summaryrefslogtreecommitdiffstats
path: root/source3/winbindd
Commit message (Collapse)AuthorAgeFilesLines
...
* idmap_autorid: rename TALLOC_CTX argument of idmap_autorid_loadconfig() to ↵Michael Adam2013-10-011-3/+3
| | | | | | | mem_ctx Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: refactor idmap_autorid_loadconfig to use ↵Michael Adam2013-10-011-6/+3
| | | | | | | | | | idmap_config_getconfigstr Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid_tdb: add idmap_autorid_getconfigstr()Michael Adam2013-10-011-0/+54
| | | | | | | | Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: extract common code to separate fileAtul Kulkarni2013-10-013-278/+282
| | | | | | | | | | This is in preparation of adding "net idmap autorid" functionality. Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: remove the ignore_builtin bool from the global_config structMichael Adam2013-10-011-4/+5
| | | | | | | | | | | The ignore_builtin flag is used only to change the bahaviour of the daemon code, not in the database. Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add path, and db parameters to idmap_autorid_db_init()Atul Kulkarni2013-10-011-12/+14
| | | | | | | | | | In preparation of calling this from net for different dbs. Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add a db_context argument to idmap_autorid_init_hwm()Michael Adam2013-10-011-7/+7
| | | | | | | | Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add a db_context argument to idmap_autorid_saveconfig()Michael Adam2013-10-011-4/+4
| | | | | | | | Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add a db_context argument to idmap_autorid_loadconfig()Michael Adam2013-10-011-3/+4
| | | | | | | | Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* idmap_autorid: add a db_context argument to idmap_autorid_get_domainrange()Michael Adam2013-10-011-5/+7
| | | | | | | | Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* build: fix spacing in definition of "idmap_ldap" moduleMichael Adam2013-09-231-1/+1
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* build: fix spacing in the definition of the "idmap_autorid" targetMichael Adam2013-09-231-1/+1
| | | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Sep 23 10:11:51 CEST 2013 on sn-devel-104
* build: remove vars=locals() from the nss_info library: there is no need for thisMichael Adam2013-09-231-1/+0
| | | | | | | Might have been a copy'n'paste. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* build: remove vars=locals() from the IDMAP_HASH subsystem: there is no need ↵Michael Adam2013-09-231-2/+1
| | | | | | | | | for this Might have been a copy'n'paste. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* build: clean the idmap sybsystems/modules definitionsMichael Adam2013-09-231-33/+13
| | | | | | | Directly list the sources in the definitions of subsystems/modules/libraries Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* build: remove vars=locals() from the IDMAP_AD subsystem: there is no need ↵Michael Adam2013-09-231-1/+0
| | | | | | | | | for this Might have been a copy'n'paste. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* build: reorganize idmap_rw and idmap_tdb int subsystems with proper dependenciesMichael Adam2013-09-231-7/+13
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-winbind: Add support for the kernel krb5 keyring buffer.Andreas Schneider2013-09-101-0/+4
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3-winbind: Don't set a default directory for DIR.Andreas Schneider2013-09-101-4/+0
| | | | | | | | There is not default so you should always have to specify a directory in the config file. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* lib: Use "mem_ctx" arg in gencache_getVolker Lendecke2013-09-051-1/+2
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 5 20:09:21 CEST 2013 on sn-devel-104
* Add a talloc context to sitename_fetch().Jeremy Allison2013-09-051-4/+4
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* Add a talloc context to saf_fetch().Jeremy Allison2013-09-052-7/+9
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* lib: Add a "mem_ctx" arg to gencache_get (unused so far)Volker Lendecke2013-09-051-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:winbind: fail ads_cached_connection_connect() if realm == NULLMichael Adam2013-08-291-0/+4
| | | | | | | | | | This prevents segfaults when e.g. a previous SMB_STRDUP failed.. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Thu Aug 29 18:54:28 CEST 2013 on sn-devel-104
* s3-winbindd: remove unneded include of secrets.h from idmap_ad.cGünther Deschner2013-08-291-1/+0
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3-winbindd: use get_trust_pw_clear() wrapper for AD connection code.Günther Deschner2013-08-291-7/+4
| | | | | | | | | This avoids calling secrets functions directly. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3-winbindd: make sure also the idmap code can deal with trusted domains.Günther Deschner2013-08-291-9/+31
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3-winbindd: use find_domain_from_name() instead of ↵Günther Deschner2013-08-291-2/+2
| | | | | | | | | | | | find_domain_from_name_no_init(). Otherwise there is a good chance the domain has not been connected and we don't know the realm name yet. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3-winbindd: Fix winbind on DC crash with trusted AD domains.Günther Deschner2013-08-291-1/+1
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3-winbindd: Fix memory leak in ads_cached_connection().Günther Deschner2013-08-291-1/+1
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3-winbindd: remove pointless variable assigment, see the strdup below.Günther Deschner2013-08-291-1/+0
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:winbindd: make use of lp_cli_{min,max}protocol()Stefan Metzmacher2013-08-151-2/+3
| | | | | | | | | This changes winbindd back to use NT1 as defeault. https://bugzilla.samba.org/show_bug.cgi?id=9514 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Followup patch for BUG: https://bugzilla.samba.org/show_bug.cgi?id=10082Andreas Schneider2013-08-151-1/+1
| | | | | | | | | | | Thanks to Jim Brown <jim.brown@rsmas.miami.edu> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Aug 15 03:46:20 CEST 2013 on sn-devel-104
* winbind3: Fix an invalid freeVolker Lendecke2013-08-141-1/+1
| | | | | | | | | | | | This fixes a warning I've never seen before :-) ../source3/winbindd/winbindd_cm.c:781:59: warning: attempt to free a non-heap object ‘machine_krb5_principal’ [-Wfree-nonheap-object] Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Aug 14 14:04:16 CEST 2013 on sn-devel-104
* s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat().Günther Deschner2013-08-131-2/+7
| | | | | | | | | | | | | | | | | | Fallback to lsa named-pipe connection when tcp connection has failed twice (it could be a trusted domain connection where we cannot setup a secure channel). Guenther BUG: https://bugzilla.samba.org/show_bug.cgi?id=9615 BUG: https://bugzilla.samba.org/show_bug.cgi?id=9899 Signed-off-by: Günther Deschner <gd@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Tested-by: Christof Schmitt <christof.schmitt@us.ibm.com> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Aug 13 20:55:33 CEST 2013 on sn-devel-104
* s3-winbind: Fix a segfault passing NULL to a fstring argument.Andreas Schneider2013-08-131-2/+11
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10082 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Aug 13 13:58:26 CEST 2013 on sn-devel-104
* s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth().Günther Deschner2013-08-051-5/+5
| | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-rpc_cli: pass down ndr_interface_table to ↵Günther Deschner2013-08-051-4/+4
| | | | | | | | | | cli_rpc_pipe_open_schannel_with_key(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:winbind: add a warning DEBUG message when skipping a sid from the mapped ↵Michael Adam2013-07-291-0/+18
| | | | | | | | | | | | | | GID list This presents a potential security problem when ACLs contain DENY ACEs. Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Jul 29 14:42:27 CEST 2013 on sn-devel-104
* s3:winbind: change getgroups to only do one sids2xids call instead of manyMichael Adam2013-07-291-26/+42
| | | | | | | Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:winbind: fix the getgroups implementation to include the user sid's GID ↵Michael Adam2013-07-291-3/+5
| | | | | | | | | | | in case of ID_TYPE_BOTH This is important for acl checks on the unix level where only a group ace has been added to the ACL for the user sid, e.g. when accessing Files with nfs or local unix processes. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:winbind: fix gid counting and error handling in the getgroups implementationMichael Adam2013-07-291-6/+10
| | | | | | | Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: support the DIR pragma for raw kerberos user pam authentication.Günther Deschner2013-07-231-0/+23
| | | | | | | | | | | | It is currently only available in MIT. In addition, allow to define custom filepaths for FILE, WRFILE and DIR pragmas and substitute one occurence of the %u pattern. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Pair-Programmed-With: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:idmap_autorid: Add a NULL check in idmap_autorid_preallocate_wellknownVolker Lendecke2013-07-081-0/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
* s3:idmap_autorid: Don't zero in idmap_autorid_preallocate_wellknownVolker Lendecke2013-07-081-1/+1
| | | | | | | We initialize everything later anyway Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
* s3:idmap_autorid: Use ARRAY_SIZE where appropriateVolker Lendecke2013-07-081-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christian Ambach <ambi@samba.org>
* s3-winbind: Do not delete an existing valid credential cache.Andreas Schneider2013-07-151-0/+8
| | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9994 Thanks to David Woodhouse <dwmw2@infradead.org>. Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Jul 15 12:48:46 CEST 2013 on sn-devel-104
* s3-winbind: Allow sec_initial_uid() to store creds.Andreas Schneider2013-07-021-1/+1
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jul 2 23:26:24 CEST 2013 on sn-devel-104
* winbindd and nmbd don't set their umask to zero on startup like smbd does.Jeremy Allison2013-06-271-0/+6
| | | | | | | | | | | Fix this - we already control tightly what permissions are on the files we create. Ensure we don't get surprised. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Jun 27 02:02:24 CEST 2013 on sn-devel-104
* Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in ↵Jeremy Allison2013-06-201-1/+14
| | | | | | | | | | "EOF on stdin" Only install the stdin handler if it's a pipe or fifo. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2025-09-01 00:12:43 +0000