if (fstat(fileFD->posix, &stbuf)) {
Log("%s: Failed to fstat '%s', errno: %d.\n", __FUNCTION__,
FileIO_Filename(fileFD), errno);
- ASSERT(!vmx86_server); // For APD, hosted can fall-back and write directly
status = FILEIO_ERROR;
goto bail;
}
*
* Results:
* TRUE if successful, FALSE on failure.
+ * errno is preserved.
*
* Side effects:
* Disk I/O.
Bool ret = FALSE;
FileIOResult status;
FileIODescriptor tmpFD;
+ int savedErrno = 0;
ASSERT(FileIO_IsValid(newFD));
ASSERT(FileIO_IsValid(currFD));
char *fileName = NULL;
char *dstDirName = NULL;
char *dstFileName = NULL;
- int savedErrno;
int fd;
currPath = File_FullPath(FileIO_Filename(currFD));
if (Str_Snprintf(args->srcFile, sizeof(args->srcFile), "%s",
fileName) < 0) {
Log("%s: Path too long \"%s\".\n", __FUNCTION__, fileName);
+ savedErrno = ENAMETOOLONG;
goto swapdone;
}
if (Str_Snprintf(args->dstFilePath, sizeof(args->dstFilePath), "%s/%s",
dstDirName, dstFileName) < 0) {
Log("%s: Path too long \"%s\".\n", __FUNCTION__, dstFileName);
+ savedErrno = ENAMETOOLONG;
goto swapdone;
}
Log("%s: Open failed \"%s\" %d.\n", __FUNCTION__, dirName,
errno);
ASSERT_BUG_DEBUGONLY(615124, errno != EBUSY);
+ savedErrno = errno;
goto swapdone;
}
- savedErrno = 0;
if (ioctl(fd, IOCTLCMD_VMFS_SWAP_FILES, args) != 0) {
savedErrno = errno;
if (errno != ENOSYS) {
if (File_Rename(newPath, currPath)) {
Log("%s: rename of '%s' to '%s' failed %d.\n",
newPath, currPath, __FUNCTION__, errno);
+ savedErrno = errno;
goto swapdone;
}
ret = TRUE;
free(currPath);
free(newPath);
+ errno = savedErrno;
return ret;
#else
NOT_REACHED();
currFD->posix = -1;
#endif
if (File_RenameRetry(newPath, currPath, 10)) {
+ savedErrno = errno;
goto bail;
}
FileIO_Cleanup(&tmpFD);
Unicode_Free(currPath);
Unicode_Free(newPath);
+ errno = savedErrno;
+
return ret;
}
static size_t VixToolsXMLStringEscapedLen(const char *str, Bool escapeStr);
+static Bool GuestAuthEnabled(void);
+
+VixError GuestAuthPasswordAuthenticateImpersonate(
+ char const *obfuscatedNamePassword,
+ void **userToken);
+
+void GuestAuthUnimpersonate();
+
+#if SUPPORT_VGAUTH
+
+VGAuthError TheVGAuthContext(VGAuthContext **ctx);
+
+#endif
+
/*
*-----------------------------------------------------------------------------
goto abort;
}
+ /*
+ * Use the GuestAuth library to do name-password authentication
+ * and impersonation.
+ */
+
+ if (GuestAuthEnabled() &&
+ ((VIX_USER_CREDENTIAL_NAME_PASSWORD == credentialType) ||
+ (VIX_USER_CREDENTIAL_NAME_PASSWORD_OBFUSCATED == credentialType))) {
+ err =
+ GuestAuthPasswordAuthenticateImpersonate(obfuscatedNamePassword,
+ userToken);
+
+ goto abort;
+ }
+
+ /* Get the authToken and impersonate */
if (VIX_USER_CREDENTIAL_TICKETED_SESSION == credentialType) {
#ifdef _WIN32
char *username;
void
VixToolsUnimpersonateUser(void *userToken)
{
- if (PROCESS_CREATOR_USER_TOKEN != userToken) {
+ if (VGAUTH_GENERIC_USER_TOKEN == userToken) {
+ GuestAuthUnimpersonate();
+ } else if (PROCESS_CREATOR_USER_TOKEN != userToken) {
#if defined(_WIN32)
Impersonate_Undo();
#else
void
VixToolsLogoutUser(void *userToken) // IN
{
- if (PROCESS_CREATOR_USER_TOKEN == userToken) {
+ if (PROCESS_CREATOR_USER_TOKEN == userToken ||
+ VGAUTH_GENERIC_USER_TOKEN == userToken) {
return;
}
}
impersonatingVMWareUser = TRUE;
- vgErr = VGAuth_Init(VMTOOLSD_APP_NAME, 0, NULL, 0, &ctx);
+ vgErr = TheVGAuthContext(&ctx);
if (VGAUTH_FAILED(vgErr)) {
err = VixToolsTranslateVGAuthError(vgErr);
goto abort;
}
abort:
- VGAuth_Shutdown(ctx);
if (impersonatingVMWareUser) {
VixToolsUnimpersonateUser(userToken);
}
}
impersonatingVMWareUser = TRUE;
- vgErr = VGAuth_Init(VMTOOLSD_APP_NAME, 0, NULL, 0, &ctx);
+ vgErr = TheVGAuthContext(&ctx);
if (VGAUTH_FAILED(vgErr)) {
err = VixToolsTranslateVGAuthError(vgErr);
goto abort;
}
abort:
- VGAuth_Shutdown(ctx);
if (impersonatingVMWareUser) {
VixToolsUnimpersonateUser(userToken);
}
}
impersonatingVMWareUser = TRUE;
- vgErr = VGAuth_Init(VMTOOLSD_APP_NAME, 0, NULL, 0, &ctx);
+ vgErr = TheVGAuthContext(&ctx);
if (VGAUTH_FAILED(vgErr)) {
err = VixToolsTranslateVGAuthError(vgErr);
goto abort;
free(escapedStr);
free(escapedStr2);
VGAuth_FreeIdProviderList(num, idList);
- VGAuth_Shutdown(ctx);
if (impersonatingVMWareUser) {
VixToolsUnimpersonateUser(userToken);
}
}
impersonatingVMWareUser = TRUE;
- vgErr = VGAuth_Init(VMTOOLSD_APP_NAME, 0, NULL, 0, &ctx);
+ vgErr = TheVGAuthContext(&ctx);
if (vgErr != VGAUTH_E_OK) {
err = VixToolsTranslateVGAuthError(vgErr);
goto abort;
free(escapedStr);
free(escapedStr2);
VGAuth_FreeMappedIdentityList(num, miList);
- VGAuth_Shutdown(ctx);
if (impersonatingVMWareUser) {
VixToolsUnimpersonateUser(userToken);
}
return strlen(str);
}
}
+
+
+/*
+ *-----------------------------------------------------------------------------
+ *
+ * GuestAuthEnabled --
+ *
+ * Returns whether we use the guest auth library.
+ *
+ * Results:
+ * TRUE if we do. FALSE otherwise.
+ *
+ * Side effects:
+ * None
+ *
+ *-----------------------------------------------------------------------------
+ */
+
+static Bool
+GuestAuthEnabled(void)
+{
+#if SUPPORT_VGAUTH
+ return TRUE;
+#else
+ return FALSE;
+#endif
+}
+
+
+/*
+ *-----------------------------------------------------------------------------
+ *
+ * GuestAuthPasswordAuthenticateImpersonate
+ *
+ * Do name-password authentication and impersonation using
+ * the GuestAuth library.
+ *
+ * Results:
+ * VIX_OK if successful.Other VixError code otherwise.
+ *
+ * Side effects:
+ * Current process impersonates.
+ *
+ *-----------------------------------------------------------------------------
+ */
+
+VixError
+GuestAuthPasswordAuthenticateImpersonate(
+ char const *obfuscatedNamePassword, // IN
+ void **userToken) // OUT
+{
+#if SUPPORT_VGAUTH
+ VixError err;
+ char *username;
+ char *password;
+ VGAuthContext *ctx = NULL;
+ VGAuthError vgErr;
+ VGAuthUserHandle *newHandle = NULL;
+
+ err = VixMsg_DeObfuscateNamePassword(obfuscatedNamePassword,
+ &username,
+ &password);
+ if (err != VIX_OK) {
+ goto done;
+ }
+
+ err = VIX_E_INVALID_LOGIN_CREDENTIALS;
+
+ vgErr = TheVGAuthContext(&ctx);
+ if (VGAUTH_FAILED(vgErr)) {
+ err = VixToolsTranslateVGAuthError(vgErr);
+ goto done;
+ }
+
+ vgErr = VGAuth_ValidateUsernamePassword(ctx, username, password,
+ &newHandle);
+ if (VGAUTH_FAILED(vgErr)) {
+ err = VixToolsTranslateVGAuthError(vgErr);
+ goto done;
+ }
+
+ vgErr = VGAuth_Impersonate(ctx, newHandle);
+ if (VGAUTH_FAILED(vgErr)) {
+ err = VixToolsTranslateVGAuthError(vgErr);
+ goto done;
+ }
+
+ *userToken = VGAUTH_GENERIC_USER_TOKEN;
+
+ err = VIX_OK;
+
+done:
+
+ if (newHandle) {
+ VGAuth_UserHandleFree(newHandle);
+ }
+
+ return err;
+#else
+ return VIX_E_NOT_SUPPORTED;
+#endif
+}
+
+
+/*
+ *-----------------------------------------------------------------------------
+ *
+ * GuestAuthUnimpersonate
+ *
+ * End the current impersonation using the VGAuth library.
+ *
+ * Results:
+ * None
+ *
+ * Side effects:
+ * Current process un-impersonates.
+ *
+ *-----------------------------------------------------------------------------
+ */
+
+void
+GuestAuthUnimpersonate(void)
+{
+#if SUPPORT_VGAUTH
+ VGAuthContext *ctx;
+ VGAuthError vgErr = TheVGAuthContext(&ctx);
+ ASSERT(vgErr == VGAUTH_E_OK);
+
+ vgErr = VGAuth_EndImpersonation(ctx);
+ ASSERT(vgErr == VGAUTH_E_OK);
+#else
+ ASSERT(0);
+#endif
+}
+
+
+#if SUPPORT_VGAUTH
+/*
+ *-----------------------------------------------------------------------------
+ *
+ * TheVGAuthContext
+ *
+ * Get the global VGAuthContext object.
+ * Lazily create the global VGAuthContext when needed.
+ * Creating the global context may also cause the VGAuth Service to
+ * be started.
+ *
+ * Results:
+ * VGAUTH_E_OK if successful, the global context object is returned in
+ * the OUT parameter ctx.
+ *
+ * Side effects:
+ * None
+ *
+ *-----------------------------------------------------------------------------
+ */
+
+VGAuthError
+TheVGAuthContext(VGAuthContext **ctx) // OUT
+{
+ static VGAuthContext *vgaCtx = NULL;
+ VGAuthError vgaCode = VGAUTH_E_OK;
+
+ if (vgaCtx == NULL) {
+ vgaCode = VGAuth_Init(VMTOOLSD_APP_NAME, 0, NULL, 0, &vgaCtx);
+ }
+
+ *ctx = vgaCtx;
+ return vgaCode;
+}
+#endif
projects / thirdparty / open-vm-tools.git / commitdiff
