summaryrefslogtreecommitdiff
path: root/source3/passdb
AgeCommit message (Collapse)AuthorFilesLines
2012-07-18source3/passdb/py_passdb.c: wrap all calls in talloc_stackframe()Rusty Russell1-519/+489
dbwrap needs it. Some calls were already wrapped, but they checked the talloc_stackframe() return unnecessarily: it can never be NULL. This is the coccinelle patch I used: // Add in a stackframe to every function: be sure to free it on (every) return @rule0@ identifier func; @@ func(...) { +TALLOC_CTX *frame = talloc_stackframe(); <... +talloc_free(frame); return ...; ...> } // Get rid of tframe allocation/frees, replace usage with frame. @rule1@ identifier func; identifier oldframe; @@ func(...) { ... -TALLOC_CTX *oldframe; ... -if ((oldframe = talloc_stackframe()) == NULL) { - ... -} <... -talloc_free(oldframe); ...> } // Get rid of tframe (variant 2) @rule2@ identifier func; identifier oldframe; @@ func(...) { ... -TALLOC_CTX *oldframe; ... -oldframe = talloc_stackframe(); -if (oldframe == NULL) { - ... -} <... -talloc_free(oldframe); ...> } // Change tframe to frame @rule3@ identifier func; @@ func(...) { <... -tframe +frame ...> } Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/passdb/py_passdb.c: don't steal from talloc_stackframe().Rusty Russell1-15/+2
If you want a stack-style allocation, use talloc_stackframe(). If you don't, don't use it. In particular, talloc_stackframe() here is actually inside a pool, and stealing from pools is a bad idea. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.Rusty Russell7-44/+41
They use talloc_tos() internally: hoist that up to the callers, some of whom don't want to us talloc_tos(). A simple patch, but hits a lot of files. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-15s3-secrets: Use C99 typesAndrew Bartlett1-6/+6
2012-07-13s3-auth Remove unused global_machine_account_needs_changingAndrew Bartlett1-11/+0
This boolean was only set if the old machine account store (with an MD4 hash in it) was returned. We have not set that password type for years. If this call ever worked, it would store a plaintext password, so we could only ever be here if we had set a password using a version of Samba so old as not to store plaintext, and then never honered the flag anyway. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jul 13 07:52:40 CEST 2012 on sn-devel-104
2012-07-12s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam()Michael Adam6-10/+10
This does not check whether the given sid is in our domain, but but whether it belongs to the local sam, which is a different thing on a domain member server. Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
2012-07-12s3: rename sid_check_is_domain() to sid_check_is_our_sam()Michael Adam5-10/+10
This does not check whether the given sid is the domain sid, but whether it is the sid of the local sam, which is different for a domain member server.
2012-07-12s3:passdb: remove commented out pdb_lookup_names codeMichael Adam1-82/+0
This code is lying there unused since more than five years now.
2012-07-03s3-passdb: Remove obsolte ldapsam_compat support.Andreas Schneider5-179/+6
2012-06-27s3-param: Rename loadparm_s3_context -> loadparm_s3_helpersAndrew Bartlett1-1/+1
This helps clarify the role of this structure and wrapper function. The purpose here is to provide helper functions to the lib/param loadparm_context that point back at the s3 lp_ functions. This allows a struct loadparm_context to be passed to any point in the code, and always refer to the correct loadparm system. If this has not been set, the variables loaded in the lib/param code will be returned. As requested by Michael Adam. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 27 17:11:16 CEST 2012 on sn-devel-104
2012-06-27s3-pdb_samba4: Remove dupliate profilePath handlingAndrew Bartlett1-6/+0
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 27 13:16:26 CEST 2012 on sn-devel-104
2012-06-27s3-pdb_samba4: Add support for lastLogon and lastLogoffAndrew Bartlett1-2/+10
2012-06-27s3-pdb_samba4: Fix time handling, use nt_time_to_unix()Andrew Bartlett1-1/+1
This matches 478d74fe1447c4588b14ef7040c8c13339d54026 which I failed to merge from pdb_ads. Andrew Bartlett
2012-06-26s3-pdb_samba4: Allocate and free a talloc_stackframe() in ↵Andrew Bartlett1-3/+10
pdb_samba4_replace_by_sam()
2012-06-19Fix unused variable warnings.Jeremy Allison1-6/+2
Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jun 19 21:17:51 CEST 2012 on sn-devel-104
2012-06-16s3-passdb: Remove pdb_adsAndrew Bartlett2-2702/+0
pdb_ads was an important module in the development of the combined Samba 4.0, and was the first module to show that standard samba3 tools such as smbpasswd can be made to operate on the sam.ldb. We now have pdb_samba4, which operates directly on the sam.ldb, rather than via ldapi://, which uses transactions and which is supported and tested as part of the official Samba 4.0 release configuration. This module is not as complete (for example, it does not honour the idmap configuration) and requires that the samba binary be running to operate. Andrew Bartlett
2012-06-15dbwrap: dbwrap_trans_store_uint32->dbwrap_trans_store_uint32_bystringVolker Lendecke1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Fri Jun 15 14:20:04 CEST 2012 on sn-devel-104
2012-06-15dbwrap: ↵Volker Lendecke1-2/+2
dbwrap_trans_change_int32_atomic->dbwrap_trans_change_int32_atomic_bystring Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: ↵Volker Lendecke1-2/+2
dbwrap_trans_change_uint32_atomic->dbwrap_trans_change_uint32_atomic_bystring Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_store_uint32->dbwrap_store_uint32_bystringVolker Lendecke2-2/+3
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_fetch_uint32->dbwrap_fetch_uint32_bystringVolker Lendecke2-4/+4
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_store_int32->dbwrap_store_int32_bystringVolker Lendecke1-4/+4
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_fetch_int32->dbwrap_fetch_int32_bystringVolker Lendecke1-7/+8
Signed-off-by: Michael Adam <obnox@samba.org>
2012-05-24s3-passdb: Fix negative SID->uid/gid/both cache handlingIra Cooper1-0/+14
-1 uid/gid/both signals a non existent uid/gid/both. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-23Introduce system MIT krb5 build with --with-system-mitkrb5 option.Alexander Bokovoy1-2/+2
System MIT krb5 build also enabled by specifying --without-ad-dc When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level configure in WAF build we are trying to detect and use system-wide MIT krb5 libraries. As result, Samba 4 DC functionality will be disabled due to the fact that it is currently impossible to implement embedded KDC server with MIT krb5. Thus, --with-system-mitkrb5/--without-ad-dc build will only produce * Samba 4 client libraries and their Python bindings * Samba 3 server (smbd, nmbd, winbindd from source3/) * Samba 3 client libraries In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture. This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
2012-05-23s3-passdb: add unixid_from_uid/unixid_from_gid/unixid_from_both APIAlexander Bokovoy1-0/+47
struct unixid is defined in idmap.idl and therefore to use it one would need generated headers from librpc/gen_ndr. Not all of these files are installed and available as public headers. Also, they pull in some support headers which requires them to be available via specific locations like <librpc/gen_ndr/*> or <libcli/util>. Instead of pulling the headers to get structure and enum definitions, introduce three simple helpers to fill in 'struct unixid' based on the type of id. This is sufficient for PASSDB users and does not require exposing generated headers or code.
2012-05-10Fix bug 8920, null dereferenceSteve Langasek1-1/+3
Description: Avoid null dereference in initialize_password_db() When initialize_password_db() is called with reload=True, it's assumed that the free_private_data member of pdb_methods is non-null. This is not necessarily the case, as the tdb backend has no private data and therefore no free function. Check to see if we have private data that needs freed before calling. Author: Steve Langasek <steve.langasek@ubuntu.com> Bug-Ubuntu: https://bugs.launchpad.net/bugs/829221 Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Thu May 10 11:07:27 CEST 2012 on sn-devel-104
2012-05-04s3: Use hex_encode_bufVolker Lendecke1-4/+1
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Fri May 4 20:32:37 CEST 2012 on sn-devel-104
2012-05-04s3: Use hex_encode_bufVolker Lendecke1-3/+1
2012-05-03s3:passdb fix a compiler warningChristian Ambach1-1/+1
this one could have caused crashes Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Thu May 3 23:22:05 CEST 2012 on sn-devel-104
2012-05-03s3-pypassdb: add wrapper for enum_group_membershipsAndrew Bartlett1-1/+57
This will be used in samba3upgrade to try and get the group memberships by instead asking for the groups each user is in. This reverse lookup may be more reliable, as this is used at login time. Andrew Bartlett
2012-05-03s3-pypassdb: remove unused variableAndrew Bartlett1-2/+0
2012-05-02s3-passdb: Add extra debug on ID mapping failuresAndrew Bartlett1-0/+7
Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Wed May 2 15:34:13 CEST 2012 on sn-devel-104
2012-05-02s3-idmap: convert most idmap_cache callers to unixid APIAndrew Bartlett2-19/+29
This will eventually allow the struct unixid to be passed all the way up and down the stack. Andrew Bartlett Signed-off-by: Michael Adam <obnox@samba.org>
2012-05-02s3:passdb: remove a forward declaration of wbcSidToUnixId that has become ↵Michael Adam1-1/+0
unnecessary
2012-05-02s3:passdb: rename sids_to_unix_ids() --> sids_to_unixids() for consistencyMichael Adam2-3/+3
2012-05-02s3-passdb: Use struct unixid in sids_to_unix_idsAndrew Bartlett2-18/+32
This avoids the union in the struct wbcUnixId and moves us to using only struct unixid internally. Andrew Bartlett Signed-off-by: Michael Adam <obnox@samba.org>
2012-05-02s3-passdb: Rename legacy_sid_to_id -> legacy_sid_to_unixid for clarityAndrew Bartlett1-3/+3
Signed-off-by: Michael Adam <obnox@samba.org>
2012-05-02s3-passdb: Change pdb_sid_to_id() to return struct unixidAndrew Bartlett7-133/+142
This will make it easier to consistantly pass a struct unixid all the way up and down the idmap stack, and allow ID_TYPE_BOTH to be handled correctly. Andrew Bartlett Signed-off-by: Michael Adam <obnox@samba.org>
2012-04-30passdb: Do not panic in initialize_password_dbChristof Schmitt1-17/+17
A call to initialize_password_db leads to smb_panic in case the backend returns an error. All callers to initialize_password_db check the return value, so this code path should return the status instead of calling smb_panic. Move the call to smb_panic from pdb_get_methods_reload pdb_get_methods to get it out of the initialize code path. This allows printing the proper error message for 'net getlocalsid' which is much nicer than printing the panic stack trace.
2012-04-21s3: Remove two unused variablesVolker Lendecke1-2/+0
2012-04-20s3:passdb: do not use the in-memory idmap cache (it will be removed)Michael Adam3-156/+0
2012-04-20s3: Remove an unused variableVolker Lendecke1-1/+0
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Fri Apr 20 12:44:20 CEST 2012 on sn-devel-104
2012-04-19s3-passdb: Remove unused sampass->pass_must_change_timeAndrew Bartlett5-36/+3
There is no need to call pdb_set_pass_must_change_time() because nothing ever consults that value. It is always calculated from the domain policy. Also, this means we no longer store the value in LDAP. The value would only ever be set when migrating from tdbsam or smbpasswd, not on password changes, so would become incorrect over time. Andrew Bartlett
2012-04-06build: Remove SMB_OFF_T, replace with off_tAndrew Bartlett1-2/+2
Now that we always require a 64 bit off_t, we no longer need SMB_OFF_T. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Apr 6 01:47:43 CEST 2012 on sn-devel-104
2012-04-05build: Remove SMB_F* locking definesAndrew Bartlett1-1/+1
2012-04-05build: Remove SMB_STRUCT_FLOCK defineAndrew Bartlett1-1/+1
2012-04-05build: Remove sys_fopen wrapperAndrew Bartlett1-3/+3
2012-04-05build: Remove sys_open wrapperAndrew Bartlett1-1/+1
2012-04-05build: Remove sys_ftell wrapperAndrew Bartlett1-1/+1