Age | Commit message (Collapse) | Author | Files | Lines |
|
The source4-specific session_info functions have been left in session.c
Andrew Bartlett
|
|
|
|
|
|
Jeremy
|
|
metze
|
|
Guenther
|
|
metze
|
|
This allows us to read a full packet without read byte after byte
or possible read to much.
metze
|
|
metze
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Match MS-SMB2 - 2.2.1.1 SMB2 Packet Header - ASYNC
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Guenther
|
|
|
|
The previous API was not clear as to who owned the returned session key.
This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code,
and avoids making allocations - we steal and zero instead.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
As a callback may destroy the cldap socket we need to ensure we don't
reference the cldap structure after the callback
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
If we use "ip" we end up with a PF_INET6 socket which breaks sendto()
for v4 addresses.
|
|
When we are using SEC_CHAN_RODC we need to set the
NETLOGON_NEG_RODC_PASSTHROUGH bit in the negotiated flags in
ServerAuthenticate2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
string_to_sid() to be used in formatted strings like FOO/S-1-5-XXXX-YYYY/BAR.
Jeremy.
|
|
This ensures that the maximum number of sub-authorities is respected,
otherwise we may run off the end of the array.
Andrew Bartlett
|
|
The source3 code repsects the limit of a maximum of 15 subauths,
while the source4 code does not, creating a security issue as
we parse string-form SIDs from clients.
Andrew Bartlett
|
|
|
|
Otherwise we get a "declared inside parameter list" warning.
|
|
|
|
These are related, but slightly different concepts. The biggest difference
is that rights are not enumerated as a system-wide list.
This moves the rights to security.idl due to dependencies.
Andrew Bartlett
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
These functions work on the bitmap, and are only exposed because
the source3/ privileges storage uses the bitmap in account_policy.tdb
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This happens all the time, particularly now that we don't keep the
db around after a reboot. Don't scare the admins with the level 0.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
the ones brought across from s3 have higher values
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
failure
This is clearer and more consistent than using a magic -1 return
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
All the callers to these functions have been removed or reworked.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The idea here to to make it very clear how they differ from the
enumerated LUID values.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
These functions duplicate other functions in the merged code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This removes some logic recently added that was just too smart - it
is easier to just walk the table and do a bit match here.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Instead, provide access functions for the LSA and net sam callers
for the information they need.
They still only enumerate the first 8 privileges that have traditionally
been exposed.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The LSA enumeration in source3 will not show the new privileges,
but otherwise, they are now in common, and can be set by name.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This ensures there isn't a behaviour change when the source3 list is combined
with the longer source4 list.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
As Samba only deals with the lower 32 bits of the LUID, just return those
and let the LSA layer deal with the upper 0 bits.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This avoids the use of SE_END, and has all callers walking the
array using the same termination condition.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The previous 128 bit structure needed this helper function.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|