| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2010-10-12 | libcli/security Provide a common, top level libcli/security/security.h | Andrew Bartlett | 1 | -1/+1 | |
| This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104 | |||||
| 2010-09-21 | s3-lsa: Fix sid in DEBUG in_lsa_EnumAccountRights. | Günther Deschner | 1 | -2/+1 | |
| Andrew, you removed the sid_copy buit forgot the sid, please check. Guenther | |||||
| 2010-09-20 | s3-util: use shared dom_sid_dup. | Günther Deschner | 1 | -6/+6 | |
| Guenther | |||||
| 2010-09-20 | s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions. | Günther Deschner | 1 | -1/+2 | |
| Guenther | |||||
| 2010-09-11 | s3-privs Overhaul PRIVILEGE_SET handling, avoid dealing with the bitmap | Andrew Bartlett | 1 | -56/+18 | |
| This avoids us dealing with the privilege bitmap in the LSA server, and overhauls much of the rest of the handling to be currnet with the modern world of talloc. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Hide the bitmap-based grant_privilege and revoke_privilege | Andrew Bartlett | 1 | -12/+3 | |
| The new wrappers avoid anything but the core privileges code dealing with the bitmap values directly. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Make privilege_enum_sids() take an LUID, not a bitmap | Andrew Bartlett | 1 | -3/+4 | |
| This moves one more privileges call away from direct bitmap manipuation. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | libcli/security make sec_privilege_id() return SEC_PRIV_INVALID on failure. | Andrew Bartlett | 1 | -1/+1 | |
| Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Rework access_check_object() to take two privileges | Andrew Bartlett | 1 | -5/+5 | |
| This allows the privileges bitmap to be used only when setting privileges, and uses an the LUID constant for all 'does this user have this privilege' operations. The advantage is that we now only need one API to determine if a token has a privilege, and much less code needs to know what type is used for the underlying bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | libcli/security Remove luid_to_se_priv() and luid_to_privilege_name() | Andrew Bartlett | 1 | -3/+9 | |
| These functions duplicate other functions in the merged code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Remove a pointer from grant_privilege() | Andrew Bartlett | 1 | -1/+1 | |
| Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Remove pointer indirection from se_priv_to_privilege_set() | Andrew Bartlett | 1 | -2/+2 | |
| Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Remove a pointer indirection from revoke_privilege() | Andrew Bartlett | 1 | -1/+1 | |
| Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | libcli/security Don't export privs[] as a global variable | Andrew Bartlett | 1 | -5/+2 | |
| Instead, provide access functions for the LSA and net sam callers for the information they need. They still only enumerate the first 8 privileges that have traditionally been exposed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-lsa Use sec_privilege_id() to lookup name to LUID | Andrew Bartlett | 1 | -9/+4 | |
| Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | libcli/security Return number of entries in the old source3 list | Andrew Bartlett | 1 | -1/+1 | |
| This ensures there isn't a behaviour change when the source3 list is combined with the longer source4 list. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | libcli/privileges Simplify get_privilege_luid() to return just the enum | Andrew Bartlett | 1 | -4/+2 | |
| As Samba only deals with the lower 32 bits of the LUID, just return those and let the LSA layer deal with the upper 0 bits. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Inline dump_se_priv into callers now that it's just a uint64_t | Andrew Bartlett | 1 | -4/+2 | |
| The previous 128 bit structure needed this helper function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Rename structure elements for greater clarity | Andrew Bartlett | 1 | -1/+1 | |
| It is important to make clear which is the LUID and which is the Samba-only bitmap mask. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Further changes to remove SE_PRIV | Andrew Bartlett | 1 | -6/+6 | |
| Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-08-25 | s3-lsa: separate out init_lsa headers. | Günther Deschner | 1 | -0/+1 | |
| Guenther | |||||
| 2010-08-06 | s3-netlogon: remove global include of netlogon.h. | Günther Deschner | 1 | -0/+1 | |
| This reduces precompiled headers by another 4 MB and also slightly speeds up the build. Guenther | |||||
| 2010-08-05 | s3-secrets: only include secrets.h when needed. | Günther Deschner | 1 | -0/+1 | |
| Guenther | |||||
| 2010-07-28 | s3-dcerpc: Use dcerpc_AuthType in pipe_auth_data | Simo Sorce | 1 | -2/+2 | |
| 2010-07-28 | s3-lsa: Use struct pipes_struct. | Andreas Schneider | 1 | -83/+120 | |
| 2010-07-13 | s3-dceprc: Store opnum in its own variable | Simo Sorce | 1 | -2/+2 | |
| Signed-off-by: Günther Deschner <gd@samba.org> | |||||
| 2010-06-07 | s3-privileges: use LUID defines from lsa IDL. | Günther Deschner | 1 | -6/+4 | |
| Guenther | |||||
| 2010-06-03 | s3-security: use shared "Standard access rights.". | Günther Deschner | 1 | -2/+2 | |
| Guenther | |||||
| 2010-05-28 | s3:auth use info3 in auth_serversupplied_info | Simo Sorce | 1 | -1/+1 | |
| Signed-off-by: Günther Deschner <gd@samba.org> | |||||
| 2010-05-21 | s3:dom_sid Global replace of DOM_SID with struct dom_sid | Andrew Bartlett | 1 | -17/+17 | |
| This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
| 2010-05-18 | s3-secdesc: remove "typedef struct security_descriptor SEC_DESC". | Günther Deschner | 1 | -6/+6 | |
| Guenther | |||||
| 2010-05-18 | s3-secdesc: remove "typedef struct security_acl SEC_ACL". | Günther Deschner | 1 | -1/+1 | |
| Guenther | |||||
| 2010-05-18 | s3-secdesc: remove "typedef struct security_ace SEC_ACE". | Günther Deschner | 1 | -1/+1 | |
| Guenther | |||||
| 2010-05-18 | s3-rpc_misc: clean out include/rpc_misc.h. | Günther Deschner | 1 | -1/+1 | |
| Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther | |||||
| 2010-03-16 | s3-lsa: fix _lsa_lsaRSetForestTrustInformation server stub. | Günther Deschner | 1 | -1/+1 | |
| Guenther Signed-off-by: Günther Deschner <gd@samba.org> | |||||
| 2010-01-10 | s3: Replace most calls to sid_append_rid() by sid_compose() | Volker Lendecke | 1 | -2/+1 | |
| 2009-11-26 | s3-rpc: Avoid including every pipe's client and server stubs everywhere in ↵ | Günther Deschner | 1 | -0/+1 | |
| samba. Guenther | |||||
| 2009-11-03 | s3-lsa: fill in some more info levels in _lsa_QueryInfoPolicy(). | Günther Deschner | 1 | -0/+32 | |
| Add dummys (just like s4 does) and fill in some more appropriate error codes. Guenther | |||||
| 2009-10-30 | s3-lsa: expand struct lsa_info to carry name and sd. | Günther Deschner | 1 | -0/+2 | |
| Guenther | |||||
| 2009-10-30 | s3-lsa: use switch in _lsa_QuerySecurity(). | Günther Deschner | 1 | -3/+7 | |
| Guenther | |||||
| 2009-10-28 | s3-lsa: add lsa_trusted_domain_mapping. | Günther Deschner | 1 | -0/+7 | |
| Guenther | |||||
| 2009-10-28 | s3-lsa: add lsa_secret_mapping. | Günther Deschner | 1 | -0/+7 | |
| Guenther | |||||
| 2009-10-28 | s3-lsa: use correct function name in_lsa_RemoveAccountRights(). | Günther Deschner | 1 | -1/+1 | |
| Guenther | |||||
| 2009-10-28 | s3-lsa: pure cosmetic indentation fixes. | Günther Deschner | 1 | -18/+16 | |
| Guenther | |||||
| 2009-10-28 | s3-lsa: use enum lsa_LookupNamesLevel in lsa_lookup_level_to_flags(). | Günther Deschner | 1 | -7/+8 | |
| Guenther | |||||
| 2009-10-21 | s3-lsa: Fix _lsa_EnumTrustDom() and avoid infite windows client loop. | Günther Deschner | 1 | -0/+9 | |
| Found by RPC-LSA-TRUSTED-DOMAIN torture test. Guenther | |||||
| 2009-10-21 | s3-lsa: make s3 pass against RPC-LSA-LOOKUPNAMES again. | Günther Deschner | 1 | -6/+7 | |
| Do what W2k8 does and return the builtin domain for a NULL name. Guenther | |||||
| 2009-10-20 | s3-lsa: Fix _lsa_EnumTrustDom(). | Günther Deschner | 1 | -41/+25 | |
| Windows clients were showing a lot of duplicates in their list of trusted domains. Found by RPC-LSA-TRUSTED-DOMAIN torture test. Guenther | |||||
| 2009-10-20 | s3-lsa: Fix _lsa_CreateAccount() for usage of SEC_FLAG_MAXIMUM_ALLOWED. | Günther Deschner | 1 | -0/+5 | |
| Found by RPC-LSA-PRIVILEGES torture test. Guenther | |||||
| 2009-10-20 | s3-lsa: When looking up domains in LookupNames, do not strip the sid. | Günther Deschner | 1 | -1/+5 | |
| Found by RPC-LSA-LOOKUPNAMES torture test. Guenther | |||||
 |
index : samba | |
| Unnamed repository; edit this file 'description' to name the repository. | ben |
| summaryrefslogtreecommitdiff |