* autoload.cc (CheckTokenMembership): Import.
* external.cc (cygwin_internal): Call get_uid/get_gid instead of get_id. * grp.cc (internal_getgrsid): Take additional cyg_ldap pointer. Forward to pwdgrp::add_group_from_windows. (internal_getgrnam): Ditto. (internal_getgrgid): Ditto. (gr_ent::enumerate_local): Drop ugid_caching bool from call to pwdgrp::fetch_account_from_windows. (getgroups32): Rename from internal_getgroups and drop getgroups32 stub. Drop srchsid parameter and code handling it. Add local cyg_ldap instance and forward to internal_getgrXXX. (getgroups): Call getgroups32. (get_groups): Add local cyg_ldap instance and forward to internal_getgrXXX. (getgrouplist): Ditto. (setgroups32): Ditto. * ldap.cc (cyg_ldap::open): Don't call close. Return true if connection is already open. (cyg_ldap::remap_uid): Forward this to internal_getpwsid. (cyg_ldap::remap_gid): Forward this to internal_getgrsid. * passwd.cc (internal_getpwsid): Take additional cyg_ldap pointer. Forward to pwdgrp::add_user_from_windows. (internal_getpwnam): Ditto. (internal_getpwuid): Ditto. (pg_ent::enumerate_builtin): Drop ugid_caching bool from call to pwdgrp::fetch_account_from_windows. (pg_ent::enumerate_sam): Ditto. (pg_ent::enumerate_ad): Ditto. Forward local cldap instead. * pwdgrp.h (internal_getpwsid): Align declaration to above change. (internal_getpwnam): Ditto. (internal_getpwuid): Ditto. (internal_getgrsid): Ditto. (internal_getgrgid): Ditto. (internal_getgrnam): Ditto. (internal_getgroups): Drop declaration. (pwdgrp::add_account_from_windows): Align declaration to below change. (pwdgrp::add_user_from_windows): Ditto. (pwdgrp::add_group_from_windows): Ditto. * sec_acl.cc (setacl): Add local cyg_ldap instance and forward to internal_getpwuid and internal_getgrgid. (getacl): Add local cyg_ldap instance and forward to cygpsid::get_id. (aclfromtext32): Add local cyg_ldap instance and forward to internal_getpwnam and internal_getgrnam. * sec_helper.cc (cygpsid::get_id): Take additional cyg_ldap pointer. Forward to internal_getgrsid and internal_getpwsid. (get_sids_info): Drop ldap_open. Forward local cldap to internal_getpwsid and internal_getgrXXX. Call CheckTokenMembership rather than internal_getgroups. * security.h (cygpsid::get_id): Add cyg_ldap pointer, drop default parameter. (cygpsid::get_uid): Add cyg_ldap pointer. Call get_id accordingly. (cygpsid::get_gid): Ditto. * uinfo.cc (internal_getlogin): Add local cyg_ldap instance and forward to internal_getpwXXX and internal_getgrXXX calls. (pwdgrp::add_account_from_windows): Take additional cyg_ldap pointer. Forward to pwdgrp::fetch_account_from_windows. (fetch_posix_offset): Drop ldap_open argument and handling. Get cyg_ldap instance as pointer. (pwdgrp::fetch_account_from_windows): Take additional cyg_ldap pointer. Use it if it's not NULL, local instance otherwise. Drop ldap_open. Drop fetching extended group arguments from AD for speed.
This commit is contained in:
Corinna Vinschen
@@ -94,6 +94,7 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
|
||||
struct passwd *pw;
|
||||
struct group *gr;
|
||||
int pos;
|
||||
cyg_ldap cldap;
|
||||
|
||||
RtlCreateAcl (acl, ACL_MAXIMUM_SIZE, ACL_REVISION);
|
||||
|
||||
@@ -157,7 +158,7 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
|
||||
break;
|
||||
case USER:
|
||||
case DEF_USER:
|
||||
if (!(pw = internal_getpwuid (aclbufp[i].a_id))
|
||||
if (!(pw = internal_getpwuid (aclbufp[i].a_id, &cldap))
|
||||
|| !sid.getfrompw (pw))
|
||||
{
|
||||
set_errno (EINVAL);
|
||||
@@ -179,7 +180,7 @@ setacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp,
|
||||
break;
|
||||
case GROUP:
|
||||
case DEF_GROUP:
|
||||
if (!(gr = internal_getgrgid (aclbufp[i].a_id))
|
||||
if (!(gr = internal_getgrgid (aclbufp[i].a_id, &cldap))
|
||||
|| !sid.getfromgr (gr))
|
||||
{
|
||||
set_errno (EINVAL);
|
||||
@@ -282,6 +283,7 @@ getacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp)
|
||||
BOOLEAN dummy;
|
||||
uid_t uid;
|
||||
gid_t gid;
|
||||
cyg_ldap cldap;
|
||||
|
||||
status = RtlGetOwnerSecurityDescriptor (sd, (PSID *) &owner_sid, &dummy);
|
||||
if (!NT_SUCCESS (status))
|
||||
@@ -289,7 +291,7 @@ getacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp)
|
||||
__seterrno_from_nt_status (status);
|
||||
return -1;
|
||||
}
|
||||
uid = owner_sid.get_uid ();
|
||||
uid = owner_sid.get_uid (&cldap);
|
||||
|
||||
status = RtlGetGroupSecurityDescriptor (sd, (PSID *) &group_sid, &dummy);
|
||||
if (!NT_SUCCESS (status))
|
||||
@@ -297,7 +299,7 @@ getacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp)
|
||||
__seterrno_from_nt_status (status);
|
||||
return -1;
|
||||
}
|
||||
gid = group_sid.get_gid ();
|
||||
gid = group_sid.get_gid (&cldap);
|
||||
|
||||
aclent_t lacl[MAX_ACL_ENTRIES];
|
||||
memset (&lacl, 0, MAX_ACL_ENTRIES * sizeof (aclent_t));
|
||||
@@ -367,7 +369,7 @@ getacl (HANDLE handle, path_conv &pc, int nentries, aclent_t *aclbufp)
|
||||
id = ILLEGAL_GID;
|
||||
}
|
||||
else
|
||||
id = ace_sid.get_id (true, &type);
|
||||
id = ace_sid.get_id (TRUE, &type, &cldap);
|
||||
|
||||
if (!type)
|
||||
continue;
|
||||
@@ -836,6 +838,7 @@ aclfromtext32 (char *acltextp, int *)
|
||||
int pos = 0;
|
||||
strcpy (buf, acltextp);
|
||||
char *lasts;
|
||||
cyg_ldap cldap;
|
||||
for (char *c = strtok_r (buf, ",", &lasts);
|
||||
c;
|
||||
c = strtok_r (NULL, ",", &lasts))
|
||||
@@ -855,7 +858,7 @@ aclfromtext32 (char *acltextp, int *)
|
||||
c += 5;
|
||||
if (isalpha (*c))
|
||||
{
|
||||
struct passwd *pw = internal_getpwnam (c);
|
||||
struct passwd *pw = internal_getpwnam (c, &cldap);
|
||||
if (!pw)
|
||||
{
|
||||
set_errno (EINVAL);
|
||||
@@ -883,7 +886,7 @@ aclfromtext32 (char *acltextp, int *)
|
||||
c += 5;
|
||||
if (isalpha (*c))
|
||||
{
|
||||
struct group *gr = internal_getgrnam (c);
|
||||
struct group *gr = internal_getgrnam (c, &cldap);
|
||||
if (!gr)
|
||||
{
|
||||
set_errno (EINVAL);
|
||||
|
||||
Reference in New Issue
Block a user