capabilities: Add build support for Windows

We might extend it in the future using some Windows rights management.

diff --git a/src/libstrongswan/utils/capabilities.c b/src/libstrongswan/utils/capabilities.c
index c5e90b6c38fa5098892e540e5a49d92aeca782fe..923b7d4dbf81e3fcdc58aaffa7e3a1dce7eca525 100644 (file)
--- a/src/libstrongswan/utils/capabilities.c
+++ b/src/libstrongswan/utils/capabilities.c
@@ -17,24 +17,27 @@
 
 #include "capabilities.h"
 
+#include <utils/debug.h>
+
 #include <errno.h>
 #include <string.h>
 #include <sys/types.h>
+#include <unistd.h>
+
+#ifndef WIN32
 #include <pwd.h>
 #include <grp.h>
-#include <unistd.h>
 #ifdef HAVE_PRCTL
 # include <sys/prctl.h>
 #endif /* HAVE_PRCTL */
 
-#include <utils/debug.h>
-
 #if !defined(HAVE_GETPWNAM_R) || \
     !defined(HAVE_GETGRNAM_R) || \
     !defined(HAVE_GETPWUID_R)
 # include <threading/mutex.h>
 # define EMULATE_R_FUNCS
 #endif
+#endif /* !WIN32 */
 
 typedef struct private_capabilities_t private_capabilities_t;
 
@@ -76,6 +79,8 @@ struct private_capabilities_t {
 #endif
 };
 
+#ifndef WIN32
+
 /**
  * Returns TRUE if the current process/user is member of the given group
  */
@@ -181,6 +186,19 @@ static bool has_capability(private_capabilities_t *this, u_int cap,
 #endif /* CAPABILITIES_NATIVE */
 }
 
+#else /* WIN32 */
+
+/**
+ * Verify that the current process has the given capability, dummy variant
+ */
+static bool has_capability(private_capabilities_t *this, u_int cap,
+                                                  bool *ignore)
+{
+       return TRUE;
+}
+
+#endif /* WIN32 */
+
 /**
  * Keep the given capability if it is held by the current process.  Returns
  * FALSE, if this is not the case.
@@ -232,13 +250,21 @@ METHOD(capabilities_t, check, bool,
 METHOD(capabilities_t, get_uid, uid_t,
        private_capabilities_t *this)
 {
+#ifdef WIN32
+       return this->uid;
+#else
        return this->uid ?: geteuid();
+#endif
 }
 
 METHOD(capabilities_t, get_gid, gid_t,
        private_capabilities_t *this)
 {
+#ifdef WIN32
+       return this->gid;
+#else
        return this->gid ?: getegid();
+#endif
 }
 
 METHOD(capabilities_t, set_uid, void,
@@ -256,6 +282,7 @@ METHOD(capabilities_t, set_gid, void,
 METHOD(capabilities_t, resolve_uid, bool,
        private_capabilities_t *this, char *username)
 {
+#ifndef WIN32
        struct passwd *pwp;
        int err;
 
@@ -284,12 +311,14 @@ METHOD(capabilities_t, resolve_uid, bool,
        }
        DBG1(DBG_LIB, "resolving user '%s' failed: %s", username,
                 err ? strerror(err) : "user not found");
+#endif /* !WIN32 */
        return FALSE;
 }
 
 METHOD(capabilities_t, resolve_gid, bool,
        private_capabilities_t *this, char *groupname)
 {
+#ifndef WIN32
        struct group *grp;
        int err;
 
@@ -318,9 +347,11 @@ METHOD(capabilities_t, resolve_gid, bool,
        }
        DBG1(DBG_LIB, "resolving user '%s' failed: %s", groupname,
                 err ? strerror(err) : "group not found");
+#endif /* !WIN32 */
        return FALSE;
 }
 
+#ifndef WIN32
 /**
  * Initialize supplementary groups for unprivileged user
  */
@@ -348,10 +379,12 @@ static bool init_supplementary_groups(private_capabilities_t *this)
 #endif /* HAVE_GETPWUID_R */
        return res == 0;
 }
+#endif /* WIN32 */
 
 METHOD(capabilities_t, drop, bool,
        private_capabilities_t *this)
 {
+#ifndef WIN32
 #ifdef HAVE_PRCTL
        prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0);
 #endif
@@ -404,6 +437,7 @@ METHOD(capabilities_t, drop, bool,
        DBG1(DBG_LIB, "dropped capabilities, running as uid %u, gid %u",
                 geteuid(), getegid());
 #endif /* CAPABILITIES */
+#endif /*!WIN32 */
        return TRUE;
 }