| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you define this, pstring and fstring become distinguished types, so
that it's harder to accidentally overflow them by for example passing
an fstring on the lhs of pstrcpy.
The types are defined as one-element union arrays so that with
"fstring f" the name "f" will be a pointer and with a big hammer you
can cast it to (char *). So code that tries to just use it directly
will get a loud warning, but hopefully nothing worse.
To pass them to non-pstring-aware functions, use PSTR and check that
the function takes a const. They should almost never be modified
except by special calls. In those unusual cases, use PSTR_MUTABLE.
This is off by default so as not to produce too many warnings. As the
code is vetted it can become the default.
|
| |
|
|
| |
functions.
|
| | |
|
| |
|
|
|
|
| |
contents...
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
to move this from being a static to matching its mate in lib/util_sock.c.
In any case, this should discorage anybody from using the 'wrong' version of
this function. (ie the one from TNG, which needs a bit more error checking
depending on use).
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This work was sponsored by Optifacio Software Services, Inc.
Andrew Bartlett
(various e-mails announcements merged into some form of commit message below:)
This patch which adds basics of universal groups support
into Samba 3. Currently, only Winbind with RPC calls supports this, ADS
support requires additional (possibly huge) work on KRB5 PAC. However,
basic infrastructure is here.
This patch adds:
1. Storing of universal groups for particular user logged into Samba
software (smbd/ two winbind-pam methods) into netlogon_unigrp.tdb as array
of uint32 supplemental group rids keyed as DOMAIN_SID/USER_RID in tdb.
2. Fetching of unversal groups for given user rid and domain sid from
netlogon_unigrp.tdb.
Since this is used in both smbd and winbindd, main code is in
source/lib/netlogon_uingrp.c. Dependencies are added to AUTH_OBJ as
UNIGRP_OBJ and WINBINDD_OBJ as UNIGRP_OBJ.
This patch has had a few versions, the final version in particular:
Many thanks to Andrew Bartlett for critics and comments, and partly
rewritten code.
New:
- updated fetching code to changed byte order macros
- moved functions to proper namespace
- optimized memory usage by reusing caller's memory context
- enhanced code to more follow Samba coding rules
Todo:
- proper universal group expiration after timeout
|
| | |
|
| |
|
|
|
|
| |
wire... so.
Jeremy.
|
| |
|
|
|
|
| |
This should make things a little happier...
Andrew Bartlett
|
| |
|
|
|
|
|
| |
This brings passdb.c down to a much more manageable ~1100 lines and makes it a
little easier to comprehend whats going on here.
Andrew Bartlett
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| | |
|
| |
|
|
| |
when we free curr_ace_outer we need to not try to use it again :)
|
| |
|
|
| |
with the local machine time changing
|
| |
|
|
| |
when switching from rpc to ADS this now should make sense
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the list received at startup or we get an out of date list. I thought
there might be some sequence number that is incremented when a trusted
domain is added or removed - perhaps there is but I just haven't found it
yet.
- Renamed get_domain_info() to init_domain_list()
- Made an accessor function to return the list of trusted domains rather
than using a global so we don't have to remember to put a magic init
function
- The getent state can not keep a pointer to a winbind_domain structure as
it may be freed if init_domain_list() is called again so we keep the
domain name instead
|
| |
|
|
|
|
|
|
| |
Replace this with some flags that *we* define. We can do a mapping later
if we actually get some more reliable info about what passwords are actually
valid.
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
|
|
| |
This fixes up a problem where a machine would join (or downgrade by trust
password change) to NT4 membership and not be able to regain full ADS
membership until a 'net ads leave'.
Andrew Bartlett
|
| | |
|
| |
|
|
| |
manpage.
|
| |
|
|
|
| |
this is actually a workaround for old broken nmbd daemons, especially
from Samba 2.0
|
| |
|
|
|
|
|
|
|
|
|
| |
swedish" test to client calls. This is putting a length field at the
start of a request so we can disconnect clients talking with an out of date
libnss_winbind.so rather than deadlock them.
Misc cleanups:
- made some int values uint32
- moved WINBIND_INTERFACE_VERSION to start of cmd list
|
| | |
|
| |
|
|
| |
of a define you need to grep for the old name and change ALL places.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
smb.conf to get it right.
While wb_client needs its lp_load() for samba dependency reasons, it now uses
the new method both to example and test the new code.
Also add an interface version function, and return the winbind's samba version
string.
In preperation for default domains, its now up to winbindd to reject plaintext
auths that don't have a seperator, but NTLM (CRAP) auths now have two feilds,
hence need parsing.
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
It adds a 'ping' request, just to check winbind is in fact alive
It also changes winbindd_pam_auth_crap to take usernames and domain seperatly.
(backward incompatible change, needs merge to 2.2, but this is not yet released
code, so no workarounds)
Finally, it adds some debugs and fixes a few memory leaks (uses talloc to do
it).
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
when they are added or removed on the PDC.
- renamed GETPWNAM_FROM_{UID,USER} constants and functions to GETPW{NAM,UID}
- renamed GETGRNAM_FROM_{GID,GROUP} constants and functions to GETGR{NAM,GID}
- use SIGUSR2 in winbindd for debugging/logging instead of SIGUSR1 in
preparation for moving to smbcontrol type messages (not sure whether to
ditch this altogether or not)
- tidy debugging messages in top level winbind user and group routines
- convert talloc_init() to talloc_init_named()
- make enumerations of the domain list use the same local variable names
|
| | |
|
| |
|
|
|
| |
in any of these fields, they can corrupt the output. We
should remove them.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
Make it up as we go along... :-).
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
I think configure.in just beat it to the repository so the timestamp of
configure.in is newer than configure. )-:
|
| |
|
|
| |
Jeremy
|
| |
|
|
|
|
|
|
|
| |
the specifies the units that st_blocks is in. The reason for this is
that HPUX uses 8k, AIX uses a #defined constant and everyone else (tm)
uses 512 byte units.
Needed for the CIFS UNIX extensions - coming to a Samba server near
you soon.... :-).
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
prompt dmalloc to log information about what happening, so you can see
in flight why smbd is getting bloated.
|
