Fall back on SetNamedSecurityInfo if SetFileSecurity fails in acl_set_file.

src/w32.c (set_named_security_info): New function. (acl_set_file): Fall back on set_named_security_info if set_file_security fails. Fixes rare failures in backups. (g_b_init_set_named_security_info_w) (g_b_init_set_named_security_info_a): New static variables. (globals_of_w32): Initialize them to zero. (set_named_security_info): Set them to non-zero if the corresponding API is available. (SetNamedSecurityInfoW_Proc, SetNamedSecurityInfoA_Proc): New function typedefs.
author: Fabrice Popineau 2013-12-31 17:00:43 +0200
committer: Eli Zaretskii 2013-12-31 17:00:43 +0200
commit: 0bbd0e0b1d5f358c85506dcc5451e14fb95864a8 (patch)
tree: 0a56bb067ef4682c3b634bc9d4ff9e2b558d728c /src
parent: 9b3c0a162e7876bab09c299ff4d803b632bf3ac8 (diff)
download: emacs-0bbd0e0b1d5f358c85506dcc5451e14fb95864a8.tar.gz
emacs-0bbd0e0b1d5f358c85506dcc5451e14fb95864a8.zip
2 files changed, 115 insertions, 5 deletions
diff --git a/src/ChangeLog b/src/ChangeLog
index d7c772df2dd..356d0b7bbf5 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,16 @@
+2013-12-31  Fabrice Popineau  <fabrice.popineau@supelec.fr>
+        * w32.c (set_named_security_info): New function.
+        (acl_set_file): Fall back on set_named_security_info if
+        set_file_security fails.
+        (g_b_init_set_named_security_info_w)
+        (g_b_init_set_named_security_info_a): New static variables.
+        (globals_of_w32): Initialize them to zero.
+        (set_named_security_info): Set them to non-zero if the
+        corresponding API is available.
+        (SetNamedSecurityInfoW_Proc, SetNamedSecurityInfoA_Proc): New
+        function typedefs.
 2013-12-31  Martin Rudalics  <rudalics@gmx.at>
        Some more fixes following pixelwise resize changes including one
diff --git a/src/w32.c b/src/w32.c
index 3fdb673b63f..4e7f77e9b95 100644
--- a/src/w32.c
+++ b/src/w32.c
@@ -303,6 +303,8 @@ static BOOL g_b_init_convert_sddl_to_sd;
 static BOOL g_b_init_is_valid_security_descriptor;
 static BOOL g_b_init_set_file_security_w;
 static BOOL g_b_init_set_file_security_a;
+static BOOL g_b_init_set_named_security_info_w;
+static BOOL g_b_init_set_named_security_info_a;
 static BOOL g_b_init_get_adapters_info;
 /*
@@ -377,6 +379,22 @@ typedef BOOL (WINAPI *SetFileSecurityA_Proc) (
    LPCSTR lpFileName,
    SECURITY_INFORMATION SecurityInformation,
    PSECURITY_DESCRIPTOR pSecurityDescriptor);
+typedef DWORD (WINAPI *SetNamedSecurityInfoW_Proc) (
+    LPCWSTR lpObjectName,
+    SE_OBJECT_TYPE ObjectType,
+    SECURITY_INFORMATION SecurityInformation,
+    PSID psidOwner,
+    PSID psidGroup,
+    PACL pDacl,
+    PACL pSacl);
+typedef DWORD (WINAPI *SetNamedSecurityInfoA_Proc) (
+    LPCSTR lpObjectName,
+    SE_OBJECT_TYPE ObjectType,
+    SECURITY_INFORMATION SecurityInformation,
+    PSID psidOwner,
+    PSID psidGroup,
+    PACL pDacl,
+    PACL pSacl);
 typedef BOOL (WINAPI * GetSecurityDescriptorOwner_Proc) (
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    PSID *pOwner,
@@ -811,6 +829,69 @@ set_file_security (const char *lpFileName,
    }
 }
+static DWORD WINAPI
+set_named_security_info (LPCTSTR lpObjectName,
+                         SE_OBJECT_TYPE ObjectType,
+                         SECURITY_INFORMATION SecurityInformation,
+                         PSID psidOwner,
+                         PSID psidGroup,
+                         PACL pDacl,
+                         PACL pSacl)
+{
+  static SetNamedSecurityInfoW_Proc s_pfn_Set_Named_Security_InfoW = NULL;
+  static SetNamedSecurityInfoA_Proc s_pfn_Set_Named_Security_InfoA = NULL;
+  HMODULE hm_advapi32 = NULL;
+  if (is_windows_9x () == TRUE)
+    {
+      errno = ENOTSUP;
+      return ENOTSUP;
+    }
+  if (w32_unicode_filenames)
+    {
+      wchar_t filename_w[MAX_PATH];
+      if (g_b_init_set_named_security_info_w == 0)
+        {
+          g_b_init_set_named_security_info_w = 1;
+          hm_advapi32 = LoadLibrary ("Advapi32.dll");
+          s_pfn_Set_Named_Security_InfoW =
+            (SetNamedSecurityInfoW_Proc) GetProcAddress (hm_advapi32,
+                                                         "SetNamedSecurityInfoW");
+        }
+      if (s_pfn_Set_Named_Security_InfoW == NULL)
+        {
+          errno = ENOTSUP;
+          return ENOTSUP;
+        }
+      filename_to_utf16 (lpObjectName, filename_w);
+      return (s_pfn_Set_Named_Security_InfoW (filename_w, ObjectType,
+                                              SecurityInformation, psidOwner,
+                                              psidGroup, pDacl, pSacl));
+    }
+  else
+    {
+      char filename_a[MAX_PATH];
+      if (g_b_init_set_named_security_info_a == 0)
+        {
+          g_b_init_set_named_security_info_a = 1;
+          hm_advapi32 = LoadLibrary ("Advapi32.dll");
+          s_pfn_Set_Named_Security_InfoA =
+            (SetNamedSecurityInfoA_Proc) GetProcAddress (hm_advapi32, 
+                                                         "SetNamedSecurityInfoA");
+        }
+      if (s_pfn_Set_Named_Security_InfoA == NULL)
+        {
+          errno = ENOTSUP;
+          return ENOTSUP;
+        }
+      filename_to_ansi (lpObjectName, filename_a);
+      return (s_pfn_Set_Named_Security_InfoA (filename_a, ObjectType,
+                                              SecurityInformation, psidOwner,
+                                              psidGroup, pDacl, pSacl));
+    }
+}
 static BOOL WINAPI
 get_security_descriptor_owner (PSECURITY_DESCRIPTOR pSecurityDescriptor,
                               PSID *pOwner,
@@ -5903,7 +5984,7 @@ acl_set_file (const char *fname, acl_type_t type, acl_t acl)
  DWORD err;
  int st = 0, retval = -1;
  SECURITY_INFORMATION flags = 0;
-  PSID psid;
+  PSID psidOwner, psidGroup;
  PACL pacl;
  BOOL dflt;
  BOOL dacl_present;
@@ -5929,11 +6010,13 @@ acl_set_file (const char *fname, acl_type_t type, acl_t acl)
  else
    fname = filename;
-  if (get_security_descriptor_owner ((PSECURITY_DESCRIPTOR)acl, &psid, &dflt)
+  if (get_security_descriptor_owner ((PSECURITY_DESCRIPTOR)acl, &psidOwner,
-      && psid)
+                                     &dflt)
+      && psidOwner)
    flags |= OWNER_SECURITY_INFORMATION;
-  if (get_security_descriptor_group ((PSECURITY_DESCRIPTOR)acl, &psid, &dflt)
+  if (get_security_descriptor_group ((PSECURITY_DESCRIPTOR)acl, &psidGroup,
-      && psid)
+                                     &dflt)
+      && psidGroup)
    flags |= GROUP_SECURITY_INFORMATION;
  if (get_security_descriptor_dacl ((PSECURITY_DESCRIPTOR)acl, &dacl_present,
                                    &pacl, &dflt)
@@ -5960,10 +6043,22 @@ acl_set_file (const char *fname, acl_type_t type, acl_t acl)
  e = errno;
  errno = 0;
+  /* SetFileSecurity is deprecated by MS, and sometimes fails when
+     DACL inheritance is involved, but it seems to preserve ownership
+     better than SetNamedSecurity, which is important e.g., in
+     copy-file.  */
  if (!set_file_security (fname, flags, (PSECURITY_DESCRIPTOR)acl))
    {
      err = GetLastError ();
+      if (errno != ENOTSUP)
+        err = set_named_security_info (fname, SE_FILE_OBJECT, flags,
+                                       psidOwner, psidGroup, pacl, NULL);
+    }
+  else
+    err = ERROR_SUCCESS;
+  if (err != ERROR_SUCCESS)
+    {
      if (errno == ENOTSUP)
        ;
      else if (err == ERROR_INVALID_OWNER
@@ -8878,6 +8973,8 @@ globals_of_w32 (void)
  g_b_init_is_valid_security_descriptor = 0;
  g_b_init_set_file_security_w = 0;
  g_b_init_set_file_security_a = 0;
+  g_b_init_set_named_security_info_w = 0;
+  g_b_init_set_named_security_info_a = 0;
  g_b_init_get_adapters_info = 0;
  num_of_processors = 0;
  /* The following sets a handler for shutdown notifications for
author	Fabrice Popineau	2013-12-31 17:00:43 +0200
committer	Eli Zaretskii	2013-12-31 17:00:43 +0200
commit	0bbd0e0b1d5f358c85506dcc5451e14fb95864a8 (patch)
tree	0a56bb067ef4682c3b634bc9d4ff9e2b558d728c /src
parent	9b3c0a162e7876bab09c299ff4d803b632bf3ac8 (diff)
download	emacs-0bbd0e0b1d5f358c85506dcc5451e14fb95864a8.tar.gz emacs-0bbd0e0b1d5f358c85506dcc5451e14fb95864a8.zip

diff --git a/src/ChangeLog b/src/ChangeLog index d7c772df2dd..356d0b7bbf5 100644 --- a/src/ChangeLog +++ b/src/ChangeLog
@@ -1,3 +1,16 @@
		1	2013-12-31 Fabrice Popineau <fabrice.popineau@supelec.fr>
		2
		3	* w32.c (set_named_security_info): New function.
		4	(acl_set_file): Fall back on set_named_security_info if
		5	set_file_security fails.
		6	(g_b_init_set_named_security_info_w)
		7	(g_b_init_set_named_security_info_a): New static variables.
		8	(globals_of_w32): Initialize them to zero.
		9	(set_named_security_info): Set them to non-zero if the
		10	corresponding API is available.
		11	(SetNamedSecurityInfoW_Proc, SetNamedSecurityInfoA_Proc): New
		12	function typedefs.
		13
1	2013-12-31 Martin Rudalics <rudalics@gmx.at>	14	2013-12-31 Martin Rudalics <rudalics@gmx.at>
2		15
3	Some more fixes following pixelwise resize changes including one	16	Some more fixes following pixelwise resize changes including one


diff --git a/src/w32.c b/src/w32.c index 3fdb673b63f..4e7f77e9b95 100644 --- a/src/w32.c +++ b/src/w32.c
@@ -303,6 +303,8 @@ static BOOL g_b_init_convert_sddl_to_sd;
303	static BOOL g_b_init_is_valid_security_descriptor;	303	static BOOL g_b_init_is_valid_security_descriptor;
304	static BOOL g_b_init_set_file_security_w;	304	static BOOL g_b_init_set_file_security_w;
305	static BOOL g_b_init_set_file_security_a;	305	static BOOL g_b_init_set_file_security_a;
		306	static BOOL g_b_init_set_named_security_info_w;
		307	static BOOL g_b_init_set_named_security_info_a;
306	static BOOL g_b_init_get_adapters_info;	308	static BOOL g_b_init_get_adapters_info;
307		309
308	/*	310	/*
@@ -377,6 +379,22 @@ typedef BOOL (WINAPI *SetFileSecurityA_Proc) (
377	LPCSTR lpFileName,	379	LPCSTR lpFileName,
378	SECURITY_INFORMATION SecurityInformation,	380	SECURITY_INFORMATION SecurityInformation,
379	PSECURITY_DESCRIPTOR pSecurityDescriptor);	381	PSECURITY_DESCRIPTOR pSecurityDescriptor);
		382	typedef DWORD (WINAPI *SetNamedSecurityInfoW_Proc) (
		383	LPCWSTR lpObjectName,
		384	SE_OBJECT_TYPE ObjectType,
		385	SECURITY_INFORMATION SecurityInformation,
		386	PSID psidOwner,
		387	PSID psidGroup,
		388	PACL pDacl,
		389	PACL pSacl);
		390	typedef DWORD (WINAPI *SetNamedSecurityInfoA_Proc) (
		391	LPCSTR lpObjectName,
		392	SE_OBJECT_TYPE ObjectType,
		393	SECURITY_INFORMATION SecurityInformation,
		394	PSID psidOwner,
		395	PSID psidGroup,
		396	PACL pDacl,
		397	PACL pSacl);
380	typedef BOOL (WINAPI * GetSecurityDescriptorOwner_Proc) (	398	typedef BOOL (WINAPI * GetSecurityDescriptorOwner_Proc) (
381	PSECURITY_DESCRIPTOR pSecurityDescriptor,	399	PSECURITY_DESCRIPTOR pSecurityDescriptor,
382	PSID *pOwner,	400	PSID *pOwner,
@@ -811,6 +829,69 @@ set_file_security (const char *lpFileName,
811	}	829	}
812	}	830	}
813		831
		832	static DWORD WINAPI
		833	set_named_security_info (LPCTSTR lpObjectName,
		834	SE_OBJECT_TYPE ObjectType,
		835	SECURITY_INFORMATION SecurityInformation,
		836	PSID psidOwner,
		837	PSID psidGroup,
		838	PACL pDacl,
		839	PACL pSacl)
		840	{
		841	static SetNamedSecurityInfoW_Proc s_pfn_Set_Named_Security_InfoW = NULL;
		842	static SetNamedSecurityInfoA_Proc s_pfn_Set_Named_Security_InfoA = NULL;
		843	HMODULE hm_advapi32 = NULL;
		844	if (is_windows_9x () == TRUE)
		845	{
		846	errno = ENOTSUP;
		847	return ENOTSUP;
		848	}
		849	if (w32_unicode_filenames)
		850	{
		851	wchar_t filename_w[MAX_PATH];
		852
		853	if (g_b_init_set_named_security_info_w == 0)
		854	{
		855	g_b_init_set_named_security_info_w = 1;
		856	hm_advapi32 = LoadLibrary ("Advapi32.dll");
		857	s_pfn_Set_Named_Security_InfoW =
		858	(SetNamedSecurityInfoW_Proc) GetProcAddress (hm_advapi32,
		859	"SetNamedSecurityInfoW");
		860	}
		861	if (s_pfn_Set_Named_Security_InfoW == NULL)
		862	{
		863	errno = ENOTSUP;
		864	return ENOTSUP;
		865	}
		866	filename_to_utf16 (lpObjectName, filename_w);
		867	return (s_pfn_Set_Named_Security_InfoW (filename_w, ObjectType,
		868	SecurityInformation, psidOwner,
		869	psidGroup, pDacl, pSacl));
		870	}
		871	else
		872	{
		873	char filename_a[MAX_PATH];
		874
		875	if (g_b_init_set_named_security_info_a == 0)
		876	{
		877	g_b_init_set_named_security_info_a = 1;
		878	hm_advapi32 = LoadLibrary ("Advapi32.dll");
		879	s_pfn_Set_Named_Security_InfoA =
		880	(SetNamedSecurityInfoA_Proc) GetProcAddress (hm_advapi32,
		881	"SetNamedSecurityInfoA");
		882	}
		883	if (s_pfn_Set_Named_Security_InfoA == NULL)
		884	{
		885	errno = ENOTSUP;
		886	return ENOTSUP;
		887	}
		888	filename_to_ansi (lpObjectName, filename_a);
		889	return (s_pfn_Set_Named_Security_InfoA (filename_a, ObjectType,
		890	SecurityInformation, psidOwner,
		891	psidGroup, pDacl, pSacl));
		892	}
		893	}
		894
814	static BOOL WINAPI	895	static BOOL WINAPI
815	get_security_descriptor_owner (PSECURITY_DESCRIPTOR pSecurityDescriptor,	896	get_security_descriptor_owner (PSECURITY_DESCRIPTOR pSecurityDescriptor,
816	PSID *pOwner,	897	PSID *pOwner,
@@ -5903,7 +5984,7 @@ acl_set_file (const char *fname, acl_type_t type, acl_t acl)
5903	DWORD err;	5984	DWORD err;
5904	int st = 0, retval = -1;	5985	int st = 0, retval = -1;
5905	SECURITY_INFORMATION flags = 0;	5986	SECURITY_INFORMATION flags = 0;
5906	PSID psid;	5987	PSID psidOwner, psidGroup;
5907	PACL pacl;	5988	PACL pacl;
5908	BOOL dflt;	5989	BOOL dflt;
5909	BOOL dacl_present;	5990	BOOL dacl_present;
@@ -5929,11 +6010,13 @@ acl_set_file (const char *fname, acl_type_t type, acl_t acl)
5929	else	6010	else
5930	fname = filename;	6011	fname = filename;
5931		6012
5932	if (get_security_descriptor_owner ((PSECURITY_DESCRIPTOR)acl, &psid, &dflt)	6013	if (get_security_descriptor_owner ((PSECURITY_DESCRIPTOR)acl, &psidOwner,
5933	&& psid)	6014	&dflt)
		6015	&& psidOwner)
5934	flags \|= OWNER_SECURITY_INFORMATION;	6016	flags \|= OWNER_SECURITY_INFORMATION;
5935	if (get_security_descriptor_group ((PSECURITY_DESCRIPTOR)acl, &psid, &dflt)	6017	if (get_security_descriptor_group ((PSECURITY_DESCRIPTOR)acl, &psidGroup,
5936	&& psid)	6018	&dflt)
		6019	&& psidGroup)
5937	flags \|= GROUP_SECURITY_INFORMATION;	6020	flags \|= GROUP_SECURITY_INFORMATION;
5938	if (get_security_descriptor_dacl ((PSECURITY_DESCRIPTOR)acl, &dacl_present,	6021	if (get_security_descriptor_dacl ((PSECURITY_DESCRIPTOR)acl, &dacl_present,
5939	&pacl, &dflt)	6022	&pacl, &dflt)
@@ -5960,10 +6043,22 @@ acl_set_file (const char *fname, acl_type_t type, acl_t acl)
5960		6043
5961	e = errno;	6044	e = errno;
5962	errno = 0;	6045	errno = 0;
		6046	/* SetFileSecurity is deprecated by MS, and sometimes fails when
		6047	DACL inheritance is involved, but it seems to preserve ownership
		6048	better than SetNamedSecurity, which is important e.g., in
		6049	copy-file. */
5963	if (!set_file_security (fname, flags, (PSECURITY_DESCRIPTOR)acl))	6050	if (!set_file_security (fname, flags, (PSECURITY_DESCRIPTOR)acl))
5964	{	6051	{
5965	err = GetLastError ();	6052	err = GetLastError ();
5966		6053
		6054	if (errno != ENOTSUP)
		6055	err = set_named_security_info (fname, SE_FILE_OBJECT, flags,
		6056	psidOwner, psidGroup, pacl, NULL);
		6057	}
		6058	else
		6059	err = ERROR_SUCCESS;
		6060	if (err != ERROR_SUCCESS)
		6061	{
5967	if (errno == ENOTSUP)	6062	if (errno == ENOTSUP)
5968	;	6063	;
5969	else if (err == ERROR_INVALID_OWNER	6064	else if (err == ERROR_INVALID_OWNER
@@ -8878,6 +8973,8 @@ globals_of_w32 (void)
8878	g_b_init_is_valid_security_descriptor = 0;	8973	g_b_init_is_valid_security_descriptor = 0;
8879	g_b_init_set_file_security_w = 0;	8974	g_b_init_set_file_security_w = 0;
8880	g_b_init_set_file_security_a = 0;	8975	g_b_init_set_file_security_a = 0;
		8976	g_b_init_set_named_security_info_w = 0;
		8977	g_b_init_set_named_security_info_a = 0;
8881	g_b_init_get_adapters_info = 0;	8978	g_b_init_get_adapters_info = 0;
8882	num_of_processors = 0;	8979	num_of_processors = 0;
8883	/* The following sets a handler for shutdown notifications for	8980	/* The following sets a handler for shutdown notifications for