| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
per-call basis rather than per-connection.
Had a bit more of a reformatting fest.
Still need to run it through insure and handle downed connections.
(This used to be commit 46fe5a8fb96974e1323bc3e5d94fda74edbeb852)
|
|
(This used to be commit 5fc97e72ebf5976d66345107f3d9e6d3ae27eb94)
|
|
(This used to be commit c6338d7eaeb31db2666603fcdd9179e61891a1c9)
|
|
Pass domain structure around in cache code rather than the domain name.
Some misc reformatting to make things look prettier.
(This used to be commit 295dd2a5817b5d7c40474b9e460f3515e8c8e449)
|
|
immediately after the call.
(This used to be commit 3e9a80d5bed724690da7321cde6b95022d60ba60)
|
|
(This used to be commit 4f12df9fc569b73dcf037b476976cb3be47ac43f)
|
|
what was I thinking with those 4 character tabs?)
We now pass our winbindd test suite again!
Still to do:
- talloc_ctx on a per winbindd request basis not per connection
- clean up old crap we don't use any more
- test against multiple BDCs (I know this isn't going to work - group/user
handles have to be made against the same DC the domain and basic handles
are.
- implement network and dc failure recovery
(This used to be commit dc4ca0e0bd779b9157ea3b2a8f17eb455abf0f26)
|
|
(This used to be commit 63731d4a00e7a70b48d0c25677c76ec6b2e04ce1)
|
|
- implemented some of the sam related connection manager routines
- fill in group id and gecos fields for getpwnam/getpwuid routines
- convert querydispinfo to cm
- getent passwd now works
Now for the group related routines...
(This used to be commit 4f8ea877876e91d4762f22e78aeb1bce4c65f011)
|
|
I've wrapped up all the decisions about managing, making and closing
connections into a connection manager in nsswitch/winbindd_cm.c.
It's rather incomplete at the moment - only querying basic user info works
at the moment (i.e finger -m DOMAIN/user) and everything else is broken.
Jeremy, please take a look and I'll start moving across the rest of
winbindd to this new system.
(This used to be commit c369cf5af787ed9c642778d21f162716fbf0620e)
|
|
(This used to be commit d30939a091b48f4d77f7618c75668ae151a5592e)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
(This used to be commit 03dc67788f68c9e01b5a82fdf43f837cb19f4608)
|
|
- the usersupplied_info now contains a smb_username (as it comes across on
the wire) and a unix_username (after being passed through mapping
functions)
- when doing security={server,domain} use the smb_username, otherwise use
the unix_username
(This used to be commit d34fd8ec0716127c7a68eeb8e77d1ae8cc07b547)
|
|
(This used to be commit fe6679dffba9a92bb35933ad52172c9be0e9ef90)
|
|
(This used to be commit f59826c0c9ba283c25faeec2cbdc7e19cca7aa04)
|
|
(This used to be commit 1e9815105e235ad1141b899b03d3de756d217d49)
|
|
(This used to be commit c04c67fec85b1c81ef0b3cebacde304a1de0d854)
|
|
NSS_STATUS and WINBINDD error codes mixed up
(This used to be commit 66698d6b841df809a8654012a8385bffacb9dc4a)
|
|
(This used to be commit c65e8db7ae765f844f8b0adb1e5de3651561ad96)
|
|
the client code still needs some work
(This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
|
|
(This used to be commit 3e8ccb420260591f362fa8a9d1221481449f8ef7)
|
|
(This used to be commit 2af0a65e4c56e9361ee03286edcf26b5926b39e4)
|
|
(This used to be commit aff66993e47dc14371c15e75de11ff2c15d226f3)
|
|
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
|
|
(This used to be commit 0768991d04ea03e774ca8662c9cae5e1951b88e0)
|
|
(This used to be commit b4e79ab34b7df4687966f4ca81b575dce8503775)
|
|
(This used to be commit 19cd6a1dc446830c1448f4a21a915ea8994dc268)
|
|
Authentication Protocol (CRAP) takes a tuple of (username, random
challenge, encrypted lm password, encrypted nt password) where the
passwords are encrypted with the random challenge ala ntlmssp.
(This used to be commit 11f72a78e3a16bbb17b576d80b47a9eb818ee428)
|
|
Jeremy.
(This used to be commit b4fa49fe13cb93d578b1714d5863a9f50395bf65)
|
|
Jeremy.
(This used to be commit 381c02e6389dbb41fa66a854d7293594fd4bd0a6)
|
|
(This used to be commit 73addddb2e038946e38a6a15f46f61148a49ac08)
|
|
many possible mem leaks, and segfaults fixed.
someone should port this fix to 2.2 also.
(This used to be commit fa8e55b8b465114ce209344965c1ca0333b84db9)
|
|
In particuar, it moves the domain_client_validate stuff out of
auth_domain.c to somwhere where they (I hope) they can be shared
with winbind better. (This may need some work)
The main purpose of this patch was however to improve some of the
internal documentation and to correctly place become_root()/unbecome_root()
calls within the code.
Finally this patch moves some more of auth.c into other files, auth_unix.c
in this case.
Andrew Bartlett
(This used to be commit ea1c547ac880def29f150de2172c95213509350e)
|
|
samba-technical a few weeks ago.
The idea here is to standardize the checking of user names and passwords,
thereby ensuring that all authtentications pass the same standards. The
interface currently implemented in as
nt_status = check_password(user_info, server_info)
where user_info contains (mostly) the authentication data, and server_info
contains things like the user-id they got, and their resolved user name.
The current ugliness with the way the structures are created will be killed
the next revision, when they will be created and malloced by creator functions.
This patch also includes the first implementation of NTLMv2 in HEAD, but which
needs some more testing. We also add a hack to allow plaintext passwords to be
compared with smbpasswd, not the system password database.
Finally, this patch probably reintroduces the PAM accounts bug we had in
2.2.0, I'll fix that once this hits the tree. (I've just finished testing
it on a wide variety of platforms, so I want to get this patch in).
(This used to be commit b30b6202f31d339b48d51c0d38174cafd1cfcd42)
|
|
(This used to be commit 6e698d65ecb13b0b46d15bce7e0314fa1a46a13a)
|
|
(This used to be commit 7b3d030e1f869a842822d9a356a027cca6f3a725)
|
|
cli_samr_query_dispinfo().
(This used to be commit d5f12bc53074d574a503e7183887fdcec9bb9dd4)
|
|
NT. Note this can be done completely anonymously.
(This used to be commit 96bd7bdd0b4f6572c678c7b1bc5ffe733e632fda)
|
|
works much better with trusted domains whose DCs cannot be reached.
I'm pretty impressed with how much faster winbindd is in HEAD rather than
TNG. A lot fewer unecessary name lookups are performed and it feels a lot
zippier now.
(This used to be commit 36413784aec5819c83e5e469ce4c7bb5d468e980)
|
|
strchr() for the moment
(This used to be commit c2c1f2027e6e623bba59610e3aa41618773e6361)
|
|
code not to do lookups for a particular domain. This allows winbind to
operate on a Samba PDC
(This used to be commit d472ee3a690fb6db03fd4536e4093a18fc37ddbb)
|
|
(This used to be commit 001129e2153633dbd079889b11331e9c27786e5b)
|
|
can't redefine them. damn.
(This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
|
|
This commit gets rid of all our old codepage handling and replaces it with
iconv. All internal strings in Samba are now in "unix" charset, which may
be multi-byte. See internals.doc and my posting to samba-technical for
a more complete explanation.
(This used to be commit debb471267960e56005a741817ebd227ecfc512a)
|
|
instead of a define
(This used to be commit e2ecff419fdc0a0dc7551b33b377dc11061ef2a3)
|
|
but the code suffered from bitrot and is not now reentrant. That means
we can get bizarre behaviour
i've fixed this by making next_token() reentrant and creating a
next_token_nr() that is a small non-reentrant wrapper for those lumps
of code (mostly smbclient) that have come to rely on the non-reentrant
behaviour
(This used to be commit 674ee2f1d12b0afc164a9e9072758fd1c5e54df7)
|
|
Don't call find_domain_from_name() from winbindd_kill_connections() as
you get stuck in an infinite loop!
(This used to be commit 8e982941d82b813197f2a9720149e60f629b5b20)
|
|
(This used to be commit 6bd1ba9a0432ab5e6c2ebe6ea0fa486960fd4289)
|
|
(This used to be commit bb01d2151cde866f0e2d91ee7c58439eeb382c48)
|
