sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-31 17:18:04 +03:00
Code
53,512 Commits 60 Branches 1,144 Tags 452 MiB
59192bf03f
Commit Graph

490 Commits

Author SHA1 Message Date
Günther Deschner
59192bf03f s3-samr: in _samr_QueryUserInfo() make sure to not return any info in error case. 
Guenther
 2009-05-15 15:37:50 +02:00
Günther Deschner
0e9f03c727 s3-samr: Fix samr access checks in _samr_SetDomainInfo(). 
Guenther
 2009-05-15 13:55:39 +02:00
Günther Deschner
140d4cabca s3-samr: Fix samr access checks in _samr_QueryDomainInfo(). 
Guenther
 2009-05-15 13:55:32 +02:00
Günther Deschner
7d653ae277 s3-samr: use normal integer in r->in.level switch statements. 
Guenther
 2009-05-15 13:55:15 +02:00
Jeremy Allison
57e03b6a1d Fix the core of the SAMR access functions. This passes make test, but 
usrmgr fails against it. The core of this patch is to move all the
access mask setup into the _samr_OpenXXX functions, and then have
each specific function check the attached access_mask against the
required bits. We can then go through the MS-SAMR doc and match
things up. Signed off by Guenther, and writespace cleanup removal
by Volker.
Jeremy.
 2009-05-14 15:11:50 -07:00
Jeremy Allison
b4c9cfb2af Fix a bunch of compiler warnings about wrong format types. 
Should make Solaris 10 builds look cleaner.
Jeremy.
 2009-05-11 21:56:57 -07:00
Günther Deschner
0dc1b239eb s3-samr: implement _samr_RidToSid(). 
Guenther
 2009-05-12 00:27:24 +02:00
Günther Deschner
4beb4395eb s3-samr: Let _samr_TestPrivateFunctionsDomain() return NT_STATUS_NOT_SUPPORTED to make RPC-SAMR happy. 
Guenther
 2009-05-12 00:27:24 +02:00
Günther Deschner
6d1e21bd1b s3-samr: Fix Bug #5859, renaming of samr objects failed due to samr setuserinfo access checks. 
Torture test to follow...

Guenther
 2009-05-11 18:48:54 +02:00
Günther Deschner
705f36b804 s3-samr: Fix SetUserInfo level 7 when there has been no name change. 
Found by torture test.

Guenther
 2009-05-09 00:02:00 +02:00
Günther Deschner
b7925cb3f2 s3-samr: more accurateness in _samr_SetDomainInfo(). 
Guenther
 2009-05-08 22:15:31 +02:00
Günther Deschner
266b79e004 s3-samr: implement more info levels in _samr_QueryDomainInfo(). 
Gets us closer to pass RPC-SAMR.

Guenther
 2009-05-08 09:55:10 +02:00
Günther Deschner
d7b32b51f8 s3-samr: Fix potential memory leak in _samr_ChangePasswordUser(). 
Guenther
 2009-05-08 01:24:28 +02:00
Günther Deschner
6f4b5798c9 s3-selftest: need to enable lanman auth in order make RPC-SAMR-PASSWORDS pass. 
Guenther
 2009-05-08 00:46:54 +02:00
Günther Deschner
227b61d7ea s3-samr: Do not leak information whether a user exist or not in pwd change calls. 
Found by torture test.

Guenther
 2009-05-08 00:46:54 +02:00
Günther Deschner
5773d7d102 s3-samr: implement _samr_ChangePasswordUser(). 
This is vastly copied from samba4 samr server.

Guenther
 2009-05-08 00:46:49 +02:00
Günther Deschner
d17c6af57c s3-samr: implement _samr_OemChangePasswordUser2(). 
Guenther
 2009-05-08 00:44:46 +02:00
Günther Deschner
6aca5fca8d s3-samr: Let _samr_TestPrivateFunctionsUser() return not supported. 
This is to get us closer to pass RPC-SAMR-USERS.

Guenther
 2009-05-08 00:41:40 +02:00
Günther Deschner
b96fdae1f4 s3-samr: Do not return users in _samr_QueryDisplayInfo() for builtin domain. 
Found by torture test.

Guenther
 2009-05-08 00:41:40 +02:00
Günther Deschner
f05d888d7a s3-samr: let set_user_info_16 and 20 follow the same pattern as all other levels. 
Guenther
 2009-05-08 00:41:40 +02:00
Günther Deschner
f93f713898 s3-samr: support some more info levels in samr_SetUserInfo calls. 
Guenther
 2009-05-08 00:41:40 +02:00
Günther Deschner
b0df0e8cc7 s3-samr: support some more info levels in samr_QueryUser calls. 
Guenther
 2009-05-08 00:41:40 +02:00
Günther Deschner
599b9fe86e s3-samr: Fix _samr_Connect5(). In error case it still needs to return empty info1. 
Guenther
 2009-05-07 14:33:33 +02:00
Volker Lendecke
4024abb0a8 Remove "struct samr_info" 2009-04-21 14:18:34 +02:00
Volker Lendecke
3f39df75d8 Fix _samr_QuerySecurity 2009-04-21 14:18:34 +02:00
Volker Lendecke
512cf3ea24 Fix samr_SetSecurity 2009-04-21 14:18:34 +02:00
Volker Lendecke
922f836b82 Convert the alias handles to type-safe policy handles 2009-04-21 12:02:28 +02:00
Volker Lendecke
228c56f8ec Convert the group handles to type-safe policy handles 2009-04-21 12:02:28 +02:00
Volker Lendecke
95a76d3c98 Convert the user handles to type-safe policy handles 2009-04-21 12:02:28 +02:00
Andrew Bartlett
6c9caed481 Merge commit 'origin/master' into libcli-auth-merge-without-netlogond 2009-04-20 16:53:02 +02:00
Volker Lendecke
4afcde91b9 Convert the domain handles to type-safe policy handles 2009-04-20 08:27:23 +02:00
Volker Lendecke
dd073a333e Make force_flush_samr_cache use a dom_sid to find what to flush 2009-04-19 22:58:06 +02:00
Volker Lendecke
46317ce214 Remove flag "builtin_domain" from disp_info 2009-04-19 11:39:47 +02:00
Volker Lendecke
bf196df52f Remove flag "builtin_domain" from samr_info 2009-04-19 09:27:15 +02:00
Volker Lendecke
386511b8e1 Make get_samr_info_by_sid use recent coding conventions 2009-04-19 09:27:15 +02:00
Volker Lendecke
35e6a0e618 Add "uint32_t access_granted" to policy handles 
All policy handles have a mask of allowed operations attached that were
calculated at creation time, so they should carry this mask. This is the basis
for consolidating all our policy handle access checks.

If you want to do your own more complicated access checks further down, just
pass "0" to policy_handle_find.
 2009-04-19 09:27:15 +02:00
Volker Lendecke
fa4ff87acd Convert the samr connect_handles to type-safe calls 2009-04-18 13:58:48 +02:00
Günther Deschner
0ba833f3ee s3-samr: set the builtin_domain bool flag in get_samr_dispinfo_by_sid(). 
Volker, please check.

Found by torture test RPC-SAMR-PASSWORDS-PWDLASTSET (which we pass with
this fix).

Guenther
 2009-04-17 11:21:20 +02:00
Jeremy Allison
d9804ae3cc Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+ 
What a difference a name makes... :-). Just because something is missnamed
SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN,
don't automatically use it for a security check in _samr_OpenDomain().
Jeremy.
 2009-04-15 15:40:00 -07:00
Andrew Bartlett
f28f113d8e Rework Samba3 to use new libcli/auth code (partial) 
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).

We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server

Andrew Bartlett
 2009-04-14 16:23:35 +10:00
Günther Deschner
12d9765177 s3-samr: add support for _samr_Connect3() while planning to pass a s4 smbtorture test. 
Guenther
 2009-04-06 22:37:11 +02:00
Günther Deschner
df29f49edd s3-samr: add support for setting password hashes via samr_SetUserInfo level 21. 
Guenther
 2009-04-03 13:14:26 +02:00
Günther Deschner
842edcd2b0 s3-samr: try to to fix password_expired flag handling. 
Guenther
 2009-03-20 10:39:18 +01:00
Günther Deschner
531af136f9 s3: remove POLICY_HND. 
Guenther
 2009-03-18 23:22:29 +01:00
Volker Lendecke
46bcb10b5a Shape up pdb_search a bit by making it a talloc ctx with a destructor 2009-03-07 17:51:21 +01:00
Volker Lendecke
c975ce15eb Fix resume handle for _samr_EnumDomainGroups 2009-02-07 19:25:34 +01:00
Volker Lendecke
8b618d0ba9 Fix some real bugs found by "type-punned" gcc warnings 
Type-casting does not the right thing if used the way it used to be. The
function arguments have not been uint32_t's, but the type cast made the calling
routine believe so. Not good...

The assignment xxx=account_policy_temp does however type-convert properly,
potentially cutting off the top-bits.
 2009-01-18 13:26:21 +01:00
Volker Lendecke
84292022bf Now that all policy_handle free_fn's are just TALLOC_FREE, dump free_fn 2009-01-08 22:29:54 +01:00
Volker Lendecke
52b6756c4e Make samr_info a talloc context of its own 2009-01-08 22:29:53 +01:00
Günther Deschner
20ba0a947a s3-samr: avoid all init_samr_alias* functions. 
Guenther
 2009-01-06 16:02:12 +01:00