summaryrefslogtreecommitdiffstats
path: root/source3/winbindd
Commit message (Collapse)AuthorAgeFilesLines
* winbindd: Fill in num_entries where availableVolker Lendecke2010-04-193-0/+6
| | | | | | | | The server implementation of WINBINDD_LIST_USERS, WINBINDD_LIST_GROUPS and WINBINDD_LIST_TRUSTDOM knows the number of entries returned. Bump up the version number so that a newer lib does not rely on something an older winbind does not do.
* s3: Add some debug to GETSIDALIASESVolker Lendecke2010-04-191-0/+9
|
* s3: Fix indentation in remove_ccacheVolker Lendecke2010-04-181-1/+1
|
* s3: Fix a typo in winbindd_ccache_saveVolker Lendecke2010-04-181-1/+1
|
* s3-winbind: Authenticate SAM usersVolker Lendecke2010-04-131-5/+71
|
* s3-winbindd: Fix typo in comment.Karolin Seeger2010-04-131-1/+1
| | | | Karolin
* s3: Use sizeof(chal) instead of a constantVolker Lendecke2010-04-111-1/+1
|
* s3: Cosmetics -- I could not spot where "chal" was initializedVolker Lendecke2010-04-111-1/+1
|
* s3: Remove domain selection from dual_pam_authVolker Lendecke2010-04-101-53/+13
| | | | | | | | | We're in a child, the parent already has chosen the domain by picking the right child to connect to. Metze, you've done work on winbind lately, so it goes to you: Please check :-)
* s3: Check 0 termination in GETALIASESVolker Lendecke2010-04-101-7/+13
|
* s3: Remove the separate "child" argument from setup_domain_child()Volker Lendecke2010-04-083-15/+8
|
* s3:winbindd: make "smbcontrol winbindd validate-cache" reliable againStefan Metzmacher2010-04-081-0/+3
| | | | | | | | commit 73577205cf81644e7fe853eaf3e6459f7f443096 (s3:winbindd: fix problems with SIGCHLD handling (bug #7317)) broke this. metze
* s3: Fix a cut&paste error in winbindd_list_groups_doneVolker Lendecke2010-04-051-1/+1
|
* s3:winbindd: remove unused variablesStefan Metzmacher2010-04-011-2/+0
| | | | metze
* s3:winbindd: fix problems with SIGCHLD handling (bug #7317)Stefan Metzmacher2010-04-013-17/+6
| | | | | | | | | | | | | | | | | | | | | The main problem is that we call CatchChild() within the parent winbindd, which overwrites the signal handler that was registered by winbindd_setup_sig_chld_handler(). That means winbindd_sig_chld_handler() and winbind_child_died() are never triggered when a winbindd domain child dies. As a result will get "broken pipe" for all requests to that domain. To reduce the risk of similar bugs in future we call CatchChild() in winbindd_reinit_after_fork() now. We also use a full winbindd_reinit_after_fork() in the cache validation child now instead instead of just resetting the SIGCHLD handler by hand. This will also fix possible tdb problems on systems without pread/pwrite and disabled mmap as we now correctly reopen the tdb handle for the child. metze
* s3: Ensure NULL termination before printing in winbindd_pam_logoffVolker Lendecke2010-04-011-3/+3
|
* s3: Fix a typo in winbindd_pam_logoffVolker Lendecke2010-04-011-1/+1
|
* s3:winbindd: correctly invalidate the cached connectionStefan Metzmacher2010-04-011-6/+11
| | | | | | There're maybe additional TCP connection for ncacn_ip_tcp. metze
* s3:winbindd: only set child_domain in the childStefan Metzmacher2010-04-011-1/+1
| | | | metze
* s3:winbindd: make sure we don't try rpc requests against unaccessable domainsStefan Metzmacher2010-04-011-5/+28
| | | | | | | This makes sure we don't crash while trying to dereference domain->conn.cli->foo while trying to establish a rpc connection to the server. metze
* s3: fix a typo in winbind_client_response_writtenVolker Lendecke2010-04-011-2/+2
|
* s3: Fix an error message in winbindd_pam_chauthtok()Volker Lendecke2010-03-311-1/+1
|
* s3: Ensure null termination in winbindd_pam_chauthtok()Volker Lendecke2010-03-311-0/+4
|
* s3: Make check_info3_in_group staticVolker Lendecke2010-03-312-4/+2
|
* s3-winbind: Make append_auth_data() staticVolker Lendecke2010-03-312-8/+4
|
* s3:winbindd: correctly retry if the netlogon pipe gets disconnected during a ↵Stefan Metzmacher2010-03-291-2/+2
| | | | | | | | logon call This fixes hopefully the last part of bug #7295. metze
* s3:winbindd_reconnect: don't only reconnect on NT_STATUS_UNSUCCESSFULStefan Metzmacher2010-03-291-14/+59
| | | | metze
* s3:winbindd_cm: invalidate connection if cm_connect_netlogon() failsStefan Metzmacher2010-03-291-2/+2
| | | | metze
* s3:winbindd: consistently use TALLOC_FREE(conn->foo_pipe) is we create a new ↵Stefan Metzmacher2010-03-291-0/+5
| | | | | | connection metze
* s3:winbindd_cm: use rpccli_is_connected() helper functionStefan Metzmacher2010-03-291-4/+4
| | | | metze
* s3:winbindd_cm: use cli_state_is_connected() helper functionStefan Metzmacher2010-03-291-14/+4
| | | | metze
* s3: Fix bug 7212, "getent group does not return group members"Volker Lendecke2010-03-291-0/+1
|
* s3-smbd: Don't close stdout if we want to log to stdout.Andreas Schneider2010-03-261-1/+1
|
* s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store themStefan Metzmacher2010-03-241-1/+5
| | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3: Fix a bad memleak in winbindVolker Lendecke2010-03-221-1/+2
|
* s3: Fix a long-standing problem with recycled PIDsVolker Lendecke2010-03-102-9/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a samba server process dies hard, it has no chance to clean up its entries in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb. For locking.tdb and brlock.tdb Samba is robust by checking every time we read an entry from the database if the corresponding process still exists. If it does not exist anymore, the entry is deleted. This is not 100% failsafe though: On systems with a limited PID space there is a non-zero chance that between the smbd's death and the fresh access, the PID is recycled by another long-running process. This renders all files that had been locked by the killed smbd potentially unusable until the new process also dies. This patch is supposed to fix the problem the following way: Every process ID in every database is augmented by a random 64-bit number that is stored in a serverid.tdb. Whenever we need to check if a process still exists we know its PID and the 64-bit number. We look up the PID in serverid.tdb and compare the 64-bit number. If it's the same, the process still is a valid smbd holding the lock. If it is different, a new smbd has taken over. I believe this is safe against an smbd that has died hard and the PID has been taken over by a non-samba process. This process would not have registered itself with a fresh 64-bit number in serverid.tdb, so the old one still exists in serverid.tdb. We protect against this case by the parent smbd taking care of deregistering PIDs from serverid.tdb and the fact that serverid.tdb is CLEAR_IF_FIRST. CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not work when all smbds are restarted. For this, "net serverid wipe" has to be run before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up sessionid.tdb and connections.tdb. While there, this also cleans up overloading connections.tdb with all the process entries just for messaging_send_all(). Volker
* s3:winbindd: add DEBUG(10,...) for the end of each top levelStefan Metzmacher2010-03-052-6/+25
| | | | | | That will hopefully make debugging a bit easier (at least for me). metze
* s3: Fix unnecessary traversing winbindd_cache.tdb in SIGHUP handler.Bo Yang2010-03-061-0/+6
| | | | Signed-off-by: Bo Yang <boyang@samba.org>
* s3: Remove unused count_all_current_connections()Volker Lendecke2010-02-281-1/+0
|
* s3: Fix but 7145 -- duplicate sam and unix accountsVolker Lendecke2010-02-282-0/+22
| | | | | | | | | | For me this survives the TESTS=posix_s3 POSIX_SUBTESTS="RPC-SAMR-LARGE-DC LOCAL-NSS-WRAPPER" make test reproducer. Günther, please check! Volker
* Fix one of the valgrind warnings from bug #6814 - Fixes for problems ↵Roel van Meer2010-02-261-0/+8
| | | | | | | reported by valgrind The timeval passed to event_add_to_select_args() must be initialized as event_add_to_select_args() uses a timeval_min() on this and next_event.
* s3 move the sitename cache in its own fileSimo Sorce2010-02-231-0/+1
|
* s3: Consolidate server_id_self into the equivalent procid_self()Volker Lendecke2010-02-231-1/+1
|
* s3:winbindd: never mark external domains as internal!Stefan Metzmacher2010-02-231-4/+1
| | | | | | | | | This way we can endup with silently using builtin_passdb_methods for an ad domain without an inbound trust. This fixes bug #7170. metze
* s3: go straight to winbindd_dual_pam_auth() in case of !NT_STATUS_OKLars Müller2010-02-171-1/+1
| | | | | | At the formerly used process_result statement we have alone one NT_STATUS_IS_OK() which never could be hit in our case as we only go here if NT_STATUS_EQUAL is not ok.
* s3: Don't invalidate cache for uninitialized domains.Bo Yang2010-02-093-1/+52
| | | | Signed-off-by: Bo Yang <boyang@samba.org>
* s3/winbind_ccache: Fix typo in debug message.Karolin Seeger2010-01-281-1/+1
| | | | Karolin
* s3: Add the session key to the ccache_ntlm_auth responseVolker Lendecke2010-01-241-4/+18
|
* s3: Add wbinfo --ccache-saveVolker Lendecke2010-01-244-0/+80
| | | | | With this command you can give winbind your password for later use by the automatic ntlm_auth
* s3 winbindd: Return number of groups in data.num_entries for ↵Kai Blin2010-01-141-1/+3
| | | | | | | | | WINBINDD_LIST_GROUPS This allows to test if there's something wrong with the group list in extra_data or if there's simply no groups in the database. Volker, please check.
generated by cgit (git 2.34.1) at 2025-09-03 15:51:20 +0000