sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
Code
59,834 Commits 60 Branches 1,145 Tags 453 MiB
cfc79f222d
Commit Graph

89 Commits

Author SHA1 Message Date
Roel van Meer
cfc79f222d Fix one of the valgrind warnings from bug #6814 - Fixes for problems reported by valgrind 
The timeval passed to event_add_to_select_args() must be initialized
as event_add_to_select_args() uses a timeval_min() on this and next_event.
 2010-02-26 14:54:22 -08:00
Volker Lendecke
063900ae63 s3: Fix a typo 2010-01-02 12:09:05 +01:00
Volker Lendecke
2daa084da4 s3: Simplify "setup_domain_child" slightly 2009-12-28 14:59:45 +01:00
Volker Lendecke
50e5f9dc51 s3: Fix some nonempty blank lines 2009-12-26 12:26:06 +01:00
Volker Lendecke
6dc924fcf3 s3: Remove some unused code 2009-12-23 12:02:19 +01:00
Volker Lendecke
40d4c31999 s3: Remove unused sendto_child() 2009-12-23 11:42:31 +01:00
Volker Lendecke
c4c984d97d s3: Avoid races to change the machine password in winbind 
The machine password handler has code to deal with every node in the cluster
trying to change the machine password at the same time. However, it is not very
nice to the DC if everyone tries this simultaneously. This adds a random 0-255
second offset to our timed event. When this fires a bit later than strictly
calculated, someone else might have stepped in and have already changed it. The
timed event handler will handle this gracefully, it won't even try to do it
again.
 2009-11-19 19:04:39 +01:00
Volker Lendecke
882350b0ab s3: Protect against flooding the DC with pwchange requests 
When there is a temporary problem changing passwords we flooded the DC with
pwchange requests. This gives the DC a 60-second break to recover.
 2009-11-19 19:04:39 +01:00
Volker Lendecke
4d0ebc90dc s3: Re-check the timeout in machine_password_change_handler() 
Someone else might have come in between and changed the password since we
created that timed request
 2009-11-19 19:04:39 +01:00
Volker Lendecke
d0ef9fbce6 s3: Add some debugs to the winbind machine pwchange machinery 2009-11-19 19:04:39 +01:00
Volker Lendecke
d4312e776b s3: Do not kill the whole smb session if a machine pwchange failed 2009-11-19 19:04:38 +01:00
Günther Deschner
c344bf0184 s3-winbindd: make sure to reset connections when machine account password change chain was broken. 
Guenther
 2009-10-06 16:50:23 +02:00
Volker Lendecke
872f9c4f91 Revert "s3: Attempt to fix machine password change" 
This reverts commit 20a8ea91e1.

Ooops, this should not have been committed.
 2009-10-05 22:14:06 +02:00
Volker Lendecke
20a8ea91e1 s3: Attempt to fix machine password change 2009-10-05 22:12:20 +02:00
Volker Lendecke
f3d71d3e8c s3:winbind: Add a generic cache for NDR based parent-child requests 2009-08-27 15:04:09 +02:00
Volker Lendecke
6cf3db9149 s3:winbind: Add NDR-based parent-child communication to winbind 2009-08-05 03:21:19 -04:00
Volker Lendecke
b53338bb68 Provide a mem_ctx for child requests 2009-07-31 17:46:59 +02:00
Volker Lendecke
d793beed56 Remove a duplicate prototype 2009-07-28 17:17:43 -04:00
Bo Yang
e7daa0d704 s3: don't do this, upper callbacks will check it 
Signed-off-by: Bo Yang <boyang@samba.org>
 2009-07-18 08:18:29 +08:00
Volker Lendecke
49eccee209 Remove "winbindd_request" and "winbindd_response" from winbindd_cli_state 
This shrinks the memory footprint of an idle client by 5592 bytes to 60 bytes
on my 32-bit box.
 2009-06-14 22:22:10 +02:00
Volker Lendecke
97ba4f6efd Make winbindd_cli_state->response a pointer instead of a struct member 
Same comment as in baa6084378: This is just a preparatory checkin.

Volker
 2009-06-14 22:22:10 +02:00
Volker Lendecke
cd9919643b Fix an error message: We get the errno in "err" 2009-06-14 20:55:25 +02:00
Volker Lendecke
e4fb2b9408 Do not use "finished" in winbind child 2009-06-14 11:25:48 +02:00
Volker Lendecke
d362313fea Convert async_domain_request to wb_domain_request_send 2009-06-14 11:25:47 +02:00
Volker Lendecke
ed3bc614cc Add wb_domain_request_send/recv 2009-06-14 11:25:47 +02:00
Volker Lendecke
9b06c27cdb Convert the winbind parent->child communication to wb_reqtrans 2009-06-14 11:25:47 +02:00
Volker Lendecke
baa6084378 Make winbindd_cli_state->request a pointer instead of a struct member 
In itself, this is pretty pointless. But in the next steps I'll convert the
winbind internal communication to wb_reqtrans which allocates the request
properly. This minimizes the later diff.

Volker
 2009-06-14 11:25:44 +02:00
Marc VanHeyningen
a4887e250b s3: Allow child processes to exit gracefully if we are out of fds 
When we run out of file descriptors for some reason, every new
connection forks a child that immediately panics causing smbd to
coredump.  This seems unnecessarily harsh; with this code change we
now catch that error and merely log a message about it and exit
without the core dump.

Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-05-27 13:16:17 -07:00
Bo Yang
cbe3dabb9d s3: Fix onlinestatus msg to return status of all domain instead of omitting trusted domains 
Signed-off-by: Bo Yang <boyang@samba.org>
 2009-05-22 02:12:59 +08:00
Volker Lendecke
3fa69438b9 Convert response.extra_data.data from malloc to talloc 2009-05-12 18:02:00 +02:00
Volker Lendecke
2c1372b0d2 Fix some nonempty blank lines 2009-05-07 23:38:48 +02:00
Jeremy Allison
faa1100d22 More warning fixes for Solaris. 
Jeremy.
 2009-02-23 16:22:43 -08:00
Dan Sledz
d96248a9b4 Add two new parameters to control how we verify kerberos tickets. Removes lp_use_kerberos_keytab parameter. 
The first is "kerberos method" and replaces the "use kerberos keytab"
with an enum.  Valid options are:
secrets only - use only the secrets for ticket verification (default)
system keytab - use only the system keytab for ticket verification
dedicated keytab - use a dedicated keytab for ticket verification.
secrets and keytab - use the secrets.tdb first, then the system keytab

For existing installs:
"use kerberos keytab = yes" corresponds to secrets and keytab
"use kerberos keytab = no" corresponds to secrets only

The major difference between "system keytab" and "dedicated keytab" is
that the latter method relies on kerberos to find the correct keytab
entry instead of filtering based on expected principals.

The second parameter is "dedicated keytab file", which is the keytab
to use when in "dedicated keytab" mode.  This keytab is only used in
ads_verify_ticket.
 2009-02-01 20:23:31 -08:00
Stefan Metzmacher
e6612c99fe s3:winbindd: handle SIG_TERM, SIGHUP, SIGCHLD and SIGUSR2 via tevent 
metze
 2009-01-27 15:28:08 +01:00
Stefan Metzmacher
cf53e48fec s3:winbindd: we don't need to call message_dispatch() anymore it's event triggered now 
metze
 2009-01-22 12:37:32 +01:00
Stefan Metzmacher
048f8dba14 s3: always call run_events() before and after sys_select() 
And always setup the fd events.

metze
 2009-01-22 12:37:29 +01:00
Jeremy Allison
9aa385a090 Clean up comments a little. 
Jeremy.
 2009-01-14 11:12:52 -08:00
Bo Yang
54325f7ed5 Don't send message to any other child in child process. 
Signed-off-by: Bo Yang <boyang@novell.com>
 2009-01-14 10:42:02 -08:00
Jeremy Allison
58b680446f From boyang - ensure we never "return" from a forked child, always _exit(). 
Jeremy.
 2009-01-13 15:42:56 -08:00
Bo Yang
0c2f8ab3ec Don't set child->requests to NULL in parent after fork 2009-01-10 14:12:08 -08:00
Jeremy Allison
d1f7a37174 Make winbindd_cm.c use winbindd_reinit_after_fork(). 
Jeremy.
 2009-01-06 17:34:06 -08:00
Jeremy Allison
7b77ac5365 Add winbindd_reinit_after_fork(), cleaning out all possible events 
in a forked child.
Jeremy.
 2009-01-06 15:14:52 -08:00
Stefan Metzmacher
c34d5f445a s3:events: change event_add_timed() prototype to match samba4 
metze
 2009-01-05 15:07:35 +01:00
Stefan Metzmacher
94c4376b49 s3:winbindd: cancel all ccache entry events and not just one 
cancel_named_event() is stupid by design and also only cancels
one single event.

metze
 2009-01-05 15:07:33 +01:00
Bo Yang
f389b97c69 Fix broken krb5 refresh chain 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2009-01-05 15:07:31 +01:00
Bo Yang
022e2f8199 clean event context after child is forked. 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2009-01-05 15:07:31 +01:00
Stefan Metzmacher
429276556a s3:winbindd: we don't need to call messaging_reinit() twice 
reinit_after_fork() already calls messaging_reinit()

metze
 2008-12-31 11:01:46 +01:00
Günther Deschner
03e0d0fb37 s3-winbindd: for now only change machine pwd when not using a system krb5 keytab. 
Guenther
 2008-11-21 00:57:22 +01:00
Jeremy Allison
f1a70d1e2a Coverity fix CID: 592 - null deref (can't happen but doesn't hurt to be sure). 
Jeremy.
 2008-10-29 16:02:45 -07:00
Jelmer Vernooij
cb78d4593b Cope with changed signature of http_timestring(). 2008-10-11 23:57:44 +02:00