So far we had two functions checking the content of a reparse point,
readdir_check_reparse_point in fhandler_disk_file.cc for the sake of
readdir, and symlink_info::check_reparse_point for the sake of
generic path checking.
* Rename check_reparse_point_target helper to check_reparse_point_string
and convert to static function.
* Create new check_reparse_point_target helper containing the core
reparse point checking code
* Just call check_reparse_point_target from readdir_check_reparse_point
and symlink_info::check_reparse_point and only perform the unique
task in those functions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far Cygwin's readdir returned the inode number of a mount target
in d_ino, rather than the actual inode number of the mount point in
the underlying filesystem. This not only results in a performance
hit if the mount target is a remote FS, it is also not done on other
POSIX systems.
Remove the code evaluating the mount target inode number.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This patch fixes a minor compatibility issue w/ cygwin mount point handling in
readdir(), compared to equivalent behavior of Linux and MacOS. dentry.d_ino
should indicate the INO of the mount point itself, not the target volume root
folder.
Changed return type from readdir_check_reparse_point to uint8_t, to avoid
unnecessarily being implicitly cast to and from a signed int.
Renamed a related local variable "attr" to "oattr" that was eclipsing a member
variable with the same name.
Joe L.
Always retrieve FileCompressionInformation for non-empty
files if FileStandardInformation returns 0 allocated blocks.
This fixes stat.st_blocks for files compressed with CompactOS method.
Signed-off-by: Christian Franke <franke@computer.org>
Revamp device parsing code. Introducing support for more partitions
into the shilka-generated parser has the unfortunate side-effect of
raising the size of the DLL by almost 2 Megs. Therefore we split out
the handling for /dev/sdXY devices into a tiny bit of hand-written
code.
While at it, remove some unused cruft from devices.* and generally
clean up the device class to provide access methods instead of direct
access to members.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Bump GPLv2+ to GPLv3+ for some files, clarify BSD 2-clause.
Everything else stays under GPLv3+.
New Linking Exception exempts resulting executables from LGPLv3 section 4.
Add CONTRIBUTORS file to keep track of licensing.
Remove 'Copyright Red Hat Inc' comments.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
fhandler_base::open_fs has two problems:
- When newly creating a file, the file info in the path_conv is
incorrect. It points to info for the parent dir, not to info
for the file itself (which, naturally, wasn't available before).
- Fetching the file's inode number only worked for non-NFS.
Both problems should be fixed now by reloading file info if the file
has just been created, as well as using the new FS-agnostic
path_conv::get_ino method.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This avoids having to call nfs_fetch_fattr3/file_get_fai depending
on FS type as well as having to extract the info FS dependent.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The missing braces cause only the first expression to be guarded by the
else clause.
winsup/cygwin/ChangeLog
* fhandler_disk_file.cc (facl): Add missing braces to if statement.
* mount.cc (dos_drive_mappings): Add missing braces to if statement.
Signed-off-by: Peter Foley <pefoley2@pefoley.com>
* Makefile.in (DLL_OFILES): Add sec_posixacl.o.
(SUBLIBS): Add libacl.a
(libacl.a): New rule to create libacl.a.
* common.din: Export POSIX ACL functions as well as most libacl.a
extensions.
* fhandler.h (fhander_base::acl_get): New prototype.
(fhander_base::acl_set): Ditto.
(fhandler_disk_file::acl_get): Ditto.
(fhandler_disk_file::acl_set): Ditto.
* include/acl/libacl.h: New file.
* include/cygwin/version.h: Bump API minor version.
* include/sys/acl.h: Drop including cygwin/acl.h. Accommodate
throughout Cygwin. Add POSIX ACL definitions.
* sec_acl.cc: Include sec_posixacl.h. Replace ILLEGAL_UID and
ILLEGAL_GID with ACL_UNDEFINED_ID where sensible.
(__aclcheck): New internal acl check function to be used for
Solaris and POSIX ACLs.
(aclcheck32): Call __aclcheck.
(__aclcalcmask): New function to compute ACL_MASK value.
(__aclsort): New internal acl sort function to be used for Solaris
and POSIX ACLs.
(aclsort32): Call __aclsort.
(permtostr): Work directly on provided buffer.
(__acltotext): New internal acltotext function to be used for
Solaris and POSIX ACLs.
(acltotext32): Call __acltotext.
(__aclfromtext): New internal aclfromtext function to be used for
Solaris and POSIX ACLs.
(aclfromtext32): Call __aclfromtext.
* sec_posixacl.cc: New file implemeting POSIX ACL functions.
* sec_posixacl.h: New internal header.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
POSIX.1e requires that chmod changes the MASK rather than the
GROUP_OBJ value if the ACL is non-trivial.
On Windows, especially on home machines, a standard ACL often
consists of entries for the user, maybe the group, and additional
entries for SYSTEM and the Administrators group. A user calling
chmod on a file with bog standard Windows perms usually expects
that chmod changes the GROUP_OBJ perms, but given the rules from
POSIX.1e we can't do that.
However, since we already treat Admins and SYSTEM special in a
ACL (they are not used in MASK computations) we go a step in the
Windows direction to follow user expectations. If an ACL only
consists of the three POSIX permissions, plus entries for Admins
and SYSTEM *only*, then we change the permissions of the GROUP_OBJ
entry *and* the MASK entry.
* fhandler_disk_file.cc (fhandler_disk_file::chmod): Drop unused
code. Add special handling for a "standard" Windows ACL. Add
comment to explain.
* sec_acl.cc (get_posix_access): Allow to return "standard-ness"
of an ACL to the caller. Add preceeding comment to explain a bit.
* security.h (get_posix_access): Align prototype.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Only request
query_write_dac rather than query_write_control access when writing
an ACL. Fix a comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* path.h (class path_conv_handle): Use FILE_ALL_INFORMATION instead of
FILE_NETWORK_OPEN_INFORMATION. Use definitions from ntdll.h since it's
included anyway.
(path_conv_handle::fai): Change name from fnoi.
(path_conv::fai): Ditto.
(file_get_fai): Change name from file_get_fnoi. Drop second parameter.
* path.cc (file_get_fai): Ditto. Fetch FileAllInformation rather than
FileNetworkOpenInformation. Convert STATUS_BUFFER_OVERFLOW to
STATUS_SUCCESS. Remove workaround to fetch FileBasicInformation and
FileStandardInformation on filesystems with broken
FileNetworkOpenInformation handling.
(symlink_info::check): Accommodate above changes. In case of using
the NtQueryDirectoryFile fallback, fetch FileIdBothDirectoryInformation
to get inode number as well.
* fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Drop outdated
comment. Accommodate change to using FileAllInformation. Drop
extra function calls to fetch NumberOfLinks and IndexNumber. Set ino
directly from IndexNumber stored in pc.fai(). Drop second argument
from call to fstat_helper.
(fhandler_base::fstat_by_name): Drop second argument from call to
fstat_helper.
(fhandler_base::fstat_helper): Drop second parameter. Accommodate
the fact that we access a FILE_ALL_INFORMATION structure now.
(fhandler_base::open_fs): Set ino directly from IndexNumber stored in
pc.fai().
* fhandler.h (fhandler_base::fstat_helper): Fix declaration accrdingly.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_disk_file.cc (path_conv::get_ino_by_handle): Rename fai to
fii for clearness.
(fhandler_disk_file::readdir): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Disable
deviation from POSIX 1003.1e in terms of GROUP_OBJ/CLASS_OBJ
permissions. Follow POSIX 1003.1e again. Keep old code in
for future reference.
* sec_acl.cc: Accommodate changes in ACE creation in leading
comment.
(set_posix_access): Fix user deny ACE creation. Split group
deny ACE creation into two steps, one to reflect CLASS_OBJ,
the other to reflect OTHER_OBJ.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- New, unified implementation of POSIX permission and ACL handling. The
new ACLs now store the POSIX ACL MASK/CLASS_OBJ permission mask, and
they allow to inherit the S_ISGID bit. ACL inheritance now really
works as desired, in a limited, but theoretically equivalent fashion
even for non-Cygwin processes.
To accommodate Windows default ACLs, the new code ignores SYSTEM and
Administrators group permissions when computing the MASK/CLASS_OBJ
permission mask on old ACLs, and it doesn't deny access to SYSTEM and
Administrators group based on the value of MASK/CLASS_OBJ when
creating the new ACLs.
The new code now handles the S_ISGID bit on directories as on Linux:
Setting S_ISGID on a directory causes new files and subdirs created
within to inherit its group, rather than the primary group of the user
who created the file. This only works for files and directories
created by Cygwin processes.
2015-05-29 Corinna Vinschen <corinna@vinschen.de>
Reapply POSIX ACL changes.
* utils.xml (setfacl): Show new option output.
(getfacl): Show new option output.
* sec_acl.cc (get_posix_access): Check for Cygwin "standard" ACL.
Apply umask, if so. Align comments.
* security.cc (set_created_file_access): Fix permission masking by
incoming requested file mode.
* sec_acl.cc (set_posix_access): Apply mask only in terms of execute bit
for SYSTEM and Admins group.
* sec_acl.cc (set_posix_access): Don't create DENY ACEs for USER and
GROUP entries if they are the same as USER_OBJ or GROUP_OBJ.
* fhandler.h (fhandler_pty_slave::facl): Add prototype.
* fhandler_tty.cc (fhandler_pty_slave::facl): New method.
(fhandler_pty_slave::fchown): Fix uid/gid handling.
* sec_acl.cc (set_posix_access): Drop superfluous class_idx variable.
Simplify and move around code in a few places. To improve ACL
readability, add r/w permissions to Admins ACE appended to pty ACL.
Add comment to explain Windows ACE Mask filtering being in the way of
creating a real CLASS_OBJ.
(get_posix_access): Fake CLASS_OBJ for ptys. Explain why.
* security.cc (get_object_attribute): Add S_IFCHR flag to attributes
when calling get_posix_access.
* sec_acl.cc (set_posix_access): Move merging group perms into owner
perms in case of owner == group after mask has been computed. Take
mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.
* sec_acl.cc (get_posix_access): Only set saw_group_obj flag if we saw
the ACCESS_ALLOWED_ACE.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Deliberatly
set GROUP_OBJ and CLASS_OBJ perms to new group perms. Add comment
to explain why.
* security.cc (set_created_file_access): Ditto.
* sec_acl.cc (set_posix_access): Replace previous patch. Return
EINVAL if uid and/or guid is invalid and not backed by an actual
Windows account.
* sec_acl.cc (set_posix_access): Workaround owner/group SIDs being NULL.
* sec_acl.cc (set_posix_access): Handle files with owner == group.
Rephrase switch statement checking against unfiltered a_type value.
(get_posix_access): Handle files with owner == group.
* sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
CLASS_OBJ mask on old-style ACLs. Fix a comment.
* sec_acl.cc (set_posix_access): Always make sure Admins have
WRITE_DAC and WRITE_OWNER permissions.
* security.h (create_object_sd_from_attribute): Drop handle parameter
from prototype.
* security.cc (create_object_sd_from_attribute): Drop handle parameter.
Just create the standard POSIXy security descriptor.
(set_object_attribute): Accommodate dropped paramter in call to
create_object_sd_from_attribute.
* fhandler_tty.cc: Ditto, throughout.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Fix typo in
mask computation.
* fhandler.cc (fhandler_base::open_with_arch): Call open with mode
not umasked.
(fhandler_base::open): Explicitely umask mode on NFS here. Call new
set_created_file_access rather than set_file_attribute.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Reimplement
setting permissions on filesystems supporting ACLs using the new
set_posix_access call.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::mkdir): Call new set_created_file_access rather
than set_file_attribute.
* fhandler_socket.cc (fhandler_socket::bind): Don't umask here. Add
WRITE_OWNER access to allow writing group in case of SGID bit set.
Call new set_created_file_access rather than set_file_attribute.
* path.cc (symlink_worker): Call new set_created_file_access rather
than set_file_attribute.
* sec_acl.cc (searchace): Un-staticize.
(set_posix_access): New, complementary functionality to
get_posix_access.
(setacl): Implement in terms of get_posix_access/set_posix_access.
(get_posix_access): Add handling for just created files requiring
their first Cygwin ACL. Fix new_style recognition. Handle SGID
bit. For old-style ACLs, ignore SYSTEM and Administrators when
computing the {DEF_}CLASS_OBJ perms.
* security.cc (get_file_sd): Revamp comment. Change and (hopefully)
speed up inheritance processing for just created files.
(alloc_sd): Remove.
(set_security_attribute): Call set_posix_access instead of alloc_sd.
(get_object_attribute): Fix return value.
(create_object_sd_from_attribute): Call set_posix_access instead of
alloc_sd.
(set_file_attribute): Remove.
(set_created_file_access): New function implemented in terms of
get_posix_access/set_posix_access.
* security.h (set_file_attribute): Remove prototype.
(set_created_file_access): Add prototype.
(searchace): Ditto.
(set_posix_access): Ditto.
* syscalls.cc (open): Call open_with_arch with mode not umasked.
* sec_acl.cc: Change preceeding comment explaining new-style ACLs.
Describe how to generate deny ACEs in more detail. Accommodate the
fact that a NULL deny ACE is used for {DEF_}CLASS_OBJ, rather than
a special Cygwin ACE. Improve further comments.
(CYG_ACE_NEW_STYLE): Define.
(get_posix_access): Change from Cygwin ACE to NULL deny ACE. Fix
CLASS_OBJ handling to generate CLASS_OBJ and DEF_CLASS_OBJ from a single
NULL deny ACE if the inheritance flags say so.
* sec_helper.cc (well_known_cygwin_sid): Remove.
* security.h (well_known_cygwin_sid): Drop declaration.
* sec_acl.cc (CYG_ACE_ISBITS_TO_WIN): Fix typo.
(get_posix_access): Rename index variable from i to idx. Define only
once at top level.
* security.cc (add_access_allowed_ace): Drop unused parameter "offset".
Accommodate throughout.
(add_access_denied_ace): Ditto.
* sec_acl.cc: Accommodate above change throughout.
* security.h (add_access_allowed_ace): Adjust prototype to above change.
(add_access_denied_ace): Ditto.
* sec_acl.cc (get_posix_access): Handle multiple ACEs for the
owner and primary group of the file. Handle the default primary
group ACE as DEF_GROUP_OBJ entry if the directory has the S_ISGID bit
set. Add comments. Minor code rearrangements.
Preliminary read side implementation of new permission handling.
* acl.h (MAX_ACL_ENTRIES): Raise to 2730. Add comment to explain.
* sec_acl.cc: Add leading comment to explain new ACL style.
Add definitions and macros to use for bits in new Cygwin ACL.
(DENY_RWX): New mask value for all temporary deny bits.
(getace): Add bool parameter to decide when leaving all bits intact,
rather than filtering them per the already set bits.
(get_posix_access): New function, taking over functionality to read
POSIX ACL from SECURITY_DESCRIPTOR.
(getacl): Just call get_posix_access.
* sec_helper.cc (well_known_cygwin_sid): Define.
* security.cc (get_attribute_from_acl): Remove.
(get_info_from_sd): Remove.
(get_reg_sd): Call get_posix_access instead of get_info_from_sd.
(get_file_attribute): Ditto.
(get_object_attribute): Ditto.
* security.h (well_known_cygwin_sid): Declare.
(get_posix_access): Add prototype.
* Throughout, use simpler ACE macros from Windows' accctrl.h.
* getfacl.c (main): Special-case SYSTEM and Admins group. Add comments.
* setfacl.c: Align more to Linux tool.
(delacl): New function to delete acl entries only.
(modacl): Drop delete functionality. Add handling of recomputing the
mask and default mask values.
(delallacl): Rename from delacl.
(setfacl): Call delacl in Delete case. Call delallacl in DeleteAll
and DeleteDef case.
(usage): Accommodate new options. Rearrange and rephrase slightly.
(longopts): Emit 'x' in --delete case. Add --no-mask and --mask
options.
(opts): Add -x and -n options.
(main): Handle -d and -x the same. Handle -n and --mask options.
Drop handling for -r option.
* getfacl.c (usage): Align more closely to Linux version. Add new
options -c, -e, -E. Change formatting to accommodate longer options.
(longopts): Rename --noname to --numeric. Keep --noname for backward
compatibility. Add --omit-header, --all-effective and --no-effective
options.
(opts): Add -c, -e and -E option.
(main): Handle new -c, -e, and -E options.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Rearrange
to fall back to myself uid/gid in case we don't utilize Windows
account DBs, just as prior to 1.7.34.
* sec_helper.cc (cygpsid::get_id): Disable Samba user/group mapping per
RFC2307 if we're not utilizing Windows account DBs.
* security.cc (convert_samba_sd): Revert previous patch.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Only try
to map user and group info per RFC2307 if account info is fetched
from Windows account DB.
(convert_samba_sd): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
suffix and make private. Rename normalized_path to posix_path and
make privtae. Accommodate name changes throughout in path_conv
methods.
(path_conv::known_suffix): New method. Use throughout instead of
accessing suffix directly.
(path_conv::get_win32): Constify.
(path_conv::get_posix): New method to read posix_path. Use throughout
instead of accessing normalized_path directly.
(path_conv::set_posix): Rename from set_normalized_path. Accommodate
name change throughout.
* spawn.cc (find_exec): Return POSIX path, not Win32 path.
* fhandler_disk_file.cc (fhandler_disk_file::facl): Ditto in noacl case.
* sec_acl.cc (getacl): Compute useful fake CLASS_OBJ and DEF_CLASS_OBJ
permission bits based on how these values are generated on Linux.
Add commants to explain what the code is doing.
* security.cc (get_attribute_from_acl): Compute group permission based
on the actual primary group permissions and all secondary user and group
ACCESS_ALLOWED_ACEs to emulate Linux' behaviour more closely.
(check_access): Fix typos im comment.
* include/cygwin/acl.h (MIN_ACL_ENTRIES): Redefine as 3.
to declaration.
* fhandler_tty.cc (fhandler_pty_slave::fch_open_handles): Add bool
parameter "chown". Only request WRITE_OWNER access when opening pty
synchronization objects if "chown" is set.
(fhandler_pty_slave::fchmod): Call fch_open_handles with new bool
parameter set to false.
(fhandler_pty_slave::fchown): Call fch_open_handles with new bool
parameter set to true.
* kernel32.cc (CreateFileMappingW): Fix default standard rights for
file mappings from READ_CONTROL to STANDARD_RIGHTS_REQUIRED to allow
changing the DACL (fixes "access denied" error in pinfo::set_acl).
* fhandler_disk_file.cc (fhandler_base::fstat_helper): Change debug
output to print mode bits in octal.
* security.cc (alloc_sd): Ditto.
(set_file_attribute): Ditto.
POBJECT_ATTRIBUTES. Take OBJECT_ATTRIBUTES reference as argument, not
pointer.
* fhandler_disk_file.cc: Throughout accommodate above change.
* syscalls.cc: Ditto.
* ntea.cc (read_ea): Don't set hdl to NULL if it's already NULL. Set
attr with pc.init_reopen_attr before trying to reopen file.
(write_ea): Ditto.
* security.cc (get_file_sd): Use pc.init_reopen_attr rather than
pc.get_object_attr when trying to reopen file.
(set_file_sd): Ditto.
(LdapMapErrorToWin32): Import.
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Accommodate
change to cyg_ldap::open.
* ldap.cc (CYG_LDAP_TIMEOUT): Remove.
(CYG_LDAP_ENUM_TIMEOUT): Remove.
(def_tv): Remove.
(enum_tv): Remove.
(cyg_ldap::map_ldaperr_to_errno): New method to map LDAP error codes to
POSIX errno codes. Explicitly map LDAP_NO_RESULTS_RETURNED to ENMFILE.
(cyg_ldap::wait): Ditto.
(struct cyg_ldap_init): New struct.
(cyg_ldap::connect_ssl): Return ULONG. Drop setting LDAP_OPT_TIMELIMIT.
Add call to ldap_search_sW to fetch root DSE.
(cyg_ldap::connect_non_ssl): Ditto.
(ldap_init_thr): New static thread function.
(cyg_ldap::connect): New method to call connect_ssl/connect_non_ssl in
an interruptible cygthread.
(struct cyg_ldap_search): New struct.
(cyg_ldap::search_s): New method to perform generic synchronous search.
(ldap_search_thr): New static thread function.
(cyg_ldap::search): New method to call search_s in an interruptible
cygthread.
(struct cyg_ldap_next_page): New struct.
(cyg_ldap::next_page_s): New method to perform generic synchronous
paged search.
(ldap_next_page_thr): New static thread function.
(cyg_ldap::next_page): New method to call next_page_s in an
interruptible cygthread.
(cyg_ldap::open): Return POSIX errno. Call connect method.
(cyg_ldap::fetch_ad_account): Call search method rather than
ldap_search_stW.
(cyg_ldap::enumerate_ad_accounts): Return POSIX errno. Use infinite
timeout in call to ldap_search_init_pageW.
(cyg_ldap::next_account): Return POSIX errno. Call next_page method
rather than ldap_get_next_page_s.
(cyg_ldap::fetch_posix_offset_for_domain): Call search method rather
than ldap_search_stW.
(cyg_ldap::fetch_unix_sid_from_ad): Ditto.
(cyg_ldap::fetch_unix_name_from_rfc2307): Ditto.
* ldap.h (class cyg_ldap): Accommodate aforementioned changes.
* passwd.cc (pg_ent::enumerate_ad): Ditto. Break search if one of
cyg_ldap::enumerate_ad_accounts or cldap.next_account returns with
an error code other than ENMFILE.
* sec_helper.cc (cygpsid::get_id): Accommodate change to cyg_ldap::open.
* uinfo.cc (fetch_posix_offset): Ditto.
* cygheap.h (class cygheap_ugid_cache): Move ugid_cache_t type here
and rename.
(struct init_cygheap): Add cygheap_ugid_cache member "ugid_cache".
* pwdgrp.h (class ugid_cache_t): Remove here.
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Accommodate
move of ugid_cache to cygheap.
* sec_helper.cc (get_sids_info): Ditto.
* uinfo.cc (ugid_cache): Remove.
(pwdgrp::fetch_account_from_windows): Define id_val globally.
Move SidTypeAlias handling into SidTypeUser/SidTypeGroup branch since
aliases are handled like groups in SAM. Accommodate move of ugid_cache
to cygheap. Consolidate code reading SAM comments into a single branch
for both, SidTypeUser and SidTypeAlias. For SidTypeAlias, fix thinko
and call NetLocalGroupGetInfo rather than NetGroupGetInfo. Simplify
code setting Cygwin primary group for SAM accounts. Add code to handle
UNIX uid/gid from SAM comment.
/etc/nsswitch.conf file to configure it.
* Makefile.in (DLL_OFILES): Add ldap.o.
* autoload.cc: Import ldap functions from wldap32.dll.
(DsEnumerateDomainTrustsW): Import.
(NetGroupGetInfo): Import.
* cygheap.h (class cygheap_domain_info): New class to keep global
domain info.
(class cygheap_pwdgrp): New class to keep passwd/group caches and
configuration info from /etc/nssswitch.conf.
(struct init_cygheap): Add cygheap_domain_info member "dom" and
cygheap_pwdgrp member "pg".
* cygtls.h (struct _local_storage): Remove unused member "res".
Rearrange slightly, Add members pwbuf and grbuf to implement non-caching
passwd/group fetching from SAM/AD. Make pw_pos and pw_pos unsigned.
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Add RFC 2307
uid/gid mapping.
* fhandler_process.cc: Drop including pwdgrp.h.
* fhandler_procsysvipc.cc: Ditto.
* fhandler_registry.cc (fhandler_registry::fstat): Set key uid/gid
to ILLEGAL_UID/ILLEGAL_GID rather than UNKNOWN_UID/UNKNOWN_GID.
* grp.cc (group_buf): Drop.
(gr): Drop.
(pwdgrp::parse_group): Fill pg_grp.
(pwdgrp::read_group): Remove.
(pwdgrp::init_grp): New method.
(pwdgrp::prep_tls_grbuf): New method.
(pwdgrp::find_group): New methods.
(internal_getgrsid): Convert to call new pwdgrp methods.
(internal_getgrnam): Ditto.
(internal_getgrgid): Ditto.
(getgrgid_r): Drop 2nd parameter from internal_getgrgid call.
(getgrgid32): Ditto.
(getgrnam_r): Ditto for internal_getgrnam.
(getgrnam32): Ditto.
(getgrent32): Convert to call new pwdgrp methods.
(internal_getgrent): Remove.
(internal_getgroups): Simplify, especially drop calls to
internal_getgrent.
* ldap.cc: New file implementing cyg_ldap class for LDAP access to AD
and RFC 2307 server.
* ldap.h: New header, declaring cyg_ldap class.
* passwd.cc (passwd_buf): Drop.
(pr): Drop.
(pwdgrp::parse_passwd): Fill pg_pwd.
(pwdgrp::read_passwd): Remove.
(pwdgrp::init_pwd): New method.
(pwdgrp::prep_tls_pwbuf): New method.
(find_user): New methods.
(internal_getpwsid): Convert to call new pwdgrp methods.
(internal_getpwnam): Ditto.
(internal_getpwuid): Ditto.
(getpwuid32): Drop 2nd parameter from internal_getpwuid call.
(getpwuid_r): Ditto.
(getpwnam): Ditto for internal_getpwnam.
(getpwnam_r): Ditto.
(getpwent): Convert to call new pwdgrp methods.
* path.cc (class etc): Remove all methods.
* path.h (class etc): Drop.
* pinfo.cc (pinfo_basic::pinfo_basic): Set gid to ILLEGAL_GID rather
than UNKNOWN_GID.
(pinfo_init): Ditto.
* pwdgrp.h (internal_getpwnam): Drop 2nd parameter from declaration.
(internal_getpwuid): Ditto.
(internal_getgrgid): Ditto.
(internal_getgrnam): Ditto.
(internal_getgrent): Drop declaration.
(enum fetch_user_arg_type_t): New type.
(struct fetch_user_arg_t): New type.
(struct pg_pwd): New type.
(struct pg_grp): New type.
(class pwdgrp): Rework to provide functions for file and db requests
and caching.
(class ugid_cache_t): New class to provide RFC 2307 uid map caching.
(ugid_cache): Declare.
* sec_acl.cc: Drop including pwdgrp.h.
* sec_auth.cc: Drop including dsgetdc.h and pwdgrp.h.
(get_logon_server): Convert third parameter to ULONG flags argument
to allow arbitrary flags values in DsGetDcNameW call and change calls
to this function throughout. Use cached account domain name rather
than calling GetComputerNameW.
(get_unix_group_sidlist): Remove.
(get_server_groups): Drop call to get_unix_group_sidlist.
(verify_token): Rework token group check without calling
internal_getgrent.
* sec_helper.cc (cygpsid::pstring): New methods, like string() but
return pointer to end of string.
(cygsid::getfromstr): Add wide character implementation.
(get_sids_info): Add RFC 2307 uid/gid mapping for Samba shares.
* security.cc: Drop including pwdgrp.h.
* security.h (DEFAULT_UID): Remove.
(UNKNOWN_UID): Remove.
(UNKNOWN_GID): Remove.
(uinfo_init): Move here from winsup.h.
(ILLEGAL_UID): Ditto.
(ILLEGAL_GID): Ditto.
(UNIX_POSIX_OFFSET): Define. Add lengthy comment.
(UNIX_POSIX_MASK): Ditto.
(MAP_UNIX_TO_CYGWIN_ID): Ditto.
(ILLEGAL_UID16): Move here from winsup.h.
(ILLEGAL_GID16): Ditto.
(uid16touid32): Ditto.
(gid16togid32): Ditto.
(sid_id_auth): New convenience macro for SID component access.
(sid_sub_auth_count): Ditto.
(sid_sub_auth): Ditto.
(sid_sub_auth_rid): Ditto.
(cygpsid::pstring): Declare.
(cygsid::getfromstr): Declare wide character variant.
(cygsid::operator=): Ditto.
(cygsid::operator*=): Ditto.
(get_logon_server): Change declaration according to source code.
* setlsapwd.cc (setlsapwd): Drop 2nd parameter from internal_getpwnam
call.
* shared.cc (memory_init): Call cygheap->pg.init in first process.
* syscalls.cc: Drop including pwdgrp.h.
* tlsoffsets.h: Regenerate.
* tlsoffsets64.h: Ditto.
* uinfo.cc (internal_getlogin): Drop gratuitious internal_getpwuid
call. Fix debug output. Overwrite user gid in border case of a
missing passwd file while a group file exists.
(pwdgrp::add_line): Allocate memory on cygheap.
(pwdgrp::load): Remove.
(ugid_cache): Define.
(cygheap_pwdgrp::init): New method.
(cygheap_pwdgrp::nss_init_line): New method.
(cygheap_pwdgrp::_nss_init): New method.
(cygheap_domain_info::init): New method.
(logon_sid): Define.
(get_logon_sid): New function.
(pwdgrp::add_account_post_fetch): New method.
(pwdgrp::add_account_from_file): New methods.
(pwdgrp::add_account_from_windows): New methods.
(pwdgrp::check_file): New method.
(pwdgrp::fetch_account_from_line): New method.
(pwdgrp::fetch_account_from_file): New method.
(pwdgrp::fetch_account_from_windows): New method.
* winsup.h: Move aforementioned macros and declarations to security.h.
comment.
* mount.cc (mount_info::from_fstab): Use tmp_pathbuf rather than
stack for big local buffer.
* net.cc (cygwin_gethostname): Call GetComputerNameExA rather than
GetComputerNameA if gethostname failed.
* shared.cc (user_info::initialize): Fix formatting.
* include/sys/file.h: Define flock and accompanying macros if not
already defined in sys/_default_fcntl.h.
(dev_storage): Ditto for /dev.
* devices.cc: Regenerate.
* fhandler.cc (fhandler_base::open_null): New method to open a fake
\Device\Null handler.
(fhandler_base::open): Fix formatting. Change O_ACCMODE test to a
switch statement. Simplify a test which still tested for a now unused
create_disposition.
* fhandler.h (fhandler_base::open_null): Declare.
(fhandler_netdrive::close): Declare.
* fhandler_dev.cc (fhandler_dev::open): Open fake \Device\Null handle
by just calling new open_null method.
* fhandler_disk_file.cc (fhandler_cygdrive::open): Ditto.
* fhandler_netdrive.cc (fhandler_netdrive::open): Call open_null
rather than setting nohandle.
(fhandler_netdrive::close): New method.
* fhandler_registry.cc (fetch_hkey): Fix token in RegOpenUserClassesRoot
call. Create valid key for HKEY_CURRENT_CONFIG by mapping to real key
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Hardware Profiles\Current.
(fhandler_registry::open): Set nohandle only when using pseudo registry
handle.
* fhandler_virtual.cc (fhandler_virtual::opendir): Call open rather
than just setting nohandle here.
* fhandler_virtual::fstatvfs): Set ST_RDONLY fs flag.
* globals.cc (ro_u_null): New readonly UNICODE_STRING for \Device\Null.
* path.h (path_conv::set_path): Revert previous change caring for
wide_path.
(dev_storage): Map /dev and /dev/windows to \Device\Null.
* devices.cc: Regenerate.
* dir.cc (opendir): Create unique id. Explain why.
* fhandler.h (fhandler_dev::get_dev): Implement inline.
(fhandler_cygdrive::close): Drop declaration.
(fhandler_cygdrive::get_dev): Implement inline.
(fhandler_windows::get_hwnd): Ditto.
(fhandler_windows::set_close_on_exec): Drop declaration.
(fhandler_windows::fixup_after_fork): Ditto.
* fhandler_dev.cc (fhandler_dev::open): Call fhandler_disk_file::open
without O_CREAT flag. Explain why. Create \Device\Null handle if
/dev/ doesn't actually exist.
(fhandler_dev::close): Drop nohandle case.
(fhandler_dev::fstatvfs): Drop nohandle check. Test for fs_got_fs
instead. Set ST_RDONLY fs flag for simulated /dev.
(fhandler_dev::opendir): If /dev doesn't exist, call open() to create
fake \Device\Null handle. Don't set nohandle. Set dir_exists
correctly.
(fhandler_dev::rewinddir): Call fhandler_disk_file::rewinddir only if
/dev is a real directory.
* fhandler_disk_file.cc (fhandler_disk_file::opendir): If called for
the cygdrive dir, call open() to create fake \Device\Null handle.
Only attach __DIR_mounts buffer to dir if not called for cygdrive dir.
Don't set nohandle.
(fhandler_cygdrive::open): Create \Device\Null handle.
(fhandler_cygdrive::close): Remove.
(fhandler_cygdrive::fstatvfs): Set ST_RDONLY fs flag.
* fhandler_windows.cc (fhandler_windows::open): Create \Device\Null
handle.
(fhandler_windows::read): Don't add io_handle to WFMO handle array.
Change subsequent test for return value accordingly. Fix test for
"message arrived".
(fhandler_windows::set_close_on_exec): Remove.
(fhandler_windows::fixup_after_fork): Remove.
* path.h (path_conv::set_path): Make sure wide_path is NULL when
setting a new path.
* select.cc (peek_windows): Use correct hWnd value, not io_handle.
(fhandler_windows::select_read): Don't use io_handle as wait object.
(fhandler_windows::select_write): Ditto.
(fhandler_windows::select_except): Ditto.
* devices.cc: Regenerate.
* dtable.h (struct dtable): Make fhandler_base friend, rather
than fhandler_disk_file.
* fhandler.cc (fhandler_base::open_with_arch): Create unique id.
(fhandler_base::cleanup): Call del_my_locks.
(fhandler_base::fcntl): Handle F_GETLK, F_SETLK and F_SETLKW.
* fhandler.h (fhandler_base::get_dev): Return real device number.
(fhandler_base::set_unique_id): New inline method.
(fhandler_disk_file::lock): Drop declaration.
(fhandler_disk_file::get_dev): New method, return pc.fs_serial_number.
(fhandler_dev_zero::open): Drop declaration.
* fhandler_disk_file.cc (fhandler_disk_file::close): Move
del_my_locks call to fhandler_base::open_with_arch.
(fhandler_disk_file::fcntl): Move handling of locking commands to
fhandler_base::fcntl.
(fhandler_base::open_fs): Drop call to NtAllocateLocallyUniqueId.
* fhandler_zero.cc (fhandler_dev_zero::open): Remove so that default
fhandler_base::open is used to open \Device\Null.
* flock.cc (fixup_lockf_after_exec): Finding a single fhandler is
enough here.
(fhandler_base::lock): Replace fhandler_disk_file::lock. Refuse to lock
nohandle devices. Handle read/write test using POSIX flags. Explain
why. Never fail on SEEK_CUR or SEEK_END, rather assume position 0,
just as Linux.
* net.cc (fdsock): Create unique id.
Windows 9x compatibility.
* fhandler_disk_file.cc (fhandler_base::fstat_helper): Drop now unneeded
casts in calls to_timestruc_t.
(fhandler_base::utimens_fs): Ditto for timespec_to_filetime.
* fhandler_proc.cc (format_proc_stat): Ditto for to_time_t.
* hires.h (class hires_ms): Remove unused member initime_ns.
Remove declarations for timeGetTime_ns and prime.
(hires_ms::uptime): Remove.
* posix_ipc.cc (ipc_cond_timedwait): Ditto for timespec_to_filetime.
* fhandler_registry.cc (fhandler_registry::fstat): Add cast.
* resource.cc (fill_rusage): Call NtQueryInformationProcess rather than
GetProcessTimes to deal with LARGE_INTEGER rather than FILETIME.
* times.cc: Simplify time handling. Throughout, use LARGE_INTEGER
rather than FILETIME to simplify computations. Throughout use
{u}int64_t rather than {unsigned} long long. Drop unneeded casts since
NSPERSEC is 64 bit anyway.
(systime_ns): Remove.
(times): Call NtQuerySystemInformation to fetch boot time. Call
NtQueryInformationProcess rather than GetProcessTimes to deal with
LARGE_INTEGER rather than FILETIME. Call GetSystemTimeAsFileTime.
(totimeval): Use constant 1000000 as in other functions.
(time_t_to_filetime): Remove.
(to_time_t): Change return type to time_t.
(time_as_timestruc_t): Rename filetime to systime.
(time): Ditto. Add cast.
(hires_ns::nsecs): Fix return type cast.
(hires_ms::timeGetTime_ns): Remove.
(hires_ns::prime): Remove.
(hires_ms::nsecs): Drop call to prime. Call GetSystemTimeAsFileTime
directly. Subtract FACTOR here since it's the only function needing
to do so.
(minperiod): Cosmetically change to ULONG.
(hires_ns::resolution): Fix return type cast.
(hires_ms::resolution): Simplify, rely on NtQueryTimerResolution.
* winsup.h: Align time related prototypes to above changes.
code if mandatory locking is used on this descriptor. Explain why.
(fhandler_disk_file::pwrite): Ditto.
* posix.sgml (std-notes): Extend description of file locking.
Corinna Vinschen
Joe_Lowe
Christian Franke
Peter Foley
Ken Brown