Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-08-25 | s3-lsa: separate out init_lsa headers. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-06 | s3-netlogon: remove global include of netlogon.h. | Günther Deschner | 1 | -0/+1 | |
This reduces precompiled headers by another 4 MB and also slightly speeds up the build. Guenther | |||||
2010-08-05 | s3-secrets: only include secrets.h when needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-07-28 | s3-dcerpc: Use dcerpc_AuthType in pipe_auth_data | Simo Sorce | 1 | -2/+2 | |
2010-07-28 | s3-lsa: Use struct pipes_struct. | Andreas Schneider | 1 | -83/+120 | |
2010-07-13 | s3-dceprc: Store opnum in its own variable | Simo Sorce | 1 | -2/+2 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-06-07 | s3-privileges: use LUID defines from lsa IDL. | Günther Deschner | 1 | -6/+4 | |
Guenther | |||||
2010-06-03 | s3-security: use shared "Standard access rights.". | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2010-05-28 | s3:auth use info3 in auth_serversupplied_info | Simo Sorce | 1 | -1/+1 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-21 | s3:dom_sid Global replace of DOM_SID with struct dom_sid | Andrew Bartlett | 1 | -17/+17 | |
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-18 | s3-secdesc: remove "typedef struct security_descriptor SEC_DESC". | Günther Deschner | 1 | -6/+6 | |
Guenther | |||||
2010-05-18 | s3-secdesc: remove "typedef struct security_acl SEC_ACL". | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2010-05-18 | s3-secdesc: remove "typedef struct security_ace SEC_ACE". | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2010-05-18 | s3-rpc_misc: clean out include/rpc_misc.h. | Günther Deschner | 1 | -1/+1 | |
Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther | |||||
2010-03-16 | s3-lsa: fix _lsa_lsaRSetForestTrustInformation server stub. | Günther Deschner | 1 | -1/+1 | |
Guenther Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-01-10 | s3: Replace most calls to sid_append_rid() by sid_compose() | Volker Lendecke | 1 | -2/+1 | |
2009-11-26 | s3-rpc: Avoid including every pipe's client and server stubs everywhere in ↵ | Günther Deschner | 1 | -0/+1 | |
samba. Guenther | |||||
2009-11-03 | s3-lsa: fill in some more info levels in _lsa_QueryInfoPolicy(). | Günther Deschner | 1 | -0/+32 | |
Add dummys (just like s4 does) and fill in some more appropriate error codes. Guenther | |||||
2009-10-30 | s3-lsa: expand struct lsa_info to carry name and sd. | Günther Deschner | 1 | -0/+2 | |
Guenther | |||||
2009-10-30 | s3-lsa: use switch in _lsa_QuerySecurity(). | Günther Deschner | 1 | -3/+7 | |
Guenther | |||||
2009-10-28 | s3-lsa: add lsa_trusted_domain_mapping. | Günther Deschner | 1 | -0/+7 | |
Guenther | |||||
2009-10-28 | s3-lsa: add lsa_secret_mapping. | Günther Deschner | 1 | -0/+7 | |
Guenther | |||||
2009-10-28 | s3-lsa: use correct function name in_lsa_RemoveAccountRights(). | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-10-28 | s3-lsa: pure cosmetic indentation fixes. | Günther Deschner | 1 | -18/+16 | |
Guenther | |||||
2009-10-28 | s3-lsa: use enum lsa_LookupNamesLevel in lsa_lookup_level_to_flags(). | Günther Deschner | 1 | -7/+8 | |
Guenther | |||||
2009-10-21 | s3-lsa: Fix _lsa_EnumTrustDom() and avoid infite windows client loop. | Günther Deschner | 1 | -0/+9 | |
Found by RPC-LSA-TRUSTED-DOMAIN torture test. Guenther | |||||
2009-10-21 | s3-lsa: make s3 pass against RPC-LSA-LOOKUPNAMES again. | Günther Deschner | 1 | -6/+7 | |
Do what W2k8 does and return the builtin domain for a NULL name. Guenther | |||||
2009-10-20 | s3-lsa: Fix _lsa_EnumTrustDom(). | Günther Deschner | 1 | -41/+25 | |
Windows clients were showing a lot of duplicates in their list of trusted domains. Found by RPC-LSA-TRUSTED-DOMAIN torture test. Guenther | |||||
2009-10-20 | s3-lsa: Fix _lsa_CreateAccount() for usage of SEC_FLAG_MAXIMUM_ALLOWED. | Günther Deschner | 1 | -0/+5 | |
Found by RPC-LSA-PRIVILEGES torture test. Guenther | |||||
2009-10-20 | s3-lsa: When looking up domains in LookupNames, do not strip the sid. | Günther Deschner | 1 | -1/+5 | |
Found by RPC-LSA-LOOKUPNAMES torture test. Guenther | |||||
2009-10-20 | s3-lsa: allow to have NULL strings in lsa LookupName queries. | Günther Deschner | 1 | -1/+4 | |
Found by RPC-LSA-LOOKUPNAMES torture test. Guenther | |||||
2009-09-11 | lsa: fill in more unknowns in lsa_LookupSid calls. | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2009-07-25 | Fix a 32/64bit stack corruption bug | Volker Lendecke | 1 | -1/+1 | |
2009-07-17 | s3-lsa: let _lsa_Delete return NT_STATUS_NOT_SUPPORTED as w2k3 does. | Günther Deschner | 1 | -6/+10 | |
Guenther | |||||
2009-07-17 | s3-lsa: Fix access_mask calculation for new handle in _lsa_CreateAccount(). | Günther Deschner | 1 | -6/+24 | |
Guenther | |||||
2009-07-17 | s3-lsa: add (not yet activate) level specific access checks for ↵ | Günther Deschner | 1 | -0/+42 | |
_lsa_QueryInfoPolicy. Guenther | |||||
2009-07-17 | s3-lsa: also implement level 13 in lsa_QueryInfoPolicy. | Günther Deschner | 1 | -19/+24 | |
Guenther | |||||
2009-07-17 | s3-lsa: Fix policy handle memleak and handle type check in _lsa_DeleteObject(). | Günther Deschner | 1 | -4/+14 | |
Guenther | |||||
2009-07-17 | s3-lsa: Fix pointless check for sec_info flags in _lsa_QuerySecurity(). | Günther Deschner | 1 | -13/+3 | |
Guenther | |||||
2009-07-17 | s3-lsa: implement _lsa_LookupPrivName(). | Günther Deschner | 1 | -6/+45 | |
Guenther | |||||
2009-07-17 | s3-lsa: implement _lsa_EnumAccountsWithUserRight(). | Günther Deschner | 1 | -6/+57 | |
Guenther | |||||
2009-07-13 | s3-rpc_server: pass down full unix token to map_max_allowed_access(). | Günther Deschner | 1 | -2/+6 | |
Also use unix_token->uid instead of geteuid() when checking for mapping of the SEC_FLAG_MAXIMUM_ALLOWED flag. Guenther | |||||
2009-07-04 | Handle LSA_POLICY_INFO_DNS | Volker Lendecke | 1 | -0/+26 | |
2009-07-04 | Implement QueryInfoPolicy2 similar to s4: Make it the same as QueryInfoPolicy | Volker Lendecke | 1 | -3/+15 | |
Don't reply to it for non-pdb-ads to keep up our old behaviour | |||||
2009-06-28 | _lsa_QueryInfoPolicy: Use symbolic info level names | Volker Lendecke | 1 | -4/+4 | |
2009-06-23 | s3-lsa: Fix error path in _lsa_EnumAccountRights. | Günther Deschner | 1 | -2/+11 | |
This needs to return NT_STATUS_OBJECT_NAME_NOT_FOUND again as described in MS-LSAD 3.1.4.5.10 and tested with the RPC-SAMR-USER-PRIVILEGES test. Guenther | |||||
2009-06-16 | _lsa_EnumAccountRights and _lsa_EnumPrivsAccount can return an | Jeremy Allison | 1 | -19/+17 | |
empty set of privilages if the SID doesn't have any. (From [MS-LSAD.pdf]) Jeremy. | |||||
2009-06-08 | s3-lsa: remove old code that we cannot even compile anymore. | Günther Deschner | 1 | -111/+0 | |
Guenther | |||||
2009-05-20 | Add a security model to LSA. Similar to the SAMR code - using | Jeremy Allison | 1 | -88/+227 | |
the MS-LSA docs. Jeremy. | |||||
2009-05-18 | Change access_check_samr_object -> access_check_object. | Jeremy Allison | 1 | -15/+9 | |
Make map_max_allowed_access global. Change lsa_get_generic_sd to add Everyone:LSA_POLICY_READ|LSA_POLICY_EXECUTE, not just LSA_POLICY_EXECUTE. Jeremy. |