| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
opened by an admin user, then used on a pipe handle created
by an anonymous user..... but they're working on security.... riiight !
Jeremy.
(This used to be commit e96e6a60b82b71714120ce7636fa8402007d4b03)
|
|
(This used to be commit e026b84815ad1a5fa981c24fff197fefa73b4928)
|
|
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
|
|
(This used to be commit e01596853e3eea533baa08c33f26ded75f33fdd4)
|
|
(This used to be commit 8b769bf5bbbe54b1a39fd85cc24db09c1ab7faab)
|
|
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
|
|
used to be commit b8d39651fb90ef170055735412417239a63afc5d)
|
|
Fixes addprinterdriverex.
Jeremy.
(This used to be commit d3c73e59708eeb1ee4642fb31fcfc0ec2fd28070)
|
|
(This used to be commit dcb6d70706a0e86881588c3828ff5bd4d63d415f)
|
|
* DeletePrinterDriverEx() now has the ability to delete
driver files. I need to do some more testing
tro veriofy that we are in fact not deleting a file out from
under another driver, but it looks ok so far.
* DeletePrinterDriver() noiw deletes all versions of the
specified driver (cversion == 0, 1, 2, 3)
(This used to be commit 17bb780e1327663fa2fcd6a3cb25dd461a29c537)
|
|
file deletion now. I have the file list.
One more commit should do it.
(This used to be commit 7207662504f585352b0ceeb99f8998ef58db7f15)
|
|
will actually delete driver files ( not yet though I don't think).
Just wanted to get it in since Jeremy and I are both
working on nt_printing.c
(This used to be commit 3fa6c3132950c9ff1c6a532d8264ee34a6b2b0ff)
|
|
(This used to be commit be926c3a1a7fc79af62dd1830c56e9503f89f9dd)
|
|
SPOOLSS_DELETEPRINTERDRIVEREX. Ran them through some testing.
I know I'm off by 2 x uint32's in the former RPC.
(This used to be commit 55fbfd02ba917b74fd4df7a1aa8cc8c5a91e3e07)
|
|
SPOOLSS_DELETEPRINTERKEY
* stub funnctions for SPOOLSS_ADDPRINTERDRIVEREX and
SPOOLSS_DELETEPRINTERDRIVEREX
(This used to be commit d675974d0c04a68d48d90492005056d96697c96c)
|
|
(This used to be commit 1de04ec4735c19ec21cdef6e679cea17c734c5f6)
|
|
solaris CC (void* arithmatic) and fixes the other warnings (global variable
shadows) that gcc has with this file.
Andrew Bartlett
(This used to be commit 7ac6517bec0f425f99f419f6efd2a673b4ec0f83)
|
|
Correct the 'none mapped' behaviour, (so that it matches Win2k) and add a
function to make the SID types appear as text strings in logs/rpcclient.
Also, remove a silly case that would cause 'failure' to be 'success'. (Might
look at this a bit more in future).
Andrew Bartlett
(This used to be commit c20d057f8821d13d3de61b319de44db23773516b)
|
|
Andrew Bartlett
(This used to be commit 685a205445f5505c105ea421712c4b0468bbc127)
|
|
(This used to be commit 180374c4440765f3d08e5690967beb387ae3b54d)
|
|
Now on to plug in the printing tdbs to the registry view....
jerry
(This used to be commit 2a68e4529ad884e8c3800f9006bb1c2b18cfada4)
|
|
the 'user cannot change password' button work. Needs help from a future SAM
backend, but at least this parses the data, and returns an error.
Andrew Bartlett
(This used to be commit 0c4afe075aa018ec2be10f36fd3f0a5af2a032f1)
|
|
* fixed constant vaolued returned by REG_UNKNOWN_1A
(This used to be commit 3b934e6a8550a03028eed9fe65c28401f429d591)
|
|
This is not the final solution, I think this will probably changed with the
move to the new SAM subsystem, but it allows some research and gives us
somthing to start with.
It should also help with getting proper NT_TOKEN passing set-up.
Original patch by "Kai Krueger" <kai@kruegernetz.de>, which I have modified to
pass back NTSTATUS returns in more places and to use a little more common code.
Andrew Bartlett
(This used to be commit 43b72493708e74e089989db42a003a3862c793e6)
|
|
via regedt32.exe. The regsitry.tdb is only a framework. It is not
intended to store values, only key/subkey structure. The data
will be retrieved from nt*tdb (for printers) creating a virtual view
of the data.
You can currently connect to a Samba box using regedt32.exe (haven't
tried regedit.exe). Some basic keys are created in registry.tdb
for use.
There are two problems....
* something is getting freed in the winreg code that causes heap
corruption later on. As long as you don't play with the winreg
server functionality, I don't think you'll be bitten by this.
* no access controls are currently implemented
* I can't browse HKLM because regedt32 greys out the SYSTEM subkey.
ok so that was three....
(This used to be commit 542d3c93a998083c07b2afa91a7c927c376caf54)
|
|
*.o) and implment new enum_dom_users code in the SAMR RPC subsystem.
Incresingly, we are using the pdb_get_{user,group}_sid() functions, in the
eventual hope that we might one day support muliple domains off a single
passdb. To extract the RID, we use sid_peek_check_rid(), and supply an
'expected' domain SID.
The id21 -> SAM_ACCOUNT and id23 -> SAM_ACCOUNT code has been moved to
srv_samr_util.c, to ease linking in passdb users.
Compatiblity code that uses 'get_global_sam_sid()' for the 'expected' sid is in
pdb_compat.c
Andrew Bartlett
(This used to be commit 5a2a6f1ba316489d118a8bdd9551b155226de94f)
|
|
Went through and checked all string_subs I could to ensure they're being
used correctly.
Jeremy.
(This used to be commit 17cae0d683be404be69554cd0e84117bdcc56c87)
|
|
(This used to be commit daf4c6a013ffa474d768055e73a1cb31ee941e80)
|
|
code
(This used to be commit 91ad9041e9507d36eb3f40c23c5d4df61f139ef0)
|
|
Jeremy.
(This used to be commit b35fc30c37fa894acea3fcb7b48ee9841d1bd5e8)
|
|
Now let's keep this in sync !
Jeremy.
(This used to be commit 3603cd4947df2c10df604447dc542932cb9e5d5a)
|
|
'NT_STATUS_OK' is not the right answer here. Try NO_MORE_ENTRIES for now.
Andrew Bartlett
(This used to be commit c98b9a965905f1876b4884f932ff2e0237d85b03)
|
|
(This used to be commit b07d6d4cebecd77314b123d83c7c2265eb62e1c1)
|
|
Mostly formatting and s/free/SAFE_FREE/g changes with the two exceptions
being
* John driver init changes
* Tim's printer enumeration bug fix
(This used to be commit f7536762863811f96364e8acd3716bdb7d665bbf)
|
|
(This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e)
|
|
The aim of this execise is to give the 'security>=user' code a straight paper
path. Security=share will sill call authorise_login(), but otherwise we avoid
that mess.
This allow *much* more accurate error code reporting, beocuse we don't start
pretending that we can use the (nonexistant) password etc.
Also in this patch is code to create the 'homes' share at session setup time
(as we have done in the past - been broken recently) and to record this on
the user's vuser struct for later reference. The changes here should also
allow for much better use of %H (some more changes to come here).
The service.c changes move a lot of code around, but are not as drastric
as they look...
(Also included is a fix to srv_srvsvc_nt.c where 'total_entries' not
'*total_entries' was compared).
This code is needs testing, but passes my basic tests.
I expect we have lost some functionality, but the stuff I had expected
to loose was already broken before I started. In particular, we don't 'fall
back' to guest if the user cannot access a share (for security=user). If you
want this kind of stuff then you really want security=share anyway.
Andrew Bartlett
(This used to be commit 4c0cbcaed95231f8cf11edb43f6adbec9a0d0b5c)
|
|
like the domain name and SID come from the remote domain, not the local
one. These are filled out by the code from the previous commit (auth_util.c,
the make_server_info_info3() fn) and read back here.
Andrew Bartlett
(This used to be commit 6872de2e5b27fd2de61ed14c85475a0eacd637ca)
|
|
Andrew Bartlett
(This used to be commit 29490f214750acd44cee6c4ab1354722d82d853a)
|
|
to using SIDs instead of RIDs.
The new funciton sid_peek_check_rid() takes an 'expected domain sid' argument.
The idea here is to prevent mistakes where the SID is implict, but isn't
the same one that we have in the struct.
Andrew Bartlett
(This used to be commit 04f9a8ff4c7982f6597c0f6748f85d66d4784901)
|
|
(This used to be commit 30a0e72572b25ddd99438b92b8ddf7f06e9ad819)
|
|
involving the use of lp_winbind_gid() without checking if they have been
set.
Also revert the 'clashing user' check back to a Get_Pwnam() - I probably should
never have changed it.
Andrew Bartlett
(This used to be commit 1d6ba405589cee4e1582bc91cf659b89564899d4)
|
|
initialising function. This patch thanks to the work of
"Stefan (metze) Metzmacher" <metze@metzemix.de>
This is partly to enable the transition to SIDs in the the passdb.
Andrew Bartlett
(This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc)
|
|
(This used to be commit e80e6637064a39635faba5311f774a90b1d5ab43)
|
|
they're only used there.
Added a PRINTER_NOTIFY_VERSION constant.
(This used to be commit 9d3933a59219388c209d8be4ae6decfa337d229f)
|
|
(This used to be commit 7d9b8c58a63cf20d00dd7cf88cfb82aed3a47d12)
|
|
users/groups for better memory accounting.
Andrew Bartlett
(This used to be commit fe7c5efe91ab77784af9dbb56716170f4c6fd057)
|
|
(This used to be commit c8781a3fdaa4d8cb81233582f29159ace7e436ac)
|
|
returning access denied for a SAMR_CONNECT by an anonymous user which
seems to be the way 2K does it rather than blocking individual RPC
calls like NT.
Also checked is the SAMR_GET_DOM_PWINFO rpc which for some reason
doesn't require a policy handle to return information. No idea what
it's actually used.
(This used to be commit 40c68fa85c31c1baf7ba2c8ed62cd06c34711913)
|
|
pipe_access_check(). Eventually this can take a security descriptor
as an argument as well.
(This used to be commit 8bbdc674afef32621bf473ba1af76bae7270b818)
|
|
of files. This was done to better enable net rpc file. Perhaps we can start
giving back real info this way, too.
(This used to be commit b3fea72ee9abd2441a49c35442c54819e4ba16ba)
|
