summaryrefslogtreecommitdiff
path: root/source3/winbindd/winbindd_cm.c
AgeCommit message (Collapse)AuthorFilesLines
2010-04-01s3:winbindd: fix problems with SIGCHLD handling (bug #7317)Stefan Metzmacher1-3/+0
The main problem is that we call CatchChild() within the parent winbindd, which overwrites the signal handler that was registered by winbindd_setup_sig_chld_handler(). That means winbindd_sig_chld_handler() and winbind_child_died() are never triggered when a winbindd domain child dies. As a result will get "broken pipe" for all requests to that domain. To reduce the risk of similar bugs in future we call CatchChild() in winbindd_reinit_after_fork() now. We also use a full winbindd_reinit_after_fork() in the cache validation child now instead instead of just resetting the SIGCHLD handler by hand. This will also fix possible tdb problems on systems without pread/pwrite and disabled mmap as we now correctly reopen the tdb handle for the child. metze
2010-04-01s3:winbindd: correctly invalidate the cached connectionStefan Metzmacher1-6/+11
There're maybe additional TCP connection for ncacn_ip_tcp. metze
2010-04-01s3:winbindd: make sure we don't try rpc requests against unaccessable domainsStefan Metzmacher1-5/+28
This makes sure we don't crash while trying to dereference domain->conn.cli->foo while trying to establish a rpc connection to the server. metze
2010-03-29s3:winbindd_cm: invalidate connection if cm_connect_netlogon() failsStefan Metzmacher1-2/+2
metze
2010-03-29s3:winbindd: consistently use TALLOC_FREE(conn->foo_pipe) is we create a new ↵Stefan Metzmacher1-0/+5
connection metze
2010-03-29s3:winbindd_cm: use rpccli_is_connected() helper functionStefan Metzmacher1-4/+4
metze
2010-03-29s3:winbindd_cm: use cli_state_is_connected() helper functionStefan Metzmacher1-14/+4
metze
2010-02-23s3 move the sitename cache in its own fileSimo Sorce1-0/+1
2010-02-23s3:winbindd: never mark external domains as internal!Stefan Metzmacher1-4/+1
This way we can endup with silently using builtin_passdb_methods for an ad domain without an inbound trust. This fixes bug #7170. metze
2010-01-06s3: Fix infinite loop in NCACN_IP_TCP asa there is no timeout. Assume ↵Bo Yang1-1/+2
lsa_pipe_tcp is ok but network is down, then send request is ok, but select() on writeable fds loops forever since there is no response. Signed-off-by: Bo Yang <boyang@samba.org>
2009-11-26s3-rpc: Avoid including every pipe's client and server stubs everywhere in ↵Günther Deschner1-0/+4
samba. Guenther
2009-11-24s3: Always try SamLogonExVolker Lendecke1-2/+6
Required for cluster systems working in a Samba domain. With NT4 this won't work, but real NT4 DCs should not be around in environments that pay big bucks for a cluster... And if they are, they can always install a Samba DC trusting that NT4 domain.
2009-10-13s3: use enum netr_SchannelType all over the place.Günther Deschner1-1/+1
Guenther
2009-10-05Revert "s3: Attempt to fix machine password change"Volker Lendecke1-2/+0
This reverts commit 20a8ea91e10af167067cc794a251265aaf489e75. Ooops, this should not have been committed.
2009-10-05s3: Attempt to fix machine password changeVolker Lendecke1-0/+2
2009-09-25s3:winbindd_cm: don't invalidate the whole connection when just samr gave ↵Stefan Metzmacher1-1/+12
ACCCESS_DENIED metze
2009-09-24Revert "s3:winbindd: use a tcp connection for lsa in case ↵Stefan Metzmacher1-9/+0
lookup_names/lookup_sids doesn't work over ncacn_np" This reverts commit f23691cffd39e5df81b7b075e61ed1def6cce9f6. This should not have been commited... metze
2009-09-24s3:winbindd: use a tcp connection for lsa in case lookup_names/lookup_sids ↵Günther Deschner1-0/+9
doesn't work over ncacn_np metze
2009-09-23s3:winbind: Fix an uninitialized variableVolker Lendecke1-1/+1
2009-09-22s3-winbindd: Fix Bug #6711: trusts to windows 2008 (2008 r2) not working.Günther Deschner1-0/+2
Winbindd should always try to use LSA via an schannel authenticated ncacn_ip_tcp connection when talking to AD for LSA lookup calls. In Samba <-> W2k8 interdomain trust scenarios, LookupSids3 and LookupNames4 via an schannel ncacn_ip_tcp LSA connection are the *only* options to successfully resolve sids and names. Guenther
2009-09-22s3-winbindd: add cm_connect_lsa_tcp().Günther Deschner1-0/+59
Guenther
2009-09-15s3-dcerpc: use dcerpc_AuthLevel and remove duplicate set of flags.Günther Deschner1-5/+5
Guenther
2009-09-11s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_schannel().Günther Deschner1-3/+4
Guenther
2009-09-11s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_spnego_ntlmssp ↵Günther Deschner1-1/+2
and cli_rpc_pipe_open_ntlmssp. Guenther
2009-09-09s3-winbindd: Fix Bug #6700: Use dns domain name when needing to guess server ↵Günther Deschner1-1/+1
principal. Patch from Robert LeBlanc <robert@leblancnet.us>. Thanks! Guenther
2009-08-23s3:winbind: For internal domains it is pointless to connect to a DCVolker Lendecke1-0/+6
2009-07-28Added prefer_ipv4 bool parameter to resolve_name().Jeremy Allison1-2/+2
W2K3 DC's can have IPv6 addresses but won't serve krb5/ldap or cldap on those addresses. Make sure when we're asking for DC's we prefer IPv4. If you have an IPv6-only network this prioritizing code will be a no-op. And if you have a mixed network then you need to prioritize IPv4 due to W2K3 DC's. Jeremy.
2009-07-27Fix a typoVolker Lendecke1-1/+1
2009-05-07Fix some type-punned warningsVolker Lendecke1-2/+5
2009-04-21s3-secdesc: use SEC_FLAG_MAXIMUM_ALLOWED instead of SEC_RIGHTS_MAXIMUM_ALLOWED.Günther Deschner1-9/+9
Guenther
2009-04-20Fix to use modified cli_rpc_pipe_open_schannel_with_key APIAndrew Bartlett1-2/+2
2009-04-20Remove use of talloc_reference in cli_rpc_pipe_open_schannel_with_key()Andrew Bartlett1-1/+1
2009-04-14s3: Fix ntlm_auth and winbindd to use new common libcli/auth APIsAndrew Bartlett1-9/+9
2009-04-14Rework Samba3 to use new libcli/auth code (partial)Andrew Bartlett1-0/+1
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett
2009-03-18s3: remove POLICY_HND.Günther Deschner1-3/+3
Guenther
2009-03-17Fix a valgrind errorVolker Lendecke1-1/+1
Found in "make test" -- if we can't connect at all, "cli" is uninitialized
2009-03-13Remove pwd_cache.c, it was doing nothing. Make user_name, domain, andJeremy Allison1-14/+25
password talloc'ed strings within the cli_struct. Jeremy.
2009-03-06s3:winbindd_cm: remove useless cli_setup_signing_state(*cli, Undefined) callStefan Metzmacher1-2/+0
cli_setup_signing_state() with Undefined is a noop. metze
2009-01-30Make cli_tcon_andx asyncVolker Lendecke1-7/+2
2009-01-14Fix bug in get_dc_name_via_netlogon(), null pointer refrence.Bo Yang1-1/+1
2009-01-13From boyang - ensure we never "return" from a forked child, always _exit().Jeremy Allison1-3/+3
Jeremy.
2009-01-06Make winbindd_cm.c use winbindd_reinit_after_fork().Jeremy Allison1-14/+10
Jeremy.
2009-01-05s3:events: change event_add_timed() prototype to match samba4Stefan Metzmacher1-4/+2
metze
2009-01-05s3:winbindd: regain tickets for all ccache entries, when we go onlineStefan Metzmacher1-7/+1
set_event_dispatch_time() is stupid by design and only handles the first event with a given name. metze
2009-01-05s3:winbindd: recreate the per domain check_online_event without relying on ↵Stefan Metzmacher1-19/+20
global state set_event_dispatch_time() is stupid by design and just picks the first event with the given name. metze
2009-01-05Fix broken krb5 refresh chainBo Yang1-0/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-01-05clean event context after child is forked.Bo Yang1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-12-19Make cli_negprot return NTSTATUS instead of boolVolker Lendecke1-3/+4
2008-12-03s3: Change sockaddr util function names for consistencyTim Prouty1-1/+1
Also eliminates name conflicts with OneFS system libraries
2008-11-03s3: fix a few "shadows a global declaration" warningsTim Prouty1-4/+4
generated by cgit (git 2.34.1) at 2024-11-03 11:34:35 +0000