summaryrefslogtreecommitdiff
path: root/nsswitch
Commit message (Collapse)AuthorAgeFilesLines
* nsswitch: fix wbinfo -m --verbose trust type "Local"Ralph Boehme2018-03-021-3/+1
| | | | | | | | | | | | | | | Remove wrong "Local" strcmp(), there's another one, the correct one, a few lines below. Since commit 95e3307917b5731ab883ee5fce530c5b559b4934 WBC_DOMINFO_TRUSTTYPE_NONE, which corresponded to the string "None" in the winbindd response, is not used anymore. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13313 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Mar 2 05:49:18 CET 2018 on sn-devel-144
* nsswitch: Add FALL_THROUGH statements in pam_winbind.cAndreas Schneider2018-03-011-1/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: fix double free errors in nsstest.cStefan Metzmacher2018-02-211-8/+10
| | | | | | | | | We need to zero out static pointers on free. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13283 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* wbinfo: avoid segfault in wbinfo_auth_crap() if winbindd is not availableStefan Metzmacher2018-02-101-2/+11
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13256 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* libwbclient: add more trust typesRalph Boehme2018-01-131-1/+15
| | | | | | Prepare libwbclient for additional trust types and trust routing. Signed-off-by: Ralph Boehme <slow@samba.org>
* wbinfo: support for local, workstation and routed trust typesRalph Boehme2018-01-131-1/+20
| | | | | | | | | | Prepare wbinfo for additional trust types and trust routing. This also modifies the output line for a "None" trust type by skipping the transitivity and direction -- that just doesn't make sense without a trust. Signed-off-by: Ralph Boehme <slow@samba.org>
* libwbclient: add trust routing and more trust-typesRalph Boehme2018-01-131-0/+7
| | | | | | | This adds the struct member and the defines, the implementation comes later. Signed-off-by: Ralph Boehme <slow@samba.org>
* nsswitch: fill out wbcAuthUserInfo user_principal and dns_domain_name from info6Ralph Boehme2018-01-131-2/+12
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch: add "validation_level" and "info6" to winbindd_responseRalph Boehme2018-01-131-2/+8
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* pam_winbind: avoid non-literal-format warningUri Simchoni2017-11-291-5/+19
| | | | | | | | Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Nov 29 12:50:49 CET 2017 on sn-devel-144
* winbind_nss_freebsd: fix const discard warningUri Simchoni2017-11-241-2/+7
| | | | | Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* pam_winbind: fix const discard warningsUri Simchoni2017-11-241-2/+2
| | | | | Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: Slightly simplify winbindd_request_responseVolker Lendecke2017-11-181-8/+6
| | | | | | | We don't need a separate variable, C passes a copy on the stack Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libwbclient: Fix two signed/unsigned hickupsVolker Lendecke2017-11-181-2/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: Fix a typoVolker Lendecke2017-11-181-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* wbinfo: return "NOT MAPPED" instead of "S-0-0" for unmapped id-to-sidRalph Boehme2017-10-102-1/+7
| | | | | | | | | | | Currently wbinfo --unix-ids-to-sids prints "S-0-0" for failed mappings. Let it print "NOT MAPPED" instead. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 10 02:57:40 CEST 2017 on sn-devel-144
* libwbclient: Fix CID 1414781 Dereference null return valueVolker Lendecke2017-07-121-1/+1
| | | | | | | | | | Basically a cut&paste error from somewhere else Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Jul 12 22:12:22 CEST 2017 on sn-devel-144
* selftest: add some basic tests for idmap_adRalph Boehme2017-07-121-0/+99
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Prime the netlogon cache during test_idmap_rfc2307Andrew Bartlett2017-07-021-0/+6
| | | | | | | | | | | | | | | This ensures that the group memberships just created are reflected in the test comparison. Otherwise we are trusting that no caches are primed, which is simply not safe in a test. (The login will put a list of groups, as obtained by the login over NETLOGON or via the PAC, into the samlogon cache). Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sun Jul 2 21:59:18 CEST 2017 on sn-devel-144
* selftest: Use tree_delete control in idmap_rfc2307 testAndrew Bartlett2017-07-021-12/+2
| | | | | | | | This control removes an entire subtree, which was the intention of the previouse code but much more effectively. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch: Add ad_member tests for wbinfo --domain-info and --dc-infoAndreas Schneider2017-06-291-0/+6
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jun 29 02:33:48 CEST 2017 on sn-devel-144
* s4: popt: Global replace of cmdline_credentials -> ↵Jeremy Allison2017-05-111-20/+40
| | | | | | | | | | | popt_get_cmdline_credentials(). Add one use of popt_set_cmdline_credentials(). Fix 80 column limits when cmdline_credentials changes to popt_get_cmdline_credentials(). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* idmap_rfc2307: Test unix-ids-to-sids with 35 groupsVolker Lendecke2017-05-081-0/+14
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* test_idmap_rfc2307: Test wbinfo -r for 35 supplementary group membershipsVolker Lendecke2017-05-081-6/+60
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* test_idmap_rfc2307: Do a recursive delete in ou=idmapVolker Lendecke2017-05-081-8/+15
| | | | | | | | | We'll create more posix objects soon BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* test_idmap_rfc2307: Correct usageVolker Lendecke2017-05-081-1/+1
| | | | | | | | | We already have 13 args at this point, and growing BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* test_idmap_rfc2307: Avoid a tmpfileVolker Lendecke2017-05-081-17/+10
| | | | | | | | | We can << directly into ldbadd BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* test_idmap_rfc2307: Remove the correct fileVolker Lendecke2017-05-081-1/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* s4: torture: Add TALLOC_CTX * to torture_winbind_init().Jeremy Allison2017-05-051-2/+2
| | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Böhme <slow@samba.org>
* selftest: tests idmap mapping with idmap_ridRalph Boehme2017-04-071-0/+66
| | | | | | | | | | | | | | | | This adds two blackbox tests that run wbinfo --sids-to-unix-ids: o a non-existing SID from the primary domain should return a mapping o a SID with a bogus (and therefor unknown) domain must not return a mapping Bug: https://bugzilla.samba.org/show_bug.cgi?id=11961 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Fri Apr 7 00:05:02 CEST 2017 on sn-devel-144
* selftest: fix for wbinfo -s tests for wellknown SIDsRalph Boehme2017-04-061-4/+9
| | | | | | | | | | | Rework while loop to not use a pipe as that uses a subshell for the loop which means assigning to the variable failed is not visible in the main script. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12727 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* pam_winbind: no longer use wbcUserPasswordPolicyInfo when authenticatingStefan Metzmacher2017-04-061-46/+12
| | | | | | | | | | | | | | | The expiry time for the specific user comes from info->pass_must_change_time and nothing else. The authenticating DC knows which password policy applies to the user, that's nothing the client can do, as domain trusts and fine-grained password policies makes this a very complex task. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12725 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org>
* selftest: fix SID composition in a test scriptRalph Boehme2017-04-051-1/+1
| | | | | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Apr 5 17:59:32 CEST 2017 on sn-devel-144
* selftest: wbinfo -s tests for wellknown SIDsRalph Boehme2017-04-011-0/+20
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=12727 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* selftest: Define template homedir for 'ad_member' envAndreas Schneider2017-03-301-6/+11
| | | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12699 With this set, the samba3.local.nss test for ad_member will ensure that we correctly substitute those smb.conf options. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Mar 30 04:26:18 CEST 2017 on sn-devel-144
* wbinfo: Prevent client segfault with given EOFGarming Sam2017-03-271-1/+2
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* wbinfo: Add "authoritative" to wbinfo -a outputVolker Lendecke2017-03-241-1/+3
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=2976 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libwbclient: add WBC_SID_NAME_LABELStefan Metzmacher2017-03-233-1/+6
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Mar 23 12:55:26 CET 2017 on sn-devel-144
* nsswtich: Add negative tests for authentication with wbinfoAndreas Schneider2017-03-221-0/+4
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12708 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org> Autobuild-User(master): Uri Simchoni <uri@samba.org> Autobuild-Date(master): Wed Mar 22 10:58:58 CET 2017 on sn-devel-144
* libwbclient: Add "authoritative" to wbcAuthErrorInfoVolker Lendecke2017-03-074-2/+137
| | | | | | | smbd needs to react to "authoritative" Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* winbind: Add "authoritative" to winbindd_responseVolker Lendecke2017-03-071-2/+4
| | | | | | | | This is a relevant piece of info in the samlogon response, smbd and netlogond need to be able to react to it. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* pam_winbind: Return if we do not have a domainAndreas Schneider2017-02-231-3/+7
| | | | | | | | | Found by covscan. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12592 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Correct "Controler" typos.Chris Lamb2017-02-221-1/+1
| | | | | | Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* nsswitch: remove unused TALLOC_* defines in pam_winbind.hStefan Metzmacher2017-01-111-6/+0
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* pam_winbind: Fix compiler warningsBjörn Jacke2016-12-161-4/+7
| | | | | | | | | | | | Thanks to Stef Walter <stefw@gnome.org> BUG: http://bugzilla.samba.org/show_bug.cgi?id=8888 Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Fri Dec 16 16:22:32 CET 2016 on sn-devel-144
* pam: strip trailing whitespaces in pam_winbind.cBjörn Jacke2016-12-131-5/+5
| | | | | | | | Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed-by: Karolin Seeger <ks@sernet.de> Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Tue Dec 13 18:01:21 CET 2016 on sn-devel-144
* pam: map more NT password errors to PAM errorsBjörn Jacke2016-12-131-0/+5
| | | | | | | | | | | | | | | | NT_STATUS_ACCOUNT_DISABLED, NT_STATUS_PASSWORD_RESTRICTION, NT_STATUS_PWD_HISTORY_CONFLICT, NT_STATUS_PWD_TOO_RECENT, NT_STATUS_PWD_TOO_SHORT now map to PAM_AUTHTOK_ERR (Authentication token manipulation error), which is the closest match. BUG: https://bugzilla.samba.org/show_bug.cgi?id=2210 Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed by: Jeremy Allison <jra@samba.org>
* nss_wins: Fix errno values for HOST_NOT_FOUNDAndreas Schneider2016-11-161-2/+1
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12269 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Nov 16 04:10:55 CET 2016 on sn-devel-144
* wbinfo: Use ntlmv2 by default for wbinfo -aVolker Lendecke2016-11-151-3/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: Use own credential cache for wbinfo testsAndreas Schneider2016-09-252-2/+18
| | | | | | | | If we do not set it will add the credentials to the system default credential cache, which is e.g. FILE:/tmp/krb5cc_1000. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
View Lorry Controller Status