Home
My Posts

Archive
Login
Signup

Recent Posts

Free subdomains

Want your own xyz.kpaste.net sub-domain for your community? Just type the address into your browser address bar (foo.xyz.kpaste.net is also supported).

Suggestions/Bugs?

Email us at . Try to include as much info as possible.

About

Pastebin is a tool for collaborative debugging or editing.

 

msnfs41_client: idmap support with Cygwin getent passwd/group prototype
Posted by Anonymous on Tue 19th Sep 2023 13:52
raw | new post
view followups (newest first): msnfs41_client: idmap support with Cygwin getent passwd/group prototype by Anonymous
modification of post by Anonymous (view diff)

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting: None Bash C C++ CSS Diff HTML mIRC Script Perl PHP Python Smarty XML ---------------------------- ABAP Actionscript ADA Apache Log AppleScript APT sources.list ASM ASP AutoIT Bash C C# C++ C++ (with QT) CSS Diff HTML INI (Config Files) Java Javascript Lua Make mIRC Script MySQL NSIS Perl PHP Python Q(uick)BASIC robots Ruby Ruby on Rails SDLBasic Smarty SQL TCL Text VB.NET Visual BASIC Visual Fox Pro Visual Prolog Windows Registry Files XML Xorg.conf

To highlight particular lines, prefix each line with {%HIGHLIGHT}
diff --git a/daemon/acl.c b/daemon/acl.c index 3a86735..61a737d 100644 --- a/daemon/acl.c +++ b/daemon/acl.c @@ -65,6 +65,9 @@ static int create_unknownsid(WELL_KNOWN_SID_TYPE type, PSID *sid, status = GetLastError(); if (status != ERROR_INSUFFICIENT_BUFFER) return status; +#if 1 +*sid_len += 256; +#endif *sid = malloc(*sid_len); if (*sid == NULL) return ERROR_INSUFFICIENT_BUFFER; @@ -97,6 +100,11 @@ static int map_name_2_sid(DWORD *sid_len, PSID *sid, LPCSTR name) LPSTR tmp_buf = NULL; DWORD tmp = 0; +#if 1 + /* test mapping: Map UNIX user "rmainz" to Windows user "roland_mainz" */ + if (!_stricmp(name, "rmainz")) + name = "roland_mainz"; +#endif status = LookupAccountName(NULL, name, NULL, sid_len, NULL, &tmp, &sid_type); dprintf(ACLLVL, "map_name_2_sid: LookupAccountName for %s returned %d " "GetLastError %d name len %d domain len %d\n", name, status, @@ -107,6 +115,9 @@ static int map_name_2_sid(DWORD *sid_len, PSID *sid, LPCSTR name) status = GetLastError(); switch(status) { case ERROR_INSUFFICIENT_BUFFER: +#if 1 +*sid_len += 256; +#endif *sid = malloc(*sid_len); if (*sid == NULL) { status = GetLastError(); @@ -798,4 +809,4 @@ const nfs41_upcall_op nfs41_op_setacl = { parse_setacl, handle_setacl, marshall_setacl -}; \ No newline at end of file +}; diff --git a/daemon/idmap.c b/daemon/idmap.c index 0dfa8ef..b50f4e2 100644 --- a/daemon/idmap.c +++ b/daemon/idmap.c @@ -31,6 +31,7 @@ #include "list.h" #include "daemon_debug.h" +#define CYGWIN_GETENT_USERDATA 1 #define IDLVL 2 /* dprintf level for idmap logging */ @@ -375,6 +376,156 @@ out: return status; } +#ifdef CYGWIN_GETENT_USERDATA +int cygwin_getent_passwd(const char *name, char *res_loginname, uid_t *res_uid, gid_t *res_gid) +{ + char cmdbuff[1024]; + char passwd_line[1024]; + FILE* getent_pipe; + int res = 1; + + /* fixme: better quoting for |name| needed */ + (void)snprintf(cmdbuff, sizeof(cmdbuff), "%s passwd \"%s\"", + "C:\\cygwin64\\bin\\getent.exe", + name); + if ((getent_pipe = _popen(cmdbuff, "rt")) == NULL) + { + (void)perror("getent failed"); + return 1; + } + + if (fgets(passwd_line, sizeof(passwd_line), getent_pipe)) + { + struct _cypwent + { + char* loginname; + char* passwd; + char* uidstr; + char* gidstr; + char* comment; + char* homedir; + char* shell; + } pwent = { 0 }; +#define PWENT_ENTRY(var, prevvar) \ + (((var) = strchr((prevvar), ':'))?(*(var)++ = '\0',(var)):(NULL)) + + pwent.loginname = passwd_line; + if (!PWENT_ENTRY(pwent.passwd, pwent.loginname)) goto fail; + if (!PWENT_ENTRY(pwent.uidstr, pwent.passwd)) goto fail; + if (!PWENT_ENTRY(pwent.gidstr, pwent.uidstr)) goto fail; + if (!PWENT_ENTRY(pwent.comment, pwent.gidstr)) goto fail; + if (!PWENT_ENTRY(pwent.homedir, pwent.comment)) goto fail; + PWENT_ENTRY(pwent.shell, pwent.homedir); + + unsigned long uid; + unsigned long gid; + + errno = 0; + uid = strtol(pwent.uidstr, NULL, 10); + if (errno != 0) + goto fail; + + errno = 0; + gid = strtol(pwent.gidstr, NULL, 10); + if (errno != 0) + goto fail; + +#if 1 + /* hack for testing, map "roland_mainz" to rmainz account */ + if (!_stricmp(pwent.loginname, "roland_mainz")) { + uid = 1616; + gid = 1616; + } +#endif +#if 0 + (void)printf("loginname\t=%s\n", pwent.loginname); + (void)printf("passwd\t=%s\n", pwent.passwd); + (void)printf("uidstr\t=%s (%lu)\n", pwent.uidstr, (unsigned long)uid); + (void)printf("gidstr\t=%s (%lu)\n", pwent.gidstr, (unsigned long)gid); + (void)printf("comment\t=%s\n", pwent.comment); + (void)printf("homedir\t=%s\n", pwent.homedir); + (void)printf("shell\t=%s\n", pwent.shell); +#endif + if (res_loginname) + (void)strcpy_s(res_loginname, VAL_LEN, pwent.loginname); + *res_uid = uid; + *res_gid = gid; + res = 0; + } + +fail: + (void)_pclose(getent_pipe); + + return res; +} + +int cygwin_getent_group(const char* name, char* res_group_name, gid_t* res_gid) +{ + char cmdbuff[1024]; + char group_line[1024]; + FILE* getent_pipe; + int res = 1; + + /* fixme: better quoting for |name| needed */ + (void)snprintf(cmdbuff, sizeof(cmdbuff), "%s group \"%s\"", + "C:\\cygwin64\\bin\\getent.exe", + name); + if ((getent_pipe = _popen(cmdbuff, "rt")) == NULL) + { + (void)perror("getent failed"); + return 1; + } + + if (fgets(group_line, sizeof(group_line), getent_pipe)) + { + struct _cygrent + { + char* group_name; + char* passwd; + char* gidstr; + char* userlist; + } grent = { 0 }; + + grent.group_name = group_line; + if (!PWENT_ENTRY(grent.passwd, grent.group_name)) goto fail; + if (!PWENT_ENTRY(grent.gidstr, grent.passwd)) goto fail; + PWENT_ENTRY(grent.userlist, grent.gidstr); + + unsigned long gid; + + errno = 0; + gid = strtol(grent.gidstr, NULL, 10); + if (errno != 0) + goto fail; + +#if 1 + /* hack for testing, map "roland_mainz" to rmainz account */ + if (!_stricmp(grent.group_name, "roland_mainz")) { + gid = 1616; + } +#endif + + (void)printf("group_name\t=%s\n", grent.group_name); + (void)printf("passwd\t=%s\n", grent.passwd); + (void)printf("gidstr\t=%s (%lu)\n", grent.gidstr, (unsigned long)gid); + (void)printf("userlist\t=%s\n", grent.userlist); + + if (res_group_name) + (void)strcpy_s(res_group_name, VAL_LEN, grent.group_name); + *res_gid = gid; + res = 0; + } + else + { + (void)puts("no match for group"); + } + +fail: + (void)_pclose(getent_pipe); + + return res; +} +#endif /* CYGWIN_GETENT_USERDATA */ /* generic cache */ typedef struct list_entry* (*entry_alloc_fn)(); @@ -665,10 +816,10 @@ static int idmap_lookup_user( if (status == NO_ERROR) { /* don't return expired entries; query new attributes * and overwrite the entry with cache_insert() */ - if (time(NULL) - user->last_updated < context->config.cache_ttl) + if ((time(NULL) - user->last_updated) < context->config.cache_ttl) goto out; } - +#if 0 /* send the query to the ldap server */ status = idmap_query_attrs(context, lookup, attributes, optional, values, NUM_ATTRIBUTES); @@ -705,7 +856,91 @@ static int idmap_lookup_user( goto out_free_values; } user->last_updated = time(NULL); - +#else + if (lookup->attr == ATTR_USER_NAME) { + char principal_name[VAL_LEN]; + uid_t cy_uid = 0; + gid_t cy_gid = 0; + + status = ERROR_NOT_FOUND; + + if (!cygwin_getent_passwd(lookup->value, NULL, &cy_uid, &cy_gid)) { + eprintf("# ATTR_USER_NAME: cygwin_getent_passwd: returned %s, uid=%d, gid=%d\n", lookup->value, (int)cy_uid, (int)cy_gid); + (void)snprintf(principal_name, sizeof(principal_name), "%s@%s", lookup->value, "GLOBAL.LOC"); + StringCchCopyA(user->username, VAL_LEN, lookup->value); + StringCchCopyA(user->principal, VAL_LEN, principal_name); + user->uid = cy_uid; + user->gid = cy_gid; + status = 0; + } + } + else if (lookup->attr == ATTR_PRINCIPAL) { + char search_name[VAL_LEN]; + char principal_name[VAL_LEN]; + char *s; + uid_t cy_uid = 0; + gid_t cy_gid = 0; + + status = ERROR_NOT_FOUND; + + /* + * strip '@' from principal name and use that for getent + * fixme: This does not work with multiple domains + */ + (void)strcpy_s(search_name, sizeof(search_name), lookup->value); + if (s = strchr(search_name, '@')) + *s = '\0'; + + if (!cygwin_getent_passwd(search_name, NULL, &cy_uid, &cy_gid)) { + eprintf("# ATTR_PRINCIPAL: cygwin_getent_passwd: returned %s, uid=%d, gid=%d\n", lookup->value, (int)cy_uid, (int)cy_gid); + (void)snprintf(principal_name, sizeof(principal_name), "%s@%s", lookup->value, "GLOBAL.LOC"); + + if (!_stricmp(principal_name, lookup->value)) { + StringCchCopyA(user->username, VAL_LEN, search_name); + StringCchCopyA(user->principal, VAL_LEN, principal_name); + user->uid = cy_uid; + user->gid = cy_gid; + status = 0; + } + } + } + else if (lookup->attr == ATTR_UID) { + uid_t search_uid = (uid_t)(lookup->value); + char search_name[VAL_LEN]; + char res_username[VAL_LEN]; + char principal_name[VAL_LEN]; + uid_t cy_uid = 0; + gid_t cy_gid = 0; + + status = ERROR_NOT_FOUND; + + (void)snprintf(search_name, sizeof(search_name), "%lu", (unsigned long)search_uid); + + if (!cygwin_getent_passwd(search_name, res_username, &cy_uid, &cy_gid)) { + eprintf("# ATTR_UID: cygwin_getent_passwd: returned %s, uid=%d, gid=%d\n", res_username, (int)cy_uid, (int)cy_gid); + (void)snprintf(principal_name, sizeof(principal_name), "%s@%s", res_username, "GLOBAL.LOC"); + + StringCchCopyA(user->username, VAL_LEN, res_username); + StringCchCopyA(user->principal, VAL_LEN, principal_name); + user->uid = cy_uid; + user->gid = cy_gid; + status = 0; + } + } + else + { + status = ERROR_NOT_FOUND; + } + + if (status == 0) { + user->last_updated = time(NULL); + eprintf("## idmap_lookup_user: found username='%s', principal='%s', uid=%lu, gid=%lu\n", + user->username, + user->principal, + (unsigned long)user->uid, + (unsigned long)user->gid); + } +#endif if (context->config.cache_ttl) { /* insert the entry into the cache */ cache_insert(&context->users, lookup, &user->entry); @@ -732,10 +967,10 @@ static int idmap_lookup_group( if (status == NO_ERROR) { /* don't return expired entries; query new attributes * and overwrite the entry with cache_insert() */ - if (time(NULL) - group->last_updated < context->config.cache_ttl) + if ((time(NULL) - group->last_updated) < context->config.cache_ttl) goto out; } - +#if 0 /* send the query to the ldap server */ status = idmap_query_attrs(context, lookup, attributes, 0, values, NUM_ATTRIBUTES); @@ -758,7 +993,48 @@ static int idmap_lookup_group( goto out_free_values; } group->last_updated = time(NULL); +#else + if (lookup->attr == ATTR_GROUP_NAME) { + gid_t cy_gid = 0; + + status = ERROR_NOT_FOUND; + + if (!cygwin_getent_group(lookup->value, NULL, &cy_gid)) { + eprintf("# ATTR_GROUP_NAME: cygwin_getent_group: returned %s, gid=%d\n", lookup->value, (int)cy_gid); + StringCchCopyA(group->name, VAL_LEN, lookup->value); + group->gid = cy_gid; + status = 0; + } + } + else if (lookup->attr == ATTR_GID) { + gid_t search_gid = (gid_t)(lookup->value); + char search_name[VAL_LEN]; + char res_groupname[VAL_LEN]; + gid_t cy_gid = 0; + + status = ERROR_NOT_FOUND; + + (void)snprintf(search_name, sizeof(search_name), "%lu", (unsigned long)search_gid); + + if (!cygwin_getent_group(search_name, res_groupname, &cy_gid)) { + eprintf("# ATTR_GID: cygwin_getent_group: returned %s, gid=%d\n", res_groupname, (int)cy_gid); + StringCchCopyA(group->name, VAL_LEN, res_groupname); + group->gid = cy_gid; + status = 0; + } + } + else + { + status = ERROR_NOT_FOUND; + } + if (status == 0) { + group->last_updated = time(NULL); + eprintf("## idmap_lookup_group: found name='%s', gid=%lu\n", + group->name, + (unsigned long)group->gid); + } +#endif if (context->config.cache_ttl) { /* insert the entry into the cache */ cache_insert(&context->groups, lookup, &group->entry); @@ -795,6 +1071,7 @@ int nfs41_idmap_create( goto out_err_free; } +#if 0 /* initialize ldap and configure options */ context->ldap = ldap_init(context->config.hostname, context->config.port); if (context->ldap == NULL) { @@ -824,6 +1101,10 @@ int nfs41_idmap_create( goto out_err_free; } } +#else + eprintf("nfs41_idmap_create: Force context->config.timeout = 6000;\n"); + context->config.timeout = 6000; +#endif *context_out = context; out: diff --git a/daemon/nfs41_daemon.c b/daemon/nfs41_daemon.c index bb485cb..25ca6eb 100644 --- a/daemon/nfs41_daemon.c +++ b/daemon/nfs41_daemon.c @@ -389,6 +389,11 @@ VOID ServiceStart(DWORD argc, LPTSTR *argv) exit(1); } +#if 1 + /* force enable for cygwin getent passwd/group testing */ + cmd_args.ldap_enable = TRUE; +#endif + nfs41_server_list_init(); if (cmd_args.ldap_enable) {

Title:

Privacy: Public Private

How long should your post be retained?

15 mins an hour a day a week a month forever

All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at