Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-05-11 | Fix a bunch of compiler warnings about wrong format types. | Jeremy Allison | 5 | -11/+14 | |
Should make Solaris 10 builds look cleaner. Jeremy. | |||||
2009-05-11 | Fix some nonempty blank lines | Volker Lendecke | 1 | -37/+37 | |
2009-05-07 | Fix some type-punned warnings | Volker Lendecke | 3 | -7/+13 | |
2009-05-07 | Remove a misleading comment | Volker Lendecke | 1 | -2/+0 | |
2009-05-07 | Fix some nonempty blank lines | Volker Lendecke | 1 | -11/+10 | |
2009-04-24 | s3-idmap: Fix bug #6286: Call init function for builtin idmap modules before ↵ | Günther Deschner | 1 | -0/+2 | |
probing for them as shared modules. idmap-gurus of the world, please check. Guenther | |||||
2009-04-21 | s3-secdesc: use SEC_FLAG_MAXIMUM_ALLOWED instead of SEC_RIGHTS_MAXIMUM_ALLOWED. | Günther Deschner | 2 | -12/+12 | |
Guenther | |||||
2009-04-20 | Fix to use modified cli_rpc_pipe_open_schannel_with_key API | Andrew Bartlett | 1 | -2/+2 | |
2009-04-20 | Remove use of talloc_reference in cli_rpc_pipe_open_schannel_with_key() | Andrew Bartlett | 1 | -1/+1 | |
2009-04-14 | s3: Fix ntlm_auth and winbindd to use new common libcli/auth APIs | Andrew Bartlett | 1 | -9/+9 | |
2009-04-14 | Rework Samba3 to use new libcli/auth code (partial) | Andrew Bartlett | 5 | -3/+8 | |
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett | |||||
2009-04-07 | s3-libads: avoid NULL talloc context with ads_get_dn(). | Günther Deschner | 2 | -2/+2 | |
Guenther | |||||
2009-04-06 | s3:libads Make ads_get_dn() take a talloc context | Andrew Bartlett | 4 | -11/+11 | |
Also remove ads_memfree(), which was only ever a wrapper around SAFE_FREE, used only to free the DN from ads_get_ds(). This actually makes libgpo more consistant, as it mixed a talloc and a malloc based string on the same element. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-03-23 | ѕ3/winbind_pam: fix gcc 4.4 compile warning | Björn Jacke | 1 | -1/+1 | |
2009-03-18 | s3: remove POLICY_HND. | Günther Deschner | 6 | -25/+25 | |
Guenther | |||||
2009-03-18 | s3:winbindd: accept new connections via fd events | Stefan Metzmacher | 1 | -52/+100 | |
metze | |||||
2009-03-18 | s3:winbindd: move non event related code out of process_loop() in the the caller | Stefan Metzmacher | 1 | -22/+21 | |
metze | |||||
2009-03-18 | s3:winbindd: remove unused close_winbindd_socket() function | Stefan Metzmacher | 2 | -19/+0 | |
metze | |||||
2009-03-17 | Fix #6130: Don't crash in winbindd_rpc lookup_groupmem() on unmapped members | Volker Lendecke | 1 | -7/+8 | |
Thanks to François Legal <devel@thom.fr.eu.org> for reporting this bug | |||||
2009-03-17 | Fix a valgrind error | Volker Lendecke | 1 | -1/+1 | |
Found in "make test" -- if we can't connect at all, "cli" is uninitialized | |||||
2009-03-13 | Remove pwd_cache.c, it was doing nothing. Make user_name, domain, and | Jeremy Allison | 1 | -14/+25 | |
password talloc'ed strings within the cli_struct. Jeremy. | |||||
2009-03-12 | Fix #6167: winbindd -n should disable the winbind idmap cache | Volker Lendecke | 1 | -20/+50 | |
2009-03-12 | Make opt_nocache static to winbindd.c | Volker Lendecke | 4 | -7/+17 | |
2009-03-07 | Shape up pdb_search a bit by making it a talloc ctx with a destructor | Volker Lendecke | 1 | -6/+6 | |
2009-03-06 | s3:winbindd_cm: remove useless cli_setup_signing_state(*cli, Undefined) call | Stefan Metzmacher | 1 | -2/+0 | |
cli_setup_signing_state() with Undefined is a noop. metze | |||||
2009-03-04 | Fix careless mistake in winbindd_setup_sig_usr2_handler | Bo Yang | 1 | -1/+1 | |
2009-03-02 | More fix to initialize idmap statuses | Bo Yang | 7 | -0/+70 | |
2009-02-27 | Initialize the id_map status in idmap_ldap to avoid surprise | Bo Yang | 1 | -0/+8 | |
2009-02-23 | More warning fixes for Solaris. | Jeremy Allison | 3 | -11/+11 | |
Jeremy. | |||||
2009-02-17 | s3:winbindd: make do_async_domain() static. | Michael Adam | 2 | -12/+6 | |
Michael | |||||
2009-02-11 | s3: Implement wbcGetSidAliases | Dan Sledz | 5 | -88/+126 | |
* Adds wbcGetSidAliases that calls the lookup_useraliases function. * Updates wbinfo and winbind_util.c to call the new function. * Also added winbind_get_groups helper function. | |||||
2009-02-11 | s3: Implement wbcGetpwsid | Dan Sledz | 3 | -4/+26 | |
* Adds the plumbing required to lookup users by sid into winbind, wbinfo and smbd helper lib (winbind_util.c). * Removes some double declarations of winbind_util.c functions. * Bumps the winbind protocol version to 21 and the minor version of wbclient to 3. | |||||
2009-02-09 | Revert "s3:winbindd_user: create domain connection in winbindd_fill_pwent if ↵ | Michael Adam | 1 | -1/+1 | |
necessary." This reverts commit 487f5e7b4768cfe9e511b0ba56f16c411e21f702. I was confused about the real meaning of find_domain_from_name_noinit() vs. find_domain_from_name(). We don't need the connection established here, just the domain struct which gets initialized by rescan_trusted_domains(). Sorry for the noise. Michael | |||||
2009-02-09 | s3:winbindd_user: create domain connection in winbindd_fill_pwent if necessary. | Michael Adam | 1 | -1/+1 | |
Calling find_domain_from_name_noinit() might not be enough here. This makes winbindd_getpwent() behave the same as winbindd_getgrent(). Michael | |||||
2009-02-09 | s3:winbindd_user: fix a debug message. | Michael Adam | 1 | -2/+2 | |
find_domain_from_name_noinit() is no longer called only for name alias support. Michael | |||||
2009-02-09 | async_sock: Use unix errnos instead of NTSTATUS | Kai Blin | 1 | -21/+0 | |
This also switches wb_reqtrans to use wbcErr instead of NTSTATUS as it would be pointless to convert to errno first and to wbcErr later. | |||||
2009-02-07 | Fix coverity ID 876 (FORWARD_NULL) | Volker Lendecke | 1 | -0/+1 | |
Michael, please check! | |||||
2009-02-06 | s3:idmap_tdb2: untangle assignment and check in idmap_tdb2_alloc_load() | Michael Adam | 1 | -6/+4 | |
Michael | |||||
2009-02-06 | s3:idmap_tdb2: factor lodaing of ranges out into idmap_tdb2_load_ranges() | Michael Adam | 1 | -25/+41 | |
Michael | |||||
2009-02-06 | s3:idmap_tdb2: move together code that belongs together in idmap_tdb2_alloc_load | Michael Adam | 1 | -7/+8 | |
Michael | |||||
2009-02-06 | s3:idmap_tdb2: streamline idmap_tdb2_sid_to_id, | Michael Adam | 1 | -6/+7 | |
adding tmp talloc ctx and removing a variable Michael | |||||
2009-02-06 | s3:idmap_tdb: simplify talloc usage with temp context from talloc_stackframe | Michael Adam | 1 | -6/+2 | |
Michael | |||||
2009-02-06 | s3:idmap_tdb: refactor out new function idmap_tdb_load_ranges() | Michael Adam | 1 | -22/+30 | |
Michael | |||||
2009-02-06 | s3:idmap_tdb: use transactions in idmap_tdb_allocate_id() | Michael Adam | 1 | -1/+18 | |
Michael | |||||
2009-02-06 | s3:idmap_tdb: add tmp talloc ctx to idmap_tdb_sid_to_id and remove an fstring | Michael Adam | 1 | -7/+5 | |
Michael | |||||
2009-02-02 | s3 build: Fix "assignment discards qualifiers from pointer target type" warnings | Tim Prouty | 2 | -13/+6 | |
2009-02-01 | Add two new parameters to control how we verify kerberos tickets. Removes ↵ | Dan Sledz | 1 | -1/+1 | |
lp_use_kerberos_keytab parameter. The first is "kerberos method" and replaces the "use kerberos keytab" with an enum. Valid options are: secrets only - use only the secrets for ticket verification (default) system keytab - use only the system keytab for ticket verification dedicated keytab - use a dedicated keytab for ticket verification. secrets and keytab - use the secrets.tdb first, then the system keytab For existing installs: "use kerberos keytab = yes" corresponds to secrets and keytab "use kerberos keytab = no" corresponds to secrets only The major difference between "system keytab" and "dedicated keytab" is that the latter method relies on kerberos to find the correct keytab entry instead of filtering based on expected principals. The second parameter is "dedicated keytab file", which is the keytab to use when in "dedicated keytab" mode. This keytab is only used in ads_verify_ticket. | |||||
2009-02-02 | s3:winbind_group: fix "getent group" to allocate new gids. | Michael Adam | 1 | -2/+8 | |
"getent group" used to fill the idmap cache with negative cache entries for unmapped group sids. Don't pass domain name unconditionally to idmap_sid_to_gid(). idmap_sid_to_gid() only creates new mappings (allocating idmap backends tdb, tdb2, ldap...) when the domain name passed in is "". Note that it is _wrong_ to directly call the idmap_sid_to_gid() functions here, in the main winbindd. The correct fix would be to send a sid_to_gid request to winbindd itself, but this needs more work to prepare the async mechanisms, and we nee a quick fix for getent passwd now. Michael | |||||
2009-02-02 | s3:winbind_user: fix "getent passwd" to allocate new uids. | Michael Adam | 1 | -2/+7 | |
"getent passwd" used to fill the idmap cache with negative cache entries for unmapped user sids. Don't pass domain name unconditionally to idmap_sid_to_[ug]id(). idmap_sid_to_[ug]id() only creates new mappings (allocating idmap backends tdb, tdb2, ldap...) when the domain name passed in is "". Note that it is _wrong_ to directly call the idmap_sid_to_[ug]id() functions here, in the main winbindd. The correct fix would be to send a sid_to_[ug]id request to winbindd itself, but this needs more work to prepare the async mechanisms, and we nee a quick fix for getent passwd now. Michael | |||||
2009-02-02 | s3:winbind_user: move initialization of domain up in winbindd_fill_pwent() | Michael Adam | 1 | -11/+9 | |
and streamline logic some Michael |