view release on metacpan or  search on metacpan

unzip-6.0/win32/nt.c  view on Meta::CPAN

    User privileges that allow accessing certain privileged aspects of the
    security descriptor (such as the Sacl) are only used if the user specified
    to do so.

  Author:

    Scott Field (sfield@microsoft.com)

  Last revised:  18 Jan 97

 */

#define WIN32_LEAN_AND_MEAN
#define UNZIP_INTERNAL
#include "../unzip.h"
#include <windows.h>
#ifdef __RSXNT__
#  include "../win32/rsxntwin.h"
#endif
#include "../win32/nt.h"


#ifdef NTSD_EAS         /* This file is only needed for NTSD handling */

/* Borland C++ does not define FILE_SHARE_DELETE. Others also? */
#ifndef FILE_SHARE_DELETE
#  define FILE_SHARE_DELETE 0x00000004
#endif

/* This macro definition is missing in old versions of MS' winbase.h. */
#ifndef InterlockedExchangePointer
#  define InterlockedExchangePointer(Target, Value) \
      (PVOID)InterlockedExchange((PLONG)(Target), (LONG)(Value))
#endif


/* private prototypes */

static BOOL Initialize(VOID);
static VOID GetRemotePrivilegesSet(CHAR *FileName, PDWORD dwRemotePrivileges);
static VOID InitLocalPrivileges(VOID);


volatile BOOL bInitialized = FALSE; /* module level stuff initialized? */
HANDLE hInitMutex = NULL;           /* prevent multiple initialization */

BOOL g_bRestorePrivilege = FALSE;   /* for local set file security override */
BOOL g_bSaclPrivilege = FALSE;      /* for local set sacl operations, only when
                                       restore privilege not present */

/* our single cached volume capabilities structure that describes the last
   volume root we encountered.  A single entry like this works well in the
   zip/unzip scenario for a number of reasons:
   1. typically one extraction path during unzip.
   2. typically process one volume at a time during zip, and then move
      on to the next.
   3. no cleanup code required and no memory leaks.
   4. simple code.

   This approach should be reworked to a linked list approach if we expect to
   be called by many threads which are processing a variety of input/output
   volumes, since lock contention and stale data may become a bottleneck. */

VOLUMECAPS g_VolumeCaps;
CRITICAL_SECTION VolumeCapsLock;


static BOOL Initialize(VOID)
{
    HANDLE hMutex;
    HANDLE hOldMutex;

    if (bInitialized) return TRUE;

    hMutex = CreateMutex(NULL, TRUE, NULL);
    if(hMutex == NULL) return FALSE;

    hOldMutex = (HANDLE)InterlockedExchangePointer((void *)&hInitMutex,
                                                   hMutex);

    if (hOldMutex != NULL) {
        /* somebody setup the mutex already */
        InterlockedExchangePointer((void *)&hInitMutex,
                                   hOldMutex);

        CloseHandle(hMutex); /* close new, un-needed mutex */

        /* wait for initialization to complete and return status */
        WaitForSingleObject(hOldMutex, INFINITE);
        ReleaseMutex(hOldMutex);

        return bInitialized;
    }

    if (!bInitialized) {
        /* initialize module level resources */

        InitializeCriticalSection( &VolumeCapsLock );
        memset(&g_VolumeCaps, 0, sizeof(VOLUMECAPS));

        InitLocalPrivileges();

        bInitialized = TRUE;
    }

    InterlockedExchangePointer((void *)&hInitMutex,
                               NULL);

    ReleaseMutex(hMutex); /* release correct mutex */

    CloseHandle(hMutex);  /* free the no longer needed handle resource */

    return TRUE;
}


BOOL ValidateSecurity(uch *securitydata)
{
    PSECURITY_DESCRIPTOR sd = (PSECURITY_DESCRIPTOR)securitydata;
    PACL pAcl;
    PSID pSid;