summaryrefslogtreecommitdiff
path: root/source3/rpc_parse/parse_sec.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r22852: merge fixes for CVE-2007-2446 and CVE-2007-2447 to all branchesGerald Carter1-7/+6
(This used to be commit f65214be68c1a59d9598bfb9f3b19e71cc3fa07b)
2007-10-10r18846: Fix the same bug Volker noticed when marshalling/unmarshallingJeremy Allison1-1/+10
SEC_ACE. "type" is also an enum that may be any size. Treat as a uint8. Jeremy. (This used to be commit fd97f48ba38cb6a737302dac5cf23239ce7059cc)
2007-10-10r18845: Fix a type-punned warning that turned out to be a real bug: The secdescVolker Lendecke1-2/+20
revision is now an enum that might be represented as anything, in particular as an int. It's definitely not a uint16 :-) Volker (This used to be commit 7c5d66c97111389b679aadb7b8b6721f07496bda)
2007-10-10r18745: Use the Samba4 data structures for security descriptors and security ↵Jelmer Vernooij1-43/+48
descriptor buffers. Make security access masks simply a uint32 rather than a structure with a uint32 in it. (This used to be commit b41c52b9db5fc4a553b20a7a5a051a4afced9366)
2007-10-10r5805: merging spoolss parsing changes from trunk and cleaning up resulting ↵Gerald Carter1-1/+1
segvs (This used to be commit 25121547caaaed0d60f4db7458570c14e7d21b2a)
2007-10-10r4875: Fix for bugid #221, inspired by Mrinal Kalakrishnan <mail@mrinal.net>.Jeremy Allison1-13/+69
NT sometimes send garbage bytes in NT security descriptor linearizations when sending well-known sids. Cope with these. Jeremy. (This used to be commit 51b34bb536fdb18c99da1e151eba03ea634e0449)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-6/+6
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r196: merging struct uuid from trunkGerald Carter1-2/+2
(This used to be commit 911a28361b9d8dd50597627f245ebfb57c6294fb)
2003-10-06split some security related functions in their own files.Simo Sorce1-727/+0
(no need to include all of smbd files to use some basic sec functions) also minor compile fixes couldn't compile to test these due to some kerberos problems wirh 3.0, but on HEAD they're working well, so I suppose it's ok to commit (This used to be commit c78f2d0bd15ecd2ba643bb141cc35a3405787aa1)
2003-09-19Ensure that dup_sec_desc copies the 'type' field correctly. This causedJeremy Allison1-9/+11
me to expose a type arguement to make_sec_desc(). We weren't copying the SE_DESC_DACL_AUTO_INHERITED flag which could cause errors on auto inherited checks. Jeremy. (This used to be commit 28b315a7501f42928d73efaa75f74146ba95cf2d)
2003-06-30Finally ! Fixed the ACL ordering bug reported by jcmd. I realised we wereJeremy Allison1-7/+115
not sorting returned ACE's correctly w.r.t. W2K - implemented the correct algorithm. Jeremy. (This used to be commit fa23a4158ec23c0b8dbdc6c53f29958243107dee)
2003-05-29Change get_nt_acl() to include security_info wanted. Only return this.Jeremy Allison1-42/+15
This gets us closer to W2k+ in what we return for file ACLs. Fix horribly broken make_sec_desc() that screwed up the size when given a SD with no owner or group (how did it get this bad... ?). Jeremy. (This used to be commit 183c9ed4052ab14e269ed1234ca557053f77e77a)
2003-04-25This function is a duplicate.Andrew Bartlett1-18/+0
(This used to be commit fd0cd6200b4b9b4b002dc5b640620c3fb533873b)
2003-03-17Merge from HEAD:Andrew Bartlett1-8/+8
signed/unsigned (mostly i counters) a little bit of const. Andrew Bartlett (This used to be commit 50f0ca752e5058c4051f42a9337361373ba1f727)
2003-02-14Ensure that only parse_prs.c access internal members of the prs_struct.Jeremy Allison1-4/+4
Needed to move to disk based i/o later. Jeremy. (This used to be commit a823fee5b41a5b6cd4ef05aa1f85f7725bd272a5)
2003-01-03Merge from HEAD - make Samba compile with -Wwrite-strings without additionalAndrew Bartlett1-5/+5
warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2002-07-15more bug updates from headAndrew Tridgell1-2/+2
(This used to be commit 8b769bf5bbbe54b1a39fd85cc24db09c1ab7faab)
2002-07-15updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell1-53/+56
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-03-10yipee! Finally put in the patch from Alexey KotovichAndrew Tridgell1-23/+243
<a.kotovich@sam-solutions.net> that adds the security decsriptor code for ADS workstation accounts thanks for your patience Cat, and thanks to Andrew Bartlett for extensive reviews and suggestions about this code. (This used to be commit 6891393b5db868246fe52ff62b3dc6aa5ca6f726)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2001-11-30Renamed sid field in SEC_ACE to trustee to be more in line with MS'sTim Potter1-4/+4
definitions. (This used to be commit 9712d3f15a47155f558d0034ef71fd06afb11301)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-2/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-08-07A collection of fixes/cleanups to the security descriptor code byTim Potter1-9/+10
matt_zinkevicius@hp.com (This used to be commit ce22267ec840aaa3cc8f9b88a62b45c723a06b01)
2001-06-26Ensure we always have a valid pointer on unmarshalling an SD with zeroJeremy Allison1-3/+7
ace entries. Jeremy. (This used to be commit 274c0f5028d41175222dfaaf446e3ed8f5687a5f)
2001-06-26Fixed bug introduced by changeover of security descriptor code fromTim Potter1-1/+8
malloc() to talloc(). Previously, creating an ACL containing zero ACEs would return a non-NULL pointer to zero bytes of memory. The talloc() code would return a NULL pointer making the ACL a NULL ACL instead of an empty one. The difference is a NULL ACL allows all access and an empty ACL denies all access. We solve this by calling talloc(ctx, sizeof(SEC_ACE) * num_aces + 1). Heh. (This used to be commit 89eaaafe7d266788609fab6951fd912c441b3a26)
2001-02-28Move to talloc control of SPOOL_XXX structs. Move to talloc control ofJeremy Allison1-100/+51
security descriptors and pointers. Syncup with 2.2 tree. Jeremy. (This used to be commit 14d5997dc841e78a619e865288486d50c245896d)
2001-02-27As prs_alloc_mem now zeros memory, remove superfluous memsets after it.Jeremy Allison1-6/+0
Jeremy. (This used to be commit 94fdffb3557fa68d634d6c402751f5bcb1f6a656)
2001-01-31Fixed duplicate free_sec_acl() call in free_sec_desc() function.Tim Potter1-1/+1
From "Richard Bollinger" <rabollinger@home.com> (This used to be commit 5b38513cef0cfeff09f54f855f9ace292050375c)
2001-01-11Changes from APPLIANCE_HEAD:David O'Neill1-1/+1
testsuite/printing/psec.c - Use lock directory from smb.conf parameter when peeking at the ntdrivers.tdb file. source/rpc_parse/parse_sec.c - fix typo in debug message source/script/installbin.sh - create private directory as part of 'make install'. source/nsswitch/winbindd_cache.c source/nsswitch/winbindd_idmap.c source/passdb/secrets.c source/smbd/connection.c - always convert tdb key to unix code-page when generating. source/printing/nt_printing.c - always convert tdb key to unix code-page when generating. - don't prepend path to a filename that is NULL in add_a_printer_driver_3(). source/rpc_server/srv_spoolss_nt.c - always convert tdb key to unix code-page when generating. - don't prepend server name to a path/filename that is NULL in the fill_printer_driver_info functions. source/printing/printing.c - always convert tdb key to unix code-page when generating. - move access check for print_queue_purge() outside of job delete loop. source/smbd/unix_acls.c - fix for setting ACLs (this got missed earlier) source/lib/messages.c - trivial sync with appliance_head (This used to be commit 376601d17d53ef7bfaafa576bd770e554516e808)
2000-12-18Merged Tim's fixes from appliance-head.Jeremy Allison1-8/+39
Jeremy. (This used to be commit 26f873540c2299600cb80eb059fcdaf70ec82473)
2000-12-14Changes from APPLIANCE_HEAD:David O'Neill1-1/+9
- add some debugs for comparing two security descriptors. (source/rpc_parse/parse_sec.c) (This used to be commit 505a8a2277f2bc761bd2b170fafbcb3afd982d92)
2000-12-04no longer pass the type to make_sec_desc(), instead the type isAndrew Tridgell1-6/+8
derived from the other arguments (This used to be commit 9ec4b1fa48fbae937fdf78db06005a7b0cd52d89)
2000-11-07Merge of printer security descriptor, info level and printerdataTim Potter1-0/+157
comparison changes from appliance branch. (This used to be commit ae087bdf312806e08848695cad70a943bb3d71b9)
2000-08-01Tidyup removing many of the 0xC0000000 | NT_STATUS_XXX stuff (only need ↵Jeremy Allison1-2/+2
NT_STATUS_XXX). Removed IS_BITS_xxx macros as they were just reproducing "C" syntax in a more obscure way. Jeremy. (This used to be commit c55bcec817f47d6162466b193d533c877194124a)
2000-06-08Cause printer SD's to be displayed correctly (full control).Jeremy Allison1-1/+1
Jeremy. (This used to be commit 341d07c516865bdd9be99f98cd0754d12b25f9c0)
2000-06-07Fixing get/set of security descriptors.Jeremy Allison1-6/+11
Removed ugly hack for NT printing. Fixed up tdb parse stuff memory leaks. Jeremy. (This used to be commit 8ef41f31c53e14ad057d883810a1cd2301fede2a)
2000-06-04sec_desc_size() needs to handle a null secdescAndrew Tridgell1-2/+5
(This used to be commit b152d75ea677d4025dcaaf3ae9009db0979dc402)
2000-06-01Back to building. Now to test with insure.Jeremy Allison1-7/+30
Added some frees needed to stop memory leaks. Jeremy. (This used to be commit eba31e4e802120c9eb8c4688f521b4de9cb91f5c)
2000-06-01Getting back to a compilable state (not there yet but close).Jeremy Allison1-341/+359
Added patches for random -> sys_random. Added set_effective_xxx patches for AFS code. Memory allocation changes in spoolss code. Jeremy. (This used to be commit c2099cfb033c2cdb6035f4f7f50ce21b98e1584d)
2000-05-27security descs in spoolss. needs parse_sec.c nttrans.c broken.Luke Leighton1-356/+341
(This used to be commit f9f2a04fdb7b2af1cfe5bf26ec6f0d955ea948b9)
2000-05-10more mergingAndrew Tridgell1-8/+8
it is now at the stage that winbindd can compile in the head branch, but not link (This used to be commit d178c00aae77710ae6ff20a7f54a30e3bd8232bb)
2000-03-22acconfig.h configure configure.in: Added check for UT_SYSLEN for utmp code.Jeremy Allison1-26/+0
include/byteorder.h: Added alignment macros. include/nameserv.h: Added defines for msg_type field options - from rfc1002. lib/time.c: Typo fix. lib/util_unistr.c: Updates from UNICODE branch. printing/nt_printing.c: bzero -> memset. smbd/connection.c: Added check for UT_SYSLEN for utmp code. Other fixes : Rollback of unapproved commit from Luke. Please *ask* next time before doing large changes to HEAD. Jeremy. (This used to be commit f02999dbf7971b4ea05050d7206205d7737a78b2)
2000-03-22added the following message to all dce/rpc client/server code, exceptLuke Leighton1-0/+26
the spoolss code (it's cut from TNG) and the smb-dce/rpc interface code that jeremy has been working up to TNG-functionality. i also want this message to go into SAMBA_2_0 and SAMBA_2_0_RELEASE, because it is intolerable that potentially good modifications be made to code that is going to be thrown away, and people waste their time fixing bugs and adding enhancements that have already been carried out already, up to two years ago in the TNG branch. /* * THIS CODE IS OUT-OF-DATE BY TWO YEARS, IS LEGACY DESIGN AND VERY, VERY, * INCOMPLETE. PLEASE DO NOT MAKE ANY FURTHER ENHANCEMENTS TO THIS CODE * UNLESS THEY ARE ALSO CARRIED OUT IN THE SAMBA_TNG BRANCH. * * PLEASE DO NOT TREAT THIS CODE AS AUTHORITATIVE IN *ANY* WAY. * * REPEAT, PLEASE DO NOT MAKE ANY MODIFICATIONS TO THIS CODE WITHOUT * FIRST CHECKING THE EQUIVALENT MODULE IN SAMBA_TNG, UPDATING THAT * FIRST, *THEN* CONSIDER MAKING THE SAME MODIFICATION IN THIS BRANCH * * YOU WILL, ALMOST GUARANTEED, FIND THAT THE BUG-FIX OR ENHANCEMENT THAT * YOU THINK IS NECESSARY, HAS ALREADY BEEN IMPLEMENTED IN SAMBA_TNG. * IF IT HAS NOT, YOUR BUG-FIX OR ENHANCEMENT *MUST* GO INTO SAMBA_TNG * AS THE SAMBA_TNG CODE WILL REPLACE THIS MODULE WITHOUT REFERENCE TO * ANYTHING IN IT, WITH THE POSSIBLE RISK THAT THE BUG-FIX OR ENHANCEMENT * MAY BE LOST. * * PLEASE OBSERVE AND RESPECT THIS SIMPLE REQUEST. * * THANK YOU. * * lkcl@samba.org */ (This used to be commit cfaea90529be222f8df0e20a7ca1289f99c29e09)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-308/+396
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-11-24rewrote policy handle code to be generic (it's needed for client-side too)Luke Leighton1-2/+5
attempted to fix regsetsec command (This used to be commit eaac0923e0e5e3f4c3d944272a71f3235ac2a741)
1999-10-25- typecast malloc / Realloc issues.Luke Leighton1-7/+7
- signed / unsigned issues. (This used to be commit c8fd555179314baf1672a23db34dc8ad9f2d02bf)
1999-10-15return results on prs_xxxxx() and all xxx_io_xxx() routines.Luke Leighton1-33/+53
the whole task is not complete, yet. xxx_io_xxx() routines that _call_ xxx_io_xxx() routines not done. prs_xxxx() covered by macros. considering doing xxx_io_xxxx in the same way. (This used to be commit 3b583f7be51434af98bc52b48dfa42c4602a3094)
1999-08-03reverted jeremy's c++-like security descriptor modifications as theLuke Leighton1-372/+226
simplest method to get rpcclient's reggetsec command working. the buffers passed as arguments in do_reg_get_key_sec() do need to be locally allocated not dynamically allocated, as two calls to reg_get_key_sec() are needed. on the first, the server fills in the size of the security descriptor buffer needed. on the second, the server fills in the security descriptor buffer. (This used to be commit b2d9cbef6f65bb696df8d8f49aa0c240e0bb1f50)
1999-02-23added jeremy's new c++-like code for parsing of security descriptors.Luke Leighton1-232/+378
(This used to be commit ec1b7000fd88c5a08e438c7033f60e49b9ec44a8)
1998-11-13Makefile.in configure configure.in include/config.h.in: Changes for DGUX and ↵Jeremy Allison1-1/+1
UNIXWARE. groupdb/aliasdb.c groupdb/aliasfile.c groupdb/groupfile.c: Don't use snprinf, use slprintf. include/includes.h: Fix YP problem. include/smb.h: Fix ZERO_STRUCTP. lib/util_sock.c: Added strerror() in debugs. passdb/ldap.c: Don't use snprinf, use slprintf. rpc_client/cli_lsarpc.c rpc_client/cli_pipe.c rpc_parse/parse_sec.c rpc_server/srv_pipe.c: Don't use snprinf, use slprintf. script/installman.sh: DGUX changes. smbd/open.c smbd/oplock.c: Fixed gcc warnings. web/swat.c: Changes USER to SWAT_USER. (This used to be commit 4c2b5a00983501e5d4aad1456ba8b5ab0dfd9b4c)