summaryrefslogtreecommitdiff
path: root/source3/nsswitch
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r22340: Fix another segfault in idmap_ldap.c caused by setting the iteratorGerald Carter1-1/+1
LDAPMessage * to NULL on each loop rotation. (This used to be commit 356dd0dd3a36a8f6061ba60f556e889de7c28140)
2007-10-10r22313: as discussed with simo:Stefan Metzmacher1-28/+4
remove the only usage of backup_tdb() in samba3. As backup_tdb() will go completely soon. metze (This used to be commit 363d1d676c568e10bbcbe2b95e422067a4740161)
2007-10-10r22298: move ZERO_*, ARRAY_SIZE and PTR_DIFF macros into libreplaceStefan Metzmacher1-12/+0
metze (This used to be commit 8a7d2e633b98aa9c73cf1f7d1369015b294cf2e1)
2007-10-10r22283: Remove very old bug where we assigned the online mode ofGerald Carter1-2/+0
the domain to queried to our own domain. (This used to be commit 2abeec576805b5e921b3606ab09ce9c1fd809566)
2007-10-10r22230: Let's just cast here, the 2 calls have different allocation mechanisms.Simo Sorce1-7/+9
We just let domname and name hang on the mem ctx until the call returns, and the context will be destroyed. Simo. (This used to be commit c38d8396c513d4c418f64b27a9f7c25757388674)
2007-10-10r22214: Fix incompatible pointer type warnings. Simo, please check and merge ↵Volker Lendecke1-1/+5
to 3_0_25 if appropriate. Volker (This used to be commit 6a4f6c5177b4837fe7a238f067abbc5739ab0812)
2007-10-10r22211: Don't return a value from void functions !Jeremy Allison1-1/+1
Jeremy. (This used to be commit 1dd8d3a723ac2262a45fcd717daef79bffbf30d5)
2007-10-10r22210: Fix typo in testing for non-centry entries.Jeremy Allison1-1/+1
Jeremy. (This used to be commit b89ecbcac651034d818a41d8a1d0c5e7313f37b8)
2007-10-10r22209: Fix the storage of time_t -> make it 64 bits (use theJeremy Allison2-14/+117
same load/store function as NTTIME). Add a version number string to the winbindd cache so we can tell if it needs upgrading. THIS WILL DELETE ANY EXISTING winbindd_cache.tdb on first startup regardless of offline auth status. Once this is done we're in good shape though. Jeremy. (This used to be commit c52c7f91af80d5fbb2574b5acf10e6afef3b0c7e)
2007-10-10r22207: Fill in the validation functions. Now to test...Jeremy Allison1-28/+73
Jeremy. (This used to be commit fc2b9e860ef9512eb074622e0ad134ff3f30bfe7)
2007-10-10r22206: Added boilerplate to be filled in for other validation functions.Jeremy Allison1-0/+163
Jeremy. (This used to be commit 9be463eb0cb4d65c40e35c504059289696419486)
2007-10-10r22205: Add some flesh to the bones of the cache validation code.Jeremy Allison1-59/+209
Jeremy (This used to be commit b773ea2c8a107344fc524b41a2c81ecc723bd9ec)
2007-10-10r22204: Workaround to quickly close bug #4508Simo Sorce3-6/+36
This hack makes thing work, but we will need to try again to make the getpw* calls fully async, that's the real fix. (This used to be commit 2552859b3d9e28d5f25b339f5d24a8d2dc36b46b)
2007-10-10r22202: Volker is clever :-). Use TDB_NOMMAP to prevent any wild pointerJeremy Allison1-1/+4
problems when validating the winbindd cache. Wish I'd have thought of that. Jeremy. (This used to be commit 6b0a8cbbb883b7041ed4b1f6c1ae90233921d154)
2007-10-10r22173: BUG 4491, 4501: Additional fixes for protecting againstGerald Carter2-45/+62
crashes in allocate_id(). BUG 4501: Fix segv in idmap_ad caused by resetting the entry iterator when parsing search results. (This used to be commit bd6ebbfb9fb9d95bdf41eab1fd134170fcf6b6bf)
2007-10-10r22159: BUG 4501 (second half of fix): Just disable theGerald Carter1-8/+8
uid/gid allocation if no idmap alloca backend has been defined and we are not using a 3.0.24 idmap backend compatible configuration. (This used to be commit 0b700456f45d2bdfe8538bcfd0fce8ec2b9c3adb)
2007-10-10r22158: BUG 4501 (partial): Fix a crash caused by not using theGerald Carter1-6/+16
nss_info_{rfc2307,sfu} plugin with idmap_ad. (This used to be commit f640f056bfbf1013d6b3df89632109011fc42361)
2007-10-10r22110: don't cache the S-1-22-{1,2} domain SID/uig/gid lookups in idmap_cacheGerald Carter1-0/+13
(This used to be commit adfc2d31656f642c76a3d8eeddf5a67804a4917d)
2007-10-10r22109: Readonly is automatically set in the generic init code, let's just ↵Simo Sorce2-5/+1
log the fact there and remove the specific, but redundant, code in idmap_ad.c (This used to be commit f127803734f9ae16e400b8a91e1e1910fd49b7f3)
2007-10-10r22069: BUG 4447: Fix compile failure on AIX 5.2 (patch from William Jojo ↵Gerald Carter1-0/+4
<jojowil@hvcc.edu>) (This used to be commit c1cb6d059b2a8539bc8a05ea4467d136bbb2ff38)
2007-10-10r22066: Ensure that winbind can resolve SIDs in the S-1-22-{1,2}Gerald Carter1-1/+3
domain to a uid.gid using the idmap_passdb backend. (This used to be commit fc1aeee52d8cb6c8d5d306dbbec18127bd2674bc)
2007-10-10r22061: Fix the krb5 user ticket refresh event timeout in winbinddGerald Carter1-9/+32
(This used to be commit 4a99b89618948f5518b9c685d1cdcfaad69bfc80)
2007-10-10r22015: Fix for memory leak from Steven Danneman <steven.danneman@isilon.com>Jeremy Allison1-0/+5
Jeremy. (This used to be commit 61a1574f50d35435a55de62fa6f1d281eed90a25)
2007-10-10r22009: change TDB_DATA from char * to unsigned char *Stefan Metzmacher3-41/+42
and fix all compiler warnings in the users metze (This used to be commit 3a28443079c141a6ce8182c65b56ca210e34f37f)
2007-10-10r22001: change prototype of dump_data(), so that it takes unsigned char * now,Stefan Metzmacher3-10/+10
which matches what samba4 has. also fix all the callers to prevent compiler warnings metze (This used to be commit fa322f0cc9c26a9537ba3f0a7d4e4a25941317e7)
2007-10-10r21986: make use of tdb_*_bystring() and string_term_tdb_data()Stefan Metzmacher1-55/+56
to avoid creating the TDB_DATA struct from strings "by hand" metze (This used to be commit 08d23a1c4f136427ee6f72fc02fb030a13056495)
2007-10-10r21985: make use of string_tdb_data()Stefan Metzmacher1-8/+5
to avoid creating the TDB_DATA struct from strings "by hand" metze (This used to be commit a8bc20d67f481a790524cad24e253436227af721)
2007-10-10r21984: make use of tdb_*_bystring() and string_term_tdb_data()Stefan Metzmacher1-52/+29
to avoid creating the TDB_DATA struct from strings "by hand" metze (This used to be commit 91301f73476f17cc582c12e1fc201eb571d007af)
2007-10-10r21957: minor formatting fixHerb Lewis1-1/+1
(This used to be commit 99b9570ebe5aa9f57db65a04cfc5835b382cb4dd)
2007-10-10r21941: Attempt to fix bug 4460Volker Lendecke1-1/+1
(This used to be commit d1b8f00c122414e532cdb3da78f84d55698cbc10)
2007-10-10r21940: Sorry Volker, I have to revert your revert in r21935.Gerald Carter3-10/+46
We can talk about this later if you still feel that strongly but I need to fix the build for now. (This used to be commit c7df0cad8257333c6a8dfd98818269a783ba7a26)
2007-10-10r21935: Revert obviously not sufficiently tested code -- sorry for the pain. ↵Volker Lendecke3-46/+10
I am afraid I was basically off the net for the day (This used to be commit 08c29abc03267b0dfb41cec3734653a536027a10)
2007-10-10r21933: Change the write_sock() call in pam_winbind_request()Gerald Carter1-1/+1
to not request a privileged pipe operation for everything as this cannot be done from a process running under the context of a user (e.g. screensaver). Thanks to Danilo Almeida <dalmeida@centeris.com> for the help in pointing out the change to write_sock(). (This used to be commit 80790f935abc8905542338b08f54d61ebacf2ff1)
2007-10-10r21927: Removed unused variable.Jeremy Allison1-1/+0
Jeremy. (This used to be commit 2d951c91a5ac9779dcb124190e3e7f86cee9efdf)
2007-10-10r21919: now that the local passdb abd BUILTIN have been blacklisted and they ↵Simo Sorce1-15/+0
always point to the passdb module, remove this comment and move the explanation in the dimap_ad man page. Simo. (This used to be commit 58d2ec00d241f0ea8f9e165518b29bd35d2dc199)
2007-10-10r21918: Reverting this change as it is now causing aborts() inGerald Carter1-6/+1
find_builtin_domain(). This all needs more testing before anyone starts changing these lookup routines again. (This used to be commit add225e1c8fef1d3ddb7fd43c1744858df45ecfd)
2007-10-10r21913: fix one bug in build 717: correctly check the return from ↵Gerald Carter1-1/+1
sid_peek_check_rid() when trying to find a matching domain (This used to be commit c63bc300376e5be10585366013449a359b0778c1)
2007-10-10r21905: RenameGerald Carter1-3/+3
idmap expire time -> idmap cache time idmap negative time -> idmap negative cache time (This used to be commit aac2d0af5e870190e99317e8e88b22a9562485b4)
2007-10-10r21887: Fix annoying bug where in a pam_close_session (or a pam_setcred with theGünther Deschner1-1/+29
PAM_DELETE_CREDS flag set) any user could delete krb5 credential caches. Make sure that only root can do this. Jerry, Jeremy, please check. Guenther (This used to be commit 947a59a849e9132631ec56b7ade09137e508d5d6)
2007-10-10r21884: * Blacklist BUILTIN and MACHINE domains from theGerald Carter1-13/+26
idmap domains as these should only be handled by the winbindd_passdb.c backend * Allow the alloc init to fail for backwards compatible configurations like idmap backend = ad idmap uid = 1000-100000 .... * Remove the deprecated flags from idmap backend, et. al. These are mutually exclusive with the new configuration options (idmap domains). Logging annoying messages about deprecated parameters is confusing. So we'll try this apprpach for now. (This used to be commit 5e30807b4e9c0211c9e2c02deee94543e8f0d855)
2007-10-10r21881: Make sure we are very specific when testing whether a backand can ↵James Peach1-1/+7
handle a particular SID. Make sure that the passdb backend will accept the same set range of local SIDs that the idmap system sends it. Simo, Jerry - this is a 3_0_25 candidate. Can you please review? (This used to be commit 86a70adb6a2d277f235857451bbee7d530d15310)
2007-10-10r21878: Fix a bug with smbd serving a windows terminal server: If winbind ↵Volker Lendecke4-11/+47
decides smbd to be idle it might happen that smbd needs to do a winbind operation (for example sid2name) as non-root. This then fails to get the privileged pipe. When later on on the same connection another authentication request comes in, we try to do the CRAP auth via the non-privileged pipe. This adds a winbindd_priv_request_response() request that kills the existing winbind pipe connection if it's not privileged. Volker (This used to be commit e5741e27c4c22702c9f8b07877641fecc7eef39c)
2007-10-10r21873: This is winbindd_pam.c, not pam_winbind.c :-)Volker Lendecke1-1/+1
(This used to be commit e1fbfbe1c49d3ff1ca71a33e66fae1f2d48fb7a7)
2007-10-10r21872: Fix a debug messageVolker Lendecke1-1/+1
(This used to be commit fcec3d1c46affbf802fb411913c8cc59c02102fa)
2007-10-10r21860: Fixes for "winbind normalize names" functionality:Gerald Carter5-5/+15
* Fix getgroups() call called using a normalized name * Fix some more name mappings that could cause for example a user to be unable to unlock the screen as the username would not match in the PAM authenticate call. (This used to be commit 505fc669a1b2c36e1639924b9639c97988056d8d)
2007-10-10r21784: Replace smb_register_idle_event() with event_add_timed(). This fixes ↵Volker Lendecke1-3/+6
winbind who did not run the idle events to drop ldap connections. Volker (This used to be commit af3308ce5a21220ff4c510de356dbaa6cf9ff997)
2007-10-10r21775: make messages more understandable - don't leave part dangling after ↵Herb Lewis1-2/+2
newline (This used to be commit f57e4f8adaa3b8cfc300ee6625fdbca968bb81d3)
2007-10-10r21704: open sockets immediately in process_loopHerb Lewis1-8/+9
(This used to be commit 51b96ba79c9e7ca7a4cdf777fe160152ab35236e)
2007-10-10r21636: Was almost right before. We have to specify the short domain name ↵Gerald Carter1-1/+1
to get the Krb5 config stuff to work in the server affinity settings. (This used to be commit 518052be38385ad089c0cb092d07ccd210a27ef3)
2007-10-10r21633: First real fix from me found during the bug hunt.Gerald Carter1-0/+8
ads_cached_connection() does not call get_dc_name() before ads_connect() and therefore does not setup the environment to look at krb5.conf.DOMAIN file before sending the TGT request. The failure I'm seeing occurs ni a multi-DC domain where we get back preuath failed after we just joined the domain. (This used to be commit 256f36dce3e3a39798b2ad38fa3123669d670597)