| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Instead, we base our guest calculations on the presence or absense of the
authenticated users group in the token, ensuring that we have only
one canonical source of this important piece of authorization data
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This makes auth3_session_info identical to auth_session_info
The logic to convert the info3 to a struct auth_user_info is
essentially moved up the stack from the named pipe proxy in
source3/rpc_server to create_local_token().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This is closer to the layout of struct auth_session_info in auth.idl
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This brings this structure one step closer to the struct auth_session_info.
A few SMB_ASSERT calls are added in some key places to ensure that
this pointer is initialised, to make tracing any bugs here easier in
future.
NOTE: Many of the users of this structure should be reviewed, as unix
and NT access checks are mixed in a way that should just be done using
the NT ACL. This patch has not changed this behaviour however.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
The only users I can find of this on the internet involve confused
users, and our own documentation recommends never setting this. Don't
confuse our users any longer.
Andrew Bartlett
|
|
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.
Andrew Bartlett
|
|
This provides the 'sconn' parameter to this key functions, that
is currently duplicated in dummysmbd.c, which causes duplicate symbol
issues in the waf build.
This has natrually caused a number of consequential changes across the
codebase, includning not passing a messaging context into initial
reload_services():
This causes problems because the global smbd_server_connection isn't
yet set up, as there isn't a connection here, just the initial
process.
Andrew Bartlett
|
|
strcasecmp_m() never needs to call to talloc, and via next_codepoint()
still has an ASCII fast-path bypassing iconv() calls.
Andrew Bartlett
|
|
This way we can configure which rpc service we actually want to connect to.
By default it uses an "embedded" interface and calls rpc_pipe_open_internal()
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri May 13 14:40:26 CEST 2011 on sn-devel-104
|
|
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
We have already dereferenced "b", and the other calls in this loop can only
have worked with a valid handle
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Mar 17 22:05:10 CET 2011 on sn-devel-104
|
|
This routine was never executed after f0dcc90f because "netname" was always
NULL.
Jeremy, please check!
|
|
Guenther
|
|
Guenther
|
|
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.
The structure is also not ideal for it's current purpose. Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session. This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.
(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Feb 1 16:45:10 CET 2011 on sn-devel-104
|
|
Guenther
|
|
metze
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
Guenther
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
adding new share via MMC
Change the find_service() interface to not depend on fstring, and
create a useable talloc-based interface.
Jeremy.
|
|
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
This way we have one common way to open internal pipes whether they
are shortcircuited or piped to an external process.
|
|
Guenther
|
|
|
|
|
|
Otherwise a lot of information that is usually generated in the ndr_push remains
in an uninitialized state.
Guenther
|
|
Found by clang-analyzer.
|
|
Found by clang-analyzer.
|
|
Guenther
|
|
|
|
54 + 4 = 58 (and not 60).
Found by torture test.
Guenther
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
|
|
Following MS-RAP 3.2.5.13 NetUserGetInfo Command.
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
MS-RAP docs.
Guenther
|
|
Guenther
|
