1 files changed, 60 insertions, 12 deletions
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 2396a6e6b..0fa5964bc 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -31,7 +31,7 @@
 #include "includes.h"
-RCSID("$Id: bsd-cygwin_util.c,v 1.8 2002/04/15 22:00:52 stevesk Exp $");
+RCSID("$Id: bsd-cygwin_util.c,v 1.9 2002/11/09 15:59:29 mouring Exp $");
 #ifdef HAVE_CYGWIN
@@ -43,6 +43,7 @@ RCSID("$Id: bsd-cygwin_util.c,v 1.8 2002/04/15 22:00:52 stevesk Exp $");
 #define is_winnt       (GetVersion() < 0x80000000)
 #define ntsec_on(c)     ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
+#define ntsec_off(c)    ((c) && strstr((c),"nontsec"))
 #define ntea_on(c)      ((c) && strstr((c),"ntea") && !strstr((c),"nontea"))
 #if defined(open) && open == binary_open
@@ -74,6 +75,56 @@ int binary_pipe(int fd[2])
        return ret;
 }
+#define HAS_CREATE_TOKEN 1
+#define HAS_NTSEC_BY_DEFAULT 2
+static int has_capability(int what)
+{
+        /* has_capability() basically calls uname() and checks if
+           specific capabilities of Cygwin can be evaluated from that.
+           This simplifies the calling functions which only have to ask
+           for a capability using has_capability() instead of having
+           to figure that out by themselves. */
+        static int inited;
+        static int has_create_token;
+        static int has_ntsec_by_default;
+        if (!inited) {
+                struct utsname uts;
+                char *c;
+                
+                if (!uname(&uts)) {
+                        int major_high = 0;
+                        int major_low = 0;
+                        int minor = 0;
+                        int api_major_version = 0;
+                        int api_minor_version = 0;
+                        char *c;
+                        sscanf(uts.release, "%d.%d.%d", &major_high,
+                               &major_low, &minor);
+                        c = strchr(uts.release, '(');
+                        if (c)
+                                sscanf(c + 1, "%d.%d", &api_major_version,
+                                       &api_minor_version);
+                        if (major_high > 1 ||
+                            (major_high == 1 && (major_low > 3 ||
+                             (major_low == 3 && minor >= 2))))
+                                has_create_token = 1;
+                        if (api_major_version > 0 || api_minor_version >= 56)
+                                has_ntsec_by_default = 1;
+                        inited = 1;
+                }
+        }
+        switch (what) {
+        case HAS_CREATE_TOKEN:
+                return has_create_token;
+        case HAS_NTSEC_BY_DEFAULT:
+                return has_ntsec_by_default;
+        }
+        return 0;
+}
 int check_nt_auth(int pwd_authenticated, struct passwd *pw)
 {
        /*
@@ -93,19 +144,14 @@ int check_nt_auth(int pwd_authenticated, struct passwd *pw)
                return 0;
        if (is_winnt) {
                if (has_create_token < 0) {
-                        struct utsname uts;
-                        int major_high = 0, major_low = 0, minor = 0;
                        char *cygwin = getenv("CYGWIN");
                        has_create_token = 0;
-                        if (ntsec_on(cygwin) && !uname(&uts)) {
+                        if (has_capability(HAS_CREATE_TOKEN) &&
-                                sscanf(uts.release, "%d.%d.%d",
+                            (ntsec_on(cygwin) ||
-                                       &major_high, &major_low, &minor);
+                             (has_capability(HAS_NTSEC_BY_DEFAULT) &&
-                                if (major_high > 1 ||
+                              !ntsec_off(cygwin))))
-                                    (major_high == 1 && (major_low > 3 ||
+                                has_create_token = 1;
-                                     (major_low == 3 && minor >= 2))))
-                                        has_create_token = 1;
-                        }
                }
                if (has_create_token < 1 &&
                    !pwd_authenticated && geteuid() != pw->pw_uid)
@@ -128,7 +174,9 @@ int check_ntsec(const char *filename)
        /* Evaluate current CYGWIN settings. */
        cygwin = getenv("CYGWIN");
        allow_ntea = ntea_on(cygwin);
-        allow_ntsec = ntsec_on(cygwin);
+        allow_ntsec = ntsec_on(cygwin) ||
+                      (has_capability(HAS_NTSEC_BY_DEFAULT) &&
+                       !ntsec_off(cygwin));
        /*
         * `ntea' is an emulation of POSIX attributes. It doesn't support

diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c index 2396a6e6b..0fa5964bc 100644 --- a/openbsd-compat/bsd-cygwin_util.c +++ b/openbsd-compat/bsd-cygwin_util.c
@@ -31,7 +31,7 @@
31		31
32	#include "includes.h"	32	#include "includes.h"
33		33
34	RCSID("$Id: bsd-cygwin_util.c,v 1.8 2002/04/15 22:00:52 stevesk Exp $");	34	RCSID("$Id: bsd-cygwin_util.c,v 1.9 2002/11/09 15:59:29 mouring Exp $");
35		35
36	#ifdef HAVE_CYGWIN	36	#ifdef HAVE_CYGWIN
37		37
@@ -43,6 +43,7 @@ RCSID("$Id: bsd-cygwin_util.c,v 1.8 2002/04/15 22:00:52 stevesk Exp $");
43	#define is_winnt (GetVersion() < 0x80000000)	43	#define is_winnt (GetVersion() < 0x80000000)
44		44
45	#define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))	45	#define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
		46	#define ntsec_off(c) ((c) && strstr((c),"nontsec"))
46	#define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea"))	47	#define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea"))
47		48
48	#if defined(open) && open == binary_open	49	#if defined(open) && open == binary_open
@@ -74,6 +75,56 @@ int binary_pipe(int fd[2])
74	return ret;	75	return ret;
75	}	76	}
76		77
		78	#define HAS_CREATE_TOKEN 1
		79	#define HAS_NTSEC_BY_DEFAULT 2
		80
		81	static int has_capability(int what)
		82	{
		83	/* has_capability() basically calls uname() and checks if
		84	specific capabilities of Cygwin can be evaluated from that.
		85	This simplifies the calling functions which only have to ask
		86	for a capability using has_capability() instead of having
		87	to figure that out by themselves. */
		88	static int inited;
		89	static int has_create_token;
		90	static int has_ntsec_by_default;
		91
		92	if (!inited) {
		93	struct utsname uts;
		94	char *c;
		95
		96	if (!uname(&uts)) {
		97	int major_high = 0;
		98	int major_low = 0;
		99	int minor = 0;
		100	int api_major_version = 0;
		101	int api_minor_version = 0;
		102	char *c;
		103
		104	sscanf(uts.release, "%d.%d.%d", &major_high,
		105	&major_low, &minor);
		106	c = strchr(uts.release, '(');
		107	if (c)
		108	sscanf(c + 1, "%d.%d", &api_major_version,
		109	&api_minor_version);
		110	if (major_high > 1 \|\|
		111	(major_high == 1 && (major_low > 3 \|\|
		112	(major_low == 3 && minor >= 2))))
		113	has_create_token = 1;
		114	if (api_major_version > 0 \|\| api_minor_version >= 56)
		115	has_ntsec_by_default = 1;
		116	inited = 1;
		117	}
		118	}
		119	switch (what) {
		120	case HAS_CREATE_TOKEN:
		121	return has_create_token;
		122	case HAS_NTSEC_BY_DEFAULT:
		123	return has_ntsec_by_default;
		124	}
		125	return 0;
		126	}
		127
77	int check_nt_auth(int pwd_authenticated, struct passwd *pw)	128	int check_nt_auth(int pwd_authenticated, struct passwd *pw)
78	{	129	{
79	/*	130	/*
@@ -93,19 +144,14 @@ int check_nt_auth(int pwd_authenticated, struct passwd *pw)
93	return 0;	144	return 0;
94	if (is_winnt) {	145	if (is_winnt) {
95	if (has_create_token < 0) {	146	if (has_create_token < 0) {
96	struct utsname uts;
97	int major_high = 0, major_low = 0, minor = 0;
98	char *cygwin = getenv("CYGWIN");	147	char *cygwin = getenv("CYGWIN");
99		148
100	has_create_token = 0;	149	has_create_token = 0;
101	if (ntsec_on(cygwin) && !uname(&uts)) {	150	if (has_capability(HAS_CREATE_TOKEN) &&
102	sscanf(uts.release, "%d.%d.%d",	151	(ntsec_on(cygwin) \|\|
103	&major_high, &major_low, &minor);	152	(has_capability(HAS_NTSEC_BY_DEFAULT) &&
104	if (major_high > 1 \|\|	153	!ntsec_off(cygwin))))
105	(major_high == 1 && (major_low > 3 \|\|	154	has_create_token = 1;
106	(major_low == 3 && minor >= 2))))
107	has_create_token = 1;
108	}
109	}	155	}
110	if (has_create_token < 1 &&	156	if (has_create_token < 1 &&
111	!pwd_authenticated && geteuid() != pw->pw_uid)	157	!pwd_authenticated && geteuid() != pw->pw_uid)
@@ -128,7 +174,9 @@ int check_ntsec(const char *filename)
128	/* Evaluate current CYGWIN settings. */	174	/* Evaluate current CYGWIN settings. */
129	cygwin = getenv("CYGWIN");	175	cygwin = getenv("CYGWIN");
130	allow_ntea = ntea_on(cygwin);	176	allow_ntea = ntea_on(cygwin);
131	allow_ntsec = ntsec_on(cygwin);	177	allow_ntsec = ntsec_on(cygwin) \|\|
		178	(has_capability(HAS_NTSEC_BY_DEFAULT) &&
		179	!ntsec_off(cygwin));
132		180
133	/*	181	/*
134	* `ntea' is an emulation of POSIX attributes. It doesn't support	182	* `ntea' is an emulation of POSIX attributes. It doesn't support