| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2010-09-11 | s3-privs Overhaul PRIVILEGE_SET handling, avoid dealing with the bitmap | Andrew Bartlett | 1 | -56/+18 | |
| This avoids us dealing with the privilege bitmap in the LSA server, and overhauls much of the rest of the handling to be currnet with the modern world of talloc. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Hide the bitmap-based grant_privilege and revoke_privilege | Andrew Bartlett | 1 | -12/+3 | |
| The new wrappers avoid anything but the core privileges code dealing with the bitmap values directly. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Make privilege_enum_sids() take an LUID, not a bitmap | Andrew Bartlett | 1 | -3/+4 | |
| This moves one more privileges call away from direct bitmap manipuation. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | libcli/security make sec_privilege_id() return SEC_PRIV_INVALID on failure. | Andrew Bartlett | 1 | -1/+1 | |
| Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Rework access_check_object() to take two privileges | Andrew Bartlett | 2 | -65/+56 | |
| This allows the privileges bitmap to be used only when setting privileges, and uses an the LUID constant for all 'does this user have this privilege' operations. The advantage is that we now only need one API to determine if a token has a privilege, and much less code needs to know what type is used for the underlying bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | libcli/security Remove luid_to_se_priv() and luid_to_privilege_name() | Andrew Bartlett | 1 | -3/+9 | |
| These functions duplicate other functions in the merged code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Convert from user_has_privileges() -> security_token_has_privilege() | Andrew Bartlett | 5 | -38/+22 | |
| This new call is available in the merged privileges code, and takes an enum as the parameter, rather than a bitmask. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Remove a pointer from grant_privilege() | Andrew Bartlett | 1 | -1/+1 | |
| Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Remove pointer indirection from se_priv_to_privilege_set() | Andrew Bartlett | 1 | -2/+2 | |
| Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Remove a pointer indirection from revoke_privilege() | Andrew Bartlett | 1 | -1/+1 | |
| Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | libcli/security Don't export privs[] as a global variable | Andrew Bartlett | 1 | -5/+2 | |
| Instead, provide access functions for the LSA and net sam callers for the information they need. They still only enumerate the first 8 privileges that have traditionally been exposed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-lsa Use sec_privilege_id() to lookup name to LUID | Andrew Bartlett | 1 | -9/+4 | |
| Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | libcli/security Return number of entries in the old source3 list | Andrew Bartlett | 1 | -1/+1 | |
| This ensures there isn't a behaviour change when the source3 list is combined with the longer source4 list. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | libcli/privileges Simplify get_privilege_luid() to return just the enum | Andrew Bartlett | 1 | -4/+2 | |
| As Samba only deals with the lower 32 bits of the LUID, just return those and let the LSA layer deal with the upper 0 bits. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Inline dump_se_priv into callers now that it's just a uint64_t | Andrew Bartlett | 1 | -4/+2 | |
| The previous 128 bit structure needed this helper function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Rename structure elements for greater clarity | Andrew Bartlett | 1 | -1/+1 | |
| It is important to make clear which is the LUID and which is the Samba-only bitmap mask. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3:auth Remove NT_USER_TOKEN | Andrew Bartlett | 4 | -16/+16 | |
| The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-auth Change struct nt_user_token -> struct security_token | Andrew Bartlett | 1 | -2/+2 | |
| This common structure is defined in security.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-11 | s3-privs Further changes to remove SE_PRIV | Andrew Bartlett | 4 | -25/+25 | |
| Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
| 2010-09-10 | s3-spoolss: Fix _spoolss_GetPrinter(). | Günther Deschner | 1 | -1/+2 | |
| In the error case, we need to TALLOC_FREE(r->out.info), don't ask :-) Guenther | |||||
| 2010-09-10 | s3-spoolss: Don't leak memory on the session counter list. | Andreas Schneider | 1 | -0/+12 | |
| Thanks Günther, please check. | |||||
| 2010-09-10 | s3-spoolss: Allow multiple client backchannels. | Simo Sorce | 1 | -77/+116 | |
| When we run spoolssd we need to support multiple clients connecting. Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
| 2010-09-10 | s3-spoolss: Split function to send notification. | Simo Sorce | 1 | -127/+162 | |
| More digestible this way. Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
| 2010-09-10 | s3-spoolss: Use a single structure for all the back channel data. | Simo Sorce | 1 | -14/+18 | |
| Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
| 2010-09-10 | s3-spoolss: Rename Printer_entry to struct printer_handle. | Simo Sorce | 1 | -53/+53 | |
| Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
| 2010-09-10 | s3-spoolss: Move Printer_entry to srv_spoolss_nt.c | Simo Sorce | 1 | -0/+44 | |
| It is used only there, and it is a good idea to make this one private and opaque to the rest of the code. Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
| 2010-09-10 | s3-spoolss: Allocate printer entries on the pipe struct. | Simo Sorce | 1 | -1/+2 | |
| Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
| 2010-09-10 | s3-spoolss: Rename session counter structure and use talloc. | Simo Sorce | 1 | -8/+7 | |
| Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
| 2010-09-10 | s3-spoolss: allow a short printername w/o servername. | Günther Deschner | 1 | -6/+1 | |
| Verified with RPC-SPOOLSS-PRINTSERVER-enumprinters_old test. Guenther | |||||
| 2010-09-09 | s3-spoolss: Use systerm server_info for winreg connection. | Andreas Schneider | 1 | -88/+162 | |
| This will ensure that we have the rights we need to access the regsitry. | |||||
| 2010-09-09 | s3-spoolss: Make auth_serversupplied_info const. | Andreas Schneider | 3 | -63/+63 | |
| 2010-09-09 | s3-rpcint: Make auth_serversupplied_info const. | Andreas Schneider | 1 | -3/+3 | |
| 2010-09-09 | s3-spoolss: Fixed some build warnings. | Andreas Schneider | 1 | -7/+11 | |
| 2010-09-08 | s3-spoolss: Move spoolss winreg to new dcerpc client funtions. | Andreas Schneider | 1 | -347/+389 | |
| 2010-09-08 | s3-spoolss: Fixed a possible crash bug. | Andreas Schneider | 1 | -1/+15 | |
| 2010-09-07 | s3: Prune the printername cache when a printer is deleted | Volker Lendecke | 1 | -2/+20 | |
| Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
| 2010-09-04 | s3:rpc_server: implement rpcint_bh_set_timeout() as dummy | Stefan Metzmacher | 1 | -0/+8 | |
| metze | |||||
| 2010-09-04 | s3:rpc_server: make it possible to use rpcint_binding_handle() directly | Stefan Metzmacher | 1 | -18/+76 | |
| metze | |||||
| 2010-09-03 | s3-spoolss: fix some debug statements. | Günther Deschner | 1 | -1/+1 | |
| Guenther | |||||
| 2010-08-30 | s3-dcerpc: Implement DCERPC_AUTH_TYPE_KRB5 server side | Simo Sorce | 1 | -29/+364 | |
| Signed-off-by: Günther Deschner <gd@samba.org> | |||||
| 2010-08-29 | s3: Remove smbd_server_fd() from srv_netlog_nt | Volker Lendecke | 1 | -3/+2 | |
| This is not actually used. If it was to be activated, we'd have to pass in a pipes_struct. | |||||
| 2010-08-29 | s3: Remove some uses of smbd_server_fd() | Volker Lendecke | 1 | -2/+2 | |
| The change in behaviour is that we don't detect "socket option" changes anymore when printers are added or removed. | |||||
| 2010-08-27 | s3: Cache results of finding printer names | Volker Lendecke | 1 | -0/+39 | |
| With hundreds of printers or on a slow machine, this can become expensive. Problem reported and patch sponsored by DESY, Hamburg (www.desy.de) | |||||
| 2010-08-27 | s3: Pass rhost through to smb_pam_passchange | Volker Lendecke | 3 | -16/+37 | |
| 2010-08-26 | s3-build: only include rpc_misc.h where needed. | Günther Deschner | 2 | -0/+2 | |
| Guenther | |||||
| 2010-08-26 | s3-build: use dbwrap.h only where needed. | Günther Deschner | 1 | -0/+1 | |
| Guenther | |||||
| 2010-08-26 | s3-dcerpc: only include rpc_dce.h where needed. | Günther Deschner | 3 | -0/+3 | |
| Guenther | |||||
| 2010-08-26 | s3-build: only include "fake_file.h" where needed. | Günther Deschner | 1 | -0/+1 | |
| Guenther | |||||
| 2010-08-25 | s3-lsa: separate out init_lsa headers. | Günther Deschner | 3 | -0/+3 | |
| Guenther | |||||
| 2010-08-22 | s3: Replace calls to check_access by allow_access | Volker Lendecke | 1 | -2/+2 | |
| We already have both the name and address of the client stored now | |||||
 |
index : samba | |
| Unnamed repository; edit this file 'description' to name the repository. | ben |
| summaryrefslogtreecommitdiff |