(const char *file, PSECURITY_DESCRIPTOR sd_buf, DWORD sd_size); BOOL __stdcall add_access_allowed_ace (PACL acl, int offset, DWORD attributes, PSID sid, size_t &len_add, DWORD inherit); diff --git a/winsup/cygwin/shared.cc b/winsup/cygwin/shared.cc index 2a536824d..99218e91c 100644 --- a/winsup/cygwin/shared.cc +++ b/winsup/cygwin/shared.cc @@ -31,12 +31,6 @@ shared_info NO_COPY *cygwin_shared = NULL; mount_info NO_COPY *mount_table = NULL; HANDLE cygwin_mount_h; -/* General purpose security attribute objects for global use. */ -SECURITY_ATTRIBUTES NO_COPY sec_none; -SECURITY_ATTRIBUTES NO_COPY sec_none_nih; -SECURITY_ATTRIBUTES NO_COPY sec_all; -SECURITY_ATTRIBUTES NO_COPY sec_all_nih; - char * __stdcall shared_name (const char *str, int num) { @@ -212,93 +206,3 @@ shared_info::heap_chunk_size () return heap_chunk_in_mb << 20; } - -/* - * Function to return a common SECURITY_DESCRIPTOR * that - * allows all access. - */ - -static NO_COPY SECURITY_DESCRIPTOR *null_sdp = 0; - -SECURITY_DESCRIPTOR *__stdcall -get_null_sd () -{ - static NO_COPY SECURITY_DESCRIPTOR sd; - - if (null_sdp == 0) - { - InitializeSecurityDescriptor (&sd, SECURITY_DESCRIPTOR_REVISION); - SetSecurityDescriptorDacl (&sd, TRUE, 0, FALSE); - null_sdp = &sd; - } - return null_sdp; -} - -BOOL -sec_acl (PACL acl, BOOL admins, PSID sid1, PSID sid2) -{ - size_t acl_len = MAX_DACL_LEN(5); - - if (!InitializeAcl (acl, acl_len, ACL_REVISION)) - { - debug_printf ("InitializeAcl %E"); - return FALSE; - } - if (sid2) - if (!AddAccessAllowedAce (acl, ACL_REVISION, - GENERIC_ALL, sid2)) - debug_printf ("AddAccessAllowedAce(sid2) %E"); - if (sid1) - if (!AddAccessAllowedAce (acl, ACL_REVISION, - GENERIC_ALL, sid1)) - debug_printf ("AddAccessAllowedAce(sid1) %E", sid1); - if (admins) - if (!AddAccessAllowedAce (acl, ACL_REVISION, - GENERIC_ALL, well_known_admins_sid)) - debug_printf ("AddAccessAllowedAce(admin) %E"); - if (!AddAccessAllowedAce (acl, ACL_REVISION, - GENERIC_ALL, well_known_system_sid)) - debug_printf ("AddAccessAllowedAce(system) %E"); -#if 0 /* Does not seem to help */ - if (!AddAccessAllowedAce (acl, ACL_REVISION, - GENERIC_ALL, well_known_creator_owner_sid)) - debug_printf ("AddAccessAllowedAce(creator_owner) %E"); -#endif - return TRUE; -} - -PSECURITY_ATTRIBUTES __stdcall -__sec_user (PVOID sa_buf, PSID sid2, BOOL inherit) -{ - PSECURITY_ATTRIBUTES psa = (PSECURITY_ATTRIBUTES) sa_buf; - PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR) - ((char *) sa_buf + sizeof (*psa)); - PACL acl = (PACL) ((char *) sa_buf + sizeof (*psa) + sizeof (*psd)); - - cygsid sid; - - if (!(sid = cygheap->user.orig_sid ()) || - (!sec_acl (acl, TRUE, sid, sid2))) - return inherit ? &sec_none : &sec_none_nih; - - if (!InitializeSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION)) - debug_printf ("InitializeSecurityDescriptor %E"); - -/* - * Setting the owner lets the created security attribute not work - * on NT4 SP3 Server. Don't know why, but the function still does - * what it should do also if the owner isn't set. -*/ -#if 0 - if (!SetSecurityDescriptorOwner (psd, sid, FALSE)) - debug_printf ("SetSecurityDescriptorOwner %E"); -#endif - - if (!SetSecurityDescriptorDacl (psd, TRUE, acl, FALSE)) - debug_printf ("SetSecurityDescriptorDacl %E"); - - psa->nLength = sizeof (SECURITY_ATTRIBUTES); - psa->lpSecurityDescriptor = psd; - psa->bInheritHandle = inherit; - return psa; -} diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc index 006a9b758..a66b69e8d 100644 --- a/winsup/cygwin/syscalls.cc +++ b/winsup/cygwin/syscalls.cc @@ -617,7 +617,7 @@ _link (const char *a, const char *b) sigframe thisframe (mainthread); path_conv real_b (b, PC_SYM_NOFOLLOW | PC_FULL); path_conv real_a (a, PC_SYM_NOFOLLOW | PC_FULL); - + if (real_a.error) { set_errno (real_a.error); @@ -1955,11 +1955,16 @@ mkfifo (const char *_path, mode_t mode) extern "C" int seteuid32 (__uid32_t uid) { - if (!wincap.has_security ()) return 0; - if (uid == ILLEGAL_UID) + debug_printf ("uid: %d myself->gid: %d", uid, myself->gid); + + if (!wincap.has_security () + || (!cygheap->user.issetuid () + && uid == myself->uid + && myself->gid == cygheap->user.orig_gid) + || uid == ILLEGAL_UID) { - debug_printf ("new euid == illegal euid, nothing happens"); + debug_printf ("Nothing happens"); return 0; } @@ -1971,8 +1976,6 @@ seteuid32 (__uid32_t uid) struct passwd * pw_new; PSID origpsid, psid2 = NO_SID; - debug_printf ("uid: %d myself->gid: %d", uid, myself->gid); - pw_new = getpwuid32 (uid); if (!usersid.getfrompw (pw_new) || (!pgrpsid.getfromgr (getgrgid32 (myself->gid)))) @@ -2054,7 +2057,8 @@ seteuid32 (__uid32_t uid) /* create_token failed. Try subauthentication. */ debug_printf ("create token failed, try subauthentication."); cygheap->user.token = subauth (pw_new); - if (cygheap->user.token == INVALID_HANDLE_VALUE) goto failed; + if (cygheap->user.token == INVALID_HANDLE_VALUE) + goto failed; } } @@ -2134,6 +2138,7 @@ extern "C" int setegid32 (__gid32_t gid) { if ((!wincap.has_security ()) || + (gid == myself->gid) || (gid == ILLEGAL_GID)) return 0; diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc index d8fb3829b..ec0420cc1 100644 --- a/winsup/cygwin/uinfo.cc +++ b/winsup/cygwin/uinfo.cc @@ -257,7 +257,6 @@ cygheap_user::ontherange (homebodies what, struct passwd *pw) sys_mbstowcs (wuser, winname (), sizeof (wuser) / sizeof (*wuser)); if (!(ret = NetUserGetInfo (wlogsrv, wuser, 3,(LPBYTE *)&ui))) { - char *p; sys_wcstombs (homepath_env_buf, ui->usri3_home_dir, MAX_PATH); if (!homepath_env_buf[0]) { @@ -265,10 +264,8 @@ cygheap_user::ontherange (homebodies what, struct passwd *pw) MAX_PATH); if (homepath_env_buf[0]) strcat (homepath_env_buf, "\\"); - else if (!GetSystemDirectory (homepath_env_buf, MAX_PATH)) - strcpy (homepath_env_buf, "c:\\"); - else if ((p = strchr (homepath_env_buf, '\\'))) - p[1] = '\0'; + else + cygwin_conv_to_full_win32_path ("/", homepath_env_buf); } } } |