IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
warning: ignoring return value of 'asprintf', declared with attribute warn_unused_result
(This used to be commit ad37b7b0aee265a3e4d8b7552610f4b9a105434d)
We need to keep the names around on the search. Probably a tdb_move would do it
here as well, but RPC is not the fastest thing on earth anyway...
Thanks to Günther for pointing that out to me!
(This used to be commit c9472ae61039adf178e047d89dbcc698dfa57059)
I very much doubt that this is called enough to justify a global. If this turns
out to be a hot code path, we might reconsider :-)
(This used to be commit 5223d18ea2d891418a0f833f58cc3502cb26ce03)
This is to ease debugging. I sporadically get panics that are
apparently due to NULL domain sid passed to lookup_rids somewhere.
Michael
(This used to be commit 723e877c241dd5a0c8addb89507c9eda75b88ea4)
Failure to change password in ldap is mapped to NT_STATUS_UNSUCCESSFUL unconditionally.
Jeremy.
(This used to be commit 9369d6e907a49da1fbf2a5690118412b8d1a0383)
One lp_private_dir() has to be used instead of get_dyn_PRIVATE_DIR()
to determine the location of the passdb.tdb.
I noticed this when running make test as a "normal user" from a
build, where I had done "make install" as root before, and so
the passdb.tdb could not be accessed during the startup phase
"CREATE TEST ENVIRONMENT IN ./st ..." in selftest.sh.
Michael
(This used to be commit 1f96389afa7250af7393489fb538b8aed93d815c)
Jerry, as part of d6cdbfd87 the default location of passdb.tdb has changed from
the private directory to the state directory. I think because passdb.tdb holds
the password hashes, it is reasonable to keep this next to the smbpasswd file.
Please review and potentially push.
Thanks,
Volker
(This used to be commit c9c7607c402c0a9df9796c767b689d207d67d8e4)
This is a regession introduced by f7efc0eca9426e63b751c07a90265a12bb39cf95.
This calls pdb_get_trusteddom_pw() instead, again.
Michael
(This used to be commit 91be824d2ba0b8dccf42ba2b8555a204aa1fa56c)
This patch is still incomplete in that winbindd does not walk
the the trusted domains to lookup unqualified names here.
Apart from that this fix should be pretty much complete.
Michael
(This used to be commit f7efc0eca9426e63b751c07a90265a12bb39cf95)
This adds 28 fstrings on the stack, but I think an fstring on the stack is
still far better than a static one.
(This used to be commit c7c885078be8fd3024c186044ac28275d7609679)
As it breaks all tests which try to join a new machine account.
So more testing is needed...
metze
This reverts commit dd320c0924ce393a89b1cab020fd5cffc5b80380.
(This used to be commit cccb80b7b7980fbe1298ce266375e51bacb4a425)
get_trust_pw() just now computes the md4 hash of the result of
get_trust_pw_clear() if that was successful. As a last resort,
in the non-trusted-domain-situation, get_trust_pw() now tries to
directly obtain the hashed version of the password out of secrets.tdb.
Michael
(This used to be commit 4562342eb84e6fdcec15d8b7ae83aa146aabe2b7)
into a new function secrets_fetch_trust_account_password_legacy() that
does only try to obtain the hashed version of the machine password directly
from secrets.tdb.
Michael
(This used to be commit 91da12b751b3168dc40049f3e90c10d840393efc)
Up to now each caller used its own logic.
This eliminates code paths where there was a special treatment
of the following situation: the domain given is not our workgroup
(i.e. our own domain) and we are not a DC (i.e. it is not a typical
trusted domain situation). In situation the given domain name was
previously used as the machine account name, resulting in an account
name of DOMAIN\\DOMAIN$, which does not seem very reasonable to me.
get_trust_pw would not have obtained a password in this situation
anyways.
I hope I have not missed an important point here!
Michael
(This used to be commit 6ced4a7f88798dc449a667d63bc29bf6c569291f)
secrets_store_trust_account_password() and trust_password_delete()
are the write access functions to the SECRETS/$MACHINE.ACC/domain keys
in secrets.tdb, the md4 hashed machine passwords. These are not used
any more: Current code always writes the clear text password.
Michael
(This used to be commit 4788fe392427901f6b1c505e3a743136ac8a91ca)
This is a first patch aimed at fixing bug #4801.
It is still incomplete in that winbindd does not walk
the the trusted domains to lookup unqualified names here.
Apart from that this fix should be pretty much complete.
Michael
(This used to be commit dd320c0924ce393a89b1cab020fd5cffc5b80380)
New size calculation logic in tdb_trusted_dom_pass_pack()
and tdb_sid_pack() used accumulated sizes as successive offsets
to buffer pointer.
Michael
(This used to be commit 9c24713b402978e74dc8691be5cab71d8666eb41)
