1 /* 2 * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com> 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 * 24 * Created: Sat Sep 02 12:17:00 2000 cv 25 * 26 * This file contains functions for forcing opened file descriptors to 27 * binary mode on Windows systems. 28 */ 29 30 #include "includes.h" 31 32 RCSID("$Id: bsd-cygwin_util.c,v 1.11 2003/08/07 06:23:43 dtucker Exp $"); 33 34 #ifdef HAVE_CYGWIN 35 36 #include <fcntl.h> 37 #include <stdlib.h> 38 #include <sys/utsname.h> 39 #include <sys/vfs.h> 40 #include <windows.h> 41 #define is_winnt (GetVersion() < 0x80000000) 42 43 #define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec")) 44 #define ntsec_off(c) ((c) && strstr((c),"nontsec")) 45 #define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea")) 46 47 #if defined(open) && open == binary_open 48 # undef open 49 #endif 50 #if defined(pipe) && open == binary_pipe 51 # undef pipe 52 #endif 53 54 int 55 binary_open(const char *filename, int flags, ...) 56 { 57 va_list ap; 58 mode_t mode; 59 60 va_start(ap, flags); 61 mode = va_arg(ap, mode_t); 62 va_end(ap); 63 return (open(filename, flags | O_BINARY, mode)); 64 } 65 66 int 67 binary_pipe(int fd[2]) 68 { 69 int ret = pipe(fd); 70 71 if (!ret) { 72 setmode(fd[0], O_BINARY); 73 setmode(fd[1], O_BINARY); 74 } 75 return (ret); 76 } 77 78 #define HAS_CREATE_TOKEN 1 79 #define HAS_NTSEC_BY_DEFAULT 2 80 81 static int 82 has_capability(int what) 83 { 84 static int inited; 85 static int has_create_token; 86 static int has_ntsec_by_default; 87 88 /* 89 * has_capability() basically calls uname() and checks if 90 * specific capabilities of Cygwin can be evaluated from that. 91 * This simplifies the calling functions which only have to ask 92 * for a capability using has_capability() instead of having 93 * to figure that out by themselves. 94 */ 95 if (!inited) { 96 struct utsname uts; 97 char *c; 98 99 if (!uname(&uts)) { 100 int major_high = 0, major_low = 0, minor = 0; 101 int api_major_version = 0, api_minor_version = 0; 102 char *c; 103 104 sscanf(uts.release, "%d.%d.%d", &major_high, 105 &major_low, &minor); 106 if ((c = strchr(uts.release, '(')) != NULL) { 107 sscanf(c + 1, "%d.%d", &api_major_version, 108 &api_minor_version); 109 } 110 if (major_high > 1 || 111 (major_high == 1 && (major_low > 3 || 112 (major_low == 3 && minor >= 2)))) 113 has_create_token = 1; 114 if (api_major_version > 0 || api_minor_version >= 56) 115 has_ntsec_by_default = 1; 116 inited = 1; 117 } 118 } 119 switch (what) { 120 case HAS_CREATE_TOKEN: 121 return (has_create_token); 122 case HAS_NTSEC_BY_DEFAULT: 123 return (has_ntsec_by_default); 124 } 125 return (0); 126 } 127 128 int 129 check_nt_auth(int pwd_authenticated, struct passwd *pw) 130 { 131 /* 132 * The only authentication which is able to change the user 133 * context on NT systems is the password authentication. So 134 * we deny all requsts for changing the user context if another 135 * authentication method is used. 136 * 137 * This doesn't apply to Cygwin versions >= 1.3.2 anymore which 138 * uses the undocumented NtCreateToken() call to create a user 139 * token if the process has the appropriate privileges and if 140 * CYGWIN ntsec setting is on. 141 */ 142 static int has_create_token = -1; 143 144 if (pw == NULL) 145 return 0; 146 if (is_winnt) { 147 if (has_create_token < 0) { 148 char *cygwin = getenv("CYGWIN"); 149 150 has_create_token = 0; 151 if (has_capability(HAS_CREATE_TOKEN) && 152 (ntsec_on(cygwin) || 153 (has_capability(HAS_NTSEC_BY_DEFAULT) && 154 !ntsec_off(cygwin)))) 155 has_create_token = 1; 156 } 157 if (has_create_token < 1 && 158 !pwd_authenticated && geteuid() != pw->pw_uid) 159 return (0); 160 } 161 return (1); 162 } 163 164 int 165 check_ntsec(const char *filename) 166 { 167 char *cygwin; 168 int allow_ntea = 0, allow_ntsec = 0; 169 struct statfs fsstat; 170 171 /* Windows 95/98/ME don't support file system security at all. */ 172 if (!is_winnt) 173 return (0); 174 175 /* Evaluate current CYGWIN settings. */ 176 cygwin = getenv("CYGWIN"); 177 allow_ntea = ntea_on(cygwin); 178 allow_ntsec = ntsec_on(cygwin) || 179 (has_capability(HAS_NTSEC_BY_DEFAULT) && !ntsec_off(cygwin)); 180 181 /* 182 * `ntea' is an emulation of POSIX attributes. It doesn't support 183 * real file level security as ntsec on NTFS file systems does 184 * but it supports FAT filesystems. `ntea' is minimum requirement 185 * for security checks. 186 */ 187 if (allow_ntea) 188 return (1); 189 190 /* 191 * Retrieve file system flags. In Cygwin, file system flags are 192 * copied to f_type which has no meaning in Win32 itself. 193 */ 194 if (statfs(filename, &fsstat)) 195 return (1); 196 197 /* 198 * Only file systems supporting ACLs are able to set permissions. 199 * `ntsec' is the setting in Cygwin which switches using of NTFS 200 * ACLs to support POSIX permissions on files. 201 */ 202 if (fsstat.f_type & FS_PERSISTENT_ACLS) 203 return (allow_ntsec); 204 205 return (0); 206 } 207 208 void 209 register_9x_service(void) 210 { 211 HINSTANCE kerneldll; 212 DWORD (*RegisterServiceProcess)(DWORD, DWORD); 213 214 /* The service register mechanism in 9x/Me is pretty different from 215 * NT/2K/XP. In NT/2K/XP we're using a special service starter 216 * application to register and control sshd as service. This method 217 * doesn't play nicely with 9x/Me. For that reason we register here 218 * as service when running under 9x/Me. This function is only called 219 * by the child sshd when it's going to daemonize. 220 */ 221 if (is_winnt) 222 return; 223 if (!(kerneldll = LoadLibrary("KERNEL32.DLL"))) 224 return; 225 if (!(RegisterServiceProcess = (DWORD (*)(DWORD, DWORD)) 226 GetProcAddress(kerneldll, "RegisterServiceProcess"))) 227 return; 228 RegisterServiceProcess(0, 1); 229 } 230 231 #endif /* HAVE_CYGWIN */ 232