summaryrefslogtreecommitdiff
path: root/source3/nsswitch
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r20240: Be a little more verbose about the credential flags when the debug flagGünther Deschner1-2/+16
is set. Guenther (This used to be commit ecbab58826a51ace2a0d1181a41391f5d170ff06)
2007-10-10r20239: Parse the configfile for pam_sm_setcred as wellGünther Deschner1-1/+7
(e.g. to get the debug flag) Guenther (This used to be commit 2c549f71f15b066ac1f415544848b582558abd5d)
2007-10-10r20218: Same fix as r20217 -- can we consolidate that duplicated code a bit?Volker Lendecke1-8/+16
(This used to be commit fdb310f57932ac3b3fd09721e6b6494b30ad57af)
2007-10-10r20217: uid_t and gid_t are not necessarily 32 bit. In assignments we get an ↵Volker Lendecke1-8/+12
automatic conversion, but not when we pass pointers down to other functions. Simo, please check. Volker (This used to be commit 04845f600b2ac9a129b3ecdb1e9060a5d8502830)
2007-10-10r20216: Fix fallback code.Simo Sorce1-11/+13
A reversed check made it impossile to fallback to the Unix Domain mapping code. Also fix a potential use of a freed array. Jerry, my tests shows that this code now correctly handle the fallback to Unix Domain when our Domain member is asked for a mapped group that has a unix name different from the Windows name against a Samba DC and we do not use winbindd but share users/groups by other means (ldap / sync of passwd and group files) Immediate Fix would be to discuss if we should answer back when DOMAIN\unixgroup -> SID is asked for, in the case the unixgroup name is mapped to a different name. IE: DOMAIN\Domain Admins -> ntadmins Currently if we are asked for "DOMAIN\Domain Admins" we return the dom admins SID If we are asked for "DOMAIN\ntadmins we return "not found", but we may consider to return the Domain admins SID in this case too. Comments are welcome on this point! Long term fix I think is the unixinfo pipe and of course an idmap_unixinfo moudle. Simo. (This used to be commit 07bdbb4c215461a721f9b608bd375387b96ababb)
2007-10-10r20207: Fix a couple more places where extra_data wasJeremy Allison2-5/+8
being talloc'ed off the NULL context instead of being malloced. Jeremy. (This used to be commit 47bdeb4efeaa5a441ad2d39bb3b94d72263e66e4)
2007-10-10r20206: Start cleaning up the talloc_ctx mess.Jeremy Allison4-13/+20
child->mem_ctx isn't actually used for anything, so remove it. Jeremy. (This used to be commit a7f294b59238826c11e579a7b1a4dca7284bb89d)
2007-10-10r20186: Fix winbind crash bug in WINBIND_GETGROUPS.Günther Deschner1-2/+3
response_extra_sent() expects to free a malloced extra_data.data while the add_XX_to_array functions all return talloced memory now. Jeremy, please check. Guenther (This used to be commit 9f34c9f3695757819d728a17a1497247ea479ebf)
2007-10-10r20180: Ensure that pam returns the correct error messagesJeremy Allison2-48/+91
when offline and or doing password changes. Jeremy. (This used to be commit 4a74c553845c960a355ddb86abaadfe0d550271f)
2007-10-10r20171: Don't delete the krb5 credential if others still reference to it.Günther Deschner2-21/+37
Guenther (This used to be commit a1378979be4fe5ac5148b0a7830859aebb97838c)
2007-10-10r20155: revert, I misreadSimo Sorce1-1/+1
(This used to be commit 20aa6322efe617f928c5cf2224a7660ca6525297)
2007-10-10r20154: Fix nasty typo, hunting another bugSimo Sorce1-1/+1
(This used to be commit bf8dc44cc2892a784ec3a118abc0abb1018fbde4)
2007-10-10r20151: remove meaningless checksSimo Sorce1-8/+0
(This used to be commit 33a55f0cfc0c5eb3f3cfa8276fa258349ad42f8d)
2007-10-10r20150: better memory handling for some functions, make sure we don'tSimo Sorce4-17/+35
leak memory by using the wrong(long lived) mem context (This used to be commit a28cdd6e742cb72a728bd337546ee95fd4160ed8)
2007-10-10r20146: Now online checks are fully async we can do themJeremy Allison1-7/+1
every cache timeout times. Jeremy. (This used to be commit 5d364bc5ccc45b8d7bf3e484d16b37ac9e06b5cf)
2007-10-10r20140: Make online/offline detection completely asynchronous.Jeremy Allison2-23/+181
Now I've done this I might be able to reduce the probe timeout and reduce the backoff algorithm, going back to checking every cache time seconds (5 mins by default), as the parent or forked domain child will never block. Jeremy. (This used to be commit d0add5f946cf63ea43067e8e935876b5346d11de)
2007-10-10r20136: Fix #4290. Properly compute time to password expiration in message fromJim McDonough1-1/+2
pam_winbind. Thanks to Andrew Benham <andrew.benham@thus.net> (This used to be commit 0d03f5137936546253a8b3334995f536f3621d57)
2007-10-10r20124: clean up nested extern declaration warningsHerb Lewis5-13/+15
(This used to be commit ac3eb7813e33b9a2e78c9158433f7ed62c3b62bb)
2007-10-10r20118: Fix some more warningsSimo Sorce2-8/+3
(This used to be commit b6db21ff65139f45a1789105241e4018b61ca472)
2007-10-10r20117: 1st Error in the mergeSimo Sorce1-1/+1
(This used to be commit 5e46c43a2e4b9a3ee8f1f219c96a6b132bb09322)
2007-10-10r20116: Start merging in the work done to create the new idmap subsystem.Simo Sorce20-1021/+6580
Simo. (This used to be commit 50cd8bffeeed2cac755f75fc3d76fe41c451976b)
2007-10-10r20090: Fix a class of bugs found by James Peach. EnsureJeremy Allison6-35/+93
we never mix malloc and talloc'ed contexts in the add_XX_to_array() and add_XX_to_array_unique() calls. Ensure that these calls always return False on out of memory, True otherwise and always check them. Ensure that the relevent parts of the conn struct and the nt_user_tokens are TALLOC_DESTROYED not SAFE_FREE'd. James - this should fix your crash bug in both branches. Jeremy. (This used to be commit 0ffca7559e07500bd09a64b775e230d448ce5c24)
2007-10-10r20087: Ensure we clean up any random pending events weJeremy Allison1-2/+8
may have inherited from our parent in the winbindd forked child. Jeremy. (This used to be commit 0a1352f440a9d9b974ad8d571b2e48a43a15b6cc)
2007-10-10r20082: When fork_domain_child is forked when we're offlineJeremy Allison1-0/+11
the child inherits *all* active check_online timout handlers. This is bad when it's not our domain (ie. BUILTIN). Jeremy. (This used to be commit 8d815ec4c103a83ef7cea0ae5fc64681f6bcb48a)
2007-10-10r20060: Fix the timout calculation.Jeremy Allison1-7/+9
Jeremy. (This used to be commit 017be792f3c41aba2cbda10b53d80aad91c5d666)
2007-10-10r20058: Ensure we actually do the increasing timeJeremy Allison1-3/+1
calculation when in offline mode. Jeremy. (This used to be commit b7dc67ab2a78aba8dc8324430798ef56325d3cd6)
2007-10-10r20057: Attempt to fix connect timeouts when connected onJeremy Allison4-17/+59
a network but not one on which any home DC's can be found (hotel network problem). Still testing but this is getting close. Jeremy. (This used to be commit 369c9e4138b93f7cfb6680f0beb541f58554e856)
2007-10-10r20035: Fix obvious horrible bug in falling back to MS-RPCJeremy Allison1-6/+3
methods. Jeremy. (This used to be commit 7ac4ae4b517a18e97673e95d862a5b18175252c1)
2007-10-10r19975: Deal with 2 keytypes I messed previously (DR/DE).Jeremy Allison1-2/+25
Fix code that mistakenly assumed tdb_traverse returned 0 or -1, it actually returns -1 or the number of entries traversed. Add a static as another way to return the bad cache value. Jeremy. (This used to be commit 5266a70ae9971eb54fa769f89bec7c688285e811)
2007-10-10r19974: Add freelist check for cache. Fix testing of entryJeremy Allison1-19/+19
names (all except SEQNUM are *not* null terminated strings). Jeremy. (This used to be commit bcb68260ba4e6a1ae6b681603367008309b9bfde)
2007-10-10r19958: Add check for WINBIND_OFFLINE key.Jeremy Allison2-3/+9
Jeremy. (This used to be commit 270e84db6de66b4f20dc0a564f706dae4c00b0b2)
2007-10-10r19957: Initial framework to make winbindd robustJeremy Allison3-2/+246
against tdb corruption. Needs fleshing out (and I forgot one record type) and needs helpful suggestion from Volker to validate freelist, but should give an idea of how this will look. Jeremy. (This used to be commit 8eb53f74e414483afde7b1e38ea2a3f56ae3ec66)
2007-10-10r19809: remove winbind blacklist parameterGerald Carter1-24/+0
(This used to be commit 40cff1449886449b34b896e31fd43b7dff436a3f)
2007-10-10r19754: * When using a krb5 session setup, we don't fill in the server_nameGerald Carter1-2/+2
string the clis_state struct. So call saf_store() after we have the short domain name in the lsa_query_inof_policy code. * Remove unused server string in saf_delete() (This used to be commit 3eddae2f2080f8dafec883cb9ffa2e578c242607)
2007-10-10r19710: Fix memory leak in get_conf_item_string(). AsJeremy Allison1-5/+1
we're just doing strchr on a const string there's no need to strdup it before, we're never modifying it. Just remove the variable "parm". Jeremy. (This used to be commit 1af18f613b1399220e38e7ab40665c2ca177c5a7)
2007-10-10r19703: Don't free a string if you want to return it!Simo Sorce1-1/+0
(This used to be commit 3fed72ac3efd1fa7df8fb7d1e2cb9772d66bb4bd)
2007-10-10r19686: Fix the buildVolker Lendecke1-1/+1
(This used to be commit 28ac0235810c53eccb449201ac933d7eaf8eb38f)
2007-10-10r19667: Fix incorrect null checkVolker Lendecke1-1/+1
(This used to be commit dc9cdf37e9e2d33d46f0f6da34a3df372eede982)
2007-10-10r19657: Correctly check for malloc failureVolker Lendecke1-1/+1
(This used to be commit e5b5c9b058b7f2a6188684019ffe42e497ac6b6c)
2007-10-10r19656: Correctly check for malloc failureVolker Lendecke1-1/+1
(This used to be commit 3d0661b0393804707eb42d9ee9377a622333f252)
2007-10-10r19651: Fix interesting bug with the automatic site coverage in Active ↵Günther Deschner1-1/+1
Directory: When having DC-less sites, AD assigns DCs from other sites to that site that does not have it's own DC. The most reliable way for us to identify the nearest DC - in that and all other cases - is the closest_dc flag in the CLDAP reply. Guenther (This used to be commit ff004f7284cb047e738ba3d3ad6602e8aa84e883)
2007-10-10r19626: Coalesce usage of DUMP_CORE. Fix formatting on chdir error messageJames Peach1-2/+0
in core dump path. (This used to be commit 9a51fba71c5fa7082c331e1a78a98638d9aa06cf)
2007-10-10r19420: Remove strequal and use strcmp() instead. Meant toGerald Carter1-11/+12
make the change before theprevious commit. (This used to be commit 815388c4c8be1274359679077a120fec4cc39b0f)
2007-10-10r19419: BUG 4109: Patch from Timur Bakeyev. Fix bug causing smbd to turn offGerald Carter1-7/+14
winbindd and fail to disable the _NO_WINBIND environment. (This used to be commit a6366b40b3967853c20ca5399021108f09ffd505)
2007-10-10r19413: Now we're calling init_dc_connection, this codeJeremy Allison1-16/+0
is completely useless (and in fact harmful :-) in that it causes a winbindd error where there should be none. Jeremy. (This used to be commit acf5419d62f4ac64449d4722c5ff3c9be35c0570)
2007-10-10r19399: Now Guenther discovered one crash dereferencing domain->backends,Jeremy Allison1-1/+1
get paranoid. I don't think this can really happen, but let's be sure. Jeremy. (This used to be commit be4709984b8548abf10a5e9fabba21d53440c42a)
2007-10-10r19394: When we fail to get the list of trusted domains, make sure to returnGünther Deschner1-1/+1
WINBINDD_ERROR. Guenther (This used to be commit 6089b3007bf92904ca4562d21958d7922143dbcb)
2007-10-10r19391: Fix crash bug within the winbind caching method.Günther Deschner1-0/+5
That one was hard to find: when coming from offline mode and switching to online, a refresh sequence number call (using the default MS-RPC mechanism) may reset domain->backend to NULL (by the set_domain_online event). We need to make sure to reidentify the remote domain in that case. Guenther (This used to be commit 4d6503d1377a262ba8b87f344be7daf04e011ef2)
2007-10-10r19371: Add two missing refresh_sequence_number calls where they are missingGünther Deschner1-0/+3
just before writing to the winbind cache tdb. Guenther (This used to be commit bd8548998b06a84c2e66acbcb68542a4b5d8b8df)
2007-10-10r19351: Also export the info3 profilepath via the PAM_WINBIND_PROFILEPATH dataGünther Deschner2-0/+13
field. Guenther (This used to be commit 66b92f27fa4edec180b8c8eee929ec8f31ef6a08)
generated by cgit (git 2.34.1) at 2024-11-01 04:28:45 +0000