cygwin.com/git/newlib-cygwin.git - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2014-03-29	* sec_auth.cc (create_token): Initialize lsa handle to NULL, rather than	Corinna Vinschen
	to INVALID_HANDLE_VALUE. (lsaauth): Ditto. (lsaprivkeyauth): Ditto. * setlsapwd.cc (setlsapwd): Don't initialize lsa handle.
2014-03-06	* setlsapwd.cc (setlsapwd): Use RtlSecureZeroMemory to delete password	Corinna Vinschen
	from memory.
2014-02-18	* setlsapwd.cc (setlsapwd): Fix conditional expression after breaking	Corinna Vinschen
	it on 2014-01-23.
2014-02-09	Introduce reading passwd/group entries from SAM/AD. Introduce	Corinna Vinschen
	/etc/nsswitch.conf file to configure it. * Makefile.in (DLL_OFILES): Add ldap.o. * autoload.cc: Import ldap functions from wldap32.dll. (DsEnumerateDomainTrustsW): Import. (NetGroupGetInfo): Import. * cygheap.h (class cygheap_domain_info): New class to keep global domain info. (class cygheap_pwdgrp): New class to keep passwd/group caches and configuration info from /etc/nssswitch.conf. (struct init_cygheap): Add cygheap_domain_info member "dom" and cygheap_pwdgrp member "pg". * cygtls.h (struct _local_storage): Remove unused member "res". Rearrange slightly, Add members pwbuf and grbuf to implement non-caching passwd/group fetching from SAM/AD. Make pw_pos and pw_pos unsigned. * fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Add RFC 2307 uid/gid mapping. * fhandler_process.cc: Drop including pwdgrp.h. * fhandler_procsysvipc.cc: Ditto. * fhandler_registry.cc (fhandler_registry::fstat): Set key uid/gid to ILLEGAL_UID/ILLEGAL_GID rather than UNKNOWN_UID/UNKNOWN_GID. * grp.cc (group_buf): Drop. (gr): Drop. (pwdgrp::parse_group): Fill pg_grp. (pwdgrp::read_group): Remove. (pwdgrp::init_grp): New method. (pwdgrp::prep_tls_grbuf): New method. (pwdgrp::find_group): New methods. (internal_getgrsid): Convert to call new pwdgrp methods. (internal_getgrnam): Ditto. (internal_getgrgid): Ditto. (getgrgid_r): Drop 2nd parameter from internal_getgrgid call. (getgrgid32): Ditto. (getgrnam_r): Ditto for internal_getgrnam. (getgrnam32): Ditto. (getgrent32): Convert to call new pwdgrp methods. (internal_getgrent): Remove. (internal_getgroups): Simplify, especially drop calls to internal_getgrent. * ldap.cc: New file implementing cyg_ldap class for LDAP access to AD and RFC 2307 server. * ldap.h: New header, declaring cyg_ldap class. * passwd.cc (passwd_buf): Drop. (pr): Drop. (pwdgrp::parse_passwd): Fill pg_pwd. (pwdgrp::read_passwd): Remove. (pwdgrp::init_pwd): New method. (pwdgrp::prep_tls_pwbuf): New method. (find_user): New methods. (internal_getpwsid): Convert to call new pwdgrp methods. (internal_getpwnam): Ditto. (internal_getpwuid): Ditto. (getpwuid32): Drop 2nd parameter from internal_getpwuid call. (getpwuid_r): Ditto. (getpwnam): Ditto for internal_getpwnam. (getpwnam_r): Ditto. (getpwent): Convert to call new pwdgrp methods. * path.cc (class etc): Remove all methods. * path.h (class etc): Drop. * pinfo.cc (pinfo_basic::pinfo_basic): Set gid to ILLEGAL_GID rather than UNKNOWN_GID. (pinfo_init): Ditto. * pwdgrp.h (internal_getpwnam): Drop 2nd parameter from declaration. (internal_getpwuid): Ditto. (internal_getgrgid): Ditto. (internal_getgrnam): Ditto. (internal_getgrent): Drop declaration. (enum fetch_user_arg_type_t): New type. (struct fetch_user_arg_t): New type. (struct pg_pwd): New type. (struct pg_grp): New type. (class pwdgrp): Rework to provide functions for file and db requests and caching. (class ugid_cache_t): New class to provide RFC 2307 uid map caching. (ugid_cache): Declare. * sec_acl.cc: Drop including pwdgrp.h. * sec_auth.cc: Drop including dsgetdc.h and pwdgrp.h. (get_logon_server): Convert third parameter to ULONG flags argument to allow arbitrary flags values in DsGetDcNameW call and change calls to this function throughout. Use cached account domain name rather than calling GetComputerNameW. (get_unix_group_sidlist): Remove. (get_server_groups): Drop call to get_unix_group_sidlist. (verify_token): Rework token group check without calling internal_getgrent. * sec_helper.cc (cygpsid::pstring): New methods, like string() but return pointer to end of string. (cygsid::getfromstr): Add wide character implementation. (get_sids_info): Add RFC 2307 uid/gid mapping for Samba shares. * security.cc: Drop including pwdgrp.h. * security.h (DEFAULT_UID): Remove. (UNKNOWN_UID): Remove. (UNKNOWN_GID): Remove. (uinfo_init): Move here from winsup.h. (ILLEGAL_UID): Ditto. (ILLEGAL_GID): Ditto. (UNIX_POSIX_OFFSET): Define. Add lengthy comment. (UNIX_POSIX_MASK): Ditto. (MAP_UNIX_TO_CYGWIN_ID): Ditto. (ILLEGAL_UID16): Move here from winsup.h. (ILLEGAL_GID16): Ditto. (uid16touid32): Ditto. (gid16togid32): Ditto. (sid_id_auth): New convenience macro for SID component access. (sid_sub_auth_count): Ditto. (sid_sub_auth): Ditto. (sid_sub_auth_rid): Ditto. (cygpsid::pstring): Declare. (cygsid::getfromstr): Declare wide character variant. (cygsid::operator=): Ditto. (cygsid::operator=): Ditto. (get_logon_server): Change declaration according to source code. setlsapwd.cc (setlsapwd): Drop 2nd parameter from internal_getpwnam call. * shared.cc (memory_init): Call cygheap->pg.init in first process. * syscalls.cc: Drop including pwdgrp.h. * tlsoffsets.h: Regenerate. * tlsoffsets64.h: Ditto. * uinfo.cc (internal_getlogin): Drop gratuitious internal_getpwuid call. Fix debug output. Overwrite user gid in border case of a missing passwd file while a group file exists. (pwdgrp::add_line): Allocate memory on cygheap. (pwdgrp::load): Remove. (ugid_cache): Define. (cygheap_pwdgrp::init): New method. (cygheap_pwdgrp::nss_init_line): New method. (cygheap_pwdgrp::_nss_init): New method. (cygheap_domain_info::init): New method. (logon_sid): Define. (get_logon_sid): New function. (pwdgrp::add_account_post_fetch): New method. (pwdgrp::add_account_from_file): New methods. (pwdgrp::add_account_from_windows): New methods. (pwdgrp::check_file): New method. (pwdgrp::fetch_account_from_line): New method. (pwdgrp::fetch_account_from_file): New method. (pwdgrp::fetch_account_from_windows): New method. * winsup.h: Move aforementioned macros and declarations to security.h.
2014-01-23	* security.h (open_local_policy): Remove declaration.	Corinna Vinschen
	(lsa_open_policy): Declare. (lsa_close_policy): Declare. * sec_auth.cc (lsa_open_policy): Rename from open_local_policy. Take server name as parameter. Return NULL in case of error, rather than INVALID_HANDLE_VALUE. (lsa_close_policy): Rename from close_local_policy. Make externally available. Get handle by value. (create_token): Convert call to open_local_policy/close_local_policy according to aforementioned changes. (lsaauth): Ditto. (lsaprivkeyauth): Ditto. * setlsapwd.cc (setlsapwd): Ditto.
2011-04-04	* cygserver_setpwd.h (setlsapwd): Add username parameter to declaration.	Corinna Vinschen
	* external.cc (cygwin_internal): In the CW_SET_PRIV_KEY case, fetch additional username parameter. * setlsapwd.cc (setlsapwd): Add username parameter. Allow admin to set the hidden password for other users.
2009-01-21	ChangeLog:	Corinna Vinschen
	* configure.in: Remove --enable-server option. Allways add the cygserver directory to $SUBDIRS. * configure: Regenerate. cygwin/ChangeLog: Remove USE_SERVER define. Accommodate throughout. * configure.in: Remove --enable-server option. * configure: Regenerate. * environ.cc: Remove CYGWIN=server setting. cygserver/ChangeLog: * client.cc (allow_server): Remove variable. (client_request_get_version::client_request_get_version): Drop checking allow_server. utils/ChangeLog: * passwd.c: Remove CYGWIN=server requirement from usage text. doc/ChangeLog: * cygserver.sgml: Remove the "How to use the Cygserver services" section. * cygwinenv.sgml: Move "(no)server" to the removed options section. * faq-programming.xml: Remove CYGWIN=server requirement for running the Cygwin testsuite. * ntsec.sgml: Ditto for using `passwd -R'.
2008-12-15	* setlsapwd.cc (setlsapwd): Simplify code. Only try to call cygserver	Corinna Vinschen
	if opening local policy fails. Don't treat removing non-existant private data as error.
2008-12-15	* setlsapwd.cc (setlsapwd): Explicitely erase password buffer content	Corinna Vinschen
	after usage.
2008-11-26	* Makefile.in (DLL_OFILES): Add setlsapwd.o.	Corinna Vinschen
	* cygserver.h (CYGWIN_SERVER_VERSION_API): Bump. (request_code_t): Define CYGSERVER_REQUEST_SETPWD request type. * cygserver_msg.h (client_request_msg::retval): Use default value of -1 for retval if msglen is 0. * cygserver_sem.h (client_request_sem::retval): Ditto. * cygserver_shm.h (client_request_shm::retval): Ditto. * cygserver_setpwd.h: New file. * external.cc (cygwin_internal): Implement new CW_SET_PRIV_KEY type. * sec_auth.cc (open_local_policy): Make externally available. Get ACCESS_MASK as argument. (create_token): Accommodate change to open_local_policy. (lsaauth): Ditto. (lsaprivkeyauth): New function fetching token by retrieving password stored in Cygwin or Interix LSA private data area and calling LogonUser with it. * security.h (lsaprivkeyauth): Declare. (open_local_policy): Declare. * setlsapwd.cc: New file implementing setting LSA private data password using LsaStorePrivateData or by calling cygserver if available. * syscalls.cc (seteuid32): Add workaround to get the original token when switching back to the original privileged user, even if setgroups group list is still active. Add long comment to explain why. Call lsaprivkeyauth first, only if that fails call lsaauth or create_token. * include/cygwin/version.h: Bump API minor number. * include/sys/cygwin.h (cygwin_getinfo_types): Add CW_SET_PRIV_KEY.