diff options
Diffstat (limited to 'winsup/cygwin/uinfo.cc')
| -rw-r--r-- | winsup/cygwin/uinfo.cc | 612 |
1 files changed, 0 insertions, 612 deletions
diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc deleted file mode 100644 index a83d1080d..000000000 --- a/winsup/cygwin/uinfo.cc +++ /dev/null @@ -1,612 +0,0 @@ -/* uinfo.cc: user info (uid, gid, etc...) - - Copyright 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, - 2006, 2007, 2008, 2009, 2010, 2011, 2012 Red Hat, Inc. - -This file is part of Cygwin. - -This software is a copyrighted work licensed under the terms of the -Cygwin license. Please consult the file "CYGWIN_LICENSE" for -details. */ - -#include "winsup.h" -#include <unistd.h> -#include <wininet.h> -#include <stdlib.h> -#include <wchar.h> -#include <lm.h> -#include <iptypes.h> -#include <sys/cygwin.h> -#include "cygerrno.h" -#include "pinfo.h" -#include "path.h" -#include "fhandler.h" -#include "dtable.h" -#include "cygheap.h" -#include "shared_info.h" -#include "registry.h" -#include "child_info.h" -#include "environ.h" -#include "pwdgrp.h" -#include "tls_pbuf.h" -#include "ntdll.h" - -/* Initialize the part of cygheap_user that does not depend on files. - The information is used in shared.cc for the user shared. - Final initialization occurs in uinfo_init */ -void -cygheap_user::init () -{ - WCHAR user_name[UNLEN + 1]; - DWORD user_name_len = UNLEN + 1; - - /* This code is only run if a Cygwin process gets started by a native - Win32 process. We try to get the username from the environment, - first USERNAME (Win32), then USER (POSIX). If that fails (which is - very unlikely), it only has an impact if we don't have an entry in - /etc/passwd for this user either. In that case the username sticks - to "unknown". Since this is called early in initialization, and - since we don't want pull in a dependency to any other DLL except - ntdll and kernel32 at this early stage, don't call GetUserName, - GetUserNameEx, NetWkstaUserGetInfo, etc. */ - if (GetEnvironmentVariableW (L"USERNAME", user_name, user_name_len) - || GetEnvironmentVariableW (L"USER", user_name, user_name_len)) - { - char mb_user_name[user_name_len = sys_wcstombs (NULL, 0, user_name)]; - sys_wcstombs (mb_user_name, user_name_len, user_name); - set_name (mb_user_name); - } - else - set_name ("unknown"); - - NTSTATUS status; - ULONG size; - PSECURITY_DESCRIPTOR psd; - - status = NtQueryInformationToken (hProcToken, TokenPrimaryGroup, - &groups.pgsid, sizeof (cygsid), &size); - if (!NT_SUCCESS (status)) - system_printf ("NtQueryInformationToken (TokenPrimaryGroup), %p", status); - - /* Get the SID from current process and store it in effec_cygsid */ - status = NtQueryInformationToken (hProcToken, TokenUser, &effec_cygsid, - sizeof (cygsid), &size); - if (!NT_SUCCESS (status)) - { - system_printf ("NtQueryInformationToken (TokenUser), %p", status); - return; - } - - /* Set token owner to the same value as token user */ - status = NtSetInformationToken (hProcToken, TokenOwner, &effec_cygsid, - sizeof (cygsid)); - if (!NT_SUCCESS (status)) - debug_printf ("NtSetInformationToken(TokenOwner), %p", status); - - /* Standard way to build a security descriptor with the usual DACL */ - PSECURITY_ATTRIBUTES sa_buf = (PSECURITY_ATTRIBUTES) alloca (1024); - psd = (PSECURITY_DESCRIPTOR) - (sec_user_nih (sa_buf, sid()))->lpSecurityDescriptor; - - BOOLEAN acl_exists, dummy; - TOKEN_DEFAULT_DACL dacl; - - status = RtlGetDaclSecurityDescriptor (psd, &acl_exists, &dacl.DefaultDacl, - &dummy); - if (NT_SUCCESS (status) && acl_exists && dacl.DefaultDacl) - { - - /* Set the default DACL and the process DACL */ - status = NtSetInformationToken (hProcToken, TokenDefaultDacl, &dacl, - sizeof (dacl)); - if (!NT_SUCCESS (status)) - system_printf ("NtSetInformationToken (TokenDefaultDacl), %p", status); - if ((status = NtSetSecurityObject (NtCurrentProcess (), - DACL_SECURITY_INFORMATION, psd))) - system_printf ("NtSetSecurityObject, %lx", status); - } - else - system_printf("Cannot get dacl, %E"); -} - -void -internal_getlogin (cygheap_user &user) -{ - struct passwd *pw = NULL; - - cygpsid psid = user.sid (); - pw = internal_getpwsid (psid); - - if (!pw && !(pw = internal_getpwnam (user.name ())) - && !(pw = internal_getpwuid (DEFAULT_UID))) - debug_printf ("user not found in augmented /etc/passwd"); - else - { - cygsid gsid; - - myself->uid = pw->pw_uid; - myself->gid = pw->pw_gid; - user.set_name (pw->pw_name); - if (gsid.getfromgr (internal_getgrgid (pw->pw_gid))) - { - if (gsid != user.groups.pgsid) - { - /* Set primary group to the group in /etc/passwd. */ - NTSTATUS status = NtSetInformationToken (hProcToken, - TokenPrimaryGroup, - &gsid, sizeof gsid); - if (!NT_SUCCESS (status)) - debug_printf ("NtSetInformationToken (TokenPrimaryGroup), %p", - status); - else - user.groups.pgsid = gsid; - clear_procimptoken (); - } - } - else - debug_printf ("gsid not found in augmented /etc/group"); - } - cygheap->user.ontherange (CH_HOME, pw); -} - -void -uinfo_init () -{ - if (child_proc_info && !cygheap->user.has_impersonation_tokens ()) - return; - - if (!child_proc_info) - internal_getlogin (cygheap->user); /* Set the cygheap->user. */ - /* Conditions must match those in spawn to allow starting child - processes with ruid != euid and rgid != egid. */ - else if (cygheap->user.issetuid () - && cygheap->user.saved_uid == cygheap->user.real_uid - && cygheap->user.saved_gid == cygheap->user.real_gid - && !cygheap->user.groups.issetgroups () - && !cygheap->user.setuid_to_restricted) - { - cygheap->user.reimpersonate (); - return; - } - else - cygheap->user.close_impersonation_tokens (); - - cygheap->user.saved_uid = cygheap->user.real_uid = myself->uid; - cygheap->user.saved_gid = cygheap->user.real_gid = myself->gid; - cygheap->user.external_token = NO_IMPERSONATION; - cygheap->user.internal_token = NO_IMPERSONATION; - cygheap->user.curr_primary_token = NO_IMPERSONATION; - cygheap->user.curr_imp_token = NO_IMPERSONATION; - cygheap->user.ext_token_is_restricted = false; - cygheap->user.curr_token_is_restricted = false; - cygheap->user.setuid_to_restricted = false; - cygheap->user.set_saved_sid (); /* Update the original sid */ - cygheap->user.deimpersonate (); -} - -extern "C" int -getlogin_r (char *name, size_t namesize) -{ - const char *login = cygheap->user.name (); - size_t len = strlen (login) + 1; - if (len > namesize) - return ERANGE; - myfault efault; - if (efault.faulted ()) - return EFAULT; - strncpy (name, login, len); - return 0; -} - -extern "C" char * -getlogin (void) -{ - static char username[UNLEN]; - int ret = getlogin_r (username, UNLEN); - if (ret) - { - set_errno (ret); - return NULL; - } - return username; -} - -extern "C" __uid32_t -getuid32 (void) -{ - return cygheap->user.real_uid; -} - -extern "C" __uid16_t -getuid (void) -{ - return cygheap->user.real_uid; -} - -extern "C" __gid32_t -getgid32 (void) -{ - return cygheap->user.real_gid; -} - -extern "C" __gid16_t -getgid (void) -{ - return cygheap->user.real_gid; -} - -extern "C" __uid32_t -geteuid32 (void) -{ - return myself->uid; -} - -extern "C" __uid16_t -geteuid (void) -{ - return myself->uid; -} - -extern "C" __gid32_t -getegid32 (void) -{ - return myself->gid; -} - -extern "C" __gid16_t -getegid (void) -{ - return myself->gid; -} - -/* Not quite right - cuserid can change, getlogin can't */ -extern "C" char * -cuserid (char *src) -{ - if (!src) - return getlogin (); - - strcpy (src, getlogin ()); - return src; -} - -const char * -cygheap_user::ontherange (homebodies what, struct passwd *pw) -{ - LPUSER_INFO_3 ui = NULL; - WCHAR wuser[UNLEN + 1]; - NET_API_STATUS ret; - char homedrive_env_buf[3]; - char *newhomedrive = NULL; - char *newhomepath = NULL; - tmp_pathbuf tp; - - debug_printf ("what %d, pw %p", what, pw); - if (what == CH_HOME) - { - char *p; - - if ((p = getenv ("HOME"))) - debug_printf ("HOME is already in the environment %s", p); - else - { - if (pw && pw->pw_dir && *pw->pw_dir) - { - debug_printf ("Set HOME (from /etc/passwd) to %s", pw->pw_dir); - setenv ("HOME", pw->pw_dir, 1); - } - else - { - char home[strlen (name ()) + 8]; - - debug_printf ("Set HOME to default /home/USER"); - __small_sprintf (home, "/home/%s", name ()); - setenv ("HOME", home, 1); - } - } - } - - if (what != CH_HOME && homepath == NULL && newhomepath == NULL) - { - char *homepath_env_buf = tp.c_get (); - if (!pw) - pw = internal_getpwnam (name ()); - if (pw && pw->pw_dir && *pw->pw_dir) - cygwin_conv_path (CCP_POSIX_TO_WIN_A, pw->pw_dir, homepath_env_buf, - NT_MAX_PATH); - else - { - homepath_env_buf[0] = homepath_env_buf[1] = '\0'; - if (logsrv ()) - { - WCHAR wlogsrv[INTERNET_MAX_HOST_NAME_LENGTH + 3]; - sys_mbstowcs (wlogsrv, sizeof (wlogsrv) / sizeof (*wlogsrv), - logsrv ()); - sys_mbstowcs (wuser, sizeof (wuser) / sizeof (*wuser), winname ()); - if (!(ret = NetUserGetInfo (wlogsrv, wuser, 3, (LPBYTE *) &ui))) - { - sys_wcstombs (homepath_env_buf, NT_MAX_PATH, - ui->usri3_home_dir); - if (!homepath_env_buf[0]) - { - sys_wcstombs (homepath_env_buf, NT_MAX_PATH, - ui->usri3_home_dir_drive); - if (homepath_env_buf[0]) - strcat (homepath_env_buf, "\\"); - else - cygwin_conv_path (CCP_POSIX_TO_WIN_A | CCP_ABSOLUTE, - "/", homepath_env_buf, NT_MAX_PATH); - } - } - } - if (ui) - NetApiBufferFree (ui); - } - - if (homepath_env_buf[1] != ':') - { - newhomedrive = almost_null; - newhomepath = homepath_env_buf; - } - else - { - homedrive_env_buf[0] = homepath_env_buf[0]; - homedrive_env_buf[1] = homepath_env_buf[1]; - homedrive_env_buf[2] = '\0'; - newhomedrive = homedrive_env_buf; - newhomepath = homepath_env_buf + 2; - } - } - - if (newhomedrive && newhomedrive != homedrive) - cfree_and_set (homedrive, (newhomedrive == almost_null) - ? almost_null : cstrdup (newhomedrive)); - - if (newhomepath && newhomepath != homepath) - cfree_and_set (homepath, cstrdup (newhomepath)); - - switch (what) - { - case CH_HOMEDRIVE: - return homedrive; - case CH_HOMEPATH: - return homepath; - default: - return homepath; - } -} - -const char * -cygheap_user::test_uid (char *&what, const char *name, size_t namelen) -{ - if (!what && !issetuid ()) - what = getwinenveq (name, namelen, HEAP_STR); - return what; -} - -const char * -cygheap_user::env_logsrv (const char *name, size_t namelen) -{ - if (test_uid (plogsrv, name, namelen)) - return plogsrv; - - const char *mydomain = domain (); - const char *myname = winname (); - if (!mydomain || ascii_strcasematch (myname, "SYSTEM")) - return almost_null; - - WCHAR wdomain[MAX_DOMAIN_NAME_LEN + 1]; - WCHAR wlogsrv[INTERNET_MAX_HOST_NAME_LENGTH + 3]; - sys_mbstowcs (wdomain, MAX_DOMAIN_NAME_LEN + 1, mydomain); - cfree_and_set (plogsrv, almost_null); - if (get_logon_server (wdomain, wlogsrv, false)) - sys_wcstombs_alloc (&plogsrv, HEAP_STR, wlogsrv); - return plogsrv; -} - -const char * -cygheap_user::env_domain (const char *name, size_t namelen) -{ - if (pwinname && test_uid (pdomain, name, namelen)) - return pdomain; - - DWORD ulen = UNLEN + 1; - WCHAR username[ulen]; - DWORD dlen = MAX_DOMAIN_NAME_LEN + 1; - WCHAR userdomain[dlen]; - SID_NAME_USE use; - - cfree_and_set (pwinname, almost_null); - cfree_and_set (pdomain, almost_null); - if (!LookupAccountSidW (NULL, sid (), username, &ulen, - userdomain, &dlen, &use)) - __seterrno (); - else - { - sys_wcstombs_alloc (&pwinname, HEAP_STR, username); - sys_wcstombs_alloc (&pdomain, HEAP_STR, userdomain); - } - return pdomain; -} - -const char * -cygheap_user::env_userprofile (const char *name, size_t namelen) -{ - if (test_uid (puserprof, name, namelen)) - return puserprof; - - /* User hive path is never longer than MAX_PATH. */ - WCHAR userprofile_env_buf[MAX_PATH]; - WCHAR win_id[UNLEN + 1]; /* Large enough for SID */ - - cfree_and_set (puserprof, almost_null); - if (get_registry_hive_path (get_windows_id (win_id), userprofile_env_buf)) - sys_wcstombs_alloc (&puserprof, HEAP_STR, userprofile_env_buf); - - return puserprof; -} - -const char * -cygheap_user::env_homepath (const char *name, size_t namelen) -{ - return ontherange (CH_HOMEPATH); -} - -const char * -cygheap_user::env_homedrive (const char *name, size_t namelen) -{ - return ontherange (CH_HOMEDRIVE); -} - -const char * -cygheap_user::env_name (const char *name, size_t namelen) -{ - if (!test_uid (pwinname, name, namelen)) - domain (); - return pwinname; -} - -const char * -cygheap_user::env_systemroot (const char *name, size_t namelen) -{ - if (!psystemroot) - { - int size = GetSystemWindowsDirectoryW (NULL, 0); - if (size > 0) - { - WCHAR wsystemroot[size]; - size = GetSystemWindowsDirectoryW (wsystemroot, size); - if (size > 0) - sys_wcstombs_alloc (&psystemroot, HEAP_STR, wsystemroot); - } - if (size <= 0) - debug_printf ("GetSystemWindowsDirectoryW(), %E"); - } - return psystemroot; -} - -char * -pwdgrp::next_str (char c) -{ - char *res = lptr; - lptr = strchrnul (lptr, c); - if (*lptr) - *lptr++ = '\0'; - return res; -} - -bool -pwdgrp::next_num (unsigned long& n) -{ - char *p = next_str (':'); - char *cp; - n = strtoul (p, &cp, 10); - return p != cp && !*cp; -} - -char * -pwdgrp::add_line (char *eptr) -{ - if (eptr) - { - lptr = eptr; - eptr = strchr (lptr, '\n'); - if (eptr) - { - if (eptr > lptr && eptr[-1] == '\r') - eptr[-1] = '\0'; - else - *eptr = '\0'; - eptr++; - } - if (curr_lines >= max_lines) - { - max_lines += 10; - *pwdgrp_buf = realloc (*pwdgrp_buf, max_lines * pwdgrp_buf_elem_size); - } - if ((this->*parse) ()) - curr_lines++; - } - return eptr; -} - -void -pwdgrp::load (const wchar_t *rel_path) -{ - static const char failed[] = "failed"; - static const char succeeded[] = "succeeded"; - const char *res = failed; - HANDLE fh = NULL; - - NTSTATUS status; - OBJECT_ATTRIBUTES attr; - IO_STATUS_BLOCK io; - FILE_STANDARD_INFORMATION fsi; - - if (buf) - free (buf); - buf = NULL; - curr_lines = 0; - - if (!path && - !(path = (PWCHAR) malloc ((wcslen (cygheap->installation_root) - + wcslen (rel_path) + 1) * sizeof (WCHAR)))) - { - paranoid_printf ("malloc (%W) failed", rel_path); - goto out; - } - wcpcpy (wcpcpy (path, cygheap->installation_root), rel_path); - RtlInitUnicodeString (&upath, path); - - InitializeObjectAttributes (&attr, &upath, OBJ_CASE_INSENSITIVE, NULL, NULL); - etc_ix = etc::init (etc_ix, &attr); - - paranoid_printf ("%S", &upath); - - status = NtOpenFile (&fh, SYNCHRONIZE | FILE_READ_DATA, &attr, &io, - FILE_SHARE_VALID_FLAGS, - FILE_SYNCHRONOUS_IO_NONALERT - | FILE_OPEN_FOR_BACKUP_INTENT); - if (!NT_SUCCESS (status)) - { - paranoid_printf ("NtOpenFile(%S) failed, status %p", &upath, status); - goto out; - } - status = NtQueryInformationFile (fh, &io, &fsi, sizeof fsi, - FileStandardInformation); - if (!NT_SUCCESS (status)) - { - paranoid_printf ("NtQueryInformationFile(%S) failed, status %p", - &upath, status); - goto out; - } - /* FIXME: Should we test for HighPart set? If so, the - passwd or group file is way beyond what we can handle. */ - /* FIXME 2: It's still ugly that we keep the file in memory. - Big organizations have naturally large passwd files. */ - buf = (char *) malloc (fsi.EndOfFile.LowPart + 1); - if (!buf) - { - paranoid_printf ("malloc (%d) failed", fsi.EndOfFile.LowPart); - goto out; - } - status = NtReadFile (fh, NULL, NULL, NULL, &io, buf, fsi.EndOfFile.LowPart, - NULL, NULL); - if (!NT_SUCCESS (status)) - { - paranoid_printf ("NtReadFile(%S) failed, status %p", &upath, status); - free (buf); - goto out; - } - buf[fsi.EndOfFile.LowPart] = '\0'; - for (char *eptr = buf; (eptr = add_line (eptr)); ) - continue; - debug_printf ("%W curr_lines %d", rel_path, curr_lines); - res = succeeded; - -out: - if (fh) - NtClose (fh); - debug_printf ("%W load %s", rel_path, res); - initialized = true; -} |