| /* |
| * |
| * cygwin_util.c |
| * |
| * Author: Corinna Vinschen <vinschen@cygnus.com> |
| * |
| * Copyright (c) 2000 Corinna Vinschen <vinschen@cygnus.com>, Duisburg, Germany |
| * All rights reserved |
| * |
| * Created: Sat Sep 02 12:17:00 2000 cv |
| * |
| * This file contains functions for forcing opened file descriptors to |
| * binary mode on Windows systems. |
| */ |
| |
| #include "includes.h" |
| |
| RCSID("$Id: bsd-cygwin_util.c,v 1.6 2001/11/27 01:19:44 tim Exp $"); |
| |
| #ifdef HAVE_CYGWIN |
| |
| #include <fcntl.h> |
| #include <stdlib.h> |
| #include <sys/utsname.h> |
| #include <sys/vfs.h> |
| #include <windows.h> |
| #define is_winnt (GetVersion() < 0x80000000) |
| |
| #define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec")) |
| #define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea")) |
| |
| #if defined(open) && open == binary_open |
| # undef open |
| #endif |
| #if defined(pipe) && open == binary_pipe |
| # undef pipe |
| #endif |
| |
| int binary_open(const char *filename, int flags, ...) |
| { |
| va_list ap; |
| mode_t mode; |
| |
| va_start(ap, flags); |
| mode = va_arg(ap, mode_t); |
| va_end(ap); |
| return open(filename, flags | O_BINARY, mode); |
| } |
| |
| int binary_pipe(int fd[2]) |
| { |
| int ret = pipe(fd); |
| |
| if (!ret) { |
| setmode (fd[0], O_BINARY); |
| setmode (fd[1], O_BINARY); |
| } |
| return ret; |
| } |
| |
| int check_nt_auth(int pwd_authenticated, uid_t uid) |
| { |
| /* |
| * The only authentication which is able to change the user |
| * context on NT systems is the password authentication. So |
| * we deny all requsts for changing the user context if another |
| * authentication method is used. |
| * |
| * This doesn't apply to Cygwin versions >= 1.3.2 anymore which |
| * uses the undocumented NtCreateToken() call to create a user |
| * token if the process has the appropriate privileges and if |
| * CYGWIN ntsec setting is on. |
| */ |
| static int has_create_token = -1; |
| |
| if (is_winnt) { |
| if (has_create_token < 0) { |
| struct utsname uts; |
| int major_high = 0, major_low = 0, minor = 0; |
| char *cygwin = getenv("CYGWIN"); |
| |
| has_create_token = 0; |
| if (ntsec_on(cygwin) && !uname(&uts)) { |
| sscanf(uts.release, "%d.%d.%d", |
| &major_high, &major_low, &minor); |
| if (major_high > 1 || |
| (major_high == 1 && (major_low > 3 || |
| (major_low == 3 && minor >= 2)))) |
| has_create_token = 1; |
| } |
| } |
| if (has_create_token < 1 && |
| !pwd_authenticated && geteuid() != uid) |
| return 0; |
| } |
| return 1; |
| } |
| |
| int check_ntsec(const char *filename) |
| { |
| char *cygwin; |
| int allow_ntea = 0; |
| int allow_ntsec = 0; |
| struct statfs fsstat; |
| |
| /* Windows 95/98/ME don't support file system security at all. */ |
| if (!is_winnt) |
| return 0; |
| |
| /* Evaluate current CYGWIN settings. */ |
| cygwin = getenv("CYGWIN"); |
| allow_ntea = ntea_on(cygwin); |
| allow_ntsec = ntsec_on(cygwin); |
| |
| /* |
| * `ntea' is an emulation of POSIX attributes. It doesn't support |
| * real file level security as ntsec on NTFS file systems does |
| * but it supports FAT filesystems. `ntea' is minimum requirement |
| * for security checks. |
| */ |
| if (allow_ntea) |
| return 1; |
| |
| /* |
| * Retrieve file system flags. In Cygwin, file system flags are |
| * copied to f_type which has no meaning in Win32 itself. |
| */ |
| if (statfs(filename, &fsstat)) |
| return 1; |
| |
| /* |
| * Only file systems supporting ACLs are able to set permissions. |
| * `ntsec' is the setting in Cygwin which switches using of NTFS |
| * ACLs to support POSIX permissions on files. |
| */ |
| if (fsstat.f_type & FS_PERSISTENT_ACLS) |
| return allow_ntsec; |
| |
| return 0; |
| } |
| |
| void register_9x_service(void) |
| { |
| HINSTANCE kerneldll; |
| DWORD (*RegisterServiceProcess)(DWORD, DWORD); |
| |
| /* The service register mechanism in 9x/Me is pretty different from |
| * NT/2K/XP. In NT/2K/XP we're using a special service starter |
| * application to register and control sshd as service. This method |
| * doesn't play nicely with 9x/Me. For that reason we register here |
| * as service when running under 9x/Me. This function is only called |
| * by the child sshd when it's going to daemonize. |
| */ |
| if (is_winnt) |
| return; |
| if (! (kerneldll = LoadLibrary("KERNEL32.DLL"))) |
| return; |
| if (! (RegisterServiceProcess = (DWORD (*)(DWORD, DWORD)) |
| GetProcAddress(kerneldll, "RegisterServiceProcess"))) |
| return; |
| RegisterServiceProcess(0, 1); |
| } |
| |
| #endif /* HAVE_CYGWIN */ |