drew
/
acadia-newlib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* Makefile.in: Ensure that -MD gets added to CFLAGS regardless of CFLAGS 

command-line setting.
* cygwin.din: Export sexec* functions as function which returns ENOSYS
(i.e., sexec* is deprecated).
* dtable.cc (dtable::vfork_child_dup): Ensure that impersonation is restored
even on failure.
* exec.cc: Throughout, remove references to sexec* and _spawnve.
* pinfo.h: Remove _spawnve declaration.
* spawn.cc: Rename _spawnve to spawnve and use throughout.
(spawn_guts): Eliminate hToken argument and processing of same.  Just perform
special actions if impersonating.
(spawnve): Rename from _spawnve.
This commit is contained in:
Christopher Faylor 2002-06-11 02:08:00 +00:00
parent 85a238e1e8
commit 380aaf2d2c
8 changed files with 56 additions and 171 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,19 @@
2002-06-10 Christopher Faylor <cgf@redhat.com>
* Makefile.in: Ensure that -MD gets added to CFLAGS regardless of
CFLAGS command-line setting.
* cygwin.din: Export sexec* functions as function which returns ENOSYS
(i.e., sexec* is deprecated).
* dtable.cc (dtable::vfork_child_dup): Ensure that impersonation is
restored even on failure.
* exec.cc: Throughout, remove references to sexec* and _spawnve.
* pinfo.h: Remove _spawnve declaration.
* spawn.cc: Rename _spawnve to spawnve and use throughout.
(spawn_guts): Eliminate hToken argument and processing of same. Just
perform special actions if impersonating.
(spawnve): Rename from _spawnve.
2002-06-10 Christopher Faylor <cgf@redhat.com> 2002-06-10 Christopher Faylor <cgf@redhat.com>
* include/sys/strace.h (strace): Avoid use of constructor. * include/sys/strace.h (strace): Avoid use of constructor.

2
winsup/cygwin/Makefile.in
View File

@ -51,7 +51,7 @@ CC:=@CC@
# FIXME: Which is it, CC or CC_FOR_TARGET? # FIXME: Which is it, CC or CC_FOR_TARGET?
CC_FOR_TARGET:=$(CC) CC_FOR_TARGET:=$(CC)
CFLAGS:=@CFLAGS@ CFLAGS:=@CFLAGS@
CFLAGS+=-MMD -fbuiltin override CFLAGS+=-MMD -fbuiltin
CXX:=@CXX@ CXX:=@CXX@
CXXFLAGS:=@CXXFLAGS@ CXXFLAGS:=@CXXFLAGS@

16
winsup/cygwin/cygwin.din
View File

@ -1144,14 +1144,14 @@ _tzname DATA
ptsname ptsname
grantpt grantpt
unlockpt unlockpt
sexecve sexecve = sexecve_is_bad
sexecl sexecl = sexecve_is_bad
sexecle sexecle = sexecve_is_bad
sexeclp sexeclp = sexecve_is_bad
sexeclpe sexeclpe = sexecve_is_bad
sexecv sexecv = sexecve_is_bad
sexecp sexecp = sexecve_is_bad
sexecvpe sexecvpe = sexecve_is_bad
ttyslot ttyslot
rcmd = cygwin_rcmd rcmd = cygwin_rcmd
rresvport = cygwin_rresvport rresvport = cygwin_rresvport

8
winsup/cygwin/dtable.cc
View File

@ -633,14 +633,14 @@ dtable::vfork_child_dup ()
goto out; goto out;
} }
/* Restore impersonation */
if (cygheap->user.impersonated && cygheap->user.token != INVALID_HANDLE_VALUE)
ImpersonateLoggedOnUser (cygheap->user.token);
fds_on_hold = fds; fds_on_hold = fds;
fds = newtable; fds = newtable;
out: out:
/* Restore impersonation */
if (cygheap->user.impersonated && cygheap->user.token != INVALID_HANDLE_VALUE)
ImpersonateLoggedOnUser (cygheap->user.token);
ReleaseResourceLock (LOCK_FD_LIST, WRITE_LOCK | READ_LOCK, "dup"); ReleaseResourceLock (LOCK_FD_LIST, WRITE_LOCK | READ_LOCK, "dup");
return 1; return 1;
} }

123
winsup/cygwin/exec.cc
View File

@ -19,6 +19,7 @@ details. */
#include "path.h" #include "path.h"
#include "pinfo.h" #include "pinfo.h"
#include "environ.h" #include "environ.h"
#include "cygerrno.h"
/* This is called _execve and not execve because the real execve is defined /* This is called _execve and not execve because the real execve is defined
in libc/posix/execve.c. It calls us. */ in libc/posix/execve.c. It calls us. */
@ -30,7 +31,7 @@ _execve (const char *path, char *const argv[], char *const envp[])
MALLOC_CHECK; MALLOC_CHECK;
if (!envp) if (!envp)
envp = empty_env; envp = empty_env;
return _spawnve (NULL, _P_OVERLAY, path, argv, envp); return spawnve (_P_OVERLAY, path, argv, envp);
} }
extern "C" int extern "C" int
@ -58,116 +59,11 @@ execv (const char *path, char * const *argv)
return _execve (path, (char * const *) argv, cur_environ ()); return _execve (path, (char * const *) argv, cur_environ ());
} }
/* the same as a standard exec() calls family, but with NT security support */
extern "C" pid_t extern "C" pid_t
sexecve (HANDLE hToken, const char *path, const char *const argv[], sexecve_is_bad ()
const char *const envp[])
{ {
_spawnve (hToken, _P_OVERLAY, path, argv, envp); set_errno (ENOSYS);
return -1; return 0;
}
extern "C" int
sexecl (HANDLE hToken, const char *path, const char *arg0, ...)
{
int i;
va_list args;
const char *argv[1024];
va_start (args, arg0);
argv[0] = arg0;
i = 1;
do
argv[i] = va_arg (args, const char *);
while (argv[i++] != NULL);
va_end (args);
MALLOC_CHECK;
return sexecve (hToken, path, (char * const *) argv, cur_environ ());
}
extern "C" int
sexecle (HANDLE hToken, const char *path, const char *arg0, ...)
{
int i;
va_list args;
const char * const *envp;
const char *argv[1024];
va_start (args, arg0);
argv[0] = arg0;
i = 1;
do
argv[i] = va_arg (args, const char *);
while (argv[i++] != NULL);
envp = va_arg (args, const char * const *);
va_end (args);
MALLOC_CHECK;
return sexecve(hToken, path, (char * const *) argv, (char * const *) envp);
}
extern "C" int
sexeclp (HANDLE hToken, const char *path, const char *arg0, ...)
{
int i;
va_list args;
const char *argv[1024];
va_start (args, arg0);
argv[0] = arg0;
i = 1;
do
argv[i] = va_arg (args, const char *);
while (argv[i++] != NULL);
va_end (args);
MALLOC_CHECK;
return sexecvpe (hToken, path, (const char * const *) argv, cur_environ ());
}
extern "C" int
sexeclpe (HANDLE hToken, const char *path, const char *arg0, ...)
{
int i;
va_list args;
const char * const *envp;
const char *argv[1024];
va_start (args, arg0);
argv[0] = arg0;
i = 1;
do
argv[i] = va_arg (args, const char *);
while (argv[i++] != NULL);
envp = va_arg (args, const char * const *);
va_end (args);
MALLOC_CHECK;
return sexecvpe (hToken, path, argv, envp);
}
extern "C" int
sexecv (HANDLE hToken, const char *path, const char * const *argv)
{
MALLOC_CHECK;
return sexecve (hToken, path, argv, cur_environ ());
}
extern "C" int
sexecp (HANDLE hToken, const char *path, const char * const *argv)
{
MALLOC_CHECK;
return sexecvpe (hToken, path, argv, cur_environ ());
} }
/* /*
@ -187,15 +83,6 @@ strccpy (char *s1, const char **s2, char c)
return s1; return s1;
} }
extern "C" int
sexecvpe (HANDLE hToken, const char *file, const char * const *argv,
const char *const *envp)
{
path_conv buf;
MALLOC_CHECK;
return sexecve (hToken, find_exec (file, buf), argv, envp);
}
extern "C" int extern "C" int
execvp (const char *path, char * const *argv) execvp (const char *path, char * const *argv)
{ {

3
winsup/cygwin/pinfo.h
View File

@ -199,9 +199,6 @@ void __stdcall set_myself (pid_t pid, HANDLE h = NULL);
extern pinfo myself; extern pinfo myself;
#define _P_VFORK 0 #define _P_VFORK 0
extern "C" int _spawnve (HANDLE hToken, int mode, const char *path,
const char *const *argv, const char *const *envp);
extern void __stdcall pinfo_fixup_after_fork (); extern void __stdcall pinfo_fixup_after_fork ();
extern HANDLE hexec_proc; extern HANDLE hexec_proc;

6
winsup/cygwin/security.cc
View File

@ -46,8 +46,7 @@ BOOL allow_ntsec;
The default is TRUE to reflect the old behaviour. */ The default is TRUE to reflect the old behaviour. */
BOOL allow_smbntsec = TRUE; BOOL allow_smbntsec = TRUE;
extern "C" extern "C" void
void
cygwin_set_impersonation_token (const HANDLE hToken) cygwin_set_impersonation_token (const HANDLE hToken)
{ {
debug_printf ("set_impersonation_token (%d)", hToken); debug_printf ("set_impersonation_token (%d)", hToken);
@ -100,8 +99,7 @@ extract_nt_dom_user (const struct passwd *pw, char *domain, char *user)
} }
} }
extern "C" extern "C" HANDLE
HANDLE
cygwin_logon_user (const struct passwd *pw, const char *password) cygwin_logon_user (const struct passwd *pw, const char *password)
{ {
if (!wincap.has_security ()) if (!wincap.has_security ())

53
winsup/cygwin/spawn.cc
View File

@ -316,7 +316,7 @@ av::unshift (const char *what, int conv)
} }
static int __stdcall static int __stdcall
spawn_guts (HANDLE hToken, const char * prog_arg, const char *const *argv, spawn_guts (const char * prog_arg, const char *const *argv,
const char *const envp[], int mode) const char *const envp[], int mode)
{ {
BOOL rc; BOOL rc;
@ -612,21 +612,18 @@ spawn_guts (HANDLE hToken, const char * prog_arg, const char *const *argv,
else else
envblock = winenv (envp, 0); envblock = winenv (envp, 0);
const char *runpath = null_app_name ? NULL : (const char *) real_path;
syscall_printf ("null_app_name %d (%s, %.132s)", null_app_name, runpath, one_line.buf);
void *newheap;
/* Preallocated buffer for `sec_user' call */ /* Preallocated buffer for `sec_user' call */
char sa_buf[1024]; char sa_buf[1024];
if (!hToken && cygheap->user.impersonated
&& cygheap->user.token != INVALID_HANDLE_VALUE)
hToken = cygheap->user.token;
const char *runpath = null_app_name ? NULL : (const char *) real_path;
syscall_printf ("spawn_guts null_app_name %d (%s, %.132s)", null_app_name, runpath, one_line.buf);
void *newheap;
cygbench ("spawn-guts"); cygbench ("spawn-guts");
if (!hToken) if (!cygheap->user.impersonated || cygheap->user.token == INVALID_HANDLE_VALUE)
{ {
ciresrv.moreinfo->uid = getuid32 (); ciresrv.moreinfo->uid = getuid32 ();
/* FIXME: This leaks a handle in the CreateProcessAsUser case since the /* FIXME: This leaks a handle in the CreateProcessAsUser case since the
child process doesn't know about cygwin_mount_h. */ child process doesn't know about cygwin_mount_h. */
@ -649,7 +646,8 @@ spawn_guts (HANDLE hToken, const char * prog_arg, const char *const *argv,
{ {
cygsid sid; cygsid sid;
DWORD ret_len; DWORD ret_len;
if (!GetTokenInformation (hToken, TokenUser, &sid, sizeof sid, &ret_len)) if (!GetTokenInformation (cygheap->user.token, TokenUser, &sid,
sizeof sid, &ret_len))
{ {
sid = NO_SID; sid = NO_SID;
system_printf ("GetTokenInformation: %E"); system_printf ("GetTokenInformation: %E");
@ -685,7 +683,7 @@ spawn_guts (HANDLE hToken, const char * prog_arg, const char *const *argv,
si.lpDesktop = wstname; si.lpDesktop = wstname;
newheap = cygheap_setup_for_child (&ciresrv, cygheap->fdtab.need_fixup_before ()); newheap = cygheap_setup_for_child (&ciresrv, cygheap->fdtab.need_fixup_before ());
rc = CreateProcessAsUser (hToken, rc = CreateProcessAsUser (cygheap->user.token,
runpath, /* image name - with full path */ runpath, /* image name - with full path */
one_line.buf, /* what was passed to exec */ one_line.buf, /* what was passed to exec */
sec_attribs, /* process security attrs */ sec_attribs, /* process security attrs */
@ -786,9 +784,6 @@ spawn_guts (HANDLE hToken, const char * prog_arg, const char *const *argv,
sigproc_printf ("spawned windows pid %d", pi.dwProcessId); sigproc_printf ("spawned windows pid %d", pi.dwProcessId);
if (hToken && hToken != cygheap->user.token)
CloseHandle (hToken);
DWORD res; DWORD res;
BOOL exited; BOOL exited;
@ -909,8 +904,8 @@ cwait (int *result, int pid, int)
*/ */
extern "C" int extern "C" int
_spawnve (HANDLE hToken, int mode, const char *path, const char *const *argv, spawnve (int mode, const char *path, const char *const *argv,
const char *const *envp) const char *const *envp)
{ {
int ret; int ret;
vfork_save *vf = vfork_storage.val (); vfork_save *vf = vfork_storage.val ();
@ -920,14 +915,14 @@ _spawnve (HANDLE hToken, int mode, const char *path, const char *const *argv,
else else
vf = NULL; vf = NULL;
syscall_printf ("_spawnve (%s, %s, %x)", path, argv[0], envp); syscall_printf ("spawnve (%s, %s, %x)", path, argv[0], envp);
switch (mode) switch (mode)
{ {
case _P_OVERLAY: case _P_OVERLAY:
/* We do not pass _P_SEARCH_PATH here. execve doesn't search PATH.*/ /* We do not pass _P_SEARCH_PATH here. execve doesn't search PATH.*/
/* Just act as an exec if _P_OVERLAY set. */ /* Just act as an exec if _P_OVERLAY set. */
spawn_guts (hToken, path, argv, envp, mode); spawn_guts (path, argv, envp, mode);
/* Errno should be set by spawn_guts. */ /* Errno should be set by spawn_guts. */
ret = -1; ret = -1;
break; break;
@ -937,7 +932,7 @@ _spawnve (HANDLE hToken, int mode, const char *path, const char *const *argv,
case _P_WAIT: case _P_WAIT:
case _P_DETACH: case _P_DETACH:
subproc_init (); subproc_init ();
ret = spawn_guts (hToken, path, argv, envp, mode); ret = spawn_guts (path, argv, envp, mode);
if (vf && ret > 0) if (vf && ret > 0)
{ {
debug_printf ("longjmping due to vfork"); debug_printf ("longjmping due to vfork");
@ -975,7 +970,7 @@ spawnl (int mode, const char *path, const char *arg0, ...)
va_end (args); va_end (args);
return _spawnve (NULL, mode, path, (char * const *) argv, cur_environ ()); return spawnve (mode, path, (char * const *) argv, cur_environ ());
} }
extern "C" int extern "C" int
@ -997,8 +992,7 @@ spawnle (int mode, const char *path, const char *arg0, ...)
envp = va_arg (args, const char * const *); envp = va_arg (args, const char * const *);
va_end (args); va_end (args);
return _spawnve (NULL, mode, path, (char * const *) argv, return spawnve (mode, path, (char * const *) argv, (char * const *) envp);
(char * const *) envp);
} }
extern "C" int extern "C" int
@ -1046,14 +1040,7 @@ spawnlpe (int mode, const char *path, const char *arg0, ...)
extern "C" int extern "C" int
spawnv (int mode, const char *path, const char * const *argv) spawnv (int mode, const char *path, const char * const *argv)
{ {
return _spawnve (NULL, mode, path, argv, cur_environ ()); return spawnve (mode, path, argv, cur_environ ());
}
extern "C" int
spawnve (int mode, const char *path, char * const *argv,
const char * const *envp)
{
return _spawnve (NULL, mode, path, argv, envp);
} }
extern "C" int extern "C" int
@ -1067,5 +1054,5 @@ spawnvpe (int mode, const char *file, const char * const *argv,
const char * const *envp) const char * const *envp)
{ {
path_conv buf; path_conv buf;
return _spawnve (NULL, mode, find_exec (file, buf), argv, envp); return spawnve (mode, find_exec (file, buf), argv, envp);
} }