summaryrefslogtreecommitdiff
path: root/source3/lib/secdesc.c
AgeCommit message (Collapse)AuthorFilesLines
2010-06-03s3-security: move ALL_SECURITY_INFORMATION to the only user.Günther Deschner1-0/+7
Guenther
2010-06-03s3-security: use shared SECINFO_DACL define.Günther Deschner1-1/+1
Guenther
2010-06-03s3-security: use shared SECINFO_SACL define.Günther Deschner1-1/+1
Guenther
2010-06-03s3-security: use shared SECINFO_GROUP define.Günther Deschner1-1/+1
Guenther
2010-06-03s3-security: use shared SECINFO_OWNER define.Günther Deschner1-1/+1
Guenther
2010-05-31s3-build: only use ndr_security.h where needed.Günther Deschner1-0/+1
Guenther
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett1-11/+11
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18s3-secdesc: move SEC_DESC_HEADER_SIZE to its only user.Günther Deschner1-0/+2
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_descriptor SEC_DESC".Günther Deschner1-26/+26
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_acl SEC_ACL".Günther Deschner1-8/+8
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_ace SEC_ACE".Günther Deschner1-9/+9
Guenther
2010-05-18s3-secdesc: remove "typedef struct sec_desc_buf SEC_DESC_BUF".Günther Deschner1-9/+9
Guenther
2010-05-18s3: Remove use of iconv_convenience.Jelmer Vernooij1-8/+6
2010-05-04s3-lib: Create a sec_desc_merge and sec_desc_merge_buf function.Andreas Schneider1-1/+42
Signed-off-by: Günther Deschner <gd@samba.org>
2009-12-02Restructure the ACL code some more, get the internal semanticsJeremy Allison1-0/+20
right. The previous bugs were due to the fact that get_nt_acl_internal() could return an NTSTATUS error if there was no stored ACL blob, but otherwise would return the underlying ACL from the filysystem. Fix this so it always returns a valid acl if it can, and if it does not its an error to be reported back to the client. This then changes the inherit acl code. Previously we were trying to match Windows by setting a minimal ACL on a new file that didn't inherit anything from a parent directory. This is silly - the returned ACL wouldn't match the underlying UNIX permissions. The current code will correctly inherit from a parent if a parent has any inheritable ACE entries that apply to the new object, but will return a mapping from the underlying UNIX permissions if the parent has no inheritable entries. This makes much more sense for new files/directories. Jeremy.
2009-04-21s3: Use common security_descriptor_equal().Jelmer Vernooij1-68/+0
2009-02-24s3-lib: add marshall_sec_desc_buf and unmarshall_sec_desc_buf helpers.Günther Deschner1-0/+63
Guenther
2009-01-01Add iconv_convenience argument to size functions.Jelmer Vernooij1-2/+2
2008-12-09s3: Refactor getting sec_info from a security_descriptor into separate functionTim Prouty1-0/+27
2008-11-08Fix a subtle logic bug in the adaption of se_create_child_secdesc(), pass ↵Jeremy Allison1-0/+3
RAW-ACL inheritance tests. Only access masks for SD get/set left to fix. Jeremy.
2008-11-06If we didn't inherit any ACE's the ACE pointer should be NULL.Jeremy Allison1-4/+6
Jeremy.
2008-11-06Start factoring out the inheritance differences.Jeremy Allison1-2/+1
Jeremy.
2008-10-31Get closer to passing S4 RAW-ACLs.Jeremy Allison1-3/+3
Jeremy.
2008-10-30Inherit Windows ACLs on a new directory.Jeremy Allison1-3/+3
Jeremy.
2008-10-29Allow a new file to inherit the Windows ACL from its parent.Jeremy Allison1-63/+131
Now to do the same for directories. Jeremy.
2008-10-09Remove SEC_ACCESS. It's a uint32_t.Jeremy Allison1-12/+1
Jeremy.
2008-09-23s3-nbt: fix remaining callers of ndr_push/pull_struct_blob.Günther Deschner1-2/+2
Guenther
2007-12-29Remove tiny code duplicationVolker Lendecke1-29/+0
ndr_size_security_descriptor does the same as sec_desc_size (This used to be commit bc3bd7a8e7c6e9e27acb195c86abb92c0f53112f)
2007-12-29Make [un]marshall_sec_desc use librpc/ndrVolker Lendecke1-25/+29
(This used to be commit 387936ec3952f88d46df2d4943bbc4e408ad2bb5)
2007-12-29Remove tiny code duplicationVolker Lendecke1-4/+4
sid_size did the same as ndr_size_dom_sid (This used to be commit 8aec5d09ba023413bd8ecbdfbc7d23904df94389)
2007-12-21Some C++ fixesVolker Lendecke1-4/+8
(This used to be commit 5c392c4c6e277a24d0d477902dc7856b2b46ee53)
2007-12-15Replace sid_string_static by sid_string_dbg in DEBUGsVolker Lendecke1-17/+8
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-3/+3
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r25534: Apply some constVolker Lendecke1-1/+1
Why? It moves these structs from the data into the text segment, so they will never been copy-on-write copied. Not much, but as in German you say "Kleinvieh macht auch Mist...." (This used to be commit 0141e64ad4972232de867137064d0dae62da22ee)
2007-10-10r23801: The FSF has moved around a lot. This fixes their Mass Ave address.Andrew Tridgell1-2/+1
(This used to be commit 87c91e4362c51819032bfbebbb273c52e203b227)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r22589: Make TALLOC_ARRAY consistent across all uses.Jeremy Allison1-2/+6
Jeremy. (This used to be commit 8968808c3b5b0208cbad9ac92eaf948f2c546dd9)
2007-10-10r19963: Add 'registry shares = yes' and registry key security descriptors.Volker Lendecke1-4/+61
(This used to be commit 6cab254c49e07b11c170511ec613f0f33914c3e6)
2007-10-10r18745: Use the Samba4 data structures for security descriptors and security ↵Jelmer Vernooij1-44/+37
descriptor buffers. Make security access masks simply a uint32 rather than a structure with a uint32 in it. (This used to be commit b41c52b9db5fc4a553b20a7a5a051a4afced9366)
2007-10-10r14280: Fix Coverity #129 and 130: check before dereferencing a pointer. ThisJim McDonough1-4/+4
was especially silly as we checked immediately _after_ dereferencing it :-/ (This used to be commit 7ebfe2cb26b72d7fac397cfe3ceb14f244388224)
2007-10-10r14249: We've dereferenced the_acl before, no point in checking.Volker Lendecke1-1/+1
Fix Coverity bug # 128. Volker (This used to be commit 84e9e73f3c71a0ccef76d56bc72dcd21160ed286)
2007-10-10r14002: Quick fix for Coverity CID #12.Jeremy Allison1-0/+4
Jeremy (This used to be commit 7c6e274cd578521192a0b0c4e6a4fb5dc7d722ac)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-0/+10
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r6263: Get rid of generate_wellknown_sids, they are const static and ↵Volker Lendecke1-2/+2
initializable statically. Volker (This used to be commit 3493d9f383567d286e69c0e60c0708ed400a04d9)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-3/+3
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2003-10-06split some security related functions in their own files.Simo Sorce1-0/+522
(no need to include all of smbd files to use some basic sec functions) also minor compile fixes (This used to be commit 66074d3b097d8cf2a231bf08c7f4db62da68189d)