| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
allocate dynamically.
(pinfo::set_acl): Replace sa_buf by dynamically allocated acl_buf.
* sec_acl.cc (setacl): Allocate acl dynamically.
* sec_helper.cc (sec_acl): Add test for alignment of acl when
DEBUGGING is defined.
(__sec_user): Same for sa_buf.
* security.cc (verify_token): Define sd_buf as PSECURITY_DESCRIPTOR
and allocate dynamically.
(alloc_sd): Allocate acl dynamically.
security.h (sec_user_nih): Change first parameter to
SECURITY_ATTRIBUTES *.
(sec_user): Ditto.
* sigproc.cc (wait_sig): Define sa_buf as PSECURITY_ATTRIBUTES and
allocate dynamically.
* syscalls.cc (seteuid32): Define dacl_buf as PACL and allocate
dynamically.
* uinfo.cc (cygheap_user::init): Define sa_buf as PSECURITY_ATTRIBUTES
and allocate dynamically.
* winbase.h (ilockincr): Mark first argument of inline assembly as
earlyclobber.
(ilockdecr): Ditto.
|
| |
|
|
| |
allow_traverse is set.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(get_server_groups): Declare new function.
* security.cc (is_group_member): Simplify.
(get_server_groups): New function.
(get_initgroups_sidlist): Call get_server_groups.
(verify_token): Allow token when supplementary sids are not in
/etc/group but are in the token.
Streamline the code.
* grp.cc (initgroups32): New implementation.
(getgroups32): Handle case where the supplementary groups are set.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
error code as well as errno. Use throughout where errno is set from
NT status.
(set_errno): Evaluate val only once.
* fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Fix typo in
debug output.
* fhandler_mem.cc (fhandler_dev_mem::open): Rely on
__seterrno_from_nt_status setting Win32 error code in debug output.
* fhandler_proc.cc (format_proc_uptime): Ditto.
(format_proc_stat): Ditto.
* fhandler_process.cc (format_process_stat): Ditto.
* sysconf.cc (sysconf): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cygheap.h (cygheap_user::curr_primary_token): New member.
(cygheap_user::primary_token): New method.
(cygheap_user::deimpersonate): Always revert to processes'
impersonation token.
(cygheap_user::reimpersonate): Set processes' or setuid token as
necessary.
(cygheap_user::has_impersonation_tokens): Look for curr_primary_token
value.
(cygheap_user::close_impersonation_tokens): Close curr_primary_token
here if necessary. Don't reset token values to NO_IMPERSONATION since
that's done in uinfo_init anyway.
(init_cygheap::luid): New LUID array keeping privilege LUIDs.
* cygtls.cc (_cygtls::init_thread): Call cygheap->user.reimpersonate.
* dcrt0.cc (hProcToken): New global variable to keep process token.
(hProcImpToken): Ditto for process impersonation token.
(dll_crt0_0): Open process token here once. Duplicate to create
hProcImpToken.
(dll_crt0_1): Call set_cygwin_privileges.
* environ.cc (allow_ntea): Drop duplicate declaration.
(allow_smbntsec): Ditto.
(set_traverse): Only set allow_traverse here.
(environ_init): Ditto.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Drop call to
enable_restore_privilege.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::facl): Ditto.
* fork.cc (fork_child): Move call to cygheap->user.reimpersonate after
syn with parent. Call set_cygwin_privileges.
* grp.cc (internal_getgroups): Use hProcImpToken instead of opening
process token.
* path.cc (fs_info::update): Bypass traverse checking when retrieving
volume information using push/pop_thread_privileges.
* registry.cc (load_registry_hive): Drop setting restore privilege
since it's already set if available.
* sec_helper.cc: Include cygtls.h.
(cygpriv): Privilege string array.
(privilege_luid): New function, evaluate LUID from cygpriv_idx.
(privilege_luid_by_name): New function, evaluate LUID from privilege
string.
(privilege_name): New function, evaluate privilege string from
cygpriv_idx.
(set_privilege): New static function called by set_process_privilege
and set_thread_privilege. Call privilege_luid to get privilege LUID.
Fix bug in return value evaluation. Improve debug output.
(set_cygwin_privileges): New function.
(set_process_privilege): Remove.
(enable_restore_privilege): Remove.
* security.cc (allow_traverse): New global variable.
(sys_privs): Change type to cygpriv_idx and store privilege indices
instead of strings.
(SYSTEM_PRIVILEGES_COUNT): Renamed from SYSTEM_PERMISSION_COUNT.
(get_system_priv_list): Don't use numerical constant in malloc call.
Use privilege_luid to get privilege LUIDs.
(get_priv_list): Call privilege_luid_by_name to get LUIDs. Improve
inner privilege LUID comparison loop.
(create_token): Enable create token privilege using
push/pop_self_privileges. Use hProcToken instead of opening process
token. Use default DACL when duplicating token.
(subauth): Enable tcb privilege using push/pop_self_privileges.
Use sec_none instead of homw made security attributes when duplicating
token.
(check_file_access): Don't duplicate access token, use active
impersonation token as is.
* security.h (enum cygpriv_idx): New enumeration type enumerating
possible privileges.
(privilege_luid): Declare new function.
(privilege_luid_by_name): Ditto.
(privilege_name): Ditto.
(allow_traverse): Declare.
(set_privilege): Declare function.
(set_process_privilege): Define as macro.
(enable_restore_privilege): Remove declaration.
(_push_thread_privilege): Define macro.
(push_thread_privilege): Ditto.
(pop_thread_privilege): Ditto.
(pop_self_privilege): Ditto.
* spawn.cc (spawn_guts): Use cygheap->user.primary_token instead of
cygheap->user.token.
* syscalls.cc (statvfs): Bypass traverse checking when retrieving
volume information using push/pop_thread_privileges. Rearrange code
to simplify push/pop bracketing.
(seteuid32): Use hProcToken instead of opening process token. Call
cygheap->user.deimpersonate instead of RevertToSelf. Create
impersonation token from primary internal or external token. Set
cygheap->user.curr_primary_token and cygheap->user.current_token
privileges once here. Drop "failed" and "failed_ptok" labels.
Drop setting DefaultDacl of process token.
(setegid32): Use hProcToken and hProcImpToken instead of opening
process token. Always reimpersonate afterwards.
* uinfo.cc (cygheap_user::init): Use hProcToken instead of opening
process token.
(internal_getlogin): Ditto. Set hProcImpToken, too.
(uinfo_init): Initialize cygheap->user.curr_primary_token.
* winsup.h (hProcToken): Declare.
(hProcImpToken): Declare.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(wininfo::itv): Ditto.
(wininfo::start_time): Ditto.
(wininfo::window_started): Ditto.
(wininfo::getitimer): Ditto.
(wininfo::setitimer): Ditto.
(wininfo::wininfo): Ditto.
(wininfo::lock): New method.
(wininfo::release): Ditto.
* window.cc: Use new lock/acquire wininfo methods throughout.
(wininfo::wininfo): Delete
(wininfo::getitimer): Ditto.
(wininfo::setitimer): Ditto.
(getitimer): Ditto.
(setitimer): Ditto.
(ualarm): Ditto.
(alarm): Ditto.
(wininfo::lock): Define new function.
(wininfo::release): Ditto.
(wininfo::process): Delete WM_TIMER handling.
* timer.cc (struct timetracker): Delete it, flags. Add it_interval,
interval_us, sleepto_us, running, init_muto(), syncthread, and gettime().
(ttstart): Make NO_COPY.
(lock_timer_tracker): New class.
(timer_tracker::timer_tracker): Distinguish ttstart case.
(timer_tracker::~timer_tracker): New destructor. Clean out events, and reset
magic.
(timer_tracker::init_muto): New method.
(to_us): Round up as per POSIX.
(timer_thread): Reorganize to match timer_tracker::settime and
timer_tracker::gettime. Call sig_send without wait. Call auto_release.
(timer_tracker::settime): Reorganize logic to avoid race. Call gettime to
recover old value.
(timer_tracker::gettime): New method.
(timer_create): Properly set errno on invalid timerid. Use new
lock_timer_tracker method.
(timer_delete): Ditto. Simplify code slightly.
(timer_gettime): New function.
(fixup_timers_after_fork): Reinit ttstart.
(getitimer): New implementation.
(setitimer): Ditto.
(ualarm): Ditto.
(alarm): Ditto.
* cygwin.din: Export timer_gettime.
* winsup.h: Remove has has_visible_window_station declaration.
* Makefile.in (DLL_OFILES): Add lsearch.o.
* cygthread.h (cygthread::notify_detached): New element.
(cygthread::cygthread): Take optional fourth argument signifying event to
signal on thread completion.
* cygthread.cc (cygthread::stub): Signal notify_detached event, if it exists.
(cygthread::cygthread): Initialize notify_detached from fourth argument.
(cygthread::detach): Wait for notify_detached field is present.
* lsearch.cc: New file.
* search.h: Ditto.
* include/cygwin/version.h: Bump API minor number to 126.
* cygwin.din: Export lsearch, lfind.
|
| |
|
|
|
|
| |
* winsup.h (get_ll): to here
* security.cc (get_token_group_sidlist): Use get_ll to figure out the long long
version of the luid since QuadPart is not part of the standard Windows API.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* path.cc (mount_info::from_registry): Deimpersonate while
accessing HKLM.
(mount_info::read_cygdrive_info_from_registry): Ditto.
* cygheap.h: Define NO_IMPERSONATION.
(cygheap_user::issetuid): Replace INVALID_HANDLE_VALUE by
NO_IMPERSONATION.
(cygheap_user::has_impersonation_tokens): Ditto.
(cygheap_user::close_impersonation_tokens): Ditto.
* uinfo.cc (uinfo_init): Ditto.
* syscalls.cc (seteuid32): Ditto.
* security.cc (set_impersonation_token): Ditto.
|
| |
|
|
|
|
|
| |
* external.cc (check_ntsec): Do not call wincap.has_security.
* path.cc (path_conv::check): Ditto.
* security.cc (get_object_attribute): Ditto.
(get_file_attribute): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
starting.
* child_info.h (init_child_info): Remove pid argument from declaration.
* cygheap.h (init_cygheap::pid): New element.
* dcrt0.cc (dll_crt0_0): Eliminate handling of now-noexistent cygpid parameter
in child_info struct. Set forkee to 'true' rather than cygpid since the pid
value was never used.
(dll_crt0_1): Ditto.
(_dll_crt0): Ditto.
* fork.cc (fork_child): Don't wait for sigthread. This is handled in the fork
call now.
(fork_parent): Remove obsolete pid argument from init_child_info call. Don't
do anything special with cygpid when DEBUGGING.
(fork): Delay all signals during fork.
(fork_init): Don't do anything special when DEBUGGING.
* pinfo.cc (set_myself): Remove pid parameter. Use new pid field in cygheap.
(pinfo_init): Don't pass pid argument to set_myself.
* sigproc.cc (sig_send): Wait for dwProcessId to be non-zero as well as
sendsig.
(init_child_info): Eliminate handling of pid.
(wait_sig): Implement method to temporarily hold off sending signals.
* sigproc.h (__SIGHOLD): New enum.
(__SIGNOHOLD): Ditto.
* spawn.cc (spawn_guts): Remove obsolete pid argument from init_child_info
call.
|
| | |
|
| |
|
|
| |
comma and elminate most uses of "foo = %s" to "foo %s".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fhandler.cc (fhandler_base::open_9x): Do not check for null name.
Move debug_printf to common code line.
(fhandler_base::open): Ditto. Initialize upath. Remove second argument
of pc.get_nt_native_path.
* path.h (path_conv::get_nt_native_path): Remove second argument.
* path.cc (path_conv::get_nt_native_path): Ditto. Call str2uni_cat.
* security.h (str2buf2uni_cat): Delete declaration.
(str2uni_cat): New declaration.
* security.cc (str2buf2uni): Get length from sys_mbstowcs call.
(str2buf2uni_cat): Delete function.
(str2uni_cat): New function.
* miscfuncs.cc (sys_mbstowcs): Add debug_printf.
|
| |
|
|
|
|
| |
starts with a drive.
Also perform whitespace cleanup.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dir.cc (mkdir): Change set_file_attribute call to indicate that
NT security isn't used.
* fhandler.cc (fhandler_base::open_9x): New method, created from
fhandler_base::open.
(fhandler_base::open): Rearrange to use NtCreateFile instead of
CreateFile.
* fhandler.h (enum query_state): Redefine query_null_access to
query_stat_control. query_null_access isn't allowed in NtCreateFile.
(fhandler_base::open_9x): Declare.
* fhandler_disk_file.cc (fhandler_base::fstat_fs): Use
query_stat_control first, query_read_control if that fails.
(fhandler_disk_file::fchmod): Call enable_restore_privilege before
trying to open for query_write_control. Don't fall back to
opening for query_read_control.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::facl): Only request restore privilege and query
access necessary for given cmd.
* fhandler_raw.cc (fhandler_dev_raw::open): Call fhandler_base::open
instead of opening device here.
* ntdll.h (NtCreateFile): Declare.
* path.cc (symlink_worker): Change set_file_attribute call to indicate
that NT security isn't used.
* sec_acl.cc (getacl): Fix bracketing.
* sec_helper.cc (enable_restore_privilege): New function.
* security.cc (str2buf2uni_cat): New function.
(write_sd): Don't request restore permission here.
* security.h (set_process_privileges): Drop stale declaration.
(str2buf2uni): Declare.
(str2buf2uni_cat): Declare.
(enable_restore_privilege): Declare.
* syscalls.cc (fchown32): Return immediate success on 9x.
|
| |
|
|
| |
* security.cc (write_sd): Ditto. Fix error handling.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
expression.
(fhandler_base::facl): New method.
* fhandler.h: Declare facl method in fhandler_base,
fhandler_disk_file and fhandler_virtual.
* fhandler_disk_file.cc (fhandler_disk_file::facl): New method.
* fhandler_virtual.cc (fhandler_virtual::facl): New method.
* sec_acl.cc: Remove forward declaration for aclsort32 and acl32.
(setacl): Remove static. Add and use handle parameter.
(getacl): Ditto.
(acl_worker): Reorganize to call fhandler's facl method eventually.
(facl32): Ditto.
* security.cc (get_nt_object_security): Remove static.
* security.h: Add extern declarations for get_nt_object_security,
aclsort32, acl32, getacl and setacl.
Apply missing syscalls.cc patch and ChangeLog of previous check in.
* syscalls.cc (chown_worker): Reorganize to call fhandler's fchown
method eventually.
(fchown): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
query_state.
(fhandler_base::fchown): New method.
* fhandler.h: Declare fchown method in fhandler_base,
fhandler_disk_file and fhandler_virtual.
(enum query_state): Add query_write_control.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Set query_state
to query_write_control. Only remove FILE_ATTRIBUTE_READONLY if not
setting security descriptor.
(fhandler_disk_file::fchown): New method.
* fhandler_virtual.cc (fhandler_virtual::fchown): New method.
* sec_acl.cc (setacl): Call write_sd with additional handle attribute.
* security.cc (write_sd): Take handle argument. Only request owner
if getting SE_RESTORE_NAME privilege failed. Only open file if
NtSetSecurityObject failed or handle is NULL.
(set_nt_attribute): Call write_sd with additional handle attribute.
* security.h (write_sd): Declare with additional handle argument.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Only request
READ_CONTROL rights when opening the file.
* ntdll.h (NtSetSecurityObject): Add declaration.
* security.cc (write_sd): Call NtSetSecurityObject instead of
BackupWrite.
(get_nt_object_security): Don't free security descriptor here.
* syscalls.cc (ttyname): Use buffer of length TTY_NAME_MAX + 1.
* sysconf.cc (sysconf): Handle _SC_TTY_NAME_MAX request.
* include/limits.h: Define TTY_NAME_MAX and _POSIX_TTY_NAME_MAX.
|
| |
|
|
| |
if handle is NULL.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
argument.
* fhandler.cc (fhandler_base::fchmod): New method.
* fhandler.h: Declare fchmod method in fhandler_base,
fhandler_disk_file and fhandler_virtual.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): New method.
(fhandler_base::open_fs): Call set_file_attribute with additional
handle argument.
* fhandler_virtual.cc (fhandler_virtual::fchmod): New method.
* path.cc (symlink_worker): Call set_file_attribute with additional
handle argument.
* security.cc (get_nt_object_security): New function.
(get_nt_object_attribute): Call get_nt_object_security.
(set_nt_attribute): Add handle argument. Call get_nt_object_security
first, read_sd only if that fails.
(set_file_attribute): Add handle argument.
* security.h (set_file_attribute): Declare with additional handle
argument.
* syscalls.cc (stat_suffixes): Move to beginning of file.
(chown_worker): Call set_file_attribute with additional handle argument.
(chmod): Reorganize to call fhandler's fchmod method eventually.
(fchmod): Ditto.
|
| |
|
|
|
|
|
| |
* ntdll.h (STATUS_BUFFER_TOO_SMALL): Add definition.
(NtQuerySecurityObject): Add declaration.
* security.cc (get_nt_object_attribute): Always use
NtQuerySecurityObject to retrieve security descriptor.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to query_open setting.
(fhandler_base::fhandler_base): Initialize query_open.
* fhandler.h (FH_QUERYOPEN): Drop.
(enum query_state): Add.
(class fhandler_base): Add query_open member.
(fhandler_base::get_query_open): Redefine to use query_open.
(fhandler_base::set_query_open): Ditto.
* fhandler_disk_file.cc (fhandler_base::fstat_fs): Remove O_DIROPEN
from open_flags since it's added in open_fs anyway. Remove
query_open_already. Use new query_open settings. Rearrange slightly.
(fhandler_base::fstat_helper): Add get_io_handle as parameter to
get_file_attribute.
* security.cc (get_nt_object_attribute): Make returning an int.
Return -1 on error, 0 otherwise.
(get_file_attribute): Take an object handle as argument. Move down
to allow calling get_nt_object_attribute in case a non-NULL handle
is given.
* security.h (get_file_attribute): Add handle to argument list.
* syscalls.cc (chown_worker): Accomodate new definition of
get_file_attribute.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cygtls.h (_threadinfo::lock): Remove wait argument.
(_threadinfo::interrupt_setup): Remove retaddr argument.
* exceptions.cc (_threadinfo::interrupt_setup): Ditto.
(_threadinfo::interrupt_now): Accommodate change to interrupt_setup argument.
(setup_handler): Ditto. Always lock sig stack prior to determining interrupt
method.
* gendef (_sigfe): Correct thinko regarding cmpxchg.
(_sigbe): Ditto.
(_threadinfo::lock): Ditto.
(_threadinfo::pop): Eliminate left-over stack unlock.
* sigproc.cc (proc_subproc): Chnage debugging output to printed warning.
|
| |
|
|
|
|
|
|
|
|
| |
(well_known_*_sid): Change type to cygpsid.
(cygsid::init): Delete declaration.
* sec_helper.cc (well_known_*_sid): Define using above SID macro.
(cygsid::init): Delete.
* dcrt0.cc (dll_crt0_0): Do not call cygsid::init.
* security.cc (get_user_local_groups): Change the second argument type
to cygpsid.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
throughout.
* tty.cc (tty::common_init): Remove call to SetKernelObjectSecurity and edit
some comments.
* cygheap.h (init_cygheap::ctty): Add new element.
* devices.in (device::parse): Remove special handling for /dev/tty.
* devices.cc: Regenerate.
* dtable.cc (build_fh_pc): Don't reset /dev/tty device. Let the device opener
do that.
* fhandler_termios.cc (tty_min::set_ctty): Redefine to _pinfo class.
* fhandler_tty.cc (fhandler_tty_common::set_close_on_exec): Avoid setting
noninherit flag for ctty.
* tty.h: Move BOOLs to bools.
(tty_min::set_ctty): Redeclare to _pinfo class.
* pinfo.cc (_pinfo::set_ctty): Define new function based on tty_min::set_ctty.
Change first argument from tty number to tty_min class.
* pinfo.h (_pinfo::set_ctty): Declare.
* fhandler_console.cc (fhandler_console::get_tty_stuff): Reflect move of
set_ctty to _pinfo class.
* fhandler_tty.cc (fhandler_tty_slave::open): Treat FH_TTY specially. Use
saved cygheap value if it exists. Otherwise convert to real device and save on
first time open.
(fhandler_tty_common::dup): Potentially set controlling tty if duping a slave
tty.
* syscalls.cc (setsid): Close controlling tty in cygheap.
* tty.cc: Change some BOOLs to bools.
|
| |
|
|
| |
throughout, except in assembler code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
set_security_attribute appropriately.
* external.cc (cygwin_internal): Ditto.
* fhandler.cc (fhandler_base::open): Ditto.
* fhandler_socket.cc (fhandler_socket::bind): Ditto.
* path.cc (symlink_worker): Ditto.
* sec_acl.cc (setacl): Ditto. Call read_sd appropriately.
(getace): Ditto.
* sec_helper.cc (security_descriptor::malloc): New method.
(security_descriptor::realloc): New method.
(security_descriptor::free): New method.
* security.cc (read_sd): Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
Allocate the security_descriptor buffer according to size returned by
a call to GetFileSecurity. Return buffer size on success.
(write_sd): Get security_descriptor as parameter instead of
PSECURITY_DESCRIPTOR and a size.
(get_nt_attribute): Use local security_descriptor.
(get_nt_object_attribute): Ditto in case of type == SE_REGISTRY_KEY.
Allocate security_descriptor buffer according to size returned by
a call to RegGetKeySecurity.
(alloc_sd): Make static. Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
(set_security_attribute): Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size.
(set_nt_attribute): Use local security_descriptor.
(check_file_access): Ditto.
* security.h: Add class security_descriptor.
(read_sd): Change declaration to get security_descriptor as parameter
instead of PSECURITY_DESCRIPTOR and a size.
(write_sd): Ditto.
(set_security_attribute): Ditto.
(alloc_sd): Remove declaration.
* thread.cc (semaphore::semaphore): Use local security_descriptor. Call
set_security_attribute appropriately.
|
| |
|
|
|
|
|
| |
* security.cc (get_attribute_from_acl): Ditto.
* security.h (FILE_READ_BITS): Define to match also GENERIC bits.
(FILE_WRITE_BITS): Ditto.
(FILE_EXEC_BITS): Ditto.
|
| |
|
|
|
|
| |
* syscalls.cc (seteuid32): Always construct a default DACL including
the new sid, Admins and SYSTEM and copy it to the new thread token.
* security.cc (create_token): Use a NULL default DACL in NtCreateToken.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* devices.gperf: New file.
* devices.shilka: New file.
* cygwin-gperf: New file.
* cygwin-shilka: New file.
* fhandler_fifo.cc: New file.
* fhandler_nodevice.cc : New file. Reorganize headers so that path.h precedes
fhandler.h throughout. Remove device argument and unit arguments from fhandler
constructors throughout. Remove pc arguments to fhandler functions and use
internal pc element instead, throughout. Use dev element in pc throughout.
Use major/minor elements rather than units and device numbers previously in
fhandler class. Use correct methods for fhandler file names rather than
directly accessing file name variables, throughout.
* Makefile.in (DLL_OFILES): Add devices.o, fhandler_fifo.o
* dcrt0.cc (dll_crt0_1): Call device::init.
* devices.h: Renumber devices based on more Linux-like major/minor numbers.
Add more devices. Declare standard device storage.
(device): Declare struct.
* dir.cc (opendir): Use new 'build_fh_name' to construct a fhandler_* type.
* dtable.cc (dtable::get_debugger_info): Ditto.
(cygwin_attach_handle_to_fd): Ditto.
(dtable::release): Remove special FH_SOCKET case in favor of generic
"need_fixup_before" test.
(dtable::init_std_file_from_handle): Use either build_fh_dev or build_fh_name
to build standard fhandler.
(dtable::build_fh_name): Renamed from dtable::build_fhandler_from_name. Move
out of dtable class. Don't accept a path_conv argument. Just build it here
and pass it to:
(build_fh_pc): Renamed from dtable::build_fhandler. Move out of dtable class.
Use intrinsic device type in path_conv to create new fhandler.
(build_fh_dev): Renamed from dtable::build_fhandler. Move out of dtable class.
Simplify arguments to just take new 'device' type and a name. Just return
pointer to fhandler rather than trying to insert into dtable.
(dtable::dup_worker): Accommodate above build_fh name changes.
(dtable::find_fifo): New (currently broken) function.
(handle_to_fn): Use strechr for efficiency.
* dtable.h: Reflect above build_fh name changes and argument differences.
(fhandler_base *&operator []): Return self rather than copy of self.
* fhandler.cc (fhandler_base::operator =): Use pc element to set normalized
path.
(fhandler_base::set_name): Ditto.
(fhandler_base::raw_read): Use method to access name.
(fhandler_base::write): Correctly use get_output_handle rather than get_handle.
(handler_base::device_access_denied): New function.
(fhandler_base::open): Eliminate pc argument and use pc element of
fhandler_base throughout.
(fhandler_base::fstat): Detect if device is based in filesystem and use
fstat_fs to calculate stat, if so.
(fhandler_base::fhandler_base): Eliminate handling of file names and, instead,
just free appropriate component from pc.
(fhandler_base::opendir): Remove path_conv parameter.
* fhandler.h: Remove all device flags.
(fhandler_base::pc): New element.
(fhandler_base::set_name): Change argument to path_conv.
(fhandler_base::error): New function.
(fhandler_base::exists): New function.
(fhandler_base::pc_binmode): New function.
(fhandler_base::dev): New function.
(fhandler_base::open_fs): New function.
(fhandler_base::fstat_fs): New function.
(fhandler_base::fstat_by_name): New function.
(fhandler_base::fstat_by_handle): New function.
(fhandler_base::isfifo): New function.
(fhandler_base::is_slow): New function.
(fhandler_base::is_auto_device): New function.
(fhandler_base::is_fs_special): New function.
(fhandler_base::device_access_denied): New function.
(fhandler_base::operator DWORD&): New operator.
(fhandler_base::get_name): Return normalized path from pc.
(fhandler_base::get_win32_name): Return windows path from pc.
(fhandler_base::isdevice): Renamed from is_device.
(fhandler_base::get_native_name): Return device format.
(fhandler_fifo): New class.
(fhandler_nodevice): New class.
(select_stuff::device_specific): Remove array.
(select_stuff::device_specific_pipe): New class element.
(select_stuff::device_specific_socket): New class element.
(select_stuff::device_specific_serial): New class element.
(select_stuff::select_stuff): Initialize new elements.
* fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Move to base class
from fhandler_disk_file.
(fhandler_base::fstat_by_name): Ditto.
(fhandler_base::fstat_by_name): Ditto.
(fhandler_disk_file::open): Move most functionality into
fhandler_base::open_fs.
(fhandler_base::open_fs): New function.
(fhandler_disk_file::close): Move most functionality into
fhandler_base::close_fs.
(fhandler_base::close_fs): New function.
* fhandler_mem.cc (fhandler_dev_mem::open): Use device name in debugging
output.
* fhandler_socket.cc (fhandler_socket::set_connect_secret): Copy standard
urandom device into appropriate place.
(fhandler_socket::accept): Reflect change in fdsock return value.
* fhandler_tty.cc: See "throughouts" above.
* net.cc: Accommodate fdsock change throughout.
(fdsock): Return success or failure, accept fd argument and device argument.
* path.cc (symlink_info::major): New element.
(symlink_info::minor): New element.
(symlink_info::parse_device): Declare new function.
(fs_info::update): Accommodate changes in path_conv class.
(path_conv::fillin): Ditto.
(path_conv::return_and_clear_normalized_path): Eliminate.
(path_conv::set_normalized_path): New function.
(path_conv::path_conv): Set info in dev element. Use path_conv methods Check
for FH_FS rather than FH_BAD to indicate when to fill in filesystem stuff.
where appropriate rather than direct access. Use set_normalized_path to set
normalized path.
(windows_device_names): Eliminate.
(get_dev): Ditto.
(get_raw_device_number): Ditto.
(get_device_number): Ditto.
(win32_device_name): Call new device name parser to do most of the heavy
lifting.
(mount_info::conv_to_win32_path): Fill in dev field as appropriate.
(symlink_worker): Handle new device files.
(symlink_info::check): Ditto.
(symlink_info::parse_device): Define new function.
* path.h (executable_states): Move here from fhandler.h.
(fs_info): Rename variables to *_storage and create methods for accessing same.
(path_conv): Add dev element, remove devn and unit and adjust inline methods to
accommodate.
(set_normalized_path): Declare new function.
* pinfo.cc (_pinfo::commune_recv): Add broken support for handling fifos.
(_pinfo::commune_send): Ditto.
* pipe.cc (fhandler_pipe::close): check for existence of handle before closing
it.
(handler_pipe::create): Rename from make_pipe. Change arguments to accept
fhandler_pipe array. Accommodate fifos.
(pipe): Rework to deal with fhandler_pipe::create changes.
(_pipe): Ditto.
* select.cc: Use individual device_specific types throughout rather than
indexing with obsolete device number.
(set_bits): Use is_socket call rather than checking device number.
* shared_info.h (CURR_MOUNT_MAGIC): Update.
(conv_to_win32_path): Reflect addition of device argument.
* syscalls.cc (mknod_worker): New function.
(open): Use build_fh_name to build fhandler.
(chown_worker): Detect if this is an 'auto' device rather than an on-filesystem
device and handle appropriately.
(chmod_device): New function.
(chmod): Detect if this is an 'auto' device rather than an on-filesystem device
and handle appropriately. Use chmod_device to set mode of in-filesystem
devices.
(stat_worker): Eliminate path_conv argument. Call build_fh_name to construct
fhandler. Use fh->error() rather than pc->error to detect errors in fhandler
construction.
(access_worker): New function pulled from access. Accommodate in-filesystem
devices.
(access): Use access_worker.
(fpathconf): Detect if this is an 'auto' device rather than an on-filesystem
device and handle appropriately.
(mknod_worker): New function.
(mknod32): New function.
(chroot): Free normalized path -- assuming it was actually cmalloced.
* tty.cc (create_tty_master): Tweak for new device class.
(tty::common_init): Ditto.
* winsup.h (stat_worker): Remove.
(symlink_worker): Declare.
* exceptions.cc (set_process_mask): Just call sig_dispatch_pending and don't
worry about pending_signals since sig_dispatch_pending should always do the
right thing now.
(sig_handle): Reorganize SIGCONT handling to more closely conform to SUSv3.
* pinfo.h: Move __SIG enum to sigproc.h.
(PICOM_FIFO): New enum element.
(_pinfo): Remove 'thread2signal' stuff throughout class.
(_pinfo::commune_send): Make varargs.
(_pinfo::sigtodo): Eliminate.
(_pinfo::thread2signal): Ditto.
* signal.cc (kill_worker): Eliminate call to setthread2signal.
* sigproc.cc (local_sigtodo): Eliminate.
(getlocal_sigtodo): Ditto.
(sigelem): New class.
(pending_signals): New class.
(sigqueue): New variable, start of sigqueue linked list.
(sigcatch_nonmain): Eliminate.
(sigcatch_main): Eliminate.
(sigcatch_nosync): Eliminate.
(sigcomplete_nonmain): Eliminate.
(pending_signals): Eliminate.
(sig_clear): Call signal thread to clear pending signals, unless already in
signal thread.
(sigpending): Call signal thread to get pending signals.
(sig_dispatch_pending): Eliminate use of pending_signals and just check
sigqueue.
(sigproc_terminate): Eliminate all of the obsolete semaphore stuff. Close
signal pipe handle.
(sig_send): Eliminate all of the obsolete semaphore stuff and use pipe to send
signals.
(getevent): Eliminate.
(pending_signals::add): New function.
(pending_signals::del): New function.
(pending_signals::next): New function.
(wait_sig): Eliminate all of the obsolete semaphore stuff. Use pipe to
communicate and maintain a linked list of signals.
* sigproc.h: Move __SIG defines here. Add __SIGPENDING.
(sig_dispatch_pending): Remove "C" specifier.
(sig_handle): Accept a mask argument.
* thread.cc: Remove signal handling considerations throughout.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* security.h (__sec_user): Add "access2" argument.
(sec_acl): Add "original" and "access2" arguments.
(sec_user): Add "sid2" and "access2" argument. Remove dependence on
allow_ntsec.
(sec_user_nih): Ditto.
* sec_helper.cc (__sec_user): Add "has_security" test.
Call sec_acl with new arguments, letting it handle original_sid.
(sec_acl): Add "original" and "access2" arguments. Handle original_sid
depending on flag but avoiding duplicates. Use "access2" for sid2.
* pinfo.cc (pinfo::init): Use security attributes created by sec_user
when creating the mapping.
* security.cc (create_token): Adjust arguments in call to sec_acl.
Call sec_user instead of __sec_user.
* syscall.cc (seteuid32): Adjust arguments in call to sec_acl. Remove
now unnecessary test. Remove useless conversions to psid.
* dcrt0.cc (dll_crt0_1): Call cygsid::init before pinfo_init.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
is a tty associated with the process. Send SIGHUP on CTRL_LOGOFF_EVENT.
* fhandler_tty.cc (fhandler_tty_slave::open): Adjust console open handle
counter regardless of whether this is a pty or tty.
(fhandler_tty_slave::open): Ditto.
(fhandler_tty_slave::dup): Ditto.
(fhandler_tty_common::set_close_on_exec): Ditto.
(fhandler_tty_master::init_console): Decrement console open handle counter
after init since it will now be handled by all tty open.
* syscalls.cc (setsid): Rework debugging output slightly.
|
| |
|
|
|
|
| |
* security.cc (verify_token): Fix white space and style.
Use type bool instead of BOOL and char. Use alloca
instead of malloc and free for my_grps.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
value for tokens.
* syscalls.cc (seteuid32): Ditto. Set new_token to process token if
process token is suitable.
* uinfo.cc (uinfo_init): Initialize tokens in cygheap user info
to INVALID_HANDLE_VALUE.
* cygheap.h (enum impersonation): Delete.
(cygheap_user::impersonation_state): Delete.
(cygheap_user::current_token): New.
(cygheap_user::issetuid): Modify to use current_token.
(cygheap_user::token): Ditto.
(cygheap_user::deimpersonate): Ditto.
(cygheap_user::reimpersonate): Ditto.
(cygheap_user::has_impersonation_tokens): Ditto.
(cygheap_user::close_impersonation_tokens): Ditto.
* security.cc (cygwin_set_impersonation_token): Always set the token.
(verify_token): Change type of gsid to cygpsid.
(get_file_attribute): Use the effective ids.
* syscalls.cc (seteuid32): Modify to use cygheap_user::current_token.
* uinfo.cc (uinfo_init) Do not set cygheap->user.impersonation_state.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* acconfig.h: Add USE_CYGSERVER define.
* config.h.in: Regenerate.
* configure.in: Add --enable-server setting.
* configure: Regenerate.
* fhandler_tty.cc (fhandler_tty_slave::open): Conditionalize compilation of
cygserver stuff.
* fork.cc (fork_child): Ditto.
* shm.cc: Ditto.
* tty.cc (tty::common_init): Ditto.
* dcrt0.cc: Use bool rather than BOOL for CYGWIN environment variable
definitions.
* environ.cc: Ditto.
* ntea.cc: Ditto.
* security.cc: Ditto.
* security.h: Ditto.
* syscalls.cc (check_posix_perm): Remove externs that were already declared in
a header.
* winsup.h: Ditto. Declare _MT_SAFE here. Delete it someday since cygwin
should always be _MT_SAFE.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(cygheap_user::token): Delete.
(cygheap_user::impersonated): Delete.
(cygheap_user::external_token): New member.
(cygheap_user::internal_token): New member.
(cygheap_user::impersonation_state): New member.
(cygheap_user::issetuid): Modify.
(cygheap_user::token): New method.
(cygheap_user::deimpersonate): New method.
(cygheap_user::reimpersonate): New method.
(cygheap_user::has_impersonation_tokens): New method.
(cygheap_user::close_impersonation_tokens): New method.
* dtable.cc (dtable::vfork_child_dup): Use new cygheap_user methods.
* fhandler_socket.cc (fhandler_socket::dup): Ditto.
* fork.cc (fork_child): Ditto.
(fork_parent): Ditto.
* grp.cc (internal_getgroups): Ditto.
* security.cc (verify_token): Ditto.
(check_file_access): Ditto.
(cygwin_set_impersonation_token): Detect conflicts. Set
user.external_token.
* spawn.cc (spawn_guts): Use new cygheap_user methods.
* syscalls.cc (seteuid32): Rearrange to use the two tokens
in cygheap_user.
(setegid32): Use new cygheap_user methods.
* uinfo.cc: (internal_getlogin): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cygerrno.h.
* include/cygwin/config.h (__DYNAMIC_REENT__): Define.
* include/cygwin/version.h: Bump API minor version.
* cygwin.din: Export __getreent
* cygerrno.h: Include errno.h. Fix places where _impure_ptr is used directly
to store the errno value.
* debug.cc (__set_errno): Ditto.
* errno.cc: Remove _RRENT_ONLY define to get errno.cc compiled.
* signal.cc: Rename _reent_clib to _REENT throughout.
* thread.h (reent_clib): Remove prototype.
* thread.cc (reent_clib): Rename reent_clib to __getreent. Return _impure_ptr
until MTinterface is initialized.
(reent_winsup): Fix a possible SEGV when _r == NULL. Return NULL instead.
* MTinterface::fixup_after_fork: Switch reent back to _impure_ptr to keep
signal handling running when fork is called from a thread other than the
mainthread.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(get_nt_attribute): Only call read_sd and get_info_from_sd.
Return void.
(get_file_attribute): Move sd error handling to get_info_from_sd.
and symlink handling to fhandler_disk_file::fstat_helper.
(get_nt_object_attribute): Only call read_sd and get_info_from_sd.
Return void.
(get_object_attribute): Remove symlink handling and simply return -1
when ntsec is off.
* fhandler_disk_file.cc (fhandler_disk_file::fstat_helper): For
symlinks set the attribute, call get_file_attribute to get the ids
and return. In the normal case call get_file_attribute with the
addresses of the buffer ids and do not recheck if the file is a socket.
|
| |
|
|
|
|
|
|
|
|
| |
from the current effective ids.
* fhandler_socket.cc (fhandler_socket::fstat): Keep the uid and gid set
by fhandler_base::fstat.
* security.cc (get_nt_attribute): Do not test wincap.has_security ().
(get_nt_object_attribute): Ditto.
(get_file_attribute): Add test for wincap.has_security ().
(get_object_attribute): Ditto.
|
| |
|
|
|
| |
* security.cc (get_nt_object_attribute): use RegGetKeySecurity() for
performance.
|
| |
|
|
|
|
|
|
|
| |
wrong usage of S_IFDIR.
* security.cc (get_attribute_from_acl): Ditto.
(get_file_attribute): Fix wrong usage of S_IFLNK.
(get_object_attribute): Ditto.
(alloc_sd): Fix wrong usage of S_IFDIR.
* syscalls.cc (chmod): Allow chmod'ing of socket files.
|
| |
|
|
| |
* security.cc (alloc_sd): Ditto.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
data on sockets to evaluate AF_LOCAL sockets correctly.
(dtable::build_fhandler): Set unit number on sockets.
* fhandler.h (fhandler_socket): Add unit number.
(fhandler_socket::get_unit): New method.
* fhandler_socket.cc (fhandler_socket::fhandler_socket): Set unit
number.
(fhandler_socket::fstat): Reorganize to return more Linux-like
values.
* net.cc: include ctype.h.
(fdsock): Set unit number when building fhandler.
* path.cc (path_conv::check): Set device type to FH_SOCKET if file
is a AF_UNIX socket.
(get_devn): Evaluate unit for virtual socket devices.
(win32_device_name): Set windows path for sockets to unix_path with
just backslashes to keep the different names.
* syscalls.cc (fstat64): Don't override st_ino, st_dev and st_rdev
for sockets.
(stat_worker): Ditto.
From Pierre Humblet:
* autoload.cc (AccessCheck): Add.
(DuplicateToken): Add.
* security.h (check_file_access): Declare.
* syscalls.cc (access): Convert path to Windows, check existence
and readonly attribute. Call check_file_access instead of acl_access.
* security.cc (check_file_access): Create.
* sec_acl (acl_access): Delete.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* include/arpa/inet.h (inet_addr): Change return type to in_addr_t.
(inet_lnaof): Ditto.
(inet_netof): Ditto.
(inet_network): Ditto.
* include/cygwin/types.h: Move many *_t typedefs here. Protect them with
ifdefs.
* fhandler_disk_file.cc (fhandler_disk_file::fstat): Change ntsec_atts to
mode_t.
* security.cc (get_attribute_from_acl): Accept mode_t attribute.
(get_nt_attribute): Ditto.
(get_file_attribute): Ditto.
(get_nt_object_attribute): Ditto.
(get_object_attribute): Ditto.
* security.h: Reflect above changes.
* syscalls.cc (chown_worker): Change attrib to mode_t.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
loop. Set default rights to same values as in alloc_sd(). Set DELETE
for owner and default owner only if S_IWOTH is given.
* sec_acl.cc: Change all __aclent16_t to __aclent32_t except in
wrapper function definitions. Replace call to the aclXYZ functions by
calls aclXYZ32.
(searchace): Change type of third argument to __uid32_t and use
ILLEGAL_UID instead of -1;
(setacl): Remove some initializations. Only give STANDARD_RIGHTS_WRITE
for S_IWOTH. Replace -1 by ILLEGAL_UID.
(getacl): Change type of owner_sid, group_sid and ace_sid to cygpsid.
In last else clause, suppress second call to ace_sid.get_id and use
TRUE in first call. Replace EqualSid by ==.
(acl_access): Call internal_getgroups in USER and GROUP cases.
(acecmp: Define static.
(acl32): Create from 16 bit type.
(facl32): Ditto.
(lacl32): Ditto.
(aclcheck32): Ditto.
(aclsort32): Ditto.
(acltomode32): Ditto.
(aclfrommode32): Ditto.
(acltopbits32): Ditto.
(aclfrompbits32): Ditto.
(acltotext32): Ditto.
(aclfromtext32): Ditto, and use strechr.
(acl16to32): Create.
(acl): Make it a wrapper function.
(facl): Ditto.
(lacl): Ditto.
(aclcheck): Ditto.
(aclsort): Ditto.
(acltomode): Ditto.
(aclfrommode): Ditto.
(acltopbits): Ditto.
(aclfrompbits): Ditto.
(acltotext): Ditto.
(aclfromtext): Ditto.
* security.cc (write_sd): Call set_process_privilege and check
ownership.
(alloc_sd): Remove call to set_process_privilege and the owner check.
|
