5 * Author: Corinna Vinschen <vinschen@cygnus.com>
7 * Copyright (c) 2000 Corinna Vinschen <vinschen@cygnus.com>, Duisburg, Germany
10 * Created: Sat Sep 02 12:17:00 2000 cv
12 * This file contains functions for forcing opened file descriptors to
13 * binary mode on Windows systems.
24 #include <sys/utsname.h>
27 #define is_winnt (GetVersion() < 0x80000000)
29 #define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
30 #define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea"))
32 #if defined(open) && open == binary_open
35 #if defined(pipe) && open == binary_pipe
39 int binary_open(const char *filename, int flags, ...)
45 mode = va_arg(ap, mode_t);
47 return open(filename, flags | O_BINARY, mode);
50 int binary_pipe(int fd[2])
55 setmode (fd[0], O_BINARY);
56 setmode (fd[1], O_BINARY);
61 int check_nt_auth(int pwd_authenticated, struct passwd *pw)
64 * The only authentication which is able to change the user
65 * context on NT systems is the password authentication. So
66 * we deny all requsts for changing the user context if another
67 * authentication method is used.
69 * This doesn't apply to Cygwin versions >= 1.3.2 anymore which
70 * uses the undocumented NtCreateToken() call to create a user
71 * token if the process has the appropriate privileges and if
72 * CYGWIN ntsec setting is on.
74 static int has_create_token = -1;
79 if (has_create_token < 0) {
81 int major_high = 0, major_low = 0, minor = 0;
82 char *cygwin = getenv("CYGWIN");
85 if (ntsec_on(cygwin) && !uname(&uts)) {
86 sscanf(uts.release, "%d.%d.%d",
87 &major_high, &major_low, &minor);
89 (major_high == 1 && (major_low > 3 ||
90 (major_low == 3 && minor >= 2))))
94 if (has_create_token < 1 &&
95 !pwd_authenticated && geteuid() != pw->pw_uid)
101 int check_ntsec(const char *filename)
106 struct statfs fsstat;
108 /* Windows 95/98/ME don't support file system security at all. */
112 /* Evaluate current CYGWIN settings. */
113 cygwin = getenv("CYGWIN");
114 allow_ntea = ntea_on(cygwin);
115 allow_ntsec = ntsec_on(cygwin);
118 * `ntea' is an emulation of POSIX attributes. It doesn't support
119 * real file level security as ntsec on NTFS file systems does
120 * but it supports FAT filesystems. `ntea' is minimum requirement
121 * for security checks.
127 * Retrieve file system flags. In Cygwin, file system flags are
128 * copied to f_type which has no meaning in Win32 itself.
130 if (statfs(filename, &fsstat))
134 * Only file systems supporting ACLs are able to set permissions.
135 * `ntsec' is the setting in Cygwin which switches using of NTFS
136 * ACLs to support POSIX permissions on files.
138 if (fsstat.f_type & FS_PERSISTENT_ACLS)
144 void register_9x_service(void)
147 DWORD (*RegisterServiceProcess)(DWORD, DWORD);
149 /* The service register mechanism in 9x/Me is pretty different from
150 * NT/2K/XP. In NT/2K/XP we're using a special service starter
151 * application to register and control sshd as service. This method
152 * doesn't play nicely with 9x/Me. For that reason we register here
153 * as service when running under 9x/Me. This function is only called
154 * by the child sshd when it's going to daemonize.
158 if (! (kerneldll = LoadLibrary("KERNEL32.DLL")))
160 if (! (RegisterServiceProcess = (DWORD (*)(DWORD, DWORD))
161 GetProcAddress(kerneldll, "RegisterServiceProcess")))
163 RegisterServiceProcess(0, 1);
166 #endif /* HAVE_CYGWIN */