* cygheap.h (cygheap_pwdgrp::get_home): Add dnsdomain parameter to
declaration in ldap-related method. (cygheap_pwdgrp::get_shell): Ditto. (cygheap_pwdgrp::get_gecos): Ditto. * ldap.cc (cyg_ldap::open): Use NO_ERROR instead of 0. (cyg_ldap::close): Reset last_fetched_sid. (cyg_ldap::fetch_ad_account): Return immediately if sid is the same as last_fetched_sid. Open LDAP connection from here. Move initialization of rdse after open call. Set last_fetched_sid if LDAP call was successful. * ldap.h (class cyg_ldap): Add member last_fetched_sid. (cyg_ldap::cyg_ldap): Initialize last_fetched_sid. (cyg_ldap::is_open): New inline method. * uinfo.cc (cygheap_pwdgrp::init): Drop initialization of db_home, db_shell and db_gecos with "cygwin desc", thus only using the fallback by default. (fetch_windows_home): Add parameter dnsdomain. Call cyg_ldap::fetch_ad_account if required. (fetch_from_path): Add parameter dnsdomain. Call fetch_windows_home accordingly. (cygheap_pwdgrp::get_home): Accomodate call to fetch_windows_home. Add dnsdomain parameter in ldap-related method. Call cyg_ldap::fetch_ad_account if required. (cygheap_pwdgrp::get_shell): Ditto. (cygheap_pwdgrp::get_gecos): Ditto. (pwdgrp::fetch_account_from_windows): Drop cyg_ldap::open call prior to cyg_ldap::fetch_ad_account call. Set is_current_user to true if we're handling the current user account. Make sure to perform the LDAP calls only for users, and only if required.
This commit is contained in:
@@ -1,3 +1,35 @@
|
|||||||
|
2015-02-12 Corinna Vinschen <corinna@vinschen.de>
|
||||||
|
|
||||||
|
* cygheap.h (cygheap_pwdgrp::get_home): Add dnsdomain parameter to
|
||||||
|
declaration in ldap-related method.
|
||||||
|
(cygheap_pwdgrp::get_shell): Ditto.
|
||||||
|
(cygheap_pwdgrp::get_gecos): Ditto.
|
||||||
|
* ldap.cc (cyg_ldap::open): Use NO_ERROR instead of 0.
|
||||||
|
(cyg_ldap::close): Reset last_fetched_sid.
|
||||||
|
(cyg_ldap::fetch_ad_account): Return immediately if sid is the same as
|
||||||
|
last_fetched_sid. Open LDAP connection from here. Move initialization
|
||||||
|
of rdse after open call. Set last_fetched_sid if LDAP call was
|
||||||
|
successful.
|
||||||
|
* ldap.h (class cyg_ldap): Add member last_fetched_sid.
|
||||||
|
(cyg_ldap::cyg_ldap): Initialize last_fetched_sid.
|
||||||
|
(cyg_ldap::is_open): New inline method.
|
||||||
|
* uinfo.cc (cygheap_pwdgrp::init): Drop initialization of db_home,
|
||||||
|
db_shell and db_gecos with "cygwin desc", thus only using the fallback
|
||||||
|
by default.
|
||||||
|
(fetch_windows_home): Add parameter dnsdomain. Call
|
||||||
|
cyg_ldap::fetch_ad_account if required.
|
||||||
|
(fetch_from_path): Add parameter dnsdomain. Call fetch_windows_home
|
||||||
|
accordingly.
|
||||||
|
(cygheap_pwdgrp::get_home): Accomodate call to fetch_windows_home.
|
||||||
|
Add dnsdomain parameter in ldap-related method. Call
|
||||||
|
cyg_ldap::fetch_ad_account if required.
|
||||||
|
(cygheap_pwdgrp::get_shell): Ditto.
|
||||||
|
(cygheap_pwdgrp::get_gecos): Ditto.
|
||||||
|
(pwdgrp::fetch_account_from_windows): Drop cyg_ldap::open call prior to
|
||||||
|
cyg_ldap::fetch_ad_account call. Set is_current_user to true if we're
|
||||||
|
handling the current user account. Make sure to perform the LDAP calls
|
||||||
|
only for users, and only if required.
|
||||||
|
|
||||||
2015-02-11 Corinna Vinschen <corinna@vinschen.de>
|
2015-02-11 Corinna Vinschen <corinna@vinschen.de>
|
||||||
|
|
||||||
* flock.cc (fhandler_base::lock): Convert accidental system_printf to
|
* flock.cc (fhandler_base::lock): Convert accidental system_printf to
|
||||||
|
@@ -470,18 +470,18 @@ public:
|
|||||||
inline bool nss_cygserver_caching () const { return caching; }
|
inline bool nss_cygserver_caching () const { return caching; }
|
||||||
inline void nss_disable_cygserver_caching () { caching = false; }
|
inline void nss_disable_cygserver_caching () { caching = false; }
|
||||||
|
|
||||||
char *get_home (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom, PCWSTR name,
|
char *get_home (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom, PCWSTR dnsdomain,
|
||||||
bool fq);
|
PCWSTR name, bool fq);
|
||||||
char *get_home (struct _USER_INFO_3 *ui, cygpsid &sid, PCWSTR dom,
|
char *get_home (struct _USER_INFO_3 *ui, cygpsid &sid, PCWSTR dom,
|
||||||
PCWSTR name, bool fq);
|
PCWSTR name, bool fq);
|
||||||
|
|
||||||
char *get_shell (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom, PCWSTR name,
|
char *get_shell (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom, PCWSTR dnsdomain,
|
||||||
bool fq);
|
PCWSTR name, bool fq);
|
||||||
char *get_shell (struct _USER_INFO_3 *ui, cygpsid &sid, PCWSTR dom,
|
char *get_shell (struct _USER_INFO_3 *ui, cygpsid &sid, PCWSTR dom,
|
||||||
PCWSTR name, bool fq);
|
PCWSTR name, bool fq);
|
||||||
|
|
||||||
char *get_gecos (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom, PCWSTR name,
|
char *get_gecos (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom, PCWSTR dnsdomain,
|
||||||
bool fq);
|
PCWSTR name, bool fq);
|
||||||
char *get_gecos (struct _USER_INFO_3 *ui, cygpsid &sid, PCWSTR dom,
|
char *get_gecos (struct _USER_INFO_3 *ui, cygpsid &sid, PCWSTR dom,
|
||||||
PCWSTR name, bool fq);
|
PCWSTR name, bool fq);
|
||||||
|
|
||||||
|
@@ -1,6 +1,6 @@
|
|||||||
/* ldap.cc: Helper functions for ldap access to Active Directory.
|
/* ldap.cc: Helper functions for ldap access to Active Directory.
|
||||||
|
|
||||||
Copyright 2014 Red Hat, Inc.
|
Copyright 2014, 2015 Red Hat, Inc.
|
||||||
|
|
||||||
This file is part of Cygwin.
|
This file is part of Cygwin.
|
||||||
|
|
||||||
@@ -312,11 +312,11 @@ cyg_ldap::next_page ()
|
|||||||
int
|
int
|
||||||
cyg_ldap::open (PCWSTR domain)
|
cyg_ldap::open (PCWSTR domain)
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = NO_ERROR;
|
||||||
|
|
||||||
/* Already open? */
|
/* Already open? */
|
||||||
if (lh)
|
if (lh)
|
||||||
return 0;
|
return NO_ERROR;
|
||||||
|
|
||||||
if ((ret = connect (domain)) != NO_ERROR)
|
if ((ret = connect (domain)) != NO_ERROR)
|
||||||
goto err;
|
goto err;
|
||||||
@@ -351,7 +351,7 @@ cyg_ldap::open (PCWSTR domain)
|
|||||||
val = NULL;
|
val = NULL;
|
||||||
ldap_msgfree (msg);
|
ldap_msgfree (msg);
|
||||||
msg = entry = NULL;
|
msg = entry = NULL;
|
||||||
return 0;
|
return NO_ERROR;
|
||||||
err:
|
err:
|
||||||
close ();
|
close ();
|
||||||
return ret;
|
return ret;
|
||||||
@@ -378,17 +378,24 @@ cyg_ldap::close ()
|
|||||||
rootdse = NULL;
|
rootdse = NULL;
|
||||||
srch_id = NULL;
|
srch_id = NULL;
|
||||||
srch_msg = srch_entry = NULL;
|
srch_msg = srch_entry = NULL;
|
||||||
|
last_fetched_sid = NO_SID;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool
|
bool
|
||||||
cyg_ldap::fetch_ad_account (PSID sid, bool group, PCWSTR domain)
|
cyg_ldap::fetch_ad_account (PSID sid, bool group, PCWSTR domain)
|
||||||
{
|
{
|
||||||
WCHAR filter[140], *f, *rdse = rootdse;
|
WCHAR filter[140], *f, *rdse = NULL;
|
||||||
LONG len = (LONG) RtlLengthSid (sid);
|
LONG len = (LONG) RtlLengthSid (sid);
|
||||||
PBYTE s = (PBYTE) sid;
|
PBYTE s = (PBYTE) sid;
|
||||||
static WCHAR hex_wchars[] = L"0123456789abcdef";
|
static WCHAR hex_wchars[] = L"0123456789abcdef";
|
||||||
tmp_pathbuf tp;
|
tmp_pathbuf tp;
|
||||||
|
|
||||||
|
if (last_fetched_sid == sid)
|
||||||
|
return true;
|
||||||
|
|
||||||
|
if (open (NULL) != NO_ERROR)
|
||||||
|
return false;
|
||||||
|
|
||||||
if (msg)
|
if (msg)
|
||||||
{
|
{
|
||||||
ldap_msgfree (msg);
|
ldap_msgfree (msg);
|
||||||
@@ -426,6 +433,11 @@ cyg_ldap::fetch_ad_account (PSID sid, bool group, PCWSTR domain)
|
|||||||
r = wcpcpy (r, domain);
|
r = wcpcpy (r, domain);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* rootdse is only valid after open. */
|
||||||
|
rdse = rootdse;
|
||||||
|
}
|
||||||
if (!user_attr)
|
if (!user_attr)
|
||||||
cygheap->pg.init_ldap_user_attr ();
|
cygheap->pg.init_ldap_user_attr ();
|
||||||
attr = group ? group_attr : user_attr;
|
attr = group ? group_attr : user_attr;
|
||||||
@@ -436,6 +448,7 @@ cyg_ldap::fetch_ad_account (PSID sid, bool group, PCWSTR domain)
|
|||||||
debug_printf ("No entry for %W in rootdse %W", filter, rdse);
|
debug_printf ("No entry for %W in rootdse %W", filter, rdse);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
last_fetched_sid = sid;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@@ -1,6 +1,6 @@
|
|||||||
/* ldap.h.
|
/* ldap.h.
|
||||||
|
|
||||||
Copyright 2014 Red Hat, Inc.
|
Copyright 2014, 2015 Red Hat, Inc.
|
||||||
|
|
||||||
This file is part of Cygwin.
|
This file is part of Cygwin.
|
||||||
|
|
||||||
@@ -32,6 +32,7 @@ class cyg_ldap {
|
|||||||
bool isAD;
|
bool isAD;
|
||||||
PLDAPSearch srch_id;
|
PLDAPSearch srch_id;
|
||||||
PLDAPMessage srch_msg, srch_entry;
|
PLDAPMessage srch_msg, srch_entry;
|
||||||
|
cygsid last_fetched_sid;
|
||||||
|
|
||||||
inline int map_ldaperr_to_errno (ULONG lerr);
|
inline int map_ldaperr_to_errno (ULONG lerr);
|
||||||
inline int wait (cygthread *thr);
|
inline int wait (cygthread *thr);
|
||||||
@@ -45,7 +46,8 @@ class cyg_ldap {
|
|||||||
|
|
||||||
public:
|
public:
|
||||||
cyg_ldap () : lh (NULL), rootdse (NULL), msg (NULL), entry (NULL), val (NULL),
|
cyg_ldap () : lh (NULL), rootdse (NULL), msg (NULL), entry (NULL), val (NULL),
|
||||||
isAD (false), srch_id (NULL), srch_msg (NULL), srch_entry (NULL)
|
isAD (false), srch_id (NULL), srch_msg (NULL),
|
||||||
|
srch_entry (NULL), last_fetched_sid (NO_SID)
|
||||||
{}
|
{}
|
||||||
~cyg_ldap () { close (); }
|
~cyg_ldap () { close (); }
|
||||||
|
|
||||||
@@ -54,6 +56,7 @@ public:
|
|||||||
ULONG search_s (PWCHAR base, PWCHAR filter, PWCHAR *attrs);
|
ULONG search_s (PWCHAR base, PWCHAR filter, PWCHAR *attrs);
|
||||||
ULONG next_page_s ();
|
ULONG next_page_s ();
|
||||||
|
|
||||||
|
bool is_open () const { return !!lh; }
|
||||||
operator PLDAP () const { return lh; }
|
operator PLDAP () const { return lh; }
|
||||||
int open (PCWSTR in_domain);
|
int open (PCWSTR in_domain);
|
||||||
void close ();
|
void close ();
|
||||||
|
@@ -604,12 +604,14 @@ cygheap_pwdgrp::init ()
|
|||||||
grp_src = (NSS_SRC_FILES | NSS_SRC_DB);
|
grp_src = (NSS_SRC_FILES | NSS_SRC_DB);
|
||||||
prefix = NSS_PFX_AUTO;
|
prefix = NSS_PFX_AUTO;
|
||||||
separator[0] = L'+';
|
separator[0] = L'+';
|
||||||
|
#if 0
|
||||||
home_scheme[0].method = NSS_SCHEME_CYGWIN;
|
home_scheme[0].method = NSS_SCHEME_CYGWIN;
|
||||||
home_scheme[1].method = NSS_SCHEME_DESC;
|
home_scheme[1].method = NSS_SCHEME_DESC;
|
||||||
shell_scheme[0].method = NSS_SCHEME_CYGWIN;
|
shell_scheme[0].method = NSS_SCHEME_CYGWIN;
|
||||||
shell_scheme[1].method = NSS_SCHEME_DESC;
|
shell_scheme[1].method = NSS_SCHEME_DESC;
|
||||||
gecos_scheme[0].method = NSS_SCHEME_CYGWIN;
|
gecos_scheme[0].method = NSS_SCHEME_CYGWIN;
|
||||||
gecos_scheme[1].method = NSS_SCHEME_DESC;
|
gecos_scheme[1].method = NSS_SCHEME_DESC;
|
||||||
|
#endif
|
||||||
enums = (ENUM_CACHE | ENUM_BUILTIN);
|
enums = (ENUM_CACHE | ENUM_BUILTIN);
|
||||||
enum_tdoms = NULL;
|
enum_tdoms = NULL;
|
||||||
caching = true; /* INTERNAL ONLY */
|
caching = true; /* INTERNAL ONLY */
|
||||||
@@ -815,13 +817,16 @@ cygheap_pwdgrp::nss_init_line (const char *line)
|
|||||||
}
|
}
|
||||||
|
|
||||||
static char *
|
static char *
|
||||||
fetch_windows_home (cyg_ldap *pldap, PUSER_INFO_3 ui, cygpsid &sid)
|
fetch_windows_home (cyg_ldap *pldap, PUSER_INFO_3 ui, cygpsid &sid,
|
||||||
|
PCWSTR dnsdomain)
|
||||||
{
|
{
|
||||||
PCWSTR home_from_db = NULL;
|
PCWSTR home_from_db = NULL;
|
||||||
char *home = NULL;
|
char *home = NULL;
|
||||||
|
|
||||||
if (pldap)
|
if (pldap)
|
||||||
{
|
{
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
#if 0
|
#if 0
|
||||||
/* Disable preferring homeDrive for now. The drive letter may not
|
/* Disable preferring homeDrive for now. The drive letter may not
|
||||||
be available when it's needed. */
|
be available when it's needed. */
|
||||||
@@ -830,6 +835,7 @@ fetch_windows_home (cyg_ldap *pldap, PUSER_INFO_3 ui, cygpsid &sid)
|
|||||||
#endif
|
#endif
|
||||||
home_from_db = pldap->get_string_attribute (L"homeDirectory");
|
home_from_db = pldap->get_string_attribute (L"homeDirectory");
|
||||||
}
|
}
|
||||||
|
}
|
||||||
else if (ui)
|
else if (ui)
|
||||||
{
|
{
|
||||||
#if 0
|
#if 0
|
||||||
@@ -902,8 +908,8 @@ fetch_from_description (PCWSTR desc, PCWSTR search, size_t len)
|
|||||||
}
|
}
|
||||||
|
|
||||||
static char *
|
static char *
|
||||||
fetch_from_path (cyg_ldap *pldap, PUSER_INFO_3 ui, cygpsid &sid,
|
fetch_from_path (cyg_ldap *pldap, PUSER_INFO_3 ui, cygpsid &sid, PCWSTR str,
|
||||||
PCWSTR str, PCWSTR dom, PCWSTR name, bool full_qualified)
|
PCWSTR dom, PCWSTR dnsdomain, PCWSTR name, bool full_qualified)
|
||||||
{
|
{
|
||||||
tmp_pathbuf tp;
|
tmp_pathbuf tp;
|
||||||
PWCHAR wpath = tp.w_get ();
|
PWCHAR wpath = tp.w_get ();
|
||||||
@@ -936,7 +942,7 @@ fetch_from_path (cyg_ldap *pldap, PUSER_INFO_3 ui, cygpsid &sid,
|
|||||||
w = wcpncpy (w, dom, we - w);
|
w = wcpncpy (w, dom, we - w);
|
||||||
break;
|
break;
|
||||||
case L'H':
|
case L'H':
|
||||||
home = fetch_windows_home (pldap, ui, sid);
|
home = fetch_windows_home (pldap, ui, sid, dnsdomain);
|
||||||
if (home)
|
if (home)
|
||||||
{
|
{
|
||||||
/* Drop one leading slash to accommodate home being an
|
/* Drop one leading slash to accommodate home being an
|
||||||
@@ -965,7 +971,7 @@ fetch_from_path (cyg_ldap *pldap, PUSER_INFO_3 ui, cygpsid &sid,
|
|||||||
|
|
||||||
char *
|
char *
|
||||||
cygheap_pwdgrp::get_home (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom,
|
cygheap_pwdgrp::get_home (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom,
|
||||||
PCWSTR name, bool full_qualified)
|
PCWSTR dnsdomain, PCWSTR name, bool full_qualified)
|
||||||
{
|
{
|
||||||
PWCHAR val;
|
PWCHAR val;
|
||||||
char *home = NULL;
|
char *home = NULL;
|
||||||
@@ -977,36 +983,50 @@ cygheap_pwdgrp::get_home (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom,
|
|||||||
case NSS_SCHEME_FALLBACK:
|
case NSS_SCHEME_FALLBACK:
|
||||||
return NULL;
|
return NULL;
|
||||||
case NSS_SCHEME_WINDOWS:
|
case NSS_SCHEME_WINDOWS:
|
||||||
home = fetch_windows_home (pldap, NULL, sid);
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
home = fetch_windows_home (pldap, NULL, sid, dnsdomain);
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_CYGWIN:
|
case NSS_SCHEME_CYGWIN:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (L"cygwinHome");
|
val = pldap->get_string_attribute (L"cygwinHome");
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
sys_wcstombs_alloc (&home, HEAP_NOTHEAP, val);
|
sys_wcstombs_alloc (&home, HEAP_NOTHEAP, val);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_UNIX:
|
case NSS_SCHEME_UNIX:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (L"unixHomeDirectory");
|
val = pldap->get_string_attribute (L"unixHomeDirectory");
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
sys_wcstombs_alloc (&home, HEAP_NOTHEAP, val);
|
sys_wcstombs_alloc (&home, HEAP_NOTHEAP, val);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_DESC:
|
case NSS_SCHEME_DESC:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (L"description");
|
val = pldap->get_string_attribute (L"description");
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
home = fetch_from_description (val, L"home=\"", 6);
|
home = fetch_from_description (val, L"home=\"", 6);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_PATH:
|
case NSS_SCHEME_PATH:
|
||||||
home = fetch_from_path (pldap, NULL, sid, home_scheme[idx].attrib,
|
home = fetch_from_path (pldap, NULL, sid, home_scheme[idx].attrib,
|
||||||
dom, name, full_qualified);
|
dom, dnsdomain, name, full_qualified);
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_FREEATTR:
|
case NSS_SCHEME_FREEATTR:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (home_scheme[idx].attrib);
|
val = pldap->get_string_attribute (home_scheme[idx].attrib);
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
{
|
{
|
||||||
if (isdrive (val) || *val == '\\')
|
if (isdrive (val) || *val == '\\')
|
||||||
home = (char *) cygwin_create_path (CCP_WIN_W_TO_POSIX, val);
|
home = (char *)
|
||||||
|
cygwin_create_path (CCP_WIN_W_TO_POSIX, val);
|
||||||
else
|
else
|
||||||
sys_wcstombs_alloc (&home, HEAP_NOTHEAP, val);
|
sys_wcstombs_alloc (&home, HEAP_NOTHEAP, val);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1026,7 +1046,7 @@ cygheap_pwdgrp::get_home (PUSER_INFO_3 ui, cygpsid &sid, PCWSTR dom,
|
|||||||
case NSS_SCHEME_FALLBACK:
|
case NSS_SCHEME_FALLBACK:
|
||||||
return NULL;
|
return NULL;
|
||||||
case NSS_SCHEME_WINDOWS:
|
case NSS_SCHEME_WINDOWS:
|
||||||
home = fetch_windows_home (NULL, ui, sid);
|
home = fetch_windows_home (NULL, ui, sid, NULL);
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_CYGWIN:
|
case NSS_SCHEME_CYGWIN:
|
||||||
case NSS_SCHEME_UNIX:
|
case NSS_SCHEME_UNIX:
|
||||||
@@ -1037,7 +1057,7 @@ cygheap_pwdgrp::get_home (PUSER_INFO_3 ui, cygpsid &sid, PCWSTR dom,
|
|||||||
break;
|
break;
|
||||||
case NSS_SCHEME_PATH:
|
case NSS_SCHEME_PATH:
|
||||||
home = fetch_from_path (NULL, ui, sid, home_scheme[idx].attrib,
|
home = fetch_from_path (NULL, ui, sid, home_scheme[idx].attrib,
|
||||||
dom, name, full_qualified);
|
dom, NULL, name, full_qualified);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1046,7 +1066,7 @@ cygheap_pwdgrp::get_home (PUSER_INFO_3 ui, cygpsid &sid, PCWSTR dom,
|
|||||||
|
|
||||||
char *
|
char *
|
||||||
cygheap_pwdgrp::get_shell (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom,
|
cygheap_pwdgrp::get_shell (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom,
|
||||||
PCWSTR name, bool full_qualified)
|
PCWSTR dnsdomain, PCWSTR name, bool full_qualified)
|
||||||
{
|
{
|
||||||
PWCHAR val;
|
PWCHAR val;
|
||||||
char *shell = NULL;
|
char *shell = NULL;
|
||||||
@@ -1060,33 +1080,46 @@ cygheap_pwdgrp::get_shell (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom,
|
|||||||
case NSS_SCHEME_WINDOWS:
|
case NSS_SCHEME_WINDOWS:
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_CYGWIN:
|
case NSS_SCHEME_CYGWIN:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (L"cygwinShell");
|
val = pldap->get_string_attribute (L"cygwinShell");
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
sys_wcstombs_alloc (&shell, HEAP_NOTHEAP, val);
|
sys_wcstombs_alloc (&shell, HEAP_NOTHEAP, val);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_UNIX:
|
case NSS_SCHEME_UNIX:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (L"loginShell");
|
val = pldap->get_string_attribute (L"loginShell");
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
sys_wcstombs_alloc (&shell, HEAP_NOTHEAP, val);
|
sys_wcstombs_alloc (&shell, HEAP_NOTHEAP, val);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_DESC:
|
case NSS_SCHEME_DESC:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (L"description");
|
val = pldap->get_string_attribute (L"description");
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
shell = fetch_from_description (val, L"shell=\"", 7);
|
shell = fetch_from_description (val, L"shell=\"", 7);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_PATH:
|
case NSS_SCHEME_PATH:
|
||||||
shell = fetch_from_path (pldap, NULL, sid, shell_scheme[idx].attrib,
|
shell = fetch_from_path (pldap, NULL, sid, shell_scheme[idx].attrib,
|
||||||
dom, name, full_qualified);
|
dom, dnsdomain, name, full_qualified);
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_FREEATTR:
|
case NSS_SCHEME_FREEATTR:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (shell_scheme[idx].attrib);
|
val = pldap->get_string_attribute (shell_scheme[idx].attrib);
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
{
|
{
|
||||||
if (isdrive (val) || *val == '\\')
|
if (isdrive (val) || *val == '\\')
|
||||||
shell = (char *) cygwin_create_path (CCP_WIN_W_TO_POSIX, val);
|
shell = (char *)
|
||||||
|
cygwin_create_path (CCP_WIN_W_TO_POSIX, val);
|
||||||
else
|
else
|
||||||
sys_wcstombs_alloc (&shell, HEAP_NOTHEAP, val);
|
sys_wcstombs_alloc (&shell, HEAP_NOTHEAP, val);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1115,7 +1148,7 @@ cygheap_pwdgrp::get_shell (PUSER_INFO_3 ui, cygpsid &sid, PCWSTR dom,
|
|||||||
break;
|
break;
|
||||||
case NSS_SCHEME_PATH:
|
case NSS_SCHEME_PATH:
|
||||||
shell = fetch_from_path (NULL, ui, sid, shell_scheme[idx].attrib,
|
shell = fetch_from_path (NULL, ui, sid, shell_scheme[idx].attrib,
|
||||||
dom, name, full_qualified);
|
dom, NULL, name, full_qualified);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1133,7 +1166,7 @@ colon_to_semicolon (char *str)
|
|||||||
|
|
||||||
char *
|
char *
|
||||||
cygheap_pwdgrp::get_gecos (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom,
|
cygheap_pwdgrp::get_gecos (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom,
|
||||||
PCWSTR name, bool full_qualified)
|
PCWSTR dnsdomain, PCWSTR name, bool full_qualified)
|
||||||
{
|
{
|
||||||
PWCHAR val;
|
PWCHAR val;
|
||||||
char *gecos = NULL;
|
char *gecos = NULL;
|
||||||
@@ -1145,34 +1178,49 @@ cygheap_pwdgrp::get_gecos (cyg_ldap *pldap, cygpsid &sid, PCWSTR dom,
|
|||||||
case NSS_SCHEME_FALLBACK:
|
case NSS_SCHEME_FALLBACK:
|
||||||
return NULL;
|
return NULL;
|
||||||
case NSS_SCHEME_WINDOWS:
|
case NSS_SCHEME_WINDOWS:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (L"displayName");
|
val = pldap->get_string_attribute (L"displayName");
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
sys_wcstombs_alloc (&gecos, HEAP_NOTHEAP, val);
|
sys_wcstombs_alloc (&gecos, HEAP_NOTHEAP, val);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_CYGWIN:
|
case NSS_SCHEME_CYGWIN:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (L"cygwinGecos");
|
val = pldap->get_string_attribute (L"cygwinGecos");
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
sys_wcstombs_alloc (&gecos, HEAP_NOTHEAP, val);
|
sys_wcstombs_alloc (&gecos, HEAP_NOTHEAP, val);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_UNIX:
|
case NSS_SCHEME_UNIX:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (L"gecos");
|
val = pldap->get_string_attribute (L"gecos");
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
sys_wcstombs_alloc (&gecos, HEAP_NOTHEAP, val);
|
sys_wcstombs_alloc (&gecos, HEAP_NOTHEAP, val);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_DESC:
|
case NSS_SCHEME_DESC:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (L"description");
|
val = pldap->get_string_attribute (L"description");
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
gecos = fetch_from_description (val, L"gecos=\"", 7);
|
gecos = fetch_from_description (val, L"gecos=\"", 7);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_PATH:
|
case NSS_SCHEME_PATH:
|
||||||
gecos = fetch_from_path (pldap, NULL, sid,
|
gecos = fetch_from_path (pldap, NULL, sid,
|
||||||
gecos_scheme[idx].attrib + 1,
|
gecos_scheme[idx].attrib + 1,
|
||||||
dom, name, full_qualified);
|
dom, dnsdomain, name, full_qualified);
|
||||||
break;
|
break;
|
||||||
case NSS_SCHEME_FREEATTR:
|
case NSS_SCHEME_FREEATTR:
|
||||||
|
if (pldap->fetch_ad_account (sid, false, dnsdomain))
|
||||||
|
{
|
||||||
val = pldap->get_string_attribute (gecos_scheme[idx].attrib);
|
val = pldap->get_string_attribute (gecos_scheme[idx].attrib);
|
||||||
if (val && *val)
|
if (val && *val)
|
||||||
sys_wcstombs_alloc (&gecos, HEAP_NOTHEAP, val);
|
sys_wcstombs_alloc (&gecos, HEAP_NOTHEAP, val);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1206,7 +1254,7 @@ cygheap_pwdgrp::get_gecos (PUSER_INFO_3 ui, cygpsid &sid, PCWSTR dom,
|
|||||||
break;
|
break;
|
||||||
case NSS_SCHEME_PATH:
|
case NSS_SCHEME_PATH:
|
||||||
gecos = fetch_from_path (NULL, ui, sid, gecos_scheme[idx].attrib + 1,
|
gecos = fetch_from_path (NULL, ui, sid, gecos_scheme[idx].attrib + 1,
|
||||||
dom, name, full_qualified);
|
dom, NULL, name, full_qualified);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1676,6 +1724,7 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
|
|||||||
gid_t gid = ILLEGAL_GID;
|
gid_t gid = ILLEGAL_GID;
|
||||||
bool is_domain_account = true;
|
bool is_domain_account = true;
|
||||||
PCWSTR domain = NULL;
|
PCWSTR domain = NULL;
|
||||||
|
bool is_current_user = false;
|
||||||
char *shell = NULL;
|
char *shell = NULL;
|
||||||
char *home = NULL;
|
char *home = NULL;
|
||||||
char *gecos = NULL;
|
char *gecos = NULL;
|
||||||
@@ -1708,8 +1757,7 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
|
|||||||
DC for some weird reason. Use LDAP instead. */
|
DC for some weird reason. Use LDAP instead. */
|
||||||
PWCHAR val;
|
PWCHAR val;
|
||||||
|
|
||||||
if (cldap->open (NULL) == NO_ERROR
|
if (cldap->fetch_ad_account (sid, true)
|
||||||
&& cldap->fetch_ad_account (sid, is_group ())
|
|
||||||
&& (val = cldap->get_group_name ()))
|
&& (val = cldap->get_group_name ()))
|
||||||
{
|
{
|
||||||
wcpcpy (name, val);
|
wcpcpy (name, val);
|
||||||
@@ -2069,35 +2117,39 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
|
|||||||
the educated guess that the user is in group "Domain Users"
|
the educated guess that the user is in group "Domain Users"
|
||||||
or "None". */
|
or "None". */
|
||||||
if (sid == cygheap->user.sid ())
|
if (sid == cygheap->user.sid ())
|
||||||
|
{
|
||||||
|
is_current_user = true;
|
||||||
gid = posix_offset
|
gid = posix_offset
|
||||||
+ sid_sub_auth_rid (cygheap->user.groups.pgsid);
|
+ sid_sub_auth_rid (cygheap->user.groups.pgsid);
|
||||||
|
}
|
||||||
else
|
else
|
||||||
gid = posix_offset + DOMAIN_GROUP_RID_USERS;
|
gid = posix_offset + DOMAIN_GROUP_RID_USERS;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (is_domain_account)
|
if (is_domain_account)
|
||||||
{
|
{
|
||||||
|
/* Skip this when creating group entries and for non-users. */
|
||||||
|
if (is_group() || acc_type != SidTypeUser)
|
||||||
|
break;
|
||||||
/* On AD machines, use LDAP to fetch domain account infos. */
|
/* On AD machines, use LDAP to fetch domain account infos. */
|
||||||
if (cygheap->dom.primary_dns_name ())
|
if (cygheap->dom.primary_dns_name ())
|
||||||
{
|
{
|
||||||
if (cldap->open (NULL) != NO_ERROR)
|
/* For the current user we got the primary group from the
|
||||||
break;
|
user token. For any other user we fetch it from AD. */
|
||||||
if (cldap->fetch_ad_account (sid, is_group (), domain))
|
if (!is_current_user
|
||||||
{
|
&& cldap->fetch_ad_account (sid, false, domain)
|
||||||
if ((id_val = cldap->get_primary_gid ()) != ILLEGAL_GID)
|
&& (id_val = cldap->get_primary_gid ()) != ILLEGAL_GID)
|
||||||
gid = posix_offset + id_val;
|
gid = posix_offset + id_val;
|
||||||
if (!is_group ())
|
home = cygheap->pg.get_home (cldap, sid, dom, domain,
|
||||||
{
|
name, fully_qualified_name);
|
||||||
home = cygheap->pg.get_home (cldap, sid, dom, name,
|
shell = cygheap->pg.get_shell (cldap, sid, dom, domain,
|
||||||
|
name,
|
||||||
fully_qualified_name);
|
fully_qualified_name);
|
||||||
shell = cygheap->pg.get_shell (cldap, sid, dom, name,
|
gecos = cygheap->pg.get_gecos (cldap, sid, dom, domain,
|
||||||
fully_qualified_name);
|
name, fully_qualified_name);
|
||||||
gecos = cygheap->pg.get_gecos (cldap, sid, dom, name,
|
|
||||||
fully_qualified_name);
|
|
||||||
}
|
|
||||||
/* Check and, if necessary, add unix<->windows id mapping
|
/* Check and, if necessary, add unix<->windows id mapping
|
||||||
on the fly, unless we're called from getpwent. */
|
on the fly, unless we're called from getpwent. */
|
||||||
if (!pldap)
|
if (!pldap && cldap->is_open ())
|
||||||
{
|
{
|
||||||
id_val = cldap->get_unix_uid ();
|
id_val = cldap->get_unix_uid ();
|
||||||
if (id_val != ILLEGAL_UID
|
if (id_val != ILLEGAL_UID
|
||||||
@@ -2106,12 +2158,11 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
|
|||||||
cygheap->ugid_cache.add_uid (id_val, uid);
|
cygheap->ugid_cache.add_uid (id_val, uid);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
/* If primary_dns_name() is empty, we're likely running under an
|
/* If primary_dns_name() is empty, we're likely running under an
|
||||||
NT4 domain, so we can't use LDAP. For user accounts fall back
|
NT4 domain, so we can't use LDAP. For user accounts fall back
|
||||||
to NetUserGetInfo. This isn't overly fast, but keep in mind
|
to NetUserGetInfo. This isn't overly fast, but keep in mind
|
||||||
that NT4 domains are mostly replaced by AD these days. */
|
that NT4 domains are mostly replaced by AD these days. */
|
||||||
else if (!is_group () && acc_type == SidTypeUser)
|
else
|
||||||
{
|
{
|
||||||
WCHAR server[INTERNET_MAX_HOST_NAME_LENGTH + 3];
|
WCHAR server[INTERNET_MAX_HOST_NAME_LENGTH + 3];
|
||||||
NET_API_STATUS nas;
|
NET_API_STATUS nas;
|
||||||
|
Reference in New Issue
Block a user