summaryrefslogtreecommitdiff
path: root/source3/rpc_parse/parse_lsa.c
AgeCommit message (Collapse)AuthorFilesLines
2003-10-07Tut tut - always run with max warnings on gcc...Jeremy Allison1-1/+3
Jeremy. (This used to be commit 3ebbd67dec2044ed8022491747e65b90f1354602)
2003-10-06split some security related functions in their own files.Simo Sorce1-14/+29
(no need to include all of smbd files to use some basic sec functions) also minor compile fixes couldn't compile to test these due to some kerberos problems wirh 3.0, but on HEAD they're working well, so I suppose it's ok to commit (This used to be commit c78f2d0bd15ecd2ba643bb141cc35a3405787aa1)
2003-09-25Fix for #480. Change the interface for init_unistr2 to not take a lengthJeremy Allison1-29/+10
but a flags field. We were assuming that 2*strlen(mb_string) == length of ucs2-le string. This is not the case. Count it after conversion. Jeremy. (This used to be commit f82c273a42f930c7152cfab84394781744815e0e)
2003-08-01Update my copyrights according to my agreement with IBMJim McDonough1-1/+1
(This used to be commit a2bd8f0bfa12f2a1e33c96bc9dabcc0e2171700d)
2003-06-03Fix debug message merge.Jeremy Allison1-1/+1
Jeremy. (This used to be commit d6f23166420d89ea7d3d5433e3234529681cb330)
2003-03-17Merge from HEAD:Andrew Bartlett1-7/+7
signed/unsigned (mostly i counters) a little bit of const. Andrew Bartlett (This used to be commit 50f0ca752e5058c4051f42a9337361373ba1f727)
2003-01-29Merge tridge's client priv code from HEAD.Jeremy Allison1-0/+61
Jeremy (This used to be commit 49739be1e2f047fa2cc2fd42eadb190a82114485)
2003-01-28Merging tridge's privillage client changes from HEAD.Jeremy Allison1-7/+67
Jeremy. (This used to be commit 30a33920b4d834edc877cc0080291fbda983083a)
2003-01-15merging some rpcclient and net functionality from HEADGerald Carter1-0/+60
(This used to be commit 7a4c87484237308cb3ad0d671687da7e0f6e733b)
2003-01-03Merge from HEAD - make Samba compile with -Wwrite-strings without additionalAndrew Bartlett1-63/+63
warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2002-08-17sync 3.0 branch with headJelmer Vernooij1-2/+121
(This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
2002-07-15updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell1-31/+47
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-04-04Fixed the handle leak in the connection management code (this code is crapJeremy Allison1-0/+6
and should be rewritten, just not now... :-). Jeremy. (This used to be commit 5de792e7e9c2ad1422ac146caba632baa3f4e5c5)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-26Back out some of the less well thought out ideas from last weeks work onAndrew Bartlett1-11/+3
winbind default domains, particulary now I understand whats going on a lot better. This ensures that the RPC client code does as little 'magic' as possible - this is up to the application/user. (Where - for to name->sid code - it was all along). This leaves the change that allows the sid->name code to return domains and usernames in seperate paramaters. Andrew Bartlett (This used to be commit 5dfba2cf536f761b0aee314ed9e30dc53900b691)
2002-01-26We may as well not use these temporary variables - they are only used once andAndrew Bartlett1-3/+1
just make it harder to debug (gcc stips optomises them away). (This used to be commit 100d2705ddfa1fde73a0bb06e8e097b2b1cbf36a)
2002-01-20This patch makes the 'winbind use default domain' code interact better withAndrew Bartlett1-3/+13
smbd, and also makes it much cleaner inside winbindd. It is mostly my code, with a few changes and testing performed by Alexander Bokovoy <a.bokovoy@sam-solutions.net>. ab has tested it in security=domain and security=ads, but more testing is always appricatiated. The idea is that we no longer cart around a 'domain\user' string, we keep them seperate until the last moment - when we push that string into a pwent on onto the socket. This removes the need to be constantly parsing that string - the domain prefix is almost always already provided, (only a couple of functions actually changed arguments in all this). Some consequential changes to the RPC client code, to stop it concatonating the two strings (it now passes them both back as params). I havn't changed the cache code, however the usernames will no longer have a double domain prefix in the key string. The actual structures are unchanged - but the meaning of 'username' in the 'rid' will have changed. (The cache is invalidated at startup, so on-disk formats are not an issue here). Andrew Bartlett (This used to be commit e870f0e727952aeb8599cf93ad2650ae56eca033)
2001-12-17there is no unknown field in LSA_SEC_QOSJean-François Micouleau1-19/+15
some cleanup of the lsa_open_policy and lsa_open_policy2 parser. the length fields are not correct but that's what NT send. We don't anymore underflow or overflow the decoding. added the domain admins group to the default SD. we are now checking the desired access flag in the lsa_open_policy_X() calls and in most functions also. J.F. (This used to be commit a217c4e4ff4d13122703d22258792fe5e8e9f02f)
2001-12-03const religionAndrew Tridgell1-2/+2
(This used to be commit 359ca8f246c46b1700418fe0226458023f808d67)
2001-11-29Changed again how the privilege list is handled in the group mapping code.Jean-François Micouleau1-0/+152
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP struct as some privilege showing in USRMGR.EXE are not real privs but a bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT 3.1 box to verify, but I'm too lazy (yes I still have my CDs). Added 3 more LSA calls: SetSystemAccount, AddPrivileges and RemovePrivileges, we can manage all this privilege from UserManager. Time to change the NT_USER_TOKEN struct and add checks in all the rpc functions. Fun, fun, fun. J.F. (This used to be commit 3f0a9ef2b8c626cfa2878394bb7b642342342bf3)
2001-11-25Fix ./configure --enable-developer warnings (shadow of global)Andrew Bartlett1-2/+2
(This used to be commit 3f1cfb62e85343a45817651f111f01051fc66b18)
2001-11-24added lsaenumprivsaccount and lsalookupprivvalue to rpcclientJean-François Micouleau1-1/+76
and more to come ... J.F. (This used to be commit 1748d5a2af1f2dcf718d6f162ed483b001542494)
2001-11-23Changed how the privileges are stored in the group mapping code. It's nowJean-François Micouleau1-0/+9
an array of uint32. That's not perfect but that's better. Added more privileges too. Changed the local_lookup_rid/name functions in passdb.c to check if the group is mapped. Makes the LSA rpc calls return correct groups Corrected the return code in the LSA server code enum_sids. Only enumerate well known aliases if they are mapped to real unix groups. Won't confuse user seeing groups not available. Added a short/long view to smbgroupedit. now decoding rpc calls to add/remove privileges to sid. J.F. (This used to be commit f29774e58973f421bfa163c45bfae201a140f28c)
2001-11-22added lsa_enum_sids to rpcclientJean-François Micouleau1-0/+8
fixed lsa_enum_rpivs server code. This time it works as W2K. fixed smbgroupedit to compile and work. J.F. (This used to be commit 646651018a2736833e49e76f6ca735a4647d9746)
2001-11-22add another command to rpcclient: getdispname. Show the full descriptionJean-François Micouleau1-0/+15
of a privilege. J.F. (This used to be commit 84035ae72f422edadd9fa7e493c3d8176bb6a53d)
2001-11-22add a command to rpcclient: enumprivsJean-François Micouleau1-0/+21
J.F. (This used to be commit fa63cb78e326040f68d858d593ba98e06c26c92e)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-7/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-04the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but ↵Andrew Tridgell1-17/+17
the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-1/+1
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-08-24Fixed malloc -> talloc problems pointed out by Simo.Jeremy Allison1-7/+7
Jeremy (This used to be commit 0f5b187387fb536a6866d9109eff82411798f79e)
2001-07-09implement:Jean-François Micouleau1-0/+476
LSA_ENUM_PRIVS LSA_PRIV_GET_DISPNAME LSA_ENUM_ACCOUNTS LSA_OPENACCOUNT LSA_ENUMPRIVSACCOUNT LSA_GETSYSTEMACCOUNT It's a work in progress. nobody should expect it to work J.F. (This used to be commit 3056357cd8d4b2460f73ba8a8931a143f07fa2a6)
2001-06-29Added LsaGetConnectedCredentials patch from Manoj Naik <manoj@almaden.ibm.com>.Jeremy Allison1-0/+70
Jeremy. (This used to be commit 7079300da6dbd950e55dc5871851250d5a3717ff)
2001-06-22Removed unused (and potentially crash-causing) free function.Jeremy Allison1-14/+0
Jeremy. (This used to be commit 54ea00fa870f258b885b18e8684caa8488948607)
2001-05-08Fixed typo in comment.Tim Potter1-1/+1
(This used to be commit a8c49d1e608b178bcc53725d4a26cebb799fc6eb)
2001-03-11Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison1-9/+8
RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
2001-02-27Added total memory allocated counter to talloc, so we can tell if a tallocJeremy Allison1-5/+5
pool is getting bloated. Also added a talloc_zero function to return zeroed memory. Added debug in rpc_server/srv_pipe_hnd.c so we know when a talloc pool is being freed. Syncup with srv_pipe_hnd.c from 2.2 so we are freeing memory at the same time. Jeremy. (This used to be commit d3a56c6042acf037bbd53de88d7636a5803ead20)
2001-02-26Started conversion of lsa server code to canonical format (as srv_reg andJeremy Allison1-0/+39
srv_samr have been). Jeremy. (This used to be commit f434cda9774b4864321b37b0f8f42e6e8dee8d5b)
2001-01-29Changes from SAMBA_2_2:David O'Neill1-1/+1
- fix typo in cast from talloc (This used to be commit f24aa0b51f06b8181b46bb1d2e73d91e5159fe1c)
2001-01-25Fixed "object picker can't determine if object in domain" bug seen from W2KJeremy Allison1-2/+134
clients. Did this by importing Samba-TNG code that correctly handles LSA lookups. *MANY* thanks to Luke, Sander, Elrond and the rest of the TNG gang ! Jeremy (This used to be commit f76dc952f70862a6a390e9f35edd651867842a01)
2001-01-15Changes from APPLIANCE_HEAD:David O'Neill1-1/+1
source/rpc_parse/parse_lsa.c - off by one unistr length bug in init_lsa_trans_name() source/lib/util_sid.c - resolve more BUILTIN sid values to names. source/nsswitch/wb_client.c - fix typo in debug message - set errno on error so we don't get bogus value from last failure. source/rpc_server/srv_spoolss_nt.c - add debug to track number of open printer handles for ease of tracking handle leaks in the future. source/rpc_server/srv_lsa.c - fix off-by-one string bug. This was preventing NT from displaying names for well-know SIDs in printer permissions dialog. (This used to be commit 59229b9025cff54cbdd05e374616ffbf9c6fee33)
2001-01-11RPC server fixes for RPC client changes merged from TNG.Tim Potter1-2/+42
(This used to be commit 793153ebde08db217a18882c5eec945b7b14de69)
2001-01-11General clean up. Merged routines for parsing enum_trust_dom rpc call.Tim Potter1-136/+111
(This used to be commit 54b34517ce5e51ac697eff4befdd313222b4fecd)
2000-12-15Never free anything in the rpc_parse/prs_XXX functions. Do it in the enclosingJeremy Allison1-10/+0
function. lib/util_unistr.c: Check lengths *before* reading source - prevent uninitialised memory reads. Jeremy. (This used to be commit ce4f461965c872fbfc9fe5f6b98aed58bb3dd67a)
2000-12-15Fixed memory leaks in lsa_XX calls. Fixed memory leaks in smbcacls. MergedJeremy Allison1-13/+30
in fixes from appliance-head and 2.2. Fixed multiple connection.tdb open problem. Jeremy. (This used to be commit 0a40bc83e14c69a09948ec09bb6fc5026c4f4c14)
2000-12-13Wrong length for unistr2 in init_q_lookup_names()Tim Potter1-24/+33
Removed some more static arrays and replaced with tallocated memory blocks. (This used to be commit 1db0f31ae00bf9c91eb7d02c96bf766d04c7bdef)
2000-12-12Merged in Tim's changes : Removed static limit of MAX_LOOKUP_SIDS in rpc ↵Jeremy Allison1-41/+101
server and client lsa_lookup_names() and lsa_lookup_sids(). Jeremy. (This used to be commit 9e9c71c8b3194b7cd02fea0b6a000d4f2940d905)
2000-12-08Port of lsa_lookup_sids() and lsa_lookup_names() rpc client functions fromTim Potter1-33/+31
TNG branch. Re-instated lsa_lookup_sids and lsa_lookup_names functions in rpcclient. This requires most samba binaries to link in another handful of object files due to uncessary coupling between modules. )-: (This used to be commit 817819d0cc3ecf642be5a1656be3b71bed260ee4)
2000-10-13last part of W2K support.Jean-François Micouleau1-4/+4
the trust domain list reply on netlogon pipe was wrong, interim hack until we have full trust relationships. changed some unistr2 to parse the ending NULL char. added a prs_align_needed() function. much like a prs_align but with a condition. needed for the unistr2 parsing. J.F. (This used to be commit d8bf81553c17d9ee3419d8150b96119ebb0b8fa9)
2000-09-20Some code moved back from TNG - updates to LSA stuff. Not yet used butJeremy Allison1-8/+80
will be needed soon. Jeremy. (This used to be commit f0aa8f9314c837fe39b6d1b0c41d5cfae2e4098f)
2000-04-25moved trans2.h and nterr.h into includes.h with all our other includesAndrew Tridgell1-1/+0
(This used to be commit d7cd7c88fdabb01d9e40ae8a657737907a21ac37)