1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

20 Commits

Author SHA1 Message Date
Günther Deschner
17ae9974f3 Fix gcc11 compiler issue "-Werror=stringop-overflow="
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14699

[3548/3991] Compiling source3/winbindd/winbindd_pam.c
../../source3/winbindd/winbindd_pam.c: In function ‘winbindd_dual_pam_auth_cached’:
../../source3/winbindd/winbindd_pam.c:1069:18: error: ‘winbindd_get_creds’ accessing 128 bytes in a region of size 8 [-Werror=stringop-overflow=]
 1069 |         result = winbindd_get_creds(domain,
      |                  ^~~~~~~~~~~~~~~~~~~~~~~~~~
 1070 |                                     state->mem_ctx,
      |                                     ~~~~~~~~~~~~~~~
 1071 |                                     &sid,
      |                                     ~~~~~
 1072 |                                     &my_info3,
      |                                     ~~~~~~~~~~
 1073 |                                     &cached_nt_pass,
      |                                     ~~~~~~~~~~~~~~~~
 1074 |                                     &cached_salt);
      |                                     ~~~~~~~~~~~~~
../../source3/winbindd/winbindd_pam.c:1069:18: note: referencing argument 5 of type ‘const uint8_t **’ {aka ‘const unsigned char **’}
../../source3/winbindd/winbindd_pam.c:1069:18: error: ‘winbindd_get_creds’ accessing 128 bytes in a region of size 8 [-Werror=stringop-overflow=]
../../source3/winbindd/winbindd_pam.c:1069:18: note: referencing argument 6 of type ‘const uint8_t **’ {aka ‘const unsigned char **’}
In file included from ../../source3/winbindd/winbindd.h:359,
                 from ../../source3/winbindd/winbindd_pam.c:26:
../../source3/winbindd/winbindd_proto.h:251:10: note: in a call to function ‘winbindd_get_creds’
  251 | NTSTATUS winbindd_get_creds(struct winbindd_domain *domain,
      |          ^~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2021-05-07 06:23:32 +00:00
Andreas Schneider
a05b63db62 winbind: Fix UPN handling in parse_domain_user()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2018-05-11 09:07:37 +02:00
Volker Lendecke
a55bd7e424 lib: Add samlogon_cache.h
Move prototypes into its own header file

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-12-02 09:36:08 +01:00
Richard Sharpe
704592c14d Last lot of convert uint32 to uint32_t in winbindd, I promise.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May  6 07:03:27 CEST 2015 on sn-devel-104
2015-05-06 07:03:27 +02:00
David Disseldorp
9195792a38 Revert "s3-winbindd: make sure we obey the -n switch also for samlogon cache access."
This reverts commit ae6a779bf9.

Bug 9125 analysis from Volker:

The problem is that there are no network calls possible at all that
would do what the samlogon cache does for us. There is just no way to
retrieve the group membership in a complex trusted environment. If you
have just a single domain with Samba as domain controller it might be
possible, but even within a single domain it is not possible to
correctly retrieve all group memberships using LDAP calls due to ACLs on
directory objects. The call to get that is called NetSamLogon on the
NETLOGON pipe. But this call requires user credentials and might trigger
updating counts on the server. So to correctly implement wbinfo -r after
a user has logged in, you have two alternatives: Save the info3 struct
or the PAC in the netsamlogon cache. If you insist on doing network
calls, you need to cache the user credentials somewhere to re-do the
NetSamLogon call every time the wbinfo -r is requested.

Reviewed-by: Andreas Schneider <asn@samba.org>
2012-11-09 16:41:05 +01:00
Günther Deschner
ae6a779bf9 s3-winbindd: make sure we obey the -n switch also for samlogon cache access.
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Jun  8 14:44:31 CEST 2011 on sn-devel-104
2011-06-08 14:44:31 +02:00
Andrew Bartlett
f768b32e37 libcli/security Provide a common, top level libcli/security/security.h
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.

This includes (along with other security headers) dom_sid.h and
security_token.h

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-12 05:54:10 +00:00
Volker Lendecke
eedf476c24 s3: Remove "mem_ctx" from a few functions 2010-09-09 06:19:25 +02:00
Volker Lendecke
eaf778593f s3: Remove "mem_ctx" from wcache_save_creds() 2010-09-09 06:19:24 +02:00
Volker Lendecke
d38e1d13ea s3: Remove "mem_ctx" from lookup_cached_name() 2010-09-09 06:19:24 +02:00
Volker Lendecke
4e4228bd5d s3: Remove unused arg "user_sid" from winbindd_store_creds
All callers have passed in NULL
2010-09-09 06:19:23 +02:00
Volker Lendecke
7372a50a03 s3: Remove unused winbindd_update_creds_by_sid 2010-09-09 06:19:23 +02:00
Andrew Bartlett
cba7f8b827 s3:dom_sid Global replace of DOM_SID with struct dom_sid
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-21 10:39:59 +02:00
Volker Lendecke
fd1b6bdef9 s3: Fix some nonempty blank lines 2010-01-10 20:56:16 +01:00
Volker Lendecke
fc1757369f s3: Slightly simplify winbindd_store_creds 2010-01-09 20:37:39 +01:00
Volker Lendecke
4fa28af91d Fix some nonempty blank lines 2009-08-02 22:33:56 +02:00
Andrew Bartlett
f28f113d8e Rework Samba3 to use new libcli/auth code (partial)
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).

We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server

Andrew Bartlett
2009-04-14 16:23:35 +10:00
Günther Deschner
c25958a046 Use netr_SamInfo3 everywhere in winbindd.
Guenther
(This used to be commit d9502eb753)
2008-02-17 02:12:00 +01:00
Günther Deschner
a92eb76688 Finally enable pidl generated SAMR & NETLOGON headers and clients.
Guenther
(This used to be commit f7100156a7)
2008-01-17 16:54:46 +01:00
Stefan Metzmacher
28aa4bff8d r25154: move winbindd code into winbindd/
metze
(This used to be commit 3ac7566ae1)
2007-10-10 12:30:46 -05:00