summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_lsa_hnd.c
AgeCommit message (Collapse)AuthorFilesLines
2002-06-18more debug classess activatedSimo Sorce1-0/+3
(This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e)
2002-06-03Move restrict anonymous checks into a general function calledTim Potter1-0/+28
pipe_access_check(). Eventually this can take a security descriptor as an argument as well. (This used to be commit 8bbdc674afef32621bf473ba1af76bae7270b818)
2002-05-10Fix the bug that refused to allow IPC$ connection to be idled if a pipeJeremy Allison1-0/+17
was open - we now only refuse to allow IPC$ connection to be idled if a handle is open on a pipe. Jeremy. (This used to be commit fc043110bc42d56c8686b9b64c46af7be2fd236e)
2002-03-30Hack to share pipe handles between lsa and samr pipes as NT4.x usrmgrJeremy Allison1-1/+12
insists on re-using an lsa handle opened on a pipe then closed - this keeps them around so long as a samr pipe is also open. Jeremy. (This used to be commit f029bd348c8c16a8774c3fb4f7f1d76470c7688f)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-25Return correct RPC fault PDU on bad handle incoming.Jeremy Allison1-0/+2
Jeremy. (This used to be commit 0db93d8752197e213f0974edae53e2dafdd77b51)
2002-01-22Merge of fixes from 2.2.Jeremy Allison1-9/+10
Jeremy. (This used to be commit 6406a42d012184f5289d4a2b1c07a55556635fe4)
2002-01-20This is the current patch from Luke Leighton <lckl@samba-tng.org> to add aAndrew Bartlett1-2/+2
degree of seperation betwen reading/writing the raw NamedPipe SMB packets and the matching operations inside smbd's RPC components. This patch is designed for no change in behaviour, and my tests hold that to be true. This patch does however allow for the future loadable modules interface to specify function pointers in replacement of the fixed state. The pipes_struct has been split into two peices, with smb_np_struct taking the information that should be generic to where the data ends up. Some other minor changes are made: we get another small helper function in util_sock.c and some of the original code has better failure debugs and variable use. (As per on-list comments). Andrew Bartlett (This used to be commit 8ef13cabdddf58b741886782297fb64b2fb7e489)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-2/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-17move to SAFE_FREE()Simo Sorce1-3/+2
(This used to be commit 5ceecc7bef71b455ba7c4efd9928e2433dccc961)
2001-04-02include/ntdomain.h:Jeremy Allison1-3/+2
rpc_server/srv_lsa_hnd.c: Remove back pointer from policy handle list as the pipe that opened the handle may have been closed. We were dereferencing into something that had been closed. rpc_parse/parse_spoolss.c: Sync up with Gerald's changes in 2.2. lib/replace.c: Don't do proto on setlinebuf as it differs between systems. Jeremy. (This used to be commit 887ef3e12dc56b89b2284d42b16a81f03e15110b)
2001-03-13Move to a handle database per pipe name, not per pipe.Jeremy Allison1-19/+75
Jeremy. (This used to be commit a24b248a77ccac364832ff7d4df083d437caf9ed)
2001-03-11Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison1-198/+76
RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
2001-03-07Sync up handle creation with 2.2 branch. We can now join AS/U domains andJeremy Allison1-20/+22
authenticate against them. Big/little endian issues fixed. Jeremy. (This used to be commit 0e6a34510ed598eaec7fe71a9c91fda528a4675c)
2001-01-23increase MAX_POL_HNDS (merge from 2.2)Gerald Carter1-1/+1
--jerry (This used to be commit a946d13e0ce8afb509ff24bc8035c7c4d09bcf8b)
2000-10-07added samr_set_user_info and info_2.Jean-François Micouleau1-26/+5
cleanup of create_user cleanup of rid/sid mix in samr. now we only have sid. some prs_align() missing in parse_samr.c a small debug change in srv_pipe.c You still can't change a user's password in this commit. Will be availble in the next one. J.F. (This used to be commit b655bc281fa183b1827a946ada1fcf500fb93aea)
2000-05-10more merging voodooAndrew Tridgell1-0/+4
this adds "#define OLD_NTDOMAIN 1" in lots of places. Don't panic - this isn't permanent, it should go after another few merge steps have been done (This used to be commit 92109d7b3c06f240452d39f669ecb8c9c86ab610)
2000-05-02Added sys_fork() and sys_getpid() functions to stop the overheadJeremy Allison1-1/+1
of doing a system call every time we want to just get our pid. Jeremy. (This used to be commit 148628b616b5c29ba6340d65fc3ddbcabba6e67a)
2000-04-04Snuck in some whitespace cleanup while I was visiting these files. (-:Tim Potter1-3/+0
(This used to be commit f249dc041f3f3bdb1adaa41271236ffdb2447475)
2000-03-22acconfig.h configure configure.in: Added check for UT_SYSLEN for utmp code.Jeremy Allison1-25/+0
include/byteorder.h: Added alignment macros. include/nameserv.h: Added defines for msg_type field options - from rfc1002. lib/time.c: Typo fix. lib/util_unistr.c: Updates from UNICODE branch. printing/nt_printing.c: bzero -> memset. smbd/connection.c: Added check for UT_SYSLEN for utmp code. Other fixes : Rollback of unapproved commit from Luke. Please *ask* next time before doing large changes to HEAD. Jeremy. (This used to be commit f02999dbf7971b4ea05050d7206205d7737a78b2)
2000-03-22added the following message to all dce/rpc client/server code, exceptLuke Leighton1-0/+25
the spoolss code (it's cut from TNG) and the smb-dce/rpc interface code that jeremy has been working up to TNG-functionality. i also want this message to go into SAMBA_2_0 and SAMBA_2_0_RELEASE, because it is intolerable that potentially good modifications be made to code that is going to be thrown away, and people waste their time fixing bugs and adding enhancements that have already been carried out already, up to two years ago in the TNG branch. /* * THIS CODE IS OUT-OF-DATE BY TWO YEARS, IS LEGACY DESIGN AND VERY, VERY, * INCOMPLETE. PLEASE DO NOT MAKE ANY FURTHER ENHANCEMENTS TO THIS CODE * UNLESS THEY ARE ALSO CARRIED OUT IN THE SAMBA_TNG BRANCH. * * PLEASE DO NOT TREAT THIS CODE AS AUTHORITATIVE IN *ANY* WAY. * * REPEAT, PLEASE DO NOT MAKE ANY MODIFICATIONS TO THIS CODE WITHOUT * FIRST CHECKING THE EQUIVALENT MODULE IN SAMBA_TNG, UPDATING THAT * FIRST, *THEN* CONSIDER MAKING THE SAME MODIFICATION IN THIS BRANCH * * YOU WILL, ALMOST GUARANTEED, FIND THAT THE BUG-FIX OR ENHANCEMENT THAT * YOU THINK IS NECESSARY, HAS ALREADY BEEN IMPLEMENTED IN SAMBA_TNG. * IF IT HAS NOT, YOUR BUG-FIX OR ENHANCEMENT *MUST* GO INTO SAMBA_TNG * AS THE SAMBA_TNG CODE WILL REPLACE THIS MODULE WITHOUT REFERENCE TO * ANYTHING IN IT, WITH THE POSSIBLE RISK THAT THE BUG-FIX OR ENHANCEMENT * MAY BE LOST. * * PLEASE OBSERVE AND RESPECT THIS SIMPLE REQUEST. * * THANK YOU. * * lkcl@samba.org */ (This used to be commit cfaea90529be222f8df0e20a7ca1289f99c29e09)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-204/+41
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-11-27further abstraction involving client states. main client-side codeLuke Leighton1-30/+22
is pretty much independent of SMB client states, which will make it easier to add other transports. (This used to be commit a1ff7e8fc3129ba4a04722f977bc2d3725d13624)
1999-11-25cool! completed a samr* API that _would_ look like an msdn samr* api...Luke Leighton1-2/+8
if microsoft bothered to publish it. actually, there are good reasons for not publishing it: people might write programs for it, and then those programs wouldn't work on nt5, for example... (This used to be commit 8ce93b80d3b4e1c1e28aa1dde38cdef184eff3c1)
1999-11-24service control manager API completed. svcenum -i works, but does notLuke Leighton1-0/+1
do so twice. possible memory corruption, revolving around getopt(). (This used to be commit 7cacf8bd026f1ee274f1d352c68cf79cf4f3b499)
1999-11-24first stages of removing struct cli_state* and uint16 fnum from allLuke Leighton1-7/+17
msrpc client code. the intent is to hide / abstract / associate connection info behind policy handles. this makes the msrpc functions look more and more like their nt equivalents. who-hou! (This used to be commit c01b18e632aede6fce7264ef6971d7ddba945cfb)
1999-11-24WARNING! MOVED rpc_server/srv_lsa_hnd.c TO lib/util_hnd.cLuke Leighton1-4/+3
CVS UPDATE MAY ISSUE WARNING ABOUT lib/util_hnd.c MODIFICATION DATE BEING IN THE FUTURE. CVS CHECKOUT A NEW REPOSITORY MAY BE SAFER. (This used to be commit c26e8a6ac59934ae580077df937439c2c538dbdb)
1999-11-24rewrote policy handle code to be generic (it's needed for client-side too)Luke Leighton1-34/+164
attempted to fix regsetsec command (This used to be commit eaac0923e0e5e3f4c3d944272a71f3235ac2a741)
1999-11-18set "key does not exist" response to reg_query_val() (win32 status codeLuke Leighton1-3/+25
of 0x2). [p.s. getting REALLY bored of this nt5rc2->samba domain stuff]. (This used to be commit a8801942f72b2394a54e4a46546029fac70efeed)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-1/+3
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-10-21domain aliases added a bit better: does local aliases if you queryLuke Leighton1-1/+22
for sid S-1-5-20 and does (nothing at the moment) if you query for your own sid. (This used to be commit da40f26f4b2f7ce286076b4e39dffd76aa2ef8e6)
1998-09-05some cleanups to use ZERO_STRUCT() and friendsAndrew Tridgell1-2/+2
(This used to be commit 7b154dc4313324dfad6cf0117b8ce246bf12bf16)
1998-09-05tridge the destroyer returns!Andrew Tridgell1-21/+1
prompted by the interpret_security() dead code that Jean-Francois pointed out I added a make target "finddead" that finds potentially dead (ie. unused) code. It spat out 304 function names ... I went through these are deleted many of them, making others static (finddead also reports functions that are used only in the local file). in doing this I have almost certainly deleted some useful code. I may have even prevented compilation with some compile options. I apologise. I decided it was better to get rid of this code now and add back the one or two functions that are needed than to keep all this baggage. So, if I have done a bit too much "destroying" then let me know. Keep the swearing to a minimum :) One bit I didn't do is the ubibt code. Chris, can you look at that? Heaps of unused functions there. Can they be made static? (This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
1998-08-17added some optimisation for the case where the number of open files isAndrew Tridgell1-15/+2
very large. files.c now promotes a files_struct to the top of the list if it is used when it is more than 10 elements from the top. also moved common linked list code for the 5 sets of linked lists that I've created over the past few days into dlinklist.h (I've explained to Chris why I didn't use the ubiqx code) (This used to be commit 1eb9ae2996b5a243a147f485e7e353d54f820852)
1998-08-17converted the policy code to use a linked list and bitmap. This savesAndrew Tridgell1-139/+144
us a bit of memory. (This used to be commit 27da84b90df1f32e0d07acad04c72065b2005470)
1998-05-14chgpasswd.c: Added comments to #ifdefsJeremy Allison1-14/+15
ipc.c: Caused samba password changing not to be done if UNIX password changing requested and not successful. util.c: Added string_to_sid() and sid_to_string() functions. lib/rpc/client/cli_samr.c: lib/rpc/include/rpc_misc.h: lib/rpc/parse/parse_lsa.c: lib/rpc/parse/parse_misc.c: lib/rpc/parse/parse_net.c: lib/rpc/parse/parse_samr.c: lib/rpc/server/srv_lsa.c: lib/rpc/server/srv_lsa_hnd.c: lib/rpc/server/srv_netlog.c: lib/rpc/server/srv_samr.c: lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs around as char *, they are converted to DOM_SID at the earliest opportunity, and passed around as that. Also added dynamic memory allocation of group sids. Preparing to auto-generate machine sid. Jeremy. (This used to be commit 134d6fa79c1b6b9505a2c84ba9bfb91dd3be76e5)
1998-05-11changed to use slprintf() instead of sprintf() just aboutAndrew Tridgell1-3/+3
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
1998-03-11"For I have laboured mightily on Luke's code, and hath brokenJeremy Allison1-0/+316
all I saw" - the book of Jeremy, chapter 1 :-). So here is the mega-merge of the NTDOM branch server code. It doesn't include the new client side pieces, we'll look at that later. This should give the same functionality, server wise, as the NTDOM branch does, only merged into the main branch. Any fixes to domain controler functionality should be added to the main branch, not the NTDOM branch. This code compiles without warnings on gcc2.8, but will need further testing before we are sure all the working functionality of the NTDOM server branch has been correctly carried over. I hereby declare the server side of the NTDOM branch dead (and all who sail in her :-). Jeremy. (This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7)