summaryrefslogtreecommitdiff
path: root/source3/nsswitch/winbindd_misc.c
AgeCommit message (Collapse)AuthorFilesLines
2003-05-08This puts real netlogon connection caching to winbind. This becomesVolker Lendecke1-1/+3
important once we start doing schannel, as there would be a lot more roundtrips for the second PIPE open and bind. With this patch logging in to a member server is a matter of two (three if you count the ack...) packets between us and the DC. Volker (This used to be commit 5b3cb7725a974629d0bd8b707bc2940c36b8745e)
2003-04-21Merge from HEAD - save the type of channel used to contact the DC.Andrew Bartlett1-3/+4
This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-07Winbind merges from HEAD:Andrew Bartlett1-1/+1
- fix winbindd_pam bugs - give a better error message for unauthorized access to auth_crap - show this message in wbinfo - fix spelling: privilaged -> privileged ** This changes the location of the winbindd privileged pipe ** (thanks to tpot) Andrew Bartlett (This used to be commit 92c2a33483cc9ddd1dd627224192a3023f8caff8)
2003-03-24(merge from HEAD)Andrew Bartlett1-0/+17
NTLM Authentication: - Add a 'privileged' mode to Winbindd. This is achieved by means of a directory under lockdir, that the admin can change the group access for. - This mode is now required to access with 'CRAP' authentication feature. - This *will* break the current SQUID helper, so I've fixed up our ntlm_auth replacement: - Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a challenge. - Use this to make our ntlm_auth utility suitable for use in current Squid 2.5 servers. - Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates are needed. - Now uses fgets(), not x_fgets() to cope with Squid environment (I think somthing to do with non-blocking stdin). - Add much more robust connection code to wb_common.c - it will not connect to a server of a different protocol version, and it will automatically try and reconnect to the 'privileged' pipe if possible. - This could help with 'privileged' idmap operations etc in future. - Add a generic HEX encode routine to util_str.c, - fix a small line of dodgy C in StrnCpy_fn() - Correctly pull our 'session key' out of the info3 from th the DC. This is used in both the auth code, and in for export over the winbind pipe to ntlm_auth. - Given the user's challenge/response and access to the privileged pipe, allow external access to the 'session key'. To be used for MSCHAPv2 integration. Andrew Bartlett (This used to be commit ec071ca3dcbd3881dc08e6a8d7ac2ff0bcd57664)
2003-01-28Merge from HEAD:Andrew Bartlett1-0/+12
- NTLMSSP over SPENGO (sesssion-setup-and-x) cleanup and code refactor. - also consequential changes to the NTLMSSP and SPNEGO parsing functions - and the client code that uses the same functions - Add ntlm_auth, a NTLMSSP authentication interface for use by applications like Squid and Apache. - also consquential changes to use common code for base64 encode/decode. - Winbind changes to support ntlm_auth (I don't want this program to need to read smb.conf, instead getting all it's details over the pipe). - nmbd changes for fstrcat() instead of fstrcpy(). Andrew Bartlett (This used to be commit fbb46da79cf322570a7e3318100c304bbf33409e)
2003-01-15winbindd merges from HEADGerald Carter1-16/+7
(This used to be commit 8bd91a50d4e743935196ca258d06a3e43392140d)
2002-11-18Merge from HEAD:Tim Potter1-1/+2
>must add one to the extra_data size to transfer the 0 string terminator. >This was causing "wbinfo --sequence" to access past the end of malloced >memory. (This used to be commit a3c4f013d679c97dd56779c927884deae0c1027a)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-3/+1
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
2002-07-15updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell1-2/+11
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-03-19Fix a double-free bug in wbinfo -t's call in winbindd.Andrew Bartlett1-5/+4
I forgot to clean this up when netlogon move across to the connection cache arrangement. Also add some smb_panics to the connection_ok() code to try to catch this kind of thing better in future. Andrew Bartlett (This used to be commit f4f23fad6099143ec26550afc67655390070ceb8)
2002-03-12get the test for disconnection the right way around!Andrew Tridgell1-3/+3
(This used to be commit ed80311b41f9869084d1e510cd8fd4213c3a1c19)
2002-03-06nicer message for --sequence when the server is disconnectedAndrew Tridgell1-2/+7
(This used to be commit 233e8b7d447b7efb0227c6c7a6cd2f9e034719fa)
2002-01-31added 'wbinfo --sequence' to show sequence numbers of all domainsAndrew Tridgell1-0/+29
(This used to be commit bcd234a3dad2cd3d1c57780f4a7a3833ea611764)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-26Allow a winbind client to obtain the server's domain name.Andrew Bartlett1-1/+13
(This used to be commit 85018fecfad1f7f6ef44b511bac937881a7bf937)
2002-01-11Always query the PDC for the list of trusted domains rather than interatingTim Potter1-3/+6
the list received at startup or we get an out of date list. I thought there might be some sequence number that is incremented when a trusted domain is added or removed - perhaps there is but I just haven't found it yet. - Renamed get_domain_info() to init_domain_list() - Made an accessor function to return the list of trusted domains rather than using a global so we don't have to remember to put a magic init function - The getent state can not keep a pointer to a winbind_domain structure as it may be freed if init_domain_list() is called again so we keep the domain name instead (This used to be commit 37216c649a394b449eaaaa6644709eafb3bf37ff)
2002-01-10Return the winbind separator over the socket, so programs don't have to parseAndrew Bartlett1-1/+27
smb.conf to get it right. While wb_client needs its lp_load() for samba dependency reasons, it now uses the new method both to example and test the new code. Also add an interface version function, and return the winbind's samba version string. In preperation for default domains, its now up to winbindd to reject plaintext auths that don't have a seperator, but NTLM (CRAP) auths now have two feilds, hence need parsing. Andrew Bartlett (This used to be commit 2bd2a092ee3d49a74d896385688d7c7256aa297e)
2002-01-10This changes the winbind protcol a bit:Andrew Bartlett1-11/+10
It adds a 'ping' request, just to check winbind is in fact alive It also changes winbindd_pam_auth_crap to take usernames and domain seperatly. (backward incompatible change, needs merge to 2.2, but this is not yet released code, so no workarounds) Finally, it adds some debugs and fixes a few memory leaks (uses talloc to do it). Andrew Bartlett (This used to be commit 6df29bfe335144a968f5367f624ef2b4cf9e69b0)
2001-11-23Fixed delete on close bug. Added core dump code to winbindd.Jeremy Allison1-2/+1
Jeremy. (This used to be commit a58d0f91f9ee7354c01a9c20cfe178d5dc02142d)
2001-11-23Fixed check machine account function.Tim Potter1-55/+29
(This used to be commit 8f01a8b07883d18f44da665cbc8e5fba04d3bc91)
2001-11-15Get list of trusted domains if we haven't fetched them yet.Tim Potter1-0/+3
(This used to be commit 187663210055ecd7b717b3894e3189ca3aaa0ed2)
2001-11-03Added NT_USER_TOKEN into server_info to fix extra groups problem.Jeremy Allison1-1/+3
Got "medieval on our ass" about const warnings (as many as I could :-). Jeremy. (This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
2001-09-17move to SAFE_FREE()Simo Sorce1-2/+2
(This used to be commit 03dc67788f68c9e01b5a82fdf43f837cb19f4608)
2001-09-10more static/dead fnsAndrew Tridgell1-2/+2
(This used to be commit f59826c0c9ba283c25faeec2cbdc7e19cca7aa04)
2001-09-04the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but ↵Andrew Tridgell1-10/+8
the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-1/+1
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-08-12this is a big global fix for the ptr = Realloc(ptr, size) bug.Simo Sorce1-3/+8
many possible mem leaks, and segfaults fixed. someone should port this fix to 2.2 also. (This used to be commit fa8e55b8b465114ce209344965c1ca0333b84db9)
2001-07-25Merge of change machine account password race fix from appliance branch.Tim Potter1-1/+17
(This used to be commit 6e698d65ecb13b0b46d15bce7e0314fa1a46a13a)
2001-07-04The big character set handling changeover!Andrew Tridgell1-6/+2
This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a)
2001-05-07iAdditional files for winbind merge.Tim Potter1-0/+159
(This used to be commit 38ab3b31b5dc39fb59f224b399bb9c2269f1c933)