1 /* 2 * cygwin_util.c 3 * 4 * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com> 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 * 26 * Created: Sat Sep 02 12:17:00 2000 cv 27 * 28 * This file contains functions for forcing opened file descriptors to 29 * binary mode on Windows systems. 30 */ 31 32 #include "includes.h" 33 34 RCSID("$Id: bsd-cygwin_util.c,v 1.8 2002/04/15 22:00:52 stevesk Exp $"); 35 36 #pragma ident "%Z%%M% %I% %E% SMI" 37 38 #ifdef HAVE_CYGWIN 39 40 #include <fcntl.h> 41 #include <stdlib.h> 42 #include <sys/utsname.h> 43 #include <sys/vfs.h> 44 #include <windows.h> 45 #define is_winnt (GetVersion() < 0x80000000) 46 47 #define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec")) 48 #define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea")) 49 50 #if defined(open) && open == binary_open 51 # undef open 52 #endif 53 #if defined(pipe) && open == binary_pipe 54 # undef pipe 55 #endif 56 57 int binary_open(const char *filename, int flags, ...) 58 { 59 va_list ap; 60 mode_t mode; 61 62 va_start(ap, flags); 63 mode = va_arg(ap, mode_t); 64 va_end(ap); 65 return open(filename, flags | O_BINARY, mode); 66 } 67 68 int binary_pipe(int fd[2]) 69 { 70 int ret = pipe(fd); 71 72 if (!ret) { 73 setmode (fd[0], O_BINARY); 74 setmode (fd[1], O_BINARY); 75 } 76 return ret; 77 } 78 79 int check_nt_auth(int pwd_authenticated, struct passwd *pw) 80 { 81 /* 82 * The only authentication which is able to change the user 83 * context on NT systems is the password authentication. So 84 * we deny all requsts for changing the user context if another 85 * authentication method is used. 86 * 87 * This doesn't apply to Cygwin versions >= 1.3.2 anymore which 88 * uses the undocumented NtCreateToken() call to create a user 89 * token if the process has the appropriate privileges and if 90 * CYGWIN ntsec setting is on. 91 */ 92 static int has_create_token = -1; 93 94 if (pw == NULL) 95 return 0; 96 if (is_winnt) { 97 if (has_create_token < 0) { 98 struct utsname uts; 99 int major_high = 0, major_low = 0, minor = 0; 100 char *cygwin = getenv("CYGWIN"); 101 102 has_create_token = 0; 103 if (ntsec_on(cygwin) && !uname(&uts)) { 104 sscanf(uts.release, "%d.%d.%d", 105 &major_high, &major_low, &minor); 106 if (major_high > 1 || 107 (major_high == 1 && (major_low > 3 || 108 (major_low == 3 && minor >= 2)))) 109 has_create_token = 1; 110 } 111 } 112 if (has_create_token < 1 && 113 !pwd_authenticated && geteuid() != pw->pw_uid) 114 return 0; 115 } 116 return 1; 117 } 118 119 int check_ntsec(const char *filename) 120 { 121 char *cygwin; 122 int allow_ntea = 0; 123 int allow_ntsec = 0; 124 struct statfs fsstat; 125 126 /* Windows 95/98/ME don't support file system security at all. */ 127 if (!is_winnt) 128 return 0; 129 130 /* Evaluate current CYGWIN settings. */ 131 cygwin = getenv("CYGWIN"); 132 allow_ntea = ntea_on(cygwin); 133 allow_ntsec = ntsec_on(cygwin); 134 135 /* 136 * `ntea' is an emulation of POSIX attributes. It doesn't support 137 * real file level security as ntsec on NTFS file systems does 138 * but it supports FAT filesystems. `ntea' is minimum requirement 139 * for security checks. 140 */ 141 if (allow_ntea) 142 return 1; 143 144 /* 145 * Retrieve file system flags. In Cygwin, file system flags are 146 * copied to f_type which has no meaning in Win32 itself. 147 */ 148 if (statfs(filename, &fsstat)) 149 return 1; 150 151 /* 152 * Only file systems supporting ACLs are able to set permissions. 153 * `ntsec' is the setting in Cygwin which switches using of NTFS 154 * ACLs to support POSIX permissions on files. 155 */ 156 if (fsstat.f_type & FS_PERSISTENT_ACLS) 157 return allow_ntsec; 158 159 return 0; 160 } 161 162 void register_9x_service(void) 163 { 164 HINSTANCE kerneldll; 165 DWORD (*RegisterServiceProcess)(DWORD, DWORD); 166 167 /* The service register mechanism in 9x/Me is pretty different from 168 * NT/2K/XP. In NT/2K/XP we're using a special service starter 169 * application to register and control sshd as service. This method 170 * doesn't play nicely with 9x/Me. For that reason we register here 171 * as service when running under 9x/Me. This function is only called 172 * by the child sshd when it's going to daemonize. 173 */ 174 if (is_winnt) 175 return; 176 if (! (kerneldll = LoadLibrary("KERNEL32.DLL"))) 177 return; 178 if (! (RegisterServiceProcess = (DWORD (*)(DWORD, DWORD)) 179 GetProcAddress(kerneldll, "RegisterServiceProcess"))) 180 return; 181 RegisterServiceProcess(0, 1); 182 } 183 184 #endif /* HAVE_CYGWIN */