summaryrefslogtreecommitdiff
path: root/source3/winbindd
AgeCommit message (Collapse)AuthorFilesLines
2012-09-12Avoid overriding default ccache for ads operations.Simo Sorce1-3/+3
Avoid overriding default ccache for ads operations. Nowadays various samba components may need to use GSSAPI and a default cred cache to perform their tasks. This code was completely overriding the whole process default ccache name, thus altering the current credentials and sometimes hijacking them (or getting preemptively hijaked). By using gss_krb5_import_cred we can instead use a private ccache (necessary sometimes to use a different set of credentials fromt he default cifs/fqdn@realm one, for example when contacting foreign DCs using trust credentials) that does not affect the rest of the process. For the kerberos versions which don't have gss_krb5_import_cred we fallback to temp override of KRB5CCNAME and gss_acquire_cred. Signed-off-by: Alexander Bokovoy <ab@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Alexander Bokovoy <ab@samba.org> Autobuild-Date(master): Wed Sep 12 21:18:09 CEST 2012 on sn-devel-104
2012-09-11docs: Move idmap manpage to there old location.Andreas Schneider8-891/+0
This wasn't planned and slipped trough, sorry. Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Sep 11 14:28:53 CEST 2012 on sn-devel-104
2012-09-07s3-smbldap: use smbldap_ prefixed functionsAlexander Bokovoy1-1/+1
2012-09-07wafsamba: Add support for manpages in SAMBA_MODULE.Andreas Schneider8-0/+891
2012-09-04s3-winbind: DON'T PANIC if we couldn't find the domain.Andreas Schneider1-1/+9
If we don't have a connection to a trusted domain but still try to do a lookup we shouldn't segfault. Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Sep 4 18:16:06 CEST 2012 on sn-devel-104
2012-08-23param: Add startup checks for valid server role/binary combinationsAndrew Bartlett1-0/+6
This should eliminate confusion from our users about what they can expect to successfully run. Andrew Bartlett
2012-08-21Fix bug #9098 - winbind does not refresh kerberos tickets.Jeremy Allison3-0/+39
Based on work from Ian Gordon <ian.gordon@strath.ac.uk>. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Aug 21 22:01:15 CEST 2012 on sn-devel-104
2012-08-21Fix bug #9104 - winbindd can mis-identify idle clients - can cause crashes ↵Herb Lewis1-1/+2
and NDR parsing errors. A connection is idle when both struct winbindd_cli_state->request AND struct winbindd_cli_state->response are NULL. Otherwise we can flag as idle a connection in the state of having sent the request to the winbindd child (request != NULL) but not yet received a reply (response == NULL). Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Aug 21 01:31:46 CEST 2012 on sn-devel-104
2012-08-15s3-winbind: Return the DC name from DC_PINGChristof Schmitt2-1/+13
The DC that was attempted to ping is useful for troubleshooting. Return the DC name in the response to the wbclient. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-15s3-winbind: Pass ping-dc result to clientChristof Schmitt1-1/+9
The client checks for an error code in response.data.auth.nt_status, make sure the result is stored there. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-13Ensure we update last_access on the winbindd child struct on each request.Jeremy Allison1-0/+1
2012-08-09Correctly check for errors in strlower_m() returns.Jeremy Allison4-5/+13
2012-08-09Check error returns from strupper_m() (in all reasonable places).Jeremy Allison6-15/+39
2012-07-24lib/param: Move all enum declarations to lib/paramAndrew Bartlett2-0/+2
This is in preperation for the parameter table being made common. Andrew Bartlett Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2012-07-23s3-winbind: Fix bug #9052 resolving our own "Domain Local" groups.Andreas Schneider2-4/+10
We don't resolve our own "Domain Local" groups since bug #7843 has been fixed. So we need to add the add resource groups to the sid list too. Before bug #7843 the "Domain Local" groups were added with a lookupuseraliases call, but this isn't done anymore for our domain so we need to resolve resource groups here. When to use Resource Groups: http://technet.microsoft.com/en-us/library/cc753670%28v=WS.10%29.aspx Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Jul 23 22:12:30 CEST 2012 on sn-devel-104
2012-07-23s3-winbind: Fix idmap initialization debug message.Guenther Deschner2-2/+2
Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Jul 23 18:19:00 CEST 2012 on sn-devel-104
2012-07-19Move everything to use the common pidfile functions.Jeremy Allison1-2/+3
The extra code in source3/lib/pidfile.c is no longer needed.
2012-07-19Make the s3 pidfile use the common code inside lib/util/pidfile.cJeremy Allison1-1/+1
2012-07-19Move source4/smbd/pidfile into lib/util in preparation for making it in common.Jeremy Allison1-2/+2
2012-07-18loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.Rusty Russell3-7/+7
They use talloc_tos() internally: hoist that up to the callers, some of whom don't want to us talloc_tos(). A simple patch, but hits a lot of files. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/winbindd/winbindd_pam.c: fix stackframe leakRusty Russell1-0/+1
check_info3_in_group() doesn't always free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/winbindd/idmap_tdb_common.c: fix stackframe leakRusty Russell1-0/+1
idmap_tdb_common_sid_to_unixid() doesn't always free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/winbindd/winbindd_util.c: fix stackframe leakRusty Russell1-2/+4
winbindd_can_contact_domain() doesn't always free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-17Enable AES in winbind.Andreas Schneider1-1/+1
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-14Fix bug #9016 - Connection to outbound trusted domain goes offline.Jeremy Allison1-6/+0
By the time we've gotten to init_dc_connection_network() we shouldn't be second guessing the caller by calling winbindd_can_contact_domain(). If for some reason we do need to restrict the contact list here we can add a condition to only contact the primary domain or domains listed in the tdc cache, but I don't think that's neccessary. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jul 14 03:17:57 CEST 2012 on sn-devel-104
2012-07-12s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam()Michael Adam4-5/+5
This does not check whether the given sid is in our domain, but but whether it belongs to the local sam, which is a different thing on a domain member server. Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
2012-07-12s3: rename sid_check_is_domain() to sid_check_is_our_sam()Michael Adam7-10/+10
This does not check whether the given sid is the domain sid, but whether it is the sid of the local sam, which is different for a domain member server.
2012-07-03s3-winbind: Remove obsolte idmap_adex.Andreas Schneider8-3781/+0
2012-06-22dbwrap: remove get_flags().Rusty Russell1-17/+2
The flags returned were TDB-specific: this was only used for detecting the endianness of obsolete databases (the conversion code was put in in 2003, with reference to Samba 2.3). It's easier to remove it than to translate the NTDB flags to TDB flags, and it's a really weird thing to ask for anyway. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-06-21s3:winbindd: do not expose negative cache idmap entries as valid mappings ↵Stefan Metzmacher1-6/+19
(bug #9002) metze
2012-06-21s3:winbindd: discard the expired gid cache if we're online (bug #9002)Stefan Metzmacher1-1/+1
This matches the uid case... metze
2012-06-21s3: Remove an unnecessary ()Volker Lendecke1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jun 21 16:05:30 CEST 2012 on sn-devel-104
2012-06-20idmap-hash: Attempt to fix Coverity ID 709116 Overflowed array index writeVolker Lendecke1-1/+6
Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Wed Jun 20 12:53:59 CEST 2012 on sn-devel-104
2012-06-20idmap-hash: Fix Coverity ID 709117 Dereference before null checkVolker Lendecke1-5/+5
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-20idmap-hash: Fix Coverity 709118 Dereference before null checkVolker Lendecke1-5/+5
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-20idmap-hash: Adapt mapfile_read_line to README.CodingVolker Lendecke1-1/+2
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-20idmap-hash: Fix Coverity ID 709119 Unused pointer valueVolker Lendecke1-1/+1
"p" is overwritten further down again before it's first use Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-19Fix unused variable warnings.Jeremy Allison1-5/+12
2012-06-19Remove unused variables.Jeremy Allison1-8/+0
2012-06-19TDB2: make SAMBA use tdb1 again for the moment.Rusty Russell1-4/+0
Otherwise the following surgery will break the SAMBA build and testsuite. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-06-18s3:idmap_tdb: fix miss in rename of dbwrap_trans_store_uint32() to ↵Michael Adam1-4/+4
dbwrap_trans_store_uint32_bystring()
2012-06-18dbwrap: Rename dbwrap_fetch_uint32->dbwrap_fetch_uint32_bystringAmitay Isaacs1-2/+2
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15s3-winbindd: fix the build of idmap_ad modules.Günther Deschner1-1/+2
Guenther Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Jun 15 18:16:11 CEST 2012 on sn-devel-104
2012-06-15dbwrap: dbwrap_trans_store_int32->dbwrap_trans_store_int32_bystringVolker Lendecke1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_change_uint32_atomic->dbwrap_change_uint32_atomic_bystringVolker Lendecke2-2/+2
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_store_uint32->dbwrap_store_uint32_bystringVolker Lendecke2-3/+5
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_fetch_uint32->dbwrap_fetch_uint32_bystringVolker Lendecke3-8/+9
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_store_int32->dbwrap_store_int32_bystringVolker Lendecke1-3/+4
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_fetch_int32->dbwrap_fetch_int32_bystringVolker Lendecke1-4/+4
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-11s3-winbindd: add comments about dump_core_setupMatthieu Patou1-0/+11
This patch is related to change 0ea7152ff479e32e25817e4ddb1c2a1569bad81d Comments are added to explain why we call dump_core_setup 3 times. Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Jun 11 21:21:11 CEST 2012 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-03-09 01:39:27 +0000