summaryrefslogtreecommitdiffstats
path: root/source3/winbindd
Commit message (Collapse)AuthorAgeFilesLines
...
* s3:winbindd fix a compiler warningChristian Ambach2013-12-121-2/+2
| | | | | | | about a potentially uninitialized variable Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:winbindd fix use of uninitialized variablesChristian Ambach2013-12-101-0/+13
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10280 Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: Fix DEBUG statement in winbind_msg_offline().Jan Brummer2013-12-091-1/+1
| | | | | | | | | | | | Guenther BUG: https://bugzilla.samba.org/show_bug.cgi?id=10285 Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Mon Dec 9 17:28:37 CET 2013 on sn-devel-104
* CVE-2013-4408:s3:Ensure LookupRids() replies arrays are range checked.Jeremy Allison2013-12-092-4/+16
| | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185 Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Mon Dec 9 09:00:41 CET 2013 on sn-devel-104
* CVE-2013-4408:s3:Ensure LookupNames replies arrays are range checked.Jeremy Allison2013-12-091-12/+2
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185 Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org>
* CVE-2013-4408:s3:Ensure LookupSids replies arrays are range checked.Jeremy Allison2013-12-092-0/+35
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185 Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org>
* s3-winbind: Pass the group name to fillup_pw_field().Andreas Schneider2013-11-221-30/+43
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=2191 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Nov 22 02:04:54 CET 2013 on sn-devel-104
* s3-lib: Add grpname to talloc_sub_specified().Andreas Schneider2013-11-211-2/+2
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=2191 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* winbind: Make centry_start staticChristof Schmitt2013-11-152-2/+2
| | | | | | | | | | centry_start is only used in winbindd_cache.c Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Christof Schmitt <cs@samba.org> Autobuild-Date(master): Fri Nov 15 18:05:41 CET 2013 on sn-devel-104
* s3-winbindd: Fix #10264, cache_traverse_validate_fn failure for NDR cache ↵Günther Deschner2013-11-131-1/+2
| | | | | | | | | | | | | | | | entries. We need to increase the keysize limit for NDR queries. A wbint_LookupSids query for just 20 sids already hits the older limit. Guenther https://bugzilla.samba.org/show_bug.cgi?id=10264 Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Wed Nov 13 19:33:46 CET 2013 on sn-devel-104
* idmap_autorid: fix failure in reverse lookup if ID is from domain range index #0Abhidnya Joshi2013-11-071-1/+1
| | | | | | | | | Domain range index #0 is not included in the database record. So in this special case we only have the SID, not SID#IDX... Signed-off-by: Abhidnya Joshi <achirmul@in.ibm.com> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* idmap_autorid: fix status code when trying to load range for an invalid inputMichael Adam2013-11-071-0/+6
| | | | | | | | | | | | | | The "sid" input needs to be verified (it can currently be a SID or "ALLOC"). When handing in string that is valid for other kinds of records, but not for the SID[#IDX]-->RANGE direction of mappings, like for instance a range number, then we get "NT_STATUS_INTERNAL_DB_CORRUPTION" because parse records finds the record, but it does not have the expected size... This patch fixes this problem by pre-validating the input before fetching the record from the database. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* idmap_autorid: add space between two words in a debug messageAtul Kulkarni2013-11-071-2/+2
| | | | | | Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* winbind3: Fix CID 241468 Resource leakVolker Lendecke2013-10-211-0/+1
| | | | | | | We were leaking centry in this error case Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* idmap_autorid: fix traversal of ranges to correctly exclude mapping records.Michael Adam2013-10-211-0/+8
| | | | | | | | | | | | | | | When listing all ranges with "net idmap get ranges", the database records of the form "S-1-5-10" --> "GID 100016" were treated here as rangee mapings, resulting in an faulty printout like this: "RANGE 541346119: S-1-5-10". This patch fixes this by adding a filter that checks the size of the value datablob. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Oct 21 19:48:40 CEST 2013 on sn-devel-104
* winbind3: Fix CID 1107229 Uninitialized pointer readVolker Lendecke2013-10-191-1/+2
| | | | | | | | | | The first "goto done" would TALLOC_FREE the uninitialized "value" Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Oct 19 03:43:04 CEST 2013 on sn-devel-104
* s3:winbindd: use cluster_probe_ok()Michael Adam2013-10-171-10/+3
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* smbd/winbindd: Do an early check if ctdbd is functionalVolker Lendecke2013-10-171-0/+12
| | | | | | | | | This will avoid panic calls when smbd and winbind is started in cluster mode before ctdb is functional. It still logs something sane at debug level 0, but it does not panic and core anymore. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:winbindd: don't hide the error in cm_connect_lsa()Stefan Metzmacher2013-10-171-1/+0
| | | | | | | | We should not overwrite the error with NT_STATUS_PIPE_NOT_AVAILABLE. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-winbindd: Remove undocumented winbindd:socket dir parameterAndrew Bartlett2013-10-152-8/+2
| | | | | | | | | | | | | | | | This uses the documeted "winbindd socket directory" parameter instead. This came about due to the merge of the two smb.conf tables in s3 and s4 for the Samba 4.0 release. The s4 code used a real parameter, which caused this to be documented, whereas no automatic procedure existed to notice the parametric option and the need to document that. The fact that this was not used consistently in both codebases is one of the many areas of technical debt we still need to pay off here. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-winbind: Send online/offline message of the domain to the parent.Andreas Schneider2013-10-111-0/+22
| | | | | | | | | | https://bugzilla.samba.org/show_bug.cgi?id=10194 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Fri Oct 11 13:37:56 CEST 2013 on sn-devel-104
* s3-winbind: Register handlers for domain online/offline messages.Andreas Schneider2013-10-112-0/+11
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10194 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3-winbind: Add functions for domain online/offline handling.Andreas Schneider2013-10-112-0/+50
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10194 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* Fix bug #10187 - Missing talloc_free can leak stackframe in error path.Jeremy Allison2013-10-091-2/+3
| | | | | | | | | | Fix error path. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Oct 9 03:50:56 CEST 2013 on sn-devel-104
* idmap_autorid: allow iterate functions to operate on all domain rangesMichael Adam2013-10-021-4/+2
| | | | | | | by allowing handed in domsid to be NULL Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add idmap_autorid_delete_domain_ranges()Michael Adam2013-10-021-0/+82
| | | | | | | | This uses the new idmap_autorid_iterate_domain_ranges() function. Based on earlier patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add idmap_autorid_iterate_domain_ranges[_read]()Michael Adam2013-10-021-0/+185
| | | | | | | | | | Functions to perform an action on all domain range mappings for a given domain, specified by the domain sid. Inspired by a previous patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add idmap_autorid_delete_range_by_num()Michael Adam2013-10-021-0/+119
| | | | | | | query and delete a mapping specified by the range number. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add idmap_autorid_delete_range_by_sid()Michael Adam2013-10-021-0/+119
| | | | | | | Delete a range mapping as specified by domain SID and range index. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add idmap_autorid_build_keystr_talloc()Michael Adam2013-10-021-0/+17
| | | | | | | talloc version of idmap_autorid_build_keystr() Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: extend idmap_autorid_addrange to allow to set mappings below ↵Michael Adam2013-10-021-21/+40
| | | | | | | the HWM Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: improve clarity of idmap_autorid_addrange_action() by adding ↵Michael Adam2013-10-021-7/+8
| | | | | | | mem_ctx. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add idmap_autorid_saveconfigstr()Michael Adam2013-10-021-0/+16
| | | | | | | | | | Store a configuration as provided by a config string after parsing and validating the string. Based on similar patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: Don't use db as a temporary talloc context.Michael Adam2013-10-021-1/+1
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: improve two debug messages by printing NT error codesMichael Adam2013-10-021-3/+3
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: fix a debug message in idmap_autorid_addrange()Michael Adam2013-10-021-2/+2
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: for clarity, add a wrapper idmap_autorid_acquire_range() to ↵Michael Adam2013-10-021-1/+7
| | | | | | | | | | | | idmap_autorid_addrange() This one calls into the HWM bumping acquire code path. Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add new function idmap_autorid_setrange()Michael Adam2013-10-021-0/+17
| | | | | | | | | | | | This allows to directly set a range for a domsid#index pair. It fails if a stored range is found which is different from the requested one. Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: factor out domain range adding code into a separate functionMichael Adam2013-10-021-23/+117
| | | | | | | | | | | | | This also adds a new mode to the new idmap_autorid_addrange() function that allows to set a provided range if the range is available, instead of the original only mode of automatically allocating a new range by incrementing the HWM counter. Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add idmap_autorid_getrange()Michael Adam2013-10-021-0/+31
| | | | | | | Wrapper to idmap_autorid_getrange_int(). Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: improve a debug message in idmap_autorid_getrange_int()Michael Adam2013-10-021-1/+2
| | | | | | | Add output of status code. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: factor out domain range fetching part from ↵Atul Kulkarni2013-10-021-20/+38
| | | | | | | | | | | | idmap_autorid_get_domainrange() Fatored out read-only function idmap_autorid_getrange() will be used elsewhere. Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: Use fstr_sprintf in idmap_autorid_build_keystr()Volker Lendecke2013-10-021-2/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* idmap_autorid: factor building of the keystr into a functionMichael Adam2013-10-021-12/+20
| | | | | | | | | | to avoid code duplication. Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: remove fstring keystr from autorid_range_configAtul Kulkarni2013-10-021-7/+16
| | | | | | | | | This is just used to change the behaviour of the function. Making it more suitable to be used at other places. Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: remove autorid_global_config member from autorid_range_configAtul Kulkarni2013-10-022-14/+17
| | | | | | | | | | | | global config is not part of range config. By removing this, autorid_range_config becomes more suitable for using it elsewhere. Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: improve idmap_autorid_saveconfig() by adding a talloc stackframeMichael Adam2013-10-021-9/+8
| | | | | | | | Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: move the checks from idmap_autorid_initialize to ↵Atul Kulkarni2013-10-022-56/+61
| | | | | | | | | | idmap_autorid_saveconfig() Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: change idmap_autorid_loadconfig() to return NTSTATUSMichael Adam2013-10-012-8/+21
| | | | | | | | | | for better error propagation. Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: refactor idmap_autorid_parse_configstr() out of ↵Michael Adam2013-10-011-11/+25
| | | | | | | | | | | | idmap_autorid_loadconfig() This will be used for other purposes as well. Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
generated by cgit (git 2.34.1) at 2025-08-31 01:21:46 +0000