diff options
Diffstat (limited to 'winsup/cygwin/passwd.cc')
-rw-r--r-- | winsup/cygwin/passwd.cc | 674 |
1 files changed, 99 insertions, 575 deletions
diff --git a/winsup/cygwin/passwd.cc b/winsup/cygwin/passwd.cc index b8ed09466..88690e379 100644 --- a/winsup/cygwin/passwd.cc +++ b/winsup/cygwin/passwd.cc @@ -10,7 +10,6 @@ Cygwin license. Please consult the file "CYGWIN_LICENSE" for details. */ #include "winsup.h" -#include <lm.h> #include <stdlib.h> #include <stdio.h> #include "cygerrno.h" @@ -20,210 +19,127 @@ details. */ #include "dtable.h" #include "pinfo.h" #include "cygheap.h" +#include "pwdgrp.h" #include "shared_info.h" -#include "miscfuncs.h" -#include "ldap.h" -#include "tls_pbuf.h" + +/* Read /etc/passwd only once for better performance. This is done + on the first call that needs information from it. */ + +passwd *passwd_buf; +static pwdgrp pr (passwd_buf); /* Parse /etc/passwd line into passwd structure. */ bool pwdgrp::parse_passwd () { - pg_pwd &res = passwd ()[curr_lines]; - res.p.pw_name = next_str (':'); - res.p.pw_passwd = next_str (':'); - if (!next_num (res.p.pw_uid)) + passwd &res = (*passwd_buf)[curr_lines]; + res.pw_name = next_str (':'); + res.pw_passwd = next_str (':'); + if (!next_num (res.pw_uid)) return false; - if (!next_num (res.p.pw_gid)) + if (!next_num (res.pw_gid)) return false; - res.p.pw_comment = NULL; - res.p.pw_gecos = next_str (':'); - res.p.pw_dir = next_str (':'); - res.p.pw_shell = next_str (':'); - res.sid.getfrompw (&res.p); - /* lptr points to the \0 after pw_shell. Increment by one to get the correct - required buffer len in getpw_cp. */ - res.len = lptr - res.p.pw_name + 1; + res.pw_comment = NULL; + res.pw_gecos = next_str (':'); + res.pw_dir = next_str (':'); + res.pw_shell = next_str (':'); return true; } +/* Read in /etc/passwd and save contents in the password cache. + This sets pr to loaded or emulated so functions in this file can + tell that /etc/passwd has been read in or will be emulated. */ void -pwdgrp::init_pwd () -{ - pwdgrp_buf_elem_size = sizeof (pg_pwd); - parse = &pwdgrp::parse_passwd; +pwdgrp::read_passwd () +{ + load (L"\\etc\\passwd"); + + char strbuf[128] = ""; + bool searchentry = true; + struct passwd *pw; + /* must be static */ + static char NO_COPY pretty_ls[] = "????????:*:-1:-1:::"; + + add_line (pretty_ls); + cygsid tu = cygheap->user.sid (); + tu.string (strbuf); + if (!user_shared->cb || myself->uid == ILLEGAL_UID) + searchentry = !internal_getpwsid (tu); + if (searchentry + && (!(pw = internal_getpwnam (cygheap->user.name ())) + || !user_shared->cb + || (myself->uid != ILLEGAL_UID + && myself->uid != pw->pw_uid + && !internal_getpwuid (myself->uid)))) + { + static char linebuf[1024]; // must be static and + // should not be NO_COPY + snprintf (linebuf, sizeof (linebuf), "%s:*:%u:%u:,%s:%s:/bin/sh", + cygheap->user.name (), + (!user_shared->cb || myself->uid == ILLEGAL_UID) + ? UNKNOWN_UID : myself->uid, + !user_shared->cb ? UNKNOWN_GID : myself->gid, + strbuf, getenv ("HOME") ?: ""); + debug_printf ("Completing /etc/passwd: %s", linebuf); + add_line (linebuf); + } } struct passwd * -pwdgrp::find_user (cygpsid &sid) +internal_getpwsid (cygpsid &sid) { - for (ULONG i = 0; i < curr_lines; i++) - if (sid == passwd ()[i].sid) - return &passwd ()[i].p; - return NULL; -} + struct passwd *pw; + char *ptr1, *ptr2, *endptr; + char sid_string[128] = {0,','}; -struct passwd * -pwdgrp::find_user (const char *name) -{ - for (ULONG i = 0; i < curr_lines; i++) - /* on Windows NT user names are case-insensitive */ - if (strcasematch (name, passwd ()[i].p.pw_name)) - return &passwd ()[i].p; - return NULL; -} + pr.refresh (false); -struct passwd * -pwdgrp::find_user (uid_t uid) -{ - for (ULONG i = 0; i < curr_lines; i++) - if (uid == passwd ()[i].p.pw_uid) - return &passwd ()[i].p; - return NULL; -} - -struct passwd * -internal_getpwsid (cygpsid &sid, cyg_ldap *pldap) -{ - struct passwd *ret; - - cygheap->pg.nss_init (); - /* Check caches first. */ - if (cygheap->pg.nss_cygserver_caching () - && (ret = cygheap->pg.pwd_cache.cygserver.find_user (sid))) - return ret; - if (cygheap->pg.nss_pwd_files () - && (ret = cygheap->pg.pwd_cache.file.find_user (sid))) - return ret; - if (cygheap->pg.nss_pwd_db () - && (ret = cygheap->pg.pwd_cache.win.find_user (sid))) - return ret; - /* Ask sources afterwards. */ - if (cygheap->pg.nss_cygserver_caching () - && (ret = cygheap->pg.pwd_cache.cygserver.add_user_from_cygserver (sid))) - return ret; - if (cygheap->pg.nss_pwd_files ()) + if (sid.string (sid_string + 2)) { - cygheap->pg.pwd_cache.file.check_file (); - if ((ret = cygheap->pg.pwd_cache.file.add_user_from_file (sid))) - return ret; + endptr = strchr (sid_string + 2, 0) - 1; + for (int i = 0; i < pr.curr_lines; i++) + { + pw = passwd_buf + i; + if (pw->pw_dir > pw->pw_gecos + 8) + for (ptr1 = endptr, ptr2 = pw->pw_dir - 2; + *ptr1 == *ptr2; ptr2--) + if (!*--ptr1) + return pw; + } } - if (cygheap->pg.nss_pwd_db ()) - return cygheap->pg.pwd_cache.win.add_user_from_windows (sid, pldap); return NULL; } -/* This function gets only called from mkpasswd via cygwin_internal. */ struct passwd * -internal_getpwsid_from_db (cygpsid &sid) +internal_getpwuid (uid_t uid, bool check) { - cygheap->pg.nss_init (); - return cygheap->pg.pwd_cache.win.add_user_from_windows (sid); -} + pr.refresh (check); -struct passwd * -internal_getpwnam (const char *name, cyg_ldap *pldap) -{ - struct passwd *ret; - - cygheap->pg.nss_init (); - /* Check caches first. */ - if (cygheap->pg.nss_cygserver_caching () - && (ret = cygheap->pg.pwd_cache.cygserver.find_user (name))) - return ret; - if (cygheap->pg.nss_pwd_files () - && (ret = cygheap->pg.pwd_cache.file.find_user (name))) - return ret; - if (cygheap->pg.nss_pwd_db () - && (ret = cygheap->pg.pwd_cache.win.find_user (name))) - return ret; - /* Ask sources afterwards. */ - if (cygheap->pg.nss_cygserver_caching () - && (ret = cygheap->pg.pwd_cache.cygserver.add_user_from_cygserver (name))) - return ret; - if (cygheap->pg.nss_pwd_files ()) - { - cygheap->pg.pwd_cache.file.check_file (); - if ((ret = cygheap->pg.pwd_cache.file.add_user_from_file (name))) - return ret; - } - if (cygheap->pg.nss_pwd_db ()) - return cygheap->pg.pwd_cache.win.add_user_from_windows (name, pldap); + for (int i = 0; i < pr.curr_lines; i++) + if (uid == passwd_buf[i].pw_uid) + return passwd_buf + i; return NULL; } struct passwd * -internal_getpwuid (uid_t uid, cyg_ldap *pldap) +internal_getpwnam (const char *name, bool check) { - struct passwd *ret; - - cygheap->pg.nss_init (); - /* Check caches first. */ - if (cygheap->pg.nss_cygserver_caching () - && (ret = cygheap->pg.pwd_cache.cygserver.find_user (uid))) - return ret; - if (cygheap->pg.nss_pwd_files () - && (ret = cygheap->pg.pwd_cache.file.find_user (uid))) - return ret; - if (cygheap->pg.nss_pwd_db () - && (ret = cygheap->pg.pwd_cache.win.find_user (uid))) - return ret; - /* Ask sources afterwards. */ - if (cygheap->pg.nss_cygserver_caching () - && (ret = cygheap->pg.pwd_cache.cygserver.add_user_from_cygserver (uid))) - return ret; - if (cygheap->pg.nss_pwd_files ()) - { - cygheap->pg.pwd_cache.file.check_file (); - if ((ret = cygheap->pg.pwd_cache.file.add_user_from_file (uid))) - return ret; - } - if (cygheap->pg.nss_pwd_db () || uid == ILLEGAL_UID) - return cygheap->pg.pwd_cache.win.add_user_from_windows (uid, pldap); + pr.refresh (check); + + for (int i = 0; i < pr.curr_lines; i++) + /* on Windows NT user names are case-insensitive */ + if (strcasematch (name, passwd_buf[i].pw_name)) + return passwd_buf + i; return NULL; } -/* getpwuid/getpwnam are not reentrant. */ -static struct { - struct passwd p; - char *buf; - size_t bufsiz; -} app_pw; - -static struct passwd * -getpw_cp (struct passwd *temppw) -{ - if (!temppw) - return NULL; - pg_pwd *pw = (pg_pwd *) temppw; - if (app_pw.bufsiz < pw->len) - { - char *newbuf = (char *) realloc (app_pw.buf, pw->len); - if (!newbuf) - { - set_errno (ENOMEM); - return NULL; - } - app_pw.buf = newbuf; - app_pw.bufsiz = pw->len; - } - memcpy (app_pw.buf, pw->p.pw_name, pw->len); - memcpy (&app_pw.p, &pw->p, sizeof pw->p); - ptrdiff_t diff = app_pw.buf - pw->p.pw_name; - app_pw.p.pw_name += diff; - app_pw.p.pw_passwd += diff; - app_pw.p.pw_gecos += diff; - app_pw.p.pw_dir += diff; - app_pw.p.pw_shell += diff; - return &app_pw.p; -} extern "C" struct passwd * getpwuid32 (uid_t uid) { - struct passwd *temppw = internal_getpwuid (uid); + struct passwd *temppw = internal_getpwuid (uid, true); pthread_testcancel (); - return getpw_cp (temppw); + return temppw; } #ifdef __x86_64__ @@ -244,7 +160,7 @@ getpwuid_r32 (uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize, struc if (!pwd || !buffer) return ERANGE; - struct passwd *temppw = internal_getpwuid (uid); + struct passwd *temppw = internal_getpwuid (uid, true); pthread_testcancel (); if (!temppw) return 0; @@ -282,9 +198,9 @@ getpwuid_r (__uid16_t uid, struct passwd *pwd, char *buffer, size_t bufsize, str extern "C" struct passwd * getpwnam (const char *name) { - struct passwd *temppw = internal_getpwnam (name); + struct passwd *temppw = internal_getpwnam (name, true); pthread_testcancel (); - return getpw_cp (temppw); + return temppw; } @@ -300,7 +216,7 @@ getpwnam_r (const char *nam, struct passwd *pwd, char *buffer, size_t bufsize, s if (!pwd || !buffer || !nam) return ERANGE; - struct passwd *temppw = internal_getpwnam (nam); + struct passwd *temppw = internal_getpwnam (nam, true); pthread_testcancel (); if (!temppw) @@ -326,429 +242,37 @@ getpwnam_r (const char *nam, struct passwd *pwd, char *buffer, size_t bufsize, s return 0; } -/* getpwent functions are not reentrant. */ -static pw_ent pwent; - -void -pg_ent::clear_cache () -{ - if (pg.curr_lines) - { - if (state > from_file) - cfree (group ? grp.g.gr_name : pwd.p.pw_name); - pg.curr_lines = 0; - } -} - -void -pg_ent::setent (bool _group, int _enums, PCWSTR _enum_tdoms) -{ - cygheap->dom.init (); - endent (_group); - if (!_enums && !_enum_tdoms) - { - /* This is the default, when called from the usual setpwent/setgrent - functions. */ - enums = cygheap->pg.nss_db_enums (); - enum_tdoms = cygheap->pg.nss_db_enum_tdoms (); - if (_group) - { - from_files = cygheap->pg.nss_grp_files (); - from_db = cygheap->pg.nss_grp_db (); - } - else - { - from_files = cygheap->pg.nss_pwd_files (); - from_db = cygheap->pg.nss_pwd_db (); - } - } - else - { - /* This case is when called from mkpasswd/mkgroup via cygwin_internal. */ - enums = _enums; - enum_tdoms = _enum_tdoms; - from_files = false; - from_db = true; - } - state = from_cache; -} - -void * -pg_ent::getent (void) -{ - void *entry; - - switch (state) - { - case rewound: - state = from_cache; - /*FALLTHRU*/ - case from_cache: - if (nss_db_enum_caches () - && (entry = enumerate_caches ())) - return entry; - state = from_file; - /*FALLTHRU*/ - case from_file: - if (from_files - && nss_db_enum_files () - && (entry = enumerate_file ())) - return entry; - state = from_builtin; - /*FALLTHRU*/ - case from_builtin: - if (from_db - && nss_db_enum_builtin () - && (entry = enumerate_builtin ())) - return entry; - state = from_local; - /*FALLTHRU*/ - case from_local: - if (from_db - && nss_db_enum_local () - && (!cygheap->dom.member_machine () - || !nss_db_enum_primary ()) - && (entry = enumerate_local ())) - return entry; - state = from_sam; - /*FALLTHRU*/ - case from_sam: - if (from_db - && nss_db_enum_local () - /* Domain controller? If so, sam and ad are one and the same - and "local ad" would list all domain accounts twice without - this test. */ - && (cygheap->dom.account_flat_name ()[0] != L'@' - || !nss_db_enum_primary ()) - && (entry = enumerate_sam ())) - return entry; - state = from_ad; - /*FALLTHRU*/ - case from_ad: - if (cygheap->dom.member_machine () - && from_db - && (entry = enumerate_ad ())) - return entry; - state = finished; - /*FALLTHRU*/ - case finished: - break; - } - return NULL; -} - -void -pg_ent::endent (bool _group) -{ - if (buf) - { - if (state == from_file) - free (buf); - else if (state == from_local || state == from_sam) - NetApiBufferFree (buf); - buf = NULL; - } - if (!pg.curr_lines) - { - if ((group = _group)) - { - pg.init_grp (); - pg.pwdgrp_buf = (void *) &grp; - } - else - { - pg.init_pwd (); - pg.pwdgrp_buf = (void *) &pwd; - } - pg.max_lines = 1; - } - else - clear_cache (); - cldap.close (); - rl.close (); - cnt = max = resume = 0; - enums = 0; - enum_tdoms = NULL; - state = rewound; -} - -void * -pg_ent::enumerate_file () -{ - void *entry; - - if (!cnt) - { - pwdgrp &prf = group ? cygheap->pg.grp_cache.file - : cygheap->pg.pwd_cache.file; - if (prf.check_file ()) - { - if (!buf) - buf = (char *) malloc (NT_MAX_PATH); - if (buf - && !rl.init (prf.file_attr (), buf, NT_MAX_PATH)) - { - free (buf); - buf = NULL; - } - } - } - ++cnt; - if ((entry = pg.add_account_post_fetch (rl.gets (), false))) - return entry; - rl.close (); - free (buf); - buf = NULL; - cnt = max = resume = 0; - return NULL; -} - -void * -pg_ent::enumerate_builtin () -{ - static cygpsid *pwd_builtins[] = { - &well_known_system_sid, - &well_known_local_service_sid, - &well_known_network_service_sid, - &well_known_admins_sid, - &trusted_installer_sid, - NULL - }; - static cygpsid *grp_builtins[] = { - &well_known_system_sid, - &trusted_installer_sid, - NULL - }; - - cygpsid **builtins = group ? grp_builtins : pwd_builtins; - if (!builtins[cnt]) - { - cnt = max = resume = 0; - return NULL; - } - cygsid sid (*builtins[cnt++]); - fetch_user_arg_t arg; - arg.type = SID_arg; - arg.sid = &sid; - char *line = pg.fetch_account_from_windows (arg); - return pg.add_account_post_fetch (line, false); -} - -void * -pg_ent::enumerate_sam () -{ - while (true) - { - if (!cnt) - { - DWORD total; - NET_API_STATUS ret; - - if (buf) - { - NetApiBufferFree (buf); - buf = NULL; - } - if (resume == ULONG_MAX) - ret = ERROR_NO_MORE_ITEMS; - else if (group) - ret = NetGroupEnum (NULL, 2, (PBYTE *) &buf, MAX_PREFERRED_LENGTH, - &max, &total, &resume); - else - ret = NetUserEnum (NULL, 20, FILTER_NORMAL_ACCOUNT, (PBYTE *) &buf, - MAX_PREFERRED_LENGTH, &max, &total, - (PDWORD) &resume); - if (ret == NERR_Success) - resume = ULONG_MAX; - else if (ret != ERROR_MORE_DATA) - { - cnt = max = resume = 0; - return NULL; - } - } - while (cnt < max) - { - cygsid sid (cygheap->dom.account_sid ()); - sid_sub_auth (sid, sid_sub_auth_count (sid)) = - group ? ((PGROUP_INFO_2) buf)[cnt].grpi2_group_id - : ((PUSER_INFO_20) buf)[cnt].usri20_user_id; - ++cnt; - ++sid_sub_auth_count (sid); - fetch_user_arg_t arg; - arg.type = SID_arg; - arg.sid = &sid; - char *line = pg.fetch_account_from_windows (arg); - if (line) - return pg.add_account_post_fetch (line, false); - } - cnt = 0; - } -} - -void * -pg_ent::enumerate_ad () +extern "C" struct passwd * +getpwent (void) { - while (true) - { - if (!cnt) - { - PDS_DOMAIN_TRUSTSW td; - - if (!resume) - { - ++resume; - if (!nss_db_enum_primary () - || cldap.enumerate_ad_accounts (NULL, group) != NO_ERROR) - continue; - } - else if ((td = cygheap->dom.trusted_domain (resume - 1))) - { - ++resume; - /* Ignore primary domain in list of trusted domains only if all - trusted domains are enumerated anyway. This handles an - annoying backward compatibility problem in mkpasswd/mkgroup. - Without this test, `mkpasswd -d PRIMARY_DOMAIN' wouldn't - work as expected. */ - if (((enums & ENUM_TDOMS_ALL) && td->Flags & DS_DOMAIN_PRIMARY) - || !td->DomainSid - || (!nss_db_enum_tdom (td->NetbiosDomainName) - && !nss_db_enum_tdom (td->DnsDomainName)) - || cldap.enumerate_ad_accounts (td->DnsDomainName, group) - != NO_ERROR) - continue; - } - else - { - cldap.close (); - return NULL; - } - } - ++cnt; - cygsid sid; - int ret = cldap.next_account (sid); - if (ret == NO_ERROR) - { - fetch_user_arg_t arg; - arg.type = SID_arg; - arg.sid = &sid; - char *line = pg.fetch_account_from_windows (arg, &cldap); - if (line) - return pg.add_account_post_fetch (line, false); - ret = EIO; - } - if (ret != ENMFILE) - { - cldap.close (); - set_errno (ret); - return NULL; - } - cnt = 0; - } -} + if (_my_tls.locals.pw_pos == 0) + pr.refresh (true); + if (_my_tls.locals.pw_pos < pr.curr_lines) + return passwd_buf + _my_tls.locals.pw_pos++; -void * -pw_ent::enumerate_caches () -{ - switch (max) - { - case 0: - if (cygheap->pg.nss_cygserver_caching ()) - { - pwdgrp &prc = cygheap->pg.pwd_cache.cygserver; - if (cnt < prc.cached_users ()) - return &prc.passwd ()[cnt++].p; - } - cnt = 0; - max = 1; - /*FALLTHRU*/ - case 1: - if (from_files) - { - pwdgrp &prf = cygheap->pg.pwd_cache.file; - prf.check_file (); - if (cnt < prf.cached_users ()) - return &prf.passwd ()[cnt++].p; - } - cnt = 0; - max = 2; - /*FALLTHRU*/ - default: - if (from_db) - { - pwdgrp &prw = cygheap->pg.pwd_cache.win; - if (cnt < prw.cached_users ()) - return &prw.passwd ()[cnt++].p; - } - break; - } - cnt = max = 0; return NULL; } -void * -pw_ent::enumerate_local () +#ifndef __x86_64__ +extern "C" struct passwd * +getpwduid (__uid16_t) { return NULL; } - -struct passwd * -pw_ent::getpwent (void) -{ - if (state == rewound) - setent (false); - else - clear_cache (); - return (struct passwd *) getent (); -} +#endif extern "C" void -setpwent () -{ - pwent.setpwent (); -} - -extern "C" struct passwd * -getpwent (void) +setpwent (void) { - return pwent.getpwent (); + _my_tls.locals.pw_pos = 0; } extern "C" void endpwent (void) { - pwent.endpwent (); + _my_tls.locals.pw_pos = 0; } -/* *_filtered functions are called from mkpasswd */ -void * -setpwent_filtered (int enums, PCWSTR enum_tdoms) -{ - pw_ent *pw = new pw_ent; - if (pw) - pw->setpwent (enums, enum_tdoms); - return (void *) pw; -} - -void * -getpwent_filtered (void *pw) -{ - return (void *) ((pw_ent *) pw)->getpwent (); -} - -void -endpwent_filtered (void *pw) -{ - ((pw_ent *) pw)->endpwent (); -} - -#ifndef __x86_64__ -extern "C" struct passwd * -getpwduid (__uid16_t) -{ - return NULL; -} -#endif - extern "C" int setpassent (int) { |