summaryrefslogtreecommitdiff
path: root/source3/nsswitch
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r24977: Ensure negative caching for name2sid, sid2name and rids2namesRafal Szczesniak1-26/+89
mappings. rafal (This used to be commit 3a9b5eabf97e892e761184da37465d850b5d774c)
2007-10-10r24954: Fix the build without krb5.Günther Deschner1-3/+11
Guenther (This used to be commit 9df961914c3119eb6b20ecdc05d963480dea3521)
2007-10-10r24952: Set the kdc locator env vars. This makes the krb5 locator plugin fullyGünther Deschner2-3/+67
operational (from within winbindd and outside). Guenther (This used to be commit 800645d5388d7df1f8cf31b4218bfc7dd5b4d12a)
2007-10-10r24920: Reformatting.Günther Deschner1-128/+182
Guenther (This used to be commit 62426a055513c309a381d0d96d60edc07e6dfcdf)
2007-10-10r24879: Activate the winbindd cache-validation message handler.Michael Adam1-4/+38
Now the winbindd cache can be checked at runtime by calling "smbcontrol winbindd validate-cache". For the execution of the validation code, I fork a child and in the child restore the default SIGCHLD handler in order for the fork/waitpid mechanism of tdb_validate to work. Michael (This used to be commit f379a5c47d5004a5a66b6c12ec119c739b9e146d)
2007-10-10r24848: Make tdb_validate() take an open tdb handle instead of a file name.Michael Adam1-1/+6
A new wrapper tdb_validate_open() takes a filename an opens and closes the tdb before and after calling tdb_validate() respectively. winbindd_validata_cache_nobackup() now dynamically calls one of the above functions depending on whether the cache tdb has already been opened or not. Michael (This used to be commit dc0b08e6590caa4974fd4d9f34f39f261d1f1dee)
2007-10-10r24843: Add a "validate-cache" control message to winbindd.Michael Adam1-0/+26
So there is a new subcommand "smbcontrol winbindd validate-cache" now. This change provides the infrastructure: The function currently returns "true" unconditionally. The call of a real cache validation function will be incorporated in subsequent changes. Michael (This used to be commit ef92d505c04397614cb0dd5ede967e9017a5e302)
2007-10-10r24833: Move locator to nsswitch (does not belong to libads anymore).Günther Deschner1-0/+395
Guenther (This used to be commit af90c6949c929c82d4390b2f87a420bd598275dd)
2007-10-10r24830: Add a winbindd cache validation function that does not doMichael Adam1-0/+25
backup and corrupt file handling. (To be used in subsequent changes.) (This used to be commit b3dcadbed0b4a1b7bb2e83df2c66bca9dcbcad60)
2007-10-10r24829: Make use of a variable, that is available... :-)Michael Adam1-2/+1
(This used to be commit 90626652084c2ada6b2eb041db652720c03a1c3b)
2007-10-10r24826: Fix two memleaks in idmap_cache.c, bug 4917Volker Lendecke1-2/+4
Thanks again to Patrick Rynhart for persisting :-) Simo, please check! (This used to be commit 0a9171f9efc2322954c0d06757b91d9124ab8a8e)
2007-10-10r24809: Consolidate the use of temporary talloc contexts.Volker Lendecke2-9/+8
This adds the two functions talloc_stackframe() and talloc_tos(). * When a new talloc stackframe is allocated with talloc_stackframe(), then * the TALLOC_CTX returned with talloc_tos() is reset to that new * frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse * happens: The previous talloc_tos() is restored. * * This API is designed to be robust in the sense that if someone forgets to * TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and * resets the talloc_tos(). The original motivation for this patch was to get rid of the sid_string_static & friends buffers. Explicitly passing talloc context everywhere clutters code too much for my taste, so an implicit talloc_tos() is introduced here. Many of these static buffers are replaced by a single static pointer. The intended use would thus be that low-level functions can rather freely push stuff to talloc_tos, the upper layers clean up by freeing the stackframe. The more of these stackframes are used and correctly freed the more exact the memory cleanup happens. This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and lp_talloc_ctx (did I forget any?) So, never do a tmp_ctx = talloc_init("foo"); anymore, instead, use tmp_ctx = talloc_stackframe() :-) Volker (This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b)
2007-10-10r24807: Add WINBINDD_LOCATOR_KDC_ADDRESS env which will be used for the case ↵Günther Deschner2-0/+34
when the locator gets called from within winbindd. Guenther (This used to be commit 46dbd6034ec2c6475f428cd2d5cce56268bc34a7)
2007-10-10r24801: When told to ignore the winbind cache also do so while trying to ↵Günther Deschner1-0/+4
store entries. Thanks Michael for pointing this out. Guenther (This used to be commit c7047604446c3fc33b5e14833267ac8ad3a906b1)
2007-10-10r24799: Prefer IP address to dns name when replying in winbindd dsgetdcname.Günther Deschner1-1/+17
Guenther (This used to be commit e5cc09c72f4acc851ed53ca02def5d692000d0da)
2007-10-10r24786: Fix another build warning.Günther Deschner1-5/+5
Guenther (This used to be commit 29a56dcc78c49653bcf72dea6313fd4852de8f72)
2007-10-10r24785: Put checks in parentheses.Günther Deschner1-1/+1
Guenther (This used to be commit d8197aca5a4a509d318124f708fe15c35a2b4e11)
2007-10-10r24778: Make sure krb5 locator requests go to a separate locator winbind child.Günther Deschner4-5/+31
Guenther (This used to be commit fb9228b8d167552f0a046ab674f66d4e5b73f5b6)
2007-10-10r24747: Add WINBINDD_DSGETDCNAME call.Günther Deschner5-0/+75
Guenther (This used to be commit 429496a4ccb5c4f4eda11f1b522629889b972c71)
2007-10-10r24746: As the winbindd pipe is officially broken since a while: split out ↵Günther Deschner2-13/+15
request specfic and generic flags in a winbindd_request. It turns out that the WBFLAG_RECURSE flag is the only non-PAM specific flag we put into the "flags" field of a winbind request anyway. Now each request command can use the entire space of the "flags" field. Guenther (This used to be commit 18b29763d1ea0e9198f45bafa460dd68cb69a3d5)
2007-10-10r24740: Fix the build.Günther Deschner1-0/+2
Guenther (This used to be commit a30549bbf4521232158262e117219b0fa8f5eb74)
2007-10-10r24737: Remove older TODO: Convert internal_resolve_name() and friends to ↵Günther Deschner2-2/+2
NTSTATUS. Guenther (This used to be commit 8300aac4944613e411a78ab98de5d77f8fd38fa7)
2007-10-10r24734: Move nss_err_str() to a more public place.Günther Deschner3-19/+21
Guenther (This used to be commit f62292c5a1bcae2bfa10632014c5ac06dd1f50bb)
2007-10-10r24722: Squashed commit of the following:Gerald Carter4-3/+127
commit fb52f971986dd298abbcd9745ddf702820ce0184 Author: Gerald Carter <coffeedude@plainjoe.org> Date: Mon Aug 27 13:50:26 2007 -0500 Check correct return type for pam_winbind_request_log() wnibind_upn_to_username which is an int and not NSS_STATUS. commit 7382edf6fc0fe555df89d5b2a94d12b35049b279 Author: Gerald Carter <coffeedude@plainjoe.org> Date: Mon Aug 27 13:30:26 2007 -0500 Allow wbinfo -n to convert a UPN to a SID commit 8266c0fe1ccf2141e5a983f3213356419e626dda Author: Gerald Carter <coffeedude@plainjoe.org> Date: Fri Aug 3 09:53:16 2007 -0500 Merge some of Guenther UPN work for pam_winbind.c (check the winbind separator and better pam logging when converting a upn to a username). commit 15156c17bc81dbcadf32757015c4e5158823bf3f Author: Gerald Carter <coffeedude@plainjoe.org> Date: Fri Aug 3 08:52:50 2007 -0500 Include Universal groups from the cached PAC/SamLogon info when generating the list of domain group SIDs for a user's token. commit 979053c0307b051954261d539445102c55f309c7 Author: Gerald Carter <coffeedude@plainjoe.org> Date: Thu Aug 2 17:35:41 2007 -0500 merge upnlogon patch from my tree (This used to be commit 98fb5bcd5702d5086bdf9b58105a67efb90950f4)
2007-10-10r24714: Fix confusing indent.Günther Deschner1-6/+7
Guenther (This used to be commit 6a9af88a2d5daa0335a4596f7a826141ba81e303)
2007-10-10r24713: Fix obvious error in enum_dom_groups. We were returning NT_STATUS_OK ↵Günther Deschner1-2/+1
when the realloc failed. Guenther (This used to be commit 750b52cb47b2fd0d31125274fb471a4f1ad6ffa9)
2007-10-10r24711: Remove unused talloc context from query_user_list rpc.Günther Deschner1-7/+0
Guenther (This used to be commit 5187157607c0688e718079fb351e144d431e9040)
2007-10-10r24649: Attempt to fix bug 4917. Simo, please check!Volker Lendecke1-2/+2
Thanks Patrick Rynhart for reporting this. (This used to be commit b7c0404893bb789382a11f86d5156c4623a6de3a)
2007-10-10r24629: Make read_sock return the total number of bytes read insteadMichael Adam1-3/+3
of the number of bytes read in the last of possibly several read calls. This was noted by Metze. Michael (This used to be commit 0193a49223c6314e2834c89fff9920ae7edc4f8a)
2007-10-10r24625: add '-D' option to winbinddStefan Metzmacher1-0/+1
TODO: don't allow '-i -D' and '-D -i' on all server binaries in the SAMBA_3_2 branch! The &server_mode patch makes this difficult to check... metze (This used to be commit 102bb0fc17d6dec102d628f1051675a1ae5a9c27)
2007-10-10r24621: - deferr calling build_options();exit(0);Stefan Metzmacher1-3/+4
- use poptPrintUsage() to give the user more info metze (This used to be commit a95d9d1ef99d6a2f77a289f8d2011cae482821b1)
2007-10-10r24615: Say for which domain the getdcname request failed.Günther Deschner1-1/+2
Guenther (This used to be commit 1ce1958f7a5f41072ad1e2f1fb55f3cd4ebe4b14)
2007-10-10r24599: patch from Karolin Seeger <ks@sernet.de>:Stefan Metzmacher1-4/+10
smbd, nmbd and winbindd can be started with invalid options currently. The first patch attached would be a possible solution. It contains an exit if an invalid option has been used. The main problem is, that existing setups with wrong options or missing arguments in start scripts will break (which is the right behaviour from my point of view). metze (This used to be commit 8532e3182ab44d4ac84823e9798293f156192aaf)
2007-10-10r24584: Merge all pam post-processing code (in particular all extra_data ↵Günther Deschner1-147/+179
code) into append_data(). Guenther (This used to be commit 8c56ee2c58ef5aab64292d4420947ea0a5e2766f)
2007-10-10r24583: Make sure we don't accept invalid request options.Günther Deschner1-0/+41
Thanks to Michael for his bit-magic. Guenther (This used to be commit 8a493cce98c5fcc2e498df9ef1ac0f1e3ee6a75e)
2007-10-10r24579: Merge error reporting to the end of winbindd_pam_auth().Günther Deschner1-16/+14
Guenther (This used to be commit d5bd8b1d618828fe390ca76120863316606dc250)
2007-10-10r24578: Fix build warning.Günther Deschner1-1/+1
Guenther (This used to be commit 27ecb0df792b54d167a829f23bd82c27e0731f0d)
2007-10-10r24438: Use dump_data_pw() instead of dump_data() on sensitive data in winbindd.Günther Deschner3-15/+8
Guenther (This used to be commit adaa5e423dd022e3dc2cbe657146f3978fb59de3)
2007-10-10r24437: Remove "done" in winbindd_raw_kerberos_login() as well.Günther Deschner1-6/+2
Guenther (This used to be commit 44c10bbe9477fc9e731f319e62c1358a7497e316)
2007-10-10r24434: Simplify winbindd_raw_kerberos_login().Günther Deschner1-115/+15
Guenther (This used to be commit 98ffae031ae641fb0ba7f2e972ab731dbe114a5f)
2007-10-10r24420: Pure pedantism: the talloc_init could have failed...Günther Deschner1-2/+1
Guenther (This used to be commit e6415c523234f60da7dcfa4de101e8634dc6927d)
2007-10-10r24353: Add a getpwuid lookup to wbinfo.Kai Blin1-0/+38
Merged from my Samba4 GSoC branch. Volker, can you check if that's done the way you thought? (This used to be commit f8560ea66ce522ff11d16f0e36e10853fe2639d7)
2007-10-10r24331: Fix an error where gid_t != 32 bitVolker Lendecke1-1/+1
(This used to be commit 748fdfbd7ba5cc844f1370a968465b19ae698f94)
2007-10-10r24330: Fix a 64-bit errorVolker Lendecke1-1/+1
(This used to be commit 30fd90346550f1c672edb51ab63b8139a6c4053e)
2007-10-10r24329: Fix a 64-bit bugVolker Lendecke1-1/+1
enums are not necessarily represented as 32-bit uints. On assignment (see line 1029) implicit conversion happens, but not when pointers are taken. (This used to be commit 67ec6863dd91ca2421e4541add99dfd739805242)
2007-10-10r24087: Fix bug 4836, patch by Matthijs Kooijman <matthijs@stdin.nl>. Thanks!Volker Lendecke1-1/+1
Volker (This used to be commit 6c3813cf65ff099a071ad8221402fbb3f877c665)
2007-10-10r24017: merge from http://samba.org/~tridge/samba_3_2_ctdb/:Stefan Metzmacher1-14/+22
add add_trusted_domain() can return NULL metze (This used to be commit 12440efe0bab70a8a1b5100d77e387ce1c371a4e)
2007-10-10r23974: Fix Coverity ID 361. num_rids == 0 is caught on function entryVolker Lendecke1-10/+5
(This used to be commit 839d64add4ebf900863f1ed3e7a379db9b6fdf69)
2007-10-10r23931: Use the new tdb_validate_and_backup function instead of pure ↵Michael Adam1-2/+2
tdb_validate in winbindd cache validation. Michael (This used to be commit 2c2a1ff2c27861ca87afbd8bab39d257a69e9565)
2007-10-10r23928: Merge all "copy-info3-groups-to-sid-array" blocks to a ↵Günther Deschner1-43/+6
sid_array_from_info3() function. Guenther (This used to be commit 1e1e480115e37b3f4c85f979ddd800b8de0b9c57)