Fix another implicit cast warning. Michael git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_2@25426 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Adapt to coding conventions. Guenther git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_2@25148 0c0555d6-39d7-0310-84fc-f1cc0bd64818
rename public functions from winbind_client.h init_request => winbindd_init_request free_response => winbindd_free_response read_reply => winbindd_read_reply write_sock => winbind_write_sock read_sock => winbind_read_sock close_sock => winbind_close_sock(void) metze git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_2@25143 0c0555d6-39d7-0310-84fc-f1cc0bd64818
make use only of base types which are provided by libreplace in winbind client and nss/pam stuff metze git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_2@25130 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Fix another build warning. Guenther git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_2@24786 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Squashed commit of the following: commit fb52f971986dd298abbcd9745ddf702820ce0184 Author: Gerald Carter <coffeedude@plainjoe.org> Date: Mon Aug 27 13:50:26 2007 -0500 Check correct return type for pam_winbind_request_log() wnibind_upn_to_username which is an int and not NSS_STATUS. commit 7382edf6fc0fe555df89d5b2a94d12b35049b279 Author: Gerald Carter <coffeedude@plainjoe.org> Date: Mon Aug 27 13:30:26 2007 -0500 Allow wbinfo -n to convert a UPN to a SID commit 8266c0fe1ccf2141e5a983f3213356419e626dda Author: Gerald Carter <coffeedude@plainjoe.org> Date: Fri Aug 3 09:53:16 2007 -0500 Merge some of Guenther UPN work for pam_winbind.c (check the winbind separator and better pam logging when converting a upn to a username). commit 15156c17bc81dbcadf32757015c4e5158823bf3f Author: Gerald Carter <coffeedude@plainjoe.org> Date: Fri Aug 3 08:52:50 2007 -0500 Include Universal groups from the cached PAC/SamLogon info when generating the list of domain group SIDs for a user's token. commit 979053c0307b051954261d539445102c55f309c7 Author: Gerald Carter <coffeedude@plainjoe.org> Date: Thu Aug 2 17:35:41 2007 -0500 merge upnlogon patch from my tree git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_2@24722 0c0555d6-39d7-0310-84fc-f1cc0bd64818
- Add define for WINBIND_WARN_PWD_EXPIRE. - Add parameter config_flag to get_config_item_int() and do the same check as in get_conf_item_string. git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@23708 0c0555d6-39d7-0310-84fc-f1cc0bd64818
- Move the asprintf() call to create the key even in get_conf_item_string() to the later if statement. - Also move the key definition to the later if statement in get_conf_item_string() and get_conf_item_int(). git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@23707 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Add pam_pwd_expire feature as discussed on samba-technical. This is a slightly modified version to set warn_pwd_expire to the default value if 0, no, or a broken value is set. This version also has one if statement less in get_config_item_int(). Thanks a lot to Andreas 'GlaDiaC' Schneider for this feature! git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@23704 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Add "debug_state" and "silent" to pam_winbind.conf template. Honor the silent argument when parsing pam configuration file options. Guenther git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@22794 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Inform the user when logging in via pam_winbind and the krb5 tkt cache could not be created due to clock skew. git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@22712 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Fix build warning. Guenther git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@22402 0c0555d6-39d7-0310-84fc-f1cc0bd64818
fix cut&paste error git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@22393 0c0555d6-39d7-0310-84fc-f1cc0bd64818
clearer message, thanks David git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@22388 0c0555d6-39d7-0310-84fc-f1cc0bd64818
3_0 as well git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@22348 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Change the write_sock() call in pam_winbind_request() to not request a privileged pipe operation for everything as this cannot be done from a process running under the context of a user (e.g. screensaver). Thanks to Danilo Almeida <dalmeida@centeris.com> for the help in pointing out the change to write_sock(). git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@21933 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Fix a bug with smbd serving a windows terminal server: If winbind decides smbd to be idle it might happen that smbd needs to do a winbind operation (for example sid2name) as non-root. This then fails to get the privileged pipe. When later on on the same connection another authentication request comes in, we try to do the CRAP auth via the non-privileged pipe. This adds a winbindd_priv_request_response() request that kills the existing winbind pipe connection if it's not privileged. Volker git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@21878 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Remove ununsed variable git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@21632 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Make pam_winbind do the same username fixup on AIX as the WINBINDD LAM module does to work around a system that does not support >8 character usernames. Without the change, pam_winbind tries to authenticate _#uid in the domain. git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@21612 0c0555d6-39d7-0310-84fc-f1cc0bd64818
Fix inappropriate creation of a krb5 ticket refreshing event when a user changed a password via pam_chauthtok. Only do this if a) a user logs on using an expired password (or a password that needs to be changed immediately) or b) the user itself changes his password. Also make sure to delete the in-memory krb5 credential cache (when a user did not request a FILE based cred cache). Finally honor the krb5 settings in the first pam authentication in the chauthtok block (PAM_PRELIM_CHECK). This circumvents confusion when NTLM samlogon authentication is still possible with the old password after the password has been already changed (on w2k3 sp1 dcs). Guenther git-svn-id: svn+ssh://svn.samba.org/data/svn/samba/branches/SAMBA_3_0@21500 0c0555d6-39d7-0310-84fc-f1cc0bd64818