summaryrefslogtreecommitdiff
path: root/nsswitch
AgeCommit message (Collapse)AuthorFilesLines
2013-07-31wbclient: fix conversion logic in wbcSidToStringBufJeff Layton1-14/+17
Might as well fix it to handle large authority values properly. Also correct some of the formatting. Signed-off-by: Jeff Layton <jlayton@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-31wbclient: fix conversion logic in wbcStringToSidJeff Layton1-17/+20
Signed-off-by: Jeff Layton <jlayton@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-26nsswitch: Add OPT_KRB5CCNAME to avoid an error message.Andreas Schneider1-2/+4
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10048 Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jul 26 17:40:26 CEST 2013 on sn-devel-104
2013-07-23wbinfo: allow to define a custom krb5ccname for kerberized pam auth.Günther Deschner1-2/+4
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-18nsswitch: Don't enumerate all domains with wbinfo -u|-g.Andreas Schneider1-4/+18
By default wbinfo -u|-g should only enumerate the domain winbindd is joined to. The command can be harmfull if you have e.g. 30 domains and 700k users. Then the parent will collect all information and the oom-killer will kill winbind. As we still want to support it, you can enable it the old behaviour with wbinfo --domain='*' -u. This is a measure that sysadmins don't shoot themself. https://bugzilla.samba.org/show_bug.cgi?id=10034 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jul 18 11:54:58 CEST 2013 on sn-devel-104
2013-07-17Fix bug 10025 - Lack of Sanity Checking in calls to malloc()/calloc().Bill Parker1-0/+4
In reviewing various files in Samba-4.0.7, I found a number of instances where malloc()/calloc() were called without the checking the return value for a value of NULL, which would indicate failure. (NB. The changes needed to ccan, iniparser, popt and heimdal will be reported upstream, not patched inside Samba). Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Source <idra@samba.org>
2013-06-25nsswitch: fix a commentChristian Ambach1-1/+1
the beginning if is only ifdef LINUX now, not the long list this comment refers to Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2013-05-28nsswitch: Remove #if SAMBA_BUILD_ >= 4 now we only have the waf buildAndrew Bartlett1-4/+0
Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
2013-05-17nsswitch: fix some typosChristian Ambach1-2/+2
Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri May 17 01:09:33 CEST 2013 on sn-devel-104
2013-04-17Bug 9807 - wbinfo: fix segfault in wbinfo_pam_logonDavid Disseldorp1-4/+3
wbinfo_pam_logon() incorrectly assumes that wbcLogonUser() always returns an allocated wbcAuthErrorInfo struct on failure. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Apr 17 21:29:29 CEST 2013 on sn-devel-104
2013-03-22BUG 9735: Fix winbind seperator in upn to username conversion.Andreas Schneider1-1/+1
Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Mar 22 16:18:06 CET 2013 on sn-devel-104
2013-03-09Add testcase for idmap_rfc2307 moduleChristof Schmitt1-0/+94
Create a new test environment with 'idmap config DOMAIN : backend = rfc2307'. A new test script adds LDAP records and queries them again for the mapped uid and gid. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Mar 9 08:18:43 CET 2013 on sn-devel-104
2013-03-08Correct the name of the nss_winbind module for FreeBSD by creating a symlinkRichard Sharpe1-1/+1
from the FreeBSD required name to the built module. Signed-off-by: Timur Bakeyev <timur@FreeBSD.org> Reviewed-by: Andrew Bartlett <abartlett@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com> Autobuild-User(master): Richard Sharpe <sharpe@samba.org> Autobuild-Date(master): Fri Mar 8 05:04:04 CET 2013 on sn-devel-104
2013-02-22wbinfo: Fix several memory leaks.Andreas Schneider1-0/+8
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2013-02-22build: Remove includes.h dep in winbind client librariesAndrew Bartlett1-1/+0
Our LGPL winbind client libs do not link against our server-side code, and should not use the server-side includes.h. This removes a build-time dep on talloc that was brought in via includes.h as this code also does not use talloc. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-18nsswitch: Fix two bitfield constants being the same.Ira Cooper1-3/+1
WBFLAG_PAM_AUTH_PAC and WBFLAG_BIG_NTLMV2_BLOB are the same causing errors in NTLMv2 authentication. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jan 18 22:13:09 CET 2013 on sn-devel-104
2013-01-18Sort winbind request flags. Ira saw we have a duplicate.Jeremy Allison1-9/+9
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed by: Ira Cooper <ira@wakeful.net> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-10selftest: Add test for rfc2307 mapping handlingAndrew Bartlett1-0/+181
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21libwbclient: Fix null check in process_domain_info_string().Andreas Schneider1-5/+0
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-21nsswitch: Fix wbclient BAIL macros.Andreas Schneider1-2/+2
In the code you normally use: BAIL_ON_WBC_ERROR; but the last ; is statement never reached, so dead code. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-12nsswitch: Fix pam_get_{item,data} build warnings.Andreas Schneider1-31/+15
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-12nsswitch: Remove unused variable in _pam_winbind_change_pwd().Andreas Schneider1-3/+1
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-12nsswitch: Cleanup code in parse_wbinfo_domain_user().Andreas Schneider1-1/+2
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-03wbinfo: Use new samba_getpass() function.Andreas Schneider1-4/+11
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2012-11-22build: Do not install testing binariesAndrew Bartlett1-3/+4
These binaries are for developer or selftest use, and are not supported for installation onto the system. The autoconf build does not install these binaries, and so neither should the waf build. Andrew Bartlett Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Nov 22 12:00:36 CET 2012 on sn-devel-104
2012-10-26pam_winbind: fix segfault in pam_sm_authenticate()David Disseldorp1-3/+4
Ensure the potentially null winbind context is not dereferenced on cleanup. https://bugzilla.samba.org/show_bug.cgi?id=8564 Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Oct 26 22:40:57 CEST 2012 on sn-devel-104
2012-10-22waf: Create a libnss_winbind.so symlink.Andreas Schneider1-0/+1
This fixes bug #9299.
2012-10-03nsswitch: Build nss_winbind on all supported platformsAndrew Bartlett1-10/+49
This matches what the autoconf build can do. Andrew Bartlett
2012-10-03selftest: Always build a linux-style nss_winbind for nss_wrapperAndrew Bartlett1-0/+9
2012-09-30s3: Fix libnss_winbind.so's build on Illumos/SolarisIra Cooper2-7/+20
Due to not building and linking in the winbind_nss_solaris bits in addition to the linux bits, nss was broken on Solaris. Autobuild-User(master): Ira Cooper <ira@samba.org> Autobuild-Date(master): Sun Sep 30 22:56:30 CEST 2012 on sn-devel-104
2012-09-26nsswitch: Add waf tests for solaris special casesAndrew Bartlett1-0/+16
These are in configure.in for autoconf. Found in the config.h comparison on the smbtorture4 build. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Sep 26 11:50:10 CEST 2012 on sn-devel-104
2012-09-21libwbclient: bump ABI to 0.11 as wbcAuthenticateUserEx now provides PAC parsingAndrew Bartlett3-2/+79
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Sep 21 06:37:15 CEST 2012 on sn-devel-104
2012-09-20winbind: Extend wbcAuthenticateUserEx to provide PACChristof Schmitt3-21/+38
With this new interface, external applications that have authenticated to an ADS can pass the PAC from the Kerberos ticket to wbcAuthenticateUserEx. winbindd decodes and extracts the info3 information for the external application. If winbindd can verify the PAC signature, the info3 from the PACis also added to the netsamlogon_cache. The info3 data can be used by the external application to get the uid and primary gid. The data in netsamlogon_cache allows to retrieve the complete group list through the NSS function getgrouplist. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-09-19pam_winbind: match more return codes when wbcGetPwnam has failed.Günther Deschner1-0/+3
This is required to properly return PAM_USER_UNKNOWN in case winbind had a problem. Guenther Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Wed Sep 19 15:06:10 CEST 2012 on sn-devel-104
2012-09-12nsswitch: fix crash on null pam change pw responseLuca Lorenzetto1-1/+1
The function _pam_winbind_change_pwd crashes due to a null value passed to the function strcasecmp and denies to login via graphical login manager. Check for a null value before doing a strcasecmp. Bug-Ubuntu: https://bugs.launchpad.net/bugs/1003296 Bug: https://bugzilla.samba.org/show_bug.cgi?id=9013 Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Sep 12 00:07:28 CEST 2012 on sn-devel-104
2012-08-23Extending space for fqdn in wbinfo --trusted-domains in verbose modeDaniel Liberman1-2/+2
Microsoft documentation states that maximum fqdn length is 64 characters, so extending DNS Domain column to 65 characters. Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Aug 23 03:49:00 CEST 2012 on sn-devel-104
2012-08-15libwbclient: Add test for wbcPingDc2Christof Schmitt1-0/+14
The internal domain used in 'make test' does not report a DC name, so just add tests similar to the old wbcPingDc call. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-15wbinfo: Improve output of wbinfo --ping-dcChristof Schmitt1-3/+5
Use wbcPingDc2 to get the DC name and print it. Cleanup error messages: Remove "Could not ping our DC", there is always a more specific message. Avoid printing "failed to call wbcPingDc" in case the ping has been attempted and it returns an error, the error is already printed. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-15libwbclient: Add wbcPingDc2Christof Schmitt4-2/+115
Add wbcPingDc2 that optionally returns the DC that was attempted to ping. wbcPing is implemented as a wrapper around wbcPingDc2. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-10nsswitch: add ABI checking and symbol versions to libwbclientAndrew Bartlett2-0/+78
This will ensure that we do not unintentionally break the ABI. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Aug 10 04:08:54 CEST 2012 on sn-devel-104
2012-06-12nsstest: fix use of a non-existent word (existant)Michael Adam1-4/+4
2012-05-16libwbclient: Fix an invalid free()Volker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Wed May 16 00:00:00 CEST 2012 on sn-devel-104
2012-05-15wbinfo: Fix Coverity ID 242684 Resource leakVolker Lendecke1-0/+1
2012-05-15wbinfo: Fix Coverity ID 242685 Resource leakVolker Lendecke1-0/+1
2012-05-09allow to use system iniparser library.Günther Deschner1-1/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed May 9 17:38:33 CEST 2012 on sn-devel-104
2012-04-25Fix bug reported by Dina_Fine@Dell.com.Jeremy Allison1-16/+19
Don't ask the DC for an IP list when locating kdc's. Ask for the name and use getaddrinfo to get all possible addresses instead. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Apr 25 22:01:18 CEST 2012 on sn-devel-104
2012-04-24Fix pam_winbind build against newer iniparser librarySimo Sorce1-4/+4
iniparser_getstr is deprecated and has been removed in newer libraries available in Fedora. Use iniparse_getstring instead. Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Tue Apr 24 02:56:10 CEST 2012 on sn-devel-104
2012-04-23build: Remove support for system libwbclientAndrew Bartlett1-8/+19
This effectively reverts commit 2c49782dc1069eebc9f5a5cd2a055b5912665595 This also adds explaination about what would need to be done to support a system libwbclient Andrew Bartlett
2012-04-23selftest: Add test for bug #8884: wbinfo --group-info=administrator ↵Andrew Bartlett1-0/+2
segfaults s4-winbindd Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Apr 23 07:44:50 CEST 2012 on sn-devel-104
2012-04-20selftest: Add extra info on what is failing in wbclient testsAndrew Bartlett1-65/+71
This may help me chase down the failure in my idmap rework. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Apr 20 09:51:35 CEST 2012 on sn-devel-104
generated by cgit (git 2.34.1) at 2024-11-01 05:36:44 +0000