Commit Graph

266 Commits

Author SHA1 Message Date
Corinna Vinschen 59b3bd2aa6 Only allow enabled groups as primary group
So far any group in the user's token could be used as primary group.
Windows doesn't check if the primary group is enabled or not, it just
has no meaning.  From a POSIXy point of view it can lead to weird
results though.

	* uinfo.cc (check_token_membership): New static function.
	(internal_getlogin): Only allow enabled groups as primary group.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-03-23 17:51:03 +01:00
Corinna Vinschen fc504453fd Use 64K buffers for TOKEN_GROUPS
A user token can be up to 64K in size.  Using 32K buffers for TOKEN_GROUPS
may be insufficient.

	* uinfo.cc (get_logon_sid): Use 64K buffers for the TOKEN_GROUPS
	array.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-03-23 17:42:04 +01:00
Corinna Vinschen 018fa93e2b Add cygsid methods to create SIDs from scratch
So far creating cygsids requires to generate an "S-1-..." string
which is then converted to a SID by cygsid::getfromstr.

Add two new methods:

- cygsid::create (DWORD auth, DWORD subauth_count, ...)

    ... is a variable length list of subauth_count DWORD values being
    the actual subauths.

- cygsid::append (DWORD rid)

    allows to append a single RID to an alreaday constituted SID.

	* security.h (cygsid::create): Declare public.
	(cygsid::append): Ditto.
	* sec_helper.cc (cygsid::create): Implement.
	(cygsid::append): Implement.
	* uinfo.cc (pwdgrp::fetch_account_from_windows): Use both new
	methods as appropriate.  Drop setting csid from string.  Create
	SID strings for printing SIDs only.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-03-12 16:39:19 +01:00
Corinna Vinschen e7414a317a Only generate BUILTIN SIDs for uid/gid values <= 999
* uinfo.cc (pwdgrp::fetch_account_from_windows): Only create 1-5-32-x
	SIDs from ids for x <= 999.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-11-29 21:21:35 +01:00
Corinna Vinschen ef75017378 Fix length returned from sys_cp_wcstombs in case nwc > # of wchars
* strfuncs.cc (sys_cp_wcstombs): Always return number of multibytes
	without trailing NUL as the documentation implies.  Throughout Cygwin,
	fix usage to align to this pattern.
	* fhandler_process.cc (format_process_winexename): Drop trailing NUL
	and LF from output.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-10-22 14:22:07 +02:00
Corinna Vinschen 1641a85e8f Revert to leaving $HOME alone
* uinfo.cc (cygheap_user::ontherange): Revert previous patch.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-08-10 12:00:12 +02:00
Corinna Vinschen 1e80973f28 Ignore non-absolute $HOME when started from native process
* uinfo.cc (cygheap_user::ontherange): Ignore $HOME if it's not
	starting with a slash (aka, absolute POSIX Path).

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-07-23 17:42:07 +02:00
Corinna Vinschen 5dc398f1d9 Fix broken SID in passwd/group entry for unkown account
* uinfo.cc (pwdgrp::fetch_account_from_windows): Always revert SID
        subauth count after checking for known domain.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-04-23 22:01:53 +02:00
Corinna Vinschen f0b38a8af6 Don't allow fully qualified Windows account names.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Don't allow fully
	qualified Windows account names (domain\user or user@domain).

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-04-23 21:57:09 +02:00
Corinna Vinschen d4f8c94a9b Try best to handle user from domain not in trusted domain list.
* cygheap.h (cygheap_domain_info::add_domain): Add prototype.
	* uinfo.cc (cygheap_domain_info::add_domain): New method.
	(pwdgrp::fetch_account_from_windows): Try to add domain explicitely
	if it was not in the original list of trusted domains and go ahead
	rather than bailing out.  Add comment to explain why.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-04-23 21:57:07 +02:00
Corinna Vinschen 6f93f1d6a5
Drop unused timeoput paramter to internal_getlogin
* grp.cc (internal_getgroups): Drop unused timeout parameter.
	* pwdgrp.h (internal_getgroups): Ditto in prototype.
	* uinfo.cc (internal_getlogin): Ditto in usage.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-03-17 15:42:59 +01:00
Corinna Vinschen 146200310f * uinfo.cc (pwdgrp::add_line): Return NULL if parsing a line failed.
(pwdgrp::add_account_post_fetch): Check return value from add_line and
	return NULL if add_line returns NULL.
2015-02-28 12:12:34 +00:00
Corinna Vinschen 211cb4df18 * uinfo.cc (pwdgrp::fetch_account_from_windows): Drop redundant test
for SidTypeUser.
2015-02-27 14:03:29 +00:00
Corinna Vinschen 06371539bd * sec_acl.cc (setacl): Fix bug which leads to ACE duplication in
case owner SID == group SID.
	(getacl): Reverse order of SID test against group or owner sid to
	prefer owner attributes over group attributes.  Disable setting group
	permissions equivalent to owner permissions if owner == group.  Add
	comment to explain why.  Fix indentation.
	* security.cc (get_attribute_from_acl): Change type of local variables
	containing permission to mode_t.  Apply deny mask to group if group SID
	== owner SID to avoid Everyone permissions to spill over into group
	permissions.  Disable setting group permissions equivalent to owner
	permissions if owner == group.  Add comment to explain why.
	* uinfo.cc (pwdgrp::fetch_account_from_windows): Allow user SID as
	group account if user is a "Microsoft Account".  Explain why.  Drop
	workaround enforcing primary group "Users" for "Microsoft Accounts".
2015-02-27 12:59:09 +00:00
Corinna Vinschen bc3116147b * uinfo.cc (client_request_pwdgrp::client_request_pwdgrp): Add missing
break in switch statement.
2015-02-25 08:44:54 +00:00
Corinna Vinschen ad8d295e7c * ldap.h: Remove index macros.
(class cyg_ldap): Remove members srch_msg and srch_entry.
	(cyg_ldap::get_string_attribute): Remove private method taking index
	argument.
	(cyg_ldap::get_num_attribute): Ditto.  Add method taking attribute name.
	(cyg_ldap::get_primary_gid): Adjust to aforementioned change.
	(cyg_ldap::get_unix_uid): Ditto.
	(cyg_ldap::get_unix_gid): Ditto.
	* ldap.cc: Throughout, use msg and entry in place of srch_msg and
	srch_entry.
	(std_user_attr): Add sAMAccountName and objectSid.
	(group_attr): Ditto.
	(cyg_ldap::close): Drop handling of srch_msg and srch_entry.
	(cyg_ldap::get_string_attribute): Move earlier in file.
	(cyg_ldap::get_num_attribute): Ditto.
	(cyg_ldap::enumerate_ad_accounts): Add comments for clarity.
	Use group_attr or user_attr rather than sid_attr to fetch all desired
	attributes for an account right away.
	(cyg_ldap::next_account): Store found SID in last_fetched_sid to
	skip calls to fetch_ad_account from fetch_account_from_windows.
	(cyg_ldap::get_string_attribute): Remove method taking index argument.
	(cyg_ldap::get_num_attribute): Ditto.
	* pwdgrp.h (class pg_ent): Fix formatting.  Add member dom.
	* passwd.cc (pg_ent::enumerate_ad): Store current flat domain name
	in dom.  Construct fetch_acc_t argument from LDAP attributes and
	call fetch_account_from_windows with that.
	* userinfo.h (enum fetch_user_arg_type_t): Rename FULL_grp_arg to
	FULL_acc_arg.  Change throughout.
	(struct fetch_acc_t): Rename from fetch_full_grp_t.  Change throughout.
	(struct fetch_user_arg_t): Rename full_grp to full_acc.  Change
	throughout.
2015-02-24 20:52:57 +00:00
Corinna Vinschen bef55bb5c3 * autoload.cc (LsaLookupSids): Import.
* cygserver_pwdgrp.h: Include userinfo.h.  Drop workaround defining
	fetch_user_arg_type_t locally.
	* grp.cc (internal_getgrsid_cachedonly): New function.
	(internal_getgrfull): Ditto.
	(internal_getgroups): Rearrange function.  Center around fetching all
	cached group info first, calling LsaLookupSids on all so far non-cached
	groups second.  Pass all available info to new internal_getgrfull call.
	* pwdgrp.h: Include userinfo.h.  Move definitions of
	fetch_user_arg_type_t and fetch_user_arg_t there.
	(pwdgrp::add_group_from_windows): Declare with getting full group info.
	Called from internal_getgrfull.
	* uinfo.cc (pwdgrp::add_group_from_windows): Define.
	(pwdgrp::fetch_account_from_line): Add default case.
	(pwdgrp::fetch_account_from_file): Ditto.
	(pwdgrp::fetch_account_from_windows): Handle FULL_grp_arg.
	(client_request_pwdgrp::client_request_pwdgrp): Add default case.
	* userinfo.h: New header.
	(enum fetch_user_arg_type_t): Add FULL_grp_arg.
	(struct fetch_full_grp_t): New datatype.
2015-02-23 20:51:12 +00:00
Corinna Vinschen d6f62a1178 * grp.cc (internal_getgroups): Take additional timeout_ns parameter.
Restrict fetching group account entries from user token groups by
	timeout_ns 100ns-intervals.  Add preceding comment to explain why.
	* pwdgrp.h (internal_getgroups): Align prototype.
	* times.cc (GetTickCount_ns): New function.
	* uinfo.cc (internal_getlogin): Call internal_getgroups wih 300ms
	timeout.
	* winsup.h (GetTickCount_ns): Declare.
2015-02-20 15:13:46 +00:00
Corinna Vinschen b49934db7f * cygheap.h (cygheap_pwdgrp::get_home): Add dnsdomain parameter to
declaration in ldap-related method.
	(cygheap_pwdgrp::get_shell): Ditto.
	(cygheap_pwdgrp::get_gecos): Ditto.
	* ldap.cc (cyg_ldap::open): Use NO_ERROR instead of 0.
	(cyg_ldap::close): Reset last_fetched_sid.
	(cyg_ldap::fetch_ad_account): Return immediately if sid is the same as
	last_fetched_sid.  Open LDAP connection from here.  Move initialization
	of rdse after open call.  Set last_fetched_sid if LDAP call was
	successful.
	* ldap.h (class cyg_ldap): Add member last_fetched_sid.
	(cyg_ldap::cyg_ldap): Initialize last_fetched_sid.
	(cyg_ldap::is_open): New inline method.
	* uinfo.cc (cygheap_pwdgrp::init): Drop initialization of db_home,
	db_shell and db_gecos with "cygwin desc", thus only using the fallback
	by default.
	(fetch_windows_home): Add parameter dnsdomain.  Call
	cyg_ldap::fetch_ad_account if required.
	(fetch_from_path): Add parameter dnsdomain.  Call fetch_windows_home
	accordingly.
	(cygheap_pwdgrp::get_home): Accomodate call to fetch_windows_home.
	Add dnsdomain parameter in ldap-related method.  Call
	cyg_ldap::fetch_ad_account if required.
	(cygheap_pwdgrp::get_shell): Ditto.
	(cygheap_pwdgrp::get_gecos): Ditto.
	(pwdgrp::fetch_account_from_windows): Drop cyg_ldap::open call prior to
	cyg_ldap::fetch_ad_account call.  Set is_current_user to true if we're
	handling the current user account.  Make sure to perform the LDAP calls
	only for users, and only if required.
2015-02-12 16:55:38 +00:00
Corinna Vinschen 638dd243f2 * uinfo.cc (pwdgrp::fetch_account_from_windows): Allow fetching gid,
home, shell and gecos info from NT4 domain.
2015-01-21 20:40:33 +00:00
Corinna Vinschen 5e41539dfc * uinfo.cc (fetch_windows_home): Disable fetching from homeDrive or
usri3_home_dir_drive.  Add comment.
2015-01-14 11:13:23 +00:00
Corinna Vinschen f5a9dd02c4 * uinfo.cc (pwdgrp::fetch_account_from_windows): Drop code from
2014-11-17, always prepending domain to NT SERVICE accounts when
	searching by name.  Fix test expression to allow fully qualified
	names for NT SERVICE accounts.  Extend comment to explain a bit.
2015-01-13 09:06:53 +00:00
Corinna Vinschen fae48dd783 * cygheap.h (cygheap_pwdgrp::get_shell): Add sid to argument list.
(cygheap_pwdgrp::get_gecos): Ditto.
	* uinfo.cc (fetch_windows_home): Accept cyg_ldap and PUSER_INFO_3
	arguments, and fetch db home dir values right here.
	(fetch_from_path): Accept cyg_ldap, PUSER_INFO_3 pointers and sid
	arguments.  Add '%H' format specifier to fetch Windows home dir in
	POSIX notation.
	(cygheap_pwdgrp::get_home): Accommodate changes to fetch_windows_home
	and fetch_from_path.
	(cygheap_pwdgrp::get_shell): Ditto.
	(cygheap_pwdgrp::get_gecos): Ditto.
	(pwdgrp::fetch_account_from_windows): Accommodate sid argument to
	cygheap_pwdgrp::get_shell and cygheap_pwdgrp::get_gecos.
2015-01-08 17:08:47 +00:00
Corinna Vinschen 44cacc7f44 * uinfo.cc (fetch_windows_home): New function fetching Windows-compliant
home directory.  Include longish comment to explain what we're doing.
	(cygheap_pwdgrp::get_home): Take additional sid parameter.  In
	NSS_SCHEME_WINDOWS case, call fetch_windows_home to create home
	directory.
	(pwdgrp::fetch_account_from_windows): Call cygheap_pwdgrp::get_home
	with additional sid argument.
	* cygheap.h (cygheap_pwdgrp::get_home): Align declaration to above
	change.
2014-12-02 11:30:04 +00:00
Corinna Vinschen 4fe712cd80 * uinfo.cc (cygheap_user::ontherange): Fix order of fallbacks creating
HOMEDRIVE/HOMEPATH values to be Windows-compliant.  Add comments.
2014-12-02 11:26:22 +00:00
Corinna Vinschen 41f77e25f1 * autoload.cc (CreateProfile): Import.
(LoadUserProfileW): Import.
	* registry.cc (get_registry_hive_path): Move to sec_auth.cc.
	(load_registry_hive): Remove.
	* registry.h (get_registry_hive_path): Drop declaration.
	(load_registry_hive): Ditto.
	* sec_auth.cc (get_user_profile_directory): Moved from registry.cc and
	renamed.  Take third parameter with buffer length.
	(load_user_profile): New function taking over for load_registry_hive.
	Use official functions to load profile.  If profile is missing, create
	it on Vista and later.
	* security.h (get_user_profile_directory): Declare.
	(load_user_profile): Declare.
	* syscalls.cc (seteuid32): Replace call to load_registry_hive with call
	to load_user_profile.
	* uinfo.cc (cygheap_user::env_userprofile): Replace call to
	get_registry_hive_path with call to get_user_profile_directory.
2014-12-02 10:49:47 +00:00
Corinna Vinschen 195a9205e5 * uinfo.cc (fetch_from_description): Make static.
(fetch_from_path): Ditto.
2014-12-02 10:28:42 +00:00
Corinna Vinschen e7d7418270 * mount.cc (mount_info::init): Take bool argument and allow to
initialize mount table in two steps, system and user, depending on
	bool value.
	* mount.h (class mount_info): Align declaration of init function to
	above change.
	* shared.cc (user_info::initialize): Initialize mount table in two
	steps to allow internal_getpwsid to create valid POSIX paths from
	DOS paths given in AD.  Add comments.
	* uinfo.cc (cygheap_pwdgrp::get_home): Allow DOS paths in
	NSS_SCHEME_FREEATTR attributes.
	(cygheap_pwdgrp::get_shell): Ditto.
2014-11-27 16:49:41 +00:00
Corinna Vinschen 93d15b36ef * Makefile.in (install): Add install-ldif target.
(install-ldif): New target to install cygwin.ldif.
	* cygheap.h (class cygheap_pwdgrp): Rename pfx_t to nss_pfx_t.  Add
	PFX to enum value.  Add nss_scheme_method enum and nss_scheme_t
	structure.  Add home_scheme, shell_scheme and gecos_scheme members.
	(NSS_SCHEME_MAX): Define.
	(cygheap_pwdgrp::get_home): Declare.
	(cygheap_pwdgrp::get_shell): Declare.
	(cygheap_pwdgrp::get_gecos): Declare.
	* cygwin.ldif: New file.
	* ldap.cc (std_user_attr): New array, just defining the standard
	attributes.
	(group_attr): Add cygwinUnixGid.
	(user_attr): Convert to macro pointing to cygheap->pg.ldap_user_attr.
	(cygheap_pwdgrp::init_ldap_user_attr): New method.
	(cyg_ldap::fetch_ad_account): Call cygheap_pwdgrp::init_ldap_user_attr
	if user_attr initialization is required.  Fix comment.
	(cyg_ldap::get_string_attribute): Implement taking attribute name
	as argument.
	* ldap.h: Drop unused macros.
	(cyg_ldap::get_gecos): Remove.
	(cyg_ldap::get_home): Remove.
	(cyg_ldap::get_shell): Remove.
	(cyg_ldap::get_string_attribute): Declare name argument variant public.
	* uinfo.cc (cygheap_user::ontherange): Fix indentation.
	(cygheap_pwdgrp::init): Initialize new home_scheme, shell_scheme and
	gecos_scheme members.  Align comment.
	(NSS_NCMP): Define comparison macro.
	(NSS_CMP): Ditto.
	(cygheap_pwdgrp::nss_init_line): Use aforementioned macros throughout.
	Fix comment handling.  Add db_home, db_shell and db_gecos handling.
	(fetch_from_description): New function to fetch XML-style attributes
	from (description) string.
	(fetch_from_path): New function to evaluate path string with wildcards.
	(cygheap_pwdgrp::get_home): New methods to fetch pw_dir value.
	(cygheap_pwdgrp::get_shell): Ditto for pw_shell.
	(cygheap_pwdgrp::get_gecos): Ditto for pw_gecos.
	(colon_to_semicolon): Move up.
	(pwdgrp::fetch_account_from_windows): Convert home, shell, gecos
	variables to char*.  Drop statement breaking extended group info.
	Fetch home, shell and gecos values using new methods.  Use
	fetch_from_description calls to fetch UNIX id and primary groups from
	SAM comment field.  Accommodate uxid being a char* now.  Accommodate
	the fact that extended info is malloc'ed, rather then alloca'ed.
	Create linebuf content as multibyte string.  Create line buffer by
	just calling cstrdup.
2014-11-26 19:46:59 +00:00
Corinna Vinschen 5c6a0f3117 * uinfo.cc (pwdgrp::fetch_account_from_windows): Allow fetching of
NT SERVICE accounts by name.  Always prepend domain to NT SERVICE
	accounts.  Add U-domain\username string to pw_gecos for predefined
	builtin accounts as well.
2014-11-17 10:09:01 +00:00
Corinna Vinschen 54f79f8650 * cygheap.h (cygheap_pwdgrp): Remove constants NSS_FILES and NSS_DB.
Use NSS_SRC_FILES and NSS_SRC_DB throughout instead.
	(cygheap_pwdgrp::nss_pwd_src): New inline method.
	(cygheap_pwdgrp::nss_grp_src): Ditto.
	* external.cc (cygwin_internal): Add CW_GETNSS_PWD_SRC and
	CW_GETNSS_GRP_SRC cases.
	* uinfo.cc: Use NSS_SRC_FILES and NSS_SRC_DB throughout.
	* include/cygwin/version.h (CYGWIN_VERSION_API_MINOR): Bump.
	* include/sys/cygwin.h (cygwin_getinfo_types): Add CW_GETNSS_PWD_SRC
	and CW_GETNSS_GRP_SRC.
	(NSS_SRC_FILES): Define.
	(NSS_SRC_DB): Define.
2014-11-12 11:19:08 +00:00
Corinna Vinschen 91233e688a * uinfo.cc (cygheap_user::ontherange): Don't mention /etc/passwd. 2014-10-30 16:07:04 +00:00
Corinna Vinschen f7cb52eec7 * cygheap.cc (cygheap_fixup_in_child): Drop call to set_dll_dir.
(init_cygheap::init_installation_root): Set installation_dir_len.
	(setup_cygheap): Drop call to set_dll_dir.
	* cygheap.h (struct init_cygheap): Add installation_dir_len member.
	(init_cygheap::set_dll_dir): Remove.
	* environ.cc (win_env::add_cache): Use stpcpy for speed.
	(posify_maybe): Use tmp_pathbuf buffer instead of stack.
	(raise_envblock): New function to resize Windows environment block.
	(build_env): Fix indentation.  Call raise_envblock function.  Check if
	$PATH exists and is non-empty.  If not, add PATH variable with Cygwin
	installation directory as content to Windows environment.  Explain why.

	* uinfo.cc (cygheap_pwdgrp::_nss_init): Fill UNICODE_STRING members
	on the fly.  Drop call to RtlInitUnicodeString.
	(pwdgrp::check_file): Ditto.
2014-10-27 11:33:53 +00:00
Corinna Vinschen bea3ef947a * exception.h (class exception): Remove unnecessary #ifdef.
* uinfo.cc (client_request_pwdgrp::client_request_pwdgrp): Fix length
	counter to include trailing NUL.

	* sec_auth.cc (get_user_groups): Add experimental exception handler.
	(get_user_local_groups): Ditto.
2014-09-05 11:47:33 +00:00
Corinna Vinschen acc511d184 * uinfo.cc (pwdgrp::fetch_account_from_windows): Handle APPLICATION
PACKAGE AUTHORITY SIDs.
	* winlean.h (DNLEN): Raise to 31.  Explain why.
2014-09-05 09:46:26 +00:00
Corinna Vinschen f2b03c9258 * uinfo.cc (pwdgrp::fetch_account_from_windows): Disallow user accounts
as groups.  Add comment.
2014-08-31 19:33:19 +00:00
Corinna Vinschen cc332c9e27 * uinfo.cc (cygheap_pwdgrp::init): Fix comment. Rearrange code for
style.
	(cygheap_pwdgrp::nss_init_line): Disable db_prefix and db_separator
	settings.  Add comment.
	(pwdgrp::fetch_account_from_windows): Drop outdated comment.  Fix code
	fetching primary group gid of group setting in SAM description field.
	Change comment accordingly.
2014-08-31 18:18:49 +00:00
Corinna Vinschen 3faecb14b4 * uinfo.cc (pwdgrp::fetch_account_from_windows): Disallow creating an
entry for "NULL SID".
2014-08-31 14:16:04 +00:00
Corinna Vinschen 3f3bd10104 * Throughout, use __try/__except/__endtry blocks, rather than myfault
handler.
	* cygtls.cc (_cygtls::remove): Accommodate the fact that pathbufs
	has been moved from _local_storage to _cygtls.
	* cygtls.h (class tls_pathbuf): Add comment to hint to gendef usage
	of counters.  Change type of counters to uint32_t for clarity.
	Remove _cygtls as friend class.
	(struct _local_storage): Move pathbufs from here...
	(struct _cygtls): ...to here, allowing to access it from _sigbe.
	(class san): Only define on 32 bit.  Remove errno, _c_cnt and _w_cnt
	members.
	(san::setup): Drop parameter.  Don't initialize removed members.
	(san::leave): Don't set removed members.
	(class myfault): Only define on 32 bit.
	(myfault::faulted): Only keep implementation not taking any parameter.
	Drop argument in call to sebastian.setup.
	(__try/__leave/__except/__endtry): Implement to support real SEH.  For
	now stick to SJLJ on 32 bit.
	* dcrt0.cc (dll_crt0_0): Drop 64 bit call to
	exception::install_myfault_handler.
	* exception.h (exception_handler): Define with EXCEPTION_DISPOSITION
	as return type.
	(PDISPATCHER_CONTEXT): Define as void * on 32 bit.  Define as pointer
	to _DISPATCHER_CONTEXT on 64 bit.
	(class exception): Define separately for 32 and 64 bit.
	(exception::myfault): Add handler for myfault SEH handling on 64 bit.
	(exception::exception): Fix mangled method name to account for change
	in type of last parameter.
	(exception::install_myfault_handler): Remove.
	* exceptions.cc (exception::myfault_handle): Remove.
	(exception::myfault): New SEH handler for 64 bit.
	* gendef (_sigbe): Set tls_pathbuf counters to 0 explicitely when
	returning to the caller.
	* ntdll.h: Move a comment to a better place.
	(struct _SCOPE_TABLE): Define on 64 bit.
	* thread.cc (verifyable_object_isvalid): Remove gcc 4.7 workaround.
	* tls_pbuf.cc (tls_pbuf): Fix to accommodate new place of pathbufs.
	(tls_pathbuf::destroy): Change type of loop variables to uint32_t.
	* tls_pbuf.h (class tmp_pathbuf): Change type of buffer counters to
	uint32_t.  Accommodate new place of pathbufs.
	* tlsoffsets.h: Regenerate.
	* tlsoffsets64.h: Regenerate.
2014-08-22 09:21:33 +00:00
Corinna Vinschen 64665f459e * uinfo.cc (pwdgrp::fetch_account_from_windows): Drop "plus_prepended"
as naming style.  Drop enum name_style_t, use a boolean
	"fully_qualified_name" value instead.  Rework function to drop
	"plus_prepended" handling througout and default to "name only" style
	as replacement.
2014-08-04 15:50:42 +00:00
Corinna Vinschen 1721a38efd * uinfo.cc (pwdgrp::fetch_account_from_windows): Fix comment. 2014-07-30 14:23:53 +00:00
Corinna Vinschen 898e26c82f * cygheap.h (class cygheap_domain_info): Remove lowest_tdo_posix_offset.
* ldap.cc (cyg_ldap::fetch_posix_offset_for_domain): Return UINT32_MAX
	in case of error.
	* security.h (PRIMARY_POSIX_OFFSET): Define.
	(NOACCESS_POSIX_OFFSET): Define.
	(UNUSABLE_POSIX_OFFSET): Define.
	* uinfo.cc (cygheap_domain_info::init): Drop initializing
	lowest_tdo_posix_offset.
	(pwdgrp::fetch_account_from_file): Set PosixOffset to either
	UNUSABLE_POSIX_OFFSET or NOACCESS_POSIX_OFFSET in case we don't get a
	sensible offset from AD.  Explain why.  Drop setting ch
	lowest_tdo_posix_offset.
	(pwdgrp::fetch_account_from_windows): Replace constant 0x100000 with
	PRIMARY_POSIX_OFFSET throughout.
2014-07-29 08:53:13 +00:00
Corinna Vinschen 9c96187172 * uinfo.cc: Fix typo in comment. 2014-07-21 09:55:52 +00:00
Corinna Vinschen 6aafa0bfc2 * uinfo.cc (cygheap_domain_info::init): Correctly set
lowest_tdo_posix_offset to UNIX_POSIX_OFFSET.
	(fetch_posix_offset): Redesign to fake a POSIX offset in all cases
	where we can't fetch a non-0 POSIX offset from our primary domain.
2014-07-14 13:33:20 +00:00
Corinna Vinschen e35b92c202 * autoload.cc (ldap_search_sW): Replace ldap_search_stW.
(LdapMapErrorToWin32): Import.
	* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Accommodate
	change to cyg_ldap::open.
	* ldap.cc (CYG_LDAP_TIMEOUT): Remove.
	(CYG_LDAP_ENUM_TIMEOUT): Remove.
	(def_tv): Remove.
	(enum_tv): Remove.
	(cyg_ldap::map_ldaperr_to_errno): New method to map LDAP error codes to
	POSIX errno codes.  Explicitly map LDAP_NO_RESULTS_RETURNED to ENMFILE.
	(cyg_ldap::wait): Ditto.
	(struct cyg_ldap_init): New struct.
	(cyg_ldap::connect_ssl): Return ULONG.  Drop setting LDAP_OPT_TIMELIMIT.
	Add call to ldap_search_sW to fetch root DSE.
	(cyg_ldap::connect_non_ssl): Ditto.
	(ldap_init_thr): New static thread function.
	(cyg_ldap::connect): New method to call connect_ssl/connect_non_ssl in
	an interruptible cygthread.
	(struct cyg_ldap_search): New struct.
	(cyg_ldap::search_s): New method to perform generic synchronous search.
	(ldap_search_thr): New static thread function.
	(cyg_ldap::search): New method to call search_s in an interruptible
	cygthread.
	(struct cyg_ldap_next_page): New struct.
	(cyg_ldap::next_page_s): New method to perform generic synchronous
	paged search.
	(ldap_next_page_thr): New static thread function.
	(cyg_ldap::next_page): New method to call next_page_s in an
	interruptible cygthread.
	(cyg_ldap::open): Return POSIX errno.  Call connect method.
	(cyg_ldap::fetch_ad_account): Call search method rather than
	ldap_search_stW.
	(cyg_ldap::enumerate_ad_accounts): Return POSIX errno.  Use infinite
	timeout in call to ldap_search_init_pageW.
	(cyg_ldap::next_account): Return POSIX errno.  Call next_page method
	rather than ldap_get_next_page_s.
	(cyg_ldap::fetch_posix_offset_for_domain): Call search method rather
	than ldap_search_stW.
	(cyg_ldap::fetch_unix_sid_from_ad): Ditto.
	(cyg_ldap::fetch_unix_name_from_rfc2307): Ditto.
	* ldap.h (class cyg_ldap): Accommodate aforementioned changes.
	* passwd.cc (pg_ent::enumerate_ad): Ditto.  Break search if one of
	cyg_ldap::enumerate_ad_accounts or cldap.next_account returns with
	an error code other than ENMFILE.
	* sec_helper.cc (cygpsid::get_id): Accommodate change to cyg_ldap::open.
	* uinfo.cc (fetch_posix_offset): Ditto.
2014-06-25 09:10:50 +00:00
Corinna Vinschen b1c17593f8 * ldap.cc (CYG_LDAP_TIMEOUT): Define as timeout value. Set to 30 secs
for now.  Use throughout.
	* uinfo.cc (colon_to_semicolon): New local function.
	(pwdgrp::fetch_account_from_windows): Convert all colons in AD gecos
	entry to commas.
2014-06-18 17:41:52 +00:00
Corinna Vinschen 03e3cf9846 * ldap.cc (cyg_ldap::fetch_ad_account): Take additional domain string
parameter.  Convert into likely rootDSE string if not NULL, and use in
	subsequent call to ldap_search_stW.  Add comment to explain that this
	is not the exactly correct solution.
	* ldap.h (cyg_ldap::fetch_ad_account): Change prototype accordingly.
	* uinfo.cc (pwdgrp::fetch_account_from_windows): Always use loc_ldap
	in call to fetch_posix_offset to make sure we're fetchoinmg the posix
	offsets from *our* domain controller.  Only set domain variable to
	non-NULL if the account is from a trusted domain.  Use domain in call
	to cyg_ldap::fetch_ad_account.
2014-05-22 14:50:24 +00:00
Corinna Vinschen 81f9ce0734 * uinfo.cc (pwdgrp::fetch_account_from_windows): Fix potential SEGV
referencing NULL pointer.
2014-05-22 09:47:23 +00:00
Corinna Vinschen 6506454fb3 * sec_auth.cc (get_server_groups): Call get_logon_server only for
non-builtin accounts.
	* uinfo.cc (pwdgrp::fetch_account_from_windows): Check incoming
	account name for validity in terms of the current name prefixing rules
	and refuse invalid names.
2014-05-14 11:27:47 +00:00
Corinna Vinschen d4ff931bf8 * fhandler_socket.cc (fhandler_socket::ioctl): Handle the different
ideas of u_long between Winsock and Cygwin applications on x86_64.
	Add long comment.
2014-05-13 16:07:50 +00:00