Age | Commit message (Collapse) | Author | Files | Lines |
|
ntlogon packets
metze
(This used to be commit 690c12cd2afd0fba626576fbae3f28ffdae63be2)
|
|
"Add missing security_secinfo bits as seen while managing security descriptor
inheritance with regedit."
Guenther
(This used to be commit 1c1811c5e34b18f448beb544de0c5f8612653293)
|
|
a new torture suite to match.
This should fix bug #4954 by Matthias Wallnöfer <mwallnoefer@yahoo.de>
Previously we had no knowlege of BUILTIN or well-known names.
This code needs expansion to check with winbind for trusted domains.
Andrew Bartlett
(This used to be commit e6fc0e1f54ad64bdddc88e9ebd0d8d181b6ce26a)
|
|
include/ now only contains build system related headers, all other headers are
now near the source code they're related to.
(This used to be commit 6890a01dbfc6d8041a88ef5c6be52dfcd046fe80)
|
|
SAMR. This can't be done in the ldb templates code, as it doesn't
happen over direct LDAP.
As noted in bug #4829.
Andrew Bartlett
(This used to be commit 3bfa6dbf7ded06df78310f7bd39d8a8d4edbb4ef)
|
|
metze
(This used to be commit e85a4bfbf3309019e31c2b598b3a564daad0df98)
|
|
(This used to be commit 347ae9628202ca4de4318ef8156999239aad9192)
|
|
metze
(This used to be commit 0ff74d327bd0035494ca1b8194fd7f4bca82ed04)
|
|
Remove some autogenerated headers (which had prototypes now autogenerated by pidl)
Remove ndr_security.h from a few places - it's no longer necessary
(This used to be commit c19c2b51d3e1ad347120b06a22bda5ec586c22e8)
|
|
Remove some headers from include/includes.h (they're now only included
in the file they are used)
(This used to be commit 7213b7498eacac2c2cd03cf6aace376ce153cc7c)
|
|
metze
(This used to be commit 2cb0327528c819a3c7960e7d8b9175925325fcce)
|
|
- added a bunch more tests to LOCAL-SDDL (all the ones from our schema)
- fixed 'mixed coded declarations' bug
(This used to be commit c30e7698e8e1d9991d35bf86c0d4041a1814ad92)
|
|
(This used to be commit dc1b83cc13e0324139c6b756a6f135534be7be79)
|
|
- fixed winreg_GetKeySecurity() to use a sec_info field correctly
- simplied the winreg torture code, removing the separate opens for
each hive
- added torture cleanup code in winreg test
- added 'create with security descriptor' in the winreg torture test
(This used to be commit f20695decd587f7b6bbdbd4861441bd19ab85078)
|
|
the ndr_pull/push/print functions for it in the ntacl-lsm module
- fix compiler warnings in the ldap_encode_ndr_* code
metze
(This used to be commit 83d65d0d7ed9c240ad44aa2c881c1f07212bfda4)
|
|
- added auto generation of a header with prototypes for public ejs functions
- make public functions non-static
- fixed allocation of fixed sized arrays
- added 'noejs' flag indicating that a typedef will be handled manually by ejs
- added manual functions for sid and GUID, so they show up as nice
strings in ejs scripts
This allows ejs to bring in samr, security, lsa and misc IDL functions
(This used to be commit a8cb2dbdcc2871090a26f580f67db8f0636d1e7e)
|
|
us somewhat cleaner IDL.
(This used to be commit b7b01bccd101654d1f5ec83cba9dea7e9431d6ce)
|
|
(tridge: asked me for that commit)
metze
(This used to be commit 2791de069a571aaa53283d68b5cc957d82e7ce41)
|
|
metze
(This used to be commit 2a6a075c7da2da7bb62fb42936252717bb9d0593)
|
|
that can be handled.
tridge: do you think it would make sense to change the sub_auth[num_auths] to sub_auth[5],
so we can copy the struct by sid1 = sid2;
comments please
metze
(This used to be commit 2fc8a604b003a6c3425eb7bbf77fbe467c956085)
|
|
is assumed to be "ptr" if not specified (just like midl).
The validator will warn when "ptr" is used at the moment, because
pidl only supports unique, ref and relative at the moment.
(This used to be commit 31bed62a9a6f7830f523d509b67970648d40aaef)
|
|
metze
(This used to be commit fa798fe1f0c39dfee7d4c86a8cd5924be8a32922)
|
|
this is mostly just a tidyup, but also adds the privilege_mask, which
I will be using shortly in ACL checking.
note that I had to move the definition of struct security_token out of
security.idl as pidl doesn't yet handle arrays of pointers, and the
usual workaround (to use a intermediate structure) would make things
too cumbersome for this structure, especially given we never encode it
to NDR.
(This used to be commit 7b446af09b8050746bfc2c50e9d56aa94397cc1a)
|
|
- added string constants for the important privileges.
(This used to be commit d5bc706140faf2d0a917f90f87884cd097e8a48c)
|
|
(This used to be commit 80d15fa3402a9d1183467463f6b21c0b674bc442)
|
|
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and
SEC_RIGHTS_FULL_CONTROL, which are just other names for
SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names
match the new naming conventions in security.idl
Also added names for the generic->specific mappings for files are
directories
(This used to be commit 17a4e0b3aca227b40957ed1e0c57e498debc6ddf)
|
|
definitions for security access masks, in security.idl
The previous definitions were inconsistently named, and contained many
duplicate and misleading entries. I kept finding myself tripping up
while using them.
(This used to be commit 01c0fa722f80ceeb3f81f01987de95f365a2ed3d)
|
|
verify that the security descriptor found in the SamSync is the same
as what is available over SAMR.
Unfortunately, the administrator seems unable to retrieve the SACL on
the security descriptor, so I've added a new function to compare with
a mask.
Andrew Bartlett
(This used to be commit 39ae5e1dac31a22086be50fb23261e02be877f3f)
|
|
(This used to be commit 2ff9816ae0ae41e0e63e4276a70d292888346dc7)
|
|
- move dom_sid, security_descriptor, security_* funtions to one place
and rename some of them
metze
(This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
|