* autoload.cc (NtCreateFile): Add.

	* dir.cc (mkdir): Change set_file_attribute call to indicate that
	NT security isn't used.
	* fhandler.cc (fhandler_base::open_9x): New method, created from
	fhandler_base::open.
	(fhandler_base::open): Rearrange to use NtCreateFile instead of
	CreateFile.
	* fhandler.h (enum query_state): Redefine query_null_access to
	query_stat_control.  query_null_access isn't allowed in NtCreateFile.
	(fhandler_base::open_9x): Declare.
	* fhandler_disk_file.cc (fhandler_base::fstat_fs): Use
	query_stat_control first, query_read_control if that fails.
	(fhandler_disk_file::fchmod): Call enable_restore_privilege before
	trying to open for query_write_control.  Don't fall back to
	opening for query_read_control.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::facl):  Only request restore privilege and query
	access necessary for given cmd.
	* fhandler_raw.cc (fhandler_dev_raw::open): Call fhandler_base::open
	instead of opening device here.
	* ntdll.h (NtCreateFile): Declare.
	* path.cc (symlink_worker): Change set_file_attribute call to indicate
	that NT security isn't used.
	* sec_acl.cc (getacl): Fix bracketing.
	* sec_helper.cc (enable_restore_privilege): New function.
	* security.cc (str2buf2uni_cat): New function.
	(write_sd): Don't request restore permission here.
	* security.h (set_process_privileges): Drop stale declaration.
	(str2buf2uni): Declare.
	(str2buf2uni_cat): Declare.
	(enable_restore_privilege): Declare.
	* syscalls.cc (fchown32): Return immediate success on 9x.

1 files changed, 45 insertions, 38 deletions

diff --git a/winsup/cygwin/fhandler_disk_file.cc b/winsup/cygwin/fhandler_disk_file.cc
index 9b1d769c8..fcc4417e3 100644
--- a/winsup/cygwin/fhandler_disk_file.cc
+++ b/winsup/cygwin/fhandler_disk_file.cc
@@ -174,16 +174,16 @@ fhandler_base::fstat_fs (struct __stat64 *buf)
      then just do a "query open" as it is apparently much faster. */
   if (pc.exec_state () != dont_know_if_executable)
     {
-      query_open (query_read_control);
       if (pc.fs_is_fat () && !strpbrk (get_win32_name (), "?*|<>"))
 	return fstat_by_name (buf);
+      query_open (query_stat_control);
     }
   if (!(oret = open_fs (open_flags, 0)) && get_errno () == EACCES)
     {
       /* If we couldn't open the file, try a query open with no permissions.
 	 This allows us to determine *some* things about the file, at least. */
       pc.set_exec (0);
-      query_open (query_null_access);
+      query_open (query_read_control);
       oret = open_fs (open_flags, 0);
     }
 
@@ -378,15 +378,15 @@ fhandler_disk_file::fchmod (mode_t mode)
   if (pc.is_fs_special ())
     return chmod_device (pc, mode);
 
-  if (!get_io_handle ())
+  if (wincap.has_security ())
     {
-      query_open (query_write_control);
-      if (!(oret = open_fs (O_BINARY, 0)))
-        {
-	  query_open (query_read_control);
+      enable_restore_privilege ();
+      if (!get_io_handle ())
+	{
+	  query_open (query_write_control);
 	  if (!(oret = open_fs (O_BINARY, 0)))
 	    return -1;
-        }
+	}
     }
 
   if (!allow_ntsec && allow_ntea) /* Not necessary when manipulating SD. */
@@ -423,15 +423,13 @@ int __stdcall
 fhandler_disk_file::fchown (__uid32_t uid, __gid32_t gid)
 {
   int oret = 0;
+
+  enable_restore_privilege ();
   if (!get_io_handle ())
     {
       query_open (query_write_control);
       if (!(oret = open_fs (O_BINARY, 0)))
-        {
-	  query_open (query_read_control);
-	  if (!(oret = open_fs (O_BINARY, 0)))
-	    return -1;
-        }
+	return -1;
     }
 
   mode_t attrib = 0;
@@ -460,17 +458,6 @@ fhandler_disk_file::facl (int cmd, int nentries, __aclent32_t *aclbufp)
   int res = -1;
   int oret = 0;
 
-  if (!get_io_handle ())
-    {
-      query_open (query_write_control);
-      if (!(oret = open_fs (O_BINARY, 0)))
-        {
-	  query_open (query_read_control);
-	  if (!(oret = open_fs (O_BINARY, 0)))
-	    return -1;
-        }
-    }
-
   if (!pc.has_acls () || !allow_ntsec)
     {
       switch (cmd)
@@ -485,30 +472,50 @@ fhandler_disk_file::facl (int cmd, int nentries, __aclent32_t *aclbufp)
 	      set_errno(EFAULT);
 	    else if (nentries < MIN_ACL_ENTRIES)
 	      set_errno (ENOSPC);
-	    else if (!fstat_by_handle (&st))
+	    else
 	      {
-		aclbufp[0].a_type = USER_OBJ;
-		aclbufp[0].a_id = st.st_uid;
-		aclbufp[0].a_perm = (st.st_mode & S_IRWXU) >> 6;
-		aclbufp[1].a_type = GROUP_OBJ;
-		aclbufp[1].a_id = st.st_gid;
-		aclbufp[1].a_perm = (st.st_mode & S_IRWXG) >> 3;
-		aclbufp[2].a_type = OTHER_OBJ;
-		aclbufp[2].a_id = ILLEGAL_GID;
-		aclbufp[2].a_perm = st.st_mode & S_IRWXO;
-		aclbufp[3].a_type = CLASS_OBJ; 
-		aclbufp[3].a_id = ILLEGAL_GID;
-		aclbufp[3].a_perm = S_IRWXU | S_IRWXG | S_IRWXO;
-		res = MIN_ACL_ENTRIES;
+		if (!get_io_handle ())
+		  {
+		    query_open (query_read_control);
+		    if (!(oret = open_fs (O_BINARY, 0)))
+		      return -1;
+		  }
+	        if (!fstat_by_handle (&st))
+		  {
+		    aclbufp[0].a_type = USER_OBJ;
+		    aclbufp[0].a_id = st.st_uid;
+		    aclbufp[0].a_perm = (st.st_mode & S_IRWXU) >> 6;
+		    aclbufp[1].a_type = GROUP_OBJ;
+		    aclbufp[1].a_id = st.st_gid;
+		    aclbufp[1].a_perm = (st.st_mode & S_IRWXG) >> 3;
+		    aclbufp[2].a_type = OTHER_OBJ;
+		    aclbufp[2].a_id = ILLEGAL_GID;
+		    aclbufp[2].a_perm = st.st_mode & S_IRWXO;
+		    aclbufp[3].a_type = CLASS_OBJ; 
+		    aclbufp[3].a_id = ILLEGAL_GID;
+		    aclbufp[3].a_perm = S_IRWXU | S_IRWXG | S_IRWXO;
+		    res = MIN_ACL_ENTRIES;
+		  }
 	      }
 	    break;
 	  case GETACLCNT:
 	    res = MIN_ACL_ENTRIES;
 	    break;
+	  default:
+	    set_errno (EINVAL);
+	    break;
 	}
     }
   else
     {
+      if (cmd == SETACL)
+	enable_restore_privilege ();
+      if (!get_io_handle ())
+	{
+	  query_open (cmd == SETACL ? query_write_control : query_read_control);
+	  if (!(oret = open_fs (O_BINARY, 0)))
+	    return -1;
+	}
       switch (cmd)
 	{
 	  case SETACL: