[gssapi-openssh.git] / openssh / openbsd-compat / bsd-cygwin_util.c

/*
 *
 * cygwin_util.c
 *
 * Author: Corinna Vinschen <vinschen@cygnus.com>
 *
 * Copyright (c) 2000 Corinna Vinschen <vinschen@cygnus.com>, Duisburg, Germany
 *                    All rights reserved
 *
 * Created: Sat Sep 02 12:17:00 2000 cv
 *
 * This file contains functions for forcing opened file descriptors to
 * binary mode on Windows systems.
 */

#include "includes.h"

RCSID("$Id$");

#ifdef HAVE_CYGWIN

#include <fcntl.h>
#include <stdlib.h>
#include <sys/utsname.h>
#include <sys/vfs.h>
#include <windows.h>
#define is_winnt       (GetVersion() < 0x80000000)

#define ntsec_on(c)	((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
#define ntea_on(c)	((c) && strstr((c),"ntea") && !strstr((c),"nontea"))

#if defined(open) && open == binary_open
# undef open
#endif
#if defined(pipe) && open == binary_pipe
# undef pipe
#endif

int binary_open(const char *filename, int flags, ...)
{
	va_list ap;
	mode_t mode;
	
	va_start(ap, flags);
	mode = va_arg(ap, mode_t);
	va_end(ap);
	return open(filename, flags | O_BINARY, mode);
}

int binary_pipe(int fd[2])
{
	int ret = pipe(fd);

	if (!ret) {
		setmode (fd[0], O_BINARY);
		setmode (fd[1], O_BINARY);
	}
	return ret;
}

int check_nt_auth(int pwd_authenticated, uid_t uid)
{
	/*
	* The only authentication which is able to change the user
	* context on NT systems is the password authentication. So
	* we deny all requsts for changing the user context if another
	* authentication method is used.
	*
	* This doesn't apply to Cygwin versions >= 1.3.2 anymore which
	* uses the undocumented NtCreateToken() call to create a user
	* token if the process has the appropriate privileges and if
	* CYGWIN ntsec setting is on.
	*/
	static int has_create_token = -1;

	if (is_winnt) {
		if (has_create_token < 0) {
			struct utsname uts;
		        int major_high = 0, major_low = 0, minor = 0;
			char *cygwin = getenv("CYGWIN");

			has_create_token = 0;
			if (ntsec_on(cygwin) && !uname(&uts)) {
				sscanf(uts.release, "%d.%d.%d",
				       &major_high, &major_low, &minor);
				if (major_high > 1 ||
				    (major_high == 1 && (major_low > 3 ||
				     (major_low == 3 && minor >= 2))))
					has_create_token = 1;
			}
		}
		if (has_create_token < 1 &&
		    !pwd_authenticated && geteuid() != uid)
			return 0;
	}
	return 1;
}

int check_ntsec(const char *filename)
{
	char *cygwin;
	int allow_ntea = 0;
	int allow_ntsec = 0;
	struct statfs fsstat;

	/* Windows 95/98/ME don't support file system security at all. */
	if (!is_winnt)
		return 0;

	/* Evaluate current CYGWIN settings. */
	cygwin = getenv("CYGWIN");
	allow_ntea = ntea_on(cygwin);
	allow_ntsec = ntsec_on(cygwin);

	/*
	 * `ntea' is an emulation of POSIX attributes. It doesn't support
	 * real file level security as ntsec on NTFS file systems does
	 * but it supports FAT filesystems. `ntea' is minimum requirement
	 * for security checks.
	 */
	if (allow_ntea)
		return 1;

	/*
	 * Retrieve file system flags. In Cygwin, file system flags are
	 * copied to f_type which has no meaning in Win32 itself.
	 */
	if (statfs(filename, &fsstat))
		return 1;

	/*
	 * Only file systems supporting ACLs are able to set permissions.
	 * `ntsec' is the setting in Cygwin which switches using of NTFS
	 * ACLs to support POSIX permissions on files.
	 */
	if (fsstat.f_type & FS_PERSISTENT_ACLS)
		return allow_ntsec;

	return 0;
}

#endif /* HAVE_CYGWIN */
Commit	Line	Data
3c0ef626	1	/*
	2	*
	3	* cygwin_util.c
	4	*
	5	* Author: Corinna Vinschen <vinschen@cygnus.com>
	6	*
	7	* Copyright (c) 2000 Corinna Vinschen <vinschen@cygnus.com>, Duisburg, Germany
	8	* All rights reserved
	9	*
	10	* Created: Sat Sep 02 12:17:00 2000 cv
	11	*
	12	* This file contains functions for forcing opened file descriptors to
	13	* binary mode on Windows systems.
	14	*/
	15
	16	#include "includes.h"
	17
	18	RCSID("$Id$");
	19
	20	#ifdef HAVE_CYGWIN
	21
	22	#include <fcntl.h>
	23	#include <stdlib.h>
	24	#include <sys/utsname.h>
	25	#include <sys/vfs.h>
	26	#include <windows.h>
	27	#define is_winnt (GetVersion() < 0x80000000)
	28
	29	#define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
	30	#define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea"))
	31
	32	#if defined(open) && open == binary_open
	33	# undef open
	34	#endif
	35	#if defined(pipe) && open == binary_pipe
	36	# undef pipe
	37	#endif
	38
	39	int binary_open(const char *filename, int flags, ...)
	40	{
	41	va_list ap;
	42	mode_t mode;
	43
	44	va_start(ap, flags);
	45	mode = va_arg(ap, mode_t);
	46	va_end(ap);
	47	return open(filename, flags \| O_BINARY, mode);
	48	}
	49
	50	int binary_pipe(int fd[2])
	51	{
	52	int ret = pipe(fd);
	53
	54	if (!ret) {
	55	setmode (fd[0], O_BINARY);
	56	setmode (fd[1], O_BINARY);
	57	}
	58	return ret;
	59	}
	60
	61	int check_nt_auth(int pwd_authenticated, uid_t uid)
	62	{
	63	/*
	64	* The only authentication which is able to change the user
65	* context on NT systems is the password authentication. So
66	* we deny all requsts for changing the user context if another
67	* authentication method is used.
68	*
69	* This doesn't apply to Cygwin versions >= 1.3.2 anymore which
70	* uses the undocumented NtCreateToken() call to create a user
71	* token if the process has the appropriate privileges and if
72	* CYGWIN ntsec setting is on.
73	*/
74	static int has_create_token = -1;
75
76	if (is_winnt) {
77	if (has_create_token < 0) {
78	struct utsname uts;
79	int major_high = 0, major_low = 0, minor = 0;
80	char *cygwin = getenv("CYGWIN");
81
82	has_create_token = 0;
83	if (ntsec_on(cygwin) && !uname(&uts)) {
84	sscanf(uts.release, "%d.%d.%d",
85	&major_high, &major_low, &minor);
86	if (major_high > 1 \|\|
87	(major_high == 1 && (major_low > 3 \|\|
88	(major_low == 3 && minor >= 2))))
89	has_create_token = 1;
90	}
91	}
92	if (has_create_token < 1 &&
93	!pwd_authenticated && geteuid() != uid)
94	return 0;
95	}
96	return 1;
97	}
98
99	int check_ntsec(const char *filename)
100	{
101	char *cygwin;
102	int allow_ntea = 0;
103	int allow_ntsec = 0;
104	struct statfs fsstat;
105
106	/* Windows 95/98/ME don't support file system security at all. */
107	if (!is_winnt)
108	return 0;
109
110	/* Evaluate current CYGWIN settings. */
111	cygwin = getenv("CYGWIN");
112	allow_ntea = ntea_on(cygwin);
113	allow_ntsec = ntsec_on(cygwin);
114
115	/*
116	* `ntea' is an emulation of POSIX attributes. It doesn't support
117	* real file level security as ntsec on NTFS file systems does
118	* but it supports FAT filesystems. `ntea' is minimum requirement
119	* for security checks.
120	*/
121	if (allow_ntea)
122	return 1;
123
124	/*
125	* Retrieve file system flags. In Cygwin, file system flags are
126	* copied to f_type which has no meaning in Win32 itself.
127	*/
128	if (statfs(filename, &fsstat))
129	return 1;
130
131	/*
132	* Only file systems supporting ACLs are able to set permissions.
133	* `ntsec' is the setting in Cygwin which switches using of NTFS
134	* ACLs to support POSIX permissions on files.
135	*/
136	if (fsstat.f_type & FS_PERSISTENT_ACLS)
137	return allow_ntsec;
138
139	return 0;
140	}
141
142	#endif /* HAVE_CYGWIN */