diff options
author | Pierre Humblet <phumblet@phumblet.no-ip.org> | 2004-10-28 01:46:01 +0000 |
---|---|---|
committer | Pierre Humblet <phumblet@phumblet.no-ip.org> | 2004-10-28 01:46:01 +0000 |
commit | 531979231dd850a920af0a65bc70d5178ae14fec (patch) | |
tree | cedf7460fe072dba7976a95693dd5aab3ca4fc5f | |
parent | 39055108341fae0ca71ef503267d8f619e59a047 (diff) | |
download | newlib-531979231dd850a920af0a65bc70d5178ae14fec.zip newlib-531979231dd850a920af0a65bc70d5178ae14fec.tar.gz newlib-531979231dd850a920af0a65bc70d5178ae14fec.tar.bz2 |
2004-10-28 Pierre Humblet <pierre.humblet@ieee.org>
* path.cc (mount_info::from_registry): Deimpersonate while
accessing HKLM.
(mount_info::read_cygdrive_info_from_registry): Ditto.
* cygheap.h: Define NO_IMPERSONATION.
(cygheap_user::issetuid): Replace INVALID_HANDLE_VALUE by
NO_IMPERSONATION.
(cygheap_user::has_impersonation_tokens): Ditto.
(cygheap_user::close_impersonation_tokens): Ditto.
* uinfo.cc (uinfo_init): Ditto.
* syscalls.cc (seteuid32): Ditto.
* security.cc (set_impersonation_token): Ditto.
-rw-r--r-- | winsup/cygwin/ChangeLog | 14 | ||||
-rw-r--r-- | winsup/cygwin/cygheap.h | 21 | ||||
-rw-r--r-- | winsup/cygwin/path.cc | 10 | ||||
-rw-r--r-- | winsup/cygwin/security.cc | 2 | ||||
-rw-r--r-- | winsup/cygwin/syscalls.cc | 11 | ||||
-rw-r--r-- | winsup/cygwin/uinfo.cc | 6 |
6 files changed, 41 insertions, 23 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 96e0c61..dfa658d 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,17 @@ +2004-10-28 Pierre Humblet <pierre.humblet@ieee.org> + + * path.cc (mount_info::from_registry): Deimpersonate while + accessing HKLM. + (mount_info::read_cygdrive_info_from_registry): Ditto. + * cygheap.h: Define NO_IMPERSONATION. + (cygheap_user::issetuid): Replace INVALID_HANDLE_VALUE by + NO_IMPERSONATION. + (cygheap_user::has_impersonation_tokens): Ditto. + (cygheap_user::close_impersonation_tokens): Ditto. + * uinfo.cc (uinfo_init): Ditto. + * syscalls.cc (seteuid32): Ditto. + * security.cc (set_impersonation_token): Ditto. + 2004-10-26 Christopher Faylor <cgf@timesys.com> * cygtls.cc (_cygtls::fixup_after_fork): Wipe out exitsock local since diff --git a/winsup/cygwin/cygheap.h b/winsup/cygwin/cygheap.h index 80abe6e..2feff85 100644 --- a/winsup/cygwin/cygheap.h +++ b/winsup/cygwin/cygheap.h @@ -169,7 +169,8 @@ public: PSID sid () { return effec_cygsid; } PSID saved_sid () { return saved_cygsid; } const char *ontherange (homebodies what, struct passwd * = NULL); - bool issetuid () const { return current_token != INVALID_HANDLE_VALUE; } +#define NO_IMPERSONATION NULL + bool issetuid () const { return current_token != NO_IMPERSONATION; } HANDLE token () { return current_token; } void deimpersonate () { @@ -183,26 +184,26 @@ public: system_printf ("ImpersonateLoggedOnUser: %E"); } bool has_impersonation_tokens () - { return external_token != INVALID_HANDLE_VALUE - || internal_token != INVALID_HANDLE_VALUE - || current_token != INVALID_HANDLE_VALUE; } + { return external_token != NO_IMPERSONATION + || internal_token != NO_IMPERSONATION + || current_token != NO_IMPERSONATION; } void close_impersonation_tokens () { - if (current_token != INVALID_HANDLE_VALUE) + if (current_token != NO_IMPERSONATION) { if( current_token != external_token && current_token != internal_token) CloseHandle (current_token); - current_token = INVALID_HANDLE_VALUE; + current_token = NO_IMPERSONATION; } - if (external_token != INVALID_HANDLE_VALUE) + if (external_token != NO_IMPERSONATION) { CloseHandle (external_token); - external_token = INVALID_HANDLE_VALUE; + external_token = NO_IMPERSONATION; } - if (internal_token != INVALID_HANDLE_VALUE) + if (internal_token != NO_IMPERSONATION) { CloseHandle (internal_token); - internal_token = INVALID_HANDLE_VALUE; + internal_token = NO_IMPERSONATION; } } const char *cygheap_user::test_uid (char *&, const char *, size_t) diff --git a/winsup/cygwin/path.cc b/winsup/cygwin/path.cc index 2281883..893e47d 100644 --- a/winsup/cygwin/path.cc +++ b/winsup/cygwin/path.cc @@ -1802,11 +1802,13 @@ mount_info::from_registry () read_mounts (r); /* Then read mounts from system-wide mount table. */ + cygheap->user.deimpersonate (); reg_key r1 (HKEY_LOCAL_MACHINE, KEY_READ, "SOFTWARE", CYGWIN_INFO_CYGNUS_REGISTRY_NAME, CYGWIN_REGNAME, CYGWIN_INFO_CYGWIN_MOUNT_REGISTRY_NAME, NULL); read_mounts (r1); + cygheap->user.reimpersonate (); } /* add_reg_mount: Add mount item to registry. Return zero on success, @@ -1922,16 +1924,16 @@ mount_info::read_cygdrive_info_from_registry () { /* reg_key for user path prefix in HKEY_CURRENT_USER. */ reg_key r; - + /* First read cygdrive from user's registry. */ if (r.get_string (CYGWIN_INFO_CYGDRIVE_PREFIX, cygdrive, sizeof (cygdrive), "") != 0) { - /* Didn't find the user path prefix so check the system path prefix. */ - - /* reg_key for system path prefix in HKEY_LOCAL_MACHINE. */ + /* Then read cygdrive from system-wide registry. */ + cygheap->user.deimpersonate (); reg_key r2 (HKEY_LOCAL_MACHINE, KEY_READ, "SOFTWARE", CYGWIN_INFO_CYGNUS_REGISTRY_NAME, CYGWIN_REGNAME, CYGWIN_INFO_CYGWIN_MOUNT_REGISTRY_NAME, NULL); + cygheap->user.reimpersonate (); if (r2.get_string (CYGWIN_INFO_CYGDRIVE_PREFIX, cygdrive, sizeof (cygdrive), "")) diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 458e232..14f4013 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -69,7 +69,7 @@ extern "C" void cygwin_set_impersonation_token (const HANDLE hToken) { debug_printf ("set_impersonation_token (%d)", hToken); - cygheap->user.external_token = hToken; + cygheap->user.external_token = hToken == INVALID_HANDLE_VALUE ? NO_IMPERSONATION : hToken; return; } diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc index 0aec709..619eda3 100644 --- a/winsup/cygwin/syscalls.cc +++ b/winsup/cygwin/syscalls.cc @@ -2032,17 +2032,17 @@ seteuid32 (__uid32_t uid) if (verify_token (ptok, usersid, groups)) new_token = ptok; /* Verify if the external token is suitable */ - else if (cygheap->user.external_token != INVALID_HANDLE_VALUE + else if (cygheap->user.external_token != NO_IMPERSONATION && verify_token (cygheap->user.external_token, usersid, groups)) new_token = cygheap->user.external_token; /* Verify if the current token (internal or former external) is suitable */ - else if (cygheap->user.current_token != INVALID_HANDLE_VALUE + else if (cygheap->user.current_token != NO_IMPERSONATION && cygheap->user.current_token != cygheap->user.external_token && verify_token (cygheap->user.current_token, usersid, groups, &token_is_internal)) new_token = cygheap->user.current_token; /* Verify if the internal token is suitable */ - else if (cygheap->user.internal_token != INVALID_HANDLE_VALUE + else if (cygheap->user.internal_token != NO_IMPERSONATION && cygheap->user.internal_token != cygheap->user.current_token && verify_token (cygheap->user.internal_token, usersid, groups, &token_is_internal)) @@ -2074,10 +2074,11 @@ seteuid32 (__uid32_t uid) goto failed; } /* Keep at most one internal token */ - if (cygheap->user.internal_token != INVALID_HANDLE_VALUE) + if (cygheap->user.internal_token != NO_IMPERSONATION) CloseHandle (cygheap->user.internal_token); cygheap->user.internal_token = new_token; } + if (new_token != ptok) { /* Avoid having HKCU use default user */ @@ -2103,7 +2104,7 @@ seteuid32 (__uid32_t uid) CloseHandle (ptok); issamesid = (usersid == cygheap->user.sid ()); cygheap->user.set_sid (usersid); - cygheap->user.current_token = new_token == ptok ? INVALID_HANDLE_VALUE + cygheap->user.current_token = new_token == ptok ? NO_IMPERSONATION : new_token; if (!issamesid) /* MS KB 199190 */ RegCloseKey (HKEY_CURRENT_USER); diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc index 6fca2fd..1b3206b 100644 --- a/winsup/cygwin/uinfo.cc +++ b/winsup/cygwin/uinfo.cc @@ -160,9 +160,9 @@ uinfo_init () cygheap->user.saved_uid = cygheap->user.real_uid = myself->uid; cygheap->user.saved_gid = cygheap->user.real_gid = myself->gid; - cygheap->user.external_token = INVALID_HANDLE_VALUE; - cygheap->user.internal_token = INVALID_HANDLE_VALUE; - cygheap->user.current_token = INVALID_HANDLE_VALUE; + cygheap->user.external_token = NO_IMPERSONATION; + cygheap->user.internal_token = NO_IMPERSONATION; + cygheap->user.current_token = NO_IMPERSONATION; cygheap->user.set_saved_sid (); /* Update the original sid */ } |