samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2013-06-13	dsdb: remove a wrong comment in dsdb_check_access_on_dn_internal()	Stefan Metzmacher	1	-4/+1
	Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jun 13 18:19:24 CEST 2013 on sn-devel-104
2013-06-13	dsdb: don't allow a missing nTSecurityDescriptor in ↵	Stefan Metzmacher	1	-3/+3
	dsdb_get_sd_from_ldb_message() Every object has a nTSecurityDescriptor attribute. This also avoids potential segfaults in the callers. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-06-13	dsdb: use AS_SYSTEM \| SHOW_RECYCLED for access check searches	Stefan Metzmacher	1	-1/+7
	We need AS_SYSTEM in order to get the nTSecurityDescriptor attribute. Also the result of this search not controlled by the client nor is the result exposed to the client. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-01-21	libcli/security: handle node initialisation in one spot in ↵	Andrew Bartlett	1	-3/+2
	insert_in_object_tree() This removes special-case for initalising the children array in insert_in_object_tree(). talloc_realloc() handles the intial allocate case perfectly well, so there is no need to have this duplicated. This also restores having just one place were the rest of the elements are intialised, to ensure uniform behaviour. To do this, we have to rework insert_in_object_tree to have only one output variable, both because having both root and new_node as output variables was too confusing, and because otherwise the two pointers were being allowed to point at the same memory. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2011-11-02	dsdb: Handle the case when extended rights string is NULL	Amitay Isaacs	1	-4/+7
	Pair-Programmed-With: Andrew Tridgell <tridge@samba.org> Signed-off-by: Andrew Tridgell <tridge@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Wed Nov 2 07:03:40 CET 2011 on sn-devel-104
2011-08-26	s4-dsdb Return ACL errors as ldb_errstring()	Andrew Bartlett	1	-0/+3
	This string is reported to the caller, which makes debugging much easier. Andrew Bartlett
2010-12-06	s4:fix some shadowed declaration warnings on Solaris by renaming the symbols	Matthias Dieter Wallnöfer	1	-5/+6

2010-09-28	s4-dsdb: adapted check_access_on_dn for use in drs.	Nadezhda Ivanova	1	-9/+10

2010-07-07	s4-dsdb: use ldb_operr() in the dsdb code	Andrew Tridgell	1	-9/+12
	this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)" in places in the dsdb code where we don't already explicitly set an error string. This should make is much easier to track down dsdb module bugs that result in an operations error.
2010-05-18	Finish removal of iconv_convenience in public API's.	Jelmer Vernooij	1	-1/+1

2010-04-16	s4:Replaced dsdb_get_dom_sid_from_ldb_message() with samdb_result_dom_sid()	Nadezhda Ivanova	1	-31/+2

2010-03-12	Split the dsdb_access_check_on_dn.	Nadezhda Ivanova	1	-36/+49
	Split the dsdb_access_check_on_dn so it can be reused for checks from both within the module stack and outside it.
2010-03-12	Moved access_check_on_dn from acl module as an utility.	Nadezhda Ivanova	1	-0/+181
	Made this an utility function so it can be used for access checking outside of the acl ldb module, such as checking validated writes and control access rights in other protocols (e. g drs)