Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
|
|
Guenther
|
|
acct_ctrl is 32 bit in LOGIN_CACHE, but "w" as a format specifier for
tdb_unpack only writes 16 bits. Okay on x86, not okay on Solaris.
Thanks to Vladimir.Marek@Sun.COM!
Volker
|
|
|
|
|
|
|
|
|
|
Missed read of entry_timestamp (was entry->entry_timestamp).
Jeremy.
|
|
Fix suggested by Andy Hanton <andyhanton@gmail.com>. The LOGIN_CACHE
struct contains two time_t entries, but was being written to and
read from via tdb_pack/tdb_unpack functions using explicit 32-bit int specifiers.
This would break on machines with a 64-bit time_t. Use correct int
sizes for tdb_pack/tdb_unpack.
We have to fix this properly before 2037 :-).
Jeremy.
|
|
Michael
|
|
Jeremy.
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
and fix all compiler warnings in the users
metze
(This used to be commit 3a28443079c141a6ce8182c65b56ca210e34f37f)
|
|
to avoid creating the TDB_DATA struct from strings "by hand"
metze
(This used to be commit 5a5579d8429e6f76805a093133ba29c7f8321512)
|
|
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
|
|
in net_rpc.c: 715 716 732 734 735 736 737 738 739 749
in net_rpc_audit.c: 754 755 756
in net_rpc_join.c: 757
in net_rpc_registry: 766 767
in net_rpc_samsync.c: 771 773
in net_sam.c: 797 798
Volker
(This used to be commit 3df0bf7d6050fd7c9ace72487d4f74d92e30a584)
|
|
to make full use of the new talloc() interface. Discussed with Volker
and Jeremy.
* remove the internal mem_ctx and simply use the talloc()
structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
upcoming changes. Groups will most likely be replaced with a
'struct samg' in the future.
Note that there are now passbd API changes. And for the most
part, the wrapper functions remain the same.
While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs. The code also needs more testing under valgrind to
ensure it's not leaking memory.
But it's a start......
(This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
===================================================================
--- pdb_ldap.c (revision 1095)
+++ pdb_ldap.c (working copy)
@@ -1134,6 +1134,19 @@
return NT_STATUS_OK;
}
+static void append_attr(char ***attr_list, const char *new_attr)
+{
+ int i;
+
+ for (i=0; (*attr_list)[i] != NULL; i++)
+ ;
+
+ (*attr_list) = Realloc((*attr_list), sizeof(**attr_list) * (i+2));
+ SMB_ASSERT((*attr_list) != NULL);
+ (*attr_list)[i] = strdup(new_attr);
+ (*attr_list)[i+1] = NULL;
+}
+
/**********************************************************************
Get SAM_ACCOUNT entry from LDAP by username.
*********************************************************************/
@@ -1149,6 +1162,7 @@
int rc;
attr_list = get_userattr_list( ldap_state->schema_ver );
+ append_attr(&attr_list, MODIFY_TIMESTAMP_STRING);
rc = ldapsam_search_suffix_by_name(ldap_state, sname, &result, attr_list);
free_attr_list( attr_list );
@@ -1194,6 +1208,7 @@
switch ( ldap_state->schema_ver ) {
case SCHEMAVER_SAMBASAMACCOUNT:
attr_list = get_userattr_list(ldap_state->schema_ver);
+ append_attr(&attr_list, MODIFY_TIMESTAMP_STRING);
rc = ldapsam_search_suffix_by_sid(ldap_state, sid, result, attr_list);
free_attr_list( attr_list );
Index: login_cache.c
===================================================================
--- login_cache.c (revision 1095)
+++ login_cache.c (working copy)
@@ -95,10 +95,13 @@
&entry->bad_password_count,
&entry->bad_password_time) == -1) {
DEBUG(7, ("No cache entry found\n"));
+ SAFE_FREE(entry);
SAFE_FREE(databuf.dptr);
return NULL;
}
+ SAFE_FREE(databuf.dptr);
+
DEBUG(5, ("Found login cache entry: timestamp %12u, flags 0x%x, count %d, time %12u\n",
(unsigned int)entry->entry_timestamp, entry->acct_ctrl,
entry->bad_password_count, (unsigned int)entry->bad_password_time));
(This used to be commit c0bf8425f4b9ee30ffc878704bde980d8c51ed05)
|
|
metze
(This used to be commit 908d8a412559997256f51caa30da254f0768f114)
|
|
Jeremy.
(This used to be commit 85d9c92fd53a65fccca3720a3b06d69ef28f9981)
|
|
bad time locally, updating the directory only for hitting the policy limit
or resetting.
This needed to be done at the passdb level rather than auth, because some
of the functions need to be supported from tools such as pdbedit. It was
done at the LDAP backend level instead of generically after discussion,
because of the complexity of inserting it at a higher level.
The login cache read/write/delete is outside of the ldap backend, so it could
easily be called by other backends. tdbsam won't call it for obvious
reasons, and authors of other backends need to decide if they want to
implement it.
(This used to be commit 2a679cbc87a2a9111e9e6cdebbb62dec0ab3a0c0)
|