bsd-cygwin_util.c revision 181111 
1/*
2 * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com>
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 *    notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 *    notice, this list of conditions and the following disclaimer in the
11 *    documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 *
24 * Created: Sat Sep 02 12:17:00 2000 cv
25 *
26 * This file contains functions for forcing opened file descriptors to
27 * binary mode on Windows systems.
28 */
29
30#include "includes.h"
31
32#ifdef HAVE_CYGWIN
33
34#if defined(open) && open == binary_open
35# undef open
36#endif
37#if defined(pipe) && open == binary_pipe
38# undef pipe
39#endif
40
41#include <sys/types.h>
42#include <sys/stat.h>
43#include <sys/utsname.h>
44#include <sys/vfs.h>
45
46#include <fcntl.h>
47#include <stdlib.h>
48#include <unistd.h>
49#include <windows.h>
50
51#include "xmalloc.h"
52#define is_winnt       (GetVersion() < 0x80000000)
53
54#define ntsec_on(c)	((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
55#define ntsec_off(c)	((c) && strstr((c),"nontsec"))
56#define ntea_on(c)	((c) && strstr((c),"ntea") && !strstr((c),"nontea"))
57
58int
59binary_open(const char *filename, int flags, ...)
60{
61	va_list ap;
62	mode_t mode;
63
64	va_start(ap, flags);
65	mode = va_arg(ap, mode_t);
66	va_end(ap);
67	return (open(filename, flags | O_BINARY, mode));
68}
69
70int
71binary_pipe(int fd[2])
72{
73	int ret = pipe(fd);
74
75	if (!ret) {
76		setmode(fd[0], O_BINARY);
77		setmode(fd[1], O_BINARY);
78	}
79	return (ret);
80}
81
82#define HAS_CREATE_TOKEN 1
83#define HAS_NTSEC_BY_DEFAULT 2
84#define HAS_CREATE_TOKEN_WO_NTSEC 3
85
86static int
87has_capability(int what)
88{
89	static int inited;
90	static int has_create_token;
91	static int has_ntsec_by_default;
92	static int has_create_token_wo_ntsec;
93
94	/*
95	 * has_capability() basically calls uname() and checks if
96	 * specific capabilities of Cygwin can be evaluated from that.
97	 * This simplifies the calling functions which only have to ask
98	 * for a capability using has_capability() instead of having
99	 * to figure that out by themselves.
100	 */
101	if (!inited) {
102		struct utsname uts;
103
104		if (!uname(&uts)) {
105			int major_high = 0, major_low = 0, minor = 0;
106			int api_major_version = 0, api_minor_version = 0;
107			char *c;
108
109			sscanf(uts.release, "%d.%d.%d", &major_high,
110			    &major_low, &minor);
111			if ((c = strchr(uts.release, '(')) != NULL) {
112				sscanf(c + 1, "%d.%d", &api_major_version,
113				    &api_minor_version);
114			}
115			if (major_high > 1 ||
116			    (major_high == 1 && (major_low > 3 ||
117			    (major_low == 3 && minor >= 2))))
118				has_create_token = 1;
119			if (api_major_version > 0 || api_minor_version >= 56)
120				has_ntsec_by_default = 1;
121			if (major_high > 1 ||
122			    (major_high == 1 && major_low >= 5))
123				has_create_token_wo_ntsec = 1;
124			inited = 1;
125		}
126	}
127	switch (what) {
128	case HAS_CREATE_TOKEN:
129		return (has_create_token);
130	case HAS_NTSEC_BY_DEFAULT:
131		return (has_ntsec_by_default);
132	case HAS_CREATE_TOKEN_WO_NTSEC:
133		return (has_create_token_wo_ntsec);
134	}
135	return (0);
136}
137
138int
139check_nt_auth(int pwd_authenticated, struct passwd *pw)
140{
141	/*
142	* The only authentication which is able to change the user
143	* context on NT systems is the password authentication. So
144	* we deny all requsts for changing the user context if another
145	* authentication method is used.
146	*
147	* This doesn't apply to Cygwin versions >= 1.3.2 anymore which
148	* uses the undocumented NtCreateToken() call to create a user
149	* token if the process has the appropriate privileges and if
150	* CYGWIN ntsec setting is on.
151	*/
152	static int has_create_token = -1;
153
154	if (pw == NULL)
155		return 0;
156	if (is_winnt) {
157		if (has_create_token < 0) {
158			char *cygwin = getenv("CYGWIN");
159
160			has_create_token = 0;
161			if (has_capability(HAS_CREATE_TOKEN) &&
162			    (ntsec_on(cygwin) ||
163			    (has_capability(HAS_NTSEC_BY_DEFAULT) &&
164			     !ntsec_off(cygwin)) ||
165			     has_capability(HAS_CREATE_TOKEN_WO_NTSEC)))
166				has_create_token = 1;
167		}
168		if (has_create_token < 1 &&
169		    !pwd_authenticated && geteuid() != pw->pw_uid)
170			return (0);
171	}
172	return (1);
173}
174
175int
176check_ntsec(const char *filename)
177{
178	return (pathconf(filename, _PC_POSIX_PERMISSIONS));
179}
180
181void
182register_9x_service(void)
183{
184        HINSTANCE kerneldll;
185        DWORD (*RegisterServiceProcess)(DWORD, DWORD);
186
187	/* The service register mechanism in 9x/Me is pretty different from
188	 * NT/2K/XP.  In NT/2K/XP we're using a special service starter
189	 * application to register and control sshd as service.  This method
190	 * doesn't play nicely with 9x/Me.  For that reason we register here
191	 * as service when running under 9x/Me.  This function is only called
192	 * by the child sshd when it's going to daemonize.
193	 */
194	if (is_winnt)
195		return;
196	if (!(kerneldll = LoadLibrary("KERNEL32.DLL")))
197		return;
198	if (!(RegisterServiceProcess = (DWORD (*)(DWORD, DWORD))
199		GetProcAddress(kerneldll, "RegisterServiceProcess")))
200		return;
201	RegisterServiceProcess(0, 1);
202}
203
204#define NL(x) x, (sizeof (x) - 1)
205#define WENV_SIZ (sizeof (wenv_arr) / sizeof (wenv_arr[0]))
206
207static struct wenv {
208	const char *name;
209	size_t namelen;
210} wenv_arr[] = {
211	{ NL("ALLUSERSPROFILE=") },
212	{ NL("COMMONPROGRAMFILES=") },
213	{ NL("COMPUTERNAME=") },
214	{ NL("COMSPEC=") },
215	{ NL("CYGWIN=") },
216	{ NL("NUMBER_OF_PROCESSORS=") },
217	{ NL("OS=") },
218	{ NL("PATH=") },
219	{ NL("PATHEXT=") },
220	{ NL("PROCESSOR_ARCHITECTURE=") },
221	{ NL("PROCESSOR_IDENTIFIER=") },
222	{ NL("PROCESSOR_LEVEL=") },
223	{ NL("PROCESSOR_REVISION=") },
224	{ NL("PROGRAMFILES=") },
225	{ NL("SYSTEMDRIVE=") },
226	{ NL("SYSTEMROOT=") },
227	{ NL("TMP=") },
228	{ NL("TEMP=") },
229	{ NL("WINDIR=") }
230};
231
232char **
233fetch_windows_environment(void)
234{
235	char **e, **p;
236	unsigned int i, idx = 0;
237
238	p = xcalloc(WENV_SIZ + 1, sizeof(char *));
239	for (e = environ; *e != NULL; ++e) {
240		for (i = 0; i < WENV_SIZ; ++i) {
241			if (!strncmp(*e, wenv_arr[i].name, wenv_arr[i].namelen))
242				p[idx++] = *e;
243		}
244	}
245	p[idx] = NULL;
246	return p;
247}
248
249void
250free_windows_environment(char **p)
251{
252	xfree(p);
253}
254
255#endif /* HAVE_CYGWIN */
256