| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In this patch, the path to the Windows command interpreter
is reported in the shell field of struct passwd by getpwent
by default rather than "/bin/bash". The value of USERPROFILE
is used for the home field rather than "/home/<user>".
Also, the HOME environment variable is stuffed with a copy
of USERPROFILE.
The HOME issue solves the following problem: some OSS programs
on Windows, such as Vim, respond to a HOME variable. If it
has garbage contents that make no sense like "/home/bob",
they don't behave well.
* winsup/cygwin/grp.cc (pwdgrp::init_grp): Initialize new
pwd_sep member.
* winsup/cygwin/passwd.cc (pwdgrp::parse_passwd): Use pwd_sep
rather than hard-coded colon.
(pwdgrp::init_pwd): Initialize pwd_sep.
* winsup/cygwin/pwdgrp.h (class pwdgrp): New member, pwd_sep.
* winsup/cygwin/uinfo.cc (cygheap_user::ontherange): Copy
value of USERPROFILE into HOME.
(pwdgrp::next_num, pwdgrp::fetch_account_from_line): Use
pwd_sep rather than ':'.
(pwdgrp::next_num, pwdgrp::fetch_account_from_windows): Get
real Windows shell as default shell field. Get USERPROFILE
as home directory. Use '|' as the field separator because
these fields contain colons. Set pwd_sep to '|'.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bump GPLv2+ to GPLv3+ for some files, clarify BSD 2-clause.
Everything else stays under GPLv3+.
New Linking Exception exempts resulting executables from LGPLv3 section 4.
Add CONTRIBUTORS file to keep track of licensing.
Remove 'Copyright Red Hat Inc' comments.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
| |
|
|
|
|
|
| |
* grp.cc (pwdgrp::parse_group): Only copy the SID if it's valid.
* passwd.cc (pwdgrp::parse_passwd): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
| |
|
|
|
|
|
|
|
| |
* grp.cc (internal_getgrfull): Drop asking caches. Explain why.
(internal_getgroups): In case we're not utilizing the Windows account
DBs, don't call LsaLookupSids but iterate over the group SIDs in the
token and call internal_getgrsid for each of them. Explain why.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
| |
|
|
|
|
|
|
|
|
| |
* pwdgrp.h: Add comment to explain below change.
(struct pg_pwd): Convert sid member to BYTE array.
(struct pg_grp): Ditto.
* grp.cc (pwdgrp::parse_group): Accommodate above change.
* passwd.cc (pwdgrp::parse_passwd): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
| |
|
|
|
|
|
| |
* grp.cc (internal_getgroups): Handle negative domain index to avoid
crashes.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* grp.cc (pwdgrp::parse_group): Call cygsid::getfromgr_passwd.
* passwd.cc (pwdgrp::parse_passwd): Call cygsid::getfrompw_gecos.
* pwdgrp.h (cygsid::getfrompw): Implement as inline method here,
accessing pg_pwd's sid member directly.
(cygsid::getfromgr): Implement as inline method here, accessing
pg_grp's sid member directly.
* sec_auth.cc (extract_nt_dom_user): Call cygsid::getfrompw_gecos.
Explain why.
* sec_helper.cc (cygsid::getfrompw): Drop implementation.
(cygsid::getfromgr): Ditto.
* security.h (cygsid::getfrompw_gecos): Implement former getfrompw
inline here.
(cygsid::getfromgr_passwd): Implement former getfromgr inline here.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sec_auth.cc (get_server_groups): Drop unused passwd argument. Adjust
calls throughout.
(get_initgroups_sidlist): Ditto.
(get_setgroups_sidlist): Ditto.
(create_token): Ditto.
(lsaauth): Ditto.
* security.h (create_token): Adjust prototype to above change.
(lsaauth): Ditto.
(get_server_groups): Ditto.
* grp.cc (get_groups): Adjust call to get_server_groups.
* syscalls.cc (seteuid32): Adjust calls to lsaauth and create_token.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
| |
|
|
|
|
|
|
| |
* grp.cc (internal_getgroups): Drop unused timeout parameter.
* pwdgrp.h (internal_getgroups): Ditto in prototype.
* uinfo.cc (internal_getlogin): Ditto in usage.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(class cyg_ldap): Remove members srch_msg and srch_entry.
(cyg_ldap::get_string_attribute): Remove private method taking index
argument.
(cyg_ldap::get_num_attribute): Ditto. Add method taking attribute name.
(cyg_ldap::get_primary_gid): Adjust to aforementioned change.
(cyg_ldap::get_unix_uid): Ditto.
(cyg_ldap::get_unix_gid): Ditto.
* ldap.cc: Throughout, use msg and entry in place of srch_msg and
srch_entry.
(std_user_attr): Add sAMAccountName and objectSid.
(group_attr): Ditto.
(cyg_ldap::close): Drop handling of srch_msg and srch_entry.
(cyg_ldap::get_string_attribute): Move earlier in file.
(cyg_ldap::get_num_attribute): Ditto.
(cyg_ldap::enumerate_ad_accounts): Add comments for clarity.
Use group_attr or user_attr rather than sid_attr to fetch all desired
attributes for an account right away.
(cyg_ldap::next_account): Store found SID in last_fetched_sid to
skip calls to fetch_ad_account from fetch_account_from_windows.
(cyg_ldap::get_string_attribute): Remove method taking index argument.
(cyg_ldap::get_num_attribute): Ditto.
* pwdgrp.h (class pg_ent): Fix formatting. Add member dom.
* passwd.cc (pg_ent::enumerate_ad): Store current flat domain name
in dom. Construct fetch_acc_t argument from LDAP attributes and
call fetch_account_from_windows with that.
* userinfo.h (enum fetch_user_arg_type_t): Rename FULL_grp_arg to
FULL_acc_arg. Change throughout.
(struct fetch_acc_t): Rename from fetch_full_grp_t. Change throughout.
(struct fetch_user_arg_t): Rename full_grp to full_acc. Change
throughout.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cygserver_pwdgrp.h: Include userinfo.h. Drop workaround defining
fetch_user_arg_type_t locally.
* grp.cc (internal_getgrsid_cachedonly): New function.
(internal_getgrfull): Ditto.
(internal_getgroups): Rearrange function. Center around fetching all
cached group info first, calling LsaLookupSids on all so far non-cached
groups second. Pass all available info to new internal_getgrfull call.
* pwdgrp.h: Include userinfo.h. Move definitions of
fetch_user_arg_type_t and fetch_user_arg_t there.
(pwdgrp::add_group_from_windows): Declare with getting full group info.
Called from internal_getgrfull.
* uinfo.cc (pwdgrp::add_group_from_windows): Define.
(pwdgrp::fetch_account_from_line): Add default case.
(pwdgrp::fetch_account_from_file): Ditto.
(pwdgrp::fetch_account_from_windows): Handle FULL_grp_arg.
(client_request_pwdgrp::client_request_pwdgrp): Add default case.
* userinfo.h: New header.
(enum fetch_user_arg_type_t): Add FULL_grp_arg.
(struct fetch_full_grp_t): New datatype.
|
| |
|
|
| |
Everyone sid before calling internal_getgrsid.
|
| |
|
|
|
|
|
|
|
|
| |
Restrict fetching group account entries from user token groups by
timeout_ns 100ns-intervals. Add preceding comment to explain why.
* pwdgrp.h (internal_getgroups): Align prototype.
* times.cc (GetTickCount_ns): New function.
* uinfo.cc (internal_getlogin): Call internal_getgroups wih 300ms
timeout.
* winsup.h (GetTickCount_ns): Declare.
|
| |
|
|
| |
the right value.
|
| |
|
|
| |
an endless loop.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gr_mem entries.
(getgrgid_r): Don't try to copy gr_mem entries. Always set gr_mem
to an empty list.
(getgrnam_r): Ditto.
(app_gr): New static struct to store group data propagated to the
calling application via getgrgid/getgrnam.
(getgr_cp): Fill app_gr and return pointer to app_gr.g.
(getgrgid32): Call getgr_cp.
(getgrnam32): Ditto.
* passwd.cc (pwdgrp::parse_passwd): Set res.len.
(app_pw): New static struct to store passwd data propagated to the
calling application via getpwuid/getpwnam.
(getpw_cp): Fill app_pw and return pointer to app_pw.p.
(getpwuid32): Cal getpw_cp.
(getpwnam): Ditto.
* pwdgrp.h (struct pg_pwd): Add len member.
(struct pg_grp): Ditto.
|
| |
|
|
|
| |
instead throughout.
(MAX_SID_LEN): Drop. Use SECURITY_MAX_SID_SIZE instead throughout.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sec_helper.cc (cygpsid::pstring): Use sid_sub_auth_count macro.
(cygsid::get_sid): Use MAX_SUBAUTH_CNT rather than wrong constant 8.
Don't call memcpy to copy subauthorities into SID, use assignment.
(cygsid::getfromstr): Use MAX_SUBAUTH_CNT rather than wrong constant 8.
* security.h (MAX_SUBAUTH_CNT): New definition. Set to 11 to cover
Microsoft Accounts.
(MAX_SID_LEN): Define in terms of SID member sizes and MAX_SUBAUTH_CNT.
(DBGSID): Use MAX_SUBAUTH_CNT to define size of SubAuthority array.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Handle Micosoft
Accounts. Handle them as well known group. Compare domain names
case-insensitive.
* winlean.h (PIPE_REJECT_REMOTE_CLIENTS): Drop temporary definition
since Mingw64 catched up.
(DNLEN): Redefine as 16. Explain why.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(cygheap_pwdgrp::caching): Convert to bool.
(cygheap_pwdgrp::pwd_cache): Add cygserver member.
(cygheap_pwdgrp::grp_cache): Ditto.
(cygheap_pwdgrp::nss_db_caching): Drop.
(cygheap_pwdgrp::nss_db_full_caching): Drop.
(cygheap_pwdgrp::nss_cygserver_caching): New method.
(cygheap_pwdgrp::nss_disable_cygserver_caching): New method.
* cygserver.h (client_request::request_code_t): Add
CYGSERVER_REQUEST_PWDGRP.
* cygserver_pwdgrp.h: New file.
* cygtls.h (struct _local_storage): Remove pwbuf and grbuf members.
* grp.cc (pwdgrp::prep_tls_grbuf): Drop.
(internal_getgrsid): Handle cygserver caching and rearrange to check
the caches first.
(internal_getgrnam): Ditto.
(internal_getgrgid): Ditto.
(gr_ent::enumerate_caches): Handle cygserver cache.
* passwd.cc (pwdgrp::prep_tls_pwbuf): Drop.
(internal_getpwsid): Handle cygserver caching and rearrange to check
the caches first.
(internal_getpwnam): Ditto.
(internal_getpwuid): Ditto.
(pw_ent::enumerate_caches): Handle cygserver cache.
* pwdgrp.h (pwdgrp::add_account_from_cygserver): New method declaration.
(pwdgrp::fetch_account_from_cygserver): New method declaration.
(pwdgrp::prep_tls_pwbuf): Drop declaration.
(pwdgrp::prep_tls_grbuf): Drop declaration.
(pwdgrp::add_user_from_cygserver): New inline methods.
(pwdgrp::add_group_from_cygserver): New inline methods.
* tlsoffsets.h: Regenerate.
* tlsoffsets64.h: Regenerate.
* uinfo.cc (internal_getlogin): Call internal_getgroups if cygserver
caching is not available.
(cygheap_pwdgrp::init): Initialize pwd_cache.cygserver and
grp_cache.cygserver. Set caching to true.
(cygheap_pwdgrp::nss_init_line): Drop db_cache handling entirely.
(pwdgrp::add_account_from_windows): Drop no caching handling.
(client_request_pwdgrp::client_request_pwdgrp): New method.
(pwdgrp::fetch_account_from_cygserver): New method.
(pwdgrp::add_account_from_cygserver): New method.
* fhandler_disk_file.cc (fhandler_base::fstat_helper): Fix formatting.
* include/sys/cygwin.h: Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(pwdgrp::is_group): New inline method.
(add_account_from_windows): Drop group argument from declaration.
(fetch_account_from_windows): Ditto.
(check_file): Ditto.
(add_user_from_windows): Call add_account_from_windows accordingly.
(add_group_from_windows): Ditto.
* uinfo.cc (pwdgrp::add_account_from_windows): Drop group argument.
Use is_group method instead.
(pwdgrp::check_file): Ditto.
(pwdgrp::fetch_account_from_windows): Ditto.
* grp.cc: Accommodate aforementioned changes.
* passwd.cc: Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
than PSID.
(cygheap_user::saved_sid): Ditto.
(cygheap_pwdgrp::cache_t): New type.
(cygheap_pwdgrp::caching): Convert to cache_t.
(cygheap_pwdgrp::nss_db_caching): Change accordingly.
(cygheap_pwdgrp::nss_db_full_caching): New inline method.
* grp.cc (internal_getgroups): Reinvent. Take cyg_ldap pointer as
third parameter and use throughout.
(getgroups32): Call internal_getgroups.
* pwdgrp.h (internal_getgroups): Declare.
* uinfo.cc (internal_getlogin): Partial rewrite to accommodate having
no connection to the DC. Give primary group from user token more
weight. Generate group entries for all groups in the user token if
caching is set to NSS_FULL_CACHING.
(cygheap_pwdgrp::init): Initialize caching to NSS_FULL_CACHING.
(cygheap_pwdgrp::nss_init_line): Handle "db_cache: full".
(pwdgrp::add_account_from_windows): Fix group handling in non-caching
mode.
(pwdgrp::fetch_account_from_windows): Default primary group for the
current user to primary group from user token. Check for primary
domain first after LookupAccountSid failed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* external.cc (cygwin_internal): Call get_uid/get_gid instead of get_id.
* grp.cc (internal_getgrsid): Take additional cyg_ldap pointer.
Forward to pwdgrp::add_group_from_windows.
(internal_getgrnam): Ditto.
(internal_getgrgid): Ditto.
(gr_ent::enumerate_local): Drop ugid_caching bool from call to
pwdgrp::fetch_account_from_windows.
(getgroups32): Rename from internal_getgroups and drop getgroups32 stub.
Drop srchsid parameter and code handling it. Add local cyg_ldap
instance and forward to internal_getgrXXX.
(getgroups): Call getgroups32.
(get_groups): Add local cyg_ldap instance and forward to
internal_getgrXXX.
(getgrouplist): Ditto.
(setgroups32): Ditto.
* ldap.cc (cyg_ldap::open): Don't call close. Return true if connection
is already open.
(cyg_ldap::remap_uid): Forward this to internal_getpwsid.
(cyg_ldap::remap_gid): Forward this to internal_getgrsid.
* passwd.cc (internal_getpwsid): Take additional cyg_ldap pointer.
Forward to pwdgrp::add_user_from_windows.
(internal_getpwnam): Ditto.
(internal_getpwuid): Ditto.
(pg_ent::enumerate_builtin): Drop ugid_caching bool from call to
pwdgrp::fetch_account_from_windows.
(pg_ent::enumerate_sam): Ditto.
(pg_ent::enumerate_ad): Ditto. Forward local cldap instead.
* pwdgrp.h (internal_getpwsid): Align declaration to above change.
(internal_getpwnam): Ditto.
(internal_getpwuid): Ditto.
(internal_getgrsid): Ditto.
(internal_getgrgid): Ditto.
(internal_getgrnam): Ditto.
(internal_getgroups): Drop declaration.
(pwdgrp::add_account_from_windows): Align declaration to below change.
(pwdgrp::add_user_from_windows): Ditto.
(pwdgrp::add_group_from_windows): Ditto.
* sec_acl.cc (setacl): Add local cyg_ldap instance and forward to
internal_getpwuid and internal_getgrgid.
(getacl): Add local cyg_ldap instance and forward to cygpsid::get_id.
(aclfromtext32): Add local cyg_ldap instance and forward to
internal_getpwnam and internal_getgrnam.
* sec_helper.cc (cygpsid::get_id): Take additional cyg_ldap pointer.
Forward to internal_getgrsid and internal_getpwsid.
(get_sids_info): Drop ldap_open. Forward local cldap to
internal_getpwsid and internal_getgrXXX. Call CheckTokenMembership
rather than internal_getgroups.
* security.h (cygpsid::get_id): Add cyg_ldap pointer, drop default
parameter.
(cygpsid::get_uid): Add cyg_ldap pointer. Call get_id accordingly.
(cygpsid::get_gid): Ditto.
* uinfo.cc (internal_getlogin): Add local cyg_ldap instance and forward
to internal_getpwXXX and internal_getgrXXX calls.
(pwdgrp::add_account_from_windows): Take additional cyg_ldap pointer.
Forward to pwdgrp::fetch_account_from_windows.
(fetch_posix_offset): Drop ldap_open argument and handling. Get
cyg_ldap instance as pointer.
(pwdgrp::fetch_account_from_windows): Take additional cyg_ldap pointer.
Use it if it's not NULL, local instance otherwise. Drop ldap_open.
Drop fetching extended group arguments from AD for speed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CW_GETPWSID and CW_GETGRSID.
* grp.cc (internal_getgrsid_from_db): New function.
* passwd.cc (internal_getpwsid_from_db): New function.
(pg_ent::setent): Add special case for call from mkpasswd/mkgroup.
* pwdgrp.h (internal_getpwsid_from_db): Declare.
(internal_getgrsid_from_db): Declare.
(enum nss_enum_t): Move to include/sys/cygwin.h.
(class pg_ent): Add comment.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Fix typo in comment.
Change "UNIX" to "Unix" in domain name.
* include/sys/cygwin.h (cygwin_getinfo_types): Add CW_GETNSSSEP,
CW_GETPWSID and CW_GETGRSID.
(enum nss_enum_t): Define here.
|
| |
|
|
|
|
|
|
|
|
|
| |
to declaration, set to true by default.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Add bool parameter
"ugid_caching". Only add account to ugid_cache if set to true.
* grp.cc (gr_ent::enumerate_local): Call fetch_account_from_windows
with ugid_caching parameter set to false.
* passwd.cc (pg_ent::enumerate_builtin): Ditto.
(pg_ent::enumerate_sam): Ditto.
(pg_ent::enumerate_ad): Ditto.
|
| |
|
|
| |
if ngroups isn't too small.
|
| |
|
|
| |
(getgrouplist): Return number of groups, just like glibc.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CW_ENDENT info types.
* grp.cc (setgrent_filtered): New function, called from cygwin_internal.
(getgrent_filtered): Ditto.
(endgrent_filtered): Ditto.
* passwd.cc (pg_ent::setent): Set state explicitely to from_cache.
(pg_ent::getent): Handle the fact that a DC has no SAM and enumerating
local accounts is equivalent to enumerating domain accounts.
(setpwent_filtered): New function, called from cygwin_internal.
(getpwent_filtered): Ditto.
(endpwent_filtered): Ditto.
* pwdgrp.h (setpwent_filtered): Declare.
(getgrent_filtered): Ditto.
(endgrent_filtered): Ditto.
(setpwent_filtered): Ditto.
(getpwent_filtered): Ditto.
(endpwent_filtered): Ditto.
* include/sys/cygwin.h (cygwin_getinfo_types): Add CW_SETENT, CW_GETENT,
and CW_ENDENT.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(ldap_result): Import.
(ldap_searchW): Import.
(NetGroupEnum): Import.
(NetLocalGroupEnum): Import.
(NetUserEnum): Import.
* cygheap.h (class cygheap_pwdgrp): Add members enums and enum_tdoms.
(cygheap_pwdgrp::nss_db_enums): New inline method.
(cygheap_pwdgrp::nss_db_enum_tdoms): Ditto.
* cygtls.h (struct _local_storage): Drop unused members pw_pos and
grp_pos.
* grp.cc (grent): New static variable of class gr_ent.
(gr_ent::enumerate_caches): New method.
(gr_ent::enumerate_local): New method.
(gr_ent::getgrent): New method.
(setgrent): Call gr_ent method.
(getgrent32): Ditto.
(endgrent): Ditto.
* ldap.cc (sid_attr): Rename from nfs_attr.
(cyg_ldap::close): Abandon still running asynchronous search.
(cyg_ldap::fetch_ad_account): Reduce filter buffer size.
(cyg_ldap::enumerate_ad_accounts): New method.
(cyg_ldap::next_account): New method.
(cyg_ldap::fetch_posix_offset_for_domain): Reduce filter buffer size.
(cyg_ldap::fetch_unix_sid_from_ad): Ditto. Fix return value in case
no value has been read.
(cyg_ldap::fetch_unix_name_from_rfc2307): Reduce filter buffer size.
* ldap.h (class cyg_ldap): Add msg_id member.
(cyg_ldap::enumerate_ad_accounts): Declare.
(cyg_ldap::next_account): Declare:
* passwd.cc (pwent): New static variable of class pw_ent.
(pg_ent::clear_cache): New method.
(pg_ent::setent): New method.
(pg_ent::getent): New method.
(pg_ent::endent): New method.
(pg_ent::enumerate_file): New method.
(pg_ent::enumerate_builtin): New method.
(pg_ent::enumerate_sam): New method.
(pg_ent::enumerate_ad): New method.
(pw_ent::enumerate_caches): New method.
(pw_ent::enumerate_local): New method.
(pw_ent::getpwent): New method.
(setpwent): Call pw_ent method.
(getpwent): Ditto.
(endpwent): Ditto.
* pwdgrp.h (class pwdgrp): Define pg_ent, pw_ent and gr_ent as friend
classes.
(pwdgrp::add_account_post_fetch): Declare with extra bool parameter.
(pwdgrp::file_attr): New inline method.
(enum nss_enum_t): Define.
(class pg_ent): Define.
(class pw_ent): Define.
(class gr_ent): Define.
* tlsoffsets.h: Regenerate.
* tlsoffsets64.h: Ditto.
* uinfo.cc (cygheap_pwdgrp::init): Initialize enums and enum_tdoms.
(cygheap_pwdgrp::nss_init_line): Fix typo in preceeding comment.
Handle new "db_enum" keyword.
(pwdgrp::add_account_post_fetch): Take additional `bool lock' parameter
and acquire pglock before adding element to array if lock is true.
(pwdgrp::add_account_from_file): Call add_account_post_fetch with lock
set to true.
(pwdgrp::add_account_from_windows): Ditto in case of caching.
(pwdgrp::fetch_account_from_windows): Handle builtin aliases only
known to the domain controller. Only call NetLocalGroupGetInfo for
aliases.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
/etc/nsswitch.conf file to configure it.
* Makefile.in (DLL_OFILES): Add ldap.o.
* autoload.cc: Import ldap functions from wldap32.dll.
(DsEnumerateDomainTrustsW): Import.
(NetGroupGetInfo): Import.
* cygheap.h (class cygheap_domain_info): New class to keep global
domain info.
(class cygheap_pwdgrp): New class to keep passwd/group caches and
configuration info from /etc/nssswitch.conf.
(struct init_cygheap): Add cygheap_domain_info member "dom" and
cygheap_pwdgrp member "pg".
* cygtls.h (struct _local_storage): Remove unused member "res".
Rearrange slightly, Add members pwbuf and grbuf to implement non-caching
passwd/group fetching from SAM/AD. Make pw_pos and pw_pos unsigned.
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Add RFC 2307
uid/gid mapping.
* fhandler_process.cc: Drop including pwdgrp.h.
* fhandler_procsysvipc.cc: Ditto.
* fhandler_registry.cc (fhandler_registry::fstat): Set key uid/gid
to ILLEGAL_UID/ILLEGAL_GID rather than UNKNOWN_UID/UNKNOWN_GID.
* grp.cc (group_buf): Drop.
(gr): Drop.
(pwdgrp::parse_group): Fill pg_grp.
(pwdgrp::read_group): Remove.
(pwdgrp::init_grp): New method.
(pwdgrp::prep_tls_grbuf): New method.
(pwdgrp::find_group): New methods.
(internal_getgrsid): Convert to call new pwdgrp methods.
(internal_getgrnam): Ditto.
(internal_getgrgid): Ditto.
(getgrgid_r): Drop 2nd parameter from internal_getgrgid call.
(getgrgid32): Ditto.
(getgrnam_r): Ditto for internal_getgrnam.
(getgrnam32): Ditto.
(getgrent32): Convert to call new pwdgrp methods.
(internal_getgrent): Remove.
(internal_getgroups): Simplify, especially drop calls to
internal_getgrent.
* ldap.cc: New file implementing cyg_ldap class for LDAP access to AD
and RFC 2307 server.
* ldap.h: New header, declaring cyg_ldap class.
* passwd.cc (passwd_buf): Drop.
(pr): Drop.
(pwdgrp::parse_passwd): Fill pg_pwd.
(pwdgrp::read_passwd): Remove.
(pwdgrp::init_pwd): New method.
(pwdgrp::prep_tls_pwbuf): New method.
(find_user): New methods.
(internal_getpwsid): Convert to call new pwdgrp methods.
(internal_getpwnam): Ditto.
(internal_getpwuid): Ditto.
(getpwuid32): Drop 2nd parameter from internal_getpwuid call.
(getpwuid_r): Ditto.
(getpwnam): Ditto for internal_getpwnam.
(getpwnam_r): Ditto.
(getpwent): Convert to call new pwdgrp methods.
* path.cc (class etc): Remove all methods.
* path.h (class etc): Drop.
* pinfo.cc (pinfo_basic::pinfo_basic): Set gid to ILLEGAL_GID rather
than UNKNOWN_GID.
(pinfo_init): Ditto.
* pwdgrp.h (internal_getpwnam): Drop 2nd parameter from declaration.
(internal_getpwuid): Ditto.
(internal_getgrgid): Ditto.
(internal_getgrnam): Ditto.
(internal_getgrent): Drop declaration.
(enum fetch_user_arg_type_t): New type.
(struct fetch_user_arg_t): New type.
(struct pg_pwd): New type.
(struct pg_grp): New type.
(class pwdgrp): Rework to provide functions for file and db requests
and caching.
(class ugid_cache_t): New class to provide RFC 2307 uid map caching.
(ugid_cache): Declare.
* sec_acl.cc: Drop including pwdgrp.h.
* sec_auth.cc: Drop including dsgetdc.h and pwdgrp.h.
(get_logon_server): Convert third parameter to ULONG flags argument
to allow arbitrary flags values in DsGetDcNameW call and change calls
to this function throughout. Use cached account domain name rather
than calling GetComputerNameW.
(get_unix_group_sidlist): Remove.
(get_server_groups): Drop call to get_unix_group_sidlist.
(verify_token): Rework token group check without calling
internal_getgrent.
* sec_helper.cc (cygpsid::pstring): New methods, like string() but
return pointer to end of string.
(cygsid::getfromstr): Add wide character implementation.
(get_sids_info): Add RFC 2307 uid/gid mapping for Samba shares.
* security.cc: Drop including pwdgrp.h.
* security.h (DEFAULT_UID): Remove.
(UNKNOWN_UID): Remove.
(UNKNOWN_GID): Remove.
(uinfo_init): Move here from winsup.h.
(ILLEGAL_UID): Ditto.
(ILLEGAL_GID): Ditto.
(UNIX_POSIX_OFFSET): Define. Add lengthy comment.
(UNIX_POSIX_MASK): Ditto.
(MAP_UNIX_TO_CYGWIN_ID): Ditto.
(ILLEGAL_UID16): Move here from winsup.h.
(ILLEGAL_GID16): Ditto.
(uid16touid32): Ditto.
(gid16togid32): Ditto.
(sid_id_auth): New convenience macro for SID component access.
(sid_sub_auth_count): Ditto.
(sid_sub_auth): Ditto.
(sid_sub_auth_rid): Ditto.
(cygpsid::pstring): Declare.
(cygsid::getfromstr): Declare wide character variant.
(cygsid::operator=): Ditto.
(cygsid::operator*=): Ditto.
(get_logon_server): Change declaration according to source code.
* setlsapwd.cc (setlsapwd): Drop 2nd parameter from internal_getpwnam
call.
* shared.cc (memory_init): Call cygheap->pg.init in first process.
* syscalls.cc: Drop including pwdgrp.h.
* tlsoffsets.h: Regenerate.
* tlsoffsets64.h: Ditto.
* uinfo.cc (internal_getlogin): Drop gratuitious internal_getpwuid
call. Fix debug output. Overwrite user gid in border case of a
missing passwd file while a group file exists.
(pwdgrp::add_line): Allocate memory on cygheap.
(pwdgrp::load): Remove.
(ugid_cache): Define.
(cygheap_pwdgrp::init): New method.
(cygheap_pwdgrp::nss_init_line): New method.
(cygheap_pwdgrp::_nss_init): New method.
(cygheap_domain_info::init): New method.
(logon_sid): Define.
(get_logon_sid): New function.
(pwdgrp::add_account_post_fetch): New method.
(pwdgrp::add_account_from_file): New methods.
(pwdgrp::add_account_from_windows): New methods.
(pwdgrp::check_file): New method.
(pwdgrp::fetch_account_from_line): New method.
(pwdgrp::fetch_account_from_file): New method.
(pwdgrp::fetch_account_from_windows): New method.
* winsup.h: Move aforementioned macros and declarations to security.h.
|
| |
|
|
|
| |
(initgroups32): Accommodate the aforementioned change.
(getgrouplist): Ditto.
|
| |
|
|
| |
even if it's empty.
|
| | |
|
| |
|
|
| |
checkins. Regularize copyright format.
|
| |
|
|
| |
* passwd.cc (pwdgrp::parse_passwd): Ditto for res.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Throughout, change syscalls to report on return values using new %R format
option.
* smallprint.cc (__small_vsprintf): Add parsing for %R to report on return
values and possible errno from syscalls.
* errno.cc (errmap): Add PRIVILEGE_NOT_HELD.
* fhandler_tty.cc (fhandler_pty_master::setup): When creating a thread use
shorter name to reduce debuggging output.
* select.cc (start_thread_pipe): Ditto.
(start_thread_serial): Ditto.
(start_thread_socket): Ditto.
(start_thread_mailslot): Ditto.
* sigproc.cc (talktome): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* grp.cc (get_groups): New static function to run the core functionality
of initgroups and getgrouplist.
(initgroups32): Call get_groups and just create supplementary group
list in cygheap. Rename name of first argument to "user". Add an
assertion to test for a NULL user name.
(initgroups): Rename name of first argument to "user".
(getgrouplist): New function.
* posix.sgml (std-bsd): Add getgrouplist.
* include/cygwin/grp.h (getgrouplist): Declare.
* include/cygwin/version.h: Bump API minor number.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
(SetTokenInformation): Remove.
* grp.cc: Replace above functions throughout with their ntdll.dll
equivalent.
* sec_auth.cc: Ditto.
* syscalls.cc: Ditto.
* uinfo.cc: Ditto.
|
| |
|
|
|
|
| |
(getgrnam_r): Ditto.
* passwd.cc (getpwuid_r32): Simplify code by using stpcpy.
(getpwnam_r): Ditto.
|
| |
|
|
| |
if passwd gid exists under different gid in /etc/group.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
username from /etc/passwd before loading mount table.
(shared_info::init_installation_root): New function fetching Cygwin's
installation root dir and storing as native NT path in global shared
memory.
(shared_info::initialize): Call init_installation_root exactly once at
first startup.
* shared_info.h (SHARED_INFO_CB): Accommodate change to shared_info.
(CURR_SHARED_MAGIC): Ditto.
(class shared_info): Add installation_root member.
(shared_info::init_installation_root): Declare.
* grp.cc (pwdgrp::read_group): Call pwdgrp::load with native WCHAR path.
* passwd.cc (pwdgrp::read_passwd): Ditto. Avoid recursion.
(etc::init): Take POBJECT_ATTRIBUTES instead of path_conv.
* path.h (etc::init): Change prototype accordingly.
* pwdgrp.h (class pwdgrp): Store path as UNICODE_STRING/PWCHAR instead
of as path_conv.
(pwdgrp::load): Accommodate prototype.
* uinfo.cc (pwdgrp::load): Change argument type from char to wchar_t.
Create native NT path here instead of calling path_conv.
* mount.cc (find_root_from_cygwin_dll): Drop in favor of global
initializaion in shared_info.
(mount_info::init): Fetch native NT root dir from cygwin_shared.
(mount_info::from_fstab): Expect native NT path and use native NT
functions to access file. Convert username part in user fstab path
according to special char transformation rules.
* path.cc (tfx_chars): Convert slash to backslash.
(transform_chars): Implement for path given as PWCHAR.
(transform_chars): PUNICODE_STRING version calls PWCHAR version.
Remove useless commented code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dcrt0.cc (child_info_spawn::handle_spawn): Drop artificial
supplementary group list from calling setgroups in parent.
* grp.cc (internal_getgroups): Drop 9x-only code. Reformat.
* sec_auth.cc (get_logon_server): Do everything in WCHAR only.
(get_user_groups): Ditto. Use wlogonserver in LookupAccountNameW
calls, too.
(is_group_member): Get logon server as first argument and use in call
to NetLocalGroupGetMembers.
(get_user_local_groups): Get logon server as first argument and use in
calls to NetLocalGroupEnum and LookupAccountNameW. Revamp to work
more correctly in domain environments.
(get_server_groups): Accommodate aforementioned changed function calls.
* security.h (get_logon_server): Change prototype accordingly.
* uinfo.cc (cygheap_user::env_logsrv): Accommodate changed
get_logon_server call.
|
| | |
|
| |
|
|
| |
the group list.
|
| |
|
|
| |
list.
|
| |
|
|
| |
directly using alloca.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
Accommodate changge throughout Cygwin.
(cygheap_user::imp_token): Rename from token. Accommodate changge
throughout Cygwin.
(rcygheap_user::eimpersonate): Use primary token for impersonation.
* grp.cc (internal_getgroups): Use primary impersonation token when
impersonated.
* security.h (_push_thread_privilege): Use primary impersonation token
when impersonated.
|
| |
|
|
|
|
|
|
|
| |
* environ.cc (environ_init): Drop setting allow_ntsec here.
* grp.cc (initgroups32): Drop usage of label "out".
* security.cc (allow_ntsec): Set to true by default.
* syscalls.cc (seteuid32): Remove label success_9x.
* wincap.cc: Remove has_security throughout.
* wincap.h: Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
impersonation token, which collides with Vista UAC.
* cygheap.h (deimpersonate): revert to self instead of impersonating
hProcImpToken.
(reimpersonate): Only impersonate if setuid.
* dcrt0.cc (dll_crt0_0): Don't initialize hProcImpToken here.
(dll_crt0_1): Set privileges on hProcToken.
* fork.cc (frok::child): Set privileges on hProcToken. Close handle to
hProcImpToken.
* grp.cc (internal_getgroups): Use hProcToken instead of hProcImpToken.
* security.cc (check_access): Create hProcImpToken on demand here.
* security.h (set_process_privilege): Set privileges on hProcToken.
(_push_thread_privilege): Use hProcToken instead of hProcImpToken.
(pop_thread_privilege): If not setuid'ed, revert to self.
* syscalls.cc (setegid32): Drop setting primary group on hProcImpToken.
Close handle to hProcImpToken.
* uinfo.cc (internal_getlogin): Ditto.
* winsup.h (clear_procimptoken): New inline function.
|
