summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_lsa_hnd.c
AgeCommit message (Collapse)AuthorFilesLines
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-204/+41
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-11-27further abstraction involving client states. main client-side codeLuke Leighton1-30/+22
is pretty much independent of SMB client states, which will make it easier to add other transports. (This used to be commit a1ff7e8fc3129ba4a04722f977bc2d3725d13624)
1999-11-25cool! completed a samr* API that _would_ look like an msdn samr* api...Luke Leighton1-2/+8
if microsoft bothered to publish it. actually, there are good reasons for not publishing it: people might write programs for it, and then those programs wouldn't work on nt5, for example... (This used to be commit 8ce93b80d3b4e1c1e28aa1dde38cdef184eff3c1)
1999-11-24service control manager API completed. svcenum -i works, but does notLuke Leighton1-0/+1
do so twice. possible memory corruption, revolving around getopt(). (This used to be commit 7cacf8bd026f1ee274f1d352c68cf79cf4f3b499)
1999-11-24first stages of removing struct cli_state* and uint16 fnum from allLuke Leighton1-7/+17
msrpc client code. the intent is to hide / abstract / associate connection info behind policy handles. this makes the msrpc functions look more and more like their nt equivalents. who-hou! (This used to be commit c01b18e632aede6fce7264ef6971d7ddba945cfb)
1999-11-24WARNING! MOVED rpc_server/srv_lsa_hnd.c TO lib/util_hnd.cLuke Leighton1-4/+3
CVS UPDATE MAY ISSUE WARNING ABOUT lib/util_hnd.c MODIFICATION DATE BEING IN THE FUTURE. CVS CHECKOUT A NEW REPOSITORY MAY BE SAFER. (This used to be commit c26e8a6ac59934ae580077df937439c2c538dbdb)
1999-11-24rewrote policy handle code to be generic (it's needed for client-side too)Luke Leighton1-34/+164
attempted to fix regsetsec command (This used to be commit eaac0923e0e5e3f4c3d944272a71f3235ac2a741)
1999-11-18set "key does not exist" response to reg_query_val() (win32 status codeLuke Leighton1-3/+25
of 0x2). [p.s. getting REALLY bored of this nt5rc2->samba domain stuff]. (This used to be commit a8801942f72b2394a54e4a46546029fac70efeed)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-1/+3
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-10-21domain aliases added a bit better: does local aliases if you queryLuke Leighton1-1/+22
for sid S-1-5-20 and does (nothing at the moment) if you query for your own sid. (This used to be commit da40f26f4b2f7ce286076b4e39dffd76aa2ef8e6)
1998-09-05some cleanups to use ZERO_STRUCT() and friendsAndrew Tridgell1-2/+2
(This used to be commit 7b154dc4313324dfad6cf0117b8ce246bf12bf16)
1998-09-05tridge the destroyer returns!Andrew Tridgell1-21/+1
prompted by the interpret_security() dead code that Jean-Francois pointed out I added a make target "finddead" that finds potentially dead (ie. unused) code. It spat out 304 function names ... I went through these are deleted many of them, making others static (finddead also reports functions that are used only in the local file). in doing this I have almost certainly deleted some useful code. I may have even prevented compilation with some compile options. I apologise. I decided it was better to get rid of this code now and add back the one or two functions that are needed than to keep all this baggage. So, if I have done a bit too much "destroying" then let me know. Keep the swearing to a minimum :) One bit I didn't do is the ubibt code. Chris, can you look at that? Heaps of unused functions there. Can they be made static? (This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
1998-08-17added some optimisation for the case where the number of open files isAndrew Tridgell1-15/+2
very large. files.c now promotes a files_struct to the top of the list if it is used when it is more than 10 elements from the top. also moved common linked list code for the 5 sets of linked lists that I've created over the past few days into dlinklist.h (I've explained to Chris why I didn't use the ubiqx code) (This used to be commit 1eb9ae2996b5a243a147f485e7e353d54f820852)
1998-08-17converted the policy code to use a linked list and bitmap. This savesAndrew Tridgell1-139/+144
us a bit of memory. (This used to be commit 27da84b90df1f32e0d07acad04c72065b2005470)
1998-05-14chgpasswd.c: Added comments to #ifdefsJeremy Allison1-14/+15
ipc.c: Caused samba password changing not to be done if UNIX password changing requested and not successful. util.c: Added string_to_sid() and sid_to_string() functions. lib/rpc/client/cli_samr.c: lib/rpc/include/rpc_misc.h: lib/rpc/parse/parse_lsa.c: lib/rpc/parse/parse_misc.c: lib/rpc/parse/parse_net.c: lib/rpc/parse/parse_samr.c: lib/rpc/server/srv_lsa.c: lib/rpc/server/srv_lsa_hnd.c: lib/rpc/server/srv_netlog.c: lib/rpc/server/srv_samr.c: lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs around as char *, they are converted to DOM_SID at the earliest opportunity, and passed around as that. Also added dynamic memory allocation of group sids. Preparing to auto-generate machine sid. Jeremy. (This used to be commit 134d6fa79c1b6b9505a2c84ba9bfb91dd3be76e5)
1998-05-11changed to use slprintf() instead of sprintf() just aboutAndrew Tridgell1-3/+3
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
1998-03-11"For I have laboured mightily on Luke's code, and hath brokenJeremy Allison1-0/+316
all I saw" - the book of Jeremy, chapter 1 :-). So here is the mega-merge of the NTDOM branch server code. It doesn't include the new client side pieces, we'll look at that later. This should give the same functionality, server wise, as the NTDOM branch does, only merged into the main branch. Any fixes to domain controler functionality should be added to the main branch, not the NTDOM branch. This code compiles without warnings on gcc2.8, but will need further testing before we are sure all the working functionality of the NTDOM server branch has been correctly carried over. I hereby declare the server side of the NTDOM branch dead (and all who sail in her :-). Jeremy. (This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7)