1 /* 2 * cygwin_util.c 3 * 4 * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com> 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 * 26 * Created: Sat Sep 02 12:17:00 2000 cv 27 * 28 * This file contains functions for forcing opened file descriptors to 29 * binary mode on Windows systems. 30 */ 31 32 #include "includes.h" 33 34 RCSID("$Id: bsd-cygwin_util.c,v 1.8 2002/04/15 22:00:52 stevesk Exp $"); 35 36 #ifdef HAVE_CYGWIN 37 38 #include <fcntl.h> 39 #include <stdlib.h> 40 #include <sys/utsname.h> 41 #include <sys/vfs.h> 42 #include <windows.h> 43 #define is_winnt (GetVersion() < 0x80000000) 44 45 #define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec")) 46 #define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea")) 47 48 #if defined(open) && open == binary_open 49 # undef open 50 #endif 51 #if defined(pipe) && open == binary_pipe 52 # undef pipe 53 #endif 54 55 int binary_open(const char *filename, int flags, ...) 56 { 57 va_list ap; 58 mode_t mode; 59 60 va_start(ap, flags); 61 mode = va_arg(ap, mode_t); 62 va_end(ap); 63 return open(filename, flags | O_BINARY, mode); 64 } 65 66 int binary_pipe(int fd[2]) 67 { 68 int ret = pipe(fd); 69 70 if (!ret) { 71 setmode (fd[0], O_BINARY); 72 setmode (fd[1], O_BINARY); 73 } 74 return ret; 75 } 76 77 int check_nt_auth(int pwd_authenticated, struct passwd *pw) 78 { 79 /* 80 * The only authentication which is able to change the user 81 * context on NT systems is the password authentication. So 82 * we deny all requsts for changing the user context if another 83 * authentication method is used. 84 * 85 * This doesn't apply to Cygwin versions >= 1.3.2 anymore which 86 * uses the undocumented NtCreateToken() call to create a user 87 * token if the process has the appropriate privileges and if 88 * CYGWIN ntsec setting is on. 89 */ 90 static int has_create_token = -1; 91 92 if (pw == NULL) 93 return 0; 94 if (is_winnt) { 95 if (has_create_token < 0) { 96 struct utsname uts; 97 int major_high = 0, major_low = 0, minor = 0; 98 char *cygwin = getenv("CYGWIN"); 99 100 has_create_token = 0; 101 if (ntsec_on(cygwin) && !uname(&uts)) { 102 sscanf(uts.release, "%d.%d.%d", 103 &major_high, &major_low, &minor); 104 if (major_high > 1 || 105 (major_high == 1 && (major_low > 3 || 106 (major_low == 3 && minor >= 2)))) 107 has_create_token = 1; 108 } 109 } 110 if (has_create_token < 1 && 111 !pwd_authenticated && geteuid() != pw->pw_uid) 112 return 0; 113 } 114 return 1; 115 } 116 117 int check_ntsec(const char *filename) 118 { 119 char *cygwin; 120 int allow_ntea = 0; 121 int allow_ntsec = 0; 122 struct statfs fsstat; 123 124 /* Windows 95/98/ME don't support file system security at all. */ 125 if (!is_winnt) 126 return 0; 127 128 /* Evaluate current CYGWIN settings. */ 129 cygwin = getenv("CYGWIN"); 130 allow_ntea = ntea_on(cygwin); 131 allow_ntsec = ntsec_on(cygwin); 132 133 /* 134 * `ntea' is an emulation of POSIX attributes. It doesn't support 135 * real file level security as ntsec on NTFS file systems does 136 * but it supports FAT filesystems. `ntea' is minimum requirement 137 * for security checks. 138 */ 139 if (allow_ntea) 140 return 1; 141 142 /* 143 * Retrieve file system flags. In Cygwin, file system flags are 144 * copied to f_type which has no meaning in Win32 itself. 145 */ 146 if (statfs(filename, &fsstat)) 147 return 1; 148 149 /* 150 * Only file systems supporting ACLs are able to set permissions. 151 * `ntsec' is the setting in Cygwin which switches using of NTFS 152 * ACLs to support POSIX permissions on files. 153 */ 154 if (fsstat.f_type & FS_PERSISTENT_ACLS) 155 return allow_ntsec; 156 157 return 0; 158 } 159 160 void register_9x_service(void) 161 { 162 HINSTANCE kerneldll; 163 DWORD (*RegisterServiceProcess)(DWORD, DWORD); 164 165 /* The service register mechanism in 9x/Me is pretty different from 166 * NT/2K/XP. In NT/2K/XP we're using a special service starter 167 * application to register and control sshd as service. This method 168 * doesn't play nicely with 9x/Me. For that reason we register here 169 * as service when running under 9x/Me. This function is only called 170 * by the child sshd when it's going to daemonize. 171 */ 172 if (is_winnt) 173 return; 174 if (! (kerneldll = LoadLibrary("KERNEL32.DLL"))) 175 return; 176 if (! (RegisterServiceProcess = (DWORD (*)(DWORD, DWORD)) 177 GetProcAddress(kerneldll, "RegisterServiceProcess"))) 178 return; 179 RegisterServiceProcess(0, 1); 180 } 181 182 #endif /* HAVE_CYGWIN */ 183