summaryrefslogtreecommitdiff
path: root/source3/utils
AgeCommit message (Collapse)AuthorFilesLines
2010-10-20Make getpwnam_alloc() static to lib/username.c, and ensure all username ↵Jeremy Allison1-2/+2
lookups go through Get_Pwnam_alloc(), which is the correct wrapper function. We were using it *some* of the time anyway, so this just makes us properly consistent. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 20 16:02:12 UTC 2010 on sn-devel-104
2010-10-14s3-auth Use security_token_debug() from common codeAndrew Bartlett1-1/+0
This prints the security token including the privileges as strings instead of just a bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14s3 Replace is_sid_in_token() with security_token_has_sid() from common codeAndrew Bartlett1-1/+1
The two routines are identical, so there is no need to keep both. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett20-5/+20
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-07samr: for correctness, rename samr_RidTypeArray to samr_RidAttrArray.Günther Deschner1-2/+2
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Oct 7 12:04:32 UTC 2010 on sn-devel-104
2010-10-01samba: share readline wrappers among all buildsystems.Günther Deschner1-0/+1
Guenther
2010-10-01samba: share select wrappers.Günther Deschner1-0/+1
Guenther
2010-10-01s3-net: better handle obscure 0x80070002 error reply when trying to update anGünther Deschner1-3/+7
not yet published printer. Guenther
2010-10-01s3-net: make sure we dont crash when publishing a single printer.Günther Deschner1-0/+5
Guenther
2010-09-30s3: Add "smbcontrol winbindd ip-dropped <local-ip>"Volker Lendecke1-0/+17
This is supposed to improve the winbind reconnect time after an ip address has been moved away from a box. Any kind of HA scenario will benefit from this, because winbindd does not have to wait for the TCP timeout to kick in when a local IP address has been dropped and DC replies are not received anymore.
2010-09-30s3: Fix a typo in dump-domain-list smbcontrol usage msgVolker Lendecke1-1/+1
2010-09-27Change to using TDB_INCOMPATIBLE_HASH (the jenkins hash) on allJeremy Allison3-3/+4
TDB_CLEAR_IF_FIRST tdb's. For tdb's like gencache where we open without CLEAR_IF_FIRST and then with CLEAR_IF_FIRST if corrupt this is still safe to use as if opening an existing tdb the new hash will be ignored - it's only used on creating a new tdb not opening an old one. Jeremy.
2010-09-26Fix bug #7698 - Assert causes smbd to panic on invalid NetBIOS session request.Jeremy Allison1-9/+32
Found by the CodeNomicon test suites at the SNIA plugfest. http://www.codenomicon.com/ If an invalid NetBIOS session request is received the code in name_len() in libsmb/nmblib.c can hit an assert. Re-write name_len() and name_extract() to use "buf/len" pairs and always limit reads. Jeremy.
2010-09-26s3: Remove talloc_autofree_context() from smbpasswdVolker Lendecke1-2/+2
In both cases, pwd is freed immediately
2010-09-26s3: Remove talloc_autofree_context() from net_sam_provision()Volker Lendecke1-1/+1
2010-09-25s3: Fix bug 7470Volker Lendecke2-2/+4
S_IREAD and S_IWRITE are not standard. Thanks to Joachim Schmitz <schmitz@hp.com> for reporting!
2010-09-23s3-dsgetdcname: always pass in messaging context.Günther Deschner4-1/+10
Volker, please check. Guenther
2010-09-23s3-build: fix the build of split_tokens.Günther Deschner1-0/+1
Guenther
2010-09-22s3-registry: fix some c++ build warnings.Günther Deschner1-1/+1
Guenther
2010-09-22s3:net: add subcommand net registry deletekey_recursiveMichael Adam1-3/+28
to delete a key including subkeys
2010-09-22s3:registry: remove unneeded TALLOC_CTX argument from reg_deletekey_recursiveMichael Adam1-1/+1
2010-09-22s3-net: add command rpc registry importGregor Beck1-0/+296
Signed-off-by: Michael Adam <obnox@samba.org>
2010-09-22s3-net: add command rpc registry exportGregor Beck1-2/+268
Signed-off-by: Michael Adam <obnox@samba.org>
2010-09-22s3-net: add command registry convertGregor Beck1-0/+61
Signed-off-by: Michael Adam <obnox@samba.org>
2010-09-22s3-net: add command registry exportGregor Beck1-0/+113
Signed-off-by: Michael Adam <obnox@samba.org>
2010-09-22s3-net: add command registry importGregor Beck1-0/+203
Signed-off-by: Michael Adam <obnox@samba.org>
2010-09-22s3-net: let rpccli_winreg_Connect optionally return WERRORGregor Beck1-9/+9
Signed-off-by: Michael Adam <obnox@samba.org>
2010-09-21s3:registry: move regio.h from include/ to registry/Michael Adam2-2/+2
2010-09-21s3:registry: move prototypes from reg_init_basic.c to their own header.Michael Adam1-0/+1
2010-09-21s3:registry: move the reg_api prototypes to their own header.Michael Adam1-0/+1
2010-09-20s3-util: use shared dom_sid_dup.Günther Deschner1-2/+2
Guenther
2010-09-20s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.Günther Deschner5-12/+17
Guenther
2010-09-20s3-build: only include smbldap.h where needed.Günther Deschner1-0/+1
Guenther
2010-09-16s3: Add the PAC info3 struct to the netsamlogon_cache in ntlm_authVolker Lendecke1-0/+4
2010-09-16s3: Correctly unwrap the krb ticket in gss-spnegoVolker Lendecke1-1/+52
2010-09-16s3: Fall back to raw NTLMSSP for the gss-spnego protocolVolker Lendecke1-0/+25
This is to handle the mod_auth_ntlm_winbind protocol sending "Negotiate" to IE, which sends raw NTLMSSP instead of a SPNEGO wrapped NTLMSSP blob.
2010-09-16s3: Split off output generation from manage_squid_ntlmssp_requestVolker Lendecke1-17/+41
2010-09-16s3: Wrap the ntlm_auth loop with a talloc_stackframeVolker Lendecke1-0/+2
2010-09-16libcli/auth/ntlmssp Be clear about talloc parents for session keysAndrew Bartlett1-5/+7
The previous API was not clear as to who owned the returned session key. This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code, and avoids making allocations - we steal and zero instead. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-15s3: Fix some debug msgs in ntlm_authVolker Lendecke1-8/+8
2010-09-13s3: Remove some unnecessary if-statementsVolker Lendecke1-10/+5
2010-09-13ntlm_auth: Fix a valgrind errorVolker Lendecke1-1/+1
2010-09-13s3: Fix a typoVolker Lendecke1-1/+1
2010-09-13s3: Fix a typo (authentictaion->authentication)Volker Lendecke1-1/+3
2010-09-11s3-privs Hide the bitmap-based grant_privilege and revoke_privilegeAndrew Bartlett1-7/+6
The new wrappers avoid anything but the core privileges code dealing with the bitmap values directly. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Make privilege_enum_sids() take an LUID, not a bitmapAndrew Bartlett1-3/+5
This moves one more privileges call away from direct bitmap manipuation. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Remove a pointer from grant_privilege()Andrew Bartlett1-1/+1
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Remove a pointer indirection from revoke_privilege()Andrew Bartlett1-1/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Don't export privs[] as a global variableAndrew Bartlett1-4/+2
Instead, provide access functions for the LSA and net sam callers for the information they need. They still only enumerate the first 8 privileges that have traditionally been exposed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3:auth Remove NT_USER_TOKENAndrew Bartlett3-12/+12
The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>