libs/newlib-cygwin
libs/newlib-cygwin
4
0
Fork 0
mirror of git://sourceware.org/git/newlib-cygwin.git synced 2025-01-18 12:29:32 +08:00
Code Issues Projects Releases Wiki Activity
newlib-cygwin/winsup/cygwin/passwd.cc
Corinna Vinschen b39fa2c88d * autoload.cc (CheckTokenMembership): Import. 
* external.cc (cygwin_internal): Call get_uid/get_gid instead of get_id.
	* grp.cc (internal_getgrsid): Take additional cyg_ldap pointer.
	Forward to pwdgrp::add_group_from_windows.
	(internal_getgrnam): Ditto.
	(internal_getgrgid): Ditto.
	(gr_ent::enumerate_local): Drop ugid_caching bool from call to
	pwdgrp::fetch_account_from_windows.
	(getgroups32): Rename from internal_getgroups and drop getgroups32 stub.
	Drop srchsid parameter and code handling it.  Add local cyg_ldap
	instance and forward to internal_getgrXXX.
	(getgroups): Call getgroups32.
	(get_groups): Add local cyg_ldap instance and forward to
	internal_getgrXXX.
	(getgrouplist): Ditto.
	(setgroups32): Ditto.
	* ldap.cc (cyg_ldap::open): Don't call close.  Return true if connection
	is already open.
	(cyg_ldap::remap_uid): Forward this to internal_getpwsid.
	(cyg_ldap::remap_gid): Forward this to internal_getgrsid.
	* passwd.cc (internal_getpwsid): Take additional cyg_ldap pointer.
	Forward to pwdgrp::add_user_from_windows.
	(internal_getpwnam): Ditto.
	(internal_getpwuid): Ditto.
	(pg_ent::enumerate_builtin): Drop ugid_caching bool from call to
	pwdgrp::fetch_account_from_windows.
	(pg_ent::enumerate_sam): Ditto.
	(pg_ent::enumerate_ad): Ditto.  Forward local cldap instead.
	* pwdgrp.h (internal_getpwsid): Align declaration to above change.
	(internal_getpwnam): Ditto.
	(internal_getpwuid): Ditto.
	(internal_getgrsid): Ditto.
	(internal_getgrgid): Ditto.
	(internal_getgrnam): Ditto.
	(internal_getgroups): Drop declaration.
	(pwdgrp::add_account_from_windows): Align declaration to below change.
	(pwdgrp::add_user_from_windows): Ditto.
	(pwdgrp::add_group_from_windows): Ditto.
	* sec_acl.cc (setacl): Add local cyg_ldap instance and forward to
	internal_getpwuid and internal_getgrgid.
	(getacl): Add local cyg_ldap instance and forward to cygpsid::get_id.
	(aclfromtext32): Add local cyg_ldap instance and forward to
	internal_getpwnam and internal_getgrnam.
	* sec_helper.cc (cygpsid::get_id): Take additional cyg_ldap pointer.
	Forward to internal_getgrsid and internal_getpwsid.
	(get_sids_info): Drop ldap_open.  Forward local cldap to
	internal_getpwsid and internal_getgrXXX.  Call CheckTokenMembership
	rather than internal_getgroups.
	* security.h (cygpsid::get_id): Add cyg_ldap pointer, drop default
	parameter.
	(cygpsid::get_uid): Add cyg_ldap pointer.  Call get_id accordingly.
	(cygpsid::get_gid): Ditto.
	* uinfo.cc (internal_getlogin): Add local cyg_ldap instance and forward
	to internal_getpwXXX and internal_getgrXXX calls.
	(pwdgrp::add_account_from_windows): Take additional cyg_ldap pointer.
	Forward to pwdgrp::fetch_account_from_windows.
	(fetch_posix_offset): Drop ldap_open argument and handling.  Get
	cyg_ldap instance as pointer.
	(pwdgrp::fetch_account_from_windows): Take additional cyg_ldap pointer.
	Use it if it's not NULL, local instance otherwise.  Drop ldap_open.
	Drop fetching extended group arguments from AD for speed.
2014-02-27 12:57:27 +00:00

751 lines
16 KiB
C++
Raw Blame History

/* passwd.cc: getpwnam () and friends
Copyright 1996, 1997, 1998, 2000, 2001, 2002, 2003, 2004, 2005, 2007, 2008,
2009, 2010, 2011, 2012, 2013, 2014 Red Hat, Inc.
This file is part of Cygwin.
This software is a copyrighted work licensed under the terms of the
Cygwin license. Please consult the file "CYGWIN_LICENSE" for
details. */
#include "winsup.h"
#include <lm.h>
#include <stdlib.h>
#include <stdio.h>
#include "cygerrno.h"
#include "security.h"
#include "path.h"
#include "fhandler.h"
#include "dtable.h"
#include "pinfo.h"
#include "cygheap.h"
#include "shared_info.h"
#include "miscfuncs.h"
#include "ldap.h"
#include "tls_pbuf.h"
/* Parse /etc/passwd line into passwd structure. */
bool
pwdgrp::parse_passwd ()
{
pg_pwd &res = passwd ()[curr_lines];
res.p.pw_name = next_str (':');
res.p.pw_passwd = next_str (':');
if (!next_num (res.p.pw_uid))
return false;
if (!next_num (res.p.pw_gid))
return false;
res.p.pw_comment = NULL;
res.p.pw_gecos = next_str (':');
res.p.pw_dir = next_str (':');
res.p.pw_shell = next_str (':');
res.sid.getfrompw (&res.p);
return true;
}
void
pwdgrp::init_pwd ()
{
pwdgrp_buf_elem_size = sizeof (pg_pwd);
parse = &pwdgrp::parse_passwd;
}
pwdgrp *
pwdgrp::prep_tls_pwbuf ()
{
if (!_my_tls.locals.pwbuf)
{
_my_tls.locals.pwbuf = ccalloc_abort (HEAP_BUF, 1,
sizeof (pwdgrp) + sizeof (pg_pwd));
pwdgrp *pw = (pwdgrp *) _my_tls.locals.pwbuf;
pw->init_pwd ();
pw->pwdgrp_buf = (void *) (pw + 1);
pw->max_lines = 1;
}
pwdgrp *pw = (pwdgrp *) _my_tls.locals.pwbuf;
if (pw->curr_lines)
{
cfree (pw->passwd ()[0].p.pw_name);
pw->curr_lines = 0;
}
return pw;
}
struct passwd *
pwdgrp::find_user (cygpsid &sid)
{
for (ULONG i = 0; i < curr_lines; i++)
if (sid == passwd ()[i].sid)
return &passwd ()[i].p;
return NULL;
}
struct passwd *
pwdgrp::find_user (const char *name)
{
for (ULONG i = 0; i < curr_lines; i++)
/* on Windows NT user names are case-insensitive */
if (strcasematch (name, passwd ()[i].p.pw_name))
return &passwd ()[i].p;
return NULL;
}
struct passwd *
pwdgrp::find_user (uid_t uid)
{
for (ULONG i = 0; i < curr_lines; i++)
if (uid == passwd ()[i].p.pw_uid)
return &passwd ()[i].p;
return NULL;
}
struct passwd *
internal_getpwsid (cygpsid &sid, cyg_ldap *pldap)
{
struct passwd *ret;
cygheap->pg.nss_init ();
if (cygheap->pg.nss_pwd_files ())
{
cygheap->pg.pwd_cache.file.check_file (false);
if ((ret = cygheap->pg.pwd_cache.file.find_user (sid)))
return ret;
if ((ret = cygheap->pg.pwd_cache.file.add_user_from_file (sid)))
return ret;
}
if (cygheap->pg.nss_pwd_db ())
{
if ((ret = cygheap->pg.pwd_cache.win.find_user (sid)))
return ret;
return cygheap->pg.pwd_cache.win.add_user_from_windows (sid, pldap);
}
return NULL;
}
/* This function gets only called from mkpasswd via cygwin_internal. */
struct passwd *
internal_getpwsid_from_db (cygpsid &sid)
{
cygheap->pg.nss_init ();
return cygheap->pg.pwd_cache.win.add_user_from_windows (sid);
}
struct passwd *
internal_getpwnam (const char *name, cyg_ldap *pldap)
{
struct passwd *ret;
cygheap->pg.nss_init ();
if (cygheap->pg.nss_pwd_files ())
{
cygheap->pg.pwd_cache.file.check_file (false);
if ((ret = cygheap->pg.pwd_cache.file.find_user (name)))
return ret;
if ((ret = cygheap->pg.pwd_cache.file.add_user_from_file (name)))
return ret;
}
if (cygheap->pg.nss_pwd_db ())
{
if ((ret = cygheap->pg.pwd_cache.win.find_user (name)))
return ret;
return cygheap->pg.pwd_cache.win.add_user_from_windows (name, pldap);
}
return NULL;
}
struct passwd *
internal_getpwuid (uid_t uid, cyg_ldap *pldap)
{
struct passwd *ret;
cygheap->pg.nss_init ();
if (cygheap->pg.nss_pwd_files ())
{
cygheap->pg.pwd_cache.file.check_file (false);
if ((ret = cygheap->pg.pwd_cache.file.find_user (uid)))
return ret;
if ((ret = cygheap->pg.pwd_cache.file.add_user_from_file (uid)))
return ret;
}
if (cygheap->pg.nss_pwd_db ())
{
if ((ret = cygheap->pg.pwd_cache.win.find_user (uid)))
return ret;
return cygheap->pg.pwd_cache.win.add_user_from_windows (uid, pldap);
}
else if (uid == ILLEGAL_UID)
return cygheap->pg.pwd_cache.win.add_user_from_windows (uid);
return NULL;
}
extern "C" struct passwd *
getpwuid32 (uid_t uid)
{
struct passwd *temppw = internal_getpwuid (uid);
pthread_testcancel ();
return temppw;
}
#ifdef __x86_64__
EXPORT_ALIAS (getpwuid32, getpwuid)
#else
extern "C" struct passwd *
getpwuid (__uid16_t uid)
{
return getpwuid32 (uid16touid32 (uid));
}
#endif
extern "C" int
getpwuid_r32 (uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize, struct passwd **result)
{
*result = NULL;
if (!pwd || !buffer)
return ERANGE;
struct passwd *temppw = internal_getpwuid (uid);
pthread_testcancel ();
if (!temppw)
return 0;
/* check needed buffer size. */
size_t needsize = strlen (temppw->pw_name) + strlen (temppw->pw_passwd)
+ strlen (temppw->pw_gecos) + strlen (temppw->pw_dir)
+ strlen (temppw->pw_shell) + 5;
if (needsize > bufsize)
return ERANGE;
/* make a copy of temppw */
*result = pwd;
pwd->pw_uid = temppw->pw_uid;
pwd->pw_gid = temppw->pw_gid;
buffer = stpcpy (pwd->pw_name = buffer, temppw->pw_name);
buffer = stpcpy (pwd->pw_passwd = buffer + 1, temppw->pw_passwd);
buffer = stpcpy (pwd->pw_gecos = buffer + 1, temppw->pw_gecos);
buffer = stpcpy (pwd->pw_dir = buffer + 1, temppw->pw_dir);
stpcpy (pwd->pw_shell = buffer + 1, temppw->pw_shell);
pwd->pw_comment = NULL;
return 0;
}
#ifdef __x86_64__
EXPORT_ALIAS (getpwuid_r32, getpwuid_r)
#else
extern "C" int
getpwuid_r (__uid16_t uid, struct passwd *pwd, char *buffer, size_t bufsize, struct passwd **result)
{
return getpwuid_r32 (uid16touid32 (uid), pwd, buffer, bufsize, result);
}
#endif
extern "C" struct passwd *
getpwnam (const char *name)
{
struct passwd *temppw = internal_getpwnam (name);
pthread_testcancel ();
return temppw;
}
/* the max size buffer we can expect to
* use is returned via sysconf with _SC_GETPW_R_SIZE_MAX.
* This may need updating! - Rob Collins April 2001.
*/
extern "C" int
getpwnam_r (const char *nam, struct passwd *pwd, char *buffer, size_t bufsize, struct passwd **result)
{
*result = NULL;
if (!pwd || !buffer || !nam)
return ERANGE;
struct passwd *temppw = internal_getpwnam (nam);
pthread_testcancel ();
if (!temppw)
return 0;
/* check needed buffer size. */
size_t needsize = strlen (temppw->pw_name) + strlen (temppw->pw_passwd)
+ strlen (temppw->pw_gecos) + strlen (temppw->pw_dir)
+ strlen (temppw->pw_shell) + 5;
if (needsize > bufsize)
return ERANGE;
/* make a copy of temppw */
*result = pwd;
pwd->pw_uid = temppw->pw_uid;
pwd->pw_gid = temppw->pw_gid;
buffer = stpcpy (pwd->pw_name = buffer, temppw->pw_name);
buffer = stpcpy (pwd->pw_passwd = buffer + 1, temppw->pw_passwd);
buffer = stpcpy (pwd->pw_gecos = buffer + 1, temppw->pw_gecos);
buffer = stpcpy (pwd->pw_dir = buffer + 1, temppw->pw_dir);
stpcpy (pwd->pw_shell = buffer + 1, temppw->pw_shell);
pwd->pw_comment = NULL;
return 0;
}
/* getpwent functions are not reentrant. */
static pw_ent pwent;
void
pg_ent::clear_cache ()
{
if (pg.curr_lines)
{
if (state > from_file)
cfree (group ? grp.g.gr_name : pwd.p.pw_name);
pg.curr_lines = 0;
}
}
void
pg_ent::setent (bool _group, int _enums, PCWSTR _enum_tdoms)
{
cygheap->dom.init ();
endent (_group);
if (!_enums && !_enum_tdoms)
{
/* This is the default, when called from the usual setpwent/setgrent
functions. */
enums = cygheap->pg.nss_db_enums ();
enum_tdoms = cygheap->pg.nss_db_enum_tdoms ();
if (_group)
{
from_files = cygheap->pg.nss_grp_files ();
from_db = cygheap->pg.nss_grp_db ();
}
else
{
from_files = cygheap->pg.nss_pwd_files ();
from_db = cygheap->pg.nss_pwd_db ();
}
}
else
{
/* This case is when called from mkpasswd/mkgroup via cygwin_internal. */
enums = _enums;
enum_tdoms = _enum_tdoms;
from_files = false;
from_db = true;
}
state = from_cache;
}
void *
pg_ent::getent (void)
{
void *entry;
switch (state)
{
case rewound:
state = from_cache;
/*FALLTHRU*/
case from_cache:
if (nss_db_enum_caches ()
&& (entry = enumerate_caches ()))
return entry;
state = from_file;
/*FALLTHRU*/
case from_file:
if (from_files
&& nss_db_enum_files ()
&& (entry = enumerate_file ()))
return entry;
state = from_builtin;
/*FALLTHRU*/
case from_builtin:
if (from_db
&& nss_db_enum_builtin ()
&& (entry = enumerate_builtin ()))
return entry;
state = from_local;
/*FALLTHRU*/
case from_local:
if (from_db
&& nss_db_enum_local ()
&& (!cygheap->dom.member_machine ()
|| !nss_db_enum_primary ())
&& (entry = enumerate_local ()))
return entry;
state = from_sam;
/*FALLTHRU*/
case from_sam:
if (from_db
&& nss_db_enum_local ()
/* Domain controller? If so, sam and ad are one and the same
and "local ad" would list all domain accounts twice without
this test. */
&& (cygheap->dom.account_flat_name ()[0] != L'@'
|| !nss_db_enum_primary ())
&& (entry = enumerate_sam ()))
return entry;
state = from_ad;
/*FALLTHRU*/
case from_ad:
if (cygheap->dom.member_machine ()
&& from_db
&& (entry = enumerate_ad ()))
return entry;
state = finished;
/*FALLTHRU*/
case finished:
break;
}
return NULL;
}
void
pg_ent::endent (bool _group)
{
if (buf)
{
if (state == from_file)
free (buf);
else if (state == from_local || state == from_sam)
NetApiBufferFree (buf);
buf = NULL;
}
if (!pg.curr_lines)
{
if ((group = _group))
{
pg.init_grp ();
pg.pwdgrp_buf = (void *) &grp;
}
else
{
pg.init_pwd ();
pg.pwdgrp_buf = (void *) &pwd;
}
pg.max_lines = 1;
}
else
clear_cache ();
cldap.close ();
rl.close ();
cnt = max = resume = 0;
enums = 0;
enum_tdoms = NULL;
state = rewound;
}
void *
pg_ent::enumerate_file ()
{
void *entry;
if (!cnt)
{
pwdgrp &prf = group ? cygheap->pg.grp_cache.file
: cygheap->pg.pwd_cache.file;
if (prf.check_file (group))
{
if (!buf)
buf = (char *) malloc (NT_MAX_PATH);
if (buf
&& !rl.init (prf.file_attr (), buf, NT_MAX_PATH))
{
free (buf);
buf = NULL;
}
}
}
++cnt;
if ((entry = pg.add_account_post_fetch (rl.gets (), false)))
return entry;
rl.close ();
free (buf);
buf = NULL;
cnt = max = resume = 0;
return NULL;
}
void *
pg_ent::enumerate_builtin ()
{
static const char *pwd_builtins[] = {
/* SYSTEM */
"S-1-5-18",
/* LocalService */
"S-1-5-19",
/* NetworkService */
"S-1-5-20",
/* Administrators */
"S-1-5-32-544",
/* TrustedInstaller */
"S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464",
/* The end */
NULL
};
static const char *grp_builtins[] = {
/* SYSTEM */
"S-1-5-18",
/* TrustedInstaller */
"S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464",
/* The end */
NULL
};
const char **builtins = group ? grp_builtins : pwd_builtins;
if (!builtins[cnt])
{
cnt = max = resume = 0;
return NULL;
}
cygsid sid (builtins[cnt++]);
fetch_user_arg_t arg;
arg.type = SID_arg;
arg.sid = &sid;
char *line = pg.fetch_account_from_windows (arg, group);
return pg.add_account_post_fetch (line, false);
}
void *
pg_ent::enumerate_sam ()
{
while (true)
{
if (!cnt)
{
DWORD total;
NET_API_STATUS ret;
if (buf)
{
NetApiBufferFree (buf);
buf = NULL;
}
if (resume == ULONG_MAX)
ret = ERROR_NO_MORE_ITEMS;
else if (group)
ret = NetGroupEnum (NULL, 2, (PBYTE *) &buf, MAX_PREFERRED_LENGTH,
&max, &total, &resume);
else
ret = NetUserEnum (NULL, 20, FILTER_NORMAL_ACCOUNT, (PBYTE *) &buf,
MAX_PREFERRED_LENGTH, &max, &total,
(PDWORD) &resume);
if (ret == NERR_Success)
resume = ULONG_MAX;
else if (ret != ERROR_MORE_DATA)
{
cnt = max = resume = 0;
return NULL;
}
}
while (cnt < max)
{
cygsid sid (cygheap->dom.account_sid ());
sid_sub_auth (sid, sid_sub_auth_count (sid)) =
group ? ((PGROUP_INFO_2) buf)[cnt].grpi2_group_id
: ((PUSER_INFO_20) buf)[cnt].usri20_user_id;
++cnt;
++sid_sub_auth_count (sid);
fetch_user_arg_t arg;
arg.type = SID_arg;
arg.sid = &sid;
char *line = pg.fetch_account_from_windows (arg, group);
if (line)
return pg.add_account_post_fetch (line, false);
}
cnt = 0;
}
}
void *
pg_ent::enumerate_ad ()
{
while (true)
{
if (!cnt)
{
PDS_DOMAIN_TRUSTSW td;
if (!resume)
{
if (!cldap.open (NULL))
return NULL;
++resume;
if (!nss_db_enum_primary ()
|| !cldap.enumerate_ad_accounts (NULL, group))
continue;
}
else if ((td = cygheap->dom.trusted_domain (resume - 1)))
{
++resume;
if ((td->Flags & DS_DOMAIN_PRIMARY)
|| !td->DomainSid
|| (!nss_db_enum_tdom (td->NetbiosDomainName)
&& !nss_db_enum_tdom (td->DnsDomainName))
|| !cldap.enumerate_ad_accounts (td->DnsDomainName, group))
continue;
}
else
{
cldap.close ();
return NULL;
}
}
++cnt;
cygsid sid;
if (cldap.next_account (sid))
{
fetch_user_arg_t arg;
arg.type = SID_arg;
arg.sid = &sid;
char *line = pg.fetch_account_from_windows (arg, group, &cldap);
if (line)
return pg.add_account_post_fetch (line, false);
}
cnt = 0;
}
}
void *
pw_ent::enumerate_caches ()
{
if (!max && from_files)
{
pwdgrp &prf = cygheap->pg.pwd_cache.file;
prf.check_file (false);
if (cnt < prf.cached_users ())
return &prf.passwd ()[cnt++].p;
cnt = 0;
max = 1;
}
if (from_db && cygheap->pg.nss_db_caching ())
{
pwdgrp &prw = cygheap->pg.pwd_cache.win;
if (cnt < prw.cached_users ())
return &prw.passwd ()[cnt++].p;
}
cnt = max = 0;
return NULL;
}
void *
pw_ent::enumerate_local ()
{
return NULL;
}
struct passwd *
pw_ent::getpwent (void)
{
if (state == rewound)
setent (false);
else
clear_cache ();
return (struct passwd *) getent ();
}
extern "C" void
setpwent ()
{
pwent.setpwent ();
}
extern "C" struct passwd *
getpwent (void)
{
return pwent.getpwent ();
}
extern "C" void
endpwent (void)
{
pwent.endpwent ();
}
/* *_filtered functions are called from mkpasswd */
void *
setpwent_filtered (int enums, PCWSTR enum_tdoms)
{
pw_ent *pw = new pw_ent;
if (pw)
pw->setpwent (enums, enum_tdoms);
return (void *) pw;
}
void *
getpwent_filtered (void *pw)
{
return (void *) ((pw_ent *) pw)->getpwent ();
}
void
endpwent_filtered (void *pw)
{
((pw_ent *) pw)->endpwent ();
}
#ifndef __x86_64__
extern "C" struct passwd *
getpwduid (__uid16_t)
{
return NULL;
}
#endif
extern "C" int
setpassent (int)
{
return 0;
}
static void
_getpass_close_fd (void *arg)
{
if (arg)
fclose ((FILE *) arg);
}
extern "C" char *
getpass (const char * prompt)
{
char *pass = _my_tls.locals.pass;
struct termios ti, newti;
bool tc_set = false;
/* Try to use controlling tty in the first place. Use stdin and stderr
only as fallback. */
FILE *in = stdin, *err = stderr;
FILE *tty = fopen ("/dev/tty", "w+b");
pthread_cleanup_push (_getpass_close_fd, tty);
if (tty)
{
/* Set close-on-exec for obvious reasons. */
fcntl (fileno (tty), F_SETFD, fcntl (fileno (tty), F_GETFD) | FD_CLOEXEC);
in = err = tty;
}
/* Make sure to notice if stdin is closed. */
if (fileno (in) >= 0)
{
flockfile (in);
/* Change tty attributes if possible. */
if (!tcgetattr (fileno (in), &ti))
{
newti = ti;
newti.c_lflag &= ~(ECHO | ISIG); /* No echo, no signal handling. */
if (!tcsetattr (fileno (in), TCSANOW, &newti))
tc_set = true;
}
fputs (prompt, err);
fflush (err);
fgets (pass, _PASSWORD_LEN, in);
fprintf (err, "\n");
if (tc_set)
tcsetattr (fileno (in), TCSANOW, &ti);
funlockfile (in);
char *crlf = strpbrk (pass, "\r\n");
if (crlf)
*crlf = '\0';
}
pthread_cleanup_pop (1);
return pass;
}
Reference in New Issue View Git Blame Copy Permalink