Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / fe1d100ffdf3595f3aaddc02efbf0b49a265d90c / . / openbsd-compat / bsd-cygwin_util.c
blob: 6d6aafa4ff17c331677cb102836b868bf095fa90 [file] [log] [blame]
Damien Millerbac2d8a2000-09-05 16:13:06 +1100[diff] [blame]1/*
2 *
3 * cygwin_util.c
4 *
5 * Author: Corinna Vinschen <vinschen@cygnus.com>
6 *
7 * Copyright (c) 2000 Corinna Vinschen <vinschen@cygnus.com>, Duisburg, Germany
8 * All rights reserved
9 *
10 * Created: Sat Sep 02 12:17:00 2000 cv
11 *
12 * This file contains functions for forcing opened file descriptors to
13 * binary mode on Windows systems.
14 */
15
Damien Millere9cf3572001-02-09 12:55:35 +1100[diff] [blame]16#include "includes.h"
17
Tim Ricefe1d1002001-11-26 17:19:43 -0800[diff] [blame^]18RCSID("$Id: bsd-cygwin_util.c,v 1.6 2001/11/27 01:19:44 tim Exp $");
Damien Millerbac2d8a2000-09-05 16:13:06 +1100[diff] [blame]19
20#ifdef HAVE_CYGWIN
Damien Miller72c9a7e2000-09-24 11:10:13 +1100[diff] [blame]21
Damien Millerbac2d8a2000-09-05 16:13:06 +1100[diff] [blame]22#include <fcntl.h>
Damien Millerb70b61f2000-09-16 16:25:12 +1100[diff] [blame]23#include <stdlib.h>
Ben Lindstromcff94be2001-07-18 16:19:48 +0000[diff] [blame]24#include <sys/utsname.h>
Damien Millerb70b61f2000-09-16 16:25:12 +1100[diff] [blame]25#include <sys/vfs.h>
26#include <windows.h>
27#define is_winnt (GetVersion() < 0x80000000)
Damien Millerbac2d8a2000-09-05 16:13:06 +1100[diff] [blame]28
Ben Lindstromcff94be2001-07-18 16:19:48 +0000[diff] [blame]29#define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
30#define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea"))
31
Damien Miller2deb3f62001-02-18 12:30:55 +1100[diff] [blame]32#if defined(open) && open == binary_open
33# undef open
34#endif
35#if defined(pipe) && open == binary_pipe
36# undef pipe
37#endif
38
39int binary_open(const char *filename, int flags, ...)
Damien Millerbac2d8a2000-09-05 16:13:06 +1100[diff] [blame]40{
Damien Miller2deb3f62001-02-18 12:30:55 +1100[diff] [blame]41 va_list ap;
42 mode_t mode;
43
44 va_start(ap, flags);
45 mode = va_arg(ap, mode_t);
46 va_end(ap);
Damien Miller72c9a7e2000-09-24 11:10:13 +1100[diff] [blame]47 return open(filename, flags | O_BINARY, mode);
Damien Millerbac2d8a2000-09-05 16:13:06 +1100[diff] [blame]48}
49
50int binary_pipe(int fd[2])
51{
Damien Miller72c9a7e2000-09-24 11:10:13 +1100[diff] [blame]52 int ret = pipe(fd);
53
54 if (!ret) {
55 setmode (fd[0], O_BINARY);
56 setmode (fd[1], O_BINARY);
57 }
58 return ret;
Damien Millerb70b61f2000-09-16 16:25:12 +1100[diff] [blame]59}
60
Damien Miller72c9a7e2000-09-24 11:10:13 +1100[diff] [blame]61int check_nt_auth(int pwd_authenticated, uid_t uid)
Damien Millerb70b61f2000-09-16 16:25:12 +1100[diff] [blame]62{
63 /*
Damien Miller72c9a7e2000-09-24 11:10:13 +1100[diff] [blame]64 * The only authentication which is able to change the user
65 * context on NT systems is the password authentication. So
66 * we deny all requsts for changing the user context if another
67 * authentication method is used.
Ben Lindstromcff94be2001-07-18 16:19:48 +0000[diff] [blame]68 *
69 * This doesn't apply to Cygwin versions >= 1.3.2 anymore which
70 * uses the undocumented NtCreateToken() call to create a user
71 * token if the process has the appropriate privileges and if
72 * CYGWIN ntsec setting is on.
Damien Miller72c9a7e2000-09-24 11:10:13 +1100[diff] [blame]73 */
Ben Lindstromcff94be2001-07-18 16:19:48 +0000[diff] [blame]74 static int has_create_token = -1;
75
76 if (is_winnt) {
77 if (has_create_token < 0) {
78 struct utsname uts;
79 int major_high = 0, major_low = 0, minor = 0;
80 char *cygwin = getenv("CYGWIN");
81
82 has_create_token = 0;
83 if (ntsec_on(cygwin) && !uname(&uts)) {
84 sscanf(uts.release, "%d.%d.%d",
85 &major_high, &major_low, &minor);
86 if (major_high > 1 ||
87 (major_high == 1 && (major_low > 3 ||
88 (major_low == 3 && minor >= 2))))
89 has_create_token = 1;
90 }
91 }
92 if (has_create_token < 1 &&
93 !pwd_authenticated && geteuid() != uid)
94 return 0;
95 }
Damien Millerb70b61f2000-09-16 16:25:12 +1100[diff] [blame]96 return 1;
97}
98
Damien Miller72c9a7e2000-09-24 11:10:13 +1100[diff] [blame]99int check_ntsec(const char *filename)
Damien Millerb70b61f2000-09-16 16:25:12 +1100[diff] [blame]100{
101 char *cygwin;
102 int allow_ntea = 0;
103 int allow_ntsec = 0;
104 struct statfs fsstat;
105
106 /* Windows 95/98/ME don't support file system security at all. */
107 if (!is_winnt)
108 return 0;
109
110 /* Evaluate current CYGWIN settings. */
Ben Lindstromcff94be2001-07-18 16:19:48 +0000[diff] [blame]111 cygwin = getenv("CYGWIN");
112 allow_ntea = ntea_on(cygwin);
113 allow_ntsec = ntsec_on(cygwin);
Damien Millerb70b61f2000-09-16 16:25:12 +1100[diff] [blame]114
115 /*
116 * `ntea' is an emulation of POSIX attributes. It doesn't support
117 * real file level security as ntsec on NTFS file systems does
118 * but it supports FAT filesystems. `ntea' is minimum requirement
119 * for security checks.
120 */
121 if (allow_ntea)
122 return 1;
123
124 /*
125 * Retrieve file system flags. In Cygwin, file system flags are
126 * copied to f_type which has no meaning in Win32 itself.
127 */
128 if (statfs(filename, &fsstat))
129 return 1;
130
131 /*
132 * Only file systems supporting ACLs are able to set permissions.
133 * `ntsec' is the setting in Cygwin which switches using of NTFS
134 * ACLs to support POSIX permissions on files.
135 */
136 if (fsstat.f_type & FS_PERSISTENT_ACLS)
137 return allow_ntsec;
138
139 return 0;
Damien Millerbac2d8a2000-09-05 16:13:06 +1100[diff] [blame]140}
Damien Miller72c9a7e2000-09-24 11:10:13 +1100[diff] [blame]141
Tim Ricefe1d1002001-11-26 17:19:43 -0800[diff] [blame^]142void register_9x_service(void)
143{
144 HINSTANCE kerneldll;
145 DWORD (*RegisterServiceProcess)(DWORD, DWORD);
146
147 /* The service register mechanism in 9x/Me is pretty different from
148 * NT/2K/XP. In NT/2K/XP we're using a special service starter
149 * application to register and control sshd as service. This method
150 * doesn't play nicely with 9x/Me. For that reason we register here
151 * as service when running under 9x/Me. This function is only called
152 * by the child sshd when it's going to daemonize.
153 */
154 if (is_winnt)
155 return;
156 if (! (kerneldll = LoadLibrary("KERNEL32.DLL")))
157 return;
158 if (! (RegisterServiceProcess = (DWORD (*)(DWORD, DWORD))
159 GetProcAddress(kerneldll, "RegisterServiceProcess")))
160 return;
161 RegisterServiceProcess(0, 1);
162}
163
Damien Miller72c9a7e2000-09-24 11:10:13 +1100[diff] [blame]164#endif /* HAVE_CYGWIN */