Fossil

Check-in [0b0eb52c]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Better implementation of file_access() for win32: The function _waccess cannot handle long paths, and lies too much (e.g. when handling specific smb drives). Implementation borrowed from Tcl 8.6: http://core.tcl.tk/tcl/artifact/c6b5d4f8d7?ln=1510-1756
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:0b0eb52c07065e18d6c1591861746e0a662ff27e
User & Date: jan.nijtmans 2013-12-13 13:05:03
Context
2013-12-13
13:48
Better use GetCurrentDirectoryW in stead of _wgetcwd. check-in: 4e463bf7 user: jan.nijtmans tags: trunk
13:05
Better implementation of file_access() for win32: The function _waccess cannot handle long paths, and lies too much (e.g. when handling specific smb drives). Implementation borrowed from Tcl 8.6: http://core.tcl.tk/tcl/artifact/c6b5d4f8d7?ln=1510-1756 check-in: 0b0eb52c user: jan.nijtmans tags: trunk
12:26
If the "Branching" checkbox is unchecked, the "Branch Closure" label should return to its original branchname. Add a javascript handler doing exactly that. check-in: 2cb54f39 user: jan.nijtmans tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/file.c.

316
317
318
319
320
321
322













323
324





























































































































































































325
326
327
328
329
330
331


/*
** Wrapper around the access() system call.
*/
int file_access(const char *zFilename, int flags){
#ifdef _WIN32













  wchar_t *zMbcs = fossil_utf8_to_filename(zFilename);
  int rc = _waccess(zMbcs, flags);





























































































































































































#else
  char *zMbcs = fossil_utf8_to_filename(zFilename);
  int rc = access(zMbcs, flags);
#endif
  fossil_filename_free(zMbcs);
  return rc;
}







>
>
>
>
>
>
>
>
>
>
>
>
>

<
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336

337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532


/*
** Wrapper around the access() system call.
*/
int file_access(const char *zFilename, int flags){
#ifdef _WIN32
  SECURITY_DESCRIPTOR *sdPtr = NULL;
  unsigned long size;
  PSID pSid = 0;
  BOOL SidDefaulted;
  SID_IDENTIFIER_AUTHORITY samba_unmapped = {{0, 0, 0, 0, 0, 22}};
  GENERIC_MAPPING genMap;
  HANDLE hToken = NULL;
  DWORD desiredAccess = 0, grantedAccess = 0;
  BOOL accessYesNo = FALSE;
  PRIVILEGE_SET privSet;
  DWORD privSetSize = sizeof(PRIVILEGE_SET);
  int rc = 0;
  DWORD attr;
  wchar_t *zMbcs = fossil_utf8_to_filename(zFilename);


  attr = GetFileAttributesW(zMbcs);

  if( attr==INVALID_FILE_ATTRIBUTES ){
    /*
     * File might not exist.
     */

    if( GetLastError()!=ERROR_SHARING_VIOLATION ){
      fossil_filename_free(zMbcs);
      return -1;
    }
  }

  if( flags==F_OK ){
    /*
     * File exists, nothing else to check.
     */

    fossil_filename_free(zMbcs);
    return 0;
  }

  if( (flags & W_OK)
      && (attr & FILE_ATTRIBUTE_READONLY)
      && !(attr & FILE_ATTRIBUTE_DIRECTORY) ){
    /*
     * The attributes say the file is not writable.     If the file is a
     * regular file (i.e., not a directory), then the file is not
     * writable, full stop.     For directories, the read-only bit is
     * (mostly) ignored by Windows, so we can't ascertain anything about
     * directory access from the attrib data.  However, if we have the
     * advanced 'getFileSecurityProc', then more robust ACL checks
     * will be done below.
     */

    fossil_filename_free(zMbcs);
    return -1;
  }

  /*
   * It looks as if the permissions are ok, but if we are on NT, 2000 or XP,
   * we have a more complex permissions structure so we try to check that.
   * The code below is remarkably complex for such a simple thing as finding
   * what permissions the OS has set for a file.
   */

  /*
   * First find out how big the buffer needs to be.
   */

  size = 0;
  GetFileSecurityW(zMbcs,
      OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION
      | DACL_SECURITY_INFORMATION | LABEL_SECURITY_INFORMATION,
      0, 0, &size);

  /*
   * Should have failed with ERROR_INSUFFICIENT_BUFFER
   */

  if( GetLastError()!=ERROR_INSUFFICIENT_BUFFER ){
    /*
     * Most likely case is ERROR_ACCESS_DENIED, which we will convert
     * to EACCES - just what we want!
     */

    fossil_filename_free(zMbcs);
    return -1;
  }

  /*
   * Now size contains the size of buffer needed.
   */

  sdPtr = (SECURITY_DESCRIPTOR *) HeapAlloc(GetProcessHeap(), 0, size);

  if( sdPtr == NULL ){
    goto accessError;
  }

  /*
   * Call GetFileSecurity() for real.
   */

  if( !GetFileSecurityW(zMbcs,
      OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION
      | DACL_SECURITY_INFORMATION | LABEL_SECURITY_INFORMATION,
      sdPtr, size, &size) ){
    /*
     * Error getting owner SD
     */

    goto accessError;
  }

  /*
   * As of Samba 3.0.23 (10-Jul-2006), unmapped users and groups are
   * assigned to SID domains S-1-22-1 and S-1-22-2, where "22" is the
   * top-level authority.     If the file owner and group is unmapped then
   * the ACL access check below will only test against world access,
   * which is likely to be more restrictive than the actual access
   * restrictions.  Since the ACL tests are more likely wrong than
   * right, skip them.  Moreover, the unix owner access permissions are
   * usually mapped to the Windows attributes, so if the user is the
   * file owner then the attrib checks above are correct (as far as they
   * go).
   */

  if( !GetSecurityDescriptorOwner(sdPtr,&pSid,&SidDefaulted) ||
      memcmp(GetSidIdentifierAuthority(pSid),&samba_unmapped,
        sizeof(SID_IDENTIFIER_AUTHORITY))==0 ){
    HeapFree(GetProcessHeap(), 0, sdPtr);
    fossil_filename_free(zMbcs);
    return 0; /* Attrib tests say access allowed. */
  }

  /*
   * Perform security impersonation of the user and open the resulting
   * thread token.
   */

  if( !ImpersonateSelf(SecurityImpersonation) ){
    /*
     * Unable to perform security impersonation.
     */

    goto accessError;
  }
  if( !OpenThreadToken(GetCurrentThread(),
      TOKEN_DUPLICATE | TOKEN_QUERY, FALSE, &hToken) ){
    /*
     * Unable to get current thread's token.
     */

    goto accessError;
  }

  RevertToSelf();

  /*
   * Setup desiredAccess according to the access priveleges we are
   * checking.
   */

  if( flags & R_OK ){
    desiredAccess |= FILE_GENERIC_READ;
  }
  if( flags & W_OK){
    desiredAccess |= FILE_GENERIC_WRITE;
  }

  memset(&genMap, 0x0, sizeof(GENERIC_MAPPING));
  genMap.GenericRead = FILE_GENERIC_READ;
  genMap.GenericWrite = FILE_GENERIC_WRITE;
  genMap.GenericExecute = FILE_GENERIC_EXECUTE;
  genMap.GenericAll = FILE_ALL_ACCESS;

  /*
   * Perform access check using the token.
   */

  if( !AccessCheck(sdPtr, hToken, desiredAccess,
      &genMap, &privSet, &privSetSize, &grantedAccess,
      &accessYesNo) ){
    /*
     * Unable to perform access check.
     */

  accessError:
    if( sdPtr != NULL ){
      HeapFree(GetProcessHeap(), 0, sdPtr);
    }
    if( hToken != NULL ){
      CloseHandle(hToken);
    }
    fossil_filename_free(zMbcs);
    return -1;
  }

  /*
   * Clean up.
   */

  HeapFree(GetProcessHeap(), 0, sdPtr);
  CloseHandle(hToken);
  if( !accessYesNo ){
    rc = -1;
  }
#else
  char *zMbcs = fossil_utf8_to_filename(zFilename);
  int rc = access(zMbcs, flags);
#endif
  fossil_filename_free(zMbcs);
  return rc;
}