Age | Commit message (Collapse) | Author | Files | Lines |
|
CLEAR_IF_FIRST only works if *all* openers use that flag.
So just truncate the file: it's racy, but that's what we're doing anyway.
We'd really need a TDB_OPENCHECK_OR_CLEAR flag to do this properly (or in
TDB2, a open hook at the right point).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Guenther
|
|
Guenther
|
|
|
|
|
|
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
|
TDB_CLEAR_IF_FIRST tdb's. For tdb's like gencache where we open
without CLEAR_IF_FIRST and then with CLEAR_IF_FIRST if corrupt
this is still safe to use as if opening an existing tdb the new
hash will be ignored - it's only used on creating a new tdb not
opening an old one.
Jeremy.
|
|
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
|
|
|
|
If the check fails we try to unlink the old file and
start with an empty cache.
metze
|
|
Michael
|
|
Guenther
|
|
Guenther
|
|
(This used to be commit bb13312d9d53b1e048b3a0bfeeca088f9db84cd3)
|
|
Guenther
(This used to be commit f27a20f25c9b2038621a6394821bbedbf17daa73)
|
|
In winbind, we're using the info3 struct to send it to the winbind client after
netsamlogon_cache_store. Without this info3->base.account_name.string was
prematurely freed.
(This used to be commit aa4377561b691e2c5108c18aeb34fff39d8775df)
|
|
Guenther
(This used to be commit b736c77dc6c36dcdb601903fadf0ef7f163052a3)
|
|
Guenther
(This used to be commit d078a8757182d84dfd3307a2e1b751cf173aaa97)
|
|
(This used to be commit ac027a9b2e84d319f961ac0e84654a0e48920138)
|
|
Guenther
(This used to be commit bf860ae1ac6765b1eb6e2ca9b667b19b4e661fda)
|
|
least surprise for callers
(This used to be commit eb523ba77697346a365589101aac379febecd546)
|
|
This adds 28 fstrings on the stack, but I think an fstring on the stack is
still far better than a static one.
(This used to be commit c7c885078be8fd3024c186044ac28275d7609679)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
Forgot those
in the previous commit.
Guenther
(This used to be commit fce2fe9903417f4ee58a1ddc03ad0083109b7c50)
|
|
by making
netsamlogon_cache_get() return a talloc'ed structure.
Guenther
(This used to be commit 5b149967cc3ab68057db015e67b688c9b9577f0d)
|
|
(This used to be commit a6e1e39f1dcd9ebcb5db199fd152a861b9be929b)
|
|
and fix all compiler warnings in the users
metze
(This used to be commit 3a28443079c141a6ce8182c65b56ca210e34f37f)
|
|
No point in deleting U/DOMAIN/RID and UG/DOMAIN/RID keys if we only store U/SID
and UG/SID keys :-)
Next we need to verify the need of calling netsamlogon_clear_cached_user() at all.
Guenther
(This used to be commit 78d13f14672b65c2d4798ce94322e945334eea62)
|
|
fetch too...
metze
(This used to be commit d105723f063d617ef9f8394e7921749b21f1d755)
|
|
opened.
Guenther
(This used to be commit 49e9e1a3e7f6ac1a9cf584c88f3c640ca9d15554)
|
|
Jeremy, can you check this? This was part of your -O6 on 64bit sweep.
Volker
(This used to be commit 4fa5dbcc8dd1f150664e1241b22e3f048d816001)
|
|
(This used to be commit 6dc79e6b12e221e9af85a1edf487b5fb5aae222b)
|
|
box with gcc4 and -O6...
Fix a bunch of C99 dereferencing type-punned pointer will break
strict-aliasing rules errors. Also added prs_int32 (not uint32...)
as it's needed in one place. Find places where prs_uint32 was being
used to marshall/unmarshall a time_t (a big no no on 64-bits).
More warning fixes to come.
Thanks to Volker for nudging me to compile like this.
Jeremy.
(This used to be commit c65b752604f8f58abc4e7ae8514dc2c7f086271c)
|
|
Also remove the mem_ctx from the netsamlogon_cache_store() API.
Guenther, what should we be doing with the other fields in
the PAC_LOGON_INFO?
(This used to be commit 8bead2d2825015fe41ba7d7401a12c06c29ea7f7)
|
|
around failed query_user calls. This fixes
logons to a member of a Samba domain as a user from a
trusted AD domain.
As per comments on samba-technical, I still need to add
(a) cache the PAC info as werll as NTLM net_user_info_3
(b) expire the cache when the SMB session goes away
Both Jeremy and Guenther have signed off on the idea.
(This used to be commit 0c2bb5ba7b92d9210e7fa9f7b70aa67dfe9faaf4)
|
|
(This used to be commit 74f8718438c73170d394c61eb91da9d8388f84d0)
|
|
Will deal with any fallout from special environments using a non-cache solution
(This used to be commit e1de6f238f3981d81e49fb41919fdce4f07c8280)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
Use correct enum type for comparisons.
Jeremy.
(This used to be commit b926480d053e42205e959b9808a6e3bb90db9ce5)
|
|
in the username in the user_info3
(This used to be commit 4703a71fa88dff8bdc932f6c9af3a9d25a88938f)
|
|
(This used to be commit 8037750df568e6b51b2b0cba9192468110470388)
|
|
fix the confusion when we tdb_lock_bystring() but
we retrieve an entry using tdb_fetch_by_string.
It's now always tdb.*bystring()
(This used to be commit 66359531b89368939f0e8f584a45844b5f2f99e7)
|
|
This replaces the universal group caching code (was originally
based on that code). Only applies to the the RPC code.
One comment: domain local groups don't show up in 'getent group'
that's easy to fix.
Code has been tested against 2k domain but doesn't change anything
with respect to NT4 domains.
netsamlogon caching works pretty much like the universal group
caching code did but has had much more testing and puts winbind
mostly back in sync between branches.
(This used to be commit aac01dc7bc95c20ee21c93f3581e2375d9a894e1)
|