summaryrefslogtreecommitdiffstats
path: root/source/passdb/secrets.c
Commit message (Collapse)AuthorAgeFilesLines
* Don't bail if we have a badly formed record, just move on to the next one.Andrew Bartlett2003-04-061-1/+1
|
* Fix invalid SAFE_FREE() of talloc()ed memory.Andrew Bartlett2003-03-171-3/+0
| | | | Andrew Bartlett
* Fresh meat in trusted domains code:Rafal Szczesniak2003-03-141-30/+47
| | | | | | | | | | | | | | | - packing/unpacking utility functions for trusted domain password struct; can be used to prepare buffer to store in secrets.tdb or (soon) passdb backend - similiar functions for DOM_SID - respectively modified secrets_(fetch|store) routines - new auth mapping code utilising introduced is_trusted_domain function - added tdb (un)packing of single bytes Rafal
* This patch attemptes to clean up winbindd's mutex locking.Andrew Bartlett2003-03-111-23/+7
| | | | | | | | | | | | | | | | | | | | | | | | | The current locking scheme in winbind is a complete mess - indeed, the next step should be to push the locking into cli_full_connection(), but I'll leave it for now. This patch works on the noted behaviour that 2 parts of the connection process need protection - and independent protection. Tim Potter did some work on this a little while back, verifying the second case. The two cases are: - between connect() and first session setup - during the auth2 phase of the netlogon pipe setup. I've removed the counter on the lock, as I fail to see what it gains us. This patch also adds 'anonymous fallback' to our winbindd -> DC connection. If the authenticated connection fails (wbinfo -A specifed) - say that account isn't trusted by a trusted DC - then we try an anonymous. Both tpot and mbp like the patch. Andrew Bartlett
* A couple more signed/unsigned issues.Andrew Bartlett2003-02-011-2/+2
|
* Fixed up mutex protection around winbindd logon code. Sync with APP-HEAD.Jeremy Allison2003-01-161-8/+24
| | | | Jeremy.
* Always initialise this variable - and don't set the 'must change now' if it wasAndrew Bartlett2003-01-131-0/+1
| | | | | | | | last changed at '0'. We need to actually change this password sometime... Andrew Bartlett
* BIG patch...Andrew Bartlett2003-01-021-1/+1
| | | | | | | | | | | | | | | | This patch makes Samba compile cleanly with -Wwrite-strings. - That is, all string literals are marked as 'const'. These strings are always read only, this just marks them as such for passing to other functions. What is most supprising is that I didn't need to change more than a few lines of code (all in 'net', which got a small cleanup of net.h and extern variables). The rest is just adding a lot of 'const'. As far as I can tell, I have not added any new warnings - apart from making all of tdbutil.c's function const (so they warn for adding that const string to struct). Andrew Bartlett
* merge of get_dc_name()-like code from APP_HEAD; better support password ↵Gerald Carter2002-12-121-0/+30
| | | | server = DC1 *
* Merge of scalable printing code fix... Needs testing.Jeremy Allison2002-11-071-6/+9
| | | | | | | Also tidied up some of Richard's code (I don't think he uses the compiler flags -g -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual like I do :-) :-). Jeremy.
* Add a timeout to tdb_lock_bystring(). Ensure we never have more thanJeremy Allison2002-10-041-49/+11
| | | | | MAX_PRINT_JOBS in a queue. Jeremy.
* Add const.Andrew Bartlett2002-09-281-1/+1
|
* Minor updates:Andrew Bartlett2002-09-271-4/+4
| | | | | | | | | | Add const to some more functions, and reintroduce 'net rpc join oldstyle' as *only* trying an old-style join. This means that we can rely on it not prompting for a password on the build farm. Andrew Bartlett
* We had a race condition when changing a machine acount password as weJeremy Allison2002-09-181-1/+21
| | | | | were no longer locking the secrets entry. I saw this on a live system. Jeremy.
* Never, *ever* hold a mutex lock in the message database where there mayJeremy Allison2002-09-171-0/+66
| | | | | | | be traversals being attempted. Yes, this was from bitter experience (and an out of control server :-). Also allow callers to break out of a tdb_chainlock with sigalarm if desired. Jeremy.
* more const cleanupsAndrew Tridgell2002-09-171-3/+3
|
* Update secrets_fetch_domain_guid to generate and store it if it doesn't exist.Jim McDonough2002-08-121-2/+11
| | | | Only does it for PDCs.
* fixed multi-line strings for portabilityAndrew Tridgell2002-07-311-2/+2
|
* Add LSA RPC 0x2E, lsa_query_info2. Only level implemented is 0x0c, whichJim McDonough2002-07-301-0/+32
| | | | | is netbios and dns domain info. Also add code to set/fetch the domain GUID from secrets.tdb (although set is not yet called by anyone).
* (another patch from mimir)Andrew Bartlett2002-07-261-2/+17
| | | | | | | | Add some debugging info to the secrets code. We might review what debug level that should be at, but it's fine for now. Andrew Bartlett
* More fixes towards warnings on the IRIX compilerAndrew Bartlett2002-07-201-1/+1
| | | | | | | | | | | | (and yes, some of these are real bugs) In particular, the samr code was doing an &foo of various types, to a function that assumed uint32. If time_t isn't 32 bits long, that broke. They are assignment compatible however, so use that and an intermediate variable. Andrew Bartlett
* Looks like abartlet got a bit overexcited about using const...Jim McDonough2002-05-231-1/+1
| | | | | | BOOL const secrets_init(...) Broke AIX build.
* Updates for sane storage of ldap root DN passwords (tested, with upgradeAndrew Bartlett2002-05-221-14/+18
| | | | | | | from 2.2 format) and LDAP rebind support (untested, I don't have a setup to match). Andrew Bartlett
* so here it is the code to introduce seriously debugggging classes.Simo Sorce2002-05-181-0/+3
| | | | | | | | | | | | | | | | | | this is a first step only passdb stuff has beein "classized". - so what can you do? set debug level to: 1 poasdb:10 that will make all the code run at debug level 1 except the code in passdb/* files that will run at level 10 TODO: fix the man page - also smbcontrol has this nice feature so smbcontrol smbd debug 3 passdb:5 will set every smbd to have a default log level of 3 while passdb stuff will be at level 5 and so no.. minor cosmetic fix to pdbedit is there too
* A few more trusted domains updates from mimir.Andrew Bartlett2002-05-171-13/+34
| | | | | | | I think we may still need to look at our server enumeration code, but other than that, its much better in the tree than out. Andrew Bartlett
* Partly based on the work by mimir (Rafal SzczesniakAndrew Bartlett2002-04-141-9/+127
| | | | | | | | | | | | | | <mimir@diament.ists.pwr.wroc.pl>) this patch allows samba to correctly enumerate its trusted domains - by exaimining the keys in the secrets.tdb file. This patch has been tested with both NT4 and rpcclient/wbinfo, and adds some extra functionality to talloc and rpc_parse to allow it to deal with already unicode strings. Finally, this cleans up some const warnings that were in net_rpc.c by pushing another dash of const into the rpc client code. Andrew Bartlett
* make sure we use consistent keys in secrets.tdb by uppercasing domainAndrew Tridgell2002-03-101-0/+4
| | | | names
* This patch merges my private LDAP tree into HEAD.Andrew Bartlett2002-03-021-28/+0
| | | | | | | | | | | | | | | | | | | | | The main change here is to move ldap into the new pluggable passdb subsystem and to take the LDAP location as a 'location' paramter on the 'passdb backend' line in the smb.conf. This is an LDAP URL, parsed by OpenLDAP where supported, and by hand where it isn't. It also adds the ldap user suffix and ldap machine suffix smb.conf options, so that machines added to the LDAP dir don't get mixed in with people. Non-unix account support is also added. This means that machines don't need to be in /etc/passwd or in nss_ldap's scope. This code has stood up well under my production environment, so it relitivly well tested. I'm commiting this now becouse others have shown interest in using it, and there is no point 'hording' the code :-). Andrew Bartlett
* Fix up the trusted domains secrets code so as to have a slight chance ofAndrew Bartlett2002-03-021-12/+10
| | | | working.
* The beginning of trusted and trusting domain support fromAndrew Bartlett2002-03-011-3/+89
| | | | | | | | Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett
* made the domain secret key in secrets.tdb domain specific. This allowsAndrew Tridgell2002-02-221-2/+14
| | | | | you to join a 2nd domain then leave the old domain rather than the other way around
* Removed version number from file header.Tim Potter2002-01-301-2/+1
| | | | Changed "SMB/Netbios" to "SMB/CIFS" in file header.
* Fixed up atomic update code.Jeremy Allison2002-01-091-1/+1
| | | | Jeremy.
* update the ldap support code. it compiles.Jean-François Micouleau2001-12-131-0/+41
| | | | | | | | Ignacio you can update your howto ;-) samsync: a small patch to try chaning challenges. J.F.
* Add a couple of extra debugs for the secrets.tdb stuffAndrew Bartlett2001-12-051-2/+8
|
* auto-init secrets.tdbAndrew Tridgell2001-12-051-0/+5
|
* This comment no longer applies.Andrew Bartlett2001-12-041-1/+0
|
* added "net join" commandAndrew Tridgell2001-11-241-3/+33
| | | | this completes the first stage of the smbd ADS support
* Tidyups when I was doing the big merge...Jeremy Allison2001-11-171-5/+10
| | | | Jeremy.
* move to SAFE_FREE()Simo Sorce2001-09-171-3/+3
|
* got rid of USE_TDB_MMAP_FLAG as its not needed any moreAndrew Tridgell2001-09-061-1/+1
|
* get rid of compiler warningsHerb Lewis2001-08-241-1/+1
|
* Added "use mmap" for HPUX.Jeremy Allison2001-07-301-1/+1
| | | | Jeremy.
* The big character set handling changeover!Andrew Tridgell2001-07-041-6/+1
| | | | | | | This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation.
* Changes to use new genrand code that got missed while I was in Japan.Jeremy Allison2001-06-061-0/+29
| | | | Jeremy.
* use LDSHFLAGS not -shared in several placesAndrew Tridgell2001-06-041-1/+1
|
* Got "medieval on our ass" about adding the -1 to slprintf.Jeremy Allison2001-04-081-3/+3
| | | | Jeremy.
* Merge of i18n fixes from appliance branch. Samba can now talk to a networkTim Potter2001-02-141-3/+10
| | | | | with a PDC that has international netbios name and domain name. There's still quite a bit of i18n stuff to fix though...
* Changes from APPLIANCE_HEAD:David O'Neill2001-01-111-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | testsuite/printing/psec.c - Use lock directory from smb.conf parameter when peeking at the ntdrivers.tdb file. source/rpc_parse/parse_sec.c - fix typo in debug message source/script/installbin.sh - create private directory as part of 'make install'. source/nsswitch/winbindd_cache.c source/nsswitch/winbindd_idmap.c source/passdb/secrets.c source/smbd/connection.c - always convert tdb key to unix code-page when generating. source/printing/nt_printing.c - always convert tdb key to unix code-page when generating. - don't prepend path to a filename that is NULL in add_a_printer_driver_3(). source/rpc_server/srv_spoolss_nt.c - always convert tdb key to unix code-page when generating. - don't prepend server name to a path/filename that is NULL in the fill_printer_driver_info functions. source/printing/printing.c - always convert tdb key to unix code-page when generating. - move access check for print_queue_purge() outside of job delete loop. source/smbd/unix_acls.c - fix for setting ACLs (this got missed earlier) source/lib/messages.c - trivial sync with appliance_head
* updates to the tdbsam implementation.Gerald Carter2000-12-061-1/+0
| | | | --jerry
generated by cgit (git 2.34.1) at 2025-09-25 11:08:20 +0000