summaryrefslogtreecommitdiff
path: root/nsswitch
Commit message (Collapse)AuthorAgeFilesLines
* nss_netbsd: Remove unimplemented prototypesVolker Lendecke2016-02-111-13/+0
| | | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Feb 11 04:43:53 CET 2016 on sn-devel-144
* nss_linux: Remove non-nss functionsVolker Lendecke2016-02-111-371/+0
| | | | | | | | | These functions were meant as a standard interface before libwbclient was developed. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libwbclient: Fix a few resource leak CIDsVolker Lendecke2016-02-041-6/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libwbclient: Add "goto fail" test macrosVolker Lendecke2016-02-041-0/+21
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* pam_winbind: check != PAM_SUCCESS and != NULL explicitlyMichael Adam2016-01-131-14/+14
| | | | | | | | ...instead of using "if (ret)" or similar. This is just a code cleanup, no changes in behaviour. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* torture: add torture comment output of name/ip to WinsBy{Ip,Name} testsMichael Adam2016-01-111-0/+6
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* torture: Fix winbind.wbclient.ResolveWinsByIp testMichael Adam2016-01-111-1/+13
| | | | | | | | | | | | The test gets handed a name, so we first need to resolve the name to an IP before we can pass that on to ResolveWinsByIp. Bug uncovered by the new nss_wrapper code (1.1.2). Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Fix various spelling errorsMathieu Parent2015-11-061-1/+1
| | | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Nov 6 13:43:45 CET 2015 on sn-devel-104
* nss_wins: Use libwbclient to query wins serverAndreas Schneider2015-10-262-160/+86
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11563 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* nss_wins: Use lp_global_no_reinit()Andreas Schneider2015-10-261-1/+1
| | | | | | | | | | This avoids that we run into use after free issues when we access memory allocated on the globals and the global being reinitialized. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11563 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* wbinfo: make --verbose --pam-logon print sidsVolker Lendecke2015-10-121-0/+10
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Oct 12 14:01:50 CEST 2015 on sn-devel-104
* build: Move __attribute__ ((destructor)) and ((constructor)) tests to wafsambaAndrew Bartlett2015-10-091-1/+1
| | | | | | | | This allows us to use them in talloc as well. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org>
* nss_winbind: fix hang on Solaris on big groupsBjörn Jacke2015-09-111-0/+6
| | | | | | | | | | | | | | The problem with large groups on Solaris in the the NSS winbind module is Solaris wants the return value to be NSS_UNAVAIL if the buffer given is too small for getgrnam_r. The current code return NSS_TRYAGAIN which causes Solaris/Illumos to loop without trying to resize the buffer. Thanks to Nathan Huff <nhuff@acm.org> for finding this out. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10365 Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed-by: Ralph Böhme <rb@sernet.de>
* nss_wins: add module for FreeBSDBjörn Jacke2015-09-112-1/+87
| | | | | | | | | Thanks to Timur Bakeyev <timur@FreeBSD.org> for the patch. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11493 Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed-by: Ralph Böhme <rb@sernet.de>
* pam_winbind: Fix a segfault if initialization failsAndreas Schneider2015-09-081-11/+8
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11502 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Tue Sep 8 21:39:21 CEST 2015 on sn-devel-104
* winbind client: avoid vicious cycle created by client retryUri Simchoni2015-07-151-17/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch cancels the retry policy of the winbind client. When winbindd fails to respond to a request within 30 seconds, the winbind client closes the connection and retries up to 10 times. In some cases, delayed response is a result of multiple requests from multiple clients piling up on the winbind domain child process. Retrying just piles more and more requests, creating a vicious cycle. Even in the case of a single request taking long to complete, there's no point in retrying because the retry request would just wait for the current request to complete. Better to wait patiently. There's one possible benefit in the retry, namely that winbindd typically caches the results, and therefore a retry might take a cached result, so the net effect of the retry may be to increase the timeout to 300 seconds. But a more straightforward way to have a 300 second timeout is to modify the timeout. Therefore the timeout is modified from 30 seconds to 300 seconds (IMHO 300 seconds is too much, but we have "winbind rquest timeout" with a default of 60 to make sure the request completes or fails within 60 seconds) BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397 Signed-off-by: Uri Simchoni <urisimchoni@gmail.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* wbinfo: Dump user info for pam-logon -vVolker Lendecke2015-06-111-3/+42
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: Simplify winbind_named_pipe_sock()Volker Lendecke2015-06-081-10/+8
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Mon Jun 8 19:48:18 CEST 2015 on sn-devel-104
* nsswitch: Extend idmap_rfc2307 testcase for reverse lookupChristof Schmitt2015-06-051-9/+63
| | | | | | | | | | | | | | Also test the codepaths to map UID and GID back to SID and names. Use different user and group to avoid returning results cached from the previous lookups. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11313 Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jun 5 01:24:32 CEST 2015 on sn-devel-104
* selftest: Add tests for expected output of wbinfo -i and wbinfo --uid-infoAndrew Bartlett2015-05-061-3/+46
| | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch/wins: use lp_load_global() wrapper of lp_load().Michael Adam2015-04-221-1/+1
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* nsswitch: improve error messages in wbinfo callsStefan Metzmacher2015-03-271-10/+17
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* lib: load_case_tables() -> smb_init_locale()Volker Lendecke2015-03-241-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Remove load_case_tables_library()Volker Lendecke2015-03-241-1/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Ensure we always initialise the winbind contextMatthew Newton2015-03-181-1/+1
| | | | | | | | | | | | Stops segfault when a context is passed. Internal Samba code will currently always call this with NULL so won't trigger the bug. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Mar 18 01:41:32 CET 2015 on sn-devel-104
* Update libwbclient version to 0.12Matthew Newton2015-03-103-2/+133
| | | | | | | | | | | | | | Increment the minor version of the libwbclient library after new context functions added. (Major version increase not required as the only two functions with changed parameters are private to the library.) Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Mar 10 03:24:45 CET 2015 on sn-devel-104
* Move wbc global variables into global context insteadMatthew Newton2015-03-103-45/+73
| | | | | | | | | | There are some global variables in use in the libwbclient library. Now that we have a context, move these into it so that they are thread-safe when the wbcCtx* functions are used. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Add context versions of wbclient functionsMatthew Newton2015-03-106-176/+1161
| | | | | | | | | | | To make the libwbclient library thread-safe, all functions that call through to wb_common winbindd_request_response need to have context that they can use. This commit adds all the necessary functions. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Add wbcContext to wbcRequestResponseMatthew Newton2015-03-102-7/+21
| | | | | | | | | To enable libwbclient to pass winbindd context through to the winbind client library in wb_common. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Add wbcContext struct, create and free functionsMatthew Newton2015-03-103-0/+78
| | | | | | | | | The basic context structure and functions for libwbclient so that libwbclient can be made thread-safe. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Use global context for winbindd_request_responseMatthew Newton2015-03-106-39/+66
| | | | | | | | | Updating API call in libwbclient, wbinfo, ntlm_auth and winbind_nss_* as per previous commit to wb_common.c. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Make winbind client library thread-safe by adding contextMatthew Newton2015-03-102-61/+143
| | | | | | | | | | Rather than keep state in global variables, store the current context such as the winbind file descriptor in a struct that is passed in. This makes the winbind client library thread-safe. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* pam: Fix CID 1034871 Resource leakVolker Lendecke2015-03-031-0/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Tue Mar 3 20:03:25 CET 2015 on sn-devel-104
* pam: Fix CID 1034870 Resource leakVolker Lendecke2015-03-031-1/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* nss-wins: Do not lookup invalid netbios namesAndreas Schneider2015-02-231-1/+13
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Make sure response->extra_data.data is always cleared outMatthew Newton2015-01-091-6/+7
| | | | | | | | | | Otherwise a bad read can sometimes cause the function to return -1 with an invalid pointer in extra_data.data, which is attempted to be freed by the caller (e.g. libwbclient/wbc_pam.c wbcAuthenticateUserEx()) by calling winbindd_free_response(). Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch/wbinfo: allow 'wbinfo --ping-dc --domain=SOMEDOMAIN'Stefan Metzmacher2014-12-191-4/+13
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: allow passing the domain name to wbcPingDC[2]()Stefan Metzmacher2014-12-192-11/+43
| | | | | | | | winbindd already supports this. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: fix soname of linux nss_*.so.2 modulesStefan Metzmacher2014-12-191-6/+18
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=9299 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* pam_winbind: fix warn_pwd_expire implementation.Günther Deschner2014-12-031-1/+4
| | | | | | | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9056 warn_pwd_expire parameter is not working as documented in pam_winbind manual page. This patch adds missing bit and allows disabling warning message fully, i.e. setting warn time to zero days. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Wed Dec 3 21:36:49 CET 2014 on sn-devel-104
* Support using system ldbmodify.Jelmer Vernooij2014-11-191-1/+6
| | | | | | | | | Fixes this test when bin/ldbmodify isn't built because we're using the system ldbmodify. Change-Id: I2ff0d9808245353006c6be4989976a3edad8f98e Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: avoid some compiler warningsStefan Metzmacher2014-11-143-6/+7
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nss_winbind: add getgroupmembership for FreeBSDBjörn Jacke2014-10-201-1/+73
| | | | | | | | | | | | The getgroupmembership call on FreeBSD is needed for "winbind expand groups=0" (the new default in 4.2) to work. Thanks to Timur I. Bakeyev for the enhancement patch. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10835 Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed-by: Volker Lendecke <vl@samba.org>
* pam_winbind: fix comment typosMichael Adam2014-10-181-1/+1
| | | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Sat Oct 18 12:41:07 CEST 2014 on sn-devel-104
* nsswitch: Skip groups we were not able to map.Andreas Schneider2014-09-191-0/+5
| | | | | | | | | | | | | | If we have configured the idmap_ad backend it is possible that the user is in a group without a gid set. This will result in (uid_t)-1 as the gid. We return this invalid gid to NSS which is wrong. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10824 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Fri Sep 19 17:57:14 CEST 2014 on sn-devel-104
* Replace all uses of iniparser with tiniparser.Jeremy Allison2014-08-143-24/+27
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* nsswitch: Fix bogus #include line.Ira Cooper2014-08-091-1/+0
| | | | | | | | We are not allowed to reach around behind the system's back and include the wrong headerfiles. Signed-off-by: Ira Cooper <ira@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* As David Woodhouse points out, this breaks backwards compatibility.Jeremy Allison2014-07-141-2/+0
| | | | | | | | | | | https://bugzilla.samba.org/show_bug.cgi?id=10692 Revert "libwbclient: reject unknown named blobs in wbcCredentialCache()" This reverts commit 740d12d1e77d356ff22c3725dce8d5019c86a7a5. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Jul 14 21:54:08 CEST 2014 on sn-devel-104
* libwbclient: reject unknown named blobs in wbcCredentialCache()Stefan Metzmacher2014-07-101-0/+2
| | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10692 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jul 10 22:30:45 CEST 2014 on sn-devel-104
* libwbclient: allow only one initial_blob/challenge_blob in wbcCredentialCache()Stefan Metzmacher2014-07-101-9/+19
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10692 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
View Lorry Controller Status