Age | Commit message (Collapse) | Author | Files | Lines |
|
used to be commit 6f94672d3da070aae0b17f4dcdc6cd119b68d84c)
|
|
put a doc about it in dev-doc later today.
(This used to be commit af7bfee0c6902c07fdb8d3abccf4c8d6bab00b5a)
|
|
Volker
(This used to be commit f42032060812e9bf409042c790e71fefb40ff17a)
|
|
This patch is heavily based on a patch by SuSE. Thanks
to Guenther Deschner <gd@suse.de> for providing it.
Volker
(This used to be commit 5eaf9195eefda5ababba85cc0f6d581ff6f0f454)
|
|
(This used to be commit 12110a263b5ac65d6b965ccbe19b7be3025f0373)
|
|
(This used to be commit aa9b8382d38346cb3e94ddf2e7caf6d663034579)
|
|
Volker
(This used to be commit a5218499eb3f0a62cd663a06157591fbb0dfcbef)
|
|
Volker
(This used to be commit da83d97eb50c3c3a67985e22410842100207431f)
|
|
Volker
(This used to be commit f0f1518fc450834725902e9cdf33fb8d35f99360)
|
|
Original message:
This patch attemptes to clean up winbindd's mutex locking.
The current locking scheme in winbind is a complete mess - indeed, the
next step should be to push the locking into cli_full_connection(), but
I'll leave it for now.
This patch works on the noted behaviour that 2 parts of the connection
process need protection - and independent protection. Tim Potter did
some work on this a little while back, verifying the second case.
The two cases are:
- between connect() and first session setup
- during the auth2 phase of the netlogon pipe setup.
I've removed the counter on the lock, as I fail to see what it gains us.
This patch also adds 'anonymous fallback' to our winbindd -> DC connection.
If the authenticated connection fails (wbinfo -A specifed) - say that
account isn't trusted by a trusted DC - then we try an anonymous.
Both tpot and mbp like the patch.
Andrew Bartlett
(This used to be commit b5283c00a900393b83f0edb2785c5caf402404eb)
|
|
Volker
(This used to be commit 115cd4b27f84343c7f98622717edda6da4866a6b)
|
|
Volker
(This used to be commit e8975d6e7bdcceb78a83a3446cf1430e1e3f1a72)
|
|
Andrew Bartlett
(This used to be commit 21add5f97d0d112094e34a02e6319991a1d2af4d)
|
|
- packing/unpacking utility functions for trusted domain
password struct; can be used to prepare buffer to store
in secrets.tdb or (soon) passdb backend
- similiar functions for DOM_SID
- respectively modified secrets_(fetch|store) routines
- new auth mapping code utilising introduced is_trusted_domain
function
- added tdb (un)packing of single bytes
Rafal
(This used to be commit 5281ee7e84421b9be746aed2f1718ceaf2a2fe3d)
|
|
The current locking scheme in winbind is a complete mess - indeed, the
next step should be to push the locking into cli_full_connection(), but
I'll leave it for now.
This patch works on the noted behaviour that 2 parts of the connection
process need protection - and independent protection. Tim Potter did
some work on this a little while back, verifying the second case.
The two cases are:
- between connect() and first session setup
- during the auth2 phase of the netlogon pipe setup.
I've removed the counter on the lock, as I fail to see what it gains us.
This patch also adds 'anonymous fallback' to our winbindd -> DC connection.
If the authenticated connection fails (wbinfo -A specifed) - say that
account isn't trusted by a trusted DC - then we try an anonymous.
Both tpot and mbp like the patch.
Andrew Bartlett
(This used to be commit 0620320002082298a15cbba72bd79aecfc607947)
|
|
- Add smb_probe_module()
- Add init_modules()
- Call these functions
(This used to be commit f8f21653225792c0001d183c6efe8b7d89a0785d)
|
|
Andrew Bartlett
(This used to be commit 9ef0d40c3f8aef52ab321dc065264c42065bc876)
|
|
(This used to be commit 523d1429b1072c999d376d2b4e13a1c08349990a)
|
|
The intention is to remove the muliple passdb backends, but we need the
'guest' account to always be there. If the admin adds the guest account to
(say) LDAP, there will only be one backend required for operation.
This helps remove some nasty behaviours with adding accounts to the system
for both the RPC 'create user' and the SAMSYNC code. Users 'added' with
an 'add user/machine' script won't magicly appear, and machine accounts
'pre-added' to unix, but not the smbpasswd file will not cause mayhem.
This commit also implements somthing tridge discussed with me, the concept
of 'default' passdb operation pointers - so that each backend does not
need it's own stub funcitons wrapping the default tdb privilages/group
mapping code.
This also removes an implicit 'sid->name' and 'name->sid' mapping from our
own local SID space, to winbind usernames. When adding mapping for NIS/LDAP
non-sam users in future, we need to be careful.
Andrew Bartlett
(This used to be commit 6f32fa234961a525760a05418a08ec48d22d7617)
|
|
used to be commit c31455779d7948e866fe1916425c3746134dea01)
|
|
hooked into pdb, and we need some access control on changing privileges. That's next
(This used to be commit f4f1f84a6bf1d356ccc83f0ecb135bef4a39619e)
|
|
misc libads fixes.
Andrew Bartlett
(This used to be commit 9c3a1710efba9fa4160004a554687d4b85927bb1)
|
|
(This used to be commit e9f56a157bd472914eebf64fde586104d8274717)
|
|
get them in should be indeterminate, so just picking the first one would be
bad...
Andrew Bartlett
(This used to be commit 21da8c3bb39c507eb90865549c3bb3538dcea138)
|
|
blame for the realloc() stuff.
Plus a couple of minor updates to libads.
Andrew Bartlett
(This used to be commit 34b2e558a4b3cfd753339bb228a9799e27ed8170)
|
|
(This used to be commit 01d78b828b89f04b70b53ded01a7f4b356979317)
|
|
Jeremy.
(This used to be commit 3d04872499332ef2d8e7479b924afc8fc1ac29d7)
|
|
Jeremy.
(This used to be commit daf179bcd6297b525bfc644efb154734723f4d58)
|
|
remove ldap_msgfree(result); as result is unitialized at this point
(This used to be commit dc8882778694289ca461de57d443992f52ab7524)
|
|
remove ldap_msgfree(result); as result is unitialized at this point
(This used to be commit 1102a6f8cdf295d564df5447a223b354be72895d)
|
|
connectivity problems.
Andrew Bartlett
(This used to be commit 68de9a59203ed9778f11b78f233dc437b9dab55d)
|
|
Andrew Bartlett
(This used to be commit 2a1adb8f81d8966e8919fffb9b4c69f3e6acd44f)
|
|
(This used to be commit 31894ba0e5847eb934688598cd8d65bead23c58b)
|
|
last changed at '0'.
We need to actually change this password sometime...
Andrew Bartlett
(This used to be commit 740bf439d2d1512127c873cf0e57697161d6566b)
|
|
on work by <steve@griffin.sio2.nl>.
Jeremy.
(This used to be commit 1cff725e37d04e25d2cd5523683b35c82d5040fa)
|
|
on work by <steve@griffin.sio2.nl>.
Jeremy.
(This used to be commit 465d86d95fbdeda423d1f4b06cee46c119a31447)
|
|
static 'unix' string, so we don't need a second pdb specific version.
Andrew Bartlett
(This used to be commit 91ca4771c6b834747b06fff21822a14e929de2c1)
|
|
the actual passdb modules decide that.
Andrew Bartlett
(This used to be commit f3432869b9c761a029fd804d244d0ea26b26173d)
|
|
warnings. (Adds a lot of const).
Andrew Bartlett
(This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
|
|
don't need a second just for pdb.
Also, remove magic 'is lp_guest_account' test - the magic RID should be
up to the passdb backend to set.
Andrew Bartlett
(This used to be commit f71c8338d35a2e8c73c3d8006ea6858cb522c715)
|
|
This patch makes Samba compile cleanly with -Wwrite-strings.
- That is, all string literals are marked as 'const'. These strings are
always read only, this just marks them as such for passing to other functions.
What is most supprising is that I didn't need to change more than a few lines of code (all
in 'net', which got a small cleanup of net.h and extern variables). The rest
is just adding a lot of 'const'.
As far as I can tell, I have not added any new warnings - apart from making all
of tdbutil.c's function const (so they warn for adding that const string to
struct).
Andrew Bartlett
(This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
|
|
Jeremy.
(This used to be commit aa8439a49ec4b9f433745fefa1e769e45398f4df)
|
|
named. Ensure we can query them.
Jeremy.
(This used to be commit 842e08e52a665ae678eea239759bb2de1a0d7b33)
|
|
named. Ensure we can query them.
Jeremy.
(This used to be commit 09a218a9f6fb0bd922940467bf8500eb4f1bcf84)
|
|
(This used to be commit adb34ee5b183d17ec0c26ec2cf4f591822c59900)
|
|
server = DC1 *
(This used to be commit f49de4c5176bf635ac080e082fda412066b466c8)
|
|
server = DC1 *
(This used to be commit 6b18ca9511ddcf1718f222af3f61491d1e5f3b60)
|
|
use FUNCTION_MACRO instead of __FUNCTION_
(This used to be commit 243763d6eb107ab2444d81025232c8fe795baaf1)
|
|
failed query) and my fixes to those fixes to use better NT_STATUS codes.
Andrew Bartlett
(This used to be commit 6040171cabe3ca215149708a6244e24bc9c2c4fa)
|
|
more useful error codes.
(This used to be commit 5b1185b4e8592e6bc1abe581950571e249c03a78)
|