sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
63,427 Commits 60 Branches 1,144 Tags 452 MiB
4591fdbc18
Commit Graph

540 Commits

Author SHA1 Message Date
Günther Deschner
b6a2cea74d s3-security: use shared "Standard access rights.". 
Guenther
 2010-06-03 11:00:26 +02:00
Simo Sorce
471ed70c49 s3:smbd map_username() doesn't need sconn anymore 
Signed-off-by: Andreas Schneider <asn@samba.org>
 2010-05-31 18:21:29 +02:00
Günther Deschner
db5730cac4 s3-samr: give the system user a free pass for _samr_QueryUserInfo{2} level 18. 
Guenther
 2010-05-31 15:30:59 +02:00
Günther Deschner
87037006bd s3-samr: Fix crash bug in _samr_QueryUserInfo{2} level 18. 
Guenther
 2010-05-28 14:30:03 +02:00
Andrew Bartlett
cba7f8b827 s3:dom_sid Global replace of DOM_SID with struct dom_sid 
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-21 10:39:59 +02:00
Günther Deschner
f6f3bb1813 s3-passdb: move get_logon_hours_from_pdb() into samr server. 
Guenther
 2010-05-18 21:43:05 +02:00
Günther Deschner
7f6bb48bdf s3-secdesc: remove "typedef struct security_descriptor SEC_DESC". 
Guenther
 2010-05-18 12:30:12 +02:00
Günther Deschner
8951c8301a s3-secdesc: remove "typedef struct security_acl SEC_ACL". 
Guenther
 2010-05-18 12:30:12 +02:00
Günther Deschner
a8b01d1f3b s3-secdesc: remove "typedef struct security_ace SEC_ACE". 
Guenther
 2010-05-18 12:30:11 +02:00
Günther Deschner
1d2dd47d31 s3-crypto: only include crypto headers when crypto is done. 
Guenther
 2010-05-18 00:44:27 +02:00
Günther Deschner
26c844902c s3-samr: move samr helper prototypes outside of proto.h 
Guenther
 2010-05-18 00:44:27 +02:00
Günther Deschner
3b529d50be s3-rpc_misc: clean out include/rpc_misc.h. 
Well known rids don't really belong into an rpc header, just use the ones
defined in security.idl.

Guenther
 2010-05-18 00:44:26 +02:00
Günther Deschner
7b84d36f19 s3-spoolss: fix samr_ValidatePassword_Change. 
Guenther
 2010-04-19 11:53:59 +02:00
Volker Lendecke
f4b73f4e24 s3: Slightly simpify samr_ValidatePassword_Reset 2010-04-17 12:01:18 +02:00
Volker Lendecke
3a362b45c6 s3: Slightly simpify samr_ValidatePassword_Change 2010-04-17 12:01:18 +02:00
Volker Lendecke
86a73e6eba s3: Use sid_check_is_domain instead of a direct sid_equal 2010-01-10 20:56:16 +01:00
Volker Lendecke
3ea64e0ad8 s3: Replace most calls to sid_append_rid() by sid_compose() 2010-01-10 20:56:16 +01:00
Volker Lendecke
20bcdf85f1 s3: Fix _samr_GetAliasMembership for results with 0 rids 2009-12-15 20:28:47 +01:00
Günther Deschner
3d679a3b5f s3-rpc: Avoid including every pipe's client and server stubs everywhere in samba. 
Guenther
 2009-11-26 20:03:17 +01:00
Günther Deschner
bbff69384e s3-samr: implement _samr_ValidatePassword(). 
Guenther
 2009-11-10 13:08:29 +01:00
Karolin Seeger
fa08d0b44b Fix typo. 
privilage -> privilege

Karolin
 2009-10-19 09:47:33 +02:00
Matthias Dieter Wallnöfer
fef032fac7 s3:srv_samr_nt - another fix for the reject reason 2009-10-16 15:26:14 +02:00
Matthias Dieter Wallnöfer
607ceff234 s3/s4 - Adapt the IDL changes on various locations 2009-10-08 09:50:19 +02:00
Günther Deschner
d3af0346c8 s3-dcerpc: use dcerpc_AuthLevel and remove duplicate set of flags. 
Guenther
 2009-09-15 17:49:34 +02:00
Günther Deschner
c3da2056ec s3-samr: Fix Coverity #934 UNINIT. 
Guenther
 2009-09-13 21:33:00 +02:00
Volker Lendecke
fb03bbfa09 Fix valgrind errors in DeleteDomainGroup and DeleteDomAlias 2009-07-26 22:05:41 +02:00
Volker Lendecke
1a6aaee050 Fix a valgrind error in _samr_DeleteUser 
The close_handle invalidates uinfo
 2009-07-26 15:47:31 +02:00
Günther Deschner
9f15ef11bd s3-account_policy: add pdb_policy_type enum. 
Guenther
 2009-07-14 12:12:18 +02:00
Günther Deschner
f7ff6bd142 s3-rpc_server: pass down full unix token to map_max_allowed_access(). 
Also use unix_token->uid instead of geteuid() when checking for mapping of the
SEC_FLAG_MAXIMUM_ALLOWED flag.

Guenther
 2009-07-13 15:38:20 +02:00
Günther Deschner
aab9e5509c s3-samr: refactor _samr_SetDomainInfo(). 
Guenther
 2009-06-25 11:02:35 +02:00
Günther Deschner
28d74f96fb s3-samr: refactor _samr_QueryDomainInfo(). 
Guenther
 2009-06-25 11:02:26 +02:00
Volker Lendecke
a51e6ce43c Pass a talloc_ctx to pdb_enum_aliasmem 2009-06-08 21:14:10 +02:00
Günther Deschner
6f4044cae9 s3-samr: fix enum_acb_mask type (uint32 instead of uint16). 
Guenther
 2009-06-08 19:47:43 +02:00
Günther Deschner
89616420d8 s3-samr: support _samr_SetGroupInfo level 2. 
Guenther
 2009-06-08 10:45:20 +02:00
Günther Deschner
a783b1e4da s3-samr: SetGroupInfo level 1 should not return NT_STATUS_INVALID_INFO_CLASS. 
Found by RPC-SAMR torture test.

Guenther
 2009-06-07 02:24:21 +02:00
Günther Deschner
93e7970647 s3-samr: fix _QueryDisplayInformation r->out.returned_size. 
*r->out.returned_size needs to be 0 if nothing was enumerated.

Found by RPC-SAMR torture test.

Guenther
 2009-06-07 00:56:04 +02:00
Günther Deschner
c3f1f6cac9 s3-samr: remove total_data_size variable in _samr_QueryDisplayInfo. 
Guenther
 2009-06-07 00:55:45 +02:00
Günther Deschner
ee059e33d5 s3-samr: let _samr_SetGroupInfo level 3 just pass with success. 
Guenther
 2009-06-07 00:55:16 +02:00
Günther Deschner
6544264ac1 s3-samr: _samr_EnumDomain{Users,Groups} need to return an emtpy array even for builtin domain. 
Found by RPC-SAMR torture test.

Guenther
 2009-06-07 00:55:06 +02:00
Günther Deschner
447fe57584 s3-samr: cosmetic fixes for _samr_QueryDisplayInfo. 
use the variables of the struct samr_QueryDisplayInfo directly to make
it easier to track where variables are defined from.

Guenther
 2009-06-07 00:53:28 +02:00
Stefan Metzmacher
75d03970b7 s3:smbd: move more session specific globals to struct smbd_server_connection 
metze
 2009-06-03 17:54:37 +02:00
Günther Deschner
fca7dce1a9 s3-samr: Fix Bug #6372, usermanager only displaying 1024 groups and aliases. 
This is now also verified with the RPC-SAMR-LARGE-DC test.

Guenther
 2009-05-25 14:05:18 +02:00
Jeremy Allison
459dc8f39c Change access_check_samr_object -> access_check_object. 
Make map_max_allowed_access global. Change lsa_get_generic_sd
to add Everyone:LSA_POLICY_READ|LSA_POLICY_EXECUTE, not just
LSA_POLICY_EXECUTE.
Jeremy.
 2009-05-18 15:44:03 -07:00
Jeremy Allison
ada1af41ea Fix SAMR server for winbindd access. Ensure we allow 
MAX_ACCESS to be mapped to what we're giving Everyone.
Jeremy.
 2009-05-18 14:26:37 -07:00
Jeremy Allison
8b4e491ab0 Ensure users with SeAddUser privs get full access to 
groups/aliases when opening.
Jeremy.
 2009-05-15 14:20:00 -07:00
Jeremy Allison
5adb3b8841 Add extra abilities for a user with SeAddUsers, so they 
can manipulate groups and aliases.
Jeremy.
 2009-05-15 13:36:43 -07:00
Jeremy Allison
2b784738d7 DeleteUser doesn't need the priv checks, this is done at OpenUser time. 
Jeremy.
 2009-05-15 13:13:01 -07:00
Günther Deschner
4027fde97c s3-samr: Fix samr access checks in _samr_RemoveMemberFromForeignDomain(). 
Guenther
 2009-05-15 21:18:23 +02:00
Günther Deschner
cd421ff2fc s3-samr: Fix samr access checks in _samr_SetUserInfo(). 
Guenther
 2009-05-15 15:38:22 +02:00
Günther Deschner
7dcf5d4bcf s3-samr: Fix samr access checks in _samr_QueryUserInfo(). 
Guenther
 2009-05-15 15:38:13 +02:00