summaryrefslogtreecommitdiff
path: root/nsswitch
Commit message (Collapse)AuthorAgeFilesLines
...
* nsswitch: protect access to wb_global_ctx by a mutexRalph Wuerthner2018-11-011-1/+14
| | | | | | | | | | This change will make libwbclient thread safe for all API calls not using a context. Especially there are no more conflicts with threads using nsswitch and libwbclient in parallel. Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: make wb_global_ctx private add add get/put functions to access ↵Ralph Wuerthner2018-11-011-8/+33
| | | | | | | | global context Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: use goto to have only one function returnRalph Wuerthner2018-11-011-4/+8
| | | | | | Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: Add try_authtok option to pam_winbindMathieu Parent2018-10-022-0/+6
| | | | | | | | | | | | Same as the use_authtok option, except that if the new password is not valid, PAM will prompt for a password. Bug-Debian: https://bugs.debian.org/858923 Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/570944 Signed-off-by: Mathieu Parent <math.parent@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* nsswitch/libwbclient/wscript: import from waflibAlexander Bokovoy2018-09-051-1/+1
| | | | | Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch/wscript_build: update to handle waf 2.0.4Alexander Bokovoy2018-09-051-1/+1
| | | | | Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* wbinfo: Free memory when we leave wbinfo_dsgetdcname()Andreas Schneider2018-08-111-0/+3
| | | | | | | | | | | | Found by covscan. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567 Pair-Programmed-With: Justin Stephenson <jstephen@redhat.com> Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Justin Stephenson <jstephen@redhat.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: Correct users of "ctx->is_privileged"Volker Lendecke2018-07-241-5/+5
| | | | | | | winbindd_context->is_privileged is a bool Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: Make two functions staticVolker Lendecke2018-07-242-10/+7
| | | | | | | nss_irix was the only external user Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: Remove IRIX supportVolker Lendecke2018-07-243-681/+0
| | | | | | | | | According to wikipedia, IRIX has seen the last patch update in August 2006. As of now, www.sgi.com is unreachable. Probably this code has not been built in years. If someone wants to revive it, it can be found in the git history. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* winbind_krb5_localauth: Fix a compiler warningAndreas Schneider2018-07-071-2/+2
| | | | | | | | | | This can't used uninitialized but some compiler complains about it. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Sat Jul 7 16:24:30 CEST 2018 on sn-devel-144
* nsswitch: Use a swtich in the wbinfo test to lookup usersAndreas Schneider2018-07-061-8/+11
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13503 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Jul 6 17:14:44 CEST 2018 on sn-devel-144
* nsswitch: Add tests to lookup user via getpwnamAndreas Schneider2018-07-041-9/+62
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13503 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* krb5_plugin: Move krb5 locator plugin to krb5_plugin subdirAndreas Schneider2018-06-272-1/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* krb5_plugin: Install plugins to krb5 modules dirAndreas Schneider2018-06-271-5/+7
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* krb5_plugin: Add winbind localauth plugin for MIT KerberosAndreas Schneider2018-06-212-0/+273
| | | | | | | | | | | | | | | | | | Applications (like OpenSSH) don't know about users and and their relationship to Kerberos principals. This plugin allows that Kerberos principals can be validated against local user accounts. Administrator@WURST.WORLD -> WURST\Administrator https://web.mit.edu/kerberos/krb5-latest/doc/plugindev/localauth.html BUG: https://bugzilla.samba.org/show_bug.cgi?id=13480 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jun 21 15:52:02 CEST 2018 on sn-devel-144
* Fix spelling s/formated/formatted/Mathieu Parent2018-05-121-1/+1
| | | | | | Signed-off-by: Mathieu Parent <math.parent@gmail.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* nsswitch:tests: Add test for wbinfo --user-infoAndreas Schneider2018-05-111-0/+83
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch: Lookup the domain in tests with the wb seperatorAndreas Schneider2018-05-113-4/+4
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch: Add a test looking up domain sidAndreas Schneider2018-05-111-0/+4
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch: Add a test looking up the user using the upnAndreas Schneider2018-05-111-2/+7
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch: Only connect to the priv socket if requiredVolker Lendecke2018-04-241-1/+5
| | | | | | | This should speed up calls like "wbinfo -p" Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch: fix memory leak in winbind_open_pipe_sock() when the privileged ↵Stefan Metzmacher2018-04-241-2/+2
| | | | | | | | | pipe is not accessable. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13400 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* Add test for wbinfo name lookupChristof Schmitt2018-04-061-0/+40
| | | | | | | | | | | | This demonstrates that wbinfo -n / --name-to-sid returns information instead of failing the request. More specifically the query for INVALIDDOMAIN//user returns the user SID for the joined domain, instead of failing the request. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312 Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nsswitch: Fix wbcListGroups testChristof Schmitt2018-04-061-1/+32
| | | | | | | | | | | | | With an AD DC, wbcListGroups returns the users in the DOMAIN SEPARATOR GROUPNAME format. The test then calls wbcLookupName with the domain name and the previous string (including domain and separator) as username. Fix this by passing the correct username and adding some additional checks. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312 Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nsswitch: Fix wbcListUsers testChristof Schmitt2018-04-061-1/+32
| | | | | | | | | | | | | With an AD DC, wbcListUsers returns the users in the DOMAIN SEPARATOR USERNAME format. The test then calls wbcLookupName with the domain name and the previous string (including domain and separator) as username. Fix this by passing the correct username and adding some additional checks. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312 Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nsswitch: fix the developer build of nsswitch/wins.c on freebsd 11Stefan Metzmacher2018-04-031-1/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org>
* nsswitch: add some const to _nss_winbind_initgroups_dyn() prototypeStefan Metzmacher2018-04-032-2/+2
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org>
* nsswitch: maintain prototypes for the linux based functions only onceStefan Metzmacher2018-04-036-96/+27
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org>
* wbinfo: Improve the wording for --online-statusAndreas Schneider2018-03-161-2/+2
| | | | | | | | | | | | | | Currently it displays if a domain is online or offline which is wrong. It tells us if we maintain an active connection to the domain or not. Users are confused if they read offline because the think winbind is not functional with that domain. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Mar 16 14:46:43 CET 2018 on sn-devel-144
* nsswitch: fix wbinfo -m --verbose trust type "Local"Ralph Boehme2018-03-021-3/+1
| | | | | | | | | | | | | | | Remove wrong "Local" strcmp(), there's another one, the correct one, a few lines below. Since commit 95e3307917b5731ab883ee5fce530c5b559b4934 WBC_DOMINFO_TRUSTTYPE_NONE, which corresponded to the string "None" in the winbindd response, is not used anymore. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13313 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Mar 2 05:49:18 CET 2018 on sn-devel-144
* nsswitch: Add FALL_THROUGH statements in pam_winbind.cAndreas Schneider2018-03-011-1/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: fix double free errors in nsstest.cStefan Metzmacher2018-02-211-8/+10
| | | | | | | | | We need to zero out static pointers on free. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13283 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* wbinfo: avoid segfault in wbinfo_auth_crap() if winbindd is not availableStefan Metzmacher2018-02-101-2/+11
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13256 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* libwbclient: add more trust typesRalph Boehme2018-01-131-1/+15
| | | | | | Prepare libwbclient for additional trust types and trust routing. Signed-off-by: Ralph Boehme <slow@samba.org>
* wbinfo: support for local, workstation and routed trust typesRalph Boehme2018-01-131-1/+20
| | | | | | | | | | Prepare wbinfo for additional trust types and trust routing. This also modifies the output line for a "None" trust type by skipping the transitivity and direction -- that just doesn't make sense without a trust. Signed-off-by: Ralph Boehme <slow@samba.org>
* libwbclient: add trust routing and more trust-typesRalph Boehme2018-01-131-0/+7
| | | | | | | This adds the struct member and the defines, the implementation comes later. Signed-off-by: Ralph Boehme <slow@samba.org>
* nsswitch: fill out wbcAuthUserInfo user_principal and dns_domain_name from info6Ralph Boehme2018-01-131-2/+12
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* nsswitch: add "validation_level" and "info6" to winbindd_responseRalph Boehme2018-01-131-2/+8
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* pam_winbind: avoid non-literal-format warningUri Simchoni2017-11-291-5/+19
| | | | | | | | Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Nov 29 12:50:49 CET 2017 on sn-devel-144
* winbind_nss_freebsd: fix const discard warningUri Simchoni2017-11-241-2/+7
| | | | | Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* pam_winbind: fix const discard warningsUri Simchoni2017-11-241-2/+2
| | | | | Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: Slightly simplify winbindd_request_responseVolker Lendecke2017-11-181-8/+6
| | | | | | | We don't need a separate variable, C passes a copy on the stack Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libwbclient: Fix two signed/unsigned hickupsVolker Lendecke2017-11-181-2/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: Fix a typoVolker Lendecke2017-11-181-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* wbinfo: return "NOT MAPPED" instead of "S-0-0" for unmapped id-to-sidRalph Boehme2017-10-102-1/+7
| | | | | | | | | | | Currently wbinfo --unix-ids-to-sids prints "S-0-0" for failed mappings. Let it print "NOT MAPPED" instead. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Oct 10 02:57:40 CEST 2017 on sn-devel-144
* libwbclient: Fix CID 1414781 Dereference null return valueVolker Lendecke2017-07-121-1/+1
| | | | | | | | | | Basically a cut&paste error from somewhere else Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Jul 12 22:12:22 CEST 2017 on sn-devel-144
* selftest: add some basic tests for idmap_adRalph Boehme2017-07-121-0/+99
| | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Prime the netlogon cache during test_idmap_rfc2307Andrew Bartlett2017-07-021-0/+6
| | | | | | | | | | | | | | | This ensures that the group memberships just created are reflected in the test comparison. Otherwise we are trusting that no caches are primed, which is simply not safe in a test. (The login will put a list of groups, as obtained by the login over NETLOGON or via the PAC, into the samlogon cache). Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sun Jul 2 21:59:18 CEST 2017 on sn-devel-144
* selftest: Use tree_delete control in idmap_rfc2307 testAndrew Bartlett2017-07-021-12/+2
| | | | | | | | This control removes an entire subtree, which was the intention of the previouse code but much more effectively. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
View Lorry Controller Status