summaryrefslogtreecommitdiffstats
path: root/source/nsswitch/winbindd.c
Commit message (Collapse)AuthorAgeFilesLines
* Merge of netbios namecache code from APPLIANCE_HEAD.Tim Potter2002-08-161-0/+2
| | | | | | | Tridge suggested a generic caching mechanism for Samba to avoid the proliferation of little cache files hanging around limpet like in the locks directory. Someone should probably implement this at some stage.
* Winbind updates!Andrew Bartlett2002-07-311-0/+3
| | | | | | | | | | | | | | | | This updates the 'winbind' authentication module and winbind's 'PAM' (actually netlogon) code to allow smbd to cache connections to the DC. This is particulary relevent when we need mutex locks already - there is no parallelism to be gained anyway. The winbind code authenticates the user, and if successful, passes back the 'info3' struct describing the user. smbd then interprets that in exactly the same way as an 'ntdomain' logon. Also, add parinoia to winbind about null termination. Andrew Bartlett
* Another smattering of static and constAndrew Bartlett2002-07-211-1/+1
|
* this is a trick to work around the fact that posix does not supplyAndrew Tridgell2002-07-141-0/+1
| | | | | | | | | | a getgr*() function that lists groups without numerating all the group members. Instead of definiing a new nss method (which might cause problems) I added an environment variable WINBIND_GETGRLST that tells winbind not to fill in the group members in a gergrent() request. This can speed up group listing by a factor of 20 or more (on my test system with 50000 groups it reduces the time from an hour to 2 minutes)
* Merge pidfile fix.Jeremy Allison2002-06-071-3/+3
| | | | Jeremy.
* Merge of secrets_init() paranoia fix from 2.2Tim Potter2002-05-131-1/+6
|
* main() needs to be indented to make sure it doesn't generate aAndrew Tridgell2002-04-241-1/+1
| | | | prototype
* a new "dual daemon" operating mode for winbinddAndrew Tridgell2002-04-241-47/+88
| | | | | | | | | this mode improves the response time of winbindd by having a background process update the cache while the forground process responds to queries from cache. You can enable this mode using the -B command line option. It is quite experimental, which is why it is not the default.
* Tidy up winbindd debug. Added Bill Moran's hide unreadable fix.Jeremy Allison2002-04-131-4/+3
| | | | Jeremy.
* Fix up conversion code from old winbindd versions (some testing needed).Jeremy Allison2002-04-041-0/+4
| | | | | | Added time based cache size check (#ifdef'ed out by default, just didn't want to lose the code). Jeremy.
* merge winbindd WINS changes from 2.2Herb Lewis2002-03-291-0/+5
|
* Unblock sigusr1 on startup.Tim Potter2002-03-261-0/+1
|
* Added code for smb messaging. winbindd now responds to the smbcontrolTim Potter2002-03-261-2/+15
| | | | ping, debug and pool-usage messages.
* added a -h usage option to winbinddAndrew Tridgell2002-03-151-1/+16
|
* Now we have reliable signals take SIGTERM inband.Jeremy Allison2002-03-141-5/+4
| | | | Jeremy.
* fixed a memory leak thanks to dleducq@arkoon.netAndrew Tridgell2002-02-181-0/+1
|
* Fix from Michael Steffens <michael_steffens@hp.com> to make signalJeremy Allison2002-01-311-1/+4
| | | | | | processing work correctly in winbindd. This is a really good patch that gives full select semantics to the Samba modified select. Jeremy.
* added 'wbinfo --sequence' to show sequence numbers of all domainsAndrew Tridgell2002-01-311-0/+1
|
* Removed version number from file header.Tim Potter2002-01-301-2/+1
| | | | Changed "SMB/Netbios" to "SMB/CIFS" in file header.
* Change the winbind interface to use seperate 'domain' and 'username' feilds forAndrew Bartlett2002-01-261-0/+1
| | | | | | | | | the sid->uid and uid->sid conversions. Remove some duplicate arguments from these funcitons, and update the request/response structures for this and the 'winbind domain name' feature. As such 'winbindd_lookup_name' now takes both a domain and username.
* Call pidfile_create() as part of init sequence.Tim Potter2002-01-221-0/+3
|
* Fix to close winbindd_idmap on exit. Pointed out by Alexander Bokovoy.Jeremy Allison2002-01-191-0/+2
| | | | Jeremy.
* I'm doing some things towards the NamedPipes game with lckl and he has asked meAndrew Bartlett2002-01-131-86/+2
| | | | | | | | | | to move this from being a static to matching its mate in lib/util_sock.c. In any case, this should discorage anybody from using the 'wrong' version of this function. (ie the one from TNG, which needs a bit more error checking depending on use). Andrew Bartlett
* Many thanks to Alexander Bokovoy <a.bokovoy@sam-solutions.net>.Andrew Bartlett2002-01-121-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This work was sponsored by Optifacio Software Services, Inc. Andrew Bartlett (various e-mails announcements merged into some form of commit message below:) This patch which adds basics of universal groups support into Samba 3. Currently, only Winbind with RPC calls supports this, ADS support requires additional (possibly huge) work on KRB5 PAC. However, basic infrastructure is here. This patch adds: 1. Storing of universal groups for particular user logged into Samba software (smbd/ two winbind-pam methods) into netlogon_unigrp.tdb as array of uint32 supplemental group rids keyed as DOMAIN_SID/USER_RID in tdb. 2. Fetching of unversal groups for given user rid and domain sid from netlogon_unigrp.tdb. Since this is used in both smbd and winbindd, main code is in source/lib/netlogon_uingrp.c. Dependencies are added to AUTH_OBJ as UNIGRP_OBJ and WINBINDD_OBJ as UNIGRP_OBJ. This patch has had a few versions, the final version in particular: Many thanks to Andrew Bartlett for critics and comments, and partly rewritten code. New: - updated fetching code to changed byte order macros - moved functions to proper namespace - optimized memory usage by reusing caller's memory context - enhanced code to more follow Samba coding rules Todo: - proper universal group expiration after timeout
* Always query the PDC for the list of trusted domains rather than interatingTim Potter2002-01-111-3/+3
| | | | | | | | | | | | | | | | | the list received at startup or we get an out of date list. I thought there might be some sequence number that is incremented when a trusted domain is added or removed - perhaps there is but I just haven't found it yet. - Renamed get_domain_info() to init_domain_list() - Made an accessor function to return the list of trusted domains rather than using a global so we don't have to remember to put a magic init function - The getent state can not keep a pointer to a winbind_domain structure as it may be freed if init_domain_list() is called again so we keep the domain name instead
* Since AB has been changing the winbind interface it's time to add the "mockTim Potter2002-01-101-16/+11
| | | | | | | | | | | swedish" test to client calls. This is putting a length field at the start of a request so we can disconnect clients talking with an out of date libnss_winbind.so rather than deadlock them. Misc cleanups: - made some int values uint32 - moved WINBIND_INTERFACE_VERSION to start of cmd list
* Return the winbind separator over the socket, so programs don't have to parseAndrew Bartlett2002-01-101-0/+2
| | | | | | | | | | | | | | | | smb.conf to get it right. While wb_client needs its lp_load() for samba dependency reasons, it now uses the new method both to example and test the new code. Also add an interface version function, and return the winbind's samba version string. In preperation for default domains, its now up to winbindd to reject plaintext auths that don't have a seperator, but NTLM (CRAP) auths now have two feilds, hence need parsing. Andrew Bartlett
* This changes the winbind protcol a bit:Andrew Bartlett2002-01-101-0/+1
| | | | | | | | | | | | | | It adds a 'ping' request, just to check winbind is in fact alive It also changes winbindd_pam_auth_crap to take usernames and domain seperatly. (backward incompatible change, needs merge to 2.2, but this is not yet released code, so no workarounds) Finally, it adds some debugs and fixes a few memory leaks (uses talloc to do it). Andrew Bartlett
* A big tidyup while thinking about getting trusted domains being re-readTim Potter2002-01-101-13/+14
| | | | | | | | | | | | | | | | | | when they are added or removed on the PDC. - renamed GETPWNAM_FROM_{UID,USER} constants and functions to GETPW{NAM,UID} - renamed GETGRNAM_FROM_{GID,GROUP} constants and functions to GETGR{NAM,GID} - use SIGUSR2 in winbindd for debugging/logging instead of SIGUSR1 in preparation for moving to smbcontrol type messages (not sure whether to ditch this altogether or not) - tidy debugging messages in top level winbind user and group routines - convert talloc_init() to talloc_init_named() - make enumerations of the domain list use the same local variable names
* When running interactive we want to set our own process group forJeremy Allison2001-12-301-0/+9
| | | | | signal management. Jeremy.
* Append to log.winbindd instead of overwriting it so we are consistent withTim Potter2001-12-211-0/+7
| | | | smbd/nmbd behaviour.
* Removed global debugf. Replaced with lp_set_logfile(name).Jeremy Allison2001-12-201-5/+13
| | | | | Fixed winbindd to finally stop leaving log. file droppings :-). Jeremy.
* Setup global_myworkgroup. Needed for secrets fetch code.Jeremy Allison2001-12-201-8/+11
| | | | Jeremy.
* completely new winbindd cache infrastructureAndrew Tridgell2001-12-091-11/+10
| | | | | | | | | | | | | | | | | | | this one looks like just another winbind backend, and has the following properties: - does -ve and +ve cacheing of all queries - can be disabled with -n switch to winbindd - stores all records packed, so even huge domains are not a problem for a complete cache - handles the server being down - uses sequence numbers for all entries This fixes a lot of problems with winbindd. Serving from cache is now *very* fast.
* Fixed delete on close bug. Added core dump code to winbindd.Jeremy Allison2001-11-231-1/+58
| | | | Jeremy.
* Removed TimeInit() call from every client program (except for one placeTim Potter2001-11-231-2/+0
| | | | | in smbd/process.c where the timezone is reinitialised. Was replaced with check for a static is_initialised boolean.
* W2K doesn't seem to respond to *#0 names in node status. Ensure nameJeremy Allison2001-11-211-2/+4
| | | | | lookup uses password server parameter when looking for PDCs. Jeremy.
* Store some path names in global variables initialized to configureMartin Pool2001-11-191-7/+5
| | | | default, rather than in preprocessor macros.
* Tidyup formatting a bit (spaces->tabs) whilst reading new code to understandJeremy Allison2001-11-151-6/+4
| | | | | connection caching. Getting ready for back-merge to 2.2.3. Jeremy.
* Jeremy, I'm not sure what you were trying to do with the process activityTim Potter2001-11-151-3/+1
| | | | loop in winbindd but it didn't work.
* Bit of a cleanup of signal handling code.Tim Potter2001-11-151-8/+14
| | | | | | Ignore the SIGUSR1 signal before we install a handler for it as glibc (?) seems to just print out "User defined signal 1" and exit if no handler is installed.
* Make signal handling safer (handle EINTR on read/write/accept), don'tJeremy Allison2001-11-141-38/+52
| | | | | call slprintf within a signal handler. Jeremy.
* Got ready to implement Martin's idea, but request doesn't have a lengthJeremy Allison2001-11-141-5/+19
| | | | | field.... well, now at least the code is there when it does :-). Jeremy.
* Random connection robustness related fixes. Display some debugs aboutTim Potter2001-11-141-6/+7
| | | | | | | the currently open connections when winbindd receives a USR1 signal. Hmm - I've just realised this will conflict with the messaging code but we don't use that yet.
* #ifdef'd out suggestion for tim on making the winbindd protocol moreMartin Pool2001-11-141-1/+13
| | | | robust.
* Added needed debugs...Jeremy Allison2001-11-141-25/+39
| | | | Jeremy.
* Got the rest of the group functions working. Did some reformatting (manTim Potter2001-10-101-9/+0
| | | | | | | | | | | | | | | what was I thinking with those 4 character tabs?) We now pass our winbindd test suite again! Still to do: - talloc_ctx on a per winbindd request basis not per connection - clean up old crap we don't use any more - test against multiple BDCs (I know this isn't going to work - group/user handles have to be made against the same DC the domain and basic handles are. - implement network and dc failure recovery
* Implemented sam group handle stuff. getent group now works.Tim Potter2001-10-091-3/+8
|
* More work on winbindd connection rewrite:Tim Potter2001-10-081-2/+8
| | | | | | | | | - implemented some of the sam related connection manager routines - fill in group id and gecos fields for getpwnam/getpwuid routines - convert querydispinfo to cm - getent passwd now works Now for the group related routines...
* This is the start of a bit of a rewrite of winbindd's connection handling.Tim Potter2001-10-051-118/+102
| | | | | | | | | | | I've wrapped up all the decisions about managing, making and closing connections into a connection manager in nsswitch/winbindd_cm.c. It's rather incomplete at the moment - only querying basic user info works at the moment (i.e finger -m DOMAIN/user) and everything else is broken. Jeremy, please take a look and I'll start moving across the rest of winbindd to this new system.
generated by cgit (git 2.34.1) at 2025-09-25 17:44:00 +0000