summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r14468: Better fix to avoid winbind panic when we have an inproper configurationGünther Deschner2-4/+13
and want to just shutdown and exit. Guenther (This used to be commit 0aa6328ed6ba6d0d24169ffdff0099405c9bfb00)
2007-10-10r14467: Reverting 13660. This needs to be fixed differently.Günther Deschner2-12/+5
Guenther (This used to be commit 4157bfe9cfe79ff78e7e527a50058cf9103cab61)
2007-10-10r14462: Fix warning. ber_tag_t is an unsigned int forJeremy Allison1-1/+1
printing purposes. Jeremy. (This used to be commit 3c33eda430426e40e179799e7341db10c4b2e98e)
2007-10-10r14460: SMBexit closes by pid and vuid. Tested with smbtorture.Jeremy Allison2-4/+4
Jeremy. (This used to be commit 71e81580421225d5b35a25d46a7b6064a826685c)
2007-10-10r14457: Add a few more special cases for RID 513 in the samr code.Gerald Carter3-3/+49
Now that I know what all the requirements for this group are I can generalize the code some more and make it cleaner. But at least this is working with lusrmgr.msc on XP and 2k now. (This used to be commit d2c1842978cd50485849bfc4fb6d94767d96cab0)
2007-10-10r14454: Janitor for tridge - same code exists in Samba3 and 4.Jeremy Allison1-1/+1
Jeremy. ----------------------------- fixed an hmac-md5 error for keys longer than 64 (using deallocated stack variable) (This used to be commit f3879dd6bbbb20524e138b9ba8a54f6464fee5eb)
2007-10-10r14452: Sorry. Need more coffee....Gerald Carter1-1/+1
* Fix sprintf() args when createing the group search filter. (This used to be commit 0b7549997a3739b2c1500e7838ebaaa249dbfaf4)
2007-10-10r14451: In order to get pdb_ldap searching for SID_NAME_ALIASGerald Carter2-43/+17
groups in the ${MACHINESID} and S_1-5-32 domains correctly, I had to add a substr search on sambaSID. * add substr matching rule to OpenLDAP schema (we need to update the other schema as will since this is a pretty important change). Sites will need to - install the new schema - add 'indea sambaSID sub' to slapd.conf - run slapindex * remove uses of SID_NAME_WKN_GRP in pdb_ldap.c (This used to be commit 2c0a46d73122e9000a900f7e16f9b010ad4b78e3)
2007-10-10r14450: Fix more get_md4pw() breakage caused by missing "breaks"Gerald Carter1-0/+3
in the switch statement which matched the schannel type against the account type. (This used to be commit 57c705ea63381ed9ab09145b4f57a736931fa6ca)
2007-10-10r14449: fix the build (sorry everyone)Gerald Carter1-1/+2
(This used to be commit e49ca3af8c2522aee670e6b807d7b3df31be47f6)
2007-10-10r14448: * protect against NULL cli_state* pointers in cli_rpc_pipe_open()Gerald Carter2-3/+10
* Fix inverted logic check for machine accounts in get_md4pw() (This used to be commit a36529535dcb5a262e7627b80fb62a31240dc8ad)
2007-10-10r14443: rework get_md4pw() to ease debugging. The only functional change is thatGünther Deschner1-24/+69
we now check wheter the sec_channel_type matches the trust account type. Guenther (This used to be commit c35eb449375d53ffa0815897e7723c203be1f732)
2007-10-10r14432: Give in and grant BUILT\Administrators all privilegesGerald Carter2-2/+25
(This used to be commit b6170910604dba6533b727de8d7f0cc75256d14f)
2007-10-10r14428: Call fill_share_mode_entry with NO_OPLOCK instead of 0.James Peach1-3/+3
(This used to be commit a39cbaa699d111264c2c9dda49a6e4f42acd3fb8)
2007-10-10r14421: This does two thingsGerald Carter4-9/+86
* Automatically creates the BUILTIN\Users group similar to how BUILTIN\Administrators is done. This code does need to be cleaned up considerably. I'll continue to work on this. * The important fix is for getusergroups() when dealing with a local user and nested groups. Now I can run the following successfully: $ su - jerry -c groups users BUILTIN\users (This used to be commit f54d911e686ffd68ddc6dbc073987b9d8eb2fa5b)
2007-10-10r14418: Try and fix Coverity #39 and #40 by making theJeremy Allison1-2/+10
implicit function contract explicit. Jeremy. (This used to be commit 6de5e9ae4628d384631db9b66e22d439a303b75c)
2007-10-10r14416: Remove deadcode. Coverity #198.Jeremy Allison1-11/+1
Jeremy. (This used to be commit 7fc61f5a63c982cfd0fbe1838979ba7be8f69fca)
2007-10-10r14408: More on fix for coverity #36. The previous fix would cause us toJim McDonough1-0/+2
marshall a buffer based on an unknown size. Zero out the sec_desc buffer to prevent this. This is still not getting proper results for a registry security descriptor (everything gets ACCESS DENIED), but at least we aren't blowing out memory now... (This used to be commit cb370cc28ce361628df137c9aef02739aca062db)
2007-10-10r14406: Disable this call until we can sort out how thisJeremy Allison1-0/+6
should be done correctly. Fix coverity #37. Jeremy. (This used to be commit d241f74e06eac7b61e5b7e09c2b9a955ec560fec)
2007-10-10r14405: Fix the build when nscd_flush_cache is detectedJeremy Allison1-10/+12
(variable definition was missing). Jeremy. (This used to be commit 48594f0270502149069fc883096181a9730d76bf)
2007-10-10r14403: * modifies create_local_nt_token() to create a BUILTIN\AdministratorsGerald Carter14-131/+253
group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes' * Add a SID domain to the group mapping enumeration passdb call to fix the checks for local and builtin groups. The SID can be NULL if you want the old semantics for internal maintenance. I only updated the tdb group mapping code. * remove any group mapping from the tdb that have a gid of -1 for better consistency with pdb_ldap.c. The fixes the problem with calling add_group_map() in the tdb code for unmapped groups which might have had a record present. * Ensure that we distinguish between groups in the BUILTIN and local machine domains via getgrnam() Other wise BUILTIN\Administrators & SERVER\Administrators would resolve to the same gid. * Doesn't strip the global_sam_name() from groups in the local machine's domain (this is required to work with 'winbind default domain' code) Still todo. * Fix fallback Administrators membership for root and domain Admins if nested groups = no or winbindd is not running * issues with "su - user -c 'groups'" command * There are a few outstanding issues with BUILTIN\Users that Windows apparently tends to assume. I worked around this presently with a manual group mapping but I do not think this is a good solution. So I'll probably add some similar as I did for Administrators. (This used to be commit 612979476aef62e8e8eef632fa6be7d30282bb83)
2007-10-10r14399: Fix deadcode coverity bug #3.Jeremy Allison1-4/+1
Jeremy. (This used to be commit 3799f18b356934592206679310e6e409c0d1ca0f)
2007-10-10r14397: Fix deadcode in coverity error #1.Jeremy Allison1-7/+8
Jeremy. (This used to be commit 4a4953c4d27cd1e925c9afe24fa49b015ce033ec)
2007-10-10r14395: Fix coverity bug #55. Ensure no unsigned/signed comparisons.Jeremy Allison1-3/+3
Jeremy. (This used to be commit cd3ad3f1a6f622b4bad5cb21b132de4cc476e03f)
2007-10-10r14393: Fix a couple of AIX warnings.Jeremy Allison2-1/+2
Jeremy. (This used to be commit 8444c997bd3e18b1d04ebe85f06c8c6e34d7373f)
2007-10-10r14392: Use KRB5_TGS_NAME.Günther Deschner1-1/+1
Guenther (This used to be commit 4cfd737cc1d8840888f80e360119eeb627acb381)
2007-10-10r14387: Try and fix the coverity issues (#53, #54) with negativeJeremy Allison6-12/+11
sink by ensuring all uses of rpcstr_push are consistent with a size_t dest size arg. Jeremy. (This used to be commit f65d7afe1977d9d85046732842f9643716c15088)
2007-10-10r14377: Fix coverity #4 for 3_0 tooSimo Sorce1-1/+1
(This used to be commit aa26642ee19dcf7cfa3cb36032eadc823b01966b)
2007-10-10r14368: Remove redundant set of logon flags (now in rpc_netlogon.h).Günther Deschner1-2/+0
Guenther (This used to be commit 8d4290cb8ed75cf12fa45bcf3e93cfe1a5567919)
2007-10-10r14367: Not that I fully understand what's going on here, but the code as it ↵Volker Lendecke1-4/+8
was here was clearly buggy as Coverity showed with bug id #36. According to samba4 idl the sec_desc_buf is [in,out,ref], so we _have_ to ship it in the request. Volker (This used to be commit 075e784491e6f2b491bd063db08ff1267f9cabbb)
2007-10-10r14365: As solaris nss includes includes.h, make sure we useJeremy Allison1-3/+3
the correct malloc-macros. Jeremy. (This used to be commit 412dc6f5dbc796126b94f3809fe660afac5d3c2a)
2007-10-10r14359: Try and fix Coverity #176 by making the pointerJeremy Allison1-7/+7
aliasing clearer. This isn't a bug but a code clarification. Jeremy. (This used to be commit a3b8bee3ff8211d78f793877c877ccd2e15825dd)
2007-10-10r14357: Try and fix Coverity #169 by making the pointerJeremy Allison1-4/+6
aliasing clearer. This isn't a bug but a code clarification. Jeremy. line, and those below, will be ignored-- M source/smbd/posix_acls.c (This used to be commit b8397c9f33424e0d1ed3ff849e1c99812f978000)
2007-10-10r14355: Try and fix Coverity #158 by making the pointerJeremy Allison1-6/+8
aliasing clearer. This isn't a bug but a code clarification. Jeremy. (This used to be commit 7ada96a1cfb1e928b7dfde101ca250b20024243f)
2007-10-10r14353: Fix coverity bugs #61 and #62. Remember to divide byJeremy Allison2-26/+21
the size of the data table. Clean up the struct a little. Jeremy. (This used to be commit 338538410d484a9358b60b05a86180275344ffa4)
2007-10-10r14351: Ensure we use the minimum of PATH_MAX and sizeof(pstring).Jeremy Allison1-5/+12
Fix Coverity #59. Jeremy. (This used to be commit d793e1550cc8c79a2764609cddec082470d226e4)
2007-10-10r14345: Fix Coverity #71. We don't currently propagate *any*Jeremy Allison1-10/+15
alloc error back up the stack from smbldap_set_mod() so ensure we abort correctly. Jeremy. (This used to be commit 9a1e35079af9404e1775e2a098990277b3771086)
2007-10-10r14342: Fix coverity #68, resource leak on error path.Jeremy Allison1-22/+54
Jeremy. (This used to be commit 7520a8d2a10c72d330099c6502848afca60f56ff)
2007-10-10r14340: Fix coverity #78, resource leak in error path.Jeremy Allison1-12/+20
Jeremy. (This used to be commit 76c4f2c4dc6fcd91a350985b16f4a6a321ac4bf6)
2007-10-10r14338: Fix coverity #55 by explicit cast.Jeremy Allison1-2/+5
Jeremy. (This used to be commit 1fece52da4d667fa182aa9a87aaee3917860448b)
2007-10-10r14336: Try and quieten coverity #53 and #54. Make it obviousJeremy Allison1-2/+2
we're using -1 as a special size_t case by casting. Jeremy. (This used to be commit 415530bd082bf351f5e4c1fd32408f123ed77f85)
2007-10-10r14333: Fix coverity #77, ensure we can't exit after allocation.Jeremy Allison1-0/+4
Jeremy. (This used to be commit 15d78ab1fc83249552476d99144389cfe42a786f)
2007-10-10r14331: Add a comment on top of test_pam_modules about what we're testing.Lars Müller1-0/+2
(This used to be commit 90eb092083383c2b606e21dc65fb036bb973b032)
2007-10-10r14329: Fix the build on systems without libcom_err.Günther Deschner1-2/+2
Guenther (This used to be commit 44fcd3113be970edd01f7f076c4b6cad2d03ebcd)
2007-10-10r14326: First catch of make test_pam_modules.Lars Müller1-1/+1
Testing pam_smbpass pam_winbind dlopen() of "./bin/pam_smbpass.so" succeeded. dlopen() of "./bin/pam_winbind.so" failed: ././bin/pam_winbind.so: undefined symbol: secrets_fetch_domain_sid make: *** [test_pam_modules] Error 1 (This used to be commit 4b545e0ce665fe772095c27fe11ce535477f84ce)
2007-10-10r14325: Add pam_modules rule which builds the configure(d) pam modules. This isLars Müller3-4/+109
called as part of the all rule (again only if pam modules are requested by configure). Add pam_winbind rule. Ensure proto_exists before we build the pam modules. Add test_pam_modules rule to test if the built pam modules have any unresolved symbols. For test_pam_modules we use script/tests/dlopen.sh which was written by Nalin Dahyabhai <nalin@redhat.com>. Thanks Nalin! RedHat and SuSE use this script to test nss and pam modules since several years. (This used to be commit 71b2eb55adcd28f3796254ea1ce0bcee6098e712)
2007-10-10r14321: When we have libnscd and winbindd comes (back) online, try to flush theGünther Deschner4-1/+25
nscd caches so that NSS-calls can deliver accurate information. Guenther (This used to be commit a32a423a0e9e0d4dd21282fd528bcd3247fddbd1)
2007-10-10r14317: Use source/bin as dir to link pam_winbind instead of source/nsswitch/Lars Müller9-11/+11
The intention is to have the resulting binaries at one place. This is also usefull for upcoming changes to provide a test_pammodules rule. With these changes I even got aware of testsuite/nsswitch/pam_winbind_syms.exp But this only covers pam_winbind. (This used to be commit 9883957b74ddefb5293e4aef0cc2f53ee4d417ac)
2007-10-10r14303: Fix coverity #223. In a loop we were forgetting to freeJeremy Allison1-1/+3
resources on error exit path. Jeremy. (This used to be commit f71aa3ab8fdfd08c1bec57b6506ead7c4af7299d)
2007-10-10r14301: Fix coverity #224. In a loop we were forgetting to freeJeremy Allison1-1/+3
resources on error exit path. Jeremy. (This used to be commit f1a5e5aefeeb78512c41cc8fc075b240696a3eb7)