(CYG_LDAP_ENUM_TIMEOUT): New timeout value for enumeration only. Set
to 60 secs.
(CYG_LDAP_ENUM_PAGESIZE): Define as number of entries per single
search page. Set to 100. Use throughout.
(def_tv): Rename from tv. Use throughout.
(enum_tv): New variable. Use in call to ldap_get_next_page_s.
for now. Use throughout.
* uinfo.cc (colon_to_semicolon): New local function.
(pwdgrp::fetch_account_from_windows): Convert all colons in AD gecos
entry to commas.
(ldap_msgfree): Import.
* ldap.cc: Throughout, use ldap_msgfree to free LDAPMessage memory,
rather than ldap_memfreeW.
(cyg_ldap::next_account): Immediately abandon search when quiting from
search.
(ldap_count_entries): Import.
(ldap_get_next_page_s): Import.
(ldap_result): Remove.
(ldap_searchW): Remove.
(ldap_search_abandon_page): Import.
(ldap_search_init_pageW): Import.
* ldap.cc (cyg_ldap::close): Use ldap_search_abandon_page to abandon
search. Reset srch_id, srch_msg and srch_entry.
(cyg_ldap::enumerate_ad_accounts): Use paged search to overcome server
side search result set restriction.
(cyg_ldap::next_account): Ditto.
* ldap.h (class cyg_ldap): Add members srch_id, srch_msg and srch_entry.
Remove member msg_id.
(cyg_ldap::cyg_ldap): Change initialization accordingly.
parameter. Convert into likely rootDSE string if not NULL, and use in
subsequent call to ldap_search_stW. Add comment to explain that this
is not the exactly correct solution.
* ldap.h (cyg_ldap::fetch_ad_account): Change prototype accordingly.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Always use loc_ldap
in call to fetch_posix_offset to make sure we're fetchoinmg the posix
offsets from *our* domain controller. Only set domain variable to
non-NULL if the account is from a trusted domain. Use domain in call
to cyg_ldap::fetch_ad_account.
(CID 60021).
* sec_auth.cc (cygwin_logon_user): Securely erase password copy.
(lsaprivkeyauth): Avoid trying to dereference data if no key is stored
in the registry (CID 60122). Securely erase passwords after usage.
from GetAdaptersAddresses (CID 60218).
(get_ifs): Add missing braces in AF_INET6 case which broke netmask
computation. Break out of loop if prefix gets <= 0 (CID 59939).
non-builtin accounts.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Check incoming
account name for validity in terms of the current name prefixing rules
and refuse invalid names.
gr_mem entries.
(getgrgid_r): Don't try to copy gr_mem entries. Always set gr_mem
to an empty list.
(getgrnam_r): Ditto.
(app_gr): New static struct to store group data propagated to the
calling application via getgrgid/getgrnam.
(getgr_cp): Fill app_gr and return pointer to app_gr.g.
(getgrgid32): Call getgr_cp.
(getgrnam32): Ditto.
* passwd.cc (pwdgrp::parse_passwd): Set res.len.
(app_pw): New static struct to store passwd data propagated to the
calling application via getpwuid/getpwnam.
(getpw_cp): Fill app_pw and return pointer to app_pw.p.
(getpwuid32): Cal getpw_cp.
(getpwnam): Ditto.
* pwdgrp.h (struct pg_pwd): Add len member.
(struct pg_grp): Ditto.
* sec_helper.cc (cygpsid::pstring): Use sid_sub_auth_count macro.
(cygsid::get_sid): Use MAX_SUBAUTH_CNT rather than wrong constant 8.
Don't call memcpy to copy subauthorities into SID, use assignment.
(cygsid::getfromstr): Use MAX_SUBAUTH_CNT rather than wrong constant 8.
* security.h (MAX_SUBAUTH_CNT): New definition. Set to 11 to cover
Microsoft Accounts.
(MAX_SID_LEN): Define in terms of SID member sizes and MAX_SUBAUTH_CNT.
(DBGSID): Use MAX_SUBAUTH_CNT to define size of SubAuthority array.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Handle Micosoft
Accounts. Handle them as well known group. Compare domain names
case-insensitive.
* winlean.h (PIPE_REJECT_REMOTE_CLIENTS): Drop temporary definition
since Mingw64 catched up.
(DNLEN): Redefine as 16. Explain why.
* fhandler.h (fhandler_console::save_top): Save top of screen coordinates.
* fhandler_console.cc (dev::save_restore): Record top of screen coordinates.
Clear entire buffer when restoring saved buffer and try to position the cursor
on the save relative place on the screen.
including the windows headers. Explain why.
(get_inet_addr): Convert ANY address to LOOPBACK address. Explain why.
(fhandler_socket::evaluate_events): Forcibly set SO_ERROR socket option
in case a connection attempt failed. Explain why.
(fhandler_socket::ioctl): Drop x86_64 re-definition of u_long here.
* fhandler_procnet.cc: On x86_64, define u_long as __ms_u_long before
including the windows headers. Explain why.
* net.cc: Ditto.
* ldap.h (LDAP_USER_NAME_ATTR): Remove. Change other attribute index
values as required.
(cyg_ldap::get_user_name): Remove inline function.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Remove code to handle
Cygwin username different from Windows username.
(pwdgrp::add_account_from_cygserver): Remove unnecessary cast.
path_conv <-> normalize_posix_path, plus a bit of buffer.
(TP_NUM_W_BUFS): Ditto.
(class san): Change type of _c_cnt and _w_cnt to unsigned.
* path.cc (normalize_posix_path): Guard recursion into path_conv
against tmp_pathbuf overflow. Generate normalized path in call to
path_conv. If the path is valid, replace dst with the normalized_path
from path_conv call. Add comment to explain why we're doing this.
* tls_pbuf.cc (tls_pathbuf::destroy): Only free buffers until the
first buffer pointer is NULL.
(tmp_pathbuf::c_get): Simplify error message.
(tmp_pathbuf::w_get): Ditto.
* tls_pbuf.h (class tmp_pathbuf): Change type of c_buf_old and w_buf_old
to unsigned.
(tmp_pathbuf::check_usage): New inline method to check if we have
enough tmp_pathbuf buffers left to call a function using tmp_pathbuf
buffers.
* tlsoffsets.h: Regenerate.
* tlsoffsets64.h: Regenerate.
whether or not to send signal_arrived.
* shm.cc (client_request_shm::client_request_shm): Call
ipc_set_proc_info with bool parameter set to true to not send
signal_arrived.
* exceptions.cc (_cygtls::signal_debugger): Reorganize to avoid contacting the
debugger if we have already done so via the exception handler. Eliminate need
for goto. Remove an ifdef in favor of just allocating a larger buffer.
* exception.h (exception_list): Typedef as void on x86_64.
(exception::handler_installed): Remove.
(exception::handle_while_being_debugged): Remove.
(exception::myfault_handle): Declare for x86_64.
(exception::handle): Declare as ordinary exception handler on x86_64
as well.
(exception::exception): Drop previous code (again). Install
exception::handle as SEH handler.
(exception::install_myfault_handler): New x86_64-only method to
install exception::myfault_handle as VEH handler. Explain why.
(exception::~exception): For x86_64, define frame end label (again).
* exceptions.cc (CYG_EXC_CONTINUE_EXECUTION): Drop definition.
(CYG_EXC_CONTINUE_SEARCH): Ditto.
(exception::myfault_handle): New x86_64-only method, VEH handler to
handle myfault exceptions.
(exception::handle): Define as ordinary exception handler on x86_64
as well. Use ExceptionContinueExecution and ExceptionContinueSearch
throughout instead of deleted Cygwin macros. Don't handle myfault
exceptions on x86_64.
(setjmp/x86_64): Drop storing ExceptionList pointer in jmp_buf->Frame.
Drop comment. Store likely frame in rdx. Jump to __setjmpex.
(__setjmpex): New function providing setjmp functionality. Fetch
jmp_buf->Frame from rdx, like MSVCRT setjmpex.
(__sjfault/x86_64): Store rdx content in jmp_buf->Frame.
(__ljfault/x86_64): Don't restore ExceptionList pointer.
(longjmp/x86_64): Ditto.
(fhandler_dev_dsp::close_audio_in): Make __reg1.
(fhandler_dev_dsp::close_audio_out): Make __reg2.
* fhandler_dev_dsp.cc (fhandler_dev_dsp::close_audio_in): Make __reg1.
(fhandler_dev_dsp::close_audio_out): Make __reg2.
(fhandler_dev_dsp::close): Don't abruptly terminate sound just because we are
exiting.
* sigproc.cc (thread_exit): Use no_thread_exit_protect to determine if we need
to coordinate ThreadExit/ExitProcess.
* fhandler_dsp.cc (fhandler_dev_dsp::Audio_out::stop): Use
no_thread_exit_protect to kludge around waiting for waveOutClose as it waits
for a thread that never exits.
(fhandler_dev_dsp::Audio_in::stop): Ditto for waveInClose.
* fhandler.h (fhandler_dev_dsp::base): New method.
(fhandler_dev_dsp::_read): Ditto.
(fhandler_dev_dsp::_write): Ditto.
(fhandler_dev_dsp::_ioctl): Ditto.
(fhandler_dev_dsp::_fixup_after_fork): Ditto.
(fhandler_dev_dsp::_fixup_after_exec): Ditto.
* fhandler_dsp.cc (fhandler_dev_dsp::read): Call real function via base()
pointer.
(fhandler_dev_dsp::write): Ditto.
(fhandler_dev_dsp::ioctl): Ditto.
(fhandler_dev_dsp::fixup_after_fork): Ditto.
(fhandler_dev_dsp::fixup_after_exec): Ditto.
(fhandler_dev_dsp::_read): Rename by adding an leading underscore.
(fhandler_dev_dsp::_write): Ditto.
(fhandler_dev_dsp::_ioctl): Ditto.
(fhandler_dev_dsp::_fixup_after_fork): Ditto.
(fhandler_dev_dsp::_fixup_after_exec): Ditto.
written row and, because of this, don't bother trying to restore the screen
buffer size. Set cursor position after refilling buffer.
(fhandler_console::write): Use absolute paths when saving/restoring cursor
position or suffer odd problems after a saved screen is restored.
(fhandler_console::dwCursorPosition): Ditto.
(fhandler_console::wAttributes): Ditto.
(fhandler_console::b): New field encompassing previously disparate screen
buffer info.
(fhandler_console::save_bufsize): Rename from savebufsiz
(fhandler_console::save_buf): Rename sfrom savebuf.
(fhandler_console::save_cursor): New field.
(fhandler_console::save_restore): New function.
(fhandler_console::con): Rename from dev_state.
(fhandler_console::focus_aware): Accommodate name change.
* fhandler_console.cc: Use 'b' field of dev_console throughout instead of
disparate names. Accommodate dev_state -> con rename.
(dev_state:save_restore): New function. Attempt to save the entire screen
buffer rather than just the visible part. Clear the buffer when saving, like
Linux.
(fhandler_console::char_command): Use con.save_restore() for Save/restore
screen sequence.
grp_builtins to array of cygpsid pointers. Replace SID strings with
pointers to well known SIDs.
* sec_helper.cc (well_known_local_service_sid): Define.
(well_known_network_service_sid): Define.
(trusted_installer_sid): Define.
* security.h (well_known_local_service_sid): Declare.
(well_known_network_service_sid): Declare.
(trusted_installer_sid): Declare.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Throughout set acc_type
to SidTypeUnknown if LookupAccountXXX function failed. Create
simplified passwd entry for non-user accounts, except for LocalSystem.
Add comment.
(cyg_ldap::open): Remove code to rediscover DC. It just won't do the
right thing.
(cyg_ldap::enumerate_ad_accounts): Change to be self-sufficient (no
explicit open call required). Enumerate on a DC of the domain itself
instead of relying on delegation. Remove ill-advised code trying to
generate rootdse from domain name.
* passwd.cc (pg_ent::enumerate_ad): Drop explicit call to
cyg_ldap::open.
__TM_ZONE being defined. Throughout, write to these struct tm members
only if CYGWIN_VERSION_CHECK_FOR_EXTRA_TM_MEMBERS is true.
* libc/strptime.cc: Ditto.
* include/cygwin/version.h (CYGWIN_VERSION_CHECK_FOR_EXTRA_TM_MEMBERS):
Define.
(CYGWIN_VERSION_API_MINOR): Bump to 272.
from get_sids_info here.
(get_sids_info): Vice versa.
* security.cc (convert_samba_sd): New static function to map a Samba
security descriptor to a security descriptor with UNIX users and groups
converted to Windows SIDs per RFC 2307 mapping.
(check_file_access): Call convert_samba_sd on Samba security
descriptors.
than PSID.
(cygheap_user::saved_sid): Ditto.
(cygheap_pwdgrp::cache_t): New type.
(cygheap_pwdgrp::caching): Convert to cache_t.
(cygheap_pwdgrp::nss_db_caching): Change accordingly.
(cygheap_pwdgrp::nss_db_full_caching): New inline method.
* grp.cc (internal_getgroups): Reinvent. Take cyg_ldap pointer as
third parameter and use throughout.
(getgroups32): Call internal_getgroups.
* pwdgrp.h (internal_getgroups): Declare.
* uinfo.cc (internal_getlogin): Partial rewrite to accommodate having
no connection to the DC. Give primary group from user token more
weight. Generate group entries for all groups in the user token if
caching is set to NSS_FULL_CACHING.
(cygheap_pwdgrp::init): Initialize caching to NSS_FULL_CACHING.
(cygheap_pwdgrp::nss_init_line): Handle "db_cache: full".
(pwdgrp::add_account_from_windows): Fix group handling in non-caching
mode.
(pwdgrp::fetch_account_from_windows): Default primary group for the
current user to primary group from user token. Check for primary
domain first after LookupAccountSid failed.
* external.cc (cygwin_internal): Call get_uid/get_gid instead of get_id.
* grp.cc (internal_getgrsid): Take additional cyg_ldap pointer.
Forward to pwdgrp::add_group_from_windows.
(internal_getgrnam): Ditto.
(internal_getgrgid): Ditto.
(gr_ent::enumerate_local): Drop ugid_caching bool from call to
pwdgrp::fetch_account_from_windows.
(getgroups32): Rename from internal_getgroups and drop getgroups32 stub.
Drop srchsid parameter and code handling it. Add local cyg_ldap
instance and forward to internal_getgrXXX.
(getgroups): Call getgroups32.
(get_groups): Add local cyg_ldap instance and forward to
internal_getgrXXX.
(getgrouplist): Ditto.
(setgroups32): Ditto.
* ldap.cc (cyg_ldap::open): Don't call close. Return true if connection
is already open.
(cyg_ldap::remap_uid): Forward this to internal_getpwsid.
(cyg_ldap::remap_gid): Forward this to internal_getgrsid.
* passwd.cc (internal_getpwsid): Take additional cyg_ldap pointer.
Forward to pwdgrp::add_user_from_windows.
(internal_getpwnam): Ditto.
(internal_getpwuid): Ditto.
(pg_ent::enumerate_builtin): Drop ugid_caching bool from call to
pwdgrp::fetch_account_from_windows.
(pg_ent::enumerate_sam): Ditto.
(pg_ent::enumerate_ad): Ditto. Forward local cldap instead.
* pwdgrp.h (internal_getpwsid): Align declaration to above change.
(internal_getpwnam): Ditto.
(internal_getpwuid): Ditto.
(internal_getgrsid): Ditto.
(internal_getgrgid): Ditto.
(internal_getgrnam): Ditto.
(internal_getgroups): Drop declaration.
(pwdgrp::add_account_from_windows): Align declaration to below change.
(pwdgrp::add_user_from_windows): Ditto.
(pwdgrp::add_group_from_windows): Ditto.
* sec_acl.cc (setacl): Add local cyg_ldap instance and forward to
internal_getpwuid and internal_getgrgid.
(getacl): Add local cyg_ldap instance and forward to cygpsid::get_id.
(aclfromtext32): Add local cyg_ldap instance and forward to
internal_getpwnam and internal_getgrnam.
* sec_helper.cc (cygpsid::get_id): Take additional cyg_ldap pointer.
Forward to internal_getgrsid and internal_getpwsid.
(get_sids_info): Drop ldap_open. Forward local cldap to
internal_getpwsid and internal_getgrXXX. Call CheckTokenMembership
rather than internal_getgroups.
* security.h (cygpsid::get_id): Add cyg_ldap pointer, drop default
parameter.
(cygpsid::get_uid): Add cyg_ldap pointer. Call get_id accordingly.
(cygpsid::get_gid): Ditto.
* uinfo.cc (internal_getlogin): Add local cyg_ldap instance and forward
to internal_getpwXXX and internal_getgrXXX calls.
(pwdgrp::add_account_from_windows): Take additional cyg_ldap pointer.
Forward to pwdgrp::fetch_account_from_windows.
(fetch_posix_offset): Drop ldap_open argument and handling. Get
cyg_ldap instance as pointer.
(pwdgrp::fetch_account_from_windows): Take additional cyg_ldap pointer.
Use it if it's not NULL, local instance otherwise. Drop ldap_open.
Drop fetching extended group arguments from AD for speed.
Corinna Vinschen
Christopher Faylor