sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
92,437 Commits 60 Branches 1,144 Tags 452 MiB
024fc73047
Commit Graph

151 Commits

Author SHA1 Message Date
Günther Deschner
a8b01d1f3b s3-secdesc: remove "typedef struct security_ace SEC_ACE". 
Guenther
 2010-05-18 12:30:11 +02:00
Günther Deschner
fe31b67d5e s3-registry: only include registry headers when really needed. 
Guenther
 2010-05-18 01:15:38 +02:00
Günther Deschner
3d5972c43f s3-libgpo: move group policy protos to where they belong. 
Guenther
 2010-05-17 21:07:17 +02:00
Günther Deschner
6864828d9d s3: use shared registry functions. 
Guenther
 2010-04-27 16:42:15 +02:00
Volker Lendecke
9271dc5f7e Fix Coverity ID 913 (NEGATIVE_RETURNS) -- gd, please check! 2009-05-03 23:06:01 +02:00
Jeremy Allison
8cf78ff553 Get medieval on our ass about SMB1 file descriptors being 16 bits, not an int. 
Convert all uses of cli_open(), cli_nt_createXXX to NTSTATUS versions.
This is smaller than it looks, it just fixes a lot of old code.
Next up, ensure all cli_XX functions return NTSTATUS.
Jeremy.
 2009-04-30 15:26:43 -07:00
Günther Deschner
6fc40ce0d3 libgpo: fix the build of gpext plugins. 
Guenther
 2009-04-20 23:38:11 +02:00
Wilco Baan Hofman
171a361375 Fix ini parsing in the s3 gpext modules. Fix ini parser API. Make the build work 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-04-20 23:16:17 +02:00
Wilco Baan Hofman
933482e648 Move gpo_ini stuff to the main libgpo. Make gpo_ini use a common parser. 
It now makes use of lib/util/param.c to parse ini files.

Signed-off-by: Günther Deschner <gd@samba.org>
 2009-04-20 23:16:17 +02:00
Wilco Baan Hofman
c441b7dda8 Add ads convenience functions to samba 4. Move gpo_ldap.c to root libgpo. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-04-20 23:16:16 +02:00
Jelmer Vernooij
7761850b1f Move gpo_fetch to top-level. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-04-20 23:16:16 +02:00
Jelmer Vernooij
d2bd5895cf Move gpo_sec to top-level. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-04-20 23:16:16 +02:00
Jelmer Vernooij
cecd142f2b Move some libgpo files to root. 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-04-20 23:15:43 +02:00
Karolin Seeger
a103222e0b s3/gpo_ldap: Fix typo. 
Karolin
 2009-04-07 20:05:21 +02:00
Andrew Bartlett
2050187673 s3:libads Make ads_get_dn() take a talloc context 
Also remove ads_memfree(), which was only ever a wrapper around
SAFE_FREE, used only to free the DN from ads_get_ds().

This actually makes libgpo more consistant, as it mixed a talloc and a
malloc based string on the same element.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
 2009-04-06 15:54:41 +02:00
Tim Prouty
9b0df441e1 s3: Fix incompatible type warnings 2009-03-01 16:40:17 -08:00
Jelmer Vernooij
e6ec32f3ac Eliminate two duplicate SEC_ACE_TYPE constants already provided by 
security.idl.
 2009-03-01 04:59:07 +01:00
Jeremy Allison
2033b44c3f More warning fixes for Solaris. 
Jeremy.
 2009-02-23 15:44:34 -08:00
Michael Adam
584da3fea3 s3: put the gpo cache dir under cache_dir instead of lock_dir 
Michael
 2009-01-16 01:02:25 +01:00
Jeremy Allison
8b4b5c3a92 Add wrapper str_list_make_v3() to replace the old S3 behavior of 
str_list_make(). From Dan Sledz <dan.sledz@isilon.com>:
In samba 3.2 passing NULL or an empty string returned NULL.
In master, it now returns a list of length 1 with the first string set
to NULL (an empty list).
Jeremy.
 2008-11-06 18:53:00 -08:00
Jelmer Vernooij
ddcab787c4 Rename dos_errstr() to win_errstr() for consistency with Samba 4. 2008-11-01 17:19:26 +01:00
Günther Deschner
3cb281e48f s3-libgpo: fix build for security cse. 
Guenther
 2008-10-15 11:28:43 +02:00
Günther Deschner
f97d92ccbc s3: fix the build of registry.so gpext. 
Guenther
 2008-10-13 00:39:37 +02:00
Jelmer Vernooij
1b99d8fbb5 Use common util_file code. 2008-10-12 17:34:43 +02:00
Jeremy Allison
e5692d4cbe Remove SEC_ACCESS. It's a uint32_t. 
Jeremy.
 2008-10-09 09:49:03 -07:00
Günther Deschner
9c1b5f27e4 libgpo: fix copyright. 
Guenther
 2008-09-27 00:38:26 +02:00
Günther Deschner
0cb55e74ef libgpo: add security CSE skeleton. 
Guenther
 2008-09-27 00:36:58 +02:00
Günther Deschner
cd49586b29 libgpo: fix invalid cast in scripts CSE. 
Guenther
 2008-09-26 23:39:32 +02:00
Michael Adam
8dadf4b949 libgpo: use MODULESDIR instead of LIBDIR for the group policy extensions. 
Michael
(This used to be commit 3346dd4083)
 2008-08-15 23:19:58 +02:00
Tim Prouty
fb37f15600 Cleanup size_t return values in callers of convert_string_allocate 
This patch is the second iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 6b189dabc5)
 2008-05-20 22:40:13 +02:00
Günther Deschner
7ac8fe704a libgpo: try nicer output when dumping gpo registry values. 
Guenther
(This used to be commit 2b78842947)
 2008-04-17 14:13:13 +02:00
Günther Deschner
91ece4fc1a libgpo: Fallback to NTLMSSP fails while pulling policy from SYSVOL. 
Guenther
(This used to be commit 7ed1397e25)
 2008-04-17 14:13:13 +02:00
Günther Deschner
e27160183a libgpo: fix build warning. 
Thanks metze&vl.

Guenther
(This used to be commit cb3f1df7d8)
 2008-04-14 18:21:21 +02:00
Günther Deschner
de013be0b6 gpo: add scripts plugin. 
Guenther
(This used to be commit cd6388f040)
 2008-04-13 17:52:11 +02:00
Günther Deschner
3cd8c1befa gpo: make integer debug print more readable. 
Guenther
(This used to be commit b2cf8010ae)
 2008-04-13 17:39:28 +02:00
Michael Adam
3f01e05a77 registry: change registry_init_basic() to return WERROR instead of bool 
Michael
(This used to be commit 6a31e659cb)
 2008-04-13 15:33:48 +02:00
Björn Jacke
67be6b3af7 fix some extrasemi compile warnings 
(This used to be commit cbdb79b7a1)
 2008-04-10 08:55:57 +02:00
Volker Lendecke
9c45d49140 Fix Coverity ID 453 
(This used to be commit 8f875674e7)
 2008-03-23 18:28:23 +01:00
Michael Adam
7290b6a8fc libgpo: open the registry in gp_init_reg_ctx(). 
I forgot the regdb_open() call: registry_init_basic() closes
the registry in the end... sorry.

Michael
(This used to be commit 4185ed03a3)
 2008-03-22 02:45:04 +01:00
Michael Adam
5ea7faef3d libgpo: replace hand-crafted registry initialization by registry_init_basic. 
IMO there is no need to imitate a custom registry backend.
Only default regdb hooks are used here, so a plain initialization
of regdb should suffice.

This way, only reg_api is used in libgpo, and no registry
backend code is visible.

Michael
(This used to be commit 10ae8accb4)
 2008-03-22 02:29:40 +01:00
Michael Adam
39067a5dbd libgpo: use reg_setkeysecurity() instead of regdb_set_secdesc(). 
That is, use the reg_api function instead of the backend function.
For this, code had to be changed, to take a "struct registry_key"
instead of a char *.

Michael
(This used to be commit 4717e6d0cf)
 2008-03-22 02:29:34 +01:00
Günther Deschner
e8bd75ec73 Bind Group Policy processing closer to the samba registry. 
Guenther
(This used to be commit e9c56250eb)
 2008-03-18 21:31:24 +01:00
Günther Deschner
2418916460 Fix gp_find_file() which broke during the pstring removal. 
Guenther
(This used to be commit f18ba6c877)
 2008-03-03 09:44:36 +01:00
Günther Deschner
c5249935d4 Fix the build w/o ldap. 
Guenther
(This used to be commit 5f592d030b)
 2008-02-29 20:52:35 +01:00
Günther Deschner
72b8392f9c Add gp_get_machine_token(). 
Guenther
(This used to be commit 2f1bc7ddad)
 2008-02-29 18:23:53 +01:00
Günther Deschner
f3efceace4 Revert "what a wurst." 
That commit message was just too silly, this happens to me during interactive
rebase all the time...

This reverts commit ab687104c1.
(This used to be commit a3a1edab0d)
 2008-02-29 18:19:06 +01:00
Günther Deschner
3afcd3ab83 what a wurst. 
(This used to be commit ab687104c1)
 2008-02-29 17:45:25 +01:00
Günther Deschner
485b070eb8 Add "registry" Group Policy extension. 
Guenther
(This used to be commit 4e93301ca4)
 2008-02-29 17:25:28 +01:00
Günther Deschner
41efa5ca45 Add Group Policy extension infrastructure. 
Guenther
(This used to be commit 6d543b1a1a)
 2008-02-29 17:07:57 +01:00
Günther Deschner
c613bd5d4e Add infrastructure for reading/storing Group Policy state and control data in the registry. 
Guenther
(This used to be commit f673bbd300)
 2008-02-29 15:48:14 +01:00
Günther Deschner
f12770079b Pure cosmetics, trying to get my group policy diff smaller. 
Gunther
(This used to be commit d7346e9360)
 2008-02-29 14:53:13 +01:00
Volker Lendecke
b361956942 str_list_free is not needed anymore 
(This used to be commit feddc1447d)
 2008-02-04 21:05:41 +01:00
Volker Lendecke
2762b9a975 Always pass a TALLOC_CTX to str_list_make and str_list_copy 
(This used to be commit e2c9fc4cf5)
 2008-02-04 20:57:49 +01:00
Michael Adam
f3603d5a5a Convert add_sid_to_array() add_sid_to_array_unique() to return NTSTATUS. 
Michael
(This used to be commit 6b2b9a60ef)
 2008-01-09 01:47:10 +01:00
Günther Deschner
17e8104d9b Correctly talloc ctx->remote_path in libgpo (thanks Michael for the pointer). 
Guenther
(This used to be commit 2ea57a76a6)
 2008-01-08 12:26:25 +01:00
Volker Lendecke
900288a2b8 Replace sid_string_static by sid_string_dbg in DEBUGs 
(This used to be commit bb35e794ec)
 2007-12-15 22:09:36 +01:00
Jeremy Allison
42cfffae80 Remove next_token - all uses must now be next_token_talloc. 
No more temptations to use static length strings.
Jeremy.
(This used to be commit ec003f3936)
 2007-12-07 17:32:32 -08:00
Volker Lendecke
78c6ee0090 Remove some globals 
(This used to be commit 31d0a846db)
 2007-12-05 14:39:07 +01:00
Jeremy Allison
acb829ecc3 Add MAX_DNS_NAME_LENGTH, remove more pstrings. 
Jeremy.
(This used to be commit a1725f4ff7)
 2007-11-15 18:27:26 -08:00
Jeremy Allison
30191d1a57 RIP BOOL. Convert BOOL -> bool. I found a few interesting 
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3c)
 2007-10-18 17:40:25 -07:00
Günther Deschner
32925f27ca r25325: Rename some defines. 
Guenther
(This used to be commit cc38e4fc1f)
 2007-10-10 12:30:59 -05:00
Jeremy Allison
ab9d7bf4f9 r25165: Use talloc_asprintf_append_buffer with an unmodified 
string.
Jeremy.
(This used to be commit fe30a523df)
 2007-10-10 12:30:47 -05:00
Günther Deschner
6824731cb0 r24783: Remove unused off_t type. 
Guenther
(This used to be commit 85c816c27f)
 2007-10-10 12:30:21 -05:00
Günther Deschner
18e6f9c6aa r24573: Fix build without LDAP. Thanks Volker for pointing this out. 
Guenther
(This used to be commit 1bae53e39f)
 2007-10-10 12:30:07 -05:00
Volker Lendecke
8713bb2db7 r24550: Attempt to fix the non-LDAP build 
For example host "bigboy" doesn't have it.

Günther, please fix it properly and merge to 3_2_0

Thanks,

Volker
(This used to be commit 0d29426741)
 2007-10-10 12:29:56 -05:00
Günther Deschner
36a85969f9 r24416: Some more minor edits for libgpo, mostly reformatting and moving of functions. 
Guenther
(This used to be commit 3e240672b4)
 2007-10-10 12:29:43 -05:00
Günther Deschner
444fd1e848 r24413: Minor edits for libgpo. 
Guenther
(This used to be commit 5dc791f4cf)
 2007-10-10 12:29:42 -05:00
Günther Deschner
bed567bffc r24024: Minor cleanup in ads_parse_gp_ext(). 
Guenther
(This used to be commit 57aa0acb84)
 2007-10-10 12:28:57 -05:00
Günther Deschner
d9c902cb59 r23929: Deleting gpo_sd_check_trustee_in_sid_token() as nt_token_check_sid() is what we 
need here.

Guenther
(This used to be commit 465c89ee4a)
 2007-10-10 12:28:45 -05:00
Günther Deschner
db4099884a r23921: Remove GPO_SID_TOKEN struct and use nt_user_token instead, that already has 
S-1-5-11 in the token.

Guenther
(This used to be commit 83c734690a)
 2007-10-10 12:28:42 -05:00
Günther Deschner
95d5042803 r23920: Fix debug statement. 
Guenther
(This used to be commit 7317eb408d)
 2007-10-10 12:28:42 -05:00
Günther Deschner
2e6b56061d r23874: Some more minor edits for net ads gpo. 
Guenther
(This used to be commit cc41b3b60f)
 2007-10-10 12:28:37 -05:00
Günther Deschner
a1def4de32 r23873: Make use of ads_find_samaccount(). 
Guenther
(This used to be commit 94d11806fd)
 2007-10-10 12:28:36 -05:00
Günther Deschner
e997cf9fe2 r23872: Dump all GPFLAGS in dump_gpo(). 
Guenther
(This used to be commit 4b5c4b4fff)
 2007-10-10 12:28:36 -05:00
Günther Deschner
3488299232 r23871: The snapin handler needs to have the full struct GROUP_POLICY_OBJECT. 
Guenther
(This used to be commit 9dc8ec0e19)
 2007-10-10 12:28:36 -05:00
Günther Deschner
1c957f9559 r23826: Fix gpo security filtering by matching the security descriptor ace's for the 
extended apply group policy right.

Guenther
(This used to be commit d832014a6f)
 2007-10-10 12:28:31 -05:00
Andrew Tridgell
153cfb9c83 r23801: The FSF has moved around a lot. This fixes their Mass Ave address. 
(This used to be commit 87c91e4362)
 2007-10-10 12:28:27 -05:00
Jeremy Allison
d824b98f80 r23779: Change from v2 or later to v3 or later. 
Jeremy.
(This used to be commit 407e6e695b)
 2007-10-10 12:28:20 -05:00
Günther Deschner
5512dacbca r23770: Some minor cleanups in libgpo 
(including some valgrind errors, uninitialized vars, etc.)

Guenther
(This used to be commit 1a2878db2d)
 2007-10-10 12:23:55 -05:00
Günther Deschner
3e3e359d12 r23354: Fix build warning. 
Guenther
(This used to be commit 4ad456e988)
 2007-10-10 12:23:09 -05:00
Günther Deschner
3c5fe9233d r22928: Use better success error code. 
Guenther
(This used to be commit cdfcbb176a)
 2007-10-10 12:22:09 -05:00
Günther Deschner
c6a51dc5f1 r22803: Add some more flesh to the GPO security filtering (still very basic). 
Guenther
(This used to be commit 8cfe32cb9c)
 2007-10-10 12:21:59 -05:00
Günther Deschner
4c48a3d30c r22802: Add dummy gpo_apply_security_filtering() call. 
Guenther
(This used to be commit 61982d8422)
 2007-10-10 12:21:59 -05:00
Günther Deschner
aec3df5ce8 r22801: Pass down the token to add_gplink_to_gpo_list(). 
Guenther
(This used to be commit 2c2e212bc5)
 2007-10-10 12:21:59 -05:00
Günther Deschner
83564b43e3 r22800: Add GPO_SID_TOKEN and an LDAP function to get tokensids from the tokenGroup attribute. 
Guenther
(This used to be commit e4e8f84060)
 2007-10-10 12:21:59 -05:00
Günther Deschner
9c170fce26 r22797: We are only interested in the DACL of the security descriptor, so search with 
the SD_FLAGS control.

Guenther
(This used to be commit 648df57e53)
 2007-10-10 12:21:57 -05:00
Günther Deschner
95bc08e954 r22796: Add security descriptor to GROUP_POLICY_OBJECT structure (in preparation of 
adding GPO security filtering for libgpo).

Guenther
(This used to be commit b376a39fbf)
 2007-10-10 12:21:57 -05:00
Jeremy Allison
56a5d05b8b r22590: Make TALLOC_ARRAY consistent across all uses. 
That should be it....
Jeremy.
(This used to be commit 603233a98b)
 2007-10-10 12:19:49 -05:00
Günther Deschner
3ab204936e r22484: Check for the talloc_strdup to succeed. 
Guenther
(This used to be commit 38b4fddf5d)
 2007-10-10 12:19:38 -05:00
Volker Lendecke
c78623e905 r20610: Fix a Solaris warning 
(This used to be commit 60d7b349db)
 2007-10-10 12:16:58 -05:00
Volker Lendecke
16e98a60d1 r19484: Fix Coverity #329 
(This used to be commit c3f860e55d)
 2007-10-10 12:15:38 -05:00
Günther Deschner
046a4756d4 r19189: No display name is normal for some GPOs. 
Guenther
(This used to be commit 1ec1c5dd17)
 2007-10-10 12:15:20 -05:00
Volker Lendecke
69287da633 r19012: Fix an uninitialized variable 
(This used to be commit 46cae04fbe)
 2007-10-10 12:15:01 -05:00
Günther Deschner
88a98e35c7 r19003: Finally activate "net ads gpo". 
For those who are interested, try

        net ads gpo refresh mybox$

to get your machine related GPOs downloaded to /var/lib/samba/gpo_cache.
Detailed information about GPOs is currently only printed when setting a
higher debuglevel then 0.

Guenther
(This used to be commit d086babf9d)
 2007-10-10 12:14:55 -05:00
Günther Deschner
824966fb3c r19002: Add a very simple synchronisation function to download the full GPO. 
Guenther
(This used to be commit 02b75ff2a8)
 2007-10-10 12:14:55 -05:00
Günther Deschner
21bdd5833e r18988: Check and refresh expired GPOs. 
Guenther
(This used to be commit e0e44bfadb)
 2007-10-10 12:14:54 -05:00
Günther Deschner
3727503872 r18986: Add some more GPO download helper functions. 
Guenther
(This used to be commit d2db3b6b46)
 2007-10-10 12:14:53 -05:00
Günther Deschner
4db2fc3c89 r18985: Add parse_gpt_ini() to parse GPT.INI files using iniparser. 
Guenther
(This used to be commit 46db28de48)
 2007-10-10 12:14:53 -05:00
Günther Deschner
7c1ca378ed r18984: Removing ads_gpo_get_sysvol_gpt_version() which was just doing stupid 
things.

Guenther
(This used to be commit a597ef83c4)
 2007-10-10 12:14:53 -05:00
Günther Deschner
031506eb51 r18983: Add some comments for the LDAP based GPO routines. 
Guenther
(This used to be commit 2c21ee684c)
 2007-10-10 12:14:53 -05:00