summaryrefslogtreecommitdiffstats
path: root/nsswitch
Commit message (Collapse)AuthorAgeFilesLines
* Update libwbclient version to 0.12Matthew Newton2015-03-103-2/+133
| | | | | | | | | | | | | | Increment the minor version of the libwbclient library after new context functions added. (Major version increase not required as the only two functions with changed parameters are private to the library.) Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Mar 10 03:24:45 CET 2015 on sn-devel-104
* Move wbc global variables into global context insteadMatthew Newton2015-03-103-45/+73
| | | | | | | | | | There are some global variables in use in the libwbclient library. Now that we have a context, move these into it so that they are thread-safe when the wbcCtx* functions are used. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Add context versions of wbclient functionsMatthew Newton2015-03-106-176/+1161
| | | | | | | | | | | To make the libwbclient library thread-safe, all functions that call through to wb_common winbindd_request_response need to have context that they can use. This commit adds all the necessary functions. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Add wbcContext to wbcRequestResponseMatthew Newton2015-03-102-7/+21
| | | | | | | | | To enable libwbclient to pass winbindd context through to the winbind client library in wb_common. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Add wbcContext struct, create and free functionsMatthew Newton2015-03-103-0/+78
| | | | | | | | | The basic context structure and functions for libwbclient so that libwbclient can be made thread-safe. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Use global context for winbindd_request_responseMatthew Newton2015-03-106-39/+66
| | | | | | | | | Updating API call in libwbclient, wbinfo, ntlm_auth and winbind_nss_* as per previous commit to wb_common.c. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Make winbind client library thread-safe by adding contextMatthew Newton2015-03-102-61/+143
| | | | | | | | | | Rather than keep state in global variables, store the current context such as the winbind file descriptor in a struct that is passed in. This makes the winbind client library thread-safe. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* pam: Fix CID 1034871 Resource leakVolker Lendecke2015-03-031-0/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Tue Mar 3 20:03:25 CET 2015 on sn-devel-104
* pam: Fix CID 1034870 Resource leakVolker Lendecke2015-03-031-1/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* nss-wins: Do not lookup invalid netbios namesAndreas Schneider2015-02-231-1/+13
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Make sure response->extra_data.data is always cleared outMatthew Newton2015-01-091-6/+7
| | | | | | | | | | Otherwise a bad read can sometimes cause the function to return -1 with an invalid pointer in extra_data.data, which is attempted to be freed by the caller (e.g. libwbclient/wbc_pam.c wbcAuthenticateUserEx()) by calling winbindd_free_response(). Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch/wbinfo: allow 'wbinfo --ping-dc --domain=SOMEDOMAIN'Stefan Metzmacher2014-12-191-4/+13
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: allow passing the domain name to wbcPingDC[2]()Stefan Metzmacher2014-12-192-11/+43
| | | | | | | | winbindd already supports this. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: fix soname of linux nss_*.so.2 modulesStefan Metzmacher2014-12-191-6/+18
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=9299 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* pam_winbind: fix warn_pwd_expire implementation.Günther Deschner2014-12-031-1/+4
| | | | | | | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9056 warn_pwd_expire parameter is not working as documented in pam_winbind manual page. This patch adds missing bit and allows disabling warning message fully, i.e. setting warn time to zero days. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Wed Dec 3 21:36:49 CET 2014 on sn-devel-104
* Support using system ldbmodify.Jelmer Vernooij2014-11-191-1/+6
| | | | | | | | | Fixes this test when bin/ldbmodify isn't built because we're using the system ldbmodify. Change-Id: I2ff0d9808245353006c6be4989976a3edad8f98e Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: avoid some compiler warningsStefan Metzmacher2014-11-143-6/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nss_winbind: add getgroupmembership for FreeBSDBjörn Jacke2014-10-201-1/+73
| | | | | | | | | | | | The getgroupmembership call on FreeBSD is needed for "winbind expand groups=0" (the new default in 4.2) to work. Thanks to Timur I. Bakeyev for the enhancement patch. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10835 Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed-by: Volker Lendecke <vl@samba.org>
* pam_winbind: fix comment typosMichael Adam2014-10-181-1/+1
| | | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Sat Oct 18 12:41:07 CEST 2014 on sn-devel-104
* nsswitch: Skip groups we were not able to map.Andreas Schneider2014-09-191-0/+5
| | | | | | | | | | | | | | If we have configured the idmap_ad backend it is possible that the user is in a group without a gid set. This will result in (uid_t)-1 as the gid. We return this invalid gid to NSS which is wrong. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10824 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Fri Sep 19 17:57:14 CEST 2014 on sn-devel-104
* Replace all uses of iniparser with tiniparser.Jeremy Allison2014-08-143-24/+27
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* nsswitch: Fix bogus #include line.Ira Cooper2014-08-091-1/+0
| | | | | | | | We are not allowed to reach around behind the system's back and include the wrong headerfiles. Signed-off-by: Ira Cooper <ira@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* As David Woodhouse points out, this breaks backwards compatibility.Jeremy Allison2014-07-141-2/+0
| | | | | | | | | | | https://bugzilla.samba.org/show_bug.cgi?id=10692 Revert "libwbclient: reject unknown named blobs in wbcCredentialCache()" This reverts commit 740d12d1e77d356ff22c3725dce8d5019c86a7a5. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Jul 14 21:54:08 CEST 2014 on sn-devel-104
* libwbclient: reject unknown named blobs in wbcCredentialCache()Stefan Metzmacher2014-07-101-0/+2
| | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10692 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jul 10 22:30:45 CEST 2014 on sn-devel-104
* libwbclient: allow only one initial_blob/challenge_blob in wbcCredentialCache()Stefan Metzmacher2014-07-101-9/+19
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10692 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: libwbclient: Don't break out of loop too soon - find all parameters.Jeremy Allison2014-07-101-2/+0
| | | | | | | | Fix bug #10692: wbcCredentialCache fails if challenge_blob is not first https://bugzilla.samba.org/show_bug.cgi?id=10692 Signed-off-by: Jeremy Allison <jra@samba.org>
* libwbclient: Call correct function for wbcPingDc2 testChristof Schmitt2014-07-091-1/+1
| | | | | | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Christof Schmitt <cs@samba.org> Autobuild-Date(master): Wed Jul 9 18:36:08 CEST 2014 on sn-devel-104
* waf: fix the name of the WINBIND "nss" module on AIXBjörn Jacke2014-06-121-1/+1
| | | | | | | | | | | on AIX this is actually not called NSS and PAM, this is combined im LAM (loadable authentication module) Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Jun 12 13:32:28 CEST 2014 on sn-devel-104
* s3:lib/afs move afs_settoken.c to common lib dirChristian Ambach2014-06-041-0/+1
| | | | | Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Make test_wbinfo.sh work with s3-winbinddAndrew Bartlett2014-06-041-6/+5
| | | | | | Change-Id: I41ed850b6424eac3fb8b6603d5b87c66bb77dd51 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libwbclient-tests: No longer hardcoded password and test domainAndrew Bartlett2014-06-041-20/+23
| | | | | | | | | | | The password is made more complex, and the test domain is made to use the command line options. Andrew Bartlett Change-Id: Ia1ec24a9fc393e7f7b210f845bcf32dbc933d48f Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* selftest: Set winbind separator = /Andrew Bartlett2014-06-041-8/+8
| | | | | | | | | | This avoids a pile of shell-script escape pain, and fixes some tests. Andrew Bartlett Change-Id: Ie1d0e32ab484a5b0ddbc4073831fe6de27e38e92 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nsswitch: Fix the check for the privileged pipe.Andreas Schneider2014-05-161-17/+19
| | | | | | | Change-Id: I8f23ecc8444c3b25d5be2a7fdbf51ba7fe4a5ed9 Signed-off-by: Andreas Schneider <asn@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* wbclient: ensure response struct is initializedAlexander Bokovoy2014-05-081-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Prior to asking for a winbindd private pipe we need to initialize response structure to deal with a possible response failure. winbind_open_pipe_sock() issues two winbindd requests: - asks for interface version - asks for a private pipe The first call returns interface version in a response structure (which is a union). The second call might fail -- in this case response structure will not be initialized or filled in with any information. As result, if the second call failed, response structure will have data from an interface string interpreted as a pointer to a string during SAFE_FREE() at the end of the winbind_open_pipe_sock(). To avoid that, ensure response struct is initialized before asking for a private pipe. https://bugzilla.samba.org/show_bug.cgi?id=10596 Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu May 8 04:24:53 CEST 2014 on sn-devel-104
* Remove special socket_wrapper code.Andreas Schneider2014-04-172-9/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* selftest: Rename WINBINDD_SOCKET_DIR environment variable.Andreas Schneider2014-04-172-8/+1
| | | | | | | | It is very confusing if the env var uses the same name as the define in the source code. So prefix it with SELFTEST. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* wbclient: Check with nss_wrapper_enabled().Andreas Schneider2014-04-171-6/+6
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Remove special nss_wrapper codeAndreas Schneider2014-04-171-1/+0
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libwbclient: Handle uid_wrapper for pipe access.Andreas Schneider2014-04-171-2/+33
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Remove uid_wrapper related code.Andreas Schneider2014-04-173-5/+0
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* selftest: Rename wbinfo_s3 to wbinfo_simple and reorder code for clarityAndrew Bartlett2014-04-021-0/+17
| | | | | | | | | Change-Id: Ic2e06e448fce1d91422b711abf663b9253009a53 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Apr 2 13:07:24 CEST 2014 on sn-devel-104
* nsswitch: Remove fallback setting of WINBINDD_SOCKET_DIRAndrew Bartlett2014-03-051-5/+9
| | | | | | | | | | | | | | This is the original cause of the wbc NT_STATUS_OBJECT_NAME_NOT_FOUND issues in recent git master, as the build was able to progress without the correct path being set as an override. Andrew Bartlett Change-Id: I1dbc7350695756356e869199b589eb781eb5c673 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Mar 5 18:34:48 CET 2014 on sn-devel-104
* nsswitch: Fix idmap rfc2307 test with system ldb.Andreas Schneider2014-02-211-2/+11
| | | | Reviewed-by: Alexander Bokovoy <ab@samba.org>
* krb5_locator: Slightly simplify codeVolker Lendecke2014-02-201-2/+1
| | | | | | | This makes it a bit easier to read for me Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Kai Blin <kai@samba.org>
* param: rename lp function and variable from 'lockdir' to 'lock_directory'Garming Sam2014-02-071-1/+1
| | | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Revert "pam_winbind: fix segfault in pam_sm_authenticate()"Garming Sam2014-01-151-4/+3
| | | | | | | | | | | | | This reverts commit ec0f51b200d6e5b99bbd872e169621c17f33524c. A more generic fix is now in use. Pair-programmed-with: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jan 15 01:37:38 CET 2014 on sn-devel-104
* pam_winbind: Do not honour require_membership_of in the acct module parametersGarming Sam2014-01-141-16/+41
| | | | | | | | This needs a password to work, and it confuses users for it to appear to be valid here. Pair-programmed-with: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: David Disseldorp <ddiss@samba.org>
* pam_winbind: Fix segfault caused by invalid configuration optionsGarming Sam2014-01-141-3/+3
| | | | | | | | | | This is a better fix for 8564 and will allow ec0f51b200d6e5b99bbd872e169621c17f33524c to be reverted. BUG: https://bugzilla.samba.org/show_bug.cgi?id=8564 Pair-programmed-with: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: David Disseldorp <ddiss@samba.org>
* wbinfo: Fix a memory leak in wbinfo_ping_dc().Andreas Schneider2014-01-091-0/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* CVE-2013-4408:s3:Ensure LookupSids replies arrays are range checked.Jeremy Allison2013-12-092-2/+19
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185 Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org>
generated by cgit (git 2.34.1) at 2024-05-03 00:59:18 +0000