summaryrefslogtreecommitdiff
path: root/source3/nsswitch
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r25130: make use only of base types which are provided by libreplaceStefan Metzmacher7-216/+144
in winbind client and nss/pam stuff metze (This used to be commit 2e13e05fa91788bd128e6940bccc0d2cc7140986)
2007-10-10r25128: _XOPEN_SOURCE_EXTENDED and socklen_t are always provided by libreplaceStefan Metzmacher1-5/+0
metze (This used to be commit b3ee9adf28ee8136528d0236a3a2c894c2223053)
2007-10-10r25107: Fix const warning caused by the way I reformatted thisSimo Sorce1-3/+4
(This used to be commit 6ce01bf41339b4c48aa458bb0667664727d3dac3)
2007-10-10r25099: Commit fix for CVE-2007-4138 from 3.0.26 release.Gerald Carter1-1/+1
(This used to be commit aa768a4a20930833d6921ed112601873b228a64d)
2007-10-10r25087: Reformatting: Get rid of an abundance of leading tabs...Michael Adam1-11/+11
(This used to be commit d8676f30d5b8168ff0c82993fb51cff18bea1f96)
2007-10-10r25086: Fix interdomain trusts (this povides the fix expected in r22709):Michael Adam1-2/+2
Fix winbindd on a Samba DC talking to a trusted domain DC by making it use the trusted domain password... Michael I hope this does not brake any other setup. (This used to be commit 2322fe5cd76c5b7214c66f8a403debe1e36a82d6)
2007-10-10r25074: as all requests in the winbindd child are sync, we can use talloc_tos()Stefan Metzmacher1-5/+2
metze (This used to be commit 6e238fe5b458fc6b9184144fa124f497c81eec8d)
2007-10-10r25068: Older samba3 DCs will return DCERPC_FAULT_OP_RNG_ERROR for every ↵Günther Deschner1-0/+10
opcode on the LSARPC_DS pipe, continue with no_lsarpc_ds mode here as well to get domain->initialized set to True. This avoids permanent scanning of Samba3 DCs in winbindd. Thanks Michael, for pointing this out. Guenther (This used to be commit 9b85f7ca43896ddd40dd8cb4a52969e94914db43)
2007-10-10r25064: We use BOOL/True/False not bool/true/falseSimo Sorce1-4/+4
(This used to be commit f624a269bf242630e9bda7a89b9b0e8e12646982)
2007-10-10r25063: Fix segfault in smbldp_set_creds when we want to use anonymous, theSimo Sorce1-3/+4
code was not passing in the "anon" flag correctly and was passing NULL pointers. (This used to be commit 6316a9c14d8bc467c84c1604248a9e30abaacd2f)
2007-10-10r25062: Reformat, remove trailing spaces and fit lines into 80 columnsSimo Sorce1-156/+237
(This used to be commit 1850d1c10f1fe77402e0ed79d6980d55d90637fb)
2007-10-10r25060: Fix formatting, remove trailing spaces and cut lines longer than 80 ↵Simo Sorce1-160/+255
chars (This used to be commit 7a4d4658904a601ae42ec1804db06cda734553d2)
2007-10-10r25059: Apply to 3.2 as wellSimo Sorce1-24/+12
(This used to be commit 17a7d33b3bede85d6d64ecadfa065e71739517be)
2007-10-10r25032: Contact an off site DC if non is available on site.Lars Müller1-13/+21
(This used to be commit 50879e6de5101b6c5ab8b3fb954f1d2a48530716)
2007-10-10r25022: Fix coverity #395. Resource leak on error.Jeremy Allison1-6/+13
Jeremy. (This used to be commit 6a237600b825f4df2241277bdd80e98669f69685)
2007-10-10r25020: Fix coverity #374, possible null deref.Jeremy Allison1-4/+4
Jeremy. (This used to be commit 82b3656b4b26ff63d894eed975d73ef3c8b5d2b2)
2007-10-10r24978: move domain_init_recv() near the functions that uses itStefan Metzmacher1-15/+16
metze (This used to be commit 18e830a935d4712bfbff54f94b531e30cea8a1f9)
2007-10-10r24977: Ensure negative caching for name2sid, sid2name and rids2namesRafal Szczesniak1-26/+89
mappings. rafal (This used to be commit 3a9b5eabf97e892e761184da37465d850b5d774c)
2007-10-10r24954: Fix the build without krb5.Günther Deschner1-3/+11
Guenther (This used to be commit 9df961914c3119eb6b20ecdc05d963480dea3521)
2007-10-10r24952: Set the kdc locator env vars. This makes the krb5 locator plugin fullyGünther Deschner2-3/+67
operational (from within winbindd and outside). Guenther (This used to be commit 800645d5388d7df1f8cf31b4218bfc7dd5b4d12a)
2007-10-10r24920: Reformatting.Günther Deschner1-128/+182
Guenther (This used to be commit 62426a055513c309a381d0d96d60edc07e6dfcdf)
2007-10-10r24879: Activate the winbindd cache-validation message handler.Michael Adam1-4/+38
Now the winbindd cache can be checked at runtime by calling "smbcontrol winbindd validate-cache". For the execution of the validation code, I fork a child and in the child restore the default SIGCHLD handler in order for the fork/waitpid mechanism of tdb_validate to work. Michael (This used to be commit f379a5c47d5004a5a66b6c12ec119c739b9e146d)
2007-10-10r24848: Make tdb_validate() take an open tdb handle instead of a file name.Michael Adam1-1/+6
A new wrapper tdb_validate_open() takes a filename an opens and closes the tdb before and after calling tdb_validate() respectively. winbindd_validata_cache_nobackup() now dynamically calls one of the above functions depending on whether the cache tdb has already been opened or not. Michael (This used to be commit dc0b08e6590caa4974fd4d9f34f39f261d1f1dee)
2007-10-10r24843: Add a "validate-cache" control message to winbindd.Michael Adam1-0/+26
So there is a new subcommand "smbcontrol winbindd validate-cache" now. This change provides the infrastructure: The function currently returns "true" unconditionally. The call of a real cache validation function will be incorporated in subsequent changes. Michael (This used to be commit ef92d505c04397614cb0dd5ede967e9017a5e302)
2007-10-10r24833: Move locator to nsswitch (does not belong to libads anymore).Günther Deschner1-0/+395
Guenther (This used to be commit af90c6949c929c82d4390b2f87a420bd598275dd)
2007-10-10r24830: Add a winbindd cache validation function that does not doMichael Adam1-0/+25
backup and corrupt file handling. (To be used in subsequent changes.) (This used to be commit b3dcadbed0b4a1b7bb2e83df2c66bca9dcbcad60)
2007-10-10r24829: Make use of a variable, that is available... :-)Michael Adam1-2/+1
(This used to be commit 90626652084c2ada6b2eb041db652720c03a1c3b)
2007-10-10r24826: Fix two memleaks in idmap_cache.c, bug 4917Volker Lendecke1-2/+4
Thanks again to Patrick Rynhart for persisting :-) Simo, please check! (This used to be commit 0a9171f9efc2322954c0d06757b91d9124ab8a8e)
2007-10-10r24809: Consolidate the use of temporary talloc contexts.Volker Lendecke2-9/+8
This adds the two functions talloc_stackframe() and talloc_tos(). * When a new talloc stackframe is allocated with talloc_stackframe(), then * the TALLOC_CTX returned with talloc_tos() is reset to that new * frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse * happens: The previous talloc_tos() is restored. * * This API is designed to be robust in the sense that if someone forgets to * TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and * resets the talloc_tos(). The original motivation for this patch was to get rid of the sid_string_static & friends buffers. Explicitly passing talloc context everywhere clutters code too much for my taste, so an implicit talloc_tos() is introduced here. Many of these static buffers are replaced by a single static pointer. The intended use would thus be that low-level functions can rather freely push stuff to talloc_tos, the upper layers clean up by freeing the stackframe. The more of these stackframes are used and correctly freed the more exact the memory cleanup happens. This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and lp_talloc_ctx (did I forget any?) So, never do a tmp_ctx = talloc_init("foo"); anymore, instead, use tmp_ctx = talloc_stackframe() :-) Volker (This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b)
2007-10-10r24807: Add WINBINDD_LOCATOR_KDC_ADDRESS env which will be used for the case ↵Günther Deschner2-0/+34
when the locator gets called from within winbindd. Guenther (This used to be commit 46dbd6034ec2c6475f428cd2d5cce56268bc34a7)
2007-10-10r24801: When told to ignore the winbind cache also do so while trying to ↵Günther Deschner1-0/+4
store entries. Thanks Michael for pointing this out. Guenther (This used to be commit c7047604446c3fc33b5e14833267ac8ad3a906b1)
2007-10-10r24799: Prefer IP address to dns name when replying in winbindd dsgetdcname.Günther Deschner1-1/+17
Guenther (This used to be commit e5cc09c72f4acc851ed53ca02def5d692000d0da)
2007-10-10r24786: Fix another build warning.Günther Deschner1-5/+5
Guenther (This used to be commit 29a56dcc78c49653bcf72dea6313fd4852de8f72)
2007-10-10r24785: Put checks in parentheses.Günther Deschner1-1/+1
Guenther (This used to be commit d8197aca5a4a509d318124f708fe15c35a2b4e11)
2007-10-10r24778: Make sure krb5 locator requests go to a separate locator winbind child.Günther Deschner4-5/+31
Guenther (This used to be commit fb9228b8d167552f0a046ab674f66d4e5b73f5b6)
2007-10-10r24747: Add WINBINDD_DSGETDCNAME call.Günther Deschner5-0/+75
Guenther (This used to be commit 429496a4ccb5c4f4eda11f1b522629889b972c71)
2007-10-10r24746: As the winbindd pipe is officially broken since a while: split out ↵Günther Deschner2-13/+15
request specfic and generic flags in a winbindd_request. It turns out that the WBFLAG_RECURSE flag is the only non-PAM specific flag we put into the "flags" field of a winbind request anyway. Now each request command can use the entire space of the "flags" field. Guenther (This used to be commit 18b29763d1ea0e9198f45bafa460dd68cb69a3d5)
2007-10-10r24740: Fix the build.Günther Deschner1-0/+2
Guenther (This used to be commit a30549bbf4521232158262e117219b0fa8f5eb74)
2007-10-10r24737: Remove older TODO: Convert internal_resolve_name() and friends to ↵Günther Deschner2-2/+2
NTSTATUS. Guenther (This used to be commit 8300aac4944613e411a78ab98de5d77f8fd38fa7)
2007-10-10r24734: Move nss_err_str() to a more public place.Günther Deschner3-19/+21
Guenther (This used to be commit f62292c5a1bcae2bfa10632014c5ac06dd1f50bb)
2007-10-10r24722: Squashed commit of the following:Gerald Carter4-3/+127
commit fb52f971986dd298abbcd9745ddf702820ce0184 Author: Gerald Carter <coffeedude@plainjoe.org> Date: Mon Aug 27 13:50:26 2007 -0500 Check correct return type for pam_winbind_request_log() wnibind_upn_to_username which is an int and not NSS_STATUS. commit 7382edf6fc0fe555df89d5b2a94d12b35049b279 Author: Gerald Carter <coffeedude@plainjoe.org> Date: Mon Aug 27 13:30:26 2007 -0500 Allow wbinfo -n to convert a UPN to a SID commit 8266c0fe1ccf2141e5a983f3213356419e626dda Author: Gerald Carter <coffeedude@plainjoe.org> Date: Fri Aug 3 09:53:16 2007 -0500 Merge some of Guenther UPN work for pam_winbind.c (check the winbind separator and better pam logging when converting a upn to a username). commit 15156c17bc81dbcadf32757015c4e5158823bf3f Author: Gerald Carter <coffeedude@plainjoe.org> Date: Fri Aug 3 08:52:50 2007 -0500 Include Universal groups from the cached PAC/SamLogon info when generating the list of domain group SIDs for a user's token. commit 979053c0307b051954261d539445102c55f309c7 Author: Gerald Carter <coffeedude@plainjoe.org> Date: Thu Aug 2 17:35:41 2007 -0500 merge upnlogon patch from my tree (This used to be commit 98fb5bcd5702d5086bdf9b58105a67efb90950f4)
2007-10-10r24714: Fix confusing indent.Günther Deschner1-6/+7
Guenther (This used to be commit 6a9af88a2d5daa0335a4596f7a826141ba81e303)
2007-10-10r24713: Fix obvious error in enum_dom_groups. We were returning NT_STATUS_OK ↵Günther Deschner1-2/+1
when the realloc failed. Guenther (This used to be commit 750b52cb47b2fd0d31125274fb471a4f1ad6ffa9)
2007-10-10r24711: Remove unused talloc context from query_user_list rpc.Günther Deschner1-7/+0
Guenther (This used to be commit 5187157607c0688e718079fb351e144d431e9040)
2007-10-10r24649: Attempt to fix bug 4917. Simo, please check!Volker Lendecke1-2/+2
Thanks Patrick Rynhart for reporting this. (This used to be commit b7c0404893bb789382a11f86d5156c4623a6de3a)
2007-10-10r24629: Make read_sock return the total number of bytes read insteadMichael Adam1-3/+3
of the number of bytes read in the last of possibly several read calls. This was noted by Metze. Michael (This used to be commit 0193a49223c6314e2834c89fff9920ae7edc4f8a)
2007-10-10r24625: add '-D' option to winbinddStefan Metzmacher1-0/+1
TODO: don't allow '-i -D' and '-D -i' on all server binaries in the SAMBA_3_2 branch! The &server_mode patch makes this difficult to check... metze (This used to be commit 102bb0fc17d6dec102d628f1051675a1ae5a9c27)
2007-10-10r24621: - deferr calling build_options();exit(0);Stefan Metzmacher1-3/+4
- use poptPrintUsage() to give the user more info metze (This used to be commit a95d9d1ef99d6a2f77a289f8d2011cae482821b1)
2007-10-10r24615: Say for which domain the getdcname request failed.Günther Deschner1-1/+2
Guenther (This used to be commit 1ce1958f7a5f41072ad1e2f1fb55f3cd4ebe4b14)
2007-10-10r24599: patch from Karolin Seeger <ks@sernet.de>:Stefan Metzmacher1-4/+10
smbd, nmbd and winbindd can be started with invalid options currently. The first patch attached would be a possible solution. It contains an exit if an invalid option has been used. The main problem is, that existing setups with wrong options or missing arguments in start scripts will break (which is the right behaviour from my point of view). metze (This used to be commit 8532e3182ab44d4ac84823e9798293f156192aaf)