summaryrefslogtreecommitdiff
path: root/source3/winbindd
AgeCommit message (Collapse)AuthorFilesLines
2010-10-14libcli/auth Merge source4/libcli/security and util_sid.c into the common codeAndrew Bartlett1-1/+1
This should ensure we only have one copy of these core functions in the tree. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14s3-auth Use security_token_debug() from common codeAndrew Bartlett2-2/+1
This prints the security token including the privileges as strings instead of just a bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett36-7/+36
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-08Move talloc_enable_null_tracking() to the s3 daemonsVolker Lendecke1-1/+7
2010-10-08s3-waf: slowly getting modules to match how they look like in old build.Günther Deschner1-32/+32
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri Oct 8 09:31:01 UTC 2010 on sn-devel-104
2010-10-07samr: for correctness, rename samr_RidTypeArray to samr_RidAttrArray.Günther Deschner2-2/+2
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Oct 7 12:04:32 UTC 2010 on sn-devel-104
2010-10-05s3-waf: convert NSS_INFO into a subsystem.Günther Deschner1-0/+49
We don't do the fancy symlinking to idmap modules though. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Oct 5 10:50:53 UTC 2010 on sn-devel-104
2010-10-01s3:events: Call all ready fd event handlers on each iteration of the main loopSteven Danneman1-3/+3
Previously, only one fd handler was being called per main message loop in all smbd child processes. In the case where multiple fds are available for reading the fd corresponding to the event closest to the beginning of the event list would be run. Obviously this is arbitrary and could cause unfairness. Usually, the first event fd is the network socket, meaning heavy load of client requests can starve out other fd events such as oplock or notify upcalls from the kernel. In this patch, I have changed the behavior of run_events() to unset any fd that it has already called a handler function, as well as decrement the number of fds that were returned from select(). This allows the caller of run_events() to iterate it, until all available fds have been handled. I then changed the main loop in smbd child processes to iterate run_events(). This way, all available fds are handled on each wake of select, while still checking for timed or signalled events between each handler function call. I also added an explicit check for EINTR from select(), which previously was masked by the fact that run_events() would handle any signal event before the return code was checked. This required a signature change to run_events() but all other callers should have no change in their behavior. I also fixed a bug in run_events() where it could be called with a selrtn value of -1, doing unecessary looping through the fd_event list when no fds were available. Also, remove the temporary echo handler hack, as all fds should be treated fairly now.
2010-10-01samba: share select wrappers.Günther Deschner1-0/+1
Guenther
2010-09-30s3: Add "smbcontrol winbindd ip-dropped <local-ip>"Volker Lendecke4-0/+69
This is supposed to improve the winbind reconnect time after an ip address has been moved away from a box. Any kind of HA scenario will benefit from this, because winbindd does not have to wait for the TCP timeout to kick in when a local IP address has been dropped and DC replies are not received anymore.
2010-09-30s3: Re-introduce a procid_self()Volker Lendecke1-1/+1
Giving the parent pid to reinit_after_fork is not a good idea.... None of the other callers do this, checked it.
2010-09-28s3-waf: fix dependencies in most of our module subsystems.Günther Deschner1-1/+0
Guenther
2010-09-27Change to using TDB_INCOMPATIBLE_HASH (the jenkins hash) on allJeremy Allison1-2/+5
TDB_CLEAR_IF_FIRST tdb's. For tdb's like gencache where we open without CLEAR_IF_FIRST and then with CLEAR_IF_FIRST if corrupt this is still safe to use as if opening an existing tdb the new hash will be ignored - it's only used on creating a new tdb not opening an old one. Jeremy.
2010-09-27s3-waf: add missing IDMAP modules.Günther Deschner1-0/+16
Guenther
2010-09-27s3-waf: move idmap subsystem to winbindd/wscript_build.Günther Deschner1-0/+74
Guenther
2010-09-21s3: Remove a pointless if-statementVolker Lendecke1-4/+0
2010-09-21s3-winbindd: another attempt to fix the non-ldap build.Günther Deschner2-0/+5
Guenther
2010-09-20s3: Replace sid_binstring and sid_guidstring with PIDL-based alternativesAndrew Bartlett4-6/+10
This reduces the manual marshalling of these structures by removing the duplication here. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-20s3-util: use shared dom_sid_dup.Günther Deschner1-2/+3
Guenther
2010-09-20s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.Günther Deschner5-9/+14
Guenther
2010-09-19s3/winbind: remove unused winbindd_check_cache_sizeBjörn Jacke2-30/+0
2010-09-15s3-winbindd: Use rpc_open_pipe_interface in winbindd.Simo Sorce1-2/+3
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-09-14Allows changing the maximum number of simultaneous clients in winbindd ↵Pierre Carrier1-5/+3
through an smb.conf option. Signed-off-by: Jeremy Allison <jra@samba.org>
2010-09-12s3: Remove a nesting level in winbindd_dual_pam_chauthtokVolker Lendecke1-18/+19
2010-09-11s3:auth Remove NT_USER_TOKENAndrew Bartlett1-4/+4
The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-auth Change struct nt_user_token -> struct security_tokenAndrew Bartlett2-4/+4
This common structure is defined in security.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-auth Change type of num_sids to uint32_tAndrew Bartlett6-15/+15
size_t is overkill here, and in struct security_token in the num_sids is uint32_t. This includes a change to the prototype of add_sid_to_array() and add_sid_to_array_unique(), which has had a number of consequnetial changes as I try to sort out all the callers using a pointer to the number of sids. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3: Simplify the logic in generate_krb5_ccacheVolker Lendecke1-51/+28
gd, jra, others, please check!
2010-09-10s3/winbind: use mono time for startup timeout checkBjörn Jacke3-6/+6
2010-09-10s3: Simplify generate_krb5_ccache slightlyVolker Lendecke1-4/+0
strequal deals with a NULL string input just fine
2010-09-09s3: Ensure NULL termination for "workstation" in auth_crapVolker Lendecke1-0/+2
2010-09-09s3: These assignments are overwritten immediatelyVolker Lendecke1-4/+0
Dump them
2010-09-09s3: Remove "mem_ctx" from a few functionsVolker Lendecke3-13/+3
2010-09-09s3: Remove "mem_ctx" from wcache_save_creds()Volker Lendecke3-3/+1
2010-09-09s3: Remove "mem_ctx" from lookup_cached_name()Volker Lendecke4-8/+4
2010-09-09s3: Remove a nested if-statementVolker Lendecke1-5/+3
2010-09-09s3: Fill in workstation in winbindd_pam_auth_crap_sendVolker Lendecke2-6/+5
2010-09-09s3: Fill in domain in winbindd_pam_auth_crap_sendVolker Lendecke2-11/+3
2010-09-09s3: Remove redundant flag checksVolker Lendecke1-10/+0
We're checking these in the parent already (winbindd_pam_auth_send and winbindd_pam_auth_crap_send). No point in doing it in the child as well
2010-09-09s3: Remove unused arg "user_sid" from winbindd_store_credsVolker Lendecke3-11/+5
All callers have passed in NULL
2010-09-09s3: Remove unused winbindd_update_creds_by_sidVolker Lendecke2-12/+0
2010-09-09s3: Remove unused winbindd_dual_show_sequence()Volker Lendecke3-25/+0
2010-09-08s3: "== false" looks wrong :-)Volker Lendecke1-1/+1
2010-09-08s3: Make winbind_add_failed_connection_entry staticVolker Lendecke2-6/+4
2010-09-08s3: Fix a typoVolker Lendecke1-1/+1
2010-09-08s3: Simplify cm_connect_sam a bitVolker Lendecke1-5/+1
2010-09-08s3: Check for sid instead of name in cm_connect_samVolker Lendecke1-1/+1
2010-09-04s3:winbindd: implement wbint_bh_set_timeout() as dummyStefan Metzmacher1-0/+8
metze
2010-09-02s3: Remove unused nss_info_adex_init()Volker Lendecke1-5/+0
2010-08-31s3-auth Rename NT_USER_TOKEN user_sids -> sidsAndrew Bartlett1-1/+1
This is closer to the struct security_token from security.idl