Age | Commit message (Collapse) | Author | Files | Lines |
|
connection caching. Getting ready for back-merge to 2.2.3.
Jeremy.
(This used to be commit 5e8df83ba9924adf9df6827c06ed1a2adbe36edf)
|
|
Now we just keep a record of the open pipes.
(This used to be commit 77c287e9460eed7bde7004c7e6c8cb0099c6ba6f)
|
|
loop in winbindd but it didn't work.
(This used to be commit 3ac32af83849e93c83cd1bb48dc7d23e47ccac59)
|
|
Get list of trusted domains if we haven't fetched them yet.
(This used to be commit ed16aa88a422e759d27dbfae39afc72250c80e8d)
|
|
(This used to be commit 1a9a36159104e1d6248254e1efd9925fc1c956d3)
|
|
Cache negative connection attempt lookups.
Fixed loginc bug in connection_ok()
(This used to be commit e07bcfcccd6d4a29f188d978b2c34a7b18ff21fa)
|
|
(This used to be commit 187663210055ecd7b717b3894e3189ca3aaa0ed2)
|
|
Get list of trusted domains if we haven't fetched them yet.
(This used to be commit a7ef2d20b1bb4bdb1b9a2769b5c654bd0be791b3)
|
|
Ignore the SIGUSR1 signal before we install a handler for it as glibc (?)
seems to just print out "User defined signal 1" and exit if no handler
is installed.
(This used to be commit 1212591095dfe65b5e708bee32be5d57b9f33bc8)
|
|
Remove unused old file.
Test 42 byte reply to SMBntcreate (W2K does this).
Jeremy.
(This used to be commit a55a63a4ca55602ad9221af17c0bc8e185536433)
|
|
call slprintf within a signal handler.
Jeremy.
(This used to be commit a9f7974cb8e266ce87d2979fa107bf7ebbb98b70)
|
|
field.... well, now at least the code is there when it does :-).
Jeremy.
(This used to be commit 22e323ca47325482b6ae527070509ed9c6cbccee)
|
|
the currently open connections when winbindd receives a USR1 signal.
Hmm - I've just realised this will conflict with the messaging code
but we don't use that yet.
(This used to be commit caef54e40081477609a824185949ddf6db6ba363)
|
|
robust.
(This used to be commit 8952f8763e16339e58bc65943387a00fc89dc200)
|
|
Jeremy.
(This used to be commit 804f232398b734228256e3361ec6df4ba5cf480c)
|
|
requested name does not have a winbind separator character. This
makes the intent explicit. Tim, contact me if this is not what
you indended.
Jeremy.
(This used to be commit 86b7cf7f85840316052ff29115bf55c04dc17486)
|
|
pam authentication. This allows us to link in less other crap.
Authenticating with a challenge/response doesn't seem to work though - we
always get back NT_STATUS_WRONG_PASSWORD.
(This used to be commit d85aa1ce83327dda6aa3dcd9bbab9cf6979dda1e)
|
|
Got "medieval on our ass" about const warnings (as many as I could :-).
Jeremy.
(This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
|
|
(This used to be commit c80641b6f335aa706a2e384b7cfe7912be4a41b1)
|
|
code.
In particular this assists tpot in some of his work, becouse it provides the
connection between the authenticaion and the vuid generation.
Major Changes:
- Fully malloc'ed structures.
- Massive rework of the code so that all structures are made and destroyed
using malloc and free, rather than hanging around on the stack.
- SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them
to be declared 'invalid' without the chance that people might get ROOT by
default.
- kill off some of the "DOMAIN\user" lookups. These can be readded at a more
appropriate place (probably domain_client_validate.c) in the future. They
don't belong in session setups.
- Massive introduction of DATA_BLOB structures, particularly for passwords.
- Use NTLMSSP flags to tell the backend what its getting, rather than magic
lenghths.
- Fix winbind back up again, but tpot is redoing this soon anyway.
- Abstract much of the work in srv_netlog_nt back into auth helper functions.
This is a LARGE change, and any assistance is testing it is appriciated.
Domain logons are still broken (as far as I can tell) but other functionality
seems
intact.
Needs testing with a wide variety of MS clients.
Andrew Bartlett
(This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c)
|
|
To obtain the full group membership of a user (i.e nested groups on a
win2k native mode server) it is necessary to merge this list of groups
with the groups returned by winbindd when creating an nt access token.
This breaks winbindd linking while AB and I sync up our changes to the
authentication subsystem.
(This used to be commit 4eeb7bcd783d7cfb3ac232f1faa035773007401d)
|
|
Volker
(This used to be commit fd1d0064b3a4fe834c5d8e810a12a8077f9d2a66)
|
|
In particular this commit focuses on:
Actually adding the 'const' to the passdb interface, and the flow-on changes.
Also kill off the 'disp_info' stuff, as its no longer used.
While these changes have been mildly tested, and are pretty small, any
assistance in this is appreciated.
----
These changes introduces a large dose of 'const' to the Samba tree.
There are a number of good reasons to do this:
- I want to allow the SAM_ACCOUNT structure to move from wasteful
pstrings and fstrings to allocated strings. We can't do that if
people are modifying these outputs, as they may well make
assumptions about getting pstrings and fstrings
- I want --with-pam_smbpass to compile with a slightly sane
volume of warnings, currently its pretty bad, even in 2.2
where is compiles at all.
- Tridge assures me that he no longer opposes 'const religion'
based on the ability to #define const the problem away.
- Changed Get_Pwnam(x,y) into two variants (so that the const
parameter can work correctly): - Get_Pwnam(const x) and
Get_Pwnam_Modify(x).
- Reworked smbd/chgpasswd.c to work with these mods, passing
around a 'struct passwd' rather than the modified username
---
This finishes this line of commits off, your tree should now compile again :-)
Andrew Bartlett
(This used to be commit c95f5aeb9327347674589ae313b75bee3bf8e317)
|
|
(This used to be commit 49d47238267c3a2e0fc466178b779a692a7809ff)
|
|
cli_samr_query_userinfo function used to do this.
(This used to be commit da2c167660ec12360354f96dc672d935f58dd9c0)
|
|
(This used to be commit 4f4dace5772780cf4eedc0ebca1c60d04171eb74)
|
|
(This used to be commit d50005d4c118ae32d1ddbdee4feec479db4682b9)
|
|
as one memory leak that has been there for ages!
Changed the way talloc is used in get{pw,gr}nam routines.
(This used to be commit d52cd1854fdff18c223d6dd1eca0e26f1f0bf01b)
|
|
per-call basis rather than per-connection.
Had a bit more of a reformatting fest.
Still need to run it through insure and handle downed connections.
(This used to be commit 46fe5a8fb96974e1323bc3e5d94fda74edbeb852)
|
|
(This used to be commit 5fc97e72ebf5976d66345107f3d9e6d3ae27eb94)
|
|
(This used to be commit c6338d7eaeb31db2666603fcdd9179e61891a1c9)
|
|
Pass domain structure around in cache code rather than the domain name.
Some misc reformatting to make things look prettier.
(This used to be commit 295dd2a5817b5d7c40474b9e460f3515e8c8e449)
|
|
immediately after the call.
(This used to be commit 3e9a80d5bed724690da7321cde6b95022d60ba60)
|
|
(This used to be commit 4f12df9fc569b73dcf037b476976cb3be47ac43f)
|
|
what was I thinking with those 4 character tabs?)
We now pass our winbindd test suite again!
Still to do:
- talloc_ctx on a per winbindd request basis not per connection
- clean up old crap we don't use any more
- test against multiple BDCs (I know this isn't going to work - group/user
handles have to be made against the same DC the domain and basic handles
are.
- implement network and dc failure recovery
(This used to be commit dc4ca0e0bd779b9157ea3b2a8f17eb455abf0f26)
|
|
(This used to be commit 63731d4a00e7a70b48d0c25677c76ec6b2e04ce1)
|
|
- implemented some of the sam related connection manager routines
- fill in group id and gecos fields for getpwnam/getpwuid routines
- convert querydispinfo to cm
- getent passwd now works
Now for the group related routines...
(This used to be commit 4f8ea877876e91d4762f22e78aeb1bce4c65f011)
|
|
I've wrapped up all the decisions about managing, making and closing
connections into a connection manager in nsswitch/winbindd_cm.c.
It's rather incomplete at the moment - only querying basic user info works
at the moment (i.e finger -m DOMAIN/user) and everything else is broken.
Jeremy, please take a look and I'll start moving across the rest of
winbindd to this new system.
(This used to be commit c369cf5af787ed9c642778d21f162716fbf0620e)
|
|
(This used to be commit d30939a091b48f4d77f7618c75668ae151a5592e)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
(This used to be commit 03dc67788f68c9e01b5a82fdf43f837cb19f4608)
|
|
- the usersupplied_info now contains a smb_username (as it comes across on
the wire) and a unix_username (after being passed through mapping
functions)
- when doing security={server,domain} use the smb_username, otherwise use
the unix_username
(This used to be commit d34fd8ec0716127c7a68eeb8e77d1ae8cc07b547)
|
|
(This used to be commit fe6679dffba9a92bb35933ad52172c9be0e9ef90)
|
|
(This used to be commit f59826c0c9ba283c25faeec2cbdc7e19cca7aa04)
|
|
(This used to be commit 1e9815105e235ad1141b899b03d3de756d217d49)
|
|
(This used to be commit c04c67fec85b1c81ef0b3cebacde304a1de0d854)
|
|
NSS_STATUS and WINBINDD error codes mixed up
(This used to be commit 66698d6b841df809a8654012a8385bffacb9dc4a)
|
|
(This used to be commit c65e8db7ae765f844f8b0adb1e5de3651561ad96)
|
|
the client code still needs some work
(This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
|
|
(This used to be commit 3e8ccb420260591f362fa8a9d1221481449f8ef7)
|