* cygheap.h (cygheap_domain_info::add_domain): Add prototype.
* uinfo.cc (cygheap_domain_info::add_domain): New method.
(pwdgrp::fetch_account_from_windows): Try to add domain explicitely
if it was not in the original list of trusted domains and go ahead
rather than bailing out. Add comment to explain why.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
case owner SID == group SID.
(getacl): Reverse order of SID test against group or owner sid to
prefer owner attributes over group attributes. Disable setting group
permissions equivalent to owner permissions if owner == group. Add
comment to explain why. Fix indentation.
* security.cc (get_attribute_from_acl): Change type of local variables
containing permission to mode_t. Apply deny mask to group if group SID
== owner SID to avoid Everyone permissions to spill over into group
permissions. Disable setting group permissions equivalent to owner
permissions if owner == group. Add comment to explain why.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Allow user SID as
group account if user is a "Microsoft Account". Explain why. Drop
workaround enforcing primary group "Users" for "Microsoft Accounts".
(class cyg_ldap): Remove members srch_msg and srch_entry.
(cyg_ldap::get_string_attribute): Remove private method taking index
argument.
(cyg_ldap::get_num_attribute): Ditto. Add method taking attribute name.
(cyg_ldap::get_primary_gid): Adjust to aforementioned change.
(cyg_ldap::get_unix_uid): Ditto.
(cyg_ldap::get_unix_gid): Ditto.
* ldap.cc: Throughout, use msg and entry in place of srch_msg and
srch_entry.
(std_user_attr): Add sAMAccountName and objectSid.
(group_attr): Ditto.
(cyg_ldap::close): Drop handling of srch_msg and srch_entry.
(cyg_ldap::get_string_attribute): Move earlier in file.
(cyg_ldap::get_num_attribute): Ditto.
(cyg_ldap::enumerate_ad_accounts): Add comments for clarity.
Use group_attr or user_attr rather than sid_attr to fetch all desired
attributes for an account right away.
(cyg_ldap::next_account): Store found SID in last_fetched_sid to
skip calls to fetch_ad_account from fetch_account_from_windows.
(cyg_ldap::get_string_attribute): Remove method taking index argument.
(cyg_ldap::get_num_attribute): Ditto.
* pwdgrp.h (class pg_ent): Fix formatting. Add member dom.
* passwd.cc (pg_ent::enumerate_ad): Store current flat domain name
in dom. Construct fetch_acc_t argument from LDAP attributes and
call fetch_account_from_windows with that.
* userinfo.h (enum fetch_user_arg_type_t): Rename FULL_grp_arg to
FULL_acc_arg. Change throughout.
(struct fetch_acc_t): Rename from fetch_full_grp_t. Change throughout.
(struct fetch_user_arg_t): Rename full_grp to full_acc. Change
throughout.
* cygserver_pwdgrp.h: Include userinfo.h. Drop workaround defining
fetch_user_arg_type_t locally.
* grp.cc (internal_getgrsid_cachedonly): New function.
(internal_getgrfull): Ditto.
(internal_getgroups): Rearrange function. Center around fetching all
cached group info first, calling LsaLookupSids on all so far non-cached
groups second. Pass all available info to new internal_getgrfull call.
* pwdgrp.h: Include userinfo.h. Move definitions of
fetch_user_arg_type_t and fetch_user_arg_t there.
(pwdgrp::add_group_from_windows): Declare with getting full group info.
Called from internal_getgrfull.
* uinfo.cc (pwdgrp::add_group_from_windows): Define.
(pwdgrp::fetch_account_from_line): Add default case.
(pwdgrp::fetch_account_from_file): Ditto.
(pwdgrp::fetch_account_from_windows): Handle FULL_grp_arg.
(client_request_pwdgrp::client_request_pwdgrp): Add default case.
* userinfo.h: New header.
(enum fetch_user_arg_type_t): Add FULL_grp_arg.
(struct fetch_full_grp_t): New datatype.
declaration in ldap-related method.
(cygheap_pwdgrp::get_shell): Ditto.
(cygheap_pwdgrp::get_gecos): Ditto.
* ldap.cc (cyg_ldap::open): Use NO_ERROR instead of 0.
(cyg_ldap::close): Reset last_fetched_sid.
(cyg_ldap::fetch_ad_account): Return immediately if sid is the same as
last_fetched_sid. Open LDAP connection from here. Move initialization
of rdse after open call. Set last_fetched_sid if LDAP call was
successful.
* ldap.h (class cyg_ldap): Add member last_fetched_sid.
(cyg_ldap::cyg_ldap): Initialize last_fetched_sid.
(cyg_ldap::is_open): New inline method.
* uinfo.cc (cygheap_pwdgrp::init): Drop initialization of db_home,
db_shell and db_gecos with "cygwin desc", thus only using the fallback
by default.
(fetch_windows_home): Add parameter dnsdomain. Call
cyg_ldap::fetch_ad_account if required.
(fetch_from_path): Add parameter dnsdomain. Call fetch_windows_home
accordingly.
(cygheap_pwdgrp::get_home): Accomodate call to fetch_windows_home.
Add dnsdomain parameter in ldap-related method. Call
cyg_ldap::fetch_ad_account if required.
(cygheap_pwdgrp::get_shell): Ditto.
(cygheap_pwdgrp::get_gecos): Ditto.
(pwdgrp::fetch_account_from_windows): Drop cyg_ldap::open call prior to
cyg_ldap::fetch_ad_account call. Set is_current_user to true if we're
handling the current user account. Make sure to perform the LDAP calls
only for users, and only if required.
2014-11-17, always prepending domain to NT SERVICE accounts when
searching by name. Fix test expression to allow fully qualified
names for NT SERVICE accounts. Extend comment to explain a bit.
(cygheap_pwdgrp::get_gecos): Ditto.
* uinfo.cc (fetch_windows_home): Accept cyg_ldap and PUSER_INFO_3
arguments, and fetch db home dir values right here.
(fetch_from_path): Accept cyg_ldap, PUSER_INFO_3 pointers and sid
arguments. Add '%H' format specifier to fetch Windows home dir in
POSIX notation.
(cygheap_pwdgrp::get_home): Accommodate changes to fetch_windows_home
and fetch_from_path.
(cygheap_pwdgrp::get_shell): Ditto.
(cygheap_pwdgrp::get_gecos): Ditto.
(pwdgrp::fetch_account_from_windows): Accommodate sid argument to
cygheap_pwdgrp::get_shell and cygheap_pwdgrp::get_gecos.
home directory. Include longish comment to explain what we're doing.
(cygheap_pwdgrp::get_home): Take additional sid parameter. In
NSS_SCHEME_WINDOWS case, call fetch_windows_home to create home
directory.
(pwdgrp::fetch_account_from_windows): Call cygheap_pwdgrp::get_home
with additional sid argument.
* cygheap.h (cygheap_pwdgrp::get_home): Align declaration to above
change.
(LoadUserProfileW): Import.
* registry.cc (get_registry_hive_path): Move to sec_auth.cc.
(load_registry_hive): Remove.
* registry.h (get_registry_hive_path): Drop declaration.
(load_registry_hive): Ditto.
* sec_auth.cc (get_user_profile_directory): Moved from registry.cc and
renamed. Take third parameter with buffer length.
(load_user_profile): New function taking over for load_registry_hive.
Use official functions to load profile. If profile is missing, create
it on Vista and later.
* security.h (get_user_profile_directory): Declare.
(load_user_profile): Declare.
* syscalls.cc (seteuid32): Replace call to load_registry_hive with call
to load_user_profile.
* uinfo.cc (cygheap_user::env_userprofile): Replace call to
get_registry_hive_path with call to get_user_profile_directory.
initialize mount table in two steps, system and user, depending on
bool value.
* mount.h (class mount_info): Align declaration of init function to
above change.
* shared.cc (user_info::initialize): Initialize mount table in two
steps to allow internal_getpwsid to create valid POSIX paths from
DOS paths given in AD. Add comments.
* uinfo.cc (cygheap_pwdgrp::get_home): Allow DOS paths in
NSS_SCHEME_FREEATTR attributes.
(cygheap_pwdgrp::get_shell): Ditto.
(install-ldif): New target to install cygwin.ldif.
* cygheap.h (class cygheap_pwdgrp): Rename pfx_t to nss_pfx_t. Add
PFX to enum value. Add nss_scheme_method enum and nss_scheme_t
structure. Add home_scheme, shell_scheme and gecos_scheme members.
(NSS_SCHEME_MAX): Define.
(cygheap_pwdgrp::get_home): Declare.
(cygheap_pwdgrp::get_shell): Declare.
(cygheap_pwdgrp::get_gecos): Declare.
* cygwin.ldif: New file.
* ldap.cc (std_user_attr): New array, just defining the standard
attributes.
(group_attr): Add cygwinUnixGid.
(user_attr): Convert to macro pointing to cygheap->pg.ldap_user_attr.
(cygheap_pwdgrp::init_ldap_user_attr): New method.
(cyg_ldap::fetch_ad_account): Call cygheap_pwdgrp::init_ldap_user_attr
if user_attr initialization is required. Fix comment.
(cyg_ldap::get_string_attribute): Implement taking attribute name
as argument.
* ldap.h: Drop unused macros.
(cyg_ldap::get_gecos): Remove.
(cyg_ldap::get_home): Remove.
(cyg_ldap::get_shell): Remove.
(cyg_ldap::get_string_attribute): Declare name argument variant public.
* uinfo.cc (cygheap_user::ontherange): Fix indentation.
(cygheap_pwdgrp::init): Initialize new home_scheme, shell_scheme and
gecos_scheme members. Align comment.
(NSS_NCMP): Define comparison macro.
(NSS_CMP): Ditto.
(cygheap_pwdgrp::nss_init_line): Use aforementioned macros throughout.
Fix comment handling. Add db_home, db_shell and db_gecos handling.
(fetch_from_description): New function to fetch XML-style attributes
from (description) string.
(fetch_from_path): New function to evaluate path string with wildcards.
(cygheap_pwdgrp::get_home): New methods to fetch pw_dir value.
(cygheap_pwdgrp::get_shell): Ditto for pw_shell.
(cygheap_pwdgrp::get_gecos): Ditto for pw_gecos.
(colon_to_semicolon): Move up.
(pwdgrp::fetch_account_from_windows): Convert home, shell, gecos
variables to char*. Drop statement breaking extended group info.
Fetch home, shell and gecos values using new methods. Use
fetch_from_description calls to fetch UNIX id and primary groups from
SAM comment field. Accommodate uxid being a char* now. Accommodate
the fact that extended info is malloc'ed, rather then alloca'ed.
Create linebuf content as multibyte string. Create line buffer by
just calling cstrdup.
NT SERVICE accounts by name. Always prepend domain to NT SERVICE
accounts. Add U-domain\username string to pw_gecos for predefined
builtin accounts as well.
(init_cygheap::init_installation_root): Set installation_dir_len.
(setup_cygheap): Drop call to set_dll_dir.
* cygheap.h (struct init_cygheap): Add installation_dir_len member.
(init_cygheap::set_dll_dir): Remove.
* environ.cc (win_env::add_cache): Use stpcpy for speed.
(posify_maybe): Use tmp_pathbuf buffer instead of stack.
(raise_envblock): New function to resize Windows environment block.
(build_env): Fix indentation. Call raise_envblock function. Check if
$PATH exists and is non-empty. If not, add PATH variable with Cygwin
installation directory as content to Windows environment. Explain why.
* uinfo.cc (cygheap_pwdgrp::_nss_init): Fill UNICODE_STRING members
on the fly. Drop call to RtlInitUnicodeString.
(pwdgrp::check_file): Ditto.
style.
(cygheap_pwdgrp::nss_init_line): Disable db_prefix and db_separator
settings. Add comment.
(pwdgrp::fetch_account_from_windows): Drop outdated comment. Fix code
fetching primary group gid of group setting in SAM description field.
Change comment accordingly.
handler.
* cygtls.cc (_cygtls::remove): Accommodate the fact that pathbufs
has been moved from _local_storage to _cygtls.
* cygtls.h (class tls_pathbuf): Add comment to hint to gendef usage
of counters. Change type of counters to uint32_t for clarity.
Remove _cygtls as friend class.
(struct _local_storage): Move pathbufs from here...
(struct _cygtls): ...to here, allowing to access it from _sigbe.
(class san): Only define on 32 bit. Remove errno, _c_cnt and _w_cnt
members.
(san::setup): Drop parameter. Don't initialize removed members.
(san::leave): Don't set removed members.
(class myfault): Only define on 32 bit.
(myfault::faulted): Only keep implementation not taking any parameter.
Drop argument in call to sebastian.setup.
(__try/__leave/__except/__endtry): Implement to support real SEH. For
now stick to SJLJ on 32 bit.
* dcrt0.cc (dll_crt0_0): Drop 64 bit call to
exception::install_myfault_handler.
* exception.h (exception_handler): Define with EXCEPTION_DISPOSITION
as return type.
(PDISPATCHER_CONTEXT): Define as void * on 32 bit. Define as pointer
to _DISPATCHER_CONTEXT on 64 bit.
(class exception): Define separately for 32 and 64 bit.
(exception::myfault): Add handler for myfault SEH handling on 64 bit.
(exception::exception): Fix mangled method name to account for change
in type of last parameter.
(exception::install_myfault_handler): Remove.
* exceptions.cc (exception::myfault_handle): Remove.
(exception::myfault): New SEH handler for 64 bit.
* gendef (_sigbe): Set tls_pathbuf counters to 0 explicitely when
returning to the caller.
* ntdll.h: Move a comment to a better place.
(struct _SCOPE_TABLE): Define on 64 bit.
* thread.cc (verifyable_object_isvalid): Remove gcc 4.7 workaround.
* tls_pbuf.cc (tls_pbuf): Fix to accommodate new place of pathbufs.
(tls_pathbuf::destroy): Change type of loop variables to uint32_t.
* tls_pbuf.h (class tmp_pathbuf): Change type of buffer counters to
uint32_t. Accommodate new place of pathbufs.
* tlsoffsets.h: Regenerate.
* tlsoffsets64.h: Regenerate.
as naming style. Drop enum name_style_t, use a boolean
"fully_qualified_name" value instead. Rework function to drop
"plus_prepended" handling througout and default to "name only" style
as replacement.
* ldap.cc (cyg_ldap::fetch_posix_offset_for_domain): Return UINT32_MAX
in case of error.
* security.h (PRIMARY_POSIX_OFFSET): Define.
(NOACCESS_POSIX_OFFSET): Define.
(UNUSABLE_POSIX_OFFSET): Define.
* uinfo.cc (cygheap_domain_info::init): Drop initializing
lowest_tdo_posix_offset.
(pwdgrp::fetch_account_from_file): Set PosixOffset to either
UNUSABLE_POSIX_OFFSET or NOACCESS_POSIX_OFFSET in case we don't get a
sensible offset from AD. Explain why. Drop setting ch
lowest_tdo_posix_offset.
(pwdgrp::fetch_account_from_windows): Replace constant 0x100000 with
PRIMARY_POSIX_OFFSET throughout.
lowest_tdo_posix_offset to UNIX_POSIX_OFFSET.
(fetch_posix_offset): Redesign to fake a POSIX offset in all cases
where we can't fetch a non-0 POSIX offset from our primary domain.
(LdapMapErrorToWin32): Import.
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Accommodate
change to cyg_ldap::open.
* ldap.cc (CYG_LDAP_TIMEOUT): Remove.
(CYG_LDAP_ENUM_TIMEOUT): Remove.
(def_tv): Remove.
(enum_tv): Remove.
(cyg_ldap::map_ldaperr_to_errno): New method to map LDAP error codes to
POSIX errno codes. Explicitly map LDAP_NO_RESULTS_RETURNED to ENMFILE.
(cyg_ldap::wait): Ditto.
(struct cyg_ldap_init): New struct.
(cyg_ldap::connect_ssl): Return ULONG. Drop setting LDAP_OPT_TIMELIMIT.
Add call to ldap_search_sW to fetch root DSE.
(cyg_ldap::connect_non_ssl): Ditto.
(ldap_init_thr): New static thread function.
(cyg_ldap::connect): New method to call connect_ssl/connect_non_ssl in
an interruptible cygthread.
(struct cyg_ldap_search): New struct.
(cyg_ldap::search_s): New method to perform generic synchronous search.
(ldap_search_thr): New static thread function.
(cyg_ldap::search): New method to call search_s in an interruptible
cygthread.
(struct cyg_ldap_next_page): New struct.
(cyg_ldap::next_page_s): New method to perform generic synchronous
paged search.
(ldap_next_page_thr): New static thread function.
(cyg_ldap::next_page): New method to call next_page_s in an
interruptible cygthread.
(cyg_ldap::open): Return POSIX errno. Call connect method.
(cyg_ldap::fetch_ad_account): Call search method rather than
ldap_search_stW.
(cyg_ldap::enumerate_ad_accounts): Return POSIX errno. Use infinite
timeout in call to ldap_search_init_pageW.
(cyg_ldap::next_account): Return POSIX errno. Call next_page method
rather than ldap_get_next_page_s.
(cyg_ldap::fetch_posix_offset_for_domain): Call search method rather
than ldap_search_stW.
(cyg_ldap::fetch_unix_sid_from_ad): Ditto.
(cyg_ldap::fetch_unix_name_from_rfc2307): Ditto.
* ldap.h (class cyg_ldap): Accommodate aforementioned changes.
* passwd.cc (pg_ent::enumerate_ad): Ditto. Break search if one of
cyg_ldap::enumerate_ad_accounts or cldap.next_account returns with
an error code other than ENMFILE.
* sec_helper.cc (cygpsid::get_id): Accommodate change to cyg_ldap::open.
* uinfo.cc (fetch_posix_offset): Ditto.
for now. Use throughout.
* uinfo.cc (colon_to_semicolon): New local function.
(pwdgrp::fetch_account_from_windows): Convert all colons in AD gecos
entry to commas.
parameter. Convert into likely rootDSE string if not NULL, and use in
subsequent call to ldap_search_stW. Add comment to explain that this
is not the exactly correct solution.
* ldap.h (cyg_ldap::fetch_ad_account): Change prototype accordingly.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Always use loc_ldap
in call to fetch_posix_offset to make sure we're fetchoinmg the posix
offsets from *our* domain controller. Only set domain variable to
non-NULL if the account is from a trusted domain. Use domain in call
to cyg_ldap::fetch_ad_account.
non-builtin accounts.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Check incoming
account name for validity in terms of the current name prefixing rules
and refuse invalid names.
* sec_helper.cc (cygpsid::pstring): Use sid_sub_auth_count macro.
(cygsid::get_sid): Use MAX_SUBAUTH_CNT rather than wrong constant 8.
Don't call memcpy to copy subauthorities into SID, use assignment.
(cygsid::getfromstr): Use MAX_SUBAUTH_CNT rather than wrong constant 8.
* security.h (MAX_SUBAUTH_CNT): New definition. Set to 11 to cover
Microsoft Accounts.
(MAX_SID_LEN): Define in terms of SID member sizes and MAX_SUBAUTH_CNT.
(DBGSID): Use MAX_SUBAUTH_CNT to define size of SubAuthority array.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Handle Micosoft
Accounts. Handle them as well known group. Compare domain names
case-insensitive.
* winlean.h (PIPE_REJECT_REMOTE_CLIENTS): Drop temporary definition
since Mingw64 catched up.
(DNLEN): Redefine as 16. Explain why.
* ldap.h (LDAP_USER_NAME_ATTR): Remove. Change other attribute index
values as required.
(cyg_ldap::get_user_name): Remove inline function.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Remove code to handle
Cygwin username different from Windows username.
(pwdgrp::add_account_from_cygserver): Remove unnecessary cast.
grp_builtins to array of cygpsid pointers. Replace SID strings with
pointers to well known SIDs.
* sec_helper.cc (well_known_local_service_sid): Define.
(well_known_network_service_sid): Define.
(trusted_installer_sid): Define.
* security.h (well_known_local_service_sid): Declare.
(well_known_network_service_sid): Declare.
(trusted_installer_sid): Declare.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Throughout set acc_type
to SidTypeUnknown if LookupAccountXXX function failed. Create
simplified passwd entry for non-user accounts, except for LocalSystem.
Add comment.
than PSID.
(cygheap_user::saved_sid): Ditto.
(cygheap_pwdgrp::cache_t): New type.
(cygheap_pwdgrp::caching): Convert to cache_t.
(cygheap_pwdgrp::nss_db_caching): Change accordingly.
(cygheap_pwdgrp::nss_db_full_caching): New inline method.
* grp.cc (internal_getgroups): Reinvent. Take cyg_ldap pointer as
third parameter and use throughout.
(getgroups32): Call internal_getgroups.
* pwdgrp.h (internal_getgroups): Declare.
* uinfo.cc (internal_getlogin): Partial rewrite to accommodate having
no connection to the DC. Give primary group from user token more
weight. Generate group entries for all groups in the user token if
caching is set to NSS_FULL_CACHING.
(cygheap_pwdgrp::init): Initialize caching to NSS_FULL_CACHING.
(cygheap_pwdgrp::nss_init_line): Handle "db_cache: full".
(pwdgrp::add_account_from_windows): Fix group handling in non-caching
mode.
(pwdgrp::fetch_account_from_windows): Default primary group for the
current user to primary group from user token. Check for primary
domain first after LookupAccountSid failed.
* external.cc (cygwin_internal): Call get_uid/get_gid instead of get_id.
* grp.cc (internal_getgrsid): Take additional cyg_ldap pointer.
Forward to pwdgrp::add_group_from_windows.
(internal_getgrnam): Ditto.
(internal_getgrgid): Ditto.
(gr_ent::enumerate_local): Drop ugid_caching bool from call to
pwdgrp::fetch_account_from_windows.
(getgroups32): Rename from internal_getgroups and drop getgroups32 stub.
Drop srchsid parameter and code handling it. Add local cyg_ldap
instance and forward to internal_getgrXXX.
(getgroups): Call getgroups32.
(get_groups): Add local cyg_ldap instance and forward to
internal_getgrXXX.
(getgrouplist): Ditto.
(setgroups32): Ditto.
* ldap.cc (cyg_ldap::open): Don't call close. Return true if connection
is already open.
(cyg_ldap::remap_uid): Forward this to internal_getpwsid.
(cyg_ldap::remap_gid): Forward this to internal_getgrsid.
* passwd.cc (internal_getpwsid): Take additional cyg_ldap pointer.
Forward to pwdgrp::add_user_from_windows.
(internal_getpwnam): Ditto.
(internal_getpwuid): Ditto.
(pg_ent::enumerate_builtin): Drop ugid_caching bool from call to
pwdgrp::fetch_account_from_windows.
(pg_ent::enumerate_sam): Ditto.
(pg_ent::enumerate_ad): Ditto. Forward local cldap instead.
* pwdgrp.h (internal_getpwsid): Align declaration to above change.
(internal_getpwnam): Ditto.
(internal_getpwuid): Ditto.
(internal_getgrsid): Ditto.
(internal_getgrgid): Ditto.
(internal_getgrnam): Ditto.
(internal_getgroups): Drop declaration.
(pwdgrp::add_account_from_windows): Align declaration to below change.
(pwdgrp::add_user_from_windows): Ditto.
(pwdgrp::add_group_from_windows): Ditto.
* sec_acl.cc (setacl): Add local cyg_ldap instance and forward to
internal_getpwuid and internal_getgrgid.
(getacl): Add local cyg_ldap instance and forward to cygpsid::get_id.
(aclfromtext32): Add local cyg_ldap instance and forward to
internal_getpwnam and internal_getgrnam.
* sec_helper.cc (cygpsid::get_id): Take additional cyg_ldap pointer.
Forward to internal_getgrsid and internal_getpwsid.
(get_sids_info): Drop ldap_open. Forward local cldap to
internal_getpwsid and internal_getgrXXX. Call CheckTokenMembership
rather than internal_getgroups.
* security.h (cygpsid::get_id): Add cyg_ldap pointer, drop default
parameter.
(cygpsid::get_uid): Add cyg_ldap pointer. Call get_id accordingly.
(cygpsid::get_gid): Ditto.
* uinfo.cc (internal_getlogin): Add local cyg_ldap instance and forward
to internal_getpwXXX and internal_getgrXXX calls.
(pwdgrp::add_account_from_windows): Take additional cyg_ldap pointer.
Forward to pwdgrp::fetch_account_from_windows.
(fetch_posix_offset): Drop ldap_open argument and handling. Get
cyg_ldap instance as pointer.
(pwdgrp::fetch_account_from_windows): Take additional cyg_ldap pointer.
Use it if it's not NULL, local instance otherwise. Drop ldap_open.
Drop fetching extended group arguments from AD for speed.
to declaration, set to true by default.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Add bool parameter
"ugid_caching". Only add account to ugid_cache if set to true.
* grp.cc (gr_ent::enumerate_local): Call fetch_account_from_windows
with ugid_caching parameter set to false.
* passwd.cc (pg_ent::enumerate_builtin): Ditto.
(pg_ent::enumerate_sam): Ditto.
(pg_ent::enumerate_ad): Ditto.
(ldap_result): Import.
(ldap_searchW): Import.
(NetGroupEnum): Import.
(NetLocalGroupEnum): Import.
(NetUserEnum): Import.
* cygheap.h (class cygheap_pwdgrp): Add members enums and enum_tdoms.
(cygheap_pwdgrp::nss_db_enums): New inline method.
(cygheap_pwdgrp::nss_db_enum_tdoms): Ditto.
* cygtls.h (struct _local_storage): Drop unused members pw_pos and
grp_pos.
* grp.cc (grent): New static variable of class gr_ent.
(gr_ent::enumerate_caches): New method.
(gr_ent::enumerate_local): New method.
(gr_ent::getgrent): New method.
(setgrent): Call gr_ent method.
(getgrent32): Ditto.
(endgrent): Ditto.
* ldap.cc (sid_attr): Rename from nfs_attr.
(cyg_ldap::close): Abandon still running asynchronous search.
(cyg_ldap::fetch_ad_account): Reduce filter buffer size.
(cyg_ldap::enumerate_ad_accounts): New method.
(cyg_ldap::next_account): New method.
(cyg_ldap::fetch_posix_offset_for_domain): Reduce filter buffer size.
(cyg_ldap::fetch_unix_sid_from_ad): Ditto. Fix return value in case
no value has been read.
(cyg_ldap::fetch_unix_name_from_rfc2307): Reduce filter buffer size.
* ldap.h (class cyg_ldap): Add msg_id member.
(cyg_ldap::enumerate_ad_accounts): Declare.
(cyg_ldap::next_account): Declare:
* passwd.cc (pwent): New static variable of class pw_ent.
(pg_ent::clear_cache): New method.
(pg_ent::setent): New method.
(pg_ent::getent): New method.
(pg_ent::endent): New method.
(pg_ent::enumerate_file): New method.
(pg_ent::enumerate_builtin): New method.
(pg_ent::enumerate_sam): New method.
(pg_ent::enumerate_ad): New method.
(pw_ent::enumerate_caches): New method.
(pw_ent::enumerate_local): New method.
(pw_ent::getpwent): New method.
(setpwent): Call pw_ent method.
(getpwent): Ditto.
(endpwent): Ditto.
* pwdgrp.h (class pwdgrp): Define pg_ent, pw_ent and gr_ent as friend
classes.
(pwdgrp::add_account_post_fetch): Declare with extra bool parameter.
(pwdgrp::file_attr): New inline method.
(enum nss_enum_t): Define.
(class pg_ent): Define.
(class pw_ent): Define.
(class gr_ent): Define.
* tlsoffsets.h: Regenerate.
* tlsoffsets64.h: Ditto.
* uinfo.cc (cygheap_pwdgrp::init): Initialize enums and enum_tdoms.
(cygheap_pwdgrp::nss_init_line): Fix typo in preceeding comment.
Handle new "db_enum" keyword.
(pwdgrp::add_account_post_fetch): Take additional `bool lock' parameter
and acquire pglock before adding element to array if lock is true.
(pwdgrp::add_account_from_file): Call add_account_post_fetch with lock
set to true.
(pwdgrp::add_account_from_windows): Ditto in case of caching.
(pwdgrp::fetch_account_from_windows): Handle builtin aliases only
known to the domain controller. Only call NetLocalGroupGetInfo for
aliases.
has no dot, it's a Netbios name. Change the search filter expression
accordingly and filter by flatName. Add comment.
* uinfo.cc (cygheap_domain_info::init): Gracefully handle NULL
DnsDomainName and DomainSid members in DS_DOMAIN_TRUSTSW strutures.
Add comment. Fix comment preceeding fetching the mapping server
from registry.
(pwdgrp::fetch_account_from_file): Convert str to a local array.
(fetch_posix_offset): New static function.
(pwdgrp::fetch_account_from_windows): Add debug output in case
LookupAccountSidW fails. Simplify code by calling fetch_posix_offset
where appropriate. If LookupAccountSidW fails, check if the SID is
one of the known trusted domains. If so, create a more informative
account entry.
* miscfuncs.cc (NT_readline::init): It's a really bad idea trying to
print a pointer to a PUNICODE_STRING as PUNICODE_STRING. Fix it.
* uinfo.cc (cygheap_domain_info::init): Print status codes as hex
values in debug output.
* cygheap.h (class cygheap_ugid_cache): Move ugid_cache_t type here
and rename.
(struct init_cygheap): Add cygheap_ugid_cache member "ugid_cache".
* pwdgrp.h (class ugid_cache_t): Remove here.
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Accommodate
move of ugid_cache to cygheap.
* sec_helper.cc (get_sids_info): Ditto.
* uinfo.cc (ugid_cache): Remove.
(pwdgrp::fetch_account_from_windows): Define id_val globally.
Move SidTypeAlias handling into SidTypeUser/SidTypeGroup branch since
aliases are handled like groups in SAM. Accommodate move of ugid_cache
to cygheap. Consolidate code reading SAM comments into a single branch
for both, SidTypeUser and SidTypeAlias. For SidTypeAlias, fix thinko
and call NetLocalGroupGetInfo rather than NetGroupGetInfo. Simplify
code setting Cygwin primary group for SAM accounts. Add code to handle
UNIX uid/gid from SAM comment.
/etc/nsswitch.conf file to configure it.
* Makefile.in (DLL_OFILES): Add ldap.o.
* autoload.cc: Import ldap functions from wldap32.dll.
(DsEnumerateDomainTrustsW): Import.
(NetGroupGetInfo): Import.
* cygheap.h (class cygheap_domain_info): New class to keep global
domain info.
(class cygheap_pwdgrp): New class to keep passwd/group caches and
configuration info from /etc/nssswitch.conf.
(struct init_cygheap): Add cygheap_domain_info member "dom" and
cygheap_pwdgrp member "pg".
* cygtls.h (struct _local_storage): Remove unused member "res".
Rearrange slightly, Add members pwbuf and grbuf to implement non-caching
passwd/group fetching from SAM/AD. Make pw_pos and pw_pos unsigned.
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Add RFC 2307
uid/gid mapping.
* fhandler_process.cc: Drop including pwdgrp.h.
* fhandler_procsysvipc.cc: Ditto.
* fhandler_registry.cc (fhandler_registry::fstat): Set key uid/gid
to ILLEGAL_UID/ILLEGAL_GID rather than UNKNOWN_UID/UNKNOWN_GID.
* grp.cc (group_buf): Drop.
(gr): Drop.
(pwdgrp::parse_group): Fill pg_grp.
(pwdgrp::read_group): Remove.
(pwdgrp::init_grp): New method.
(pwdgrp::prep_tls_grbuf): New method.
(pwdgrp::find_group): New methods.
(internal_getgrsid): Convert to call new pwdgrp methods.
(internal_getgrnam): Ditto.
(internal_getgrgid): Ditto.
(getgrgid_r): Drop 2nd parameter from internal_getgrgid call.
(getgrgid32): Ditto.
(getgrnam_r): Ditto for internal_getgrnam.
(getgrnam32): Ditto.
(getgrent32): Convert to call new pwdgrp methods.
(internal_getgrent): Remove.
(internal_getgroups): Simplify, especially drop calls to
internal_getgrent.
* ldap.cc: New file implementing cyg_ldap class for LDAP access to AD
and RFC 2307 server.
* ldap.h: New header, declaring cyg_ldap class.
* passwd.cc (passwd_buf): Drop.
(pr): Drop.
(pwdgrp::parse_passwd): Fill pg_pwd.
(pwdgrp::read_passwd): Remove.
(pwdgrp::init_pwd): New method.
(pwdgrp::prep_tls_pwbuf): New method.
(find_user): New methods.
(internal_getpwsid): Convert to call new pwdgrp methods.
(internal_getpwnam): Ditto.
(internal_getpwuid): Ditto.
(getpwuid32): Drop 2nd parameter from internal_getpwuid call.
(getpwuid_r): Ditto.
(getpwnam): Ditto for internal_getpwnam.
(getpwnam_r): Ditto.
(getpwent): Convert to call new pwdgrp methods.
* path.cc (class etc): Remove all methods.
* path.h (class etc): Drop.
* pinfo.cc (pinfo_basic::pinfo_basic): Set gid to ILLEGAL_GID rather
than UNKNOWN_GID.
(pinfo_init): Ditto.
* pwdgrp.h (internal_getpwnam): Drop 2nd parameter from declaration.
(internal_getpwuid): Ditto.
(internal_getgrgid): Ditto.
(internal_getgrnam): Ditto.
(internal_getgrent): Drop declaration.
(enum fetch_user_arg_type_t): New type.
(struct fetch_user_arg_t): New type.
(struct pg_pwd): New type.
(struct pg_grp): New type.
(class pwdgrp): Rework to provide functions for file and db requests
and caching.
(class ugid_cache_t): New class to provide RFC 2307 uid map caching.
(ugid_cache): Declare.
* sec_acl.cc: Drop including pwdgrp.h.
* sec_auth.cc: Drop including dsgetdc.h and pwdgrp.h.
(get_logon_server): Convert third parameter to ULONG flags argument
to allow arbitrary flags values in DsGetDcNameW call and change calls
to this function throughout. Use cached account domain name rather
than calling GetComputerNameW.
(get_unix_group_sidlist): Remove.
(get_server_groups): Drop call to get_unix_group_sidlist.
(verify_token): Rework token group check without calling
internal_getgrent.
* sec_helper.cc (cygpsid::pstring): New methods, like string() but
return pointer to end of string.
(cygsid::getfromstr): Add wide character implementation.
(get_sids_info): Add RFC 2307 uid/gid mapping for Samba shares.
* security.cc: Drop including pwdgrp.h.
* security.h (DEFAULT_UID): Remove.
(UNKNOWN_UID): Remove.
(UNKNOWN_GID): Remove.
(uinfo_init): Move here from winsup.h.
(ILLEGAL_UID): Ditto.
(ILLEGAL_GID): Ditto.
(UNIX_POSIX_OFFSET): Define. Add lengthy comment.
(UNIX_POSIX_MASK): Ditto.
(MAP_UNIX_TO_CYGWIN_ID): Ditto.
(ILLEGAL_UID16): Move here from winsup.h.
(ILLEGAL_GID16): Ditto.
(uid16touid32): Ditto.
(gid16togid32): Ditto.
(sid_id_auth): New convenience macro for SID component access.
(sid_sub_auth_count): Ditto.
(sid_sub_auth): Ditto.
(sid_sub_auth_rid): Ditto.
(cygpsid::pstring): Declare.
(cygsid::getfromstr): Declare wide character variant.
(cygsid::operator=): Ditto.
(cygsid::operator*=): Ditto.
(get_logon_server): Change declaration according to source code.
* setlsapwd.cc (setlsapwd): Drop 2nd parameter from internal_getpwnam
call.
* shared.cc (memory_init): Call cygheap->pg.init in first process.
* syscalls.cc: Drop including pwdgrp.h.
* tlsoffsets.h: Regenerate.
* tlsoffsets64.h: Ditto.
* uinfo.cc (internal_getlogin): Drop gratuitious internal_getpwuid
call. Fix debug output. Overwrite user gid in border case of a
missing passwd file while a group file exists.
(pwdgrp::add_line): Allocate memory on cygheap.
(pwdgrp::load): Remove.
(ugid_cache): Define.
(cygheap_pwdgrp::init): New method.
(cygheap_pwdgrp::nss_init_line): New method.
(cygheap_pwdgrp::_nss_init): New method.
(cygheap_domain_info::init): New method.
(logon_sid): Define.
(get_logon_sid): New function.
(pwdgrp::add_account_post_fetch): New method.
(pwdgrp::add_account_from_file): New methods.
(pwdgrp::add_account_from_windows): New methods.
(pwdgrp::check_file): New method.
(pwdgrp::fetch_account_from_line): New method.
(pwdgrp::fetch_account_from_file): New method.
(pwdgrp::fetch_account_from_windows): New method.
* winsup.h: Move aforementioned macros and declarations to security.h.
RLIMIT_STACK.
* registry.cc (get_registry_hive_path): Expect the user hive path to
be never longer than MAX_PATH. Don't prepend native NT path prefix
here. Add comment.
(load_registry_hive): Prepend native NT path prefix here. Additionally
try to load user's classes hive.
* uinfo.cc (cygheap_user::env_userprofile): Reduce size of
userprofile_env_buf to MAX_PATH. Add comment.
_localtime_buf. Remove username in favor of a global buffer. Reorder
slightly to keep the net.cc stuff together.
* globals.cc (__getlogin_username): New global char buffer.
* tlsoffsets.h: Regenerate.
* uinfo.cc (getlogin): Copy username into __getlogin_username.
from Windows environment instead. Explain why.
(cygheap_user::env_domain): Use MAX_DOMAIN_NAME_LEN rather than DNLEN
to specify the size of the domain name buffer.
* autoload.cc: Add all advapi32 entry points.
* mount.cc (mount_info::init): Read user fstab only if we have a
username.
* passwd.cc (pwdgrp::read_passwd): Only use username if we have one.
* shared.cc (user_info::initialize): Set cb last so as not to override
planned behaviour in pwdgrp::read_passwd.
* uinfo.cc (cygheap_user::init): Fetch Windows username from environment
variable $USERNAME. Don't set name in cygheap if variable is empty.
(internal_getlogin): If we still have no username, try GetUserNameW.
according to context. Throughout, replace hMainThread with
GetCurrentThread/NtCurrentThread according to context.
* dcrt0.cc (dll_crt0_0): Drop duplication of GetCurrentProcess to
hMainProc. Drop duplication of GetCurrentThread to hMainThread.
* dtable.cc (dtable::stdio_init): Remove useless comment.
* globals.cc (hMainProc): Remove.
(hMainThread): Remove.
* ntdll.h (NtCurrentProcess): Define.
(NtCurrentThread: Define.
* dtable.cc (handle_to_fn): Add check for correct installation_key
string in object name for pipes and ttys.
* external.cc (cygwin_internal): Add CW_GET_INSTKEY to allow fetching
the installation_key from cygserver.
* fhandler_fifo.cc (fhandler_fifo::fifo_name): Add installation_key
to fifo name.
* globals.cc: Include cygprops.h.
(_RDATA): Move slightly and add comment.
(cygwin_props): Define.
* mount.cc (mount_info::init): Accommodate the fact that
installation_root is now a global variable in DLL common shared memory,
rather than a member of cygwin_shared.
* pipe.cc (fhandler_pipe::create_selectable): Add installation_key to
pipe name.
* shared.cc (installation_root): Define here for storage in DLL
common shared memory.
(installation_key): Ditto.
(installation_key_buf): Ditto.
(init_installation_root): Convert from shared_info method to ordinary
function. Add initializing installation_key. Invalidate
installation_key depending of value of disable_key property. Add
comment to explain.
(get_shared_parent_dir): Add installation_key to directory name.
(get_session_parent_dir): Ditto.
(shared_info::initialize): Move call to init_installation_root from
here...
(memory_init): ...to here. Add debug output to print installation root
and installation key. Add comment to explain why.
* shared_info.h (SHARED_INFO_CB): Recalculate.
(CURR_SHARED_MAGIC): Ditto.
(class shared_info): Remove definition of installation_root and
declaration of init_installation_root.
(init_installation_root): Declare.
(installation_root): Declare.
(installation_key): Declare.
* uinfo.cc (pwdgrp::load): Accommodate the fact that installation_root
is now a global variable in DLL common shared memory.
* include/cygwin/version.h: Bump API minor number.
(CYGWIN_INFO_INSTALLATIONS_NAME): Add.
* include/sys/cygwin.h (cygwin_getinfo_types): Add CW_GET_INSTKEY.
CW_SET_EXTERNAL_TOKEN.
Add new enum CW_TOKEN_IMPERSONATION, CW_TOKEN_RESTRICTED.
* cygheap.h (cyguser): New flags ext_token_is_restricted,
curr_token_is_restricted and setuid_to_restricted.
* external.cc (cygwin_internal): Add CW_SET_EXTERNAL_TOKEN.
* sec_auth.cc (set_imp_token): New function.
(cygwin_set_impersonation_token): Call set_imp_token ().
* security.h (set_imp_token): New prototype.
* spawn.cc (spawn_guts): Use CreateProcessAsUserW if restricted token
was enabled by setuid(). Do not create new window station in this case.
* syscalls.cc (seteuid32): Add handling of restricted external tokens.
Set HANDLE_FLAG_INHERIT for primary token.
(setuid32): Set setuid_to_restricted flag.
* uinfo.cc (uinfo_init): Do not reimpersonate if restricted token was
enabled by setuid (). Initialize user.*_restricted flags.
* dtable.cc (handle_to_fn): Ditto.
* fhandler_console.cc (fhandler_console::read): Ditto.
(fhandler_console::scroll_screen): Ditto.
(dev_console::set_color): Ditto.
* fhandler_dsp.cc (fhandler_dev_dsp::write): Ditto.
(fhandler_dev_dsp::read): Ditto.
* fhandler_tape.cc (mtinfo_drive::get_status): Ditto.
* hookapi.cc (find_first_notloaded_dll): Ditto.
* mmap.cc (msync): Ditto.
* pipe.cc (pipesync::pipesync): Ditto.
* sec_acl.cc (getace): Ditto.
* sec_auth.cc (create_token): Ditto.
(lsaauth): Ditto.
* select.cc (peek_pipe): Ditto.
* spawn.cc (av::fixup): Ditto.
* syscalls.cc (popen): Ditto.
* tty.cc (tty::init_session): Ditto.
* uinfo.cc (pwdgrp::load): Ditto.
* fhandler.cc (fhandler_base::setup_overlapped): Ditto.
(fhandler_base::wait_overlapped): Rename second use of res variable to wres or
errors are not returned correctly.
* dcrt0.cc: Remove obsolete variable.
* dll_init.cc (release_upto): Fix typo involving incorrect use of '|'.
* fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Avoid a compiler
warning regarding coercing type-punned variables.
(fhandler_base::fstat_by_name): Ditto. fhandler_fifo.cc
(fhandler_fifo::open_nonserver): Fix = vs. == typo.
(fhandler_fifo::wait): Add all conditions to switch statement to avoid a
compiler warning.
* fhandler_process.cc: Avoid unneeded initialization of variables to zero.
(fhandler_socket::listen): Add braces around initializer.
* flock.cc (inode_t::get_all_locks_list): Reorganize to avoid a compiler
warning. Fix problem with EWOULDBLOCK error return.
* path.cc (GUID_shortcut): Use braces around struct initializer.
(cygwin_conv_path): Reorganize to avoid a compiler warning.
* random.cc (dummy): Mark variable as volatile to avoid a "used uninitialized"
warning.
* libc/getopt.c: Mark some variables as dllexport although gcc doesn't seem to
do the right thing with them.
* libc/minires-os-if.c (get_registry_dns_items): Coerce some function arguments
to avoid a compiler warning.
username from /etc/passwd before loading mount table.
(shared_info::init_installation_root): New function fetching Cygwin's
installation root dir and storing as native NT path in global shared
memory.
(shared_info::initialize): Call init_installation_root exactly once at
first startup.
* shared_info.h (SHARED_INFO_CB): Accommodate change to shared_info.
(CURR_SHARED_MAGIC): Ditto.
(class shared_info): Add installation_root member.
(shared_info::init_installation_root): Declare.
* grp.cc (pwdgrp::read_group): Call pwdgrp::load with native WCHAR path.
* passwd.cc (pwdgrp::read_passwd): Ditto. Avoid recursion.
(etc::init): Take POBJECT_ATTRIBUTES instead of path_conv.
* path.h (etc::init): Change prototype accordingly.
* pwdgrp.h (class pwdgrp): Store path as UNICODE_STRING/PWCHAR instead
of as path_conv.
(pwdgrp::load): Accommodate prototype.
* uinfo.cc (pwdgrp::load): Change argument type from char to wchar_t.
Create native NT path here instead of calling path_conv.
* mount.cc (find_root_from_cygwin_dll): Drop in favor of global
initializaion in shared_info.
(mount_info::init): Fetch native NT root dir from cygwin_shared.
(mount_info::from_fstab): Expect native NT path and use native NT
functions to access file. Convert username part in user fstab path
according to special char transformation rules.
* path.cc (tfx_chars): Convert slash to backslash.
(transform_chars): Implement for path given as PWCHAR.
(transform_chars): PUNICODE_STRING version calls PWCHAR version.
Remove useless commented code.
Unconditionally handle mount points case-sensitive.
Unconditionally handle virtual paths case-sensitive.
Unconditionally handle registry paths case-insensitive.
Otherwise, accommodate case-sensitivity of given path throughout.
* cygheap.cc (cygheap_root::set): Get additional caseinsensitive
parameter and store it.
* cygheap.h (struct cygheap_root_mount_info): Add member
caseinsensitive.
* dlfcn.cc (get_full_path_of_dll): Drop PC_NOFULL parameter from call
to path_conv::check.
* environ.cc (pcheck_case): Remove.
(check_case_init): Remove.
(known): Drop "check_case" option.
* exceptions.cc (open_stackdumpfile): Add comment.
* fhandler.cc (fhandler_base::get_default_fmode): Call pathmatch
instead of strcasematch.
* fhandler_disk_file.cc: Accommodate case-sensitivity of given path
throughout.
(__DIR_mounts::check_mount): Unconditionally check virtual paths
case-sensitive.
(fhandler_disk_file::link): Drop case clash handling.
(fhandler_disk_file::open): Ditto.
(fhandler_disk_file::readdir_helper): Drop managed mount code.
* mount.cc: Remove managed mount code and datastructures.
(struct opt): Remove "managed" option. Add "posix=0" and "posix=1"
options.
(fillout_mntent): Remove "managed" output. Add "posix" output.
* path.cc (struct symlink_info): Remove case_clash member and
case_check method.
(pcheck_case): Remove.
(path_prefix_p): Take additional bool parameter "caseinsensitive".
(pathnmatch): Ditto.
(pathmatch): Ditto.
(mkrelpath): Ditto.
(fs_info::update): Set caseinsensitive flag according to file system
name and FILE_CASE_SENSITIVE_SEARCH flag. Add comment.
(tfx_chars_managed): Remove.
(transform_chars): Drop "managed" parameter. Always use tfx_chars.
(get_nt_native_path): Drop "managed" parameter. Make sure drive letters
are always upper case.
(getfileattr): Change second parameter to denote caseinsensitivity.
(path_conv::check): Initialize caseinsensitive to OBJ_CASE_INSENSITIVE.
Set caseinsensitive according to global obcaseinsensitive flag, file
system case sensitivity and MOUNT_NOPOSIX mount flag.
Drop case_clash and all the related code.
(symlink_worker): Drop case clash handling.
(symlink_info::set): Drop setting case_clash.
(symlink_info::case_check): Remove.
(cwdstuff::set): Add comment.
(etc::init): Take path_conv instead of PUNICODE_STRING as parameter to
allow case sensitivity.
* path.h (enum pathconv_arg): Drop PC_SYM_IGNORE.
(enum case_checking): Remove.
(enum path_types): Drop PATH_ENC, add PATH_NOPOSIX flag.
(struct fs_info): Add caseinsensitive flag and accessor methods.
(class path_conv): Add caseinsensitive member and define
objcaseinsensitive method. Drop case_clash member and isencoded method.
(pathmatch): Change prototype according to above change.
(pathnmatch): Ditto.
(path_prefix_p): Ditto.
(get_nt_native_path): Ditto.
(class etc): Ditto.
(fnunmunge): Remove prototype.
* shared.cc (shared_info::init_obcaseinsensitive): Initialize
obcaseinsensitive flag from obcaseinsensitive registry value.
(shared_info::initialize): Call init_obcaseinsensitive here by the
first process creating the shared memory.
* shared_info.h (mount_item::fnmunge): Remove.
(shared_info::obcaseinsensitive): Rename from obcaseinsensitivity.
(shared_info::init_obcaseinsensitive): Declare.
* syscalls.cc (try_to_bin): Add comment.
* include/sys/mount.h (MOUNT_ENC): Remove flag.
(MOUNT_NOPOSIX): Add flag.
MAX_DOMAIN_NAME_LEN throughout.
* cyglsa.h (CYG_LSA_MAGIC): New value.
(cyglsa_t): Define username and domain as WCHAR arrays.
* errno.cc (errmap): Add mapping for ERROR_NONE_MAPPED.
* sec_auth.cc: Drop 'w' prefix from WCHAR string variable names where
appropriate.
(extract_nt_dom_user): Prefer resolving by SID before resolving by
domain\name pair.
(cygwin_logon_user): Don't print cleartext password in debug output.
Change comment.
(get_user_groups): Revert calls to LookupAccountNameW to use NULL
server instead of explicit server name, according to MSDN.
(get_user_local_groups): Ditto.
(get_server_groups): Fetch domain and user name from usersid per
LookupAccountSidW instead of calling extract_nt_dom_user.
(lsaauth): Fetch domain and user name from usersid per LookupAccountSidW
instead of calling extract_nt_dom_user.
* sec_helper.cc (cygpriv): Convert to wchar_t pointer array.
(privilege_luid): Convert first parameter to PWCHAR.
(privilege_name): Return wchar_t pointer.
(set_privileges): Accommodate debug output.
* security.h (privilege_luid): Change prototype accordingly.
* dcrt0.cc (child_info_spawn::handle_spawn): Drop artificial
supplementary group list from calling setgroups in parent.
* grp.cc (internal_getgroups): Drop 9x-only code. Reformat.
* sec_auth.cc (get_logon_server): Do everything in WCHAR only.
(get_user_groups): Ditto. Use wlogonserver in LookupAccountNameW
calls, too.
(is_group_member): Get logon server as first argument and use in call
to NetLocalGroupGetMembers.
(get_user_local_groups): Get logon server as first argument and use in
calls to NetLocalGroupEnum and LookupAccountNameW. Revamp to work
more correctly in domain environments.
(get_server_groups): Accommodate aforementioned changed function calls.
* security.h (get_logon_server): Change prototype accordingly.
* uinfo.cc (cygheap_user::env_logsrv): Accommodate changed
get_logon_server call.