diff options
Diffstat (limited to 'src/libstrongswan/utils/capabilities.c')
| -rw-r--r-- | src/libstrongswan/utils/capabilities.c | 40 |
1 files changed, 37 insertions, 3 deletions
diff --git a/src/libstrongswan/utils/capabilities.c b/src/libstrongswan/utils/capabilities.c index c5e90b6c3..923b7d4db 100644 --- a/src/libstrongswan/utils/capabilities.c +++ b/src/libstrongswan/utils/capabilities.c @@ -17,24 +17,27 @@ #include "capabilities.h" +#include <utils/debug.h> + #include <errno.h> #include <string.h> #include <sys/types.h> +#include <unistd.h> + +#ifndef WIN32 #include <pwd.h> #include <grp.h> -#include <unistd.h> #ifdef HAVE_PRCTL # include <sys/prctl.h> #endif /* HAVE_PRCTL */ -#include <utils/debug.h> - #if !defined(HAVE_GETPWNAM_R) || \ !defined(HAVE_GETGRNAM_R) || \ !defined(HAVE_GETPWUID_R) # include <threading/mutex.h> # define EMULATE_R_FUNCS #endif +#endif /* !WIN32 */ typedef struct private_capabilities_t private_capabilities_t; @@ -76,6 +79,8 @@ struct private_capabilities_t { #endif }; +#ifndef WIN32 + /** * Returns TRUE if the current process/user is member of the given group */ @@ -181,6 +186,19 @@ static bool has_capability(private_capabilities_t *this, u_int cap, #endif /* CAPABILITIES_NATIVE */ } +#else /* WIN32 */ + +/** + * Verify that the current process has the given capability, dummy variant + */ +static bool has_capability(private_capabilities_t *this, u_int cap, + bool *ignore) +{ + return TRUE; +} + +#endif /* WIN32 */ + /** * Keep the given capability if it is held by the current process. Returns * FALSE, if this is not the case. @@ -232,13 +250,21 @@ METHOD(capabilities_t, check, bool, METHOD(capabilities_t, get_uid, uid_t, private_capabilities_t *this) { +#ifdef WIN32 + return this->uid; +#else return this->uid ?: geteuid(); +#endif } METHOD(capabilities_t, get_gid, gid_t, private_capabilities_t *this) { +#ifdef WIN32 + return this->gid; +#else return this->gid ?: getegid(); +#endif } METHOD(capabilities_t, set_uid, void, @@ -256,6 +282,7 @@ METHOD(capabilities_t, set_gid, void, METHOD(capabilities_t, resolve_uid, bool, private_capabilities_t *this, char *username) { +#ifndef WIN32 struct passwd *pwp; int err; @@ -284,12 +311,14 @@ METHOD(capabilities_t, resolve_uid, bool, } DBG1(DBG_LIB, "resolving user '%s' failed: %s", username, err ? strerror(err) : "user not found"); +#endif /* !WIN32 */ return FALSE; } METHOD(capabilities_t, resolve_gid, bool, private_capabilities_t *this, char *groupname) { +#ifndef WIN32 struct group *grp; int err; @@ -318,9 +347,11 @@ METHOD(capabilities_t, resolve_gid, bool, } DBG1(DBG_LIB, "resolving user '%s' failed: %s", groupname, err ? strerror(err) : "group not found"); +#endif /* !WIN32 */ return FALSE; } +#ifndef WIN32 /** * Initialize supplementary groups for unprivileged user */ @@ -348,10 +379,12 @@ static bool init_supplementary_groups(private_capabilities_t *this) #endif /* HAVE_GETPWUID_R */ return res == 0; } +#endif /* WIN32 */ METHOD(capabilities_t, drop, bool, private_capabilities_t *this) { +#ifndef WIN32 #ifdef HAVE_PRCTL prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); #endif @@ -404,6 +437,7 @@ METHOD(capabilities_t, drop, bool, DBG1(DBG_LIB, "dropped capabilities, running as uid %u, gid %u", geteuid(), getegid()); #endif /* CAPABILITIES */ +#endif /*!WIN32 */ return TRUE; } |