https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=98209e8e304e40a352bac5703a597ed66628d084
commit 98209e8e304e40a352bac5703a597ed66628d084 Author: Corinna Vinschen <cori...@vinschen.de> Date: Mon Mar 30 18:05:06 2015 +0200 Try best to handle user from domain not in trusted domain list. * cygheap.h (cygheap_domain_info::add_domain): Add prototype. * uinfo.cc (cygheap_domain_info::add_domain): New method. (pwdgrp::fetch_account_from_windows): Try to add domain explicitely if it was not in the original list of trusted domains and go ahead rather than bailing out. Add comment to explain why. Signed-off-by: Corinna Vinschen <cori...@vinschen.de> Diff: --- winsup/cygwin/ChangeLog | 8 ++++++++ winsup/cygwin/cygheap.h | 1 + winsup/cygwin/uinfo.cc | 40 ++++++++++++++++++++++++++++++++++++---- 3 files changed, 45 insertions(+), 4 deletions(-) diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 505f4ce..20ad606 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,5 +1,13 @@ 2015-03-30 Corinna Vinschen <cori...@vinschen.de> + * cygheap.h (cygheap_domain_info::add_domain): Add prototype. + * uinfo.cc (cygheap_domain_info::add_domain): New method. + (pwdgrp::fetch_account_from_windows): Try to add domain explicitely + if it was not in the original list of trusted domains and go ahead + rather than bailing out. Add comment to explain why. + +2015-03-30 Corinna Vinschen <cori...@vinschen.de> + * cygtls.h (struct _cygtls): Convert thread_context to type CONTEXT. * exceptions.cc (_cygtls::signal_debugger): Use sizeof (CONTEXT) for size of CONTEXT copied for GDB's digestion. diff --git a/winsup/cygwin/cygheap.h b/winsup/cygwin/cygheap.h index 6fb7a06..fd84814 100644 --- a/winsup/cygwin/cygheap.h +++ b/winsup/cygwin/cygheap.h @@ -393,6 +393,7 @@ public: inline PDS_DOMAIN_TRUSTSW trusted_domain (ULONG idx) const { return (idx < tdom_count) ? tdom + idx : NULL; } + PDS_DOMAIN_TRUSTSW add_domain (PCWSTR, PSID); inline PWCHAR get_rfc2307_domain () const { return rfc2307_domain_buf ?: NULL; } diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc index b1025b0..f78e484 100644 --- a/winsup/cygwin/uinfo.cc +++ b/winsup/cygwin/uinfo.cc @@ -1428,6 +1428,29 @@ cygheap_domain_info::init () return true; } +PDS_DOMAIN_TRUSTSW +cygheap_domain_info::add_domain (PCWSTR domain, PSID sid) +{ + PDS_DOMAIN_TRUSTSW new_tdom; + cygsid tsid (sid); + + new_tdom = (PDS_DOMAIN_TRUSTSW) crealloc (tdom, (tdom_count + 1) + * sizeof (DS_DOMAIN_TRUSTSW)); + if (!new_tdom) + return NULL; + + tdom = new_tdom; + new_tdom = &tdom[tdom_count]; + new_tdom->DnsDomainName = new_tdom->NetbiosDomainName = cwcsdup (domain); + --*RtlSubAuthorityCountSid (tsid); + ULONG len = RtlLengthSid (tsid); + new_tdom->DomainSid = cmalloc_abort(HEAP_BUF, len); + RtlCopySid (len, new_tdom->DomainSid, tsid); + new_tdom->PosixOffset = 0; + ++tdom_count; + return new_tdom; +} + /* Per session, so it changes potentially when switching the user context. */ static cygsid logon_sid (""); @@ -2135,16 +2158,25 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) if (!wcscasecmp (dom, td->NetbiosDomainName)) { domain = td->DnsDomainName; - posix_offset = - fetch_posix_offset (td, &loc_ldap); break; } - if (!domain) { + /* This shouldn't happen, in theory, but it does. There + are cases where the user's logon domain does not show + up in the list of trusted domains. We're desperately + trying to workaround that here bu adding an entry for + this domain to the trusted domains and ask the DC for + a posix_offset. There's a good chance this doesn't + work either, but at least we tried, and the user can + work. */ debug_printf ("Unknown domain %W", dom); - return NULL; + td = cygheap->dom.add_domain (dom, sid); + if (td) + domain = td->DnsDomainName; } + if (domain) + posix_offset = fetch_posix_offset (td, &loc_ldap); } } /* If the domain returned by LookupAccountSid is not our machine