summaryrefslogtreecommitdiff
path: root/source3/winbindd
AgeCommit message (Collapse)AuthorFilesLines
2010-07-01s3-nss_info: only include nss_info.h where needed.Günther Deschner4-0/+4
Guenther
2010-07-01s3-libads: move ldap posix schema defines to their own header file.Günther Deschner1-0/+1
Guenther
2010-07-01s3-libads: only include libds flags where needed.Günther Deschner3-0/+3
Guenther
2010-06-28s3: More cleanup in winbindd_ads.c:query_userVolker Lendecke1-13/+10
We can't ads_msgfree after the ads struct has been killed. Do early returns.
2010-06-28s3: Fix a valgrind errorVolker Lendecke1-2/+1
nss_get_info_cached does not necessarily fill in gid
2010-06-28s3: Re-arrange winbindd_ads.c:query_userVolker Lendecke1-23/+24
We can't access the LDAP message after nss_get_info_cached has potentially destroyed the ads_struct
2010-06-28s3: free -> SAFE_FREEVolker Lendecke1-1/+1
2010-06-28s3: Do an early TALLOC_FREEVolker Lendecke1-2/+5
2010-06-25s3: Fix a winbind crashVolker Lendecke1-0/+10
nss_get_info_cached might deep inside sequence_number() invalidate the ads_struct without telling its callers.
2010-06-25s3: Fix a winbind crashVolker Lendecke1-1/+6
nss_get_info_cached might have invalidated "ads" deep inside.
2010-06-21s3-winbind: Make KRB5_EVENT_REFRESH_TIME a functionVolker Lendecke1-6/+12
2010-06-21s3:idmap_ldap: remove unreached code (and explicit error return code)Michael Adam1-5/+1
2010-06-17Use #defined constant instead of "false" to be clearer about intent.Jeremy Allison1-1/+1
2010-06-10s3:winbindd use common server context functionsSimo Sorce4-54/+3
2010-06-09s3-winbind: Fixed setting default sequence number.Andreas Schneider1-1/+1
2010-06-03s3: remove unused librpc/ndr/sid.c.Günther Deschner1-0/+1
Guenther
2010-06-01s3:winbindd: make sure we only call static_init_idmap onceStefan Metzmacher1-7/+18
metze Signed-off-by: Michael Adam <obnox@samba.org>
2010-06-01s3:winbind Ensure we always init idmap_passdb before we use itAndrew Bartlett1-0/+4
It seems that it is possible for idmap_init_passdb_domain() to be run before idmap_init_domain(), so ensure we run the static init functions in both. Andrew Bartlett Signed-off-by: Michael Adam <obnox@samba.org>
2010-05-31s3:winbindd move reinit_after_fork() back out of winbindd_register_handlersAndrew Bartlett1-12/+12
This particular init function needs to be done in a native Samba3 build, but it turns out to be difficult for s3compat, which has other code listening on the sockets. Andrew Bartlett
2010-05-31s3:winbind Make state->mem_ctx a talloc child of stateAndrew Bartlett1-1/+1
This way everything is destoryed at the conclusion of the connection correctly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-05-31s3:winbind tidy up connecting the winbind sockets.Andrew Bartlett3-49/+20
By putting this code inline in winbindd_setup_listeners() we remove 2 static variables and simplify the code. By putting the get_winbind_priv_pipe_dir() in the same file, we allow it to be reimplemented in s3compat. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-05-31Revert "s3:winbindd Split helper functions to allow s3compat to call them"Andrew Bartlett2-30/+22
I'm experimenting with a different entry point This reverts commit f5c0f90da5f5372ca6b7a72daa8d073a2444a068.
2010-05-31ntlmssp: Make the ntlmssp.h from source3/ a common headerAndrew Bartlett1-1/+1
The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3: only use netlogon/nbt header when needed.Günther Deschner2-0/+2
Guenther
2010-05-31s3-build: only use ndr_security.h where needed.Günther Deschner2-0/+2
Guenther
2010-05-28s3:winbind Kill amusing but un-used winbindd_kill_all_clientsAndrew Bartlett2-18/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-05-26s3-samr: move chgpasswd.c out of smbd and into the samr server.Günther Deschner1-0/+1
Guenther
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett25-204/+204
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-20s3:winbind:idmap_tdb2_set_mapping: untangle assignment from checkMichael Adam1-1/+2
2010-05-18s3-rpc_client: move protos to cli_lsarpc.hGünther Deschner2-0/+2
Guenther
2010-05-18s3-rpc_client: move protos to cli_netlogon.hGünther Deschner2-0/+2
Guenther
2010-05-18s3-rpc_client: move protos to cli_samr.hGünther Deschner2-0/+2
Guenther
2010-05-18s3:winbind use no_srv_register to avoid needing rpc_srv_registerAndrew Bartlett1-10/+0
This pidl attribute avoids the need for this dummy function, which helps s3compat. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18s3: Remove use of iconv_convenience.Jelmer Vernooij3-4/+4
2010-05-18s3-crypto: only include crypto headers when crypto is done.Günther Deschner1-0/+1
Guenther
2010-05-18s3-rpc_misc: clean out include/rpc_misc.h.Günther Deschner4-4/+4
Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther
2010-05-17s3-kerberos: pass down kdc_name to create_local_private_krb5_conf_for_domain().Günther Deschner1-2/+4
Guenther
2010-05-17s3-winbind: make the getpeername() checks in cm_prepare_connection IPv6 aware.Günther Deschner1-5/+25
Note that this failure was hard to track, as winbind did only log a super helpful "cm_prepare_connection: Success" debug message. IPv6 gurus, please check Successfully tested in two independent IPv6 networks now. Guenther
2010-05-17s3:winbind:idmap_tdb: don't check ranges when an invalid entry was found.Michael Adam1-0/+1
There is no point in checking the ranges this if the record found had an invalid/unknown type: the mapping is not filled in. If it were initialized to some defaults before, the check just might replace the status NT_STATUS_INTERNAL_DB_ERROR with a NT_STATUS_NONE_MAPPED, which is not as precise.
2010-05-13s3:winbindd Provide a winbindd_register_handlers() helper function for s3compatAndrew Bartlett2-95/+102
This function provides a useful entry point for s3compat to set things up in winbindd. Andrew Bartlett
2010-05-13s3:winbindd Split helper functions to allow s3compat to call themAndrew Bartlett2-22/+30
This provides a more useful entry point for s3compat. Andrew Bartlett
2010-05-13s3:Winbindd Move winbindd_event_context to a different fileAndrew Bartlett3-12/+40
This allows this function to be easily replaced in s3compat Andrew Bartlett
2010-05-13s3:winbindd Rename 'children' to 'winbindd_children' and make staticAndrew Bartlett1-9/+9
2010-05-13s3:winbindd Remove call to namecache_enable().Andrew Bartlett1-4/+0
This call only prints a DEBUG() Andrew Bartlett
2010-05-11s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATAAndrew Bartlett1-14/+15
All the callers just want the PAC_LOGON_INFO, so search for that in ads_verify_ticket(), and don't bother the callers with the rest of the PAC. This change makes sense on it's own (removing boilerplate wrappers that just confuse the code), but it also makes it much easier to implement a matching ads_verify_ticket() function in Samba4 for the s3compat proposal. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-06s3: only include gen_ndr headers where needed.Günther Deschner5-0/+5
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time as follows: ccache build w/o patch real 4m21.529s ccache build with patch real 3m6.402s pch build w/o patch real 4m26.318s pch build with patch real 3m6.932s Guenther
2010-05-02s3: Unify DEBUG_KRB5_TKT_REGAIN and DEBUG_KRB5_TKT_RENEWALVolker Lendecke1-1/+1
I don't think it makes sense to #ifdef this one case separately. Metze, Bo Yang, please check!
2010-05-02s3: Fix a typoVolker Lendecke1-1/+1
2010-05-02s3: Fix the code order in append_auth_dataVolker Lendecke1-7/+7
This is to comply with the comment "currently, anything from here on potentially overwrites extra_data." Günther, please check!
2010-04-29s3: range-check idmap script outputVolker Lendecke1-0/+13
Not doing so results in the id mapping succeeding once unchecked and later on being refused, because when reading from the tdb we do the checks.