summaryrefslogtreecommitdiff
path: root/source4/librpc/idl/security.idl
AgeCommit message (Collapse)AuthorFilesLines
2008-05-27add a mask of invalid security bitsAndrew Tridgell1-0/+3
(This used to be commit ccbf5238767605f020ede66c8027731487c8cf00)
2008-04-17libndr: add dom_sid0 type that can later be used for CLDAP and MAILSLOT ↵Stefan Metzmacher1-0/+3
ntlogon packets metze (This used to be commit 690c12cd2afd0fba626576fbae3f28ffdae63be2)
2007-10-10r25594: Merge from 3_2:Günther Deschner1-1/+5
"Add missing security_secinfo bits as seen while managing security descriptor inheritance with regedit." Guenther (This used to be commit 1c1811c5e34b18f448beb544de0c5f8612653293)
2007-10-10r25194: A major rework of the Samba4 LSA LookupNames and LookupSids code, withAndrew Bartlett1-0/+6
a new torture suite to match. This should fix bug #4954 by Matthias Wallnöfer <mwallnoefer@yahoo.de> Previously we had no knowlege of BUILTIN or well-known names. This code needs expansion to check with winbind for trusted domains. Andrew Bartlett (This used to be commit e6fc0e1f54ad64bdddc88e9ebd0d8d181b6ce26a)
2007-10-10r24816: Move the rest of the contents of core.h to more appropriate places.Jelmer Vernooij1-0/+16
include/ now only contains build system related headers, all other headers are now near the source code they're related to. (This used to be commit 6890a01dbfc6d8041a88ef5c6be52dfcd046fe80)
2007-10-10r24080: Set the primary group (matching windows) when creating new users inAndrew Bartlett1-0/+1
SAMR. This can't be done in the ldb templates code, as it doesn't happen over direct LDAP. As noted in bug #4829. Andrew Bartlett (This used to be commit 3bfa6dbf7ded06df78310f7bd39d8a8d4edbb4ef)
2007-10-10r20797: make it more clear that this is a 32bit bitmapStefan Metzmacher1-1/+1
metze (This used to be commit e85a4bfbf3309019e31c2b598b3a564daad0df98)
2007-10-10r19588: Use include and import statements rather than depends() and helper().Jelmer Vernooij1-2/+3
(This used to be commit 347ae9628202ca4de4318ef8156999239aad9192)
2007-10-10r15616: fix white spacesStefan Metzmacher1-3/+3
metze (This used to be commit 0ff74d327bd0035494ca1b8194fd7f4bca82ed04)
2007-10-10r15328: Move some functions around, remove dependencies.Jelmer Vernooij1-12/+11
Remove some autogenerated headers (which had prototypes now autogenerated by pidl) Remove ndr_security.h from a few places - it's no longer necessary (This used to be commit c19c2b51d3e1ad347120b06a22bda5ec586c22e8)
2007-10-10r14361: Support 'helper' attribute in pidl and use it.Jelmer Vernooij1-1/+2
Remove some headers from include/includes.h (they're now only included in the file they are used) (This used to be commit 7213b7498eacac2c2cd03cf6aace376ce153cc7c)
2007-10-10r13927: fix dependencyStefan Metzmacher1-1/+2
metze (This used to be commit 2cb0327528c819a3c7960e7d8b9175925325fcce)
2007-10-10r12010: - added support for domain specific SID codes in SDDL stringsAndrew Tridgell1-0/+13
- added a bunch more tests to LOCAL-SDDL (all the ones from our schema) - fixed 'mixed coded declarations' bug (This used to be commit c30e7698e8e1d9991d35bf86c0d4041a1814ad92)
2007-10-10r12004: added some SEC_ADS_* security flags. Needed for a SDDL parser.Andrew Tridgell1-0/+11
(This used to be commit dc1b83cc13e0324139c6b756a6f135534be7be79)
2007-10-10r9574: - made the sec_info fields in lsa and samr use a IDL bitmapAndrew Tridgell1-7/+9
- fixed winreg_GetKeySecurity() to use a sec_info field correctly - simplied the winreg torture code, removing the separate opens for each hive - added torture cleanup code in winreg test - added 'create with security descriptor' in the winreg torture test (This used to be commit f20695decd587f7b6bbdbd4861441bd19ab85078)
2007-10-10r9240: - move struct security_token to the idl file, with this we canStefan Metzmacher1-0/+8
the ndr_pull/push/print functions for it in the ntacl-lsm module - fix compiler warnings in the ldap_encode_ndr_* code metze (This used to be commit 83d65d0d7ed9c240ad44aa2c881c1f07212bfda4)
2007-10-10r8233: - added support for more base types in pidl ejsAndrew Tridgell1-1/+1
- added auto generation of a header with prototypes for public ejs functions - make public functions non-static - fixed allocation of fixed sized arrays - added 'noejs' flag indicating that a typedef will be handled manually by ejs - added manual functions for sid and GUID, so they show up as nice strings in ejs scripts This allows ejs to bring in samr, security, lsa and misc IDL functions (This used to be commit a8cb2dbdcc2871090a26f580f67db8f0636d1e7e)
2007-10-10r7552: Use ParseExpr() for [value] attributes; allowsJelmer Vernooij1-1/+1
us somewhat cleaner IDL. (This used to be commit b7b01bccd101654d1f5ec83cba9dea7e9431d6ce)
2007-10-10r6132: allow up to 15 sub_auth in a dom_sidStefan Metzmacher1-1/+1
(tridge: asked me for that commit) metze (This used to be commit 2791de069a571aaa53283d68b5cc957d82e7ce41)
2007-10-10r5850: enable parsing of revision 4 security acl'sStefan Metzmacher1-14/+40
metze (This used to be commit 2a6a075c7da2da7bb62fb42936252717bb9d0593)
2007-10-10r5798: limit the size of an sid, 28 bytes complete is the biggest SIDStefan Metzmacher1-1/+1
that can be handled. tridge: do you think it would make sense to change the sub_auth[num_auths] to sub_auth[5], so we can copy the struct by sid1 = sid2; comments please metze (This used to be commit 2fc8a604b003a6c3425eb7bbf77fbe467c956085)
2007-10-10r5362: Add pointer_default() support to pidl. pointer_default()Jelmer Vernooij1-0/+3
is assumed to be "ptr" if not specified (just like midl). The validator will warn when "ptr" is used at the moment, because pidl only supports unique, ref and relative at the moment. (This used to be commit 31bed62a9a6f7830f523d509b67970648d40aaef)
2007-10-10r4649: make more use of bitmap and enum'sStefan Metzmacher1-41/+53
metze (This used to be commit fa798fe1f0c39dfee7d4c86a8cd5924be8a32922)
2007-10-10r4147: converted from NT_USER_TOKEN to struct security_tokenAndrew Tridgell1-45/+28
this is mostly just a tidyup, but also adds the privilege_mask, which I will be using shortly in ACL checking. note that I had to move the definition of struct security_token out of security.idl as pidl doesn't yet handle arrays of pointers, and the usual workaround (to use a intermediate structure) would make things too cumbersome for this structure, especially given we never encode it to NDR. (This used to be commit 7b446af09b8050746bfc2c50e9d56aa94397cc1a)
2007-10-10r4072: - changed the names of some of the well known sids to be more consistentAndrew Tridgell1-5/+48
- added string constants for the important privileges. (This used to be commit d5bc706140faf2d0a917f90f87884cd097e8a48c)
2007-10-10r4052: fixed a bunch of code to use the type safe _p allocation macrosAndrew Tridgell1-1/+1
(This used to be commit 80d15fa3402a9d1183467463f6b21c0b674bc442)
2007-10-10r4035: more effort on consistent naming of the access mask bits.Andrew Tridgell1-18/+30
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and SEC_RIGHTS_FULL_CONTROL, which are just other names for SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names match the new naming conventions in security.idl Also added names for the generic->specific mappings for files are directories (This used to be commit 17a4e0b3aca227b40957ed1e0c57e498debc6ddf)
2007-10-10r4011: get rid of rpc_secdes.h and replace it with a single sane set ofAndrew Tridgell1-0/+94
definitions for security access masks, in security.idl The previous definitions were inconsistently named, and contained many duplicate and misleading entries. I kept finding myself tripping up while using them. (This used to be commit 01c0fa722f80ceeb3f81f01987de95f365a2ed3d)
2007-10-10r3885: Add security descriptor comparison to our RPC-SAMSYNC test. We nowAndrew Bartlett1-0/+5
verify that the security descriptor found in the SamSync is the same as what is available over SAMR. Unfortunately, the administrator seems unable to retrieve the SACL on the security descriptor, so I've added a new function to compare with a mask. Andrew Bartlett (This used to be commit 39ae5e1dac31a22086be50fb23261e02be877f3f)
2007-10-10r3829: added a RAW-ACLS test suite that tests query/set of ACLs on a fileAndrew Tridgell1-2/+21
(This used to be commit 2ff9816ae0ae41e0e63e4276a70d292888346dc7)
2007-10-10r3810: create a LIB_SECURITY subsystemStefan Metzmacher1-0/+123
- move dom_sid, security_descriptor, security_* funtions to one place and rename some of them metze (This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)