diff options
Diffstat (limited to 'openbsd-compat/bsd-cygwin_util.c')
-rw-r--r-- | openbsd-compat/bsd-cygwin_util.c | 124 |
1 files changed, 0 insertions, 124 deletions
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c index 38be7e350..e90c1597f 100644 --- a/openbsd-compat/bsd-cygwin_util.c +++ b/openbsd-compat/bsd-cygwin_util.c | |||
@@ -39,9 +39,6 @@ | |||
39 | #endif | 39 | #endif |
40 | 40 | ||
41 | #include <sys/types.h> | 41 | #include <sys/types.h> |
42 | #include <sys/stat.h> | ||
43 | #include <sys/utsname.h> | ||
44 | #include <sys/vfs.h> | ||
45 | 42 | ||
46 | #include <fcntl.h> | 43 | #include <fcntl.h> |
47 | #include <stdlib.h> | 44 | #include <stdlib.h> |
@@ -49,11 +46,6 @@ | |||
49 | #include <windows.h> | 46 | #include <windows.h> |
50 | 47 | ||
51 | #include "xmalloc.h" | 48 | #include "xmalloc.h" |
52 | #define is_winnt (GetVersion() < 0x80000000) | ||
53 | |||
54 | #define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec")) | ||
55 | #define ntsec_off(c) ((c) && strstr((c),"nontsec")) | ||
56 | #define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea")) | ||
57 | 49 | ||
58 | int | 50 | int |
59 | binary_open(const char *filename, int flags, ...) | 51 | binary_open(const char *filename, int flags, ...) |
@@ -79,128 +71,12 @@ binary_pipe(int fd[2]) | |||
79 | return (ret); | 71 | return (ret); |
80 | } | 72 | } |
81 | 73 | ||
82 | #define HAS_CREATE_TOKEN 1 | ||
83 | #define HAS_NTSEC_BY_DEFAULT 2 | ||
84 | #define HAS_CREATE_TOKEN_WO_NTSEC 3 | ||
85 | |||
86 | static int | ||
87 | has_capability(int what) | ||
88 | { | ||
89 | static int inited; | ||
90 | static int has_create_token; | ||
91 | static int has_ntsec_by_default; | ||
92 | static int has_create_token_wo_ntsec; | ||
93 | |||
94 | /* | ||
95 | * has_capability() basically calls uname() and checks if | ||
96 | * specific capabilities of Cygwin can be evaluated from that. | ||
97 | * This simplifies the calling functions which only have to ask | ||
98 | * for a capability using has_capability() instead of having | ||
99 | * to figure that out by themselves. | ||
100 | */ | ||
101 | if (!inited) { | ||
102 | struct utsname uts; | ||
103 | |||
104 | if (!uname(&uts)) { | ||
105 | int major_high = 0, major_low = 0, minor = 0; | ||
106 | int api_major_version = 0, api_minor_version = 0; | ||
107 | char *c; | ||
108 | |||
109 | sscanf(uts.release, "%d.%d.%d", &major_high, | ||
110 | &major_low, &minor); | ||
111 | if ((c = strchr(uts.release, '(')) != NULL) { | ||
112 | sscanf(c + 1, "%d.%d", &api_major_version, | ||
113 | &api_minor_version); | ||
114 | } | ||
115 | if (major_high > 1 || | ||
116 | (major_high == 1 && (major_low > 3 || | ||
117 | (major_low == 3 && minor >= 2)))) | ||
118 | has_create_token = 1; | ||
119 | if (api_major_version > 0 || api_minor_version >= 56) | ||
120 | has_ntsec_by_default = 1; | ||
121 | if (major_high > 1 || | ||
122 | (major_high == 1 && major_low >= 5)) | ||
123 | has_create_token_wo_ntsec = 1; | ||
124 | inited = 1; | ||
125 | } | ||
126 | } | ||
127 | switch (what) { | ||
128 | case HAS_CREATE_TOKEN: | ||
129 | return (has_create_token); | ||
130 | case HAS_NTSEC_BY_DEFAULT: | ||
131 | return (has_ntsec_by_default); | ||
132 | case HAS_CREATE_TOKEN_WO_NTSEC: | ||
133 | return (has_create_token_wo_ntsec); | ||
134 | } | ||
135 | return (0); | ||
136 | } | ||
137 | |||
138 | int | ||
139 | check_nt_auth(int pwd_authenticated, struct passwd *pw) | ||
140 | { | ||
141 | /* | ||
142 | * The only authentication which is able to change the user | ||
143 | * context on NT systems is the password authentication. So | ||
144 | * we deny all requsts for changing the user context if another | ||
145 | * authentication method is used. | ||
146 | * | ||
147 | * This doesn't apply to Cygwin versions >= 1.3.2 anymore which | ||
148 | * uses the undocumented NtCreateToken() call to create a user | ||
149 | * token if the process has the appropriate privileges and if | ||
150 | * CYGWIN ntsec setting is on. | ||
151 | */ | ||
152 | static int has_create_token = -1; | ||
153 | |||
154 | if (pw == NULL) | ||
155 | return 0; | ||
156 | if (is_winnt) { | ||
157 | if (has_create_token < 0) { | ||
158 | char *cygwin = getenv("CYGWIN"); | ||
159 | |||
160 | has_create_token = 0; | ||
161 | if (has_capability(HAS_CREATE_TOKEN) && | ||
162 | (ntsec_on(cygwin) || | ||
163 | (has_capability(HAS_NTSEC_BY_DEFAULT) && | ||
164 | !ntsec_off(cygwin)) || | ||
165 | has_capability(HAS_CREATE_TOKEN_WO_NTSEC))) | ||
166 | has_create_token = 1; | ||
167 | } | ||
168 | if (has_create_token < 1 && | ||
169 | !pwd_authenticated && geteuid() != pw->pw_uid) | ||
170 | return (0); | ||
171 | } | ||
172 | return (1); | ||
173 | } | ||
174 | |||
175 | int | 74 | int |
176 | check_ntsec(const char *filename) | 75 | check_ntsec(const char *filename) |
177 | { | 76 | { |
178 | return (pathconf(filename, _PC_POSIX_PERMISSIONS)); | 77 | return (pathconf(filename, _PC_POSIX_PERMISSIONS)); |
179 | } | 78 | } |
180 | 79 | ||
181 | void | ||
182 | register_9x_service(void) | ||
183 | { | ||
184 | HINSTANCE kerneldll; | ||
185 | DWORD (*RegisterServiceProcess)(DWORD, DWORD); | ||
186 | |||
187 | /* The service register mechanism in 9x/Me is pretty different from | ||
188 | * NT/2K/XP. In NT/2K/XP we're using a special service starter | ||
189 | * application to register and control sshd as service. This method | ||
190 | * doesn't play nicely with 9x/Me. For that reason we register here | ||
191 | * as service when running under 9x/Me. This function is only called | ||
192 | * by the child sshd when it's going to daemonize. | ||
193 | */ | ||
194 | if (is_winnt) | ||
195 | return; | ||
196 | if (!(kerneldll = LoadLibrary("KERNEL32.DLL"))) | ||
197 | return; | ||
198 | if (!(RegisterServiceProcess = (DWORD (*)(DWORD, DWORD)) | ||
199 | GetProcAddress(kerneldll, "RegisterServiceProcess"))) | ||
200 | return; | ||
201 | RegisterServiceProcess(0, 1); | ||
202 | } | ||
203 | |||
204 | #define NL(x) x, (sizeof (x) - 1) | 80 | #define NL(x) x, (sizeof (x) - 1) |
205 | #define WENV_SIZ (sizeof (wenv_arr) / sizeof (wenv_arr[0])) | 81 | #define WENV_SIZ (sizeof (wenv_arr) / sizeof (wenv_arr[0])) |
206 | 82 | ||