| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Throughout, change syscalls to report on return values using new %R format
option.
* smallprint.cc (__small_vsprintf): Add parsing for %R to report on return
values and possible errno from syscalls.
* errno.cc (errmap): Add PRIVILEGE_NOT_HELD.
* fhandler_tty.cc (fhandler_pty_master::setup): When creating a thread use
shorter name to reduce debuggging output.
* select.cc (start_thread_pipe): Ditto.
(start_thread_serial): Ditto.
(start_thread_socket): Ditto.
(start_thread_mailslot): Ditto.
* sigproc.cc (talktome): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(EqualSid): Remove.
(CopySid): Remove.
(AddAccessAllowedAce): Remove.
(AddAccessDeniedAce): Remove.
(MakeSelfRelativeSD): Remove.
* flock.cc: Replace above functions throughout with their ntdll.dll
equivalent.
* sec_acl.cc: Ditto.
* sec_auth.cc: Ditto.
* sec_helper.cc: Ditto.
* security.cc: Ditto.
* security.h: Ditto.
(RtlEqualSid): Declare. Explain why.
(RtlCopySid): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(SetSecurityDescriptorGroup): Remove.
(SetSecurityDescriptorOwner): Remove.
* pinfo.cc: Replace above functions throughout with their ntdll.dll
equivalent.
* sec_acl.cc: Ditto.
* sec_helper.cc: Ditto.
* security.cc: Ditto.
* sec_helper.cc (__sec_user): Remove old comment.
|
| |
|
|
|
|
|
|
|
|
| |
(GetSecurityDescriptorGroup): Remove.
(GetSecurityDescriptorOwner): Remove.
* sec_acl.cc: Replace above functions throughout with their ntdll.dll
equivalent. Remove redundant debug output.
* sec_auth.cc: Ditto.
* security.cc: Ditto.
* uinfo.cc: Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(AddAce): Remove.
(FindFirstFreeAce): Remove.
(GetAce): Remove.
(InitializeSecurityDescriptor): Remove.
(OpenProcessToken): Remove.
* dcrt0.cc: Replace above functions throughout with their ntdll.dll
equivalent.
* fhandler_tty.cc: Ditto.
* flock.cc: Ditto.
* pinfo.cc: Ditto. Drop unnecessary error handling.
* sec_acl.cc: Ditto.
* sec_auth.cc: Ditto.
* sec_helper.cc: Ditto.
* security.cc: Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
(EqualPrefixSid): Remove.
(GetLengthSid): Remove.
(GetSidSubAuthority): Remove.
(GetSidSubAuthorityCount): Remove.
(GetSidIdentifierAuthority): Remove.
* fhandler_disk_file.cc: Remove above functions throughout with their
ntdll.dll equivalent.
* sec_auth.cc: Ditto.
* sec_helper.cc: Ditto.
* security.cc: Ditto.
|
| |
|
|
| |
DEF_(USER|GROUP|OTHER)_OBJ entries.
|
| |
|
|
| |
of 0777.
|
| |
|
|
|
|
|
| |
(acl32): Implement acl_worker functionality here.
(lacl32): Just return -1 with errno set to ENOSYS.
(lacl): Ditto.
* include/cygwin/acl.h (lacl): Remove this call.
|
| |
|
|
|
|
|
|
|
|
|
| |
instead of ACL_DEFAULT_SIZE.
* sec_acl.cc (setacl): Use TLS buffer to allow maximum ACL size.
* security.h (ACL_DEFAULT_SIZE): Drop definition.
(ACL_MAXIMUM_SIZE): Define.
(SD_MAXIMUM_SIZE): Define.
* security.cc (get_file_sd): Allocate security_decscriptor with size
SD_MAXIMUM_SIZE.
(alloc_sd): Use TLS buffer to allow maximum ACL size.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
GetSecurityInfo only if justcreated is true, NtQuerySecurityObject
otherwise. Add comment to explain why. Don't waste time to call
NtQuerySecurityObject twice, just allocate big enough area.
(get_file_attribute): Call get_file_sd with justcreated set to false.
(set_file_attribute): Call get_file_sd with justcreated depending on
S_JUSTCREATED pseudo file attribute.
(check_file_access): Call get_file_sd with justcreated set to false.
* sec_acl.cc (setacl): Ditto.
(getacl): Ditto.
* security.h: Convert many functions to regparm functions.
(get_file_sd): Declare with extra bool parameter.
|
| |
|
|
|
| |
instead of a constant value.
* security.cc (alloc_sd): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fhandler.
* fhandler.cc (fhandler_base::fstatvfs): Keep handle in created
path_conv.
* fhandler.h (fhandler_base::get_stat_access): New method.
(fhandler_base::get_stat_handle): New method.
* fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Use handle
returned by get_stat_handle. Only request inode from system if it
isn't already set in the fhandler, and only for filesystems supporting
them.
(fhandler_base::fstat_fs): Use handle returned by get_stat_handle.
Change the way open_fs is called. Explain why.
(fhandler_base::fstat_helper): Use handle returned by get_stat_handle.
Never use 0 inode number. Simplify executable recognition by re-using
get_stat_handle if file could be opened with sufficient rights.
(fhandler_disk_file::fstatvfs): Use handle returned by get_stat_handle.
(fhandler_disk_file::facl): Use handle returned by get_stat_handle in
GETACL and GETACLCNT cases.
(fhandler_disk_file::link): Use handle returned by get_stat_handle
instead of opening file here again. Add comment.
(readdir_get_ino): Keep handle in created path_conv and drop
opening file.
* ntdll.h (wait_pending): New helper function.
* path.cc (symlink_info::check): Drop unused 'opt' parameter from
declaration. Add path_conv_handle argument.
(path_conv::check): Make sure conv_handle is closed. Keep
PC_KEEP_HANDLE flag in pflags_or. Accommodate call to sym.check to
new args.
(path_conv::~path_conv): Close conv_handle.
(symlink_info::check_shortcut): Don't re-open file here, just use
incoming handle. Drop goto's and label out.
(symlink_info::check_sysfile): Don't re-open file here, just use
incoming handle. Keep track of file position to accommodate the fact
that file has been opened asynchronously in calling function.
(symlink_info::check_nfs_symlink): Don't re-open file here, just use
incoming handle.
(symlink_info::check): Drop unused 'opt' parameter. Add
path_conv_handle argument. Always try to open file with GENERIC_READ
rights first to allow reading file content w/o having to re-open the
file. Drop back to READ_CONTROL | FILE_READ_ATTRIBUTES otherwise.
Call symlink test functions (except for check_reparse_point) only if
file could be opened with GENERIC_READ. Keep file handle open if
PC_KEEP_HANDLE is set in pflags.
* path.h (enum pathconv_arg): Add PC_KEEP_HANDLE flag.
(class path_conv_handle): New class.
(class path_conv): Add conv_handle member.
(path_conv::operator =): Duplicate conv_handle.
(path_conv::handle): New method.
(path_conv::access): New method.
(path_conv::reset_conv_handle): New method.
(path_conv::close_conv_handle): New method.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
back into build_fh_name.
(build_fh_name): Drop unused HANDLE parameter. Drop call to pc.fillin.
Remove disabled build_fh_name with UNICODE_STRING name parameter.
* dtable.h (build_fh_name): Drop HANDLE parameter from declaration.
Remove declaration for build_fh_name with UNICODE_STRING name parameter.
* path.cc (path_conv::fillin): Remove.
(symlink_info::check): Fix comment.
* path.h (path_conv::fillin): Remove declaration.
* dir.cc: Accommodate change in build_fh_name parameters throughout.
* sec_acl.cc: Ditto.
* syscalls.cc: Ditto.
* ntea.cc (getxattr_worker): Fix debug output.
(setxattr_worker): Ditto.
* times.cc (utimens_worker): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LocalFree instead of ::free.
* sec_acl.cc: Throughout replace old ACE flag definitions with current
definitions as used in MSDN man pages.
* security.cc: Ditto.
* fhandler.cc (fhandler_base::open): Make sure file has really been
just created before fixing file permissions. Add S_JUSTCREATED
attribute to set_file_attribute call.
* fhandler_disk_file.cc (fhandler_disk_file::mkdir): Always create dir
with default security descriptor and fix descriptor afterwards.
Add S_JUSTCREATED flag to set_file_attribute call.
* fhandler_socket.cc (fhandler_socket::bind): Ditto for AF_LOCAL
socket files.
* path.cc (symlink_worker): Ditto for symlinks.
* security.cc (get_file_sd): Call GetSecurityInfo rather than
NtQuerySecurityObject. Explain why. Change error handling accordingly.
(alloc_sd): Skip non-inherited, non-standard entries in ACL if
S_JUSTCREATED attribute is set. Explain why. Minor format fixes.
* security.h (S_JUSTCREATED): New define.
(security_descriptor::operator=): New operator.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
error when changing the user account on a standalone Samba server.
Explain why.
* sec_acl.cc (setacl): Accommodate additional parameter to set_file_sd.
* sec_helper.cc (SECURITY_SAMBA_UNIX_AUTHORITY): Define.
(well_known_samba_unix_user_fake_sid): Define.
* security.cc (set_file_sd): Take additional parameter if ownership
should be changed. Restrict requested permissions accordingly.
(set_file_attribute): Accommodate additional parameter to set_file_sd.
* security.h (well_known_samba_unix_user_fake_sid): Declare.
(set_file_sd): Align declaration to above change.
|
| |
|
|
|
|
|
| |
with alloc_sd. Strip FILE_READ_ATTRIBUTES fromn setting
FILE_GENERIC_EXECUTE permissions same as in alloc_sd.
* security.cc (alloc_sd): Reformat expression. Strip EA permission
bits from owner_deny and group_deny computation.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dtable.cc (handle_to_fn): Ditto.
* fhandler_console.cc (fhandler_console::read): Ditto.
(fhandler_console::scroll_screen): Ditto.
(dev_console::set_color): Ditto.
* fhandler_dsp.cc (fhandler_dev_dsp::write): Ditto.
(fhandler_dev_dsp::read): Ditto.
* fhandler_tape.cc (mtinfo_drive::get_status): Ditto.
* hookapi.cc (find_first_notloaded_dll): Ditto.
* mmap.cc (msync): Ditto.
* pipe.cc (pipesync::pipesync): Ditto.
* sec_acl.cc (getace): Ditto.
* sec_auth.cc (create_token): Ditto.
(lsaauth): Ditto.
* select.cc (peek_pipe): Ditto.
* spawn.cc (av::fixup): Ditto.
* syscalls.cc (popen): Ditto.
* tty.cc (tty::init_session): Ditto.
* uinfo.cc (pwdgrp::load): Ditto.
* fhandler.cc (fhandler_base::setup_overlapped): Ditto.
(fhandler_base::wait_overlapped): Rename second use of res variable to wres or
errors are not returned correctly.
* dcrt0.cc: Remove obsolete variable.
* dll_init.cc (release_upto): Fix typo involving incorrect use of '|'.
* fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Avoid a compiler
warning regarding coercing type-punned variables.
(fhandler_base::fstat_by_name): Ditto. fhandler_fifo.cc
(fhandler_fifo::open_nonserver): Fix = vs. == typo.
(fhandler_fifo::wait): Add all conditions to switch statement to avoid a
compiler warning.
* fhandler_process.cc: Avoid unneeded initialization of variables to zero.
(fhandler_socket::listen): Add braces around initializer.
* flock.cc (inode_t::get_all_locks_list): Reorganize to avoid a compiler
warning. Fix problem with EWOULDBLOCK error return.
* path.cc (GUID_shortcut): Use braces around struct initializer.
(cygwin_conv_path): Reorganize to avoid a compiler warning.
* random.cc (dummy): Mark variable as volatile to avoid a "used uninitialized"
warning.
* libc/getopt.c: Mark some variables as dllexport although gcc doesn't seem to
do the right thing with them.
* libc/minires-os-if.c (get_registry_dns_items): Coerce some function arguments
to avoid a compiler warning.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* sec_acl.cc (getacl): Convert debug output to print native NT path.
* security.cc (set_file_attribute): Ditto.
* syscalls.cc (try_to_bin): Ditto and fix buggy debug statement.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fhandler_disk_file.cc (fhandler_disk_file::link): Drop extern
declaration of stat_suffixes. Use NT native path in debug output.
(fhandler_base::utimes_fs): Simplify closeit case. Use close_fs
to close newly opened file handle.
(fhandler_base::open_fs): Use NT native path in debug output.
* path.cc: Throughout drop extern declaration of stat_suffixes.
* path.h (stat_suffixes): Declare.
* sec_acl.cc (acl_worker): Drop extern declaration of stat_suffixes.
* times.cc (utimes_worker): Take path_conv as parameter instead of
single-byte pathnam, drop nofollow argument, accommodate throughout.
Compare UNICODE paths when enumerating file descriptors. Fix
formatting. Use NT native path in debug output.
|
| |
|
|
|
|
|
| |
opened for reading the ACLs, fall back to faking them.
* sec_acl.cc (acl_worker): Handle non-existing files.
* security.cc (get_file_attribute): Return ILLEGAL_UID/ILLEGAL_GID
as owner/group for non-readable ACLs on file systems supporting them.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
of access control functions throughout.
* fhandler_disk_file.cc: Ditto.
* fhandler_registry.cc: Ditto.
* sec_acl.cc: Drop unnecessary includes.
(setacl): Take path_conv instead of file name as parameter.
Accommodate interface changes of access control functions.
(getacl): Ditto.
* sec_auth.cc: New file, taking over all authentication related
functions from security.cc.
* sec_helper.cc: Drop unnecessary includes.
* security.cc: Ditto. Move all authentication related functions to
sec_auth.cc.
(ALL_SECURITY_INFORMATION): New define. Use throughout.
(set_file_sd): New function, replacing read_sd and the file related
part of get_nt_object_security.
(get_reg_sd): Rename from get_reg_security. Drop type parameter.
(get_reg_attribute): New function, replacing the registry related part
of get_nt_object_security.
(get_file_attribute): Take path_conv instead of file name as parameter.
Use new get_file_sd call.
(set_file_attribute): Ditto plus new set_file_sd. Drop unnecessary
implementation without uid/gid parameters.
(check_file_access): Take path_conv instead of file name as parameter.
Use new get_file_sd call.
(check_registry_access): Use new get_reg_sd call.
* security.h: Accommodate above interface changes.
|
| |
|
|
|
|
|
| |
* sec_acl.cc (setacl): Ditto. Set to true if any ACE with write
permissions is created.
* fhandler_disk_file.cc (fhandler_disk_file::facl): Reset
FILE_ATTRIBUTE_READONLY if ACL contains an ACE with write permissions.
|
| |
|
|
| |
types.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
allocate dynamically.
(pinfo::set_acl): Replace sa_buf by dynamically allocated acl_buf.
* sec_acl.cc (setacl): Allocate acl dynamically.
* sec_helper.cc (sec_acl): Add test for alignment of acl when
DEBUGGING is defined.
(__sec_user): Same for sa_buf.
* security.cc (verify_token): Define sd_buf as PSECURITY_DESCRIPTOR
and allocate dynamically.
(alloc_sd): Allocate acl dynamically.
security.h (sec_user_nih): Change first parameter to
SECURITY_ATTRIBUTES *.
(sec_user): Ditto.
* sigproc.cc (wait_sig): Define sa_buf as PSECURITY_ATTRIBUTES and
allocate dynamically.
* syscalls.cc (seteuid32): Define dacl_buf as PACL and allocate
dynamically.
* uinfo.cc (cygheap_user::init): Define sa_buf as PSECURITY_ATTRIBUTES
and allocate dynamically.
* winbase.h (ilockincr): Mark first argument of inline assembly as
earlyclobber.
(ilockdecr): Ditto.
|
| |
|
|
|
|
| |
* path.h (enum pathconv_arg): Change PC_FULL to PC_NOUILL.
* path.cc (path_conv::check): Test for PC_NOFULL rather than !PC_FULL.
(cygwin_conv_to_win32_path): Use PC_NOFULL to force non-absolute path.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dir.cc (mkdir): Change set_file_attribute call to indicate that
NT security isn't used.
* fhandler.cc (fhandler_base::open_9x): New method, created from
fhandler_base::open.
(fhandler_base::open): Rearrange to use NtCreateFile instead of
CreateFile.
* fhandler.h (enum query_state): Redefine query_null_access to
query_stat_control. query_null_access isn't allowed in NtCreateFile.
(fhandler_base::open_9x): Declare.
* fhandler_disk_file.cc (fhandler_base::fstat_fs): Use
query_stat_control first, query_read_control if that fails.
(fhandler_disk_file::fchmod): Call enable_restore_privilege before
trying to open for query_write_control. Don't fall back to
opening for query_read_control.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::facl): Only request restore privilege and query
access necessary for given cmd.
* fhandler_raw.cc (fhandler_dev_raw::open): Call fhandler_base::open
instead of opening device here.
* ntdll.h (NtCreateFile): Declare.
* path.cc (symlink_worker): Change set_file_attribute call to indicate
that NT security isn't used.
* sec_acl.cc (getacl): Fix bracketing.
* sec_helper.cc (enable_restore_privilege): New function.
* security.cc (str2buf2uni_cat): New function.
(write_sd): Don't request restore permission here.
* security.h (set_process_privileges): Drop stale declaration.
(str2buf2uni): Declare.
(str2buf2uni_cat): Declare.
(enable_restore_privilege): Declare.
* syscalls.cc (fchown32): Return immediate success on 9x.
|
| |
|
|
|
|
|
| |
* sec_acl.cc (acl_worker): delete allocated fhandler.
* syscalls.cc (chown_worker): Ditto.
(chmod): Ditto.
(stat_worker): Use get_namehash instead of hash_path_name.
|
| |
|
|
| |
* security.cc (write_sd): Ditto. Fix error handling.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
expression.
(fhandler_base::facl): New method.
* fhandler.h: Declare facl method in fhandler_base,
fhandler_disk_file and fhandler_virtual.
* fhandler_disk_file.cc (fhandler_disk_file::facl): New method.
* fhandler_virtual.cc (fhandler_virtual::facl): New method.
* sec_acl.cc: Remove forward declaration for aclsort32 and acl32.
(setacl): Remove static. Add and use handle parameter.
(getacl): Ditto.
(acl_worker): Reorganize to call fhandler's facl method eventually.
(facl32): Ditto.
* security.cc (get_nt_object_security): Remove static.
* security.h: Add extern declarations for get_nt_object_security,
aclsort32, acl32, getacl and setacl.
Apply missing syscalls.cc patch and ChangeLog of previous check in.
* syscalls.cc (chown_worker): Reorganize to call fhandler's fchown
method eventually.
(fchown): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
query_state.
(fhandler_base::fchown): New method.
* fhandler.h: Declare fchown method in fhandler_base,
fhandler_disk_file and fhandler_virtual.
(enum query_state): Add query_write_control.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Set query_state
to query_write_control. Only remove FILE_ATTRIBUTE_READONLY if not
setting security descriptor.
(fhandler_disk_file::fchown): New method.
* fhandler_virtual.cc (fhandler_virtual::fchown): New method.
* sec_acl.cc (setacl): Call write_sd with additional handle attribute.
* security.cc (write_sd): Take handle argument. Only request owner
if getting SE_RESTORE_NAME privilege failed. Only open file if
NtSetSecurityObject failed or handle is NULL.
(set_nt_attribute): Call write_sd with additional handle attribute.
* security.h (write_sd): Declare with additional handle argument.
|
| |
|
|
| |
standard and default entry of same type.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cygtls.h (_threadinfo::lock): Remove wait argument.
(_threadinfo::interrupt_setup): Remove retaddr argument.
* exceptions.cc (_threadinfo::interrupt_setup): Ditto.
(_threadinfo::interrupt_now): Accommodate change to interrupt_setup argument.
(setup_handler): Ditto. Always lock sig stack prior to determining interrupt
method.
* gendef (_sigfe): Correct thinko regarding cmpxchg.
(_sigbe): Ditto.
(_threadinfo::lock): Ditto.
(_threadinfo::pop): Eliminate left-over stack unlock.
* sigproc.cc (proc_subproc): Chnage debugging output to printed warning.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
throughout.
* tty.cc (tty::common_init): Remove call to SetKernelObjectSecurity and edit
some comments.
* cygheap.h (init_cygheap::ctty): Add new element.
* devices.in (device::parse): Remove special handling for /dev/tty.
* devices.cc: Regenerate.
* dtable.cc (build_fh_pc): Don't reset /dev/tty device. Let the device opener
do that.
* fhandler_termios.cc (tty_min::set_ctty): Redefine to _pinfo class.
* fhandler_tty.cc (fhandler_tty_common::set_close_on_exec): Avoid setting
noninherit flag for ctty.
* tty.h: Move BOOLs to bools.
(tty_min::set_ctty): Redeclare to _pinfo class.
* pinfo.cc (_pinfo::set_ctty): Define new function based on tty_min::set_ctty.
Change first argument from tty number to tty_min class.
* pinfo.h (_pinfo::set_ctty): Declare.
* fhandler_console.cc (fhandler_console::get_tty_stuff): Reflect move of
set_ctty to _pinfo class.
* fhandler_tty.cc (fhandler_tty_slave::open): Treat FH_TTY specially. Use
saved cygheap value if it exists. Otherwise convert to real device and save on
first time open.
(fhandler_tty_common::dup): Potentially set controlling tty if duping a slave
tty.
* syscalls.cc (setsid): Close controlling tty in cygheap.
* tty.cc: Change some BOOLs to bools.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
set_security_attribute appropriately.
* external.cc (cygwin_internal): Ditto.
* fhandler.cc (fhandler_base::open): Ditto.
* fhandler_socket.cc (fhandler_socket::bind): Ditto.
* path.cc (symlink_worker): Ditto.
* sec_acl.cc (setacl): Ditto. Call read_sd appropriately.
(getace): Ditto.
* sec_helper.cc (security_descriptor::malloc): New method.
(security_descriptor::realloc): New method.
(security_descriptor::free): New method.
* security.cc (read_sd): Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
Allocate the security_descriptor buffer according to size returned by
a call to GetFileSecurity. Return buffer size on success.
(write_sd): Get security_descriptor as parameter instead of
PSECURITY_DESCRIPTOR and a size.
(get_nt_attribute): Use local security_descriptor.
(get_nt_object_attribute): Ditto in case of type == SE_REGISTRY_KEY.
Allocate security_descriptor buffer according to size returned by
a call to RegGetKeySecurity.
(alloc_sd): Make static. Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size. Drop unnecessary parameter check.
(set_security_attribute): Get security_descriptor as parameter instead
of PSECURITY_DESCRIPTOR and a size.
(set_nt_attribute): Use local security_descriptor.
(check_file_access): Ditto.
* security.h: Add class security_descriptor.
(read_sd): Change declaration to get security_descriptor as parameter
instead of PSECURITY_DESCRIPTOR and a size.
(write_sd): Ditto.
(set_security_attribute): Ditto.
(alloc_sd): Remove declaration.
* thread.cc (semaphore::semaphore): Use local security_descriptor. Call
set_security_attribute appropriately.
|
| |
|
|
|
|
|
| |
* security.cc (get_attribute_from_acl): Ditto.
* security.h (FILE_READ_BITS): Define to match also GENERIC bits.
(FILE_WRITE_BITS): Ditto.
(FILE_EXEC_BITS): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* devices.gperf: New file.
* devices.shilka: New file.
* cygwin-gperf: New file.
* cygwin-shilka: New file.
* fhandler_fifo.cc: New file.
* fhandler_nodevice.cc : New file. Reorganize headers so that path.h precedes
fhandler.h throughout. Remove device argument and unit arguments from fhandler
constructors throughout. Remove pc arguments to fhandler functions and use
internal pc element instead, throughout. Use dev element in pc throughout.
Use major/minor elements rather than units and device numbers previously in
fhandler class. Use correct methods for fhandler file names rather than
directly accessing file name variables, throughout.
* Makefile.in (DLL_OFILES): Add devices.o, fhandler_fifo.o
* dcrt0.cc (dll_crt0_1): Call device::init.
* devices.h: Renumber devices based on more Linux-like major/minor numbers.
Add more devices. Declare standard device storage.
(device): Declare struct.
* dir.cc (opendir): Use new 'build_fh_name' to construct a fhandler_* type.
* dtable.cc (dtable::get_debugger_info): Ditto.
(cygwin_attach_handle_to_fd): Ditto.
(dtable::release): Remove special FH_SOCKET case in favor of generic
"need_fixup_before" test.
(dtable::init_std_file_from_handle): Use either build_fh_dev or build_fh_name
to build standard fhandler.
(dtable::build_fh_name): Renamed from dtable::build_fhandler_from_name. Move
out of dtable class. Don't accept a path_conv argument. Just build it here
and pass it to:
(build_fh_pc): Renamed from dtable::build_fhandler. Move out of dtable class.
Use intrinsic device type in path_conv to create new fhandler.
(build_fh_dev): Renamed from dtable::build_fhandler. Move out of dtable class.
Simplify arguments to just take new 'device' type and a name. Just return
pointer to fhandler rather than trying to insert into dtable.
(dtable::dup_worker): Accommodate above build_fh name changes.
(dtable::find_fifo): New (currently broken) function.
(handle_to_fn): Use strechr for efficiency.
* dtable.h: Reflect above build_fh name changes and argument differences.
(fhandler_base *&operator []): Return self rather than copy of self.
* fhandler.cc (fhandler_base::operator =): Use pc element to set normalized
path.
(fhandler_base::set_name): Ditto.
(fhandler_base::raw_read): Use method to access name.
(fhandler_base::write): Correctly use get_output_handle rather than get_handle.
(handler_base::device_access_denied): New function.
(fhandler_base::open): Eliminate pc argument and use pc element of
fhandler_base throughout.
(fhandler_base::fstat): Detect if device is based in filesystem and use
fstat_fs to calculate stat, if so.
(fhandler_base::fhandler_base): Eliminate handling of file names and, instead,
just free appropriate component from pc.
(fhandler_base::opendir): Remove path_conv parameter.
* fhandler.h: Remove all device flags.
(fhandler_base::pc): New element.
(fhandler_base::set_name): Change argument to path_conv.
(fhandler_base::error): New function.
(fhandler_base::exists): New function.
(fhandler_base::pc_binmode): New function.
(fhandler_base::dev): New function.
(fhandler_base::open_fs): New function.
(fhandler_base::fstat_fs): New function.
(fhandler_base::fstat_by_name): New function.
(fhandler_base::fstat_by_handle): New function.
(fhandler_base::isfifo): New function.
(fhandler_base::is_slow): New function.
(fhandler_base::is_auto_device): New function.
(fhandler_base::is_fs_special): New function.
(fhandler_base::device_access_denied): New function.
(fhandler_base::operator DWORD&): New operator.
(fhandler_base::get_name): Return normalized path from pc.
(fhandler_base::get_win32_name): Return windows path from pc.
(fhandler_base::isdevice): Renamed from is_device.
(fhandler_base::get_native_name): Return device format.
(fhandler_fifo): New class.
(fhandler_nodevice): New class.
(select_stuff::device_specific): Remove array.
(select_stuff::device_specific_pipe): New class element.
(select_stuff::device_specific_socket): New class element.
(select_stuff::device_specific_serial): New class element.
(select_stuff::select_stuff): Initialize new elements.
* fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Move to base class
from fhandler_disk_file.
(fhandler_base::fstat_by_name): Ditto.
(fhandler_base::fstat_by_name): Ditto.
(fhandler_disk_file::open): Move most functionality into
fhandler_base::open_fs.
(fhandler_base::open_fs): New function.
(fhandler_disk_file::close): Move most functionality into
fhandler_base::close_fs.
(fhandler_base::close_fs): New function.
* fhandler_mem.cc (fhandler_dev_mem::open): Use device name in debugging
output.
* fhandler_socket.cc (fhandler_socket::set_connect_secret): Copy standard
urandom device into appropriate place.
(fhandler_socket::accept): Reflect change in fdsock return value.
* fhandler_tty.cc: See "throughouts" above.
* net.cc: Accommodate fdsock change throughout.
(fdsock): Return success or failure, accept fd argument and device argument.
* path.cc (symlink_info::major): New element.
(symlink_info::minor): New element.
(symlink_info::parse_device): Declare new function.
(fs_info::update): Accommodate changes in path_conv class.
(path_conv::fillin): Ditto.
(path_conv::return_and_clear_normalized_path): Eliminate.
(path_conv::set_normalized_path): New function.
(path_conv::path_conv): Set info in dev element. Use path_conv methods Check
for FH_FS rather than FH_BAD to indicate when to fill in filesystem stuff.
where appropriate rather than direct access. Use set_normalized_path to set
normalized path.
(windows_device_names): Eliminate.
(get_dev): Ditto.
(get_raw_device_number): Ditto.
(get_device_number): Ditto.
(win32_device_name): Call new device name parser to do most of the heavy
lifting.
(mount_info::conv_to_win32_path): Fill in dev field as appropriate.
(symlink_worker): Handle new device files.
(symlink_info::check): Ditto.
(symlink_info::parse_device): Define new function.
* path.h (executable_states): Move here from fhandler.h.
(fs_info): Rename variables to *_storage and create methods for accessing same.
(path_conv): Add dev element, remove devn and unit and adjust inline methods to
accommodate.
(set_normalized_path): Declare new function.
* pinfo.cc (_pinfo::commune_recv): Add broken support for handling fifos.
(_pinfo::commune_send): Ditto.
* pipe.cc (fhandler_pipe::close): check for existence of handle before closing
it.
(handler_pipe::create): Rename from make_pipe. Change arguments to accept
fhandler_pipe array. Accommodate fifos.
(pipe): Rework to deal with fhandler_pipe::create changes.
(_pipe): Ditto.
* select.cc: Use individual device_specific types throughout rather than
indexing with obsolete device number.
(set_bits): Use is_socket call rather than checking device number.
* shared_info.h (CURR_MOUNT_MAGIC): Update.
(conv_to_win32_path): Reflect addition of device argument.
* syscalls.cc (mknod_worker): New function.
(open): Use build_fh_name to build fhandler.
(chown_worker): Detect if this is an 'auto' device rather than an on-filesystem
device and handle appropriately.
(chmod_device): New function.
(chmod): Detect if this is an 'auto' device rather than an on-filesystem device
and handle appropriately. Use chmod_device to set mode of in-filesystem
devices.
(stat_worker): Eliminate path_conv argument. Call build_fh_name to construct
fhandler. Use fh->error() rather than pc->error to detect errors in fhandler
construction.
(access_worker): New function pulled from access. Accommodate in-filesystem
devices.
(access): Use access_worker.
(fpathconf): Detect if this is an 'auto' device rather than an on-filesystem
device and handle appropriately.
(mknod_worker): New function.
(mknod32): New function.
(chroot): Free normalized path -- assuming it was actually cmalloced.
* tty.cc (create_tty_master): Tweak for new device class.
(tty::common_init): Ditto.
* winsup.h (stat_worker): Remove.
(symlink_worker): Declare.
* exceptions.cc (set_process_mask): Just call sig_dispatch_pending and don't
worry about pending_signals since sig_dispatch_pending should always do the
right thing now.
(sig_handle): Reorganize SIGCONT handling to more closely conform to SUSv3.
* pinfo.h: Move __SIG enum to sigproc.h.
(PICOM_FIFO): New enum element.
(_pinfo): Remove 'thread2signal' stuff throughout class.
(_pinfo::commune_send): Make varargs.
(_pinfo::sigtodo): Eliminate.
(_pinfo::thread2signal): Ditto.
* signal.cc (kill_worker): Eliminate call to setthread2signal.
* sigproc.cc (local_sigtodo): Eliminate.
(getlocal_sigtodo): Ditto.
(sigelem): New class.
(pending_signals): New class.
(sigqueue): New variable, start of sigqueue linked list.
(sigcatch_nonmain): Eliminate.
(sigcatch_main): Eliminate.
(sigcatch_nosync): Eliminate.
(sigcomplete_nonmain): Eliminate.
(pending_signals): Eliminate.
(sig_clear): Call signal thread to clear pending signals, unless already in
signal thread.
(sigpending): Call signal thread to get pending signals.
(sig_dispatch_pending): Eliminate use of pending_signals and just check
sigqueue.
(sigproc_terminate): Eliminate all of the obsolete semaphore stuff. Close
signal pipe handle.
(sig_send): Eliminate all of the obsolete semaphore stuff and use pipe to send
signals.
(getevent): Eliminate.
(pending_signals::add): New function.
(pending_signals::del): New function.
(pending_signals::next): New function.
(wait_sig): Eliminate all of the obsolete semaphore stuff. Use pipe to
communicate and maintain a linked list of signals.
* sigproc.h: Move __SIG defines here. Add __SIGPENDING.
(sig_dispatch_pending): Remove "C" specifier.
(sig_handle): Accept a mask argument.
* thread.cc: Remove signal handling considerations throughout.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cygerrno.h.
* include/cygwin/config.h (__DYNAMIC_REENT__): Define.
* include/cygwin/version.h: Bump API minor version.
* cygwin.din: Export __getreent
* cygerrno.h: Include errno.h. Fix places where _impure_ptr is used directly
to store the errno value.
* debug.cc (__set_errno): Ditto.
* errno.cc: Remove _RRENT_ONLY define to get errno.cc compiled.
* signal.cc: Rename _reent_clib to _REENT throughout.
* thread.h (reent_clib): Remove prototype.
* thread.cc (reent_clib): Rename reent_clib to __getreent. Return _impure_ptr
until MTinterface is initialized.
(reent_winsup): Fix a possible SEGV when _r == NULL. Return NULL instead.
* MTinterface::fixup_after_fork: Switch reent back to _impure_ptr to keep
signal handling running when fork is called from a thread other than the
mainthread.
|
| |
|
|
| |
* security.cc (alloc_sd): Ditto.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* autoload.cc (GetSystemTimes): Define new autoload function.
* fhandler_proc.cc (proc_listing): Add cpuinfo and partitions entries.
(fhandler_proc::fill_filebuf): Add PROC_CPUINFO and PROC_PARTITIONS cases.
(format_proc_uptime): Use GetSystemTimes if available.
(read_value): New macro.
(print): New macro.
(cpuid): New function.
(can_set_flag): New function.
(format_proc_cpuinfo): New function.
(format_proc_partitions): New function.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
data on sockets to evaluate AF_LOCAL sockets correctly.
(dtable::build_fhandler): Set unit number on sockets.
* fhandler.h (fhandler_socket): Add unit number.
(fhandler_socket::get_unit): New method.
* fhandler_socket.cc (fhandler_socket::fhandler_socket): Set unit
number.
(fhandler_socket::fstat): Reorganize to return more Linux-like
values.
* net.cc: include ctype.h.
(fdsock): Set unit number when building fhandler.
* path.cc (path_conv::check): Set device type to FH_SOCKET if file
is a AF_UNIX socket.
(get_devn): Evaluate unit for virtual socket devices.
(win32_device_name): Set windows path for sockets to unix_path with
just backslashes to keep the different names.
* syscalls.cc (fstat64): Don't override st_ino, st_dev and st_rdev
for sockets.
(stat_worker): Ditto.
From Pierre Humblet:
* autoload.cc (AccessCheck): Add.
(DuplicateToken): Add.
* security.h (check_file_access): Declare.
* syscalls.cc (access): Convert path to Windows, check existence
and readonly attribute. Call check_file_access instead of acl_access.
* security.cc (check_file_access): Create.
* sec_acl (acl_access): Delete.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
loop. Set default rights to same values as in alloc_sd(). Set DELETE
for owner and default owner only if S_IWOTH is given.
* sec_acl.cc: Change all __aclent16_t to __aclent32_t except in
wrapper function definitions. Replace call to the aclXYZ functions by
calls aclXYZ32.
(searchace): Change type of third argument to __uid32_t and use
ILLEGAL_UID instead of -1;
(setacl): Remove some initializations. Only give STANDARD_RIGHTS_WRITE
for S_IWOTH. Replace -1 by ILLEGAL_UID.
(getacl): Change type of owner_sid, group_sid and ace_sid to cygpsid.
In last else clause, suppress second call to ace_sid.get_id and use
TRUE in first call. Replace EqualSid by ==.
(acl_access): Call internal_getgroups in USER and GROUP cases.
(acecmp: Define static.
(acl32): Create from 16 bit type.
(facl32): Ditto.
(lacl32): Ditto.
(aclcheck32): Ditto.
(aclsort32): Ditto.
(acltomode32): Ditto.
(aclfrommode32): Ditto.
(acltopbits32): Ditto.
(aclfrompbits32): Ditto.
(acltotext32): Ditto.
(aclfromtext32): Ditto, and use strechr.
(acl16to32): Create.
(acl): Make it a wrapper function.
(facl): Ditto.
(lacl): Ditto.
(aclcheck): Ditto.
(aclsort): Ditto.
(acltomode): Ditto.
(aclfrommode): Ditto.
(acltopbits): Ditto.
(aclfrompbits): Ditto.
(acltotext): Ditto.
(aclfromtext): Ditto.
* security.cc (write_sd): Call set_process_privilege and check
ownership.
(alloc_sd): Remove call to set_process_privilege and the owner check.
|
| |
|
|
| |
CreateFile failure.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(setacl): Start the search for a matching default at the next entry.
Invalidate the type of merged entries instead of clearing it.
Use well_known_creator for default owner and owning group and do
not try to merge non-default and default entries in these cases.
(getacl): Recognize well_known_creator for default owner and group.
(acl_worker): Improve errno settings and streamline the nontsec case.
* security.cc (write_sd): Remove the call to set_process_privilege.
(alloc_sd): If the owner changes, call set_process_privilege and return
immediately on failure. Change inheritance rules: on new directories add
inherit only allow ACEs for creator_owner, creator_group and everyone.
Preserve all inheritances through chmod and chown calls. Introduce
isownergroup to implement the uid == gid case, to keep the inheritance
code simple. Do not initialize owner_sid and group_sid and stop using
the variable psd.
|
| | |
|
