summaryrefslogtreecommitdiff
path: root/source3/lib/util_sid.c
AgeCommit message (Collapse)AuthorFilesLines
2010-09-11s3-util_sid Tidy up global struct security_tokenAndrew Bartlett1-12/+6
This no longer needs to be global, and should be const. We now also init it with the C99 style initialisers. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3:auth Remove NT_USER_TOKENAndrew Bartlett1-4/+4
The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-auth Change type of num_sids to uint32_tAndrew Bartlett1-4/+4
size_t is overkill here, and in struct security_token in the num_sids is uint32_t. This includes a change to the prototype of add_sid_to_array() and add_sid_to_array_unique(), which has had a number of consequnetial changes as I try to sort out all the callers using a pointer to the number of sids. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-08-31s3-auth Rename NT_USER_TOKEN user_sids -> sidsAndrew Bartlett1-1/+1
This is closer to the struct security_token from security.idl
2010-08-06s3-netlogon: remove global include of netlogon.h.Günther Deschner1-0/+1
This reduces precompiled headers by another 4 MB and also slightly speeds up the build. Guenther
2010-06-21s3:fix an outdated comment.Michael Adam1-5/+2
2010-06-03s3: remove unused librpc/ndr/sid.c.Günther Deschner1-0/+1
Guenther
2010-05-31s3-build: only use ndr_security.h where needed.Günther Deschner1-0/+1
Guenther
2010-05-28s3:lib s3:lib move get_global_sam_name to util_names.cAndrew Bartlett1-13/+0
This doesn't really belong in util_sid.c, and has much more in common with the other functions in util_names.c Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett1-64/+64
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18s3: Remove use of iconv_convenience.Jelmer Vernooij1-3/+3
2010-04-10s3: Use IS_DC macro in get_global_sam_name()Volker Lendecke1-1/+1
Much as I dislike macros, this one is there. So why not use it...
2010-02-20s3: Make string_to_sid survive the LOCAL-string_to_sid testVolker Lendecke1-13/+40
2010-01-25Revert "s3: Make string_to_sid a wrapper around dom_sid_parse"Volker Lendecke1-7/+50
This reverts commit dff03b61fd5d923562711b38cc7dbe996dc07283.
2010-01-23s3: Make string_to_sid a wrapper around dom_sid_parseVolker Lendecke1-50/+7
2010-01-23s3: Remove string_sid_tallocVolker Lendecke1-13/+0
All but one call were pointless, so I think this API should go
2010-01-23s3: Fix some nonempty blank linesVolker Lendecke1-11/+11
2010-01-02s3: Adapt sid_dup_talloc to README.CodingVolker Lendecke1-8/+9
2009-11-03s3: Remove debug_ctx()Volker Lendecke1-1/+1
smbd just crashed on me: In a debug message I called a routine preparing a string that itself used debug_ctx. The outer routine also used it after the inner routine had returned. It was still referencing the talloc context that the outer debug_ctx() had given us, which the inner DEBUG had already freed.
2009-05-28Make sid_binstring & friends take a talloc contextVolker Lendecke1-7/+9
2009-01-01Add iconv_convenience argument to size functions.Jelmer Vernooij1-3/+3
2008-10-21Cope with MAXIMUM_ALLOWED_ACCESS requests when opening handles.Jeremy Allison1-0/+11
Jeremy.
2008-08-15I think the problem with these functions is that lookup_usergroupsHerb Lewis1-17/+17
should never include the user SID. The comment for the function in winbindd/winbindd_ads.c says /* Lookup groups a user is a member of. */ The following patch makes the wbinfo calls return the correct data before and after a login. wbinfo --user-domgroups and --user-sids (This used to be commit 7849938906a9c859805cbaeca66fae9d3c515aad)
2008-04-04Use sid_array_from_info3 in lookup_usergroups_cached().Günther Deschner1-1/+8
Guenther (This used to be commit 65b4cb20ea3fb806cfd50281e08f32bea70fafce)
2008-02-17Use netr_SamInfo3 in sid_array_from_info3.Günther Deschner1-15/+15
Guenther (This used to be commit 06095e8c705fc292323fa8d0110ae3aaeccab949)
2008-01-09Convert add_sid_to_array() add_sid_to_array_unique() to return NTSTATUS.Michael Adam1-28/+42
Michael (This used to be commit 6b2b9a60ef857ec31da5fea631535205fbdede4a)
2007-12-29Remove tiny code duplicationVolker Lendecke1-15/+3
sid_size did the same as ndr_size_dom_sid (This used to be commit 8aec5d09ba023413bd8ecbdfbc7d23904df94389)
2007-12-15s/sid_to_string/sid_to_fstring/Volker Lendecke1-1/+1
least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-15Use dom_sid_string for sid_string_tallocVolker Lendecke1-29/+12
Remove some code duplication, but introduce one more dependency on librpc/ndr. Easily turned around so that librpc/ndr depends on lib/util_sid if necessary (This used to be commit 3a0b1b2060facd5f1ac1461b23dd86c75cdd9458)
2007-12-15sid_string_static is no more :-)Volker Lendecke1-11/+8
We now have four ways to do sid_to_string: sid_to_string: Convert it into an existing fstring, when you have one sid_string_talloc: The obvious thing sid_string_tos: For the lazy, use only with care sid_string_dbg: The one to use in DEBUG statements (This used to be commit 7b8276aaa48852270c6b70b081c3f28e316a7a2c)
2007-12-15Replace sid_string_static by sid_string_dbg in DEBUGsVolker Lendecke1-1/+1
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
2007-12-15Add sid_string_dbgVolker Lendecke1-0/+5
This makes use of the just added debug_ctx and will kill many sid_string_static() calls (This used to be commit 3e4148c280efe154c3f8d552731c8b29d6977507)
2007-12-15add sid_string_tallocVolker Lendecke1-2/+10
(This used to be commit 9e3ef0923d71cc06b8445be2625ebd8dfed1b42d)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-15/+15
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r25575: Document S-1-5-12 (restriced code sid).Günther Deschner1-1/+7
Guenther (This used to be commit 109b09edef4bcad06c3b850edf7db74419c3ad78)
2007-10-10r25040: Add "net sam rights"Volker Lendecke1-0/+7
Not strictly in the SAM, but close enough. This command acts directly on the local tdb, no running smbd required This also changes the root-only check to a warning (This used to be commit 0c5657b5eff60e3c52de8fbb4ce9346d0341854c)
2007-10-10r23928: Merge all "copy-info3-groups-to-sid-array" blocks to a ↵Günther Deschner1-0/+65
sid_array_from_info3() function. Guenther (This used to be commit 1e1e480115e37b3f4c85f979ddd800b8de0b9c57)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r22611: Fix from Jens Nissen <jens.nissen@gmx.net>. Fix badJeremy Allison1-3/+0
memory leak I introduced into acl code, also remove redundent extra check for global_sid_System : global_sid_System == S-1-5-18 which is already included in the check for a domain of global_sid_NT_Authority == S-1-5 Jeremy. (This used to be commit 10649540ac11e679997f414d4a6b12d057bd7913)
2007-10-10r22481: Move check for non-mappable SIDs to after sid_to_uid,Jeremy Allison1-0/+3
sid_to_gid mapping, add LocalSystem to non-mappable list. Jeremy. (This used to be commit 805f01464f3feb30725dbce1f90d4296380dd796)
2007-10-10r20090: Fix a class of bugs found by James Peach. EnsureJeremy Allison1-16/+15
we never mix malloc and talloc'ed contexts in the add_XX_to_array() and add_XX_to_array_unique() calls. Ensure that these calls always return False on out of memory, True otherwise and always check them. Ensure that the relevent parts of the conn struct and the nt_user_tokens are TALLOC_DESTROYED not SAFE_FREE'd. James - this should fix your crash bug in both branches. Jeremy. (This used to be commit 0ffca7559e07500bd09a64b775e230d448ce5c24)
2007-10-10r18271: Big change:Gerald Carter1-2/+2
* autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2007-10-10r17316: More C++ warnings -- 456 leftVolker Lendecke1-2/+2
(This used to be commit 1e4ee728df7eeafc1b4d533240acb032f73b4f5c)
2007-10-10r16350: Fix the build.Günther Deschner1-0/+19
GUenther (This used to be commit 3203ce3b49e6f21ed690e9d7393e98419de54c27)
2007-10-10r15305: Let winbind search by sid directly (or in windows terms: "bind to aGünther Deschner1-0/+18
sid"); works in all AD versions I tested. Also add "net ads sid" search tool. Guenther (This used to be commit 5557ada6943b817d28a5471c613c7291febe2ad5)
2007-10-10r15251: Adding PreWin2kAccess builtin sid.Günther Deschner1-0/+2
Guenther (This used to be commit 4330d1b74cba14501c2864105b2fae53ccf9475f)
2007-10-10r13915: Fixed a very interesting class of realloc() bugs found by Coverity.Jeremy Allison1-3/+5
realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-0/+5
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r13024: Add is_null_sid.Günther Deschner1-0/+6
GUenther (This used to be commit 3a6e41a0cb2872a656ea79c8d4fc4b8bce436492)