X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/e9a17296ccbb7bb4f9a0affffe58d2240768a7d4..acc3d05ebe23862b769334c5cca606978b703f19:/openssh/openbsd-compat/bsd-cygwin_util.c

diff --git a/openssh/openbsd-compat/bsd-cygwin_util.c b/openssh/openbsd-compat/bsd-cygwin_util.c
index f56ad7c..bbb0388 100644
--- a/openssh/openbsd-compat/bsd-cygwin_util.c
+++ b/openssh/openbsd-compat/bsd-cygwin_util.c
@@ -1,11 +1,25 @@
 /*
+ * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com>
  *
- * cygwin_util.c
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
  *
- * Author: Corinna Vinschen <vinschen@cygnus.com>
- *
- * Copyright (c) 2000 Corinna Vinschen <vinschen@cygnus.com>, Duisburg, Germany
- *                    All rights reserved
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
  * Created: Sat Sep 02 12:17:00 2000 cv
  *
@@ -27,6 +41,7 @@ RCSID("$Id$");
 #define is_winnt       (GetVersion() < 0x80000000)
 
 #define ntsec_on(c)	((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
+#define ntsec_off(c)	((c) && strstr((c),"nontsec"))
 #define ntea_on(c)	((c) && strstr((c),"ntea") && !strstr((c),"nontea"))
 
 #if defined(open) && open == binary_open
@@ -36,7 +51,8 @@ RCSID("$Id$");
 # undef pipe
 #endif
 
-int binary_open(const char *filename, int flags, ...)
+int 
+binary_open(const char *filename, int flags, ...)
 {
 	va_list ap;
 	mode_t mode;
@@ -44,21 +60,73 @@ int binary_open(const char *filename, int flags, ...)
 	va_start(ap, flags);
 	mode = va_arg(ap, mode_t);
 	va_end(ap);
-	return open(filename, flags | O_BINARY, mode);
+	return (open(filename, flags | O_BINARY, mode));
 }
 
-int binary_pipe(int fd[2])
+int 
+binary_pipe(int fd[2])
 {
 	int ret = pipe(fd);
 
 	if (!ret) {
-		setmode (fd[0], O_BINARY);
-		setmode (fd[1], O_BINARY);
+		setmode(fd[0], O_BINARY);
+		setmode(fd[1], O_BINARY);
+	}
+	return (ret);
+}
+
+#define HAS_CREATE_TOKEN 1
+#define HAS_NTSEC_BY_DEFAULT 2
+
+static int 
+has_capability(int what)
+{
+	static int inited;
+	static int has_create_token;
+	static int has_ntsec_by_default;
+
+	/* 
+	 * has_capability() basically calls uname() and checks if
+	 * specific capabilities of Cygwin can be evaluated from that.
+	 * This simplifies the calling functions which only have to ask
+	 * for a capability using has_capability() instead of having
+	 * to figure that out by themselves.
+	 */
+	if (!inited) {
+		struct utsname uts;
+		char *c;
+		
+		if (!uname(&uts)) {
+			int major_high = 0, major_low = 0, minor = 0;
+			int api_major_version = 0, api_minor_version = 0;
+			char *c;
+
+			sscanf(uts.release, "%d.%d.%d", &major_high,
+			    &major_low, &minor);
+			if ((c = strchr(uts.release, '(')) != NULL) {
+				sscanf(c + 1, "%d.%d", &api_major_version,
+				    &api_minor_version);
+			}
+			if (major_high > 1 ||
+			    (major_high == 1 && (major_low > 3 ||
+			    (major_low == 3 && minor >= 2))))
+				has_create_token = 1;
+			if (api_major_version > 0 || api_minor_version >= 56)
+				has_ntsec_by_default = 1;
+			inited = 1;
+		}
 	}
-	return ret;
+	switch (what) {
+	case HAS_CREATE_TOKEN:
+		return (has_create_token);
+	case HAS_NTSEC_BY_DEFAULT:
+		return (has_ntsec_by_default);
+	}
+	return (0);
 }
 
-int check_nt_auth(int pwd_authenticated, struct passwd *pw)
+int
+check_nt_auth(int pwd_authenticated, struct passwd *pw)
 {
 	/*
 	* The only authentication which is able to change the user
@@ -77,42 +145,38 @@ int check_nt_auth(int pwd_authenticated, struct passwd *pw)
 		return 0;
 	if (is_winnt) {
 		if (has_create_token < 0) {
-			struct utsname uts;
-		        int major_high = 0, major_low = 0, minor = 0;
 			char *cygwin = getenv("CYGWIN");
 
 			has_create_token = 0;
-			if (ntsec_on(cygwin) && !uname(&uts)) {
-				sscanf(uts.release, "%d.%d.%d",
-				       &major_high, &major_low, &minor);
-				if (major_high > 1 ||
-				    (major_high == 1 && (major_low > 3 ||
-				     (major_low == 3 && minor >= 2))))
-					has_create_token = 1;
-			}
+			if (has_capability(HAS_CREATE_TOKEN) &&
+			    (ntsec_on(cygwin) ||
+			    (has_capability(HAS_NTSEC_BY_DEFAULT) &&
+			    !ntsec_off(cygwin))))
+				has_create_token = 1;
 		}
 		if (has_create_token < 1 &&
 		    !pwd_authenticated && geteuid() != pw->pw_uid)
-			return 0;
+			return (0);
 	}
-	return 1;
+	return (1);
 }
 
-int check_ntsec(const char *filename)
+int
+check_ntsec(const char *filename)
 {
 	char *cygwin;
-	int allow_ntea = 0;
-	int allow_ntsec = 0;
+	int allow_ntea = 0, allow_ntsec = 0;
 	struct statfs fsstat;
 
 	/* Windows 95/98/ME don't support file system security at all. */
 	if (!is_winnt)
-		return 0;
+		return (0);
 
 	/* Evaluate current CYGWIN settings. */
 	cygwin = getenv("CYGWIN");
 	allow_ntea = ntea_on(cygwin);
-	allow_ntsec = ntsec_on(cygwin);
+	allow_ntsec = ntsec_on(cygwin) ||
+	    (has_capability(HAS_NTSEC_BY_DEFAULT) && !ntsec_off(cygwin));
 
 	/*
 	 * `ntea' is an emulation of POSIX attributes. It doesn't support
@@ -121,14 +185,14 @@ int check_ntsec(const char *filename)
 	 * for security checks.
 	 */
 	if (allow_ntea)
-		return 1;
+		return (1);
 
 	/*
 	 * Retrieve file system flags. In Cygwin, file system flags are
 	 * copied to f_type which has no meaning in Win32 itself.
 	 */
 	if (statfs(filename, &fsstat))
-		return 1;
+		return (1);
 
 	/*
 	 * Only file systems supporting ACLs are able to set permissions.
@@ -136,12 +200,13 @@ int check_ntsec(const char *filename)
 	 * ACLs to support POSIX permissions on files.
 	 */
 	if (fsstat.f_type & FS_PERSISTENT_ACLS)
-		return allow_ntsec;
+		return (allow_ntsec);
 
-	return 0;
+	return (0);
 }
 
-void register_9x_service(void)
+void
+register_9x_service(void)
 {
         HINSTANCE kerneldll;
         DWORD (*RegisterServiceProcess)(DWORD, DWORD);
@@ -155,10 +220,10 @@ void register_9x_service(void)
 	 */
 	if (is_winnt)
 		return;
-	if (! (kerneldll = LoadLibrary("KERNEL32.DLL")))
+	if (!(kerneldll = LoadLibrary("KERNEL32.DLL")))
 		return;
-	if (! (RegisterServiceProcess = (DWORD (*)(DWORD, DWORD))
-			  GetProcAddress(kerneldll, "RegisterServiceProcess")))
+	if (!(RegisterServiceProcess = (DWORD (*)(DWORD, DWORD))
+		GetProcAddress(kerneldll, "RegisterServiceProcess")))
 		return;
 	RegisterServiceProcess(0, 1);
 }