commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r770918 - in /commons/sandbox/runtime/trunk/src: main/java/org/apache/commons/runtime/ main/native/os/unix/ main/native/os/win32/ test/org/apache/commons/runtime/
Date Sat, 02 May 2009 09:54:05 GMT
Author: mturk
Date: Sat May  2 09:54:02 2009
New Revision: 770918

URL: http://svn.apache.org/viewvc?rev=770918&view=rev
Log:
Add effective uid and gid

Modified:
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/Group.java
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/User.java
    commons/sandbox/runtime/trunk/src/main/native/os/unix/group.c
    commons/sandbox/runtime/trunk/src/main/native/os/unix/user.c
    commons/sandbox/runtime/trunk/src/main/native/os/win32/group.c
    commons/sandbox/runtime/trunk/src/main/native/os/win32/user.c
    commons/sandbox/runtime/trunk/src/test/org/apache/commons/runtime/TestGroup.java
    commons/sandbox/runtime/trunk/src/test/org/apache/commons/runtime/TestUser.java

Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/Group.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/Group.java?rev=770918&r1=770917&r2=770918&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/Group.java (original)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/Group.java Sat
May  2 09:54:02 2009
@@ -49,6 +49,8 @@
         throws IOException, SecurityException;
     private static native Group   get1()
         throws IOException, SecurityException;
+    private static native Group   get2()
+        throws IOException, SecurityException;
     private static native boolean equals0(Descriptor a, Descriptor b);
     private static native Group[] enum0()
         throws IOException, SecurityException;
@@ -82,6 +84,7 @@
      * @throws SecurityException if access to an internal group database
      *         is forbidden.
      * @throws IOException in case of I/O error.
+     * @throws NoSuchObjectException if the primary group doesn't exist.
      */
     public static Group get()
         throws IOException, SecurityException, NoSuchObjectException
@@ -93,6 +96,24 @@
     }
 
     /**
+     * Get the current users effective {@code Group}.
+     *
+     * @return Current users effective {@code Group} obect.
+     * @throws SecurityException if access to an internal group database
+     *         is forbidden.
+     * @throws IOException in case of I/O error.
+     * @throws NoSuchObjectException if the effective group doesn't exist.
+     */
+    public static Group getEffective()
+        throws IOException, SecurityException, NoSuchObjectException
+    {
+        Group g = get1();
+        if (g == null)
+            throw new NoSuchObjectException("Effective group not found.");
+        return g;
+    }
+
+    /**
      * Get the {@link GroupIterator} of all {@code local} groups defined
      * on this system.
      *

Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/User.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/User.java?rev=770918&r1=770917&r2=770918&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/User.java (original)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/User.java Sat May
 2 09:54:02 2009
@@ -50,6 +50,8 @@
         throws IOException, SecurityException;
     private static native User    get1()
         throws IOException, SecurityException;
+    private static native User    get2()
+        throws IOException, SecurityException;
     private static native boolean equals0(Descriptor a, Descriptor b);
     private static native User[] enum0()
         throws IOException, SecurityException;
@@ -93,6 +95,24 @@
     }
 
     /**
+     * Get the effective {@code User} object from the system.
+     *
+     * @return effective {@code User} obect.
+     * @throws SecurityException if access to an internal user database
+     *         is forbidden.
+     * @throws IOException in case of I/O error.
+     * @throws NoSuchObjectException if the user {@code name} doesn't exist.
+     */
+    public static User getEffective()
+        throws IOException, SecurityException, NoSuchObjectException
+    {
+        User u = get2();
+        if (u == null)
+            throw new NoSuchObjectException("Effective user not found.");
+        return u;
+    }
+
+    /**
      * Get the {@link UserIterator} of all users defined on the system.
      *
      * @return UserIterator containing all users.

Modified: commons/sandbox/runtime/trunk/src/main/native/os/unix/group.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/unix/group.c?rev=770918&r1=770917&r2=770918&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/unix/group.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/unix/group.c Sat May  2 09:54:02 2009
@@ -199,6 +199,16 @@
     jobject grp = NULL;
     UNREFERENCED_O;
 
+    grp = ACR_GroupObjectCreateFromId(_E, getgid());
+
+    return grp;
+}
+
+ACR_JNI_EXPORT_DECLARE(jobject, Group, get2)(ACR_JNISTDARGS)
+{
+    jobject grp = NULL;
+    UNREFERENCED_O;
+
     grp = ACR_GroupObjectCreateFromId(_E, getegid());
 
     return grp;

Modified: commons/sandbox/runtime/trunk/src/main/native/os/unix/user.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/unix/user.c?rev=770918&r1=770917&r2=770918&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/unix/user.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/unix/user.c Sat May  2 09:54:02 2009
@@ -226,6 +226,16 @@
     jobject usr = NULL;
     UNREFERENCED_O;
 
+    usr = ACR_UserObjectCreateFromId(_E, getuid());
+
+    return usr;
+}
+
+ACR_JNI_EXPORT_DECLARE(jobject, User, get2)(ACR_JNISTDARGS)
+{
+    jobject usr = NULL;
+    UNREFERENCED_O;
+
     usr = ACR_UserObjectCreateFromId(_E, geteuid());
 
     return usr;

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/group.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/group.c?rev=770918&r1=770917&r2=770918&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/group.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/group.c Sat May  2 09:54:02 2009
@@ -234,44 +234,92 @@
 ACR_JNI_EXPORT_DECLARE(jobject, Group, get1)(ACR_JNISTDARGS)
 {
     jobject gid = NULL;
-    int err;
-    HANDLE threadtok;
-    DWORD needed;
-    TOKEN_PRIMARY_GROUP *grp = NULL;
-    PSID sid;
+    DWORD   rc  = ERROR_SUCCESS;
+    HANDLE  token;
+    PTOKEN_PRIMARY_GROUP grp = NULL;
 
     UNREFERENCED_O;
-    if (!OpenProcessToken(GetCurrentProcess(),
-                          STANDARD_RIGHTS_READ | READ_CONTROL | TOKEN_QUERY,
-                          &threadtok)) {
-        err = ACR_GET_OS_ERROR();
-        if  (ACR_STATUS_IS_EACCES(err))
-            ACR_ThrowException(_E, THROW_NMARK, ACR_EX_ESECURITY, 0);
-        else
-            ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EIO, err);
-
-        return NULL;
+    if (!OpenThreadToken(GetCurrentThread(),
+                         TOKEN_QUERY | TOKEN_QUERY_SOURCE,
+                         TRUE, &token)) {
+        if ((rc = GetLastError()) == ERROR_NO_TOKEN) {
+            if (!OpenProcessToken(GetCurrentProcess(),
+                                  TOKEN_QUERY | TOKEN_QUERY_SOURCE,
+                                  &token)) {
+                rc = GetLastError();
+            }
+            else
+                rc = 0;
+        }
+        if (rc != ERROR_SUCCESS) {
+            if  (ACR_STATUS_IS_EACCES(ACR_FROM_OS_ERROR(rc)))
+                ACR_ThrowException(_E, THROW_NMARK, ACR_EX_ESECURITY, 0);
+            else
+                ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EIO,
+                                   ACR_FROM_OS_ERROR(rc));
+            return NULL;
+        }
+    }
+    grp = ACR_GetTokenInformation(_E, token, TokenPrimaryGroup);
+    if (!grp) {
+        goto cleanup;
     }
+    gid = ACR_GroupObjectCreateFromId(_E, grp->PrimaryGroup);
 
-    if (!GetTokenInformation(threadtok, TokenPrimaryGroup, NULL, 0, &needed)
-        && (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
-        && (grp = malloc(needed))
-        && GetTokenInformation(threadtok, TokenPrimaryGroup, grp, needed, &needed))
-        sid = grp->PrimaryGroup;
-    else {
-        err = ACR_GET_OS_ERROR();
-        if  (ACR_STATUS_IS_EACCES(err))
-            ACR_ThrowException(_E, THROW_NMARK, ACR_EX_ESECURITY, 0);
-        else
-            ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EIO, err);
+cleanup:
+    if (grp)
+        free(grp);
+    CloseHandle(token);
+    return gid;
+}
 
+ACR_JNI_EXPORT_DECLARE(jobject, Group, get2)(ACR_JNISTDARGS)
+{
+    jobject gid = NULL;
+    DWORD   i, rc  = ERROR_SUCCESS;
+    HANDLE  token;
+    PTOKEN_GROUPS grp = NULL;
+
+    UNREFERENCED_O;
+    if (!OpenThreadToken(GetCurrentThread(),
+                         TOKEN_QUERY | TOKEN_QUERY_SOURCE,
+                         TRUE, &token)) {
+        if ((rc = GetLastError()) == ERROR_NO_TOKEN) {
+            if (!OpenProcessToken(GetCurrentProcess(),
+                                  TOKEN_QUERY | TOKEN_QUERY_SOURCE,
+                                  &token)) {
+                rc = GetLastError();
+            }
+            else
+                rc = 0;
+        }
+        if (rc != ERROR_SUCCESS) {
+            if  (ACR_STATUS_IS_EACCES(ACR_FROM_OS_ERROR(rc)))
+                ACR_ThrowException(_E, THROW_NMARK, ACR_EX_ESECURITY, 0);
+            else
+                ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EIO,
+                                   ACR_FROM_OS_ERROR(rc));
+            return NULL;
+        }
+    }
+    grp = ACR_GetTokenInformation(_E, token, TokenGroups);
+    if (!grp) {
         goto cleanup;
     }
-    gid = ACR_GroupObjectCreateFromId(_E, sid);
+    for (i = 0; i < grp->GroupCount; i++) {
+        if (grp[i].Attributes & SE_GROUP_OWNER) {
+            gid = ACR_GroupObjectCreateFromId(_E, grp->Groups[i].Sid);
+            if (!gid) {
+                goto cleanup;
+            }
+            break;
+        }
+    }
 
 cleanup:
     if (grp)
         free(grp);
+    CloseHandle(token);
     return gid;
 }
 

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/user.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/user.c?rev=770918&r1=770917&r2=770918&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/user.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/user.c Sat May  2 09:54:02 2009
@@ -148,31 +148,33 @@
 LPVOID ACR_GetTokenInformation(JNIEnv *_E, HANDLE h,
                                TOKEN_INFORMATION_CLASS ic)
 {
-    LPVOID rv;    
+    LPVOID rv;
     DWORD  sz = 0;
     DWORD  rc;
-    
+
     GetTokenInformation(h, ic, NULL, sz, &sz);
     if ((rc = GetLastError()) != ERROR_INSUFFICIENT_BUFFER) {
         if(_E) {
             ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EIO,
                                ACR_FROM_OS_ERROR(rc));
         }
-        return NULL;    
+        return NULL;
     }
     if (!(rv = ACR_Malloc(_E, THROW_FMARK, sz))) {
         return NULL;
     }
     if (!GetTokenInformation(h, ic, rv, sz, &sz)) {
-        rc = GetLastError();    
         if(_E) {
-            ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EIO,
-                               ACR_FROM_OS_ERROR(rc));
+            if (ACR_STATUS_IS_EACCES(ACR_GET_OS_ERROR()))
+                ACR_ThrowException(_E, THROW_NMARK, ACR_EX_ESECURITY, 0);
+            else
+                ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EIO,
+                                   ACR_GET_OS_ERROR());
         }
         free(rv);
-        rv = NULL;        
+        rv = NULL;
     }
-    return rv;    
+    return rv;
 }
 
 static void GetUserHomePath(LPWSTR buf, DWORD blen, PSID sid)
@@ -372,44 +374,82 @@
 ACR_JNI_EXPORT_DECLARE(jobject, User, get1)(ACR_JNISTDARGS)
 {
     jobject uid = NULL;
-    int err;
-    HANDLE threadtok;
-    DWORD needed;
-    TOKEN_USER *usr = NULL;
-    PSID sid;
+    DWORD   rc  = ERROR_SUCCESS;
+    HANDLE  token;
+    PTOKEN_USER usr = NULL;
 
     UNREFERENCED_O;
-    if (!OpenProcessToken(GetCurrentProcess(),
-                          STANDARD_RIGHTS_READ | READ_CONTROL | TOKEN_QUERY,
-                          &threadtok)) {
-        err = ACR_GET_OS_ERROR();
-        if  (ACR_STATUS_IS_EACCES(err))
-            ACR_ThrowException(_E, THROW_NMARK, ACR_EX_ESECURITY, 0);
-        else
-            ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EIO, err);
-
-        return NULL;
+    if (!OpenThreadToken(GetCurrentThread(),
+                         TOKEN_QUERY | TOKEN_QUERY_SOURCE,
+                         TRUE, &token)) {
+        if ((rc = GetLastError()) == ERROR_NO_TOKEN) {
+            if (!OpenProcessToken(GetCurrentProcess(),
+                                  TOKEN_QUERY | TOKEN_QUERY_SOURCE,
+                                  &token)) {
+                rc = GetLastError();
+            }
+            else
+                rc = 0;
+        }
+        if (rc != ERROR_SUCCESS) {
+            if  (ACR_STATUS_IS_EACCES(ACR_FROM_OS_ERROR(rc)))
+                ACR_ThrowException(_E, THROW_NMARK, ACR_EX_ESECURITY, 0);
+            else
+                ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EIO,
+                                   ACR_FROM_OS_ERROR(rc));
+            return NULL;
+        }
     }
-
-    if (!GetTokenInformation(threadtok, TokenUser, NULL, 0, &needed)
-        && (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
-        && (usr = malloc(needed))
-        && GetTokenInformation(threadtok, TokenUser, usr, needed, &needed))
-        sid = usr->User.Sid;
-    else {
-        err = ACR_GET_OS_ERROR();
-        if  (ACR_STATUS_IS_EACCES(err))
-            ACR_ThrowException(_E, THROW_NMARK, ACR_EX_ESECURITY, 0);
-        else
-            ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EIO, err);
-
+    usr = ACR_GetTokenInformation(_E, token, TokenUser);
+    if (!usr) {
         goto cleanup;
     }
-    uid = ACR_UserObjectCreateFromId(_E, sid);
+    uid = ACR_UserObjectCreateFromId(_E, usr->User.Sid);
 
 cleanup:
     if (usr)
         free(usr);
+    CloseHandle(token);
+    return uid;
+}
+
+ACR_JNI_EXPORT_DECLARE(jobject, User, get2)(ACR_JNISTDARGS)
+{
+    jobject uid = NULL;
+    DWORD  rc = ERROR_SUCCESS;
+    HANDLE token;
+    PTOKEN_OWNER usr = NULL;
+
+    UNREFERENCED_O;
+    if (!OpenThreadToken(GetCurrentThread(),
+                         TOKEN_QUERY | TOKEN_QUERY_SOURCE,
+                         TRUE, &token)) {
+        if ((rc = GetLastError()) == ERROR_NO_TOKEN) {
+            if (!OpenProcessToken(GetCurrentProcess(),
+                                  TOKEN_QUERY | TOKEN_QUERY_SOURCE,
+                                  &token)) {
+                rc = GetLastError();
+            }
+            else
+                rc = 0;
+        }
+        if (rc != ERROR_SUCCESS) {
+            if  (ACR_STATUS_IS_EACCES(ACR_FROM_OS_ERROR(rc)))
+                ACR_ThrowException(_E, THROW_NMARK, ACR_EX_ESECURITY, 0);
+            else
+                ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EIO,
+                                   ACR_FROM_OS_ERROR(rc));
+            return NULL;
+        }
+    }
+    usr = ACR_GetTokenInformation(_E, token, TokenOwner);
+    if (usr) {
+        uid = ACR_UserObjectCreateFromId(_E, usr->Owner);
+    }
+
+    if (usr)
+        free(usr);
+    CloseHandle(token);
     return uid;
 }
 

Modified: commons/sandbox/runtime/trunk/src/test/org/apache/commons/runtime/TestGroup.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/test/org/apache/commons/runtime/TestGroup.java?rev=770918&r1=770917&r2=770918&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/test/org/apache/commons/runtime/TestGroup.java (original)
+++ commons/sandbox/runtime/trunk/src/test/org/apache/commons/runtime/TestGroup.java Sat May
 2 09:54:02 2009
@@ -47,7 +47,18 @@
         assertTrue("Local",  g.IsLocal());
         System.out.println("Current    " + g.getName());
         System.out.println("Comment    " + g.getComment());
-        System.out.println("Id         " + g);
+        System.out.println("Gid        " + g);
+    }
+
+    public void testEffectiveGroup()
+        throws Exception
+    {
+        Group g = Group.getEffective();
+        assertNotNull("Effective", g);
+        assertTrue("Local",  g.IsLocal());
+        System.out.println("Effective  " + g.getName());
+        System.out.println("Comment    " + g.getComment());
+        System.out.println("Egid       " + g);
     }
 
     public void testGroup()

Modified: commons/sandbox/runtime/trunk/src/test/org/apache/commons/runtime/TestUser.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/test/org/apache/commons/runtime/TestUser.java?rev=770918&r1=770917&r2=770918&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/test/org/apache/commons/runtime/TestUser.java (original)
+++ commons/sandbox/runtime/trunk/src/test/org/apache/commons/runtime/TestUser.java Sat May
 2 09:54:02 2009
@@ -51,7 +51,22 @@
         System.out.println("Home       " + u.getHome());
         System.out.println("Comment    " + u.getComment());
         System.out.println("Shell      " + u.getShell());
-        System.out.println("Id         " + u);
+        System.out.println("Uid        " + u);
+    }
+
+    public void testEffectiveUser()
+        throws Exception
+    {
+        User u = User.getEffective();
+
+        assertNotNull("Effective User" + u);
+        System.out.println();
+        System.out.println("Effective  " + u.getName());
+        System.out.println("Full Name  " + u.getFullName());
+        System.out.println("Home       " + u.getHome());
+        System.out.println("Comment    " + u.getComment());
+        System.out.println("Shell      " + u.getShell());
+        System.out.println("Euid        " + u);
     }
 
     public void testUser()



Mime
View raw message