summaryrefslogtreecommitdiff
path: root/libcli
AgeCommit message (Collapse)AuthorFilesLines
2010-10-18libcli/util: add pipe related NT_STATUS_RPC_* codesStefan Metzmacher1-0/+6
metze
2010-10-14security: ensure the merge of libcli/security doesn't change s3 behaviourAndrew Tridgell1-0/+5
Jeremy, you put a #if 0 around this logic in this commit: 8344e945 (Jeremy Allison 2008-10-31 10:51:45 -0700 181) is this still needed? Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Thu Oct 14 03:16:41 UTC 2010 on sn-devel-104
2010-10-14libcli/security Use static SIDs rather than parsing from stringsAndrew Bartlett2-5/+6
This should make the security_token_is_*() calls a little faster. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14libcli/auth Merge source4/libcli/security and util_sid.c into the common codeAndrew Bartlett10-9/+1139
This should ensure we only have one copy of these core functions in the tree. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14libcli/security Define traditional constants in terms of IDL macrosAndrew Bartlett1-0/+64
The source3/ code uses these constants in a lot of places, and it will take time and care to rename them, if that is desired. Linking the macros here will at least allow common code to use the IDL based macros, and preserve a documentary link between the constants (other than just their value) Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14libcli/security Move source3/lib/util_seaccess.c into the common codeAndrew Bartlett3-0/+306
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett5-7/+52
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-12libcli/security Add debug class to security_token_debug() et alAndrew Bartlett4-16/+18
This will allow it to replace functions in source3 that use debug classes. Andrew Bartlett
2010-10-12libcli/security Move most of security_token.c to common code.Andrew Bartlett3-1/+203
The source4-specific session_info functions have been left in session.c Andrew Bartlett
2010-10-11libsecurity-common: Add missing dependency on libndr.Jelmer Vernooij1-1/+1
2010-10-11libcli-auth: Remove unnecessary dependency on libsamba-hostconfig.Jelmer Vernooij1-2/+2
2010-10-08Add some const. Needed for my SD work.Jeremy Allison2-14/+14
Jeremy
2010-10-04libcli/ldap: ldap_full_packet() requires at least 6 bytesStefan Metzmacher1-0/+7
metze
2010-10-01samba: share readline wrappers among all buildsystems.Günther Deschner5-0/+346
Guenther
2010-09-27libcli/ldap: correctly marshall LDAP Unbind PDUsStefan Metzmacher1-0/+2
metze
2010-09-26libcli/ldap: let ldap_full_packet() use asn1_peek_tag_needed_size()Stefan Metzmacher1-1/+1
This allows us to read a full packet without read byte after byte or possible read to much. metze
2010-09-26libcli/util: let tstream_read_pdu_blob_* cope with variable length headersStefan Metzmacher1-5/+13
metze
2010-09-23libcli: fix compile warningSimo Sorce1-0/+2
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-22s4:libcli:smb2 Rename pending_id to async_id and make 64-bitSteven Danneman1-1/+4
Match MS-SMB2 - 2.2.1.1 SMB2 Packet Header - ASYNC
2010-09-20libcli/ldap Add const to ldap_encode_ndr_dom_sid()Andrew Bartlett2-2/+2
Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-20libcli: add dom_sid_compare_domain()Günther Deschner2-0/+20
Guenther
2010-09-18werror: Add W_ERROR_HAVE_NO_MEMORY_AND_FREE() macroKamen Mazdrashki1-0/+7
2010-09-16libcli/auth/ntlmssp Be clear about talloc parents for session keysAndrew Bartlett2-9/+7
The previous API was not clear as to who owned the returned session key. This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code, and avoids making allocations - we steal and zero instead. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-15cldap: prevent crashes when freeing cldap socketAndrew Tridgell1-6/+15
As a callback may destroy the cldap socket we need to ensure we don't reference the cldap structure after the callback Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15cldap: use ipv4 not up for unbound cldap socketsAndrew Tridgell1-1/+5
If we use "ip" we end up with a PF_INET6 socket which breaks sendto() for v4 addresses.
2010-09-15s4-auth: set the RODC bit for RODC schannelAndrew Tridgell1-0/+1
When we are using SEC_CHAN_RODC we need to set the NETLOGON_NEG_RODC_PASSTHROUGH bit in the negotiated flags in ServerAuthenticate2 Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-14Fix string_to_sid() to allow non '\0' termination of the string - allowsJeremy Allison1-11/+6
string_to_sid() to be used in formatted strings like FOO/S-1-5-XXXX-YYYY/BAR. Jeremy.
2010-09-14libcli/security Use sid_append_rid() in dom_sid_append_rid()Andrew Bartlett1-5/+5
This ensures that the maximum number of sub-authorities is respected, otherwise we may run off the end of the array. Andrew Bartlett
2010-09-14libcli/security Merge source3/ string_to_sid() to common codeAndrew Bartlett1-37/+92
The source3 code repsects the limit of a maximum of 15 subauths, while the source4 code does not, creating a security issue as we parse string-form SIDs from clients. Andrew Bartlett
2010-09-13ntlm_check: Fix some nonempty blank linesVolker Lendecke1-21/+21
2010-09-11libcli/auth/schannel_state_tdb.c - fix includesMatthias Dieter Wallnöfer1-3/+1
Otherwise we get a "declared inside parameter list" warning.
2010-09-11libcli/privileges Fix commentAndrew Bartlett1-1/+1
2010-09-11s4-privs Seperate rights and privilegesAndrew Bartlett2-14/+60
These are related, but slightly different concepts. The biggest difference is that rights are not enumerated as a system-wide list. This moves the rights to security.idl due to dependencies. Andrew Bartlett
2010-09-11libcli/security Remove unused SE_NONE defineAndrew Bartlett1-1/+0
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Move 'private' privileges functions to another headerAndrew Bartlett3-24/+42
These functions work on the bitmap, and are only exposed because the source3/ privileges storage uses the bitmap in account_policy.tdb Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Remove 'always true' return from se_priv_put_all_privilegesAndrew Bartlett2-3/+2
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/auth Failure to find the cached session key for SCHANNEL isn't level 0Andrew Bartlett1-1/+1
This happens all the time, particularly now that we don't keep the db around after a reboot. Don't scare the admins with the level 0. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11privileges: privilege luids are not all below 64Andrew Tridgell1-3/+0
the ones brought across from s3 have higher values Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-11libcli/security Make sec_privilege_from_index() return SEC_PRIV_INVALID on ↵Andrew Bartlett1-1/+1
failure This is clearer and more consistent than using a magic -1 return Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Remove unused declarations from privileges.hAndrew Bartlett1-51/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Expose sec_privilege_mask()Andrew Bartlett2-1/+6
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security make sec_privilege_id() return SEC_PRIV_INVALID on failure.Andrew Bartlett1-1/+1
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Remove unused functions and constants.Andrew Bartlett2-242/+14
All the callers to these functions have been removed or reworked. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Rename all privilege bitmaps constantsAndrew Bartlett1-28/+28
The idea here to to make it very clear how they differ from the enumerated LUID values. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Remove luid_to_se_priv() and luid_to_privilege_name()Andrew Bartlett1-43/+4
These functions duplicate other functions in the merged code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Improve dump of privileges: Just walk the tableAndrew Bartlett1-5/+4
This removes some logic recently added that was just too smart - it is easier to just walk the table and do a bit match here. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Remove pointer indirection from se_priv_to_privilege_set()Andrew Bartlett2-3/+3
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Don't export privs[] as a global variableAndrew Bartlett2-41/+27
Instead, provide access functions for the LSA and net sam callers for the information they need. They still only enumerate the first 8 privileges that have traditionally been exposed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Merge privilege lists from source3 and source4Andrew Bartlett1-169/+126
The LSA enumeration in source3 will not show the new privileges, but otherwise, they are now in common, and can be set by name. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Return number of entries in the old source3 listAndrew Bartlett1-3/+4
This ensures there isn't a behaviour change when the source3 list is combined with the longer source4 list. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>