2 * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com>
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 * Created: Sat Sep 02 12:17:00 2000 cv
26 * This file contains functions for forcing opened file descriptors to
27 * binary mode on Windows systems.
32 RCSID("$Id: bsd-cygwin_util.c,v 1.14 2005/05/25 09:42:11 dtucker Exp $");
38 #include <sys/utsname.h>
42 #define is_winnt (GetVersion() < 0x80000000)
44 #define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
45 #define ntsec_off(c) ((c) && strstr((c),"nontsec"))
46 #define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea"))
48 #if defined(open) && open == binary_open
51 #if defined(pipe) && open == binary_pipe
56 binary_open(const char *filename, int flags, ...)
62 mode = va_arg(ap, mode_t);
64 return (open(filename, flags | O_BINARY, mode));
68 binary_pipe(int fd[2])
73 setmode(fd[0], O_BINARY);
74 setmode(fd[1], O_BINARY);
79 #define HAS_CREATE_TOKEN 1
80 #define HAS_NTSEC_BY_DEFAULT 2
81 #define HAS_CREATE_TOKEN_WO_NTSEC 3
84 has_capability(int what)
87 static int has_create_token;
88 static int has_ntsec_by_default;
89 static int has_create_token_wo_ntsec;
92 * has_capability() basically calls uname() and checks if
93 * specific capabilities of Cygwin can be evaluated from that.
94 * This simplifies the calling functions which only have to ask
95 * for a capability using has_capability() instead of having
96 * to figure that out by themselves.
102 int major_high = 0, major_low = 0, minor = 0;
103 int api_major_version = 0, api_minor_version = 0;
106 sscanf(uts.release, "%d.%d.%d", &major_high,
108 if ((c = strchr(uts.release, '(')) != NULL) {
109 sscanf(c + 1, "%d.%d", &api_major_version,
112 if (major_high > 1 ||
113 (major_high == 1 && (major_low > 3 ||
114 (major_low == 3 && minor >= 2))))
115 has_create_token = 1;
116 if (api_major_version > 0 || api_minor_version >= 56)
117 has_ntsec_by_default = 1;
118 if (major_high > 1 ||
119 (major_high == 1 && major_low >= 5))
120 has_create_token_wo_ntsec = 1;
125 case HAS_CREATE_TOKEN:
126 return (has_create_token);
127 case HAS_NTSEC_BY_DEFAULT:
128 return (has_ntsec_by_default);
129 case HAS_CREATE_TOKEN_WO_NTSEC:
130 return (has_create_token_wo_ntsec);
136 check_nt_auth(int pwd_authenticated, struct passwd *pw)
139 * The only authentication which is able to change the user
140 * context on NT systems is the password authentication. So
141 * we deny all requsts for changing the user context if another
142 * authentication method is used.
144 * This doesn't apply to Cygwin versions >= 1.3.2 anymore which
145 * uses the undocumented NtCreateToken() call to create a user
146 * token if the process has the appropriate privileges and if
147 * CYGWIN ntsec setting is on.
149 static int has_create_token = -1;
154 if (has_create_token < 0) {
155 char *cygwin = getenv("CYGWIN");
157 has_create_token = 0;
158 if (has_capability(HAS_CREATE_TOKEN) &&
160 (has_capability(HAS_NTSEC_BY_DEFAULT) &&
161 !ntsec_off(cygwin)) ||
162 has_capability(HAS_CREATE_TOKEN_WO_NTSEC)))
163 has_create_token = 1;
165 if (has_create_token < 1 &&
166 !pwd_authenticated && geteuid() != pw->pw_uid)
173 check_ntsec(const char *filename)
176 int allow_ntea = 0, allow_ntsec = 0;
177 struct statfs fsstat;
179 /* Windows 95/98/ME don't support file system security at all. */
183 /* Evaluate current CYGWIN settings. */
184 cygwin = getenv("CYGWIN");
185 allow_ntea = ntea_on(cygwin);
186 allow_ntsec = ntsec_on(cygwin) ||
187 (has_capability(HAS_NTSEC_BY_DEFAULT) && !ntsec_off(cygwin));
190 * `ntea' is an emulation of POSIX attributes. It doesn't support
191 * real file level security as ntsec on NTFS file systems does
192 * but it supports FAT filesystems. `ntea' is minimum requirement
193 * for security checks.
199 * Retrieve file system flags. In Cygwin, file system flags are
200 * copied to f_type which has no meaning in Win32 itself.
202 if (statfs(filename, &fsstat))
206 * Only file systems supporting ACLs are able to set permissions.
207 * `ntsec' is the setting in Cygwin which switches using of NTFS
208 * ACLs to support POSIX permissions on files.
210 if (fsstat.f_type & FS_PERSISTENT_ACLS)
211 return (allow_ntsec);
217 register_9x_service(void)
220 DWORD (*RegisterServiceProcess)(DWORD, DWORD);
222 /* The service register mechanism in 9x/Me is pretty different from
223 * NT/2K/XP. In NT/2K/XP we're using a special service starter
224 * application to register and control sshd as service. This method
225 * doesn't play nicely with 9x/Me. For that reason we register here
226 * as service when running under 9x/Me. This function is only called
227 * by the child sshd when it's going to daemonize.
231 if (!(kerneldll = LoadLibrary("KERNEL32.DLL")))
233 if (!(RegisterServiceProcess = (DWORD (*)(DWORD, DWORD))
234 GetProcAddress(kerneldll, "RegisterServiceProcess")))
236 RegisterServiceProcess(0, 1);
239 #define NL(x) x, (sizeof (x) - 1)
240 #define WENV_SIZ (sizeof (wenv_arr) / sizeof (wenv_arr[0]))
246 { NL("ALLUSERSPROFILE=") },
247 { NL("COMMONPROGRAMFILES=") },
248 { NL("COMPUTERNAME=") },
251 { NL("NUMBER_OF_PROCESSORS=") },
255 { NL("PROCESSOR_ARCHITECTURE=") },
256 { NL("PROCESSOR_IDENTIFIER=") },
257 { NL("PROCESSOR_LEVEL=") },
258 { NL("PROCESSOR_REVISION=") },
259 { NL("PROGRAMFILES=") },
260 { NL("SYSTEMDRIVE=") },
261 { NL("SYSTEMROOT=") },
268 fetch_windows_environment(void)
273 p = xmalloc((WENV_SIZ + 1) * sizeof(char *));
274 for (e = environ; *e != NULL; ++e) {
275 for (i = 0; i < WENV_SIZ; ++i) {
276 if (!strncmp(*e, wenv_arr[i].name, wenv_arr[i].namelen))
285 free_windows_environment(char **p)
290 #endif /* HAVE_CYGWIN */