sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code
60,926 Commits 60 Branches 1,145 Tags 452 MiB
6c299d28b5
Commit Graph

849 Commits

Author SHA1 Message Date
Günther Deschner
032e01e7c1 s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_spnego_ntlmssp and cli_rpc_pipe_open_ntlmssp. 
Guenther
 2009-09-11 09:59:04 +02:00
Günther Deschner
32c28e4f64 s3-winbindd: Fix Bug #6700: Use dns domain name when needing to guess server principal. 
Patch from Robert LeBlanc <robert@leblancnet.us>.

Thanks!

Guenther
 2009-09-09 02:29:58 +02:00
Volker Lendecke
04ea250aeb s3:winbind: Convert WINBINDD_SET_HWM to the new API 2009-09-07 01:28:32 +02:00
Volker Lendecke
4ad330d522 s3:winbind: Convert WINBINDD_REMOVE_MAPPING to the new API 2009-09-07 01:28:32 +02:00
Volker Lendecke
7159060450 s3:winbind: Convert WINBINDD_SET_MAPPING to the new API 2009-09-07 01:28:32 +02:00
Volker Lendecke
d9b7fd59b0 s3:winbind: Convert WINBINDD_CHECK_MACHACC to the new API 2009-09-07 01:28:32 +02:00
Volker Lendecke
0cfc2f19ef s3:winbind: Use fstr_sprintf, it is simpler than talloc_asprintf->fstrcpy 2009-09-05 17:14:45 +02:00
Volker Lendecke
c52fa95b95 s3:winbind: Remove pointless <cond> ? true : false; 2009-09-05 17:05:30 +02:00
Volker Lendecke
1abf692312 s3:winbind: Make the pam_auth subfunctions static 2009-09-05 17:00:21 +02:00
Volker Lendecke
5121499816 s3:winbind: Fix Coverity ID 933: FORWARD_NULL 2009-09-04 07:59:56 +02:00
Volker Lendecke
360436b656 s3:winbind: Fix Coverity ID 940: Resource Leak 2009-09-04 07:53:56 +02:00
Volker Lendecke
4179270198 s3:winbind: Fix bug 5626 
Apparently the AIX compiler can't deal with sizeless array declarations
 2009-08-30 11:13:18 +02:00
Volker Lendecke
0cae043b0c w3:winbind: Convert WINBINDD_ALLOCATE_GID to the new API 2009-08-30 09:48:28 +02:00
Volker Lendecke
9e7c6f12fd w3:winbind: Convert WINBINDD_ALLOCATE_UID to the new API 2009-08-30 09:48:28 +02:00
Volker Lendecke
2774a02f64 s3:winbind: Convert WINBINDD_LIST_GROUPS to the new API 2009-08-29 19:53:46 +02:00
Volker Lendecke
6b474c56a5 s3:winbind: Convert WINBINDD_LIST_USERS to the new API 2009-08-29 19:53:29 +02:00
Volker Lendecke
129562206a s3:winbind: add a fake NDR winbind cache validator 2009-08-29 19:42:27 +02:00
Volker Lendecke
e47491e83c s3:winbind: Convert the getgrent functions to the new API 2009-08-29 19:42:27 +02:00
Volker Lendecke
e71714830e s3:winbind: Add a comment about fill_grent_mem_domusers... 2009-08-29 19:42:27 +02:00
Volker Lendecke
9b5ad55de1 s3:winbind: Add some missing error checks 2009-08-29 19:42:27 +02:00
Volker Lendecke
8b9085472d s3:winbind: Fix a typo 2009-08-29 19:42:27 +02:00
Volker Lendecke
10e9df2975 s3:winbind: Add async wb_next_grent 2009-08-29 19:42:27 +02:00
Volker Lendecke
2555c12bce s3:winbind: Add async QueryGroupList 2009-08-29 19:42:27 +02:00
Volker Lendecke
50d9fb42fc w3:winbind: Convert WINBINDD_LOOKUPRIDS to the new API 2009-08-29 19:42:26 +02:00
Volker Lendecke
425239caee s3:winbind: Convert the GETDCNAME routines to the new API 2009-08-29 19:42:26 +02:00
Volker Lendecke
15312e7310 s3:winbind: Add async wb_dsgetdcname 2009-08-29 19:42:26 +02:00
Volker Lendecke
244bb7f163 s3:winbind: Convert winbindd_dsgetdcname to the new API 2009-08-29 19:42:26 +02:00
Volker Lendecke
7579f0fb17 s3:winbind: Add an async dsgetdcname call 2009-08-29 19:42:26 +02:00
Volker Lendecke
9c30a8dc6f s3:winbind: Convert the GETPWENT routines to the new API 2009-08-29 19:42:26 +02:00
Volker Lendecke
6e2bf7e234 s3:winbind: Add async next_pwent 2009-08-29 19:42:26 +02:00
Volker Lendecke
91588e6e8f s3:winbind: Add async fill_pwent 2009-08-29 19:42:26 +02:00
Volker Lendecke
c325ba89cf s3:winbind: Add async query_user_list 2009-08-29 19:42:26 +02:00
Volker Lendecke
9ef2c70963 s3:winbind: simplify wb_seqnums_done a bit 2009-08-29 19:42:26 +02:00
Volker Lendecke
ae6a6690d5 s3:winbind: Make wb_seqnums.c update the winbind cache seqnums 2009-08-29 19:42:25 +02:00
Volker Lendecke
99cf696150 s3:winbind: Fix a bug found by RPC-SAMR 
We need to enumerate passdb alias members

Thanks to gd for bugging me :-)
 2009-08-29 10:44:13 +02:00
Volker Lendecke
ccc18d4d5d s3:winbind: Fix a typo 2009-08-29 10:44:13 +02:00
Volker Lendecke
58feaa7947 s3:winbind: Rename wbint_GroupMembers to wbint_Principals 2009-08-29 10:44:13 +02:00
Volker Lendecke
ffd9d41be9 s3:winbind: Rename wbint_GroupMember to wbint_Principal 2009-08-29 10:44:12 +02:00
Volker Lendecke
1d8d3fd7c3 s3:winbind: Convert WINBINDD_GETUSERSIDS to the new API 2009-08-27 15:04:09 +02:00
Volker Lendecke
5a1240deac s3:winbind: Fix a typo 2009-08-27 15:04:09 +02:00
Volker Lendecke
c4a95f900a s3:winbind: Remove the manual caching for the async wb_ functions 
The generic NDR-based cache in winbindd_dual_ndr.c replaces this.
 2009-08-27 15:04:09 +02:00
Volker Lendecke
94948f7a40 s3:winbind: Some calls are not cacheable 2009-08-27 15:04:09 +02:00
Volker Lendecke
2f16bf5445 s3:winbind: Factor out wcache_store_seqnum() 2009-08-27 15:04:09 +02:00
Volker Lendecke
f3d71d3e8c s3:winbind: Add a generic cache for NDR based parent-child requests 2009-08-27 15:04:09 +02:00
Volker Lendecke
3532c8b9d8 s3:winbind: Factor out wcache_fetch_seqnum 2009-08-27 15:04:09 +02:00
Steven Danneman
5469866242 s3/winbindd: Remove unnecessary check for NULL SID 
There's a known bug in some Windows implementations of
DsEnumerateDomainTrusts() where domain SIDs are not returned for
transitively trusted domains within the same forest.

Jerry originally worked around this in the winbindd parent by checking
for S-0-0 and converting it to S-1-0 in 8b0fce0b.  Guenter later moved
these checks into the child process in commit 3bdfcbac making the
initial patch unecessary.

I've removed it and added a clarifying comment to the child process.

If ever this SID is needed we could add an extra DsEnumerateDomainTrusts()
call in trusted_domains() as suggested by the Microsoft KB.
 2009-08-26 16:34:09 -07:00
Volker Lendecke
d49ab9226f s3:winbind: Fix Coverity ID 942: Resource Leak 2009-08-26 18:20:06 +02:00
Volker Lendecke
fced9dfc1e s3:winbind: Fallback to the forest root for lookupname 
Thanks to Steven Danneman for watching me closely :-)
 2009-08-23 10:19:32 +02:00
Volker Lendecke
1603c608c9 s3:winbind: Even on a domain controller, "our" domain is internal 
It happens to be what we also share out via NETLOGON/SAMR, but winbind has
direct access to it via the passdb domain methods
 2009-08-23 10:19:32 +02:00
Volker Lendecke
a0bf0cb0fb s3:winbind: Do not drop the first user in sam_query_user_list 2009-08-23 10:19:32 +02:00
Volker Lendecke
963419be1b s3:winbind: For internal domains it is pointless to connect to a DC 2009-08-23 10:19:32 +02:00
Volker Lendecke
fc3d427af8 s3:winbind: winbindd_dual_ndrcmd should output what it's doing 2009-08-23 10:19:32 +02:00
Volker Lendecke
a09b9ed9e2 s3:winbind: Fix the talloc hierarchy in wb_queryuser_done 
We need to return state->userinfo beyond the end of wb_queryuser_recv, so the
unmarshalled strings are children of that, not the state that is lost sooner.

Metze, this scheme works fine as long as we only have a single malloc'ed
entity that is returned. I think we need a different scheme in the future
when we might have more than one independent object to be returned.
 2009-08-23 10:19:32 +02:00
Günther Deschner
77a0a6e9a1 s3-idmap: fix two uninitialized variable warnings in idmap_tdb2. 
Guenther
 2009-08-20 15:29:16 +02:00
Volker Lendecke
2c23e7dc5a s3:winbind: The get[gr|pw]end functions need access to the client state 2009-08-16 13:28:14 +02:00
Volker Lendecke
459233e630 s3:winbind: Convert WINBINDD_GETGRNAM to the new API 2009-08-16 12:39:08 +02:00
Volker Lendecke
a511a87519 s3:winbind: Convert WINBINDD_GETGRGID to the new API 2009-08-16 12:39:07 +02:00
Volker Lendecke
3f3f49d5e2 s3:winbind: Add winbindd_print_groupmem 
This converts a talloc_dict retrieved from wb_group_members to the string
that the pipe protocol expects
 2009-08-16 12:39:02 +02:00
Volker Lendecke
27dd290d3f s3:winbind: Make fill_grent publically available 2009-08-16 12:38:19 +02:00
Volker Lendecke
886e183b0e s3:winbind: Add const to normalize_name_map 2009-08-16 12:38:19 +02:00
Volker Lendecke
c83bf9cd7e s3:winbind: Add async wb_getgrsid 2009-08-16 12:38:19 +02:00
Volker Lendecke
8a683f4896 s3:winbind: Add async wb_group_members 2009-08-16 12:38:19 +02:00
Volker Lendecke
3d46eaf411 s3:winbind: Make wcache_lookup_groupmem available publically 2009-08-16 12:38:19 +02:00
Volker Lendecke
0f64bb5b7e s3:winbind: Convert winbindd_show_sequence to the new API 2009-08-16 10:38:24 +02:00
Volker Lendecke
e54503e82f s3:winbind: Add async wb_seqnums 
This is something that would have been very difficult with the old style of
async requests: Send the request to all children simultaneously.
 2009-08-16 10:38:24 +02:00
Volker Lendecke
1d110e0ef6 s3:winbind: Add async wb_seqnum 2009-08-16 10:38:24 +02:00
Volker Lendecke
c6b36ce573 s3:winbind: WINBIND_USERINFO -> wbint_userinfo 2009-08-16 10:38:24 +02:00
Volker Lendecke
6d100a6b20 s3:winbind: Simplify _wbint_[GU]id2Sid 2009-08-16 10:38:24 +02:00
Stefan Metzmacher
1e1445bc76 s3:winbindd: raise the timeout for lsa_Lookup*() calls from 10 to 35 seconds. 
metze
 2009-08-11 13:53:33 +02:00
Bo Yang
b9fb8da591 s3: Fix nss info substitution 
Signed-off-by: Bo Yang <boyang@samba.org>
 2009-08-08 06:26:43 +08:00
Volker Lendecke
0a16265bc2 s3:winbind: Convert WINBINDD_GETGROUPS to the new API 2009-08-05 03:21:25 -04:00
Volker Lendecke
01ea26bf28 s3:winbind: Add async wb_gettoken 2009-08-05 03:21:25 -04:00
Volker Lendecke
fec380818f s3:winbind: Convert WINBINDD_GETUSERDOMGROUPS to the new API 2009-08-05 03:21:25 -04:00
Volker Lendecke
1dc1ac0051 s3:winbind: Add async wb_lookupusergroups 2009-08-05 03:21:25 -04:00
Volker Lendecke
718a26fd29 s3:winbind: Make wcache_lookup_usergroups externally visible 2009-08-05 03:21:24 -04:00
Volker Lendecke
592822786d s3:winbind: Convert WINBINDD_GETSIDALIASES to the new API 2009-08-05 03:21:24 -04:00
Volker Lendecke
ce42ea3ab8 s3:winbind: Add async wb_lookupuseraliases 2009-08-05 03:21:24 -04:00
Volker Lendecke
f09a95aaff s3:winbind: Make parse_sidlist take a const char * 2009-08-05 03:21:24 -04:00
Volker Lendecke
ff3ce9016a s3:winbind: Make wcache_lookup_useraliases available publically 2009-08-05 03:21:24 -04:00
Volker Lendecke
bd9d7f75e3 s3:winbind: Convert WINBINDD_GETPWUID to the new API 2009-08-05 03:21:23 -04:00
Volker Lendecke
5bbb7a0d14 s3:winbind: Convert WINBINDD_GETPWNAM to the new API 2009-08-05 03:21:23 -04:00
Volker Lendecke
9dc401a20e s3:winbind: Convert WINBINDD_GETPWSID to the new API 2009-08-05 03:21:23 -04:00
Volker Lendecke
afc82444fd s3:winbind: Add async wb_getpwsid 2009-08-05 03:21:23 -04:00
Volker Lendecke
0418d38bc8 s3:winbind: Make fillup_pw_field publically available 2009-08-05 03:21:23 -04:00
Volker Lendecke
7077492778 s3:winbind: Add async wb_queryuser 2009-08-05 03:21:22 -04:00
Volker Lendecke
360227a0fe s3:winbind: Make wcache_query_user externally visible 2009-08-05 03:21:22 -04:00
Volker Lendecke
10685b37d4 s3:winbind: Convert WINBINDD_GID_TO_SID the new API 2009-08-05 03:21:22 -04:00
Volker Lendecke
292f3f896f s3:winbind: Add async wb_gid2sid 2009-08-05 03:21:22 -04:00
Volker Lendecke
9b369ffcf0 s3:winbind: Convert WINBINDD_UID_TO_SID the new API 2009-08-05 03:21:22 -04:00
Volker Lendecke
3eff8e93e2 s3:winbind: Add async wb_uid2sid 2009-08-05 03:21:21 -04:00
Volker Lendecke
5db561a608 s3:winbind: Convert WINBINDD_SID_TO_GID the new API 2009-08-05 03:21:21 -04:00
Volker Lendecke
153ae58d7d s3:winbind: Add async wb_sid2gid 2009-08-05 03:21:21 -04:00
Volker Lendecke
fb7150f23b s3:winbind: Convert WINBINDD_SID_TO_UID to the new API 2009-08-05 03:21:21 -04:00
Volker Lendecke
ea286fed7a s3:winbind: Add async wb_sid2uid 2009-08-05 03:21:21 -04:00
Volker Lendecke
9c6f4cd12a s3:winbind: Convert WINBINDD_LOOKUPNAME to the new API 2009-08-05 03:21:21 -04:00
Volker Lendecke
a541677077 s3:winbind: Add async wb_lookupname 2009-08-05 03:21:20 -04:00
Volker Lendecke
f6554611ab s3:winbind: Make wcache_name_to_sid visible externally 2009-08-05 03:21:20 -04:00
Volker Lendecke
74b45ba46c s3:winbind: Remove old version of WINBINDD_PING 2009-08-05 03:21:20 -04:00
Volker Lendecke
fa59f9720d s3:winbind: Convert WINBINDD_LOOKUPSID to the new API 2009-08-05 03:21:20 -04:00
Volker Lendecke
bb359c780a s3:winbind: Add async wb_lookupsid 2009-08-05 03:21:20 -04:00
Volker Lendecke
2d6589fb02 s3:winbind: Make wcache_sid_to_name externally visible 2009-08-05 03:21:19 -04:00
Volker Lendecke
6cf3db9149 s3:winbind: Add NDR-based parent-child communication to winbind 2009-08-05 03:21:19 -04:00
Gerald Carter
25a65d6046 idmap_adex: Fix usage of talloc_stackframe(). 
Pass an explicit TALLOC_CTX* to build_id_filter() and build_alias_filter()
rather than relying upon the talloc_stackframe() behavior that
allows a caller access to stackframe ctx for called functions.
 2009-08-04 19:17:00 +02:00
Volker Lendecke
7180ae0b8e Add some const to winbind_userinfo 2009-08-03 22:48:45 +02:00
Volker Lendecke
3d15d044a9 Fix a typo 2009-08-03 21:42:55 +02:00
Volker Lendecke
4fa28af91d Fix some nonempty blank lines 2009-08-02 22:33:56 +02:00
Volker Lendecke
4f147388c0 Refactor 9b78af1f: Fix lookupname recursion 
Pass a "flags" argument instead of the original winbind command down the
name_to_sid chain. This way we are independent of the winbind commands and
can take the decision at a much higher level
 2009-08-02 11:24:48 +02:00
Volker Lendecke
62fec96819 Some mods for recent coding conventions 2009-08-01 10:35:01 +02:00
Volker Lendecke
ac94a8b0e3 Place a comment correctly 2009-08-01 10:33:15 +02:00
Volker Lendecke
fc261be681 Fix indentation 2009-08-01 00:24:50 +02:00
Volker Lendecke
c67037d986 Refactoring: mem_ctx is not needed as an argument to centry_sid 2009-07-31 23:49:08 +02:00
Volker Lendecke
a488334bf1 Rename LOOKUP_NAME_EXPLICIT to LOOKUP_NAME_NO_NSS 
It took me a bit to understand what this flag does. I hope this is
a bit clearer, at least it is to me.
 2009-07-31 23:19:05 +02:00
Volker Lendecke
42becbc7a8 Fix some nonempty lines 2009-07-31 23:19:05 +02:00
Volker Lendecke
b4d5f4dd67 Remove a pointless variable 2009-07-31 22:39:13 +02:00
Volker Lendecke
b53338bb68 Provide a mem_ctx for child requests 2009-07-31 17:46:59 +02:00
Volker Lendecke
f511ccbc42 Slightly restructure the async winbind request calling convention 
The main loop now allocates the response, this has to be done everywhere
 2009-07-31 17:28:53 +02:00
Michael Adam
3acef09935 s3:winbind: use transaction store in idmap_tdb_set_hwm() to store new hwm. 
Btw, the previous code must have failed to warn when exceeding the high_hwm,
because it overwrote hwm with the return value of the dbwrap_store_uint32(),
which does not return the hwm but 0 or -1, depending on success.

Michael
 2009-07-29 16:26:27 +02:00
Michael Adam
e46e5d7d08 s3:winbind: fix typo in debug message in idmap_tdb. 
Michael
 2009-07-29 16:26:26 +02:00
Michael Adam
d289ed916b s3:winbind: fix typo in debugmessage of idmap_tdb 
Michael
 2009-07-29 16:26:26 +02:00
Michael Adam
bd34de10bc s3:winbind: use transaction in idmap_tdb2_allocate_id_action(). 
This uses the new dbwrap_trans_change_uint32_atomic()
instead of dbwrap_change_uint32_atomic().

Now all db write operations in idmap_tdb2.c are using
transactions.

Michael
 2009-07-29 16:26:25 +02:00
Michael Adam
ded0ce8345 s3:dbwrap: change dbwrap_change_uint32_atomic() to return NTSTATUS not uint32_t. 
Michael
 2009-07-29 16:26:21 +02:00
Michael Adam
d916e56c4c s3:winbind: in idmap_tdb2_sid_to_id(), use transaction wrapped stores. 
When a mapping is not found, then the idmap script is called (if defined).
When this gives a reply for the desired sid, this reply is stored in the db.

This patch wraps theses two store operations into a transaction by re-using
the idmap_tdb2_set_mapping_action() function previously defined
for idmap_tdb2_set_mapping().

Michael
 2009-07-29 16:26:20 +02:00
Michael Adam
a9bea871c9 s3:winbind: in idmap_tdb2_id_to_sid(), use transaction wrapped stores. 
When a mapping is not found, then the idmap script is called (if defined).
When this gives a reply for the desired id, this reply is stored in the db.

This patch wraps theses two store operations into a transaction by re-using
the idmap_tdb2_set_mapping_action() function previously defined
for idmap_tdb2_set_mapping().

Michael
 2009-07-29 16:26:20 +02:00
Michael Adam
9e20e178b3 s3:winbind: use transaction wrapper in idmap_tdb2_allocate_id() 
Michael
 2009-07-29 16:26:19 +02:00
Michael Adam
ab7a7be5d4 s3:winbind: use transaction wrapper in idmap_tdb2_set_mapping() 
Michael
 2009-07-29 16:26:12 +02:00
Volker Lendecke
d793beed56 Remove a duplicate prototype 2009-07-28 17:17:43 -04:00
Jeremy Allison
5d05d22999 Added prefer_ipv4 bool parameter to resolve_name(). 
W2K3 DC's can have IPv6 addresses but won't serve
krb5/ldap or cldap on those addresses. Make sure when
we're asking for DC's we prefer IPv4.
If you have an IPv6-only network this prioritizing code
will be a no-op. And if you have a mixed network then you
need to prioritize IPv4 due to W2K3 DC's.
Jeremy.
 2009-07-28 11:51:58 -07:00
Volker Lendecke
d3132e21f3 Fix a typo 2009-07-27 16:15:54 +02:00
Volker Lendecke
e30509f037 Fix a valgrind error in winbind 
When looking for idle clients, we dereferenced state->response. As this is
dynamically allocated now, the proper test is whether state->response exists at
all. This is the case when an async operation is in process at that moment.
 2009-07-27 16:15:54 +02:00
Volker Lendecke
d3f21d0a1f Fix some nonempty blank lines 2009-07-27 12:50:48 +02:00
Volker Lendecke
8cba97a164 Fix a winbind memleak 2009-07-25 12:59:20 -04:00
Bo Yang
b180fe34a7 s3: compile warning and upn handling 
Signed-off-by: Bo Yang <boyang@samba.org>
 2009-07-18 10:47:45 +08:00
Bo Yang
e7daa0d704 s3: don't do this, upper callbacks will check it 
Signed-off-by: Bo Yang <boyang@samba.org>
 2009-07-18 08:18:29 +08:00
Volker Lendecke
8a17cd810f Make gencache more stable 
This provides a compromise between stability and performance: gencache is a
persistent database these days that for performance reasons can not use tdb
transactions for all writes. This patch splits up gencache into gencache.tdb
and gencache_notrans.tdb. gencache_notrans is used with CLEAR_IF_FIRST, writes
to it don't use transactions. By default every 5 minutes and when a program
exits, all entries from _notrans.tdb are transferred to gencache.tdb in one
transaction.
 2009-07-15 10:55:20 +02:00
Günther Deschner
9f15ef11bd s3-account_policy: add pdb_policy_type enum. 
Guenther
 2009-07-14 12:12:18 +02:00
Günther Deschner
05fbe0c7f7 libds: merge the UF<->ACB flag mapping functions. 
Guenther
 2009-07-13 15:36:07 +02:00
Volker Lendecke
c624a704be Make escape_ldap_string take a talloc context 2009-07-09 22:25:29 +02:00
Volker Lendecke
5a9ca3db03 Fix bug 4699: Remove pidfile on clean shutdown 2009-06-18 16:17:57 -07:00
Volker Lendecke
49eccee209 Remove "winbindd_request" and "winbindd_response" from winbindd_cli_state 
This shrinks the memory footprint of an idle client by 5592 bytes to 60 bytes
on my 32-bit box.
 2009-06-14 22:22:10 +02:00
Volker Lendecke
97ba4f6efd Make winbindd_cli_state->response a pointer instead of a struct member 
Same comment as in baa6084378: This is just a preparatory checkin.

Volker
 2009-06-14 22:22:10 +02:00
Volker Lendecke
90535b5fad Remove an unused struct member in winbindd_cli_state 2009-06-14 22:21:07 +02:00
Volker Lendecke
cd9919643b Fix an error message: We get the errno in "err" 2009-06-14 20:55:25 +02:00
Volker Lendecke
f1dd6cd64d winbind: replace process_loop() by tevent_loop_once() 2009-06-14 11:25:48 +02:00
Volker Lendecke
07fac35b3b Make rescan_trusted_domains a timed event 2009-06-14 11:25:48 +02:00
Volker Lendecke
c4a97b2b41 Do not store the listening fde 2009-06-14 11:25:48 +02:00
Volker Lendecke
eaaaea01e0 Avoid scanning the client list when a client exits 2009-06-14 11:25:48 +02:00
Volker Lendecke
e4fb2b9408 Do not use "finished" in winbind child 2009-06-14 11:25:48 +02:00
Volker Lendecke
d61f3626b7 Remove unused init_child_connection() 2009-06-14 11:25:47 +02:00
Volker Lendecke
225b14cf24 Convert winbindd_domain_info to wb_domain_request_send 2009-06-14 11:25:47 +02:00
Volker Lendecke
14889b1acb Add winbindd_dual_ping to all children 2009-06-14 11:25:47 +02:00
Volker Lendecke
d362313fea Convert async_domain_request to wb_domain_request_send 2009-06-14 11:25:47 +02:00
Volker Lendecke
340b55a842 Add async wb_ping 2009-06-14 11:25:47 +02:00
Volker Lendecke
e3bed4848f Add an async wb request loop 2009-06-14 11:25:47 +02:00
Volker Lendecke
ed3bc614cc Add wb_domain_request_send/recv 2009-06-14 11:25:47 +02:00
Volker Lendecke
0834574fdd Remove some unused code 2009-06-14 11:25:47 +02:00
Volker Lendecke
9b06c27cdb Convert the winbind parent->child communication to wb_reqtrans 2009-06-14 11:25:47 +02:00
Volker Lendecke
c049d098d1 Convert the main winbind client communication to wb_reqtrans.c 2009-06-14 11:25:46 +02:00
Volker Lendecke
baa6084378 Make winbindd_cli_state->request a pointer instead of a struct member 
In itself, this is pretty pointless. But in the next steps I'll convert the
winbind internal communication to wb_reqtrans which allocates the request
properly. This minimizes the later diff.

Volker
 2009-06-14 11:25:44 +02:00
Volker Lendecke
a51e6ce43c Pass a talloc_ctx to pdb_enum_aliasmem 2009-06-08 21:14:10 +02:00
Günther Deschner
bc091e7847 s3-winbindd: workaround alias enumeration in expand_groups(). 
alias enumeration in NSS is not done properly done atm and needs to be fixed.

Guenther
 2009-06-08 13:06:25 +02:00
Günther Deschner
f19c9147a5 s3-winbindd: add some debug statements while tracking down a bug. 
Guenther
 2009-06-06 02:00:36 +02:00
Günther Deschner
b3f2a3a488 s3-winbindd: fix remaining callers of sid_binstring(). 
Guenther
 2009-05-28 15:38:35 +02:00
Volker Lendecke
0dbecbbee5 Make sid_binstring & friends take a talloc context 2009-05-28 11:33:21 +02:00
Michael Adam
e381c13b02 s3:idmap_ldap: filter out of range mappings in default idmap config 
This fixes bug #6417

Michael
 2009-05-28 00:41:33 +02:00
Marc VanHeyningen
a4887e250b s3: Allow child processes to exit gracefully if we are out of fds 
When we run out of file descriptors for some reason, every new
connection forks a child that immediately panics causing smbd to
coredump.  This seems unnecessarily harsh; with this code change we
now catch that error and merely log a message about it and exit
without the core dump.

Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-05-27 13:16:17 -07:00
Michael Adam
3fe9859342 s3:idmap: fix a comment typo 
Michael
 2009-05-27 19:32:46 +02:00
Michael Adam
e12670a105 s3:idmap_tdb2: filter out of range mappings in default idmap config 
This fixes bug #6416

Michael
 2009-05-27 19:31:33 +02:00
Michael Adam
ca697a9e31 s3:idmap_tdb: add an entry debug statment to idmap_tdb_db_init() 
Michael
 2009-05-27 19:31:32 +02:00
Michael Adam
3d3f398382 s3:idmap_tdb: filter out of range mappings in default idmap config 
This fixes bug #6415

Michael
 2009-05-27 19:31:32 +02:00
Michael Adam
3a853448ce s3:winbind_util: remove trailing spaces 
Michael
 2009-05-25 22:16:47 +02:00
Michael Adam
3111d78001 s3:winbind:idmap_ldap: warn about duplicate SID->XID mappings (bug #6387) 
With the current infrastructure, we should not return error on
duplicate mappings but just warn instead (because an error would
trigger the attempt to create yet another mapping).

Michael
 2009-05-25 14:57:06 +02:00
Michael Adam
35c3f4162d s3:winbind:idmap_ldap: warn about duplicate XID->SID mappings (bug #6387) 
With the current infrastructure, we should not return error on
duplicate mappings but just warn instead (because an error would
trigger the attempt to create yet another mapping).

Michael
 2009-05-25 14:57:06 +02:00
Volker Lendecke
68c5c6df0e Fix a race condition in winbind leading to a panic 
In winbind, we do multiple events in one select round. This needs fixing, but
as long as we're still using it, for efficiency reasons we need to do that.

What can happen is the following: We have outgoing data pending for a client,
thus

	state->fd_event.flags == EVENT_FD_WRITE

Now a new client comes in, we go through the list of clients to find an idle
one. The detection for idle clients in remove_idle_client does not take the
pending data into account. We close the socket that has pending outgoing data,
the accept(2) one syscall later gives us the same socket.

In new_connection(), we do a setup_async_read, setting up a read fde. The
select from before however had found the socket (that we had already closed!!)
to be writable. In rw_callback we only want to see a readable flag, and we
panic in the SMB_ASSERT(flags == EVENT_FD_READ).

Found using

bin/smbtorture //127.0.0.1/tmp -U% -N 500 -o 2 local-wbclient

Volker
 2009-05-24 18:57:13 +02:00
Michael Adam
e9010fa366 s3:winbind:idmap_ldap: fix a crash bug in idmap_ldap_unixids_to_sids (#6387) 
This fixes a crash bug hit when multiple mappings were found by
the ldap search. This crash was caused by an ldap asssertion
in ldap_next_entry because was set to NULL in each iteration.

The corresponding fix was applied to the idmap_ldap_sids_to_unixids()
by Jerry in 2007 (b066668b74).

This fixes the crash part of bug #6387.

There is a logic part, too:
The problem currently only occurs when multiple mappings are found
for one given unixid. Now winbindd does not crash any more but
it does not correctly handle this situation. It just returns the
last mapping from the ldap search results.
This needs fixing.

Michael
 2009-05-22 12:06:59 +02:00
Bo Yang
d7480a91b4 s3: ignore EPIPE error when winbind finally writes to wb client because client might have already closed the socket 
Signed-off-by: Bo Yang <boyang@samba.org>
 2009-05-22 03:22:52 +08:00
Bo Yang
cbe3dabb9d s3: Fix onlinestatus msg to return status of all domain instead of omitting trusted domains 
Signed-off-by: Bo Yang <boyang@samba.org>
 2009-05-22 02:12:59 +08:00
Volker Lendecke
91aea36bbf Fix a typo 2009-05-16 19:22:03 +02:00
Volker Lendecke
3fa69438b9 Convert response.extra_data.data from malloc to talloc 2009-05-12 18:02:00 +02:00
Jeremy Allison
b4c9cfb2af Fix a bunch of compiler warnings about wrong format types. 
Should make Solaris 10 builds look cleaner.
Jeremy.
 2009-05-11 21:56:57 -07:00
Volker Lendecke
de6ddda45e Fix some nonempty blank lines 2009-05-11 23:08:30 +02:00
Volker Lendecke
646668bc51 Fix some type-punned warnings 2009-05-07 23:38:48 +02:00
Volker Lendecke
26a9643e45 Remove a misleading comment 2009-05-07 23:38:48 +02:00
Volker Lendecke
2c1372b0d2 Fix some nonempty blank lines 2009-05-07 23:38:48 +02:00
Günther Deschner
67588ca80d s3-idmap: Fix bug #6286: Call init function for builtin idmap modules before probing for them as shared modules. 
idmap-gurus of the world, please check.

Guenther
 2009-04-24 10:02:06 +02:00
Günther Deschner
b5bec1a6d7 s3-secdesc: use SEC_FLAG_MAXIMUM_ALLOWED instead of SEC_RIGHTS_MAXIMUM_ALLOWED. 
Guenther
 2009-04-21 12:40:47 +02:00
Andrew Bartlett
c185e7a29c Fix to use modified cli_rpc_pipe_open_schannel_with_key API 2009-04-20 17:04:33 +02:00
Andrew Bartlett
53765c81f7 Remove use of talloc_reference in cli_rpc_pipe_open_schannel_with_key() 2009-04-20 16:50:49 +02:00
Andrew Bartlett
32062013c3 s3: Fix ntlm_auth and winbindd to use new common libcli/auth APIs 2009-04-14 19:33:04 +10:00
Andrew Bartlett
f28f113d8e Rework Samba3 to use new libcli/auth code (partial) 
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).

We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server

Andrew Bartlett
 2009-04-14 16:23:35 +10:00
Günther Deschner
d71dec9259 s3-libads: avoid NULL talloc context with ads_get_dn(). 
Guenther
 2009-04-07 01:17:30 +02:00
Andrew Bartlett
2050187673 s3:libads Make ads_get_dn() take a talloc context 
Also remove ads_memfree(), which was only ever a wrapper around
SAFE_FREE, used only to free the DN from ads_get_ds().

This actually makes libgpo more consistant, as it mixed a talloc and a
malloc based string on the same element.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
 2009-04-06 15:54:41 +02:00
Björn Jacke
f4aec7b590 ѕ3/winbind_pam: fix gcc 4.4 compile warning 2009-03-23 13:10:54 +01:00
Günther Deschner
531af136f9 s3: remove POLICY_HND. 
Guenther
 2009-03-18 23:22:29 +01:00
Stefan Metzmacher
93c2057c8b s3:winbindd: accept new connections via fd events 
metze
 2009-03-18 07:00:42 +01:00
Stefan Metzmacher
3b8dd79f2b s3:winbindd: move non event related code out of process_loop() in the the caller 
metze
 2009-03-18 07:00:42 +01:00
Stefan Metzmacher
0685031ccf s3:winbindd: remove unused close_winbindd_socket() function 
metze
 2009-03-18 07:00:41 +01:00
Volker Lendecke
b29c69f459 Fix #6130: Don't crash in winbindd_rpc lookup_groupmem() on unmapped members 
Thanks to François Legal <devel@thom.fr.eu.org> for reporting this bug
 2009-03-17 21:19:32 +01:00
Volker Lendecke
7735650f2e Fix a valgrind error 
Found in "make test" -- if we can't connect at all, "cli" is uninitialized
 2009-03-17 11:32:23 +01:00
Jeremy Allison
f48a345e4a Remove pwd_cache.c, it was doing nothing. Make user_name, domain, and 
password talloc'ed strings within the cli_struct.
Jeremy.
 2009-03-13 17:49:24 -07:00
Volker Lendecke
a0a9c5d170 Fix #6167: winbindd -n should disable the winbind idmap cache 2009-03-12 10:20:08 +01:00