Damien Miller | bac2d8a | 2000-09-05 16:13:06 +1100 | [diff] [blame] | 1 | /* |
| 2 | * |
| 3 | * cygwin_util.c |
| 4 | * |
| 5 | * Author: Corinna Vinschen <vinschen@cygnus.com> |
| 6 | * |
| 7 | * Copyright (c) 2000 Corinna Vinschen <vinschen@cygnus.com>, Duisburg, Germany |
| 8 | * All rights reserved |
| 9 | * |
| 10 | * Created: Sat Sep 02 12:17:00 2000 cv |
| 11 | * |
| 12 | * This file contains functions for forcing opened file descriptors to |
| 13 | * binary mode on Windows systems. |
| 14 | */ |
| 15 | |
Damien Miller | e9cf357 | 2001-02-09 12:55:35 +1100 | [diff] [blame] | 16 | #include "includes.h" |
| 17 | |
Damien Miller | 2deb3f6 | 2001-02-18 12:30:55 +1100 | [diff] [blame^] | 18 | RCSID("$Id: bsd-cygwin_util.c,v 1.3 2001/02/18 01:30:56 djm Exp $"); |
Damien Miller | bac2d8a | 2000-09-05 16:13:06 +1100 | [diff] [blame] | 19 | |
| 20 | #ifdef HAVE_CYGWIN |
Damien Miller | 72c9a7e | 2000-09-24 11:10:13 +1100 | [diff] [blame] | 21 | |
Damien Miller | bac2d8a | 2000-09-05 16:13:06 +1100 | [diff] [blame] | 22 | #include <fcntl.h> |
| 23 | #include <io.h> |
Damien Miller | b70b61f | 2000-09-16 16:25:12 +1100 | [diff] [blame] | 24 | #include <stdlib.h> |
| 25 | #include <sys/vfs.h> |
| 26 | #include <windows.h> |
| 27 | #define is_winnt (GetVersion() < 0x80000000) |
Damien Miller | bac2d8a | 2000-09-05 16:13:06 +1100 | [diff] [blame] | 28 | |
Damien Miller | 2deb3f6 | 2001-02-18 12:30:55 +1100 | [diff] [blame^] | 29 | #if defined(open) && open == binary_open |
| 30 | # undef open |
| 31 | #endif |
| 32 | #if defined(pipe) && open == binary_pipe |
| 33 | # undef pipe |
| 34 | #endif |
| 35 | |
| 36 | int binary_open(const char *filename, int flags, ...) |
Damien Miller | bac2d8a | 2000-09-05 16:13:06 +1100 | [diff] [blame] | 37 | { |
Damien Miller | 2deb3f6 | 2001-02-18 12:30:55 +1100 | [diff] [blame^] | 38 | va_list ap; |
| 39 | mode_t mode; |
| 40 | |
| 41 | va_start(ap, flags); |
| 42 | mode = va_arg(ap, mode_t); |
| 43 | va_end(ap); |
Damien Miller | 72c9a7e | 2000-09-24 11:10:13 +1100 | [diff] [blame] | 44 | return open(filename, flags | O_BINARY, mode); |
Damien Miller | bac2d8a | 2000-09-05 16:13:06 +1100 | [diff] [blame] | 45 | } |
| 46 | |
| 47 | int binary_pipe(int fd[2]) |
| 48 | { |
Damien Miller | 72c9a7e | 2000-09-24 11:10:13 +1100 | [diff] [blame] | 49 | int ret = pipe(fd); |
| 50 | |
| 51 | if (!ret) { |
| 52 | setmode (fd[0], O_BINARY); |
| 53 | setmode (fd[1], O_BINARY); |
| 54 | } |
| 55 | return ret; |
Damien Miller | b70b61f | 2000-09-16 16:25:12 +1100 | [diff] [blame] | 56 | } |
| 57 | |
Damien Miller | 72c9a7e | 2000-09-24 11:10:13 +1100 | [diff] [blame] | 58 | int check_nt_auth(int pwd_authenticated, uid_t uid) |
Damien Miller | b70b61f | 2000-09-16 16:25:12 +1100 | [diff] [blame] | 59 | { |
| 60 | /* |
Damien Miller | 72c9a7e | 2000-09-24 11:10:13 +1100 | [diff] [blame] | 61 | * The only authentication which is able to change the user |
| 62 | * context on NT systems is the password authentication. So |
| 63 | * we deny all requsts for changing the user context if another |
| 64 | * authentication method is used. |
| 65 | * This may change in future when a special openssh |
| 66 | * subauthentication package is available. |
| 67 | */ |
Damien Miller | b70b61f | 2000-09-16 16:25:12 +1100 | [diff] [blame] | 68 | if (is_winnt && !pwd_authenticated && geteuid() != uid) |
| 69 | return 0; |
Damien Miller | 72c9a7e | 2000-09-24 11:10:13 +1100 | [diff] [blame] | 70 | |
Damien Miller | b70b61f | 2000-09-16 16:25:12 +1100 | [diff] [blame] | 71 | return 1; |
| 72 | } |
| 73 | |
Damien Miller | 72c9a7e | 2000-09-24 11:10:13 +1100 | [diff] [blame] | 74 | int check_ntsec(const char *filename) |
Damien Miller | b70b61f | 2000-09-16 16:25:12 +1100 | [diff] [blame] | 75 | { |
| 76 | char *cygwin; |
| 77 | int allow_ntea = 0; |
| 78 | int allow_ntsec = 0; |
| 79 | struct statfs fsstat; |
| 80 | |
| 81 | /* Windows 95/98/ME don't support file system security at all. */ |
| 82 | if (!is_winnt) |
| 83 | return 0; |
| 84 | |
| 85 | /* Evaluate current CYGWIN settings. */ |
| 86 | if ((cygwin = getenv("CYGWIN")) != NULL) { |
| 87 | if (strstr(cygwin, "ntea") && !strstr(cygwin, "nontea")) |
| 88 | allow_ntea = 1; |
| 89 | if (strstr(cygwin, "ntsec") && !strstr(cygwin, "nontsec")) |
| 90 | allow_ntsec = 1; |
| 91 | } |
| 92 | |
| 93 | /* |
| 94 | * `ntea' is an emulation of POSIX attributes. It doesn't support |
| 95 | * real file level security as ntsec on NTFS file systems does |
| 96 | * but it supports FAT filesystems. `ntea' is minimum requirement |
| 97 | * for security checks. |
| 98 | */ |
| 99 | if (allow_ntea) |
| 100 | return 1; |
| 101 | |
| 102 | /* |
| 103 | * Retrieve file system flags. In Cygwin, file system flags are |
| 104 | * copied to f_type which has no meaning in Win32 itself. |
| 105 | */ |
| 106 | if (statfs(filename, &fsstat)) |
| 107 | return 1; |
| 108 | |
| 109 | /* |
| 110 | * Only file systems supporting ACLs are able to set permissions. |
| 111 | * `ntsec' is the setting in Cygwin which switches using of NTFS |
| 112 | * ACLs to support POSIX permissions on files. |
| 113 | */ |
| 114 | if (fsstat.f_type & FS_PERSISTENT_ACLS) |
| 115 | return allow_ntsec; |
| 116 | |
| 117 | return 0; |
Damien Miller | bac2d8a | 2000-09-05 16:13:06 +1100 | [diff] [blame] | 118 | } |
Damien Miller | 72c9a7e | 2000-09-24 11:10:13 +1100 | [diff] [blame] | 119 | |
| 120 | #endif /* HAVE_CYGWIN */ |