summaryrefslogtreecommitdiff
path: root/nsswitch
Commit message (Collapse)AuthorAgeFilesLines
* selftest: test wbinfo -n and --gid-info with "NT Authority"Ralph Boehme2018-12-071-0/+18
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12164 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: David Mulder <dmulder@suse.com> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit c46b6b111e8adcd7cf029e5c3293cbdc471793db)
* krb5_plugin: Move krb5 locator plugin to krb5_plugin subdirAndreas Schneider2018-08-232-1/+1
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 4a7e0f259bb7f1ebce48523767262addda08fe14)
* krb5_plugin: Install plugins to krb5 modules dirAndreas Schneider2018-08-231-5/+7
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit eba2eb8a15c7a25b1436907a5339241492c81097)
* krb5_plugin: Add winbind localauth plugin for MIT KerberosAndreas Schneider2018-06-252-0/+273
| | | | | | | | | | | | | | | | Applications (like OpenSSH) don't know about users and and their relationship to Kerberos principals. This plugin allows that Kerberos principals can be validated against local user accounts. Administrator@WURST.WORLD -> WURST\Administrator https://web.mit.edu/kerberos/krb5-latest/doc/plugindev/localauth.html BUG: https://bugzilla.samba.org/show_bug.cgi?id=13480 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 5e89a23ffaceccdc83d70a4ab2798ae25c10d580)
* nsswitch:tests: Add test for wbinfo --user-infoAndreas Schneider2018-05-241-0/+83
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 2715f52f54e66a73131a92d752a8c2447da1fd33)
* nsswitch: Lookup the domain in tests with the wb seperatorAndreas Schneider2018-05-243-4/+4
| | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 4fa811ec7bc301e96f5e40ba281e8d4e8709b94f)
* nsswitch: Add a test looking up domain sidAndreas Schneider2018-05-241-0/+4
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 0aceca6a94e868f9c01a66f79624ca10d80560ab)
* nsswitch: Add a test looking up the user using the upnAndreas Schneider2018-05-241-2/+7
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 0d2f743d826b87b369e25fc6bb9ff61f2b0896aa)
* nsswitch: fix memory leak in winbind_open_pipe_sock() when the privileged ↵Stefan Metzmacher2018-05-021-2/+2
| | | | | | | | | | | | | pipe is not accessable. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13400 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> (cherry picked from commit ffe970007bf934955f72ec2d73bf8f94a2b796eb) Autobuild-User(v4-8-test): Stefan Metzmacher <metze@samba.org> Autobuild-Date(v4-8-test): Wed May 2 18:56:45 CEST 2018 on sn-devel-144
* nsswitch: fix the developer build of nsswitch/wins.c on freebsd 11Stefan Metzmacher2018-04-201-1/+1
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org> (cherry picked from commit dc160247d13e2c63574a7e7ec7720fc4c690483b)
* nsswitch: add some const to _nss_winbind_initgroups_dyn() prototypeStefan Metzmacher2018-04-202-2/+2
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org> (cherry picked from commit d5be3b3279162005d9ebea2eda71d455e4c48739)
* nsswitch: maintain prototypes for the linux based functions only onceStefan Metzmacher2018-04-206-96/+27
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org> (cherry picked from commit b8c30abb02f461f16af4da83eecd173993974dc1)
* Add test for wbinfo name lookupChristof Schmitt2018-04-111-0/+40
| | | | | | | | | | | | | This demonstrates that wbinfo -n / --name-to-sid returns information instead of failing the request. More specifically the query for INVALIDDOMAIN//user returns the user SID for the joined domain, instead of failing the request. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312 Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit 552a00ec1f6795b9025298931a6cc50ebe552052)
* nsswitch: Fix wbcListGroups testChristof Schmitt2018-04-111-1/+32
| | | | | | | | | | | | | | With an AD DC, wbcListGroups returns the users in the DOMAIN SEPARATOR GROUPNAME format. The test then calls wbcLookupName with the domain name and the previous string (including domain and separator) as username. Fix this by passing the correct username and adding some additional checks. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312 Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit f4db4e86c341a89357082e81e30c302440647530)
* nsswitch: Fix wbcListUsers testChristof Schmitt2018-04-111-1/+32
| | | | | | | | | | | | | | With an AD DC, wbcListUsers returns the users in the DOMAIN SEPARATOR USERNAME format. The test then calls wbcLookupName with the domain name and the previous string (including domain and separator) as username. Fix this by passing the correct username and adding some additional checks. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312 Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit 3c146be404affc894c0c702bbfbfcc4fb9ed902b)
* nsswitch: fix wbinfo -m --verbose trust type "Local"Ralph Boehme2018-03-071-3/+1
| | | | | | | | | | | | | | | | | Remove wrong "Local" strcmp(), there's another one, the correct one, a few lines below. Since commit 95e3307917b5731ab883ee5fce530c5b559b4934 WBC_DOMINFO_TRUSTTYPE_NONE, which corresponded to the string "None" in the winbindd response, is not used anymore. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13313 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Mar 2 05:49:18 CET 2018 on sn-devel-144 (cherry picked from commit f59f6cefa11c4866d2ede47d9c9b415e3d5e233d)
* nsswitch: fix double free errors in nsstest.cStefan Metzmacher2018-02-271-8/+10
| | | | | | | | | | We need to zero out static pointers on free. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13283 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> (cherry picked from commit da784305e7b306664b79d30a734d45582f5bf4dd)
* wbinfo: avoid segfault in wbinfo_auth_crap() if winbindd is not availableStefan Metzmacher2018-02-111-2/+11
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13256 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> (cherry picked from commit 8b0e1a77ae5f7ef6d8db9a05718afa8d472a971b)
* libwbclient: add more trust typesRalph Boehme2018-01-131-1/+15
| | | | | | Prepare libwbclient for additional trust types and trust routing. Signed-off-by: Ralph Boehme <slow@samba.org>
* wbinfo: support for local, workstation and routed trust typesRalph Boehme2018-01-131-1/+20
| | | | | | | | | | Prepare wbinfo for additional trust types and trust routing. This also modifies the output line for a "None" trust type by skipping the transitivity and direction -- that just doesn't make sense without a trust. Signed-off-by: Ralph Boehme <slow@samba.org>
* libwbclient: add trust routing and more trust-typesRalph Boehme2018-01-131-0/+7
| | | | | | | This adds the struct member and the defines, the implementation comes later. Signed-off-by: Ralph Boehme <slow@samba.org>
* nsswitch: fill out wbcAuthUserInfo user_principal and dns_domain_name from info6Ralph Boehme2018-01-131-2/+12
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch: add "validation_level" and "info6" to winbindd_responseRalph Boehme2018-01-131-2/+8
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* pam_winbind: avoid non-literal-format warningUri Simchoni2017-11-291-5/+19
| | | | | | | | Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Nov 29 12:50:49 CET 2017 on sn-devel-144
* winbind_nss_freebsd: fix const discard warningUri Simchoni2017-11-241-2/+7
| | | | | Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* pam_winbind: fix const discard warningsUri Simchoni2017-11-241-2/+2
| | | | | Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: Slightly simplify winbindd_request_responseVolker Lendecke2017-11-181-8/+6
| | | | | | | We don't need a separate variable, C passes a copy on the stack Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libwbclient: Fix two signed/unsigned hickupsVolker Lendecke2017-11-181-2/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: Fix a typoVolker Lendecke2017-11-181-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* wbinfo: return "NOT MAPPED" instead of "S-0-0" for unmapped id-to-sidRalph Boehme2017-10-102-1/+7
| | | | | | | | | | | Currently wbinfo --unix-ids-to-sids prints "S-0-0" for failed mappings. Let it print "NOT MAPPED" instead. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 10 02:57:40 CEST 2017 on sn-devel-144
* libwbclient: Fix CID 1414781 Dereference null return valueVolker Lendecke2017-07-121-1/+1
| | | | | | | | | | Basically a cut&paste error from somewhere else Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Jul 12 22:12:22 CEST 2017 on sn-devel-144
* selftest: add some basic tests for idmap_adRalph Boehme2017-07-121-0/+99
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Prime the netlogon cache during test_idmap_rfc2307Andrew Bartlett2017-07-021-0/+6
| | | | | | | | | | | | | | | This ensures that the group memberships just created are reflected in the test comparison. Otherwise we are trusting that no caches are primed, which is simply not safe in a test. (The login will put a list of groups, as obtained by the login over NETLOGON or via the PAC, into the samlogon cache). Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sun Jul 2 21:59:18 CEST 2017 on sn-devel-144
* selftest: Use tree_delete control in idmap_rfc2307 testAndrew Bartlett2017-07-021-12/+2
| | | | | | | | This control removes an entire subtree, which was the intention of the previouse code but much more effectively. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch: Add ad_member tests for wbinfo --domain-info and --dc-infoAndreas Schneider2017-06-291-0/+6
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jun 29 02:33:48 CEST 2017 on sn-devel-144
* s4: popt: Global replace of cmdline_credentials -> ↵Jeremy Allison2017-05-111-20/+40
| | | | | | | | | | | popt_get_cmdline_credentials(). Add one use of popt_set_cmdline_credentials(). Fix 80 column limits when cmdline_credentials changes to popt_get_cmdline_credentials(). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* idmap_rfc2307: Test unix-ids-to-sids with 35 groupsVolker Lendecke2017-05-081-0/+14
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* test_idmap_rfc2307: Test wbinfo -r for 35 supplementary group membershipsVolker Lendecke2017-05-081-6/+60
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* test_idmap_rfc2307: Do a recursive delete in ou=idmapVolker Lendecke2017-05-081-8/+15
| | | | | | | | | We'll create more posix objects soon BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* test_idmap_rfc2307: Correct usageVolker Lendecke2017-05-081-1/+1
| | | | | | | | | We already have 13 args at this point, and growing BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* test_idmap_rfc2307: Avoid a tmpfileVolker Lendecke2017-05-081-17/+10
| | | | | | | | | We can << directly into ldbadd BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* test_idmap_rfc2307: Remove the correct fileVolker Lendecke2017-05-081-1/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* s4: torture: Add TALLOC_CTX * to torture_winbind_init().Jeremy Allison2017-05-051-2/+2
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org>
* selftest: tests idmap mapping with idmap_ridRalph Boehme2017-04-071-0/+66
| | | | | | | | | | | | | | | | This adds two blackbox tests that run wbinfo --sids-to-unix-ids: o a non-existing SID from the primary domain should return a mapping o a SID with a bogus (and therefor unknown) domain must not return a mapping Bug: https://bugzilla.samba.org/show_bug.cgi?id=11961 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Fri Apr 7 00:05:02 CEST 2017 on sn-devel-144
* selftest: fix for wbinfo -s tests for wellknown SIDsRalph Boehme2017-04-061-4/+9
| | | | | | | | | | | Rework while loop to not use a pipe as that uses a subshell for the loop which means assigning to the variable failed is not visible in the main script. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12727 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* pam_winbind: no longer use wbcUserPasswordPolicyInfo when authenticatingStefan Metzmacher2017-04-061-46/+12
| | | | | | | | | | | | | | | The expiry time for the specific user comes from info->pass_must_change_time and nothing else. The authenticating DC knows which password policy applies to the user, that's nothing the client can do, as domain trusts and fine-grained password policies makes this a very complex task. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12725 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* selftest: fix SID composition in a test scriptRalph Boehme2017-04-051-1/+1
| | | | | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Apr 5 17:59:32 CEST 2017 on sn-devel-144
* selftest: wbinfo -s tests for wellknown SIDsRalph Boehme2017-04-011-0/+20
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=12727 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* selftest: Define template homedir for 'ad_member' envAndreas Schneider2017-03-301-6/+11
| | | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12699 With this set, the samba3.local.nss test for ad_member will ensure that we correctly substitute those smb.conf options. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Mar 30 04:26:18 CEST 2017 on sn-devel-144
* wbinfo: Prevent client segfault with given EOFGarming Sam2017-03-271-1/+2
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
View Lorry Controller Status