summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2010-09-14s3-torture Add tests to show that the dom_sid parsing was faulty.Andrew Bartlett1-0/+98
Andrew Bartlett
2010-09-14s3-util_sid Use the NDR parser to parse struct dom_sidAndrew Bartlett1-14/+8
The manual parser failed to constrain the maximum number of sub-authorities to 15, allowing an overflow of the array. Andrew Bartlett
2010-09-14libcli/security Merge source3/ string_to_sid() to common codeAndrew Bartlett1-106/+0
The source3 code repsects the limit of a maximum of 15 subauths, while the source4 code does not, creating a security issue as we parse string-form SIDs from clients. Andrew Bartlett
2010-09-14s3-util_sid use ARRAY_SIZE() to ensure we never overflow the dom_sidAndrew Bartlett1-1/+1
This ensures that this, unlike the MAXSUBAUTHS macro, can't get out of sync with the structure. Andrew Bartlett
2010-09-14s3-util_sid Accept S-1-5 as a SIDAndrew Bartlett1-2/+10
2010-09-14s3-dom_sid Use C99 types in dom_sid handlingAndrew Bartlett1-7/+7
Andrew Bartlett
2010-09-14s3/profile: remove the magical clock initialization from the profile codeBjörn Jacke2-64/+3
there's no point in not profiling times if no monotonic clock is found - monotonic and realtime clock are equally fast. Just use clock_gettime_mono instead.
2010-09-14s3/profiling: don't use CLOCK_PROCESS_CPUTIME_IDBjörn Jacke3-36/+0
that clock is a CPU burnometer but we need a chronometer for profiling.
2010-09-14s3-waf: fix the build after privilege code changes.Günther Deschner1-1/+1
Guenther
2010-09-13s3: Remove some unnecessary if-statementsVolker Lendecke1-10/+5
2010-09-13Fix bug 7409 - Thousands of reduce_name: couldn't get realpath.Jeremy Allison1-1/+1
Don't log this at level 1 - every EACCES will generate one. Thanks to muehlfeld@medizinische-genetik.de for pointing this out. Jeremy.
2010-09-13ntlm_auth: Fix a valgrind errorVolker Lendecke1-1/+1
2010-09-13s3: Fix a typoVolker Lendecke1-1/+1
2010-09-13s3: Fix a typo (authentictaion->authentication)Volker Lendecke1-1/+3
2010-09-12s3: Remove a nesting level in winbindd_dual_pam_chauthtokVolker Lendecke1-18/+19
2010-09-11s3-auth Fix typo in commentAndrew Bartlett1-1/+1
2010-09-11s3-krb5 Fix Kerberos on FreeBSD with Samba4 DCsAndrew Bartlett1-3/+1
The idea of this patch is: Don't support a mix of different kerberos features. Either we should prepare a GSSAPI (8003) checksum and mark the request as such, or we should use the old behaviour (a normal kerberos checksum of 0 data). Sending the GSSAPI checksum data, but without marking it as GSSAPI broke Samba4, and seems well outside the expected behaviour, even if Windows accepts it. Andrew Bartlett
2010-09-11libcli/security Move 'private' privileges functions to another headerAndrew Bartlett1-0/+1
These functions work on the bitmap, and are only exposed because the source3/ privileges storage uses the bitmap in account_policy.tdb Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-samr Explian better the use of two privileges in this callAndrew Bartlett1-0/+4
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Remove 'always true' return from se_priv_put_all_privilegesAndrew Bartlett1-3/+1
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-util_sid Tidy up global struct security_tokenAndrew Bartlett4-16/+8
This no longer needs to be global, and should be const. We now also init it with the C99 style initialisers. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Add constAndrew Bartlett2-6/+6
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Remove extra pointer on privilege maskAndrew Bartlett1-4/+4
Now that this is a scalar, this isn't required. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privileges: add handling of both old and new formats in databaseAndrew Tridgell1-28/+48
We update privileges on a per-record basis instead of all at once, as this maintains maximum compatibility is someone uses old tools with a new version of Samba. The also auto-detects the byte order of the old entries in the database, and copes with either native or reversed byte order. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-11s3-privs Remove unused functionAndrew Bartlett2-31/+0
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Overhaul PRIVILEGE_SET handling, avoid dealing with the bitmapAndrew Bartlett3-106/+36
This avoids us dealing with the privilege bitmap in the LSA server, and overhauls much of the rest of the handling to be currnet with the modern world of talloc. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Hide the bitmap-based grant_privilege and revoke_privilegeAndrew Bartlett4-28/+44
The new wrappers avoid anything but the core privileges code dealing with the bitmap values directly. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Make privilege_enum_sids() take an LUID, not a bitmapAndrew Bartlett4-9/+12
This moves one more privileges call away from direct bitmap manipuation. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security make sec_privilege_id() return SEC_PRIV_INVALID on failure.Andrew Bartlett1-1/+1
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Rework access_check_object() to take two privilegesAndrew Bartlett3-68/+60
This allows the privileges bitmap to be used only when setting privileges, and uses an the LUID constant for all 'does this user have this privilege' operations. The advantage is that we now only need one API to determine if a token has a privilege, and much less code needs to know what type is used for the underlying bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Rework privilege enumeration to also use new DB formatAndrew Bartlett1-5/+18
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Remove luid_to_se_priv() and luid_to_privilege_name()Andrew Bartlett1-3/+9
These functions duplicate other functions in the merged code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Directly manipulate the privileges bitmap.Andrew Bartlett3-14/+7
There is no longer any reason to go via the se_ functions to manipulate this bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Convert from user_has_privileges() -> security_token_has_privilege()Andrew Bartlett9-47/+28
This new call is available in the merged privileges code, and takes an enum as the parameter, rather than a bitmask. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Remove a pointer from grant_privilege()Andrew Bartlett4-10/+10
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Remove pointer indirection from se_priv_to_privilege_set()Andrew Bartlett1-2/+2
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Call security_token_set_privilege() rather than manual assignmentAndrew Bartlett2-2/+3
This avoids as much direct modifiction of the bitmask as possible. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Remove a pointer indirection from revoke_privilege()Andrew Bartlett4-7/+7
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Don't export privs[] as a global variableAndrew Bartlett2-9/+4
Instead, provide access functions for the LSA and net sam callers for the information they need. They still only enumerate the first 8 privileges that have traditionally been exposed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-lsa Use sec_privilege_id() to lookup name to LUIDAndrew Bartlett1-9/+4
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Return number of entries in the old source3 listAndrew Bartlett1-1/+1
This ensures there isn't a behaviour change when the source3 list is combined with the longer source4 list. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/privileges Simplify get_privilege_luid() to return just the enumAndrew Bartlett1-4/+2
As Samba only deals with the lower 32 bits of the LUID, just return those and let the LSA layer deal with the upper 0 bits. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Move manual prototypes to common privileges.hAndrew Bartlett1-20/+0
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Inline dump_se_priv into callers now that it's just a uint64_tAndrew Bartlett3-15/+9
The previous 128 bit structure needed this helper function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Move source3/ privileges implmentation into commonAndrew Bartlett4-534/+2
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Rename structure elements for greater clarityAndrew Bartlett3-12/+12
It is important to make clear which is the LUID and which is the Samba-only bitmap mask. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs More clarity in variable namesAndrew Bartlett1-4/+4
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Rename mask -> privilege_mask to be more clearAndrew Bartlett1-26/+26
After SE_PRIV was removed, it became less clear what these parameters were for. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3:auth Remove NT_USER_TOKENAndrew Bartlett26-94/+92
The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-auth Change struct nt_user_token -> struct security_tokenAndrew Bartlett23-87/+84
This common structure is defined in security.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>