summaryrefslogtreecommitdiff
path: root/source3/winbindd
AgeCommit message (Collapse)AuthorFilesLines
2011-07-28s3:winbindd: use lp_load_global() - winbindd does not need shares or IPC$Michael Adam1-1/+1
2011-07-28s3-waf: the passdb subsystem needs to be called pdbAndrew Tridgell1-1/+1
the 'pdb' name is builtin to the passdb module loading code as a fixed string. We need to call the subsystem pdb so that external passdb modules end up in bin/modules/pdb/ where they can be found by the Samba3 module loader Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-07-27s3:idmap_tdb2: remove the undocumented option of the silly name "tdb:idmap2.tdb"Michael Adam1-5/+1
In ancient times, when ctdb had not support for persistent databases and tdb2 was introduced as a two-layer solution and it was more important than today to be able to change the location of the permanent database file because it had to reside on shared storage. But these were times when idmap_tdb2 was not even officially released. Nowadays, with ctdb handling the persistent idmap2.tdb database, the path is stripped anyways, so this undocumented option has become unnecessary and is hence removed. Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Wed Jul 27 05:37:57 CEST 2011 on sn-devel-104
2011-07-27s3:idmap_tdb2: remove a legacy commentMichael Adam1-1/+0
2011-07-27s3:idmap_tdb2: remove legacy commentMichael Adam1-2/+0
2011-07-27s3:idmap_tdb2: remove superfluous initialization with bogus commentMichael Adam1-3/+0
2011-07-27s3:idmap_tdb2: fix a legacy comment that does not apply any moreMichael Adam1-2/+1
2011-07-27s3:idmap_tdb2: deprecate the idmap:script parameter and use "idmap config * ↵Michael Adam1-18/+21
: script" instead With this patch, "idmap config * : script" will override "idmap : script". If "idmap : script" is present, a deprecation warning will be printed in any case. If "idmap config * : script" is not set, then the value of "idmap :script" will be used for backwards compatibility.
2011-07-26s3: Fix MIT trustsVolker Lendecke1-0/+5
Winbind can't really cope with trusts that don't have a SID associated. This happens with external MIT trusts for example. This filters them out when sending the trust list from child to parent. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Jul 26 11:39:53 CEST 2011 on sn-devel-104
2011-07-22s3:winbindd_cm: use controller instead of cli->desthostStefan Metzmacher1-2/+2
The should have the same value. metze
2011-07-22s3:winbindd_cm: use cli_state_[local|remote]_sockaddr()Stefan Metzmacher1-14/+4
metze
2011-07-21s3:winbindd_cm: remove unused checks for address familyStefan Metzmacher1-37/+0
If we got a connection, we don't need to check what address family it uses. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Jul 21 23:33:48 CEST 2011 on sn-devel-104
2011-07-21s3:libsmb: replace cli_initialise[_ex]() by cli_state_create()Stefan Metzmacher1-7/+2
This makes sure cli_state->src_ss and cli_state->dest_ss are always initialized. metze
2011-07-21s3:winbindd remove an unused variableChristian Ambach1-2/+0
fixes a compiler warning
2011-07-20s3-auth Use the common auth_session_infoAndrew Bartlett1-4/+4
This patch finally has the same structure being used to describe the authorization data of a user across the whole codebase. This will allow of our session handling to be accomplished with common code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20s3-auth Use struct auth3_session_info outside the auth subsystemAndrew Bartlett1-4/+4
This seperation between the structure used inside the auth modules and in the wider codebase allows for a gradual migration from struct auth_serversupplied_info -> struct auth_session_info (from auth.idl) The idea here is that we keep a clear seperation between the structure before and after the local groups, local user lookup and the session key modifications have been processed, as the lack of this seperation has caused issues in the past. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20debug: log early messages to stdout, and keep it openAndrew Bartlett1-0/+3
The --log-stdout option was compromised by the log file descriptors being closed once the file process forked. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-11s3:winbindd_cm: make use of cli->src_ss instead of calling getsockname()Stefan Metzmacher1-2/+8
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jul 11 19:31:14 CEST 2011 on sn-devel-104
2011-07-11s3:winbindd_cm: make use of cli->dest_ss instead calling getpeername()Stefan Metzmacher1-1/+7
metze
2011-07-11s3:winbindd_cm: make use of cli_state_disconnect()Stefan Metzmacher1-4/+2
metze
2011-07-11s3:winbindd_cm: make use of cli_state_is_connected()Stefan Metzmacher1-9/+6
metze
2011-07-04s3-auth: Pass the remote_address down to user_info.Andreas Schneider1-2/+13
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-07-03s3-build Prepare to require fully defined modulesAndrew Bartlett1-6/+9
This specifies some more deps for our modules, and ensures that the subsystem that it links against is in fact a library, which will avoid issues with introducing duplicate symbols. Andrew Bartlett
2011-06-30s3-winbind: Fix bug 7888 -- deal with buggy 3.0 based PDCsGünther Deschner1-7/+19
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Jun 30 00:42:23 CEST 2011 on sn-devel-104
2011-06-28s3-waf: add some missing tdb dependencies.Günther Deschner1-2/+2
Guenther
2011-06-27s3: explicitly pass domain_sid to wbint_LookupRids() (bug #7841)Volker Lendecke3-9/+10
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Jun 27 18:21:30 CEST 2011 on sn-devel-104
2011-06-25s3: Fix winbindd_wins_bynameVolker Lendecke1-2/+3
Before the async change, the addresses were separated by spaces, not tabs Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sat Jun 25 15:40:15 CEST 2011 on sn-devel-104
2011-06-21s3: Remove unused codeVolker Lendecke1-125/+0
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Jun 21 15:36:01 CEST 2011 on sn-devel-104
2011-06-21s3: Convert WINBINDD_WINS_BYNAME to the async APIVolker Lendecke3-4/+157
2011-06-21lib/util Remove samba-util-common!Andrew Bartlett1-9/+9
All of this code is now in common, so we don't need the second '-common' library any more! Andrew Bartlett
2011-06-20s3: Fix a winbind messageVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Jun 20 23:28:43 CEST 2011 on sn-devel-104
2011-06-20s3:idmap_autorid: remove redundant codeMichael Adam1-4/+0
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Mon Jun 20 14:56:29 CEST 2011 on sn-devel-104
2011-06-20s3:idmap_autorid: in initialize, don't leak storedconfig to talloc_tos() in ↵Michael Adam1-2/+4
the success case
2011-06-20s3:idmap_autorid: use "idmap config * : rangesize" instead of "autorid : ↵Michael Adam1-1/+1
rangesize"
2011-06-20s3:idmap_autorid: fail initialization if the domain is not "*"Michael Adam1-0/+7
autorid can only be used as a backend for the default idmap configuration.
2011-06-20Use tevent_req_oomVolker Lendecke3-5/+5
This fixes a few Coverity errors
2011-06-20tdb_compat: Higher level API fixes.Rusty Russell1-1/+1
My previous patches fixed up all direct TDB callers, but there are a few utility functions and the db_context functions which are still using the old -1 / 0 return codes. It's clearer to fix up all the callers of these too, so everywhere is consistent: non-zero means an error. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-06-20source3/winbindd/idmap_tdb.c: tdb2 support for wrong endian.Rusty Russell1-2/+16
TDB has no idea of endian itself, but it knows whether the TDB is the same endian as the current machine, so we should use that rather than implementing TDB_BIGENDIAN in tdb2. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-06-20tdb_compat: use tdb_errorstr_compat()Rusty Russell1-2/+2
Since TDB2 functions return the error directly, tdb_errorstr() taken an error code, not the tdb as it does in TDB1. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-06-20tdb_traverse/tdb_traverse_read: check returns for negative, not -1.Rusty Russell1-1/+1
TDB2 returns a negative error number on failure. This is compatible if we always check for < 0 instead of == -1. Also, there's no tdb_traverse_read in TDB2: we don't try to make traverse reliable any more, so there are no write locks anyway. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-06-20tdb_delete: check returns for 0, not -1.Rusty Russell1-1/+1
TDB2 returns a negative error number on failure. This is compatible if we always check for != 0 instead of == -1. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-06-20tdb_fetch_compat: use instead of tdb_fetch.Rusty Russell1-5/+5
This is a noop for tdb1. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-06-20s3-winbind Move winbind privileged socket dir into state_path()Andrew Bartlett1-1/+1
On default installs, this will be the same as the old lock_path(), but lock_path() is now a directory that can safely be mapped to /var/locks and removed by the OS on reboot. It is important that the directory permissions of this directory be preserved, as they may be customised. Andrew Bartlett
2011-06-16s3:wb_lookupsids: add some paranoia checks to wb_lookupsids_recv()Stefan Metzmacher1-0/+18
This hopefully catches future bugs. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Jun 16 19:50:16 CEST 2011 on sn-devel-104
2011-06-16s3:wb_lookupsids: don't ignore 'result' and check if we got useable valuesStefan Metzmacher1-4/+48
The wrong fix for bug #8215 discovered this bug, as it caused sam_rids_to_names() to always return NT_STATUS_NONE_MAPPED. metze
2011-06-16Revert "s3-winbind: Fix paranoia checks in winbindd_samr.c."Stefan Metzmacher1-2/+2
This reverts commit 207a84d725b905c2b119d2ef0f4f4d4eb391140d. This is the wrong fix for the problem, see bug #8215. metze
2011-06-15s3-winbind: Fix paranoia checks in winbindd_samr.c.Andreas Schneider1-2/+2
This fixes looking up the correct unix user instead of allocation a new uid and creating it. Fix bug #8215 (winbind unix username lookup doesn't work correctly). (cherry picked from commit 531edfdd1924bfb2ef486820f7f5787098bd953a) Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Wed Jun 15 09:56:01 CEST 2011 on sn-devel-104
2011-06-12s3: Remove "struct ip_service" from resolve_winsVolker Lendecke1-15/+3
2011-06-11Revert "s3:idmap_autorid: add a talloc_stackframe() to ↵Michael Adam1-6/+5
idmap_autorid_initialize()" This reverts commit 65490ea4e67bf82cf8fb0b8e4e74047c3f63c509. This sequence of patches needs to be done differently. Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Sat Jun 11 12:55:11 CEST 2011 on sn-devel-104
2011-06-11Revert "s3:idmap_autorid: use "idmap config <DOMAIN> : rangesize" instead of ↵Michael Adam1-9/+1
"autorid:rangesize"" This reverts commit b0b0b625b588057c8c97371934bf21eb1fd985d8. This sequence of patches needs to be done differently.