summaryrefslogtreecommitdiff
path: root/source3/winbindd
AgeCommit message (Collapse)AuthorFilesLines
2012-07-18loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.Rusty Russell3-7/+7
They use talloc_tos() internally: hoist that up to the callers, some of whom don't want to us talloc_tos(). A simple patch, but hits a lot of files. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/winbindd/winbindd_pam.c: fix stackframe leakRusty Russell1-0/+1
check_info3_in_group() doesn't always free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/winbindd/idmap_tdb_common.c: fix stackframe leakRusty Russell1-0/+1
idmap_tdb_common_sid_to_unixid() doesn't always free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18source3/winbindd/winbindd_util.c: fix stackframe leakRusty Russell1-2/+4
winbindd_can_contact_domain() doesn't always free its stackframe. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-17Enable AES in winbind.Andreas Schneider1-1/+1
Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-14Fix bug #9016 - Connection to outbound trusted domain goes offline.Jeremy Allison1-6/+0
By the time we've gotten to init_dc_connection_network() we shouldn't be second guessing the caller by calling winbindd_can_contact_domain(). If for some reason we do need to restrict the contact list here we can add a condition to only contact the primary domain or domains listed in the tdc cache, but I don't think that's neccessary. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jul 14 03:17:57 CEST 2012 on sn-devel-104
2012-07-12s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam()Michael Adam4-5/+5
This does not check whether the given sid is in our domain, but but whether it belongs to the local sam, which is a different thing on a domain member server. Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
2012-07-12s3: rename sid_check_is_domain() to sid_check_is_our_sam()Michael Adam7-10/+10
This does not check whether the given sid is the domain sid, but whether it is the sid of the local sam, which is different for a domain member server.
2012-07-03s3-winbind: Remove obsolte idmap_adex.Andreas Schneider8-3781/+0
2012-06-22dbwrap: remove get_flags().Rusty Russell1-17/+2
The flags returned were TDB-specific: this was only used for detecting the endianness of obsolete databases (the conversion code was put in in 2003, with reference to Samba 2.3). It's easier to remove it than to translate the NTDB flags to TDB flags, and it's a really weird thing to ask for anyway. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-06-21s3:winbindd: do not expose negative cache idmap entries as valid mappings ↵Stefan Metzmacher1-6/+19
(bug #9002) metze
2012-06-21s3:winbindd: discard the expired gid cache if we're online (bug #9002)Stefan Metzmacher1-1/+1
This matches the uid case... metze
2012-06-21s3: Remove an unnecessary ()Volker Lendecke1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jun 21 16:05:30 CEST 2012 on sn-devel-104
2012-06-20idmap-hash: Attempt to fix Coverity ID 709116 Overflowed array index writeVolker Lendecke1-1/+6
Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Wed Jun 20 12:53:59 CEST 2012 on sn-devel-104
2012-06-20idmap-hash: Fix Coverity ID 709117 Dereference before null checkVolker Lendecke1-5/+5
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-20idmap-hash: Fix Coverity 709118 Dereference before null checkVolker Lendecke1-5/+5
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-20idmap-hash: Adapt mapfile_read_line to README.CodingVolker Lendecke1-1/+2
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-20idmap-hash: Fix Coverity ID 709119 Unused pointer valueVolker Lendecke1-1/+1
"p" is overwritten further down again before it's first use Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-19Fix unused variable warnings.Jeremy Allison1-5/+12
2012-06-19Remove unused variables.Jeremy Allison1-8/+0
2012-06-19TDB2: make SAMBA use tdb1 again for the moment.Rusty Russell1-4/+0
Otherwise the following surgery will break the SAMBA build and testsuite. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-06-18s3:idmap_tdb: fix miss in rename of dbwrap_trans_store_uint32() to ↵Michael Adam1-4/+4
dbwrap_trans_store_uint32_bystring()
2012-06-18dbwrap: Rename dbwrap_fetch_uint32->dbwrap_fetch_uint32_bystringAmitay Isaacs1-2/+2
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15s3-winbindd: fix the build of idmap_ad modules.Günther Deschner1-1/+2
Guenther Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Jun 15 18:16:11 CEST 2012 on sn-devel-104
2012-06-15dbwrap: dbwrap_trans_store_int32->dbwrap_trans_store_int32_bystringVolker Lendecke1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_change_uint32_atomic->dbwrap_change_uint32_atomic_bystringVolker Lendecke2-2/+2
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_store_uint32->dbwrap_store_uint32_bystringVolker Lendecke2-3/+5
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_fetch_uint32->dbwrap_fetch_uint32_bystringVolker Lendecke3-8/+9
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_store_int32->dbwrap_store_int32_bystringVolker Lendecke1-3/+4
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15dbwrap: dbwrap_fetch_int32->dbwrap_fetch_int32_bystringVolker Lendecke1-4/+4
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-11s3-winbindd: add comments about dump_core_setupMatthieu Patou1-0/+11
This patch is related to change 0ea7152ff479e32e25817e4ddb1c2a1569bad81d Comments are added to explain why we call dump_core_setup 3 times. Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Jun 11 21:21:11 CEST 2012 on sn-devel-104
2012-06-08s3-winbindd: call dump_core_setup after command line option has been parsedMatthieu Patou1-0/+2
Without this fix in some situations winbindd can't coredump. Such cases append when samba is compiled in a custom prefix (ie. /home/build/mat/prod/1/) in this case get_dyn_LOGFILEBASE or basename(lp_logfile) before the configuration file and the command line is parsed will be something like /home/build/mat/prod/1/var which might not exists on the host where you run it (where it's most probably more "normal" directories). Specifying --log-basename didn't help as dump_core_setup is called before the command line and the config file is read so it didn't help getting a correct value in dump_core_setup. We fix this issue by calling dump_core_setup() also after the command line has been read and also after the configfile has been parsed so that the final location for the coredump is coherent with the final logile location. Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Fri Jun 8 06:33:33 CEST 2012 on sn-devel-104
2012-06-08s3-waf: Fix the winbindd active directory idmap support build.Ira Cooper1-1/+1
This fixes the SAMBA3_MODULE for idmap_ad so it will actually attempt to build. Autobuild-User(master): Ira Cooper <ira@samba.org> Autobuild-Date(master): Fri Jun 8 04:38:04 CEST 2012 on sn-devel-104
2012-05-31Forward port of Richard Sharpe's <realrichardsharpe@gmail.com> fix for bug ↵Jeremy Allison1-1/+2
#8970 - Possible memory leaks in the samba master process.
2012-05-28s3:libsmb: get rid of cli_negprotLuk Claes1-1/+2
Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28s3:libsmb: get rid of cli_state_disconnectLuk Claes1-2/+2
Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28s3:libsmb: get rid of cli_state_security_modeLuk Claes1-1/+1
Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28s3:libsmb: get rid of cli_state_capabilitiesLuk Claes1-1/+1
Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28s3:libsmb: get rid of cli_state_protocolLuk Claes1-2/+2
Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28s3:libsmb: get rid of cli_state_remote_nameLuk Claes1-2/+2
Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-28s3:libsmb: get rid of cli_state_*_sockaddrLuk Claes1-2/+3
Signed-off-by: Luk Claes <luk@debian.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-26s3-winbindd: Always map the LDAP error code to an NTSTATUSAndrew Bartlett1-4/+20
We do this so that we catch LDAP_TIMELIMIT_EXCEEDED as NT_STATUS_IO_TIMEOUT, which has special handling in winbindd_cache.c Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-23Introduce system MIT krb5 build with --with-system-mitkrb5 option.Alexander Bokovoy1-2/+2
System MIT krb5 build also enabled by specifying --without-ad-dc When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level configure in WAF build we are trying to detect and use system-wide MIT krb5 libraries. As result, Samba 4 DC functionality will be disabled due to the fact that it is currently impossible to implement embedded KDC server with MIT krb5. Thus, --with-system-mitkrb5/--without-ad-dc build will only produce * Samba 4 client libraries and their Python bindings * Samba 3 server (smbd, nmbd, winbindd from source3/) * Samba 3 client libraries In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture. This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
2012-05-23Second part of fix for bug 8953 - winbind can hang as nbt_getdc() has no ↵Herb Lewis1-0/+1
timeout. If we're running with SEC_ADS and we don't get a cldap response from the server when querying its name, don't fall back to NetBIOS requests as they're unlikely to succeed. Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed May 23 03:49:36 CEST 2012 on sn-devel-104
2012-05-22Fix bug #8953 - winbind can hang as nbt_getdc() has no timeout.Jeremy Allison1-1/+1
Add a timeout_in_seconds parameter to nbt_getdc() to make it fail after that time with NT_STATUS_IO_TIMEOUT.
2012-05-15s3-auth: Rename to init_system_session_info().Andreas Schneider1-1/+1
Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Tue May 15 13:56:00 CEST 2012 on sn-devel-104
2012-05-14s3: Fix Coverity ID 241320 Array compared against 0Volker Lendecke1-1/+1
domain->alt_name is an array, not a pointer Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Mon May 14 15:11:47 CEST 2012 on sn-devel-104
2012-05-10s3: Fix Coverity ID 242184 Dereference after null checkVolker Lendecke1-5/+3
rpc_query_user unconditionally dereferences user_info if successfull
2012-05-09s3:winbindd:autorid check that transaction start did workChristian Ambach1-1/+5
this fixes Coverity #700172 CHECKED_RETURN Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Wed May 9 00:27:08 CEST 2012 on sn-devel-104
2012-05-08s3:winbindd/autorid add ignore builtin parameterChristian Ambach1-0/+13
BUILTIN should be handled by passdb, however if passdb does not know about a SID, autorid creates a range for BUILTIN and does deterministic mapping make it possible to turn off this behavior