1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

1315 Commits

Author SHA1 Message Date
Jeremy Allison
1c6de687f1 r20060: Fix the timout calculation.
Jeremy.
(This used to be commit 017be792f3)
2007-10-10 12:16:23 -05:00
Jeremy Allison
b59412e6bf r20058: Ensure we actually do the increasing time
calculation when in offline mode.
Jeremy.
(This used to be commit b7dc67ab2a)
2007-10-10 12:16:23 -05:00
Jeremy Allison
155083547a r20057: Attempt to fix connect timeouts when connected on
a network but not one on which any home DC's can
be found (hotel network problem). Still testing
but this is getting close.
Jeremy.
(This used to be commit 369c9e4138)
2007-10-10 12:16:23 -05:00
Jeremy Allison
490e3205bc r20035: Fix obvious horrible bug in falling back to MS-RPC
methods.
Jeremy.
(This used to be commit 7ac4ae4b51)
2007-10-10 12:16:21 -05:00
Jeremy Allison
4c98afb2de r19975: Deal with 2 keytypes I messed previously (DR/DE).
Fix code that mistakenly assumed tdb_traverse
returned 0 or -1, it actually returns -1 or the
number of entries traversed. Add a static as another
way to return the bad cache value.
Jeremy.
(This used to be commit 5266a70ae9)
2007-10-10 12:16:16 -05:00
Jeremy Allison
913222d76a r19974: Add freelist check for cache. Fix testing of entry
names (all except SEQNUM are *not* null terminated
strings).
Jeremy.
(This used to be commit bcb68260ba)
2007-10-10 12:16:16 -05:00
Jeremy Allison
2941b044b3 r19958: Add check for WINBIND_OFFLINE key.
Jeremy.
(This used to be commit 270e84db6d)
2007-10-10 12:16:15 -05:00
Jeremy Allison
ed34ffb147 r19957: Initial framework to make winbindd robust
against tdb corruption. Needs fleshing out
(and I forgot one record type) and needs helpful
suggestion from Volker to validate freelist,
but should give an idea of how this will look.
Jeremy.
(This used to be commit 8eb53f74e4)
2007-10-10 12:16:15 -05:00
Gerald Carter
95bfb97547 r19809: remove winbind blacklist parameter
(This used to be commit 40cff14498)
2007-10-10 12:15:57 -05:00
Gerald Carter
8fa0a80b49 r19754: * When using a krb5 session setup, we don't fill in the server_name
string the clis_state struct.  So call saf_store() after we
  have the short domain name in the lsa_query_inof_policy code.

* Remove unused server string in saf_delete()
(This used to be commit 3eddae2f20)
2007-10-10 12:15:53 -05:00
Jeremy Allison
8f723972ae r19710: Fix memory leak in get_conf_item_string(). As
we're just doing strchr on a const string there's
no need to strdup it before, we're never modifying
it. Just remove the variable "parm".
Jeremy.
(This used to be commit 1af18f613b)
2007-10-10 12:15:48 -05:00
Simo Sorce
b903eb231a r19703: Don't free a string if you want to return it!
(This used to be commit 3fed72ac3e)
2007-10-10 12:15:48 -05:00
Volker Lendecke
782d33e1c8 r19686: Fix the build
(This used to be commit 28ac023581)
2007-10-10 12:15:46 -05:00
Volker Lendecke
5f3a692748 r19667: Fix incorrect null check
(This used to be commit dc9cdf37e9)
2007-10-10 12:15:46 -05:00
Volker Lendecke
bf6bb74985 r19657: Correctly check for malloc failure
(This used to be commit e5b5c9b058)
2007-10-10 12:15:45 -05:00
Volker Lendecke
8371c0e44c r19656: Correctly check for malloc failure
(This used to be commit 3d0661b039)
2007-10-10 12:15:45 -05:00
Günther Deschner
61a38bd4b8 r19651: Fix interesting bug with the automatic site coverage in Active Directory:
When having DC-less sites, AD assigns DCs from other sites to that site
that does not have it's own DC. The most reliable way for us to identify
the nearest DC - in that and all other cases - is the closest_dc flag in
the CLDAP reply.

Guenther
(This used to be commit ff004f7284)
2007-10-10 12:15:44 -05:00
James Peach
9a02736348 r19626: Coalesce usage of DUMP_CORE. Fix formatting on chdir error message
in core dump path.
(This used to be commit 9a51fba71c)
2007-10-10 12:15:42 -05:00
Gerald Carter
80d40172ef r19420: Remove strequal and use strcmp() instead. Meant to
make the change before theprevious commit.
(This used to be commit 815388c4c8)
2007-10-10 12:15:34 -05:00
Gerald Carter
2145eff91d r19419: BUG 4109: Patch from Timur Bakeyev. Fix bug causing smbd to turn off
winbindd and fail to disable the _NO_WINBIND environment.
(This used to be commit a6366b40b3)
2007-10-10 12:15:34 -05:00
Jeremy Allison
e070996cc3 r19413: Now we're calling init_dc_connection, this code
is completely useless (and in fact harmful :-) in
that it causes a winbindd error where there should
be none.
Jeremy.
(This used to be commit acf5419d62)
2007-10-10 12:15:33 -05:00
Jeremy Allison
d273a2ef1d r19399: Now Guenther discovered one crash dereferencing domain->backends,
get paranoid. I don't think this can really happen, but let's be
sure.
Jeremy.
(This used to be commit be4709984b)
2007-10-10 12:15:33 -05:00
Günther Deschner
5afaa37662 r19394: When we fail to get the list of trusted domains, make sure to return
WINBINDD_ERROR.

Guenther
(This used to be commit 6089b3007b)
2007-10-10 12:15:32 -05:00
Günther Deschner
edba79e500 r19391: Fix crash bug within the winbind caching method.
That one was hard to find: when coming from offline mode and switching
to online, a refresh sequence number call (using the default MS-RPC
mechanism) may reset domain->backend to NULL (by the set_domain_online
event). We need to make sure to reidentify the remote domain in that
case.

Guenther
(This used to be commit 4d6503d137)
2007-10-10 12:15:32 -05:00
Günther Deschner
21344a731c r19371: Add two missing refresh_sequence_number calls where they are missing
just before writing to the winbind cache tdb.

Guenther
(This used to be commit bd8548998b)
2007-10-10 12:15:32 -05:00
Günther Deschner
b26b8f95e9 r19351: Also export the info3 profilepath via the PAM_WINBIND_PROFILEPATH data
field.

Guenther
(This used to be commit 66b92f27fa)
2007-10-10 12:15:30 -05:00
Günther Deschner
da6e42b47f r19349: Fix invalid free on the PAM_WINBIND_PWD_LAST_SET data.
Guenther
(This used to be commit a4d17ee9c9)
2007-10-10 12:15:30 -05:00
Günther Deschner
e42f449fcc r19348: Fix uninitialized dictionary handle, found by valgrind.
Guenther
(This used to be commit 9621bb420a)
2007-10-10 12:15:30 -05:00
Günther Deschner
258f7b50dc r19340: Wait longer then 10 seconds for a samr_query_groupmem lookup to succeed.
Guenther
(This used to be commit 37dd019e21)
2007-10-10 12:15:29 -05:00
Jeremy Allison
25cba8669d r19302: Use TALLOC_ZERO_P not TALLOC_P to ensure unused
fields are initialized to zero.
Jeremy.
(This used to be commit 8a0ff70e8e)
2007-10-10 12:15:29 -05:00
Jeremy Allison
76022f73d6 r19301: Correct debug statement.
(This used to be commit 3ea8399bc9)
2007-10-10 12:15:29 -05:00
Jeremy Allison
4a942c592a r19300: Fix null deref in debug statement.
Jeremy.
(This used to be commit c55b9111f6)
2007-10-10 12:15:29 -05:00
Volker Lendecke
7d2aa0d3f1 r19287: As requested by Bjoern Jacke <bjoern@j3e.de>: Check in the NetBSD winbind module by Luke
Mewburn.

Volker
(This used to be commit 104f5e9ec9)
2007-10-10 12:15:28 -05:00
Jeremy Allison
94d565b36b r19272: Ensure we return 1 member in the optimized case.
(This used to be commit cc6cdabf19)
2007-10-10 12:15:28 -05:00
Jeremy Allison
25f0f624f8 r19271: Test the "hack" for "Domain Users" as agreed with
Jerry.
If "enum users" is set to false, and the group being looked
up is the Domain Users SID: S-1-5-domain-513, then for the
list of members check if the querying user is in that group,
and if so only return that user as the gr_mem array.
We can change this to a different parameter than "enum users"
if neccessaey, or parameterize the group list we do this for.
Jeremy.
(This used to be commit 91b40e25cc)
2007-10-10 12:15:27 -05:00
Günther Deschner
7399ab779d r19255: Add blacklist of accounts when NSS initgroups calls are coming in and
"winbind use default domain" is set. Defaults to "root, nobody, lp"
currently.

Guenther
(This used to be commit b5b42196a6)
2007-10-10 12:15:26 -05:00
Günther Deschner
96869053a5 r19254: Make sure to also wait 35 seconds to receive a Netlogon GETDC reply
here in winbindd_getdcname().

Guenther
(This used to be commit 58a181edc5)
2007-10-10 12:15:26 -05:00
Jeremy Allison
ee0ec18101 r19230: Doh ! Fix obvious crash bug.....
(This used to be commit e656027049)
2007-10-10 12:15:23 -05:00
Jeremy Allison
ed088e5ee0 r19212: Make sure domains marked internal don't do
network queries.
Jeremy.
(This used to be commit e4d5e1d90b)
2007-10-10 12:15:22 -05:00
Jeremy Allison
fe3fc9c8d5 r19209: Ensure we don't make mistakes by sending online/offline
messages to internal domains, or to domains not being
serviced by a winbindd child. Ensure the child online
offline requests are domain specific.
Jeremy.
(This used to be commit 81a9dc4b9f)
2007-10-10 12:15:22 -05:00
Jeremy Allison
9421a0a9cd r19207: Properly canonicalize incoming names to the
NSS protocols auth, chauthtok, logoff, ccache_ntlm_auth.
That way we ensure winbindd only deals with fully
qualified names internally. The NSS protocols
auth_crap and chng_pswd_auth_crap should be fixed
to do the same thing.
Jeremy.
(This used to be commit dbd2454d33)
2007-10-10 12:15:21 -05:00
Günther Deschner
b405a39714 r19206: Jeremy, for some reason storing a value-less entry in TDB does not work
anymore in 3_0. I'm just adding a time(NULL) as value for the
WINBINDD_OFFLINE key.

Guenther
(This used to be commit 2bdf9f140f)
2007-10-10 12:15:21 -05:00
Jeremy Allison
00056ab431 r19159: The getdc call can take a long time. Allow for timeouts.
Jeremy.
(This used to be commit 99bebb6527)
2007-10-10 12:15:18 -05:00
Jeremy Allison
80b4e7ae7d r19155: Fix debug message.
Jeremy.
(This used to be commit 42e5481ce4)
2007-10-10 12:15:17 -05:00
Jeremy Allison
10ada62bed r19148: Finish last nights patch - make offline
work again. Still under test.
Jeremy.
(This used to be commit 40a455db78)
2007-10-10 12:15:16 -05:00
Günther Deschner
adc299bd08 r19143: getdcname on the NETLOGON pipe returns WERROR, not NTSTATUS.
Guenther
(This used to be commit 44e228ac79)
2007-10-10 12:15:16 -05:00
Jeremy Allison
4be3f7665c r19105: Ok - this is currently untested (but I'm testing it at
the moment) but winbindd isn't run in the build farm
so hopefully won't break anything too badly - I don't
want to lose this.

If winbindd starts offline then it falls back to using
MS-RPC backend. On going online it needs to reset the
backend and try and go to using the AD backend code if
possible, as the MS-RPC sequence number fetch just returns
1 as the sequence number if run against an AD DC.

In addition, the winbindd async child may end up
with the AD backend whilst the main winbindd - which
still contacts the DC for some non-async calls, is
left using MS-RPC. This can cause some trouble (as
you can imagine :-).

Attempt to ensure both main winbindd and async children
us AD backends on going online.

Jeremy.
(This used to be commit 5efd4b04b8)
2007-10-10 12:15:13 -05:00
Jeremy Allison
05109131b0 r19103: From "Björn JACKE <bjoern@j3e.DE>":
The attached patch cleans up pam_winbind a tiny bit. Instead of making
exceptions for all pam implementations except for Linux' it's better
to make an exception for the only pam implementation which is
different from all the others. This is equivalent to what pam_smb_auth
does already.
-----------------
Jeremy
(This used to be commit 8e55964708)
2007-10-10 12:15:13 -05:00
Volker Lendecke
7bce558fec r19066: Fix a memleak
(This used to be commit c53e2e5475)
2007-10-10 12:15:07 -05:00
Volker Lendecke
9989649fb4 r19065: No functional change, just a trivial simplification
(This used to be commit 45628f71cf)
2007-10-10 12:15:07 -05:00