Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2008-12-01 | s3:winbindd_cache: add debugging to get_nss_info_cached() | Michael Adam | 1 | -0/+7 | |
Michael | |||||
2008-12-01 | s3:winbindd/nss_info: add entry debug message to nss_get_info() | Michael Adam | 1 | -0/+3 | |
Michael | |||||
2008-12-01 | s3:winbindd/nss_info: add debugging to nss_init() | Michael Adam | 1 | -0/+7 | |
Michael | |||||
2008-12-01 | s3:winbindd/idmap_ad: add entry debug message to nss_ad_get_info() | Michael Adam | 1 | -0/+3 | |
Michael | |||||
2008-12-01 | s3:winbindd/idmap_ad: add support for trusted domains to idmap_ad (bug #3661) | Michael Adam | 1 | -126/+221 | |
This initial fix does at least work for explicitly configured domains. The patch has a few disadvantages: 1. It does work only for explicitly configured domains, not with the default backend (idmap backend = ad), since it relies on the domain name being passed in via the idmap_domain. One workaround for this would be to create clones of the default idmap_domain for domains not explicitly configured. 2. It calls find_domain_from_name_noinit() from idmap_ad_cached_connection. The problem here is that only the NetBIOS domain name (workgroup name) is passed in via the idmap_domain struct, and the module has to establish a connection to the domain based on that information. find_domain_from_name_noinit() has the disadvantage that it uses the state of the domain list at fork time (unless used from the main winbindd). But this should be ok as long as the primary domain was reachable at start time. For nss_info, the situation is similar - This will only work for domains explicitly configured in smb.conf as follows: "winbind nss info = rfc2307:dom1 sfu:dom2 rfc2307:dom3 template:dom4" Setting the default nss info to one of the ad backends (rfc2307, sfu, sfu20) will fail since the domain name is not passed in with the nss_domain_entry. Michael | |||||
2008-12-01 | s3:winbindd/idmap_ad: refactor core of nss_{sfu|sfu20|rfc2307}_init to ↵ | Michael Adam | 1 | -34/+48 | |
common function. Michael | |||||
2008-12-01 | s3:winbindd/idmap_ad: rename ctx to mem_ctx in nss_ad_get_info() | Michael Adam | 1 | -8/+8 | |
in preparation to using the idmap_ad_context there Michael | |||||
2008-12-01 | s3:winbindd/idmap: add diagnostic entry debug msg to ↵ | Michael Adam | 1 | -0/+3 | |
idmap_backends_sid_to_unixid Michael | |||||
2008-12-01 | s3:winbindd/idmap: add diagnostic entry debug msg to ↵ | Michael Adam | 1 | -0/+4 | |
idmap_backends_unixid_to_sid Michael | |||||
2008-12-01 | s3:winbindd/idmap: add diagnostic entry debug msg to idmap_find_domain(). | Michael Adam | 1 | -0/+3 | |
Michael | |||||
2008-12-01 | s3:winbindd/idmap_util: unify entering debug messages and add ouput of domain | Michael Adam | 1 | -4/+8 | |
Michael | |||||
2008-12-01 | s3:winbindd/nss_info: change nss_map_{to|from}_alias to take nss_domain_entry | Michael Adam | 6 | -22/+24 | |
instead of just the domain name Michael | |||||
2008-11-30 | Set PRESENT flag when returning NULL [SD]ACL like Windows does. | Steven Danneman | 1 | -1/+9 | |
This could also be handled inside each ACL VFS module, by setting the PRESENT flag when a NULL [SD]ACL is created. | |||||
2008-11-30 | remove the explicit mem_ctx from ntlmssp_state, use the state itself | Volker Lendecke | 3 | -50/+45 | |
2008-11-30 | fix nonempty blank lines | Volker Lendecke | 2 | -30/+29 | |
2008-11-30 | Do not build the session request if it si not used anyway | Volker Lendecke | 1 | -4/+4 | |
2008-11-30 | fix nonempty blank lines | Volker Lendecke | 1 | -19/+19 | |
2008-11-29 | s3-libnetjoin: Fix bug #5749. Re-set acctflags while joining. fix from metze. | Günther Deschner | 1 | -16/+29 | |
Guenther | |||||
2008-11-29 | s3-libnetjoin: remove unused md4_trust_password, found by metze. | Günther Deschner | 1 | -5/+0 | |
Guenther | |||||
2008-11-28 | s4-smbtorture: add some more testcases to pwdlastset test. | Günther Deschner | 1 | -30/+118 | |
Guenther | |||||
2008-11-28 | s4-smbtorture: fix RPC-SAMR-PASSWORDS-PWDLASTSET with samba3 option. | Günther Deschner | 1 | -1/+0 | |
Guenther | |||||
2008-11-28 | s3-samr: add init_samr_user_info25 and init_samr_user_info26. | Günther Deschner | 2 | -0/+118 | |
Guenther | |||||
2008-11-28 | selftest: s4 does not have a pwdlastset implementation yet. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2008-11-28 | s4-smbtorture: allow to disable full testing of all possible opcode ↵ | Günther Deschner | 1 | -2/+19 | |
combinations. Guenther | |||||
2008-11-28 | s4-smbtorture: move test to SAMR-PASSWORDS-PWDLASTSET. | Günther Deschner | 2 | -5/+42 | |
Guenther | |||||
2008-11-28 | s4-smbtorture: add test for samr password_expired flag while setting passwords. | Günther Deschner | 1 | -1/+401 | |
Guenther | |||||
2008-11-28 | s4-smbtorture: add test_SetUserPass_level_ex. | Günther Deschner | 1 | -0/+131 | |
Guenther | |||||
2008-11-28 | s4-smbtorture: add samr_rand_pass_silent. | Günther Deschner | 1 | -1/+8 | |
Guenther | |||||
2008-11-28 | s4-samr: fix samr passwdord_expired callers. | Günther Deschner | 4 | -9/+11 | |
Guenther | |||||
2008-11-28 | s3-samr: fix init_samr_user_info{23,24} callers. | Günther Deschner | 5 | -14/+14 | |
Guenther | |||||
2008-11-28 | s3-build: re-run make samba3-idl. | Günther Deschner | 2 | -8/+8 | |
Guenther | |||||
2008-11-28 | samr: fix samr_UserInfo24 and samr_UserInfo26. | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2008-11-28 | Remove "conn" parameter from np_open, smb_request contains it | Volker Lendecke | 4 | -6/+7 | |
2008-11-28 | Remove inbuf references from the trans2ioctl code | Volker Lendecke | 1 | -4/+4 | |
2008-11-28 | Consolidate the buffer checks for the reply_trans style functions | Volker Lendecke | 3 | -169/+54 | |
This is the one where I found the problem that led to 3.2.5. So if there is one checkin in the last year that I would like others to review and *understand*, it is this one :-) Volker | |||||
2008-11-28 | Move cli_trans_oob to lib/util.c | Volker Lendecke | 3 | -17/+24 | |
Rename it to trans_oob, it will be used in the server routines. | |||||
2008-11-28 | Remove the variable "size" from reply_nttrans | Volker Lendecke | 1 | -10/+13 | |
This converts the range checks for the setup[] array to rely on req->wct being set correctly in init_smb_request. As that already verifies the vwv array to be in the range of the smb_request inbuf, we don't have to do overflow checks here anymore. Jeremy, please check thoroughly! :-) Thanks, Volker | |||||
2008-11-28 | Remove the variable "size" from reply_trans | Volker Lendecke | 1 | -12/+16 | |
This converts the range checks for the setup[] array to rely on req->wct being set correctly in init_smb_request. As that already verifies the vwv array to be in the range of the smb_request inbuf, we don't have to do overflow checks here anymore. Jeremy, please check thoroughly! :-) Thanks, Volker | |||||
2008-11-28 | Remove an unused variable | Volker Lendecke | 1 | -2/+0 | |
2008-11-28 | Remove two direct inbuf references from reply_sesssetup_and_X_spnego() | Volker Lendecke | 1 | -2/+2 | |
2008-11-27 | s3-samr: never allow to alter pwdlastset directly. | Günther Deschner | 1 | -0/+16 | |
Guenther | |||||
2008-11-27 | s3-samr: fix return code for invalid password sets in SetUserInfo. | Günther Deschner | 1 | -4/+4 | |
Guenther | |||||
2008-11-27 | s3-samr: fix return code for invalid name in _samr_LookupDomain. | Günther Deschner | 1 | -0/+3 | |
Guenther | |||||
2008-11-27 | s3-samr: avoid enumeration and user creation on builtin domain handle. | Günther Deschner | 1 | -0/+10 | |
Guenther | |||||
2008-11-27 | s3-samr: support samr_CreateUser as well. | Günther Deschner | 1 | -10/+20 | |
Guenther | |||||
2008-11-27 | s3-samr: support samr_QueryUserInfo2 as well. | Günther Deschner | 1 | -10/+15 | |
Guenther | |||||
2008-11-27 | s3-samr: add support for _samr_QueryUserInfo level 5. | Günther Deschner | 1 | -0/+108 | |
Guenther | |||||
2008-11-27 | s3-samr: add init_samr_user_info5. | Günther Deschner | 2 | -0/+66 | |
Guenther | |||||
2008-11-27 | s4-smbtorture: fix some build warnings. | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2008-11-27 | Fix the offset checks in the trans routines | Volker Lendecke | 3 | -9/+9 | |
This fixes a potential crash bug, a client can make us read memory we should not read. Luckily I got the disp checks right... Volker (cherry picked from commit 64a1d80851da5b05e70ec6c96f6e9bd473748369) (cherry picked from commit f04c5650a3aeca23591ddc781c4b297caaf9bb3f) |