https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=d4f8c94a9b62706d88f8b6b80697023ab32ae497
commit d4f8c94a9b62706d88f8b6b80697023ab32ae497
Author: Corinna Vinschen <cori...@vinschen.de>
Date: Mon Mar 30 18:05:06 2015 +0200
Try best to handle user from domain not in trusted domain list.
* cygheap.h (cygheap_domain_info::add_domain): Add prototype.
* uinfo.cc (cygheap_domain_info::add_domain): New method.
(pwdgrp::fetch_account_from_windows): Try to add domain explicitely
if it was not in the original list of trusted domains and go ahead
rather than bailing out. Add comment to explain why.
Signed-off-by: Corinna Vinschen <cori...@vinschen.de>
Diff:
---
winsup/cygwin/ChangeLog | 8 ++++++++
winsup/cygwin/cygheap.h | 1 +
winsup/cygwin/uinfo.cc | 40 ++++++++++++++++++++++++++++++++++++----
3 files changed, 45 insertions(+), 4 deletions(-)
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index a0a8c8a..7e92599 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,5 +1,13 @@
2015-03-30 Corinna Vinschen <cori...@vinschen.de>
+ * cygheap.h (cygheap_domain_info::add_domain): Add prototype.
+ * uinfo.cc (cygheap_domain_info::add_domain): New method.
+ (pwdgrp::fetch_account_from_windows): Try to add domain explicitely
+ if it was not in the original list of trusted domains and go ahead
+ rather than bailing out. Add comment to explain why.
+
+2015-03-30 Corinna Vinschen <cori...@vinschen.de>
+
* cygtls.h (struct _cygtls): Convert thread_context to type CONTEXT.
* exceptions.cc (_cygtls::signal_debugger): Use sizeof (CONTEXT) for
size of CONTEXT copied for GDB's digestion.
diff --git a/winsup/cygwin/cygheap.h b/winsup/cygwin/cygheap.h
index 6fb7a06..fd84814 100644
--- a/winsup/cygwin/cygheap.h
+++ b/winsup/cygwin/cygheap.h
@@ -393,6 +393,7 @@ public:
inline PDS_DOMAIN_TRUSTSW trusted_domain (ULONG idx) const
{ return (idx < tdom_count) ? tdom + idx : NULL; }
+ PDS_DOMAIN_TRUSTSW add_domain (PCWSTR, PSID);
inline PWCHAR get_rfc2307_domain () const
{ return rfc2307_domain_buf ?: NULL; }
diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc
index b1025b0..f78e484 100644
--- a/winsup/cygwin/uinfo.cc
+++ b/winsup/cygwin/uinfo.cc
@@ -1428,6 +1428,29 @@ cygheap_domain_info::init ()
return true;
}
+PDS_DOMAIN_TRUSTSW
+cygheap_domain_info::add_domain (PCWSTR domain, PSID sid)
+{
+ PDS_DOMAIN_TRUSTSW new_tdom;
+ cygsid tsid (sid);
+
+ new_tdom = (PDS_DOMAIN_TRUSTSW) crealloc (tdom, (tdom_count + 1)
+ * sizeof (DS_DOMAIN_TRUSTSW));
+ if (!new_tdom)
+ return NULL;
+
+ tdom = new_tdom;
+ new_tdom = &tdom[tdom_count];
+ new_tdom->DnsDomainName = new_tdom->NetbiosDomainName = cwcsdup (domain);
+ --*RtlSubAuthorityCountSid (tsid);
+ ULONG len = RtlLengthSid (tsid);
+ new_tdom->DomainSid = cmalloc_abort(HEAP_BUF, len);
+ RtlCopySid (len, new_tdom->DomainSid, tsid);
+ new_tdom->PosixOffset = 0;
+ ++tdom_count;
+ return new_tdom;
+}
+
/* Per session, so it changes potentially when switching the user context. */
static cygsid logon_sid ("");
@@ -2135,16 +2158,25 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t
&arg, cyg_ldap *pldap)
if (!wcscasecmp (dom, td->NetbiosDomainName))
{
domain = td->DnsDomainName;
- posix_offset =
- fetch_posix_offset (td, &loc_ldap);
break;
}
-
if (!domain)
{
+ /* This shouldn't happen, in theory, but it does. There
+ are cases where the user's logon domain does not show
+ up in the list of trusted domains. We're desperately
+ trying to workaround that here bu adding an entry for
+ this domain to the trusted domains and ask the DC for
+ a posix_offset. There's a good chance this doesn't
+ work either, but at least we tried, and the user can
+ work. */
debug_printf ("Unknown domain %W", dom);
- return NULL;
+ td = cygheap->dom.add_domain (dom, sid);
+ if (td)
+ domain = td->DnsDomainName;
}
+ if (domain)
+ posix_offset = fetch_posix_offset (td, &loc_ldap);
}
}
/* If the domain returned by LookupAccountSid is not our machine
