+2004-10-28 Pierre Humblet <pierre.humblet@ieee.org>
+
+ * path.cc (mount_info::from_registry): Deimpersonate while
+ accessing HKLM.
+ (mount_info::read_cygdrive_info_from_registry): Ditto.
+ * cygheap.h: Define NO_IMPERSONATION.
+ (cygheap_user::issetuid): Replace INVALID_HANDLE_VALUE by
+ NO_IMPERSONATION.
+ (cygheap_user::has_impersonation_tokens): Ditto.
+ (cygheap_user::close_impersonation_tokens): Ditto.
+ * uinfo.cc (uinfo_init): Ditto.
+ * syscalls.cc (seteuid32): Ditto.
+ * security.cc (set_impersonation_token): Ditto.
+
2004-10-26 Christopher Faylor <cgf@timesys.com>
* cygtls.cc (_cygtls::fixup_after_fork): Wipe out exitsock local since
PSID sid () { return effec_cygsid; }
PSID saved_sid () { return saved_cygsid; }
const char *ontherange (homebodies what, struct passwd * = NULL);
- bool issetuid () const { return current_token != INVALID_HANDLE_VALUE; }
+#define NO_IMPERSONATION NULL
+ bool issetuid () const { return current_token != NO_IMPERSONATION; }
HANDLE token () { return current_token; }
void deimpersonate ()
{
system_printf ("ImpersonateLoggedOnUser: %E");
}
bool has_impersonation_tokens ()
- { return external_token != INVALID_HANDLE_VALUE
- || internal_token != INVALID_HANDLE_VALUE
- || current_token != INVALID_HANDLE_VALUE; }
+ { return external_token != NO_IMPERSONATION
+ || internal_token != NO_IMPERSONATION
+ || current_token != NO_IMPERSONATION; }
void close_impersonation_tokens ()
{
- if (current_token != INVALID_HANDLE_VALUE)
+ if (current_token != NO_IMPERSONATION)
{
if( current_token != external_token && current_token != internal_token)
CloseHandle (current_token);
- current_token = INVALID_HANDLE_VALUE;
+ current_token = NO_IMPERSONATION;
}
- if (external_token != INVALID_HANDLE_VALUE)
+ if (external_token != NO_IMPERSONATION)
{
CloseHandle (external_token);
- external_token = INVALID_HANDLE_VALUE;
+ external_token = NO_IMPERSONATION;
}
- if (internal_token != INVALID_HANDLE_VALUE)
+ if (internal_token != NO_IMPERSONATION)
{
CloseHandle (internal_token);
- internal_token = INVALID_HANDLE_VALUE;
+ internal_token = NO_IMPERSONATION;
}
}
const char *cygheap_user::test_uid (char *&, const char *, size_t)
read_mounts (r);
/* Then read mounts from system-wide mount table. */
+ cygheap->user.deimpersonate ();
reg_key r1 (HKEY_LOCAL_MACHINE, KEY_READ, "SOFTWARE",
CYGWIN_INFO_CYGNUS_REGISTRY_NAME, CYGWIN_REGNAME,
CYGWIN_INFO_CYGWIN_MOUNT_REGISTRY_NAME,
NULL);
read_mounts (r1);
+ cygheap->user.reimpersonate ();
}
/* add_reg_mount: Add mount item to registry. Return zero on success,
{
/* reg_key for user path prefix in HKEY_CURRENT_USER. */
reg_key r;
-
+ /* First read cygdrive from user's registry. */
if (r.get_string (CYGWIN_INFO_CYGDRIVE_PREFIX, cygdrive, sizeof (cygdrive), "") != 0)
{
- /* Didn't find the user path prefix so check the system path prefix. */
-
- /* reg_key for system path prefix in HKEY_LOCAL_MACHINE. */
+ /* Then read cygdrive from system-wide registry. */
+ cygheap->user.deimpersonate ();
reg_key r2 (HKEY_LOCAL_MACHINE, KEY_READ, "SOFTWARE",
CYGWIN_INFO_CYGNUS_REGISTRY_NAME, CYGWIN_REGNAME,
CYGWIN_INFO_CYGWIN_MOUNT_REGISTRY_NAME,
NULL);
+ cygheap->user.reimpersonate ();
if (r2.get_string (CYGWIN_INFO_CYGDRIVE_PREFIX, cygdrive,
sizeof (cygdrive), ""))
cygwin_set_impersonation_token (const HANDLE hToken)
{
debug_printf ("set_impersonation_token (%d)", hToken);
- cygheap->user.external_token = hToken;
+ cygheap->user.external_token = hToken == INVALID_HANDLE_VALUE ? NO_IMPERSONATION : hToken;
return;
}
if (verify_token (ptok, usersid, groups))
new_token = ptok;
/* Verify if the external token is suitable */
- else if (cygheap->user.external_token != INVALID_HANDLE_VALUE
+ else if (cygheap->user.external_token != NO_IMPERSONATION
&& verify_token (cygheap->user.external_token, usersid, groups))
new_token = cygheap->user.external_token;
/* Verify if the current token (internal or former external) is suitable */
- else if (cygheap->user.current_token != INVALID_HANDLE_VALUE
+ else if (cygheap->user.current_token != NO_IMPERSONATION
&& cygheap->user.current_token != cygheap->user.external_token
&& verify_token (cygheap->user.current_token, usersid, groups,
&token_is_internal))
new_token = cygheap->user.current_token;
/* Verify if the internal token is suitable */
- else if (cygheap->user.internal_token != INVALID_HANDLE_VALUE
+ else if (cygheap->user.internal_token != NO_IMPERSONATION
&& cygheap->user.internal_token != cygheap->user.current_token
&& verify_token (cygheap->user.internal_token, usersid, groups,
&token_is_internal))
goto failed;
}
/* Keep at most one internal token */
- if (cygheap->user.internal_token != INVALID_HANDLE_VALUE)
+ if (cygheap->user.internal_token != NO_IMPERSONATION)
CloseHandle (cygheap->user.internal_token);
cygheap->user.internal_token = new_token;
}
+
if (new_token != ptok)
{
/* Avoid having HKCU use default user */
CloseHandle (ptok);
issamesid = (usersid == cygheap->user.sid ());
cygheap->user.set_sid (usersid);
- cygheap->user.current_token = new_token == ptok ? INVALID_HANDLE_VALUE
+ cygheap->user.current_token = new_token == ptok ? NO_IMPERSONATION
: new_token;
if (!issamesid) /* MS KB 199190 */
RegCloseKey (HKEY_CURRENT_USER);
cygheap->user.saved_uid = cygheap->user.real_uid = myself->uid;
cygheap->user.saved_gid = cygheap->user.real_gid = myself->gid;
- cygheap->user.external_token = INVALID_HANDLE_VALUE;
- cygheap->user.internal_token = INVALID_HANDLE_VALUE;
- cygheap->user.current_token = INVALID_HANDLE_VALUE;
+ cygheap->user.external_token = NO_IMPERSONATION;
+ cygheap->user.internal_token = NO_IMPERSONATION;
+ cygheap->user.current_token = NO_IMPERSONATION;
cygheap->user.set_saved_sid (); /* Update the original sid */
}
OSDN Git Service
