summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2002-01-15Commit the auth associated changes I missed from the last commit.Andrew Bartlett4-3/+21
Also set the default value of all the allocated strings to "" to avoid changing the interface (becouse pdb_get...() would point to a null string, rather than a null pointer and parts of samba rely on that). Andrew Bartlett (This used to be commit 5b4079f748e25f21162e21b439063249baf8dca6)
2002-01-15Change the passdb interface to use allocated strings.Andrew Bartlett6-129/+180
These strings are allocated using talloc(), either using its own memory context stored on the SAM_ACCOUNT or one supplied by the caller. The pdb_init_sam() and pdb_free_sam() function have been modifed so that a call to pdb_free_sam() will either clean up (remove hashes from memory) and destroy the TALLOC_CTX or just clean up depending on who supplied it. The pdb_init_sam and pdb_free_sam functions now also return an NTSTATUS, and I have modified the 3 places that actually checked these returns. The only nasty thing about this patch is the small measure needed to maintin interface compatability - strings set to NULL are actually set to "". This is becouse there are too many places in Samba that do strlen() on these strings without checking if they are NULL pointers. A supp patch will follow to set all strings to "" in pdb_default_sam(). Andrew Bartlett (This used to be commit 144345b41d39a6f68d01f62b7aee64ca0d328085)
2002-01-14rerun autoconfAndrew Bartlett1-802/+812
(This used to be commit d6bd9f1005496753333c3d8dec5e1a8069f1ce7b)
2002-01-14I like --enable-developer, but I find it rather usless when all it gets me is aAndrew Bartlett1-1/+5
screen-full of kerberos warnings. This is almost as good, and I can actually see the Samba warnings. Andrew Bartlett (This used to be commit 35a6275e186cbd7b1f2190265b47112f1d082c06)
2002-01-14Initialise cli variables and try not to do a cli_shutdown() of uninitialsedAndrew Bartlett1-4/+10
memory. The winbind connection caching code isn't exactly a plesent beast, and there is more work that needs to be done to nail this properly. Andrew Bartlett (This used to be commit dd40ce54b7f170854d63e08ac737f1b4306bd95b)
2002-01-14Fix a segfault in auth/auth_domain.c error cases.Andrew Bartlett1-2/+1
This occured when the attempt to contact the PDC failed. The connection code has already shut down the connection, and 'free'ed the cli or has never initialised it in the first place. Andrew Bartlett (This used to be commit 37ce7630434c1afae5164c64438f428dd8e1b731)
2002-01-14Removed MAXSTATUS which was set incorrectly - thus causing tdb traversalJeremy Allison5-33/+19
of the connections db on smbd startup. This should fix the Solaris large load bug.... (fingers crossed). Jeremy. (This used to be commit 5b2b9c25af28543e67762805d1387524cbb6c39d)
2002-01-14FIXME We should turn the global list off when using Insure++,Martin Pool1-0/+3
otherwise all the memory will be seen as still reachable. (This used to be commit 682e7cd394c1e1cc9a83f7e8e5e3694e083946c4)
2002-01-14Move local variable to avoid warning when compiled without GSSAPI.Martin Pool1-1/+2
(This used to be commit 312c6d906e64d231ff3c2f37e61d752cc948ee7b)
2002-01-14PSTRING_SANCTIFY:Martin Pool1-3/+50
If you define this, pstring and fstring become distinguished types, so that it's harder to accidentally overflow them by for example passing an fstring on the lhs of pstrcpy. The types are defined as one-element union arrays so that with "fstring f" the name "f" will be a pointer and with a big hammer you can cast it to (char *). So code that tries to just use it directly will get a loud warning, but hopefully nothing worse. To pass them to non-pstring-aware functions, use PSTR and check that the function takes a const. They should almost never be modified except by special calls. In those unusual cases, use PSTR_MUTABLE. This is off by default so as not to produce too many warnings. As the code is vetted it can become the default. (This used to be commit ca233bc8b30d7d0626039b2769c4e1ae92dafd50)
2002-01-14Removed fprintf(stderr, ...); calls which should not be present in libraryTim Potter1-4/+0
functions. (This used to be commit e69a22290e5c923f31223906461df4874e3b2aac)
2002-01-13A couple of coding syle updates to follow the re-indent.Andrew Bartlett1-5/+5
(This used to be commit 7417d6f9310188d2ad3d8f41d3dcbe55862c72ac)
2002-01-13Re-indent these two functions to make it actually possible to understand theirAndrew Bartlett1-161/+161
contents... Andrew Bartlett (This used to be commit e20d69d51862ea3fd5a7317a9592bd4dc6e68bfd)
2002-01-13don't try to allocate zero bytesAndrew Tridgell1-10/+7
(This used to be commit d09616da6823b69a03a8a008987c4eb02ca0061b)
2002-01-13I'm doing some things towards the NamedPipes game with lckl and he has asked meAndrew Bartlett2-87/+105
to move this from being a static to matching its mate in lib/util_sock.c. In any case, this should discorage anybody from using the 'wrong' version of this function. (ie the one from TNG, which needs a bit more error checking depending on use). Andrew Bartlett (This used to be commit e6a3a01f795a85d908180ff19469ce09a2803512)
2002-01-12Many thanks to Alexander Bokovoy <a.bokovoy@sam-solutions.net>.Andrew Bartlett7-2/+173
This work was sponsored by Optifacio Software Services, Inc. Andrew Bartlett (various e-mails announcements merged into some form of commit message below:) This patch which adds basics of universal groups support into Samba 3. Currently, only Winbind with RPC calls supports this, ADS support requires additional (possibly huge) work on KRB5 PAC. However, basic infrastructure is here. This patch adds: 1. Storing of universal groups for particular user logged into Samba software (smbd/ two winbind-pam methods) into netlogon_unigrp.tdb as array of uint32 supplemental group rids keyed as DOMAIN_SID/USER_RID in tdb. 2. Fetching of unversal groups for given user rid and domain sid from netlogon_unigrp.tdb. Since this is used in both smbd and winbindd, main code is in source/lib/netlogon_uingrp.c. Dependencies are added to AUTH_OBJ as UNIGRP_OBJ and WINBINDD_OBJ as UNIGRP_OBJ. This patch has had a few versions, the final version in particular: Many thanks to Andrew Bartlett for critics and comments, and partly rewritten code. New: - updated fetching code to changed byte order macros - moved functions to proper namespace - optimized memory usage by reusing caller's memory context - enhanced code to more follow Samba coding rules Todo: - proper universal group expiration after timeout (This used to be commit 80c2aefbe7c1aa363dd286a47d50c5d8b4595f43)
2002-01-12updates from 2.2Simo Sorce6-95/+141
(This used to be commit 398b4ff0d40d89b3e96d481807f85f15b7a7966a)
2002-01-12Added PRINTER_INFO_4/PRINTER_INFO_5, we're seeing level 5 requested on the ↵Jeremy Allison3-0/+224
wire... so. Jeremy. (This used to be commit b63b76297835ab8227b98925fa8120ffce1a37d9)
2002-01-12Thanks to vance for spotting the missing Makefile.in commit.Andrew Bartlett1-1/+1
This should make things a little happier... Andrew Bartlett (This used to be commit 6ce467a65fdaabbcfac258a1b899c833602b6d92)
2002-01-12Move all the pdb_get...() and pdb_set...() functions to a new file.Andrew Bartlett2-798/+825
This brings passdb.c down to a much more manageable ~1100 lines and makes it a little easier to comprehend whats going on here. Andrew Bartlett (This used to be commit 28d5ab269cfba5e8410163edb3e0c222ed7f0be1)
2002-01-12Added the O_NOFOLLOW flag if follow symlinks is set off.Jeremy Allison1-0/+6
Jeremy. (This used to be commit 4f1f5f28b514dda86f6f49465bd5887357e37bc6)
2002-01-11Round and round we go....Jeremy Allison3-3/+5
Jeremy. (This used to be commit 2603ab3c6870f3697751b887e940910713f08985)
2002-01-11Latest attempt at changeid.Jeremy Allison2-6/+31
Jeremy. (This used to be commit 24ee18c77e1b61004d8ed817118a481f3d43e34c)
2002-01-11Same fix as went into 2.2 (I'm waiting for jerry to finish some code).Jeremy Allison20-156/+162
Jeremy. (This used to be commit 01ff6ce4963e1daff019f2b936cef218e1c93f67)
2002-01-11fixed a crash bug in domain auth caused by an uninitialised nt_statusAndrew Tridgell2-1/+3
(This used to be commit 0b0b937b58f4bf4e005fb622f0db19175fc46a47)
2002-01-11fixed a crash in merge_aces()Andrew Tridgell1-0/+1
when we free curr_ace_outer we need to not try to use it again :) (This used to be commit 1c5e19a418136c0ae524e62a4907501212ebac3d)
2002-01-11force the time difference in cache comparisons to be unsigned to copeAndrew Tridgell1-1/+4
with the local machine time changing (This used to be commit 116c0a0e3baa6a100a816f1ff2722782941ac3dc)
2002-01-11make the winbind sequence number code more robustAndrew Tridgell1-1/+1
when switching from rpc to ADS this now should make sense (This used to be commit ec73d26c7f9a2bbd4b91e9c22850e032b91666e2)
2002-01-11cope with direct IP addresses in resolve_name()Andrew Tridgell1-0/+5
(This used to be commit 73a59170e6fab3b0f91938a74302750915a04a7a)
2002-01-11preparing for release of 3.0-alpha13Samba Release Account2-1/+25
(This used to be commit 4f4f898348c5719b745ff358463fd7d59e3da495)
2002-01-11Make this error match Win2k.Andrew Bartlett1-1/+1
(This used to be commit 490d3aaf20f04d04c91c4748896d7a021581a229)
2002-01-11The DC is meant to be sent the *unmapped* username...Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit d7fca1806a304cb6eeecfe34d6c5c012c745114f)
2002-01-11Always query the PDC for the list of trusted domains rather than interatingTim Potter7-114/+179
the list received at startup or we get an out of date list. I thought there might be some sequence number that is incremented when a trusted domain is added or removed - perhaps there is but I just haven't found it yet. - Renamed get_domain_info() to init_domain_list() - Made an accessor function to return the list of trusted domains rather than using a global so we don't have to remember to put a magic init function - The getent state can not keep a pointer to a winbind_domain structure as it may be freed if init_domain_list() is called again so we keep the domain name instead (This used to be commit 37216c649a394b449eaaaa6644709eafb3bf37ff)
2002-01-11Back out the crazy notion that the NTLMSSP flags actually mean anything...Andrew Bartlett4-30/+47
Replace this with some flags that *we* define. We can do a mapping later if we actually get some more reliable info about what passwords are actually valid. Andrew Bartlett (This used to be commit 7f7a42c3e4d5798ac87ea16a42e4976c3778a76b)
2002-01-11Correct4ed comment.Tim Potter1-1/+1
(This used to be commit 78814664ef7d41c2f6637b508711ab45647a64f9)
2002-01-11Fix up 'net ads join' to delete and rejoin if the account already exists.Andrew Bartlett2-3/+8
This fixes up a problem where a machine would join (or downgrade by trust password change) to NT4 membership and not be able to regain full ADS membership until a 'net ads leave'. Andrew Bartlett (This used to be commit ab8ff85f03b25a0dfe4ab63886a10da81207393c)
2002-01-11Some memory leak fixes.Tim Potter1-17/+23
(This used to be commit da4db0373b65d975d5129715d6b1fa725b188766)
2002-01-11commit some changes for ab, and keep working on the smbgroupeditGerald Carter6-74/+683
manpage. (This used to be commit a10cdbfbed4e04609f511cbbf976df4b4d391729)
2002-01-11make sure resolve_name() only returns valid IP addressesAndrew Tridgell1-4/+13
this is actually a workaround for old broken nmbd daemons, especially from Samba 2.0 (This used to be commit 12021a8de6a1dc2e43cc62f094a57c57283dfaf4)
2002-01-10Since AB has been changing the winbind interface it's time to add the "mockTim Potter3-21/+21
swedish" test to client calls. This is putting a length field at the start of a request so we can disconnect clients talking with an out of date libnss_winbind.so rather than deadlock them. Misc cleanups: - made some int values uint32 - moved WINBIND_INTERFACE_VERSION to start of cmd list (This used to be commit a4af65b9b93671f13f277d49279a85042a8fd1d5)
2002-01-10added structure members referred to by recent changes in vfs-wrap.cHerb Lewis1-1/+5
(This used to be commit c5e14d73dffee86ef2dabcf7031eea0da9e32f3d)
2002-01-10merge tpots name changes into IRIX part of code. When you change the nameHerb Lewis1-8/+8
of a define you need to grep for the old name and change ALL places. (This used to be commit 09e3276fb7207dff73f181072851bd542fb64263)
2002-01-10Take a stab at keeping the doco current :-)Andrew Bartlett1-0/+16
(This used to be commit 88b0e670426c216d754716dc6095b673b9645f1a)
2002-01-10Return the winbind separator over the socket, so programs don't have to parseAndrew Bartlett5-18/+78
smb.conf to get it right. While wb_client needs its lp_load() for samba dependency reasons, it now uses the new method both to example and test the new code. Also add an interface version function, and return the winbind's samba version string. In preperation for default domains, its now up to winbindd to reject plaintext auths that don't have a seperator, but NTLM (CRAP) auths now have two feilds, hence need parsing. Andrew Bartlett (This used to be commit 2bd2a092ee3d49a74d896385688d7c7256aa297e)
2002-01-10This changes the winbind protcol a bit:Andrew Bartlett6-38/+84
It adds a 'ping' request, just to check winbind is in fact alive It also changes winbindd_pam_auth_crap to take usernames and domain seperatly. (backward incompatible change, needs merge to 2.2, but this is not yet released code, so no workarounds) Finally, it adds some debugs and fixes a few memory leaks (uses talloc to do it). Andrew Bartlett (This used to be commit 6df29bfe335144a968f5367f624ef2b4cf9e69b0)
2002-01-10Quieten warning about uninitialized variable.Martin Pool1-1/+3
(This used to be commit 63ea2bb0adf5ae742658f479613de90b1eec3db5)
2002-01-10A big tidyup while thinking about getting trusted domains being re-readTim Potter8-132/+142
when they are added or removed on the PDC. - renamed GETPWNAM_FROM_{UID,USER} constants and functions to GETPW{NAM,UID} - renamed GETGRNAM_FROM_{GID,GROUP} constants and functions to GETGR{NAM,GID} - use SIGUSR2 in winbindd for debugging/logging instead of SIGUSR1 in preparation for moving to smbcontrol type messages (not sure whether to ditch this altogether or not) - tidy debugging messages in top level winbind user and group routines - convert talloc_init() to talloc_init_named() - make enumerations of the domain list use the same local variable names (This used to be commit eeb8af9c1a66bfcd80823d7b406acbab79857a16)
2002-01-10Spelling fix.Tim Potter1-1/+1
(This used to be commit 85d3ffb2709258e576191adade9c61b11e83eec5)
2002-01-10browse_fn: FIXME: If the remote machine returns non-ascii charactersMartin Pool1-0/+3
in any of these fields, they can corrupt the output. We should remove them. (This used to be commit 934aacdb39a0c21c43505dbba696b746f1333df3)
2002-01-10First part of UNIX extensions (#ifdefed out) more to follow.Jeremy Allison4-2/+177
Jeremy. (This used to be commit 02b18f2cca6d6d046d2d8fd7375b207d44031ddc)