This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Resolving localhost on Windows 7 (for exim)


Hi Pierre,

On Jan 12 11:16, Pierre A. Humblet wrote:
> cvs diff -up minires-os-if.c
> Index: minires-os-if.c
> ===================================================================
> RCS file: /cvs/src/src/winsup/cygwin/libc/minires-os-if.c,v
> retrieving revision 1.15
> diff -u -p -r1.15 minires-os-if.c
> --- minires-os-if.c     23 Apr 2013 09:44:35 -0000      1.15
> +++ minires-os-if.c     12 Jan 2015 03:39:27 -0000
> @@ -249,6 +249,13 @@ static int cygwin_query(res_state statp,
>     rr = pQueryResultsSet;
>     section = 0;
>     while (rr) {
> +    /* Some Windows versions return questions when providing locally
> +       generated answers, for example for "localhost" or for the computer name */
> +    if (((rr->Flags.DW & 0x3) == DnsSectionQuestion) &&
> +       (rr->wDataLength > 0)) {
> +      DPRINTF(debug, "Changing record below from question to answer\n");
> +      rr->Flags.DW ^= DnsSectionQuestion ^ DnsSectionAnswer;
> +    }
>       if (!counts[0] && (rr->Flags.DW & 0x3)) {
>         /* No question. Adopt the first name as the name in the question */
>         if ((len = dn_comp(rr->pName, ptr, AnsLength - 4,

Thanks, patch applied.  Somehow the indentation was totally broken in
your patch, though.

> Now the bad news:  the exim daemon crashes.
> 
> The reason is this:
> $ getent passwd exim
> NT SERVICE+exim:*:376394:376394:U-NT SERVICE\exim,S-1-5-80-3213360373-4072665756-2198108471-1641386292-839958090:/:/sbin/nologin
> 
> So even though I am requesting just "exim" I am getting an entry for "NT SERVICE+exim"

That's definitely a bug and I can easily reproduce it.  I'm not sure yet
how this happens, but this is really not ok.  I'll have a look ASAP.

> Talk about aliasing.
> The way the exim code works, when an "exim" user exists (per getpwnam)
> the daemon setuids to it.
> Here it's trying to setuid to a service. 
> This would break every exim installation.

Nevertheless, quite apart from the above, your code should be able to
live with a prefixed user account.  If the exim account is a local
account, and if the machine is an AD member, the account will be named
"MACHINE+exim".  But still, when calling getpwnam("exim"), it won't
return the entry for "MACHINE+exim".  Rather you should call cygwin_internal
as OpenSSH and postfix do now, kind of like this:

  char exim_username[DNLEN + UNLEN + 2];

  if (cygwin_internal (CW_CYGNAME_FROM_WINNAME, "exim", exim_username,
		       sizeof exim_username) != 0)
      strcpy (cyg_privsep_user, "exim");
  /* Call getpwnam */
  struct passwd *pw = getpwnam (exim_username);


Thanks,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgph6Ch1YZPTM.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]