* shared_info.h: Include security.h.
(open_shared): Add psa argument.
(user_shared_initialize): New declaration.
* security.h: Add _SECURITY_H guard.
(sec_user): Use sec_none in the no ntsec case.
* spawn.cc (spawn_guts): Remove call to load_registry_hive.
* syscalls (seteuid32): If warranted, call load_registry_hive,
user_shared_initialize and RegCloseKey(HKEY_CURRENT_USER).
* shared.cc (user_shared_initialize): New.
(open_shared): Add and use psa argument.
(memory_init): Move mount table initialization to
user_shared_initialize. Call it.
(cygheap_user::token): Delete.
(cygheap_user::impersonated): Delete.
(cygheap_user::external_token): New member.
(cygheap_user::internal_token): New member.
(cygheap_user::impersonation_state): New member.
(cygheap_user::issetuid): Modify.
(cygheap_user::token): New method.
(cygheap_user::deimpersonate): New method.
(cygheap_user::reimpersonate): New method.
(cygheap_user::has_impersonation_tokens): New method.
(cygheap_user::close_impersonation_tokens): New method.
* dtable.cc (dtable::vfork_child_dup): Use new cygheap_user methods.
* fhandler_socket.cc (fhandler_socket::dup): Ditto.
* fork.cc (fork_child): Ditto.
(fork_parent): Ditto.
* grp.cc (internal_getgroups): Ditto.
* security.cc (verify_token): Ditto.
(check_file_access): Ditto.
(cygwin_set_impersonation_token): Detect conflicts. Set
user.external_token.
* spawn.cc (spawn_guts): Use new cygheap_user methods.
* syscalls.cc (seteuid32): Rearrange to use the two tokens
in cygheap_user.
(setegid32): Use new cygheap_user methods.
* uinfo.cc: (internal_getlogin): Ditto.
cygerrno.h.
* include/cygwin/config.h (__DYNAMIC_REENT__): Define.
* include/cygwin/version.h: Bump API minor version.
* cygwin.din: Export __getreent
* cygerrno.h: Include errno.h. Fix places where _impure_ptr is used directly
to store the errno value.
* debug.cc (__set_errno): Ditto.
* errno.cc: Remove _RRENT_ONLY define to get errno.cc compiled.
* signal.cc: Rename _reent_clib to _REENT throughout.
* thread.h (reent_clib): Remove prototype.
* thread.cc (reent_clib): Rename reent_clib to __getreent. Return _impure_ptr
until MTinterface is initialized.
(reent_winsup): Fix a possible SEGV when _r == NULL. Return NULL instead.
* MTinterface::fixup_after_fork: Switch reent back to _impure_ptr to keep
signal handling running when fork is called from a thread other than the
mainthread.
when the real {u,g}ids and the groups are original.
Move RevertToSelf and ImpersonateLoggedOnUser to the main line.
* uinfo.cc (uinfo_init): Reorganize. If CreateProcess was called
while impersonated, preserve the uids and gids and call
ImpersonateLoggedOnUser. Preserve the uids and gids on Win9X.
* exceptions.cc (error_start_init): Quote the pgm in the command.
update the euid and call cygheap->user.set_name. Remove special
handling of ILLEGAL_UID.
(setgid32): Add a debug_printf. On Win95, always set the egid.
Remove special handling of ILLEGAL_GID. Do not compare gid and gr_gid.
* child_info.h (class cygheap_exec_info): Remove uid.
* spawn.cc (spawn_guts): Do not set ciresrv.moreinfo->uid.
* dcrto.cc (dll_crt0_1): Always call uinfo_init.
* uinfo.cc (uinfo_init): Reorganize and close handle if needed.
(cygheap_user::ontherange): Do not call internal_getpwnam if pw is NULL.
* dtable.h (dtable::set_file_pointers_for_exec): Declare new function.
* spawn.cc (spawn_guts): Call dtable::set_file_pointers_for_exec to set
pointers to EOF when execing non-cygwin applications.
before SetEvent to eliminate a race.
(cygthread::terminate): Accumulate list of threads to check for termination and
call WaitForMultipleObjects on list rather than waiting for each thread
individually.
* sigproc.cc (subproc_init): Zap hwait_subproc thread handle since it is no
longer used.
* spawn.cc (spawn_guts): Fix so that cygthread::terminate is *really* called
only for exec.
Initialize thread_sync event here which is used to Suspend using an event
rather than relying on SuspendThread/ResumeThread.
(cygthread::init): Save handle to runner thread for future termination.
(cygthread::cygthread): Only resume thread when it is actually suspended.
Otherwise signal thread completion event.
(cygthread::terminate): Forcibly terminate runner thread and any helper
threads. Call DisableThreadLibrary calls if execing.
* cygthread.h (cygthread::thread_sync): Declare.
* dcrt0.cc (do_exit): Eliminate calls to obsolete window_terminate and
shared_terminate.
* exceptions.cc (events_terminate): Don't bother closing title_mutex since it
is going away anyway.
* pinfo.cc (_pinfo::exit): Call cygthread::terminate to ensure that threads are
shut down before process exit or otherwise strange races seem to occur.
* shared.cc (shared_terminate): Eliminate.
* shared.h (shared_terminate): Eliminate declaration.
* winsup.h (window_terminate): Eliminate declaration.
* spawn.cc (spawn_guts): Call cygthread::terminate early in process if execing.
Call DisableThreadLibrary calls if execing.
* window.cc (Winmain): Call ExitThread to force exit.
(window_terminate): Eliminate.
* dcrt0.cc (do_exit): Track exit state more closely.
(cygheap_setup_for_child): Detect when default size of shared region is less
than the current size and allocate that much.
(_cbrk): Just return NULL on inability to allocate.
(_cmalloc): Ditto.
* cygheap.h (CYGHEAPSIZE): Change size to reflect newer, tinier fhandler sizes.
* spawn.cc (av::error): New element, reflects potential errno from cmalloc.
(av::~av): Don't free NULL pointers.
(av::replace0_maybe): Detect out-of-memory conditions.
(av::dup_maybe): Ditto.
(av::dup_all): Ditto.
(av::unshift): Ditto.
(spawn_guts): Set errno and return if argv creation ran into problems.
* fhandler.h (fhandler_union): Change member names to something safer.
* fhandler_console.cc (fhandler_console::get_tty_stuff): Always set
fhandler_console::dev_state regardless of whether shared region is initialized.
* cygthread.cc (cygthread::runner): Use ExitThread rather than return
(planning for future).
(vfork_save::restore_pid): New method.
(vfork_save::restore_exit): New method.
* fork.cc (vfork): Save ctty, sid, pgid and restore them when returning to
"parent". Use exitval field if exiting but never created a new process.
* syscalls.cc (setsid): Detect when in "vfork" and force an actual fork so that
pid will be allocated (UGLY!).
(getsid): New function.
* dcrt0.cc (do_exit): Use vfork_save::restore_exit method for returning from a
vfork.
* spawn.cc (spawnve): Use vfork_save::{restore_pid,restore_exit} methods for
returning from vfork.
* cygwin.din: Export getsid.
* include/cygwin/version.h: Bump api minor number.
* malloc.cc: #ifdef sYSTRIm for when MORECORE_CANNOT_TRIM is true.
functionality.
* cygheap.cc (init_cheap): Move cygheap_max calculation to _csbrk.
(_csbrk): Reorganize to not assume first allocation is <= 1 page.
(cygheap_setup_for_child): Mark protected handle as inheritable.
* cygheap.h (cygheap_debug): New struct.
(init_cygheap): Add new structure when debugging.
* dcrt0.cc (dll_crt0_1): Remove call to debug_init. Close ppid_handle here, if
appropriate. Don't protect subproc_ready, since it is already protected in the
parent. Call memory_init prior to ProtectHandle to ensure that cygheap is set
up. Call debug_fixup_after_fork_exec when appropriate.
(_dll_crt0): Don't close ppid_handle here.
* debug.cc: Use cygheap debug structure rather than static elements throughout.
(add_handle): Don't issue a warning if attempt to protect handle in exactly the
same way from exactly the same place. Add pid info to warning output. Accept
additional argument controlling whether handle is to be inherited. Add pid to
stored information.
(debug_fixup_after_fork_exec): Renamed from debug_fixup_after_fork. Reorganize
to avoid erroneously skipping handles.
(mark_closed): Add pid info to warning output.
(setclexec): Rename from setclexec_pid.
* fhandler.cc (fhandler_base::get_default_fmode): Minor reorg.
(fhandler_base::fstat): Add debugging output.
(fhandler_base::set_inheritance): Call setclexec rather than setclexec_pid.
(fhandler_base::fork_fixup): Ditto.
* fhandler_console.cc (get_tty_stuff): Mark protected handle as inheritable.
* fhandler_tty.cc (fhandler_tty_slave::open): Ditto.
* tty.cc (tty::make_pipes): Ditto.
(tty::common_init): Ditto.
* fork.cc (fork_parent): Ditto.
(fork_child): Close protected handles with correct name. Remove
debug_fixup_after_fork call.
* fhandler_socket.cc (fhandler_socket::create_secret_event): Mark protected
handle as inheritable/non-inheritable, as appropriate.
* shared.cc (memory_init): Mark protected handle as inheritable. Call
debug_init here.
* sigproc.cc (wait_sig): Close protected handle with correct name.
* spawn.cc (spawn_guts): Rename spr to subproc_ready and mark it as
inheritable.
* exceptions.cc (debugger_command): Try to run dumper.exe, if found.
* syscalls.cc (fstat64): Don't follow symlinks for path_conv lookup since path
is already resolved.
* dtable.cc (dtable::vfork_child_dup): Use new method to determine if we are in
"setuid mode."
* fork.cc (fork_parent): Ditto.
* spawn.cc (spawn_guts): Ditto.
* syscalls.cc (seteuid32): Ditto.
(setegid32): Ditto.
* environ.cc (spenv::retrieve): (Suggested by Pierre Humblet) Do potential
recalculation of cygheap_user stuff when in setuid mode. Return special value
when environment variable exists but should not be added.
(build_env): Don't add retrieved value to dstp if it is 'dont_add'.
* environ.cc (build_env): Add debugging statement.
(spenvs): Switch functions for USERDOMAIN and USERNAME.
* spawn.cc (spawn_guts): Move environment initialization prior to
cygheap_setup_for_child or environment info will never be copied to child.
(cygheap_user::set_domain): Ditto.
* cygheap.h (cygheap_user::set_logsrv): Remove declaration.
(cygheap_user::set_domain): Ditto.
(cygheap_user::env_domain): Declare new method.
(cygheap_user::env_name): Ditto.
* environ.cc (spenvs): Add two environment variables.
* spawn.cc (spawn_guts): Call build_env after RevertToSelf. Always set
ciresrv.mount_h.
(cygheap_user::ontherange): Recalculate homedrive/homepath if they are empty.
Use env_logsrv to get logon server.
(cygheap_user::env_logsrv): Calculate server name here rather than relying on
it having been previously calculated.
(cygheap_user::env_domain): Ditto for domain name.
(cygheap-user::env_name): New method.
* syscalls.cc (seteuid32): Do not get or set the environment. Do not call
LookupAccountSid nor internal_getlogin. Set cygheap->user name and sid from
the passwd entry.
* uinfo.cc (uinfo_init): Only call internal_getlogin when starting from a non
Cygwin process and use the values returned in user.
(internal_getlogin): Simplify to case where starting from a non Cygwin process.
Store return values in user and return void. Do not set the Windows default
environment.
* dcrt0.cc (dll_crt0_1): Call uinfo_init only when needed. Do not set
myself->uid nor reset user.sid.
* spawn.cc (spawn_guts): Get the sid from cygheap->user. Always
RevertToSelf(). Don't set uid in impersonated case.
* cygheap.cc (cygheap_user::set_sid): Do not set orig_sig.
(cygheap_user::set_orig_sid): New.
* cygheap.h: Declare cygheap_user::set_sid.
* winsup.h: Add argument to uinfo_init().
user name change.
(cygheap_user::set_logsrv): Allocate enough space for leading \\ so that we can
put this in the environment, if needed.
* cygheap.h (homebodies): New enum.
(cygheap_user::homedrive): New field.
(cygheap_user::homepath): Ditto.
(cygheap_user::env_logsrv): New method.
(cygheap_user::env_homepath): New method.
(cygheap_user::env_homedrive): New method.
(cygheap_user::env_userprofile): New method.
(cygheap_user::ontherange): New method.
* environ.cc (envsize): Eliminate debugging argument.
(environ_init): Assume that envc counts number of elments not total size.
(spenv): New class.
(spenvs): New array, renamed from forced_winenv_vars, using spenv.
(spenv::retrieve): New method.
(build_env): Rename from 'winenv' -- one stop shopping for building new
environment blocks for both windows and "unix".
* environ.h (build_env: Declare.
(winenv): Delete declaration.
(envsize): Ditto.
* spawn.cc (spawn_guts): Use build_env to build windows and cygwin environment
blocks.
* uinfo.cc (internal_getlogin): Eliminate environment manipulation. Default to
info from GetUserName if it exists. Move HOMEPATH and HOMEDRIVE stuff
elsewhere. Move HOME setting elsewhere. Only set HOME environment variable in
processes that are not parented by a cygwin process.
(cygheap_user::ontherange): Define new method.
(cygheap_user::env_logsrv): Ditto.
(cygheap_user::env_homepath): Ditto.
(cygheap_user::env_homedrive): Ditto.
(cygheap_user::env_userprofile): Ditto.
command-line setting.
* cygwin.din: Export sexec* functions as function which returns ENOSYS
(i.e., sexec* is deprecated).
* dtable.cc (dtable::vfork_child_dup): Ensure that impersonation is restored
even on failure.
* exec.cc: Throughout, remove references to sexec* and _spawnve.
* pinfo.h: Remove _spawnve declaration.
* spawn.cc: Rename _spawnve to spawnve and use throughout.
(spawn_guts): Eliminate hToken argument and processing of same. Just perform
special actions if impersonating.
(spawnve): Rename from _spawnve.
where appropriate, throughout. Remove unneeded exceptions.h, where
appropriate, throughout. Remove unneeded perprocess.h, where appropriate,
throughout.
inheritance/permission.
* spawn.cc (spawn_guts): Ditto.
* security.cc (create_token): Initialize token so that it is not tested for
bogus value later. Use sec_user to control process/thread creation.
* security.h (__sec_user): Rename declaration from sec_user.
(sec_user_nih): Declare here as inline function wrapper for __sec_user.
(sec_user): Ditto.
* sigproc.cc (czombies): Allocate a character array for zombies to avoid
constructor overhead
(extremely hackish, I know).
(cpchildren): Ditto.
(pchildren): New define.
(zombies): Ditto.
(getsem): Use sec_user_nih to control semaphore inheritance/permission.
(ctrl_c_handler): Attempt to work around potential signal duplication during
process startup.
(sig_handle): Ignore SIGINT when we're just an "exec stub".
* spawn.cc (spawn_guts): Store pid of spawned process in global for use by
ctrl_c_handler.
* dcrt0.cc (dll_crt0_1): Call renamed initialization function.
* winsup.h: Reflect function name change.
(cygheap_fdmanip::isopen): New method.
* syscalls.cc (_read): Avoid accessing closed fd.
* path.h (fe_types): New enum.
(path_conv::set_path): New method.
(find_exec): Change null_if_not_found argument to something more generic.
* spawn.cc (find_exec): Default to returning the POSIX path rather than the
windows path, unless instructed otherwise.
(spawn_guts): Force call to find_exec to use native paths.
* dlfcn.cc (check_path_access): Accommodate new find_exec arguments.
* environ.h (win_env::get_posix): New method.
* fork.cc (vfork): Add debugging statements.
* path.cc (get_device_number): Make static. Rewrite to inspect both unix and
windows paths.
(get_raw_device_number): Just check for parts of raw device that we care about.
(get_devn): New function, pulled from get_device_number.
(win32_device_name): Accomodate arg changes to get_device_number.
(mount_info::get_device_number): Call get_device_number on translated Windows
path.
* spawn.cc (spawn_guts): Don't treat P_VFORK differently from P_NOWAIT. Add
handle to child's shared region to child so that it will be preserved if the
parent goes away.
* fhandler.h: Throughout, simplify to one open method for all fhandler classes,
requiring a path_conv first element.
* fhandler.cc (fhandler_base::open): Remove obsolete method. Generalize to
require path_conv * as first argument.
(fhandler_disk_file::open): Remove obsolete method.
(fhandler_disk_file::open): Use path_conv pointer rather than reference.
* fhandler_clipboard.cc (fhandler_dev_clipboard::dup): Use new open method.
(fhandler_dev_clipboard::open): Accomodate new argument for open methods.
* fhandler_console.cc (fhandler_console::open): Ditto.
(fhandler_console::dup): Use new open method.
(fhandler_console::fixup_after_fork): Ditto.
(fhandler_console::fixup_after_exec): Ditto.
* fhandler_dsp.cc (fhandler_dev_dsp::open): Accomodate new argument for open
methods.
* fhandler_floppy.cc (fhandler_dev_floppy::open): Ditto.
* fhandler_mem.cc (fhandler_dev_mem::open): Ditto.
* fhandler_random (fhandler_dev_random::open): Ditto.
* fhandler_raw.cc (fhandler_dev_raw::open): Ditto.
* fhandler_serial.cc (fhandler_serial::open): Ditto.
* fhandler_tape.cc (fhandler_dev_tape::open): Ditto.
* fhandler_tty.cc (fhandler_tty_slave::open): Ditto.
(fhandler_pty_master::open): Ditto.
* fhandler_windows.cc (fhandler_windows::open): Ditto.
* fhandler_zero.cc (fhandler_dev_zero::open): Ditto.
* fhandler_socket.cc (fhandler_socket::set_connect_secret): Accomodate new
argument for open methods.
* syscalls.cc (_open): Ditto.
(stat_worker): Ditto.
operators to simplify testing for directory and attributes, throughout.
* path.h (path_conv::exists): New method.
(path_conv::has_attribute): Ditto.
(path_conv::isdir): Ditto.
(path_conv::DWORD &): New operator.
(path_conv::int &): Ditto.
* dir.cc (rmdir): Eliminate a goto.
* dtable.cc (dtable::build_fhandler): Accept opt and suffix info for
path_conv.check. Return fh == NULL on path_conv error. Pass unit to set_name
as appropriate.
(dtable::reset_unix_path_name): New method.
* dtable.h (dtable): Declare new method. Reflect arg changes to
build_fhandler.
* fhandler.cc (fhandler_disk_dummy_name): Eliminate.
(fhandler_base::set_name): Expect paths to be NULL. Build unix_path_name from
win32_path_name when it is a device.
(fhandler_base::reset_unix_path_name): New method.
(fhandler_base::raw_read): Report EISDIR when ERROR_INVALID_FUNCTION or
ERROR_INVALID_PARAMETER and reading a directory.
(fhandler_disk_file::fstat): Don't call stat_dev since we should now never be
calling fhandler_disk_file methods with devices.
(fhandler_base::fhandler_base): Clear {unix,win32}_path_name.
(fhandler_base::~fhandler_base): Always free {unix,win32}_path_name.
(fhandler_disk_file::fhandler_disk_file): Remove set_no_free_names kludge.
(fhandler_disk_file::open): Ditto.
* fhandler.h (fhandler_base::no_free_names): Eliminate.
(fhandler_base::set_no_free_names): Ditto.
* fhandler_tty.cc (fhandler_tty_slave::fhandler_tty_slave): Don't set
unix_path_name here.
* path.cc (fchdir): Lock fd table throughout. Use new
dtable::reset_unix_path_name method to reset path.
* syscalls.cc (stat_worker): Reorganize to always call fstat method. Pass
path_conv method to fhandler_*::open.
(chroot): Elminate a goto.
(cygheap_setup_for_child): Accept new argument controlling whether to delay
copying of cygheap to shared memory region.
(cygheap_setup_for_child_cleanup): Accept new arguments controlling whether to
copy cygheap at this point.
* cygheap.h: Reflect above changes.
* fork.cc (fork_parent): Break copying of cygheap into two parts when
fork_fixup is required so that the child can see the parent's changes.
(vfork): Do stack cleanup prior to forcing a fork error.
* spawn.cc (spawn_guts): Ditto.
* dcrt0.cc (set_os_type): Set 'iswinnt' appropriately.
* cygheap.cc (init_cheap): Revert to using VirtualAlloc for allocating cygheap.
(cygheap_setup_for_child_cleanup): New function. Standard function to call
after calling CreateProcess to cleanup cygheap info passed to child.
(cygheap_fixup_in_child): Copy cygheap from shared memory into allocated space
under Windows 9x or if can't relocate shared space under NT.
* cygheap.h: Declare new function.
* spawn.cc (spawn_guts): Use cygheap_fixup_in_child.
* fork.cc (fork_parent): Ditto.
* winsup.h: Declare iswinnt.
fhandler.h.
* fhandler.h (fhandler_base::get_inheritance): New method.
* fhandler_socket.cc (fhandler_socket::create_secret_event): Use proper
close-on-exec inheritance when creating.
(fhandler_socket::check_peer_secret_event): Create handle as non-inheritable.
* dcrt0.cc (dll_crt0_1): Move uid initialization earlier.
* fork.cc (fork_parent): Move cygheap_setup_in_child to just prior to
CreateProcess so that all contents of cygheap are copied.
* spawn.cc (spawn_guts): Ditto.
(class child_info): Add an element.
* cygheap.cc (init_cheap): Allocate cygwin heap in shared memory area.
(cygheap_fixup_in_child): Map cygwin heap, passed from parent via shared memory
into correct address.
(cygheap_setup_for_child): New function.
* cygheap.h: Declare new functions.
* dcrt0.cc (dll_crt0_1): Accomodate new cygheap_fixup_in_child arguments.
Avoid protecting subproc_ready unless it is spawn/nowait.
* fork.cc (fork_parent): Use new cygheap_setup_for_child function to setup
cygwin heap info. Close passed cygheap shared memory handle.
* spawn.cc (spawn_guts): Ditto. Also, reorganize to avoid synchronization
between parent and child in non-P_OVERLAY case.
* sigproc.cc (wait_sig): Only signal subproc_ready when execing.
being read for executable test since we could be checking for less than that.
* syscalls.cc (stat_worker): Try opening the file the "correct" way first so
that #! processing can potentially happen. If that fails, then use "query
open" method.
* spawn.cc (spawn_guts): Delay processing of signal until after we've notified
parent about reparenting.