summaryrefslogtreecommitdiff
path: root/source3/nsswitch/winbindd_dual.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r24809: Consolidate the use of temporary talloc contexts.Volker Lendecke1-4/+5
This adds the two functions talloc_stackframe() and talloc_tos(). * When a new talloc stackframe is allocated with talloc_stackframe(), then * the TALLOC_CTX returned with talloc_tos() is reset to that new * frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse * happens: The previous talloc_tos() is restored. * * This API is designed to be robust in the sense that if someone forgets to * TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and * resets the talloc_tos(). The original motivation for this patch was to get rid of the sid_string_static & friends buffers. Explicitly passing talloc context everywhere clutters code too much for my taste, so an implicit talloc_tos() is introduced here. Many of these static buffers are replaced by a single static pointer. The intended use would thus be that low-level functions can rather freely push stuff to talloc_tos, the upper layers clean up by freeing the stackframe. The more of these stackframes are used and correctly freed the more exact the memory cleanup happens. This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and lp_talloc_ctx (did I forget any?) So, never do a tmp_ctx = talloc_init("foo"); anymore, instead, use tmp_ctx = talloc_stackframe() :-) Volker (This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b)
2007-10-10r24778: Make sure krb5 locator requests go to a separate locator winbind child.Günther Deschner1-4/+4
Guenther (This used to be commit fb9228b8d167552f0a046ab674f66d4e5b73f5b6)
2007-10-10r24747: Add WINBINDD_DSGETDCNAME call.Günther Deschner1-0/+1
Guenther (This used to be commit 429496a4ccb5c4f4eda11f1b522629889b972c71)
2007-10-10r24420: Pure pedantism: the talloc_init could have failed...Günther Deschner1-2/+1
Guenther (This used to be commit e6415c523234f60da7dcfa4de101e8634dc6927d)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23577: Fix winbindd (sorry). Ensure I set the new child_pidJeremy Allison1-1/+3
variable at the correct point just before the write call is scheduled. Jeremy. (This used to be commit e076dc16462a3ce11105bf9a729ec59ddd9bdc75)
2007-10-10r23574: Remove double-null check (I hate people bitching at meJeremy Allison1-3/+1
on the lists :-). Jeremy. (This used to be commit f075620d2071aaecb72e93cbda32c4f624f23d86)
2007-10-10r23573: Cope with terminating winbindd children on read/write/timeoutJeremy Allison1-38/+45
communication failures. Set timeout to 5 mins. Ensure that we're terminating the correct child (the one we thought we were talking to). Still setting up my testing environment but I have high hopes for this being the fix for the 3.0.25b showstopper. Jeremy. (This used to be commit c366df2fe7f1aa1e8fd9bca35bc3b029d76b3abc)
2007-10-10r23565: Avoid double NULL pointer checks.Günther Deschner1-9/+3
Guenther (This used to be commit 5456ea59ba12593b0aac9745b41cdd0f5ec0a559)
2007-10-10r23564: Handle MSG_DUMP_EVENT_LIST only in winbindd for now.Günther Deschner1-0/+39
Guenther (This used to be commit 2592e68a43a73474e1bb53f83642c864fd159b45)
2007-10-10r23448: Doh ! Don't call winbind_child_died() *before* theJeremy Allison1-7/+6
kill call as that sets pid = 0 ! :-). Jeremy. (This used to be commit bcfce39094ef30a1d1ae4dba5a90738e2678bcbf)
2007-10-10r23447: Add kill signal to child dead path. After talkingJeremy Allison1-0/+3
to Jerry add to 3.0.25b. Jeremy. (This used to be commit ade91e78cbe2871d3a8df18fa1f92bc16a7600a8)
2007-10-10r23446: Restore Jeremy's original formatting, just fix the comment.Volker Lendecke1-21/+17
(This used to be commit 5b983957e3a0a05f77bfb8a10a7986c22b81088d)
2007-10-10r23426: Correct a comment. The default timeout is not 1min, but 30s. WhileVolker Lendecke1-17/+21
there, do some reformatting. Jeremy, I think we should also kill the child. It might hang in something (an fcntl lock for example) that the next child might run into immediately again. (This used to be commit 6729a4df4b57f638161ec55f9b1edd0bc8bb947e)
2007-10-10r23424: Thanks to Jerry, we finally tracked down the :Jeremy Allison1-0/+62
winbindd: Exceeding 200 client connections, no idle connection found" bug #3204. This fixes it in Jerry's testing ! Jeremy. (This used to be commit 0c7ce6a68286fa98258828545fc869aaac19a028)
2007-10-10r23410: Merge the core of the cluster code.Volker Lendecke1-0/+7
I'm 100% certain I've forgotten to merge something, but the main code should be in. It's mainly in dbwrap_ctdb.c, ctdbd_conn.c and messages_ctdbd.c. There should be no changes to the non-cluster case, it does survive make test on my laptop. It survives some very basic tests with ctdbd enables, I did not do the full test suite for clusters yet. Phew... Volker (This used to be commit 15553d6327a3aecdd2b0b94a3656d04bf4106323)
2007-10-10r23117: Factor out local messaging.Volker Lendecke1-10/+0
This removes message_block / message_unblock. I've talked to Jeremy and Günther, giving them my reasons why I believe they have no effect. Neither could come up with a counter-argument, so they go :-) (This used to be commit a925e0991ffbaea4a533bab3a5d61e5d367d46c8)
2007-10-10r23055: Rewrite messages.c to use auto-generated marshalling in the tdb. I'mVolker Lendecke1-1/+1
doing this because for the clustering the marshalling is needed in more than one place, so I wanted a decent routine to marshall a message_rec struct which was not there before. Tridge, this seems about the same speed as it used to be before, the librpc/ndr overhead in my tests was under the noise. Volker (This used to be commit eaefd00563173dfabb7716c5695ac0a2f7139bb6)
2007-10-10r22943: More message_register -> messaging_registerVolker Lendecke1-37/+59
(This used to be commit caece8975b0c2bad56d6a6a576bf8ce54626183f)
2007-10-10r22895: Convert some more calls from message_send_buf to messaging_send_bufVolker Lendecke1-13/+22
(This used to be commit c8b98273406242a89a7e5d1fb5d79120ebe5822a)
2007-10-10r22736: Start to merge the low-hanging fruit from the now 7000-line cluster ↵Volker Lendecke1-8/+8
patch. This changes "struct process_id" to "struct server_id", keeping both is just too much hassle. No functional change (I hope ;-)) Volker (This used to be commit 0ad4b1226c9d91b72136310d3bbb640d2c5d67b8)
2007-10-10r22715: When our primary domain does on or offline, make sure to send a msgGerald Carter1-21/+0
to the idmap child. Also remove the check for the global offline state in child_msg_offline() as this means we cannot mark domains offline due to network outages. (This used to be commit 1b99e8b521eae3e9fa775577de01116bb20fb8b3)
2007-10-10r22710: Support one-way trusts.Gerald Carter1-0/+8
* Rely on the fact that name2sid will work for any name in a trusted domain will work against our primary domain (even in the absense of an incoming trust path) * Only logons will reliably work and the idmap backend is responsible for being able to manage id's without contacting the trusted domain * "getent passwd" and "getent group" for trusted users and groups will work but we cannot get the group membership of a user in any fashion without the user first logging on (via NTLM or krb5) and the netsamlogon_cache being updated. (This used to be commit dee2bce2af6aab8308dcef4109cc5248cfba5ef5)
2007-10-10r22390: Patchset sent to samba-technical to address the winbindGerald Carter1-3/+2
loop when allocating a new id for a SID: auth_util.patch Revert create_local_token() to the 3.0.24 codebase idmap_type.patch Have the caller fillin the id_map.xid.type field when resolving a SID so that if we allocate a new id, we know what type to use winbindd_api.patch Remove the WINBINDD_SIDS_TO_XIDS calls from the public winbindd interface for the 3.0.25 release idmap_rid.patch Cleanup the idmap_rid backend to not call back into winbindd to resolve the SID in order to verify it's type. (This used to be commit 3b24dae9e73b244540a68b631b428a4d0f57440b)
2007-10-10r22204: Workaround to quickly close bug #4508Simo Sorce1-0/+3
This hack makes thing work, but we will need to try again to make the getpw* calls fully async, that's the real fix. (This used to be commit 2552859b3d9e28d5f25b339f5d24a8d2dc36b46b)
2007-10-10r21623: Fix copy/paste errorSimo Sorce1-2/+2
(This used to be commit 0de74724289f2b78719f6675664d7376446650d0)
2007-10-10r21616: Delay initialization of idmap and nss_info backends until necessaryGerald Carter1-1/+33
so they can honor the offline logon state. (This used to be commit 15b13dfe81e861b94077c94b80117a85a5ffb999)
2007-10-10r21106: We neither need a account lockout policy handler nor a check domainGünther Deschner1-1/+2
online handler for internal (local SAM, BUILTIN) childs. Jeremy, please check. Guenther (This used to be commit 7d0e2e70684a7e3d377f56ed0244ed136b0b1a99)
2007-10-10r21064: The core of this patch isVolker Lendecke1-9/+16
void message_register(int msg_type, void (*fn)(int msg_type, struct process_id pid, - void *buf, size_t len)) + void *buf, size_t len, + void *private_data), + void *private_data) { struct dispatch_fns *dfn; So this adds a (so far unused) private pointer that is passed from message_register to the message handler. A prerequisite to implement a tiny samba4-API compatible wrapper around our messaging system. That itself is necessary for the Samba4 notify system. Yes, I know, I could import the whole Samba4 messaging system, but I want to do it step by step and I think getting notify in is more important in this step. Volker (This used to be commit c8ae60ed65dcce9660ee39c75488f2838cf9a28b)
2007-10-10r21056: Moving the set_domain_online_request to fork_domain_child() (formerlyGünther Deschner1-9/+12
lived in trustdom_recv(). Jeremy, this is the better place I think but please check. Guenther (This used to be commit beed8b8b320ae9bd8aef669564a5403e4bb35bfd)
2007-10-10r20846: Before this gets out of control...Volker Lendecke1-7/+9
This add a struct event_context and infrastructure for fd events to smbd. This is step zero to import lib/events. Jeremy, I rely on you to watch the change in receive_message_or_smb() closely. For the normal code path this should be the only relevant change. The rest is either not yet used or is cosmetic. Volker (This used to be commit cd07f93a8aecb24c056e33b1ad3447a41959810f)
2007-10-10r20330: And here's the fix for the parent winbindd crashingJeremy Allison1-0/+5
after it's child died unexpectedly whilst the parent was waiting for a reply. We need to clean up the request we're not going to service, plus we still need to call the continuation function with a "False" flag so it can clean things up. Still testing this, but I think I'm right. Jeremy (This used to be commit 9b04ac0c8104d626697978697d4d8bae791a7edd)
2007-10-10r20254: The pam_chauthtok needs to go through the async interface as well.Günther Deschner1-0/+1
This fixes pam password changes in the online case. Guenther (This used to be commit 2d2de1ac27180756df095c586211fe2e7694b94e)
2007-10-10r20206: Start cleaning up the talloc_ctx mess.Jeremy Allison1-12/+14
child->mem_ctx isn't actually used for anything, so remove it. Jeremy. (This used to be commit a7f294b59238826c11e579a7b1a4dca7284bb89d)
2007-10-10r20140: Make online/offline detection completely asynchronous.Jeremy Allison1-1/+4
Now I've done this I might be able to reduce the probe timeout and reduce the backoff algorithm, going back to checking every cache time seconds (5 mins by default), as the parent or forked domain child will never block. Jeremy. (This used to be commit d0add5f946cf63ea43067e8e935876b5346d11de)
2007-10-10r20124: clean up nested extern declaration warningsHerb Lewis1-1/+2
(This used to be commit ac3eb7813e33b9a2e78c9158433f7ed62c3b62bb)
2007-10-10r20116: Start merging in the work done to create the new idmap subsystem.Simo Sorce1-1/+4
Simo. (This used to be commit 50cd8bffeeed2cac755f75fc3d76fe41c451976b)
2007-10-10r20087: Ensure we clean up any random pending events weJeremy Allison1-2/+8
may have inherited from our parent in the winbindd forked child. Jeremy. (This used to be commit 0a1352f440a9d9b974ad8d571b2e48a43a15b6cc)
2007-10-10r20082: When fork_domain_child is forked when we're offlineJeremy Allison1-0/+11
the child inherits *all* active check_online timout handlers. This is bad when it's not our domain (ie. BUILTIN). Jeremy. (This used to be commit 8d815ec4c103a83ef7cea0ae5fc64681f6bcb48a)
2007-10-10r19230: Doh ! Fix obvious crash bug.....Jeremy Allison1-5/+5
(This used to be commit e6560270499365ca42517f6a7cf40845ee80edfb)
2007-10-10r19209: Ensure we don't make mistakes by sending online/offlineJeremy Allison1-26/+100
messages to internal domains, or to domains not being serviced by a winbindd child. Ensure the child online offline requests are domain specific. Jeremy. (This used to be commit 81a9dc4b9fbd4a9bb67f55aa744bf609d6aba1c2)
2007-10-10r19105: Ok - this is currently untested (but I'm testing it atJeremy Allison1-3/+3
the moment) but winbindd isn't run in the build farm so hopefully won't break anything too badly - I don't want to lose this. If winbindd starts offline then it falls back to using MS-RPC backend. On going online it needs to reset the backend and try and go to using the AD backend code if possible, as the MS-RPC sequence number fetch just returns 1 as the sequence number if run against an AD DC. In addition, the winbindd async child may end up with the AD backend whilst the main winbindd - which still contacts the DC for some non-async calls, is left using MS-RPC. This can cause some trouble (as you can imagine :-). Attempt to ensure both main winbindd and async children us AD backends on going online. Jeremy. (This used to be commit 5efd4b04b89ace4b264e9ac37a90e202749792be)
2007-10-10r18980: Be a little more intelligent about "startup_time",Jeremy Allison1-4/+4
move into the domain struct. Allow message to go online to set this state and cope with removing it. Jeremy. (This used to be commit 51f0e60cc3a652b0ff1658d4c07bfc9493fbc51a)
2007-10-10r18937: Protect against segc in the idmap winbindd child processGerald Carter1-2/+4
(the domain is NULL here) (This used to be commit a36de910d289363a5374fe063099311712d4e57a)
2007-10-10r18703: Fix the annoying effect that happens when nscd is running:Günther Deschner1-1/+2
We usually do not get the results from user/group script modifications immediately. A lot of users do add nscd restart/refresh commands into their scripts to workaround that while we could flush the nscd caches directly using libnscd. Guenther (This used to be commit 7db6ce295afbedfada7b207ad56566d2195a0d21)
2007-10-10r18605: sync dlinklist.h with samba4, that means DLIST_ADD_END()Stefan Metzmacher1-2/+2
and DLIST_DEMOTE() now take the type of the tmp pointer not the tmp pointer itself anymore. metze (This used to be commit 2f58645b7094e81dff3734f11aa183ea2ab53d2d)
2007-10-10r18551: Implement a 30 seconds from startup, during which weJeremy Allison1-1/+12
try hard to connect a DC even if we might be offline. Jeremy. (This used to be commit a9f115140700487767bafa058db744eea5ee8f77)
2007-10-10r18533: Ensure we clear out the failed connection cache for an entireJeremy Allison1-2/+2
domain when going back online. Jeremy. (This used to be commit c7e4c8d0b4d109ec67d4424dd446b74b55246c72)
2007-10-10r18506: Fix online requests to cause an immediate DC connection.Jeremy Allison1-3/+3
Jeremy. (This used to be commit 03b1699fa7d94fd637ff8c3bd2c59358673d2607)